From eb8dd9dca1228af0cd132f515509051ecfabf6f6 Mon Sep 17 00:00:00 2001 From: cvs2svn Date: Mon, 14 Apr 2025 17:32:06 +0000 Subject: This commit was manufactured by cvs2git to create tag 'tb_20250414'. --- src/lib/libcrypto/Makefile | 764 --- src/lib/libcrypto/Symbols.list | 3247 --------- src/lib/libcrypto/aes/aes.c | 226 - src/lib/libcrypto/aes/aes.h | 120 - src/lib/libcrypto/aes/aes_core.c | 1229 ---- src/lib/libcrypto/aes/aes_ige.c | 195 - src/lib/libcrypto/aes/aes_local.h | 76 - src/lib/libcrypto/aes/asm/aes-586.pl | 2974 -------- src/lib/libcrypto/aes/asm/aes-armv4.pl | 1134 ---- src/lib/libcrypto/aes/asm/aes-mips.pl | 1613 ----- src/lib/libcrypto/aes/asm/aes-parisc.pl | 1030 --- src/lib/libcrypto/aes/asm/aes-ppc.pl | 1344 ---- src/lib/libcrypto/aes/asm/aes-sparcv9.pl | 1217 ---- src/lib/libcrypto/aes/asm/aes-x86_64.pl | 2834 -------- src/lib/libcrypto/aes/asm/aesni-x86.pl | 2188 ------ src/lib/libcrypto/aes/asm/aesni-x86_64.pl | 3080 --------- src/lib/libcrypto/aes/asm/bsaes-x86_64.pl | 3123 --------- src/lib/libcrypto/aes/asm/vpaes-x86.pl | 911 --- src/lib/libcrypto/aes/asm/vpaes-x86_64.pl | 1222 ---- src/lib/libcrypto/arc4random/arc4random_aix.h | 81 - src/lib/libcrypto/arc4random/arc4random_freebsd.h | 87 - src/lib/libcrypto/arc4random/arc4random_hpux.h | 81 - src/lib/libcrypto/arc4random/arc4random_linux.h | 88 - src/lib/libcrypto/arc4random/arc4random_netbsd.h | 87 - src/lib/libcrypto/arc4random/arc4random_osx.h | 81 - src/lib/libcrypto/arc4random/arc4random_solaris.h | 81 - src/lib/libcrypto/arc4random/arc4random_win.h | 78 - src/lib/libcrypto/arc4random/getentropy_aix.c | 402 -- src/lib/libcrypto/arc4random/getentropy_freebsd.c | 60 - src/lib/libcrypto/arc4random/getentropy_hpux.c | 396 -- src/lib/libcrypto/arc4random/getentropy_linux.c | 525 -- src/lib/libcrypto/arc4random/getentropy_netbsd.c | 62 - src/lib/libcrypto/arc4random/getentropy_osx.c | 417 -- src/lib/libcrypto/arc4random/getentropy_solaris.c | 422 -- src/lib/libcrypto/arc4random/getentropy_win.c | 50 - src/lib/libcrypto/arch/aarch64/Makefile.inc | 12 - src/lib/libcrypto/arch/aarch64/crypto_arch.h | 43 - src/lib/libcrypto/arch/aarch64/crypto_cpu_caps.c | 97 - src/lib/libcrypto/arch/aarch64/opensslconf.h | 154 - src/lib/libcrypto/arch/alpha/Makefile.inc | 20 - src/lib/libcrypto/arch/alpha/crypto_arch.h | 24 - src/lib/libcrypto/arch/alpha/opensslconf.h | 152 - src/lib/libcrypto/arch/amd64/Makefile.inc | 68 - src/lib/libcrypto/arch/amd64/crypto_arch.h | 54 - src/lib/libcrypto/arch/amd64/crypto_cpu_caps.c | 134 - src/lib/libcrypto/arch/amd64/opensslconf.h | 149 - src/lib/libcrypto/arch/arm/Makefile.inc | 28 - src/lib/libcrypto/arch/arm/arm_arch.h | 59 - src/lib/libcrypto/arch/arm/armcap.c | 88 - src/lib/libcrypto/arch/arm/armv4cpuid.S | 69 - src/lib/libcrypto/arch/arm/crypto_arch.h | 39 - src/lib/libcrypto/arch/arm/opensslconf.h | 154 - src/lib/libcrypto/arch/hppa/Makefile.inc | 24 - src/lib/libcrypto/arch/hppa/crypto_arch.h | 34 - src/lib/libcrypto/arch/hppa/opensslconf.h | 154 - src/lib/libcrypto/arch/i386/Makefile.inc | 42 - src/lib/libcrypto/arch/i386/crypto_arch.h | 46 - src/lib/libcrypto/arch/i386/crypto_cpu_caps.c | 120 - src/lib/libcrypto/arch/i386/opensslconf.h | 154 - src/lib/libcrypto/arch/m88k/crypto_arch.h | 21 - src/lib/libcrypto/arch/m88k/opensslconf.h | 154 - src/lib/libcrypto/arch/mips64/Makefile.inc | 23 - src/lib/libcrypto/arch/mips64/crypto_arch.h | 39 - src/lib/libcrypto/arch/mips64/opensslconf.h | 154 - src/lib/libcrypto/arch/powerpc/Makefile.inc | 22 - src/lib/libcrypto/arch/powerpc/crypto_arch.h | 31 - src/lib/libcrypto/arch/powerpc/opensslconf.h | 154 - src/lib/libcrypto/arch/powerpc64/Makefile.inc | 22 - src/lib/libcrypto/arch/powerpc64/crypto_arch.h | 21 - src/lib/libcrypto/arch/powerpc64/opensslconf.h | 149 - src/lib/libcrypto/arch/riscv64/Makefile.inc | 3 - src/lib/libcrypto/arch/riscv64/crypto_arch.h | 21 - src/lib/libcrypto/arch/riscv64/opensslconf.h | 154 - src/lib/libcrypto/arch/sh/crypto_arch.h | 21 - src/lib/libcrypto/arch/sh/opensslconf.h | 154 - src/lib/libcrypto/arch/sparc64/Makefile.inc | 23 - src/lib/libcrypto/arch/sparc64/crypto_arch.h | 37 - src/lib/libcrypto/arch/sparc64/opensslconf.h | 154 - src/lib/libcrypto/asn1/a_bitstr.c | 342 - src/lib/libcrypto/asn1/a_enum.c | 394 -- src/lib/libcrypto/asn1/a_int.c | 858 --- src/lib/libcrypto/asn1/a_mbstr.c | 449 -- src/lib/libcrypto/asn1/a_object.c | 688 -- src/lib/libcrypto/asn1/a_octet.c | 120 - src/lib/libcrypto/asn1/a_pkey.c | 181 - src/lib/libcrypto/asn1/a_print.c | 127 - src/lib/libcrypto/asn1/a_pubkey.c | 162 - src/lib/libcrypto/asn1/a_strex.c | 658 -- src/lib/libcrypto/asn1/a_string.c | 450 -- src/lib/libcrypto/asn1/a_strnid.c | 329 - src/lib/libcrypto/asn1/a_time.c | 139 - src/lib/libcrypto/asn1/a_time_posix.c | 296 - src/lib/libcrypto/asn1/a_time_tm.c | 607 -- src/lib/libcrypto/asn1/a_type.c | 360 - src/lib/libcrypto/asn1/a_utf8.c | 199 - src/lib/libcrypto/asn1/asn1.h | 1124 ---- src/lib/libcrypto/asn1/asn1_err.c | 216 - src/lib/libcrypto/asn1/asn1_gen.c | 804 --- src/lib/libcrypto/asn1/asn1_item.c | 697 -- src/lib/libcrypto/asn1/asn1_lib.c | 204 - src/lib/libcrypto/asn1/asn1_local.h | 193 - src/lib/libcrypto/asn1/asn1_old.c | 185 - src/lib/libcrypto/asn1/asn1_old_lib.c | 216 - src/lib/libcrypto/asn1/asn1_par.c | 386 -- src/lib/libcrypto/asn1/asn1_types.c | 305 - src/lib/libcrypto/asn1/asn1t.h | 904 --- src/lib/libcrypto/asn1/asn_mime.c | 1011 --- src/lib/libcrypto/asn1/asn_moid.c | 161 - src/lib/libcrypto/asn1/bio_asn1.c | 453 -- src/lib/libcrypto/asn1/bio_ndef.c | 270 - src/lib/libcrypto/asn1/charmap.h | 19 - src/lib/libcrypto/asn1/charmap.pl | 80 - src/lib/libcrypto/asn1/p5_pbe.c | 188 - src/lib/libcrypto/asn1/p5_pbev2.c | 356 - src/lib/libcrypto/asn1/p8_pkey.c | 196 - src/lib/libcrypto/asn1/posix_time.h | 54 - src/lib/libcrypto/asn1/t_crl.c | 152 - src/lib/libcrypto/asn1/t_req.c | 263 - src/lib/libcrypto/asn1/t_spki.c | 116 - src/lib/libcrypto/asn1/t_x509.c | 485 -- src/lib/libcrypto/asn1/t_x509a.c | 119 - src/lib/libcrypto/asn1/tasn_dec.c | 1260 ---- src/lib/libcrypto/asn1/tasn_enc.c | 682 -- src/lib/libcrypto/asn1/tasn_fre.c | 242 - src/lib/libcrypto/asn1/tasn_new.c | 344 - src/lib/libcrypto/asn1/tasn_prn.c | 513 -- src/lib/libcrypto/asn1/tasn_typ.c | 739 -- src/lib/libcrypto/asn1/tasn_utl.c | 299 - src/lib/libcrypto/asn1/x_algor.c | 295 - src/lib/libcrypto/asn1/x_attrib.c | 159 - src/lib/libcrypto/asn1/x_bignum.c | 207 - src/lib/libcrypto/asn1/x_crl.c | 702 -- src/lib/libcrypto/asn1/x_exten.c | 164 - src/lib/libcrypto/asn1/x_info.c | 96 - src/lib/libcrypto/asn1/x_long.c | 241 - src/lib/libcrypto/asn1/x_name.c | 666 -- src/lib/libcrypto/asn1/x_pkey.c | 123 - src/lib/libcrypto/asn1/x_pubkey.c | 775 --- src/lib/libcrypto/asn1/x_req.c | 258 - src/lib/libcrypto/asn1/x_sig.c | 138 - src/lib/libcrypto/asn1/x_spki.c | 184 - src/lib/libcrypto/asn1/x_val.c | 117 - src/lib/libcrypto/asn1/x_x509.c | 387 -- src/lib/libcrypto/asn1/x_x509a.c | 282 - src/lib/libcrypto/bf/bf_local.h | 156 - src/lib/libcrypto/bf/blowfish.c | 696 -- src/lib/libcrypto/bf/blowfish.h | 106 - src/lib/libcrypto/bio/b_dump.c | 211 - src/lib/libcrypto/bio/b_posix.c | 93 - src/lib/libcrypto/bio/b_print.c | 62 - src/lib/libcrypto/bio/b_sock.c | 261 - src/lib/libcrypto/bio/bf_buff.c | 523 -- src/lib/libcrypto/bio/bf_nbio.c | 255 - src/lib/libcrypto/bio/bf_null.c | 199 - src/lib/libcrypto/bio/bio.h | 717 -- src/lib/libcrypto/bio/bio_cb.c | 156 - src/lib/libcrypto/bio/bio_err.c | 122 - src/lib/libcrypto/bio/bio_lib.c | 886 --- src/lib/libcrypto/bio/bio_local.h | 127 - src/lib/libcrypto/bio/bio_meth.c | 165 - src/lib/libcrypto/bio/bss_acpt.c | 456 -- src/lib/libcrypto/bio/bss_bio.c | 641 -- src/lib/libcrypto/bio/bss_conn.c | 598 -- src/lib/libcrypto/bio/bss_dgram.c | 663 -- src/lib/libcrypto/bio/bss_fd.c | 273 - src/lib/libcrypto/bio/bss_file.c | 325 - src/lib/libcrypto/bio/bss_log.c | 216 - src/lib/libcrypto/bio/bss_mem.c | 367 - src/lib/libcrypto/bio/bss_null.c | 161 - src/lib/libcrypto/bio/bss_sock.c | 244 - src/lib/libcrypto/bn/arch/aarch64/bn_arch.h | 369 - src/lib/libcrypto/bn/arch/alpha/bn_arch.h | 44 - src/lib/libcrypto/bn/arch/amd64/bignum_add.S | 165 - src/lib/libcrypto/bn/arch/amd64/bignum_cmadd.S | 155 - src/lib/libcrypto/bn/arch/amd64/bignum_cmul.S | 138 - src/lib/libcrypto/bn/arch/amd64/bignum_mul.S | 167 - .../libcrypto/bn/arch/amd64/bignum_mul_4_8_alt.S | 157 - .../libcrypto/bn/arch/amd64/bignum_mul_8_16_alt.S | 244 - src/lib/libcrypto/bn/arch/amd64/bignum_sqr.S | 197 - .../libcrypto/bn/arch/amd64/bignum_sqr_4_8_alt.S | 145 - .../libcrypto/bn/arch/amd64/bignum_sqr_8_16_alt.S | 242 - src/lib/libcrypto/bn/arch/amd64/bignum_sub.S | 153 - src/lib/libcrypto/bn/arch/amd64/bn_arch.c | 131 - src/lib/libcrypto/bn/arch/amd64/bn_arch.h | 109 - src/lib/libcrypto/bn/arch/amd64/word_clz.S | 60 - src/lib/libcrypto/bn/arch/arm/bn_arch.h | 73 - src/lib/libcrypto/bn/arch/hppa/bn_arch.h | 24 - src/lib/libcrypto/bn/arch/i386/bn_arch.h | 86 - src/lib/libcrypto/bn/arch/m88k/bn_arch.h | 24 - src/lib/libcrypto/bn/arch/mips64/bn_arch.h | 40 - src/lib/libcrypto/bn/arch/powerpc/bn_arch.h | 39 - src/lib/libcrypto/bn/arch/powerpc64/bn_arch.h | 44 - src/lib/libcrypto/bn/arch/riscv64/bn_arch.h | 86 - src/lib/libcrypto/bn/arch/sh/bn_arch.h | 24 - src/lib/libcrypto/bn/arch/sparc64/bn_arch.h | 24 - src/lib/libcrypto/bn/asm/alpha-mont.pl | 315 - src/lib/libcrypto/bn/asm/armv4-mont.pl | 204 - src/lib/libcrypto/bn/asm/bn-586.pl | 567 -- src/lib/libcrypto/bn/asm/co-586.pl | 287 - src/lib/libcrypto/bn/asm/mips-mont.pl | 426 -- src/lib/libcrypto/bn/asm/mips.pl | 2234 ------- src/lib/libcrypto/bn/asm/modexp512-x86_64.pl | 1393 ---- src/lib/libcrypto/bn/asm/parisc-mont.pl | 985 --- src/lib/libcrypto/bn/asm/ppc-mont.pl | 329 - src/lib/libcrypto/bn/asm/ppc.pl | 1968 ------ src/lib/libcrypto/bn/asm/x86-mont.pl | 592 -- src/lib/libcrypto/bn/asm/x86_64-mont.pl | 1503 ----- src/lib/libcrypto/bn/asm/x86_64-mont5.pl | 1192 ---- src/lib/libcrypto/bn/bn.h | 520 -- src/lib/libcrypto/bn/bn_add.c | 341 - src/lib/libcrypto/bn/bn_bpsw.c | 531 -- src/lib/libcrypto/bn/bn_const.c | 433 -- src/lib/libcrypto/bn/bn_convert.c | 757 --- src/lib/libcrypto/bn/bn_ctx.c | 161 - src/lib/libcrypto/bn/bn_div.c | 458 -- src/lib/libcrypto/bn/bn_err.c | 110 - src/lib/libcrypto/bn/bn_exp.c | 1330 ---- src/lib/libcrypto/bn/bn_gcd.c | 818 --- src/lib/libcrypto/bn/bn_internal.h | 568 -- src/lib/libcrypto/bn/bn_isqrt.c | 234 - src/lib/libcrypto/bn/bn_kron.c | 195 - src/lib/libcrypto/bn/bn_lib.c | 752 --- src/lib/libcrypto/bn/bn_local.h | 335 - src/lib/libcrypto/bn/bn_mod.c | 369 - src/lib/libcrypto/bn/bn_mod_sqrt.c | 723 -- src/lib/libcrypto/bn/bn_mont.c | 621 -- src/lib/libcrypto/bn/bn_mul.c | 370 - src/lib/libcrypto/bn/bn_prime.c | 423 -- src/lib/libcrypto/bn/bn_prime.h | 14 - src/lib/libcrypto/bn/bn_prime.pl | 100 - src/lib/libcrypto/bn/bn_primitives.c | 65 - src/lib/libcrypto/bn/bn_print.c | 191 - src/lib/libcrypto/bn/bn_rand.c | 340 - src/lib/libcrypto/bn/bn_recp.c | 222 - src/lib/libcrypto/bn/bn_shift.c | 175 - src/lib/libcrypto/bn/bn_small_primes.c | 265 - src/lib/libcrypto/bn/bn_sqr.c | 305 - src/lib/libcrypto/bn/bn_word.c | 245 - src/lib/libcrypto/bn/s2n_bignum.h | 856 --- src/lib/libcrypto/bn/s2n_bignum_internal.h | 36 - src/lib/libcrypto/buffer/buf_err.c | 91 - src/lib/libcrypto/buffer/buffer.c | 155 - src/lib/libcrypto/buffer/buffer.h | 102 - src/lib/libcrypto/bytestring/bs_ber.c | 270 - src/lib/libcrypto/bytestring/bs_cbb.c | 490 -- src/lib/libcrypto/bytestring/bs_cbs.c | 616 -- src/lib/libcrypto/bytestring/bytestring.h | 571 -- src/lib/libcrypto/camellia/camellia.c | 696 -- src/lib/libcrypto/camellia/camellia.h | 121 - src/lib/libcrypto/cast/cast.c | 983 --- src/lib/libcrypto/cast/cast.h | 99 - src/lib/libcrypto/cast/cast_local.h | 216 - src/lib/libcrypto/cert.pem | 7073 -------------------- src/lib/libcrypto/chacha/chacha-merged.c | 323 - src/lib/libcrypto/chacha/chacha.c | 112 - src/lib/libcrypto/chacha/chacha.h | 54 - src/lib/libcrypto/cmac/cm_ameth.c | 88 - src/lib/libcrypto/cmac/cm_pmeth.c | 217 - src/lib/libcrypto/cmac/cmac.c | 325 - src/lib/libcrypto/cmac/cmac.h | 81 - src/lib/libcrypto/cms/cms.h | 534 -- src/lib/libcrypto/cms/cms_asn1.c | 1629 ----- src/lib/libcrypto/cms/cms_att.c | 231 - src/lib/libcrypto/cms/cms_dd.c | 152 - src/lib/libcrypto/cms/cms_enc.c | 266 - src/lib/libcrypto/cms/cms_env.c | 996 --- src/lib/libcrypto/cms/cms_err.c | 166 - src/lib/libcrypto/cms/cms_ess.c | 413 -- src/lib/libcrypto/cms/cms_io.c | 180 - src/lib/libcrypto/cms/cms_kari.c | 490 -- src/lib/libcrypto/cms/cms_lib.c | 780 --- src/lib/libcrypto/cms/cms_local.h | 472 -- src/lib/libcrypto/cms/cms_pwri.c | 438 -- src/lib/libcrypto/cms/cms_sd.c | 1088 --- src/lib/libcrypto/cms/cms_smime.c | 908 --- src/lib/libcrypto/comp/comp.h | 7 - src/lib/libcrypto/conf/README | 73 - src/lib/libcrypto/conf/conf.h | 189 - src/lib/libcrypto/conf/conf_api.c | 261 - src/lib/libcrypto/conf/conf_def.c | 657 -- src/lib/libcrypto/conf/conf_def.h | 133 - src/lib/libcrypto/conf/conf_err.c | 108 - src/lib/libcrypto/conf/conf_lib.c | 197 - src/lib/libcrypto/conf/conf_local.h | 101 - src/lib/libcrypto/conf/conf_mod.c | 480 -- src/lib/libcrypto/conf/conf_sap.c | 151 - src/lib/libcrypto/conf/keysets.pl | 169 - src/lib/libcrypto/conf/ssleay.cnf | 78 - src/lib/libcrypto/constant_time.h | 207 - src/lib/libcrypto/crypto.h | 458 -- src/lib/libcrypto/crypto_err.c | 102 - src/lib/libcrypto/crypto_ex_data.c | 418 -- src/lib/libcrypto/crypto_init.c | 122 - src/lib/libcrypto/crypto_internal.h | 305 - src/lib/libcrypto/crypto_legacy.c | 451 -- src/lib/libcrypto/crypto_local.h | 84 - src/lib/libcrypto/crypto_lock.c | 96 - src/lib/libcrypto/crypto_memory.c | 59 - src/lib/libcrypto/ct/ct.h | 567 -- src/lib/libcrypto/ct/ct_b64.c | 226 - src/lib/libcrypto/ct/ct_err.c | 149 - src/lib/libcrypto/ct/ct_local.h | 260 - src/lib/libcrypto/ct/ct_log.c | 379 -- src/lib/libcrypto/ct/ct_oct.c | 464 -- src/lib/libcrypto/ct/ct_policy.c | 163 - src/lib/libcrypto/ct/ct_prn.c | 211 - src/lib/libcrypto/ct/ct_sct.c | 507 -- src/lib/libcrypto/ct/ct_sct_ctx.c | 323 - src/lib/libcrypto/ct/ct_vfy.c | 195 - src/lib/libcrypto/ct/ct_x509v3.c | 201 - src/lib/libcrypto/curve25519/curve25519-generic.c | 34 - src/lib/libcrypto/curve25519/curve25519.c | 4946 -------------- src/lib/libcrypto/curve25519/curve25519.h | 104 - src/lib/libcrypto/curve25519/curve25519_internal.h | 105 - src/lib/libcrypto/des/des.c | 1022 --- src/lib/libcrypto/des/des.h | 206 - src/lib/libcrypto/des/des_cksum.c | 173 - src/lib/libcrypto/des/des_enc.c | 611 -- src/lib/libcrypto/des/des_fcrypt.c | 254 - src/lib/libcrypto/des/des_key.c | 523 -- src/lib/libcrypto/des/des_local.h | 226 - src/lib/libcrypto/dh/dh.h | 245 - src/lib/libcrypto/dh/dh_ameth.c | 527 -- src/lib/libcrypto/dh/dh_asn1.c | 176 - src/lib/libcrypto/dh/dh_check.c | 237 - src/lib/libcrypto/dh/dh_err.c | 114 - src/lib/libcrypto/dh/dh_gen.c | 197 - src/lib/libcrypto/dh/dh_key.c | 240 - src/lib/libcrypto/dh/dh_lib.c | 364 - src/lib/libcrypto/dh/dh_local.h | 99 - src/lib/libcrypto/dh/dh_pmeth.c | 265 - src/lib/libcrypto/dsa/dsa.h | 263 - src/lib/libcrypto/dsa/dsa_ameth.c | 736 -- src/lib/libcrypto/dsa/dsa_asn1.c | 479 -- src/lib/libcrypto/dsa/dsa_err.c | 104 - src/lib/libcrypto/dsa/dsa_gen.c | 360 - src/lib/libcrypto/dsa/dsa_key.c | 111 - src/lib/libcrypto/dsa/dsa_lib.c | 483 -- src/lib/libcrypto/dsa/dsa_local.h | 104 - src/lib/libcrypto/dsa/dsa_meth.c | 110 - src/lib/libcrypto/dsa/dsa_ossl.c | 456 -- src/lib/libcrypto/dsa/dsa_pmeth.c | 351 - src/lib/libcrypto/dsa/dsa_prn.c | 135 - src/lib/libcrypto/ec/ec.h | 675 -- src/lib/libcrypto/ec/ec_ameth.c | 1065 --- src/lib/libcrypto/ec/ec_asn1.c | 1461 ---- src/lib/libcrypto/ec/ec_convert.c | 575 -- src/lib/libcrypto/ec/ec_curve.c | 1765 ----- src/lib/libcrypto/ec/ec_err.c | 151 - src/lib/libcrypto/ec/ec_key.c | 809 --- src/lib/libcrypto/ec/ec_lib.c | 1369 ---- src/lib/libcrypto/ec/ec_local.h | 254 - src/lib/libcrypto/ec/ec_mult.c | 407 -- src/lib/libcrypto/ec/ec_pmeth.c | 545 -- src/lib/libcrypto/ec/eck_prn.c | 357 - src/lib/libcrypto/ec/ecp_methods.c | 1327 ---- src/lib/libcrypto/ec/ecx_methods.c | 973 --- src/lib/libcrypto/ecdh/ecdh.c | 281 - src/lib/libcrypto/ecdh/ecdh.h | 6 - src/lib/libcrypto/ecdsa/ecdsa.c | 774 --- src/lib/libcrypto/ecdsa/ecdsa.h | 6 - src/lib/libcrypto/ecdsa/ecdsa_local.h | 81 - src/lib/libcrypto/engine/engine.h | 215 - src/lib/libcrypto/engine/engine_stubs.c | 140 - src/lib/libcrypto/err/err.c | 1093 --- src/lib/libcrypto/err/err.h | 396 -- src/lib/libcrypto/err/err_all.c | 151 - src/lib/libcrypto/err/err_local.h | 123 - src/lib/libcrypto/err/err_prn.c | 119 - src/lib/libcrypto/evp/bio_b64.c | 572 -- src/lib/libcrypto/evp/bio_enc.c | 433 -- src/lib/libcrypto/evp/bio_md.c | 281 - src/lib/libcrypto/evp/e_aes.c | 2639 -------- src/lib/libcrypto/evp/e_bf.c | 247 - src/lib/libcrypto/evp/e_camellia.c | 823 --- src/lib/libcrypto/evp/e_cast.c | 247 - src/lib/libcrypto/evp/e_chacha.c | 77 - src/lib/libcrypto/evp/e_chacha20poly1305.c | 621 -- src/lib/libcrypto/evp/e_des.c | 355 - src/lib/libcrypto/evp/e_des3.c | 497 -- src/lib/libcrypto/evp/e_idea.c | 266 - src/lib/libcrypto/evp/e_null.c | 109 - src/lib/libcrypto/evp/e_rc2.c | 411 -- src/lib/libcrypto/evp/e_rc4.c | 144 - src/lib/libcrypto/evp/e_sm4.c | 267 - src/lib/libcrypto/evp/e_xcbc_d.c | 139 - src/lib/libcrypto/evp/evp.h | 1292 ---- src/lib/libcrypto/evp/evp_aead.c | 170 - src/lib/libcrypto/evp/evp_cipher.c | 1238 ---- src/lib/libcrypto/evp/evp_digest.c | 500 -- src/lib/libcrypto/evp/evp_encode.c | 424 -- src/lib/libcrypto/evp/evp_err.c | 169 - src/lib/libcrypto/evp/evp_key.c | 223 - src/lib/libcrypto/evp/evp_local.h | 373 -- src/lib/libcrypto/evp/evp_names.c | 1691 ----- src/lib/libcrypto/evp/evp_pbe.c | 647 -- src/lib/libcrypto/evp/evp_pkey.c | 144 - src/lib/libcrypto/evp/m_md4.c | 114 - src/lib/libcrypto/evp/m_md5.c | 114 - src/lib/libcrypto/evp/m_md5_sha1.c | 90 - src/lib/libcrypto/evp/m_null.c | 104 - src/lib/libcrypto/evp/m_ripemd.c | 114 - src/lib/libcrypto/evp/m_sha1.c | 358 - src/lib/libcrypto/evp/m_sha3.c | 177 - src/lib/libcrypto/evp/m_sigver.c | 271 - src/lib/libcrypto/evp/m_sm3.c | 69 - src/lib/libcrypto/evp/p_legacy.c | 200 - src/lib/libcrypto/evp/p_lib.c | 854 --- src/lib/libcrypto/evp/p_sign.c | 107 - src/lib/libcrypto/evp/p_verify.c | 99 - src/lib/libcrypto/evp/pmeth_fn.c | 344 - src/lib/libcrypto/evp/pmeth_gn.c | 227 - src/lib/libcrypto/evp/pmeth_lib.c | 366 - src/lib/libcrypto/format-pem.pl | 135 - src/lib/libcrypto/generate_pkgconfig.sh | 76 - src/lib/libcrypto/hidden/README | 40 - src/lib/libcrypto/hidden/crypto_namespace.h | 51 - src/lib/libcrypto/hidden/openssl/aes.h | 43 - src/lib/libcrypto/hidden/openssl/asn1.h | 262 - src/lib/libcrypto/hidden/openssl/asn1t.h | 40 - src/lib/libcrypto/hidden/openssl/bio.h | 142 - src/lib/libcrypto/hidden/openssl/blowfish.h | 36 - src/lib/libcrypto/hidden/openssl/bn.h | 145 - src/lib/libcrypto/hidden/openssl/buffer.h | 34 - src/lib/libcrypto/hidden/openssl/camellia.h | 39 - src/lib/libcrypto/hidden/openssl/cast.h | 36 - src/lib/libcrypto/hidden/openssl/chacha.h | 35 - src/lib/libcrypto/hidden/openssl/cmac.h | 37 - src/lib/libcrypto/hidden/openssl/cms.h | 161 - src/lib/libcrypto/hidden/openssl/conf.h | 45 - src/lib/libcrypto/hidden/openssl/crypto.h | 81 - src/lib/libcrypto/hidden/openssl/ct.h | 85 - src/lib/libcrypto/hidden/openssl/curve25519.h | 34 - src/lib/libcrypto/hidden/openssl/des.h | 65 - src/lib/libcrypto/hidden/openssl/dh.h | 74 - src/lib/libcrypto/hidden/openssl/dsa.h | 98 - src/lib/libcrypto/hidden/openssl/ec.h | 161 - src/lib/libcrypto/hidden/openssl/engine.h | 48 - src/lib/libcrypto/hidden/openssl/err.h | 60 - src/lib/libcrypto/hidden/openssl/evp.h | 379 -- src/lib/libcrypto/hidden/openssl/hkdf.h | 32 - src/lib/libcrypto/hidden/openssl/hmac.h | 39 - src/lib/libcrypto/hidden/openssl/idea.h | 36 - src/lib/libcrypto/hidden/openssl/lhash.h | 39 - src/lib/libcrypto/hidden/openssl/md4.h | 34 - src/lib/libcrypto/hidden/openssl/md5.h | 34 - src/lib/libcrypto/hidden/openssl/mlkem.h | 49 - src/lib/libcrypto/hidden/openssl/modes.h | 57 - src/lib/libcrypto/hidden/openssl/objects.h | 51 - src/lib/libcrypto/hidden/openssl/ocsp.h | 208 - src/lib/libcrypto/hidden/openssl/pem.h | 149 - src/lib/libcrypto/hidden/openssl/pkcs12.h | 76 - src/lib/libcrypto/hidden/openssl/pkcs7.h | 143 - src/lib/libcrypto/hidden/openssl/poly1305.h | 32 - src/lib/libcrypto/hidden/openssl/posix_time.h | 32 - src/lib/libcrypto/hidden/openssl/rand.h | 43 - src/lib/libcrypto/hidden/openssl/rc2.h | 36 - src/lib/libcrypto/hidden/openssl/rc4.h | 31 - src/lib/libcrypto/hidden/openssl/ripemd.h | 34 - src/lib/libcrypto/hidden/openssl/rsa.h | 147 - src/lib/libcrypto/hidden/openssl/sha.h | 52 - src/lib/libcrypto/hidden/openssl/sm3.h | 32 - src/lib/libcrypto/hidden/openssl/sm4.h | 32 - src/lib/libcrypto/hidden/openssl/stack.h | 49 - src/lib/libcrypto/hidden/openssl/ts.h | 217 - src/lib/libcrypto/hidden/openssl/txt_db.h | 35 - src/lib/libcrypto/hidden/openssl/ui.h | 81 - src/lib/libcrypto/hidden/openssl/x509.h | 468 -- src/lib/libcrypto/hidden/openssl/x509_vfy.h | 148 - src/lib/libcrypto/hidden/openssl/x509v3.h | 276 - src/lib/libcrypto/hkdf/hkdf.c | 135 - src/lib/libcrypto/hkdf/hkdf.h | 65 - src/lib/libcrypto/hmac/hm_ameth.c | 171 - src/lib/libcrypto/hmac/hm_pmeth.c | 261 - src/lib/libcrypto/hmac/hmac.c | 276 - src/lib/libcrypto/hmac/hmac.h | 101 - src/lib/libcrypto/hmac/hmac_local.h | 83 - src/lib/libcrypto/idea/idea.c | 418 -- src/lib/libcrypto/idea/idea.h | 94 - src/lib/libcrypto/idea/idea_local.h | 149 - src/lib/libcrypto/kdf/hkdf_evp.c | 276 - src/lib/libcrypto/kdf/kdf.h | 137 - src/lib/libcrypto/kdf/kdf_err.c | 99 - src/lib/libcrypto/kdf/tls1_prf.c | 345 - src/lib/libcrypto/lhash/lhash.c | 433 -- src/lib/libcrypto/lhash/lhash.h | 179 - src/lib/libcrypto/man/ACCESS_DESCRIPTION_new.3 | 151 - src/lib/libcrypto/man/AES_encrypt.3 | 173 - src/lib/libcrypto/man/ASIdentifiers_new.3 | 138 - src/lib/libcrypto/man/ASN1_BIT_STRING_set.3 | 139 - src/lib/libcrypto/man/ASN1_INTEGER_get.3 | 428 -- src/lib/libcrypto/man/ASN1_NULL_new.3 | 66 - src/lib/libcrypto/man/ASN1_OBJECT_new.3 | 228 - src/lib/libcrypto/man/ASN1_PRINTABLE_type.3 | 92 - src/lib/libcrypto/man/ASN1_STRING_TABLE_get.3 | 94 - src/lib/libcrypto/man/ASN1_STRING_length.3 | 461 -- src/lib/libcrypto/man/ASN1_STRING_new.3 | 303 - src/lib/libcrypto/man/ASN1_STRING_print_ex.3 | 241 - src/lib/libcrypto/man/ASN1_TIME_set.3 | 752 --- src/lib/libcrypto/man/ASN1_TYPE_get.3 | 443 -- .../libcrypto/man/ASN1_UNIVERSALSTRING_to_string.3 | 64 - src/lib/libcrypto/man/ASN1_generate_nconf.3 | 394 -- src/lib/libcrypto/man/ASN1_get_object.3 | 200 - src/lib/libcrypto/man/ASN1_item_d2i.3 | 492 -- src/lib/libcrypto/man/ASN1_item_digest.3 | 71 - src/lib/libcrypto/man/ASN1_item_new.3 | 126 - src/lib/libcrypto/man/ASN1_item_pack.3 | 84 - src/lib/libcrypto/man/ASN1_item_sign.3 | 120 - src/lib/libcrypto/man/ASN1_item_verify.3 | 77 - src/lib/libcrypto/man/ASN1_mbstring_copy.3 | 369 - src/lib/libcrypto/man/ASN1_parse_dump.3 | 216 - src/lib/libcrypto/man/ASN1_put_object.3 | 226 - src/lib/libcrypto/man/ASRange_new.3 | 410 -- src/lib/libcrypto/man/AUTHORITY_KEYID_new.3 | 73 - src/lib/libcrypto/man/BASIC_CONSTRAINTS_new.3 | 89 - src/lib/libcrypto/man/BF_set_key.3 | 269 - src/lib/libcrypto/man/BIO_accept.3 | 387 -- src/lib/libcrypto/man/BIO_ctrl.3 | 637 -- src/lib/libcrypto/man/BIO_dump.3 | 128 - src/lib/libcrypto/man/BIO_dup_chain.3 | 141 - src/lib/libcrypto/man/BIO_f_base64.3 | 148 - src/lib/libcrypto/man/BIO_f_buffer.3 | 262 - src/lib/libcrypto/man/BIO_f_cipher.3 | 209 - src/lib/libcrypto/man/BIO_f_md.3 | 366 - src/lib/libcrypto/man/BIO_f_null.3 | 99 - src/lib/libcrypto/man/BIO_find_type.3 | 271 - src/lib/libcrypto/man/BIO_get_data.3 | 406 -- src/lib/libcrypto/man/BIO_get_ex_new_index.3 | 198 - src/lib/libcrypto/man/BIO_meth_new.3 | 367 - src/lib/libcrypto/man/BIO_new.3 | 279 - src/lib/libcrypto/man/BIO_new_CMS.3 | 141 - src/lib/libcrypto/man/BIO_printf.3 | 46 - src/lib/libcrypto/man/BIO_push.3 | 335 - src/lib/libcrypto/man/BIO_read.3 | 281 - src/lib/libcrypto/man/BIO_s_accept.3 | 414 -- src/lib/libcrypto/man/BIO_s_bio.3 | 416 -- src/lib/libcrypto/man/BIO_s_connect.3 | 503 -- src/lib/libcrypto/man/BIO_s_datagram.3 | 573 -- src/lib/libcrypto/man/BIO_s_fd.3 | 290 - src/lib/libcrypto/man/BIO_s_file.3 | 377 -- src/lib/libcrypto/man/BIO_s_mem.3 | 306 - src/lib/libcrypto/man/BIO_s_null.3 | 101 - src/lib/libcrypto/man/BIO_s_socket.3 | 125 - src/lib/libcrypto/man/BIO_set_callback.3 | 396 -- src/lib/libcrypto/man/BIO_should_retry.3 | 301 - src/lib/libcrypto/man/BN_CTX_new.3 | 123 - src/lib/libcrypto/man/BN_CTX_start.3 | 137 - src/lib/libcrypto/man/BN_add.3 | 646 -- src/lib/libcrypto/man/BN_add_word.3 | 182 - src/lib/libcrypto/man/BN_bn2bin.3 | 388 -- src/lib/libcrypto/man/BN_cmp.3 | 169 - src/lib/libcrypto/man/BN_copy.3 | 165 - src/lib/libcrypto/man/BN_generate_prime.3 | 375 -- src/lib/libcrypto/man/BN_get_rfc3526_prime_8192.3 | 153 - src/lib/libcrypto/man/BN_kronecker.3 | 57 - src/lib/libcrypto/man/BN_mod_inverse.3 | 126 - src/lib/libcrypto/man/BN_mod_mul_montgomery.3 | 271 - src/lib/libcrypto/man/BN_mod_sqrt.3 | 111 - src/lib/libcrypto/man/BN_new.3 | 165 - src/lib/libcrypto/man/BN_num_bytes.3 | 175 - src/lib/libcrypto/man/BN_rand.3 | 146 - src/lib/libcrypto/man/BN_set_bit.3 | 216 - src/lib/libcrypto/man/BN_set_flags.3 | 160 - src/lib/libcrypto/man/BN_set_negative.3 | 63 - src/lib/libcrypto/man/BN_swap.3 | 148 - src/lib/libcrypto/man/BN_zero.3 | 174 - src/lib/libcrypto/man/BUF_MEM_new.3 | 153 - src/lib/libcrypto/man/CMAC_Init.3 | 273 - src/lib/libcrypto/man/CMS_ContentInfo_new.3 | 135 - src/lib/libcrypto/man/CMS_add0_cert.3 | 222 - src/lib/libcrypto/man/CMS_add1_recipient_cert.3 | 200 - src/lib/libcrypto/man/CMS_add1_signer.3 | 249 - src/lib/libcrypto/man/CMS_compress.3 | 170 - src/lib/libcrypto/man/CMS_decrypt.3 | 226 - src/lib/libcrypto/man/CMS_encrypt.3 | 191 - src/lib/libcrypto/man/CMS_final.3 | 101 - src/lib/libcrypto/man/CMS_get0_RecipientInfos.3 | 328 - src/lib/libcrypto/man/CMS_get0_SignerInfos.3 | 214 - src/lib/libcrypto/man/CMS_get0_type.3 | 226 - src/lib/libcrypto/man/CMS_get1_ReceiptRequest.3 | 198 - src/lib/libcrypto/man/CMS_sign.3 | 246 - src/lib/libcrypto/man/CMS_sign_receipt.3 | 119 - src/lib/libcrypto/man/CMS_signed_add1_attr.3 | 360 - src/lib/libcrypto/man/CMS_uncompress.3 | 115 - src/lib/libcrypto/man/CMS_verify.3 | 230 - src/lib/libcrypto/man/CMS_verify_receipt.3 | 110 - src/lib/libcrypto/man/CONF_modules_free.3 | 100 - src/lib/libcrypto/man/CONF_modules_load_file.3 | 282 - src/lib/libcrypto/man/CRYPTO_lock.3 | 121 - src/lib/libcrypto/man/CRYPTO_memcmp.3 | 95 - src/lib/libcrypto/man/CRYPTO_set_ex_data.3 | 564 -- src/lib/libcrypto/man/CRYPTO_set_mem_functions.3 | 96 - src/lib/libcrypto/man/ChaCha.3 | 253 - src/lib/libcrypto/man/DES_set_key.3 | 787 --- src/lib/libcrypto/man/DH_generate_key.3 | 122 - src/lib/libcrypto/man/DH_generate_parameters.3 | 241 - src/lib/libcrypto/man/DH_get0_pqg.3 | 342 - src/lib/libcrypto/man/DH_get_ex_new_index.3 | 99 - src/lib/libcrypto/man/DH_new.3 | 133 - src/lib/libcrypto/man/DH_set_method.3 | 195 - src/lib/libcrypto/man/DH_size.3 | 97 - src/lib/libcrypto/man/DIST_POINT_new.3 | 154 - src/lib/libcrypto/man/DSA_SIG_new.3 | 141 - src/lib/libcrypto/man/DSA_do_sign.3 | 119 - src/lib/libcrypto/man/DSA_dup_DH.3 | 88 - src/lib/libcrypto/man/DSA_generate_key.3 | 84 - src/lib/libcrypto/man/DSA_generate_parameters_ex.3 | 174 - src/lib/libcrypto/man/DSA_get0_pqg.3 | 320 - src/lib/libcrypto/man/DSA_get_ex_new_index.3 | 98 - src/lib/libcrypto/man/DSA_meth_new.3 | 230 - src/lib/libcrypto/man/DSA_new.3 | 141 - src/lib/libcrypto/man/DSA_set_method.3 | 178 - src/lib/libcrypto/man/DSA_sign.3 | 173 - src/lib/libcrypto/man/DSA_size.3 | 122 - src/lib/libcrypto/man/ECDH_compute_key.3 | 88 - src/lib/libcrypto/man/ECDSA_SIG_new.3 | 452 -- src/lib/libcrypto/man/EC_GROUP_copy.3 | 492 -- src/lib/libcrypto/man/EC_GROUP_new.3 | 353 - src/lib/libcrypto/man/EC_KEY_METHOD_new.3 | 320 - src/lib/libcrypto/man/EC_KEY_new.3 | 532 -- src/lib/libcrypto/man/EC_POINT_add.3 | 216 - src/lib/libcrypto/man/EC_POINT_new.3 | 455 -- src/lib/libcrypto/man/ENGINE_new.3 | 174 - src/lib/libcrypto/man/ERR.3 | 152 - src/lib/libcrypto/man/ERR_GET_LIB.3 | 126 - src/lib/libcrypto/man/ERR_asprintf_error_data.3 | 55 - src/lib/libcrypto/man/ERR_clear_error.3 | 70 - src/lib/libcrypto/man/ERR_error_string.3 | 176 - src/lib/libcrypto/man/ERR_get_error.3 | 191 - src/lib/libcrypto/man/ERR_load_crypto_strings.3 | 150 - src/lib/libcrypto/man/ERR_load_strings.3 | 116 - src/lib/libcrypto/man/ERR_print_errors.3 | 122 - src/lib/libcrypto/man/ERR_put_error.3 | 125 - src/lib/libcrypto/man/ERR_remove_state.3 | 108 - src/lib/libcrypto/man/ERR_set_mark.3 | 86 - src/lib/libcrypto/man/ESS_SIGNING_CERT_new.3 | 117 - src/lib/libcrypto/man/EVP_AEAD_CTX_init.3 | 411 -- src/lib/libcrypto/man/EVP_BytesToKey.3 | 145 - src/lib/libcrypto/man/EVP_CIPHER_CTX_ctrl.3 | 261 - .../libcrypto/man/EVP_CIPHER_CTX_get_cipher_data.3 | 146 - src/lib/libcrypto/man/EVP_CIPHER_CTX_init.3 | 209 - src/lib/libcrypto/man/EVP_CIPHER_CTX_set_flags.3 | 233 - src/lib/libcrypto/man/EVP_CIPHER_do_all.3 | 211 - src/lib/libcrypto/man/EVP_CIPHER_meth_new.3 | 388 -- src/lib/libcrypto/man/EVP_CIPHER_nid.3 | 306 - src/lib/libcrypto/man/EVP_DigestInit.3 | 606 -- src/lib/libcrypto/man/EVP_DigestSignInit.3 | 243 - src/lib/libcrypto/man/EVP_DigestVerifyInit.3 | 223 - src/lib/libcrypto/man/EVP_EncodeInit.3 | 334 - src/lib/libcrypto/man/EVP_EncryptInit.3 | 813 --- src/lib/libcrypto/man/EVP_MD_CTX_ctrl.3 | 279 - src/lib/libcrypto/man/EVP_MD_nid.3 | 315 - src/lib/libcrypto/man/EVP_OpenInit.3 | 157 - src/lib/libcrypto/man/EVP_PKCS82PKEY.3 | 60 - src/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3 | 582 -- src/lib/libcrypto/man/EVP_PKEY_CTX_get_operation.3 | 137 - src/lib/libcrypto/man/EVP_PKEY_CTX_new.3 | 183 - src/lib/libcrypto/man/EVP_PKEY_CTX_set_hkdf_md.3 | 258 - .../libcrypto/man/EVP_PKEY_CTX_set_tls1_prf_md.3 | 171 - src/lib/libcrypto/man/EVP_PKEY_asn1_get_count.3 | 242 - src/lib/libcrypto/man/EVP_PKEY_cmp.3 | 179 - src/lib/libcrypto/man/EVP_PKEY_decrypt.3 | 175 - src/lib/libcrypto/man/EVP_PKEY_derive.3 | 254 - src/lib/libcrypto/man/EVP_PKEY_encrypt.3 | 183 - .../man/EVP_PKEY_get_default_digest_nid.3 | 128 - src/lib/libcrypto/man/EVP_PKEY_keygen.3 | 369 - src/lib/libcrypto/man/EVP_PKEY_new.3 | 347 - src/lib/libcrypto/man/EVP_PKEY_new_CMAC_key.3 | 159 - src/lib/libcrypto/man/EVP_PKEY_print_private.3 | 129 - src/lib/libcrypto/man/EVP_PKEY_set1_RSA.3 | 498 -- src/lib/libcrypto/man/EVP_PKEY_sign.3 | 190 - src/lib/libcrypto/man/EVP_PKEY_size.3 | 224 - src/lib/libcrypto/man/EVP_PKEY_verify.3 | 167 - src/lib/libcrypto/man/EVP_PKEY_verify_recover.3 | 188 - src/lib/libcrypto/man/EVP_SealInit.3 | 191 - src/lib/libcrypto/man/EVP_SignInit.3 | 211 - src/lib/libcrypto/man/EVP_VerifyInit.3 | 205 - src/lib/libcrypto/man/EVP_aes_128_cbc.3 | 304 - src/lib/libcrypto/man/EVP_aes_128_ccm.3 | 573 -- src/lib/libcrypto/man/EVP_aes_128_gcm.3 | 254 - src/lib/libcrypto/man/EVP_camellia_128_cbc.3 | 151 - src/lib/libcrypto/man/EVP_chacha20.3 | 292 - src/lib/libcrypto/man/EVP_des_cbc.3 | 230 - src/lib/libcrypto/man/EVP_rc2_cbc.3 | 201 - src/lib/libcrypto/man/EVP_rc4.3 | 109 - src/lib/libcrypto/man/EVP_sha1.3 | 120 - src/lib/libcrypto/man/EVP_sha3_224.3 | 91 - src/lib/libcrypto/man/EVP_sm3.3 | 82 - src/lib/libcrypto/man/EVP_sm4_cbc.3 | 82 - src/lib/libcrypto/man/EXTENDED_KEY_USAGE_new.3 | 84 - src/lib/libcrypto/man/GENERAL_NAME_new.3 | 165 - src/lib/libcrypto/man/HMAC.3 | 324 - src/lib/libcrypto/man/IPAddressRange_new.3 | 525 -- src/lib/libcrypto/man/MD5.3 | 201 - src/lib/libcrypto/man/Makefile | 436 -- src/lib/libcrypto/man/NAME_CONSTRAINTS_new.3 | 100 - src/lib/libcrypto/man/OBJ_NAME_add.3 | 307 - src/lib/libcrypto/man/OBJ_create.3 | 249 - src/lib/libcrypto/man/OBJ_find_sigid_algs.3 | 89 - src/lib/libcrypto/man/OBJ_nid2obj.3 | 521 -- src/lib/libcrypto/man/OCSP_CRLID_new.3 | 113 - src/lib/libcrypto/man/OCSP_REQUEST_new.3 | 329 - src/lib/libcrypto/man/OCSP_SERVICELOC_new.3 | 109 - src/lib/libcrypto/man/OCSP_cert_to_id.3 | 239 - src/lib/libcrypto/man/OCSP_request_add1_nonce.3 | 163 - src/lib/libcrypto/man/OCSP_resp_find_status.3 | 494 -- src/lib/libcrypto/man/OCSP_response_status.3 | 308 - src/lib/libcrypto/man/OCSP_sendreq_new.3 | 323 - src/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3 | 281 - src/lib/libcrypto/man/OPENSSL_cleanse.3 | 42 - src/lib/libcrypto/man/OPENSSL_config.3 | 152 - src/lib/libcrypto/man/OPENSSL_init_crypto.3 | 115 - .../libcrypto/man/OPENSSL_load_builtin_modules.3 | 101 - src/lib/libcrypto/man/OPENSSL_malloc.3 | 101 - src/lib/libcrypto/man/OPENSSL_sk_new.3 | 553 -- src/lib/libcrypto/man/OpenSSL_add_all_algorithms.3 | 152 - src/lib/libcrypto/man/PEM_ASN1_read.3 | 172 - src/lib/libcrypto/man/PEM_X509_INFO_read.3 | 189 - src/lib/libcrypto/man/PEM_bytes_read_bio.3 | 184 - src/lib/libcrypto/man/PEM_read.3 | 416 -- src/lib/libcrypto/man/PEM_read_bio_PrivateKey.3 | 1335 ---- src/lib/libcrypto/man/PEM_write_bio_CMS_stream.3 | 95 - src/lib/libcrypto/man/PEM_write_bio_PKCS7_stream.3 | 90 - src/lib/libcrypto/man/PKCS12_SAFEBAG_new.3 | 104 - src/lib/libcrypto/man/PKCS12_create.3 | 188 - src/lib/libcrypto/man/PKCS12_new.3 | 99 - src/lib/libcrypto/man/PKCS12_newpass.3 | 155 - src/lib/libcrypto/man/PKCS12_parse.3 | 145 - src/lib/libcrypto/man/PKCS5_PBKDF2_HMAC.3 | 163 - src/lib/libcrypto/man/PKCS7_add_attribute.3 | 365 - src/lib/libcrypto/man/PKCS7_dataFinal.3 | 158 - src/lib/libcrypto/man/PKCS7_dataInit.3 | 226 - src/lib/libcrypto/man/PKCS7_decrypt.3 | 118 - src/lib/libcrypto/man/PKCS7_encrypt.3 | 169 - src/lib/libcrypto/man/PKCS7_final.3 | 202 - src/lib/libcrypto/man/PKCS7_get_signer_info.3 | 62 - src/lib/libcrypto/man/PKCS7_new.3 | 269 - src/lib/libcrypto/man/PKCS7_set_content.3 | 120 - src/lib/libcrypto/man/PKCS7_set_type.3 | 119 - src/lib/libcrypto/man/PKCS7_sign.3 | 251 - src/lib/libcrypto/man/PKCS7_sign_add_signer.3 | 187 - src/lib/libcrypto/man/PKCS7_verify.3 | 252 - src/lib/libcrypto/man/PKCS8_PRIV_KEY_INFO_new.3 | 65 - src/lib/libcrypto/man/PKCS8_pkey_set0.3 | 159 - src/lib/libcrypto/man/PKEY_USAGE_PERIOD_new.3 | 74 - src/lib/libcrypto/man/POLICYINFO_new.3 | 218 - src/lib/libcrypto/man/RAND_add.3 | 73 - src/lib/libcrypto/man/RAND_bytes.3 | 108 - src/lib/libcrypto/man/RAND_load_file.3 | 119 - src/lib/libcrypto/man/RAND_set_rand_method.3 | 55 - src/lib/libcrypto/man/RC2_encrypt.3 | 195 - src/lib/libcrypto/man/RC4.3 | 126 - src/lib/libcrypto/man/RIPEMD160.3 | 154 - src/lib/libcrypto/man/RSA_PSS_PARAMS_new.3 | 60 - src/lib/libcrypto/man/RSA_blinding_on.3 | 97 - src/lib/libcrypto/man/RSA_check_key.3 | 130 - src/lib/libcrypto/man/RSA_generate_key.3 | 164 - src/lib/libcrypto/man/RSA_get0_key.3 | 460 -- src/lib/libcrypto/man/RSA_get_ex_new_index.3 | 382 -- src/lib/libcrypto/man/RSA_meth_new.3 | 606 -- src/lib/libcrypto/man/RSA_new.3 | 248 - .../libcrypto/man/RSA_padding_add_PKCS1_type_1.3 | 236 - src/lib/libcrypto/man/RSA_pkey_ctx_ctrl.3 | 402 -- src/lib/libcrypto/man/RSA_print.3 | 144 - src/lib/libcrypto/man/RSA_private_encrypt.3 | 150 - src/lib/libcrypto/man/RSA_public_encrypt.3 | 247 - src/lib/libcrypto/man/RSA_security_bits.3 | 137 - src/lib/libcrypto/man/RSA_set_method.3 | 252 - src/lib/libcrypto/man/RSA_sign.3 | 147 - src/lib/libcrypto/man/RSA_sign_ASN1_OCTET_STRING.3 | 131 - src/lib/libcrypto/man/RSA_size.3 | 97 - src/lib/libcrypto/man/SHA1.3 | 285 - src/lib/libcrypto/man/SMIME_crlf_copy.3 | 96 - src/lib/libcrypto/man/SMIME_read_ASN1.3 | 124 - src/lib/libcrypto/man/SMIME_read_CMS.3 | 132 - src/lib/libcrypto/man/SMIME_read_PKCS7.3 | 150 - src/lib/libcrypto/man/SMIME_text.3 | 57 - src/lib/libcrypto/man/SMIME_write_ASN1.3 | 163 - src/lib/libcrypto/man/SMIME_write_CMS.3 | 133 - src/lib/libcrypto/man/SMIME_write_PKCS7.3 | 184 - src/lib/libcrypto/man/STACK_OF.3 | 207 - src/lib/libcrypto/man/TS_REQ_new.3 | 182 - src/lib/libcrypto/man/UI_create_method.3 | 284 - src/lib/libcrypto/man/UI_get_string_type.3 | 281 - src/lib/libcrypto/man/UI_new.3 | 529 -- src/lib/libcrypto/man/X25519.3 | 211 - src/lib/libcrypto/man/X509V3_EXT_get_nid.3 | 94 - src/lib/libcrypto/man/X509V3_EXT_print.3 | 195 - src/lib/libcrypto/man/X509V3_extensions_print.3 | 100 - src/lib/libcrypto/man/X509V3_get_d2i.3 | 507 -- src/lib/libcrypto/man/X509V3_parse_list.3 | 101 - src/lib/libcrypto/man/X509_ALGOR_dup.3 | 297 - src/lib/libcrypto/man/X509_ATTRIBUTE_get0_object.3 | 136 - src/lib/libcrypto/man/X509_ATTRIBUTE_new.3 | 180 - src/lib/libcrypto/man/X509_ATTRIBUTE_set1_object.3 | 267 - src/lib/libcrypto/man/X509_CINF_new.3 | 117 - src/lib/libcrypto/man/X509_CRL_get0_by_serial.3 | 179 - src/lib/libcrypto/man/X509_CRL_new.3 | 143 - src/lib/libcrypto/man/X509_CRL_print.3 | 113 - src/lib/libcrypto/man/X509_EXTENSION_set_object.3 | 348 - src/lib/libcrypto/man/X509_INFO_new.3 | 72 - src/lib/libcrypto/man/X509_LOOKUP_hash_dir.3 | 188 - src/lib/libcrypto/man/X509_LOOKUP_new.3 | 460 -- src/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3 | 391 -- src/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3 | 283 - src/lib/libcrypto/man/X509_NAME_get_index_by_NID.3 | 265 - src/lib/libcrypto/man/X509_NAME_hash.3 | 97 - src/lib/libcrypto/man/X509_NAME_new.3 | 103 - src/lib/libcrypto/man/X509_NAME_print_ex.3 | 260 - src/lib/libcrypto/man/X509_OBJECT_get0_X509.3 | 252 - src/lib/libcrypto/man/X509_PKEY_new.3 | 92 - src/lib/libcrypto/man/X509_PUBKEY_new.3 | 401 -- src/lib/libcrypto/man/X509_PURPOSE_set.3 | 295 - src/lib/libcrypto/man/X509_REQ_add1_attr.3 | 172 - src/lib/libcrypto/man/X509_REQ_add_extensions.3 | 113 - src/lib/libcrypto/man/X509_REQ_new.3 | 145 - src/lib/libcrypto/man/X509_REQ_print_ex.3 | 173 - src/lib/libcrypto/man/X509_REVOKED_new.3 | 213 - src/lib/libcrypto/man/X509_SIG_get0.3 | 90 - src/lib/libcrypto/man/X509_SIG_new.3 | 68 - src/lib/libcrypto/man/X509_STORE_CTX_get_error.3 | 591 -- .../man/X509_STORE_CTX_get_ex_new_index.3 | 153 - src/lib/libcrypto/man/X509_STORE_CTX_new.3 | 365 - src/lib/libcrypto/man/X509_STORE_CTX_set_flags.3 | 326 - src/lib/libcrypto/man/X509_STORE_CTX_set_verify.3 | 256 - .../libcrypto/man/X509_STORE_CTX_set_verify_cb.3 | 309 - src/lib/libcrypto/man/X509_STORE_get_by_subject.3 | 246 - src/lib/libcrypto/man/X509_STORE_load_locations.3 | 188 - src/lib/libcrypto/man/X509_STORE_new.3 | 145 - src/lib/libcrypto/man/X509_STORE_set1_param.3 | 268 - .../libcrypto/man/X509_STORE_set_verify_cb_func.3 | 121 - src/lib/libcrypto/man/X509_VERIFY_PARAM_new.3 | 306 - .../libcrypto/man/X509_VERIFY_PARAM_set_flags.3 | 736 -- src/lib/libcrypto/man/X509_add1_trust_object.3 | 99 - src/lib/libcrypto/man/X509_check_ca.3 | 117 - src/lib/libcrypto/man/X509_check_host.3 | 246 - src/lib/libcrypto/man/X509_check_issued.3 | 109 - src/lib/libcrypto/man/X509_check_private_key.3 | 73 - src/lib/libcrypto/man/X509_check_purpose.3 | 431 -- src/lib/libcrypto/man/X509_cmp.3 | 235 - src/lib/libcrypto/man/X509_cmp_time.3 | 200 - src/lib/libcrypto/man/X509_digest.3 | 155 - src/lib/libcrypto/man/X509_find_by_subject.3 | 69 - src/lib/libcrypto/man/X509_get0_notBefore.3 | 264 - src/lib/libcrypto/man/X509_get0_signature.3 | 280 - src/lib/libcrypto/man/X509_get1_email.3 | 123 - src/lib/libcrypto/man/X509_get_extension_flags.3 | 234 - src/lib/libcrypto/man/X509_get_pubkey.3 | 296 - src/lib/libcrypto/man/X509_get_pubkey_parameters.3 | 99 - src/lib/libcrypto/man/X509_get_serialNumber.3 | 129 - src/lib/libcrypto/man/X509_get_subject_name.3 | 189 - src/lib/libcrypto/man/X509_get_version.3 | 162 - src/lib/libcrypto/man/X509_keyid_set1.3 | 171 - src/lib/libcrypto/man/X509_load_cert_file.3 | 133 - src/lib/libcrypto/man/X509_new.3 | 279 - src/lib/libcrypto/man/X509_ocspid_print.3 | 58 - src/lib/libcrypto/man/X509_print_ex.3 | 279 - src/lib/libcrypto/man/X509_sign.3 | 209 - src/lib/libcrypto/man/X509_signature_dump.3 | 85 - src/lib/libcrypto/man/X509_verify_cert.3 | 93 - src/lib/libcrypto/man/X509v3_addr_add_inherit.3 | 475 -- src/lib/libcrypto/man/X509v3_addr_get_range.3 | 132 - src/lib/libcrypto/man/X509v3_addr_inherits.3 | 104 - src/lib/libcrypto/man/X509v3_addr_subset.3 | 176 - src/lib/libcrypto/man/X509v3_addr_validate_path.3 | 203 - .../libcrypto/man/X509v3_asid_add_id_or_range.3 | 327 - src/lib/libcrypto/man/X509v3_get_ext_by_NID.3 | 408 -- src/lib/libcrypto/man/a2d_ASN1_OBJECT.3 | 84 - src/lib/libcrypto/man/a2i_ipadd.3 | 136 - src/lib/libcrypto/man/bn_dump.3 | 415 -- src/lib/libcrypto/man/crypto.3 | 419 -- src/lib/libcrypto/man/d2i_ASN1_NULL.3 | 92 - src/lib/libcrypto/man/d2i_ASN1_OBJECT.3 | 164 - src/lib/libcrypto/man/d2i_ASN1_OCTET_STRING.3 | 461 -- src/lib/libcrypto/man/d2i_ASN1_SEQUENCE_ANY.3 | 98 - src/lib/libcrypto/man/d2i_AUTHORITY_KEYID.3 | 75 - src/lib/libcrypto/man/d2i_BASIC_CONSTRAINTS.3 | 106 - src/lib/libcrypto/man/d2i_CMS_ContentInfo.3 | 128 - src/lib/libcrypto/man/d2i_DHparams.3 | 99 - src/lib/libcrypto/man/d2i_DIST_POINT.3 | 201 - src/lib/libcrypto/man/d2i_DSAPublicKey.3 | 412 -- src/lib/libcrypto/man/d2i_ECPKParameters.3 | 467 -- src/lib/libcrypto/man/d2i_ESS_SIGNING_CERT.3 | 118 - src/lib/libcrypto/man/d2i_GENERAL_NAME.3 | 160 - src/lib/libcrypto/man/d2i_OCSP_REQUEST.3 | 181 - src/lib/libcrypto/man/d2i_OCSP_RESPONSE.3 | 248 - src/lib/libcrypto/man/d2i_PKCS12.3 | 202 - src/lib/libcrypto/man/d2i_PKCS7.3 | 341 - src/lib/libcrypto/man/d2i_PKCS8PrivateKey_bio.3 | 172 - src/lib/libcrypto/man/d2i_PKCS8_PRIV_KEY_INFO.3 | 127 - src/lib/libcrypto/man/d2i_PKEY_USAGE_PERIOD.3 | 74 - src/lib/libcrypto/man/d2i_POLICYINFO.3 | 165 - src/lib/libcrypto/man/d2i_PrivateKey.3 | 312 - src/lib/libcrypto/man/d2i_RSAPublicKey.3 | 389 -- src/lib/libcrypto/man/d2i_TS_REQ.3 | 333 - src/lib/libcrypto/man/d2i_X509.3 | 362 - src/lib/libcrypto/man/d2i_X509_ALGOR.3 | 89 - src/lib/libcrypto/man/d2i_X509_ATTRIBUTE.3 | 76 - src/lib/libcrypto/man/d2i_X509_CRL.3 | 148 - src/lib/libcrypto/man/d2i_X509_EXTENSION.3 | 104 - src/lib/libcrypto/man/d2i_X509_NAME.3 | 213 - src/lib/libcrypto/man/d2i_X509_REQ.3 | 151 - src/lib/libcrypto/man/d2i_X509_SIG.3 | 159 - src/lib/libcrypto/man/des_read_pw.3 | 197 - src/lib/libcrypto/man/evp.3 | 249 - src/lib/libcrypto/man/i2a_ASN1_STRING.3 | 255 - src/lib/libcrypto/man/i2d_CMS_bio_stream.3 | 95 - src/lib/libcrypto/man/i2d_PKCS7_bio_stream.3 | 94 - src/lib/libcrypto/man/lh_new.3 | 554 -- src/lib/libcrypto/man/openssl.cnf.5 | 361 - src/lib/libcrypto/man/s2i_ASN1_INTEGER.3 | 215 - src/lib/libcrypto/man/v2i_ASN1_BIT_STRING.3 | 125 - src/lib/libcrypto/man/x509_verify.3 | 221 - src/lib/libcrypto/man/x509v3.cnf.5 | 738 -- src/lib/libcrypto/md4/md4.c | 347 - src/lib/libcrypto/md4/md4.h | 105 - src/lib/libcrypto/md5/asm/md5-586.pl | 307 - src/lib/libcrypto/md5/md5.c | 375 -- src/lib/libcrypto/md5/md5.h | 99 - src/lib/libcrypto/md5/md5_amd64_generic.S | 237 - src/lib/libcrypto/mlkem/mlkem.h | 285 - src/lib/libcrypto/mlkem/mlkem1024.c | 1139 ---- src/lib/libcrypto/mlkem/mlkem768.c | 1138 ---- src/lib/libcrypto/mlkem/mlkem_internal.h | 121 - src/lib/libcrypto/modes/asm/ghash-alpha.pl | 444 -- src/lib/libcrypto/modes/asm/ghash-armv4.pl | 430 -- src/lib/libcrypto/modes/asm/ghash-parisc.pl | 740 -- src/lib/libcrypto/modes/asm/ghash-sparcv9.pl | 351 - src/lib/libcrypto/modes/asm/ghash-x86.pl | 1326 ---- src/lib/libcrypto/modes/asm/ghash-x86_64.pl | 812 --- src/lib/libcrypto/modes/cbc128.c | 214 - src/lib/libcrypto/modes/ccm128.c | 498 -- src/lib/libcrypto/modes/cfb128.c | 251 - src/lib/libcrypto/modes/ctr128.c | 267 - src/lib/libcrypto/modes/gcm128.c | 1358 ---- src/lib/libcrypto/modes/modes.h | 118 - src/lib/libcrypto/modes/modes_local.h | 121 - src/lib/libcrypto/modes/ofb128.c | 124 - src/lib/libcrypto/modes/xts128.c | 197 - src/lib/libcrypto/objects/obj_dat.c | 584 -- src/lib/libcrypto/objects/obj_dat.pl | 307 - src/lib/libcrypto/objects/obj_err.c | 93 - src/lib/libcrypto/objects/obj_lib.c | 135 - src/lib/libcrypto/objects/obj_mac.num | 1055 --- src/lib/libcrypto/objects/obj_xref.c | 332 - src/lib/libcrypto/objects/objects.README | 44 - src/lib/libcrypto/objects/objects.h | 137 - src/lib/libcrypto/objects/objects.pl | 233 - src/lib/libcrypto/objects/objects.txt | 1479 ---- src/lib/libcrypto/ocsp/ocsp.h | 484 -- src/lib/libcrypto/ocsp/ocsp_asn.c | 1066 --- src/lib/libcrypto/ocsp/ocsp_cl.c | 463 -- src/lib/libcrypto/ocsp/ocsp_err.c | 121 - src/lib/libcrypto/ocsp/ocsp_ext.c | 612 -- src/lib/libcrypto/ocsp/ocsp_ht.c | 469 -- src/lib/libcrypto/ocsp/ocsp_lib.c | 249 - src/lib/libcrypto/ocsp/ocsp_local.h | 291 - src/lib/libcrypto/ocsp/ocsp_prn.c | 323 - src/lib/libcrypto/ocsp/ocsp_srv.c | 285 - src/lib/libcrypto/ocsp/ocsp_vfy.c | 475 -- src/lib/libcrypto/openssl.cnf | 24 - src/lib/libcrypto/opensslfeatures.h | 146 - src/lib/libcrypto/opensslv.h | 18 - src/lib/libcrypto/ossl_typ.h | 181 - src/lib/libcrypto/pem/message | 16 - src/lib/libcrypto/pem/pem.h | 546 -- src/lib/libcrypto/pem/pem_all.c | 704 -- src/lib/libcrypto/pem/pem_err.c | 119 - src/lib/libcrypto/pem/pem_info.c | 387 -- src/lib/libcrypto/pem/pem_lib.c | 866 --- src/lib/libcrypto/pem/pem_oth.c | 88 - src/lib/libcrypto/pem/pem_pk8.c | 324 - src/lib/libcrypto/pem/pem_pkey.c | 263 - src/lib/libcrypto/pem/pem_sign.c | 108 - src/lib/libcrypto/pem/pem_x509.c | 98 - src/lib/libcrypto/pem/pem_xaux.c | 98 - src/lib/libcrypto/pem/pkcs7.lis | 22 - src/lib/libcrypto/pem/pvkfmt.c | 944 --- src/lib/libcrypto/perlasm/cbc.pl | 331 - src/lib/libcrypto/perlasm/ppc-xlate.pl | 159 - src/lib/libcrypto/perlasm/readme | 124 - src/lib/libcrypto/perlasm/x86_64-xlate.pl | 1105 --- src/lib/libcrypto/perlasm/x86asm.pl | 257 - src/lib/libcrypto/perlasm/x86gas.pl | 315 - src/lib/libcrypto/pkcs12/p12_add.c | 229 - src/lib/libcrypto/pkcs12/p12_asn.c | 485 -- src/lib/libcrypto/pkcs12/p12_attr.c | 158 - src/lib/libcrypto/pkcs12/p12_crt.c | 336 - src/lib/libcrypto/pkcs12/p12_decr.c | 184 - src/lib/libcrypto/pkcs12/p12_init.c | 100 - src/lib/libcrypto/pkcs12/p12_key.c | 197 - src/lib/libcrypto/pkcs12/p12_kiss.c | 299 - src/lib/libcrypto/pkcs12/p12_mutl.c | 265 - src/lib/libcrypto/pkcs12/p12_npas.c | 300 - src/lib/libcrypto/pkcs12/p12_p8d.c | 72 - src/lib/libcrypto/pkcs12/p12_p8e.c | 104 - src/lib/libcrypto/pkcs12/p12_sbag.c | 235 - src/lib/libcrypto/pkcs12/p12_utl.c | 157 - src/lib/libcrypto/pkcs12/pk12err.c | 113 - src/lib/libcrypto/pkcs12/pkcs12.h | 284 - src/lib/libcrypto/pkcs12/pkcs12_local.h | 174 - src/lib/libcrypto/pkcs7/pk7_asn1.c | 1053 --- src/lib/libcrypto/pkcs7/pk7_attr.c | 176 - src/lib/libcrypto/pkcs7/pk7_doit.c | 1263 ---- src/lib/libcrypto/pkcs7/pk7_lib.c | 685 -- src/lib/libcrypto/pkcs7/pk7_mime.c | 110 - src/lib/libcrypto/pkcs7/pk7_smime.c | 587 -- src/lib/libcrypto/pkcs7/pkcs7.h | 510 -- src/lib/libcrypto/pkcs7/pkcs7err.c | 145 - src/lib/libcrypto/poly1305/poly1305-donna.c | 321 - src/lib/libcrypto/poly1305/poly1305.c | 41 - src/lib/libcrypto/poly1305/poly1305.h | 45 - src/lib/libcrypto/rand/rand.h | 118 - src/lib/libcrypto/rand/rand_err.c | 96 - src/lib/libcrypto/rand/rand_lib.c | 102 - src/lib/libcrypto/rand/randfile.c | 146 - src/lib/libcrypto/rc2/rc2.h | 96 - src/lib/libcrypto/rc2/rc2_cbc.c | 236 - src/lib/libcrypto/rc2/rc2_ecb.c | 91 - src/lib/libcrypto/rc2/rc2_local.h | 112 - src/lib/libcrypto/rc2/rc2_skey.c | 142 - src/lib/libcrypto/rc2/rc2cfb64.c | 124 - src/lib/libcrypto/rc2/rc2ofb64.c | 111 - src/lib/libcrypto/rc2/rrc2.doc | 219 - src/lib/libcrypto/rc2/version | 22 - src/lib/libcrypto/rc4/asm/rc4-586.pl | 388 -- src/lib/libcrypto/rc4/asm/rc4-x86_64.pl | 522 -- src/lib/libcrypto/rc4/rc4.c | 305 - src/lib/libcrypto/rc4/rc4.h | 83 - src/lib/libcrypto/ripemd/ripemd.c | 497 -- src/lib/libcrypto/ripemd/ripemd.h | 107 - src/lib/libcrypto/rsa/rsa.h | 603 -- src/lib/libcrypto/rsa/rsa_ameth.c | 1275 ---- src/lib/libcrypto/rsa/rsa_asn1.c | 426 -- src/lib/libcrypto/rsa/rsa_blinding.c | 361 - src/lib/libcrypto/rsa/rsa_chk.c | 223 - src/lib/libcrypto/rsa/rsa_eay.c | 902 --- src/lib/libcrypto/rsa/rsa_err.c | 160 - src/lib/libcrypto/rsa/rsa_gen.c | 257 - src/lib/libcrypto/rsa/rsa_lib.c | 426 -- src/lib/libcrypto/rsa/rsa_local.h | 154 - src/lib/libcrypto/rsa/rsa_meth.c | 309 - src/lib/libcrypto/rsa/rsa_none.c | 98 - src/lib/libcrypto/rsa/rsa_oaep.c | 368 - src/lib/libcrypto/rsa/rsa_pk1.c | 283 - src/lib/libcrypto/rsa/rsa_pmeth.c | 911 --- src/lib/libcrypto/rsa/rsa_prn.c | 99 - src/lib/libcrypto/rsa/rsa_pss.c | 291 - src/lib/libcrypto/rsa/rsa_saos.c | 143 - src/lib/libcrypto/rsa/rsa_sign.c | 280 - src/lib/libcrypto/rsa/rsa_x931.c | 164 - src/lib/libcrypto/sha/asm/sha1-586.pl | 1223 ---- src/lib/libcrypto/sha/asm/sha1-alpha.pl | 316 - src/lib/libcrypto/sha/asm/sha1-armv4-large.pl | 248 - src/lib/libcrypto/sha/asm/sha1-mips.pl | 350 - src/lib/libcrypto/sha/asm/sha1-parisc.pl | 258 - src/lib/libcrypto/sha/asm/sha1-ppc.pl | 318 - src/lib/libcrypto/sha/asm/sha1-sparcv9.pl | 282 - src/lib/libcrypto/sha/asm/sha256-586.pl | 249 - src/lib/libcrypto/sha/asm/sha256-armv4.pl | 211 - src/lib/libcrypto/sha/asm/sha512-586.pl | 646 -- src/lib/libcrypto/sha/asm/sha512-armv4.pl | 582 -- src/lib/libcrypto/sha/asm/sha512-mips.pl | 457 -- src/lib/libcrypto/sha/asm/sha512-parisc.pl | 801 --- src/lib/libcrypto/sha/asm/sha512-ppc.pl | 444 -- src/lib/libcrypto/sha/asm/sha512-sparcv9.pl | 604 -- src/lib/libcrypto/sha/sha.h | 190 - src/lib/libcrypto/sha/sha1.c | 518 -- src/lib/libcrypto/sha/sha1_amd64.c | 34 - src/lib/libcrypto/sha/sha1_amd64_generic.S | 314 - src/lib/libcrypto/sha/sha1_amd64_shani.S | 170 - src/lib/libcrypto/sha/sha256.c | 496 -- src/lib/libcrypto/sha/sha256_aarch64.c | 34 - src/lib/libcrypto/sha/sha256_aarch64_ce.S | 189 - src/lib/libcrypto/sha/sha256_amd64.c | 34 - src/lib/libcrypto/sha/sha256_amd64_generic.S | 302 - src/lib/libcrypto/sha/sha256_amd64_shani.S | 209 - src/lib/libcrypto/sha/sha3.c | 172 - src/lib/libcrypto/sha/sha3_internal.h | 81 - src/lib/libcrypto/sha/sha512.c | 578 -- src/lib/libcrypto/sha/sha512_aarch64.c | 34 - src/lib/libcrypto/sha/sha512_aarch64_ce.S | 312 - src/lib/libcrypto/sha/sha512_amd64.c | 26 - src/lib/libcrypto/sha/sha512_amd64_generic.S | 307 - src/lib/libcrypto/sha/sha_internal.h | 36 - src/lib/libcrypto/shlib_version | 3 - src/lib/libcrypto/sm2/sm2.h | 138 - src/lib/libcrypto/sm2/sm2_crypt.c | 631 -- src/lib/libcrypto/sm2/sm2_err.c | 105 - src/lib/libcrypto/sm2/sm2_local.h | 41 - src/lib/libcrypto/sm2/sm2_pmeth.c | 316 - src/lib/libcrypto/sm2/sm2_sign.c | 465 -- src/lib/libcrypto/sm2/sm2_za.c | 161 - src/lib/libcrypto/sm3/sm3.c | 361 - src/lib/libcrypto/sm3/sm3.h | 49 - src/lib/libcrypto/sm4/sm4.c | 304 - src/lib/libcrypto/sm4/sm4.h | 47 - src/lib/libcrypto/stack/safestack.h | 1739 ----- src/lib/libcrypto/stack/stack.c | 385 -- src/lib/libcrypto/stack/stack.h | 99 - src/lib/libcrypto/stack/stack_local.h | 71 - src/lib/libcrypto/ts/ts.h | 660 -- src/lib/libcrypto/ts/ts_asn1.c | 1077 --- src/lib/libcrypto/ts/ts_conf.c | 517 -- src/lib/libcrypto/ts/ts_err.c | 126 - src/lib/libcrypto/ts/ts_lib.c | 163 - src/lib/libcrypto/ts/ts_local.h | 316 - src/lib/libcrypto/ts/ts_req_print.c | 105 - src/lib/libcrypto/ts/ts_req_utils.c | 281 - src/lib/libcrypto/ts/ts_rsp_print.c | 306 - src/lib/libcrypto/ts/ts_rsp_sign.c | 982 --- src/lib/libcrypto/ts/ts_rsp_utils.c | 503 -- src/lib/libcrypto/ts/ts_rsp_verify.c | 847 --- src/lib/libcrypto/ts/ts_verify_ctx.c | 236 - src/lib/libcrypto/txt_db/txt_db.c | 378 -- src/lib/libcrypto/txt_db/txt_db.h | 112 - src/lib/libcrypto/ui/ui.h | 397 -- src/lib/libcrypto/ui/ui_err.c | 98 - src/lib/libcrypto/ui/ui_lib.c | 907 --- src/lib/libcrypto/ui/ui_local.h | 152 - src/lib/libcrypto/ui/ui_null.c | 18 - src/lib/libcrypto/ui/ui_openssl.c | 398 -- src/lib/libcrypto/util/mkstack.pl | 171 - src/lib/libcrypto/x509/by_dir.c | 407 -- src/lib/libcrypto/x509/by_file.c | 262 - src/lib/libcrypto/x509/by_mem.c | 136 - src/lib/libcrypto/x509/x509.h | 1041 --- src/lib/libcrypto/x509/x509_addr.c | 2074 ------ src/lib/libcrypto/x509/x509_akey.c | 245 - src/lib/libcrypto/x509/x509_akeya.c | 129 - src/lib/libcrypto/x509/x509_alt.c | 799 --- src/lib/libcrypto/x509/x509_asid.c | 1255 ---- src/lib/libcrypto/x509/x509_att.c | 377 -- src/lib/libcrypto/x509/x509_bcons.c | 212 - src/lib/libcrypto/x509/x509_bitst.c | 240 - src/lib/libcrypto/x509/x509_cmp.c | 429 -- src/lib/libcrypto/x509/x509_conf.c | 456 -- src/lib/libcrypto/x509/x509_constraints.c | 1294 ---- src/lib/libcrypto/x509/x509_cpols.c | 773 --- src/lib/libcrypto/x509/x509_crld.c | 852 --- src/lib/libcrypto/x509/x509_d2.c | 131 - src/lib/libcrypto/x509/x509_def.c | 103 - src/lib/libcrypto/x509/x509_err.c | 215 - src/lib/libcrypto/x509/x509_ext.c | 258 - src/lib/libcrypto/x509/x509_extku.c | 236 - src/lib/libcrypto/x509/x509_genn.c | 541 -- src/lib/libcrypto/x509/x509_ia5.c | 268 - src/lib/libcrypto/x509/x509_info.c | 331 - src/lib/libcrypto/x509/x509_int.c | 136 - src/lib/libcrypto/x509/x509_internal.h | 141 - src/lib/libcrypto/x509/x509_issuer_cache.c | 193 - src/lib/libcrypto/x509/x509_issuer_cache.h | 48 - src/lib/libcrypto/x509/x509_lib.c | 374 -- src/lib/libcrypto/x509/x509_local.h | 503 -- src/lib/libcrypto/x509/x509_lu.c | 883 --- src/lib/libcrypto/x509/x509_ncons.c | 569 -- src/lib/libcrypto/x509/x509_obj.c | 198 - src/lib/libcrypto/x509/x509_ocsp.c | 424 -- src/lib/libcrypto/x509/x509_pcons.c | 205 - src/lib/libcrypto/x509/x509_pku.c | 165 - src/lib/libcrypto/x509/x509_pmaps.c | 247 - src/lib/libcrypto/x509/x509_policy.c | 1018 --- src/lib/libcrypto/x509/x509_prn.c | 231 - src/lib/libcrypto/x509/x509_purp.c | 930 --- src/lib/libcrypto/x509/x509_r2x.c | 117 - src/lib/libcrypto/x509/x509_req.c | 320 - src/lib/libcrypto/x509/x509_set.c | 268 - src/lib/libcrypto/x509/x509_siginfo.c | 113 - src/lib/libcrypto/x509/x509_skey.c | 171 - src/lib/libcrypto/x509/x509_trs.c | 173 - src/lib/libcrypto/x509/x509_txt.c | 196 - src/lib/libcrypto/x509/x509_utl.c | 1494 ----- src/lib/libcrypto/x509/x509_v3.c | 295 - src/lib/libcrypto/x509/x509_verify.c | 1288 ---- src/lib/libcrypto/x509/x509_verify.h | 43 - src/lib/libcrypto/x509/x509_vfy.c | 2602 ------- src/lib/libcrypto/x509/x509_vfy.h | 463 -- src/lib/libcrypto/x509/x509_vpm.c | 743 -- src/lib/libcrypto/x509/x509cset.c | 238 - src/lib/libcrypto/x509/x509name.c | 452 -- src/lib/libcrypto/x509/x509rset.c | 113 - src/lib/libcrypto/x509/x509spki.c | 136 - src/lib/libcrypto/x509/x509type.c | 136 - src/lib/libcrypto/x509/x509v3.h | 1041 --- src/lib/libcrypto/x509/x_all.c | 536 -- src/lib/libcrypto/x509v3.cnf | 29 - src/lib/libcrypto/x86_arch.h | 95 - 1187 files changed, 381069 deletions(-) delete mode 100644 src/lib/libcrypto/Makefile delete mode 100644 src/lib/libcrypto/Symbols.list delete mode 100644 src/lib/libcrypto/aes/aes.c delete mode 100644 src/lib/libcrypto/aes/aes.h delete mode 100644 src/lib/libcrypto/aes/aes_core.c delete mode 100644 src/lib/libcrypto/aes/aes_ige.c delete mode 100644 src/lib/libcrypto/aes/aes_local.h delete mode 100644 src/lib/libcrypto/aes/asm/aes-586.pl delete mode 100644 src/lib/libcrypto/aes/asm/aes-armv4.pl delete mode 100644 src/lib/libcrypto/aes/asm/aes-mips.pl delete mode 100644 src/lib/libcrypto/aes/asm/aes-parisc.pl delete mode 100644 src/lib/libcrypto/aes/asm/aes-ppc.pl delete mode 100755 src/lib/libcrypto/aes/asm/aes-sparcv9.pl delete mode 100755 src/lib/libcrypto/aes/asm/aes-x86_64.pl delete mode 100644 src/lib/libcrypto/aes/asm/aesni-x86.pl delete mode 100644 src/lib/libcrypto/aes/asm/aesni-x86_64.pl delete mode 100644 src/lib/libcrypto/aes/asm/bsaes-x86_64.pl delete mode 100644 src/lib/libcrypto/aes/asm/vpaes-x86.pl delete mode 100644 src/lib/libcrypto/aes/asm/vpaes-x86_64.pl delete mode 100644 src/lib/libcrypto/arc4random/arc4random_aix.h delete mode 100644 src/lib/libcrypto/arc4random/arc4random_freebsd.h delete mode 100644 src/lib/libcrypto/arc4random/arc4random_hpux.h delete mode 100644 src/lib/libcrypto/arc4random/arc4random_linux.h delete mode 100644 src/lib/libcrypto/arc4random/arc4random_netbsd.h delete mode 100644 src/lib/libcrypto/arc4random/arc4random_osx.h delete mode 100644 src/lib/libcrypto/arc4random/arc4random_solaris.h delete mode 100644 src/lib/libcrypto/arc4random/arc4random_win.h delete mode 100644 src/lib/libcrypto/arc4random/getentropy_aix.c delete mode 100644 src/lib/libcrypto/arc4random/getentropy_freebsd.c delete mode 100644 src/lib/libcrypto/arc4random/getentropy_hpux.c delete mode 100644 src/lib/libcrypto/arc4random/getentropy_linux.c delete mode 100644 src/lib/libcrypto/arc4random/getentropy_netbsd.c delete mode 100644 src/lib/libcrypto/arc4random/getentropy_osx.c delete mode 100644 src/lib/libcrypto/arc4random/getentropy_solaris.c delete mode 100644 src/lib/libcrypto/arc4random/getentropy_win.c delete mode 100644 src/lib/libcrypto/arch/aarch64/Makefile.inc delete mode 100644 src/lib/libcrypto/arch/aarch64/crypto_arch.h delete mode 100644 src/lib/libcrypto/arch/aarch64/crypto_cpu_caps.c delete mode 100644 src/lib/libcrypto/arch/aarch64/opensslconf.h delete mode 100644 src/lib/libcrypto/arch/alpha/Makefile.inc delete mode 100644 src/lib/libcrypto/arch/alpha/crypto_arch.h delete mode 100644 src/lib/libcrypto/arch/alpha/opensslconf.h delete mode 100644 src/lib/libcrypto/arch/amd64/Makefile.inc delete mode 100644 src/lib/libcrypto/arch/amd64/crypto_arch.h delete mode 100644 src/lib/libcrypto/arch/amd64/crypto_cpu_caps.c delete mode 100644 src/lib/libcrypto/arch/amd64/opensslconf.h delete mode 100644 src/lib/libcrypto/arch/arm/Makefile.inc delete mode 100644 src/lib/libcrypto/arch/arm/arm_arch.h delete mode 100644 src/lib/libcrypto/arch/arm/armcap.c delete mode 100644 src/lib/libcrypto/arch/arm/armv4cpuid.S delete mode 100644 src/lib/libcrypto/arch/arm/crypto_arch.h delete mode 100644 src/lib/libcrypto/arch/arm/opensslconf.h delete mode 100644 src/lib/libcrypto/arch/hppa/Makefile.inc delete mode 100644 src/lib/libcrypto/arch/hppa/crypto_arch.h delete mode 100644 src/lib/libcrypto/arch/hppa/opensslconf.h delete mode 100644 src/lib/libcrypto/arch/i386/Makefile.inc delete mode 100644 src/lib/libcrypto/arch/i386/crypto_arch.h delete mode 100644 src/lib/libcrypto/arch/i386/crypto_cpu_caps.c delete mode 100644 src/lib/libcrypto/arch/i386/opensslconf.h delete mode 100644 src/lib/libcrypto/arch/m88k/crypto_arch.h delete mode 100644 src/lib/libcrypto/arch/m88k/opensslconf.h delete mode 100644 src/lib/libcrypto/arch/mips64/Makefile.inc delete mode 100644 src/lib/libcrypto/arch/mips64/crypto_arch.h delete mode 100644 src/lib/libcrypto/arch/mips64/opensslconf.h delete mode 100644 src/lib/libcrypto/arch/powerpc/Makefile.inc delete mode 100644 src/lib/libcrypto/arch/powerpc/crypto_arch.h delete mode 100644 src/lib/libcrypto/arch/powerpc/opensslconf.h delete mode 100644 src/lib/libcrypto/arch/powerpc64/Makefile.inc delete mode 100644 src/lib/libcrypto/arch/powerpc64/crypto_arch.h delete mode 100644 src/lib/libcrypto/arch/powerpc64/opensslconf.h delete mode 100644 src/lib/libcrypto/arch/riscv64/Makefile.inc delete mode 100644 src/lib/libcrypto/arch/riscv64/crypto_arch.h delete mode 100644 src/lib/libcrypto/arch/riscv64/opensslconf.h delete mode 100644 src/lib/libcrypto/arch/sh/crypto_arch.h delete mode 100644 src/lib/libcrypto/arch/sh/opensslconf.h delete mode 100644 src/lib/libcrypto/arch/sparc64/Makefile.inc delete mode 100644 src/lib/libcrypto/arch/sparc64/crypto_arch.h delete mode 100644 src/lib/libcrypto/arch/sparc64/opensslconf.h delete mode 100644 src/lib/libcrypto/asn1/a_bitstr.c delete mode 100644 src/lib/libcrypto/asn1/a_enum.c delete mode 100644 src/lib/libcrypto/asn1/a_int.c delete mode 100644 src/lib/libcrypto/asn1/a_mbstr.c delete mode 100644 src/lib/libcrypto/asn1/a_object.c delete mode 100644 src/lib/libcrypto/asn1/a_octet.c delete mode 100644 src/lib/libcrypto/asn1/a_pkey.c delete mode 100644 src/lib/libcrypto/asn1/a_print.c delete mode 100644 src/lib/libcrypto/asn1/a_pubkey.c delete mode 100644 src/lib/libcrypto/asn1/a_strex.c delete mode 100644 src/lib/libcrypto/asn1/a_string.c delete mode 100644 src/lib/libcrypto/asn1/a_strnid.c delete mode 100644 src/lib/libcrypto/asn1/a_time.c delete mode 100644 src/lib/libcrypto/asn1/a_time_posix.c delete mode 100644 src/lib/libcrypto/asn1/a_time_tm.c delete mode 100644 src/lib/libcrypto/asn1/a_type.c delete mode 100644 src/lib/libcrypto/asn1/a_utf8.c delete mode 100644 src/lib/libcrypto/asn1/asn1.h delete mode 100644 src/lib/libcrypto/asn1/asn1_err.c delete mode 100644 src/lib/libcrypto/asn1/asn1_gen.c delete mode 100644 src/lib/libcrypto/asn1/asn1_item.c delete mode 100644 src/lib/libcrypto/asn1/asn1_lib.c delete mode 100644 src/lib/libcrypto/asn1/asn1_local.h delete mode 100644 src/lib/libcrypto/asn1/asn1_old.c delete mode 100644 src/lib/libcrypto/asn1/asn1_old_lib.c delete mode 100644 src/lib/libcrypto/asn1/asn1_par.c delete mode 100644 src/lib/libcrypto/asn1/asn1_types.c delete mode 100644 src/lib/libcrypto/asn1/asn1t.h delete mode 100644 src/lib/libcrypto/asn1/asn_mime.c delete mode 100644 src/lib/libcrypto/asn1/asn_moid.c delete mode 100644 src/lib/libcrypto/asn1/bio_asn1.c delete mode 100644 src/lib/libcrypto/asn1/bio_ndef.c delete mode 100644 src/lib/libcrypto/asn1/charmap.h delete mode 100644 src/lib/libcrypto/asn1/charmap.pl delete mode 100644 src/lib/libcrypto/asn1/p5_pbe.c delete mode 100644 src/lib/libcrypto/asn1/p5_pbev2.c delete mode 100644 src/lib/libcrypto/asn1/p8_pkey.c delete mode 100644 src/lib/libcrypto/asn1/posix_time.h delete mode 100644 src/lib/libcrypto/asn1/t_crl.c delete mode 100644 src/lib/libcrypto/asn1/t_req.c delete mode 100644 src/lib/libcrypto/asn1/t_spki.c delete mode 100644 src/lib/libcrypto/asn1/t_x509.c delete mode 100644 src/lib/libcrypto/asn1/t_x509a.c delete mode 100644 src/lib/libcrypto/asn1/tasn_dec.c delete mode 100644 src/lib/libcrypto/asn1/tasn_enc.c delete mode 100644 src/lib/libcrypto/asn1/tasn_fre.c delete mode 100644 src/lib/libcrypto/asn1/tasn_new.c delete mode 100644 src/lib/libcrypto/asn1/tasn_prn.c delete mode 100644 src/lib/libcrypto/asn1/tasn_typ.c delete mode 100644 src/lib/libcrypto/asn1/tasn_utl.c delete mode 100644 src/lib/libcrypto/asn1/x_algor.c delete mode 100644 src/lib/libcrypto/asn1/x_attrib.c delete mode 100644 src/lib/libcrypto/asn1/x_bignum.c delete mode 100644 src/lib/libcrypto/asn1/x_crl.c delete mode 100644 src/lib/libcrypto/asn1/x_exten.c delete mode 100644 src/lib/libcrypto/asn1/x_info.c delete mode 100644 src/lib/libcrypto/asn1/x_long.c delete mode 100644 src/lib/libcrypto/asn1/x_name.c delete mode 100644 src/lib/libcrypto/asn1/x_pkey.c delete mode 100644 src/lib/libcrypto/asn1/x_pubkey.c delete mode 100644 src/lib/libcrypto/asn1/x_req.c delete mode 100644 src/lib/libcrypto/asn1/x_sig.c delete mode 100644 src/lib/libcrypto/asn1/x_spki.c delete mode 100644 src/lib/libcrypto/asn1/x_val.c delete mode 100644 src/lib/libcrypto/asn1/x_x509.c delete mode 100644 src/lib/libcrypto/asn1/x_x509a.c delete mode 100644 src/lib/libcrypto/bf/bf_local.h delete mode 100644 src/lib/libcrypto/bf/blowfish.c delete mode 100644 src/lib/libcrypto/bf/blowfish.h delete mode 100644 src/lib/libcrypto/bio/b_dump.c delete mode 100644 src/lib/libcrypto/bio/b_posix.c delete mode 100644 src/lib/libcrypto/bio/b_print.c delete mode 100644 src/lib/libcrypto/bio/b_sock.c delete mode 100644 src/lib/libcrypto/bio/bf_buff.c delete mode 100644 src/lib/libcrypto/bio/bf_nbio.c delete mode 100644 src/lib/libcrypto/bio/bf_null.c delete mode 100644 src/lib/libcrypto/bio/bio.h delete mode 100644 src/lib/libcrypto/bio/bio_cb.c delete mode 100644 src/lib/libcrypto/bio/bio_err.c delete mode 100644 src/lib/libcrypto/bio/bio_lib.c delete mode 100644 src/lib/libcrypto/bio/bio_local.h delete mode 100644 src/lib/libcrypto/bio/bio_meth.c delete mode 100644 src/lib/libcrypto/bio/bss_acpt.c delete mode 100644 src/lib/libcrypto/bio/bss_bio.c delete mode 100644 src/lib/libcrypto/bio/bss_conn.c delete mode 100644 src/lib/libcrypto/bio/bss_dgram.c delete mode 100644 src/lib/libcrypto/bio/bss_fd.c delete mode 100644 src/lib/libcrypto/bio/bss_file.c delete mode 100644 src/lib/libcrypto/bio/bss_log.c delete mode 100644 src/lib/libcrypto/bio/bss_mem.c delete mode 100644 src/lib/libcrypto/bio/bss_null.c delete mode 100644 src/lib/libcrypto/bio/bss_sock.c delete mode 100644 src/lib/libcrypto/bn/arch/aarch64/bn_arch.h delete mode 100644 src/lib/libcrypto/bn/arch/alpha/bn_arch.h delete mode 100644 src/lib/libcrypto/bn/arch/amd64/bignum_add.S delete mode 100644 src/lib/libcrypto/bn/arch/amd64/bignum_cmadd.S delete mode 100644 src/lib/libcrypto/bn/arch/amd64/bignum_cmul.S delete mode 100644 src/lib/libcrypto/bn/arch/amd64/bignum_mul.S delete mode 100644 src/lib/libcrypto/bn/arch/amd64/bignum_mul_4_8_alt.S delete mode 100644 src/lib/libcrypto/bn/arch/amd64/bignum_mul_8_16_alt.S delete mode 100644 src/lib/libcrypto/bn/arch/amd64/bignum_sqr.S delete mode 100644 src/lib/libcrypto/bn/arch/amd64/bignum_sqr_4_8_alt.S delete mode 100644 src/lib/libcrypto/bn/arch/amd64/bignum_sqr_8_16_alt.S delete mode 100644 src/lib/libcrypto/bn/arch/amd64/bignum_sub.S delete mode 100644 src/lib/libcrypto/bn/arch/amd64/bn_arch.c delete mode 100644 src/lib/libcrypto/bn/arch/amd64/bn_arch.h delete mode 100644 src/lib/libcrypto/bn/arch/amd64/word_clz.S delete mode 100644 src/lib/libcrypto/bn/arch/arm/bn_arch.h delete mode 100644 src/lib/libcrypto/bn/arch/hppa/bn_arch.h delete mode 100644 src/lib/libcrypto/bn/arch/i386/bn_arch.h delete mode 100644 src/lib/libcrypto/bn/arch/m88k/bn_arch.h delete mode 100644 src/lib/libcrypto/bn/arch/mips64/bn_arch.h delete mode 100644 src/lib/libcrypto/bn/arch/powerpc/bn_arch.h delete mode 100644 src/lib/libcrypto/bn/arch/powerpc64/bn_arch.h delete mode 100644 src/lib/libcrypto/bn/arch/riscv64/bn_arch.h delete mode 100644 src/lib/libcrypto/bn/arch/sh/bn_arch.h delete mode 100644 src/lib/libcrypto/bn/arch/sparc64/bn_arch.h delete mode 100644 src/lib/libcrypto/bn/asm/alpha-mont.pl delete mode 100644 src/lib/libcrypto/bn/asm/armv4-mont.pl delete mode 100644 src/lib/libcrypto/bn/asm/bn-586.pl delete mode 100644 src/lib/libcrypto/bn/asm/co-586.pl delete mode 100644 src/lib/libcrypto/bn/asm/mips-mont.pl delete mode 100644 src/lib/libcrypto/bn/asm/mips.pl delete mode 100644 src/lib/libcrypto/bn/asm/modexp512-x86_64.pl delete mode 100644 src/lib/libcrypto/bn/asm/parisc-mont.pl delete mode 100644 src/lib/libcrypto/bn/asm/ppc-mont.pl delete mode 100644 src/lib/libcrypto/bn/asm/ppc.pl delete mode 100755 src/lib/libcrypto/bn/asm/x86-mont.pl delete mode 100755 src/lib/libcrypto/bn/asm/x86_64-mont.pl delete mode 100755 src/lib/libcrypto/bn/asm/x86_64-mont5.pl delete mode 100644 src/lib/libcrypto/bn/bn.h delete mode 100644 src/lib/libcrypto/bn/bn_add.c delete mode 100644 src/lib/libcrypto/bn/bn_bpsw.c delete mode 100644 src/lib/libcrypto/bn/bn_const.c delete mode 100644 src/lib/libcrypto/bn/bn_convert.c delete mode 100644 src/lib/libcrypto/bn/bn_ctx.c delete mode 100644 src/lib/libcrypto/bn/bn_div.c delete mode 100644 src/lib/libcrypto/bn/bn_err.c delete mode 100644 src/lib/libcrypto/bn/bn_exp.c delete mode 100644 src/lib/libcrypto/bn/bn_gcd.c delete mode 100644 src/lib/libcrypto/bn/bn_internal.h delete mode 100644 src/lib/libcrypto/bn/bn_isqrt.c delete mode 100644 src/lib/libcrypto/bn/bn_kron.c delete mode 100644 src/lib/libcrypto/bn/bn_lib.c delete mode 100644 src/lib/libcrypto/bn/bn_local.h delete mode 100644 src/lib/libcrypto/bn/bn_mod.c delete mode 100644 src/lib/libcrypto/bn/bn_mod_sqrt.c delete mode 100644 src/lib/libcrypto/bn/bn_mont.c delete mode 100644 src/lib/libcrypto/bn/bn_mul.c delete mode 100644 src/lib/libcrypto/bn/bn_prime.c delete mode 100644 src/lib/libcrypto/bn/bn_prime.h delete mode 100644 src/lib/libcrypto/bn/bn_prime.pl delete mode 100644 src/lib/libcrypto/bn/bn_primitives.c delete mode 100644 src/lib/libcrypto/bn/bn_print.c delete mode 100644 src/lib/libcrypto/bn/bn_rand.c delete mode 100644 src/lib/libcrypto/bn/bn_recp.c delete mode 100644 src/lib/libcrypto/bn/bn_shift.c delete mode 100644 src/lib/libcrypto/bn/bn_small_primes.c delete mode 100644 src/lib/libcrypto/bn/bn_sqr.c delete mode 100644 src/lib/libcrypto/bn/bn_word.c delete mode 100644 src/lib/libcrypto/bn/s2n_bignum.h delete mode 100644 src/lib/libcrypto/bn/s2n_bignum_internal.h delete mode 100644 src/lib/libcrypto/buffer/buf_err.c delete mode 100644 src/lib/libcrypto/buffer/buffer.c delete mode 100644 src/lib/libcrypto/buffer/buffer.h delete mode 100644 src/lib/libcrypto/bytestring/bs_ber.c delete mode 100644 src/lib/libcrypto/bytestring/bs_cbb.c delete mode 100644 src/lib/libcrypto/bytestring/bs_cbs.c delete mode 100644 src/lib/libcrypto/bytestring/bytestring.h delete mode 100644 src/lib/libcrypto/camellia/camellia.c delete mode 100644 src/lib/libcrypto/camellia/camellia.h delete mode 100644 src/lib/libcrypto/cast/cast.c delete mode 100644 src/lib/libcrypto/cast/cast.h delete mode 100644 src/lib/libcrypto/cast/cast_local.h delete mode 100644 src/lib/libcrypto/cert.pem delete mode 100644 src/lib/libcrypto/chacha/chacha-merged.c delete mode 100644 src/lib/libcrypto/chacha/chacha.c delete mode 100644 src/lib/libcrypto/chacha/chacha.h delete mode 100644 src/lib/libcrypto/cmac/cm_ameth.c delete mode 100644 src/lib/libcrypto/cmac/cm_pmeth.c delete mode 100644 src/lib/libcrypto/cmac/cmac.c delete mode 100644 src/lib/libcrypto/cmac/cmac.h delete mode 100644 src/lib/libcrypto/cms/cms.h delete mode 100644 src/lib/libcrypto/cms/cms_asn1.c delete mode 100644 src/lib/libcrypto/cms/cms_att.c delete mode 100644 src/lib/libcrypto/cms/cms_dd.c delete mode 100644 src/lib/libcrypto/cms/cms_enc.c delete mode 100644 src/lib/libcrypto/cms/cms_env.c delete mode 100644 src/lib/libcrypto/cms/cms_err.c delete mode 100644 src/lib/libcrypto/cms/cms_ess.c delete mode 100644 src/lib/libcrypto/cms/cms_io.c delete mode 100644 src/lib/libcrypto/cms/cms_kari.c delete mode 100644 src/lib/libcrypto/cms/cms_lib.c delete mode 100644 src/lib/libcrypto/cms/cms_local.h delete mode 100644 src/lib/libcrypto/cms/cms_pwri.c delete mode 100644 src/lib/libcrypto/cms/cms_sd.c delete mode 100644 src/lib/libcrypto/cms/cms_smime.c delete mode 100644 src/lib/libcrypto/comp/comp.h delete mode 100644 src/lib/libcrypto/conf/README delete mode 100644 src/lib/libcrypto/conf/conf.h delete mode 100644 src/lib/libcrypto/conf/conf_api.c delete mode 100644 src/lib/libcrypto/conf/conf_def.c delete mode 100644 src/lib/libcrypto/conf/conf_def.h delete mode 100644 src/lib/libcrypto/conf/conf_err.c delete mode 100644 src/lib/libcrypto/conf/conf_lib.c delete mode 100644 src/lib/libcrypto/conf/conf_local.h delete mode 100644 src/lib/libcrypto/conf/conf_mod.c delete mode 100644 src/lib/libcrypto/conf/conf_sap.c delete mode 100644 src/lib/libcrypto/conf/keysets.pl delete mode 100644 src/lib/libcrypto/conf/ssleay.cnf delete mode 100644 src/lib/libcrypto/constant_time.h delete mode 100644 src/lib/libcrypto/crypto.h delete mode 100644 src/lib/libcrypto/crypto_err.c delete mode 100644 src/lib/libcrypto/crypto_ex_data.c delete mode 100644 src/lib/libcrypto/crypto_init.c delete mode 100644 src/lib/libcrypto/crypto_internal.h delete mode 100644 src/lib/libcrypto/crypto_legacy.c delete mode 100644 src/lib/libcrypto/crypto_local.h delete mode 100644 src/lib/libcrypto/crypto_lock.c delete mode 100644 src/lib/libcrypto/crypto_memory.c delete mode 100644 src/lib/libcrypto/ct/ct.h delete mode 100644 src/lib/libcrypto/ct/ct_b64.c delete mode 100644 src/lib/libcrypto/ct/ct_err.c delete mode 100644 src/lib/libcrypto/ct/ct_local.h delete mode 100644 src/lib/libcrypto/ct/ct_log.c delete mode 100644 src/lib/libcrypto/ct/ct_oct.c delete mode 100644 src/lib/libcrypto/ct/ct_policy.c delete mode 100644 src/lib/libcrypto/ct/ct_prn.c delete mode 100644 src/lib/libcrypto/ct/ct_sct.c delete mode 100644 src/lib/libcrypto/ct/ct_sct_ctx.c delete mode 100644 src/lib/libcrypto/ct/ct_vfy.c delete mode 100644 src/lib/libcrypto/ct/ct_x509v3.c delete mode 100644 src/lib/libcrypto/curve25519/curve25519-generic.c delete mode 100644 src/lib/libcrypto/curve25519/curve25519.c delete mode 100644 src/lib/libcrypto/curve25519/curve25519.h delete mode 100644 src/lib/libcrypto/curve25519/curve25519_internal.h delete mode 100644 src/lib/libcrypto/des/des.c delete mode 100644 src/lib/libcrypto/des/des.h delete mode 100644 src/lib/libcrypto/des/des_cksum.c delete mode 100644 src/lib/libcrypto/des/des_enc.c delete mode 100644 src/lib/libcrypto/des/des_fcrypt.c delete mode 100644 src/lib/libcrypto/des/des_key.c delete mode 100644 src/lib/libcrypto/des/des_local.h delete mode 100644 src/lib/libcrypto/dh/dh.h delete mode 100644 src/lib/libcrypto/dh/dh_ameth.c delete mode 100644 src/lib/libcrypto/dh/dh_asn1.c delete mode 100644 src/lib/libcrypto/dh/dh_check.c delete mode 100644 src/lib/libcrypto/dh/dh_err.c delete mode 100644 src/lib/libcrypto/dh/dh_gen.c delete mode 100644 src/lib/libcrypto/dh/dh_key.c delete mode 100644 src/lib/libcrypto/dh/dh_lib.c delete mode 100644 src/lib/libcrypto/dh/dh_local.h delete mode 100644 src/lib/libcrypto/dh/dh_pmeth.c delete mode 100644 src/lib/libcrypto/dsa/dsa.h delete mode 100644 src/lib/libcrypto/dsa/dsa_ameth.c delete mode 100644 src/lib/libcrypto/dsa/dsa_asn1.c delete mode 100644 src/lib/libcrypto/dsa/dsa_err.c delete mode 100644 src/lib/libcrypto/dsa/dsa_gen.c delete mode 100644 src/lib/libcrypto/dsa/dsa_key.c delete mode 100644 src/lib/libcrypto/dsa/dsa_lib.c delete mode 100644 src/lib/libcrypto/dsa/dsa_local.h delete mode 100644 src/lib/libcrypto/dsa/dsa_meth.c delete mode 100644 src/lib/libcrypto/dsa/dsa_ossl.c delete mode 100644 src/lib/libcrypto/dsa/dsa_pmeth.c delete mode 100644 src/lib/libcrypto/dsa/dsa_prn.c delete mode 100644 src/lib/libcrypto/ec/ec.h delete mode 100644 src/lib/libcrypto/ec/ec_ameth.c delete mode 100644 src/lib/libcrypto/ec/ec_asn1.c delete mode 100644 src/lib/libcrypto/ec/ec_convert.c delete mode 100644 src/lib/libcrypto/ec/ec_curve.c delete mode 100644 src/lib/libcrypto/ec/ec_err.c delete mode 100644 src/lib/libcrypto/ec/ec_key.c delete mode 100644 src/lib/libcrypto/ec/ec_lib.c delete mode 100644 src/lib/libcrypto/ec/ec_local.h delete mode 100644 src/lib/libcrypto/ec/ec_mult.c delete mode 100644 src/lib/libcrypto/ec/ec_pmeth.c delete mode 100644 src/lib/libcrypto/ec/eck_prn.c delete mode 100644 src/lib/libcrypto/ec/ecp_methods.c delete mode 100644 src/lib/libcrypto/ec/ecx_methods.c delete mode 100644 src/lib/libcrypto/ecdh/ecdh.c delete mode 100644 src/lib/libcrypto/ecdh/ecdh.h delete mode 100644 src/lib/libcrypto/ecdsa/ecdsa.c delete mode 100644 src/lib/libcrypto/ecdsa/ecdsa.h delete mode 100644 src/lib/libcrypto/ecdsa/ecdsa_local.h delete mode 100644 src/lib/libcrypto/engine/engine.h delete mode 100644 src/lib/libcrypto/engine/engine_stubs.c delete mode 100644 src/lib/libcrypto/err/err.c delete mode 100644 src/lib/libcrypto/err/err.h delete mode 100644 src/lib/libcrypto/err/err_all.c delete mode 100644 src/lib/libcrypto/err/err_local.h delete mode 100644 src/lib/libcrypto/err/err_prn.c delete mode 100644 src/lib/libcrypto/evp/bio_b64.c delete mode 100644 src/lib/libcrypto/evp/bio_enc.c delete mode 100644 src/lib/libcrypto/evp/bio_md.c delete mode 100644 src/lib/libcrypto/evp/e_aes.c delete mode 100644 src/lib/libcrypto/evp/e_bf.c delete mode 100644 src/lib/libcrypto/evp/e_camellia.c delete mode 100644 src/lib/libcrypto/evp/e_cast.c delete mode 100644 src/lib/libcrypto/evp/e_chacha.c delete mode 100644 src/lib/libcrypto/evp/e_chacha20poly1305.c delete mode 100644 src/lib/libcrypto/evp/e_des.c delete mode 100644 src/lib/libcrypto/evp/e_des3.c delete mode 100644 src/lib/libcrypto/evp/e_idea.c delete mode 100644 src/lib/libcrypto/evp/e_null.c delete mode 100644 src/lib/libcrypto/evp/e_rc2.c delete mode 100644 src/lib/libcrypto/evp/e_rc4.c delete mode 100644 src/lib/libcrypto/evp/e_sm4.c delete mode 100644 src/lib/libcrypto/evp/e_xcbc_d.c delete mode 100644 src/lib/libcrypto/evp/evp.h delete mode 100644 src/lib/libcrypto/evp/evp_aead.c delete mode 100644 src/lib/libcrypto/evp/evp_cipher.c delete mode 100644 src/lib/libcrypto/evp/evp_digest.c delete mode 100644 src/lib/libcrypto/evp/evp_encode.c delete mode 100644 src/lib/libcrypto/evp/evp_err.c delete mode 100644 src/lib/libcrypto/evp/evp_key.c delete mode 100644 src/lib/libcrypto/evp/evp_local.h delete mode 100644 src/lib/libcrypto/evp/evp_names.c delete mode 100644 src/lib/libcrypto/evp/evp_pbe.c delete mode 100644 src/lib/libcrypto/evp/evp_pkey.c delete mode 100644 src/lib/libcrypto/evp/m_md4.c delete mode 100644 src/lib/libcrypto/evp/m_md5.c delete mode 100644 src/lib/libcrypto/evp/m_md5_sha1.c delete mode 100644 src/lib/libcrypto/evp/m_null.c delete mode 100644 src/lib/libcrypto/evp/m_ripemd.c delete mode 100644 src/lib/libcrypto/evp/m_sha1.c delete mode 100644 src/lib/libcrypto/evp/m_sha3.c delete mode 100644 src/lib/libcrypto/evp/m_sigver.c delete mode 100644 src/lib/libcrypto/evp/m_sm3.c delete mode 100644 src/lib/libcrypto/evp/p_legacy.c delete mode 100644 src/lib/libcrypto/evp/p_lib.c delete mode 100644 src/lib/libcrypto/evp/p_sign.c delete mode 100644 src/lib/libcrypto/evp/p_verify.c delete mode 100644 src/lib/libcrypto/evp/pmeth_fn.c delete mode 100644 src/lib/libcrypto/evp/pmeth_gn.c delete mode 100644 src/lib/libcrypto/evp/pmeth_lib.c delete mode 100644 src/lib/libcrypto/format-pem.pl delete mode 100644 src/lib/libcrypto/generate_pkgconfig.sh delete mode 100644 src/lib/libcrypto/hidden/README delete mode 100644 src/lib/libcrypto/hidden/crypto_namespace.h delete mode 100644 src/lib/libcrypto/hidden/openssl/aes.h delete mode 100644 src/lib/libcrypto/hidden/openssl/asn1.h delete mode 100644 src/lib/libcrypto/hidden/openssl/asn1t.h delete mode 100644 src/lib/libcrypto/hidden/openssl/bio.h delete mode 100644 src/lib/libcrypto/hidden/openssl/blowfish.h delete mode 100644 src/lib/libcrypto/hidden/openssl/bn.h delete mode 100644 src/lib/libcrypto/hidden/openssl/buffer.h delete mode 100644 src/lib/libcrypto/hidden/openssl/camellia.h delete mode 100644 src/lib/libcrypto/hidden/openssl/cast.h delete mode 100644 src/lib/libcrypto/hidden/openssl/chacha.h delete mode 100644 src/lib/libcrypto/hidden/openssl/cmac.h delete mode 100644 src/lib/libcrypto/hidden/openssl/cms.h delete mode 100644 src/lib/libcrypto/hidden/openssl/conf.h delete mode 100644 src/lib/libcrypto/hidden/openssl/crypto.h delete mode 100644 src/lib/libcrypto/hidden/openssl/ct.h delete mode 100644 src/lib/libcrypto/hidden/openssl/curve25519.h delete mode 100644 src/lib/libcrypto/hidden/openssl/des.h delete mode 100644 src/lib/libcrypto/hidden/openssl/dh.h delete mode 100644 src/lib/libcrypto/hidden/openssl/dsa.h delete mode 100644 src/lib/libcrypto/hidden/openssl/ec.h delete mode 100644 src/lib/libcrypto/hidden/openssl/engine.h delete mode 100644 src/lib/libcrypto/hidden/openssl/err.h delete mode 100644 src/lib/libcrypto/hidden/openssl/evp.h delete mode 100644 src/lib/libcrypto/hidden/openssl/hkdf.h delete mode 100644 src/lib/libcrypto/hidden/openssl/hmac.h delete mode 100644 src/lib/libcrypto/hidden/openssl/idea.h delete mode 100644 src/lib/libcrypto/hidden/openssl/lhash.h delete mode 100644 src/lib/libcrypto/hidden/openssl/md4.h delete mode 100644 src/lib/libcrypto/hidden/openssl/md5.h delete mode 100644 src/lib/libcrypto/hidden/openssl/mlkem.h delete mode 100644 src/lib/libcrypto/hidden/openssl/modes.h delete mode 100644 src/lib/libcrypto/hidden/openssl/objects.h delete mode 100644 src/lib/libcrypto/hidden/openssl/ocsp.h delete mode 100644 src/lib/libcrypto/hidden/openssl/pem.h delete mode 100644 src/lib/libcrypto/hidden/openssl/pkcs12.h delete mode 100644 src/lib/libcrypto/hidden/openssl/pkcs7.h delete mode 100644 src/lib/libcrypto/hidden/openssl/poly1305.h delete mode 100644 src/lib/libcrypto/hidden/openssl/posix_time.h delete mode 100644 src/lib/libcrypto/hidden/openssl/rand.h delete mode 100644 src/lib/libcrypto/hidden/openssl/rc2.h delete mode 100644 src/lib/libcrypto/hidden/openssl/rc4.h delete mode 100644 src/lib/libcrypto/hidden/openssl/ripemd.h delete mode 100644 src/lib/libcrypto/hidden/openssl/rsa.h delete mode 100644 src/lib/libcrypto/hidden/openssl/sha.h delete mode 100644 src/lib/libcrypto/hidden/openssl/sm3.h delete mode 100644 src/lib/libcrypto/hidden/openssl/sm4.h delete mode 100644 src/lib/libcrypto/hidden/openssl/stack.h delete mode 100644 src/lib/libcrypto/hidden/openssl/ts.h delete mode 100644 src/lib/libcrypto/hidden/openssl/txt_db.h delete mode 100644 src/lib/libcrypto/hidden/openssl/ui.h delete mode 100644 src/lib/libcrypto/hidden/openssl/x509.h delete mode 100644 src/lib/libcrypto/hidden/openssl/x509_vfy.h delete mode 100644 src/lib/libcrypto/hidden/openssl/x509v3.h delete mode 100644 src/lib/libcrypto/hkdf/hkdf.c delete mode 100644 src/lib/libcrypto/hkdf/hkdf.h delete mode 100644 src/lib/libcrypto/hmac/hm_ameth.c delete mode 100644 src/lib/libcrypto/hmac/hm_pmeth.c delete mode 100644 src/lib/libcrypto/hmac/hmac.c delete mode 100644 src/lib/libcrypto/hmac/hmac.h delete mode 100644 src/lib/libcrypto/hmac/hmac_local.h delete mode 100644 src/lib/libcrypto/idea/idea.c delete mode 100644 src/lib/libcrypto/idea/idea.h delete mode 100644 src/lib/libcrypto/idea/idea_local.h delete mode 100644 src/lib/libcrypto/kdf/hkdf_evp.c delete mode 100644 src/lib/libcrypto/kdf/kdf.h delete mode 100644 src/lib/libcrypto/kdf/kdf_err.c delete mode 100644 src/lib/libcrypto/kdf/tls1_prf.c delete mode 100644 src/lib/libcrypto/lhash/lhash.c delete mode 100644 src/lib/libcrypto/lhash/lhash.h delete mode 100644 src/lib/libcrypto/man/ACCESS_DESCRIPTION_new.3 delete mode 100644 src/lib/libcrypto/man/AES_encrypt.3 delete mode 100644 src/lib/libcrypto/man/ASIdentifiers_new.3 delete mode 100644 src/lib/libcrypto/man/ASN1_BIT_STRING_set.3 delete mode 100644 src/lib/libcrypto/man/ASN1_INTEGER_get.3 delete mode 100644 src/lib/libcrypto/man/ASN1_NULL_new.3 delete mode 100644 src/lib/libcrypto/man/ASN1_OBJECT_new.3 delete mode 100644 src/lib/libcrypto/man/ASN1_PRINTABLE_type.3 delete mode 100644 src/lib/libcrypto/man/ASN1_STRING_TABLE_get.3 delete mode 100644 src/lib/libcrypto/man/ASN1_STRING_length.3 delete mode 100644 src/lib/libcrypto/man/ASN1_STRING_new.3 delete mode 100644 src/lib/libcrypto/man/ASN1_STRING_print_ex.3 delete mode 100644 src/lib/libcrypto/man/ASN1_TIME_set.3 delete mode 100644 src/lib/libcrypto/man/ASN1_TYPE_get.3 delete mode 100644 src/lib/libcrypto/man/ASN1_UNIVERSALSTRING_to_string.3 delete mode 100644 src/lib/libcrypto/man/ASN1_generate_nconf.3 delete mode 100644 src/lib/libcrypto/man/ASN1_get_object.3 delete mode 100644 src/lib/libcrypto/man/ASN1_item_d2i.3 delete mode 100644 src/lib/libcrypto/man/ASN1_item_digest.3 delete mode 100644 src/lib/libcrypto/man/ASN1_item_new.3 delete mode 100644 src/lib/libcrypto/man/ASN1_item_pack.3 delete mode 100644 src/lib/libcrypto/man/ASN1_item_sign.3 delete mode 100644 src/lib/libcrypto/man/ASN1_item_verify.3 delete mode 100644 src/lib/libcrypto/man/ASN1_mbstring_copy.3 delete mode 100644 src/lib/libcrypto/man/ASN1_parse_dump.3 delete mode 100644 src/lib/libcrypto/man/ASN1_put_object.3 delete mode 100644 src/lib/libcrypto/man/ASRange_new.3 delete mode 100644 src/lib/libcrypto/man/AUTHORITY_KEYID_new.3 delete mode 100644 src/lib/libcrypto/man/BASIC_CONSTRAINTS_new.3 delete mode 100644 src/lib/libcrypto/man/BF_set_key.3 delete mode 100644 src/lib/libcrypto/man/BIO_accept.3 delete mode 100644 src/lib/libcrypto/man/BIO_ctrl.3 delete mode 100644 src/lib/libcrypto/man/BIO_dump.3 delete mode 100644 src/lib/libcrypto/man/BIO_dup_chain.3 delete mode 100644 src/lib/libcrypto/man/BIO_f_base64.3 delete mode 100644 src/lib/libcrypto/man/BIO_f_buffer.3 delete mode 100644 src/lib/libcrypto/man/BIO_f_cipher.3 delete mode 100644 src/lib/libcrypto/man/BIO_f_md.3 delete mode 100644 src/lib/libcrypto/man/BIO_f_null.3 delete mode 100644 src/lib/libcrypto/man/BIO_find_type.3 delete mode 100644 src/lib/libcrypto/man/BIO_get_data.3 delete mode 100644 src/lib/libcrypto/man/BIO_get_ex_new_index.3 delete mode 100644 src/lib/libcrypto/man/BIO_meth_new.3 delete mode 100644 src/lib/libcrypto/man/BIO_new.3 delete mode 100644 src/lib/libcrypto/man/BIO_new_CMS.3 delete mode 100644 src/lib/libcrypto/man/BIO_printf.3 delete mode 100644 src/lib/libcrypto/man/BIO_push.3 delete mode 100644 src/lib/libcrypto/man/BIO_read.3 delete mode 100644 src/lib/libcrypto/man/BIO_s_accept.3 delete mode 100644 src/lib/libcrypto/man/BIO_s_bio.3 delete mode 100644 src/lib/libcrypto/man/BIO_s_connect.3 delete mode 100644 src/lib/libcrypto/man/BIO_s_datagram.3 delete mode 100644 src/lib/libcrypto/man/BIO_s_fd.3 delete mode 100644 src/lib/libcrypto/man/BIO_s_file.3 delete mode 100644 src/lib/libcrypto/man/BIO_s_mem.3 delete mode 100644 src/lib/libcrypto/man/BIO_s_null.3 delete mode 100644 src/lib/libcrypto/man/BIO_s_socket.3 delete mode 100644 src/lib/libcrypto/man/BIO_set_callback.3 delete mode 100644 src/lib/libcrypto/man/BIO_should_retry.3 delete mode 100644 src/lib/libcrypto/man/BN_CTX_new.3 delete mode 100644 src/lib/libcrypto/man/BN_CTX_start.3 delete mode 100644 src/lib/libcrypto/man/BN_add.3 delete mode 100644 src/lib/libcrypto/man/BN_add_word.3 delete mode 100644 src/lib/libcrypto/man/BN_bn2bin.3 delete mode 100644 src/lib/libcrypto/man/BN_cmp.3 delete mode 100644 src/lib/libcrypto/man/BN_copy.3 delete mode 100644 src/lib/libcrypto/man/BN_generate_prime.3 delete mode 100644 src/lib/libcrypto/man/BN_get_rfc3526_prime_8192.3 delete mode 100644 src/lib/libcrypto/man/BN_kronecker.3 delete mode 100644 src/lib/libcrypto/man/BN_mod_inverse.3 delete mode 100644 src/lib/libcrypto/man/BN_mod_mul_montgomery.3 delete mode 100644 src/lib/libcrypto/man/BN_mod_sqrt.3 delete mode 100644 src/lib/libcrypto/man/BN_new.3 delete mode 100644 src/lib/libcrypto/man/BN_num_bytes.3 delete mode 100644 src/lib/libcrypto/man/BN_rand.3 delete mode 100644 src/lib/libcrypto/man/BN_set_bit.3 delete mode 100644 src/lib/libcrypto/man/BN_set_flags.3 delete mode 100644 src/lib/libcrypto/man/BN_set_negative.3 delete mode 100644 src/lib/libcrypto/man/BN_swap.3 delete mode 100644 src/lib/libcrypto/man/BN_zero.3 delete mode 100644 src/lib/libcrypto/man/BUF_MEM_new.3 delete mode 100644 src/lib/libcrypto/man/CMAC_Init.3 delete mode 100644 src/lib/libcrypto/man/CMS_ContentInfo_new.3 delete mode 100644 src/lib/libcrypto/man/CMS_add0_cert.3 delete mode 100644 src/lib/libcrypto/man/CMS_add1_recipient_cert.3 delete mode 100644 src/lib/libcrypto/man/CMS_add1_signer.3 delete mode 100644 src/lib/libcrypto/man/CMS_compress.3 delete mode 100644 src/lib/libcrypto/man/CMS_decrypt.3 delete mode 100644 src/lib/libcrypto/man/CMS_encrypt.3 delete mode 100644 src/lib/libcrypto/man/CMS_final.3 delete mode 100644 src/lib/libcrypto/man/CMS_get0_RecipientInfos.3 delete mode 100644 src/lib/libcrypto/man/CMS_get0_SignerInfos.3 delete mode 100644 src/lib/libcrypto/man/CMS_get0_type.3 delete mode 100644 src/lib/libcrypto/man/CMS_get1_ReceiptRequest.3 delete mode 100644 src/lib/libcrypto/man/CMS_sign.3 delete mode 100644 src/lib/libcrypto/man/CMS_sign_receipt.3 delete mode 100644 src/lib/libcrypto/man/CMS_signed_add1_attr.3 delete mode 100644 src/lib/libcrypto/man/CMS_uncompress.3 delete mode 100644 src/lib/libcrypto/man/CMS_verify.3 delete mode 100644 src/lib/libcrypto/man/CMS_verify_receipt.3 delete mode 100644 src/lib/libcrypto/man/CONF_modules_free.3 delete mode 100644 src/lib/libcrypto/man/CONF_modules_load_file.3 delete mode 100644 src/lib/libcrypto/man/CRYPTO_lock.3 delete mode 100644 src/lib/libcrypto/man/CRYPTO_memcmp.3 delete mode 100644 src/lib/libcrypto/man/CRYPTO_set_ex_data.3 delete mode 100644 src/lib/libcrypto/man/CRYPTO_set_mem_functions.3 delete mode 100644 src/lib/libcrypto/man/ChaCha.3 delete mode 100644 src/lib/libcrypto/man/DES_set_key.3 delete mode 100644 src/lib/libcrypto/man/DH_generate_key.3 delete mode 100644 src/lib/libcrypto/man/DH_generate_parameters.3 delete mode 100644 src/lib/libcrypto/man/DH_get0_pqg.3 delete mode 100644 src/lib/libcrypto/man/DH_get_ex_new_index.3 delete mode 100644 src/lib/libcrypto/man/DH_new.3 delete mode 100644 src/lib/libcrypto/man/DH_set_method.3 delete mode 100644 src/lib/libcrypto/man/DH_size.3 delete mode 100644 src/lib/libcrypto/man/DIST_POINT_new.3 delete mode 100644 src/lib/libcrypto/man/DSA_SIG_new.3 delete mode 100644 src/lib/libcrypto/man/DSA_do_sign.3 delete mode 100644 src/lib/libcrypto/man/DSA_dup_DH.3 delete mode 100644 src/lib/libcrypto/man/DSA_generate_key.3 delete mode 100644 src/lib/libcrypto/man/DSA_generate_parameters_ex.3 delete mode 100644 src/lib/libcrypto/man/DSA_get0_pqg.3 delete mode 100644 src/lib/libcrypto/man/DSA_get_ex_new_index.3 delete mode 100644 src/lib/libcrypto/man/DSA_meth_new.3 delete mode 100644 src/lib/libcrypto/man/DSA_new.3 delete mode 100644 src/lib/libcrypto/man/DSA_set_method.3 delete mode 100644 src/lib/libcrypto/man/DSA_sign.3 delete mode 100644 src/lib/libcrypto/man/DSA_size.3 delete mode 100644 src/lib/libcrypto/man/ECDH_compute_key.3 delete mode 100644 src/lib/libcrypto/man/ECDSA_SIG_new.3 delete mode 100644 src/lib/libcrypto/man/EC_GROUP_copy.3 delete mode 100644 src/lib/libcrypto/man/EC_GROUP_new.3 delete mode 100644 src/lib/libcrypto/man/EC_KEY_METHOD_new.3 delete mode 100644 src/lib/libcrypto/man/EC_KEY_new.3 delete mode 100644 src/lib/libcrypto/man/EC_POINT_add.3 delete mode 100644 src/lib/libcrypto/man/EC_POINT_new.3 delete mode 100644 src/lib/libcrypto/man/ENGINE_new.3 delete mode 100644 src/lib/libcrypto/man/ERR.3 delete mode 100644 src/lib/libcrypto/man/ERR_GET_LIB.3 delete mode 100644 src/lib/libcrypto/man/ERR_asprintf_error_data.3 delete mode 100644 src/lib/libcrypto/man/ERR_clear_error.3 delete mode 100644 src/lib/libcrypto/man/ERR_error_string.3 delete mode 100644 src/lib/libcrypto/man/ERR_get_error.3 delete mode 100644 src/lib/libcrypto/man/ERR_load_crypto_strings.3 delete mode 100644 src/lib/libcrypto/man/ERR_load_strings.3 delete mode 100644 src/lib/libcrypto/man/ERR_print_errors.3 delete mode 100644 src/lib/libcrypto/man/ERR_put_error.3 delete mode 100644 src/lib/libcrypto/man/ERR_remove_state.3 delete mode 100644 src/lib/libcrypto/man/ERR_set_mark.3 delete mode 100644 src/lib/libcrypto/man/ESS_SIGNING_CERT_new.3 delete mode 100644 src/lib/libcrypto/man/EVP_AEAD_CTX_init.3 delete mode 100644 src/lib/libcrypto/man/EVP_BytesToKey.3 delete mode 100644 src/lib/libcrypto/man/EVP_CIPHER_CTX_ctrl.3 delete mode 100644 src/lib/libcrypto/man/EVP_CIPHER_CTX_get_cipher_data.3 delete mode 100644 src/lib/libcrypto/man/EVP_CIPHER_CTX_init.3 delete mode 100644 src/lib/libcrypto/man/EVP_CIPHER_CTX_set_flags.3 delete mode 100644 src/lib/libcrypto/man/EVP_CIPHER_do_all.3 delete mode 100644 src/lib/libcrypto/man/EVP_CIPHER_meth_new.3 delete mode 100644 src/lib/libcrypto/man/EVP_CIPHER_nid.3 delete mode 100644 src/lib/libcrypto/man/EVP_DigestInit.3 delete mode 100644 src/lib/libcrypto/man/EVP_DigestSignInit.3 delete mode 100644 src/lib/libcrypto/man/EVP_DigestVerifyInit.3 delete mode 100644 src/lib/libcrypto/man/EVP_EncodeInit.3 delete mode 100644 src/lib/libcrypto/man/EVP_EncryptInit.3 delete mode 100644 src/lib/libcrypto/man/EVP_MD_CTX_ctrl.3 delete mode 100644 src/lib/libcrypto/man/EVP_MD_nid.3 delete mode 100644 src/lib/libcrypto/man/EVP_OpenInit.3 delete mode 100644 src/lib/libcrypto/man/EVP_PKCS82PKEY.3 delete mode 100644 src/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3 delete mode 100644 src/lib/libcrypto/man/EVP_PKEY_CTX_get_operation.3 delete mode 100644 src/lib/libcrypto/man/EVP_PKEY_CTX_new.3 delete mode 100644 src/lib/libcrypto/man/EVP_PKEY_CTX_set_hkdf_md.3 delete mode 100644 src/lib/libcrypto/man/EVP_PKEY_CTX_set_tls1_prf_md.3 delete mode 100644 src/lib/libcrypto/man/EVP_PKEY_asn1_get_count.3 delete mode 100644 src/lib/libcrypto/man/EVP_PKEY_cmp.3 delete mode 100644 src/lib/libcrypto/man/EVP_PKEY_decrypt.3 delete mode 100644 src/lib/libcrypto/man/EVP_PKEY_derive.3 delete mode 100644 src/lib/libcrypto/man/EVP_PKEY_encrypt.3 delete mode 100644 src/lib/libcrypto/man/EVP_PKEY_get_default_digest_nid.3 delete mode 100644 src/lib/libcrypto/man/EVP_PKEY_keygen.3 delete mode 100644 src/lib/libcrypto/man/EVP_PKEY_new.3 delete mode 100644 src/lib/libcrypto/man/EVP_PKEY_new_CMAC_key.3 delete mode 100644 src/lib/libcrypto/man/EVP_PKEY_print_private.3 delete mode 100644 src/lib/libcrypto/man/EVP_PKEY_set1_RSA.3 delete mode 100644 src/lib/libcrypto/man/EVP_PKEY_sign.3 delete mode 100644 src/lib/libcrypto/man/EVP_PKEY_size.3 delete mode 100644 src/lib/libcrypto/man/EVP_PKEY_verify.3 delete mode 100644 src/lib/libcrypto/man/EVP_PKEY_verify_recover.3 delete mode 100644 src/lib/libcrypto/man/EVP_SealInit.3 delete mode 100644 src/lib/libcrypto/man/EVP_SignInit.3 delete mode 100644 src/lib/libcrypto/man/EVP_VerifyInit.3 delete mode 100644 src/lib/libcrypto/man/EVP_aes_128_cbc.3 delete mode 100644 src/lib/libcrypto/man/EVP_aes_128_ccm.3 delete mode 100644 src/lib/libcrypto/man/EVP_aes_128_gcm.3 delete mode 100644 src/lib/libcrypto/man/EVP_camellia_128_cbc.3 delete mode 100644 src/lib/libcrypto/man/EVP_chacha20.3 delete mode 100644 src/lib/libcrypto/man/EVP_des_cbc.3 delete mode 100644 src/lib/libcrypto/man/EVP_rc2_cbc.3 delete mode 100644 src/lib/libcrypto/man/EVP_rc4.3 delete mode 100644 src/lib/libcrypto/man/EVP_sha1.3 delete mode 100644 src/lib/libcrypto/man/EVP_sha3_224.3 delete mode 100644 src/lib/libcrypto/man/EVP_sm3.3 delete mode 100644 src/lib/libcrypto/man/EVP_sm4_cbc.3 delete mode 100644 src/lib/libcrypto/man/EXTENDED_KEY_USAGE_new.3 delete mode 100644 src/lib/libcrypto/man/GENERAL_NAME_new.3 delete mode 100644 src/lib/libcrypto/man/HMAC.3 delete mode 100644 src/lib/libcrypto/man/IPAddressRange_new.3 delete mode 100644 src/lib/libcrypto/man/MD5.3 delete mode 100644 src/lib/libcrypto/man/Makefile delete mode 100644 src/lib/libcrypto/man/NAME_CONSTRAINTS_new.3 delete mode 100644 src/lib/libcrypto/man/OBJ_NAME_add.3 delete mode 100644 src/lib/libcrypto/man/OBJ_create.3 delete mode 100644 src/lib/libcrypto/man/OBJ_find_sigid_algs.3 delete mode 100644 src/lib/libcrypto/man/OBJ_nid2obj.3 delete mode 100644 src/lib/libcrypto/man/OCSP_CRLID_new.3 delete mode 100644 src/lib/libcrypto/man/OCSP_REQUEST_new.3 delete mode 100644 src/lib/libcrypto/man/OCSP_SERVICELOC_new.3 delete mode 100644 src/lib/libcrypto/man/OCSP_cert_to_id.3 delete mode 100644 src/lib/libcrypto/man/OCSP_request_add1_nonce.3 delete mode 100644 src/lib/libcrypto/man/OCSP_resp_find_status.3 delete mode 100644 src/lib/libcrypto/man/OCSP_response_status.3 delete mode 100644 src/lib/libcrypto/man/OCSP_sendreq_new.3 delete mode 100644 src/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3 delete mode 100644 src/lib/libcrypto/man/OPENSSL_cleanse.3 delete mode 100644 src/lib/libcrypto/man/OPENSSL_config.3 delete mode 100644 src/lib/libcrypto/man/OPENSSL_init_crypto.3 delete mode 100644 src/lib/libcrypto/man/OPENSSL_load_builtin_modules.3 delete mode 100644 src/lib/libcrypto/man/OPENSSL_malloc.3 delete mode 100644 src/lib/libcrypto/man/OPENSSL_sk_new.3 delete mode 100644 src/lib/libcrypto/man/OpenSSL_add_all_algorithms.3 delete mode 100644 src/lib/libcrypto/man/PEM_ASN1_read.3 delete mode 100644 src/lib/libcrypto/man/PEM_X509_INFO_read.3 delete mode 100644 src/lib/libcrypto/man/PEM_bytes_read_bio.3 delete mode 100644 src/lib/libcrypto/man/PEM_read.3 delete mode 100644 src/lib/libcrypto/man/PEM_read_bio_PrivateKey.3 delete mode 100644 src/lib/libcrypto/man/PEM_write_bio_CMS_stream.3 delete mode 100644 src/lib/libcrypto/man/PEM_write_bio_PKCS7_stream.3 delete mode 100644 src/lib/libcrypto/man/PKCS12_SAFEBAG_new.3 delete mode 100644 src/lib/libcrypto/man/PKCS12_create.3 delete mode 100644 src/lib/libcrypto/man/PKCS12_new.3 delete mode 100644 src/lib/libcrypto/man/PKCS12_newpass.3 delete mode 100644 src/lib/libcrypto/man/PKCS12_parse.3 delete mode 100644 src/lib/libcrypto/man/PKCS5_PBKDF2_HMAC.3 delete mode 100644 src/lib/libcrypto/man/PKCS7_add_attribute.3 delete mode 100644 src/lib/libcrypto/man/PKCS7_dataFinal.3 delete mode 100644 src/lib/libcrypto/man/PKCS7_dataInit.3 delete mode 100644 src/lib/libcrypto/man/PKCS7_decrypt.3 delete mode 100644 src/lib/libcrypto/man/PKCS7_encrypt.3 delete mode 100644 src/lib/libcrypto/man/PKCS7_final.3 delete mode 100644 src/lib/libcrypto/man/PKCS7_get_signer_info.3 delete mode 100644 src/lib/libcrypto/man/PKCS7_new.3 delete mode 100644 src/lib/libcrypto/man/PKCS7_set_content.3 delete mode 100644 src/lib/libcrypto/man/PKCS7_set_type.3 delete mode 100644 src/lib/libcrypto/man/PKCS7_sign.3 delete mode 100644 src/lib/libcrypto/man/PKCS7_sign_add_signer.3 delete mode 100644 src/lib/libcrypto/man/PKCS7_verify.3 delete mode 100644 src/lib/libcrypto/man/PKCS8_PRIV_KEY_INFO_new.3 delete mode 100644 src/lib/libcrypto/man/PKCS8_pkey_set0.3 delete mode 100644 src/lib/libcrypto/man/PKEY_USAGE_PERIOD_new.3 delete mode 100644 src/lib/libcrypto/man/POLICYINFO_new.3 delete mode 100644 src/lib/libcrypto/man/RAND_add.3 delete mode 100644 src/lib/libcrypto/man/RAND_bytes.3 delete mode 100644 src/lib/libcrypto/man/RAND_load_file.3 delete mode 100644 src/lib/libcrypto/man/RAND_set_rand_method.3 delete mode 100644 src/lib/libcrypto/man/RC2_encrypt.3 delete mode 100644 src/lib/libcrypto/man/RC4.3 delete mode 100644 src/lib/libcrypto/man/RIPEMD160.3 delete mode 100644 src/lib/libcrypto/man/RSA_PSS_PARAMS_new.3 delete mode 100644 src/lib/libcrypto/man/RSA_blinding_on.3 delete mode 100644 src/lib/libcrypto/man/RSA_check_key.3 delete mode 100644 src/lib/libcrypto/man/RSA_generate_key.3 delete mode 100644 src/lib/libcrypto/man/RSA_get0_key.3 delete mode 100644 src/lib/libcrypto/man/RSA_get_ex_new_index.3 delete mode 100644 src/lib/libcrypto/man/RSA_meth_new.3 delete mode 100644 src/lib/libcrypto/man/RSA_new.3 delete mode 100644 src/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3 delete mode 100644 src/lib/libcrypto/man/RSA_pkey_ctx_ctrl.3 delete mode 100644 src/lib/libcrypto/man/RSA_print.3 delete mode 100644 src/lib/libcrypto/man/RSA_private_encrypt.3 delete mode 100644 src/lib/libcrypto/man/RSA_public_encrypt.3 delete mode 100644 src/lib/libcrypto/man/RSA_security_bits.3 delete mode 100644 src/lib/libcrypto/man/RSA_set_method.3 delete mode 100644 src/lib/libcrypto/man/RSA_sign.3 delete mode 100644 src/lib/libcrypto/man/RSA_sign_ASN1_OCTET_STRING.3 delete mode 100644 src/lib/libcrypto/man/RSA_size.3 delete mode 100644 src/lib/libcrypto/man/SHA1.3 delete mode 100644 src/lib/libcrypto/man/SMIME_crlf_copy.3 delete mode 100644 src/lib/libcrypto/man/SMIME_read_ASN1.3 delete mode 100644 src/lib/libcrypto/man/SMIME_read_CMS.3 delete mode 100644 src/lib/libcrypto/man/SMIME_read_PKCS7.3 delete mode 100644 src/lib/libcrypto/man/SMIME_text.3 delete mode 100644 src/lib/libcrypto/man/SMIME_write_ASN1.3 delete mode 100644 src/lib/libcrypto/man/SMIME_write_CMS.3 delete mode 100644 src/lib/libcrypto/man/SMIME_write_PKCS7.3 delete mode 100644 src/lib/libcrypto/man/STACK_OF.3 delete mode 100644 src/lib/libcrypto/man/TS_REQ_new.3 delete mode 100644 src/lib/libcrypto/man/UI_create_method.3 delete mode 100644 src/lib/libcrypto/man/UI_get_string_type.3 delete mode 100644 src/lib/libcrypto/man/UI_new.3 delete mode 100644 src/lib/libcrypto/man/X25519.3 delete mode 100644 src/lib/libcrypto/man/X509V3_EXT_get_nid.3 delete mode 100644 src/lib/libcrypto/man/X509V3_EXT_print.3 delete mode 100644 src/lib/libcrypto/man/X509V3_extensions_print.3 delete mode 100644 src/lib/libcrypto/man/X509V3_get_d2i.3 delete mode 100644 src/lib/libcrypto/man/X509V3_parse_list.3 delete mode 100644 src/lib/libcrypto/man/X509_ALGOR_dup.3 delete mode 100644 src/lib/libcrypto/man/X509_ATTRIBUTE_get0_object.3 delete mode 100644 src/lib/libcrypto/man/X509_ATTRIBUTE_new.3 delete mode 100644 src/lib/libcrypto/man/X509_ATTRIBUTE_set1_object.3 delete mode 100644 src/lib/libcrypto/man/X509_CINF_new.3 delete mode 100644 src/lib/libcrypto/man/X509_CRL_get0_by_serial.3 delete mode 100644 src/lib/libcrypto/man/X509_CRL_new.3 delete mode 100644 src/lib/libcrypto/man/X509_CRL_print.3 delete mode 100644 src/lib/libcrypto/man/X509_EXTENSION_set_object.3 delete mode 100644 src/lib/libcrypto/man/X509_INFO_new.3 delete mode 100644 src/lib/libcrypto/man/X509_LOOKUP_hash_dir.3 delete mode 100644 src/lib/libcrypto/man/X509_LOOKUP_new.3 delete mode 100644 src/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3 delete mode 100644 src/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3 delete mode 100644 src/lib/libcrypto/man/X509_NAME_get_index_by_NID.3 delete mode 100644 src/lib/libcrypto/man/X509_NAME_hash.3 delete mode 100644 src/lib/libcrypto/man/X509_NAME_new.3 delete mode 100644 src/lib/libcrypto/man/X509_NAME_print_ex.3 delete mode 100644 src/lib/libcrypto/man/X509_OBJECT_get0_X509.3 delete mode 100644 src/lib/libcrypto/man/X509_PKEY_new.3 delete mode 100644 src/lib/libcrypto/man/X509_PUBKEY_new.3 delete mode 100644 src/lib/libcrypto/man/X509_PURPOSE_set.3 delete mode 100644 src/lib/libcrypto/man/X509_REQ_add1_attr.3 delete mode 100644 src/lib/libcrypto/man/X509_REQ_add_extensions.3 delete mode 100644 src/lib/libcrypto/man/X509_REQ_new.3 delete mode 100644 src/lib/libcrypto/man/X509_REQ_print_ex.3 delete mode 100644 src/lib/libcrypto/man/X509_REVOKED_new.3 delete mode 100644 src/lib/libcrypto/man/X509_SIG_get0.3 delete mode 100644 src/lib/libcrypto/man/X509_SIG_new.3 delete mode 100644 src/lib/libcrypto/man/X509_STORE_CTX_get_error.3 delete mode 100644 src/lib/libcrypto/man/X509_STORE_CTX_get_ex_new_index.3 delete mode 100644 src/lib/libcrypto/man/X509_STORE_CTX_new.3 delete mode 100644 src/lib/libcrypto/man/X509_STORE_CTX_set_flags.3 delete mode 100644 src/lib/libcrypto/man/X509_STORE_CTX_set_verify.3 delete mode 100644 src/lib/libcrypto/man/X509_STORE_CTX_set_verify_cb.3 delete mode 100644 src/lib/libcrypto/man/X509_STORE_get_by_subject.3 delete mode 100644 src/lib/libcrypto/man/X509_STORE_load_locations.3 delete mode 100644 src/lib/libcrypto/man/X509_STORE_new.3 delete mode 100644 src/lib/libcrypto/man/X509_STORE_set1_param.3 delete mode 100644 src/lib/libcrypto/man/X509_STORE_set_verify_cb_func.3 delete mode 100644 src/lib/libcrypto/man/X509_VERIFY_PARAM_new.3 delete mode 100644 src/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3 delete mode 100644 src/lib/libcrypto/man/X509_add1_trust_object.3 delete mode 100644 src/lib/libcrypto/man/X509_check_ca.3 delete mode 100644 src/lib/libcrypto/man/X509_check_host.3 delete mode 100644 src/lib/libcrypto/man/X509_check_issued.3 delete mode 100644 src/lib/libcrypto/man/X509_check_private_key.3 delete mode 100644 src/lib/libcrypto/man/X509_check_purpose.3 delete mode 100644 src/lib/libcrypto/man/X509_cmp.3 delete mode 100644 src/lib/libcrypto/man/X509_cmp_time.3 delete mode 100644 src/lib/libcrypto/man/X509_digest.3 delete mode 100644 src/lib/libcrypto/man/X509_find_by_subject.3 delete mode 100644 src/lib/libcrypto/man/X509_get0_notBefore.3 delete mode 100644 src/lib/libcrypto/man/X509_get0_signature.3 delete mode 100644 src/lib/libcrypto/man/X509_get1_email.3 delete mode 100644 src/lib/libcrypto/man/X509_get_extension_flags.3 delete mode 100644 src/lib/libcrypto/man/X509_get_pubkey.3 delete mode 100644 src/lib/libcrypto/man/X509_get_pubkey_parameters.3 delete mode 100644 src/lib/libcrypto/man/X509_get_serialNumber.3 delete mode 100644 src/lib/libcrypto/man/X509_get_subject_name.3 delete mode 100644 src/lib/libcrypto/man/X509_get_version.3 delete mode 100644 src/lib/libcrypto/man/X509_keyid_set1.3 delete mode 100644 src/lib/libcrypto/man/X509_load_cert_file.3 delete mode 100644 src/lib/libcrypto/man/X509_new.3 delete mode 100644 src/lib/libcrypto/man/X509_ocspid_print.3 delete mode 100644 src/lib/libcrypto/man/X509_print_ex.3 delete mode 100644 src/lib/libcrypto/man/X509_sign.3 delete mode 100644 src/lib/libcrypto/man/X509_signature_dump.3 delete mode 100644 src/lib/libcrypto/man/X509_verify_cert.3 delete mode 100644 src/lib/libcrypto/man/X509v3_addr_add_inherit.3 delete mode 100644 src/lib/libcrypto/man/X509v3_addr_get_range.3 delete mode 100644 src/lib/libcrypto/man/X509v3_addr_inherits.3 delete mode 100644 src/lib/libcrypto/man/X509v3_addr_subset.3 delete mode 100644 src/lib/libcrypto/man/X509v3_addr_validate_path.3 delete mode 100644 src/lib/libcrypto/man/X509v3_asid_add_id_or_range.3 delete mode 100644 src/lib/libcrypto/man/X509v3_get_ext_by_NID.3 delete mode 100644 src/lib/libcrypto/man/a2d_ASN1_OBJECT.3 delete mode 100644 src/lib/libcrypto/man/a2i_ipadd.3 delete mode 100644 src/lib/libcrypto/man/bn_dump.3 delete mode 100644 src/lib/libcrypto/man/crypto.3 delete mode 100644 src/lib/libcrypto/man/d2i_ASN1_NULL.3 delete mode 100644 src/lib/libcrypto/man/d2i_ASN1_OBJECT.3 delete mode 100644 src/lib/libcrypto/man/d2i_ASN1_OCTET_STRING.3 delete mode 100644 src/lib/libcrypto/man/d2i_ASN1_SEQUENCE_ANY.3 delete mode 100644 src/lib/libcrypto/man/d2i_AUTHORITY_KEYID.3 delete mode 100644 src/lib/libcrypto/man/d2i_BASIC_CONSTRAINTS.3 delete mode 100644 src/lib/libcrypto/man/d2i_CMS_ContentInfo.3 delete mode 100644 src/lib/libcrypto/man/d2i_DHparams.3 delete mode 100644 src/lib/libcrypto/man/d2i_DIST_POINT.3 delete mode 100644 src/lib/libcrypto/man/d2i_DSAPublicKey.3 delete mode 100644 src/lib/libcrypto/man/d2i_ECPKParameters.3 delete mode 100644 src/lib/libcrypto/man/d2i_ESS_SIGNING_CERT.3 delete mode 100644 src/lib/libcrypto/man/d2i_GENERAL_NAME.3 delete mode 100644 src/lib/libcrypto/man/d2i_OCSP_REQUEST.3 delete mode 100644 src/lib/libcrypto/man/d2i_OCSP_RESPONSE.3 delete mode 100644 src/lib/libcrypto/man/d2i_PKCS12.3 delete mode 100644 src/lib/libcrypto/man/d2i_PKCS7.3 delete mode 100644 src/lib/libcrypto/man/d2i_PKCS8PrivateKey_bio.3 delete mode 100644 src/lib/libcrypto/man/d2i_PKCS8_PRIV_KEY_INFO.3 delete mode 100644 src/lib/libcrypto/man/d2i_PKEY_USAGE_PERIOD.3 delete mode 100644 src/lib/libcrypto/man/d2i_POLICYINFO.3 delete mode 100644 src/lib/libcrypto/man/d2i_PrivateKey.3 delete mode 100644 src/lib/libcrypto/man/d2i_RSAPublicKey.3 delete mode 100644 src/lib/libcrypto/man/d2i_TS_REQ.3 delete mode 100644 src/lib/libcrypto/man/d2i_X509.3 delete mode 100644 src/lib/libcrypto/man/d2i_X509_ALGOR.3 delete mode 100644 src/lib/libcrypto/man/d2i_X509_ATTRIBUTE.3 delete mode 100644 src/lib/libcrypto/man/d2i_X509_CRL.3 delete mode 100644 src/lib/libcrypto/man/d2i_X509_EXTENSION.3 delete mode 100644 src/lib/libcrypto/man/d2i_X509_NAME.3 delete mode 100644 src/lib/libcrypto/man/d2i_X509_REQ.3 delete mode 100644 src/lib/libcrypto/man/d2i_X509_SIG.3 delete mode 100644 src/lib/libcrypto/man/des_read_pw.3 delete mode 100644 src/lib/libcrypto/man/evp.3 delete mode 100644 src/lib/libcrypto/man/i2a_ASN1_STRING.3 delete mode 100644 src/lib/libcrypto/man/i2d_CMS_bio_stream.3 delete mode 100644 src/lib/libcrypto/man/i2d_PKCS7_bio_stream.3 delete mode 100644 src/lib/libcrypto/man/lh_new.3 delete mode 100644 src/lib/libcrypto/man/openssl.cnf.5 delete mode 100644 src/lib/libcrypto/man/s2i_ASN1_INTEGER.3 delete mode 100644 src/lib/libcrypto/man/v2i_ASN1_BIT_STRING.3 delete mode 100644 src/lib/libcrypto/man/x509_verify.3 delete mode 100644 src/lib/libcrypto/man/x509v3.cnf.5 delete mode 100644 src/lib/libcrypto/md4/md4.c delete mode 100644 src/lib/libcrypto/md4/md4.h delete mode 100644 src/lib/libcrypto/md5/asm/md5-586.pl delete mode 100644 src/lib/libcrypto/md5/md5.c delete mode 100644 src/lib/libcrypto/md5/md5.h delete mode 100644 src/lib/libcrypto/md5/md5_amd64_generic.S delete mode 100644 src/lib/libcrypto/mlkem/mlkem.h delete mode 100644 src/lib/libcrypto/mlkem/mlkem1024.c delete mode 100644 src/lib/libcrypto/mlkem/mlkem768.c delete mode 100644 src/lib/libcrypto/mlkem/mlkem_internal.h delete mode 100644 src/lib/libcrypto/modes/asm/ghash-alpha.pl delete mode 100644 src/lib/libcrypto/modes/asm/ghash-armv4.pl delete mode 100644 src/lib/libcrypto/modes/asm/ghash-parisc.pl delete mode 100644 src/lib/libcrypto/modes/asm/ghash-sparcv9.pl delete mode 100644 src/lib/libcrypto/modes/asm/ghash-x86.pl delete mode 100644 src/lib/libcrypto/modes/asm/ghash-x86_64.pl delete mode 100644 src/lib/libcrypto/modes/cbc128.c delete mode 100644 src/lib/libcrypto/modes/ccm128.c delete mode 100644 src/lib/libcrypto/modes/cfb128.c delete mode 100644 src/lib/libcrypto/modes/ctr128.c delete mode 100644 src/lib/libcrypto/modes/gcm128.c delete mode 100644 src/lib/libcrypto/modes/modes.h delete mode 100644 src/lib/libcrypto/modes/modes_local.h delete mode 100644 src/lib/libcrypto/modes/ofb128.c delete mode 100644 src/lib/libcrypto/modes/xts128.c delete mode 100644 src/lib/libcrypto/objects/obj_dat.c delete mode 100644 src/lib/libcrypto/objects/obj_dat.pl delete mode 100644 src/lib/libcrypto/objects/obj_err.c delete mode 100644 src/lib/libcrypto/objects/obj_lib.c delete mode 100644 src/lib/libcrypto/objects/obj_mac.num delete mode 100644 src/lib/libcrypto/objects/obj_xref.c delete mode 100644 src/lib/libcrypto/objects/objects.README delete mode 100644 src/lib/libcrypto/objects/objects.h delete mode 100644 src/lib/libcrypto/objects/objects.pl delete mode 100644 src/lib/libcrypto/objects/objects.txt delete mode 100644 src/lib/libcrypto/ocsp/ocsp.h delete mode 100644 src/lib/libcrypto/ocsp/ocsp_asn.c delete mode 100644 src/lib/libcrypto/ocsp/ocsp_cl.c delete mode 100644 src/lib/libcrypto/ocsp/ocsp_err.c delete mode 100644 src/lib/libcrypto/ocsp/ocsp_ext.c delete mode 100644 src/lib/libcrypto/ocsp/ocsp_ht.c delete mode 100644 src/lib/libcrypto/ocsp/ocsp_lib.c delete mode 100644 src/lib/libcrypto/ocsp/ocsp_local.h delete mode 100644 src/lib/libcrypto/ocsp/ocsp_prn.c delete mode 100644 src/lib/libcrypto/ocsp/ocsp_srv.c delete mode 100644 src/lib/libcrypto/ocsp/ocsp_vfy.c delete mode 100644 src/lib/libcrypto/openssl.cnf delete mode 100644 src/lib/libcrypto/opensslfeatures.h delete mode 100644 src/lib/libcrypto/opensslv.h delete mode 100644 src/lib/libcrypto/ossl_typ.h delete mode 100644 src/lib/libcrypto/pem/message delete mode 100644 src/lib/libcrypto/pem/pem.h delete mode 100644 src/lib/libcrypto/pem/pem_all.c delete mode 100644 src/lib/libcrypto/pem/pem_err.c delete mode 100644 src/lib/libcrypto/pem/pem_info.c delete mode 100644 src/lib/libcrypto/pem/pem_lib.c delete mode 100644 src/lib/libcrypto/pem/pem_oth.c delete mode 100644 src/lib/libcrypto/pem/pem_pk8.c delete mode 100644 src/lib/libcrypto/pem/pem_pkey.c delete mode 100644 src/lib/libcrypto/pem/pem_sign.c delete mode 100644 src/lib/libcrypto/pem/pem_x509.c delete mode 100644 src/lib/libcrypto/pem/pem_xaux.c delete mode 100644 src/lib/libcrypto/pem/pkcs7.lis delete mode 100644 src/lib/libcrypto/pem/pvkfmt.c delete mode 100644 src/lib/libcrypto/perlasm/cbc.pl delete mode 100755 src/lib/libcrypto/perlasm/ppc-xlate.pl delete mode 100644 src/lib/libcrypto/perlasm/readme delete mode 100755 src/lib/libcrypto/perlasm/x86_64-xlate.pl delete mode 100644 src/lib/libcrypto/perlasm/x86asm.pl delete mode 100644 src/lib/libcrypto/perlasm/x86gas.pl delete mode 100644 src/lib/libcrypto/pkcs12/p12_add.c delete mode 100644 src/lib/libcrypto/pkcs12/p12_asn.c delete mode 100644 src/lib/libcrypto/pkcs12/p12_attr.c delete mode 100644 src/lib/libcrypto/pkcs12/p12_crt.c delete mode 100644 src/lib/libcrypto/pkcs12/p12_decr.c delete mode 100644 src/lib/libcrypto/pkcs12/p12_init.c delete mode 100644 src/lib/libcrypto/pkcs12/p12_key.c delete mode 100644 src/lib/libcrypto/pkcs12/p12_kiss.c delete mode 100644 src/lib/libcrypto/pkcs12/p12_mutl.c delete mode 100644 src/lib/libcrypto/pkcs12/p12_npas.c delete mode 100644 src/lib/libcrypto/pkcs12/p12_p8d.c delete mode 100644 src/lib/libcrypto/pkcs12/p12_p8e.c delete mode 100644 src/lib/libcrypto/pkcs12/p12_sbag.c delete mode 100644 src/lib/libcrypto/pkcs12/p12_utl.c delete mode 100644 src/lib/libcrypto/pkcs12/pk12err.c delete mode 100644 src/lib/libcrypto/pkcs12/pkcs12.h delete mode 100644 src/lib/libcrypto/pkcs12/pkcs12_local.h delete mode 100644 src/lib/libcrypto/pkcs7/pk7_asn1.c delete mode 100644 src/lib/libcrypto/pkcs7/pk7_attr.c delete mode 100644 src/lib/libcrypto/pkcs7/pk7_doit.c delete mode 100644 src/lib/libcrypto/pkcs7/pk7_lib.c delete mode 100644 src/lib/libcrypto/pkcs7/pk7_mime.c delete mode 100644 src/lib/libcrypto/pkcs7/pk7_smime.c delete mode 100644 src/lib/libcrypto/pkcs7/pkcs7.h delete mode 100644 src/lib/libcrypto/pkcs7/pkcs7err.c delete mode 100644 src/lib/libcrypto/poly1305/poly1305-donna.c delete mode 100644 src/lib/libcrypto/poly1305/poly1305.c delete mode 100644 src/lib/libcrypto/poly1305/poly1305.h delete mode 100644 src/lib/libcrypto/rand/rand.h delete mode 100644 src/lib/libcrypto/rand/rand_err.c delete mode 100644 src/lib/libcrypto/rand/rand_lib.c delete mode 100644 src/lib/libcrypto/rand/randfile.c delete mode 100644 src/lib/libcrypto/rc2/rc2.h delete mode 100644 src/lib/libcrypto/rc2/rc2_cbc.c delete mode 100644 src/lib/libcrypto/rc2/rc2_ecb.c delete mode 100644 src/lib/libcrypto/rc2/rc2_local.h delete mode 100644 src/lib/libcrypto/rc2/rc2_skey.c delete mode 100644 src/lib/libcrypto/rc2/rc2cfb64.c delete mode 100644 src/lib/libcrypto/rc2/rc2ofb64.c delete mode 100644 src/lib/libcrypto/rc2/rrc2.doc delete mode 100644 src/lib/libcrypto/rc2/version delete mode 100644 src/lib/libcrypto/rc4/asm/rc4-586.pl delete mode 100755 src/lib/libcrypto/rc4/asm/rc4-x86_64.pl delete mode 100644 src/lib/libcrypto/rc4/rc4.c delete mode 100644 src/lib/libcrypto/rc4/rc4.h delete mode 100644 src/lib/libcrypto/ripemd/ripemd.c delete mode 100644 src/lib/libcrypto/ripemd/ripemd.h delete mode 100644 src/lib/libcrypto/rsa/rsa.h delete mode 100644 src/lib/libcrypto/rsa/rsa_ameth.c delete mode 100644 src/lib/libcrypto/rsa/rsa_asn1.c delete mode 100644 src/lib/libcrypto/rsa/rsa_blinding.c delete mode 100644 src/lib/libcrypto/rsa/rsa_chk.c delete mode 100644 src/lib/libcrypto/rsa/rsa_eay.c delete mode 100644 src/lib/libcrypto/rsa/rsa_err.c delete mode 100644 src/lib/libcrypto/rsa/rsa_gen.c delete mode 100644 src/lib/libcrypto/rsa/rsa_lib.c delete mode 100644 src/lib/libcrypto/rsa/rsa_local.h delete mode 100644 src/lib/libcrypto/rsa/rsa_meth.c delete mode 100644 src/lib/libcrypto/rsa/rsa_none.c delete mode 100644 src/lib/libcrypto/rsa/rsa_oaep.c delete mode 100644 src/lib/libcrypto/rsa/rsa_pk1.c delete mode 100644 src/lib/libcrypto/rsa/rsa_pmeth.c delete mode 100644 src/lib/libcrypto/rsa/rsa_prn.c delete mode 100644 src/lib/libcrypto/rsa/rsa_pss.c delete mode 100644 src/lib/libcrypto/rsa/rsa_saos.c delete mode 100644 src/lib/libcrypto/rsa/rsa_sign.c delete mode 100644 src/lib/libcrypto/rsa/rsa_x931.c delete mode 100644 src/lib/libcrypto/sha/asm/sha1-586.pl delete mode 100644 src/lib/libcrypto/sha/asm/sha1-alpha.pl delete mode 100644 src/lib/libcrypto/sha/asm/sha1-armv4-large.pl delete mode 100644 src/lib/libcrypto/sha/asm/sha1-mips.pl delete mode 100644 src/lib/libcrypto/sha/asm/sha1-parisc.pl delete mode 100755 src/lib/libcrypto/sha/asm/sha1-ppc.pl delete mode 100644 src/lib/libcrypto/sha/asm/sha1-sparcv9.pl delete mode 100644 src/lib/libcrypto/sha/asm/sha256-586.pl delete mode 100644 src/lib/libcrypto/sha/asm/sha256-armv4.pl delete mode 100644 src/lib/libcrypto/sha/asm/sha512-586.pl delete mode 100644 src/lib/libcrypto/sha/asm/sha512-armv4.pl delete mode 100644 src/lib/libcrypto/sha/asm/sha512-mips.pl delete mode 100755 src/lib/libcrypto/sha/asm/sha512-parisc.pl delete mode 100755 src/lib/libcrypto/sha/asm/sha512-ppc.pl delete mode 100644 src/lib/libcrypto/sha/asm/sha512-sparcv9.pl delete mode 100644 src/lib/libcrypto/sha/sha.h delete mode 100644 src/lib/libcrypto/sha/sha1.c delete mode 100644 src/lib/libcrypto/sha/sha1_amd64.c delete mode 100644 src/lib/libcrypto/sha/sha1_amd64_generic.S delete mode 100644 src/lib/libcrypto/sha/sha1_amd64_shani.S delete mode 100644 src/lib/libcrypto/sha/sha256.c delete mode 100644 src/lib/libcrypto/sha/sha256_aarch64.c delete mode 100644 src/lib/libcrypto/sha/sha256_aarch64_ce.S delete mode 100644 src/lib/libcrypto/sha/sha256_amd64.c delete mode 100644 src/lib/libcrypto/sha/sha256_amd64_generic.S delete mode 100644 src/lib/libcrypto/sha/sha256_amd64_shani.S delete mode 100644 src/lib/libcrypto/sha/sha3.c delete mode 100644 src/lib/libcrypto/sha/sha3_internal.h delete mode 100644 src/lib/libcrypto/sha/sha512.c delete mode 100644 src/lib/libcrypto/sha/sha512_aarch64.c delete mode 100644 src/lib/libcrypto/sha/sha512_aarch64_ce.S delete mode 100644 src/lib/libcrypto/sha/sha512_amd64.c delete mode 100644 src/lib/libcrypto/sha/sha512_amd64_generic.S delete mode 100644 src/lib/libcrypto/sha/sha_internal.h delete mode 100644 src/lib/libcrypto/shlib_version delete mode 100644 src/lib/libcrypto/sm2/sm2.h delete mode 100644 src/lib/libcrypto/sm2/sm2_crypt.c delete mode 100644 src/lib/libcrypto/sm2/sm2_err.c delete mode 100644 src/lib/libcrypto/sm2/sm2_local.h delete mode 100644 src/lib/libcrypto/sm2/sm2_pmeth.c delete mode 100644 src/lib/libcrypto/sm2/sm2_sign.c delete mode 100644 src/lib/libcrypto/sm2/sm2_za.c delete mode 100644 src/lib/libcrypto/sm3/sm3.c delete mode 100644 src/lib/libcrypto/sm3/sm3.h delete mode 100644 src/lib/libcrypto/sm4/sm4.c delete mode 100644 src/lib/libcrypto/sm4/sm4.h delete mode 100644 src/lib/libcrypto/stack/safestack.h delete mode 100644 src/lib/libcrypto/stack/stack.c delete mode 100644 src/lib/libcrypto/stack/stack.h delete mode 100644 src/lib/libcrypto/stack/stack_local.h delete mode 100644 src/lib/libcrypto/ts/ts.h delete mode 100644 src/lib/libcrypto/ts/ts_asn1.c delete mode 100644 src/lib/libcrypto/ts/ts_conf.c delete mode 100644 src/lib/libcrypto/ts/ts_err.c delete mode 100644 src/lib/libcrypto/ts/ts_lib.c delete mode 100644 src/lib/libcrypto/ts/ts_local.h delete mode 100644 src/lib/libcrypto/ts/ts_req_print.c delete mode 100644 src/lib/libcrypto/ts/ts_req_utils.c delete mode 100644 src/lib/libcrypto/ts/ts_rsp_print.c delete mode 100644 src/lib/libcrypto/ts/ts_rsp_sign.c delete mode 100644 src/lib/libcrypto/ts/ts_rsp_utils.c delete mode 100644 src/lib/libcrypto/ts/ts_rsp_verify.c delete mode 100644 src/lib/libcrypto/ts/ts_verify_ctx.c delete mode 100644 src/lib/libcrypto/txt_db/txt_db.c delete mode 100644 src/lib/libcrypto/txt_db/txt_db.h delete mode 100644 src/lib/libcrypto/ui/ui.h delete mode 100644 src/lib/libcrypto/ui/ui_err.c delete mode 100644 src/lib/libcrypto/ui/ui_lib.c delete mode 100644 src/lib/libcrypto/ui/ui_local.h delete mode 100644 src/lib/libcrypto/ui/ui_null.c delete mode 100644 src/lib/libcrypto/ui/ui_openssl.c delete mode 100644 src/lib/libcrypto/util/mkstack.pl delete mode 100644 src/lib/libcrypto/x509/by_dir.c delete mode 100644 src/lib/libcrypto/x509/by_file.c delete mode 100644 src/lib/libcrypto/x509/by_mem.c delete mode 100644 src/lib/libcrypto/x509/x509.h delete mode 100644 src/lib/libcrypto/x509/x509_addr.c delete mode 100644 src/lib/libcrypto/x509/x509_akey.c delete mode 100644 src/lib/libcrypto/x509/x509_akeya.c delete mode 100644 src/lib/libcrypto/x509/x509_alt.c delete mode 100644 src/lib/libcrypto/x509/x509_asid.c delete mode 100644 src/lib/libcrypto/x509/x509_att.c delete mode 100644 src/lib/libcrypto/x509/x509_bcons.c delete mode 100644 src/lib/libcrypto/x509/x509_bitst.c delete mode 100644 src/lib/libcrypto/x509/x509_cmp.c delete mode 100644 src/lib/libcrypto/x509/x509_conf.c delete mode 100644 src/lib/libcrypto/x509/x509_constraints.c delete mode 100644 src/lib/libcrypto/x509/x509_cpols.c delete mode 100644 src/lib/libcrypto/x509/x509_crld.c delete mode 100644 src/lib/libcrypto/x509/x509_d2.c delete mode 100644 src/lib/libcrypto/x509/x509_def.c delete mode 100644 src/lib/libcrypto/x509/x509_err.c delete mode 100644 src/lib/libcrypto/x509/x509_ext.c delete mode 100644 src/lib/libcrypto/x509/x509_extku.c delete mode 100644 src/lib/libcrypto/x509/x509_genn.c delete mode 100644 src/lib/libcrypto/x509/x509_ia5.c delete mode 100644 src/lib/libcrypto/x509/x509_info.c delete mode 100644 src/lib/libcrypto/x509/x509_int.c delete mode 100644 src/lib/libcrypto/x509/x509_internal.h delete mode 100644 src/lib/libcrypto/x509/x509_issuer_cache.c delete mode 100644 src/lib/libcrypto/x509/x509_issuer_cache.h delete mode 100644 src/lib/libcrypto/x509/x509_lib.c delete mode 100644 src/lib/libcrypto/x509/x509_local.h delete mode 100644 src/lib/libcrypto/x509/x509_lu.c delete mode 100644 src/lib/libcrypto/x509/x509_ncons.c delete mode 100644 src/lib/libcrypto/x509/x509_obj.c delete mode 100644 src/lib/libcrypto/x509/x509_ocsp.c delete mode 100644 src/lib/libcrypto/x509/x509_pcons.c delete mode 100644 src/lib/libcrypto/x509/x509_pku.c delete mode 100644 src/lib/libcrypto/x509/x509_pmaps.c delete mode 100644 src/lib/libcrypto/x509/x509_policy.c delete mode 100644 src/lib/libcrypto/x509/x509_prn.c delete mode 100644 src/lib/libcrypto/x509/x509_purp.c delete mode 100644 src/lib/libcrypto/x509/x509_r2x.c delete mode 100644 src/lib/libcrypto/x509/x509_req.c delete mode 100644 src/lib/libcrypto/x509/x509_set.c delete mode 100644 src/lib/libcrypto/x509/x509_siginfo.c delete mode 100644 src/lib/libcrypto/x509/x509_skey.c delete mode 100644 src/lib/libcrypto/x509/x509_trs.c delete mode 100644 src/lib/libcrypto/x509/x509_txt.c delete mode 100644 src/lib/libcrypto/x509/x509_utl.c delete mode 100644 src/lib/libcrypto/x509/x509_v3.c delete mode 100644 src/lib/libcrypto/x509/x509_verify.c delete mode 100644 src/lib/libcrypto/x509/x509_verify.h delete mode 100644 src/lib/libcrypto/x509/x509_vfy.c delete mode 100644 src/lib/libcrypto/x509/x509_vfy.h delete mode 100644 src/lib/libcrypto/x509/x509_vpm.c delete mode 100644 src/lib/libcrypto/x509/x509cset.c delete mode 100644 src/lib/libcrypto/x509/x509name.c delete mode 100644 src/lib/libcrypto/x509/x509rset.c delete mode 100644 src/lib/libcrypto/x509/x509spki.c delete mode 100644 src/lib/libcrypto/x509/x509type.c delete mode 100644 src/lib/libcrypto/x509/x509v3.h delete mode 100644 src/lib/libcrypto/x509/x_all.c delete mode 100644 src/lib/libcrypto/x509v3.cnf delete mode 100644 src/lib/libcrypto/x86_arch.h (limited to 'src/lib/libcrypto') diff --git a/src/lib/libcrypto/Makefile b/src/lib/libcrypto/Makefile deleted file mode 100644 index db3bc767d9..0000000000 --- a/src/lib/libcrypto/Makefile +++ /dev/null @@ -1,764 +0,0 @@ -# $OpenBSD: Makefile,v 1.231 2024/12/19 23:56:32 tb Exp $ - -LIB= crypto -LIBREBUILD=y - -.include -.ifndef NOMAN -SUBDIR= man -.endif - -PC_FILES=libcrypto.pc - -CLEANFILES=${PC_FILES} ${VERSION_SCRIPT} - -LCRYPTO_SRC= ${.CURDIR} - -CFLAGS+= -Wall -Wundef -.if ${COMPILER_VERSION:L} == "clang" -CFLAGS+= -Werror -Wshadow -.endif -CFLAGS+= -DLIBRESSL_INTERNAL - -CFLAGS+= -DLIBRESSL_NAMESPACE -DLIBRESSL_CRYPTO_NAMESPACE - -CFLAGS+= -DHAVE_FUNOPEN - -CFLAGS+= -I${LCRYPTO_SRC} -CFLAGS+= -I${LCRYPTO_SRC}/arch/${MACHINE_CPU} -CFLAGS+= -I${LCRYPTO_SRC}/asn1 -CFLAGS+= -I${LCRYPTO_SRC}/bio -CFLAGS+= -I${LCRYPTO_SRC}/bn -CFLAGS+= -I${LCRYPTO_SRC}/bn/arch/${MACHINE_CPU} -CFLAGS+= -I${LCRYPTO_SRC}/bytestring -CFLAGS+= -I${LCRYPTO_SRC}/conf -CFLAGS+= -I${LCRYPTO_SRC}/curve25519 -CFLAGS+= -I${LCRYPTO_SRC}/dh -CFLAGS+= -I${LCRYPTO_SRC}/dsa -CFLAGS+= -I${LCRYPTO_SRC}/ec -CFLAGS+= -I${LCRYPTO_SRC}/ecdsa -CFLAGS+= -I${LCRYPTO_SRC}/err -CFLAGS+= -I${LCRYPTO_SRC}/evp -CFLAGS+= -I${LCRYPTO_SRC}/hidden -CFLAGS+= -I${LCRYPTO_SRC}/hmac -CFLAGS+= -I${LCRYPTO_SRC}/kdf -CFLAGS+= -I${LCRYPTO_SRC}/lhash -CFLAGS+= -I${LCRYPTO_SRC}/mlkem -CFLAGS+= -I${LCRYPTO_SRC}/modes -CFLAGS+= -I${LCRYPTO_SRC}/ocsp -CFLAGS+= -I${LCRYPTO_SRC}/pkcs12 -CFLAGS+= -I${LCRYPTO_SRC}/rsa -CFLAGS+= -I${LCRYPTO_SRC}/sha -CFLAGS+= -I${LCRYPTO_SRC}/stack -CFLAGS+= -I${LCRYPTO_SRC}/ts -CFLAGS+= -I${LCRYPTO_SRC}/x509 - -VERSION_SCRIPT= Symbols.map -SYMBOL_LIST= ${.CURDIR}/Symbols.list - -# crypto/ -SRCS+= crypto_err.c -SRCS+= crypto_ex_data.c -SRCS+= crypto_init.c -SRCS+= crypto_legacy.c -SRCS+= crypto_lock.c -SRCS+= crypto_memory.c - -# aes/ -SRCS+= aes.c -SRCS+= aes_core.c -SRCS+= aes_ige.c - -# asn1/ -SRCS+= a_bitstr.c -SRCS+= a_enum.c -SRCS+= a_int.c -SRCS+= a_mbstr.c -SRCS+= a_object.c -SRCS+= a_octet.c -SRCS+= a_pkey.c -SRCS+= a_print.c -SRCS+= a_pubkey.c -SRCS+= a_strex.c -SRCS+= a_string.c -SRCS+= a_strnid.c -SRCS+= a_time.c -SRCS+= a_time_posix.c -SRCS+= a_time_tm.c -SRCS+= a_type.c -SRCS+= a_utf8.c -SRCS+= asn1_err.c -SRCS+= asn1_gen.c -SRCS+= asn1_item.c -SRCS+= asn1_lib.c -SRCS+= asn1_old.c -SRCS+= asn1_old_lib.c -SRCS+= asn1_par.c -SRCS+= asn1_types.c -SRCS+= asn_mime.c -SRCS+= asn_moid.c -SRCS+= bio_asn1.c -SRCS+= bio_ndef.c -SRCS+= p5_pbe.c -SRCS+= p5_pbev2.c -SRCS+= p8_pkey.c -SRCS+= t_crl.c -SRCS+= t_req.c -SRCS+= t_spki.c -SRCS+= t_x509.c -SRCS+= t_x509a.c -SRCS+= tasn_dec.c -SRCS+= tasn_enc.c -SRCS+= tasn_fre.c -SRCS+= tasn_new.c -SRCS+= tasn_prn.c -SRCS+= tasn_typ.c -SRCS+= tasn_utl.c -SRCS+= x_algor.c -SRCS+= x_attrib.c -SRCS+= x_bignum.c -SRCS+= x_crl.c -SRCS+= x_exten.c -SRCS+= x_info.c -SRCS+= x_long.c -SRCS+= x_name.c -SRCS+= x_pkey.c -SRCS+= x_pubkey.c -SRCS+= x_req.c -SRCS+= x_sig.c -SRCS+= x_spki.c -SRCS+= x_val.c -SRCS+= x_x509.c -SRCS+= x_x509a.c - -# bf/ -SRCS+= blowfish.c - -# bio/ -SRCS+= b_dump.c -SRCS+= b_posix.c -SRCS+= b_print.c -SRCS+= b_sock.c -SRCS+= bf_buff.c -SRCS+= bf_nbio.c -SRCS+= bf_null.c -SRCS+= bio_cb.c -SRCS+= bio_err.c -SRCS+= bio_lib.c -SRCS+= bio_meth.c -SRCS+= bss_acpt.c -SRCS+= bss_bio.c -SRCS+= bss_conn.c -SRCS+= bss_dgram.c -SRCS+= bss_fd.c -SRCS+= bss_file.c -SRCS+= bss_log.c -SRCS+= bss_mem.c -SRCS+= bss_null.c -SRCS+= bss_sock.c - -# bn/ -SRCS+= bn_add.c -SRCS+= bn_bpsw.c -SRCS+= bn_const.c -SRCS+= bn_convert.c -SRCS+= bn_ctx.c -SRCS+= bn_div.c -SRCS+= bn_err.c -SRCS+= bn_exp.c -SRCS+= bn_gcd.c -SRCS+= bn_isqrt.c -SRCS+= bn_kron.c -SRCS+= bn_lib.c -SRCS+= bn_mod.c -SRCS+= bn_mod_sqrt.c -SRCS+= bn_mont.c -SRCS+= bn_mul.c -SRCS+= bn_prime.c -SRCS+= bn_primitives.c -SRCS+= bn_print.c -SRCS+= bn_rand.c -SRCS+= bn_recp.c -SRCS+= bn_shift.c -SRCS+= bn_small_primes.c -SRCS+= bn_sqr.c -SRCS+= bn_word.c - -# buffer/ -SRCS+= buf_err.c -SRCS+= buffer.c - -# bytestring/ -SRCS+= bs_ber.c -SRCS+= bs_cbb.c -SRCS+= bs_cbs.c - -# camellia/ -SRCS+= camellia.c - -# cast/ -SRCS+= cast.c - -# chacha/ -SRCS+= chacha.c - -# cmac/ -SRCS+= cm_ameth.c -SRCS+= cm_pmeth.c -SRCS+= cmac.c - -# cms/ -SRCS+= cms_asn1.c -SRCS+= cms_att.c -SRCS+= cms_dd.c -SRCS+= cms_enc.c -SRCS+= cms_env.c -SRCS+= cms_err.c -SRCS+= cms_ess.c -SRCS+= cms_io.c -SRCS+= cms_kari.c -SRCS+= cms_lib.c -SRCS+= cms_pwri.c -SRCS+= cms_sd.c -SRCS+= cms_smime.c - -# conf/ -SRCS+= conf_api.c -SRCS+= conf_def.c -SRCS+= conf_err.c -SRCS+= conf_lib.c -SRCS+= conf_mod.c -SRCS+= conf_sap.c - -# ct/ -SRCS+= ct_b64.c -SRCS+= ct_err.c -SRCS+= ct_log.c -SRCS+= ct_oct.c -SRCS+= ct_policy.c -SRCS+= ct_prn.c -SRCS+= ct_sct.c -SRCS+= ct_sct_ctx.c -SRCS+= ct_vfy.c -SRCS+= ct_x509v3.c - -# curve25519/ -SRCS+= curve25519-generic.c -SRCS+= curve25519.c - -# des/ -SRCS+= des.c -SRCS+= des_cksum.c -SRCS+= des_enc.c -SRCS+= des_fcrypt.c -SRCS+= des_key.c - -# dh/ -SRCS+= dh_ameth.c -SRCS+= dh_asn1.c -SRCS+= dh_check.c -SRCS+= dh_err.c -SRCS+= dh_gen.c -SRCS+= dh_key.c -SRCS+= dh_lib.c -SRCS+= dh_pmeth.c - -# dsa/ -SRCS+= dsa_ameth.c -SRCS+= dsa_asn1.c -SRCS+= dsa_err.c -SRCS+= dsa_gen.c -SRCS+= dsa_key.c -SRCS+= dsa_lib.c -SRCS+= dsa_meth.c -SRCS+= dsa_ossl.c -SRCS+= dsa_pmeth.c -SRCS+= dsa_prn.c - -# ec/ -SRCS+= ec_ameth.c -SRCS+= ec_asn1.c -SRCS+= ec_convert.c -SRCS+= ec_curve.c -SRCS+= ec_err.c -SRCS+= ec_key.c -SRCS+= ec_lib.c -SRCS+= ec_mult.c -SRCS+= ec_pmeth.c -SRCS+= eck_prn.c -SRCS+= ecp_methods.c -SRCS+= ecx_methods.c - -# ecdh/ -SRCS+= ecdh.c - -# ecdsa/ -SRCS+= ecdsa.c - -# engine/ -SRCS+= engine_stubs.c - -# err/ -SRCS+= err.c -SRCS+= err_all.c -SRCS+= err_prn.c - -# evp/ -SRCS+= bio_b64.c -SRCS+= bio_enc.c -SRCS+= bio_md.c -SRCS+= e_aes.c -SRCS+= e_bf.c -SRCS+= e_camellia.c -SRCS+= e_cast.c -SRCS+= e_chacha.c -SRCS+= e_chacha20poly1305.c -SRCS+= e_des.c -SRCS+= e_des3.c -SRCS+= e_idea.c -SRCS+= e_null.c -SRCS+= e_rc2.c -SRCS+= e_rc4.c -SRCS+= e_sm4.c -SRCS+= e_xcbc_d.c -SRCS+= evp_aead.c -SRCS+= evp_cipher.c -SRCS+= evp_digest.c -SRCS+= evp_encode.c -SRCS+= evp_err.c -SRCS+= evp_key.c -SRCS+= evp_names.c -SRCS+= evp_pbe.c -SRCS+= evp_pkey.c -SRCS+= m_md4.c -SRCS+= m_md5.c -SRCS+= m_md5_sha1.c -SRCS+= m_null.c -SRCS+= m_ripemd.c -SRCS+= m_sha1.c -SRCS+= m_sha3.c -SRCS+= m_sigver.c -SRCS+= m_sm3.c -SRCS+= p_legacy.c -SRCS+= p_lib.c -SRCS+= p_sign.c -SRCS+= p_verify.c -SRCS+= pmeth_fn.c -SRCS+= pmeth_gn.c -SRCS+= pmeth_lib.c - -# hkdf/ -SRCS+= hkdf.c - -# hmac/ -SRCS+= hm_ameth.c -SRCS+= hm_pmeth.c -SRCS+= hmac.c - -# idea/ -SRCS+= idea.c - -# kdf/ -SRCS+= hkdf_evp.c -SRCS+= kdf_err.c -SRCS+= tls1_prf.c - -# lhash/ -SRCS+= lhash.c - -# md4/ -SRCS+= md4.c - -# md5/ -SRCS+= md5.c - -# mlkem/ -SRCS+= mlkem768.c -SRCS+= mlkem1024.c - -# modes/ -SRCS+= cbc128.c -SRCS+= ccm128.c -SRCS+= cfb128.c -SRCS+= ctr128.c -SRCS+= gcm128.c -SRCS+= ofb128.c -SRCS+= xts128.c - -# objects/ -SRCS+= obj_dat.c -SRCS+= obj_err.c -SRCS+= obj_lib.c -SRCS+= obj_xref.c - -# ocsp/ -SRCS+= ocsp_asn.c -SRCS+= ocsp_cl.c -SRCS+= ocsp_err.c -SRCS+= ocsp_ext.c -SRCS+= ocsp_ht.c -SRCS+= ocsp_lib.c -SRCS+= ocsp_prn.c -SRCS+= ocsp_srv.c -SRCS+= ocsp_vfy.c - -# pem/ -SRCS+= pem_all.c -SRCS+= pem_err.c -SRCS+= pem_info.c -SRCS+= pem_lib.c -SRCS+= pem_oth.c -SRCS+= pem_pk8.c -SRCS+= pem_pkey.c -SRCS+= pem_sign.c -SRCS+= pem_x509.c -SRCS+= pem_xaux.c -SRCS+= pvkfmt.c - -# pkcs12/ -SRCS+= p12_add.c -SRCS+= p12_asn.c -SRCS+= p12_attr.c -SRCS+= p12_crt.c -SRCS+= p12_decr.c -SRCS+= p12_init.c -SRCS+= p12_key.c -SRCS+= p12_kiss.c -SRCS+= p12_mutl.c -SRCS+= p12_npas.c -SRCS+= p12_p8d.c -SRCS+= p12_p8e.c -SRCS+= p12_sbag.c -SRCS+= p12_utl.c -SRCS+= pk12err.c - -# pkcs7/ -SRCS+= pk7_asn1.c -SRCS+= pk7_attr.c -SRCS+= pk7_doit.c -SRCS+= pk7_lib.c -SRCS+= pk7_mime.c -SRCS+= pk7_smime.c -SRCS+= pkcs7err.c - -# poly1305/ -SRCS+= poly1305.c - -# rand/ -SRCS+= rand_err.c -SRCS+= rand_lib.c -SRCS+= randfile.c - -# rc2/ -SRCS+= rc2_cbc.c -SRCS+= rc2_ecb.c -SRCS+= rc2_skey.c -SRCS+= rc2cfb64.c -SRCS+= rc2ofb64.c - -# rc4/ -SRCS+= rc4.c - -# ripemd/ -SRCS+= ripemd.c - -# rsa/ -SRCS+= rsa_ameth.c -SRCS+= rsa_asn1.c -SRCS+= rsa_blinding.c -SRCS+= rsa_chk.c -SRCS+= rsa_eay.c -SRCS+= rsa_err.c -SRCS+= rsa_gen.c -SRCS+= rsa_lib.c -SRCS+= rsa_meth.c -SRCS+= rsa_none.c -SRCS+= rsa_oaep.c -SRCS+= rsa_pk1.c -SRCS+= rsa_pmeth.c -SRCS+= rsa_prn.c -SRCS+= rsa_pss.c -SRCS+= rsa_saos.c -SRCS+= rsa_sign.c -SRCS+= rsa_x931.c - -# sha/ -SRCS+= sha1.c -SRCS+= sha256.c -SRCS+= sha3.c -SRCS+= sha512.c - -# sm3/ -SRCS+= sm3.c - -# sm4/ -SRCS+= sm4.c - -# stack/ -SRCS+= stack.c - -# ts/ -SRCS+= ts_asn1.c -SRCS+= ts_conf.c -SRCS+= ts_err.c -SRCS+= ts_lib.c -SRCS+= ts_req_print.c -SRCS+= ts_req_utils.c -SRCS+= ts_rsp_print.c -SRCS+= ts_rsp_sign.c -SRCS+= ts_rsp_utils.c -SRCS+= ts_rsp_verify.c -SRCS+= ts_verify_ctx.c - -# txt_db/ -SRCS+=txt_db.c - -# ui/ -SRCS+= ui_err.c -SRCS+= ui_lib.c -SRCS+= ui_null.c -SRCS+= ui_openssl.c - -# x509/ -SRCS+= by_dir.c -SRCS+= by_file.c -SRCS+= by_mem.c -SRCS+= x509_addr.c -SRCS+= x509_akey.c -SRCS+= x509_akeya.c -SRCS+= x509_alt.c -SRCS+= x509_asid.c -SRCS+= x509_att.c -SRCS+= x509_bcons.c -SRCS+= x509_bitst.c -SRCS+= x509_cmp.c -SRCS+= x509_conf.c -SRCS+= x509_constraints.c -SRCS+= x509_cpols.c -SRCS+= x509_crld.c -SRCS+= x509_d2.c -SRCS+= x509_def.c -SRCS+= x509_err.c -SRCS+= x509_ext.c -SRCS+= x509_extku.c -SRCS+= x509_genn.c -SRCS+= x509_ia5.c -SRCS+= x509_info.c -SRCS+= x509_int.c -SRCS+= x509_issuer_cache.c -SRCS+= x509_lib.c -SRCS+= x509_lu.c -SRCS+= x509_ncons.c -SRCS+= x509_obj.c -SRCS+= x509_ocsp.c -SRCS+= x509_pcons.c -SRCS+= x509_pku.c -SRCS+= x509_pmaps.c -SRCS+= x509_policy.c -SRCS+= x509_prn.c -SRCS+= x509_purp.c -SRCS+= x509_r2x.c -SRCS+= x509_req.c -SRCS+= x509_set.c -SRCS+= x509_siginfo.c -SRCS+= x509_skey.c -SRCS+= x509_trs.c -SRCS+= x509_txt.c -SRCS+= x509_utl.c -SRCS+= x509_v3.c -SRCS+= x509_verify.c -SRCS+= x509_vfy.c -SRCS+= x509_vpm.c -SRCS+= x509cset.c -SRCS+= x509name.c -SRCS+= x509rset.c -SRCS+= x509spki.c -SRCS+= x509type.c -SRCS+= x_all.c - -.PATH: ${LCRYPTO_SRC}/arch/${MACHINE_CPU} \ - ${LCRYPTO_SRC} \ - ${LCRYPTO_SRC}/aes \ - ${LCRYPTO_SRC}/asn1 \ - ${LCRYPTO_SRC}/bf \ - ${LCRYPTO_SRC}/bio \ - ${LCRYPTO_SRC}/bn \ - ${LCRYPTO_SRC}/bn/arch/${MACHINE_CPU} \ - ${LCRYPTO_SRC}/bn/asm \ - ${LCRYPTO_SRC}/buffer \ - ${LCRYPTO_SRC}/bytestring \ - ${LCRYPTO_SRC}/camellia \ - ${LCRYPTO_SRC}/cast \ - ${LCRYPTO_SRC}/chacha \ - ${LCRYPTO_SRC}/cmac \ - ${LCRYPTO_SRC}/cms \ - ${LCRYPTO_SRC}/comp \ - ${LCRYPTO_SRC}/conf \ - ${LCRYPTO_SRC}/ct \ - ${LCRYPTO_SRC}/curve25519 \ - ${LCRYPTO_SRC}/des \ - ${LCRYPTO_SRC}/dh \ - ${LCRYPTO_SRC}/dsa \ - ${LCRYPTO_SRC}/ec \ - ${LCRYPTO_SRC}/ecdh \ - ${LCRYPTO_SRC}/ecdsa \ - ${LCRYPTO_SRC}/engine \ - ${LCRYPTO_SRC}/err \ - ${LCRYPTO_SRC}/evp \ - ${LCRYPTO_SRC}/hkdf \ - ${LCRYPTO_SRC}/hmac \ - ${LCRYPTO_SRC}/idea \ - ${LCRYPTO_SRC}/kdf \ - ${LCRYPTO_SRC}/lhash \ - ${LCRYPTO_SRC}/md4 \ - ${LCRYPTO_SRC}/md5 \ - ${LCRYPTO_SRC}/mlkem \ - ${LCRYPTO_SRC}/modes \ - ${LCRYPTO_SRC}/objects \ - ${LCRYPTO_SRC}/ocsp \ - ${LCRYPTO_SRC}/pem \ - ${LCRYPTO_SRC}/perlasm \ - ${LCRYPTO_SRC}/pkcs12 \ - ${LCRYPTO_SRC}/pkcs7 \ - ${LCRYPTO_SRC}/poly1305 \ - ${LCRYPTO_SRC}/rand \ - ${LCRYPTO_SRC}/rc2 \ - ${LCRYPTO_SRC}/rc4 \ - ${LCRYPTO_SRC}/ripemd \ - ${LCRYPTO_SRC}/rsa \ - ${LCRYPTO_SRC}/sha \ - ${LCRYPTO_SRC}/sm3 \ - ${LCRYPTO_SRC}/sm4 \ - ${LCRYPTO_SRC}/stack \ - ${LCRYPTO_SRC}/threads \ - ${LCRYPTO_SRC}/ts \ - ${LCRYPTO_SRC}/txt_db \ - ${LCRYPTO_SRC}/ui \ - ${LCRYPTO_SRC}/x509 - -HDRS=\ - ${LCRYPTO_SRC}/aes/aes.h \ - ${LCRYPTO_SRC}/asn1/asn1.h \ - ${LCRYPTO_SRC}/asn1/asn1t.h \ - ${LCRYPTO_SRC}/asn1/posix_time.h \ - ${LCRYPTO_SRC}/bf/blowfish.h \ - ${LCRYPTO_SRC}/bio/bio.h \ - ${LCRYPTO_SRC}/bn/bn.h \ - ${LCRYPTO_SRC}/buffer/buffer.h \ - ${LCRYPTO_SRC}/camellia/camellia.h \ - ${LCRYPTO_SRC}/cast/cast.h \ - ${LCRYPTO_SRC}/chacha/chacha.h \ - ${LCRYPTO_SRC}/cmac/cmac.h \ - ${LCRYPTO_SRC}/cms/cms.h \ - ${LCRYPTO_SRC}/comp/comp.h \ - ${LCRYPTO_SRC}/conf/conf.h \ - ${LCRYPTO_SRC}/crypto.h \ - ${LCRYPTO_SRC}/ct/ct.h \ - ${LCRYPTO_SRC}/curve25519/curve25519.h \ - ${LCRYPTO_SRC}/des/des.h \ - ${LCRYPTO_SRC}/dh/dh.h \ - ${LCRYPTO_SRC}/dsa/dsa.h \ - ${LCRYPTO_SRC}/ec/ec.h \ - ${LCRYPTO_SRC}/ecdh/ecdh.h \ - ${LCRYPTO_SRC}/ecdsa/ecdsa.h \ - ${LCRYPTO_SRC}/engine/engine.h \ - ${LCRYPTO_SRC}/err/err.h \ - ${LCRYPTO_SRC}/evp/evp.h \ - ${LCRYPTO_SRC}/hkdf/hkdf.h \ - ${LCRYPTO_SRC}/hmac/hmac.h \ - ${LCRYPTO_SRC}/idea/idea.h \ - ${LCRYPTO_SRC}/kdf/kdf.h \ - ${LCRYPTO_SRC}/lhash/lhash.h \ - ${LCRYPTO_SRC}/md4/md4.h \ - ${LCRYPTO_SRC}/md5/md5.h \ - ${LCRYPTO_SRC}/modes/modes.h \ - ${LCRYPTO_SRC}/objects/objects.h \ - ${LCRYPTO_SRC}/ocsp/ocsp.h \ - ${LCRYPTO_SRC}/opensslfeatures.h \ - ${LCRYPTO_SRC}/opensslv.h \ - ${LCRYPTO_SRC}/ossl_typ.h \ - ${LCRYPTO_SRC}/pem/pem.h \ - ${LCRYPTO_SRC}/pkcs12/pkcs12.h \ - ${LCRYPTO_SRC}/pkcs7/pkcs7.h \ - ${LCRYPTO_SRC}/poly1305/poly1305.h \ - ${LCRYPTO_SRC}/rand/rand.h \ - ${LCRYPTO_SRC}/rc2/rc2.h \ - ${LCRYPTO_SRC}/rc4/rc4.h \ - ${LCRYPTO_SRC}/ripemd/ripemd.h \ - ${LCRYPTO_SRC}/rsa/rsa.h \ - ${LCRYPTO_SRC}/sha/sha.h \ - ${LCRYPTO_SRC}/sm3/sm3.h \ - ${LCRYPTO_SRC}/sm4/sm4.h \ - ${LCRYPTO_SRC}/stack/safestack.h \ - ${LCRYPTO_SRC}/stack/stack.h \ - ${LCRYPTO_SRC}/ts/ts.h \ - ${LCRYPTO_SRC}/txt_db/txt_db.h \ - ${LCRYPTO_SRC}/ui/ui.h \ - ${LCRYPTO_SRC}/x509/x509.h \ - ${LCRYPTO_SRC}/x509/x509_vfy.h \ - ${LCRYPTO_SRC}/x509/x509v3.h - -HDRS_GEN=\ - ${.CURDIR}/arch/${MACHINE_CPU}/opensslconf.h \ - ${.OBJDIR}/obj_mac.h - -prereq: obj_mac.h - -includes: prereq - @test -d ${DESTDIR}/usr/include/openssl || \ - mkdir ${DESTDIR}/usr/include/openssl - @for i in $(HDRS) $(HDRS_GEN); do \ - j="cmp -s $$i ${DESTDIR}/usr/include/openssl/`basename $$i` || \ - ${INSTALL} ${INSTALL_COPY} -o ${BINOWN} -g ${BINGRP} -m 444 $$i\ - ${DESTDIR}/usr/include/openssl"; \ - echo $$j; \ - eval "$$j"; \ - done; -${VERSION_SCRIPT}: ${SYMBOL_LIST} - { printf '{\n\tglobal:\n'; \ - sed '/^[._a-zA-Z]/s/$$/;/; s/^/ _libre_/' ${SYMBOL_LIST}; \ - sed '/^[._a-zA-Z]/s/$$/;/; s/^/ /' ${SYMBOL_LIST}; \ - printf '\n\tlocal:\n\t\t*;\n};\n'; } >$@.tmp && mv $@.tmp $@ - -# generated -CFLAGS+= -I${.OBJDIR} - -GENERATED=obj_mac.h obj_dat.h -CLEANFILES+=${GENERATED} obj_mac.num.tmp -SSL_OBJECTS=${LCRYPTO_SRC}/objects - -obj_mac.h: ${SSL_OBJECTS}/objects.h ${SSL_OBJECTS}/obj_mac.num ${SSL_OBJECTS}/objects.txt ${SSL_OBJECTS}/objects.pl - cat ${SSL_OBJECTS}/obj_mac.num > obj_mac.num.tmp - /usr/bin/perl ${SSL_OBJECTS}/objects.pl ${SSL_OBJECTS}/objects.txt obj_mac.num.tmp obj_mac.h - -obj_dat.h: obj_mac.h ${SSL_OBJECTS}/obj_dat.pl - /usr/bin/perl ${SSL_OBJECTS}/obj_dat.pl obj_mac.h obj_dat.h - -.if exists (${.CURDIR}/arch/${MACHINE_CPU}/Makefile.inc) -.include "${.CURDIR}/arch/${MACHINE_CPU}/Makefile.inc" -.else -CFLAGS+=-DOPENSSL_NO_ASM -.endif - -BUILDFIRST = ${GENERATED} - -.include - - -distribution: - ${INSTALL} ${INSTALL_COPY} -o ${BINOWN} -g ${BINGRP} -m 444 \ - ${.CURDIR}/openssl.cnf ${DESTDIR}/etc/ssl/openssl.cnf && \ - ${INSTALL} ${INSTALL_COPY} -o ${BINOWN} -g ${BINGRP} -m 444 \ - ${.CURDIR}/cert.pem ${DESTDIR}/etc/ssl/cert.pem && \ - ${INSTALL} ${INSTALL_COPY} -o ${BINOWN} -g ${BINGRP} -m 444 \ - ${.CURDIR}/x509v3.cnf ${DESTDIR}/etc/ssl/x509v3.cnf - -all: ${PC_FILES} -${PC_FILES}: opensslv.h - /bin/sh ${.CURDIR}/generate_pkgconfig.sh -c ${.CURDIR} -o ${.OBJDIR} - -beforeinstall: - ${INSTALL} ${INSTALL_COPY} -o root -g ${SHAREGRP} \ - -m ${SHAREMODE} ${.OBJDIR}/${PC_FILES} ${DESTDIR}/usr/lib/pkgconfig/ - -.include diff --git a/src/lib/libcrypto/Symbols.list b/src/lib/libcrypto/Symbols.list deleted file mode 100644 index e259430bbf..0000000000 --- a/src/lib/libcrypto/Symbols.list +++ /dev/null @@ -1,3247 +0,0 @@ -ACCESS_DESCRIPTION_free -ACCESS_DESCRIPTION_it -ACCESS_DESCRIPTION_new -AES_cbc_encrypt -AES_cfb128_encrypt -AES_cfb1_encrypt -AES_cfb8_encrypt -AES_ctr128_encrypt -AES_decrypt -AES_ecb_encrypt -AES_encrypt -AES_ige_encrypt -AES_ofb128_encrypt -AES_set_decrypt_key -AES_set_encrypt_key -AES_unwrap_key -AES_wrap_key -ASIdOrRange_free -ASIdOrRange_it -ASIdOrRange_new -ASIdentifierChoice_free -ASIdentifierChoice_it -ASIdentifierChoice_new -ASIdentifiers_free -ASIdentifiers_it -ASIdentifiers_new -ASN1_ANY_it -ASN1_BIT_STRING_free -ASN1_BIT_STRING_get_bit -ASN1_BIT_STRING_it -ASN1_BIT_STRING_new -ASN1_BIT_STRING_set -ASN1_BIT_STRING_set_bit -ASN1_BMPSTRING_free -ASN1_BMPSTRING_it -ASN1_BMPSTRING_new -ASN1_ENUMERATED_free -ASN1_ENUMERATED_get -ASN1_ENUMERATED_get_int64 -ASN1_ENUMERATED_it -ASN1_ENUMERATED_new -ASN1_ENUMERATED_set -ASN1_ENUMERATED_set_int64 -ASN1_ENUMERATED_to_BN -ASN1_GENERALIZEDTIME_adj -ASN1_GENERALIZEDTIME_check -ASN1_GENERALIZEDTIME_free -ASN1_GENERALIZEDTIME_it -ASN1_GENERALIZEDTIME_new -ASN1_GENERALIZEDTIME_print -ASN1_GENERALIZEDTIME_set -ASN1_GENERALIZEDTIME_set_string -ASN1_GENERALSTRING_free -ASN1_GENERALSTRING_it -ASN1_GENERALSTRING_new -ASN1_IA5STRING_free -ASN1_IA5STRING_it -ASN1_IA5STRING_new -ASN1_INTEGER_cmp -ASN1_INTEGER_dup -ASN1_INTEGER_free -ASN1_INTEGER_get -ASN1_INTEGER_get_int64 -ASN1_INTEGER_get_uint64 -ASN1_INTEGER_it -ASN1_INTEGER_new -ASN1_INTEGER_set -ASN1_INTEGER_set_int64 -ASN1_INTEGER_set_uint64 -ASN1_INTEGER_to_BN -ASN1_NULL_free -ASN1_NULL_it -ASN1_NULL_new -ASN1_OBJECT_create -ASN1_OBJECT_free -ASN1_OBJECT_it -ASN1_OBJECT_new -ASN1_OCTET_STRING_cmp -ASN1_OCTET_STRING_dup -ASN1_OCTET_STRING_free -ASN1_OCTET_STRING_it -ASN1_OCTET_STRING_new -ASN1_OCTET_STRING_set -ASN1_PRINTABLESTRING_free -ASN1_PRINTABLESTRING_it -ASN1_PRINTABLESTRING_new -ASN1_PRINTABLE_free -ASN1_PRINTABLE_it -ASN1_PRINTABLE_new -ASN1_PRINTABLE_type -ASN1_SEQUENCE_ANY_it -ASN1_SEQUENCE_it -ASN1_SET_ANY_it -ASN1_STRING_TABLE_get -ASN1_STRING_cmp -ASN1_STRING_copy -ASN1_STRING_data -ASN1_STRING_dup -ASN1_STRING_free -ASN1_STRING_get0_data -ASN1_STRING_get_default_mask -ASN1_STRING_length -ASN1_STRING_length_set -ASN1_STRING_new -ASN1_STRING_print -ASN1_STRING_print_ex -ASN1_STRING_print_ex_fp -ASN1_STRING_set -ASN1_STRING_set0 -ASN1_STRING_set_by_NID -ASN1_STRING_set_default_mask -ASN1_STRING_set_default_mask_asc -ASN1_STRING_to_UTF8 -ASN1_STRING_type -ASN1_STRING_type_new -ASN1_T61STRING_free -ASN1_T61STRING_it -ASN1_T61STRING_new -ASN1_TIME_adj -ASN1_TIME_check -ASN1_TIME_cmp_time_t -ASN1_TIME_compare -ASN1_TIME_diff -ASN1_TIME_free -ASN1_TIME_it -ASN1_TIME_new -ASN1_TIME_normalize -ASN1_TIME_print -ASN1_TIME_set -ASN1_TIME_set_string -ASN1_TIME_set_string_X509 -ASN1_TIME_to_generalizedtime -ASN1_TIME_to_tm -ASN1_TYPE_cmp -ASN1_TYPE_free -ASN1_TYPE_get -ASN1_TYPE_get_int_octetstring -ASN1_TYPE_get_octetstring -ASN1_TYPE_new -ASN1_TYPE_set -ASN1_TYPE_set1 -ASN1_TYPE_set_int_octetstring -ASN1_TYPE_set_octetstring -ASN1_UNIVERSALSTRING_free -ASN1_UNIVERSALSTRING_it -ASN1_UNIVERSALSTRING_new -ASN1_UNIVERSALSTRING_to_string -ASN1_UTCTIME_adj -ASN1_UTCTIME_check -ASN1_UTCTIME_cmp_time_t -ASN1_UTCTIME_free -ASN1_UTCTIME_it -ASN1_UTCTIME_new -ASN1_UTCTIME_print -ASN1_UTCTIME_set -ASN1_UTCTIME_set_string -ASN1_UTF8STRING_free -ASN1_UTF8STRING_it -ASN1_UTF8STRING_new -ASN1_VISIBLESTRING_free -ASN1_VISIBLESTRING_it -ASN1_VISIBLESTRING_new -ASN1_d2i_bio -ASN1_d2i_fp -ASN1_dup -ASN1_generate_nconf -ASN1_generate_v3 -ASN1_get_object -ASN1_i2d_bio -ASN1_i2d_fp -ASN1_item_d2i -ASN1_item_d2i_bio -ASN1_item_d2i_fp -ASN1_item_digest -ASN1_item_dup -ASN1_item_ex_d2i -ASN1_item_ex_free -ASN1_item_ex_i2d -ASN1_item_ex_new -ASN1_item_free -ASN1_item_i2d -ASN1_item_i2d_bio -ASN1_item_i2d_fp -ASN1_item_new -ASN1_item_pack -ASN1_item_print -ASN1_item_sign -ASN1_item_sign_ctx -ASN1_item_unpack -ASN1_item_verify -ASN1_mbstring_copy -ASN1_mbstring_ncopy -ASN1_object_size -ASN1_parse -ASN1_parse_dump -ASN1_put_eoc -ASN1_put_object -ASN1_tag2bit -ASN1_tag2str -ASRange_free -ASRange_it -ASRange_new -AUTHORITY_INFO_ACCESS_free -AUTHORITY_INFO_ACCESS_it -AUTHORITY_INFO_ACCESS_new -AUTHORITY_KEYID_free -AUTHORITY_KEYID_it -AUTHORITY_KEYID_new -BASIC_CONSTRAINTS_free -BASIC_CONSTRAINTS_it -BASIC_CONSTRAINTS_new -BF_cbc_encrypt -BF_cfb64_encrypt -BF_decrypt -BF_ecb_encrypt -BF_encrypt -BF_ofb64_encrypt -BF_set_key -BIGNUM_it -BIO_accept -BIO_callback_ctrl -BIO_clear_flags -BIO_copy_next_retry -BIO_ctrl -BIO_ctrl_get_read_request -BIO_ctrl_get_write_guarantee -BIO_ctrl_pending -BIO_ctrl_reset_read_request -BIO_ctrl_wpending -BIO_debug_callback -BIO_dgram_non_fatal_error -BIO_dump -BIO_dump_indent -BIO_dup_chain -BIO_f_base64 -BIO_f_buffer -BIO_f_cipher -BIO_f_md -BIO_f_nbio_test -BIO_f_null -BIO_fd_non_fatal_error -BIO_fd_should_retry -BIO_find_type -BIO_free -BIO_free_all -BIO_get_accept_socket -BIO_get_callback -BIO_get_callback_arg -BIO_get_callback_ex -BIO_get_data -BIO_get_ex_data -BIO_get_ex_new_index -BIO_get_host_ip -BIO_get_init -BIO_get_new_index -BIO_get_port -BIO_get_retry_BIO -BIO_get_retry_reason -BIO_get_shutdown -BIO_gethostbyname -BIO_gets -BIO_indent -BIO_int_ctrl -BIO_meth_free -BIO_meth_get_callback_ctrl -BIO_meth_get_create -BIO_meth_get_ctrl -BIO_meth_get_destroy -BIO_meth_get_gets -BIO_meth_get_puts -BIO_meth_get_read -BIO_meth_get_write -BIO_meth_new -BIO_meth_set_callback_ctrl -BIO_meth_set_create -BIO_meth_set_ctrl -BIO_meth_set_destroy -BIO_meth_set_gets -BIO_meth_set_puts -BIO_meth_set_read -BIO_meth_set_write -BIO_method_name -BIO_method_type -BIO_new -BIO_new_CMS -BIO_new_PKCS7 -BIO_new_accept -BIO_new_bio_pair -BIO_new_connect -BIO_new_dgram -BIO_new_fd -BIO_new_file -BIO_new_fp -BIO_new_mem_buf -BIO_new_socket -BIO_next -BIO_number_read -BIO_number_written -BIO_pop -BIO_printf -BIO_ptr_ctrl -BIO_push -BIO_puts -BIO_read -BIO_s_accept -BIO_s_bio -BIO_s_connect -BIO_s_datagram -BIO_s_fd -BIO_s_file -BIO_s_log -BIO_s_mem -BIO_s_null -BIO_s_socket -BIO_set_callback -BIO_set_callback_arg -BIO_set_callback_ex -BIO_set_cipher -BIO_set_data -BIO_set_ex_data -BIO_set_flags -BIO_set_init -BIO_set_next -BIO_set_retry_reason -BIO_set_shutdown -BIO_set_tcp_ndelay -BIO_sock_cleanup -BIO_sock_error -BIO_sock_init -BIO_sock_non_fatal_error -BIO_sock_should_retry -BIO_socket_ioctl -BIO_socket_nbio -BIO_test_flags -BIO_up_ref -BIO_vfree -BIO_write -BN_CTX_end -BN_CTX_free -BN_CTX_get -BN_CTX_new -BN_CTX_start -BN_GENCB_call -BN_GENCB_free -BN_GENCB_get_arg -BN_GENCB_new -BN_GENCB_set -BN_GENCB_set_old -BN_MONT_CTX_copy -BN_MONT_CTX_free -BN_MONT_CTX_new -BN_MONT_CTX_set -BN_MONT_CTX_set_locked -BN_abs_is_word -BN_add -BN_add_word -BN_asc2bn -BN_bin2bn -BN_bn2bin -BN_bn2binpad -BN_bn2dec -BN_bn2hex -BN_bn2lebinpad -BN_bn2mpi -BN_clear -BN_clear_bit -BN_clear_free -BN_cmp -BN_consttime_swap -BN_copy -BN_dec2bn -BN_div -BN_div_word -BN_dup -BN_exp -BN_free -BN_from_montgomery -BN_gcd -BN_generate_prime_ex -BN_get_flags -BN_get_rfc2409_prime_1024 -BN_get_rfc2409_prime_768 -BN_get_rfc3526_prime_1536 -BN_get_rfc3526_prime_2048 -BN_get_rfc3526_prime_3072 -BN_get_rfc3526_prime_4096 -BN_get_rfc3526_prime_6144 -BN_get_rfc3526_prime_8192 -BN_get_word -BN_hex2bn -BN_is_bit_set -BN_is_negative -BN_is_odd -BN_is_one -BN_is_prime_ex -BN_is_prime_fasttest_ex -BN_is_word -BN_is_zero -BN_kronecker -BN_lebin2bn -BN_lshift -BN_lshift1 -BN_mask_bits -BN_mod_add -BN_mod_add_quick -BN_mod_exp -BN_mod_exp_mont -BN_mod_exp_mont_consttime -BN_mod_inverse -BN_mod_lshift -BN_mod_lshift1 -BN_mod_lshift1_quick -BN_mod_lshift_quick -BN_mod_mul -BN_mod_mul_montgomery -BN_mod_sqr -BN_mod_sqrt -BN_mod_sub -BN_mod_sub_quick -BN_mod_word -BN_mpi2bn -BN_mul -BN_mul_word -BN_new -BN_nnmod -BN_num_bits -BN_num_bits_word -BN_one -BN_print -BN_print_fp -BN_pseudo_rand -BN_pseudo_rand_range -BN_rand -BN_rand_range -BN_rshift -BN_rshift1 -BN_security_bits -BN_set_bit -BN_set_flags -BN_set_negative -BN_set_word -BN_sqr -BN_sub -BN_sub_word -BN_swap -BN_to_ASN1_ENUMERATED -BN_to_ASN1_INTEGER -BN_to_montgomery -BN_uadd -BN_ucmp -BN_usub -BN_value_one -BN_with_flags -BN_zero -BUF_MEM_free -BUF_MEM_grow -BUF_MEM_grow_clean -BUF_MEM_new -CAST_cbc_encrypt -CAST_cfb64_encrypt -CAST_decrypt -CAST_ecb_encrypt -CAST_encrypt -CAST_ofb64_encrypt -CAST_set_key -CBIGNUM_it -CERTIFICATEPOLICIES_free -CERTIFICATEPOLICIES_it -CERTIFICATEPOLICIES_new -CMAC_CTX_cleanup -CMAC_CTX_copy -CMAC_CTX_free -CMAC_CTX_get0_cipher_ctx -CMAC_CTX_new -CMAC_Final -CMAC_Init -CMAC_Update -CMS_ContentInfo_free -CMS_ContentInfo_it -CMS_ContentInfo_new -CMS_ContentInfo_print_ctx -CMS_EncryptedData_decrypt -CMS_EncryptedData_encrypt -CMS_EncryptedData_set1_key -CMS_EnvelopedData_create -CMS_ReceiptRequest_create0 -CMS_ReceiptRequest_free -CMS_ReceiptRequest_get0_values -CMS_ReceiptRequest_it -CMS_ReceiptRequest_new -CMS_RecipientEncryptedKey_cert_cmp -CMS_RecipientEncryptedKey_get0_id -CMS_RecipientInfo_decrypt -CMS_RecipientInfo_encrypt -CMS_RecipientInfo_get0_pkey_ctx -CMS_RecipientInfo_kari_decrypt -CMS_RecipientInfo_kari_get0_alg -CMS_RecipientInfo_kari_get0_ctx -CMS_RecipientInfo_kari_get0_orig_id -CMS_RecipientInfo_kari_get0_reks -CMS_RecipientInfo_kari_orig_id_cmp -CMS_RecipientInfo_kari_set0_pkey -CMS_RecipientInfo_kekri_get0_id -CMS_RecipientInfo_kekri_id_cmp -CMS_RecipientInfo_ktri_cert_cmp -CMS_RecipientInfo_ktri_get0_algs -CMS_RecipientInfo_ktri_get0_signer_id -CMS_RecipientInfo_set0_key -CMS_RecipientInfo_set0_password -CMS_RecipientInfo_set0_pkey -CMS_RecipientInfo_type -CMS_SharedInfo_encode -CMS_SignedData_init -CMS_SignerInfo_cert_cmp -CMS_SignerInfo_get0_algs -CMS_SignerInfo_get0_md_ctx -CMS_SignerInfo_get0_pkey_ctx -CMS_SignerInfo_get0_signature -CMS_SignerInfo_get0_signer_id -CMS_SignerInfo_get_version -CMS_SignerInfo_set1_signer_cert -CMS_SignerInfo_sign -CMS_SignerInfo_verify -CMS_SignerInfo_verify_content -CMS_add0_CertificateChoices -CMS_add0_RevocationInfoChoice -CMS_add0_cert -CMS_add0_crl -CMS_add0_recipient_key -CMS_add0_recipient_password -CMS_add1_ReceiptRequest -CMS_add1_cert -CMS_add1_crl -CMS_add1_recipient_cert -CMS_add1_signer -CMS_add_simple_smimecap -CMS_add_smimecap -CMS_add_standard_smimecap -CMS_compress -CMS_data -CMS_dataFinal -CMS_dataInit -CMS_data_create -CMS_decrypt -CMS_decrypt_set1_key -CMS_decrypt_set1_password -CMS_decrypt_set1_pkey -CMS_digest_create -CMS_digest_verify -CMS_encrypt -CMS_final -CMS_get0_RecipientInfos -CMS_get0_SignerInfos -CMS_get0_content -CMS_get0_eContentType -CMS_get0_signers -CMS_get0_type -CMS_get1_ReceiptRequest -CMS_get1_certs -CMS_get1_crls -CMS_get_version -CMS_is_detached -CMS_set1_eContentType -CMS_set1_signers_certs -CMS_set_detached -CMS_sign -CMS_sign_receipt -CMS_signed_add1_attr -CMS_signed_add1_attr_by_NID -CMS_signed_add1_attr_by_OBJ -CMS_signed_add1_attr_by_txt -CMS_signed_delete_attr -CMS_signed_get0_data_by_OBJ -CMS_signed_get_attr -CMS_signed_get_attr_by_NID -CMS_signed_get_attr_by_OBJ -CMS_signed_get_attr_count -CMS_stream -CMS_uncompress -CMS_unsigned_add1_attr -CMS_unsigned_add1_attr_by_NID -CMS_unsigned_add1_attr_by_OBJ -CMS_unsigned_add1_attr_by_txt -CMS_unsigned_delete_attr -CMS_unsigned_get0_data_by_OBJ -CMS_unsigned_get_attr -CMS_unsigned_get_attr_by_NID -CMS_unsigned_get_attr_by_OBJ -CMS_unsigned_get_attr_count -CMS_verify -CMS_verify_receipt -CONF_get1_default_config_file -CONF_modules_finish -CONF_modules_free -CONF_modules_load -CONF_modules_load_file -CONF_modules_unload -CRL_DIST_POINTS_free -CRL_DIST_POINTS_it -CRL_DIST_POINTS_new -CRYPTO_THREADID_get_callback -CRYPTO_THREADID_set_callback -CRYPTO_THREADID_set_numeric -CRYPTO_THREADID_set_pointer -CRYPTO_add_lock -CRYPTO_cbc128_decrypt -CRYPTO_cbc128_encrypt -CRYPTO_ccm128_aad -CRYPTO_ccm128_decrypt -CRYPTO_ccm128_decrypt_ccm64 -CRYPTO_ccm128_encrypt -CRYPTO_ccm128_encrypt_ccm64 -CRYPTO_ccm128_init -CRYPTO_ccm128_setiv -CRYPTO_ccm128_tag -CRYPTO_cfb128_1_encrypt -CRYPTO_cfb128_8_encrypt -CRYPTO_cfb128_encrypt -CRYPTO_chacha_20 -CRYPTO_cleanup_all_ex_data -CRYPTO_ctr128_encrypt -CRYPTO_ctr128_encrypt_ctr32 -CRYPTO_destroy_dynlockid -CRYPTO_dup_ex_data -CRYPTO_free -CRYPTO_free_ex_data -CRYPTO_gcm128_aad -CRYPTO_gcm128_decrypt -CRYPTO_gcm128_decrypt_ctr32 -CRYPTO_gcm128_encrypt -CRYPTO_gcm128_encrypt_ctr32 -CRYPTO_gcm128_finish -CRYPTO_gcm128_init -CRYPTO_gcm128_new -CRYPTO_gcm128_release -CRYPTO_gcm128_setiv -CRYPTO_gcm128_tag -CRYPTO_get_add_lock_callback -CRYPTO_get_dynlock_create_callback -CRYPTO_get_dynlock_destroy_callback -CRYPTO_get_dynlock_lock_callback -CRYPTO_get_dynlock_value -CRYPTO_get_ex_data -CRYPTO_get_ex_new_index -CRYPTO_get_id_callback -CRYPTO_get_lock_name -CRYPTO_get_locking_callback -CRYPTO_get_new_dynlockid -CRYPTO_get_new_lockid -CRYPTO_hchacha_20 -CRYPTO_lock -CRYPTO_malloc -CRYPTO_mem_ctrl -CRYPTO_memcmp -CRYPTO_new_ex_data -CRYPTO_num_locks -CRYPTO_ofb128_encrypt -CRYPTO_poly1305_finish -CRYPTO_poly1305_init -CRYPTO_poly1305_update -CRYPTO_set_add_lock_callback -CRYPTO_set_dynlock_create_callback -CRYPTO_set_dynlock_destroy_callback -CRYPTO_set_dynlock_lock_callback -CRYPTO_set_ex_data -CRYPTO_set_id_callback -CRYPTO_set_locking_callback -CRYPTO_set_mem_functions -CRYPTO_strdup -CRYPTO_thread_id -CRYPTO_xchacha_20 -CRYPTO_xts128_encrypt -CTLOG_STORE_free -CTLOG_STORE_get0_log_by_id -CTLOG_STORE_load_default_file -CTLOG_STORE_load_file -CTLOG_STORE_new -CTLOG_free -CTLOG_get0_log_id -CTLOG_get0_name -CTLOG_get0_public_key -CTLOG_new -CTLOG_new_from_base64 -CT_POLICY_EVAL_CTX_free -CT_POLICY_EVAL_CTX_get0_cert -CT_POLICY_EVAL_CTX_get0_issuer -CT_POLICY_EVAL_CTX_get0_log_store -CT_POLICY_EVAL_CTX_get_time -CT_POLICY_EVAL_CTX_new -CT_POLICY_EVAL_CTX_set1_cert -CT_POLICY_EVAL_CTX_set1_issuer -CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE -CT_POLICY_EVAL_CTX_set_time -Camellia_cbc_encrypt -Camellia_cfb128_encrypt -Camellia_cfb1_encrypt -Camellia_cfb8_encrypt -Camellia_ctr128_encrypt -Camellia_decrypt -Camellia_ecb_encrypt -Camellia_encrypt -Camellia_ofb128_encrypt -Camellia_set_key -ChaCha -ChaCha_set_iv -ChaCha_set_key -DES_cbc_cksum -DES_cbc_encrypt -DES_cfb64_encrypt -DES_cfb_encrypt -DES_check_key -DES_check_key_parity -DES_crypt -DES_decrypt3 -DES_ecb3_encrypt -DES_ecb_encrypt -DES_ede3_cbc_encrypt -DES_ede3_cbcm_encrypt -DES_ede3_cfb64_encrypt -DES_ede3_cfb_encrypt -DES_ede3_ofb64_encrypt -DES_encrypt1 -DES_encrypt2 -DES_encrypt3 -DES_fcrypt -DES_is_weak_key -DES_key_sched -DES_ncbc_encrypt -DES_ofb64_encrypt -DES_ofb_encrypt -DES_pcbc_encrypt -DES_quad_cksum -DES_random_key -DES_set_key -DES_set_key_checked -DES_set_key_unchecked -DES_set_odd_parity -DES_string_to_2keys -DES_string_to_key -DES_xcbc_encrypt -DH_OpenSSL -DH_bits -DH_check -DH_check_pub_key -DH_clear_flags -DH_compute_key -DH_free -DH_generate_key -DH_generate_parameters -DH_generate_parameters_ex -DH_get0_engine -DH_get0_g -DH_get0_key -DH_get0_p -DH_get0_pqg -DH_get0_priv_key -DH_get0_pub_key -DH_get0_q -DH_get_default_method -DH_get_ex_data -DH_get_ex_new_index -DH_get_length -DH_new -DH_new_method -DH_security_bits -DH_set0_key -DH_set0_pqg -DH_set_default_method -DH_set_ex_data -DH_set_flags -DH_set_length -DH_set_method -DH_size -DH_test_flags -DH_up_ref -DHparams_dup -DHparams_print -DHparams_print_fp -DIRECTORYSTRING_free -DIRECTORYSTRING_it -DIRECTORYSTRING_new -DISPLAYTEXT_free -DISPLAYTEXT_it -DISPLAYTEXT_new -DIST_POINT_NAME_free -DIST_POINT_NAME_it -DIST_POINT_NAME_new -DIST_POINT_free -DIST_POINT_it -DIST_POINT_new -DIST_POINT_set_dpname -DSAPrivateKey_it -DSAPublicKey_it -DSA_OpenSSL -DSA_SIG_free -DSA_SIG_get0 -DSA_SIG_new -DSA_SIG_set0 -DSA_bits -DSA_clear_flags -DSA_do_sign -DSA_do_verify -DSA_dup_DH -DSA_free -DSA_generate_key -DSA_generate_parameters_ex -DSA_get0_engine -DSA_get0_g -DSA_get0_key -DSA_get0_p -DSA_get0_pqg -DSA_get0_priv_key -DSA_get0_pub_key -DSA_get0_q -DSA_get_default_method -DSA_get_ex_data -DSA_get_ex_new_index -DSA_meth_dup -DSA_meth_free -DSA_meth_get0_name -DSA_meth_new -DSA_meth_set1_name -DSA_meth_set_finish -DSA_meth_set_sign -DSA_new -DSA_new_method -DSA_print -DSA_print_fp -DSA_security_bits -DSA_set0_key -DSA_set0_pqg -DSA_set_default_method -DSA_set_ex_data -DSA_set_flags -DSA_set_method -DSA_sign -DSA_sign_setup -DSA_size -DSA_test_flags -DSA_up_ref -DSA_verify -DSAparams_dup -DSAparams_it -DSAparams_print -DSAparams_print_fp -ECDH_compute_key -ECDH_size -ECDSA_SIG_free -ECDSA_SIG_get0 -ECDSA_SIG_get0_r -ECDSA_SIG_get0_s -ECDSA_SIG_new -ECDSA_SIG_set0 -ECDSA_do_sign -ECDSA_do_verify -ECDSA_sign -ECDSA_size -ECDSA_verify -ECPKParameters_print -ECPKParameters_print_fp -ECParameters_dup -ECParameters_print -ECParameters_print_fp -EC_GROUP_check -EC_GROUP_check_discriminant -EC_GROUP_clear_free -EC_GROUP_cmp -EC_GROUP_dup -EC_GROUP_free -EC_GROUP_get0_generator -EC_GROUP_get0_seed -EC_GROUP_get_asn1_flag -EC_GROUP_get_basis_type -EC_GROUP_get_cofactor -EC_GROUP_get_curve -EC_GROUP_get_curve_GFp -EC_GROUP_get_curve_name -EC_GROUP_get_degree -EC_GROUP_get_order -EC_GROUP_get_point_conversion_form -EC_GROUP_get_seed_len -EC_GROUP_new_by_curve_name -EC_GROUP_new_curve_GFp -EC_GROUP_order_bits -EC_GROUP_set_asn1_flag -EC_GROUP_set_curve -EC_GROUP_set_curve_GFp -EC_GROUP_set_curve_name -EC_GROUP_set_generator -EC_GROUP_set_point_conversion_form -EC_GROUP_set_seed -EC_KEY_METHOD_free -EC_KEY_METHOD_get_compute_key -EC_KEY_METHOD_get_init -EC_KEY_METHOD_get_keygen -EC_KEY_METHOD_get_sign -EC_KEY_METHOD_get_verify -EC_KEY_METHOD_new -EC_KEY_METHOD_set_compute_key -EC_KEY_METHOD_set_init -EC_KEY_METHOD_set_keygen -EC_KEY_METHOD_set_sign -EC_KEY_METHOD_set_verify -EC_KEY_OpenSSL -EC_KEY_check_key -EC_KEY_clear_flags -EC_KEY_copy -EC_KEY_dup -EC_KEY_free -EC_KEY_generate_key -EC_KEY_get0_group -EC_KEY_get0_private_key -EC_KEY_get0_public_key -EC_KEY_get_conv_form -EC_KEY_get_default_method -EC_KEY_get_enc_flags -EC_KEY_get_ex_data -EC_KEY_get_flags -EC_KEY_get_method -EC_KEY_new -EC_KEY_new_by_curve_name -EC_KEY_new_method -EC_KEY_precompute_mult -EC_KEY_print -EC_KEY_print_fp -EC_KEY_set_asn1_flag -EC_KEY_set_conv_form -EC_KEY_set_default_method -EC_KEY_set_enc_flags -EC_KEY_set_ex_data -EC_KEY_set_flags -EC_KEY_set_group -EC_KEY_set_method -EC_KEY_set_private_key -EC_KEY_set_public_key -EC_KEY_set_public_key_affine_coordinates -EC_KEY_up_ref -EC_POINT_add -EC_POINT_bn2point -EC_POINT_clear_free -EC_POINT_cmp -EC_POINT_copy -EC_POINT_dbl -EC_POINT_dup -EC_POINT_free -EC_POINT_get_affine_coordinates -EC_POINT_get_affine_coordinates_GFp -EC_POINT_hex2point -EC_POINT_invert -EC_POINT_is_at_infinity -EC_POINT_is_on_curve -EC_POINT_make_affine -EC_POINT_mul -EC_POINT_new -EC_POINT_oct2point -EC_POINT_point2bn -EC_POINT_point2hex -EC_POINT_point2oct -EC_POINT_set_affine_coordinates -EC_POINT_set_affine_coordinates_GFp -EC_POINT_set_compressed_coordinates -EC_POINT_set_compressed_coordinates_GFp -EC_POINT_set_to_infinity -EC_curve_nid2nist -EC_curve_nist2nid -EC_get_builtin_curves -ED25519_keypair -ED25519_sign -ED25519_verify -EDIPARTYNAME_free -EDIPARTYNAME_it -EDIPARTYNAME_new -ENGINE_by_id -ENGINE_cleanup -ENGINE_ctrl_cmd -ENGINE_ctrl_cmd_string -ENGINE_finish -ENGINE_free -ENGINE_get_default_RSA -ENGINE_get_id -ENGINE_get_name -ENGINE_init -ENGINE_load_builtin_engines -ENGINE_load_dynamic -ENGINE_load_openssl -ENGINE_load_private_key -ENGINE_load_public_key -ENGINE_new -ENGINE_register_all_complete -ENGINE_set_default -ENGINE_set_default_RSA -ERR_asprintf_error_data -ERR_clear_error -ERR_error_string -ERR_error_string_n -ERR_free_strings -ERR_func_error_string -ERR_get_error -ERR_get_error_line -ERR_get_error_line_data -ERR_get_next_error_library -ERR_lib_error_string -ERR_load_ASN1_strings -ERR_load_BIO_strings -ERR_load_BN_strings -ERR_load_BUF_strings -ERR_load_CMS_strings -ERR_load_CONF_strings -ERR_load_CRYPTO_strings -ERR_load_DH_strings -ERR_load_DSA_strings -ERR_load_EC_strings -ERR_load_ERR_strings -ERR_load_EVP_strings -ERR_load_OBJ_strings -ERR_load_OCSP_strings -ERR_load_PEM_strings -ERR_load_PKCS12_strings -ERR_load_PKCS7_strings -ERR_load_RAND_strings -ERR_load_RSA_strings -ERR_load_TS_strings -ERR_load_UI_strings -ERR_load_X509V3_strings -ERR_load_X509_strings -ERR_load_crypto_strings -ERR_load_strings -ERR_peek_error -ERR_peek_error_line -ERR_peek_error_line_data -ERR_peek_last_error -ERR_peek_last_error_line -ERR_peek_last_error_line_data -ERR_pop_to_mark -ERR_print_errors -ERR_print_errors_cb -ERR_print_errors_fp -ERR_put_error -ERR_reason_error_string -ERR_remove_state -ERR_remove_thread_state -ERR_set_error_data -ERR_set_mark -ERR_unload_strings -ESS_CERT_ID_dup -ESS_CERT_ID_free -ESS_CERT_ID_new -ESS_ISSUER_SERIAL_dup -ESS_ISSUER_SERIAL_free -ESS_ISSUER_SERIAL_new -ESS_SIGNING_CERT_dup -ESS_SIGNING_CERT_free -ESS_SIGNING_CERT_new -EVP_AEAD_CTX_cleanup -EVP_AEAD_CTX_free -EVP_AEAD_CTX_init -EVP_AEAD_CTX_new -EVP_AEAD_CTX_open -EVP_AEAD_CTX_seal -EVP_AEAD_key_length -EVP_AEAD_max_overhead -EVP_AEAD_max_tag_len -EVP_AEAD_nonce_length -EVP_BytesToKey -EVP_CIPHER_CTX_block_size -EVP_CIPHER_CTX_buf_noconst -EVP_CIPHER_CTX_cipher -EVP_CIPHER_CTX_cleanup -EVP_CIPHER_CTX_clear_flags -EVP_CIPHER_CTX_copy -EVP_CIPHER_CTX_ctrl -EVP_CIPHER_CTX_encrypting -EVP_CIPHER_CTX_flags -EVP_CIPHER_CTX_free -EVP_CIPHER_CTX_get_app_data -EVP_CIPHER_CTX_get_cipher_data -EVP_CIPHER_CTX_get_iv -EVP_CIPHER_CTX_init -EVP_CIPHER_CTX_iv_length -EVP_CIPHER_CTX_key_length -EVP_CIPHER_CTX_new -EVP_CIPHER_CTX_nid -EVP_CIPHER_CTX_rand_key -EVP_CIPHER_CTX_reset -EVP_CIPHER_CTX_set_app_data -EVP_CIPHER_CTX_set_cipher_data -EVP_CIPHER_CTX_set_flags -EVP_CIPHER_CTX_set_iv -EVP_CIPHER_CTX_set_key_length -EVP_CIPHER_CTX_set_padding -EVP_CIPHER_CTX_test_flags -EVP_CIPHER_block_size -EVP_CIPHER_do_all -EVP_CIPHER_do_all_sorted -EVP_CIPHER_flags -EVP_CIPHER_iv_length -EVP_CIPHER_key_length -EVP_CIPHER_meth_dup -EVP_CIPHER_meth_free -EVP_CIPHER_meth_new -EVP_CIPHER_meth_set_cleanup -EVP_CIPHER_meth_set_ctrl -EVP_CIPHER_meth_set_do_cipher -EVP_CIPHER_meth_set_flags -EVP_CIPHER_meth_set_get_asn1_params -EVP_CIPHER_meth_set_impl_ctx_size -EVP_CIPHER_meth_set_init -EVP_CIPHER_meth_set_iv_length -EVP_CIPHER_meth_set_set_asn1_params -EVP_CIPHER_nid -EVP_CIPHER_type -EVP_Cipher -EVP_CipherFinal -EVP_CipherFinal_ex -EVP_CipherInit -EVP_CipherInit_ex -EVP_CipherUpdate -EVP_DecodeBlock -EVP_DecodeFinal -EVP_DecodeInit -EVP_DecodeUpdate -EVP_DecryptFinal -EVP_DecryptFinal_ex -EVP_DecryptInit -EVP_DecryptInit_ex -EVP_DecryptUpdate -EVP_Digest -EVP_DigestFinal -EVP_DigestFinal_ex -EVP_DigestInit -EVP_DigestInit_ex -EVP_DigestSign -EVP_DigestSignFinal -EVP_DigestSignInit -EVP_DigestUpdate -EVP_DigestVerify -EVP_DigestVerifyFinal -EVP_DigestVerifyInit -EVP_ENCODE_CTX_free -EVP_ENCODE_CTX_new -EVP_EncodeBlock -EVP_EncodeFinal -EVP_EncodeInit -EVP_EncodeUpdate -EVP_EncryptFinal -EVP_EncryptFinal_ex -EVP_EncryptInit -EVP_EncryptInit_ex -EVP_EncryptUpdate -EVP_MD_CTX_cleanup -EVP_MD_CTX_clear_flags -EVP_MD_CTX_copy -EVP_MD_CTX_copy_ex -EVP_MD_CTX_create -EVP_MD_CTX_ctrl -EVP_MD_CTX_destroy -EVP_MD_CTX_free -EVP_MD_CTX_init -EVP_MD_CTX_md -EVP_MD_CTX_md_data -EVP_MD_CTX_new -EVP_MD_CTX_pkey_ctx -EVP_MD_CTX_reset -EVP_MD_CTX_set_flags -EVP_MD_CTX_set_pkey_ctx -EVP_MD_CTX_test_flags -EVP_MD_block_size -EVP_MD_do_all -EVP_MD_do_all_sorted -EVP_MD_flags -EVP_MD_pkey_type -EVP_MD_size -EVP_MD_type -EVP_OpenFinal -EVP_OpenInit -EVP_PKCS82PKEY -EVP_PKEY2PKCS8 -EVP_PKEY_CTX_ctrl -EVP_PKEY_CTX_ctrl_str -EVP_PKEY_CTX_dup -EVP_PKEY_CTX_free -EVP_PKEY_CTX_get0_peerkey -EVP_PKEY_CTX_get0_pkey -EVP_PKEY_CTX_get_app_data -EVP_PKEY_CTX_get_cb -EVP_PKEY_CTX_get_data -EVP_PKEY_CTX_get_keygen_info -EVP_PKEY_CTX_get_operation -EVP_PKEY_CTX_new -EVP_PKEY_CTX_new_id -EVP_PKEY_CTX_set0_keygen_info -EVP_PKEY_CTX_set_app_data -EVP_PKEY_CTX_set_cb -EVP_PKEY_CTX_set_data -EVP_PKEY_asn1_find -EVP_PKEY_asn1_find_str -EVP_PKEY_asn1_get0 -EVP_PKEY_asn1_get0_info -EVP_PKEY_asn1_get_count -EVP_PKEY_assign -EVP_PKEY_base_id -EVP_PKEY_bits -EVP_PKEY_cmp -EVP_PKEY_cmp_parameters -EVP_PKEY_copy_parameters -EVP_PKEY_decrypt -EVP_PKEY_decrypt_init -EVP_PKEY_decrypt_old -EVP_PKEY_derive -EVP_PKEY_derive_init -EVP_PKEY_derive_set_peer -EVP_PKEY_encrypt -EVP_PKEY_encrypt_init -EVP_PKEY_encrypt_old -EVP_PKEY_free -EVP_PKEY_get0 -EVP_PKEY_get0_DH -EVP_PKEY_get0_DSA -EVP_PKEY_get0_EC_KEY -EVP_PKEY_get0_RSA -EVP_PKEY_get0_asn1 -EVP_PKEY_get0_hmac -EVP_PKEY_get1_DH -EVP_PKEY_get1_DSA -EVP_PKEY_get1_EC_KEY -EVP_PKEY_get1_RSA -EVP_PKEY_get_default_digest_nid -EVP_PKEY_get_raw_private_key -EVP_PKEY_get_raw_public_key -EVP_PKEY_id -EVP_PKEY_keygen -EVP_PKEY_keygen_init -EVP_PKEY_missing_parameters -EVP_PKEY_new -EVP_PKEY_new_CMAC_key -EVP_PKEY_new_mac_key -EVP_PKEY_new_raw_private_key -EVP_PKEY_new_raw_public_key -EVP_PKEY_paramgen -EVP_PKEY_paramgen_init -EVP_PKEY_print_params -EVP_PKEY_print_private -EVP_PKEY_print_public -EVP_PKEY_save_parameters -EVP_PKEY_security_bits -EVP_PKEY_set1_DH -EVP_PKEY_set1_DSA -EVP_PKEY_set1_EC_KEY -EVP_PKEY_set1_RSA -EVP_PKEY_set_type -EVP_PKEY_set_type_str -EVP_PKEY_sign -EVP_PKEY_sign_init -EVP_PKEY_size -EVP_PKEY_type -EVP_PKEY_up_ref -EVP_PKEY_verify -EVP_PKEY_verify_init -EVP_PKEY_verify_recover -EVP_PKEY_verify_recover_init -EVP_SealFinal -EVP_SealInit -EVP_SignFinal -EVP_VerifyFinal -EVP_aead_aes_128_gcm -EVP_aead_aes_256_gcm -EVP_aead_chacha20_poly1305 -EVP_aead_xchacha20_poly1305 -EVP_aes_128_cbc -EVP_aes_128_ccm -EVP_aes_128_cfb1 -EVP_aes_128_cfb128 -EVP_aes_128_cfb8 -EVP_aes_128_ctr -EVP_aes_128_ecb -EVP_aes_128_gcm -EVP_aes_128_ofb -EVP_aes_128_wrap -EVP_aes_128_xts -EVP_aes_192_cbc -EVP_aes_192_ccm -EVP_aes_192_cfb1 -EVP_aes_192_cfb128 -EVP_aes_192_cfb8 -EVP_aes_192_ctr -EVP_aes_192_ecb -EVP_aes_192_gcm -EVP_aes_192_ofb -EVP_aes_192_wrap -EVP_aes_256_cbc -EVP_aes_256_ccm -EVP_aes_256_cfb1 -EVP_aes_256_cfb128 -EVP_aes_256_cfb8 -EVP_aes_256_ctr -EVP_aes_256_ecb -EVP_aes_256_gcm -EVP_aes_256_ofb -EVP_aes_256_wrap -EVP_aes_256_xts -EVP_bf_cbc -EVP_bf_cfb64 -EVP_bf_ecb -EVP_bf_ofb -EVP_camellia_128_cbc -EVP_camellia_128_cfb1 -EVP_camellia_128_cfb128 -EVP_camellia_128_cfb8 -EVP_camellia_128_ecb -EVP_camellia_128_ofb -EVP_camellia_192_cbc -EVP_camellia_192_cfb1 -EVP_camellia_192_cfb128 -EVP_camellia_192_cfb8 -EVP_camellia_192_ecb -EVP_camellia_192_ofb -EVP_camellia_256_cbc -EVP_camellia_256_cfb1 -EVP_camellia_256_cfb128 -EVP_camellia_256_cfb8 -EVP_camellia_256_ecb -EVP_camellia_256_ofb -EVP_cast5_cbc -EVP_cast5_cfb64 -EVP_cast5_ecb -EVP_cast5_ofb -EVP_chacha20 -EVP_chacha20_poly1305 -EVP_cleanup -EVP_des_cbc -EVP_des_cfb1 -EVP_des_cfb64 -EVP_des_cfb8 -EVP_des_ecb -EVP_des_ede -EVP_des_ede3 -EVP_des_ede3_cbc -EVP_des_ede3_cfb1 -EVP_des_ede3_cfb64 -EVP_des_ede3_cfb8 -EVP_des_ede3_ecb -EVP_des_ede3_ofb -EVP_des_ede_cbc -EVP_des_ede_cfb64 -EVP_des_ede_ecb -EVP_des_ede_ofb -EVP_des_ofb -EVP_desx_cbc -EVP_enc_null -EVP_get_cipherbyname -EVP_get_digestbyname -EVP_get_pw_prompt -EVP_idea_cbc -EVP_idea_cfb64 -EVP_idea_ecb -EVP_idea_ofb -EVP_md4 -EVP_md5 -EVP_md5_sha1 -EVP_md_null -EVP_rc2_40_cbc -EVP_rc2_64_cbc -EVP_rc2_cbc -EVP_rc2_cfb64 -EVP_rc2_ecb -EVP_rc2_ofb -EVP_rc4 -EVP_rc4_40 -EVP_read_pw_string -EVP_read_pw_string_min -EVP_ripemd160 -EVP_set_pw_prompt -EVP_sha1 -EVP_sha224 -EVP_sha256 -EVP_sha384 -EVP_sha3_224 -EVP_sha3_256 -EVP_sha3_384 -EVP_sha3_512 -EVP_sha512 -EVP_sha512_224 -EVP_sha512_256 -EVP_sm3 -EVP_sm4_cbc -EVP_sm4_cfb128 -EVP_sm4_ctr -EVP_sm4_ecb -EVP_sm4_ofb -EXTENDED_KEY_USAGE_free -EXTENDED_KEY_USAGE_it -EXTENDED_KEY_USAGE_new -FIPS_mode -FIPS_mode_set -GENERAL_NAMES_free -GENERAL_NAMES_it -GENERAL_NAMES_new -GENERAL_NAME_cmp -GENERAL_NAME_dup -GENERAL_NAME_free -GENERAL_NAME_get0_otherName -GENERAL_NAME_get0_value -GENERAL_NAME_it -GENERAL_NAME_new -GENERAL_NAME_print -GENERAL_NAME_set0_othername -GENERAL_NAME_set0_value -GENERAL_SUBTREE_free -GENERAL_SUBTREE_it -GENERAL_SUBTREE_new -HKDF -HKDF_expand -HKDF_extract -HMAC -HMAC_CTX_copy -HMAC_CTX_free -HMAC_CTX_get_md -HMAC_CTX_new -HMAC_CTX_reset -HMAC_CTX_set_flags -HMAC_Final -HMAC_Init_ex -HMAC_Update -IPAddressChoice_free -IPAddressChoice_it -IPAddressChoice_new -IPAddressFamily_free -IPAddressFamily_it -IPAddressFamily_new -IPAddressOrRange_free -IPAddressOrRange_it -IPAddressOrRange_new -IPAddressRange_free -IPAddressRange_it -IPAddressRange_new -ISSUING_DIST_POINT_free -ISSUING_DIST_POINT_it -ISSUING_DIST_POINT_new -LONG_it -MD4 -MD4_Final -MD4_Init -MD4_Transform -MD4_Update -MD5 -MD5_Final -MD5_Init -MD5_Transform -MD5_Update -NAME_CONSTRAINTS_check -NAME_CONSTRAINTS_free -NAME_CONSTRAINTS_it -NAME_CONSTRAINTS_new -NCONF_free -NCONF_get_number_e -NCONF_get_section -NCONF_get_string -NCONF_load -NCONF_load_bio -NCONF_new -NETSCAPE_SPKAC_free -NETSCAPE_SPKAC_it -NETSCAPE_SPKAC_new -NETSCAPE_SPKI_b64_decode -NETSCAPE_SPKI_b64_encode -NETSCAPE_SPKI_free -NETSCAPE_SPKI_get_pubkey -NETSCAPE_SPKI_it -NETSCAPE_SPKI_new -NETSCAPE_SPKI_print -NETSCAPE_SPKI_set_pubkey -NETSCAPE_SPKI_sign -NETSCAPE_SPKI_verify -NOTICEREF_free -NOTICEREF_it -NOTICEREF_new -OBJ_NAME_do_all -OBJ_NAME_do_all_sorted -OBJ_cleanup -OBJ_cmp -OBJ_create -OBJ_create_objects -OBJ_dup -OBJ_find_sigid_algs -OBJ_find_sigid_by_algs -OBJ_get0_data -OBJ_length -OBJ_ln2nid -OBJ_new_nid -OBJ_nid2ln -OBJ_nid2obj -OBJ_nid2sn -OBJ_obj2nid -OBJ_obj2txt -OBJ_sn2nid -OBJ_txt2nid -OBJ_txt2obj -OCSP_BASICRESP_add1_ext_i2d -OCSP_BASICRESP_add_ext -OCSP_BASICRESP_delete_ext -OCSP_BASICRESP_free -OCSP_BASICRESP_get1_ext_d2i -OCSP_BASICRESP_get_ext -OCSP_BASICRESP_get_ext_by_NID -OCSP_BASICRESP_get_ext_by_OBJ -OCSP_BASICRESP_get_ext_by_critical -OCSP_BASICRESP_get_ext_count -OCSP_BASICRESP_it -OCSP_BASICRESP_new -OCSP_CERTID_dup -OCSP_CERTID_free -OCSP_CERTID_it -OCSP_CERTID_new -OCSP_CERTSTATUS_free -OCSP_CERTSTATUS_it -OCSP_CERTSTATUS_new -OCSP_CRLID_free -OCSP_CRLID_it -OCSP_CRLID_new -OCSP_ONEREQ_add1_ext_i2d -OCSP_ONEREQ_add_ext -OCSP_ONEREQ_delete_ext -OCSP_ONEREQ_free -OCSP_ONEREQ_get1_ext_d2i -OCSP_ONEREQ_get_ext -OCSP_ONEREQ_get_ext_by_NID -OCSP_ONEREQ_get_ext_by_OBJ -OCSP_ONEREQ_get_ext_by_critical -OCSP_ONEREQ_get_ext_count -OCSP_ONEREQ_it -OCSP_ONEREQ_new -OCSP_REQINFO_free -OCSP_REQINFO_it -OCSP_REQINFO_new -OCSP_REQUEST_add1_ext_i2d -OCSP_REQUEST_add_ext -OCSP_REQUEST_delete_ext -OCSP_REQUEST_free -OCSP_REQUEST_get1_ext_d2i -OCSP_REQUEST_get_ext -OCSP_REQUEST_get_ext_by_NID -OCSP_REQUEST_get_ext_by_OBJ -OCSP_REQUEST_get_ext_by_critical -OCSP_REQUEST_get_ext_count -OCSP_REQUEST_it -OCSP_REQUEST_new -OCSP_REQUEST_print -OCSP_REQ_CTX_add1_header -OCSP_REQ_CTX_free -OCSP_REQ_CTX_set1_req -OCSP_RESPBYTES_free -OCSP_RESPBYTES_it -OCSP_RESPBYTES_new -OCSP_RESPDATA_free -OCSP_RESPDATA_it -OCSP_RESPDATA_new -OCSP_RESPID_free -OCSP_RESPID_it -OCSP_RESPID_new -OCSP_RESPONSE_free -OCSP_RESPONSE_it -OCSP_RESPONSE_new -OCSP_RESPONSE_print -OCSP_REVOKEDINFO_free -OCSP_REVOKEDINFO_it -OCSP_REVOKEDINFO_new -OCSP_SERVICELOC_free -OCSP_SERVICELOC_it -OCSP_SERVICELOC_new -OCSP_SIGNATURE_free -OCSP_SIGNATURE_it -OCSP_SIGNATURE_new -OCSP_SINGLERESP_add1_ext_i2d -OCSP_SINGLERESP_add_ext -OCSP_SINGLERESP_delete_ext -OCSP_SINGLERESP_free -OCSP_SINGLERESP_get0_id -OCSP_SINGLERESP_get1_ext_d2i -OCSP_SINGLERESP_get_ext -OCSP_SINGLERESP_get_ext_by_NID -OCSP_SINGLERESP_get_ext_by_OBJ -OCSP_SINGLERESP_get_ext_by_critical -OCSP_SINGLERESP_get_ext_count -OCSP_SINGLERESP_it -OCSP_SINGLERESP_new -OCSP_accept_responses_new -OCSP_archive_cutoff_new -OCSP_basic_add1_cert -OCSP_basic_add1_nonce -OCSP_basic_add1_status -OCSP_basic_sign -OCSP_basic_verify -OCSP_cert_id_new -OCSP_cert_status_str -OCSP_cert_to_id -OCSP_check_nonce -OCSP_check_validity -OCSP_copy_nonce -OCSP_crlID_new -OCSP_crl_reason_str -OCSP_id_cmp -OCSP_id_get0_info -OCSP_id_issuer_cmp -OCSP_onereq_get0_id -OCSP_parse_url -OCSP_request_add0_id -OCSP_request_add1_cert -OCSP_request_add1_nonce -OCSP_request_is_signed -OCSP_request_onereq_count -OCSP_request_onereq_get0 -OCSP_request_set1_name -OCSP_request_sign -OCSP_request_verify -OCSP_resp_count -OCSP_resp_find -OCSP_resp_find_status -OCSP_resp_get0 -OCSP_resp_get0_certs -OCSP_resp_get0_id -OCSP_resp_get0_produced_at -OCSP_resp_get0_respdata -OCSP_resp_get0_signature -OCSP_resp_get0_signer -OCSP_resp_get0_tbs_sigalg -OCSP_response_create -OCSP_response_get1_basic -OCSP_response_status -OCSP_response_status_str -OCSP_sendreq_bio -OCSP_sendreq_nbio -OCSP_sendreq_new -OCSP_single_get0_status -OCSP_url_svcloc_new -OPENSSL_add_all_algorithms_conf -OPENSSL_add_all_algorithms_noconf -OPENSSL_asc2uni -OPENSSL_cleanse -OPENSSL_cleanup -OPENSSL_config -OPENSSL_cpu_caps -OPENSSL_gmtime -OPENSSL_init -OPENSSL_init_crypto -OPENSSL_no_config -OPENSSL_posix_to_tm -OPENSSL_timegm -OPENSSL_tm_to_posix -OPENSSL_uni2asc -OTHERNAME_cmp -OTHERNAME_free -OTHERNAME_it -OTHERNAME_new -OpenSSLDie -OpenSSL_add_all_ciphers -OpenSSL_add_all_digests -OpenSSL_version -OpenSSL_version_num -PBEPARAM_it -PEM_ASN1_read -PEM_ASN1_read_bio -PEM_ASN1_write -PEM_ASN1_write_bio -PEM_SignFinal -PEM_SignInit -PEM_SignUpdate -PEM_X509_INFO_read -PEM_X509_INFO_read_bio -PEM_X509_INFO_write_bio -PEM_bytes_read_bio -PEM_def_callback -PEM_dek_info -PEM_do_header -PEM_get_EVP_CIPHER_INFO -PEM_proc_type -PEM_read -PEM_read_CMS -PEM_read_DHparams -PEM_read_DSAPrivateKey -PEM_read_DSA_PUBKEY -PEM_read_DSAparams -PEM_read_ECPKParameters -PEM_read_ECPrivateKey -PEM_read_EC_PUBKEY -PEM_read_PKCS7 -PEM_read_PKCS8 -PEM_read_PKCS8_PRIV_KEY_INFO -PEM_read_PUBKEY -PEM_read_PrivateKey -PEM_read_RSAPrivateKey -PEM_read_RSAPublicKey -PEM_read_RSA_PUBKEY -PEM_read_X509 -PEM_read_X509_AUX -PEM_read_X509_CRL -PEM_read_X509_REQ -PEM_read_bio -PEM_read_bio_CMS -PEM_read_bio_DHparams -PEM_read_bio_DSAPrivateKey -PEM_read_bio_DSA_PUBKEY -PEM_read_bio_DSAparams -PEM_read_bio_ECPKParameters -PEM_read_bio_ECPrivateKey -PEM_read_bio_EC_PUBKEY -PEM_read_bio_PKCS7 -PEM_read_bio_PKCS8 -PEM_read_bio_PKCS8_PRIV_KEY_INFO -PEM_read_bio_PUBKEY -PEM_read_bio_Parameters -PEM_read_bio_PrivateKey -PEM_read_bio_RSAPrivateKey -PEM_read_bio_RSAPublicKey -PEM_read_bio_RSA_PUBKEY -PEM_read_bio_X509 -PEM_read_bio_X509_AUX -PEM_read_bio_X509_CRL -PEM_read_bio_X509_REQ -PEM_write -PEM_write_CMS -PEM_write_DHparams -PEM_write_DSAPrivateKey -PEM_write_DSA_PUBKEY -PEM_write_DSAparams -PEM_write_ECPKParameters -PEM_write_ECPrivateKey -PEM_write_EC_PUBKEY -PEM_write_PKCS7 -PEM_write_PKCS8 -PEM_write_PKCS8PrivateKey -PEM_write_PKCS8PrivateKey_nid -PEM_write_PKCS8_PRIV_KEY_INFO -PEM_write_PUBKEY -PEM_write_PrivateKey -PEM_write_RSAPrivateKey -PEM_write_RSAPublicKey -PEM_write_RSA_PUBKEY -PEM_write_X509 -PEM_write_X509_AUX -PEM_write_X509_CRL -PEM_write_X509_REQ -PEM_write_X509_REQ_NEW -PEM_write_bio -PEM_write_bio_CMS -PEM_write_bio_CMS_stream -PEM_write_bio_DHparams -PEM_write_bio_DSAPrivateKey -PEM_write_bio_DSA_PUBKEY -PEM_write_bio_DSAparams -PEM_write_bio_ECPKParameters -PEM_write_bio_ECPrivateKey -PEM_write_bio_EC_PUBKEY -PEM_write_bio_PKCS7 -PEM_write_bio_PKCS7_stream -PEM_write_bio_PKCS8 -PEM_write_bio_PKCS8PrivateKey -PEM_write_bio_PKCS8PrivateKey_nid -PEM_write_bio_PKCS8_PRIV_KEY_INFO -PEM_write_bio_PUBKEY -PEM_write_bio_Parameters -PEM_write_bio_PrivateKey -PEM_write_bio_PrivateKey_traditional -PEM_write_bio_RSAPrivateKey -PEM_write_bio_RSAPublicKey -PEM_write_bio_RSA_PUBKEY -PEM_write_bio_X509 -PEM_write_bio_X509_AUX -PEM_write_bio_X509_CRL -PEM_write_bio_X509_REQ -PEM_write_bio_X509_REQ_NEW -PKCS12_PBE_add -PKCS12_SAFEBAG_free -PKCS12_SAFEBAG_get0_attr -PKCS12_SAFEBAG_get0_attrs -PKCS12_SAFEBAG_get0_p8inf -PKCS12_SAFEBAG_get0_pkcs8 -PKCS12_SAFEBAG_get0_safes -PKCS12_SAFEBAG_get0_type -PKCS12_SAFEBAG_get1_cert -PKCS12_SAFEBAG_get1_crl -PKCS12_SAFEBAG_get_bag_nid -PKCS12_SAFEBAG_get_nid -PKCS12_SAFEBAG_it -PKCS12_SAFEBAG_new -PKCS12_create -PKCS12_decrypt_skey -PKCS12_free -PKCS12_get0_mac -PKCS12_get_friendlyname -PKCS12_it -PKCS12_key_gen_uni -PKCS12_mac_present -PKCS12_new -PKCS12_newpass -PKCS12_parse -PKCS12_set_mac -PKCS12_unpack_authsafes -PKCS12_unpack_p7data -PKCS12_unpack_p7encdata -PKCS12_verify_mac -PKCS1_MGF1 -PKCS5_PBKDF2_HMAC -PKCS5_PBKDF2_HMAC_SHA1 -PKCS7_ATTR_SIGN_it -PKCS7_ATTR_VERIFY_it -PKCS7_DIGEST_free -PKCS7_DIGEST_it -PKCS7_DIGEST_new -PKCS7_ENCRYPT_free -PKCS7_ENCRYPT_it -PKCS7_ENCRYPT_new -PKCS7_ENC_CONTENT_free -PKCS7_ENC_CONTENT_it -PKCS7_ENC_CONTENT_new -PKCS7_ENVELOPE_free -PKCS7_ENVELOPE_it -PKCS7_ENVELOPE_new -PKCS7_ISSUER_AND_SERIAL_digest -PKCS7_ISSUER_AND_SERIAL_free -PKCS7_ISSUER_AND_SERIAL_it -PKCS7_ISSUER_AND_SERIAL_new -PKCS7_RECIP_INFO_free -PKCS7_RECIP_INFO_get0_alg -PKCS7_RECIP_INFO_it -PKCS7_RECIP_INFO_new -PKCS7_RECIP_INFO_set -PKCS7_SIGNED_free -PKCS7_SIGNED_it -PKCS7_SIGNED_new -PKCS7_SIGNER_INFO_free -PKCS7_SIGNER_INFO_get0_algs -PKCS7_SIGNER_INFO_it -PKCS7_SIGNER_INFO_new -PKCS7_SIGNER_INFO_set -PKCS7_SIGNER_INFO_sign -PKCS7_SIGN_ENVELOPE_free -PKCS7_SIGN_ENVELOPE_it -PKCS7_SIGN_ENVELOPE_new -PKCS7_add0_attrib_signing_time -PKCS7_add1_attrib_digest -PKCS7_add_attrib_content_type -PKCS7_add_attrib_smimecap -PKCS7_add_attribute -PKCS7_add_certificate -PKCS7_add_crl -PKCS7_add_recipient -PKCS7_add_recipient_info -PKCS7_add_signature -PKCS7_add_signed_attribute -PKCS7_add_signer -PKCS7_cert_from_signer_info -PKCS7_content_new -PKCS7_ctrl -PKCS7_dataDecode -PKCS7_dataFinal -PKCS7_dataInit -PKCS7_dataVerify -PKCS7_decrypt -PKCS7_digest_from_attributes -PKCS7_dup -PKCS7_encrypt -PKCS7_final -PKCS7_free -PKCS7_get0_signers -PKCS7_get_attribute -PKCS7_get_issuer_and_serial -PKCS7_get_signed_attribute -PKCS7_get_signer_info -PKCS7_get_smimecap -PKCS7_it -PKCS7_new -PKCS7_print_ctx -PKCS7_set0_type_other -PKCS7_set_attributes -PKCS7_set_cipher -PKCS7_set_content -PKCS7_set_digest -PKCS7_set_signed_attributes -PKCS7_set_type -PKCS7_sign -PKCS7_sign_add_signer -PKCS7_signatureVerify -PKCS7_simple_smimecap -PKCS7_stream -PKCS7_to_TS_TST_INFO -PKCS7_verify -PKCS8_PRIV_KEY_INFO_free -PKCS8_PRIV_KEY_INFO_it -PKCS8_PRIV_KEY_INFO_new -PKCS8_add_keyusage -PKCS8_decrypt -PKCS8_encrypt -PKCS8_get_attr -PKCS8_pkey_add1_attr_by_NID -PKCS8_pkey_get0 -PKCS8_pkey_get0_attrs -PKCS8_pkey_set0 -PKEY_USAGE_PERIOD_free -PKEY_USAGE_PERIOD_it -PKEY_USAGE_PERIOD_new -POLICYINFO_free -POLICYINFO_it -POLICYINFO_new -POLICYQUALINFO_free -POLICYQUALINFO_it -POLICYQUALINFO_new -POLICY_CONSTRAINTS_free -POLICY_CONSTRAINTS_it -POLICY_CONSTRAINTS_new -POLICY_MAPPINGS_it -POLICY_MAPPING_free -POLICY_MAPPING_it -POLICY_MAPPING_new -RAND_SSLeay -RAND_add -RAND_bytes -RAND_cleanup -RAND_file_name -RAND_get_rand_method -RAND_load_file -RAND_poll -RAND_pseudo_bytes -RAND_seed -RAND_set_rand_method -RAND_status -RAND_write_file -RC2_cbc_encrypt -RC2_cfb64_encrypt -RC2_decrypt -RC2_ecb_encrypt -RC2_encrypt -RC2_ofb64_encrypt -RC2_set_key -RC4 -RC4_set_key -RIPEMD160 -RIPEMD160_Final -RIPEMD160_Init -RIPEMD160_Transform -RIPEMD160_Update -RSAPrivateKey_dup -RSAPrivateKey_it -RSAPublicKey_dup -RSAPublicKey_it -RSA_OAEP_PARAMS_free -RSA_OAEP_PARAMS_it -RSA_OAEP_PARAMS_new -RSA_PKCS1_OpenSSL -RSA_PKCS1_SSLeay -RSA_PSS_PARAMS_free -RSA_PSS_PARAMS_it -RSA_PSS_PARAMS_new -RSA_bits -RSA_blinding_off -RSA_blinding_on -RSA_check_key -RSA_clear_flags -RSA_flags -RSA_free -RSA_generate_key -RSA_generate_key_ex -RSA_get0_crt_params -RSA_get0_d -RSA_get0_dmp1 -RSA_get0_dmq1 -RSA_get0_e -RSA_get0_factors -RSA_get0_iqmp -RSA_get0_key -RSA_get0_n -RSA_get0_p -RSA_get0_pss_params -RSA_get0_q -RSA_get_default_method -RSA_get_ex_data -RSA_get_ex_new_index -RSA_get_method -RSA_meth_dup -RSA_meth_free -RSA_meth_get0_app_data -RSA_meth_get0_name -RSA_meth_get_bn_mod_exp -RSA_meth_get_finish -RSA_meth_get_flags -RSA_meth_get_init -RSA_meth_get_keygen -RSA_meth_get_mod_exp -RSA_meth_get_priv_dec -RSA_meth_get_priv_enc -RSA_meth_get_pub_dec -RSA_meth_get_pub_enc -RSA_meth_get_sign -RSA_meth_get_verify -RSA_meth_new -RSA_meth_set0_app_data -RSA_meth_set1_name -RSA_meth_set_bn_mod_exp -RSA_meth_set_finish -RSA_meth_set_flags -RSA_meth_set_init -RSA_meth_set_keygen -RSA_meth_set_mod_exp -RSA_meth_set_priv_dec -RSA_meth_set_priv_enc -RSA_meth_set_pub_dec -RSA_meth_set_pub_enc -RSA_meth_set_sign -RSA_meth_set_verify -RSA_new -RSA_new_method -RSA_padding_add_PKCS1_OAEP -RSA_padding_add_PKCS1_OAEP_mgf1 -RSA_padding_add_PKCS1_PSS -RSA_padding_add_PKCS1_PSS_mgf1 -RSA_padding_add_PKCS1_type_1 -RSA_padding_add_PKCS1_type_2 -RSA_padding_add_none -RSA_padding_check_PKCS1_OAEP -RSA_padding_check_PKCS1_OAEP_mgf1 -RSA_padding_check_PKCS1_type_1 -RSA_padding_check_PKCS1_type_2 -RSA_padding_check_none -RSA_pkey_ctx_ctrl -RSA_print -RSA_print_fp -RSA_private_decrypt -RSA_private_encrypt -RSA_public_decrypt -RSA_public_encrypt -RSA_security_bits -RSA_set0_crt_params -RSA_set0_factors -RSA_set0_key -RSA_set_default_method -RSA_set_ex_data -RSA_set_flags -RSA_set_method -RSA_sign -RSA_sign_ASN1_OCTET_STRING -RSA_size -RSA_test_flags -RSA_up_ref -RSA_verify -RSA_verify_ASN1_OCTET_STRING -RSA_verify_PKCS1_PSS -RSA_verify_PKCS1_PSS_mgf1 -SCT_LIST_free -SCT_LIST_print -SCT_LIST_validate -SCT_free -SCT_get0_extensions -SCT_get0_log_id -SCT_get0_signature -SCT_get_log_entry_type -SCT_get_signature_nid -SCT_get_source -SCT_get_timestamp -SCT_get_validation_status -SCT_get_version -SCT_new -SCT_new_from_base64 -SCT_print -SCT_set0_extensions -SCT_set0_log_id -SCT_set0_signature -SCT_set1_extensions -SCT_set1_log_id -SCT_set1_signature -SCT_set_log_entry_type -SCT_set_signature_nid -SCT_set_source -SCT_set_timestamp -SCT_set_version -SCT_validate -SCT_validation_status_string -SHA1 -SHA1_Final -SHA1_Init -SHA1_Transform -SHA1_Update -SHA224 -SHA224_Final -SHA224_Init -SHA224_Update -SHA256 -SHA256_Final -SHA256_Init -SHA256_Transform -SHA256_Update -SHA384 -SHA384_Final -SHA384_Init -SHA384_Update -SHA512 -SHA512_Final -SHA512_Init -SHA512_Transform -SHA512_Update -SM3_Final -SM3_Init -SM3_Update -SM4_decrypt -SM4_encrypt -SM4_set_key -SMIME_crlf_copy -SMIME_read_CMS -SMIME_read_PKCS7 -SMIME_text -SMIME_write_CMS -SMIME_write_PKCS7 -SSLeay -SSLeay_version -TS_ACCURACY_dup -TS_ACCURACY_free -TS_ACCURACY_get_micros -TS_ACCURACY_get_millis -TS_ACCURACY_get_seconds -TS_ACCURACY_new -TS_ACCURACY_set_micros -TS_ACCURACY_set_millis -TS_ACCURACY_set_seconds -TS_ASN1_INTEGER_print_bio -TS_CONF_get_tsa_section -TS_CONF_load_cert -TS_CONF_load_certs -TS_CONF_load_key -TS_CONF_set_accuracy -TS_CONF_set_certs -TS_CONF_set_clock_precision_digits -TS_CONF_set_def_policy -TS_CONF_set_digests -TS_CONF_set_ess_cert_id_chain -TS_CONF_set_ordering -TS_CONF_set_policies -TS_CONF_set_serial -TS_CONF_set_signer_cert -TS_CONF_set_signer_key -TS_CONF_set_tsa_name -TS_MSG_IMPRINT_dup -TS_MSG_IMPRINT_free -TS_MSG_IMPRINT_get_algo -TS_MSG_IMPRINT_get_msg -TS_MSG_IMPRINT_new -TS_MSG_IMPRINT_print_bio -TS_MSG_IMPRINT_set_algo -TS_MSG_IMPRINT_set_msg -TS_OBJ_print_bio -TS_REQ_add_ext -TS_REQ_delete_ext -TS_REQ_dup -TS_REQ_ext_free -TS_REQ_free -TS_REQ_get_cert_req -TS_REQ_get_ext -TS_REQ_get_ext_by_NID -TS_REQ_get_ext_by_OBJ -TS_REQ_get_ext_by_critical -TS_REQ_get_ext_count -TS_REQ_get_ext_d2i -TS_REQ_get_exts -TS_REQ_get_msg_imprint -TS_REQ_get_nonce -TS_REQ_get_policy_id -TS_REQ_get_version -TS_REQ_new -TS_REQ_print_bio -TS_REQ_set_cert_req -TS_REQ_set_msg_imprint -TS_REQ_set_nonce -TS_REQ_set_policy_id -TS_REQ_set_version -TS_REQ_to_TS_VERIFY_CTX -TS_RESP_CTX_add_failure_info -TS_RESP_CTX_add_flags -TS_RESP_CTX_add_md -TS_RESP_CTX_add_policy -TS_RESP_CTX_free -TS_RESP_CTX_get_request -TS_RESP_CTX_get_tst_info -TS_RESP_CTX_new -TS_RESP_CTX_set_accuracy -TS_RESP_CTX_set_certs -TS_RESP_CTX_set_clock_precision_digits -TS_RESP_CTX_set_def_policy -TS_RESP_CTX_set_extension_cb -TS_RESP_CTX_set_serial_cb -TS_RESP_CTX_set_signer_cert -TS_RESP_CTX_set_signer_key -TS_RESP_CTX_set_status_info -TS_RESP_CTX_set_status_info_cond -TS_RESP_CTX_set_time_cb -TS_RESP_create_response -TS_RESP_dup -TS_RESP_free -TS_RESP_get_status_info -TS_RESP_get_token -TS_RESP_get_tst_info -TS_RESP_new -TS_RESP_print_bio -TS_RESP_set_status_info -TS_RESP_set_tst_info -TS_RESP_verify_response -TS_RESP_verify_signature -TS_RESP_verify_token -TS_STATUS_INFO_dup -TS_STATUS_INFO_free -TS_STATUS_INFO_get0_failure_info -TS_STATUS_INFO_get0_status -TS_STATUS_INFO_get0_text -TS_STATUS_INFO_new -TS_STATUS_INFO_print_bio -TS_STATUS_INFO_set_status -TS_TST_INFO_add_ext -TS_TST_INFO_delete_ext -TS_TST_INFO_dup -TS_TST_INFO_ext_free -TS_TST_INFO_free -TS_TST_INFO_get_accuracy -TS_TST_INFO_get_ext -TS_TST_INFO_get_ext_by_NID -TS_TST_INFO_get_ext_by_OBJ -TS_TST_INFO_get_ext_by_critical -TS_TST_INFO_get_ext_count -TS_TST_INFO_get_ext_d2i -TS_TST_INFO_get_exts -TS_TST_INFO_get_msg_imprint -TS_TST_INFO_get_nonce -TS_TST_INFO_get_ordering -TS_TST_INFO_get_policy_id -TS_TST_INFO_get_serial -TS_TST_INFO_get_time -TS_TST_INFO_get_tsa -TS_TST_INFO_get_version -TS_TST_INFO_new -TS_TST_INFO_print_bio -TS_TST_INFO_set_accuracy -TS_TST_INFO_set_msg_imprint -TS_TST_INFO_set_nonce -TS_TST_INFO_set_ordering -TS_TST_INFO_set_policy_id -TS_TST_INFO_set_serial -TS_TST_INFO_set_time -TS_TST_INFO_set_tsa -TS_TST_INFO_set_version -TS_VERIFY_CTX_add_flags -TS_VERIFY_CTX_cleanup -TS_VERIFY_CTX_free -TS_VERIFY_CTX_new -TS_VERIFY_CTX_set_certs -TS_VERIFY_CTX_set_data -TS_VERIFY_CTX_set_flags -TS_VERIFY_CTX_set_imprint -TS_VERIFY_CTX_set_store -TS_X509_ALGOR_print_bio -TS_ext_print_bio -TXT_DB_create_index -TXT_DB_free -TXT_DB_get_by_index -TXT_DB_insert -TXT_DB_read -TXT_DB_write -UI_OpenSSL -UI_add_error_string -UI_add_info_string -UI_add_input_boolean -UI_add_input_string -UI_add_user_data -UI_add_verify_string -UI_construct_prompt -UI_create_method -UI_ctrl -UI_destroy_method -UI_dup_error_string -UI_dup_info_string -UI_dup_input_boolean -UI_dup_input_string -UI_dup_verify_string -UI_free -UI_get0_action_string -UI_get0_output_string -UI_get0_result -UI_get0_result_string -UI_get0_test_string -UI_get0_user_data -UI_get_default_method -UI_get_ex_data -UI_get_ex_new_index -UI_get_input_flags -UI_get_method -UI_get_result_maxsize -UI_get_result_minsize -UI_get_string_type -UI_method_get_closer -UI_method_get_flusher -UI_method_get_opener -UI_method_get_prompt_constructor -UI_method_get_reader -UI_method_get_writer -UI_method_set_closer -UI_method_set_flusher -UI_method_set_opener -UI_method_set_prompt_constructor -UI_method_set_reader -UI_method_set_writer -UI_new -UI_new_method -UI_null -UI_process -UI_set_default_method -UI_set_ex_data -UI_set_method -UI_set_result -USERNOTICE_free -USERNOTICE_it -USERNOTICE_new -X25519 -X25519_keypair -X509V3_EXT_CRL_add_nconf -X509V3_EXT_REQ_add_nconf -X509V3_EXT_add_nconf -X509V3_EXT_add_nconf_sk -X509V3_EXT_conf -X509V3_EXT_conf_nid -X509V3_EXT_d2i -X509V3_EXT_get -X509V3_EXT_get_nid -X509V3_EXT_i2d -X509V3_EXT_nconf -X509V3_EXT_nconf_nid -X509V3_EXT_print -X509V3_EXT_print_fp -X509V3_EXT_val_prn -X509V3_NAME_from_section -X509V3_add1_i2d -X509V3_add_standard_extensions -X509V3_conf_free -X509V3_extensions_print -X509V3_get_d2i -X509V3_parse_list -X509V3_set_ctx -X509V3_set_nconf -X509_ALGORS_it -X509_ALGOR_cmp -X509_ALGOR_dup -X509_ALGOR_free -X509_ALGOR_get0 -X509_ALGOR_it -X509_ALGOR_new -X509_ALGOR_set0 -X509_ATTRIBUTE_count -X509_ATTRIBUTE_create -X509_ATTRIBUTE_create_by_NID -X509_ATTRIBUTE_create_by_OBJ -X509_ATTRIBUTE_create_by_txt -X509_ATTRIBUTE_dup -X509_ATTRIBUTE_free -X509_ATTRIBUTE_get0_data -X509_ATTRIBUTE_get0_object -X509_ATTRIBUTE_get0_type -X509_ATTRIBUTE_it -X509_ATTRIBUTE_new -X509_ATTRIBUTE_set1_data -X509_ATTRIBUTE_set1_object -X509_CINF_free -X509_CINF_it -X509_CINF_new -X509_CRL_INFO_free -X509_CRL_INFO_it -X509_CRL_INFO_new -X509_CRL_add0_revoked -X509_CRL_add1_ext_i2d -X509_CRL_add_ext -X509_CRL_cmp -X509_CRL_delete_ext -X509_CRL_digest -X509_CRL_dup -X509_CRL_free -X509_CRL_get0_by_cert -X509_CRL_get0_by_serial -X509_CRL_get0_extensions -X509_CRL_get0_lastUpdate -X509_CRL_get0_nextUpdate -X509_CRL_get0_signature -X509_CRL_get0_tbs_sigalg -X509_CRL_get_REVOKED -X509_CRL_get_ext -X509_CRL_get_ext_by_NID -X509_CRL_get_ext_by_OBJ -X509_CRL_get_ext_by_critical -X509_CRL_get_ext_count -X509_CRL_get_ext_d2i -X509_CRL_get_issuer -X509_CRL_get_lastUpdate -X509_CRL_get_nextUpdate -X509_CRL_get_signature_nid -X509_CRL_get_version -X509_CRL_it -X509_CRL_match -X509_CRL_new -X509_CRL_print -X509_CRL_print_fp -X509_CRL_set1_lastUpdate -X509_CRL_set1_nextUpdate -X509_CRL_set_issuer_name -X509_CRL_set_lastUpdate -X509_CRL_set_nextUpdate -X509_CRL_set_version -X509_CRL_sign -X509_CRL_sign_ctx -X509_CRL_sort -X509_CRL_up_ref -X509_CRL_verify -X509_EXTENSIONS_it -X509_EXTENSION_create_by_NID -X509_EXTENSION_create_by_OBJ -X509_EXTENSION_dup -X509_EXTENSION_free -X509_EXTENSION_get_critical -X509_EXTENSION_get_data -X509_EXTENSION_get_object -X509_EXTENSION_it -X509_EXTENSION_new -X509_EXTENSION_set_critical -X509_EXTENSION_set_data -X509_EXTENSION_set_object -X509_INFO_free -X509_INFO_new -X509_LOOKUP_ctrl -X509_LOOKUP_file -X509_LOOKUP_free -X509_LOOKUP_hash_dir -X509_LOOKUP_mem -X509_NAME_ENTRY_create_by_NID -X509_NAME_ENTRY_create_by_OBJ -X509_NAME_ENTRY_create_by_txt -X509_NAME_ENTRY_dup -X509_NAME_ENTRY_free -X509_NAME_ENTRY_get_data -X509_NAME_ENTRY_get_object -X509_NAME_ENTRY_it -X509_NAME_ENTRY_new -X509_NAME_ENTRY_set -X509_NAME_ENTRY_set_data -X509_NAME_ENTRY_set_object -X509_NAME_add_entry -X509_NAME_add_entry_by_NID -X509_NAME_add_entry_by_OBJ -X509_NAME_add_entry_by_txt -X509_NAME_cmp -X509_NAME_delete_entry -X509_NAME_digest -X509_NAME_dup -X509_NAME_entry_count -X509_NAME_free -X509_NAME_get0_der -X509_NAME_get_entry -X509_NAME_get_index_by_NID -X509_NAME_get_index_by_OBJ -X509_NAME_get_text_by_NID -X509_NAME_get_text_by_OBJ -X509_NAME_hash -X509_NAME_hash_old -X509_NAME_it -X509_NAME_new -X509_NAME_oneline -X509_NAME_print_ex -X509_NAME_print_ex_fp -X509_NAME_set -X509_OBJECT_free -X509_OBJECT_get0_X509 -X509_OBJECT_get0_X509_CRL -X509_OBJECT_get_type -X509_OBJECT_idx_by_subject -X509_OBJECT_new -X509_OBJECT_retrieve_by_subject -X509_OBJECT_retrieve_match -X509_PKEY_free -X509_PKEY_new -X509_PUBKEY_free -X509_PUBKEY_get -X509_PUBKEY_get0 -X509_PUBKEY_get0_param -X509_PUBKEY_it -X509_PUBKEY_new -X509_PUBKEY_set -X509_PUBKEY_set0_param -X509_PURPOSE_get0 -X509_PURPOSE_get0_name -X509_PURPOSE_get0_sname -X509_PURPOSE_get_by_sname -X509_PURPOSE_get_count -X509_PURPOSE_get_id -X509_REQ_INFO_free -X509_REQ_INFO_it -X509_REQ_INFO_new -X509_REQ_add1_attr -X509_REQ_add1_attr_by_NID -X509_REQ_add1_attr_by_OBJ -X509_REQ_add1_attr_by_txt -X509_REQ_add_extensions -X509_REQ_add_extensions_nid -X509_REQ_check_private_key -X509_REQ_delete_attr -X509_REQ_digest -X509_REQ_dup -X509_REQ_extension_nid -X509_REQ_free -X509_REQ_get0_pubkey -X509_REQ_get0_signature -X509_REQ_get1_email -X509_REQ_get_attr -X509_REQ_get_attr_by_NID -X509_REQ_get_attr_by_OBJ -X509_REQ_get_attr_count -X509_REQ_get_extensions -X509_REQ_get_pubkey -X509_REQ_get_signature_nid -X509_REQ_get_subject_name -X509_REQ_get_version -X509_REQ_it -X509_REQ_new -X509_REQ_print -X509_REQ_print_ex -X509_REQ_print_fp -X509_REQ_set_pubkey -X509_REQ_set_subject_name -X509_REQ_set_version -X509_REQ_sign -X509_REQ_sign_ctx -X509_REQ_to_X509 -X509_REQ_verify -X509_REVOKED_add1_ext_i2d -X509_REVOKED_add_ext -X509_REVOKED_delete_ext -X509_REVOKED_dup -X509_REVOKED_free -X509_REVOKED_get0_extensions -X509_REVOKED_get0_revocationDate -X509_REVOKED_get0_serialNumber -X509_REVOKED_get_ext -X509_REVOKED_get_ext_by_NID -X509_REVOKED_get_ext_by_OBJ -X509_REVOKED_get_ext_by_critical -X509_REVOKED_get_ext_count -X509_REVOKED_get_ext_d2i -X509_REVOKED_it -X509_REVOKED_new -X509_REVOKED_set_revocationDate -X509_REVOKED_set_serialNumber -X509_SIG_free -X509_SIG_get0 -X509_SIG_getm -X509_SIG_it -X509_SIG_new -X509_STORE_CTX_cleanup -X509_STORE_CTX_free -X509_STORE_CTX_get0_cert -X509_STORE_CTX_get0_chain -X509_STORE_CTX_get0_current_crl -X509_STORE_CTX_get0_current_issuer -X509_STORE_CTX_get0_param -X509_STORE_CTX_get0_parent_ctx -X509_STORE_CTX_get0_store -X509_STORE_CTX_get0_untrusted -X509_STORE_CTX_get1_certs -X509_STORE_CTX_get1_chain -X509_STORE_CTX_get1_crls -X509_STORE_CTX_get1_issuer -X509_STORE_CTX_get_by_subject -X509_STORE_CTX_get_chain -X509_STORE_CTX_get_check_issued -X509_STORE_CTX_get_current_cert -X509_STORE_CTX_get_error -X509_STORE_CTX_get_error_depth -X509_STORE_CTX_get_ex_data -X509_STORE_CTX_get_ex_new_index -X509_STORE_CTX_get_num_untrusted -X509_STORE_CTX_get_obj_by_subject -X509_STORE_CTX_get_verify -X509_STORE_CTX_get_verify_cb -X509_STORE_CTX_init -X509_STORE_CTX_new -X509_STORE_CTX_set0_crls -X509_STORE_CTX_set0_param -X509_STORE_CTX_set0_trusted_stack -X509_STORE_CTX_set0_untrusted -X509_STORE_CTX_set0_verified_chain -X509_STORE_CTX_set_cert -X509_STORE_CTX_set_chain -X509_STORE_CTX_set_current_cert -X509_STORE_CTX_set_default -X509_STORE_CTX_set_depth -X509_STORE_CTX_set_error -X509_STORE_CTX_set_error_depth -X509_STORE_CTX_set_ex_data -X509_STORE_CTX_set_flags -X509_STORE_CTX_set_purpose -X509_STORE_CTX_set_time -X509_STORE_CTX_set_trust -X509_STORE_CTX_set_verify -X509_STORE_CTX_set_verify_cb -X509_STORE_CTX_trusted_stack -X509_STORE_add_cert -X509_STORE_add_crl -X509_STORE_add_lookup -X509_STORE_free -X509_STORE_get0_objects -X509_STORE_get0_param -X509_STORE_get1_objects -X509_STORE_get_check_issued -X509_STORE_get_ex_data -X509_STORE_get_verify -X509_STORE_get_verify_cb -X509_STORE_load_locations -X509_STORE_load_mem -X509_STORE_new -X509_STORE_set1_param -X509_STORE_set_check_issued -X509_STORE_set_default_paths -X509_STORE_set_depth -X509_STORE_set_ex_data -X509_STORE_set_flags -X509_STORE_set_purpose -X509_STORE_set_trust -X509_STORE_set_verify -X509_STORE_set_verify_cb -X509_STORE_up_ref -X509_VAL_free -X509_VAL_it -X509_VAL_new -X509_VERIFY_PARAM_add0_policy -X509_VERIFY_PARAM_add0_table -X509_VERIFY_PARAM_add1_host -X509_VERIFY_PARAM_clear_flags -X509_VERIFY_PARAM_free -X509_VERIFY_PARAM_get0 -X509_VERIFY_PARAM_get0_name -X509_VERIFY_PARAM_get0_peername -X509_VERIFY_PARAM_get_count -X509_VERIFY_PARAM_get_depth -X509_VERIFY_PARAM_get_flags -X509_VERIFY_PARAM_get_time -X509_VERIFY_PARAM_inherit -X509_VERIFY_PARAM_lookup -X509_VERIFY_PARAM_new -X509_VERIFY_PARAM_set1 -X509_VERIFY_PARAM_set1_email -X509_VERIFY_PARAM_set1_host -X509_VERIFY_PARAM_set1_ip -X509_VERIFY_PARAM_set1_ip_asc -X509_VERIFY_PARAM_set1_name -X509_VERIFY_PARAM_set1_policies -X509_VERIFY_PARAM_set_auth_level -X509_VERIFY_PARAM_set_depth -X509_VERIFY_PARAM_set_flags -X509_VERIFY_PARAM_set_hostflags -X509_VERIFY_PARAM_set_purpose -X509_VERIFY_PARAM_set_time -X509_VERIFY_PARAM_set_trust -X509_VERIFY_PARAM_table_cleanup -X509_add1_ext_i2d -X509_add1_reject_object -X509_add1_trust_object -X509_add_ext -X509_alias_get0 -X509_alias_set1 -X509_certificate_type -X509_chain_up_ref -X509_check_akid -X509_check_ca -X509_check_email -X509_check_host -X509_check_ip -X509_check_ip_asc -X509_check_issued -X509_check_private_key -X509_check_purpose -X509_cmp -X509_cmp_current_time -X509_cmp_time -X509_delete_ext -X509_digest -X509_dup -X509_email_free -X509_find_by_issuer_and_serial -X509_find_by_subject -X509_free -X509_get0_extensions -X509_get0_notAfter -X509_get0_notBefore -X509_get0_pubkey -X509_get0_pubkey_bitstr -X509_get0_serialNumber -X509_get0_signature -X509_get0_tbs_sigalg -X509_get0_uids -X509_get1_email -X509_get1_ocsp -X509_get_X509_PUBKEY -X509_get_default_cert_area -X509_get_default_cert_dir -X509_get_default_cert_dir_env -X509_get_default_cert_file -X509_get_default_cert_file_env -X509_get_default_private_dir -X509_get_ex_data -X509_get_ex_new_index -X509_get_ext -X509_get_ext_by_NID -X509_get_ext_by_OBJ -X509_get_ext_by_critical -X509_get_ext_count -X509_get_ext_d2i -X509_get_extended_key_usage -X509_get_extension_flags -X509_get_issuer_name -X509_get_key_usage -X509_get_pubkey -X509_get_pubkey_parameters -X509_get_serialNumber -X509_get_signature_info -X509_get_signature_nid -X509_get_signature_type -X509_get_subject_name -X509_get_version -X509_getm_notAfter -X509_getm_notBefore -X509_gmtime_adj -X509_issuer_and_serial_cmp -X509_issuer_and_serial_hash -X509_issuer_name_cmp -X509_issuer_name_hash -X509_issuer_name_hash_old -X509_it -X509_keyid_get0 -X509_keyid_set1 -X509_load_cert_crl_file -X509_load_cert_file -X509_load_crl_file -X509_new -X509_ocspid_print -X509_print -X509_print_ex -X509_print_ex_fp -X509_print_fp -X509_pubkey_digest -X509_reject_clear -X509_set1_notAfter -X509_set1_notBefore -X509_set_ex_data -X509_set_issuer_name -X509_set_notAfter -X509_set_notBefore -X509_set_pubkey -X509_set_serialNumber -X509_set_subject_name -X509_set_version -X509_sign -X509_sign_ctx -X509_signature_dump -X509_signature_print -X509_subject_name_cmp -X509_subject_name_hash -X509_subject_name_hash_old -X509_supported_extension -X509_time_adj -X509_time_adj_ex -X509_to_X509_REQ -X509_trust_clear -X509_up_ref -X509_verify -X509_verify_cert -X509_verify_cert_error_string -X509v3_add_ext -X509v3_addr_add_inherit -X509v3_addr_add_prefix -X509v3_addr_add_range -X509v3_addr_canonize -X509v3_addr_get_afi -X509v3_addr_get_range -X509v3_addr_inherits -X509v3_addr_is_canonical -X509v3_addr_subset -X509v3_addr_validate_path -X509v3_addr_validate_resource_set -X509v3_asid_add_id_or_range -X509v3_asid_add_inherit -X509v3_asid_canonize -X509v3_asid_inherits -X509v3_asid_is_canonical -X509v3_asid_subset -X509v3_asid_validate_path -X509v3_asid_validate_resource_set -X509v3_delete_ext -X509v3_get_ext -X509v3_get_ext_by_NID -X509v3_get_ext_by_OBJ -X509v3_get_ext_by_critical -X509v3_get_ext_count -ZLONG_it -a2d_ASN1_OBJECT -a2i_ASN1_ENUMERATED -a2i_ASN1_INTEGER -a2i_ASN1_STRING -a2i_GENERAL_NAME -a2i_IPADDRESS -a2i_IPADDRESS_NC -a2i_ipadd -b2i_PVK_bio -b2i_PrivateKey -b2i_PrivateKey_bio -b2i_PublicKey -b2i_PublicKey_bio -d2i_ACCESS_DESCRIPTION -d2i_ASIdOrRange -d2i_ASIdentifierChoice -d2i_ASIdentifiers -d2i_ASN1_BIT_STRING -d2i_ASN1_BMPSTRING -d2i_ASN1_ENUMERATED -d2i_ASN1_GENERALIZEDTIME -d2i_ASN1_GENERALSTRING -d2i_ASN1_IA5STRING -d2i_ASN1_INTEGER -d2i_ASN1_NULL -d2i_ASN1_OBJECT -d2i_ASN1_OCTET_STRING -d2i_ASN1_PRINTABLE -d2i_ASN1_PRINTABLESTRING -d2i_ASN1_SEQUENCE_ANY -d2i_ASN1_SET_ANY -d2i_ASN1_T61STRING -d2i_ASN1_TIME -d2i_ASN1_TYPE -d2i_ASN1_UINTEGER -d2i_ASN1_UNIVERSALSTRING -d2i_ASN1_UTCTIME -d2i_ASN1_UTF8STRING -d2i_ASN1_VISIBLESTRING -d2i_ASRange -d2i_AUTHORITY_INFO_ACCESS -d2i_AUTHORITY_KEYID -d2i_AutoPrivateKey -d2i_BASIC_CONSTRAINTS -d2i_CERTIFICATEPOLICIES -d2i_CMS_ContentInfo -d2i_CMS_ReceiptRequest -d2i_CMS_bio -d2i_CRL_DIST_POINTS -d2i_DHparams -d2i_DHparams_bio -d2i_DHparams_fp -d2i_DIRECTORYSTRING -d2i_DISPLAYTEXT -d2i_DIST_POINT -d2i_DIST_POINT_NAME -d2i_DSAPrivateKey -d2i_DSAPrivateKey_bio -d2i_DSAPrivateKey_fp -d2i_DSAPublicKey -d2i_DSA_PUBKEY -d2i_DSA_PUBKEY_bio -d2i_DSA_PUBKEY_fp -d2i_DSA_SIG -d2i_DSAparams -d2i_DSAparams_bio -d2i_DSAparams_fp -d2i_ECDSA_SIG -d2i_ECPKParameters -d2i_ECParameters -d2i_ECPrivateKey -d2i_ECPrivateKey_bio -d2i_ECPrivateKey_fp -d2i_EC_PUBKEY -d2i_EC_PUBKEY_bio -d2i_EC_PUBKEY_fp -d2i_EDIPARTYNAME -d2i_ESS_CERT_ID -d2i_ESS_ISSUER_SERIAL -d2i_ESS_SIGNING_CERT -d2i_EXTENDED_KEY_USAGE -d2i_GENERAL_NAME -d2i_GENERAL_NAMES -d2i_IPAddressChoice -d2i_IPAddressFamily -d2i_IPAddressOrRange -d2i_IPAddressRange -d2i_ISSUING_DIST_POINT -d2i_NETSCAPE_SPKAC -d2i_NETSCAPE_SPKI -d2i_NOTICEREF -d2i_OCSP_BASICRESP -d2i_OCSP_CERTID -d2i_OCSP_CERTSTATUS -d2i_OCSP_CRLID -d2i_OCSP_ONEREQ -d2i_OCSP_REQINFO -d2i_OCSP_REQUEST -d2i_OCSP_REQUEST_bio -d2i_OCSP_RESPBYTES -d2i_OCSP_RESPDATA -d2i_OCSP_RESPID -d2i_OCSP_RESPONSE -d2i_OCSP_RESPONSE_bio -d2i_OCSP_REVOKEDINFO -d2i_OCSP_SERVICELOC -d2i_OCSP_SIGNATURE -d2i_OCSP_SINGLERESP -d2i_OTHERNAME -d2i_PKCS12 -d2i_PKCS12_SAFEBAG -d2i_PKCS12_bio -d2i_PKCS12_fp -d2i_PKCS7 -d2i_PKCS7_DIGEST -d2i_PKCS7_ENCRYPT -d2i_PKCS7_ENC_CONTENT -d2i_PKCS7_ENVELOPE -d2i_PKCS7_ISSUER_AND_SERIAL -d2i_PKCS7_RECIP_INFO -d2i_PKCS7_SIGNED -d2i_PKCS7_SIGNER_INFO -d2i_PKCS7_SIGN_ENVELOPE -d2i_PKCS7_bio -d2i_PKCS7_fp -d2i_PKCS8PrivateKey_bio -d2i_PKCS8PrivateKey_fp -d2i_PKCS8_PRIV_KEY_INFO -d2i_PKCS8_PRIV_KEY_INFO_bio -d2i_PKCS8_PRIV_KEY_INFO_fp -d2i_PKCS8_bio -d2i_PKCS8_fp -d2i_PKEY_USAGE_PERIOD -d2i_POLICYINFO -d2i_POLICYQUALINFO -d2i_PUBKEY -d2i_PUBKEY_bio -d2i_PUBKEY_fp -d2i_PrivateKey -d2i_PrivateKey_bio -d2i_PrivateKey_fp -d2i_PublicKey -d2i_RSAPrivateKey -d2i_RSAPrivateKey_bio -d2i_RSAPrivateKey_fp -d2i_RSAPublicKey -d2i_RSAPublicKey_bio -d2i_RSAPublicKey_fp -d2i_RSA_OAEP_PARAMS -d2i_RSA_PSS_PARAMS -d2i_RSA_PUBKEY -d2i_RSA_PUBKEY_bio -d2i_RSA_PUBKEY_fp -d2i_SCT_LIST -d2i_TS_ACCURACY -d2i_TS_MSG_IMPRINT -d2i_TS_MSG_IMPRINT_bio -d2i_TS_MSG_IMPRINT_fp -d2i_TS_REQ -d2i_TS_REQ_bio -d2i_TS_REQ_fp -d2i_TS_RESP -d2i_TS_RESP_bio -d2i_TS_RESP_fp -d2i_TS_STATUS_INFO -d2i_TS_TST_INFO -d2i_TS_TST_INFO_bio -d2i_TS_TST_INFO_fp -d2i_USERNOTICE -d2i_X509 -d2i_X509_ALGOR -d2i_X509_ALGORS -d2i_X509_ATTRIBUTE -d2i_X509_AUX -d2i_X509_CINF -d2i_X509_CRL -d2i_X509_CRL_INFO -d2i_X509_CRL_bio -d2i_X509_CRL_fp -d2i_X509_EXTENSION -d2i_X509_EXTENSIONS -d2i_X509_NAME -d2i_X509_NAME_ENTRY -d2i_X509_PUBKEY -d2i_X509_REQ -d2i_X509_REQ_INFO -d2i_X509_REQ_bio -d2i_X509_REQ_fp -d2i_X509_REVOKED -d2i_X509_SIG -d2i_X509_VAL -d2i_X509_bio -d2i_X509_fp -hex_to_string -i2a_ACCESS_DESCRIPTION -i2a_ASN1_ENUMERATED -i2a_ASN1_INTEGER -i2a_ASN1_OBJECT -i2a_ASN1_STRING -i2b_PVK_bio -i2b_PrivateKey_bio -i2b_PublicKey_bio -i2d_ACCESS_DESCRIPTION -i2d_ASIdOrRange -i2d_ASIdentifierChoice -i2d_ASIdentifiers -i2d_ASN1_BIT_STRING -i2d_ASN1_BMPSTRING -i2d_ASN1_ENUMERATED -i2d_ASN1_GENERALIZEDTIME -i2d_ASN1_GENERALSTRING -i2d_ASN1_IA5STRING -i2d_ASN1_INTEGER -i2d_ASN1_NULL -i2d_ASN1_OBJECT -i2d_ASN1_OCTET_STRING -i2d_ASN1_PRINTABLE -i2d_ASN1_PRINTABLESTRING -i2d_ASN1_SEQUENCE_ANY -i2d_ASN1_SET_ANY -i2d_ASN1_T61STRING -i2d_ASN1_TIME -i2d_ASN1_TYPE -i2d_ASN1_UNIVERSALSTRING -i2d_ASN1_UTCTIME -i2d_ASN1_UTF8STRING -i2d_ASN1_VISIBLESTRING -i2d_ASRange -i2d_AUTHORITY_INFO_ACCESS -i2d_AUTHORITY_KEYID -i2d_BASIC_CONSTRAINTS -i2d_CERTIFICATEPOLICIES -i2d_CMS_ContentInfo -i2d_CMS_ReceiptRequest -i2d_CMS_bio -i2d_CMS_bio_stream -i2d_CRL_DIST_POINTS -i2d_DHparams -i2d_DHparams_bio -i2d_DHparams_fp -i2d_DIRECTORYSTRING -i2d_DISPLAYTEXT -i2d_DIST_POINT -i2d_DIST_POINT_NAME -i2d_DSAPrivateKey -i2d_DSAPrivateKey_bio -i2d_DSAPrivateKey_fp -i2d_DSAPublicKey -i2d_DSA_PUBKEY -i2d_DSA_PUBKEY_bio -i2d_DSA_PUBKEY_fp -i2d_DSA_SIG -i2d_DSAparams -i2d_DSAparams_bio -i2d_DSAparams_fp -i2d_ECDSA_SIG -i2d_ECPKParameters -i2d_ECParameters -i2d_ECPrivateKey -i2d_ECPrivateKey_bio -i2d_ECPrivateKey_fp -i2d_EC_PUBKEY -i2d_EC_PUBKEY_bio -i2d_EC_PUBKEY_fp -i2d_EDIPARTYNAME -i2d_ESS_CERT_ID -i2d_ESS_ISSUER_SERIAL -i2d_ESS_SIGNING_CERT -i2d_EXTENDED_KEY_USAGE -i2d_GENERAL_NAME -i2d_GENERAL_NAMES -i2d_IPAddressChoice -i2d_IPAddressFamily -i2d_IPAddressOrRange -i2d_IPAddressRange -i2d_ISSUING_DIST_POINT -i2d_NETSCAPE_SPKAC -i2d_NETSCAPE_SPKI -i2d_NOTICEREF -i2d_OCSP_BASICRESP -i2d_OCSP_CERTID -i2d_OCSP_CERTSTATUS -i2d_OCSP_CRLID -i2d_OCSP_ONEREQ -i2d_OCSP_REQINFO -i2d_OCSP_REQUEST -i2d_OCSP_REQUEST_bio -i2d_OCSP_RESPBYTES -i2d_OCSP_RESPDATA -i2d_OCSP_RESPID -i2d_OCSP_RESPONSE -i2d_OCSP_RESPONSE_bio -i2d_OCSP_REVOKEDINFO -i2d_OCSP_SERVICELOC -i2d_OCSP_SIGNATURE -i2d_OCSP_SINGLERESP -i2d_OTHERNAME -i2d_PKCS12 -i2d_PKCS12_SAFEBAG -i2d_PKCS12_bio -i2d_PKCS12_fp -i2d_PKCS7 -i2d_PKCS7_DIGEST -i2d_PKCS7_ENCRYPT -i2d_PKCS7_ENC_CONTENT -i2d_PKCS7_ENVELOPE -i2d_PKCS7_ISSUER_AND_SERIAL -i2d_PKCS7_RECIP_INFO -i2d_PKCS7_SIGNED -i2d_PKCS7_SIGNER_INFO -i2d_PKCS7_SIGN_ENVELOPE -i2d_PKCS7_bio -i2d_PKCS7_bio_stream -i2d_PKCS7_fp -i2d_PKCS8PrivateKeyInfo_bio -i2d_PKCS8PrivateKeyInfo_fp -i2d_PKCS8PrivateKey_bio -i2d_PKCS8PrivateKey_fp -i2d_PKCS8PrivateKey_nid_bio -i2d_PKCS8PrivateKey_nid_fp -i2d_PKCS8_PRIV_KEY_INFO -i2d_PKCS8_PRIV_KEY_INFO_bio -i2d_PKCS8_PRIV_KEY_INFO_fp -i2d_PKCS8_bio -i2d_PKCS8_fp -i2d_PKEY_USAGE_PERIOD -i2d_POLICYINFO -i2d_POLICYQUALINFO -i2d_PUBKEY -i2d_PUBKEY_bio -i2d_PUBKEY_fp -i2d_PrivateKey -i2d_PrivateKey_bio -i2d_PrivateKey_fp -i2d_PublicKey -i2d_RSAPrivateKey -i2d_RSAPrivateKey_bio -i2d_RSAPrivateKey_fp -i2d_RSAPublicKey -i2d_RSAPublicKey_bio -i2d_RSAPublicKey_fp -i2d_RSA_OAEP_PARAMS -i2d_RSA_PSS_PARAMS -i2d_RSA_PUBKEY -i2d_RSA_PUBKEY_bio -i2d_RSA_PUBKEY_fp -i2d_SCT_LIST -i2d_TS_ACCURACY -i2d_TS_MSG_IMPRINT -i2d_TS_MSG_IMPRINT_bio -i2d_TS_MSG_IMPRINT_fp -i2d_TS_REQ -i2d_TS_REQ_bio -i2d_TS_REQ_fp -i2d_TS_RESP -i2d_TS_RESP_bio -i2d_TS_RESP_fp -i2d_TS_STATUS_INFO -i2d_TS_TST_INFO -i2d_TS_TST_INFO_bio -i2d_TS_TST_INFO_fp -i2d_USERNOTICE -i2d_X509 -i2d_X509_ALGOR -i2d_X509_ALGORS -i2d_X509_ATTRIBUTE -i2d_X509_AUX -i2d_X509_CINF -i2d_X509_CRL -i2d_X509_CRL_INFO -i2d_X509_CRL_bio -i2d_X509_CRL_fp -i2d_X509_EXTENSION -i2d_X509_EXTENSIONS -i2d_X509_NAME -i2d_X509_NAME_ENTRY -i2d_X509_PUBKEY -i2d_X509_REQ -i2d_X509_REQ_INFO -i2d_X509_REQ_bio -i2d_X509_REQ_fp -i2d_X509_REVOKED -i2d_X509_SIG -i2d_X509_VAL -i2d_X509_bio -i2d_X509_fp -i2d_re_X509_CRL_tbs -i2d_re_X509_REQ_tbs -i2d_re_X509_tbs -i2o_ECPublicKey -i2o_SCT -i2o_SCT_LIST -i2s_ASN1_ENUMERATED -i2s_ASN1_ENUMERATED_TABLE -i2s_ASN1_INTEGER -i2s_ASN1_OCTET_STRING -i2t_ASN1_OBJECT -i2v_ASN1_BIT_STRING -i2v_GENERAL_NAME -i2v_GENERAL_NAMES -idea_cbc_encrypt -idea_cfb64_encrypt -idea_ecb_encrypt -idea_encrypt -idea_ofb64_encrypt -idea_set_decrypt_key -idea_set_encrypt_key -lh_delete -lh_doall -lh_doall_arg -lh_error -lh_free -lh_insert -lh_new -lh_num_items -lh_retrieve -lh_strhash -o2i_ECPublicKey -o2i_SCT -o2i_SCT_LIST -s2i_ASN1_INTEGER -s2i_ASN1_OCTET_STRING -sk_delete -sk_delete_ptr -sk_dup -sk_find -sk_free -sk_insert -sk_is_sorted -sk_new -sk_new_null -sk_num -sk_pop -sk_pop_free -sk_push -sk_set -sk_set_cmp_func -sk_shift -sk_sort -sk_unshift -sk_value -sk_zero -string_to_hex -v2i_ASN1_BIT_STRING -v2i_GENERAL_NAME -v2i_GENERAL_NAMES -v2i_GENERAL_NAME_ex diff --git a/src/lib/libcrypto/aes/aes.c b/src/lib/libcrypto/aes/aes.c deleted file mode 100644 index d36a006360..0000000000 --- a/src/lib/libcrypto/aes/aes.c +++ /dev/null @@ -1,226 +0,0 @@ -/* $OpenBSD: aes.c,v 1.4 2024/08/11 13:02:39 jsing Exp $ */ -/* ==================================================================== - * Copyright (c) 2002-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - */ - -#include - -#include -#include -#include - -#include "crypto_arch.h" - -static const unsigned char aes_wrap_default_iv[] = { - 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, -}; - -#ifdef HAVE_AES_CBC_ENCRYPT_INTERNAL -void aes_cbc_encrypt_internal(const unsigned char *in, unsigned char *out, - size_t len, const AES_KEY *key, unsigned char *ivec, const int enc); - -#else -static inline void -aes_cbc_encrypt_internal(const unsigned char *in, unsigned char *out, - size_t len, const AES_KEY *key, unsigned char *ivec, const int enc) -{ - if (enc) - CRYPTO_cbc128_encrypt(in, out, len, key, ivec, - (block128_f)AES_encrypt); - else - CRYPTO_cbc128_decrypt(in, out, len, key, ivec, - (block128_f)AES_decrypt); -} -#endif - -void -AES_cbc_encrypt(const unsigned char *in, unsigned char *out, - size_t len, const AES_KEY *key, unsigned char *ivec, const int enc) -{ - aes_cbc_encrypt_internal(in, out, len, key, ivec, enc); -} -LCRYPTO_ALIAS(AES_cbc_encrypt); - -/* - * The input and output encrypted as though 128bit cfb mode is being - * used. The extra state information to record how much of the - * 128bit block we have used is contained in *num; - */ - -void -AES_cfb128_encrypt(const unsigned char *in, unsigned char *out, size_t length, - const AES_KEY *key, unsigned char *ivec, int *num, const int enc) -{ - CRYPTO_cfb128_encrypt(in, out, length, key, ivec, num, enc, - (block128_f)AES_encrypt); -} -LCRYPTO_ALIAS(AES_cfb128_encrypt); - -/* N.B. This expects the input to be packed, MS bit first */ -void -AES_cfb1_encrypt(const unsigned char *in, unsigned char *out, size_t length, - const AES_KEY *key, unsigned char *ivec, int *num, const int enc) -{ - CRYPTO_cfb128_1_encrypt(in, out, length, key, ivec, num, enc, - (block128_f)AES_encrypt); -} -LCRYPTO_ALIAS(AES_cfb1_encrypt); - -void -AES_cfb8_encrypt(const unsigned char *in, unsigned char *out, size_t length, - const AES_KEY *key, unsigned char *ivec, int *num, const int enc) -{ - CRYPTO_cfb128_8_encrypt(in, out, length, key, ivec, num, enc, - (block128_f)AES_encrypt); -} -LCRYPTO_ALIAS(AES_cfb8_encrypt); - -void -AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const AES_KEY *key, unsigned char ivec[AES_BLOCK_SIZE], - unsigned char ecount_buf[AES_BLOCK_SIZE], unsigned int *num) -{ - CRYPTO_ctr128_encrypt(in, out, length, key, ivec, ecount_buf, num, - (block128_f)AES_encrypt); -} -LCRYPTO_ALIAS(AES_ctr128_encrypt); - -void -AES_ecb_encrypt(const unsigned char *in, unsigned char *out, - const AES_KEY *key, const int enc) -{ - if (AES_ENCRYPT == enc) - AES_encrypt(in, out, key); - else - AES_decrypt(in, out, key); -} -LCRYPTO_ALIAS(AES_ecb_encrypt); - -void -AES_ofb128_encrypt(const unsigned char *in, unsigned char *out, size_t length, - const AES_KEY *key, unsigned char *ivec, int *num) -{ - CRYPTO_ofb128_encrypt(in, out, length, key, ivec, num, - (block128_f)AES_encrypt); -} -LCRYPTO_ALIAS(AES_ofb128_encrypt); - -int -AES_wrap_key(AES_KEY *key, const unsigned char *iv, unsigned char *out, - const unsigned char *in, unsigned int inlen) -{ - unsigned char *A, B[16], *R; - unsigned int i, j, t; - - if ((inlen & 0x7) || (inlen < 16)) - return -1; - A = B; - t = 1; - memmove(out + 8, in, inlen); - if (!iv) - iv = aes_wrap_default_iv; - - memcpy(A, iv, 8); - - for (j = 0; j < 6; j++) { - R = out + 8; - for (i = 0; i < inlen; i += 8, t++, R += 8) { - memcpy(B + 8, R, 8); - AES_encrypt(B, B, key); - A[7] ^= (unsigned char)(t & 0xff); - if (t > 0xff) { - A[6] ^= (unsigned char)((t >> 8) & 0xff); - A[5] ^= (unsigned char)((t >> 16) & 0xff); - A[4] ^= (unsigned char)((t >> 24) & 0xff); - } - memcpy(R, B + 8, 8); - } - } - memcpy(out, A, 8); - return inlen + 8; -} -LCRYPTO_ALIAS(AES_wrap_key); - -int -AES_unwrap_key(AES_KEY *key, const unsigned char *iv, unsigned char *out, - const unsigned char *in, unsigned int inlen) -{ - unsigned char *A, B[16], *R; - unsigned int i, j, t; - - if ((inlen & 0x7) || (inlen < 24)) - return -1; - inlen -= 8; - A = B; - t = 6 * (inlen >> 3); - memcpy(A, in, 8); - memmove(out, in + 8, inlen); - for (j = 0; j < 6; j++) { - R = out + inlen - 8; - for (i = 0; i < inlen; i += 8, t--, R -= 8) { - A[7] ^= (unsigned char)(t & 0xff); - if (t > 0xff) { - A[6] ^= (unsigned char)((t >> 8) & 0xff); - A[5] ^= (unsigned char)((t >> 16) & 0xff); - A[4] ^= (unsigned char)((t >> 24) & 0xff); - } - memcpy(B + 8, R, 8); - AES_decrypt(B, B, key); - memcpy(R, B + 8, 8); - } - } - if (!iv) - iv = aes_wrap_default_iv; - if (memcmp(A, iv, 8)) { - explicit_bzero(out, inlen); - return 0; - } - return inlen; -} -LCRYPTO_ALIAS(AES_unwrap_key); diff --git a/src/lib/libcrypto/aes/aes.h b/src/lib/libcrypto/aes/aes.h deleted file mode 100644 index 8903a8ef8d..0000000000 --- a/src/lib/libcrypto/aes/aes.h +++ /dev/null @@ -1,120 +0,0 @@ -/* $OpenBSD: aes.h,v 1.16 2025/01/25 17:59:44 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - */ - -#ifndef HEADER_AES_H -#define HEADER_AES_H - -#include - -#include - -#define AES_ENCRYPT 1 -#define AES_DECRYPT 0 - -/* Because array size can't be a const in C, the following two are macros. - Both sizes are in bytes. */ -#define AES_MAXNR 14 -#define AES_BLOCK_SIZE 16 - -#ifdef __cplusplus -extern "C" { -#endif - -/* This should be a hidden type, but EVP requires that the size be known */ -struct aes_key_st { - unsigned int rd_key[4 *(AES_MAXNR + 1)]; - int rounds; -}; -typedef struct aes_key_st AES_KEY; - -int AES_set_encrypt_key(const unsigned char *userKey, const int bits, - AES_KEY *key); -int AES_set_decrypt_key(const unsigned char *userKey, const int bits, - AES_KEY *key); - -void AES_encrypt(const unsigned char *in, unsigned char *out, - const AES_KEY *key); -void AES_decrypt(const unsigned char *in, unsigned char *out, - const AES_KEY *key); - -void AES_ecb_encrypt(const unsigned char *in, unsigned char *out, - const AES_KEY *key, const int enc); -void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const AES_KEY *key, unsigned char *ivec, const int enc); -void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const AES_KEY *key, unsigned char *ivec, int *num, - const int enc); -void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const AES_KEY *key, unsigned char *ivec, int *num, - const int enc); -void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const AES_KEY *key, unsigned char *ivec, int *num, - const int enc); -void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const AES_KEY *key, unsigned char *ivec, int *num); -void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const AES_KEY *key, unsigned char ivec[AES_BLOCK_SIZE], - unsigned char ecount_buf[AES_BLOCK_SIZE], unsigned int *num); -/* NB: the IV is _two_ blocks long */ -void AES_ige_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const AES_KEY *key, unsigned char *ivec, const int enc); - -int AES_wrap_key(AES_KEY *key, const unsigned char *iv, unsigned char *out, - const unsigned char *in, unsigned int inlen); -int AES_unwrap_key(AES_KEY *key, const unsigned char *iv, unsigned char *out, - const unsigned char *in, unsigned int inlen); - - -#ifdef __cplusplus -} -#endif - -#endif /* !HEADER_AES_H */ diff --git a/src/lib/libcrypto/aes/aes_core.c b/src/lib/libcrypto/aes/aes_core.c deleted file mode 100644 index 4383d74903..0000000000 --- a/src/lib/libcrypto/aes/aes_core.c +++ /dev/null @@ -1,1229 +0,0 @@ -/* $OpenBSD: aes_core.c,v 1.25 2024/11/13 21:00:57 tb Exp $ */ -/** - * rijndael-alg-fst.c - * - * @version 3.0 (December 2000) - * - * Optimised ANSI C code for the Rijndael cipher (now AES) - * - * @author Vincent Rijmen - * @author Antoon Bosselaers - * @author Paulo Barreto - * - * This code is hereby placed in the public domain. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS - * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED - * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE - * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, - * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -/* - * Note: rewritten a little bit to provide error control and an OpenSSL- - * compatible API. - */ - -#include - -#include - -#include "aes_local.h" -#include "crypto_arch.h" -#include "crypto_internal.h" - -/* -Te0[x] = S [x].[02, 01, 01, 03]; -Te1[x] = S [x].[03, 02, 01, 01]; -Te2[x] = S [x].[01, 03, 02, 01]; -Te3[x] = S [x].[01, 01, 03, 02]; - -Td0[x] = Si[x].[0e, 09, 0d, 0b]; -Td1[x] = Si[x].[0b, 0e, 09, 0d]; -Td2[x] = Si[x].[0d, 0b, 0e, 09]; -Td3[x] = Si[x].[09, 0d, 0b, 0e]; -Td4[x] = Si[x].[01]; -*/ - -#if !defined(HAVE_AES_SET_ENCRYPT_KEY_INTERNAL) || \ - !defined(HAVE_AES_SET_DECRYPT_KEY_INTERNAL) || \ - !defined(HAVE_AES_ENCRYPT_INTERNAL) || \ - !defined(HAVE_AES_DECRYPT_INTERNAL) -static const u32 Te0[256] = { - 0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU, - 0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U, - 0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU, - 0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU, - 0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U, - 0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU, - 0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU, - 0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU, - 0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU, - 0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU, - 0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U, - 0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU, - 0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU, - 0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U, - 0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU, - 0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU, - 0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU, - 0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU, - 0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU, - 0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U, - 0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU, - 0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU, - 0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU, - 0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU, - 0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U, - 0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U, - 0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U, - 0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U, - 0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU, - 0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U, - 0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U, - 0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU, - 0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU, - 0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U, - 0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U, - 0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U, - 0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU, - 0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U, - 0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU, - 0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U, - 0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU, - 0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U, - 0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U, - 0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU, - 0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U, - 0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U, - 0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U, - 0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U, - 0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U, - 0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U, - 0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U, - 0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U, - 0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU, - 0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U, - 0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U, - 0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U, - 0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U, - 0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U, - 0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U, - 0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU, - 0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U, - 0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U, - 0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U, - 0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU, -}; -static const u32 Te1[256] = { - 0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU, - 0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U, - 0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU, - 0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U, - 0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU, - 0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U, - 0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU, - 0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U, - 0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U, - 0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU, - 0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U, - 0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U, - 0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U, - 0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU, - 0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U, - 0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U, - 0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU, - 0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U, - 0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U, - 0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U, - 0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU, - 0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU, - 0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U, - 0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU, - 0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU, - 0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U, - 0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU, - 0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U, - 0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU, - 0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U, - 0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U, - 0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U, - 0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU, - 0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U, - 0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU, - 0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U, - 0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU, - 0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U, - 0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U, - 0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU, - 0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU, - 0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU, - 0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U, - 0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U, - 0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU, - 0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U, - 0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU, - 0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U, - 0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU, - 0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U, - 0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU, - 0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU, - 0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U, - 0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU, - 0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U, - 0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU, - 0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U, - 0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U, - 0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U, - 0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU, - 0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU, - 0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U, - 0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU, - 0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U, -}; -static const u32 Te2[256] = { - 0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU, - 0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U, - 0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU, - 0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U, - 0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU, - 0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U, - 0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU, - 0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U, - 0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U, - 0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU, - 0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U, - 0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U, - 0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U, - 0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU, - 0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U, - 0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U, - 0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU, - 0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U, - 0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U, - 0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U, - 0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU, - 0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU, - 0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U, - 0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU, - 0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU, - 0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U, - 0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU, - 0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U, - 0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU, - 0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U, - 0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U, - 0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U, - 0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU, - 0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U, - 0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU, - 0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U, - 0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU, - 0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U, - 0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U, - 0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU, - 0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU, - 0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU, - 0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U, - 0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U, - 0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU, - 0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U, - 0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU, - 0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U, - 0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU, - 0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U, - 0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU, - 0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU, - 0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U, - 0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU, - 0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U, - 0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU, - 0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U, - 0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U, - 0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U, - 0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU, - 0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU, - 0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U, - 0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU, - 0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U, -}; -static const u32 Te3[256] = { - 0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U, - 0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U, - 0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U, - 0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU, - 0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU, - 0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU, - 0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U, - 0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU, - 0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU, - 0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U, - 0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U, - 0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU, - 0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU, - 0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU, - 0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU, - 0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU, - 0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U, - 0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU, - 0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU, - 0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U, - 0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U, - 0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U, - 0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U, - 0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U, - 0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU, - 0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U, - 0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU, - 0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU, - 0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U, - 0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U, - 0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U, - 0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU, - 0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U, - 0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU, - 0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU, - 0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U, - 0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U, - 0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU, - 0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U, - 0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU, - 0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U, - 0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U, - 0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U, - 0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U, - 0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU, - 0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U, - 0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU, - 0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U, - 0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU, - 0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U, - 0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU, - 0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU, - 0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU, - 0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU, - 0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U, - 0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U, - 0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U, - 0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U, - 0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U, - 0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U, - 0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU, - 0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U, - 0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU, - 0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU, -}; - -static const u32 Td0[256] = { - 0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U, - 0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U, - 0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U, - 0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU, - 0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U, - 0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U, - 0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU, - 0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U, - 0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU, - 0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U, - 0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U, - 0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U, - 0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U, - 0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU, - 0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U, - 0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU, - 0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U, - 0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU, - 0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U, - 0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U, - 0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U, - 0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU, - 0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U, - 0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU, - 0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U, - 0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU, - 0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U, - 0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU, - 0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU, - 0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U, - 0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU, - 0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U, - 0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU, - 0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U, - 0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U, - 0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U, - 0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU, - 0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U, - 0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U, - 0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU, - 0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U, - 0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U, - 0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U, - 0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U, - 0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U, - 0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU, - 0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U, - 0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U, - 0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U, - 0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U, - 0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U, - 0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU, - 0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU, - 0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU, - 0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU, - 0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U, - 0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U, - 0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU, - 0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU, - 0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U, - 0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU, - 0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U, - 0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U, - 0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U, -}; -static const u32 Td1[256] = { - 0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU, - 0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U, - 0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU, - 0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U, - 0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U, - 0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U, - 0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U, - 0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U, - 0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U, - 0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU, - 0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU, - 0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU, - 0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U, - 0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU, - 0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U, - 0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U, - 0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U, - 0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU, - 0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU, - 0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U, - 0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU, - 0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U, - 0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU, - 0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU, - 0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U, - 0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U, - 0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U, - 0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU, - 0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U, - 0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU, - 0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U, - 0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U, - 0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U, - 0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU, - 0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U, - 0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U, - 0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U, - 0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U, - 0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U, - 0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U, - 0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU, - 0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU, - 0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U, - 0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU, - 0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U, - 0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU, - 0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU, - 0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U, - 0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU, - 0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U, - 0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U, - 0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U, - 0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U, - 0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U, - 0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U, - 0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U, - 0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU, - 0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U, - 0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U, - 0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU, - 0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U, - 0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U, - 0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U, - 0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U, -}; -static const u32 Td2[256] = { - 0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U, - 0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U, - 0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U, - 0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U, - 0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU, - 0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U, - 0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U, - 0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U, - 0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U, - 0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU, - 0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U, - 0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U, - 0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU, - 0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U, - 0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U, - 0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U, - 0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U, - 0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U, - 0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U, - 0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU, - 0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U, - 0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U, - 0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U, - 0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U, - 0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U, - 0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU, - 0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU, - 0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U, - 0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU, - 0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U, - 0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU, - 0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU, - 0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU, - 0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU, - 0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U, - 0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U, - 0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U, - 0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U, - 0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U, - 0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U, - 0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U, - 0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU, - 0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU, - 0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U, - 0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U, - 0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU, - 0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU, - 0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U, - 0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U, - 0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U, - 0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U, - 0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U, - 0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U, - 0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U, - 0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU, - 0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U, - 0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U, - 0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U, - 0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U, - 0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U, - 0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U, - 0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU, - 0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U, - 0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U, -}; -static const u32 Td3[256] = { - 0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU, - 0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU, - 0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U, - 0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U, - 0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU, - 0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU, - 0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U, - 0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU, - 0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U, - 0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU, - 0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U, - 0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U, - 0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U, - 0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U, - 0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U, - 0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU, - 0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU, - 0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U, - 0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U, - 0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU, - 0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU, - 0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U, - 0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U, - 0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U, - 0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U, - 0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU, - 0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U, - 0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U, - 0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU, - 0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU, - 0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U, - 0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U, - 0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U, - 0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU, - 0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U, - 0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U, - 0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U, - 0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U, - 0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U, - 0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U, - 0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U, - 0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU, - 0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U, - 0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U, - 0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU, - 0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU, - 0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U, - 0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU, - 0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U, - 0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U, - 0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U, - 0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U, - 0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U, - 0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U, - 0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU, - 0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU, - 0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU, - 0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU, - 0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U, - 0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U, - 0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U, - 0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU, - 0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U, - 0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U, -}; -#endif - -#if !defined(HAVE_AES_ENCRYPT_INTERNAL) || \ - !defined(HAVE_AES_DECRYPT_INTERNAL) -static const u8 Td4[256] = { - 0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U, - 0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU, - 0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U, - 0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU, - 0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU, - 0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU, - 0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U, - 0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U, - 0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U, - 0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U, - 0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU, - 0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U, - 0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU, - 0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U, - 0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U, - 0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU, - 0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU, - 0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U, - 0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U, - 0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU, - 0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U, - 0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU, - 0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U, - 0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U, - 0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U, - 0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU, - 0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU, - 0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU, - 0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U, - 0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U, - 0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U, - 0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU, -}; -#endif - -#if !defined(HAVE_AES_SET_ENCRYPT_KEY_INTERNAL) || \ - !defined(HAVE_AES_SET_DECRYPT_KEY_INTERNAL) -static const u32 rcon[] = { - 0x01000000, 0x02000000, 0x04000000, 0x08000000, - 0x10000000, 0x20000000, 0x40000000, 0x80000000, - 0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */ -}; -#endif - -#ifdef HAVE_AES_SET_ENCRYPT_KEY_INTERNAL -int aes_set_encrypt_key_internal(const unsigned char *userKey, const int bits, - AES_KEY *key); - -#else - -/* - * Expand the cipher key into the encryption key schedule. - */ -static inline int -aes_set_encrypt_key_internal(const unsigned char *userKey, const int bits, - AES_KEY *key) -{ - u32 *rk; - int i = 0; - u32 temp; - - if (!userKey || !key) - return -1; - if (bits != 128 && bits != 192 && bits != 256) - return -2; - - rk = key->rd_key; - - if (bits == 128) - key->rounds = 10; - else if (bits == 192) - key->rounds = 12; - else - key->rounds = 14; - - rk[0] = crypto_load_be32toh(&userKey[0 * 4]); - rk[1] = crypto_load_be32toh(&userKey[1 * 4]); - rk[2] = crypto_load_be32toh(&userKey[2 * 4]); - rk[3] = crypto_load_be32toh(&userKey[3 * 4]); - if (bits == 128) { - while (1) { - temp = rk[3]; - rk[4] = rk[0] ^ - (Te2[(temp >> 16) & 0xff] & 0xff000000) ^ - (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^ - (Te0[(temp) & 0xff] & 0x0000ff00) ^ - (Te1[(temp >> 24)] & 0x000000ff) ^ - rcon[i]; - rk[5] = rk[1] ^ rk[4]; - rk[6] = rk[2] ^ rk[5]; - rk[7] = rk[3] ^ rk[6]; - if (++i == 10) { - return 0; - } - rk += 4; - } - } - rk[4] = crypto_load_be32toh(&userKey[4 * 4]); - rk[5] = crypto_load_be32toh(&userKey[5 * 4]); - if (bits == 192) { - while (1) { - temp = rk[5]; - rk[6] = rk[ 0] ^ - (Te2[(temp >> 16) & 0xff] & 0xff000000) ^ - (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^ - (Te0[(temp) & 0xff] & 0x0000ff00) ^ - (Te1[(temp >> 24)] & 0x000000ff) ^ - rcon[i]; - rk[7] = rk[1] ^ rk[6]; - rk[8] = rk[2] ^ rk[7]; - rk[9] = rk[3] ^ rk[8]; - if (++i == 8) { - return 0; - } - rk[10] = rk[4] ^ rk[9]; - rk[11] = rk[5] ^ rk[10]; - rk += 6; - } - } - rk[6] = crypto_load_be32toh(&userKey[6 * 4]); - rk[7] = crypto_load_be32toh(&userKey[7 * 4]); - if (bits == 256) { - while (1) { - temp = rk[7]; - rk[8] = rk[0] ^ - (Te2[(temp >> 16) & 0xff] & 0xff000000) ^ - (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^ - (Te0[(temp) & 0xff] & 0x0000ff00) ^ - (Te1[(temp >> 24)] & 0x000000ff) ^ - rcon[i]; - rk[9] = rk[1] ^ rk[8]; - rk[10] = rk[2] ^ rk[9]; - rk[11] = rk[3] ^ rk[10]; - if (++i == 7) { - return 0; - } - temp = rk[11]; - rk[12] = rk[4] ^ - (Te2[(temp >> 24)] & 0xff000000) ^ - (Te3[(temp >> 16) & 0xff] & 0x00ff0000) ^ - (Te0[(temp >> 8) & 0xff] & 0x0000ff00) ^ - (Te1[(temp) & 0xff] & 0x000000ff); - rk[13] = rk[5] ^ rk[12]; - rk[14] = rk[6] ^ rk[13]; - rk[15] = rk[7] ^ rk[14]; - - rk += 8; - } - } - return 0; -} -#endif - -int -AES_set_encrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key) -{ - return aes_set_encrypt_key_internal(userKey, bits, key); -} -LCRYPTO_ALIAS(AES_set_encrypt_key); - -#ifdef HAVE_AES_SET_DECRYPT_KEY_INTERNAL -int aes_set_decrypt_key_internal(const unsigned char *userKey, const int bits, - AES_KEY *key); - -#else -/* - * Expand the cipher key into the decryption key schedule. - */ -static inline int -aes_set_decrypt_key_internal(const unsigned char *userKey, const int bits, - AES_KEY *key) -{ - u32 *rk; - int i, j, status; - u32 temp; - - /* first, start with an encryption schedule */ - status = AES_set_encrypt_key(userKey, bits, key); - if (status < 0) - return status; - - rk = key->rd_key; - - /* invert the order of the round keys: */ - for (i = 0, j = 4 * (key->rounds); i < j; i += 4, j -= 4) { - temp = rk[i]; - rk[i] = rk[j]; - rk[j] = temp; - temp = rk[i + 1]; - rk[i + 1] = rk[j + 1]; - rk[j + 1] = temp; - temp = rk[i + 2]; - rk[i + 2] = rk[j + 2]; - rk[j + 2] = temp; - temp = rk[i + 3]; - rk[i + 3] = rk[j + 3]; - rk[j + 3] = temp; - } - /* apply the inverse MixColumn transform to all round keys but the first and the last: */ - for (i = 1; i < (key->rounds); i++) { - rk += 4; - rk[0] = - Td0[Te1[(rk[0] >> 24)] & 0xff] ^ - Td1[Te1[(rk[0] >> 16) & 0xff] & 0xff] ^ - Td2[Te1[(rk[0] >> 8) & 0xff] & 0xff] ^ - Td3[Te1[(rk[0]) & 0xff] & 0xff]; - rk[1] = - Td0[Te1[(rk[1] >> 24)] & 0xff] ^ - Td1[Te1[(rk[1] >> 16) & 0xff] & 0xff] ^ - Td2[Te1[(rk[1] >> 8) & 0xff] & 0xff] ^ - Td3[Te1[(rk[1]) & 0xff] & 0xff]; - rk[2] = - Td0[Te1[(rk[2] >> 24)] & 0xff] ^ - Td1[Te1[(rk[2] >> 16) & 0xff] & 0xff] ^ - Td2[Te1[(rk[2] >> 8) & 0xff] & 0xff] ^ - Td3[Te1[(rk[2]) & 0xff] & 0xff]; - rk[3] = - Td0[Te1[(rk[3] >> 24)] & 0xff] ^ - Td1[Te1[(rk[3] >> 16) & 0xff] & 0xff] ^ - Td2[Te1[(rk[3] >> 8) & 0xff] & 0xff] ^ - Td3[Te1[(rk[3]) & 0xff] & 0xff]; - } - return 0; -} -#endif - -int -AES_set_decrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key) -{ - return aes_set_decrypt_key_internal(userKey, bits, key); -} -LCRYPTO_ALIAS(AES_set_decrypt_key); - -#ifdef HAVE_AES_ENCRYPT_INTERNAL -void aes_encrypt_internal(const unsigned char *in, unsigned char *out, - const AES_KEY *key); - -#else -/* - * Encrypt a single block - in and out can overlap. - */ -static inline void -aes_encrypt_internal(const unsigned char *in, unsigned char *out, - const AES_KEY *key) -{ - const u32 *rk; - u32 s0, s1, s2, s3, t0, t1, t2, t3; -#ifndef FULL_UNROLL - int r; -#endif /* ?FULL_UNROLL */ - - rk = key->rd_key; - - /* - * map byte array block to cipher state - * and add initial round key: - */ - s0 = crypto_load_be32toh(&in[0 * 4]) ^ rk[0]; - s1 = crypto_load_be32toh(&in[1 * 4]) ^ rk[1]; - s2 = crypto_load_be32toh(&in[2 * 4]) ^ rk[2]; - s3 = crypto_load_be32toh(&in[3 * 4]) ^ rk[3]; -#ifdef FULL_UNROLL - /* round 1: */ - t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4]; - t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5]; - t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6]; - t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7]; - /* round 2: */ - s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8]; - s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9]; - s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10]; - s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11]; - /* round 3: */ - t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12]; - t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13]; - t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14]; - t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15]; - /* round 4: */ - s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16]; - s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17]; - s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18]; - s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19]; - /* round 5: */ - t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20]; - t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21]; - t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22]; - t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23]; - /* round 6: */ - s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24]; - s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25]; - s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26]; - s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27]; - /* round 7: */ - t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28]; - t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29]; - t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30]; - t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31]; - /* round 8: */ - s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32]; - s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33]; - s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34]; - s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35]; - /* round 9: */ - t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36]; - t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37]; - t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38]; - t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39]; - if (key->rounds > 10) { - /* round 10: */ - s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40]; - s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[41]; - s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[42]; - s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[43]; - /* round 11: */ - t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[44]; - t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[45]; - t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[46]; - t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[47]; - if (key->rounds > 12) { - /* round 12: */ - s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[48]; - s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[49]; - s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[50]; - s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[51]; - /* round 13: */ - t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[52]; - t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[53]; - t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[54]; - t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[55]; - } - } - rk += key->rounds << 2; -#else /* !FULL_UNROLL */ - /* - * Nr - 1 full rounds: - */ - r = key->rounds >> 1; - for (;;) { - t0 = - Te0[(s0 >> 24)] ^ - Te1[(s1 >> 16) & 0xff] ^ - Te2[(s2 >> 8) & 0xff] ^ - Te3[(s3) & 0xff] ^ - rk[4]; - t1 = - Te0[(s1 >> 24)] ^ - Te1[(s2 >> 16) & 0xff] ^ - Te2[(s3 >> 8) & 0xff] ^ - Te3[(s0) & 0xff] ^ - rk[5]; - t2 = - Te0[(s2 >> 24)] ^ - Te1[(s3 >> 16) & 0xff] ^ - Te2[(s0 >> 8) & 0xff] ^ - Te3[(s1) & 0xff] ^ - rk[6]; - t3 = - Te0[(s3 >> 24)] ^ - Te1[(s0 >> 16) & 0xff] ^ - Te2[(s1 >> 8) & 0xff] ^ - Te3[(s2) & 0xff] ^ - rk[7]; - - rk += 8; - if (--r == 0) { - break; - } - - s0 = - Te0[(t0 >> 24)] ^ - Te1[(t1 >> 16) & 0xff] ^ - Te2[(t2 >> 8) & 0xff] ^ - Te3[(t3) & 0xff] ^ - rk[0]; - s1 = - Te0[(t1 >> 24)] ^ - Te1[(t2 >> 16) & 0xff] ^ - Te2[(t3 >> 8) & 0xff] ^ - Te3[(t0) & 0xff] ^ - rk[1]; - s2 = - Te0[(t2 >> 24)] ^ - Te1[(t3 >> 16) & 0xff] ^ - Te2[(t0 >> 8) & 0xff] ^ - Te3[(t1) & 0xff] ^ - rk[2]; - s3 = - Te0[(t3 >> 24)] ^ - Te1[(t0 >> 16) & 0xff] ^ - Te2[(t1 >> 8) & 0xff] ^ - Te3[(t2) & 0xff] ^ - rk[3]; - } -#endif /* ?FULL_UNROLL */ - /* - * apply last round and - * map cipher state to byte array block: - */ - s0 = - (Te2[(t0 >> 24)] & 0xff000000) ^ - (Te3[(t1 >> 16) & 0xff] & 0x00ff0000) ^ - (Te0[(t2 >> 8) & 0xff] & 0x0000ff00) ^ - (Te1[(t3) & 0xff] & 0x000000ff) ^ - rk[0]; - crypto_store_htobe32(&out[0 * 4], s0); - s1 = - (Te2[(t1 >> 24)] & 0xff000000) ^ - (Te3[(t2 >> 16) & 0xff] & 0x00ff0000) ^ - (Te0[(t3 >> 8) & 0xff] & 0x0000ff00) ^ - (Te1[(t0) & 0xff] & 0x000000ff) ^ - rk[1]; - crypto_store_htobe32(&out[1 * 4], s1); - s2 = - (Te2[(t2 >> 24)] & 0xff000000) ^ - (Te3[(t3 >> 16) & 0xff] & 0x00ff0000) ^ - (Te0[(t0 >> 8) & 0xff] & 0x0000ff00) ^ - (Te1[(t1) & 0xff] & 0x000000ff) ^ - rk[2]; - crypto_store_htobe32(&out[2 * 4], s2); - s3 = - (Te2[(t3 >> 24)] & 0xff000000) ^ - (Te3[(t0 >> 16) & 0xff] & 0x00ff0000) ^ - (Te0[(t1 >> 8) & 0xff] & 0x0000ff00) ^ - (Te1[(t2) & 0xff] & 0x000000ff) ^ - rk[3]; - crypto_store_htobe32(&out[3 * 4], s3); -} -#endif - -void -AES_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key) -{ - aes_encrypt_internal(in, out, key); -} -LCRYPTO_ALIAS(AES_encrypt); - -#ifdef HAVE_AES_DECRYPT_INTERNAL -void aes_decrypt_internal(const unsigned char *in, unsigned char *out, - const AES_KEY *key); - -#else -/* - * Decrypt a single block - in and out can overlap. - */ -static inline void -aes_decrypt_internal(const unsigned char *in, unsigned char *out, - const AES_KEY *key) -{ - const u32 *rk; - u32 s0, s1, s2, s3, t0, t1, t2, t3; -#ifndef FULL_UNROLL - int r; -#endif /* ?FULL_UNROLL */ - - rk = key->rd_key; - - /* - * map byte array block to cipher state - * and add initial round key: - */ - s0 = crypto_load_be32toh(&in[0 * 4]) ^ rk[0]; - s1 = crypto_load_be32toh(&in[1 * 4]) ^ rk[1]; - s2 = crypto_load_be32toh(&in[2 * 4]) ^ rk[2]; - s3 = crypto_load_be32toh(&in[3 * 4]) ^ rk[3]; -#ifdef FULL_UNROLL - /* round 1: */ - t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[ 4]; - t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[ 5]; - t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[ 6]; - t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[ 7]; - /* round 2: */ - s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[ 8]; - s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[ 9]; - s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[10]; - s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[11]; - /* round 3: */ - t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[12]; - t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[13]; - t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[14]; - t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[15]; - /* round 4: */ - s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[16]; - s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[17]; - s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[18]; - s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[19]; - /* round 5: */ - t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[20]; - t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[21]; - t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[22]; - t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[23]; - /* round 6: */ - s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[24]; - s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[25]; - s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[26]; - s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[27]; - /* round 7: */ - t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[28]; - t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[29]; - t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[30]; - t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[31]; - /* round 8: */ - s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[32]; - s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[33]; - s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[34]; - s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[35]; - /* round 9: */ - t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[36]; - t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[37]; - t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[38]; - t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[39]; - if (key->rounds > 10) { - /* round 10: */ - s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40]; - s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41]; - s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42]; - s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43]; - /* round 11: */ - t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44]; - t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45]; - t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46]; - t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47]; - if (key->rounds > 12) { - /* round 12: */ - s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48]; - s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49]; - s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50]; - s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51]; - /* round 13: */ - t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52]; - t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53]; - t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54]; - t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55]; - } - } - rk += key->rounds << 2; -#else /* !FULL_UNROLL */ - /* - * Nr - 1 full rounds: - */ - r = key->rounds >> 1; - for (;;) { - t0 = - Td0[(s0 >> 24)] ^ - Td1[(s3 >> 16) & 0xff] ^ - Td2[(s2 >> 8) & 0xff] ^ - Td3[(s1) & 0xff] ^ - rk[4]; - t1 = - Td0[(s1 >> 24)] ^ - Td1[(s0 >> 16) & 0xff] ^ - Td2[(s3 >> 8) & 0xff] ^ - Td3[(s2) & 0xff] ^ - rk[5]; - t2 = - Td0[(s2 >> 24)] ^ - Td1[(s1 >> 16) & 0xff] ^ - Td2[(s0 >> 8) & 0xff] ^ - Td3[(s3) & 0xff] ^ - rk[6]; - t3 = - Td0[(s3 >> 24)] ^ - Td1[(s2 >> 16) & 0xff] ^ - Td2[(s1 >> 8) & 0xff] ^ - Td3[(s0) & 0xff] ^ - rk[7]; - - rk += 8; - if (--r == 0) { - break; - } - - s0 = - Td0[(t0 >> 24)] ^ - Td1[(t3 >> 16) & 0xff] ^ - Td2[(t2 >> 8) & 0xff] ^ - Td3[(t1) & 0xff] ^ - rk[0]; - s1 = - Td0[(t1 >> 24)] ^ - Td1[(t0 >> 16) & 0xff] ^ - Td2[(t3 >> 8) & 0xff] ^ - Td3[(t2) & 0xff] ^ - rk[1]; - s2 = - Td0[(t2 >> 24)] ^ - Td1[(t1 >> 16) & 0xff] ^ - Td2[(t0 >> 8) & 0xff] ^ - Td3[(t3) & 0xff] ^ - rk[2]; - s3 = - Td0[(t3 >> 24)] ^ - Td1[(t2 >> 16) & 0xff] ^ - Td2[(t1 >> 8) & 0xff] ^ - Td3[(t0) & 0xff] ^ - rk[3]; - } -#endif /* ?FULL_UNROLL */ - /* - * apply last round and - * map cipher state to byte array block: - */ - s0 = - (((uint32_t)Td4[(t0 >> 24)]) << 24) ^ - (Td4[(t3 >> 16) & 0xff] << 16) ^ - (Td4[(t2 >> 8) & 0xff] << 8) ^ - (Td4[(t1) & 0xff]) ^ - rk[0]; - crypto_store_htobe32(&out[0 * 4], s0); - s1 = - (((uint32_t)Td4[(t1 >> 24)]) << 24) ^ - (Td4[(t0 >> 16) & 0xff] << 16) ^ - (Td4[(t3 >> 8) & 0xff] << 8) ^ - (Td4[(t2) & 0xff]) ^ - rk[1]; - crypto_store_htobe32(&out[1 * 4], s1); - s2 = - (((uint32_t)Td4[(t2 >> 24)]) << 24) ^ - (Td4[(t1 >> 16) & 0xff] << 16) ^ - (Td4[(t0 >> 8) & 0xff] << 8) ^ - (Td4[(t3) & 0xff]) ^ - rk[2]; - crypto_store_htobe32(&out[2 * 4], s2); - s3 = - (((uint32_t)Td4[(t3 >> 24)]) << 24) ^ - (Td4[(t2 >> 16) & 0xff] << 16) ^ - (Td4[(t1 >> 8) & 0xff] << 8) ^ - (Td4[(t0) & 0xff]) ^ - rk[3]; - crypto_store_htobe32(&out[3 * 4], s3); -} -#endif - -void -AES_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key) -{ - aes_decrypt_internal(in, out, key); -} -LCRYPTO_ALIAS(AES_decrypt); diff --git a/src/lib/libcrypto/aes/aes_ige.c b/src/lib/libcrypto/aes/aes_ige.c deleted file mode 100644 index 1a6fcfcfbf..0000000000 --- a/src/lib/libcrypto/aes/aes_ige.c +++ /dev/null @@ -1,195 +0,0 @@ -/* $OpenBSD: aes_ige.c,v 1.10 2024/03/30 05:14:12 joshua Exp $ */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - */ - -#include -#include - -#include "aes_local.h" - -#define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long)) -typedef struct { - unsigned long data[N_WORDS]; -} aes_block_t; - -/* XXX: probably some better way to do this */ -#if defined(__i386__) || defined(__x86_64__) -#define UNALIGNED_MEMOPS_ARE_FAST 1 -#else -#define UNALIGNED_MEMOPS_ARE_FAST 0 -#endif - -#if UNALIGNED_MEMOPS_ARE_FAST -#define load_block(d, s) (d) = *(const aes_block_t *)(s) -#define store_block(d, s) *(aes_block_t *)(d) = (s) -#else -#define load_block(d, s) memcpy((d).data, (s), AES_BLOCK_SIZE) -#define store_block(d, s) memcpy((d), (s).data, AES_BLOCK_SIZE) -#endif - -/* N.B. The IV for this mode is _twice_ the block size */ - -void -AES_ige_encrypt(const unsigned char *in, unsigned char *out, size_t length, - const AES_KEY *key, unsigned char *ivec, const int enc) -{ - size_t n; - size_t len; - - OPENSSL_assert((length % AES_BLOCK_SIZE) == 0); - - len = length / AES_BLOCK_SIZE; - - if (AES_ENCRYPT == enc) { - if (in != out && (UNALIGNED_MEMOPS_ARE_FAST || - ((size_t)in|(size_t)out|(size_t)ivec) % - sizeof(long) == 0)) { - aes_block_t *ivp = (aes_block_t *)ivec; - aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE); - - while (len) { - aes_block_t *inp = (aes_block_t *)in; - aes_block_t *outp = (aes_block_t *)out; - - for (n = 0; n < N_WORDS; ++n) - outp->data[n] = inp->data[n] ^ ivp->data[n]; - AES_encrypt((unsigned char *)outp->data, (unsigned char *)outp->data, key); - for (n = 0; n < N_WORDS; ++n) - outp->data[n] ^= iv2p->data[n]; - ivp = outp; - iv2p = inp; - --len; - in += AES_BLOCK_SIZE; - out += AES_BLOCK_SIZE; - } - memmove(ivec, ivp->data, AES_BLOCK_SIZE); - memmove(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE); - } else { - aes_block_t tmp, tmp2; - aes_block_t iv; - aes_block_t iv2; - - load_block(iv, ivec); - load_block(iv2, ivec + AES_BLOCK_SIZE); - - while (len) { - load_block(tmp, in); - for (n = 0; n < N_WORDS; ++n) - tmp2.data[n] = tmp.data[n] ^ iv.data[n]; - AES_encrypt((unsigned char *)tmp2.data, - (unsigned char *)tmp2.data, key); - for (n = 0; n < N_WORDS; ++n) - tmp2.data[n] ^= iv2.data[n]; - store_block(out, tmp2); - iv = tmp2; - iv2 = tmp; - --len; - in += AES_BLOCK_SIZE; - out += AES_BLOCK_SIZE; - } - memcpy(ivec, iv.data, AES_BLOCK_SIZE); - memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE); - } - } else { - if (in != out && (UNALIGNED_MEMOPS_ARE_FAST || - ((size_t)in|(size_t)out|(size_t)ivec) % - sizeof(long) == 0)) { - aes_block_t *ivp = (aes_block_t *)ivec; - aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE); - - while (len) { - aes_block_t tmp; - aes_block_t *inp = (aes_block_t *)in; - aes_block_t *outp = (aes_block_t *)out; - - for (n = 0; n < N_WORDS; ++n) - tmp.data[n] = inp->data[n] ^ iv2p->data[n]; - AES_decrypt((unsigned char *)tmp.data, - (unsigned char *)outp->data, key); - for (n = 0; n < N_WORDS; ++n) - outp->data[n] ^= ivp->data[n]; - ivp = inp; - iv2p = outp; - --len; - in += AES_BLOCK_SIZE; - out += AES_BLOCK_SIZE; - } - memmove(ivec, ivp->data, AES_BLOCK_SIZE); - memmove(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE); - } else { - aes_block_t tmp, tmp2; - aes_block_t iv; - aes_block_t iv2; - - load_block(iv, ivec); - load_block(iv2, ivec + AES_BLOCK_SIZE); - - while (len) { - load_block(tmp, in); - tmp2 = tmp; - for (n = 0; n < N_WORDS; ++n) - tmp.data[n] ^= iv2.data[n]; - AES_decrypt((unsigned char *)tmp.data, - (unsigned char *)tmp.data, key); - for (n = 0; n < N_WORDS; ++n) - tmp.data[n] ^= iv.data[n]; - store_block(out, tmp); - iv = tmp2; - iv2 = tmp; - --len; - in += AES_BLOCK_SIZE; - out += AES_BLOCK_SIZE; - } - memcpy(ivec, iv.data, AES_BLOCK_SIZE); - memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE); - } - } -} -LCRYPTO_ALIAS(AES_ige_encrypt); diff --git a/src/lib/libcrypto/aes/aes_local.h b/src/lib/libcrypto/aes/aes_local.h deleted file mode 100644 index e0714df409..0000000000 --- a/src/lib/libcrypto/aes/aes_local.h +++ /dev/null @@ -1,76 +0,0 @@ -/* $OpenBSD: aes_local.h,v 1.4 2025/01/25 17:59:44 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - */ - -#ifndef HEADER_AES_LOCAL_H -#define HEADER_AES_LOCAL_H - -#include - -#include -#include -#include - -__BEGIN_HIDDEN_DECLS - -typedef unsigned int u32; -typedef unsigned short u16; -typedef unsigned char u8; - -#define MAXKC (256/32) -#define MAXKB (256/8) -#define MAXNR 14 - -/* This controls loop-unrolling in aes_core.c */ -#undef FULL_UNROLL - -__END_HIDDEN_DECLS - -#endif /* !HEADER_AES_LOCAL_H */ diff --git a/src/lib/libcrypto/aes/asm/aes-586.pl b/src/lib/libcrypto/aes/asm/aes-586.pl deleted file mode 100644 index 364099d4d3..0000000000 --- a/src/lib/libcrypto/aes/asm/aes-586.pl +++ /dev/null @@ -1,2974 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== -# -# Version 4.3. -# -# You might fail to appreciate this module performance from the first -# try. If compared to "vanilla" linux-ia32-icc target, i.e. considered -# to be *the* best Intel C compiler without -KPIC, performance appears -# to be virtually identical... But try to re-configure with shared -# library support... Aha! Intel compiler "suddenly" lags behind by 30% -# [on P4, more on others]:-) And if compared to position-independent -# code generated by GNU C, this code performs *more* than *twice* as -# fast! Yes, all this buzz about PIC means that unlike other hand- -# coded implementations, this one was explicitly designed to be safe -# to use even in shared library context... This also means that this -# code isn't necessarily absolutely fastest "ever," because in order -# to achieve position independence an extra register has to be -# off-loaded to stack, which affects the benchmark result. -# -# Special note about instruction choice. Do you recall RC4_INT code -# performing poorly on P4? It might be the time to figure out why. -# RC4_INT code implies effective address calculations in base+offset*4 -# form. Trouble is that it seems that offset scaling turned to be -# critical path... At least eliminating scaling resulted in 2.8x RC4 -# performance improvement [as you might recall]. As AES code is hungry -# for scaling too, I [try to] avoid the latter by favoring off-by-2 -# shifts and masking the result with 0xFF<<2 instead of "boring" 0xFF. -# -# As was shown by Dean Gaudet , the above note turned -# void. Performance improvement with off-by-2 shifts was observed on -# intermediate implementation, which was spilling yet another register -# to stack... Final offset*4 code below runs just a tad faster on P4, -# but exhibits up to 10% improvement on other cores. -# -# Second version is "monolithic" replacement for aes_core.c, which in -# addition to AES_[de|en]crypt implements AES_set_[de|en]cryption_key. -# This made it possible to implement little-endian variant of the -# algorithm without modifying the base C code. Motivating factor for -# the undertaken effort was that it appeared that in tight IA-32 -# register window little-endian flavor could achieve slightly higher -# Instruction Level Parallelism, and it indeed resulted in up to 15% -# better performance on most recent µ-archs... -# -# Third version adds AES_cbc_encrypt implementation, which resulted in -# up to 40% performance improvement of CBC benchmark results. 40% was -# observed on P4 core, where "overall" improvement coefficient, i.e. if -# compared to PIC generated by GCC and in CBC mode, was observed to be -# as large as 4x:-) CBC performance is virtually identical to ECB now -# and on some platforms even better, e.g. 17.6 "small" cycles/byte on -# Opteron, because certain function prologues and epilogues are -# effectively taken out of the loop... -# -# Version 3.2 implements compressed tables and prefetch of these tables -# in CBC[!] mode. Former means that 3/4 of table references are now -# misaligned, which unfortunately has negative impact on elder IA-32 -# implementations, Pentium suffered 30% penalty, PIII - 10%. -# -# Version 3.3 avoids L1 cache aliasing between stack frame and -# S-boxes, and 3.4 - L1 cache aliasing even between key schedule. The -# latter is achieved by copying the key schedule to controlled place in -# stack. This unfortunately has rather strong impact on small block CBC -# performance, ~2x deterioration on 16-byte block if compared to 3.3. -# -# Version 3.5 checks if there is L1 cache aliasing between user-supplied -# key schedule and S-boxes and abstains from copying the former if -# there is no. This allows end-user to consciously retain small block -# performance by aligning key schedule in specific manner. -# -# Version 3.6 compresses Td4 to 256 bytes and prefetches it in ECB. -# -# Current ECB performance numbers for 128-bit key in CPU cycles per -# processed byte [measure commonly used by AES benchmarkers] are: -# -# small footprint fully unrolled -# P4 24 22 -# AMD K8 20 19 -# PIII 25 23 -# Pentium 81 78 -# -# Version 3.7 reimplements outer rounds as "compact." Meaning that -# first and last rounds reference compact 256 bytes S-box. This means -# that first round consumes a lot more CPU cycles and that encrypt -# and decrypt performance becomes asymmetric. Encrypt performance -# drops by 10-12%, while decrypt - by 20-25%:-( 256 bytes S-box is -# aggressively pre-fetched. -# -# Version 4.0 effectively rolls back to 3.6 and instead implements -# additional set of functions, _[x86|sse]_AES_[en|de]crypt_compact, -# which use exclusively 256 byte S-box. These functions are to be -# called in modes not concealing plain text, such as ECB, or when -# we're asked to process smaller amount of data [or unconditionally -# on hyper-threading CPU]. Currently it's called unconditionally from -# AES_[en|de]crypt, which affects all modes, but CBC. CBC routine -# still needs to be modified to switch between slower and faster -# mode when appropriate... But in either case benchmark landscape -# changes dramatically and below numbers are CPU cycles per processed -# byte for 128-bit key. -# -# ECB encrypt ECB decrypt CBC large chunk -# P4 56[60] 84[100] 23 -# AMD K8 48[44] 70[79] 18 -# PIII 41[50] 61[91] 24 -# Core 2 32[38] 45[70] 18.5 -# Pentium 120 160 77 -# -# Version 4.1 switches to compact S-box even in key schedule setup. -# -# Version 4.2 prefetches compact S-box in every SSE round or in other -# words every cache-line is *guaranteed* to be accessed within ~50 -# cycles window. Why just SSE? Because it's needed on hyper-threading -# CPU! Which is also why it's prefetched with 64 byte stride. Best -# part is that it has no negative effect on performance:-) -# -# Version 4.3 implements switch between compact and non-compact block -# functions in AES_cbc_encrypt depending on how much data was asked -# to be processed in one stroke. -# -###################################################################### -# Timing attacks are classified in two classes: synchronous when -# attacker consciously initiates cryptographic operation and collects -# timing data of various character afterwards, and asynchronous when -# malicious code is executed on same CPU simultaneously with AES, -# instruments itself and performs statistical analysis of this data. -# -# As far as synchronous attacks go the root to the AES timing -# vulnerability is twofold. Firstly, of 256 S-box elements at most 160 -# are referred to in single 128-bit block operation. Well, in C -# implementation with 4 distinct tables it's actually as little as 40 -# references per 256 elements table, but anyway... Secondly, even -# though S-box elements are clustered into smaller amount of cache- -# lines, smaller than 160 and even 40, it turned out that for certain -# plain-text pattern[s] or simply put chosen plain-text and given key -# few cache-lines remain unaccessed during block operation. Now, if -# attacker can figure out this access pattern, he can deduct the key -# [or at least part of it]. The natural way to mitigate this kind of -# attacks is to minimize the amount of cache-lines in S-box and/or -# prefetch them to ensure that every one is accessed for more uniform -# timing. But note that *if* plain-text was concealed in such way that -# input to block function is distributed *uniformly*, then attack -# wouldn't apply. Now note that some encryption modes, most notably -# CBC, do mask the plain-text in this exact way [secure cipher output -# is distributed uniformly]. Yes, one still might find input that -# would reveal the information about given key, but if amount of -# candidate inputs to be tried is larger than amount of possible key -# combinations then attack becomes infeasible. This is why revised -# AES_cbc_encrypt "dares" to switch to larger S-box when larger chunk -# of data is to be processed in one stroke. The current size limit of -# 512 bytes is chosen to provide same [diminishigly low] probability -# for cache-line to remain untouched in large chunk operation with -# large S-box as for single block operation with compact S-box and -# surely needs more careful consideration... -# -# As for asynchronous attacks. There are two flavours: attacker code -# being interleaved with AES on hyper-threading CPU at *instruction* -# level, and two processes time sharing single core. As for latter. -# Two vectors. 1. Given that attacker process has higher priority, -# yield execution to process performing AES just before timer fires -# off the scheduler, immediately regain control of CPU and analyze the -# cache state. For this attack to be efficient attacker would have to -# effectively slow down the operation by several *orders* of magnitute, -# by ratio of time slice to duration of handful of AES rounds, which -# unlikely to remain unnoticed. Not to mention that this also means -# that he would spend correspondigly more time to collect enough -# statistical data to mount the attack. It's probably appropriate to -# say that if adeversary reckons that this attack is beneficial and -# risks to be noticed, you probably have larger problems having him -# mere opportunity. In other words suggested code design expects you -# to preclude/mitigate this attack by overall system security design. -# 2. Attacker manages to make his code interrupt driven. In order for -# this kind of attack to be feasible, interrupt rate has to be high -# enough, again comparable to duration of handful of AES rounds. But -# is there interrupt source of such rate? Hardly, not even 1Gbps NIC -# generates interrupts at such raging rate... -# -# And now back to the former, hyper-threading CPU or more specifically -# Intel P4. Recall that asynchronous attack implies that malicious -# code instruments itself. And naturally instrumentation granularity -# has be noticeably lower than duration of codepath accessing S-box. -# Given that all cache-lines are accessed during that time that is. -# Current implementation accesses *all* cache-lines within ~50 cycles -# window, which is actually *less* than RDTSC latency on Intel P4! - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -push(@INC,"${dir}","${dir}../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],"aes-586.pl",$x86only = $ARGV[$#ARGV] eq "386"); -&static_label("AES_Te"); -&static_label("AES_Td"); - -$s0="eax"; -$s1="ebx"; -$s2="ecx"; -$s3="edx"; -$key="edi"; -$acc="esi"; -$tbl="ebp"; - -# stack frame layout in _[x86|sse]_AES_* routines, frame is allocated -# by caller -$__ra=&DWP(0,"esp"); # return address -$__s0=&DWP(4,"esp"); # s0 backing store -$__s1=&DWP(8,"esp"); # s1 backing store -$__s2=&DWP(12,"esp"); # s2 backing store -$__s3=&DWP(16,"esp"); # s3 backing store -$__key=&DWP(20,"esp"); # pointer to key schedule -$__end=&DWP(24,"esp"); # pointer to end of key schedule -$__tbl=&DWP(28,"esp"); # %ebp backing store - -# stack frame layout in AES_[en|crypt] routines, which differs from -# above by 4 and overlaps by %ebp backing store -$_tbl=&DWP(24,"esp"); -$_esp=&DWP(28,"esp"); - -sub _data_word() { my $i; while(defined($i=shift)) { &data_word($i,$i); } } - -$speed_limit=512; # chunks smaller than $speed_limit are - # processed with compact routine in CBC mode -$small_footprint=1; # $small_footprint=1 code is ~5% slower [on - # recent µ-archs], but ~5 times smaller! - # I favor compact code to minimize cache - # contention and in hope to "collect" 5% back - # in real-life applications... - -$vertical_spin=0; # shift "vertically" defaults to 0, because of - # its proof-of-concept status... -# Note that there is no decvert(), as well as last encryption round is -# performed with "horizontal" shifts. This is because this "vertical" -# implementation [one which groups shifts on a given $s[i] to form a -# "column," unlike "horizontal" one, which groups shifts on different -# $s[i] to form a "row"] is work in progress. It was observed to run -# few percents faster on Intel cores, but not AMD. On AMD K8 core it's -# whole 12% slower:-( So we face a trade-off... Shall it be resolved -# some day? Till then the code is considered experimental and by -# default remains dormant... - -sub encvert() -{ my ($te,@s) = @_; - my $v0 = $acc, $v1 = $key; - - &mov ($v0,$s[3]); # copy s3 - &mov (&DWP(4,"esp"),$s[2]); # save s2 - &mov ($v1,$s[0]); # copy s0 - &mov (&DWP(8,"esp"),$s[1]); # save s1 - - &movz ($s[2],&HB($s[0])); - &and ($s[0],0xFF); - &mov ($s[0],&DWP(0,$te,$s[0],8)); # s0>>0 - &shr ($v1,16); - &mov ($s[3],&DWP(3,$te,$s[2],8)); # s0>>8 - &movz ($s[1],&HB($v1)); - &and ($v1,0xFF); - &mov ($s[2],&DWP(2,$te,$v1,8)); # s0>>16 - &mov ($v1,$v0); - &mov ($s[1],&DWP(1,$te,$s[1],8)); # s0>>24 - - &and ($v0,0xFF); - &xor ($s[3],&DWP(0,$te,$v0,8)); # s3>>0 - &movz ($v0,&HB($v1)); - &shr ($v1,16); - &xor ($s[2],&DWP(3,$te,$v0,8)); # s3>>8 - &movz ($v0,&HB($v1)); - &and ($v1,0xFF); - &xor ($s[1],&DWP(2,$te,$v1,8)); # s3>>16 - &mov ($v1,&DWP(4,"esp")); # restore s2 - &xor ($s[0],&DWP(1,$te,$v0,8)); # s3>>24 - - &mov ($v0,$v1); - &and ($v1,0xFF); - &xor ($s[2],&DWP(0,$te,$v1,8)); # s2>>0 - &movz ($v1,&HB($v0)); - &shr ($v0,16); - &xor ($s[1],&DWP(3,$te,$v1,8)); # s2>>8 - &movz ($v1,&HB($v0)); - &and ($v0,0xFF); - &xor ($s[0],&DWP(2,$te,$v0,8)); # s2>>16 - &mov ($v0,&DWP(8,"esp")); # restore s1 - &xor ($s[3],&DWP(1,$te,$v1,8)); # s2>>24 - - &mov ($v1,$v0); - &and ($v0,0xFF); - &xor ($s[1],&DWP(0,$te,$v0,8)); # s1>>0 - &movz ($v0,&HB($v1)); - &shr ($v1,16); - &xor ($s[0],&DWP(3,$te,$v0,8)); # s1>>8 - &movz ($v0,&HB($v1)); - &and ($v1,0xFF); - &xor ($s[3],&DWP(2,$te,$v1,8)); # s1>>16 - &mov ($key,$__key); # reincarnate v1 as key - &xor ($s[2],&DWP(1,$te,$v0,8)); # s1>>24 -} - -# Another experimental routine, which features "horizontal spin," but -# eliminates one reference to stack. Strangely enough runs slower... -sub enchoriz() -{ my $v0 = $key, $v1 = $acc; - - &movz ($v0,&LB($s0)); # 3, 2, 1, 0* - &rotr ($s2,8); # 8,11,10, 9 - &mov ($v1,&DWP(0,$te,$v0,8)); # 0 - &movz ($v0,&HB($s1)); # 7, 6, 5*, 4 - &rotr ($s3,16); # 13,12,15,14 - &xor ($v1,&DWP(3,$te,$v0,8)); # 5 - &movz ($v0,&HB($s2)); # 8,11,10*, 9 - &rotr ($s0,16); # 1, 0, 3, 2 - &xor ($v1,&DWP(2,$te,$v0,8)); # 10 - &movz ($v0,&HB($s3)); # 13,12,15*,14 - &xor ($v1,&DWP(1,$te,$v0,8)); # 15, t[0] collected - &mov ($__s0,$v1); # t[0] saved - - &movz ($v0,&LB($s1)); # 7, 6, 5, 4* - &shr ($s1,16); # -, -, 7, 6 - &mov ($v1,&DWP(0,$te,$v0,8)); # 4 - &movz ($v0,&LB($s3)); # 13,12,15,14* - &xor ($v1,&DWP(2,$te,$v0,8)); # 14 - &movz ($v0,&HB($s0)); # 1, 0, 3*, 2 - &and ($s3,0xffff0000); # 13,12, -, - - &xor ($v1,&DWP(1,$te,$v0,8)); # 3 - &movz ($v0,&LB($s2)); # 8,11,10, 9* - &or ($s3,$s1); # 13,12, 7, 6 - &xor ($v1,&DWP(3,$te,$v0,8)); # 9, t[1] collected - &mov ($s1,$v1); # s[1]=t[1] - - &movz ($v0,&LB($s0)); # 1, 0, 3, 2* - &shr ($s2,16); # -, -, 8,11 - &mov ($v1,&DWP(2,$te,$v0,8)); # 2 - &movz ($v0,&HB($s3)); # 13,12, 7*, 6 - &xor ($v1,&DWP(1,$te,$v0,8)); # 7 - &movz ($v0,&HB($s2)); # -, -, 8*,11 - &xor ($v1,&DWP(0,$te,$v0,8)); # 8 - &mov ($v0,$s3); - &shr ($v0,24); # 13 - &xor ($v1,&DWP(3,$te,$v0,8)); # 13, t[2] collected - - &movz ($v0,&LB($s2)); # -, -, 8,11* - &shr ($s0,24); # 1* - &mov ($s2,&DWP(1,$te,$v0,8)); # 11 - &xor ($s2,&DWP(3,$te,$s0,8)); # 1 - &mov ($s0,$__s0); # s[0]=t[0] - &movz ($v0,&LB($s3)); # 13,12, 7, 6* - &shr ($s3,16); # , ,13,12 - &xor ($s2,&DWP(2,$te,$v0,8)); # 6 - &mov ($key,$__key); # reincarnate v0 as key - &and ($s3,0xff); # , ,13,12* - &mov ($s3,&DWP(0,$te,$s3,8)); # 12 - &xor ($s3,$s2); # s[2]=t[3] collected - &mov ($s2,$v1); # s[2]=t[2] -} - -# More experimental code... SSE one... Even though this one eliminates -# *all* references to stack, it's not faster... -sub sse_encbody() -{ - &movz ($acc,&LB("eax")); # 0 - &mov ("ecx",&DWP(0,$tbl,$acc,8)); # 0 - &pshufw ("mm2","mm0",0x0d); # 7, 6, 3, 2 - &movz ("edx",&HB("eax")); # 1 - &mov ("edx",&DWP(3,$tbl,"edx",8)); # 1 - &shr ("eax",16); # 5, 4 - - &movz ($acc,&LB("ebx")); # 10 - &xor ("ecx",&DWP(2,$tbl,$acc,8)); # 10 - &pshufw ("mm6","mm4",0x08); # 13,12, 9, 8 - &movz ($acc,&HB("ebx")); # 11 - &xor ("edx",&DWP(1,$tbl,$acc,8)); # 11 - &shr ("ebx",16); # 15,14 - - &movz ($acc,&HB("eax")); # 5 - &xor ("ecx",&DWP(3,$tbl,$acc,8)); # 5 - &movq ("mm3",QWP(16,$key)); - &movz ($acc,&HB("ebx")); # 15 - &xor ("ecx",&DWP(1,$tbl,$acc,8)); # 15 - &movd ("mm0","ecx"); # t[0] collected - - &movz ($acc,&LB("eax")); # 4 - &mov ("ecx",&DWP(0,$tbl,$acc,8)); # 4 - &movd ("eax","mm2"); # 7, 6, 3, 2 - &movz ($acc,&LB("ebx")); # 14 - &xor ("ecx",&DWP(2,$tbl,$acc,8)); # 14 - &movd ("ebx","mm6"); # 13,12, 9, 8 - - &movz ($acc,&HB("eax")); # 3 - &xor ("ecx",&DWP(1,$tbl,$acc,8)); # 3 - &movz ($acc,&HB("ebx")); # 9 - &xor ("ecx",&DWP(3,$tbl,$acc,8)); # 9 - &movd ("mm1","ecx"); # t[1] collected - - &movz ($acc,&LB("eax")); # 2 - &mov ("ecx",&DWP(2,$tbl,$acc,8)); # 2 - &shr ("eax",16); # 7, 6 - &punpckldq ("mm0","mm1"); # t[0,1] collected - &movz ($acc,&LB("ebx")); # 8 - &xor ("ecx",&DWP(0,$tbl,$acc,8)); # 8 - &shr ("ebx",16); # 13,12 - - &movz ($acc,&HB("eax")); # 7 - &xor ("ecx",&DWP(1,$tbl,$acc,8)); # 7 - &pxor ("mm0","mm3"); - &movz ("eax",&LB("eax")); # 6 - &xor ("edx",&DWP(2,$tbl,"eax",8)); # 6 - &pshufw ("mm1","mm0",0x08); # 5, 4, 1, 0 - &movz ($acc,&HB("ebx")); # 13 - &xor ("ecx",&DWP(3,$tbl,$acc,8)); # 13 - &xor ("ecx",&DWP(24,$key)); # t[2] - &movd ("mm4","ecx"); # t[2] collected - &movz ("ebx",&LB("ebx")); # 12 - &xor ("edx",&DWP(0,$tbl,"ebx",8)); # 12 - &shr ("ecx",16); - &movd ("eax","mm1"); # 5, 4, 1, 0 - &mov ("ebx",&DWP(28,$key)); # t[3] - &xor ("ebx","edx"); - &movd ("mm5","ebx"); # t[3] collected - &and ("ebx",0xffff0000); - &or ("ebx","ecx"); - - &punpckldq ("mm4","mm5"); # t[2,3] collected -} - -###################################################################### -# "Compact" block function -###################################################################### - -sub enccompact() -{ my $Fn = mov; - while ($#_>5) { pop(@_); $Fn=sub{}; } - my ($i,$te,@s)=@_; - my $tmp = $key; - my $out = $i==3?$s[0]:$acc; - - # $Fn is used in first compact round and its purpose is to - # void restoration of some values from stack, so that after - # 4xenccompact with extra argument $key value is left there... - if ($i==3) { &$Fn ($key,$__key); }##%edx - else { &mov ($out,$s[0]); } - &and ($out,0xFF); - if ($i==1) { &shr ($s[0],16); }#%ebx[1] - if ($i==2) { &shr ($s[0],24); }#%ecx[2] - &movz ($out,&BP(-128,$te,$out,1)); - - if ($i==3) { $tmp=$s[1]; }##%eax - &movz ($tmp,&HB($s[1])); - &movz ($tmp,&BP(-128,$te,$tmp,1)); - &shl ($tmp,8); - &xor ($out,$tmp); - - if ($i==3) { $tmp=$s[2]; &mov ($s[1],$__s0); }##%ebx - else { &mov ($tmp,$s[2]); - &shr ($tmp,16); } - if ($i==2) { &and ($s[1],0xFF); }#%edx[2] - &and ($tmp,0xFF); - &movz ($tmp,&BP(-128,$te,$tmp,1)); - &shl ($tmp,16); - &xor ($out,$tmp); - - if ($i==3) { $tmp=$s[3]; &mov ($s[2],$__s1); }##%ecx - elsif($i==2){ &movz ($tmp,&HB($s[3])); }#%ebx[2] - else { &mov ($tmp,$s[3]); - &shr ($tmp,24); } - &movz ($tmp,&BP(-128,$te,$tmp,1)); - &shl ($tmp,24); - &xor ($out,$tmp); - if ($i<2) { &mov (&DWP(4+4*$i,"esp"),$out); } - if ($i==3) { &mov ($s[3],$acc); } - &comment(); -} - -sub enctransform() -{ my @s = ($s0,$s1,$s2,$s3); - my $i = shift; - my $tmp = $tbl; - my $r2 = $key ; - - &mov ($acc,$s[$i]); - &and ($acc,0x80808080); - &mov ($tmp,$acc); - &shr ($tmp,7); - &lea ($r2,&DWP(0,$s[$i],$s[$i])); - &sub ($acc,$tmp); - &and ($r2,0xfefefefe); - &and ($acc,0x1b1b1b1b); - &mov ($tmp,$s[$i]); - &xor ($acc,$r2); # r2 - - &xor ($s[$i],$acc); # r0 ^ r2 - &rotl ($s[$i],24); - &xor ($s[$i],$acc) # ROTATE(r2^r0,24) ^ r2 - &rotr ($tmp,16); - &xor ($s[$i],$tmp); - &rotr ($tmp,8); - &xor ($s[$i],$tmp); -} - -&function_begin_B("_x86_AES_encrypt_compact"); - # note that caller is expected to allocate stack frame for me! - &mov ($__key,$key); # save key - - &xor ($s0,&DWP(0,$key)); # xor with key - &xor ($s1,&DWP(4,$key)); - &xor ($s2,&DWP(8,$key)); - &xor ($s3,&DWP(12,$key)); - - &mov ($acc,&DWP(240,$key)); # load key->rounds - &lea ($acc,&DWP(-2,$acc,$acc)); - &lea ($acc,&DWP(0,$key,$acc,8)); - &mov ($__end,$acc); # end of key schedule - - # prefetch Te4 - &mov ($key,&DWP(0-128,$tbl)); - &mov ($acc,&DWP(32-128,$tbl)); - &mov ($key,&DWP(64-128,$tbl)); - &mov ($acc,&DWP(96-128,$tbl)); - &mov ($key,&DWP(128-128,$tbl)); - &mov ($acc,&DWP(160-128,$tbl)); - &mov ($key,&DWP(192-128,$tbl)); - &mov ($acc,&DWP(224-128,$tbl)); - - &set_label("loop",16); - - &enccompact(0,$tbl,$s0,$s1,$s2,$s3,1); - &enccompact(1,$tbl,$s1,$s2,$s3,$s0,1); - &enccompact(2,$tbl,$s2,$s3,$s0,$s1,1); - &enccompact(3,$tbl,$s3,$s0,$s1,$s2,1); - &enctransform(2); - &enctransform(3); - &enctransform(0); - &enctransform(1); - &mov ($key,$__key); - &mov ($tbl,$__tbl); - &add ($key,16); # advance rd_key - &xor ($s0,&DWP(0,$key)); - &xor ($s1,&DWP(4,$key)); - &xor ($s2,&DWP(8,$key)); - &xor ($s3,&DWP(12,$key)); - - &cmp ($key,$__end); - &mov ($__key,$key); - &jb (&label("loop")); - - &enccompact(0,$tbl,$s0,$s1,$s2,$s3); - &enccompact(1,$tbl,$s1,$s2,$s3,$s0); - &enccompact(2,$tbl,$s2,$s3,$s0,$s1); - &enccompact(3,$tbl,$s3,$s0,$s1,$s2); - - &xor ($s0,&DWP(16,$key)); - &xor ($s1,&DWP(20,$key)); - &xor ($s2,&DWP(24,$key)); - &xor ($s3,&DWP(28,$key)); - - &ret (); -&function_end_B("_x86_AES_encrypt_compact"); - -###################################################################### -# "Compact" SSE block function. -###################################################################### -# -# Performance is not actually extraordinary in comparison to pure -# x86 code. In particular encrypt performance is virtually the same. -# Decrypt performance on the other hand is 15-20% better on newer -# µ-archs [but we're thankful for *any* improvement here], and ~50% -# better on PIII:-) And additionally on the pros side this code -# eliminates redundant references to stack and thus relieves/ -# minimizes the pressure on the memory bus. -# -# MMX register layout lsb -# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ -# | mm4 | mm0 | -# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ -# | s3 | s2 | s1 | s0 | -# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ -# |15|14|13|12|11|10| 9| 8| 7| 6| 5| 4| 3| 2| 1| 0| -# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ -# -# Indexes translate as s[N/4]>>(8*(N%4)), e.g. 5 means s1>>8. -# In this terms encryption and decryption "compact" permutation -# matrices can be depicted as following: -# -# encryption lsb # decryption lsb -# +----++----+----+----+----+ # +----++----+----+----+----+ -# | t0 || 15 | 10 | 5 | 0 | # | t0 || 7 | 10 | 13 | 0 | -# +----++----+----+----+----+ # +----++----+----+----+----+ -# | t1 || 3 | 14 | 9 | 4 | # | t1 || 11 | 14 | 1 | 4 | -# +----++----+----+----+----+ # +----++----+----+----+----+ -# | t2 || 7 | 2 | 13 | 8 | # | t2 || 15 | 2 | 5 | 8 | -# +----++----+----+----+----+ # +----++----+----+----+----+ -# | t3 || 11 | 6 | 1 | 12 | # | t3 || 3 | 6 | 9 | 12 | -# +----++----+----+----+----+ # +----++----+----+----+----+ -# -###################################################################### -# Why not xmm registers? Short answer. It was actually tested and -# was not any faster, but *contrary*, most notably on Intel CPUs. -# Longer answer. Main advantage of using mm registers is that movd -# latency is lower, especially on Intel P4. While arithmetic -# instructions are twice as many, they can be scheduled every cycle -# and not every second one when they are operating on xmm register, -# so that "arithmetic throughput" remains virtually the same. And -# finally the code can be executed even on elder SSE-only CPUs:-) - -sub sse_enccompact() -{ - &pshufw ("mm1","mm0",0x08); # 5, 4, 1, 0 - &pshufw ("mm5","mm4",0x0d); # 15,14,11,10 - &movd ("eax","mm1"); # 5, 4, 1, 0 - &movd ("ebx","mm5"); # 15,14,11,10 - - &movz ($acc,&LB("eax")); # 0 - &movz ("ecx",&BP(-128,$tbl,$acc,1)); # 0 - &pshufw ("mm2","mm0",0x0d); # 7, 6, 3, 2 - &movz ("edx",&HB("eax")); # 1 - &movz ("edx",&BP(-128,$tbl,"edx",1)); # 1 - &shl ("edx",8); # 1 - &shr ("eax",16); # 5, 4 - - &movz ($acc,&LB("ebx")); # 10 - &movz ($acc,&BP(-128,$tbl,$acc,1)); # 10 - &shl ($acc,16); # 10 - &or ("ecx",$acc); # 10 - &pshufw ("mm6","mm4",0x08); # 13,12, 9, 8 - &movz ($acc,&HB("ebx")); # 11 - &movz ($acc,&BP(-128,$tbl,$acc,1)); # 11 - &shl ($acc,24); # 11 - &or ("edx",$acc); # 11 - &shr ("ebx",16); # 15,14 - - &movz ($acc,&HB("eax")); # 5 - &movz ($acc,&BP(-128,$tbl,$acc,1)); # 5 - &shl ($acc,8); # 5 - &or ("ecx",$acc); # 5 - &movz ($acc,&HB("ebx")); # 15 - &movz ($acc,&BP(-128,$tbl,$acc,1)); # 15 - &shl ($acc,24); # 15 - &or ("ecx",$acc); # 15 - &movd ("mm0","ecx"); # t[0] collected - - &movz ($acc,&LB("eax")); # 4 - &movz ("ecx",&BP(-128,$tbl,$acc,1)); # 4 - &movd ("eax","mm2"); # 7, 6, 3, 2 - &movz ($acc,&LB("ebx")); # 14 - &movz ($acc,&BP(-128,$tbl,$acc,1)); # 14 - &shl ($acc,16); # 14 - &or ("ecx",$acc); # 14 - - &movd ("ebx","mm6"); # 13,12, 9, 8 - &movz ($acc,&HB("eax")); # 3 - &movz ($acc,&BP(-128,$tbl,$acc,1)); # 3 - &shl ($acc,24); # 3 - &or ("ecx",$acc); # 3 - &movz ($acc,&HB("ebx")); # 9 - &movz ($acc,&BP(-128,$tbl,$acc,1)); # 9 - &shl ($acc,8); # 9 - &or ("ecx",$acc); # 9 - &movd ("mm1","ecx"); # t[1] collected - - &movz ($acc,&LB("ebx")); # 8 - &movz ("ecx",&BP(-128,$tbl,$acc,1)); # 8 - &shr ("ebx",16); # 13,12 - &movz ($acc,&LB("eax")); # 2 - &movz ($acc,&BP(-128,$tbl,$acc,1)); # 2 - &shl ($acc,16); # 2 - &or ("ecx",$acc); # 2 - &shr ("eax",16); # 7, 6 - - &punpckldq ("mm0","mm1"); # t[0,1] collected - - &movz ($acc,&HB("eax")); # 7 - &movz ($acc,&BP(-128,$tbl,$acc,1)); # 7 - &shl ($acc,24); # 7 - &or ("ecx",$acc); # 7 - &and ("eax",0xff); # 6 - &movz ("eax",&BP(-128,$tbl,"eax",1)); # 6 - &shl ("eax",16); # 6 - &or ("edx","eax"); # 6 - &movz ($acc,&HB("ebx")); # 13 - &movz ($acc,&BP(-128,$tbl,$acc,1)); # 13 - &shl ($acc,8); # 13 - &or ("ecx",$acc); # 13 - &movd ("mm4","ecx"); # t[2] collected - &and ("ebx",0xff); # 12 - &movz ("ebx",&BP(-128,$tbl,"ebx",1)); # 12 - &or ("edx","ebx"); # 12 - &movd ("mm5","edx"); # t[3] collected - - &punpckldq ("mm4","mm5"); # t[2,3] collected -} - - if (!$x86only) { -&function_begin_B("_sse_AES_encrypt_compact"); - &pxor ("mm0",&QWP(0,$key)); # 7, 6, 5, 4, 3, 2, 1, 0 - &pxor ("mm4",&QWP(8,$key)); # 15,14,13,12,11,10, 9, 8 - - # note that caller is expected to allocate stack frame for me! - &mov ($acc,&DWP(240,$key)); # load key->rounds - &lea ($acc,&DWP(-2,$acc,$acc)); - &lea ($acc,&DWP(0,$key,$acc,8)); - &mov ($__end,$acc); # end of key schedule - - &mov ($s0,0x1b1b1b1b); # magic constant - &mov (&DWP(8,"esp"),$s0); - &mov (&DWP(12,"esp"),$s0); - - # prefetch Te4 - &mov ($s0,&DWP(0-128,$tbl)); - &mov ($s1,&DWP(32-128,$tbl)); - &mov ($s2,&DWP(64-128,$tbl)); - &mov ($s3,&DWP(96-128,$tbl)); - &mov ($s0,&DWP(128-128,$tbl)); - &mov ($s1,&DWP(160-128,$tbl)); - &mov ($s2,&DWP(192-128,$tbl)); - &mov ($s3,&DWP(224-128,$tbl)); - - &set_label("loop",16); - &sse_enccompact(); - &add ($key,16); - &cmp ($key,$__end); - &ja (&label("out")); - - &movq ("mm2",&QWP(8,"esp")); - &pxor ("mm3","mm3"); &pxor ("mm7","mm7"); - &movq ("mm1","mm0"); &movq ("mm5","mm4"); # r0 - &pcmpgtb("mm3","mm0"); &pcmpgtb("mm7","mm4"); - &pand ("mm3","mm2"); &pand ("mm7","mm2"); - &pshufw ("mm2","mm0",0xb1); &pshufw ("mm6","mm4",0xb1);# ROTATE(r0,16) - &paddb ("mm0","mm0"); &paddb ("mm4","mm4"); - &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # = r2 - &pshufw ("mm3","mm2",0xb1); &pshufw ("mm7","mm6",0xb1);# r0 - &pxor ("mm1","mm0"); &pxor ("mm5","mm4"); # r0^r2 - &pxor ("mm0","mm2"); &pxor ("mm4","mm6"); # ^= ROTATE(r0,16) - - &movq ("mm2","mm3"); &movq ("mm6","mm7"); - &pslld ("mm3",8); &pslld ("mm7",8); - &psrld ("mm2",24); &psrld ("mm6",24); - &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # ^= r0<<8 - &pxor ("mm0","mm2"); &pxor ("mm4","mm6"); # ^= r0>>24 - - &movq ("mm3","mm1"); &movq ("mm7","mm5"); - &movq ("mm2",&QWP(0,$key)); &movq ("mm6",&QWP(8,$key)); - &psrld ("mm1",8); &psrld ("mm5",8); - &mov ($s0,&DWP(0-128,$tbl)); - &pslld ("mm3",24); &pslld ("mm7",24); - &mov ($s1,&DWP(64-128,$tbl)); - &pxor ("mm0","mm1"); &pxor ("mm4","mm5"); # ^= (r2^r0)<<8 - &mov ($s2,&DWP(128-128,$tbl)); - &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # ^= (r2^r0)>>24 - &mov ($s3,&DWP(192-128,$tbl)); - - &pxor ("mm0","mm2"); &pxor ("mm4","mm6"); - &jmp (&label("loop")); - - &set_label("out",16); - &pxor ("mm0",&QWP(0,$key)); - &pxor ("mm4",&QWP(8,$key)); - - &ret (); -&function_end_B("_sse_AES_encrypt_compact"); - } - -###################################################################### -# Vanilla block function. -###################################################################### - -sub encstep() -{ my ($i,$te,@s) = @_; - my $tmp = $key; - my $out = $i==3?$s[0]:$acc; - - # lines marked with #%e?x[i] denote "reordered" instructions... - if ($i==3) { &mov ($key,$__key); }##%edx - else { &mov ($out,$s[0]); - &and ($out,0xFF); } - if ($i==1) { &shr ($s[0],16); }#%ebx[1] - if ($i==2) { &shr ($s[0],24); }#%ecx[2] - &mov ($out,&DWP(0,$te,$out,8)); - - if ($i==3) { $tmp=$s[1]; }##%eax - &movz ($tmp,&HB($s[1])); - &xor ($out,&DWP(3,$te,$tmp,8)); - - if ($i==3) { $tmp=$s[2]; &mov ($s[1],$__s0); }##%ebx - else { &mov ($tmp,$s[2]); - &shr ($tmp,16); } - if ($i==2) { &and ($s[1],0xFF); }#%edx[2] - &and ($tmp,0xFF); - &xor ($out,&DWP(2,$te,$tmp,8)); - - if ($i==3) { $tmp=$s[3]; &mov ($s[2],$__s1); }##%ecx - elsif($i==2){ &movz ($tmp,&HB($s[3])); }#%ebx[2] - else { &mov ($tmp,$s[3]); - &shr ($tmp,24) } - &xor ($out,&DWP(1,$te,$tmp,8)); - if ($i<2) { &mov (&DWP(4+4*$i,"esp"),$out); } - if ($i==3) { &mov ($s[3],$acc); } - &comment(); -} - -sub enclast() -{ my ($i,$te,@s)=@_; - my $tmp = $key; - my $out = $i==3?$s[0]:$acc; - - if ($i==3) { &mov ($key,$__key); }##%edx - else { &mov ($out,$s[0]); } - &and ($out,0xFF); - if ($i==1) { &shr ($s[0],16); }#%ebx[1] - if ($i==2) { &shr ($s[0],24); }#%ecx[2] - &mov ($out,&DWP(2,$te,$out,8)); - &and ($out,0x000000ff); - - if ($i==3) { $tmp=$s[1]; }##%eax - &movz ($tmp,&HB($s[1])); - &mov ($tmp,&DWP(0,$te,$tmp,8)); - &and ($tmp,0x0000ff00); - &xor ($out,$tmp); - - if ($i==3) { $tmp=$s[2]; &mov ($s[1],$__s0); }##%ebx - else { &mov ($tmp,$s[2]); - &shr ($tmp,16); } - if ($i==2) { &and ($s[1],0xFF); }#%edx[2] - &and ($tmp,0xFF); - &mov ($tmp,&DWP(0,$te,$tmp,8)); - &and ($tmp,0x00ff0000); - &xor ($out,$tmp); - - if ($i==3) { $tmp=$s[3]; &mov ($s[2],$__s1); }##%ecx - elsif($i==2){ &movz ($tmp,&HB($s[3])); }#%ebx[2] - else { &mov ($tmp,$s[3]); - &shr ($tmp,24); } - &mov ($tmp,&DWP(2,$te,$tmp,8)); - &and ($tmp,0xff000000); - &xor ($out,$tmp); - if ($i<2) { &mov (&DWP(4+4*$i,"esp"),$out); } - if ($i==3) { &mov ($s[3],$acc); } -} - -&function_begin_B("_x86_AES_encrypt"); - if ($vertical_spin) { - # I need high parts of volatile registers to be accessible... - &exch ($s1="edi",$key="ebx"); - &mov ($s2="esi",$acc="ecx"); - } - - # note that caller is expected to allocate stack frame for me! - &mov ($__key,$key); # save key - - &xor ($s0,&DWP(0,$key)); # xor with key - &xor ($s1,&DWP(4,$key)); - &xor ($s2,&DWP(8,$key)); - &xor ($s3,&DWP(12,$key)); - - &mov ($acc,&DWP(240,$key)); # load key->rounds - - if ($small_footprint) { - &lea ($acc,&DWP(-2,$acc,$acc)); - &lea ($acc,&DWP(0,$key,$acc,8)); - &mov ($__end,$acc); # end of key schedule - - &set_label("loop",16); - if ($vertical_spin) { - &encvert($tbl,$s0,$s1,$s2,$s3); - } else { - &encstep(0,$tbl,$s0,$s1,$s2,$s3); - &encstep(1,$tbl,$s1,$s2,$s3,$s0); - &encstep(2,$tbl,$s2,$s3,$s0,$s1); - &encstep(3,$tbl,$s3,$s0,$s1,$s2); - } - &add ($key,16); # advance rd_key - &xor ($s0,&DWP(0,$key)); - &xor ($s1,&DWP(4,$key)); - &xor ($s2,&DWP(8,$key)); - &xor ($s3,&DWP(12,$key)); - &cmp ($key,$__end); - &mov ($__key,$key); - &jb (&label("loop")); - } - else { - &cmp ($acc,10); - &jle (&label("10rounds")); - &cmp ($acc,12); - &jle (&label("12rounds")); - - &set_label("14rounds",4); - for ($i=1;$i<3;$i++) { - if ($vertical_spin) { - &encvert($tbl,$s0,$s1,$s2,$s3); - } else { - &encstep(0,$tbl,$s0,$s1,$s2,$s3); - &encstep(1,$tbl,$s1,$s2,$s3,$s0); - &encstep(2,$tbl,$s2,$s3,$s0,$s1); - &encstep(3,$tbl,$s3,$s0,$s1,$s2); - } - &xor ($s0,&DWP(16*$i+0,$key)); - &xor ($s1,&DWP(16*$i+4,$key)); - &xor ($s2,&DWP(16*$i+8,$key)); - &xor ($s3,&DWP(16*$i+12,$key)); - } - &add ($key,32); - &mov ($__key,$key); # advance rd_key - &set_label("12rounds",4); - for ($i=1;$i<3;$i++) { - if ($vertical_spin) { - &encvert($tbl,$s0,$s1,$s2,$s3); - } else { - &encstep(0,$tbl,$s0,$s1,$s2,$s3); - &encstep(1,$tbl,$s1,$s2,$s3,$s0); - &encstep(2,$tbl,$s2,$s3,$s0,$s1); - &encstep(3,$tbl,$s3,$s0,$s1,$s2); - } - &xor ($s0,&DWP(16*$i+0,$key)); - &xor ($s1,&DWP(16*$i+4,$key)); - &xor ($s2,&DWP(16*$i+8,$key)); - &xor ($s3,&DWP(16*$i+12,$key)); - } - &add ($key,32); - &mov ($__key,$key); # advance rd_key - &set_label("10rounds",4); - for ($i=1;$i<10;$i++) { - if ($vertical_spin) { - &encvert($tbl,$s0,$s1,$s2,$s3); - } else { - &encstep(0,$tbl,$s0,$s1,$s2,$s3); - &encstep(1,$tbl,$s1,$s2,$s3,$s0); - &encstep(2,$tbl,$s2,$s3,$s0,$s1); - &encstep(3,$tbl,$s3,$s0,$s1,$s2); - } - &xor ($s0,&DWP(16*$i+0,$key)); - &xor ($s1,&DWP(16*$i+4,$key)); - &xor ($s2,&DWP(16*$i+8,$key)); - &xor ($s3,&DWP(16*$i+12,$key)); - } - } - - if ($vertical_spin) { - # "reincarnate" some registers for "horizontal" spin... - &mov ($s1="ebx",$key="edi"); - &mov ($s2="ecx",$acc="esi"); - } - &enclast(0,$tbl,$s0,$s1,$s2,$s3); - &enclast(1,$tbl,$s1,$s2,$s3,$s0); - &enclast(2,$tbl,$s2,$s3,$s0,$s1); - &enclast(3,$tbl,$s3,$s0,$s1,$s2); - - &add ($key,$small_footprint?16:160); - &xor ($s0,&DWP(0,$key)); - &xor ($s1,&DWP(4,$key)); - &xor ($s2,&DWP(8,$key)); - &xor ($s3,&DWP(12,$key)); - - &ret (); -&function_end_B("_x86_AES_encrypt"); - - &rodataseg(); -&set_label("AES_Te",64); - &_data_word(0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6); - &_data_word(0x0df2f2ff, 0xbd6b6bd6, 0xb16f6fde, 0x54c5c591); - &_data_word(0x50303060, 0x03010102, 0xa96767ce, 0x7d2b2b56); - &_data_word(0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec); - &_data_word(0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa); - &_data_word(0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb); - &_data_word(0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45); - &_data_word(0xbf9c9c23, 0xf7a4a453, 0x967272e4, 0x5bc0c09b); - &_data_word(0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c); - &_data_word(0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83); - &_data_word(0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x08f1f1f9); - &_data_word(0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a); - &_data_word(0x0c040408, 0x52c7c795, 0x65232346, 0x5ec3c39d); - &_data_word(0x28181830, 0xa1969637, 0x0f05050a, 0xb59a9a2f); - &_data_word(0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df); - &_data_word(0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea); - &_data_word(0x1b090912, 0x9e83831d, 0x742c2c58, 0x2e1a1a34); - &_data_word(0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b); - &_data_word(0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d); - &_data_word(0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413); - &_data_word(0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1); - &_data_word(0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6); - &_data_word(0xbe6a6ad4, 0x46cbcb8d, 0xd9bebe67, 0x4b393972); - &_data_word(0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85); - &_data_word(0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed); - &_data_word(0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511); - &_data_word(0xcf45458a, 0x10f9f9e9, 0x06020204, 0x817f7ffe); - &_data_word(0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b); - &_data_word(0xf35151a2, 0xfea3a35d, 0xc0404080, 0x8a8f8f05); - &_data_word(0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1); - &_data_word(0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142); - &_data_word(0x30101020, 0x1affffe5, 0x0ef3f3fd, 0x6dd2d2bf); - &_data_word(0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3); - &_data_word(0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e); - &_data_word(0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a); - &_data_word(0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6); - &_data_word(0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3); - &_data_word(0x66222244, 0x7e2a2a54, 0xab90903b, 0x8388880b); - &_data_word(0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428); - &_data_word(0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad); - &_data_word(0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14); - &_data_word(0xdb494992, 0x0a06060c, 0x6c242448, 0xe45c5cb8); - &_data_word(0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4); - &_data_word(0xa8919139, 0xa4959531, 0x37e4e4d3, 0x8b7979f2); - &_data_word(0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda); - &_data_word(0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949); - &_data_word(0xb46c6cd8, 0xfa5656ac, 0x07f4f4f3, 0x25eaeacf); - &_data_word(0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810); - &_data_word(0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c); - &_data_word(0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697); - &_data_word(0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e); - &_data_word(0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f); - &_data_word(0x907070e0, 0x423e3e7c, 0xc4b5b571, 0xaa6666cc); - &_data_word(0xd8484890, 0x05030306, 0x01f6f6f7, 0x120e0e1c); - &_data_word(0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969); - &_data_word(0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27); - &_data_word(0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122); - &_data_word(0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433); - &_data_word(0xb69b9b2d, 0x221e1e3c, 0x92878715, 0x20e9e9c9); - &_data_word(0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5); - &_data_word(0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a); - &_data_word(0xdabfbf65, 0x31e6e6d7, 0xc6424284, 0xb86868d0); - &_data_word(0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e); - &_data_word(0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c); - -#Te4 # four copies of Te4 to choose from to avoid L1 aliasing - &data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5); - &data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76); - &data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0); - &data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0); - &data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc); - &data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15); - &data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a); - &data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75); - &data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0); - &data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84); - &data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b); - &data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf); - &data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85); - &data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8); - &data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5); - &data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2); - &data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17); - &data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73); - &data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88); - &data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb); - &data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c); - &data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79); - &data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9); - &data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08); - &data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6); - &data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a); - &data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e); - &data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e); - &data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94); - &data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf); - &data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68); - &data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16); - - &data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5); - &data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76); - &data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0); - &data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0); - &data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc); - &data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15); - &data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a); - &data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75); - &data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0); - &data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84); - &data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b); - &data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf); - &data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85); - &data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8); - &data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5); - &data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2); - &data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17); - &data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73); - &data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88); - &data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb); - &data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c); - &data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79); - &data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9); - &data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08); - &data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6); - &data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a); - &data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e); - &data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e); - &data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94); - &data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf); - &data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68); - &data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16); - - &data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5); - &data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76); - &data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0); - &data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0); - &data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc); - &data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15); - &data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a); - &data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75); - &data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0); - &data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84); - &data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b); - &data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf); - &data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85); - &data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8); - &data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5); - &data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2); - &data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17); - &data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73); - &data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88); - &data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb); - &data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c); - &data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79); - &data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9); - &data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08); - &data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6); - &data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a); - &data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e); - &data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e); - &data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94); - &data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf); - &data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68); - &data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16); - - &data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5); - &data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76); - &data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0); - &data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0); - &data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc); - &data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15); - &data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a); - &data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75); - &data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0); - &data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84); - &data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b); - &data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf); - &data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85); - &data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8); - &data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5); - &data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2); - &data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17); - &data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73); - &data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88); - &data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb); - &data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c); - &data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79); - &data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9); - &data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08); - &data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6); - &data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a); - &data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e); - &data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e); - &data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94); - &data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf); - &data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68); - &data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16); -#rcon: - &data_word(0x00000001, 0x00000002, 0x00000004, 0x00000008); - &data_word(0x00000010, 0x00000020, 0x00000040, 0x00000080); - &data_word(0x0000001b, 0x00000036, 0x00000000, 0x00000000); - &data_word(0x00000000, 0x00000000, 0x00000000, 0x00000000); - &previous(); - -# void aes_encrypt_internal(const void *inp, void *out, const AES_KEY *key); -&function_begin("aes_encrypt_internal"); - &mov ($acc,&wparam(0)); # load inp - &mov ($key,&wparam(2)); # load key - - &mov ($s0,"esp"); - &sub ("esp",36); - &and ("esp",-64); # align to cache-line - - # place stack frame just "above" the key schedule - &lea ($s1,&DWP(-64-63,$key)); - &sub ($s1,"esp"); - &neg ($s1); - &and ($s1,0x3C0); # modulo 1024, but aligned to cache-line - &sub ("esp",$s1); - &add ("esp",4); # 4 is reserved for caller's return address - &mov ($_esp,$s0); # save stack pointer - - &picsetup($tbl); - &picsymbol($s0, "OPENSSL_ia32cap_P", $tbl); - &picsymbol($tbl, &label("AES_Te"), $tbl); - - # pick Te4 copy which can't "overlap" with stack frame or key schedule - &lea ($s1,&DWP(768-4,"esp")); - &sub ($s1,$tbl); - &and ($s1,0x300); - &lea ($tbl,&DWP(2048+128,$tbl,$s1)); - - if (!$x86only) { - &bt (&DWP(0,$s0),"\$IA32CAP_BIT0_SSE"); # check for SSE bit - &jnc (&label("x86")); - - &movq ("mm0",&QWP(0,$acc)); - &movq ("mm4",&QWP(8,$acc)); - &call ("_sse_AES_encrypt_compact"); - &mov ("esp",$_esp); # restore stack pointer - &mov ($acc,&wparam(1)); # load out - &movq (&QWP(0,$acc),"mm0"); # write output data - &movq (&QWP(8,$acc),"mm4"); - &emms (); - &function_end_A(); - } - &set_label("x86",16); - &mov ($_tbl,$tbl); - &mov ($s0,&DWP(0,$acc)); # load input data - &mov ($s1,&DWP(4,$acc)); - &mov ($s2,&DWP(8,$acc)); - &mov ($s3,&DWP(12,$acc)); - &call ("_x86_AES_encrypt_compact"); - &mov ("esp",$_esp); # restore stack pointer - &mov ($acc,&wparam(1)); # load out - &mov (&DWP(0,$acc),$s0); # write output data - &mov (&DWP(4,$acc),$s1); - &mov (&DWP(8,$acc),$s2); - &mov (&DWP(12,$acc),$s3); -&function_end("aes_encrypt_internal"); - -#--------------------------------------------------------------------# - -###################################################################### -# "Compact" block function -###################################################################### - -sub deccompact() -{ my $Fn = mov; - while ($#_>5) { pop(@_); $Fn=sub{}; } - my ($i,$td,@s)=@_; - my $tmp = $key; - my $out = $i==3?$s[0]:$acc; - - # $Fn is used in first compact round and its purpose is to - # void restoration of some values from stack, so that after - # 4xdeccompact with extra argument $key, $s0 and $s1 values - # are left there... - if($i==3) { &$Fn ($key,$__key); } - else { &mov ($out,$s[0]); } - &and ($out,0xFF); - &movz ($out,&BP(-128,$td,$out,1)); - - if ($i==3) { $tmp=$s[1]; } - &movz ($tmp,&HB($s[1])); - &movz ($tmp,&BP(-128,$td,$tmp,1)); - &shl ($tmp,8); - &xor ($out,$tmp); - - if ($i==3) { $tmp=$s[2]; &mov ($s[1],$acc); } - else { mov ($tmp,$s[2]); } - &shr ($tmp,16); - &and ($tmp,0xFF); - &movz ($tmp,&BP(-128,$td,$tmp,1)); - &shl ($tmp,16); - &xor ($out,$tmp); - - if ($i==3) { $tmp=$s[3]; &$Fn ($s[2],$__s1); } - else { &mov ($tmp,$s[3]); } - &shr ($tmp,24); - &movz ($tmp,&BP(-128,$td,$tmp,1)); - &shl ($tmp,24); - &xor ($out,$tmp); - if ($i<2) { &mov (&DWP(4+4*$i,"esp"),$out); } - if ($i==3) { &$Fn ($s[3],$__s0); } -} - -# must be called with 2,3,0,1 as argument sequence!!! -sub dectransform() -{ my @s = ($s0,$s1,$s2,$s3); - my $i = shift; - my $tmp = $key; - my $tp2 = @s[($i+2)%4]; $tp2 = @s[2] if ($i==1); - my $tp4 = @s[($i+3)%4]; $tp4 = @s[3] if ($i==1); - my $tp8 = $tbl; - - &mov ($acc,$s[$i]); - &and ($acc,0x80808080); - &mov ($tmp,$acc); - &shr ($tmp,7); - &lea ($tp2,&DWP(0,$s[$i],$s[$i])); - &sub ($acc,$tmp); - &and ($tp2,0xfefefefe); - &and ($acc,0x1b1b1b1b); - &xor ($acc,$tp2); - &mov ($tp2,$acc); - - &and ($acc,0x80808080); - &mov ($tmp,$acc); - &shr ($tmp,7); - &lea ($tp4,&DWP(0,$tp2,$tp2)); - &sub ($acc,$tmp); - &and ($tp4,0xfefefefe); - &and ($acc,0x1b1b1b1b); - &xor ($tp2,$s[$i]); # tp2^tp1 - &xor ($acc,$tp4); - &mov ($tp4,$acc); - - &and ($acc,0x80808080); - &mov ($tmp,$acc); - &shr ($tmp,7); - &lea ($tp8,&DWP(0,$tp4,$tp4)); - &sub ($acc,$tmp); - &and ($tp8,0xfefefefe); - &and ($acc,0x1b1b1b1b); - &xor ($tp4,$s[$i]); # tp4^tp1 - &rotl ($s[$i],8); # = ROTATE(tp1,8) - &xor ($tp8,$acc); - - &xor ($s[$i],$tp2); - &xor ($tp2,$tp8); - &rotl ($tp2,24); - &xor ($s[$i],$tp4); - &xor ($tp4,$tp8); - &rotl ($tp4,16); - &xor ($s[$i],$tp8); # ^= tp8^(tp4^tp1)^(tp2^tp1) - &rotl ($tp8,8); - &xor ($s[$i],$tp2); # ^= ROTATE(tp8^tp2^tp1,24) - &xor ($s[$i],$tp4); # ^= ROTATE(tp8^tp4^tp1,16) - &mov ($s[0],$__s0) if($i==2); #prefetch $s0 - &mov ($s[1],$__s1) if($i==3); #prefetch $s1 - &mov ($s[2],$__s2) if($i==1); - &xor ($s[$i],$tp8); # ^= ROTATE(tp8,8) - - &mov ($s[3],$__s3) if($i==1); - &mov (&DWP(4+4*$i,"esp"),$s[$i]) if($i>=2); -} - -&function_begin_B("_x86_AES_decrypt_compact"); - # note that caller is expected to allocate stack frame for me! - &mov ($__key,$key); # save key - - &xor ($s0,&DWP(0,$key)); # xor with key - &xor ($s1,&DWP(4,$key)); - &xor ($s2,&DWP(8,$key)); - &xor ($s3,&DWP(12,$key)); - - &mov ($acc,&DWP(240,$key)); # load key->rounds - - &lea ($acc,&DWP(-2,$acc,$acc)); - &lea ($acc,&DWP(0,$key,$acc,8)); - &mov ($__end,$acc); # end of key schedule - - # prefetch Td4 - &mov ($key,&DWP(0-128,$tbl)); - &mov ($acc,&DWP(32-128,$tbl)); - &mov ($key,&DWP(64-128,$tbl)); - &mov ($acc,&DWP(96-128,$tbl)); - &mov ($key,&DWP(128-128,$tbl)); - &mov ($acc,&DWP(160-128,$tbl)); - &mov ($key,&DWP(192-128,$tbl)); - &mov ($acc,&DWP(224-128,$tbl)); - - &set_label("loop",16); - - &deccompact(0,$tbl,$s0,$s3,$s2,$s1,1); - &deccompact(1,$tbl,$s1,$s0,$s3,$s2,1); - &deccompact(2,$tbl,$s2,$s1,$s0,$s3,1); - &deccompact(3,$tbl,$s3,$s2,$s1,$s0,1); - &dectransform(2); - &dectransform(3); - &dectransform(0); - &dectransform(1); - &mov ($key,$__key); - &mov ($tbl,$__tbl); - &add ($key,16); # advance rd_key - &xor ($s0,&DWP(0,$key)); - &xor ($s1,&DWP(4,$key)); - &xor ($s2,&DWP(8,$key)); - &xor ($s3,&DWP(12,$key)); - - &cmp ($key,$__end); - &mov ($__key,$key); - &jb (&label("loop")); - - &deccompact(0,$tbl,$s0,$s3,$s2,$s1); - &deccompact(1,$tbl,$s1,$s0,$s3,$s2); - &deccompact(2,$tbl,$s2,$s1,$s0,$s3); - &deccompact(3,$tbl,$s3,$s2,$s1,$s0); - - &xor ($s0,&DWP(16,$key)); - &xor ($s1,&DWP(20,$key)); - &xor ($s2,&DWP(24,$key)); - &xor ($s3,&DWP(28,$key)); - - &ret (); -&function_end_B("_x86_AES_decrypt_compact"); - -###################################################################### -# "Compact" SSE block function. -###################################################################### - -sub sse_deccompact() -{ - &pshufw ("mm1","mm0",0x0c); # 7, 6, 1, 0 - &movd ("eax","mm1"); # 7, 6, 1, 0 - - &pshufw ("mm5","mm4",0x09); # 13,12,11,10 - &movz ($acc,&LB("eax")); # 0 - &movz ("ecx",&BP(-128,$tbl,$acc,1)); # 0 - &movd ("ebx","mm5"); # 13,12,11,10 - &movz ("edx",&HB("eax")); # 1 - &movz ("edx",&BP(-128,$tbl,"edx",1)); # 1 - &shl ("edx",8); # 1 - - &pshufw ("mm2","mm0",0x06); # 3, 2, 5, 4 - &movz ($acc,&LB("ebx")); # 10 - &movz ($acc,&BP(-128,$tbl,$acc,1)); # 10 - &shl ($acc,16); # 10 - &or ("ecx",$acc); # 10 - &shr ("eax",16); # 7, 6 - &movz ($acc,&HB("ebx")); # 11 - &movz ($acc,&BP(-128,$tbl,$acc,1)); # 11 - &shl ($acc,24); # 11 - &or ("edx",$acc); # 11 - &shr ("ebx",16); # 13,12 - - &pshufw ("mm6","mm4",0x03); # 9, 8,15,14 - &movz ($acc,&HB("eax")); # 7 - &movz ($acc,&BP(-128,$tbl,$acc,1)); # 7 - &shl ($acc,24); # 7 - &or ("ecx",$acc); # 7 - &movz ($acc,&HB("ebx")); # 13 - &movz ($acc,&BP(-128,$tbl,$acc,1)); # 13 - &shl ($acc,8); # 13 - &or ("ecx",$acc); # 13 - &movd ("mm0","ecx"); # t[0] collected - - &movz ($acc,&LB("eax")); # 6 - &movd ("eax","mm2"); # 3, 2, 5, 4 - &movz ("ecx",&BP(-128,$tbl,$acc,1)); # 6 - &shl ("ecx",16); # 6 - &movz ($acc,&LB("ebx")); # 12 - &movd ("ebx","mm6"); # 9, 8,15,14 - &movz ($acc,&BP(-128,$tbl,$acc,1)); # 12 - &or ("ecx",$acc); # 12 - - &movz ($acc,&LB("eax")); # 4 - &movz ($acc,&BP(-128,$tbl,$acc,1)); # 4 - &or ("edx",$acc); # 4 - &movz ($acc,&LB("ebx")); # 14 - &movz ($acc,&BP(-128,$tbl,$acc,1)); # 14 - &shl ($acc,16); # 14 - &or ("edx",$acc); # 14 - &movd ("mm1","edx"); # t[1] collected - - &movz ($acc,&HB("eax")); # 5 - &movz ("edx",&BP(-128,$tbl,$acc,1)); # 5 - &shl ("edx",8); # 5 - &movz ($acc,&HB("ebx")); # 15 - &shr ("eax",16); # 3, 2 - &movz ($acc,&BP(-128,$tbl,$acc,1)); # 15 - &shl ($acc,24); # 15 - &or ("edx",$acc); # 15 - &shr ("ebx",16); # 9, 8 - - &punpckldq ("mm0","mm1"); # t[0,1] collected - - &movz ($acc,&HB("ebx")); # 9 - &movz ($acc,&BP(-128,$tbl,$acc,1)); # 9 - &shl ($acc,8); # 9 - &or ("ecx",$acc); # 9 - &and ("ebx",0xff); # 8 - &movz ("ebx",&BP(-128,$tbl,"ebx",1)); # 8 - &or ("edx","ebx"); # 8 - &movz ($acc,&LB("eax")); # 2 - &movz ($acc,&BP(-128,$tbl,$acc,1)); # 2 - &shl ($acc,16); # 2 - &or ("edx",$acc); # 2 - &movd ("mm4","edx"); # t[2] collected - &movz ("eax",&HB("eax")); # 3 - &movz ("eax",&BP(-128,$tbl,"eax",1)); # 3 - &shl ("eax",24); # 3 - &or ("ecx","eax"); # 3 - &movd ("mm5","ecx"); # t[3] collected - - &punpckldq ("mm4","mm5"); # t[2,3] collected -} - - if (!$x86only) { -&function_begin_B("_sse_AES_decrypt_compact"); - &pxor ("mm0",&QWP(0,$key)); # 7, 6, 5, 4, 3, 2, 1, 0 - &pxor ("mm4",&QWP(8,$key)); # 15,14,13,12,11,10, 9, 8 - - # note that caller is expected to allocate stack frame for me! - &mov ($acc,&DWP(240,$key)); # load key->rounds - &lea ($acc,&DWP(-2,$acc,$acc)); - &lea ($acc,&DWP(0,$key,$acc,8)); - &mov ($__end,$acc); # end of key schedule - - &mov ($s0,0x1b1b1b1b); # magic constant - &mov (&DWP(8,"esp"),$s0); - &mov (&DWP(12,"esp"),$s0); - - # prefetch Td4 - &mov ($s0,&DWP(0-128,$tbl)); - &mov ($s1,&DWP(32-128,$tbl)); - &mov ($s2,&DWP(64-128,$tbl)); - &mov ($s3,&DWP(96-128,$tbl)); - &mov ($s0,&DWP(128-128,$tbl)); - &mov ($s1,&DWP(160-128,$tbl)); - &mov ($s2,&DWP(192-128,$tbl)); - &mov ($s3,&DWP(224-128,$tbl)); - - &set_label("loop",16); - &sse_deccompact(); - &add ($key,16); - &cmp ($key,$__end); - &ja (&label("out")); - - # ROTATE(x^y,N) == ROTATE(x,N)^ROTATE(y,N) - &movq ("mm3","mm0"); &movq ("mm7","mm4"); - &movq ("mm2","mm0",1); &movq ("mm6","mm4",1); - &movq ("mm1","mm0"); &movq ("mm5","mm4"); - &pshufw ("mm0","mm0",0xb1); &pshufw ("mm4","mm4",0xb1);# = ROTATE(tp0,16) - &pslld ("mm2",8); &pslld ("mm6",8); - &psrld ("mm3",8); &psrld ("mm7",8); - &pxor ("mm0","mm2"); &pxor ("mm4","mm6"); # ^= tp0<<8 - &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # ^= tp0>>8 - &pslld ("mm2",16); &pslld ("mm6",16); - &psrld ("mm3",16); &psrld ("mm7",16); - &pxor ("mm0","mm2"); &pxor ("mm4","mm6"); # ^= tp0<<24 - &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # ^= tp0>>24 - - &movq ("mm3",&QWP(8,"esp")); - &pxor ("mm2","mm2"); &pxor ("mm6","mm6"); - &pcmpgtb("mm2","mm1"); &pcmpgtb("mm6","mm5"); - &pand ("mm2","mm3"); &pand ("mm6","mm3"); - &paddb ("mm1","mm1"); &paddb ("mm5","mm5"); - &pxor ("mm1","mm2"); &pxor ("mm5","mm6"); # tp2 - &movq ("mm3","mm1"); &movq ("mm7","mm5"); - &movq ("mm2","mm1"); &movq ("mm6","mm5"); - &pxor ("mm0","mm1"); &pxor ("mm4","mm5"); # ^= tp2 - &pslld ("mm3",24); &pslld ("mm7",24); - &psrld ("mm2",8); &psrld ("mm6",8); - &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # ^= tp2<<24 - &pxor ("mm0","mm2"); &pxor ("mm4","mm6"); # ^= tp2>>8 - - &movq ("mm2",&QWP(8,"esp")); - &pxor ("mm3","mm3"); &pxor ("mm7","mm7"); - &pcmpgtb("mm3","mm1"); &pcmpgtb("mm7","mm5"); - &pand ("mm3","mm2"); &pand ("mm7","mm2"); - &paddb ("mm1","mm1"); &paddb ("mm5","mm5"); - &pxor ("mm1","mm3"); &pxor ("mm5","mm7"); # tp4 - &pshufw ("mm3","mm1",0xb1); &pshufw ("mm7","mm5",0xb1); - &pxor ("mm0","mm1"); &pxor ("mm4","mm5"); # ^= tp4 - &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # ^= ROTATE(tp4,16) - - &pxor ("mm3","mm3"); &pxor ("mm7","mm7"); - &pcmpgtb("mm3","mm1"); &pcmpgtb("mm7","mm5"); - &pand ("mm3","mm2"); &pand ("mm7","mm2"); - &paddb ("mm1","mm1"); &paddb ("mm5","mm5"); - &pxor ("mm1","mm3"); &pxor ("mm5","mm7"); # tp8 - &pxor ("mm0","mm1"); &pxor ("mm4","mm5"); # ^= tp8 - &movq ("mm3","mm1"); &movq ("mm7","mm5"); - &pshufw ("mm2","mm1",0xb1); &pshufw ("mm6","mm5",0xb1); - &pxor ("mm0","mm2"); &pxor ("mm4","mm6"); # ^= ROTATE(tp8,16) - &pslld ("mm1",8); &pslld ("mm5",8); - &psrld ("mm3",8); &psrld ("mm7",8); - &movq ("mm2",&QWP(0,$key)); &movq ("mm6",&QWP(8,$key)); - &pxor ("mm0","mm1"); &pxor ("mm4","mm5"); # ^= tp8<<8 - &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # ^= tp8>>8 - &mov ($s0,&DWP(0-128,$tbl)); - &pslld ("mm1",16); &pslld ("mm5",16); - &mov ($s1,&DWP(64-128,$tbl)); - &psrld ("mm3",16); &psrld ("mm7",16); - &mov ($s2,&DWP(128-128,$tbl)); - &pxor ("mm0","mm1"); &pxor ("mm4","mm5"); # ^= tp8<<24 - &mov ($s3,&DWP(192-128,$tbl)); - &pxor ("mm0","mm3"); &pxor ("mm4","mm7"); # ^= tp8>>24 - - &pxor ("mm0","mm2"); &pxor ("mm4","mm6"); - &jmp (&label("loop")); - - &set_label("out",16); - &pxor ("mm0",&QWP(0,$key)); - &pxor ("mm4",&QWP(8,$key)); - - &ret (); -&function_end_B("_sse_AES_decrypt_compact"); - } - -###################################################################### -# Vanilla block function. -###################################################################### - -sub decstep() -{ my ($i,$td,@s) = @_; - my $tmp = $key; - my $out = $i==3?$s[0]:$acc; - - # no instructions are reordered, as performance appears - # optimal... or rather that all attempts to reorder didn't - # result in better performance [which by the way is not a - # bit lower than ecryption]. - if($i==3) { &mov ($key,$__key); } - else { &mov ($out,$s[0]); } - &and ($out,0xFF); - &mov ($out,&DWP(0,$td,$out,8)); - - if ($i==3) { $tmp=$s[1]; } - &movz ($tmp,&HB($s[1])); - &xor ($out,&DWP(3,$td,$tmp,8)); - - if ($i==3) { $tmp=$s[2]; &mov ($s[1],$acc); } - else { &mov ($tmp,$s[2]); } - &shr ($tmp,16); - &and ($tmp,0xFF); - &xor ($out,&DWP(2,$td,$tmp,8)); - - if ($i==3) { $tmp=$s[3]; &mov ($s[2],$__s1); } - else { &mov ($tmp,$s[3]); } - &shr ($tmp,24); - &xor ($out,&DWP(1,$td,$tmp,8)); - if ($i<2) { &mov (&DWP(4+4*$i,"esp"),$out); } - if ($i==3) { &mov ($s[3],$__s0); } - &comment(); -} - -sub declast() -{ my ($i,$td,@s)=@_; - my $tmp = $key; - my $out = $i==3?$s[0]:$acc; - - if($i==0) { &lea ($td,&DWP(2048+128,$td)); - &mov ($tmp,&DWP(0-128,$td)); - &mov ($acc,&DWP(32-128,$td)); - &mov ($tmp,&DWP(64-128,$td)); - &mov ($acc,&DWP(96-128,$td)); - &mov ($tmp,&DWP(128-128,$td)); - &mov ($acc,&DWP(160-128,$td)); - &mov ($tmp,&DWP(192-128,$td)); - &mov ($acc,&DWP(224-128,$td)); - &lea ($td,&DWP(-128,$td)); } - if($i==3) { &mov ($key,$__key); } - else { &mov ($out,$s[0]); } - &and ($out,0xFF); - &movz ($out,&BP(0,$td,$out,1)); - - if ($i==3) { $tmp=$s[1]; } - &movz ($tmp,&HB($s[1])); - &movz ($tmp,&BP(0,$td,$tmp,1)); - &shl ($tmp,8); - &xor ($out,$tmp); - - if ($i==3) { $tmp=$s[2]; &mov ($s[1],$acc); } - else { mov ($tmp,$s[2]); } - &shr ($tmp,16); - &and ($tmp,0xFF); - &movz ($tmp,&BP(0,$td,$tmp,1)); - &shl ($tmp,16); - &xor ($out,$tmp); - - if ($i==3) { $tmp=$s[3]; &mov ($s[2],$__s1); } - else { &mov ($tmp,$s[3]); } - &shr ($tmp,24); - &movz ($tmp,&BP(0,$td,$tmp,1)); - &shl ($tmp,24); - &xor ($out,$tmp); - if ($i<2) { &mov (&DWP(4+4*$i,"esp"),$out); } - if ($i==3) { &mov ($s[3],$__s0); - &lea ($td,&DWP(-2048,$td)); } -} - -&function_begin_B("_x86_AES_decrypt"); - # note that caller is expected to allocate stack frame for me! - &mov ($__key,$key); # save key - - &xor ($s0,&DWP(0,$key)); # xor with key - &xor ($s1,&DWP(4,$key)); - &xor ($s2,&DWP(8,$key)); - &xor ($s3,&DWP(12,$key)); - - &mov ($acc,&DWP(240,$key)); # load key->rounds - - if ($small_footprint) { - &lea ($acc,&DWP(-2,$acc,$acc)); - &lea ($acc,&DWP(0,$key,$acc,8)); - &mov ($__end,$acc); # end of key schedule - &set_label("loop",16); - &decstep(0,$tbl,$s0,$s3,$s2,$s1); - &decstep(1,$tbl,$s1,$s0,$s3,$s2); - &decstep(2,$tbl,$s2,$s1,$s0,$s3); - &decstep(3,$tbl,$s3,$s2,$s1,$s0); - &add ($key,16); # advance rd_key - &xor ($s0,&DWP(0,$key)); - &xor ($s1,&DWP(4,$key)); - &xor ($s2,&DWP(8,$key)); - &xor ($s3,&DWP(12,$key)); - &cmp ($key,$__end); - &mov ($__key,$key); - &jb (&label("loop")); - } - else { - &cmp ($acc,10); - &jle (&label("10rounds")); - &cmp ($acc,12); - &jle (&label("12rounds")); - - &set_label("14rounds",4); - for ($i=1;$i<3;$i++) { - &decstep(0,$tbl,$s0,$s3,$s2,$s1); - &decstep(1,$tbl,$s1,$s0,$s3,$s2); - &decstep(2,$tbl,$s2,$s1,$s0,$s3); - &decstep(3,$tbl,$s3,$s2,$s1,$s0); - &xor ($s0,&DWP(16*$i+0,$key)); - &xor ($s1,&DWP(16*$i+4,$key)); - &xor ($s2,&DWP(16*$i+8,$key)); - &xor ($s3,&DWP(16*$i+12,$key)); - } - &add ($key,32); - &mov ($__key,$key); # advance rd_key - &set_label("12rounds",4); - for ($i=1;$i<3;$i++) { - &decstep(0,$tbl,$s0,$s3,$s2,$s1); - &decstep(1,$tbl,$s1,$s0,$s3,$s2); - &decstep(2,$tbl,$s2,$s1,$s0,$s3); - &decstep(3,$tbl,$s3,$s2,$s1,$s0); - &xor ($s0,&DWP(16*$i+0,$key)); - &xor ($s1,&DWP(16*$i+4,$key)); - &xor ($s2,&DWP(16*$i+8,$key)); - &xor ($s3,&DWP(16*$i+12,$key)); - } - &add ($key,32); - &mov ($__key,$key); # advance rd_key - &set_label("10rounds",4); - for ($i=1;$i<10;$i++) { - &decstep(0,$tbl,$s0,$s3,$s2,$s1); - &decstep(1,$tbl,$s1,$s0,$s3,$s2); - &decstep(2,$tbl,$s2,$s1,$s0,$s3); - &decstep(3,$tbl,$s3,$s2,$s1,$s0); - &xor ($s0,&DWP(16*$i+0,$key)); - &xor ($s1,&DWP(16*$i+4,$key)); - &xor ($s2,&DWP(16*$i+8,$key)); - &xor ($s3,&DWP(16*$i+12,$key)); - } - } - - &declast(0,$tbl,$s0,$s3,$s2,$s1); - &declast(1,$tbl,$s1,$s0,$s3,$s2); - &declast(2,$tbl,$s2,$s1,$s0,$s3); - &declast(3,$tbl,$s3,$s2,$s1,$s0); - - &add ($key,$small_footprint?16:160); - &xor ($s0,&DWP(0,$key)); - &xor ($s1,&DWP(4,$key)); - &xor ($s2,&DWP(8,$key)); - &xor ($s3,&DWP(12,$key)); - - &ret (); -&function_end_B("_x86_AES_decrypt"); - - &rodataseg(); -&set_label("AES_Td",64); - &_data_word(0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a); - &_data_word(0xcb6bab3b, 0xf1459d1f, 0xab58faac, 0x9303e34b); - &_data_word(0x55fa3020, 0xf66d76ad, 0x9176cc88, 0x254c02f5); - &_data_word(0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 0x8fa362b5); - &_data_word(0x495ab1de, 0x671bba25, 0x980eea45, 0xe1c0fe5d); - &_data_word(0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b); - &_data_word(0xe75f8f03, 0x959c9215, 0xeb7a6dbf, 0xda595295); - &_data_word(0x2d83bed4, 0xd3217458, 0x2969e049, 0x44c8c98e); - &_data_word(0x6a89c275, 0x78798ef4, 0x6b3e5899, 0xdd71b927); - &_data_word(0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d); - &_data_word(0x184adf63, 0x82311ae5, 0x60335197, 0x457f5362); - &_data_word(0xe07764b1, 0x84ae6bbb, 0x1ca081fe, 0x942b08f9); - &_data_word(0x58684870, 0x19fd458f, 0x876cde94, 0xb7f87b52); - &_data_word(0x23d373ab, 0xe2024b72, 0x578f1fe3, 0x2aab5566); - &_data_word(0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3); - &_data_word(0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed); - &_data_word(0x2b1ccf8a, 0x92b479a7, 0xf0f207f3, 0xa1e2694e); - &_data_word(0xcdf4da65, 0xd5be0506, 0x1f6234d1, 0x8afea6c4); - &_data_word(0x9d532e34, 0xa055f3a2, 0x32e18a05, 0x75ebf6a4); - &_data_word(0x39ec830b, 0xaaef6040, 0x069f715e, 0x51106ebd); - &_data_word(0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d); - &_data_word(0xb58d5491, 0x055dc471, 0x6fd40604, 0xff155060); - &_data_word(0x24fb9819, 0x97e9bdd6, 0xcc434089, 0x779ed967); - &_data_word(0xbd42e8b0, 0x888b8907, 0x385b19e7, 0xdbeec879); - &_data_word(0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000); - &_data_word(0x83868009, 0x48ed2b32, 0xac70111e, 0x4e725a6c); - &_data_word(0xfbff0efd, 0x5638850f, 0x1ed5ae3d, 0x27392d36); - &_data_word(0x64d90f0a, 0x21a65c68, 0xd1545b9b, 0x3a2e3624); - &_data_word(0xb1670a0c, 0x0fe75793, 0xd296eeb4, 0x9e919b1b); - &_data_word(0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c); - &_data_word(0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12); - &_data_word(0x0b0d090e, 0xadc78bf2, 0xb9a8b62d, 0xc8a91e14); - &_data_word(0x8519f157, 0x4c0775af, 0xbbdd99ee, 0xfd607fa3); - &_data_word(0x9f2601f7, 0xbcf5725c, 0xc53b6644, 0x347efb5b); - &_data_word(0x7629438b, 0xdcc623cb, 0x68fcedb6, 0x63f1e4b8); - &_data_word(0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684); - &_data_word(0x7d244a85, 0xf83dbbd2, 0x1132f9ae, 0x6da129c7); - &_data_word(0x4b2f9e1d, 0xf330b2dc, 0xec52860d, 0xd0e3c177); - &_data_word(0x6c16b32b, 0x99b970a9, 0xfa489411, 0x2264e947); - &_data_word(0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322); - &_data_word(0xc74e4987, 0xc1d138d9, 0xfea2ca8c, 0x360bd498); - &_data_word(0xcf81f5a6, 0x28de7aa5, 0x268eb7da, 0xa4bfad3f); - &_data_word(0xe49d3a2c, 0x0d927850, 0x9bcc5f6a, 0x62467e54); - &_data_word(0xc2138df6, 0xe8b8d890, 0x5ef7392e, 0xf5afc382); - &_data_word(0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf); - &_data_word(0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb); - &_data_word(0x097826cd, 0xf418596e, 0x01b79aec, 0xa89a4f83); - &_data_word(0x656e95e6, 0x7ee6ffaa, 0x08cfbc21, 0xe6e815ef); - &_data_word(0xd99be7ba, 0xce366f4a, 0xd4099fea, 0xd67cb029); - &_data_word(0xafb2a431, 0x31233f2a, 0x3094a5c6, 0xc066a235); - &_data_word(0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733); - &_data_word(0x4a9804f1, 0xf7daec41, 0x0e50cd7f, 0x2ff69117); - &_data_word(0x8dd64d76, 0x4db0ef43, 0x544daacc, 0xdf0496e4); - &_data_word(0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 0x7f516546); - &_data_word(0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb); - &_data_word(0x5a1d67b3, 0x52d2db92, 0x335610e9, 0x1347d66d); - &_data_word(0x8c61d79a, 0x7a0ca137, 0x8e14f859, 0x893c13eb); - &_data_word(0xee27a9ce, 0x35c961b7, 0xede51ce1, 0x3cb1477a); - &_data_word(0x59dfd29c, 0x3f73f255, 0x79ce1418, 0xbf37c773); - &_data_word(0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478); - &_data_word(0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2); - &_data_word(0x72c31d16, 0x0c25e2bc, 0x8b493c28, 0x41950dff); - &_data_word(0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664); - &_data_word(0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0); - -#Td4: # four copies of Td4 to choose from to avoid L1 aliasing - &data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38); - &data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb); - &data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87); - &data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb); - &data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d); - &data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e); - &data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2); - &data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25); - &data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16); - &data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92); - &data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda); - &data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84); - &data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a); - &data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06); - &data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02); - &data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b); - &data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea); - &data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73); - &data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85); - &data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e); - &data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89); - &data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b); - &data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20); - &data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4); - &data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31); - &data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f); - &data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d); - &data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef); - &data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0); - &data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61); - &data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26); - &data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d); - - &data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38); - &data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb); - &data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87); - &data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb); - &data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d); - &data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e); - &data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2); - &data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25); - &data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16); - &data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92); - &data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda); - &data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84); - &data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a); - &data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06); - &data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02); - &data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b); - &data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea); - &data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73); - &data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85); - &data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e); - &data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89); - &data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b); - &data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20); - &data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4); - &data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31); - &data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f); - &data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d); - &data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef); - &data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0); - &data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61); - &data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26); - &data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d); - - &data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38); - &data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb); - &data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87); - &data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb); - &data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d); - &data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e); - &data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2); - &data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25); - &data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16); - &data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92); - &data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda); - &data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84); - &data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a); - &data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06); - &data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02); - &data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b); - &data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea); - &data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73); - &data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85); - &data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e); - &data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89); - &data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b); - &data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20); - &data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4); - &data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31); - &data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f); - &data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d); - &data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef); - &data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0); - &data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61); - &data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26); - &data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d); - - &data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38); - &data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb); - &data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87); - &data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb); - &data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d); - &data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e); - &data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2); - &data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25); - &data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16); - &data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92); - &data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda); - &data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84); - &data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a); - &data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06); - &data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02); - &data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b); - &data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea); - &data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73); - &data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85); - &data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e); - &data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89); - &data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b); - &data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20); - &data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4); - &data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31); - &data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f); - &data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d); - &data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef); - &data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0); - &data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61); - &data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26); - &data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d); - &previous(); - -# void aes_decrypt_internal(const void *inp, void *out, const AES_KEY *key); -&function_begin("aes_decrypt_internal"); - &mov ($acc,&wparam(0)); # load inp - &mov ($key,&wparam(2)); # load key - - &mov ($s0,"esp"); - &sub ("esp",36); - &and ("esp",-64); # align to cache-line - - # place stack frame just "above" the key schedule - &lea ($s1,&DWP(-64-63,$key)); - &sub ($s1,"esp"); - &neg ($s1); - &and ($s1,0x3C0); # modulo 1024, but aligned to cache-line - &sub ("esp",$s1); - &add ("esp",4); # 4 is reserved for caller's return address - &mov ($_esp,$s0); # save stack pointer - - &picsetup($tbl); - &picsymbol($s0, "OPENSSL_ia32cap_P", $tbl); - &picsymbol($tbl, &label("AES_Td"), $tbl); - - # pick Td4 copy which can't "overlap" with stack frame or key schedule - &lea ($s1,&DWP(768-4,"esp")); - &sub ($s1,$tbl); - &and ($s1,0x300); - &lea ($tbl,&DWP(2048+128,$tbl,$s1)); - - if (!$x86only) { - &bt (&DWP(0,$s0),"\$IA32CAP_BIT0_SSE"); # check for SSE bit - &jnc (&label("x86")); - - &movq ("mm0",&QWP(0,$acc)); - &movq ("mm4",&QWP(8,$acc)); - &call ("_sse_AES_decrypt_compact"); - &mov ("esp",$_esp); # restore stack pointer - &mov ($acc,&wparam(1)); # load out - &movq (&QWP(0,$acc),"mm0"); # write output data - &movq (&QWP(8,$acc),"mm4"); - &emms (); - &function_end_A(); - } - &set_label("x86",16); - &mov ($_tbl,$tbl); - &mov ($s0,&DWP(0,$acc)); # load input data - &mov ($s1,&DWP(4,$acc)); - &mov ($s2,&DWP(8,$acc)); - &mov ($s3,&DWP(12,$acc)); - &call ("_x86_AES_decrypt_compact"); - &mov ("esp",$_esp); # restore stack pointer - &mov ($acc,&wparam(1)); # load out - &mov (&DWP(0,$acc),$s0); # write output data - &mov (&DWP(4,$acc),$s1); - &mov (&DWP(8,$acc),$s2); - &mov (&DWP(12,$acc),$s3); -&function_end("aes_decrypt_internal"); - -# void aes_cbc_encrypt_internal(const void char *inp, unsigned char *out, -# size_t length, const AES_KEY *key, unsigned char *ivp,const int enc); -{ -# stack frame layout -# -4(%esp) # return address 0(%esp) -# 0(%esp) # s0 backing store 4(%esp) -# 4(%esp) # s1 backing store 8(%esp) -# 8(%esp) # s2 backing store 12(%esp) -# 12(%esp) # s3 backing store 16(%esp) -# 16(%esp) # key backup 20(%esp) -# 20(%esp) # end of key schedule 24(%esp) -# 24(%esp) # %ebp backup 28(%esp) -# 28(%esp) # %esp backup -my $_inp=&DWP(32,"esp"); # copy of wparam(0) -my $_out=&DWP(36,"esp"); # copy of wparam(1) -my $_len=&DWP(40,"esp"); # copy of wparam(2) -my $_key=&DWP(44,"esp"); # copy of wparam(3) -my $_ivp=&DWP(48,"esp"); # copy of wparam(4) -my $_tmp=&DWP(52,"esp"); # volatile variable -# -my $ivec=&DWP(60,"esp"); # ivec[16] -my $aes_key=&DWP(76,"esp"); # copy of aes_key -my $mark=&DWP(76+240,"esp"); # copy of aes_key->rounds - -&function_begin("aes_cbc_encrypt_internal"); - &mov ($s2 eq "ecx"? $s2 : "",&wparam(2)); # load len - &cmp ($s2,0); - &je (&label("drop_out")); - - &picsetup($tbl); - &picsymbol($s0, "OPENSSL_ia32cap_P", $tbl); - &picsymbol($tbl, &label("AES_Te"), $tbl); - &cmp (&wparam(5),0); - &jne (&label("picked_te")); - &lea ($tbl,&DWP(&label("AES_Td")."-".&label("AES_Te"),$tbl)); - &set_label("picked_te"); - - # one can argue if this is required - &pushf (); - &cld (); - - &cmp ($s2,$speed_limit); - &jb (&label("slow_way")); - &test ($s2,15); - &jnz (&label("slow_way")); - if (!$x86only) { - &bt (&DWP(0,$s0),"\$IA32CAP_BIT0_HT"); # check for hyper-threading bit - &jc (&label("slow_way")); - } - # pre-allocate aligned stack frame... - &lea ($acc,&DWP(-80-244,"esp")); - &and ($acc,-64); - - # ... and make sure it doesn't alias with $tbl modulo 4096 - &mov ($s0,$tbl); - &lea ($s1,&DWP(2048+256,$tbl)); - &mov ($s3,$acc); - &and ($s0,0xfff); # s = %ebp&0xfff - &and ($s1,0xfff); # e = (%ebp+2048+256)&0xfff - &and ($s3,0xfff); # p = %esp&0xfff - - &cmp ($s3,$s1); # if (p>=e) %esp =- (p-e); - &jb (&label("tbl_break_out")); - &sub ($s3,$s1); - &sub ($acc,$s3); - &jmp (&label("tbl_ok")); - &set_label("tbl_break_out",4); # else %esp -= (p-s)&0xfff + framesz; - &sub ($s3,$s0); - &and ($s3,0xfff); - &add ($s3,384); - &sub ($acc,$s3); - &set_label("tbl_ok",4); - - &lea ($s3,&wparam(0)); # obtain pointer to parameter block - &exch ("esp",$acc); # allocate stack frame - &add ("esp",4); # reserve for return address! - &mov ($_tbl,$tbl); # save %ebp - &mov ($_esp,$acc); # save %esp - - &mov ($s0,&DWP(0,$s3)); # load inp - &mov ($s1,&DWP(4,$s3)); # load out - #&mov ($s2,&DWP(8,$s3)); # load len - &mov ($key,&DWP(12,$s3)); # load key - &mov ($acc,&DWP(16,$s3)); # load ivp - &mov ($s3,&DWP(20,$s3)); # load enc flag - - &mov ($_inp,$s0); # save copy of inp - &mov ($_out,$s1); # save copy of out - &mov ($_len,$s2); # save copy of len - &mov ($_key,$key); # save copy of key - &mov ($_ivp,$acc); # save copy of ivp - - &mov ($mark,0); # copy of aes_key->rounds = 0; - # do we copy key schedule to stack? - &mov ($s1 eq "ebx" ? $s1 : "",$key); - &mov ($s2 eq "ecx" ? $s2 : "",244/4); - &sub ($s1,$tbl); - &mov ("esi",$key); - &and ($s1,0xfff); - &lea ("edi",$aes_key); - &cmp ($s1,2048+256); - &jb (&label("do_copy")); - &cmp ($s1,4096-244); - &jb (&label("skip_copy")); - &set_label("do_copy",4); - &mov ($_key,"edi"); - &data_word(0xA5F3F689); # rep movsd - &set_label("skip_copy"); - - &mov ($key,16); - &set_label("prefetch_tbl",4); - &mov ($s0,&DWP(0,$tbl)); - &mov ($s1,&DWP(32,$tbl)); - &mov ($s2,&DWP(64,$tbl)); - &mov ($acc,&DWP(96,$tbl)); - &lea ($tbl,&DWP(128,$tbl)); - &sub ($key,1); - &jnz (&label("prefetch_tbl")); - &sub ($tbl,2048); - - &mov ($acc,$_inp); - &mov ($key,$_ivp); - - &cmp ($s3,0); - &je (&label("fast_decrypt")); - -#----------------------------- ENCRYPT -----------------------------# - &mov ($s0,&DWP(0,$key)); # load iv - &mov ($s1,&DWP(4,$key)); - - &set_label("fast_enc_loop",16); - &mov ($s2,&DWP(8,$key)); - &mov ($s3,&DWP(12,$key)); - - &xor ($s0,&DWP(0,$acc)); # xor input data - &xor ($s1,&DWP(4,$acc)); - &xor ($s2,&DWP(8,$acc)); - &xor ($s3,&DWP(12,$acc)); - - &mov ($key,$_key); # load key - &call ("_x86_AES_encrypt"); - - &mov ($acc,$_inp); # load inp - &mov ($key,$_out); # load out - - &mov (&DWP(0,$key),$s0); # save output data - &mov (&DWP(4,$key),$s1); - &mov (&DWP(8,$key),$s2); - &mov (&DWP(12,$key),$s3); - - &lea ($acc,&DWP(16,$acc)); # advance inp - &mov ($s2,$_len); # load len - &mov ($_inp,$acc); # save inp - &lea ($s3,&DWP(16,$key)); # advance out - &mov ($_out,$s3); # save out - &sub ($s2,16); # decrease len - &mov ($_len,$s2); # save len - &jnz (&label("fast_enc_loop")); - &mov ($acc,$_ivp); # load ivp - &mov ($s2,&DWP(8,$key)); # restore last 2 dwords - &mov ($s3,&DWP(12,$key)); - &mov (&DWP(0,$acc),$s0); # save ivec - &mov (&DWP(4,$acc),$s1); - &mov (&DWP(8,$acc),$s2); - &mov (&DWP(12,$acc),$s3); - - &cmp ($mark,0); # was the key schedule copied? - &mov ("edi",$_key); - &je (&label("skip_ezero")); - # zero copy of key schedule - &mov ("ecx",240/4); - &xor ("eax","eax"); - &align (4); - &data_word(0xABF3F689); # rep stosd - &set_label("skip_ezero") - &mov ("esp",$_esp); - &popf (); - &set_label("drop_out"); - &function_end_A(); - &pushf (); # kludge, never executed - -#----------------------------- DECRYPT -----------------------------# -&set_label("fast_decrypt",16); - - &cmp ($acc,$_out); - &je (&label("fast_dec_in_place")); # in-place processing... - - &mov ($_tmp,$key); - - &align (4); - &set_label("fast_dec_loop",16); - &mov ($s0,&DWP(0,$acc)); # read input - &mov ($s1,&DWP(4,$acc)); - &mov ($s2,&DWP(8,$acc)); - &mov ($s3,&DWP(12,$acc)); - - &mov ($key,$_key); # load key - &call ("_x86_AES_decrypt"); - - &mov ($key,$_tmp); # load ivp - &mov ($acc,$_len); # load len - &xor ($s0,&DWP(0,$key)); # xor iv - &xor ($s1,&DWP(4,$key)); - &xor ($s2,&DWP(8,$key)); - &xor ($s3,&DWP(12,$key)); - - &mov ($key,$_out); # load out - &mov ($acc,$_inp); # load inp - - &mov (&DWP(0,$key),$s0); # write output - &mov (&DWP(4,$key),$s1); - &mov (&DWP(8,$key),$s2); - &mov (&DWP(12,$key),$s3); - - &mov ($s2,$_len); # load len - &mov ($_tmp,$acc); # save ivp - &lea ($acc,&DWP(16,$acc)); # advance inp - &mov ($_inp,$acc); # save inp - &lea ($key,&DWP(16,$key)); # advance out - &mov ($_out,$key); # save out - &sub ($s2,16); # decrease len - &mov ($_len,$s2); # save len - &jnz (&label("fast_dec_loop")); - &mov ($key,$_tmp); # load temp ivp - &mov ($acc,$_ivp); # load user ivp - &mov ($s0,&DWP(0,$key)); # load iv - &mov ($s1,&DWP(4,$key)); - &mov ($s2,&DWP(8,$key)); - &mov ($s3,&DWP(12,$key)); - &mov (&DWP(0,$acc),$s0); # copy back to user - &mov (&DWP(4,$acc),$s1); - &mov (&DWP(8,$acc),$s2); - &mov (&DWP(12,$acc),$s3); - &jmp (&label("fast_dec_out")); - - &set_label("fast_dec_in_place",16); - &set_label("fast_dec_in_place_loop"); - &mov ($s0,&DWP(0,$acc)); # read input - &mov ($s1,&DWP(4,$acc)); - &mov ($s2,&DWP(8,$acc)); - &mov ($s3,&DWP(12,$acc)); - - &lea ($key,$ivec); - &mov (&DWP(0,$key),$s0); # copy to temp - &mov (&DWP(4,$key),$s1); - &mov (&DWP(8,$key),$s2); - &mov (&DWP(12,$key),$s3); - - &mov ($key,$_key); # load key - &call ("_x86_AES_decrypt"); - - &mov ($key,$_ivp); # load ivp - &mov ($acc,$_out); # load out - &xor ($s0,&DWP(0,$key)); # xor iv - &xor ($s1,&DWP(4,$key)); - &xor ($s2,&DWP(8,$key)); - &xor ($s3,&DWP(12,$key)); - - &mov (&DWP(0,$acc),$s0); # write output - &mov (&DWP(4,$acc),$s1); - &mov (&DWP(8,$acc),$s2); - &mov (&DWP(12,$acc),$s3); - - &lea ($acc,&DWP(16,$acc)); # advance out - &mov ($_out,$acc); # save out - - &lea ($acc,$ivec); - &mov ($s0,&DWP(0,$acc)); # read temp - &mov ($s1,&DWP(4,$acc)); - &mov ($s2,&DWP(8,$acc)); - &mov ($s3,&DWP(12,$acc)); - - &mov (&DWP(0,$key),$s0); # copy iv - &mov (&DWP(4,$key),$s1); - &mov (&DWP(8,$key),$s2); - &mov (&DWP(12,$key),$s3); - - &mov ($acc,$_inp); # load inp - &mov ($s2,$_len); # load len - &lea ($acc,&DWP(16,$acc)); # advance inp - &mov ($_inp,$acc); # save inp - &sub ($s2,16); # decrease len - &mov ($_len,$s2); # save len - &jnz (&label("fast_dec_in_place_loop")); - - &set_label("fast_dec_out",4); - &cmp ($mark,0); # was the key schedule copied? - &mov ("edi",$_key); - &je (&label("skip_dzero")); - # zero copy of key schedule - &mov ("ecx",240/4); - &xor ("eax","eax"); - &align (4); - &data_word(0xABF3F689); # rep stosd - &set_label("skip_dzero") - &mov ("esp",$_esp); - &popf (); - &function_end_A(); - &pushf (); # kludge, never executed - -#--------------------------- SLOW ROUTINE ---------------------------# -&set_label("slow_way",16); - - &mov ($s0,&DWP(0,$s0)) if (!$x86only);# load OPENSSL_ia32cap - &mov ($key,&wparam(3)); # load key - - # pre-allocate aligned stack frame... - &lea ($acc,&DWP(-80,"esp")); - &and ($acc,-64); - - # ... and make sure it doesn't alias with $key modulo 1024 - &lea ($s1,&DWP(-80-63,$key)); - &sub ($s1,$acc); - &neg ($s1); - &and ($s1,0x3C0); # modulo 1024, but aligned to cache-line - &sub ($acc,$s1); - - # pick S-box copy which can't overlap with stack frame or $key - &lea ($s1,&DWP(768,$acc)); - &sub ($s1,$tbl); - &and ($s1,0x300); - &lea ($tbl,&DWP(2048+128,$tbl,$s1)); - - &lea ($s3,&wparam(0)); # pointer to parameter block - - &exch ("esp",$acc); - &add ("esp",4); # reserve for return address! - &mov ($_tbl,$tbl); # save %ebp - &mov ($_esp,$acc); # save %esp - &mov ($_tmp,$s0); # save OPENSSL_ia32cap - - &mov ($s0,&DWP(0,$s3)); # load inp - &mov ($s1,&DWP(4,$s3)); # load out - #&mov ($s2,&DWP(8,$s3)); # load len - #&mov ($key,&DWP(12,$s3)); # load key - &mov ($acc,&DWP(16,$s3)); # load ivp - &mov ($s3,&DWP(20,$s3)); # load enc flag - - &mov ($_inp,$s0); # save copy of inp - &mov ($_out,$s1); # save copy of out - &mov ($_len,$s2); # save copy of len - &mov ($_key,$key); # save copy of key - &mov ($_ivp,$acc); # save copy of ivp - - &mov ($key,$acc); - &mov ($acc,$s0); - - &cmp ($s3,0); - &je (&label("slow_decrypt")); - -#--------------------------- SLOW ENCRYPT ---------------------------# - &cmp ($s2,16); - &mov ($s3,$s1); - &jb (&label("slow_enc_tail")); - - if (!$x86only) { - &bt ($_tmp,"\$IA32CAP_BIT0_SSE"); # check for SSE bit - &jnc (&label("slow_enc_x86")); - - &movq ("mm0",&QWP(0,$key)); # load iv - &movq ("mm4",&QWP(8,$key)); - - &set_label("slow_enc_loop_sse",16); - &pxor ("mm0",&QWP(0,$acc)); # xor input data - &pxor ("mm4",&QWP(8,$acc)); - - &mov ($key,$_key); - &call ("_sse_AES_encrypt_compact"); - - &mov ($acc,$_inp); # load inp - &mov ($key,$_out); # load out - &mov ($s2,$_len); # load len - - &movq (&QWP(0,$key),"mm0"); # save output data - &movq (&QWP(8,$key),"mm4"); - - &lea ($acc,&DWP(16,$acc)); # advance inp - &mov ($_inp,$acc); # save inp - &lea ($s3,&DWP(16,$key)); # advance out - &mov ($_out,$s3); # save out - &sub ($s2,16); # decrease len - &cmp ($s2,16); - &mov ($_len,$s2); # save len - &jae (&label("slow_enc_loop_sse")); - &test ($s2,15); - &jnz (&label("slow_enc_tail")); - &mov ($acc,$_ivp); # load ivp - &movq (&QWP(0,$acc),"mm0"); # save ivec - &movq (&QWP(8,$acc),"mm4"); - &emms (); - &mov ("esp",$_esp); - &popf (); - &function_end_A(); - &pushf (); # kludge, never executed - } - &set_label("slow_enc_x86",16); - &mov ($s0,&DWP(0,$key)); # load iv - &mov ($s1,&DWP(4,$key)); - - &set_label("slow_enc_loop_x86",4); - &mov ($s2,&DWP(8,$key)); - &mov ($s3,&DWP(12,$key)); - - &xor ($s0,&DWP(0,$acc)); # xor input data - &xor ($s1,&DWP(4,$acc)); - &xor ($s2,&DWP(8,$acc)); - &xor ($s3,&DWP(12,$acc)); - - &mov ($key,$_key); # load key - &call ("_x86_AES_encrypt_compact"); - - &mov ($acc,$_inp); # load inp - &mov ($key,$_out); # load out - - &mov (&DWP(0,$key),$s0); # save output data - &mov (&DWP(4,$key),$s1); - &mov (&DWP(8,$key),$s2); - &mov (&DWP(12,$key),$s3); - - &mov ($s2,$_len); # load len - &lea ($acc,&DWP(16,$acc)); # advance inp - &mov ($_inp,$acc); # save inp - &lea ($s3,&DWP(16,$key)); # advance out - &mov ($_out,$s3); # save out - &sub ($s2,16); # decrease len - &cmp ($s2,16); - &mov ($_len,$s2); # save len - &jae (&label("slow_enc_loop_x86")); - &test ($s2,15); - &jnz (&label("slow_enc_tail")); - &mov ($acc,$_ivp); # load ivp - &mov ($s2,&DWP(8,$key)); # restore last dwords - &mov ($s3,&DWP(12,$key)); - &mov (&DWP(0,$acc),$s0); # save ivec - &mov (&DWP(4,$acc),$s1); - &mov (&DWP(8,$acc),$s2); - &mov (&DWP(12,$acc),$s3); - - &mov ("esp",$_esp); - &popf (); - &function_end_A(); - &pushf (); # kludge, never executed - - &set_label("slow_enc_tail",16); - &emms () if (!$x86only); - &mov ($key eq "edi"? $key:"",$s3); # load out to edi - &mov ($s1,16); - &sub ($s1,$s2); - &cmp ($key,$acc eq "esi"? $acc:""); # compare with inp - &je (&label("enc_in_place")); - &align (4); - &data_word(0xA4F3F689); # rep movsb # copy input - &jmp (&label("enc_skip_in_place")); - &set_label("enc_in_place"); - &lea ($key,&DWP(0,$key,$s2)); - &set_label("enc_skip_in_place"); - &mov ($s2,$s1); - &xor ($s0,$s0); - &align (4); - &data_word(0xAAF3F689); # rep stosb # zero tail - - &mov ($key,$_ivp); # restore ivp - &mov ($acc,$s3); # output as input - &mov ($s0,&DWP(0,$key)); - &mov ($s1,&DWP(4,$key)); - &mov ($_len,16); # len=16 - &jmp (&label("slow_enc_loop_x86")); # one more spin... - -#--------------------------- SLOW DECRYPT ---------------------------# -&set_label("slow_decrypt",16); - if (!$x86only) { - &bt ($_tmp,"\$IA32CAP_BIT0_SSE"); # check for SSE bit - &jnc (&label("slow_dec_loop_x86")); - - &set_label("slow_dec_loop_sse",4); - &movq ("mm0",&QWP(0,$acc)); # read input - &movq ("mm4",&QWP(8,$acc)); - - &mov ($key,$_key); - &call ("_sse_AES_decrypt_compact"); - - &mov ($acc,$_inp); # load inp - &lea ($s0,$ivec); - &mov ($s1,$_out); # load out - &mov ($s2,$_len); # load len - &mov ($key,$_ivp); # load ivp - - &movq ("mm1",&QWP(0,$acc)); # re-read input - &movq ("mm5",&QWP(8,$acc)); - - &pxor ("mm0",&QWP(0,$key)); # xor iv - &pxor ("mm4",&QWP(8,$key)); - - &movq (&QWP(0,$key),"mm1"); # copy input to iv - &movq (&QWP(8,$key),"mm5"); - - &sub ($s2,16); # decrease len - &jc (&label("slow_dec_partial_sse")); - - &movq (&QWP(0,$s1),"mm0"); # write output - &movq (&QWP(8,$s1),"mm4"); - - &lea ($s1,&DWP(16,$s1)); # advance out - &mov ($_out,$s1); # save out - &lea ($acc,&DWP(16,$acc)); # advance inp - &mov ($_inp,$acc); # save inp - &mov ($_len,$s2); # save len - &jnz (&label("slow_dec_loop_sse")); - &emms (); - &mov ("esp",$_esp); - &popf (); - &function_end_A(); - &pushf (); # kludge, never executed - - &set_label("slow_dec_partial_sse",16); - &movq (&QWP(0,$s0),"mm0"); # save output to temp - &movq (&QWP(8,$s0),"mm4"); - &emms (); - - &add ($s2 eq "ecx" ? "ecx":"",16); - &mov ("edi",$s1); # out - &mov ("esi",$s0); # temp - &align (4); - &data_word(0xA4F3F689); # rep movsb # copy partial output - - &mov ("esp",$_esp); - &popf (); - &function_end_A(); - &pushf (); # kludge, never executed - } - &set_label("slow_dec_loop_x86",16); - &mov ($s0,&DWP(0,$acc)); # read input - &mov ($s1,&DWP(4,$acc)); - &mov ($s2,&DWP(8,$acc)); - &mov ($s3,&DWP(12,$acc)); - - &lea ($key,$ivec); - &mov (&DWP(0,$key),$s0); # copy to temp - &mov (&DWP(4,$key),$s1); - &mov (&DWP(8,$key),$s2); - &mov (&DWP(12,$key),$s3); - - &mov ($key,$_key); # load key - &call ("_x86_AES_decrypt_compact"); - - &mov ($key,$_ivp); # load ivp - &mov ($acc,$_len); # load len - &xor ($s0,&DWP(0,$key)); # xor iv - &xor ($s1,&DWP(4,$key)); - &xor ($s2,&DWP(8,$key)); - &xor ($s3,&DWP(12,$key)); - - &sub ($acc,16); - &jc (&label("slow_dec_partial_x86")); - - &mov ($_len,$acc); # save len - &mov ($acc,$_out); # load out - - &mov (&DWP(0,$acc),$s0); # write output - &mov (&DWP(4,$acc),$s1); - &mov (&DWP(8,$acc),$s2); - &mov (&DWP(12,$acc),$s3); - - &lea ($acc,&DWP(16,$acc)); # advance out - &mov ($_out,$acc); # save out - - &lea ($acc,$ivec); - &mov ($s0,&DWP(0,$acc)); # read temp - &mov ($s1,&DWP(4,$acc)); - &mov ($s2,&DWP(8,$acc)); - &mov ($s3,&DWP(12,$acc)); - - &mov (&DWP(0,$key),$s0); # copy it to iv - &mov (&DWP(4,$key),$s1); - &mov (&DWP(8,$key),$s2); - &mov (&DWP(12,$key),$s3); - - &mov ($acc,$_inp); # load inp - &lea ($acc,&DWP(16,$acc)); # advance inp - &mov ($_inp,$acc); # save inp - &jnz (&label("slow_dec_loop_x86")); - &mov ("esp",$_esp); - &popf (); - &function_end_A(); - &pushf (); # kludge, never executed - - &set_label("slow_dec_partial_x86",16); - &lea ($acc,$ivec); - &mov (&DWP(0,$acc),$s0); # save output to temp - &mov (&DWP(4,$acc),$s1); - &mov (&DWP(8,$acc),$s2); - &mov (&DWP(12,$acc),$s3); - - &mov ($acc,$_inp); - &mov ($s0,&DWP(0,$acc)); # re-read input - &mov ($s1,&DWP(4,$acc)); - &mov ($s2,&DWP(8,$acc)); - &mov ($s3,&DWP(12,$acc)); - - &mov (&DWP(0,$key),$s0); # copy it to iv - &mov (&DWP(4,$key),$s1); - &mov (&DWP(8,$key),$s2); - &mov (&DWP(12,$key),$s3); - - &mov ("ecx",$_len); - &mov ("edi",$_out); - &lea ("esi",$ivec); - &align (4); - &data_word(0xA4F3F689); # rep movsb # copy partial output - - &mov ("esp",$_esp); - &popf (); -&function_end("aes_cbc_encrypt_internal"); -} - -#------------------------------------------------------------------# - -sub enckey() -{ - &movz ("esi",&LB("edx")); # rk[i]>>0 - &movz ("ebx",&BP(-128,$tbl,"esi",1)); - &movz ("esi",&HB("edx")); # rk[i]>>8 - &shl ("ebx",24); - &xor ("eax","ebx"); - - &movz ("ebx",&BP(-128,$tbl,"esi",1)); - &shr ("edx",16); - &movz ("esi",&LB("edx")); # rk[i]>>16 - &xor ("eax","ebx"); - - &movz ("ebx",&BP(-128,$tbl,"esi",1)); - &movz ("esi",&HB("edx")); # rk[i]>>24 - &shl ("ebx",8); - &xor ("eax","ebx"); - - &movz ("ebx",&BP(-128,$tbl,"esi",1)); - &shl ("ebx",16); - &xor ("eax","ebx"); - - &xor ("eax",&DWP(1024-128,$tbl,"ecx",4)); # rcon -} - -&function_begin("_x86_AES_set_encrypt_key"); - &mov ("esi",&wparam(1)); # user supplied key - &mov ("edi",&wparam(3)); # private key schedule - - &test ("esi",-1); - &jz (&label("badpointer")); - &test ("edi",-1); - &jz (&label("badpointer")); - - &picsetup($tbl); - &picsymbol($tbl, &label("AES_Te"), $tbl); - - &lea ($tbl,&DWP(2048+128,$tbl)); - - # prefetch Te4 - &mov ("eax",&DWP(0-128,$tbl)); - &mov ("ebx",&DWP(32-128,$tbl)); - &mov ("ecx",&DWP(64-128,$tbl)); - &mov ("edx",&DWP(96-128,$tbl)); - &mov ("eax",&DWP(128-128,$tbl)); - &mov ("ebx",&DWP(160-128,$tbl)); - &mov ("ecx",&DWP(192-128,$tbl)); - &mov ("edx",&DWP(224-128,$tbl)); - - &mov ("ecx",&wparam(2)); # number of bits in key - &cmp ("ecx",128); - &je (&label("10rounds")); - &cmp ("ecx",192); - &je (&label("12rounds")); - &cmp ("ecx",256); - &je (&label("14rounds")); - &mov ("eax",-2); # invalid number of bits - &jmp (&label("exit")); - - &set_label("10rounds"); - &mov ("eax",&DWP(0,"esi")); # copy first 4 dwords - &mov ("ebx",&DWP(4,"esi")); - &mov ("ecx",&DWP(8,"esi")); - &mov ("edx",&DWP(12,"esi")); - &mov (&DWP(0,"edi"),"eax"); - &mov (&DWP(4,"edi"),"ebx"); - &mov (&DWP(8,"edi"),"ecx"); - &mov (&DWP(12,"edi"),"edx"); - - &xor ("ecx","ecx"); - &jmp (&label("10shortcut")); - - &align (4); - &set_label("10loop"); - &mov ("eax",&DWP(0,"edi")); # rk[0] - &mov ("edx",&DWP(12,"edi")); # rk[3] - &set_label("10shortcut"); - &enckey (); - - &mov (&DWP(16,"edi"),"eax"); # rk[4] - &xor ("eax",&DWP(4,"edi")); - &mov (&DWP(20,"edi"),"eax"); # rk[5] - &xor ("eax",&DWP(8,"edi")); - &mov (&DWP(24,"edi"),"eax"); # rk[6] - &xor ("eax",&DWP(12,"edi")); - &mov (&DWP(28,"edi"),"eax"); # rk[7] - &inc ("ecx"); - &add ("edi",16); - &cmp ("ecx",10); - &jl (&label("10loop")); - - &mov (&DWP(80,"edi"),10); # setup number of rounds - &xor ("eax","eax"); - &jmp (&label("exit")); - - &set_label("12rounds"); - &mov ("eax",&DWP(0,"esi")); # copy first 6 dwords - &mov ("ebx",&DWP(4,"esi")); - &mov ("ecx",&DWP(8,"esi")); - &mov ("edx",&DWP(12,"esi")); - &mov (&DWP(0,"edi"),"eax"); - &mov (&DWP(4,"edi"),"ebx"); - &mov (&DWP(8,"edi"),"ecx"); - &mov (&DWP(12,"edi"),"edx"); - &mov ("ecx",&DWP(16,"esi")); - &mov ("edx",&DWP(20,"esi")); - &mov (&DWP(16,"edi"),"ecx"); - &mov (&DWP(20,"edi"),"edx"); - - &xor ("ecx","ecx"); - &jmp (&label("12shortcut")); - - &align (4); - &set_label("12loop"); - &mov ("eax",&DWP(0,"edi")); # rk[0] - &mov ("edx",&DWP(20,"edi")); # rk[5] - &set_label("12shortcut"); - &enckey (); - - &mov (&DWP(24,"edi"),"eax"); # rk[6] - &xor ("eax",&DWP(4,"edi")); - &mov (&DWP(28,"edi"),"eax"); # rk[7] - &xor ("eax",&DWP(8,"edi")); - &mov (&DWP(32,"edi"),"eax"); # rk[8] - &xor ("eax",&DWP(12,"edi")); - &mov (&DWP(36,"edi"),"eax"); # rk[9] - - &cmp ("ecx",7); - &je (&label("12break")); - &inc ("ecx"); - - &xor ("eax",&DWP(16,"edi")); - &mov (&DWP(40,"edi"),"eax"); # rk[10] - &xor ("eax",&DWP(20,"edi")); - &mov (&DWP(44,"edi"),"eax"); # rk[11] - - &add ("edi",24); - &jmp (&label("12loop")); - - &set_label("12break"); - &mov (&DWP(72,"edi"),12); # setup number of rounds - &xor ("eax","eax"); - &jmp (&label("exit")); - - &set_label("14rounds"); - &mov ("eax",&DWP(0,"esi")); # copy first 8 dwords - &mov ("ebx",&DWP(4,"esi")); - &mov ("ecx",&DWP(8,"esi")); - &mov ("edx",&DWP(12,"esi")); - &mov (&DWP(0,"edi"),"eax"); - &mov (&DWP(4,"edi"),"ebx"); - &mov (&DWP(8,"edi"),"ecx"); - &mov (&DWP(12,"edi"),"edx"); - &mov ("eax",&DWP(16,"esi")); - &mov ("ebx",&DWP(20,"esi")); - &mov ("ecx",&DWP(24,"esi")); - &mov ("edx",&DWP(28,"esi")); - &mov (&DWP(16,"edi"),"eax"); - &mov (&DWP(20,"edi"),"ebx"); - &mov (&DWP(24,"edi"),"ecx"); - &mov (&DWP(28,"edi"),"edx"); - - &xor ("ecx","ecx"); - &jmp (&label("14shortcut")); - - &align (4); - &set_label("14loop"); - &mov ("edx",&DWP(28,"edi")); # rk[7] - &set_label("14shortcut"); - &mov ("eax",&DWP(0,"edi")); # rk[0] - - &enckey (); - - &mov (&DWP(32,"edi"),"eax"); # rk[8] - &xor ("eax",&DWP(4,"edi")); - &mov (&DWP(36,"edi"),"eax"); # rk[9] - &xor ("eax",&DWP(8,"edi")); - &mov (&DWP(40,"edi"),"eax"); # rk[10] - &xor ("eax",&DWP(12,"edi")); - &mov (&DWP(44,"edi"),"eax"); # rk[11] - - &cmp ("ecx",6); - &je (&label("14break")); - &inc ("ecx"); - - &mov ("edx","eax"); - &mov ("eax",&DWP(16,"edi")); # rk[4] - &movz ("esi",&LB("edx")); # rk[11]>>0 - &movz ("ebx",&BP(-128,$tbl,"esi",1)); - &movz ("esi",&HB("edx")); # rk[11]>>8 - &xor ("eax","ebx"); - - &movz ("ebx",&BP(-128,$tbl,"esi",1)); - &shr ("edx",16); - &shl ("ebx",8); - &movz ("esi",&LB("edx")); # rk[11]>>16 - &xor ("eax","ebx"); - - &movz ("ebx",&BP(-128,$tbl,"esi",1)); - &movz ("esi",&HB("edx")); # rk[11]>>24 - &shl ("ebx",16); - &xor ("eax","ebx"); - - &movz ("ebx",&BP(-128,$tbl,"esi",1)); - &shl ("ebx",24); - &xor ("eax","ebx"); - - &mov (&DWP(48,"edi"),"eax"); # rk[12] - &xor ("eax",&DWP(20,"edi")); - &mov (&DWP(52,"edi"),"eax"); # rk[13] - &xor ("eax",&DWP(24,"edi")); - &mov (&DWP(56,"edi"),"eax"); # rk[14] - &xor ("eax",&DWP(28,"edi")); - &mov (&DWP(60,"edi"),"eax"); # rk[15] - - &add ("edi",32); - &jmp (&label("14loop")); - - &set_label("14break"); - &mov (&DWP(48,"edi"),14); # setup number of rounds - &xor ("eax","eax"); - &jmp (&label("exit")); - - &set_label("badpointer"); - &mov ("eax",-1); - &set_label("exit"); -&function_end("_x86_AES_set_encrypt_key"); - -# int aes_set_encrypt_key_internal(const unsigned char *userKey, const int bits, -# AES_KEY *key) -&function_begin_B("aes_set_encrypt_key_internal"); - &call ("_x86_AES_set_encrypt_key"); - &ret (); -&function_end_B("aes_set_encrypt_key_internal"); - -sub deckey() -{ my ($i,$key,$tp1,$tp2,$tp4,$tp8) = @_; - my $tmp = $tbl; - - &mov ($acc,$tp1); - &and ($acc,0x80808080); - &mov ($tmp,$acc); - &shr ($tmp,7); - &lea ($tp2,&DWP(0,$tp1,$tp1)); - &sub ($acc,$tmp); - &and ($tp2,0xfefefefe); - &and ($acc,0x1b1b1b1b); - &xor ($acc,$tp2); - &mov ($tp2,$acc); - - &and ($acc,0x80808080); - &mov ($tmp,$acc); - &shr ($tmp,7); - &lea ($tp4,&DWP(0,$tp2,$tp2)); - &sub ($acc,$tmp); - &and ($tp4,0xfefefefe); - &and ($acc,0x1b1b1b1b); - &xor ($tp2,$tp1); # tp2^tp1 - &xor ($acc,$tp4); - &mov ($tp4,$acc); - - &and ($acc,0x80808080); - &mov ($tmp,$acc); - &shr ($tmp,7); - &lea ($tp8,&DWP(0,$tp4,$tp4)); - &xor ($tp4,$tp1); # tp4^tp1 - &sub ($acc,$tmp); - &and ($tp8,0xfefefefe); - &and ($acc,0x1b1b1b1b); - &rotl ($tp1,8); # = ROTATE(tp1,8) - &xor ($tp8,$acc); - - &mov ($tmp,&DWP(4*($i+1),$key)); # modulo-scheduled load - - &xor ($tp1,$tp2); - &xor ($tp2,$tp8); - &xor ($tp1,$tp4); - &rotl ($tp2,24); - &xor ($tp4,$tp8); - &xor ($tp1,$tp8); # ^= tp8^(tp4^tp1)^(tp2^tp1) - &rotl ($tp4,16); - &xor ($tp1,$tp2); # ^= ROTATE(tp8^tp2^tp1,24) - &rotl ($tp8,8); - &xor ($tp1,$tp4); # ^= ROTATE(tp8^tp4^tp1,16) - &mov ($tp2,$tmp); - &xor ($tp1,$tp8); # ^= ROTATE(tp8,8) - - &mov (&DWP(4*$i,$key),$tp1); -} - -# int aes_set_decrypt_key_internal(const unsigned char *userKey, const int bits, -# AES_KEY *key) -&function_begin_B("aes_set_decrypt_key_internal"); - &call ("_x86_AES_set_encrypt_key"); - &cmp ("eax",0); - &je (&label("proceed")); - &ret (); - - &set_label("proceed"); - &push ("ebp"); - &push ("ebx"); - &push ("esi"); - &push ("edi"); - - &mov ("esi",&wparam(2)); - &mov ("ecx",&DWP(240,"esi")); # pull number of rounds - &lea ("ecx",&DWP(0,"","ecx",4)); - &lea ("edi",&DWP(0,"esi","ecx",4)); # pointer to last chunk - - &set_label("invert",4); # invert order of chunks - &mov ("eax",&DWP(0,"esi")); - &mov ("ebx",&DWP(4,"esi")); - &mov ("ecx",&DWP(0,"edi")); - &mov ("edx",&DWP(4,"edi")); - &mov (&DWP(0,"edi"),"eax"); - &mov (&DWP(4,"edi"),"ebx"); - &mov (&DWP(0,"esi"),"ecx"); - &mov (&DWP(4,"esi"),"edx"); - &mov ("eax",&DWP(8,"esi")); - &mov ("ebx",&DWP(12,"esi")); - &mov ("ecx",&DWP(8,"edi")); - &mov ("edx",&DWP(12,"edi")); - &mov (&DWP(8,"edi"),"eax"); - &mov (&DWP(12,"edi"),"ebx"); - &mov (&DWP(8,"esi"),"ecx"); - &mov (&DWP(12,"esi"),"edx"); - &add ("esi",16); - &sub ("edi",16); - &cmp ("esi","edi"); - &jne (&label("invert")); - - &mov ($key,&wparam(2)); - &mov ($acc,&DWP(240,$key)); # pull number of rounds - &lea ($acc,&DWP(-2,$acc,$acc)); - &lea ($acc,&DWP(0,$key,$acc,8)); - &mov (&wparam(2),$acc); - - &mov ($s0,&DWP(16,$key)); # modulo-scheduled load - &set_label("permute",4); # permute the key schedule - &add ($key,16); - &deckey (0,$key,$s0,$s1,$s2,$s3); - &deckey (1,$key,$s1,$s2,$s3,$s0); - &deckey (2,$key,$s2,$s3,$s0,$s1); - &deckey (3,$key,$s3,$s0,$s1,$s2); - &cmp ($key,&wparam(2)); - &jb (&label("permute")); - - &xor ("eax","eax"); # return success -&function_end("aes_set_decrypt_key_internal"); - -&asm_finish(); diff --git a/src/lib/libcrypto/aes/asm/aes-armv4.pl b/src/lib/libcrypto/aes/asm/aes-armv4.pl deleted file mode 100644 index 0048ee5b29..0000000000 --- a/src/lib/libcrypto/aes/asm/aes-armv4.pl +++ /dev/null @@ -1,1134 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# AES for ARMv4 - -# January 2007. -# -# Code uses single 1K S-box and is >2 times faster than code generated -# by gcc-3.4.1. This is thanks to unique feature of ARMv4 ISA, which -# allows to merge logical or arithmetic operation with shift or rotate -# in one instruction and emit combined result every cycle. The module -# is endian-neutral. The performance is ~42 cycles/byte for 128-bit -# key [on single-issue Xscale PXA250 core]. - -# May 2007. -# -# AES_set_[en|de]crypt_key is added. - -# July 2010. -# -# Rescheduling for dual-issue pipeline resulted in 12% improvement on -# Cortex A8 core and ~25 cycles per byte processed with 128-bit key. - -# February 2011. -# -# Profiler-assisted and platform-specific optimization resulted in 16% -# improvement on Cortex A8 core and ~21.5 cycles per byte. - -while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {} -open STDOUT,">$output"; - -$s0="r0"; -$s1="r1"; -$s2="r2"; -$s3="r3"; -$t1="r4"; -$t2="r5"; -$t3="r6"; -$i1="r7"; -$i2="r8"; -$i3="r9"; - -$tbl="r10"; -$key="r11"; -$rounds="r12"; - -$code=<<___; -#include "arm_arch.h" -.text -.code 32 - -.type AES_Te,%object -.align 5 -AES_Te: -.word 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d -.word 0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554 -.word 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d -.word 0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a -.word 0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87 -.word 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b -.word 0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea -.word 0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b -.word 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a -.word 0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f -.word 0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108 -.word 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f -.word 0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e -.word 0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5 -.word 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d -.word 0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f -.word 0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e -.word 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb -.word 0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce -.word 0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497 -.word 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c -.word 0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed -.word 0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b -.word 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a -.word 0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16 -.word 0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594 -.word 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81 -.word 0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3 -.word 0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a -.word 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504 -.word 0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163 -.word 0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d -.word 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f -.word 0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739 -.word 0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47 -.word 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395 -.word 0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f -.word 0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883 -.word 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c -.word 0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76 -.word 0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e -.word 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4 -.word 0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6 -.word 0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b -.word 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7 -.word 0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0 -.word 0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25 -.word 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818 -.word 0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72 -.word 0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651 -.word 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21 -.word 0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85 -.word 0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa -.word 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12 -.word 0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0 -.word 0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9 -.word 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133 -.word 0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7 -.word 0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920 -.word 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a -.word 0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17 -.word 0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8 -.word 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11 -.word 0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a -@ Te4[256] -.byte 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5 -.byte 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76 -.byte 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0 -.byte 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0 -.byte 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc -.byte 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15 -.byte 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a -.byte 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75 -.byte 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0 -.byte 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84 -.byte 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b -.byte 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf -.byte 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85 -.byte 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8 -.byte 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5 -.byte 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2 -.byte 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17 -.byte 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73 -.byte 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88 -.byte 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb -.byte 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c -.byte 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79 -.byte 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9 -.byte 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08 -.byte 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6 -.byte 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a -.byte 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e -.byte 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e -.byte 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94 -.byte 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf -.byte 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68 -.byte 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 -@ rcon[] -.word 0x01000000, 0x02000000, 0x04000000, 0x08000000 -.word 0x10000000, 0x20000000, 0x40000000, 0x80000000 -.word 0x1B000000, 0x36000000, 0, 0, 0, 0, 0, 0 -.size AES_Te,.-AES_Te - -@ void aes_encrypt_internal(const unsigned char *in, unsigned char *out, -@ const AES_KEY *key) { -.global aes_encrypt_internal -.type aes_encrypt_internal,%function -.align 5 -aes_encrypt_internal: - sub r3,pc,#8 @ aes_encrypt_internal - stmdb sp!,{r1,r4-r12,lr} - mov $rounds,r0 @ inp - mov $key,r2 - sub $tbl,r3,#aes_encrypt_internal-AES_Te @ Te -#if __ARM_ARCH__<7 || defined(__STRICT_ALIGNMENT) - ldrb $s0,[$rounds,#3] @ load input data in endian-neutral - ldrb $t1,[$rounds,#2] @ manner... - ldrb $t2,[$rounds,#1] - ldrb $t3,[$rounds,#0] - orr $s0,$s0,$t1,lsl#8 - ldrb $s1,[$rounds,#7] - orr $s0,$s0,$t2,lsl#16 - ldrb $t1,[$rounds,#6] - orr $s0,$s0,$t3,lsl#24 - ldrb $t2,[$rounds,#5] - ldrb $t3,[$rounds,#4] - orr $s1,$s1,$t1,lsl#8 - ldrb $s2,[$rounds,#11] - orr $s1,$s1,$t2,lsl#16 - ldrb $t1,[$rounds,#10] - orr $s1,$s1,$t3,lsl#24 - ldrb $t2,[$rounds,#9] - ldrb $t3,[$rounds,#8] - orr $s2,$s2,$t1,lsl#8 - ldrb $s3,[$rounds,#15] - orr $s2,$s2,$t2,lsl#16 - ldrb $t1,[$rounds,#14] - orr $s2,$s2,$t3,lsl#24 - ldrb $t2,[$rounds,#13] - ldrb $t3,[$rounds,#12] - orr $s3,$s3,$t1,lsl#8 - orr $s3,$s3,$t2,lsl#16 - orr $s3,$s3,$t3,lsl#24 -#else - ldr $s0,[$rounds,#0] - ldr $s1,[$rounds,#4] - ldr $s2,[$rounds,#8] - ldr $s3,[$rounds,#12] -#ifdef __ARMEL__ - rev $s0,$s0 - rev $s1,$s1 - rev $s2,$s2 - rev $s3,$s3 -#endif -#endif - bl _armv4_AES_encrypt - - ldr $rounds,[sp],#4 @ pop out -#if __ARM_ARCH__>=7 && !defined(__STRICT_ALIGNMENT) -#ifdef __ARMEL__ - rev $s0,$s0 - rev $s1,$s1 - rev $s2,$s2 - rev $s3,$s3 -#endif - str $s0,[$rounds,#0] - str $s1,[$rounds,#4] - str $s2,[$rounds,#8] - str $s3,[$rounds,#12] -#else - mov $t1,$s0,lsr#24 @ write output in endian-neutral - mov $t2,$s0,lsr#16 @ manner... - mov $t3,$s0,lsr#8 - strb $t1,[$rounds,#0] - strb $t2,[$rounds,#1] - mov $t1,$s1,lsr#24 - strb $t3,[$rounds,#2] - mov $t2,$s1,lsr#16 - strb $s0,[$rounds,#3] - mov $t3,$s1,lsr#8 - strb $t1,[$rounds,#4] - strb $t2,[$rounds,#5] - mov $t1,$s2,lsr#24 - strb $t3,[$rounds,#6] - mov $t2,$s2,lsr#16 - strb $s1,[$rounds,#7] - mov $t3,$s2,lsr#8 - strb $t1,[$rounds,#8] - strb $t2,[$rounds,#9] - mov $t1,$s3,lsr#24 - strb $t3,[$rounds,#10] - mov $t2,$s3,lsr#16 - strb $s2,[$rounds,#11] - mov $t3,$s3,lsr#8 - strb $t1,[$rounds,#12] - strb $t2,[$rounds,#13] - strb $t3,[$rounds,#14] - strb $s3,[$rounds,#15] -#endif -#if __ARM_ARCH__>=5 - ldmia sp!,{r4-r12,pc} -#else - ldmia sp!,{r4-r12,lr} - tst lr,#1 - moveq pc,lr @ be binary compatible with V4, yet - bx lr @ interoperable with Thumb ISA:-) -#endif -.size aes_encrypt_internal,.-aes_encrypt_internal - -.type _armv4_AES_encrypt,%function -.align 2 -_armv4_AES_encrypt: - str lr,[sp,#-4]! @ push lr - ldmia $key!,{$t1-$i1} - eor $s0,$s0,$t1 - ldr $rounds,[$key,#240-16] - eor $s1,$s1,$t2 - eor $s2,$s2,$t3 - eor $s3,$s3,$i1 - sub $rounds,$rounds,#1 - mov lr,#255 - - and $i1,lr,$s0 - and $i2,lr,$s0,lsr#8 - and $i3,lr,$s0,lsr#16 - mov $s0,$s0,lsr#24 -.Lenc_loop: - ldr $t1,[$tbl,$i1,lsl#2] @ Te3[s0>>0] - and $i1,lr,$s1,lsr#16 @ i0 - ldr $t2,[$tbl,$i2,lsl#2] @ Te2[s0>>8] - and $i2,lr,$s1 - ldr $t3,[$tbl,$i3,lsl#2] @ Te1[s0>>16] - and $i3,lr,$s1,lsr#8 - ldr $s0,[$tbl,$s0,lsl#2] @ Te0[s0>>24] - mov $s1,$s1,lsr#24 - - ldr $i1,[$tbl,$i1,lsl#2] @ Te1[s1>>16] - ldr $i2,[$tbl,$i2,lsl#2] @ Te3[s1>>0] - ldr $i3,[$tbl,$i3,lsl#2] @ Te2[s1>>8] - eor $s0,$s0,$i1,ror#8 - ldr $s1,[$tbl,$s1,lsl#2] @ Te0[s1>>24] - and $i1,lr,$s2,lsr#8 @ i0 - eor $t2,$t2,$i2,ror#8 - and $i2,lr,$s2,lsr#16 @ i1 - eor $t3,$t3,$i3,ror#8 - and $i3,lr,$s2 - ldr $i1,[$tbl,$i1,lsl#2] @ Te2[s2>>8] - eor $s1,$s1,$t1,ror#24 - ldr $i2,[$tbl,$i2,lsl#2] @ Te1[s2>>16] - mov $s2,$s2,lsr#24 - - ldr $i3,[$tbl,$i3,lsl#2] @ Te3[s2>>0] - eor $s0,$s0,$i1,ror#16 - ldr $s2,[$tbl,$s2,lsl#2] @ Te0[s2>>24] - and $i1,lr,$s3 @ i0 - eor $s1,$s1,$i2,ror#8 - and $i2,lr,$s3,lsr#8 @ i1 - eor $t3,$t3,$i3,ror#16 - and $i3,lr,$s3,lsr#16 @ i2 - ldr $i1,[$tbl,$i1,lsl#2] @ Te3[s3>>0] - eor $s2,$s2,$t2,ror#16 - ldr $i2,[$tbl,$i2,lsl#2] @ Te2[s3>>8] - mov $s3,$s3,lsr#24 - - ldr $i3,[$tbl,$i3,lsl#2] @ Te1[s3>>16] - eor $s0,$s0,$i1,ror#24 - ldr $i1,[$key],#16 - eor $s1,$s1,$i2,ror#16 - ldr $s3,[$tbl,$s3,lsl#2] @ Te0[s3>>24] - eor $s2,$s2,$i3,ror#8 - ldr $t1,[$key,#-12] - eor $s3,$s3,$t3,ror#8 - - ldr $t2,[$key,#-8] - eor $s0,$s0,$i1 - ldr $t3,[$key,#-4] - and $i1,lr,$s0 - eor $s1,$s1,$t1 - and $i2,lr,$s0,lsr#8 - eor $s2,$s2,$t2 - and $i3,lr,$s0,lsr#16 - eor $s3,$s3,$t3 - mov $s0,$s0,lsr#24 - - subs $rounds,$rounds,#1 - bne .Lenc_loop - - add $tbl,$tbl,#2 - - ldrb $t1,[$tbl,$i1,lsl#2] @ Te4[s0>>0] - and $i1,lr,$s1,lsr#16 @ i0 - ldrb $t2,[$tbl,$i2,lsl#2] @ Te4[s0>>8] - and $i2,lr,$s1 - ldrb $t3,[$tbl,$i3,lsl#2] @ Te4[s0>>16] - and $i3,lr,$s1,lsr#8 - ldrb $s0,[$tbl,$s0,lsl#2] @ Te4[s0>>24] - mov $s1,$s1,lsr#24 - - ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s1>>16] - ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s1>>0] - ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s1>>8] - eor $s0,$i1,$s0,lsl#8 - ldrb $s1,[$tbl,$s1,lsl#2] @ Te4[s1>>24] - and $i1,lr,$s2,lsr#8 @ i0 - eor $t2,$i2,$t2,lsl#8 - and $i2,lr,$s2,lsr#16 @ i1 - eor $t3,$i3,$t3,lsl#8 - and $i3,lr,$s2 - ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s2>>8] - eor $s1,$t1,$s1,lsl#24 - ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s2>>16] - mov $s2,$s2,lsr#24 - - ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s2>>0] - eor $s0,$i1,$s0,lsl#8 - ldrb $s2,[$tbl,$s2,lsl#2] @ Te4[s2>>24] - and $i1,lr,$s3 @ i0 - eor $s1,$s1,$i2,lsl#16 - and $i2,lr,$s3,lsr#8 @ i1 - eor $t3,$i3,$t3,lsl#8 - and $i3,lr,$s3,lsr#16 @ i2 - ldrb $i1,[$tbl,$i1,lsl#2] @ Te4[s3>>0] - eor $s2,$t2,$s2,lsl#24 - ldrb $i2,[$tbl,$i2,lsl#2] @ Te4[s3>>8] - mov $s3,$s3,lsr#24 - - ldrb $i3,[$tbl,$i3,lsl#2] @ Te4[s3>>16] - eor $s0,$i1,$s0,lsl#8 - ldr $i1,[$key,#0] - ldrb $s3,[$tbl,$s3,lsl#2] @ Te4[s3>>24] - eor $s1,$s1,$i2,lsl#8 - ldr $t1,[$key,#4] - eor $s2,$s2,$i3,lsl#16 - ldr $t2,[$key,#8] - eor $s3,$t3,$s3,lsl#24 - ldr $t3,[$key,#12] - - eor $s0,$s0,$i1 - eor $s1,$s1,$t1 - eor $s2,$s2,$t2 - eor $s3,$s3,$t3 - - sub $tbl,$tbl,#2 - ldr pc,[sp],#4 @ pop and return -.size _armv4_AES_encrypt,.-_armv4_AES_encrypt - -.global aes_set_encrypt_key_internal -.type aes_set_encrypt_key_internal,%function -.align 5 -aes_set_encrypt_key_internal: -_armv4_AES_set_encrypt_key: - sub r3,pc,#8 @ aes_set_encrypt_key_internal - teq r0,#0 - moveq r0,#-1 - beq .Labrt - teq r2,#0 - moveq r0,#-1 - beq .Labrt - - teq r1,#128 - beq .Lok - teq r1,#192 - beq .Lok - teq r1,#256 - movne r0,#-1 - bne .Labrt - -.Lok: stmdb sp!,{r4-r12,lr} - sub $tbl,r3,#_armv4_AES_set_encrypt_key-AES_Te-1024 @ Te4 - - mov $rounds,r0 @ inp - mov lr,r1 @ bits - mov $key,r2 @ key - -#if __ARM_ARCH__<7 || defined(__STRICT_ALIGNMENT) - ldrb $s0,[$rounds,#3] @ load input data in endian-neutral - ldrb $t1,[$rounds,#2] @ manner... - ldrb $t2,[$rounds,#1] - ldrb $t3,[$rounds,#0] - orr $s0,$s0,$t1,lsl#8 - ldrb $s1,[$rounds,#7] - orr $s0,$s0,$t2,lsl#16 - ldrb $t1,[$rounds,#6] - orr $s0,$s0,$t3,lsl#24 - ldrb $t2,[$rounds,#5] - ldrb $t3,[$rounds,#4] - orr $s1,$s1,$t1,lsl#8 - ldrb $s2,[$rounds,#11] - orr $s1,$s1,$t2,lsl#16 - ldrb $t1,[$rounds,#10] - orr $s1,$s1,$t3,lsl#24 - ldrb $t2,[$rounds,#9] - ldrb $t3,[$rounds,#8] - orr $s2,$s2,$t1,lsl#8 - ldrb $s3,[$rounds,#15] - orr $s2,$s2,$t2,lsl#16 - ldrb $t1,[$rounds,#14] - orr $s2,$s2,$t3,lsl#24 - ldrb $t2,[$rounds,#13] - ldrb $t3,[$rounds,#12] - orr $s3,$s3,$t1,lsl#8 - str $s0,[$key],#16 - orr $s3,$s3,$t2,lsl#16 - str $s1,[$key,#-12] - orr $s3,$s3,$t3,lsl#24 - str $s2,[$key,#-8] - str $s3,[$key,#-4] -#else - ldr $s0,[$rounds,#0] - ldr $s1,[$rounds,#4] - ldr $s2,[$rounds,#8] - ldr $s3,[$rounds,#12] -#ifdef __ARMEL__ - rev $s0,$s0 - rev $s1,$s1 - rev $s2,$s2 - rev $s3,$s3 -#endif - str $s0,[$key],#16 - str $s1,[$key,#-12] - str $s2,[$key,#-8] - str $s3,[$key,#-4] -#endif - - teq lr,#128 - bne .Lnot128 - mov $rounds,#10 - str $rounds,[$key,#240-16] - add $t3,$tbl,#256 @ rcon - mov lr,#255 - -.L128_loop: - and $t2,lr,$s3,lsr#24 - and $i1,lr,$s3,lsr#16 - ldrb $t2,[$tbl,$t2] - and $i2,lr,$s3,lsr#8 - ldrb $i1,[$tbl,$i1] - and $i3,lr,$s3 - ldrb $i2,[$tbl,$i2] - orr $t2,$t2,$i1,lsl#24 - ldrb $i3,[$tbl,$i3] - orr $t2,$t2,$i2,lsl#16 - ldr $t1,[$t3],#4 @ rcon[i++] - orr $t2,$t2,$i3,lsl#8 - eor $t2,$t2,$t1 - eor $s0,$s0,$t2 @ rk[4]=rk[0]^... - eor $s1,$s1,$s0 @ rk[5]=rk[1]^rk[4] - str $s0,[$key],#16 - eor $s2,$s2,$s1 @ rk[6]=rk[2]^rk[5] - str $s1,[$key,#-12] - eor $s3,$s3,$s2 @ rk[7]=rk[3]^rk[6] - str $s2,[$key,#-8] - subs $rounds,$rounds,#1 - str $s3,[$key,#-4] - bne .L128_loop - sub r2,$key,#176 - b .Ldone - -.Lnot128: -#if __ARM_ARCH__<7 || defined(__STRICT_ALIGNMENT) - ldrb $i2,[$rounds,#19] - ldrb $t1,[$rounds,#18] - ldrb $t2,[$rounds,#17] - ldrb $t3,[$rounds,#16] - orr $i2,$i2,$t1,lsl#8 - ldrb $i3,[$rounds,#23] - orr $i2,$i2,$t2,lsl#16 - ldrb $t1,[$rounds,#22] - orr $i2,$i2,$t3,lsl#24 - ldrb $t2,[$rounds,#21] - ldrb $t3,[$rounds,#20] - orr $i3,$i3,$t1,lsl#8 - orr $i3,$i3,$t2,lsl#16 - str $i2,[$key],#8 - orr $i3,$i3,$t3,lsl#24 - str $i3,[$key,#-4] -#else - ldr $i2,[$rounds,#16] - ldr $i3,[$rounds,#20] -#ifdef __ARMEL__ - rev $i2,$i2 - rev $i3,$i3 -#endif - str $i2,[$key],#8 - str $i3,[$key,#-4] -#endif - - teq lr,#192 - bne .Lnot192 - mov $rounds,#12 - str $rounds,[$key,#240-24] - add $t3,$tbl,#256 @ rcon - mov lr,#255 - mov $rounds,#8 - -.L192_loop: - and $t2,lr,$i3,lsr#24 - and $i1,lr,$i3,lsr#16 - ldrb $t2,[$tbl,$t2] - and $i2,lr,$i3,lsr#8 - ldrb $i1,[$tbl,$i1] - and $i3,lr,$i3 - ldrb $i2,[$tbl,$i2] - orr $t2,$t2,$i1,lsl#24 - ldrb $i3,[$tbl,$i3] - orr $t2,$t2,$i2,lsl#16 - ldr $t1,[$t3],#4 @ rcon[i++] - orr $t2,$t2,$i3,lsl#8 - eor $i3,$t2,$t1 - eor $s0,$s0,$i3 @ rk[6]=rk[0]^... - eor $s1,$s1,$s0 @ rk[7]=rk[1]^rk[6] - str $s0,[$key],#24 - eor $s2,$s2,$s1 @ rk[8]=rk[2]^rk[7] - str $s1,[$key,#-20] - eor $s3,$s3,$s2 @ rk[9]=rk[3]^rk[8] - str $s2,[$key,#-16] - subs $rounds,$rounds,#1 - str $s3,[$key,#-12] - subeq r2,$key,#216 - beq .Ldone - - ldr $i1,[$key,#-32] - ldr $i2,[$key,#-28] - eor $i1,$i1,$s3 @ rk[10]=rk[4]^rk[9] - eor $i3,$i2,$i1 @ rk[11]=rk[5]^rk[10] - str $i1,[$key,#-8] - str $i3,[$key,#-4] - b .L192_loop - -.Lnot192: -#if __ARM_ARCH__<7 || defined(__STRICT_ALIGNMENT) - ldrb $i2,[$rounds,#27] - ldrb $t1,[$rounds,#26] - ldrb $t2,[$rounds,#25] - ldrb $t3,[$rounds,#24] - orr $i2,$i2,$t1,lsl#8 - ldrb $i3,[$rounds,#31] - orr $i2,$i2,$t2,lsl#16 - ldrb $t1,[$rounds,#30] - orr $i2,$i2,$t3,lsl#24 - ldrb $t2,[$rounds,#29] - ldrb $t3,[$rounds,#28] - orr $i3,$i3,$t1,lsl#8 - orr $i3,$i3,$t2,lsl#16 - str $i2,[$key],#8 - orr $i3,$i3,$t3,lsl#24 - str $i3,[$key,#-4] -#else - ldr $i2,[$rounds,#24] - ldr $i3,[$rounds,#28] -#ifdef __ARMEL__ - rev $i2,$i2 - rev $i3,$i3 -#endif - str $i2,[$key],#8 - str $i3,[$key,#-4] -#endif - - mov $rounds,#14 - str $rounds,[$key,#240-32] - add $t3,$tbl,#256 @ rcon - mov lr,#255 - mov $rounds,#7 - -.L256_loop: - and $t2,lr,$i3,lsr#24 - and $i1,lr,$i3,lsr#16 - ldrb $t2,[$tbl,$t2] - and $i2,lr,$i3,lsr#8 - ldrb $i1,[$tbl,$i1] - and $i3,lr,$i3 - ldrb $i2,[$tbl,$i2] - orr $t2,$t2,$i1,lsl#24 - ldrb $i3,[$tbl,$i3] - orr $t2,$t2,$i2,lsl#16 - ldr $t1,[$t3],#4 @ rcon[i++] - orr $t2,$t2,$i3,lsl#8 - eor $i3,$t2,$t1 - eor $s0,$s0,$i3 @ rk[8]=rk[0]^... - eor $s1,$s1,$s0 @ rk[9]=rk[1]^rk[8] - str $s0,[$key],#32 - eor $s2,$s2,$s1 @ rk[10]=rk[2]^rk[9] - str $s1,[$key,#-28] - eor $s3,$s3,$s2 @ rk[11]=rk[3]^rk[10] - str $s2,[$key,#-24] - subs $rounds,$rounds,#1 - str $s3,[$key,#-20] - subeq r2,$key,#256 - beq .Ldone - - and $t2,lr,$s3 - and $i1,lr,$s3,lsr#8 - ldrb $t2,[$tbl,$t2] - and $i2,lr,$s3,lsr#16 - ldrb $i1,[$tbl,$i1] - and $i3,lr,$s3,lsr#24 - ldrb $i2,[$tbl,$i2] - orr $t2,$t2,$i1,lsl#8 - ldrb $i3,[$tbl,$i3] - orr $t2,$t2,$i2,lsl#16 - ldr $t1,[$key,#-48] - orr $t2,$t2,$i3,lsl#24 - - ldr $i1,[$key,#-44] - ldr $i2,[$key,#-40] - eor $t1,$t1,$t2 @ rk[12]=rk[4]^... - ldr $i3,[$key,#-36] - eor $i1,$i1,$t1 @ rk[13]=rk[5]^rk[12] - str $t1,[$key,#-16] - eor $i2,$i2,$i1 @ rk[14]=rk[6]^rk[13] - str $i1,[$key,#-12] - eor $i3,$i3,$i2 @ rk[15]=rk[7]^rk[14] - str $i2,[$key,#-8] - str $i3,[$key,#-4] - b .L256_loop - -.Ldone: mov r0,#0 - ldmia sp!,{r4-r12,lr} -.Labrt: tst lr,#1 - moveq pc,lr @ be binary compatible with V4, yet - bx lr @ interoperable with Thumb ISA:-) -.size aes_set_encrypt_key_internal,.-aes_set_encrypt_key_internal - -.global aes_set_decrypt_key_internal -.type aes_set_decrypt_key_internal,%function -.align 5 -aes_set_decrypt_key_internal: - str lr,[sp,#-4]! @ push lr - bl _armv4_AES_set_encrypt_key - teq r0,#0 - ldrne lr,[sp],#4 @ pop lr - bne .Labrt - - stmdb sp!,{r4-r12} - - ldr $rounds,[r2,#240] @ AES_set_encrypt_key preserves r2, - mov $key,r2 @ which is AES_KEY *key - mov $i1,r2 - add $i2,r2,$rounds,lsl#4 - -.Linv: ldr $s0,[$i1] - ldr $s1,[$i1,#4] - ldr $s2,[$i1,#8] - ldr $s3,[$i1,#12] - ldr $t1,[$i2] - ldr $t2,[$i2,#4] - ldr $t3,[$i2,#8] - ldr $i3,[$i2,#12] - str $s0,[$i2],#-16 - str $s1,[$i2,#16+4] - str $s2,[$i2,#16+8] - str $s3,[$i2,#16+12] - str $t1,[$i1],#16 - str $t2,[$i1,#-12] - str $t3,[$i1,#-8] - str $i3,[$i1,#-4] - teq $i1,$i2 - bne .Linv -___ -$mask80=$i1; -$mask1b=$i2; -$mask7f=$i3; -$code.=<<___; - ldr $s0,[$key,#16]! @ prefetch tp1 - mov $mask80,#0x80 - mov $mask1b,#0x1b - orr $mask80,$mask80,#0x8000 - orr $mask1b,$mask1b,#0x1b00 - orr $mask80,$mask80,$mask80,lsl#16 - orr $mask1b,$mask1b,$mask1b,lsl#16 - sub $rounds,$rounds,#1 - mvn $mask7f,$mask80 - mov $rounds,$rounds,lsl#2 @ (rounds-1)*4 - -.Lmix: and $t1,$s0,$mask80 - and $s1,$s0,$mask7f - sub $t1,$t1,$t1,lsr#7 - and $t1,$t1,$mask1b - eor $s1,$t1,$s1,lsl#1 @ tp2 - - and $t1,$s1,$mask80 - and $s2,$s1,$mask7f - sub $t1,$t1,$t1,lsr#7 - and $t1,$t1,$mask1b - eor $s2,$t1,$s2,lsl#1 @ tp4 - - and $t1,$s2,$mask80 - and $s3,$s2,$mask7f - sub $t1,$t1,$t1,lsr#7 - and $t1,$t1,$mask1b - eor $s3,$t1,$s3,lsl#1 @ tp8 - - eor $t1,$s1,$s2 - eor $t2,$s0,$s3 @ tp9 - eor $t1,$t1,$s3 @ tpe - eor $t1,$t1,$s1,ror#24 - eor $t1,$t1,$t2,ror#24 @ ^= ROTATE(tpb=tp9^tp2,8) - eor $t1,$t1,$s2,ror#16 - eor $t1,$t1,$t2,ror#16 @ ^= ROTATE(tpd=tp9^tp4,16) - eor $t1,$t1,$t2,ror#8 @ ^= ROTATE(tp9,24) - - ldr $s0,[$key,#4] @ prefetch tp1 - str $t1,[$key],#4 - subs $rounds,$rounds,#1 - bne .Lmix - - mov r0,#0 -#if __ARM_ARCH__>=5 - ldmia sp!,{r4-r12,pc} -#else - ldmia sp!,{r4-r12,lr} - tst lr,#1 - moveq pc,lr @ be binary compatible with V4, yet - bx lr @ interoperable with Thumb ISA:-) -#endif -.size aes_set_decrypt_key_internal,.-aes_set_decrypt_key_internal - -.type AES_Td,%object -.align 5 -AES_Td: -.word 0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96 -.word 0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393 -.word 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25 -.word 0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f -.word 0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1 -.word 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6 -.word 0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da -.word 0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844 -.word 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd -.word 0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4 -.word 0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45 -.word 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94 -.word 0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7 -.word 0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a -.word 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5 -.word 0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c -.word 0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1 -.word 0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a -.word 0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75 -.word 0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051 -.word 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46 -.word 0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff -.word 0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77 -.word 0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb -.word 0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000 -.word 0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e -.word 0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927 -.word 0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a -.word 0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e -.word 0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16 -.word 0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d -.word 0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8 -.word 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd -.word 0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34 -.word 0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163 -.word 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120 -.word 0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d -.word 0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0 -.word 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422 -.word 0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef -.word 0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36 -.word 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4 -.word 0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662 -.word 0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5 -.word 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3 -.word 0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b -.word 0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8 -.word 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6 -.word 0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6 -.word 0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0 -.word 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815 -.word 0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f -.word 0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df -.word 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f -.word 0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e -.word 0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713 -.word 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89 -.word 0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c -.word 0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf -.word 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86 -.word 0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f -.word 0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541 -.word 0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190 -.word 0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742 -@ Td4[256] -.byte 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38 -.byte 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb -.byte 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87 -.byte 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb -.byte 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d -.byte 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e -.byte 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2 -.byte 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25 -.byte 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16 -.byte 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92 -.byte 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda -.byte 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84 -.byte 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a -.byte 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06 -.byte 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02 -.byte 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b -.byte 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea -.byte 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73 -.byte 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85 -.byte 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e -.byte 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89 -.byte 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b -.byte 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20 -.byte 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4 -.byte 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31 -.byte 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f -.byte 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d -.byte 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef -.byte 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0 -.byte 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61 -.byte 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26 -.byte 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d -.size AES_Td,.-AES_Td - -@ void aes_decrypt_internal(const unsigned char *in, unsigned char *out, -@ const AES_KEY *key) { -.global aes_decrypt_internal -.type aes_decrypt_internal,%function -.align 5 -aes_decrypt_internal: - sub r3,pc,#8 @ aes_decrypt_internal - stmdb sp!,{r1,r4-r12,lr} - mov $rounds,r0 @ inp - mov $key,r2 - sub $tbl,r3,#aes_decrypt_internal-AES_Td @ Td -#if __ARM_ARCH__<7 || defined(__STRICT_ALIGNMENT) - ldrb $s0,[$rounds,#3] @ load input data in endian-neutral - ldrb $t1,[$rounds,#2] @ manner... - ldrb $t2,[$rounds,#1] - ldrb $t3,[$rounds,#0] - orr $s0,$s0,$t1,lsl#8 - ldrb $s1,[$rounds,#7] - orr $s0,$s0,$t2,lsl#16 - ldrb $t1,[$rounds,#6] - orr $s0,$s0,$t3,lsl#24 - ldrb $t2,[$rounds,#5] - ldrb $t3,[$rounds,#4] - orr $s1,$s1,$t1,lsl#8 - ldrb $s2,[$rounds,#11] - orr $s1,$s1,$t2,lsl#16 - ldrb $t1,[$rounds,#10] - orr $s1,$s1,$t3,lsl#24 - ldrb $t2,[$rounds,#9] - ldrb $t3,[$rounds,#8] - orr $s2,$s2,$t1,lsl#8 - ldrb $s3,[$rounds,#15] - orr $s2,$s2,$t2,lsl#16 - ldrb $t1,[$rounds,#14] - orr $s2,$s2,$t3,lsl#24 - ldrb $t2,[$rounds,#13] - ldrb $t3,[$rounds,#12] - orr $s3,$s3,$t1,lsl#8 - orr $s3,$s3,$t2,lsl#16 - orr $s3,$s3,$t3,lsl#24 -#else - ldr $s0,[$rounds,#0] - ldr $s1,[$rounds,#4] - ldr $s2,[$rounds,#8] - ldr $s3,[$rounds,#12] -#ifdef __ARMEL__ - rev $s0,$s0 - rev $s1,$s1 - rev $s2,$s2 - rev $s3,$s3 -#endif -#endif - bl _armv4_AES_decrypt - - ldr $rounds,[sp],#4 @ pop out -#if __ARM_ARCH__>=7 && !defined(__STRICT_ALIGNMENT) -#ifdef __ARMEL__ - rev $s0,$s0 - rev $s1,$s1 - rev $s2,$s2 - rev $s3,$s3 -#endif - str $s0,[$rounds,#0] - str $s1,[$rounds,#4] - str $s2,[$rounds,#8] - str $s3,[$rounds,#12] -#else - mov $t1,$s0,lsr#24 @ write output in endian-neutral - mov $t2,$s0,lsr#16 @ manner... - mov $t3,$s0,lsr#8 - strb $t1,[$rounds,#0] - strb $t2,[$rounds,#1] - mov $t1,$s1,lsr#24 - strb $t3,[$rounds,#2] - mov $t2,$s1,lsr#16 - strb $s0,[$rounds,#3] - mov $t3,$s1,lsr#8 - strb $t1,[$rounds,#4] - strb $t2,[$rounds,#5] - mov $t1,$s2,lsr#24 - strb $t3,[$rounds,#6] - mov $t2,$s2,lsr#16 - strb $s1,[$rounds,#7] - mov $t3,$s2,lsr#8 - strb $t1,[$rounds,#8] - strb $t2,[$rounds,#9] - mov $t1,$s3,lsr#24 - strb $t3,[$rounds,#10] - mov $t2,$s3,lsr#16 - strb $s2,[$rounds,#11] - mov $t3,$s3,lsr#8 - strb $t1,[$rounds,#12] - strb $t2,[$rounds,#13] - strb $t3,[$rounds,#14] - strb $s3,[$rounds,#15] -#endif -#if __ARM_ARCH__>=5 - ldmia sp!,{r4-r12,pc} -#else - ldmia sp!,{r4-r12,lr} - tst lr,#1 - moveq pc,lr @ be binary compatible with V4, yet - bx lr @ interoperable with Thumb ISA:-) -#endif -.size aes_decrypt_internal,.-aes_decrypt_internal - -.type _armv4_AES_decrypt,%function -.align 2 -_armv4_AES_decrypt: - str lr,[sp,#-4]! @ push lr - ldmia $key!,{$t1-$i1} - eor $s0,$s0,$t1 - ldr $rounds,[$key,#240-16] - eor $s1,$s1,$t2 - eor $s2,$s2,$t3 - eor $s3,$s3,$i1 - sub $rounds,$rounds,#1 - mov lr,#255 - - and $i1,lr,$s0,lsr#16 - and $i2,lr,$s0,lsr#8 - and $i3,lr,$s0 - mov $s0,$s0,lsr#24 -.Ldec_loop: - ldr $t1,[$tbl,$i1,lsl#2] @ Td1[s0>>16] - and $i1,lr,$s1 @ i0 - ldr $t2,[$tbl,$i2,lsl#2] @ Td2[s0>>8] - and $i2,lr,$s1,lsr#16 - ldr $t3,[$tbl,$i3,lsl#2] @ Td3[s0>>0] - and $i3,lr,$s1,lsr#8 - ldr $s0,[$tbl,$s0,lsl#2] @ Td0[s0>>24] - mov $s1,$s1,lsr#24 - - ldr $i1,[$tbl,$i1,lsl#2] @ Td3[s1>>0] - ldr $i2,[$tbl,$i2,lsl#2] @ Td1[s1>>16] - ldr $i3,[$tbl,$i3,lsl#2] @ Td2[s1>>8] - eor $s0,$s0,$i1,ror#24 - ldr $s1,[$tbl,$s1,lsl#2] @ Td0[s1>>24] - and $i1,lr,$s2,lsr#8 @ i0 - eor $t2,$i2,$t2,ror#8 - and $i2,lr,$s2 @ i1 - eor $t3,$i3,$t3,ror#8 - and $i3,lr,$s2,lsr#16 - ldr $i1,[$tbl,$i1,lsl#2] @ Td2[s2>>8] - eor $s1,$s1,$t1,ror#8 - ldr $i2,[$tbl,$i2,lsl#2] @ Td3[s2>>0] - mov $s2,$s2,lsr#24 - - ldr $i3,[$tbl,$i3,lsl#2] @ Td1[s2>>16] - eor $s0,$s0,$i1,ror#16 - ldr $s2,[$tbl,$s2,lsl#2] @ Td0[s2>>24] - and $i1,lr,$s3,lsr#16 @ i0 - eor $s1,$s1,$i2,ror#24 - and $i2,lr,$s3,lsr#8 @ i1 - eor $t3,$i3,$t3,ror#8 - and $i3,lr,$s3 @ i2 - ldr $i1,[$tbl,$i1,lsl#2] @ Td1[s3>>16] - eor $s2,$s2,$t2,ror#8 - ldr $i2,[$tbl,$i2,lsl#2] @ Td2[s3>>8] - mov $s3,$s3,lsr#24 - - ldr $i3,[$tbl,$i3,lsl#2] @ Td3[s3>>0] - eor $s0,$s0,$i1,ror#8 - ldr $i1,[$key],#16 - eor $s1,$s1,$i2,ror#16 - ldr $s3,[$tbl,$s3,lsl#2] @ Td0[s3>>24] - eor $s2,$s2,$i3,ror#24 - - ldr $t1,[$key,#-12] - eor $s0,$s0,$i1 - ldr $t2,[$key,#-8] - eor $s3,$s3,$t3,ror#8 - ldr $t3,[$key,#-4] - and $i1,lr,$s0,lsr#16 - eor $s1,$s1,$t1 - and $i2,lr,$s0,lsr#8 - eor $s2,$s2,$t2 - and $i3,lr,$s0 - eor $s3,$s3,$t3 - mov $s0,$s0,lsr#24 - - subs $rounds,$rounds,#1 - bne .Ldec_loop - - add $tbl,$tbl,#1024 - - ldr $t2,[$tbl,#0] @ prefetch Td4 - ldr $t3,[$tbl,#32] - ldr $t1,[$tbl,#64] - ldr $t2,[$tbl,#96] - ldr $t3,[$tbl,#128] - ldr $t1,[$tbl,#160] - ldr $t2,[$tbl,#192] - ldr $t3,[$tbl,#224] - - ldrb $s0,[$tbl,$s0] @ Td4[s0>>24] - ldrb $t1,[$tbl,$i1] @ Td4[s0>>16] - and $i1,lr,$s1 @ i0 - ldrb $t2,[$tbl,$i2] @ Td4[s0>>8] - and $i2,lr,$s1,lsr#16 - ldrb $t3,[$tbl,$i3] @ Td4[s0>>0] - and $i3,lr,$s1,lsr#8 - - ldrb $i1,[$tbl,$i1] @ Td4[s1>>0] - ldrb $s1,[$tbl,$s1,lsr#24] @ Td4[s1>>24] - ldrb $i2,[$tbl,$i2] @ Td4[s1>>16] - eor $s0,$i1,$s0,lsl#24 - ldrb $i3,[$tbl,$i3] @ Td4[s1>>8] - eor $s1,$t1,$s1,lsl#8 - and $i1,lr,$s2,lsr#8 @ i0 - eor $t2,$t2,$i2,lsl#8 - and $i2,lr,$s2 @ i1 - ldrb $i1,[$tbl,$i1] @ Td4[s2>>8] - eor $t3,$t3,$i3,lsl#8 - ldrb $i2,[$tbl,$i2] @ Td4[s2>>0] - and $i3,lr,$s2,lsr#16 - - ldrb $s2,[$tbl,$s2,lsr#24] @ Td4[s2>>24] - eor $s0,$s0,$i1,lsl#8 - ldrb $i3,[$tbl,$i3] @ Td4[s2>>16] - eor $s1,$i2,$s1,lsl#16 - and $i1,lr,$s3,lsr#16 @ i0 - eor $s2,$t2,$s2,lsl#16 - and $i2,lr,$s3,lsr#8 @ i1 - ldrb $i1,[$tbl,$i1] @ Td4[s3>>16] - eor $t3,$t3,$i3,lsl#16 - ldrb $i2,[$tbl,$i2] @ Td4[s3>>8] - and $i3,lr,$s3 @ i2 - - ldrb $i3,[$tbl,$i3] @ Td4[s3>>0] - ldrb $s3,[$tbl,$s3,lsr#24] @ Td4[s3>>24] - eor $s0,$s0,$i1,lsl#16 - ldr $i1,[$key,#0] - eor $s1,$s1,$i2,lsl#8 - ldr $t1,[$key,#4] - eor $s2,$i3,$s2,lsl#8 - ldr $t2,[$key,#8] - eor $s3,$t3,$s3,lsl#24 - ldr $t3,[$key,#12] - - eor $s0,$s0,$i1 - eor $s1,$s1,$t1 - eor $s2,$s2,$t2 - eor $s3,$s3,$t3 - - sub $tbl,$tbl,#1024 - ldr pc,[sp],#4 @ pop and return -.size _armv4_AES_decrypt,.-_armv4_AES_decrypt -.asciz "AES for ARMv4, CRYPTOGAMS by " -.align 2 -___ - -$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm; # make it possible to compile with -march=armv4 -print $code; -close STDOUT; # enforce flush diff --git a/src/lib/libcrypto/aes/asm/aes-mips.pl b/src/lib/libcrypto/aes/asm/aes-mips.pl deleted file mode 100644 index 9a5df878f5..0000000000 --- a/src/lib/libcrypto/aes/asm/aes-mips.pl +++ /dev/null @@ -1,1613 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# AES for MIPS - -# October 2010 -# -# Code uses 1K[+256B] S-box and on single-issue core [such as R5000] -# spends ~68 cycles per byte processed with 128-bit key. This is ~16% -# faster than gcc-generated code, which is not very impressive. But -# recall that compressed S-box requires extra processing, namely -# additional rotations. Rotations are implemented with lwl/lwr pairs, -# which is normally used for loading unaligned data. Another cool -# thing about this module is its endian neutrality, which means that -# it processes data without ever changing byte order... - -###################################################################### -# There is a number of MIPS ABI in use, O32 and N32/64 are most -# widely used. Then there is a new contender: NUBI. It appears that if -# one picks the latter, it's possible to arrange code in ABI neutral -# manner. Therefore let's stick to NUBI register layout: -# -($zero,$at,$t0,$t1,$t2)=map("\$$_",(0..2,24,25)); -($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11)); -($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7,$s8,$s9,$s10,$s11)=map("\$$_",(12..23)); -($gp,$tp,$sp,$fp,$ra)=map("\$$_",(3,28..31)); -# -# The return value is placed in $a0. Following coding rules facilitate -# interoperability: -# -# - never ever touch $tp, "thread pointer", former $gp; -# - copy return value to $t0, former $v0 [or to $a0 if you're adapting -# old code]; -# - on O32 populate $a4-$a7 with 'lw $aN,4*N($sp)' if necessary; -# -# For reference here is register layout for N32/64 MIPS ABIs: -# -# ($zero,$at,$v0,$v1)=map("\$$_",(0..3)); -# ($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11)); -# ($t0,$t1,$t2,$t3,$t8,$t9)=map("\$$_",(12..15,24,25)); -# ($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7)=map("\$$_",(16..23)); -# ($gp,$sp,$fp,$ra)=map("\$$_",(28..31)); -# -$flavour = shift; # supported flavours are o32,n32,64,nubi32,nubi64 - -if ($flavour =~ /64/i) { - $LA="dla"; -} else { - $LA="la"; -} - -if ($flavour =~ /64|n32/i) { - $PTR_ADD="dadd"; # incidentally works even on n32 - $PTR_SUB="dsub"; # incidentally works even on n32 - $REG_S="sd"; - $REG_L="ld"; - $PTR_SLL="dsll"; # incidentally works even on n32 - $SZREG=8; -} else { - $PTR_ADD="add"; - $PTR_SUB="sub"; - $REG_S="sw"; - $REG_L="lw"; - $PTR_SLL="sll"; - $SZREG=4; -} -$pf = ($flavour =~ /nubi/i) ? $t0 : $t2; -# -# -# -###################################################################### - -$big_endian=(`echo MIPSEL | $ENV{CC} -E -P -`=~/MIPSEL/)?1:0; - -for (@ARGV) { $output=$_ if (/^\w[\w\-]*\.\w+$/); } -open STDOUT,">$output"; - -if (!defined($big_endian)) -{ $big_endian=(unpack('L',pack('N',1))==1); } - -while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {} -open STDOUT,">$output"; - -my ($MSB,$LSB)=(0,3); # automatically converted to little-endian - -$code.=<<___; -.text -#if !defined(__vxworks) || defined(__pic__) -.option pic2 -#endif -.set noat -___ - -{{{ -my $FRAMESIZE=16*$SZREG; -my $SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0xc0fff008 : 0xc0ff0000; - -my ($inp,$out,$key,$Tbl,$s0,$s1,$s2,$s3)=($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7); -my ($i0,$i1,$i2,$i3)=($at,$t0,$t1,$t2); -my ($t0,$t1,$t2,$t3,$t4,$t5,$t6,$t7,$t8,$t9,$t10,$t11) = map("\$$_",(12..23)); -my ($key0,$cnt)=($gp,$fp); - -# instruction ordering is "stolen" from output from MIPSpro assembler -# invoked with -mips3 -O3 arguments... -$code.=<<___; -.align 5 -.ent _mips_AES_encrypt -_mips_AES_encrypt: - .frame $sp,0,$ra - .set reorder - lw $t0,0($key) - lw $t1,4($key) - lw $t2,8($key) - lw $t3,12($key) - lw $cnt,240($key) - $PTR_ADD $key0,$key,16 - - xor $s0,$t0 - xor $s1,$t1 - xor $s2,$t2 - xor $s3,$t3 - - sub $cnt,1 - _xtr $i0,$s1,16-2 -.Loop_enc: - _xtr $i1,$s2,16-2 - _xtr $i2,$s3,16-2 - _xtr $i3,$s0,16-2 - and $i0,0x3fc - and $i1,0x3fc - and $i2,0x3fc - and $i3,0x3fc - $PTR_ADD $i0,$Tbl - $PTR_ADD $i1,$Tbl - $PTR_ADD $i2,$Tbl - $PTR_ADD $i3,$Tbl - lwl $t0,3($i0) # Te1[s1>>16] - lwl $t1,3($i1) # Te1[s2>>16] - lwl $t2,3($i2) # Te1[s3>>16] - lwl $t3,3($i3) # Te1[s0>>16] - lwr $t0,2($i0) # Te1[s1>>16] - lwr $t1,2($i1) # Te1[s2>>16] - lwr $t2,2($i2) # Te1[s3>>16] - lwr $t3,2($i3) # Te1[s0>>16] - - _xtr $i0,$s2,8-2 - _xtr $i1,$s3,8-2 - _xtr $i2,$s0,8-2 - _xtr $i3,$s1,8-2 - and $i0,0x3fc - and $i1,0x3fc - and $i2,0x3fc - and $i3,0x3fc - $PTR_ADD $i0,$Tbl - $PTR_ADD $i1,$Tbl - $PTR_ADD $i2,$Tbl - $PTR_ADD $i3,$Tbl - lwl $t4,2($i0) # Te2[s2>>8] - lwl $t5,2($i1) # Te2[s3>>8] - lwl $t6,2($i2) # Te2[s0>>8] - lwl $t7,2($i3) # Te2[s1>>8] - lwr $t4,1($i0) # Te2[s2>>8] - lwr $t5,1($i1) # Te2[s3>>8] - lwr $t6,1($i2) # Te2[s0>>8] - lwr $t7,1($i3) # Te2[s1>>8] - - _xtr $i0,$s3,0-2 - _xtr $i1,$s0,0-2 - _xtr $i2,$s1,0-2 - _xtr $i3,$s2,0-2 - and $i0,0x3fc - and $i1,0x3fc - and $i2,0x3fc - and $i3,0x3fc - $PTR_ADD $i0,$Tbl - $PTR_ADD $i1,$Tbl - $PTR_ADD $i2,$Tbl - $PTR_ADD $i3,$Tbl - lwl $t8,1($i0) # Te3[s3] - lwl $t9,1($i1) # Te3[s0] - lwl $t10,1($i2) # Te3[s1] - lwl $t11,1($i3) # Te3[s2] - lwr $t8,0($i0) # Te3[s3] - lwr $t9,0($i1) # Te3[s0] - lwr $t10,0($i2) # Te3[s1] - lwr $t11,0($i3) # Te3[s2] - - _xtr $i0,$s0,24-2 - _xtr $i1,$s1,24-2 - _xtr $i2,$s2,24-2 - _xtr $i3,$s3,24-2 - and $i0,0x3fc - and $i1,0x3fc - and $i2,0x3fc - and $i3,0x3fc - $PTR_ADD $i0,$Tbl - $PTR_ADD $i1,$Tbl - $PTR_ADD $i2,$Tbl - $PTR_ADD $i3,$Tbl - xor $t0,$t4 - xor $t1,$t5 - xor $t2,$t6 - xor $t3,$t7 - lw $t4,0($i0) # Te0[s0>>24] - lw $t5,0($i1) # Te0[s1>>24] - lw $t6,0($i2) # Te0[s2>>24] - lw $t7,0($i3) # Te0[s3>>24] - - lw $s0,0($key0) - lw $s1,4($key0) - lw $s2,8($key0) - lw $s3,12($key0) - - xor $t0,$t8 - xor $t1,$t9 - xor $t2,$t10 - xor $t3,$t11 - - xor $t0,$t4 - xor $t1,$t5 - xor $t2,$t6 - xor $t3,$t7 - - sub $cnt,1 - $PTR_ADD $key0,16 - xor $s0,$t0 - xor $s1,$t1 - xor $s2,$t2 - xor $s3,$t3 - .set noreorder - bnez $cnt,.Loop_enc - _xtr $i0,$s1,16-2 - - .set reorder - _xtr $i1,$s2,16-2 - _xtr $i2,$s3,16-2 - _xtr $i3,$s0,16-2 - and $i0,0x3fc - and $i1,0x3fc - and $i2,0x3fc - and $i3,0x3fc - $PTR_ADD $i0,$Tbl - $PTR_ADD $i1,$Tbl - $PTR_ADD $i2,$Tbl - $PTR_ADD $i3,$Tbl - lbu $t0,2($i0) # Te4[s1>>16] - lbu $t1,2($i1) # Te4[s2>>16] - lbu $t2,2($i2) # Te4[s3>>16] - lbu $t3,2($i3) # Te4[s0>>16] - - _xtr $i0,$s2,8-2 - _xtr $i1,$s3,8-2 - _xtr $i2,$s0,8-2 - _xtr $i3,$s1,8-2 - and $i0,0x3fc - and $i1,0x3fc - and $i2,0x3fc - and $i3,0x3fc - $PTR_ADD $i0,$Tbl - $PTR_ADD $i1,$Tbl - $PTR_ADD $i2,$Tbl - $PTR_ADD $i3,$Tbl - lbu $t4,2($i0) # Te4[s2>>8] - lbu $t5,2($i1) # Te4[s3>>8] - lbu $t6,2($i2) # Te4[s0>>8] - lbu $t7,2($i3) # Te4[s1>>8] - - _xtr $i0,$s0,24-2 - _xtr $i1,$s1,24-2 - _xtr $i2,$s2,24-2 - _xtr $i3,$s3,24-2 - and $i0,0x3fc - and $i1,0x3fc - and $i2,0x3fc - and $i3,0x3fc - $PTR_ADD $i0,$Tbl - $PTR_ADD $i1,$Tbl - $PTR_ADD $i2,$Tbl - $PTR_ADD $i3,$Tbl - lbu $t8,2($i0) # Te4[s0>>24] - lbu $t9,2($i1) # Te4[s1>>24] - lbu $t10,2($i2) # Te4[s2>>24] - lbu $t11,2($i3) # Te4[s3>>24] - - _xtr $i0,$s3,0-2 - _xtr $i1,$s0,0-2 - _xtr $i2,$s1,0-2 - _xtr $i3,$s2,0-2 - and $i0,0x3fc - and $i1,0x3fc - and $i2,0x3fc - and $i3,0x3fc - - _ins $t0,16 - _ins $t1,16 - _ins $t2,16 - _ins $t3,16 - - _ins $t4,8 - _ins $t5,8 - _ins $t6,8 - _ins $t7,8 - - xor $t0,$t4 - xor $t1,$t5 - xor $t2,$t6 - xor $t3,$t7 - - $PTR_ADD $i0,$Tbl - $PTR_ADD $i1,$Tbl - $PTR_ADD $i2,$Tbl - $PTR_ADD $i3,$Tbl - lbu $t4,2($i0) # Te4[s3] - lbu $t5,2($i1) # Te4[s0] - lbu $t6,2($i2) # Te4[s1] - lbu $t7,2($i3) # Te4[s2] - - _ins $t8,24 - _ins $t9,24 - _ins $t10,24 - _ins $t11,24 - - lw $s0,0($key0) - lw $s1,4($key0) - lw $s2,8($key0) - lw $s3,12($key0) - - xor $t0,$t8 - xor $t1,$t9 - xor $t2,$t10 - xor $t3,$t11 - - _ins $t4,0 - _ins $t5,0 - _ins $t6,0 - _ins $t7,0 - - xor $t0,$t4 - xor $t1,$t5 - xor $t2,$t6 - xor $t3,$t7 - - xor $s0,$t0 - xor $s1,$t1 - xor $s2,$t2 - xor $s3,$t3 - - jr $ra -.end _mips_AES_encrypt - -.align 5 -.globl aes_encrypt_internal -.ent aes_encrypt_internal -aes_encrypt_internal: - .frame $sp,$FRAMESIZE,$ra - .mask $SAVED_REGS_MASK,-$SZREG - .set noreorder -___ -$code.=<<___ if ($flavour =~ /o32/i); # o32 PIC-ification - .cpload $pf -___ -$code.=<<___; - $PTR_SUB $sp,$FRAMESIZE - $REG_S $ra,$FRAMESIZE-1*$SZREG($sp) - $REG_S $fp,$FRAMESIZE-2*$SZREG($sp) - $REG_S $s11,$FRAMESIZE-3*$SZREG($sp) - $REG_S $s10,$FRAMESIZE-4*$SZREG($sp) - $REG_S $s9,$FRAMESIZE-5*$SZREG($sp) - $REG_S $s8,$FRAMESIZE-6*$SZREG($sp) - $REG_S $s7,$FRAMESIZE-7*$SZREG($sp) - $REG_S $s6,$FRAMESIZE-8*$SZREG($sp) - $REG_S $s5,$FRAMESIZE-9*$SZREG($sp) - $REG_S $s4,$FRAMESIZE-10*$SZREG($sp) -___ -$code.=<<___ if ($flavour =~ /nubi/i); # optimize non-nubi prologue - $REG_S \$15,$FRAMESIZE-11*$SZREG($sp) - $REG_S \$14,$FRAMESIZE-12*$SZREG($sp) - $REG_S \$13,$FRAMESIZE-13*$SZREG($sp) - $REG_S \$12,$FRAMESIZE-14*$SZREG($sp) - $REG_S $gp,$FRAMESIZE-15*$SZREG($sp) -___ -$code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification - .cplocal $Tbl - .cpsetup $pf,$zero,aes_encrypt_internal -___ -$code.=<<___; - .set reorder - $LA $Tbl,AES_Te # PIC-ified 'load address' - - lwl $s0,0+$MSB($inp) - lwl $s1,4+$MSB($inp) - lwl $s2,8+$MSB($inp) - lwl $s3,12+$MSB($inp) - lwr $s0,0+$LSB($inp) - lwr $s1,4+$LSB($inp) - lwr $s2,8+$LSB($inp) - lwr $s3,12+$LSB($inp) - - bal _mips_AES_encrypt - - swr $s0,0+$LSB($out) - swr $s1,4+$LSB($out) - swr $s2,8+$LSB($out) - swr $s3,12+$LSB($out) - swl $s0,0+$MSB($out) - swl $s1,4+$MSB($out) - swl $s2,8+$MSB($out) - swl $s3,12+$MSB($out) - - .set noreorder - $REG_L $ra,$FRAMESIZE-1*$SZREG($sp) - $REG_L $fp,$FRAMESIZE-2*$SZREG($sp) - $REG_L $s11,$FRAMESIZE-3*$SZREG($sp) - $REG_L $s10,$FRAMESIZE-4*$SZREG($sp) - $REG_L $s9,$FRAMESIZE-5*$SZREG($sp) - $REG_L $s8,$FRAMESIZE-6*$SZREG($sp) - $REG_L $s7,$FRAMESIZE-7*$SZREG($sp) - $REG_L $s6,$FRAMESIZE-8*$SZREG($sp) - $REG_L $s5,$FRAMESIZE-9*$SZREG($sp) - $REG_L $s4,$FRAMESIZE-10*$SZREG($sp) -___ -$code.=<<___ if ($flavour =~ /nubi/i); - $REG_L \$15,$FRAMESIZE-11*$SZREG($sp) - $REG_L \$14,$FRAMESIZE-12*$SZREG($sp) - $REG_L \$13,$FRAMESIZE-13*$SZREG($sp) - $REG_L \$12,$FRAMESIZE-14*$SZREG($sp) - $REG_L $gp,$FRAMESIZE-15*$SZREG($sp) -___ -$code.=<<___; - jr $ra - $PTR_ADD $sp,$FRAMESIZE -.end aes_encrypt_internal -___ - -$code.=<<___; -.align 5 -.ent _mips_AES_decrypt -_mips_AES_decrypt: - .frame $sp,0,$ra - .set reorder - lw $t0,0($key) - lw $t1,4($key) - lw $t2,8($key) - lw $t3,12($key) - lw $cnt,240($key) - $PTR_ADD $key0,$key,16 - - xor $s0,$t0 - xor $s1,$t1 - xor $s2,$t2 - xor $s3,$t3 - - sub $cnt,1 - _xtr $i0,$s3,16-2 -.Loop_dec: - _xtr $i1,$s0,16-2 - _xtr $i2,$s1,16-2 - _xtr $i3,$s2,16-2 - and $i0,0x3fc - and $i1,0x3fc - and $i2,0x3fc - and $i3,0x3fc - $PTR_ADD $i0,$Tbl - $PTR_ADD $i1,$Tbl - $PTR_ADD $i2,$Tbl - $PTR_ADD $i3,$Tbl - lwl $t0,3($i0) # Td1[s3>>16] - lwl $t1,3($i1) # Td1[s0>>16] - lwl $t2,3($i2) # Td1[s1>>16] - lwl $t3,3($i3) # Td1[s2>>16] - lwr $t0,2($i0) # Td1[s3>>16] - lwr $t1,2($i1) # Td1[s0>>16] - lwr $t2,2($i2) # Td1[s1>>16] - lwr $t3,2($i3) # Td1[s2>>16] - - _xtr $i0,$s2,8-2 - _xtr $i1,$s3,8-2 - _xtr $i2,$s0,8-2 - _xtr $i3,$s1,8-2 - and $i0,0x3fc - and $i1,0x3fc - and $i2,0x3fc - and $i3,0x3fc - $PTR_ADD $i0,$Tbl - $PTR_ADD $i1,$Tbl - $PTR_ADD $i2,$Tbl - $PTR_ADD $i3,$Tbl - lwl $t4,2($i0) # Td2[s2>>8] - lwl $t5,2($i1) # Td2[s3>>8] - lwl $t6,2($i2) # Td2[s0>>8] - lwl $t7,2($i3) # Td2[s1>>8] - lwr $t4,1($i0) # Td2[s2>>8] - lwr $t5,1($i1) # Td2[s3>>8] - lwr $t6,1($i2) # Td2[s0>>8] - lwr $t7,1($i3) # Td2[s1>>8] - - _xtr $i0,$s1,0-2 - _xtr $i1,$s2,0-2 - _xtr $i2,$s3,0-2 - _xtr $i3,$s0,0-2 - and $i0,0x3fc - and $i1,0x3fc - and $i2,0x3fc - and $i3,0x3fc - $PTR_ADD $i0,$Tbl - $PTR_ADD $i1,$Tbl - $PTR_ADD $i2,$Tbl - $PTR_ADD $i3,$Tbl - lwl $t8,1($i0) # Td3[s1] - lwl $t9,1($i1) # Td3[s2] - lwl $t10,1($i2) # Td3[s3] - lwl $t11,1($i3) # Td3[s0] - lwr $t8,0($i0) # Td3[s1] - lwr $t9,0($i1) # Td3[s2] - lwr $t10,0($i2) # Td3[s3] - lwr $t11,0($i3) # Td3[s0] - - _xtr $i0,$s0,24-2 - _xtr $i1,$s1,24-2 - _xtr $i2,$s2,24-2 - _xtr $i3,$s3,24-2 - and $i0,0x3fc - and $i1,0x3fc - and $i2,0x3fc - and $i3,0x3fc - $PTR_ADD $i0,$Tbl - $PTR_ADD $i1,$Tbl - $PTR_ADD $i2,$Tbl - $PTR_ADD $i3,$Tbl - - xor $t0,$t4 - xor $t1,$t5 - xor $t2,$t6 - xor $t3,$t7 - - - lw $t4,0($i0) # Td0[s0>>24] - lw $t5,0($i1) # Td0[s1>>24] - lw $t6,0($i2) # Td0[s2>>24] - lw $t7,0($i3) # Td0[s3>>24] - - lw $s0,0($key0) - lw $s1,4($key0) - lw $s2,8($key0) - lw $s3,12($key0) - - xor $t0,$t8 - xor $t1,$t9 - xor $t2,$t10 - xor $t3,$t11 - - xor $t0,$t4 - xor $t1,$t5 - xor $t2,$t6 - xor $t3,$t7 - - sub $cnt,1 - $PTR_ADD $key0,16 - xor $s0,$t0 - xor $s1,$t1 - xor $s2,$t2 - xor $s3,$t3 - .set noreorder - bnez $cnt,.Loop_dec - _xtr $i0,$s3,16-2 - - .set reorder - lw $t4,1024($Tbl) # prefetch Td4 - lw $t5,1024+32($Tbl) - lw $t6,1024+64($Tbl) - lw $t7,1024+96($Tbl) - lw $t8,1024+128($Tbl) - lw $t9,1024+160($Tbl) - lw $t10,1024+192($Tbl) - lw $t11,1024+224($Tbl) - - _xtr $i0,$s3,16 - _xtr $i1,$s0,16 - _xtr $i2,$s1,16 - _xtr $i3,$s2,16 - and $i0,0xff - and $i1,0xff - and $i2,0xff - and $i3,0xff - $PTR_ADD $i0,$Tbl - $PTR_ADD $i1,$Tbl - $PTR_ADD $i2,$Tbl - $PTR_ADD $i3,$Tbl - lbu $t0,1024($i0) # Td4[s3>>16] - lbu $t1,1024($i1) # Td4[s0>>16] - lbu $t2,1024($i2) # Td4[s1>>16] - lbu $t3,1024($i3) # Td4[s2>>16] - - _xtr $i0,$s2,8 - _xtr $i1,$s3,8 - _xtr $i2,$s0,8 - _xtr $i3,$s1,8 - and $i0,0xff - and $i1,0xff - and $i2,0xff - and $i3,0xff - $PTR_ADD $i0,$Tbl - $PTR_ADD $i1,$Tbl - $PTR_ADD $i2,$Tbl - $PTR_ADD $i3,$Tbl - lbu $t4,1024($i0) # Td4[s2>>8] - lbu $t5,1024($i1) # Td4[s3>>8] - lbu $t6,1024($i2) # Td4[s0>>8] - lbu $t7,1024($i3) # Td4[s1>>8] - - _xtr $i0,$s0,24 - _xtr $i1,$s1,24 - _xtr $i2,$s2,24 - _xtr $i3,$s3,24 - $PTR_ADD $i0,$Tbl - $PTR_ADD $i1,$Tbl - $PTR_ADD $i2,$Tbl - $PTR_ADD $i3,$Tbl - lbu $t8,1024($i0) # Td4[s0>>24] - lbu $t9,1024($i1) # Td4[s1>>24] - lbu $t10,1024($i2) # Td4[s2>>24] - lbu $t11,1024($i3) # Td4[s3>>24] - - _xtr $i0,$s1,0 - _xtr $i1,$s2,0 - _xtr $i2,$s3,0 - _xtr $i3,$s0,0 - - _ins $t0,16 - _ins $t1,16 - _ins $t2,16 - _ins $t3,16 - - _ins $t4,8 - _ins $t5,8 - _ins $t6,8 - _ins $t7,8 - - xor $t0,$t4 - xor $t1,$t5 - xor $t2,$t6 - xor $t3,$t7 - - $PTR_ADD $i0,$Tbl - $PTR_ADD $i1,$Tbl - $PTR_ADD $i2,$Tbl - $PTR_ADD $i3,$Tbl - lbu $t4,1024($i0) # Td4[s1] - lbu $t5,1024($i1) # Td4[s2] - lbu $t6,1024($i2) # Td4[s3] - lbu $t7,1024($i3) # Td4[s0] - - _ins $t8,24 - _ins $t9,24 - _ins $t10,24 - _ins $t11,24 - - lw $s0,0($key0) - lw $s1,4($key0) - lw $s2,8($key0) - lw $s3,12($key0) - - _ins $t4,0 - _ins $t5,0 - _ins $t6,0 - _ins $t7,0 - - - xor $t0,$t8 - xor $t1,$t9 - xor $t2,$t10 - xor $t3,$t11 - - xor $t0,$t4 - xor $t1,$t5 - xor $t2,$t6 - xor $t3,$t7 - - xor $s0,$t0 - xor $s1,$t1 - xor $s2,$t2 - xor $s3,$t3 - - jr $ra -.end _mips_AES_decrypt - -.align 5 -.globl aes_decrypt_internal -.ent aes_decrypt_internal -aes_decrypt_internal: - .frame $sp,$FRAMESIZE,$ra - .mask $SAVED_REGS_MASK,-$SZREG - .set noreorder -___ -$code.=<<___ if ($flavour =~ /o32/i); # o32 PIC-ification - .cpload $pf -___ -$code.=<<___; - $PTR_SUB $sp,$FRAMESIZE - $REG_S $ra,$FRAMESIZE-1*$SZREG($sp) - $REG_S $fp,$FRAMESIZE-2*$SZREG($sp) - $REG_S $s11,$FRAMESIZE-3*$SZREG($sp) - $REG_S $s10,$FRAMESIZE-4*$SZREG($sp) - $REG_S $s9,$FRAMESIZE-5*$SZREG($sp) - $REG_S $s8,$FRAMESIZE-6*$SZREG($sp) - $REG_S $s7,$FRAMESIZE-7*$SZREG($sp) - $REG_S $s6,$FRAMESIZE-8*$SZREG($sp) - $REG_S $s5,$FRAMESIZE-9*$SZREG($sp) - $REG_S $s4,$FRAMESIZE-10*$SZREG($sp) -___ -$code.=<<___ if ($flavour =~ /nubi/i); # optimize non-nubi prologue - $REG_S \$15,$FRAMESIZE-11*$SZREG($sp) - $REG_S \$14,$FRAMESIZE-12*$SZREG($sp) - $REG_S \$13,$FRAMESIZE-13*$SZREG($sp) - $REG_S \$12,$FRAMESIZE-14*$SZREG($sp) - $REG_S $gp,$FRAMESIZE-15*$SZREG($sp) -___ -$code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification - .cplocal $Tbl - .cpsetup $pf,$zero,aes_decrypt_internal -___ -$code.=<<___; - .set reorder - $LA $Tbl,AES_Td # PIC-ified 'load address' - - lwl $s0,0+$MSB($inp) - lwl $s1,4+$MSB($inp) - lwl $s2,8+$MSB($inp) - lwl $s3,12+$MSB($inp) - lwr $s0,0+$LSB($inp) - lwr $s1,4+$LSB($inp) - lwr $s2,8+$LSB($inp) - lwr $s3,12+$LSB($inp) - - bal _mips_AES_decrypt - - swr $s0,0+$LSB($out) - swr $s1,4+$LSB($out) - swr $s2,8+$LSB($out) - swr $s3,12+$LSB($out) - swl $s0,0+$MSB($out) - swl $s1,4+$MSB($out) - swl $s2,8+$MSB($out) - swl $s3,12+$MSB($out) - - .set noreorder - $REG_L $ra,$FRAMESIZE-1*$SZREG($sp) - $REG_L $fp,$FRAMESIZE-2*$SZREG($sp) - $REG_L $s11,$FRAMESIZE-3*$SZREG($sp) - $REG_L $s10,$FRAMESIZE-4*$SZREG($sp) - $REG_L $s9,$FRAMESIZE-5*$SZREG($sp) - $REG_L $s8,$FRAMESIZE-6*$SZREG($sp) - $REG_L $s7,$FRAMESIZE-7*$SZREG($sp) - $REG_L $s6,$FRAMESIZE-8*$SZREG($sp) - $REG_L $s5,$FRAMESIZE-9*$SZREG($sp) - $REG_L $s4,$FRAMESIZE-10*$SZREG($sp) -___ -$code.=<<___ if ($flavour =~ /nubi/i); - $REG_L \$15,$FRAMESIZE-11*$SZREG($sp) - $REG_L \$14,$FRAMESIZE-12*$SZREG($sp) - $REG_L \$13,$FRAMESIZE-13*$SZREG($sp) - $REG_L \$12,$FRAMESIZE-14*$SZREG($sp) - $REG_L $gp,$FRAMESIZE-15*$SZREG($sp) -___ -$code.=<<___; - jr $ra - $PTR_ADD $sp,$FRAMESIZE -.end aes_decrypt_internal -___ -}}} - -{{{ -my $FRAMESIZE=8*$SZREG; -my $SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0xc000f008 : 0xc0000000; - -my ($inp,$bits,$key,$Tbl)=($a0,$a1,$a2,$a3); -my ($rk0,$rk1,$rk2,$rk3,$rk4,$rk5,$rk6,$rk7)=($a4,$a5,$a6,$a7,$s0,$s1,$s2,$s3); -my ($i0,$i1,$i2,$i3)=($at,$t0,$t1,$t2); -my ($rcon,$cnt)=($gp,$fp); - -$code.=<<___; -.align 5 -.ent _mips_AES_set_encrypt_key -_mips_AES_set_encrypt_key: - .frame $sp,0,$ra - .set noreorder - beqz $inp,.Lekey_done - li $t0,-1 - beqz $key,.Lekey_done - $PTR_ADD $rcon,$Tbl,1024+256 - - .set reorder - lwl $rk0,0+$MSB($inp) # load 128 bits - lwl $rk1,4+$MSB($inp) - lwl $rk2,8+$MSB($inp) - lwl $rk3,12+$MSB($inp) - li $at,128 - lwr $rk0,0+$LSB($inp) - lwr $rk1,4+$LSB($inp) - lwr $rk2,8+$LSB($inp) - lwr $rk3,12+$LSB($inp) - .set noreorder - beq $bits,$at,.L128bits - li $cnt,10 - - .set reorder - lwl $rk4,16+$MSB($inp) # load 192 bits - lwl $rk5,20+$MSB($inp) - li $at,192 - lwr $rk4,16+$LSB($inp) - lwr $rk5,20+$LSB($inp) - .set noreorder - beq $bits,$at,.L192bits - li $cnt,8 - - .set reorder - lwl $rk6,24+$MSB($inp) # load 256 bits - lwl $rk7,28+$MSB($inp) - li $at,256 - lwr $rk6,24+$LSB($inp) - lwr $rk7,28+$LSB($inp) - .set noreorder - beq $bits,$at,.L256bits - li $cnt,7 - - b .Lekey_done - li $t0,-2 - -.align 4 -.L128bits: - .set reorder - srl $i0,$rk3,16 - srl $i1,$rk3,8 - and $i0,0xff - and $i1,0xff - and $i2,$rk3,0xff - srl $i3,$rk3,24 - $PTR_ADD $i0,$Tbl - $PTR_ADD $i1,$Tbl - $PTR_ADD $i2,$Tbl - $PTR_ADD $i3,$Tbl - lbu $i0,1024($i0) - lbu $i1,1024($i1) - lbu $i2,1024($i2) - lbu $i3,1024($i3) - - sw $rk0,0($key) - sw $rk1,4($key) - sw $rk2,8($key) - sw $rk3,12($key) - sub $cnt,1 - $PTR_ADD $key,16 - - _bias $i0,24 - _bias $i1,16 - _bias $i2,8 - _bias $i3,0 - - xor $rk0,$i0 - lw $i0,0($rcon) - xor $rk0,$i1 - xor $rk0,$i2 - xor $rk0,$i3 - xor $rk0,$i0 - - xor $rk1,$rk0 - xor $rk2,$rk1 - xor $rk3,$rk2 - - .set noreorder - bnez $cnt,.L128bits - $PTR_ADD $rcon,4 - - sw $rk0,0($key) - sw $rk1,4($key) - sw $rk2,8($key) - li $cnt,10 - sw $rk3,12($key) - li $t0,0 - sw $cnt,80($key) - b .Lekey_done - $PTR_SUB $key,10*16 - -.align 4 -.L192bits: - .set reorder - srl $i0,$rk5,16 - srl $i1,$rk5,8 - and $i0,0xff - and $i1,0xff - and $i2,$rk5,0xff - srl $i3,$rk5,24 - $PTR_ADD $i0,$Tbl - $PTR_ADD $i1,$Tbl - $PTR_ADD $i2,$Tbl - $PTR_ADD $i3,$Tbl - lbu $i0,1024($i0) - lbu $i1,1024($i1) - lbu $i2,1024($i2) - lbu $i3,1024($i3) - - sw $rk0,0($key) - sw $rk1,4($key) - sw $rk2,8($key) - sw $rk3,12($key) - sw $rk4,16($key) - sw $rk5,20($key) - sub $cnt,1 - $PTR_ADD $key,24 - - _bias $i0,24 - _bias $i1,16 - _bias $i2,8 - _bias $i3,0 - - xor $rk0,$i0 - lw $i0,0($rcon) - xor $rk0,$i1 - xor $rk0,$i2 - xor $rk0,$i3 - xor $rk0,$i0 - - xor $rk1,$rk0 - xor $rk2,$rk1 - xor $rk3,$rk2 - xor $rk4,$rk3 - xor $rk5,$rk4 - - .set noreorder - bnez $cnt,.L192bits - $PTR_ADD $rcon,4 - - sw $rk0,0($key) - sw $rk1,4($key) - sw $rk2,8($key) - li $cnt,12 - sw $rk3,12($key) - li $t0,0 - sw $cnt,48($key) - b .Lekey_done - $PTR_SUB $key,12*16 - -.align 4 -.L256bits: - .set reorder - srl $i0,$rk7,16 - srl $i1,$rk7,8 - and $i0,0xff - and $i1,0xff - and $i2,$rk7,0xff - srl $i3,$rk7,24 - $PTR_ADD $i0,$Tbl - $PTR_ADD $i1,$Tbl - $PTR_ADD $i2,$Tbl - $PTR_ADD $i3,$Tbl - lbu $i0,1024($i0) - lbu $i1,1024($i1) - lbu $i2,1024($i2) - lbu $i3,1024($i3) - - sw $rk0,0($key) - sw $rk1,4($key) - sw $rk2,8($key) - sw $rk3,12($key) - sw $rk4,16($key) - sw $rk5,20($key) - sw $rk6,24($key) - sw $rk7,28($key) - sub $cnt,1 - - _bias $i0,24 - _bias $i1,16 - _bias $i2,8 - _bias $i3,0 - - xor $rk0,$i0 - lw $i0,0($rcon) - xor $rk0,$i1 - xor $rk0,$i2 - xor $rk0,$i3 - xor $rk0,$i0 - - xor $rk1,$rk0 - xor $rk2,$rk1 - xor $rk3,$rk2 - beqz $cnt,.L256bits_done - - srl $i0,$rk3,24 - srl $i1,$rk3,16 - srl $i2,$rk3,8 - and $i3,$rk3,0xff - and $i1,0xff - and $i2,0xff - $PTR_ADD $i0,$Tbl - $PTR_ADD $i1,$Tbl - $PTR_ADD $i2,$Tbl - $PTR_ADD $i3,$Tbl - lbu $i0,1024($i0) - lbu $i1,1024($i1) - lbu $i2,1024($i2) - lbu $i3,1024($i3) - sll $i0,24 - sll $i1,16 - sll $i2,8 - - xor $rk4,$i0 - xor $rk4,$i1 - xor $rk4,$i2 - xor $rk4,$i3 - - xor $rk5,$rk4 - xor $rk6,$rk5 - xor $rk7,$rk6 - - $PTR_ADD $key,32 - .set noreorder - b .L256bits - $PTR_ADD $rcon,4 - -.L256bits_done: - sw $rk0,32($key) - sw $rk1,36($key) - sw $rk2,40($key) - li $cnt,14 - sw $rk3,44($key) - li $t0,0 - sw $cnt,48($key) - $PTR_SUB $key,12*16 - -.Lekey_done: - jr $ra - nop -.end _mips_AES_set_encrypt_key - -.globl aes_set_encrypt_key_internal -.ent aes_set_encrypt_key_internal -aes_set_encrypt_key_internal: - .frame $sp,$FRAMESIZE,$ra - .mask $SAVED_REGS_MASK,-$SZREG - .set noreorder -___ -$code.=<<___ if ($flavour =~ /o32/i); # o32 PIC-ification - .cpload $pf -___ -$code.=<<___; - $PTR_SUB $sp,$FRAMESIZE - $REG_S $ra,$FRAMESIZE-1*$SZREG($sp) - $REG_S $fp,$FRAMESIZE-2*$SZREG($sp) -___ -$code.=<<___ if ($flavour =~ /nubi/i); # optimize non-nubi prologue - $REG_S $s3,$FRAMESIZE-3*$SZREG($sp) - $REG_S $s2,$FRAMESIZE-4*$SZREG($sp) - $REG_S $s1,$FRAMESIZE-5*$SZREG($sp) - $REG_S $s0,$FRAMESIZE-6*$SZREG($sp) - $REG_S $gp,$FRAMESIZE-7*$SZREG($sp) -___ -$code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification - .cplocal $Tbl - .cpsetup $pf,$zero,aes_set_encrypt_key_internal -___ -$code.=<<___; - .set reorder - $LA $Tbl,AES_Te # PIC-ified 'load address' - - bal _mips_AES_set_encrypt_key - - .set noreorder - move $a0,$t0 - $REG_L $ra,$FRAMESIZE-1*$SZREG($sp) - $REG_L $fp,$FRAMESIZE-2*$SZREG($sp) -___ -$code.=<<___ if ($flavour =~ /nubi/i); - $REG_L $s3,$FRAMESIZE-11*$SZREG($sp) - $REG_L $s2,$FRAMESIZE-12*$SZREG($sp) - $REG_L $s1,$FRAMESIZE-13*$SZREG($sp) - $REG_L $s0,$FRAMESIZE-14*$SZREG($sp) - $REG_L $gp,$FRAMESIZE-15*$SZREG($sp) -___ -$code.=<<___; - jr $ra - $PTR_ADD $sp,$FRAMESIZE -.end aes_set_encrypt_key_internal -___ - -my ($head,$tail)=($inp,$bits); -my ($tp1,$tp2,$tp4,$tp8,$tp9,$tpb,$tpd,$tpe)=($a4,$a5,$a6,$a7,$s0,$s1,$s2,$s3); -my ($m,$x80808080,$x7f7f7f7f,$x1b1b1b1b)=($at,$t0,$t1,$t2); -$code.=<<___; -.align 5 -.globl aes_set_decrypt_key_internal -.ent aes_set_decrypt_key_internal -aes_set_decrypt_key_internal: - .frame $sp,$FRAMESIZE,$ra - .mask $SAVED_REGS_MASK,-$SZREG - .set noreorder -___ -$code.=<<___ if ($flavour =~ /o32/i); # o32 PIC-ification - .cpload $pf -___ -$code.=<<___; - $PTR_SUB $sp,$FRAMESIZE - $REG_S $ra,$FRAMESIZE-1*$SZREG($sp) - $REG_S $fp,$FRAMESIZE-2*$SZREG($sp) -___ -$code.=<<___ if ($flavour =~ /nubi/i); # optimize non-nubi prologue - $REG_S $s3,$FRAMESIZE-3*$SZREG($sp) - $REG_S $s2,$FRAMESIZE-4*$SZREG($sp) - $REG_S $s1,$FRAMESIZE-5*$SZREG($sp) - $REG_S $s0,$FRAMESIZE-6*$SZREG($sp) - $REG_S $gp,$FRAMESIZE-7*$SZREG($sp) -___ -$code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification - .cplocal $Tbl - .cpsetup $pf,$zero,aes_set_decrypt_key_internal -___ -$code.=<<___; - .set reorder - $LA $Tbl,AES_Te # PIC-ified 'load address' - - bal _mips_AES_set_encrypt_key - - bltz $t0,.Ldkey_done - - sll $at,$cnt,4 - $PTR_ADD $head,$key,0 - $PTR_ADD $tail,$key,$at -.align 4 -.Lswap: - lw $rk0,0($head) - lw $rk1,4($head) - lw $rk2,8($head) - lw $rk3,12($head) - lw $rk4,0($tail) - lw $rk5,4($tail) - lw $rk6,8($tail) - lw $rk7,12($tail) - sw $rk0,0($tail) - sw $rk1,4($tail) - sw $rk2,8($tail) - sw $rk3,12($tail) - $PTR_ADD $head,16 - $PTR_SUB $tail,16 - sw $rk4,-16($head) - sw $rk5,-12($head) - sw $rk6,-8($head) - sw $rk7,-4($head) - bne $head,$tail,.Lswap - - lw $tp1,16($key) # modulo-scheduled - lui $x80808080,0x8080 - sub $cnt,1 - or $x80808080,0x8080 - sll $cnt,2 - $PTR_ADD $key,16 - lui $x1b1b1b1b,0x1b1b - nor $x7f7f7f7f,$zero,$x80808080 - or $x1b1b1b1b,0x1b1b -.align 4 -.Lmix: - and $m,$tp1,$x80808080 - and $tp2,$tp1,$x7f7f7f7f - srl $tp4,$m,7 - addu $tp2,$tp2 # tp2<<1 - subu $m,$tp4 - and $m,$x1b1b1b1b - xor $tp2,$m - - and $m,$tp2,$x80808080 - and $tp4,$tp2,$x7f7f7f7f - srl $tp8,$m,7 - addu $tp4,$tp4 # tp4<<1 - subu $m,$tp8 - and $m,$x1b1b1b1b - xor $tp4,$m - - and $m,$tp4,$x80808080 - and $tp8,$tp4,$x7f7f7f7f - srl $tp9,$m,7 - addu $tp8,$tp8 # tp8<<1 - subu $m,$tp9 - and $m,$x1b1b1b1b - xor $tp8,$m - - xor $tp9,$tp8,$tp1 - xor $tpe,$tp8,$tp4 - xor $tpb,$tp9,$tp2 - xor $tpd,$tp9,$tp4 - - _ror $tp1,$tpd,16 - xor $tpe,$tp2 - _ror $tp2,$tpd,-16 - xor $tpe,$tp1 - _ror $tp1,$tp9,8 - xor $tpe,$tp2 - _ror $tp2,$tp9,-24 - xor $tpe,$tp1 - _ror $tp1,$tpb,24 - xor $tpe,$tp2 - _ror $tp2,$tpb,-8 - xor $tpe,$tp1 - lw $tp1,4($key) # modulo-scheduled - xor $tpe,$tp2 - sub $cnt,1 - sw $tpe,0($key) - $PTR_ADD $key,4 - bnez $cnt,.Lmix - - li $t0,0 -.Ldkey_done: - .set noreorder - move $a0,$t0 - $REG_L $ra,$FRAMESIZE-1*$SZREG($sp) - $REG_L $fp,$FRAMESIZE-2*$SZREG($sp) -___ -$code.=<<___ if ($flavour =~ /nubi/i); - $REG_L $s3,$FRAMESIZE-11*$SZREG($sp) - $REG_L $s2,$FRAMESIZE-12*$SZREG($sp) - $REG_L $s1,$FRAMESIZE-13*$SZREG($sp) - $REG_L $s0,$FRAMESIZE-14*$SZREG($sp) - $REG_L $gp,$FRAMESIZE-15*$SZREG($sp) -___ -$code.=<<___; - jr $ra - $PTR_ADD $sp,$FRAMESIZE -.end aes_set_decrypt_key_internal -___ -}}} - -###################################################################### -# Tables are kept in endian-neutral manner -$code.=<<___; -.rdata -.align 6 -AES_Te: -.byte 0xc6,0x63,0x63,0xa5, 0xf8,0x7c,0x7c,0x84 # Te0 -.byte 0xee,0x77,0x77,0x99, 0xf6,0x7b,0x7b,0x8d -.byte 0xff,0xf2,0xf2,0x0d, 0xd6,0x6b,0x6b,0xbd -.byte 0xde,0x6f,0x6f,0xb1, 0x91,0xc5,0xc5,0x54 -.byte 0x60,0x30,0x30,0x50, 0x02,0x01,0x01,0x03 -.byte 0xce,0x67,0x67,0xa9, 0x56,0x2b,0x2b,0x7d -.byte 0xe7,0xfe,0xfe,0x19, 0xb5,0xd7,0xd7,0x62 -.byte 0x4d,0xab,0xab,0xe6, 0xec,0x76,0x76,0x9a -.byte 0x8f,0xca,0xca,0x45, 0x1f,0x82,0x82,0x9d -.byte 0x89,0xc9,0xc9,0x40, 0xfa,0x7d,0x7d,0x87 -.byte 0xef,0xfa,0xfa,0x15, 0xb2,0x59,0x59,0xeb -.byte 0x8e,0x47,0x47,0xc9, 0xfb,0xf0,0xf0,0x0b -.byte 0x41,0xad,0xad,0xec, 0xb3,0xd4,0xd4,0x67 -.byte 0x5f,0xa2,0xa2,0xfd, 0x45,0xaf,0xaf,0xea -.byte 0x23,0x9c,0x9c,0xbf, 0x53,0xa4,0xa4,0xf7 -.byte 0xe4,0x72,0x72,0x96, 0x9b,0xc0,0xc0,0x5b -.byte 0x75,0xb7,0xb7,0xc2, 0xe1,0xfd,0xfd,0x1c -.byte 0x3d,0x93,0x93,0xae, 0x4c,0x26,0x26,0x6a -.byte 0x6c,0x36,0x36,0x5a, 0x7e,0x3f,0x3f,0x41 -.byte 0xf5,0xf7,0xf7,0x02, 0x83,0xcc,0xcc,0x4f -.byte 0x68,0x34,0x34,0x5c, 0x51,0xa5,0xa5,0xf4 -.byte 0xd1,0xe5,0xe5,0x34, 0xf9,0xf1,0xf1,0x08 -.byte 0xe2,0x71,0x71,0x93, 0xab,0xd8,0xd8,0x73 -.byte 0x62,0x31,0x31,0x53, 0x2a,0x15,0x15,0x3f -.byte 0x08,0x04,0x04,0x0c, 0x95,0xc7,0xc7,0x52 -.byte 0x46,0x23,0x23,0x65, 0x9d,0xc3,0xc3,0x5e -.byte 0x30,0x18,0x18,0x28, 0x37,0x96,0x96,0xa1 -.byte 0x0a,0x05,0x05,0x0f, 0x2f,0x9a,0x9a,0xb5 -.byte 0x0e,0x07,0x07,0x09, 0x24,0x12,0x12,0x36 -.byte 0x1b,0x80,0x80,0x9b, 0xdf,0xe2,0xe2,0x3d -.byte 0xcd,0xeb,0xeb,0x26, 0x4e,0x27,0x27,0x69 -.byte 0x7f,0xb2,0xb2,0xcd, 0xea,0x75,0x75,0x9f -.byte 0x12,0x09,0x09,0x1b, 0x1d,0x83,0x83,0x9e -.byte 0x58,0x2c,0x2c,0x74, 0x34,0x1a,0x1a,0x2e -.byte 0x36,0x1b,0x1b,0x2d, 0xdc,0x6e,0x6e,0xb2 -.byte 0xb4,0x5a,0x5a,0xee, 0x5b,0xa0,0xa0,0xfb -.byte 0xa4,0x52,0x52,0xf6, 0x76,0x3b,0x3b,0x4d -.byte 0xb7,0xd6,0xd6,0x61, 0x7d,0xb3,0xb3,0xce -.byte 0x52,0x29,0x29,0x7b, 0xdd,0xe3,0xe3,0x3e -.byte 0x5e,0x2f,0x2f,0x71, 0x13,0x84,0x84,0x97 -.byte 0xa6,0x53,0x53,0xf5, 0xb9,0xd1,0xd1,0x68 -.byte 0x00,0x00,0x00,0x00, 0xc1,0xed,0xed,0x2c -.byte 0x40,0x20,0x20,0x60, 0xe3,0xfc,0xfc,0x1f -.byte 0x79,0xb1,0xb1,0xc8, 0xb6,0x5b,0x5b,0xed -.byte 0xd4,0x6a,0x6a,0xbe, 0x8d,0xcb,0xcb,0x46 -.byte 0x67,0xbe,0xbe,0xd9, 0x72,0x39,0x39,0x4b -.byte 0x94,0x4a,0x4a,0xde, 0x98,0x4c,0x4c,0xd4 -.byte 0xb0,0x58,0x58,0xe8, 0x85,0xcf,0xcf,0x4a -.byte 0xbb,0xd0,0xd0,0x6b, 0xc5,0xef,0xef,0x2a -.byte 0x4f,0xaa,0xaa,0xe5, 0xed,0xfb,0xfb,0x16 -.byte 0x86,0x43,0x43,0xc5, 0x9a,0x4d,0x4d,0xd7 -.byte 0x66,0x33,0x33,0x55, 0x11,0x85,0x85,0x94 -.byte 0x8a,0x45,0x45,0xcf, 0xe9,0xf9,0xf9,0x10 -.byte 0x04,0x02,0x02,0x06, 0xfe,0x7f,0x7f,0x81 -.byte 0xa0,0x50,0x50,0xf0, 0x78,0x3c,0x3c,0x44 -.byte 0x25,0x9f,0x9f,0xba, 0x4b,0xa8,0xa8,0xe3 -.byte 0xa2,0x51,0x51,0xf3, 0x5d,0xa3,0xa3,0xfe -.byte 0x80,0x40,0x40,0xc0, 0x05,0x8f,0x8f,0x8a -.byte 0x3f,0x92,0x92,0xad, 0x21,0x9d,0x9d,0xbc -.byte 0x70,0x38,0x38,0x48, 0xf1,0xf5,0xf5,0x04 -.byte 0x63,0xbc,0xbc,0xdf, 0x77,0xb6,0xb6,0xc1 -.byte 0xaf,0xda,0xda,0x75, 0x42,0x21,0x21,0x63 -.byte 0x20,0x10,0x10,0x30, 0xe5,0xff,0xff,0x1a -.byte 0xfd,0xf3,0xf3,0x0e, 0xbf,0xd2,0xd2,0x6d -.byte 0x81,0xcd,0xcd,0x4c, 0x18,0x0c,0x0c,0x14 -.byte 0x26,0x13,0x13,0x35, 0xc3,0xec,0xec,0x2f -.byte 0xbe,0x5f,0x5f,0xe1, 0x35,0x97,0x97,0xa2 -.byte 0x88,0x44,0x44,0xcc, 0x2e,0x17,0x17,0x39 -.byte 0x93,0xc4,0xc4,0x57, 0x55,0xa7,0xa7,0xf2 -.byte 0xfc,0x7e,0x7e,0x82, 0x7a,0x3d,0x3d,0x47 -.byte 0xc8,0x64,0x64,0xac, 0xba,0x5d,0x5d,0xe7 -.byte 0x32,0x19,0x19,0x2b, 0xe6,0x73,0x73,0x95 -.byte 0xc0,0x60,0x60,0xa0, 0x19,0x81,0x81,0x98 -.byte 0x9e,0x4f,0x4f,0xd1, 0xa3,0xdc,0xdc,0x7f -.byte 0x44,0x22,0x22,0x66, 0x54,0x2a,0x2a,0x7e -.byte 0x3b,0x90,0x90,0xab, 0x0b,0x88,0x88,0x83 -.byte 0x8c,0x46,0x46,0xca, 0xc7,0xee,0xee,0x29 -.byte 0x6b,0xb8,0xb8,0xd3, 0x28,0x14,0x14,0x3c -.byte 0xa7,0xde,0xde,0x79, 0xbc,0x5e,0x5e,0xe2 -.byte 0x16,0x0b,0x0b,0x1d, 0xad,0xdb,0xdb,0x76 -.byte 0xdb,0xe0,0xe0,0x3b, 0x64,0x32,0x32,0x56 -.byte 0x74,0x3a,0x3a,0x4e, 0x14,0x0a,0x0a,0x1e -.byte 0x92,0x49,0x49,0xdb, 0x0c,0x06,0x06,0x0a -.byte 0x48,0x24,0x24,0x6c, 0xb8,0x5c,0x5c,0xe4 -.byte 0x9f,0xc2,0xc2,0x5d, 0xbd,0xd3,0xd3,0x6e -.byte 0x43,0xac,0xac,0xef, 0xc4,0x62,0x62,0xa6 -.byte 0x39,0x91,0x91,0xa8, 0x31,0x95,0x95,0xa4 -.byte 0xd3,0xe4,0xe4,0x37, 0xf2,0x79,0x79,0x8b -.byte 0xd5,0xe7,0xe7,0x32, 0x8b,0xc8,0xc8,0x43 -.byte 0x6e,0x37,0x37,0x59, 0xda,0x6d,0x6d,0xb7 -.byte 0x01,0x8d,0x8d,0x8c, 0xb1,0xd5,0xd5,0x64 -.byte 0x9c,0x4e,0x4e,0xd2, 0x49,0xa9,0xa9,0xe0 -.byte 0xd8,0x6c,0x6c,0xb4, 0xac,0x56,0x56,0xfa -.byte 0xf3,0xf4,0xf4,0x07, 0xcf,0xea,0xea,0x25 -.byte 0xca,0x65,0x65,0xaf, 0xf4,0x7a,0x7a,0x8e -.byte 0x47,0xae,0xae,0xe9, 0x10,0x08,0x08,0x18 -.byte 0x6f,0xba,0xba,0xd5, 0xf0,0x78,0x78,0x88 -.byte 0x4a,0x25,0x25,0x6f, 0x5c,0x2e,0x2e,0x72 -.byte 0x38,0x1c,0x1c,0x24, 0x57,0xa6,0xa6,0xf1 -.byte 0x73,0xb4,0xb4,0xc7, 0x97,0xc6,0xc6,0x51 -.byte 0xcb,0xe8,0xe8,0x23, 0xa1,0xdd,0xdd,0x7c -.byte 0xe8,0x74,0x74,0x9c, 0x3e,0x1f,0x1f,0x21 -.byte 0x96,0x4b,0x4b,0xdd, 0x61,0xbd,0xbd,0xdc -.byte 0x0d,0x8b,0x8b,0x86, 0x0f,0x8a,0x8a,0x85 -.byte 0xe0,0x70,0x70,0x90, 0x7c,0x3e,0x3e,0x42 -.byte 0x71,0xb5,0xb5,0xc4, 0xcc,0x66,0x66,0xaa -.byte 0x90,0x48,0x48,0xd8, 0x06,0x03,0x03,0x05 -.byte 0xf7,0xf6,0xf6,0x01, 0x1c,0x0e,0x0e,0x12 -.byte 0xc2,0x61,0x61,0xa3, 0x6a,0x35,0x35,0x5f -.byte 0xae,0x57,0x57,0xf9, 0x69,0xb9,0xb9,0xd0 -.byte 0x17,0x86,0x86,0x91, 0x99,0xc1,0xc1,0x58 -.byte 0x3a,0x1d,0x1d,0x27, 0x27,0x9e,0x9e,0xb9 -.byte 0xd9,0xe1,0xe1,0x38, 0xeb,0xf8,0xf8,0x13 -.byte 0x2b,0x98,0x98,0xb3, 0x22,0x11,0x11,0x33 -.byte 0xd2,0x69,0x69,0xbb, 0xa9,0xd9,0xd9,0x70 -.byte 0x07,0x8e,0x8e,0x89, 0x33,0x94,0x94,0xa7 -.byte 0x2d,0x9b,0x9b,0xb6, 0x3c,0x1e,0x1e,0x22 -.byte 0x15,0x87,0x87,0x92, 0xc9,0xe9,0xe9,0x20 -.byte 0x87,0xce,0xce,0x49, 0xaa,0x55,0x55,0xff -.byte 0x50,0x28,0x28,0x78, 0xa5,0xdf,0xdf,0x7a -.byte 0x03,0x8c,0x8c,0x8f, 0x59,0xa1,0xa1,0xf8 -.byte 0x09,0x89,0x89,0x80, 0x1a,0x0d,0x0d,0x17 -.byte 0x65,0xbf,0xbf,0xda, 0xd7,0xe6,0xe6,0x31 -.byte 0x84,0x42,0x42,0xc6, 0xd0,0x68,0x68,0xb8 -.byte 0x82,0x41,0x41,0xc3, 0x29,0x99,0x99,0xb0 -.byte 0x5a,0x2d,0x2d,0x77, 0x1e,0x0f,0x0f,0x11 -.byte 0x7b,0xb0,0xb0,0xcb, 0xa8,0x54,0x54,0xfc -.byte 0x6d,0xbb,0xbb,0xd6, 0x2c,0x16,0x16,0x3a - -.byte 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5 # Te4 -.byte 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76 -.byte 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0 -.byte 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0 -.byte 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc -.byte 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15 -.byte 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a -.byte 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75 -.byte 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0 -.byte 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84 -.byte 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b -.byte 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf -.byte 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85 -.byte 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8 -.byte 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5 -.byte 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2 -.byte 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17 -.byte 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73 -.byte 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88 -.byte 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb -.byte 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c -.byte 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79 -.byte 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9 -.byte 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08 -.byte 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6 -.byte 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a -.byte 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e -.byte 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e -.byte 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94 -.byte 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf -.byte 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68 -.byte 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 - -.byte 0x01,0x00,0x00,0x00, 0x02,0x00,0x00,0x00 # rcon -.byte 0x04,0x00,0x00,0x00, 0x08,0x00,0x00,0x00 -.byte 0x10,0x00,0x00,0x00, 0x20,0x00,0x00,0x00 -.byte 0x40,0x00,0x00,0x00, 0x80,0x00,0x00,0x00 -.byte 0x1B,0x00,0x00,0x00, 0x36,0x00,0x00,0x00 - -.align 6 -AES_Td: -.byte 0x51,0xf4,0xa7,0x50, 0x7e,0x41,0x65,0x53 # Td0 -.byte 0x1a,0x17,0xa4,0xc3, 0x3a,0x27,0x5e,0x96 -.byte 0x3b,0xab,0x6b,0xcb, 0x1f,0x9d,0x45,0xf1 -.byte 0xac,0xfa,0x58,0xab, 0x4b,0xe3,0x03,0x93 -.byte 0x20,0x30,0xfa,0x55, 0xad,0x76,0x6d,0xf6 -.byte 0x88,0xcc,0x76,0x91, 0xf5,0x02,0x4c,0x25 -.byte 0x4f,0xe5,0xd7,0xfc, 0xc5,0x2a,0xcb,0xd7 -.byte 0x26,0x35,0x44,0x80, 0xb5,0x62,0xa3,0x8f -.byte 0xde,0xb1,0x5a,0x49, 0x25,0xba,0x1b,0x67 -.byte 0x45,0xea,0x0e,0x98, 0x5d,0xfe,0xc0,0xe1 -.byte 0xc3,0x2f,0x75,0x02, 0x81,0x4c,0xf0,0x12 -.byte 0x8d,0x46,0x97,0xa3, 0x6b,0xd3,0xf9,0xc6 -.byte 0x03,0x8f,0x5f,0xe7, 0x15,0x92,0x9c,0x95 -.byte 0xbf,0x6d,0x7a,0xeb, 0x95,0x52,0x59,0xda -.byte 0xd4,0xbe,0x83,0x2d, 0x58,0x74,0x21,0xd3 -.byte 0x49,0xe0,0x69,0x29, 0x8e,0xc9,0xc8,0x44 -.byte 0x75,0xc2,0x89,0x6a, 0xf4,0x8e,0x79,0x78 -.byte 0x99,0x58,0x3e,0x6b, 0x27,0xb9,0x71,0xdd -.byte 0xbe,0xe1,0x4f,0xb6, 0xf0,0x88,0xad,0x17 -.byte 0xc9,0x20,0xac,0x66, 0x7d,0xce,0x3a,0xb4 -.byte 0x63,0xdf,0x4a,0x18, 0xe5,0x1a,0x31,0x82 -.byte 0x97,0x51,0x33,0x60, 0x62,0x53,0x7f,0x45 -.byte 0xb1,0x64,0x77,0xe0, 0xbb,0x6b,0xae,0x84 -.byte 0xfe,0x81,0xa0,0x1c, 0xf9,0x08,0x2b,0x94 -.byte 0x70,0x48,0x68,0x58, 0x8f,0x45,0xfd,0x19 -.byte 0x94,0xde,0x6c,0x87, 0x52,0x7b,0xf8,0xb7 -.byte 0xab,0x73,0xd3,0x23, 0x72,0x4b,0x02,0xe2 -.byte 0xe3,0x1f,0x8f,0x57, 0x66,0x55,0xab,0x2a -.byte 0xb2,0xeb,0x28,0x07, 0x2f,0xb5,0xc2,0x03 -.byte 0x86,0xc5,0x7b,0x9a, 0xd3,0x37,0x08,0xa5 -.byte 0x30,0x28,0x87,0xf2, 0x23,0xbf,0xa5,0xb2 -.byte 0x02,0x03,0x6a,0xba, 0xed,0x16,0x82,0x5c -.byte 0x8a,0xcf,0x1c,0x2b, 0xa7,0x79,0xb4,0x92 -.byte 0xf3,0x07,0xf2,0xf0, 0x4e,0x69,0xe2,0xa1 -.byte 0x65,0xda,0xf4,0xcd, 0x06,0x05,0xbe,0xd5 -.byte 0xd1,0x34,0x62,0x1f, 0xc4,0xa6,0xfe,0x8a -.byte 0x34,0x2e,0x53,0x9d, 0xa2,0xf3,0x55,0xa0 -.byte 0x05,0x8a,0xe1,0x32, 0xa4,0xf6,0xeb,0x75 -.byte 0x0b,0x83,0xec,0x39, 0x40,0x60,0xef,0xaa -.byte 0x5e,0x71,0x9f,0x06, 0xbd,0x6e,0x10,0x51 -.byte 0x3e,0x21,0x8a,0xf9, 0x96,0xdd,0x06,0x3d -.byte 0xdd,0x3e,0x05,0xae, 0x4d,0xe6,0xbd,0x46 -.byte 0x91,0x54,0x8d,0xb5, 0x71,0xc4,0x5d,0x05 -.byte 0x04,0x06,0xd4,0x6f, 0x60,0x50,0x15,0xff -.byte 0x19,0x98,0xfb,0x24, 0xd6,0xbd,0xe9,0x97 -.byte 0x89,0x40,0x43,0xcc, 0x67,0xd9,0x9e,0x77 -.byte 0xb0,0xe8,0x42,0xbd, 0x07,0x89,0x8b,0x88 -.byte 0xe7,0x19,0x5b,0x38, 0x79,0xc8,0xee,0xdb -.byte 0xa1,0x7c,0x0a,0x47, 0x7c,0x42,0x0f,0xe9 -.byte 0xf8,0x84,0x1e,0xc9, 0x00,0x00,0x00,0x00 -.byte 0x09,0x80,0x86,0x83, 0x32,0x2b,0xed,0x48 -.byte 0x1e,0x11,0x70,0xac, 0x6c,0x5a,0x72,0x4e -.byte 0xfd,0x0e,0xff,0xfb, 0x0f,0x85,0x38,0x56 -.byte 0x3d,0xae,0xd5,0x1e, 0x36,0x2d,0x39,0x27 -.byte 0x0a,0x0f,0xd9,0x64, 0x68,0x5c,0xa6,0x21 -.byte 0x9b,0x5b,0x54,0xd1, 0x24,0x36,0x2e,0x3a -.byte 0x0c,0x0a,0x67,0xb1, 0x93,0x57,0xe7,0x0f -.byte 0xb4,0xee,0x96,0xd2, 0x1b,0x9b,0x91,0x9e -.byte 0x80,0xc0,0xc5,0x4f, 0x61,0xdc,0x20,0xa2 -.byte 0x5a,0x77,0x4b,0x69, 0x1c,0x12,0x1a,0x16 -.byte 0xe2,0x93,0xba,0x0a, 0xc0,0xa0,0x2a,0xe5 -.byte 0x3c,0x22,0xe0,0x43, 0x12,0x1b,0x17,0x1d -.byte 0x0e,0x09,0x0d,0x0b, 0xf2,0x8b,0xc7,0xad -.byte 0x2d,0xb6,0xa8,0xb9, 0x14,0x1e,0xa9,0xc8 -.byte 0x57,0xf1,0x19,0x85, 0xaf,0x75,0x07,0x4c -.byte 0xee,0x99,0xdd,0xbb, 0xa3,0x7f,0x60,0xfd -.byte 0xf7,0x01,0x26,0x9f, 0x5c,0x72,0xf5,0xbc -.byte 0x44,0x66,0x3b,0xc5, 0x5b,0xfb,0x7e,0x34 -.byte 0x8b,0x43,0x29,0x76, 0xcb,0x23,0xc6,0xdc -.byte 0xb6,0xed,0xfc,0x68, 0xb8,0xe4,0xf1,0x63 -.byte 0xd7,0x31,0xdc,0xca, 0x42,0x63,0x85,0x10 -.byte 0x13,0x97,0x22,0x40, 0x84,0xc6,0x11,0x20 -.byte 0x85,0x4a,0x24,0x7d, 0xd2,0xbb,0x3d,0xf8 -.byte 0xae,0xf9,0x32,0x11, 0xc7,0x29,0xa1,0x6d -.byte 0x1d,0x9e,0x2f,0x4b, 0xdc,0xb2,0x30,0xf3 -.byte 0x0d,0x86,0x52,0xec, 0x77,0xc1,0xe3,0xd0 -.byte 0x2b,0xb3,0x16,0x6c, 0xa9,0x70,0xb9,0x99 -.byte 0x11,0x94,0x48,0xfa, 0x47,0xe9,0x64,0x22 -.byte 0xa8,0xfc,0x8c,0xc4, 0xa0,0xf0,0x3f,0x1a -.byte 0x56,0x7d,0x2c,0xd8, 0x22,0x33,0x90,0xef -.byte 0x87,0x49,0x4e,0xc7, 0xd9,0x38,0xd1,0xc1 -.byte 0x8c,0xca,0xa2,0xfe, 0x98,0xd4,0x0b,0x36 -.byte 0xa6,0xf5,0x81,0xcf, 0xa5,0x7a,0xde,0x28 -.byte 0xda,0xb7,0x8e,0x26, 0x3f,0xad,0xbf,0xa4 -.byte 0x2c,0x3a,0x9d,0xe4, 0x50,0x78,0x92,0x0d -.byte 0x6a,0x5f,0xcc,0x9b, 0x54,0x7e,0x46,0x62 -.byte 0xf6,0x8d,0x13,0xc2, 0x90,0xd8,0xb8,0xe8 -.byte 0x2e,0x39,0xf7,0x5e, 0x82,0xc3,0xaf,0xf5 -.byte 0x9f,0x5d,0x80,0xbe, 0x69,0xd0,0x93,0x7c -.byte 0x6f,0xd5,0x2d,0xa9, 0xcf,0x25,0x12,0xb3 -.byte 0xc8,0xac,0x99,0x3b, 0x10,0x18,0x7d,0xa7 -.byte 0xe8,0x9c,0x63,0x6e, 0xdb,0x3b,0xbb,0x7b -.byte 0xcd,0x26,0x78,0x09, 0x6e,0x59,0x18,0xf4 -.byte 0xec,0x9a,0xb7,0x01, 0x83,0x4f,0x9a,0xa8 -.byte 0xe6,0x95,0x6e,0x65, 0xaa,0xff,0xe6,0x7e -.byte 0x21,0xbc,0xcf,0x08, 0xef,0x15,0xe8,0xe6 -.byte 0xba,0xe7,0x9b,0xd9, 0x4a,0x6f,0x36,0xce -.byte 0xea,0x9f,0x09,0xd4, 0x29,0xb0,0x7c,0xd6 -.byte 0x31,0xa4,0xb2,0xaf, 0x2a,0x3f,0x23,0x31 -.byte 0xc6,0xa5,0x94,0x30, 0x35,0xa2,0x66,0xc0 -.byte 0x74,0x4e,0xbc,0x37, 0xfc,0x82,0xca,0xa6 -.byte 0xe0,0x90,0xd0,0xb0, 0x33,0xa7,0xd8,0x15 -.byte 0xf1,0x04,0x98,0x4a, 0x41,0xec,0xda,0xf7 -.byte 0x7f,0xcd,0x50,0x0e, 0x17,0x91,0xf6,0x2f -.byte 0x76,0x4d,0xd6,0x8d, 0x43,0xef,0xb0,0x4d -.byte 0xcc,0xaa,0x4d,0x54, 0xe4,0x96,0x04,0xdf -.byte 0x9e,0xd1,0xb5,0xe3, 0x4c,0x6a,0x88,0x1b -.byte 0xc1,0x2c,0x1f,0xb8, 0x46,0x65,0x51,0x7f -.byte 0x9d,0x5e,0xea,0x04, 0x01,0x8c,0x35,0x5d -.byte 0xfa,0x87,0x74,0x73, 0xfb,0x0b,0x41,0x2e -.byte 0xb3,0x67,0x1d,0x5a, 0x92,0xdb,0xd2,0x52 -.byte 0xe9,0x10,0x56,0x33, 0x6d,0xd6,0x47,0x13 -.byte 0x9a,0xd7,0x61,0x8c, 0x37,0xa1,0x0c,0x7a -.byte 0x59,0xf8,0x14,0x8e, 0xeb,0x13,0x3c,0x89 -.byte 0xce,0xa9,0x27,0xee, 0xb7,0x61,0xc9,0x35 -.byte 0xe1,0x1c,0xe5,0xed, 0x7a,0x47,0xb1,0x3c -.byte 0x9c,0xd2,0xdf,0x59, 0x55,0xf2,0x73,0x3f -.byte 0x18,0x14,0xce,0x79, 0x73,0xc7,0x37,0xbf -.byte 0x53,0xf7,0xcd,0xea, 0x5f,0xfd,0xaa,0x5b -.byte 0xdf,0x3d,0x6f,0x14, 0x78,0x44,0xdb,0x86 -.byte 0xca,0xaf,0xf3,0x81, 0xb9,0x68,0xc4,0x3e -.byte 0x38,0x24,0x34,0x2c, 0xc2,0xa3,0x40,0x5f -.byte 0x16,0x1d,0xc3,0x72, 0xbc,0xe2,0x25,0x0c -.byte 0x28,0x3c,0x49,0x8b, 0xff,0x0d,0x95,0x41 -.byte 0x39,0xa8,0x01,0x71, 0x08,0x0c,0xb3,0xde -.byte 0xd8,0xb4,0xe4,0x9c, 0x64,0x56,0xc1,0x90 -.byte 0x7b,0xcb,0x84,0x61, 0xd5,0x32,0xb6,0x70 -.byte 0x48,0x6c,0x5c,0x74, 0xd0,0xb8,0x57,0x42 - -.byte 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38 # Td4 -.byte 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb -.byte 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87 -.byte 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb -.byte 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d -.byte 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e -.byte 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2 -.byte 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25 -.byte 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16 -.byte 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92 -.byte 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda -.byte 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84 -.byte 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a -.byte 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06 -.byte 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02 -.byte 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b -.byte 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea -.byte 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73 -.byte 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85 -.byte 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e -.byte 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89 -.byte 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b -.byte 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20 -.byte 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4 -.byte 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31 -.byte 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f -.byte 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d -.byte 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef -.byte 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0 -.byte 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61 -.byte 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26 -.byte 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d -___ - -foreach (split("\n",$code)) { - s/\`([^\`]*)\`/eval $1/ge; - - # made-up _instructions, _xtr, _ins, _ror and _bias, cope - # with byte order dependencies... - if (/^\s+_/) { - s/(_[a-z]+\s+)(\$[0-9]+),([^,]+)(#.*)*$/$1$2,$2,$3/; - - s/_xtr\s+(\$[0-9]+),(\$[0-9]+),([0-9]+(\-2)*)/ - sprintf("srl\t$1,$2,%d",$big_endian ? eval($3) - : eval("24-$3"))/e or - s/_ins\s+(\$[0-9]+),(\$[0-9]+),([0-9]+)/ - sprintf("sll\t$1,$2,%d",$big_endian ? eval($3) - : eval("24-$3"))/e or - s/_ror\s+(\$[0-9]+),(\$[0-9]+),(\-?[0-9]+)/ - sprintf("srl\t$1,$2,%d",$big_endian ? eval($3) - : eval("$3*-1"))/e or - s/_bias\s+(\$[0-9]+),(\$[0-9]+),([0-9]+)/ - sprintf("sll\t$1,$2,%d",$big_endian ? eval($3) - : eval("($3-16)&31"))/e; - - s/srl\s+(\$[0-9]+),(\$[0-9]+),\-([0-9]+)/ - sprintf("sll\t$1,$2,$3")/e or - s/srl\s+(\$[0-9]+),(\$[0-9]+),0/ - sprintf("and\t$1,$2,0xff")/e or - s/(sll\s+\$[0-9]+,\$[0-9]+,0)/#$1/; - } - - # convert lwl/lwr and swr/swl to little-endian order - if (!$big_endian && /^\s+[sl]w[lr]\s+/) { - s/([sl]wl.*)([0-9]+)\((\$[0-9]+)\)/ - sprintf("$1%d($3)",eval("$2-$2%4+($2%4-1)&3"))/e or - s/([sl]wr.*)([0-9]+)\((\$[0-9]+)\)/ - sprintf("$1%d($3)",eval("$2-$2%4+($2%4+1)&3"))/e; - } - - print $_,"\n"; -} - -close STDOUT; diff --git a/src/lib/libcrypto/aes/asm/aes-parisc.pl b/src/lib/libcrypto/aes/asm/aes-parisc.pl deleted file mode 100644 index 4e4592b56b..0000000000 --- a/src/lib/libcrypto/aes/asm/aes-parisc.pl +++ /dev/null @@ -1,1030 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# AES for PA-RISC. -# -# June 2009. -# -# The module is mechanical transliteration of aes-sparcv9.pl, but with -# a twist: S-boxes are compressed even further down to 1K+256B. On -# PA-7100LC performance is ~40% better than gcc 3.2 generated code and -# is about 33 cycles per byte processed with 128-bit key. Newer CPUs -# perform at 16 cycles per byte. It's not faster than code generated -# by vendor compiler, but recall that it has compressed S-boxes, which -# requires extra processing. -# -# Special thanks to polarhome.com for providing HP-UX account. - -$flavour = shift; -$output = shift; -open STDOUT,">$output"; - -if ($flavour =~ /64/) { - $LEVEL ="2.0W"; - $SIZE_T =8; - $FRAME_MARKER =80; - $SAVED_RP =16; - $PUSH ="std"; - $PUSHMA ="std,ma"; - $POP ="ldd"; - $POPMB ="ldd,mb"; -} else { - $LEVEL ="1.0"; - $SIZE_T =4; - $FRAME_MARKER =48; - $SAVED_RP =20; - $PUSH ="stw"; - $PUSHMA ="stwm"; - $POP ="ldw"; - $POPMB ="ldwm"; -} - -$FRAME=16*$SIZE_T+$FRAME_MARKER;# 16 saved regs + frame marker - # [+ argument transfer] -$inp="%r26"; # arg0 -$out="%r25"; # arg1 -$key="%r24"; # arg2 - -($s0,$s1,$s2,$s3) = ("%r1","%r2","%r3","%r4"); -($t0,$t1,$t2,$t3) = ("%r5","%r6","%r7","%r8"); - -($acc0, $acc1, $acc2, $acc3, $acc4, $acc5, $acc6, $acc7, - $acc8, $acc9,$acc10,$acc11,$acc12,$acc13,$acc14,$acc15) = -("%r9","%r10","%r11","%r12","%r13","%r14","%r15","%r16", -"%r17","%r18","%r19","%r20","%r21","%r22","%r23","%r26"); - -$tbl="%r28"; -$rounds="%r29"; - -$code=<<___; - .LEVEL $LEVEL - .text - - .EXPORT aes_encrypt_internal,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR - .ALIGN 64 -aes_encrypt_internal - .PROC - .CALLINFO FRAME=`$FRAME-16*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=18 - .ENTRY - $PUSH %r2,-$SAVED_RP(%sp) ; standard prologue - $PUSHMA %r3,$FRAME(%sp) - $PUSH %r4,`-$FRAME+1*$SIZE_T`(%sp) - $PUSH %r5,`-$FRAME+2*$SIZE_T`(%sp) - $PUSH %r6,`-$FRAME+3*$SIZE_T`(%sp) - $PUSH %r7,`-$FRAME+4*$SIZE_T`(%sp) - $PUSH %r8,`-$FRAME+5*$SIZE_T`(%sp) - $PUSH %r9,`-$FRAME+6*$SIZE_T`(%sp) - $PUSH %r10,`-$FRAME+7*$SIZE_T`(%sp) - $PUSH %r11,`-$FRAME+8*$SIZE_T`(%sp) - $PUSH %r12,`-$FRAME+9*$SIZE_T`(%sp) - $PUSH %r13,`-$FRAME+10*$SIZE_T`(%sp) - $PUSH %r14,`-$FRAME+11*$SIZE_T`(%sp) - $PUSH %r15,`-$FRAME+12*$SIZE_T`(%sp) - $PUSH %r16,`-$FRAME+13*$SIZE_T`(%sp) - $PUSH %r17,`-$FRAME+14*$SIZE_T`(%sp) - $PUSH %r18,`-$FRAME+15*$SIZE_T`(%sp) - - ldi 3,$t0 -#ifdef __PIC__ - addil LT'L\$AES_Te, %r19 - ldw RT'L\$AES_Te(%r1), $tbl -#else - ldil L'L\$AES_Te, %t1 - ldo R'L\$AES_Te(%t1), $tbl -#endif - - and $inp,$t0,$t0 - sub $inp,$t0,$inp - ldw 0($inp),$s0 - ldw 4($inp),$s1 - ldw 8($inp),$s2 - comib,= 0,$t0,L\$enc_inp_aligned - ldw 12($inp),$s3 - - sh3addl $t0,%r0,$t0 - subi 32,$t0,$t0 - mtctl $t0,%cr11 - ldw 16($inp),$t1 - vshd $s0,$s1,$s0 - vshd $s1,$s2,$s1 - vshd $s2,$s3,$s2 - vshd $s3,$t1,$s3 - -L\$enc_inp_aligned - bl _parisc_AES_encrypt,%r31 - nop - - extru,<> $out,31,2,%r0 - b L\$enc_out_aligned - nop - - _srm $s0,24,$acc0 - _srm $s0,16,$acc1 - stb $acc0,0($out) - _srm $s0,8,$acc2 - stb $acc1,1($out) - _srm $s1,24,$acc4 - stb $acc2,2($out) - _srm $s1,16,$acc5 - stb $s0,3($out) - _srm $s1,8,$acc6 - stb $acc4,4($out) - _srm $s2,24,$acc0 - stb $acc5,5($out) - _srm $s2,16,$acc1 - stb $acc6,6($out) - _srm $s2,8,$acc2 - stb $s1,7($out) - _srm $s3,24,$acc4 - stb $acc0,8($out) - _srm $s3,16,$acc5 - stb $acc1,9($out) - _srm $s3,8,$acc6 - stb $acc2,10($out) - stb $s2,11($out) - stb $acc4,12($out) - stb $acc5,13($out) - stb $acc6,14($out) - b L\$enc_done - stb $s3,15($out) - -L\$enc_out_aligned - stw $s0,0($out) - stw $s1,4($out) - stw $s2,8($out) - stw $s3,12($out) - -L\$enc_done - $POP `-$FRAME-$SAVED_RP`(%sp),%r2 ; standard epilogue - $POP `-$FRAME+1*$SIZE_T`(%sp),%r4 - $POP `-$FRAME+2*$SIZE_T`(%sp),%r5 - $POP `-$FRAME+3*$SIZE_T`(%sp),%r6 - $POP `-$FRAME+4*$SIZE_T`(%sp),%r7 - $POP `-$FRAME+5*$SIZE_T`(%sp),%r8 - $POP `-$FRAME+6*$SIZE_T`(%sp),%r9 - $POP `-$FRAME+7*$SIZE_T`(%sp),%r10 - $POP `-$FRAME+8*$SIZE_T`(%sp),%r11 - $POP `-$FRAME+9*$SIZE_T`(%sp),%r12 - $POP `-$FRAME+10*$SIZE_T`(%sp),%r13 - $POP `-$FRAME+11*$SIZE_T`(%sp),%r14 - $POP `-$FRAME+12*$SIZE_T`(%sp),%r15 - $POP `-$FRAME+13*$SIZE_T`(%sp),%r16 - $POP `-$FRAME+14*$SIZE_T`(%sp),%r17 - $POP `-$FRAME+15*$SIZE_T`(%sp),%r18 - bv (%r2) - .EXIT - $POPMB -$FRAME(%sp),%r3 - .PROCEND - - .ALIGN 16 -_parisc_AES_encrypt - .PROC - .CALLINFO MILLICODE - .ENTRY - ldw 240($key),$rounds - ldw 0($key),$t0 - ldw 4($key),$t1 - ldw 8($key),$t2 - _srm $rounds,1,$rounds - xor $t0,$s0,$s0 - ldw 12($key),$t3 - _srm $s0,24,$acc0 - xor $t1,$s1,$s1 - ldw 16($key),$t0 - _srm $s1,16,$acc1 - xor $t2,$s2,$s2 - ldw 20($key),$t1 - xor $t3,$s3,$s3 - ldw 24($key),$t2 - ldw 28($key),$t3 -L\$enc_loop - _srm $s2,8,$acc2 - ldwx,s $acc0($tbl),$acc0 - _srm $s3,0,$acc3 - ldwx,s $acc1($tbl),$acc1 - _srm $s1,24,$acc4 - ldwx,s $acc2($tbl),$acc2 - _srm $s2,16,$acc5 - ldwx,s $acc3($tbl),$acc3 - _srm $s3,8,$acc6 - ldwx,s $acc4($tbl),$acc4 - _srm $s0,0,$acc7 - ldwx,s $acc5($tbl),$acc5 - _srm $s2,24,$acc8 - ldwx,s $acc6($tbl),$acc6 - _srm $s3,16,$acc9 - ldwx,s $acc7($tbl),$acc7 - _srm $s0,8,$acc10 - ldwx,s $acc8($tbl),$acc8 - _srm $s1,0,$acc11 - ldwx,s $acc9($tbl),$acc9 - _srm $s3,24,$acc12 - ldwx,s $acc10($tbl),$acc10 - _srm $s0,16,$acc13 - ldwx,s $acc11($tbl),$acc11 - _srm $s1,8,$acc14 - ldwx,s $acc12($tbl),$acc12 - _srm $s2,0,$acc15 - ldwx,s $acc13($tbl),$acc13 - ldwx,s $acc14($tbl),$acc14 - ldwx,s $acc15($tbl),$acc15 - addib,= -1,$rounds,L\$enc_last - ldo 32($key),$key - - _ror $acc1,8,$acc1 - xor $acc0,$t0,$t0 - ldw 0($key),$s0 - _ror $acc2,16,$acc2 - xor $acc1,$t0,$t0 - ldw 4($key),$s1 - _ror $acc3,24,$acc3 - xor $acc2,$t0,$t0 - ldw 8($key),$s2 - _ror $acc5,8,$acc5 - xor $acc3,$t0,$t0 - ldw 12($key),$s3 - _ror $acc6,16,$acc6 - xor $acc4,$t1,$t1 - _ror $acc7,24,$acc7 - xor $acc5,$t1,$t1 - _ror $acc9,8,$acc9 - xor $acc6,$t1,$t1 - _ror $acc10,16,$acc10 - xor $acc7,$t1,$t1 - _ror $acc11,24,$acc11 - xor $acc8,$t2,$t2 - _ror $acc13,8,$acc13 - xor $acc9,$t2,$t2 - _ror $acc14,16,$acc14 - xor $acc10,$t2,$t2 - _ror $acc15,24,$acc15 - xor $acc11,$t2,$t2 - xor $acc12,$acc14,$acc14 - xor $acc13,$t3,$t3 - _srm $t0,24,$acc0 - xor $acc14,$t3,$t3 - _srm $t1,16,$acc1 - xor $acc15,$t3,$t3 - - _srm $t2,8,$acc2 - ldwx,s $acc0($tbl),$acc0 - _srm $t3,0,$acc3 - ldwx,s $acc1($tbl),$acc1 - _srm $t1,24,$acc4 - ldwx,s $acc2($tbl),$acc2 - _srm $t2,16,$acc5 - ldwx,s $acc3($tbl),$acc3 - _srm $t3,8,$acc6 - ldwx,s $acc4($tbl),$acc4 - _srm $t0,0,$acc7 - ldwx,s $acc5($tbl),$acc5 - _srm $t2,24,$acc8 - ldwx,s $acc6($tbl),$acc6 - _srm $t3,16,$acc9 - ldwx,s $acc7($tbl),$acc7 - _srm $t0,8,$acc10 - ldwx,s $acc8($tbl),$acc8 - _srm $t1,0,$acc11 - ldwx,s $acc9($tbl),$acc9 - _srm $t3,24,$acc12 - ldwx,s $acc10($tbl),$acc10 - _srm $t0,16,$acc13 - ldwx,s $acc11($tbl),$acc11 - _srm $t1,8,$acc14 - ldwx,s $acc12($tbl),$acc12 - _srm $t2,0,$acc15 - ldwx,s $acc13($tbl),$acc13 - _ror $acc1,8,$acc1 - ldwx,s $acc14($tbl),$acc14 - - _ror $acc2,16,$acc2 - xor $acc0,$s0,$s0 - ldwx,s $acc15($tbl),$acc15 - _ror $acc3,24,$acc3 - xor $acc1,$s0,$s0 - ldw 16($key),$t0 - _ror $acc5,8,$acc5 - xor $acc2,$s0,$s0 - ldw 20($key),$t1 - _ror $acc6,16,$acc6 - xor $acc3,$s0,$s0 - ldw 24($key),$t2 - _ror $acc7,24,$acc7 - xor $acc4,$s1,$s1 - ldw 28($key),$t3 - _ror $acc9,8,$acc9 - xor $acc5,$s1,$s1 - ldw 1024+0($tbl),%r0 ; prefetch te4 - _ror $acc10,16,$acc10 - xor $acc6,$s1,$s1 - ldw 1024+32($tbl),%r0 ; prefetch te4 - _ror $acc11,24,$acc11 - xor $acc7,$s1,$s1 - ldw 1024+64($tbl),%r0 ; prefetch te4 - _ror $acc13,8,$acc13 - xor $acc8,$s2,$s2 - ldw 1024+96($tbl),%r0 ; prefetch te4 - _ror $acc14,16,$acc14 - xor $acc9,$s2,$s2 - ldw 1024+128($tbl),%r0 ; prefetch te4 - _ror $acc15,24,$acc15 - xor $acc10,$s2,$s2 - ldw 1024+160($tbl),%r0 ; prefetch te4 - _srm $s0,24,$acc0 - xor $acc11,$s2,$s2 - ldw 1024+192($tbl),%r0 ; prefetch te4 - xor $acc12,$acc14,$acc14 - xor $acc13,$s3,$s3 - ldw 1024+224($tbl),%r0 ; prefetch te4 - _srm $s1,16,$acc1 - xor $acc14,$s3,$s3 - b L\$enc_loop - xor $acc15,$s3,$s3 - - .ALIGN 16 -L\$enc_last - ldo 1024($tbl),$rounds - _ror $acc1,8,$acc1 - xor $acc0,$t0,$t0 - ldw 0($key),$s0 - _ror $acc2,16,$acc2 - xor $acc1,$t0,$t0 - ldw 4($key),$s1 - _ror $acc3,24,$acc3 - xor $acc2,$t0,$t0 - ldw 8($key),$s2 - _ror $acc5,8,$acc5 - xor $acc3,$t0,$t0 - ldw 12($key),$s3 - _ror $acc6,16,$acc6 - xor $acc4,$t1,$t1 - _ror $acc7,24,$acc7 - xor $acc5,$t1,$t1 - _ror $acc9,8,$acc9 - xor $acc6,$t1,$t1 - _ror $acc10,16,$acc10 - xor $acc7,$t1,$t1 - _ror $acc11,24,$acc11 - xor $acc8,$t2,$t2 - _ror $acc13,8,$acc13 - xor $acc9,$t2,$t2 - _ror $acc14,16,$acc14 - xor $acc10,$t2,$t2 - _ror $acc15,24,$acc15 - xor $acc11,$t2,$t2 - xor $acc12,$acc14,$acc14 - xor $acc13,$t3,$t3 - _srm $t0,24,$acc0 - xor $acc14,$t3,$t3 - _srm $t1,16,$acc1 - xor $acc15,$t3,$t3 - - _srm $t2,8,$acc2 - ldbx $acc0($rounds),$acc0 - _srm $t1,24,$acc4 - ldbx $acc1($rounds),$acc1 - _srm $t2,16,$acc5 - _srm $t3,0,$acc3 - ldbx $acc2($rounds),$acc2 - ldbx $acc3($rounds),$acc3 - _srm $t3,8,$acc6 - ldbx $acc4($rounds),$acc4 - _srm $t2,24,$acc8 - ldbx $acc5($rounds),$acc5 - _srm $t3,16,$acc9 - _srm $t0,0,$acc7 - ldbx $acc6($rounds),$acc6 - ldbx $acc7($rounds),$acc7 - _srm $t0,8,$acc10 - ldbx $acc8($rounds),$acc8 - _srm $t3,24,$acc12 - ldbx $acc9($rounds),$acc9 - _srm $t0,16,$acc13 - _srm $t1,0,$acc11 - ldbx $acc10($rounds),$acc10 - _srm $t1,8,$acc14 - ldbx $acc11($rounds),$acc11 - ldbx $acc12($rounds),$acc12 - ldbx $acc13($rounds),$acc13 - _srm $t2,0,$acc15 - ldbx $acc14($rounds),$acc14 - - dep $acc0,7,8,$acc3 - ldbx $acc15($rounds),$acc15 - dep $acc4,7,8,$acc7 - dep $acc1,15,8,$acc3 - dep $acc5,15,8,$acc7 - dep $acc2,23,8,$acc3 - dep $acc6,23,8,$acc7 - xor $acc3,$s0,$s0 - xor $acc7,$s1,$s1 - dep $acc8,7,8,$acc11 - dep $acc12,7,8,$acc15 - dep $acc9,15,8,$acc11 - dep $acc13,15,8,$acc15 - dep $acc10,23,8,$acc11 - dep $acc14,23,8,$acc15 - xor $acc11,$s2,$s2 - - bv (%r31) - .EXIT - xor $acc15,$s3,$s3 - .PROCEND - - .section .rodata - .ALIGN 64 -L\$AES_Te - .WORD 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d - .WORD 0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554 - .WORD 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d - .WORD 0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a - .WORD 0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87 - .WORD 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b - .WORD 0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea - .WORD 0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b - .WORD 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a - .WORD 0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f - .WORD 0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108 - .WORD 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f - .WORD 0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e - .WORD 0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5 - .WORD 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d - .WORD 0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f - .WORD 0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e - .WORD 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb - .WORD 0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce - .WORD 0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497 - .WORD 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c - .WORD 0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed - .WORD 0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b - .WORD 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a - .WORD 0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16 - .WORD 0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594 - .WORD 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81 - .WORD 0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3 - .WORD 0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a - .WORD 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504 - .WORD 0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163 - .WORD 0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d - .WORD 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f - .WORD 0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739 - .WORD 0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47 - .WORD 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395 - .WORD 0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f - .WORD 0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883 - .WORD 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c - .WORD 0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76 - .WORD 0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e - .WORD 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4 - .WORD 0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6 - .WORD 0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b - .WORD 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7 - .WORD 0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0 - .WORD 0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25 - .WORD 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818 - .WORD 0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72 - .WORD 0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651 - .WORD 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21 - .WORD 0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85 - .WORD 0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa - .WORD 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12 - .WORD 0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0 - .WORD 0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9 - .WORD 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133 - .WORD 0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7 - .WORD 0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920 - .WORD 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a - .WORD 0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17 - .WORD 0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8 - .WORD 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11 - .WORD 0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a - .BYTE 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5 - .BYTE 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76 - .BYTE 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0 - .BYTE 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0 - .BYTE 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc - .BYTE 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15 - .BYTE 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a - .BYTE 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75 - .BYTE 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0 - .BYTE 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84 - .BYTE 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b - .BYTE 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf - .BYTE 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85 - .BYTE 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8 - .BYTE 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5 - .BYTE 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2 - .BYTE 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17 - .BYTE 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73 - .BYTE 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88 - .BYTE 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb - .BYTE 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c - .BYTE 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79 - .BYTE 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9 - .BYTE 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08 - .BYTE 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6 - .BYTE 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a - .BYTE 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e - .BYTE 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e - .BYTE 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94 - .BYTE 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf - .BYTE 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68 - .BYTE 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 - .previous -___ - -$code.=<<___; - .EXPORT aes_decrypt_internal,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR - .ALIGN 16 -aes_decrypt_internal - .PROC - .CALLINFO FRAME=`$FRAME-16*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=18 - .ENTRY - $PUSH %r2,-$SAVED_RP(%sp) ; standard prologue - $PUSHMA %r3,$FRAME(%sp) - $PUSH %r4,`-$FRAME+1*$SIZE_T`(%sp) - $PUSH %r5,`-$FRAME+2*$SIZE_T`(%sp) - $PUSH %r6,`-$FRAME+3*$SIZE_T`(%sp) - $PUSH %r7,`-$FRAME+4*$SIZE_T`(%sp) - $PUSH %r8,`-$FRAME+5*$SIZE_T`(%sp) - $PUSH %r9,`-$FRAME+6*$SIZE_T`(%sp) - $PUSH %r10,`-$FRAME+7*$SIZE_T`(%sp) - $PUSH %r11,`-$FRAME+8*$SIZE_T`(%sp) - $PUSH %r12,`-$FRAME+9*$SIZE_T`(%sp) - $PUSH %r13,`-$FRAME+10*$SIZE_T`(%sp) - $PUSH %r14,`-$FRAME+11*$SIZE_T`(%sp) - $PUSH %r15,`-$FRAME+12*$SIZE_T`(%sp) - $PUSH %r16,`-$FRAME+13*$SIZE_T`(%sp) - $PUSH %r17,`-$FRAME+14*$SIZE_T`(%sp) - $PUSH %r18,`-$FRAME+15*$SIZE_T`(%sp) - - ldi 3,$t0 -#ifdef __PIC__ - addil LT'L\$AES_Td, %r19 - ldw RT'L\$AES_Td(%r1), $tbl -#else - ldil L'L\$AES_Td, %t1 - ldo R'L\$AES_Td(%t1), $tbl -#endif - - and $inp,$t0,$t0 - sub $inp,$t0,$inp - ldw 0($inp),$s0 - ldw 4($inp),$s1 - ldw 8($inp),$s2 - comib,= 0,$t0,L\$dec_inp_aligned - ldw 12($inp),$s3 - - sh3addl $t0,%r0,$t0 - subi 32,$t0,$t0 - mtctl $t0,%cr11 - ldw 16($inp),$t1 - vshd $s0,$s1,$s0 - vshd $s1,$s2,$s1 - vshd $s2,$s3,$s2 - vshd $s3,$t1,$s3 - -L\$dec_inp_aligned - bl _parisc_AES_decrypt,%r31 - nop - - extru,<> $out,31,2,%r0 - b L\$dec_out_aligned - nop - - _srm $s0,24,$acc0 - _srm $s0,16,$acc1 - stb $acc0,0($out) - _srm $s0,8,$acc2 - stb $acc1,1($out) - _srm $s1,24,$acc4 - stb $acc2,2($out) - _srm $s1,16,$acc5 - stb $s0,3($out) - _srm $s1,8,$acc6 - stb $acc4,4($out) - _srm $s2,24,$acc0 - stb $acc5,5($out) - _srm $s2,16,$acc1 - stb $acc6,6($out) - _srm $s2,8,$acc2 - stb $s1,7($out) - _srm $s3,24,$acc4 - stb $acc0,8($out) - _srm $s3,16,$acc5 - stb $acc1,9($out) - _srm $s3,8,$acc6 - stb $acc2,10($out) - stb $s2,11($out) - stb $acc4,12($out) - stb $acc5,13($out) - stb $acc6,14($out) - b L\$dec_done - stb $s3,15($out) - -L\$dec_out_aligned - stw $s0,0($out) - stw $s1,4($out) - stw $s2,8($out) - stw $s3,12($out) - -L\$dec_done - $POP `-$FRAME-$SAVED_RP`(%sp),%r2 ; standard epilogue - $POP `-$FRAME+1*$SIZE_T`(%sp),%r4 - $POP `-$FRAME+2*$SIZE_T`(%sp),%r5 - $POP `-$FRAME+3*$SIZE_T`(%sp),%r6 - $POP `-$FRAME+4*$SIZE_T`(%sp),%r7 - $POP `-$FRAME+5*$SIZE_T`(%sp),%r8 - $POP `-$FRAME+6*$SIZE_T`(%sp),%r9 - $POP `-$FRAME+7*$SIZE_T`(%sp),%r10 - $POP `-$FRAME+8*$SIZE_T`(%sp),%r11 - $POP `-$FRAME+9*$SIZE_T`(%sp),%r12 - $POP `-$FRAME+10*$SIZE_T`(%sp),%r13 - $POP `-$FRAME+11*$SIZE_T`(%sp),%r14 - $POP `-$FRAME+12*$SIZE_T`(%sp),%r15 - $POP `-$FRAME+13*$SIZE_T`(%sp),%r16 - $POP `-$FRAME+14*$SIZE_T`(%sp),%r17 - $POP `-$FRAME+15*$SIZE_T`(%sp),%r18 - bv (%r2) - .EXIT - $POPMB -$FRAME(%sp),%r3 - .PROCEND - - .ALIGN 16 -_parisc_AES_decrypt - .PROC - .CALLINFO MILLICODE - .ENTRY - ldw 240($key),$rounds - ldw 0($key),$t0 - ldw 4($key),$t1 - ldw 8($key),$t2 - ldw 12($key),$t3 - _srm $rounds,1,$rounds - xor $t0,$s0,$s0 - ldw 16($key),$t0 - xor $t1,$s1,$s1 - ldw 20($key),$t1 - _srm $s0,24,$acc0 - xor $t2,$s2,$s2 - ldw 24($key),$t2 - xor $t3,$s3,$s3 - ldw 28($key),$t3 - _srm $s3,16,$acc1 -L\$dec_loop - _srm $s2,8,$acc2 - ldwx,s $acc0($tbl),$acc0 - _srm $s1,0,$acc3 - ldwx,s $acc1($tbl),$acc1 - _srm $s1,24,$acc4 - ldwx,s $acc2($tbl),$acc2 - _srm $s0,16,$acc5 - ldwx,s $acc3($tbl),$acc3 - _srm $s3,8,$acc6 - ldwx,s $acc4($tbl),$acc4 - _srm $s2,0,$acc7 - ldwx,s $acc5($tbl),$acc5 - _srm $s2,24,$acc8 - ldwx,s $acc6($tbl),$acc6 - _srm $s1,16,$acc9 - ldwx,s $acc7($tbl),$acc7 - _srm $s0,8,$acc10 - ldwx,s $acc8($tbl),$acc8 - _srm $s3,0,$acc11 - ldwx,s $acc9($tbl),$acc9 - _srm $s3,24,$acc12 - ldwx,s $acc10($tbl),$acc10 - _srm $s2,16,$acc13 - ldwx,s $acc11($tbl),$acc11 - _srm $s1,8,$acc14 - ldwx,s $acc12($tbl),$acc12 - _srm $s0,0,$acc15 - ldwx,s $acc13($tbl),$acc13 - ldwx,s $acc14($tbl),$acc14 - ldwx,s $acc15($tbl),$acc15 - addib,= -1,$rounds,L\$dec_last - ldo 32($key),$key - - _ror $acc1,8,$acc1 - xor $acc0,$t0,$t0 - ldw 0($key),$s0 - _ror $acc2,16,$acc2 - xor $acc1,$t0,$t0 - ldw 4($key),$s1 - _ror $acc3,24,$acc3 - xor $acc2,$t0,$t0 - ldw 8($key),$s2 - _ror $acc5,8,$acc5 - xor $acc3,$t0,$t0 - ldw 12($key),$s3 - _ror $acc6,16,$acc6 - xor $acc4,$t1,$t1 - _ror $acc7,24,$acc7 - xor $acc5,$t1,$t1 - _ror $acc9,8,$acc9 - xor $acc6,$t1,$t1 - _ror $acc10,16,$acc10 - xor $acc7,$t1,$t1 - _ror $acc11,24,$acc11 - xor $acc8,$t2,$t2 - _ror $acc13,8,$acc13 - xor $acc9,$t2,$t2 - _ror $acc14,16,$acc14 - xor $acc10,$t2,$t2 - _ror $acc15,24,$acc15 - xor $acc11,$t2,$t2 - xor $acc12,$acc14,$acc14 - xor $acc13,$t3,$t3 - _srm $t0,24,$acc0 - xor $acc14,$t3,$t3 - xor $acc15,$t3,$t3 - _srm $t3,16,$acc1 - - _srm $t2,8,$acc2 - ldwx,s $acc0($tbl),$acc0 - _srm $t1,0,$acc3 - ldwx,s $acc1($tbl),$acc1 - _srm $t1,24,$acc4 - ldwx,s $acc2($tbl),$acc2 - _srm $t0,16,$acc5 - ldwx,s $acc3($tbl),$acc3 - _srm $t3,8,$acc6 - ldwx,s $acc4($tbl),$acc4 - _srm $t2,0,$acc7 - ldwx,s $acc5($tbl),$acc5 - _srm $t2,24,$acc8 - ldwx,s $acc6($tbl),$acc6 - _srm $t1,16,$acc9 - ldwx,s $acc7($tbl),$acc7 - _srm $t0,8,$acc10 - ldwx,s $acc8($tbl),$acc8 - _srm $t3,0,$acc11 - ldwx,s $acc9($tbl),$acc9 - _srm $t3,24,$acc12 - ldwx,s $acc10($tbl),$acc10 - _srm $t2,16,$acc13 - ldwx,s $acc11($tbl),$acc11 - _srm $t1,8,$acc14 - ldwx,s $acc12($tbl),$acc12 - _srm $t0,0,$acc15 - ldwx,s $acc13($tbl),$acc13 - _ror $acc1,8,$acc1 - ldwx,s $acc14($tbl),$acc14 - - _ror $acc2,16,$acc2 - xor $acc0,$s0,$s0 - ldwx,s $acc15($tbl),$acc15 - _ror $acc3,24,$acc3 - xor $acc1,$s0,$s0 - ldw 16($key),$t0 - _ror $acc5,8,$acc5 - xor $acc2,$s0,$s0 - ldw 20($key),$t1 - _ror $acc6,16,$acc6 - xor $acc3,$s0,$s0 - ldw 24($key),$t2 - _ror $acc7,24,$acc7 - xor $acc4,$s1,$s1 - ldw 28($key),$t3 - _ror $acc9,8,$acc9 - xor $acc5,$s1,$s1 - ldw 1024+0($tbl),%r0 ; prefetch td4 - _ror $acc10,16,$acc10 - xor $acc6,$s1,$s1 - ldw 1024+32($tbl),%r0 ; prefetch td4 - _ror $acc11,24,$acc11 - xor $acc7,$s1,$s1 - ldw 1024+64($tbl),%r0 ; prefetch td4 - _ror $acc13,8,$acc13 - xor $acc8,$s2,$s2 - ldw 1024+96($tbl),%r0 ; prefetch td4 - _ror $acc14,16,$acc14 - xor $acc9,$s2,$s2 - ldw 1024+128($tbl),%r0 ; prefetch td4 - _ror $acc15,24,$acc15 - xor $acc10,$s2,$s2 - ldw 1024+160($tbl),%r0 ; prefetch td4 - _srm $s0,24,$acc0 - xor $acc11,$s2,$s2 - ldw 1024+192($tbl),%r0 ; prefetch td4 - xor $acc12,$acc14,$acc14 - xor $acc13,$s3,$s3 - ldw 1024+224($tbl),%r0 ; prefetch td4 - xor $acc14,$s3,$s3 - xor $acc15,$s3,$s3 - b L\$dec_loop - _srm $s3,16,$acc1 - - .ALIGN 16 -L\$dec_last - ldo 1024($tbl),$rounds - _ror $acc1,8,$acc1 - xor $acc0,$t0,$t0 - ldw 0($key),$s0 - _ror $acc2,16,$acc2 - xor $acc1,$t0,$t0 - ldw 4($key),$s1 - _ror $acc3,24,$acc3 - xor $acc2,$t0,$t0 - ldw 8($key),$s2 - _ror $acc5,8,$acc5 - xor $acc3,$t0,$t0 - ldw 12($key),$s3 - _ror $acc6,16,$acc6 - xor $acc4,$t1,$t1 - _ror $acc7,24,$acc7 - xor $acc5,$t1,$t1 - _ror $acc9,8,$acc9 - xor $acc6,$t1,$t1 - _ror $acc10,16,$acc10 - xor $acc7,$t1,$t1 - _ror $acc11,24,$acc11 - xor $acc8,$t2,$t2 - _ror $acc13,8,$acc13 - xor $acc9,$t2,$t2 - _ror $acc14,16,$acc14 - xor $acc10,$t2,$t2 - _ror $acc15,24,$acc15 - xor $acc11,$t2,$t2 - xor $acc12,$acc14,$acc14 - xor $acc13,$t3,$t3 - _srm $t0,24,$acc0 - xor $acc14,$t3,$t3 - xor $acc15,$t3,$t3 - _srm $t3,16,$acc1 - - _srm $t2,8,$acc2 - ldbx $acc0($rounds),$acc0 - _srm $t1,24,$acc4 - ldbx $acc1($rounds),$acc1 - _srm $t0,16,$acc5 - _srm $t1,0,$acc3 - ldbx $acc2($rounds),$acc2 - ldbx $acc3($rounds),$acc3 - _srm $t3,8,$acc6 - ldbx $acc4($rounds),$acc4 - _srm $t2,24,$acc8 - ldbx $acc5($rounds),$acc5 - _srm $t1,16,$acc9 - _srm $t2,0,$acc7 - ldbx $acc6($rounds),$acc6 - ldbx $acc7($rounds),$acc7 - _srm $t0,8,$acc10 - ldbx $acc8($rounds),$acc8 - _srm $t3,24,$acc12 - ldbx $acc9($rounds),$acc9 - _srm $t2,16,$acc13 - _srm $t3,0,$acc11 - ldbx $acc10($rounds),$acc10 - _srm $t1,8,$acc14 - ldbx $acc11($rounds),$acc11 - ldbx $acc12($rounds),$acc12 - ldbx $acc13($rounds),$acc13 - _srm $t0,0,$acc15 - ldbx $acc14($rounds),$acc14 - - dep $acc0,7,8,$acc3 - ldbx $acc15($rounds),$acc15 - dep $acc4,7,8,$acc7 - dep $acc1,15,8,$acc3 - dep $acc5,15,8,$acc7 - dep $acc2,23,8,$acc3 - dep $acc6,23,8,$acc7 - xor $acc3,$s0,$s0 - xor $acc7,$s1,$s1 - dep $acc8,7,8,$acc11 - dep $acc12,7,8,$acc15 - dep $acc9,15,8,$acc11 - dep $acc13,15,8,$acc15 - dep $acc10,23,8,$acc11 - dep $acc14,23,8,$acc15 - xor $acc11,$s2,$s2 - - bv (%r31) - .EXIT - xor $acc15,$s3,$s3 - .PROCEND - - .section .rodata - .ALIGN 64 -L\$AES_Td - .WORD 0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96 - .WORD 0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393 - .WORD 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25 - .WORD 0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f - .WORD 0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1 - .WORD 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6 - .WORD 0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da - .WORD 0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844 - .WORD 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd - .WORD 0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4 - .WORD 0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45 - .WORD 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94 - .WORD 0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7 - .WORD 0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a - .WORD 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5 - .WORD 0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c - .WORD 0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1 - .WORD 0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a - .WORD 0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75 - .WORD 0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051 - .WORD 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46 - .WORD 0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff - .WORD 0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77 - .WORD 0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb - .WORD 0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000 - .WORD 0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e - .WORD 0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927 - .WORD 0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a - .WORD 0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e - .WORD 0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16 - .WORD 0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d - .WORD 0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8 - .WORD 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd - .WORD 0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34 - .WORD 0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163 - .WORD 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120 - .WORD 0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d - .WORD 0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0 - .WORD 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422 - .WORD 0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef - .WORD 0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36 - .WORD 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4 - .WORD 0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662 - .WORD 0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5 - .WORD 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3 - .WORD 0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b - .WORD 0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8 - .WORD 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6 - .WORD 0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6 - .WORD 0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0 - .WORD 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815 - .WORD 0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f - .WORD 0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df - .WORD 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f - .WORD 0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e - .WORD 0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713 - .WORD 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89 - .WORD 0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c - .WORD 0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf - .WORD 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86 - .WORD 0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f - .WORD 0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541 - .WORD 0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190 - .WORD 0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742 - .BYTE 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38 - .BYTE 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb - .BYTE 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87 - .BYTE 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb - .BYTE 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d - .BYTE 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e - .BYTE 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2 - .BYTE 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25 - .BYTE 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16 - .BYTE 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92 - .BYTE 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda - .BYTE 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84 - .BYTE 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a - .BYTE 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06 - .BYTE 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02 - .BYTE 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b - .BYTE 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea - .BYTE 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73 - .BYTE 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85 - .BYTE 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e - .BYTE 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89 - .BYTE 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b - .BYTE 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20 - .BYTE 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4 - .BYTE 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31 - .BYTE 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f - .BYTE 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d - .BYTE 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef - .BYTE 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0 - .BYTE 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61 - .BYTE 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26 - .BYTE 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d - .previous -___ - -foreach (split("\n",$code)) { - s/\`([^\`]*)\`/eval $1/ge; - - # translate made up instructons: _ror, _srm - s/_ror(\s+)(%r[0-9]+),/shd$1$2,$2,/ or - - s/_srm(\s+%r[0-9]+),([0-9]+),/ - $SIZE_T==4 ? sprintf("extru%s,%d,8,",$1,31-$2) - : sprintf("extrd,u%s,%d,8,",$1,63-$2)/e; - - s/,\*/,/ if ($SIZE_T==4); - s/\bbv\b(.*\(%r2\))/bve$1/ if ($SIZE_T==8); - print $_,"\n"; -} -close STDOUT; diff --git a/src/lib/libcrypto/aes/asm/aes-ppc.pl b/src/lib/libcrypto/aes/asm/aes-ppc.pl deleted file mode 100644 index 178ba56b3e..0000000000 --- a/src/lib/libcrypto/aes/asm/aes-ppc.pl +++ /dev/null @@ -1,1344 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# Needs more work: key setup, CBC routine... -# -# ppc_AES_[en|de]crypt perform at 18 cycles per byte processed with -# 128-bit key, which is ~40% better than 64-bit code generated by gcc -# 4.0. But these are not the ones currently used! Their "compact" -# counterparts are, for security reason. ppc_AES_encrypt_compact runs -# at 1/2 of ppc_AES_encrypt speed, while ppc_AES_decrypt_compact - -# at 1/3 of ppc_AES_decrypt. - -# February 2010 -# -# Rescheduling instructions to favour Power6 pipeline gave 10% -# performance improvement on the platform in question (and marginal -# improvement even on others). It should be noted that Power6 fails -# to process byte in 18 cycles, only in 23, because it fails to issue -# 4 load instructions in two cycles, only in 3. As result non-compact -# block subroutines are 25% slower than one would expect. Compact -# functions scale better, because they have pure computational part, -# which scales perfectly with clock frequency. To be specific -# ppc_AES_encrypt_compact operates at 42 cycles per byte, while -# ppc_AES_decrypt_compact - at 55 (in 64-bit build). - -$flavour = shift; - -if ($flavour =~ /64/) { - $SIZE_T =8; - $LRSAVE =2*$SIZE_T; - $STU ="stdu"; - $POP ="ld"; - $PUSH ="std"; -} elsif ($flavour =~ /32/) { - $SIZE_T =4; - $LRSAVE =$SIZE_T; - $STU ="stwu"; - $POP ="lwz"; - $PUSH ="stw"; -} else { die "nonsense $flavour"; } - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or -( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or -die "can't locate ppc-xlate.pl"; - -open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!"; - -$FRAME=32*$SIZE_T; - -sub _data_word() -{ my $i; - while(defined($i=shift)) { $code.=sprintf"\t.long\t0x%08x,0x%08x\n",$i,$i; } -} - -$sp="r1"; -$toc="r2"; -$inp="r3"; -$out="r4"; -$key="r5"; - -$Tbl0="r3"; -$Tbl1="r6"; -$Tbl2="r7"; -$Tbl3="r2"; - -$s0="r8"; -$s1="r9"; -$s2="r10"; -$s3="r11"; - -$t0="r12"; -$t1="r13"; -$t2="r14"; -$t3="r15"; - -$acc00="r16"; -$acc01="r17"; -$acc02="r18"; -$acc03="r19"; - -$acc04="r20"; -$acc05="r21"; -$acc06="r22"; -$acc07="r23"; - -$acc08="r24"; -$acc09="r25"; -$acc10="r26"; -$acc11="r27"; - -$acc12="r28"; -$acc13="r29"; -$acc14="r30"; -$acc15="r31"; - -# stay away from TLS pointer -if ($SIZE_T==8) { die if ($t1 ne "r13"); $t1="r0"; } -else { die if ($Tbl3 ne "r2"); $Tbl3=$t0; $t0="r0"; } -$mask80=$Tbl2; -$mask1b=$Tbl3; - -$code.=<<___; -.machine "any" -.text - -.align 7 -LAES_Te: - mflr r0 - bcl 20,31,\$+4 - mflr $Tbl0 ; vvvvv "distance" between . and 1st data entry - addi $Tbl0,$Tbl0,`128-8` - mtlr r0 - blr - .space `64-12*4` -LAES_Td: - mflr r0 - bcl 20,31,\$+4 - mflr $Tbl0 ; vvvvvvvv "distance" between . and 1st data entry - addi $Tbl0,$Tbl0,`128-64-8+2048+256` - mtlr r0 - blr - .space `128-64-12*4` -___ -&_data_word( - 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d, - 0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554, - 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d, - 0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a, - 0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87, - 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b, - 0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea, - 0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b, - 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a, - 0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f, - 0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108, - 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f, - 0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e, - 0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5, - 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d, - 0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f, - 0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e, - 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb, - 0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce, - 0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497, - 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c, - 0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed, - 0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b, - 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a, - 0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16, - 0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594, - 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81, - 0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3, - 0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a, - 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504, - 0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163, - 0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d, - 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f, - 0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739, - 0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47, - 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395, - 0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f, - 0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883, - 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c, - 0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76, - 0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e, - 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4, - 0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6, - 0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b, - 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7, - 0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0, - 0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25, - 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818, - 0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72, - 0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651, - 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21, - 0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85, - 0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa, - 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12, - 0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0, - 0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9, - 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133, - 0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7, - 0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920, - 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a, - 0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17, - 0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8, - 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11, - 0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a); -$code.=<<___; -.byte 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5 -.byte 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76 -.byte 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0 -.byte 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0 -.byte 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc -.byte 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15 -.byte 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a -.byte 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75 -.byte 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0 -.byte 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84 -.byte 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b -.byte 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf -.byte 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85 -.byte 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8 -.byte 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5 -.byte 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2 -.byte 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17 -.byte 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73 -.byte 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88 -.byte 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb -.byte 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c -.byte 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79 -.byte 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9 -.byte 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08 -.byte 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6 -.byte 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a -.byte 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e -.byte 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e -.byte 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94 -.byte 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf -.byte 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68 -.byte 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 -___ -&_data_word( - 0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96, - 0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393, - 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25, - 0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f, - 0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1, - 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6, - 0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da, - 0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844, - 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd, - 0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4, - 0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45, - 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94, - 0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7, - 0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a, - 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5, - 0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c, - 0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1, - 0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a, - 0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75, - 0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051, - 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46, - 0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff, - 0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77, - 0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb, - 0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000, - 0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e, - 0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927, - 0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a, - 0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e, - 0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16, - 0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d, - 0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8, - 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd, - 0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34, - 0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163, - 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120, - 0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d, - 0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0, - 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422, - 0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef, - 0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36, - 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4, - 0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662, - 0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5, - 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3, - 0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b, - 0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8, - 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6, - 0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6, - 0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0, - 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815, - 0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f, - 0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df, - 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f, - 0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e, - 0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713, - 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89, - 0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c, - 0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf, - 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86, - 0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f, - 0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541, - 0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190, - 0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742); -$code.=<<___; -.byte 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38 -.byte 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb -.byte 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87 -.byte 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb -.byte 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d -.byte 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e -.byte 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2 -.byte 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25 -.byte 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16 -.byte 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92 -.byte 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda -.byte 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84 -.byte 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a -.byte 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06 -.byte 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02 -.byte 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b -.byte 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea -.byte 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73 -.byte 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85 -.byte 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e -.byte 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89 -.byte 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b -.byte 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20 -.byte 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4 -.byte 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31 -.byte 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f -.byte 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d -.byte 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef -.byte 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0 -.byte 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61 -.byte 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26 -.byte 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d - - -.globl .aes_encrypt_internal -.align 7 -.aes_encrypt_internal: - $STU $sp,-$FRAME($sp) - mflr r0 - - $PUSH $toc,`$FRAME-$SIZE_T*20`($sp) - $PUSH r13,`$FRAME-$SIZE_T*19`($sp) - $PUSH r14,`$FRAME-$SIZE_T*18`($sp) - $PUSH r15,`$FRAME-$SIZE_T*17`($sp) - $PUSH r16,`$FRAME-$SIZE_T*16`($sp) - $PUSH r17,`$FRAME-$SIZE_T*15`($sp) - $PUSH r18,`$FRAME-$SIZE_T*14`($sp) - $PUSH r19,`$FRAME-$SIZE_T*13`($sp) - $PUSH r20,`$FRAME-$SIZE_T*12`($sp) - $PUSH r21,`$FRAME-$SIZE_T*11`($sp) - $PUSH r22,`$FRAME-$SIZE_T*10`($sp) - $PUSH r23,`$FRAME-$SIZE_T*9`($sp) - $PUSH r24,`$FRAME-$SIZE_T*8`($sp) - $PUSH r25,`$FRAME-$SIZE_T*7`($sp) - $PUSH r26,`$FRAME-$SIZE_T*6`($sp) - $PUSH r27,`$FRAME-$SIZE_T*5`($sp) - $PUSH r28,`$FRAME-$SIZE_T*4`($sp) - $PUSH r29,`$FRAME-$SIZE_T*3`($sp) - $PUSH r30,`$FRAME-$SIZE_T*2`($sp) - $PUSH r31,`$FRAME-$SIZE_T*1`($sp) - $PUSH r0,`$FRAME+$LRSAVE`($sp) - - andi. $t0,$inp,3 - andi. $t1,$out,3 - or. $t0,$t0,$t1 - bne Lenc_unaligned - -Lenc_unaligned_ok: - lwz $s0,0($inp) - lwz $s1,4($inp) - lwz $s2,8($inp) - lwz $s3,12($inp) - bl LAES_Te - bl Lppc_AES_encrypt_compact - stw $s0,0($out) - stw $s1,4($out) - stw $s2,8($out) - stw $s3,12($out) - b Lenc_done - -Lenc_unaligned: - subfic $t0,$inp,4096 - subfic $t1,$out,4096 - andi. $t0,$t0,4096-16 - beq Lenc_xpage - andi. $t1,$t1,4096-16 - bne Lenc_unaligned_ok - -Lenc_xpage: - lbz $acc00,0($inp) - lbz $acc01,1($inp) - lbz $acc02,2($inp) - lbz $s0,3($inp) - lbz $acc04,4($inp) - lbz $acc05,5($inp) - lbz $acc06,6($inp) - lbz $s1,7($inp) - lbz $acc08,8($inp) - lbz $acc09,9($inp) - lbz $acc10,10($inp) - insrwi $s0,$acc00,8,0 - lbz $s2,11($inp) - insrwi $s1,$acc04,8,0 - lbz $acc12,12($inp) - insrwi $s0,$acc01,8,8 - lbz $acc13,13($inp) - insrwi $s1,$acc05,8,8 - lbz $acc14,14($inp) - insrwi $s0,$acc02,8,16 - lbz $s3,15($inp) - insrwi $s1,$acc06,8,16 - insrwi $s2,$acc08,8,0 - insrwi $s3,$acc12,8,0 - insrwi $s2,$acc09,8,8 - insrwi $s3,$acc13,8,8 - insrwi $s2,$acc10,8,16 - insrwi $s3,$acc14,8,16 - - bl LAES_Te - bl Lppc_AES_encrypt_compact - - extrwi $acc00,$s0,8,0 - extrwi $acc01,$s0,8,8 - stb $acc00,0($out) - extrwi $acc02,$s0,8,16 - stb $acc01,1($out) - stb $acc02,2($out) - extrwi $acc04,$s1,8,0 - stb $s0,3($out) - extrwi $acc05,$s1,8,8 - stb $acc04,4($out) - extrwi $acc06,$s1,8,16 - stb $acc05,5($out) - stb $acc06,6($out) - extrwi $acc08,$s2,8,0 - stb $s1,7($out) - extrwi $acc09,$s2,8,8 - stb $acc08,8($out) - extrwi $acc10,$s2,8,16 - stb $acc09,9($out) - stb $acc10,10($out) - extrwi $acc12,$s3,8,0 - stb $s2,11($out) - extrwi $acc13,$s3,8,8 - stb $acc12,12($out) - extrwi $acc14,$s3,8,16 - stb $acc13,13($out) - stb $acc14,14($out) - stb $s3,15($out) - -Lenc_done: - $POP r0,`$FRAME+$LRSAVE`($sp) - $POP $toc,`$FRAME-$SIZE_T*20`($sp) - $POP r13,`$FRAME-$SIZE_T*19`($sp) - $POP r14,`$FRAME-$SIZE_T*18`($sp) - $POP r15,`$FRAME-$SIZE_T*17`($sp) - $POP r16,`$FRAME-$SIZE_T*16`($sp) - $POP r17,`$FRAME-$SIZE_T*15`($sp) - $POP r18,`$FRAME-$SIZE_T*14`($sp) - $POP r19,`$FRAME-$SIZE_T*13`($sp) - $POP r20,`$FRAME-$SIZE_T*12`($sp) - $POP r21,`$FRAME-$SIZE_T*11`($sp) - $POP r22,`$FRAME-$SIZE_T*10`($sp) - $POP r23,`$FRAME-$SIZE_T*9`($sp) - $POP r24,`$FRAME-$SIZE_T*8`($sp) - $POP r25,`$FRAME-$SIZE_T*7`($sp) - $POP r26,`$FRAME-$SIZE_T*6`($sp) - $POP r27,`$FRAME-$SIZE_T*5`($sp) - $POP r28,`$FRAME-$SIZE_T*4`($sp) - $POP r29,`$FRAME-$SIZE_T*3`($sp) - $POP r30,`$FRAME-$SIZE_T*2`($sp) - $POP r31,`$FRAME-$SIZE_T*1`($sp) - mtlr r0 - addi $sp,$sp,$FRAME - blr - -.align 5 -Lppc_AES_encrypt: - lwz $acc00,240($key) - addi $Tbl1,$Tbl0,3 - lwz $t0,0($key) - addi $Tbl2,$Tbl0,2 - lwz $t1,4($key) - addi $Tbl3,$Tbl0,1 - lwz $t2,8($key) - addi $acc00,$acc00,-1 - lwz $t3,12($key) - addi $key,$key,16 - xor $s0,$s0,$t0 - xor $s1,$s1,$t1 - xor $s2,$s2,$t2 - xor $s3,$s3,$t3 - mtctr $acc00 -.align 4 -Lenc_loop: - rlwinm $acc00,$s0,`32-24+3`,21,28 - rlwinm $acc01,$s1,`32-24+3`,21,28 - rlwinm $acc02,$s2,`32-24+3`,21,28 - rlwinm $acc03,$s3,`32-24+3`,21,28 - lwz $t0,0($key) - rlwinm $acc04,$s1,`32-16+3`,21,28 - lwz $t1,4($key) - rlwinm $acc05,$s2,`32-16+3`,21,28 - lwz $t2,8($key) - rlwinm $acc06,$s3,`32-16+3`,21,28 - lwz $t3,12($key) - rlwinm $acc07,$s0,`32-16+3`,21,28 - lwzx $acc00,$Tbl0,$acc00 - rlwinm $acc08,$s2,`32-8+3`,21,28 - lwzx $acc01,$Tbl0,$acc01 - rlwinm $acc09,$s3,`32-8+3`,21,28 - lwzx $acc02,$Tbl0,$acc02 - rlwinm $acc10,$s0,`32-8+3`,21,28 - lwzx $acc03,$Tbl0,$acc03 - rlwinm $acc11,$s1,`32-8+3`,21,28 - lwzx $acc04,$Tbl1,$acc04 - rlwinm $acc12,$s3,`0+3`,21,28 - lwzx $acc05,$Tbl1,$acc05 - rlwinm $acc13,$s0,`0+3`,21,28 - lwzx $acc06,$Tbl1,$acc06 - rlwinm $acc14,$s1,`0+3`,21,28 - lwzx $acc07,$Tbl1,$acc07 - rlwinm $acc15,$s2,`0+3`,21,28 - lwzx $acc08,$Tbl2,$acc08 - xor $t0,$t0,$acc00 - lwzx $acc09,$Tbl2,$acc09 - xor $t1,$t1,$acc01 - lwzx $acc10,$Tbl2,$acc10 - xor $t2,$t2,$acc02 - lwzx $acc11,$Tbl2,$acc11 - xor $t3,$t3,$acc03 - lwzx $acc12,$Tbl3,$acc12 - xor $t0,$t0,$acc04 - lwzx $acc13,$Tbl3,$acc13 - xor $t1,$t1,$acc05 - lwzx $acc14,$Tbl3,$acc14 - xor $t2,$t2,$acc06 - lwzx $acc15,$Tbl3,$acc15 - xor $t3,$t3,$acc07 - xor $t0,$t0,$acc08 - xor $t1,$t1,$acc09 - xor $t2,$t2,$acc10 - xor $t3,$t3,$acc11 - xor $s0,$t0,$acc12 - xor $s1,$t1,$acc13 - xor $s2,$t2,$acc14 - xor $s3,$t3,$acc15 - addi $key,$key,16 - bdnz- Lenc_loop - - addi $Tbl2,$Tbl0,2048 - nop - lwz $t0,0($key) - rlwinm $acc00,$s0,`32-24`,24,31 - lwz $t1,4($key) - rlwinm $acc01,$s1,`32-24`,24,31 - lwz $t2,8($key) - rlwinm $acc02,$s2,`32-24`,24,31 - lwz $t3,12($key) - rlwinm $acc03,$s3,`32-24`,24,31 - lwz $acc08,`2048+0`($Tbl0) ! prefetch Te4 - rlwinm $acc04,$s1,`32-16`,24,31 - lwz $acc09,`2048+32`($Tbl0) - rlwinm $acc05,$s2,`32-16`,24,31 - lwz $acc10,`2048+64`($Tbl0) - rlwinm $acc06,$s3,`32-16`,24,31 - lwz $acc11,`2048+96`($Tbl0) - rlwinm $acc07,$s0,`32-16`,24,31 - lwz $acc12,`2048+128`($Tbl0) - rlwinm $acc08,$s2,`32-8`,24,31 - lwz $acc13,`2048+160`($Tbl0) - rlwinm $acc09,$s3,`32-8`,24,31 - lwz $acc14,`2048+192`($Tbl0) - rlwinm $acc10,$s0,`32-8`,24,31 - lwz $acc15,`2048+224`($Tbl0) - rlwinm $acc11,$s1,`32-8`,24,31 - lbzx $acc00,$Tbl2,$acc00 - rlwinm $acc12,$s3,`0`,24,31 - lbzx $acc01,$Tbl2,$acc01 - rlwinm $acc13,$s0,`0`,24,31 - lbzx $acc02,$Tbl2,$acc02 - rlwinm $acc14,$s1,`0`,24,31 - lbzx $acc03,$Tbl2,$acc03 - rlwinm $acc15,$s2,`0`,24,31 - lbzx $acc04,$Tbl2,$acc04 - rlwinm $s0,$acc00,24,0,7 - lbzx $acc05,$Tbl2,$acc05 - rlwinm $s1,$acc01,24,0,7 - lbzx $acc06,$Tbl2,$acc06 - rlwinm $s2,$acc02,24,0,7 - lbzx $acc07,$Tbl2,$acc07 - rlwinm $s3,$acc03,24,0,7 - lbzx $acc08,$Tbl2,$acc08 - rlwimi $s0,$acc04,16,8,15 - lbzx $acc09,$Tbl2,$acc09 - rlwimi $s1,$acc05,16,8,15 - lbzx $acc10,$Tbl2,$acc10 - rlwimi $s2,$acc06,16,8,15 - lbzx $acc11,$Tbl2,$acc11 - rlwimi $s3,$acc07,16,8,15 - lbzx $acc12,$Tbl2,$acc12 - rlwimi $s0,$acc08,8,16,23 - lbzx $acc13,$Tbl2,$acc13 - rlwimi $s1,$acc09,8,16,23 - lbzx $acc14,$Tbl2,$acc14 - rlwimi $s2,$acc10,8,16,23 - lbzx $acc15,$Tbl2,$acc15 - rlwimi $s3,$acc11,8,16,23 - or $s0,$s0,$acc12 - or $s1,$s1,$acc13 - or $s2,$s2,$acc14 - or $s3,$s3,$acc15 - xor $s0,$s0,$t0 - xor $s1,$s1,$t1 - xor $s2,$s2,$t2 - xor $s3,$s3,$t3 - blr - -.align 4 -Lppc_AES_encrypt_compact: - lwz $acc00,240($key) - addi $Tbl1,$Tbl0,2048 - lwz $t0,0($key) - lis $mask80,0x8080 - lwz $t1,4($key) - lis $mask1b,0x1b1b - lwz $t2,8($key) - ori $mask80,$mask80,0x8080 - lwz $t3,12($key) - ori $mask1b,$mask1b,0x1b1b - addi $key,$key,16 - mtctr $acc00 -.align 4 -Lenc_compact_loop: - xor $s0,$s0,$t0 - xor $s1,$s1,$t1 - rlwinm $acc00,$s0,`32-24`,24,31 - xor $s2,$s2,$t2 - rlwinm $acc01,$s1,`32-24`,24,31 - xor $s3,$s3,$t3 - rlwinm $acc02,$s2,`32-24`,24,31 - rlwinm $acc03,$s3,`32-24`,24,31 - rlwinm $acc04,$s1,`32-16`,24,31 - rlwinm $acc05,$s2,`32-16`,24,31 - rlwinm $acc06,$s3,`32-16`,24,31 - rlwinm $acc07,$s0,`32-16`,24,31 - lbzx $acc00,$Tbl1,$acc00 - rlwinm $acc08,$s2,`32-8`,24,31 - lbzx $acc01,$Tbl1,$acc01 - rlwinm $acc09,$s3,`32-8`,24,31 - lbzx $acc02,$Tbl1,$acc02 - rlwinm $acc10,$s0,`32-8`,24,31 - lbzx $acc03,$Tbl1,$acc03 - rlwinm $acc11,$s1,`32-8`,24,31 - lbzx $acc04,$Tbl1,$acc04 - rlwinm $acc12,$s3,`0`,24,31 - lbzx $acc05,$Tbl1,$acc05 - rlwinm $acc13,$s0,`0`,24,31 - lbzx $acc06,$Tbl1,$acc06 - rlwinm $acc14,$s1,`0`,24,31 - lbzx $acc07,$Tbl1,$acc07 - rlwinm $acc15,$s2,`0`,24,31 - lbzx $acc08,$Tbl1,$acc08 - rlwinm $s0,$acc00,24,0,7 - lbzx $acc09,$Tbl1,$acc09 - rlwinm $s1,$acc01,24,0,7 - lbzx $acc10,$Tbl1,$acc10 - rlwinm $s2,$acc02,24,0,7 - lbzx $acc11,$Tbl1,$acc11 - rlwinm $s3,$acc03,24,0,7 - lbzx $acc12,$Tbl1,$acc12 - rlwimi $s0,$acc04,16,8,15 - lbzx $acc13,$Tbl1,$acc13 - rlwimi $s1,$acc05,16,8,15 - lbzx $acc14,$Tbl1,$acc14 - rlwimi $s2,$acc06,16,8,15 - lbzx $acc15,$Tbl1,$acc15 - rlwimi $s3,$acc07,16,8,15 - rlwimi $s0,$acc08,8,16,23 - rlwimi $s1,$acc09,8,16,23 - rlwimi $s2,$acc10,8,16,23 - rlwimi $s3,$acc11,8,16,23 - lwz $t0,0($key) - or $s0,$s0,$acc12 - lwz $t1,4($key) - or $s1,$s1,$acc13 - lwz $t2,8($key) - or $s2,$s2,$acc14 - lwz $t3,12($key) - or $s3,$s3,$acc15 - - addi $key,$key,16 - bdz Lenc_compact_done - - and $acc00,$s0,$mask80 # r1=r0&0x80808080 - and $acc01,$s1,$mask80 - and $acc02,$s2,$mask80 - and $acc03,$s3,$mask80 - srwi $acc04,$acc00,7 # r1>>7 - andc $acc08,$s0,$mask80 # r0&0x7f7f7f7f - srwi $acc05,$acc01,7 - andc $acc09,$s1,$mask80 - srwi $acc06,$acc02,7 - andc $acc10,$s2,$mask80 - srwi $acc07,$acc03,7 - andc $acc11,$s3,$mask80 - sub $acc00,$acc00,$acc04 # r1-(r1>>7) - sub $acc01,$acc01,$acc05 - sub $acc02,$acc02,$acc06 - sub $acc03,$acc03,$acc07 - add $acc08,$acc08,$acc08 # (r0&0x7f7f7f7f)<<1 - add $acc09,$acc09,$acc09 - add $acc10,$acc10,$acc10 - add $acc11,$acc11,$acc11 - and $acc00,$acc00,$mask1b # (r1-(r1>>7))&0x1b1b1b1b - and $acc01,$acc01,$mask1b - and $acc02,$acc02,$mask1b - and $acc03,$acc03,$mask1b - xor $acc00,$acc00,$acc08 # r2 - xor $acc01,$acc01,$acc09 - rotlwi $acc12,$s0,16 # ROTATE(r0,16) - xor $acc02,$acc02,$acc10 - rotlwi $acc13,$s1,16 - xor $acc03,$acc03,$acc11 - rotlwi $acc14,$s2,16 - - xor $s0,$s0,$acc00 # r0^r2 - rotlwi $acc15,$s3,16 - xor $s1,$s1,$acc01 - rotrwi $s0,$s0,24 # ROTATE(r2^r0,24) - xor $s2,$s2,$acc02 - rotrwi $s1,$s1,24 - xor $s3,$s3,$acc03 - rotrwi $s2,$s2,24 - xor $s0,$s0,$acc00 # ROTATE(r2^r0,24)^r2 - rotrwi $s3,$s3,24 - xor $s1,$s1,$acc01 - xor $s2,$s2,$acc02 - xor $s3,$s3,$acc03 - rotlwi $acc08,$acc12,8 # ROTATE(r0,24) - xor $s0,$s0,$acc12 # - rotlwi $acc09,$acc13,8 - xor $s1,$s1,$acc13 - rotlwi $acc10,$acc14,8 - xor $s2,$s2,$acc14 - rotlwi $acc11,$acc15,8 - xor $s3,$s3,$acc15 - xor $s0,$s0,$acc08 # - xor $s1,$s1,$acc09 - xor $s2,$s2,$acc10 - xor $s3,$s3,$acc11 - - b Lenc_compact_loop -.align 4 -Lenc_compact_done: - xor $s0,$s0,$t0 - xor $s1,$s1,$t1 - xor $s2,$s2,$t2 - xor $s3,$s3,$t3 - blr - -.globl .aes_decrypt_internal -.align 7 -.aes_decrypt_internal: - $STU $sp,-$FRAME($sp) - mflr r0 - - $PUSH $toc,`$FRAME-$SIZE_T*20`($sp) - $PUSH r13,`$FRAME-$SIZE_T*19`($sp) - $PUSH r14,`$FRAME-$SIZE_T*18`($sp) - $PUSH r15,`$FRAME-$SIZE_T*17`($sp) - $PUSH r16,`$FRAME-$SIZE_T*16`($sp) - $PUSH r17,`$FRAME-$SIZE_T*15`($sp) - $PUSH r18,`$FRAME-$SIZE_T*14`($sp) - $PUSH r19,`$FRAME-$SIZE_T*13`($sp) - $PUSH r20,`$FRAME-$SIZE_T*12`($sp) - $PUSH r21,`$FRAME-$SIZE_T*11`($sp) - $PUSH r22,`$FRAME-$SIZE_T*10`($sp) - $PUSH r23,`$FRAME-$SIZE_T*9`($sp) - $PUSH r24,`$FRAME-$SIZE_T*8`($sp) - $PUSH r25,`$FRAME-$SIZE_T*7`($sp) - $PUSH r26,`$FRAME-$SIZE_T*6`($sp) - $PUSH r27,`$FRAME-$SIZE_T*5`($sp) - $PUSH r28,`$FRAME-$SIZE_T*4`($sp) - $PUSH r29,`$FRAME-$SIZE_T*3`($sp) - $PUSH r30,`$FRAME-$SIZE_T*2`($sp) - $PUSH r31,`$FRAME-$SIZE_T*1`($sp) - $PUSH r0,`$FRAME+$LRSAVE`($sp) - - andi. $t0,$inp,3 - andi. $t1,$out,3 - or. $t0,$t0,$t1 - bne Ldec_unaligned - -Ldec_unaligned_ok: - lwz $s0,0($inp) - lwz $s1,4($inp) - lwz $s2,8($inp) - lwz $s3,12($inp) - bl LAES_Td - bl Lppc_AES_decrypt_compact - stw $s0,0($out) - stw $s1,4($out) - stw $s2,8($out) - stw $s3,12($out) - b Ldec_done - -Ldec_unaligned: - subfic $t0,$inp,4096 - subfic $t1,$out,4096 - andi. $t0,$t0,4096-16 - beq Ldec_xpage - andi. $t1,$t1,4096-16 - bne Ldec_unaligned_ok - -Ldec_xpage: - lbz $acc00,0($inp) - lbz $acc01,1($inp) - lbz $acc02,2($inp) - lbz $s0,3($inp) - lbz $acc04,4($inp) - lbz $acc05,5($inp) - lbz $acc06,6($inp) - lbz $s1,7($inp) - lbz $acc08,8($inp) - lbz $acc09,9($inp) - lbz $acc10,10($inp) - insrwi $s0,$acc00,8,0 - lbz $s2,11($inp) - insrwi $s1,$acc04,8,0 - lbz $acc12,12($inp) - insrwi $s0,$acc01,8,8 - lbz $acc13,13($inp) - insrwi $s1,$acc05,8,8 - lbz $acc14,14($inp) - insrwi $s0,$acc02,8,16 - lbz $s3,15($inp) - insrwi $s1,$acc06,8,16 - insrwi $s2,$acc08,8,0 - insrwi $s3,$acc12,8,0 - insrwi $s2,$acc09,8,8 - insrwi $s3,$acc13,8,8 - insrwi $s2,$acc10,8,16 - insrwi $s3,$acc14,8,16 - - bl LAES_Td - bl Lppc_AES_decrypt_compact - - extrwi $acc00,$s0,8,0 - extrwi $acc01,$s0,8,8 - stb $acc00,0($out) - extrwi $acc02,$s0,8,16 - stb $acc01,1($out) - stb $acc02,2($out) - extrwi $acc04,$s1,8,0 - stb $s0,3($out) - extrwi $acc05,$s1,8,8 - stb $acc04,4($out) - extrwi $acc06,$s1,8,16 - stb $acc05,5($out) - stb $acc06,6($out) - extrwi $acc08,$s2,8,0 - stb $s1,7($out) - extrwi $acc09,$s2,8,8 - stb $acc08,8($out) - extrwi $acc10,$s2,8,16 - stb $acc09,9($out) - stb $acc10,10($out) - extrwi $acc12,$s3,8,0 - stb $s2,11($out) - extrwi $acc13,$s3,8,8 - stb $acc12,12($out) - extrwi $acc14,$s3,8,16 - stb $acc13,13($out) - stb $acc14,14($out) - stb $s3,15($out) - -Ldec_done: - $POP r0,`$FRAME+$LRSAVE`($sp) - $POP $toc,`$FRAME-$SIZE_T*20`($sp) - $POP r13,`$FRAME-$SIZE_T*19`($sp) - $POP r14,`$FRAME-$SIZE_T*18`($sp) - $POP r15,`$FRAME-$SIZE_T*17`($sp) - $POP r16,`$FRAME-$SIZE_T*16`($sp) - $POP r17,`$FRAME-$SIZE_T*15`($sp) - $POP r18,`$FRAME-$SIZE_T*14`($sp) - $POP r19,`$FRAME-$SIZE_T*13`($sp) - $POP r20,`$FRAME-$SIZE_T*12`($sp) - $POP r21,`$FRAME-$SIZE_T*11`($sp) - $POP r22,`$FRAME-$SIZE_T*10`($sp) - $POP r23,`$FRAME-$SIZE_T*9`($sp) - $POP r24,`$FRAME-$SIZE_T*8`($sp) - $POP r25,`$FRAME-$SIZE_T*7`($sp) - $POP r26,`$FRAME-$SIZE_T*6`($sp) - $POP r27,`$FRAME-$SIZE_T*5`($sp) - $POP r28,`$FRAME-$SIZE_T*4`($sp) - $POP r29,`$FRAME-$SIZE_T*3`($sp) - $POP r30,`$FRAME-$SIZE_T*2`($sp) - $POP r31,`$FRAME-$SIZE_T*1`($sp) - mtlr r0 - addi $sp,$sp,$FRAME - blr - -.align 5 -Lppc_AES_decrypt: - lwz $acc00,240($key) - addi $Tbl1,$Tbl0,3 - lwz $t0,0($key) - addi $Tbl2,$Tbl0,2 - lwz $t1,4($key) - addi $Tbl3,$Tbl0,1 - lwz $t2,8($key) - addi $acc00,$acc00,-1 - lwz $t3,12($key) - addi $key,$key,16 - xor $s0,$s0,$t0 - xor $s1,$s1,$t1 - xor $s2,$s2,$t2 - xor $s3,$s3,$t3 - mtctr $acc00 -.align 4 -Ldec_loop: - rlwinm $acc00,$s0,`32-24+3`,21,28 - rlwinm $acc01,$s1,`32-24+3`,21,28 - rlwinm $acc02,$s2,`32-24+3`,21,28 - rlwinm $acc03,$s3,`32-24+3`,21,28 - lwz $t0,0($key) - rlwinm $acc04,$s3,`32-16+3`,21,28 - lwz $t1,4($key) - rlwinm $acc05,$s0,`32-16+3`,21,28 - lwz $t2,8($key) - rlwinm $acc06,$s1,`32-16+3`,21,28 - lwz $t3,12($key) - rlwinm $acc07,$s2,`32-16+3`,21,28 - lwzx $acc00,$Tbl0,$acc00 - rlwinm $acc08,$s2,`32-8+3`,21,28 - lwzx $acc01,$Tbl0,$acc01 - rlwinm $acc09,$s3,`32-8+3`,21,28 - lwzx $acc02,$Tbl0,$acc02 - rlwinm $acc10,$s0,`32-8+3`,21,28 - lwzx $acc03,$Tbl0,$acc03 - rlwinm $acc11,$s1,`32-8+3`,21,28 - lwzx $acc04,$Tbl1,$acc04 - rlwinm $acc12,$s1,`0+3`,21,28 - lwzx $acc05,$Tbl1,$acc05 - rlwinm $acc13,$s2,`0+3`,21,28 - lwzx $acc06,$Tbl1,$acc06 - rlwinm $acc14,$s3,`0+3`,21,28 - lwzx $acc07,$Tbl1,$acc07 - rlwinm $acc15,$s0,`0+3`,21,28 - lwzx $acc08,$Tbl2,$acc08 - xor $t0,$t0,$acc00 - lwzx $acc09,$Tbl2,$acc09 - xor $t1,$t1,$acc01 - lwzx $acc10,$Tbl2,$acc10 - xor $t2,$t2,$acc02 - lwzx $acc11,$Tbl2,$acc11 - xor $t3,$t3,$acc03 - lwzx $acc12,$Tbl3,$acc12 - xor $t0,$t0,$acc04 - lwzx $acc13,$Tbl3,$acc13 - xor $t1,$t1,$acc05 - lwzx $acc14,$Tbl3,$acc14 - xor $t2,$t2,$acc06 - lwzx $acc15,$Tbl3,$acc15 - xor $t3,$t3,$acc07 - xor $t0,$t0,$acc08 - xor $t1,$t1,$acc09 - xor $t2,$t2,$acc10 - xor $t3,$t3,$acc11 - xor $s0,$t0,$acc12 - xor $s1,$t1,$acc13 - xor $s2,$t2,$acc14 - xor $s3,$t3,$acc15 - addi $key,$key,16 - bdnz- Ldec_loop - - addi $Tbl2,$Tbl0,2048 - nop - lwz $t0,0($key) - rlwinm $acc00,$s0,`32-24`,24,31 - lwz $t1,4($key) - rlwinm $acc01,$s1,`32-24`,24,31 - lwz $t2,8($key) - rlwinm $acc02,$s2,`32-24`,24,31 - lwz $t3,12($key) - rlwinm $acc03,$s3,`32-24`,24,31 - lwz $acc08,`2048+0`($Tbl0) ! prefetch Td4 - rlwinm $acc04,$s3,`32-16`,24,31 - lwz $acc09,`2048+32`($Tbl0) - rlwinm $acc05,$s0,`32-16`,24,31 - lwz $acc10,`2048+64`($Tbl0) - lbzx $acc00,$Tbl2,$acc00 - lwz $acc11,`2048+96`($Tbl0) - lbzx $acc01,$Tbl2,$acc01 - lwz $acc12,`2048+128`($Tbl0) - rlwinm $acc06,$s1,`32-16`,24,31 - lwz $acc13,`2048+160`($Tbl0) - rlwinm $acc07,$s2,`32-16`,24,31 - lwz $acc14,`2048+192`($Tbl0) - rlwinm $acc08,$s2,`32-8`,24,31 - lwz $acc15,`2048+224`($Tbl0) - rlwinm $acc09,$s3,`32-8`,24,31 - lbzx $acc02,$Tbl2,$acc02 - rlwinm $acc10,$s0,`32-8`,24,31 - lbzx $acc03,$Tbl2,$acc03 - rlwinm $acc11,$s1,`32-8`,24,31 - lbzx $acc04,$Tbl2,$acc04 - rlwinm $acc12,$s1,`0`,24,31 - lbzx $acc05,$Tbl2,$acc05 - rlwinm $acc13,$s2,`0`,24,31 - lbzx $acc06,$Tbl2,$acc06 - rlwinm $acc14,$s3,`0`,24,31 - lbzx $acc07,$Tbl2,$acc07 - rlwinm $acc15,$s0,`0`,24,31 - lbzx $acc08,$Tbl2,$acc08 - rlwinm $s0,$acc00,24,0,7 - lbzx $acc09,$Tbl2,$acc09 - rlwinm $s1,$acc01,24,0,7 - lbzx $acc10,$Tbl2,$acc10 - rlwinm $s2,$acc02,24,0,7 - lbzx $acc11,$Tbl2,$acc11 - rlwinm $s3,$acc03,24,0,7 - lbzx $acc12,$Tbl2,$acc12 - rlwimi $s0,$acc04,16,8,15 - lbzx $acc13,$Tbl2,$acc13 - rlwimi $s1,$acc05,16,8,15 - lbzx $acc14,$Tbl2,$acc14 - rlwimi $s2,$acc06,16,8,15 - lbzx $acc15,$Tbl2,$acc15 - rlwimi $s3,$acc07,16,8,15 - rlwimi $s0,$acc08,8,16,23 - rlwimi $s1,$acc09,8,16,23 - rlwimi $s2,$acc10,8,16,23 - rlwimi $s3,$acc11,8,16,23 - or $s0,$s0,$acc12 - or $s1,$s1,$acc13 - or $s2,$s2,$acc14 - or $s3,$s3,$acc15 - xor $s0,$s0,$t0 - xor $s1,$s1,$t1 - xor $s2,$s2,$t2 - xor $s3,$s3,$t3 - blr - -.align 4 -Lppc_AES_decrypt_compact: - lwz $acc00,240($key) - addi $Tbl1,$Tbl0,2048 - lwz $t0,0($key) - lis $mask80,0x8080 - lwz $t1,4($key) - lis $mask1b,0x1b1b - lwz $t2,8($key) - ori $mask80,$mask80,0x8080 - lwz $t3,12($key) - ori $mask1b,$mask1b,0x1b1b - addi $key,$key,16 -___ -$code.=<<___ if ($SIZE_T==8); - insrdi $mask80,$mask80,32,0 - insrdi $mask1b,$mask1b,32,0 -___ -$code.=<<___; - mtctr $acc00 -.align 4 -Ldec_compact_loop: - xor $s0,$s0,$t0 - xor $s1,$s1,$t1 - rlwinm $acc00,$s0,`32-24`,24,31 - xor $s2,$s2,$t2 - rlwinm $acc01,$s1,`32-24`,24,31 - xor $s3,$s3,$t3 - rlwinm $acc02,$s2,`32-24`,24,31 - rlwinm $acc03,$s3,`32-24`,24,31 - rlwinm $acc04,$s3,`32-16`,24,31 - rlwinm $acc05,$s0,`32-16`,24,31 - rlwinm $acc06,$s1,`32-16`,24,31 - rlwinm $acc07,$s2,`32-16`,24,31 - lbzx $acc00,$Tbl1,$acc00 - rlwinm $acc08,$s2,`32-8`,24,31 - lbzx $acc01,$Tbl1,$acc01 - rlwinm $acc09,$s3,`32-8`,24,31 - lbzx $acc02,$Tbl1,$acc02 - rlwinm $acc10,$s0,`32-8`,24,31 - lbzx $acc03,$Tbl1,$acc03 - rlwinm $acc11,$s1,`32-8`,24,31 - lbzx $acc04,$Tbl1,$acc04 - rlwinm $acc12,$s1,`0`,24,31 - lbzx $acc05,$Tbl1,$acc05 - rlwinm $acc13,$s2,`0`,24,31 - lbzx $acc06,$Tbl1,$acc06 - rlwinm $acc14,$s3,`0`,24,31 - lbzx $acc07,$Tbl1,$acc07 - rlwinm $acc15,$s0,`0`,24,31 - lbzx $acc08,$Tbl1,$acc08 - rlwinm $s0,$acc00,24,0,7 - lbzx $acc09,$Tbl1,$acc09 - rlwinm $s1,$acc01,24,0,7 - lbzx $acc10,$Tbl1,$acc10 - rlwinm $s2,$acc02,24,0,7 - lbzx $acc11,$Tbl1,$acc11 - rlwinm $s3,$acc03,24,0,7 - lbzx $acc12,$Tbl1,$acc12 - rlwimi $s0,$acc04,16,8,15 - lbzx $acc13,$Tbl1,$acc13 - rlwimi $s1,$acc05,16,8,15 - lbzx $acc14,$Tbl1,$acc14 - rlwimi $s2,$acc06,16,8,15 - lbzx $acc15,$Tbl1,$acc15 - rlwimi $s3,$acc07,16,8,15 - rlwimi $s0,$acc08,8,16,23 - rlwimi $s1,$acc09,8,16,23 - rlwimi $s2,$acc10,8,16,23 - rlwimi $s3,$acc11,8,16,23 - lwz $t0,0($key) - or $s0,$s0,$acc12 - lwz $t1,4($key) - or $s1,$s1,$acc13 - lwz $t2,8($key) - or $s2,$s2,$acc14 - lwz $t3,12($key) - or $s3,$s3,$acc15 - - addi $key,$key,16 - bdz Ldec_compact_done -___ -$code.=<<___ if ($SIZE_T==8); - # vectorized permutation improves decrypt performance by 10% - insrdi $s0,$s1,32,0 - insrdi $s2,$s3,32,0 - - and $acc00,$s0,$mask80 # r1=r0&0x80808080 - and $acc02,$s2,$mask80 - srdi $acc04,$acc00,7 # r1>>7 - srdi $acc06,$acc02,7 - andc $acc08,$s0,$mask80 # r0&0x7f7f7f7f - andc $acc10,$s2,$mask80 - sub $acc00,$acc00,$acc04 # r1-(r1>>7) - sub $acc02,$acc02,$acc06 - add $acc08,$acc08,$acc08 # (r0&0x7f7f7f7f)<<1 - add $acc10,$acc10,$acc10 - and $acc00,$acc00,$mask1b # (r1-(r1>>7))&0x1b1b1b1b - and $acc02,$acc02,$mask1b - xor $acc00,$acc00,$acc08 # r2 - xor $acc02,$acc02,$acc10 - - and $acc04,$acc00,$mask80 # r1=r2&0x80808080 - and $acc06,$acc02,$mask80 - srdi $acc08,$acc04,7 # r1>>7 - srdi $acc10,$acc06,7 - andc $acc12,$acc00,$mask80 # r2&0x7f7f7f7f - andc $acc14,$acc02,$mask80 - sub $acc04,$acc04,$acc08 # r1-(r1>>7) - sub $acc06,$acc06,$acc10 - add $acc12,$acc12,$acc12 # (r2&0x7f7f7f7f)<<1 - add $acc14,$acc14,$acc14 - and $acc04,$acc04,$mask1b # (r1-(r1>>7))&0x1b1b1b1b - and $acc06,$acc06,$mask1b - xor $acc04,$acc04,$acc12 # r4 - xor $acc06,$acc06,$acc14 - - and $acc08,$acc04,$mask80 # r1=r4&0x80808080 - and $acc10,$acc06,$mask80 - srdi $acc12,$acc08,7 # r1>>7 - srdi $acc14,$acc10,7 - sub $acc08,$acc08,$acc12 # r1-(r1>>7) - sub $acc10,$acc10,$acc14 - andc $acc12,$acc04,$mask80 # r4&0x7f7f7f7f - andc $acc14,$acc06,$mask80 - add $acc12,$acc12,$acc12 # (r4&0x7f7f7f7f)<<1 - add $acc14,$acc14,$acc14 - and $acc08,$acc08,$mask1b # (r1-(r1>>7))&0x1b1b1b1b - and $acc10,$acc10,$mask1b - xor $acc08,$acc08,$acc12 # r8 - xor $acc10,$acc10,$acc14 - - xor $acc00,$acc00,$s0 # r2^r0 - xor $acc02,$acc02,$s2 - xor $acc04,$acc04,$s0 # r4^r0 - xor $acc06,$acc06,$s2 - - extrdi $acc01,$acc00,32,0 - extrdi $acc03,$acc02,32,0 - extrdi $acc05,$acc04,32,0 - extrdi $acc07,$acc06,32,0 - extrdi $acc09,$acc08,32,0 - extrdi $acc11,$acc10,32,0 -___ -$code.=<<___ if ($SIZE_T==4); - and $acc00,$s0,$mask80 # r1=r0&0x80808080 - and $acc01,$s1,$mask80 - and $acc02,$s2,$mask80 - and $acc03,$s3,$mask80 - srwi $acc04,$acc00,7 # r1>>7 - andc $acc08,$s0,$mask80 # r0&0x7f7f7f7f - srwi $acc05,$acc01,7 - andc $acc09,$s1,$mask80 - srwi $acc06,$acc02,7 - andc $acc10,$s2,$mask80 - srwi $acc07,$acc03,7 - andc $acc11,$s3,$mask80 - sub $acc00,$acc00,$acc04 # r1-(r1>>7) - sub $acc01,$acc01,$acc05 - sub $acc02,$acc02,$acc06 - sub $acc03,$acc03,$acc07 - add $acc08,$acc08,$acc08 # (r0&0x7f7f7f7f)<<1 - add $acc09,$acc09,$acc09 - add $acc10,$acc10,$acc10 - add $acc11,$acc11,$acc11 - and $acc00,$acc00,$mask1b # (r1-(r1>>7))&0x1b1b1b1b - and $acc01,$acc01,$mask1b - and $acc02,$acc02,$mask1b - and $acc03,$acc03,$mask1b - xor $acc00,$acc00,$acc08 # r2 - xor $acc01,$acc01,$acc09 - xor $acc02,$acc02,$acc10 - xor $acc03,$acc03,$acc11 - - and $acc04,$acc00,$mask80 # r1=r2&0x80808080 - and $acc05,$acc01,$mask80 - and $acc06,$acc02,$mask80 - and $acc07,$acc03,$mask80 - srwi $acc08,$acc04,7 # r1>>7 - andc $acc12,$acc00,$mask80 # r2&0x7f7f7f7f - srwi $acc09,$acc05,7 - andc $acc13,$acc01,$mask80 - srwi $acc10,$acc06,7 - andc $acc14,$acc02,$mask80 - srwi $acc11,$acc07,7 - andc $acc15,$acc03,$mask80 - sub $acc04,$acc04,$acc08 # r1-(r1>>7) - sub $acc05,$acc05,$acc09 - sub $acc06,$acc06,$acc10 - sub $acc07,$acc07,$acc11 - add $acc12,$acc12,$acc12 # (r2&0x7f7f7f7f)<<1 - add $acc13,$acc13,$acc13 - add $acc14,$acc14,$acc14 - add $acc15,$acc15,$acc15 - and $acc04,$acc04,$mask1b # (r1-(r1>>7))&0x1b1b1b1b - and $acc05,$acc05,$mask1b - and $acc06,$acc06,$mask1b - and $acc07,$acc07,$mask1b - xor $acc04,$acc04,$acc12 # r4 - xor $acc05,$acc05,$acc13 - xor $acc06,$acc06,$acc14 - xor $acc07,$acc07,$acc15 - - and $acc08,$acc04,$mask80 # r1=r4&0x80808080 - and $acc09,$acc05,$mask80 - srwi $acc12,$acc08,7 # r1>>7 - and $acc10,$acc06,$mask80 - srwi $acc13,$acc09,7 - and $acc11,$acc07,$mask80 - srwi $acc14,$acc10,7 - sub $acc08,$acc08,$acc12 # r1-(r1>>7) - srwi $acc15,$acc11,7 - sub $acc09,$acc09,$acc13 - sub $acc10,$acc10,$acc14 - sub $acc11,$acc11,$acc15 - andc $acc12,$acc04,$mask80 # r4&0x7f7f7f7f - andc $acc13,$acc05,$mask80 - andc $acc14,$acc06,$mask80 - andc $acc15,$acc07,$mask80 - add $acc12,$acc12,$acc12 # (r4&0x7f7f7f7f)<<1 - add $acc13,$acc13,$acc13 - add $acc14,$acc14,$acc14 - add $acc15,$acc15,$acc15 - and $acc08,$acc08,$mask1b # (r1-(r1>>7))&0x1b1b1b1b - and $acc09,$acc09,$mask1b - and $acc10,$acc10,$mask1b - and $acc11,$acc11,$mask1b - xor $acc08,$acc08,$acc12 # r8 - xor $acc09,$acc09,$acc13 - xor $acc10,$acc10,$acc14 - xor $acc11,$acc11,$acc15 - - xor $acc00,$acc00,$s0 # r2^r0 - xor $acc01,$acc01,$s1 - xor $acc02,$acc02,$s2 - xor $acc03,$acc03,$s3 - xor $acc04,$acc04,$s0 # r4^r0 - xor $acc05,$acc05,$s1 - xor $acc06,$acc06,$s2 - xor $acc07,$acc07,$s3 -___ -$code.=<<___; - rotrwi $s0,$s0,8 # = ROTATE(r0,8) - rotrwi $s1,$s1,8 - xor $s0,$s0,$acc00 # ^= r2^r0 - rotrwi $s2,$s2,8 - xor $s1,$s1,$acc01 - rotrwi $s3,$s3,8 - xor $s2,$s2,$acc02 - xor $s3,$s3,$acc03 - xor $acc00,$acc00,$acc08 - xor $acc01,$acc01,$acc09 - xor $acc02,$acc02,$acc10 - xor $acc03,$acc03,$acc11 - xor $s0,$s0,$acc04 # ^= r4^r0 - rotrwi $acc00,$acc00,24 - xor $s1,$s1,$acc05 - rotrwi $acc01,$acc01,24 - xor $s2,$s2,$acc06 - rotrwi $acc02,$acc02,24 - xor $s3,$s3,$acc07 - rotrwi $acc03,$acc03,24 - xor $acc04,$acc04,$acc08 - xor $acc05,$acc05,$acc09 - xor $acc06,$acc06,$acc10 - xor $acc07,$acc07,$acc11 - xor $s0,$s0,$acc08 # ^= r8 [^((r4^r0)^(r2^r0)=r4^r2)] - rotrwi $acc04,$acc04,16 - xor $s1,$s1,$acc09 - rotrwi $acc05,$acc05,16 - xor $s2,$s2,$acc10 - rotrwi $acc06,$acc06,16 - xor $s3,$s3,$acc11 - rotrwi $acc07,$acc07,16 - xor $s0,$s0,$acc00 # ^= ROTATE(r8^r2^r0,24) - rotrwi $acc08,$acc08,8 - xor $s1,$s1,$acc01 - rotrwi $acc09,$acc09,8 - xor $s2,$s2,$acc02 - rotrwi $acc10,$acc10,8 - xor $s3,$s3,$acc03 - rotrwi $acc11,$acc11,8 - xor $s0,$s0,$acc04 # ^= ROTATE(r8^r4^r0,16) - xor $s1,$s1,$acc05 - xor $s2,$s2,$acc06 - xor $s3,$s3,$acc07 - xor $s0,$s0,$acc08 # ^= ROTATE(r8,8) - xor $s1,$s1,$acc09 - xor $s2,$s2,$acc10 - xor $s3,$s3,$acc11 - - b Ldec_compact_loop -.align 4 -Ldec_compact_done: - xor $s0,$s0,$t0 - xor $s1,$s1,$t1 - xor $s2,$s2,$t2 - xor $s3,$s3,$t3 - blr -___ - -$code =~ s/\`([^\`]*)\`/eval $1/gem; -print $code; -close STDOUT; diff --git a/src/lib/libcrypto/aes/asm/aes-sparcv9.pl b/src/lib/libcrypto/aes/asm/aes-sparcv9.pl deleted file mode 100755 index 1348d09594..0000000000 --- a/src/lib/libcrypto/aes/asm/aes-sparcv9.pl +++ /dev/null @@ -1,1217 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. Rights for redistribution and usage in source and binary -# forms are granted according to the OpenSSL license. -# ==================================================================== -# -# Version 1.1 -# -# The major reason for undertaken effort was to mitigate the hazard of -# cache-timing attack. This is [currently and initially!] addressed in -# two ways. 1. S-boxes are compressed from 5KB to 2KB+256B size each. -# 2. References to them are scheduled for L2 cache latency, meaning -# that the tables don't have to reside in L1 cache. Once again, this -# is an initial draft and one should expect more countermeasures to -# be implemented... -# -# Version 1.1 prefetches T[ed]4 in order to mitigate attack on last -# round. -# -# Even though performance was not the primary goal [on the contrary, -# extra shifts "induced" by compressed S-box and longer loop epilogue -# "induced" by scheduling for L2 have negative effect on performance], -# the code turned out to run in ~23 cycles per processed byte en-/ -# decrypted with 128-bit key. This is pretty good result for code -# with mentioned qualities and UltraSPARC core. Compared to Sun C -# generated code my encrypt procedure runs just few percents faster, -# while decrypt one - whole 50% faster [yes, Sun C failed to generate -# optimal decrypt procedure]. Compared to GNU C generated code both -# procedures are more than 60% faster:-) - -$bits=32; -for (@ARGV) { $bits=64 if (/\-m64/ || /\-xarch\=v9/); } -if ($bits==64) { $bias=2047; $frame=192; } -else { $bias=0; $frame=112; } -$locals=16; - -$acc0="%l0"; -$acc1="%o0"; -$acc2="%o1"; -$acc3="%o2"; - -$acc4="%l1"; -$acc5="%o3"; -$acc6="%o4"; -$acc7="%o5"; - -$acc8="%l2"; -$acc9="%o7"; -$acc10="%g1"; -$acc11="%g2"; - -$acc12="%l3"; -$acc13="%g3"; -$acc14="%g4"; -$acc15="%g5"; - -$t0="%l4"; -$t1="%l5"; -$t2="%l6"; -$t3="%l7"; - -$s0="%i0"; -$s1="%i1"; -$s2="%i2"; -$s3="%i3"; -$tbl="%i4"; -$key="%i5"; -$rounds="%i7"; # aliases with return address, which is off-loaded to stack - -sub _data_word() -{ my $i; - while(defined($i=shift)) { $code.=sprintf"\t.long\t0x%08x,0x%08x\n",$i,$i; } -} - -$code.=<<___ if ($bits==64); -.register %g2,#scratch -.register %g3,#scratch -___ -$code.=<<___; -.section ".rodata",#alloc - -.align 256 -AES_Te: -___ -&_data_word( - 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d, - 0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554, - 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d, - 0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a, - 0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87, - 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b, - 0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea, - 0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b, - 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a, - 0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f, - 0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108, - 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f, - 0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e, - 0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5, - 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d, - 0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f, - 0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e, - 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb, - 0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce, - 0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497, - 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c, - 0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed, - 0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b, - 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a, - 0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16, - 0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594, - 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81, - 0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3, - 0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a, - 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504, - 0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163, - 0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d, - 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f, - 0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739, - 0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47, - 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395, - 0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f, - 0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883, - 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c, - 0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76, - 0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e, - 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4, - 0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6, - 0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b, - 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7, - 0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0, - 0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25, - 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818, - 0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72, - 0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651, - 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21, - 0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85, - 0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa, - 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12, - 0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0, - 0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9, - 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133, - 0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7, - 0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920, - 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a, - 0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17, - 0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8, - 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11, - 0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a); -$code.=<<___; - .byte 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5 - .byte 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76 - .byte 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0 - .byte 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0 - .byte 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc - .byte 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15 - .byte 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a - .byte 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75 - .byte 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0 - .byte 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84 - .byte 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b - .byte 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf - .byte 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85 - .byte 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8 - .byte 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5 - .byte 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2 - .byte 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17 - .byte 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73 - .byte 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88 - .byte 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb - .byte 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c - .byte 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79 - .byte 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9 - .byte 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08 - .byte 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6 - .byte 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a - .byte 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e - .byte 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e - .byte 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94 - .byte 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf - .byte 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68 - .byte 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 -.type AES_Te,#object -.size AES_Te,(.-AES_Te) - -.section ".text",#alloc,#execinstr -.align 64 -.skip 16 -_sparcv9_AES_encrypt: - save %sp,-$frame-$locals,%sp - stx %i7,[%sp+$bias+$frame+0] ! off-load return address - ld [$key+240],$rounds - ld [$key+0],$t0 - ld [$key+4],$t1 ! - ld [$key+8],$t2 - srl $rounds,1,$rounds - xor $t0,$s0,$s0 - ld [$key+12],$t3 - srl $s0,21,$acc0 - xor $t1,$s1,$s1 - ld [$key+16],$t0 - srl $s1,13,$acc1 ! - xor $t2,$s2,$s2 - ld [$key+20],$t1 - xor $t3,$s3,$s3 - ld [$key+24],$t2 - and $acc0,2040,$acc0 - ld [$key+28],$t3 - nop -.Lenc_loop: - srl $s2,5,$acc2 ! - and $acc1,2040,$acc1 - ldx [$tbl+$acc0],$acc0 - sll $s3,3,$acc3 - and $acc2,2040,$acc2 - ldx [$tbl+$acc1],$acc1 - srl $s1,21,$acc4 - and $acc3,2040,$acc3 - ldx [$tbl+$acc2],$acc2 ! - srl $s2,13,$acc5 - and $acc4,2040,$acc4 - ldx [$tbl+$acc3],$acc3 - srl $s3,5,$acc6 - and $acc5,2040,$acc5 - ldx [$tbl+$acc4],$acc4 - fmovs %f0,%f0 - sll $s0,3,$acc7 ! - and $acc6,2040,$acc6 - ldx [$tbl+$acc5],$acc5 - srl $s2,21,$acc8 - and $acc7,2040,$acc7 - ldx [$tbl+$acc6],$acc6 - srl $s3,13,$acc9 - and $acc8,2040,$acc8 - ldx [$tbl+$acc7],$acc7 ! - srl $s0,5,$acc10 - and $acc9,2040,$acc9 - ldx [$tbl+$acc8],$acc8 - sll $s1,3,$acc11 - and $acc10,2040,$acc10 - ldx [$tbl+$acc9],$acc9 - fmovs %f0,%f0 - srl $s3,21,$acc12 ! - and $acc11,2040,$acc11 - ldx [$tbl+$acc10],$acc10 - srl $s0,13,$acc13 - and $acc12,2040,$acc12 - ldx [$tbl+$acc11],$acc11 - srl $s1,5,$acc14 - and $acc13,2040,$acc13 - ldx [$tbl+$acc12],$acc12 ! - sll $s2,3,$acc15 - and $acc14,2040,$acc14 - ldx [$tbl+$acc13],$acc13 - and $acc15,2040,$acc15 - add $key,32,$key - ldx [$tbl+$acc14],$acc14 - fmovs %f0,%f0 - subcc $rounds,1,$rounds ! - ldx [$tbl+$acc15],$acc15 - bz,a,pn %icc,.Lenc_last - add $tbl,2048,$rounds - - srlx $acc1,8,$acc1 - xor $acc0,$t0,$t0 - ld [$key+0],$s0 - fmovs %f0,%f0 - srlx $acc2,16,$acc2 ! - xor $acc1,$t0,$t0 - ld [$key+4],$s1 - srlx $acc3,24,$acc3 - xor $acc2,$t0,$t0 - ld [$key+8],$s2 - srlx $acc5,8,$acc5 - xor $acc3,$t0,$t0 - ld [$key+12],$s3 ! - srlx $acc6,16,$acc6 - xor $acc4,$t1,$t1 - fmovs %f0,%f0 - srlx $acc7,24,$acc7 - xor $acc5,$t1,$t1 - srlx $acc9,8,$acc9 - xor $acc6,$t1,$t1 - srlx $acc10,16,$acc10 ! - xor $acc7,$t1,$t1 - srlx $acc11,24,$acc11 - xor $acc8,$t2,$t2 - srlx $acc13,8,$acc13 - xor $acc9,$t2,$t2 - srlx $acc14,16,$acc14 - xor $acc10,$t2,$t2 - srlx $acc15,24,$acc15 ! - xor $acc11,$t2,$t2 - xor $acc12,$acc14,$acc14 - xor $acc13,$t3,$t3 - srl $t0,21,$acc0 - xor $acc14,$t3,$t3 - srl $t1,13,$acc1 - xor $acc15,$t3,$t3 - - and $acc0,2040,$acc0 ! - srl $t2,5,$acc2 - and $acc1,2040,$acc1 - ldx [$tbl+$acc0],$acc0 - sll $t3,3,$acc3 - and $acc2,2040,$acc2 - ldx [$tbl+$acc1],$acc1 - fmovs %f0,%f0 - srl $t1,21,$acc4 ! - and $acc3,2040,$acc3 - ldx [$tbl+$acc2],$acc2 - srl $t2,13,$acc5 - and $acc4,2040,$acc4 - ldx [$tbl+$acc3],$acc3 - srl $t3,5,$acc6 - and $acc5,2040,$acc5 - ldx [$tbl+$acc4],$acc4 ! - sll $t0,3,$acc7 - and $acc6,2040,$acc6 - ldx [$tbl+$acc5],$acc5 - srl $t2,21,$acc8 - and $acc7,2040,$acc7 - ldx [$tbl+$acc6],$acc6 - fmovs %f0,%f0 - srl $t3,13,$acc9 ! - and $acc8,2040,$acc8 - ldx [$tbl+$acc7],$acc7 - srl $t0,5,$acc10 - and $acc9,2040,$acc9 - ldx [$tbl+$acc8],$acc8 - sll $t1,3,$acc11 - and $acc10,2040,$acc10 - ldx [$tbl+$acc9],$acc9 ! - srl $t3,21,$acc12 - and $acc11,2040,$acc11 - ldx [$tbl+$acc10],$acc10 - srl $t0,13,$acc13 - and $acc12,2040,$acc12 - ldx [$tbl+$acc11],$acc11 - fmovs %f0,%f0 - srl $t1,5,$acc14 ! - and $acc13,2040,$acc13 - ldx [$tbl+$acc12],$acc12 - sll $t2,3,$acc15 - and $acc14,2040,$acc14 - ldx [$tbl+$acc13],$acc13 - srlx $acc1,8,$acc1 - and $acc15,2040,$acc15 - ldx [$tbl+$acc14],$acc14 ! - - srlx $acc2,16,$acc2 - xor $acc0,$s0,$s0 - ldx [$tbl+$acc15],$acc15 - srlx $acc3,24,$acc3 - xor $acc1,$s0,$s0 - ld [$key+16],$t0 - fmovs %f0,%f0 - srlx $acc5,8,$acc5 ! - xor $acc2,$s0,$s0 - ld [$key+20],$t1 - srlx $acc6,16,$acc6 - xor $acc3,$s0,$s0 - ld [$key+24],$t2 - srlx $acc7,24,$acc7 - xor $acc4,$s1,$s1 - ld [$key+28],$t3 ! - srlx $acc9,8,$acc9 - xor $acc5,$s1,$s1 - ldx [$tbl+2048+0],%g0 ! prefetch te4 - srlx $acc10,16,$acc10 - xor $acc6,$s1,$s1 - ldx [$tbl+2048+32],%g0 ! prefetch te4 - srlx $acc11,24,$acc11 - xor $acc7,$s1,$s1 - ldx [$tbl+2048+64],%g0 ! prefetch te4 - srlx $acc13,8,$acc13 - xor $acc8,$s2,$s2 - ldx [$tbl+2048+96],%g0 ! prefetch te4 - srlx $acc14,16,$acc14 ! - xor $acc9,$s2,$s2 - ldx [$tbl+2048+128],%g0 ! prefetch te4 - srlx $acc15,24,$acc15 - xor $acc10,$s2,$s2 - ldx [$tbl+2048+160],%g0 ! prefetch te4 - srl $s0,21,$acc0 - xor $acc11,$s2,$s2 - ldx [$tbl+2048+192],%g0 ! prefetch te4 - xor $acc12,$acc14,$acc14 - xor $acc13,$s3,$s3 - ldx [$tbl+2048+224],%g0 ! prefetch te4 - srl $s1,13,$acc1 ! - xor $acc14,$s3,$s3 - xor $acc15,$s3,$s3 - ba .Lenc_loop - and $acc0,2040,$acc0 - -.align 32 -.Lenc_last: - srlx $acc1,8,$acc1 ! - xor $acc0,$t0,$t0 - ld [$key+0],$s0 - srlx $acc2,16,$acc2 - xor $acc1,$t0,$t0 - ld [$key+4],$s1 - srlx $acc3,24,$acc3 - xor $acc2,$t0,$t0 - ld [$key+8],$s2 ! - srlx $acc5,8,$acc5 - xor $acc3,$t0,$t0 - ld [$key+12],$s3 - srlx $acc6,16,$acc6 - xor $acc4,$t1,$t1 - srlx $acc7,24,$acc7 - xor $acc5,$t1,$t1 - srlx $acc9,8,$acc9 ! - xor $acc6,$t1,$t1 - srlx $acc10,16,$acc10 - xor $acc7,$t1,$t1 - srlx $acc11,24,$acc11 - xor $acc8,$t2,$t2 - srlx $acc13,8,$acc13 - xor $acc9,$t2,$t2 - srlx $acc14,16,$acc14 ! - xor $acc10,$t2,$t2 - srlx $acc15,24,$acc15 - xor $acc11,$t2,$t2 - xor $acc12,$acc14,$acc14 - xor $acc13,$t3,$t3 - srl $t0,24,$acc0 - xor $acc14,$t3,$t3 - srl $t1,16,$acc1 ! - xor $acc15,$t3,$t3 - - srl $t2,8,$acc2 - and $acc1,255,$acc1 - ldub [$rounds+$acc0],$acc0 - srl $t1,24,$acc4 - and $acc2,255,$acc2 - ldub [$rounds+$acc1],$acc1 - srl $t2,16,$acc5 ! - and $t3,255,$acc3 - ldub [$rounds+$acc2],$acc2 - ldub [$rounds+$acc3],$acc3 - srl $t3,8,$acc6 - and $acc5,255,$acc5 - ldub [$rounds+$acc4],$acc4 - fmovs %f0,%f0 - srl $t2,24,$acc8 ! - and $acc6,255,$acc6 - ldub [$rounds+$acc5],$acc5 - srl $t3,16,$acc9 - and $t0,255,$acc7 - ldub [$rounds+$acc6],$acc6 - ldub [$rounds+$acc7],$acc7 - fmovs %f0,%f0 - srl $t0,8,$acc10 ! - and $acc9,255,$acc9 - ldub [$rounds+$acc8],$acc8 - srl $t3,24,$acc12 - and $acc10,255,$acc10 - ldub [$rounds+$acc9],$acc9 - srl $t0,16,$acc13 - and $t1,255,$acc11 - ldub [$rounds+$acc10],$acc10 ! - srl $t1,8,$acc14 - and $acc13,255,$acc13 - ldub [$rounds+$acc11],$acc11 - ldub [$rounds+$acc12],$acc12 - and $acc14,255,$acc14 - ldub [$rounds+$acc13],$acc13 - and $t2,255,$acc15 - ldub [$rounds+$acc14],$acc14 ! - - sll $acc0,24,$acc0 - xor $acc3,$s0,$s0 - ldub [$rounds+$acc15],$acc15 - sll $acc1,16,$acc1 - xor $acc0,$s0,$s0 - ldx [%sp+$bias+$frame+0],%i7 ! restore return address - fmovs %f0,%f0 - sll $acc2,8,$acc2 ! - xor $acc1,$s0,$s0 - sll $acc4,24,$acc4 - xor $acc2,$s0,$s0 - sll $acc5,16,$acc5 - xor $acc7,$s1,$s1 - sll $acc6,8,$acc6 - xor $acc4,$s1,$s1 - sll $acc8,24,$acc8 ! - xor $acc5,$s1,$s1 - sll $acc9,16,$acc9 - xor $acc11,$s2,$s2 - sll $acc10,8,$acc10 - xor $acc6,$s1,$s1 - sll $acc12,24,$acc12 - xor $acc8,$s2,$s2 - sll $acc13,16,$acc13 ! - xor $acc9,$s2,$s2 - sll $acc14,8,$acc14 - xor $acc10,$s2,$s2 - xor $acc12,$acc14,$acc14 - xor $acc13,$s3,$s3 - xor $acc14,$s3,$s3 - xor $acc15,$s3,$s3 - - ret - restore -.type _sparcv9_AES_encrypt,#function -.size _sparcv9_AES_encrypt,(.-_sparcv9_AES_encrypt) - -.align 32 -.globl aes_encrypt_internal -aes_encrypt_internal: - save %sp,-$frame,%sp -#ifdef __PIC__ - sethi %hi(_GLOBAL_OFFSET_TABLE_-4), %o5 - rd %pc, %o4 - or %o5, %lo(_GLOBAL_OFFSET_TABLE_+4), %o5 - add %o5, %o4, %o5 -#endif - - or %i0,%i1,%g1 - andcc %g1,3,%g0 - bnz,pn %xcc,.Lunaligned_enc - nop - - ld [%i0+0],%o0 - ld [%i0+4],%o1 - ld [%i0+8],%o2 - ld [%i0+12],%o3 - -#ifdef __PIC__ - set AES_Te, %o4 - ldx [%o4+%o5], %o4 -#else - set AES_Te, %o4 -#endif - call _sparcv9_AES_encrypt - mov %i2,%o5 - - st %o0,[%i1+0] - st %o1,[%i1+4] - st %o2,[%i1+8] - st %o3,[%i1+12] - - ret - restore - -.align 32 -.Lunaligned_enc: - ldub [%i0+0],%l0 - ldub [%i0+1],%l1 - ldub [%i0+2],%l2 - - sll %l0,24,%l0 - ldub [%i0+3],%l3 - sll %l1,16,%l1 - ldub [%i0+4],%l4 - sll %l2,8,%l2 - or %l1,%l0,%l0 - ldub [%i0+5],%l5 - sll %l4,24,%l4 - or %l3,%l2,%l2 - ldub [%i0+6],%l6 - sll %l5,16,%l5 - or %l0,%l2,%o0 - ldub [%i0+7],%l7 - - sll %l6,8,%l6 - or %l5,%l4,%l4 - ldub [%i0+8],%l0 - or %l7,%l6,%l6 - ldub [%i0+9],%l1 - or %l4,%l6,%o1 - ldub [%i0+10],%l2 - - sll %l0,24,%l0 - ldub [%i0+11],%l3 - sll %l1,16,%l1 - ldub [%i0+12],%l4 - sll %l2,8,%l2 - or %l1,%l0,%l0 - ldub [%i0+13],%l5 - sll %l4,24,%l4 - or %l3,%l2,%l2 - ldub [%i0+14],%l6 - sll %l5,16,%l5 - or %l0,%l2,%o2 - ldub [%i0+15],%l7 - - sll %l6,8,%l6 - or %l5,%l4,%l4 - or %l7,%l6,%l6 - or %l4,%l6,%o3 - -#ifdef __PIC__ - set AES_Te, %o4 - ldx [%o4+%o5], %o4 -#else - set AES_Te, %o4 -#endif - call _sparcv9_AES_encrypt - mov %i2,%o5 - - srl %o0,24,%l0 - srl %o0,16,%l1 - stb %l0,[%i1+0] - srl %o0,8,%l2 - stb %l1,[%i1+1] - stb %l2,[%i1+2] - srl %o1,24,%l4 - stb %o0,[%i1+3] - - srl %o1,16,%l5 - stb %l4,[%i1+4] - srl %o1,8,%l6 - stb %l5,[%i1+5] - stb %l6,[%i1+6] - srl %o2,24,%l0 - stb %o1,[%i1+7] - - srl %o2,16,%l1 - stb %l0,[%i1+8] - srl %o2,8,%l2 - stb %l1,[%i1+9] - stb %l2,[%i1+10] - srl %o3,24,%l4 - stb %o2,[%i1+11] - - srl %o3,16,%l5 - stb %l4,[%i1+12] - srl %o3,8,%l6 - stb %l5,[%i1+13] - stb %l6,[%i1+14] - stb %o3,[%i1+15] - - ret - restore -.type aes_encrypt_internal,#function -.size aes_encrypt_internal,(.-aes_encrypt_internal) - -___ - -$code.=<<___; -.section ".rodata",#alloc -.align 256 -AES_Td: -___ -&_data_word( - 0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96, - 0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393, - 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25, - 0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f, - 0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1, - 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6, - 0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da, - 0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844, - 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd, - 0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4, - 0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45, - 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94, - 0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7, - 0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a, - 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5, - 0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c, - 0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1, - 0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a, - 0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75, - 0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051, - 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46, - 0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff, - 0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77, - 0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb, - 0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000, - 0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e, - 0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927, - 0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a, - 0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e, - 0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16, - 0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d, - 0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8, - 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd, - 0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34, - 0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163, - 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120, - 0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d, - 0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0, - 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422, - 0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef, - 0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36, - 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4, - 0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662, - 0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5, - 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3, - 0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b, - 0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8, - 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6, - 0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6, - 0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0, - 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815, - 0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f, - 0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df, - 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f, - 0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e, - 0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713, - 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89, - 0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c, - 0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf, - 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86, - 0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f, - 0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541, - 0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190, - 0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742); -$code.=<<___; - .byte 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38 - .byte 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb - .byte 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87 - .byte 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb - .byte 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d - .byte 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e - .byte 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2 - .byte 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25 - .byte 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16 - .byte 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92 - .byte 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda - .byte 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84 - .byte 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a - .byte 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06 - .byte 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02 - .byte 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b - .byte 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea - .byte 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73 - .byte 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85 - .byte 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e - .byte 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89 - .byte 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b - .byte 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20 - .byte 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4 - .byte 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31 - .byte 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f - .byte 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d - .byte 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef - .byte 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0 - .byte 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61 - .byte 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26 - .byte 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d -.type AES_Td,#object -.size AES_Td,(.-AES_Td) - -.section ".text",#alloc,#execinstr -.align 64 -.skip 16 -_sparcv9_AES_decrypt: - save %sp,-$frame-$locals,%sp - stx %i7,[%sp+$bias+$frame+0] ! off-load return address - ld [$key+240],$rounds - ld [$key+0],$t0 - ld [$key+4],$t1 ! - ld [$key+8],$t2 - ld [$key+12],$t3 - srl $rounds,1,$rounds - xor $t0,$s0,$s0 - ld [$key+16],$t0 - xor $t1,$s1,$s1 - ld [$key+20],$t1 - srl $s0,21,$acc0 ! - xor $t2,$s2,$s2 - ld [$key+24],$t2 - xor $t3,$s3,$s3 - and $acc0,2040,$acc0 - ld [$key+28],$t3 - srl $s3,13,$acc1 - nop -.Ldec_loop: - srl $s2,5,$acc2 ! - and $acc1,2040,$acc1 - ldx [$tbl+$acc0],$acc0 - sll $s1,3,$acc3 - and $acc2,2040,$acc2 - ldx [$tbl+$acc1],$acc1 - srl $s1,21,$acc4 - and $acc3,2040,$acc3 - ldx [$tbl+$acc2],$acc2 ! - srl $s0,13,$acc5 - and $acc4,2040,$acc4 - ldx [$tbl+$acc3],$acc3 - srl $s3,5,$acc6 - and $acc5,2040,$acc5 - ldx [$tbl+$acc4],$acc4 - fmovs %f0,%f0 - sll $s2,3,$acc7 ! - and $acc6,2040,$acc6 - ldx [$tbl+$acc5],$acc5 - srl $s2,21,$acc8 - and $acc7,2040,$acc7 - ldx [$tbl+$acc6],$acc6 - srl $s1,13,$acc9 - and $acc8,2040,$acc8 - ldx [$tbl+$acc7],$acc7 ! - srl $s0,5,$acc10 - and $acc9,2040,$acc9 - ldx [$tbl+$acc8],$acc8 - sll $s3,3,$acc11 - and $acc10,2040,$acc10 - ldx [$tbl+$acc9],$acc9 - fmovs %f0,%f0 - srl $s3,21,$acc12 ! - and $acc11,2040,$acc11 - ldx [$tbl+$acc10],$acc10 - srl $s2,13,$acc13 - and $acc12,2040,$acc12 - ldx [$tbl+$acc11],$acc11 - srl $s1,5,$acc14 - and $acc13,2040,$acc13 - ldx [$tbl+$acc12],$acc12 ! - sll $s0,3,$acc15 - and $acc14,2040,$acc14 - ldx [$tbl+$acc13],$acc13 - and $acc15,2040,$acc15 - add $key,32,$key - ldx [$tbl+$acc14],$acc14 - fmovs %f0,%f0 - subcc $rounds,1,$rounds ! - ldx [$tbl+$acc15],$acc15 - bz,a,pn %icc,.Ldec_last - add $tbl,2048,$rounds - - srlx $acc1,8,$acc1 - xor $acc0,$t0,$t0 - ld [$key+0],$s0 - fmovs %f0,%f0 - srlx $acc2,16,$acc2 ! - xor $acc1,$t0,$t0 - ld [$key+4],$s1 - srlx $acc3,24,$acc3 - xor $acc2,$t0,$t0 - ld [$key+8],$s2 - srlx $acc5,8,$acc5 - xor $acc3,$t0,$t0 - ld [$key+12],$s3 ! - srlx $acc6,16,$acc6 - xor $acc4,$t1,$t1 - fmovs %f0,%f0 - srlx $acc7,24,$acc7 - xor $acc5,$t1,$t1 - srlx $acc9,8,$acc9 - xor $acc6,$t1,$t1 - srlx $acc10,16,$acc10 ! - xor $acc7,$t1,$t1 - srlx $acc11,24,$acc11 - xor $acc8,$t2,$t2 - srlx $acc13,8,$acc13 - xor $acc9,$t2,$t2 - srlx $acc14,16,$acc14 - xor $acc10,$t2,$t2 - srlx $acc15,24,$acc15 ! - xor $acc11,$t2,$t2 - xor $acc12,$acc14,$acc14 - xor $acc13,$t3,$t3 - srl $t0,21,$acc0 - xor $acc14,$t3,$t3 - xor $acc15,$t3,$t3 - srl $t3,13,$acc1 - - and $acc0,2040,$acc0 ! - srl $t2,5,$acc2 - and $acc1,2040,$acc1 - ldx [$tbl+$acc0],$acc0 - sll $t1,3,$acc3 - and $acc2,2040,$acc2 - ldx [$tbl+$acc1],$acc1 - fmovs %f0,%f0 - srl $t1,21,$acc4 ! - and $acc3,2040,$acc3 - ldx [$tbl+$acc2],$acc2 - srl $t0,13,$acc5 - and $acc4,2040,$acc4 - ldx [$tbl+$acc3],$acc3 - srl $t3,5,$acc6 - and $acc5,2040,$acc5 - ldx [$tbl+$acc4],$acc4 ! - sll $t2,3,$acc7 - and $acc6,2040,$acc6 - ldx [$tbl+$acc5],$acc5 - srl $t2,21,$acc8 - and $acc7,2040,$acc7 - ldx [$tbl+$acc6],$acc6 - fmovs %f0,%f0 - srl $t1,13,$acc9 ! - and $acc8,2040,$acc8 - ldx [$tbl+$acc7],$acc7 - srl $t0,5,$acc10 - and $acc9,2040,$acc9 - ldx [$tbl+$acc8],$acc8 - sll $t3,3,$acc11 - and $acc10,2040,$acc10 - ldx [$tbl+$acc9],$acc9 ! - srl $t3,21,$acc12 - and $acc11,2040,$acc11 - ldx [$tbl+$acc10],$acc10 - srl $t2,13,$acc13 - and $acc12,2040,$acc12 - ldx [$tbl+$acc11],$acc11 - fmovs %f0,%f0 - srl $t1,5,$acc14 ! - and $acc13,2040,$acc13 - ldx [$tbl+$acc12],$acc12 - sll $t0,3,$acc15 - and $acc14,2040,$acc14 - ldx [$tbl+$acc13],$acc13 - srlx $acc1,8,$acc1 - and $acc15,2040,$acc15 - ldx [$tbl+$acc14],$acc14 ! - - srlx $acc2,16,$acc2 - xor $acc0,$s0,$s0 - ldx [$tbl+$acc15],$acc15 - srlx $acc3,24,$acc3 - xor $acc1,$s0,$s0 - ld [$key+16],$t0 - fmovs %f0,%f0 - srlx $acc5,8,$acc5 ! - xor $acc2,$s0,$s0 - ld [$key+20],$t1 - srlx $acc6,16,$acc6 - xor $acc3,$s0,$s0 - ld [$key+24],$t2 - srlx $acc7,24,$acc7 - xor $acc4,$s1,$s1 - ld [$key+28],$t3 ! - srlx $acc9,8,$acc9 - xor $acc5,$s1,$s1 - ldx [$tbl+2048+0],%g0 ! prefetch td4 - srlx $acc10,16,$acc10 - xor $acc6,$s1,$s1 - ldx [$tbl+2048+32],%g0 ! prefetch td4 - srlx $acc11,24,$acc11 - xor $acc7,$s1,$s1 - ldx [$tbl+2048+64],%g0 ! prefetch td4 - srlx $acc13,8,$acc13 - xor $acc8,$s2,$s2 - ldx [$tbl+2048+96],%g0 ! prefetch td4 - srlx $acc14,16,$acc14 ! - xor $acc9,$s2,$s2 - ldx [$tbl+2048+128],%g0 ! prefetch td4 - srlx $acc15,24,$acc15 - xor $acc10,$s2,$s2 - ldx [$tbl+2048+160],%g0 ! prefetch td4 - srl $s0,21,$acc0 - xor $acc11,$s2,$s2 - ldx [$tbl+2048+192],%g0 ! prefetch td4 - xor $acc12,$acc14,$acc14 - xor $acc13,$s3,$s3 - ldx [$tbl+2048+224],%g0 ! prefetch td4 - and $acc0,2040,$acc0 ! - xor $acc14,$s3,$s3 - xor $acc15,$s3,$s3 - ba .Ldec_loop - srl $s3,13,$acc1 - -.align 32 -.Ldec_last: - srlx $acc1,8,$acc1 ! - xor $acc0,$t0,$t0 - ld [$key+0],$s0 - srlx $acc2,16,$acc2 - xor $acc1,$t0,$t0 - ld [$key+4],$s1 - srlx $acc3,24,$acc3 - xor $acc2,$t0,$t0 - ld [$key+8],$s2 ! - srlx $acc5,8,$acc5 - xor $acc3,$t0,$t0 - ld [$key+12],$s3 - srlx $acc6,16,$acc6 - xor $acc4,$t1,$t1 - srlx $acc7,24,$acc7 - xor $acc5,$t1,$t1 - srlx $acc9,8,$acc9 ! - xor $acc6,$t1,$t1 - srlx $acc10,16,$acc10 - xor $acc7,$t1,$t1 - srlx $acc11,24,$acc11 - xor $acc8,$t2,$t2 - srlx $acc13,8,$acc13 - xor $acc9,$t2,$t2 - srlx $acc14,16,$acc14 ! - xor $acc10,$t2,$t2 - srlx $acc15,24,$acc15 - xor $acc11,$t2,$t2 - xor $acc12,$acc14,$acc14 - xor $acc13,$t3,$t3 - srl $t0,24,$acc0 - xor $acc14,$t3,$t3 - xor $acc15,$t3,$t3 ! - srl $t3,16,$acc1 - - srl $t2,8,$acc2 - and $acc1,255,$acc1 - ldub [$rounds+$acc0],$acc0 - srl $t1,24,$acc4 - and $acc2,255,$acc2 - ldub [$rounds+$acc1],$acc1 - srl $t0,16,$acc5 ! - and $t1,255,$acc3 - ldub [$rounds+$acc2],$acc2 - ldub [$rounds+$acc3],$acc3 - srl $t3,8,$acc6 - and $acc5,255,$acc5 - ldub [$rounds+$acc4],$acc4 - fmovs %f0,%f0 - srl $t2,24,$acc8 ! - and $acc6,255,$acc6 - ldub [$rounds+$acc5],$acc5 - srl $t1,16,$acc9 - and $t2,255,$acc7 - ldub [$rounds+$acc6],$acc6 - ldub [$rounds+$acc7],$acc7 - fmovs %f0,%f0 - srl $t0,8,$acc10 ! - and $acc9,255,$acc9 - ldub [$rounds+$acc8],$acc8 - srl $t3,24,$acc12 - and $acc10,255,$acc10 - ldub [$rounds+$acc9],$acc9 - srl $t2,16,$acc13 - and $t3,255,$acc11 - ldub [$rounds+$acc10],$acc10 ! - srl $t1,8,$acc14 - and $acc13,255,$acc13 - ldub [$rounds+$acc11],$acc11 - ldub [$rounds+$acc12],$acc12 - and $acc14,255,$acc14 - ldub [$rounds+$acc13],$acc13 - and $t0,255,$acc15 - ldub [$rounds+$acc14],$acc14 ! - - sll $acc0,24,$acc0 - xor $acc3,$s0,$s0 - ldub [$rounds+$acc15],$acc15 - sll $acc1,16,$acc1 - xor $acc0,$s0,$s0 - ldx [%sp+$bias+$frame+0],%i7 ! restore return address - fmovs %f0,%f0 - sll $acc2,8,$acc2 ! - xor $acc1,$s0,$s0 - sll $acc4,24,$acc4 - xor $acc2,$s0,$s0 - sll $acc5,16,$acc5 - xor $acc7,$s1,$s1 - sll $acc6,8,$acc6 - xor $acc4,$s1,$s1 - sll $acc8,24,$acc8 ! - xor $acc5,$s1,$s1 - sll $acc9,16,$acc9 - xor $acc11,$s2,$s2 - sll $acc10,8,$acc10 - xor $acc6,$s1,$s1 - sll $acc12,24,$acc12 - xor $acc8,$s2,$s2 - sll $acc13,16,$acc13 ! - xor $acc9,$s2,$s2 - sll $acc14,8,$acc14 - xor $acc10,$s2,$s2 - xor $acc12,$acc14,$acc14 - xor $acc13,$s3,$s3 - xor $acc14,$s3,$s3 - xor $acc15,$s3,$s3 - - ret - restore -.type _sparcv9_AES_decrypt,#function -.size _sparcv9_AES_decrypt,(.-_sparcv9_AES_decrypt) - -.align 32 -.globl aes_decrypt_internal -aes_decrypt_internal: - save %sp,-$frame,%sp -#ifdef __PIC__ - sethi %hi(_GLOBAL_OFFSET_TABLE_-4), %o5 - rd %pc, %o4 - or %o5, %lo(_GLOBAL_OFFSET_TABLE_+4), %o5 - add %o5, %o4, %o5 -#endif - - or %i0,%i1,%g1 - andcc %g1,3,%g0 - bnz,pn %xcc,.Lunaligned_dec - nop - - ld [%i0+0],%o0 - ld [%i0+4],%o1 - ld [%i0+8],%o2 - ld [%i0+12],%o3 - -#ifdef __PIC__ - set AES_Td, %o4 - ldx [%o4+%o5], %o4 -#else - set AES_Td, %o4 -#endif - call _sparcv9_AES_decrypt - mov %i2,%o5 - - st %o0,[%i1+0] - st %o1,[%i1+4] - st %o2,[%i1+8] - st %o3,[%i1+12] - - ret - restore - -.align 32 -.Lunaligned_dec: - ldub [%i0+0],%l0 - ldub [%i0+1],%l1 - ldub [%i0+2],%l2 - - sll %l0,24,%l0 - ldub [%i0+3],%l3 - sll %l1,16,%l1 - ldub [%i0+4],%l4 - sll %l2,8,%l2 - or %l1,%l0,%l0 - ldub [%i0+5],%l5 - sll %l4,24,%l4 - or %l3,%l2,%l2 - ldub [%i0+6],%l6 - sll %l5,16,%l5 - or %l0,%l2,%o0 - ldub [%i0+7],%l7 - - sll %l6,8,%l6 - or %l5,%l4,%l4 - ldub [%i0+8],%l0 - or %l7,%l6,%l6 - ldub [%i0+9],%l1 - or %l4,%l6,%o1 - ldub [%i0+10],%l2 - - sll %l0,24,%l0 - ldub [%i0+11],%l3 - sll %l1,16,%l1 - ldub [%i0+12],%l4 - sll %l2,8,%l2 - or %l1,%l0,%l0 - ldub [%i0+13],%l5 - sll %l4,24,%l4 - or %l3,%l2,%l2 - ldub [%i0+14],%l6 - sll %l5,16,%l5 - or %l0,%l2,%o2 - ldub [%i0+15],%l7 - - sll %l6,8,%l6 - or %l5,%l4,%l4 - or %l7,%l6,%l6 - or %l4,%l6,%o3 - -#ifdef __PIC__ - set AES_Td, %o4 - ldx [%o4+%o5], %o4 -#else - set AES_Td, %o4 -#endif - call _sparcv9_AES_decrypt - mov %i2,%o5 - - srl %o0,24,%l0 - srl %o0,16,%l1 - stb %l0,[%i1+0] - srl %o0,8,%l2 - stb %l1,[%i1+1] - stb %l2,[%i1+2] - srl %o1,24,%l4 - stb %o0,[%i1+3] - - srl %o1,16,%l5 - stb %l4,[%i1+4] - srl %o1,8,%l6 - stb %l5,[%i1+5] - stb %l6,[%i1+6] - srl %o2,24,%l0 - stb %o1,[%i1+7] - - srl %o2,16,%l1 - stb %l0,[%i1+8] - srl %o2,8,%l2 - stb %l1,[%i1+9] - stb %l2,[%i1+10] - srl %o3,24,%l4 - stb %o2,[%i1+11] - - srl %o3,16,%l5 - stb %l4,[%i1+12] - srl %o3,8,%l6 - stb %l5,[%i1+13] - stb %l6,[%i1+14] - stb %o3,[%i1+15] - - ret - restore -.type aes_decrypt_internal,#function -.size aes_decrypt_internal,(.-aes_decrypt_internal) -___ - -# fmovs instructions substituting for FP nops were originally added -# to meet specific instruction alignment requirements to maximize ILP. -# As UltraSPARC T1, a.k.a. Niagara, has shared FPU, FP nops can have -# undesired effect, so just omit them and sacrifice some portion of -# percent in performance... -$code =~ s/fmovs.*$//gm; - -print $code; -close STDOUT; # ensure flush diff --git a/src/lib/libcrypto/aes/asm/aes-x86_64.pl b/src/lib/libcrypto/aes/asm/aes-x86_64.pl deleted file mode 100755 index 324c4a2be2..0000000000 --- a/src/lib/libcrypto/aes/asm/aes-x86_64.pl +++ /dev/null @@ -1,2834 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== -# -# Version 2.1. -# -# aes-*-cbc benchmarks are improved by >70% [compared to gcc 3.3.2 on -# Opteron 240 CPU] plus all the bells-n-whistles from 32-bit version -# [you'll notice a lot of resemblance], such as compressed S-boxes -# in little-endian byte order, prefetch of these tables in CBC mode, -# as well as avoiding L1 cache aliasing between stack frame and key -# schedule and already mentioned tables, compressed Td4... -# -# Performance in number of cycles per processed byte for 128-bit key: -# -# ECB encrypt ECB decrypt CBC large chunk -# AMD64 33 41 13.0 -# EM64T 38 59 18.6(*) -# Core 2 30 43 14.5(*) -# -# (*) with hyper-threading off - -$flavour = shift; -$output = shift; -if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } - -$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/); - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or -( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or -die "can't locate x86_64-xlate.pl"; - -open OUT,"| \"$^X\" $xlate $flavour $output"; -*STDOUT=*OUT; - -$verticalspin=1; # unlike 32-bit version $verticalspin performs - # ~15% better on both AMD and Intel cores -$speed_limit=512; # see aes-586.pl for details - -$code=".text\n"; - -$s0="%eax"; -$s1="%ebx"; -$s2="%ecx"; -$s3="%edx"; -$acc0="%esi"; $mask80="%rsi"; -$acc1="%edi"; $maskfe="%rdi"; -$acc2="%ebp"; $mask1b="%rbp"; -$inp="%r8"; -$out="%r9"; -$t0="%r10d"; -$t1="%r11d"; -$t2="%r12d"; -$rnds="%r13d"; -$sbox="%r14"; -$key="%r15"; - -sub hi() { my $r=shift; $r =~ s/%[er]([a-d])x/%\1h/; $r; } -sub lo() { my $r=shift; $r =~ s/%[er]([a-d])x/%\1l/; - $r =~ s/%[er]([sd]i)/%\1l/; - $r =~ s/%(r[0-9]+)[d]?/%\1b/; $r; } -sub LO() { my $r=shift; $r =~ s/%r([a-z]+)/%e\1/; - $r =~ s/%r([0-9]+)/%r\1d/; $r; } -sub _data_word() -{ my $i; - while(defined($i=shift)) { $code.=sprintf".long\t0x%08x,0x%08x\n",$i,$i; } -} -sub data_word() -{ my $i; - my $last=pop(@_); - $code.=".long\t"; - while(defined($i=shift)) { $code.=sprintf"0x%08x,",$i; } - $code.=sprintf"0x%08x\n",$last; -} - -sub data_byte() -{ my $i; - my $last=pop(@_); - $code.=".byte\t"; - while(defined($i=shift)) { $code.=sprintf"0x%02x,",$i&0xff; } - $code.=sprintf"0x%02x\n",$last&0xff; -} - -sub encvert() -{ my $t3="%r8d"; # zaps $inp! - -$code.=<<___; - # favor 3-way issue Opteron pipeline... - movzb `&lo("$s0")`,$acc0 - movzb `&lo("$s1")`,$acc1 - movzb `&lo("$s2")`,$acc2 - mov 0($sbox,$acc0,8),$t0 - mov 0($sbox,$acc1,8),$t1 - mov 0($sbox,$acc2,8),$t2 - - movzb `&hi("$s1")`,$acc0 - movzb `&hi("$s2")`,$acc1 - movzb `&lo("$s3")`,$acc2 - xor 3($sbox,$acc0,8),$t0 - xor 3($sbox,$acc1,8),$t1 - mov 0($sbox,$acc2,8),$t3 - - movzb `&hi("$s3")`,$acc0 - shr \$16,$s2 - movzb `&hi("$s0")`,$acc2 - xor 3($sbox,$acc0,8),$t2 - shr \$16,$s3 - xor 3($sbox,$acc2,8),$t3 - - shr \$16,$s1 - lea 16($key),$key - shr \$16,$s0 - - movzb `&lo("$s2")`,$acc0 - movzb `&lo("$s3")`,$acc1 - movzb `&lo("$s0")`,$acc2 - xor 2($sbox,$acc0,8),$t0 - xor 2($sbox,$acc1,8),$t1 - xor 2($sbox,$acc2,8),$t2 - - movzb `&hi("$s3")`,$acc0 - movzb `&hi("$s0")`,$acc1 - movzb `&lo("$s1")`,$acc2 - xor 1($sbox,$acc0,8),$t0 - xor 1($sbox,$acc1,8),$t1 - xor 2($sbox,$acc2,8),$t3 - - mov 12($key),$s3 - movzb `&hi("$s1")`,$acc1 - movzb `&hi("$s2")`,$acc2 - mov 0($key),$s0 - xor 1($sbox,$acc1,8),$t2 - xor 1($sbox,$acc2,8),$t3 - - mov 4($key),$s1 - mov 8($key),$s2 - xor $t0,$s0 - xor $t1,$s1 - xor $t2,$s2 - xor $t3,$s3 -___ -} - -sub enclastvert() -{ my $t3="%r8d"; # zaps $inp! - -$code.=<<___; - movzb `&lo("$s0")`,$acc0 - movzb `&lo("$s1")`,$acc1 - movzb `&lo("$s2")`,$acc2 - movzb 2($sbox,$acc0,8),$t0 - movzb 2($sbox,$acc1,8),$t1 - movzb 2($sbox,$acc2,8),$t2 - - movzb `&lo("$s3")`,$acc0 - movzb `&hi("$s1")`,$acc1 - movzb `&hi("$s2")`,$acc2 - movzb 2($sbox,$acc0,8),$t3 - mov 0($sbox,$acc1,8),$acc1 #$t0 - mov 0($sbox,$acc2,8),$acc2 #$t1 - - and \$0x0000ff00,$acc1 - and \$0x0000ff00,$acc2 - - xor $acc1,$t0 - xor $acc2,$t1 - shr \$16,$s2 - - movzb `&hi("$s3")`,$acc0 - movzb `&hi("$s0")`,$acc1 - shr \$16,$s3 - mov 0($sbox,$acc0,8),$acc0 #$t2 - mov 0($sbox,$acc1,8),$acc1 #$t3 - - and \$0x0000ff00,$acc0 - and \$0x0000ff00,$acc1 - shr \$16,$s1 - xor $acc0,$t2 - xor $acc1,$t3 - shr \$16,$s0 - - movzb `&lo("$s2")`,$acc0 - movzb `&lo("$s3")`,$acc1 - movzb `&lo("$s0")`,$acc2 - mov 0($sbox,$acc0,8),$acc0 #$t0 - mov 0($sbox,$acc1,8),$acc1 #$t1 - mov 0($sbox,$acc2,8),$acc2 #$t2 - - and \$0x00ff0000,$acc0 - and \$0x00ff0000,$acc1 - and \$0x00ff0000,$acc2 - - xor $acc0,$t0 - xor $acc1,$t1 - xor $acc2,$t2 - - movzb `&lo("$s1")`,$acc0 - movzb `&hi("$s3")`,$acc1 - movzb `&hi("$s0")`,$acc2 - mov 0($sbox,$acc0,8),$acc0 #$t3 - mov 2($sbox,$acc1,8),$acc1 #$t0 - mov 2($sbox,$acc2,8),$acc2 #$t1 - - and \$0x00ff0000,$acc0 - and \$0xff000000,$acc1 - and \$0xff000000,$acc2 - - xor $acc0,$t3 - xor $acc1,$t0 - xor $acc2,$t1 - - movzb `&hi("$s1")`,$acc0 - movzb `&hi("$s2")`,$acc1 - mov 16+12($key),$s3 - mov 2($sbox,$acc0,8),$acc0 #$t2 - mov 2($sbox,$acc1,8),$acc1 #$t3 - mov 16+0($key),$s0 - - and \$0xff000000,$acc0 - and \$0xff000000,$acc1 - - xor $acc0,$t2 - xor $acc1,$t3 - - mov 16+4($key),$s1 - mov 16+8($key),$s2 - xor $t0,$s0 - xor $t1,$s1 - xor $t2,$s2 - xor $t3,$s3 -___ -} - -sub encstep() -{ my ($i,@s) = @_; - my $tmp0=$acc0; - my $tmp1=$acc1; - my $tmp2=$acc2; - my $out=($t0,$t1,$t2,$s[0])[$i]; - - if ($i==3) { - $tmp0=$s[1]; - $tmp1=$s[2]; - $tmp2=$s[3]; - } - $code.=" movzb ".&lo($s[0]).",$out\n"; - $code.=" mov $s[2],$tmp1\n" if ($i!=3); - $code.=" lea 16($key),$key\n" if ($i==0); - - $code.=" movzb ".&hi($s[1]).",$tmp0\n"; - $code.=" mov 0($sbox,$out,8),$out\n"; - - $code.=" shr \$16,$tmp1\n"; - $code.=" mov $s[3],$tmp2\n" if ($i!=3); - $code.=" xor 3($sbox,$tmp0,8),$out\n"; - - $code.=" movzb ".&lo($tmp1).",$tmp1\n"; - $code.=" shr \$24,$tmp2\n"; - $code.=" xor 4*$i($key),$out\n"; - - $code.=" xor 2($sbox,$tmp1,8),$out\n"; - $code.=" xor 1($sbox,$tmp2,8),$out\n"; - - $code.=" mov $t0,$s[1]\n" if ($i==3); - $code.=" mov $t1,$s[2]\n" if ($i==3); - $code.=" mov $t2,$s[3]\n" if ($i==3); - $code.="\n"; -} - -sub enclast() -{ my ($i,@s)=@_; - my $tmp0=$acc0; - my $tmp1=$acc1; - my $tmp2=$acc2; - my $out=($t0,$t1,$t2,$s[0])[$i]; - - if ($i==3) { - $tmp0=$s[1]; - $tmp1=$s[2]; - $tmp2=$s[3]; - } - $code.=" movzb ".&lo($s[0]).",$out\n"; - $code.=" mov $s[2],$tmp1\n" if ($i!=3); - - $code.=" mov 2($sbox,$out,8),$out\n"; - $code.=" shr \$16,$tmp1\n"; - $code.=" mov $s[3],$tmp2\n" if ($i!=3); - - $code.=" and \$0x000000ff,$out\n"; - $code.=" movzb ".&hi($s[1]).",$tmp0\n"; - $code.=" movzb ".&lo($tmp1).",$tmp1\n"; - $code.=" shr \$24,$tmp2\n"; - - $code.=" mov 0($sbox,$tmp0,8),$tmp0\n"; - $code.=" mov 0($sbox,$tmp1,8),$tmp1\n"; - $code.=" mov 2($sbox,$tmp2,8),$tmp2\n"; - - $code.=" and \$0x0000ff00,$tmp0\n"; - $code.=" and \$0x00ff0000,$tmp1\n"; - $code.=" and \$0xff000000,$tmp2\n"; - - $code.=" xor $tmp0,$out\n"; - $code.=" mov $t0,$s[1]\n" if ($i==3); - $code.=" xor $tmp1,$out\n"; - $code.=" mov $t1,$s[2]\n" if ($i==3); - $code.=" xor $tmp2,$out\n"; - $code.=" mov $t2,$s[3]\n" if ($i==3); - $code.="\n"; -} - -$code.=<<___; -.type _x86_64_AES_encrypt,\@abi-omnipotent -.align 16 -_x86_64_AES_encrypt: - _CET_ENDBR - xor 0($key),$s0 # xor with key - xor 4($key),$s1 - xor 8($key),$s2 - xor 12($key),$s3 - - mov 240($key),$rnds # load key->rounds - sub \$1,$rnds - jmp .Lenc_loop -.align 16 -.Lenc_loop: -___ - if ($verticalspin) { &encvert(); } - else { &encstep(0,$s0,$s1,$s2,$s3); - &encstep(1,$s1,$s2,$s3,$s0); - &encstep(2,$s2,$s3,$s0,$s1); - &encstep(3,$s3,$s0,$s1,$s2); - } -$code.=<<___; - sub \$1,$rnds - jnz .Lenc_loop -___ - if ($verticalspin) { &enclastvert(); } - else { &enclast(0,$s0,$s1,$s2,$s3); - &enclast(1,$s1,$s2,$s3,$s0); - &enclast(2,$s2,$s3,$s0,$s1); - &enclast(3,$s3,$s0,$s1,$s2); - $code.=<<___; - xor 16+0($key),$s0 # xor with key - xor 16+4($key),$s1 - xor 16+8($key),$s2 - xor 16+12($key),$s3 -___ - } -$code.=<<___; - retq -.size _x86_64_AES_encrypt,.-_x86_64_AES_encrypt -___ - -# it's possible to implement this by shifting tN by 8, filling least -# significant byte with byte load and finally bswap-ing at the end, -# but such partial register load kills Core 2... -sub enccompactvert() -{ my ($t3,$t4,$t5)=("%r8d","%r9d","%r13d"); - -$code.=<<___; - movzb `&lo("$s0")`,$t0 - movzb `&lo("$s1")`,$t1 - movzb `&lo("$s2")`,$t2 - movzb ($sbox,$t0,1),$t0 - movzb ($sbox,$t1,1),$t1 - movzb ($sbox,$t2,1),$t2 - - movzb `&lo("$s3")`,$t3 - movzb `&hi("$s1")`,$acc0 - movzb `&hi("$s2")`,$acc1 - movzb ($sbox,$t3,1),$t3 - movzb ($sbox,$acc0,1),$t4 #$t0 - movzb ($sbox,$acc1,1),$t5 #$t1 - - movzb `&hi("$s3")`,$acc2 - movzb `&hi("$s0")`,$acc0 - shr \$16,$s2 - movzb ($sbox,$acc2,1),$acc2 #$t2 - movzb ($sbox,$acc0,1),$acc0 #$t3 - shr \$16,$s3 - - movzb `&lo("$s2")`,$acc1 - shl \$8,$t4 - shl \$8,$t5 - movzb ($sbox,$acc1,1),$acc1 #$t0 - xor $t4,$t0 - xor $t5,$t1 - - movzb `&lo("$s3")`,$t4 - shr \$16,$s0 - shr \$16,$s1 - movzb `&lo("$s0")`,$t5 - shl \$8,$acc2 - shl \$8,$acc0 - movzb ($sbox,$t4,1),$t4 #$t1 - movzb ($sbox,$t5,1),$t5 #$t2 - xor $acc2,$t2 - xor $acc0,$t3 - - movzb `&lo("$s1")`,$acc2 - movzb `&hi("$s3")`,$acc0 - shl \$16,$acc1 - movzb ($sbox,$acc2,1),$acc2 #$t3 - movzb ($sbox,$acc0,1),$acc0 #$t0 - xor $acc1,$t0 - - movzb `&hi("$s0")`,$acc1 - shr \$8,$s2 - shr \$8,$s1 - movzb ($sbox,$acc1,1),$acc1 #$t1 - movzb ($sbox,$s2,1),$s3 #$t3 - movzb ($sbox,$s1,1),$s2 #$t2 - shl \$16,$t4 - shl \$16,$t5 - shl \$16,$acc2 - xor $t4,$t1 - xor $t5,$t2 - xor $acc2,$t3 - - shl \$24,$acc0 - shl \$24,$acc1 - shl \$24,$s3 - xor $acc0,$t0 - shl \$24,$s2 - xor $acc1,$t1 - mov $t0,$s0 - mov $t1,$s1 - xor $t2,$s2 - xor $t3,$s3 -___ -} - -sub enctransform_ref() -{ my $sn = shift; - my ($acc,$r2,$tmp)=("%r8d","%r9d","%r13d"); - -$code.=<<___; - mov $sn,$acc - and \$0x80808080,$acc - mov $acc,$tmp - shr \$7,$tmp - lea ($sn,$sn),$r2 - sub $tmp,$acc - and \$0xfefefefe,$r2 - and \$0x1b1b1b1b,$acc - mov $sn,$tmp - xor $acc,$r2 - - xor $r2,$sn - rol \$24,$sn - xor $r2,$sn - ror \$16,$tmp - xor $tmp,$sn - ror \$8,$tmp - xor $tmp,$sn -___ -} - -# unlike decrypt case it does not pay off to parallelize enctransform -sub enctransform() -{ my ($t3,$r20,$r21)=($acc2,"%r8d","%r9d"); - -$code.=<<___; - mov $s0,$acc0 - mov $s1,$acc1 - and \$0x80808080,$acc0 - and \$0x80808080,$acc1 - mov $acc0,$t0 - mov $acc1,$t1 - shr \$7,$t0 - lea ($s0,$s0),$r20 - shr \$7,$t1 - lea ($s1,$s1),$r21 - sub $t0,$acc0 - sub $t1,$acc1 - and \$0xfefefefe,$r20 - and \$0xfefefefe,$r21 - and \$0x1b1b1b1b,$acc0 - and \$0x1b1b1b1b,$acc1 - mov $s0,$t0 - mov $s1,$t1 - xor $acc0,$r20 - xor $acc1,$r21 - - xor $r20,$s0 - xor $r21,$s1 - mov $s2,$acc0 - mov $s3,$acc1 - rol \$24,$s0 - rol \$24,$s1 - and \$0x80808080,$acc0 - and \$0x80808080,$acc1 - xor $r20,$s0 - xor $r21,$s1 - mov $acc0,$t2 - mov $acc1,$t3 - ror \$16,$t0 - ror \$16,$t1 - shr \$7,$t2 - lea ($s2,$s2),$r20 - xor $t0,$s0 - xor $t1,$s1 - shr \$7,$t3 - lea ($s3,$s3),$r21 - ror \$8,$t0 - ror \$8,$t1 - sub $t2,$acc0 - sub $t3,$acc1 - xor $t0,$s0 - xor $t1,$s1 - - and \$0xfefefefe,$r20 - and \$0xfefefefe,$r21 - and \$0x1b1b1b1b,$acc0 - and \$0x1b1b1b1b,$acc1 - mov $s2,$t2 - mov $s3,$t3 - xor $acc0,$r20 - xor $acc1,$r21 - - xor $r20,$s2 - xor $r21,$s3 - rol \$24,$s2 - rol \$24,$s3 - xor $r20,$s2 - xor $r21,$s3 - mov 0($sbox),$acc0 # prefetch Te4 - ror \$16,$t2 - ror \$16,$t3 - mov 64($sbox),$acc1 - xor $t2,$s2 - xor $t3,$s3 - mov 128($sbox),$r20 - ror \$8,$t2 - ror \$8,$t3 - mov 192($sbox),$r21 - xor $t2,$s2 - xor $t3,$s3 -___ -} - -$code.=<<___; -.type _x86_64_AES_encrypt_compact,\@abi-omnipotent -.align 16 -_x86_64_AES_encrypt_compact: - _CET_ENDBR - lea 128($sbox),$inp # size optimization - mov 0-128($inp),$acc1 # prefetch Te4 - mov 32-128($inp),$acc2 - mov 64-128($inp),$t0 - mov 96-128($inp),$t1 - mov 128-128($inp),$acc1 - mov 160-128($inp),$acc2 - mov 192-128($inp),$t0 - mov 224-128($inp),$t1 - jmp .Lenc_loop_compact -.align 16 -.Lenc_loop_compact: - xor 0($key),$s0 # xor with key - xor 4($key),$s1 - xor 8($key),$s2 - xor 12($key),$s3 - lea 16($key),$key -___ - &enccompactvert(); -$code.=<<___; - cmp 16(%rsp),$key - je .Lenc_compact_done -___ - &enctransform(); -$code.=<<___; - jmp .Lenc_loop_compact -.align 16 -.Lenc_compact_done: - xor 0($key),$s0 - xor 4($key),$s1 - xor 8($key),$s2 - xor 12($key),$s3 - retq -.size _x86_64_AES_encrypt_compact,.-_x86_64_AES_encrypt_compact -___ - -# void aes_encrypt_internal(const void *inp, void *out, const AES_KEY *key); -$code.=<<___; -.globl aes_encrypt_internal -.type aes_encrypt_internal,\@function,3 -.align 16 -.globl asm_AES_encrypt -.hidden asm_AES_encrypt -asm_AES_encrypt: -aes_encrypt_internal: - _CET_ENDBR - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - - # allocate frame "above" key schedule - mov %rsp,%r10 - lea -63(%rdx),%rcx # %rdx is key argument - and \$-64,%rsp - sub %rsp,%rcx - neg %rcx - and \$0x3c0,%rcx - sub %rcx,%rsp - sub \$32,%rsp - - mov %rsi,16(%rsp) # save out - mov %r10,24(%rsp) # save real stack pointer -.Lenc_prologue: - - mov %rdx,$key - mov 240($key),$rnds # load rounds - - mov 0(%rdi),$s0 # load input vector - mov 4(%rdi),$s1 - mov 8(%rdi),$s2 - mov 12(%rdi),$s3 - - shl \$4,$rnds - lea ($key,$rnds),%rbp - mov $key,(%rsp) # key schedule - mov %rbp,8(%rsp) # end of key schedule - - # pick Te4 copy which can't "overlap" with stack frame or key schedule - lea .LAES_Te+2048(%rip),$sbox - lea 768(%rsp),%rbp - sub $sbox,%rbp - and \$0x300,%rbp - lea ($sbox,%rbp),$sbox - - call _x86_64_AES_encrypt_compact - - mov 16(%rsp),$out # restore out - mov 24(%rsp),%rsi # restore saved stack pointer - mov $s0,0($out) # write output vector - mov $s1,4($out) - mov $s2,8($out) - mov $s3,12($out) - - mov (%rsi),%r15 - mov 8(%rsi),%r14 - mov 16(%rsi),%r13 - mov 24(%rsi),%r12 - mov 32(%rsi),%rbp - mov 40(%rsi),%rbx - lea 48(%rsi),%rsp -.Lenc_epilogue: - ret -.size aes_encrypt_internal,.-aes_encrypt_internal -___ - -#------------------------------------------------------------------# - -sub decvert() -{ my $t3="%r8d"; # zaps $inp! - -$code.=<<___; - # favor 3-way issue Opteron pipeline... - movzb `&lo("$s0")`,$acc0 - movzb `&lo("$s1")`,$acc1 - movzb `&lo("$s2")`,$acc2 - mov 0($sbox,$acc0,8),$t0 - mov 0($sbox,$acc1,8),$t1 - mov 0($sbox,$acc2,8),$t2 - - movzb `&hi("$s3")`,$acc0 - movzb `&hi("$s0")`,$acc1 - movzb `&lo("$s3")`,$acc2 - xor 3($sbox,$acc0,8),$t0 - xor 3($sbox,$acc1,8),$t1 - mov 0($sbox,$acc2,8),$t3 - - movzb `&hi("$s1")`,$acc0 - shr \$16,$s0 - movzb `&hi("$s2")`,$acc2 - xor 3($sbox,$acc0,8),$t2 - shr \$16,$s3 - xor 3($sbox,$acc2,8),$t3 - - shr \$16,$s1 - lea 16($key),$key - shr \$16,$s2 - - movzb `&lo("$s2")`,$acc0 - movzb `&lo("$s3")`,$acc1 - movzb `&lo("$s0")`,$acc2 - xor 2($sbox,$acc0,8),$t0 - xor 2($sbox,$acc1,8),$t1 - xor 2($sbox,$acc2,8),$t2 - - movzb `&hi("$s1")`,$acc0 - movzb `&hi("$s2")`,$acc1 - movzb `&lo("$s1")`,$acc2 - xor 1($sbox,$acc0,8),$t0 - xor 1($sbox,$acc1,8),$t1 - xor 2($sbox,$acc2,8),$t3 - - movzb `&hi("$s3")`,$acc0 - mov 12($key),$s3 - movzb `&hi("$s0")`,$acc2 - xor 1($sbox,$acc0,8),$t2 - mov 0($key),$s0 - xor 1($sbox,$acc2,8),$t3 - - xor $t0,$s0 - mov 4($key),$s1 - mov 8($key),$s2 - xor $t2,$s2 - xor $t1,$s1 - xor $t3,$s3 -___ -} - -sub declastvert() -{ my $t3="%r8d"; # zaps $inp! - -$code.=<<___; - lea 2048($sbox),$sbox # size optimization - movzb `&lo("$s0")`,$acc0 - movzb `&lo("$s1")`,$acc1 - movzb `&lo("$s2")`,$acc2 - movzb ($sbox,$acc0,1),$t0 - movzb ($sbox,$acc1,1),$t1 - movzb ($sbox,$acc2,1),$t2 - - movzb `&lo("$s3")`,$acc0 - movzb `&hi("$s3")`,$acc1 - movzb `&hi("$s0")`,$acc2 - movzb ($sbox,$acc0,1),$t3 - movzb ($sbox,$acc1,1),$acc1 #$t0 - movzb ($sbox,$acc2,1),$acc2 #$t1 - - shl \$8,$acc1 - shl \$8,$acc2 - - xor $acc1,$t0 - xor $acc2,$t1 - shr \$16,$s3 - - movzb `&hi("$s1")`,$acc0 - movzb `&hi("$s2")`,$acc1 - shr \$16,$s0 - movzb ($sbox,$acc0,1),$acc0 #$t2 - movzb ($sbox,$acc1,1),$acc1 #$t3 - - shl \$8,$acc0 - shl \$8,$acc1 - shr \$16,$s1 - xor $acc0,$t2 - xor $acc1,$t3 - shr \$16,$s2 - - movzb `&lo("$s2")`,$acc0 - movzb `&lo("$s3")`,$acc1 - movzb `&lo("$s0")`,$acc2 - movzb ($sbox,$acc0,1),$acc0 #$t0 - movzb ($sbox,$acc1,1),$acc1 #$t1 - movzb ($sbox,$acc2,1),$acc2 #$t2 - - shl \$16,$acc0 - shl \$16,$acc1 - shl \$16,$acc2 - - xor $acc0,$t0 - xor $acc1,$t1 - xor $acc2,$t2 - - movzb `&lo("$s1")`,$acc0 - movzb `&hi("$s1")`,$acc1 - movzb `&hi("$s2")`,$acc2 - movzb ($sbox,$acc0,1),$acc0 #$t3 - movzb ($sbox,$acc1,1),$acc1 #$t0 - movzb ($sbox,$acc2,1),$acc2 #$t1 - - shl \$16,$acc0 - shl \$24,$acc1 - shl \$24,$acc2 - - xor $acc0,$t3 - xor $acc1,$t0 - xor $acc2,$t1 - - movzb `&hi("$s3")`,$acc0 - movzb `&hi("$s0")`,$acc1 - mov 16+12($key),$s3 - movzb ($sbox,$acc0,1),$acc0 #$t2 - movzb ($sbox,$acc1,1),$acc1 #$t3 - mov 16+0($key),$s0 - - shl \$24,$acc0 - shl \$24,$acc1 - - xor $acc0,$t2 - xor $acc1,$t3 - - mov 16+4($key),$s1 - mov 16+8($key),$s2 - lea -2048($sbox),$sbox - xor $t0,$s0 - xor $t1,$s1 - xor $t2,$s2 - xor $t3,$s3 -___ -} - -sub decstep() -{ my ($i,@s) = @_; - my $tmp0=$acc0; - my $tmp1=$acc1; - my $tmp2=$acc2; - my $out=($t0,$t1,$t2,$s[0])[$i]; - - $code.=" mov $s[0],$out\n" if ($i!=3); - $tmp1=$s[2] if ($i==3); - $code.=" mov $s[2],$tmp1\n" if ($i!=3); - $code.=" and \$0xFF,$out\n"; - - $code.=" mov 0($sbox,$out,8),$out\n"; - $code.=" shr \$16,$tmp1\n"; - $tmp2=$s[3] if ($i==3); - $code.=" mov $s[3],$tmp2\n" if ($i!=3); - - $tmp0=$s[1] if ($i==3); - $code.=" movzb ".&hi($s[1]).",$tmp0\n"; - $code.=" and \$0xFF,$tmp1\n"; - $code.=" shr \$24,$tmp2\n"; - - $code.=" xor 3($sbox,$tmp0,8),$out\n"; - $code.=" xor 2($sbox,$tmp1,8),$out\n"; - $code.=" xor 1($sbox,$tmp2,8),$out\n"; - - $code.=" mov $t2,$s[1]\n" if ($i==3); - $code.=" mov $t1,$s[2]\n" if ($i==3); - $code.=" mov $t0,$s[3]\n" if ($i==3); - $code.="\n"; -} - -sub declast() -{ my ($i,@s)=@_; - my $tmp0=$acc0; - my $tmp1=$acc1; - my $tmp2=$acc2; - my $out=($t0,$t1,$t2,$s[0])[$i]; - - $code.=" mov $s[0],$out\n" if ($i!=3); - $tmp1=$s[2] if ($i==3); - $code.=" mov $s[2],$tmp1\n" if ($i!=3); - $code.=" and \$0xFF,$out\n"; - - $code.=" movzb 2048($sbox,$out,1),$out\n"; - $code.=" shr \$16,$tmp1\n"; - $tmp2=$s[3] if ($i==3); - $code.=" mov $s[3],$tmp2\n" if ($i!=3); - - $tmp0=$s[1] if ($i==3); - $code.=" movzb ".&hi($s[1]).",$tmp0\n"; - $code.=" and \$0xFF,$tmp1\n"; - $code.=" shr \$24,$tmp2\n"; - - $code.=" movzb 2048($sbox,$tmp0,1),$tmp0\n"; - $code.=" movzb 2048($sbox,$tmp1,1),$tmp1\n"; - $code.=" movzb 2048($sbox,$tmp2,1),$tmp2\n"; - - $code.=" shl \$8,$tmp0\n"; - $code.=" shl \$16,$tmp1\n"; - $code.=" shl \$24,$tmp2\n"; - - $code.=" xor $tmp0,$out\n"; - $code.=" mov $t2,$s[1]\n" if ($i==3); - $code.=" xor $tmp1,$out\n"; - $code.=" mov $t1,$s[2]\n" if ($i==3); - $code.=" xor $tmp2,$out\n"; - $code.=" mov $t0,$s[3]\n" if ($i==3); - $code.="\n"; -} - -$code.=<<___; -.type _x86_64_AES_decrypt,\@abi-omnipotent -.align 16 -_x86_64_AES_decrypt: - _CET_ENDBR - xor 0($key),$s0 # xor with key - xor 4($key),$s1 - xor 8($key),$s2 - xor 12($key),$s3 - - mov 240($key),$rnds # load key->rounds - sub \$1,$rnds - jmp .Ldec_loop -.align 16 -.Ldec_loop: -___ - if ($verticalspin) { &decvert(); } - else { &decstep(0,$s0,$s3,$s2,$s1); - &decstep(1,$s1,$s0,$s3,$s2); - &decstep(2,$s2,$s1,$s0,$s3); - &decstep(3,$s3,$s2,$s1,$s0); - $code.=<<___; - lea 16($key),$key - xor 0($key),$s0 # xor with key - xor 4($key),$s1 - xor 8($key),$s2 - xor 12($key),$s3 -___ - } -$code.=<<___; - sub \$1,$rnds - jnz .Ldec_loop -___ - if ($verticalspin) { &declastvert(); } - else { &declast(0,$s0,$s3,$s2,$s1); - &declast(1,$s1,$s0,$s3,$s2); - &declast(2,$s2,$s1,$s0,$s3); - &declast(3,$s3,$s2,$s1,$s0); - $code.=<<___; - xor 16+0($key),$s0 # xor with key - xor 16+4($key),$s1 - xor 16+8($key),$s2 - xor 16+12($key),$s3 -___ - } -$code.=<<___; - retq -.size _x86_64_AES_decrypt,.-_x86_64_AES_decrypt -___ - -sub deccompactvert() -{ my ($t3,$t4,$t5)=("%r8d","%r9d","%r13d"); - -$code.=<<___; - movzb `&lo("$s0")`,$t0 - movzb `&lo("$s1")`,$t1 - movzb `&lo("$s2")`,$t2 - movzb ($sbox,$t0,1),$t0 - movzb ($sbox,$t1,1),$t1 - movzb ($sbox,$t2,1),$t2 - - movzb `&lo("$s3")`,$t3 - movzb `&hi("$s3")`,$acc0 - movzb `&hi("$s0")`,$acc1 - movzb ($sbox,$t3,1),$t3 - movzb ($sbox,$acc0,1),$t4 #$t0 - movzb ($sbox,$acc1,1),$t5 #$t1 - - movzb `&hi("$s1")`,$acc2 - movzb `&hi("$s2")`,$acc0 - shr \$16,$s2 - movzb ($sbox,$acc2,1),$acc2 #$t2 - movzb ($sbox,$acc0,1),$acc0 #$t3 - shr \$16,$s3 - - movzb `&lo("$s2")`,$acc1 - shl \$8,$t4 - shl \$8,$t5 - movzb ($sbox,$acc1,1),$acc1 #$t0 - xor $t4,$t0 - xor $t5,$t1 - - movzb `&lo("$s3")`,$t4 - shr \$16,$s0 - shr \$16,$s1 - movzb `&lo("$s0")`,$t5 - shl \$8,$acc2 - shl \$8,$acc0 - movzb ($sbox,$t4,1),$t4 #$t1 - movzb ($sbox,$t5,1),$t5 #$t2 - xor $acc2,$t2 - xor $acc0,$t3 - - movzb `&lo("$s1")`,$acc2 - movzb `&hi("$s1")`,$acc0 - shl \$16,$acc1 - movzb ($sbox,$acc2,1),$acc2 #$t3 - movzb ($sbox,$acc0,1),$acc0 #$t0 - xor $acc1,$t0 - - movzb `&hi("$s2")`,$acc1 - shl \$16,$t4 - shl \$16,$t5 - movzb ($sbox,$acc1,1),$s1 #$t1 - xor $t4,$t1 - xor $t5,$t2 - - movzb `&hi("$s3")`,$acc1 - shr \$8,$s0 - shl \$16,$acc2 - movzb ($sbox,$acc1,1),$s2 #$t2 - movzb ($sbox,$s0,1),$s3 #$t3 - xor $acc2,$t3 - - shl \$24,$acc0 - shl \$24,$s1 - shl \$24,$s2 - xor $acc0,$t0 - shl \$24,$s3 - xor $t1,$s1 - mov $t0,$s0 - xor $t2,$s2 - xor $t3,$s3 -___ -} - -# parallelized version! input is pair of 64-bit values: %rax=s1.s0 -# and %rcx=s3.s2, output is four 32-bit values in %eax=s0, %ebx=s1, -# %ecx=s2 and %edx=s3. -sub dectransform() -{ my ($tp10,$tp20,$tp40,$tp80,$acc0)=("%rax","%r8", "%r9", "%r10","%rbx"); - my ($tp18,$tp28,$tp48,$tp88,$acc8)=("%rcx","%r11","%r12","%r13","%rdx"); - my $prefetch = shift; - -$code.=<<___; - mov $tp10,$acc0 - mov $tp18,$acc8 - and $mask80,$acc0 - and $mask80,$acc8 - mov $acc0,$tp40 - mov $acc8,$tp48 - shr \$7,$tp40 - lea ($tp10,$tp10),$tp20 - shr \$7,$tp48 - lea ($tp18,$tp18),$tp28 - sub $tp40,$acc0 - sub $tp48,$acc8 - and $maskfe,$tp20 - and $maskfe,$tp28 - and $mask1b,$acc0 - and $mask1b,$acc8 - xor $tp20,$acc0 - xor $tp28,$acc8 - mov $acc0,$tp20 - mov $acc8,$tp28 - - and $mask80,$acc0 - and $mask80,$acc8 - mov $acc0,$tp80 - mov $acc8,$tp88 - shr \$7,$tp80 - lea ($tp20,$tp20),$tp40 - shr \$7,$tp88 - lea ($tp28,$tp28),$tp48 - sub $tp80,$acc0 - sub $tp88,$acc8 - and $maskfe,$tp40 - and $maskfe,$tp48 - and $mask1b,$acc0 - and $mask1b,$acc8 - xor $tp40,$acc0 - xor $tp48,$acc8 - mov $acc0,$tp40 - mov $acc8,$tp48 - - and $mask80,$acc0 - and $mask80,$acc8 - mov $acc0,$tp80 - mov $acc8,$tp88 - shr \$7,$tp80 - xor $tp10,$tp20 # tp2^=tp1 - shr \$7,$tp88 - xor $tp18,$tp28 # tp2^=tp1 - sub $tp80,$acc0 - sub $tp88,$acc8 - lea ($tp40,$tp40),$tp80 - lea ($tp48,$tp48),$tp88 - xor $tp10,$tp40 # tp4^=tp1 - xor $tp18,$tp48 # tp4^=tp1 - and $maskfe,$tp80 - and $maskfe,$tp88 - and $mask1b,$acc0 - and $mask1b,$acc8 - xor $acc0,$tp80 - xor $acc8,$tp88 - - xor $tp80,$tp10 # tp1^=tp8 - xor $tp88,$tp18 # tp1^=tp8 - xor $tp80,$tp20 # tp2^tp1^=tp8 - xor $tp88,$tp28 # tp2^tp1^=tp8 - mov $tp10,$acc0 - mov $tp18,$acc8 - xor $tp80,$tp40 # tp4^tp1^=tp8 - xor $tp88,$tp48 # tp4^tp1^=tp8 - shr \$32,$acc0 - shr \$32,$acc8 - xor $tp20,$tp80 # tp8^=tp8^tp2^tp1=tp2^tp1 - xor $tp28,$tp88 # tp8^=tp8^tp2^tp1=tp2^tp1 - rol \$8,`&LO("$tp10")` # ROTATE(tp1^tp8,8) - rol \$8,`&LO("$tp18")` # ROTATE(tp1^tp8,8) - xor $tp40,$tp80 # tp2^tp1^=tp8^tp4^tp1=tp8^tp4^tp2 - xor $tp48,$tp88 # tp2^tp1^=tp8^tp4^tp1=tp8^tp4^tp2 - - rol \$8,`&LO("$acc0")` # ROTATE(tp1^tp8,8) - rol \$8,`&LO("$acc8")` # ROTATE(tp1^tp8,8) - xor `&LO("$tp80")`,`&LO("$tp10")` - xor `&LO("$tp88")`,`&LO("$tp18")` - shr \$32,$tp80 - shr \$32,$tp88 - xor `&LO("$tp80")`,`&LO("$acc0")` - xor `&LO("$tp88")`,`&LO("$acc8")` - - mov $tp20,$tp80 - mov $tp28,$tp88 - shr \$32,$tp80 - shr \$32,$tp88 - rol \$24,`&LO("$tp20")` # ROTATE(tp2^tp1^tp8,24) - rol \$24,`&LO("$tp28")` # ROTATE(tp2^tp1^tp8,24) - rol \$24,`&LO("$tp80")` # ROTATE(tp2^tp1^tp8,24) - rol \$24,`&LO("$tp88")` # ROTATE(tp2^tp1^tp8,24) - xor `&LO("$tp20")`,`&LO("$tp10")` - xor `&LO("$tp28")`,`&LO("$tp18")` - mov $tp40,$tp20 - mov $tp48,$tp28 - xor `&LO("$tp80")`,`&LO("$acc0")` - xor `&LO("$tp88")`,`&LO("$acc8")` - - `"mov 0($sbox),$mask80" if ($prefetch)` - shr \$32,$tp20 - shr \$32,$tp28 - `"mov 64($sbox),$maskfe" if ($prefetch)` - rol \$16,`&LO("$tp40")` # ROTATE(tp4^tp1^tp8,16) - rol \$16,`&LO("$tp48")` # ROTATE(tp4^tp1^tp8,16) - `"mov 128($sbox),$mask1b" if ($prefetch)` - rol \$16,`&LO("$tp20")` # ROTATE(tp4^tp1^tp8,16) - rol \$16,`&LO("$tp28")` # ROTATE(tp4^tp1^tp8,16) - `"mov 192($sbox),$tp80" if ($prefetch)` - xor `&LO("$tp40")`,`&LO("$tp10")` - xor `&LO("$tp48")`,`&LO("$tp18")` - `"mov 256($sbox),$tp88" if ($prefetch)` - xor `&LO("$tp20")`,`&LO("$acc0")` - xor `&LO("$tp28")`,`&LO("$acc8")` -___ -} - -$code.=<<___; -.type _x86_64_AES_decrypt_compact,\@abi-omnipotent -.align 16 -_x86_64_AES_decrypt_compact: - _CET_ENDBR - lea 128($sbox),$inp # size optimization - mov 0-128($inp),$acc1 # prefetch Td4 - mov 32-128($inp),$acc2 - mov 64-128($inp),$t0 - mov 96-128($inp),$t1 - mov 128-128($inp),$acc1 - mov 160-128($inp),$acc2 - mov 192-128($inp),$t0 - mov 224-128($inp),$t1 - jmp .Ldec_loop_compact - -.align 16 -.Ldec_loop_compact: - xor 0($key),$s0 # xor with key - xor 4($key),$s1 - xor 8($key),$s2 - xor 12($key),$s3 - lea 16($key),$key -___ - &deccompactvert(); -$code.=<<___; - cmp 16(%rsp),$key - je .Ldec_compact_done - - mov 256+0($sbox),$mask80 - shl \$32,%rbx - shl \$32,%rdx - mov 256+8($sbox),$maskfe - or %rbx,%rax - or %rdx,%rcx - mov 256+16($sbox),$mask1b -___ - &dectransform(1); -$code.=<<___; - jmp .Ldec_loop_compact -.align 16 -.Ldec_compact_done: - xor 0($key),$s0 - xor 4($key),$s1 - xor 8($key),$s2 - xor 12($key),$s3 - retq -.size _x86_64_AES_decrypt_compact,.-_x86_64_AES_decrypt_compact -___ - -# void aes_decrypt_internal(const void *inp, void *out, const AES_KEY *key); -$code.=<<___; -.globl aes_decrypt_internal -.type aes_decrypt_internal,\@function,3 -.align 16 -.globl asm_AES_decrypt -.hidden asm_AES_decrypt -asm_AES_decrypt: -aes_decrypt_internal: - _CET_ENDBR - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - - # allocate frame "above" key schedule - mov %rsp,%r10 - lea -63(%rdx),%rcx # %rdx is key argument - and \$-64,%rsp - sub %rsp,%rcx - neg %rcx - and \$0x3c0,%rcx - sub %rcx,%rsp - sub \$32,%rsp - - mov %rsi,16(%rsp) # save out - mov %r10,24(%rsp) # save real stack pointer -.Ldec_prologue: - - mov %rdx,$key - mov 240($key),$rnds # load rounds - - mov 0(%rdi),$s0 # load input vector - mov 4(%rdi),$s1 - mov 8(%rdi),$s2 - mov 12(%rdi),$s3 - - shl \$4,$rnds - lea ($key,$rnds),%rbp - mov $key,(%rsp) # key schedule - mov %rbp,8(%rsp) # end of key schedule - - # pick Td4 copy which can't "overlap" with stack frame or key schedule - lea .LAES_Td+2048(%rip),$sbox - lea 768(%rsp),%rbp - sub $sbox,%rbp - and \$0x300,%rbp - lea ($sbox,%rbp),$sbox - shr \$3,%rbp # recall "magic" constants! - add %rbp,$sbox - - call _x86_64_AES_decrypt_compact - - mov 16(%rsp),$out # restore out - mov 24(%rsp),%rsi # restore saved stack pointer - mov $s0,0($out) # write output vector - mov $s1,4($out) - mov $s2,8($out) - mov $s3,12($out) - - mov (%rsi),%r15 - mov 8(%rsi),%r14 - mov 16(%rsi),%r13 - mov 24(%rsi),%r12 - mov 32(%rsi),%rbp - mov 40(%rsi),%rbx - lea 48(%rsi),%rsp -.Ldec_epilogue: - ret -.size aes_decrypt_internal,.-aes_decrypt_internal -___ -#------------------------------------------------------------------# - -sub enckey() -{ -$code.=<<___; - movz %dl,%esi # rk[i]>>0 - movzb -128(%rbp,%rsi),%ebx - movz %dh,%esi # rk[i]>>8 - shl \$24,%ebx - xor %ebx,%eax - - movzb -128(%rbp,%rsi),%ebx - shr \$16,%edx - movz %dl,%esi # rk[i]>>16 - xor %ebx,%eax - - movzb -128(%rbp,%rsi),%ebx - movz %dh,%esi # rk[i]>>24 - shl \$8,%ebx - xor %ebx,%eax - - movzb -128(%rbp,%rsi),%ebx - shl \$16,%ebx - xor %ebx,%eax - - xor 1024-128(%rbp,%rcx,4),%eax # rcon -___ -} - -# int aes_set_encrypt_key_internal(const unsigned char *userKey, const int bits, -# AES_KEY *key) -$code.=<<___; -.globl aes_set_encrypt_key_internal -.type aes_set_encrypt_key_internal,\@function,3 -.align 16 -aes_set_encrypt_key_internal: - _CET_ENDBR - push %rbx - push %rbp - push %r12 # redundant, but allows to share - push %r13 # exception handler... - push %r14 - push %r15 - sub \$8,%rsp -.Lenc_key_prologue: - - call _x86_64_AES_set_encrypt_key - - mov 8(%rsp),%r15 - mov 16(%rsp),%r14 - mov 24(%rsp),%r13 - mov 32(%rsp),%r12 - mov 40(%rsp),%rbp - mov 48(%rsp),%rbx - add \$56,%rsp -.Lenc_key_epilogue: - ret -.size aes_set_encrypt_key_internal,.-aes_set_encrypt_key_internal - -.type _x86_64_AES_set_encrypt_key,\@abi-omnipotent -.align 16 -_x86_64_AES_set_encrypt_key: - _CET_ENDBR - mov %esi,%ecx # %ecx=bits - mov %rdi,%rsi # %rsi=userKey - mov %rdx,%rdi # %rdi=key - - test \$-1,%rsi - jz .Lbadpointer - test \$-1,%rdi - jz .Lbadpointer - - lea .LAES_Te(%rip),%rbp - lea 2048+128(%rbp),%rbp - - # prefetch Te4 - mov 0-128(%rbp),%eax - mov 32-128(%rbp),%ebx - mov 64-128(%rbp),%r8d - mov 96-128(%rbp),%edx - mov 128-128(%rbp),%eax - mov 160-128(%rbp),%ebx - mov 192-128(%rbp),%r8d - mov 224-128(%rbp),%edx - - cmp \$128,%ecx - je .L10rounds - cmp \$192,%ecx - je .L12rounds - cmp \$256,%ecx - je .L14rounds - mov \$-2,%rax # invalid number of bits - jmp .Lexit - -.L10rounds: - mov 0(%rsi),%rax # copy first 4 dwords - mov 8(%rsi),%rdx - mov %rax,0(%rdi) - mov %rdx,8(%rdi) - - shr \$32,%rdx - xor %ecx,%ecx - jmp .L10shortcut -.align 4 -.L10loop: - mov 0(%rdi),%eax # rk[0] - mov 12(%rdi),%edx # rk[3] -.L10shortcut: -___ - &enckey (); -$code.=<<___; - mov %eax,16(%rdi) # rk[4] - xor 4(%rdi),%eax - mov %eax,20(%rdi) # rk[5] - xor 8(%rdi),%eax - mov %eax,24(%rdi) # rk[6] - xor 12(%rdi),%eax - mov %eax,28(%rdi) # rk[7] - add \$1,%ecx - lea 16(%rdi),%rdi - cmp \$10,%ecx - jl .L10loop - - movl \$10,80(%rdi) # setup number of rounds - xor %rax,%rax - jmp .Lexit - -.L12rounds: - mov 0(%rsi),%rax # copy first 6 dwords - mov 8(%rsi),%rbx - mov 16(%rsi),%rdx - mov %rax,0(%rdi) - mov %rbx,8(%rdi) - mov %rdx,16(%rdi) - - shr \$32,%rdx - xor %ecx,%ecx - jmp .L12shortcut -.align 4 -.L12loop: - mov 0(%rdi),%eax # rk[0] - mov 20(%rdi),%edx # rk[5] -.L12shortcut: -___ - &enckey (); -$code.=<<___; - mov %eax,24(%rdi) # rk[6] - xor 4(%rdi),%eax - mov %eax,28(%rdi) # rk[7] - xor 8(%rdi),%eax - mov %eax,32(%rdi) # rk[8] - xor 12(%rdi),%eax - mov %eax,36(%rdi) # rk[9] - - cmp \$7,%ecx - je .L12break - add \$1,%ecx - - xor 16(%rdi),%eax - mov %eax,40(%rdi) # rk[10] - xor 20(%rdi),%eax - mov %eax,44(%rdi) # rk[11] - - lea 24(%rdi),%rdi - jmp .L12loop -.L12break: - movl \$12,72(%rdi) # setup number of rounds - xor %rax,%rax - jmp .Lexit - -.L14rounds: - mov 0(%rsi),%rax # copy first 8 dwords - mov 8(%rsi),%rbx - mov 16(%rsi),%rcx - mov 24(%rsi),%rdx - mov %rax,0(%rdi) - mov %rbx,8(%rdi) - mov %rcx,16(%rdi) - mov %rdx,24(%rdi) - - shr \$32,%rdx - xor %ecx,%ecx - jmp .L14shortcut -.align 4 -.L14loop: - mov 0(%rdi),%eax # rk[0] - mov 28(%rdi),%edx # rk[4] -.L14shortcut: -___ - &enckey (); -$code.=<<___; - mov %eax,32(%rdi) # rk[8] - xor 4(%rdi),%eax - mov %eax,36(%rdi) # rk[9] - xor 8(%rdi),%eax - mov %eax,40(%rdi) # rk[10] - xor 12(%rdi),%eax - mov %eax,44(%rdi) # rk[11] - - cmp \$6,%ecx - je .L14break - add \$1,%ecx - - mov %eax,%edx - mov 16(%rdi),%eax # rk[4] - movz %dl,%esi # rk[11]>>0 - movzb -128(%rbp,%rsi),%ebx - movz %dh,%esi # rk[11]>>8 - xor %ebx,%eax - - movzb -128(%rbp,%rsi),%ebx - shr \$16,%edx - shl \$8,%ebx - movz %dl,%esi # rk[11]>>16 - xor %ebx,%eax - - movzb -128(%rbp,%rsi),%ebx - movz %dh,%esi # rk[11]>>24 - shl \$16,%ebx - xor %ebx,%eax - - movzb -128(%rbp,%rsi),%ebx - shl \$24,%ebx - xor %ebx,%eax - - mov %eax,48(%rdi) # rk[12] - xor 20(%rdi),%eax - mov %eax,52(%rdi) # rk[13] - xor 24(%rdi),%eax - mov %eax,56(%rdi) # rk[14] - xor 28(%rdi),%eax - mov %eax,60(%rdi) # rk[15] - - lea 32(%rdi),%rdi - jmp .L14loop -.L14break: - movl \$14,48(%rdi) # setup number of rounds - xor %rax,%rax - jmp .Lexit - -.Lbadpointer: - mov \$-1,%rax -.Lexit: - retq -.size _x86_64_AES_set_encrypt_key,.-_x86_64_AES_set_encrypt_key -___ - -sub deckey_ref() -{ my ($i,$ptr,$te,$td) = @_; - my ($tp1,$tp2,$tp4,$tp8,$acc)=("%eax","%ebx","%edi","%edx","%r8d"); -$code.=<<___; - mov $i($ptr),$tp1 - mov $tp1,$acc - and \$0x80808080,$acc - mov $acc,$tp4 - shr \$7,$tp4 - lea 0($tp1,$tp1),$tp2 - sub $tp4,$acc - and \$0xfefefefe,$tp2 - and \$0x1b1b1b1b,$acc - xor $tp2,$acc - mov $acc,$tp2 - - and \$0x80808080,$acc - mov $acc,$tp8 - shr \$7,$tp8 - lea 0($tp2,$tp2),$tp4 - sub $tp8,$acc - and \$0xfefefefe,$tp4 - and \$0x1b1b1b1b,$acc - xor $tp1,$tp2 # tp2^tp1 - xor $tp4,$acc - mov $acc,$tp4 - - and \$0x80808080,$acc - mov $acc,$tp8 - shr \$7,$tp8 - sub $tp8,$acc - lea 0($tp4,$tp4),$tp8 - xor $tp1,$tp4 # tp4^tp1 - and \$0xfefefefe,$tp8 - and \$0x1b1b1b1b,$acc - xor $acc,$tp8 - - xor $tp8,$tp1 # tp1^tp8 - rol \$8,$tp1 # ROTATE(tp1^tp8,8) - xor $tp8,$tp2 # tp2^tp1^tp8 - xor $tp8,$tp4 # tp4^tp1^tp8 - xor $tp2,$tp8 - xor $tp4,$tp8 # tp8^(tp8^tp4^tp1)^(tp8^tp2^tp1)=tp8^tp4^tp2 - - xor $tp8,$tp1 - rol \$24,$tp2 # ROTATE(tp2^tp1^tp8,24) - xor $tp2,$tp1 - rol \$16,$tp4 # ROTATE(tp4^tp1^tp8,16) - xor $tp4,$tp1 - - mov $tp1,$i($ptr) -___ -} - -# int aes_set_decrypt_key_internal(const unsigned char *userKey, const int bits, -# AES_KEY *key) -$code.=<<___; -.globl aes_set_decrypt_key_internal -.type aes_set_decrypt_key_internal,\@function,3 -.align 16 -aes_set_decrypt_key_internal: - _CET_ENDBR - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - push %rdx # save key schedule -.Ldec_key_prologue: - - call _x86_64_AES_set_encrypt_key - mov (%rsp),%r8 # restore key schedule - cmp \$0,%eax - jne .Labort - - mov 240(%r8),%r14d # pull number of rounds - xor %rdi,%rdi - lea (%rdi,%r14d,4),%rcx - mov %r8,%rsi - lea (%r8,%rcx,4),%rdi # pointer to last chunk -.align 4 -.Linvert: - mov 0(%rsi),%rax - mov 8(%rsi),%rbx - mov 0(%rdi),%rcx - mov 8(%rdi),%rdx - mov %rax,0(%rdi) - mov %rbx,8(%rdi) - mov %rcx,0(%rsi) - mov %rdx,8(%rsi) - lea 16(%rsi),%rsi - lea -16(%rdi),%rdi - cmp %rsi,%rdi - jne .Linvert - - lea .LAES_Te+2048+1024(%rip),%rax # rcon - - mov 40(%rax),$mask80 - mov 48(%rax),$maskfe - mov 56(%rax),$mask1b - - mov %r8,$key - sub \$1,%r14d -.align 4 -.Lpermute: - lea 16($key),$key - mov 0($key),%rax - mov 8($key),%rcx -___ - &dectransform (); -$code.=<<___; - mov %eax,0($key) - mov %ebx,4($key) - mov %ecx,8($key) - mov %edx,12($key) - sub \$1,%r14d - jnz .Lpermute - - xor %rax,%rax -.Labort: - mov 8(%rsp),%r15 - mov 16(%rsp),%r14 - mov 24(%rsp),%r13 - mov 32(%rsp),%r12 - mov 40(%rsp),%rbp - mov 48(%rsp),%rbx - add \$56,%rsp -.Ldec_key_epilogue: - ret -.size aes_set_decrypt_key_internal,.-aes_set_decrypt_key_internal -___ - -# void aes_cbc_encrypt_internal(const void char *inp, unsigned char *out, -# size_t length, const AES_KEY *key, unsigned char *ivp,const int enc); -{ -# stack frame layout -# -8(%rsp) return address -my $keyp="0(%rsp)"; # one to pass as $key -my $keyend="8(%rsp)"; # &(keyp->rd_key[4*keyp->rounds]) -my $_rsp="16(%rsp)"; # saved %rsp -my $_inp="24(%rsp)"; # copy of 1st parameter, inp -my $_out="32(%rsp)"; # copy of 2nd parameter, out -my $_len="40(%rsp)"; # copy of 3rd parameter, length -my $_key="48(%rsp)"; # copy of 4th parameter, key -my $_ivp="56(%rsp)"; # copy of 5th parameter, ivp -my $ivec="64(%rsp)"; # ivec[16] -my $aes_key="80(%rsp)"; # copy of aes_key -my $mark="80+240(%rsp)"; # copy of aes_key->rounds - -$code.=<<___; -.globl aes_cbc_encrypt_internal -.type aes_cbc_encrypt_internal,\@function,6 -.align 16 -.extern OPENSSL_ia32cap_P -.hidden OPENSSL_ia32cap_P -.globl asm_AES_cbc_encrypt -.hidden asm_AES_cbc_encrypt -asm_AES_cbc_encrypt: -aes_cbc_encrypt_internal: - _CET_ENDBR - cmp \$0,%rdx # check length - je .Lcbc_epilogue - pushfq - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 -.Lcbc_prologue: - - cld - mov %r9d,%r9d # clear upper half of enc - - lea .LAES_Te(%rip),$sbox - cmp \$0,%r9 - jne .Lcbc_picked_te - lea .LAES_Td(%rip),$sbox -.Lcbc_picked_te: - - mov OPENSSL_ia32cap_P(%rip),%r10d - cmp \$$speed_limit,%rdx - jb .Lcbc_slow_prologue - test \$15,%rdx - jnz .Lcbc_slow_prologue - bt \$IA32CAP_BIT0_HT,%r10d - jc .Lcbc_slow_prologue - - # allocate aligned stack frame... - lea -88-248(%rsp),$key - and \$-64,$key - - # ... and make sure it doesn't alias with AES_T[ed] modulo 4096 - mov $sbox,%r10 - lea 2304($sbox),%r11 - mov $key,%r12 - and \$0xFFF,%r10 # s = $sbox&0xfff - and \$0xFFF,%r11 # e = ($sbox+2048)&0xfff - and \$0xFFF,%r12 # p = %rsp&0xfff - - cmp %r11,%r12 # if (p=>e) %rsp =- (p-e); - jb .Lcbc_te_break_out - sub %r11,%r12 - sub %r12,$key - jmp .Lcbc_te_ok -.Lcbc_te_break_out: # else %rsp -= (p-s)&0xfff + framesz - sub %r10,%r12 - and \$0xFFF,%r12 - add \$320,%r12 - sub %r12,$key -.align 4 -.Lcbc_te_ok: - - xchg %rsp,$key - #add \$8,%rsp # reserve for return address! - mov $key,$_rsp # save %rsp -.Lcbc_fast_body: - mov %rdi,$_inp # save copy of inp - mov %rsi,$_out # save copy of out - mov %rdx,$_len # save copy of len - mov %rcx,$_key # save copy of key - mov %r8,$_ivp # save copy of ivp - movl \$0,$mark # copy of aes_key->rounds = 0; - mov %r8,%rbp # rearrange input arguments - mov %r9,%rbx - mov %rsi,$out - mov %rdi,$inp - mov %rcx,$key - - mov 240($key),%eax # key->rounds - # do we copy key schedule to stack? - mov $key,%r10 - sub $sbox,%r10 - and \$0xfff,%r10 - cmp \$2304,%r10 - jb .Lcbc_do_ecopy - cmp \$4096-248,%r10 - jb .Lcbc_skip_ecopy -.align 4 -.Lcbc_do_ecopy: - mov $key,%rsi - lea $aes_key,%rdi - lea $aes_key,$key - mov \$240/8,%ecx - .long 0x90A548F3 # rep movsq - mov %eax,(%rdi) # copy aes_key->rounds -.Lcbc_skip_ecopy: - mov $key,$keyp # save key pointer - - mov \$18,%ecx -.align 4 -.Lcbc_prefetch_te: - mov 0($sbox),%r10 - mov 32($sbox),%r11 - mov 64($sbox),%r12 - mov 96($sbox),%r13 - lea 128($sbox),$sbox - sub \$1,%ecx - jnz .Lcbc_prefetch_te - lea -2304($sbox),$sbox - - cmp \$0,%rbx - je .LFAST_DECRYPT - -#----------------------------- ENCRYPT -----------------------------# - mov 0(%rbp),$s0 # load iv - mov 4(%rbp),$s1 - mov 8(%rbp),$s2 - mov 12(%rbp),$s3 - -.align 4 -.Lcbc_fast_enc_loop: - xor 0($inp),$s0 - xor 4($inp),$s1 - xor 8($inp),$s2 - xor 12($inp),$s3 - mov $keyp,$key # restore key - mov $inp,$_inp # if ($verticalspin) save inp - - call _x86_64_AES_encrypt - - mov $_inp,$inp # if ($verticalspin) restore inp - mov $_len,%r10 - mov $s0,0($out) - mov $s1,4($out) - mov $s2,8($out) - mov $s3,12($out) - - lea 16($inp),$inp - lea 16($out),$out - sub \$16,%r10 - test \$-16,%r10 - mov %r10,$_len - jnz .Lcbc_fast_enc_loop - mov $_ivp,%rbp # restore ivp - mov $s0,0(%rbp) # save ivec - mov $s1,4(%rbp) - mov $s2,8(%rbp) - mov $s3,12(%rbp) - - jmp .Lcbc_fast_cleanup - -#----------------------------- DECRYPT -----------------------------# -.align 16 -.LFAST_DECRYPT: - cmp $inp,$out - je .Lcbc_fast_dec_in_place - - mov %rbp,$ivec -.align 4 -.Lcbc_fast_dec_loop: - mov 0($inp),$s0 # read input - mov 4($inp),$s1 - mov 8($inp),$s2 - mov 12($inp),$s3 - mov $keyp,$key # restore key - mov $inp,$_inp # if ($verticalspin) save inp - - call _x86_64_AES_decrypt - - mov $ivec,%rbp # load ivp - mov $_inp,$inp # if ($verticalspin) restore inp - mov $_len,%r10 # load len - xor 0(%rbp),$s0 # xor iv - xor 4(%rbp),$s1 - xor 8(%rbp),$s2 - xor 12(%rbp),$s3 - mov $inp,%rbp # current input, next iv - - sub \$16,%r10 - mov %r10,$_len # update len - mov %rbp,$ivec # update ivp - - mov $s0,0($out) # write output - mov $s1,4($out) - mov $s2,8($out) - mov $s3,12($out) - - lea 16($inp),$inp - lea 16($out),$out - jnz .Lcbc_fast_dec_loop - mov $_ivp,%r12 # load user ivp - mov 0(%rbp),%r10 # load iv - mov 8(%rbp),%r11 - mov %r10,0(%r12) # copy back to user - mov %r11,8(%r12) - jmp .Lcbc_fast_cleanup - -.align 16 -.Lcbc_fast_dec_in_place: - mov 0(%rbp),%r10 # copy iv to stack - mov 8(%rbp),%r11 - mov %r10,0+$ivec - mov %r11,8+$ivec -.align 4 -.Lcbc_fast_dec_in_place_loop: - mov 0($inp),$s0 # load input - mov 4($inp),$s1 - mov 8($inp),$s2 - mov 12($inp),$s3 - mov $keyp,$key # restore key - mov $inp,$_inp # if ($verticalspin) save inp - - call _x86_64_AES_decrypt - - mov $_inp,$inp # if ($verticalspin) restore inp - mov $_len,%r10 - xor 0+$ivec,$s0 - xor 4+$ivec,$s1 - xor 8+$ivec,$s2 - xor 12+$ivec,$s3 - - mov 0($inp),%r11 # load input - mov 8($inp),%r12 - sub \$16,%r10 - jz .Lcbc_fast_dec_in_place_done - - mov %r11,0+$ivec # copy input to iv - mov %r12,8+$ivec - - mov $s0,0($out) # save output [zaps input] - mov $s1,4($out) - mov $s2,8($out) - mov $s3,12($out) - - lea 16($inp),$inp - lea 16($out),$out - mov %r10,$_len - jmp .Lcbc_fast_dec_in_place_loop -.Lcbc_fast_dec_in_place_done: - mov $_ivp,%rdi - mov %r11,0(%rdi) # copy iv back to user - mov %r12,8(%rdi) - - mov $s0,0($out) # save output [zaps input] - mov $s1,4($out) - mov $s2,8($out) - mov $s3,12($out) - -.align 4 -.Lcbc_fast_cleanup: - cmpl \$0,$mark # was the key schedule copied? - lea $aes_key,%rdi - je .Lcbc_exit - mov \$240/8,%ecx - xor %rax,%rax - .long 0x90AB48F3 # rep stosq - - jmp .Lcbc_exit - -#--------------------------- SLOW ROUTINE ---------------------------# -.align 16 -.Lcbc_slow_prologue: - # allocate aligned stack frame... - lea -88(%rsp),%rbp - and \$-64,%rbp - # ... just "above" key schedule - lea -88-63(%rcx),%r10 - sub %rbp,%r10 - neg %r10 - and \$0x3c0,%r10 - sub %r10,%rbp - - xchg %rsp,%rbp - #add \$8,%rsp # reserve for return address! - mov %rbp,$_rsp # save %rsp -.Lcbc_slow_body: - #mov %rdi,$_inp # save copy of inp - #mov %rsi,$_out # save copy of out - #mov %rdx,$_len # save copy of len - #mov %rcx,$_key # save copy of key - mov %r8,$_ivp # save copy of ivp - mov %r8,%rbp # rearrange input arguments - mov %r9,%rbx - mov %rsi,$out - mov %rdi,$inp - mov %rcx,$key - mov %rdx,%r10 - - mov 240($key),%eax - mov $key,$keyp # save key pointer - shl \$4,%eax - lea ($key,%rax),%rax - mov %rax,$keyend - - # pick Te4 copy which can't "overlap" with stack frame or key schedule - lea 2048($sbox),$sbox - lea 768-8(%rsp),%rax - sub $sbox,%rax - and \$0x300,%rax - lea ($sbox,%rax),$sbox - - cmp \$0,%rbx - je .LSLOW_DECRYPT - -#--------------------------- SLOW ENCRYPT ---------------------------# - test \$-16,%r10 # check upon length - mov 0(%rbp),$s0 # load iv - mov 4(%rbp),$s1 - mov 8(%rbp),$s2 - mov 12(%rbp),$s3 - jz .Lcbc_slow_enc_tail # short input... - -.align 4 -.Lcbc_slow_enc_loop: - xor 0($inp),$s0 - xor 4($inp),$s1 - xor 8($inp),$s2 - xor 12($inp),$s3 - mov $keyp,$key # restore key - mov $inp,$_inp # save inp - mov $out,$_out # save out - mov %r10,$_len # save len - - call _x86_64_AES_encrypt_compact - - mov $_inp,$inp # restore inp - mov $_out,$out # restore out - mov $_len,%r10 # restore len - mov $s0,0($out) - mov $s1,4($out) - mov $s2,8($out) - mov $s3,12($out) - - lea 16($inp),$inp - lea 16($out),$out - sub \$16,%r10 - test \$-16,%r10 - jnz .Lcbc_slow_enc_loop - test \$15,%r10 - jnz .Lcbc_slow_enc_tail - mov $_ivp,%rbp # restore ivp - mov $s0,0(%rbp) # save ivec - mov $s1,4(%rbp) - mov $s2,8(%rbp) - mov $s3,12(%rbp) - - jmp .Lcbc_exit - -.align 4 -.Lcbc_slow_enc_tail: - mov %rax,%r11 - mov %rcx,%r12 - mov %r10,%rcx - mov $inp,%rsi - mov $out,%rdi - .long 0x9066A4F3 # rep movsb - mov \$16,%rcx # zero tail - sub %r10,%rcx - xor %rax,%rax - .long 0x9066AAF3 # rep stosb - mov $out,$inp # this is not a mistake! - mov \$16,%r10 # len=16 - mov %r11,%rax - mov %r12,%rcx - jmp .Lcbc_slow_enc_loop # one more spin... -#--------------------------- SLOW DECRYPT ---------------------------# -.align 16 -.LSLOW_DECRYPT: - shr \$3,%rax - add %rax,$sbox # recall "magic" constants! - - mov 0(%rbp),%r11 # copy iv to stack - mov 8(%rbp),%r12 - mov %r11,0+$ivec - mov %r12,8+$ivec - -.align 4 -.Lcbc_slow_dec_loop: - mov 0($inp),$s0 # load input - mov 4($inp),$s1 - mov 8($inp),$s2 - mov 12($inp),$s3 - mov $keyp,$key # restore key - mov $inp,$_inp # save inp - mov $out,$_out # save out - mov %r10,$_len # save len - - call _x86_64_AES_decrypt_compact - - mov $_inp,$inp # restore inp - mov $_out,$out # restore out - mov $_len,%r10 - xor 0+$ivec,$s0 - xor 4+$ivec,$s1 - xor 8+$ivec,$s2 - xor 12+$ivec,$s3 - - mov 0($inp),%r11 # load input - mov 8($inp),%r12 - sub \$16,%r10 - jc .Lcbc_slow_dec_partial - jz .Lcbc_slow_dec_done - - mov %r11,0+$ivec # copy input to iv - mov %r12,8+$ivec - - mov $s0,0($out) # save output [can zap input] - mov $s1,4($out) - mov $s2,8($out) - mov $s3,12($out) - - lea 16($inp),$inp - lea 16($out),$out - jmp .Lcbc_slow_dec_loop -.Lcbc_slow_dec_done: - mov $_ivp,%rdi - mov %r11,0(%rdi) # copy iv back to user - mov %r12,8(%rdi) - - mov $s0,0($out) # save output [can zap input] - mov $s1,4($out) - mov $s2,8($out) - mov $s3,12($out) - - jmp .Lcbc_exit - -.align 4 -.Lcbc_slow_dec_partial: - mov $_ivp,%rdi - mov %r11,0(%rdi) # copy iv back to user - mov %r12,8(%rdi) - - mov $s0,0+$ivec # save output to stack - mov $s1,4+$ivec - mov $s2,8+$ivec - mov $s3,12+$ivec - - mov $out,%rdi - lea $ivec,%rsi - lea 16(%r10),%rcx - .long 0x9066A4F3 # rep movsb - jmp .Lcbc_exit - -.align 16 -.Lcbc_exit: - mov $_rsp,%rsi - mov (%rsi),%r15 - mov 8(%rsi),%r14 - mov 16(%rsi),%r13 - mov 24(%rsi),%r12 - mov 32(%rsi),%rbp - mov 40(%rsi),%rbx - lea 48(%rsi),%rsp -.Lcbc_popfq: - popfq -.Lcbc_epilogue: - ret -.size aes_cbc_encrypt_internal,.-aes_cbc_encrypt_internal -___ -} - -$code.=<<___; -.section .rodata -.align 64 -.LAES_Te: -___ - &_data_word(0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6); - &_data_word(0x0df2f2ff, 0xbd6b6bd6, 0xb16f6fde, 0x54c5c591); - &_data_word(0x50303060, 0x03010102, 0xa96767ce, 0x7d2b2b56); - &_data_word(0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec); - &_data_word(0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa); - &_data_word(0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb); - &_data_word(0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45); - &_data_word(0xbf9c9c23, 0xf7a4a453, 0x967272e4, 0x5bc0c09b); - &_data_word(0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c); - &_data_word(0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83); - &_data_word(0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x08f1f1f9); - &_data_word(0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a); - &_data_word(0x0c040408, 0x52c7c795, 0x65232346, 0x5ec3c39d); - &_data_word(0x28181830, 0xa1969637, 0x0f05050a, 0xb59a9a2f); - &_data_word(0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df); - &_data_word(0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea); - &_data_word(0x1b090912, 0x9e83831d, 0x742c2c58, 0x2e1a1a34); - &_data_word(0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b); - &_data_word(0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d); - &_data_word(0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413); - &_data_word(0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1); - &_data_word(0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6); - &_data_word(0xbe6a6ad4, 0x46cbcb8d, 0xd9bebe67, 0x4b393972); - &_data_word(0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85); - &_data_word(0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed); - &_data_word(0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511); - &_data_word(0xcf45458a, 0x10f9f9e9, 0x06020204, 0x817f7ffe); - &_data_word(0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b); - &_data_word(0xf35151a2, 0xfea3a35d, 0xc0404080, 0x8a8f8f05); - &_data_word(0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1); - &_data_word(0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142); - &_data_word(0x30101020, 0x1affffe5, 0x0ef3f3fd, 0x6dd2d2bf); - &_data_word(0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3); - &_data_word(0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e); - &_data_word(0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a); - &_data_word(0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6); - &_data_word(0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3); - &_data_word(0x66222244, 0x7e2a2a54, 0xab90903b, 0x8388880b); - &_data_word(0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428); - &_data_word(0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad); - &_data_word(0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14); - &_data_word(0xdb494992, 0x0a06060c, 0x6c242448, 0xe45c5cb8); - &_data_word(0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4); - &_data_word(0xa8919139, 0xa4959531, 0x37e4e4d3, 0x8b7979f2); - &_data_word(0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda); - &_data_word(0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949); - &_data_word(0xb46c6cd8, 0xfa5656ac, 0x07f4f4f3, 0x25eaeacf); - &_data_word(0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810); - &_data_word(0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c); - &_data_word(0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697); - &_data_word(0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e); - &_data_word(0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f); - &_data_word(0x907070e0, 0x423e3e7c, 0xc4b5b571, 0xaa6666cc); - &_data_word(0xd8484890, 0x05030306, 0x01f6f6f7, 0x120e0e1c); - &_data_word(0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969); - &_data_word(0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27); - &_data_word(0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122); - &_data_word(0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433); - &_data_word(0xb69b9b2d, 0x221e1e3c, 0x92878715, 0x20e9e9c9); - &_data_word(0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5); - &_data_word(0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a); - &_data_word(0xdabfbf65, 0x31e6e6d7, 0xc6424284, 0xb86868d0); - &_data_word(0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e); - &_data_word(0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c); - -#Te4 # four copies of Te4 to choose from to avoid L1 aliasing - &data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5); - &data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76); - &data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0); - &data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0); - &data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc); - &data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15); - &data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a); - &data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75); - &data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0); - &data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84); - &data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b); - &data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf); - &data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85); - &data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8); - &data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5); - &data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2); - &data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17); - &data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73); - &data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88); - &data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb); - &data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c); - &data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79); - &data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9); - &data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08); - &data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6); - &data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a); - &data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e); - &data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e); - &data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94); - &data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf); - &data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68); - &data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16); - - &data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5); - &data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76); - &data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0); - &data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0); - &data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc); - &data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15); - &data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a); - &data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75); - &data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0); - &data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84); - &data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b); - &data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf); - &data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85); - &data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8); - &data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5); - &data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2); - &data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17); - &data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73); - &data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88); - &data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb); - &data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c); - &data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79); - &data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9); - &data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08); - &data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6); - &data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a); - &data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e); - &data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e); - &data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94); - &data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf); - &data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68); - &data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16); - - &data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5); - &data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76); - &data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0); - &data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0); - &data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc); - &data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15); - &data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a); - &data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75); - &data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0); - &data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84); - &data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b); - &data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf); - &data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85); - &data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8); - &data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5); - &data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2); - &data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17); - &data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73); - &data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88); - &data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb); - &data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c); - &data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79); - &data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9); - &data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08); - &data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6); - &data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a); - &data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e); - &data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e); - &data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94); - &data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf); - &data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68); - &data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16); - - &data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5); - &data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76); - &data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0); - &data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0); - &data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc); - &data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15); - &data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a); - &data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75); - &data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0); - &data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84); - &data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b); - &data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf); - &data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85); - &data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8); - &data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5); - &data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2); - &data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17); - &data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73); - &data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88); - &data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb); - &data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c); - &data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79); - &data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9); - &data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08); - &data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6); - &data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a); - &data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e); - &data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e); - &data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94); - &data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf); - &data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68); - &data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16); -#rcon: -$code.=<<___; - .long 0x00000001, 0x00000002, 0x00000004, 0x00000008 - .long 0x00000010, 0x00000020, 0x00000040, 0x00000080 - .long 0x0000001b, 0x00000036, 0x80808080, 0x80808080 - .long 0xfefefefe, 0xfefefefe, 0x1b1b1b1b, 0x1b1b1b1b -___ -$code.=<<___; -.align 64 -.LAES_Td: -___ - &_data_word(0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a); - &_data_word(0xcb6bab3b, 0xf1459d1f, 0xab58faac, 0x9303e34b); - &_data_word(0x55fa3020, 0xf66d76ad, 0x9176cc88, 0x254c02f5); - &_data_word(0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 0x8fa362b5); - &_data_word(0x495ab1de, 0x671bba25, 0x980eea45, 0xe1c0fe5d); - &_data_word(0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b); - &_data_word(0xe75f8f03, 0x959c9215, 0xeb7a6dbf, 0xda595295); - &_data_word(0x2d83bed4, 0xd3217458, 0x2969e049, 0x44c8c98e); - &_data_word(0x6a89c275, 0x78798ef4, 0x6b3e5899, 0xdd71b927); - &_data_word(0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d); - &_data_word(0x184adf63, 0x82311ae5, 0x60335197, 0x457f5362); - &_data_word(0xe07764b1, 0x84ae6bbb, 0x1ca081fe, 0x942b08f9); - &_data_word(0x58684870, 0x19fd458f, 0x876cde94, 0xb7f87b52); - &_data_word(0x23d373ab, 0xe2024b72, 0x578f1fe3, 0x2aab5566); - &_data_word(0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3); - &_data_word(0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed); - &_data_word(0x2b1ccf8a, 0x92b479a7, 0xf0f207f3, 0xa1e2694e); - &_data_word(0xcdf4da65, 0xd5be0506, 0x1f6234d1, 0x8afea6c4); - &_data_word(0x9d532e34, 0xa055f3a2, 0x32e18a05, 0x75ebf6a4); - &_data_word(0x39ec830b, 0xaaef6040, 0x069f715e, 0x51106ebd); - &_data_word(0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d); - &_data_word(0xb58d5491, 0x055dc471, 0x6fd40604, 0xff155060); - &_data_word(0x24fb9819, 0x97e9bdd6, 0xcc434089, 0x779ed967); - &_data_word(0xbd42e8b0, 0x888b8907, 0x385b19e7, 0xdbeec879); - &_data_word(0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000); - &_data_word(0x83868009, 0x48ed2b32, 0xac70111e, 0x4e725a6c); - &_data_word(0xfbff0efd, 0x5638850f, 0x1ed5ae3d, 0x27392d36); - &_data_word(0x64d90f0a, 0x21a65c68, 0xd1545b9b, 0x3a2e3624); - &_data_word(0xb1670a0c, 0x0fe75793, 0xd296eeb4, 0x9e919b1b); - &_data_word(0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c); - &_data_word(0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12); - &_data_word(0x0b0d090e, 0xadc78bf2, 0xb9a8b62d, 0xc8a91e14); - &_data_word(0x8519f157, 0x4c0775af, 0xbbdd99ee, 0xfd607fa3); - &_data_word(0x9f2601f7, 0xbcf5725c, 0xc53b6644, 0x347efb5b); - &_data_word(0x7629438b, 0xdcc623cb, 0x68fcedb6, 0x63f1e4b8); - &_data_word(0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684); - &_data_word(0x7d244a85, 0xf83dbbd2, 0x1132f9ae, 0x6da129c7); - &_data_word(0x4b2f9e1d, 0xf330b2dc, 0xec52860d, 0xd0e3c177); - &_data_word(0x6c16b32b, 0x99b970a9, 0xfa489411, 0x2264e947); - &_data_word(0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322); - &_data_word(0xc74e4987, 0xc1d138d9, 0xfea2ca8c, 0x360bd498); - &_data_word(0xcf81f5a6, 0x28de7aa5, 0x268eb7da, 0xa4bfad3f); - &_data_word(0xe49d3a2c, 0x0d927850, 0x9bcc5f6a, 0x62467e54); - &_data_word(0xc2138df6, 0xe8b8d890, 0x5ef7392e, 0xf5afc382); - &_data_word(0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf); - &_data_word(0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb); - &_data_word(0x097826cd, 0xf418596e, 0x01b79aec, 0xa89a4f83); - &_data_word(0x656e95e6, 0x7ee6ffaa, 0x08cfbc21, 0xe6e815ef); - &_data_word(0xd99be7ba, 0xce366f4a, 0xd4099fea, 0xd67cb029); - &_data_word(0xafb2a431, 0x31233f2a, 0x3094a5c6, 0xc066a235); - &_data_word(0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733); - &_data_word(0x4a9804f1, 0xf7daec41, 0x0e50cd7f, 0x2ff69117); - &_data_word(0x8dd64d76, 0x4db0ef43, 0x544daacc, 0xdf0496e4); - &_data_word(0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 0x7f516546); - &_data_word(0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb); - &_data_word(0x5a1d67b3, 0x52d2db92, 0x335610e9, 0x1347d66d); - &_data_word(0x8c61d79a, 0x7a0ca137, 0x8e14f859, 0x893c13eb); - &_data_word(0xee27a9ce, 0x35c961b7, 0xede51ce1, 0x3cb1477a); - &_data_word(0x59dfd29c, 0x3f73f255, 0x79ce1418, 0xbf37c773); - &_data_word(0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478); - &_data_word(0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2); - &_data_word(0x72c31d16, 0x0c25e2bc, 0x8b493c28, 0x41950dff); - &_data_word(0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664); - &_data_word(0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0); - -#Td4: # four copies of Td4 to choose from to avoid L1 aliasing - &data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38); - &data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb); - &data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87); - &data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb); - &data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d); - &data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e); - &data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2); - &data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25); - &data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16); - &data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92); - &data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda); - &data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84); - &data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a); - &data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06); - &data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02); - &data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b); - &data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea); - &data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73); - &data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85); - &data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e); - &data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89); - &data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b); - &data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20); - &data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4); - &data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31); - &data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f); - &data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d); - &data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef); - &data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0); - &data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61); - &data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26); - &data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d); -$code.=<<___; - .long 0x80808080, 0x80808080, 0xfefefefe, 0xfefefefe - .long 0x1b1b1b1b, 0x1b1b1b1b, 0, 0 -___ - &data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38); - &data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb); - &data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87); - &data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb); - &data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d); - &data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e); - &data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2); - &data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25); - &data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16); - &data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92); - &data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda); - &data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84); - &data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a); - &data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06); - &data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02); - &data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b); - &data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea); - &data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73); - &data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85); - &data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e); - &data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89); - &data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b); - &data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20); - &data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4); - &data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31); - &data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f); - &data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d); - &data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef); - &data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0); - &data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61); - &data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26); - &data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d); -$code.=<<___; - .long 0x80808080, 0x80808080, 0xfefefefe, 0xfefefefe - .long 0x1b1b1b1b, 0x1b1b1b1b, 0, 0 -___ - &data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38); - &data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb); - &data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87); - &data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb); - &data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d); - &data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e); - &data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2); - &data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25); - &data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16); - &data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92); - &data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda); - &data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84); - &data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a); - &data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06); - &data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02); - &data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b); - &data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea); - &data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73); - &data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85); - &data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e); - &data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89); - &data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b); - &data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20); - &data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4); - &data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31); - &data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f); - &data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d); - &data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef); - &data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0); - &data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61); - &data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26); - &data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d); -$code.=<<___; - .long 0x80808080, 0x80808080, 0xfefefefe, 0xfefefefe - .long 0x1b1b1b1b, 0x1b1b1b1b, 0, 0 -___ - &data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38); - &data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb); - &data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87); - &data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb); - &data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d); - &data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e); - &data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2); - &data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25); - &data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16); - &data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92); - &data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda); - &data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84); - &data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a); - &data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06); - &data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02); - &data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b); - &data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea); - &data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73); - &data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85); - &data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e); - &data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89); - &data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b); - &data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20); - &data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4); - &data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31); - &data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f); - &data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d); - &data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef); - &data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0); - &data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61); - &data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26); - &data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d); -$code.=<<___; - .long 0x80808080, 0x80808080, 0xfefefefe, 0xfefefefe - .long 0x1b1b1b1b, 0x1b1b1b1b, 0, 0 -.align 64 -.text -___ - -# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame, -# CONTEXT *context,DISPATCHER_CONTEXT *disp) -if ($win64) { -$rec="%rcx"; -$frame="%rdx"; -$context="%r8"; -$disp="%r9"; - -$code.=<<___; -.extern __imp_RtlVirtualUnwind -.type block_se_handler,\@abi-omnipotent -.align 16 -block_se_handler: - _CET_ENDBR - push %rsi - push %rdi - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - pushfq - sub \$64,%rsp - - mov 120($context),%rax # pull context->Rax - mov 248($context),%rbx # pull context->Rip - - mov 8($disp),%rsi # disp->ImageBase - mov 56($disp),%r11 # disp->HandlerData - - mov 0(%r11),%r10d # HandlerData[0] - lea (%rsi,%r10),%r10 # prologue label - cmp %r10,%rbx # context->RipRsp - - mov 4(%r11),%r10d # HandlerData[1] - lea (%rsi,%r10),%r10 # epilogue label - cmp %r10,%rbx # context->Rip>=epilogue label - jae .Lin_block_prologue - - mov 24(%rax),%rax # pull saved real stack pointer - lea 48(%rax),%rax # adjust... - - mov -8(%rax),%rbx - mov -16(%rax),%rbp - mov -24(%rax),%r12 - mov -32(%rax),%r13 - mov -40(%rax),%r14 - mov -48(%rax),%r15 - mov %rbx,144($context) # restore context->Rbx - mov %rbp,160($context) # restore context->Rbp - mov %r12,216($context) # restore context->R12 - mov %r13,224($context) # restore context->R13 - mov %r14,232($context) # restore context->R14 - mov %r15,240($context) # restore context->R15 - -.Lin_block_prologue: - mov 8(%rax),%rdi - mov 16(%rax),%rsi - mov %rax,152($context) # restore context->Rsp - mov %rsi,168($context) # restore context->Rsi - mov %rdi,176($context) # restore context->Rdi - - jmp .Lcommon_seh_exit -.size block_se_handler,.-block_se_handler - -.type key_se_handler,\@abi-omnipotent -.align 16 -key_se_handler: - _CET_ENDBR - push %rsi - push %rdi - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - pushfq - sub \$64,%rsp - - mov 120($context),%rax # pull context->Rax - mov 248($context),%rbx # pull context->Rip - - mov 8($disp),%rsi # disp->ImageBase - mov 56($disp),%r11 # disp->HandlerData - - mov 0(%r11),%r10d # HandlerData[0] - lea (%rsi,%r10),%r10 # prologue label - cmp %r10,%rbx # context->RipRsp - - mov 4(%r11),%r10d # HandlerData[1] - lea (%rsi,%r10),%r10 # epilogue label - cmp %r10,%rbx # context->Rip>=epilogue label - jae .Lin_key_prologue - - lea 56(%rax),%rax - - mov -8(%rax),%rbx - mov -16(%rax),%rbp - mov -24(%rax),%r12 - mov -32(%rax),%r13 - mov -40(%rax),%r14 - mov -48(%rax),%r15 - mov %rbx,144($context) # restore context->Rbx - mov %rbp,160($context) # restore context->Rbp - mov %r12,216($context) # restore context->R12 - mov %r13,224($context) # restore context->R13 - mov %r14,232($context) # restore context->R14 - mov %r15,240($context) # restore context->R15 - -.Lin_key_prologue: - mov 8(%rax),%rdi - mov 16(%rax),%rsi - mov %rax,152($context) # restore context->Rsp - mov %rsi,168($context) # restore context->Rsi - mov %rdi,176($context) # restore context->Rdi - - jmp .Lcommon_seh_exit -.size key_se_handler,.-key_se_handler - -.type cbc_se_handler,\@abi-omnipotent -.align 16 -cbc_se_handler: - _CET_ENDBR - push %rsi - push %rdi - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - pushfq - sub \$64,%rsp - - mov 120($context),%rax # pull context->Rax - mov 248($context),%rbx # pull context->Rip - - lea .Lcbc_prologue(%rip),%r10 - cmp %r10,%rbx # context->Rip<.Lcbc_prologue - jb .Lin_cbc_prologue - - lea .Lcbc_fast_body(%rip),%r10 - cmp %r10,%rbx # context->Rip<.Lcbc_fast_body - jb .Lin_cbc_frame_setup - - lea .Lcbc_slow_prologue(%rip),%r10 - cmp %r10,%rbx # context->Rip<.Lcbc_slow_prologue - jb .Lin_cbc_body - - lea .Lcbc_slow_body(%rip),%r10 - cmp %r10,%rbx # context->Rip<.Lcbc_slow_body - jb .Lin_cbc_frame_setup - -.Lin_cbc_body: - mov 152($context),%rax # pull context->Rsp - - lea .Lcbc_epilogue(%rip),%r10 - cmp %r10,%rbx # context->Rip>=.Lcbc_epilogue - jae .Lin_cbc_prologue - - lea 8(%rax),%rax - - lea .Lcbc_popfq(%rip),%r10 - cmp %r10,%rbx # context->Rip>=.Lcbc_popfq - jae .Lin_cbc_prologue - - mov `16-8`(%rax),%rax # biased $_rsp - lea 56(%rax),%rax - -.Lin_cbc_frame_setup: - mov -16(%rax),%rbx - mov -24(%rax),%rbp - mov -32(%rax),%r12 - mov -40(%rax),%r13 - mov -48(%rax),%r14 - mov -56(%rax),%r15 - mov %rbx,144($context) # restore context->Rbx - mov %rbp,160($context) # restore context->Rbp - mov %r12,216($context) # restore context->R12 - mov %r13,224($context) # restore context->R13 - mov %r14,232($context) # restore context->R14 - mov %r15,240($context) # restore context->R15 - -.Lin_cbc_prologue: - mov 8(%rax),%rdi - mov 16(%rax),%rsi - mov %rax,152($context) # restore context->Rsp - mov %rsi,168($context) # restore context->Rsi - mov %rdi,176($context) # restore context->Rdi - -.Lcommon_seh_exit: - - mov 40($disp),%rdi # disp->ContextRecord - mov $context,%rsi # context - mov \$`1232/8`,%ecx # sizeof(CONTEXT) - .long 0xa548f3fc # cld; rep movsq - - mov $disp,%rsi - xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER - mov 8(%rsi),%rdx # arg2, disp->ImageBase - mov 0(%rsi),%r8 # arg3, disp->ControlPc - mov 16(%rsi),%r9 # arg4, disp->FunctionEntry - mov 40(%rsi),%r10 # disp->ContextRecord - lea 56(%rsi),%r11 # &disp->HandlerData - lea 24(%rsi),%r12 # &disp->EstablisherFrame - mov %r10,32(%rsp) # arg5 - mov %r11,40(%rsp) # arg6 - mov %r12,48(%rsp) # arg7 - mov %rcx,56(%rsp) # arg8, (NULL) - call *__imp_RtlVirtualUnwind(%rip) - - mov \$1,%eax # ExceptionContinueSearch - add \$64,%rsp - popfq - pop %r15 - pop %r14 - pop %r13 - pop %r12 - pop %rbp - pop %rbx - pop %rdi - pop %rsi - ret -.size cbc_se_handler,.-cbc_se_handler - -.section .pdata -.align 4 - .rva .LSEH_begin_aes_encrypt_internal - .rva .LSEH_end_aes_encrypt_internal - .rva .LSEH_info_aes_encrypt_internal - - .rva .LSEH_begin_aes_decrypt_internal - .rva .LSEH_end_aes_decrypt_internal - .rva .LSEH_info_aes_decrypt_internal - - .rva .LSEH_begin_aes_set_encrypt_key_internal - .rva .LSEH_end_aes_set_encrypt_key_internal - .rva .LSEH_info_aes_set_encrypt_key_internal - - .rva .LSEH_begin_aes_set_decrypt_key_internal - .rva .LSEH_end_aes_set_decrypt_key_internal - .rva .LSEH_info_aes_set_decrypt_key_internal - - .rva .LSEH_begin_aes_cbc_encrypt_internal - .rva .LSEH_end_aes_cbc_encrypt_internal - .rva .LSEH_info_aes_cbc_encrypt_internal - -.section .xdata -.align 8 -.LSEH_info_aes_encrypt_internal: - .byte 9,0,0,0 - .rva block_se_handler - .rva .Lenc_prologue,.Lenc_epilogue # HandlerData[] -.LSEH_info_aes_decrypt_internal: - .byte 9,0,0,0 - .rva block_se_handler - .rva .Ldec_prologue,.Ldec_epilogue # HandlerData[] -.LSEH_info_aes_set_encrypt_key_internal: - .byte 9,0,0,0 - .rva key_se_handler - .rva .Lenc_key_prologue,.Lenc_key_epilogue # HandlerData[] -.LSEH_info_aes_set_decrypt_key_internal: - .byte 9,0,0,0 - .rva key_se_handler - .rva .Ldec_key_prologue,.Ldec_key_epilogue # HandlerData[] -.LSEH_info_aes_cbc_encrypt_internal: - .byte 9,0,0,0 - .rva cbc_se_handler -___ -} - -$code =~ s/\`([^\`]*)\`/eval($1)/gem; - -print "#include \"x86_arch.h\"\n"; -print $code; - -close STDOUT; diff --git a/src/lib/libcrypto/aes/asm/aesni-x86.pl b/src/lib/libcrypto/aes/asm/aesni-x86.pl deleted file mode 100644 index ff44415611..0000000000 --- a/src/lib/libcrypto/aes/asm/aesni-x86.pl +++ /dev/null @@ -1,2188 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== -# -# This module implements support for Intel AES-NI extension. In -# OpenSSL context it's used with Intel engine, but can also be used as -# drop-in replacement for crypto/aes/asm/aes-586.pl [see below for -# details]. -# -# Performance. -# -# To start with see corresponding paragraph in aesni-x86_64.pl... -# Instead of filling table similar to one found there I've chosen to -# summarize *comparison* results for raw ECB, CTR and CBC benchmarks. -# The simplified table below represents 32-bit performance relative -# to 64-bit one in every given point. Ratios vary for different -# encryption modes, therefore interval values. -# -# 16-byte 64-byte 256-byte 1-KB 8-KB -# 53-67% 67-84% 91-94% 95-98% 97-99.5% -# -# Lower ratios for smaller block sizes are perfectly understandable, -# because function call overhead is higher in 32-bit mode. Largest -# 8-KB block performance is virtually same: 32-bit code is less than -# 1% slower for ECB, CBC and CCM, and ~3% slower otherwise. - -# January 2011 -# -# See aesni-x86_64.pl for details. Unlike x86_64 version this module -# interleaves at most 6 aes[enc|dec] instructions, because there are -# not enough registers for 8x interleave [which should be optimal for -# Sandy Bridge]. Actually, performance results for 6x interleave -# factor presented in aesni-x86_64.pl (except for CTR) are for this -# module. - -# April 2011 -# -# Add aesni_xts_[en|de]crypt. Westmere spends 1.50 cycles processing -# one byte out of 8KB with 128-bit key, Sandy Bridge - 1.09. - -$PREFIX="aesni"; # if $PREFIX is set to "AES", the script - # generates drop-in replacement for - # crypto/aes/asm/aes-586.pl:-) -$inline=1; # inline _aesni_[en|de]crypt - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -push(@INC,"${dir}","${dir}../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],$0); - -if ($PREFIX eq "aesni") { $movekey=*movups; } -else { $movekey=*movups; } - -$len="eax"; -$rounds="ecx"; -$key="edx"; -$inp="esi"; -$out="edi"; -$rounds_="ebx"; # backup copy for $rounds -$key_="ebp"; # backup copy for $key - -$rndkey0="xmm0"; -$rndkey1="xmm1"; -$inout0="xmm2"; -$inout1="xmm3"; -$inout2="xmm4"; -$inout3="xmm5"; $in1="xmm5"; -$inout4="xmm6"; $in0="xmm6"; -$inout5="xmm7"; $ivec="xmm7"; - -# AESNI extension -sub aeskeygenassist -{ my($dst,$src,$imm)=@_; - if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/) - { &data_byte(0x66,0x0f,0x3a,0xdf,0xc0|($1<<3)|$2,$imm); } -} -sub aescommon -{ my($opcodelet,$dst,$src)=@_; - if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/) - { &data_byte(0x66,0x0f,0x38,$opcodelet,0xc0|($1<<3)|$2);} -} -sub aesimc { aescommon(0xdb,@_); } -sub aesenc { aescommon(0xdc,@_); } -sub aesenclast { aescommon(0xdd,@_); } -sub aesdec { aescommon(0xde,@_); } -sub aesdeclast { aescommon(0xdf,@_); } - -# Inline version of internal aesni_[en|de]crypt1 -{ my $sn; -sub aesni_inline_generate1 -{ my ($p,$inout,$ivec)=@_; $inout=$inout0 if (!defined($inout)); - $sn++; - - &$movekey ($rndkey0,&QWP(0,$key)); - &$movekey ($rndkey1,&QWP(16,$key)); - &xorps ($ivec,$rndkey0) if (defined($ivec)); - &lea ($key,&DWP(32,$key)); - &xorps ($inout,$ivec) if (defined($ivec)); - &xorps ($inout,$rndkey0) if (!defined($ivec)); - &set_label("${p}1_loop_$sn"); - eval"&aes${p} ($inout,$rndkey1)"; - &dec ($rounds); - &$movekey ($rndkey1,&QWP(0,$key)); - &lea ($key,&DWP(16,$key)); - &jnz (&label("${p}1_loop_$sn")); - eval"&aes${p}last ($inout,$rndkey1)"; -}} - -sub aesni_generate1 # fully unrolled loop -{ my ($p,$inout)=@_; $inout=$inout0 if (!defined($inout)); - - &function_begin_B("_aesni_${p}rypt1"); - &movups ($rndkey0,&QWP(0,$key)); - &$movekey ($rndkey1,&QWP(0x10,$key)); - &xorps ($inout,$rndkey0); - &$movekey ($rndkey0,&QWP(0x20,$key)); - &lea ($key,&DWP(0x30,$key)); - &cmp ($rounds,11); - &jb (&label("${p}128")); - &lea ($key,&DWP(0x20,$key)); - &je (&label("${p}192")); - &lea ($key,&DWP(0x20,$key)); - eval"&aes${p} ($inout,$rndkey1)"; - &$movekey ($rndkey1,&QWP(-0x40,$key)); - eval"&aes${p} ($inout,$rndkey0)"; - &$movekey ($rndkey0,&QWP(-0x30,$key)); - &set_label("${p}192"); - eval"&aes${p} ($inout,$rndkey1)"; - &$movekey ($rndkey1,&QWP(-0x20,$key)); - eval"&aes${p} ($inout,$rndkey0)"; - &$movekey ($rndkey0,&QWP(-0x10,$key)); - &set_label("${p}128"); - eval"&aes${p} ($inout,$rndkey1)"; - &$movekey ($rndkey1,&QWP(0,$key)); - eval"&aes${p} ($inout,$rndkey0)"; - &$movekey ($rndkey0,&QWP(0x10,$key)); - eval"&aes${p} ($inout,$rndkey1)"; - &$movekey ($rndkey1,&QWP(0x20,$key)); - eval"&aes${p} ($inout,$rndkey0)"; - &$movekey ($rndkey0,&QWP(0x30,$key)); - eval"&aes${p} ($inout,$rndkey1)"; - &$movekey ($rndkey1,&QWP(0x40,$key)); - eval"&aes${p} ($inout,$rndkey0)"; - &$movekey ($rndkey0,&QWP(0x50,$key)); - eval"&aes${p} ($inout,$rndkey1)"; - &$movekey ($rndkey1,&QWP(0x60,$key)); - eval"&aes${p} ($inout,$rndkey0)"; - &$movekey ($rndkey0,&QWP(0x70,$key)); - eval"&aes${p} ($inout,$rndkey1)"; - eval"&aes${p}last ($inout,$rndkey0)"; - &ret(); - &function_end_B("_aesni_${p}rypt1"); -} - -# void $PREFIX_encrypt (const void *inp,void *out,const AES_KEY *key); -&aesni_generate1("enc") if (!$inline); -&function_begin_B("${PREFIX}_encrypt"); - &mov ("eax",&wparam(0)); - &mov ($key,&wparam(2)); - &movups ($inout0,&QWP(0,"eax")); - &mov ($rounds,&DWP(240,$key)); - &mov ("eax",&wparam(1)); - if ($inline) - { &aesni_inline_generate1("enc"); } - else - { &call ("_aesni_encrypt1"); } - &movups (&QWP(0,"eax"),$inout0); - &ret (); -&function_end_B("${PREFIX}_encrypt"); - -# void $PREFIX_decrypt (const void *inp,void *out,const AES_KEY *key); -&aesni_generate1("dec") if(!$inline); -&function_begin_B("${PREFIX}_decrypt"); - &mov ("eax",&wparam(0)); - &mov ($key,&wparam(2)); - &movups ($inout0,&QWP(0,"eax")); - &mov ($rounds,&DWP(240,$key)); - &mov ("eax",&wparam(1)); - if ($inline) - { &aesni_inline_generate1("dec"); } - else - { &call ("_aesni_decrypt1"); } - &movups (&QWP(0,"eax"),$inout0); - &ret (); -&function_end_B("${PREFIX}_decrypt"); - -# _aesni_[en|de]cryptN are private interfaces, N denotes interleave -# factor. Why 3x subroutine were originally used in loops? Even though -# aes[enc|dec] latency was originally 6, it could be scheduled only -# every *2nd* cycle. Thus 3x interleave was the one providing optimal -# utilization, i.e. when subroutine's throughput is virtually same as -# of non-interleaved subroutine [for number of input blocks up to 3]. -# This is why it makes no sense to implement 2x subroutine. -# aes[enc|dec] latency in next processor generation is 8, but the -# instructions can be scheduled every cycle. Optimal interleave for -# new processor is therefore 8x, but it's unfeasible to accommodate it -# in XMM registers addreassable in 32-bit mode and therefore 6x is -# used instead... - -sub aesni_generate3 -{ my $p=shift; - - &function_begin_B("_aesni_${p}rypt3"); - &$movekey ($rndkey0,&QWP(0,$key)); - &shr ($rounds,1); - &$movekey ($rndkey1,&QWP(16,$key)); - &lea ($key,&DWP(32,$key)); - &xorps ($inout0,$rndkey0); - &pxor ($inout1,$rndkey0); - &pxor ($inout2,$rndkey0); - &$movekey ($rndkey0,&QWP(0,$key)); - - &set_label("${p}3_loop"); - eval"&aes${p} ($inout0,$rndkey1)"; - eval"&aes${p} ($inout1,$rndkey1)"; - &dec ($rounds); - eval"&aes${p} ($inout2,$rndkey1)"; - &$movekey ($rndkey1,&QWP(16,$key)); - eval"&aes${p} ($inout0,$rndkey0)"; - eval"&aes${p} ($inout1,$rndkey0)"; - &lea ($key,&DWP(32,$key)); - eval"&aes${p} ($inout2,$rndkey0)"; - &$movekey ($rndkey0,&QWP(0,$key)); - &jnz (&label("${p}3_loop")); - eval"&aes${p} ($inout0,$rndkey1)"; - eval"&aes${p} ($inout1,$rndkey1)"; - eval"&aes${p} ($inout2,$rndkey1)"; - eval"&aes${p}last ($inout0,$rndkey0)"; - eval"&aes${p}last ($inout1,$rndkey0)"; - eval"&aes${p}last ($inout2,$rndkey0)"; - &ret(); - &function_end_B("_aesni_${p}rypt3"); -} - -# 4x interleave is implemented to improve small block performance, -# most notably [and naturally] 4 block by ~30%. One can argue that one -# should have implemented 5x as well, but improvement would be <20%, -# so it's not worth it... -sub aesni_generate4 -{ my $p=shift; - - &function_begin_B("_aesni_${p}rypt4"); - &$movekey ($rndkey0,&QWP(0,$key)); - &$movekey ($rndkey1,&QWP(16,$key)); - &shr ($rounds,1); - &lea ($key,&DWP(32,$key)); - &xorps ($inout0,$rndkey0); - &pxor ($inout1,$rndkey0); - &pxor ($inout2,$rndkey0); - &pxor ($inout3,$rndkey0); - &$movekey ($rndkey0,&QWP(0,$key)); - - &set_label("${p}4_loop"); - eval"&aes${p} ($inout0,$rndkey1)"; - eval"&aes${p} ($inout1,$rndkey1)"; - &dec ($rounds); - eval"&aes${p} ($inout2,$rndkey1)"; - eval"&aes${p} ($inout3,$rndkey1)"; - &$movekey ($rndkey1,&QWP(16,$key)); - eval"&aes${p} ($inout0,$rndkey0)"; - eval"&aes${p} ($inout1,$rndkey0)"; - &lea ($key,&DWP(32,$key)); - eval"&aes${p} ($inout2,$rndkey0)"; - eval"&aes${p} ($inout3,$rndkey0)"; - &$movekey ($rndkey0,&QWP(0,$key)); - &jnz (&label("${p}4_loop")); - - eval"&aes${p} ($inout0,$rndkey1)"; - eval"&aes${p} ($inout1,$rndkey1)"; - eval"&aes${p} ($inout2,$rndkey1)"; - eval"&aes${p} ($inout3,$rndkey1)"; - eval"&aes${p}last ($inout0,$rndkey0)"; - eval"&aes${p}last ($inout1,$rndkey0)"; - eval"&aes${p}last ($inout2,$rndkey0)"; - eval"&aes${p}last ($inout3,$rndkey0)"; - &ret(); - &function_end_B("_aesni_${p}rypt4"); -} - -sub aesni_generate6 -{ my $p=shift; - - &function_begin_B("_aesni_${p}rypt6"); - &static_label("_aesni_${p}rypt6_enter"); - &$movekey ($rndkey0,&QWP(0,$key)); - &shr ($rounds,1); - &$movekey ($rndkey1,&QWP(16,$key)); - &lea ($key,&DWP(32,$key)); - &xorps ($inout0,$rndkey0); - &pxor ($inout1,$rndkey0); # pxor does better here - eval"&aes${p} ($inout0,$rndkey1)"; - &pxor ($inout2,$rndkey0); - eval"&aes${p} ($inout1,$rndkey1)"; - &pxor ($inout3,$rndkey0); - &dec ($rounds); - eval"&aes${p} ($inout2,$rndkey1)"; - &pxor ($inout4,$rndkey0); - eval"&aes${p} ($inout3,$rndkey1)"; - &pxor ($inout5,$rndkey0); - eval"&aes${p} ($inout4,$rndkey1)"; - &$movekey ($rndkey0,&QWP(0,$key)); - eval"&aes${p} ($inout5,$rndkey1)"; - &jmp (&label("_aesni_${p}rypt6_enter")); - - &set_label("${p}6_loop",16); - eval"&aes${p} ($inout0,$rndkey1)"; - eval"&aes${p} ($inout1,$rndkey1)"; - &dec ($rounds); - eval"&aes${p} ($inout2,$rndkey1)"; - eval"&aes${p} ($inout3,$rndkey1)"; - eval"&aes${p} ($inout4,$rndkey1)"; - eval"&aes${p} ($inout5,$rndkey1)"; - &set_label("_aesni_${p}rypt6_enter",16); - &$movekey ($rndkey1,&QWP(16,$key)); - eval"&aes${p} ($inout0,$rndkey0)"; - eval"&aes${p} ($inout1,$rndkey0)"; - &lea ($key,&DWP(32,$key)); - eval"&aes${p} ($inout2,$rndkey0)"; - eval"&aes${p} ($inout3,$rndkey0)"; - eval"&aes${p} ($inout4,$rndkey0)"; - eval"&aes${p} ($inout5,$rndkey0)"; - &$movekey ($rndkey0,&QWP(0,$key)); - &jnz (&label("${p}6_loop")); - - eval"&aes${p} ($inout0,$rndkey1)"; - eval"&aes${p} ($inout1,$rndkey1)"; - eval"&aes${p} ($inout2,$rndkey1)"; - eval"&aes${p} ($inout3,$rndkey1)"; - eval"&aes${p} ($inout4,$rndkey1)"; - eval"&aes${p} ($inout5,$rndkey1)"; - eval"&aes${p}last ($inout0,$rndkey0)"; - eval"&aes${p}last ($inout1,$rndkey0)"; - eval"&aes${p}last ($inout2,$rndkey0)"; - eval"&aes${p}last ($inout3,$rndkey0)"; - eval"&aes${p}last ($inout4,$rndkey0)"; - eval"&aes${p}last ($inout5,$rndkey0)"; - &ret(); - &function_end_B("_aesni_${p}rypt6"); -} -&aesni_generate3("enc") if ($PREFIX eq "aesni"); -&aesni_generate3("dec"); -&aesni_generate4("enc") if ($PREFIX eq "aesni"); -&aesni_generate4("dec"); -&aesni_generate6("enc") if ($PREFIX eq "aesni"); -&aesni_generate6("dec"); - -if ($PREFIX eq "aesni") { -###################################################################### -# void aesni_ecb_encrypt (const void *in, void *out, -# size_t length, const AES_KEY *key, -# int enc); -&function_begin("aesni_ecb_encrypt"); - &mov ($inp,&wparam(0)); - &mov ($out,&wparam(1)); - &mov ($len,&wparam(2)); - &mov ($key,&wparam(3)); - &mov ($rounds_,&wparam(4)); - &and ($len,-16); - &jz (&label("ecb_ret")); - &mov ($rounds,&DWP(240,$key)); - &test ($rounds_,$rounds_); - &jz (&label("ecb_decrypt")); - - &mov ($key_,$key); # backup $key - &mov ($rounds_,$rounds); # backup $rounds - &cmp ($len,0x60); - &jb (&label("ecb_enc_tail")); - - &movdqu ($inout0,&QWP(0,$inp)); - &movdqu ($inout1,&QWP(0x10,$inp)); - &movdqu ($inout2,&QWP(0x20,$inp)); - &movdqu ($inout3,&QWP(0x30,$inp)); - &movdqu ($inout4,&QWP(0x40,$inp)); - &movdqu ($inout5,&QWP(0x50,$inp)); - &lea ($inp,&DWP(0x60,$inp)); - &sub ($len,0x60); - &jmp (&label("ecb_enc_loop6_enter")); - -&set_label("ecb_enc_loop6",16); - &movups (&QWP(0,$out),$inout0); - &movdqu ($inout0,&QWP(0,$inp)); - &movups (&QWP(0x10,$out),$inout1); - &movdqu ($inout1,&QWP(0x10,$inp)); - &movups (&QWP(0x20,$out),$inout2); - &movdqu ($inout2,&QWP(0x20,$inp)); - &movups (&QWP(0x30,$out),$inout3); - &movdqu ($inout3,&QWP(0x30,$inp)); - &movups (&QWP(0x40,$out),$inout4); - &movdqu ($inout4,&QWP(0x40,$inp)); - &movups (&QWP(0x50,$out),$inout5); - &lea ($out,&DWP(0x60,$out)); - &movdqu ($inout5,&QWP(0x50,$inp)); - &lea ($inp,&DWP(0x60,$inp)); -&set_label("ecb_enc_loop6_enter"); - - &call ("_aesni_encrypt6"); - - &mov ($key,$key_); # restore $key - &mov ($rounds,$rounds_); # restore $rounds - &sub ($len,0x60); - &jnc (&label("ecb_enc_loop6")); - - &movups (&QWP(0,$out),$inout0); - &movups (&QWP(0x10,$out),$inout1); - &movups (&QWP(0x20,$out),$inout2); - &movups (&QWP(0x30,$out),$inout3); - &movups (&QWP(0x40,$out),$inout4); - &movups (&QWP(0x50,$out),$inout5); - &lea ($out,&DWP(0x60,$out)); - &add ($len,0x60); - &jz (&label("ecb_ret")); - -&set_label("ecb_enc_tail"); - &movups ($inout0,&QWP(0,$inp)); - &cmp ($len,0x20); - &jb (&label("ecb_enc_one")); - &movups ($inout1,&QWP(0x10,$inp)); - &je (&label("ecb_enc_two")); - &movups ($inout2,&QWP(0x20,$inp)); - &cmp ($len,0x40); - &jb (&label("ecb_enc_three")); - &movups ($inout3,&QWP(0x30,$inp)); - &je (&label("ecb_enc_four")); - &movups ($inout4,&QWP(0x40,$inp)); - &xorps ($inout5,$inout5); - &call ("_aesni_encrypt6"); - &movups (&QWP(0,$out),$inout0); - &movups (&QWP(0x10,$out),$inout1); - &movups (&QWP(0x20,$out),$inout2); - &movups (&QWP(0x30,$out),$inout3); - &movups (&QWP(0x40,$out),$inout4); - jmp (&label("ecb_ret")); - -&set_label("ecb_enc_one",16); - if ($inline) - { &aesni_inline_generate1("enc"); } - else - { &call ("_aesni_encrypt1"); } - &movups (&QWP(0,$out),$inout0); - &jmp (&label("ecb_ret")); - -&set_label("ecb_enc_two",16); - &xorps ($inout2,$inout2); - &call ("_aesni_encrypt3"); - &movups (&QWP(0,$out),$inout0); - &movups (&QWP(0x10,$out),$inout1); - &jmp (&label("ecb_ret")); - -&set_label("ecb_enc_three",16); - &call ("_aesni_encrypt3"); - &movups (&QWP(0,$out),$inout0); - &movups (&QWP(0x10,$out),$inout1); - &movups (&QWP(0x20,$out),$inout2); - &jmp (&label("ecb_ret")); - -&set_label("ecb_enc_four",16); - &call ("_aesni_encrypt4"); - &movups (&QWP(0,$out),$inout0); - &movups (&QWP(0x10,$out),$inout1); - &movups (&QWP(0x20,$out),$inout2); - &movups (&QWP(0x30,$out),$inout3); - &jmp (&label("ecb_ret")); -###################################################################### -&set_label("ecb_decrypt",16); - &mov ($key_,$key); # backup $key - &mov ($rounds_,$rounds); # backup $rounds - &cmp ($len,0x60); - &jb (&label("ecb_dec_tail")); - - &movdqu ($inout0,&QWP(0,$inp)); - &movdqu ($inout1,&QWP(0x10,$inp)); - &movdqu ($inout2,&QWP(0x20,$inp)); - &movdqu ($inout3,&QWP(0x30,$inp)); - &movdqu ($inout4,&QWP(0x40,$inp)); - &movdqu ($inout5,&QWP(0x50,$inp)); - &lea ($inp,&DWP(0x60,$inp)); - &sub ($len,0x60); - &jmp (&label("ecb_dec_loop6_enter")); - -&set_label("ecb_dec_loop6",16); - &movups (&QWP(0,$out),$inout0); - &movdqu ($inout0,&QWP(0,$inp)); - &movups (&QWP(0x10,$out),$inout1); - &movdqu ($inout1,&QWP(0x10,$inp)); - &movups (&QWP(0x20,$out),$inout2); - &movdqu ($inout2,&QWP(0x20,$inp)); - &movups (&QWP(0x30,$out),$inout3); - &movdqu ($inout3,&QWP(0x30,$inp)); - &movups (&QWP(0x40,$out),$inout4); - &movdqu ($inout4,&QWP(0x40,$inp)); - &movups (&QWP(0x50,$out),$inout5); - &lea ($out,&DWP(0x60,$out)); - &movdqu ($inout5,&QWP(0x50,$inp)); - &lea ($inp,&DWP(0x60,$inp)); -&set_label("ecb_dec_loop6_enter"); - - &call ("_aesni_decrypt6"); - - &mov ($key,$key_); # restore $key - &mov ($rounds,$rounds_); # restore $rounds - &sub ($len,0x60); - &jnc (&label("ecb_dec_loop6")); - - &movups (&QWP(0,$out),$inout0); - &movups (&QWP(0x10,$out),$inout1); - &movups (&QWP(0x20,$out),$inout2); - &movups (&QWP(0x30,$out),$inout3); - &movups (&QWP(0x40,$out),$inout4); - &movups (&QWP(0x50,$out),$inout5); - &lea ($out,&DWP(0x60,$out)); - &add ($len,0x60); - &jz (&label("ecb_ret")); - -&set_label("ecb_dec_tail"); - &movups ($inout0,&QWP(0,$inp)); - &cmp ($len,0x20); - &jb (&label("ecb_dec_one")); - &movups ($inout1,&QWP(0x10,$inp)); - &je (&label("ecb_dec_two")); - &movups ($inout2,&QWP(0x20,$inp)); - &cmp ($len,0x40); - &jb (&label("ecb_dec_three")); - &movups ($inout3,&QWP(0x30,$inp)); - &je (&label("ecb_dec_four")); - &movups ($inout4,&QWP(0x40,$inp)); - &xorps ($inout5,$inout5); - &call ("_aesni_decrypt6"); - &movups (&QWP(0,$out),$inout0); - &movups (&QWP(0x10,$out),$inout1); - &movups (&QWP(0x20,$out),$inout2); - &movups (&QWP(0x30,$out),$inout3); - &movups (&QWP(0x40,$out),$inout4); - &jmp (&label("ecb_ret")); - -&set_label("ecb_dec_one",16); - if ($inline) - { &aesni_inline_generate1("dec"); } - else - { &call ("_aesni_decrypt1"); } - &movups (&QWP(0,$out),$inout0); - &jmp (&label("ecb_ret")); - -&set_label("ecb_dec_two",16); - &xorps ($inout2,$inout2); - &call ("_aesni_decrypt3"); - &movups (&QWP(0,$out),$inout0); - &movups (&QWP(0x10,$out),$inout1); - &jmp (&label("ecb_ret")); - -&set_label("ecb_dec_three",16); - &call ("_aesni_decrypt3"); - &movups (&QWP(0,$out),$inout0); - &movups (&QWP(0x10,$out),$inout1); - &movups (&QWP(0x20,$out),$inout2); - &jmp (&label("ecb_ret")); - -&set_label("ecb_dec_four",16); - &call ("_aesni_decrypt4"); - &movups (&QWP(0,$out),$inout0); - &movups (&QWP(0x10,$out),$inout1); - &movups (&QWP(0x20,$out),$inout2); - &movups (&QWP(0x30,$out),$inout3); - -&set_label("ecb_ret"); -&function_end("aesni_ecb_encrypt"); - -###################################################################### -# void aesni_ccm64_[en|de]crypt_blocks (const void *in, void *out, -# size_t blocks, const AES_KEY *key, -# const char *ivec,char *cmac); -# -# Handles only complete blocks, operates on 64-bit counter and -# does not update *ivec! Nor does it finalize CMAC value -# (see engine/eng_aesni.c for details) -# -{ my $cmac=$inout1; -&function_begin("aesni_ccm64_encrypt_blocks"); - &mov ($inp,&wparam(0)); - &mov ($out,&wparam(1)); - &mov ($len,&wparam(2)); - &mov ($key,&wparam(3)); - &mov ($rounds_,&wparam(4)); - &mov ($rounds,&wparam(5)); - &mov ($key_,"esp"); - &sub ("esp",60); - &and ("esp",-16); # align stack - &mov (&DWP(48,"esp"),$key_); - - &movdqu ($ivec,&QWP(0,$rounds_)); # load ivec - &movdqu ($cmac,&QWP(0,$rounds)); # load cmac - &mov ($rounds,&DWP(240,$key)); - - # compose byte-swap control mask for pshufb on stack - &mov (&DWP(0,"esp"),0x0c0d0e0f); - &mov (&DWP(4,"esp"),0x08090a0b); - &mov (&DWP(8,"esp"),0x04050607); - &mov (&DWP(12,"esp"),0x00010203); - - # compose counter increment vector on stack - &mov ($rounds_,1); - &xor ($key_,$key_); - &mov (&DWP(16,"esp"),$rounds_); - &mov (&DWP(20,"esp"),$key_); - &mov (&DWP(24,"esp"),$key_); - &mov (&DWP(28,"esp"),$key_); - - &shr ($rounds,1); - &lea ($key_,&DWP(0,$key)); - &movdqa ($inout3,&QWP(0,"esp")); - &movdqa ($inout0,$ivec); - &mov ($rounds_,$rounds); - &pshufb ($ivec,$inout3); - -&set_label("ccm64_enc_outer"); - &$movekey ($rndkey0,&QWP(0,$key_)); - &mov ($rounds,$rounds_); - &movups ($in0,&QWP(0,$inp)); - - &xorps ($inout0,$rndkey0); - &$movekey ($rndkey1,&QWP(16,$key_)); - &xorps ($rndkey0,$in0); - &lea ($key,&DWP(32,$key_)); - &xorps ($cmac,$rndkey0); # cmac^=inp - &$movekey ($rndkey0,&QWP(0,$key)); - -&set_label("ccm64_enc2_loop"); - &aesenc ($inout0,$rndkey1); - &dec ($rounds); - &aesenc ($cmac,$rndkey1); - &$movekey ($rndkey1,&QWP(16,$key)); - &aesenc ($inout0,$rndkey0); - &lea ($key,&DWP(32,$key)); - &aesenc ($cmac,$rndkey0); - &$movekey ($rndkey0,&QWP(0,$key)); - &jnz (&label("ccm64_enc2_loop")); - &aesenc ($inout0,$rndkey1); - &aesenc ($cmac,$rndkey1); - &paddq ($ivec,&QWP(16,"esp")); - &aesenclast ($inout0,$rndkey0); - &aesenclast ($cmac,$rndkey0); - - &dec ($len); - &lea ($inp,&DWP(16,$inp)); - &xorps ($in0,$inout0); # inp^=E(ivec) - &movdqa ($inout0,$ivec); - &movups (&QWP(0,$out),$in0); # save output - &lea ($out,&DWP(16,$out)); - &pshufb ($inout0,$inout3); - &jnz (&label("ccm64_enc_outer")); - - &mov ("esp",&DWP(48,"esp")); - &mov ($out,&wparam(5)); - &movups (&QWP(0,$out),$cmac); -&function_end("aesni_ccm64_encrypt_blocks"); - -&function_begin("aesni_ccm64_decrypt_blocks"); - &mov ($inp,&wparam(0)); - &mov ($out,&wparam(1)); - &mov ($len,&wparam(2)); - &mov ($key,&wparam(3)); - &mov ($rounds_,&wparam(4)); - &mov ($rounds,&wparam(5)); - &mov ($key_,"esp"); - &sub ("esp",60); - &and ("esp",-16); # align stack - &mov (&DWP(48,"esp"),$key_); - - &movdqu ($ivec,&QWP(0,$rounds_)); # load ivec - &movdqu ($cmac,&QWP(0,$rounds)); # load cmac - &mov ($rounds,&DWP(240,$key)); - - # compose byte-swap control mask for pshufb on stack - &mov (&DWP(0,"esp"),0x0c0d0e0f); - &mov (&DWP(4,"esp"),0x08090a0b); - &mov (&DWP(8,"esp"),0x04050607); - &mov (&DWP(12,"esp"),0x00010203); - - # compose counter increment vector on stack - &mov ($rounds_,1); - &xor ($key_,$key_); - &mov (&DWP(16,"esp"),$rounds_); - &mov (&DWP(20,"esp"),$key_); - &mov (&DWP(24,"esp"),$key_); - &mov (&DWP(28,"esp"),$key_); - - &movdqa ($inout3,&QWP(0,"esp")); # bswap mask - &movdqa ($inout0,$ivec); - - &mov ($key_,$key); - &mov ($rounds_,$rounds); - - &pshufb ($ivec,$inout3); - if ($inline) - { &aesni_inline_generate1("enc"); } - else - { &call ("_aesni_encrypt1"); } - &movups ($in0,&QWP(0,$inp)); # load inp - &paddq ($ivec,&QWP(16,"esp")); - &lea ($inp,&QWP(16,$inp)); - &jmp (&label("ccm64_dec_outer")); - -&set_label("ccm64_dec_outer",16); - &xorps ($in0,$inout0); # inp ^= E(ivec) - &movdqa ($inout0,$ivec); - &mov ($rounds,$rounds_); - &movups (&QWP(0,$out),$in0); # save output - &lea ($out,&DWP(16,$out)); - &pshufb ($inout0,$inout3); - - &sub ($len,1); - &jz (&label("ccm64_dec_break")); - - &$movekey ($rndkey0,&QWP(0,$key_)); - &shr ($rounds,1); - &$movekey ($rndkey1,&QWP(16,$key_)); - &xorps ($in0,$rndkey0); - &lea ($key,&DWP(32,$key_)); - &xorps ($inout0,$rndkey0); - &xorps ($cmac,$in0); # cmac^=out - &$movekey ($rndkey0,&QWP(0,$key)); - -&set_label("ccm64_dec2_loop"); - &aesenc ($inout0,$rndkey1); - &dec ($rounds); - &aesenc ($cmac,$rndkey1); - &$movekey ($rndkey1,&QWP(16,$key)); - &aesenc ($inout0,$rndkey0); - &lea ($key,&DWP(32,$key)); - &aesenc ($cmac,$rndkey0); - &$movekey ($rndkey0,&QWP(0,$key)); - &jnz (&label("ccm64_dec2_loop")); - &movups ($in0,&QWP(0,$inp)); # load inp - &paddq ($ivec,&QWP(16,"esp")); - &aesenc ($inout0,$rndkey1); - &aesenc ($cmac,$rndkey1); - &lea ($inp,&QWP(16,$inp)); - &aesenclast ($inout0,$rndkey0); - &aesenclast ($cmac,$rndkey0); - &jmp (&label("ccm64_dec_outer")); - -&set_label("ccm64_dec_break",16); - &mov ($key,$key_); - if ($inline) - { &aesni_inline_generate1("enc",$cmac,$in0); } - else - { &call ("_aesni_encrypt1",$cmac); } - - &mov ("esp",&DWP(48,"esp")); - &mov ($out,&wparam(5)); - &movups (&QWP(0,$out),$cmac); -&function_end("aesni_ccm64_decrypt_blocks"); -} - -###################################################################### -# void aesni_ctr32_encrypt_blocks (const void *in, void *out, -# size_t blocks, const AES_KEY *key, -# const char *ivec); -# -# Handles only complete blocks, operates on 32-bit counter and -# does not update *ivec! (see engine/eng_aesni.c for details) -# -# stack layout: -# 0 pshufb mask -# 16 vector addend: 0,6,6,6 -# 32 counter-less ivec -# 48 1st triplet of counter vector -# 64 2nd triplet of counter vector -# 80 saved %esp - -&function_begin("aesni_ctr32_encrypt_blocks"); - &mov ($inp,&wparam(0)); - &mov ($out,&wparam(1)); - &mov ($len,&wparam(2)); - &mov ($key,&wparam(3)); - &mov ($rounds_,&wparam(4)); - &mov ($key_,"esp"); - &sub ("esp",88); - &and ("esp",-16); # align stack - &mov (&DWP(80,"esp"),$key_); - - &cmp ($len,1); - &je (&label("ctr32_one_shortcut")); - - &movdqu ($inout5,&QWP(0,$rounds_)); # load ivec - - # compose byte-swap control mask for pshufb on stack - &mov (&DWP(0,"esp"),0x0c0d0e0f); - &mov (&DWP(4,"esp"),0x08090a0b); - &mov (&DWP(8,"esp"),0x04050607); - &mov (&DWP(12,"esp"),0x00010203); - - # compose counter increment vector on stack - &mov ($rounds,6); - &xor ($key_,$key_); - &mov (&DWP(16,"esp"),$rounds); - &mov (&DWP(20,"esp"),$rounds); - &mov (&DWP(24,"esp"),$rounds); - &mov (&DWP(28,"esp"),$key_); - - &pextrd ($rounds_,$inout5,3); # pull 32-bit counter - &pinsrd ($inout5,$key_,3); # wipe 32-bit counter - - &mov ($rounds,&DWP(240,$key)); # key->rounds - - # compose 2 vectors of 3x32-bit counters - &bswap ($rounds_); - &pxor ($rndkey1,$rndkey1); - &pxor ($rndkey0,$rndkey0); - &movdqa ($inout0,&QWP(0,"esp")); # load byte-swap mask - &pinsrd ($rndkey1,$rounds_,0); - &lea ($key_,&DWP(3,$rounds_)); - &pinsrd ($rndkey0,$key_,0); - &inc ($rounds_); - &pinsrd ($rndkey1,$rounds_,1); - &inc ($key_); - &pinsrd ($rndkey0,$key_,1); - &inc ($rounds_); - &pinsrd ($rndkey1,$rounds_,2); - &inc ($key_); - &pinsrd ($rndkey0,$key_,2); - &movdqa (&QWP(48,"esp"),$rndkey1); # save 1st triplet - &pshufb ($rndkey1,$inout0); # byte swap - &movdqa (&QWP(64,"esp"),$rndkey0); # save 2nd triplet - &pshufb ($rndkey0,$inout0); # byte swap - - &pshufd ($inout0,$rndkey1,3<<6); # place counter to upper dword - &pshufd ($inout1,$rndkey1,2<<6); - &cmp ($len,6); - &jb (&label("ctr32_tail")); - &movdqa (&QWP(32,"esp"),$inout5); # save counter-less ivec - &shr ($rounds,1); - &mov ($key_,$key); # backup $key - &mov ($rounds_,$rounds); # backup $rounds - &sub ($len,6); - &jmp (&label("ctr32_loop6")); - -&set_label("ctr32_loop6",16); - &pshufd ($inout2,$rndkey1,1<<6); - &movdqa ($rndkey1,&QWP(32,"esp")); # pull counter-less ivec - &pshufd ($inout3,$rndkey0,3<<6); - &por ($inout0,$rndkey1); # merge counter-less ivec - &pshufd ($inout4,$rndkey0,2<<6); - &por ($inout1,$rndkey1); - &pshufd ($inout5,$rndkey0,1<<6); - &por ($inout2,$rndkey1); - &por ($inout3,$rndkey1); - &por ($inout4,$rndkey1); - &por ($inout5,$rndkey1); - - # inlining _aesni_encrypt6's prologue gives ~4% improvement... - &$movekey ($rndkey0,&QWP(0,$key_)); - &$movekey ($rndkey1,&QWP(16,$key_)); - &lea ($key,&DWP(32,$key_)); - &dec ($rounds); - &pxor ($inout0,$rndkey0); - &pxor ($inout1,$rndkey0); - &aesenc ($inout0,$rndkey1); - &pxor ($inout2,$rndkey0); - &aesenc ($inout1,$rndkey1); - &pxor ($inout3,$rndkey0); - &aesenc ($inout2,$rndkey1); - &pxor ($inout4,$rndkey0); - &aesenc ($inout3,$rndkey1); - &pxor ($inout5,$rndkey0); - &aesenc ($inout4,$rndkey1); - &$movekey ($rndkey0,&QWP(0,$key)); - &aesenc ($inout5,$rndkey1); - - &call (&label("_aesni_encrypt6_enter")); - - &movups ($rndkey1,&QWP(0,$inp)); - &movups ($rndkey0,&QWP(0x10,$inp)); - &xorps ($inout0,$rndkey1); - &movups ($rndkey1,&QWP(0x20,$inp)); - &xorps ($inout1,$rndkey0); - &movups (&QWP(0,$out),$inout0); - &movdqa ($rndkey0,&QWP(16,"esp")); # load increment - &xorps ($inout2,$rndkey1); - &movdqa ($rndkey1,&QWP(48,"esp")); # load 1st triplet - &movups (&QWP(0x10,$out),$inout1); - &movups (&QWP(0x20,$out),$inout2); - - &paddd ($rndkey1,$rndkey0); # 1st triplet increment - &paddd ($rndkey0,&QWP(64,"esp")); # 2nd triplet increment - &movdqa ($inout0,&QWP(0,"esp")); # load byte swap mask - - &movups ($inout1,&QWP(0x30,$inp)); - &movups ($inout2,&QWP(0x40,$inp)); - &xorps ($inout3,$inout1); - &movups ($inout1,&QWP(0x50,$inp)); - &lea ($inp,&DWP(0x60,$inp)); - &movdqa (&QWP(48,"esp"),$rndkey1); # save 1st triplet - &pshufb ($rndkey1,$inout0); # byte swap - &xorps ($inout4,$inout2); - &movups (&QWP(0x30,$out),$inout3); - &xorps ($inout5,$inout1); - &movdqa (&QWP(64,"esp"),$rndkey0); # save 2nd triplet - &pshufb ($rndkey0,$inout0); # byte swap - &movups (&QWP(0x40,$out),$inout4); - &pshufd ($inout0,$rndkey1,3<<6); - &movups (&QWP(0x50,$out),$inout5); - &lea ($out,&DWP(0x60,$out)); - - &mov ($rounds,$rounds_); - &pshufd ($inout1,$rndkey1,2<<6); - &sub ($len,6); - &jnc (&label("ctr32_loop6")); - - &add ($len,6); - &jz (&label("ctr32_ret")); - &mov ($key,$key_); - &lea ($rounds,&DWP(1,"",$rounds,2)); # restore $rounds - &movdqa ($inout5,&QWP(32,"esp")); # pull count-less ivec - -&set_label("ctr32_tail"); - &por ($inout0,$inout5); - &cmp ($len,2); - &jb (&label("ctr32_one")); - - &pshufd ($inout2,$rndkey1,1<<6); - &por ($inout1,$inout5); - &je (&label("ctr32_two")); - - &pshufd ($inout3,$rndkey0,3<<6); - &por ($inout2,$inout5); - &cmp ($len,4); - &jb (&label("ctr32_three")); - - &pshufd ($inout4,$rndkey0,2<<6); - &por ($inout3,$inout5); - &je (&label("ctr32_four")); - - &por ($inout4,$inout5); - &call ("_aesni_encrypt6"); - &movups ($rndkey1,&QWP(0,$inp)); - &movups ($rndkey0,&QWP(0x10,$inp)); - &xorps ($inout0,$rndkey1); - &movups ($rndkey1,&QWP(0x20,$inp)); - &xorps ($inout1,$rndkey0); - &movups ($rndkey0,&QWP(0x30,$inp)); - &xorps ($inout2,$rndkey1); - &movups ($rndkey1,&QWP(0x40,$inp)); - &xorps ($inout3,$rndkey0); - &movups (&QWP(0,$out),$inout0); - &xorps ($inout4,$rndkey1); - &movups (&QWP(0x10,$out),$inout1); - &movups (&QWP(0x20,$out),$inout2); - &movups (&QWP(0x30,$out),$inout3); - &movups (&QWP(0x40,$out),$inout4); - &jmp (&label("ctr32_ret")); - -&set_label("ctr32_one_shortcut",16); - &movups ($inout0,&QWP(0,$rounds_)); # load ivec - &mov ($rounds,&DWP(240,$key)); - -&set_label("ctr32_one"); - if ($inline) - { &aesni_inline_generate1("enc"); } - else - { &call ("_aesni_encrypt1"); } - &movups ($in0,&QWP(0,$inp)); - &xorps ($in0,$inout0); - &movups (&QWP(0,$out),$in0); - &jmp (&label("ctr32_ret")); - -&set_label("ctr32_two",16); - &call ("_aesni_encrypt3"); - &movups ($inout3,&QWP(0,$inp)); - &movups ($inout4,&QWP(0x10,$inp)); - &xorps ($inout0,$inout3); - &xorps ($inout1,$inout4); - &movups (&QWP(0,$out),$inout0); - &movups (&QWP(0x10,$out),$inout1); - &jmp (&label("ctr32_ret")); - -&set_label("ctr32_three",16); - &call ("_aesni_encrypt3"); - &movups ($inout3,&QWP(0,$inp)); - &movups ($inout4,&QWP(0x10,$inp)); - &xorps ($inout0,$inout3); - &movups ($inout5,&QWP(0x20,$inp)); - &xorps ($inout1,$inout4); - &movups (&QWP(0,$out),$inout0); - &xorps ($inout2,$inout5); - &movups (&QWP(0x10,$out),$inout1); - &movups (&QWP(0x20,$out),$inout2); - &jmp (&label("ctr32_ret")); - -&set_label("ctr32_four",16); - &call ("_aesni_encrypt4"); - &movups ($inout4,&QWP(0,$inp)); - &movups ($inout5,&QWP(0x10,$inp)); - &movups ($rndkey1,&QWP(0x20,$inp)); - &xorps ($inout0,$inout4); - &movups ($rndkey0,&QWP(0x30,$inp)); - &xorps ($inout1,$inout5); - &movups (&QWP(0,$out),$inout0); - &xorps ($inout2,$rndkey1); - &movups (&QWP(0x10,$out),$inout1); - &xorps ($inout3,$rndkey0); - &movups (&QWP(0x20,$out),$inout2); - &movups (&QWP(0x30,$out),$inout3); - -&set_label("ctr32_ret"); - &mov ("esp",&DWP(80,"esp")); -&function_end("aesni_ctr32_encrypt_blocks"); - -###################################################################### -# void aesni_xts_[en|de]crypt(const char *inp,char *out,size_t len, -# const AES_KEY *key1, const AES_KEY *key2 -# const unsigned char iv[16]); -# -{ my ($tweak,$twtmp,$twres,$twmask)=($rndkey1,$rndkey0,$inout0,$inout1); - -&function_begin("aesni_xts_encrypt"); - &mov ($key,&wparam(4)); # key2 - &mov ($inp,&wparam(5)); # clear-text tweak - - &mov ($rounds,&DWP(240,$key)); # key2->rounds - &movups ($inout0,&QWP(0,$inp)); - if ($inline) - { &aesni_inline_generate1("enc"); } - else - { &call ("_aesni_encrypt1"); } - - &mov ($inp,&wparam(0)); - &mov ($out,&wparam(1)); - &mov ($len,&wparam(2)); - &mov ($key,&wparam(3)); # key1 - - &mov ($key_,"esp"); - &sub ("esp",16*7+8); - &mov ($rounds,&DWP(240,$key)); # key1->rounds - &and ("esp",-16); # align stack - - &mov (&DWP(16*6+0,"esp"),0x87); # compose the magic constant - &mov (&DWP(16*6+4,"esp"),0); - &mov (&DWP(16*6+8,"esp"),1); - &mov (&DWP(16*6+12,"esp"),0); - &mov (&DWP(16*7+0,"esp"),$len); # save original $len - &mov (&DWP(16*7+4,"esp"),$key_); # save original %esp - - &movdqa ($tweak,$inout0); - &pxor ($twtmp,$twtmp); - &movdqa ($twmask,&QWP(6*16,"esp")); # 0x0...010...87 - &pcmpgtd($twtmp,$tweak); # broadcast upper bits - - &and ($len,-16); - &mov ($key_,$key); # backup $key - &mov ($rounds_,$rounds); # backup $rounds - &sub ($len,16*6); - &jc (&label("xts_enc_short")); - - &shr ($rounds,1); - &mov ($rounds_,$rounds); - &jmp (&label("xts_enc_loop6")); - -&set_label("xts_enc_loop6",16); - for ($i=0;$i<4;$i++) { - &pshufd ($twres,$twtmp,0x13); - &pxor ($twtmp,$twtmp); - &movdqa (&QWP(16*$i,"esp"),$tweak); - &paddq ($tweak,$tweak); # &psllq($tweak,1); - &pand ($twres,$twmask); # isolate carry and residue - &pcmpgtd ($twtmp,$tweak); # broadcast upper bits - &pxor ($tweak,$twres); - } - &pshufd ($inout5,$twtmp,0x13); - &movdqa (&QWP(16*$i++,"esp"),$tweak); - &paddq ($tweak,$tweak); # &psllq($tweak,1); - &$movekey ($rndkey0,&QWP(0,$key_)); - &pand ($inout5,$twmask); # isolate carry and residue - &movups ($inout0,&QWP(0,$inp)); # load input - &pxor ($inout5,$tweak); - - # inline _aesni_encrypt6 prologue and flip xor with tweak and key[0] - &movdqu ($inout1,&QWP(16*1,$inp)); - &xorps ($inout0,$rndkey0); # input^=rndkey[0] - &movdqu ($inout2,&QWP(16*2,$inp)); - &pxor ($inout1,$rndkey0); - &movdqu ($inout3,&QWP(16*3,$inp)); - &pxor ($inout2,$rndkey0); - &movdqu ($inout4,&QWP(16*4,$inp)); - &pxor ($inout3,$rndkey0); - &movdqu ($rndkey1,&QWP(16*5,$inp)); - &pxor ($inout4,$rndkey0); - &lea ($inp,&DWP(16*6,$inp)); - &pxor ($inout0,&QWP(16*0,"esp")); # input^=tweak - &movdqa (&QWP(16*$i,"esp"),$inout5); # save last tweak - &pxor ($inout5,$rndkey1); - - &$movekey ($rndkey1,&QWP(16,$key_)); - &lea ($key,&DWP(32,$key_)); - &pxor ($inout1,&QWP(16*1,"esp")); - &aesenc ($inout0,$rndkey1); - &pxor ($inout2,&QWP(16*2,"esp")); - &aesenc ($inout1,$rndkey1); - &pxor ($inout3,&QWP(16*3,"esp")); - &dec ($rounds); - &aesenc ($inout2,$rndkey1); - &pxor ($inout4,&QWP(16*4,"esp")); - &aesenc ($inout3,$rndkey1); - &pxor ($inout5,$rndkey0); - &aesenc ($inout4,$rndkey1); - &$movekey ($rndkey0,&QWP(0,$key)); - &aesenc ($inout5,$rndkey1); - &call (&label("_aesni_encrypt6_enter")); - - &movdqa ($tweak,&QWP(16*5,"esp")); # last tweak - &pxor ($twtmp,$twtmp); - &xorps ($inout0,&QWP(16*0,"esp")); # output^=tweak - &pcmpgtd ($twtmp,$tweak); # broadcast upper bits - &xorps ($inout1,&QWP(16*1,"esp")); - &movups (&QWP(16*0,$out),$inout0); # write output - &xorps ($inout2,&QWP(16*2,"esp")); - &movups (&QWP(16*1,$out),$inout1); - &xorps ($inout3,&QWP(16*3,"esp")); - &movups (&QWP(16*2,$out),$inout2); - &xorps ($inout4,&QWP(16*4,"esp")); - &movups (&QWP(16*3,$out),$inout3); - &xorps ($inout5,$tweak); - &movups (&QWP(16*4,$out),$inout4); - &pshufd ($twres,$twtmp,0x13); - &movups (&QWP(16*5,$out),$inout5); - &lea ($out,&DWP(16*6,$out)); - &movdqa ($twmask,&QWP(16*6,"esp")); # 0x0...010...87 - - &pxor ($twtmp,$twtmp); - &paddq ($tweak,$tweak); # &psllq($tweak,1); - &pand ($twres,$twmask); # isolate carry and residue - &pcmpgtd($twtmp,$tweak); # broadcast upper bits - &mov ($rounds,$rounds_); # restore $rounds - &pxor ($tweak,$twres); - - &sub ($len,16*6); - &jnc (&label("xts_enc_loop6")); - - &lea ($rounds,&DWP(1,"",$rounds,2)); # restore $rounds - &mov ($key,$key_); # restore $key - &mov ($rounds_,$rounds); - -&set_label("xts_enc_short"); - &add ($len,16*6); - &jz (&label("xts_enc_done6x")); - - &movdqa ($inout3,$tweak); # put aside previous tweak - &cmp ($len,0x20); - &jb (&label("xts_enc_one")); - - &pshufd ($twres,$twtmp,0x13); - &pxor ($twtmp,$twtmp); - &paddq ($tweak,$tweak); # &psllq($tweak,1); - &pand ($twres,$twmask); # isolate carry and residue - &pcmpgtd($twtmp,$tweak); # broadcast upper bits - &pxor ($tweak,$twres); - &je (&label("xts_enc_two")); - - &pshufd ($twres,$twtmp,0x13); - &pxor ($twtmp,$twtmp); - &movdqa ($inout4,$tweak); # put aside previous tweak - &paddq ($tweak,$tweak); # &psllq($tweak,1); - &pand ($twres,$twmask); # isolate carry and residue - &pcmpgtd($twtmp,$tweak); # broadcast upper bits - &pxor ($tweak,$twres); - &cmp ($len,0x40); - &jb (&label("xts_enc_three")); - - &pshufd ($twres,$twtmp,0x13); - &pxor ($twtmp,$twtmp); - &movdqa ($inout5,$tweak); # put aside previous tweak - &paddq ($tweak,$tweak); # &psllq($tweak,1); - &pand ($twres,$twmask); # isolate carry and residue - &pcmpgtd($twtmp,$tweak); # broadcast upper bits - &pxor ($tweak,$twres); - &movdqa (&QWP(16*0,"esp"),$inout3); - &movdqa (&QWP(16*1,"esp"),$inout4); - &je (&label("xts_enc_four")); - - &movdqa (&QWP(16*2,"esp"),$inout5); - &pshufd ($inout5,$twtmp,0x13); - &movdqa (&QWP(16*3,"esp"),$tweak); - &paddq ($tweak,$tweak); # &psllq($inout0,1); - &pand ($inout5,$twmask); # isolate carry and residue - &pxor ($inout5,$tweak); - - &movdqu ($inout0,&QWP(16*0,$inp)); # load input - &movdqu ($inout1,&QWP(16*1,$inp)); - &movdqu ($inout2,&QWP(16*2,$inp)); - &pxor ($inout0,&QWP(16*0,"esp")); # input^=tweak - &movdqu ($inout3,&QWP(16*3,$inp)); - &pxor ($inout1,&QWP(16*1,"esp")); - &movdqu ($inout4,&QWP(16*4,$inp)); - &pxor ($inout2,&QWP(16*2,"esp")); - &lea ($inp,&DWP(16*5,$inp)); - &pxor ($inout3,&QWP(16*3,"esp")); - &movdqa (&QWP(16*4,"esp"),$inout5); # save last tweak - &pxor ($inout4,$inout5); - - &call ("_aesni_encrypt6"); - - &movaps ($tweak,&QWP(16*4,"esp")); # last tweak - &xorps ($inout0,&QWP(16*0,"esp")); # output^=tweak - &xorps ($inout1,&QWP(16*1,"esp")); - &xorps ($inout2,&QWP(16*2,"esp")); - &movups (&QWP(16*0,$out),$inout0); # write output - &xorps ($inout3,&QWP(16*3,"esp")); - &movups (&QWP(16*1,$out),$inout1); - &xorps ($inout4,$tweak); - &movups (&QWP(16*2,$out),$inout2); - &movups (&QWP(16*3,$out),$inout3); - &movups (&QWP(16*4,$out),$inout4); - &lea ($out,&DWP(16*5,$out)); - &jmp (&label("xts_enc_done")); - -&set_label("xts_enc_one",16); - &movups ($inout0,&QWP(16*0,$inp)); # load input - &lea ($inp,&DWP(16*1,$inp)); - &xorps ($inout0,$inout3); # input^=tweak - if ($inline) - { &aesni_inline_generate1("enc"); } - else - { &call ("_aesni_encrypt1"); } - &xorps ($inout0,$inout3); # output^=tweak - &movups (&QWP(16*0,$out),$inout0); # write output - &lea ($out,&DWP(16*1,$out)); - - &movdqa ($tweak,$inout3); # last tweak - &jmp (&label("xts_enc_done")); - -&set_label("xts_enc_two",16); - &movaps ($inout4,$tweak); # put aside last tweak - - &movups ($inout0,&QWP(16*0,$inp)); # load input - &movups ($inout1,&QWP(16*1,$inp)); - &lea ($inp,&DWP(16*2,$inp)); - &xorps ($inout0,$inout3); # input^=tweak - &xorps ($inout1,$inout4); - &xorps ($inout2,$inout2); - - &call ("_aesni_encrypt3"); - - &xorps ($inout0,$inout3); # output^=tweak - &xorps ($inout1,$inout4); - &movups (&QWP(16*0,$out),$inout0); # write output - &movups (&QWP(16*1,$out),$inout1); - &lea ($out,&DWP(16*2,$out)); - - &movdqa ($tweak,$inout4); # last tweak - &jmp (&label("xts_enc_done")); - -&set_label("xts_enc_three",16); - &movaps ($inout5,$tweak); # put aside last tweak - &movups ($inout0,&QWP(16*0,$inp)); # load input - &movups ($inout1,&QWP(16*1,$inp)); - &movups ($inout2,&QWP(16*2,$inp)); - &lea ($inp,&DWP(16*3,$inp)); - &xorps ($inout0,$inout3); # input^=tweak - &xorps ($inout1,$inout4); - &xorps ($inout2,$inout5); - - &call ("_aesni_encrypt3"); - - &xorps ($inout0,$inout3); # output^=tweak - &xorps ($inout1,$inout4); - &xorps ($inout2,$inout5); - &movups (&QWP(16*0,$out),$inout0); # write output - &movups (&QWP(16*1,$out),$inout1); - &movups (&QWP(16*2,$out),$inout2); - &lea ($out,&DWP(16*3,$out)); - - &movdqa ($tweak,$inout5); # last tweak - &jmp (&label("xts_enc_done")); - -&set_label("xts_enc_four",16); - &movaps ($inout4,$tweak); # put aside last tweak - - &movups ($inout0,&QWP(16*0,$inp)); # load input - &movups ($inout1,&QWP(16*1,$inp)); - &movups ($inout2,&QWP(16*2,$inp)); - &xorps ($inout0,&QWP(16*0,"esp")); # input^=tweak - &movups ($inout3,&QWP(16*3,$inp)); - &lea ($inp,&DWP(16*4,$inp)); - &xorps ($inout1,&QWP(16*1,"esp")); - &xorps ($inout2,$inout5); - &xorps ($inout3,$inout4); - - &call ("_aesni_encrypt4"); - - &xorps ($inout0,&QWP(16*0,"esp")); # output^=tweak - &xorps ($inout1,&QWP(16*1,"esp")); - &xorps ($inout2,$inout5); - &movups (&QWP(16*0,$out),$inout0); # write output - &xorps ($inout3,$inout4); - &movups (&QWP(16*1,$out),$inout1); - &movups (&QWP(16*2,$out),$inout2); - &movups (&QWP(16*3,$out),$inout3); - &lea ($out,&DWP(16*4,$out)); - - &movdqa ($tweak,$inout4); # last tweak - &jmp (&label("xts_enc_done")); - -&set_label("xts_enc_done6x",16); # $tweak is pre-calculated - &mov ($len,&DWP(16*7+0,"esp")); # restore original $len - &and ($len,15); - &jz (&label("xts_enc_ret")); - &movdqa ($inout3,$tweak); - &mov (&DWP(16*7+0,"esp"),$len); # save $len%16 - &jmp (&label("xts_enc_steal")); - -&set_label("xts_enc_done",16); - &mov ($len,&DWP(16*7+0,"esp")); # restore original $len - &pxor ($twtmp,$twtmp); - &and ($len,15); - &jz (&label("xts_enc_ret")); - - &pcmpgtd($twtmp,$tweak); # broadcast upper bits - &mov (&DWP(16*7+0,"esp"),$len); # save $len%16 - &pshufd ($inout3,$twtmp,0x13); - &paddq ($tweak,$tweak); # &psllq($tweak,1); - &pand ($inout3,&QWP(16*6,"esp")); # isolate carry and residue - &pxor ($inout3,$tweak); - -&set_label("xts_enc_steal"); - &movz ($rounds,&BP(0,$inp)); - &movz ($key,&BP(-16,$out)); - &lea ($inp,&DWP(1,$inp)); - &mov (&BP(-16,$out),&LB($rounds)); - &mov (&BP(0,$out),&LB($key)); - &lea ($out,&DWP(1,$out)); - &sub ($len,1); - &jnz (&label("xts_enc_steal")); - - &sub ($out,&DWP(16*7+0,"esp")); # rewind $out - &mov ($key,$key_); # restore $key - &mov ($rounds,$rounds_); # restore $rounds - - &movups ($inout0,&QWP(-16,$out)); # load input - &xorps ($inout0,$inout3); # input^=tweak - if ($inline) - { &aesni_inline_generate1("enc"); } - else - { &call ("_aesni_encrypt1"); } - &xorps ($inout0,$inout3); # output^=tweak - &movups (&QWP(-16,$out),$inout0); # write output - -&set_label("xts_enc_ret"); - &mov ("esp",&DWP(16*7+4,"esp")); # restore %esp -&function_end("aesni_xts_encrypt"); - -&function_begin("aesni_xts_decrypt"); - &mov ($key,&wparam(4)); # key2 - &mov ($inp,&wparam(5)); # clear-text tweak - - &mov ($rounds,&DWP(240,$key)); # key2->rounds - &movups ($inout0,&QWP(0,$inp)); - if ($inline) - { &aesni_inline_generate1("enc"); } - else - { &call ("_aesni_encrypt1"); } - - &mov ($inp,&wparam(0)); - &mov ($out,&wparam(1)); - &mov ($len,&wparam(2)); - &mov ($key,&wparam(3)); # key1 - - &mov ($key_,"esp"); - &sub ("esp",16*7+8); - &and ("esp",-16); # align stack - - &xor ($rounds_,$rounds_); # if(len%16) len-=16; - &test ($len,15); - &setnz (&LB($rounds_)); - &shl ($rounds_,4); - &sub ($len,$rounds_); - - &mov (&DWP(16*6+0,"esp"),0x87); # compose the magic constant - &mov (&DWP(16*6+4,"esp"),0); - &mov (&DWP(16*6+8,"esp"),1); - &mov (&DWP(16*6+12,"esp"),0); - &mov (&DWP(16*7+0,"esp"),$len); # save original $len - &mov (&DWP(16*7+4,"esp"),$key_); # save original %esp - - &mov ($rounds,&DWP(240,$key)); # key1->rounds - &mov ($key_,$key); # backup $key - &mov ($rounds_,$rounds); # backup $rounds - - &movdqa ($tweak,$inout0); - &pxor ($twtmp,$twtmp); - &movdqa ($twmask,&QWP(6*16,"esp")); # 0x0...010...87 - &pcmpgtd($twtmp,$tweak); # broadcast upper bits - - &and ($len,-16); - &sub ($len,16*6); - &jc (&label("xts_dec_short")); - - &shr ($rounds,1); - &mov ($rounds_,$rounds); - &jmp (&label("xts_dec_loop6")); - -&set_label("xts_dec_loop6",16); - for ($i=0;$i<4;$i++) { - &pshufd ($twres,$twtmp,0x13); - &pxor ($twtmp,$twtmp); - &movdqa (&QWP(16*$i,"esp"),$tweak); - &paddq ($tweak,$tweak); # &psllq($tweak,1); - &pand ($twres,$twmask); # isolate carry and residue - &pcmpgtd ($twtmp,$tweak); # broadcast upper bits - &pxor ($tweak,$twres); - } - &pshufd ($inout5,$twtmp,0x13); - &movdqa (&QWP(16*$i++,"esp"),$tweak); - &paddq ($tweak,$tweak); # &psllq($tweak,1); - &$movekey ($rndkey0,&QWP(0,$key_)); - &pand ($inout5,$twmask); # isolate carry and residue - &movups ($inout0,&QWP(0,$inp)); # load input - &pxor ($inout5,$tweak); - - # inline _aesni_encrypt6 prologue and flip xor with tweak and key[0] - &movdqu ($inout1,&QWP(16*1,$inp)); - &xorps ($inout0,$rndkey0); # input^=rndkey[0] - &movdqu ($inout2,&QWP(16*2,$inp)); - &pxor ($inout1,$rndkey0); - &movdqu ($inout3,&QWP(16*3,$inp)); - &pxor ($inout2,$rndkey0); - &movdqu ($inout4,&QWP(16*4,$inp)); - &pxor ($inout3,$rndkey0); - &movdqu ($rndkey1,&QWP(16*5,$inp)); - &pxor ($inout4,$rndkey0); - &lea ($inp,&DWP(16*6,$inp)); - &pxor ($inout0,&QWP(16*0,"esp")); # input^=tweak - &movdqa (&QWP(16*$i,"esp"),$inout5); # save last tweak - &pxor ($inout5,$rndkey1); - - &$movekey ($rndkey1,&QWP(16,$key_)); - &lea ($key,&DWP(32,$key_)); - &pxor ($inout1,&QWP(16*1,"esp")); - &aesdec ($inout0,$rndkey1); - &pxor ($inout2,&QWP(16*2,"esp")); - &aesdec ($inout1,$rndkey1); - &pxor ($inout3,&QWP(16*3,"esp")); - &dec ($rounds); - &aesdec ($inout2,$rndkey1); - &pxor ($inout4,&QWP(16*4,"esp")); - &aesdec ($inout3,$rndkey1); - &pxor ($inout5,$rndkey0); - &aesdec ($inout4,$rndkey1); - &$movekey ($rndkey0,&QWP(0,$key)); - &aesdec ($inout5,$rndkey1); - &call (&label("_aesni_decrypt6_enter")); - - &movdqa ($tweak,&QWP(16*5,"esp")); # last tweak - &pxor ($twtmp,$twtmp); - &xorps ($inout0,&QWP(16*0,"esp")); # output^=tweak - &pcmpgtd ($twtmp,$tweak); # broadcast upper bits - &xorps ($inout1,&QWP(16*1,"esp")); - &movups (&QWP(16*0,$out),$inout0); # write output - &xorps ($inout2,&QWP(16*2,"esp")); - &movups (&QWP(16*1,$out),$inout1); - &xorps ($inout3,&QWP(16*3,"esp")); - &movups (&QWP(16*2,$out),$inout2); - &xorps ($inout4,&QWP(16*4,"esp")); - &movups (&QWP(16*3,$out),$inout3); - &xorps ($inout5,$tweak); - &movups (&QWP(16*4,$out),$inout4); - &pshufd ($twres,$twtmp,0x13); - &movups (&QWP(16*5,$out),$inout5); - &lea ($out,&DWP(16*6,$out)); - &movdqa ($twmask,&QWP(16*6,"esp")); # 0x0...010...87 - - &pxor ($twtmp,$twtmp); - &paddq ($tweak,$tweak); # &psllq($tweak,1); - &pand ($twres,$twmask); # isolate carry and residue - &pcmpgtd($twtmp,$tweak); # broadcast upper bits - &mov ($rounds,$rounds_); # restore $rounds - &pxor ($tweak,$twres); - - &sub ($len,16*6); - &jnc (&label("xts_dec_loop6")); - - &lea ($rounds,&DWP(1,"",$rounds,2)); # restore $rounds - &mov ($key,$key_); # restore $key - &mov ($rounds_,$rounds); - -&set_label("xts_dec_short"); - &add ($len,16*6); - &jz (&label("xts_dec_done6x")); - - &movdqa ($inout3,$tweak); # put aside previous tweak - &cmp ($len,0x20); - &jb (&label("xts_dec_one")); - - &pshufd ($twres,$twtmp,0x13); - &pxor ($twtmp,$twtmp); - &paddq ($tweak,$tweak); # &psllq($tweak,1); - &pand ($twres,$twmask); # isolate carry and residue - &pcmpgtd($twtmp,$tweak); # broadcast upper bits - &pxor ($tweak,$twres); - &je (&label("xts_dec_two")); - - &pshufd ($twres,$twtmp,0x13); - &pxor ($twtmp,$twtmp); - &movdqa ($inout4,$tweak); # put aside previous tweak - &paddq ($tweak,$tweak); # &psllq($tweak,1); - &pand ($twres,$twmask); # isolate carry and residue - &pcmpgtd($twtmp,$tweak); # broadcast upper bits - &pxor ($tweak,$twres); - &cmp ($len,0x40); - &jb (&label("xts_dec_three")); - - &pshufd ($twres,$twtmp,0x13); - &pxor ($twtmp,$twtmp); - &movdqa ($inout5,$tweak); # put aside previous tweak - &paddq ($tweak,$tweak); # &psllq($tweak,1); - &pand ($twres,$twmask); # isolate carry and residue - &pcmpgtd($twtmp,$tweak); # broadcast upper bits - &pxor ($tweak,$twres); - &movdqa (&QWP(16*0,"esp"),$inout3); - &movdqa (&QWP(16*1,"esp"),$inout4); - &je (&label("xts_dec_four")); - - &movdqa (&QWP(16*2,"esp"),$inout5); - &pshufd ($inout5,$twtmp,0x13); - &movdqa (&QWP(16*3,"esp"),$tweak); - &paddq ($tweak,$tweak); # &psllq($inout0,1); - &pand ($inout5,$twmask); # isolate carry and residue - &pxor ($inout5,$tweak); - - &movdqu ($inout0,&QWP(16*0,$inp)); # load input - &movdqu ($inout1,&QWP(16*1,$inp)); - &movdqu ($inout2,&QWP(16*2,$inp)); - &pxor ($inout0,&QWP(16*0,"esp")); # input^=tweak - &movdqu ($inout3,&QWP(16*3,$inp)); - &pxor ($inout1,&QWP(16*1,"esp")); - &movdqu ($inout4,&QWP(16*4,$inp)); - &pxor ($inout2,&QWP(16*2,"esp")); - &lea ($inp,&DWP(16*5,$inp)); - &pxor ($inout3,&QWP(16*3,"esp")); - &movdqa (&QWP(16*4,"esp"),$inout5); # save last tweak - &pxor ($inout4,$inout5); - - &call ("_aesni_decrypt6"); - - &movaps ($tweak,&QWP(16*4,"esp")); # last tweak - &xorps ($inout0,&QWP(16*0,"esp")); # output^=tweak - &xorps ($inout1,&QWP(16*1,"esp")); - &xorps ($inout2,&QWP(16*2,"esp")); - &movups (&QWP(16*0,$out),$inout0); # write output - &xorps ($inout3,&QWP(16*3,"esp")); - &movups (&QWP(16*1,$out),$inout1); - &xorps ($inout4,$tweak); - &movups (&QWP(16*2,$out),$inout2); - &movups (&QWP(16*3,$out),$inout3); - &movups (&QWP(16*4,$out),$inout4); - &lea ($out,&DWP(16*5,$out)); - &jmp (&label("xts_dec_done")); - -&set_label("xts_dec_one",16); - &movups ($inout0,&QWP(16*0,$inp)); # load input - &lea ($inp,&DWP(16*1,$inp)); - &xorps ($inout0,$inout3); # input^=tweak - if ($inline) - { &aesni_inline_generate1("dec"); } - else - { &call ("_aesni_decrypt1"); } - &xorps ($inout0,$inout3); # output^=tweak - &movups (&QWP(16*0,$out),$inout0); # write output - &lea ($out,&DWP(16*1,$out)); - - &movdqa ($tweak,$inout3); # last tweak - &jmp (&label("xts_dec_done")); - -&set_label("xts_dec_two",16); - &movaps ($inout4,$tweak); # put aside last tweak - - &movups ($inout0,&QWP(16*0,$inp)); # load input - &movups ($inout1,&QWP(16*1,$inp)); - &lea ($inp,&DWP(16*2,$inp)); - &xorps ($inout0,$inout3); # input^=tweak - &xorps ($inout1,$inout4); - - &call ("_aesni_decrypt3"); - - &xorps ($inout0,$inout3); # output^=tweak - &xorps ($inout1,$inout4); - &movups (&QWP(16*0,$out),$inout0); # write output - &movups (&QWP(16*1,$out),$inout1); - &lea ($out,&DWP(16*2,$out)); - - &movdqa ($tweak,$inout4); # last tweak - &jmp (&label("xts_dec_done")); - -&set_label("xts_dec_three",16); - &movaps ($inout5,$tweak); # put aside last tweak - &movups ($inout0,&QWP(16*0,$inp)); # load input - &movups ($inout1,&QWP(16*1,$inp)); - &movups ($inout2,&QWP(16*2,$inp)); - &lea ($inp,&DWP(16*3,$inp)); - &xorps ($inout0,$inout3); # input^=tweak - &xorps ($inout1,$inout4); - &xorps ($inout2,$inout5); - - &call ("_aesni_decrypt3"); - - &xorps ($inout0,$inout3); # output^=tweak - &xorps ($inout1,$inout4); - &xorps ($inout2,$inout5); - &movups (&QWP(16*0,$out),$inout0); # write output - &movups (&QWP(16*1,$out),$inout1); - &movups (&QWP(16*2,$out),$inout2); - &lea ($out,&DWP(16*3,$out)); - - &movdqa ($tweak,$inout5); # last tweak - &jmp (&label("xts_dec_done")); - -&set_label("xts_dec_four",16); - &movaps ($inout4,$tweak); # put aside last tweak - - &movups ($inout0,&QWP(16*0,$inp)); # load input - &movups ($inout1,&QWP(16*1,$inp)); - &movups ($inout2,&QWP(16*2,$inp)); - &xorps ($inout0,&QWP(16*0,"esp")); # input^=tweak - &movups ($inout3,&QWP(16*3,$inp)); - &lea ($inp,&DWP(16*4,$inp)); - &xorps ($inout1,&QWP(16*1,"esp")); - &xorps ($inout2,$inout5); - &xorps ($inout3,$inout4); - - &call ("_aesni_decrypt4"); - - &xorps ($inout0,&QWP(16*0,"esp")); # output^=tweak - &xorps ($inout1,&QWP(16*1,"esp")); - &xorps ($inout2,$inout5); - &movups (&QWP(16*0,$out),$inout0); # write output - &xorps ($inout3,$inout4); - &movups (&QWP(16*1,$out),$inout1); - &movups (&QWP(16*2,$out),$inout2); - &movups (&QWP(16*3,$out),$inout3); - &lea ($out,&DWP(16*4,$out)); - - &movdqa ($tweak,$inout4); # last tweak - &jmp (&label("xts_dec_done")); - -&set_label("xts_dec_done6x",16); # $tweak is pre-calculated - &mov ($len,&DWP(16*7+0,"esp")); # restore original $len - &and ($len,15); - &jz (&label("xts_dec_ret")); - &mov (&DWP(16*7+0,"esp"),$len); # save $len%16 - &jmp (&label("xts_dec_only_one_more")); - -&set_label("xts_dec_done",16); - &mov ($len,&DWP(16*7+0,"esp")); # restore original $len - &pxor ($twtmp,$twtmp); - &and ($len,15); - &jz (&label("xts_dec_ret")); - - &pcmpgtd($twtmp,$tweak); # broadcast upper bits - &mov (&DWP(16*7+0,"esp"),$len); # save $len%16 - &pshufd ($twres,$twtmp,0x13); - &pxor ($twtmp,$twtmp); - &movdqa ($twmask,&QWP(16*6,"esp")); - &paddq ($tweak,$tweak); # &psllq($tweak,1); - &pand ($twres,$twmask); # isolate carry and residue - &pcmpgtd($twtmp,$tweak); # broadcast upper bits - &pxor ($tweak,$twres); - -&set_label("xts_dec_only_one_more"); - &pshufd ($inout3,$twtmp,0x13); - &movdqa ($inout4,$tweak); # put aside previous tweak - &paddq ($tweak,$tweak); # &psllq($tweak,1); - &pand ($inout3,$twmask); # isolate carry and residue - &pxor ($inout3,$tweak); - - &mov ($key,$key_); # restore $key - &mov ($rounds,$rounds_); # restore $rounds - - &movups ($inout0,&QWP(0,$inp)); # load input - &xorps ($inout0,$inout3); # input^=tweak - if ($inline) - { &aesni_inline_generate1("dec"); } - else - { &call ("_aesni_decrypt1"); } - &xorps ($inout0,$inout3); # output^=tweak - &movups (&QWP(0,$out),$inout0); # write output - -&set_label("xts_dec_steal"); - &movz ($rounds,&BP(16,$inp)); - &movz ($key,&BP(0,$out)); - &lea ($inp,&DWP(1,$inp)); - &mov (&BP(0,$out),&LB($rounds)); - &mov (&BP(16,$out),&LB($key)); - &lea ($out,&DWP(1,$out)); - &sub ($len,1); - &jnz (&label("xts_dec_steal")); - - &sub ($out,&DWP(16*7+0,"esp")); # rewind $out - &mov ($key,$key_); # restore $key - &mov ($rounds,$rounds_); # restore $rounds - - &movups ($inout0,&QWP(0,$out)); # load input - &xorps ($inout0,$inout4); # input^=tweak - if ($inline) - { &aesni_inline_generate1("dec"); } - else - { &call ("_aesni_decrypt1"); } - &xorps ($inout0,$inout4); # output^=tweak - &movups (&QWP(0,$out),$inout0); # write output - -&set_label("xts_dec_ret"); - &mov ("esp",&DWP(16*7+4,"esp")); # restore %esp -&function_end("aesni_xts_decrypt"); -} -} - -###################################################################### -# void $PREFIX_cbc_encrypt (const void *inp, void *out, -# size_t length, const AES_KEY *key, -# unsigned char *ivp,const int enc); -&function_begin("${PREFIX}_cbc_encrypt"); - &mov ($inp,&wparam(0)); - &mov ($rounds_,"esp"); - &mov ($out,&wparam(1)); - &sub ($rounds_,24); - &mov ($len,&wparam(2)); - &and ($rounds_,-16); - &mov ($key,&wparam(3)); - &mov ($key_,&wparam(4)); - &test ($len,$len); - &jz (&label("cbc_abort")); - - &cmp (&wparam(5),0); - &xchg ($rounds_,"esp"); # alloca - &movups ($ivec,&QWP(0,$key_)); # load IV - &mov ($rounds,&DWP(240,$key)); - &mov ($key_,$key); # backup $key - &mov (&DWP(16,"esp"),$rounds_); # save original %esp - &mov ($rounds_,$rounds); # backup $rounds - &je (&label("cbc_decrypt")); - - &movaps ($inout0,$ivec); - &cmp ($len,16); - &jb (&label("cbc_enc_tail")); - &sub ($len,16); - &jmp (&label("cbc_enc_loop")); - -&set_label("cbc_enc_loop",16); - &movups ($ivec,&QWP(0,$inp)); # input actually - &lea ($inp,&DWP(16,$inp)); - if ($inline) - { &aesni_inline_generate1("enc",$inout0,$ivec); } - else - { &xorps($inout0,$ivec); &call("_aesni_encrypt1"); } - &mov ($rounds,$rounds_); # restore $rounds - &mov ($key,$key_); # restore $key - &movups (&QWP(0,$out),$inout0); # store output - &lea ($out,&DWP(16,$out)); - &sub ($len,16); - &jnc (&label("cbc_enc_loop")); - &add ($len,16); - &jnz (&label("cbc_enc_tail")); - &movaps ($ivec,$inout0); - &jmp (&label("cbc_ret")); - -&set_label("cbc_enc_tail"); - &mov ("ecx",$len); # zaps $rounds - &data_word(0xA4F3F689); # rep movsb - &mov ("ecx",16); # zero tail - &sub ("ecx",$len); - &xor ("eax","eax"); # zaps $len - &data_word(0xAAF3F689); # rep stosb - &lea ($out,&DWP(-16,$out)); # rewind $out by 1 block - &mov ($rounds,$rounds_); # restore $rounds - &mov ($inp,$out); # $inp and $out are the same - &mov ($key,$key_); # restore $key - &jmp (&label("cbc_enc_loop")); -###################################################################### -&set_label("cbc_decrypt",16); - &cmp ($len,0x50); - &jbe (&label("cbc_dec_tail")); - &movaps (&QWP(0,"esp"),$ivec); # save IV - &sub ($len,0x50); - &jmp (&label("cbc_dec_loop6_enter")); - -&set_label("cbc_dec_loop6",16); - &movaps (&QWP(0,"esp"),$rndkey0); # save IV - &movups (&QWP(0,$out),$inout5); - &lea ($out,&DWP(0x10,$out)); -&set_label("cbc_dec_loop6_enter"); - &movdqu ($inout0,&QWP(0,$inp)); - &movdqu ($inout1,&QWP(0x10,$inp)); - &movdqu ($inout2,&QWP(0x20,$inp)); - &movdqu ($inout3,&QWP(0x30,$inp)); - &movdqu ($inout4,&QWP(0x40,$inp)); - &movdqu ($inout5,&QWP(0x50,$inp)); - - &call ("_aesni_decrypt6"); - - &movups ($rndkey1,&QWP(0,$inp)); - &movups ($rndkey0,&QWP(0x10,$inp)); - &xorps ($inout0,&QWP(0,"esp")); # ^=IV - &xorps ($inout1,$rndkey1); - &movups ($rndkey1,&QWP(0x20,$inp)); - &xorps ($inout2,$rndkey0); - &movups ($rndkey0,&QWP(0x30,$inp)); - &xorps ($inout3,$rndkey1); - &movups ($rndkey1,&QWP(0x40,$inp)); - &xorps ($inout4,$rndkey0); - &movups ($rndkey0,&QWP(0x50,$inp)); # IV - &xorps ($inout5,$rndkey1); - &movups (&QWP(0,$out),$inout0); - &movups (&QWP(0x10,$out),$inout1); - &lea ($inp,&DWP(0x60,$inp)); - &movups (&QWP(0x20,$out),$inout2); - &mov ($rounds,$rounds_) # restore $rounds - &movups (&QWP(0x30,$out),$inout3); - &mov ($key,$key_); # restore $key - &movups (&QWP(0x40,$out),$inout4); - &lea ($out,&DWP(0x50,$out)); - &sub ($len,0x60); - &ja (&label("cbc_dec_loop6")); - - &movaps ($inout0,$inout5); - &movaps ($ivec,$rndkey0); - &add ($len,0x50); - &jle (&label("cbc_dec_tail_collected")); - &movups (&QWP(0,$out),$inout0); - &lea ($out,&DWP(0x10,$out)); -&set_label("cbc_dec_tail"); - &movups ($inout0,&QWP(0,$inp)); - &movaps ($in0,$inout0); - &cmp ($len,0x10); - &jbe (&label("cbc_dec_one")); - - &movups ($inout1,&QWP(0x10,$inp)); - &movaps ($in1,$inout1); - &cmp ($len,0x20); - &jbe (&label("cbc_dec_two")); - - &movups ($inout2,&QWP(0x20,$inp)); - &cmp ($len,0x30); - &jbe (&label("cbc_dec_three")); - - &movups ($inout3,&QWP(0x30,$inp)); - &cmp ($len,0x40); - &jbe (&label("cbc_dec_four")); - - &movups ($inout4,&QWP(0x40,$inp)); - &movaps (&QWP(0,"esp"),$ivec); # save IV - &movups ($inout0,&QWP(0,$inp)); - &xorps ($inout5,$inout5); - &call ("_aesni_decrypt6"); - &movups ($rndkey1,&QWP(0,$inp)); - &movups ($rndkey0,&QWP(0x10,$inp)); - &xorps ($inout0,&QWP(0,"esp")); # ^= IV - &xorps ($inout1,$rndkey1); - &movups ($rndkey1,&QWP(0x20,$inp)); - &xorps ($inout2,$rndkey0); - &movups ($rndkey0,&QWP(0x30,$inp)); - &xorps ($inout3,$rndkey1); - &movups ($ivec,&QWP(0x40,$inp)); # IV - &xorps ($inout4,$rndkey0); - &movups (&QWP(0,$out),$inout0); - &movups (&QWP(0x10,$out),$inout1); - &movups (&QWP(0x20,$out),$inout2); - &movups (&QWP(0x30,$out),$inout3); - &lea ($out,&DWP(0x40,$out)); - &movaps ($inout0,$inout4); - &sub ($len,0x50); - &jmp (&label("cbc_dec_tail_collected")); - -&set_label("cbc_dec_one",16); - if ($inline) - { &aesni_inline_generate1("dec"); } - else - { &call ("_aesni_decrypt1"); } - &xorps ($inout0,$ivec); - &movaps ($ivec,$in0); - &sub ($len,0x10); - &jmp (&label("cbc_dec_tail_collected")); - -&set_label("cbc_dec_two",16); - &xorps ($inout2,$inout2); - &call ("_aesni_decrypt3"); - &xorps ($inout0,$ivec); - &xorps ($inout1,$in0); - &movups (&QWP(0,$out),$inout0); - &movaps ($inout0,$inout1); - &lea ($out,&DWP(0x10,$out)); - &movaps ($ivec,$in1); - &sub ($len,0x20); - &jmp (&label("cbc_dec_tail_collected")); - -&set_label("cbc_dec_three",16); - &call ("_aesni_decrypt3"); - &xorps ($inout0,$ivec); - &xorps ($inout1,$in0); - &xorps ($inout2,$in1); - &movups (&QWP(0,$out),$inout0); - &movaps ($inout0,$inout2); - &movups (&QWP(0x10,$out),$inout1); - &lea ($out,&DWP(0x20,$out)); - &movups ($ivec,&QWP(0x20,$inp)); - &sub ($len,0x30); - &jmp (&label("cbc_dec_tail_collected")); - -&set_label("cbc_dec_four",16); - &call ("_aesni_decrypt4"); - &movups ($rndkey1,&QWP(0x10,$inp)); - &movups ($rndkey0,&QWP(0x20,$inp)); - &xorps ($inout0,$ivec); - &movups ($ivec,&QWP(0x30,$inp)); - &xorps ($inout1,$in0); - &movups (&QWP(0,$out),$inout0); - &xorps ($inout2,$rndkey1); - &movups (&QWP(0x10,$out),$inout1); - &xorps ($inout3,$rndkey0); - &movups (&QWP(0x20,$out),$inout2); - &lea ($out,&DWP(0x30,$out)); - &movaps ($inout0,$inout3); - &sub ($len,0x40); - -&set_label("cbc_dec_tail_collected"); - &and ($len,15); - &jnz (&label("cbc_dec_tail_partial")); - &movups (&QWP(0,$out),$inout0); - &jmp (&label("cbc_ret")); - -&set_label("cbc_dec_tail_partial",16); - &movaps (&QWP(0,"esp"),$inout0); - &mov ("ecx",16); - &mov ($inp,"esp"); - &sub ("ecx",$len); - &data_word(0xA4F3F689); # rep movsb - -&set_label("cbc_ret"); - &mov ("esp",&DWP(16,"esp")); # pull original %esp - &mov ($key_,&wparam(4)); - &movups (&QWP(0,$key_),$ivec); # output IV -&set_label("cbc_abort"); -&function_end("${PREFIX}_cbc_encrypt"); - -###################################################################### -# Mechanical port from aesni-x86_64.pl. -# -# _aesni_set_encrypt_key is private interface, -# input: -# "eax" const unsigned char *userKey -# $rounds int bits -# $key AES_KEY *key -# output: -# "eax" return code -# $round rounds - -&function_begin_B("_aesni_set_encrypt_key"); - &test ("eax","eax"); - &jz (&label("bad_pointer")); - &test ($key,$key); - &jz (&label("bad_pointer")); - - &movups ("xmm0",&QWP(0,"eax")); # pull first 128 bits of *userKey - &xorps ("xmm4","xmm4"); # low dword of xmm4 is assumed 0 - &lea ($key,&DWP(16,$key)); - &cmp ($rounds,256); - &je (&label("14rounds")); - &cmp ($rounds,192); - &je (&label("12rounds")); - &cmp ($rounds,128); - &jne (&label("bad_keybits")); - -&set_label("10rounds",16); - &mov ($rounds,9); - &$movekey (&QWP(-16,$key),"xmm0"); # round 0 - &aeskeygenassist("xmm1","xmm0",0x01); # round 1 - &call (&label("key_128_cold")); - &aeskeygenassist("xmm1","xmm0",0x2); # round 2 - &call (&label("key_128")); - &aeskeygenassist("xmm1","xmm0",0x04); # round 3 - &call (&label("key_128")); - &aeskeygenassist("xmm1","xmm0",0x08); # round 4 - &call (&label("key_128")); - &aeskeygenassist("xmm1","xmm0",0x10); # round 5 - &call (&label("key_128")); - &aeskeygenassist("xmm1","xmm0",0x20); # round 6 - &call (&label("key_128")); - &aeskeygenassist("xmm1","xmm0",0x40); # round 7 - &call (&label("key_128")); - &aeskeygenassist("xmm1","xmm0",0x80); # round 8 - &call (&label("key_128")); - &aeskeygenassist("xmm1","xmm0",0x1b); # round 9 - &call (&label("key_128")); - &aeskeygenassist("xmm1","xmm0",0x36); # round 10 - &call (&label("key_128")); - &$movekey (&QWP(0,$key),"xmm0"); - &mov (&DWP(80,$key),$rounds); - &xor ("eax","eax"); - &ret(); - -&set_label("key_128",16); - &$movekey (&QWP(0,$key),"xmm0"); - &lea ($key,&DWP(16,$key)); -&set_label("key_128_cold"); - &shufps ("xmm4","xmm0",0b00010000); - &xorps ("xmm0","xmm4"); - &shufps ("xmm4","xmm0",0b10001100); - &xorps ("xmm0","xmm4"); - &shufps ("xmm1","xmm1",0b11111111); # critical path - &xorps ("xmm0","xmm1"); - &ret(); - -&set_label("12rounds",16); - &movq ("xmm2",&QWP(16,"eax")); # remaining 1/3 of *userKey - &mov ($rounds,11); - &$movekey (&QWP(-16,$key),"xmm0") # round 0 - &aeskeygenassist("xmm1","xmm2",0x01); # round 1,2 - &call (&label("key_192a_cold")); - &aeskeygenassist("xmm1","xmm2",0x02); # round 2,3 - &call (&label("key_192b")); - &aeskeygenassist("xmm1","xmm2",0x04); # round 4,5 - &call (&label("key_192a")); - &aeskeygenassist("xmm1","xmm2",0x08); # round 5,6 - &call (&label("key_192b")); - &aeskeygenassist("xmm1","xmm2",0x10); # round 7,8 - &call (&label("key_192a")); - &aeskeygenassist("xmm1","xmm2",0x20); # round 8,9 - &call (&label("key_192b")); - &aeskeygenassist("xmm1","xmm2",0x40); # round 10,11 - &call (&label("key_192a")); - &aeskeygenassist("xmm1","xmm2",0x80); # round 11,12 - &call (&label("key_192b")); - &$movekey (&QWP(0,$key),"xmm0"); - &mov (&DWP(48,$key),$rounds); - &xor ("eax","eax"); - &ret(); - -&set_label("key_192a",16); - &$movekey (&QWP(0,$key),"xmm0"); - &lea ($key,&DWP(16,$key)); -&set_label("key_192a_cold",16); - &movaps ("xmm5","xmm2"); -&set_label("key_192b_warm"); - &shufps ("xmm4","xmm0",0b00010000); - &movdqa ("xmm3","xmm2"); - &xorps ("xmm0","xmm4"); - &shufps ("xmm4","xmm0",0b10001100); - &pslldq ("xmm3",4); - &xorps ("xmm0","xmm4"); - &pshufd ("xmm1","xmm1",0b01010101); # critical path - &pxor ("xmm2","xmm3"); - &pxor ("xmm0","xmm1"); - &pshufd ("xmm3","xmm0",0b11111111); - &pxor ("xmm2","xmm3"); - &ret(); - -&set_label("key_192b",16); - &movaps ("xmm3","xmm0"); - &shufps ("xmm5","xmm0",0b01000100); - &$movekey (&QWP(0,$key),"xmm5"); - &shufps ("xmm3","xmm2",0b01001110); - &$movekey (&QWP(16,$key),"xmm3"); - &lea ($key,&DWP(32,$key)); - &jmp (&label("key_192b_warm")); - -&set_label("14rounds",16); - &movups ("xmm2",&QWP(16,"eax")); # remaining half of *userKey - &mov ($rounds,13); - &lea ($key,&DWP(16,$key)); - &$movekey (&QWP(-32,$key),"xmm0"); # round 0 - &$movekey (&QWP(-16,$key),"xmm2"); # round 1 - &aeskeygenassist("xmm1","xmm2",0x01); # round 2 - &call (&label("key_256a_cold")); - &aeskeygenassist("xmm1","xmm0",0x01); # round 3 - &call (&label("key_256b")); - &aeskeygenassist("xmm1","xmm2",0x02); # round 4 - &call (&label("key_256a")); - &aeskeygenassist("xmm1","xmm0",0x02); # round 5 - &call (&label("key_256b")); - &aeskeygenassist("xmm1","xmm2",0x04); # round 6 - &call (&label("key_256a")); - &aeskeygenassist("xmm1","xmm0",0x04); # round 7 - &call (&label("key_256b")); - &aeskeygenassist("xmm1","xmm2",0x08); # round 8 - &call (&label("key_256a")); - &aeskeygenassist("xmm1","xmm0",0x08); # round 9 - &call (&label("key_256b")); - &aeskeygenassist("xmm1","xmm2",0x10); # round 10 - &call (&label("key_256a")); - &aeskeygenassist("xmm1","xmm0",0x10); # round 11 - &call (&label("key_256b")); - &aeskeygenassist("xmm1","xmm2",0x20); # round 12 - &call (&label("key_256a")); - &aeskeygenassist("xmm1","xmm0",0x20); # round 13 - &call (&label("key_256b")); - &aeskeygenassist("xmm1","xmm2",0x40); # round 14 - &call (&label("key_256a")); - &$movekey (&QWP(0,$key),"xmm0"); - &mov (&DWP(16,$key),$rounds); - &xor ("eax","eax"); - &ret(); - -&set_label("key_256a",16); - &$movekey (&QWP(0,$key),"xmm2"); - &lea ($key,&DWP(16,$key)); -&set_label("key_256a_cold"); - &shufps ("xmm4","xmm0",0b00010000); - &xorps ("xmm0","xmm4"); - &shufps ("xmm4","xmm0",0b10001100); - &xorps ("xmm0","xmm4"); - &shufps ("xmm1","xmm1",0b11111111); # critical path - &xorps ("xmm0","xmm1"); - &ret(); - -&set_label("key_256b",16); - &$movekey (&QWP(0,$key),"xmm0"); - &lea ($key,&DWP(16,$key)); - - &shufps ("xmm4","xmm2",0b00010000); - &xorps ("xmm2","xmm4"); - &shufps ("xmm4","xmm2",0b10001100); - &xorps ("xmm2","xmm4"); - &shufps ("xmm1","xmm1",0b10101010); # critical path - &xorps ("xmm2","xmm1"); - &ret(); - -&set_label("bad_pointer",4); - &mov ("eax",-1); - &ret (); -&set_label("bad_keybits",4); - &mov ("eax",-2); - &ret (); -&function_end_B("_aesni_set_encrypt_key"); - -# int $PREFIX_set_encrypt_key (const unsigned char *userKey, int bits, -# AES_KEY *key) -&function_begin_B("${PREFIX}_set_encrypt_key"); - &mov ("eax",&wparam(0)); - &mov ($rounds,&wparam(1)); - &mov ($key,&wparam(2)); - &call ("_aesni_set_encrypt_key"); - &ret (); -&function_end_B("${PREFIX}_set_encrypt_key"); - -# int $PREFIX_set_decrypt_key (const unsigned char *userKey, int bits, -# AES_KEY *key) -&function_begin_B("${PREFIX}_set_decrypt_key"); - &mov ("eax",&wparam(0)); - &mov ($rounds,&wparam(1)); - &mov ($key,&wparam(2)); - &call ("_aesni_set_encrypt_key"); - &mov ($key,&wparam(2)); - &shl ($rounds,4) # rounds-1 after _aesni_set_encrypt_key - &test ("eax","eax"); - &jnz (&label("dec_key_ret")); - &lea ("eax",&DWP(16,$key,$rounds)); # end of key schedule - - &$movekey ("xmm0",&QWP(0,$key)); # just swap - &$movekey ("xmm1",&QWP(0,"eax")); - &$movekey (&QWP(0,"eax"),"xmm0"); - &$movekey (&QWP(0,$key),"xmm1"); - &lea ($key,&DWP(16,$key)); - &lea ("eax",&DWP(-16,"eax")); - -&set_label("dec_key_inverse"); - &$movekey ("xmm0",&QWP(0,$key)); # swap and inverse - &$movekey ("xmm1",&QWP(0,"eax")); - &aesimc ("xmm0","xmm0"); - &aesimc ("xmm1","xmm1"); - &lea ($key,&DWP(16,$key)); - &lea ("eax",&DWP(-16,"eax")); - &$movekey (&QWP(16,"eax"),"xmm0"); - &$movekey (&QWP(-16,$key),"xmm1"); - &cmp ("eax",$key); - &ja (&label("dec_key_inverse")); - - &$movekey ("xmm0",&QWP(0,$key)); # inverse middle - &aesimc ("xmm0","xmm0"); - &$movekey (&QWP(0,$key),"xmm0"); - - &xor ("eax","eax"); # return success -&set_label("dec_key_ret"); - &ret (); -&function_end_B("${PREFIX}_set_decrypt_key"); - -&asm_finish(); diff --git a/src/lib/libcrypto/aes/asm/aesni-x86_64.pl b/src/lib/libcrypto/aes/asm/aesni-x86_64.pl deleted file mode 100644 index 441524036a..0000000000 --- a/src/lib/libcrypto/aes/asm/aesni-x86_64.pl +++ /dev/null @@ -1,3080 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== -# -# This module implements support for Intel AES-NI extension. In -# OpenSSL context it's used with Intel engine, but can also be used as -# drop-in replacement for crypto/aes/asm/aes-x86_64.pl [see below for -# details]. -# -# Performance. -# -# Given aes(enc|dec) instructions' latency asymptotic performance for -# non-parallelizable modes such as CBC encrypt is 3.75 cycles per byte -# processed with 128-bit key. And given their throughput asymptotic -# performance for parallelizable modes is 1.25 cycles per byte. Being -# asymptotic limit it's not something you commonly achieve in reality, -# but how close does one get? Below are results collected for -# different modes and block sized. Pairs of numbers are for en-/ -# decryption. -# -# 16-byte 64-byte 256-byte 1-KB 8-KB -# ECB 4.25/4.25 1.38/1.38 1.28/1.28 1.26/1.26 1.26/1.26 -# CTR 5.42/5.42 1.92/1.92 1.44/1.44 1.28/1.28 1.26/1.26 -# CBC 4.38/4.43 4.15/1.43 4.07/1.32 4.07/1.29 4.06/1.28 -# CCM 5.66/9.42 4.42/5.41 4.16/4.40 4.09/4.15 4.06/4.07 -# OFB 5.42/5.42 4.64/4.64 4.44/4.44 4.39/4.39 4.38/4.38 -# CFB 5.73/5.85 5.56/5.62 5.48/5.56 5.47/5.55 5.47/5.55 -# -# ECB, CTR, CBC and CCM results are free from EVP overhead. This means -# that otherwise used 'openssl speed -evp aes-128-??? -engine aesni -# [-decrypt]' will exhibit 10-15% worse results for smaller blocks. -# The results were collected with specially crafted speed.c benchmark -# in order to compare them with results reported in "Intel Advanced -# Encryption Standard (AES) New Instruction Set" White Paper Revision -# 3.0 dated May 2010. All above results are consistently better. This -# module also provides better performance for block sizes smaller than -# 128 bytes in points *not* represented in the above table. -# -# Looking at the results for 8-KB buffer. -# -# CFB and OFB results are far from the limit, because implementation -# uses "generic" CRYPTO_[c|o]fb128_encrypt interfaces relying on -# single-block aesni_encrypt, which is not the most optimal way to go. -# CBC encrypt result is unexpectedly high and there is no documented -# explanation for it. Seemingly there is a small penalty for feeding -# the result back to AES unit the way it's done in CBC mode. There is -# nothing one can do and the result appears optimal. CCM result is -# identical to CBC, because CBC-MAC is essentially CBC encrypt without -# saving output. CCM CTR "stays invisible," because it's neatly -# interleaved with CBC-MAC. This provides ~30% improvement over -# "straghtforward" CCM implementation with CTR and CBC-MAC performed -# disjointly. Parallelizable modes practically achieve the theoretical -# limit. -# -# Looking at how results vary with buffer size. -# -# Curves are practically saturated at 1-KB buffer size. In most cases -# "256-byte" performance is >95%, and "64-byte" is ~90% of "8-KB" one. -# CTR curve doesn't follow this pattern and is "slowest" changing one -# with "256-byte" result being 87% of "8-KB." This is because overhead -# in CTR mode is most computationally intensive. Small-block CCM -# decrypt is slower than encrypt, because first CTR and last CBC-MAC -# iterations can't be interleaved. -# -# Results for 192- and 256-bit keys. -# -# EVP-free results were observed to scale perfectly with number of -# rounds for larger block sizes, i.e. 192-bit result being 10/12 times -# lower and 256-bit one - 10/14. Well, in CBC encrypt case differences -# are a tad smaller, because the above mentioned penalty biases all -# results by same constant value. In similar way function call -# overhead affects small-block performance, as well as OFB and CFB -# results. Differences are not large, most common coefficients are -# 10/11.7 and 10/13.4 (as opposite to 10/12.0 and 10/14.0), but one -# observe even 10/11.2 and 10/12.4 (CTR, OFB, CFB)... - -# January 2011 -# -# While Westmere processor features 6 cycles latency for aes[enc|dec] -# instructions, which can be scheduled every second cycle, Sandy -# Bridge spends 8 cycles per instruction, but it can schedule them -# every cycle. This means that code targeting Westmere would perform -# suboptimally on Sandy Bridge. Therefore this update. -# -# In addition, non-parallelizable CBC encrypt (as well as CCM) is -# optimized. Relative improvement might appear modest, 8% on Westmere, -# but in absolute terms it's 3.77 cycles per byte encrypted with -# 128-bit key on Westmere, and 5.07 - on Sandy Bridge. These numbers -# should be compared to asymptotic limits of 3.75 for Westmere and -# 5.00 for Sandy Bridge. Actually, the fact that they get this close -# to asymptotic limits is quite amazing. Indeed, the limit is -# calculated as latency times number of rounds, 10 for 128-bit key, -# and divided by 16, the number of bytes in block, or in other words -# it accounts *solely* for aesenc instructions. But there are extra -# instructions, and numbers so close to the asymptotic limits mean -# that it's as if it takes as little as *one* additional cycle to -# execute all of them. How is it possible? It is possible thanks to -# out-of-order execution logic, which manages to overlap post- -# processing of previous block, things like saving the output, with -# actual encryption of current block, as well as pre-processing of -# current block, things like fetching input and xor-ing it with -# 0-round element of the key schedule, with actual encryption of -# previous block. Keep this in mind... -# -# For parallelizable modes, such as ECB, CBC decrypt, CTR, higher -# performance is achieved by interleaving instructions working on -# independent blocks. In which case asymptotic limit for such modes -# can be obtained by dividing above mentioned numbers by AES -# instructions' interleave factor. Westmere can execute at most 3 -# instructions at a time, meaning that optimal interleave factor is 3, -# and that's where the "magic" number of 1.25 come from. "Optimal -# interleave factor" means that increase of interleave factor does -# not improve performance. The formula has proven to reflect reality -# pretty well on Westmere... Sandy Bridge on the other hand can -# execute up to 8 AES instructions at a time, so how does varying -# interleave factor affect the performance? Here is table for ECB -# (numbers are cycles per byte processed with 128-bit key): -# -# instruction interleave factor 3x 6x 8x -# theoretical asymptotic limit 1.67 0.83 0.625 -# measured performance for 8KB block 1.05 0.86 0.84 -# -# "as if" interleave factor 4.7x 5.8x 6.0x -# -# Further data for other parallelizable modes: -# -# CBC decrypt 1.16 0.93 0.93 -# CTR 1.14 0.91 n/a -# -# Well, given 3x column it's probably inappropriate to call the limit -# asymptotic, if it can be surpassed, isn't it? What happens there? -# Rewind to CBC paragraph for the answer. Yes, out-of-order execution -# magic is responsible for this. Processor overlaps not only the -# additional instructions with AES ones, but even AES instructions -# processing adjacent triplets of independent blocks. In the 6x case -# additional instructions still claim disproportionally small amount -# of additional cycles, but in 8x case number of instructions must be -# a tad too high for out-of-order logic to cope with, and AES unit -# remains underutilized... As you can see 8x interleave is hardly -# justifiable, so there no need to feel bad that 32-bit aesni-x86.pl -# utilizies 6x interleave because of limited register bank capacity. -# -# Higher interleave factors do have negative impact on Westmere -# performance. While for ECB mode it's negligible ~1.5%, other -# parallelizables perform ~5% worse, which is outweighed by ~25% -# improvement on Sandy Bridge. To balance regression on Westmere -# CTR mode was implemented with 6x aesenc interleave factor. - -# April 2011 -# -# Add aesni_xts_[en|de]crypt. Westmere spends 1.33 cycles processing -# one byte out of 8KB with 128-bit key, Sandy Bridge - 0.97. Just like -# in CTR mode AES instruction interleave factor was chosen to be 6x. - -$PREFIX="aesni"; # if $PREFIX is set to "AES", the script - # generates drop-in replacement for - # crypto/aes/asm/aes-x86_64.pl:-) - -$flavour = shift; -$output = shift; -if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } - -$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/); - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or -( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or -die "can't locate x86_64-xlate.pl"; - -open OUT,"| \"$^X\" $xlate $flavour $output"; -*STDOUT=*OUT; - -$movkey = $PREFIX eq "aesni" ? "movups" : "movups"; -@_4args=$win64? ("%rcx","%rdx","%r8", "%r9") : # Win64 order - ("%rdi","%rsi","%rdx","%rcx"); # Unix order - -$code=".text\n"; - -$rounds="%eax"; # input to and changed by aesni_[en|de]cryptN !!! -# this is natural Unix argument order for public $PREFIX_[ecb|cbc]_encrypt ... -$inp="%rdi"; -$out="%rsi"; -$len="%rdx"; -$key="%rcx"; # input to and changed by aesni_[en|de]cryptN !!! -$ivp="%r8"; # cbc, ctr, ... - -$rnds_="%r10d"; # backup copy for $rounds -$key_="%r11"; # backup copy for $key - -# %xmm register layout -$rndkey0="%xmm0"; $rndkey1="%xmm1"; -$inout0="%xmm2"; $inout1="%xmm3"; -$inout2="%xmm4"; $inout3="%xmm5"; -$inout4="%xmm6"; $inout5="%xmm7"; -$inout6="%xmm8"; $inout7="%xmm9"; - -$in2="%xmm6"; $in1="%xmm7"; # used in CBC decrypt, CTR, ... -$in0="%xmm8"; $iv="%xmm9"; - -# Inline version of internal aesni_[en|de]crypt1. -# -# Why folded loop? Because aes[enc|dec] is slow enough to accommodate -# cycles which take care of loop variables... -{ my $sn; -sub aesni_generate1 { -my ($p,$key,$rounds,$inout,$ivec)=@_; $inout=$inout0 if (!defined($inout)); -++$sn; -$code.=<<___; - $movkey ($key),$rndkey0 - $movkey 16($key),$rndkey1 -___ -$code.=<<___ if (defined($ivec)); - xorps $rndkey0,$ivec - lea 32($key),$key - xorps $ivec,$inout -___ -$code.=<<___ if (!defined($ivec)); - lea 32($key),$key - xorps $rndkey0,$inout -___ -$code.=<<___; -.Loop_${p}1_$sn: - aes${p} $rndkey1,$inout - dec $rounds - $movkey ($key),$rndkey1 - lea 16($key),$key - jnz .Loop_${p}1_$sn # loop body is 16 bytes - aes${p}last $rndkey1,$inout -___ -}} -# void $PREFIX_[en|de]crypt (const void *inp,void *out,const AES_KEY *key); -# -{ my ($inp,$out,$key) = @_4args; - -$code.=<<___; -.globl ${PREFIX}_encrypt -.type ${PREFIX}_encrypt,\@abi-omnipotent -.align 16 -${PREFIX}_encrypt: - _CET_ENDBR - movups ($inp),$inout0 # load input - mov 240($key),$rounds # key->rounds -___ - &aesni_generate1("enc",$key,$rounds); -$code.=<<___; - movups $inout0,($out) # output - ret -.size ${PREFIX}_encrypt,.-${PREFIX}_encrypt - -.globl ${PREFIX}_decrypt -.type ${PREFIX}_decrypt,\@abi-omnipotent -.align 16 -${PREFIX}_decrypt: - _CET_ENDBR - movups ($inp),$inout0 # load input - mov 240($key),$rounds # key->rounds -___ - &aesni_generate1("dec",$key,$rounds); -$code.=<<___; - movups $inout0,($out) # output - ret -.size ${PREFIX}_decrypt, .-${PREFIX}_decrypt -___ -} - -# _aesni_[en|de]cryptN are private interfaces, N denotes interleave -# factor. Why 3x subroutine were originally used in loops? Even though -# aes[enc|dec] latency was originally 6, it could be scheduled only -# every *2nd* cycle. Thus 3x interleave was the one providing optimal -# utilization, i.e. when subroutine's throughput is virtually same as -# of non-interleaved subroutine [for number of input blocks up to 3]. -# This is why it makes no sense to implement 2x subroutine. -# aes[enc|dec] latency in next processor generation is 8, but the -# instructions can be scheduled every cycle. Optimal interleave for -# new processor is therefore 8x... -sub aesni_generate3 { -my $dir=shift; -# As already mentioned it takes in $key and $rounds, which are *not* -# preserved. $inout[0-2] is cipher/clear text... -$code.=<<___; -.type _aesni_${dir}rypt3,\@abi-omnipotent -.align 16 -_aesni_${dir}rypt3: - _CET_ENDBR - $movkey ($key),$rndkey0 - shr \$1,$rounds - $movkey 16($key),$rndkey1 - lea 32($key),$key - xorps $rndkey0,$inout0 - xorps $rndkey0,$inout1 - xorps $rndkey0,$inout2 - $movkey ($key),$rndkey0 - -.L${dir}_loop3: - aes${dir} $rndkey1,$inout0 - aes${dir} $rndkey1,$inout1 - dec $rounds - aes${dir} $rndkey1,$inout2 - $movkey 16($key),$rndkey1 - aes${dir} $rndkey0,$inout0 - aes${dir} $rndkey0,$inout1 - lea 32($key),$key - aes${dir} $rndkey0,$inout2 - $movkey ($key),$rndkey0 - jnz .L${dir}_loop3 - - aes${dir} $rndkey1,$inout0 - aes${dir} $rndkey1,$inout1 - aes${dir} $rndkey1,$inout2 - aes${dir}last $rndkey0,$inout0 - aes${dir}last $rndkey0,$inout1 - aes${dir}last $rndkey0,$inout2 - ret -.size _aesni_${dir}rypt3,.-_aesni_${dir}rypt3 -___ -} -# 4x interleave is implemented to improve small block performance, -# most notably [and naturally] 4 block by ~30%. One can argue that one -# should have implemented 5x as well, but improvement would be <20%, -# so it's not worth it... -sub aesni_generate4 { -my $dir=shift; -# As already mentioned it takes in $key and $rounds, which are *not* -# preserved. $inout[0-3] is cipher/clear text... -$code.=<<___; -.type _aesni_${dir}rypt4,\@abi-omnipotent -.align 16 -_aesni_${dir}rypt4: - _CET_ENDBR - $movkey ($key),$rndkey0 - shr \$1,$rounds - $movkey 16($key),$rndkey1 - lea 32($key),$key - xorps $rndkey0,$inout0 - xorps $rndkey0,$inout1 - xorps $rndkey0,$inout2 - xorps $rndkey0,$inout3 - $movkey ($key),$rndkey0 - -.L${dir}_loop4: - aes${dir} $rndkey1,$inout0 - aes${dir} $rndkey1,$inout1 - dec $rounds - aes${dir} $rndkey1,$inout2 - aes${dir} $rndkey1,$inout3 - $movkey 16($key),$rndkey1 - aes${dir} $rndkey0,$inout0 - aes${dir} $rndkey0,$inout1 - lea 32($key),$key - aes${dir} $rndkey0,$inout2 - aes${dir} $rndkey0,$inout3 - $movkey ($key),$rndkey0 - jnz .L${dir}_loop4 - - aes${dir} $rndkey1,$inout0 - aes${dir} $rndkey1,$inout1 - aes${dir} $rndkey1,$inout2 - aes${dir} $rndkey1,$inout3 - aes${dir}last $rndkey0,$inout0 - aes${dir}last $rndkey0,$inout1 - aes${dir}last $rndkey0,$inout2 - aes${dir}last $rndkey0,$inout3 - ret -.size _aesni_${dir}rypt4,.-_aesni_${dir}rypt4 -___ -} -sub aesni_generate6 { -my $dir=shift; -# As already mentioned it takes in $key and $rounds, which are *not* -# preserved. $inout[0-5] is cipher/clear text... -$code.=<<___; -.type _aesni_${dir}rypt6,\@abi-omnipotent -.align 16 -_aesni_${dir}rypt6: - _CET_ENDBR - $movkey ($key),$rndkey0 - shr \$1,$rounds - $movkey 16($key),$rndkey1 - lea 32($key),$key - xorps $rndkey0,$inout0 - pxor $rndkey0,$inout1 - aes${dir} $rndkey1,$inout0 - pxor $rndkey0,$inout2 - aes${dir} $rndkey1,$inout1 - pxor $rndkey0,$inout3 - aes${dir} $rndkey1,$inout2 - pxor $rndkey0,$inout4 - aes${dir} $rndkey1,$inout3 - pxor $rndkey0,$inout5 - dec $rounds - aes${dir} $rndkey1,$inout4 - $movkey ($key),$rndkey0 - aes${dir} $rndkey1,$inout5 - jmp .L${dir}_loop6_enter -.align 16 -.L${dir}_loop6: - aes${dir} $rndkey1,$inout0 - aes${dir} $rndkey1,$inout1 - dec $rounds - aes${dir} $rndkey1,$inout2 - aes${dir} $rndkey1,$inout3 - aes${dir} $rndkey1,$inout4 - aes${dir} $rndkey1,$inout5 -.L${dir}_loop6_enter: # happens to be 16-byte aligned - $movkey 16($key),$rndkey1 - aes${dir} $rndkey0,$inout0 - aes${dir} $rndkey0,$inout1 - lea 32($key),$key - aes${dir} $rndkey0,$inout2 - aes${dir} $rndkey0,$inout3 - aes${dir} $rndkey0,$inout4 - aes${dir} $rndkey0,$inout5 - $movkey ($key),$rndkey0 - jnz .L${dir}_loop6 - - aes${dir} $rndkey1,$inout0 - aes${dir} $rndkey1,$inout1 - aes${dir} $rndkey1,$inout2 - aes${dir} $rndkey1,$inout3 - aes${dir} $rndkey1,$inout4 - aes${dir} $rndkey1,$inout5 - aes${dir}last $rndkey0,$inout0 - aes${dir}last $rndkey0,$inout1 - aes${dir}last $rndkey0,$inout2 - aes${dir}last $rndkey0,$inout3 - aes${dir}last $rndkey0,$inout4 - aes${dir}last $rndkey0,$inout5 - ret -.size _aesni_${dir}rypt6,.-_aesni_${dir}rypt6 -___ -} -sub aesni_generate8 { -my $dir=shift; -# As already mentioned it takes in $key and $rounds, which are *not* -# preserved. $inout[0-7] is cipher/clear text... -$code.=<<___; -.type _aesni_${dir}rypt8,\@abi-omnipotent -.align 16 -_aesni_${dir}rypt8: - _CET_ENDBR - $movkey ($key),$rndkey0 - shr \$1,$rounds - $movkey 16($key),$rndkey1 - lea 32($key),$key - xorps $rndkey0,$inout0 - xorps $rndkey0,$inout1 - aes${dir} $rndkey1,$inout0 - pxor $rndkey0,$inout2 - aes${dir} $rndkey1,$inout1 - pxor $rndkey0,$inout3 - aes${dir} $rndkey1,$inout2 - pxor $rndkey0,$inout4 - aes${dir} $rndkey1,$inout3 - pxor $rndkey0,$inout5 - dec $rounds - aes${dir} $rndkey1,$inout4 - pxor $rndkey0,$inout6 - aes${dir} $rndkey1,$inout5 - pxor $rndkey0,$inout7 - $movkey ($key),$rndkey0 - aes${dir} $rndkey1,$inout6 - aes${dir} $rndkey1,$inout7 - $movkey 16($key),$rndkey1 - jmp .L${dir}_loop8_enter -.align 16 -.L${dir}_loop8: - aes${dir} $rndkey1,$inout0 - aes${dir} $rndkey1,$inout1 - dec $rounds - aes${dir} $rndkey1,$inout2 - aes${dir} $rndkey1,$inout3 - aes${dir} $rndkey1,$inout4 - aes${dir} $rndkey1,$inout5 - aes${dir} $rndkey1,$inout6 - aes${dir} $rndkey1,$inout7 - $movkey 16($key),$rndkey1 -.L${dir}_loop8_enter: # happens to be 16-byte aligned - aes${dir} $rndkey0,$inout0 - aes${dir} $rndkey0,$inout1 - lea 32($key),$key - aes${dir} $rndkey0,$inout2 - aes${dir} $rndkey0,$inout3 - aes${dir} $rndkey0,$inout4 - aes${dir} $rndkey0,$inout5 - aes${dir} $rndkey0,$inout6 - aes${dir} $rndkey0,$inout7 - $movkey ($key),$rndkey0 - jnz .L${dir}_loop8 - - aes${dir} $rndkey1,$inout0 - aes${dir} $rndkey1,$inout1 - aes${dir} $rndkey1,$inout2 - aes${dir} $rndkey1,$inout3 - aes${dir} $rndkey1,$inout4 - aes${dir} $rndkey1,$inout5 - aes${dir} $rndkey1,$inout6 - aes${dir} $rndkey1,$inout7 - aes${dir}last $rndkey0,$inout0 - aes${dir}last $rndkey0,$inout1 - aes${dir}last $rndkey0,$inout2 - aes${dir}last $rndkey0,$inout3 - aes${dir}last $rndkey0,$inout4 - aes${dir}last $rndkey0,$inout5 - aes${dir}last $rndkey0,$inout6 - aes${dir}last $rndkey0,$inout7 - ret -.size _aesni_${dir}rypt8,.-_aesni_${dir}rypt8 -___ -} -&aesni_generate3("enc") if ($PREFIX eq "aesni"); -&aesni_generate3("dec"); -&aesni_generate4("enc") if ($PREFIX eq "aesni"); -&aesni_generate4("dec"); -&aesni_generate6("enc") if ($PREFIX eq "aesni"); -&aesni_generate6("dec"); -&aesni_generate8("enc") if ($PREFIX eq "aesni"); -&aesni_generate8("dec"); - -if ($PREFIX eq "aesni") { -######################################################################## -# void aesni_ecb_encrypt (const void *in, void *out, -# size_t length, const AES_KEY *key, -# int enc); -$code.=<<___; -.globl aesni_ecb_encrypt -.type aesni_ecb_encrypt,\@function,5 -.align 16 -aesni_ecb_encrypt: - _CET_ENDBR - and \$-16,$len - jz .Lecb_ret - - mov 240($key),$rounds # key->rounds - $movkey ($key),$rndkey0 - mov $key,$key_ # backup $key - mov $rounds,$rnds_ # backup $rounds - test %r8d,%r8d # 5th argument - jz .Lecb_decrypt -#--------------------------- ECB ENCRYPT ------------------------------# - cmp \$0x80,$len - jb .Lecb_enc_tail - - movdqu ($inp),$inout0 - movdqu 0x10($inp),$inout1 - movdqu 0x20($inp),$inout2 - movdqu 0x30($inp),$inout3 - movdqu 0x40($inp),$inout4 - movdqu 0x50($inp),$inout5 - movdqu 0x60($inp),$inout6 - movdqu 0x70($inp),$inout7 - lea 0x80($inp),$inp - sub \$0x80,$len - jmp .Lecb_enc_loop8_enter -.align 16 -.Lecb_enc_loop8: - movups $inout0,($out) - mov $key_,$key # restore $key - movdqu ($inp),$inout0 - mov $rnds_,$rounds # restore $rounds - movups $inout1,0x10($out) - movdqu 0x10($inp),$inout1 - movups $inout2,0x20($out) - movdqu 0x20($inp),$inout2 - movups $inout3,0x30($out) - movdqu 0x30($inp),$inout3 - movups $inout4,0x40($out) - movdqu 0x40($inp),$inout4 - movups $inout5,0x50($out) - movdqu 0x50($inp),$inout5 - movups $inout6,0x60($out) - movdqu 0x60($inp),$inout6 - movups $inout7,0x70($out) - lea 0x80($out),$out - movdqu 0x70($inp),$inout7 - lea 0x80($inp),$inp -.Lecb_enc_loop8_enter: - - call _aesni_encrypt8 - - sub \$0x80,$len - jnc .Lecb_enc_loop8 - - movups $inout0,($out) - mov $key_,$key # restore $key - movups $inout1,0x10($out) - mov $rnds_,$rounds # restore $rounds - movups $inout2,0x20($out) - movups $inout3,0x30($out) - movups $inout4,0x40($out) - movups $inout5,0x50($out) - movups $inout6,0x60($out) - movups $inout7,0x70($out) - lea 0x80($out),$out - add \$0x80,$len - jz .Lecb_ret - -.Lecb_enc_tail: - movups ($inp),$inout0 - cmp \$0x20,$len - jb .Lecb_enc_one - movups 0x10($inp),$inout1 - je .Lecb_enc_two - movups 0x20($inp),$inout2 - cmp \$0x40,$len - jb .Lecb_enc_three - movups 0x30($inp),$inout3 - je .Lecb_enc_four - movups 0x40($inp),$inout4 - cmp \$0x60,$len - jb .Lecb_enc_five - movups 0x50($inp),$inout5 - je .Lecb_enc_six - movdqu 0x60($inp),$inout6 - call _aesni_encrypt8 - movups $inout0,($out) - movups $inout1,0x10($out) - movups $inout2,0x20($out) - movups $inout3,0x30($out) - movups $inout4,0x40($out) - movups $inout5,0x50($out) - movups $inout6,0x60($out) - jmp .Lecb_ret -.align 16 -.Lecb_enc_one: -___ - &aesni_generate1("enc",$key,$rounds); -$code.=<<___; - movups $inout0,($out) - jmp .Lecb_ret -.align 16 -.Lecb_enc_two: - xorps $inout2,$inout2 - call _aesni_encrypt3 - movups $inout0,($out) - movups $inout1,0x10($out) - jmp .Lecb_ret -.align 16 -.Lecb_enc_three: - call _aesni_encrypt3 - movups $inout0,($out) - movups $inout1,0x10($out) - movups $inout2,0x20($out) - jmp .Lecb_ret -.align 16 -.Lecb_enc_four: - call _aesni_encrypt4 - movups $inout0,($out) - movups $inout1,0x10($out) - movups $inout2,0x20($out) - movups $inout3,0x30($out) - jmp .Lecb_ret -.align 16 -.Lecb_enc_five: - xorps $inout5,$inout5 - call _aesni_encrypt6 - movups $inout0,($out) - movups $inout1,0x10($out) - movups $inout2,0x20($out) - movups $inout3,0x30($out) - movups $inout4,0x40($out) - jmp .Lecb_ret -.align 16 -.Lecb_enc_six: - call _aesni_encrypt6 - movups $inout0,($out) - movups $inout1,0x10($out) - movups $inout2,0x20($out) - movups $inout3,0x30($out) - movups $inout4,0x40($out) - movups $inout5,0x50($out) - jmp .Lecb_ret - #--------------------------- ECB DECRYPT ------------------------------# -.align 16 -.Lecb_decrypt: - cmp \$0x80,$len - jb .Lecb_dec_tail - - movdqu ($inp),$inout0 - movdqu 0x10($inp),$inout1 - movdqu 0x20($inp),$inout2 - movdqu 0x30($inp),$inout3 - movdqu 0x40($inp),$inout4 - movdqu 0x50($inp),$inout5 - movdqu 0x60($inp),$inout6 - movdqu 0x70($inp),$inout7 - lea 0x80($inp),$inp - sub \$0x80,$len - jmp .Lecb_dec_loop8_enter -.align 16 -.Lecb_dec_loop8: - movups $inout0,($out) - mov $key_,$key # restore $key - movdqu ($inp),$inout0 - mov $rnds_,$rounds # restore $rounds - movups $inout1,0x10($out) - movdqu 0x10($inp),$inout1 - movups $inout2,0x20($out) - movdqu 0x20($inp),$inout2 - movups $inout3,0x30($out) - movdqu 0x30($inp),$inout3 - movups $inout4,0x40($out) - movdqu 0x40($inp),$inout4 - movups $inout5,0x50($out) - movdqu 0x50($inp),$inout5 - movups $inout6,0x60($out) - movdqu 0x60($inp),$inout6 - movups $inout7,0x70($out) - lea 0x80($out),$out - movdqu 0x70($inp),$inout7 - lea 0x80($inp),$inp -.Lecb_dec_loop8_enter: - - call _aesni_decrypt8 - - $movkey ($key_),$rndkey0 - sub \$0x80,$len - jnc .Lecb_dec_loop8 - - movups $inout0,($out) - mov $key_,$key # restore $key - movups $inout1,0x10($out) - mov $rnds_,$rounds # restore $rounds - movups $inout2,0x20($out) - movups $inout3,0x30($out) - movups $inout4,0x40($out) - movups $inout5,0x50($out) - movups $inout6,0x60($out) - movups $inout7,0x70($out) - lea 0x80($out),$out - add \$0x80,$len - jz .Lecb_ret - -.Lecb_dec_tail: - movups ($inp),$inout0 - cmp \$0x20,$len - jb .Lecb_dec_one - movups 0x10($inp),$inout1 - je .Lecb_dec_two - movups 0x20($inp),$inout2 - cmp \$0x40,$len - jb .Lecb_dec_three - movups 0x30($inp),$inout3 - je .Lecb_dec_four - movups 0x40($inp),$inout4 - cmp \$0x60,$len - jb .Lecb_dec_five - movups 0x50($inp),$inout5 - je .Lecb_dec_six - movups 0x60($inp),$inout6 - $movkey ($key),$rndkey0 - call _aesni_decrypt8 - movups $inout0,($out) - movups $inout1,0x10($out) - movups $inout2,0x20($out) - movups $inout3,0x30($out) - movups $inout4,0x40($out) - movups $inout5,0x50($out) - movups $inout6,0x60($out) - jmp .Lecb_ret -.align 16 -.Lecb_dec_one: -___ - &aesni_generate1("dec",$key,$rounds); -$code.=<<___; - movups $inout0,($out) - jmp .Lecb_ret -.align 16 -.Lecb_dec_two: - xorps $inout2,$inout2 - call _aesni_decrypt3 - movups $inout0,($out) - movups $inout1,0x10($out) - jmp .Lecb_ret -.align 16 -.Lecb_dec_three: - call _aesni_decrypt3 - movups $inout0,($out) - movups $inout1,0x10($out) - movups $inout2,0x20($out) - jmp .Lecb_ret -.align 16 -.Lecb_dec_four: - call _aesni_decrypt4 - movups $inout0,($out) - movups $inout1,0x10($out) - movups $inout2,0x20($out) - movups $inout3,0x30($out) - jmp .Lecb_ret -.align 16 -.Lecb_dec_five: - xorps $inout5,$inout5 - call _aesni_decrypt6 - movups $inout0,($out) - movups $inout1,0x10($out) - movups $inout2,0x20($out) - movups $inout3,0x30($out) - movups $inout4,0x40($out) - jmp .Lecb_ret -.align 16 -.Lecb_dec_six: - call _aesni_decrypt6 - movups $inout0,($out) - movups $inout1,0x10($out) - movups $inout2,0x20($out) - movups $inout3,0x30($out) - movups $inout4,0x40($out) - movups $inout5,0x50($out) - -.Lecb_ret: - ret -.size aesni_ecb_encrypt,.-aesni_ecb_encrypt -___ - -{ -###################################################################### -# void aesni_ccm64_[en|de]crypt_blocks (const void *in, void *out, -# size_t blocks, const AES_KEY *key, -# const char *ivec,char *cmac); -# -# Handles only complete blocks, operates on 64-bit counter and -# does not update *ivec! Nor does it finalize CMAC value -# (see engine/eng_aesni.c for details) -# -{ -my $cmac="%r9"; # 6th argument - -my $increment="%xmm6"; -my $bswap_mask="%xmm7"; - -$code.=<<___; -.globl aesni_ccm64_encrypt_blocks -.type aesni_ccm64_encrypt_blocks,\@function,6 -.align 16 -aesni_ccm64_encrypt_blocks: - _CET_ENDBR -___ -$code.=<<___ if ($win64); - lea -0x58(%rsp),%rsp - movaps %xmm6,(%rsp) - movaps %xmm7,0x10(%rsp) - movaps %xmm8,0x20(%rsp) - movaps %xmm9,0x30(%rsp) -.Lccm64_enc_body: -___ -$code.=<<___; - mov 240($key),$rounds # key->rounds - movdqu ($ivp),$iv - movdqa .Lincrement64(%rip),$increment - movdqa .Lbswap_mask(%rip),$bswap_mask - - shr \$1,$rounds - lea 0($key),$key_ - movdqu ($cmac),$inout1 - movdqa $iv,$inout0 - mov $rounds,$rnds_ - pshufb $bswap_mask,$iv - jmp .Lccm64_enc_outer -.align 16 -.Lccm64_enc_outer: - $movkey ($key_),$rndkey0 - mov $rnds_,$rounds - movups ($inp),$in0 # load inp - - xorps $rndkey0,$inout0 # counter - $movkey 16($key_),$rndkey1 - xorps $in0,$rndkey0 - lea 32($key_),$key - xorps $rndkey0,$inout1 # cmac^=inp - $movkey ($key),$rndkey0 - -.Lccm64_enc2_loop: - aesenc $rndkey1,$inout0 - dec $rounds - aesenc $rndkey1,$inout1 - $movkey 16($key),$rndkey1 - aesenc $rndkey0,$inout0 - lea 32($key),$key - aesenc $rndkey0,$inout1 - $movkey 0($key),$rndkey0 - jnz .Lccm64_enc2_loop - aesenc $rndkey1,$inout0 - aesenc $rndkey1,$inout1 - paddq $increment,$iv - aesenclast $rndkey0,$inout0 - aesenclast $rndkey0,$inout1 - - dec $len - lea 16($inp),$inp - xorps $inout0,$in0 # inp ^= E(iv) - movdqa $iv,$inout0 - movups $in0,($out) # save output - lea 16($out),$out - pshufb $bswap_mask,$inout0 - jnz .Lccm64_enc_outer - - movups $inout1,($cmac) -___ -$code.=<<___ if ($win64); - movaps (%rsp),%xmm6 - movaps 0x10(%rsp),%xmm7 - movaps 0x20(%rsp),%xmm8 - movaps 0x30(%rsp),%xmm9 - lea 0x58(%rsp),%rsp -.Lccm64_enc_ret: -___ -$code.=<<___; - ret -.size aesni_ccm64_encrypt_blocks,.-aesni_ccm64_encrypt_blocks -___ -###################################################################### -$code.=<<___; -.globl aesni_ccm64_decrypt_blocks -.type aesni_ccm64_decrypt_blocks,\@function,6 -.align 16 -aesni_ccm64_decrypt_blocks: - _CET_ENDBR -___ -$code.=<<___ if ($win64); - lea -0x58(%rsp),%rsp - movaps %xmm6,(%rsp) - movaps %xmm7,0x10(%rsp) - movaps %xmm8,0x20(%rsp) - movaps %xmm9,0x30(%rsp) -.Lccm64_dec_body: -___ -$code.=<<___; - mov 240($key),$rounds # key->rounds - movups ($ivp),$iv - movdqu ($cmac),$inout1 - movdqa .Lincrement64(%rip),$increment - movdqa .Lbswap_mask(%rip),$bswap_mask - - movaps $iv,$inout0 - mov $rounds,$rnds_ - mov $key,$key_ - pshufb $bswap_mask,$iv -___ - &aesni_generate1("enc",$key,$rounds); -$code.=<<___; - movups ($inp),$in0 # load inp - paddq $increment,$iv - lea 16($inp),$inp - jmp .Lccm64_dec_outer -.align 16 -.Lccm64_dec_outer: - xorps $inout0,$in0 # inp ^= E(iv) - movdqa $iv,$inout0 - mov $rnds_,$rounds - movups $in0,($out) # save output - lea 16($out),$out - pshufb $bswap_mask,$inout0 - - sub \$1,$len - jz .Lccm64_dec_break - - $movkey ($key_),$rndkey0 - shr \$1,$rounds - $movkey 16($key_),$rndkey1 - xorps $rndkey0,$in0 - lea 32($key_),$key - xorps $rndkey0,$inout0 - xorps $in0,$inout1 # cmac^=out - $movkey ($key),$rndkey0 - -.Lccm64_dec2_loop: - aesenc $rndkey1,$inout0 - dec $rounds - aesenc $rndkey1,$inout1 - $movkey 16($key),$rndkey1 - aesenc $rndkey0,$inout0 - lea 32($key),$key - aesenc $rndkey0,$inout1 - $movkey 0($key),$rndkey0 - jnz .Lccm64_dec2_loop - movups ($inp),$in0 # load inp - paddq $increment,$iv - aesenc $rndkey1,$inout0 - aesenc $rndkey1,$inout1 - lea 16($inp),$inp - aesenclast $rndkey0,$inout0 - aesenclast $rndkey0,$inout1 - jmp .Lccm64_dec_outer - -.align 16 -.Lccm64_dec_break: - #xorps $in0,$inout1 # cmac^=out -___ - &aesni_generate1("enc",$key_,$rounds,$inout1,$in0); -$code.=<<___; - movups $inout1,($cmac) -___ -$code.=<<___ if ($win64); - movaps (%rsp),%xmm6 - movaps 0x10(%rsp),%xmm7 - movaps 0x20(%rsp),%xmm8 - movaps 0x30(%rsp),%xmm9 - lea 0x58(%rsp),%rsp -.Lccm64_dec_ret: -___ -$code.=<<___; - ret -.size aesni_ccm64_decrypt_blocks,.-aesni_ccm64_decrypt_blocks -___ -} -###################################################################### -# void aesni_ctr32_encrypt_blocks (const void *in, void *out, -# size_t blocks, const AES_KEY *key, -# const char *ivec); -# -# Handles only complete blocks, operates on 32-bit counter and -# does not update *ivec! (see engine/eng_aesni.c for details) -# -{ -my $frame_size = 0x20+($win64?160:0); -my ($in0,$in1,$in2,$in3)=map("%xmm$_",(8..11)); -my ($iv0,$iv1,$ivec)=("%xmm12","%xmm13","%xmm14"); -my $bswap_mask="%xmm15"; - -$code.=<<___; -.globl aesni_ctr32_encrypt_blocks -.type aesni_ctr32_encrypt_blocks,\@function,5 -.align 16 -aesni_ctr32_encrypt_blocks: - _CET_ENDBR - lea (%rsp),%rax - push %rbp - sub \$$frame_size,%rsp -___ -$code.=<<___ if ($win64); - movaps %xmm6,0x20(%rsp) - movaps %xmm7,0x30(%rsp) - movaps %xmm8,0x40(%rsp) - movaps %xmm9,0x50(%rsp) - movaps %xmm10,0x60(%rsp) - movaps %xmm11,0x70(%rsp) - movaps %xmm12,0x80(%rsp) - movaps %xmm13,0x90(%rsp) - movaps %xmm14,0xa0(%rsp) - movaps %xmm15,0xb0(%rsp) -.Lctr32_body: -___ -$code.=<<___; - lea -8(%rax),%rbp - cmp \$1,$len - je .Lctr32_one_shortcut - - movdqu ($ivp),$ivec - movdqa .Lbswap_mask(%rip),$bswap_mask - xor $rounds,$rounds - pextrd \$3,$ivec,$rnds_ # pull 32-bit counter - pinsrd \$3,$rounds,$ivec # wipe 32-bit counter - - mov 240($key),$rounds # key->rounds - bswap $rnds_ - pxor $iv0,$iv0 # vector of 3 32-bit counters - pxor $iv1,$iv1 # vector of 3 32-bit counters - pinsrd \$0,$rnds_,$iv0 - lea 3($rnds_),$key_ - pinsrd \$0,$key_,$iv1 - inc $rnds_ - pinsrd \$1,$rnds_,$iv0 - inc $key_ - pinsrd \$1,$key_,$iv1 - inc $rnds_ - pinsrd \$2,$rnds_,$iv0 - inc $key_ - pinsrd \$2,$key_,$iv1 - movdqa $iv0,0x00(%rsp) - pshufb $bswap_mask,$iv0 - movdqa $iv1,0x10(%rsp) - pshufb $bswap_mask,$iv1 - - pshufd \$`3<<6`,$iv0,$inout0 # place counter to upper dword - pshufd \$`2<<6`,$iv0,$inout1 - pshufd \$`1<<6`,$iv0,$inout2 - cmp \$6,$len - jb .Lctr32_tail - shr \$1,$rounds - mov $key,$key_ # backup $key - mov $rounds,$rnds_ # backup $rounds - sub \$6,$len - jmp .Lctr32_loop6 - -.align 16 -.Lctr32_loop6: - pshufd \$`3<<6`,$iv1,$inout3 - por $ivec,$inout0 # merge counter-less ivec - $movkey ($key_),$rndkey0 - pshufd \$`2<<6`,$iv1,$inout4 - por $ivec,$inout1 - $movkey 16($key_),$rndkey1 - pshufd \$`1<<6`,$iv1,$inout5 - por $ivec,$inout2 - por $ivec,$inout3 - xorps $rndkey0,$inout0 - por $ivec,$inout4 - por $ivec,$inout5 - - # inline _aesni_encrypt6 and interleave last rounds - # with own code... - - pxor $rndkey0,$inout1 - aesenc $rndkey1,$inout0 - lea 32($key_),$key - pxor $rndkey0,$inout2 - aesenc $rndkey1,$inout1 - movdqa .Lincrement32(%rip),$iv1 - pxor $rndkey0,$inout3 - aesenc $rndkey1,$inout2 - movdqa (%rsp),$iv0 - pxor $rndkey0,$inout4 - aesenc $rndkey1,$inout3 - pxor $rndkey0,$inout5 - $movkey ($key),$rndkey0 - dec $rounds - aesenc $rndkey1,$inout4 - aesenc $rndkey1,$inout5 - jmp .Lctr32_enc_loop6_enter -.align 16 -.Lctr32_enc_loop6: - aesenc $rndkey1,$inout0 - aesenc $rndkey1,$inout1 - dec $rounds - aesenc $rndkey1,$inout2 - aesenc $rndkey1,$inout3 - aesenc $rndkey1,$inout4 - aesenc $rndkey1,$inout5 -.Lctr32_enc_loop6_enter: - $movkey 16($key),$rndkey1 - aesenc $rndkey0,$inout0 - aesenc $rndkey0,$inout1 - lea 32($key),$key - aesenc $rndkey0,$inout2 - aesenc $rndkey0,$inout3 - aesenc $rndkey0,$inout4 - aesenc $rndkey0,$inout5 - $movkey ($key),$rndkey0 - jnz .Lctr32_enc_loop6 - - aesenc $rndkey1,$inout0 - paddd $iv1,$iv0 # increment counter vector - aesenc $rndkey1,$inout1 - paddd 0x10(%rsp),$iv1 - aesenc $rndkey1,$inout2 - movdqa $iv0,0x00(%rsp) # save counter vector - aesenc $rndkey1,$inout3 - movdqa $iv1,0x10(%rsp) - aesenc $rndkey1,$inout4 - pshufb $bswap_mask,$iv0 # byte swap - aesenc $rndkey1,$inout5 - pshufb $bswap_mask,$iv1 - - aesenclast $rndkey0,$inout0 - movups ($inp),$in0 # load input - aesenclast $rndkey0,$inout1 - movups 0x10($inp),$in1 - aesenclast $rndkey0,$inout2 - movups 0x20($inp),$in2 - aesenclast $rndkey0,$inout3 - movups 0x30($inp),$in3 - aesenclast $rndkey0,$inout4 - movups 0x40($inp),$rndkey1 - aesenclast $rndkey0,$inout5 - movups 0x50($inp),$rndkey0 - lea 0x60($inp),$inp - - xorps $inout0,$in0 # xor - pshufd \$`3<<6`,$iv0,$inout0 - xorps $inout1,$in1 - pshufd \$`2<<6`,$iv0,$inout1 - movups $in0,($out) # store output - xorps $inout2,$in2 - pshufd \$`1<<6`,$iv0,$inout2 - movups $in1,0x10($out) - xorps $inout3,$in3 - movups $in2,0x20($out) - xorps $inout4,$rndkey1 - movups $in3,0x30($out) - xorps $inout5,$rndkey0 - movups $rndkey1,0x40($out) - movups $rndkey0,0x50($out) - lea 0x60($out),$out - mov $rnds_,$rounds - sub \$6,$len - jnc .Lctr32_loop6 - - add \$6,$len - jz .Lctr32_done - mov $key_,$key # restore $key - lea 1($rounds,$rounds),$rounds # restore original value - -.Lctr32_tail: - por $ivec,$inout0 - movups ($inp),$in0 - cmp \$2,$len - jb .Lctr32_one - - por $ivec,$inout1 - movups 0x10($inp),$in1 - je .Lctr32_two - - pshufd \$`3<<6`,$iv1,$inout3 - por $ivec,$inout2 - movups 0x20($inp),$in2 - cmp \$4,$len - jb .Lctr32_three - - pshufd \$`2<<6`,$iv1,$inout4 - por $ivec,$inout3 - movups 0x30($inp),$in3 - je .Lctr32_four - - por $ivec,$inout4 - xorps $inout5,$inout5 - - call _aesni_encrypt6 - - movups 0x40($inp),$rndkey1 - xorps $inout0,$in0 - xorps $inout1,$in1 - movups $in0,($out) - xorps $inout2,$in2 - movups $in1,0x10($out) - xorps $inout3,$in3 - movups $in2,0x20($out) - xorps $inout4,$rndkey1 - movups $in3,0x30($out) - movups $rndkey1,0x40($out) - jmp .Lctr32_done - -.align 16 -.Lctr32_one_shortcut: - movups ($ivp),$inout0 - movups ($inp),$in0 - mov 240($key),$rounds # key->rounds -.Lctr32_one: -___ - &aesni_generate1("enc",$key,$rounds); -$code.=<<___; - xorps $inout0,$in0 - movups $in0,($out) - jmp .Lctr32_done - -.align 16 -.Lctr32_two: - xorps $inout2,$inout2 - call _aesni_encrypt3 - xorps $inout0,$in0 - xorps $inout1,$in1 - movups $in0,($out) - movups $in1,0x10($out) - jmp .Lctr32_done - -.align 16 -.Lctr32_three: - call _aesni_encrypt3 - xorps $inout0,$in0 - xorps $inout1,$in1 - movups $in0,($out) - xorps $inout2,$in2 - movups $in1,0x10($out) - movups $in2,0x20($out) - jmp .Lctr32_done - -.align 16 -.Lctr32_four: - call _aesni_encrypt4 - xorps $inout0,$in0 - xorps $inout1,$in1 - movups $in0,($out) - xorps $inout2,$in2 - movups $in1,0x10($out) - xorps $inout3,$in3 - movups $in2,0x20($out) - movups $in3,0x30($out) - -.Lctr32_done: -___ -$code.=<<___ if ($win64); - movaps 0x20(%rsp),%xmm6 - movaps 0x30(%rsp),%xmm7 - movaps 0x40(%rsp),%xmm8 - movaps 0x50(%rsp),%xmm9 - movaps 0x60(%rsp),%xmm10 - movaps 0x70(%rsp),%xmm11 - movaps 0x80(%rsp),%xmm12 - movaps 0x90(%rsp),%xmm13 - movaps 0xa0(%rsp),%xmm14 - movaps 0xb0(%rsp),%xmm15 -___ -$code.=<<___; - lea (%rbp),%rsp - pop %rbp -.Lctr32_ret: - ret -.size aesni_ctr32_encrypt_blocks,.-aesni_ctr32_encrypt_blocks -___ -} - -###################################################################### -# void aesni_xts_[en|de]crypt(const char *inp,char *out,size_t len, -# const AES_KEY *key1, const AES_KEY *key2 -# const unsigned char iv[16]); -# -{ -my @tweak=map("%xmm$_",(10..15)); -my ($twmask,$twres,$twtmp)=("%xmm8","%xmm9",@tweak[4]); -my ($key2,$ivp,$len_)=("%r8","%r9","%r9"); -my $frame_size = 0x60 + ($win64?160:0); - -$code.=<<___; -.globl aesni_xts_encrypt -.type aesni_xts_encrypt,\@function,6 -.align 16 -aesni_xts_encrypt: - _CET_ENDBR - lea (%rsp),%rax - push %rbp - sub \$$frame_size,%rsp -___ -$code.=<<___ if ($win64); - movaps %xmm6,0x60(%rsp) - movaps %xmm7,0x70(%rsp) - movaps %xmm8,0x80(%rsp) - movaps %xmm9,0x90(%rsp) - movaps %xmm10,0xa0(%rsp) - movaps %xmm11,0xb0(%rsp) - movaps %xmm12,0xc0(%rsp) - movaps %xmm13,0xd0(%rsp) - movaps %xmm14,0xe0(%rsp) - movaps %xmm15,0xf0(%rsp) -.Lxts_enc_body: -___ -$code.=<<___; - lea -8(%rax),%rbp - movups ($ivp),@tweak[5] # load clear-text tweak - mov 240(%r8),$rounds # key2->rounds - mov 240($key),$rnds_ # key1->rounds -___ - # generate the tweak - &aesni_generate1("enc",$key2,$rounds,@tweak[5]); -$code.=<<___; - mov $key,$key_ # backup $key - mov $rnds_,$rounds # backup $rounds - mov $len,$len_ # backup $len - and \$-16,$len - - movdqa .Lxts_magic(%rip),$twmask - pxor $twtmp,$twtmp - pcmpgtd @tweak[5],$twtmp # broadcast upper bits -___ - for ($i=0;$i<4;$i++) { - $code.=<<___; - pshufd \$0x13,$twtmp,$twres - pxor $twtmp,$twtmp - movdqa @tweak[5],@tweak[$i] - paddq @tweak[5],@tweak[5] # psllq 1,$tweak - pand $twmask,$twres # isolate carry and residue - pcmpgtd @tweak[5],$twtmp # broadcast upper bits - pxor $twres,@tweak[5] -___ - } -$code.=<<___; - sub \$16*6,$len - jc .Lxts_enc_short - - shr \$1,$rounds - sub \$1,$rounds - mov $rounds,$rnds_ - jmp .Lxts_enc_grandloop - -.align 16 -.Lxts_enc_grandloop: - pshufd \$0x13,$twtmp,$twres - movdqa @tweak[5],@tweak[4] - paddq @tweak[5],@tweak[5] # psllq 1,$tweak - movdqu `16*0`($inp),$inout0 # load input - pand $twmask,$twres # isolate carry and residue - movdqu `16*1`($inp),$inout1 - pxor $twres,@tweak[5] - - movdqu `16*2`($inp),$inout2 - pxor @tweak[0],$inout0 # input^=tweak - movdqu `16*3`($inp),$inout3 - pxor @tweak[1],$inout1 - movdqu `16*4`($inp),$inout4 - pxor @tweak[2],$inout2 - movdqu `16*5`($inp),$inout5 - lea `16*6`($inp),$inp - pxor @tweak[3],$inout3 - $movkey ($key_),$rndkey0 - pxor @tweak[4],$inout4 - pxor @tweak[5],$inout5 - - # inline _aesni_encrypt6 and interleave first and last rounds - # with own code... - $movkey 16($key_),$rndkey1 - pxor $rndkey0,$inout0 - pxor $rndkey0,$inout1 - movdqa @tweak[0],`16*0`(%rsp) # put aside tweaks - aesenc $rndkey1,$inout0 - lea 32($key_),$key - pxor $rndkey0,$inout2 - movdqa @tweak[1],`16*1`(%rsp) - aesenc $rndkey1,$inout1 - pxor $rndkey0,$inout3 - movdqa @tweak[2],`16*2`(%rsp) - aesenc $rndkey1,$inout2 - pxor $rndkey0,$inout4 - movdqa @tweak[3],`16*3`(%rsp) - aesenc $rndkey1,$inout3 - pxor $rndkey0,$inout5 - $movkey ($key),$rndkey0 - dec $rounds - movdqa @tweak[4],`16*4`(%rsp) - aesenc $rndkey1,$inout4 - movdqa @tweak[5],`16*5`(%rsp) - aesenc $rndkey1,$inout5 - pxor $twtmp,$twtmp - pcmpgtd @tweak[5],$twtmp - jmp .Lxts_enc_loop6_enter - -.align 16 -.Lxts_enc_loop6: - aesenc $rndkey1,$inout0 - aesenc $rndkey1,$inout1 - dec $rounds - aesenc $rndkey1,$inout2 - aesenc $rndkey1,$inout3 - aesenc $rndkey1,$inout4 - aesenc $rndkey1,$inout5 -.Lxts_enc_loop6_enter: - $movkey 16($key),$rndkey1 - aesenc $rndkey0,$inout0 - aesenc $rndkey0,$inout1 - lea 32($key),$key - aesenc $rndkey0,$inout2 - aesenc $rndkey0,$inout3 - aesenc $rndkey0,$inout4 - aesenc $rndkey0,$inout5 - $movkey ($key),$rndkey0 - jnz .Lxts_enc_loop6 - - pshufd \$0x13,$twtmp,$twres - pxor $twtmp,$twtmp - paddq @tweak[5],@tweak[5] # psllq 1,$tweak - aesenc $rndkey1,$inout0 - pand $twmask,$twres # isolate carry and residue - aesenc $rndkey1,$inout1 - pcmpgtd @tweak[5],$twtmp # broadcast upper bits - aesenc $rndkey1,$inout2 - pxor $twres,@tweak[5] - aesenc $rndkey1,$inout3 - aesenc $rndkey1,$inout4 - aesenc $rndkey1,$inout5 - $movkey 16($key),$rndkey1 - - pshufd \$0x13,$twtmp,$twres - pxor $twtmp,$twtmp - movdqa @tweak[5],@tweak[0] - paddq @tweak[5],@tweak[5] # psllq 1,$tweak - aesenc $rndkey0,$inout0 - pand $twmask,$twres # isolate carry and residue - aesenc $rndkey0,$inout1 - pcmpgtd @tweak[5],$twtmp # broadcast upper bits - aesenc $rndkey0,$inout2 - pxor $twres,@tweak[5] - aesenc $rndkey0,$inout3 - aesenc $rndkey0,$inout4 - aesenc $rndkey0,$inout5 - $movkey 32($key),$rndkey0 - - pshufd \$0x13,$twtmp,$twres - pxor $twtmp,$twtmp - movdqa @tweak[5],@tweak[1] - paddq @tweak[5],@tweak[5] # psllq 1,$tweak - aesenc $rndkey1,$inout0 - pand $twmask,$twres # isolate carry and residue - aesenc $rndkey1,$inout1 - pcmpgtd @tweak[5],$twtmp # broadcast upper bits - aesenc $rndkey1,$inout2 - pxor $twres,@tweak[5] - aesenc $rndkey1,$inout3 - aesenc $rndkey1,$inout4 - aesenc $rndkey1,$inout5 - - pshufd \$0x13,$twtmp,$twres - pxor $twtmp,$twtmp - movdqa @tweak[5],@tweak[2] - paddq @tweak[5],@tweak[5] # psllq 1,$tweak - aesenclast $rndkey0,$inout0 - pand $twmask,$twres # isolate carry and residue - aesenclast $rndkey0,$inout1 - pcmpgtd @tweak[5],$twtmp # broadcast upper bits - aesenclast $rndkey0,$inout2 - pxor $twres,@tweak[5] - aesenclast $rndkey0,$inout3 - aesenclast $rndkey0,$inout4 - aesenclast $rndkey0,$inout5 - - pshufd \$0x13,$twtmp,$twres - pxor $twtmp,$twtmp - movdqa @tweak[5],@tweak[3] - paddq @tweak[5],@tweak[5] # psllq 1,$tweak - xorps `16*0`(%rsp),$inout0 # output^=tweak - pand $twmask,$twres # isolate carry and residue - xorps `16*1`(%rsp),$inout1 - pcmpgtd @tweak[5],$twtmp # broadcast upper bits - pxor $twres,@tweak[5] - - xorps `16*2`(%rsp),$inout2 - movups $inout0,`16*0`($out) # write output - xorps `16*3`(%rsp),$inout3 - movups $inout1,`16*1`($out) - xorps `16*4`(%rsp),$inout4 - movups $inout2,`16*2`($out) - xorps `16*5`(%rsp),$inout5 - movups $inout3,`16*3`($out) - mov $rnds_,$rounds # restore $rounds - movups $inout4,`16*4`($out) - movups $inout5,`16*5`($out) - lea `16*6`($out),$out - sub \$16*6,$len - jnc .Lxts_enc_grandloop - - lea 3($rounds,$rounds),$rounds # restore original value - mov $key_,$key # restore $key - mov $rounds,$rnds_ # backup $rounds - -.Lxts_enc_short: - add \$16*6,$len - jz .Lxts_enc_done - - cmp \$0x20,$len - jb .Lxts_enc_one - je .Lxts_enc_two - - cmp \$0x40,$len - jb .Lxts_enc_three - je .Lxts_enc_four - - pshufd \$0x13,$twtmp,$twres - movdqa @tweak[5],@tweak[4] - paddq @tweak[5],@tweak[5] # psllq 1,$tweak - movdqu ($inp),$inout0 - pand $twmask,$twres # isolate carry and residue - movdqu 16*1($inp),$inout1 - pxor $twres,@tweak[5] - - movdqu 16*2($inp),$inout2 - pxor @tweak[0],$inout0 - movdqu 16*3($inp),$inout3 - pxor @tweak[1],$inout1 - movdqu 16*4($inp),$inout4 - lea 16*5($inp),$inp - pxor @tweak[2],$inout2 - pxor @tweak[3],$inout3 - pxor @tweak[4],$inout4 - - call _aesni_encrypt6 - - xorps @tweak[0],$inout0 - movdqa @tweak[5],@tweak[0] - xorps @tweak[1],$inout1 - xorps @tweak[2],$inout2 - movdqu $inout0,($out) - xorps @tweak[3],$inout3 - movdqu $inout1,16*1($out) - xorps @tweak[4],$inout4 - movdqu $inout2,16*2($out) - movdqu $inout3,16*3($out) - movdqu $inout4,16*4($out) - lea 16*5($out),$out - jmp .Lxts_enc_done - -.align 16 -.Lxts_enc_one: - movups ($inp),$inout0 - lea 16*1($inp),$inp - xorps @tweak[0],$inout0 -___ - &aesni_generate1("enc",$key,$rounds); -$code.=<<___; - xorps @tweak[0],$inout0 - movdqa @tweak[1],@tweak[0] - movups $inout0,($out) - lea 16*1($out),$out - jmp .Lxts_enc_done - -.align 16 -.Lxts_enc_two: - movups ($inp),$inout0 - movups 16($inp),$inout1 - lea 32($inp),$inp - xorps @tweak[0],$inout0 - xorps @tweak[1],$inout1 - - call _aesni_encrypt3 - - xorps @tweak[0],$inout0 - movdqa @tweak[2],@tweak[0] - xorps @tweak[1],$inout1 - movups $inout0,($out) - movups $inout1,16*1($out) - lea 16*2($out),$out - jmp .Lxts_enc_done - -.align 16 -.Lxts_enc_three: - movups ($inp),$inout0 - movups 16*1($inp),$inout1 - movups 16*2($inp),$inout2 - lea 16*3($inp),$inp - xorps @tweak[0],$inout0 - xorps @tweak[1],$inout1 - xorps @tweak[2],$inout2 - - call _aesni_encrypt3 - - xorps @tweak[0],$inout0 - movdqa @tweak[3],@tweak[0] - xorps @tweak[1],$inout1 - xorps @tweak[2],$inout2 - movups $inout0,($out) - movups $inout1,16*1($out) - movups $inout2,16*2($out) - lea 16*3($out),$out - jmp .Lxts_enc_done - -.align 16 -.Lxts_enc_four: - movups ($inp),$inout0 - movups 16*1($inp),$inout1 - movups 16*2($inp),$inout2 - xorps @tweak[0],$inout0 - movups 16*3($inp),$inout3 - lea 16*4($inp),$inp - xorps @tweak[1],$inout1 - xorps @tweak[2],$inout2 - xorps @tweak[3],$inout3 - - call _aesni_encrypt4 - - xorps @tweak[0],$inout0 - movdqa @tweak[5],@tweak[0] - xorps @tweak[1],$inout1 - xorps @tweak[2],$inout2 - movups $inout0,($out) - xorps @tweak[3],$inout3 - movups $inout1,16*1($out) - movups $inout2,16*2($out) - movups $inout3,16*3($out) - lea 16*4($out),$out - jmp .Lxts_enc_done - -.align 16 -.Lxts_enc_done: - and \$15,$len_ - jz .Lxts_enc_ret - mov $len_,$len - -.Lxts_enc_steal: - movzb ($inp),%eax # borrow $rounds ... - movzb -16($out),%ecx # ... and $key - lea 1($inp),$inp - mov %al,-16($out) - mov %cl,0($out) - lea 1($out),$out - sub \$1,$len - jnz .Lxts_enc_steal - - sub $len_,$out # rewind $out - mov $key_,$key # restore $key - mov $rnds_,$rounds # restore $rounds - - movups -16($out),$inout0 - xorps @tweak[0],$inout0 -___ - &aesni_generate1("enc",$key,$rounds); -$code.=<<___; - xorps @tweak[0],$inout0 - movups $inout0,-16($out) - -.Lxts_enc_ret: -___ -$code.=<<___ if ($win64); - movaps 0x60(%rsp),%xmm6 - movaps 0x70(%rsp),%xmm7 - movaps 0x80(%rsp),%xmm8 - movaps 0x90(%rsp),%xmm9 - movaps 0xa0(%rsp),%xmm10 - movaps 0xb0(%rsp),%xmm11 - movaps 0xc0(%rsp),%xmm12 - movaps 0xd0(%rsp),%xmm13 - movaps 0xe0(%rsp),%xmm14 - movaps 0xf0(%rsp),%xmm15 -___ -$code.=<<___; - lea (%rbp),%rsp - pop %rbp -.Lxts_enc_epilogue: - ret -.size aesni_xts_encrypt,.-aesni_xts_encrypt -___ - -$code.=<<___; -.globl aesni_xts_decrypt -.type aesni_xts_decrypt,\@function,6 -.align 16 -aesni_xts_decrypt: - _CET_ENDBR - lea (%rsp),%rax - push %rbp - sub \$$frame_size,%rsp -___ -$code.=<<___ if ($win64); - movaps %xmm6,0x60(%rsp) - movaps %xmm7,0x70(%rsp) - movaps %xmm8,0x80(%rsp) - movaps %xmm9,0x90(%rsp) - movaps %xmm10,0xa0(%rsp) - movaps %xmm11,0xb0(%rsp) - movaps %xmm12,0xc0(%rsp) - movaps %xmm13,0xd0(%rsp) - movaps %xmm14,0xe0(%rsp) - movaps %xmm15,0xf0(%rsp) -.Lxts_dec_body: -___ -$code.=<<___; - lea -8(%rax),%rbp - movups ($ivp),@tweak[5] # load clear-text tweak - mov 240($key2),$rounds # key2->rounds - mov 240($key),$rnds_ # key1->rounds -___ - # generate the tweak - &aesni_generate1("enc",$key2,$rounds,@tweak[5]); -$code.=<<___; - xor %eax,%eax # if ($len%16) len-=16; - test \$15,$len - setnz %al - shl \$4,%rax - sub %rax,$len - - mov $key,$key_ # backup $key - mov $rnds_,$rounds # backup $rounds - mov $len,$len_ # backup $len - and \$-16,$len - - movdqa .Lxts_magic(%rip),$twmask - pxor $twtmp,$twtmp - pcmpgtd @tweak[5],$twtmp # broadcast upper bits -___ - for ($i=0;$i<4;$i++) { - $code.=<<___; - pshufd \$0x13,$twtmp,$twres - pxor $twtmp,$twtmp - movdqa @tweak[5],@tweak[$i] - paddq @tweak[5],@tweak[5] # psllq 1,$tweak - pand $twmask,$twres # isolate carry and residue - pcmpgtd @tweak[5],$twtmp # broadcast upper bits - pxor $twres,@tweak[5] -___ - } -$code.=<<___; - sub \$16*6,$len - jc .Lxts_dec_short - - shr \$1,$rounds - sub \$1,$rounds - mov $rounds,$rnds_ - jmp .Lxts_dec_grandloop - -.align 16 -.Lxts_dec_grandloop: - pshufd \$0x13,$twtmp,$twres - movdqa @tweak[5],@tweak[4] - paddq @tweak[5],@tweak[5] # psllq 1,$tweak - movdqu `16*0`($inp),$inout0 # load input - pand $twmask,$twres # isolate carry and residue - movdqu `16*1`($inp),$inout1 - pxor $twres,@tweak[5] - - movdqu `16*2`($inp),$inout2 - pxor @tweak[0],$inout0 # input^=tweak - movdqu `16*3`($inp),$inout3 - pxor @tweak[1],$inout1 - movdqu `16*4`($inp),$inout4 - pxor @tweak[2],$inout2 - movdqu `16*5`($inp),$inout5 - lea `16*6`($inp),$inp - pxor @tweak[3],$inout3 - $movkey ($key_),$rndkey0 - pxor @tweak[4],$inout4 - pxor @tweak[5],$inout5 - - # inline _aesni_decrypt6 and interleave first and last rounds - # with own code... - $movkey 16($key_),$rndkey1 - pxor $rndkey0,$inout0 - pxor $rndkey0,$inout1 - movdqa @tweak[0],`16*0`(%rsp) # put aside tweaks - aesdec $rndkey1,$inout0 - lea 32($key_),$key - pxor $rndkey0,$inout2 - movdqa @tweak[1],`16*1`(%rsp) - aesdec $rndkey1,$inout1 - pxor $rndkey0,$inout3 - movdqa @tweak[2],`16*2`(%rsp) - aesdec $rndkey1,$inout2 - pxor $rndkey0,$inout4 - movdqa @tweak[3],`16*3`(%rsp) - aesdec $rndkey1,$inout3 - pxor $rndkey0,$inout5 - $movkey ($key),$rndkey0 - dec $rounds - movdqa @tweak[4],`16*4`(%rsp) - aesdec $rndkey1,$inout4 - movdqa @tweak[5],`16*5`(%rsp) - aesdec $rndkey1,$inout5 - pxor $twtmp,$twtmp - pcmpgtd @tweak[5],$twtmp - jmp .Lxts_dec_loop6_enter - -.align 16 -.Lxts_dec_loop6: - aesdec $rndkey1,$inout0 - aesdec $rndkey1,$inout1 - dec $rounds - aesdec $rndkey1,$inout2 - aesdec $rndkey1,$inout3 - aesdec $rndkey1,$inout4 - aesdec $rndkey1,$inout5 -.Lxts_dec_loop6_enter: - $movkey 16($key),$rndkey1 - aesdec $rndkey0,$inout0 - aesdec $rndkey0,$inout1 - lea 32($key),$key - aesdec $rndkey0,$inout2 - aesdec $rndkey0,$inout3 - aesdec $rndkey0,$inout4 - aesdec $rndkey0,$inout5 - $movkey ($key),$rndkey0 - jnz .Lxts_dec_loop6 - - pshufd \$0x13,$twtmp,$twres - pxor $twtmp,$twtmp - paddq @tweak[5],@tweak[5] # psllq 1,$tweak - aesdec $rndkey1,$inout0 - pand $twmask,$twres # isolate carry and residue - aesdec $rndkey1,$inout1 - pcmpgtd @tweak[5],$twtmp # broadcast upper bits - aesdec $rndkey1,$inout2 - pxor $twres,@tweak[5] - aesdec $rndkey1,$inout3 - aesdec $rndkey1,$inout4 - aesdec $rndkey1,$inout5 - $movkey 16($key),$rndkey1 - - pshufd \$0x13,$twtmp,$twres - pxor $twtmp,$twtmp - movdqa @tweak[5],@tweak[0] - paddq @tweak[5],@tweak[5] # psllq 1,$tweak - aesdec $rndkey0,$inout0 - pand $twmask,$twres # isolate carry and residue - aesdec $rndkey0,$inout1 - pcmpgtd @tweak[5],$twtmp # broadcast upper bits - aesdec $rndkey0,$inout2 - pxor $twres,@tweak[5] - aesdec $rndkey0,$inout3 - aesdec $rndkey0,$inout4 - aesdec $rndkey0,$inout5 - $movkey 32($key),$rndkey0 - - pshufd \$0x13,$twtmp,$twres - pxor $twtmp,$twtmp - movdqa @tweak[5],@tweak[1] - paddq @tweak[5],@tweak[5] # psllq 1,$tweak - aesdec $rndkey1,$inout0 - pand $twmask,$twres # isolate carry and residue - aesdec $rndkey1,$inout1 - pcmpgtd @tweak[5],$twtmp # broadcast upper bits - aesdec $rndkey1,$inout2 - pxor $twres,@tweak[5] - aesdec $rndkey1,$inout3 - aesdec $rndkey1,$inout4 - aesdec $rndkey1,$inout5 - - pshufd \$0x13,$twtmp,$twres - pxor $twtmp,$twtmp - movdqa @tweak[5],@tweak[2] - paddq @tweak[5],@tweak[5] # psllq 1,$tweak - aesdeclast $rndkey0,$inout0 - pand $twmask,$twres # isolate carry and residue - aesdeclast $rndkey0,$inout1 - pcmpgtd @tweak[5],$twtmp # broadcast upper bits - aesdeclast $rndkey0,$inout2 - pxor $twres,@tweak[5] - aesdeclast $rndkey0,$inout3 - aesdeclast $rndkey0,$inout4 - aesdeclast $rndkey0,$inout5 - - pshufd \$0x13,$twtmp,$twres - pxor $twtmp,$twtmp - movdqa @tweak[5],@tweak[3] - paddq @tweak[5],@tweak[5] # psllq 1,$tweak - xorps `16*0`(%rsp),$inout0 # output^=tweak - pand $twmask,$twres # isolate carry and residue - xorps `16*1`(%rsp),$inout1 - pcmpgtd @tweak[5],$twtmp # broadcast upper bits - pxor $twres,@tweak[5] - - xorps `16*2`(%rsp),$inout2 - movups $inout0,`16*0`($out) # write output - xorps `16*3`(%rsp),$inout3 - movups $inout1,`16*1`($out) - xorps `16*4`(%rsp),$inout4 - movups $inout2,`16*2`($out) - xorps `16*5`(%rsp),$inout5 - movups $inout3,`16*3`($out) - mov $rnds_,$rounds # restore $rounds - movups $inout4,`16*4`($out) - movups $inout5,`16*5`($out) - lea `16*6`($out),$out - sub \$16*6,$len - jnc .Lxts_dec_grandloop - - lea 3($rounds,$rounds),$rounds # restore original value - mov $key_,$key # restore $key - mov $rounds,$rnds_ # backup $rounds - -.Lxts_dec_short: - add \$16*6,$len - jz .Lxts_dec_done - - cmp \$0x20,$len - jb .Lxts_dec_one - je .Lxts_dec_two - - cmp \$0x40,$len - jb .Lxts_dec_three - je .Lxts_dec_four - - pshufd \$0x13,$twtmp,$twres - movdqa @tweak[5],@tweak[4] - paddq @tweak[5],@tweak[5] # psllq 1,$tweak - movdqu ($inp),$inout0 - pand $twmask,$twres # isolate carry and residue - movdqu 16*1($inp),$inout1 - pxor $twres,@tweak[5] - - movdqu 16*2($inp),$inout2 - pxor @tweak[0],$inout0 - movdqu 16*3($inp),$inout3 - pxor @tweak[1],$inout1 - movdqu 16*4($inp),$inout4 - lea 16*5($inp),$inp - pxor @tweak[2],$inout2 - pxor @tweak[3],$inout3 - pxor @tweak[4],$inout4 - - call _aesni_decrypt6 - - xorps @tweak[0],$inout0 - xorps @tweak[1],$inout1 - xorps @tweak[2],$inout2 - movdqu $inout0,($out) - xorps @tweak[3],$inout3 - movdqu $inout1,16*1($out) - xorps @tweak[4],$inout4 - movdqu $inout2,16*2($out) - pxor $twtmp,$twtmp - movdqu $inout3,16*3($out) - pcmpgtd @tweak[5],$twtmp - movdqu $inout4,16*4($out) - lea 16*5($out),$out - pshufd \$0x13,$twtmp,@tweak[1] # $twres - and \$15,$len_ - jz .Lxts_dec_ret - - movdqa @tweak[5],@tweak[0] - paddq @tweak[5],@tweak[5] # psllq 1,$tweak - pand $twmask,@tweak[1] # isolate carry and residue - pxor @tweak[5],@tweak[1] - jmp .Lxts_dec_done2 - -.align 16 -.Lxts_dec_one: - movups ($inp),$inout0 - lea 16*1($inp),$inp - xorps @tweak[0],$inout0 -___ - &aesni_generate1("dec",$key,$rounds); -$code.=<<___; - xorps @tweak[0],$inout0 - movdqa @tweak[1],@tweak[0] - movups $inout0,($out) - movdqa @tweak[2],@tweak[1] - lea 16*1($out),$out - jmp .Lxts_dec_done - -.align 16 -.Lxts_dec_two: - movups ($inp),$inout0 - movups 16($inp),$inout1 - lea 32($inp),$inp - xorps @tweak[0],$inout0 - xorps @tweak[1],$inout1 - - call _aesni_decrypt3 - - xorps @tweak[0],$inout0 - movdqa @tweak[2],@tweak[0] - xorps @tweak[1],$inout1 - movdqa @tweak[3],@tweak[1] - movups $inout0,($out) - movups $inout1,16*1($out) - lea 16*2($out),$out - jmp .Lxts_dec_done - -.align 16 -.Lxts_dec_three: - movups ($inp),$inout0 - movups 16*1($inp),$inout1 - movups 16*2($inp),$inout2 - lea 16*3($inp),$inp - xorps @tweak[0],$inout0 - xorps @tweak[1],$inout1 - xorps @tweak[2],$inout2 - - call _aesni_decrypt3 - - xorps @tweak[0],$inout0 - movdqa @tweak[3],@tweak[0] - xorps @tweak[1],$inout1 - movdqa @tweak[5],@tweak[1] - xorps @tweak[2],$inout2 - movups $inout0,($out) - movups $inout1,16*1($out) - movups $inout2,16*2($out) - lea 16*3($out),$out - jmp .Lxts_dec_done - -.align 16 -.Lxts_dec_four: - pshufd \$0x13,$twtmp,$twres - movdqa @tweak[5],@tweak[4] - paddq @tweak[5],@tweak[5] # psllq 1,$tweak - movups ($inp),$inout0 - pand $twmask,$twres # isolate carry and residue - movups 16*1($inp),$inout1 - pxor $twres,@tweak[5] - - movups 16*2($inp),$inout2 - xorps @tweak[0],$inout0 - movups 16*3($inp),$inout3 - lea 16*4($inp),$inp - xorps @tweak[1],$inout1 - xorps @tweak[2],$inout2 - xorps @tweak[3],$inout3 - - call _aesni_decrypt4 - - xorps @tweak[0],$inout0 - movdqa @tweak[4],@tweak[0] - xorps @tweak[1],$inout1 - movdqa @tweak[5],@tweak[1] - xorps @tweak[2],$inout2 - movups $inout0,($out) - xorps @tweak[3],$inout3 - movups $inout1,16*1($out) - movups $inout2,16*2($out) - movups $inout3,16*3($out) - lea 16*4($out),$out - jmp .Lxts_dec_done - -.align 16 -.Lxts_dec_done: - and \$15,$len_ - jz .Lxts_dec_ret -.Lxts_dec_done2: - mov $len_,$len - mov $key_,$key # restore $key - mov $rnds_,$rounds # restore $rounds - - movups ($inp),$inout0 - xorps @tweak[1],$inout0 -___ - &aesni_generate1("dec",$key,$rounds); -$code.=<<___; - xorps @tweak[1],$inout0 - movups $inout0,($out) - -.Lxts_dec_steal: - movzb 16($inp),%eax # borrow $rounds ... - movzb ($out),%ecx # ... and $key - lea 1($inp),$inp - mov %al,($out) - mov %cl,16($out) - lea 1($out),$out - sub \$1,$len - jnz .Lxts_dec_steal - - sub $len_,$out # rewind $out - mov $key_,$key # restore $key - mov $rnds_,$rounds # restore $rounds - - movups ($out),$inout0 - xorps @tweak[0],$inout0 -___ - &aesni_generate1("dec",$key,$rounds); -$code.=<<___; - xorps @tweak[0],$inout0 - movups $inout0,($out) - -.Lxts_dec_ret: -___ -$code.=<<___ if ($win64); - movaps 0x60(%rsp),%xmm6 - movaps 0x70(%rsp),%xmm7 - movaps 0x80(%rsp),%xmm8 - movaps 0x90(%rsp),%xmm9 - movaps 0xa0(%rsp),%xmm10 - movaps 0xb0(%rsp),%xmm11 - movaps 0xc0(%rsp),%xmm12 - movaps 0xd0(%rsp),%xmm13 - movaps 0xe0(%rsp),%xmm14 - movaps 0xf0(%rsp),%xmm15 -___ -$code.=<<___; - lea (%rbp),%rsp - pop %rbp -.Lxts_dec_epilogue: - ret -.size aesni_xts_decrypt,.-aesni_xts_decrypt -___ -} }} - -######################################################################## -# void $PREFIX_cbc_encrypt (const void *inp, void *out, -# size_t length, const AES_KEY *key, -# unsigned char *ivp,const int enc); -{ -my $frame_size = 0x10 + ($win64?0x40:0); # used in decrypt -$code.=<<___; -.globl ${PREFIX}_cbc_encrypt -.type ${PREFIX}_cbc_encrypt,\@function,6 -.align 16 -${PREFIX}_cbc_encrypt: - _CET_ENDBR - test $len,$len # check length - jz .Lcbc_ret - - mov 240($key),$rnds_ # key->rounds - mov $key,$key_ # backup $key - test %r9d,%r9d # 6th argument - jz .Lcbc_decrypt -#--------------------------- CBC ENCRYPT ------------------------------# - movups ($ivp),$inout0 # load iv as initial state - mov $rnds_,$rounds - cmp \$16,$len - jb .Lcbc_enc_tail - sub \$16,$len - jmp .Lcbc_enc_loop -.align 16 -.Lcbc_enc_loop: - movups ($inp),$inout1 # load input - lea 16($inp),$inp - #xorps $inout1,$inout0 -___ - &aesni_generate1("enc",$key,$rounds,$inout0,$inout1); -$code.=<<___; - mov $rnds_,$rounds # restore $rounds - mov $key_,$key # restore $key - movups $inout0,0($out) # store output - lea 16($out),$out - sub \$16,$len - jnc .Lcbc_enc_loop - add \$16,$len - jnz .Lcbc_enc_tail - movups $inout0,($ivp) - jmp .Lcbc_ret - -.Lcbc_enc_tail: - mov $len,%rcx # zaps $key - xchg $inp,$out # $inp is %rsi and $out is %rdi now - .long 0x9066A4F3 # rep movsb - mov \$16,%ecx # zero tail - sub $len,%rcx - xor %eax,%eax - .long 0x9066AAF3 # rep stosb - lea -16(%rdi),%rdi # rewind $out by 1 block - mov $rnds_,$rounds # restore $rounds - mov %rdi,%rsi # $inp and $out are the same - mov $key_,$key # restore $key - xor $len,$len # len=16 - jmp .Lcbc_enc_loop # one more spin - #--------------------------- CBC DECRYPT ------------------------------# -.align 16 -.Lcbc_decrypt: - lea (%rsp),%rax - push %rbp - sub \$$frame_size,%rsp -___ -$code.=<<___ if ($win64); - movaps %xmm6,0x10(%rsp) - movaps %xmm7,0x20(%rsp) - movaps %xmm8,0x30(%rsp) - movaps %xmm9,0x40(%rsp) -.Lcbc_decrypt_body: -___ -$code.=<<___; - lea -8(%rax),%rbp - movups ($ivp),$iv - mov $rnds_,$rounds - cmp \$0x70,$len - jbe .Lcbc_dec_tail - shr \$1,$rnds_ - sub \$0x70,$len - mov $rnds_,$rounds - movaps $iv,(%rsp) - jmp .Lcbc_dec_loop8_enter -.align 16 -.Lcbc_dec_loop8: - movaps $rndkey0,(%rsp) # save IV - movups $inout7,($out) - lea 0x10($out),$out -.Lcbc_dec_loop8_enter: - $movkey ($key),$rndkey0 - movups ($inp),$inout0 # load input - movups 0x10($inp),$inout1 - $movkey 16($key),$rndkey1 - - lea 32($key),$key - movdqu 0x20($inp),$inout2 - xorps $rndkey0,$inout0 - movdqu 0x30($inp),$inout3 - xorps $rndkey0,$inout1 - movdqu 0x40($inp),$inout4 - aesdec $rndkey1,$inout0 - pxor $rndkey0,$inout2 - movdqu 0x50($inp),$inout5 - aesdec $rndkey1,$inout1 - pxor $rndkey0,$inout3 - movdqu 0x60($inp),$inout6 - aesdec $rndkey1,$inout2 - pxor $rndkey0,$inout4 - movdqu 0x70($inp),$inout7 - aesdec $rndkey1,$inout3 - pxor $rndkey0,$inout5 - dec $rounds - aesdec $rndkey1,$inout4 - pxor $rndkey0,$inout6 - aesdec $rndkey1,$inout5 - pxor $rndkey0,$inout7 - $movkey ($key),$rndkey0 - aesdec $rndkey1,$inout6 - aesdec $rndkey1,$inout7 - $movkey 16($key),$rndkey1 - - call .Ldec_loop8_enter - - movups ($inp),$rndkey1 # re-load input - movups 0x10($inp),$rndkey0 - xorps (%rsp),$inout0 # ^= IV - xorps $rndkey1,$inout1 - movups 0x20($inp),$rndkey1 - xorps $rndkey0,$inout2 - movups 0x30($inp),$rndkey0 - xorps $rndkey1,$inout3 - movups 0x40($inp),$rndkey1 - xorps $rndkey0,$inout4 - movups 0x50($inp),$rndkey0 - xorps $rndkey1,$inout5 - movups 0x60($inp),$rndkey1 - xorps $rndkey0,$inout6 - movups 0x70($inp),$rndkey0 # IV - xorps $rndkey1,$inout7 - movups $inout0,($out) - movups $inout1,0x10($out) - movups $inout2,0x20($out) - movups $inout3,0x30($out) - mov $rnds_,$rounds # restore $rounds - movups $inout4,0x40($out) - mov $key_,$key # restore $key - movups $inout5,0x50($out) - lea 0x80($inp),$inp - movups $inout6,0x60($out) - lea 0x70($out),$out - sub \$0x80,$len - ja .Lcbc_dec_loop8 - - movaps $inout7,$inout0 - movaps $rndkey0,$iv - add \$0x70,$len - jle .Lcbc_dec_tail_collected - movups $inout0,($out) - lea 1($rnds_,$rnds_),$rounds - lea 0x10($out),$out -.Lcbc_dec_tail: - movups ($inp),$inout0 - movaps $inout0,$in0 - cmp \$0x10,$len - jbe .Lcbc_dec_one - - movups 0x10($inp),$inout1 - movaps $inout1,$in1 - cmp \$0x20,$len - jbe .Lcbc_dec_two - - movups 0x20($inp),$inout2 - movaps $inout2,$in2 - cmp \$0x30,$len - jbe .Lcbc_dec_three - - movups 0x30($inp),$inout3 - cmp \$0x40,$len - jbe .Lcbc_dec_four - - movups 0x40($inp),$inout4 - cmp \$0x50,$len - jbe .Lcbc_dec_five - - movups 0x50($inp),$inout5 - cmp \$0x60,$len - jbe .Lcbc_dec_six - - movups 0x60($inp),$inout6 - movaps $iv,(%rsp) # save IV - call _aesni_decrypt8 - movups ($inp),$rndkey1 - movups 0x10($inp),$rndkey0 - xorps (%rsp),$inout0 # ^= IV - xorps $rndkey1,$inout1 - movups 0x20($inp),$rndkey1 - xorps $rndkey0,$inout2 - movups 0x30($inp),$rndkey0 - xorps $rndkey1,$inout3 - movups 0x40($inp),$rndkey1 - xorps $rndkey0,$inout4 - movups 0x50($inp),$rndkey0 - xorps $rndkey1,$inout5 - movups 0x60($inp),$iv # IV - xorps $rndkey0,$inout6 - movups $inout0,($out) - movups $inout1,0x10($out) - movups $inout2,0x20($out) - movups $inout3,0x30($out) - movups $inout4,0x40($out) - movups $inout5,0x50($out) - lea 0x60($out),$out - movaps $inout6,$inout0 - sub \$0x70,$len - jmp .Lcbc_dec_tail_collected -.align 16 -.Lcbc_dec_one: -___ - &aesni_generate1("dec",$key,$rounds); -$code.=<<___; - xorps $iv,$inout0 - movaps $in0,$iv - sub \$0x10,$len - jmp .Lcbc_dec_tail_collected -.align 16 -.Lcbc_dec_two: - xorps $inout2,$inout2 - call _aesni_decrypt3 - xorps $iv,$inout0 - xorps $in0,$inout1 - movups $inout0,($out) - movaps $in1,$iv - movaps $inout1,$inout0 - lea 0x10($out),$out - sub \$0x20,$len - jmp .Lcbc_dec_tail_collected -.align 16 -.Lcbc_dec_three: - call _aesni_decrypt3 - xorps $iv,$inout0 - xorps $in0,$inout1 - movups $inout0,($out) - xorps $in1,$inout2 - movups $inout1,0x10($out) - movaps $in2,$iv - movaps $inout2,$inout0 - lea 0x20($out),$out - sub \$0x30,$len - jmp .Lcbc_dec_tail_collected -.align 16 -.Lcbc_dec_four: - call _aesni_decrypt4 - xorps $iv,$inout0 - movups 0x30($inp),$iv - xorps $in0,$inout1 - movups $inout0,($out) - xorps $in1,$inout2 - movups $inout1,0x10($out) - xorps $in2,$inout3 - movups $inout2,0x20($out) - movaps $inout3,$inout0 - lea 0x30($out),$out - sub \$0x40,$len - jmp .Lcbc_dec_tail_collected -.align 16 -.Lcbc_dec_five: - xorps $inout5,$inout5 - call _aesni_decrypt6 - movups 0x10($inp),$rndkey1 - movups 0x20($inp),$rndkey0 - xorps $iv,$inout0 - xorps $in0,$inout1 - xorps $rndkey1,$inout2 - movups 0x30($inp),$rndkey1 - xorps $rndkey0,$inout3 - movups 0x40($inp),$iv - xorps $rndkey1,$inout4 - movups $inout0,($out) - movups $inout1,0x10($out) - movups $inout2,0x20($out) - movups $inout3,0x30($out) - lea 0x40($out),$out - movaps $inout4,$inout0 - sub \$0x50,$len - jmp .Lcbc_dec_tail_collected -.align 16 -.Lcbc_dec_six: - call _aesni_decrypt6 - movups 0x10($inp),$rndkey1 - movups 0x20($inp),$rndkey0 - xorps $iv,$inout0 - xorps $in0,$inout1 - xorps $rndkey1,$inout2 - movups 0x30($inp),$rndkey1 - xorps $rndkey0,$inout3 - movups 0x40($inp),$rndkey0 - xorps $rndkey1,$inout4 - movups 0x50($inp),$iv - xorps $rndkey0,$inout5 - movups $inout0,($out) - movups $inout1,0x10($out) - movups $inout2,0x20($out) - movups $inout3,0x30($out) - movups $inout4,0x40($out) - lea 0x50($out),$out - movaps $inout5,$inout0 - sub \$0x60,$len - jmp .Lcbc_dec_tail_collected -.align 16 -.Lcbc_dec_tail_collected: - and \$15,$len - movups $iv,($ivp) - jnz .Lcbc_dec_tail_partial - movups $inout0,($out) - jmp .Lcbc_dec_ret -.align 16 -.Lcbc_dec_tail_partial: - movaps $inout0,(%rsp) - mov \$16,%rcx - mov $out,%rdi - sub $len,%rcx - lea (%rsp),%rsi - .long 0x9066A4F3 # rep movsb - -.Lcbc_dec_ret: -___ -$code.=<<___ if ($win64); - movaps 0x10(%rsp),%xmm6 - movaps 0x20(%rsp),%xmm7 - movaps 0x30(%rsp),%xmm8 - movaps 0x40(%rsp),%xmm9 -___ -$code.=<<___; - lea (%rbp),%rsp - pop %rbp -.Lcbc_ret: - ret -.size ${PREFIX}_cbc_encrypt,.-${PREFIX}_cbc_encrypt -___ -} -# int $PREFIX_set_[en|de]crypt_key (const unsigned char *userKey, -# int bits, AES_KEY *key) -{ my ($inp,$bits,$key) = @_4args; - $bits =~ s/%r/%e/; - -$code.=<<___; -.globl ${PREFIX}_set_decrypt_key -.type ${PREFIX}_set_decrypt_key,\@abi-omnipotent -.align 16 -${PREFIX}_set_decrypt_key: - _CET_ENDBR - sub \$8,%rsp - call __aesni_set_encrypt_key - shl \$4,$bits # rounds-1 after _aesni_set_encrypt_key - test %eax,%eax - jnz .Ldec_key_ret - lea 16($key,$bits),$inp # points at the end of key schedule - - $movkey ($key),%xmm0 # just swap - $movkey ($inp),%xmm1 - $movkey %xmm0,($inp) - $movkey %xmm1,($key) - lea 16($key),$key - lea -16($inp),$inp - -.Ldec_key_inverse: - $movkey ($key),%xmm0 # swap and inverse - $movkey ($inp),%xmm1 - aesimc %xmm0,%xmm0 - aesimc %xmm1,%xmm1 - lea 16($key),$key - lea -16($inp),$inp - $movkey %xmm0,16($inp) - $movkey %xmm1,-16($key) - cmp $key,$inp - ja .Ldec_key_inverse - - $movkey ($key),%xmm0 # inverse middle - aesimc %xmm0,%xmm0 - $movkey %xmm0,($inp) -.Ldec_key_ret: - add \$8,%rsp - ret -.LSEH_end_set_decrypt_key: -.size ${PREFIX}_set_decrypt_key,.-${PREFIX}_set_decrypt_key -___ - -# This is based on submission by -# -# Huang Ying -# Vinodh Gopal -# Kahraman Akdemir -# -# Aggressively optimized in respect to aeskeygenassist's critical path -# and is contained in %xmm0-5 to meet Win64 ABI requirement. -# -$code.=<<___; -.globl ${PREFIX}_set_encrypt_key -.type ${PREFIX}_set_encrypt_key,\@abi-omnipotent -.align 16 -${PREFIX}_set_encrypt_key: - _CET_ENDBR -__aesni_set_encrypt_key: - sub \$8,%rsp - mov \$-1,%rax - test $inp,$inp - jz .Lenc_key_ret - test $key,$key - jz .Lenc_key_ret - - movups ($inp),%xmm0 # pull first 128 bits of *userKey - xorps %xmm4,%xmm4 # low dword of xmm4 is assumed 0 - lea 16($key),%rax - cmp \$256,$bits - je .L14rounds - cmp \$192,$bits - je .L12rounds - cmp \$128,$bits - jne .Lbad_keybits - -.L10rounds: - mov \$9,$bits # 10 rounds for 128-bit key - $movkey %xmm0,($key) # round 0 - aeskeygenassist \$0x1,%xmm0,%xmm1 # round 1 - call .Lkey_expansion_128_cold - aeskeygenassist \$0x2,%xmm0,%xmm1 # round 2 - call .Lkey_expansion_128 - aeskeygenassist \$0x4,%xmm0,%xmm1 # round 3 - call .Lkey_expansion_128 - aeskeygenassist \$0x8,%xmm0,%xmm1 # round 4 - call .Lkey_expansion_128 - aeskeygenassist \$0x10,%xmm0,%xmm1 # round 5 - call .Lkey_expansion_128 - aeskeygenassist \$0x20,%xmm0,%xmm1 # round 6 - call .Lkey_expansion_128 - aeskeygenassist \$0x40,%xmm0,%xmm1 # round 7 - call .Lkey_expansion_128 - aeskeygenassist \$0x80,%xmm0,%xmm1 # round 8 - call .Lkey_expansion_128 - aeskeygenassist \$0x1b,%xmm0,%xmm1 # round 9 - call .Lkey_expansion_128 - aeskeygenassist \$0x36,%xmm0,%xmm1 # round 10 - call .Lkey_expansion_128 - $movkey %xmm0,(%rax) - mov $bits,80(%rax) # 240(%rdx) - xor %eax,%eax - jmp .Lenc_key_ret - -.align 16 -.L12rounds: - movq 16($inp),%xmm2 # remaining 1/3 of *userKey - mov \$11,$bits # 12 rounds for 192 - $movkey %xmm0,($key) # round 0 - aeskeygenassist \$0x1,%xmm2,%xmm1 # round 1,2 - call .Lkey_expansion_192a_cold - aeskeygenassist \$0x2,%xmm2,%xmm1 # round 2,3 - call .Lkey_expansion_192b - aeskeygenassist \$0x4,%xmm2,%xmm1 # round 4,5 - call .Lkey_expansion_192a - aeskeygenassist \$0x8,%xmm2,%xmm1 # round 5,6 - call .Lkey_expansion_192b - aeskeygenassist \$0x10,%xmm2,%xmm1 # round 7,8 - call .Lkey_expansion_192a - aeskeygenassist \$0x20,%xmm2,%xmm1 # round 8,9 - call .Lkey_expansion_192b - aeskeygenassist \$0x40,%xmm2,%xmm1 # round 10,11 - call .Lkey_expansion_192a - aeskeygenassist \$0x80,%xmm2,%xmm1 # round 11,12 - call .Lkey_expansion_192b - $movkey %xmm0,(%rax) - mov $bits,48(%rax) # 240(%rdx) - xor %rax, %rax - jmp .Lenc_key_ret - -.align 16 -.L14rounds: - movups 16($inp),%xmm2 # remaining half of *userKey - mov \$13,$bits # 14 rounds for 256 - lea 16(%rax),%rax - $movkey %xmm0,($key) # round 0 - $movkey %xmm2,16($key) # round 1 - aeskeygenassist \$0x1,%xmm2,%xmm1 # round 2 - call .Lkey_expansion_256a_cold - aeskeygenassist \$0x1,%xmm0,%xmm1 # round 3 - call .Lkey_expansion_256b - aeskeygenassist \$0x2,%xmm2,%xmm1 # round 4 - call .Lkey_expansion_256a - aeskeygenassist \$0x2,%xmm0,%xmm1 # round 5 - call .Lkey_expansion_256b - aeskeygenassist \$0x4,%xmm2,%xmm1 # round 6 - call .Lkey_expansion_256a - aeskeygenassist \$0x4,%xmm0,%xmm1 # round 7 - call .Lkey_expansion_256b - aeskeygenassist \$0x8,%xmm2,%xmm1 # round 8 - call .Lkey_expansion_256a - aeskeygenassist \$0x8,%xmm0,%xmm1 # round 9 - call .Lkey_expansion_256b - aeskeygenassist \$0x10,%xmm2,%xmm1 # round 10 - call .Lkey_expansion_256a - aeskeygenassist \$0x10,%xmm0,%xmm1 # round 11 - call .Lkey_expansion_256b - aeskeygenassist \$0x20,%xmm2,%xmm1 # round 12 - call .Lkey_expansion_256a - aeskeygenassist \$0x20,%xmm0,%xmm1 # round 13 - call .Lkey_expansion_256b - aeskeygenassist \$0x40,%xmm2,%xmm1 # round 14 - call .Lkey_expansion_256a - $movkey %xmm0,(%rax) - mov $bits,16(%rax) # 240(%rdx) - xor %rax,%rax - jmp .Lenc_key_ret - -.align 16 -.Lbad_keybits: - mov \$-2,%rax -.Lenc_key_ret: - add \$8,%rsp - ret -.LSEH_end_set_encrypt_key: - -.align 16 -.Lkey_expansion_128: - $movkey %xmm0,(%rax) - lea 16(%rax),%rax -.Lkey_expansion_128_cold: - shufps \$0b00010000,%xmm0,%xmm4 - xorps %xmm4, %xmm0 - shufps \$0b10001100,%xmm0,%xmm4 - xorps %xmm4, %xmm0 - shufps \$0b11111111,%xmm1,%xmm1 # critical path - xorps %xmm1,%xmm0 - ret - -.align 16 -.Lkey_expansion_192a: - $movkey %xmm0,(%rax) - lea 16(%rax),%rax -.Lkey_expansion_192a_cold: - movaps %xmm2, %xmm5 -.Lkey_expansion_192b_warm: - shufps \$0b00010000,%xmm0,%xmm4 - movdqa %xmm2,%xmm3 - xorps %xmm4,%xmm0 - shufps \$0b10001100,%xmm0,%xmm4 - pslldq \$4,%xmm3 - xorps %xmm4,%xmm0 - pshufd \$0b01010101,%xmm1,%xmm1 # critical path - pxor %xmm3,%xmm2 - pxor %xmm1,%xmm0 - pshufd \$0b11111111,%xmm0,%xmm3 - pxor %xmm3,%xmm2 - ret - -.align 16 -.Lkey_expansion_192b: - movaps %xmm0,%xmm3 - shufps \$0b01000100,%xmm0,%xmm5 - $movkey %xmm5,(%rax) - shufps \$0b01001110,%xmm2,%xmm3 - $movkey %xmm3,16(%rax) - lea 32(%rax),%rax - jmp .Lkey_expansion_192b_warm - -.align 16 -.Lkey_expansion_256a: - $movkey %xmm2,(%rax) - lea 16(%rax),%rax -.Lkey_expansion_256a_cold: - shufps \$0b00010000,%xmm0,%xmm4 - xorps %xmm4,%xmm0 - shufps \$0b10001100,%xmm0,%xmm4 - xorps %xmm4,%xmm0 - shufps \$0b11111111,%xmm1,%xmm1 # critical path - xorps %xmm1,%xmm0 - ret - -.align 16 -.Lkey_expansion_256b: - $movkey %xmm0,(%rax) - lea 16(%rax),%rax - - shufps \$0b00010000,%xmm2,%xmm4 - xorps %xmm4,%xmm2 - shufps \$0b10001100,%xmm2,%xmm4 - xorps %xmm4,%xmm2 - shufps \$0b10101010,%xmm1,%xmm1 # critical path - xorps %xmm1,%xmm2 - ret -.size ${PREFIX}_set_encrypt_key,.-${PREFIX}_set_encrypt_key -.size __aesni_set_encrypt_key,.-__aesni_set_encrypt_key -___ -} - -$code.=<<___; -.section .rodata -.align 64 -.Lbswap_mask: - .byte 15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0 -.Lincrement32: - .long 6,6,6,0 -.Lincrement64: - .long 1,0,0,0 -.Lxts_magic: - .long 0x87,0,1,0 -.align 64 -.text -___ - -# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame, -# CONTEXT *context,DISPATCHER_CONTEXT *disp) -if ($win64) { -$rec="%rcx"; -$frame="%rdx"; -$context="%r8"; -$disp="%r9"; - -$code.=<<___; -.extern __imp_RtlVirtualUnwind -___ -$code.=<<___ if ($PREFIX eq "aesni"); -.type ecb_se_handler,\@abi-omnipotent -.align 16 -ecb_se_handler: - _CET_ENDBR - push %rsi - push %rdi - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - pushfq - sub \$64,%rsp - - mov 152($context),%rax # pull context->Rsp - - jmp .Lcommon_seh_tail -.size ecb_se_handler,.-ecb_se_handler - -.type ccm64_se_handler,\@abi-omnipotent -.align 16 -ccm64_se_handler: - _CET_ENDBR - push %rsi - push %rdi - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - pushfq - sub \$64,%rsp - - mov 120($context),%rax # pull context->Rax - mov 248($context),%rbx # pull context->Rip - - mov 8($disp),%rsi # disp->ImageBase - mov 56($disp),%r11 # disp->HandlerData - - mov 0(%r11),%r10d # HandlerData[0] - lea (%rsi,%r10),%r10 # prologue label - cmp %r10,%rbx # context->RipRsp - - mov 4(%r11),%r10d # HandlerData[1] - lea (%rsi,%r10),%r10 # epilogue label - cmp %r10,%rbx # context->Rip>=epilogue label - jae .Lcommon_seh_tail - - lea 0(%rax),%rsi # %xmm save area - lea 512($context),%rdi # &context.Xmm6 - mov \$8,%ecx # 4*sizeof(%xmm0)/sizeof(%rax) - .long 0xa548f3fc # cld; rep movsq - lea 0x58(%rax),%rax # adjust stack pointer - - jmp .Lcommon_seh_tail -.size ccm64_se_handler,.-ccm64_se_handler - -.type ctr32_se_handler,\@abi-omnipotent -.align 16 -ctr32_se_handler: - _CET_ENDBR - push %rsi - push %rdi - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - pushfq - sub \$64,%rsp - - mov 120($context),%rax # pull context->Rax - mov 248($context),%rbx # pull context->Rip - - lea .Lctr32_body(%rip),%r10 - cmp %r10,%rbx # context->Rip<"prologue" label - jb .Lcommon_seh_tail - - mov 152($context),%rax # pull context->Rsp - - lea .Lctr32_ret(%rip),%r10 - cmp %r10,%rbx - jae .Lcommon_seh_tail - - lea 0x20(%rax),%rsi # %xmm save area - lea 512($context),%rdi # &context.Xmm6 - mov \$20,%ecx # 10*sizeof(%xmm0)/sizeof(%rax) - .long 0xa548f3fc # cld; rep movsq - - jmp .Lcommon_rbp_tail -.size ctr32_se_handler,.-ctr32_se_handler - -.type xts_se_handler,\@abi-omnipotent -.align 16 -xts_se_handler: - _CET_ENDBR - push %rsi - push %rdi - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - pushfq - sub \$64,%rsp - - mov 120($context),%rax # pull context->Rax - mov 248($context),%rbx # pull context->Rip - - mov 8($disp),%rsi # disp->ImageBase - mov 56($disp),%r11 # disp->HandlerData - - mov 0(%r11),%r10d # HandlerData[0] - lea (%rsi,%r10),%r10 # prologue label - cmp %r10,%rbx # context->RipRsp - - mov 4(%r11),%r10d # HandlerData[1] - lea (%rsi,%r10),%r10 # epilogue label - cmp %r10,%rbx # context->Rip>=epilogue label - jae .Lcommon_seh_tail - - lea 0x60(%rax),%rsi # %xmm save area - lea 512($context),%rdi # & context.Xmm6 - mov \$20,%ecx # 10*sizeof(%xmm0)/sizeof(%rax) - .long 0xa548f3fc # cld; rep movsq - - jmp .Lcommon_rbp_tail -.size xts_se_handler,.-xts_se_handler -___ -$code.=<<___; -.type cbc_se_handler,\@abi-omnipotent -.align 16 -cbc_se_handler: - _CET_ENDBR - push %rsi - push %rdi - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - pushfq - sub \$64,%rsp - - mov 152($context),%rax # pull context->Rsp - mov 248($context),%rbx # pull context->Rip - - lea .Lcbc_decrypt(%rip),%r10 - cmp %r10,%rbx # context->Rip<"prologue" label - jb .Lcommon_seh_tail - - lea .Lcbc_decrypt_body(%rip),%r10 - cmp %r10,%rbx # context->RipRip>="epilogue" label - jae .Lcommon_seh_tail - - lea 16(%rax),%rsi # %xmm save area - lea 512($context),%rdi # &context.Xmm6 - mov \$8,%ecx # 4*sizeof(%xmm0)/sizeof(%rax) - .long 0xa548f3fc # cld; rep movsq - -.Lcommon_rbp_tail: - mov 160($context),%rax # pull context->Rbp - mov (%rax),%rbp # restore saved %rbp - lea 8(%rax),%rax # adjust stack pointer - mov %rbp,160($context) # restore context->Rbp - jmp .Lcommon_seh_tail - -.Lrestore_cbc_rax: - mov 120($context),%rax - -.Lcommon_seh_tail: - mov 8(%rax),%rdi - mov 16(%rax),%rsi - mov %rax,152($context) # restore context->Rsp - mov %rsi,168($context) # restore context->Rsi - mov %rdi,176($context) # restore context->Rdi - - mov 40($disp),%rdi # disp->ContextRecord - mov $context,%rsi # context - mov \$154,%ecx # sizeof(CONTEXT) - .long 0xa548f3fc # cld; rep movsq - - mov $disp,%rsi - xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER - mov 8(%rsi),%rdx # arg2, disp->ImageBase - mov 0(%rsi),%r8 # arg3, disp->ControlPc - mov 16(%rsi),%r9 # arg4, disp->FunctionEntry - mov 40(%rsi),%r10 # disp->ContextRecord - lea 56(%rsi),%r11 # &disp->HandlerData - lea 24(%rsi),%r12 # &disp->EstablisherFrame - mov %r10,32(%rsp) # arg5 - mov %r11,40(%rsp) # arg6 - mov %r12,48(%rsp) # arg7 - mov %rcx,56(%rsp) # arg8, (NULL) - call *__imp_RtlVirtualUnwind(%rip) - - mov \$1,%eax # ExceptionContinueSearch - add \$64,%rsp - popfq - pop %r15 - pop %r14 - pop %r13 - pop %r12 - pop %rbp - pop %rbx - pop %rdi - pop %rsi - ret -.size cbc_se_handler,.-cbc_se_handler - -.section .pdata -.align 4 -___ -$code.=<<___ if ($PREFIX eq "aesni"); - .rva .LSEH_begin_aesni_ecb_encrypt - .rva .LSEH_end_aesni_ecb_encrypt - .rva .LSEH_info_ecb - - .rva .LSEH_begin_aesni_ccm64_encrypt_blocks - .rva .LSEH_end_aesni_ccm64_encrypt_blocks - .rva .LSEH_info_ccm64_enc - - .rva .LSEH_begin_aesni_ccm64_decrypt_blocks - .rva .LSEH_end_aesni_ccm64_decrypt_blocks - .rva .LSEH_info_ccm64_dec - - .rva .LSEH_begin_aesni_ctr32_encrypt_blocks - .rva .LSEH_end_aesni_ctr32_encrypt_blocks - .rva .LSEH_info_ctr32 - - .rva .LSEH_begin_aesni_xts_encrypt - .rva .LSEH_end_aesni_xts_encrypt - .rva .LSEH_info_xts_enc - - .rva .LSEH_begin_aesni_xts_decrypt - .rva .LSEH_end_aesni_xts_decrypt - .rva .LSEH_info_xts_dec -___ -$code.=<<___; - .rva .LSEH_begin_${PREFIX}_cbc_encrypt - .rva .LSEH_end_${PREFIX}_cbc_encrypt - .rva .LSEH_info_cbc - - .rva ${PREFIX}_set_decrypt_key - .rva .LSEH_end_set_decrypt_key - .rva .LSEH_info_key - - .rva ${PREFIX}_set_encrypt_key - .rva .LSEH_end_set_encrypt_key - .rva .LSEH_info_key -.section .xdata -.align 8 -___ -$code.=<<___ if ($PREFIX eq "aesni"); -.LSEH_info_ecb: - .byte 9,0,0,0 - .rva ecb_se_handler -.LSEH_info_ccm64_enc: - .byte 9,0,0,0 - .rva ccm64_se_handler - .rva .Lccm64_enc_body,.Lccm64_enc_ret # HandlerData[] -.LSEH_info_ccm64_dec: - .byte 9,0,0,0 - .rva ccm64_se_handler - .rva .Lccm64_dec_body,.Lccm64_dec_ret # HandlerData[] -.LSEH_info_ctr32: - .byte 9,0,0,0 - .rva ctr32_se_handler -.LSEH_info_xts_enc: - .byte 9,0,0,0 - .rva xts_se_handler - .rva .Lxts_enc_body,.Lxts_enc_epilogue # HandlerData[] -.LSEH_info_xts_dec: - .byte 9,0,0,0 - .rva xts_se_handler - .rva .Lxts_dec_body,.Lxts_dec_epilogue # HandlerData[] -___ -$code.=<<___; -.LSEH_info_cbc: - .byte 9,0,0,0 - .rva cbc_se_handler -.LSEH_info_key: - .byte 0x01,0x04,0x01,0x00 - .byte 0x04,0x02,0x00,0x00 # sub rsp,8 -___ -} - -sub rex { - local *opcode=shift; - my ($dst,$src)=@_; - my $rex=0; - - $rex|=0x04 if($dst>=8); - $rex|=0x01 if($src>=8); - push @opcode,$rex|0x40 if($rex); -} - -$code =~ s/\`([^\`]*)\`/eval($1)/gem; - -print $code; - -close STDOUT; diff --git a/src/lib/libcrypto/aes/asm/bsaes-x86_64.pl b/src/lib/libcrypto/aes/asm/bsaes-x86_64.pl deleted file mode 100644 index c44a338114..0000000000 --- a/src/lib/libcrypto/aes/asm/bsaes-x86_64.pl +++ /dev/null @@ -1,3123 +0,0 @@ -#!/usr/bin/env perl - -################################################################### -### AES-128 [originally in CTR mode] ### -### bitsliced implementation for Intel Core 2 processors ### -### requires support of SSE extensions up to SSSE3 ### -### Author: Emilia Käsper and Peter Schwabe ### -### Date: 2009-03-19 ### -### Public domain ### -### ### -### See http://homes.esat.kuleuven.be/~ekasper/#software for ### -### further information. ### -################################################################### -# -# September 2011. -# -# Started as transliteration to "perlasm" the original code has -# undergone following changes: -# -# - code was made position-independent; -# - rounds were folded into a loop resulting in >5x size reduction -# from 12.5KB to 2.2KB; -# - above was possible thanks to mixcolumns() modification that -# allowed to feed its output back to aesenc[last], this was -# achieved at cost of two additional inter-registers moves; -# - some instruction reordering and interleaving; -# - this module doesn't implement key setup subroutine, instead it -# relies on conversion of "conventional" key schedule as returned -# by AES_set_encrypt_key (see discussion below); -# - first and last round keys are treated differently, which allowed -# to skip one shiftrows(), reduce bit-sliced key schedule and -# speed-up conversion by 22%; -# - support for 192- and 256-bit keys was added; -# -# Resulting performance in CPU cycles spent to encrypt one byte out -# of 4096-byte buffer with 128-bit key is: -# -# Emilia's this(*) difference -# -# Core 2 9.30 8.69 +7% -# Nehalem(**) 7.63 6.98 +9% -# Atom 17.1 17.4 -2%(***) -# -# (*) Comparison is not completely fair, because "this" is ECB, -# i.e. no extra processing such as counter values calculation -# and xor-ing input as in Emilia's CTR implementation is -# performed. However, the CTR calculations stand for not more -# than 1% of total time, so comparison is *rather* fair. -# -# (**) Results were collected on Westmere, which is considered to -# be equivalent to Nehalem for this code. -# -# (***) Slowdown on Atom is rather strange per se, because original -# implementation has a number of 9+-bytes instructions, which -# are bad for Atom front-end, and which I eliminated completely. -# In attempt to address deterioration sbox() was tested in FP -# SIMD "domain" (movaps instead of movdqa, xorps instead of -# pxor, etc.). While it resulted in nominal 4% improvement on -# Atom, it hurted Westmere by more than 2x factor. -# -# As for key schedule conversion subroutine. Interface to OpenSSL -# relies on per-invocation on-the-fly conversion. This naturally -# has impact on performance, especially for short inputs. Conversion -# time in CPU cycles and its ratio to CPU cycles spent in 8x block -# function is: -# -# conversion conversion/8x block -# Core 2 240 0.22 -# Nehalem 180 0.20 -# Atom 430 0.19 -# -# The ratio values mean that 128-byte blocks will be processed -# 16-18% slower, 256-byte blocks - 9-10%, 384-byte blocks - 6-7%, -# etc. Then keep in mind that input sizes not divisible by 128 are -# *effectively* slower, especially shortest ones, e.g. consecutive -# 144-byte blocks are processed 44% slower than one would expect, -# 272 - 29%, 400 - 22%, etc. Yet, despite all these "shortcomings" -# it's still faster than ["hyper-threading-safe" code path in] -# aes-x86_64.pl on all lengths above 64 bytes... -# -# October 2011. -# -# Add decryption procedure. Performance in CPU cycles spent to decrypt -# one byte out of 4096-byte buffer with 128-bit key is: -# -# Core 2 9.83 -# Nehalem 7.74 -# Atom 19.0 -# -# November 2011. -# -# Add bsaes_xts_[en|de]crypt. Less-than-80-bytes-block performance is -# suboptimal, but XTS is meant to be used with larger blocks... -# -# - -$flavour = shift; -$output = shift; -if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } - -$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/); - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or -( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or -die "can't locate x86_64-xlate.pl"; - -open OUT,"| \"$^X\" $xlate $flavour $output"; -*STDOUT=*OUT; - -my ($inp,$out,$len,$key,$ivp)=("%rdi","%rsi","%rdx","%rcx"); -my @XMM=map("%xmm$_",(15,0..14)); # best on Atom, +10% over (0..15) -my $ecb=0; # suppress unreferenced ECB subroutines, spare some space... - -{ -my ($key,$rounds,$const)=("%rax","%r10d","%r11"); - -sub Sbox { -# input in lsb > [b0, b1, b2, b3, b4, b5, b6, b7] < msb -# output in lsb > [b0, b1, b4, b6, b3, b7, b2, b5] < msb -my @b=@_[0..7]; -my @t=@_[8..11]; -my @s=@_[12..15]; - &InBasisChange (@b); - &Inv_GF256 (@b[6,5,0,3,7,1,4,2],@t,@s); - &OutBasisChange (@b[7,1,4,2,6,5,0,3]); -} - -sub InBasisChange { -# input in lsb > [b0, b1, b2, b3, b4, b5, b6, b7] < msb -# output in lsb > [b6, b5, b0, b3, b7, b1, b4, b2] < msb -my @b=@_[0..7]; -$code.=<<___; - pxor @b[6], @b[5] - pxor @b[1], @b[2] - pxor @b[0], @b[3] - pxor @b[2], @b[6] - pxor @b[0], @b[5] - - pxor @b[3], @b[6] - pxor @b[7], @b[3] - pxor @b[5], @b[7] - pxor @b[4], @b[3] - pxor @b[5], @b[4] - pxor @b[1], @b[3] - - pxor @b[7], @b[2] - pxor @b[5], @b[1] -___ -} - -sub OutBasisChange { -# input in lsb > [b0, b1, b2, b3, b4, b5, b6, b7] < msb -# output in lsb > [b6, b1, b2, b4, b7, b0, b3, b5] < msb -my @b=@_[0..7]; -$code.=<<___; - pxor @b[6], @b[0] - pxor @b[4], @b[1] - pxor @b[0], @b[2] - pxor @b[6], @b[4] - pxor @b[1], @b[6] - - pxor @b[5], @b[1] - pxor @b[3], @b[5] - pxor @b[7], @b[3] - pxor @b[5], @b[7] - pxor @b[5], @b[2] - - pxor @b[7], @b[4] -___ -} - -sub InvSbox { -# input in lsb > [b0, b1, b2, b3, b4, b5, b6, b7] < msb -# output in lsb > [b0, b1, b6, b4, b2, b7, b3, b5] < msb -my @b=@_[0..7]; -my @t=@_[8..11]; -my @s=@_[12..15]; - &InvInBasisChange (@b); - &Inv_GF256 (@b[5,1,2,6,3,7,0,4],@t,@s); - &InvOutBasisChange (@b[3,7,0,4,5,1,2,6]); -} - -sub InvInBasisChange { # OutBasisChange in reverse -my @b=@_[5,1,2,6,3,7,0,4]; -$code.=<<___ - pxor @b[7], @b[4] - - pxor @b[5], @b[7] - pxor @b[5], @b[2] - pxor @b[7], @b[3] - pxor @b[3], @b[5] - pxor @b[5], @b[1] - - pxor @b[1], @b[6] - pxor @b[0], @b[2] - pxor @b[6], @b[4] - pxor @b[6], @b[0] - pxor @b[4], @b[1] -___ -} - -sub InvOutBasisChange { # InBasisChange in reverse -my @b=@_[2,5,7,3,6,1,0,4]; -$code.=<<___; - pxor @b[5], @b[1] - pxor @b[7], @b[2] - - pxor @b[1], @b[3] - pxor @b[5], @b[4] - pxor @b[5], @b[7] - pxor @b[4], @b[3] - pxor @b[0], @b[5] - pxor @b[7], @b[3] - pxor @b[2], @b[6] - pxor @b[1], @b[2] - pxor @b[3], @b[6] - - pxor @b[0], @b[3] - pxor @b[6], @b[5] -___ -} - -sub Mul_GF4 { -#;************************************************************* -#;* Mul_GF4: Input x0-x1,y0-y1 Output x0-x1 Temp t0 (8) * -#;************************************************************* -my ($x0,$x1,$y0,$y1,$t0)=@_; -$code.=<<___; - movdqa $y0, $t0 - pxor $y1, $t0 - pand $x0, $t0 - pxor $x1, $x0 - pand $y0, $x1 - pand $y1, $x0 - pxor $x1, $x0 - pxor $t0, $x1 -___ -} - -sub Mul_GF4_N { # not used, see next subroutine -# multiply and scale by N -my ($x0,$x1,$y0,$y1,$t0)=@_; -$code.=<<___; - movdqa $y0, $t0 - pxor $y1, $t0 - pand $x0, $t0 - pxor $x1, $x0 - pand $y0, $x1 - pand $y1, $x0 - pxor $x0, $x1 - pxor $t0, $x0 -___ -} - -sub Mul_GF4_N_GF4 { -# interleaved Mul_GF4_N and Mul_GF4 -my ($x0,$x1,$y0,$y1,$t0, - $x2,$x3,$y2,$y3,$t1)=@_; -$code.=<<___; - movdqa $y0, $t0 - movdqa $y2, $t1 - pxor $y1, $t0 - pxor $y3, $t1 - pand $x0, $t0 - pand $x2, $t1 - pxor $x1, $x0 - pxor $x3, $x2 - pand $y0, $x1 - pand $y2, $x3 - pand $y1, $x0 - pand $y3, $x2 - pxor $x0, $x1 - pxor $x3, $x2 - pxor $t0, $x0 - pxor $t1, $x3 -___ -} -sub Mul_GF16_2 { -my @x=@_[0..7]; -my @y=@_[8..11]; -my @t=@_[12..15]; -$code.=<<___; - movdqa @x[0], @t[0] - movdqa @x[1], @t[1] -___ - &Mul_GF4 (@x[0], @x[1], @y[0], @y[1], @t[2]); -$code.=<<___; - pxor @x[2], @t[0] - pxor @x[3], @t[1] - pxor @y[2], @y[0] - pxor @y[3], @y[1] -___ - Mul_GF4_N_GF4 (@t[0], @t[1], @y[0], @y[1], @t[3], - @x[2], @x[3], @y[2], @y[3], @t[2]); -$code.=<<___; - pxor @t[0], @x[0] - pxor @t[0], @x[2] - pxor @t[1], @x[1] - pxor @t[1], @x[3] - - movdqa @x[4], @t[0] - movdqa @x[5], @t[1] - pxor @x[6], @t[0] - pxor @x[7], @t[1] -___ - &Mul_GF4_N_GF4 (@t[0], @t[1], @y[0], @y[1], @t[3], - @x[6], @x[7], @y[2], @y[3], @t[2]); -$code.=<<___; - pxor @y[2], @y[0] - pxor @y[3], @y[1] -___ - &Mul_GF4 (@x[4], @x[5], @y[0], @y[1], @t[3]); -$code.=<<___; - pxor @t[0], @x[4] - pxor @t[0], @x[6] - pxor @t[1], @x[5] - pxor @t[1], @x[7] -___ -} -sub Inv_GF256 { -#;******************************************************************** -#;* Inv_GF256: Input x0-x7 Output x0-x7 Temp t0-t3,s0-s3 (144) * -#;******************************************************************** -my @x=@_[0..7]; -my @t=@_[8..11]; -my @s=@_[12..15]; -# direct optimizations from hardware -$code.=<<___; - movdqa @x[4], @t[3] - movdqa @x[5], @t[2] - movdqa @x[1], @t[1] - movdqa @x[7], @s[1] - movdqa @x[0], @s[0] - - pxor @x[6], @t[3] - pxor @x[7], @t[2] - pxor @x[3], @t[1] - movdqa @t[3], @s[2] - pxor @x[6], @s[1] - movdqa @t[2], @t[0] - pxor @x[2], @s[0] - movdqa @t[3], @s[3] - - por @t[1], @t[2] - por @s[0], @t[3] - pxor @t[0], @s[3] - pand @s[0], @s[2] - pxor @t[1], @s[0] - pand @t[1], @t[0] - pand @s[0], @s[3] - movdqa @x[3], @s[0] - pxor @x[2], @s[0] - pand @s[0], @s[1] - pxor @s[1], @t[3] - pxor @s[1], @t[2] - movdqa @x[4], @s[1] - movdqa @x[1], @s[0] - pxor @x[5], @s[1] - pxor @x[0], @s[0] - movdqa @s[1], @t[1] - pand @s[0], @s[1] - por @s[0], @t[1] - pxor @s[1], @t[0] - pxor @s[3], @t[3] - pxor @s[2], @t[2] - pxor @s[3], @t[1] - movdqa @x[7], @s[0] - pxor @s[2], @t[0] - movdqa @x[6], @s[1] - pxor @s[2], @t[1] - movdqa @x[5], @s[2] - pand @x[3], @s[0] - movdqa @x[4], @s[3] - pand @x[2], @s[1] - pand @x[1], @s[2] - por @x[0], @s[3] - pxor @s[0], @t[3] - pxor @s[1], @t[2] - pxor @s[2], @t[1] - pxor @s[3], @t[0] - - #Inv_GF16 \t0, \t1, \t2, \t3, \s0, \s1, \s2, \s3 - - # new smaller inversion - - movdqa @t[3], @s[0] - pand @t[1], @t[3] - pxor @t[2], @s[0] - - movdqa @t[0], @s[2] - movdqa @s[0], @s[3] - pxor @t[3], @s[2] - pand @s[2], @s[3] - - movdqa @t[1], @s[1] - pxor @t[2], @s[3] - pxor @t[0], @s[1] - - pxor @t[2], @t[3] - - pand @t[3], @s[1] - - movdqa @s[2], @t[2] - pxor @t[0], @s[1] - - pxor @s[1], @t[2] - pxor @s[1], @t[1] - - pand @t[0], @t[2] - - pxor @t[2], @s[2] - pxor @t[2], @t[1] - - pand @s[3], @s[2] - - pxor @s[0], @s[2] -___ -# output in s3, s2, s1, t1 - -# Mul_GF16_2 \x0, \x1, \x2, \x3, \x4, \x5, \x6, \x7, \t2, \t3, \t0, \t1, \s0, \s1, \s2, \s3 - -# Mul_GF16_2 \x0, \x1, \x2, \x3, \x4, \x5, \x6, \x7, \s3, \s2, \s1, \t1, \s0, \t0, \t2, \t3 - &Mul_GF16_2(@x,@s[3,2,1],@t[1],@s[0],@t[0,2,3]); - -### output msb > [x3,x2,x1,x0,x7,x6,x5,x4] < lsb -} - -# AES linear components - -sub ShiftRows { -my @x=@_[0..7]; -my $mask=pop; -$code.=<<___; - pxor 0x00($key),@x[0] - pxor 0x10($key),@x[1] - pshufb $mask,@x[0] - pxor 0x20($key),@x[2] - pshufb $mask,@x[1] - pxor 0x30($key),@x[3] - pshufb $mask,@x[2] - pxor 0x40($key),@x[4] - pshufb $mask,@x[3] - pxor 0x50($key),@x[5] - pshufb $mask,@x[4] - pxor 0x60($key),@x[6] - pshufb $mask,@x[5] - pxor 0x70($key),@x[7] - pshufb $mask,@x[6] - lea 0x80($key),$key - pshufb $mask,@x[7] -___ -} - -sub MixColumns { -# modified to emit output in order suitable for feeding back to aesenc[last] -my @x=@_[0..7]; -my @t=@_[8..15]; -my $inv=@_[16]; # optional -$code.=<<___; - pshufd \$0x93, @x[0], @t[0] # x0 <<< 32 - pshufd \$0x93, @x[1], @t[1] - pxor @t[0], @x[0] # x0 ^ (x0 <<< 32) - pshufd \$0x93, @x[2], @t[2] - pxor @t[1], @x[1] - pshufd \$0x93, @x[3], @t[3] - pxor @t[2], @x[2] - pshufd \$0x93, @x[4], @t[4] - pxor @t[3], @x[3] - pshufd \$0x93, @x[5], @t[5] - pxor @t[4], @x[4] - pshufd \$0x93, @x[6], @t[6] - pxor @t[5], @x[5] - pshufd \$0x93, @x[7], @t[7] - pxor @t[6], @x[6] - pxor @t[7], @x[7] - - pxor @x[0], @t[1] - pxor @x[7], @t[0] - pxor @x[7], @t[1] - pshufd \$0x4E, @x[0], @x[0] # (x0 ^ (x0 <<< 32)) <<< 64) - pxor @x[1], @t[2] - pshufd \$0x4E, @x[1], @x[1] - pxor @x[4], @t[5] - pxor @t[0], @x[0] - pxor @x[5], @t[6] - pxor @t[1], @x[1] - pxor @x[3], @t[4] - pshufd \$0x4E, @x[4], @t[0] - pxor @x[6], @t[7] - pshufd \$0x4E, @x[5], @t[1] - pxor @x[2], @t[3] - pshufd \$0x4E, @x[3], @x[4] - pxor @x[7], @t[3] - pshufd \$0x4E, @x[7], @x[5] - pxor @x[7], @t[4] - pshufd \$0x4E, @x[6], @x[3] - pxor @t[4], @t[0] - pshufd \$0x4E, @x[2], @x[6] - pxor @t[5], @t[1] -___ -$code.=<<___ if (!$inv); - pxor @t[3], @x[4] - pxor @t[7], @x[5] - pxor @t[6], @x[3] - movdqa @t[0], @x[2] - pxor @t[2], @x[6] - movdqa @t[1], @x[7] -___ -$code.=<<___ if ($inv); - pxor @x[4], @t[3] - pxor @t[7], @x[5] - pxor @x[3], @t[6] - movdqa @t[0], @x[3] - pxor @t[2], @x[6] - movdqa @t[6], @x[2] - movdqa @t[1], @x[7] - movdqa @x[6], @x[4] - movdqa @t[3], @x[6] -___ -} - -sub InvMixColumns_orig { -my @x=@_[0..7]; -my @t=@_[8..15]; - -$code.=<<___; - # multiplication by 0x0e - pshufd \$0x93, @x[7], @t[7] - movdqa @x[2], @t[2] - pxor @x[5], @x[7] # 7 5 - pxor @x[5], @x[2] # 2 5 - pshufd \$0x93, @x[0], @t[0] - movdqa @x[5], @t[5] - pxor @x[0], @x[5] # 5 0 [1] - pxor @x[1], @x[0] # 0 1 - pshufd \$0x93, @x[1], @t[1] - pxor @x[2], @x[1] # 1 25 - pxor @x[6], @x[0] # 01 6 [2] - pxor @x[3], @x[1] # 125 3 [4] - pshufd \$0x93, @x[3], @t[3] - pxor @x[0], @x[2] # 25 016 [3] - pxor @x[7], @x[3] # 3 75 - pxor @x[6], @x[7] # 75 6 [0] - pshufd \$0x93, @x[6], @t[6] - movdqa @x[4], @t[4] - pxor @x[4], @x[6] # 6 4 - pxor @x[3], @x[4] # 4 375 [6] - pxor @x[7], @x[3] # 375 756=36 - pxor @t[5], @x[6] # 64 5 [7] - pxor @t[2], @x[3] # 36 2 - pxor @t[4], @x[3] # 362 4 [5] - pshufd \$0x93, @t[5], @t[5] -___ - my @y = @x[7,5,0,2,1,3,4,6]; -$code.=<<___; - # multiplication by 0x0b - pxor @y[0], @y[1] - pxor @t[0], @y[0] - pxor @t[1], @y[1] - pshufd \$0x93, @t[2], @t[2] - pxor @t[5], @y[0] - pxor @t[6], @y[1] - pxor @t[7], @y[0] - pshufd \$0x93, @t[4], @t[4] - pxor @t[6], @t[7] # clobber t[7] - pxor @y[0], @y[1] - - pxor @t[0], @y[3] - pshufd \$0x93, @t[0], @t[0] - pxor @t[1], @y[2] - pxor @t[1], @y[4] - pxor @t[2], @y[2] - pshufd \$0x93, @t[1], @t[1] - pxor @t[2], @y[3] - pxor @t[2], @y[5] - pxor @t[7], @y[2] - pshufd \$0x93, @t[2], @t[2] - pxor @t[3], @y[3] - pxor @t[3], @y[6] - pxor @t[3], @y[4] - pshufd \$0x93, @t[3], @t[3] - pxor @t[4], @y[7] - pxor @t[4], @y[5] - pxor @t[7], @y[7] - pxor @t[5], @y[3] - pxor @t[4], @y[4] - pxor @t[5], @t[7] # clobber t[7] even more - - pxor @t[7], @y[5] - pshufd \$0x93, @t[4], @t[4] - pxor @t[7], @y[6] - pxor @t[7], @y[4] - - pxor @t[5], @t[7] - pshufd \$0x93, @t[5], @t[5] - pxor @t[6], @t[7] # restore t[7] - - # multiplication by 0x0d - pxor @y[7], @y[4] - pxor @t[4], @y[7] - pshufd \$0x93, @t[6], @t[6] - pxor @t[0], @y[2] - pxor @t[5], @y[7] - pxor @t[2], @y[2] - pshufd \$0x93, @t[7], @t[7] - - pxor @y[1], @y[3] - pxor @t[1], @y[1] - pxor @t[0], @y[0] - pxor @t[0], @y[3] - pxor @t[5], @y[1] - pxor @t[5], @y[0] - pxor @t[7], @y[1] - pshufd \$0x93, @t[0], @t[0] - pxor @t[6], @y[0] - pxor @y[1], @y[3] - pxor @t[1], @y[4] - pshufd \$0x93, @t[1], @t[1] - - pxor @t[7], @y[7] - pxor @t[2], @y[4] - pxor @t[2], @y[5] - pshufd \$0x93, @t[2], @t[2] - pxor @t[6], @y[2] - pxor @t[3], @t[6] # clobber t[6] - pxor @y[7], @y[4] - pxor @t[6], @y[3] - - pxor @t[6], @y[6] - pxor @t[5], @y[5] - pxor @t[4], @y[6] - pshufd \$0x93, @t[4], @t[4] - pxor @t[6], @y[5] - pxor @t[7], @y[6] - pxor @t[3], @t[6] # restore t[6] - - pshufd \$0x93, @t[5], @t[5] - pshufd \$0x93, @t[6], @t[6] - pshufd \$0x93, @t[7], @t[7] - pshufd \$0x93, @t[3], @t[3] - - # multiplication by 0x09 - pxor @y[1], @y[4] - pxor @y[1], @t[1] # t[1]=y[1] - pxor @t[5], @t[0] # clobber t[0] - pxor @t[5], @t[1] - pxor @t[0], @y[3] - pxor @y[0], @t[0] # t[0]=y[0] - pxor @t[6], @t[1] - pxor @t[7], @t[6] # clobber t[6] - pxor @t[1], @y[4] - pxor @t[4], @y[7] - pxor @y[4], @t[4] # t[4]=y[4] - pxor @t[3], @y[6] - pxor @y[3], @t[3] # t[3]=y[3] - pxor @t[2], @y[5] - pxor @y[2], @t[2] # t[2]=y[2] - pxor @t[7], @t[3] - pxor @y[5], @t[5] # t[5]=y[5] - pxor @t[6], @t[2] - pxor @t[6], @t[5] - pxor @y[6], @t[6] # t[6]=y[6] - pxor @y[7], @t[7] # t[7]=y[7] - - movdqa @t[0],@XMM[0] - movdqa @t[1],@XMM[1] - movdqa @t[2],@XMM[2] - movdqa @t[3],@XMM[3] - movdqa @t[4],@XMM[4] - movdqa @t[5],@XMM[5] - movdqa @t[6],@XMM[6] - movdqa @t[7],@XMM[7] -___ -} - -sub InvMixColumns { -my @x=@_[0..7]; -my @t=@_[8..15]; - -# Thanks to Jussi Kivilinna for providing pointer to -# -# | 0e 0b 0d 09 | | 02 03 01 01 | | 05 00 04 00 | -# | 09 0e 0b 0d | = | 01 02 03 01 | x | 00 05 00 04 | -# | 0d 09 0e 0b | | 01 01 02 03 | | 04 00 05 00 | -# | 0b 0d 09 0e | | 03 01 01 02 | | 00 04 00 05 | - -$code.=<<___; - # multiplication by 0x05-0x00-0x04-0x00 - pshufd \$0x4E, @x[0], @t[0] - pshufd \$0x4E, @x[6], @t[6] - pxor @x[0], @t[0] - pshufd \$0x4E, @x[7], @t[7] - pxor @x[6], @t[6] - pshufd \$0x4E, @x[1], @t[1] - pxor @x[7], @t[7] - pshufd \$0x4E, @x[2], @t[2] - pxor @x[1], @t[1] - pshufd \$0x4E, @x[3], @t[3] - pxor @x[2], @t[2] - pxor @t[6], @x[0] - pxor @t[6], @x[1] - pshufd \$0x4E, @x[4], @t[4] - pxor @x[3], @t[3] - pxor @t[0], @x[2] - pxor @t[1], @x[3] - pshufd \$0x4E, @x[5], @t[5] - pxor @x[4], @t[4] - pxor @t[7], @x[1] - pxor @t[2], @x[4] - pxor @x[5], @t[5] - - pxor @t[7], @x[2] - pxor @t[6], @x[3] - pxor @t[6], @x[4] - pxor @t[3], @x[5] - pxor @t[4], @x[6] - pxor @t[7], @x[4] - pxor @t[7], @x[5] - pxor @t[5], @x[7] -___ - &MixColumns (@x,@t,1); # flipped 2<->3 and 4<->6 -} - -sub aesenc { # not used -my @b=@_[0..7]; -my @t=@_[8..15]; -$code.=<<___; - movdqa 0x30($const),@t[0] # .LSR -___ - &ShiftRows (@b,@t[0]); - &Sbox (@b,@t); - &MixColumns (@b[0,1,4,6,3,7,2,5],@t); -} - -sub aesenclast { # not used -my @b=@_[0..7]; -my @t=@_[8..15]; -$code.=<<___; - movdqa 0x40($const),@t[0] # .LSRM0 -___ - &ShiftRows (@b,@t[0]); - &Sbox (@b,@t); -$code.=<<___ - pxor 0x00($key),@b[0] - pxor 0x10($key),@b[1] - pxor 0x20($key),@b[4] - pxor 0x30($key),@b[6] - pxor 0x40($key),@b[3] - pxor 0x50($key),@b[7] - pxor 0x60($key),@b[2] - pxor 0x70($key),@b[5] -___ -} - -sub swapmove { -my ($a,$b,$n,$mask,$t)=@_; -$code.=<<___; - movdqa $b,$t - psrlq \$$n,$b - pxor $a,$b - pand $mask,$b - pxor $b,$a - psllq \$$n,$b - pxor $t,$b -___ -} -sub swapmove2x { -my ($a0,$b0,$a1,$b1,$n,$mask,$t0,$t1)=@_; -$code.=<<___; - movdqa $b0,$t0 - psrlq \$$n,$b0 - movdqa $b1,$t1 - psrlq \$$n,$b1 - pxor $a0,$b0 - pxor $a1,$b1 - pand $mask,$b0 - pand $mask,$b1 - pxor $b0,$a0 - psllq \$$n,$b0 - pxor $b1,$a1 - psllq \$$n,$b1 - pxor $t0,$b0 - pxor $t1,$b1 -___ -} - -sub bitslice { -my @x=reverse(@_[0..7]); -my ($t0,$t1,$t2,$t3)=@_[8..11]; -$code.=<<___; - movdqa 0x00($const),$t0 # .LBS0 - movdqa 0x10($const),$t1 # .LBS1 -___ - &swapmove2x(@x[0,1,2,3],1,$t0,$t2,$t3); - &swapmove2x(@x[4,5,6,7],1,$t0,$t2,$t3); -$code.=<<___; - movdqa 0x20($const),$t0 # .LBS2 -___ - &swapmove2x(@x[0,2,1,3],2,$t1,$t2,$t3); - &swapmove2x(@x[4,6,5,7],2,$t1,$t2,$t3); - - &swapmove2x(@x[0,4,1,5],4,$t0,$t2,$t3); - &swapmove2x(@x[2,6,3,7],4,$t0,$t2,$t3); -} - -$code.=<<___; -.text - -.extern asm_AES_encrypt -.extern asm_AES_decrypt - -.type _bsaes_encrypt8,\@abi-omnipotent -.align 64 -_bsaes_encrypt8: - _CET_ENDBR - lea .LBS0(%rip), $const # constants table - - movdqa ($key), @XMM[9] # round 0 key - lea 0x10($key), $key - movdqa 0x50($const), @XMM[8] # .LM0SR - pxor @XMM[9], @XMM[0] # xor with round0 key - pxor @XMM[9], @XMM[1] - pshufb @XMM[8], @XMM[0] - pxor @XMM[9], @XMM[2] - pshufb @XMM[8], @XMM[1] - pxor @XMM[9], @XMM[3] - pshufb @XMM[8], @XMM[2] - pxor @XMM[9], @XMM[4] - pshufb @XMM[8], @XMM[3] - pxor @XMM[9], @XMM[5] - pshufb @XMM[8], @XMM[4] - pxor @XMM[9], @XMM[6] - pshufb @XMM[8], @XMM[5] - pxor @XMM[9], @XMM[7] - pshufb @XMM[8], @XMM[6] - pshufb @XMM[8], @XMM[7] -_bsaes_encrypt8_bitslice: -___ - &bitslice (@XMM[0..7, 8..11]); -$code.=<<___; - dec $rounds - jmp .Lenc_sbox -.align 16 -.Lenc_loop: -___ - &ShiftRows (@XMM[0..7, 8]); -$code.=".Lenc_sbox:\n"; - &Sbox (@XMM[0..7, 8..15]); -$code.=<<___; - dec $rounds - jl .Lenc_done -___ - &MixColumns (@XMM[0,1,4,6,3,7,2,5, 8..15]); -$code.=<<___; - movdqa 0x30($const), @XMM[8] # .LSR - jnz .Lenc_loop - movdqa 0x40($const), @XMM[8] # .LSRM0 - jmp .Lenc_loop -.align 16 -.Lenc_done: -___ - # output in lsb > [t0, t1, t4, t6, t3, t7, t2, t5] < msb - &bitslice (@XMM[0,1,4,6,3,7,2,5, 8..11]); -$code.=<<___; - movdqa ($key), @XMM[8] # last round key - pxor @XMM[8], @XMM[4] - pxor @XMM[8], @XMM[6] - pxor @XMM[8], @XMM[3] - pxor @XMM[8], @XMM[7] - pxor @XMM[8], @XMM[2] - pxor @XMM[8], @XMM[5] - pxor @XMM[8], @XMM[0] - pxor @XMM[8], @XMM[1] - ret -.size _bsaes_encrypt8,.-_bsaes_encrypt8 - -.type _bsaes_decrypt8,\@abi-omnipotent -.align 64 -_bsaes_decrypt8: - _CET_ENDBR - lea .LBS0(%rip), $const # constants table - - movdqa ($key), @XMM[9] # round 0 key - lea 0x10($key), $key - movdqa -0x30($const), @XMM[8] # .LM0ISR - pxor @XMM[9], @XMM[0] # xor with round0 key - pxor @XMM[9], @XMM[1] - pshufb @XMM[8], @XMM[0] - pxor @XMM[9], @XMM[2] - pshufb @XMM[8], @XMM[1] - pxor @XMM[9], @XMM[3] - pshufb @XMM[8], @XMM[2] - pxor @XMM[9], @XMM[4] - pshufb @XMM[8], @XMM[3] - pxor @XMM[9], @XMM[5] - pshufb @XMM[8], @XMM[4] - pxor @XMM[9], @XMM[6] - pshufb @XMM[8], @XMM[5] - pxor @XMM[9], @XMM[7] - pshufb @XMM[8], @XMM[6] - pshufb @XMM[8], @XMM[7] -___ - &bitslice (@XMM[0..7, 8..11]); -$code.=<<___; - dec $rounds - jmp .Ldec_sbox -.align 16 -.Ldec_loop: -___ - &ShiftRows (@XMM[0..7, 8]); -$code.=".Ldec_sbox:\n"; - &InvSbox (@XMM[0..7, 8..15]); -$code.=<<___; - dec $rounds - jl .Ldec_done -___ - &InvMixColumns (@XMM[0,1,6,4,2,7,3,5, 8..15]); -$code.=<<___; - movdqa -0x10($const), @XMM[8] # .LISR - jnz .Ldec_loop - movdqa -0x20($const), @XMM[8] # .LISRM0 - jmp .Ldec_loop -.align 16 -.Ldec_done: -___ - &bitslice (@XMM[0,1,6,4,2,7,3,5, 8..11]); -$code.=<<___; - movdqa ($key), @XMM[8] # last round key - pxor @XMM[8], @XMM[6] - pxor @XMM[8], @XMM[4] - pxor @XMM[8], @XMM[2] - pxor @XMM[8], @XMM[7] - pxor @XMM[8], @XMM[3] - pxor @XMM[8], @XMM[5] - pxor @XMM[8], @XMM[0] - pxor @XMM[8], @XMM[1] - ret -.size _bsaes_decrypt8,.-_bsaes_decrypt8 -___ -} -{ -my ($out,$inp,$rounds,$const)=("%rax","%rcx","%r10d","%r11"); - -sub bitslice_key { -my @x=reverse(@_[0..7]); -my ($bs0,$bs1,$bs2,$t2,$t3)=@_[8..12]; - - &swapmove (@x[0,1],1,$bs0,$t2,$t3); -$code.=<<___; - #&swapmove(@x[2,3],1,$t0,$t2,$t3); - movdqa @x[0], @x[2] - movdqa @x[1], @x[3] -___ - #&swapmove2x(@x[4,5,6,7],1,$t0,$t2,$t3); - - &swapmove2x (@x[0,2,1,3],2,$bs1,$t2,$t3); -$code.=<<___; - #&swapmove2x(@x[4,6,5,7],2,$t1,$t2,$t3); - movdqa @x[0], @x[4] - movdqa @x[2], @x[6] - movdqa @x[1], @x[5] - movdqa @x[3], @x[7] -___ - &swapmove2x (@x[0,4,1,5],4,$bs2,$t2,$t3); - &swapmove2x (@x[2,6,3,7],4,$bs2,$t2,$t3); -} - -$code.=<<___; -.type _bsaes_key_convert,\@abi-omnipotent -.align 16 -_bsaes_key_convert: - _CET_ENDBR - lea .Lmasks(%rip), $const - movdqu ($inp), %xmm7 # load round 0 key - lea 0x10($inp), $inp - movdqa 0x00($const), %xmm0 # 0x01... - movdqa 0x10($const), %xmm1 # 0x02... - movdqa 0x20($const), %xmm2 # 0x04... - movdqa 0x30($const), %xmm3 # 0x08... - movdqa 0x40($const), %xmm4 # .LM0 - pcmpeqd %xmm5, %xmm5 # .LNOT - - movdqu ($inp), %xmm6 # load round 1 key - movdqa %xmm7, ($out) # save round 0 key - lea 0x10($out), $out - dec $rounds - jmp .Lkey_loop -.align 16 -.Lkey_loop: - pshufb %xmm4, %xmm6 # .LM0 - - movdqa %xmm0, %xmm8 - movdqa %xmm1, %xmm9 - - pand %xmm6, %xmm8 - pand %xmm6, %xmm9 - movdqa %xmm2, %xmm10 - pcmpeqb %xmm0, %xmm8 - psllq \$4, %xmm0 # 0x10... - movdqa %xmm3, %xmm11 - pcmpeqb %xmm1, %xmm9 - psllq \$4, %xmm1 # 0x20... - - pand %xmm6, %xmm10 - pand %xmm6, %xmm11 - movdqa %xmm0, %xmm12 - pcmpeqb %xmm2, %xmm10 - psllq \$4, %xmm2 # 0x40... - movdqa %xmm1, %xmm13 - pcmpeqb %xmm3, %xmm11 - psllq \$4, %xmm3 # 0x80... - - movdqa %xmm2, %xmm14 - movdqa %xmm3, %xmm15 - pxor %xmm5, %xmm8 # "pnot" - pxor %xmm5, %xmm9 - - pand %xmm6, %xmm12 - pand %xmm6, %xmm13 - movdqa %xmm8, 0x00($out) # write bit-sliced round key - pcmpeqb %xmm0, %xmm12 - psrlq \$4, %xmm0 # 0x01... - movdqa %xmm9, 0x10($out) - pcmpeqb %xmm1, %xmm13 - psrlq \$4, %xmm1 # 0x02... - lea 0x10($inp), $inp - - pand %xmm6, %xmm14 - pand %xmm6, %xmm15 - movdqa %xmm10, 0x20($out) - pcmpeqb %xmm2, %xmm14 - psrlq \$4, %xmm2 # 0x04... - movdqa %xmm11, 0x30($out) - pcmpeqb %xmm3, %xmm15 - psrlq \$4, %xmm3 # 0x08... - movdqu ($inp), %xmm6 # load next round key - - pxor %xmm5, %xmm13 # "pnot" - pxor %xmm5, %xmm14 - movdqa %xmm12, 0x40($out) - movdqa %xmm13, 0x50($out) - movdqa %xmm14, 0x60($out) - movdqa %xmm15, 0x70($out) - lea 0x80($out),$out - dec $rounds - jnz .Lkey_loop - - movdqa 0x50($const), %xmm7 # .L63 - #movdqa %xmm6, ($out) # don't save last round key - ret -.size _bsaes_key_convert,.-_bsaes_key_convert -___ -} - -if (0 && !$win64) { # following four functions are unsupported interface - # used for benchmarking... -$code.=<<___; -.globl bsaes_enc_key_convert -.type bsaes_enc_key_convert,\@function,2 -.align 16 -bsaes_enc_key_convert: - _CET_ENDBR - mov 240($inp),%r10d # pass rounds - mov $inp,%rcx # pass key - mov $out,%rax # pass key schedule - call _bsaes_key_convert - pxor %xmm6,%xmm7 # fix up last round key - movdqa %xmm7,(%rax) # save last round key - ret -.size bsaes_enc_key_convert,.-bsaes_enc_key_convert - -.globl bsaes_encrypt_128 -.type bsaes_encrypt_128,\@function,4 -.align 16 -bsaes_encrypt_128: -.Lenc128_loop: - _CET_ENDBR - movdqu 0x00($inp), @XMM[0] # load input - movdqu 0x10($inp), @XMM[1] - movdqu 0x20($inp), @XMM[2] - movdqu 0x30($inp), @XMM[3] - movdqu 0x40($inp), @XMM[4] - movdqu 0x50($inp), @XMM[5] - movdqu 0x60($inp), @XMM[6] - movdqu 0x70($inp), @XMM[7] - mov $key, %rax # pass the $key - lea 0x80($inp), $inp - mov \$10,%r10d - - call _bsaes_encrypt8 - - movdqu @XMM[0], 0x00($out) # write output - movdqu @XMM[1], 0x10($out) - movdqu @XMM[4], 0x20($out) - movdqu @XMM[6], 0x30($out) - movdqu @XMM[3], 0x40($out) - movdqu @XMM[7], 0x50($out) - movdqu @XMM[2], 0x60($out) - movdqu @XMM[5], 0x70($out) - lea 0x80($out), $out - sub \$0x80,$len - ja .Lenc128_loop - ret -.size bsaes_encrypt_128,.-bsaes_encrypt_128 - -.globl bsaes_dec_key_convert -.type bsaes_dec_key_convert,\@function,2 -.align 16 -bsaes_dec_key_convert: - _CET_ENDBR - mov 240($inp),%r10d # pass rounds - mov $inp,%rcx # pass key - mov $out,%rax # pass key schedule - call _bsaes_key_convert - pxor ($out),%xmm7 # fix up round 0 key - movdqa %xmm6,(%rax) # save last round key - movdqa %xmm7,($out) - ret -.size bsaes_dec_key_convert,.-bsaes_dec_key_convert - -.globl bsaes_decrypt_128 -.type bsaes_decrypt_128,\@function,4 -.align 16 -bsaes_decrypt_128: - _CET_ENDBR -.Ldec128_loop: - movdqu 0x00($inp), @XMM[0] # load input - movdqu 0x10($inp), @XMM[1] - movdqu 0x20($inp), @XMM[2] - movdqu 0x30($inp), @XMM[3] - movdqu 0x40($inp), @XMM[4] - movdqu 0x50($inp), @XMM[5] - movdqu 0x60($inp), @XMM[6] - movdqu 0x70($inp), @XMM[7] - mov $key, %rax # pass the $key - lea 0x80($inp), $inp - mov \$10,%r10d - - call _bsaes_decrypt8 - - movdqu @XMM[0], 0x00($out) # write output - movdqu @XMM[1], 0x10($out) - movdqu @XMM[6], 0x20($out) - movdqu @XMM[4], 0x30($out) - movdqu @XMM[2], 0x40($out) - movdqu @XMM[7], 0x50($out) - movdqu @XMM[3], 0x60($out) - movdqu @XMM[5], 0x70($out) - lea 0x80($out), $out - sub \$0x80,$len - ja .Ldec128_loop - ret -.size bsaes_decrypt_128,.-bsaes_decrypt_128 -___ -} -{ -###################################################################### -# -# OpenSSL interface -# -my ($arg1,$arg2,$arg3,$arg4,$arg5,$arg6)=$win64 ? ("%rcx","%rdx","%r8","%r9","%r10","%r11d") - : ("%rdi","%rsi","%rdx","%rcx","%r8","%r9d"); -my ($inp,$out,$len,$key)=("%r12","%r13","%r14","%r15"); - -if ($ecb) { -$code.=<<___; -.globl bsaes_ecb_encrypt_blocks -.type bsaes_ecb_encrypt_blocks,\@abi-omnipotent -.align 16 -bsaes_ecb_encrypt_blocks: - _CET_ENDBR - mov %rsp, %rax -.Lecb_enc_prologue: - push %rbp - push %rbx - push %r12 - push %r13 - push %r14 - push %r15 - lea -0x48(%rsp),%rsp -___ -$code.=<<___ if ($win64); - lea -0xa0(%rsp), %rsp - movaps %xmm6, 0x40(%rsp) - movaps %xmm7, 0x50(%rsp) - movaps %xmm8, 0x60(%rsp) - movaps %xmm9, 0x70(%rsp) - movaps %xmm10, 0x80(%rsp) - movaps %xmm11, 0x90(%rsp) - movaps %xmm12, 0xa0(%rsp) - movaps %xmm13, 0xb0(%rsp) - movaps %xmm14, 0xc0(%rsp) - movaps %xmm15, 0xd0(%rsp) -.Lecb_enc_body: -___ -$code.=<<___; - mov %rsp,%rbp # backup %rsp - mov 240($arg4),%eax # rounds - mov $arg1,$inp # backup arguments - mov $arg2,$out - mov $arg3,$len - mov $arg4,$key - cmp \$8,$arg3 - jb .Lecb_enc_short - - mov %eax,%ebx # backup rounds - shl \$7,%rax # 128 bytes per inner round key - sub \$`128-32`,%rax # size of bit-sliced key schedule - sub %rax,%rsp - mov %rsp,%rax # pass key schedule - mov $key,%rcx # pass key - mov %ebx,%r10d # pass rounds - call _bsaes_key_convert - pxor %xmm6,%xmm7 # fix up last round key - movdqa %xmm7,(%rax) # save last round key - - sub \$8,$len -.Lecb_enc_loop: - movdqu 0x00($inp), @XMM[0] # load input - movdqu 0x10($inp), @XMM[1] - movdqu 0x20($inp), @XMM[2] - movdqu 0x30($inp), @XMM[3] - movdqu 0x40($inp), @XMM[4] - movdqu 0x50($inp), @XMM[5] - mov %rsp, %rax # pass key schedule - movdqu 0x60($inp), @XMM[6] - mov %ebx,%r10d # pass rounds - movdqu 0x70($inp), @XMM[7] - lea 0x80($inp), $inp - - call _bsaes_encrypt8 - - movdqu @XMM[0], 0x00($out) # write output - movdqu @XMM[1], 0x10($out) - movdqu @XMM[4], 0x20($out) - movdqu @XMM[6], 0x30($out) - movdqu @XMM[3], 0x40($out) - movdqu @XMM[7], 0x50($out) - movdqu @XMM[2], 0x60($out) - movdqu @XMM[5], 0x70($out) - lea 0x80($out), $out - sub \$8,$len - jnc .Lecb_enc_loop - - add \$8,$len - jz .Lecb_enc_done - - movdqu 0x00($inp), @XMM[0] # load input - mov %rsp, %rax # pass key schedule - mov %ebx,%r10d # pass rounds - cmp \$2,$len - jb .Lecb_enc_one - movdqu 0x10($inp), @XMM[1] - je .Lecb_enc_two - movdqu 0x20($inp), @XMM[2] - cmp \$4,$len - jb .Lecb_enc_three - movdqu 0x30($inp), @XMM[3] - je .Lecb_enc_four - movdqu 0x40($inp), @XMM[4] - cmp \$6,$len - jb .Lecb_enc_five - movdqu 0x50($inp), @XMM[5] - je .Lecb_enc_six - movdqu 0x60($inp), @XMM[6] - call _bsaes_encrypt8 - movdqu @XMM[0], 0x00($out) # write output - movdqu @XMM[1], 0x10($out) - movdqu @XMM[4], 0x20($out) - movdqu @XMM[6], 0x30($out) - movdqu @XMM[3], 0x40($out) - movdqu @XMM[7], 0x50($out) - movdqu @XMM[2], 0x60($out) - jmp .Lecb_enc_done -.align 16 -.Lecb_enc_six: - call _bsaes_encrypt8 - movdqu @XMM[0], 0x00($out) # write output - movdqu @XMM[1], 0x10($out) - movdqu @XMM[4], 0x20($out) - movdqu @XMM[6], 0x30($out) - movdqu @XMM[3], 0x40($out) - movdqu @XMM[7], 0x50($out) - jmp .Lecb_enc_done -.align 16 -.Lecb_enc_five: - call _bsaes_encrypt8 - movdqu @XMM[0], 0x00($out) # write output - movdqu @XMM[1], 0x10($out) - movdqu @XMM[4], 0x20($out) - movdqu @XMM[6], 0x30($out) - movdqu @XMM[3], 0x40($out) - jmp .Lecb_enc_done -.align 16 -.Lecb_enc_four: - call _bsaes_encrypt8 - movdqu @XMM[0], 0x00($out) # write output - movdqu @XMM[1], 0x10($out) - movdqu @XMM[4], 0x20($out) - movdqu @XMM[6], 0x30($out) - jmp .Lecb_enc_done -.align 16 -.Lecb_enc_three: - call _bsaes_encrypt8 - movdqu @XMM[0], 0x00($out) # write output - movdqu @XMM[1], 0x10($out) - movdqu @XMM[4], 0x20($out) - jmp .Lecb_enc_done -.align 16 -.Lecb_enc_two: - call _bsaes_encrypt8 - movdqu @XMM[0], 0x00($out) # write output - movdqu @XMM[1], 0x10($out) - jmp .Lecb_enc_done -.align 16 -.Lecb_enc_one: - call _bsaes_encrypt8 - movdqu @XMM[0], 0x00($out) # write output - jmp .Lecb_enc_done -.align 16 -.Lecb_enc_short: - lea ($inp), $arg1 - lea ($out), $arg2 - lea ($key), $arg3 - call asm_AES_encrypt - lea 16($inp), $inp - lea 16($out), $out - dec $len - jnz .Lecb_enc_short - -.Lecb_enc_done: - lea (%rsp),%rax - pxor %xmm0, %xmm0 -.Lecb_enc_bzero: # wipe key schedule [if any] - movdqa %xmm0, 0x00(%rax) - movdqa %xmm0, 0x10(%rax) - lea 0x20(%rax), %rax - cmp %rax, %rbp - jb .Lecb_enc_bzero - - lea (%rbp),%rsp # restore %rsp -___ -$code.=<<___ if ($win64); - movaps 0x40(%rbp), %xmm6 - movaps 0x50(%rbp), %xmm7 - movaps 0x60(%rbp), %xmm8 - movaps 0x70(%rbp), %xmm9 - movaps 0x80(%rbp), %xmm10 - movaps 0x90(%rbp), %xmm11 - movaps 0xa0(%rbp), %xmm12 - movaps 0xb0(%rbp), %xmm13 - movaps 0xc0(%rbp), %xmm14 - movaps 0xd0(%rbp), %xmm15 - lea 0xa0(%rbp), %rsp -___ -$code.=<<___; - mov 0x48(%rsp), %r15 - mov 0x50(%rsp), %r14 - mov 0x58(%rsp), %r13 - mov 0x60(%rsp), %r12 - mov 0x68(%rsp), %rbx - mov 0x70(%rsp), %rax - lea 0x78(%rsp), %rsp - mov %rax, %rbp -.Lecb_enc_epilogue: - ret -.size bsaes_ecb_encrypt_blocks,.-bsaes_ecb_encrypt_blocks - -.globl bsaes_ecb_decrypt_blocks -.type bsaes_ecb_decrypt_blocks,\@abi-omnipotent -.align 16 -bsaes_ecb_decrypt_blocks: - _CET_ENDBR - mov %rsp, %rax -.Lecb_dec_prologue: - push %rbp - push %rbx - push %r12 - push %r13 - push %r14 - push %r15 - lea -0x48(%rsp),%rsp -___ -$code.=<<___ if ($win64); - lea -0xa0(%rsp), %rsp - movaps %xmm6, 0x40(%rsp) - movaps %xmm7, 0x50(%rsp) - movaps %xmm8, 0x60(%rsp) - movaps %xmm9, 0x70(%rsp) - movaps %xmm10, 0x80(%rsp) - movaps %xmm11, 0x90(%rsp) - movaps %xmm12, 0xa0(%rsp) - movaps %xmm13, 0xb0(%rsp) - movaps %xmm14, 0xc0(%rsp) - movaps %xmm15, 0xd0(%rsp) -.Lecb_dec_body: -___ -$code.=<<___; - mov %rsp,%rbp # backup %rsp - mov 240($arg4),%eax # rounds - mov $arg1,$inp # backup arguments - mov $arg2,$out - mov $arg3,$len - mov $arg4,$key - cmp \$8,$arg3 - jb .Lecb_dec_short - - mov %eax,%ebx # backup rounds - shl \$7,%rax # 128 bytes per inner round key - sub \$`128-32`,%rax # size of bit-sliced key schedule - sub %rax,%rsp - mov %rsp,%rax # pass key schedule - mov $key,%rcx # pass key - mov %ebx,%r10d # pass rounds - call _bsaes_key_convert - pxor (%rsp),%xmm7 # fix up 0 round key - movdqa %xmm6,(%rax) # save last round key - movdqa %xmm7,(%rsp) - - sub \$8,$len -.Lecb_dec_loop: - movdqu 0x00($inp), @XMM[0] # load input - movdqu 0x10($inp), @XMM[1] - movdqu 0x20($inp), @XMM[2] - movdqu 0x30($inp), @XMM[3] - movdqu 0x40($inp), @XMM[4] - movdqu 0x50($inp), @XMM[5] - mov %rsp, %rax # pass key schedule - movdqu 0x60($inp), @XMM[6] - mov %ebx,%r10d # pass rounds - movdqu 0x70($inp), @XMM[7] - lea 0x80($inp), $inp - - call _bsaes_decrypt8 - - movdqu @XMM[0], 0x00($out) # write output - movdqu @XMM[1], 0x10($out) - movdqu @XMM[6], 0x20($out) - movdqu @XMM[4], 0x30($out) - movdqu @XMM[2], 0x40($out) - movdqu @XMM[7], 0x50($out) - movdqu @XMM[3], 0x60($out) - movdqu @XMM[5], 0x70($out) - lea 0x80($out), $out - sub \$8,$len - jnc .Lecb_dec_loop - - add \$8,$len - jz .Lecb_dec_done - - movdqu 0x00($inp), @XMM[0] # load input - mov %rsp, %rax # pass key schedule - mov %ebx,%r10d # pass rounds - cmp \$2,$len - jb .Lecb_dec_one - movdqu 0x10($inp), @XMM[1] - je .Lecb_dec_two - movdqu 0x20($inp), @XMM[2] - cmp \$4,$len - jb .Lecb_dec_three - movdqu 0x30($inp), @XMM[3] - je .Lecb_dec_four - movdqu 0x40($inp), @XMM[4] - cmp \$6,$len - jb .Lecb_dec_five - movdqu 0x50($inp), @XMM[5] - je .Lecb_dec_six - movdqu 0x60($inp), @XMM[6] - call _bsaes_decrypt8 - movdqu @XMM[0], 0x00($out) # write output - movdqu @XMM[1], 0x10($out) - movdqu @XMM[6], 0x20($out) - movdqu @XMM[4], 0x30($out) - movdqu @XMM[2], 0x40($out) - movdqu @XMM[7], 0x50($out) - movdqu @XMM[3], 0x60($out) - jmp .Lecb_dec_done -.align 16 -.Lecb_dec_six: - call _bsaes_decrypt8 - movdqu @XMM[0], 0x00($out) # write output - movdqu @XMM[1], 0x10($out) - movdqu @XMM[6], 0x20($out) - movdqu @XMM[4], 0x30($out) - movdqu @XMM[2], 0x40($out) - movdqu @XMM[7], 0x50($out) - jmp .Lecb_dec_done -.align 16 -.Lecb_dec_five: - call _bsaes_decrypt8 - movdqu @XMM[0], 0x00($out) # write output - movdqu @XMM[1], 0x10($out) - movdqu @XMM[6], 0x20($out) - movdqu @XMM[4], 0x30($out) - movdqu @XMM[2], 0x40($out) - jmp .Lecb_dec_done -.align 16 -.Lecb_dec_four: - call _bsaes_decrypt8 - movdqu @XMM[0], 0x00($out) # write output - movdqu @XMM[1], 0x10($out) - movdqu @XMM[6], 0x20($out) - movdqu @XMM[4], 0x30($out) - jmp .Lecb_dec_done -.align 16 -.Lecb_dec_three: - call _bsaes_decrypt8 - movdqu @XMM[0], 0x00($out) # write output - movdqu @XMM[1], 0x10($out) - movdqu @XMM[6], 0x20($out) - jmp .Lecb_dec_done -.align 16 -.Lecb_dec_two: - call _bsaes_decrypt8 - movdqu @XMM[0], 0x00($out) # write output - movdqu @XMM[1], 0x10($out) - jmp .Lecb_dec_done -.align 16 -.Lecb_dec_one: - call _bsaes_decrypt8 - movdqu @XMM[0], 0x00($out) # write output - jmp .Lecb_dec_done -.align 16 -.Lecb_dec_short: - lea ($inp), $arg1 - lea ($out), $arg2 - lea ($key), $arg3 - call asm_AES_decrypt - lea 16($inp), $inp - lea 16($out), $out - dec $len - jnz .Lecb_dec_short - -.Lecb_dec_done: - lea (%rsp),%rax - pxor %xmm0, %xmm0 -.Lecb_dec_bzero: # wipe key schedule [if any] - movdqa %xmm0, 0x00(%rax) - movdqa %xmm0, 0x10(%rax) - lea 0x20(%rax), %rax - cmp %rax, %rbp - jb .Lecb_dec_bzero - - lea (%rbp),%rsp # restore %rsp -___ -$code.=<<___ if ($win64); - movaps 0x40(%rbp), %xmm6 - movaps 0x50(%rbp), %xmm7 - movaps 0x60(%rbp), %xmm8 - movaps 0x70(%rbp), %xmm9 - movaps 0x80(%rbp), %xmm10 - movaps 0x90(%rbp), %xmm11 - movaps 0xa0(%rbp), %xmm12 - movaps 0xb0(%rbp), %xmm13 - movaps 0xc0(%rbp), %xmm14 - movaps 0xd0(%rbp), %xmm15 - lea 0xa0(%rbp), %rsp -___ -$code.=<<___; - mov 0x48(%rsp), %r15 - mov 0x50(%rsp), %r14 - mov 0x58(%rsp), %r13 - mov 0x60(%rsp), %r12 - mov 0x68(%rsp), %rbx - mov 0x70(%rsp), %rax - lea 0x78(%rsp), %rsp - mov %rax, %rbp -.Lecb_dec_epilogue: - ret -.size bsaes_ecb_decrypt_blocks,.-bsaes_ecb_decrypt_blocks -___ -} -$code.=<<___; -.extern asm_AES_cbc_encrypt -.globl bsaes_cbc_encrypt -.type bsaes_cbc_encrypt,\@abi-omnipotent -.align 16 -bsaes_cbc_encrypt: - _CET_ENDBR -___ -$code.=<<___ if ($win64); - mov 48(%rsp),$arg6 # pull direction flag -___ -$code.=<<___; - cmp \$0,$arg6 - jne asm_AES_cbc_encrypt - cmp \$128,$arg3 - jb asm_AES_cbc_encrypt - - mov %rsp, %rax -.Lcbc_dec_prologue: - push %rbp - push %rbx - push %r12 - push %r13 - push %r14 - push %r15 - lea -0x48(%rsp), %rsp -___ -$code.=<<___ if ($win64); - mov 0xa0(%rsp),$arg5 # pull ivp - lea -0xa0(%rsp), %rsp - movaps %xmm6, 0x40(%rsp) - movaps %xmm7, 0x50(%rsp) - movaps %xmm8, 0x60(%rsp) - movaps %xmm9, 0x70(%rsp) - movaps %xmm10, 0x80(%rsp) - movaps %xmm11, 0x90(%rsp) - movaps %xmm12, 0xa0(%rsp) - movaps %xmm13, 0xb0(%rsp) - movaps %xmm14, 0xc0(%rsp) - movaps %xmm15, 0xd0(%rsp) -.Lcbc_dec_body: -___ -$code.=<<___; - mov %rsp, %rbp # backup %rsp - mov 240($arg4), %eax # rounds - mov $arg1, $inp # backup arguments - mov $arg2, $out - mov $arg3, $len - mov $arg4, $key - mov $arg5, %rbx - shr \$4, $len # bytes to blocks - - mov %eax, %edx # rounds - shl \$7, %rax # 128 bytes per inner round key - sub \$`128-32`, %rax # size of bit-sliced key schedule - sub %rax, %rsp - - mov %rsp, %rax # pass key schedule - mov $key, %rcx # pass key - mov %edx, %r10d # pass rounds - call _bsaes_key_convert - pxor (%rsp),%xmm7 # fix up 0 round key - movdqa %xmm6,(%rax) # save last round key - movdqa %xmm7,(%rsp) - - movdqu (%rbx), @XMM[15] # load IV - sub \$8,$len -.Lcbc_dec_loop: - movdqu 0x00($inp), @XMM[0] # load input - movdqu 0x10($inp), @XMM[1] - movdqu 0x20($inp), @XMM[2] - movdqu 0x30($inp), @XMM[3] - movdqu 0x40($inp), @XMM[4] - movdqu 0x50($inp), @XMM[5] - mov %rsp, %rax # pass key schedule - movdqu 0x60($inp), @XMM[6] - mov %edx,%r10d # pass rounds - movdqu 0x70($inp), @XMM[7] - movdqa @XMM[15], 0x20(%rbp) # put aside IV - - call _bsaes_decrypt8 - - pxor 0x20(%rbp), @XMM[0] # ^= IV - movdqu 0x00($inp), @XMM[8] # re-load input - movdqu 0x10($inp), @XMM[9] - pxor @XMM[8], @XMM[1] - movdqu 0x20($inp), @XMM[10] - pxor @XMM[9], @XMM[6] - movdqu 0x30($inp), @XMM[11] - pxor @XMM[10], @XMM[4] - movdqu 0x40($inp), @XMM[12] - pxor @XMM[11], @XMM[2] - movdqu 0x50($inp), @XMM[13] - pxor @XMM[12], @XMM[7] - movdqu 0x60($inp), @XMM[14] - pxor @XMM[13], @XMM[3] - movdqu 0x70($inp), @XMM[15] # IV - pxor @XMM[14], @XMM[5] - movdqu @XMM[0], 0x00($out) # write output - lea 0x80($inp), $inp - movdqu @XMM[1], 0x10($out) - movdqu @XMM[6], 0x20($out) - movdqu @XMM[4], 0x30($out) - movdqu @XMM[2], 0x40($out) - movdqu @XMM[7], 0x50($out) - movdqu @XMM[3], 0x60($out) - movdqu @XMM[5], 0x70($out) - lea 0x80($out), $out - sub \$8,$len - jnc .Lcbc_dec_loop - - add \$8,$len - jz .Lcbc_dec_done - - movdqu 0x00($inp), @XMM[0] # load input - mov %rsp, %rax # pass key schedule - mov %edx, %r10d # pass rounds - cmp \$2,$len - jb .Lcbc_dec_one - movdqu 0x10($inp), @XMM[1] - je .Lcbc_dec_two - movdqu 0x20($inp), @XMM[2] - cmp \$4,$len - jb .Lcbc_dec_three - movdqu 0x30($inp), @XMM[3] - je .Lcbc_dec_four - movdqu 0x40($inp), @XMM[4] - cmp \$6,$len - jb .Lcbc_dec_five - movdqu 0x50($inp), @XMM[5] - je .Lcbc_dec_six - movdqu 0x60($inp), @XMM[6] - movdqa @XMM[15], 0x20(%rbp) # put aside IV - call _bsaes_decrypt8 - pxor 0x20(%rbp), @XMM[0] # ^= IV - movdqu 0x00($inp), @XMM[8] # re-load input - movdqu 0x10($inp), @XMM[9] - pxor @XMM[8], @XMM[1] - movdqu 0x20($inp), @XMM[10] - pxor @XMM[9], @XMM[6] - movdqu 0x30($inp), @XMM[11] - pxor @XMM[10], @XMM[4] - movdqu 0x40($inp), @XMM[12] - pxor @XMM[11], @XMM[2] - movdqu 0x50($inp), @XMM[13] - pxor @XMM[12], @XMM[7] - movdqu 0x60($inp), @XMM[15] # IV - pxor @XMM[13], @XMM[3] - movdqu @XMM[0], 0x00($out) # write output - movdqu @XMM[1], 0x10($out) - movdqu @XMM[6], 0x20($out) - movdqu @XMM[4], 0x30($out) - movdqu @XMM[2], 0x40($out) - movdqu @XMM[7], 0x50($out) - movdqu @XMM[3], 0x60($out) - jmp .Lcbc_dec_done -.align 16 -.Lcbc_dec_six: - movdqa @XMM[15], 0x20(%rbp) # put aside IV - call _bsaes_decrypt8 - pxor 0x20(%rbp), @XMM[0] # ^= IV - movdqu 0x00($inp), @XMM[8] # re-load input - movdqu 0x10($inp), @XMM[9] - pxor @XMM[8], @XMM[1] - movdqu 0x20($inp), @XMM[10] - pxor @XMM[9], @XMM[6] - movdqu 0x30($inp), @XMM[11] - pxor @XMM[10], @XMM[4] - movdqu 0x40($inp), @XMM[12] - pxor @XMM[11], @XMM[2] - movdqu 0x50($inp), @XMM[15] # IV - pxor @XMM[12], @XMM[7] - movdqu @XMM[0], 0x00($out) # write output - movdqu @XMM[1], 0x10($out) - movdqu @XMM[6], 0x20($out) - movdqu @XMM[4], 0x30($out) - movdqu @XMM[2], 0x40($out) - movdqu @XMM[7], 0x50($out) - jmp .Lcbc_dec_done -.align 16 -.Lcbc_dec_five: - movdqa @XMM[15], 0x20(%rbp) # put aside IV - call _bsaes_decrypt8 - pxor 0x20(%rbp), @XMM[0] # ^= IV - movdqu 0x00($inp), @XMM[8] # re-load input - movdqu 0x10($inp), @XMM[9] - pxor @XMM[8], @XMM[1] - movdqu 0x20($inp), @XMM[10] - pxor @XMM[9], @XMM[6] - movdqu 0x30($inp), @XMM[11] - pxor @XMM[10], @XMM[4] - movdqu 0x40($inp), @XMM[15] # IV - pxor @XMM[11], @XMM[2] - movdqu @XMM[0], 0x00($out) # write output - movdqu @XMM[1], 0x10($out) - movdqu @XMM[6], 0x20($out) - movdqu @XMM[4], 0x30($out) - movdqu @XMM[2], 0x40($out) - jmp .Lcbc_dec_done -.align 16 -.Lcbc_dec_four: - movdqa @XMM[15], 0x20(%rbp) # put aside IV - call _bsaes_decrypt8 - pxor 0x20(%rbp), @XMM[0] # ^= IV - movdqu 0x00($inp), @XMM[8] # re-load input - movdqu 0x10($inp), @XMM[9] - pxor @XMM[8], @XMM[1] - movdqu 0x20($inp), @XMM[10] - pxor @XMM[9], @XMM[6] - movdqu 0x30($inp), @XMM[15] # IV - pxor @XMM[10], @XMM[4] - movdqu @XMM[0], 0x00($out) # write output - movdqu @XMM[1], 0x10($out) - movdqu @XMM[6], 0x20($out) - movdqu @XMM[4], 0x30($out) - jmp .Lcbc_dec_done -.align 16 -.Lcbc_dec_three: - movdqa @XMM[15], 0x20(%rbp) # put aside IV - call _bsaes_decrypt8 - pxor 0x20(%rbp), @XMM[0] # ^= IV - movdqu 0x00($inp), @XMM[8] # re-load input - movdqu 0x10($inp), @XMM[9] - pxor @XMM[8], @XMM[1] - movdqu 0x20($inp), @XMM[15] # IV - pxor @XMM[9], @XMM[6] - movdqu @XMM[0], 0x00($out) # write output - movdqu @XMM[1], 0x10($out) - movdqu @XMM[6], 0x20($out) - jmp .Lcbc_dec_done -.align 16 -.Lcbc_dec_two: - movdqa @XMM[15], 0x20(%rbp) # put aside IV - call _bsaes_decrypt8 - pxor 0x20(%rbp), @XMM[0] # ^= IV - movdqu 0x00($inp), @XMM[8] # re-load input - movdqu 0x10($inp), @XMM[15] # IV - pxor @XMM[8], @XMM[1] - movdqu @XMM[0], 0x00($out) # write output - movdqu @XMM[1], 0x10($out) - jmp .Lcbc_dec_done -.align 16 -.Lcbc_dec_one: - lea ($inp), $arg1 - lea 0x20(%rbp), $arg2 # buffer output - lea ($key), $arg3 - call asm_AES_decrypt # doesn't touch %xmm - pxor 0x20(%rbp), @XMM[15] # ^= IV - movdqu @XMM[15], ($out) # write output - movdqa @XMM[0], @XMM[15] # IV - -.Lcbc_dec_done: - movdqu @XMM[15], (%rbx) # return IV - lea (%rsp), %rax - pxor %xmm0, %xmm0 -.Lcbc_dec_bzero: # wipe key schedule [if any] - movdqa %xmm0, 0x00(%rax) - movdqa %xmm0, 0x10(%rax) - lea 0x20(%rax), %rax - cmp %rax, %rbp - ja .Lcbc_dec_bzero - - lea (%rbp),%rsp # restore %rsp -___ -$code.=<<___ if ($win64); - movaps 0x40(%rbp), %xmm6 - movaps 0x50(%rbp), %xmm7 - movaps 0x60(%rbp), %xmm8 - movaps 0x70(%rbp), %xmm9 - movaps 0x80(%rbp), %xmm10 - movaps 0x90(%rbp), %xmm11 - movaps 0xa0(%rbp), %xmm12 - movaps 0xb0(%rbp), %xmm13 - movaps 0xc0(%rbp), %xmm14 - movaps 0xd0(%rbp), %xmm15 - lea 0xa0(%rbp), %rsp -___ -$code.=<<___; - mov 0x48(%rsp), %r15 - mov 0x50(%rsp), %r14 - mov 0x58(%rsp), %r13 - mov 0x60(%rsp), %r12 - mov 0x68(%rsp), %rbx - mov 0x70(%rsp), %rax - lea 0x78(%rsp), %rsp - mov %rax, %rbp -.Lcbc_dec_epilogue: - ret -.size bsaes_cbc_encrypt,.-bsaes_cbc_encrypt - -.globl bsaes_ctr32_encrypt_blocks -.type bsaes_ctr32_encrypt_blocks,\@abi-omnipotent -.align 16 -bsaes_ctr32_encrypt_blocks: - _CET_ENDBR - mov %rsp, %rax -.Lctr_enc_prologue: - push %rbp - push %rbx - push %r12 - push %r13 - push %r14 - push %r15 - lea -0x48(%rsp), %rsp -___ -$code.=<<___ if ($win64); - mov 0xa0(%rsp),$arg5 # pull ivp - lea -0xa0(%rsp), %rsp - movaps %xmm6, 0x40(%rsp) - movaps %xmm7, 0x50(%rsp) - movaps %xmm8, 0x60(%rsp) - movaps %xmm9, 0x70(%rsp) - movaps %xmm10, 0x80(%rsp) - movaps %xmm11, 0x90(%rsp) - movaps %xmm12, 0xa0(%rsp) - movaps %xmm13, 0xb0(%rsp) - movaps %xmm14, 0xc0(%rsp) - movaps %xmm15, 0xd0(%rsp) -.Lctr_enc_body: -___ -$code.=<<___; - mov %rsp, %rbp # backup %rsp - movdqu ($arg5), %xmm0 # load counter - mov 240($arg4), %eax # rounds - mov $arg1, $inp # backup arguments - mov $arg2, $out - mov $arg3, $len - mov $arg4, $key - movdqa %xmm0, 0x20(%rbp) # copy counter - cmp \$8, $arg3 - jb .Lctr_enc_short - - mov %eax, %ebx # rounds - shl \$7, %rax # 128 bytes per inner round key - sub \$`128-32`, %rax # size of bit-sliced key schedule - sub %rax, %rsp - - mov %rsp, %rax # pass key schedule - mov $key, %rcx # pass key - mov %ebx, %r10d # pass rounds - call _bsaes_key_convert - pxor %xmm6,%xmm7 # fix up last round key - movdqa %xmm7,(%rax) # save last round key - - movdqa (%rsp), @XMM[9] # load round0 key - lea .LADD1(%rip), %r11 - movdqa 0x20(%rbp), @XMM[0] # counter copy - movdqa -0x20(%r11), @XMM[8] # .LSWPUP - pshufb @XMM[8], @XMM[9] # byte swap upper part - pshufb @XMM[8], @XMM[0] - movdqa @XMM[9], (%rsp) # save adjusted round0 key - jmp .Lctr_enc_loop -.align 16 -.Lctr_enc_loop: - movdqa @XMM[0], 0x20(%rbp) # save counter - movdqa @XMM[0], @XMM[1] # prepare 8 counter values - movdqa @XMM[0], @XMM[2] - paddd 0x00(%r11), @XMM[1] # .LADD1 - movdqa @XMM[0], @XMM[3] - paddd 0x10(%r11), @XMM[2] # .LADD2 - movdqa @XMM[0], @XMM[4] - paddd 0x20(%r11), @XMM[3] # .LADD3 - movdqa @XMM[0], @XMM[5] - paddd 0x30(%r11), @XMM[4] # .LADD4 - movdqa @XMM[0], @XMM[6] - paddd 0x40(%r11), @XMM[5] # .LADD5 - movdqa @XMM[0], @XMM[7] - paddd 0x50(%r11), @XMM[6] # .LADD6 - paddd 0x60(%r11), @XMM[7] # .LADD7 - - # Borrow prologue from _bsaes_encrypt8 to use the opportunity - # to flip byte order in 32-bit counter - movdqa (%rsp), @XMM[9] # round 0 key - lea 0x10(%rsp), %rax # pass key schedule - movdqa -0x10(%r11), @XMM[8] # .LSWPUPM0SR - pxor @XMM[9], @XMM[0] # xor with round0 key - pxor @XMM[9], @XMM[1] - pshufb @XMM[8], @XMM[0] - pxor @XMM[9], @XMM[2] - pshufb @XMM[8], @XMM[1] - pxor @XMM[9], @XMM[3] - pshufb @XMM[8], @XMM[2] - pxor @XMM[9], @XMM[4] - pshufb @XMM[8], @XMM[3] - pxor @XMM[9], @XMM[5] - pshufb @XMM[8], @XMM[4] - pxor @XMM[9], @XMM[6] - pshufb @XMM[8], @XMM[5] - pxor @XMM[9], @XMM[7] - pshufb @XMM[8], @XMM[6] - lea .LBS0(%rip), %r11 # constants table - pshufb @XMM[8], @XMM[7] - mov %ebx,%r10d # pass rounds - - call _bsaes_encrypt8_bitslice - - sub \$8,$len - jc .Lctr_enc_loop_done - - movdqu 0x00($inp), @XMM[8] # load input - movdqu 0x10($inp), @XMM[9] - movdqu 0x20($inp), @XMM[10] - movdqu 0x30($inp), @XMM[11] - movdqu 0x40($inp), @XMM[12] - movdqu 0x50($inp), @XMM[13] - movdqu 0x60($inp), @XMM[14] - movdqu 0x70($inp), @XMM[15] - lea 0x80($inp),$inp - pxor @XMM[0], @XMM[8] - movdqa 0x20(%rbp), @XMM[0] # load counter - pxor @XMM[9], @XMM[1] - movdqu @XMM[8], 0x00($out) # write output - pxor @XMM[10], @XMM[4] - movdqu @XMM[1], 0x10($out) - pxor @XMM[11], @XMM[6] - movdqu @XMM[4], 0x20($out) - pxor @XMM[12], @XMM[3] - movdqu @XMM[6], 0x30($out) - pxor @XMM[13], @XMM[7] - movdqu @XMM[3], 0x40($out) - pxor @XMM[14], @XMM[2] - movdqu @XMM[7], 0x50($out) - pxor @XMM[15], @XMM[5] - movdqu @XMM[2], 0x60($out) - lea .LADD1(%rip), %r11 - movdqu @XMM[5], 0x70($out) - lea 0x80($out), $out - paddd 0x70(%r11), @XMM[0] # .LADD8 - jnz .Lctr_enc_loop - - jmp .Lctr_enc_done -.align 16 -.Lctr_enc_loop_done: - add \$8, $len - movdqu 0x00($inp), @XMM[8] # load input - pxor @XMM[8], @XMM[0] - movdqu @XMM[0], 0x00($out) # write output - cmp \$2,$len - jb .Lctr_enc_done - movdqu 0x10($inp), @XMM[9] - pxor @XMM[9], @XMM[1] - movdqu @XMM[1], 0x10($out) - je .Lctr_enc_done - movdqu 0x20($inp), @XMM[10] - pxor @XMM[10], @XMM[4] - movdqu @XMM[4], 0x20($out) - cmp \$4,$len - jb .Lctr_enc_done - movdqu 0x30($inp), @XMM[11] - pxor @XMM[11], @XMM[6] - movdqu @XMM[6], 0x30($out) - je .Lctr_enc_done - movdqu 0x40($inp), @XMM[12] - pxor @XMM[12], @XMM[3] - movdqu @XMM[3], 0x40($out) - cmp \$6,$len - jb .Lctr_enc_done - movdqu 0x50($inp), @XMM[13] - pxor @XMM[13], @XMM[7] - movdqu @XMM[7], 0x50($out) - je .Lctr_enc_done - movdqu 0x60($inp), @XMM[14] - pxor @XMM[14], @XMM[2] - movdqu @XMM[2], 0x60($out) - jmp .Lctr_enc_done - -.align 16 -.Lctr_enc_short: - lea 0x20(%rbp), $arg1 - lea 0x30(%rbp), $arg2 - lea ($key), $arg3 - call asm_AES_encrypt - movdqu ($inp), @XMM[1] - lea 16($inp), $inp - mov 0x2c(%rbp), %eax # load 32-bit counter - bswap %eax - pxor 0x30(%rbp), @XMM[1] - inc %eax # increment - movdqu @XMM[1], ($out) - bswap %eax - lea 16($out), $out - mov %eax, 0x2c(%rsp) # save 32-bit counter - dec $len - jnz .Lctr_enc_short - -.Lctr_enc_done: - lea (%rsp), %rax - pxor %xmm0, %xmm0 -.Lctr_enc_bzero: # wipe key schedule [if any] - movdqa %xmm0, 0x00(%rax) - movdqa %xmm0, 0x10(%rax) - lea 0x20(%rax), %rax - cmp %rax, %rbp - ja .Lctr_enc_bzero - - lea (%rbp),%rsp # restore %rsp -___ -$code.=<<___ if ($win64); - movaps 0x40(%rbp), %xmm6 - movaps 0x50(%rbp), %xmm7 - movaps 0x60(%rbp), %xmm8 - movaps 0x70(%rbp), %xmm9 - movaps 0x80(%rbp), %xmm10 - movaps 0x90(%rbp), %xmm11 - movaps 0xa0(%rbp), %xmm12 - movaps 0xb0(%rbp), %xmm13 - movaps 0xc0(%rbp), %xmm14 - movaps 0xd0(%rbp), %xmm15 - lea 0xa0(%rbp), %rsp -___ -$code.=<<___; - mov 0x48(%rsp), %r15 - mov 0x50(%rsp), %r14 - mov 0x58(%rsp), %r13 - mov 0x60(%rsp), %r12 - mov 0x68(%rsp), %rbx - mov 0x70(%rsp), %rax - lea 0x78(%rsp), %rsp - mov %rax, %rbp -.Lctr_enc_epilogue: - ret -.size bsaes_ctr32_encrypt_blocks,.-bsaes_ctr32_encrypt_blocks -___ -###################################################################### -# void bsaes_xts_[en|de]crypt(const char *inp,char *out,size_t len, -# const AES_KEY *key1, const AES_KEY *key2, -# const unsigned char iv[16]); -# -my ($twmask,$twres,$twtmp)=@XMM[13..15]; -$arg6=~s/d$//; - -$code.=<<___; -.globl bsaes_xts_encrypt -.type bsaes_xts_encrypt,\@abi-omnipotent -.align 16 -bsaes_xts_encrypt: - _CET_ENDBR - mov %rsp, %rax -.Lxts_enc_prologue: - push %rbp - push %rbx - push %r12 - push %r13 - push %r14 - push %r15 - lea -0x48(%rsp), %rsp -___ -$code.=<<___ if ($win64); - mov 0xa0(%rsp),$arg5 # pull key2 - mov 0xa8(%rsp),$arg6 # pull ivp - lea -0xa0(%rsp), %rsp - movaps %xmm6, 0x40(%rsp) - movaps %xmm7, 0x50(%rsp) - movaps %xmm8, 0x60(%rsp) - movaps %xmm9, 0x70(%rsp) - movaps %xmm10, 0x80(%rsp) - movaps %xmm11, 0x90(%rsp) - movaps %xmm12, 0xa0(%rsp) - movaps %xmm13, 0xb0(%rsp) - movaps %xmm14, 0xc0(%rsp) - movaps %xmm15, 0xd0(%rsp) -.Lxts_enc_body: -___ -$code.=<<___; - mov %rsp, %rbp # backup %rsp - mov $arg1, $inp # backup arguments - mov $arg2, $out - mov $arg3, $len - mov $arg4, $key - - lea ($arg6), $arg1 - lea 0x20(%rbp), $arg2 - lea ($arg5), $arg3 - call asm_AES_encrypt # generate initial tweak - - mov 240($key), %eax # rounds - mov $len, %rbx # backup $len - - mov %eax, %edx # rounds - shl \$7, %rax # 128 bytes per inner round key - sub \$`128-32`, %rax # size of bit-sliced key schedule - sub %rax, %rsp - - mov %rsp, %rax # pass key schedule - mov $key, %rcx # pass key - mov %edx, %r10d # pass rounds - call _bsaes_key_convert - pxor %xmm6, %xmm7 # fix up last round key - movdqa %xmm7, (%rax) # save last round key - - and \$-16, $len - sub \$0x80, %rsp # place for tweak[8] - movdqa 0x20(%rbp), @XMM[7] # initial tweak - - pxor $twtmp, $twtmp - movdqa .Lxts_magic(%rip), $twmask - pcmpgtd @XMM[7], $twtmp # broadcast upper bits - - sub \$0x80, $len - jc .Lxts_enc_short - jmp .Lxts_enc_loop - -.align 16 -.Lxts_enc_loop: -___ - for ($i=0;$i<7;$i++) { - $code.=<<___; - pshufd \$0x13, $twtmp, $twres - pxor $twtmp, $twtmp - movdqa @XMM[7], @XMM[$i] - movdqa @XMM[7], `0x10*$i`(%rsp)# save tweak[$i] - paddq @XMM[7], @XMM[7] # psllq 1,$tweak - pand $twmask, $twres # isolate carry and residue - pcmpgtd @XMM[7], $twtmp # broadcast upper bits - pxor $twres, @XMM[7] -___ - $code.=<<___ if ($i>=1); - movdqu `0x10*($i-1)`($inp), @XMM[8+$i-1] -___ - $code.=<<___ if ($i>=2); - pxor @XMM[8+$i-2], @XMM[$i-2]# input[] ^ tweak[] -___ - } -$code.=<<___; - movdqu 0x60($inp), @XMM[8+6] - pxor @XMM[8+5], @XMM[5] - movdqu 0x70($inp), @XMM[8+7] - lea 0x80($inp), $inp - movdqa @XMM[7], 0x70(%rsp) - pxor @XMM[8+6], @XMM[6] - lea 0x80(%rsp), %rax # pass key schedule - pxor @XMM[8+7], @XMM[7] - mov %edx, %r10d # pass rounds - - call _bsaes_encrypt8 - - pxor 0x00(%rsp), @XMM[0] # ^= tweak[] - pxor 0x10(%rsp), @XMM[1] - movdqu @XMM[0], 0x00($out) # write output - pxor 0x20(%rsp), @XMM[4] - movdqu @XMM[1], 0x10($out) - pxor 0x30(%rsp), @XMM[6] - movdqu @XMM[4], 0x20($out) - pxor 0x40(%rsp), @XMM[3] - movdqu @XMM[6], 0x30($out) - pxor 0x50(%rsp), @XMM[7] - movdqu @XMM[3], 0x40($out) - pxor 0x60(%rsp), @XMM[2] - movdqu @XMM[7], 0x50($out) - pxor 0x70(%rsp), @XMM[5] - movdqu @XMM[2], 0x60($out) - movdqu @XMM[5], 0x70($out) - lea 0x80($out), $out - - movdqa 0x70(%rsp), @XMM[7] # prepare next iteration tweak - pxor $twtmp, $twtmp - movdqa .Lxts_magic(%rip), $twmask - pcmpgtd @XMM[7], $twtmp - pshufd \$0x13, $twtmp, $twres - pxor $twtmp, $twtmp - paddq @XMM[7], @XMM[7] # psllq 1,$tweak - pand $twmask, $twres # isolate carry and residue - pcmpgtd @XMM[7], $twtmp # broadcast upper bits - pxor $twres, @XMM[7] - - sub \$0x80,$len - jnc .Lxts_enc_loop - -.Lxts_enc_short: - add \$0x80, $len - jz .Lxts_enc_done -___ - for ($i=0;$i<7;$i++) { - $code.=<<___; - pshufd \$0x13, $twtmp, $twres - pxor $twtmp, $twtmp - movdqa @XMM[7], @XMM[$i] - movdqa @XMM[7], `0x10*$i`(%rsp)# save tweak[$i] - paddq @XMM[7], @XMM[7] # psllq 1,$tweak - pand $twmask, $twres # isolate carry and residue - pcmpgtd @XMM[7], $twtmp # broadcast upper bits - pxor $twres, @XMM[7] -___ - $code.=<<___ if ($i>=1); - movdqu `0x10*($i-1)`($inp), @XMM[8+$i-1] - cmp \$`0x10*$i`,$len - je .Lxts_enc_$i -___ - $code.=<<___ if ($i>=2); - pxor @XMM[8+$i-2], @XMM[$i-2]# input[] ^ tweak[] -___ - } -$code.=<<___; - movdqu 0x60($inp), @XMM[8+6] - pxor @XMM[8+5], @XMM[5] - movdqa @XMM[7], 0x70(%rsp) - lea 0x70($inp), $inp - pxor @XMM[8+6], @XMM[6] - lea 0x80(%rsp), %rax # pass key schedule - mov %edx, %r10d # pass rounds - - call _bsaes_encrypt8 - - pxor 0x00(%rsp), @XMM[0] # ^= tweak[] - pxor 0x10(%rsp), @XMM[1] - movdqu @XMM[0], 0x00($out) # write output - pxor 0x20(%rsp), @XMM[4] - movdqu @XMM[1], 0x10($out) - pxor 0x30(%rsp), @XMM[6] - movdqu @XMM[4], 0x20($out) - pxor 0x40(%rsp), @XMM[3] - movdqu @XMM[6], 0x30($out) - pxor 0x50(%rsp), @XMM[7] - movdqu @XMM[3], 0x40($out) - pxor 0x60(%rsp), @XMM[2] - movdqu @XMM[7], 0x50($out) - movdqu @XMM[2], 0x60($out) - lea 0x70($out), $out - - movdqa 0x70(%rsp), @XMM[7] # next iteration tweak - jmp .Lxts_enc_done -.align 16 -.Lxts_enc_6: - pxor @XMM[8+4], @XMM[4] - lea 0x60($inp), $inp - pxor @XMM[8+5], @XMM[5] - lea 0x80(%rsp), %rax # pass key schedule - mov %edx, %r10d # pass rounds - - call _bsaes_encrypt8 - - pxor 0x00(%rsp), @XMM[0] # ^= tweak[] - pxor 0x10(%rsp), @XMM[1] - movdqu @XMM[0], 0x00($out) # write output - pxor 0x20(%rsp), @XMM[4] - movdqu @XMM[1], 0x10($out) - pxor 0x30(%rsp), @XMM[6] - movdqu @XMM[4], 0x20($out) - pxor 0x40(%rsp), @XMM[3] - movdqu @XMM[6], 0x30($out) - pxor 0x50(%rsp), @XMM[7] - movdqu @XMM[3], 0x40($out) - movdqu @XMM[7], 0x50($out) - lea 0x60($out), $out - - movdqa 0x60(%rsp), @XMM[7] # next iteration tweak - jmp .Lxts_enc_done -.align 16 -.Lxts_enc_5: - pxor @XMM[8+3], @XMM[3] - lea 0x50($inp), $inp - pxor @XMM[8+4], @XMM[4] - lea 0x80(%rsp), %rax # pass key schedule - mov %edx, %r10d # pass rounds - - call _bsaes_encrypt8 - - pxor 0x00(%rsp), @XMM[0] # ^= tweak[] - pxor 0x10(%rsp), @XMM[1] - movdqu @XMM[0], 0x00($out) # write output - pxor 0x20(%rsp), @XMM[4] - movdqu @XMM[1], 0x10($out) - pxor 0x30(%rsp), @XMM[6] - movdqu @XMM[4], 0x20($out) - pxor 0x40(%rsp), @XMM[3] - movdqu @XMM[6], 0x30($out) - movdqu @XMM[3], 0x40($out) - lea 0x50($out), $out - - movdqa 0x50(%rsp), @XMM[7] # next iteration tweak - jmp .Lxts_enc_done -.align 16 -.Lxts_enc_4: - pxor @XMM[8+2], @XMM[2] - lea 0x40($inp), $inp - pxor @XMM[8+3], @XMM[3] - lea 0x80(%rsp), %rax # pass key schedule - mov %edx, %r10d # pass rounds - - call _bsaes_encrypt8 - - pxor 0x00(%rsp), @XMM[0] # ^= tweak[] - pxor 0x10(%rsp), @XMM[1] - movdqu @XMM[0], 0x00($out) # write output - pxor 0x20(%rsp), @XMM[4] - movdqu @XMM[1], 0x10($out) - pxor 0x30(%rsp), @XMM[6] - movdqu @XMM[4], 0x20($out) - movdqu @XMM[6], 0x30($out) - lea 0x40($out), $out - - movdqa 0x40(%rsp), @XMM[7] # next iteration tweak - jmp .Lxts_enc_done -.align 16 -.Lxts_enc_3: - pxor @XMM[8+1], @XMM[1] - lea 0x30($inp), $inp - pxor @XMM[8+2], @XMM[2] - lea 0x80(%rsp), %rax # pass key schedule - mov %edx, %r10d # pass rounds - - call _bsaes_encrypt8 - - pxor 0x00(%rsp), @XMM[0] # ^= tweak[] - pxor 0x10(%rsp), @XMM[1] - movdqu @XMM[0], 0x00($out) # write output - pxor 0x20(%rsp), @XMM[4] - movdqu @XMM[1], 0x10($out) - movdqu @XMM[4], 0x20($out) - lea 0x30($out), $out - - movdqa 0x30(%rsp), @XMM[7] # next iteration tweak - jmp .Lxts_enc_done -.align 16 -.Lxts_enc_2: - pxor @XMM[8+0], @XMM[0] - lea 0x20($inp), $inp - pxor @XMM[8+1], @XMM[1] - lea 0x80(%rsp), %rax # pass key schedule - mov %edx, %r10d # pass rounds - - call _bsaes_encrypt8 - - pxor 0x00(%rsp), @XMM[0] # ^= tweak[] - pxor 0x10(%rsp), @XMM[1] - movdqu @XMM[0], 0x00($out) # write output - movdqu @XMM[1], 0x10($out) - lea 0x20($out), $out - - movdqa 0x20(%rsp), @XMM[7] # next iteration tweak - jmp .Lxts_enc_done -.align 16 -.Lxts_enc_1: - pxor @XMM[0], @XMM[8] - lea 0x10($inp), $inp - movdqa @XMM[8], 0x20(%rbp) - lea 0x20(%rbp), $arg1 - lea 0x20(%rbp), $arg2 - lea ($key), $arg3 - call asm_AES_encrypt # doesn't touch %xmm - pxor 0x20(%rbp), @XMM[0] # ^= tweak[] - #pxor @XMM[8], @XMM[0] - #lea 0x80(%rsp), %rax # pass key schedule - #mov %edx, %r10d # pass rounds - #call _bsaes_encrypt8 - #pxor 0x00(%rsp), @XMM[0] # ^= tweak[] - movdqu @XMM[0], 0x00($out) # write output - lea 0x10($out), $out - - movdqa 0x10(%rsp), @XMM[7] # next iteration tweak - -.Lxts_enc_done: - and \$15, %ebx - jz .Lxts_enc_ret - mov $out, %rdx - -.Lxts_enc_steal: - movzb ($inp), %eax - movzb -16(%rdx), %ecx - lea 1($inp), $inp - mov %al, -16(%rdx) - mov %cl, 0(%rdx) - lea 1(%rdx), %rdx - sub \$1,%ebx - jnz .Lxts_enc_steal - - movdqu -16($out), @XMM[0] - lea 0x20(%rbp), $arg1 - pxor @XMM[7], @XMM[0] - lea 0x20(%rbp), $arg2 - movdqa @XMM[0], 0x20(%rbp) - lea ($key), $arg3 - call asm_AES_encrypt # doesn't touch %xmm - pxor 0x20(%rbp), @XMM[7] - movdqu @XMM[7], -16($out) - -.Lxts_enc_ret: - lea (%rsp), %rax - pxor %xmm0, %xmm0 -.Lxts_enc_bzero: # wipe key schedule [if any] - movdqa %xmm0, 0x00(%rax) - movdqa %xmm0, 0x10(%rax) - lea 0x20(%rax), %rax - cmp %rax, %rbp - ja .Lxts_enc_bzero - - lea (%rbp),%rsp # restore %rsp -___ -$code.=<<___ if ($win64); - movaps 0x40(%rbp), %xmm6 - movaps 0x50(%rbp), %xmm7 - movaps 0x60(%rbp), %xmm8 - movaps 0x70(%rbp), %xmm9 - movaps 0x80(%rbp), %xmm10 - movaps 0x90(%rbp), %xmm11 - movaps 0xa0(%rbp), %xmm12 - movaps 0xb0(%rbp), %xmm13 - movaps 0xc0(%rbp), %xmm14 - movaps 0xd0(%rbp), %xmm15 - lea 0xa0(%rbp), %rsp -___ -$code.=<<___; - mov 0x48(%rsp), %r15 - mov 0x50(%rsp), %r14 - mov 0x58(%rsp), %r13 - mov 0x60(%rsp), %r12 - mov 0x68(%rsp), %rbx - mov 0x70(%rsp), %rax - lea 0x78(%rsp), %rsp - mov %rax, %rbp -.Lxts_enc_epilogue: - ret -.size bsaes_xts_encrypt,.-bsaes_xts_encrypt - -.globl bsaes_xts_decrypt -.type bsaes_xts_decrypt,\@abi-omnipotent -.align 16 -bsaes_xts_decrypt: - _CET_ENDBR - mov %rsp, %rax -.Lxts_dec_prologue: - push %rbp - push %rbx - push %r12 - push %r13 - push %r14 - push %r15 - lea -0x48(%rsp), %rsp -___ -$code.=<<___ if ($win64); - mov 0xa0(%rsp),$arg5 # pull key2 - mov 0xa8(%rsp),$arg6 # pull ivp - lea -0xa0(%rsp), %rsp - movaps %xmm6, 0x40(%rsp) - movaps %xmm7, 0x50(%rsp) - movaps %xmm8, 0x60(%rsp) - movaps %xmm9, 0x70(%rsp) - movaps %xmm10, 0x80(%rsp) - movaps %xmm11, 0x90(%rsp) - movaps %xmm12, 0xa0(%rsp) - movaps %xmm13, 0xb0(%rsp) - movaps %xmm14, 0xc0(%rsp) - movaps %xmm15, 0xd0(%rsp) -.Lxts_dec_body: -___ -$code.=<<___; - mov %rsp, %rbp # backup %rsp - mov $arg1, $inp # backup arguments - mov $arg2, $out - mov $arg3, $len - mov $arg4, $key - - lea ($arg6), $arg1 - lea 0x20(%rbp), $arg2 - lea ($arg5), $arg3 - call asm_AES_encrypt # generate initial tweak - - mov 240($key), %eax # rounds - mov $len, %rbx # backup $len - - mov %eax, %edx # rounds - shl \$7, %rax # 128 bytes per inner round key - sub \$`128-32`, %rax # size of bit-sliced key schedule - sub %rax, %rsp - - mov %rsp, %rax # pass key schedule - mov $key, %rcx # pass key - mov %edx, %r10d # pass rounds - call _bsaes_key_convert - pxor (%rsp), %xmm7 # fix up round 0 key - movdqa %xmm6, (%rax) # save last round key - movdqa %xmm7, (%rsp) - - xor %eax, %eax # if ($len%16) len-=16; - and \$-16, $len - test \$15, %ebx - setnz %al - shl \$4, %rax - sub %rax, $len - - sub \$0x80, %rsp # place for tweak[8] - movdqa 0x20(%rbp), @XMM[7] # initial tweak - - pxor $twtmp, $twtmp - movdqa .Lxts_magic(%rip), $twmask - pcmpgtd @XMM[7], $twtmp # broadcast upper bits - - sub \$0x80, $len - jc .Lxts_dec_short - jmp .Lxts_dec_loop - -.align 16 -.Lxts_dec_loop: -___ - for ($i=0;$i<7;$i++) { - $code.=<<___; - pshufd \$0x13, $twtmp, $twres - pxor $twtmp, $twtmp - movdqa @XMM[7], @XMM[$i] - movdqa @XMM[7], `0x10*$i`(%rsp)# save tweak[$i] - paddq @XMM[7], @XMM[7] # psllq 1,$tweak - pand $twmask, $twres # isolate carry and residue - pcmpgtd @XMM[7], $twtmp # broadcast upper bits - pxor $twres, @XMM[7] -___ - $code.=<<___ if ($i>=1); - movdqu `0x10*($i-1)`($inp), @XMM[8+$i-1] -___ - $code.=<<___ if ($i>=2); - pxor @XMM[8+$i-2], @XMM[$i-2]# input[] ^ tweak[] -___ - } -$code.=<<___; - movdqu 0x60($inp), @XMM[8+6] - pxor @XMM[8+5], @XMM[5] - movdqu 0x70($inp), @XMM[8+7] - lea 0x80($inp), $inp - movdqa @XMM[7], 0x70(%rsp) - pxor @XMM[8+6], @XMM[6] - lea 0x80(%rsp), %rax # pass key schedule - pxor @XMM[8+7], @XMM[7] - mov %edx, %r10d # pass rounds - - call _bsaes_decrypt8 - - pxor 0x00(%rsp), @XMM[0] # ^= tweak[] - pxor 0x10(%rsp), @XMM[1] - movdqu @XMM[0], 0x00($out) # write output - pxor 0x20(%rsp), @XMM[6] - movdqu @XMM[1], 0x10($out) - pxor 0x30(%rsp), @XMM[4] - movdqu @XMM[6], 0x20($out) - pxor 0x40(%rsp), @XMM[2] - movdqu @XMM[4], 0x30($out) - pxor 0x50(%rsp), @XMM[7] - movdqu @XMM[2], 0x40($out) - pxor 0x60(%rsp), @XMM[3] - movdqu @XMM[7], 0x50($out) - pxor 0x70(%rsp), @XMM[5] - movdqu @XMM[3], 0x60($out) - movdqu @XMM[5], 0x70($out) - lea 0x80($out), $out - - movdqa 0x70(%rsp), @XMM[7] # prepare next iteration tweak - pxor $twtmp, $twtmp - movdqa .Lxts_magic(%rip), $twmask - pcmpgtd @XMM[7], $twtmp - pshufd \$0x13, $twtmp, $twres - pxor $twtmp, $twtmp - paddq @XMM[7], @XMM[7] # psllq 1,$tweak - pand $twmask, $twres # isolate carry and residue - pcmpgtd @XMM[7], $twtmp # broadcast upper bits - pxor $twres, @XMM[7] - - sub \$0x80,$len - jnc .Lxts_dec_loop - -.Lxts_dec_short: - add \$0x80, $len - jz .Lxts_dec_done -___ - for ($i=0;$i<7;$i++) { - $code.=<<___; - pshufd \$0x13, $twtmp, $twres - pxor $twtmp, $twtmp - movdqa @XMM[7], @XMM[$i] - movdqa @XMM[7], `0x10*$i`(%rsp)# save tweak[$i] - paddq @XMM[7], @XMM[7] # psllq 1,$tweak - pand $twmask, $twres # isolate carry and residue - pcmpgtd @XMM[7], $twtmp # broadcast upper bits - pxor $twres, @XMM[7] -___ - $code.=<<___ if ($i>=1); - movdqu `0x10*($i-1)`($inp), @XMM[8+$i-1] - cmp \$`0x10*$i`,$len - je .Lxts_dec_$i -___ - $code.=<<___ if ($i>=2); - pxor @XMM[8+$i-2], @XMM[$i-2]# input[] ^ tweak[] -___ - } -$code.=<<___; - movdqu 0x60($inp), @XMM[8+6] - pxor @XMM[8+5], @XMM[5] - movdqa @XMM[7], 0x70(%rsp) - lea 0x70($inp), $inp - pxor @XMM[8+6], @XMM[6] - lea 0x80(%rsp), %rax # pass key schedule - mov %edx, %r10d # pass rounds - - call _bsaes_decrypt8 - - pxor 0x00(%rsp), @XMM[0] # ^= tweak[] - pxor 0x10(%rsp), @XMM[1] - movdqu @XMM[0], 0x00($out) # write output - pxor 0x20(%rsp), @XMM[6] - movdqu @XMM[1], 0x10($out) - pxor 0x30(%rsp), @XMM[4] - movdqu @XMM[6], 0x20($out) - pxor 0x40(%rsp), @XMM[2] - movdqu @XMM[4], 0x30($out) - pxor 0x50(%rsp), @XMM[7] - movdqu @XMM[2], 0x40($out) - pxor 0x60(%rsp), @XMM[3] - movdqu @XMM[7], 0x50($out) - movdqu @XMM[3], 0x60($out) - lea 0x70($out), $out - - movdqa 0x70(%rsp), @XMM[7] # next iteration tweak - jmp .Lxts_dec_done -.align 16 -.Lxts_dec_6: - pxor @XMM[8+4], @XMM[4] - lea 0x60($inp), $inp - pxor @XMM[8+5], @XMM[5] - lea 0x80(%rsp), %rax # pass key schedule - mov %edx, %r10d # pass rounds - - call _bsaes_decrypt8 - - pxor 0x00(%rsp), @XMM[0] # ^= tweak[] - pxor 0x10(%rsp), @XMM[1] - movdqu @XMM[0], 0x00($out) # write output - pxor 0x20(%rsp), @XMM[6] - movdqu @XMM[1], 0x10($out) - pxor 0x30(%rsp), @XMM[4] - movdqu @XMM[6], 0x20($out) - pxor 0x40(%rsp), @XMM[2] - movdqu @XMM[4], 0x30($out) - pxor 0x50(%rsp), @XMM[7] - movdqu @XMM[2], 0x40($out) - movdqu @XMM[7], 0x50($out) - lea 0x60($out), $out - - movdqa 0x60(%rsp), @XMM[7] # next iteration tweak - jmp .Lxts_dec_done -.align 16 -.Lxts_dec_5: - pxor @XMM[8+3], @XMM[3] - lea 0x50($inp), $inp - pxor @XMM[8+4], @XMM[4] - lea 0x80(%rsp), %rax # pass key schedule - mov %edx, %r10d # pass rounds - - call _bsaes_decrypt8 - - pxor 0x00(%rsp), @XMM[0] # ^= tweak[] - pxor 0x10(%rsp), @XMM[1] - movdqu @XMM[0], 0x00($out) # write output - pxor 0x20(%rsp), @XMM[6] - movdqu @XMM[1], 0x10($out) - pxor 0x30(%rsp), @XMM[4] - movdqu @XMM[6], 0x20($out) - pxor 0x40(%rsp), @XMM[2] - movdqu @XMM[4], 0x30($out) - movdqu @XMM[2], 0x40($out) - lea 0x50($out), $out - - movdqa 0x50(%rsp), @XMM[7] # next iteration tweak - jmp .Lxts_dec_done -.align 16 -.Lxts_dec_4: - pxor @XMM[8+2], @XMM[2] - lea 0x40($inp), $inp - pxor @XMM[8+3], @XMM[3] - lea 0x80(%rsp), %rax # pass key schedule - mov %edx, %r10d # pass rounds - - call _bsaes_decrypt8 - - pxor 0x00(%rsp), @XMM[0] # ^= tweak[] - pxor 0x10(%rsp), @XMM[1] - movdqu @XMM[0], 0x00($out) # write output - pxor 0x20(%rsp), @XMM[6] - movdqu @XMM[1], 0x10($out) - pxor 0x30(%rsp), @XMM[4] - movdqu @XMM[6], 0x20($out) - movdqu @XMM[4], 0x30($out) - lea 0x40($out), $out - - movdqa 0x40(%rsp), @XMM[7] # next iteration tweak - jmp .Lxts_dec_done -.align 16 -.Lxts_dec_3: - pxor @XMM[8+1], @XMM[1] - lea 0x30($inp), $inp - pxor @XMM[8+2], @XMM[2] - lea 0x80(%rsp), %rax # pass key schedule - mov %edx, %r10d # pass rounds - - call _bsaes_decrypt8 - - pxor 0x00(%rsp), @XMM[0] # ^= tweak[] - pxor 0x10(%rsp), @XMM[1] - movdqu @XMM[0], 0x00($out) # write output - pxor 0x20(%rsp), @XMM[6] - movdqu @XMM[1], 0x10($out) - movdqu @XMM[6], 0x20($out) - lea 0x30($out), $out - - movdqa 0x30(%rsp), @XMM[7] # next iteration tweak - jmp .Lxts_dec_done -.align 16 -.Lxts_dec_2: - pxor @XMM[8+0], @XMM[0] - lea 0x20($inp), $inp - pxor @XMM[8+1], @XMM[1] - lea 0x80(%rsp), %rax # pass key schedule - mov %edx, %r10d # pass rounds - - call _bsaes_decrypt8 - - pxor 0x00(%rsp), @XMM[0] # ^= tweak[] - pxor 0x10(%rsp), @XMM[1] - movdqu @XMM[0], 0x00($out) # write output - movdqu @XMM[1], 0x10($out) - lea 0x20($out), $out - - movdqa 0x20(%rsp), @XMM[7] # next iteration tweak - jmp .Lxts_dec_done -.align 16 -.Lxts_dec_1: - pxor @XMM[0], @XMM[8] - lea 0x10($inp), $inp - movdqa @XMM[8], 0x20(%rbp) - lea 0x20(%rbp), $arg1 - lea 0x20(%rbp), $arg2 - lea ($key), $arg3 - call asm_AES_decrypt # doesn't touch %xmm - pxor 0x20(%rbp), @XMM[0] # ^= tweak[] - #pxor @XMM[8], @XMM[0] - #lea 0x80(%rsp), %rax # pass key schedule - #mov %edx, %r10d # pass rounds - #call _bsaes_decrypt8 - #pxor 0x00(%rsp), @XMM[0] # ^= tweak[] - movdqu @XMM[0], 0x00($out) # write output - lea 0x10($out), $out - - movdqa 0x10(%rsp), @XMM[7] # next iteration tweak - -.Lxts_dec_done: - and \$15, %ebx - jz .Lxts_dec_ret - - pxor $twtmp, $twtmp - movdqa .Lxts_magic(%rip), $twmask - pcmpgtd @XMM[7], $twtmp - pshufd \$0x13, $twtmp, $twres - movdqa @XMM[7], @XMM[6] - paddq @XMM[7], @XMM[7] # psllq 1,$tweak - pand $twmask, $twres # isolate carry and residue - movdqu ($inp), @XMM[0] - pxor $twres, @XMM[7] - - lea 0x20(%rbp), $arg1 - pxor @XMM[7], @XMM[0] - lea 0x20(%rbp), $arg2 - movdqa @XMM[0], 0x20(%rbp) - lea ($key), $arg3 - call asm_AES_decrypt # doesn't touch %xmm - pxor 0x20(%rbp), @XMM[7] - mov $out, %rdx - movdqu @XMM[7], ($out) - -.Lxts_dec_steal: - movzb 16($inp), %eax - movzb (%rdx), %ecx - lea 1($inp), $inp - mov %al, (%rdx) - mov %cl, 16(%rdx) - lea 1(%rdx), %rdx - sub \$1,%ebx - jnz .Lxts_dec_steal - - movdqu ($out), @XMM[0] - lea 0x20(%rbp), $arg1 - pxor @XMM[6], @XMM[0] - lea 0x20(%rbp), $arg2 - movdqa @XMM[0], 0x20(%rbp) - lea ($key), $arg3 - call asm_AES_decrypt # doesn't touch %xmm - pxor 0x20(%rbp), @XMM[6] - movdqu @XMM[6], ($out) - -.Lxts_dec_ret: - lea (%rsp), %rax - pxor %xmm0, %xmm0 -.Lxts_dec_bzero: # wipe key schedule [if any] - movdqa %xmm0, 0x00(%rax) - movdqa %xmm0, 0x10(%rax) - lea 0x20(%rax), %rax - cmp %rax, %rbp - ja .Lxts_dec_bzero - - lea (%rbp),%rsp # restore %rsp -___ -$code.=<<___ if ($win64); - movaps 0x40(%rbp), %xmm6 - movaps 0x50(%rbp), %xmm7 - movaps 0x60(%rbp), %xmm8 - movaps 0x70(%rbp), %xmm9 - movaps 0x80(%rbp), %xmm10 - movaps 0x90(%rbp), %xmm11 - movaps 0xa0(%rbp), %xmm12 - movaps 0xb0(%rbp), %xmm13 - movaps 0xc0(%rbp), %xmm14 - movaps 0xd0(%rbp), %xmm15 - lea 0xa0(%rbp), %rsp -___ -$code.=<<___; - mov 0x48(%rsp), %r15 - mov 0x50(%rsp), %r14 - mov 0x58(%rsp), %r13 - mov 0x60(%rsp), %r12 - mov 0x68(%rsp), %rbx - mov 0x70(%rsp), %rax - lea 0x78(%rsp), %rsp - mov %rax, %rbp -.Lxts_dec_epilogue: - ret -.size bsaes_xts_decrypt,.-bsaes_xts_decrypt -___ -} -$code.=<<___; -.section .rodata -.type _bsaes_const,\@object -.align 64 -_bsaes_const: -.LM0ISR: # InvShiftRows constants - .quad 0x0a0e0206070b0f03, 0x0004080c0d010509 -.LISRM0: - .quad 0x01040b0e0205080f, 0x0306090c00070a0d -.LISR: - .quad 0x0504070602010003, 0x0f0e0d0c080b0a09 -.LBS0: # bit-slice constants - .quad 0x5555555555555555, 0x5555555555555555 -.LBS1: - .quad 0x3333333333333333, 0x3333333333333333 -.LBS2: - .quad 0x0f0f0f0f0f0f0f0f, 0x0f0f0f0f0f0f0f0f -.LSR: # shiftrows constants - .quad 0x0504070600030201, 0x0f0e0d0c0a09080b -.LSRM0: - .quad 0x0304090e00050a0f, 0x01060b0c0207080d -.LM0SR: - .quad 0x0a0e02060f03070b, 0x0004080c05090d01 -.LSWPUP: # byte-swap upper dword - .quad 0x0706050403020100, 0x0c0d0e0f0b0a0908 -.LSWPUPM0SR: - .quad 0x0a0d02060c03070b, 0x0004080f05090e01 -.LADD1: # counter increment constants - .quad 0x0000000000000000, 0x0000000100000000 -.LADD2: - .quad 0x0000000000000000, 0x0000000200000000 -.LADD3: - .quad 0x0000000000000000, 0x0000000300000000 -.LADD4: - .quad 0x0000000000000000, 0x0000000400000000 -.LADD5: - .quad 0x0000000000000000, 0x0000000500000000 -.LADD6: - .quad 0x0000000000000000, 0x0000000600000000 -.LADD7: - .quad 0x0000000000000000, 0x0000000700000000 -.LADD8: - .quad 0x0000000000000000, 0x0000000800000000 -.Lxts_magic: - .long 0x87,0,1,0 -.Lmasks: - .quad 0x0101010101010101, 0x0101010101010101 - .quad 0x0202020202020202, 0x0202020202020202 - .quad 0x0404040404040404, 0x0404040404040404 - .quad 0x0808080808080808, 0x0808080808080808 -.LM0: - .quad 0x02060a0e03070b0f, 0x0004080c0105090d -.L63: - .quad 0x6363636363636363, 0x6363636363636363 -.align 64 -.size _bsaes_const,.-_bsaes_const -.text -___ - -# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame, -# CONTEXT *context,DISPATCHER_CONTEXT *disp) -if ($win64) { -$rec="%rcx"; -$frame="%rdx"; -$context="%r8"; -$disp="%r9"; - -$code.=<<___; -.extern __imp_RtlVirtualUnwind -.type se_handler,\@abi-omnipotent -.align 16 -se_handler: - _CET_ENDBR - push %rsi - push %rdi - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - pushfq - sub \$64,%rsp - - mov 120($context),%rax # pull context->Rax - mov 248($context),%rbx # pull context->Rip - - mov 8($disp),%rsi # disp->ImageBase - mov 56($disp),%r11 # disp->HandlerData - - mov 0(%r11),%r10d # HandlerData[0] - lea (%rsi,%r10),%r10 # prologue label - cmp %r10,%rbx # context->RipRsp - - mov 4(%r11),%r10d # HandlerData[1] - lea (%rsi,%r10),%r10 # epilogue label - cmp %r10,%rbx # context->Rip>=epilogue label - jae .Lin_prologue - - mov 160($context),%rax # pull context->Rbp - - lea 0x40(%rax),%rsi # %xmm save area - lea 512($context),%rdi # &context.Xmm6 - mov \$20,%ecx # 10*sizeof(%xmm0)/sizeof(%rax) - .long 0xa548f3fc # cld; rep movsq - lea 0xa0(%rax),%rax # adjust stack pointer - - mov 0x70(%rax),%rbp - mov 0x68(%rax),%rbx - mov 0x60(%rax),%r12 - mov 0x58(%rax),%r13 - mov 0x50(%rax),%r14 - mov 0x48(%rax),%r15 - lea 0x78(%rax),%rax # adjust stack pointer - mov %rbx,144($context) # restore context->Rbx - mov %rbp,160($context) # restore context->Rbp - mov %r12,216($context) # restore context->R12 - mov %r13,224($context) # restore context->R13 - mov %r14,232($context) # restore context->R14 - mov %r15,240($context) # restore context->R15 - -.Lin_prologue: - mov %rax,152($context) # restore context->Rsp - - mov 40($disp),%rdi # disp->ContextRecord - mov $context,%rsi # context - mov \$`1232/8`,%ecx # sizeof(CONTEXT) - .long 0xa548f3fc # cld; rep movsq - - mov $disp,%rsi - xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER - mov 8(%rsi),%rdx # arg2, disp->ImageBase - mov 0(%rsi),%r8 # arg3, disp->ControlPc - mov 16(%rsi),%r9 # arg4, disp->FunctionEntry - mov 40(%rsi),%r10 # disp->ContextRecord - lea 56(%rsi),%r11 # &disp->HandlerData - lea 24(%rsi),%r12 # &disp->EstablisherFrame - mov %r10,32(%rsp) # arg5 - mov %r11,40(%rsp) # arg6 - mov %r12,48(%rsp) # arg7 - mov %rcx,56(%rsp) # arg8, (NULL) - call *__imp_RtlVirtualUnwind(%rip) - - mov \$1,%eax # ExceptionContinueSearch - add \$64,%rsp - popfq - pop %r15 - pop %r14 - pop %r13 - pop %r12 - pop %rbp - pop %rbx - pop %rdi - pop %rsi - ret -.size se_handler,.-se_handler - -.section .pdata -.align 4 -___ -$code.=<<___ if ($ecb); - .rva .Lecb_enc_prologue - .rva .Lecb_enc_epilogue - .rva .Lecb_enc_info - - .rva .Lecb_dec_prologue - .rva .Lecb_dec_epilogue - .rva .Lecb_dec_info -___ -$code.=<<___; - .rva .Lcbc_dec_prologue - .rva .Lcbc_dec_epilogue - .rva .Lcbc_dec_info - - .rva .Lctr_enc_prologue - .rva .Lctr_enc_epilogue - .rva .Lctr_enc_info - - .rva .Lxts_enc_prologue - .rva .Lxts_enc_epilogue - .rva .Lxts_enc_info - - .rva .Lxts_dec_prologue - .rva .Lxts_dec_epilogue - .rva .Lxts_dec_info - -.section .xdata -.align 8 -___ -$code.=<<___ if ($ecb); -.Lecb_enc_info: - .byte 9,0,0,0 - .rva se_handler - .rva .Lecb_enc_body,.Lecb_enc_epilogue # HandlerData[] -.Lecb_dec_info: - .byte 9,0,0,0 - .rva se_handler - .rva .Lecb_dec_body,.Lecb_dec_epilogue # HandlerData[] -___ -$code.=<<___; -.Lcbc_dec_info: - .byte 9,0,0,0 - .rva se_handler - .rva .Lcbc_dec_body,.Lcbc_dec_epilogue # HandlerData[] -.Lctr_enc_info: - .byte 9,0,0,0 - .rva se_handler - .rva .Lctr_enc_body,.Lctr_enc_epilogue # HandlerData[] -.Lxts_enc_info: - .byte 9,0,0,0 - .rva se_handler - .rva .Lxts_enc_body,.Lxts_enc_epilogue # HandlerData[] -.Lxts_dec_info: - .byte 9,0,0,0 - .rva se_handler - .rva .Lxts_dec_body,.Lxts_dec_epilogue # HandlerData[] -___ -} - -$code =~ s/\`([^\`]*)\`/eval($1)/gem; - -print $code; - -close STDOUT; diff --git a/src/lib/libcrypto/aes/asm/vpaes-x86.pl b/src/lib/libcrypto/aes/asm/vpaes-x86.pl deleted file mode 100644 index 6e7bd36d05..0000000000 --- a/src/lib/libcrypto/aes/asm/vpaes-x86.pl +++ /dev/null @@ -1,911 +0,0 @@ -#!/usr/bin/env perl - -###################################################################### -## Constant-time SSSE3 AES core implementation. -## version 0.1 -## -## By Mike Hamburg (Stanford University), 2009 -## Public domain. -## -## For details see http://shiftleft.org/papers/vector_aes/ and -## http://crypto.stanford.edu/vpaes/. - -###################################################################### -# September 2011. -# -# Port vpaes-x86_64.pl as 32-bit "almost" drop-in replacement for -# aes-586.pl. "Almost" refers to the fact that AES_cbc_encrypt -# doesn't handle partial vectors (doesn't have to if called from -# EVP only). "Drop-in" implies that this module doesn't share key -# schedule structure with the original nor does it make assumption -# about its alignment... -# -# Performance summary. aes-586.pl column lists large-block CBC -# encrypt/decrypt/with-hyper-threading-off(*) results in cycles per -# byte processed with 128-bit key, and vpaes-x86.pl column - [also -# large-block CBC] encrypt/decrypt. -# -# aes-586.pl vpaes-x86.pl -# -# Core 2(**) 29.1/42.3/18.3 22.0/25.6(***) -# Nehalem 27.9/40.4/18.1 10.3/12.0 -# Atom 102./119./60.1 64.5/85.3(***) -# -# (*) "Hyper-threading" in the context refers rather to cache shared -# among multiple cores, than to specifically Intel HTT. As vast -# majority of contemporary cores share cache, slower code path -# is common place. In other words "with-hyper-threading-off" -# results are presented mostly for reference purposes. -# -# (**) "Core 2" refers to initial 65nm design, a.k.a. Conroe. -# -# (***) Less impressive improvement on Core 2 and Atom is due to slow -# pshufb, yet it's respectable +32%/65% improvement on Core 2 -# and +58%/40% on Atom (as implied, over "hyper-threading-safe" -# code path). -# -# - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -push(@INC,"${dir}","${dir}../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],"vpaes-x86.pl",$x86only = $ARGV[$#ARGV] eq "386"); - -$PREFIX="vpaes"; - -my ($round, $base, $magic, $key, $const, $inp, $out)= - ("eax", "ebx", "ecx", "edx","ebp", "esi","edi"); - - &rodataseg(); -&static_label("_vpaes_consts"); -&static_label("_vpaes_schedule_low_round"); - -&set_label("_vpaes_consts",64); -$k_inv=-0x30; # inv, inva - &data_word(0x0D080180,0x0E05060F,0x0A0B0C02,0x04070309); - &data_word(0x0F0B0780,0x01040A06,0x02050809,0x030D0E0C); - -$k_s0F=-0x10; # s0F - &data_word(0x0F0F0F0F,0x0F0F0F0F,0x0F0F0F0F,0x0F0F0F0F); - -$k_ipt=0x00; # input transform (lo, hi) - &data_word(0x5A2A7000,0xC2B2E898,0x52227808,0xCABAE090); - &data_word(0x317C4D00,0x4C01307D,0xB0FDCC81,0xCD80B1FC); - -$k_sb1=0x20; # sb1u, sb1t - &data_word(0xCB503E00,0xB19BE18F,0x142AF544,0xA5DF7A6E); - &data_word(0xFAE22300,0x3618D415,0x0D2ED9EF,0x3BF7CCC1); -$k_sb2=0x40; # sb2u, sb2t - &data_word(0x0B712400,0xE27A93C6,0xBC982FCD,0x5EB7E955); - &data_word(0x0AE12900,0x69EB8840,0xAB82234A,0xC2A163C8); -$k_sbo=0x60; # sbou, sbot - &data_word(0x6FBDC700,0xD0D26D17,0xC502A878,0x15AABF7A); - &data_word(0x5FBB6A00,0xCFE474A5,0x412B35FA,0x8E1E90D1); - -$k_mc_forward=0x80; # mc_forward - &data_word(0x00030201,0x04070605,0x080B0A09,0x0C0F0E0D); - &data_word(0x04070605,0x080B0A09,0x0C0F0E0D,0x00030201); - &data_word(0x080B0A09,0x0C0F0E0D,0x00030201,0x04070605); - &data_word(0x0C0F0E0D,0x00030201,0x04070605,0x080B0A09); - -$k_mc_backward=0xc0; # mc_backward - &data_word(0x02010003,0x06050407,0x0A09080B,0x0E0D0C0F); - &data_word(0x0E0D0C0F,0x02010003,0x06050407,0x0A09080B); - &data_word(0x0A09080B,0x0E0D0C0F,0x02010003,0x06050407); - &data_word(0x06050407,0x0A09080B,0x0E0D0C0F,0x02010003); - -$k_sr=0x100; # sr - &data_word(0x03020100,0x07060504,0x0B0A0908,0x0F0E0D0C); - &data_word(0x0F0A0500,0x030E0904,0x07020D08,0x0B06010C); - &data_word(0x0B020900,0x0F060D04,0x030A0108,0x070E050C); - &data_word(0x070A0D00,0x0B0E0104,0x0F020508,0x0306090C); - -$k_rcon=0x140; # rcon - &data_word(0xAF9DEEB6,0x1F8391B9,0x4D7C7D81,0x702A9808); - -$k_s63=0x150; # s63: all equal to 0x63 transformed - &data_word(0x5B5B5B5B,0x5B5B5B5B,0x5B5B5B5B,0x5B5B5B5B); - -$k_opt=0x160; # output transform - &data_word(0xD6B66000,0xFF9F4929,0xDEBE6808,0xF7974121); - &data_word(0x50BCEC00,0x01EDBD51,0xB05C0CE0,0xE10D5DB1); - -$k_deskew=0x180; # deskew tables: inverts the sbox's "skew" - &data_word(0x47A4E300,0x07E4A340,0x5DBEF91A,0x1DFEB95A); - &data_word(0x83EA6900,0x5F36B5DC,0xF49D1E77,0x2841C2AB); -## -## Decryption stuff -## Key schedule constants -## -$k_dksd=0x1a0; # decryption key schedule: invskew x*D - &data_word(0xA3E44700,0xFEB91A5D,0x5A1DBEF9,0x0740E3A4); - &data_word(0xB5368300,0x41C277F4,0xAB289D1E,0x5FDC69EA); -$k_dksb=0x1c0; # decryption key schedule: invskew x*B - &data_word(0x8550D500,0x9A4FCA1F,0x1CC94C99,0x03D65386); - &data_word(0xB6FC4A00,0x115BEDA7,0x7E3482C8,0xD993256F); -$k_dkse=0x1e0; # decryption key schedule: invskew x*E + 0x63 - &data_word(0x1FC9D600,0xD5031CCA,0x994F5086,0x53859A4C); - &data_word(0x4FDC7BE8,0xA2319605,0x20B31487,0xCD5EF96A); -$k_dks9=0x200; # decryption key schedule: invskew x*9 - &data_word(0x7ED9A700,0xB6116FC8,0x82255BFC,0x4AED9334); - &data_word(0x27143300,0x45765162,0xE9DAFDCE,0x8BB89FAC); - -## -## Decryption stuff -## Round function constants -## -$k_dipt=0x220; # decryption input transform - &data_word(0x0B545F00,0x0F505B04,0x114E451A,0x154A411E); - &data_word(0x60056500,0x86E383E6,0xF491F194,0x12771772); - -$k_dsb9=0x240; # decryption sbox output *9*u, *9*t - &data_word(0x9A86D600,0x851C0353,0x4F994CC9,0xCAD51F50); - &data_word(0xECD74900,0xC03B1789,0xB2FBA565,0x725E2C9E); -$k_dsbd=0x260; # decryption sbox output *D*u, *D*t - &data_word(0xE6B1A200,0x7D57CCDF,0x882A4439,0xF56E9B13); - &data_word(0x24C6CB00,0x3CE2FAF7,0x15DEEFD3,0x2931180D); -$k_dsbb=0x280; # decryption sbox output *B*u, *B*t - &data_word(0x96B44200,0xD0226492,0xB0F2D404,0x602646F6); - &data_word(0xCD596700,0xC19498A6,0x3255AA6B,0xF3FF0C3E); -$k_dsbe=0x2a0; # decryption sbox output *E*u, *E*t - &data_word(0x26D4D000,0x46F29296,0x64B4F6B0,0x22426004); - &data_word(0xFFAAC100,0x0C55A6CD,0x98593E32,0x9467F36B); -$k_dsbo=0x2c0; # decryption sbox final output - &data_word(0x7EF94000,0x1387EA53,0xD4943E2D,0xC7AA6DB9); - &data_word(0x93441D00,0x12D7560F,0xD8C58E9C,0xCA4B8159); - &previous(); - -&function_begin_B("_vpaes_preheat"); - &movdqa ("xmm7",&QWP($k_inv,$const)); - &movdqa ("xmm6",&QWP($k_s0F,$const)); - &ret (); -&function_end_B("_vpaes_preheat"); - -## -## _aes_encrypt_core -## -## AES-encrypt %xmm0. -## -## Inputs: -## %xmm0 = input -## %xmm6-%xmm7 as in _vpaes_preheat -## (%edx) = scheduled keys -## -## Output in %xmm0 -## Clobbers %xmm1-%xmm5, %eax, %ebx, %ecx, %edx -## -## -&function_begin_B("_vpaes_encrypt_core"); - &mov ($magic,16); - &mov ($round,&DWP(240,$key)); - &movdqa ("xmm1","xmm6") - &movdqa ("xmm2",&QWP($k_ipt,$const)); - &pandn ("xmm1","xmm0"); - &movdqu ("xmm5",&QWP(0,$key)); - &psrld ("xmm1",4); - &pand ("xmm0","xmm6"); - &pshufb ("xmm2","xmm0"); - &movdqa ("xmm0",&QWP($k_ipt+16,$const)); - &pshufb ("xmm0","xmm1"); - &pxor ("xmm2","xmm5"); - &pxor ("xmm0","xmm2"); - &add ($key,16); - &lea ($base,&DWP($k_mc_backward,$const)); - &jmp (&label("enc_entry")); - - -&set_label("enc_loop",16); - # middle of middle round - &movdqa ("xmm4",&QWP($k_sb1,$const)); # 4 : sb1u - &pshufb ("xmm4","xmm2"); # 4 = sb1u - &pxor ("xmm4","xmm5"); # 4 = sb1u + k - &movdqa ("xmm0",&QWP($k_sb1+16,$const));# 0 : sb1t - &pshufb ("xmm0","xmm3"); # 0 = sb1t - &pxor ("xmm0","xmm4"); # 0 = A - &movdqa ("xmm5",&QWP($k_sb2,$const)); # 4 : sb2u - &pshufb ("xmm5","xmm2"); # 4 = sb2u - &movdqa ("xmm1",&QWP(-0x40,$base,$magic));# .Lk_mc_forward[] - &movdqa ("xmm2",&QWP($k_sb2+16,$const));# 2 : sb2t - &pshufb ("xmm2","xmm3"); # 2 = sb2t - &pxor ("xmm2","xmm5"); # 2 = 2A - &movdqa ("xmm4",&QWP(0,$base,$magic)); # .Lk_mc_backward[] - &movdqa ("xmm3","xmm0"); # 3 = A - &pshufb ("xmm0","xmm1"); # 0 = B - &add ($key,16); # next key - &pxor ("xmm0","xmm2"); # 0 = 2A+B - &pshufb ("xmm3","xmm4"); # 3 = D - &add ($magic,16); # next mc - &pxor ("xmm3","xmm0"); # 3 = 2A+B+D - &pshufb ("xmm0","xmm1"); # 0 = 2B+C - &and ($magic,0x30); # ... mod 4 - &pxor ("xmm0","xmm3"); # 0 = 2A+3B+C+D - &sub ($round,1); # nr-- - -&set_label("enc_entry"); - # top of round - &movdqa ("xmm1","xmm6"); # 1 : i - &pandn ("xmm1","xmm0"); # 1 = i<<4 - &psrld ("xmm1",4); # 1 = i - &pand ("xmm0","xmm6"); # 0 = k - &movdqa ("xmm5",&QWP($k_inv+16,$const));# 2 : a/k - &pshufb ("xmm5","xmm0"); # 2 = a/k - &pxor ("xmm0","xmm1"); # 0 = j - &movdqa ("xmm3","xmm7"); # 3 : 1/i - &pshufb ("xmm3","xmm1"); # 3 = 1/i - &pxor ("xmm3","xmm5"); # 3 = iak = 1/i + a/k - &movdqa ("xmm4","xmm7"); # 4 : 1/j - &pshufb ("xmm4","xmm0"); # 4 = 1/j - &pxor ("xmm4","xmm5"); # 4 = jak = 1/j + a/k - &movdqa ("xmm2","xmm7"); # 2 : 1/iak - &pshufb ("xmm2","xmm3"); # 2 = 1/iak - &pxor ("xmm2","xmm0"); # 2 = io - &movdqa ("xmm3","xmm7"); # 3 : 1/jak - &movdqu ("xmm5",&QWP(0,$key)); - &pshufb ("xmm3","xmm4"); # 3 = 1/jak - &pxor ("xmm3","xmm1"); # 3 = jo - &jnz (&label("enc_loop")); - - # middle of last round - &movdqa ("xmm4",&QWP($k_sbo,$const)); # 3 : sbou .Lk_sbo - &movdqa ("xmm0",&QWP($k_sbo+16,$const));# 3 : sbot .Lk_sbo+16 - &pshufb ("xmm4","xmm2"); # 4 = sbou - &pxor ("xmm4","xmm5"); # 4 = sb1u + k - &pshufb ("xmm0","xmm3"); # 0 = sb1t - &movdqa ("xmm1",&QWP(0x40,$base,$magic));# .Lk_sr[] - &pxor ("xmm0","xmm4"); # 0 = A - &pshufb ("xmm0","xmm1"); - &ret (); -&function_end_B("_vpaes_encrypt_core"); - -## -## Decryption core -## -## Same API as encryption core. -## -&function_begin_B("_vpaes_decrypt_core"); - &mov ($round,&DWP(240,$key)); - &lea ($base,&DWP($k_dsbd,$const)); - &movdqa ("xmm1","xmm6"); - &movdqa ("xmm2",&QWP($k_dipt-$k_dsbd,$base)); - &pandn ("xmm1","xmm0"); - &mov ($magic,$round); - &psrld ("xmm1",4) - &movdqu ("xmm5",&QWP(0,$key)); - &shl ($magic,4); - &pand ("xmm0","xmm6"); - &pshufb ("xmm2","xmm0"); - &movdqa ("xmm0",&QWP($k_dipt-$k_dsbd+16,$base)); - &xor ($magic,0x30); - &pshufb ("xmm0","xmm1"); - &and ($magic,0x30); - &pxor ("xmm2","xmm5"); - &movdqa ("xmm5",&QWP($k_mc_forward+48,$const)); - &pxor ("xmm0","xmm2"); - &add ($key,16); - &lea ($magic,&DWP($k_sr-$k_dsbd,$base,$magic)); - &jmp (&label("dec_entry")); - -&set_label("dec_loop",16); -## -## Inverse mix columns -## - &movdqa ("xmm4",&QWP(-0x20,$base)); # 4 : sb9u - &pshufb ("xmm4","xmm2"); # 4 = sb9u - &pxor ("xmm4","xmm0"); - &movdqa ("xmm0",&QWP(-0x10,$base)); # 0 : sb9t - &pshufb ("xmm0","xmm3"); # 0 = sb9t - &pxor ("xmm0","xmm4"); # 0 = ch - &add ($key,16); # next round key - - &pshufb ("xmm0","xmm5"); # MC ch - &movdqa ("xmm4",&QWP(0,$base)); # 4 : sbdu - &pshufb ("xmm4","xmm2"); # 4 = sbdu - &pxor ("xmm4","xmm0"); # 4 = ch - &movdqa ("xmm0",&QWP(0x10,$base)); # 0 : sbdt - &pshufb ("xmm0","xmm3"); # 0 = sbdt - &pxor ("xmm0","xmm4"); # 0 = ch - &sub ($round,1); # nr-- - - &pshufb ("xmm0","xmm5"); # MC ch - &movdqa ("xmm4",&QWP(0x20,$base)); # 4 : sbbu - &pshufb ("xmm4","xmm2"); # 4 = sbbu - &pxor ("xmm4","xmm0"); # 4 = ch - &movdqa ("xmm0",&QWP(0x30,$base)); # 0 : sbbt - &pshufb ("xmm0","xmm3"); # 0 = sbbt - &pxor ("xmm0","xmm4"); # 0 = ch - - &pshufb ("xmm0","xmm5"); # MC ch - &movdqa ("xmm4",&QWP(0x40,$base)); # 4 : sbeu - &pshufb ("xmm4","xmm2"); # 4 = sbeu - &pxor ("xmm4","xmm0"); # 4 = ch - &movdqa ("xmm0",&QWP(0x50,$base)); # 0 : sbet - &pshufb ("xmm0","xmm3"); # 0 = sbet - &pxor ("xmm0","xmm4"); # 0 = ch - - &palignr("xmm5","xmm5",12); - -&set_label("dec_entry"); - # top of round - &movdqa ("xmm1","xmm6"); # 1 : i - &pandn ("xmm1","xmm0"); # 1 = i<<4 - &psrld ("xmm1",4); # 1 = i - &pand ("xmm0","xmm6"); # 0 = k - &movdqa ("xmm2",&QWP($k_inv+16,$const));# 2 : a/k - &pshufb ("xmm2","xmm0"); # 2 = a/k - &pxor ("xmm0","xmm1"); # 0 = j - &movdqa ("xmm3","xmm7"); # 3 : 1/i - &pshufb ("xmm3","xmm1"); # 3 = 1/i - &pxor ("xmm3","xmm2"); # 3 = iak = 1/i + a/k - &movdqa ("xmm4","xmm7"); # 4 : 1/j - &pshufb ("xmm4","xmm0"); # 4 = 1/j - &pxor ("xmm4","xmm2"); # 4 = jak = 1/j + a/k - &movdqa ("xmm2","xmm7"); # 2 : 1/iak - &pshufb ("xmm2","xmm3"); # 2 = 1/iak - &pxor ("xmm2","xmm0"); # 2 = io - &movdqa ("xmm3","xmm7"); # 3 : 1/jak - &pshufb ("xmm3","xmm4"); # 3 = 1/jak - &pxor ("xmm3","xmm1"); # 3 = jo - &movdqu ("xmm0",&QWP(0,$key)); - &jnz (&label("dec_loop")); - - # middle of last round - &movdqa ("xmm4",&QWP(0x60,$base)); # 3 : sbou - &pshufb ("xmm4","xmm2"); # 4 = sbou - &pxor ("xmm4","xmm0"); # 4 = sb1u + k - &movdqa ("xmm0",&QWP(0x70,$base)); # 0 : sbot - &movdqa ("xmm2",&QWP(0,$magic)); - &pshufb ("xmm0","xmm3"); # 0 = sb1t - &pxor ("xmm0","xmm4"); # 0 = A - &pshufb ("xmm0","xmm2"); - &ret (); -&function_end_B("_vpaes_decrypt_core"); - -######################################################## -## ## -## AES key schedule ## -## ## -######################################################## -&function_begin_B("_vpaes_schedule_core"); - &movdqu ("xmm0",&QWP(0,$inp)); # load key (unaligned) - &movdqa ("xmm2",&QWP($k_rcon,$const)); # load rcon - - # input transform - &movdqa ("xmm3","xmm0"); - &lea ($base,&DWP($k_ipt,$const)); - &movdqa (&QWP(4,"esp"),"xmm2"); # xmm8 - &call ("_vpaes_schedule_transform"); - &movdqa ("xmm7","xmm0"); - - &test ($out,$out); - &jnz (&label("schedule_am_decrypting")); - - # encrypting, output zeroth round key after transform - &movdqu (&QWP(0,$key),"xmm0"); - &jmp (&label("schedule_go")); - -&set_label("schedule_am_decrypting"); - # decrypting, output zeroth round key after shiftrows - &movdqa ("xmm1",&QWP($k_sr,$const,$magic)); - &pshufb ("xmm3","xmm1"); - &movdqu (&QWP(0,$key),"xmm3"); - &xor ($magic,0x30); - -&set_label("schedule_go"); - &cmp ($round,192); - &ja (&label("schedule_256")); - &je (&label("schedule_192")); - # 128: fall though - -## -## .schedule_128 -## -## 128-bit specific part of key schedule. -## -## This schedule is really simple, because all its parts -## are accomplished by the subroutines. -## -&set_label("schedule_128"); - &mov ($round,10); - -&set_label("loop_schedule_128"); - &call ("_vpaes_schedule_round"); - &dec ($round); - &jz (&label("schedule_mangle_last")); - &call ("_vpaes_schedule_mangle"); # write output - &jmp (&label("loop_schedule_128")); - -## -## .aes_schedule_192 -## -## 192-bit specific part of key schedule. -## -## The main body of this schedule is the same as the 128-bit -## schedule, but with more smearing. The long, high side is -## stored in %xmm7 as before, and the short, low side is in -## the high bits of %xmm6. -## -## This schedule is somewhat nastier, however, because each -## round produces 192 bits of key material, or 1.5 round keys. -## Therefore, on each cycle we do 2 rounds and produce 3 round -## keys. -## -&set_label("schedule_192",16); - &movdqu ("xmm0",&QWP(8,$inp)); # load key part 2 (very unaligned) - &call ("_vpaes_schedule_transform"); # input transform - &movdqa ("xmm6","xmm0"); # save short part - &pxor ("xmm4","xmm4"); # clear 4 - &movhlps("xmm6","xmm4"); # clobber low side with zeros - &mov ($round,4); - -&set_label("loop_schedule_192"); - &call ("_vpaes_schedule_round"); - &palignr("xmm0","xmm6",8); - &call ("_vpaes_schedule_mangle"); # save key n - &call ("_vpaes_schedule_192_smear"); - &call ("_vpaes_schedule_mangle"); # save key n+1 - &call ("_vpaes_schedule_round"); - &dec ($round); - &jz (&label("schedule_mangle_last")); - &call ("_vpaes_schedule_mangle"); # save key n+2 - &call ("_vpaes_schedule_192_smear"); - &jmp (&label("loop_schedule_192")); - -## -## .aes_schedule_256 -## -## 256-bit specific part of key schedule. -## -## The structure here is very similar to the 128-bit -## schedule, but with an additional "low side" in -## %xmm6. The low side's rounds are the same as the -## high side's, except no rcon and no rotation. -## -&set_label("schedule_256",16); - &movdqu ("xmm0",&QWP(16,$inp)); # load key part 2 (unaligned) - &call ("_vpaes_schedule_transform"); # input transform - &mov ($round,7); - -&set_label("loop_schedule_256"); - &call ("_vpaes_schedule_mangle"); # output low result - &movdqa ("xmm6","xmm0"); # save cur_lo in xmm6 - - # high round - &call ("_vpaes_schedule_round"); - &dec ($round); - &jz (&label("schedule_mangle_last")); - &call ("_vpaes_schedule_mangle"); - - # low round. swap xmm7 and xmm6 - &pshufd ("xmm0","xmm0",0xFF); - &movdqa (&QWP(20,"esp"),"xmm7"); - &movdqa ("xmm7","xmm6"); - &call ("_vpaes_schedule_low_round"); - &movdqa ("xmm7",&QWP(20,"esp")); - - &jmp (&label("loop_schedule_256")); - -## -## .aes_schedule_mangle_last -## -## Mangler for last round of key schedule -## Mangles %xmm0 -## when encrypting, outputs out(%xmm0) ^ 63 -## when decrypting, outputs unskew(%xmm0) -## -## Always called right before return... jumps to cleanup and exits -## -&set_label("schedule_mangle_last",16); - # schedule last round key from xmm0 - &lea ($base,&DWP($k_deskew,$const)); - &test ($out,$out); - &jnz (&label("schedule_mangle_last_dec")); - - # encrypting - &movdqa ("xmm1",&QWP($k_sr,$const,$magic)); - &pshufb ("xmm0","xmm1"); # output permute - &lea ($base,&DWP($k_opt,$const)); # prepare to output transform - &add ($key,32); - -&set_label("schedule_mangle_last_dec"); - &add ($key,-16); - &pxor ("xmm0",&QWP($k_s63,$const)); - &call ("_vpaes_schedule_transform"); # output transform - &movdqu (&QWP(0,$key),"xmm0"); # save last key - - # cleanup - &pxor ("xmm0","xmm0"); - &pxor ("xmm1","xmm1"); - &pxor ("xmm2","xmm2"); - &pxor ("xmm3","xmm3"); - &pxor ("xmm4","xmm4"); - &pxor ("xmm5","xmm5"); - &pxor ("xmm6","xmm6"); - &pxor ("xmm7","xmm7"); - &ret (); -&function_end_B("_vpaes_schedule_core"); - -## -## .aes_schedule_192_smear -## -## Smear the short, low side in the 192-bit key schedule. -## -## Inputs: -## %xmm7: high side, b a x y -## %xmm6: low side, d c 0 0 -## %xmm13: 0 -## -## Outputs: -## %xmm6: b+c+d b+c 0 0 -## %xmm0: b+c+d b+c b a -## -&function_begin_B("_vpaes_schedule_192_smear"); - &pshufd ("xmm0","xmm6",0x80); # d c 0 0 -> c 0 0 0 - &pxor ("xmm6","xmm0"); # -> c+d c 0 0 - &pshufd ("xmm0","xmm7",0xFE); # b a _ _ -> b b b a - &pxor ("xmm6","xmm0"); # -> b+c+d b+c b a - &movdqa ("xmm0","xmm6"); - &pxor ("xmm1","xmm1"); - &movhlps("xmm6","xmm1"); # clobber low side with zeros - &ret (); -&function_end_B("_vpaes_schedule_192_smear"); - -## -## .aes_schedule_round -## -## Runs one main round of the key schedule on %xmm0, %xmm7 -## -## Specifically, runs subbytes on the high dword of %xmm0 -## then rotates it by one byte and xors into the low dword of -## %xmm7. -## -## Adds rcon from low byte of %xmm8, then rotates %xmm8 for -## next rcon. -## -## Smears the dwords of %xmm7 by xoring the low into the -## second low, result into third, result into highest. -## -## Returns results in %xmm7 = %xmm0. -## Clobbers %xmm1-%xmm5. -## -&function_begin_B("_vpaes_schedule_round"); - # extract rcon from xmm8 - &movdqa ("xmm2",&QWP(8,"esp")); # xmm8 - &pxor ("xmm1","xmm1"); - &palignr("xmm1","xmm2",15); - &palignr("xmm2","xmm2",15); - &pxor ("xmm7","xmm1"); - - # rotate - &pshufd ("xmm0","xmm0",0xFF); - &palignr("xmm0","xmm0",1); - - # fall through... - &movdqa (&QWP(8,"esp"),"xmm2"); # xmm8 - - # low round: same as high round, but no rotation and no rcon. -&set_label("_vpaes_schedule_low_round"); - # smear xmm7 - &movdqa ("xmm1","xmm7"); - &pslldq ("xmm7",4); - &pxor ("xmm7","xmm1"); - &movdqa ("xmm1","xmm7"); - &pslldq ("xmm7",8); - &pxor ("xmm7","xmm1"); - &pxor ("xmm7",&QWP($k_s63,$const)); - - # subbyte - &movdqa ("xmm4",&QWP($k_s0F,$const)); - &movdqa ("xmm5",&QWP($k_inv,$const)); # 4 : 1/j - &movdqa ("xmm1","xmm4"); - &pandn ("xmm1","xmm0"); - &psrld ("xmm1",4); # 1 = i - &pand ("xmm0","xmm4"); # 0 = k - &movdqa ("xmm2",&QWP($k_inv+16,$const));# 2 : a/k - &pshufb ("xmm2","xmm0"); # 2 = a/k - &pxor ("xmm0","xmm1"); # 0 = j - &movdqa ("xmm3","xmm5"); # 3 : 1/i - &pshufb ("xmm3","xmm1"); # 3 = 1/i - &pxor ("xmm3","xmm2"); # 3 = iak = 1/i + a/k - &movdqa ("xmm4","xmm5"); # 4 : 1/j - &pshufb ("xmm4","xmm0"); # 4 = 1/j - &pxor ("xmm4","xmm2"); # 4 = jak = 1/j + a/k - &movdqa ("xmm2","xmm5"); # 2 : 1/iak - &pshufb ("xmm2","xmm3"); # 2 = 1/iak - &pxor ("xmm2","xmm0"); # 2 = io - &movdqa ("xmm3","xmm5"); # 3 : 1/jak - &pshufb ("xmm3","xmm4"); # 3 = 1/jak - &pxor ("xmm3","xmm1"); # 3 = jo - &movdqa ("xmm4",&QWP($k_sb1,$const)); # 4 : sbou - &pshufb ("xmm4","xmm2"); # 4 = sbou - &movdqa ("xmm0",&QWP($k_sb1+16,$const));# 0 : sbot - &pshufb ("xmm0","xmm3"); # 0 = sb1t - &pxor ("xmm0","xmm4"); # 0 = sbox output - - # add in smeared stuff - &pxor ("xmm0","xmm7"); - &movdqa ("xmm7","xmm0"); - &ret (); -&function_end_B("_vpaes_schedule_round"); - -## -## .aes_schedule_transform -## -## Linear-transform %xmm0 according to tables at (%ebx) -## -## Output in %xmm0 -## Clobbers %xmm1, %xmm2 -## -&function_begin_B("_vpaes_schedule_transform"); - &movdqa ("xmm2",&QWP($k_s0F,$const)); - &movdqa ("xmm1","xmm2"); - &pandn ("xmm1","xmm0"); - &psrld ("xmm1",4); - &pand ("xmm0","xmm2"); - &movdqa ("xmm2",&QWP(0,$base)); - &pshufb ("xmm2","xmm0"); - &movdqa ("xmm0",&QWP(16,$base)); - &pshufb ("xmm0","xmm1"); - &pxor ("xmm0","xmm2"); - &ret (); -&function_end_B("_vpaes_schedule_transform"); - -## -## .aes_schedule_mangle -## -## Mangle xmm0 from (basis-transformed) standard version -## to our version. -## -## On encrypt, -## xor with 0x63 -## multiply by circulant 0,1,1,1 -## apply shiftrows transform -## -## On decrypt, -## xor with 0x63 -## multiply by "inverse mixcolumns" circulant E,B,D,9 -## deskew -## apply shiftrows transform -## -## -## Writes out to (%edx), and increments or decrements it -## Keeps track of round number mod 4 in %ecx -## Preserves xmm0 -## Clobbers xmm1-xmm5 -## -&function_begin_B("_vpaes_schedule_mangle"); - &movdqa ("xmm4","xmm0"); # save xmm0 for later - &movdqa ("xmm5",&QWP($k_mc_forward,$const)); - &test ($out,$out); - &jnz (&label("schedule_mangle_dec")); - - # encrypting - &add ($key,16); - &pxor ("xmm4",&QWP($k_s63,$const)); - &pshufb ("xmm4","xmm5"); - &movdqa ("xmm3","xmm4"); - &pshufb ("xmm4","xmm5"); - &pxor ("xmm3","xmm4"); - &pshufb ("xmm4","xmm5"); - &pxor ("xmm3","xmm4"); - - &jmp (&label("schedule_mangle_both")); - -&set_label("schedule_mangle_dec",16); - # inverse mix columns - &movdqa ("xmm2",&QWP($k_s0F,$const)); - &lea ($inp,&DWP($k_dksd,$const)); - &movdqa ("xmm1","xmm2"); - &pandn ("xmm1","xmm4"); - &psrld ("xmm1",4); # 1 = hi - &pand ("xmm4","xmm2"); # 4 = lo - - &movdqa ("xmm2",&QWP(0,$inp)); - &pshufb ("xmm2","xmm4"); - &movdqa ("xmm3",&QWP(0x10,$inp)); - &pshufb ("xmm3","xmm1"); - &pxor ("xmm3","xmm2"); - &pshufb ("xmm3","xmm5"); - - &movdqa ("xmm2",&QWP(0x20,$inp)); - &pshufb ("xmm2","xmm4"); - &pxor ("xmm2","xmm3"); - &movdqa ("xmm3",&QWP(0x30,$inp)); - &pshufb ("xmm3","xmm1"); - &pxor ("xmm3","xmm2"); - &pshufb ("xmm3","xmm5"); - - &movdqa ("xmm2",&QWP(0x40,$inp)); - &pshufb ("xmm2","xmm4"); - &pxor ("xmm2","xmm3"); - &movdqa ("xmm3",&QWP(0x50,$inp)); - &pshufb ("xmm3","xmm1"); - &pxor ("xmm3","xmm2"); - &pshufb ("xmm3","xmm5"); - - &movdqa ("xmm2",&QWP(0x60,$inp)); - &pshufb ("xmm2","xmm4"); - &pxor ("xmm2","xmm3"); - &movdqa ("xmm3",&QWP(0x70,$inp)); - &pshufb ("xmm3","xmm1"); - &pxor ("xmm3","xmm2"); - - &add ($key,-16); - -&set_label("schedule_mangle_both"); - &movdqa ("xmm1",&QWP($k_sr,$const,$magic)); - &pshufb ("xmm3","xmm1"); - &add ($magic,-16); - &and ($magic,0x30); - &movdqu (&QWP(0,$key),"xmm3"); - &ret (); -&function_end_B("_vpaes_schedule_mangle"); - -# -# Interface to OpenSSL -# -&function_begin("${PREFIX}_set_encrypt_key"); - &mov ($inp,&wparam(0)); # inp - &lea ($base,&DWP(-56,"esp")); - &mov ($round,&wparam(1)); # bits - &and ($base,-16); - &mov ($key,&wparam(2)); # key - &xchg ($base,"esp"); # alloca - &mov (&DWP(48,"esp"),$base); - - &mov ($base,$round); - &shr ($base,5); - &add ($base,5); - &mov (&DWP(240,$key),$base); # AES_KEY->rounds = nbits/32+5; - &mov ($magic,0x30); - &mov ($out,0); - - &picsetup($const); - &picsymbol($const, &label("_vpaes_consts"), $const); - &lea ($const,&DWP(0x30,$const)) - - &call ("_vpaes_schedule_core"); - - &mov ("esp",&DWP(48,"esp")); - &xor ("eax","eax"); -&function_end("${PREFIX}_set_encrypt_key"); - -&function_begin("${PREFIX}_set_decrypt_key"); - &mov ($inp,&wparam(0)); # inp - &lea ($base,&DWP(-56,"esp")); - &mov ($round,&wparam(1)); # bits - &and ($base,-16); - &mov ($key,&wparam(2)); # key - &xchg ($base,"esp"); # alloca - &mov (&DWP(48,"esp"),$base); - - &mov ($base,$round); - &shr ($base,5); - &add ($base,5); - &mov (&DWP(240,$key),$base); # AES_KEY->rounds = nbits/32+5; - &shl ($base,4); - &lea ($key,&DWP(16,$key,$base)); - - &mov ($out,1); - &mov ($magic,$round); - &shr ($magic,1); - &and ($magic,32); - &xor ($magic,32); # nbist==192?0:32; - - &picsetup($const); - &picsymbol($const, &label("_vpaes_consts"), $const); - &lea ($const,&DWP(0x30,$const)) - - &call ("_vpaes_schedule_core"); - - &mov ("esp",&DWP(48,"esp")); - &xor ("eax","eax"); -&function_end("${PREFIX}_set_decrypt_key"); - -&function_begin("${PREFIX}_encrypt"); - &picsetup($const); - &picsymbol($const, &label("_vpaes_consts"), $const); - &lea ($const,&DWP(0x30,$const)) - - &call ("_vpaes_preheat"); - &mov ($inp,&wparam(0)); # inp - &lea ($base,&DWP(-56,"esp")); - &mov ($out,&wparam(1)); # out - &and ($base,-16); - &mov ($key,&wparam(2)); # key - &xchg ($base,"esp"); # alloca - &mov (&DWP(48,"esp"),$base); - - &movdqu ("xmm0",&QWP(0,$inp)); - &call ("_vpaes_encrypt_core"); - &movdqu (&QWP(0,$out),"xmm0"); - - &mov ("esp",&DWP(48,"esp")); -&function_end("${PREFIX}_encrypt"); - -&function_begin("${PREFIX}_decrypt"); - &picsetup($const); - &picsymbol($const, &label("_vpaes_consts"), $const); - &lea ($const,&DWP(0x30,$const)) - - &call ("_vpaes_preheat"); - &mov ($inp,&wparam(0)); # inp - &lea ($base,&DWP(-56,"esp")); - &mov ($out,&wparam(1)); # out - &and ($base,-16); - &mov ($key,&wparam(2)); # key - &xchg ($base,"esp"); # alloca - &mov (&DWP(48,"esp"),$base); - - &movdqu ("xmm0",&QWP(0,$inp)); - &call ("_vpaes_decrypt_core"); - &movdqu (&QWP(0,$out),"xmm0"); - - &mov ("esp",&DWP(48,"esp")); -&function_end("${PREFIX}_decrypt"); - -&function_begin("${PREFIX}_cbc_encrypt"); - &mov ($inp,&wparam(0)); # inp - &mov ($out,&wparam(1)); # out - &mov ($round,&wparam(2)); # len - &mov ($key,&wparam(3)); # key - &sub ($round,16); - &jc (&label("cbc_abort")); - &lea ($base,&DWP(-56,"esp")); - &mov ($const,&wparam(4)); # ivp - &and ($base,-16); - &mov ($magic,&wparam(5)); # enc - &xchg ($base,"esp"); # alloca - &movdqu ("xmm1",&QWP(0,$const)); # load IV - &sub ($out,$inp); - &mov (&DWP(48,"esp"),$base); - - &mov (&DWP(0,"esp"),$out); # save out - &mov (&DWP(4,"esp"),$key) # save key - &mov (&DWP(8,"esp"),$const); # save ivp - &mov ($out,$round); # $out works as $len - - &picsetup($const); - &picsymbol($const, &label("_vpaes_consts"), $const); - &lea ($const,&DWP(0x30,$const)) - - &call ("_vpaes_preheat"); - &cmp ($magic,0); - &je (&label("cbc_dec_loop")); - &jmp (&label("cbc_enc_loop")); - -&set_label("cbc_enc_loop",16); - &movdqu ("xmm0",&QWP(0,$inp)); # load input - &pxor ("xmm0","xmm1"); # inp^=iv - &call ("_vpaes_encrypt_core"); - &mov ($base,&DWP(0,"esp")); # restore out - &mov ($key,&DWP(4,"esp")); # restore key - &movdqa ("xmm1","xmm0"); - &movdqu (&QWP(0,$base,$inp),"xmm0"); # write output - &lea ($inp,&DWP(16,$inp)); - &sub ($out,16); - &jnc (&label("cbc_enc_loop")); - &jmp (&label("cbc_done")); - -&set_label("cbc_dec_loop",16); - &movdqu ("xmm0",&QWP(0,$inp)); # load input - &movdqa (&QWP(16,"esp"),"xmm1"); # save IV - &movdqa (&QWP(32,"esp"),"xmm0"); # save future IV - &call ("_vpaes_decrypt_core"); - &mov ($base,&DWP(0,"esp")); # restore out - &mov ($key,&DWP(4,"esp")); # restore key - &pxor ("xmm0",&QWP(16,"esp")); # out^=iv - &movdqa ("xmm1",&QWP(32,"esp")); # load next IV - &movdqu (&QWP(0,$base,$inp),"xmm0"); # write output - &lea ($inp,&DWP(16,$inp)); - &sub ($out,16); - &jnc (&label("cbc_dec_loop")); - -&set_label("cbc_done"); - &mov ($base,&DWP(8,"esp")); # restore ivp - &mov ("esp",&DWP(48,"esp")); - &movdqu (&QWP(0,$base),"xmm1"); # write IV -&set_label("cbc_abort"); -&function_end("${PREFIX}_cbc_encrypt"); - -&asm_finish(); diff --git a/src/lib/libcrypto/aes/asm/vpaes-x86_64.pl b/src/lib/libcrypto/aes/asm/vpaes-x86_64.pl deleted file mode 100644 index 7d92e8d8ca..0000000000 --- a/src/lib/libcrypto/aes/asm/vpaes-x86_64.pl +++ /dev/null @@ -1,1222 +0,0 @@ -#!/usr/bin/env perl - -###################################################################### -## Constant-time SSSE3 AES core implementation. -## version 0.1 -## -## By Mike Hamburg (Stanford University), 2009 -## Public domain. -## -## For details see http://shiftleft.org/papers/vector_aes/ and -## http://crypto.stanford.edu/vpaes/. - -###################################################################### -# September 2011. -# -# Interface to OpenSSL as "almost" drop-in replacement for -# aes-x86_64.pl. "Almost" refers to the fact that AES_cbc_encrypt -# doesn't handle partial vectors (doesn't have to if called from -# EVP only). "Drop-in" implies that this module doesn't share key -# schedule structure with the original nor does it make assumption -# about its alignment... -# -# Performance summary. aes-x86_64.pl column lists large-block CBC -# encrypt/decrypt/with-hyper-threading-off(*) results in cycles per -# byte processed with 128-bit key, and vpaes-x86_64.pl column - -# [also large-block CBC] encrypt/decrypt. -# -# aes-x86_64.pl vpaes-x86_64.pl -# -# Core 2(**) 30.5/43.7/14.3 21.8/25.7(***) -# Nehalem 30.5/42.2/14.6 9.8/11.8 -# Atom 63.9/79.0/32.1 64.0/84.8(***) -# -# (*) "Hyper-threading" in the context refers rather to cache shared -# among multiple cores, than to specifically Intel HTT. As vast -# majority of contemporary cores share cache, slower code path -# is common place. In other words "with-hyper-threading-off" -# results are presented mostly for reference purposes. -# -# (**) "Core 2" refers to initial 65nm design, a.k.a. Conroe. -# -# (***) Less impressive improvement on Core 2 and Atom is due to slow -# pshufb, yet it's respectable +40%/78% improvement on Core 2 -# (as implied, over "hyper-threading-safe" code path). -# -# - -$flavour = shift; -$output = shift; -if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } - -$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/); - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or -( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or -die "can't locate x86_64-xlate.pl"; - -open OUT,"| \"$^X\" $xlate $flavour $output"; -*STDOUT=*OUT; - -$PREFIX="vpaes"; - -$code.=<<___; -.text - -## -## _aes_encrypt_core -## -## AES-encrypt %xmm0. -## -## Inputs: -## %xmm0 = input -## %xmm9-%xmm15 as in _vpaes_preheat -## (%rdx) = scheduled keys -## -## Output in %xmm0 -## Clobbers %xmm1-%xmm5, %r9, %r10, %r11, %rax -## Preserves %xmm6 - %xmm8 so you get some local vectors -## -## -.type _vpaes_encrypt_core,\@abi-omnipotent -.align 16 -_vpaes_encrypt_core: - _CET_ENDBR - mov %rdx, %r9 - mov \$16, %r11 - mov 240(%rdx),%eax - movdqa %xmm9, %xmm1 - movdqa .Lk_ipt(%rip), %xmm2 # iptlo - pandn %xmm0, %xmm1 - movdqu (%r9), %xmm5 # round0 key - psrld \$4, %xmm1 - pand %xmm9, %xmm0 - pshufb %xmm0, %xmm2 - movdqa .Lk_ipt+16(%rip), %xmm0 # ipthi - pshufb %xmm1, %xmm0 - pxor %xmm5, %xmm2 - pxor %xmm2, %xmm0 - add \$16, %r9 - lea .Lk_mc_backward(%rip),%r10 - jmp .Lenc_entry - -.align 16 -.Lenc_loop: - # middle of middle round - movdqa %xmm13, %xmm4 # 4 : sb1u - pshufb %xmm2, %xmm4 # 4 = sb1u - pxor %xmm5, %xmm4 # 4 = sb1u + k - movdqa %xmm12, %xmm0 # 0 : sb1t - pshufb %xmm3, %xmm0 # 0 = sb1t - pxor %xmm4, %xmm0 # 0 = A - movdqa %xmm15, %xmm5 # 4 : sb2u - pshufb %xmm2, %xmm5 # 4 = sb2u - movdqa -0x40(%r11,%r10), %xmm1 # .Lk_mc_forward[] - movdqa %xmm14, %xmm2 # 2 : sb2t - pshufb %xmm3, %xmm2 # 2 = sb2t - pxor %xmm5, %xmm2 # 2 = 2A - movdqa (%r11,%r10), %xmm4 # .Lk_mc_backward[] - movdqa %xmm0, %xmm3 # 3 = A - pshufb %xmm1, %xmm0 # 0 = B - add \$16, %r9 # next key - pxor %xmm2, %xmm0 # 0 = 2A+B - pshufb %xmm4, %xmm3 # 3 = D - add \$16, %r11 # next mc - pxor %xmm0, %xmm3 # 3 = 2A+B+D - pshufb %xmm1, %xmm0 # 0 = 2B+C - and \$0x30, %r11 # ... mod 4 - pxor %xmm3, %xmm0 # 0 = 2A+3B+C+D - sub \$1,%rax # nr-- - -.Lenc_entry: - # top of round - movdqa %xmm9, %xmm1 # 1 : i - pandn %xmm0, %xmm1 # 1 = i<<4 - psrld \$4, %xmm1 # 1 = i - pand %xmm9, %xmm0 # 0 = k - movdqa %xmm11, %xmm5 # 2 : a/k - pshufb %xmm0, %xmm5 # 2 = a/k - pxor %xmm1, %xmm0 # 0 = j - movdqa %xmm10, %xmm3 # 3 : 1/i - pshufb %xmm1, %xmm3 # 3 = 1/i - pxor %xmm5, %xmm3 # 3 = iak = 1/i + a/k - movdqa %xmm10, %xmm4 # 4 : 1/j - pshufb %xmm0, %xmm4 # 4 = 1/j - pxor %xmm5, %xmm4 # 4 = jak = 1/j + a/k - movdqa %xmm10, %xmm2 # 2 : 1/iak - pshufb %xmm3, %xmm2 # 2 = 1/iak - pxor %xmm0, %xmm2 # 2 = io - movdqa %xmm10, %xmm3 # 3 : 1/jak - movdqu (%r9), %xmm5 - pshufb %xmm4, %xmm3 # 3 = 1/jak - pxor %xmm1, %xmm3 # 3 = jo - jnz .Lenc_loop - - # middle of last round - movdqa -0x60(%r10), %xmm4 # 3 : sbou .Lk_sbo - movdqa -0x50(%r10), %xmm0 # 0 : sbot .Lk_sbo+16 - pshufb %xmm2, %xmm4 # 4 = sbou - pxor %xmm5, %xmm4 # 4 = sb1u + k - pshufb %xmm3, %xmm0 # 0 = sb1t - movdqa 0x40(%r11,%r10), %xmm1 # .Lk_sr[] - pxor %xmm4, %xmm0 # 0 = A - pshufb %xmm1, %xmm0 - ret -.size _vpaes_encrypt_core,.-_vpaes_encrypt_core - -## -## Decryption core -## -## Same API as encryption core. -## -.type _vpaes_decrypt_core,\@abi-omnipotent -.align 16 -_vpaes_decrypt_core: - _CET_ENDBR - mov %rdx, %r9 # load key - mov 240(%rdx),%eax - movdqa %xmm9, %xmm1 - movdqa .Lk_dipt(%rip), %xmm2 # iptlo - pandn %xmm0, %xmm1 - mov %rax, %r11 - psrld \$4, %xmm1 - movdqu (%r9), %xmm5 # round0 key - shl \$4, %r11 - pand %xmm9, %xmm0 - pshufb %xmm0, %xmm2 - movdqa .Lk_dipt+16(%rip), %xmm0 # ipthi - xor \$0x30, %r11 - lea .Lk_dsbd(%rip),%r10 - pshufb %xmm1, %xmm0 - and \$0x30, %r11 - pxor %xmm5, %xmm2 - movdqa .Lk_mc_forward+48(%rip), %xmm5 - pxor %xmm2, %xmm0 - add \$16, %r9 - add %r10, %r11 - jmp .Ldec_entry - -.align 16 -.Ldec_loop: -## -## Inverse mix columns -## - movdqa -0x20(%r10),%xmm4 # 4 : sb9u - pshufb %xmm2, %xmm4 # 4 = sb9u - pxor %xmm0, %xmm4 - movdqa -0x10(%r10),%xmm0 # 0 : sb9t - pshufb %xmm3, %xmm0 # 0 = sb9t - pxor %xmm4, %xmm0 # 0 = ch - add \$16, %r9 # next round key - - pshufb %xmm5, %xmm0 # MC ch - movdqa 0x00(%r10),%xmm4 # 4 : sbdu - pshufb %xmm2, %xmm4 # 4 = sbdu - pxor %xmm0, %xmm4 # 4 = ch - movdqa 0x10(%r10),%xmm0 # 0 : sbdt - pshufb %xmm3, %xmm0 # 0 = sbdt - pxor %xmm4, %xmm0 # 0 = ch - sub \$1,%rax # nr-- - - pshufb %xmm5, %xmm0 # MC ch - movdqa 0x20(%r10),%xmm4 # 4 : sbbu - pshufb %xmm2, %xmm4 # 4 = sbbu - pxor %xmm0, %xmm4 # 4 = ch - movdqa 0x30(%r10),%xmm0 # 0 : sbbt - pshufb %xmm3, %xmm0 # 0 = sbbt - pxor %xmm4, %xmm0 # 0 = ch - - pshufb %xmm5, %xmm0 # MC ch - movdqa 0x40(%r10),%xmm4 # 4 : sbeu - pshufb %xmm2, %xmm4 # 4 = sbeu - pxor %xmm0, %xmm4 # 4 = ch - movdqa 0x50(%r10),%xmm0 # 0 : sbet - pshufb %xmm3, %xmm0 # 0 = sbet - pxor %xmm4, %xmm0 # 0 = ch - - palignr \$12, %xmm5, %xmm5 - -.Ldec_entry: - # top of round - movdqa %xmm9, %xmm1 # 1 : i - pandn %xmm0, %xmm1 # 1 = i<<4 - psrld \$4, %xmm1 # 1 = i - pand %xmm9, %xmm0 # 0 = k - movdqa %xmm11, %xmm2 # 2 : a/k - pshufb %xmm0, %xmm2 # 2 = a/k - pxor %xmm1, %xmm0 # 0 = j - movdqa %xmm10, %xmm3 # 3 : 1/i - pshufb %xmm1, %xmm3 # 3 = 1/i - pxor %xmm2, %xmm3 # 3 = iak = 1/i + a/k - movdqa %xmm10, %xmm4 # 4 : 1/j - pshufb %xmm0, %xmm4 # 4 = 1/j - pxor %xmm2, %xmm4 # 4 = jak = 1/j + a/k - movdqa %xmm10, %xmm2 # 2 : 1/iak - pshufb %xmm3, %xmm2 # 2 = 1/iak - pxor %xmm0, %xmm2 # 2 = io - movdqa %xmm10, %xmm3 # 3 : 1/jak - pshufb %xmm4, %xmm3 # 3 = 1/jak - pxor %xmm1, %xmm3 # 3 = jo - movdqu (%r9), %xmm0 - jnz .Ldec_loop - - # middle of last round - movdqa 0x60(%r10), %xmm4 # 3 : sbou - pshufb %xmm2, %xmm4 # 4 = sbou - pxor %xmm0, %xmm4 # 4 = sb1u + k - movdqa 0x70(%r10), %xmm0 # 0 : sbot - movdqa -0x160(%r11), %xmm2 # .Lk_sr-.Lk_dsbd=-0x160 - pshufb %xmm3, %xmm0 # 0 = sb1t - pxor %xmm4, %xmm0 # 0 = A - pshufb %xmm2, %xmm0 - ret -.size _vpaes_decrypt_core,.-_vpaes_decrypt_core - -######################################################## -## ## -## AES key schedule ## -## ## -######################################################## -.type _vpaes_schedule_core,\@abi-omnipotent -.align 16 -_vpaes_schedule_core: - _CET_ENDBR - # rdi = key - # rsi = size in bits - # rdx = buffer - # rcx = direction. 0=encrypt, 1=decrypt - - call _vpaes_preheat # load the tables - movdqa .Lk_rcon(%rip), %xmm8 # load rcon - movdqu (%rdi), %xmm0 # load key (unaligned) - - # input transform - movdqa %xmm0, %xmm3 - lea .Lk_ipt(%rip), %r11 - call _vpaes_schedule_transform - movdqa %xmm0, %xmm7 - - lea .Lk_sr(%rip),%r10 - test %rcx, %rcx - jnz .Lschedule_am_decrypting - - # encrypting, output zeroth round key after transform - movdqu %xmm0, (%rdx) - jmp .Lschedule_go - -.Lschedule_am_decrypting: - # decrypting, output zeroth round key after shiftrows - movdqa (%r8,%r10),%xmm1 - pshufb %xmm1, %xmm3 - movdqu %xmm3, (%rdx) - xor \$0x30, %r8 - -.Lschedule_go: - cmp \$192, %esi - ja .Lschedule_256 - je .Lschedule_192 - # 128: fall though - -## -## .schedule_128 -## -## 128-bit specific part of key schedule. -## -## This schedule is really simple, because all its parts -## are accomplished by the subroutines. -## -.Lschedule_128: - mov \$10, %esi - -.Loop_schedule_128: - call _vpaes_schedule_round - dec %rsi - jz .Lschedule_mangle_last - call _vpaes_schedule_mangle # write output - jmp .Loop_schedule_128 - -## -## .aes_schedule_192 -## -## 192-bit specific part of key schedule. -## -## The main body of this schedule is the same as the 128-bit -## schedule, but with more smearing. The long, high side is -## stored in %xmm7 as before, and the short, low side is in -## the high bits of %xmm6. -## -## This schedule is somewhat nastier, however, because each -## round produces 192 bits of key material, or 1.5 round keys. -## Therefore, on each cycle we do 2 rounds and produce 3 round -## keys. -## -.align 16 -.Lschedule_192: - movdqu 8(%rdi),%xmm0 # load key part 2 (very unaligned) - call _vpaes_schedule_transform # input transform - movdqa %xmm0, %xmm6 # save short part - pxor %xmm4, %xmm4 # clear 4 - movhlps %xmm4, %xmm6 # clobber low side with zeros - mov \$4, %esi - -.Loop_schedule_192: - call _vpaes_schedule_round - palignr \$8,%xmm6,%xmm0 - call _vpaes_schedule_mangle # save key n - call _vpaes_schedule_192_smear - call _vpaes_schedule_mangle # save key n+1 - call _vpaes_schedule_round - dec %rsi - jz .Lschedule_mangle_last - call _vpaes_schedule_mangle # save key n+2 - call _vpaes_schedule_192_smear - jmp .Loop_schedule_192 - -## -## .aes_schedule_256 -## -## 256-bit specific part of key schedule. -## -## The structure here is very similar to the 128-bit -## schedule, but with an additional "low side" in -## %xmm6. The low side's rounds are the same as the -## high side's, except no rcon and no rotation. -## -.align 16 -.Lschedule_256: - movdqu 16(%rdi),%xmm0 # load key part 2 (unaligned) - call _vpaes_schedule_transform # input transform - mov \$7, %esi - -.Loop_schedule_256: - call _vpaes_schedule_mangle # output low result - movdqa %xmm0, %xmm6 # save cur_lo in xmm6 - - # high round - call _vpaes_schedule_round - dec %rsi - jz .Lschedule_mangle_last - call _vpaes_schedule_mangle - - # low round. swap xmm7 and xmm6 - pshufd \$0xFF, %xmm0, %xmm0 - movdqa %xmm7, %xmm5 - movdqa %xmm6, %xmm7 - call _vpaes_schedule_low_round - movdqa %xmm5, %xmm7 - - jmp .Loop_schedule_256 - - -## -## .aes_schedule_mangle_last -## -## Mangler for last round of key schedule -## Mangles %xmm0 -## when encrypting, outputs out(%xmm0) ^ 63 -## when decrypting, outputs unskew(%xmm0) -## -## Always called right before return... jumps to cleanup and exits -## -.align 16 -.Lschedule_mangle_last: - # schedule last round key from xmm0 - lea .Lk_deskew(%rip),%r11 # prepare to deskew - test %rcx, %rcx - jnz .Lschedule_mangle_last_dec - - # encrypting - movdqa (%r8,%r10),%xmm1 - pshufb %xmm1, %xmm0 # output permute - lea .Lk_opt(%rip), %r11 # prepare to output transform - add \$32, %rdx - -.Lschedule_mangle_last_dec: - add \$-16, %rdx - pxor .Lk_s63(%rip), %xmm0 - call _vpaes_schedule_transform # output transform - movdqu %xmm0, (%rdx) # save last key - - # cleanup - pxor %xmm0, %xmm0 - pxor %xmm1, %xmm1 - pxor %xmm2, %xmm2 - pxor %xmm3, %xmm3 - pxor %xmm4, %xmm4 - pxor %xmm5, %xmm5 - pxor %xmm6, %xmm6 - pxor %xmm7, %xmm7 - ret -.size _vpaes_schedule_core,.-_vpaes_schedule_core - -## -## .aes_schedule_192_smear -## -## Smear the short, low side in the 192-bit key schedule. -## -## Inputs: -## %xmm7: high side, b a x y -## %xmm6: low side, d c 0 0 -## %xmm13: 0 -## -## Outputs: -## %xmm6: b+c+d b+c 0 0 -## %xmm0: b+c+d b+c b a -## -.type _vpaes_schedule_192_smear,\@abi-omnipotent -.align 16 -_vpaes_schedule_192_smear: - _CET_ENDBR - pshufd \$0x80, %xmm6, %xmm0 # d c 0 0 -> c 0 0 0 - pxor %xmm0, %xmm6 # -> c+d c 0 0 - pshufd \$0xFE, %xmm7, %xmm0 # b a _ _ -> b b b a - pxor %xmm0, %xmm6 # -> b+c+d b+c b a - movdqa %xmm6, %xmm0 - pxor %xmm1, %xmm1 - movhlps %xmm1, %xmm6 # clobber low side with zeros - ret -.size _vpaes_schedule_192_smear,.-_vpaes_schedule_192_smear - -## -## .aes_schedule_round -## -## Runs one main round of the key schedule on %xmm0, %xmm7 -## -## Specifically, runs subbytes on the high dword of %xmm0 -## then rotates it by one byte and xors into the low dword of -## %xmm7. -## -## Adds rcon from low byte of %xmm8, then rotates %xmm8 for -## next rcon. -## -## Smears the dwords of %xmm7 by xoring the low into the -## second low, result into third, result into highest. -## -## Returns results in %xmm7 = %xmm0. -## Clobbers %xmm1-%xmm4, %r11. -## -.type _vpaes_schedule_round,\@abi-omnipotent -.align 16 -_vpaes_schedule_round: - _CET_ENDBR - # extract rcon from xmm8 - pxor %xmm1, %xmm1 - palignr \$15, %xmm8, %xmm1 - palignr \$15, %xmm8, %xmm8 - pxor %xmm1, %xmm7 - - # rotate - pshufd \$0xFF, %xmm0, %xmm0 - palignr \$1, %xmm0, %xmm0 - - # fall through... - - # low round: same as high round, but no rotation and no rcon. -_vpaes_schedule_low_round: - # smear xmm7 - movdqa %xmm7, %xmm1 - pslldq \$4, %xmm7 - pxor %xmm1, %xmm7 - movdqa %xmm7, %xmm1 - pslldq \$8, %xmm7 - pxor %xmm1, %xmm7 - pxor .Lk_s63(%rip), %xmm7 - - # subbytes - movdqa %xmm9, %xmm1 - pandn %xmm0, %xmm1 - psrld \$4, %xmm1 # 1 = i - pand %xmm9, %xmm0 # 0 = k - movdqa %xmm11, %xmm2 # 2 : a/k - pshufb %xmm0, %xmm2 # 2 = a/k - pxor %xmm1, %xmm0 # 0 = j - movdqa %xmm10, %xmm3 # 3 : 1/i - pshufb %xmm1, %xmm3 # 3 = 1/i - pxor %xmm2, %xmm3 # 3 = iak = 1/i + a/k - movdqa %xmm10, %xmm4 # 4 : 1/j - pshufb %xmm0, %xmm4 # 4 = 1/j - pxor %xmm2, %xmm4 # 4 = jak = 1/j + a/k - movdqa %xmm10, %xmm2 # 2 : 1/iak - pshufb %xmm3, %xmm2 # 2 = 1/iak - pxor %xmm0, %xmm2 # 2 = io - movdqa %xmm10, %xmm3 # 3 : 1/jak - pshufb %xmm4, %xmm3 # 3 = 1/jak - pxor %xmm1, %xmm3 # 3 = jo - movdqa %xmm13, %xmm4 # 4 : sbou - pshufb %xmm2, %xmm4 # 4 = sbou - movdqa %xmm12, %xmm0 # 0 : sbot - pshufb %xmm3, %xmm0 # 0 = sb1t - pxor %xmm4, %xmm0 # 0 = sbox output - - # add in smeared stuff - pxor %xmm7, %xmm0 - movdqa %xmm0, %xmm7 - ret -.size _vpaes_schedule_round,.-_vpaes_schedule_round - -## -## .aes_schedule_transform -## -## Linear-transform %xmm0 according to tables at (%r11) -## -## Requires that %xmm9 = 0x0F0F... as in preheat -## Output in %xmm0 -## Clobbers %xmm1, %xmm2 -## -.type _vpaes_schedule_transform,\@abi-omnipotent -.align 16 -_vpaes_schedule_transform: - _CET_ENDBR - movdqa %xmm9, %xmm1 - pandn %xmm0, %xmm1 - psrld \$4, %xmm1 - pand %xmm9, %xmm0 - movdqa (%r11), %xmm2 # lo - pshufb %xmm0, %xmm2 - movdqa 16(%r11), %xmm0 # hi - pshufb %xmm1, %xmm0 - pxor %xmm2, %xmm0 - ret -.size _vpaes_schedule_transform,.-_vpaes_schedule_transform - -## -## .aes_schedule_mangle -## -## Mangle xmm0 from (basis-transformed) standard version -## to our version. -## -## On encrypt, -## xor with 0x63 -## multiply by circulant 0,1,1,1 -## apply shiftrows transform -## -## On decrypt, -## xor with 0x63 -## multiply by "inverse mixcolumns" circulant E,B,D,9 -## deskew -## apply shiftrows transform -## -## -## Writes out to (%rdx), and increments or decrements it -## Keeps track of round number mod 4 in %r8 -## Preserves xmm0 -## Clobbers xmm1-xmm5 -## -.type _vpaes_schedule_mangle,\@abi-omnipotent -.align 16 -_vpaes_schedule_mangle: - _CET_ENDBR - movdqa %xmm0, %xmm4 # save xmm0 for later - movdqa .Lk_mc_forward(%rip),%xmm5 - test %rcx, %rcx - jnz .Lschedule_mangle_dec - - # encrypting - add \$16, %rdx - pxor .Lk_s63(%rip),%xmm4 - pshufb %xmm5, %xmm4 - movdqa %xmm4, %xmm3 - pshufb %xmm5, %xmm4 - pxor %xmm4, %xmm3 - pshufb %xmm5, %xmm4 - pxor %xmm4, %xmm3 - - jmp .Lschedule_mangle_both -.align 16 -.Lschedule_mangle_dec: - # inverse mix columns - lea .Lk_dksd(%rip),%r11 - movdqa %xmm9, %xmm1 - pandn %xmm4, %xmm1 - psrld \$4, %xmm1 # 1 = hi - pand %xmm9, %xmm4 # 4 = lo - - movdqa 0x00(%r11), %xmm2 - pshufb %xmm4, %xmm2 - movdqa 0x10(%r11), %xmm3 - pshufb %xmm1, %xmm3 - pxor %xmm2, %xmm3 - pshufb %xmm5, %xmm3 - - movdqa 0x20(%r11), %xmm2 - pshufb %xmm4, %xmm2 - pxor %xmm3, %xmm2 - movdqa 0x30(%r11), %xmm3 - pshufb %xmm1, %xmm3 - pxor %xmm2, %xmm3 - pshufb %xmm5, %xmm3 - - movdqa 0x40(%r11), %xmm2 - pshufb %xmm4, %xmm2 - pxor %xmm3, %xmm2 - movdqa 0x50(%r11), %xmm3 - pshufb %xmm1, %xmm3 - pxor %xmm2, %xmm3 - pshufb %xmm5, %xmm3 - - movdqa 0x60(%r11), %xmm2 - pshufb %xmm4, %xmm2 - pxor %xmm3, %xmm2 - movdqa 0x70(%r11), %xmm3 - pshufb %xmm1, %xmm3 - pxor %xmm2, %xmm3 - - add \$-16, %rdx - -.Lschedule_mangle_both: - movdqa (%r8,%r10),%xmm1 - pshufb %xmm1,%xmm3 - add \$-16, %r8 - and \$0x30, %r8 - movdqu %xmm3, (%rdx) - ret -.size _vpaes_schedule_mangle,.-_vpaes_schedule_mangle - -# -# Interface to OpenSSL -# -.globl ${PREFIX}_set_encrypt_key -.type ${PREFIX}_set_encrypt_key,\@function,3 -.align 16 -${PREFIX}_set_encrypt_key: - _CET_ENDBR -___ -$code.=<<___ if ($win64); - lea -0xb8(%rsp),%rsp - movaps %xmm6,0x10(%rsp) - movaps %xmm7,0x20(%rsp) - movaps %xmm8,0x30(%rsp) - movaps %xmm9,0x40(%rsp) - movaps %xmm10,0x50(%rsp) - movaps %xmm11,0x60(%rsp) - movaps %xmm12,0x70(%rsp) - movaps %xmm13,0x80(%rsp) - movaps %xmm14,0x90(%rsp) - movaps %xmm15,0xa0(%rsp) -.Lenc_key_body: -___ -$code.=<<___; - mov %esi,%eax - shr \$5,%eax - add \$5,%eax - mov %eax,240(%rdx) # AES_KEY->rounds = nbits/32+5; - - mov \$0,%ecx - mov \$0x30,%r8d - call _vpaes_schedule_core -___ -$code.=<<___ if ($win64); - movaps 0x10(%rsp),%xmm6 - movaps 0x20(%rsp),%xmm7 - movaps 0x30(%rsp),%xmm8 - movaps 0x40(%rsp),%xmm9 - movaps 0x50(%rsp),%xmm10 - movaps 0x60(%rsp),%xmm11 - movaps 0x70(%rsp),%xmm12 - movaps 0x80(%rsp),%xmm13 - movaps 0x90(%rsp),%xmm14 - movaps 0xa0(%rsp),%xmm15 - lea 0xb8(%rsp),%rsp -.Lenc_key_epilogue: -___ -$code.=<<___; - xor %eax,%eax - ret -.size ${PREFIX}_set_encrypt_key,.-${PREFIX}_set_encrypt_key - -.globl ${PREFIX}_set_decrypt_key -.type ${PREFIX}_set_decrypt_key,\@function,3 -.align 16 -${PREFIX}_set_decrypt_key: - _CET_ENDBR -___ -$code.=<<___ if ($win64); - lea -0xb8(%rsp),%rsp - movaps %xmm6,0x10(%rsp) - movaps %xmm7,0x20(%rsp) - movaps %xmm8,0x30(%rsp) - movaps %xmm9,0x40(%rsp) - movaps %xmm10,0x50(%rsp) - movaps %xmm11,0x60(%rsp) - movaps %xmm12,0x70(%rsp) - movaps %xmm13,0x80(%rsp) - movaps %xmm14,0x90(%rsp) - movaps %xmm15,0xa0(%rsp) -.Ldec_key_body: -___ -$code.=<<___; - mov %esi,%eax - shr \$5,%eax - add \$5,%eax - mov %eax,240(%rdx) # AES_KEY->rounds = nbits/32+5; - shl \$4,%eax - lea 16(%rdx,%rax),%rdx - - mov \$1,%ecx - mov %esi,%r8d - shr \$1,%r8d - and \$32,%r8d - xor \$32,%r8d # nbits==192?0:32 - call _vpaes_schedule_core -___ -$code.=<<___ if ($win64); - movaps 0x10(%rsp),%xmm6 - movaps 0x20(%rsp),%xmm7 - movaps 0x30(%rsp),%xmm8 - movaps 0x40(%rsp),%xmm9 - movaps 0x50(%rsp),%xmm10 - movaps 0x60(%rsp),%xmm11 - movaps 0x70(%rsp),%xmm12 - movaps 0x80(%rsp),%xmm13 - movaps 0x90(%rsp),%xmm14 - movaps 0xa0(%rsp),%xmm15 - lea 0xb8(%rsp),%rsp -.Ldec_key_epilogue: -___ -$code.=<<___; - xor %eax,%eax - ret -.size ${PREFIX}_set_decrypt_key,.-${PREFIX}_set_decrypt_key - -.globl ${PREFIX}_encrypt -.type ${PREFIX}_encrypt,\@function,3 -.align 16 -${PREFIX}_encrypt: - _CET_ENDBR -___ -$code.=<<___ if ($win64); - lea -0xb8(%rsp),%rsp - movaps %xmm6,0x10(%rsp) - movaps %xmm7,0x20(%rsp) - movaps %xmm8,0x30(%rsp) - movaps %xmm9,0x40(%rsp) - movaps %xmm10,0x50(%rsp) - movaps %xmm11,0x60(%rsp) - movaps %xmm12,0x70(%rsp) - movaps %xmm13,0x80(%rsp) - movaps %xmm14,0x90(%rsp) - movaps %xmm15,0xa0(%rsp) -.Lenc_body: -___ -$code.=<<___; - movdqu (%rdi),%xmm0 - call _vpaes_preheat - call _vpaes_encrypt_core - movdqu %xmm0,(%rsi) -___ -$code.=<<___ if ($win64); - movaps 0x10(%rsp),%xmm6 - movaps 0x20(%rsp),%xmm7 - movaps 0x30(%rsp),%xmm8 - movaps 0x40(%rsp),%xmm9 - movaps 0x50(%rsp),%xmm10 - movaps 0x60(%rsp),%xmm11 - movaps 0x70(%rsp),%xmm12 - movaps 0x80(%rsp),%xmm13 - movaps 0x90(%rsp),%xmm14 - movaps 0xa0(%rsp),%xmm15 - lea 0xb8(%rsp),%rsp -.Lenc_epilogue: -___ -$code.=<<___; - ret -.size ${PREFIX}_encrypt,.-${PREFIX}_encrypt - -.globl ${PREFIX}_decrypt -.type ${PREFIX}_decrypt,\@function,3 -.align 16 -${PREFIX}_decrypt: - _CET_ENDBR -___ -$code.=<<___ if ($win64); - lea -0xb8(%rsp),%rsp - movaps %xmm6,0x10(%rsp) - movaps %xmm7,0x20(%rsp) - movaps %xmm8,0x30(%rsp) - movaps %xmm9,0x40(%rsp) - movaps %xmm10,0x50(%rsp) - movaps %xmm11,0x60(%rsp) - movaps %xmm12,0x70(%rsp) - movaps %xmm13,0x80(%rsp) - movaps %xmm14,0x90(%rsp) - movaps %xmm15,0xa0(%rsp) -.Ldec_body: -___ -$code.=<<___; - movdqu (%rdi),%xmm0 - call _vpaes_preheat - call _vpaes_decrypt_core - movdqu %xmm0,(%rsi) -___ -$code.=<<___ if ($win64); - movaps 0x10(%rsp),%xmm6 - movaps 0x20(%rsp),%xmm7 - movaps 0x30(%rsp),%xmm8 - movaps 0x40(%rsp),%xmm9 - movaps 0x50(%rsp),%xmm10 - movaps 0x60(%rsp),%xmm11 - movaps 0x70(%rsp),%xmm12 - movaps 0x80(%rsp),%xmm13 - movaps 0x90(%rsp),%xmm14 - movaps 0xa0(%rsp),%xmm15 - lea 0xb8(%rsp),%rsp -.Ldec_epilogue: -___ -$code.=<<___; - ret -.size ${PREFIX}_decrypt,.-${PREFIX}_decrypt -___ -{ -my ($inp,$out,$len,$key,$ivp,$enc)=("%rdi","%rsi","%rdx","%rcx","%r8","%r9"); -# void AES_cbc_encrypt (const void char *inp, unsigned char *out, -# size_t length, const AES_KEY *key, -# unsigned char *ivp,const int enc); -$code.=<<___; -.globl ${PREFIX}_cbc_encrypt -.type ${PREFIX}_cbc_encrypt,\@function,6 -.align 16 -${PREFIX}_cbc_encrypt: - _CET_ENDBR - xchg $key,$len -___ -($len,$key)=($key,$len); -$code.=<<___; - sub \$16,$len - jc .Lcbc_abort -___ -$code.=<<___ if ($win64); - lea -0xb8(%rsp),%rsp - movaps %xmm6,0x10(%rsp) - movaps %xmm7,0x20(%rsp) - movaps %xmm8,0x30(%rsp) - movaps %xmm9,0x40(%rsp) - movaps %xmm10,0x50(%rsp) - movaps %xmm11,0x60(%rsp) - movaps %xmm12,0x70(%rsp) - movaps %xmm13,0x80(%rsp) - movaps %xmm14,0x90(%rsp) - movaps %xmm15,0xa0(%rsp) -.Lcbc_body: -___ -$code.=<<___; - movdqu ($ivp),%xmm6 # load IV - sub $inp,$out - call _vpaes_preheat - cmp \$0,${enc}d - je .Lcbc_dec_loop - jmp .Lcbc_enc_loop -.align 16 -.Lcbc_enc_loop: - movdqu ($inp),%xmm0 - pxor %xmm6,%xmm0 - call _vpaes_encrypt_core - movdqa %xmm0,%xmm6 - movdqu %xmm0,($out,$inp) - lea 16($inp),$inp - sub \$16,$len - jnc .Lcbc_enc_loop - jmp .Lcbc_done -.align 16 -.Lcbc_dec_loop: - movdqu ($inp),%xmm0 - movdqa %xmm0,%xmm7 - call _vpaes_decrypt_core - pxor %xmm6,%xmm0 - movdqa %xmm7,%xmm6 - movdqu %xmm0,($out,$inp) - lea 16($inp),$inp - sub \$16,$len - jnc .Lcbc_dec_loop -.Lcbc_done: - movdqu %xmm6,($ivp) # save IV -___ -$code.=<<___ if ($win64); - movaps 0x10(%rsp),%xmm6 - movaps 0x20(%rsp),%xmm7 - movaps 0x30(%rsp),%xmm8 - movaps 0x40(%rsp),%xmm9 - movaps 0x50(%rsp),%xmm10 - movaps 0x60(%rsp),%xmm11 - movaps 0x70(%rsp),%xmm12 - movaps 0x80(%rsp),%xmm13 - movaps 0x90(%rsp),%xmm14 - movaps 0xa0(%rsp),%xmm15 - lea 0xb8(%rsp),%rsp -.Lcbc_epilogue: -___ -$code.=<<___; -.Lcbc_abort: - ret -.size ${PREFIX}_cbc_encrypt,.-${PREFIX}_cbc_encrypt -___ -} -$code.=<<___; -## -## _aes_preheat -## -## Fills register %r10 -> .aes_consts (so you can -fPIC) -## and %xmm9-%xmm15 as specified below. -## -.type _vpaes_preheat,\@abi-omnipotent -.align 16 -_vpaes_preheat: - _CET_ENDBR - lea .Lk_s0F(%rip), %r10 - movdqa -0x20(%r10), %xmm10 # .Lk_inv - movdqa -0x10(%r10), %xmm11 # .Lk_inv+16 - movdqa 0x00(%r10), %xmm9 # .Lk_s0F - movdqa 0x30(%r10), %xmm13 # .Lk_sb1 - movdqa 0x40(%r10), %xmm12 # .Lk_sb1+16 - movdqa 0x50(%r10), %xmm15 # .Lk_sb2 - movdqa 0x60(%r10), %xmm14 # .Lk_sb2+16 - ret -.size _vpaes_preheat,.-_vpaes_preheat -######################################################## -## ## -## Constants ## -## ## -######################################################## -.section .rodata -.type _vpaes_consts,\@object -.align 64 -_vpaes_consts: -.Lk_inv: # inv, inva - .quad 0x0E05060F0D080180, 0x040703090A0B0C02 - .quad 0x01040A060F0B0780, 0x030D0E0C02050809 - -.Lk_s0F: # s0F - .quad 0x0F0F0F0F0F0F0F0F, 0x0F0F0F0F0F0F0F0F - -.Lk_ipt: # input transform (lo, hi) - .quad 0xC2B2E8985A2A7000, 0xCABAE09052227808 - .quad 0x4C01307D317C4D00, 0xCD80B1FCB0FDCC81 - -.Lk_sb1: # sb1u, sb1t - .quad 0xB19BE18FCB503E00, 0xA5DF7A6E142AF544 - .quad 0x3618D415FAE22300, 0x3BF7CCC10D2ED9EF -.Lk_sb2: # sb2u, sb2t - .quad 0xE27A93C60B712400, 0x5EB7E955BC982FCD - .quad 0x69EB88400AE12900, 0xC2A163C8AB82234A -.Lk_sbo: # sbou, sbot - .quad 0xD0D26D176FBDC700, 0x15AABF7AC502A878 - .quad 0xCFE474A55FBB6A00, 0x8E1E90D1412B35FA - -.Lk_mc_forward: # mc_forward - .quad 0x0407060500030201, 0x0C0F0E0D080B0A09 - .quad 0x080B0A0904070605, 0x000302010C0F0E0D - .quad 0x0C0F0E0D080B0A09, 0x0407060500030201 - .quad 0x000302010C0F0E0D, 0x080B0A0904070605 - -.Lk_mc_backward:# mc_backward - .quad 0x0605040702010003, 0x0E0D0C0F0A09080B - .quad 0x020100030E0D0C0F, 0x0A09080B06050407 - .quad 0x0E0D0C0F0A09080B, 0x0605040702010003 - .quad 0x0A09080B06050407, 0x020100030E0D0C0F - -.Lk_sr: # sr - .quad 0x0706050403020100, 0x0F0E0D0C0B0A0908 - .quad 0x030E09040F0A0500, 0x0B06010C07020D08 - .quad 0x0F060D040B020900, 0x070E050C030A0108 - .quad 0x0B0E0104070A0D00, 0x0306090C0F020508 - -.Lk_rcon: # rcon - .quad 0x1F8391B9AF9DEEB6, 0x702A98084D7C7D81 - -.Lk_s63: # s63: all equal to 0x63 transformed - .quad 0x5B5B5B5B5B5B5B5B, 0x5B5B5B5B5B5B5B5B - -.Lk_opt: # output transform - .quad 0xFF9F4929D6B66000, 0xF7974121DEBE6808 - .quad 0x01EDBD5150BCEC00, 0xE10D5DB1B05C0CE0 - -.Lk_deskew: # deskew tables: inverts the sbox's "skew" - .quad 0x07E4A34047A4E300, 0x1DFEB95A5DBEF91A - .quad 0x5F36B5DC83EA6900, 0x2841C2ABF49D1E77 - -## -## Decryption stuff -## Key schedule constants -## -.Lk_dksd: # decryption key schedule: invskew x*D - .quad 0xFEB91A5DA3E44700, 0x0740E3A45A1DBEF9 - .quad 0x41C277F4B5368300, 0x5FDC69EAAB289D1E -.Lk_dksb: # decryption key schedule: invskew x*B - .quad 0x9A4FCA1F8550D500, 0x03D653861CC94C99 - .quad 0x115BEDA7B6FC4A00, 0xD993256F7E3482C8 -.Lk_dkse: # decryption key schedule: invskew x*E + 0x63 - .quad 0xD5031CCA1FC9D600, 0x53859A4C994F5086 - .quad 0xA23196054FDC7BE8, 0xCD5EF96A20B31487 -.Lk_dks9: # decryption key schedule: invskew x*9 - .quad 0xB6116FC87ED9A700, 0x4AED933482255BFC - .quad 0x4576516227143300, 0x8BB89FACE9DAFDCE - -## -## Decryption stuff -## Round function constants -## -.Lk_dipt: # decryption input transform - .quad 0x0F505B040B545F00, 0x154A411E114E451A - .quad 0x86E383E660056500, 0x12771772F491F194 - -.Lk_dsb9: # decryption sbox output *9*u, *9*t - .quad 0x851C03539A86D600, 0xCAD51F504F994CC9 - .quad 0xC03B1789ECD74900, 0x725E2C9EB2FBA565 -.Lk_dsbd: # decryption sbox output *D*u, *D*t - .quad 0x7D57CCDFE6B1A200, 0xF56E9B13882A4439 - .quad 0x3CE2FAF724C6CB00, 0x2931180D15DEEFD3 -.Lk_dsbb: # decryption sbox output *B*u, *B*t - .quad 0xD022649296B44200, 0x602646F6B0F2D404 - .quad 0xC19498A6CD596700, 0xF3FF0C3E3255AA6B -.Lk_dsbe: # decryption sbox output *E*u, *E*t - .quad 0x46F2929626D4D000, 0x2242600464B4F6B0 - .quad 0x0C55A6CDFFAAC100, 0x9467F36B98593E32 -.Lk_dsbo: # decryption sbox final output - .quad 0x1387EA537EF94000, 0xC7AA6DB9D4943E2D - .quad 0x12D7560F93441D00, 0xCA4B8159D8C58E9C -.align 64 -.size _vpaes_consts,.-_vpaes_consts -.text -___ - -if ($win64) { -# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame, -# CONTEXT *context,DISPATCHER_CONTEXT *disp) -$rec="%rcx"; -$frame="%rdx"; -$context="%r8"; -$disp="%r9"; - -$code.=<<___; -.extern __imp_RtlVirtualUnwind -.type se_handler,\@abi-omnipotent -.align 16 -se_handler: - _CET_ENDBR - push %rsi - push %rdi - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - pushfq - sub \$64,%rsp - - mov 120($context),%rax # pull context->Rax - mov 248($context),%rbx # pull context->Rip - - mov 8($disp),%rsi # disp->ImageBase - mov 56($disp),%r11 # disp->HandlerData - - mov 0(%r11),%r10d # HandlerData[0] - lea (%rsi,%r10),%r10 # prologue label - cmp %r10,%rbx # context->RipRsp - - mov 4(%r11),%r10d # HandlerData[1] - lea (%rsi,%r10),%r10 # epilogue label - cmp %r10,%rbx # context->Rip>=epilogue label - jae .Lin_prologue - - lea 16(%rax),%rsi # %xmm save area - lea 512($context),%rdi # &context.Xmm6 - mov \$20,%ecx # 10*sizeof(%xmm0)/sizeof(%rax) - .long 0xa548f3fc # cld; rep movsq - lea 0xb8(%rax),%rax # adjust stack pointer - -.Lin_prologue: - mov 8(%rax),%rdi - mov 16(%rax),%rsi - mov %rax,152($context) # restore context->Rsp - mov %rsi,168($context) # restore context->Rsi - mov %rdi,176($context) # restore context->Rdi - - mov 40($disp),%rdi # disp->ContextRecord - mov $context,%rsi # context - mov \$`1232/8`,%ecx # sizeof(CONTEXT) - .long 0xa548f3fc # cld; rep movsq - - mov $disp,%rsi - xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER - mov 8(%rsi),%rdx # arg2, disp->ImageBase - mov 0(%rsi),%r8 # arg3, disp->ControlPc - mov 16(%rsi),%r9 # arg4, disp->FunctionEntry - mov 40(%rsi),%r10 # disp->ContextRecord - lea 56(%rsi),%r11 # &disp->HandlerData - lea 24(%rsi),%r12 # &disp->EstablisherFrame - mov %r10,32(%rsp) # arg5 - mov %r11,40(%rsp) # arg6 - mov %r12,48(%rsp) # arg7 - mov %rcx,56(%rsp) # arg8, (NULL) - call *__imp_RtlVirtualUnwind(%rip) - - mov \$1,%eax # ExceptionContinueSearch - add \$64,%rsp - popfq - pop %r15 - pop %r14 - pop %r13 - pop %r12 - pop %rbp - pop %rbx - pop %rdi - pop %rsi - ret -.size se_handler,.-se_handler - -.section .pdata -.align 4 - .rva .LSEH_begin_${PREFIX}_set_encrypt_key - .rva .LSEH_end_${PREFIX}_set_encrypt_key - .rva .LSEH_info_${PREFIX}_set_encrypt_key - - .rva .LSEH_begin_${PREFIX}_set_decrypt_key - .rva .LSEH_end_${PREFIX}_set_decrypt_key - .rva .LSEH_info_${PREFIX}_set_decrypt_key - - .rva .LSEH_begin_${PREFIX}_encrypt - .rva .LSEH_end_${PREFIX}_encrypt - .rva .LSEH_info_${PREFIX}_encrypt - - .rva .LSEH_begin_${PREFIX}_decrypt - .rva .LSEH_end_${PREFIX}_decrypt - .rva .LSEH_info_${PREFIX}_decrypt - - .rva .LSEH_begin_${PREFIX}_cbc_encrypt - .rva .LSEH_end_${PREFIX}_cbc_encrypt - .rva .LSEH_info_${PREFIX}_cbc_encrypt - -.section .xdata -.align 8 -.LSEH_info_${PREFIX}_set_encrypt_key: - .byte 9,0,0,0 - .rva se_handler - .rva .Lenc_key_body,.Lenc_key_epilogue # HandlerData[] -.LSEH_info_${PREFIX}_set_decrypt_key: - .byte 9,0,0,0 - .rva se_handler - .rva .Ldec_key_body,.Ldec_key_epilogue # HandlerData[] -.LSEH_info_${PREFIX}_encrypt: - .byte 9,0,0,0 - .rva se_handler - .rva .Lenc_body,.Lenc_epilogue # HandlerData[] -.LSEH_info_${PREFIX}_decrypt: - .byte 9,0,0,0 - .rva se_handler - .rva .Ldec_body,.Ldec_epilogue # HandlerData[] -.LSEH_info_${PREFIX}_cbc_encrypt: - .byte 9,0,0,0 - .rva se_handler - .rva .Lcbc_body,.Lcbc_epilogue # HandlerData[] -___ -} - -$code =~ s/\`([^\`]*)\`/eval($1)/gem; - -print $code; - -close STDOUT; diff --git a/src/lib/libcrypto/arc4random/arc4random_aix.h b/src/lib/libcrypto/arc4random/arc4random_aix.h deleted file mode 100644 index 3142a1f278..0000000000 --- a/src/lib/libcrypto/arc4random/arc4random_aix.h +++ /dev/null @@ -1,81 +0,0 @@ -/* $OpenBSD: arc4random_aix.h,v 1.2 2016/06/30 12:19:51 bcook Exp $ */ - -/* - * Copyright (c) 1996, David Mazieres - * Copyright (c) 2008, Damien Miller - * Copyright (c) 2013, Markus Friedl - * Copyright (c) 2014, Theo de Raadt - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * Stub functions for portability. - */ - -#include - -#include -#include - -static pthread_mutex_t arc4random_mtx = PTHREAD_MUTEX_INITIALIZER; -#define _ARC4_LOCK() pthread_mutex_lock(&arc4random_mtx) -#define _ARC4_UNLOCK() pthread_mutex_unlock(&arc4random_mtx) - -#define _ARC4_ATFORK(f) pthread_atfork(NULL, NULL, (f)) - -static inline void -_getentropy_fail(void) -{ - raise(SIGKILL); -} - -static volatile sig_atomic_t _rs_forked; - -static inline void -_rs_forkhandler(void) -{ - _rs_forked = 1; -} - -static inline void -_rs_forkdetect(void) -{ - static pid_t _rs_pid = 0; - pid_t pid = getpid(); - - if (_rs_pid == 0 || _rs_pid != pid || _rs_forked) { - _rs_pid = pid; - _rs_forked = 0; - if (rs) - memset(rs, 0, sizeof(*rs)); - } -} - -static inline int -_rs_allocate(struct _rs **rsp, struct _rsx **rsxp) -{ - if ((*rsp = mmap(NULL, sizeof(**rsp), PROT_READ|PROT_WRITE, - MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) - return (-1); - - if ((*rsxp = mmap(NULL, sizeof(**rsxp), PROT_READ|PROT_WRITE, - MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) { - munmap(*rsp, sizeof(**rsp)); - *rsp = NULL; - return (-1); - } - - _ARC4_ATFORK(_rs_forkhandler); - return (0); -} diff --git a/src/lib/libcrypto/arc4random/arc4random_freebsd.h b/src/lib/libcrypto/arc4random/arc4random_freebsd.h deleted file mode 100644 index 3faa5e4d31..0000000000 --- a/src/lib/libcrypto/arc4random/arc4random_freebsd.h +++ /dev/null @@ -1,87 +0,0 @@ -/* $OpenBSD: arc4random_freebsd.h,v 1.4 2016/06/30 12:19:51 bcook Exp $ */ - -/* - * Copyright (c) 1996, David Mazieres - * Copyright (c) 2008, Damien Miller - * Copyright (c) 2013, Markus Friedl - * Copyright (c) 2014, Theo de Raadt - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * Stub functions for portability. - */ - -#include - -#include -#include - -static pthread_mutex_t arc4random_mtx = PTHREAD_MUTEX_INITIALIZER; -#define _ARC4_LOCK() pthread_mutex_lock(&arc4random_mtx) -#define _ARC4_UNLOCK() pthread_mutex_unlock(&arc4random_mtx) - -/* - * Unfortunately, pthread_atfork() is broken on FreeBSD (at least 9 and 10) if - * a program does not link to -lthr. Callbacks registered with pthread_atfork() - * appear to fail silently. So, it is not always possible to detect a PID - * wraparound. - */ -#define _ARC4_ATFORK(f) pthread_atfork(NULL, NULL, (f)) - -static inline void -_getentropy_fail(void) -{ - raise(SIGKILL); -} - -static volatile sig_atomic_t _rs_forked; - -static inline void -_rs_forkhandler(void) -{ - _rs_forked = 1; -} - -static inline void -_rs_forkdetect(void) -{ - static pid_t _rs_pid = 0; - pid_t pid = getpid(); - - if (_rs_pid == 0 || _rs_pid != pid || _rs_forked) { - _rs_pid = pid; - _rs_forked = 0; - if (rs) - memset(rs, 0, sizeof(*rs)); - } -} - -static inline int -_rs_allocate(struct _rs **rsp, struct _rsx **rsxp) -{ - if ((*rsp = mmap(NULL, sizeof(**rsp), PROT_READ|PROT_WRITE, - MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) - return (-1); - - if ((*rsxp = mmap(NULL, sizeof(**rsxp), PROT_READ|PROT_WRITE, - MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) { - munmap(*rsp, sizeof(**rsp)); - *rsp = NULL; - return (-1); - } - - _ARC4_ATFORK(_rs_forkhandler); - return (0); -} diff --git a/src/lib/libcrypto/arc4random/arc4random_hpux.h b/src/lib/libcrypto/arc4random/arc4random_hpux.h deleted file mode 100644 index 2a3fe8c611..0000000000 --- a/src/lib/libcrypto/arc4random/arc4random_hpux.h +++ /dev/null @@ -1,81 +0,0 @@ -/* $OpenBSD: arc4random_hpux.h,v 1.3 2016/06/30 12:19:51 bcook Exp $ */ - -/* - * Copyright (c) 1996, David Mazieres - * Copyright (c) 2008, Damien Miller - * Copyright (c) 2013, Markus Friedl - * Copyright (c) 2014, Theo de Raadt - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * Stub functions for portability. - */ - -#include - -#include -#include - -static pthread_mutex_t arc4random_mtx = PTHREAD_MUTEX_INITIALIZER; -#define _ARC4_LOCK() pthread_mutex_lock(&arc4random_mtx) -#define _ARC4_UNLOCK() pthread_mutex_unlock(&arc4random_mtx) - -#define _ARC4_ATFORK(f) pthread_atfork(NULL, NULL, (f)) - -static inline void -_getentropy_fail(void) -{ - raise(SIGKILL); -} - -static volatile sig_atomic_t _rs_forked; - -static inline void -_rs_forkhandler(void) -{ - _rs_forked = 1; -} - -static inline void -_rs_forkdetect(void) -{ - static pid_t _rs_pid = 0; - pid_t pid = getpid(); - - if (_rs_pid == 0 || _rs_pid != pid || _rs_forked) { - _rs_pid = pid; - _rs_forked = 0; - if (rs) - memset(rs, 0, sizeof(*rs)); - } -} - -static inline int -_rs_allocate(struct _rs **rsp, struct _rsx **rsxp) -{ - if ((*rsp = mmap(NULL, sizeof(**rsp), PROT_READ|PROT_WRITE, - MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) - return (-1); - - if ((*rsxp = mmap(NULL, sizeof(**rsxp), PROT_READ|PROT_WRITE, - MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) { - munmap(*rsp, sizeof(**rsp)); - *rsp = NULL; - return (-1); - } - - _ARC4_ATFORK(_rs_forkhandler); - return (0); -} diff --git a/src/lib/libcrypto/arc4random/arc4random_linux.h b/src/lib/libcrypto/arc4random/arc4random_linux.h deleted file mode 100644 index 5e1cf34e6e..0000000000 --- a/src/lib/libcrypto/arc4random/arc4random_linux.h +++ /dev/null @@ -1,88 +0,0 @@ -/* $OpenBSD: arc4random_linux.h,v 1.12 2019/07/11 10:37:28 inoguchi Exp $ */ - -/* - * Copyright (c) 1996, David Mazieres - * Copyright (c) 2008, Damien Miller - * Copyright (c) 2013, Markus Friedl - * Copyright (c) 2014, Theo de Raadt - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * Stub functions for portability. - */ - -#include - -#include -#include - -static pthread_mutex_t arc4random_mtx = PTHREAD_MUTEX_INITIALIZER; -#define _ARC4_LOCK() pthread_mutex_lock(&arc4random_mtx) -#define _ARC4_UNLOCK() pthread_mutex_unlock(&arc4random_mtx) - -#if defined(__GLIBC__) && !(defined(__UCLIBC__) && !defined(__ARCH_USE_MMU__)) -extern void *__dso_handle; -extern int __register_atfork(void (*)(void), void(*)(void), void (*)(void), void *); -#define _ARC4_ATFORK(f) __register_atfork(NULL, NULL, (f), __dso_handle) -#else -#define _ARC4_ATFORK(f) pthread_atfork(NULL, NULL, (f)) -#endif - -static inline void -_getentropy_fail(void) -{ - raise(SIGKILL); -} - -static volatile sig_atomic_t _rs_forked; - -static inline void -_rs_forkhandler(void) -{ - _rs_forked = 1; -} - -static inline void -_rs_forkdetect(void) -{ - static pid_t _rs_pid = 0; - pid_t pid = getpid(); - - /* XXX unusual calls to clone() can bypass checks */ - if (_rs_pid == 0 || _rs_pid == 1 || _rs_pid != pid || _rs_forked) { - _rs_pid = pid; - _rs_forked = 0; - if (rs) - memset(rs, 0, sizeof(*rs)); - } -} - -static inline int -_rs_allocate(struct _rs **rsp, struct _rsx **rsxp) -{ - if ((*rsp = mmap(NULL, sizeof(**rsp), PROT_READ|PROT_WRITE, - MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) - return (-1); - - if ((*rsxp = mmap(NULL, sizeof(**rsxp), PROT_READ|PROT_WRITE, - MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) { - munmap(*rsp, sizeof(**rsp)); - *rsp = NULL; - return (-1); - } - - _ARC4_ATFORK(_rs_forkhandler); - return (0); -} diff --git a/src/lib/libcrypto/arc4random/arc4random_netbsd.h b/src/lib/libcrypto/arc4random/arc4random_netbsd.h deleted file mode 100644 index 611997d54d..0000000000 --- a/src/lib/libcrypto/arc4random/arc4random_netbsd.h +++ /dev/null @@ -1,87 +0,0 @@ -/* $OpenBSD: arc4random_netbsd.h,v 1.3 2016/06/30 12:19:51 bcook Exp $ */ - -/* - * Copyright (c) 1996, David Mazieres - * Copyright (c) 2008, Damien Miller - * Copyright (c) 2013, Markus Friedl - * Copyright (c) 2014, Theo de Raadt - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * Stub functions for portability. - */ - -#include - -#include -#include - -static pthread_mutex_t arc4random_mtx = PTHREAD_MUTEX_INITIALIZER; -#define _ARC4_LOCK() pthread_mutex_lock(&arc4random_mtx) -#define _ARC4_UNLOCK() pthread_mutex_unlock(&arc4random_mtx) - -/* - * Unfortunately, pthread_atfork() is broken on FreeBSD (at least 9 and 10) if - * a program does not link to -lthr. Callbacks registered with pthread_atfork() - * appear to fail silently. So, it is not always possible to detect a PID - * wraparound. - */ -#define _ARC4_ATFORK(f) pthread_atfork(NULL, NULL, (f)) - -static inline void -_getentropy_fail(void) -{ - raise(SIGKILL); -} - -static volatile sig_atomic_t _rs_forked; - -static inline void -_rs_forkhandler(void) -{ - _rs_forked = 1; -} - -static inline void -_rs_forkdetect(void) -{ - static pid_t _rs_pid = 0; - pid_t pid = getpid(); - - if (_rs_pid == 0 || _rs_pid != pid || _rs_forked) { - _rs_pid = pid; - _rs_forked = 0; - if (rs) - memset(rs, 0, sizeof(*rs)); - } -} - -static inline int -_rs_allocate(struct _rs **rsp, struct _rsx **rsxp) -{ - if ((*rsp = mmap(NULL, sizeof(**rsp), PROT_READ|PROT_WRITE, - MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) - return (-1); - - if ((*rsxp = mmap(NULL, sizeof(**rsxp), PROT_READ|PROT_WRITE, - MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) { - munmap(*rsp, sizeof(**rsp)); - *rsp = NULL; - return (-1); - } - - _ARC4_ATFORK(_rs_forkhandler); - return (0); -} diff --git a/src/lib/libcrypto/arc4random/arc4random_osx.h b/src/lib/libcrypto/arc4random/arc4random_osx.h deleted file mode 100644 index 818ae6bbf4..0000000000 --- a/src/lib/libcrypto/arc4random/arc4random_osx.h +++ /dev/null @@ -1,81 +0,0 @@ -/* $OpenBSD: arc4random_osx.h,v 1.11 2016/06/30 12:19:51 bcook Exp $ */ - -/* - * Copyright (c) 1996, David Mazieres - * Copyright (c) 2008, Damien Miller - * Copyright (c) 2013, Markus Friedl - * Copyright (c) 2014, Theo de Raadt - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * Stub functions for portability. - */ - -#include - -#include -#include - -static pthread_mutex_t arc4random_mtx = PTHREAD_MUTEX_INITIALIZER; -#define _ARC4_LOCK() pthread_mutex_lock(&arc4random_mtx) -#define _ARC4_UNLOCK() pthread_mutex_unlock(&arc4random_mtx) - -#define _ARC4_ATFORK(f) pthread_atfork(NULL, NULL, (f)) - -static inline void -_getentropy_fail(void) -{ - raise(SIGKILL); -} - -static volatile sig_atomic_t _rs_forked; - -static inline void -_rs_forkhandler(void) -{ - _rs_forked = 1; -} - -static inline void -_rs_forkdetect(void) -{ - static pid_t _rs_pid = 0; - pid_t pid = getpid(); - - if (_rs_pid == 0 || _rs_pid != pid || _rs_forked) { - _rs_pid = pid; - _rs_forked = 0; - if (rs) - memset(rs, 0, sizeof(*rs)); - } -} - -static inline int -_rs_allocate(struct _rs **rsp, struct _rsx **rsxp) -{ - if ((*rsp = mmap(NULL, sizeof(**rsp), PROT_READ|PROT_WRITE, - MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) - return (-1); - - if ((*rsxp = mmap(NULL, sizeof(**rsxp), PROT_READ|PROT_WRITE, - MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) { - munmap(*rsp, sizeof(**rsp)); - *rsp = NULL; - return (-1); - } - - _ARC4_ATFORK(_rs_forkhandler); - return (0); -} diff --git a/src/lib/libcrypto/arc4random/arc4random_solaris.h b/src/lib/libcrypto/arc4random/arc4random_solaris.h deleted file mode 100644 index b1084cda08..0000000000 --- a/src/lib/libcrypto/arc4random/arc4random_solaris.h +++ /dev/null @@ -1,81 +0,0 @@ -/* $OpenBSD: arc4random_solaris.h,v 1.10 2016/06/30 12:19:51 bcook Exp $ */ - -/* - * Copyright (c) 1996, David Mazieres - * Copyright (c) 2008, Damien Miller - * Copyright (c) 2013, Markus Friedl - * Copyright (c) 2014, Theo de Raadt - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * Stub functions for portability. - */ - -#include - -#include -#include - -static pthread_mutex_t arc4random_mtx = PTHREAD_MUTEX_INITIALIZER; -#define _ARC4_LOCK() pthread_mutex_lock(&arc4random_mtx) -#define _ARC4_UNLOCK() pthread_mutex_unlock(&arc4random_mtx) - -#define _ARC4_ATFORK(f) pthread_atfork(NULL, NULL, (f)) - -static inline void -_getentropy_fail(void) -{ - raise(SIGKILL); -} - -static volatile sig_atomic_t _rs_forked; - -static inline void -_rs_forkhandler(void) -{ - _rs_forked = 1; -} - -static inline void -_rs_forkdetect(void) -{ - static pid_t _rs_pid = 0; - pid_t pid = getpid(); - - if (_rs_pid == 0 || _rs_pid != pid || _rs_forked) { - _rs_pid = pid; - _rs_forked = 0; - if (rs) - memset(rs, 0, sizeof(*rs)); - } -} - -static inline int -_rs_allocate(struct _rs **rsp, struct _rsx **rsxp) -{ - if ((*rsp = mmap(NULL, sizeof(**rsp), PROT_READ|PROT_WRITE, - MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) - return (-1); - - if ((*rsxp = mmap(NULL, sizeof(**rsxp), PROT_READ|PROT_WRITE, - MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED) { - munmap(*rsp, sizeof(**rsp)); - *rsp = NULL; - return (-1); - } - - _ARC4_ATFORK(_rs_forkhandler); - return (0); -} diff --git a/src/lib/libcrypto/arc4random/arc4random_win.h b/src/lib/libcrypto/arc4random/arc4random_win.h deleted file mode 100644 index deec8a1efe..0000000000 --- a/src/lib/libcrypto/arc4random/arc4random_win.h +++ /dev/null @@ -1,78 +0,0 @@ -/* $OpenBSD: arc4random_win.h,v 1.6 2016/06/30 12:17:29 bcook Exp $ */ - -/* - * Copyright (c) 1996, David Mazieres - * Copyright (c) 2008, Damien Miller - * Copyright (c) 2013, Markus Friedl - * Copyright (c) 2014, Theo de Raadt - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * Stub functions for portability. - */ - -#include - -static volatile HANDLE arc4random_mtx = NULL; - -/* - * Initialize the mutex on the first lock attempt. On collision, each thread - * will attempt to allocate a mutex and compare-and-swap it into place as the - * global mutex. On failure to swap in the global mutex, the mutex is closed. - */ -#define _ARC4_LOCK() { \ - if (!arc4random_mtx) { \ - HANDLE p = CreateMutex(NULL, FALSE, NULL); \ - if (InterlockedCompareExchangePointer((void **)&arc4random_mtx, (void *)p, NULL)) \ - CloseHandle(p); \ - } \ - WaitForSingleObject(arc4random_mtx, INFINITE); \ -} \ - -#define _ARC4_UNLOCK() ReleaseMutex(arc4random_mtx) - -static inline void -_getentropy_fail(void) -{ - TerminateProcess(GetCurrentProcess(), 0); -} - -static inline int -_rs_allocate(struct _rs **rsp, struct _rsx **rsxp) -{ - *rsp = VirtualAlloc(NULL, sizeof(**rsp), - MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE); - if (*rsp == NULL) - return (-1); - - *rsxp = VirtualAlloc(NULL, sizeof(**rsxp), - MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE); - if (*rsxp == NULL) { - VirtualFree(*rsp, 0, MEM_RELEASE); - *rsp = NULL; - return (-1); - } - return (0); -} - -static inline void -_rs_forkhandler(void) -{ -} - -static inline void -_rs_forkdetect(void) -{ -} diff --git a/src/lib/libcrypto/arc4random/getentropy_aix.c b/src/lib/libcrypto/arc4random/getentropy_aix.c deleted file mode 100644 index 9d085cf503..0000000000 --- a/src/lib/libcrypto/arc4random/getentropy_aix.c +++ /dev/null @@ -1,402 +0,0 @@ -/* $OpenBSD: getentropy_aix.c,v 1.9 2022/12/26 07:18:50 jmc Exp $ */ - -/* - * Copyright (c) 2015 Michael Felt - * Copyright (c) 2014 Theo de Raadt - * Copyright (c) 2014 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - * - * Emulation of getentropy(2) as documented at: - * http://man.openbsd.org/getentropy.2 - */ -/* - * -lperfstat is needed for the pseudo entropy data - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include - -#include - -#define REPEAT 5 -#define MINIMUM(a, b) (((a) < (b)) ? (a) : (b)) - -#define HX(a, b) \ - do { \ - if ((a)) \ - HD(errno); \ - else \ - HD(b); \ - } while (0) - -#define HR(x, l) (SHA512_Update(&ctx, (char *)(x), (l))) -#define HD(x) (SHA512_Update(&ctx, (char *)&(x), sizeof (x))) -#define HF(x) (SHA512_Update(&ctx, (char *)&(x), sizeof (void*))) - -int getentropy(void *buf, size_t len); - -static int getentropy_urandom(void *buf, size_t len, const char *path, - int devfscheck); -static int getentropy_fallback(void *buf, size_t len); - -int -getentropy(void *buf, size_t len) -{ - int ret = -1; - - if (len > 256) { - errno = EIO; - return (-1); - } - - /* - * Try to get entropy with /dev/urandom - */ - ret = getentropy_urandom(buf, len, "/dev/urandom", 0); - if (ret != -1) - return (ret); - - /* - * Entropy collection via /dev/urandom has failed. - * - * No other API exists for collecting entropy, and we have - * no failsafe way to get it on AIX that is not sensitive - * to resource exhaustion. - * - * We have very few options: - * - Even syslog_r is unsafe to call at this low level, so - * there is no way to alert the user or program. - * - Cannot call abort() because some systems have unsafe - * corefiles. - * - Could raise(SIGKILL) resulting in silent program termination. - * - Return EIO, to hint that arc4random's stir function - * should raise(SIGKILL) - * - Do the best under the circumstances.... - * - * This code path exists to bring light to the issue that AIX - * does not provide a failsafe API for entropy collection. - * - * We hope this demonstrates that AIX should consider - * providing a new failsafe API which works in a chroot or - * when file descriptors are exhausted. - */ -#undef FAIL_INSTEAD_OF_TRYING_FALLBACK -#ifdef FAIL_INSTEAD_OF_TRYING_FALLBACK - raise(SIGKILL); -#endif - ret = getentropy_fallback(buf, len); - if (ret != -1) - return (ret); - - errno = EIO; - return (ret); -} - -static int -getentropy_urandom(void *buf, size_t len, const char *path, int devfscheck) -{ - struct stat st; - size_t i; - int fd, flags; - int save_errno = errno; - -start: - - flags = O_RDONLY; -#ifdef O_NOFOLLOW - flags |= O_NOFOLLOW; -#endif -#ifdef O_CLOEXEC - flags |= O_CLOEXEC; -#endif - fd = open(path, flags); - if (fd == -1) { - if (errno == EINTR) - goto start; - goto nodevrandom; - } -#ifndef O_CLOEXEC - fcntl(fd, F_SETFD, fcntl(fd, F_GETFD) | FD_CLOEXEC); -#endif - - /* Lightly verify that the device node looks sane */ - if (fstat(fd, &st) == -1 || !S_ISCHR(st.st_mode)) { - close(fd); - goto nodevrandom; - } - for (i = 0; i < len; ) { - size_t wanted = len - i; - ssize_t ret = read(fd, (char *)buf + i, wanted); - - if (ret == -1) { - if (errno == EAGAIN || errno == EINTR) - continue; - close(fd); - goto nodevrandom; - } - i += ret; - } - close(fd); - errno = save_errno; - return (0); /* satisfied */ -nodevrandom: - errno = EIO; - return (-1); -} - -static const int cl[] = { - CLOCK_REALTIME, -#ifdef CLOCK_MONOTONIC - CLOCK_MONOTONIC, -#endif -#ifdef CLOCK_MONOTONIC_RAW - CLOCK_MONOTONIC_RAW, -#endif -#ifdef CLOCK_TAI - CLOCK_TAI, -#endif -#ifdef CLOCK_VIRTUAL - CLOCK_VIRTUAL, -#endif -#ifdef CLOCK_UPTIME - CLOCK_UPTIME, -#endif -#ifdef CLOCK_PROCESS_CPUTIME_ID - CLOCK_PROCESS_CPUTIME_ID, -#endif -#ifdef CLOCK_THREAD_CPUTIME_ID - CLOCK_THREAD_CPUTIME_ID, -#endif -}; - -static int -getentropy_fallback(void *buf, size_t len) -{ - uint8_t results[SHA512_DIGEST_LENGTH]; - int save_errno = errno, e, pgs = sysconf(_SC_PAGESIZE), faster = 0, repeat; - static int cnt; - struct timespec ts; - struct timeval tv; - perfstat_cpu_total_t cpustats; -#ifdef _AIX61 - perfstat_cpu_total_wpar_t cpustats_wpar; -#endif - perfstat_partition_total_t lparstats; - perfstat_disk_total_t diskinfo; - perfstat_netinterface_total_t netinfo; - struct rusage ru; - sigset_t sigset; - struct stat st; - SHA512_CTX ctx; - static pid_t lastpid; - pid_t pid; - size_t i, ii, m; - char *p; - - pid = getpid(); - if (lastpid == pid) { - faster = 1; - repeat = 2; - } else { - faster = 0; - lastpid = pid; - repeat = REPEAT; - } - for (i = 0; i < len; ) { - int j; - SHA512_Init(&ctx); - for (j = 0; j < repeat; j++) { - HX((e = gettimeofday(&tv, NULL)) == -1, tv); - if (e != -1) { - cnt += (int)tv.tv_sec; - cnt += (int)tv.tv_usec; - } - - HX(perfstat_cpu_total(NULL, &cpustats, - sizeof(cpustats), 1) == -1, cpustats); - -#ifdef _AIX61 - HX(perfstat_cpu_total_wpar(NULL, &cpustats_wpar, - sizeof(cpustats_wpar), 1) == -1, cpustats_wpar); -#endif - - HX(perfstat_partition_total(NULL, &lparstats, - sizeof(lparstats), 1) == -1, lparstats); - - HX(perfstat_disk_total(NULL, &diskinfo, - sizeof(diskinfo), 1) == -1, diskinfo); - - HX(perfstat_netinterface_total(NULL, &netinfo, - sizeof(netinfo), 1) == -1, netinfo); - - for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]); ii++) - HX(clock_gettime(cl[ii], &ts) == -1, ts); - - HX((pid = getpid()) == -1, pid); - HX((pid = getsid(pid)) == -1, pid); - HX((pid = getppid()) == -1, pid); - HX((pid = getpgid(0)) == -1, pid); - HX((e = getpriority(0, 0)) == -1, e); - - if (!faster) { - ts.tv_sec = 0; - ts.tv_nsec = 1; - (void) nanosleep(&ts, NULL); - } - - HX(sigpending(&sigset) == -1, sigset); - HX(sigprocmask(SIG_BLOCK, NULL, &sigset) == -1, - sigset); - - HF(getentropy); /* an addr in this library */ - HF(printf); /* an addr in libc */ - p = (char *)&p; - HD(p); /* an addr on stack */ - p = (char *)&errno; - HD(p); /* the addr of errno */ - - if (i == 0) { - struct sockaddr_storage ss; - struct statvfs stvfs; - struct termios tios; - socklen_t ssl; - off_t off; - - /* - * Prime-sized mappings encourage fragmentation; - * thus exposing some address entropy. - */ - struct mm { - size_t npg; - void *p; - } mm[] = { - { 17, MAP_FAILED }, { 3, MAP_FAILED }, - { 11, MAP_FAILED }, { 2, MAP_FAILED }, - { 5, MAP_FAILED }, { 3, MAP_FAILED }, - { 7, MAP_FAILED }, { 1, MAP_FAILED }, - { 57, MAP_FAILED }, { 3, MAP_FAILED }, - { 131, MAP_FAILED }, { 1, MAP_FAILED }, - }; - - for (m = 0; m < sizeof mm/sizeof(mm[0]); m++) { - HX(mm[m].p = mmap(NULL, - mm[m].npg * pgs, - PROT_READ|PROT_WRITE, - MAP_PRIVATE|MAP_ANON, -1, - (off_t)0), mm[m].p); - if (mm[m].p != MAP_FAILED) { - size_t mo; - - /* Touch some memory... */ - p = mm[m].p; - mo = cnt % - (mm[m].npg * pgs - 1); - p[mo] = 1; - cnt += (int)((long)(mm[m].p) - / pgs); - } - - /* Check cnts and times... */ - for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]); - ii++) { - HX((e = clock_gettime(cl[ii], - &ts)) == -1, ts); - if (e != -1) - cnt += (int)ts.tv_nsec; - } - - HX((e = getrusage(RUSAGE_SELF, - &ru)) == -1, ru); - if (e != -1) { - cnt += (int)ru.ru_utime.tv_sec; - cnt += (int)ru.ru_utime.tv_usec; - } - } - - for (m = 0; m < sizeof mm/sizeof(mm[0]); m++) { - if (mm[m].p != MAP_FAILED) - munmap(mm[m].p, mm[m].npg * pgs); - mm[m].p = MAP_FAILED; - } - - HX(stat(".", &st) == -1, st); - HX(statvfs(".", &stvfs) == -1, stvfs); - - HX(stat("/", &st) == -1, st); - HX(statvfs("/", &stvfs) == -1, stvfs); - - HX((e = fstat(0, &st)) == -1, st); - if (e == -1) { - if (S_ISREG(st.st_mode) || - S_ISFIFO(st.st_mode) || - S_ISSOCK(st.st_mode)) { - HX(fstatvfs(0, &stvfs) == -1, - stvfs); - HX((off = lseek(0, (off_t)0, - SEEK_CUR)) < 0, off); - } - if (S_ISCHR(st.st_mode)) { - HX(tcgetattr(0, &tios) == -1, - tios); - } else if (S_ISSOCK(st.st_mode)) { - memset(&ss, 0, sizeof ss); - ssl = sizeof(ss); - HX(getpeername(0, - (void *)&ss, &ssl) == -1, - ss); - } - } - - HX((e = getrusage(RUSAGE_CHILDREN, - &ru)) == -1, ru); - if (e != -1) { - cnt += (int)ru.ru_utime.tv_sec; - cnt += (int)ru.ru_utime.tv_usec; - } - } else { - /* Subsequent hashes absorb previous result */ - HD(results); - } - - HX((e = gettimeofday(&tv, NULL)) == -1, tv); - if (e != -1) { - cnt += (int)tv.tv_sec; - cnt += (int)tv.tv_usec; - } - - HD(cnt); - } - SHA512_Final(results, &ctx); - memcpy((char *)buf + i, results, MINIMUM(sizeof(results), len - i)); - i += MINIMUM(sizeof(results), len - i); - } - explicit_bzero(&ctx, sizeof ctx); - explicit_bzero(results, sizeof results); - errno = save_errno; - return (0); /* satisfied */ -} diff --git a/src/lib/libcrypto/arc4random/getentropy_freebsd.c b/src/lib/libcrypto/arc4random/getentropy_freebsd.c deleted file mode 100644 index ea90ffe202..0000000000 --- a/src/lib/libcrypto/arc4random/getentropy_freebsd.c +++ /dev/null @@ -1,60 +0,0 @@ -/* $OpenBSD: getentropy_freebsd.c,v 1.4 2020/10/12 22:08:33 deraadt Exp $ */ - -/* - * Copyright (c) 2014 Pawel Jakub Dawidek - * Copyright (c) 2014 Brent Cook - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - * - * Emulation of getentropy(2) as documented at: - * http://man.openbsd.org/getentropy.2 - */ - -#include -#include - -#include -#include - -/* - * Derived from lib/libc/gen/arc4random.c from FreeBSD. - */ -static size_t -getentropy_sysctl(u_char *buf, size_t size) -{ - const int mib[2] = { CTL_KERN, KERN_ARND }; - size_t len, done; - - done = 0; - - do { - len = size; - if (sysctl(mib, 2, buf, &len, NULL, 0) == -1) - return (done); - done += len; - buf += len; - size -= len; - } while (size > 0); - - return (done); -} - -int -getentropy(void *buf, size_t len) -{ - if (len <= 256 && getentropy_sysctl(buf, len) == len) - return (0); - - errno = EIO; - return (-1); -} diff --git a/src/lib/libcrypto/arc4random/getentropy_hpux.c b/src/lib/libcrypto/arc4random/getentropy_hpux.c deleted file mode 100644 index 7188ae5e19..0000000000 --- a/src/lib/libcrypto/arc4random/getentropy_hpux.c +++ /dev/null @@ -1,396 +0,0 @@ -/* $OpenBSD: getentropy_hpux.c,v 1.8 2021/10/24 21:24:20 deraadt Exp $ */ - -/* - * Copyright (c) 2014 Theo de Raadt - * Copyright (c) 2014 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - * - * Emulation of getentropy(2) as documented at: - * http://man.openbsd.org/getentropy.2 - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include - -#include - -#define REPEAT 5 -#define MINIMUM(a, b) (((a) < (b)) ? (a) : (b)) - -#define HX(a, b) \ - do { \ - if ((a)) \ - HD(errno); \ - else \ - HD(b); \ - } while (0) - -#define HR(x, l) (SHA512_Update(&ctx, (char *)(x), (l))) -#define HD(x) (SHA512_Update(&ctx, (char *)&(x), sizeof (x))) -#define HF(x) (SHA512_Update(&ctx, (char *)&(x), sizeof (void*))) - -int getentropy(void *buf, size_t len); - -static int getentropy_urandom(void *buf, size_t len, const char *path, - int devfscheck); -static int getentropy_fallback(void *buf, size_t len); - -int -getentropy(void *buf, size_t len) -{ - int ret = -1; - - if (len > 256) { - errno = EIO; - return (-1); - } - - /* - * Try to get entropy with /dev/urandom - */ - ret = getentropy_urandom(buf, len, "/dev/urandom", 0); - if (ret != -1) - return (ret); - - /* - * Entropy collection via /dev/urandom has failed. - * - * No other API exists for collecting entropy, and we have - * no failsafe way to get it on hpux that is not sensitive - * to resource exhaustion. - * - * We have very few options: - * - Even syslog_r is unsafe to call at this low level, so - * there is no way to alert the user or program. - * - Cannot call abort() because some systems have unsafe - * corefiles. - * - Could raise(SIGKILL) resulting in silent program termination. - * - Return EIO, to hint that arc4random's stir function - * should raise(SIGKILL) - * - Do the best under the circumstances.... - * - * This code path exists to bring light to the issue that hpux - * does not provide a failsafe API for entropy collection. - * - * We hope this demonstrates that hpux should consider - * providing a new failsafe API which works in a chroot or - * when file descriptors are exhausted. - */ -#undef FAIL_INSTEAD_OF_TRYING_FALLBACK -#ifdef FAIL_INSTEAD_OF_TRYING_FALLBACK - raise(SIGKILL); -#endif - ret = getentropy_fallback(buf, len); - if (ret != -1) - return (ret); - - errno = EIO; - return (ret); -} - -static int -getentropy_urandom(void *buf, size_t len, const char *path, int devfscheck) -{ - struct stat st; - size_t i; - int fd, flags; - int save_errno = errno; - -start: - - flags = O_RDONLY; -#ifdef O_NOFOLLOW - flags |= O_NOFOLLOW; -#endif -#ifdef O_CLOEXEC - flags |= O_CLOEXEC; -#endif - fd = open(path, flags); - if (fd == -1) { - if (errno == EINTR) - goto start; - goto nodevrandom; - } -#ifndef O_CLOEXEC - fcntl(fd, F_SETFD, fcntl(fd, F_GETFD) | FD_CLOEXEC); -#endif - - /* Lightly verify that the device node looks sane */ - if (fstat(fd, &st) == -1 || !S_ISCHR(st.st_mode)) { - close(fd); - goto nodevrandom; - } - for (i = 0; i < len; ) { - size_t wanted = len - i; - ssize_t ret = read(fd, (char *)buf + i, wanted); - - if (ret == -1) { - if (errno == EAGAIN || errno == EINTR) - continue; - close(fd); - goto nodevrandom; - } - i += ret; - } - close(fd); - errno = save_errno; - return (0); /* satisfied */ -nodevrandom: - errno = EIO; - return (-1); -} - -static const int cl[] = { - CLOCK_REALTIME, -#ifdef CLOCK_MONOTONIC - CLOCK_MONOTONIC, -#endif -#ifdef CLOCK_MONOTONIC_RAW - CLOCK_MONOTONIC_RAW, -#endif -#ifdef CLOCK_TAI - CLOCK_TAI, -#endif -#ifdef CLOCK_VIRTUAL - CLOCK_VIRTUAL, -#endif -#ifdef CLOCK_UPTIME - CLOCK_UPTIME, -#endif -#ifdef CLOCK_PROCESS_CPUTIME_ID - CLOCK_PROCESS_CPUTIME_ID, -#endif -#ifdef CLOCK_THREAD_CPUTIME_ID - CLOCK_THREAD_CPUTIME_ID, -#endif -}; - -static int -getentropy_fallback(void *buf, size_t len) -{ - uint8_t results[SHA512_DIGEST_LENGTH]; - int save_errno = errno, e, pgs = sysconf(_SC_PAGESIZE), faster = 0, repeat; - static int cnt; - struct timespec ts; - struct timeval tv; - struct pst_vminfo pvi; - struct pst_vm_status pvs; - struct pst_dynamic pdy; - struct rusage ru; - sigset_t sigset; - struct stat st; - SHA512_CTX ctx; - static pid_t lastpid; - pid_t pid; - size_t i, ii, m; - char *p; - - pid = getpid(); - if (lastpid == pid) { - faster = 1; - repeat = 2; - } else { - faster = 0; - lastpid = pid; - repeat = REPEAT; - } - for (i = 0; i < len; ) { - int j; - SHA512_Init(&ctx); - for (j = 0; j < repeat; j++) { - HX((e = gettimeofday(&tv, NULL)) == -1, tv); - if (e != -1) { - cnt += (int)tv.tv_sec; - cnt += (int)tv.tv_usec; - } - - HX(pstat_getvminfo(&pvi, sizeof(pvi), 1, 0) != 1, pvi); - HX(pstat_getprocvm(&pvs, sizeof(pvs), 0, 0) != 1, pvs); - - for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]); ii++) - HX(clock_gettime(cl[ii], &ts) == -1, ts); - - HX((pid = getpid()) == -1, pid); - HX((pid = getsid(pid)) == -1, pid); - HX((pid = getppid()) == -1, pid); - HX((pid = getpgid(0)) == -1, pid); - HX((e = getpriority(0, 0)) == -1, e); - - if(pstat_getdynamic(&pdy, sizeof(pdy), 1, 0) != 1) { - HD(errno); - } else { - HD(pdy.psd_avg_1_min); - HD(pdy.psd_avg_5_min); - HD(pdy.psd_avg_15_min); - } - - if (!faster) { - ts.tv_sec = 0; - ts.tv_nsec = 1; - (void) nanosleep(&ts, NULL); - } - - HX(sigpending(&sigset) == -1, sigset); - HX(sigprocmask(SIG_BLOCK, NULL, &sigset) == -1, - sigset); - - HF(getentropy); /* an addr in this library */ - HF(printf); /* an addr in libc */ - p = (char *)&p; - HD(p); /* an addr on stack */ - p = (char *)&errno; - HD(p); /* the addr of errno */ - - if (i == 0) { - struct sockaddr_storage ss; - struct statvfs stvfs; - struct termios tios; - socklen_t ssl; - off_t off; - - /* - * Prime-sized mappings encourage fragmentation; - * thus exposing some address entropy. - */ - struct mm { - size_t npg; - void *p; - } mm[] = { - { 17, MAP_FAILED }, { 3, MAP_FAILED }, - { 11, MAP_FAILED }, { 2, MAP_FAILED }, - { 5, MAP_FAILED }, { 3, MAP_FAILED }, - { 7, MAP_FAILED }, { 1, MAP_FAILED }, - { 57, MAP_FAILED }, { 3, MAP_FAILED }, - { 131, MAP_FAILED }, { 1, MAP_FAILED }, - }; - - for (m = 0; m < sizeof mm/sizeof(mm[0]); m++) { - HX(mm[m].p = mmap(NULL, - mm[m].npg * pgs, - PROT_READ|PROT_WRITE, - MAP_PRIVATE|MAP_ANON, -1, - (off_t)0), mm[m].p); - if (mm[m].p != MAP_FAILED) { - size_t mo; - - /* Touch some memory... */ - p = mm[m].p; - mo = cnt % - (mm[m].npg * pgs - 1); - p[mo] = 1; - cnt += (int)((long)(mm[m].p) - / pgs); - } - - /* Check cnts and times... */ - for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]); - ii++) { - HX((e = clock_gettime(cl[ii], - &ts)) == -1, ts); - if (e != -1) - cnt += (int)ts.tv_nsec; - } - - HX((e = getrusage(RUSAGE_SELF, - &ru)) == -1, ru); - if (e != -1) { - cnt += (int)ru.ru_utime.tv_sec; - cnt += (int)ru.ru_utime.tv_usec; - } - } - - for (m = 0; m < sizeof mm/sizeof(mm[0]); m++) { - if (mm[m].p != MAP_FAILED) - munmap(mm[m].p, mm[m].npg * pgs); - mm[m].p = MAP_FAILED; - } - - HX(stat(".", &st) == -1, st); - HX(statvfs(".", &stvfs) == -1, stvfs); - - HX(stat("/", &st) == -1, st); - HX(statvfs("/", &stvfs) == -1, stvfs); - - HX((e = fstat(0, &st)) == -1, st); - if (e == -1) { - if (S_ISREG(st.st_mode) || - S_ISFIFO(st.st_mode) || - S_ISSOCK(st.st_mode)) { - HX(fstatvfs(0, &stvfs) == -1, - stvfs); - HX((off = lseek(0, (off_t)0, - SEEK_CUR)) < 0, off); - } - if (S_ISCHR(st.st_mode)) { - HX(tcgetattr(0, &tios) == -1, - tios); - } else if (S_ISSOCK(st.st_mode)) { - memset(&ss, 0, sizeof ss); - ssl = sizeof(ss); - HX(getpeername(0, - (void *)&ss, &ssl) == -1, - ss); - } - } - - HX((e = getrusage(RUSAGE_CHILDREN, - &ru)) == -1, ru); - if (e != -1) { - cnt += (int)ru.ru_utime.tv_sec; - cnt += (int)ru.ru_utime.tv_usec; - } - } else { - /* Subsequent hashes absorb previous result */ - HD(results); - } - - HX((e = gettimeofday(&tv, NULL)) == -1, tv); - if (e != -1) { - cnt += (int)tv.tv_sec; - cnt += (int)tv.tv_usec; - } - - HD(cnt); - } - SHA512_Final(results, &ctx); - memcpy((char *)buf + i, results, MINIMUM(sizeof(results), len - i)); - i += MINIMUM(sizeof(results), len - i); - } - explicit_bzero(&ctx, sizeof ctx); - explicit_bzero(results, sizeof results); - errno = save_errno; - return (0); /* satisfied */ -} diff --git a/src/lib/libcrypto/arc4random/getentropy_linux.c b/src/lib/libcrypto/arc4random/getentropy_linux.c deleted file mode 100644 index c7c39c234f..0000000000 --- a/src/lib/libcrypto/arc4random/getentropy_linux.c +++ /dev/null @@ -1,525 +0,0 @@ -/* $OpenBSD: getentropy_linux.c,v 1.48 2021/10/24 21:24:20 deraadt Exp $ */ - -/* - * Copyright (c) 2014 Theo de Raadt - * Copyright (c) 2014 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - * - * Emulation of getentropy(2) as documented at: - * http://man.openbsd.org/getentropy.2 - */ - -#define _POSIX_C_SOURCE 199309L -#define _GNU_SOURCE 1 -#include -#include -#include -#include -#include -#ifdef SYS__sysctl -#include -#endif -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#ifdef HAVE_GETAUXVAL -#include -#endif -#include - -#define REPEAT 5 -#define MINIMUM(a, b) (((a) < (b)) ? (a) : (b)) - -#define HX(a, b) \ - do { \ - if ((a)) \ - HD(errno); \ - else \ - HD(b); \ - } while (0) - -#define HR(x, l) (SHA512_Update(&ctx, (char *)(x), (l))) -#define HD(x) (SHA512_Update(&ctx, (char *)&(x), sizeof (x))) -#define HF(x) (SHA512_Update(&ctx, (char *)&(x), sizeof (void*))) - -int getentropy(void *buf, size_t len); - -#if defined(SYS_getrandom) && defined(GRND_NONBLOCK) -static int getentropy_getrandom(void *buf, size_t len); -#endif -static int getentropy_urandom(void *buf, size_t len); -#ifdef SYS__sysctl -static int getentropy_sysctl(void *buf, size_t len); -#endif -static int getentropy_fallback(void *buf, size_t len); -static int getentropy_phdr(struct dl_phdr_info *info, size_t size, void *data); - -int -getentropy(void *buf, size_t len) -{ - int ret = -1; - - if (len > 256) { - errno = EIO; - return (-1); - } - -#if defined(SYS_getrandom) && defined(GRND_NONBLOCK) - /* - * Try descriptor-less getrandom(), in non-blocking mode. - * - * The design of Linux getrandom is broken. It has an - * uninitialized phase coupled with blocking behaviour, which - * is unacceptable from within a library at boot time without - * possible recovery. See http://bugs.python.org/issue26839#msg267745 - */ - ret = getentropy_getrandom(buf, len); - if (ret != -1) - return (ret); -#endif - - /* - * Try to get entropy with /dev/urandom - * - * This can fail if the process is inside a chroot or if file - * descriptors are exhausted. - */ - ret = getentropy_urandom(buf, len); - if (ret != -1) - return (ret); - -#ifdef SYS__sysctl - /* - * Try to use sysctl CTL_KERN, KERN_RANDOM, RANDOM_UUID. - * sysctl is a failsafe API, so it guarantees a result. This - * should work inside a chroot, or when file descriptors are - * exhausted. - * - * However this can fail if the Linux kernel removes support - * for sysctl. Starting in 2007, there have been efforts to - * deprecate the sysctl API/ABI, and push callers towards use - * of the chroot-unavailable fd-using /proc mechanism -- - * essentially the same problems as /dev/urandom. - * - * Numerous setbacks have been encountered in their deprecation - * schedule, so as of June 2014 the kernel ABI still exists on - * most Linux architectures. The sysctl() stub in libc is missing - * on some systems. There are also reports that some kernels - * spew messages to the console. - */ - ret = getentropy_sysctl(buf, len); - if (ret != -1) - return (ret); -#endif /* SYS__sysctl */ - - /* - * Entropy collection via /dev/urandom and sysctl have failed. - * - * No other API exists for collecting entropy. See the large - * comment block above. - * - * We have very few options: - * - Even syslog_r is unsafe to call at this low level, so - * there is no way to alert the user or program. - * - Cannot call abort() because some systems have unsafe - * corefiles. - * - Could raise(SIGKILL) resulting in silent program termination. - * - Return EIO, to hint that arc4random's stir function - * should raise(SIGKILL) - * - Do the best under the circumstances.... - * - * This code path exists to bring light to the issue that Linux - * still does not provide a failsafe API for entropy collection. - * - * We hope this demonstrates that Linux should either retain their - * sysctl ABI, or consider providing a new failsafe API which - * works in a chroot or when file descriptors are exhausted. - */ -#undef FAIL_INSTEAD_OF_TRYING_FALLBACK -#ifdef FAIL_INSTEAD_OF_TRYING_FALLBACK - raise(SIGKILL); -#endif - ret = getentropy_fallback(buf, len); - if (ret != -1) - return (ret); - - errno = EIO; - return (ret); -} - -#if defined(SYS_getrandom) && defined(GRND_NONBLOCK) -static int -getentropy_getrandom(void *buf, size_t len) -{ - int pre_errno = errno; - int ret; - if (len > 256) - return (-1); - do { - ret = syscall(SYS_getrandom, buf, len, GRND_NONBLOCK); - } while (ret == -1 && errno == EINTR); - - if (ret != len) - return (-1); - errno = pre_errno; - return (0); -} -#endif - -static int -getentropy_urandom(void *buf, size_t len) -{ - struct stat st; - size_t i; - int fd, cnt, flags; - int save_errno = errno; - -start: - - flags = O_RDONLY; -#ifdef O_NOFOLLOW - flags |= O_NOFOLLOW; -#endif -#ifdef O_CLOEXEC - flags |= O_CLOEXEC; -#endif - fd = open("/dev/urandom", flags); - if (fd == -1) { - if (errno == EINTR) - goto start; - goto nodevrandom; - } -#ifndef O_CLOEXEC - fcntl(fd, F_SETFD, fcntl(fd, F_GETFD) | FD_CLOEXEC); -#endif - - /* Lightly verify that the device node looks sane */ - if (fstat(fd, &st) == -1 || !S_ISCHR(st.st_mode)) { - close(fd); - goto nodevrandom; - } - if (ioctl(fd, RNDGETENTCNT, &cnt) == -1) { - close(fd); - goto nodevrandom; - } - for (i = 0; i < len; ) { - size_t wanted = len - i; - ssize_t ret = read(fd, (char *)buf + i, wanted); - - if (ret == -1) { - if (errno == EAGAIN || errno == EINTR) - continue; - close(fd); - goto nodevrandom; - } - i += ret; - } - close(fd); - errno = save_errno; - return (0); /* satisfied */ -nodevrandom: - errno = EIO; - return (-1); -} - -#ifdef SYS__sysctl -static int -getentropy_sysctl(void *buf, size_t len) -{ - static int mib[] = { CTL_KERN, KERN_RANDOM, RANDOM_UUID }; - size_t i; - int save_errno = errno; - - for (i = 0; i < len; ) { - size_t chunk = MINIMUM(len - i, 16); - - /* SYS__sysctl because some systems already removed sysctl() */ - struct __sysctl_args args = { - .name = mib, - .nlen = 3, - .oldval = (char *)buf + i, - .oldlenp = &chunk, - }; - if (syscall(SYS__sysctl, &args) != 0) - goto sysctlfailed; - i += chunk; - } - errno = save_errno; - return (0); /* satisfied */ -sysctlfailed: - errno = EIO; - return (-1); -} -#endif /* SYS__sysctl */ - -static const int cl[] = { - CLOCK_REALTIME, -#ifdef CLOCK_MONOTONIC - CLOCK_MONOTONIC, -#endif -#ifdef CLOCK_MONOTONIC_RAW - CLOCK_MONOTONIC_RAW, -#endif -#ifdef CLOCK_TAI - CLOCK_TAI, -#endif -#ifdef CLOCK_VIRTUAL - CLOCK_VIRTUAL, -#endif -#ifdef CLOCK_UPTIME - CLOCK_UPTIME, -#endif -#ifdef CLOCK_PROCESS_CPUTIME_ID - CLOCK_PROCESS_CPUTIME_ID, -#endif -#ifdef CLOCK_THREAD_CPUTIME_ID - CLOCK_THREAD_CPUTIME_ID, -#endif -}; - -static int -getentropy_phdr(struct dl_phdr_info *info, size_t size, void *data) -{ - SHA512_CTX *ctx = data; - - SHA512_Update(ctx, &info->dlpi_addr, sizeof (info->dlpi_addr)); - return (0); -} - -static int -getentropy_fallback(void *buf, size_t len) -{ - uint8_t results[SHA512_DIGEST_LENGTH]; - int save_errno = errno, e, pgs = getpagesize(), faster = 0, repeat; - static int cnt; - struct timespec ts; - struct timeval tv; - struct rusage ru; - sigset_t sigset; - struct stat st; - SHA512_CTX ctx; - static pid_t lastpid; - pid_t pid; - size_t i, ii, m; - char *p; - - pid = getpid(); - if (lastpid == pid) { - faster = 1; - repeat = 2; - } else { - faster = 0; - lastpid = pid; - repeat = REPEAT; - } - for (i = 0; i < len; ) { - int j; - SHA512_Init(&ctx); - for (j = 0; j < repeat; j++) { - HX((e = gettimeofday(&tv, NULL)) == -1, tv); - if (e != -1) { - cnt += (int)tv.tv_sec; - cnt += (int)tv.tv_usec; - } - - dl_iterate_phdr(getentropy_phdr, &ctx); - - for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]); ii++) - HX(clock_gettime(cl[ii], &ts) == -1, ts); - - HX((pid = getpid()) == -1, pid); - HX((pid = getsid(pid)) == -1, pid); - HX((pid = getppid()) == -1, pid); - HX((pid = getpgid(0)) == -1, pid); - HX((e = getpriority(0, 0)) == -1, e); - - if (!faster) { - ts.tv_sec = 0; - ts.tv_nsec = 1; - (void) nanosleep(&ts, NULL); - } - - HX(sigpending(&sigset) == -1, sigset); - HX(sigprocmask(SIG_BLOCK, NULL, &sigset) == -1, - sigset); - - HF(getentropy); /* an addr in this library */ - HF(printf); /* an addr in libc */ - p = (char *)&p; - HD(p); /* an addr on stack */ - p = (char *)&errno; - HD(p); /* the addr of errno */ - - if (i == 0) { - struct sockaddr_storage ss; - struct statvfs stvfs; - struct termios tios; - struct statfs stfs; - socklen_t ssl; - off_t off; - - /* - * Prime-sized mappings encourage fragmentation; - * thus exposing some address entropy. - */ - struct mm { - size_t npg; - void *p; - } mm[] = { - { 17, MAP_FAILED }, { 3, MAP_FAILED }, - { 11, MAP_FAILED }, { 2, MAP_FAILED }, - { 5, MAP_FAILED }, { 3, MAP_FAILED }, - { 7, MAP_FAILED }, { 1, MAP_FAILED }, - { 57, MAP_FAILED }, { 3, MAP_FAILED }, - { 131, MAP_FAILED }, { 1, MAP_FAILED }, - }; - - for (m = 0; m < sizeof mm/sizeof(mm[0]); m++) { - HX(mm[m].p = mmap(NULL, - mm[m].npg * pgs, - PROT_READ|PROT_WRITE, - MAP_PRIVATE|MAP_ANON, -1, - (off_t)0), mm[m].p); - if (mm[m].p != MAP_FAILED) { - size_t mo; - - /* Touch some memory... */ - p = mm[m].p; - mo = cnt % - (mm[m].npg * pgs - 1); - p[mo] = 1; - cnt += (int)((long)(mm[m].p) - / pgs); - } - - /* Check cnts and times... */ - for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]); - ii++) { - HX((e = clock_gettime(cl[ii], - &ts)) == -1, ts); - if (e != -1) - cnt += (int)ts.tv_nsec; - } - - HX((e = getrusage(RUSAGE_SELF, - &ru)) == -1, ru); - if (e != -1) { - cnt += (int)ru.ru_utime.tv_sec; - cnt += (int)ru.ru_utime.tv_usec; - } - } - - for (m = 0; m < sizeof mm/sizeof(mm[0]); m++) { - if (mm[m].p != MAP_FAILED) - munmap(mm[m].p, mm[m].npg * pgs); - mm[m].p = MAP_FAILED; - } - - HX(stat(".", &st) == -1, st); - HX(statvfs(".", &stvfs) == -1, stvfs); - HX(statfs(".", &stfs) == -1, stfs); - - HX(stat("/", &st) == -1, st); - HX(statvfs("/", &stvfs) == -1, stvfs); - HX(statfs("/", &stfs) == -1, stfs); - - HX((e = fstat(0, &st)) == -1, st); - if (e == -1) { - if (S_ISREG(st.st_mode) || - S_ISFIFO(st.st_mode) || - S_ISSOCK(st.st_mode)) { - HX(fstatvfs(0, &stvfs) == -1, - stvfs); - HX(fstatfs(0, &stfs) == -1, - stfs); - HX((off = lseek(0, (off_t)0, - SEEK_CUR)) < 0, off); - } - if (S_ISCHR(st.st_mode)) { - HX(tcgetattr(0, &tios) == -1, - tios); - } else if (S_ISSOCK(st.st_mode)) { - memset(&ss, 0, sizeof ss); - ssl = sizeof(ss); - HX(getpeername(0, - (void *)&ss, &ssl) == -1, - ss); - } - } - - HX((e = getrusage(RUSAGE_CHILDREN, - &ru)) == -1, ru); - if (e != -1) { - cnt += (int)ru.ru_utime.tv_sec; - cnt += (int)ru.ru_utime.tv_usec; - } - } else { - /* Subsequent hashes absorb previous result */ - HD(results); - } - - HX((e = gettimeofday(&tv, NULL)) == -1, tv); - if (e != -1) { - cnt += (int)tv.tv_sec; - cnt += (int)tv.tv_usec; - } - - HD(cnt); - } -#ifdef HAVE_GETAUXVAL -#ifdef AT_RANDOM - /* Not as random as you think but we take what we are given */ - p = (char *) getauxval(AT_RANDOM); - if (p) - HR(p, 16); -#endif -#ifdef AT_SYSINFO_EHDR - p = (char *) getauxval(AT_SYSINFO_EHDR); - if (p) - HR(p, pgs); -#endif -#ifdef AT_BASE - p = (char *) getauxval(AT_BASE); - if (p) - HD(p); -#endif -#endif - - SHA512_Final(results, &ctx); - memcpy((char *)buf + i, results, MINIMUM(sizeof(results), len - i)); - i += MINIMUM(sizeof(results), len - i); - } - explicit_bzero(&ctx, sizeof ctx); - explicit_bzero(results, sizeof results); - errno = save_errno; - return (0); /* satisfied */ -} diff --git a/src/lib/libcrypto/arc4random/getentropy_netbsd.c b/src/lib/libcrypto/arc4random/getentropy_netbsd.c deleted file mode 100644 index 5dc89594cd..0000000000 --- a/src/lib/libcrypto/arc4random/getentropy_netbsd.c +++ /dev/null @@ -1,62 +0,0 @@ -/* $OpenBSD: getentropy_netbsd.c,v 1.4 2020/10/12 22:08:33 deraadt Exp $ */ - -/* - * Copyright (c) 2014 Pawel Jakub Dawidek - * Copyright (c) 2014 Brent Cook - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - * - * Emulation of getentropy(2) as documented at: - * http://man.openbsd.org/getentropy.2 - */ - -#include -#include - -#include -#include - -/* - * Derived from lib/libc/gen/arc4random.c from FreeBSD. - */ -static size_t -getentropy_sysctl(u_char *buf, size_t size) -{ - const int mib[2] = { CTL_KERN, KERN_ARND }; - size_t len, done; - - done = 0; - - do { - len = size; - if (sysctl(mib, 2, buf, &len, NULL, 0) == -1) - return (done); - done += len; - buf += len; - size -= len; - } while (size > 0); - - return (done); -} - -int -getentropy(void *buf, size_t len) -{ - if (len <= 256 && - getentropy_sysctl(buf, len) == len) { - return (0); - } - - errno = EIO; - return (-1); -} diff --git a/src/lib/libcrypto/arc4random/getentropy_osx.c b/src/lib/libcrypto/arc4random/getentropy_osx.c deleted file mode 100644 index db028d19b8..0000000000 --- a/src/lib/libcrypto/arc4random/getentropy_osx.c +++ /dev/null @@ -1,417 +0,0 @@ -/* $OpenBSD: getentropy_osx.c,v 1.14 2021/10/24 21:24:20 deraadt Exp $ */ - -/* - * Copyright (c) 2014 Theo de Raadt - * Copyright (c) 2014 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - * - * Emulation of getentropy(2) as documented at: - * http://man.openbsd.org/getentropy.2 - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#if TARGET_OS_OSX -#include -#include -#endif -#include -#include -#if TARGET_OS_OSX -#include -#include -#include -#include -#endif -#include -#define SHA512_Update(a, b, c) (CC_SHA512_Update((a), (b), (c))) -#define SHA512_Init(xxx) (CC_SHA512_Init((xxx))) -#define SHA512_Final(xxx, yyy) (CC_SHA512_Final((xxx), (yyy))) -#define SHA512_CTX CC_SHA512_CTX -#define SHA512_DIGEST_LENGTH CC_SHA512_DIGEST_LENGTH - -#define REPEAT 5 -#define MINIMUM(a, b) (((a) < (b)) ? (a) : (b)) - -#define HX(a, b) \ - do { \ - if ((a)) \ - HD(errno); \ - else \ - HD(b); \ - } while (0) - -#define HR(x, l) (SHA512_Update(&ctx, (char *)(x), (l))) -#define HD(x) (SHA512_Update(&ctx, (char *)&(x), sizeof (x))) -#define HF(x) (SHA512_Update(&ctx, (char *)&(x), sizeof (void*))) - -int getentropy(void *buf, size_t len); - -static int getentropy_urandom(void *buf, size_t len); -static int getentropy_fallback(void *buf, size_t len); - -int -getentropy(void *buf, size_t len) -{ - int ret = -1; - - if (len > 256) { - errno = EIO; - return (-1); - } - - /* - * Try to get entropy with /dev/urandom - * - * This can fail if the process is inside a chroot or if file - * descriptors are exhausted. - */ - ret = getentropy_urandom(buf, len); - if (ret != -1) - return (ret); - - /* - * Entropy collection via /dev/urandom and sysctl have failed. - * - * No other API exists for collecting entropy, and we have - * no failsafe way to get it on OSX that is not sensitive - * to resource exhaustion. - * - * We have very few options: - * - Even syslog_r is unsafe to call at this low level, so - * there is no way to alert the user or program. - * - Cannot call abort() because some systems have unsafe - * corefiles. - * - Could raise(SIGKILL) resulting in silent program termination. - * - Return EIO, to hint that arc4random's stir function - * should raise(SIGKILL) - * - Do the best under the circumstances.... - * - * This code path exists to bring light to the issue that OSX - * does not provide a failsafe API for entropy collection. - * - * We hope this demonstrates that OSX should consider - * providing a new failsafe API which works in a chroot or - * when file descriptors are exhausted. - */ -#undef FAIL_INSTEAD_OF_TRYING_FALLBACK -#ifdef FAIL_INSTEAD_OF_TRYING_FALLBACK - raise(SIGKILL); -#endif - ret = getentropy_fallback(buf, len); - if (ret != -1) - return (ret); - - errno = EIO; - return (ret); -} - -static int -getentropy_urandom(void *buf, size_t len) -{ - struct stat st; - size_t i; - int fd, flags; - int save_errno = errno; - -start: - - flags = O_RDONLY; -#ifdef O_NOFOLLOW - flags |= O_NOFOLLOW; -#endif -#ifdef O_CLOEXEC - flags |= O_CLOEXEC; -#endif - fd = open("/dev/urandom", flags); - if (fd == -1) { - if (errno == EINTR) - goto start; - goto nodevrandom; - } -#ifndef O_CLOEXEC - fcntl(fd, F_SETFD, fcntl(fd, F_GETFD) | FD_CLOEXEC); -#endif - - /* Lightly verify that the device node looks sane */ - if (fstat(fd, &st) == -1 || !S_ISCHR(st.st_mode)) { - close(fd); - goto nodevrandom; - } - for (i = 0; i < len; ) { - size_t wanted = len - i; - ssize_t ret = read(fd, (char *)buf + i, wanted); - - if (ret == -1) { - if (errno == EAGAIN || errno == EINTR) - continue; - close(fd); - goto nodevrandom; - } - i += ret; - } - close(fd); - errno = save_errno; - return (0); /* satisfied */ -nodevrandom: - errno = EIO; - return (-1); -} - -#if TARGET_OS_OSX -static int tcpmib[] = { CTL_NET, AF_INET, IPPROTO_TCP, TCPCTL_STATS }; -static int udpmib[] = { CTL_NET, AF_INET, IPPROTO_UDP, UDPCTL_STATS }; -static int ipmib[] = { CTL_NET, AF_INET, IPPROTO_IP, IPCTL_STATS }; -#endif -static int kmib[] = { CTL_KERN, KERN_USRSTACK }; -static int hwmib[] = { CTL_HW, HW_USERMEM }; - -static int -getentropy_fallback(void *buf, size_t len) -{ - uint8_t results[SHA512_DIGEST_LENGTH]; - int save_errno = errno, e, pgs = getpagesize(), faster = 0, repeat; - static int cnt; - struct timespec ts; - struct timeval tv; - struct rusage ru; - sigset_t sigset; - struct stat st; - SHA512_CTX ctx; - static pid_t lastpid; - pid_t pid; - size_t i, ii, m; - char *p; -#if TARGET_OS_OSX - struct tcpstat tcpstat; - struct udpstat udpstat; - struct ipstat ipstat; -#endif - u_int64_t mach_time; - unsigned int idata; - void *addr; - - pid = getpid(); - if (lastpid == pid) { - faster = 1; - repeat = 2; - } else { - faster = 0; - lastpid = pid; - repeat = REPEAT; - } - for (i = 0; i < len; ) { - int j; - SHA512_Init(&ctx); - for (j = 0; j < repeat; j++) { - HX((e = gettimeofday(&tv, NULL)) == -1, tv); - if (e != -1) { - cnt += (int)tv.tv_sec; - cnt += (int)tv.tv_usec; - } - - mach_time = mach_absolute_time(); - HD(mach_time); - - ii = sizeof(addr); - HX(sysctl(kmib, sizeof(kmib) / sizeof(kmib[0]), - &addr, &ii, NULL, 0) == -1, addr); - - ii = sizeof(idata); - HX(sysctl(hwmib, sizeof(hwmib) / sizeof(hwmib[0]), - &idata, &ii, NULL, 0) == -1, idata); - -#if TARGET_OS_OSX - ii = sizeof(tcpstat); - HX(sysctl(tcpmib, sizeof(tcpmib) / sizeof(tcpmib[0]), - &tcpstat, &ii, NULL, 0) == -1, tcpstat); - - ii = sizeof(udpstat); - HX(sysctl(udpmib, sizeof(udpmib) / sizeof(udpmib[0]), - &udpstat, &ii, NULL, 0) == -1, udpstat); - - ii = sizeof(ipstat); - HX(sysctl(ipmib, sizeof(ipmib) / sizeof(ipmib[0]), - &ipstat, &ii, NULL, 0) == -1, ipstat); -#endif - - HX((pid = getpid()) == -1, pid); - HX((pid = getsid(pid)) == -1, pid); - HX((pid = getppid()) == -1, pid); - HX((pid = getpgid(0)) == -1, pid); - HX((e = getpriority(0, 0)) == -1, e); - - if (!faster) { - ts.tv_sec = 0; - ts.tv_nsec = 1; - (void) nanosleep(&ts, NULL); - } - - HX(sigpending(&sigset) == -1, sigset); - HX(sigprocmask(SIG_BLOCK, NULL, &sigset) == -1, - sigset); - - HF(getentropy); /* an addr in this library */ - HF(printf); /* an addr in libc */ - p = (char *)&p; - HD(p); /* an addr on stack */ - p = (char *)&errno; - HD(p); /* the addr of errno */ - - if (i == 0) { - struct sockaddr_storage ss; - struct statvfs stvfs; - struct termios tios; - struct statfs stfs; - socklen_t ssl; - off_t off; - - /* - * Prime-sized mappings encourage fragmentation; - * thus exposing some address entropy. - */ - struct mm { - size_t npg; - void *p; - } mm[] = { - { 17, MAP_FAILED }, { 3, MAP_FAILED }, - { 11, MAP_FAILED }, { 2, MAP_FAILED }, - { 5, MAP_FAILED }, { 3, MAP_FAILED }, - { 7, MAP_FAILED }, { 1, MAP_FAILED }, - { 57, MAP_FAILED }, { 3, MAP_FAILED }, - { 131, MAP_FAILED }, { 1, MAP_FAILED }, - }; - - for (m = 0; m < sizeof mm/sizeof(mm[0]); m++) { - HX(mm[m].p = mmap(NULL, - mm[m].npg * pgs, - PROT_READ|PROT_WRITE, - MAP_PRIVATE|MAP_ANON, -1, - (off_t)0), mm[m].p); - if (mm[m].p != MAP_FAILED) { - size_t mo; - - /* Touch some memory... */ - p = mm[m].p; - mo = cnt % - (mm[m].npg * pgs - 1); - p[mo] = 1; - cnt += (int)((long)(mm[m].p) - / pgs); - } - - /* Check cnts and times... */ - mach_time = mach_absolute_time(); - HD(mach_time); - cnt += (int)mach_time; - - HX((e = getrusage(RUSAGE_SELF, - &ru)) == -1, ru); - if (e != -1) { - cnt += (int)ru.ru_utime.tv_sec; - cnt += (int)ru.ru_utime.tv_usec; - } - } - - for (m = 0; m < sizeof mm/sizeof(mm[0]); m++) { - if (mm[m].p != MAP_FAILED) - munmap(mm[m].p, mm[m].npg * pgs); - mm[m].p = MAP_FAILED; - } - - HX(stat(".", &st) == -1, st); - HX(statvfs(".", &stvfs) == -1, stvfs); - HX(statfs(".", &stfs) == -1, stfs); - - HX(stat("/", &st) == -1, st); - HX(statvfs("/", &stvfs) == -1, stvfs); - HX(statfs("/", &stfs) == -1, stfs); - - HX((e = fstat(0, &st)) == -1, st); - if (e == -1) { - if (S_ISREG(st.st_mode) || - S_ISFIFO(st.st_mode) || - S_ISSOCK(st.st_mode)) { - HX(fstatvfs(0, &stvfs) == -1, - stvfs); - HX(fstatfs(0, &stfs) == -1, - stfs); - HX((off = lseek(0, (off_t)0, - SEEK_CUR)) < 0, off); - } - if (S_ISCHR(st.st_mode)) { - HX(tcgetattr(0, &tios) == -1, - tios); - } else if (S_ISSOCK(st.st_mode)) { - memset(&ss, 0, sizeof ss); - ssl = sizeof(ss); - HX(getpeername(0, - (void *)&ss, &ssl) == -1, - ss); - } - } - - HX((e = getrusage(RUSAGE_CHILDREN, - &ru)) == -1, ru); - if (e != -1) { - cnt += (int)ru.ru_utime.tv_sec; - cnt += (int)ru.ru_utime.tv_usec; - } - } else { - /* Subsequent hashes absorb previous result */ - HD(results); - } - - HX((e = gettimeofday(&tv, NULL)) == -1, tv); - if (e != -1) { - cnt += (int)tv.tv_sec; - cnt += (int)tv.tv_usec; - } - - HD(cnt); - } - - SHA512_Final(results, &ctx); - memcpy((char *)buf + i, results, MINIMUM(sizeof(results), len - i)); - i += MINIMUM(sizeof(results), len - i); - } - explicit_bzero(&ctx, sizeof ctx); - explicit_bzero(results, sizeof results); - errno = save_errno; - return (0); /* satisfied */ -} diff --git a/src/lib/libcrypto/arc4random/getentropy_solaris.c b/src/lib/libcrypto/arc4random/getentropy_solaris.c deleted file mode 100644 index e36426caf1..0000000000 --- a/src/lib/libcrypto/arc4random/getentropy_solaris.c +++ /dev/null @@ -1,422 +0,0 @@ -/* $OpenBSD: getentropy_solaris.c,v 1.15 2021/10/24 21:24:20 deraadt Exp $ */ - -/* - * Copyright (c) 2014 Theo de Raadt - * Copyright (c) 2014 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - * - * Emulation of getentropy(2) as documented at: - * http://man.openbsd.org/getentropy.2 - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#define SHA512_Init SHA512Init -#define SHA512_Update SHA512Update -#define SHA512_Final SHA512Final - -#include -#include -#include - -#define REPEAT 5 -#define MINIMUM(a, b) (((a) < (b)) ? (a) : (b)) - -#define HX(a, b) \ - do { \ - if ((a)) \ - HD(errno); \ - else \ - HD(b); \ - } while (0) - -#define HR(x, l) (SHA512_Update(&ctx, (char *)(x), (l))) -#define HD(x) (SHA512_Update(&ctx, (char *)&(x), sizeof (x))) -#define HF(x) (SHA512_Update(&ctx, (char *)&(x), sizeof (void*))) - -int getentropy(void *buf, size_t len); - -static int getentropy_urandom(void *buf, size_t len, const char *path, - int devfscheck); -static int getentropy_fallback(void *buf, size_t len); -static int getentropy_phdr(struct dl_phdr_info *info, size_t size, void *data); - -int -getentropy(void *buf, size_t len) -{ - int ret = -1; - - if (len > 256) { - errno = EIO; - return (-1); - } - - /* - * Try to get entropy with /dev/urandom - * - * Solaris provides /dev/urandom as a symbolic link to - * /devices/pseudo/random@0:urandom which is provided by - * a devfs filesystem. Best practice is to use O_NOFOLLOW, - * so we must try the unpublished name directly. - * - * This can fail if the process is inside a chroot which lacks - * the devfs mount, or if file descriptors are exhausted. - */ - ret = getentropy_urandom(buf, len, - "/devices/pseudo/random@0:urandom", 1); - if (ret != -1) - return (ret); - - /* - * Unfortunately, chroot spaces on Solaris are sometimes setup - * with direct device node of the well-known /dev/urandom name - * (perhaps to avoid dragging all of devfs into the space). - * - * This can fail if the process is inside a chroot or if file - * descriptors are exhausted. - */ - ret = getentropy_urandom(buf, len, "/dev/urandom", 0); - if (ret != -1) - return (ret); - - /* - * Entropy collection via /dev/urandom has failed. - * - * No other API exists for collecting entropy, and we have - * no failsafe way to get it on Solaris that is not sensitive - * to resource exhaustion. - * - * We have very few options: - * - Even syslog_r is unsafe to call at this low level, so - * there is no way to alert the user or program. - * - Cannot call abort() because some systems have unsafe - * corefiles. - * - Could raise(SIGKILL) resulting in silent program termination. - * - Return EIO, to hint that arc4random's stir function - * should raise(SIGKILL) - * - Do the best under the circumstances.... - * - * This code path exists to bring light to the issue that Solaris - * does not provide a failsafe API for entropy collection. - * - * We hope this demonstrates that Solaris should consider - * providing a new failsafe API which works in a chroot or - * when file descriptors are exhausted. - */ -#undef FAIL_INSTEAD_OF_TRYING_FALLBACK -#ifdef FAIL_INSTEAD_OF_TRYING_FALLBACK - raise(SIGKILL); -#endif - ret = getentropy_fallback(buf, len); - if (ret != -1) - return (ret); - - errno = EIO; - return (ret); -} - -static int -getentropy_urandom(void *buf, size_t len, const char *path, int devfscheck) -{ - struct stat st; - size_t i; - int fd, flags; - int save_errno = errno; - -start: - - flags = O_RDONLY; -#ifdef O_NOFOLLOW - flags |= O_NOFOLLOW; -#endif -#ifdef O_CLOEXEC - flags |= O_CLOEXEC; -#endif - fd = open(path, flags); - if (fd == -1) { - if (errno == EINTR) - goto start; - goto nodevrandom; - } -#ifndef O_CLOEXEC - fcntl(fd, F_SETFD, fcntl(fd, F_GETFD) | FD_CLOEXEC); -#endif - - /* Lightly verify that the device node looks sane */ - if (fstat(fd, &st) == -1 || !S_ISCHR(st.st_mode) || - (devfscheck && (strcmp(st.st_fstype, "devfs") != 0))) { - close(fd); - goto nodevrandom; - } - for (i = 0; i < len; ) { - size_t wanted = len - i; - ssize_t ret = read(fd, (char *)buf + i, wanted); - - if (ret == -1) { - if (errno == EAGAIN || errno == EINTR) - continue; - close(fd); - goto nodevrandom; - } - i += ret; - } - close(fd); - errno = save_errno; - return (0); /* satisfied */ -nodevrandom: - errno = EIO; - return (-1); -} - -static const int cl[] = { - CLOCK_REALTIME, -#ifdef CLOCK_MONOTONIC - CLOCK_MONOTONIC, -#endif -#ifdef CLOCK_MONOTONIC_RAW - CLOCK_MONOTONIC_RAW, -#endif -#ifdef CLOCK_TAI - CLOCK_TAI, -#endif -#ifdef CLOCK_VIRTUAL - CLOCK_VIRTUAL, -#endif -#ifdef CLOCK_UPTIME - CLOCK_UPTIME, -#endif -#ifdef CLOCK_PROCESS_CPUTIME_ID - CLOCK_PROCESS_CPUTIME_ID, -#endif -#ifdef CLOCK_THREAD_CPUTIME_ID - CLOCK_THREAD_CPUTIME_ID, -#endif -}; - -static int -getentropy_phdr(struct dl_phdr_info *info, size_t size, void *data) -{ - SHA512_CTX *ctx = data; - - SHA512_Update(ctx, &info->dlpi_addr, sizeof (info->dlpi_addr)); - return (0); -} - -static int -getentropy_fallback(void *buf, size_t len) -{ - uint8_t results[SHA512_DIGEST_LENGTH]; - int save_errno = errno, e, pgs = getpagesize(), faster = 0, repeat; - static int cnt; - struct timespec ts; - struct timeval tv; - double loadavg[3]; - struct rusage ru; - sigset_t sigset; - struct stat st; - SHA512_CTX ctx; - static pid_t lastpid; - pid_t pid; - size_t i, ii, m; - char *p; - - pid = getpid(); - if (lastpid == pid) { - faster = 1; - repeat = 2; - } else { - faster = 0; - lastpid = pid; - repeat = REPEAT; - } - for (i = 0; i < len; ) { - int j; - SHA512_Init(&ctx); - for (j = 0; j < repeat; j++) { - HX((e = gettimeofday(&tv, NULL)) == -1, tv); - if (e != -1) { - cnt += (int)tv.tv_sec; - cnt += (int)tv.tv_usec; - } - - dl_iterate_phdr(getentropy_phdr, &ctx); - - for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]); ii++) - HX(clock_gettime(cl[ii], &ts) == -1, ts); - - HX((pid = getpid()) == -1, pid); - HX((pid = getsid(pid)) == -1, pid); - HX((pid = getppid()) == -1, pid); - HX((pid = getpgid(0)) == -1, pid); - HX((e = getpriority(0, 0)) == -1, e); - HX((getloadavg(loadavg, 3) == -1), loadavg); - - if (!faster) { - ts.tv_sec = 0; - ts.tv_nsec = 1; - (void) nanosleep(&ts, NULL); - } - - HX(sigpending(&sigset) == -1, sigset); - HX(sigprocmask(SIG_BLOCK, NULL, &sigset) == -1, - sigset); - - HF(getentropy); /* an addr in this library */ - HF(printf); /* an addr in libc */ - p = (char *)&p; - HD(p); /* an addr on stack */ - p = (char *)&errno; - HD(p); /* the addr of errno */ - - if (i == 0) { - struct sockaddr_storage ss; - struct statvfs stvfs; - struct termios tios; - socklen_t ssl; - off_t off; - - /* - * Prime-sized mappings encourage fragmentation; - * thus exposing some address entropy. - */ - struct mm { - size_t npg; - void *p; - } mm[] = { - { 17, MAP_FAILED }, { 3, MAP_FAILED }, - { 11, MAP_FAILED }, { 2, MAP_FAILED }, - { 5, MAP_FAILED }, { 3, MAP_FAILED }, - { 7, MAP_FAILED }, { 1, MAP_FAILED }, - { 57, MAP_FAILED }, { 3, MAP_FAILED }, - { 131, MAP_FAILED }, { 1, MAP_FAILED }, - }; - - for (m = 0; m < sizeof mm/sizeof(mm[0]); m++) { - HX(mm[m].p = mmap(NULL, - mm[m].npg * pgs, - PROT_READ|PROT_WRITE, - MAP_PRIVATE|MAP_ANON, -1, - (off_t)0), mm[m].p); - if (mm[m].p != MAP_FAILED) { - size_t mo; - - /* Touch some memory... */ - p = mm[m].p; - mo = cnt % - (mm[m].npg * pgs - 1); - p[mo] = 1; - cnt += (int)((long)(mm[m].p) - / pgs); - } - - /* Check cnts and times... */ - for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]); - ii++) { - HX((e = clock_gettime(cl[ii], - &ts)) == -1, ts); - if (e != -1) - cnt += (int)ts.tv_nsec; - } - - HX((e = getrusage(RUSAGE_SELF, - &ru)) == -1, ru); - if (e != -1) { - cnt += (int)ru.ru_utime.tv_sec; - cnt += (int)ru.ru_utime.tv_usec; - } - } - - for (m = 0; m < sizeof mm/sizeof(mm[0]); m++) { - if (mm[m].p != MAP_FAILED) - munmap(mm[m].p, mm[m].npg * pgs); - mm[m].p = MAP_FAILED; - } - - HX(stat(".", &st) == -1, st); - HX(statvfs(".", &stvfs) == -1, stvfs); - - HX(stat("/", &st) == -1, st); - HX(statvfs("/", &stvfs) == -1, stvfs); - - HX((e = fstat(0, &st)) == -1, st); - if (e == -1) { - if (S_ISREG(st.st_mode) || - S_ISFIFO(st.st_mode) || - S_ISSOCK(st.st_mode)) { - HX(fstatvfs(0, &stvfs) == -1, - stvfs); - HX((off = lseek(0, (off_t)0, - SEEK_CUR)) < 0, off); - } - if (S_ISCHR(st.st_mode)) { - HX(tcgetattr(0, &tios) == -1, - tios); - } else if (S_ISSOCK(st.st_mode)) { - memset(&ss, 0, sizeof ss); - ssl = sizeof(ss); - HX(getpeername(0, - (void *)&ss, &ssl) == -1, - ss); - } - } - - HX((e = getrusage(RUSAGE_CHILDREN, - &ru)) == -1, ru); - if (e != -1) { - cnt += (int)ru.ru_utime.tv_sec; - cnt += (int)ru.ru_utime.tv_usec; - } - } else { - /* Subsequent hashes absorb previous result */ - HD(results); - } - - HX((e = gettimeofday(&tv, NULL)) == -1, tv); - if (e != -1) { - cnt += (int)tv.tv_sec; - cnt += (int)tv.tv_usec; - } - - HD(cnt); - } - SHA512_Final(results, &ctx); - memcpy((char *)buf + i, results, MINIMUM(sizeof(results), len - i)); - i += MINIMUM(sizeof(results), len - i); - } - explicit_bzero(&ctx, sizeof ctx); - explicit_bzero(results, sizeof results); - errno = save_errno; - return (0); /* satisfied */ -} diff --git a/src/lib/libcrypto/arc4random/getentropy_win.c b/src/lib/libcrypto/arc4random/getentropy_win.c deleted file mode 100644 index 64514b3a37..0000000000 --- a/src/lib/libcrypto/arc4random/getentropy_win.c +++ /dev/null @@ -1,50 +0,0 @@ -/* $OpenBSD: getentropy_win.c,v 1.6 2020/11/11 10:41:24 bcook Exp $ */ - -/* - * Copyright (c) 2014, Theo de Raadt - * Copyright (c) 2014, Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - * - * Emulation of getentropy(2) as documented at: - * http://man.openbsd.org/getentropy.2 - */ - -#include -#include -#include -#include -#include - -int getentropy(void *buf, size_t len); - -/* - * On Windows, BCryptGenRandom with BCRYPT_USE_SYSTEM_PREFERRED_RNG is supposed - * to be a well-seeded, cryptographically strong random number generator. - * https://docs.microsoft.com/en-us/windows/win32/api/bcrypt/nf-bcrypt-bcryptgenrandom - */ -int -getentropy(void *buf, size_t len) -{ - if (len > 256) { - errno = EIO; - return (-1); - } - - if (FAILED(BCryptGenRandom(NULL, buf, len, BCRYPT_USE_SYSTEM_PREFERRED_RNG))) { - errno = EIO; - return (-1); - } - - return (0); -} diff --git a/src/lib/libcrypto/arch/aarch64/Makefile.inc b/src/lib/libcrypto/arch/aarch64/Makefile.inc deleted file mode 100644 index d93cb815ef..0000000000 --- a/src/lib/libcrypto/arch/aarch64/Makefile.inc +++ /dev/null @@ -1,12 +0,0 @@ -# $OpenBSD: Makefile.inc,v 1.16 2025/03/12 14:13:41 jsing Exp $ - -# aarch64-specific libcrypto build rules - -SRCS += crypto_cpu_caps.c - -SRCS += sha256_aarch64.c -SRCS += sha256_aarch64_ce.S -SRCS += sha512_aarch64.c -SRCS += sha512_aarch64_ce.S - -AFLAGS+= -mmark-bti-property diff --git a/src/lib/libcrypto/arch/aarch64/crypto_arch.h b/src/lib/libcrypto/arch/aarch64/crypto_arch.h deleted file mode 100644 index 35ecba9394..0000000000 --- a/src/lib/libcrypto/arch/aarch64/crypto_arch.h +++ /dev/null @@ -1,43 +0,0 @@ -/* $OpenBSD: crypto_arch.h,v 1.4 2025/03/12 14:13:41 jsing Exp $ */ -/* - * Copyright (c) 2024 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#ifndef HEADER_CRYPTO_ARCH_H -#define HEADER_CRYPTO_ARCH_H - -#define HAVE_CRYPTO_CPU_CAPS_INIT - -#ifndef __ASSEMBLER__ -extern uint64_t crypto_cpu_caps_aarch64; -#endif - -#define CRYPTO_CPU_CAPS_AARCH64_AES (1ULL << 0) -#define CRYPTO_CPU_CAPS_AARCH64_PMULL (1ULL << 1) -#define CRYPTO_CPU_CAPS_AARCH64_SHA1 (1ULL << 2) -#define CRYPTO_CPU_CAPS_AARCH64_SHA2 (1ULL << 3) -#define CRYPTO_CPU_CAPS_AARCH64_SHA512 (1ULL << 4) -#define CRYPTO_CPU_CAPS_AARCH64_SHA3 (1ULL << 5) - -#ifndef OPENSSL_NO_ASM - -#define HAVE_SHA256_BLOCK_DATA_ORDER -#define HAVE_SHA512_BLOCK_DATA_ORDER - -#endif - -#endif diff --git a/src/lib/libcrypto/arch/aarch64/crypto_cpu_caps.c b/src/lib/libcrypto/arch/aarch64/crypto_cpu_caps.c deleted file mode 100644 index b31a50ef75..0000000000 --- a/src/lib/libcrypto/arch/aarch64/crypto_cpu_caps.c +++ /dev/null @@ -1,97 +0,0 @@ -/* $OpenBSD: crypto_cpu_caps.c,v 1.2 2024/11/12 13:52:31 jsing Exp $ */ -/* - * Copyright (c) 2023 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include - -#include - -#include -#include - -#include "crypto_arch.h" - -/* Machine dependent CPU capabilities. */ -uint64_t crypto_cpu_caps_aarch64; - -static inline uint64_t -extract_bits(uint64_t val, int start, int end) -{ - return (val >> end) & (1ULL << (1 + start - end)) - 1; -} - -static uint64_t -parse_isar0(uint64_t isar0) -{ - uint64_t caps = 0; - uint64_t feature; - - /* AES - bits [7:4] */ - feature = extract_bits(isar0, 7, 4); - if (feature >= 1) - caps |= CRYPTO_CPU_CAPS_AARCH64_AES; - if (feature >= 2) - caps |= CRYPTO_CPU_CAPS_AARCH64_PMULL; - - /* SHA1 - bits [11:8] */ - feature = extract_bits(isar0, 11, 8); - if (feature >= 1) - caps |= CRYPTO_CPU_CAPS_AARCH64_SHA1; - - /* SHA2 - bits [15:12] */ - feature = extract_bits(isar0, 15, 12); - if (feature >= 1) - caps |= CRYPTO_CPU_CAPS_AARCH64_SHA2; - if (feature >= 2) - caps |= CRYPTO_CPU_CAPS_AARCH64_SHA512; - - /* SHA3 - bits [35:32] */ - feature = extract_bits(isar0, 35, 32); - if (feature >= 1) - caps |= CRYPTO_CPU_CAPS_AARCH64_SHA3; - - return caps; -} - -static int -read_isar0(uint64_t *isar0) -{ - uint64_t isar; - int mib[2]; - size_t len; - - mib[0] = CTL_MACHDEP; - mib[1] = CPU_ID_AA64ISAR0; - len = sizeof(isar); - if (sysctl(mib, 2, &isar, &len, NULL, 0) == -1) - return 0; - - *isar0 = isar; - - return 1; -} - -void -crypto_cpu_caps_init(void) -{ - uint64_t isar = 0; - - if (!read_isar0(&isar)) - return; - - crypto_cpu_caps_aarch64 = parse_isar0(isar); -} diff --git a/src/lib/libcrypto/arch/aarch64/opensslconf.h b/src/lib/libcrypto/arch/aarch64/opensslconf.h deleted file mode 100644 index 731b06aecc..0000000000 --- a/src/lib/libcrypto/arch/aarch64/opensslconf.h +++ /dev/null @@ -1,154 +0,0 @@ -#include -/* crypto/opensslconf.h.in */ - -#if defined(HEADER_CRYPTO_LOCAL_H) && !defined(OPENSSLDIR) -#define OPENSSLDIR "/etc/ssl" -#endif - -#undef OPENSSL_EXPORT_VAR_AS_FUNCTION - -#ifndef OPENSSL_FILE -#ifdef OPENSSL_NO_FILENAMES -#define OPENSSL_FILE "" -#define OPENSSL_LINE 0 -#else -#define OPENSSL_FILE __FILE__ -#define OPENSSL_LINE __LINE__ -#endif -#endif - -#if defined(HEADER_IDEA_H) && !defined(IDEA_INT) -#define IDEA_INT unsigned int -#endif - -#if defined(HEADER_MD2_H) && !defined(MD2_INT) -#define MD2_INT unsigned int -#endif - -#if defined(HEADER_RC2_H) && !defined(RC2_INT) -/* I need to put in a mod for the alpha - eay */ -#define RC2_INT unsigned int -#endif - -#if defined(HEADER_RC4_H) -#if !defined(RC4_INT) -/* using int types make the structure larger but make the code faster - * on most boxes I have tested - up to %20 faster. */ -/* - * I don't know what does "most" mean, but declaring "int" is a must on: - * - Intel P6 because partial register stalls are very expensive; - * - elder Alpha because it lacks byte load/store instructions; - */ -#define RC4_INT unsigned int -#endif -#if !defined(RC4_CHUNK) -/* - * This enables code handling data aligned at natural CPU word - * boundary. See crypto/rc4/rc4_enc.c for further details. - */ -#define RC4_CHUNK unsigned long -#endif -#endif - -#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG) -/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a - * %20 speed up (longs are 8 bytes, int's are 4). */ -#ifndef DES_LONG -#define DES_LONG unsigned int -#endif -#endif - -#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) -#define CONFIG_HEADER_BN_H -#undef BN_LLONG - -/* Should we define BN_DIV2W here? */ - -/* Only one for the following should be defined */ -/* The prime number generation stuff may not work when - * EIGHT_BIT but I don't care since I've only used this mode - * for debugging the bignum libraries */ -#define SIXTY_FOUR_BIT_LONG -#undef SIXTY_FOUR_BIT -#undef THIRTY_TWO_BIT -#undef SIXTEEN_BIT -#undef EIGHT_BIT -#endif - -#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) -#define CONFIG_HEADER_BF_LOCL_H -#undef BF_PTR -#endif /* HEADER_BF_LOCL_H */ - -#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H) -#define CONFIG_HEADER_DES_LOCL_H -#ifndef DES_DEFAULT_OPTIONS -/* the following is tweaked from a config script, that is why it is a - * protected undef/define */ -#ifndef DES_PTR -#undef DES_PTR -#endif - -/* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependencies at the expense of 2 more - * registers */ -#ifndef DES_RISC1 -#undef DES_RISC1 -#endif - -#ifndef DES_RISC2 -#undef DES_RISC2 -#endif - -#if defined(DES_RISC1) && defined(DES_RISC2) -YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! -#endif - -/* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very much CPU dependent */ -#ifndef DES_UNROLL -#define DES_UNROLL -#endif - -/* These default values were supplied by - * Peter Gutman - * They are only used if nothing else has been defined */ -#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL) -/* Special defines which change the way the code is built depending on the - CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find - even newer MIPS CPU's, but at the moment one size fits all for - optimization options. Older Sparc's work better with only UNROLL, but - there's no way to tell at compile time what it is you're running on */ - -#if defined( sun ) /* Newer Sparc's */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#elif defined( __ultrix ) /* Older MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined( __osf1__ ) /* Alpha */ -# define DES_PTR -# define DES_RISC2 -#elif defined ( _AIX ) /* RS6000 */ - /* Unknown */ -#elif defined( __hpux ) /* HP-PA */ - /* Unknown */ -#elif defined( __aux ) /* 68K */ - /* Unknown */ -#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ -# define DES_UNROLL -#elif defined( __sgi ) /* Newer MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#endif /* Systems-specific speed defines */ -#endif - -#endif /* DES_DEFAULT_OPTIONS */ -#endif /* HEADER_DES_LOCL_H */ diff --git a/src/lib/libcrypto/arch/alpha/Makefile.inc b/src/lib/libcrypto/arch/alpha/Makefile.inc deleted file mode 100644 index 1073ac3c1e..0000000000 --- a/src/lib/libcrypto/arch/alpha/Makefile.inc +++ /dev/null @@ -1,20 +0,0 @@ -# $OpenBSD: Makefile.inc,v 1.15 2025/02/14 12:01:58 jsing Exp $ - -# alpha-specific libcrypto build rules - -# bn -SSLASM+= bn alpha-mont -CFLAGS+= -DOPENSSL_BN_ASM_MONT -# modes -CFLAGS+= -DGHASH_ASM -SSLASM+= modes ghash-alpha -# sha -SSLASM+= sha sha1-alpha - -.for dir f in ${SSLASM} -SRCS+= ${f}.S -GENERATED+=${f}.S -${f}.S: ${LCRYPTO_SRC}/${dir}/asm/${f}.pl - /usr/bin/perl \ - ${LCRYPTO_SRC}/${dir}/asm/${f}.pl > ${.TARGET} -.endfor diff --git a/src/lib/libcrypto/arch/alpha/crypto_arch.h b/src/lib/libcrypto/arch/alpha/crypto_arch.h deleted file mode 100644 index 1d553b7e07..0000000000 --- a/src/lib/libcrypto/arch/alpha/crypto_arch.h +++ /dev/null @@ -1,24 +0,0 @@ -/* $OpenBSD: crypto_arch.h,v 1.2 2025/02/14 12:01:58 jsing Exp $ */ -/* - * Copyright (c) 2024 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_CRYPTO_ARCH_H -#define HEADER_CRYPTO_ARCH_H - -#define HAVE_SHA1_BLOCK_DATA_ORDER -#define HAVE_SHA1_BLOCK_GENERIC - -#endif diff --git a/src/lib/libcrypto/arch/alpha/opensslconf.h b/src/lib/libcrypto/arch/alpha/opensslconf.h deleted file mode 100644 index 0ec9c25891..0000000000 --- a/src/lib/libcrypto/arch/alpha/opensslconf.h +++ /dev/null @@ -1,152 +0,0 @@ -#include -/* crypto/opensslconf.h.in */ - -#if defined(HEADER_CRYPTO_LOCAL_H) && !defined(OPENSSLDIR) -#define OPENSSLDIR "/etc/ssl" -#endif - -#undef OPENSSL_EXPORT_VAR_AS_FUNCTION - -#ifndef OPENSSL_FILE -#ifdef OPENSSL_NO_FILENAMES -#define OPENSSL_FILE "" -#define OPENSSL_LINE 0 -#else -#define OPENSSL_FILE __FILE__ -#define OPENSSL_LINE __LINE__ -#endif -#endif - -#if defined(HEADER_IDEA_H) && !defined(IDEA_INT) -#define IDEA_INT unsigned int -#endif - -#if defined(HEADER_MD2_H) && !defined(MD2_INT) -#define MD2_INT unsigned int -#endif - -#if defined(HEADER_RC2_H) && !defined(RC2_INT) -/* I need to put in a mod for the alpha - eay */ -#define RC2_INT unsigned int -#endif - -#if defined(HEADER_RC4_H) -#if !defined(RC4_INT) -/* using int types make the structure larger but make the code faster - * on most boxes I have tested - up to %20 faster. */ -/* - * I don't know what does "most" mean, but declaring "int" is a must on: - * - Intel P6 because partial register stalls are very expensive; - * - elder Alpha because it lacks byte load/store instructions; - */ -#define RC4_INT unsigned int -#endif -#if !defined(RC4_CHUNK) -/* - * This enables code handling data aligned at natural CPU word - * boundary. See crypto/rc4/rc4_enc.c for further details. - */ -#define RC4_CHUNK unsigned long -#endif -#endif - -#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG) -/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a - * %20 speed up (longs are 8 bytes, int's are 4). */ -#ifndef DES_LONG -#define DES_LONG unsigned int -#endif -#endif - -#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) -#define CONFIG_HEADER_BN_H -#undef BN_LLONG - -/* Should we define BN_DIV2W here? */ - -/* Only one for the following should be defined */ -/* The prime number generation stuff may not work when - * EIGHT_BIT but I don't care since I've only used this mode - * for debugging the bignum libraries */ -#define SIXTY_FOUR_BIT_LONG -#undef SIXTY_FOUR_BIT -#undef THIRTY_TWO_BIT -#endif - -#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) -#define CONFIG_HEADER_BF_LOCL_H -#define BF_PTR -#endif /* HEADER_BF_LOCL_H */ - -#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H) -#define CONFIG_HEADER_DES_LOCL_H -#ifndef DES_DEFAULT_OPTIONS -/* the following is tweaked from a config script, that is why it is a - * protected undef/define */ -#ifndef DES_PTR -#define DES_PTR -#endif - -/* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependencies at the expense of 2 more - * registers */ -#ifndef DES_RISC1 -#undef DES_RISC1 -#endif - -#ifndef DES_RISC2 -#define DES_RISC2 -#endif - -#if defined(DES_RISC1) && defined(DES_RISC2) -YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! -#endif - -/* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very much CPU dependent */ -#ifndef DES_UNROLL -#undef DES_UNROLL -#endif - -/* These default values were supplied by - * Peter Gutman - * They are only used if nothing else has been defined */ -#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL) -/* Special defines which change the way the code is built depending on the - CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find - even newer MIPS CPU's, but at the moment one size fits all for - optimization options. Older Sparc's work better with only UNROLL, but - there's no way to tell at compile time what it is you're running on */ - -#if defined( sun ) /* Newer Sparc's */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#elif defined( __ultrix ) /* Older MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined( __osf1__ ) /* Alpha */ -# define DES_PTR -# define DES_RISC2 -#elif defined ( _AIX ) /* RS6000 */ - /* Unknown */ -#elif defined( __hpux ) /* HP-PA */ - /* Unknown */ -#elif defined( __aux ) /* 68K */ - /* Unknown */ -#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ -# define DES_UNROLL -#elif defined( __sgi ) /* Newer MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#endif /* Systems-specific speed defines */ -#endif - -#endif /* DES_DEFAULT_OPTIONS */ -#endif /* HEADER_DES_LOCL_H */ diff --git a/src/lib/libcrypto/arch/amd64/Makefile.inc b/src/lib/libcrypto/arch/amd64/Makefile.inc deleted file mode 100644 index b1a6563931..0000000000 --- a/src/lib/libcrypto/arch/amd64/Makefile.inc +++ /dev/null @@ -1,68 +0,0 @@ -# $OpenBSD: Makefile.inc,v 1.37 2025/02/14 12:01:58 jsing Exp $ - -# amd64-specific libcrypto build rules - -# all amd64 code generators use this -EXTRA_PL = ${LCRYPTO_SRC}/perlasm/x86_64-xlate.pl - -SRCS += crypto_cpu_caps.c - -# aes -CFLAGS+= -DAES_ASM -SSLASM+= aes aes-x86_64 -CFLAGS+= -DBSAES_ASM -SSLASM+= aes bsaes-x86_64 -CFLAGS+= -DVPAES_ASM -SSLASM+= aes vpaes-x86_64 -SSLASM+= aes aesni-x86_64 -# bn -CFLAGS+= -DOPENSSL_IA32_SSE2 -CFLAGS+= -DRSA_ASM -SSLASM+= bn modexp512-x86_64 -CFLAGS+= -DOPENSSL_BN_ASM_MONT -SSLASM+= bn x86_64-mont -CFLAGS+= -DOPENSSL_BN_ASM_MONT5 -SSLASM+= bn x86_64-mont5 - -# bn s2n-bignum -SRCS += bn_arch.c -SRCS += bignum_add.S -SRCS += bignum_cmadd.S -SRCS += bignum_cmul.S -SRCS += bignum_mul.S -SRCS += bignum_mul_4_8_alt.S -SRCS += bignum_mul_8_16_alt.S -SRCS += bignum_sqr.S -SRCS += bignum_sqr_4_8_alt.S -SRCS += bignum_sqr_8_16_alt.S -SRCS += bignum_sub.S -SRCS += word_clz.S - -# md5 -CFLAGS+= -DMD5_ASM -SRCS+= md5_amd64_generic.S -# modes -CFLAGS+= -DGHASH_ASM -SSLASM+= modes ghash-x86_64 -# rc4 -SSLASM+= rc4 rc4-x86_64 -# ripemd -# sha -SRCS+= sha1_amd64.c -SRCS+= sha1_amd64_generic.S -SRCS+= sha1_amd64_shani.S -SRCS+= sha256_amd64.c -SRCS+= sha256_amd64_generic.S -SRCS+= sha256_amd64_shani.S -SRCS+= sha512_amd64.c -SRCS+= sha512_amd64_generic.S - -.for dir f in ${SSLASM} -SRCS+= ${f}.S -GENERATED+=${f}.S -${f}.S: ${LCRYPTO_SRC}/${dir}/asm/${f}.pl ${EXTRA_PL} - (cd ${LCRYPTO_SRC}/${dir} ; \ - /usr/bin/perl ./asm/${f}.pl openbsd) > ${.TARGET} -.endfor - -CFLAGS+=-fret-clean diff --git a/src/lib/libcrypto/arch/amd64/crypto_arch.h b/src/lib/libcrypto/arch/amd64/crypto_arch.h deleted file mode 100644 index 951374250d..0000000000 --- a/src/lib/libcrypto/arch/amd64/crypto_arch.h +++ /dev/null @@ -1,54 +0,0 @@ -/* $OpenBSD: crypto_arch.h,v 1.5 2025/02/14 12:01:58 jsing Exp $ */ -/* - * Copyright (c) 2024 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#ifndef HEADER_CRYPTO_ARCH_H -#define HEADER_CRYPTO_ARCH_H - -#define HAVE_CRYPTO_CPU_CAPS_INIT -#define HAVE_CRYPTO_CPU_CAPS_IA32 - -#ifndef __ASSEMBLER__ -extern uint64_t crypto_cpu_caps_amd64; -#endif - -#define CRYPTO_CPU_CAPS_AMD64_SHA (1ULL << 0) - -#ifndef OPENSSL_NO_ASM - -#define HAVE_AES_CBC_ENCRYPT_INTERNAL -#define HAVE_AES_SET_ENCRYPT_KEY_INTERNAL -#define HAVE_AES_SET_DECRYPT_KEY_INTERNAL -#define HAVE_AES_ENCRYPT_INTERNAL -#define HAVE_AES_DECRYPT_INTERNAL - -#define HAVE_RC4_INTERNAL -#define HAVE_RC4_SET_KEY_INTERNAL - -#define HAVE_SHA1_BLOCK_DATA_ORDER -#define HAVE_SHA1_BLOCK_GENERIC - -#define HAVE_SHA256_BLOCK_DATA_ORDER -#define HAVE_SHA256_BLOCK_GENERIC - -#define HAVE_SHA512_BLOCK_DATA_ORDER -#define HAVE_SHA512_BLOCK_GENERIC - -#endif - -#endif diff --git a/src/lib/libcrypto/arch/amd64/crypto_cpu_caps.c b/src/lib/libcrypto/arch/amd64/crypto_cpu_caps.c deleted file mode 100644 index 63b7b64cda..0000000000 --- a/src/lib/libcrypto/arch/amd64/crypto_cpu_caps.c +++ /dev/null @@ -1,134 +0,0 @@ -/* $OpenBSD: crypto_cpu_caps.c,v 1.4 2024/11/16 13:05:35 jsing Exp $ */ -/* - * Copyright (c) 2024 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include - -#include "crypto_arch.h" -#include "x86_arch.h" - -/* Legacy architecture specific capabilities, used by perlasm. */ -uint64_t OPENSSL_ia32cap_P; - -/* Machine dependent CPU capabilities. */ -uint64_t crypto_cpu_caps_amd64; - -/* Machine independent CPU capabilities. */ -extern uint64_t crypto_cpu_caps; - -static inline void -cpuid(uint32_t eax, uint32_t *out_eax, uint32_t *out_ebx, uint32_t *out_ecx, - uint32_t *out_edx) -{ - uint32_t ebx = 0, ecx = 0, edx = 0; - -#ifndef OPENSSL_NO_ASM - __asm__ ("cpuid": "+a"(eax), "+b"(ebx), "+c"(ecx), "+d"(edx)); -#else - eax = 0; -#endif - - if (out_eax != NULL) - *out_eax = eax; - if (out_ebx != NULL) - *out_ebx = ebx; - if (out_ecx != NULL) - *out_ecx = ecx; - if (out_edx != NULL) - *out_edx = edx; -} - -static inline void -xgetbv(uint32_t ecx, uint32_t *out_eax, uint32_t *out_edx) -{ - uint32_t eax = 0, edx = 0; - -#ifndef OPENSSL_NO_ASM - __asm__ ("xgetbv": "+a"(eax), "+c"(ecx), "+d"(edx)); -#endif - - if (out_eax != NULL) - *out_eax = eax; - if (out_edx != NULL) - *out_edx = edx; -} - -void -crypto_cpu_caps_init(void) -{ - uint32_t eax, ebx, ecx, edx, max_cpuid; - uint64_t caps = 0; - - cpuid(0, &eax, &ebx, &ecx, &edx); - - max_cpuid = eax; - - /* "GenuineIntel" in little endian. */ - if (ebx == 0x756e6547 && edx == 0x49656e69 && ecx == 0x6c65746e) - caps |= CPUCAP_MASK_INTEL; - - if (max_cpuid < 1) - return; - - cpuid(1, &eax, NULL, &ecx, &edx); - - if ((edx & IA32CAP_MASK0_FXSR) != 0) - caps |= CPUCAP_MASK_FXSR; - if ((edx & IA32CAP_MASK0_HT) != 0) - caps |= CPUCAP_MASK_HT; - if ((edx & IA32CAP_MASK0_MMX) != 0) - caps |= CPUCAP_MASK_MMX; - if ((edx & IA32CAP_MASK0_SSE) != 0) - caps |= CPUCAP_MASK_SSE; - if ((edx & IA32CAP_MASK0_SSE2) != 0) - caps |= CPUCAP_MASK_SSE2; - - if ((ecx & IA32CAP_MASK1_AESNI) != 0) - caps |= CPUCAP_MASK_AESNI; - if ((ecx & IA32CAP_MASK1_PCLMUL) != 0) - caps |= CPUCAP_MASK_PCLMUL; - if ((ecx & IA32CAP_MASK1_SSSE3) != 0) - caps |= CPUCAP_MASK_SSSE3; - - /* AVX requires OSXSAVE and XMM/YMM state to be enabled. */ - if ((ecx & IA32CAP_MASK1_OSXSAVE) != 0) { - xgetbv(0, &eax, NULL); - if (((eax >> 1) & 3) == 3 && (ecx & IA32CAP_MASK1_AVX) != 0) - caps |= CPUCAP_MASK_AVX; - } - - if (max_cpuid >= 7) { - cpuid(7, NULL, &ebx, NULL, NULL); - - /* Intel SHA extensions feature bit - ebx[29]. */ - if (((ebx >> 29) & 1) != 0) - crypto_cpu_caps_amd64 |= CRYPTO_CPU_CAPS_AMD64_SHA; - } - - /* Set machine independent CPU capabilities. */ - if ((caps & CPUCAP_MASK_AESNI) != 0) - crypto_cpu_caps |= CRYPTO_CPU_CAPS_ACCELERATED_AES; - - OPENSSL_ia32cap_P = caps; -} - -uint64_t -crypto_cpu_caps_ia32(void) -{ - return OPENSSL_ia32cap_P; -} diff --git a/src/lib/libcrypto/arch/amd64/opensslconf.h b/src/lib/libcrypto/arch/amd64/opensslconf.h deleted file mode 100644 index cc193762f1..0000000000 --- a/src/lib/libcrypto/arch/amd64/opensslconf.h +++ /dev/null @@ -1,149 +0,0 @@ -#include -/* crypto/opensslconf.h.in */ - -#if defined(HEADER_CRYPTO_LOCAL_H) && !defined(OPENSSLDIR) -#define OPENSSLDIR "/etc/ssl" -#endif - -#undef OPENSSL_EXPORT_VAR_AS_FUNCTION - -#ifndef OPENSSL_FILE -#ifdef OPENSSL_NO_FILENAMES -#define OPENSSL_FILE "" -#define OPENSSL_LINE 0 -#else -#define OPENSSL_FILE __FILE__ -#define OPENSSL_LINE __LINE__ -#endif -#endif - -#if defined(HEADER_IDEA_H) && !defined(IDEA_INT) -#define IDEA_INT unsigned int -#endif - -#if defined(HEADER_MD2_H) && !defined(MD2_INT) -#define MD2_INT unsigned int -#endif - -#if defined(HEADER_RC2_H) && !defined(RC2_INT) -/* I need to put in a mod for the alpha - eay */ -#define RC2_INT unsigned int -#endif - -#if defined(HEADER_RC4_H) -#if !defined(RC4_INT) -/* using int types make the structure larger but make the code faster - * on most boxes I have tested - up to %20 faster. */ -/* - * I don't know what does "most" mean, but declaring "int" is a must on: - * - Intel P6 because partial register stalls are very expensive; - * - elder Alpha because it lacks byte load/store instructions; - */ -#define RC4_INT unsigned int -#endif -#if !defined(RC4_CHUNK) -/* - * This enables code handling data aligned at natural CPU word - * boundary. See crypto/rc4/rc4_enc.c for further details. - */ -#define RC4_CHUNK unsigned long -#endif -#endif - -#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG) -/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a - * %20 speed up (longs are 8 bytes, int's are 4). */ -#ifndef DES_LONG -#define DES_LONG unsigned int -#endif -#endif - -#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) -#define CONFIG_HEADER_BN_H -#undef BN_LLONG - -/* Should we define BN_DIV2W here? */ - -/* Only one for the following should be defined */ -#define SIXTY_FOUR_BIT_LONG -#undef SIXTY_FOUR_BIT -#undef THIRTY_TWO_BIT -#endif - -#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) -#define CONFIG_HEADER_BF_LOCL_H -#undef BF_PTR -#endif /* HEADER_BF_LOCL_H */ - -#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H) -#define CONFIG_HEADER_DES_LOCL_H -#ifndef DES_DEFAULT_OPTIONS -/* the following is tweaked from a config script, that is why it is a - * protected undef/define */ -#ifndef DES_PTR -#undef DES_PTR -#endif - -/* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependencies at the expense of 2 more - * registers */ -#ifndef DES_RISC1 -#undef DES_RISC1 -#endif - -#ifndef DES_RISC2 -#undef DES_RISC2 -#endif - -#if defined(DES_RISC1) && defined(DES_RISC2) -YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! -#endif - -/* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very much CPU dependent */ -#ifndef DES_UNROLL -#define DES_UNROLL -#endif - -/* These default values were supplied by - * Peter Gutman - * They are only used if nothing else has been defined */ -#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL) -/* Special defines which change the way the code is built depending on the - CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find - even newer MIPS CPU's, but at the moment one size fits all for - optimization options. Older Sparc's work better with only UNROLL, but - there's no way to tell at compile time what it is you're running on */ - -#if defined( sun ) /* Newer Sparc's */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#elif defined( __ultrix ) /* Older MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined( __osf1__ ) /* Alpha */ -# define DES_PTR -# define DES_RISC2 -#elif defined ( _AIX ) /* RS6000 */ - /* Unknown */ -#elif defined( __hpux ) /* HP-PA */ - /* Unknown */ -#elif defined( __aux ) /* 68K */ - /* Unknown */ -#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ -# define DES_UNROLL -#elif defined( __sgi ) /* Newer MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#endif /* Systems-specific speed defines */ -#endif - -#endif /* DES_DEFAULT_OPTIONS */ -#endif /* HEADER_DES_LOCL_H */ diff --git a/src/lib/libcrypto/arch/arm/Makefile.inc b/src/lib/libcrypto/arch/arm/Makefile.inc deleted file mode 100644 index e078c51d98..0000000000 --- a/src/lib/libcrypto/arch/arm/Makefile.inc +++ /dev/null @@ -1,28 +0,0 @@ -# $oPenBSD: Makefile.inc,v 1.2 2014/05/02 18:21:39 miod Exp $ - -# arm-specific libcrypto build rules - -# aes -CFLAGS+= -DAES_ASM -SSLASM+= aes aes-armv4 -# bn -CFLAGS+= -DOPENSSL_BN_ASM_MONT -SSLASM+= bn armv4-mont -# modes -CFLAGS+= -DGHASH_ASM -SSLASM+= modes ghash-armv4 -# sha -SSLASM+= sha sha1-armv4-large -SSLASM+= sha sha256-armv4 -SSLASM+= sha sha512-armv4 - -.for dir f in ${SSLASM} -SRCS+= ${f}.S -GENERATED+=${f}.S -${f}.S: ${LCRYPTO_SRC}/${dir}/asm/${f}.pl - /usr/bin/perl \ - ${LCRYPTO_SRC}/${dir}/asm/${f}.pl void ${.TARGET} > ${.TARGET} -.endfor - -CFLAGS+= -DOPENSSL_CPUID_OBJ -SRCS+= armv4cpuid.S armcap.c diff --git a/src/lib/libcrypto/arch/arm/arm_arch.h b/src/lib/libcrypto/arch/arm/arm_arch.h deleted file mode 100644 index 5ac3b935f1..0000000000 --- a/src/lib/libcrypto/arch/arm/arm_arch.h +++ /dev/null @@ -1,59 +0,0 @@ -/* $OpenBSD: arm_arch.h,v 1.1 2022/03/23 15:13:31 tb Exp $ */ -#ifndef __ARM_ARCH_H__ -#define __ARM_ARCH_H__ - -#if !defined(__ARM_ARCH__) -# if defined(__CC_ARM) -# define __ARM_ARCH__ __TARGET_ARCH_ARM -# if defined(__BIG_ENDIAN) -# define __ARMEB__ -# else -# define __ARMEL__ -# endif -# elif defined(__GNUC__) - /* - * Why doesn't gcc define __ARM_ARCH__? Instead it defines - * bunch of below macros. See all_architectures[] table in - * gcc/config/arm/arm.c. On a side note it defines - * __ARMEL__/__ARMEB__ for little-/big-endian. - */ -# if defined(__ARM_ARCH) -# define __ARM_ARCH__ __ARM_ARCH -# elif defined(__ARM_ARCH_8A__) -# define __ARM_ARCH__ 8 -# elif defined(__ARM_ARCH_7__) || defined(__ARM_ARCH_7A__) || \ - defined(__ARM_ARCH_7R__)|| defined(__ARM_ARCH_7M__) || \ - defined(__ARM_ARCH_7EM__) -# define __ARM_ARCH__ 7 -# elif defined(__ARM_ARCH_6__) || defined(__ARM_ARCH_6J__) || \ - defined(__ARM_ARCH_6K__)|| defined(__ARM_ARCH_6M__) || \ - defined(__ARM_ARCH_6Z__)|| defined(__ARM_ARCH_6ZK__) || \ - defined(__ARM_ARCH_6T2__) -# define __ARM_ARCH__ 6 -# elif defined(__ARM_ARCH_5__) || defined(__ARM_ARCH_5T__) || \ - defined(__ARM_ARCH_5E__)|| defined(__ARM_ARCH_5TE__) || \ - defined(__ARM_ARCH_5TEJ__) -# define __ARM_ARCH__ 5 -# elif defined(__ARM_ARCH_4__) || defined(__ARM_ARCH_4T__) -# define __ARM_ARCH__ 4 -# else -# error "unsupported ARM architecture" -# endif -# endif -#endif - -#if !defined(__ASSEMBLER__) -extern unsigned int OPENSSL_armcap_P; - -#define ARMV7_NEON (1<<0) -#define ARMV8_AES (1<<1) -#define ARMV8_SHA1 (1<<2) -#define ARMV8_SHA256 (1<<3) -#define ARMV8_PMULL (1<<4) -#endif - -#if defined(__OpenBSD__) -#define __STRICT_ALIGNMENT -#endif - -#endif diff --git a/src/lib/libcrypto/arch/arm/armcap.c b/src/lib/libcrypto/arch/arm/armcap.c deleted file mode 100644 index 0238195397..0000000000 --- a/src/lib/libcrypto/arch/arm/armcap.c +++ /dev/null @@ -1,88 +0,0 @@ -/* $OpenBSD: armcap.c,v 1.3 2024/08/29 03:30:05 deraadt Exp $ */ -#include -#include -#include -#include -#include -#include - -#include "arm_arch.h" - -unsigned int OPENSSL_armcap_P; - -#if __ARM_ARCH__ >= 7 -static sigset_t all_masked; - -static sigjmp_buf ill_jmp; - -static void -ill_handler(int sig) -{ - siglongjmp(ill_jmp, sig); -} - -/* - * Following subroutines could have been inlined, but it's not all - * ARM compilers support inline assembler... - */ -void _armv7_neon_probe(void); -void _armv8_aes_probe(void); -void _armv8_sha1_probe(void); -void _armv8_sha256_probe(void); -void _armv8_pmull_probe(void); -#endif - -void -OPENSSL_cpuid_setup(void) -{ -#if __ARM_ARCH__ >= 7 - struct sigaction ill_oact, ill_act; - sigset_t oset; -#endif - static int trigger = 0; - - if (trigger) - return; - trigger = 1; - - OPENSSL_armcap_P = 0; - -#if __ARM_ARCH__ >= 7 - sigfillset(&all_masked); - sigdelset(&all_masked, SIGILL); - sigdelset(&all_masked, SIGTRAP); - sigdelset(&all_masked, SIGFPE); - sigdelset(&all_masked, SIGBUS); - sigdelset(&all_masked, SIGSEGV); - - memset(&ill_act, 0, sizeof(ill_act)); - ill_act.sa_handler = ill_handler; - ill_act.sa_mask = all_masked; - - sigprocmask(SIG_SETMASK, &ill_act.sa_mask, &oset); - sigaction(SIGILL, &ill_act, &ill_oact); - - if (sigsetjmp(ill_jmp, 1) == 0) { - _armv7_neon_probe(); - OPENSSL_armcap_P |= ARMV7_NEON; - if (sigsetjmp(ill_jmp, 1) == 0) { - _armv8_pmull_probe(); - OPENSSL_armcap_P |= ARMV8_PMULL | ARMV8_AES; - } else if (sigsetjmp(ill_jmp, 1) == 0) { - _armv8_aes_probe(); - OPENSSL_armcap_P |= ARMV8_AES; - } - if (sigsetjmp(ill_jmp, 1) == 0) { - _armv8_sha1_probe(); - OPENSSL_armcap_P |= ARMV8_SHA1; - } - if (sigsetjmp(ill_jmp, 1) == 0) { - _armv8_sha256_probe(); - OPENSSL_armcap_P |= ARMV8_SHA256; - } - } - - sigaction (SIGILL, &ill_oact, NULL); - sigprocmask(SIG_SETMASK, &oset, NULL); -#endif -} diff --git a/src/lib/libcrypto/arch/arm/armv4cpuid.S b/src/lib/libcrypto/arch/arm/armv4cpuid.S deleted file mode 100644 index db0b54e496..0000000000 --- a/src/lib/libcrypto/arch/arm/armv4cpuid.S +++ /dev/null @@ -1,69 +0,0 @@ -#include "arm_arch.h" - -.text -#if defined(__thumb2__) && !defined(__APPLE__) -.syntax unified -.thumb -#else -.code 32 -#undef __thumb2__ -#endif - -#if __ARM_ARCH__>=7 -.arch armv7-a -.fpu neon - -.align 5 -.globl _armv7_neon_probe -.type _armv7_neon_probe,%function -_armv7_neon_probe: - vorr q0,q0,q0 - bx lr -.size _armv7_neon_probe,.-_armv7_neon_probe - -.globl _armv8_aes_probe -.type _armv8_aes_probe,%function -_armv8_aes_probe: -#if defined(__thumb2__) && !defined(__APPLE__) -.byte 0xb0,0xff,0x00,0x03 @ aese.8 q0,q0 -#else -.byte 0x00,0x03,0xb0,0xf3 @ aese.8 q0,q0 -#endif - bx lr -.size _armv8_aes_probe,.-_armv8_aes_probe - -.globl _armv8_sha1_probe -.type _armv8_sha1_probe,%function -_armv8_sha1_probe: -#if defined(__thumb2__) && !defined(__APPLE__) -.byte 0x00,0xef,0x40,0x0c @ sha1c.32 q0,q0,q0 -#else -.byte 0x40,0x0c,0x00,0xf2 @ sha1c.32 q0,q0,q0 -#endif - bx lr -.size _armv8_sha1_probe,.-_armv8_sha1_probe - -.globl _armv8_sha256_probe -.type _armv8_sha256_probe,%function -_armv8_sha256_probe: -#if defined(__thumb2__) && !defined(__APPLE__) -.byte 0x00,0xff,0x40,0x0c @ sha256h.32 q0,q0,q0 -#else -.byte 0x40,0x0c,0x00,0xf3 @ sha256h.32 q0,q0,q0 -#endif - bx lr -.size _armv8_sha256_probe,.-_armv8_sha256_probe -.globl _armv8_pmull_probe -.type _armv8_pmull_probe,%function -_armv8_pmull_probe: -#if defined(__thumb2__) && !defined(__APPLE__) -.byte 0xa0,0xef,0x00,0x0e @ vmull.p64 q0,d0,d0 -#else -.byte 0x00,0x0e,0xa0,0xf2 @ vmull.p64 q0,d0,d0 -#endif - bx lr -.size _armv8_pmull_probe,.-_armv8_pmull_probe -#endif - -.comm OPENSSL_armcap_P,4,4 -.hidden OPENSSL_armcap_P diff --git a/src/lib/libcrypto/arch/arm/crypto_arch.h b/src/lib/libcrypto/arch/arm/crypto_arch.h deleted file mode 100644 index 07d7829fe3..0000000000 --- a/src/lib/libcrypto/arch/arm/crypto_arch.h +++ /dev/null @@ -1,39 +0,0 @@ -/* $OpenBSD: crypto_arch.h,v 1.2 2025/02/14 12:01:58 jsing Exp $ */ -/* - * Copyright (c) 2024 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_CRYPTO_ARCH_H -#define HEADER_CRYPTO_ARCH_H - -#ifndef OPENSSL_NO_ASM - -#define HAVE_AES_SET_ENCRYPT_KEY_INTERNAL -#define HAVE_AES_SET_DECRYPT_KEY_INTERNAL -#define HAVE_AES_ENCRYPT_INTERNAL -#define HAVE_AES_DECRYPT_INTERNAL - -#define HAVE_SHA1_BLOCK_DATA_ORDER -#define HAVE_SHA1_BLOCK_GENERIC - -#define HAVE_SHA256_BLOCK_DATA_ORDER -#define HAVE_SHA256_BLOCK_GENERIC - -#define HAVE_SHA512_BLOCK_DATA_ORDER -#define HAVE_SHA512_BLOCK_GENERIC - -#endif - -#endif diff --git a/src/lib/libcrypto/arch/arm/opensslconf.h b/src/lib/libcrypto/arch/arm/opensslconf.h deleted file mode 100644 index a5d26b6fdc..0000000000 --- a/src/lib/libcrypto/arch/arm/opensslconf.h +++ /dev/null @@ -1,154 +0,0 @@ -#include -/* crypto/opensslconf.h.in */ - -#if defined(HEADER_CRYPTO_LOCAL_H) && !defined(OPENSSLDIR) -#define OPENSSLDIR "/etc/ssl" -#endif - -#undef OPENSSL_EXPORT_VAR_AS_FUNCTION - -#ifndef OPENSSL_FILE -#ifdef OPENSSL_NO_FILENAMES -#define OPENSSL_FILE "" -#define OPENSSL_LINE 0 -#else -#define OPENSSL_FILE __FILE__ -#define OPENSSL_LINE __LINE__ -#endif -#endif - -#if defined(HEADER_IDEA_H) && !defined(IDEA_INT) -#define IDEA_INT unsigned int -#endif - -#if defined(HEADER_MD2_H) && !defined(MD2_INT) -#define MD2_INT unsigned int -#endif - -#if defined(HEADER_RC2_H) && !defined(RC2_INT) -/* I need to put in a mod for the alpha - eay */ -#define RC2_INT unsigned int -#endif - -#if defined(HEADER_RC4_H) -#if !defined(RC4_INT) -/* using int types make the structure larger but make the code faster - * on most boxes I have tested - up to %20 faster. */ -/* - * I don't know what does "most" mean, but declaring "int" is a must on: - * - Intel P6 because partial register stalls are very expensive; - * - elder Alpha because it lacks byte load/store instructions; - */ -#define RC4_INT unsigned int -#endif -#if !defined(RC4_CHUNK) -/* - * This enables code handling data aligned at natural CPU word - * boundary. See crypto/rc4/rc4_enc.c for further details. - */ -#undef RC4_CHUNK -#endif -#endif - -#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG) -/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a - * %20 speed up (longs are 8 bytes, int's are 4). */ -#ifndef DES_LONG -#define DES_LONG unsigned int -#endif -#endif - -#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) -#define CONFIG_HEADER_BN_H -#define BN_LLONG - -/* Should we define BN_DIV2W here? */ - -/* Only one for the following should be defined */ -/* The prime number generation stuff may not work when - * EIGHT_BIT but I don't care since I've only used this mode - * for debugging the bignum libraries */ -#undef SIXTY_FOUR_BIT_LONG -#undef SIXTY_FOUR_BIT -#define THIRTY_TWO_BIT -#undef SIXTEEN_BIT -#undef EIGHT_BIT -#endif - -#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) -#define CONFIG_HEADER_BF_LOCL_H -#undef BF_PTR -#endif /* HEADER_BF_LOCL_H */ - -#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H) -#define CONFIG_HEADER_DES_LOCL_H -#ifndef DES_DEFAULT_OPTIONS -/* the following is tweaked from a config script, that is why it is a - * protected undef/define */ -#ifndef DES_PTR -#undef DES_PTR -#endif - -/* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependencies at the expense of 2 more - * registers */ -#ifndef DES_RISC1 -#undef DES_RISC1 -#endif - -#ifndef DES_RISC2 -#undef DES_RISC2 -#endif - -#if defined(DES_RISC1) && defined(DES_RISC2) -YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! -#endif - -/* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very much CPU dependent */ -#ifndef DES_UNROLL -#define DES_UNROLL -#endif - -/* These default values were supplied by - * Peter Gutman - * They are only used if nothing else has been defined */ -#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL) -/* Special defines which change the way the code is built depending on the - CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find - even newer MIPS CPU's, but at the moment one size fits all for - optimization options. Older Sparc's work better with only UNROLL, but - there's no way to tell at compile time what it is you're running on */ - -#if defined( sun ) /* Newer Sparc's */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#elif defined( __ultrix ) /* Older MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined( __osf1__ ) /* Alpha */ -# define DES_PTR -# define DES_RISC2 -#elif defined ( _AIX ) /* RS6000 */ - /* Unknown */ -#elif defined( __hpux ) /* HP-PA */ - /* Unknown */ -#elif defined( __aux ) /* 68K */ - /* Unknown */ -#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ -# define DES_UNROLL -#elif defined( __sgi ) /* Newer MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#endif /* Systems-specific speed defines */ -#endif - -#endif /* DES_DEFAULT_OPTIONS */ -#endif /* HEADER_DES_LOCL_H */ diff --git a/src/lib/libcrypto/arch/hppa/Makefile.inc b/src/lib/libcrypto/arch/hppa/Makefile.inc deleted file mode 100644 index 11bfa4a5d3..0000000000 --- a/src/lib/libcrypto/arch/hppa/Makefile.inc +++ /dev/null @@ -1,24 +0,0 @@ -# $OpenBSD: Makefile.inc,v 1.26 2025/02/14 12:01:58 jsing Exp $ - -# hppa-specific libcrypto build rules - -# aes -CFLAGS+= -DAES_ASM -SSLASM+= aes aes-parisc aes-parisc -# bn -SSLASM+= bn parisc-mont parisc-mont -CFLAGS+= -DOPENSSL_BN_ASM_MONT -DBN_DIV2W -# modes -CFLAGS+= -DGHASH_ASM -SSLASM+= modes ghash-parisc ghash-parisc -# sha -SSLASM+= sha sha1-parisc sha1-parisc -SSLASM+= sha sha512-parisc sha256-parisc - -.for dir src dst in ${SSLASM} -SRCS+= ${dst}.S -GENERATED+=${dst}.S -${dst}.S: ${LCRYPTO_SRC}/${dir}/asm/${src}.pl - /usr/bin/perl \ - ${LCRYPTO_SRC}/${dir}/asm/${src}.pl 32 ${.TARGET} > ${.TARGET} -.endfor diff --git a/src/lib/libcrypto/arch/hppa/crypto_arch.h b/src/lib/libcrypto/arch/hppa/crypto_arch.h deleted file mode 100644 index 08fcaca045..0000000000 --- a/src/lib/libcrypto/arch/hppa/crypto_arch.h +++ /dev/null @@ -1,34 +0,0 @@ -/* $OpenBSD: crypto_arch.h,v 1.2 2025/02/14 12:01:58 jsing Exp $ */ -/* - * Copyright (c) 2024 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_CRYPTO_ARCH_H -#define HEADER_CRYPTO_ARCH_H - -#ifndef OPENSSL_NO_ASM - -#define HAVE_AES_ENCRYPT_INTERNAL -#define HAVE_AES_DECRYPT_INTERNAL - -#define HAVE_SHA1_BLOCK_DATA_ORDER -#define HAVE_SHA1_BLOCK_GENERIC - -#define HAVE_SHA256_BLOCK_DATA_ORDER -#define HAVE_SHA256_BLOCK_GENERIC - -#endif - -#endif diff --git a/src/lib/libcrypto/arch/hppa/opensslconf.h b/src/lib/libcrypto/arch/hppa/opensslconf.h deleted file mode 100644 index a5d26b6fdc..0000000000 --- a/src/lib/libcrypto/arch/hppa/opensslconf.h +++ /dev/null @@ -1,154 +0,0 @@ -#include -/* crypto/opensslconf.h.in */ - -#if defined(HEADER_CRYPTO_LOCAL_H) && !defined(OPENSSLDIR) -#define OPENSSLDIR "/etc/ssl" -#endif - -#undef OPENSSL_EXPORT_VAR_AS_FUNCTION - -#ifndef OPENSSL_FILE -#ifdef OPENSSL_NO_FILENAMES -#define OPENSSL_FILE "" -#define OPENSSL_LINE 0 -#else -#define OPENSSL_FILE __FILE__ -#define OPENSSL_LINE __LINE__ -#endif -#endif - -#if defined(HEADER_IDEA_H) && !defined(IDEA_INT) -#define IDEA_INT unsigned int -#endif - -#if defined(HEADER_MD2_H) && !defined(MD2_INT) -#define MD2_INT unsigned int -#endif - -#if defined(HEADER_RC2_H) && !defined(RC2_INT) -/* I need to put in a mod for the alpha - eay */ -#define RC2_INT unsigned int -#endif - -#if defined(HEADER_RC4_H) -#if !defined(RC4_INT) -/* using int types make the structure larger but make the code faster - * on most boxes I have tested - up to %20 faster. */ -/* - * I don't know what does "most" mean, but declaring "int" is a must on: - * - Intel P6 because partial register stalls are very expensive; - * - elder Alpha because it lacks byte load/store instructions; - */ -#define RC4_INT unsigned int -#endif -#if !defined(RC4_CHUNK) -/* - * This enables code handling data aligned at natural CPU word - * boundary. See crypto/rc4/rc4_enc.c for further details. - */ -#undef RC4_CHUNK -#endif -#endif - -#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG) -/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a - * %20 speed up (longs are 8 bytes, int's are 4). */ -#ifndef DES_LONG -#define DES_LONG unsigned int -#endif -#endif - -#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) -#define CONFIG_HEADER_BN_H -#define BN_LLONG - -/* Should we define BN_DIV2W here? */ - -/* Only one for the following should be defined */ -/* The prime number generation stuff may not work when - * EIGHT_BIT but I don't care since I've only used this mode - * for debugging the bignum libraries */ -#undef SIXTY_FOUR_BIT_LONG -#undef SIXTY_FOUR_BIT -#define THIRTY_TWO_BIT -#undef SIXTEEN_BIT -#undef EIGHT_BIT -#endif - -#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) -#define CONFIG_HEADER_BF_LOCL_H -#undef BF_PTR -#endif /* HEADER_BF_LOCL_H */ - -#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H) -#define CONFIG_HEADER_DES_LOCL_H -#ifndef DES_DEFAULT_OPTIONS -/* the following is tweaked from a config script, that is why it is a - * protected undef/define */ -#ifndef DES_PTR -#undef DES_PTR -#endif - -/* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependencies at the expense of 2 more - * registers */ -#ifndef DES_RISC1 -#undef DES_RISC1 -#endif - -#ifndef DES_RISC2 -#undef DES_RISC2 -#endif - -#if defined(DES_RISC1) && defined(DES_RISC2) -YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! -#endif - -/* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very much CPU dependent */ -#ifndef DES_UNROLL -#define DES_UNROLL -#endif - -/* These default values were supplied by - * Peter Gutman - * They are only used if nothing else has been defined */ -#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL) -/* Special defines which change the way the code is built depending on the - CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find - even newer MIPS CPU's, but at the moment one size fits all for - optimization options. Older Sparc's work better with only UNROLL, but - there's no way to tell at compile time what it is you're running on */ - -#if defined( sun ) /* Newer Sparc's */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#elif defined( __ultrix ) /* Older MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined( __osf1__ ) /* Alpha */ -# define DES_PTR -# define DES_RISC2 -#elif defined ( _AIX ) /* RS6000 */ - /* Unknown */ -#elif defined( __hpux ) /* HP-PA */ - /* Unknown */ -#elif defined( __aux ) /* 68K */ - /* Unknown */ -#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ -# define DES_UNROLL -#elif defined( __sgi ) /* Newer MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#endif /* Systems-specific speed defines */ -#endif - -#endif /* DES_DEFAULT_OPTIONS */ -#endif /* HEADER_DES_LOCL_H */ diff --git a/src/lib/libcrypto/arch/i386/Makefile.inc b/src/lib/libcrypto/arch/i386/Makefile.inc deleted file mode 100644 index 6989b35686..0000000000 --- a/src/lib/libcrypto/arch/i386/Makefile.inc +++ /dev/null @@ -1,42 +0,0 @@ -# $OpenBSD: Makefile.inc,v 1.27 2025/02/14 12:01:58 jsing Exp $ - -# i386-specific libcrypto build rules - -# all i386 code generators use these -EXTRA_PL = ${LCRYPTO_SRC}/perlasm/x86gas.pl ${LCRYPTO_SRC}/perlasm/x86asm.pl - -SRCS += crypto_cpu_caps.c - -# aes -CFLAGS+= -DAES_ASM -SSLASM+= aes aes-586 -CFLAGS+= -DVPAES_ASM -SSLASM+= aes vpaes-x86 -SSLASM+= aes aesni-x86 -# bn -CFLAGS+= -DOPENSSL_IA32_SSE2 -SSLASM+= bn bn-586 -SSLASM+= bn co-586 -CFLAGS+= -DOPENSSL_BN_ASM_MONT -SSLASM+= bn x86-mont -# md5 -CFLAGS+= -DMD5_ASM -SSLASM+= md5 md5-586 -# modes -CFLAGS+= -DGHASH_ASM -SSLASM+= modes ghash-x86 -# rc4 -SSLASM+= rc4 rc4-586 -# sha -SSLASM+= sha sha1-586 -SSLASM+= sha sha256-586 -SSLASM+= sha sha512-586 - -.for dir f in ${SSLASM} -SRCS+= ${f}.S -GENERATED+=${f}.S -${f}.S: ${LCRYPTO_SRC}/${dir}/asm/${f}.pl ${EXTRA_PL} - /usr/bin/perl -I${LCRYPTO_SRC}/perlasm -I${LCRYPTO_SRC}/${dir}/asm \ - ${LCRYPTO_SRC}/${dir}/asm/${f}.pl \ - openbsd-elf ${CFLAGS} 386 ${PICFLAG} > ${.TARGET} -.endfor diff --git a/src/lib/libcrypto/arch/i386/crypto_arch.h b/src/lib/libcrypto/arch/i386/crypto_arch.h deleted file mode 100644 index 3df3963d0b..0000000000 --- a/src/lib/libcrypto/arch/i386/crypto_arch.h +++ /dev/null @@ -1,46 +0,0 @@ -/* $OpenBSD: crypto_arch.h,v 1.4 2025/02/14 12:01:58 jsing Exp $ */ -/* - * Copyright (c) 2024 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_CRYPTO_ARCH_H -#define HEADER_CRYPTO_ARCH_H - -#define HAVE_CRYPTO_CPU_CAPS_INIT -#define HAVE_CRYPTO_CPU_CAPS_IA32 - -#ifndef OPENSSL_NO_ASM - -#define HAVE_AES_CBC_ENCRYPT_INTERNAL -#define HAVE_AES_SET_ENCRYPT_KEY_INTERNAL -#define HAVE_AES_SET_DECRYPT_KEY_INTERNAL -#define HAVE_AES_ENCRYPT_INTERNAL -#define HAVE_AES_DECRYPT_INTERNAL - -#define HAVE_RC4_INTERNAL -#define HAVE_RC4_SET_KEY_INTERNAL - -#define HAVE_SHA1_BLOCK_DATA_ORDER -#define HAVE_SHA1_BLOCK_GENERIC - -#define HAVE_SHA256_BLOCK_DATA_ORDER -#define HAVE_SHA256_BLOCK_GENERIC - -#define HAVE_SHA512_BLOCK_DATA_ORDER -#define HAVE_SHA512_BLOCK_GENERIC - -#endif - -#endif diff --git a/src/lib/libcrypto/arch/i386/crypto_cpu_caps.c b/src/lib/libcrypto/arch/i386/crypto_cpu_caps.c deleted file mode 100644 index 6bb77411af..0000000000 --- a/src/lib/libcrypto/arch/i386/crypto_cpu_caps.c +++ /dev/null @@ -1,120 +0,0 @@ -/* $OpenBSD: crypto_cpu_caps.c,v 1.3 2024/11/12 13:14:57 jsing Exp $ */ -/* - * Copyright (c) 2024 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include - -#include "x86_arch.h" - -/* Legacy architecture specific capabilities, used by perlasm. */ -uint64_t OPENSSL_ia32cap_P; - -/* Machine independent CPU capabilities. */ -extern uint64_t crypto_cpu_caps; - -static inline void -cpuid(uint32_t eax, uint32_t *out_eax, uint32_t *out_ebx, uint32_t *out_ecx, - uint32_t *out_edx) -{ - uint32_t ebx = 0, ecx = 0, edx = 0; - -#ifndef OPENSSL_NO_ASM - __asm__ ("cpuid": "+a"(eax), "+b"(ebx), "+c"(ecx), "+d"(edx)); -#else - eax = 0; -#endif - - if (out_eax != NULL) - *out_eax = eax; - if (out_ebx != NULL) - *out_ebx = ebx; - if (out_ecx != NULL) - *out_ecx = ecx; - if (out_edx != NULL) - *out_edx = edx; -} - -static inline void -xgetbv(uint32_t ecx, uint32_t *out_eax, uint32_t *out_edx) -{ - uint32_t eax = 0, edx = 0; - -#ifndef OPENSSL_NO_ASM - __asm__ ("xgetbv": "+a"(eax), "+c"(ecx), "+d"(edx)); -#endif - - if (out_eax != NULL) - *out_eax = eax; - if (out_edx != NULL) - *out_edx = edx; -} - -void -crypto_cpu_caps_init(void) -{ - uint32_t eax, ebx, ecx, edx; - uint64_t caps = 0; - - cpuid(0, &eax, &ebx, &ecx, &edx); - - /* "GenuineIntel" in little endian. */ - if (ebx == 0x756e6547 && edx == 0x49656e69 && ecx == 0x6c65746e) - caps |= CPUCAP_MASK_INTEL; - - if (eax < 1) - return; - - cpuid(1, &eax, &ebx, &ecx, &edx); - - if ((edx & IA32CAP_MASK0_FXSR) != 0) - caps |= CPUCAP_MASK_FXSR; - if ((edx & IA32CAP_MASK0_HT) != 0) - caps |= CPUCAP_MASK_HT; - if ((edx & IA32CAP_MASK0_MMX) != 0) - caps |= CPUCAP_MASK_MMX; - if ((edx & IA32CAP_MASK0_SSE) != 0) - caps |= CPUCAP_MASK_SSE; - if ((edx & IA32CAP_MASK0_SSE2) != 0) - caps |= CPUCAP_MASK_SSE2; - - if ((ecx & IA32CAP_MASK1_AESNI) != 0) - caps |= CPUCAP_MASK_AESNI; - if ((ecx & IA32CAP_MASK1_PCLMUL) != 0) - caps |= CPUCAP_MASK_PCLMUL; - if ((ecx & IA32CAP_MASK1_SSSE3) != 0) - caps |= CPUCAP_MASK_SSSE3; - - /* AVX requires OSXSAVE and XMM/YMM state to be enabled. */ - if ((ecx & IA32CAP_MASK1_OSXSAVE) != 0) { - xgetbv(0, &eax, NULL); - if (((eax >> 1) & 3) == 3 && (ecx & IA32CAP_MASK1_AVX) != 0) - caps |= CPUCAP_MASK_AVX; - } - - /* Set machine independent CPU capabilities. */ - if ((caps & CPUCAP_MASK_AESNI) != 0) - crypto_cpu_caps |= CRYPTO_CPU_CAPS_ACCELERATED_AES; - - OPENSSL_ia32cap_P = caps; -} - -uint64_t -crypto_cpu_caps_ia32(void) -{ - return OPENSSL_ia32cap_P; -} diff --git a/src/lib/libcrypto/arch/i386/opensslconf.h b/src/lib/libcrypto/arch/i386/opensslconf.h deleted file mode 100644 index 03cf31b940..0000000000 --- a/src/lib/libcrypto/arch/i386/opensslconf.h +++ /dev/null @@ -1,154 +0,0 @@ -#include -/* crypto/opensslconf.h.in */ - -#if defined(HEADER_CRYPTO_LOCAL_H) && !defined(OPENSSLDIR) -#define OPENSSLDIR "/etc/ssl" -#endif - -#undef OPENSSL_EXPORT_VAR_AS_FUNCTION - -#ifndef OPENSSL_FILE -#ifdef OPENSSL_NO_FILENAMES -#define OPENSSL_FILE "" -#define OPENSSL_LINE 0 -#else -#define OPENSSL_FILE __FILE__ -#define OPENSSL_LINE __LINE__ -#endif -#endif - -#if defined(HEADER_IDEA_H) && !defined(IDEA_INT) -#define IDEA_INT unsigned int -#endif - -#if defined(HEADER_MD2_H) && !defined(MD2_INT) -#define MD2_INT unsigned int -#endif - -#if defined(HEADER_RC2_H) && !defined(RC2_INT) -/* I need to put in a mod for the alpha - eay */ -#define RC2_INT unsigned int -#endif - -#if defined(HEADER_RC4_H) -#if !defined(RC4_INT) -/* using int types make the structure larger but make the code faster - * on most boxes I have tested - up to %20 faster. */ -/* - * I don't know what does "most" mean, but declaring "int" is a must on: - * - Intel P6 because partial register stalls are very expensive; - * - elder Alpha because it lacks byte load/store instructions; - */ -#define RC4_INT unsigned int -#endif -#if !defined(RC4_CHUNK) -/* - * This enables code handling data aligned at natural CPU word - * boundary. See crypto/rc4/rc4_enc.c for further details. - */ -#undef RC4_CHUNK -#endif -#endif - -#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG) -/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a - * %20 speed up (longs are 8 bytes, int's are 4). */ -#ifndef DES_LONG -#define DES_LONG unsigned long -#endif -#endif - -#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) -#define CONFIG_HEADER_BN_H -#define BN_LLONG - -/* Should we define BN_DIV2W here? */ - -/* Only one for the following should be defined */ -/* The prime number generation stuff may not work when - * EIGHT_BIT but I don't care since I've only used this mode - * for debugging the bignum libraries */ -#undef SIXTY_FOUR_BIT_LONG -#undef SIXTY_FOUR_BIT -#define THIRTY_TWO_BIT -#undef SIXTEEN_BIT -#undef EIGHT_BIT -#endif - -#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) -#define CONFIG_HEADER_BF_LOCL_H -#undef BF_PTR -#endif /* HEADER_BF_LOCL_H */ - -#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H) -#define CONFIG_HEADER_DES_LOCL_H -#ifndef DES_DEFAULT_OPTIONS -/* the following is tweaked from a config script, that is why it is a - * protected undef/define */ -#ifndef DES_PTR -#define DES_PTR -#endif - -/* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependencies at the expense of 2 more - * registers */ -#ifndef DES_RISC1 -#define DES_RISC1 -#endif - -#ifndef DES_RISC2 -#undef DES_RISC2 -#endif - -#if defined(DES_RISC1) && defined(DES_RISC2) -YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! -#endif - -/* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very much CPU dependent */ -#ifndef DES_UNROLL -#define DES_UNROLL -#endif - -/* These default values were supplied by - * Peter Gutman - * They are only used if nothing else has been defined */ -#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL) -/* Special defines which change the way the code is built depending on the - CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find - even newer MIPS CPU's, but at the moment one size fits all for - optimization options. Older Sparc's work better with only UNROLL, but - there's no way to tell at compile time what it is you're running on */ - -#if defined( sun ) /* Newer Sparc's */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#elif defined( __ultrix ) /* Older MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined( __osf1__ ) /* Alpha */ -# define DES_PTR -# define DES_RISC2 -#elif defined ( _AIX ) /* RS6000 */ - /* Unknown */ -#elif defined( __hpux ) /* HP-PA */ - /* Unknown */ -#elif defined( __aux ) /* 68K */ - /* Unknown */ -#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ -# define DES_UNROLL -#elif defined( __sgi ) /* Newer MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#endif /* Systems-specific speed defines */ -#endif - -#endif /* DES_DEFAULT_OPTIONS */ -#endif /* HEADER_DES_LOCL_H */ diff --git a/src/lib/libcrypto/arch/m88k/crypto_arch.h b/src/lib/libcrypto/arch/m88k/crypto_arch.h deleted file mode 100644 index a3dd98d0ce..0000000000 --- a/src/lib/libcrypto/arch/m88k/crypto_arch.h +++ /dev/null @@ -1,21 +0,0 @@ -/* $OpenBSD: crypto_arch.h,v 1.1 2024/08/11 13:02:39 jsing Exp $ */ -/* - * Copyright (c) 2024 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_CRYPTO_ARCH_H -#define HEADER_CRYPTO_ARCH_H - -#endif diff --git a/src/lib/libcrypto/arch/m88k/opensslconf.h b/src/lib/libcrypto/arch/m88k/opensslconf.h deleted file mode 100644 index a5d26b6fdc..0000000000 --- a/src/lib/libcrypto/arch/m88k/opensslconf.h +++ /dev/null @@ -1,154 +0,0 @@ -#include -/* crypto/opensslconf.h.in */ - -#if defined(HEADER_CRYPTO_LOCAL_H) && !defined(OPENSSLDIR) -#define OPENSSLDIR "/etc/ssl" -#endif - -#undef OPENSSL_EXPORT_VAR_AS_FUNCTION - -#ifndef OPENSSL_FILE -#ifdef OPENSSL_NO_FILENAMES -#define OPENSSL_FILE "" -#define OPENSSL_LINE 0 -#else -#define OPENSSL_FILE __FILE__ -#define OPENSSL_LINE __LINE__ -#endif -#endif - -#if defined(HEADER_IDEA_H) && !defined(IDEA_INT) -#define IDEA_INT unsigned int -#endif - -#if defined(HEADER_MD2_H) && !defined(MD2_INT) -#define MD2_INT unsigned int -#endif - -#if defined(HEADER_RC2_H) && !defined(RC2_INT) -/* I need to put in a mod for the alpha - eay */ -#define RC2_INT unsigned int -#endif - -#if defined(HEADER_RC4_H) -#if !defined(RC4_INT) -/* using int types make the structure larger but make the code faster - * on most boxes I have tested - up to %20 faster. */ -/* - * I don't know what does "most" mean, but declaring "int" is a must on: - * - Intel P6 because partial register stalls are very expensive; - * - elder Alpha because it lacks byte load/store instructions; - */ -#define RC4_INT unsigned int -#endif -#if !defined(RC4_CHUNK) -/* - * This enables code handling data aligned at natural CPU word - * boundary. See crypto/rc4/rc4_enc.c for further details. - */ -#undef RC4_CHUNK -#endif -#endif - -#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG) -/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a - * %20 speed up (longs are 8 bytes, int's are 4). */ -#ifndef DES_LONG -#define DES_LONG unsigned int -#endif -#endif - -#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) -#define CONFIG_HEADER_BN_H -#define BN_LLONG - -/* Should we define BN_DIV2W here? */ - -/* Only one for the following should be defined */ -/* The prime number generation stuff may not work when - * EIGHT_BIT but I don't care since I've only used this mode - * for debugging the bignum libraries */ -#undef SIXTY_FOUR_BIT_LONG -#undef SIXTY_FOUR_BIT -#define THIRTY_TWO_BIT -#undef SIXTEEN_BIT -#undef EIGHT_BIT -#endif - -#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) -#define CONFIG_HEADER_BF_LOCL_H -#undef BF_PTR -#endif /* HEADER_BF_LOCL_H */ - -#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H) -#define CONFIG_HEADER_DES_LOCL_H -#ifndef DES_DEFAULT_OPTIONS -/* the following is tweaked from a config script, that is why it is a - * protected undef/define */ -#ifndef DES_PTR -#undef DES_PTR -#endif - -/* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependencies at the expense of 2 more - * registers */ -#ifndef DES_RISC1 -#undef DES_RISC1 -#endif - -#ifndef DES_RISC2 -#undef DES_RISC2 -#endif - -#if defined(DES_RISC1) && defined(DES_RISC2) -YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! -#endif - -/* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very much CPU dependent */ -#ifndef DES_UNROLL -#define DES_UNROLL -#endif - -/* These default values were supplied by - * Peter Gutman - * They are only used if nothing else has been defined */ -#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL) -/* Special defines which change the way the code is built depending on the - CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find - even newer MIPS CPU's, but at the moment one size fits all for - optimization options. Older Sparc's work better with only UNROLL, but - there's no way to tell at compile time what it is you're running on */ - -#if defined( sun ) /* Newer Sparc's */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#elif defined( __ultrix ) /* Older MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined( __osf1__ ) /* Alpha */ -# define DES_PTR -# define DES_RISC2 -#elif defined ( _AIX ) /* RS6000 */ - /* Unknown */ -#elif defined( __hpux ) /* HP-PA */ - /* Unknown */ -#elif defined( __aux ) /* 68K */ - /* Unknown */ -#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ -# define DES_UNROLL -#elif defined( __sgi ) /* Newer MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#endif /* Systems-specific speed defines */ -#endif - -#endif /* DES_DEFAULT_OPTIONS */ -#endif /* HEADER_DES_LOCL_H */ diff --git a/src/lib/libcrypto/arch/mips64/Makefile.inc b/src/lib/libcrypto/arch/mips64/Makefile.inc deleted file mode 100644 index 64e806289d..0000000000 --- a/src/lib/libcrypto/arch/mips64/Makefile.inc +++ /dev/null @@ -1,23 +0,0 @@ -# $OpenBSD: Makefile.inc,v 1.19 2025/02/14 12:01:58 jsing Exp $ - -# mips64-specific libcrypto build rules - -# aes -CFLAGS+= -DAES_ASM -SSLASM+= aes aes-mips aes-mips -# bn -SSLASM+= bn mips bn-mips -SSLASM+= bn mips-mont mips-mont -CFLAGS+= -DOPENSSL_BN_ASM_MONT -# sha -SSLASM+= sha sha1-mips sha1-mips -SSLASM+= sha sha512-mips sha256-mips -SSLASM+= sha sha512-mips sha512-mips - -.for dir src dst in ${SSLASM} -SRCS+= ${dst}.S -GENERATED+=${dst}.S -${dst}.S: ${LCRYPTO_SRC}/${dir}/asm/${src}.pl - /usr/bin/env CC=${CC} /usr/bin/perl \ - ${LCRYPTO_SRC}/${dir}/asm/${src}.pl 64 ${.TARGET} > ${.TARGET} -.endfor diff --git a/src/lib/libcrypto/arch/mips64/crypto_arch.h b/src/lib/libcrypto/arch/mips64/crypto_arch.h deleted file mode 100644 index 07d7829fe3..0000000000 --- a/src/lib/libcrypto/arch/mips64/crypto_arch.h +++ /dev/null @@ -1,39 +0,0 @@ -/* $OpenBSD: crypto_arch.h,v 1.2 2025/02/14 12:01:58 jsing Exp $ */ -/* - * Copyright (c) 2024 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_CRYPTO_ARCH_H -#define HEADER_CRYPTO_ARCH_H - -#ifndef OPENSSL_NO_ASM - -#define HAVE_AES_SET_ENCRYPT_KEY_INTERNAL -#define HAVE_AES_SET_DECRYPT_KEY_INTERNAL -#define HAVE_AES_ENCRYPT_INTERNAL -#define HAVE_AES_DECRYPT_INTERNAL - -#define HAVE_SHA1_BLOCK_DATA_ORDER -#define HAVE_SHA1_BLOCK_GENERIC - -#define HAVE_SHA256_BLOCK_DATA_ORDER -#define HAVE_SHA256_BLOCK_GENERIC - -#define HAVE_SHA512_BLOCK_DATA_ORDER -#define HAVE_SHA512_BLOCK_GENERIC - -#endif - -#endif diff --git a/src/lib/libcrypto/arch/mips64/opensslconf.h b/src/lib/libcrypto/arch/mips64/opensslconf.h deleted file mode 100644 index 36cdd2840b..0000000000 --- a/src/lib/libcrypto/arch/mips64/opensslconf.h +++ /dev/null @@ -1,154 +0,0 @@ -#include -/* crypto/opensslconf.h.in */ - -#if defined(HEADER_CRYPTO_LOCAL_H) && !defined(OPENSSLDIR) -#define OPENSSLDIR "/etc/ssl" -#endif - -#undef OPENSSL_EXPORT_VAR_AS_FUNCTION - -#ifndef OPENSSL_FILE -#ifdef OPENSSL_NO_FILENAMES -#define OPENSSL_FILE "" -#define OPENSSL_LINE 0 -#else -#define OPENSSL_FILE __FILE__ -#define OPENSSL_LINE __LINE__ -#endif -#endif - -#if defined(HEADER_IDEA_H) && !defined(IDEA_INT) -#define IDEA_INT unsigned int -#endif - -#if defined(HEADER_MD2_H) && !defined(MD2_INT) -#define MD2_INT unsigned int -#endif - -#if defined(HEADER_RC2_H) && !defined(RC2_INT) -/* I need to put in a mod for the alpha - eay */ -#define RC2_INT unsigned int -#endif - -#if defined(HEADER_RC4_H) -#if !defined(RC4_INT) -/* using int types make the structure larger but make the code faster - * on most boxes I have tested - up to %20 faster. */ -/* - * I don't know what does "most" mean, but declaring "int" is a must on: - * - Intel P6 because partial register stalls are very expensive; - * - elder Alpha because it lacks byte load/store instructions; - */ -#define RC4_INT unsigned int -#endif -#if !defined(RC4_CHUNK) -/* - * This enables code handling data aligned at natural CPU word - * boundary. See crypto/rc4/rc4_enc.c for further details. - */ -#define RC4_CHUNK unsigned long -#endif -#endif - -#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG) -/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a - * %20 speed up (longs are 8 bytes, int's are 4). */ -#ifndef DES_LONG -#define DES_LONG unsigned int -#endif -#endif - -#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) -#define CONFIG_HEADER_BN_H -#undef BN_LLONG - -/* Should we define BN_DIV2W here? */ - -/* Only one for the following should be defined */ -/* The prime number generation stuff may not work when - * EIGHT_BIT but I don't care since I've only used this mode - * for debugging the bignum libraries */ -#define SIXTY_FOUR_BIT_LONG -#undef SIXTY_FOUR_BIT -#undef THIRTY_TWO_BIT -#undef SIXTEEN_BIT -#undef EIGHT_BIT -#endif - -#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) -#define CONFIG_HEADER_BF_LOCL_H -#define BF_PTR -#endif /* HEADER_BF_LOCL_H */ - -#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H) -#define CONFIG_HEADER_DES_LOCL_H -#ifndef DES_DEFAULT_OPTIONS -/* the following is tweaked from a config script, that is why it is a - * protected undef/define */ -#ifndef DES_PTR -#define DES_PTR -#endif - -/* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependencies at the expense of 2 more - * registers */ -#ifndef DES_RISC1 -#undef DES_RISC1 -#endif - -#ifndef DES_RISC2 -#define DES_RISC2 -#endif - -#if defined(DES_RISC1) && defined(DES_RISC2) -YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! -#endif - -/* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very much CPU dependent */ -#ifndef DES_UNROLL -#undef DES_UNROLL -#endif - -/* These default values were supplied by - * Peter Gutman - * They are only used if nothing else has been defined */ -#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL) -/* Special defines which change the way the code is built depending on the - CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find - even newer MIPS CPU's, but at the moment one size fits all for - optimization options. Older Sparc's work better with only UNROLL, but - there's no way to tell at compile time what it is you're running on */ - -#if defined( sun ) /* Newer Sparc's */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#elif defined( __ultrix ) /* Older MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined( __osf1__ ) /* Alpha */ -# define DES_PTR -# define DES_RISC2 -#elif defined ( _AIX ) /* RS6000 */ - /* Unknown */ -#elif defined( __hpux ) /* HP-PA */ - /* Unknown */ -#elif defined( __aux ) /* 68K */ - /* Unknown */ -#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ -# define DES_UNROLL -#elif defined( __sgi ) /* Newer MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#endif /* Systems-specific speed defines */ -#endif - -#endif /* DES_DEFAULT_OPTIONS */ -#endif /* HEADER_DES_LOCL_H */ diff --git a/src/lib/libcrypto/arch/powerpc/Makefile.inc b/src/lib/libcrypto/arch/powerpc/Makefile.inc deleted file mode 100644 index c5218e53f4..0000000000 --- a/src/lib/libcrypto/arch/powerpc/Makefile.inc +++ /dev/null @@ -1,22 +0,0 @@ -# $OpenBSD: Makefile.inc,v 1.14 2025/02/14 12:01:58 jsing Exp $ - -# powerpc-specific libcrypto build rules - -# slower than C code -#CFLAGS+= -DAES_ASM -#SSLASM+= aes aes-ppc aes-ppc -# bn -SSLASM+= bn ppc bn-ppc -SSLASM+= bn ppc-mont ppc-mont -CFLAGS+= -DOPENSSL_BN_ASM_MONT -# sha -SSLASM+= sha sha1-ppc sha1-ppc -SSLASM+= sha sha512-ppc sha256-ppc - -.for dir src dst in ${SSLASM} -SRCS+= ${dst}.S -GENERATED+=${dst}.S -${dst}.S: ${LCRYPTO_SRC}/${dir}/asm/${src}.pl - /usr/bin/perl \ - ${LCRYPTO_SRC}/${dir}/asm/${src}.pl linux32 ${.TARGET} > ${.TARGET} -.endfor diff --git a/src/lib/libcrypto/arch/powerpc/crypto_arch.h b/src/lib/libcrypto/arch/powerpc/crypto_arch.h deleted file mode 100644 index d2730af0fb..0000000000 --- a/src/lib/libcrypto/arch/powerpc/crypto_arch.h +++ /dev/null @@ -1,31 +0,0 @@ -/* $OpenBSD: crypto_arch.h,v 1.2 2025/02/14 12:01:58 jsing Exp $ */ -/* - * Copyright (c) 2024 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_CRYPTO_ARCH_H -#define HEADER_CRYPTO_ARCH_H - -#ifndef OPENSSL_NO_ASM - -#define HAVE_SHA1_BLOCK_DATA_ORDER -#define HAVE_SHA1_BLOCK_GENERIC - -#define HAVE_SHA256_BLOCK_DATA_ORDER -#define HAVE_SHA256_BLOCK_GENERIC - -#endif - -#endif diff --git a/src/lib/libcrypto/arch/powerpc/opensslconf.h b/src/lib/libcrypto/arch/powerpc/opensslconf.h deleted file mode 100644 index a5d26b6fdc..0000000000 --- a/src/lib/libcrypto/arch/powerpc/opensslconf.h +++ /dev/null @@ -1,154 +0,0 @@ -#include -/* crypto/opensslconf.h.in */ - -#if defined(HEADER_CRYPTO_LOCAL_H) && !defined(OPENSSLDIR) -#define OPENSSLDIR "/etc/ssl" -#endif - -#undef OPENSSL_EXPORT_VAR_AS_FUNCTION - -#ifndef OPENSSL_FILE -#ifdef OPENSSL_NO_FILENAMES -#define OPENSSL_FILE "" -#define OPENSSL_LINE 0 -#else -#define OPENSSL_FILE __FILE__ -#define OPENSSL_LINE __LINE__ -#endif -#endif - -#if defined(HEADER_IDEA_H) && !defined(IDEA_INT) -#define IDEA_INT unsigned int -#endif - -#if defined(HEADER_MD2_H) && !defined(MD2_INT) -#define MD2_INT unsigned int -#endif - -#if defined(HEADER_RC2_H) && !defined(RC2_INT) -/* I need to put in a mod for the alpha - eay */ -#define RC2_INT unsigned int -#endif - -#if defined(HEADER_RC4_H) -#if !defined(RC4_INT) -/* using int types make the structure larger but make the code faster - * on most boxes I have tested - up to %20 faster. */ -/* - * I don't know what does "most" mean, but declaring "int" is a must on: - * - Intel P6 because partial register stalls are very expensive; - * - elder Alpha because it lacks byte load/store instructions; - */ -#define RC4_INT unsigned int -#endif -#if !defined(RC4_CHUNK) -/* - * This enables code handling data aligned at natural CPU word - * boundary. See crypto/rc4/rc4_enc.c for further details. - */ -#undef RC4_CHUNK -#endif -#endif - -#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG) -/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a - * %20 speed up (longs are 8 bytes, int's are 4). */ -#ifndef DES_LONG -#define DES_LONG unsigned int -#endif -#endif - -#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) -#define CONFIG_HEADER_BN_H -#define BN_LLONG - -/* Should we define BN_DIV2W here? */ - -/* Only one for the following should be defined */ -/* The prime number generation stuff may not work when - * EIGHT_BIT but I don't care since I've only used this mode - * for debugging the bignum libraries */ -#undef SIXTY_FOUR_BIT_LONG -#undef SIXTY_FOUR_BIT -#define THIRTY_TWO_BIT -#undef SIXTEEN_BIT -#undef EIGHT_BIT -#endif - -#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) -#define CONFIG_HEADER_BF_LOCL_H -#undef BF_PTR -#endif /* HEADER_BF_LOCL_H */ - -#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H) -#define CONFIG_HEADER_DES_LOCL_H -#ifndef DES_DEFAULT_OPTIONS -/* the following is tweaked from a config script, that is why it is a - * protected undef/define */ -#ifndef DES_PTR -#undef DES_PTR -#endif - -/* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependencies at the expense of 2 more - * registers */ -#ifndef DES_RISC1 -#undef DES_RISC1 -#endif - -#ifndef DES_RISC2 -#undef DES_RISC2 -#endif - -#if defined(DES_RISC1) && defined(DES_RISC2) -YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! -#endif - -/* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very much CPU dependent */ -#ifndef DES_UNROLL -#define DES_UNROLL -#endif - -/* These default values were supplied by - * Peter Gutman - * They are only used if nothing else has been defined */ -#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL) -/* Special defines which change the way the code is built depending on the - CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find - even newer MIPS CPU's, but at the moment one size fits all for - optimization options. Older Sparc's work better with only UNROLL, but - there's no way to tell at compile time what it is you're running on */ - -#if defined( sun ) /* Newer Sparc's */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#elif defined( __ultrix ) /* Older MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined( __osf1__ ) /* Alpha */ -# define DES_PTR -# define DES_RISC2 -#elif defined ( _AIX ) /* RS6000 */ - /* Unknown */ -#elif defined( __hpux ) /* HP-PA */ - /* Unknown */ -#elif defined( __aux ) /* 68K */ - /* Unknown */ -#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ -# define DES_UNROLL -#elif defined( __sgi ) /* Newer MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#endif /* Systems-specific speed defines */ -#endif - -#endif /* DES_DEFAULT_OPTIONS */ -#endif /* HEADER_DES_LOCL_H */ diff --git a/src/lib/libcrypto/arch/powerpc64/Makefile.inc b/src/lib/libcrypto/arch/powerpc64/Makefile.inc deleted file mode 100644 index c309ab8b40..0000000000 --- a/src/lib/libcrypto/arch/powerpc64/Makefile.inc +++ /dev/null @@ -1,22 +0,0 @@ -# $OpenBSD: Makefile.inc,v 1.16 2025/02/14 12:01:58 jsing Exp $ - -# powerpc-specific libcrypto build rules - -# slower than C code -#CFLAGS+= -DAES_ASM -#SSLASM+= aes aes-ppc aes-ppc -# bn -#SSLASM+= bn ppc bn-ppc -#SSLASM+= bn ppc-mont ppc-mont -#CFLAGS+= -DOPENSSL_BN_ASM_MONT -# sha -#SSLASM+= sha sha1-ppc sha1-ppc -#SSLASM+= sha sha512-ppc sha256-ppc - -.for dir src dst in ${SSLASM} -SRCS+= ${dst}.S -GENERATED+=${dst}.S -${dst}.S: ${LCRYPTO_SRC}/${dir}/asm/${src}.pl - /usr/bin/perl \ - ${LCRYPTO_SRC}/${dir}/asm/${src}.pl linux32 ${.TARGET} > ${.TARGET} -.endfor diff --git a/src/lib/libcrypto/arch/powerpc64/crypto_arch.h b/src/lib/libcrypto/arch/powerpc64/crypto_arch.h deleted file mode 100644 index a3dd98d0ce..0000000000 --- a/src/lib/libcrypto/arch/powerpc64/crypto_arch.h +++ /dev/null @@ -1,21 +0,0 @@ -/* $OpenBSD: crypto_arch.h,v 1.1 2024/08/11 13:02:39 jsing Exp $ */ -/* - * Copyright (c) 2024 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_CRYPTO_ARCH_H -#define HEADER_CRYPTO_ARCH_H - -#endif diff --git a/src/lib/libcrypto/arch/powerpc64/opensslconf.h b/src/lib/libcrypto/arch/powerpc64/opensslconf.h deleted file mode 100644 index cc193762f1..0000000000 --- a/src/lib/libcrypto/arch/powerpc64/opensslconf.h +++ /dev/null @@ -1,149 +0,0 @@ -#include -/* crypto/opensslconf.h.in */ - -#if defined(HEADER_CRYPTO_LOCAL_H) && !defined(OPENSSLDIR) -#define OPENSSLDIR "/etc/ssl" -#endif - -#undef OPENSSL_EXPORT_VAR_AS_FUNCTION - -#ifndef OPENSSL_FILE -#ifdef OPENSSL_NO_FILENAMES -#define OPENSSL_FILE "" -#define OPENSSL_LINE 0 -#else -#define OPENSSL_FILE __FILE__ -#define OPENSSL_LINE __LINE__ -#endif -#endif - -#if defined(HEADER_IDEA_H) && !defined(IDEA_INT) -#define IDEA_INT unsigned int -#endif - -#if defined(HEADER_MD2_H) && !defined(MD2_INT) -#define MD2_INT unsigned int -#endif - -#if defined(HEADER_RC2_H) && !defined(RC2_INT) -/* I need to put in a mod for the alpha - eay */ -#define RC2_INT unsigned int -#endif - -#if defined(HEADER_RC4_H) -#if !defined(RC4_INT) -/* using int types make the structure larger but make the code faster - * on most boxes I have tested - up to %20 faster. */ -/* - * I don't know what does "most" mean, but declaring "int" is a must on: - * - Intel P6 because partial register stalls are very expensive; - * - elder Alpha because it lacks byte load/store instructions; - */ -#define RC4_INT unsigned int -#endif -#if !defined(RC4_CHUNK) -/* - * This enables code handling data aligned at natural CPU word - * boundary. See crypto/rc4/rc4_enc.c for further details. - */ -#define RC4_CHUNK unsigned long -#endif -#endif - -#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG) -/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a - * %20 speed up (longs are 8 bytes, int's are 4). */ -#ifndef DES_LONG -#define DES_LONG unsigned int -#endif -#endif - -#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) -#define CONFIG_HEADER_BN_H -#undef BN_LLONG - -/* Should we define BN_DIV2W here? */ - -/* Only one for the following should be defined */ -#define SIXTY_FOUR_BIT_LONG -#undef SIXTY_FOUR_BIT -#undef THIRTY_TWO_BIT -#endif - -#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) -#define CONFIG_HEADER_BF_LOCL_H -#undef BF_PTR -#endif /* HEADER_BF_LOCL_H */ - -#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H) -#define CONFIG_HEADER_DES_LOCL_H -#ifndef DES_DEFAULT_OPTIONS -/* the following is tweaked from a config script, that is why it is a - * protected undef/define */ -#ifndef DES_PTR -#undef DES_PTR -#endif - -/* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependencies at the expense of 2 more - * registers */ -#ifndef DES_RISC1 -#undef DES_RISC1 -#endif - -#ifndef DES_RISC2 -#undef DES_RISC2 -#endif - -#if defined(DES_RISC1) && defined(DES_RISC2) -YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! -#endif - -/* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very much CPU dependent */ -#ifndef DES_UNROLL -#define DES_UNROLL -#endif - -/* These default values were supplied by - * Peter Gutman - * They are only used if nothing else has been defined */ -#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL) -/* Special defines which change the way the code is built depending on the - CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find - even newer MIPS CPU's, but at the moment one size fits all for - optimization options. Older Sparc's work better with only UNROLL, but - there's no way to tell at compile time what it is you're running on */ - -#if defined( sun ) /* Newer Sparc's */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#elif defined( __ultrix ) /* Older MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined( __osf1__ ) /* Alpha */ -# define DES_PTR -# define DES_RISC2 -#elif defined ( _AIX ) /* RS6000 */ - /* Unknown */ -#elif defined( __hpux ) /* HP-PA */ - /* Unknown */ -#elif defined( __aux ) /* 68K */ - /* Unknown */ -#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ -# define DES_UNROLL -#elif defined( __sgi ) /* Newer MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#endif /* Systems-specific speed defines */ -#endif - -#endif /* DES_DEFAULT_OPTIONS */ -#endif /* HEADER_DES_LOCL_H */ diff --git a/src/lib/libcrypto/arch/riscv64/Makefile.inc b/src/lib/libcrypto/arch/riscv64/Makefile.inc deleted file mode 100644 index 94cc03ed70..0000000000 --- a/src/lib/libcrypto/arch/riscv64/Makefile.inc +++ /dev/null @@ -1,3 +0,0 @@ -# $OpenBSD: Makefile.inc,v 1.10 2024/03/29 07:24:09 jsing Exp $ - -# riscv64 libcrypto build rules diff --git a/src/lib/libcrypto/arch/riscv64/crypto_arch.h b/src/lib/libcrypto/arch/riscv64/crypto_arch.h deleted file mode 100644 index a3dd98d0ce..0000000000 --- a/src/lib/libcrypto/arch/riscv64/crypto_arch.h +++ /dev/null @@ -1,21 +0,0 @@ -/* $OpenBSD: crypto_arch.h,v 1.1 2024/08/11 13:02:39 jsing Exp $ */ -/* - * Copyright (c) 2024 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_CRYPTO_ARCH_H -#define HEADER_CRYPTO_ARCH_H - -#endif diff --git a/src/lib/libcrypto/arch/riscv64/opensslconf.h b/src/lib/libcrypto/arch/riscv64/opensslconf.h deleted file mode 100644 index 731b06aecc..0000000000 --- a/src/lib/libcrypto/arch/riscv64/opensslconf.h +++ /dev/null @@ -1,154 +0,0 @@ -#include -/* crypto/opensslconf.h.in */ - -#if defined(HEADER_CRYPTO_LOCAL_H) && !defined(OPENSSLDIR) -#define OPENSSLDIR "/etc/ssl" -#endif - -#undef OPENSSL_EXPORT_VAR_AS_FUNCTION - -#ifndef OPENSSL_FILE -#ifdef OPENSSL_NO_FILENAMES -#define OPENSSL_FILE "" -#define OPENSSL_LINE 0 -#else -#define OPENSSL_FILE __FILE__ -#define OPENSSL_LINE __LINE__ -#endif -#endif - -#if defined(HEADER_IDEA_H) && !defined(IDEA_INT) -#define IDEA_INT unsigned int -#endif - -#if defined(HEADER_MD2_H) && !defined(MD2_INT) -#define MD2_INT unsigned int -#endif - -#if defined(HEADER_RC2_H) && !defined(RC2_INT) -/* I need to put in a mod for the alpha - eay */ -#define RC2_INT unsigned int -#endif - -#if defined(HEADER_RC4_H) -#if !defined(RC4_INT) -/* using int types make the structure larger but make the code faster - * on most boxes I have tested - up to %20 faster. */ -/* - * I don't know what does "most" mean, but declaring "int" is a must on: - * - Intel P6 because partial register stalls are very expensive; - * - elder Alpha because it lacks byte load/store instructions; - */ -#define RC4_INT unsigned int -#endif -#if !defined(RC4_CHUNK) -/* - * This enables code handling data aligned at natural CPU word - * boundary. See crypto/rc4/rc4_enc.c for further details. - */ -#define RC4_CHUNK unsigned long -#endif -#endif - -#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG) -/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a - * %20 speed up (longs are 8 bytes, int's are 4). */ -#ifndef DES_LONG -#define DES_LONG unsigned int -#endif -#endif - -#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) -#define CONFIG_HEADER_BN_H -#undef BN_LLONG - -/* Should we define BN_DIV2W here? */ - -/* Only one for the following should be defined */ -/* The prime number generation stuff may not work when - * EIGHT_BIT but I don't care since I've only used this mode - * for debugging the bignum libraries */ -#define SIXTY_FOUR_BIT_LONG -#undef SIXTY_FOUR_BIT -#undef THIRTY_TWO_BIT -#undef SIXTEEN_BIT -#undef EIGHT_BIT -#endif - -#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) -#define CONFIG_HEADER_BF_LOCL_H -#undef BF_PTR -#endif /* HEADER_BF_LOCL_H */ - -#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H) -#define CONFIG_HEADER_DES_LOCL_H -#ifndef DES_DEFAULT_OPTIONS -/* the following is tweaked from a config script, that is why it is a - * protected undef/define */ -#ifndef DES_PTR -#undef DES_PTR -#endif - -/* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependencies at the expense of 2 more - * registers */ -#ifndef DES_RISC1 -#undef DES_RISC1 -#endif - -#ifndef DES_RISC2 -#undef DES_RISC2 -#endif - -#if defined(DES_RISC1) && defined(DES_RISC2) -YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! -#endif - -/* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very much CPU dependent */ -#ifndef DES_UNROLL -#define DES_UNROLL -#endif - -/* These default values were supplied by - * Peter Gutman - * They are only used if nothing else has been defined */ -#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL) -/* Special defines which change the way the code is built depending on the - CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find - even newer MIPS CPU's, but at the moment one size fits all for - optimization options. Older Sparc's work better with only UNROLL, but - there's no way to tell at compile time what it is you're running on */ - -#if defined( sun ) /* Newer Sparc's */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#elif defined( __ultrix ) /* Older MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined( __osf1__ ) /* Alpha */ -# define DES_PTR -# define DES_RISC2 -#elif defined ( _AIX ) /* RS6000 */ - /* Unknown */ -#elif defined( __hpux ) /* HP-PA */ - /* Unknown */ -#elif defined( __aux ) /* 68K */ - /* Unknown */ -#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ -# define DES_UNROLL -#elif defined( __sgi ) /* Newer MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#endif /* Systems-specific speed defines */ -#endif - -#endif /* DES_DEFAULT_OPTIONS */ -#endif /* HEADER_DES_LOCL_H */ diff --git a/src/lib/libcrypto/arch/sh/crypto_arch.h b/src/lib/libcrypto/arch/sh/crypto_arch.h deleted file mode 100644 index a3dd98d0ce..0000000000 --- a/src/lib/libcrypto/arch/sh/crypto_arch.h +++ /dev/null @@ -1,21 +0,0 @@ -/* $OpenBSD: crypto_arch.h,v 1.1 2024/08/11 13:02:39 jsing Exp $ */ -/* - * Copyright (c) 2024 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_CRYPTO_ARCH_H -#define HEADER_CRYPTO_ARCH_H - -#endif diff --git a/src/lib/libcrypto/arch/sh/opensslconf.h b/src/lib/libcrypto/arch/sh/opensslconf.h deleted file mode 100644 index a5d26b6fdc..0000000000 --- a/src/lib/libcrypto/arch/sh/opensslconf.h +++ /dev/null @@ -1,154 +0,0 @@ -#include -/* crypto/opensslconf.h.in */ - -#if defined(HEADER_CRYPTO_LOCAL_H) && !defined(OPENSSLDIR) -#define OPENSSLDIR "/etc/ssl" -#endif - -#undef OPENSSL_EXPORT_VAR_AS_FUNCTION - -#ifndef OPENSSL_FILE -#ifdef OPENSSL_NO_FILENAMES -#define OPENSSL_FILE "" -#define OPENSSL_LINE 0 -#else -#define OPENSSL_FILE __FILE__ -#define OPENSSL_LINE __LINE__ -#endif -#endif - -#if defined(HEADER_IDEA_H) && !defined(IDEA_INT) -#define IDEA_INT unsigned int -#endif - -#if defined(HEADER_MD2_H) && !defined(MD2_INT) -#define MD2_INT unsigned int -#endif - -#if defined(HEADER_RC2_H) && !defined(RC2_INT) -/* I need to put in a mod for the alpha - eay */ -#define RC2_INT unsigned int -#endif - -#if defined(HEADER_RC4_H) -#if !defined(RC4_INT) -/* using int types make the structure larger but make the code faster - * on most boxes I have tested - up to %20 faster. */ -/* - * I don't know what does "most" mean, but declaring "int" is a must on: - * - Intel P6 because partial register stalls are very expensive; - * - elder Alpha because it lacks byte load/store instructions; - */ -#define RC4_INT unsigned int -#endif -#if !defined(RC4_CHUNK) -/* - * This enables code handling data aligned at natural CPU word - * boundary. See crypto/rc4/rc4_enc.c for further details. - */ -#undef RC4_CHUNK -#endif -#endif - -#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG) -/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a - * %20 speed up (longs are 8 bytes, int's are 4). */ -#ifndef DES_LONG -#define DES_LONG unsigned int -#endif -#endif - -#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) -#define CONFIG_HEADER_BN_H -#define BN_LLONG - -/* Should we define BN_DIV2W here? */ - -/* Only one for the following should be defined */ -/* The prime number generation stuff may not work when - * EIGHT_BIT but I don't care since I've only used this mode - * for debugging the bignum libraries */ -#undef SIXTY_FOUR_BIT_LONG -#undef SIXTY_FOUR_BIT -#define THIRTY_TWO_BIT -#undef SIXTEEN_BIT -#undef EIGHT_BIT -#endif - -#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) -#define CONFIG_HEADER_BF_LOCL_H -#undef BF_PTR -#endif /* HEADER_BF_LOCL_H */ - -#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H) -#define CONFIG_HEADER_DES_LOCL_H -#ifndef DES_DEFAULT_OPTIONS -/* the following is tweaked from a config script, that is why it is a - * protected undef/define */ -#ifndef DES_PTR -#undef DES_PTR -#endif - -/* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependencies at the expense of 2 more - * registers */ -#ifndef DES_RISC1 -#undef DES_RISC1 -#endif - -#ifndef DES_RISC2 -#undef DES_RISC2 -#endif - -#if defined(DES_RISC1) && defined(DES_RISC2) -YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! -#endif - -/* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very much CPU dependent */ -#ifndef DES_UNROLL -#define DES_UNROLL -#endif - -/* These default values were supplied by - * Peter Gutman - * They are only used if nothing else has been defined */ -#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL) -/* Special defines which change the way the code is built depending on the - CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find - even newer MIPS CPU's, but at the moment one size fits all for - optimization options. Older Sparc's work better with only UNROLL, but - there's no way to tell at compile time what it is you're running on */ - -#if defined( sun ) /* Newer Sparc's */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#elif defined( __ultrix ) /* Older MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined( __osf1__ ) /* Alpha */ -# define DES_PTR -# define DES_RISC2 -#elif defined ( _AIX ) /* RS6000 */ - /* Unknown */ -#elif defined( __hpux ) /* HP-PA */ - /* Unknown */ -#elif defined( __aux ) /* 68K */ - /* Unknown */ -#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ -# define DES_UNROLL -#elif defined( __sgi ) /* Newer MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#endif /* Systems-specific speed defines */ -#endif - -#endif /* DES_DEFAULT_OPTIONS */ -#endif /* HEADER_DES_LOCL_H */ diff --git a/src/lib/libcrypto/arch/sparc64/Makefile.inc b/src/lib/libcrypto/arch/sparc64/Makefile.inc deleted file mode 100644 index cbf63e033e..0000000000 --- a/src/lib/libcrypto/arch/sparc64/Makefile.inc +++ /dev/null @@ -1,23 +0,0 @@ -# $OpenBSD: Makefile.inc,v 1.21 2025/02/14 12:01:58 jsing Exp $ - -# sparc64-specific libcrypto build rules - -# aes -CFLAGS+= -DAES_ASM -SSLASM+= aes aes-sparcv9 aes-sparcv9 -# bn -# modes -CFLAGS+= -DGHASH_ASM -SSLASM+= modes ghash-sparcv9 ghash-sparcv9 -# sha -SSLASM+= sha sha1-sparcv9 sha1-sparcv9 -SSLASM+= sha sha512-sparcv9 sha256-sparcv9 -SSLASM+= sha sha512-sparcv9 sha512-sparcv9 - -.for dir src dst in ${SSLASM} -SRCS+= ${dst}.S -GENERATED+=${dst}.S -${dst}.S: ${LCRYPTO_SRC}/${dir}/asm/${src}.pl - /usr/bin/env CC=${CC} /usr/bin/perl \ - ${LCRYPTO_SRC}/${dir}/asm/${src}.pl ${.TARGET} -m64 > ${.TARGET} -.endfor diff --git a/src/lib/libcrypto/arch/sparc64/crypto_arch.h b/src/lib/libcrypto/arch/sparc64/crypto_arch.h deleted file mode 100644 index 251957a5bc..0000000000 --- a/src/lib/libcrypto/arch/sparc64/crypto_arch.h +++ /dev/null @@ -1,37 +0,0 @@ -/* $OpenBSD: crypto_arch.h,v 1.2 2025/02/14 12:01:58 jsing Exp $ */ -/* - * Copyright (c) 2024 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_CRYPTO_ARCH_H -#define HEADER_CRYPTO_ARCH_H - -#ifndef OPENSSL_NO_ASM - -#define HAVE_AES_ENCRYPT_INTERNAL -#define HAVE_AES_DECRYPT_INTERNAL - -#define HAVE_SHA1_BLOCK_DATA_ORDER -#define HAVE_SHA1_BLOCK_GENERIC - -#define HAVE_SHA256_BLOCK_DATA_ORDER -#define HAVE_SHA256_BLOCK_GENERIC - -#define HAVE_SHA512_BLOCK_DATA_ORDER -#define HAVE_SHA512_BLOCK_GENERIC - -#endif - -#endif diff --git a/src/lib/libcrypto/arch/sparc64/opensslconf.h b/src/lib/libcrypto/arch/sparc64/opensslconf.h deleted file mode 100644 index 36cdd2840b..0000000000 --- a/src/lib/libcrypto/arch/sparc64/opensslconf.h +++ /dev/null @@ -1,154 +0,0 @@ -#include -/* crypto/opensslconf.h.in */ - -#if defined(HEADER_CRYPTO_LOCAL_H) && !defined(OPENSSLDIR) -#define OPENSSLDIR "/etc/ssl" -#endif - -#undef OPENSSL_EXPORT_VAR_AS_FUNCTION - -#ifndef OPENSSL_FILE -#ifdef OPENSSL_NO_FILENAMES -#define OPENSSL_FILE "" -#define OPENSSL_LINE 0 -#else -#define OPENSSL_FILE __FILE__ -#define OPENSSL_LINE __LINE__ -#endif -#endif - -#if defined(HEADER_IDEA_H) && !defined(IDEA_INT) -#define IDEA_INT unsigned int -#endif - -#if defined(HEADER_MD2_H) && !defined(MD2_INT) -#define MD2_INT unsigned int -#endif - -#if defined(HEADER_RC2_H) && !defined(RC2_INT) -/* I need to put in a mod for the alpha - eay */ -#define RC2_INT unsigned int -#endif - -#if defined(HEADER_RC4_H) -#if !defined(RC4_INT) -/* using int types make the structure larger but make the code faster - * on most boxes I have tested - up to %20 faster. */ -/* - * I don't know what does "most" mean, but declaring "int" is a must on: - * - Intel P6 because partial register stalls are very expensive; - * - elder Alpha because it lacks byte load/store instructions; - */ -#define RC4_INT unsigned int -#endif -#if !defined(RC4_CHUNK) -/* - * This enables code handling data aligned at natural CPU word - * boundary. See crypto/rc4/rc4_enc.c for further details. - */ -#define RC4_CHUNK unsigned long -#endif -#endif - -#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG) -/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a - * %20 speed up (longs are 8 bytes, int's are 4). */ -#ifndef DES_LONG -#define DES_LONG unsigned int -#endif -#endif - -#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) -#define CONFIG_HEADER_BN_H -#undef BN_LLONG - -/* Should we define BN_DIV2W here? */ - -/* Only one for the following should be defined */ -/* The prime number generation stuff may not work when - * EIGHT_BIT but I don't care since I've only used this mode - * for debugging the bignum libraries */ -#define SIXTY_FOUR_BIT_LONG -#undef SIXTY_FOUR_BIT -#undef THIRTY_TWO_BIT -#undef SIXTEEN_BIT -#undef EIGHT_BIT -#endif - -#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) -#define CONFIG_HEADER_BF_LOCL_H -#define BF_PTR -#endif /* HEADER_BF_LOCL_H */ - -#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H) -#define CONFIG_HEADER_DES_LOCL_H -#ifndef DES_DEFAULT_OPTIONS -/* the following is tweaked from a config script, that is why it is a - * protected undef/define */ -#ifndef DES_PTR -#define DES_PTR -#endif - -/* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependencies at the expense of 2 more - * registers */ -#ifndef DES_RISC1 -#undef DES_RISC1 -#endif - -#ifndef DES_RISC2 -#define DES_RISC2 -#endif - -#if defined(DES_RISC1) && defined(DES_RISC2) -YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! -#endif - -/* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very much CPU dependent */ -#ifndef DES_UNROLL -#undef DES_UNROLL -#endif - -/* These default values were supplied by - * Peter Gutman - * They are only used if nothing else has been defined */ -#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL) -/* Special defines which change the way the code is built depending on the - CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find - even newer MIPS CPU's, but at the moment one size fits all for - optimization options. Older Sparc's work better with only UNROLL, but - there's no way to tell at compile time what it is you're running on */ - -#if defined( sun ) /* Newer Sparc's */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#elif defined( __ultrix ) /* Older MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined( __osf1__ ) /* Alpha */ -# define DES_PTR -# define DES_RISC2 -#elif defined ( _AIX ) /* RS6000 */ - /* Unknown */ -#elif defined( __hpux ) /* HP-PA */ - /* Unknown */ -#elif defined( __aux ) /* 68K */ - /* Unknown */ -#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ -# define DES_UNROLL -#elif defined( __sgi ) /* Newer MIPS */ -# define DES_PTR -# define DES_RISC2 -# define DES_UNROLL -#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */ -# define DES_PTR -# define DES_RISC1 -# define DES_UNROLL -#endif /* Systems-specific speed defines */ -#endif - -#endif /* DES_DEFAULT_OPTIONS */ -#endif /* HEADER_DES_LOCL_H */ diff --git a/src/lib/libcrypto/asn1/a_bitstr.c b/src/lib/libcrypto/asn1/a_bitstr.c deleted file mode 100644 index d5d00c4d44..0000000000 --- a/src/lib/libcrypto/asn1/a_bitstr.c +++ /dev/null @@ -1,342 +0,0 @@ -/* $OpenBSD: a_bitstr.c,v 1.43 2024/07/08 14:52:31 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include -#include -#include -#include -#include - -#include "bytestring.h" - -const ASN1_ITEM ASN1_BIT_STRING_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_BIT_STRING, - .sname = "ASN1_BIT_STRING", -}; -LCRYPTO_ALIAS(ASN1_BIT_STRING_it); - -ASN1_BIT_STRING * -ASN1_BIT_STRING_new(void) -{ - return (ASN1_BIT_STRING *)ASN1_item_new(&ASN1_BIT_STRING_it); -} -LCRYPTO_ALIAS(ASN1_BIT_STRING_new); - -void -ASN1_BIT_STRING_free(ASN1_BIT_STRING *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ASN1_BIT_STRING_it); -} -LCRYPTO_ALIAS(ASN1_BIT_STRING_free); - -static void -asn1_abs_clear_unused_bits(ASN1_BIT_STRING *abs) -{ - abs->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); -} - -int -asn1_abs_set_unused_bits(ASN1_BIT_STRING *abs, uint8_t unused_bits) -{ - if (unused_bits > 7) - return 0; - - asn1_abs_clear_unused_bits(abs); - - abs->flags |= ASN1_STRING_FLAG_BITS_LEFT | unused_bits; - - return 1; -} - -int -ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, int len) -{ - return ASN1_STRING_set(x, d, len); -} -LCRYPTO_ALIAS(ASN1_BIT_STRING_set); - -int -ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value) -{ - int w, v, iv; - unsigned char *c; - - if (a == NULL) - return 0; - if (n < 0) - return 0; - - w = n / 8; - v = 1 << (7 - (n & 0x07)); - iv = ~v; - - if (value == 0) - v = 0; - - asn1_abs_clear_unused_bits(a); - - if (a->length < w + 1 || a->data == NULL) { - /* Don't expand if there's no bit to set. */ - if (value == 0) - return 1; - if ((c = recallocarray(a->data, a->length, w + 1, 1)) == NULL) { - ASN1error(ERR_R_MALLOC_FAILURE); - return 0; - } - a->data = c; - a->length = w + 1; - } - - a->data[w] = ((a->data[w]) & iv) | v; - while (a->length > 0 && a->data[a->length - 1] == 0) - a->length--; - - return 1; -} -LCRYPTO_ALIAS(ASN1_BIT_STRING_set_bit); - -int -ASN1_BIT_STRING_get_bit(const ASN1_BIT_STRING *a, int n) -{ - int w, v; - - if (a == NULL) - return 0; - if (n < 0) - return 0; - - w = n / 8; - v = 1 << (7 - (n & 0x07)); - - if (a->length < w + 1 || a->data == NULL) - return 0; - - return (a->data[w] & v) != 0; -} -LCRYPTO_ALIAS(ASN1_BIT_STRING_get_bit); - -int -i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp) -{ - int ret, j, bits, len; - unsigned char *p, *d; - - if (a == NULL) - return (0); - - if (a->length == INT_MAX) - return (0); - - ret = a->length + 1; - - if (pp == NULL) - return (ret); - - len = a->length; - - if (len > 0) { - if (a->flags & ASN1_STRING_FLAG_BITS_LEFT) { - bits = (int)a->flags & 0x07; - } else { - j = 0; - for (; len > 0; len--) { - if (a->data[len - 1]) - break; - } - if (len > 0) - j = a->data[len - 1]; - if (j & 0x01) - bits = 0; - else if (j & 0x02) - bits = 1; - else if (j & 0x04) - bits = 2; - else if (j & 0x08) - bits = 3; - else if (j & 0x10) - bits = 4; - else if (j & 0x20) - bits = 5; - else if (j & 0x40) - bits = 6; - else if (j & 0x80) - bits = 7; - else - bits = 0; /* should not happen */ - } - } else - bits = 0; - - p= *pp; - - *(p++) = (unsigned char)bits; - d = a->data; - if (len > 0) { - memcpy(p, d, len); - p += len; - p[-1] &= 0xff << bits; - } - *pp = p; - return (ret); -} - -int -c2i_ASN1_BIT_STRING_cbs(ASN1_BIT_STRING **out_abs, CBS *cbs) -{ - ASN1_BIT_STRING *abs = NULL; - uint8_t *data = NULL; - size_t data_len = 0; - uint8_t unused_bits; - int ret = 0; - - if (out_abs == NULL) - goto err; - - if (*out_abs != NULL) { - ASN1_BIT_STRING_free(*out_abs); - *out_abs = NULL; - } - - if (!CBS_get_u8(cbs, &unused_bits)) { - ASN1error(ASN1_R_STRING_TOO_SHORT); - goto err; - } - - if (!CBS_stow(cbs, &data, &data_len)) - goto err; - if (data_len > INT_MAX) - goto err; - - if ((abs = ASN1_BIT_STRING_new()) == NULL) - goto err; - - abs->data = data; - abs->length = (int)data_len; - data = NULL; - - /* - * We do this to preserve the settings. If we modify the settings, - * via the _set_bit function, we will recalculate on output. - */ - if (!asn1_abs_set_unused_bits(abs, unused_bits)) { - ASN1error(ASN1_R_INVALID_BIT_STRING_BITS_LEFT); - goto err; - } - if (abs->length > 0) - abs->data[abs->length - 1] &= 0xff << unused_bits; - - *out_abs = abs; - abs = NULL; - - ret = 1; - - err: - ASN1_BIT_STRING_free(abs); - freezero(data, data_len); - - return ret; -} - -ASN1_BIT_STRING * -c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **out_abs, const unsigned char **pp, long len) -{ - ASN1_BIT_STRING *abs = NULL; - CBS content; - - if (out_abs != NULL) { - ASN1_BIT_STRING_free(*out_abs); - *out_abs = NULL; - } - - if (len < 0) { - ASN1error(ASN1_R_LENGTH_ERROR); - return NULL; - } - - CBS_init(&content, *pp, len); - - if (!c2i_ASN1_BIT_STRING_cbs(&abs, &content)) - return NULL; - - *pp = CBS_data(&content); - - if (out_abs != NULL) - *out_abs = abs; - - return abs; -} - -int -i2d_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_BIT_STRING_it); -} -LCRYPTO_ALIAS(i2d_ASN1_BIT_STRING); - -ASN1_BIT_STRING * -d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, const unsigned char **in, long len) -{ - return (ASN1_BIT_STRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ASN1_BIT_STRING_it); -} -LCRYPTO_ALIAS(d2i_ASN1_BIT_STRING); diff --git a/src/lib/libcrypto/asn1/a_enum.c b/src/lib/libcrypto/asn1/a_enum.c deleted file mode 100644 index 5d3a3dd0c7..0000000000 --- a/src/lib/libcrypto/asn1/a_enum.c +++ /dev/null @@ -1,394 +0,0 @@ -/* $OpenBSD: a_enum.c,v 1.30 2024/07/08 14:52:31 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include -#include -#include -#include -#include - -#include "asn1_local.h" -#include "bytestring.h" - -/* - * Code for ENUMERATED type: identical to INTEGER apart from a different tag. - * for comments on encoding see a_int.c - */ - -const ASN1_ITEM ASN1_ENUMERATED_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_ENUMERATED, - .sname = "ASN1_ENUMERATED", -}; -LCRYPTO_ALIAS(ASN1_ENUMERATED_it); - -ASN1_ENUMERATED * -ASN1_ENUMERATED_new(void) -{ - return (ASN1_ENUMERATED *)ASN1_item_new(&ASN1_ENUMERATED_it); -} -LCRYPTO_ALIAS(ASN1_ENUMERATED_new); - -static void -asn1_aenum_clear(ASN1_ENUMERATED *aenum) -{ - freezero(aenum->data, aenum->length); - - memset(aenum, 0, sizeof(*aenum)); - - aenum->type = V_ASN1_ENUMERATED; -} - -void -ASN1_ENUMERATED_free(ASN1_ENUMERATED *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ASN1_ENUMERATED_it); -} -LCRYPTO_ALIAS(ASN1_ENUMERATED_free); - -int -ASN1_ENUMERATED_get_int64(int64_t *out_val, const ASN1_ENUMERATED *aenum) -{ - CBS cbs; - - *out_val = 0; - - if (aenum == NULL || aenum->length < 0) - return 0; - - if (aenum->type != V_ASN1_ENUMERATED && - aenum->type != V_ASN1_NEG_ENUMERATED) { - ASN1error(ASN1_R_WRONG_INTEGER_TYPE); - return 0; - } - - CBS_init(&cbs, aenum->data, aenum->length); - - return asn1_aint_get_int64(&cbs, (aenum->type == V_ASN1_NEG_ENUMERATED), - out_val); -} -LCRYPTO_ALIAS(ASN1_ENUMERATED_get_int64); - -int -ASN1_ENUMERATED_set_int64(ASN1_ENUMERATED *aenum, int64_t val) -{ - uint64_t uval; - - asn1_aenum_clear(aenum); - - uval = (uint64_t)val; - - if (val < 0) { - aenum->type = V_ASN1_NEG_ENUMERATED; - uval = -uval; - } - - return asn1_aint_set_uint64(uval, &aenum->data, &aenum->length); -} -LCRYPTO_ALIAS(ASN1_ENUMERATED_set_int64); - -long -ASN1_ENUMERATED_get(const ASN1_ENUMERATED *aenum) -{ - int64_t val; - - if (aenum == NULL) - return 0; - if (!ASN1_ENUMERATED_get_int64(&val, aenum)) - return -1; - if (val < LONG_MIN || val > LONG_MAX) { - /* hmm... a bit ugly, return all ones */ - return -1; - } - - return (long)val; -} -LCRYPTO_ALIAS(ASN1_ENUMERATED_get); - -int -ASN1_ENUMERATED_set(ASN1_ENUMERATED *aenum, long val) -{ - return ASN1_ENUMERATED_set_int64(aenum, val); -} -LCRYPTO_ALIAS(ASN1_ENUMERATED_set); - -ASN1_ENUMERATED * -BN_to_ASN1_ENUMERATED(const BIGNUM *bn, ASN1_ENUMERATED *ai) -{ - ASN1_ENUMERATED *ret; - int len, j; - - if (ai == NULL) - ret = ASN1_ENUMERATED_new(); - else - ret = ai; - if (ret == NULL) { - ASN1error(ERR_R_NESTED_ASN1_ERROR); - goto err; - } - if (BN_is_negative(bn)) - ret->type = V_ASN1_NEG_ENUMERATED; - else - ret->type = V_ASN1_ENUMERATED; - j = BN_num_bits(bn); - len = ((j == 0) ? 0 : ((j / 8) + 1)); - if (ret->length < len + 4) { - unsigned char *new_data = realloc(ret->data, len + 4); - if (!new_data) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto err; - } - ret->data = new_data; - } - ret->length = BN_bn2bin(bn, ret->data); - - /* Correct zero case */ - if (!ret->length) { - ret->data[0] = 0; - ret->length = 1; - } - return (ret); - - err: - if (ret != ai) - ASN1_ENUMERATED_free(ret); - return (NULL); -} -LCRYPTO_ALIAS(BN_to_ASN1_ENUMERATED); - -BIGNUM * -ASN1_ENUMERATED_to_BN(const ASN1_ENUMERATED *ai, BIGNUM *bn) -{ - BIGNUM *ret; - - if ((ret = BN_bin2bn(ai->data, ai->length, bn)) == NULL) - ASN1error(ASN1_R_BN_LIB); - else if (ai->type == V_ASN1_NEG_ENUMERATED) - BN_set_negative(ret, 1); - return (ret); -} -LCRYPTO_ALIAS(ASN1_ENUMERATED_to_BN); - -/* Based on a_int.c: equivalent ENUMERATED functions */ - -int -i2a_ASN1_ENUMERATED(BIO *bp, const ASN1_ENUMERATED *a) -{ - int i, n = 0; - static const char h[] = "0123456789ABCDEF"; - char buf[2]; - - if (a == NULL) - return (0); - - if (a->length == 0) { - if (BIO_write(bp, "00", 2) != 2) - goto err; - n = 2; - } else { - for (i = 0; i < a->length; i++) { - if ((i != 0) && (i % 35 == 0)) { - if (BIO_write(bp, "\\\n", 2) != 2) - goto err; - n += 2; - } - buf[0] = h[((unsigned char)a->data[i] >> 4) & 0x0f]; - buf[1] = h[((unsigned char)a->data[i]) & 0x0f]; - if (BIO_write(bp, buf, 2) != 2) - goto err; - n += 2; - } - } - return (n); - - err: - return (-1); -} -LCRYPTO_ALIAS(i2a_ASN1_ENUMERATED); - -int -a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size) -{ - int ret = 0; - int i, j,k, m,n, again, bufsize; - unsigned char *s = NULL, *sp; - unsigned char *bufp; - int first = 1; - size_t num = 0, slen = 0; - - bs->type = V_ASN1_ENUMERATED; - - bufsize = BIO_gets(bp, buf, size); - for (;;) { - if (bufsize < 1) - goto err_sl; - i = bufsize; - if (buf[i-1] == '\n') - buf[--i] = '\0'; - if (i == 0) - goto err_sl; - if (buf[i-1] == '\r') - buf[--i] = '\0'; - if (i == 0) - goto err_sl; - if (buf[i - 1] == '\\') { - i--; - again = 1; - } else - again = 0; - buf[i] = '\0'; - if (i < 2) - goto err_sl; - - bufp = (unsigned char *)buf; - if (first) { - first = 0; - if ((bufp[0] == '0') && (buf[1] == '0')) { - bufp += 2; - i -= 2; - } - } - k = 0; - if (i % 2 != 0) { - ASN1error(ASN1_R_ODD_NUMBER_OF_CHARS); - goto err; - } - i /= 2; - if (num + i > slen) { - sp = realloc(s, num + i); - if (sp == NULL) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto err; - } - s = sp; - slen = num + i; - } - for (j = 0; j < i; j++, k += 2) { - for (n = 0; n < 2; n++) { - m = bufp[k + n]; - if ((m >= '0') && (m <= '9')) - m -= '0'; - else if ((m >= 'a') && (m <= 'f')) - m = m - 'a' + 10; - else if ((m >= 'A') && (m <= 'F')) - m = m - 'A' + 10; - else { - ASN1error(ASN1_R_NON_HEX_CHARACTERS); - goto err; - } - s[num + j] <<= 4; - s[num + j] |= m; - } - } - num += i; - if (again) - bufsize = BIO_gets(bp, buf, size); - else - break; - } - bs->length = num; - bs->data = s; - return (1); - - err_sl: - ASN1error(ASN1_R_SHORT_LINE); - err: - free(s); - return (ret); -} -LCRYPTO_ALIAS(a2i_ASN1_ENUMERATED); - -int -c2i_ASN1_ENUMERATED_cbs(ASN1_ENUMERATED **out_aenum, CBS *cbs) -{ - ASN1_ENUMERATED *aenum = NULL; - - if (out_aenum == NULL) - return 0; - - if (*out_aenum != NULL) { - ASN1_INTEGER_free(*out_aenum); - *out_aenum = NULL; - } - - if (!c2i_ASN1_INTEGER_cbs((ASN1_INTEGER **)&aenum, cbs)) - return 0; - - aenum->type = V_ASN1_ENUMERATED | (aenum->type & V_ASN1_NEG); - *out_aenum = aenum; - - return 1; -} - -int -i2d_ASN1_ENUMERATED(ASN1_ENUMERATED *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_ENUMERATED_it); -} -LCRYPTO_ALIAS(i2d_ASN1_ENUMERATED); - -ASN1_ENUMERATED * -d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **a, const unsigned char **in, long len) -{ - return (ASN1_ENUMERATED *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ASN1_ENUMERATED_it); -} -LCRYPTO_ALIAS(d2i_ASN1_ENUMERATED); diff --git a/src/lib/libcrypto/asn1/a_int.c b/src/lib/libcrypto/asn1/a_int.c deleted file mode 100644 index 0d9b6577d7..0000000000 --- a/src/lib/libcrypto/asn1/a_int.c +++ /dev/null @@ -1,858 +0,0 @@ -/* $OpenBSD: a_int.c,v 1.48 2024/07/08 14:52:31 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include -#include -#include -#include -#include - -#include "bytestring.h" - -const ASN1_ITEM ASN1_INTEGER_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_INTEGER, - .sname = "ASN1_INTEGER", -}; -LCRYPTO_ALIAS(ASN1_INTEGER_it); - -ASN1_INTEGER * -ASN1_INTEGER_new(void) -{ - return (ASN1_INTEGER *)ASN1_item_new(&ASN1_INTEGER_it); -} -LCRYPTO_ALIAS(ASN1_INTEGER_new); - -static void -asn1_aint_clear(ASN1_INTEGER *aint) -{ - freezero(aint->data, aint->length); - - memset(aint, 0, sizeof(*aint)); - - aint->type = V_ASN1_INTEGER; -} - -void -ASN1_INTEGER_free(ASN1_INTEGER *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ASN1_INTEGER_it); -} -LCRYPTO_ALIAS(ASN1_INTEGER_free); - -static int -ASN1_INTEGER_valid(const ASN1_INTEGER *a) -{ - return (a != NULL && a->length >= 0); -} - -ASN1_INTEGER * -ASN1_INTEGER_dup(const ASN1_INTEGER *x) -{ - if (!ASN1_INTEGER_valid(x)) - return NULL; - - return ASN1_STRING_dup(x); -} -LCRYPTO_ALIAS(ASN1_INTEGER_dup); - -int -ASN1_INTEGER_cmp(const ASN1_INTEGER *a, const ASN1_INTEGER *b) -{ - int ret = 1; - - /* Compare sign, then content. */ - if ((a->type & V_ASN1_NEG) == (b->type & V_ASN1_NEG)) - ret = ASN1_STRING_cmp(a, b); - - if ((a->type & V_ASN1_NEG) != 0) - return -ret; - - return ret; -} -LCRYPTO_ALIAS(ASN1_INTEGER_cmp); - -int -asn1_aint_get_uint64(CBS *cbs, uint64_t *out_val) -{ - uint64_t val = 0; - uint8_t u8; - - *out_val = 0; - - while (CBS_len(cbs) > 0) { - if (!CBS_get_u8(cbs, &u8)) - return 0; - if (val > (UINT64_MAX >> 8)) { - ASN1error(ASN1_R_TOO_LARGE); - return 0; - } - val = val << 8 | u8; - } - - *out_val = val; - - return 1; -} - -int -asn1_aint_set_uint64(uint64_t val, uint8_t **out_data, int *out_len) -{ - uint8_t *data = NULL; - size_t data_len = 0; - int started = 0; - uint8_t u8; - CBB cbb; - int i; - int ret = 0; - - if (!CBB_init(&cbb, sizeof(long))) - goto err; - - if (out_data == NULL || out_len == NULL) - goto err; - if (*out_data != NULL || *out_len != 0) - goto err; - - for (i = sizeof(uint64_t) - 1; i >= 0; i--) { - u8 = (val >> (i * 8)) & 0xff; - if (!started && i != 0 && u8 == 0) - continue; - if (!CBB_add_u8(&cbb, u8)) - goto err; - started = 1; - } - - if (!CBB_finish(&cbb, &data, &data_len)) - goto err; - if (data_len > INT_MAX) - goto err; - - *out_data = data; - *out_len = (int)data_len; - data = NULL; - - ret = 1; - err: - CBB_cleanup(&cbb); - freezero(data, data_len); - - return ret; -} - -int -asn1_aint_get_int64(CBS *cbs, int negative, int64_t *out_val) -{ - uint64_t val; - - if (!asn1_aint_get_uint64(cbs, &val)) - return 0; - - if (negative) { - if (val > (uint64_t)INT64_MIN) { - ASN1error(ASN1_R_TOO_SMALL); - return 0; - } - *out_val = (int64_t)-val; - } else { - if (val > (uint64_t)INT64_MAX) { - ASN1error(ASN1_R_TOO_LARGE); - return 0; - } - *out_val = (int64_t)val; - } - - return 1; -} - -int -ASN1_INTEGER_get_uint64(uint64_t *out_val, const ASN1_INTEGER *aint) -{ - uint64_t val; - CBS cbs; - - *out_val = 0; - - if (aint == NULL || aint->length < 0) - return 0; - - if (aint->type == V_ASN1_NEG_INTEGER) { - ASN1error(ASN1_R_ILLEGAL_NEGATIVE_VALUE); - return 0; - } - if (aint->type != V_ASN1_INTEGER) { - ASN1error(ASN1_R_WRONG_INTEGER_TYPE); - return 0; - } - - CBS_init(&cbs, aint->data, aint->length); - - if (!asn1_aint_get_uint64(&cbs, &val)) - return 0; - - *out_val = val; - - return 1; -} -LCRYPTO_ALIAS(ASN1_INTEGER_get_uint64); - -int -ASN1_INTEGER_set_uint64(ASN1_INTEGER *aint, uint64_t val) -{ - asn1_aint_clear(aint); - - return asn1_aint_set_uint64(val, &aint->data, &aint->length); -} -LCRYPTO_ALIAS(ASN1_INTEGER_set_uint64); - -int -ASN1_INTEGER_get_int64(int64_t *out_val, const ASN1_INTEGER *aint) -{ - CBS cbs; - - *out_val = 0; - - if (aint == NULL || aint->length < 0) - return 0; - - if (aint->type != V_ASN1_INTEGER && - aint->type != V_ASN1_NEG_INTEGER) { - ASN1error(ASN1_R_WRONG_INTEGER_TYPE); - return 0; - } - - CBS_init(&cbs, aint->data, aint->length); - - return asn1_aint_get_int64(&cbs, (aint->type == V_ASN1_NEG_INTEGER), - out_val); -} -LCRYPTO_ALIAS(ASN1_INTEGER_get_int64); - -int -ASN1_INTEGER_set_int64(ASN1_INTEGER *aint, int64_t val) -{ - uint64_t uval; - - asn1_aint_clear(aint); - - uval = (uint64_t)val; - - if (val < 0) { - aint->type = V_ASN1_NEG_INTEGER; - uval = -uval; - } - - return asn1_aint_set_uint64(uval, &aint->data, &aint->length); -} -LCRYPTO_ALIAS(ASN1_INTEGER_set_int64); - -long -ASN1_INTEGER_get(const ASN1_INTEGER *aint) -{ - int64_t val; - - if (aint == NULL) - return 0; - if (!ASN1_INTEGER_get_int64(&val, aint)) - return -1; - if (val < LONG_MIN || val > LONG_MAX) { - /* hmm... a bit ugly, return all ones */ - return -1; - } - - return (long)val; -} -LCRYPTO_ALIAS(ASN1_INTEGER_get); - -int -ASN1_INTEGER_set(ASN1_INTEGER *aint, long val) -{ - return ASN1_INTEGER_set_int64(aint, val); -} -LCRYPTO_ALIAS(ASN1_INTEGER_set); - -ASN1_INTEGER * -BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai) -{ - ASN1_INTEGER *ret; - int len, j; - - if (ai == NULL) - ret = ASN1_INTEGER_new(); - else - ret = ai; - if (ret == NULL) { - ASN1error(ERR_R_NESTED_ASN1_ERROR); - goto err; - } - - if (!ASN1_INTEGER_valid(ret)) - goto err; - - if (BN_is_negative(bn)) - ret->type = V_ASN1_NEG_INTEGER; - else - ret->type = V_ASN1_INTEGER; - j = BN_num_bits(bn); - len = ((j == 0) ? 0 : ((j / 8) + 1)); - if (ret->length < len + 4) { - unsigned char *new_data = realloc(ret->data, len + 4); - if (!new_data) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto err; - } - ret->data = new_data; - } - ret->length = BN_bn2bin(bn, ret->data); - - /* Correct zero case */ - if (!ret->length) { - ret->data[0] = 0; - ret->length = 1; - } - return (ret); - - err: - if (ret != ai) - ASN1_INTEGER_free(ret); - return (NULL); -} -LCRYPTO_ALIAS(BN_to_ASN1_INTEGER); - -BIGNUM * -ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn) -{ - BIGNUM *ret; - - if (!ASN1_INTEGER_valid(ai)) - return (NULL); - - if ((ret = BN_bin2bn(ai->data, ai->length, bn)) == NULL) - ASN1error(ASN1_R_BN_LIB); - else if (ai->type == V_ASN1_NEG_INTEGER) - BN_set_negative(ret, 1); - return (ret); -} -LCRYPTO_ALIAS(ASN1_INTEGER_to_BN); - -int -i2a_ASN1_INTEGER(BIO *bp, const ASN1_INTEGER *a) -{ - int i, n = 0; - static const char h[] = "0123456789ABCDEF"; - char buf[2]; - - if (a == NULL) - return (0); - - if (a->type & V_ASN1_NEG) { - if (BIO_write(bp, "-", 1) != 1) - goto err; - n = 1; - } - - if (a->length == 0) { - if (BIO_write(bp, "00", 2) != 2) - goto err; - n += 2; - } else { - for (i = 0; i < a->length; i++) { - if ((i != 0) && (i % 35 == 0)) { - if (BIO_write(bp, "\\\n", 2) != 2) - goto err; - n += 2; - } - buf[0] = h[((unsigned char)a->data[i] >> 4) & 0x0f]; - buf[1] = h[((unsigned char)a->data[i]) & 0x0f]; - if (BIO_write(bp, buf, 2) != 2) - goto err; - n += 2; - } - } - return (n); - - err: - return (-1); -} -LCRYPTO_ALIAS(i2a_ASN1_INTEGER); - -int -a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size) -{ - int ret = 0; - int i, j,k, m,n, again, bufsize; - unsigned char *s = NULL, *sp; - unsigned char *bufp; - int num = 0, slen = 0, first = 1; - - bs->type = V_ASN1_INTEGER; - - bufsize = BIO_gets(bp, buf, size); - for (;;) { - if (bufsize < 1) - goto err_sl; - i = bufsize; - if (buf[i - 1] == '\n') - buf[--i] = '\0'; - if (i == 0) - goto err_sl; - if (buf[i - 1] == '\r') - buf[--i] = '\0'; - if (i == 0) - goto err_sl; - if (buf[i - 1] == '\\') { - i--; - again = 1; - } else - again = 0; - buf[i] = '\0'; - if (i < 2) - goto err_sl; - - bufp = (unsigned char *)buf; - if (first) { - first = 0; - if ((bufp[0] == '0') && (buf[1] == '0')) { - bufp += 2; - i -= 2; - } - } - k = 0; - if (i % 2 != 0) { - ASN1error(ASN1_R_ODD_NUMBER_OF_CHARS); - goto err; - } - i /= 2; - if (num + i > slen) { - if ((sp = recallocarray(s, slen, num + i, 1)) == NULL) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto err; - } - s = sp; - slen = num + i; - } - for (j = 0; j < i; j++, k += 2) { - for (n = 0; n < 2; n++) { - m = bufp[k + n]; - if ((m >= '0') && (m <= '9')) - m -= '0'; - else if ((m >= 'a') && (m <= 'f')) - m = m - 'a' + 10; - else if ((m >= 'A') && (m <= 'F')) - m = m - 'A' + 10; - else { - ASN1error(ASN1_R_NON_HEX_CHARACTERS); - goto err; - } - s[num + j] <<= 4; - s[num + j] |= m; - } - } - num += i; - if (again) - bufsize = BIO_gets(bp, buf, size); - else - break; - } - bs->length = num; - bs->data = s; - return (1); - - err_sl: - ASN1error(ASN1_R_SHORT_LINE); - err: - free(s); - return (ret); -} -LCRYPTO_ALIAS(a2i_ASN1_INTEGER); - -static void -asn1_aint_twos_complement(uint8_t *data, size_t data_len) -{ - uint8_t carry = 1; - ssize_t i; - - for (i = data_len - 1; i >= 0; i--) { - data[i] = (data[i] ^ 0xff) + carry; - if (data[i] != 0) - carry = 0; - } -} - -static int -asn1_aint_keep_twos_padding(const uint8_t *data, size_t data_len) -{ - size_t i; - - /* - * If a two's complement value has a padding byte (0xff) and the rest - * of the value is all zeros, the padding byte cannot be removed as when - * converted from two's complement this becomes 0x01 (in the place of - * the padding byte) followed by the same number of zero bytes. - */ - if (data_len <= 1 || data[0] != 0xff) - return 0; - for (i = 1; i < data_len; i++) { - if (data[i] != 0) - return 0; - } - return 1; -} - -static int -i2c_ASN1_INTEGER_cbb(ASN1_INTEGER *aint, CBB *cbb) -{ - uint8_t *data = NULL; - size_t data_len = 0; - uint8_t padding, val; - uint8_t msb; - CBS cbs; - int ret = 0; - - if (aint->length < 0) - goto err; - if (aint->data == NULL && aint->length != 0) - goto err; - - if ((aint->type & ~V_ASN1_NEG) != V_ASN1_ENUMERATED && - (aint->type & ~V_ASN1_NEG) != V_ASN1_INTEGER) - goto err; - - CBS_init(&cbs, aint->data, aint->length); - - /* Find the first non-zero byte. */ - while (CBS_len(&cbs) > 0) { - if (!CBS_peek_u8(&cbs, &val)) - goto err; - if (val != 0) - break; - if (!CBS_skip(&cbs, 1)) - goto err; - } - - /* A zero value is encoded as a single octet. */ - if (CBS_len(&cbs) == 0) { - if (!CBB_add_u8(cbb, 0)) - goto err; - goto done; - } - - if (!CBS_stow(&cbs, &data, &data_len)) - goto err; - - if ((aint->type & V_ASN1_NEG) != 0) - asn1_aint_twos_complement(data, data_len); - - /* Topmost bit indicates sign, padding is all zeros or all ones. */ - msb = (data[0] >> 7); - padding = (msb - 1) & 0xff; - - /* See if we need a padding octet to avoid incorrect sign. */ - if (((aint->type & V_ASN1_NEG) == 0 && msb == 1) || - ((aint->type & V_ASN1_NEG) != 0 && msb == 0)) { - if (!CBB_add_u8(cbb, padding)) - goto err; - } - if (!CBB_add_bytes(cbb, data, data_len)) - goto err; - - done: - ret = 1; - - err: - freezero(data, data_len); - - return ret; -} - -int -i2c_ASN1_INTEGER(ASN1_INTEGER *aint, unsigned char **pp) -{ - uint8_t *data = NULL; - size_t data_len = 0; - CBB cbb; - int ret = -3; - - if (!CBB_init(&cbb, 0)) - goto err; - if (!i2c_ASN1_INTEGER_cbb(aint, &cbb)) - goto err; - if (!CBB_finish(&cbb, &data, &data_len)) - goto err; - if (data_len > INT_MAX) - goto err; - - if (pp != NULL) { - if ((uintptr_t)*pp > UINTPTR_MAX - data_len) - goto err; - memcpy(*pp, data, data_len); - *pp += data_len; - } - - ret = data_len; - - err: - freezero(data, data_len); - CBB_cleanup(&cbb); - - return ret; -} - -int -c2i_ASN1_INTEGER_cbs(ASN1_INTEGER **out_aint, CBS *cbs) -{ - ASN1_INTEGER *aint = NULL; - uint8_t *data = NULL; - size_t data_len = 0; - uint8_t padding, val; - uint8_t negative; - int ret = 0; - - if (out_aint == NULL) - goto err; - - if (*out_aint != NULL) { - ASN1_INTEGER_free(*out_aint); - *out_aint = NULL; - } - - if (CBS_len(cbs) == 0) { - /* XXX INVALID ENCODING? */ - ASN1error(ERR_R_ASN1_LENGTH_MISMATCH); - goto err; - } - if (!CBS_peek_u8(cbs, &val)) - goto err; - - /* Topmost bit indicates sign, padding is all zeros or all ones. */ - negative = (val >> 7); - padding = ~(negative - 1) & 0xff; - - /* - * Ensure that the first 9 bits are not all zero or all one, as per - * X.690 section 8.3.2. Remove the padding octet if possible. - */ - if (CBS_len(cbs) > 1 && val == padding) { - if (!asn1_aint_keep_twos_padding(CBS_data(cbs), CBS_len(cbs))) { - if (!CBS_get_u8(cbs, &padding)) - goto err; - if (!CBS_peek_u8(cbs, &val)) - goto err; - if ((val >> 7) == (padding >> 7)) { - /* XXX INVALID ENCODING? */ - ASN1error(ERR_R_ASN1_LENGTH_MISMATCH); - goto err; - } - } - } - - if (!CBS_stow(cbs, &data, &data_len)) - goto err; - if (data_len > INT_MAX) - goto err; - - if ((aint = ASN1_INTEGER_new()) == NULL) - goto err; - - /* - * Negative integers are handled as a separate type - convert from - * two's complement for internal representation. - */ - if (negative) { - aint->type = V_ASN1_NEG_INTEGER; - asn1_aint_twos_complement(data, data_len); - } - - aint->data = data; - aint->length = (int)data_len; - data = NULL; - - *out_aint = aint; - aint = NULL; - - ret = 1; - - err: - ASN1_INTEGER_free(aint); - freezero(data, data_len); - - return ret; -} - -ASN1_INTEGER * -c2i_ASN1_INTEGER(ASN1_INTEGER **out_aint, const unsigned char **pp, long len) -{ - ASN1_INTEGER *aint = NULL; - CBS content; - - if (out_aint != NULL) { - ASN1_INTEGER_free(*out_aint); - *out_aint = NULL; - } - - if (len < 0) { - ASN1error(ASN1_R_LENGTH_ERROR); - return NULL; - } - - CBS_init(&content, *pp, len); - - if (!c2i_ASN1_INTEGER_cbs(&aint, &content)) - return NULL; - - *pp = CBS_data(&content); - - if (out_aint != NULL) - *out_aint = aint; - - return aint; -} - -int -i2d_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_INTEGER_it); -} -LCRYPTO_ALIAS(i2d_ASN1_INTEGER); - -ASN1_INTEGER * -d2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **in, long len) -{ - return (ASN1_INTEGER *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ASN1_INTEGER_it); -} -LCRYPTO_ALIAS(d2i_ASN1_INTEGER); - -/* This is a version of d2i_ASN1_INTEGER that ignores the sign bit of - * ASN1 integers: some broken software can encode a positive INTEGER - * with its MSB set as negative (it doesn't add a padding zero). - */ - -ASN1_INTEGER * -d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, long length) -{ - ASN1_INTEGER *ret = NULL; - const unsigned char *p; - unsigned char *s; - long len; - int inf, tag, xclass; - int i; - - if ((a == NULL) || ((*a) == NULL)) { - if ((ret = ASN1_INTEGER_new()) == NULL) - return (NULL); - } else - ret = (*a); - - if (!ASN1_INTEGER_valid(ret)) { - i = ERR_R_ASN1_LENGTH_MISMATCH; - goto err; - } - - p = *pp; - inf = ASN1_get_object(&p, &len, &tag, &xclass, length); - if (inf & 0x80) { - i = ASN1_R_BAD_OBJECT_HEADER; - goto err; - } - - if (tag != V_ASN1_INTEGER) { - i = ASN1_R_EXPECTING_AN_INTEGER; - goto err; - } - - /* We must malloc stuff, even for 0 bytes otherwise it - * signifies a missing NULL parameter. */ - if (len < 0 || len > INT_MAX) { - i = ERR_R_ASN1_LENGTH_MISMATCH; - goto err; - } - s = malloc(len + 1); - if (s == NULL) { - i = ERR_R_MALLOC_FAILURE; - goto err; - } - ret->type = V_ASN1_INTEGER; - if (len) { - if ((*p == 0) && (len != 1)) { - p++; - len--; - } - memcpy(s, p, len); - p += len; - } - - free(ret->data); - ret->data = s; - ret->length = (int)len; - if (a != NULL) - (*a) = ret; - *pp = p; - return (ret); - - err: - ASN1error(i); - if (a == NULL || *a != ret) - ASN1_INTEGER_free(ret); - return (NULL); -} -LCRYPTO_ALIAS(d2i_ASN1_UINTEGER); diff --git a/src/lib/libcrypto/asn1/a_mbstr.c b/src/lib/libcrypto/asn1/a_mbstr.c deleted file mode 100644 index f050f97539..0000000000 --- a/src/lib/libcrypto/asn1/a_mbstr.c +++ /dev/null @@ -1,449 +0,0 @@ -/* $OpenBSD: a_mbstr.c,v 1.27 2023/07/05 21:23:36 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include - -#include -#include - -#include "asn1_local.h" - -static int traverse_string(const unsigned char *p, int len, int inform, - int (*rfunc)(unsigned long value, void *in), void *arg); -static int in_utf8(unsigned long value, void *arg); -static int out_utf8(unsigned long value, void *arg); -static int type_str(unsigned long value, void *arg); -static int cpy_asc(unsigned long value, void *arg); -static int cpy_bmp(unsigned long value, void *arg); -static int cpy_univ(unsigned long value, void *arg); -static int cpy_utf8(unsigned long value, void *arg); -static int is_printable(unsigned long value); - -/* These functions take a string in UTF8, ASCII or multibyte form and - * a mask of permissible ASN1 string types. It then works out the minimal - * type (using the order Printable < IA5 < T61 < BMP < Universal < UTF8) - * and creates a string of the correct type with the supplied data. - * Yes this is horrible: it has to be :-( - * The 'ncopy' form checks minimum and maximum size limits too. - */ - -int -ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len, - int inform, unsigned long mask) -{ - return ASN1_mbstring_ncopy(out, in, len, inform, mask, 0, 0); -} -LCRYPTO_ALIAS(ASN1_mbstring_copy); - -int -ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, - int inform, unsigned long mask, long minsize, long maxsize) -{ - int str_type; - int ret; - char free_out; - int outform, outlen = 0; - ASN1_STRING *dest; - unsigned char *p; - int nchar; - int (*cpyfunc)(unsigned long, void *) = NULL; - - if (len < 0) - len = strlen((const char *)in); - if (!mask) - mask = DIRSTRING_TYPE; - - /* First do a string check and work out the number of characters */ - switch (inform) { - case MBSTRING_BMP: - if (len & 1) { - ASN1error(ASN1_R_INVALID_BMPSTRING_LENGTH); - return -1; - } - nchar = len >> 1; - break; - - case MBSTRING_UNIV: - if (len & 3) { - ASN1error(ASN1_R_INVALID_UNIVERSALSTRING_LENGTH); - return -1; - } - nchar = len >> 2; - break; - - case MBSTRING_UTF8: - nchar = 0; - /* This counts the characters and does utf8 syntax checking */ - ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar); - if (ret < 0) { - ASN1error(ASN1_R_INVALID_UTF8STRING); - return -1; - } - break; - - case MBSTRING_ASC: - nchar = len; - break; - - default: - ASN1error(ASN1_R_UNKNOWN_FORMAT); - return -1; - } - - if ((minsize > 0) && (nchar < minsize)) { - ASN1error(ASN1_R_STRING_TOO_SHORT); - ERR_asprintf_error_data("minsize=%ld", minsize); - return -1; - } - - if ((maxsize > 0) && (nchar > maxsize)) { - ASN1error(ASN1_R_STRING_TOO_LONG); - ERR_asprintf_error_data("maxsize=%ld", maxsize); - return -1; - } - - /* Now work out minimal type (if any) */ - if (traverse_string(in, len, inform, type_str, &mask) < 0) { - ASN1error(ASN1_R_ILLEGAL_CHARACTERS); - return -1; - } - - - /* Now work out output format and string type */ - outform = MBSTRING_ASC; - if (mask & B_ASN1_PRINTABLESTRING) - str_type = V_ASN1_PRINTABLESTRING; - else if (mask & B_ASN1_IA5STRING) - str_type = V_ASN1_IA5STRING; - else if (mask & B_ASN1_T61STRING) - str_type = V_ASN1_T61STRING; - else if (mask & B_ASN1_BMPSTRING) { - str_type = V_ASN1_BMPSTRING; - outform = MBSTRING_BMP; - } else if (mask & B_ASN1_UNIVERSALSTRING) { - str_type = V_ASN1_UNIVERSALSTRING; - outform = MBSTRING_UNIV; - } else { - str_type = V_ASN1_UTF8STRING; - outform = MBSTRING_UTF8; - } - if (!out) - return str_type; - if (*out) { - free_out = 0; - dest = *out; - if (dest->data) { - dest->length = 0; - free(dest->data); - dest->data = NULL; - } - dest->type = str_type; - } else { - free_out = 1; - dest = ASN1_STRING_type_new(str_type); - if (!dest) { - ASN1error(ERR_R_MALLOC_FAILURE); - return -1; - } - *out = dest; - } - /* If both the same type just copy across */ - if (inform == outform) { - if (!ASN1_STRING_set(dest, in, len)) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto err; - } - return str_type; - } - - /* Work out how much space the destination will need */ - switch (outform) { - case MBSTRING_ASC: - outlen = nchar; - cpyfunc = cpy_asc; - break; - - case MBSTRING_BMP: - outlen = nchar << 1; - cpyfunc = cpy_bmp; - break; - - case MBSTRING_UNIV: - outlen = nchar << 2; - cpyfunc = cpy_univ; - break; - - case MBSTRING_UTF8: - outlen = 0; - if (traverse_string(in, len, inform, out_utf8, &outlen) < 0) { - ASN1error(ASN1_R_ILLEGAL_CHARACTERS); - goto err; - } - cpyfunc = cpy_utf8; - break; - } - if (!(p = malloc(outlen + 1))) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto err; - } - dest->length = outlen; - dest->data = p; - p[outlen] = 0; - traverse_string(in, len, inform, cpyfunc, &p); - return str_type; - - err: - if (free_out) { - ASN1_STRING_free(dest); - *out = NULL; - } - return -1; -} -LCRYPTO_ALIAS(ASN1_mbstring_ncopy); - -/* This function traverses a string and passes the value of each character - * to an optional function along with a void * argument. - */ - -static int -traverse_string(const unsigned char *p, int len, int inform, - int (*rfunc)(unsigned long value, void *in), void *arg) -{ - unsigned long value; - int ret; - - while (len) { - switch (inform) { - case MBSTRING_ASC: - value = *p++; - len--; - break; - case MBSTRING_BMP: - value = *p++ << 8; - value |= *p++; - /* BMP is explicitly defined to not support surrogates */ - if (UNICODE_IS_SURROGATE(value)) - return -1; - len -= 2; - break; - case MBSTRING_UNIV: - value = (unsigned long)*p++ << 24; - value |= *p++ << 16; - value |= *p++ << 8; - value |= *p++; - if (value > UNICODE_MAX || UNICODE_IS_SURROGATE(value)) - return -1; - len -= 4; - break; - default: - ret = UTF8_getc(p, len, &value); - if (ret < 0) - return -1; - len -= ret; - p += ret; - break; - } - if (rfunc) { - ret = rfunc(value, arg); - if (ret <= 0) - return ret; - } - } - return 1; -} - -/* Various utility functions for traverse_string */ - -/* Just count number of characters */ - -static int -in_utf8(unsigned long value, void *arg) -{ - int *nchar; - - nchar = arg; - (*nchar)++; - return 1; -} - -/* Determine size of output as a UTF8 String */ - -static int -out_utf8(unsigned long value, void *arg) -{ - int *outlen; - int ret; - - outlen = arg; - ret = UTF8_putc(NULL, -1, value); - if (ret < 0) - return ret; - *outlen += ret; - return 1; -} - -/* Determine the "type" of a string: check each character against a - * supplied "mask". - */ - -static int -type_str(unsigned long value, void *arg) -{ - unsigned long types; - - types = *((unsigned long *)arg); - if ((types & B_ASN1_PRINTABLESTRING) && !is_printable(value)) - types &= ~B_ASN1_PRINTABLESTRING; - if ((types & B_ASN1_IA5STRING) && (value > 127)) - types &= ~B_ASN1_IA5STRING; - if ((types & B_ASN1_T61STRING) && (value > 0xff)) - types &= ~B_ASN1_T61STRING; - if ((types & B_ASN1_BMPSTRING) && (value > 0xffff)) - types &= ~B_ASN1_BMPSTRING; - if (!types) - return -1; - *((unsigned long *)arg) = types; - return 1; -} - -/* Copy one byte per character ASCII like strings */ - -static int -cpy_asc(unsigned long value, void *arg) -{ - unsigned char **p, *q; - - p = arg; - q = *p; - *q = value; - (*p)++; - return 1; -} - -/* Copy two byte per character BMPStrings */ - -static int -cpy_bmp(unsigned long value, void *arg) -{ - unsigned char **p, *q; - - p = arg; - q = *p; - *q++ = (value >> 8) & 0xff; - *q = value & 0xff; - *p += 2; - return 1; -} - -/* Copy four byte per character UniversalStrings */ - -static int -cpy_univ(unsigned long value, void *arg) -{ - unsigned char **p, *q; - - p = arg; - q = *p; - *q++ = (value >> 24) & 0xff; - *q++ = (value >> 16) & 0xff; - *q++ = (value >> 8) & 0xff; - *q = value & 0xff; - *p += 4; - return 1; -} - -/* Copy to a UTF8String */ - -static int -cpy_utf8(unsigned long value, void *arg) -{ - unsigned char **p; - - int ret; - p = arg; - /* We already know there is enough room so pass 0xff as the length */ - ret = UTF8_putc(*p, 0xff, value); - *p += ret; - return 1; -} - -/* Return 1 if the character is permitted in a PrintableString */ -static int -is_printable(unsigned long value) -{ - int ch; - - if (value > 0x7f) - return 0; - ch = (int)value; - - /* Note: we can't use 'isalnum' because certain accented - * characters may count as alphanumeric in some environments. - */ - if ((ch >= 'a') && (ch <= 'z')) - return 1; - if ((ch >= 'A') && (ch <= 'Z')) - return 1; - if ((ch >= '0') && (ch <= '9')) - return 1; - if ((ch == ' ') || strchr("'()+,-./:=?", ch)) - return 1; - return 0; -} diff --git a/src/lib/libcrypto/asn1/a_object.c b/src/lib/libcrypto/asn1/a_object.c deleted file mode 100644 index 2f3ca1398f..0000000000 --- a/src/lib/libcrypto/asn1/a_object.c +++ /dev/null @@ -1,688 +0,0 @@ -/* $OpenBSD: a_object.c,v 1.55 2024/07/08 14:52:31 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include -#include -#include -#include -#include - -#include "asn1_local.h" - -const ASN1_ITEM ASN1_OBJECT_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_OBJECT, - .sname = "ASN1_OBJECT", -}; -LCRYPTO_ALIAS(ASN1_OBJECT_it); - -ASN1_OBJECT * -ASN1_OBJECT_new(void) -{ - ASN1_OBJECT *a; - - if ((a = calloc(1, sizeof(ASN1_OBJECT))) == NULL) { - ASN1error(ERR_R_MALLOC_FAILURE); - return (NULL); - } - a->flags = ASN1_OBJECT_FLAG_DYNAMIC; - - return a; -} -LCRYPTO_ALIAS(ASN1_OBJECT_new); - -void -ASN1_OBJECT_free(ASN1_OBJECT *a) -{ - if (a == NULL) - return; - if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) { - free((void *)a->sn); - free((void *)a->ln); - a->sn = a->ln = NULL; - } - if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) { - freezero((void *)a->data, a->length); - a->data = NULL; - a->length = 0; - } - if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC) - free(a); -} -LCRYPTO_ALIAS(ASN1_OBJECT_free); - -ASN1_OBJECT * -ASN1_OBJECT_create(int nid, unsigned char *data, int len, - const char *sn, const char *ln) -{ - ASN1_OBJECT o; - - o.sn = sn; - o.ln = ln; - o.data = data; - o.nid = nid; - o.length = len; - o.flags = ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS | - ASN1_OBJECT_FLAG_DYNAMIC_DATA; - return (OBJ_dup(&o)); -} -LCRYPTO_ALIAS(ASN1_OBJECT_create); - -static int -oid_add_arc(CBB *cbb, uint64_t arc) -{ - int started = 0; - uint8_t val; - int i; - - for (i = (sizeof(arc) * 8) / 7; i >= 0; i--) { - val = (arc >> (i * 7)) & 0x7f; - if (!started && i != 0 && val == 0) - continue; - if (i > 0) - val |= 0x80; - if (!CBB_add_u8(cbb, val)) - return 0; - started = 1; - } - - return 1; -} - -static int -oid_parse_arc(CBS *cbs, uint64_t *out_arc) -{ - uint64_t arc = 0; - uint8_t val; - - do { - if (!CBS_get_u8(cbs, &val)) - return 0; - if (arc == 0 && val == 0x80) - return 0; - if (out_arc != NULL && arc > (UINT64_MAX >> 7)) - return 0; - arc = (arc << 7) | (val & 0x7f); - } while (val & 0x80); - - if (out_arc != NULL) - *out_arc = arc; - - return 1; -} - -static int -oid_add_arc_txt(CBB *cbb, uint64_t arc, int first) -{ - const char *fmt = ".%llu"; - char s[22]; /* Digits in decimal representation of 2^64-1, plus '.' and NUL. */ - int n; - - if (first) - fmt = "%llu"; - n = snprintf(s, sizeof(s), fmt, (unsigned long long)arc); - if (n < 0 || (size_t)n >= sizeof(s)) - return 0; - if (!CBB_add_bytes(cbb, s, n)) - return 0; - - return 1; -} - -static int -oid_parse_arc_txt(CBS *cbs, uint64_t *out_arc, char *separator, int first) -{ - uint64_t arc = 0; - int digits = 0; - uint8_t val; - - if (!first) { - if (!CBS_get_u8(cbs, &val)) - return 0; - if ((*separator == 0 && val != '.' && val != ' ') || - (*separator != 0 && val != *separator)) { - ASN1error(ASN1_R_INVALID_SEPARATOR); - return 0; - } - *separator = val; - } - - while (CBS_len(cbs) > 0) { - if (!CBS_peek_u8(cbs, &val)) - return 0; - if (val == '.' || val == ' ') - break; - - if (!CBS_get_u8(cbs, &val)) - return 0; - if (val < '0' || val > '9') { - /* For the first arc we treat this as the separator. */ - if (first) { - ASN1error(ASN1_R_INVALID_SEPARATOR); - return 0; - } - ASN1error(ASN1_R_INVALID_DIGIT); - return 0; - } - val -= '0'; - - if (digits > 0 && arc == 0 && val == 0) { - ASN1error(ASN1_R_INVALID_NUMBER); - return 0; - } - digits++; - - if (arc > UINT64_MAX / 10) { - ASN1error(ASN1_R_TOO_LONG); - return 0; - } - arc = arc * 10 + val; - } - - if (digits < 1) { - ASN1error(ASN1_R_INVALID_NUMBER); - return 0; - } - - *out_arc = arc; - - return 1; -} - -static int -a2c_ASN1_OBJECT_internal(CBB *cbb, CBS *cbs) -{ - uint64_t arc, si1, si2; - char separator = 0; - - if (!oid_parse_arc_txt(cbs, &si1, &separator, 1)) - return 0; - - if (CBS_len(cbs) == 0) { - ASN1error(ASN1_R_MISSING_SECOND_NUMBER); - return 0; - } - - if (!oid_parse_arc_txt(cbs, &si2, &separator, 0)) - return 0; - - /* - * X.690 section 8.19 - the first two subidentifiers are encoded as - * (x * 40) + y, with x being limited to [0,1,2]. The second - * subidentifier cannot exceed 39 for x < 2. - */ - if (si1 > 2) { - ASN1error(ASN1_R_FIRST_NUM_TOO_LARGE); - return 0; - } - if ((si1 < 2 && si2 >= 40) || si2 > UINT64_MAX - si1 * 40) { - ASN1error(ASN1_R_SECOND_NUMBER_TOO_LARGE); - return 0; - } - arc = si1 * 40 + si2; - - if (!oid_add_arc(cbb, arc)) - return 0; - - while (CBS_len(cbs) > 0) { - if (!oid_parse_arc_txt(cbs, &arc, &separator, 0)) - return 0; - if (!oid_add_arc(cbb, arc)) - return 0; - } - - return 1; -} - -static int -c2a_ASN1_OBJECT(CBS *cbs, CBB *cbb) -{ - uint64_t arc, si1, si2; - - /* - * X.690 section 8.19 - the first two subidentifiers are encoded as - * (x * 40) + y, with x being limited to [0,1,2]. - */ - if (!oid_parse_arc(cbs, &arc)) - return 0; - if ((si1 = arc / 40) > 2) - si1 = 2; - si2 = arc - si1 * 40; - - if (!oid_add_arc_txt(cbb, si1, 1)) - return 0; - if (!oid_add_arc_txt(cbb, si2, 0)) - return 0; - - while (CBS_len(cbs) > 0) { - if (!oid_parse_arc(cbs, &arc)) - return 0; - if (!oid_add_arc_txt(cbb, arc, 0)) - return 0; - } - - /* NUL terminate. */ - if (!CBB_add_u8(cbb, 0)) - return 0; - - return 1; -} - -int -a2d_ASN1_OBJECT(unsigned char *out, int out_len, const char *in, int in_len) -{ - uint8_t *data = NULL; - size_t data_len; - CBS cbs; - CBB cbb; - int ret = 0; - - memset(&cbb, 0, sizeof(cbb)); - - if (in_len == -1) - in_len = strlen(in); - if (in_len <= 0) - goto err; - - CBS_init(&cbs, in, in_len); - - if (!CBB_init(&cbb, 0)) - goto err; - if (!a2c_ASN1_OBJECT_internal(&cbb, &cbs)) - goto err; - if (!CBB_finish(&cbb, &data, &data_len)) - goto err; - - if (data_len > INT_MAX) - goto err; - - if (out != NULL) { - if (out_len <= 0 || (size_t)out_len < data_len) { - ASN1error(ASN1_R_BUFFER_TOO_SMALL); - goto err; - } - memcpy(out, data, data_len); - } - - ret = (int)data_len; - - err: - CBB_cleanup(&cbb); - free(data); - - return ret; -} -LCRYPTO_ALIAS(a2d_ASN1_OBJECT); - -static int -i2t_ASN1_OBJECT_oid(const ASN1_OBJECT *aobj, CBB *cbb) -{ - CBS cbs; - - CBS_init(&cbs, aobj->data, aobj->length); - - return c2a_ASN1_OBJECT(&cbs, cbb); -} - -static int -i2t_ASN1_OBJECT_name(const ASN1_OBJECT *aobj, CBB *cbb, const char **out_name) -{ - const char *name; - int nid; - - *out_name = NULL; - - if ((nid = OBJ_obj2nid(aobj)) == NID_undef) - return 0; - - if ((name = OBJ_nid2ln(nid)) == NULL) - name = OBJ_nid2sn(nid); - if (name == NULL) - return 0; - - *out_name = name; - - if (!CBB_add_bytes(cbb, name, strlen(name))) - return 0; - - /* NUL terminate. */ - if (!CBB_add_u8(cbb, 0)) - return 0; - - return 1; -} - -static int -i2t_ASN1_OBJECT_cbb(const ASN1_OBJECT *aobj, CBB *cbb, int no_name) -{ - const char *name; - - if (!no_name) { - if (i2t_ASN1_OBJECT_name(aobj, cbb, &name)) - return 1; - if (name != NULL) - return 0; - } - return i2t_ASN1_OBJECT_oid(aobj, cbb); -} - -int -i2t_ASN1_OBJECT_internal(const ASN1_OBJECT *aobj, char *buf, int buf_len, int no_name) -{ - uint8_t *data = NULL; - size_t data_len; - CBB cbb; - int ret = 0; - - if (buf_len < 0) - return 0; - if (buf_len > 0) - buf[0] = '\0'; - - if (aobj == NULL || aobj->data == NULL) - return 0; - - if (!CBB_init(&cbb, 0)) - goto err; - if (!i2t_ASN1_OBJECT_cbb(aobj, &cbb, no_name)) - goto err; - if (!CBB_finish(&cbb, &data, &data_len)) - goto err; - - ret = strlcpy(buf, data, buf_len); - err: - CBB_cleanup(&cbb); - free(data); - - return ret; -} - -int -i2t_ASN1_OBJECT(char *buf, int buf_len, const ASN1_OBJECT *aobj) -{ - return i2t_ASN1_OBJECT_internal(aobj, buf, buf_len, 0); -} -LCRYPTO_ALIAS(i2t_ASN1_OBJECT); - -ASN1_OBJECT * -t2i_ASN1_OBJECT_internal(const char *oid) -{ - ASN1_OBJECT *aobj = NULL; - uint8_t *data = NULL; - size_t data_len; - CBB cbb; - CBS cbs; - - memset(&cbb, 0, sizeof(cbb)); - - CBS_init(&cbs, oid, strlen(oid)); - - if (!CBB_init(&cbb, 0)) - goto err; - if (!a2c_ASN1_OBJECT_internal(&cbb, &cbs)) - goto err; - if (!CBB_finish(&cbb, &data, &data_len)) - goto err; - - if (data_len > INT_MAX) - goto err; - - if ((aobj = ASN1_OBJECT_new()) == NULL) - goto err; - - aobj->data = data; - aobj->length = (int)data_len; - aobj->flags |= ASN1_OBJECT_FLAG_DYNAMIC_DATA; - data = NULL; - - err: - CBB_cleanup(&cbb); - free(data); - - return aobj; -} - -int -i2a_ASN1_OBJECT(BIO *bp, const ASN1_OBJECT *aobj) -{ - uint8_t *data = NULL; - size_t data_len; - CBB cbb; - int ret = -1; - - if (aobj == NULL || aobj->data == NULL) - return BIO_write(bp, "NULL", 4); - - if (!CBB_init(&cbb, 0)) - goto err; - if (!i2t_ASN1_OBJECT_cbb(aobj, &cbb, 0)) { - ret = BIO_write(bp, "", 9); - goto err; - } - if (!CBB_finish(&cbb, &data, &data_len)) - goto err; - - ret = BIO_write(bp, data, strlen(data)); - - err: - CBB_cleanup(&cbb); - free(data); - - return ret; -} -LCRYPTO_ALIAS(i2a_ASN1_OBJECT); - -int -c2i_ASN1_OBJECT_cbs(ASN1_OBJECT **out_aobj, CBS *content) -{ - ASN1_OBJECT *aobj = NULL; - uint8_t *data = NULL; - size_t data_len; - CBS cbs; - - if (out_aobj == NULL) - goto err; - - if (*out_aobj != NULL) { - ASN1_OBJECT_free(*out_aobj); - *out_aobj = NULL; - } - - /* Parse and validate OID encoding per X.690 8.19.2. */ - CBS_dup(content, &cbs); - if (CBS_len(&cbs) == 0) { - ASN1error(ASN1_R_INVALID_OBJECT_ENCODING); - goto err; - } - while (CBS_len(&cbs) > 0) { - if (!oid_parse_arc(&cbs, NULL)) { - ASN1error(ASN1_R_INVALID_OBJECT_ENCODING); - goto err; - } - } - - if (!CBS_stow(content, &data, &data_len)) - goto err; - - if (data_len > INT_MAX) - goto err; - - if ((aobj = ASN1_OBJECT_new()) == NULL) - goto err; - - aobj->data = data; - aobj->length = (int)data_len; /* XXX - change length to size_t. */ - aobj->flags |= ASN1_OBJECT_FLAG_DYNAMIC_DATA; - - *out_aobj = aobj; - - return 1; - - err: - ASN1_OBJECT_free(aobj); - free(data); - - return 0; -} - -ASN1_OBJECT * -c2i_ASN1_OBJECT(ASN1_OBJECT **out_aobj, const unsigned char **pp, long len) -{ - ASN1_OBJECT *aobj = NULL; - CBS content; - - if (out_aobj != NULL) { - ASN1_OBJECT_free(*out_aobj); - *out_aobj = NULL; - } - - if (len < 0) { - ASN1error(ASN1_R_LENGTH_ERROR); - return NULL; - } - - CBS_init(&content, *pp, len); - - if (!c2i_ASN1_OBJECT_cbs(&aobj, &content)) - return NULL; - - *pp = CBS_data(&content); - - if (out_aobj != NULL) - *out_aobj = aobj; - - return aobj; -} - -int -i2d_ASN1_OBJECT(const ASN1_OBJECT *a, unsigned char **pp) -{ - unsigned char *buf, *p; - int objsize; - - if (a == NULL || a->data == NULL) - return -1; - - objsize = ASN1_object_size(0, a->length, V_ASN1_OBJECT); - - if (pp == NULL) - return objsize; - - if ((buf = *pp) == NULL) - buf = calloc(1, objsize); - if (buf == NULL) - return -1; - - p = buf; - ASN1_put_object(&p, 0, a->length, V_ASN1_OBJECT, V_ASN1_UNIVERSAL); - memcpy(p, a->data, a->length); - p += a->length; - - /* If buf was allocated, return it, otherwise return the advanced p. */ - if (*pp == NULL) - p = buf; - - *pp = p; - - return objsize; -} -LCRYPTO_ALIAS(i2d_ASN1_OBJECT); - -ASN1_OBJECT * -d2i_ASN1_OBJECT(ASN1_OBJECT **out_aobj, const unsigned char **pp, long length) -{ - ASN1_OBJECT *aobj = NULL; - uint32_t tag_number; - CBS cbs, content; - - if (out_aobj != NULL) { - ASN1_OBJECT_free(*out_aobj); - *out_aobj = NULL; - } - - if (length < 0) { - ASN1error(ASN1_R_LENGTH_ERROR); - return NULL; - } - - CBS_init(&cbs, *pp, length); - - if (!asn1_get_primitive(&cbs, 0, &tag_number, &content)) { - ASN1error(ASN1_R_BAD_OBJECT_HEADER); - return NULL; - } - if (tag_number != V_ASN1_OBJECT) { - ASN1error(ASN1_R_EXPECTING_AN_OBJECT); - return NULL; - } - - if (!c2i_ASN1_OBJECT_cbs(&aobj, &content)) - return NULL; - - *pp = CBS_data(&cbs); - - if (out_aobj != NULL) - *out_aobj = aobj; - - return aobj; -} -LCRYPTO_ALIAS(d2i_ASN1_OBJECT); diff --git a/src/lib/libcrypto/asn1/a_octet.c b/src/lib/libcrypto/asn1/a_octet.c deleted file mode 100644 index e82de62c5f..0000000000 --- a/src/lib/libcrypto/asn1/a_octet.c +++ /dev/null @@ -1,120 +0,0 @@ -/* $OpenBSD: a_octet.c,v 1.13 2024/07/08 14:52:31 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include - -const ASN1_ITEM ASN1_OCTET_STRING_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_OCTET_STRING, - .sname = "ASN1_OCTET_STRING", -}; -LCRYPTO_ALIAS(ASN1_OCTET_STRING_it); - -ASN1_OCTET_STRING * -ASN1_OCTET_STRING_new(void) -{ - return (ASN1_OCTET_STRING *)ASN1_item_new(&ASN1_OCTET_STRING_it); -} -LCRYPTO_ALIAS(ASN1_OCTET_STRING_new); - -void -ASN1_OCTET_STRING_free(ASN1_OCTET_STRING *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ASN1_OCTET_STRING_it); -} -LCRYPTO_ALIAS(ASN1_OCTET_STRING_free); - - -ASN1_OCTET_STRING * -ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *x) -{ - return ASN1_STRING_dup(x); -} -LCRYPTO_ALIAS(ASN1_OCTET_STRING_dup); - -int -ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a, const ASN1_OCTET_STRING *b) -{ - return ASN1_STRING_cmp(a, b); -} -LCRYPTO_ALIAS(ASN1_OCTET_STRING_cmp); - -int -ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, const unsigned char *d, int len) -{ - return ASN1_STRING_set(x, d, len); -} -LCRYPTO_ALIAS(ASN1_OCTET_STRING_set); - -int -i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_OCTET_STRING_it); -} -LCRYPTO_ALIAS(i2d_ASN1_OCTET_STRING); - -ASN1_OCTET_STRING * -d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a, const unsigned char **in, long len) -{ - return (ASN1_OCTET_STRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ASN1_OCTET_STRING_it); -} -LCRYPTO_ALIAS(d2i_ASN1_OCTET_STRING); diff --git a/src/lib/libcrypto/asn1/a_pkey.c b/src/lib/libcrypto/asn1/a_pkey.c deleted file mode 100644 index a730728076..0000000000 --- a/src/lib/libcrypto/asn1/a_pkey.c +++ /dev/null @@ -1,181 +0,0 @@ -/* $OpenBSD: a_pkey.c,v 1.8 2024/04/09 13:52:41 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include - -#include -#include -#include -#include -#include -#include - -#include "asn1_local.h" -#include "evp_local.h" - -EVP_PKEY * -d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, long length) -{ - const unsigned char *p = *pp; - EVP_PKEY *ret; - - if ((a == NULL) || (*a == NULL)) { - if ((ret = EVP_PKEY_new()) == NULL) { - ASN1error(ERR_R_EVP_LIB); - return (NULL); - } - } else { - ret = *a; - } - - if (!EVP_PKEY_set_type(ret, type)) { - ASN1error(ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); - goto err; - } - - if (!ret->ameth->old_priv_decode || - !ret->ameth->old_priv_decode(ret, pp, length)) { - if (ret->ameth->priv_decode) { - PKCS8_PRIV_KEY_INFO *p8 = NULL; - *pp = p; /* XXX */ - p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, pp, length); - if (!p8) - goto err; - EVP_PKEY_free(ret); - ret = EVP_PKCS82PKEY(p8); - PKCS8_PRIV_KEY_INFO_free(p8); - } else { - ASN1error(ERR_R_ASN1_LIB); - goto err; - } - } - if (a != NULL) - (*a) = ret; - return (ret); - - err: - if (a == NULL || *a != ret) - EVP_PKEY_free(ret); - return (NULL); -} -LCRYPTO_ALIAS(d2i_PrivateKey); - -int -i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp) -{ - if (a->ameth && a->ameth->old_priv_encode) { - return a->ameth->old_priv_encode(a, pp); - } - if (a->ameth && a->ameth->priv_encode) { - PKCS8_PRIV_KEY_INFO *p8 = EVP_PKEY2PKCS8(a); - int ret = i2d_PKCS8_PRIV_KEY_INFO(p8, pp); - PKCS8_PRIV_KEY_INFO_free(p8); - return ret; - } - ASN1error(ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); - return (-1); -} -LCRYPTO_ALIAS(i2d_PrivateKey); - -/* This works like d2i_PrivateKey() except it automatically works out the type */ - -EVP_PKEY * -d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp, long length) -{ - STACK_OF(ASN1_TYPE) *inkey; - const unsigned char *p; - int keytype; - - p = *pp; - /* Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): - * by analyzing it we can determine the passed structure: this - * assumes the input is surrounded by an ASN1 SEQUENCE. - */ - inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, length); - /* Since we only need to discern "traditional format" RSA and DSA - * keys we can just count the elements. - */ - if (sk_ASN1_TYPE_num(inkey) == 6) - keytype = EVP_PKEY_DSA; - else if (sk_ASN1_TYPE_num(inkey) == 4) - keytype = EVP_PKEY_EC; - else if (sk_ASN1_TYPE_num(inkey) == 3) { - /* This seems to be PKCS8, not traditional format */ - PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO( - NULL, pp, length); - EVP_PKEY *ret; - - sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); - if (!p8) { - ASN1error(ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); - return NULL; - } - ret = EVP_PKCS82PKEY(p8); - PKCS8_PRIV_KEY_INFO_free(p8); - if (a) { - *a = ret; - } - return ret; - } else - keytype = EVP_PKEY_RSA; - sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); - return d2i_PrivateKey(keytype, a, pp, length); -} -LCRYPTO_ALIAS(d2i_AutoPrivateKey); diff --git a/src/lib/libcrypto/asn1/a_print.c b/src/lib/libcrypto/asn1/a_print.c deleted file mode 100644 index 5c03087f15..0000000000 --- a/src/lib/libcrypto/asn1/a_print.c +++ /dev/null @@ -1,127 +0,0 @@ -/* $OpenBSD: a_print.c,v 1.13 2023/07/05 21:23:36 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include - -int -ASN1_PRINTABLE_type(const unsigned char *s, int len) -{ - int c; - int ia5 = 0; - int t61 = 0; - - if (len <= 0) - len = -1; - if (s == NULL) - return (V_ASN1_PRINTABLESTRING); - - while (len-- > 0 && *s != '\0') { - c= *(s++); - if (!(((c >= 'a') && (c <= 'z')) || - ((c >= 'A') && (c <= 'Z')) || - (c == ' ') || - ((c >= '0') && (c <= '9')) || - (c == ' ') || (c == '\'') || - (c == '(') || (c == ')') || - (c == '+') || (c == ',') || - (c == '-') || (c == '.') || - (c == '/') || (c == ':') || - (c == '=') || (c == '?'))) - ia5 = 1; - if (c & 0x80) - t61 = 1; - } - if (t61) - return (V_ASN1_T61STRING); - if (ia5) - return (V_ASN1_IA5STRING); - return (V_ASN1_PRINTABLESTRING); -} -LCRYPTO_ALIAS(ASN1_PRINTABLE_type); - -int -ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s) -{ - int i; - unsigned char *p; - - if (s->type != V_ASN1_UNIVERSALSTRING) - return (0); - if ((s->length % 4) != 0) - return (0); - p = s->data; - for (i = 0; i < s->length; i += 4) { - if ((p[0] != '\0') || (p[1] != '\0') || (p[2] != '\0')) - break; - else - p += 4; - } - if (i < s->length) - return (0); - p = s->data; - for (i = 3; i < s->length; i += 4) { - *(p++) = s->data[i]; - } - *(p) = '\0'; - s->length /= 4; - s->type = ASN1_PRINTABLE_type(s->data, s->length); - return (1); -} -LCRYPTO_ALIAS(ASN1_UNIVERSALSTRING_to_string); diff --git a/src/lib/libcrypto/asn1/a_pubkey.c b/src/lib/libcrypto/asn1/a_pubkey.c deleted file mode 100644 index 544f3d2cf0..0000000000 --- a/src/lib/libcrypto/asn1/a_pubkey.c +++ /dev/null @@ -1,162 +0,0 @@ -/* $OpenBSD: a_pubkey.c,v 1.7 2024/04/09 13:52:41 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include - -#include -#include -#include -#include -#include - -#ifndef OPENSSL_NO_DSA -#include -#endif -#ifndef OPENSSL_NO_EC -#include -#endif -#ifndef OPENSSL_NO_RSA -#include -#endif - -#include "evp_local.h" - -EVP_PKEY * -d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, long length) -{ - EVP_PKEY *ret; - - if ((a == NULL) || (*a == NULL)) { - if ((ret = EVP_PKEY_new()) == NULL) { - ASN1error(ERR_R_EVP_LIB); - return (NULL); - } - } else - ret = *a; - - if (!EVP_PKEY_set_type(ret, type)) { - ASN1error(ERR_R_EVP_LIB); - goto err; - } - - switch (EVP_PKEY_id(ret)) { -#ifndef OPENSSL_NO_RSA - case EVP_PKEY_RSA: - if ((ret->pkey.rsa = d2i_RSAPublicKey(NULL, pp, length)) == - NULL) { - ASN1error(ERR_R_ASN1_LIB); - goto err; - } - break; -#endif -#ifndef OPENSSL_NO_DSA - case EVP_PKEY_DSA: - if (!d2i_DSAPublicKey(&(ret->pkey.dsa), pp, length)) { - ASN1error(ERR_R_ASN1_LIB); - goto err; - } - break; -#endif -#ifndef OPENSSL_NO_EC - case EVP_PKEY_EC: - if (!o2i_ECPublicKey(&(ret->pkey.ec), pp, length)) { - ASN1error(ERR_R_ASN1_LIB); - goto err; - } - break; -#endif - default: - ASN1error(ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); - goto err; - /* break; */ - } - if (a != NULL) - (*a) = ret; - return (ret); - - err: - if (a == NULL || *a != ret) - EVP_PKEY_free(ret); - return (NULL); -} -LCRYPTO_ALIAS(d2i_PublicKey); - -int -i2d_PublicKey(EVP_PKEY *a, unsigned char **pp) -{ - switch (a->type) { -#ifndef OPENSSL_NO_RSA - case EVP_PKEY_RSA: - return (i2d_RSAPublicKey(a->pkey.rsa, pp)); -#endif -#ifndef OPENSSL_NO_DSA - case EVP_PKEY_DSA: - return (i2d_DSAPublicKey(a->pkey.dsa, pp)); -#endif -#ifndef OPENSSL_NO_EC - case EVP_PKEY_EC: - return (i2o_ECPublicKey(a->pkey.ec, pp)); -#endif - default: - ASN1error(ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); - return (-1); - } -} -LCRYPTO_ALIAS(i2d_PublicKey); diff --git a/src/lib/libcrypto/asn1/a_strex.c b/src/lib/libcrypto/asn1/a_strex.c deleted file mode 100644 index 52e1b7db5d..0000000000 --- a/src/lib/libcrypto/asn1/a_strex.c +++ /dev/null @@ -1,658 +0,0 @@ -/* $OpenBSD: a_strex.c,v 1.38 2025/03/19 11:18:38 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include - -#include -#include -#include -#include - -#include "asn1_local.h" -#include "bytestring.h" -#include "x509_local.h" - -#include "charmap.h" - -/* ASN1_STRING_print_ex() and X509_NAME_print_ex(). - * Enhanced string and name printing routines handling - * multibyte characters, RFC2253 and a host of other - * options. - */ - -#define CHARTYPE_BS_ESC (ASN1_STRFLGS_ESC_2253 | CHARTYPE_FIRST_ESC_2253 | CHARTYPE_LAST_ESC_2253) - -#define ESC_FLAGS (ASN1_STRFLGS_ESC_2253 | \ - ASN1_STRFLGS_ESC_QUOTE | \ - ASN1_STRFLGS_ESC_CTRL | \ - ASN1_STRFLGS_ESC_MSB) - - -/* Three IO functions for sending data to memory, a BIO and - * and a FILE pointer. - */ -static int -send_bio_chars(void *arg, const void *buf, int len) -{ - if (!arg) - return 1; - if (BIO_write(arg, buf, len) != len) - return 0; - return 1; -} - -static int -send_fp_chars(void *arg, const void *buf, int len) -{ - if (!arg) - return 1; - if (fwrite(buf, 1, (size_t)len, arg) != (size_t)len) - return 0; - return 1; -} - -typedef int char_io(void *arg, const void *buf, int len); - -/* This function handles display of - * strings, one character at a time. - * It is passed an unsigned long for each - * character because it could come from 2 or even - * 4 byte forms. - */ - -static int -do_esc_char(unsigned long c, unsigned char flags, char *do_quotes, - char_io *io_ch, void *arg) -{ - unsigned char chflgs, chtmp; - char tmphex[sizeof(long) * 2 + 3]; - - if (c > 0xffffffffL) - return -1; - if (c > 0xffff) { - snprintf(tmphex, sizeof tmphex, "\\W%08lX", c); - if (!io_ch(arg, tmphex, 10)) - return -1; - return 10; - } - if (c > 0xff) { - snprintf(tmphex, sizeof tmphex, "\\U%04lX", c); - if (!io_ch(arg, tmphex, 6)) - return -1; - return 6; - } - chtmp = (unsigned char)c; - if (chtmp > 0x7f) - chflgs = flags & ASN1_STRFLGS_ESC_MSB; - else - chflgs = char_type[chtmp] & flags; - if (chflgs & CHARTYPE_BS_ESC) { - /* If we don't escape with quotes, signal we need quotes */ - if (chflgs & ASN1_STRFLGS_ESC_QUOTE) { - if (do_quotes) - *do_quotes = 1; - if (!io_ch(arg, &chtmp, 1)) - return -1; - return 1; - } - if (!io_ch(arg, "\\", 1)) - return -1; - if (!io_ch(arg, &chtmp, 1)) - return -1; - return 2; - } - if (chflgs & (ASN1_STRFLGS_ESC_CTRL|ASN1_STRFLGS_ESC_MSB)) { - snprintf(tmphex, sizeof tmphex, "\\%02X", chtmp); - if (!io_ch(arg, tmphex, 3)) - return -1; - return 3; - } - /* If we get this far and do any escaping at all must escape - * the escape character itself: backslash. - */ - if (chtmp == '\\' && flags & ESC_FLAGS) { - if (!io_ch(arg, "\\\\", 2)) - return -1; - return 2; - } - if (!io_ch(arg, &chtmp, 1)) - return -1; - return 1; -} - -#define BUF_TYPE_WIDTH_MASK 0x7 -#define BUF_TYPE_CONVUTF8 0x8 - -/* This function sends each character in a buffer to - * do_esc_char(). It interprets the content formats - * and converts to or from UTF8 as appropriate. - */ - -static int -do_buf(unsigned char *buf, int buflen, int type, unsigned char flags, - char *quotes, char_io *io_ch, void *arg) -{ - int i, outlen, len; - unsigned char orflags, *p, *q; - unsigned long c; - - p = buf; - q = buf + buflen; - outlen = 0; - while (p != q) { - if (p == buf && flags & ASN1_STRFLGS_ESC_2253) - orflags = CHARTYPE_FIRST_ESC_2253; - else - orflags = 0; - switch (type & BUF_TYPE_WIDTH_MASK) { - case 4: - c = ((unsigned long)*p++) << 24; - c |= ((unsigned long)*p++) << 16; - c |= ((unsigned long)*p++) << 8; - c |= *p++; - if (c > UNICODE_MAX || UNICODE_IS_SURROGATE(c)) - return -1; - break; - - case 2: - c = ((unsigned long)*p++) << 8; - c |= *p++; - if (UNICODE_IS_SURROGATE(c)) - return -1; - break; - - case 1: - c = *p++; - break; - - case 0: - i = UTF8_getc(p, q - p, &c); - if (i < 0) - return -1; /* Invalid UTF8String */ - p += i; - break; - default: - return -1; /* invalid width */ - } - if (p == q && flags & ASN1_STRFLGS_ESC_2253) - orflags = CHARTYPE_LAST_ESC_2253; - if (type & BUF_TYPE_CONVUTF8) { - unsigned char utfbuf[6]; - int utflen; - - utflen = UTF8_putc(utfbuf, sizeof utfbuf, c); - if (utflen < 0) - return -1; - for (i = 0; i < utflen; i++) { - /* We don't need to worry about setting orflags correctly - * because if utflen==1 its value will be correct anyway - * otherwise each character will be > 0x7f and so the - * character will never be escaped on first and last. - */ - len = do_esc_char(utfbuf[i], - (unsigned char)(flags | orflags), quotes, - io_ch, arg); - if (len < 0) - return -1; - outlen += len; - } - } else { - len = do_esc_char(c, (unsigned char)(flags | orflags), - quotes, io_ch, arg); - if (len < 0) - return -1; - outlen += len; - } - } - return outlen; -} - -/* This function hex dumps a buffer of characters */ - -static int -do_hex_dump(char_io *io_ch, void *arg, unsigned char *buf, int buflen) -{ - static const char hexdig[] = "0123456789ABCDEF"; - unsigned char *p, *q; - char hextmp[2]; - if (arg) { - p = buf; - q = buf + buflen; - while (p != q) { - hextmp[0] = hexdig[*p >> 4]; - hextmp[1] = hexdig[*p & 0xf]; - if (!io_ch(arg, hextmp, 2)) - return -1; - p++; - } - } - return buflen << 1; -} - -/* "dump" a string. This is done when the type is unknown, - * or the flags request it. We can either dump the content - * octets or the entire DER encoding. This uses the RFC2253 - * #01234 format. - */ - -static int -do_dump(unsigned long lflags, char_io *io_ch, void *arg, const ASN1_STRING *str) -{ - /* Placing the ASN1_STRING in a temp ASN1_TYPE allows - * the DER encoding to readily obtained - */ - ASN1_TYPE t; - unsigned char *der_buf, *p; - int outlen, der_len; - - if (!io_ch(arg, "#", 1)) - return -1; - /* If we don't dump DER encoding just dump content octets */ - if (!(lflags & ASN1_STRFLGS_DUMP_DER)) { - outlen = do_hex_dump(io_ch, arg, str->data, str->length); - if (outlen < 0) - return -1; - return outlen + 1; - } - t.type = str->type; - t.value.ptr = (char *)str; - der_len = i2d_ASN1_TYPE(&t, NULL); - der_buf = malloc(der_len); - if (!der_buf) - return -1; - p = der_buf; - i2d_ASN1_TYPE(&t, &p); - outlen = do_hex_dump(io_ch, arg, der_buf, der_len); - free(der_buf); - if (outlen < 0) - return -1; - return outlen + 1; -} - -/* This is the main function, print out an - * ASN1_STRING taking note of various escape - * and display options. Returns number of - * characters written or -1 if an error - * occurred. - */ - -static int -do_print_ex(char_io *io_ch, void *arg, unsigned long lflags, - const ASN1_STRING *str) -{ - int outlen, len; - int type; - char quotes; - unsigned char flags; - - quotes = 0; - /* Keep a copy of escape flags */ - flags = (unsigned char)(lflags & ESC_FLAGS); - type = str->type; - outlen = 0; - - if (lflags & ASN1_STRFLGS_SHOW_TYPE) { - const char *tagname; - tagname = ASN1_tag2str(type); - outlen += strlen(tagname); - if (!io_ch(arg, tagname, outlen) || !io_ch(arg, ":", 1)) - return -1; - outlen++; - } - - /* Decide what to do with type, either dump content or display it */ - - if (lflags & ASN1_STRFLGS_DUMP_ALL) { - /* Dump everything. */ - type = -1; - } else if (lflags & ASN1_STRFLGS_IGNORE_TYPE) { - /* Ignore the string type. */ - type = 1; - } else { - /* Else determine width based on type. */ - type = asn1_tag2charwidth(type); - if (type == -1 && !(lflags & ASN1_STRFLGS_DUMP_UNKNOWN)) - type = 1; - } - - if (type == -1) { - len = do_dump(lflags, io_ch, arg, str); - if (len < 0) - return -1; - outlen += len; - return outlen; - } - - if (lflags & ASN1_STRFLGS_UTF8_CONVERT) { - /* Note: if string is UTF8 and we want - * to convert to UTF8 then we just interpret - * it as 1 byte per character to avoid converting - * twice. - */ - if (!type) - type = 1; - else - type |= BUF_TYPE_CONVUTF8; - } - - len = do_buf(str->data, str->length, type, flags, "es, io_ch, NULL); - if (len < 0) - return -1; - outlen += len; - if (quotes) - outlen += 2; - if (!arg) - return outlen; - if (quotes && !io_ch(arg, "\"", 1)) - return -1; - if (do_buf(str->data, str->length, type, flags, NULL, io_ch, arg) < 0) - return -1; - if (quotes && !io_ch(arg, "\"", 1)) - return -1; - return outlen; -} - -/* Used for line indenting: print 'indent' spaces */ - -static int -do_indent(char_io *io_ch, void *arg, int indent) -{ - int i; - for (i = 0; i < indent; i++) - if (!io_ch(arg, " ", 1)) - return 0; - return 1; -} - -#define FN_WIDTH_LN 25 -#define FN_WIDTH_SN 10 - -static int -do_name_ex(char_io *io_ch, void *arg, const X509_NAME *n, int indent, - unsigned long flags) -{ - int i, prev = -1, orflags, cnt; - int fn_opt, fn_nid; - ASN1_OBJECT *fn; - ASN1_STRING *val; - X509_NAME_ENTRY *ent; - char objtmp[80]; - const char *objbuf; - int outlen, len; - char *sep_dn, *sep_mv, *sep_eq; - int sep_dn_len, sep_mv_len, sep_eq_len; - - if (indent < 0) - indent = 0; - outlen = indent; - if (!do_indent(io_ch, arg, indent)) - return -1; - - switch (flags & XN_FLAG_SEP_MASK) { - case XN_FLAG_SEP_MULTILINE: - sep_dn = "\n"; - sep_dn_len = 1; - sep_mv = " + "; - sep_mv_len = 3; - break; - - case XN_FLAG_SEP_COMMA_PLUS: - sep_dn = ","; - sep_dn_len = 1; - sep_mv = "+"; - sep_mv_len = 1; - indent = 0; - break; - - case XN_FLAG_SEP_CPLUS_SPC: - sep_dn = ", "; - sep_dn_len = 2; - sep_mv = " + "; - sep_mv_len = 3; - indent = 0; - break; - - case XN_FLAG_SEP_SPLUS_SPC: - sep_dn = "; "; - sep_dn_len = 2; - sep_mv = " + "; - sep_mv_len = 3; - indent = 0; - break; - - default: - return -1; - } - - if (flags & XN_FLAG_SPC_EQ) { - sep_eq = " = "; - sep_eq_len = 3; - } else { - sep_eq = "="; - sep_eq_len = 1; - } - - fn_opt = flags & XN_FLAG_FN_MASK; - - cnt = X509_NAME_entry_count(n); - for (i = 0; i < cnt; i++) { - if (flags & XN_FLAG_DN_REV) - ent = X509_NAME_get_entry(n, cnt - i - 1); - else - ent = X509_NAME_get_entry(n, i); - if (prev != -1) { - if (prev == X509_NAME_ENTRY_set(ent)) { - if (!io_ch(arg, sep_mv, sep_mv_len)) - return -1; - outlen += sep_mv_len; - } else { - if (!io_ch(arg, sep_dn, sep_dn_len)) - return -1; - outlen += sep_dn_len; - if (!do_indent(io_ch, arg, indent)) - return -1; - outlen += indent; - } - } - prev = X509_NAME_ENTRY_set(ent); - fn = X509_NAME_ENTRY_get_object(ent); - val = X509_NAME_ENTRY_get_data(ent); - fn_nid = OBJ_obj2nid(fn); - if (fn_opt != XN_FLAG_FN_NONE) { - int objlen, fld_len; - if ((fn_opt == XN_FLAG_FN_OID) || - (fn_nid == NID_undef)) { - OBJ_obj2txt(objtmp, sizeof objtmp, fn, 1); - fld_len = 0; /* XXX: what should this be? */ - objbuf = objtmp; - } else { - if (fn_opt == XN_FLAG_FN_SN) { - fld_len = FN_WIDTH_SN; - objbuf = OBJ_nid2sn(fn_nid); - } else if (fn_opt == XN_FLAG_FN_LN) { - fld_len = FN_WIDTH_LN; - objbuf = OBJ_nid2ln(fn_nid); - } else { - fld_len = 0; /* XXX: what should this be? */ - objbuf = ""; - } - } - objlen = strlen(objbuf); - if (!io_ch(arg, objbuf, objlen)) - return -1; - if ((objlen < fld_len) && (flags & XN_FLAG_FN_ALIGN)) { - if (!do_indent(io_ch, arg, fld_len - objlen)) - return -1; - outlen += fld_len - objlen; - } - if (!io_ch(arg, sep_eq, sep_eq_len)) - return -1; - outlen += objlen + sep_eq_len; - } - /* If the field name is unknown then fix up the DER dump - * flag. We might want to limit this further so it will - * DER dump on anything other than a few 'standard' fields. - */ - if ((fn_nid == NID_undef) && - (flags & XN_FLAG_DUMP_UNKNOWN_FIELDS)) - orflags = ASN1_STRFLGS_DUMP_ALL; - else - orflags = 0; - - len = do_print_ex(io_ch, arg, flags | orflags, val); - if (len < 0) - return -1; - outlen += len; - } - return outlen; -} - -static int -X509_NAME_print(BIO *bio, const X509_NAME *name, int obase) -{ - CBB cbb; - uint8_t *buf = NULL; - size_t buf_len; - const X509_NAME_ENTRY *ne; - int i; - int started = 0; - int ret = 0; - - if (!CBB_init(&cbb, 0)) - goto err; - - for (i = 0; i < sk_X509_NAME_ENTRY_num(name->entries); i++) { - ne = sk_X509_NAME_ENTRY_value(name->entries, i); - - if (started) { - if (!CBB_add_u8(&cbb, ',')) - goto err; - if (!CBB_add_u8(&cbb, ' ')) - goto err; - } - - if (!X509_NAME_ENTRY_add_cbb(&cbb, ne)) - goto err; - - started = 1; - } - - if (!CBB_add_u8(&cbb, '\0')) - goto err; - - if (!CBB_finish(&cbb, &buf, &buf_len)) - goto err; - - if (BIO_printf(bio, "%s", buf) < 0) - goto err; - - ret = 1; - - err: - CBB_cleanup(&cbb); - free(buf); - - return ret; -} - -/* Wrappers round the main functions */ - -int -X509_NAME_print_ex(BIO *out, const X509_NAME *nm, int indent, - unsigned long flags) -{ - if (flags == XN_FLAG_COMPAT) - return X509_NAME_print(out, nm, indent); - return do_name_ex(send_bio_chars, out, nm, indent, flags); -} -LCRYPTO_ALIAS(X509_NAME_print_ex); - -int -X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm, int indent, - unsigned long flags) -{ - if (flags == XN_FLAG_COMPAT) { - BIO *btmp; - int ret; - btmp = BIO_new_fp(fp, BIO_NOCLOSE); - if (!btmp) - return -1; - ret = X509_NAME_print(btmp, nm, indent); - BIO_free(btmp); - return ret; - } - return do_name_ex(send_fp_chars, fp, nm, indent, flags); -} -LCRYPTO_ALIAS(X509_NAME_print_ex_fp); - -int -ASN1_STRING_print_ex(BIO *out, const ASN1_STRING *str, unsigned long flags) -{ - return do_print_ex(send_bio_chars, out, flags, str); -} -LCRYPTO_ALIAS(ASN1_STRING_print_ex); - -int -ASN1_STRING_print_ex_fp(FILE *fp, const ASN1_STRING *str, unsigned long flags) -{ - return do_print_ex(send_fp_chars, fp, flags, str); -} -LCRYPTO_ALIAS(ASN1_STRING_print_ex_fp); diff --git a/src/lib/libcrypto/asn1/a_string.c b/src/lib/libcrypto/asn1/a_string.c deleted file mode 100644 index ec492e71f0..0000000000 --- a/src/lib/libcrypto/asn1/a_string.c +++ /dev/null @@ -1,450 +0,0 @@ -/* $OpenBSD: a_string.c,v 1.17 2023/08/15 18:05:15 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include -#include - -#include "asn1_local.h" - -ASN1_STRING * -ASN1_STRING_new(void) -{ - return ASN1_STRING_type_new(V_ASN1_OCTET_STRING); -} -LCRYPTO_ALIAS(ASN1_STRING_new); - -ASN1_STRING * -ASN1_STRING_type_new(int type) -{ - ASN1_STRING *astr; - - if ((astr = calloc(1, sizeof(ASN1_STRING))) == NULL) { - ASN1error(ERR_R_MALLOC_FAILURE); - return NULL; - } - astr->type = type; - - return astr; -} -LCRYPTO_ALIAS(ASN1_STRING_type_new); - -static void -ASN1_STRING_clear(ASN1_STRING *astr) -{ - if (!(astr->flags & ASN1_STRING_FLAG_NDEF)) - freezero(astr->data, astr->length); - - astr->flags &= ~ASN1_STRING_FLAG_NDEF; - astr->data = NULL; - astr->length = 0; -} - -void -ASN1_STRING_free(ASN1_STRING *astr) -{ - if (astr == NULL) - return; - - ASN1_STRING_clear(astr); - - free(astr); -} -LCRYPTO_ALIAS(ASN1_STRING_free); - -int -ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b) -{ - int cmp; - - if (a == NULL || b == NULL) - return -1; - if ((cmp = (a->length - b->length)) != 0) - return cmp; - if (a->length != 0) { - if ((cmp = memcmp(a->data, b->data, a->length)) != 0) - return cmp; - } - - return a->type - b->type; -} -LCRYPTO_ALIAS(ASN1_STRING_cmp); - -int -ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *src) -{ - if (src == NULL) - return 0; - - if (!ASN1_STRING_set(dst, src->data, src->length)) - return 0; - - dst->type = src->type; - dst->flags = src->flags & ~ASN1_STRING_FLAG_NDEF; - - return 1; -} -LCRYPTO_ALIAS(ASN1_STRING_copy); - -ASN1_STRING * -ASN1_STRING_dup(const ASN1_STRING *src) -{ - ASN1_STRING *astr; - - if (src == NULL) - return NULL; - - if ((astr = ASN1_STRING_new()) == NULL) - return NULL; - if (!ASN1_STRING_copy(astr, src)) { - ASN1_STRING_free(astr); - return NULL; - } - return astr; -} -LCRYPTO_ALIAS(ASN1_STRING_dup); - -int -ASN1_STRING_set(ASN1_STRING *astr, const void *_data, int len) -{ - const char *data = _data; - - if (len == -1) { - size_t slen; - - if (data == NULL) - return 0; - - if ((slen = strlen(data)) > INT_MAX) - return 0; - - len = (int)slen; - } - - ASN1_STRING_clear(astr); - - if (len < 0 || len >= INT_MAX) - return 0; - - if ((astr->data = calloc(1, len + 1)) == NULL) { - ASN1error(ERR_R_MALLOC_FAILURE); - return 0; - } - astr->length = len; - - if (data != NULL) { - memcpy(astr->data, data, len); - astr->data[len] = '\0'; - } - - return 1; -} -LCRYPTO_ALIAS(ASN1_STRING_set); - -void -ASN1_STRING_set0(ASN1_STRING *astr, void *data, int len) -{ - ASN1_STRING_clear(astr); - - astr->data = data; - astr->length = len; -} -LCRYPTO_ALIAS(ASN1_STRING_set0); - -int -ASN1_STRING_length(const ASN1_STRING *astr) -{ - return astr->length; -} -LCRYPTO_ALIAS(ASN1_STRING_length); - -void -ASN1_STRING_length_set(ASN1_STRING *astr, int len) -{ - /* This is dangerous and unfixable. */ - astr->length = len; -} -LCRYPTO_ALIAS(ASN1_STRING_length_set); - -int -ASN1_STRING_type(const ASN1_STRING *astr) -{ - return astr->type; -} -LCRYPTO_ALIAS(ASN1_STRING_type); - -unsigned char * -ASN1_STRING_data(ASN1_STRING *astr) -{ - return astr->data; -} -LCRYPTO_ALIAS(ASN1_STRING_data); - -const unsigned char * -ASN1_STRING_get0_data(const ASN1_STRING *astr) -{ - return astr->data; -} -LCRYPTO_ALIAS(ASN1_STRING_get0_data); - -int -ASN1_STRING_print(BIO *bp, const ASN1_STRING *astr) -{ - int i, n; - char buf[80]; - const char *p; - - if (astr == NULL) - return 0; - - n = 0; - p = (const char *)astr->data; - for (i = 0; i < astr->length; i++) { - if ((p[i] > '~') || ((p[i] < ' ') && - (p[i] != '\n') && (p[i] != '\r'))) - buf[n] = '.'; - else - buf[n] = p[i]; - n++; - if (n >= 80) { - if (BIO_write(bp, buf, n) <= 0) - return 0; - n = 0; - } - } - if (n > 0) { - if (BIO_write(bp, buf, n) <= 0) - return 0; - } - - return 1; -} -LCRYPTO_ALIAS(ASN1_STRING_print); - -/* - * Utility function: convert any string type to UTF8, returns number of bytes - * in output string or a negative error code - */ -int -ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in) -{ - ASN1_STRING *astr = NULL; - int mbflag; - int ret = -1; - - /* - * XXX We can't fail on *out != NULL here since things like haproxy and - * grpc pass in a pointer to an uninitialized pointer on the stack. - */ - if (out == NULL) - goto err; - - if (in == NULL) - goto err; - - if ((mbflag = asn1_tag2charwidth(in->type)) == -1) - goto err; - - mbflag |= MBSTRING_FLAG; - - if ((ret = ASN1_mbstring_copy(&astr, in->data, in->length, mbflag, - B_ASN1_UTF8STRING)) < 0) - goto err; - - *out = astr->data; - ret = astr->length; - - astr->data = NULL; - astr->length = 0; - - err: - ASN1_STRING_free(astr); - - return ret; -} -LCRYPTO_ALIAS(ASN1_STRING_to_UTF8); - -int -i2a_ASN1_STRING(BIO *bp, const ASN1_STRING *astr, int type) -{ - int i, n = 0; - static const char h[] = "0123456789ABCDEF"; - char buf[2]; - - if (astr == NULL) - return 0; - - if (astr->length == 0) { - if (BIO_write(bp, "0", 1) != 1) - goto err; - n = 1; - } else { - for (i = 0; i < astr->length; i++) { - if ((i != 0) && (i % 35 == 0)) { - if (BIO_write(bp, "\\\n", 2) != 2) - goto err; - n += 2; - } - buf[0] = h[((unsigned char)astr->data[i] >> 4) & 0x0f]; - buf[1] = h[((unsigned char)astr->data[i]) & 0x0f]; - if (BIO_write(bp, buf, 2) != 2) - goto err; - n += 2; - } - } - return n; - - err: - return -1; -} -LCRYPTO_ALIAS(i2a_ASN1_STRING); - -int -a2i_ASN1_STRING(BIO *bp, ASN1_STRING *astr, char *buf, int size) -{ - int ret = 0; - int i, j, k, m, n, again, bufsize; - unsigned char *s = NULL, *sp; - unsigned char *bufp; - int first = 1; - size_t num = 0, slen = 0; - - bufsize = BIO_gets(bp, buf, size); - for (;;) { - if (bufsize < 1) { - if (first) - break; - else - goto err_sl; - } - first = 0; - - i = bufsize; - if (buf[i-1] == '\n') - buf[--i] = '\0'; - if (i == 0) - goto err_sl; - if (buf[i-1] == '\r') - buf[--i] = '\0'; - if (i == 0) - goto err_sl; - if (buf[i - 1] == '\\') { - i--; - again = 1; - } else - again = 0; - buf[i] = '\0'; - if (i < 2) - goto err_sl; - - bufp = (unsigned char *)buf; - - k = 0; - if (i % 2 != 0) { - ASN1error(ASN1_R_ODD_NUMBER_OF_CHARS); - goto err; - } - i /= 2; - if (num + i > slen) { - sp = realloc(s, num + i); - if (sp == NULL) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto err; - } - s = sp; - slen = num + i; - } - for (j = 0; j < i; j++, k += 2) { - for (n = 0; n < 2; n++) { - m = bufp[k + n]; - if ((m >= '0') && (m <= '9')) - m -= '0'; - else if ((m >= 'a') && (m <= 'f')) - m = m - 'a' + 10; - else if ((m >= 'A') && (m <= 'F')) - m = m - 'A' + 10; - else { - ASN1error(ASN1_R_NON_HEX_CHARACTERS); - goto err; - } - s[num + j] <<= 4; - s[num + j] |= m; - } - } - num += i; - if (again) - bufsize = BIO_gets(bp, buf, size); - else - break; - } - astr->length = num; - astr->data = s; - - return 1; - - err_sl: - ASN1error(ASN1_R_SHORT_LINE); - err: - free(s); - - return ret; -} -LCRYPTO_ALIAS(a2i_ASN1_STRING); diff --git a/src/lib/libcrypto/asn1/a_strnid.c b/src/lib/libcrypto/asn1/a_strnid.c deleted file mode 100644 index 5fa60b9ce7..0000000000 --- a/src/lib/libcrypto/asn1/a_strnid.c +++ /dev/null @@ -1,329 +0,0 @@ -/* $OpenBSD: a_strnid.c,v 1.31 2024/03/02 08:54:02 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include - -#include -#include -#include - -/* - * XXX - unprotected global state - * - * This is the global mask for the mbstring functions: this is used to - * mask out certain types (such as BMPString and UTF8String) because - * certain software (e.g. Netscape) has problems with them. - */ -static unsigned long global_mask = B_ASN1_UTF8STRING; - -void -ASN1_STRING_set_default_mask(unsigned long mask) -{ - global_mask = mask; -} -LCRYPTO_ALIAS(ASN1_STRING_set_default_mask); - -unsigned long -ASN1_STRING_get_default_mask(void) -{ - return global_mask; -} -LCRYPTO_ALIAS(ASN1_STRING_get_default_mask); - -/* - * This function sets the default to various "flavours" of configuration - * based on an ASCII string. Currently this is: - * MASK:XXXX : a numerical mask value. - * nobmp : Don't use BMPStrings (just Printable, T61). - * pkix : PKIX recommendation in RFC2459. - * utf8only : only use UTF8Strings (RFC2459 recommendation for 2004). - * default: the default value, Printable, T61, BMP. - */ - -int -ASN1_STRING_set_default_mask_asc(const char *p) -{ - unsigned long mask; - char *end; - int save_errno; - - if (strncmp(p, "MASK:", 5) == 0) { - if (p[5] == '\0') - return 0; - save_errno = errno; - errno = 0; - mask = strtoul(p + 5, &end, 0); - if (errno == ERANGE && mask == ULONG_MAX) - return 0; - errno = save_errno; - if (*end != '\0') - return 0; - } else if (strcmp(p, "nombstr") == 0) - mask = ~((unsigned long)(B_ASN1_BMPSTRING|B_ASN1_UTF8STRING)); - else if (strcmp(p, "pkix") == 0) - mask = ~((unsigned long)B_ASN1_T61STRING); - else if (strcmp(p, "utf8only") == 0) - mask = B_ASN1_UTF8STRING; - else if (strcmp(p, "default") == 0) - mask = 0xFFFFFFFFL; - else - return 0; - ASN1_STRING_set_default_mask(mask); - return 1; -} -LCRYPTO_ALIAS(ASN1_STRING_set_default_mask_asc); - -/* - * The following function generates an ASN1_STRING based on limits in a table. - * Frequently the types and length of an ASN1_STRING are restricted by a - * corresponding OID. For example certificates and certificate requests. - */ - -ASN1_STRING * -ASN1_STRING_set_by_NID(ASN1_STRING **out, const unsigned char *in, int inlen, - int inform, int nid) -{ - const ASN1_STRING_TABLE *tbl; - ASN1_STRING *str = NULL; - unsigned long mask; - int ret; - - if (out == NULL) - out = &str; - tbl = ASN1_STRING_TABLE_get(nid); - if (tbl != NULL) { - mask = tbl->mask; - if ((tbl->flags & STABLE_NO_MASK) == 0) - mask &= global_mask; - ret = ASN1_mbstring_ncopy(out, in, inlen, inform, mask, - tbl->minsize, tbl->maxsize); - } else - ret = ASN1_mbstring_copy(out, in, inlen, inform, - DIRSTRING_TYPE & global_mask); - if (ret <= 0) - return NULL; - return *out; -} -LCRYPTO_ALIAS(ASN1_STRING_set_by_NID); - -/* From RFC 5280, Appendix A.1. */ -#define ub_name 32768 -#define ub_common_name 64 -#define ub_locality_name 128 -#define ub_state_name 128 -#define ub_organization_name 64 -#define ub_organization_unit_name 64 -#define ub_title 64 -#define ub_email_address 128 /* XXX - bumped to 255 in RFC 5280 */ -#define ub_serial_number 64 - -static const ASN1_STRING_TABLE tbl_standard[] = { - { - .nid = NID_commonName, - .minsize = 1, - .maxsize = ub_common_name, - .mask = DIRSTRING_TYPE, - .flags = 0, - }, - { - .nid = NID_countryName, - .minsize = 2, - .maxsize = 2, - .mask = B_ASN1_PRINTABLESTRING, - .flags = STABLE_NO_MASK, - }, - { - .nid = NID_localityName, - .minsize = 1, - .maxsize = ub_locality_name, - .mask = DIRSTRING_TYPE, - .flags = 0, - }, - { - .nid = NID_stateOrProvinceName, - .minsize = 1, - .maxsize = ub_state_name, - .mask = DIRSTRING_TYPE, - .flags = 0, - }, - { - .nid = NID_organizationName, - .minsize = 1, - .maxsize = ub_organization_name, - .mask = DIRSTRING_TYPE, - .flags = 0, - }, - { - .nid = NID_organizationalUnitName, - .minsize = 1, - .maxsize = ub_organization_unit_name, - .mask = DIRSTRING_TYPE, - .flags = 0, - }, - { - .nid = NID_pkcs9_emailAddress, - .minsize = 1, - .maxsize = ub_email_address, - .mask = B_ASN1_IA5STRING, - .flags = STABLE_NO_MASK, - }, - { - .nid = NID_pkcs9_unstructuredName, - .minsize = 1, - .maxsize = -1, - .mask = PKCS9STRING_TYPE, - .flags = 0, - }, - { - .nid = NID_pkcs9_challengePassword, - .minsize = 1, - .maxsize = -1, - .mask = PKCS9STRING_TYPE, - .flags = 0, - }, - { - .nid = NID_pkcs9_unstructuredAddress, - .minsize = 1, - .maxsize = -1, - .mask = DIRSTRING_TYPE, - .flags = 0, - }, - { - .nid = NID_givenName, - .minsize = 1, - .maxsize = ub_name, - .mask = DIRSTRING_TYPE, - .flags = 0, - }, - { - .nid = NID_surname, - .minsize = 1, - .maxsize = ub_name, - .mask = DIRSTRING_TYPE, - .flags = 0, - }, - { - .nid = NID_initials, - .minsize = 1, - .maxsize = ub_name, - .mask = DIRSTRING_TYPE, - .flags = 0, - }, - { - .nid = NID_serialNumber, - .minsize = 1, - .maxsize = ub_serial_number, - .mask = B_ASN1_PRINTABLESTRING, - .flags = STABLE_NO_MASK, - }, - { - .nid = NID_friendlyName, - .minsize = -1, - .maxsize = -1, - .mask = B_ASN1_BMPSTRING, - .flags = STABLE_NO_MASK, - }, - { - .nid = NID_name, - .minsize = 1, - .maxsize = ub_name, - .mask = DIRSTRING_TYPE, - .flags = 0, - }, - { - .nid = NID_dnQualifier, - .minsize = -1, - .maxsize = -1, - .mask = B_ASN1_PRINTABLESTRING, - .flags = STABLE_NO_MASK, - }, - { - .nid = NID_domainComponent, - .minsize = 1, - .maxsize = -1, - .mask = B_ASN1_IA5STRING, - .flags = STABLE_NO_MASK, - }, - { - .nid = NID_ms_csp_name, - .minsize = -1, - .maxsize = -1, - .mask = B_ASN1_BMPSTRING, - .flags = STABLE_NO_MASK, - }, -}; - -#define N_STRING_TABLE_ENTRIES (sizeof(tbl_standard) / sizeof(tbl_standard[0])) - -const ASN1_STRING_TABLE * -ASN1_STRING_TABLE_get(int nid) -{ - size_t i; - - for (i = 0; i < N_STRING_TABLE_ENTRIES; i++) { - const ASN1_STRING_TABLE *entry = &tbl_standard[i]; - if (entry->nid == nid) - return entry; - } - - return NULL; -} -LCRYPTO_ALIAS(ASN1_STRING_TABLE_get); diff --git a/src/lib/libcrypto/asn1/a_time.c b/src/lib/libcrypto/asn1/a_time.c deleted file mode 100644 index 15ac1af5c4..0000000000 --- a/src/lib/libcrypto/asn1/a_time.c +++ /dev/null @@ -1,139 +0,0 @@ -/* $OpenBSD: a_time.c,v 1.38 2024/07/08 14:52:31 beck Exp $ */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* This is an implementation of the ASN1 Time structure which is: - * Time ::= CHOICE { - * utcTime UTCTime, - * generalTime GeneralizedTime } - * written by Steve Henson. - */ - -#include -#include -#include - -#include -#include - -#include "asn1_local.h" - -const ASN1_ITEM ASN1_TIME_it = { - .itype = ASN1_ITYPE_MSTRING, - .utype = B_ASN1_TIME, - .templates = NULL, - .tcount = 0, - .funcs = NULL, - .size = sizeof(ASN1_STRING), - .sname = "ASN1_TIME", -}; -LCRYPTO_ALIAS(ASN1_TIME_it); - -ASN1_TIME * -ASN1_TIME_new(void) -{ - return (ASN1_TIME *)ASN1_item_new(&ASN1_TIME_it); -} -LCRYPTO_ALIAS(ASN1_TIME_new); - -void -ASN1_TIME_free(ASN1_TIME *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ASN1_TIME_it); -} -LCRYPTO_ALIAS(ASN1_TIME_free); - -int -ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm) -{ - time_t now; - - if (s != NULL) - return ASN1_time_parse(s->data, s->length, tm, 0) != -1; - - time(&now); - memset(tm, 0, sizeof(*tm)); - - return asn1_time_time_t_to_tm(&now, tm); -} -LCRYPTO_ALIAS(ASN1_TIME_to_tm); - -int -ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from, const ASN1_TIME *to) -{ - struct tm tm_from, tm_to; - - if (!ASN1_TIME_to_tm(from, &tm_from)) - return 0; - if (!ASN1_TIME_to_tm(to, &tm_to)) - return 0; - - return OPENSSL_gmtime_diff(pday, psec, &tm_from, &tm_to); -} -LCRYPTO_ALIAS(ASN1_TIME_diff); - -ASN1_TIME * -d2i_ASN1_TIME(ASN1_TIME **a, const unsigned char **in, long len) -{ - return (ASN1_TIME *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ASN1_TIME_it); -} -LCRYPTO_ALIAS(d2i_ASN1_TIME); - -int -i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_TIME_it); -} -LCRYPTO_ALIAS(i2d_ASN1_TIME); diff --git a/src/lib/libcrypto/asn1/a_time_posix.c b/src/lib/libcrypto/asn1/a_time_posix.c deleted file mode 100644 index d4439b4701..0000000000 --- a/src/lib/libcrypto/asn1/a_time_posix.c +++ /dev/null @@ -1,296 +0,0 @@ -/* $OpenBSD: a_time_posix.c,v 1.5 2024/02/18 16:28:38 tb Exp $ */ -/* - * Copyright (c) 2022, Google Inc. - * Copyright (c) 2022, Bob Beck - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * Time conversion to/from POSIX time_t and struct tm, with no support - * for time zones other than UTC - */ - -#include -#include -#include -#include -#include - -#include -#include - -#include "crypto_internal.h" - -#define SECS_PER_HOUR (int64_t)(60 * 60) -#define SECS_PER_DAY (int64_t)(24 * SECS_PER_HOUR) - -/* - * Is a year/month/day combination valid, in the range from year 0000 - * to 9999? - */ -static int -is_valid_date(int64_t year, int64_t month, int64_t day) -{ - int days_in_month; - if (day < 1 || month < 1 || year < 0 || year > 9999) - return 0; - switch (month) { - case 1: - case 3: - case 5: - case 7: - case 8: - case 10: - case 12: - days_in_month = 31; - break; - case 4: - case 6: - case 9: - case 11: - days_in_month = 30; - break; - case 2: - if ((year % 4 == 0 && year % 100 != 0) || year % 400 == 0) - days_in_month = 29; - else - days_in_month = 28; - break; - default: - return 0; - } - return day <= days_in_month; -} - -/* - * Is a time valid? Leap seconds of 60 are not considered valid, as - * the POSIX time in seconds does not include them. - */ -static int -is_valid_time(int hours, int minutes, int seconds) -{ - return hours >= 0 && minutes >= 0 && seconds >= 0 && hours <= 23 && - minutes <= 59 && seconds <= 59; -} - -/* 0000-01-01 00:00:00 UTC */ -#define MIN_POSIX_TIME INT64_C(-62167219200) -/* 9999-12-31 23:59:59 UTC */ -#define MAX_POSIX_TIME INT64_C(253402300799) - -/* Is a int64 time representing a time within our expected range? */ -static int -is_valid_posix_time(int64_t time) -{ - return MIN_POSIX_TIME <= time && time <= MAX_POSIX_TIME; -} - -/* - * Inspired by algorithms presented in - * https://howardhinnant.github.io/date_algorithms.html - * (Public Domain) - */ -static int -posix_time_from_utc(int64_t year, int64_t month, int64_t day, int64_t hours, - int64_t minutes, int64_t seconds, int64_t *out_time) -{ - int64_t era, year_of_era, day_of_year, day_of_era, posix_days; - - if (!is_valid_date(year, month, day) || - !is_valid_time(hours, minutes, seconds)) - return 0; - if (month <= 2) - year--; /* Start years on Mar 1, so leap days end a year. */ - - /* At this point year will be in the range -1 and 9999.*/ - era = (year >= 0 ? year : year - 399) / 400; - year_of_era = year - era * 400; - day_of_year = (153 * (month > 2 ? month - 3 : month + 9) + 2) / - 5 + day - 1; - day_of_era = year_of_era * 365 + year_of_era / 4 - year_of_era / - 100 + day_of_year; - posix_days = era * 146097 + day_of_era - 719468; - *out_time = posix_days * SECS_PER_DAY + hours * SECS_PER_HOUR + - minutes * 60 + seconds; - - return 1; -} - -/* - * Inspired by algorithms presented in - * https://howardhinnant.github.io/date_algorithms.html - * (Public Domain) - */ -static int -utc_from_posix_time(int64_t time, int *out_year, int *out_month, int *out_day, - int *out_hours, int *out_minutes, int *out_seconds) -{ - int64_t days, leftover_seconds, era, day_of_era, year_of_era, - day_of_year, month_of_year; - - if (!is_valid_posix_time(time)) - return 0; - - days = time / SECS_PER_DAY; - leftover_seconds = time % SECS_PER_DAY; - if (leftover_seconds < 0) { - days--; - leftover_seconds += SECS_PER_DAY; - } - days += 719468; /* Shift to starting epoch of Mar 1 0000. */ - - /* At this point, days will be in the range -61 and 3652364. */ - era = (days > 0 ? days : days - 146096) / 146097; - day_of_era = days - era * 146097; - year_of_era = (day_of_era - day_of_era / 1460 + day_of_era / 36524 - - day_of_era / 146096) / - 365; - *out_year = year_of_era + era * 400; /* Year starts on Mar 1 */ - day_of_year = day_of_era - (365 * year_of_era + year_of_era / 4 - - year_of_era / 100); - month_of_year = (5 * day_of_year + 2) / 153; - *out_month = (month_of_year < 10 ? month_of_year + 3 : - month_of_year - 9); - if (*out_month <= 2) - (*out_year)++; /* Adjust year back to Jan 1 start of year. */ - - *out_day = day_of_year - (153 * month_of_year + 2) / 5 + 1; - *out_hours = leftover_seconds / SECS_PER_HOUR; - leftover_seconds %= SECS_PER_HOUR; - *out_minutes = leftover_seconds / 60; - *out_seconds = leftover_seconds % 60; - - return 1; -} - -int -OPENSSL_tm_to_posix(const struct tm *tm, int64_t *out) -{ - return posix_time_from_utc(tm->tm_year + (int64_t)1900, - tm->tm_mon + (int64_t)1, tm->tm_mday, tm->tm_hour, tm->tm_min, - tm->tm_sec, out); -} -LCRYPTO_ALIAS(OPENSSL_tm_to_posix); - -int -OPENSSL_posix_to_tm(int64_t time, struct tm *out_tm) -{ - struct tm tmp_tm = {0}; - - memset(out_tm, 0, sizeof(*out_tm)); - - if (!utc_from_posix_time(time, &tmp_tm.tm_year, &tmp_tm.tm_mon, - &tmp_tm.tm_mday, &tmp_tm.tm_hour, &tmp_tm.tm_min, &tmp_tm.tm_sec)) - return 0; - - tmp_tm.tm_year -= 1900; - tmp_tm.tm_mon -= 1; - - *out_tm = tmp_tm; - - return 1; -} -LCRYPTO_ALIAS(OPENSSL_posix_to_tm); - -int -asn1_time_tm_to_time_t(const struct tm *tm, time_t *out) -{ - int64_t posix_time; - - if (!OPENSSL_tm_to_posix(tm, &posix_time)) - return 0; - -#ifdef SMALL_TIME_T - /* For portable. */ - if (sizeof(time_t) == sizeof(int32_t) && - (posix_time > INT32_MAX || posix_time < INT32_MIN)) - return 0; -#endif - - *out = posix_time; - return 1; -} - -int -asn1_time_time_t_to_tm(const time_t *time, struct tm *out_tm) -{ - int64_t posix_time = *time; - - return OPENSSL_posix_to_tm(posix_time, out_tm); -} - -int -OPENSSL_timegm(const struct tm *tm, time_t *out) { - return asn1_time_tm_to_time_t(tm, out); -} -LCRYPTO_ALIAS(OPENSSL_timegm); - -struct tm * -OPENSSL_gmtime(const time_t *time, struct tm *out_tm) { - if (!asn1_time_time_t_to_tm(time, out_tm)) - return NULL; - return out_tm; -} -LCRYPTO_ALIAS(OPENSSL_gmtime); - -/* Public API in OpenSSL. BoringSSL uses int64_t instead of long. */ -int -OPENSSL_gmtime_adj(struct tm *tm, int offset_day, int64_t offset_sec) -{ - int64_t posix_time; - - if (!OPENSSL_tm_to_posix(tm, &posix_time)) - return 0; - - CTASSERT(INT_MAX <= INT64_MAX / SECS_PER_DAY); - CTASSERT(MAX_POSIX_TIME <= INT64_MAX - INT_MAX * SECS_PER_DAY); - CTASSERT(MIN_POSIX_TIME >= INT64_MIN - INT_MIN * SECS_PER_DAY); - - posix_time += offset_day * SECS_PER_DAY; - - if (posix_time > 0 && offset_sec > INT64_MAX - posix_time) - return 0; - if (posix_time < 0 && offset_sec < INT64_MIN - posix_time) - return 0; - posix_time += offset_sec; - - if (!OPENSSL_posix_to_tm(posix_time, tm)) - return 0; - - return 1; -} - -int -OPENSSL_gmtime_diff(int *out_days, int *out_secs, const struct tm *from, - const struct tm *to) -{ - int64_t time_to, time_from, timediff, daydiff; - - if (!OPENSSL_tm_to_posix(to, &time_to) || - !OPENSSL_tm_to_posix(from, &time_from)) - return 0; - - /* Times are in range, so these calculations cannot overflow. */ - CTASSERT(SECS_PER_DAY <= INT_MAX); - CTASSERT((MAX_POSIX_TIME - MIN_POSIX_TIME) / SECS_PER_DAY <= INT_MAX); - - timediff = time_to - time_from; - daydiff = timediff / SECS_PER_DAY; - timediff %= SECS_PER_DAY; - - *out_secs = timediff; - *out_days = daydiff; - - return 1; -} diff --git a/src/lib/libcrypto/asn1/a_time_tm.c b/src/lib/libcrypto/asn1/a_time_tm.c deleted file mode 100644 index a1f329be96..0000000000 --- a/src/lib/libcrypto/asn1/a_time_tm.c +++ /dev/null @@ -1,607 +0,0 @@ -/* $OpenBSD: a_time_tm.c,v 1.42 2024/05/03 18:33:27 tb Exp $ */ -/* - * Copyright (c) 2015 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include -#include -#include -#include - -#include -#include - -#include "bytestring.h" -#include "asn1_local.h" - -#define RFC5280 0 -#define GENTIME_LENGTH 15 -#define UTCTIME_LENGTH 13 - -int -ASN1_time_tm_cmp(struct tm *tm1, struct tm *tm2) -{ - if (tm1->tm_year < tm2->tm_year) - return -1; - if (tm1->tm_year > tm2->tm_year) - return 1; - if (tm1->tm_mon < tm2->tm_mon) - return -1; - if (tm1->tm_mon > tm2->tm_mon) - return 1; - if (tm1->tm_mday < tm2->tm_mday) - return -1; - if (tm1->tm_mday > tm2->tm_mday) - return 1; - if (tm1->tm_hour < tm2->tm_hour) - return -1; - if (tm1->tm_hour > tm2->tm_hour) - return 1; - if (tm1->tm_min < tm2->tm_min) - return -1; - if (tm1->tm_min > tm2->tm_min) - return 1; - if (tm1->tm_sec < tm2->tm_sec) - return -1; - if (tm1->tm_sec > tm2->tm_sec) - return 1; - return 0; -} - -int -ASN1_time_tm_clamp_notafter(struct tm *tm) -{ -#ifdef SMALL_TIME_T - struct tm broken_os_epoch_tm; - time_t broken_os_epoch_time = INT_MAX; - - if (!asn1_time_time_t_to_tm(&broken_os_epoch_time, &broken_os_epoch_tm)) - return 0; - - if (ASN1_time_tm_cmp(tm, &broken_os_epoch_tm) == 1) - memcpy(tm, &broken_os_epoch_tm, sizeof(*tm)); -#endif - return 1; -} - -/* Convert time to GeneralizedTime, X.690, 11.7. */ -static int -tm_to_gentime(struct tm *tm, ASN1_TIME *atime) -{ - char *time_str = NULL; - - if (tm->tm_year < -1900 || tm->tm_year > 9999 - 1900) { - ASN1error(ASN1_R_ILLEGAL_TIME_VALUE); - return 0; - } - - if (asprintf(&time_str, "%04u%02u%02u%02u%02u%02uZ", tm->tm_year + 1900, - tm->tm_mon + 1, tm->tm_mday, tm->tm_hour, tm->tm_min, - tm->tm_sec) == -1) { - ASN1error(ERR_R_MALLOC_FAILURE); - return 0; - } - - free(atime->data); - atime->data = time_str; - atime->length = GENTIME_LENGTH; - atime->type = V_ASN1_GENERALIZEDTIME; - - return 1; -} - -/* Convert time to UTCTime, X.690, 11.8. */ -static int -tm_to_utctime(struct tm *tm, ASN1_TIME *atime) -{ - char *time_str = NULL; - - if (tm->tm_year >= 150 || tm->tm_year < 50) { - ASN1error(ASN1_R_ILLEGAL_TIME_VALUE); - return 0; - } - - if (asprintf(&time_str, "%02u%02u%02u%02u%02u%02uZ", - tm->tm_year % 100, tm->tm_mon + 1, tm->tm_mday, - tm->tm_hour, tm->tm_min, tm->tm_sec) == -1) { - ASN1error(ERR_R_MALLOC_FAILURE); - return 0; - } - - free(atime->data); - atime->data = time_str; - atime->length = UTCTIME_LENGTH; - atime->type = V_ASN1_UTCTIME; - - return 1; -} - -static int -tm_to_rfc5280_time(struct tm *tm, ASN1_TIME *atime) -{ - if (tm->tm_year >= 50 && tm->tm_year < 150) - return tm_to_utctime(tm, atime); - - return tm_to_gentime(tm, atime); -} - - -static int -cbs_get_two_digit_value(CBS *cbs, int *out) -{ - uint8_t first_digit, second_digit; - - if (!CBS_get_u8(cbs, &first_digit)) - return 0; - if (!isdigit(first_digit)) - return 0; - if (!CBS_get_u8(cbs, &second_digit)) - return 0; - if (!isdigit(second_digit)) - return 0; - - *out = (first_digit - '0') * 10 + (second_digit - '0'); - - return 1; -} - -static int -is_valid_day(int year, int month, int day) -{ - if (day < 1) - return 0; - switch (month) { - case 1: - case 3: - case 5: - case 7: - case 8: - case 10: - case 12: - return day <= 31; - case 4: - case 6: - case 9: - case 11: - return day <= 30; - case 2: - if ((year % 4 == 0 && year % 100 != 0) || year % 400 == 0) - return day <= 29; - else - return day <= 28; - default: - return 0; - } -} - -/* - * asn1_time_parse_cbs returns one if |cbs| is a valid DER-encoded, ASN.1 Time - * body within the limitations imposed by RFC 5280, or zero otherwise. The time - * is expected to parse as a Generalized Time if is_gentime is true, and as a - * UTC Time otherwise. If |out_tm| is non-NULL, |*out_tm| will be zeroed, and - * then set to the corresponding time in UTC. This function does not compute - * |out_tm->tm_wday| or |out_tm->tm_yday|. |cbs| is not consumed. - */ -int -asn1_time_parse_cbs(const CBS *cbs, int is_gentime, struct tm *out_tm) -{ - int year, month, day, hour, min, sec, val; - CBS copy; - uint8_t tz; - - CBS_dup(cbs, ©); - - if (is_gentime) { - if (!cbs_get_two_digit_value(©, &val)) - return 0; - year = val * 100; - if (!cbs_get_two_digit_value(©, &val)) - return 0; - year += val; - } else { - year = 1900; - if (!cbs_get_two_digit_value(©, &val)) - return 0; - year += val; - if (year < 1950) - year += 100; - if (year >= 2050) - return 0; /* A Generalized time must be used. */ - } - - if (!cbs_get_two_digit_value(©, &month)) - return 0; - if (month < 1 || month > 12) - return 0; /* Reject invalid months. */ - - if (!cbs_get_two_digit_value(©, &day)) - return 0; - if (!is_valid_day(year, month, day)) - return 0; /* Reject invalid days. */ - - if (!cbs_get_two_digit_value(©, &hour)) - return 0; - if (hour > 23) - return 0; /* Reject invalid hours. */ - - if (!cbs_get_two_digit_value(©, &min)) - return 0; - if (min > 59) - return 0; /* Reject invalid minutes. */ - - if (!cbs_get_two_digit_value(©, &sec)) - return 0; - if (sec > 59) - return 0; /* Reject invalid seconds. Leap seconds are invalid. */ - - if (!CBS_get_u8(©, &tz)) - return 0; - if (tz != 'Z') - return 0; /* Reject anything but Z on the end. */ - - if (CBS_len(©) != 0) - return 0; /* Reject invalid lengths. */ - - if (out_tm != NULL) { - memset(out_tm, 0, sizeof(*out_tm)); - /* Fill in the tm fields corresponding to what we validated. */ - out_tm->tm_year = year - 1900; - out_tm->tm_mon = month - 1; - out_tm->tm_mday = day; - out_tm->tm_hour = hour; - out_tm->tm_min = min; - out_tm->tm_sec = sec; - } - - return 1; -} - -/* - * Parse an RFC 5280 format ASN.1 time string. - * - * mode must be: - * 0 if we expect to parse a time as specified in RFC 5280 for an X509 object. - * V_ASN1_UTCTIME if we wish to parse an RFC5280 format UTC time. - * V_ASN1_GENERALIZEDTIME if we wish to parse an RFC5280 format Generalized time. - * - * Returns: - * -1 if the string was invalid. - * V_ASN1_UTCTIME if the string validated as a UTC time string. - * V_ASN1_GENERALIZEDTIME if the string validated as a Generalized time string. - * - * Fills in *tm with the corresponding time if tm is non NULL. - */ -int -ASN1_time_parse(const char *bytes, size_t len, struct tm *tm, int mode) -{ - int type = 0; - CBS cbs; - - if (bytes == NULL) - return -1; - - CBS_init(&cbs, bytes, len); - - if (CBS_len(&cbs) == UTCTIME_LENGTH) - type = V_ASN1_UTCTIME; - if (CBS_len(&cbs) == GENTIME_LENGTH) - type = V_ASN1_GENERALIZEDTIME; - if (asn1_time_parse_cbs(&cbs, type == V_ASN1_GENERALIZEDTIME, tm)) { - if (mode != 0 && mode != type) - return -1; - return type; - } - - return -1; -} - -/* - * ASN1_TIME generic functions. - */ - -static int -ASN1_TIME_set_string_internal(ASN1_TIME *s, const char *str, int mode) -{ - struct tm tm; - - if (ASN1_time_parse(str, strlen(str), &tm, mode) == -1) - return 0; - - /* Only check str's format, as documented. */ - if (s == NULL) - return 1; - - switch (mode) { - case V_ASN1_UTCTIME: - return tm_to_utctime(&tm, s); - case V_ASN1_GENERALIZEDTIME: - return tm_to_gentime(&tm, s); - case RFC5280: - return tm_to_rfc5280_time(&tm, s); - default: - return 0; - } -} - -static ASN1_TIME * -ASN1_TIME_adj_internal(ASN1_TIME *s, time_t t, int offset_day, long offset_sec, - int mode) -{ - ASN1_TIME *atime = s; - struct tm tm; - - if (!asn1_time_time_t_to_tm(&t, &tm)) - goto err; - - if (offset_day != 0 || offset_sec != 0) { - if (!OPENSSL_gmtime_adj(&tm, offset_day, offset_sec)) - goto err; - } - - if (atime == NULL) - atime = ASN1_TIME_new(); - if (atime == NULL) - goto err; - - switch (mode) { - case V_ASN1_UTCTIME: - if (!tm_to_utctime(&tm, atime)) - goto err; - break; - case V_ASN1_GENERALIZEDTIME: - if (!tm_to_gentime(&tm, atime)) - goto err; - break; - case RFC5280: - if (!tm_to_rfc5280_time(&tm, atime)) - goto err; - break; - default: - goto err; - } - - return atime; - - err: - if (atime != s) - ASN1_TIME_free(atime); - - return NULL; -} - -ASN1_TIME * -ASN1_TIME_set(ASN1_TIME *s, time_t t) -{ - return ASN1_TIME_adj(s, t, 0, 0); -} -LCRYPTO_ALIAS(ASN1_TIME_set); - -ASN1_TIME * -ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day, long offset_sec) -{ - return ASN1_TIME_adj_internal(s, t, offset_day, offset_sec, RFC5280); -} -LCRYPTO_ALIAS(ASN1_TIME_adj); - -int -ASN1_TIME_check(const ASN1_TIME *t) -{ - if (t->type != V_ASN1_GENERALIZEDTIME && t->type != V_ASN1_UTCTIME) - return 0; - return t->type == ASN1_time_parse(t->data, t->length, NULL, t->type); -} -LCRYPTO_ALIAS(ASN1_TIME_check); - -ASN1_GENERALIZEDTIME * -ASN1_TIME_to_generalizedtime(const ASN1_TIME *t, ASN1_GENERALIZEDTIME **out) -{ - ASN1_GENERALIZEDTIME *agt = NULL; - struct tm tm; - - if (t->type != V_ASN1_GENERALIZEDTIME && t->type != V_ASN1_UTCTIME) - goto err; - - if (t->type != ASN1_time_parse(t->data, t->length, &tm, t->type)) - goto err; - - if (out == NULL || (agt = *out) == NULL) - agt = ASN1_TIME_new(); - if (agt == NULL) - goto err; - - if (!tm_to_gentime(&tm, agt)) - goto err; - - if (out != NULL) - *out = agt; - - return agt; - - err: - if (out == NULL || *out != agt) - ASN1_TIME_free(agt); - - return NULL; -} -LCRYPTO_ALIAS(ASN1_TIME_to_generalizedtime); - -int -ASN1_TIME_set_string(ASN1_TIME *s, const char *str) -{ - return ASN1_TIME_set_string_internal(s, str, RFC5280); -} -LCRYPTO_ALIAS(ASN1_TIME_set_string); - -static int -ASN1_TIME_cmp_time_t_internal(const ASN1_TIME *s, time_t t2, int mode) -{ - struct tm tm1, tm2; - - /* - * This function has never handled failure conditions properly - * The OpenSSL version used to simply follow NULL pointers on failure. - * BoringSSL and OpenSSL now make it return -2 on failure. - * - * The danger is that users of this function will not differentiate the - * -2 failure case from s < t2. Callers must be careful. Sadly this is - * one of those pervasive things from OpenSSL we must continue with. - */ - - if (ASN1_time_parse(s->data, s->length, &tm1, mode) == -1) - return -2; - - if (!asn1_time_time_t_to_tm(&t2, &tm2)) - return -2; - - return ASN1_time_tm_cmp(&tm1, &tm2); -} - -int -ASN1_TIME_compare(const ASN1_TIME *t1, const ASN1_TIME *t2) -{ - struct tm tm1, tm2; - - if (t1->type != V_ASN1_UTCTIME && t1->type != V_ASN1_GENERALIZEDTIME) - return -2; - - if (t2->type != V_ASN1_UTCTIME && t2->type != V_ASN1_GENERALIZEDTIME) - return -2; - - if (ASN1_time_parse(t1->data, t1->length, &tm1, t1->type) == -1) - return -2; - - if (ASN1_time_parse(t2->data, t2->length, &tm2, t2->type) == -1) - return -2; - - return ASN1_time_tm_cmp(&tm1, &tm2); -} -LCRYPTO_ALIAS(ASN1_TIME_compare); - -int -ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t) -{ - if (s->type == V_ASN1_UTCTIME) - return ASN1_TIME_cmp_time_t_internal(s, t, V_ASN1_UTCTIME); - if (s->type == V_ASN1_GENERALIZEDTIME) - return ASN1_TIME_cmp_time_t_internal(s, t, - V_ASN1_GENERALIZEDTIME); - return -2; -} -LCRYPTO_ALIAS(ASN1_TIME_cmp_time_t); - -/* - * ASN1_UTCTIME wrappers - */ - -int -ASN1_UTCTIME_check(const ASN1_UTCTIME *d) -{ - if (d->type != V_ASN1_UTCTIME) - return 0; - return d->type == ASN1_time_parse(d->data, d->length, NULL, d->type); -} -LCRYPTO_ALIAS(ASN1_UTCTIME_check); - -int -ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str) -{ - if (s != NULL && s->type != V_ASN1_UTCTIME) - return 0; - return ASN1_TIME_set_string_internal(s, str, V_ASN1_UTCTIME); -} -LCRYPTO_ALIAS(ASN1_UTCTIME_set_string); - -ASN1_UTCTIME * -ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t) -{ - return ASN1_UTCTIME_adj(s, t, 0, 0); -} -LCRYPTO_ALIAS(ASN1_UTCTIME_set); - -ASN1_UTCTIME * -ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, int offset_day, long offset_sec) -{ - return ASN1_TIME_adj_internal(s, t, offset_day, offset_sec, - V_ASN1_UTCTIME); -} -LCRYPTO_ALIAS(ASN1_UTCTIME_adj); - -int -ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t) -{ - if (s->type == V_ASN1_UTCTIME) - return ASN1_TIME_cmp_time_t_internal(s, t, V_ASN1_UTCTIME); - return -2; -} -LCRYPTO_ALIAS(ASN1_UTCTIME_cmp_time_t); - -/* - * ASN1_GENERALIZEDTIME wrappers - */ - -int -ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *d) -{ - if (d->type != V_ASN1_GENERALIZEDTIME) - return 0; - return d->type == ASN1_time_parse(d->data, d->length, NULL, d->type); -} -LCRYPTO_ALIAS(ASN1_GENERALIZEDTIME_check); - -int -ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str) -{ - if (s != NULL && s->type != V_ASN1_GENERALIZEDTIME) - return 0; - return ASN1_TIME_set_string_internal(s, str, V_ASN1_GENERALIZEDTIME); -} -LCRYPTO_ALIAS(ASN1_GENERALIZEDTIME_set_string); - -ASN1_GENERALIZEDTIME * -ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s, time_t t) -{ - return ASN1_GENERALIZEDTIME_adj(s, t, 0, 0); -} -LCRYPTO_ALIAS(ASN1_GENERALIZEDTIME_set); - -ASN1_GENERALIZEDTIME * -ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s, time_t t, int offset_day, - long offset_sec) -{ - return ASN1_TIME_adj_internal(s, t, offset_day, offset_sec, - V_ASN1_GENERALIZEDTIME); -} -LCRYPTO_ALIAS(ASN1_GENERALIZEDTIME_adj); - -int -ASN1_TIME_normalize(ASN1_TIME *t) -{ - struct tm tm; - - if (t == NULL) - return 0; - if (!ASN1_TIME_to_tm(t, &tm)) - return 0; - return tm_to_rfc5280_time(&tm, t); -} -LCRYPTO_ALIAS(ASN1_TIME_normalize); - -int -ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str) -{ - return ASN1_TIME_set_string_internal(s, str, RFC5280); -} -LCRYPTO_ALIAS(ASN1_TIME_set_string_X509); diff --git a/src/lib/libcrypto/asn1/a_type.c b/src/lib/libcrypto/asn1/a_type.c deleted file mode 100644 index ef0a76e810..0000000000 --- a/src/lib/libcrypto/asn1/a_type.c +++ /dev/null @@ -1,360 +0,0 @@ -/* $OpenBSD: a_type.c,v 1.27 2023/07/28 10:00:10 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include -#include - -#include "asn1_local.h" - -typedef struct { - ASN1_INTEGER *num; - ASN1_OCTET_STRING *value; -} ASN1_int_octetstring; - -static const ASN1_TEMPLATE ASN1_INT_OCTETSTRING_seq_tt[] = { - { - .offset = offsetof(ASN1_int_octetstring, num), - .field_name = "num", - .item = &ASN1_INTEGER_it, - }, - { - .offset = offsetof(ASN1_int_octetstring, value), - .field_name = "value", - .item = &ASN1_OCTET_STRING_it, - }, -}; - -const ASN1_ITEM ASN1_INT_OCTETSTRING_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = ASN1_INT_OCTETSTRING_seq_tt, - .tcount = sizeof(ASN1_INT_OCTETSTRING_seq_tt) / sizeof(ASN1_TEMPLATE), - .size = sizeof(ASN1_int_octetstring), - .sname = "ASN1_INT_OCTETSTRING", -}; - -ASN1_TYPE * -ASN1_TYPE_new(void) -{ - return (ASN1_TYPE *)ASN1_item_new(&ASN1_ANY_it); -} -LCRYPTO_ALIAS(ASN1_TYPE_new); - -void -ASN1_TYPE_free(ASN1_TYPE *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ASN1_ANY_it); -} -LCRYPTO_ALIAS(ASN1_TYPE_free); - -int -ASN1_TYPE_get(const ASN1_TYPE *a) -{ - /* Special non-pointer types. */ - if (a->type == V_ASN1_BOOLEAN || a->type == V_ASN1_NULL) - return a->type; - - if (a->value.ptr != NULL) - return a->type; - - return 0; -} -LCRYPTO_ALIAS(ASN1_TYPE_get); - -void -ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value) -{ - if (a->value.ptr != NULL) { - ASN1_TYPE **tmp_a = &a; - ASN1_primitive_free((ASN1_VALUE **)tmp_a, NULL); - } - a->type = type; - if (type == V_ASN1_BOOLEAN) - a->value.boolean = value ? 0xff : 0; - else - a->value.ptr = value; -} -LCRYPTO_ALIAS(ASN1_TYPE_set); - -int -ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value) -{ - if (!value || (type == V_ASN1_BOOLEAN)) { - void *p = (void *)value; - ASN1_TYPE_set(a, type, p); - } else if (type == V_ASN1_OBJECT) { - ASN1_OBJECT *odup; - odup = OBJ_dup(value); - if (!odup) - return 0; - ASN1_TYPE_set(a, type, odup); - } else { - ASN1_STRING *sdup; - sdup = ASN1_STRING_dup(value); - if (!sdup) - return 0; - ASN1_TYPE_set(a, type, sdup); - } - return 1; -} -LCRYPTO_ALIAS(ASN1_TYPE_set1); - -/* Returns 0 if they are equal, != 0 otherwise. */ -int -ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b) -{ - int result = -1; - - if (!a || !b || a->type != b->type) - return -1; - - switch (a->type) { - case V_ASN1_OBJECT: - result = OBJ_cmp(a->value.object, b->value.object); - break; - case V_ASN1_BOOLEAN: - result = a->value.boolean - b->value.boolean; - break; - case V_ASN1_NULL: - result = 0; /* They do not have content. */ - break; - - case V_ASN1_INTEGER: - case V_ASN1_ENUMERATED: - case V_ASN1_BIT_STRING: - case V_ASN1_OCTET_STRING: - case V_ASN1_SEQUENCE: - case V_ASN1_SET: - case V_ASN1_NUMERICSTRING: - case V_ASN1_PRINTABLESTRING: - case V_ASN1_T61STRING: - case V_ASN1_VIDEOTEXSTRING: - case V_ASN1_IA5STRING: - case V_ASN1_UTCTIME: - case V_ASN1_GENERALIZEDTIME: - case V_ASN1_GRAPHICSTRING: - case V_ASN1_VISIBLESTRING: - case V_ASN1_GENERALSTRING: - case V_ASN1_UNIVERSALSTRING: - case V_ASN1_BMPSTRING: - case V_ASN1_UTF8STRING: - case V_ASN1_OTHER: - default: - result = ASN1_STRING_cmp((ASN1_STRING *)a->value.ptr, - (ASN1_STRING *)b->value.ptr); - break; - } - - return result; -} -LCRYPTO_ALIAS(ASN1_TYPE_cmp); - -int -ASN1_TYPE_set_octetstring(ASN1_TYPE *a, const unsigned char *data, int len) -{ - ASN1_STRING *os; - - if ((os = ASN1_OCTET_STRING_new()) == NULL) - return (0); - if (!ASN1_STRING_set(os, data, len)) { - ASN1_OCTET_STRING_free(os); - return (0); - } - ASN1_TYPE_set(a, V_ASN1_OCTET_STRING, os); - return (1); -} -LCRYPTO_ALIAS(ASN1_TYPE_set_octetstring); - -int -ASN1_TYPE_get_octetstring(const ASN1_TYPE *a, unsigned char *data, int max_len) -{ - int ret, num; - unsigned char *p; - - if ((a->type != V_ASN1_OCTET_STRING) || - (a->value.octet_string == NULL)) { - ASN1error(ASN1_R_DATA_IS_WRONG); - return (-1); - } - p = ASN1_STRING_data(a->value.octet_string); - ret = ASN1_STRING_length(a->value.octet_string); - if (ret < max_len) - num = ret; - else - num = max_len; - memcpy(data, p, num); - return (ret); -} -LCRYPTO_ALIAS(ASN1_TYPE_get_octetstring); - -int -ASN1_TYPE_set_int_octetstring(ASN1_TYPE *at, long num, const unsigned char *data, - int len) -{ - ASN1_int_octetstring *ios; - ASN1_STRING *sp = NULL; - int ret = 0; - - if ((ios = (ASN1_int_octetstring *)ASN1_item_new( - &ASN1_INT_OCTETSTRING_it)) == NULL) - goto err; - if (!ASN1_INTEGER_set(ios->num, num)) - goto err; - if (!ASN1_OCTET_STRING_set(ios->value, data, len)) - goto err; - - if ((sp = ASN1_item_pack(ios, &ASN1_INT_OCTETSTRING_it, NULL)) == NULL) - goto err; - - ASN1_TYPE_set(at, V_ASN1_SEQUENCE, sp); - sp = NULL; - - ret = 1; - - err: - ASN1_item_free((ASN1_VALUE *)ios, &ASN1_INT_OCTETSTRING_it); - ASN1_STRING_free(sp); - - return ret; -} -LCRYPTO_ALIAS(ASN1_TYPE_set_int_octetstring); - -int -ASN1_TYPE_get_int_octetstring(const ASN1_TYPE *at, long *num, unsigned char *data, - int max_len) -{ - ASN1_STRING *sp = at->value.sequence; - ASN1_int_octetstring *ios = NULL; - int ret = -1; - int len; - - if (at->type != V_ASN1_SEQUENCE || sp == NULL) - goto err; - - if ((ios = ASN1_item_unpack(sp, &ASN1_INT_OCTETSTRING_it)) == NULL) - goto err; - - if (num != NULL) - *num = ASN1_INTEGER_get(ios->num); - if (data != NULL) { - len = ASN1_STRING_length(ios->value); - if (len > max_len) - len = max_len; - memcpy(data, ASN1_STRING_data(ios->value), len); - } - - ret = ASN1_STRING_length(ios->value); - - err: - ASN1_item_free((ASN1_VALUE *)ios, &ASN1_INT_OCTETSTRING_it); - - if (ret == -1) - ASN1error(ASN1_R_DATA_IS_WRONG); - - return ret; -} -LCRYPTO_ALIAS(ASN1_TYPE_get_int_octetstring); - -ASN1_TYPE * -ASN1_TYPE_pack_sequence(const ASN1_ITEM *it, void *s, ASN1_TYPE **t) -{ - ASN1_OCTET_STRING *oct; - ASN1_TYPE *rt; - - if ((oct = ASN1_item_pack(s, it, NULL)) == NULL) - return NULL; - - if (t != NULL && *t != NULL) { - rt = *t; - } else { - if ((rt = ASN1_TYPE_new()) == NULL) { - ASN1_OCTET_STRING_free(oct); - return NULL; - } - if (t != NULL) - *t = rt; - } - ASN1_TYPE_set(rt, V_ASN1_SEQUENCE, oct); - return rt; -} - -void * -ASN1_TYPE_unpack_sequence(const ASN1_ITEM *it, const ASN1_TYPE *t) -{ - if (t == NULL || t->type != V_ASN1_SEQUENCE || t->value.sequence == NULL) - return NULL; - return ASN1_item_unpack(t->value.sequence, it); -} - -int -i2d_ASN1_TYPE(ASN1_TYPE *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_ANY_it); -} -LCRYPTO_ALIAS(i2d_ASN1_TYPE); - -ASN1_TYPE * -d2i_ASN1_TYPE(ASN1_TYPE **a, const unsigned char **in, long len) -{ - return (ASN1_TYPE *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ASN1_ANY_it); -} -LCRYPTO_ALIAS(d2i_ASN1_TYPE); diff --git a/src/lib/libcrypto/asn1/a_utf8.c b/src/lib/libcrypto/asn1/a_utf8.c deleted file mode 100644 index 51ab1bdb28..0000000000 --- a/src/lib/libcrypto/asn1/a_utf8.c +++ /dev/null @@ -1,199 +0,0 @@ -/* $OpenBSD: a_utf8.c,v 1.9 2022/11/26 16:08:50 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include - -#include "asn1_local.h" - -/* UTF8 utilities */ - -/* - * This parses a UTF8 string one character at a time. It is passed a pointer - * to the string and the length of the string. It sets 'value' to the value of - * the current character. It returns the number of characters read or a - * negative error code: - * -1 = string too short - * -2 = illegal character - * -3 = subsequent characters not of the form 10xxxxxx - * -4 = character encoded incorrectly (not minimal length). - */ - -int -UTF8_getc(const unsigned char *str, int len, unsigned long *val) -{ - const unsigned char *p; - unsigned long value; - int ret; - if (len <= 0) - return 0; - p = str; - - /* Check syntax and work out the encoded value (if correct) */ - if ((*p & 0x80) == 0) { - value = *p++ & 0x7f; - ret = 1; - } else if ((*p & 0xe0) == 0xc0) { - if (*p < 0xc2) - return -2; - if (len < 2) - return -1; - if ((p[1] & 0xc0) != 0x80) - return -3; - value = (*p++ & 0x1f) << 6; - value |= *p++ & 0x3f; - if (value < 0x80) - return -4; - ret = 2; - } else if ((*p & 0xf0) == 0xe0) { - if (len < 3) - return -1; - if (((p[1] & 0xc0) != 0x80) || - ((p[2] & 0xc0) != 0x80)) - return -3; - value = (*p++ & 0xf) << 12; - value |= (*p++ & 0x3f) << 6; - value |= *p++ & 0x3f; - if (value < 0x800) - return -4; - /* surrogate pair code points are not valid */ - if (value >= 0xd800 && value < 0xe000) - return -2; - ret = 3; - } else if ((*p & 0xf8) == 0xf0 && (*p < 0xf5)) { - if (len < 4) - return -1; - if (((p[1] & 0xc0) != 0x80) || - ((p[2] & 0xc0) != 0x80) || - ((p[3] & 0xc0) != 0x80)) - return -3; - value = ((unsigned long)(*p++ & 0x7)) << 18; - value |= (*p++ & 0x3f) << 12; - value |= (*p++ & 0x3f) << 6; - value |= *p++ & 0x3f; - if (value < 0x10000) - return -4; - if (value > UNICODE_MAX) - return -2; - ret = 4; - } else - return -2; - *val = value; - return ret; -} - -/* This takes a Unicode code point 'value' and writes its UTF-8 encoded form - * in 'str' where 'str' is a buffer of at least length 'len'. If 'str' - * is NULL, then nothing is written and just the return code is determined. - - * Returns less than zero on error: - * -1 if 'str' is not NULL and 'len' is too small - * -2 if 'value' is an invalid character (surrogate or out-of-range) - * - * Otherwise, returns the number of bytes in 'value's encoded form - * (i.e., the number of bytes written to 'str' when it's not NULL). - * - * It will need at most 4 characters. - */ - -int -UTF8_putc(unsigned char *str, int len, unsigned long value) -{ - if (value < 0x80) { - if (str != NULL) { - if (len < 1) - return -1; - str[0] = (unsigned char)value; - } - return 1; - } - if (value < 0x800) { - if (str != NULL) { - if (len < 2) - return -1; - str[0] = (unsigned char)(((value >> 6) & 0x1f) | 0xc0); - str[1] = (unsigned char)((value & 0x3f) | 0x80); - } - return 2; - } - if (value < 0x10000) { - if (UNICODE_IS_SURROGATE(value)) - return -2; - if (str != NULL) { - if (len < 3) - return -1; - str[0] = (unsigned char)(((value >> 12) & 0xf) | 0xe0); - str[1] = (unsigned char)(((value >> 6) & 0x3f) | 0x80); - str[2] = (unsigned char)((value & 0x3f) | 0x80); - } - return 3; - } - if (value <= UNICODE_MAX) { - if (str != NULL) { - if (len < 4) - return -1; - str[0] = (unsigned char)(((value >> 18) & 0x7) | 0xf0); - str[1] = (unsigned char)(((value >> 12) & 0x3f) | 0x80); - str[2] = (unsigned char)(((value >> 6) & 0x3f) | 0x80); - str[3] = (unsigned char)((value & 0x3f) | 0x80); - } - return 4; - } - return -2; -} diff --git a/src/lib/libcrypto/asn1/asn1.h b/src/lib/libcrypto/asn1/asn1.h deleted file mode 100644 index aeabbc0a28..0000000000 --- a/src/lib/libcrypto/asn1/asn1.h +++ /dev/null @@ -1,1124 +0,0 @@ -/* $OpenBSD: asn1.h,v 1.92 2024/04/10 14:55:12 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_ASN1_H -#define HEADER_ASN1_H - -#include - -#include - -#ifndef OPENSSL_NO_BIO -#include -#endif -#include -#include -#include - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#define V_ASN1_UNIVERSAL 0x00 -#define V_ASN1_APPLICATION 0x40 -#define V_ASN1_CONTEXT_SPECIFIC 0x80 -#define V_ASN1_PRIVATE 0xc0 - -#define V_ASN1_CONSTRUCTED 0x20 -#define V_ASN1_PRIMITIVE_TAG 0x1f -#define V_ASN1_PRIMATIVE_TAG 0x1f - -#define V_ASN1_APP_CHOOSE -2 /* let the recipient choose */ -#define V_ASN1_OTHER -3 /* used in ASN1_TYPE */ -#define V_ASN1_ANY -4 /* used in ASN1 template code */ - -#define V_ASN1_NEG 0x100 /* negative flag */ - -#define V_ASN1_UNDEF -1 -#define V_ASN1_EOC 0 -#define V_ASN1_BOOLEAN 1 /**/ -#define V_ASN1_INTEGER 2 -#define V_ASN1_NEG_INTEGER (2 | V_ASN1_NEG) -#define V_ASN1_BIT_STRING 3 -#define V_ASN1_OCTET_STRING 4 -#define V_ASN1_NULL 5 -#define V_ASN1_OBJECT 6 -#define V_ASN1_OBJECT_DESCRIPTOR 7 -#define V_ASN1_EXTERNAL 8 -#define V_ASN1_REAL 9 -#define V_ASN1_ENUMERATED 10 -#define V_ASN1_NEG_ENUMERATED (10 | V_ASN1_NEG) -#define V_ASN1_UTF8STRING 12 -#define V_ASN1_SEQUENCE 16 -#define V_ASN1_SET 17 -#define V_ASN1_NUMERICSTRING 18 /**/ -#define V_ASN1_PRINTABLESTRING 19 -#define V_ASN1_T61STRING 20 -#define V_ASN1_TELETEXSTRING 20 /* alias */ -#define V_ASN1_VIDEOTEXSTRING 21 /**/ -#define V_ASN1_IA5STRING 22 -#define V_ASN1_UTCTIME 23 -#define V_ASN1_GENERALIZEDTIME 24 /**/ -#define V_ASN1_GRAPHICSTRING 25 /**/ -#define V_ASN1_ISO64STRING 26 /**/ -#define V_ASN1_VISIBLESTRING 26 /* alias */ -#define V_ASN1_GENERALSTRING 27 /**/ -#define V_ASN1_UNIVERSALSTRING 28 /**/ -#define V_ASN1_BMPSTRING 30 - -#define B_ASN1_NUMERICSTRING 0x0001 -#define B_ASN1_PRINTABLESTRING 0x0002 -#define B_ASN1_T61STRING 0x0004 -#define B_ASN1_TELETEXSTRING 0x0004 -#define B_ASN1_VIDEOTEXSTRING 0x0008 -#define B_ASN1_IA5STRING 0x0010 -#define B_ASN1_GRAPHICSTRING 0x0020 -#define B_ASN1_ISO64STRING 0x0040 -#define B_ASN1_VISIBLESTRING 0x0040 -#define B_ASN1_GENERALSTRING 0x0080 -#define B_ASN1_UNIVERSALSTRING 0x0100 -#define B_ASN1_OCTET_STRING 0x0200 -#define B_ASN1_BIT_STRING 0x0400 -#define B_ASN1_BMPSTRING 0x0800 -#define B_ASN1_UNKNOWN 0x1000 -#define B_ASN1_UTF8STRING 0x2000 -#define B_ASN1_UTCTIME 0x4000 -#define B_ASN1_GENERALIZEDTIME 0x8000 -#define B_ASN1_SEQUENCE 0x10000 - -/* For use with ASN1_mbstring_copy() */ -#define MBSTRING_FLAG 0x1000 -#define MBSTRING_UTF8 (MBSTRING_FLAG) -#define MBSTRING_ASC (MBSTRING_FLAG|1) -#define MBSTRING_BMP (MBSTRING_FLAG|2) -#define MBSTRING_UNIV (MBSTRING_FLAG|4) - -#define SMIME_OLDMIME 0x400 -#define SMIME_CRLFEOL 0x800 -#define SMIME_STREAM 0x1000 - -struct X509_algor_st; -DECLARE_STACK_OF(X509_ALGOR) - -#define DECLARE_ASN1_SET_OF(type) /* filled in by mkstack.pl */ -#define IMPLEMENT_ASN1_SET_OF(type) /* nothing, no longer needed */ - -#define ASN1_STRING_FLAG_BITS_LEFT 0x08 /* Set if 0x07 has bits left value */ -/* This indicates that the ASN1_STRING is not a real value but just a place - * holder for the location where indefinite length constructed data should - * be inserted in the memory buffer - */ -#define ASN1_STRING_FLAG_NDEF 0x010 - -/* This flag is used by the CMS code to indicate that a string is not - * complete and is a place holder for content when it had all been - * accessed. The flag will be reset when content has been written to it. - */ - -#define ASN1_STRING_FLAG_CONT 0x020 -/* This flag is used by ASN1 code to indicate an ASN1_STRING is an MSTRING - * type. - */ -#define ASN1_STRING_FLAG_MSTRING 0x040 -/* This is the base type that holds just about everything :-) */ -struct asn1_string_st { - int length; - int type; - unsigned char *data; - /* The value of the following field depends on the type being - * held. It is mostly being used for BIT_STRING so if the - * input data has a non-zero 'unused bits' value, it will be - * handled correctly */ - long flags; -}; - -/* ASN1_ENCODING structure: this is used to save the received - * encoding of an ASN1 type. This is useful to get round - * problems with invalid encodings which can break signatures. - */ - -typedef struct ASN1_ENCODING_st { - unsigned char *enc; /* DER encoding */ - long len; /* Length of encoding */ - int modified; /* set to 1 if 'enc' is invalid */ -} ASN1_ENCODING; - -/* Used with ASN1 LONG type: if a long is set to this it is omitted */ -#define ASN1_LONG_UNDEF 0x7fffffffL - -#define STABLE_FLAGS_MALLOC 0x01 -#define STABLE_NO_MASK 0x02 -#define DIRSTRING_TYPE \ - (B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_BMPSTRING|B_ASN1_UTF8STRING) -#define PKCS9STRING_TYPE (DIRSTRING_TYPE|B_ASN1_IA5STRING) - -typedef struct asn1_string_table_st { - int nid; - long minsize; - long maxsize; - unsigned long mask; - unsigned long flags; -} ASN1_STRING_TABLE; - -/* Declarations for template structures: for full definitions - * see asn1t.h - */ -typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE; -typedef struct ASN1_TLC_st ASN1_TLC; -/* This is just an opaque pointer */ -typedef struct ASN1_VALUE_st ASN1_VALUE; - -#ifndef LIBRESSL_INTERNAL - -/* Declare ASN1 functions: the implement macro in in asn1t.h */ - -#define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type) - -#define DECLARE_ASN1_ALLOC_FUNCTIONS(type) \ - DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, type) - -#define DECLARE_ASN1_FUNCTIONS_name(type, name) \ - DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ - DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) - -#define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \ - DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ - DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) - -#define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \ - type *d2i_##name(type **a, const unsigned char **in, long len); \ - int i2d_##name(type *a, unsigned char **out); \ - DECLARE_ASN1_ITEM(itname) - -#define DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \ - type *d2i_##name(type **a, const unsigned char **in, long len); \ - int i2d_##name(const type *a, unsigned char **out); \ - DECLARE_ASN1_ITEM(name) - -#define DECLARE_ASN1_NDEF_FUNCTION(name) \ - int i2d_##name##_NDEF(name *a, unsigned char **out); - -#define DECLARE_ASN1_FUNCTIONS_const(name) \ - DECLARE_ASN1_ALLOC_FUNCTIONS(name) \ - DECLARE_ASN1_ENCODE_FUNCTIONS_const(name, name) - -#define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ - type *name##_new(void); \ - void name##_free(type *a); - -#define DECLARE_ASN1_PRINT_FUNCTION(stname) \ - DECLARE_ASN1_PRINT_FUNCTION_fname(stname, stname) - -#define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \ - int fname##_print_ctx(BIO *out, stname *x, int indent, \ - const ASN1_PCTX *pctx); - -#endif /* !LIBRESSL_INTERNAL */ - -#define D2I_OF(type) type *(*)(type **,const unsigned char **,long) -#define I2D_OF(type) int (*)(type *,unsigned char **) -#define I2D_OF_const(type) int (*)(const type *,unsigned char **) - -#define CHECKED_D2I_OF(type, d2i) \ - ((d2i_of_void*) (1 ? d2i : ((D2I_OF(type))0))) -#define CHECKED_I2D_OF(type, i2d) \ - ((i2d_of_void*) (1 ? i2d : ((I2D_OF(type))0))) -#define CHECKED_NEW_OF(type, xnew) \ - ((void *(*)(void)) (1 ? xnew : ((type *(*)(void))0))) -#define CHECKED_PTR_OF(type, p) \ - ((void*) (1 ? p : (type*)0)) -#define CHECKED_PPTR_OF(type, p) \ - ((void**) (1 ? p : (type**)0)) - -#define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long) -#define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(type *,unsigned char **) -#define TYPEDEF_D2I2D_OF(type) TYPEDEF_D2I_OF(type); TYPEDEF_I2D_OF(type) - -TYPEDEF_D2I2D_OF(void); - -/* The following macros and typedefs allow an ASN1_ITEM - * to be embedded in a structure and referenced. Since - * the ASN1_ITEM pointers need to be globally accessible - * (possibly from shared libraries) they may exist in - * different forms. On platforms that support it the - * ASN1_ITEM structure itself will be globally exported. - * Other platforms will export a function that returns - * an ASN1_ITEM pointer. - * - * To handle both cases transparently the macros below - * should be used instead of hard coding an ASN1_ITEM - * pointer in a structure. - * - * The structure will look like this: - * - * typedef struct SOMETHING_st { - * ... - * ASN1_ITEM_EXP *iptr; - * ... - * } SOMETHING; - * - * It would be initialised as e.g.: - * - * SOMETHING somevar = {...,ASN1_ITEM_ref(X509),...}; - * - * and the actual pointer extracted with: - * - * const ASN1_ITEM *it = ASN1_ITEM_ptr(somevar.iptr); - * - * Finally an ASN1_ITEM pointer can be extracted from an - * appropriate reference with: ASN1_ITEM_rptr(X509). This - * would be used when a function takes an ASN1_ITEM * argument. - * - */ - -/* ASN1_ITEM pointer exported type */ -typedef const ASN1_ITEM ASN1_ITEM_EXP; - -#ifndef LIBRESSL_INTERNAL - -/* Macro to obtain ASN1_ITEM pointer from exported type */ -#define ASN1_ITEM_ptr(iptr) (iptr) - -/* Macro to include ASN1_ITEM pointer from base type */ -#define ASN1_ITEM_ref(iptr) (&(iptr##_it)) - -#define ASN1_ITEM_rptr(ref) (&(ref##_it)) - -#define DECLARE_ASN1_ITEM(name) \ - extern const ASN1_ITEM name##_it; - -#endif /* !LIBRESSL_INTERNAL */ - -/* Parameters used by ASN1_STRING_print_ex() */ - -/* These determine which characters to escape: - * RFC2253 special characters, control characters and - * MSB set characters - */ - -#define ASN1_STRFLGS_ESC_2253 1 -#define ASN1_STRFLGS_ESC_CTRL 2 -#define ASN1_STRFLGS_ESC_MSB 4 - - -/* This flag determines how we do escaping: normally - * RC2253 backslash only, set this to use backslash and - * quote. - */ - -#define ASN1_STRFLGS_ESC_QUOTE 8 - - -/* These three flags are internal use only. */ - -/* Character is a valid PrintableString character */ -#define CHARTYPE_PRINTABLESTRING 0x10 -/* Character needs escaping if it is the first character */ -#define CHARTYPE_FIRST_ESC_2253 0x20 -/* Character needs escaping if it is the last character */ -#define CHARTYPE_LAST_ESC_2253 0x40 - -/* NB the internal flags are safely reused below by flags - * handled at the top level. - */ - -/* If this is set we convert all character strings - * to UTF8 first - */ - -#define ASN1_STRFLGS_UTF8_CONVERT 0x10 - -/* If this is set we don't attempt to interpret content: - * just assume all strings are 1 byte per character. This - * will produce some pretty odd looking output! - */ - -#define ASN1_STRFLGS_IGNORE_TYPE 0x20 - -/* If this is set we include the string type in the output */ -#define ASN1_STRFLGS_SHOW_TYPE 0x40 - -/* This determines which strings to display and which to - * 'dump' (hex dump of content octets or DER encoding). We can - * only dump non character strings or everything. If we - * don't dump 'unknown' they are interpreted as character - * strings with 1 octet per character and are subject to - * the usual escaping options. - */ - -#define ASN1_STRFLGS_DUMP_ALL 0x80 -#define ASN1_STRFLGS_DUMP_UNKNOWN 0x100 - -/* These determine what 'dumping' does, we can dump the - * content octets or the DER encoding: both use the - * RFC2253 #NNNNN notation. - */ - -#define ASN1_STRFLGS_DUMP_DER 0x200 - -/* All the string flags consistent with RFC2253, - * escaping control characters isn't essential in - * RFC2253 but it is advisable anyway. - */ - -#define ASN1_STRFLGS_RFC2253 (ASN1_STRFLGS_ESC_2253 | \ - ASN1_STRFLGS_ESC_CTRL | \ - ASN1_STRFLGS_ESC_MSB | \ - ASN1_STRFLGS_UTF8_CONVERT | \ - ASN1_STRFLGS_DUMP_UNKNOWN | \ - ASN1_STRFLGS_DUMP_DER) - -DECLARE_STACK_OF(ASN1_INTEGER) - -DECLARE_STACK_OF(ASN1_GENERALSTRING) - -typedef struct asn1_type_st { - int type; - union { - char *ptr; - ASN1_BOOLEAN boolean; - ASN1_STRING * asn1_string; - ASN1_OBJECT * object; - ASN1_INTEGER * integer; - ASN1_ENUMERATED * enumerated; - ASN1_BIT_STRING * bit_string; - ASN1_OCTET_STRING * octet_string; - ASN1_PRINTABLESTRING * printablestring; - ASN1_T61STRING * t61string; - ASN1_IA5STRING * ia5string; - ASN1_GENERALSTRING * generalstring; - ASN1_BMPSTRING * bmpstring; - ASN1_UNIVERSALSTRING * universalstring; - ASN1_UTCTIME * utctime; - ASN1_GENERALIZEDTIME * generalizedtime; - ASN1_VISIBLESTRING * visiblestring; - ASN1_UTF8STRING * utf8string; - /* set and sequence are left complete and still - * contain the set or sequence bytes */ - ASN1_STRING * set; - ASN1_STRING * sequence; - ASN1_VALUE * asn1_value; - } value; -} ASN1_TYPE; - -DECLARE_STACK_OF(ASN1_TYPE) - -typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY; - -ASN1_SEQUENCE_ANY *d2i_ASN1_SEQUENCE_ANY(ASN1_SEQUENCE_ANY **a, const unsigned char **in, long len); -int i2d_ASN1_SEQUENCE_ANY(const ASN1_SEQUENCE_ANY *a, unsigned char **out); -extern const ASN1_ITEM ASN1_SEQUENCE_ANY_it; -ASN1_SEQUENCE_ANY *d2i_ASN1_SET_ANY(ASN1_SEQUENCE_ANY **a, const unsigned char **in, long len); -int i2d_ASN1_SET_ANY(const ASN1_SEQUENCE_ANY *a, unsigned char **out); -extern const ASN1_ITEM ASN1_SET_ANY_it; - -/* This is used to contain a list of bit names */ -typedef struct BIT_STRING_BITNAME_st { - int bitnum; - const char *lname; - const char *sname; -} BIT_STRING_BITNAME; - -#define B_ASN1_TIME \ - B_ASN1_UTCTIME | \ - B_ASN1_GENERALIZEDTIME - -#define B_ASN1_PRINTABLE \ - B_ASN1_NUMERICSTRING| \ - B_ASN1_PRINTABLESTRING| \ - B_ASN1_T61STRING| \ - B_ASN1_IA5STRING| \ - B_ASN1_BIT_STRING| \ - B_ASN1_UNIVERSALSTRING|\ - B_ASN1_BMPSTRING|\ - B_ASN1_UTF8STRING|\ - B_ASN1_SEQUENCE|\ - B_ASN1_UNKNOWN - -#define B_ASN1_DIRECTORYSTRING \ - B_ASN1_PRINTABLESTRING| \ - B_ASN1_TELETEXSTRING|\ - B_ASN1_BMPSTRING|\ - B_ASN1_UNIVERSALSTRING|\ - B_ASN1_UTF8STRING - -#define B_ASN1_DISPLAYTEXT \ - B_ASN1_IA5STRING| \ - B_ASN1_VISIBLESTRING| \ - B_ASN1_BMPSTRING|\ - B_ASN1_UTF8STRING - -ASN1_TYPE *ASN1_TYPE_new(void); -void ASN1_TYPE_free(ASN1_TYPE *a); -ASN1_TYPE *d2i_ASN1_TYPE(ASN1_TYPE **a, const unsigned char **in, long len); -int i2d_ASN1_TYPE(ASN1_TYPE *a, unsigned char **out); -extern const ASN1_ITEM ASN1_ANY_it; - -int ASN1_TYPE_get(const ASN1_TYPE *a); -void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value); -int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value); -int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b); - -ASN1_OBJECT *ASN1_OBJECT_new(void); -void ASN1_OBJECT_free(ASN1_OBJECT *a); -int i2d_ASN1_OBJECT(const ASN1_OBJECT *a, unsigned char **pp); -ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, - long length); - -extern const ASN1_ITEM ASN1_OBJECT_it; - -DECLARE_STACK_OF(ASN1_OBJECT) - -ASN1_STRING *ASN1_STRING_new(void); -void ASN1_STRING_free(ASN1_STRING *a); -int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str); -ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *a); -ASN1_STRING *ASN1_STRING_type_new(int type); -int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b); - /* Since this is used to store all sorts of things, via macros, for now, make - its data void * */ -int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len); -void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len); -int ASN1_STRING_length(const ASN1_STRING *x); -void ASN1_STRING_length_set(ASN1_STRING *x, int n); -int ASN1_STRING_type(const ASN1_STRING *x); -unsigned char *ASN1_STRING_data(ASN1_STRING *x); -const unsigned char *ASN1_STRING_get0_data(const ASN1_STRING *x); - -ASN1_BIT_STRING *ASN1_BIT_STRING_new(void); -void ASN1_BIT_STRING_free(ASN1_BIT_STRING *a); -ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, const unsigned char **in, long len); -int i2d_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **out); -extern const ASN1_ITEM ASN1_BIT_STRING_it; -int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, int length); -int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value); -int ASN1_BIT_STRING_get_bit(const ASN1_BIT_STRING *a, int n); - -ASN1_INTEGER *ASN1_INTEGER_new(void); -void ASN1_INTEGER_free(ASN1_INTEGER *a); -ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **in, long len); -int i2d_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **out); -extern const ASN1_ITEM ASN1_INTEGER_it; -ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, - long length); -ASN1_INTEGER * ASN1_INTEGER_dup(const ASN1_INTEGER *x); -int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y); - -ASN1_ENUMERATED *ASN1_ENUMERATED_new(void); -void ASN1_ENUMERATED_free(ASN1_ENUMERATED *a); -ASN1_ENUMERATED *d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **a, const unsigned char **in, long len); -int i2d_ASN1_ENUMERATED(ASN1_ENUMERATED *a, unsigned char **out); -extern const ASN1_ITEM ASN1_ENUMERATED_it; - -int ASN1_UTCTIME_check(const ASN1_UTCTIME *a); -ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t); -ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, - int offset_day, long offset_sec); -int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str); - -int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t); - -int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *a); -ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s, - time_t t); -ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s, - time_t t, int offset_day, long offset_sec); -int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str); - -ASN1_OCTET_STRING *ASN1_OCTET_STRING_new(void); -void ASN1_OCTET_STRING_free(ASN1_OCTET_STRING *a); -ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a, const unsigned char **in, long len); -int i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a, unsigned char **out); -extern const ASN1_ITEM ASN1_OCTET_STRING_it; -ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *a); -int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a, - const ASN1_OCTET_STRING *b); -int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data, - int len); - -ASN1_VISIBLESTRING *ASN1_VISIBLESTRING_new(void); -void ASN1_VISIBLESTRING_free(ASN1_VISIBLESTRING *a); -ASN1_VISIBLESTRING *d2i_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING **a, const unsigned char **in, long len); -int i2d_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING *a, unsigned char **out); -extern const ASN1_ITEM ASN1_VISIBLESTRING_it; -ASN1_UNIVERSALSTRING *ASN1_UNIVERSALSTRING_new(void); -void ASN1_UNIVERSALSTRING_free(ASN1_UNIVERSALSTRING *a); -ASN1_UNIVERSALSTRING *d2i_ASN1_UNIVERSALSTRING(ASN1_UNIVERSALSTRING **a, const unsigned char **in, long len); -int i2d_ASN1_UNIVERSALSTRING(ASN1_UNIVERSALSTRING *a, unsigned char **out); -extern const ASN1_ITEM ASN1_UNIVERSALSTRING_it; -ASN1_UTF8STRING *ASN1_UTF8STRING_new(void); -void ASN1_UTF8STRING_free(ASN1_UTF8STRING *a); -ASN1_UTF8STRING *d2i_ASN1_UTF8STRING(ASN1_UTF8STRING **a, const unsigned char **in, long len); -int i2d_ASN1_UTF8STRING(ASN1_UTF8STRING *a, unsigned char **out); -extern const ASN1_ITEM ASN1_UTF8STRING_it; -ASN1_NULL *ASN1_NULL_new(void); -void ASN1_NULL_free(ASN1_NULL *a); -ASN1_NULL *d2i_ASN1_NULL(ASN1_NULL **a, const unsigned char **in, long len); -int i2d_ASN1_NULL(ASN1_NULL *a, unsigned char **out); -extern const ASN1_ITEM ASN1_NULL_it; -ASN1_BMPSTRING *ASN1_BMPSTRING_new(void); -void ASN1_BMPSTRING_free(ASN1_BMPSTRING *a); -ASN1_BMPSTRING *d2i_ASN1_BMPSTRING(ASN1_BMPSTRING **a, const unsigned char **in, long len); -int i2d_ASN1_BMPSTRING(ASN1_BMPSTRING *a, unsigned char **out); -extern const ASN1_ITEM ASN1_BMPSTRING_it; - -ASN1_STRING *ASN1_PRINTABLE_new(void); -void ASN1_PRINTABLE_free(ASN1_STRING *a); -ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **a, const unsigned char **in, long len); -int i2d_ASN1_PRINTABLE(ASN1_STRING *a, unsigned char **out); -extern const ASN1_ITEM ASN1_PRINTABLE_it; - -ASN1_STRING *DIRECTORYSTRING_new(void); -void DIRECTORYSTRING_free(ASN1_STRING *a); -ASN1_STRING *d2i_DIRECTORYSTRING(ASN1_STRING **a, const unsigned char **in, long len); -int i2d_DIRECTORYSTRING(ASN1_STRING *a, unsigned char **out); -extern const ASN1_ITEM DIRECTORYSTRING_it; -ASN1_STRING *DISPLAYTEXT_new(void); -void DISPLAYTEXT_free(ASN1_STRING *a); -ASN1_STRING *d2i_DISPLAYTEXT(ASN1_STRING **a, const unsigned char **in, long len); -int i2d_DISPLAYTEXT(ASN1_STRING *a, unsigned char **out); -extern const ASN1_ITEM DISPLAYTEXT_it; -ASN1_PRINTABLESTRING *ASN1_PRINTABLESTRING_new(void); -void ASN1_PRINTABLESTRING_free(ASN1_PRINTABLESTRING *a); -ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a, const unsigned char **in, long len); -int i2d_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING *a, unsigned char **out); -extern const ASN1_ITEM ASN1_PRINTABLESTRING_it; -ASN1_T61STRING *ASN1_T61STRING_new(void); -void ASN1_T61STRING_free(ASN1_T61STRING *a); -ASN1_T61STRING *d2i_ASN1_T61STRING(ASN1_T61STRING **a, const unsigned char **in, long len); -int i2d_ASN1_T61STRING(ASN1_T61STRING *a, unsigned char **out); -extern const ASN1_ITEM ASN1_T61STRING_it; -ASN1_IA5STRING *ASN1_IA5STRING_new(void); -void ASN1_IA5STRING_free(ASN1_IA5STRING *a); -ASN1_IA5STRING *d2i_ASN1_IA5STRING(ASN1_IA5STRING **a, const unsigned char **in, long len); -int i2d_ASN1_IA5STRING(ASN1_IA5STRING *a, unsigned char **out); -extern const ASN1_ITEM ASN1_IA5STRING_it; -ASN1_GENERALSTRING *ASN1_GENERALSTRING_new(void); -void ASN1_GENERALSTRING_free(ASN1_GENERALSTRING *a); -ASN1_GENERALSTRING *d2i_ASN1_GENERALSTRING(ASN1_GENERALSTRING **a, const unsigned char **in, long len); -int i2d_ASN1_GENERALSTRING(ASN1_GENERALSTRING *a, unsigned char **out); -extern const ASN1_ITEM ASN1_GENERALSTRING_it; -ASN1_UTCTIME *ASN1_UTCTIME_new(void); -void ASN1_UTCTIME_free(ASN1_UTCTIME *a); -ASN1_UTCTIME *d2i_ASN1_UTCTIME(ASN1_UTCTIME **a, const unsigned char **in, long len); -int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **out); -extern const ASN1_ITEM ASN1_UTCTIME_it; -ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_new(void); -void ASN1_GENERALIZEDTIME_free(ASN1_GENERALIZEDTIME *a); -ASN1_GENERALIZEDTIME *d2i_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME **a, const unsigned char **in, long len); -int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **out); -extern const ASN1_ITEM ASN1_GENERALIZEDTIME_it; -ASN1_TIME *ASN1_TIME_new(void); -void ASN1_TIME_free(ASN1_TIME *a); -ASN1_TIME *d2i_ASN1_TIME(ASN1_TIME **a, const unsigned char **in, long len); -int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **out); -extern const ASN1_ITEM ASN1_TIME_it; - -int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm); -int ASN1_TIME_compare(const ASN1_TIME *t1, const ASN1_TIME *t2); -int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t2); -int ASN1_TIME_normalize(ASN1_TIME *t); -int ASN1_TIME_set_string_X509(ASN1_TIME *time, const char *str); -int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from, - const ASN1_TIME *to); - -extern const ASN1_ITEM ASN1_OCTET_STRING_NDEF_it; - -ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t); -ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day, - long offset_sec); -int ASN1_TIME_check(const ASN1_TIME *t); -ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(const ASN1_TIME *t, - ASN1_GENERALIZEDTIME **out); -int ASN1_TIME_set_string(ASN1_TIME *s, const char *str); - -#ifndef OPENSSL_NO_BIO -int i2a_ASN1_INTEGER(BIO *bp, const ASN1_INTEGER *a); -int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size); -int i2a_ASN1_ENUMERATED(BIO *bp, const ASN1_ENUMERATED *a); -int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size); -int i2a_ASN1_OBJECT(BIO *bp, const ASN1_OBJECT *a); -int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size); -int i2a_ASN1_STRING(BIO *bp, const ASN1_STRING *a, int type); -#endif -int i2t_ASN1_OBJECT(char *buf, int buf_len, const ASN1_OBJECT *a); - -int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num); -ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len, - const char *sn, const char *ln); - -int ASN1_INTEGER_get_uint64(uint64_t *out_val, const ASN1_INTEGER *aint); -int ASN1_INTEGER_set_uint64(ASN1_INTEGER *aint, uint64_t val); -int ASN1_INTEGER_get_int64(int64_t *out_val, const ASN1_INTEGER *aint); -int ASN1_INTEGER_set_int64(ASN1_INTEGER *aint, int64_t val); -int ASN1_INTEGER_set(ASN1_INTEGER *a, long v); -long ASN1_INTEGER_get(const ASN1_INTEGER *a); -ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai); -BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn); - -int ASN1_ENUMERATED_get_int64(int64_t *out_val, const ASN1_ENUMERATED *aenum); -int ASN1_ENUMERATED_set_int64(ASN1_ENUMERATED *aenum, int64_t val); -int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v); -long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a); -ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(const BIGNUM *bn, ASN1_ENUMERATED *ai); -BIGNUM *ASN1_ENUMERATED_to_BN(const ASN1_ENUMERATED *ai, BIGNUM *bn); - -/* General */ -/* given a string, return the correct type, max is the maximum length */ -int ASN1_PRINTABLE_type(const unsigned char *s, int max); - -/* SPECIALS */ -int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag, - int *pclass, long omax); -void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag, - int xclass); -int ASN1_put_eoc(unsigned char **pp); -int ASN1_object_size(int constructed, int length, int tag); - -void *ASN1_item_dup(const ASN1_ITEM *it, void *x); - -void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x); - -void *ASN1_d2i_fp(void *(*xnew)(void), d2i_of_void *d2i, FILE *in, void **x); - -#define ASN1_d2i_fp_of(type,xnew,d2i,in,x) \ - ((type*)ASN1_d2i_fp(CHECKED_NEW_OF(type, xnew), \ - CHECKED_D2I_OF(type, d2i), \ - in, \ - CHECKED_PPTR_OF(type, x))) - -void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x); -int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x); - -#define ASN1_i2d_fp_of(type,i2d,out,x) \ - (ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \ - out, \ - CHECKED_PTR_OF(type, x))) - -#define ASN1_i2d_fp_of_const(type,i2d,out,x) \ - (ASN1_i2d_fp(CHECKED_I2D_OF(const type, i2d), \ - out, \ - CHECKED_PTR_OF(const type, x))) - -int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x); -int ASN1_STRING_print_ex_fp(FILE *fp, const ASN1_STRING *str, - unsigned long flags); - -int ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in); - -#ifndef OPENSSL_NO_BIO -void *ASN1_d2i_bio(void *(*xnew)(void), d2i_of_void *d2i, BIO *in, void **x); - -#define ASN1_d2i_bio_of(type,xnew,d2i,in,x) \ - ((type*)ASN1_d2i_bio( CHECKED_NEW_OF(type, xnew), \ - CHECKED_D2I_OF(type, d2i), \ - in, \ - CHECKED_PPTR_OF(type, x))) - -void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x); -int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x); - -#define ASN1_i2d_bio_of(type,i2d,out,x) \ - (ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \ - out, \ - CHECKED_PTR_OF(type, x))) - -#define ASN1_i2d_bio_of_const(type,i2d,out,x) \ - (ASN1_i2d_bio(CHECKED_I2D_OF(const type, i2d), \ - out, \ - CHECKED_PTR_OF(const type, x))) - -int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x); -int ASN1_UTCTIME_print(BIO *fp, const ASN1_UTCTIME *a); -int ASN1_GENERALIZEDTIME_print(BIO *fp, const ASN1_GENERALIZEDTIME *a); -int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a); -int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v); -int ASN1_STRING_print_ex(BIO *out, const ASN1_STRING *str, unsigned long flags); -int ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent); -int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent, int dump); -#endif - -unsigned long ASN1_tag2bit(int tag); -const char *ASN1_tag2str(int tag); - -int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s); - -int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, const unsigned char *data, int len); -int ASN1_TYPE_get_octetstring(const ASN1_TYPE *a, unsigned char *data, - int max_len); -int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, const unsigned char *data, - int len); -int ASN1_TYPE_get_int_octetstring(const ASN1_TYPE *a, long *num, - unsigned char *data, int max_len); - -ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, - ASN1_OCTET_STRING **oct); -void *ASN1_item_unpack(const ASN1_STRING *oct, const ASN1_ITEM *it); - -void ASN1_STRING_set_default_mask(unsigned long mask); -int ASN1_STRING_set_default_mask_asc(const char *p); -unsigned long ASN1_STRING_get_default_mask(void); -int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len, - int inform, unsigned long mask); -int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, - int inform, unsigned long mask, long minsize, long maxsize); - -ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, - const unsigned char *in, int inlen, int inform, int nid); -const ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid); - -/* ASN1 template functions */ - -/* Old API compatible functions */ -ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it); -void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it); -ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **val, const unsigned char **in, - long len, const ASN1_ITEM *it); -int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); - -ASN1_TYPE *ASN1_generate_nconf(const char *str, CONF *nconf); -ASN1_TYPE *ASN1_generate_v3(const char *str, X509V3_CTX *cnf); - -/* ASN1 Print flags */ - -/* Indicate missing OPTIONAL fields */ -#define ASN1_PCTX_FLAGS_SHOW_ABSENT 0x001 -/* Mark start and end of SEQUENCE */ -#define ASN1_PCTX_FLAGS_SHOW_SEQUENCE 0x002 -/* Mark start and end of SEQUENCE/SET OF */ -#define ASN1_PCTX_FLAGS_SHOW_SSOF 0x004 -/* Show the ASN1 type of primitives */ -#define ASN1_PCTX_FLAGS_SHOW_TYPE 0x008 -/* Don't show ASN1 type of ANY */ -#define ASN1_PCTX_FLAGS_NO_ANY_TYPE 0x010 -/* Don't show ASN1 type of MSTRINGs */ -#define ASN1_PCTX_FLAGS_NO_MSTRING_TYPE 0x020 -/* Don't show field names in SEQUENCE */ -#define ASN1_PCTX_FLAGS_NO_FIELD_NAME 0x040 -/* Show structure names of each SEQUENCE field */ -#define ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME 0x080 -/* Don't show structure name even at top level */ -#define ASN1_PCTX_FLAGS_NO_STRUCT_NAME 0x100 - -int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent, - const ASN1_ITEM *it, const ASN1_PCTX *pctx); - -int SMIME_crlf_copy(BIO *in, BIO *out, int flags); -int SMIME_text(BIO *in, BIO *out); - -void ERR_load_ASN1_strings(void); - -/* Error codes for the ASN1 functions. */ - -/* Function codes. */ -#define ASN1_F_A2D_ASN1_OBJECT 100 -#define ASN1_F_A2I_ASN1_ENUMERATED 101 -#define ASN1_F_A2I_ASN1_INTEGER 102 -#define ASN1_F_A2I_ASN1_STRING 103 -#define ASN1_F_APPEND_EXP 176 -#define ASN1_F_ASN1_BIT_STRING_SET_BIT 183 -#define ASN1_F_ASN1_CB 177 -#define ASN1_F_ASN1_CHECK_TLEN 104 -#define ASN1_F_ASN1_COLLATE_PRIMITIVE 105 -#define ASN1_F_ASN1_COLLECT 106 -#define ASN1_F_ASN1_D2I_EX_PRIMITIVE 108 -#define ASN1_F_ASN1_D2I_FP 109 -#define ASN1_F_ASN1_D2I_READ_BIO 107 -#define ASN1_F_ASN1_DIGEST 184 -#define ASN1_F_ASN1_DO_ADB 110 -#define ASN1_F_ASN1_DUP 111 -#define ASN1_F_ASN1_ENUMERATED_SET 112 -#define ASN1_F_ASN1_ENUMERATED_TO_BN 113 -#define ASN1_F_ASN1_EX_C2I 204 -#define ASN1_F_ASN1_FIND_END 190 -#define ASN1_F_ASN1_GENERALIZEDTIME_ADJ 216 -#define ASN1_F_ASN1_GENERALIZEDTIME_SET 185 -#define ASN1_F_ASN1_GENERATE_V3 178 -#define ASN1_F_ASN1_GET_OBJECT 114 -#define ASN1_F_ASN1_HEADER_NEW 115 -#define ASN1_F_ASN1_I2D_BIO 116 -#define ASN1_F_ASN1_I2D_FP 117 -#define ASN1_F_ASN1_INTEGER_SET 118 -#define ASN1_F_ASN1_INTEGER_TO_BN 119 -#define ASN1_F_ASN1_ITEM_D2I_FP 206 -#define ASN1_F_ASN1_ITEM_DUP 191 -#define ASN1_F_ASN1_ITEM_EX_COMBINE_NEW 121 -#define ASN1_F_ASN1_ITEM_EX_D2I 120 -#define ASN1_F_ASN1_ITEM_I2D_BIO 192 -#define ASN1_F_ASN1_ITEM_I2D_FP 193 -#define ASN1_F_ASN1_ITEM_PACK 198 -#define ASN1_F_ASN1_ITEM_SIGN 195 -#define ASN1_F_ASN1_ITEM_SIGN_CTX 220 -#define ASN1_F_ASN1_ITEM_UNPACK 199 -#define ASN1_F_ASN1_ITEM_VERIFY 197 -#define ASN1_F_ASN1_MBSTRING_NCOPY 122 -#define ASN1_F_ASN1_OBJECT_NEW 123 -#define ASN1_F_ASN1_OUTPUT_DATA 214 -#define ASN1_F_ASN1_PACK_STRING 124 -#define ASN1_F_ASN1_PCTX_NEW 205 -#define ASN1_F_ASN1_PKCS5_PBE_SET 125 -#define ASN1_F_ASN1_SEQ_PACK 126 -#define ASN1_F_ASN1_SEQ_UNPACK 127 -#define ASN1_F_ASN1_SIGN 128 -#define ASN1_F_ASN1_STR2TYPE 179 -#define ASN1_F_ASN1_STRING_SET 186 -#define ASN1_F_ASN1_STRING_TABLE_ADD 129 -#define ASN1_F_ASN1_STRING_TYPE_NEW 130 -#define ASN1_F_ASN1_TEMPLATE_EX_D2I 132 -#define ASN1_F_ASN1_TEMPLATE_NEW 133 -#define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I 131 -#define ASN1_F_ASN1_TIME_ADJ 217 -#define ASN1_F_ASN1_TIME_SET 175 -#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134 -#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135 -#define ASN1_F_ASN1_UNPACK_STRING 136 -#define ASN1_F_ASN1_UTCTIME_ADJ 218 -#define ASN1_F_ASN1_UTCTIME_SET 187 -#define ASN1_F_ASN1_VERIFY 137 -#define ASN1_F_B64_READ_ASN1 209 -#define ASN1_F_B64_WRITE_ASN1 210 -#define ASN1_F_BIO_NEW_NDEF 208 -#define ASN1_F_BITSTR_CB 180 -#define ASN1_F_BN_TO_ASN1_ENUMERATED 138 -#define ASN1_F_BN_TO_ASN1_INTEGER 139 -#define ASN1_F_C2I_ASN1_BIT_STRING 189 -#define ASN1_F_C2I_ASN1_INTEGER 194 -#define ASN1_F_C2I_ASN1_OBJECT 196 -#define ASN1_F_COLLECT_DATA 140 -#define ASN1_F_D2I_ASN1_BIT_STRING 141 -#define ASN1_F_D2I_ASN1_BOOLEAN 142 -#define ASN1_F_D2I_ASN1_BYTES 143 -#define ASN1_F_D2I_ASN1_GENERALIZEDTIME 144 -#define ASN1_F_D2I_ASN1_HEADER 145 -#define ASN1_F_D2I_ASN1_INTEGER 146 -#define ASN1_F_D2I_ASN1_OBJECT 147 -#define ASN1_F_D2I_ASN1_SET 148 -#define ASN1_F_D2I_ASN1_TYPE_BYTES 149 -#define ASN1_F_D2I_ASN1_UINTEGER 150 -#define ASN1_F_D2I_ASN1_UTCTIME 151 -#define ASN1_F_D2I_AUTOPRIVATEKEY 207 -#define ASN1_F_D2I_NETSCAPE_RSA 152 -#define ASN1_F_D2I_NETSCAPE_RSA_2 153 -#define ASN1_F_D2I_PRIVATEKEY 154 -#define ASN1_F_D2I_PUBLICKEY 155 -#define ASN1_F_D2I_RSA_NET 200 -#define ASN1_F_D2I_RSA_NET_2 201 -#define ASN1_F_D2I_X509 156 -#define ASN1_F_D2I_X509_CINF 157 -#define ASN1_F_D2I_X509_PKEY 159 -#define ASN1_F_I2D_ASN1_BIO_STREAM 211 -#define ASN1_F_I2D_ASN1_SET 188 -#define ASN1_F_I2D_ASN1_TIME 160 -#define ASN1_F_I2D_DSA_PUBKEY 161 -#define ASN1_F_I2D_EC_PUBKEY 181 -#define ASN1_F_I2D_PRIVATEKEY 163 -#define ASN1_F_I2D_PUBLICKEY 164 -#define ASN1_F_I2D_RSA_NET 162 -#define ASN1_F_I2D_RSA_PUBKEY 165 -#define ASN1_F_LONG_C2I 166 -#define ASN1_F_OID_MODULE_INIT 174 -#define ASN1_F_PARSE_TAGGING 182 -#define ASN1_F_PKCS5_PBE2_SET_IV 167 -#define ASN1_F_PKCS5_PBE_SET 202 -#define ASN1_F_PKCS5_PBE_SET0_ALGOR 215 -#define ASN1_F_PKCS5_PBKDF2_SET 219 -#define ASN1_F_SMIME_READ_ASN1 212 -#define ASN1_F_SMIME_TEXT 213 -#define ASN1_F_X509_CINF_NEW 168 -#define ASN1_F_X509_CRL_ADD0_REVOKED 169 -#define ASN1_F_X509_INFO_NEW 170 -#define ASN1_F_X509_NAME_ENCODE 203 -#define ASN1_F_X509_NAME_EX_D2I 158 -#define ASN1_F_X509_NAME_EX_NEW 171 -#define ASN1_F_X509_NEW 172 -#define ASN1_F_X509_PKEY_NEW 173 - -/* Reason codes. */ -#define ASN1_R_ADDING_OBJECT 171 -#define ASN1_R_ASN1_PARSE_ERROR 203 -#define ASN1_R_ASN1_SIG_PARSE_ERROR 204 -#define ASN1_R_AUX_ERROR 100 -#define ASN1_R_BAD_CLASS 101 -#define ASN1_R_BAD_OBJECT_HEADER 102 -#define ASN1_R_BAD_PASSWORD_READ 103 -#define ASN1_R_BAD_TAG 104 -#define ASN1_R_BAD_TEMPLATE 230 -#define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 214 -#define ASN1_R_BN_LIB 105 -#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106 -#define ASN1_R_BUFFER_TOO_SMALL 107 -#define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 108 -#define ASN1_R_CONTEXT_NOT_INITIALISED 217 -#define ASN1_R_DATA_IS_WRONG 109 -#define ASN1_R_DECODE_ERROR 110 -#define ASN1_R_DECODING_ERROR 111 -#define ASN1_R_DEPTH_EXCEEDED 174 -#define ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED 198 -#define ASN1_R_ENCODE_ERROR 112 -#define ASN1_R_ERROR_GETTING_TIME 173 -#define ASN1_R_ERROR_LOADING_SECTION 172 -#define ASN1_R_ERROR_PARSING_SET_ELEMENT 113 -#define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 114 -#define ASN1_R_EXPECTING_AN_INTEGER 115 -#define ASN1_R_EXPECTING_AN_OBJECT 116 -#define ASN1_R_EXPECTING_A_BOOLEAN 117 -#define ASN1_R_EXPECTING_A_TIME 118 -#define ASN1_R_EXPLICIT_LENGTH_MISMATCH 119 -#define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED 120 -#define ASN1_R_FIELD_MISSING 121 -#define ASN1_R_FIRST_NUM_TOO_LARGE 122 -#define ASN1_R_HEADER_TOO_LONG 123 -#define ASN1_R_ILLEGAL_BITSTRING_FORMAT 175 -#define ASN1_R_ILLEGAL_BOOLEAN 176 -#define ASN1_R_ILLEGAL_CHARACTERS 124 -#define ASN1_R_ILLEGAL_FORMAT 177 -#define ASN1_R_ILLEGAL_HEX 178 -#define ASN1_R_ILLEGAL_IMPLICIT_TAG 179 -#define ASN1_R_ILLEGAL_INTEGER 180 -#define ASN1_R_ILLEGAL_NEGATIVE_VALUE 226 -#define ASN1_R_ILLEGAL_NESTED_TAGGING 181 -#define ASN1_R_ILLEGAL_NULL 125 -#define ASN1_R_ILLEGAL_NULL_VALUE 182 -#define ASN1_R_ILLEGAL_OBJECT 183 -#define ASN1_R_ILLEGAL_OPTIONAL_ANY 126 -#define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE 170 -#define ASN1_R_ILLEGAL_TAGGED_ANY 127 -#define ASN1_R_ILLEGAL_TIME_VALUE 184 -#define ASN1_R_INTEGER_NOT_ASCII_FORMAT 185 -#define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128 -#define ASN1_R_INVALID_BIT_STRING_BITS_LEFT 220 -#define ASN1_R_INVALID_BMPSTRING_LENGTH 129 -#define ASN1_R_INVALID_DIGIT 130 -#define ASN1_R_INVALID_MIME_TYPE 205 -#define ASN1_R_INVALID_MODIFIER 186 -#define ASN1_R_INVALID_NUMBER 187 -#define ASN1_R_INVALID_OBJECT_ENCODING 216 -#define ASN1_R_INVALID_SEPARATOR 131 -#define ASN1_R_INVALID_TIME_FORMAT 132 -#define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133 -#define ASN1_R_INVALID_UTF8STRING 134 -#define ASN1_R_IV_TOO_LARGE 135 -#define ASN1_R_LENGTH_ERROR 136 -#define ASN1_R_LIST_ERROR 188 -#define ASN1_R_MIME_NO_CONTENT_TYPE 206 -#define ASN1_R_MIME_PARSE_ERROR 207 -#define ASN1_R_MIME_SIG_PARSE_ERROR 208 -#define ASN1_R_MISSING_EOC 137 -#define ASN1_R_MISSING_SECOND_NUMBER 138 -#define ASN1_R_MISSING_VALUE 189 -#define ASN1_R_MSTRING_NOT_UNIVERSAL 139 -#define ASN1_R_MSTRING_WRONG_TAG 140 -#define ASN1_R_NESTED_ASN1_STRING 197 -#define ASN1_R_NESTED_TOO_DEEP 219 -#define ASN1_R_NON_HEX_CHARACTERS 141 -#define ASN1_R_NOT_ASCII_FORMAT 190 -#define ASN1_R_NOT_ENOUGH_DATA 142 -#define ASN1_R_NO_CONTENT_TYPE 209 -#define ASN1_R_NO_DEFAULT_DIGEST 201 -#define ASN1_R_NO_MATCHING_CHOICE_TYPE 143 -#define ASN1_R_NO_MULTIPART_BODY_FAILURE 210 -#define ASN1_R_NO_MULTIPART_BOUNDARY 211 -#define ASN1_R_NO_SIG_CONTENT_TYPE 212 -#define ASN1_R_NULL_IS_WRONG_LENGTH 144 -#define ASN1_R_OBJECT_NOT_ASCII_FORMAT 191 -#define ASN1_R_ODD_NUMBER_OF_CHARS 145 -#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 146 -#define ASN1_R_SECOND_NUMBER_TOO_LARGE 147 -#define ASN1_R_SEQUENCE_LENGTH_MISMATCH 148 -#define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 149 -#define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG 192 -#define ASN1_R_SHORT_LINE 150 -#define ASN1_R_SIG_INVALID_MIME_TYPE 213 -#define ASN1_R_STREAMING_NOT_SUPPORTED 202 -#define ASN1_R_STRING_TOO_LONG 151 -#define ASN1_R_STRING_TOO_SHORT 152 -#define ASN1_R_TAG_VALUE_TOO_HIGH 153 -#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154 -#define ASN1_R_TIME_NOT_ASCII_FORMAT 193 -#define ASN1_R_TOO_LARGE 223 -#define ASN1_R_TOO_LONG 155 -#define ASN1_R_TOO_SMALL 224 -#define ASN1_R_TYPE_NOT_CONSTRUCTED 156 -#define ASN1_R_TYPE_NOT_PRIMITIVE 231 -#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157 -#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 158 -#define ASN1_R_UNEXPECTED_EOC 159 -#define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH 215 -#define ASN1_R_UNKNOWN_FORMAT 160 -#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161 -#define ASN1_R_UNKNOWN_OBJECT_TYPE 162 -#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 163 -#define ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM 199 -#define ASN1_R_UNKNOWN_TAG 194 -#define ASN1_R_UNKOWN_FORMAT 195 -#define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 164 -#define ASN1_R_UNSUPPORTED_CIPHER 165 -#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 166 -#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167 -#define ASN1_R_UNSUPPORTED_TYPE 196 -#define ASN1_R_WRONG_INTEGER_TYPE 225 -#define ASN1_R_WRONG_PUBLIC_KEY_TYPE 200 -#define ASN1_R_WRONG_TAG 168 -#define ASN1_R_WRONG_TYPE 169 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/asn1/asn1_err.c b/src/lib/libcrypto/asn1/asn1_err.c deleted file mode 100644 index 44809c76b1..0000000000 --- a/src/lib/libcrypto/asn1/asn1_err.c +++ /dev/null @@ -1,216 +0,0 @@ -/* $OpenBSD: asn1_err.c,v 1.27 2024/06/24 06:43:22 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include - -#include "err_local.h" - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ASN1,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ASN1,0,reason) - -static const ERR_STRING_DATA ASN1_str_functs[] = { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static const ERR_STRING_DATA ASN1_str_reasons[] = { - {ERR_REASON(ASN1_R_ADDING_OBJECT) , "adding object"}, - {ERR_REASON(ASN1_R_ASN1_PARSE_ERROR) , "asn1 parse error"}, - {ERR_REASON(ASN1_R_ASN1_SIG_PARSE_ERROR) , "asn1 sig parse error"}, - {ERR_REASON(ASN1_R_AUX_ERROR) , "aux error"}, - {ERR_REASON(ASN1_R_BAD_CLASS) , "bad class"}, - {ERR_REASON(ASN1_R_BAD_OBJECT_HEADER) , "bad object header"}, - {ERR_REASON(ASN1_R_BAD_PASSWORD_READ) , "bad password read"}, - {ERR_REASON(ASN1_R_BAD_TAG) , "bad tag"}, - {ERR_REASON(ASN1_R_BAD_TEMPLATE) , "bad template"}, - {ERR_REASON(ASN1_R_BMPSTRING_IS_WRONG_LENGTH), "bmpstring is wrong length"}, - {ERR_REASON(ASN1_R_BN_LIB) , "bn lib"}, - {ERR_REASON(ASN1_R_BOOLEAN_IS_WRONG_LENGTH), "boolean is wrong length"}, - {ERR_REASON(ASN1_R_BUFFER_TOO_SMALL) , "buffer too small"}, - {ERR_REASON(ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER), "cipher has no object identifier"}, - {ERR_REASON(ASN1_R_CONTEXT_NOT_INITIALISED), "context not initialised"}, - {ERR_REASON(ASN1_R_DATA_IS_WRONG) , "data is wrong"}, - {ERR_REASON(ASN1_R_DECODE_ERROR) , "decode error"}, - {ERR_REASON(ASN1_R_DECODING_ERROR) , "decoding error"}, - {ERR_REASON(ASN1_R_DEPTH_EXCEEDED) , "depth exceeded"}, - {ERR_REASON(ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED), "digest and key type not supported"}, - {ERR_REASON(ASN1_R_ENCODE_ERROR) , "encode error"}, - {ERR_REASON(ASN1_R_ERROR_GETTING_TIME) , "error getting time"}, - {ERR_REASON(ASN1_R_ERROR_LOADING_SECTION), "error loading section"}, - {ERR_REASON(ASN1_R_ERROR_PARSING_SET_ELEMENT), "error parsing set element"}, - {ERR_REASON(ASN1_R_ERROR_SETTING_CIPHER_PARAMS), "error setting cipher params"}, - {ERR_REASON(ASN1_R_EXPECTING_AN_INTEGER) , "expecting an integer"}, - {ERR_REASON(ASN1_R_EXPECTING_AN_OBJECT) , "expecting an object"}, - {ERR_REASON(ASN1_R_EXPECTING_A_BOOLEAN) , "expecting a boolean"}, - {ERR_REASON(ASN1_R_EXPECTING_A_TIME) , "expecting a time"}, - {ERR_REASON(ASN1_R_EXPLICIT_LENGTH_MISMATCH), "explicit length mismatch"}, - {ERR_REASON(ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED), "explicit tag not constructed"}, - {ERR_REASON(ASN1_R_FIELD_MISSING) , "field missing"}, - {ERR_REASON(ASN1_R_FIRST_NUM_TOO_LARGE) , "first num too large"}, - {ERR_REASON(ASN1_R_HEADER_TOO_LONG) , "header too long"}, - {ERR_REASON(ASN1_R_ILLEGAL_BITSTRING_FORMAT), "illegal bitstring format"}, - {ERR_REASON(ASN1_R_ILLEGAL_BOOLEAN) , "illegal boolean"}, - {ERR_REASON(ASN1_R_ILLEGAL_CHARACTERS) , "illegal characters"}, - {ERR_REASON(ASN1_R_ILLEGAL_FORMAT) , "illegal format"}, - {ERR_REASON(ASN1_R_ILLEGAL_HEX) , "illegal hex"}, - {ERR_REASON(ASN1_R_ILLEGAL_IMPLICIT_TAG) , "illegal implicit tag"}, - {ERR_REASON(ASN1_R_ILLEGAL_INTEGER) , "illegal integer"}, - {ERR_REASON(ASN1_R_ILLEGAL_NEGATIVE_VALUE), "illegal negative value"}, - {ERR_REASON(ASN1_R_ILLEGAL_NESTED_TAGGING), "illegal nested tagging"}, - {ERR_REASON(ASN1_R_ILLEGAL_NULL) , "illegal null"}, - {ERR_REASON(ASN1_R_ILLEGAL_NULL_VALUE) , "illegal null value"}, - {ERR_REASON(ASN1_R_ILLEGAL_OBJECT) , "illegal object"}, - {ERR_REASON(ASN1_R_ILLEGAL_OPTIONAL_ANY) , "illegal optional any"}, - {ERR_REASON(ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE), "illegal options on item template"}, - {ERR_REASON(ASN1_R_ILLEGAL_TAGGED_ANY) , "illegal tagged any"}, - {ERR_REASON(ASN1_R_ILLEGAL_TIME_VALUE) , "illegal time value"}, - {ERR_REASON(ASN1_R_INTEGER_NOT_ASCII_FORMAT), "integer not ascii format"}, - {ERR_REASON(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG), "integer too large for long"}, - {ERR_REASON(ASN1_R_INVALID_BIT_STRING_BITS_LEFT), "invalid bit string bits left"}, - {ERR_REASON(ASN1_R_INVALID_BMPSTRING_LENGTH), "invalid bmpstring length"}, - {ERR_REASON(ASN1_R_INVALID_DIGIT) , "invalid digit"}, - {ERR_REASON(ASN1_R_INVALID_MIME_TYPE) , "invalid mime type"}, - {ERR_REASON(ASN1_R_INVALID_MODIFIER) , "invalid modifier"}, - {ERR_REASON(ASN1_R_INVALID_NUMBER) , "invalid number"}, - {ERR_REASON(ASN1_R_INVALID_OBJECT_ENCODING), "invalid object encoding"}, - {ERR_REASON(ASN1_R_INVALID_SEPARATOR) , "invalid separator"}, - {ERR_REASON(ASN1_R_INVALID_TIME_FORMAT) , "invalid time format"}, - {ERR_REASON(ASN1_R_INVALID_UNIVERSALSTRING_LENGTH), "invalid universalstring length"}, - {ERR_REASON(ASN1_R_INVALID_UTF8STRING) , "invalid utf8string"}, - {ERR_REASON(ASN1_R_IV_TOO_LARGE) , "iv too large"}, - {ERR_REASON(ASN1_R_LENGTH_ERROR) , "length error"}, - {ERR_REASON(ASN1_R_LIST_ERROR) , "list error"}, - {ERR_REASON(ASN1_R_MIME_NO_CONTENT_TYPE) , "mime no content type"}, - {ERR_REASON(ASN1_R_MIME_PARSE_ERROR) , "mime parse error"}, - {ERR_REASON(ASN1_R_MIME_SIG_PARSE_ERROR) , "mime sig parse error"}, - {ERR_REASON(ASN1_R_MISSING_EOC) , "missing eoc"}, - {ERR_REASON(ASN1_R_MISSING_SECOND_NUMBER), "missing second number"}, - {ERR_REASON(ASN1_R_MISSING_VALUE) , "missing value"}, - {ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL), "mstring not universal"}, - {ERR_REASON(ASN1_R_MSTRING_WRONG_TAG) , "mstring wrong tag"}, - {ERR_REASON(ASN1_R_NESTED_ASN1_STRING) , "nested asn1 string"}, - {ERR_REASON(ASN1_R_NESTED_TOO_DEEP) , "nested too deep"}, - {ERR_REASON(ASN1_R_NON_HEX_CHARACTERS) , "non hex characters"}, - {ERR_REASON(ASN1_R_NOT_ASCII_FORMAT) , "not ascii format"}, - {ERR_REASON(ASN1_R_NOT_ENOUGH_DATA) , "not enough data"}, - {ERR_REASON(ASN1_R_NO_CONTENT_TYPE) , "no content type"}, - {ERR_REASON(ASN1_R_NO_DEFAULT_DIGEST) , "no default digest"}, - {ERR_REASON(ASN1_R_NO_MATCHING_CHOICE_TYPE), "no matching choice type"}, - {ERR_REASON(ASN1_R_NO_MULTIPART_BODY_FAILURE), "no multipart body failure"}, - {ERR_REASON(ASN1_R_NO_MULTIPART_BOUNDARY), "no multipart boundary"}, - {ERR_REASON(ASN1_R_NO_SIG_CONTENT_TYPE) , "no sig content type"}, - {ERR_REASON(ASN1_R_NULL_IS_WRONG_LENGTH) , "null is wrong length"}, - {ERR_REASON(ASN1_R_OBJECT_NOT_ASCII_FORMAT), "object not ascii format"}, - {ERR_REASON(ASN1_R_ODD_NUMBER_OF_CHARS) , "odd number of chars"}, - {ERR_REASON(ASN1_R_PRIVATE_KEY_HEADER_MISSING), "private key header missing"}, - {ERR_REASON(ASN1_R_SECOND_NUMBER_TOO_LARGE), "second number too large"}, - {ERR_REASON(ASN1_R_SEQUENCE_LENGTH_MISMATCH), "sequence length mismatch"}, - {ERR_REASON(ASN1_R_SEQUENCE_NOT_CONSTRUCTED), "sequence not constructed"}, - {ERR_REASON(ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG), "sequence or set needs config"}, - {ERR_REASON(ASN1_R_SHORT_LINE) , "short line"}, - {ERR_REASON(ASN1_R_SIG_INVALID_MIME_TYPE), "sig invalid mime type"}, - {ERR_REASON(ASN1_R_STREAMING_NOT_SUPPORTED), "streaming not supported"}, - {ERR_REASON(ASN1_R_STRING_TOO_LONG) , "string too long"}, - {ERR_REASON(ASN1_R_STRING_TOO_SHORT) , "string too short"}, - {ERR_REASON(ASN1_R_TAG_VALUE_TOO_HIGH) , "tag value too high"}, - {ERR_REASON(ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD), "the asn1 object identifier is not known for this md"}, - {ERR_REASON(ASN1_R_TIME_NOT_ASCII_FORMAT), "time not ascii format"}, - {ERR_REASON(ASN1_R_TOO_LARGE) , "too large"}, - {ERR_REASON(ASN1_R_TOO_LONG) , "too long"}, - {ERR_REASON(ASN1_R_TOO_SMALL) , "too small"}, - {ERR_REASON(ASN1_R_TYPE_NOT_CONSTRUCTED) , "type not constructed"}, - {ERR_REASON(ASN1_R_TYPE_NOT_PRIMITIVE) , "type not primitive"}, - {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_KEY), "unable to decode rsa key"}, - {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY), "unable to decode rsa private key"}, - {ERR_REASON(ASN1_R_UNEXPECTED_EOC) , "unexpected eoc"}, - {ERR_REASON(ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH), "universalstring is wrong length"}, - {ERR_REASON(ASN1_R_UNKNOWN_FORMAT) , "unknown format"}, - {ERR_REASON(ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM), "unknown message digest algorithm"}, - {ERR_REASON(ASN1_R_UNKNOWN_OBJECT_TYPE) , "unknown object type"}, - {ERR_REASON(ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE), "unknown public key type"}, - {ERR_REASON(ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM), "unknown signature algorithm"}, - {ERR_REASON(ASN1_R_UNKNOWN_TAG) , "unknown tag"}, - {ERR_REASON(ASN1_R_UNKOWN_FORMAT) , "unknown format"}, - {ERR_REASON(ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE), "unsupported any defined by type"}, - {ERR_REASON(ASN1_R_UNSUPPORTED_CIPHER) , "unsupported cipher"}, - {ERR_REASON(ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM), "unsupported encryption algorithm"}, - {ERR_REASON(ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE), "unsupported public key type"}, - {ERR_REASON(ASN1_R_UNSUPPORTED_TYPE) , "unsupported type"}, - {ERR_REASON(ASN1_R_WRONG_INTEGER_TYPE) , "wrong integer type"}, - {ERR_REASON(ASN1_R_WRONG_PUBLIC_KEY_TYPE), "wrong public key type"}, - {ERR_REASON(ASN1_R_WRONG_TAG) , "wrong tag"}, - {ERR_REASON(ASN1_R_WRONG_TYPE) , "wrong type"}, - {0, NULL} -}; -#endif - -void -ERR_load_ASN1_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(ASN1_str_functs[0].error) == NULL) { - ERR_load_const_strings(ASN1_str_functs); - ERR_load_const_strings(ASN1_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_ASN1_strings); diff --git a/src/lib/libcrypto/asn1/asn1_gen.c b/src/lib/libcrypto/asn1/asn1_gen.c deleted file mode 100644 index edd6743993..0000000000 --- a/src/lib/libcrypto/asn1/asn1_gen.c +++ /dev/null @@ -1,804 +0,0 @@ -/* $OpenBSD: asn1_gen.c,v 1.27 2025/03/06 07:25:01 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2002. - */ -/* ==================================================================== - * Copyright (c) 2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include - -#include "asn1_local.h" -#include "conf_local.h" -#include "x509_local.h" - -#define ASN1_GEN_FLAG 0x10000 -#define ASN1_GEN_FLAG_IMP (ASN1_GEN_FLAG|1) -#define ASN1_GEN_FLAG_EXP (ASN1_GEN_FLAG|2) -#define ASN1_GEN_FLAG_TAG (ASN1_GEN_FLAG|3) -#define ASN1_GEN_FLAG_BITWRAP (ASN1_GEN_FLAG|4) -#define ASN1_GEN_FLAG_OCTWRAP (ASN1_GEN_FLAG|5) -#define ASN1_GEN_FLAG_SEQWRAP (ASN1_GEN_FLAG|6) -#define ASN1_GEN_FLAG_SETWRAP (ASN1_GEN_FLAG|7) -#define ASN1_GEN_FLAG_FORMAT (ASN1_GEN_FLAG|8) - -#define ASN1_GEN_STR(str,val){str, sizeof(str) - 1, val} - -#define ASN1_FLAG_EXP_MAX 20 - -/* Input formats */ - -/* ASCII: default */ -#define ASN1_GEN_FORMAT_ASCII 1 -/* UTF8 */ -#define ASN1_GEN_FORMAT_UTF8 2 -/* Hex */ -#define ASN1_GEN_FORMAT_HEX 3 -/* List of bits */ -#define ASN1_GEN_FORMAT_BITLIST 4 - -struct tag_name_st { - const char *strnam; - int len; - int tag; -}; - -typedef struct { - int exp_tag; - int exp_class; - int exp_constructed; - int exp_pad; - long exp_len; -} tag_exp_type; - -typedef struct { - int imp_tag; - int imp_class; - int utype; - int format; - const char *str; - tag_exp_type exp_list[ASN1_FLAG_EXP_MAX]; - int exp_count; -} tag_exp_arg; - -static int bitstr_cb(const char *elem, int len, void *bitstr); -static int asn1_cb(const char *elem, int len, void *bitstr); -static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class, - int exp_constructed, int exp_pad, int imp_ok); -static int parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass); -static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf); -static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype); -static int asn1_str2tag(const char *tagstr, int len); - -ASN1_TYPE * -ASN1_generate_nconf(const char *str, CONF *nconf) -{ - X509V3_CTX cnf; - - if (!nconf) - return ASN1_generate_v3(str, NULL); - - X509V3_set_nconf(&cnf, nconf); - return ASN1_generate_v3(str, &cnf); -} -LCRYPTO_ALIAS(ASN1_generate_nconf); - -ASN1_TYPE * -ASN1_generate_v3(const char *str, X509V3_CTX *cnf) -{ - ASN1_TYPE *ret; - tag_exp_arg asn1_tags; - tag_exp_type *etmp; - - int i, len; - - unsigned char *orig_der = NULL, *new_der = NULL; - const unsigned char *cpy_start; - unsigned char *p; - const unsigned char *cp; - int cpy_len; - long hdr_len = 0; - int hdr_constructed = 0, hdr_tag, hdr_class; - int r; - - asn1_tags.imp_tag = -1; - asn1_tags.imp_class = -1; - asn1_tags.format = ASN1_GEN_FORMAT_ASCII; - asn1_tags.exp_count = 0; - if (CONF_parse_list(str, ',', 1, asn1_cb, &asn1_tags) != 0) - return NULL; - - if ((asn1_tags.utype == V_ASN1_SEQUENCE) || - (asn1_tags.utype == V_ASN1_SET)) { - if (!cnf) { - ASN1error(ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG); - return NULL; - } - ret = asn1_multi(asn1_tags.utype, asn1_tags.str, cnf); - } else - ret = asn1_str2type(asn1_tags.str, asn1_tags.format, - asn1_tags.utype); - - if (!ret) - return NULL; - - /* If no tagging return base type */ - if ((asn1_tags.imp_tag == -1) && (asn1_tags.exp_count == 0)) - return ret; - - /* Generate the encoding */ - cpy_len = i2d_ASN1_TYPE(ret, &orig_der); - ASN1_TYPE_free(ret); - ret = NULL; - /* Set point to start copying for modified encoding */ - cpy_start = orig_der; - - /* Do we need IMPLICIT tagging? */ - if (asn1_tags.imp_tag != -1) { - /* If IMPLICIT we will replace the underlying tag */ - /* Skip existing tag+len */ - r = ASN1_get_object(&cpy_start, &hdr_len, &hdr_tag, - &hdr_class, cpy_len); - if (r & 0x80) - goto err; - /* Update copy length */ - cpy_len -= cpy_start - orig_der; - /* For IMPLICIT tagging the length should match the - * original length and constructed flag should be - * consistent. - */ - if (r & 0x1) { - /* Indefinite length constructed */ - hdr_constructed = 2; - hdr_len = 0; - } else - /* Just retain constructed flag */ - hdr_constructed = r & V_ASN1_CONSTRUCTED; - /* Work out new length with IMPLICIT tag: ignore constructed - * because it will mess up if indefinite length - */ - len = ASN1_object_size(0, hdr_len, asn1_tags.imp_tag); - } else - len = cpy_len; - - /* Work out length in any EXPLICIT, starting from end */ - - for (i = 0, etmp = asn1_tags.exp_list + asn1_tags.exp_count - 1; - i < asn1_tags.exp_count; i++, etmp--) { - /* Content length: number of content octets + any padding */ - len += etmp->exp_pad; - etmp->exp_len = len; - /* Total object length: length including new header */ - len = ASN1_object_size(0, len, etmp->exp_tag); - } - - /* Allocate buffer for new encoding */ - - new_der = malloc(len); - if (!new_der) - goto err; - - /* Generate tagged encoding */ - p = new_der; - - /* Output explicit tags first */ - for (i = 0, etmp = asn1_tags.exp_list; i < asn1_tags.exp_count; - i++, etmp++) { - ASN1_put_object(&p, etmp->exp_constructed, etmp->exp_len, - etmp->exp_tag, etmp->exp_class); - if (etmp->exp_pad) - *p++ = 0; - } - - /* If IMPLICIT, output tag */ - - if (asn1_tags.imp_tag != -1) { - if (asn1_tags.imp_class == V_ASN1_UNIVERSAL && - (asn1_tags.imp_tag == V_ASN1_SEQUENCE || - asn1_tags.imp_tag == V_ASN1_SET)) - hdr_constructed = V_ASN1_CONSTRUCTED; - ASN1_put_object(&p, hdr_constructed, hdr_len, - asn1_tags.imp_tag, asn1_tags.imp_class); - } - - /* Copy across original encoding */ - memcpy(p, cpy_start, cpy_len); - - cp = new_der; - - /* Obtain new ASN1_TYPE structure */ - ret = d2i_ASN1_TYPE(NULL, &cp, len); - - err: - free(orig_der); - free(new_der); - - return ret; -} -LCRYPTO_ALIAS(ASN1_generate_v3); - -static int -asn1_cb(const char *elem, int len, void *bitstr) -{ - tag_exp_arg *arg = bitstr; - int i; - int utype; - int vlen = 0; - const char *p, *vstart = NULL; - - int tmp_tag, tmp_class; - - for (i = 0, p = elem; i < len; p++, i++) { - /* Look for the ':' in name value pairs */ - if (*p == ':') { - vstart = p + 1; - vlen = len - (vstart - elem); - len = p - elem; - break; - } - } - - utype = asn1_str2tag(elem, len); - - if (utype == -1) { - ASN1error(ASN1_R_UNKNOWN_TAG); - ERR_asprintf_error_data("tag=%s", elem); - return -1; - } - - /* If this is not a modifier mark end of string and exit */ - if (!(utype & ASN1_GEN_FLAG)) { - arg->utype = utype; - arg->str = vstart; - /* If no value and not end of string, error */ - if (!vstart && elem[len]) { - ASN1error(ASN1_R_MISSING_VALUE); - return -1; - } - return 0; - } - - switch (utype) { - - case ASN1_GEN_FLAG_IMP: - /* Check for illegal multiple IMPLICIT tagging */ - if (arg->imp_tag != -1) { - ASN1error(ASN1_R_ILLEGAL_NESTED_TAGGING); - return -1; - } - if (!parse_tagging(vstart, vlen, &arg->imp_tag, - &arg->imp_class)) - return -1; - break; - - case ASN1_GEN_FLAG_EXP: - if (!parse_tagging(vstart, vlen, &tmp_tag, &tmp_class)) - return -1; - if (!append_exp(arg, tmp_tag, tmp_class, 1, 0, 0)) - return -1; - break; - - case ASN1_GEN_FLAG_SEQWRAP: - if (!append_exp(arg, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, 1, 0, 1)) - return -1; - break; - - case ASN1_GEN_FLAG_SETWRAP: - if (!append_exp(arg, V_ASN1_SET, V_ASN1_UNIVERSAL, 1, 0, 1)) - return -1; - break; - - case ASN1_GEN_FLAG_BITWRAP: - if (!append_exp(arg, V_ASN1_BIT_STRING, V_ASN1_UNIVERSAL, 0, 1, 1)) - return -1; - break; - - case ASN1_GEN_FLAG_OCTWRAP: - if (!append_exp(arg, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL, 0, 0, 1)) - return -1; - break; - - case ASN1_GEN_FLAG_FORMAT: - if (vstart == NULL) { - ASN1error(ASN1_R_ILLEGAL_FORMAT); - return -1; - } - if (!strncmp(vstart, "ASCII", 5)) - arg->format = ASN1_GEN_FORMAT_ASCII; - else if (!strncmp(vstart, "UTF8", 4)) - arg->format = ASN1_GEN_FORMAT_UTF8; - else if (!strncmp(vstart, "HEX", 3)) - arg->format = ASN1_GEN_FORMAT_HEX; - else if (!strncmp(vstart, "BITLIST", 7)) - arg->format = ASN1_GEN_FORMAT_BITLIST; - else { - ASN1error(ASN1_R_UNKOWN_FORMAT); - return -1; - } - break; - - } - - return 1; -} - -static int -parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass) -{ - long tag_num; - char *eptr; - - if (!vstart) - return 0; - tag_num = strtoul(vstart, &eptr, 10); - /* Check we haven't gone past max length: should be impossible */ - if (eptr && *eptr && (eptr > vstart + vlen)) - return 0; - if (tag_num < 0) { - ASN1error(ASN1_R_INVALID_NUMBER); - return 0; - } - *ptag = tag_num; - /* If we have non numeric characters, parse them */ - if (eptr) - vlen -= eptr - vstart; - else - vlen = 0; - if (vlen) { - switch (*eptr) { - - case 'U': - *pclass = V_ASN1_UNIVERSAL; - break; - - case 'A': - *pclass = V_ASN1_APPLICATION; - break; - - case 'P': - *pclass = V_ASN1_PRIVATE; - break; - - case 'C': - *pclass = V_ASN1_CONTEXT_SPECIFIC; - break; - - default: - ASN1error(ASN1_R_INVALID_MODIFIER); - ERR_asprintf_error_data("Char=%c", *eptr); - return 0; - break; - - } - } else - *pclass = V_ASN1_CONTEXT_SPECIFIC; - - return 1; - -} - -/* Handle multiple types: SET and SEQUENCE */ - -static ASN1_TYPE * -asn1_multi(int utype, const char *section, X509V3_CTX *cnf) -{ - ASN1_TYPE *ret = NULL; - STACK_OF(ASN1_TYPE) *sk = NULL; - STACK_OF(CONF_VALUE) *sect = NULL; - unsigned char *der = NULL; - int derlen; - int i; - sk = sk_ASN1_TYPE_new_null(); - if (!sk) - goto bad; - if (section) { - if (!cnf) - goto bad; - sect = X509V3_get0_section(cnf, section); - if (!sect) - goto bad; - for (i = 0; i < sk_CONF_VALUE_num(sect); i++) { - ASN1_TYPE *typ = ASN1_generate_v3( - sk_CONF_VALUE_value(sect, i)->value, cnf); - if (!typ) - goto bad; - if (!sk_ASN1_TYPE_push(sk, typ)) - goto bad; - } - } - - /* Now we has a STACK of the components, convert to the correct form */ - - if (utype == V_ASN1_SET) - derlen = i2d_ASN1_SET_ANY(sk, &der); - else - derlen = i2d_ASN1_SEQUENCE_ANY(sk, &der); - - if (derlen < 0) - goto bad; - - if (!(ret = ASN1_TYPE_new())) - goto bad; - - if (!(ret->value.asn1_string = ASN1_STRING_type_new(utype))) - goto bad; - - ret->type = utype; - - ret->value.asn1_string->data = der; - ret->value.asn1_string->length = derlen; - - der = NULL; - - bad: - free(der); - sk_ASN1_TYPE_pop_free(sk, ASN1_TYPE_free); - - return ret; -} - -static int -append_exp(tag_exp_arg *arg, int exp_tag, int exp_class, int exp_constructed, - int exp_pad, int imp_ok) -{ - tag_exp_type *exp_tmp; - - /* Can only have IMPLICIT if permitted */ - if ((arg->imp_tag != -1) && !imp_ok) { - ASN1error(ASN1_R_ILLEGAL_IMPLICIT_TAG); - return 0; - } - - if (arg->exp_count == ASN1_FLAG_EXP_MAX) { - ASN1error(ASN1_R_DEPTH_EXCEEDED); - return 0; - } - - exp_tmp = &arg->exp_list[arg->exp_count++]; - - /* If IMPLICIT set tag to implicit value then - * reset implicit tag since it has been used. - */ - if (arg->imp_tag != -1) { - exp_tmp->exp_tag = arg->imp_tag; - exp_tmp->exp_class = arg->imp_class; - arg->imp_tag = -1; - arg->imp_class = -1; - } else { - exp_tmp->exp_tag = exp_tag; - exp_tmp->exp_class = exp_class; - } - exp_tmp->exp_constructed = exp_constructed; - exp_tmp->exp_pad = exp_pad; - - return 1; -} - -static int -asn1_str2tag(const char *tagstr, int len) -{ - unsigned int i; - const struct tag_name_st *tntmp; - static const struct tag_name_st tnst[] = { - ASN1_GEN_STR("BOOL", V_ASN1_BOOLEAN), - ASN1_GEN_STR("BOOLEAN", V_ASN1_BOOLEAN), - ASN1_GEN_STR("NULL", V_ASN1_NULL), - ASN1_GEN_STR("INT", V_ASN1_INTEGER), - ASN1_GEN_STR("INTEGER", V_ASN1_INTEGER), - ASN1_GEN_STR("ENUM", V_ASN1_ENUMERATED), - ASN1_GEN_STR("ENUMERATED", V_ASN1_ENUMERATED), - ASN1_GEN_STR("OID", V_ASN1_OBJECT), - ASN1_GEN_STR("OBJECT", V_ASN1_OBJECT), - ASN1_GEN_STR("UTCTIME", V_ASN1_UTCTIME), - ASN1_GEN_STR("UTC", V_ASN1_UTCTIME), - ASN1_GEN_STR("GENERALIZEDTIME", V_ASN1_GENERALIZEDTIME), - ASN1_GEN_STR("GENTIME", V_ASN1_GENERALIZEDTIME), - ASN1_GEN_STR("OCT", V_ASN1_OCTET_STRING), - ASN1_GEN_STR("OCTETSTRING", V_ASN1_OCTET_STRING), - ASN1_GEN_STR("BITSTR", V_ASN1_BIT_STRING), - ASN1_GEN_STR("BITSTRING", V_ASN1_BIT_STRING), - ASN1_GEN_STR("UNIVERSALSTRING", V_ASN1_UNIVERSALSTRING), - ASN1_GEN_STR("UNIV", V_ASN1_UNIVERSALSTRING), - ASN1_GEN_STR("IA5", V_ASN1_IA5STRING), - ASN1_GEN_STR("IA5STRING", V_ASN1_IA5STRING), - ASN1_GEN_STR("UTF8", V_ASN1_UTF8STRING), - ASN1_GEN_STR("UTF8String", V_ASN1_UTF8STRING), - ASN1_GEN_STR("BMP", V_ASN1_BMPSTRING), - ASN1_GEN_STR("BMPSTRING", V_ASN1_BMPSTRING), - ASN1_GEN_STR("VISIBLESTRING", V_ASN1_VISIBLESTRING), - ASN1_GEN_STR("VISIBLE", V_ASN1_VISIBLESTRING), - ASN1_GEN_STR("PRINTABLESTRING", V_ASN1_PRINTABLESTRING), - ASN1_GEN_STR("PRINTABLE", V_ASN1_PRINTABLESTRING), - ASN1_GEN_STR("T61", V_ASN1_T61STRING), - ASN1_GEN_STR("T61STRING", V_ASN1_T61STRING), - ASN1_GEN_STR("TELETEXSTRING", V_ASN1_T61STRING), - ASN1_GEN_STR("GeneralString", V_ASN1_GENERALSTRING), - ASN1_GEN_STR("GENSTR", V_ASN1_GENERALSTRING), - ASN1_GEN_STR("NUMERIC", V_ASN1_NUMERICSTRING), - ASN1_GEN_STR("NUMERICSTRING", V_ASN1_NUMERICSTRING), - - /* Special cases */ - ASN1_GEN_STR("SEQUENCE", V_ASN1_SEQUENCE), - ASN1_GEN_STR("SEQ", V_ASN1_SEQUENCE), - ASN1_GEN_STR("SET", V_ASN1_SET), - /* type modifiers */ - /* Explicit tag */ - ASN1_GEN_STR("EXP", ASN1_GEN_FLAG_EXP), - ASN1_GEN_STR("EXPLICIT", ASN1_GEN_FLAG_EXP), - /* Implicit tag */ - ASN1_GEN_STR("IMP", ASN1_GEN_FLAG_IMP), - ASN1_GEN_STR("IMPLICIT", ASN1_GEN_FLAG_IMP), - /* OCTET STRING wrapper */ - ASN1_GEN_STR("OCTWRAP", ASN1_GEN_FLAG_OCTWRAP), - /* SEQUENCE wrapper */ - ASN1_GEN_STR("SEQWRAP", ASN1_GEN_FLAG_SEQWRAP), - /* SET wrapper */ - ASN1_GEN_STR("SETWRAP", ASN1_GEN_FLAG_SETWRAP), - /* BIT STRING wrapper */ - ASN1_GEN_STR("BITWRAP", ASN1_GEN_FLAG_BITWRAP), - ASN1_GEN_STR("FORM", ASN1_GEN_FLAG_FORMAT), - ASN1_GEN_STR("FORMAT", ASN1_GEN_FLAG_FORMAT), - }; - - if (len == -1) - len = strlen(tagstr); - - tntmp = tnst; - for (i = 0; i < sizeof(tnst) / sizeof(struct tag_name_st); - i++, tntmp++) { - if ((len == tntmp->len) && !strncmp(tntmp->strnam, tagstr, len)) - return tntmp->tag; - } - - return -1; -} - -static ASN1_TYPE * -asn1_str2type(const char *str, int format, int utype) -{ - ASN1_TYPE *atmp = NULL; - CONF_VALUE vtmp; - unsigned char *rdata; - long rdlen; - int no_unused = 1; - - if (!(atmp = ASN1_TYPE_new())) { - ASN1error(ERR_R_MALLOC_FAILURE); - return NULL; - } - - if (!str) - str = ""; - - switch (utype) { - - case V_ASN1_NULL: - if (str && *str) { - ASN1error(ASN1_R_ILLEGAL_NULL_VALUE); - goto bad_form; - } - break; - - case V_ASN1_BOOLEAN: - if (format != ASN1_GEN_FORMAT_ASCII) { - ASN1error(ASN1_R_NOT_ASCII_FORMAT); - goto bad_form; - } - vtmp.name = NULL; - vtmp.section = NULL; - vtmp.value = (char *)str; - if (!X509V3_get_value_bool(&vtmp, &atmp->value.boolean)) { - ASN1error(ASN1_R_ILLEGAL_BOOLEAN); - goto bad_str; - } - break; - - case V_ASN1_INTEGER: - case V_ASN1_ENUMERATED: - if (format != ASN1_GEN_FORMAT_ASCII) { - ASN1error(ASN1_R_INTEGER_NOT_ASCII_FORMAT); - goto bad_form; - } - if (!(atmp->value.integer = - s2i_ASN1_INTEGER(NULL, (char *)str))) { - ASN1error(ASN1_R_ILLEGAL_INTEGER); - goto bad_str; - } - break; - - case V_ASN1_OBJECT: - if (format != ASN1_GEN_FORMAT_ASCII) { - ASN1error(ASN1_R_OBJECT_NOT_ASCII_FORMAT); - goto bad_form; - } - if (!(atmp->value.object = OBJ_txt2obj(str, 0))) { - ASN1error(ASN1_R_ILLEGAL_OBJECT); - goto bad_str; - } - break; - - case V_ASN1_UTCTIME: - case V_ASN1_GENERALIZEDTIME: - if (format != ASN1_GEN_FORMAT_ASCII) { - ASN1error(ASN1_R_TIME_NOT_ASCII_FORMAT); - goto bad_form; - } - if (!(atmp->value.asn1_string = ASN1_STRING_new())) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto bad_str; - } - if (!ASN1_STRING_set(atmp->value.asn1_string, str, -1)) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto bad_str; - } - atmp->value.asn1_string->type = utype; - if (!ASN1_TIME_check(atmp->value.asn1_string)) { - ASN1error(ASN1_R_ILLEGAL_TIME_VALUE); - goto bad_str; - } - break; - - case V_ASN1_BMPSTRING: - case V_ASN1_PRINTABLESTRING: - case V_ASN1_IA5STRING: - case V_ASN1_T61STRING: - case V_ASN1_UTF8STRING: - case V_ASN1_VISIBLESTRING: - case V_ASN1_UNIVERSALSTRING: - case V_ASN1_GENERALSTRING: - case V_ASN1_NUMERICSTRING: - - if (format == ASN1_GEN_FORMAT_ASCII) - format = MBSTRING_ASC; - else if (format == ASN1_GEN_FORMAT_UTF8) - format = MBSTRING_UTF8; - else { - ASN1error(ASN1_R_ILLEGAL_FORMAT); - goto bad_form; - } - - if (ASN1_mbstring_copy(&atmp->value.asn1_string, - (unsigned char *)str, -1, format, - ASN1_tag2bit(utype)) <= 0) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto bad_str; - } - break; - - case V_ASN1_BIT_STRING: - case V_ASN1_OCTET_STRING: - if (!(atmp->value.asn1_string = ASN1_STRING_new())) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto bad_form; - } - - if (format == ASN1_GEN_FORMAT_HEX) { - - if (!(rdata = string_to_hex((char *)str, &rdlen))) { - ASN1error(ASN1_R_ILLEGAL_HEX); - goto bad_str; - } - - atmp->value.asn1_string->data = rdata; - atmp->value.asn1_string->length = rdlen; - atmp->value.asn1_string->type = utype; - - } else if (format == ASN1_GEN_FORMAT_ASCII) { - if (ASN1_STRING_set(atmp->value.asn1_string, str, - -1) == 0) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto bad_str; - } - } else if ((format == ASN1_GEN_FORMAT_BITLIST) && - (utype == V_ASN1_BIT_STRING)) { - if (!CONF_parse_list(str, ',', 1, bitstr_cb, - atmp->value.bit_string)) { - ASN1error(ASN1_R_LIST_ERROR); - goto bad_str; - } - no_unused = 0; - - } else { - ASN1error(ASN1_R_ILLEGAL_BITSTRING_FORMAT); - goto bad_form; - } - - if ((utype == V_ASN1_BIT_STRING) && no_unused) { - if (!asn1_abs_set_unused_bits(atmp->value.asn1_string, - 0)) - goto bad_str; - } - - break; - - default: - ASN1error(ASN1_R_UNSUPPORTED_TYPE); - goto bad_str; - break; - } - - atmp->type = utype; - return atmp; - - bad_str: - ERR_asprintf_error_data("string=%s", str); - bad_form: - ASN1_TYPE_free(atmp); - return NULL; -} - -static int -bitstr_cb(const char *elem, int len, void *bitstr) -{ - long bitnum; - char *eptr; - - if (!elem) - return 0; - bitnum = strtoul(elem, &eptr, 10); - if (eptr && *eptr && (eptr != elem + len)) - return 0; - if (bitnum < 0) { - ASN1error(ASN1_R_INVALID_NUMBER); - return 0; - } - if (!ASN1_BIT_STRING_set_bit(bitstr, bitnum, 1)) { - ASN1error(ERR_R_MALLOC_FAILURE); - return 0; - } - return 1; -} diff --git a/src/lib/libcrypto/asn1/asn1_item.c b/src/lib/libcrypto/asn1/asn1_item.c deleted file mode 100644 index 86c800e3ad..0000000000 --- a/src/lib/libcrypto/asn1/asn1_item.c +++ /dev/null @@ -1,697 +0,0 @@ -/* $OpenBSD: asn1_item.c,v 1.21 2024/04/09 13:55:02 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include -#include - -#include "asn1_local.h" -#include "evp_local.h" -#include "x509_local.h" - -int -ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn, - unsigned char *md, unsigned int *len) -{ - int i; - unsigned char *str = NULL; - - i = ASN1_item_i2d(asn, &str, it); - if (!str) - return (0); - - if (!EVP_Digest(str, i, md, len, type, NULL)) { - free(str); - return (0); - } - - free(str); - return (1); -} -LCRYPTO_ALIAS(ASN1_item_digest); - -/* - * ASN1_ITEM version of ASN1_dup(): follows the same model except there's no - * need to allocate the buffer. At some point this could be rewritten to dup - * the underlying structure directly instead of doing an encode and decode. - */ - -void * -ASN1_item_dup(const ASN1_ITEM *it, void *x) -{ - unsigned char *b = NULL; - const unsigned char *p; - long i; - void *ret; - - if (x == NULL) - return (NULL); - - i = ASN1_item_i2d(x, &b, it); - if (b == NULL) { - ASN1error(ERR_R_MALLOC_FAILURE); - return (NULL); - } - p = b; - ret = ASN1_item_d2i(NULL, &p, i, it); - free(b); - return (ret); -} -LCRYPTO_ALIAS(ASN1_item_dup); - -/* Pack an ASN1 object into an ASN1_STRING. */ -ASN1_STRING * -ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct) -{ - ASN1_STRING *octmp; - - if (!oct || !*oct) { - if (!(octmp = ASN1_STRING_new ())) { - ASN1error(ERR_R_MALLOC_FAILURE); - return NULL; - } - } else - octmp = *oct; - - free(octmp->data); - octmp->data = NULL; - - if (!(octmp->length = ASN1_item_i2d(obj, &octmp->data, it))) { - ASN1error(ASN1_R_ENCODE_ERROR); - goto err; - } - if (!octmp->data) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto err; - } - if (oct) - *oct = octmp; - return octmp; - err: - if (!oct || octmp != *oct) - ASN1_STRING_free(octmp); - return NULL; -} -LCRYPTO_ALIAS(ASN1_item_pack); - -/* Extract an ASN1 object from an ASN1_STRING. */ -void * -ASN1_item_unpack(const ASN1_STRING *oct, const ASN1_ITEM *it) -{ - const unsigned char *p; - void *ret; - - p = oct->data; - if (!(ret = ASN1_item_d2i(NULL, &p, oct->length, it))) - ASN1error(ASN1_R_DECODE_ERROR); - return ret; -} -LCRYPTO_ALIAS(ASN1_item_unpack); - -int -ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, - ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey, const EVP_MD *type) -{ - EVP_MD_CTX *md_ctx = NULL; - int ret = 0; - - if ((md_ctx = EVP_MD_CTX_new()) == NULL) - goto err; - if (!EVP_DigestSignInit(md_ctx, NULL, type, NULL, pkey)) - goto err; - - ret = ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, md_ctx); - - err: - EVP_MD_CTX_free(md_ctx); - - return ret; -} -LCRYPTO_ALIAS(ASN1_item_sign); - -static int -asn1_item_set_algorithm_identifiers(EVP_MD_CTX *ctx, X509_ALGOR *algor1, - X509_ALGOR *algor2) -{ - EVP_PKEY *pkey; - const EVP_MD *md; - int sign_id, sign_param; - - if ((pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx)) == NULL) { - ASN1error(ASN1_R_CONTEXT_NOT_INITIALISED); - return 0; - } - - if ((md = EVP_MD_CTX_md(ctx)) == NULL) { - ASN1error(ASN1_R_CONTEXT_NOT_INITIALISED); - return 0; - } - - if (!OBJ_find_sigid_by_algs(&sign_id, EVP_MD_nid(md), - pkey->ameth->pkey_id)) { - ASN1error(ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); - return 0; - } - - sign_param = V_ASN1_UNDEF; - if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL) - sign_param = V_ASN1_NULL; - - if (algor1 != NULL) { - if (!X509_ALGOR_set0_by_nid(algor1, sign_id, sign_param, NULL)) - return 0; - } - if (algor2 != NULL) { - if (!X509_ALGOR_set0_by_nid(algor2, sign_id, sign_param, NULL)) - return 0; - } - - return 1; -} - -static int -asn1_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn, - ASN1_BIT_STRING *signature) -{ - unsigned char *in = NULL, *out = NULL; - size_t out_len = 0; - int in_len = 0; - int ret = 0; - - if ((in_len = ASN1_item_i2d(asn, &in, it)) <= 0) { - in_len = 0; - goto err; - } - - if (!EVP_DigestSign(ctx, NULL, &out_len, in, in_len)) { - ASN1error(ERR_R_EVP_LIB); - goto err; - } - if ((out = calloc(1, out_len)) == NULL) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto err; - } - if (!EVP_DigestSign(ctx, out, &out_len, in, in_len)) { - ASN1error(ERR_R_EVP_LIB); - goto err; - } - - if (out_len > INT_MAX) { - ASN1error(ASN1_R_TOO_LONG); - goto err; - } - - ASN1_STRING_set0(signature, out, out_len); - out = NULL; - - if (!asn1_abs_set_unused_bits(signature, 0)) { - ASN1_STRING_set0(signature, NULL, 0); - ASN1error(ERR_R_ASN1_LIB); - goto err; - } - - ret = 1; - - err: - freezero(in, in_len); - freezero(out, out_len); - - return ret; -} - -int -ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, - ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx) -{ - EVP_PKEY *pkey; - int rv; - int ret = 0; - - if ((pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx)) == NULL) { - ASN1error(ASN1_R_CONTEXT_NOT_INITIALISED); - goto err; - } - if (pkey->ameth == NULL) { - ASN1error(ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); - goto err; - } - - /* - * API insanity ahead. If the item_sign() method is absent or if it - * returns 2, this means: do all the work here. If it returns 3, only - * sign. If it returns 1, then there's nothing to do but to return - * the signature's length. Everything else is an error. - */ - - rv = 2; - if (pkey->ameth->item_sign != NULL) - rv = pkey->ameth->item_sign(ctx, it, asn, algor1, algor2, - signature); - if (rv <= 0 || rv > 3) - goto err; - if (rv == 1) - goto done; - if (rv == 2) { - if (!asn1_item_set_algorithm_identifiers(ctx, algor1, algor2)) - goto err; - } - - if (!asn1_item_sign(ctx, it, asn, signature)) - goto err; - - done: - ret = signature->length; - - err: - EVP_MD_CTX_cleanup(ctx); - - return ret; -} -LCRYPTO_ALIAS(ASN1_item_sign_ctx); - -int -ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, - ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey) -{ - EVP_MD_CTX *md_ctx = NULL; - unsigned char *in = NULL; - int mdnid, pknid; - int in_len = 0; - int ret = -1; - - if (pkey == NULL) { - ASN1error(ERR_R_PASSED_NULL_PARAMETER); - goto err; - } - - if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7) { - ASN1error(ASN1_R_INVALID_BIT_STRING_BITS_LEFT); - goto err; - } - - if ((md_ctx = EVP_MD_CTX_new()) == NULL) - goto err; - - /* Convert signature OID into digest and public key OIDs */ - if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid)) { - ASN1error(ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM); - goto err; - } - if (mdnid == NID_undef) { - if (!pkey->ameth || !pkey->ameth->item_verify) { - ASN1error(ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM); - goto err; - } - ret = pkey->ameth->item_verify(md_ctx, it, asn, a, - signature, pkey); - /* Return value of 2 means carry on, anything else means we - * exit straight away: either a fatal error of the underlying - * verification routine handles all verification. - */ - if (ret != 2) - goto err; - ret = -1; - } else { - const EVP_MD *type; - type = EVP_get_digestbynid(mdnid); - if (type == NULL) { - ASN1error(ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); - goto err; - } - - /* Check public key OID matches public key type */ - if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id) { - ASN1error(ASN1_R_WRONG_PUBLIC_KEY_TYPE); - goto err; - } - - if (!EVP_DigestVerifyInit(md_ctx, NULL, type, NULL, pkey)) { - ASN1error(ERR_R_EVP_LIB); - ret = 0; - goto err; - } - - } - - if ((in_len = ASN1_item_i2d(asn, &in, it)) <= 0) { - ASN1error(ERR_R_MALLOC_FAILURE); - in_len = 0; - goto err; - } - - if (EVP_DigestVerify(md_ctx, signature->data, signature->length, - in, in_len) <= 0) { - ASN1error(ERR_R_EVP_LIB); - ret = 0; - goto err; - } - - ret = 1; - - err: - EVP_MD_CTX_free(md_ctx); - freezero(in, in_len); - - return ret; -} -LCRYPTO_ALIAS(ASN1_item_verify); - -#define HEADER_SIZE 8 -#define ASN1_CHUNK_INITIAL_SIZE (16 * 1024) -int -asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) -{ - BUF_MEM *b; - unsigned char *p; - const unsigned char *q; - long slen; - int i, inf, tag, xclass; - size_t want = HEADER_SIZE; - int eos = 0; - size_t off = 0; - size_t len = 0; - - b = BUF_MEM_new(); - if (b == NULL) { - ASN1error(ERR_R_MALLOC_FAILURE); - return -1; - } - - ERR_clear_error(); - for (;;) { - if (want >= (len - off)) { - want -= (len - off); - - if (len + want < len || - !BUF_MEM_grow_clean(b, len + want)) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto err; - } - i = BIO_read(in, &(b->data[len]), want); - if ((i < 0) && ((len - off) == 0)) { - ASN1error(ASN1_R_NOT_ENOUGH_DATA); - goto err; - } - if (i > 0) { - if (len + i < len) { - ASN1error(ASN1_R_TOO_LONG); - goto err; - } - len += i; - } - } - /* else data already loaded */ - - p = (unsigned char *) & (b->data[off]); - q = p; - inf = ASN1_get_object(&q, &slen, &tag, &xclass, len - off); - if (inf & 0x80) { - unsigned long e; - - e = ERR_GET_REASON(ERR_peek_error()); - if (e != ASN1_R_TOO_LONG) - goto err; - else - ERR_clear_error(); /* clear error */ - } - i = q - p; /* header length */ - off += i; /* end of data */ - - if (inf & 1) { - /* no data body so go round again */ - eos++; - if (eos < 0) { - ASN1error(ASN1_R_HEADER_TOO_LONG); - goto err; - } - want = HEADER_SIZE; - } else if (eos && slen == 0 && tag == V_ASN1_EOC) { - /* eos value, so go back and read another header */ - eos--; - if (eos <= 0) - break; - else - want = HEADER_SIZE; - } else { - /* suck in slen bytes of data */ - want = slen; - if (want > (len - off)) { - size_t chunk_max = ASN1_CHUNK_INITIAL_SIZE; - - want -= (len - off); - if (want > INT_MAX /* BIO_read takes an int length */ || - len+want < len) { - ASN1error(ASN1_R_TOO_LONG); - goto err; - } - while (want > 0) { - /* - * Read content in chunks of increasing size - * so we can return an error for EOF without - * having to allocate the entire content length - * in one go. - */ - size_t chunk = want > chunk_max ? chunk_max : want; - - if (!BUF_MEM_grow_clean(b, len + chunk)) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto err; - } - want -= chunk; - while (chunk > 0) { - i = BIO_read(in, &(b->data[len]), chunk); - if (i <= 0) { - ASN1error(ASN1_R_NOT_ENOUGH_DATA); - goto err; - } - /* - * This can't overflow because |len+want| - * didn't overflow. - */ - len += i; - chunk -= i; - } - if (chunk_max < INT_MAX/2) - chunk_max *= 2; - } - } - if (off + slen < off) { - ASN1error(ASN1_R_TOO_LONG); - goto err; - } - off += slen; - if (eos <= 0) { - break; - } else - want = HEADER_SIZE; - } - } - - if (off > INT_MAX) { - ASN1error(ASN1_R_TOO_LONG); - goto err; - } - - *pb = b; - return off; - - err: - if (b != NULL) - BUF_MEM_free(b); - return -1; -} - -void * -ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x) -{ - BUF_MEM *b = NULL; - const unsigned char *p; - void *ret = NULL; - int len; - - len = asn1_d2i_read_bio(in, &b); - if (len < 0) - goto err; - - p = (const unsigned char *)b->data; - ret = ASN1_item_d2i(x, &p, len, it); - - err: - if (b != NULL) - BUF_MEM_free(b); - return (ret); -} -LCRYPTO_ALIAS(ASN1_item_d2i_bio); - -void * -ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x) -{ - BIO *b; - char *ret; - - if ((b = BIO_new(BIO_s_file())) == NULL) { - ASN1error(ERR_R_BUF_LIB); - return (NULL); - } - BIO_set_fp(b, in, BIO_NOCLOSE); - ret = ASN1_item_d2i_bio(it, b, x); - BIO_free(b); - return (ret); -} -LCRYPTO_ALIAS(ASN1_item_d2i_fp); - -int -ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x) -{ - unsigned char *b = NULL; - int i, j = 0, n, ret = 1; - - n = ASN1_item_i2d(x, &b, it); - if (b == NULL) { - ASN1error(ERR_R_MALLOC_FAILURE); - return (0); - } - - for (;;) { - i = BIO_write(out, &(b[j]), n); - if (i == n) - break; - if (i <= 0) { - ret = 0; - break; - } - j += i; - n -= i; - } - free(b); - return (ret); -} -LCRYPTO_ALIAS(ASN1_item_i2d_bio); - -int -ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x) -{ - BIO *b; - int ret; - - if ((b = BIO_new(BIO_s_file())) == NULL) { - ASN1error(ERR_R_BUF_LIB); - return (0); - } - BIO_set_fp(b, out, BIO_NOCLOSE); - ret = ASN1_item_i2d_bio(it, b, x); - BIO_free(b); - return (ret); -} -LCRYPTO_ALIAS(ASN1_item_i2d_fp); diff --git a/src/lib/libcrypto/asn1/asn1_lib.c b/src/lib/libcrypto/asn1/asn1_lib.c deleted file mode 100644 index ac8da0e61d..0000000000 --- a/src/lib/libcrypto/asn1/asn1_lib.c +++ /dev/null @@ -1,204 +0,0 @@ -/* $OpenBSD: asn1_lib.c,v 1.54 2022/05/05 19:18:56 jsing Exp $ */ -/* - * Copyright (c) 2021 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include - -#include "bytestring.h" - -int -asn1_get_identifier_cbs(CBS *cbs, int der_mode, uint8_t *out_class, - int *out_constructed, uint32_t *out_tag_number) -{ - uint8_t tag_class, tag_val; - int tag_constructed; - uint32_t tag_number; - - /* - * Decode ASN.1 identifier octets - see ITU-T X.690 section 8.1.2. - */ - - *out_class = 0; - *out_constructed = 0; - *out_tag_number = 0; - - if (!CBS_get_u8(cbs, &tag_val)) - return 0; - - /* - * ASN.1 tag class, encoding (primitive or constructed) and tag number - * are encoded in one or more identifier octets - the first octet - * contains the 2 bit tag class, the 1 bit encoding type and 5 bits - * of tag number. - * - * For tag numbers larger than 30 (0x1e) the 5 bit tag number in the - * first octet is set to all ones (0x1f) - the tag number is then - * encoded in subsequent octets - each of which have a one bit - * continuation flag and 7 bits of tag number in big-endian form. - * The encoding should not contain leading zeros but can for BER. - */ - tag_class = (tag_val >> 6) & 0x3; - tag_constructed = (tag_val >> 5) & 0x1; - tag_number = tag_val & 0x1f; - - /* Long form. */ - if (tag_number == 0x1f) { - tag_number = 0; - do { - if (!CBS_get_u8(cbs, &tag_val)) - return 0; - if (der_mode && tag_number == 0 && tag_val == 0x80) - return 0; - if (tag_number > (UINT32_MAX >> 7)) - return 0; - tag_number = tag_number << 7 | (tag_val & 0x7f); - } while ((tag_val & 0x80) != 0); - } - - *out_class = tag_class; - *out_constructed = tag_constructed; - *out_tag_number = tag_number; - - return 1; -} - -int -asn1_get_length_cbs(CBS *cbs, int der_mode, int *out_indefinite, - size_t *out_length) -{ - uint8_t len_bytes; - size_t length; - uint8_t val; - - /* - * Decode ASN.1 length octets - see ITU-T X.690 section 8.1.3. - */ - - *out_length = 0; - *out_indefinite = 0; - - if (!CBS_get_u8(cbs, &val)) - return 0; - - /* - * Short form - length is encoded in the lower 7 bits of a single byte. - */ - if (val < 0x80) { - *out_length = val; - return 1; - } - - /* - * Indefinite length - content continues until an End of Content (EOC) - * marker is reached. Must be used with constructed encoding. - */ - if (val == 0x80) { - *out_indefinite = 1; - return 1; - } - - /* - * Long form - the lower 7 bits of the first byte specifies the number - * of bytes used to encode the length, the following bytes specify the - * length in big-endian form. The encoding should not contain leading - * zeros but can for BER. A length value of 0x7f is invalid. - */ - if ((len_bytes = val & 0x7f) == 0x7f) - return 0; - - length = 0; - - while (len_bytes-- > 0) { - if (!CBS_get_u8(cbs, &val)) - return 0; - if (der_mode && length == 0 && val == 0) - return 0; - if (length > (SIZE_MAX >> 8)) - return 0; - length = (length << 8) | val; - } - - *out_length = length; - - return 1; -} - -int -asn1_get_object_cbs(CBS *cbs, int der_mode, uint8_t *out_tag_class, - int *out_constructed, uint32_t *out_tag_number, int *out_indefinite, - size_t *out_length) -{ - int constructed, indefinite; - uint32_t tag_number; - uint8_t tag_class; - size_t length; - - *out_tag_class = 0; - *out_constructed = 0; - *out_tag_number = 0; - *out_indefinite = 0; - *out_length = 0; - - if (!asn1_get_identifier_cbs(cbs, der_mode, &tag_class, &constructed, - &tag_number)) - return 0; - if (!asn1_get_length_cbs(cbs, der_mode, &indefinite, &length)) - return 0; - - /* Indefinite length can only be used with constructed encoding. */ - if (indefinite && !constructed) - return 0; - - *out_tag_class = tag_class; - *out_constructed = constructed; - *out_tag_number = tag_number; - *out_indefinite = indefinite; - *out_length = length; - - return 1; -} - -int -asn1_get_primitive(CBS *cbs, int der_mode, uint32_t *out_tag_number, - CBS *out_content) -{ - int constructed, indefinite; - uint32_t tag_number; - uint8_t tag_class; - size_t length; - - *out_tag_number = 0; - - CBS_init(out_content, NULL, 0); - - if (!asn1_get_identifier_cbs(cbs, der_mode, &tag_class, &constructed, - &tag_number)) - return 0; - if (!asn1_get_length_cbs(cbs, der_mode, &indefinite, &length)) - return 0; - - /* A primitive is not constructed and has a definite length. */ - if (constructed || indefinite) - return 0; - - if (!CBS_get_bytes(cbs, out_content, length)) - return 0; - - *out_tag_number = tag_number; - - return 1; -} diff --git a/src/lib/libcrypto/asn1/asn1_local.h b/src/lib/libcrypto/asn1/asn1_local.h deleted file mode 100644 index 19de978772..0000000000 --- a/src/lib/libcrypto/asn1/asn1_local.h +++ /dev/null @@ -1,193 +0,0 @@ -/* $OpenBSD: asn1_local.h,v 1.10 2024/03/02 09:10:42 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2006. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include "bytestring.h" - -__BEGIN_HIDDEN_DECLS - -/* Internal ASN1 structures and functions: not for application use */ - -ASN1_TYPE *ASN1_TYPE_pack_sequence(const ASN1_ITEM *it, void *s, ASN1_TYPE **t); -void *ASN1_TYPE_unpack_sequence(const ASN1_ITEM *it, const ASN1_TYPE *t); - -/* These are used internally in the ASN1_OBJECT to keep track of - * whether the names and data need to be free()ed */ -#define ASN1_OBJECT_FLAG_DYNAMIC 0x01 /* internal use */ -#define ASN1_OBJECT_FLAG_CRITICAL 0x02 /* critical x509v3 object id */ -#define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04 /* internal use */ -#define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08 /* internal use */ -struct asn1_object_st { - const char *sn, *ln; - int nid; - int length; - const unsigned char *data; /* data remains const after init */ - int flags; /* Should we free this one */ -} /* ASN1_OBJECT */; - -/* ASN1 print context structure */ - -struct asn1_pctx_st { - unsigned long flags; - unsigned long nm_flags; - unsigned long cert_flags; - unsigned long oid_flags; - unsigned long str_flags; -} /* ASN1_PCTX */; - -int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it); -int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it); - -ASN1_VALUE ** asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); - -const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int nullerr); - -int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it); - -void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it); -void asn1_enc_cleanup(ASN1_VALUE **pval, const ASN1_ITEM *it); -int asn1_enc_save(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it); -int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it); - -int i2d_ASN1_BOOLEAN(int a, unsigned char **pp); -int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length); - -/* - * Unicode codepoint constants - */ -#define UNICODE_MAX 0x10FFFF -#define UNICODE_SURROGATE_MIN 0x00D800 -#define UNICODE_SURROGATE_MAX 0x00DFFF - -#define UNICODE_IS_SURROGATE(x) \ - ((x) >= UNICODE_SURROGATE_MIN && (x) <= UNICODE_SURROGATE_MAX) - -int UTF8_getc(const unsigned char *str, int len, unsigned long *val); -int UTF8_putc(unsigned char *str, int len, unsigned long value); - -int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb); - -int asn1_get_identifier_cbs(CBS *cbs, int der_mode, uint8_t *out_class, - int *out_constructed, uint32_t *out_tag_number); -int asn1_get_length_cbs(CBS *cbs, int der_mode, int *out_indefinite, - size_t *out_length); -int asn1_get_object_cbs(CBS *cbs, int der_mode, uint8_t *out_class, - int *out_constructed, uint32_t *out_tag_number, int *out_indefinite, - size_t *out_length); -int asn1_get_primitive(CBS *cbs, int der_mode, uint32_t *out_tag_number, - CBS *out_content); - -int asn1_must_be_constructed(int tag); -int asn1_must_be_primitive(int tag); -int asn1_tag2charwidth(int tag); - -int asn1_abs_set_unused_bits(ASN1_BIT_STRING *abs, uint8_t unused_bits); -int c2i_ASN1_BIT_STRING_cbs(ASN1_BIT_STRING **out_abs, CBS *cbs); - -int c2i_ASN1_ENUMERATED_cbs(ASN1_ENUMERATED **out_aenum, CBS *cbs); - -int asn1_aint_get_uint64(CBS *cbs, uint64_t *out_val); -int asn1_aint_set_uint64(uint64_t val, uint8_t **out_data, int *out_len); -int asn1_aint_get_int64(CBS *cbs, int negative, int64_t *out_val); -int c2i_ASN1_INTEGER_cbs(ASN1_INTEGER **out_aint, CBS *cbs); - -int c2i_ASN1_OBJECT_cbs(ASN1_OBJECT **out_aobj, CBS *content); -int i2t_ASN1_OBJECT_internal(const ASN1_OBJECT *aobj, char *buf, int buf_len, - int no_name); -ASN1_OBJECT *t2i_ASN1_OBJECT_internal(const char *oid); - -int asn1_time_parse_cbs(const CBS *cbs, int is_gentime, struct tm *out_tm); - -ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, - long length); -int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp); -ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, - const unsigned char **pp, long length); -int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp); -ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, - long length); -int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, int64_t offset_sec); -int OPENSSL_gmtime_diff(int *pday, int *psec, const struct tm *from, - const struct tm *to); -int asn1_time_time_t_to_tm(const time_t *time, struct tm *out_tm); -int asn1_time_tm_to_time_t(const struct tm *tm, time_t *out); - -int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); - -const BIO_METHOD *BIO_f_asn1(void); - -BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it); - -int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags, - const ASN1_ITEM *it); -int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags, - const char *hdr, const ASN1_ITEM *it); -int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, - int ctype_nid, int econt_nid, STACK_OF(X509_ALGOR) *mdalgs, - const ASN1_ITEM *it); -ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it); - -int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it); -void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it); - -int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); -void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); - -int ASN1_time_parse(const char *_bytes, size_t _len, struct tm *_tm, int _mode); -int ASN1_time_tm_cmp(struct tm *_tm1, struct tm *_tm2); - -__END_HIDDEN_DECLS diff --git a/src/lib/libcrypto/asn1/asn1_old.c b/src/lib/libcrypto/asn1/asn1_old.c deleted file mode 100644 index 7992fccdef..0000000000 --- a/src/lib/libcrypto/asn1/asn1_old.c +++ /dev/null @@ -1,185 +0,0 @@ -/* $OpenBSD: asn1_old.c,v 1.6 2024/04/10 14:55:12 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include -#include -#include - -#include "asn1_local.h" - -#ifndef NO_OLD_ASN1 - -void * -ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x) -{ - unsigned char *b, *p; - const unsigned char *p2; - int i; - char *ret; - - if (x == NULL) - return (NULL); - - i = i2d(x, NULL); - b = malloc(i + 10); - if (b == NULL) { - ASN1error(ERR_R_MALLOC_FAILURE); - return (NULL); - } - p = b; - i = i2d(x, &p); - p2 = b; - ret = d2i(NULL, &p2, i); - free(b); - return (ret); -} -LCRYPTO_ALIAS(ASN1_dup); - -void * -ASN1_d2i_fp(void *(*xnew)(void), d2i_of_void *d2i, FILE *in, void **x) -{ - BIO *b; - void *ret; - - if ((b = BIO_new(BIO_s_file())) == NULL) { - ASN1error(ERR_R_BUF_LIB); - return (NULL); - } - BIO_set_fp(b, in, BIO_NOCLOSE); - ret = ASN1_d2i_bio(xnew, d2i, b, x); - BIO_free(b); - return (ret); -} -LCRYPTO_ALIAS(ASN1_d2i_fp); - -void * -ASN1_d2i_bio(void *(*xnew)(void), d2i_of_void *d2i, BIO *in, void **x) -{ - BUF_MEM *b = NULL; - const unsigned char *p; - void *ret = NULL; - int len; - - len = asn1_d2i_read_bio(in, &b); - if (len < 0) - goto err; - - p = (unsigned char *)b->data; - ret = d2i(x, &p, len); - - err: - if (b != NULL) - BUF_MEM_free(b); - return (ret); -} -LCRYPTO_ALIAS(ASN1_d2i_bio); - -int -ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x) -{ - BIO *b; - int ret; - - if ((b = BIO_new(BIO_s_file())) == NULL) { - ASN1error(ERR_R_BUF_LIB); - return (0); - } - BIO_set_fp(b, out, BIO_NOCLOSE); - ret = ASN1_i2d_bio(i2d, b, x); - BIO_free(b); - return (ret); -} -LCRYPTO_ALIAS(ASN1_i2d_fp); - -int -ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x) -{ - char *b; - unsigned char *p; - int i, j = 0, n, ret = 1; - - n = i2d(x, NULL); - b = malloc(n); - if (b == NULL) { - ASN1error(ERR_R_MALLOC_FAILURE); - return (0); - } - - p = (unsigned char *)b; - i2d(x, &p); - - for (;;) { - i = BIO_write(out, &(b[j]), n); - if (i == n) - break; - if (i <= 0) { - ret = 0; - break; - } - j += i; - n -= i; - } - free(b); - return (ret); -} -LCRYPTO_ALIAS(ASN1_i2d_bio); - -#endif diff --git a/src/lib/libcrypto/asn1/asn1_old_lib.c b/src/lib/libcrypto/asn1/asn1_old_lib.c deleted file mode 100644 index 80362ae689..0000000000 --- a/src/lib/libcrypto/asn1/asn1_old_lib.c +++ /dev/null @@ -1,216 +0,0 @@ -/* $OpenBSD: asn1_old_lib.c,v 1.6 2023/07/05 21:23:36 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include -#include - -#include "asn1_local.h" - -static void asn1_put_length(unsigned char **pp, int length); - -int -ASN1_get_object(const unsigned char **pp, long *plength, int *ptag, - int *pclass, long omax) -{ - int constructed, indefinite; - uint32_t tag_number; - uint8_t tag_class; - size_t length; - CBS cbs; - int ret = 0; - - *pclass = 0; - *ptag = 0; - *plength = 0; - - CBS_init(&cbs, *pp, omax); - - if (!asn1_get_object_cbs(&cbs, 0, &tag_class, &constructed, &tag_number, - &indefinite, &length)) { - ASN1error(ASN1_R_HEADER_TOO_LONG); - return 0x80; - } - - if (tag_number > INT_MAX) { - ASN1error(ASN1_R_HEADER_TOO_LONG); - return 0x80; - } - - /* - * API insanity ahead... in this case we add an error to the stack and - * signal an error by setting the 8th bit in the return value... but we - * still provide all of the decoded data. - */ - if (length > CBS_len(&cbs) || length > LONG_MAX) { - ASN1error(ASN1_R_TOO_LONG); - ret = 0x80; - } - - *pclass = tag_class << 6; - *ptag = tag_number; - *plength = length; - - *pp = CBS_data(&cbs); - - if (constructed) - ret |= 1 << 5; - if (indefinite) - ret |= 1; - - return ret; -} -LCRYPTO_ALIAS(ASN1_get_object); - -/* class 0 is constructed - * constructed == 2 for indefinite length constructed */ -void -ASN1_put_object(unsigned char **pp, int constructed, int length, int tag, - int xclass) -{ - unsigned char *p = *pp; - int i, ttag; - - i = (constructed) ? V_ASN1_CONSTRUCTED : 0; - i |= (xclass & V_ASN1_PRIVATE); - if (tag < 31) - *(p++) = i | (tag & V_ASN1_PRIMITIVE_TAG); - else { - *(p++) = i | V_ASN1_PRIMITIVE_TAG; - for(i = 0, ttag = tag; ttag > 0; i++) - ttag >>= 7; - ttag = i; - while (i-- > 0) { - p[i] = tag & 0x7f; - if (i != (ttag - 1)) - p[i] |= 0x80; - tag >>= 7; - } - p += ttag; - } - if (constructed == 2) - *(p++) = 0x80; - else - asn1_put_length(&p, length); - *pp = p; -} -LCRYPTO_ALIAS(ASN1_put_object); - -int -ASN1_put_eoc(unsigned char **pp) -{ - unsigned char *p = *pp; - - *p++ = 0; - *p++ = 0; - *pp = p; - return 2; -} -LCRYPTO_ALIAS(ASN1_put_eoc); - -static void -asn1_put_length(unsigned char **pp, int length) -{ - unsigned char *p = *pp; - - int i, l; - if (length <= 127) - *(p++) = (unsigned char)length; - else { - l = length; - for (i = 0; l > 0; i++) - l >>= 8; - *(p++) = i | 0x80; - l = i; - while (i-- > 0) { - p[i] = length & 0xff; - length >>= 8; - } - p += l; - } - *pp = p; -} - -int -ASN1_object_size(int constructed, int length, int tag) -{ - int ret; - - ret = length; - ret++; - if (tag >= 31) { - while (tag > 0) { - tag >>= 7; - ret++; - } - } - if (constructed == 2) - return ret + 3; - ret++; - if (length > 127) { - while (length > 0) { - length >>= 8; - ret++; - } - } - return (ret); -} -LCRYPTO_ALIAS(ASN1_object_size); diff --git a/src/lib/libcrypto/asn1/asn1_par.c b/src/lib/libcrypto/asn1/asn1_par.c deleted file mode 100644 index 712bb5260e..0000000000 --- a/src/lib/libcrypto/asn1/asn1_par.c +++ /dev/null @@ -1,386 +0,0 @@ -/* $OpenBSD: asn1_par.c,v 1.35 2023/07/05 21:23:36 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include -#include - -static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed, - int indent); -static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, - int offset, int depth, int indent, int dump); - -static int -asn1_print_info(BIO *bp, int tag, int xclass, int constructed, - int indent) -{ - char str[128]; - const char *p; - - if (constructed & V_ASN1_CONSTRUCTED) - p="cons: "; - else - p="prim: "; - if (BIO_write(bp, p, 6) < 6) - goto err; - if (!BIO_indent(bp, indent, 128)) - goto err; - - p = str; - if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE) - snprintf(str, sizeof str, "priv [ %d ] ", tag); - else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC) - snprintf(str, sizeof str, "cont [ %d ]", tag); - else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION) - snprintf(str, sizeof str, "appl [ %d ]", tag); - else if (tag > 30) - snprintf(str, sizeof str, "", tag); - else - p = ASN1_tag2str(tag); - - if (BIO_printf(bp, "%-18s", p) <= 0) - goto err; - return (1); - err: - return (0); -} - -int -ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent) -{ - return (asn1_parse2(bp, &pp, len, 0, 0, indent, 0)); -} -LCRYPTO_ALIAS(ASN1_parse); - -int -ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent, int dump) -{ - return (asn1_parse2(bp, &pp, len, 0, 0, indent, dump)); -} -LCRYPTO_ALIAS(ASN1_parse_dump); - -static int -asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offset, - int depth, int indent, int dump) -{ - const unsigned char *p, *ep, *tot, *op, *opp; - long len; - int tag, xclass, ret = 0; - int nl, hl, j, r; - ASN1_OBJECT *o = NULL; - ASN1_OCTET_STRING *os = NULL; - ASN1_INTEGER *ai = NULL; - ASN1_ENUMERATED *ae = NULL; - /* ASN1_BMPSTRING *bmp=NULL;*/ - int dump_indent; - - dump_indent = 6; /* Because we know BIO_dump_indent() */ - p = *pp; - tot = p + length; - op = p - 1; - if (depth > 128) { - BIO_printf(bp, "Max depth exceeded\n"); - goto end; - } - while ((p < tot) && (op < p)) { - op = p; - j = ASN1_get_object(&p, &len, &tag, &xclass, length); - - if (j & 0x80) { - if (BIO_write(bp, "Error in encoding\n", 18) <= 0) - goto end; - ret = 0; - goto end; - } - hl = (p - op); - length -= hl; - /* if j == 0x21 it is a constructed indefinite length object */ - if (BIO_printf(bp, "%5ld:", (long)offset + - (long)(op - *pp)) <= 0) - goto end; - - if (j != (V_ASN1_CONSTRUCTED | 1)) { - if (BIO_printf(bp, "d=%-2d hl=%ld l=%4ld ", - depth, (long)hl, len) <= 0) - goto end; - } else { - if (BIO_printf(bp, "d=%-2d hl=%ld l=inf ", - depth, (long)hl) <= 0) - goto end; - } - if (!asn1_print_info(bp, tag, xclass, j, (indent) ? depth : 0)) - goto end; - if (j & V_ASN1_CONSTRUCTED) { - ep = p + len; - if (BIO_write(bp, "\n", 1) <= 0) - goto end; - if (len > length) { - BIO_printf(bp, "length is greater than %ld\n", - length); - ret = 0; - goto end; - } - if ((j == 0x21) && (len == 0)) { - for (;;) { - r = asn1_parse2(bp, &p, (long)(tot - p), - offset + (p - *pp), depth + 1, - indent, dump); - if (r == 0) { - ret = 0; - goto end; - } - if ((r == 2) || (p >= tot)) { - len = (long)(p - ep); - break; - } - } - } else { - while (p < ep) { - r = asn1_parse2(bp, &p, (long)(ep - p), - offset + (p - *pp), depth + 1, - indent, dump); - if (r == 0) { - ret = 0; - goto end; - } - } - } - } else if (xclass != 0) { - p += len; - if (BIO_write(bp, "\n", 1) <= 0) - goto end; - } else { - nl = 0; - if ((tag == V_ASN1_PRINTABLESTRING) || - (tag == V_ASN1_T61STRING) || - (tag == V_ASN1_IA5STRING) || - (tag == V_ASN1_VISIBLESTRING) || - (tag == V_ASN1_NUMERICSTRING) || - (tag == V_ASN1_UTF8STRING) || - (tag == V_ASN1_UTCTIME) || - (tag == V_ASN1_GENERALIZEDTIME)) { - if (BIO_write(bp, ":", 1) <= 0) - goto end; - if ((len > 0) && - BIO_write(bp, (const char *)p, (int)len) != - (int)len) - goto end; - } else if (tag == V_ASN1_OBJECT) { - opp = op; - if (d2i_ASN1_OBJECT(&o, &opp, len + hl) != - NULL) { - if (BIO_write(bp, ":", 1) <= 0) - goto end; - i2a_ASN1_OBJECT(bp, o); - } else { - if (BIO_write(bp, ":BAD OBJECT", - 11) <= 0) - goto end; - } - } else if (tag == V_ASN1_BOOLEAN) { - if (len == 1 && p < tot) { - BIO_printf(bp, ":%u", p[0]); - } else { - if (BIO_write(bp, "Bad boolean\n", - 12) <= 0) - goto end; - } - } else if (tag == V_ASN1_BMPSTRING) { - /* do the BMP thang */ - } else if (tag == V_ASN1_OCTET_STRING) { - int i, printable = 1; - - opp = op; - os = d2i_ASN1_OCTET_STRING(NULL, &opp, len + hl); - if (os != NULL && os->length > 0) { - opp = os->data; - /* testing whether the octet string is - * printable */ - for (i = 0; i < os->length; i++) { - if (((opp[i] < ' ') && - (opp[i] != '\n') && - (opp[i] != '\r') && - (opp[i] != '\t')) || - (opp[i] > '~')) { - printable = 0; - break; - } - } - if (printable) { - /* printable string */ - if (BIO_write(bp, ":", 1) <= 0) - goto end; - if (BIO_write(bp, (const char *)opp, - os->length) <= 0) - goto end; - } else if (!dump) { - /* not printable => print octet string - * as hex dump */ - if (BIO_write(bp, "[HEX DUMP]:", 11) <= 0) - goto end; - for (i = 0; i < os->length; i++) { - if (BIO_printf(bp, - "%02X", opp[i]) <= 0) - goto end; - } - } else { - /* print the normal dump */ - if (!nl) { - if (BIO_write(bp, "\n", 1) <= 0) - goto end; - } - if (BIO_dump_indent(bp, - (const char *)opp, - ((dump == -1 || dump > - os->length) ? os->length : dump), - dump_indent) <= 0) - goto end; - nl = 1; - } - } - ASN1_OCTET_STRING_free(os); - os = NULL; - } else if (tag == V_ASN1_INTEGER) { - int i; - - opp = op; - ai = d2i_ASN1_INTEGER(NULL, &opp, len + hl); - if (ai != NULL) { - if (BIO_write(bp, ":", 1) <= 0) - goto end; - if (ai->type == V_ASN1_NEG_INTEGER) - if (BIO_write(bp, "-", 1) <= 0) - goto end; - for (i = 0; i < ai->length; i++) { - if (BIO_printf(bp, "%02X", - ai->data[i]) <= 0) - goto end; - } - if (ai->length == 0) { - if (BIO_write(bp, "00", 2) <= 0) - goto end; - } - } else { - if (BIO_write(bp, "BAD INTEGER", 11) <= 0) - goto end; - } - ASN1_INTEGER_free(ai); - ai = NULL; - } else if (tag == V_ASN1_ENUMERATED) { - int i; - - opp = op; - ae = d2i_ASN1_ENUMERATED(NULL, &opp, len + hl); - if (ae != NULL) { - if (BIO_write(bp, ":", 1) <= 0) - goto end; - if (ae->type == V_ASN1_NEG_ENUMERATED) - if (BIO_write(bp, "-", 1) <= 0) - goto end; - for (i = 0; i < ae->length; i++) { - if (BIO_printf(bp, "%02X", - ae->data[i]) <= 0) - goto end; - } - if (ae->length == 0) { - if (BIO_write(bp, "00", 2) <= 0) - goto end; - } - } else { - if (BIO_write(bp, "BAD ENUMERATED", 14) <= 0) - goto end; - } - ASN1_ENUMERATED_free(ae); - ae = NULL; - } else if (len > 0 && dump) { - if (!nl) { - if (BIO_write(bp, "\n", 1) <= 0) - goto end; - } - if (BIO_dump_indent(bp, (const char *)p, - ((dump == -1 || dump > len) ? len : dump), - dump_indent) <= 0) - goto end; - nl = 1; - } - - if (!nl) { - if (BIO_write(bp, "\n", 1) <= 0) - goto end; - } - p += len; - if ((tag == V_ASN1_EOC) && (xclass == 0)) { - ret = 2; /* End of sequence */ - goto end; - } - } - length -= len; - } - ret = 1; - - end: - if (o != NULL) - ASN1_OBJECT_free(o); - ASN1_OCTET_STRING_free(os); - ASN1_INTEGER_free(ai); - ASN1_ENUMERATED_free(ae); - *pp = p; - return (ret); -} diff --git a/src/lib/libcrypto/asn1/asn1_types.c b/src/lib/libcrypto/asn1/asn1_types.c deleted file mode 100644 index 5f9644a718..0000000000 --- a/src/lib/libcrypto/asn1/asn1_types.c +++ /dev/null @@ -1,305 +0,0 @@ -/* $OpenBSD: asn1_types.c,v 1.3 2023/07/05 21:23:36 beck Exp $ */ -/* - * Copyright (c) 2021 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include - -#define ASN1_ENCODING_CONSTRUCTED_ONLY 1 -#define ASN1_ENCODING_PRIMITIVE_ONLY 2 - -struct asn1_type { - const char *name; - uint32_t bit_value; - int char_width; - int encoding; -}; - -/* - * Universal class tag types - ITU X.680. - */ -static const struct asn1_type asn1_types[31] = { - [0] = { - /* Tag 0 (0x00) - Reserved for use by encoding rules */ - .name = "EOC", - .bit_value = 0, - .char_width = -1, - }, - [1] = { - /* Tag 1 (0x01) - Boolean */ - .name = "BOOLEAN", - .bit_value = 0, - .char_width = -1, - .encoding = ASN1_ENCODING_PRIMITIVE_ONLY, - }, - [2] = { - /* Tag 2 (0x02) - Integer */ - .name = "INTEGER", - .bit_value = 0, - .char_width = -1, - .encoding = ASN1_ENCODING_PRIMITIVE_ONLY, - }, - [3] = { - /* Tag 3 (0x03) - BitString */ - .name = "BIT STRING", - .bit_value = B_ASN1_BIT_STRING, - .char_width = -1, - }, - [4] = { - /* Tag 4 (0x04) - OctetString */ - .name = "OCTET STRING", - .bit_value = B_ASN1_OCTET_STRING, - .char_width = -1, - }, - [5] = { - /* Tag 5 (0x05) - Null */ - .name = "NULL", - .bit_value = 0, - .char_width = -1, - .encoding = ASN1_ENCODING_PRIMITIVE_ONLY, - }, - [6] = { - /* Tag 6 (0x06) - Object Identifier */ - .name = "OBJECT", - .bit_value = 0, - .char_width = -1, - .encoding = ASN1_ENCODING_PRIMITIVE_ONLY, - }, - [7] = { - /* Tag 7 (0x07) - Object Descriptor */ - .name = "OBJECT DESCRIPTOR", - .bit_value = B_ASN1_UNKNOWN, - .char_width = -1, - }, - [8] = { - /* Tag 8 (0x08) - External */ - .name = "EXTERNAL", - .bit_value = B_ASN1_UNKNOWN, - .char_width = -1, - }, - [9] = { - /* Tag 9 (0x09) - Real */ - .name = "REAL", - .bit_value = B_ASN1_UNKNOWN, - .char_width = -1, - .encoding = ASN1_ENCODING_PRIMITIVE_ONLY, - }, - [10] = { - /* Tag 10 (0x0a) - Enumerated */ - .name = "ENUMERATED", - .bit_value = B_ASN1_UNKNOWN, - .char_width = -1, - .encoding = ASN1_ENCODING_PRIMITIVE_ONLY, - }, - [11] = { - /* Tag 11 (0x0b) - Embedded PDV */ - .name = "", - .bit_value = B_ASN1_UNKNOWN, - .char_width = -1, - }, - [12] = { - /* Tag 12 (0x0c) - UTF8String */ - .name = "UTF8STRING", - .bit_value = B_ASN1_UTF8STRING, - .char_width = 0, - }, - [13] = { - /* Tag 13 (0x0d) - Relative Object Identifier */ - .name = "", - .bit_value = B_ASN1_UNKNOWN, - .char_width = -1, - .encoding = ASN1_ENCODING_PRIMITIVE_ONLY, - }, - [14] = { - /* Tag 14 (0x0e) - Time */ - .name = "", - .bit_value = B_ASN1_UNKNOWN, - .char_width = -1, - .encoding = ASN1_ENCODING_PRIMITIVE_ONLY, - }, - [15] = { - /* Tag 15 (0x0f) - Reserved */ - .name = "", - .bit_value = B_ASN1_UNKNOWN, - .char_width = -1, - }, - [16] = { - /* Tag 16 (0x10)- Sequence */ - .name = "SEQUENCE", - .bit_value = B_ASN1_SEQUENCE, - .char_width = -1, - .encoding = ASN1_ENCODING_CONSTRUCTED_ONLY, - }, - [17] = { - /* Tag 17 (0x11) - Set */ - .name = "SET", - .bit_value = 0, - .char_width = -1, - .encoding = ASN1_ENCODING_CONSTRUCTED_ONLY, - }, - [18] = { - /* Tag 18 (0x12) - NumericString */ - .name = "NUMERICSTRING", - .bit_value = B_ASN1_NUMERICSTRING, - .char_width = -1, - }, - [19] = { - /* Tag 19 (0x13) - PrintableString */ - .name = "PRINTABLESTRING", - .bit_value = B_ASN1_PRINTABLESTRING, - .char_width = 1, - }, - [20] = { - /* Tag 20 (0x14) - TeletexString (T61String) */ - .name = "T61STRING", - .bit_value = B_ASN1_T61STRING, - .char_width = 1, - }, - [21] = { - /* Tag 21 (0x15) - VideotexString */ - .name = "VIDEOTEXSTRING", - .bit_value = B_ASN1_VIDEOTEXSTRING, - .char_width = -1, - }, - [22] = { - /* Tag 22 (0x16) - IA5String */ - .name = "IA5STRING", - .bit_value = B_ASN1_IA5STRING, - .char_width = 1, - }, - [23] = { - /* Tag 23 (0x17) - UTCTime */ - .name = "UTCTIME", - .bit_value = B_ASN1_UTCTIME, - .char_width = 1, - }, - [24] = { - /* Tag 24 (0x18) - GeneralizedTime */ - .name = "GENERALIZEDTIME", - .bit_value = B_ASN1_GENERALIZEDTIME, - .char_width = 1, - }, - [25] = { - /* Tag 25 (0x19) - GraphicString */ - .name = "GRAPHICSTRING", - .bit_value = B_ASN1_GRAPHICSTRING, - .char_width = -1, - }, - [26] = { - /* Tag 26 (0x1a) - VisibleString (ISO646String) */ - .name = "VISIBLESTRING", - .bit_value = B_ASN1_ISO64STRING, - .char_width = 1, - }, - [27] = { - /* Tag 27 (0x1b) - GeneralString */ - .name = "GENERALSTRING", - .bit_value = B_ASN1_GENERALSTRING, - .char_width = -1, - }, - [28] = { - /* Tag 28 (0x1c) - UniversalString */ - .name = "UNIVERSALSTRING", - .bit_value = B_ASN1_UNIVERSALSTRING, - .char_width = 4, - }, - [29] = { - /* Tag 29 (0x1d) - Unallocated */ - .name = "", - .bit_value = B_ASN1_UNKNOWN, - .char_width = -1, - }, - [30] = { - /* Tag 30 (0x1e) - BMPString */ - .name = "BMPSTRING", - .bit_value = B_ASN1_BMPSTRING, - .char_width = 2, - }, -}; - -static const struct asn1_type * -asn1_type_by_tag(int tag) -{ - if (tag < 0 || tag > 30) - return NULL; - - return &asn1_types[tag]; -} - -int -asn1_must_be_constructed(int tag) -{ - const struct asn1_type *at; - - if (tag == V_ASN1_NEG_INTEGER || tag == V_ASN1_NEG_ENUMERATED) - tag &= ~V_ASN1_NEG; - if ((at = asn1_type_by_tag(tag)) != NULL) - return at->encoding == ASN1_ENCODING_CONSTRUCTED_ONLY; - - return 0; -} - -int -asn1_must_be_primitive(int tag) -{ - const struct asn1_type *at; - - if (tag == V_ASN1_NEG_INTEGER || tag == V_ASN1_NEG_ENUMERATED) - tag &= ~V_ASN1_NEG; - if ((at = asn1_type_by_tag(tag)) != NULL) - return at->encoding == ASN1_ENCODING_PRIMITIVE_ONLY; - - return 0; -} - -int -asn1_tag2charwidth(int tag) -{ - const struct asn1_type *at; - - if ((at = asn1_type_by_tag(tag)) != NULL) - return at->char_width; - - return -1; -} - -unsigned long -ASN1_tag2bit(int tag) -{ - const struct asn1_type *at; - - if ((at = asn1_type_by_tag(tag)) != NULL) - return (unsigned long)at->bit_value; - - return 0; -} -LCRYPTO_ALIAS(ASN1_tag2bit); - -const char * -ASN1_tag2str(int tag) -{ - const struct asn1_type *at; - - if (tag == V_ASN1_NEG_INTEGER || tag == V_ASN1_NEG_ENUMERATED) - tag &= ~V_ASN1_NEG; - - if ((at = asn1_type_by_tag(tag)) != NULL) - return at->name; - - return "(unknown)"; -} -LCRYPTO_ALIAS(ASN1_tag2str); diff --git a/src/lib/libcrypto/asn1/asn1t.h b/src/lib/libcrypto/asn1/asn1t.h deleted file mode 100644 index 22cde48669..0000000000 --- a/src/lib/libcrypto/asn1/asn1t.h +++ /dev/null @@ -1,904 +0,0 @@ -/* $OpenBSD: asn1t.h,v 1.24 2024/07/08 16:24:22 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -#ifndef HEADER_ASN1T_H -#define HEADER_ASN1T_H - -#include - -#include - -#include - -/* ASN1 template defines, structures and functions */ - -#ifdef __cplusplus -extern "C" { -#endif - -#ifndef LIBRESSL_INTERNAL - -/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */ -#define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr)) - - -/* Macros for start and end of ASN1_ITEM definition */ - -#define ASN1_ITEM_start(itname) \ - const ASN1_ITEM itname##_it = { - -#define static_ASN1_ITEM_start(itname) \ - static const ASN1_ITEM itname##_it = { - -#define ASN1_ITEM_end(itname) \ - }; - - - -/* Macros to aid ASN1 template writing */ - -#define ASN1_ITEM_TEMPLATE(tname) \ - static const ASN1_TEMPLATE tname##_item_tt - -#define ASN1_ITEM_TEMPLATE_END(tname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_PRIMITIVE,\ - -1,\ - &tname##_item_tt,\ - 0,\ - NULL,\ - 0,\ - #tname \ - ASN1_ITEM_end(tname) - -#define static_ASN1_ITEM_TEMPLATE_END(tname) \ - ;\ - static_ASN1_ITEM_start(tname) \ - ASN1_ITYPE_PRIMITIVE,\ - -1,\ - &tname##_item_tt,\ - 0,\ - NULL,\ - 0,\ - #tname \ - ASN1_ITEM_end(tname) - - -/* This is a ASN1 type which just embeds a template */ - -/* - * This pair helps declare a SEQUENCE. We can do: - * - * ASN1_SEQUENCE(stname) = { - * ... SEQUENCE components ... - * } ASN1_SEQUENCE_END(stname) - * - * This will produce an ASN1_ITEM called stname_it - * for a structure called stname. - * - * If you want the same structure but a different - * name then use: - * - * ASN1_SEQUENCE(itname) = { - * ... SEQUENCE components ... - * } ASN1_SEQUENCE_END_name(stname, itname) - * - * This will create an item called itname_it using - * a structure called stname. - */ - -#define ASN1_SEQUENCE(tname) \ - static const ASN1_TEMPLATE tname##_seq_tt[] - -#define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname) - -#define static_ASN1_SEQUENCE_END(stname) static_ASN1_SEQUENCE_END_name(stname, stname) - -#define ASN1_SEQUENCE_END_name(stname, tname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_SEQUENCE,\ - V_ASN1_SEQUENCE,\ - tname##_seq_tt,\ - sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ - NULL,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - -#define static_ASN1_SEQUENCE_END_name(stname, tname) \ - ;\ - static_ASN1_ITEM_start(tname) \ - ASN1_ITYPE_SEQUENCE,\ - V_ASN1_SEQUENCE,\ - tname##_seq_tt,\ - sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ - NULL,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - -#define ASN1_NDEF_SEQUENCE(tname) \ - ASN1_SEQUENCE(tname) - -#define ASN1_NDEF_SEQUENCE_cb(tname, cb) \ - ASN1_SEQUENCE_cb(tname, cb) - -#define ASN1_SEQUENCE_cb(tname, cb) \ - static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \ - ASN1_SEQUENCE(tname) - -#define ASN1_SEQUENCE_ref(tname, cb, lck) \ - static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \ - ASN1_SEQUENCE(tname) - -#define ASN1_SEQUENCE_enc(tname, enc, cb) \ - static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \ - ASN1_SEQUENCE(tname) - -#define ASN1_NDEF_SEQUENCE_END(tname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_NDEF_SEQUENCE,\ - V_ASN1_SEQUENCE,\ - tname##_seq_tt,\ - sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ - NULL,\ - sizeof(tname),\ - #tname \ - ASN1_ITEM_end(tname) - -#define static_ASN1_NDEF_SEQUENCE_END(tname) \ - ;\ - static_ASN1_ITEM_start(tname) \ - ASN1_ITYPE_NDEF_SEQUENCE,\ - V_ASN1_SEQUENCE,\ - tname##_seq_tt,\ - sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ - NULL,\ - sizeof(tname),\ - #tname \ - ASN1_ITEM_end(tname) - -#define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname) - -#define ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname) - -#define static_ASN1_SEQUENCE_END_cb(stname, tname) static_ASN1_SEQUENCE_END_ref(stname, tname) - -#define ASN1_SEQUENCE_END_ref(stname, tname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_SEQUENCE,\ - V_ASN1_SEQUENCE,\ - tname##_seq_tt,\ - sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ - &tname##_aux,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - -#define static_ASN1_SEQUENCE_END_ref(stname, tname) \ - ;\ - static_ASN1_ITEM_start(tname) \ - ASN1_ITYPE_SEQUENCE,\ - V_ASN1_SEQUENCE,\ - tname##_seq_tt,\ - sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ - &tname##_aux,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - -#define ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_NDEF_SEQUENCE,\ - V_ASN1_SEQUENCE,\ - tname##_seq_tt,\ - sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ - &tname##_aux,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - - -/* - * This pair helps declare a CHOICE type. We can do: - * - * ASN1_CHOICE(chname) = { - * ... CHOICE options ... - * ASN1_CHOICE_END(chname) - * - * This will produce an ASN1_ITEM called chname_it - * for a structure called chname. The structure - * definition must look like this: - * typedef struct { - * int type; - * union { - * ASN1_SOMETHING *opt1; - * ASN1_SOMEOTHER *opt2; - * } value; - * } chname; - * - * the name of the selector must be 'type'. - * to use an alternative selector name use the - * ASN1_CHOICE_END_selector() version. - */ - -#define ASN1_CHOICE(tname) \ - static const ASN1_TEMPLATE tname##_ch_tt[] - -#define ASN1_CHOICE_cb(tname, cb) \ - static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \ - ASN1_CHOICE(tname) - -#define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname) - -#define static_ASN1_CHOICE_END(stname) static_ASN1_CHOICE_END_name(stname, stname) - -#define ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type) - -#define static_ASN1_CHOICE_END_name(stname, tname) static_ASN1_CHOICE_END_selector(stname, tname, type) - -#define ASN1_CHOICE_END_selector(stname, tname, selname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_CHOICE,\ - offsetof(stname,selname) ,\ - tname##_ch_tt,\ - sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\ - NULL,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - -#define static_ASN1_CHOICE_END_selector(stname, tname, selname) \ - ;\ - static_ASN1_ITEM_start(tname) \ - ASN1_ITYPE_CHOICE,\ - offsetof(stname,selname) ,\ - tname##_ch_tt,\ - sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\ - NULL,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - -#define ASN1_CHOICE_END_cb(stname, tname, selname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_CHOICE,\ - offsetof(stname,selname) ,\ - tname##_ch_tt,\ - sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\ - &tname##_aux,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - -/* This helps with the template wrapper form of ASN1_ITEM */ - -#define ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \ - (flags), (tag), 0,\ - #name, ASN1_ITEM_ref(type) } - -/* These help with SEQUENCE or CHOICE components */ - -/* used to declare other types */ - -#define ASN1_EX_TYPE(flags, tag, stname, field, type) { \ - (flags), (tag), offsetof(stname, field),\ - #field, ASN1_ITEM_ref(type) } - -/* implicit and explicit helper macros */ - -#define ASN1_IMP_EX(stname, field, type, tag, ex) \ - ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | ex, tag, stname, field, type) - -#define ASN1_EXP_EX(stname, field, type, tag, ex) \ - ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | ex, tag, stname, field, type) - -/* Any defined by macros: the field used is in the table itself */ - -#define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) } -#define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) } -/* Plain simple type */ -#define ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type) - -/* OPTIONAL simple type */ -#define ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type) - -/* IMPLICIT tagged simple type */ -#define ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0) - -/* IMPLICIT tagged OPTIONAL simple type */ -#define ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL) - -/* Same as above but EXPLICIT */ - -#define ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0) -#define ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL) - -/* SEQUENCE OF type */ -#define ASN1_SEQUENCE_OF(stname, field, type) \ - ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type) - -/* OPTIONAL SEQUENCE OF */ -#define ASN1_SEQUENCE_OF_OPT(stname, field, type) \ - ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type) - -/* Same as above but for SET OF */ - -#define ASN1_SET_OF(stname, field, type) \ - ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type) - -#define ASN1_SET_OF_OPT(stname, field, type) \ - ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type) - -/* Finally compound types of SEQUENCE, SET, IMPLICIT, EXPLICIT and OPTIONAL */ - -#define ASN1_IMP_SET_OF(stname, field, type, tag) \ - ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF) - -#define ASN1_EXP_SET_OF(stname, field, type, tag) \ - ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF) - -#define ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \ - ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL) - -#define ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \ - ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL) - -#define ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \ - ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF) - -#define ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \ - ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL) - -#define ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \ - ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF) - -#define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \ - ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL) - -/* EXPLICIT using indefinite length constructed form */ -#define ASN1_NDEF_EXP(stname, field, type, tag) \ - ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF) - -/* EXPLICIT OPTIONAL using indefinite length constructed form */ -#define ASN1_NDEF_EXP_OPT(stname, field, type, tag) \ - ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF) - -/* Macros for the ASN1_ADB structure */ - -#define ASN1_ADB(name) \ - static const ASN1_ADB_TABLE name##_adbtbl[] - - -#define ASN1_ADB_END(name, flags, field, app_table, def, none) \ - ;\ - static const ASN1_ADB name##_adb = {\ - flags,\ - offsetof(name, field),\ - app_table,\ - name##_adbtbl,\ - sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\ - def,\ - none\ - } - - -#define ADB_ENTRY(val, template) {val, template} - -#define ASN1_ADB_TEMPLATE(name) \ - static const ASN1_TEMPLATE name##_tt - -#endif /* !LIBRESSL_INTERNAL */ - -/* This is the ASN1 template structure that defines - * a wrapper round the actual type. It determines the - * actual position of the field in the value structure, - * various flags such as OPTIONAL and the field name. - */ - -struct ASN1_TEMPLATE_st { - unsigned long flags; /* Various flags */ - long tag; /* tag, not used if no tagging */ - unsigned long offset; /* Offset of this field in structure */ - const char *field_name; /* Field name */ - ASN1_ITEM_EXP *item; /* Relevant ASN1_ITEM or ASN1_ADB */ -}; - -/* Macro to extract ASN1_ITEM and ASN1_ADB pointer from ASN1_TEMPLATE */ - -#define ASN1_TEMPLATE_item(t) (t->item_ptr) -#define ASN1_TEMPLATE_adb(t) (t->item_ptr) - -typedef struct ASN1_ADB_TABLE_st ASN1_ADB_TABLE; -typedef struct ASN1_ADB_st ASN1_ADB; - -struct ASN1_ADB_st { - unsigned long flags; /* Various flags */ - unsigned long offset; /* Offset of selector field */ - const ASN1_ADB_TABLE *tbl; /* Table of possible types */ - long tblcount; /* Number of entries in tbl */ - const ASN1_TEMPLATE *default_tt; /* Type to use if no match */ - const ASN1_TEMPLATE *null_tt; /* Type to use if selector is NULL */ -}; - -struct ASN1_ADB_TABLE_st { - long value; /* NID for an object or value for an int */ - const ASN1_TEMPLATE tt; /* item for this value */ -}; - -/* template flags */ - -/* Field is optional */ -#define ASN1_TFLG_OPTIONAL (0x1) - -/* Field is a SET OF */ -#define ASN1_TFLG_SET_OF (0x1 << 1) - -/* Field is a SEQUENCE OF */ -#define ASN1_TFLG_SEQUENCE_OF (0x2 << 1) - -/* Special case: this refers to a SET OF that - * will be sorted into DER order when encoded *and* - * the corresponding STACK will be modified to match - * the new order. - */ -#define ASN1_TFLG_SET_ORDER (0x3 << 1) - -/* Mask for SET OF or SEQUENCE OF */ -#define ASN1_TFLG_SK_MASK (0x3 << 1) - -/* These flags mean the tag should be taken from the - * tag field. If EXPLICIT then the underlying type - * is used for the inner tag. - */ - -/* IMPLICIT tagging */ -#define ASN1_TFLG_IMPTAG (0x1 << 3) - - -/* EXPLICIT tagging, inner tag from underlying type */ -#define ASN1_TFLG_EXPTAG (0x2 << 3) - -#define ASN1_TFLG_TAG_MASK (0x3 << 3) - -/* context specific IMPLICIT */ -#define ASN1_TFLG_IMPLICIT ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT - -/* context specific EXPLICIT */ -#define ASN1_TFLG_EXPLICIT ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT - -/* - * If tagging is in force these determine the type of tag to use. Otherwiser - * the tag is determined by the underlying type. These values reflect the - * actual octet format. - */ - -/* Universal tag */ -#define ASN1_TFLG_UNIVERSAL (0x0<<6) -/* Application tag */ -#define ASN1_TFLG_APPLICATION (0x1<<6) -/* Context specific tag */ -#define ASN1_TFLG_CONTEXT (0x2<<6) -/* Private tag */ -#define ASN1_TFLG_PRIVATE (0x3<<6) - -#define ASN1_TFLG_TAG_CLASS (0x3<<6) - -/* - * These are for ANY DEFINED BY type. In this case - * the 'item' field points to an ASN1_ADB structure - * which contains a table of values to decode the - * relevant type - */ - -#define ASN1_TFLG_ADB_MASK (0x3<<8) - -#define ASN1_TFLG_ADB_OID (0x1<<8) - -#define ASN1_TFLG_ADB_INT (0x1<<9) - -/* - * This flag when present in a SEQUENCE OF, SET OF - * or EXPLICIT causes indefinite length constructed - * encoding to be used if required. - */ - -#define ASN1_TFLG_NDEF (0x1<<11) - -/* This is the actual ASN1 item itself */ - -struct ASN1_ITEM_st { - char itype; /* The item type, primitive, SEQUENCE, CHOICE or extern */ - long utype; /* underlying type */ - const ASN1_TEMPLATE *templates; /* If SEQUENCE or CHOICE this contains the contents */ - long tcount; /* Number of templates if SEQUENCE or CHOICE */ - const void *funcs; /* functions that handle this type */ - long size; /* Structure size (usually)*/ - const char *sname; /* Structure name */ -}; - -/* These are values for the itype field and - * determine how the type is interpreted. - * - * For PRIMITIVE types the underlying type - * determines the behaviour if items is NULL. - * - * Otherwise templates must contain a single - * template and the type is treated in the - * same way as the type specified in the template. - * - * For SEQUENCE types the templates field points - * to the members, the size field is the - * structure size. - * - * For CHOICE types the templates field points - * to each possible member (typically a union) - * and the 'size' field is the offset of the - * selector. - * - * The 'funcs' field is used for application - * specific functions. - * - * The EXTERN type uses a new style d2i/i2d. - * The new style should be used where possible - * because it avoids things like the d2i IMPLICIT - * hack. - * - * MSTRING is a multiple string type, it is used - * for a CHOICE of character strings where the - * actual strings all occupy an ASN1_STRING - * structure. In this case the 'utype' field - * has a special meaning, it is used as a mask - * of acceptable types using the B_ASN1 constants. - * - * NDEF_SEQUENCE is the same as SEQUENCE except - * that it will use indefinite length constructed - * encoding if requested. - * - */ - -#define ASN1_ITYPE_PRIMITIVE 0x0 - -#define ASN1_ITYPE_SEQUENCE 0x1 - -#define ASN1_ITYPE_CHOICE 0x2 - -#define ASN1_ITYPE_EXTERN 0x4 - -#define ASN1_ITYPE_MSTRING 0x5 - -#define ASN1_ITYPE_NDEF_SEQUENCE 0x6 - -/* Cache for ASN1 tag and length, so we - * don't keep re-reading it for things - * like CHOICE - */ - -struct ASN1_TLC_st { - char valid; /* Values below are valid */ - int ret; /* return value */ - long plen; /* length */ - int ptag; /* class value */ - int pclass; /* class value */ - int hdrlen; /* header length */ -}; - -/* Typedefs for ASN1 function pointers */ - -typedef ASN1_VALUE * ASN1_new_func(void); -typedef void ASN1_free_func(ASN1_VALUE *a); -typedef ASN1_VALUE * ASN1_d2i_func(ASN1_VALUE **a, const unsigned char ** in, long length); -typedef int ASN1_i2d_func(ASN1_VALUE * a, unsigned char **in); - -typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it, - int tag, int aclass, char opt, ASN1_TLC *ctx); - -typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); -typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it); -typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it); - -typedef int ASN1_ex_print_func(BIO *out, ASN1_VALUE **pval, - int indent, const char *fname, - const ASN1_PCTX *pctx); - -typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); -typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); -typedef int ASN1_primitive_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, const ASN1_PCTX *pctx); - -typedef struct ASN1_EXTERN_FUNCS_st { - void *app_data; - ASN1_ex_new_func *asn1_ex_new; - ASN1_ex_free_func *asn1_ex_free; - ASN1_ex_free_func *asn1_ex_clear; - ASN1_ex_d2i *asn1_ex_d2i; - ASN1_ex_i2d *asn1_ex_i2d; - ASN1_ex_print_func *asn1_ex_print; -} ASN1_EXTERN_FUNCS; - -typedef struct ASN1_PRIMITIVE_FUNCS_st { - void *app_data; - unsigned long flags; - ASN1_ex_new_func *prim_new; - ASN1_ex_free_func *prim_free; - ASN1_ex_free_func *prim_clear; - ASN1_primitive_c2i *prim_c2i; - ASN1_primitive_i2c *prim_i2c; - ASN1_primitive_print *prim_print; -} ASN1_PRIMITIVE_FUNCS; - -/* This is the ASN1_AUX structure: it handles various - * miscellaneous requirements. For example the use of - * reference counts and an informational callback. - * - * The "informational callback" is called at various - * points during the ASN1 encoding and decoding. It can - * be used to provide minor customisation of the structures - * used. This is most useful where the supplied routines - * *almost* do the right thing but need some extra help - * at a few points. If the callback returns zero then - * it is assumed a fatal error has occurred and the - * main operation should be abandoned. - * - * If major changes in the default behaviour are required - * then an external type is more appropriate. - */ - -typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it, - void *exarg); - -typedef struct ASN1_AUX_st { - void *app_data; - int flags; - int ref_offset; /* Offset of reference value */ - int ref_lock; /* Lock type to use */ - ASN1_aux_cb *asn1_cb; - int enc_offset; /* Offset of ASN1_ENCODING structure */ -} ASN1_AUX; - -/* For print related callbacks exarg points to this structure */ -typedef struct ASN1_PRINT_ARG_st { - BIO *out; - int indent; - const ASN1_PCTX *pctx; -} ASN1_PRINT_ARG; - -/* For streaming related callbacks exarg points to this structure */ -typedef struct ASN1_STREAM_ARG_st { - /* BIO to stream through */ - BIO *out; - /* BIO with filters appended */ - BIO *ndef_bio; - /* Streaming I/O boundary */ - unsigned char **boundary; -} ASN1_STREAM_ARG; - -/* Flags in ASN1_AUX */ - -/* Use a reference count */ -#define ASN1_AFLG_REFCOUNT 1 -/* Save the encoding of structure (useful for signatures) */ -#define ASN1_AFLG_ENCODING 2 - -/* operation values for asn1_cb */ - -#define ASN1_OP_NEW_PRE 0 -#define ASN1_OP_NEW_POST 1 -#define ASN1_OP_FREE_PRE 2 -#define ASN1_OP_FREE_POST 3 -#define ASN1_OP_D2I_PRE 4 -#define ASN1_OP_D2I_POST 5 -#define ASN1_OP_I2D_PRE 6 -#define ASN1_OP_I2D_POST 7 -#define ASN1_OP_PRINT_PRE 8 -#define ASN1_OP_PRINT_POST 9 -#define ASN1_OP_STREAM_PRE 10 -#define ASN1_OP_STREAM_POST 11 -#define ASN1_OP_DETACHED_PRE 12 -#define ASN1_OP_DETACHED_POST 13 - -#ifndef LIBRESSL_INTERNAL - -/* Macro to implement a primitive type */ -#define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0) -#define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) \ - ASN1_ITEM_start(itname) \ - ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname \ - ASN1_ITEM_end(itname) - -/* Macro to implement a multi string type */ -#define IMPLEMENT_ASN1_MSTRING(itname, mask) \ - ASN1_ITEM_start(itname) \ - ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname \ - ASN1_ITEM_end(itname) -#define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \ - ASN1_ITEM_start(sname) \ - ASN1_ITYPE_EXTERN, \ - tag, \ - NULL, \ - 0, \ - &fptrs, \ - 0, \ - #sname \ - ASN1_ITEM_end(sname) - -/* Macro to implement standard functions in terms of ASN1_ITEM structures */ - -#define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname) - -#define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname) - -#define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \ - IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname) - -#define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \ - IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname) - -#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \ - IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname) - -#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \ - pre stname *fname##_new(void) \ - { \ - return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \ - } \ - pre void fname##_free(stname *a) \ - { \ - ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \ - } - -#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \ - stname *fname##_new(void) \ - { \ - return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \ - } \ - void fname##_free(stname *a) \ - { \ - ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \ - } - -#define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \ - IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \ - IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) - -#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \ - stname *d2i_##fname(stname **a, const unsigned char **in, long len) \ - { \ - return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\ - } \ - int i2d_##fname(stname *a, unsigned char **out) \ - { \ - return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\ - } - -#define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \ - int i2d_##stname##_NDEF(stname *a, unsigned char **out) \ - { \ - return ASN1_item_ndef_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\ - } - -/* This includes evil casts to remove const: they will go away when full - * ASN1 constification is done. - */ -#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \ - stname *d2i_##fname(stname **a, const unsigned char **in, long len) \ - { \ - return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\ - } \ - int i2d_##fname(const stname *a, unsigned char **out) \ - { \ - return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\ - } - -#define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \ - stname * stname##_dup(stname *x) \ - { \ - return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \ - } - -#define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \ - IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname) - -#define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \ - int fname##_print_ctx(BIO *out, stname *x, int indent, \ - const ASN1_PCTX *pctx) \ - { \ - return ASN1_item_print(out, (ASN1_VALUE *)x, indent, \ - ASN1_ITEM_rptr(itname), pctx); \ - } - -#define IMPLEMENT_ASN1_FUNCTIONS_const(name) \ - IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name) - -#define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \ - IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \ - IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) - -#endif /* !LIBRESSL_INTERNAL */ - -/* external definitions for primitive types */ - -extern const ASN1_ITEM ASN1_BOOLEAN_it; -extern const ASN1_ITEM ASN1_TBOOLEAN_it; -extern const ASN1_ITEM ASN1_FBOOLEAN_it; -extern const ASN1_ITEM ASN1_SEQUENCE_it; -extern const ASN1_ITEM BIGNUM_it; -extern const ASN1_ITEM LONG_it; -extern const ASN1_ITEM ZLONG_it; -extern const ASN1_ITEM CBIGNUM_it; - -DECLARE_STACK_OF(ASN1_VALUE) - -/* Functions used internally by the ASN1 code */ - -int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it); -void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it); -int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it, - int tag, int aclass, char opt, ASN1_TLC *ctx); - -int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/asn1/asn_mime.c b/src/lib/libcrypto/asn1/asn_mime.c deleted file mode 100644 index 3995fc547c..0000000000 --- a/src/lib/libcrypto/asn1/asn_mime.c +++ /dev/null @@ -1,1011 +0,0 @@ -/* $OpenBSD: asn_mime.c,v 1.35 2025/01/17 05:02:18 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - */ - -#include -#include -#include -#include - -#include -#include -#include -#include - -#include "asn1_local.h" -#include "evp_local.h" - -/* Generalised MIME like utilities for streaming ASN1. Although many - * have a PKCS7/CMS like flavour others are more general purpose. - */ - -/* MIME format structures - * Note that all are translated to lower case apart from - * parameter values. Quotes are stripped off - */ - -typedef struct { - char *param_name; /* Param name e.g. "micalg" */ - char *param_value; /* Param value e.g. "sha1" */ -} MIME_PARAM; - -DECLARE_STACK_OF(MIME_PARAM) - -typedef struct { - char *name; /* Name of line e.g. "content-type" */ - char *value; /* Value of line e.g. "text/plain" */ - STACK_OF(MIME_PARAM) *params; /* Zero or more parameters */ -} MIME_HEADER; - -DECLARE_STACK_OF(MIME_HEADER) - -static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags, - const ASN1_ITEM *it); -static char * strip_ends(char *name); -static char * strip_start(char *name); -static char * strip_end(char *name); -static MIME_HEADER *mime_hdr_new(char *name, char *value); -static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value); -static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio); -static int mime_hdr_cmp(const MIME_HEADER * const *a, - const MIME_HEADER * const *b); -static int mime_param_cmp(const MIME_PARAM * const *a, - const MIME_PARAM * const *b); -static void mime_param_free(MIME_PARAM *param); -static int mime_bound_check(char *line, int linelen, char *bound, int blen); -static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret); -static int strip_eol(char *linebuf, int *plen); -static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name); -static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name); -static void mime_hdr_free(MIME_HEADER *hdr); - -#define MAX_SMLEN 1024 - -/* Output an ASN1 structure in BER format streaming if necessary */ - -int -i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags, - const ASN1_ITEM *it) -{ - BIO *bio, *tbio; - int ret; - - /* Without streaming, write out the ASN.1 structure's content. */ - if ((flags & SMIME_STREAM) == 0) - return ASN1_item_i2d_bio(it, out, val); - - /* If streaming, create a stream BIO and copy all content through it. */ - if ((bio = BIO_new_NDEF(out, val, it)) == NULL) { - ASN1error(ERR_R_MALLOC_FAILURE); - return 0; - } - - ret = SMIME_crlf_copy(in, bio, flags); - (void)BIO_flush(bio); - - /* Free up successive BIOs until we hit the old output BIO. */ - do { - tbio = BIO_pop(bio); - BIO_free(bio); - bio = tbio; - } while (bio != out); - - return ret; -} - -/* Base 64 read and write of ASN1 structure */ - -static int -B64_write_ASN1(BIO *out, ASN1_VALUE *val, BIO *in, int flags, - const ASN1_ITEM *it) -{ - BIO *b64; - int r; - - b64 = BIO_new(BIO_f_base64()); - if (!b64) { - ASN1error(ERR_R_MALLOC_FAILURE); - return 0; - } - /* prepend the b64 BIO so all data is base64 encoded. - */ - out = BIO_push(b64, out); - r = i2d_ASN1_bio_stream(out, val, in, flags, it); - (void)BIO_flush(out); - BIO_pop(out); - BIO_free(b64); - return r; -} - -/* Streaming ASN1 PEM write */ - -int -PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags, - const char *hdr, const ASN1_ITEM *it) -{ - int r; - - BIO_printf(out, "-----BEGIN %s-----\n", hdr); - r = B64_write_ASN1(out, val, in, flags, it); - BIO_printf(out, "-----END %s-----\n", hdr); - return r; -} - -static ASN1_VALUE * -b64_read_asn1(BIO *bio, const ASN1_ITEM *it) -{ - BIO *b64; - ASN1_VALUE *val; - if (!(b64 = BIO_new(BIO_f_base64()))) { - ASN1error(ERR_R_MALLOC_FAILURE); - return 0; - } - bio = BIO_push(b64, bio); - val = ASN1_item_d2i_bio(it, bio, NULL); - if (!val) - ASN1error(ASN1_R_DECODE_ERROR); - (void)BIO_flush(bio); - bio = BIO_pop(bio); - BIO_free(b64); - return val; -} - -/* Generate the MIME "micalg" parameter from RFC3851, RFC4490 */ - -static int -asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs) -{ - const EVP_MD *md; - int i, have_unknown = 0, write_comma, ret = 0, md_nid; - - have_unknown = 0; - write_comma = 0; - for (i = 0; i < sk_X509_ALGOR_num(mdalgs); i++) { - if (write_comma) - BIO_write(out, ",", 1); - write_comma = 1; - md_nid = OBJ_obj2nid(sk_X509_ALGOR_value(mdalgs, i)->algorithm); - md = EVP_get_digestbynid(md_nid); - if (md && md->md_ctrl) { - int rv; - char *micstr; - rv = md->md_ctrl(NULL, EVP_MD_CTRL_MICALG, 0, &micstr); - if (rv > 0) { - BIO_puts(out, micstr); - free(micstr); - continue; - } - if (rv != -2) - goto err; - } - switch (md_nid) { - case NID_sha1: - BIO_puts(out, "sha1"); - break; - - case NID_md5: - BIO_puts(out, "md5"); - break; - - case NID_sha256: - BIO_puts(out, "sha-256"); - break; - - case NID_sha384: - BIO_puts(out, "sha-384"); - break; - - case NID_sha512: - BIO_puts(out, "sha-512"); - break; - - case NID_id_GostR3411_94: - BIO_puts(out, "gostr3411-94"); - goto err; - break; - - default: - if (have_unknown) - write_comma = 0; - else { - BIO_puts(out, "unknown"); - have_unknown = 1; - } - break; - - } - } - - ret = 1; - - err: - return ret; -} - -/* SMIME sender */ - -int -SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, - int ctype_nid, int econt_nid, STACK_OF(X509_ALGOR) *mdalgs, - const ASN1_ITEM *it) -{ - char bound[33], c; - int i; - const char *mime_prefix, *mime_eol, *cname = "smime.p7m"; - const char *msg_type = NULL; - - if (flags & SMIME_OLDMIME) - mime_prefix = "application/x-pkcs7-"; - else - mime_prefix = "application/pkcs7-"; - - if (flags & SMIME_CRLFEOL) - mime_eol = "\r\n"; - else - mime_eol = "\n"; - if ((flags & SMIME_DETACHED) && data) { - /* We want multipart/signed */ - /* Generate a random boundary */ - arc4random_buf(bound, 32); - for (i = 0; i < 32; i++) { - c = bound[i] & 0xf; - if (c < 10) - c += '0'; - else - c += 'A' - 10; - bound[i] = c; - } - bound[32] = 0; - BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol); - BIO_printf(bio, "Content-Type: multipart/signed;"); - BIO_printf(bio, " protocol=\"%ssignature\";", mime_prefix); - BIO_puts(bio, " micalg=\""); - asn1_write_micalg(bio, mdalgs); - BIO_printf(bio, "\"; boundary=\"----%s\"%s%s", - bound, mime_eol, mime_eol); - BIO_printf(bio, "This is an S/MIME signed message%s%s", - mime_eol, mime_eol); - /* Now write out the first part */ - BIO_printf(bio, "------%s%s", bound, mime_eol); - if (!asn1_output_data(bio, data, val, flags, it)) - return 0; - BIO_printf(bio, "%s------%s%s", mime_eol, bound, mime_eol); - - /* Headers for signature */ - - BIO_printf(bio, "Content-Type: %ssignature;", mime_prefix); - BIO_printf(bio, " name=\"smime.p7s\"%s", mime_eol); - BIO_printf(bio, "Content-Transfer-Encoding: base64%s", - mime_eol); - BIO_printf(bio, "Content-Disposition: attachment;"); - BIO_printf(bio, " filename=\"smime.p7s\"%s%s", - mime_eol, mime_eol); - B64_write_ASN1(bio, val, NULL, 0, it); - BIO_printf(bio, "%s------%s--%s%s", mime_eol, bound, - mime_eol, mime_eol); - return 1; - } - - /* Determine smime-type header */ - - if (ctype_nid == NID_pkcs7_enveloped) - msg_type = "enveloped-data"; - else if (ctype_nid == NID_pkcs7_signed) { - if (econt_nid == NID_id_smime_ct_receipt) - msg_type = "signed-receipt"; - else if (sk_X509_ALGOR_num(mdalgs) >= 0) - msg_type = "signed-data"; - else - msg_type = "certs-only"; - } else if (ctype_nid == NID_id_smime_ct_compressedData) { - msg_type = "compressed-data"; - cname = "smime.p7z"; - } - /* MIME headers */ - BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol); - BIO_printf(bio, "Content-Disposition: attachment;"); - BIO_printf(bio, " filename=\"%s\"%s", cname, mime_eol); - BIO_printf(bio, "Content-Type: %smime;", mime_prefix); - if (msg_type) - BIO_printf(bio, " smime-type=%s;", msg_type); - BIO_printf(bio, " name=\"%s\"%s", cname, mime_eol); - BIO_printf(bio, "Content-Transfer-Encoding: base64%s%s", - mime_eol, mime_eol); - if (!B64_write_ASN1(bio, val, data, flags, it)) - return 0; - BIO_printf(bio, "%s", mime_eol); - return 1; -} - -/* Handle output of ASN1 data */ - - -static int -asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags, - const ASN1_ITEM *it) -{ - BIO *tmpbio; - const ASN1_AUX *aux = it->funcs; - ASN1_STREAM_ARG sarg; - int rv = 1; - - /* - * If data is not detached or resigning then the output BIO is - * already set up to finalise when it is written through. - */ - if (!(flags & SMIME_DETACHED) || (flags & PKCS7_REUSE_DIGEST)) { - SMIME_crlf_copy(data, out, flags); - return 1; - } - - if (!aux || !aux->asn1_cb) { - ASN1error(ASN1_R_STREAMING_NOT_SUPPORTED); - return 0; - } - - sarg.out = out; - sarg.ndef_bio = NULL; - sarg.boundary = NULL; - - /* Let ASN1 code prepend any needed BIOs */ - - if (aux->asn1_cb(ASN1_OP_DETACHED_PRE, &val, it, &sarg) <= 0) - return 0; - - /* Copy data across, passing through filter BIOs for processing */ - SMIME_crlf_copy(data, sarg.ndef_bio, flags); - - /* Finalize structure */ - if (aux->asn1_cb(ASN1_OP_DETACHED_POST, &val, it, &sarg) <= 0) - rv = 0; - - /* Now remove any digests prepended to the BIO */ - - while (sarg.ndef_bio != out) { - tmpbio = BIO_pop(sarg.ndef_bio); - BIO_free(sarg.ndef_bio); - sarg.ndef_bio = tmpbio; - } - - return rv; -} - -/* SMIME reader: handle multipart/signed and opaque signing. - * in multipart case the content is placed in a memory BIO - * pointed to by "bcont". In opaque this is set to NULL - */ - -ASN1_VALUE * -SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it) -{ - BIO *asnin; - STACK_OF(MIME_HEADER) *headers = NULL; - STACK_OF(BIO) *parts = NULL; - MIME_HEADER *hdr; - MIME_PARAM *prm; - ASN1_VALUE *val; - int ret; - - if (bcont) - *bcont = NULL; - - if (!(headers = mime_parse_hdr(bio))) { - ASN1error(ASN1_R_MIME_PARSE_ERROR); - return NULL; - } - - if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) { - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - ASN1error(ASN1_R_NO_CONTENT_TYPE); - return NULL; - } - - /* Handle multipart/signed */ - - if (!strcmp(hdr->value, "multipart/signed")) { - /* Split into two parts */ - prm = mime_param_find(hdr, "boundary"); - if (!prm || !prm->param_value) { - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - ASN1error(ASN1_R_NO_MULTIPART_BOUNDARY); - return NULL; - } - ret = multi_split(bio, prm->param_value, &parts); - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - if (!ret || (sk_BIO_num(parts) != 2) ) { - ASN1error(ASN1_R_NO_MULTIPART_BODY_FAILURE); - sk_BIO_pop_free(parts, BIO_vfree); - return NULL; - } - - /* Parse the signature piece */ - asnin = sk_BIO_value(parts, 1); - - if (!(headers = mime_parse_hdr(asnin))) { - ASN1error(ASN1_R_MIME_SIG_PARSE_ERROR); - sk_BIO_pop_free(parts, BIO_vfree); - return NULL; - } - - /* Get content type */ - - if (!(hdr = mime_hdr_find(headers, "content-type")) || - !hdr->value) { - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - sk_BIO_pop_free(parts, BIO_vfree); - ASN1error(ASN1_R_NO_SIG_CONTENT_TYPE); - return NULL; - } - - if (strcmp(hdr->value, "application/x-pkcs7-signature") && - strcmp(hdr->value, "application/pkcs7-signature")) { - ASN1error(ASN1_R_SIG_INVALID_MIME_TYPE); - ERR_asprintf_error_data("type: %s", hdr->value); - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - sk_BIO_pop_free(parts, BIO_vfree); - return NULL; - } - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - /* Read in ASN1 */ - if (!(val = b64_read_asn1(asnin, it))) { - ASN1error(ASN1_R_ASN1_SIG_PARSE_ERROR); - sk_BIO_pop_free(parts, BIO_vfree); - return NULL; - } - - if (bcont) { - *bcont = sk_BIO_value(parts, 0); - BIO_free(asnin); - sk_BIO_free(parts); - } else sk_BIO_pop_free(parts, BIO_vfree); - return val; - } - - /* OK, if not multipart/signed try opaque signature */ - - if (strcmp (hdr->value, "application/x-pkcs7-mime") && - strcmp (hdr->value, "application/pkcs7-mime")) { - ASN1error(ASN1_R_INVALID_MIME_TYPE); - ERR_asprintf_error_data("type: %s", hdr->value); - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - return NULL; - } - - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - - if (!(val = b64_read_asn1(bio, it))) { - ASN1error(ASN1_R_ASN1_PARSE_ERROR); - return NULL; - } - return val; -} - -/* Copy text from one BIO to another making the output CRLF at EOL */ -int -SMIME_crlf_copy(BIO *in, BIO *out, int flags) -{ - BIO *bf; - char eol; - int len; - char linebuf[MAX_SMLEN]; - - /* Buffer output so we don't write one line at a time. This is - * useful when streaming as we don't end up with one OCTET STRING - * per line. - */ - bf = BIO_new(BIO_f_buffer()); - if (!bf) - return 0; - out = BIO_push(bf, out); - if (flags & SMIME_BINARY) { - while ((len = BIO_read(in, linebuf, MAX_SMLEN)) > 0) - BIO_write(out, linebuf, len); - } else { - if (flags & SMIME_TEXT) - BIO_printf(out, "Content-Type: text/plain\r\n\r\n"); - while ((len = BIO_gets(in, linebuf, MAX_SMLEN)) > 0) { - eol = strip_eol(linebuf, &len); - if (len) - BIO_write(out, linebuf, len); - if (eol) - BIO_write(out, "\r\n", 2); - } - } - (void)BIO_flush(out); - BIO_pop(out); - BIO_free(bf); - return 1; -} -LCRYPTO_ALIAS(SMIME_crlf_copy); - -/* Strip off headers if they are text/plain */ -int -SMIME_text(BIO *in, BIO *out) -{ - char iobuf[4096]; - int len; - STACK_OF(MIME_HEADER) *headers; - MIME_HEADER *hdr; - - if (!(headers = mime_parse_hdr(in))) { - ASN1error(ASN1_R_MIME_PARSE_ERROR); - return 0; - } - if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) { - ASN1error(ASN1_R_MIME_NO_CONTENT_TYPE); - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - return 0; - } - if (strcmp (hdr->value, "text/plain")) { - ASN1error(ASN1_R_INVALID_MIME_TYPE); - ERR_asprintf_error_data("type: %s", hdr->value); - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - return 0; - } - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - while ((len = BIO_read(in, iobuf, sizeof(iobuf))) > 0) - BIO_write(out, iobuf, len); - if (len < 0) - return 0; - return 1; -} -LCRYPTO_ALIAS(SMIME_text); - -/* - * Split a multipart/XXX message body into component parts: result is - * canonical parts in a STACK of bios - */ -static int -multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret) -{ - char linebuf[MAX_SMLEN]; - int len, blen; - int eol = 0, next_eol = 0; - BIO *bpart = NULL; - STACK_OF(BIO) *parts; - char state, part, first; - - blen = strlen(bound); - part = 0; - state = 0; - first = 1; - parts = sk_BIO_new_null(); - *ret = parts; - if (parts == NULL) - return 0; - while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) { - state = mime_bound_check(linebuf, len, bound, blen); - if (state == 1) { - first = 1; - part++; - } else if (state == 2) { - if (sk_BIO_push(parts, bpart) == 0) - return 0; - return 1; - } else if (part) { - /* Strip CR+LF from linebuf */ - next_eol = strip_eol(linebuf, &len); - if (first) { - first = 0; - if (bpart != NULL) { - if (sk_BIO_push(parts, bpart) == 0) - return 0; - } - bpart = BIO_new(BIO_s_mem()); - if (bpart == NULL) - return 0; - BIO_set_mem_eof_return(bpart, 0); - } else if (eol) - BIO_write(bpart, "\r\n", 2); - eol = next_eol; - if (len) - BIO_write(bpart, linebuf, len); - } - } - BIO_free(bpart); - return 0; -} - -/* This is the big one: parse MIME header lines up to message body */ - -#define MIME_INVALID 0 -#define MIME_START 1 -#define MIME_TYPE 2 -#define MIME_NAME 3 -#define MIME_VALUE 4 -#define MIME_QUOTE 5 -#define MIME_COMMENT 6 - -static STACK_OF(MIME_HEADER) * -mime_parse_hdr(BIO *bio) -{ - char *p, *q, c; - char *ntmp; - char linebuf[MAX_SMLEN]; - MIME_HEADER *mhdr = NULL; - STACK_OF(MIME_HEADER) *headers; - int len, state, save_state = 0; - - headers = sk_MIME_HEADER_new(mime_hdr_cmp); - if (!headers) - return NULL; - while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) { - /* If whitespace at line start then continuation line */ - if (mhdr && isspace((unsigned char)linebuf[0])) - state = MIME_NAME; - else - state = MIME_START; - ntmp = NULL; - - /* Go through all characters */ - for (p = linebuf, q = linebuf; - (c = *p) && (c != '\r') && (c != '\n'); p++) { - - /* State machine to handle MIME headers - * if this looks horrible that's because it *is* - */ - - switch (state) { - case MIME_START: - if (c == ':') { - state = MIME_TYPE; - *p = 0; - ntmp = strip_ends(q); - q = p + 1; - } - break; - - case MIME_TYPE: - if (c == ';') { - *p = 0; - mhdr = mime_hdr_new(ntmp, - strip_ends(q)); - if (mhdr == NULL) - goto merr; - if (sk_MIME_HEADER_push(headers, - mhdr) == 0) - goto merr; - ntmp = NULL; - q = p + 1; - state = MIME_NAME; - } else if (c == '(') { - save_state = state; - state = MIME_COMMENT; - } - break; - - case MIME_COMMENT: - if (c == ')') { - state = save_state; - } - break; - - case MIME_NAME: - if (c == '=') { - state = MIME_VALUE; - *p = 0; - ntmp = strip_ends(q); - q = p + 1; - } - break; - - case MIME_VALUE: - if (c == ';') { - state = MIME_NAME; - *p = 0; - mime_hdr_addparam(mhdr, ntmp, - strip_ends(q)); - ntmp = NULL; - q = p + 1; - } else if (c == '"') { - state = MIME_QUOTE; - } else if (c == '(') { - save_state = state; - state = MIME_COMMENT; - } - break; - - case MIME_QUOTE: - if (c == '"') { - state = MIME_VALUE; - } - break; - } - } - - if (state == MIME_TYPE) { - mhdr = mime_hdr_new(ntmp, strip_ends(q)); - if (mhdr == NULL) - goto merr; - if (sk_MIME_HEADER_push(headers, mhdr) == 0) - goto merr; - } else if (state == MIME_VALUE) - mime_hdr_addparam(mhdr, ntmp, strip_ends(q)); - - if (p == linebuf) - break; /* Blank line means end of headers */ - } - - return headers; - - merr: - if (mhdr != NULL) - mime_hdr_free(mhdr); - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - return NULL; -} - -static char * -strip_ends(char *name) -{ - return strip_end(strip_start(name)); -} - -/* Strip a parameter of whitespace from start of param */ -static char * -strip_start(char *name) -{ - char *p, c; - - /* Look for first non white space or quote */ - for (p = name; (c = *p); p++) { - if (c == '"') { - /* Next char is start of string if non null */ - if (p[1]) - return p + 1; - /* Else null string */ - return NULL; - } - if (!isspace((unsigned char)c)) - return p; - } - return NULL; -} - -/* As above but strip from end of string : maybe should handle brackets? */ -static char * -strip_end(char *name) -{ - char *p, c; - - if (!name) - return NULL; - - /* Look for first non white space or quote */ - for (p = name + strlen(name) - 1; p >= name; p--) { - c = *p; - if (c == '"') { - if (p - 1 == name) - return NULL; - *p = 0; - return name; - } - if (isspace((unsigned char)c)) - *p = 0; - else - return name; - } - return NULL; -} - -static MIME_HEADER * -mime_hdr_new(char *name, char *value) -{ - MIME_HEADER *mhdr; - char *tmpname = NULL, *tmpval = NULL, *p; - - if (name) { - if (!(tmpname = strdup(name))) - goto err; - for (p = tmpname; *p; p++) - *p = tolower((unsigned char)*p); - } - if (value) { - if (!(tmpval = strdup(value))) - goto err; - for (p = tmpval; *p; p++) - *p = tolower((unsigned char)*p); - } - mhdr = malloc(sizeof(MIME_HEADER)); - if (!mhdr) - goto err; - mhdr->name = tmpname; - mhdr->value = tmpval; - if (!(mhdr->params = sk_MIME_PARAM_new(mime_param_cmp))) { - free(mhdr); - goto err; - } - return mhdr; - err: - free(tmpname); - free(tmpval); - return NULL; -} - -static int -mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value) -{ - char *tmpname = NULL, *tmpval = NULL, *p; - MIME_PARAM *mparam; - - if (name) { - tmpname = strdup(name); - if (!tmpname) - goto err; - for (p = tmpname; *p; p++) - *p = tolower((unsigned char)*p); - } - if (value) { - tmpval = strdup(value); - if (!tmpval) - goto err; - } - /* Parameter values are case sensitive so leave as is */ - mparam = malloc(sizeof(MIME_PARAM)); - if (!mparam) - goto err; - mparam->param_name = tmpname; - mparam->param_value = tmpval; - if (sk_MIME_PARAM_push(mhdr->params, mparam) == 0) { - free(mparam); - goto err; - } - return 1; - err: - free(tmpname); - free(tmpval); - return 0; -} - -static int -mime_hdr_cmp(const MIME_HEADER * const *a, const MIME_HEADER * const *b) -{ - if (!(*a)->name || !(*b)->name) - return !!(*a)->name - !!(*b)->name; - return (strcmp((*a)->name, (*b)->name)); -} - -static int -mime_param_cmp(const MIME_PARAM * const *a, const MIME_PARAM * const *b) -{ - if (!(*a)->param_name || !(*b)->param_name) - return !!(*a)->param_name - !!(*b)->param_name; - return (strcmp((*a)->param_name, (*b)->param_name)); -} - -/* Find a header with a given name (if possible) */ - -static MIME_HEADER * -mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name) -{ - MIME_HEADER htmp; - int idx; - htmp.name = name; - idx = sk_MIME_HEADER_find(hdrs, &htmp); - if (idx < 0) - return NULL; - return sk_MIME_HEADER_value(hdrs, idx); -} - -static MIME_PARAM * -mime_param_find(MIME_HEADER *hdr, char *name) -{ - MIME_PARAM param; - int idx; - param.param_name = name; - idx = sk_MIME_PARAM_find(hdr->params, ¶m); - if (idx < 0) - return NULL; - return sk_MIME_PARAM_value(hdr->params, idx); -} - -static void -mime_hdr_free(MIME_HEADER *hdr) -{ - free(hdr->name); - free(hdr->value); - if (hdr->params) - sk_MIME_PARAM_pop_free(hdr->params, mime_param_free); - free(hdr); -} - -static void -mime_param_free(MIME_PARAM *param) -{ - free(param->param_name); - free(param->param_value); - free(param); -} - -/* Check for a multipart boundary. Returns: - * 0 : no boundary - * 1 : part boundary - * 2 : final boundary - */ -static int -mime_bound_check(char *line, int linelen, char *bound, int blen) -{ - if (linelen == -1) - linelen = strlen(line); - if (blen == -1) - blen = strlen(bound); - /* Quickly eliminate if line length too short */ - if (blen + 2 > linelen) - return 0; - /* Check for part boundary */ - if (!strncmp(line, "--", 2) && !strncmp(line + 2, bound, blen)) { - if (!strncmp(line + blen + 2, "--", 2)) - return 2; - else - return 1; - } - return 0; -} - -static int -strip_eol(char *linebuf, int *plen) -{ - int len = *plen; - char *p, c; - int is_eol = 0; - - for (p = linebuf + len - 1; len > 0; len--, p--) { - c = *p; - if (c == '\n') - is_eol = 1; - else if (c != '\r') - break; - } - *plen = len; - return is_eol; -} diff --git a/src/lib/libcrypto/asn1/asn_moid.c b/src/lib/libcrypto/asn1/asn_moid.c deleted file mode 100644 index e3c7d09446..0000000000 --- a/src/lib/libcrypto/asn1/asn_moid.c +++ /dev/null @@ -1,161 +0,0 @@ -/* $OpenBSD: asn_moid.c,v 1.18 2024/08/31 09:26:18 tb Exp $ */ -/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL - * project 2001. - */ -/* ==================================================================== - * Copyright (c) 2001-2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include - -#include -#include -#include -#include - -#include "asn1_local.h" -#include "conf_local.h" - -/* Simple ASN1 OID module: add all objects in a given section */ - -static int do_create(char *value, char *name); - -static int -oid_module_init(CONF_IMODULE *md, const CONF *cnf) -{ - int i; - const char *oid_section; - STACK_OF(CONF_VALUE) *sktmp; - CONF_VALUE *oval; - - oid_section = CONF_imodule_get_value(md); - if (!(sktmp = NCONF_get_section(cnf, oid_section))) { - ASN1error(ASN1_R_ERROR_LOADING_SECTION); - return 0; - } - for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) { - oval = sk_CONF_VALUE_value(sktmp, i); - if (!do_create(oval->value, oval->name)) { - ASN1error(ASN1_R_ADDING_OBJECT); - return 0; - } - } - return 1; -} - -static void -oid_module_finish(CONF_IMODULE *md) -{ - OBJ_cleanup(); -} - -void -ASN1_add_oid_module(void) -{ - CONF_module_add("oid_section", oid_module_init, oid_module_finish); -} - -/* Create an OID based on a name value pair. Accept two formats. - * shortname = 1.2.3.4 - * shortname = some long name, 1.2.3.4 - */ - -static int -do_create(char *value, char *name) -{ - int nid; - ASN1_OBJECT *oid; - char *ln, *ostr, *p, *lntmp; - - p = strrchr(value, ','); - if (!p) { - ln = name; - ostr = value; - } else { - ln = NULL; - ostr = p + 1; - if (!*ostr) - return 0; - while (isspace((unsigned char)*ostr)) - ostr++; - } - - nid = OBJ_create(ostr, name, ln); - - if (nid == NID_undef) - return 0; - - if (p) { - ln = value; - while (isspace((unsigned char)*ln)) - ln++; - p--; - while (isspace((unsigned char)*p)) { - if (p == ln) - return 0; - p--; - } - p++; - lntmp = malloc((p - ln) + 1); - if (lntmp == NULL) - return 0; - memcpy(lntmp, ln, p - ln); - lntmp[p - ln] = 0; - oid = OBJ_nid2obj(nid); - oid->ln = lntmp; - } - - return 1; -} diff --git a/src/lib/libcrypto/asn1/bio_asn1.c b/src/lib/libcrypto/asn1/bio_asn1.c deleted file mode 100644 index b9f54cd4ef..0000000000 --- a/src/lib/libcrypto/asn1/bio_asn1.c +++ /dev/null @@ -1,453 +0,0 @@ -/* $OpenBSD: bio_asn1.c,v 1.23 2023/07/28 09:58:30 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* Experimental ASN1 BIO. When written through the data is converted - * to an ASN1 string type: default is OCTET STRING. Additional functions - * can be provided to add prefix and suffix data. - */ - -#include -#include - -#include -#include - -#include "bio_local.h" - -#define BIO_C_SET_PREFIX 149 -#define BIO_C_SET_SUFFIX 151 - -/* Must be large enough for biggest tag+length */ -#define DEFAULT_ASN1_BUF_SIZE 20 - -typedef enum { - ASN1_STATE_START, - ASN1_STATE_PRE_COPY, - ASN1_STATE_HEADER, - ASN1_STATE_HEADER_COPY, - ASN1_STATE_DATA_COPY, - ASN1_STATE_POST_COPY, - ASN1_STATE_DONE -} asn1_bio_state_t; - -typedef struct BIO_ASN1_EX_FUNCS_st { - asn1_ps_func *ex_func; - asn1_ps_func *ex_free_func; -} BIO_ASN1_EX_FUNCS; - -typedef struct BIO_ASN1_BUF_CTX_t { - /* Internal state */ - asn1_bio_state_t state; - /* Internal buffer */ - unsigned char *buf; - /* Size of buffer */ - int bufsize; - /* Current position in buffer */ - int bufpos; - /* Current buffer length */ - int buflen; - /* Amount of data to copy */ - int copylen; - /* Class and tag to use */ - int asn1_class, asn1_tag; - asn1_ps_func *prefix, *prefix_free, *suffix, *suffix_free; - /* Extra buffer for prefix and suffix data */ - unsigned char *ex_buf; - int ex_len; - int ex_pos; - void *ex_arg; -} BIO_ASN1_BUF_CTX; - - -static int asn1_bio_write(BIO *h, const char *buf, int num); -static int asn1_bio_read(BIO *h, char *buf, int size); -static int asn1_bio_puts(BIO *h, const char *str); -static int asn1_bio_gets(BIO *h, char *str, int size); -static long asn1_bio_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int asn1_bio_new(BIO *h); -static int asn1_bio_free(BIO *data); -static long asn1_bio_callback_ctrl(BIO *h, int cmd, BIO_info_cb *fp); - -static int asn1_bio_flush_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx, - asn1_ps_func *cleanup, asn1_bio_state_t next); -static int asn1_bio_setup_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx, - asn1_ps_func *setup, asn1_bio_state_t ex_state, - asn1_bio_state_t other_state); - -static const BIO_METHOD methods_asn1 = { - .type = BIO_TYPE_ASN1, - .name = "asn1", - .bwrite = asn1_bio_write, - .bread = asn1_bio_read, - .bputs = asn1_bio_puts, - .bgets = asn1_bio_gets, - .ctrl = asn1_bio_ctrl, - .create = asn1_bio_new, - .destroy = asn1_bio_free, - .callback_ctrl = asn1_bio_callback_ctrl -}; - -const BIO_METHOD * -BIO_f_asn1(void) -{ - return (&methods_asn1); -} - -static int -asn1_bio_new(BIO *b) -{ - BIO_ASN1_BUF_CTX *ctx; - - if ((ctx = calloc(1, sizeof(*ctx))) == NULL) - return 0; - - if ((ctx->buf = malloc(DEFAULT_ASN1_BUF_SIZE)) == NULL) { - free(ctx); - return 0; - } - ctx->bufsize = DEFAULT_ASN1_BUF_SIZE; - ctx->asn1_class = V_ASN1_UNIVERSAL; - ctx->asn1_tag = V_ASN1_OCTET_STRING; - ctx->state = ASN1_STATE_START; - - b->init = 1; - b->ptr = ctx; - b->flags = 0; - - return 1; -} - -static int -asn1_bio_free(BIO *b) -{ - BIO_ASN1_BUF_CTX *ctx = b->ptr; - - if (ctx == NULL) - return 0; - - if (ctx->prefix_free != NULL) - ctx->prefix_free(b, &ctx->ex_buf, &ctx->ex_len, &ctx->ex_arg); - if (ctx->suffix_free != NULL) - ctx->suffix_free(b, &ctx->ex_buf, &ctx->ex_len, &ctx->ex_arg); - - free(ctx->buf); - free(ctx); - b->init = 0; - b->ptr = NULL; - b->flags = 0; - return 1; -} - -static int -asn1_bio_write(BIO *b, const char *in , int inl) -{ - BIO_ASN1_BUF_CTX *ctx; - int wrmax, wrlen, ret, buflen; - unsigned char *p; - - if (!in || (inl < 0) || (b->next_bio == NULL)) - return 0; - - if ((ctx = b->ptr) == NULL) - return 0; - - wrlen = 0; - ret = -1; - - for (;;) { - switch (ctx->state) { - - /* Setup prefix data, call it */ - case ASN1_STATE_START: - if (!asn1_bio_setup_ex(b, ctx, ctx->prefix, - ASN1_STATE_PRE_COPY, ASN1_STATE_HEADER)) - return 0; - break; - - /* Copy any pre data first */ - case ASN1_STATE_PRE_COPY: - ret = asn1_bio_flush_ex(b, ctx, ctx->prefix_free, - ASN1_STATE_HEADER); - if (ret <= 0) - goto done; - break; - - case ASN1_STATE_HEADER: - buflen = ASN1_object_size(0, inl, ctx->asn1_tag) - inl; - if (buflen <= 0 || buflen > ctx->bufsize) - return -1; - ctx->buflen = buflen; - p = ctx->buf; - ASN1_put_object(&p, 0, inl, - ctx->asn1_tag, ctx->asn1_class); - ctx->copylen = inl; - ctx->state = ASN1_STATE_HEADER_COPY; - break; - - case ASN1_STATE_HEADER_COPY: - ret = BIO_write(b->next_bio, - ctx->buf + ctx->bufpos, ctx->buflen); - if (ret <= 0) - goto done; - - ctx->buflen -= ret; - if (ctx->buflen) - ctx->bufpos += ret; - else { - ctx->bufpos = 0; - ctx->state = ASN1_STATE_DATA_COPY; - } - break; - - case ASN1_STATE_DATA_COPY: - - if (inl > ctx->copylen) - wrmax = ctx->copylen; - else - wrmax = inl; - ret = BIO_write(b->next_bio, in, wrmax); - if (ret <= 0) - goto done; - wrlen += ret; - ctx->copylen -= ret; - in += ret; - inl -= ret; - - if (ctx->copylen == 0) - ctx->state = ASN1_STATE_HEADER; - if (inl == 0) - goto done; - break; - - default: - BIO_clear_retry_flags(b); - return 0; - } - - } - - done: - BIO_clear_retry_flags(b); - BIO_copy_next_retry(b); - - return (wrlen > 0) ? wrlen : ret; -} - -static int -asn1_bio_flush_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx, asn1_ps_func *cleanup, - asn1_bio_state_t next) -{ - int ret; - - if (ctx->ex_len <= 0) - return 1; - for (;;) { - ret = BIO_write(b->next_bio, ctx->ex_buf + ctx->ex_pos, - ctx->ex_len); - if (ret <= 0) - break; - ctx->ex_len -= ret; - if (ctx->ex_len > 0) - ctx->ex_pos += ret; - else { - if (cleanup) - cleanup(b, &ctx->ex_buf, &ctx->ex_len, - &ctx->ex_arg); - ctx->state = next; - ctx->ex_pos = 0; - break; - } - } - return ret; -} - -static int -asn1_bio_setup_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx, asn1_ps_func *setup, - asn1_bio_state_t ex_state, asn1_bio_state_t other_state) -{ - if (setup && !setup(b, &ctx->ex_buf, &ctx->ex_len, &ctx->ex_arg)) { - BIO_clear_retry_flags(b); - return 0; - } - if (ctx->ex_len > 0) - ctx->state = ex_state; - else - ctx->state = other_state; - return 1; -} - -static int -asn1_bio_read(BIO *b, char *in , int inl) -{ - if (!b->next_bio) - return 0; - return BIO_read(b->next_bio, in , inl); -} - -static int -asn1_bio_puts(BIO *b, const char *str) -{ - return asn1_bio_write(b, str, strlen(str)); -} - -static int -asn1_bio_gets(BIO *b, char *str, int size) -{ - if (!b->next_bio) - return 0; - return BIO_gets(b->next_bio, str , size); -} - -static long -asn1_bio_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp) -{ - if (b->next_bio == NULL) - return (0); - return BIO_callback_ctrl(b->next_bio, cmd, fp); -} - -static long -asn1_bio_ctrl(BIO *b, int cmd, long arg1, void *arg2) -{ - BIO_ASN1_BUF_CTX *ctx; - BIO_ASN1_EX_FUNCS *ex_func; - long ret = 1; - - if ((ctx = b->ptr) == NULL) - return 0; - switch (cmd) { - - case BIO_C_SET_PREFIX: - ex_func = arg2; - ctx->prefix = ex_func->ex_func; - ctx->prefix_free = ex_func->ex_free_func; - break; - - case BIO_C_SET_SUFFIX: - ex_func = arg2; - ctx->suffix = ex_func->ex_func; - ctx->suffix_free = ex_func->ex_free_func; - break; - - case BIO_C_SET_EX_ARG: - ctx->ex_arg = arg2; - break; - - case BIO_C_GET_EX_ARG: - *(void **)arg2 = ctx->ex_arg; - break; - - case BIO_CTRL_FLUSH: - if (!b->next_bio) - return 0; - - /* Call post function if possible */ - if (ctx->state == ASN1_STATE_HEADER) { - if (!asn1_bio_setup_ex(b, ctx, ctx->suffix, - ASN1_STATE_POST_COPY, ASN1_STATE_DONE)) - return 0; - } - - if (ctx->state == ASN1_STATE_POST_COPY) { - ret = asn1_bio_flush_ex(b, ctx, ctx->suffix_free, - ASN1_STATE_DONE); - if (ret <= 0) - return ret; - } - - if (ctx->state == ASN1_STATE_DONE) - return BIO_ctrl(b->next_bio, cmd, arg1, arg2); - else { - BIO_clear_retry_flags(b); - return 0; - } - break; - - - default: - if (!b->next_bio) - return 0; - return BIO_ctrl(b->next_bio, cmd, arg1, arg2); - - } - - return ret; -} - -static int -asn1_bio_set_ex(BIO *b, int cmd, asn1_ps_func *ex_func, asn1_ps_func - *ex_free_func) -{ - BIO_ASN1_EX_FUNCS extmp; - - extmp.ex_func = ex_func; - extmp.ex_free_func = ex_free_func; - return BIO_ctrl(b, cmd, 0, &extmp); -} - -int -BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix, asn1_ps_func *prefix_free) -{ - return asn1_bio_set_ex(b, BIO_C_SET_PREFIX, prefix, prefix_free); -} - -int -BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix, asn1_ps_func *suffix_free) -{ - return asn1_bio_set_ex(b, BIO_C_SET_SUFFIX, suffix, suffix_free); -} diff --git a/src/lib/libcrypto/asn1/bio_ndef.c b/src/lib/libcrypto/asn1/bio_ndef.c deleted file mode 100644 index 98bb1cd197..0000000000 --- a/src/lib/libcrypto/asn1/bio_ndef.c +++ /dev/null @@ -1,270 +0,0 @@ -/* $OpenBSD: bio_ndef.c,v 1.24 2023/07/28 09:58:30 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - */ - -#include - -#include -#include -#include -#include - -#include "asn1_local.h" - -int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix, asn1_ps_func *prefix_free); -int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix, asn1_ps_func *suffix_free); - -/* Experimental NDEF ASN1 BIO support routines */ - -/* The usage is quite simple, initialize an ASN1 structure, - * get a BIO from it then any data written through the BIO - * will end up translated to approptiate format on the fly. - * The data is streamed out and does *not* need to be - * all held in memory at once. - * - * When the BIO is flushed the output is finalized and any - * signatures etc written out. - * - * The BIO is a 'proper' BIO and can handle non blocking I/O - * correctly. - * - * The usage is simple. The implementation is *not*... - */ - -/* BIO support data stored in the ASN1 BIO ex_arg */ - -typedef struct ndef_aux_st { - /* ASN1 structure this BIO refers to */ - ASN1_VALUE *val; - const ASN1_ITEM *it; - /* Top of the BIO chain */ - BIO *ndef_bio; - /* Output BIO */ - BIO *out; - /* Boundary where content is inserted */ - unsigned char **boundary; - /* DER buffer start */ - unsigned char *derbuf; -} NDEF_SUPPORT; - -static int ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg); -static int ndef_prefix_free(BIO *b, unsigned char **pbuf, int *plen, void *parg); -static int ndef_suffix(BIO *b, unsigned char **pbuf, int *plen, void *parg); -static int ndef_suffix_free(BIO *b, unsigned char **pbuf, int *plen, void *parg); - -BIO * -BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it) -{ - NDEF_SUPPORT *ndef_aux = NULL; - BIO *asn_bio = NULL, *pop_bio = NULL; - const ASN1_AUX *aux = it->funcs; - ASN1_STREAM_ARG sarg; - - if (aux == NULL || aux->asn1_cb == NULL) { - ASN1error(ASN1_R_STREAMING_NOT_SUPPORTED); - goto err; - } - - if ((asn_bio = BIO_new(BIO_f_asn1())) == NULL) - goto err; - - if (BIO_push(asn_bio, out) == NULL) - goto err; - pop_bio = asn_bio; - - /* - * Set up prefix and suffix handlers first. This ensures that ndef_aux - * is freed as part of asn_bio once it is the asn_bio's ex_arg. - */ - if (BIO_asn1_set_prefix(asn_bio, ndef_prefix, ndef_prefix_free) <= 0) - goto err; - if (BIO_asn1_set_suffix(asn_bio, ndef_suffix, ndef_suffix_free) <= 0) - goto err; - - /* - * Allocate early to avoid the tricky cleanup after the asn1_cb(). - * Ownership of ndef_aux is transferred to asn_bio in BIO_ctrl(). - * Keep a reference to populate it after callback success. - */ - if ((ndef_aux = calloc(1, sizeof(*ndef_aux))) == NULL) - goto err; - if (BIO_ctrl(asn_bio, BIO_C_SET_EX_ARG, 0, ndef_aux) <= 0) { - free(ndef_aux); - goto err; - } - - /* - * The callback prepends BIOs to the chain starting at asn_bio for - * digest, cipher, etc. The resulting chain starts at sarg.ndef_bio. - */ - - sarg.out = asn_bio; - sarg.ndef_bio = NULL; - sarg.boundary = NULL; - - if (aux->asn1_cb(ASN1_OP_STREAM_PRE, &val, it, &sarg) <= 0) - goto err; - - ndef_aux->val = val; - ndef_aux->it = it; - ndef_aux->ndef_bio = sarg.ndef_bio; - ndef_aux->boundary = sarg.boundary; - ndef_aux->out = asn_bio; - - return sarg.ndef_bio; - - err: - BIO_pop(pop_bio); - BIO_free(asn_bio); - - return NULL; -} - -static int -ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg) -{ - NDEF_SUPPORT *ndef_aux; - unsigned char *p = NULL; - int derlen; - - if (!parg) - return 0; - - ndef_aux = *(NDEF_SUPPORT **)parg; - - if ((derlen = ASN1_item_ndef_i2d(ndef_aux->val, &p, ndef_aux->it)) <= 0) - return 0; - - ndef_aux->derbuf = p; - *pbuf = p; - - if (*ndef_aux->boundary == NULL) - return 0; - - *plen = *ndef_aux->boundary - *pbuf; - - return 1; -} - -static int -ndef_prefix_free(BIO *b, unsigned char **pbuf, int *plen, void *parg) -{ - NDEF_SUPPORT **pndef_aux = parg; - - if (pndef_aux == NULL || *pndef_aux == NULL) - return 0; - - free((*pndef_aux)->derbuf); - (*pndef_aux)->derbuf = NULL; - - *pbuf = NULL; - *plen = 0; - - return 1; -} - -static int -ndef_suffix_free(BIO *b, unsigned char **pbuf, int *plen, void *parg) -{ - NDEF_SUPPORT **pndef_aux = parg; - - /* Ensure ndef_prefix_free() won't fail, so we won't leak *pndef_aux. */ - if (pndef_aux == NULL || *pndef_aux == NULL) - return 0; - if (!ndef_prefix_free(b, pbuf, plen, parg)) - return 0; - - free(*pndef_aux); - *pndef_aux = NULL; - - return 1; -} - -static int -ndef_suffix(BIO *b, unsigned char **pbuf, int *plen, void *parg) -{ - NDEF_SUPPORT *ndef_aux; - unsigned char *p = NULL; - int derlen; - const ASN1_AUX *aux; - ASN1_STREAM_ARG sarg; - - if (!parg) - return 0; - - ndef_aux = *(NDEF_SUPPORT **)parg; - - aux = ndef_aux->it->funcs; - - /* Finalize structures */ - sarg.ndef_bio = ndef_aux->ndef_bio; - sarg.out = ndef_aux->out; - sarg.boundary = ndef_aux->boundary; - if (aux->asn1_cb(ASN1_OP_STREAM_POST, - &ndef_aux->val, ndef_aux->it, &sarg) <= 0) - return 0; - - if ((derlen = ASN1_item_ndef_i2d(ndef_aux->val, &p, ndef_aux->it)) <= 0) - return 0; - - ndef_aux->derbuf = p; - *pbuf = p; - - if (*ndef_aux->boundary == NULL) - return 0; - - *pbuf = *ndef_aux->boundary; - *plen = derlen - (*ndef_aux->boundary - ndef_aux->derbuf); - - return 1; -} diff --git a/src/lib/libcrypto/asn1/charmap.h b/src/lib/libcrypto/asn1/charmap.h deleted file mode 100644 index bed5487600..0000000000 --- a/src/lib/libcrypto/asn1/charmap.h +++ /dev/null @@ -1,19 +0,0 @@ -/* $OpenBSD: charmap.h,v 1.5 2016/12/21 15:49:29 jsing Exp $ */ -/* Auto generated with chartype.pl script. - * Mask of various character properties - */ - -__BEGIN_HIDDEN_DECLS - -static const unsigned char char_type[] = { - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 120, 0, 1, 40, 0, 0, 0, 16, 16, 16, 0, 25, 25, 16, 16, 16, - 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 9, 9, 16, 9, 16, - 0, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, - 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 0, 1, 0, 0, 0, - 0, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, - 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 0, 0, 0, 0, 2 -}; - -__END_HIDDEN_DECLS diff --git a/src/lib/libcrypto/asn1/charmap.pl b/src/lib/libcrypto/asn1/charmap.pl deleted file mode 100644 index 2875c59867..0000000000 --- a/src/lib/libcrypto/asn1/charmap.pl +++ /dev/null @@ -1,80 +0,0 @@ -#!/usr/local/bin/perl -w - -use strict; - -my ($i, @arr); - -# Set up an array with the type of ASCII characters -# Each set bit represents a character property. - -# RFC2253 character properties -my $RFC2253_ESC = 1; # Character escaped with \ -my $ESC_CTRL = 2; # Escaped control character -# These are used with RFC1779 quoting using " -my $NOESC_QUOTE = 8; # Not escaped if quoted -my $PSTRING_CHAR = 0x10; # Valid PrintableString character -my $RFC2253_FIRST_ESC = 0x20; # Escaped with \ if first character -my $RFC2253_LAST_ESC = 0x40; # Escaped with \ if last character - -for($i = 0; $i < 128; $i++) { - # Set the RFC2253 escape characters (control) - $arr[$i] = 0; - if(($i < 32) || ($i > 126)) { - $arr[$i] |= $ESC_CTRL; - } - - # Some PrintableString characters - if( ( ( $i >= ord("a")) && ( $i <= ord("z")) ) - || ( ( $i >= ord("A")) && ( $i <= ord("Z")) ) - || ( ( $i >= ord("0")) && ( $i <= ord("9")) ) ) { - $arr[$i] |= $PSTRING_CHAR; - } -} - -# Now setup the rest - -# Remaining RFC2253 escaped characters - -$arr[ord(" ")] |= $NOESC_QUOTE | $RFC2253_FIRST_ESC | $RFC2253_LAST_ESC; -$arr[ord("#")] |= $NOESC_QUOTE | $RFC2253_FIRST_ESC; - -$arr[ord(",")] |= $NOESC_QUOTE | $RFC2253_ESC; -$arr[ord("+")] |= $NOESC_QUOTE | $RFC2253_ESC; -$arr[ord("\"")] |= $RFC2253_ESC; -$arr[ord("\\")] |= $RFC2253_ESC; -$arr[ord("<")] |= $NOESC_QUOTE | $RFC2253_ESC; -$arr[ord(">")] |= $NOESC_QUOTE | $RFC2253_ESC; -$arr[ord(";")] |= $NOESC_QUOTE | $RFC2253_ESC; - -# Remaining PrintableString characters - -$arr[ord(" ")] |= $PSTRING_CHAR; -$arr[ord("'")] |= $PSTRING_CHAR; -$arr[ord("(")] |= $PSTRING_CHAR; -$arr[ord(")")] |= $PSTRING_CHAR; -$arr[ord("+")] |= $PSTRING_CHAR; -$arr[ord(",")] |= $PSTRING_CHAR; -$arr[ord("-")] |= $PSTRING_CHAR; -$arr[ord(".")] |= $PSTRING_CHAR; -$arr[ord("/")] |= $PSTRING_CHAR; -$arr[ord(":")] |= $PSTRING_CHAR; -$arr[ord("=")] |= $PSTRING_CHAR; -$arr[ord("?")] |= $PSTRING_CHAR; - -# Now generate the C code - -print < -#include -#include - -#include -#include -#include - -#include "x509_local.h" - -/* PKCS#5 password based encryption structure */ - -static const ASN1_TEMPLATE PBEPARAM_seq_tt[] = { - { - .offset = offsetof(PBEPARAM, salt), - .field_name = "salt", - .item = &ASN1_OCTET_STRING_it, - }, - { - .offset = offsetof(PBEPARAM, iter), - .field_name = "iter", - .item = &ASN1_INTEGER_it, - }, -}; - -const ASN1_ITEM PBEPARAM_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = PBEPARAM_seq_tt, - .tcount = sizeof(PBEPARAM_seq_tt) / sizeof(ASN1_TEMPLATE), - .size = sizeof(PBEPARAM), - .sname = "PBEPARAM", -}; -LCRYPTO_ALIAS(PBEPARAM_it); - - -PBEPARAM * -d2i_PBEPARAM(PBEPARAM **a, const unsigned char **in, long len) -{ - return (PBEPARAM *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &PBEPARAM_it); -} - -int -i2d_PBEPARAM(PBEPARAM *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &PBEPARAM_it); -} - -PBEPARAM * -PBEPARAM_new(void) -{ - return (PBEPARAM *)ASN1_item_new(&PBEPARAM_it); -} - -void -PBEPARAM_free(PBEPARAM *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &PBEPARAM_it); -} - - -/* Set an algorithm identifier for a PKCS#5 PBE algorithm */ - -int -PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, - const unsigned char *salt, int saltlen) -{ - PBEPARAM *pbe = NULL; - ASN1_STRING *pbe_str = NULL; - unsigned char *sstr; - - if ((pbe = PBEPARAM_new()) == NULL) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto err; - } - if (iter <= 0) - iter = PKCS5_DEFAULT_ITER; - if (!ASN1_INTEGER_set(pbe->iter, iter)) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto err; - } - if (!saltlen) - saltlen = PKCS5_SALT_LEN; - if (!ASN1_STRING_set(pbe->salt, NULL, saltlen)) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto err; - } - sstr = ASN1_STRING_data(pbe->salt); - if (salt) - memcpy(sstr, salt, saltlen); - else - arc4random_buf(sstr, saltlen); - - if (!ASN1_item_pack(pbe, &PBEPARAM_it, &pbe_str)) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto err; - } - - PBEPARAM_free(pbe); - pbe = NULL; - - if (X509_ALGOR_set0(algor, OBJ_nid2obj(alg), V_ASN1_SEQUENCE, pbe_str)) - return 1; - - err: - if (pbe != NULL) - PBEPARAM_free(pbe); - ASN1_STRING_free(pbe_str); - return 0; -} - -/* Return an algorithm identifier for a PKCS#5 PBE algorithm */ - -X509_ALGOR * -PKCS5_pbe_set(int alg, int iter, const unsigned char *salt, int saltlen) -{ - X509_ALGOR *ret; - ret = X509_ALGOR_new(); - if (!ret) { - ASN1error(ERR_R_MALLOC_FAILURE); - return NULL; - } - - if (PKCS5_pbe_set0_algor(ret, alg, iter, salt, saltlen)) - return ret; - - X509_ALGOR_free(ret); - return NULL; -} diff --git a/src/lib/libcrypto/asn1/p5_pbev2.c b/src/lib/libcrypto/asn1/p5_pbev2.c deleted file mode 100644 index 76872a8dec..0000000000 --- a/src/lib/libcrypto/asn1/p5_pbev2.c +++ /dev/null @@ -1,356 +0,0 @@ -/* $OpenBSD: p5_pbev2.c,v 1.35 2024/03/26 07:03:10 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999-2004. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include - -#include -#include -#include - -#include "evp_local.h" -#include "x509_local.h" - -/* PKCS#5 v2.0 password based encryption structures */ - -static const ASN1_TEMPLATE PBE2PARAM_seq_tt[] = { - { - .offset = offsetof(PBE2PARAM, keyfunc), - .field_name = "keyfunc", - .item = &X509_ALGOR_it, - }, - { - .offset = offsetof(PBE2PARAM, encryption), - .field_name = "encryption", - .item = &X509_ALGOR_it, - }, -}; - -const ASN1_ITEM PBE2PARAM_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = PBE2PARAM_seq_tt, - .tcount = sizeof(PBE2PARAM_seq_tt) / sizeof(ASN1_TEMPLATE), - .size = sizeof(PBE2PARAM), - .sname = "PBE2PARAM", -}; - - -PBE2PARAM * -d2i_PBE2PARAM(PBE2PARAM **a, const unsigned char **in, long len) -{ - return (PBE2PARAM *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &PBE2PARAM_it); -} - -int -i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &PBE2PARAM_it); -} - -PBE2PARAM * -PBE2PARAM_new(void) -{ - return (PBE2PARAM *)ASN1_item_new(&PBE2PARAM_it); -} - -void -PBE2PARAM_free(PBE2PARAM *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &PBE2PARAM_it); -} - -static const ASN1_TEMPLATE PBKDF2PARAM_seq_tt[] = { - { - .offset = offsetof(PBKDF2PARAM, salt), - .field_name = "salt", - .item = &ASN1_ANY_it, - }, - { - .offset = offsetof(PBKDF2PARAM, iter), - .field_name = "iter", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .offset = offsetof(PBKDF2PARAM, keylength), - .field_name = "keylength", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .offset = offsetof(PBKDF2PARAM, prf), - .field_name = "prf", - .item = &X509_ALGOR_it, - }, -}; - -const ASN1_ITEM PBKDF2PARAM_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = PBKDF2PARAM_seq_tt, - .tcount = sizeof(PBKDF2PARAM_seq_tt) / sizeof(ASN1_TEMPLATE), - .size = sizeof(PBKDF2PARAM), - .sname = "PBKDF2PARAM", -}; - - -PBKDF2PARAM * -d2i_PBKDF2PARAM(PBKDF2PARAM **a, const unsigned char **in, long len) -{ - return (PBKDF2PARAM *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &PBKDF2PARAM_it); -} - -int -i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &PBKDF2PARAM_it); -} - -PBKDF2PARAM * -PBKDF2PARAM_new(void) -{ - return (PBKDF2PARAM *)ASN1_item_new(&PBKDF2PARAM_it); -} - -void -PBKDF2PARAM_free(PBKDF2PARAM *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &PBKDF2PARAM_it); -} - -/* - * Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm: - * yes I know this is horrible! - */ - -X509_ALGOR * -PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, unsigned char *salt, - int saltlen) -{ - X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL; - int prf_nid = NID_hmacWithSHA1; - int alg_nid, keylen; - EVP_CIPHER_CTX ctx; - unsigned char iv[EVP_MAX_IV_LENGTH]; - PBE2PARAM *pbe2 = NULL; - ASN1_OBJECT *obj; - - alg_nid = EVP_CIPHER_type(cipher); - if (alg_nid == NID_undef) { - ASN1error(ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER); - goto err; - } - obj = OBJ_nid2obj(alg_nid); - - if (!(pbe2 = PBE2PARAM_new())) - goto merr; - - /* Setup the AlgorithmIdentifier for the encryption scheme */ - scheme = pbe2->encryption; - - scheme->algorithm = obj; - if (!(scheme->parameter = ASN1_TYPE_new())) - goto merr; - - /* Create random IV */ - if (EVP_CIPHER_iv_length(cipher) > 0) - arc4random_buf(iv, EVP_CIPHER_iv_length(cipher)); - - EVP_CIPHER_CTX_legacy_clear(&ctx); - - /* Dummy cipherinit to just setup the IV, and PRF */ - if (!EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0)) - goto err; - if (EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) { - ASN1error(ASN1_R_ERROR_SETTING_CIPHER_PARAMS); - EVP_CIPHER_CTX_cleanup(&ctx); - goto err; - } - EVP_CIPHER_CTX_cleanup(&ctx); - - /* If its RC2 then we'd better setup the key length */ - - if (alg_nid == NID_rc2_cbc) - keylen = EVP_CIPHER_key_length(cipher); - else - keylen = -1; - - /* Setup keyfunc */ - - X509_ALGOR_free(pbe2->keyfunc); - - pbe2->keyfunc = PKCS5_pbkdf2_set(iter, salt, saltlen, prf_nid, keylen); - - if (!pbe2->keyfunc) - goto merr; - - /* Now set up top level AlgorithmIdentifier */ - - if (!(ret = X509_ALGOR_new())) - goto merr; - if (!(ret->parameter = ASN1_TYPE_new())) - goto merr; - - ret->algorithm = OBJ_nid2obj(NID_pbes2); - - /* Encode PBE2PARAM into parameter */ - - if (!ASN1_item_pack(pbe2, &PBE2PARAM_it, - &ret->parameter->value.sequence)) goto merr; - ret->parameter->type = V_ASN1_SEQUENCE; - - PBE2PARAM_free(pbe2); - pbe2 = NULL; - - return ret; - - merr: - ASN1error(ERR_R_MALLOC_FAILURE); - - err: - PBE2PARAM_free(pbe2); - /* Note 'scheme' is freed as part of pbe2 */ - X509_ALGOR_free(kalg); - X509_ALGOR_free(ret); - - return NULL; -} - -X509_ALGOR * -PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, int prf_nid, - int keylen) -{ - X509_ALGOR *keyfunc = NULL; - PBKDF2PARAM *kdf = NULL; - ASN1_OCTET_STRING *osalt = NULL; - - if (!(kdf = PBKDF2PARAM_new())) - goto merr; - if (!(osalt = ASN1_OCTET_STRING_new())) - goto merr; - - kdf->salt->value.octet_string = osalt; - kdf->salt->type = V_ASN1_OCTET_STRING; - - if (!saltlen) - saltlen = PKCS5_SALT_LEN; - if (!(osalt->data = malloc (saltlen))) - goto merr; - - osalt->length = saltlen; - - if (salt) - memcpy (osalt->data, salt, saltlen); - else - arc4random_buf(osalt->data, saltlen); - - if (iter <= 0) - iter = PKCS5_DEFAULT_ITER; - - if (!ASN1_INTEGER_set(kdf->iter, iter)) - goto merr; - - /* If have a key len set it up */ - - if (keylen > 0) { - if (!(kdf->keylength = ASN1_INTEGER_new())) - goto merr; - if (!ASN1_INTEGER_set(kdf->keylength, keylen)) - goto merr; - } - - /* prf can stay NULL if we are using hmacWithSHA1 */ - if (prf_nid > 0 && prf_nid != NID_hmacWithSHA1) { - kdf->prf = X509_ALGOR_new(); - if (!kdf->prf) - goto merr; - X509_ALGOR_set0(kdf->prf, OBJ_nid2obj(prf_nid), - V_ASN1_NULL, NULL); - } - - /* Finally setup the keyfunc structure */ - - keyfunc = X509_ALGOR_new(); - if (!keyfunc) - goto merr; - - keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2); - - /* Encode PBKDF2PARAM into parameter of pbe2 */ - - if (!(keyfunc->parameter = ASN1_TYPE_new())) - goto merr; - - if (!ASN1_item_pack(kdf, &PBKDF2PARAM_it, - &keyfunc->parameter->value.sequence)) - goto merr; - keyfunc->parameter->type = V_ASN1_SEQUENCE; - - PBKDF2PARAM_free(kdf); - return keyfunc; - - merr: - ASN1error(ERR_R_MALLOC_FAILURE); - PBKDF2PARAM_free(kdf); - X509_ALGOR_free(keyfunc); - return NULL; -} diff --git a/src/lib/libcrypto/asn1/p8_pkey.c b/src/lib/libcrypto/asn1/p8_pkey.c deleted file mode 100644 index bdb0c39ad5..0000000000 --- a/src/lib/libcrypto/asn1/p8_pkey.c +++ /dev/null @@ -1,196 +0,0 @@ -/* $OpenBSD: p8_pkey.c,v 1.25 2024/07/08 14:48:49 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include - -#include "x509_local.h" - -/* Minor tweak to operation: zero private key data */ -static int -pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) -{ - /* Since the structure must still be valid use ASN1_OP_FREE_PRE */ - if (operation == ASN1_OP_FREE_PRE) { - PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval; - if (key->pkey != NULL) - explicit_bzero(key->pkey->data, key->pkey->length); - } - return 1; -} - -static const ASN1_AUX PKCS8_PRIV_KEY_INFO_aux = { - .asn1_cb = pkey_cb, -}; -static const ASN1_TEMPLATE PKCS8_PRIV_KEY_INFO_seq_tt[] = { - { - .offset = offsetof(PKCS8_PRIV_KEY_INFO, version), - .field_name = "version", - .item = &ASN1_INTEGER_it, - }, - { - .offset = offsetof(PKCS8_PRIV_KEY_INFO, pkeyalg), - .field_name = "pkeyalg", - .item = &X509_ALGOR_it, - }, - { - .offset = offsetof(PKCS8_PRIV_KEY_INFO, pkey), - .field_name = "pkey", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL, - .offset = offsetof(PKCS8_PRIV_KEY_INFO, attributes), - .field_name = "attributes", - .item = &X509_ATTRIBUTE_it, - }, -}; - -const ASN1_ITEM PKCS8_PRIV_KEY_INFO_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = PKCS8_PRIV_KEY_INFO_seq_tt, - .tcount = sizeof(PKCS8_PRIV_KEY_INFO_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &PKCS8_PRIV_KEY_INFO_aux, - .size = sizeof(PKCS8_PRIV_KEY_INFO), - .sname = "PKCS8_PRIV_KEY_INFO", -}; -LCRYPTO_ALIAS(PKCS8_PRIV_KEY_INFO_it); - - -PKCS8_PRIV_KEY_INFO * -d2i_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO **a, const unsigned char **in, long len) -{ - return (PKCS8_PRIV_KEY_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &PKCS8_PRIV_KEY_INFO_it); -} -LCRYPTO_ALIAS(d2i_PKCS8_PRIV_KEY_INFO); - -int -i2d_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS8_PRIV_KEY_INFO_it); -} -LCRYPTO_ALIAS(i2d_PKCS8_PRIV_KEY_INFO); - -PKCS8_PRIV_KEY_INFO * -PKCS8_PRIV_KEY_INFO_new(void) -{ - return (PKCS8_PRIV_KEY_INFO *)ASN1_item_new(&PKCS8_PRIV_KEY_INFO_it); -} -LCRYPTO_ALIAS(PKCS8_PRIV_KEY_INFO_new); - -void -PKCS8_PRIV_KEY_INFO_free(PKCS8_PRIV_KEY_INFO *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &PKCS8_PRIV_KEY_INFO_it); -} -LCRYPTO_ALIAS(PKCS8_PRIV_KEY_INFO_free); - -int -PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj, int version, - int ptype, void *pval, unsigned char *penc, int penclen) -{ - if (version >= 0) { - if (!ASN1_INTEGER_set(priv->version, version)) - return 0; - } - if (!X509_ALGOR_set0(priv->pkeyalg, aobj, ptype, pval)) - return 0; - if (penc != NULL) - ASN1_STRING_set0(priv->pkey, penc, penclen); - return 1; -} -LCRYPTO_ALIAS(PKCS8_pkey_set0); - -int -PKCS8_pkey_get0(const ASN1_OBJECT **ppkalg, const unsigned char **pk, - int *ppklen, const X509_ALGOR **pa, const PKCS8_PRIV_KEY_INFO *p8) -{ - if (ppkalg != NULL) - *ppkalg = p8->pkeyalg->algorithm; - if (pk != NULL) { - *pk = ASN1_STRING_data(p8->pkey); - *ppklen = ASN1_STRING_length(p8->pkey); - } - if (pa != NULL) - *pa = p8->pkeyalg; - return 1; -} -LCRYPTO_ALIAS(PKCS8_pkey_get0); - -const STACK_OF(X509_ATTRIBUTE) * -PKCS8_pkey_get0_attrs(const PKCS8_PRIV_KEY_INFO *p8) -{ - return p8->attributes; -} -LCRYPTO_ALIAS(PKCS8_pkey_get0_attrs); - -int -PKCS8_pkey_add1_attr_by_NID(PKCS8_PRIV_KEY_INFO *p8, int nid, int type, - const unsigned char *bytes, int len) -{ - if (X509at_add1_attr_by_NID(&p8->attributes, nid, type, bytes, - len) != NULL) - return 1; - return 0; -} -LCRYPTO_ALIAS(PKCS8_pkey_add1_attr_by_NID); diff --git a/src/lib/libcrypto/asn1/posix_time.h b/src/lib/libcrypto/asn1/posix_time.h deleted file mode 100644 index 82b3f30bc2..0000000000 --- a/src/lib/libcrypto/asn1/posix_time.h +++ /dev/null @@ -1,54 +0,0 @@ -/* $OpenBSD: posix_time.h,v 1.1 2024/02/18 16:28:38 tb Exp $ */ -/* - * Copyright (c) 2022, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef OPENSSL_HEADER_POSIX_TIME_H -#define OPENSSL_HEADER_POSIX_TIME_H - -#include -#include - -#if defined(__cplusplus) -extern "C" { -#endif - -/* - * OPENSSL_posix_to_tm converts a int64_t POSIX time value in |time|, which must - * be in the range of year 0000 to 9999, to a broken out time value in |tm|. It - * returns one on success and zero on error. - */ -int OPENSSL_posix_to_tm(int64_t time, struct tm *out_tm); - -/* - * OPENSSL_tm_to_posix converts a time value between the years 0 and 9999 in - * |tm| to a POSIX time value in |out|. One is returned on success, zero is - * returned on failure. It is a failure if |tm| contains out of range values. - */ -int OPENSSL_tm_to_posix(const struct tm *tm, int64_t *out); - -/* - * OPENSSL_timegm converts a time value between the years 0 and 9999 in |tm| to - * a time_t value in |out|. One is returned on success, zero is returned on - * failure. It is a failure if the converted time can not be represented in a - * time_t, or if the tm contains out of range values. - */ -int OPENSSL_timegm(const struct tm *tm, time_t *out); - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_POSIX_TIME_H */ diff --git a/src/lib/libcrypto/asn1/t_crl.c b/src/lib/libcrypto/asn1/t_crl.c deleted file mode 100644 index 6449e7f199..0000000000 --- a/src/lib/libcrypto/asn1/t_crl.c +++ /dev/null @@ -1,152 +0,0 @@ -/* $OpenBSD: t_crl.c,v 1.26 2024/05/03 02:52:00 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include -#include -#include -#include - -#include "x509_local.h" - -int -X509_CRL_print_fp(FILE *fp, X509_CRL *x) -{ - BIO *b; - int ret; - - if ((b = BIO_new(BIO_s_file())) == NULL) { - X509error(ERR_R_BUF_LIB); - return (0); - } - BIO_set_fp(b, fp, BIO_NOCLOSE); - ret = X509_CRL_print(b, x); - BIO_free(b); - return (ret); -} -LCRYPTO_ALIAS(X509_CRL_print_fp); - -int -X509_CRL_print(BIO *out, X509_CRL *x) -{ - STACK_OF(X509_REVOKED) *rev; - X509_REVOKED *r; - long l; - int i; - char *p; - - BIO_printf(out, "Certificate Revocation List (CRL):\n"); - l = X509_CRL_get_version(x); - if (l >= 0 && l <= 1) { - if (BIO_printf(out, "%8sVersion: %lu (0x%lx)\n", - "", l + 1, l) <= 0) - goto err; - } else { - if (BIO_printf(out, "%8sVersion: unknown (%ld)\n", - "", l) <= 0) - goto err; - } - if (X509_signature_print(out, x->sig_alg, NULL) == 0) - goto err; - p = X509_NAME_oneline(X509_CRL_get_issuer(x), NULL, 0); - if (p == NULL) - goto err; - BIO_printf(out, "%8sIssuer: %s\n", "", p); - free(p); - BIO_printf(out, "%8sLast Update: ", ""); - ASN1_TIME_print(out, X509_CRL_get_lastUpdate(x)); - BIO_printf(out, "\n%8sNext Update: ", ""); - if (X509_CRL_get_nextUpdate(x)) - ASN1_TIME_print(out, X509_CRL_get_nextUpdate(x)); - else - BIO_printf(out, "NONE"); - BIO_printf(out, "\n"); - - X509V3_extensions_print(out, "CRL extensions", - x->crl->extensions, 0, 8); - - rev = X509_CRL_get_REVOKED(x); - - if (sk_X509_REVOKED_num(rev) > 0) - BIO_printf(out, "Revoked Certificates:\n"); - else - BIO_printf(out, "No Revoked Certificates.\n"); - - for (i = 0; i < sk_X509_REVOKED_num(rev); i++) { - r = sk_X509_REVOKED_value(rev, i); - BIO_printf(out, " Serial Number: "); - i2a_ASN1_INTEGER(out, r->serialNumber); - BIO_printf(out, "\n Revocation Date: "); - ASN1_TIME_print(out, r->revocationDate); - BIO_printf(out, "\n"); - X509V3_extensions_print(out, "CRL entry extensions", - r->extensions, 0, 8); - } - if (X509_signature_print(out, x->sig_alg, x->signature) == 0) - goto err; - - return 1; - - err: - return 0; -} -LCRYPTO_ALIAS(X509_CRL_print); diff --git a/src/lib/libcrypto/asn1/t_req.c b/src/lib/libcrypto/asn1/t_req.c deleted file mode 100644 index 1d4be9865d..0000000000 --- a/src/lib/libcrypto/asn1/t_req.c +++ /dev/null @@ -1,263 +0,0 @@ -/* $OpenBSD: t_req.c,v 1.28 2024/05/03 02:52:00 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include - -#include -#include -#include -#include -#include -#include - -#ifndef OPENSSL_NO_DSA -#include -#endif -#ifndef OPENSSL_NO_RSA -#include -#endif - -#include "x509_local.h" - -int -X509_REQ_print_fp(FILE *fp, X509_REQ *x) -{ - BIO *b; - int ret; - - if ((b = BIO_new(BIO_s_file())) == NULL) { - X509error(ERR_R_BUF_LIB); - return (0); - } - BIO_set_fp(b, fp, BIO_NOCLOSE); - ret = X509_REQ_print(b, x); - BIO_free(b); - return (ret); -} -LCRYPTO_ALIAS(X509_REQ_print_fp); - -int -X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, - unsigned long cflag) -{ - unsigned long l; - int i; - X509_REQ_INFO *ri; - EVP_PKEY *pkey; - STACK_OF(X509_ATTRIBUTE) *sk; - STACK_OF(X509_EXTENSION) *exts = NULL; - char mlch = ' '; - int nmindent = 0; - - if ((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) { - mlch = '\n'; - nmindent = 12; - } - - if (nmflags == X509_FLAG_COMPAT) - nmindent = 16; - - ri = x->req_info; - if (!(cflag & X509_FLAG_NO_HEADER)) { - if (BIO_write(bp, "Certificate Request:\n", 21) <= 0) - goto err; - if (BIO_write(bp, " Data:\n", 10) <= 0) - - goto err; - } - if (!(cflag & X509_FLAG_NO_VERSION)) { - if ((l = X509_REQ_get_version(x)) == 0) { - if (BIO_printf(bp, "%8sVersion: 1 (0x0)\n", "") <= 0) - goto err; - } else { - if (BIO_printf(bp, "%8sVersion: unknown (%ld)\n", - "", l) <= 0) - goto err; - } - } - if (!(cflag & X509_FLAG_NO_SUBJECT)) { - if (BIO_printf(bp, " Subject:%c", mlch) <= 0) - goto err; - if (X509_NAME_print_ex(bp, ri->subject, nmindent, nmflags) < 0) - goto err; - if (BIO_write(bp, "\n", 1) <= 0) - goto err; - } - if (!(cflag & X509_FLAG_NO_PUBKEY)) { - if (BIO_write(bp, " Subject Public Key Info:\n", - 33) <= 0) - goto err; - if (BIO_printf(bp, "%12sPublic Key Algorithm: ", "") <= 0) - goto err; - if (i2a_ASN1_OBJECT(bp, ri->pubkey->algor->algorithm) <= 0) - goto err; - if (BIO_puts(bp, "\n") <= 0) - goto err; - - pkey = X509_REQ_get_pubkey(x); - if (pkey == NULL) { - BIO_printf(bp, "%12sUnable to load Public Key\n", ""); - ERR_print_errors(bp); - } else { - EVP_PKEY_print_public(bp, pkey, 16, NULL); - EVP_PKEY_free(pkey); - } - } - - if (!(cflag & X509_FLAG_NO_ATTRIBUTES)) { - /* may not be */ - if (BIO_printf(bp, "%8sAttributes:\n", "") <= 0) - goto err; - - sk = x->req_info->attributes; - if (sk_X509_ATTRIBUTE_num(sk) == 0) { - if (BIO_printf(bp, "%12sa0:00\n", "") <= 0) - goto err; - } else { - for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) { - ASN1_TYPE *at; - X509_ATTRIBUTE *a; - ASN1_BIT_STRING *bs = NULL; - int j, type = 0, count = 1, ii = 0; - - a = sk_X509_ATTRIBUTE_value(sk, i); - if (X509_REQ_extension_nid( - OBJ_obj2nid(a->object))) - continue; - if (BIO_printf(bp, "%12s", "") <= 0) - goto err; - if ((j = i2a_ASN1_OBJECT(bp, a->object)) > 0) { - ii = 0; - count = sk_ASN1_TYPE_num(a->set); - get_next: - at = sk_ASN1_TYPE_value(a->set, ii); - type = at->type; - bs = at->value.asn1_string; - } - for (j = 25 - j; j > 0; j--) - if (BIO_write(bp, " ", 1) != 1) - goto err; - if (BIO_puts(bp, ":") <= 0) - goto err; - if ((type == V_ASN1_PRINTABLESTRING) || - (type == V_ASN1_T61STRING) || - (type == V_ASN1_IA5STRING)) { - if (BIO_write(bp, (char *)bs->data, - bs->length) != bs->length) - goto err; - BIO_puts(bp, "\n"); - } else { - BIO_puts(bp, - "unable to print attribute\n"); - } - if (++ii < count) - goto get_next; - } - } - } - if (!(cflag & X509_FLAG_NO_EXTENSIONS)) { - exts = X509_REQ_get_extensions(x); - if (exts) { - BIO_printf(bp, "%8sRequested Extensions:\n", ""); - for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) { - ASN1_OBJECT *obj; - X509_EXTENSION *ex; - int j; - ex = sk_X509_EXTENSION_value(exts, i); - if (BIO_printf(bp, "%12s", "") <= 0) - goto err; - obj = X509_EXTENSION_get_object(ex); - i2a_ASN1_OBJECT(bp, obj); - j = X509_EXTENSION_get_critical(ex); - if (BIO_printf(bp, ": %s\n", - j ? "critical" : "") <= 0) - goto err; - if (!X509V3_EXT_print(bp, ex, cflag, 16)) { - BIO_printf(bp, "%16s", ""); - ASN1_STRING_print(bp, ex->value); - } - if (BIO_write(bp, "\n", 1) <= 0) - goto err; - } - sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); - exts = NULL; - } - } - - if (!(cflag & X509_FLAG_NO_SIGDUMP)) { - if (!X509_signature_print(bp, x->sig_alg, x->signature)) - goto err; - } - - return (1); - - err: - sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); - X509error(ERR_R_BUF_LIB); - return (0); -} -LCRYPTO_ALIAS(X509_REQ_print_ex); - -int -X509_REQ_print(BIO *bp, X509_REQ *x) -{ - return X509_REQ_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT); -} -LCRYPTO_ALIAS(X509_REQ_print); diff --git a/src/lib/libcrypto/asn1/t_spki.c b/src/lib/libcrypto/asn1/t_spki.c deleted file mode 100644 index 1a315c1573..0000000000 --- a/src/lib/libcrypto/asn1/t_spki.c +++ /dev/null @@ -1,116 +0,0 @@ -/* $OpenBSD: t_spki.c,v 1.17 2024/04/09 13:55:02 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include -#include - -#ifndef OPENSSL_NO_DSA -#include -#endif -#ifndef OPENSSL_NO_RSA -#include -#endif - -#include "x509_local.h" - -/* Print out an SPKI */ - -int -NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki) -{ - EVP_PKEY *pkey; - ASN1_IA5STRING *chal; - int i, n; - char *s; - - BIO_printf(out, "Netscape SPKI:\n"); - i = OBJ_obj2nid(spki->spkac->pubkey->algor->algorithm); - BIO_printf(out, " Public Key Algorithm: %s\n", - (i == NID_undef) ? "UNKNOWN" : OBJ_nid2ln(i)); - pkey = X509_PUBKEY_get(spki->spkac->pubkey); - if (!pkey) - BIO_printf(out, " Unable to load public key\n"); - else { - EVP_PKEY_print_public(out, pkey, 4, NULL); - EVP_PKEY_free(pkey); - } - chal = spki->spkac->challenge; - if (chal->length) - BIO_printf(out, " Challenge String: %.*s\n", chal->length, - chal->data); - i = OBJ_obj2nid(spki->sig_algor->algorithm); - BIO_printf(out, " Signature Algorithm: %s", - (i == NID_undef) ? "UNKNOWN" : OBJ_nid2ln(i)); - - n = spki->signature->length; - s = (char *)spki->signature->data; - for (i = 0; i < n; i++) { - if ((i % 18) == 0) - BIO_write(out, "\n ", 7); - BIO_printf(out, "%02x%s", (unsigned char)s[i], - ((i + 1) == n) ? "" : ":"); - } - BIO_write(out, "\n", 1); - return 1; -} -LCRYPTO_ALIAS(NETSCAPE_SPKI_print); diff --git a/src/lib/libcrypto/asn1/t_x509.c b/src/lib/libcrypto/asn1/t_x509.c deleted file mode 100644 index 7cf4557314..0000000000 --- a/src/lib/libcrypto/asn1/t_x509.c +++ /dev/null @@ -1,485 +0,0 @@ -/* $OpenBSD: t_x509.c,v 1.51 2025/02/08 03:41:36 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include - -#include - -#include -#include -#include -#include -#include -#include -#include -#include - -#include "evp_local.h" -#include "x509_local.h" - -int -X509_print_fp(FILE *fp, X509 *x) -{ - return X509_print_ex_fp(fp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT); -} -LCRYPTO_ALIAS(X509_print_fp); - -int -X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag, unsigned long cflag) -{ - BIO *b; - int ret; - - if ((b = BIO_new(BIO_s_file())) == NULL) { - X509error(ERR_R_BUF_LIB); - return (0); - } - BIO_set_fp(b, fp, BIO_NOCLOSE); - ret = X509_print_ex(b, x, nmflag, cflag); - BIO_free(b); - return (ret); -} -LCRYPTO_ALIAS(X509_print_ex_fp); - -int -X509_print(BIO *bp, X509 *x) -{ - return X509_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT); -} -LCRYPTO_ALIAS(X509_print); - -int -X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag) -{ - long l; - int ret = 0, i; - char *m = NULL, mlch = ' '; - int nmindent = 0; - X509_CINF *ci; - ASN1_INTEGER *bs; - EVP_PKEY *pkey = NULL; - - if ((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) { - mlch = '\n'; - nmindent = 12; - } - - if (nmflags == X509_FLAG_COMPAT) - nmindent = 16; - - ci = x->cert_info; - if (!(cflag & X509_FLAG_NO_HEADER)) { - if (BIO_write(bp, "Certificate:\n", 13) <= 0) - goto err; - if (BIO_write(bp, " Data:\n", 10) <= 0) - goto err; - } - if (!(cflag & X509_FLAG_NO_VERSION)) { - l = X509_get_version(x); - if (l >= 0 && l <= 2) { - if (BIO_printf(bp, "%8sVersion: %ld (0x%lx)\n", - "", l + 1, l) <= 0) - goto err; - } else { - if (BIO_printf(bp, "%8sVersion: unknown (%ld)\n", - "", l) <= 0) - goto err; - } - } - if (!(cflag & X509_FLAG_NO_SERIAL)) { - if (BIO_write(bp, " Serial Number:", 22) <= 0) - goto err; - - bs = X509_get_serialNumber(x); - l = -1; - - /* - * For historical reasons, non-negative serial numbers are - * printed in decimal as long as they fit into a long. Using - * ASN1_INTEGER_get_uint64() avoids an error on the stack for - * numbers between LONG_MAX and ULONG_MAX. Otherwise fall back - * to hexadecimal, also for numbers that are non-conformant - * (negative or larger than 2^159 - 1). - */ - if (bs->length <= sizeof(long) && bs->type == V_ASN1_INTEGER) { - uint64_t u64; - - if (ASN1_INTEGER_get_uint64(&u64, bs) && u64 <= LONG_MAX) - l = (long)u64; - } - if (l >= 0) { - if (BIO_printf(bp, " %ld (0x%lx)\n", l, l) <= 0) - goto err; - } else { - const char *neg = ""; - - if (bs->type == V_ASN1_NEG_INTEGER) - neg = " (Negative)"; - - if (BIO_printf(bp, "\n%12s%s", "", neg) <= 0) - goto err; - for (i = 0; i < bs->length; i++) { - if (BIO_printf(bp, "%02x%c", bs->data[i], - ((i + 1 == bs->length) ? '\n' : ':')) <= 0) - goto err; - } - } - - } - - if (!(cflag & X509_FLAG_NO_SIGNAME)) { - if (X509_signature_print(bp, x->sig_alg, NULL) <= 0) - goto err; - } - - if (!(cflag & X509_FLAG_NO_ISSUER)) { - if (BIO_printf(bp, " Issuer:%c", mlch) <= 0) - goto err; - if (X509_NAME_print_ex(bp, X509_get_issuer_name(x), - nmindent, nmflags) < (nmflags == X509_FLAG_COMPAT ? 1 : 0)) - goto err; - if (BIO_write(bp, "\n", 1) <= 0) - goto err; - } - if (!(cflag & X509_FLAG_NO_VALIDITY)) { - if (BIO_write(bp, " Validity\n", 17) <= 0) - goto err; - if (BIO_write(bp, " Not Before: ", 24) <= 0) - goto err; - if (!ASN1_TIME_print(bp, X509_get_notBefore(x))) - goto err; - if (BIO_write(bp, "\n Not After : ", 25) <= 0) - goto err; - if (!ASN1_TIME_print(bp, X509_get_notAfter(x))) - goto err; - if (BIO_write(bp, "\n", 1) <= 0) - goto err; - } - if (!(cflag & X509_FLAG_NO_SUBJECT)) { - if (BIO_printf(bp, " Subject:%c", mlch) <= 0) - goto err; - if (X509_NAME_print_ex(bp, X509_get_subject_name(x), - nmindent, nmflags) < (nmflags == X509_FLAG_COMPAT ? 1 : 0)) - goto err; - if (BIO_write(bp, "\n", 1) <= 0) - goto err; - } - if (!(cflag & X509_FLAG_NO_PUBKEY)) { - if (BIO_write(bp, " Subject Public Key Info:\n", - 33) <= 0) - goto err; - if (BIO_printf(bp, "%12sPublic Key Algorithm: ", "") <= 0) - goto err; - if (i2a_ASN1_OBJECT(bp, ci->key->algor->algorithm) <= 0) - goto err; - if (BIO_puts(bp, "\n") <= 0) - goto err; - - pkey = X509_get_pubkey(x); - if (pkey == NULL) { - BIO_printf(bp, "%12sUnable to load Public Key\n", ""); - ERR_print_errors(bp); - } else { - EVP_PKEY_print_public(bp, pkey, 16, NULL); - EVP_PKEY_free(pkey); - } - } - - if (!(cflag & X509_FLAG_NO_EXTENSIONS)) - X509V3_extensions_print(bp, "X509v3 extensions", - ci->extensions, cflag, 8); - - if (!(cflag & X509_FLAG_NO_SIGDUMP)) { - if (X509_signature_print(bp, x->sig_alg, x->signature) <= 0) - goto err; - } - if (!(cflag & X509_FLAG_NO_AUX)) { - if (!X509_CERT_AUX_print(bp, x->aux, 0)) - goto err; - } - ret = 1; - - err: - free(m); - return (ret); -} -LCRYPTO_ALIAS(X509_print_ex); - -int -X509_ocspid_print(BIO *bp, X509 *x) -{ - unsigned char *der = NULL; - unsigned char *dertmp; - int derlen; - int i; - unsigned char SHA1md[SHA_DIGEST_LENGTH]; - - /* display the hash of the subject as it would appear - in OCSP requests */ - if (BIO_printf(bp, " Subject OCSP hash: ") <= 0) - goto err; - if ((derlen = i2d_X509_NAME(x->cert_info->subject, NULL)) <= 0) - goto err; - if ((der = dertmp = malloc(derlen)) == NULL) - goto err; - if (i2d_X509_NAME(x->cert_info->subject, &dertmp) <= 0) - goto err; - - if (!EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL)) - goto err; - for (i = 0; i < SHA_DIGEST_LENGTH; i++) { - if (BIO_printf(bp, "%02X", SHA1md[i]) <= 0) - goto err; - } - free (der); - der = NULL; - - /* display the hash of the public key as it would appear - in OCSP requests */ - if (BIO_printf(bp, "\n Public key OCSP hash: ") <= 0) - goto err; - - if (!EVP_Digest(x->cert_info->key->public_key->data, - x->cert_info->key->public_key->length, - SHA1md, NULL, EVP_sha1(), NULL)) - goto err; - for (i = 0; i < SHA_DIGEST_LENGTH; i++) { - if (BIO_printf(bp, "%02X", SHA1md[i]) <= 0) - goto err; - } - BIO_printf(bp, "\n"); - - return (1); - - err: - free(der); - return (0); -} -LCRYPTO_ALIAS(X509_ocspid_print); - -int -X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent) -{ - const unsigned char *s; - int i, n; - - n = sig->length; - s = sig->data; - for (i = 0; i < n; i++) { - if ((i % 18) == 0) { - if (BIO_write(bp, "\n", 1) <= 0) - return 0; - if (BIO_indent(bp, indent, indent) <= 0) - return 0; - } - if (BIO_printf(bp, "%02x%s", s[i], - ((i + 1) == n) ? "" : ":") <= 0) - return 0; - } - if (BIO_write(bp, "\n", 1) != 1) - return 0; - - return 1; -} -LCRYPTO_ALIAS(X509_signature_dump); - -int -X509_signature_print(BIO *bp, const X509_ALGOR *sigalg, const ASN1_STRING *sig) -{ - int sig_nid; - if (BIO_puts(bp, " Signature Algorithm: ") <= 0) - return 0; - if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0) - return 0; - - sig_nid = OBJ_obj2nid(sigalg->algorithm); - if (sig_nid != NID_undef) { - int pkey_nid, dig_nid; - const EVP_PKEY_ASN1_METHOD *ameth; - if (OBJ_find_sigid_algs(sig_nid, &dig_nid, &pkey_nid)) { - ameth = EVP_PKEY_asn1_find(NULL, pkey_nid); - if (ameth && ameth->sig_print) - return ameth->sig_print(bp, sigalg, sig, 9, 0); - } - } - if (sig) - return X509_signature_dump(bp, sig, 9); - else if (BIO_puts(bp, "\n") <= 0) - return 0; - return 1; -} -LCRYPTO_ALIAS(X509_signature_print); - -int -ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm) -{ - if (tm->type == V_ASN1_UTCTIME) - return ASN1_UTCTIME_print(bp, tm); - if (tm->type == V_ASN1_GENERALIZEDTIME) - return ASN1_GENERALIZEDTIME_print(bp, tm); - BIO_write(bp, "Bad time value", 14); - return (0); -} -LCRYPTO_ALIAS(ASN1_TIME_print); - -static const char *mon[12] = { - "Jan", "Feb", "Mar", "Apr", "May", "Jun", - "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" -}; - -int -ASN1_GENERALIZEDTIME_print(BIO *bp, const ASN1_GENERALIZEDTIME *tm) -{ - char *v; - int gmt = 0; - int i; - int y = 0, M = 0, d = 0, h = 0, m = 0, s = 0; - char *f = ""; - int f_len = 0; - - i = tm->length; - v = (char *)tm->data; - - if (i < 12) - goto err; - if (v[i-1] == 'Z') - gmt = 1; - for (i = 0; i < 12; i++) - if ((v[i] > '9') || (v[i] < '0')) - goto err; - y = (v[0] - '0') * 1000 + (v[1] - '0') * 100 + - (v[2] - '0') * 10 + (v[3] - '0'); - M = (v[4] - '0') * 10 + (v[5] - '0'); - if ((M > 12) || (M < 1)) - goto err; - d = (v[6] - '0') * 10 + (v[7] - '0'); - h = (v[8] - '0') * 10 + (v[9] - '0'); - m = (v[10] - '0') * 10 + (v[11] - '0'); - if (tm->length >= 14 && - (v[12] >= '0') && (v[12] <= '9') && - (v[13] >= '0') && (v[13] <= '9')) { - s = (v[12] - '0') * 10 + (v[13] - '0'); - /* Check for fractions of seconds. */ - if (tm->length >= 15 && v[14] == '.') { - int l = tm->length; - f = &v[14]; /* The decimal point. */ - f_len = 1; - while (14 + f_len < l && f[f_len] >= '0' && - f[f_len] <= '9') - ++f_len; - } - } - - if (BIO_printf(bp, "%s %2d %02d:%02d:%02d%.*s %d%s", - mon[M - 1], d, h, m, s, f_len, f, y, (gmt) ? " GMT" : "") <= 0) - return (0); - else - return (1); - - err: - BIO_write(bp, "Bad time value", 14); - return (0); -} -LCRYPTO_ALIAS(ASN1_GENERALIZEDTIME_print); - -int -ASN1_UTCTIME_print(BIO *bp, const ASN1_UTCTIME *tm) -{ - const char *v; - int gmt = 0; - int i; - int y = 0, M = 0, d = 0, h = 0, m = 0, s = 0; - - i = tm->length; - v = (const char *)tm->data; - - if (i < 10) - goto err; - if (v[i-1] == 'Z') - gmt = 1; - for (i = 0; i < 10; i++) - if ((v[i] > '9') || (v[i] < '0')) - goto err; - y = (v[0] - '0') * 10 + (v[1] - '0'); - if (y < 50) - y += 100; - M = (v[2] - '0') * 10 + (v[3] - '0'); - if ((M > 12) || (M < 1)) - goto err; - d = (v[4] - '0') * 10 + (v[5] - '0'); - h = (v[6] - '0') * 10 + (v[7] - '0'); - m = (v[8] - '0') * 10 + (v[9] - '0'); - if (tm->length >=12 && - (v[10] >= '0') && (v[10] <= '9') && - (v[11] >= '0') && (v[11] <= '9')) - s = (v[10] - '0') * 10 + (v[11] - '0'); - - if (BIO_printf(bp, "%s %2d %02d:%02d:%02d %d%s", - mon[M - 1], d, h, m, s, y + 1900, (gmt) ? " GMT" : "") <= 0) - return (0); - else - return (1); - - err: - BIO_write(bp, "Bad time value", 14); - return (0); -} -LCRYPTO_ALIAS(ASN1_UTCTIME_print); diff --git a/src/lib/libcrypto/asn1/t_x509a.c b/src/lib/libcrypto/asn1/t_x509a.c deleted file mode 100644 index 7dbf844cc7..0000000000 --- a/src/lib/libcrypto/asn1/t_x509a.c +++ /dev/null @@ -1,119 +0,0 @@ -/* $OpenBSD: t_x509a.c,v 1.13 2023/07/07 19:37:52 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include - -#include "x509_local.h" - -/* X509_CERT_AUX and string set routines */ - -int -X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent) -{ - char oidstr[80], first; - int i; - if (!aux) - return 1; - if (aux->trust) { - first = 1; - BIO_printf(out, "%*sTrusted Uses:\n%*s", - indent, "", indent + 2, ""); - for (i = 0; i < sk_ASN1_OBJECT_num(aux->trust); i++) { - if (!first) - BIO_puts(out, ", "); - else - first = 0; - OBJ_obj2txt(oidstr, sizeof oidstr, - sk_ASN1_OBJECT_value(aux->trust, i), 0); - BIO_puts(out, oidstr); - } - BIO_puts(out, "\n"); - } else - BIO_printf(out, "%*sNo Trusted Uses.\n", indent, ""); - if (aux->reject) { - first = 1; - BIO_printf(out, "%*sRejected Uses:\n%*s", - indent, "", indent + 2, ""); - for (i = 0; i < sk_ASN1_OBJECT_num(aux->reject); i++) { - if (!first) - BIO_puts(out, ", "); - else - first = 0; - OBJ_obj2txt(oidstr, sizeof oidstr, - sk_ASN1_OBJECT_value(aux->reject, i), 0); - BIO_puts(out, oidstr); - } - BIO_puts(out, "\n"); - } else - BIO_printf(out, "%*sNo Rejected Uses.\n", indent, ""); - if (aux->alias) - BIO_printf(out, "%*sAlias: %.*s\n", indent, "", - aux->alias->length, aux->alias->data); - if (aux->keyid) { - BIO_printf(out, "%*sKey Id: ", indent, ""); - for (i = 0; i < aux->keyid->length; i++) - BIO_printf(out, "%s%02X", i ? ":" : "", - aux->keyid->data[i]); - BIO_write(out, "\n", 1); - } - return 1; -} diff --git a/src/lib/libcrypto/asn1/tasn_dec.c b/src/lib/libcrypto/asn1/tasn_dec.c deleted file mode 100644 index 31b9efee54..0000000000 --- a/src/lib/libcrypto/asn1/tasn_dec.c +++ /dev/null @@ -1,1260 +0,0 @@ -/* $OpenBSD: tasn_dec.c,v 1.88 2023/07/28 10:00:10 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include - -#include -#include -#include -#include -#include - -#include "asn1_local.h" -#include "bytestring.h" - -/* - * Constructed types with a recursive definition (such as can be found in PKCS7) - * could eventually exceed the stack given malicious input with excessive - * recursion. Therefore we limit the stack depth. - */ -#define ASN1_MAX_CONSTRUCTED_NEST 30 - -#ifndef ASN1_MAX_STRING_NEST -/* - * This determines how many levels of recursion are permitted in ASN.1 string - * types. If it is not limited stack overflows can occur. If set to zero no - * recursion is allowed at all. - */ -#define ASN1_MAX_STRING_NEST 5 -#endif - -static int asn1_template_d2i(ASN1_VALUE **pval, CBS *cbs, - const ASN1_TEMPLATE *at, int optional, int depth); - -static int -asn1_check_eoc(CBS *cbs) -{ - uint16_t eoc; - - if (!CBS_peek_u16(cbs, &eoc)) - return 0; - if (eoc != 0) - return 0; - - return CBS_skip(cbs, 2); -} - -static int -asn1_check_tag(CBS *cbs, size_t *out_len, int *out_tag, uint8_t *out_class, - int *out_indefinite, int *out_constructed, int expected_tag, - int expected_class, int optional) -{ - int constructed, indefinite; - uint32_t tag_number; - uint8_t tag_class; - size_t length; - - if (out_len != NULL) - *out_len = 0; - if (out_tag != NULL) - *out_tag = 0; - if (out_class != NULL) - *out_class = 0; - if (out_indefinite != NULL) - *out_indefinite = 0; - if (out_constructed != NULL) - *out_constructed = 0; - - if (!asn1_get_identifier_cbs(cbs, 0, &tag_class, &constructed, - &tag_number)) { - ASN1error(ASN1_R_BAD_OBJECT_HEADER); - return 0; - } - if (expected_tag >= 0) { - if (expected_tag != tag_number || - expected_class != tag_class << 6) { - /* Indicate missing type if this is OPTIONAL. */ - if (optional) - return -1; - - ASN1error(ASN1_R_WRONG_TAG); - return 0; - } - } - if (!asn1_get_length_cbs(cbs, 0, &indefinite, &length)) { - ASN1error(ASN1_R_BAD_OBJECT_HEADER); - return 0; - } - - /* Indefinite length can only be used with constructed encoding. */ - if (indefinite && !constructed) { - ASN1error(ASN1_R_BAD_OBJECT_HEADER); - return 0; - } - - if (!indefinite && CBS_len(cbs) < length) { - ASN1error(ASN1_R_TOO_LONG); - return 0; - } - - if (tag_number > INT_MAX) { - ASN1error(ASN1_R_TOO_LONG); - return 0; - } - - if (indefinite) - length = CBS_len(cbs); - - if (out_len != NULL) - *out_len = length; - if (out_tag != NULL) - *out_tag = tag_number; - if (out_class != NULL) - *out_class = tag_class << 6; - if (out_indefinite != NULL) - *out_indefinite = indefinite; - if (out_constructed != NULL) - *out_constructed = constructed; - - return 1; -} - -/* Collect the contents from a constructed ASN.1 object. */ -static int -asn1_collect(CBB *cbb, CBS *cbs, int indefinite, int expected_tag, - int expected_class, int depth) -{ - int constructed; - size_t length; - CBS content; - int need_eoc; - - if (depth > ASN1_MAX_STRING_NEST) { - ASN1error(ASN1_R_NESTED_ASN1_STRING); - return 0; - } - - need_eoc = indefinite; - - while (CBS_len(cbs) > 0) { - if (asn1_check_eoc(cbs)) { - if (!need_eoc) { - ASN1error(ASN1_R_UNEXPECTED_EOC); - return 0; - } - return 1; - } - if (!asn1_check_tag(cbs, &length, NULL, NULL, &indefinite, - &constructed, expected_tag, expected_class, 0)) { - ASN1error(ERR_R_NESTED_ASN1_ERROR); - return 0; - } - - if (constructed) { - if (!asn1_collect(cbb, cbs, indefinite, expected_tag, - expected_class, depth + 1)) - return 0; - continue; - } - - if (!CBS_get_bytes(cbs, &content, length)) { - ASN1error(ERR_R_NESTED_ASN1_ERROR); - return 0; - } - if (!CBB_add_bytes(cbb, CBS_data(&content), CBS_len(&content))) - return 0; - } - - if (need_eoc) { - ASN1error(ASN1_R_MISSING_EOC); - return 0; - } - - return 1; -} - -/* Find the end of an ASN.1 object. */ -static int -asn1_find_end(CBS *cbs, size_t length, int indefinite) -{ - size_t eoc_count; - - if (!indefinite) { - if (!CBS_skip(cbs, length)) { - ASN1error(ERR_R_NESTED_ASN1_ERROR); - return 0; - } - return 1; - } - - eoc_count = 1; - - while (CBS_len(cbs) > 0) { - if (asn1_check_eoc(cbs)) { - if (--eoc_count == 0) - break; - continue; - } - if (!asn1_check_tag(cbs, &length, NULL, NULL, - &indefinite, NULL, -1, 0, 0)) { - ASN1error(ERR_R_NESTED_ASN1_ERROR); - return 0; - } - if (indefinite) { - eoc_count++; - continue; - } - if (!CBS_skip(cbs, length)) - return 0; - } - - if (eoc_count > 0) { - ASN1error(ASN1_R_MISSING_EOC); - return 0; - } - - return 1; -} - -static int -asn1_c2i_primitive(ASN1_VALUE **pval, CBS *content, int utype, const ASN1_ITEM *it) -{ - ASN1_BOOLEAN *abool; - ASN1_STRING *astr; - uint8_t val; - int ret = 0; - - if (it->funcs != NULL) - goto err; - - if (CBS_len(content) > INT_MAX) - goto err; - - switch (utype) { - case V_ASN1_OBJECT: - if (!c2i_ASN1_OBJECT_cbs((ASN1_OBJECT **)pval, content)) - goto err; - break; - - case V_ASN1_NULL: - if (CBS_len(content) != 0) { - ASN1error(ASN1_R_NULL_IS_WRONG_LENGTH); - goto err; - } - *pval = (ASN1_VALUE *)1; - break; - - case V_ASN1_BOOLEAN: - abool = (ASN1_BOOLEAN *)pval; - if (CBS_len(content) != 1) { - ASN1error(ASN1_R_BOOLEAN_IS_WRONG_LENGTH); - goto err; - } - if (!CBS_get_u8(content, &val)) - goto err; - *abool = val; - break; - - case V_ASN1_BIT_STRING: - if (!c2i_ASN1_BIT_STRING_cbs((ASN1_BIT_STRING **)pval, content)) - goto err; - break; - - case V_ASN1_ENUMERATED: - if (!c2i_ASN1_ENUMERATED_cbs((ASN1_ENUMERATED **)pval, content)) - goto err; - break; - - case V_ASN1_INTEGER: - if (!c2i_ASN1_INTEGER_cbs((ASN1_INTEGER **)pval, content)) - goto err; - break; - - case V_ASN1_OCTET_STRING: - case V_ASN1_NUMERICSTRING: - case V_ASN1_PRINTABLESTRING: - case V_ASN1_T61STRING: - case V_ASN1_VIDEOTEXSTRING: - case V_ASN1_IA5STRING: - case V_ASN1_UTCTIME: - case V_ASN1_GENERALIZEDTIME: - case V_ASN1_GRAPHICSTRING: - case V_ASN1_VISIBLESTRING: - case V_ASN1_GENERALSTRING: - case V_ASN1_UNIVERSALSTRING: - case V_ASN1_BMPSTRING: - case V_ASN1_UTF8STRING: - case V_ASN1_OTHER: - case V_ASN1_SET: - case V_ASN1_SEQUENCE: - default: - if (utype == V_ASN1_BMPSTRING && (CBS_len(content) & 1)) { - ASN1error(ASN1_R_BMPSTRING_IS_WRONG_LENGTH); - goto err; - } - if (utype == V_ASN1_UNIVERSALSTRING && (CBS_len(content) & 3)) { - ASN1error(ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH); - goto err; - } - if (utype == V_ASN1_UTCTIME || utype == V_ASN1_GENERALIZEDTIME) { - if (!asn1_time_parse_cbs(content, - utype == V_ASN1_GENERALIZEDTIME, NULL)) { - ASN1error(ASN1_R_INVALID_TIME_FORMAT); - goto err; - } - } - /* All based on ASN1_STRING and handled the same way. */ - if (*pval != NULL) { - ASN1_STRING_free((ASN1_STRING *)*pval); - *pval = NULL; - } - if ((astr = ASN1_STRING_type_new(utype)) == NULL) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto err; - } - if (!ASN1_STRING_set(astr, CBS_data(content), CBS_len(content))) { - ASN1_STRING_free(astr); - goto err; - } - *pval = (ASN1_VALUE *)astr; - break; - } - - ret = 1; - - err: - return ret; -} - -static int -asn1_c2i_any(ASN1_VALUE **pval, CBS *content, int utype, const ASN1_ITEM *it) -{ - ASN1_TYPE *atype; - - if (it->utype != V_ASN1_ANY || it->funcs != NULL) - return 0; - - if (*pval != NULL) { - ASN1_TYPE_free((ASN1_TYPE *)*pval); - *pval = NULL; - } - - if ((atype = ASN1_TYPE_new()) == NULL) - return 0; - - if (!asn1_c2i_primitive(&atype->value.asn1_value, content, utype, it)) { - ASN1_TYPE_free(atype); - return 0; - } - atype->type = utype; - - /* Fix up value for ASN.1 NULL. */ - if (atype->type == V_ASN1_NULL) - atype->value.ptr = NULL; - - *pval = (ASN1_VALUE *)atype; - - return 1; -} - -static int -asn1_c2i(ASN1_VALUE **pval, CBS *content, int utype, const ASN1_ITEM *it) -{ - if (CBS_len(content) > INT_MAX) - return 0; - - if (it->funcs != NULL) { - const ASN1_PRIMITIVE_FUNCS *pf = it->funcs; - char free_content = 0; - - if (pf->prim_c2i == NULL) - return 0; - - return pf->prim_c2i(pval, CBS_data(content), CBS_len(content), - utype, &free_content, it); - } - - if (it->utype == V_ASN1_ANY) - return asn1_c2i_any(pval, content, utype, it); - - return asn1_c2i_primitive(pval, content, utype, it); -} - -/* - * Decode ASN.1 content into a primitive type. There are three possible forms - - * a SEQUENCE/SET/OTHER that is stored verbatim (including the ASN.1 tag and - * length octets), constructed objects and non-constructed objects. In the - * first two cases indefinite length is permitted, which we may need to handle. - * When this function is called the *cbs should reference the start of the - * ASN.1 object (i.e. the tag/length header), while *cbs_object should - * reference the start of the object contents (i.e. after the tag/length - * header. Additionally, the *cbs_object offset should be relative to the - * ASN.1 object being parsed. On success the *cbs will point at the octet - * after the object. - */ -static int -asn1_d2i_primitive_content(ASN1_VALUE **pval, CBS *cbs, CBS *cbs_object, - int utype, int constructed, int indefinite, size_t length, - const ASN1_ITEM *it) -{ - CBS cbs_content, cbs_initial; - uint8_t *data = NULL; - size_t data_len = 0; - CBB cbb; - int ret = 0; - - memset(&cbb, 0, sizeof(cbb)); - - CBS_dup(cbs, &cbs_initial); - CBS_init(&cbs_content, NULL, 0); - - if (asn1_must_be_constructed(utype) && !constructed) { - ASN1error(ASN1_R_TYPE_NOT_CONSTRUCTED); - goto err; - } - if (asn1_must_be_primitive(utype) && constructed) { - ASN1error(ASN1_R_TYPE_NOT_PRIMITIVE); - goto err; - } - - /* SEQUENCE, SET and "OTHER" are left in encoded form. */ - if (utype == V_ASN1_SEQUENCE || utype == V_ASN1_SET || - utype == V_ASN1_OTHER) { - if (!asn1_find_end(cbs_object, length, indefinite)) - goto err; - if (!CBS_get_bytes(&cbs_initial, &cbs_content, - CBS_offset(cbs_object))) - goto err; - } else if (constructed) { - /* - * Should really check the internal tags are correct but - * some things may get this wrong. The relevant specs - * say that constructed string types should be OCTET STRINGs - * internally irrespective of the type. So instead just check - * for UNIVERSAL class and ignore the tag. - */ - if (!CBB_init(&cbb, 0)) - goto err; - if (!asn1_collect(&cbb, cbs_object, indefinite, -1, - V_ASN1_UNIVERSAL, 0)) - goto err; - if (!CBB_finish(&cbb, &data, &data_len)) - goto err; - - CBS_init(&cbs_content, data, data_len); - } else { - if (!CBS_get_bytes(cbs_object, &cbs_content, length)) - goto err; - } - - if (!asn1_c2i(pval, &cbs_content, utype, it)) - goto err; - - if (!CBS_skip(cbs, CBS_offset(cbs_object))) - goto err; - - ret = 1; - - err: - CBB_cleanup(&cbb); - freezero(data, data_len); - - return ret; -} - -static int -asn1_d2i_any(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it, - int tag_number, int tag_class, int optional) -{ - int constructed, indefinite; - uint8_t object_class; - int object_type; - CBS cbs_object; - size_t length; - - CBS_init(&cbs_object, CBS_data(cbs), CBS_len(cbs)); - - if (it->utype != V_ASN1_ANY) - return 0; - - if (tag_number >= 0) { - ASN1error(ASN1_R_ILLEGAL_TAGGED_ANY); - return 0; - } - if (optional) { - ASN1error(ASN1_R_ILLEGAL_OPTIONAL_ANY); - return 0; - } - - /* Determine type from ASN.1 tag. */ - if (asn1_check_tag(&cbs_object, &length, &object_type, &object_class, - &indefinite, &constructed, -1, 0, 0) != 1) { - ASN1error(ERR_R_NESTED_ASN1_ERROR); - return 0; - } - if (object_class != V_ASN1_UNIVERSAL) - object_type = V_ASN1_OTHER; - - return asn1_d2i_primitive_content(pval, cbs, &cbs_object, object_type, - constructed, indefinite, length, it); -} - -static int -asn1_d2i_mstring(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it, - int tag_number, int tag_class, int optional) -{ - int constructed, indefinite; - uint8_t object_class; - int object_tag; - CBS cbs_object; - size_t length; - - CBS_init(&cbs_object, CBS_data(cbs), CBS_len(cbs)); - - /* - * It never makes sense for multi-strings to have implicit tagging, so - * if tag_number != -1, then this looks like an error in the template. - */ - if (tag_number != -1) { - ASN1error(ASN1_R_BAD_TEMPLATE); - return 0; - } - - if (asn1_check_tag(&cbs_object, &length, &object_tag, &object_class, - &indefinite, &constructed, -1, 0, 1) != 1) { - ASN1error(ERR_R_NESTED_ASN1_ERROR); - return 0; - } - - /* Class must be UNIVERSAL. */ - if (object_class != V_ASN1_UNIVERSAL) { - if (optional) - return -1; - ASN1error(ASN1_R_MSTRING_NOT_UNIVERSAL); - return 0; - } - /* Check tag matches bit map. */ - if ((ASN1_tag2bit(object_tag) & it->utype) == 0) { - if (optional) - return -1; - ASN1error(ASN1_R_MSTRING_WRONG_TAG); - return 0; - } - - return asn1_d2i_primitive_content(pval, cbs, &cbs_object, - object_tag, constructed, indefinite, length, it); -} - -static int -asn1_d2i_primitive(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it, - int tag_number, int tag_class, int optional) -{ - CBS cbs_object; - int constructed, indefinite; - int utype = it->utype; - size_t length; - int ret; - - CBS_init(&cbs_object, CBS_data(cbs), CBS_len(cbs)); - - if (it->itype == ASN1_ITYPE_MSTRING) - return 0; - - if (it->utype == V_ASN1_ANY) - return asn1_d2i_any(pval, cbs, it, tag_number, tag_class, optional); - - if (tag_number == -1) { - tag_number = it->utype; - tag_class = V_ASN1_UNIVERSAL; - } - - ret = asn1_check_tag(&cbs_object, &length, NULL, NULL, &indefinite, - &constructed, tag_number, tag_class, optional); - if (ret == -1) - return -1; - if (ret != 1) { - ASN1error(ERR_R_NESTED_ASN1_ERROR); - return 0; - } - - return asn1_d2i_primitive_content(pval, cbs, &cbs_object, utype, - constructed, indefinite, length, it); -} - -static int -asn1_item_d2i_choice(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it, - int tag_number, int tag_class, int optional, int depth) -{ - const ASN1_TEMPLATE *at, *errat = NULL; - const ASN1_AUX *aux; - ASN1_aux_cb *asn1_cb = NULL; - ASN1_VALUE *achoice = NULL; - ASN1_VALUE **pchptr; - int i, ret; - - if ((aux = it->funcs) != NULL) - asn1_cb = aux->asn1_cb; - - if (it->itype != ASN1_ITYPE_CHOICE) - goto err; - - /* - * It never makes sense for CHOICE types to have implicit tagging, so - * if tag_number != -1, then this looks like an error in the template. - */ - if (tag_number != -1) { - ASN1error(ASN1_R_BAD_TEMPLATE); - goto err; - } - - if (*pval != NULL) { - ASN1_item_ex_free(pval, it); - *pval = NULL; - } - - if (!ASN1_item_ex_new(&achoice, it)) { - ASN1error(ERR_R_NESTED_ASN1_ERROR); - goto err; - } - - if (asn1_cb != NULL && !asn1_cb(ASN1_OP_D2I_PRE, &achoice, it, NULL)) { - ASN1error(ASN1_R_AUX_ERROR); - goto err; - } - - /* Try each possible CHOICE in turn. */ - for (i = 0; i < it->tcount; i++) { - at = &it->templates[i]; - - pchptr = asn1_get_field_ptr(&achoice, at); - - /* Mark field as OPTIONAL so its absence can be identified. */ - ret = asn1_template_d2i(pchptr, cbs, at, 1, depth); - if (ret == -1) - continue; - if (ret != 1) { - ASN1error(ERR_R_NESTED_ASN1_ERROR); - errat = at; - goto err; - } - - /* We've successfully decoded an ASN.1 object. */ - asn1_set_choice_selector(&achoice, i, it); - break; - } - - /* Did we fall off the end without reading anything? */ - if (i == it->tcount) { - if (optional) { - ASN1_item_ex_free(&achoice, it); - return -1; - } - ASN1error(ASN1_R_NO_MATCHING_CHOICE_TYPE); - goto err; - } - - if (asn1_cb != NULL && !asn1_cb(ASN1_OP_D2I_POST, &achoice, it, NULL)) { - ASN1error(ASN1_R_AUX_ERROR); - goto err; - } - - *pval = achoice; - achoice = NULL; - - return 1; - - err: - ASN1_item_ex_free(&achoice, it); - - if (errat != NULL) - ERR_asprintf_error_data("Field=%s, Type=%s", errat->field_name, - it->sname); - else - ERR_asprintf_error_data("Type=%s", it->sname); - - return 0; -} - -static int -asn1_item_d2i_sequence(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it, - int tag_number, int tag_class, int optional, int depth) -{ - CBS cbs_seq, cbs_seq_content, cbs_object; - int constructed, indefinite, optional_field; - const ASN1_TEMPLATE *errat = NULL; - const ASN1_TEMPLATE *seqat, *at; - ASN1_aux_cb *asn1_cb = NULL; - const ASN1_AUX *aux; - ASN1_VALUE *aseq = NULL; - ASN1_VALUE **pseqval; - int eoc_needed, i; - size_t length; - int ret = 0; - - CBS_init(&cbs_seq, CBS_data(cbs), CBS_len(cbs)); - - if ((aux = it->funcs) != NULL) - asn1_cb = aux->asn1_cb; - - if (it->itype != ASN1_ITYPE_NDEF_SEQUENCE && - it->itype != ASN1_ITYPE_SEQUENCE) - goto err; - - if (*pval != NULL) { - ASN1_item_ex_free(pval, it); - *pval = NULL; - } - - /* If no IMPLICIT tagging use UNIVERSAL/SEQUENCE. */ - if (tag_number == -1) { - tag_class = V_ASN1_UNIVERSAL; - tag_number = V_ASN1_SEQUENCE; - } - - /* Read ASN.1 SEQUENCE header. */ - ret = asn1_check_tag(&cbs_seq, &length, NULL, NULL, &indefinite, - &constructed, tag_number, tag_class, optional); - if (ret == -1) - return -1; - if (ret != 1) { - ASN1error(ERR_R_NESTED_ASN1_ERROR); - goto err; - } - - if (!constructed) { - ASN1error(ASN1_R_SEQUENCE_NOT_CONSTRUCTED); - goto err; - } - - if (indefinite) { - eoc_needed = 1; - CBS_init(&cbs_seq_content, CBS_data(&cbs_seq), CBS_len(&cbs_seq)); - } else { - eoc_needed = 0; - if (!CBS_get_bytes(&cbs_seq, &cbs_seq_content, length)) - goto err; - } - - if (!ASN1_item_ex_new(&aseq, it)) { - ASN1error(ERR_R_NESTED_ASN1_ERROR); - goto err; - } - - if (asn1_cb != NULL && !asn1_cb(ASN1_OP_D2I_PRE, &aseq, it, NULL)) { - ASN1error(ASN1_R_AUX_ERROR); - goto err; - } - - for (i = 0; i < it->tcount; i++) { - at = &it->templates[i]; - - if (asn1_check_eoc(&cbs_seq_content)) { - if (!indefinite) { - ASN1error(ASN1_R_UNEXPECTED_EOC); - goto err; - } - eoc_needed = 0; - break; - } - if (CBS_len(&cbs_seq_content) == 0) - break; - - if ((seqat = asn1_do_adb(&aseq, at, 1)) == NULL) - goto err; - - pseqval = asn1_get_field_ptr(&aseq, seqat); - - /* - * This was originally implemented to "increase efficiency", - * however it currently needs to remain since it papers over - * the use of ASN.1 ANY with OPTIONAL in SEQUENCEs (which - * asn1_d2i_primitive() currently rejects). - */ - optional_field = (seqat->flags & ASN1_TFLG_OPTIONAL) != 0; - if (i == it->tcount - 1) - optional_field = 0; - - ret = asn1_template_d2i(pseqval, &cbs_seq_content, - seqat, optional_field, depth); - if (ret == -1) { - /* Absent OPTIONAL component. */ - ASN1_template_free(pseqval, seqat); - continue; - } - if (ret != 1) { - errat = seqat; - goto err; - } - } - - if (eoc_needed && !asn1_check_eoc(&cbs_seq_content)) { - ASN1error(ASN1_R_MISSING_EOC); - goto err; - } - - if (indefinite) { - if (!CBS_skip(&cbs_seq, CBS_offset(&cbs_seq_content))) - goto err; - } else if (CBS_len(&cbs_seq_content) != 0) { - ASN1error(ASN1_R_SEQUENCE_LENGTH_MISMATCH); - goto err; - } - - /* - * There is no more data in the ASN.1 SEQUENCE, however we may not have - * populated all fields - check that any remaining are OPTIONAL. - */ - for (; i < it->tcount; i++) { - at = &it->templates[i]; - - if ((seqat = asn1_do_adb(&aseq, at, 1)) == NULL) - goto err; - - if ((seqat->flags & ASN1_TFLG_OPTIONAL) == 0) { - ASN1error(ASN1_R_FIELD_MISSING); - errat = seqat; - goto err; - } - - /* XXX - this is probably unnecessary with earlier free. */ - pseqval = asn1_get_field_ptr(&aseq, seqat); - ASN1_template_free(pseqval, seqat); - } - - if (!CBS_get_bytes(cbs, &cbs_object, CBS_offset(&cbs_seq))) - goto err; - - if (!asn1_enc_save(&aseq, &cbs_object, it)) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (asn1_cb != NULL && !asn1_cb(ASN1_OP_D2I_POST, &aseq, it, NULL)) { - ASN1error(ASN1_R_AUX_ERROR); - goto err; - } - - *pval = aseq; - aseq = NULL; - - return 1; - - err: - ASN1_item_ex_free(&aseq, it); - - if (errat != NULL) - ERR_asprintf_error_data("Field=%s, Type=%s", errat->field_name, - it->sname); - else - ERR_asprintf_error_data("Type=%s", it->sname); - - return 0; -} - -static int -asn1_item_d2i_extern(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it, - int tag_number, int tag_class, int optional) -{ - const ASN1_EXTERN_FUNCS *ef = it->funcs; - const unsigned char *p = NULL; - ASN1_TLC ctx = { 0 }; - int ret = 0; - - if (CBS_len(cbs) > LONG_MAX) - return 0; - - p = CBS_data(cbs); - - if ((ret = ef->asn1_ex_d2i(pval, &p, (long)CBS_len(cbs), it, - tag_number, tag_class, optional, &ctx)) == 1) { - if (!CBS_skip(cbs, p - CBS_data(cbs))) - goto err; - } - return ret; - - err: - ASN1_item_ex_free(pval, it); - - ERR_asprintf_error_data("Type=%s", it->sname); - - return 0; -} - -static int -asn1_item_d2i(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it, - int tag_number, int tag_class, int optional, int depth) -{ - if (pval == NULL) - return 0; - - if (++depth > ASN1_MAX_CONSTRUCTED_NEST) { - ASN1error(ASN1_R_NESTED_TOO_DEEP); - goto err; - } - - switch (it->itype) { - case ASN1_ITYPE_PRIMITIVE: - if (it->templates != NULL) { - /* - * Tagging or OPTIONAL is currently illegal on an item - * template because the flags can't get passed down. - * In practice this isn't a problem: we include the - * relevant flags from the item template in the - * template itself. - */ - if (tag_number != -1 || optional) { - ASN1error(ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE); - goto err; - } - return asn1_template_d2i(pval, cbs, it->templates, - optional, depth); - } - return asn1_d2i_primitive(pval, cbs, it, tag_number, tag_class, - optional); - - case ASN1_ITYPE_MSTRING: - return asn1_d2i_mstring(pval, cbs, it, tag_number, tag_class, - optional); - - case ASN1_ITYPE_EXTERN: - return asn1_item_d2i_extern(pval, cbs, it, tag_number, - tag_class, optional); - - case ASN1_ITYPE_CHOICE: - return asn1_item_d2i_choice(pval, cbs, it, tag_number, - tag_class, optional, depth); - - case ASN1_ITYPE_NDEF_SEQUENCE: - case ASN1_ITYPE_SEQUENCE: - return asn1_item_d2i_sequence(pval, cbs, it, tag_number, - tag_class, optional, depth); - - default: - return 0; - } - - err: - ASN1_item_ex_free(pval, it); - - ERR_asprintf_error_data("Type=%s", it->sname); - - return 0; -} - -static void -asn1_template_stack_of_free(STACK_OF(ASN1_VALUE) *avals, - const ASN1_TEMPLATE *at) -{ - ASN1_VALUE *aval; - - if (avals == NULL) - return; - - while (sk_ASN1_VALUE_num(avals) > 0) { - aval = sk_ASN1_VALUE_pop(avals); - ASN1_item_ex_free(&aval, at->item); - } - sk_ASN1_VALUE_free(avals); -} - -static int -asn1_template_stack_of_d2i(ASN1_VALUE **pval, CBS *cbs, const ASN1_TEMPLATE *at, - int optional, int depth) -{ - CBS cbs_object, cbs_object_content; - STACK_OF(ASN1_VALUE) *avals = NULL; - ASN1_VALUE *aval = NULL; - int tag_number, tag_class; - int eoc_needed; - int indefinite; - size_t length; - int ret; - - CBS_init(&cbs_object, CBS_data(cbs), CBS_len(cbs)); - - if (pval == NULL) - return 0; - - asn1_template_stack_of_free((STACK_OF(ASN1_VALUE) *)*pval, at); - *pval = NULL; - - tag_number = at->tag; - tag_class = at->flags & ASN1_TFLG_TAG_CLASS; - - /* Determine the inner tag value for SET OF or SEQUENCE OF. */ - if ((at->flags & ASN1_TFLG_IMPTAG) == 0) { - tag_number = V_ASN1_SEQUENCE; - tag_class = V_ASN1_UNIVERSAL; - if ((at->flags & ASN1_TFLG_SET_OF) != 0) - tag_number = V_ASN1_SET; - } - - ret = asn1_check_tag(&cbs_object, &length, NULL, NULL, &indefinite, - NULL, tag_number, tag_class, optional); - if (ret == -1) - return -1; - if (ret != 1) { - ASN1error(ERR_R_NESTED_ASN1_ERROR); - return 0; - } - - if (indefinite) { - eoc_needed = 1; - CBS_init(&cbs_object_content, CBS_data(&cbs_object), - CBS_len(&cbs_object)); - } else { - eoc_needed = 0; - if (!CBS_get_bytes(&cbs_object, &cbs_object_content, - length)) - goto err; - } - - if ((avals = sk_ASN1_VALUE_new_null()) == NULL) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto err; - } - - /* Read as many items as possible. */ - while (CBS_len(&cbs_object_content) > 0) { - if (asn1_check_eoc(&cbs_object_content)) { - if (!eoc_needed) { - ASN1error(ASN1_R_UNEXPECTED_EOC); - goto err; - } - eoc_needed = 0; - break; - } - if (!asn1_item_d2i(&aval, &cbs_object_content, at->item, -1, 0, - 0, depth)) { - ASN1error(ERR_R_NESTED_ASN1_ERROR); - goto err; - } - if (!sk_ASN1_VALUE_push(avals, aval)) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto err; - } - aval = NULL; - } - if (eoc_needed) { - ASN1error(ASN1_R_MISSING_EOC); - goto err; - } - - if (indefinite) { - if (!CBS_skip(&cbs_object, CBS_offset(&cbs_object_content))) - goto err; - } - - if (!CBS_skip(cbs, CBS_offset(&cbs_object))) - goto err; - - *pval = (ASN1_VALUE *)avals; - avals = NULL; - - return 1; - - err: - asn1_template_stack_of_free(avals, at); - ASN1_item_ex_free(&aval, at->item); - - return 0; -} - -static int -asn1_template_noexp_d2i(ASN1_VALUE **pval, CBS *cbs, const ASN1_TEMPLATE *at, - int optional, int depth) -{ - int tag_number, tag_class; - int ret; - - if (pval == NULL) - return 0; - - if ((at->flags & ASN1_TFLG_SK_MASK) != 0) - return asn1_template_stack_of_d2i(pval, cbs, at, optional, depth); - - tag_number = -1; - tag_class = V_ASN1_UNIVERSAL; - - /* See if we need to use IMPLICIT tagging. */ - if ((at->flags & ASN1_TFLG_IMPTAG) != 0) { - tag_number = at->tag; - tag_class = at->flags & ASN1_TFLG_TAG_CLASS; - } - - ret = asn1_item_d2i(pval, cbs, at->item, tag_number, tag_class, - optional, depth); - if (ret == -1) - return -1; - if (ret != 1) { - ASN1error(ERR_R_NESTED_ASN1_ERROR); - goto err; - } - - return 1; - - err: - /* XXX - The called function should have freed already. */ - ASN1_template_free(pval, at); - return 0; -} - -static int -asn1_template_d2i(ASN1_VALUE **pval, CBS *cbs, const ASN1_TEMPLATE *at, - int optional, int depth) -{ - CBS cbs_exp, cbs_exp_content; - int constructed, indefinite; - size_t length; - int ret; - - if (pval == NULL) - return 0; - - /* Check if EXPLICIT tag is expected. */ - if ((at->flags & ASN1_TFLG_EXPTAG) == 0) - return asn1_template_noexp_d2i(pval, cbs, at, optional, depth); - - CBS_init(&cbs_exp, CBS_data(cbs), CBS_len(cbs)); - - /* Read ASN.1 header for EXPLICIT tagged object. */ - ret = asn1_check_tag(&cbs_exp, &length, NULL, NULL, &indefinite, - &constructed, at->tag, at->flags & ASN1_TFLG_TAG_CLASS, optional); - if (ret == -1) - return -1; - if (ret != 1) { - ASN1error(ERR_R_NESTED_ASN1_ERROR); - return 0; - } - - if (!constructed) { - ASN1error(ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED); - return 0; - } - - if (indefinite) { - CBS_init(&cbs_exp_content, CBS_data(&cbs_exp), CBS_len(&cbs_exp)); - } else { - if (!CBS_get_bytes(&cbs_exp, &cbs_exp_content, length)) - goto err; - } - - if ((ret = asn1_template_noexp_d2i(pval, &cbs_exp_content, at, 0, - depth)) != 1) { - ASN1error(ERR_R_NESTED_ASN1_ERROR); - return 0; - } - - if (indefinite) { - if (!asn1_check_eoc(&cbs_exp_content)) { - ASN1error(ASN1_R_MISSING_EOC); - goto err; - } - if (!CBS_skip(&cbs_exp, CBS_offset(&cbs_exp_content))) - goto err; - } else if (CBS_len(&cbs_exp_content) != 0) { - ASN1error(ASN1_R_SEQUENCE_LENGTH_MISMATCH); - goto err; - } - - if (!CBS_skip(cbs, CBS_offset(&cbs_exp))) - goto err; - - return 1; - - err: - ASN1_template_free(pval, at); - return 0; -} - -ASN1_VALUE * -ASN1_item_d2i(ASN1_VALUE **pval, const unsigned char **in, long inlen, - const ASN1_ITEM *it) -{ - ASN1_VALUE *ptmpval = NULL; - - if (pval == NULL) - pval = &ptmpval; - if (ASN1_item_ex_d2i(pval, in, inlen, it, -1, 0, 0, NULL) <= 0) - return NULL; - - return *pval; -} -LCRYPTO_ALIAS(ASN1_item_d2i); - -int -ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long inlen, - const ASN1_ITEM *it, int tag_number, int tag_class, char optional, - ASN1_TLC *ctx) -{ - CBS cbs; - int ret; - - if (inlen < 0) - return 0; - - CBS_init(&cbs, *in, inlen); - if ((ret = asn1_item_d2i(pval, &cbs, it, tag_number, tag_class, - (int)optional, 0)) == 1) - *in = CBS_data(&cbs); - - return ret; -} -LCRYPTO_ALIAS(ASN1_item_ex_d2i); diff --git a/src/lib/libcrypto/asn1/tasn_enc.c b/src/lib/libcrypto/asn1/tasn_enc.c deleted file mode 100644 index b71993a139..0000000000 --- a/src/lib/libcrypto/asn1/tasn_enc.c +++ /dev/null @@ -1,682 +0,0 @@ -/* $OpenBSD: tasn_enc.c,v 1.33 2023/07/28 10:00:10 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include -#include - -#include "asn1_local.h" - -static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, - const ASN1_ITEM *it, int tag, int aclass); -static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, - int skcontlen, const ASN1_ITEM *item, int do_sort, int iclass); -static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out, - const ASN1_TEMPLATE *tt, int tag, int aclass); -static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out, - const ASN1_ITEM *it, int flags); -static int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, - const ASN1_ITEM *it); - -/* Top level i2d equivalents: the 'ndef' variant instructs the encoder - * to use indefinite length constructed encoding, where appropriate - */ - -int -ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it) -{ - return asn1_item_flags_i2d(val, out, it, ASN1_TFLG_NDEF); -} - -int -ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it) -{ - return asn1_item_flags_i2d(val, out, it, 0); -} -LCRYPTO_ALIAS(ASN1_item_i2d); - -/* Encode an ASN1 item, this is use by the - * standard 'i2d' function. 'out' points to - * a buffer to output the data to. - * - * The new i2d has one additional feature. If the output - * buffer is NULL (i.e. *out == NULL) then a buffer is - * allocated and populated with the encoding. - */ - -static int -asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it, - int flags) -{ - unsigned char *p, *buf; - int len; - - if (out == NULL || *out != NULL) - return ASN1_item_ex_i2d(&val, out, it, -1, flags); - - if ((len = ASN1_item_ex_i2d(&val, NULL, it, -1, flags)) <= 0) - return len; - - if ((buf = calloc(1, len)) == NULL) - return -1; - - p = buf; - if (ASN1_item_ex_i2d(&val, &p, it, -1, flags) != len) { - freezero(buf, len); - ASN1error(ASN1_R_LENGTH_ERROR); - return -1; - } - - *out = buf; - - return len; -} - -/* Encode an item, taking care of IMPLICIT tagging (if any). - * This function performs the normal item handling: it can be - * used in external types. - */ - -int -ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, - int tag, int aclass) -{ - const ASN1_TEMPLATE *tt = NULL; - int i, seqcontlen, seqlen, ndef = 1; - const ASN1_EXTERN_FUNCS *ef; - const ASN1_AUX *aux = it->funcs; - ASN1_aux_cb *asn1_cb = NULL; - - if ((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval) - return 0; - - if (aux && aux->asn1_cb) - asn1_cb = aux->asn1_cb; - - switch (it->itype) { - - case ASN1_ITYPE_PRIMITIVE: - if (it->templates) - return asn1_template_ex_i2d(pval, out, it->templates, - tag, aclass); - return asn1_i2d_ex_primitive(pval, out, it, tag, aclass); - break; - - case ASN1_ITYPE_MSTRING: - /* - * It never makes sense for multi-strings to have implicit - * tagging, so if tag != -1, then this looks like an error in - * the template. - */ - if (tag != -1) { - ASN1error(ASN1_R_BAD_TEMPLATE); - return 0; - } - return asn1_i2d_ex_primitive(pval, out, it, -1, aclass); - - case ASN1_ITYPE_CHOICE: - /* - * It never makes sense for CHOICE types to have implicit - * tagging, so if tag != -1, then this looks like an error in - * the template. - */ - if (tag != -1) { - ASN1error(ASN1_R_BAD_TEMPLATE); - return 0; - } - if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL)) - return 0; - i = asn1_get_choice_selector(pval, it); - if ((i >= 0) && (i < it->tcount)) { - ASN1_VALUE **pchval; - const ASN1_TEMPLATE *chtt; - chtt = it->templates + i; - pchval = asn1_get_field_ptr(pval, chtt); - return asn1_template_ex_i2d(pchval, out, chtt, - -1, aclass); - } - /* Fixme: error condition if selector out of range */ - if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL)) - return 0; - break; - - case ASN1_ITYPE_EXTERN: - /* If new style i2d it does all the work */ - ef = it->funcs; - return ef->asn1_ex_i2d(pval, out, it, tag, aclass); - - case ASN1_ITYPE_NDEF_SEQUENCE: - /* Use indefinite length constructed if requested */ - if (aclass & ASN1_TFLG_NDEF) - ndef = 2; - /* fall through */ - - case ASN1_ITYPE_SEQUENCE: - i = asn1_enc_restore(&seqcontlen, out, pval, it); - /* An error occurred */ - if (i < 0) - return 0; - /* We have a valid cached encoding... */ - if (i > 0) - return seqcontlen; - /* Otherwise carry on */ - seqcontlen = 0; - /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */ - if (tag == -1) { - tag = V_ASN1_SEQUENCE; - /* Retain any other flags in aclass */ - aclass = (aclass & ~ASN1_TFLG_TAG_CLASS) | - V_ASN1_UNIVERSAL; - } - if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL)) - return 0; - /* First work out sequence content length */ - for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) { - const ASN1_TEMPLATE *seqtt; - ASN1_VALUE **pseqval; - seqtt = asn1_do_adb(pval, tt, 1); - if (!seqtt) - return 0; - pseqval = asn1_get_field_ptr(pval, seqtt); - /* FIXME: check for errors in enhanced version */ - seqcontlen += asn1_template_ex_i2d(pseqval, NULL, seqtt, - -1, aclass); - } - - seqlen = ASN1_object_size(ndef, seqcontlen, tag); - if (!out) - return seqlen; - /* Output SEQUENCE header */ - ASN1_put_object(out, ndef, seqcontlen, tag, aclass); - for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) { - const ASN1_TEMPLATE *seqtt; - ASN1_VALUE **pseqval; - seqtt = asn1_do_adb(pval, tt, 1); - if (!seqtt) - return 0; - pseqval = asn1_get_field_ptr(pval, seqtt); - /* FIXME: check for errors in enhanced version */ - asn1_template_ex_i2d(pseqval, out, seqtt, -1, aclass); - } - if (ndef == 2) - ASN1_put_eoc(out); - if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL)) - return 0; - return seqlen; - - default: - return 0; - - } - return 0; -} -LCRYPTO_ALIAS(ASN1_item_ex_i2d); - -static int -asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out, - const ASN1_TEMPLATE *tt, int tag, int iclass) -{ - int i, ret, flags, ttag, tclass, ndef; - flags = tt->flags; - /* Work out tag and class to use: tagging may come - * either from the template or the arguments, not both - * because this would create ambiguity. Additionally - * the iclass argument may contain some additional flags - * which should be noted and passed down to other levels. - */ - if (flags & ASN1_TFLG_TAG_MASK) { - /* Error if argument and template tagging */ - if (tag != -1) - /* FIXME: error code here */ - return -1; - /* Get tagging from template */ - ttag = tt->tag; - tclass = flags & ASN1_TFLG_TAG_CLASS; - } else if (tag != -1) { - /* No template tagging, get from arguments */ - ttag = tag; - tclass = iclass & ASN1_TFLG_TAG_CLASS; - } else { - ttag = -1; - tclass = 0; - } - /* - * Remove any class mask from iflag. - */ - iclass &= ~ASN1_TFLG_TAG_CLASS; - - /* At this point 'ttag' contains the outer tag to use, - * 'tclass' is the class and iclass is any flags passed - * to this function. - */ - - /* if template and arguments require ndef, use it */ - if ((flags & ASN1_TFLG_NDEF) && (iclass & ASN1_TFLG_NDEF)) - ndef = 2; - else - ndef = 1; - - if (flags & ASN1_TFLG_SK_MASK) { - /* SET OF, SEQUENCE OF */ - STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval; - int isset, sktag, skaclass; - int skcontlen, sklen; - ASN1_VALUE *skitem; - - if (!*pval) - return 0; - - if (flags & ASN1_TFLG_SET_OF) { - isset = 1; - /* 2 means we reorder */ - if (flags & ASN1_TFLG_SEQUENCE_OF) - isset = 2; - } else - isset = 0; - - /* Work out inner tag value: if EXPLICIT - * or no tagging use underlying type. - */ - if ((ttag != -1) && !(flags & ASN1_TFLG_EXPTAG)) { - sktag = ttag; - skaclass = tclass; - } else { - skaclass = V_ASN1_UNIVERSAL; - if (isset) - sktag = V_ASN1_SET; - else - sktag = V_ASN1_SEQUENCE; - } - - /* Determine total length of items */ - skcontlen = 0; - for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) { - skitem = sk_ASN1_VALUE_value(sk, i); - skcontlen += ASN1_item_ex_i2d(&skitem, NULL, - tt->item, -1, iclass); - } - sklen = ASN1_object_size(ndef, skcontlen, sktag); - /* If EXPLICIT need length of surrounding tag */ - if (flags & ASN1_TFLG_EXPTAG) - ret = ASN1_object_size(ndef, sklen, ttag); - else - ret = sklen; - - if (!out) - return ret; - - /* Now encode this lot... */ - /* EXPLICIT tag */ - if (flags & ASN1_TFLG_EXPTAG) - ASN1_put_object(out, ndef, sklen, ttag, tclass); - /* SET or SEQUENCE and IMPLICIT tag */ - ASN1_put_object(out, ndef, skcontlen, sktag, skaclass); - /* And the stuff itself */ - asn1_set_seq_out(sk, out, skcontlen, tt->item, - isset, iclass); - if (ndef == 2) { - ASN1_put_eoc(out); - if (flags & ASN1_TFLG_EXPTAG) - ASN1_put_eoc(out); - } - - return ret; - } - - if (flags & ASN1_TFLG_EXPTAG) { - /* EXPLICIT tagging */ - /* Find length of tagged item */ - i = ASN1_item_ex_i2d(pval, NULL, tt->item, - -1, iclass); - if (!i) - return 0; - /* Find length of EXPLICIT tag */ - ret = ASN1_object_size(ndef, i, ttag); - if (out) { - /* Output tag and item */ - ASN1_put_object(out, ndef, i, ttag, tclass); - ASN1_item_ex_i2d(pval, out, tt->item, - -1, iclass); - if (ndef == 2) - ASN1_put_eoc(out); - } - return ret; - } - - /* Either normal or IMPLICIT tagging: combine class and flags */ - return ASN1_item_ex_i2d(pval, out, tt->item, - ttag, tclass | iclass); -} - -/* Temporary structure used to hold DER encoding of items for SET OF */ - -typedef struct { - unsigned char *data; - int length; - ASN1_VALUE *field; -} DER_ENC; - -static int -der_cmp(const void *a, const void *b) -{ - const DER_ENC *d1 = a, *d2 = b; - int cmplen, i; - - cmplen = (d1->length < d2->length) ? d1->length : d2->length; - i = memcmp(d1->data, d2->data, cmplen); - if (i) - return i; - return d1->length - d2->length; -} - -/* Output the content octets of SET OF or SEQUENCE OF */ - -static int -asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, int skcontlen, - const ASN1_ITEM *item, int do_sort, int iclass) -{ - int i; - ASN1_VALUE *skitem; - unsigned char *tmpdat = NULL, *p = NULL; - DER_ENC *derlst = NULL, *tder; - - if (do_sort) { - /* Don't need to sort less than 2 items */ - if (sk_ASN1_VALUE_num(sk) < 2) - do_sort = 0; - else { - derlst = reallocarray(NULL, sk_ASN1_VALUE_num(sk), - sizeof(*derlst)); - tmpdat = malloc(skcontlen); - if (!derlst || !tmpdat) { - free(derlst); - free(tmpdat); - return 0; - } - } - } - /* If not sorting just output each item */ - if (!do_sort) { - for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) { - skitem = sk_ASN1_VALUE_value(sk, i); - ASN1_item_ex_i2d(&skitem, out, item, -1, iclass); - } - return 1; - } - p = tmpdat; - - /* Doing sort: build up a list of each member's DER encoding */ - for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) { - skitem = sk_ASN1_VALUE_value(sk, i); - tder->data = p; - tder->length = ASN1_item_ex_i2d(&skitem, &p, item, -1, iclass); - tder->field = skitem; - } - - /* Now sort them */ - qsort(derlst, sk_ASN1_VALUE_num(sk), sizeof(*derlst), der_cmp); - /* Output sorted DER encoding */ - p = *out; - for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) { - memcpy(p, tder->data, tder->length); - p += tder->length; - } - *out = p; - /* If do_sort is 2 then reorder the STACK */ - if (do_sort == 2) { - for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) - (void)sk_ASN1_VALUE_set(sk, i, tder->field); - } - free(derlst); - free(tmpdat); - return 1; -} - -static int -asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, - const ASN1_ITEM *it, int tag, int aclass) -{ - int olen, len; - int utype; - int usetag; - int ndef = 0; - - utype = it->utype; - - /* Get length of content octets and maybe find - * out the underlying type. - */ - - olen = len = asn1_ex_i2c(pval, NULL, &utype, it); - - /* If SEQUENCE, SET or OTHER then header is - * included in pseudo content octets so don't - * include tag+length. We need to check here - * because the call to asn1_ex_i2c() could change - * utype. - */ - if ((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) || - (utype == V_ASN1_OTHER)) - usetag = 0; - else - usetag = 1; - - /* -1 means omit type */ - if (len == -1) - return 0; - - /* -2 return is special meaning use ndef */ - if (len == -2) { - ndef = 2; - len = 0; - } - - /* Treat any other negative value as an error. */ - if (len < 0) - return -1; - - /* If not implicitly tagged get tag from underlying type */ - if (tag == -1) - tag = utype; - - /* Output tag+length followed by content octets */ - if (out) { - if (usetag) - ASN1_put_object(out, ndef, len, tag, aclass); - if (asn1_ex_i2c(pval, *out, &utype, it) != olen) - return -1; - if (ndef) - ASN1_put_eoc(out); - else - *out += len; - } - - if (usetag) - return ASN1_object_size(ndef, len, tag); - return len; -} - -/* Produce content octets from a structure */ - -static int -asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, - const ASN1_ITEM *it) -{ - ASN1_BOOLEAN *tbool = NULL; - ASN1_STRING *strtmp; - ASN1_OBJECT *otmp; - int utype; - const unsigned char *cont; - unsigned char c; - int len; - - if (it->funcs != NULL) { - const ASN1_PRIMITIVE_FUNCS *pf = it->funcs; - - if (pf->prim_i2c == NULL) - return -1; - return pf->prim_i2c(pval, cout, putype, it); - } - - /* Should type be omitted? */ - if ((it->itype != ASN1_ITYPE_PRIMITIVE) || - (it->utype != V_ASN1_BOOLEAN)) { - if (!*pval) - return -1; - } - - if (it->itype == ASN1_ITYPE_MSTRING) { - /* If MSTRING type set the underlying type */ - strtmp = (ASN1_STRING *)*pval; - utype = strtmp->type; - *putype = utype; - } else if (it->utype == V_ASN1_ANY) { - /* If ANY set type and pointer to value */ - ASN1_TYPE *typ; - typ = (ASN1_TYPE *)*pval; - utype = typ->type; - *putype = utype; - pval = &typ->value.asn1_value; - } else - utype = *putype; - - switch (utype) { - case V_ASN1_OBJECT: - otmp = (ASN1_OBJECT *)*pval; - cont = otmp->data; - len = otmp->length; - break; - - case V_ASN1_NULL: - cont = NULL; - len = 0; - break; - - case V_ASN1_BOOLEAN: - tbool = (ASN1_BOOLEAN *)pval; - if (*tbool == -1) - return -1; - if (it->utype != V_ASN1_ANY) { - /* Default handling if value == size field then omit */ - if (*tbool && (it->size > 0)) - return -1; - if (!*tbool && !it->size) - return -1; - } - c = (unsigned char)*tbool; - cont = &c; - len = 1; - break; - - case V_ASN1_BIT_STRING: - return i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval, - cout ? &cout : NULL); - break; - - case V_ASN1_INTEGER: - case V_ASN1_ENUMERATED: - /* These are all have the same content format - * as ASN1_INTEGER - */ - return i2c_ASN1_INTEGER((ASN1_INTEGER *)*pval, - cout ? &cout : NULL); - break; - - case V_ASN1_OCTET_STRING: - case V_ASN1_NUMERICSTRING: - case V_ASN1_PRINTABLESTRING: - case V_ASN1_T61STRING: - case V_ASN1_VIDEOTEXSTRING: - case V_ASN1_IA5STRING: - case V_ASN1_UTCTIME: - case V_ASN1_GENERALIZEDTIME: - case V_ASN1_GRAPHICSTRING: - case V_ASN1_VISIBLESTRING: - case V_ASN1_GENERALSTRING: - case V_ASN1_UNIVERSALSTRING: - case V_ASN1_BMPSTRING: - case V_ASN1_UTF8STRING: - case V_ASN1_SEQUENCE: - case V_ASN1_SET: - default: - /* All based on ASN1_STRING and handled the same */ - strtmp = (ASN1_STRING *)*pval; - /* Special handling for NDEF */ - if ((it->size == ASN1_TFLG_NDEF) && - (strtmp->flags & ASN1_STRING_FLAG_NDEF)) { - if (cout) { - strtmp->data = cout; - strtmp->length = 0; - } - /* Special return code */ - return -2; - } - cont = strtmp->data; - len = strtmp->length; - - break; - - } - if (cout && len) - memcpy(cout, cont, len); - return len; -} diff --git a/src/lib/libcrypto/asn1/tasn_fre.c b/src/lib/libcrypto/asn1/tasn_fre.c deleted file mode 100644 index 0e259a13ab..0000000000 --- a/src/lib/libcrypto/asn1/tasn_fre.c +++ /dev/null @@ -1,242 +0,0 @@ -/* $OpenBSD: tasn_fre.c,v 1.24 2024/12/11 11:22:06 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - - -#include -#include -#include -#include - -#include "asn1_local.h" - -static void asn1_item_free(ASN1_VALUE **pval, const ASN1_ITEM *it); - -/* Free up an ASN1 structure */ - -void -ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it) -{ - asn1_item_free(&val, it); -} -LCRYPTO_ALIAS(ASN1_item_free); - -void -ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - asn1_item_free(pval, it); -} -LCRYPTO_ALIAS(ASN1_item_ex_free); - -static void -asn1_item_free(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - const ASN1_TEMPLATE *tt = NULL, *seqtt; - const ASN1_EXTERN_FUNCS *ef; - const ASN1_AUX *aux = it->funcs; - ASN1_aux_cb *asn1_cb = NULL; - int i; - - if (pval == NULL) - return; - /* For primitive types *pval may be something other than C pointer. */ - if (it->itype != ASN1_ITYPE_PRIMITIVE && *pval == NULL) - return; - - if (aux != NULL && aux->asn1_cb != NULL) - asn1_cb = aux->asn1_cb; - - switch (it->itype) { - case ASN1_ITYPE_PRIMITIVE: - if (it->templates) - ASN1_template_free(pval, it->templates); - else - ASN1_primitive_free(pval, it); - break; - - case ASN1_ITYPE_MSTRING: - ASN1_primitive_free(pval, it); - break; - - case ASN1_ITYPE_CHOICE: - if (asn1_cb) { - i = asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL); - if (i == 2) - return; - } - i = asn1_get_choice_selector(pval, it); - if ((i >= 0) && (i < it->tcount)) { - ASN1_VALUE **pchval; - tt = it->templates + i; - pchval = asn1_get_field_ptr(pval, tt); - ASN1_template_free(pchval, tt); - } - if (asn1_cb) - asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL); - free(*pval); - *pval = NULL; - break; - - case ASN1_ITYPE_EXTERN: - ef = it->funcs; - if (ef && ef->asn1_ex_free) - ef->asn1_ex_free(pval, it); - break; - - case ASN1_ITYPE_NDEF_SEQUENCE: - case ASN1_ITYPE_SEQUENCE: - if (asn1_do_lock(pval, -1, it) > 0) - return; - if (asn1_cb) { - i = asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL); - if (i == 2) - return; - } - asn1_enc_cleanup(pval, it); - /* If we free up as normal we will invalidate any - * ANY DEFINED BY field and we wont be able to - * determine the type of the field it defines. So - * free up in reverse order. - */ - for (i = it->tcount - 1; i >= 0; i--) { - ASN1_VALUE **pseqval; - seqtt = asn1_do_adb(pval, &it->templates[i], 0); - if (!seqtt) - continue; - pseqval = asn1_get_field_ptr(pval, seqtt); - ASN1_template_free(pseqval, seqtt); - } - if (asn1_cb) - asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL); - free(*pval); - *pval = NULL; - break; - } -} - -void -ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) -{ - int i; - if (tt->flags & ASN1_TFLG_SK_MASK) { - STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval; - for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) { - ASN1_VALUE *vtmp; - vtmp = sk_ASN1_VALUE_value(sk, i); - asn1_item_free(&vtmp, tt->item); - } - sk_ASN1_VALUE_free(sk); - *pval = NULL; - } else - asn1_item_free(pval, tt->item); -} - -void -ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - int utype; - - if (it != NULL && it->funcs != NULL) { - const ASN1_PRIMITIVE_FUNCS *pf = it->funcs; - - pf->prim_free(pval, it); - return; - } - - /* Special case: if 'it' is NULL free contents of ASN1_TYPE */ - if (!it) { - ASN1_TYPE *typ = (ASN1_TYPE *)*pval; - utype = typ->type; - pval = &typ->value.asn1_value; - if (!*pval) - return; - } else if (it->itype == ASN1_ITYPE_MSTRING) { - utype = -1; - if (!*pval) - return; - } else { - utype = it->utype; - if ((utype != V_ASN1_BOOLEAN) && !*pval) - return; - } - - switch (utype) { - case V_ASN1_OBJECT: - ASN1_OBJECT_free((ASN1_OBJECT *)*pval); - break; - - case V_ASN1_BOOLEAN: - if (it) - *(ASN1_BOOLEAN *)pval = it->size; - else - *(ASN1_BOOLEAN *)pval = -1; - return; - - case V_ASN1_NULL: - break; - - case V_ASN1_ANY: - ASN1_primitive_free(pval, NULL); - free(*pval); - break; - - default: - ASN1_STRING_free((ASN1_STRING *)*pval); - break; - } - *pval = NULL; -} diff --git a/src/lib/libcrypto/asn1/tasn_new.c b/src/lib/libcrypto/asn1/tasn_new.c deleted file mode 100644 index 10c1137dbf..0000000000 --- a/src/lib/libcrypto/asn1/tasn_new.c +++ /dev/null @@ -1,344 +0,0 @@ -/* $OpenBSD: tasn_new.c,v 1.25 2023/07/28 10:00:10 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - - -#include -#include -#include -#include -#include -#include - -#include "asn1_local.h" - -static int asn1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it); -static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it); -static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); -static void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it); - -ASN1_VALUE * -ASN1_item_new(const ASN1_ITEM *it) -{ - ASN1_VALUE *ret = NULL; - if (ASN1_item_ex_new(&ret, it) > 0) - return ret; - return NULL; -} -LCRYPTO_ALIAS(ASN1_item_new); - -/* Allocate an ASN1 structure */ - -int -ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - return asn1_item_ex_new(pval, it); -} -LCRYPTO_ALIAS(ASN1_item_ex_new); - -static int -asn1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - const ASN1_TEMPLATE *tt = NULL; - const ASN1_EXTERN_FUNCS *ef; - const ASN1_AUX *aux = it->funcs; - ASN1_aux_cb *asn1_cb = NULL; - ASN1_VALUE **pseqval; - int i; - - if (aux != NULL && aux->asn1_cb != NULL) - asn1_cb = aux->asn1_cb; - - *pval = NULL; - - switch (it->itype) { - case ASN1_ITYPE_EXTERN: - ef = it->funcs; - if (ef && ef->asn1_ex_new) { - if (!ef->asn1_ex_new(pval, it)) - goto memerr; - } - break; - - case ASN1_ITYPE_PRIMITIVE: - if (it->templates) { - if (!ASN1_template_new(pval, it->templates)) - goto memerr; - } else if (!ASN1_primitive_new(pval, it)) - goto memerr; - break; - - case ASN1_ITYPE_MSTRING: - if (!ASN1_primitive_new(pval, it)) - goto memerr; - break; - - case ASN1_ITYPE_CHOICE: - if (asn1_cb) { - i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL); - if (!i) - goto auxerr; - if (i == 2) { - return 1; - } - } - *pval = calloc(1, it->size); - if (!*pval) - goto memerr; - asn1_set_choice_selector(pval, -1, it); - if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL)) - goto auxerr; - break; - - case ASN1_ITYPE_NDEF_SEQUENCE: - case ASN1_ITYPE_SEQUENCE: - if (asn1_cb) { - i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL); - if (!i) - goto auxerr; - if (i == 2) { - return 1; - } - } - *pval = calloc(1, it->size); - if (!*pval) - goto memerr; - asn1_do_lock(pval, 0, it); - asn1_enc_init(pval, it); - for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) { - pseqval = asn1_get_field_ptr(pval, tt); - if (!ASN1_template_new(pseqval, tt)) - goto memerr; - } - if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL)) - goto auxerr; - break; - } - return 1; - - memerr: - ASN1error(ERR_R_MALLOC_FAILURE); - return 0; - - auxerr: - ASN1error(ASN1_R_AUX_ERROR); - ASN1_item_ex_free(pval, it); - return 0; - -} - -static void -asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - const ASN1_EXTERN_FUNCS *ef; - - switch (it->itype) { - case ASN1_ITYPE_EXTERN: - ef = it->funcs; - if (ef && ef->asn1_ex_clear) - ef->asn1_ex_clear(pval, it); - else - *pval = NULL; - break; - - case ASN1_ITYPE_PRIMITIVE: - if (it->templates) - asn1_template_clear(pval, it->templates); - else - asn1_primitive_clear(pval, it); - break; - - case ASN1_ITYPE_MSTRING: - asn1_primitive_clear(pval, it); - break; - - case ASN1_ITYPE_CHOICE: - case ASN1_ITYPE_SEQUENCE: - case ASN1_ITYPE_NDEF_SEQUENCE: - *pval = NULL; - break; - } -} - -int -ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) -{ - const ASN1_ITEM *it = tt->item; - int ret; - - if (tt->flags & ASN1_TFLG_OPTIONAL) { - asn1_template_clear(pval, tt); - return 1; - } - /* If ANY DEFINED BY nothing to do */ - - if (tt->flags & ASN1_TFLG_ADB_MASK) { - *pval = NULL; - return 1; - } - /* If SET OF or SEQUENCE OF, its a STACK */ - if (tt->flags & ASN1_TFLG_SK_MASK) { - STACK_OF(ASN1_VALUE) *skval; - skval = sk_ASN1_VALUE_new_null(); - if (!skval) { - ASN1error(ERR_R_MALLOC_FAILURE); - ret = 0; - goto done; - } - *pval = (ASN1_VALUE *)skval; - ret = 1; - goto done; - } - /* Otherwise pass it back to the item routine */ - ret = asn1_item_ex_new(pval, it); - done: - return ret; -} - -static void -asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) -{ - /* If ADB or STACK just NULL the field */ - if (tt->flags & (ASN1_TFLG_ADB_MASK|ASN1_TFLG_SK_MASK)) - *pval = NULL; - else - asn1_item_clear(pval, tt->item); -} - - -/* NB: could probably combine most of the real XXX_new() behaviour and junk - * all the old functions. - */ - -int -ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - ASN1_TYPE *typ; - ASN1_STRING *str; - int utype; - - if (it != NULL && it->funcs != NULL) { - const ASN1_PRIMITIVE_FUNCS *pf = it->funcs; - - if (pf->prim_new == NULL) - return 0; - return pf->prim_new(pval, it); - } - - if (!it || (it->itype == ASN1_ITYPE_MSTRING)) - utype = V_ASN1_UNDEF; - else - utype = it->utype; - switch (utype) { - case V_ASN1_OBJECT: - *pval = (ASN1_VALUE *)OBJ_nid2obj(NID_undef); - return 1; - - case V_ASN1_BOOLEAN: - *(ASN1_BOOLEAN *)pval = it->size; - return 1; - - case V_ASN1_NULL: - *pval = (ASN1_VALUE *)1; - return 1; - - case V_ASN1_ANY: - typ = malloc(sizeof(ASN1_TYPE)); - if (typ != NULL) { - typ->value.ptr = NULL; - typ->type = V_ASN1_UNDEF; - } - *pval = (ASN1_VALUE *)typ; - break; - - default: - str = ASN1_STRING_type_new(utype); - if (it != NULL && it->itype == ASN1_ITYPE_MSTRING && - str != NULL) - str->flags |= ASN1_STRING_FLAG_MSTRING; - *pval = (ASN1_VALUE *)str; - break; - } - if (*pval) - return 1; - return 0; -} - -static void -asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - int utype; - - if (it != NULL && it->funcs != NULL) { - const ASN1_PRIMITIVE_FUNCS *pf = it->funcs; - - if (pf->prim_clear) - pf->prim_clear(pval, it); - else - *pval = NULL; - return; - } - - if (!it || (it->itype == ASN1_ITYPE_MSTRING)) - utype = V_ASN1_UNDEF; - else - utype = it->utype; - if (utype == V_ASN1_BOOLEAN) - *(ASN1_BOOLEAN *)pval = it->size; - else - *pval = NULL; -} diff --git a/src/lib/libcrypto/asn1/tasn_prn.c b/src/lib/libcrypto/asn1/tasn_prn.c deleted file mode 100644 index 07764fc091..0000000000 --- a/src/lib/libcrypto/asn1/tasn_prn.c +++ /dev/null @@ -1,513 +0,0 @@ -/* $OpenBSD: tasn_prn.c,v 1.27 2024/03/02 09:04:07 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000,2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include -#include -#include -#include - -#include "asn1_local.h" - -/* Print routines. - */ - -/* ASN1_PCTX routines */ - -static const ASN1_PCTX default_pctx = { - .flags = ASN1_PCTX_FLAGS_SHOW_ABSENT, -}; - -static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent, - const ASN1_ITEM *it, const char *fname, const char *sname, int nohdr, - const ASN1_PCTX *pctx); - -int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent, - const ASN1_TEMPLATE *tt, const ASN1_PCTX *pctx); - -static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld, - const ASN1_ITEM *it, int indent, const char *fname, const char *sname, - const ASN1_PCTX *pctx); - -static int asn1_print_fsname(BIO *out, int indent, const char *fname, - const char *sname, const ASN1_PCTX *pctx); - -int -ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent, const ASN1_ITEM *it, - const ASN1_PCTX *pctx) -{ - const char *sname; - - if (pctx == NULL) - pctx = &default_pctx; - if (pctx->flags & ASN1_PCTX_FLAGS_NO_STRUCT_NAME) - sname = NULL; - else - sname = it->sname; - return asn1_item_print_ctx(out, &ifld, indent, it, NULL, sname, - 0, pctx); -} -LCRYPTO_ALIAS(ASN1_item_print); - -static int -asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent, const ASN1_ITEM *it, - const char *fname, const char *sname, int nohdr, const ASN1_PCTX *pctx) -{ - const ASN1_TEMPLATE *tt; - const ASN1_EXTERN_FUNCS *ef; - ASN1_VALUE **tmpfld; - const ASN1_AUX *aux = it->funcs; - ASN1_aux_cb *asn1_cb; - ASN1_PRINT_ARG parg; - int i; - - if (aux && aux->asn1_cb) { - parg.out = out; - parg.indent = indent; - parg.pctx = pctx; - asn1_cb = aux->asn1_cb; - } else - asn1_cb = NULL; - - if ((it->itype != ASN1_ITYPE_PRIMITIVE || - it->utype != V_ASN1_BOOLEAN) && *fld == NULL) { - if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_ABSENT) { - if (!nohdr && - !asn1_print_fsname(out, indent, fname, sname, pctx)) - return 0; - if (BIO_puts(out, "\n") <= 0) - return 0; - } - return 1; - } - - switch (it->itype) { - case ASN1_ITYPE_PRIMITIVE: - if (it->templates) { - if (!asn1_template_print_ctx(out, fld, indent, - it->templates, pctx)) - return 0; - } - /* fall thru */ - case ASN1_ITYPE_MSTRING: - if (!asn1_primitive_print(out, fld, it, - indent, fname, sname, pctx)) - return 0; - break; - - case ASN1_ITYPE_EXTERN: - if (!nohdr && - !asn1_print_fsname(out, indent, fname, sname, pctx)) - return 0; - /* Use new style print routine if possible */ - ef = it->funcs; - if (ef && ef->asn1_ex_print) { - i = ef->asn1_ex_print(out, fld, indent, "", pctx); - if (!i) - return 0; - if ((i == 2) && (BIO_puts(out, "\n") <= 0)) - return 0; - return 1; - } else if (sname && - BIO_printf(out, ":EXTERNAL TYPE %s\n", sname) <= 0) - return 0; - break; - - case ASN1_ITYPE_CHOICE: - /* CHOICE type, get selector */ - i = asn1_get_choice_selector(fld, it); - /* This should never happen... */ - if ((i < 0) || (i >= it->tcount)) { - if (BIO_printf(out, - "ERROR: selector [%d] invalid\n", i) <= 0) - return 0; - return 1; - } - tt = it->templates + i; - tmpfld = asn1_get_field_ptr(fld, tt); - if (!asn1_template_print_ctx(out, tmpfld, indent, tt, pctx)) - return 0; - break; - - case ASN1_ITYPE_SEQUENCE: - case ASN1_ITYPE_NDEF_SEQUENCE: - if (!nohdr && - !asn1_print_fsname(out, indent, fname, sname, pctx)) - return 0; - if (fname || sname) { - if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) { - if (BIO_puts(out, " {\n") <= 0) - return 0; - } else { - if (BIO_puts(out, "\n") <= 0) - return 0; - } - } - - if (asn1_cb) { - i = asn1_cb(ASN1_OP_PRINT_PRE, fld, it, &parg); - if (i == 0) - return 0; - if (i == 2) - return 1; - } - - /* Print each field entry */ - for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) { - const ASN1_TEMPLATE *seqtt; - - seqtt = asn1_do_adb(fld, tt, 1); - if (seqtt == NULL) - return 0; - tmpfld = asn1_get_field_ptr(fld, seqtt); - if (!asn1_template_print_ctx(out, tmpfld, indent + 2, - seqtt, pctx)) - return 0; - } - if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) { - if (BIO_printf(out, "%*s}\n", indent, "") < 0) - return 0; - } - - if (asn1_cb) { - i = asn1_cb(ASN1_OP_PRINT_POST, fld, it, &parg); - if (i == 0) - return 0; - } - break; - - default: - BIO_printf(out, "Unprocessed type %d\n", it->itype); - return 0; - } - - return 1; -} - -int -asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent, - const ASN1_TEMPLATE *tt, const ASN1_PCTX *pctx) -{ - int i, flags; - const char *sname, *fname; - - flags = tt->flags; - if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME) - sname = tt->item->sname; - else - sname = NULL; - if (pctx->flags & ASN1_PCTX_FLAGS_NO_FIELD_NAME) - fname = NULL; - else - fname = tt->field_name; - if (flags & ASN1_TFLG_SK_MASK) { - char *tname; - ASN1_VALUE *skitem; - STACK_OF(ASN1_VALUE) *stack; - - /* SET OF, SEQUENCE OF */ - if (fname) { - if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SSOF) { - if (flags & ASN1_TFLG_SET_OF) - tname = "SET"; - else - tname = "SEQUENCE"; - if (BIO_printf(out, "%*s%s OF %s {\n", - indent, "", tname, tt->field_name) <= 0) - return 0; - } else if (BIO_printf(out, "%*s%s:\n", indent, "", - fname) <= 0) - return 0; - } - stack = (STACK_OF(ASN1_VALUE) *)*fld; - for (i = 0; i < sk_ASN1_VALUE_num(stack); i++) { - if ((i > 0) && (BIO_puts(out, "\n") <= 0)) - return 0; - skitem = sk_ASN1_VALUE_value(stack, i); - if (!asn1_item_print_ctx(out, &skitem, indent + 2, - tt->item, NULL, NULL, 1, pctx)) - return 0; - } - if (!i && BIO_printf(out, "%*s\n", indent + 2, "") <= 0) - return 0; - if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) { - if (BIO_printf(out, "%*s}\n", indent, "") <= 0) - return 0; - } - return 1; - } - return asn1_item_print_ctx(out, fld, indent, tt->item, - fname, sname, 0, pctx); -} - -static int -asn1_print_fsname(BIO *out, int indent, const char *fname, const char *sname, - const ASN1_PCTX *pctx) -{ - if (indent < 0) - return 0; - if (!BIO_indent(out, indent, indent)) - return 0; - if (pctx->flags & ASN1_PCTX_FLAGS_NO_STRUCT_NAME) - sname = NULL; - if (pctx->flags & ASN1_PCTX_FLAGS_NO_FIELD_NAME) - fname = NULL; - if (!sname && !fname) - return 1; - if (fname) { - if (BIO_puts(out, fname) <= 0) - return 0; - } - if (sname) { - if (fname) { - if (BIO_printf(out, " (%s)", sname) <= 0) - return 0; - } else { - if (BIO_puts(out, sname) <= 0) - return 0; - } - } - if (BIO_write(out, ": ", 2) != 2) - return 0; - return 1; -} - -static int -asn1_print_boolean_ctx(BIO *out, int boolval, const ASN1_PCTX *pctx) -{ - const char *str; - switch (boolval) { - case -1: - str = "BOOL ABSENT"; - break; - - case 0: - str = "FALSE"; - break; - - default: - str = "TRUE"; - break; - - } - - if (BIO_puts(out, str) <= 0) - return 0; - return 1; - -} - -static int -asn1_print_integer_ctx(BIO *out, ASN1_INTEGER *str, const ASN1_PCTX *pctx) -{ - char *s; - int ret = 1; - if ((s = i2s_ASN1_INTEGER(NULL, str)) == NULL) - return 0; - if (BIO_puts(out, s) <= 0) - ret = 0; - free(s); - return ret; -} - -static int -asn1_print_oid_ctx(BIO *out, const ASN1_OBJECT *oid, const ASN1_PCTX *pctx) -{ - char objbuf[80]; - const char *ln; - ln = OBJ_nid2ln(OBJ_obj2nid(oid)); - if (!ln) - ln = ""; - OBJ_obj2txt(objbuf, sizeof objbuf, oid, 1); - if (BIO_printf(out, "%s (%s)", ln, objbuf) <= 0) - return 0; - return 1; -} - -static int -asn1_print_obstring_ctx(BIO *out, ASN1_STRING *str, int indent, - const ASN1_PCTX *pctx) -{ - if (str->type == V_ASN1_BIT_STRING) { - if (BIO_printf(out, " (%ld unused bits)\n", - str->flags & 0x7) <= 0) - return 0; - } else if (BIO_puts(out, "\n") <= 0) - return 0; - if ((str->length > 0) && - BIO_dump_indent(out, (char *)str->data, str->length, - indent + 2) <= 0) - return 0; - return 1; -} - -static int -asn1_primitive_print(BIO *out, ASN1_VALUE **fld, const ASN1_ITEM *it, - int indent, const char *fname, const char *sname, const ASN1_PCTX *pctx) -{ - long utype; - ASN1_STRING *str; - int ret = 1, needlf = 1; - const char *pname; - - if (!asn1_print_fsname(out, indent, fname, sname, pctx)) - return 0; - - if (it != NULL && it->funcs != NULL) { - const ASN1_PRIMITIVE_FUNCS *pf = it->funcs; - - if (pf->prim_print == NULL) - return 0; - - return pf->prim_print(out, fld, it, indent, pctx); - } - if (it->itype == ASN1_ITYPE_MSTRING) { - str = (ASN1_STRING *)*fld; - utype = str->type & ~V_ASN1_NEG; - } else { - utype = it->utype; - if (utype == V_ASN1_BOOLEAN) - str = NULL; - else - str = (ASN1_STRING *)*fld; - } - if (utype == V_ASN1_ANY) { - ASN1_TYPE *atype = (ASN1_TYPE *)*fld; - utype = atype->type; - fld = &atype->value.asn1_value; - str = (ASN1_STRING *)*fld; - if (pctx->flags & ASN1_PCTX_FLAGS_NO_ANY_TYPE) - pname = NULL; - else - pname = ASN1_tag2str(utype); - } else { - if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_TYPE) - pname = ASN1_tag2str(utype); - else - pname = NULL; - } - - if (utype == V_ASN1_NULL) { - if (BIO_puts(out, "NULL\n") <= 0) - return 0; - return 1; - } - - if (pname) { - if (BIO_puts(out, pname) <= 0) - return 0; - if (BIO_puts(out, ":") <= 0) - return 0; - } - - switch (utype) { - case V_ASN1_BOOLEAN: - { - int boolval = *(int *)fld; - if (boolval == -1) - boolval = it->size; - ret = asn1_print_boolean_ctx(out, boolval, pctx); - } - break; - - case V_ASN1_INTEGER: - case V_ASN1_ENUMERATED: - ret = asn1_print_integer_ctx(out, str, pctx); - break; - - case V_ASN1_UTCTIME: - ret = ASN1_UTCTIME_print(out, str); - break; - - case V_ASN1_GENERALIZEDTIME: - ret = ASN1_GENERALIZEDTIME_print(out, str); - break; - - case V_ASN1_OBJECT: - ret = asn1_print_oid_ctx(out, (const ASN1_OBJECT *)*fld, pctx); - break; - - case V_ASN1_OCTET_STRING: - case V_ASN1_BIT_STRING: - ret = asn1_print_obstring_ctx(out, str, indent, pctx); - needlf = 0; - break; - - case V_ASN1_SEQUENCE: - case V_ASN1_SET: - case V_ASN1_OTHER: - if (BIO_puts(out, "\n") <= 0) - return 0; - if (ASN1_parse_dump(out, str->data, str->length, - indent, 0) <= 0) - ret = 0; - needlf = 0; - break; - - default: - ret = ASN1_STRING_print_ex(out, str, pctx->str_flags); - } - if (!ret) - return 0; - if (needlf && BIO_puts(out, "\n") <= 0) - return 0; - return 1; -} diff --git a/src/lib/libcrypto/asn1/tasn_typ.c b/src/lib/libcrypto/asn1/tasn_typ.c deleted file mode 100644 index 0f7fcb0e03..0000000000 --- a/src/lib/libcrypto/asn1/tasn_typ.c +++ /dev/null @@ -1,739 +0,0 @@ -/* $OpenBSD: tasn_typ.c,v 1.20 2024/07/08 16:24:22 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -#include -#include -#include - -/* Declarations for string types */ - -const ASN1_ITEM ASN1_NULL_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_NULL, - .sname = "ASN1_NULL", -}; -LCRYPTO_ALIAS(ASN1_NULL_it); - -ASN1_NULL * -d2i_ASN1_NULL(ASN1_NULL **a, const unsigned char **in, long len) -{ - return (ASN1_NULL *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ASN1_NULL_it); -} -LCRYPTO_ALIAS(d2i_ASN1_NULL); - -int -i2d_ASN1_NULL(ASN1_NULL *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_NULL_it); -} -LCRYPTO_ALIAS(i2d_ASN1_NULL); - -ASN1_NULL * -ASN1_NULL_new(void) -{ - return (ASN1_NULL *)ASN1_item_new(&ASN1_NULL_it); -} -LCRYPTO_ALIAS(ASN1_NULL_new); - -void -ASN1_NULL_free(ASN1_NULL *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ASN1_NULL_it); -} -LCRYPTO_ALIAS(ASN1_NULL_free); - - -const ASN1_ITEM ASN1_UTF8STRING_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_UTF8STRING, - .sname = "ASN1_UTF8STRING", -}; -LCRYPTO_ALIAS(ASN1_UTF8STRING_it); - -ASN1_UTF8STRING * -d2i_ASN1_UTF8STRING(ASN1_UTF8STRING **a, const unsigned char **in, long len) -{ - return (ASN1_UTF8STRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ASN1_UTF8STRING_it); -} -LCRYPTO_ALIAS(d2i_ASN1_UTF8STRING); - -int -i2d_ASN1_UTF8STRING(ASN1_UTF8STRING *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_UTF8STRING_it); -} -LCRYPTO_ALIAS(i2d_ASN1_UTF8STRING); - -ASN1_UTF8STRING * -ASN1_UTF8STRING_new(void) -{ - return (ASN1_UTF8STRING *)ASN1_item_new(&ASN1_UTF8STRING_it); -} -LCRYPTO_ALIAS(ASN1_UTF8STRING_new); - -void -ASN1_UTF8STRING_free(ASN1_UTF8STRING *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ASN1_UTF8STRING_it); -} -LCRYPTO_ALIAS(ASN1_UTF8STRING_free); - - -const ASN1_ITEM ASN1_PRINTABLESTRING_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_PRINTABLESTRING, - .sname = "ASN1_PRINTABLESTRING", -}; -LCRYPTO_ALIAS(ASN1_PRINTABLESTRING_it); - -ASN1_PRINTABLESTRING * -d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a, const unsigned char **in, - long len) -{ - return (ASN1_PRINTABLESTRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ASN1_PRINTABLESTRING_it); -} -LCRYPTO_ALIAS(d2i_ASN1_PRINTABLESTRING); - -int -i2d_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_PRINTABLESTRING_it); -} -LCRYPTO_ALIAS(i2d_ASN1_PRINTABLESTRING); - -ASN1_PRINTABLESTRING * -ASN1_PRINTABLESTRING_new(void) -{ - return (ASN1_PRINTABLESTRING *)ASN1_item_new(&ASN1_PRINTABLESTRING_it); -} -LCRYPTO_ALIAS(ASN1_PRINTABLESTRING_new); - -void -ASN1_PRINTABLESTRING_free(ASN1_PRINTABLESTRING *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ASN1_PRINTABLESTRING_it); -} -LCRYPTO_ALIAS(ASN1_PRINTABLESTRING_free); - - -const ASN1_ITEM ASN1_T61STRING_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_T61STRING, - .sname = "ASN1_T61STRING", -}; -LCRYPTO_ALIAS(ASN1_T61STRING_it); - -ASN1_T61STRING * -d2i_ASN1_T61STRING(ASN1_T61STRING **a, const unsigned char **in, long len) -{ - return (ASN1_T61STRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ASN1_T61STRING_it); -} -LCRYPTO_ALIAS(d2i_ASN1_T61STRING); - -int -i2d_ASN1_T61STRING(ASN1_T61STRING *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_T61STRING_it); -} -LCRYPTO_ALIAS(i2d_ASN1_T61STRING); - -ASN1_T61STRING * -ASN1_T61STRING_new(void) -{ - return (ASN1_T61STRING *)ASN1_item_new(&ASN1_T61STRING_it); -} -LCRYPTO_ALIAS(ASN1_T61STRING_new); - -void -ASN1_T61STRING_free(ASN1_T61STRING *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ASN1_T61STRING_it); -} -LCRYPTO_ALIAS(ASN1_T61STRING_free); - - -const ASN1_ITEM ASN1_IA5STRING_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_IA5STRING, - .sname = "ASN1_IA5STRING", -}; -LCRYPTO_ALIAS(ASN1_IA5STRING_it); - -ASN1_IA5STRING * -d2i_ASN1_IA5STRING(ASN1_IA5STRING **a, const unsigned char **in, long len) -{ - return (ASN1_IA5STRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ASN1_IA5STRING_it); -} -LCRYPTO_ALIAS(d2i_ASN1_IA5STRING); - -int -i2d_ASN1_IA5STRING(ASN1_IA5STRING *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_IA5STRING_it); -} -LCRYPTO_ALIAS(i2d_ASN1_IA5STRING); - -ASN1_IA5STRING * -ASN1_IA5STRING_new(void) -{ - return (ASN1_IA5STRING *)ASN1_item_new(&ASN1_IA5STRING_it); -} -LCRYPTO_ALIAS(ASN1_IA5STRING_new); - -void -ASN1_IA5STRING_free(ASN1_IA5STRING *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ASN1_IA5STRING_it); -} -LCRYPTO_ALIAS(ASN1_IA5STRING_free); - - -const ASN1_ITEM ASN1_GENERALSTRING_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_GENERALSTRING, - .sname = "ASN1_GENERALSTRING", -}; -LCRYPTO_ALIAS(ASN1_GENERALSTRING_it); - -ASN1_GENERALSTRING * -d2i_ASN1_GENERALSTRING(ASN1_GENERALSTRING **a, const unsigned char **in, - long len) -{ - return (ASN1_GENERALSTRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ASN1_GENERALSTRING_it); -} -LCRYPTO_ALIAS(d2i_ASN1_GENERALSTRING); - -int -i2d_ASN1_GENERALSTRING(ASN1_GENERALSTRING *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_GENERALSTRING_it); -} -LCRYPTO_ALIAS(i2d_ASN1_GENERALSTRING); - -ASN1_GENERALSTRING * -ASN1_GENERALSTRING_new(void) -{ - return (ASN1_GENERALSTRING *)ASN1_item_new(&ASN1_GENERALSTRING_it); -} -LCRYPTO_ALIAS(ASN1_GENERALSTRING_new); - -void -ASN1_GENERALSTRING_free(ASN1_GENERALSTRING *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ASN1_GENERALSTRING_it); -} -LCRYPTO_ALIAS(ASN1_GENERALSTRING_free); - - -const ASN1_ITEM ASN1_UTCTIME_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_UTCTIME, - .sname = "ASN1_UTCTIME", -}; -LCRYPTO_ALIAS(ASN1_UTCTIME_it); - -ASN1_UTCTIME * -d2i_ASN1_UTCTIME(ASN1_UTCTIME **a, const unsigned char **in, long len) -{ - return (ASN1_UTCTIME *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ASN1_UTCTIME_it); -} -LCRYPTO_ALIAS(d2i_ASN1_UTCTIME); - -int -i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_UTCTIME_it); -} -LCRYPTO_ALIAS(i2d_ASN1_UTCTIME); - -ASN1_UTCTIME * -ASN1_UTCTIME_new(void) -{ - return (ASN1_UTCTIME *)ASN1_item_new(&ASN1_UTCTIME_it); -} -LCRYPTO_ALIAS(ASN1_UTCTIME_new); - -void -ASN1_UTCTIME_free(ASN1_UTCTIME *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ASN1_UTCTIME_it); -} -LCRYPTO_ALIAS(ASN1_UTCTIME_free); - - -const ASN1_ITEM ASN1_GENERALIZEDTIME_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_GENERALIZEDTIME, - .sname = "ASN1_GENERALIZEDTIME", -}; -LCRYPTO_ALIAS(ASN1_GENERALIZEDTIME_it); - -ASN1_GENERALIZEDTIME * -d2i_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME **a, const unsigned char **in, - long len) -{ - return (ASN1_GENERALIZEDTIME *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ASN1_GENERALIZEDTIME_it); -} -LCRYPTO_ALIAS(d2i_ASN1_GENERALIZEDTIME); - -int -i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_GENERALIZEDTIME_it); -} -LCRYPTO_ALIAS(i2d_ASN1_GENERALIZEDTIME); - -ASN1_GENERALIZEDTIME * -ASN1_GENERALIZEDTIME_new(void) -{ - return (ASN1_GENERALIZEDTIME *)ASN1_item_new(&ASN1_GENERALIZEDTIME_it); -} -LCRYPTO_ALIAS(ASN1_GENERALIZEDTIME_new); - -void -ASN1_GENERALIZEDTIME_free(ASN1_GENERALIZEDTIME *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ASN1_GENERALIZEDTIME_it); -} -LCRYPTO_ALIAS(ASN1_GENERALIZEDTIME_free); - - -const ASN1_ITEM ASN1_VISIBLESTRING_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_VISIBLESTRING, - .sname = "ASN1_VISIBLESTRING", -}; -LCRYPTO_ALIAS(ASN1_VISIBLESTRING_it); - -ASN1_VISIBLESTRING * -d2i_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING **a, const unsigned char **in, - long len) -{ - return (ASN1_VISIBLESTRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ASN1_VISIBLESTRING_it); -} -LCRYPTO_ALIAS(d2i_ASN1_VISIBLESTRING); - -int -i2d_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_VISIBLESTRING_it); -} -LCRYPTO_ALIAS(i2d_ASN1_VISIBLESTRING); - -ASN1_VISIBLESTRING * -ASN1_VISIBLESTRING_new(void) -{ - return (ASN1_VISIBLESTRING *)ASN1_item_new(&ASN1_VISIBLESTRING_it); -} -LCRYPTO_ALIAS(ASN1_VISIBLESTRING_new); - -void -ASN1_VISIBLESTRING_free(ASN1_VISIBLESTRING *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ASN1_VISIBLESTRING_it); -} -LCRYPTO_ALIAS(ASN1_VISIBLESTRING_free); - - -const ASN1_ITEM ASN1_UNIVERSALSTRING_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_UNIVERSALSTRING, - .sname = "ASN1_UNIVERSALSTRING", -}; -LCRYPTO_ALIAS(ASN1_UNIVERSALSTRING_it); - -ASN1_UNIVERSALSTRING * -d2i_ASN1_UNIVERSALSTRING(ASN1_UNIVERSALSTRING **a, const unsigned char **in, - long len) -{ - return (ASN1_UNIVERSALSTRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ASN1_UNIVERSALSTRING_it); -} -LCRYPTO_ALIAS(d2i_ASN1_UNIVERSALSTRING); - -int -i2d_ASN1_UNIVERSALSTRING(ASN1_UNIVERSALSTRING *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_UNIVERSALSTRING_it); -} -LCRYPTO_ALIAS(i2d_ASN1_UNIVERSALSTRING); - -ASN1_UNIVERSALSTRING * -ASN1_UNIVERSALSTRING_new(void) -{ - return (ASN1_UNIVERSALSTRING *)ASN1_item_new(&ASN1_UNIVERSALSTRING_it); -} -LCRYPTO_ALIAS(ASN1_UNIVERSALSTRING_new); - -void -ASN1_UNIVERSALSTRING_free(ASN1_UNIVERSALSTRING *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ASN1_UNIVERSALSTRING_it); -} -LCRYPTO_ALIAS(ASN1_UNIVERSALSTRING_free); - - -const ASN1_ITEM ASN1_BMPSTRING_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_BMPSTRING, - .sname = "ASN1_BMPSTRING", -}; -LCRYPTO_ALIAS(ASN1_BMPSTRING_it); - -ASN1_BMPSTRING * -d2i_ASN1_BMPSTRING(ASN1_BMPSTRING **a, const unsigned char **in, long len) -{ - return (ASN1_BMPSTRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ASN1_BMPSTRING_it); -} -LCRYPTO_ALIAS(d2i_ASN1_BMPSTRING); - -int -i2d_ASN1_BMPSTRING(ASN1_BMPSTRING *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_BMPSTRING_it); -} -LCRYPTO_ALIAS(i2d_ASN1_BMPSTRING); - -ASN1_BMPSTRING * -ASN1_BMPSTRING_new(void) -{ - return (ASN1_BMPSTRING *)ASN1_item_new(&ASN1_BMPSTRING_it); -} -LCRYPTO_ALIAS(ASN1_BMPSTRING_new); - -void -ASN1_BMPSTRING_free(ASN1_BMPSTRING *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ASN1_BMPSTRING_it); -} -LCRYPTO_ALIAS(ASN1_BMPSTRING_free); - -const ASN1_ITEM ASN1_ANY_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_ANY, - .sname = "ASN1_ANY", -}; -LCRYPTO_ALIAS(ASN1_ANY_it); - - -/* Just swallow an ASN1_SEQUENCE in an ASN1_STRING */ - -const ASN1_ITEM ASN1_SEQUENCE_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_SEQUENCE, - .sname = "ASN1_SEQUENCE", -}; -LCRYPTO_ALIAS(ASN1_SEQUENCE_it); - - -/* Multistring types */ - - -const ASN1_ITEM ASN1_PRINTABLE_it = { - .itype = ASN1_ITYPE_MSTRING, - .utype = B_ASN1_PRINTABLE, - .templates = NULL, - .tcount = 0, - .funcs = NULL, - .size = sizeof(ASN1_STRING), - .sname = "ASN1_PRINTABLE", -}; -LCRYPTO_ALIAS(ASN1_PRINTABLE_it); - -ASN1_STRING * -d2i_ASN1_PRINTABLE(ASN1_STRING **a, const unsigned char **in, long len) -{ - return (ASN1_STRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ASN1_PRINTABLE_it); -} -LCRYPTO_ALIAS(d2i_ASN1_PRINTABLE); - -int -i2d_ASN1_PRINTABLE(ASN1_STRING *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_PRINTABLE_it); -} -LCRYPTO_ALIAS(i2d_ASN1_PRINTABLE); - -ASN1_STRING * -ASN1_PRINTABLE_new(void) -{ - return (ASN1_STRING *)ASN1_item_new(&ASN1_PRINTABLE_it); -} -LCRYPTO_ALIAS(ASN1_PRINTABLE_new); - -void -ASN1_PRINTABLE_free(ASN1_STRING *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ASN1_PRINTABLE_it); -} -LCRYPTO_ALIAS(ASN1_PRINTABLE_free); - - -const ASN1_ITEM DISPLAYTEXT_it = { - .itype = ASN1_ITYPE_MSTRING, - .utype = B_ASN1_DISPLAYTEXT, - .templates = NULL, - .tcount = 0, - .funcs = NULL, - .size = sizeof(ASN1_STRING), - .sname = "DISPLAYTEXT", -}; -LCRYPTO_ALIAS(DISPLAYTEXT_it); - -ASN1_STRING * -d2i_DISPLAYTEXT(ASN1_STRING **a, const unsigned char **in, long len) -{ - return (ASN1_STRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &DISPLAYTEXT_it); -} -LCRYPTO_ALIAS(d2i_DISPLAYTEXT); - -int -i2d_DISPLAYTEXT(ASN1_STRING *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &DISPLAYTEXT_it); -} -LCRYPTO_ALIAS(i2d_DISPLAYTEXT); - -ASN1_STRING * -DISPLAYTEXT_new(void) -{ - return (ASN1_STRING *)ASN1_item_new(&DISPLAYTEXT_it); -} -LCRYPTO_ALIAS(DISPLAYTEXT_new); - -void -DISPLAYTEXT_free(ASN1_STRING *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &DISPLAYTEXT_it); -} -LCRYPTO_ALIAS(DISPLAYTEXT_free); - - -const ASN1_ITEM DIRECTORYSTRING_it = { - .itype = ASN1_ITYPE_MSTRING, - .utype = B_ASN1_DIRECTORYSTRING, - .templates = NULL, - .tcount = 0, - .funcs = NULL, - .size = sizeof(ASN1_STRING), - .sname = "DIRECTORYSTRING", -}; -LCRYPTO_ALIAS(DIRECTORYSTRING_it); - -ASN1_STRING * -d2i_DIRECTORYSTRING(ASN1_STRING **a, const unsigned char **in, long len) -{ - return (ASN1_STRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &DIRECTORYSTRING_it); -} -LCRYPTO_ALIAS(d2i_DIRECTORYSTRING); - -int -i2d_DIRECTORYSTRING(ASN1_STRING *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &DIRECTORYSTRING_it); -} -LCRYPTO_ALIAS(i2d_DIRECTORYSTRING); - -ASN1_STRING * -DIRECTORYSTRING_new(void) -{ - return (ASN1_STRING *)ASN1_item_new(&DIRECTORYSTRING_it); -} -LCRYPTO_ALIAS(DIRECTORYSTRING_new); - -void -DIRECTORYSTRING_free(ASN1_STRING *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &DIRECTORYSTRING_it); -} -LCRYPTO_ALIAS(DIRECTORYSTRING_free); - -/* Three separate BOOLEAN type: normal, DEFAULT TRUE and DEFAULT FALSE */ - -const ASN1_ITEM ASN1_BOOLEAN_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_BOOLEAN, - .size = -1, - .sname = "ASN1_BOOLEAN", -}; - -int -i2d_ASN1_BOOLEAN(int a, unsigned char **out) -{ - return ASN1_item_ex_i2d((ASN1_VALUE **)&a, out, - &ASN1_BOOLEAN_it, -1, 0); -} - -int -d2i_ASN1_BOOLEAN(int *a, const unsigned char **in, long len) -{ - ASN1_BOOLEAN abool; - - if (ASN1_item_ex_d2i((ASN1_VALUE **)&abool, in, len, &ASN1_BOOLEAN_it, - -1, 0, 0, NULL) <= 0) - return -1; - - if (a != NULL) - *a = abool; - - return abool; -} - -const ASN1_ITEM ASN1_TBOOLEAN_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_BOOLEAN, - .size = 1, - .sname = "ASN1_TBOOLEAN", -}; - -const ASN1_ITEM ASN1_FBOOLEAN_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_BOOLEAN, - .size = 0, - .sname = "ASN1_FBOOLEAN", -}; - -/* Special, OCTET STRING with indefinite length constructed support */ - -const ASN1_ITEM ASN1_OCTET_STRING_NDEF_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_OCTET_STRING, - .size = ASN1_TFLG_NDEF, - .sname = "ASN1_OCTET_STRING_NDEF", -}; - -static const ASN1_TEMPLATE ASN1_SEQUENCE_ANY_item_tt = { - .flags = ASN1_TFLG_SEQUENCE_OF, - .tag = 0, - .offset = 0, - .field_name = "ASN1_SEQUENCE_ANY", - .item = &ASN1_ANY_it, -}; - -const ASN1_ITEM ASN1_SEQUENCE_ANY_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = -1, - .templates = &ASN1_SEQUENCE_ANY_item_tt, - .tcount = 0, - .funcs = NULL, - .size = 0, - .sname = "ASN1_SEQUENCE_ANY", -}; -LCRYPTO_ALIAS(ASN1_SEQUENCE_ANY_it); - -static const ASN1_TEMPLATE ASN1_SET_ANY_item_tt = { - .flags = ASN1_TFLG_SET_OF, - .tag = 0, - .offset = 0, - .field_name = "ASN1_SET_ANY", - .item = &ASN1_ANY_it, -}; - -const ASN1_ITEM ASN1_SET_ANY_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = -1, - .templates = &ASN1_SET_ANY_item_tt, - .tcount = 0, - .funcs = NULL, - .size = 0, - .sname = "ASN1_SET_ANY", -}; -LCRYPTO_ALIAS(ASN1_SET_ANY_it); - - -ASN1_SEQUENCE_ANY * -d2i_ASN1_SEQUENCE_ANY(ASN1_SEQUENCE_ANY **a, const unsigned char **in, long len) -{ - return (ASN1_SEQUENCE_ANY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ASN1_SEQUENCE_ANY_it); -} -LCRYPTO_ALIAS(d2i_ASN1_SEQUENCE_ANY); - -int -i2d_ASN1_SEQUENCE_ANY(const ASN1_SEQUENCE_ANY *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_SEQUENCE_ANY_it); -} -LCRYPTO_ALIAS(i2d_ASN1_SEQUENCE_ANY); - -ASN1_SEQUENCE_ANY * -d2i_ASN1_SET_ANY(ASN1_SEQUENCE_ANY **a, const unsigned char **in, long len) -{ - return (ASN1_SEQUENCE_ANY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ASN1_SET_ANY_it); -} -LCRYPTO_ALIAS(d2i_ASN1_SET_ANY); - -int -i2d_ASN1_SET_ANY(const ASN1_SEQUENCE_ANY *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_SET_ANY_it); -} -LCRYPTO_ALIAS(i2d_ASN1_SET_ANY); diff --git a/src/lib/libcrypto/asn1/tasn_utl.c b/src/lib/libcrypto/asn1/tasn_utl.c deleted file mode 100644 index ae546edd4b..0000000000 --- a/src/lib/libcrypto/asn1/tasn_utl.c +++ /dev/null @@ -1,299 +0,0 @@ -/* $OpenBSD: tasn_utl.c,v 1.18 2022/12/26 07:18:51 jmc Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include - -#include -#include -#include -#include - -#include "bytestring.h" - -/* Utility functions for manipulating fields and offsets */ - -/* Add 'offset' to 'addr' */ -#define offset2ptr(addr, offset) (void *)(((char *) addr) + offset) - -/* Given an ASN1_ITEM CHOICE type return - * the selector value - */ - -int -asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - int *sel = offset2ptr(*pval, it->utype); - return *sel; -} - -/* Given an ASN1_ITEM CHOICE type set - * the selector value, return old value. - */ - -int -asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it) -{ - int *sel, ret; - sel = offset2ptr(*pval, it->utype); - ret = *sel; - *sel = value; - return ret; -} - -/* Do reference counting. The value 'op' decides what to do. - * if it is +1 then the count is incremented. If op is 0 count is - * set to 1. If op is -1 count is decremented and the return value - * is the current reference count or 0 if no reference count exists. - */ - -int -asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it) -{ - const ASN1_AUX *aux; - int *lck, ret; - - if ((it->itype != ASN1_ITYPE_SEQUENCE) && - (it->itype != ASN1_ITYPE_NDEF_SEQUENCE)) - return 0; - aux = it->funcs; - if (!aux || !(aux->flags & ASN1_AFLG_REFCOUNT)) - return 0; - lck = offset2ptr(*pval, aux->ref_offset); - if (op == 0) { - *lck = 1; - return 1; - } - ret = CRYPTO_add(lck, op, aux->ref_lock); - return ret; -} - -static ASN1_ENCODING * -asn1_get_enc_ptr(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - const ASN1_AUX *aux = it->funcs; - - if (pval == NULL || *pval == NULL) - return NULL; - - if (aux == NULL || (aux->flags & ASN1_AFLG_ENCODING) == 0) - return NULL; - - return offset2ptr(*pval, aux->enc_offset); -} - -void -asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - ASN1_ENCODING *aenc; - - if ((aenc = asn1_get_enc_ptr(pval, it)) == NULL) - return; - - aenc->enc = NULL; - aenc->len = 0; - aenc->modified = 1; -} - -static void -asn1_enc_clear(ASN1_ENCODING *aenc) -{ - freezero(aenc->enc, aenc->len); - aenc->enc = NULL; - aenc->len = 0; - aenc->modified = 1; -} - -void -asn1_enc_cleanup(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - ASN1_ENCODING *aenc; - - if ((aenc = asn1_get_enc_ptr(pval, it)) == NULL) - return; - - asn1_enc_clear(aenc); -} - -int -asn1_enc_save(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it) -{ - ASN1_ENCODING *aenc; - uint8_t *data = NULL; - size_t data_len = 0; - - if ((aenc = asn1_get_enc_ptr(pval, it)) == NULL) - return 1; - - asn1_enc_clear(aenc); - - if (!CBS_stow(cbs, &data, &data_len)) - return 0; - if (data_len > LONG_MAX) { - freezero(data, data_len); - return 0; - } - - aenc->enc = data; - aenc->len = (long)data_len; - aenc->modified = 0; - - return 1; -} - -int -asn1_enc_restore(int *out_len, unsigned char **out, ASN1_VALUE **pval, - const ASN1_ITEM *it) -{ - ASN1_ENCODING *aenc; - - if ((aenc = asn1_get_enc_ptr(pval, it)) == NULL) - return 0; - - if (aenc->modified) - return 0; - - if (out != NULL) { - memcpy(*out, aenc->enc, aenc->len); - *out += aenc->len; - } - - if (out_len != NULL) - *out_len = aenc->len; - - return 1; -} - -/* Given an ASN1_TEMPLATE get a pointer to a field */ -ASN1_VALUE ** -asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) -{ - ASN1_VALUE **pvaltmp; - - pvaltmp = offset2ptr(*pval, tt->offset); - /* NOTE for BOOLEAN types the field is just a plain - * int so we can't return int **, so settle for - * (int *). - */ - return pvaltmp; -} - -/* Handle ANY DEFINED BY template, find the selector, look up - * the relevant ASN1_TEMPLATE in the table and return it. - */ - -const ASN1_TEMPLATE * -asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int nullerr) -{ - const ASN1_ADB *adb; - const ASN1_ADB_TABLE *atbl; - long selector; - ASN1_VALUE **sfld; - int i; - - if (!(tt->flags & ASN1_TFLG_ADB_MASK)) - return tt; - - /* Else ANY DEFINED BY ... get the table */ - adb = (const ASN1_ADB *)tt->item; - - /* Get the selector field */ - sfld = offset2ptr(*pval, adb->offset); - - /* Check if NULL */ - if (!sfld) { - if (!adb->null_tt) - goto err; - return adb->null_tt; - } - - /* Convert type to a long: - * NB: don't check for NID_undef here because it - * might be a legitimate value in the table - */ - if (tt->flags & ASN1_TFLG_ADB_OID) - selector = OBJ_obj2nid((ASN1_OBJECT *)*sfld); - else - selector = ASN1_INTEGER_get((ASN1_INTEGER *)*sfld); - - /* Try to find matching entry in table - * Maybe should check application types first to - * allow application override? Might also be useful - * to have a flag which indicates table is sorted and - * we can do a binary search. For now stick to a - * linear search. - */ - - for (atbl = adb->tbl, i = 0; i < adb->tblcount; i++, atbl++) - if (atbl->value == selector) - return &atbl->tt; - - /* FIXME: need to search application table too */ - - /* No match, return default type */ - if (!adb->default_tt) - goto err; - return adb->default_tt; - - err: - /* FIXME: should log the value or OID of unsupported type */ - if (nullerr) - ASN1error(ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE); - return NULL; -} diff --git a/src/lib/libcrypto/asn1/x_algor.c b/src/lib/libcrypto/asn1/x_algor.c deleted file mode 100644 index b01ee982a6..0000000000 --- a/src/lib/libcrypto/asn1/x_algor.c +++ /dev/null @@ -1,295 +0,0 @@ -/* $OpenBSD: x_algor.c,v 1.41 2024/07/08 14:48:49 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include - -#include "x509_local.h" - -static const ASN1_TEMPLATE X509_ALGOR_seq_tt[] = { - { - .offset = offsetof(X509_ALGOR, algorithm), - .field_name = "algorithm", - .item = &ASN1_OBJECT_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .offset = offsetof(X509_ALGOR, parameter), - .field_name = "parameter", - .item = &ASN1_ANY_it, - }, -}; - -const ASN1_ITEM X509_ALGOR_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = X509_ALGOR_seq_tt, - .tcount = sizeof(X509_ALGOR_seq_tt) / sizeof(ASN1_TEMPLATE), - .size = sizeof(X509_ALGOR), - .sname = "X509_ALGOR", -}; -LCRYPTO_ALIAS(X509_ALGOR_it); - -static const ASN1_TEMPLATE X509_ALGORS_item_tt = { - .flags = ASN1_TFLG_SEQUENCE_OF, - .tag = 0, - .offset = 0, - .field_name = "algorithms", - .item = &X509_ALGOR_it, -}; - -const ASN1_ITEM X509_ALGORS_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = -1, - .templates = &X509_ALGORS_item_tt, - .tcount = 0, - .funcs = NULL, - .size = 0, - .sname = "X509_ALGORS", -}; -LCRYPTO_ALIAS(X509_ALGORS_it); - -X509_ALGOR * -d2i_X509_ALGOR(X509_ALGOR **a, const unsigned char **in, long len) -{ - return (X509_ALGOR *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &X509_ALGOR_it); -} -LCRYPTO_ALIAS(d2i_X509_ALGOR); - -int -i2d_X509_ALGOR(X509_ALGOR *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_ALGOR_it); -} -LCRYPTO_ALIAS(i2d_X509_ALGOR); - -X509_ALGOR * -X509_ALGOR_new(void) -{ - return (X509_ALGOR *)ASN1_item_new(&X509_ALGOR_it); -} -LCRYPTO_ALIAS(X509_ALGOR_new); - -void -X509_ALGOR_free(X509_ALGOR *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &X509_ALGOR_it); -} -LCRYPTO_ALIAS(X509_ALGOR_free); - -X509_ALGORS * -d2i_X509_ALGORS(X509_ALGORS **a, const unsigned char **in, long len) -{ - return (X509_ALGORS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &X509_ALGORS_it); -} -LCRYPTO_ALIAS(d2i_X509_ALGORS); - -int -i2d_X509_ALGORS(X509_ALGORS *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_ALGORS_it); -} -LCRYPTO_ALIAS(i2d_X509_ALGORS); - -X509_ALGOR * -X509_ALGOR_dup(X509_ALGOR *x) -{ - return ASN1_item_dup(&X509_ALGOR_it, x); -} -LCRYPTO_ALIAS(X509_ALGOR_dup); - -static int -X509_ALGOR_set0_obj(X509_ALGOR *alg, ASN1_OBJECT *aobj) -{ - ASN1_OBJECT_free(alg->algorithm); - alg->algorithm = aobj; - - return 1; -} - -static int -X509_ALGOR_set_obj_by_nid(X509_ALGOR *alg, int nid) -{ - ASN1_OBJECT *aobj; - - if ((aobj = OBJ_nid2obj(nid)) == NULL) - return 0; - if (!X509_ALGOR_set0_obj(alg, aobj)) - return 0; - - return 1; -} - -static int -X509_ALGOR_set0_parameter(X509_ALGOR *alg, int parameter_type, - void *parameter_value) -{ - if (parameter_type == V_ASN1_UNDEF) { - ASN1_TYPE_free(alg->parameter); - alg->parameter = NULL; - - return 1; - } - - if (alg->parameter == NULL) - alg->parameter = ASN1_TYPE_new(); - if (alg->parameter == NULL) - return 0; - - if (parameter_type != 0) - ASN1_TYPE_set(alg->parameter, parameter_type, parameter_value); - - return 1; -} - -int -X509_ALGOR_set0_by_nid(X509_ALGOR *alg, int nid, int parameter_type, - void *parameter_value) -{ - if (alg == NULL) - return 0; - - if (!X509_ALGOR_set_obj_by_nid(alg, nid)) - return 0; - - if (!X509_ALGOR_set0_parameter(alg, parameter_type, parameter_value)) - return 0; - - return 1; -} - -int -X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int parameter_type, - void *parameter_value) -{ - if (alg == NULL) - return 0; - - /* Set parameter first to preserve public API behavior on failure. */ - if (!X509_ALGOR_set0_parameter(alg, parameter_type, parameter_value)) - return 0; - - if (!X509_ALGOR_set0_obj(alg, aobj)) - return 0; - - return 1; -} -LCRYPTO_ALIAS(X509_ALGOR_set0); - -void -X509_ALGOR_get0(const ASN1_OBJECT **out_aobj, int *out_type, - const void **out_value, const X509_ALGOR *alg) -{ - int type = V_ASN1_UNDEF; - const void *value = NULL; - - if (out_aobj != NULL) - *out_aobj = alg->algorithm; - - /* Ensure out_value is not left uninitialized if out_type is NULL. */ - if (out_value != NULL) - *out_value = NULL; - - if (out_type == NULL) - return; - - if (alg->parameter != NULL) { - type = alg->parameter->type; - value = alg->parameter->value.ptr; - } - - *out_type = type; - if (out_value != NULL) - *out_value = value; -} -LCRYPTO_ALIAS(X509_ALGOR_get0); - -int -X509_ALGOR_set_evp_md(X509_ALGOR *alg, const EVP_MD *md) -{ - int parameter_type = V_ASN1_NULL; - int nid = EVP_MD_type(md); - - if ((EVP_MD_flags(md) & EVP_MD_FLAG_DIGALGID_ABSENT) != 0) - parameter_type = V_ASN1_UNDEF; - - if (!X509_ALGOR_set0_by_nid(alg, nid, parameter_type, NULL)) - return 0; - - return 1; -} - -int -X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b) -{ - int cmp; - - if ((cmp = OBJ_cmp(a->algorithm, b->algorithm)) != 0) - return cmp; - - if (a->parameter == NULL && b->parameter == NULL) - return 0; - - return ASN1_TYPE_cmp(a->parameter, b->parameter); -} -LCRYPTO_ALIAS(X509_ALGOR_cmp); diff --git a/src/lib/libcrypto/asn1/x_attrib.c b/src/lib/libcrypto/asn1/x_attrib.c deleted file mode 100644 index 8e4f94094f..0000000000 --- a/src/lib/libcrypto/asn1/x_attrib.c +++ /dev/null @@ -1,159 +0,0 @@ -/* $OpenBSD: x_attrib.c,v 1.23 2024/07/08 14:48:49 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include -#include - -#include "x509_local.h" - -static const ASN1_TEMPLATE X509_ATTRIBUTE_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(X509_ATTRIBUTE, object), - .field_name = "object", - .item = &ASN1_OBJECT_it, - }, - { - .flags = ASN1_TFLG_SET_OF, - .tag = 0, - .offset = offsetof(X509_ATTRIBUTE, set), - .field_name = "set", - .item = &ASN1_ANY_it, - }, -}; - -const ASN1_ITEM X509_ATTRIBUTE_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = X509_ATTRIBUTE_seq_tt, - .tcount = sizeof(X509_ATTRIBUTE_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(X509_ATTRIBUTE), - .sname = "X509_ATTRIBUTE", -}; -LCRYPTO_ALIAS(X509_ATTRIBUTE_it); - - -X509_ATTRIBUTE * -d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a, const unsigned char **in, long len) -{ - return (X509_ATTRIBUTE *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &X509_ATTRIBUTE_it); -} -LCRYPTO_ALIAS(d2i_X509_ATTRIBUTE); - -int -i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_ATTRIBUTE_it); -} -LCRYPTO_ALIAS(i2d_X509_ATTRIBUTE); - -X509_ATTRIBUTE * -X509_ATTRIBUTE_new(void) -{ - return (X509_ATTRIBUTE *)ASN1_item_new(&X509_ATTRIBUTE_it); -} -LCRYPTO_ALIAS(X509_ATTRIBUTE_new); - -void -X509_ATTRIBUTE_free(X509_ATTRIBUTE *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &X509_ATTRIBUTE_it); -} -LCRYPTO_ALIAS(X509_ATTRIBUTE_free); - -X509_ATTRIBUTE * -X509_ATTRIBUTE_dup(X509_ATTRIBUTE *x) -{ - return ASN1_item_dup(&X509_ATTRIBUTE_it, x); -} -LCRYPTO_ALIAS(X509_ATTRIBUTE_dup); - -X509_ATTRIBUTE * -X509_ATTRIBUTE_create(int nid, int atrtype, void *value) -{ - X509_ATTRIBUTE *ret = NULL; - ASN1_TYPE *val = NULL; - ASN1_OBJECT *oid; - - if ((oid = OBJ_nid2obj(nid)) == NULL) - return (NULL); - if ((ret = X509_ATTRIBUTE_new()) == NULL) - return (NULL); - ret->object = oid; - if ((val = ASN1_TYPE_new()) == NULL) - goto err; - if (!sk_ASN1_TYPE_push(ret->set, val)) - goto err; - - ASN1_TYPE_set(val, atrtype, value); - return (ret); - - err: - if (ret != NULL) - X509_ATTRIBUTE_free(ret); - if (val != NULL) - ASN1_TYPE_free(val); - return (NULL); -} -LCRYPTO_ALIAS(X509_ATTRIBUTE_create); diff --git a/src/lib/libcrypto/asn1/x_bignum.c b/src/lib/libcrypto/asn1/x_bignum.c deleted file mode 100644 index 3e265b9cbc..0000000000 --- a/src/lib/libcrypto/asn1/x_bignum.c +++ /dev/null @@ -1,207 +0,0 @@ -/* $OpenBSD: x_bignum.c,v 1.15 2024/07/08 16:24:22 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include - -#include "asn1_local.h" -#include "bytestring.h" - -/* - * Custom primitive type for that reads an ASN.1 INTEGER into a BIGNUM. - */ - -static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it); -static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it); -static void bn_clear(ASN1_VALUE **pval, const ASN1_ITEM *it); - -static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, - const ASN1_ITEM *it); -static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, - int utype, char *free_cont, const ASN1_ITEM *it); -static int bn_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, - int indent, const ASN1_PCTX *pctx); - -static const ASN1_PRIMITIVE_FUNCS bignum_pf = { - .app_data = NULL, - .flags = 0, - .prim_new = bn_new, - .prim_free = bn_free, - .prim_clear = bn_clear, - .prim_c2i = bn_c2i, - .prim_i2c = bn_i2c, - .prim_print = bn_print, -}; - -const ASN1_ITEM BIGNUM_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_INTEGER, - .templates = NULL, - .tcount = 0, - .funcs = &bignum_pf, - .size = 0, - .sname = "BIGNUM", -}; -LCRYPTO_ALIAS(BIGNUM_it); - -const ASN1_ITEM CBIGNUM_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_INTEGER, - .templates = NULL, - .tcount = 0, - .funcs = &bignum_pf, - .size = 0, - .sname = "BIGNUM", -}; -LCRYPTO_ALIAS(CBIGNUM_it); - -static int -bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - if ((*pval = (ASN1_VALUE *)BN_new()) == NULL) - return 0; - - return 1; -} - -static void -bn_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - BN_free((BIGNUM *)*pval); - *pval = NULL; -} - -static void -bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - if (*pval == NULL) - return; - - bn_clear(pval, it); -} - -static int -bn_i2c(ASN1_VALUE **pval, unsigned char *content, int *putype, const ASN1_ITEM *it) -{ - ASN1_INTEGER *aint = NULL; - unsigned char **pp = NULL; - const BIGNUM *bn; - int ret; - - if (*pval == NULL) - return -1; - - bn = (const BIGNUM *)*pval; - - if ((aint = BN_to_ASN1_INTEGER(bn, NULL)) == NULL) - return -1; - - if (content != NULL) - pp = &content; - - ret = i2c_ASN1_INTEGER(aint, pp); - - ASN1_INTEGER_free(aint); - - return ret; -} - -static int -bn_c2i(ASN1_VALUE **pval, const unsigned char *content, int len, int utype, - char *free_content, const ASN1_ITEM *it) -{ - ASN1_INTEGER *aint = NULL; - BIGNUM *bn; - CBS cbs; - int ret = 0; - - bn_clear(pval, it); - - if (len < 0) - goto err; - CBS_init(&cbs, content, len); - if (!c2i_ASN1_INTEGER_cbs(&aint, &cbs)) - goto err; - - if ((bn = ASN1_INTEGER_to_BN(aint, NULL)) == NULL) - goto err; - *pval = (ASN1_VALUE *)bn; - - ret = 1; - - err: - ASN1_INTEGER_free(aint); - - return ret; -} - -static int -bn_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, - const ASN1_PCTX *pctx) -{ - const BIGNUM *bn = (BIGNUM *)*pval; - - if (!BN_print(out, bn)) - return 0; - if (BIO_printf(out, "\n") <= 0) - return 0; - - return 1; -} diff --git a/src/lib/libcrypto/asn1/x_crl.c b/src/lib/libcrypto/asn1/x_crl.c deleted file mode 100644 index 7ad8350f3d..0000000000 --- a/src/lib/libcrypto/asn1/x_crl.c +++ /dev/null @@ -1,702 +0,0 @@ -/* $OpenBSD: x_crl.c,v 1.48 2025/02/27 20:13:41 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include - -#include -#include -#include -#include - -#include "asn1_local.h" -#include "x509_local.h" - -static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp); - -static const ASN1_TEMPLATE X509_REVOKED_seq_tt[] = { - { - .offset = offsetof(X509_REVOKED, serialNumber), - .field_name = "serialNumber", - .item = &ASN1_INTEGER_it, - }, - { - .offset = offsetof(X509_REVOKED, revocationDate), - .field_name = "revocationDate", - .item = &ASN1_TIME_it, - }, - { - .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, - .offset = offsetof(X509_REVOKED, extensions), - .field_name = "extensions", - .item = &X509_EXTENSION_it, - }, -}; - -const ASN1_ITEM X509_REVOKED_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = X509_REVOKED_seq_tt, - .tcount = sizeof(X509_REVOKED_seq_tt) / sizeof(ASN1_TEMPLATE), - .size = sizeof(X509_REVOKED), - .sname = "X509_REVOKED", -}; -LCRYPTO_ALIAS(X509_REVOKED_it); - -static int -X509_REVOKED_cmp(const X509_REVOKED * const *a, const X509_REVOKED * const *b) -{ - return ASN1_INTEGER_cmp((*a)->serialNumber, (*b)->serialNumber); -} - -/* The X509_CRL_INFO structure needs a bit of customisation. - * Since we cache the original encoding the signature wont be affected by - * reordering of the revoked field. - */ -static int -crl_info_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) -{ - X509_CRL_INFO *a = (X509_CRL_INFO *)*pval; - - if (!a || !a->revoked) - return 1; - switch (operation) { - /* Just set cmp function here. We don't sort because that - * would affect the output of X509_CRL_print(). - */ - case ASN1_OP_D2I_POST: - (void)sk_X509_REVOKED_set_cmp_func(a->revoked, X509_REVOKED_cmp); - break; - } - return 1; -} - - -static const ASN1_AUX X509_CRL_INFO_aux = { - .flags = ASN1_AFLG_ENCODING, - .asn1_cb = crl_info_cb, - .enc_offset = offsetof(X509_CRL_INFO, enc), -}; -static const ASN1_TEMPLATE X509_CRL_INFO_seq_tt[] = { - { - .flags = ASN1_TFLG_OPTIONAL, - .offset = offsetof(X509_CRL_INFO, version), - .field_name = "version", - .item = &ASN1_INTEGER_it, - }, - { - .offset = offsetof(X509_CRL_INFO, sig_alg), - .field_name = "sig_alg", - .item = &X509_ALGOR_it, - }, - { - .offset = offsetof(X509_CRL_INFO, issuer), - .field_name = "issuer", - .item = &X509_NAME_it, - }, - { - .offset = offsetof(X509_CRL_INFO, lastUpdate), - .field_name = "lastUpdate", - .item = &ASN1_TIME_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .offset = offsetof(X509_CRL_INFO, nextUpdate), - .field_name = "nextUpdate", - .item = &ASN1_TIME_it, - }, - { - .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, - .offset = offsetof(X509_CRL_INFO, revoked), - .field_name = "revoked", - .item = &X509_REVOKED_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, - .offset = offsetof(X509_CRL_INFO, extensions), - .field_name = "extensions", - .item = &X509_EXTENSION_it, - }, -}; - -const ASN1_ITEM X509_CRL_INFO_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = X509_CRL_INFO_seq_tt, - .tcount = sizeof(X509_CRL_INFO_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &X509_CRL_INFO_aux, - .size = sizeof(X509_CRL_INFO), - .sname = "X509_CRL_INFO", -}; -LCRYPTO_ALIAS(X509_CRL_INFO_it); - -/* Set CRL entry issuer according to CRL certificate issuer extension. - * Check for unhandled critical CRL entry extensions. - */ - -static int -crl_set_issuers(X509_CRL *crl) -{ - int i, j; - GENERAL_NAMES *gens, *gtmp; - STACK_OF(X509_REVOKED) *revoked; - - revoked = X509_CRL_get_REVOKED(crl); - - gens = NULL; - for (i = 0; i < sk_X509_REVOKED_num(revoked); i++) { - X509_REVOKED *rev = sk_X509_REVOKED_value(revoked, i); - STACK_OF(X509_EXTENSION) *exts; - ASN1_ENUMERATED *reason; - X509_EXTENSION *ext; - gtmp = X509_REVOKED_get_ext_d2i(rev, NID_certificate_issuer, - &j, NULL); - if (!gtmp && (j != -1)) { - crl->flags |= EXFLAG_INVALID; - return 1; - } - - if (gtmp) { - gens = gtmp; - if (!crl->issuers) { - crl->issuers = sk_GENERAL_NAMES_new_null(); - if (!crl->issuers) - return 0; - } - if (!sk_GENERAL_NAMES_push(crl->issuers, gtmp)) - return 0; - } - rev->issuer = gens; - - reason = X509_REVOKED_get_ext_d2i(rev, NID_crl_reason, - &j, NULL); - if (!reason && (j != -1)) { - crl->flags |= EXFLAG_INVALID; - return 1; - } - - if (reason) { - rev->reason = ASN1_ENUMERATED_get(reason); - ASN1_ENUMERATED_free(reason); - } else - rev->reason = CRL_REASON_NONE; - - /* Check for critical CRL entry extensions */ - - exts = rev->extensions; - - for (j = 0; j < sk_X509_EXTENSION_num(exts); j++) { - ext = sk_X509_EXTENSION_value(exts, j); - if (ext->critical > 0) { - if (OBJ_obj2nid(ext->object) == - NID_certificate_issuer) - continue; - crl->flags |= EXFLAG_CRITICAL; - break; - } - } - } - - return 1; -} - -/* The X509_CRL structure needs a bit of customisation. Cache some extensions - * and hash of the whole CRL. - */ -static int -crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) -{ - X509_CRL *crl = (X509_CRL *)*pval; - STACK_OF(X509_EXTENSION) *exts; - X509_EXTENSION *ext; - int idx; - int rc = 1; - - switch (operation) { - case ASN1_OP_NEW_POST: - crl->idp = NULL; - crl->akid = NULL; - crl->flags = 0; - crl->idp_flags = 0; - crl->idp_reasons = CRLDP_ALL_REASONS; - crl->issuers = NULL; - crl->crl_number = NULL; - crl->base_crl_number = NULL; - break; - - case ASN1_OP_D2I_POST: - X509_CRL_digest(crl, X509_CRL_HASH_EVP, crl->hash, NULL); - crl->idp = X509_CRL_get_ext_d2i(crl, - NID_issuing_distribution_point, NULL, NULL); - if (crl->idp) - setup_idp(crl, crl->idp); - - crl->akid = X509_CRL_get_ext_d2i(crl, - NID_authority_key_identifier, NULL, NULL); - - crl->crl_number = X509_CRL_get_ext_d2i(crl, - NID_crl_number, NULL, NULL); - - crl->base_crl_number = X509_CRL_get_ext_d2i(crl, - NID_delta_crl, NULL, NULL); - /* Delta CRLs must have CRL number */ - if (crl->base_crl_number && !crl->crl_number) - crl->flags |= EXFLAG_INVALID; - - /* See if we have any unhandled critical CRL extensions and - * indicate this in a flag. We only currently handle IDP, - * AKID and deltas, so anything else critical sets the flag. - * - * This code accesses the X509_CRL structure directly: - * applications shouldn't do this. - */ - - exts = crl->crl->extensions; - - for (idx = 0; idx < sk_X509_EXTENSION_num(exts); idx++) { - int nid; - ext = sk_X509_EXTENSION_value(exts, idx); - nid = OBJ_obj2nid(ext->object); - if (nid == NID_freshest_crl) - crl->flags |= EXFLAG_FRESHEST; - if (ext->critical > 0) { - /* We handle IDP, AKID and deltas */ - if (nid == NID_issuing_distribution_point || - nid == NID_authority_key_identifier || - nid == NID_delta_crl) - break; - crl->flags |= EXFLAG_CRITICAL; - break; - } - } - - if (!crl_set_issuers(crl)) - return 0; - break; - - case ASN1_OP_FREE_POST: - AUTHORITY_KEYID_free(crl->akid); - ISSUING_DIST_POINT_free(crl->idp); - ASN1_INTEGER_free(crl->crl_number); - ASN1_INTEGER_free(crl->base_crl_number); - sk_GENERAL_NAMES_pop_free(crl->issuers, GENERAL_NAMES_free); - break; - } - return rc; -} - -/* Convert IDP into a more convenient form */ - -static void -setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp) -{ - int idp_only = 0; - - /* Set various flags according to IDP */ - crl->idp_flags |= IDP_PRESENT; - if (idp->onlyuser > 0) { - idp_only++; - crl->idp_flags |= IDP_ONLYUSER; - } - if (idp->onlyCA > 0) { - idp_only++; - crl->idp_flags |= IDP_ONLYCA; - } - if (idp->onlyattr > 0) { - idp_only++; - crl->idp_flags |= IDP_ONLYATTR; - } - - if (idp_only > 1) - crl->idp_flags |= IDP_INVALID; - - if (idp->indirectCRL > 0) - crl->idp_flags |= IDP_INDIRECT; - - if (idp->onlysomereasons) { - crl->idp_flags |= IDP_REASONS; - if (idp->onlysomereasons->length > 0) - crl->idp_reasons = idp->onlysomereasons->data[0]; - if (idp->onlysomereasons->length > 1) - crl->idp_reasons |= - (idp->onlysomereasons->data[1] << 8); - crl->idp_reasons &= CRLDP_ALL_REASONS; - } - - DIST_POINT_set_dpname(idp->distpoint, X509_CRL_get_issuer(crl)); -} - -static const ASN1_AUX X509_CRL_aux = { - .app_data = NULL, - .flags = ASN1_AFLG_REFCOUNT, - .ref_offset = offsetof(X509_CRL, references), - .ref_lock = CRYPTO_LOCK_X509_CRL, - .asn1_cb = crl_cb, -}; -static const ASN1_TEMPLATE X509_CRL_seq_tt[] = { - { - .offset = offsetof(X509_CRL, crl), - .field_name = "crl", - .item = &X509_CRL_INFO_it, - }, - { - .offset = offsetof(X509_CRL, sig_alg), - .field_name = "sig_alg", - .item = &X509_ALGOR_it, - }, - { - .offset = offsetof(X509_CRL, signature), - .field_name = "signature", - .item = &ASN1_BIT_STRING_it, - }, -}; - -const ASN1_ITEM X509_CRL_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = X509_CRL_seq_tt, - .tcount = sizeof(X509_CRL_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &X509_CRL_aux, - .size = sizeof(X509_CRL), - .sname = "X509_CRL", -}; -LCRYPTO_ALIAS(X509_CRL_it); - - -X509_REVOKED * -d2i_X509_REVOKED(X509_REVOKED **a, const unsigned char **in, long len) -{ - return (X509_REVOKED *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &X509_REVOKED_it); -} -LCRYPTO_ALIAS(d2i_X509_REVOKED); - -int -i2d_X509_REVOKED(X509_REVOKED *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_REVOKED_it); -} -LCRYPTO_ALIAS(i2d_X509_REVOKED); - -X509_REVOKED * -X509_REVOKED_new(void) -{ - return (X509_REVOKED *)ASN1_item_new(&X509_REVOKED_it); -} -LCRYPTO_ALIAS(X509_REVOKED_new); - -void -X509_REVOKED_free(X509_REVOKED *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &X509_REVOKED_it); -} -LCRYPTO_ALIAS(X509_REVOKED_free); - -X509_REVOKED * -X509_REVOKED_dup(X509_REVOKED *a) -{ - return ASN1_item_dup(&X509_REVOKED_it, a); -} -LCRYPTO_ALIAS(X509_REVOKED_dup); - -X509_CRL_INFO * -d2i_X509_CRL_INFO(X509_CRL_INFO **a, const unsigned char **in, long len) -{ - return (X509_CRL_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &X509_CRL_INFO_it); -} -LCRYPTO_ALIAS(d2i_X509_CRL_INFO); - -int -i2d_X509_CRL_INFO(X509_CRL_INFO *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_CRL_INFO_it); -} -LCRYPTO_ALIAS(i2d_X509_CRL_INFO); - -X509_CRL_INFO * -X509_CRL_INFO_new(void) -{ - return (X509_CRL_INFO *)ASN1_item_new(&X509_CRL_INFO_it); -} -LCRYPTO_ALIAS(X509_CRL_INFO_new); - -void -X509_CRL_INFO_free(X509_CRL_INFO *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &X509_CRL_INFO_it); -} -LCRYPTO_ALIAS(X509_CRL_INFO_free); - -X509_CRL * -d2i_X509_CRL(X509_CRL **a, const unsigned char **in, long len) -{ - return (X509_CRL *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &X509_CRL_it); -} -LCRYPTO_ALIAS(d2i_X509_CRL); - -int -i2d_X509_CRL(X509_CRL *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_CRL_it); -} -LCRYPTO_ALIAS(i2d_X509_CRL); - -X509_CRL * -X509_CRL_new(void) -{ - return (X509_CRL *)ASN1_item_new(&X509_CRL_it); -} -LCRYPTO_ALIAS(X509_CRL_new); - -void -X509_CRL_free(X509_CRL *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &X509_CRL_it); -} -LCRYPTO_ALIAS(X509_CRL_free); - -X509_CRL * -X509_CRL_dup(X509_CRL *x) -{ - return ASN1_item_dup(&X509_CRL_it, x); -} -LCRYPTO_ALIAS(X509_CRL_dup); - -int -X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev) -{ - X509_CRL_INFO *inf; - - inf = crl->crl; - if (!inf->revoked) - inf->revoked = sk_X509_REVOKED_new(X509_REVOKED_cmp); - if (!inf->revoked || !sk_X509_REVOKED_push(inf->revoked, rev)) { - ASN1error(ERR_R_MALLOC_FAILURE); - return 0; - } - inf->enc.modified = 1; - return 1; -} -LCRYPTO_ALIAS(X509_CRL_add0_revoked); - -int -X509_CRL_verify(X509_CRL *crl, EVP_PKEY *pkey) -{ - return ASN1_item_verify(&X509_CRL_INFO_it, crl->sig_alg, crl->signature, - crl->crl, pkey); -} -LCRYPTO_ALIAS(X509_CRL_verify); - -static int -crl_revoked_issuer_match(X509_CRL *crl, X509_NAME *nm, X509_REVOKED *rev) -{ - int i; - - if (!rev->issuer) { - if (!nm) - return 1; - if (!X509_NAME_cmp(nm, X509_CRL_get_issuer(crl))) - return 1; - return 0; - } - - if (!nm) - nm = X509_CRL_get_issuer(crl); - - for (i = 0; i < sk_GENERAL_NAME_num(rev->issuer); i++) { - GENERAL_NAME *gen = sk_GENERAL_NAME_value(rev->issuer, i); - if (gen->type != GEN_DIRNAME) - continue; - if (!X509_NAME_cmp(nm, gen->d.directoryName)) - return 1; - } - return 0; - -} - -static int -crl_lookup(X509_CRL *crl, X509_REVOKED **ret, ASN1_INTEGER *serial, - X509_NAME *issuer) -{ - X509_REVOKED rtmp, *rev; - int idx; - - rtmp.serialNumber = serial; - if (!sk_X509_REVOKED_is_sorted(crl->crl->revoked)) { - CRYPTO_w_lock(CRYPTO_LOCK_X509_CRL); - sk_X509_REVOKED_sort(crl->crl->revoked); - CRYPTO_w_unlock(CRYPTO_LOCK_X509_CRL); - } - idx = sk_X509_REVOKED_find(crl->crl->revoked, &rtmp); - if (idx < 0) - return 0; - /* Need to look for matching name */ - for (; idx < sk_X509_REVOKED_num(crl->crl->revoked); idx++) { - rev = sk_X509_REVOKED_value(crl->crl->revoked, idx); - if (ASN1_INTEGER_cmp(rev->serialNumber, serial)) - return 0; - if (crl_revoked_issuer_match(crl, issuer, rev)) { - if (ret) - *ret = rev; - if (rev->reason == CRL_REASON_REMOVE_FROM_CRL) - return 2; - return 1; - } - } - return 0; -} - -int -X509_CRL_get0_by_serial(X509_CRL *crl, X509_REVOKED **ret, - ASN1_INTEGER *serial) -{ - return crl_lookup(crl, ret, serial, NULL); -} -LCRYPTO_ALIAS(X509_CRL_get0_by_serial); - -int -X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x) -{ - return crl_lookup(crl, ret, X509_get_serialNumber(x), - X509_get_issuer_name(x)); -} -LCRYPTO_ALIAS(X509_CRL_get0_by_cert); - -int -X509_CRL_get_signature_nid(const X509_CRL *crl) -{ - return OBJ_obj2nid(crl->sig_alg->algorithm); -} -LCRYPTO_ALIAS(X509_CRL_get_signature_nid); - -const STACK_OF(X509_EXTENSION) * -X509_CRL_get0_extensions(const X509_CRL *crl) -{ - return crl->crl->extensions; -} -LCRYPTO_ALIAS(X509_CRL_get0_extensions); - -long -X509_CRL_get_version(const X509_CRL *crl) -{ - return ASN1_INTEGER_get(crl->crl->version); -} -LCRYPTO_ALIAS(X509_CRL_get_version); - -const ASN1_TIME * -X509_CRL_get0_lastUpdate(const X509_CRL *crl) -{ - return crl->crl->lastUpdate; -} -LCRYPTO_ALIAS(X509_CRL_get0_lastUpdate); - -ASN1_TIME * -X509_CRL_get_lastUpdate(X509_CRL *crl) -{ - return crl->crl->lastUpdate; -} -LCRYPTO_ALIAS(X509_CRL_get_lastUpdate); - -const ASN1_TIME * -X509_CRL_get0_nextUpdate(const X509_CRL *crl) -{ - return crl->crl->nextUpdate; -} -LCRYPTO_ALIAS(X509_CRL_get0_nextUpdate); - -ASN1_TIME * -X509_CRL_get_nextUpdate(X509_CRL *crl) -{ - return crl->crl->nextUpdate; -} -LCRYPTO_ALIAS(X509_CRL_get_nextUpdate); - -X509_NAME * -X509_CRL_get_issuer(const X509_CRL *crl) -{ - return crl->crl->issuer; -} -LCRYPTO_ALIAS(X509_CRL_get_issuer); - -STACK_OF(X509_REVOKED) * -X509_CRL_get_REVOKED(X509_CRL *crl) -{ - return crl->crl->revoked; -} -LCRYPTO_ALIAS(X509_CRL_get_REVOKED); - -void -X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig, - const X509_ALGOR **palg) -{ - if (psig != NULL) - *psig = crl->signature; - if (palg != NULL) - *palg = crl->sig_alg; -} -LCRYPTO_ALIAS(X509_CRL_get0_signature); - -const X509_ALGOR * -X509_CRL_get0_tbs_sigalg(const X509_CRL *crl) -{ - return crl->crl->sig_alg; -} -LCRYPTO_ALIAS(X509_CRL_get0_tbs_sigalg); diff --git a/src/lib/libcrypto/asn1/x_exten.c b/src/lib/libcrypto/asn1/x_exten.c deleted file mode 100644 index 21ee48395f..0000000000 --- a/src/lib/libcrypto/asn1/x_exten.c +++ /dev/null @@ -1,164 +0,0 @@ -/* $OpenBSD: x_exten.c,v 1.22 2024/07/08 14:48:49 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include - -#include "x509_local.h" - -static const ASN1_TEMPLATE X509_EXTENSION_seq_tt[] = { - { - .offset = offsetof(X509_EXTENSION, object), - .field_name = "object", - .item = &ASN1_OBJECT_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .offset = offsetof(X509_EXTENSION, critical), - .field_name = "critical", - .item = &ASN1_BOOLEAN_it, - }, - { - .offset = offsetof(X509_EXTENSION, value), - .field_name = "value", - .item = &ASN1_OCTET_STRING_it, - }, -}; - -const ASN1_ITEM X509_EXTENSION_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = X509_EXTENSION_seq_tt, - .tcount = sizeof(X509_EXTENSION_seq_tt) / sizeof(ASN1_TEMPLATE), - .size = sizeof(X509_EXTENSION), - .sname = "X509_EXTENSION", -}; -LCRYPTO_ALIAS(X509_EXTENSION_it); - -static const ASN1_TEMPLATE X509_EXTENSIONS_item_tt = { - .flags = ASN1_TFLG_SEQUENCE_OF, - .tag = 0, - .offset = 0, - .field_name = "Extension", - .item = &X509_EXTENSION_it, -}; - -const ASN1_ITEM X509_EXTENSIONS_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = -1, - .templates = &X509_EXTENSIONS_item_tt, - .tcount = 0, - .funcs = NULL, - .size = 0, - .sname = "X509_EXTENSIONS", -}; -LCRYPTO_ALIAS(X509_EXTENSIONS_it); - - -X509_EXTENSION * -d2i_X509_EXTENSION(X509_EXTENSION **a, const unsigned char **in, long len) -{ - return (X509_EXTENSION *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &X509_EXTENSION_it); -} -LCRYPTO_ALIAS(d2i_X509_EXTENSION); - -int -i2d_X509_EXTENSION(X509_EXTENSION *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_EXTENSION_it); -} -LCRYPTO_ALIAS(i2d_X509_EXTENSION); - -X509_EXTENSION * -X509_EXTENSION_new(void) -{ - return (X509_EXTENSION *)ASN1_item_new(&X509_EXTENSION_it); -} -LCRYPTO_ALIAS(X509_EXTENSION_new); - -void -X509_EXTENSION_free(X509_EXTENSION *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &X509_EXTENSION_it); -} -LCRYPTO_ALIAS(X509_EXTENSION_free); - -X509_EXTENSIONS * -d2i_X509_EXTENSIONS(X509_EXTENSIONS **a, const unsigned char **in, long len) -{ - return (X509_EXTENSIONS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &X509_EXTENSIONS_it); -} -LCRYPTO_ALIAS(d2i_X509_EXTENSIONS); - -int -i2d_X509_EXTENSIONS(X509_EXTENSIONS *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_EXTENSIONS_it); -} -LCRYPTO_ALIAS(i2d_X509_EXTENSIONS); - -X509_EXTENSION * -X509_EXTENSION_dup(X509_EXTENSION *x) -{ - return ASN1_item_dup(&X509_EXTENSION_it, x); -} -LCRYPTO_ALIAS(X509_EXTENSION_dup); diff --git a/src/lib/libcrypto/asn1/x_info.c b/src/lib/libcrypto/asn1/x_info.c deleted file mode 100644 index d2c4bcfe7a..0000000000 --- a/src/lib/libcrypto/asn1/x_info.c +++ /dev/null @@ -1,96 +0,0 @@ -/* $OpenBSD: x_info.c,v 1.22 2024/12/11 10:28:03 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include -#include - -X509_INFO * -X509_INFO_new(void) -{ - X509_INFO *ret; - - if ((ret = calloc(1, sizeof(X509_INFO))) == NULL) { - ASN1error(ERR_R_MALLOC_FAILURE); - return NULL; - } - ret->references = 1; - - return ret; -} -LCRYPTO_ALIAS(X509_INFO_new); - -void -X509_INFO_free(X509_INFO *x) -{ - if (x == NULL) - return; - - if (CRYPTO_add(&x->references, -1, CRYPTO_LOCK_X509_INFO) > 0) - return; - - X509_free(x->x509); - X509_CRL_free(x->crl); - X509_PKEY_free(x->x_pkey); - free(x->enc_data); - - free(x); -} -LCRYPTO_ALIAS(X509_INFO_free); diff --git a/src/lib/libcrypto/asn1/x_long.c b/src/lib/libcrypto/asn1/x_long.c deleted file mode 100644 index 5e673f4521..0000000000 --- a/src/lib/libcrypto/asn1/x_long.c +++ /dev/null @@ -1,241 +0,0 @@ -/* $OpenBSD: x_long.c,v 1.21 2024/07/08 16:24:22 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include - -#include "asn1_local.h" - -/* - * Custom primitive type for long handling. This converts between an - * ASN1_INTEGER and a long directly. - */ - -static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it); -static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it); -static void long_clear(ASN1_VALUE **pval, const ASN1_ITEM *it); - -static int long_i2c(ASN1_VALUE **pval, unsigned char *content, int *putype, - const ASN1_ITEM *it); -static int long_c2i(ASN1_VALUE **pval, const unsigned char *content, int len, - int utype, char *free_content, const ASN1_ITEM *it); -static int long_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, - int indent, const ASN1_PCTX *pctx); - -static const ASN1_PRIMITIVE_FUNCS long_pf = { - .app_data = NULL, - .flags = 0, - .prim_new = long_new, - .prim_free = long_free, - .prim_clear = long_clear, - .prim_c2i = long_c2i, - .prim_i2c = long_i2c, - .prim_print = long_print, -}; - -const ASN1_ITEM LONG_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_INTEGER, - .templates = NULL, - .tcount = 0, - .funcs = &long_pf, - .size = ASN1_LONG_UNDEF, - .sname = "LONG", -}; -LCRYPTO_ALIAS(LONG_it); - -const ASN1_ITEM ZLONG_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = V_ASN1_INTEGER, - .templates = NULL, - .tcount = 0, - .funcs = &long_pf, - .size = 0, - .sname = "ZLONG", -}; -LCRYPTO_ALIAS(ZLONG_it); - -static void -long_get(ASN1_VALUE **pval, long *out_val) -{ - memcpy(out_val, pval, sizeof(long)); -} - -static void -long_set(ASN1_VALUE **pval, long val) -{ - memcpy(pval, &val, sizeof(long)); -} - -static int -long_new(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - long_clear(pval, it); - - return 1; -} - -static void -long_free(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - long_clear(pval, it); -} - -static void -long_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - /* Zero value. */ - long_set(pval, it->size); -} - -static int -long_i2c(ASN1_VALUE **pval, unsigned char *content, int *putype, - const ASN1_ITEM *it) -{ - ASN1_INTEGER *aint; - uint8_t **pp = NULL; - long val; - int ret = 0; - - long_get(pval, &val); - - /* - * The zero value for this type (stored in the overloaded it->size - * field) is considered to be invalid. - */ - if (val == it->size) - return -1; - - if ((aint = ASN1_INTEGER_new()) == NULL) - goto err; - if (!ASN1_INTEGER_set_int64(aint, (int64_t)val)) - goto err; - if (content != NULL) - pp = &content; - ret = i2c_ASN1_INTEGER(aint, pp); - - err: - ASN1_INTEGER_free(aint); - - return ret; -} - -static int -long_c2i(ASN1_VALUE **pval, const unsigned char *content, int len, int utype, - char *free_content, const ASN1_ITEM *it) -{ - ASN1_INTEGER *aint = NULL; - const uint8_t **pp = NULL; - int64_t val = 0; - int ret = 0; - - /* - * The original long_i2c() mishandled 0 values and encoded them as - * content with zero length, rather than a single zero byte. Permit - * zero length content here for backwards compatibility. - */ - if (len != 0) { - if (content != NULL) - pp = &content; - if (!c2i_ASN1_INTEGER(&aint, pp, len)) - goto err; - if (!ASN1_INTEGER_get_int64(&val, aint)) - goto err; - } - - if (val < LONG_MIN || val > LONG_MAX) { - ASN1error(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG); - goto err; - } - - /* - * The zero value for this type (stored in the overloaded it->size - * field) is considered to be invalid. - */ - if (val == (int64_t)it->size) { - ASN1error(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG); - goto err; - } - - long_set(pval, (long)val); - - ret = 1; - - err: - ASN1_INTEGER_free(aint); - - return ret; -} - -static int -long_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, - const ASN1_PCTX *pctx) -{ - long val; - - long_get(pval, &val); - - if (BIO_printf(out, "%ld\n", val) <= 0) - return 0; - - return 1; -} diff --git a/src/lib/libcrypto/asn1/x_name.c b/src/lib/libcrypto/asn1/x_name.c deleted file mode 100644 index c60714b74f..0000000000 --- a/src/lib/libcrypto/asn1/x_name.c +++ /dev/null @@ -1,666 +0,0 @@ -/* $OpenBSD: x_name.c,v 1.45 2025/03/20 09:41:47 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include -#include -#include - -#include "asn1_local.h" -#include "x509_local.h" - -typedef STACK_OF(X509_NAME_ENTRY) STACK_OF_X509_NAME_ENTRY; -DECLARE_STACK_OF(STACK_OF_X509_NAME_ENTRY) - -static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, - long len, const ASN1_ITEM *it, int tag, int aclass, char opt, - ASN1_TLC *ctx); - -static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, - const ASN1_ITEM *it, int tag, int aclass); -static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it); -static void x509_name_ex_free(ASN1_VALUE **val, const ASN1_ITEM *it); - -static int x509_name_encode(X509_NAME *a); -static int x509_name_canon(X509_NAME *a); -static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in); -static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname, - unsigned char **in); - -static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval, int indent, - const char *fname, const ASN1_PCTX *pctx); - -static const ASN1_TEMPLATE X509_NAME_ENTRY_seq_tt[] = { - { - .offset = offsetof(X509_NAME_ENTRY, object), - .field_name = "object", - .item = &ASN1_OBJECT_it, - }, - { - .offset = offsetof(X509_NAME_ENTRY, value), - .field_name = "value", - .item = &ASN1_PRINTABLE_it, - }, -}; - -const ASN1_ITEM X509_NAME_ENTRY_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = X509_NAME_ENTRY_seq_tt, - .tcount = sizeof(X509_NAME_ENTRY_seq_tt) / sizeof(ASN1_TEMPLATE), - .size = sizeof(X509_NAME_ENTRY), - .sname = "X509_NAME_ENTRY", -}; -LCRYPTO_ALIAS(X509_NAME_ENTRY_it); - - -X509_NAME_ENTRY * -d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **a, const unsigned char **in, long len) -{ - return (X509_NAME_ENTRY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &X509_NAME_ENTRY_it); -} -LCRYPTO_ALIAS(d2i_X509_NAME_ENTRY); - -int -i2d_X509_NAME_ENTRY(X509_NAME_ENTRY *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_NAME_ENTRY_it); -} -LCRYPTO_ALIAS(i2d_X509_NAME_ENTRY); - -X509_NAME_ENTRY * -X509_NAME_ENTRY_new(void) -{ - return (X509_NAME_ENTRY *)ASN1_item_new(&X509_NAME_ENTRY_it); -} -LCRYPTO_ALIAS(X509_NAME_ENTRY_new); - -void -X509_NAME_ENTRY_free(X509_NAME_ENTRY *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &X509_NAME_ENTRY_it); -} -LCRYPTO_ALIAS(X509_NAME_ENTRY_free); - -X509_NAME_ENTRY * -X509_NAME_ENTRY_dup(X509_NAME_ENTRY *x) -{ - return ASN1_item_dup(&X509_NAME_ENTRY_it, x); -} -LCRYPTO_ALIAS(X509_NAME_ENTRY_dup); - -/* For the "Name" type we need a SEQUENCE OF { SET OF X509_NAME_ENTRY } - * so declare two template wrappers for this - */ - -static const ASN1_TEMPLATE X509_NAME_ENTRIES_item_tt = { - .flags = ASN1_TFLG_SET_OF, - .tag = 0, - .offset = 0, - .field_name = "RDNS", - .item = &X509_NAME_ENTRY_it, -}; - -static const ASN1_ITEM X509_NAME_ENTRIES_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = -1, - .templates = &X509_NAME_ENTRIES_item_tt, - .tcount = 0, - .funcs = NULL, - .size = 0, - .sname = "X509_NAME_ENTRIES", -}; - -static const ASN1_TEMPLATE X509_NAME_INTERNAL_item_tt = { - .flags = ASN1_TFLG_SEQUENCE_OF, - .tag = 0, - .offset = 0, - .field_name = "Name", - .item = &X509_NAME_ENTRIES_it, -}; - -static const ASN1_ITEM X509_NAME_INTERNAL_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = -1, - .templates = &X509_NAME_INTERNAL_item_tt, - .tcount = 0, - .funcs = NULL, - .size = 0, - .sname = "X509_NAME_INTERNAL", -}; - -/* Normally that's where it would end: we'd have two nested STACK structures - * representing the ASN1. Unfortunately X509_NAME uses a completely different - * form and caches encodings so we have to process the internal form and convert - * to the external form. - */ - -const ASN1_EXTERN_FUNCS x509_name_ff = { - .app_data = NULL, - .asn1_ex_new = x509_name_ex_new, - .asn1_ex_free = x509_name_ex_free, - .asn1_ex_clear = NULL, - .asn1_ex_d2i = x509_name_ex_d2i, - .asn1_ex_i2d = x509_name_ex_i2d, - .asn1_ex_print = x509_name_ex_print, -}; - -const ASN1_ITEM X509_NAME_it = { - .itype = ASN1_ITYPE_EXTERN, - .utype = V_ASN1_SEQUENCE, - .templates = NULL, - .tcount = 0, - .funcs = &x509_name_ff, - .size = 0, - .sname = "X509_NAME", -}; -LCRYPTO_ALIAS(X509_NAME_it); - -X509_NAME * -d2i_X509_NAME(X509_NAME **a, const unsigned char **in, long len) -{ - return (X509_NAME *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &X509_NAME_it); -} -LCRYPTO_ALIAS(d2i_X509_NAME); - -int -i2d_X509_NAME(X509_NAME *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_NAME_it); -} -LCRYPTO_ALIAS(i2d_X509_NAME); - -X509_NAME * -X509_NAME_new(void) -{ - return (X509_NAME *)ASN1_item_new(&X509_NAME_it); -} -LCRYPTO_ALIAS(X509_NAME_new); - -void -X509_NAME_free(X509_NAME *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &X509_NAME_it); -} -LCRYPTO_ALIAS(X509_NAME_free); - -X509_NAME * -X509_NAME_dup(X509_NAME *x) -{ - return ASN1_item_dup(&X509_NAME_it, x); -} -LCRYPTO_ALIAS(X509_NAME_dup); - -static int -x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it) -{ - X509_NAME *ret = NULL; - - ret = malloc(sizeof(X509_NAME)); - if (!ret) - goto memerr; - if ((ret->entries = sk_X509_NAME_ENTRY_new_null()) == NULL) - goto memerr; - if ((ret->bytes = BUF_MEM_new()) == NULL) - goto memerr; - ret->canon_enc = NULL; - ret->canon_enclen = 0; - ret->modified = 1; - *val = (ASN1_VALUE *)ret; - return 1; - - memerr: - ASN1error(ERR_R_MALLOC_FAILURE); - if (ret) { - if (ret->entries) - sk_X509_NAME_ENTRY_free(ret->entries); - free(ret); - } - return 0; -} - -static void -x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - X509_NAME *a; - - if (!pval || !*pval) - return; - a = (X509_NAME *)*pval; - - BUF_MEM_free(a->bytes); - sk_X509_NAME_ENTRY_pop_free(a->entries, X509_NAME_ENTRY_free); - free(a->canon_enc); - free(a); - *pval = NULL; -} - -static int -x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len, - const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx) -{ - const unsigned char *p = *in, *q; - union { - STACK_OF(STACK_OF_X509_NAME_ENTRY) *s; - ASN1_VALUE *a; - } intname = {NULL}; - union { - X509_NAME *x; - ASN1_VALUE *a; - } nm = {NULL}; - int i, j, ret; - STACK_OF(X509_NAME_ENTRY) *entries; - X509_NAME_ENTRY *entry; - q = p; - - /* Get internal representation of Name */ - ret = ASN1_item_ex_d2i(&intname.a, &p, len, - &X509_NAME_INTERNAL_it, tag, aclass, opt, ctx); - - if (ret <= 0) - return ret; - - if (*val) - x509_name_ex_free(val, NULL); - if (!x509_name_ex_new(&nm.a, NULL)) - goto err; - /* We've decoded it: now cache encoding */ - if (!BUF_MEM_grow(nm.x->bytes, p - q)) - goto err; - memcpy(nm.x->bytes->data, q, p - q); - - /* Convert internal representation to X509_NAME structure */ - for (i = 0; i < sk_STACK_OF_X509_NAME_ENTRY_num(intname.s); i++) { - entries = sk_STACK_OF_X509_NAME_ENTRY_value(intname.s, i); - for (j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) { - entry = sk_X509_NAME_ENTRY_value(entries, j); - entry->set = i; - if (!sk_X509_NAME_ENTRY_push(nm.x->entries, entry)) - goto err; - } - sk_X509_NAME_ENTRY_free(entries); - } - sk_STACK_OF_X509_NAME_ENTRY_free(intname.s); - ret = x509_name_canon(nm.x); - if (!ret) - goto err; - nm.x->modified = 0; - *val = nm.a; - *in = p; - return ret; - - err: - if (nm.x != NULL) - X509_NAME_free(nm.x); - ASN1error(ERR_R_NESTED_ASN1_ERROR); - return 0; -} - -static int -x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it, - int tag, int aclass) -{ - int ret; - X509_NAME *a = (X509_NAME *)*val; - - if (a->modified) { - ret = x509_name_encode(a); - if (ret < 0) - return ret; - ret = x509_name_canon(a); - if (ret < 0) - return ret; - } - ret = a->bytes->length; - if (out != NULL) { - memcpy(*out, a->bytes->data, ret); - *out += ret; - } - return ret; -} - -static void -local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne) -{ - sk_X509_NAME_ENTRY_free(ne); -} - -static void -local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne) -{ - sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free); -} - -static int -x509_name_encode(X509_NAME *a) -{ - union { - STACK_OF(STACK_OF_X509_NAME_ENTRY) *s; - ASN1_VALUE *a; - } intname = {NULL}; - int len; - unsigned char *p; - STACK_OF(X509_NAME_ENTRY) *entries = NULL; - X509_NAME_ENTRY *entry; - int i, set = -1; - - intname.s = sk_STACK_OF_X509_NAME_ENTRY_new_null(); - if (!intname.s) - goto memerr; - for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) { - entry = sk_X509_NAME_ENTRY_value(a->entries, i); - if (entry->set != set) { - entries = sk_X509_NAME_ENTRY_new_null(); - if (!entries) - goto memerr; - if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s, - entries)) { - sk_X509_NAME_ENTRY_free(entries); - goto memerr; - } - set = entry->set; - } - if (entries == NULL /* if entry->set is bogusly -1 */ || - !sk_X509_NAME_ENTRY_push(entries, entry)) - goto memerr; - } - len = ASN1_item_ex_i2d(&intname.a, NULL, - &X509_NAME_INTERNAL_it, -1, -1); - if (!BUF_MEM_grow(a->bytes, len)) - goto memerr; - p = (unsigned char *)a->bytes->data; - ASN1_item_ex_i2d(&intname.a, &p, &X509_NAME_INTERNAL_it, - -1, -1); - sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s, - local_sk_X509_NAME_ENTRY_free); - a->modified = 0; - return len; - - memerr: - sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s, - local_sk_X509_NAME_ENTRY_free); - ASN1error(ERR_R_MALLOC_FAILURE); - return -1; -} - -static int -x509_name_ex_print(BIO *out, ASN1_VALUE **pval, int indent, const char *fname, - const ASN1_PCTX *pctx) -{ - if (X509_NAME_print_ex(out, (X509_NAME *)*pval, indent, - pctx->nm_flags) <= 0) - return 0; - return 2; -} - -/* This function generates the canonical encoding of the Name structure. - * In it all strings are converted to UTF8, leading, trailing and - * multiple spaces collapsed, converted to lower case and the leading - * SEQUENCE header removed. - * - * In future we could also normalize the UTF8 too. - * - * By doing this comparison of Name structures can be rapidly - * performed by just using memcmp() of the canonical encoding. - * By omitting the leading SEQUENCE name constraints of type - * dirName can also be checked with a simple memcmp(). - */ - -static int -x509_name_canon(X509_NAME *a) -{ - unsigned char *p; - STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname = NULL; - STACK_OF(X509_NAME_ENTRY) *entries = NULL; - X509_NAME_ENTRY *entry, *tmpentry = NULL; - int i, len, set = -1, ret = 0; - - if (a->canon_enc) { - free(a->canon_enc); - a->canon_enc = NULL; - } - /* Special case: empty X509_NAME => null encoding */ - if (sk_X509_NAME_ENTRY_num(a->entries) == 0) { - a->canon_enclen = 0; - return 1; - } - intname = sk_STACK_OF_X509_NAME_ENTRY_new_null(); - if (!intname) - goto err; - for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) { - entry = sk_X509_NAME_ENTRY_value(a->entries, i); - if (entry->set != set) { - entries = sk_X509_NAME_ENTRY_new_null(); - if (!entries) - goto err; - if (sk_STACK_OF_X509_NAME_ENTRY_push(intname, - entries) == 0) { - sk_X509_NAME_ENTRY_free(entries); - goto err; - } - set = entry->set; - } - tmpentry = X509_NAME_ENTRY_new(); - if (tmpentry == NULL) - goto err; - tmpentry->object = OBJ_dup(entry->object); - if (tmpentry->object == NULL) - goto err; - if (!asn1_string_canon(tmpentry->value, entry->value)) - goto err; - if (entries == NULL /* if entry->set is bogusly -1 */ || - !sk_X509_NAME_ENTRY_push(entries, tmpentry)) - goto err; - tmpentry = NULL; - } - - /* Finally generate encoding */ - len = i2d_name_canon(intname, NULL); - if (len < 0) - goto err; - p = malloc(len); - if (p == NULL) - goto err; - a->canon_enc = p; - a->canon_enclen = len; - i2d_name_canon(intname, &p); - ret = 1; - - err: - if (tmpentry) - X509_NAME_ENTRY_free(tmpentry); - if (intname) - sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname, - local_sk_X509_NAME_ENTRY_pop_free); - return ret; -} - -/* Bitmap of all the types of string that will be canonicalized. */ - -#define ASN1_MASK_CANON \ - (B_ASN1_UTF8STRING | B_ASN1_BMPSTRING | B_ASN1_UNIVERSALSTRING \ - | B_ASN1_PRINTABLESTRING | B_ASN1_T61STRING | B_ASN1_IA5STRING \ - | B_ASN1_VISIBLESTRING) - - -static int -asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in) -{ - unsigned char *to, *from; - int len, i; - - /* If type not in bitmask just copy string across */ - if (!(ASN1_tag2bit(in->type) & ASN1_MASK_CANON)) { - if (!ASN1_STRING_copy(out, in)) - return 0; - return 1; - } - - out->type = V_ASN1_UTF8STRING; - out->length = ASN1_STRING_to_UTF8(&out->data, in); - if (out->length == -1) - return 0; - - to = out->data; - from = to; - - len = out->length; - - /* Convert string in place to canonical form. - * Ultimately we may need to handle a wider range of characters - * but for now ignore anything with MSB set and rely on the - * isspace() and tolower() functions. - */ - - /* Ignore leading spaces */ - while ((len > 0) && !(*from & 0x80) && isspace(*from)) { - from++; - len--; - } - - to = from + len - 1; - - /* Ignore trailing spaces */ - while ((len > 0) && !(*to & 0x80) && isspace(*to)) { - to--; - len--; - } - - to = out->data; - - i = 0; - while (i < len) { - /* If MSB set just copy across */ - if (*from & 0x80) { - *to++ = *from++; - i++; - } - /* Collapse multiple spaces */ - else if (isspace(*from)) { - /* Copy one space across */ - *to++ = ' '; - /* Ignore subsequent spaces. Note: don't need to - * check len here because we know the last - * character is a non-space so we can't overflow. - */ - do { - from++; - i++; - } while (!(*from & 0x80) && isspace(*from)); - } else { - *to++ = tolower(*from); - from++; - i++; - } - } - - out->length = to - out->data; - - return 1; -} - -static int -i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) *_intname, unsigned char **in) -{ - int i, len, ltmp; - ASN1_VALUE *v; - STACK_OF(ASN1_VALUE) *intname = (STACK_OF(ASN1_VALUE) *)_intname; - - len = 0; - for (i = 0; i < sk_ASN1_VALUE_num(intname); i++) { - v = sk_ASN1_VALUE_value(intname, i); - ltmp = ASN1_item_ex_i2d(&v, in, - &X509_NAME_ENTRIES_it, -1, -1); - if (ltmp < 0) - return ltmp; - len += ltmp; - } - return len; -} - -int -X509_NAME_set(X509_NAME **xn, X509_NAME *name) -{ - if (*xn == name) - return *xn != NULL; - if ((name = X509_NAME_dup(name)) == NULL) - return 0; - X509_NAME_free(*xn); - *xn = name; - return 1; -} -LCRYPTO_ALIAS(X509_NAME_set); - -int -X509_NAME_get0_der(X509_NAME *nm, const unsigned char **pder, size_t *pderlen) -{ - /* Make sure encoding is valid. */ - if (i2d_X509_NAME(nm, NULL) <= 0) - return 0; - if (pder != NULL) - *pder = (unsigned char *)nm->bytes->data; - if (pderlen != NULL) - *pderlen = nm->bytes->length; - return 1; -} -LCRYPTO_ALIAS(X509_NAME_get0_der); diff --git a/src/lib/libcrypto/asn1/x_pkey.c b/src/lib/libcrypto/asn1/x_pkey.c deleted file mode 100644 index 5c96c13ab9..0000000000 --- a/src/lib/libcrypto/asn1/x_pkey.c +++ /dev/null @@ -1,123 +0,0 @@ -/* $OpenBSD: x_pkey.c,v 1.24 2024/04/09 13:55:02 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include -#include -#include -#include - -X509_PKEY * -X509_PKEY_new(void) -{ - X509_PKEY *ret = NULL; - - if ((ret = malloc(sizeof(X509_PKEY))) == NULL) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto err; - } - ret->version = 0; - if ((ret->enc_algor = X509_ALGOR_new()) == NULL) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto err; - } - if ((ret->enc_pkey = ASN1_OCTET_STRING_new()) == NULL) { - ASN1error(ERR_R_MALLOC_FAILURE); - goto err; - } - ret->dec_pkey = NULL; - ret->key_length = 0; - ret->key_data = NULL; - ret->key_free = 0; - ret->cipher.cipher = NULL; - memset(ret->cipher.iv, 0, EVP_MAX_IV_LENGTH); - ret->references = 1; - return (ret); - - err: - if (ret) { - X509_ALGOR_free(ret->enc_algor); - free(ret); - } - return NULL; -} -LCRYPTO_ALIAS(X509_PKEY_new); - -void -X509_PKEY_free(X509_PKEY *x) -{ - int i; - - if (x == NULL) - return; - - i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_X509_PKEY); - if (i > 0) - return; - - if (x->enc_algor != NULL) - X509_ALGOR_free(x->enc_algor); - ASN1_OCTET_STRING_free(x->enc_pkey); - EVP_PKEY_free(x->dec_pkey); - if ((x->key_data != NULL) && (x->key_free)) - free(x->key_data); - free(x); -} -LCRYPTO_ALIAS(X509_PKEY_free); diff --git a/src/lib/libcrypto/asn1/x_pubkey.c b/src/lib/libcrypto/asn1/x_pubkey.c deleted file mode 100644 index 1e772a3458..0000000000 --- a/src/lib/libcrypto/asn1/x_pubkey.c +++ /dev/null @@ -1,775 +0,0 @@ -/* $OpenBSD: x_pubkey.c,v 1.37 2024/07/08 14:48:49 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include - -#include -#include -#include - -#ifndef OPENSSL_NO_DSA -#include -#endif -#ifndef OPENSSL_NO_RSA -#include -#endif - -#include "asn1_local.h" -#include "evp_local.h" -#include "x509_local.h" - -/* Minor tweak to operation: free up EVP_PKEY */ -static int -pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) -{ - if (operation == ASN1_OP_FREE_POST) { - X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval; - EVP_PKEY_free(pubkey->pkey); - } - return 1; -} - -static const ASN1_AUX X509_PUBKEY_aux = { - .asn1_cb = pubkey_cb, -}; -static const ASN1_TEMPLATE X509_PUBKEY_seq_tt[] = { - { - .offset = offsetof(X509_PUBKEY, algor), - .field_name = "algor", - .item = &X509_ALGOR_it, - }, - { - .offset = offsetof(X509_PUBKEY, public_key), - .field_name = "public_key", - .item = &ASN1_BIT_STRING_it, - }, -}; - -const ASN1_ITEM X509_PUBKEY_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = X509_PUBKEY_seq_tt, - .tcount = sizeof(X509_PUBKEY_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &X509_PUBKEY_aux, - .size = sizeof(X509_PUBKEY), - .sname = "X509_PUBKEY", -}; -LCRYPTO_ALIAS(X509_PUBKEY_it); - -X509_PUBKEY * -d2i_X509_PUBKEY(X509_PUBKEY **a, const unsigned char **in, long len) -{ - return (X509_PUBKEY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &X509_PUBKEY_it); -} -LCRYPTO_ALIAS(d2i_X509_PUBKEY); - -int -i2d_X509_PUBKEY(X509_PUBKEY *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_PUBKEY_it); -} -LCRYPTO_ALIAS(i2d_X509_PUBKEY); - -X509_PUBKEY * -X509_PUBKEY_new(void) -{ - return (X509_PUBKEY *)ASN1_item_new(&X509_PUBKEY_it); -} -LCRYPTO_ALIAS(X509_PUBKEY_new); - -void -X509_PUBKEY_free(X509_PUBKEY *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &X509_PUBKEY_it); -} -LCRYPTO_ALIAS(X509_PUBKEY_free); - -int -X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) -{ - X509_PUBKEY *pk = NULL; - - if (x == NULL) - return (0); - if ((pk = X509_PUBKEY_new()) == NULL) - goto error; - - if (pkey->ameth) { - if (pkey->ameth->pub_encode) { - if (!pkey->ameth->pub_encode(pk, pkey)) { - X509error(X509_R_PUBLIC_KEY_ENCODE_ERROR); - goto error; - } - } else { - X509error(X509_R_METHOD_NOT_SUPPORTED); - goto error; - } - } else { - X509error(X509_R_UNSUPPORTED_ALGORITHM); - goto error; - } - - if (*x != NULL) - X509_PUBKEY_free(*x); - - *x = pk; - - return 1; - - error: - if (pk != NULL) - X509_PUBKEY_free(pk); - return 0; -} -LCRYPTO_ALIAS(X509_PUBKEY_set); - -EVP_PKEY * -X509_PUBKEY_get0(X509_PUBKEY *key) -{ - EVP_PKEY *ret = NULL; - - if (key == NULL) - goto error; - - if (key->pkey != NULL) - return key->pkey; - - if (key->public_key == NULL) - goto error; - - if ((ret = EVP_PKEY_new()) == NULL) { - X509error(ERR_R_MALLOC_FAILURE); - goto error; - } - - if (!EVP_PKEY_set_type(ret, OBJ_obj2nid(key->algor->algorithm))) { - X509error(X509_R_UNSUPPORTED_ALGORITHM); - goto error; - } - - if (ret->ameth->pub_decode) { - if (!ret->ameth->pub_decode(ret, key)) { - X509error(X509_R_PUBLIC_KEY_DECODE_ERROR); - goto error; - } - } else { - X509error(X509_R_METHOD_NOT_SUPPORTED); - goto error; - } - - /* Check to see if another thread set key->pkey first */ - CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY); - if (key->pkey) { - CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); - EVP_PKEY_free(ret); - ret = key->pkey; - } else { - key->pkey = ret; - CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); - } - - return ret; - - error: - EVP_PKEY_free(ret); - return (NULL); -} -LCRYPTO_ALIAS(X509_PUBKEY_get0); - -EVP_PKEY * -X509_PUBKEY_get(X509_PUBKEY *key) -{ - EVP_PKEY *pkey; - - if ((pkey = X509_PUBKEY_get0(key)) == NULL) - return (NULL); - - CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY); - - return pkey; -} -LCRYPTO_ALIAS(X509_PUBKEY_get); - -/* - * Decode an X509_PUBKEY into the specified key type. - */ -static int -pubkey_ex_d2i(int pkey_type, ASN1_VALUE **pval, const unsigned char **in, - long len, const ASN1_ITEM *it) -{ - const ASN1_EXTERN_FUNCS *ef = it->funcs; - const unsigned char *p = *in; - X509_PUBKEY *xpk = NULL; - ASN1_VALUE *key = NULL; - EVP_PKEY *pkey = NULL; - int ret = 0; - - if ((xpk = d2i_X509_PUBKEY(NULL, &p, len)) == NULL) - goto err; - if ((pkey = X509_PUBKEY_get(xpk)) == NULL) - goto err; - - switch (pkey_type) { - case EVP_PKEY_NONE: - key = (ASN1_VALUE *)pkey; - pkey = NULL; - break; - - case EVP_PKEY_DSA: - key = (ASN1_VALUE *)EVP_PKEY_get1_DSA(pkey); - break; - - case EVP_PKEY_RSA: - key = (ASN1_VALUE *)EVP_PKEY_get1_RSA(pkey); - break; - - case EVP_PKEY_EC: - key = (ASN1_VALUE *)EVP_PKEY_get1_EC_KEY(pkey); - break; - - default: - goto err; - } - - if (key == NULL) - goto err; - - ef->asn1_ex_free(pval, it); - - *pval = key; - *in = p; - ret = 1; - - err: - EVP_PKEY_free(pkey); - X509_PUBKEY_free(xpk); - - return ret; -} - -/* - * Encode the specified key type into an X509_PUBKEY. - */ -static int -pubkey_ex_i2d(int pkey_type, ASN1_VALUE **pval, unsigned char **out, - const ASN1_ITEM *it) -{ - X509_PUBKEY *xpk = NULL; - EVP_PKEY *pkey, *pktmp; - int ret = -1; - - if ((pkey = pktmp = EVP_PKEY_new()) == NULL) - goto err; - - switch (pkey_type) { - case EVP_PKEY_NONE: - pkey = (EVP_PKEY *)*pval; - break; - - case EVP_PKEY_DSA: - if (!EVP_PKEY_set1_DSA(pkey, (DSA *)*pval)) - goto err; - break; - - case EVP_PKEY_RSA: - if (!EVP_PKEY_set1_RSA(pkey, (RSA *)*pval)) - goto err; - break; - - case EVP_PKEY_EC: - if (!EVP_PKEY_set1_EC_KEY(pkey, (EC_KEY*)*pval)) - goto err; - break; - - default: - goto err; - } - - if (!X509_PUBKEY_set(&xpk, pkey)) - goto err; - - ret = i2d_X509_PUBKEY(xpk, out); - - err: - EVP_PKEY_free(pktmp); - X509_PUBKEY_free(xpk); - - return ret; -} - -static int -pkey_pubkey_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - if ((*pval = (ASN1_VALUE *)EVP_PKEY_new()) == NULL) - return 0; - - return 1; -} - -static void -pkey_pubkey_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - EVP_PKEY_free((EVP_PKEY *)*pval); - *pval = NULL; -} - -static int -pkey_pubkey_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, - const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx) -{ - return pubkey_ex_d2i(EVP_PKEY_NONE, pval, in, len, it); -} - -static int -pkey_pubkey_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, - int tag, int aclass) -{ - return pubkey_ex_i2d(EVP_PKEY_NONE, pval, out, it); -} - -const ASN1_EXTERN_FUNCS pkey_pubkey_asn1_ff = { - .app_data = NULL, - .asn1_ex_new = pkey_pubkey_ex_new, - .asn1_ex_free = pkey_pubkey_ex_free, - .asn1_ex_clear = NULL, - .asn1_ex_d2i = pkey_pubkey_ex_d2i, - .asn1_ex_i2d = pkey_pubkey_ex_i2d, - .asn1_ex_print = NULL, -}; - -const ASN1_ITEM EVP_PKEY_PUBKEY_it = { - .itype = ASN1_ITYPE_EXTERN, - .utype = 0, - .templates = NULL, - .tcount = 0, - .funcs = &pkey_pubkey_asn1_ff, - .size = 0, - .sname = NULL, -}; - -EVP_PKEY * -d2i_PUBKEY(EVP_PKEY **pkey, const unsigned char **in, long len) -{ - return (EVP_PKEY *)ASN1_item_d2i((ASN1_VALUE **)pkey, in, len, - &EVP_PKEY_PUBKEY_it); -} -LCRYPTO_ALIAS(d2i_PUBKEY); - -int -i2d_PUBKEY(EVP_PKEY *pkey, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)pkey, out, &EVP_PKEY_PUBKEY_it); -} -LCRYPTO_ALIAS(i2d_PUBKEY); - -EVP_PKEY * -d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **pkey) -{ - return (EVP_PKEY *)ASN1_item_d2i_bio(&EVP_PKEY_PUBKEY_it, bp, - (ASN1_VALUE **)pkey); -} -LCRYPTO_ALIAS(d2i_PUBKEY_bio); - -int -i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey) -{ - return ASN1_item_i2d_bio(&EVP_PKEY_PUBKEY_it, bp, (ASN1_VALUE *)pkey); -} -LCRYPTO_ALIAS(i2d_PUBKEY_bio); - -EVP_PKEY * -d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **pkey) -{ - return (EVP_PKEY *)ASN1_item_d2i_fp(&EVP_PKEY_PUBKEY_it, fp, - (ASN1_VALUE **)pkey); -} -LCRYPTO_ALIAS(d2i_PUBKEY_fp); - -int -i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey) -{ - return ASN1_item_i2d_fp(&EVP_PKEY_PUBKEY_it, fp, (ASN1_VALUE *)pkey); -} -LCRYPTO_ALIAS(i2d_PUBKEY_fp); - -/* - * The following are equivalents but which return RSA and DSA keys. - */ -#ifndef OPENSSL_NO_RSA - -static int -rsa_pubkey_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - if ((*pval = (ASN1_VALUE *)RSA_new()) == NULL) - return 0; - - return 1; -} - -static void -rsa_pubkey_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - RSA_free((RSA *)*pval); - *pval = NULL; -} - -static int -rsa_pubkey_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, - const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx) -{ - return pubkey_ex_d2i(EVP_PKEY_RSA, pval, in, len, it); -} - -static int -rsa_pubkey_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, - int tag, int aclass) -{ - return pubkey_ex_i2d(EVP_PKEY_RSA, pval, out, it); -} - -const ASN1_EXTERN_FUNCS rsa_pubkey_asn1_ff = { - .app_data = NULL, - .asn1_ex_new = rsa_pubkey_ex_new, - .asn1_ex_free = rsa_pubkey_ex_free, - .asn1_ex_clear = NULL, - .asn1_ex_d2i = rsa_pubkey_ex_d2i, - .asn1_ex_i2d = rsa_pubkey_ex_i2d, - .asn1_ex_print = NULL, -}; - -const ASN1_ITEM RSA_PUBKEY_it = { - .itype = ASN1_ITYPE_EXTERN, - .utype = 0, - .templates = NULL, - .tcount = 0, - .funcs = &rsa_pubkey_asn1_ff, - .size = 0, - .sname = NULL, -}; - -RSA * -d2i_RSA_PUBKEY(RSA **rsa, const unsigned char **in, long len) -{ - return (RSA *)ASN1_item_d2i((ASN1_VALUE **)rsa, in, len, - &RSA_PUBKEY_it); -} -LCRYPTO_ALIAS(d2i_RSA_PUBKEY); - -int -i2d_RSA_PUBKEY(RSA *rsa, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)rsa, out, &RSA_PUBKEY_it); -} -LCRYPTO_ALIAS(i2d_RSA_PUBKEY); - -RSA * -d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa) -{ - return (RSA *)ASN1_item_d2i_bio(&RSA_PUBKEY_it, bp, (ASN1_VALUE **)rsa); -} -LCRYPTO_ALIAS(d2i_RSA_PUBKEY_bio); - -int -i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa) -{ - return ASN1_item_i2d_bio(&RSA_PUBKEY_it, bp, (ASN1_VALUE *)rsa); -} -LCRYPTO_ALIAS(i2d_RSA_PUBKEY_bio); - -RSA * -d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa) -{ - return (RSA *)ASN1_item_d2i_fp(&RSA_PUBKEY_it, fp, (ASN1_VALUE **)rsa); -} -LCRYPTO_ALIAS(d2i_RSA_PUBKEY_fp); - -int -i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa) -{ - return ASN1_item_i2d_fp(&RSA_PUBKEY_it, fp, (ASN1_VALUE *)rsa); -} -LCRYPTO_ALIAS(i2d_RSA_PUBKEY_fp); -#endif - -#ifndef OPENSSL_NO_DSA - -static int -dsa_pubkey_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - if ((*pval = (ASN1_VALUE *)DSA_new()) == NULL) - return 0; - - return 1; -} - -static void -dsa_pubkey_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - DSA_free((DSA *)*pval); - *pval = NULL; -} - -static int -dsa_pubkey_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, - const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx) -{ - return pubkey_ex_d2i(EVP_PKEY_DSA, pval, in, len, it); -} - -static int -dsa_pubkey_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, - int tag, int aclass) -{ - return pubkey_ex_i2d(EVP_PKEY_DSA, pval, out, it); -} - -const ASN1_EXTERN_FUNCS dsa_pubkey_asn1_ff = { - .app_data = NULL, - .asn1_ex_new = dsa_pubkey_ex_new, - .asn1_ex_free = dsa_pubkey_ex_free, - .asn1_ex_clear = NULL, - .asn1_ex_d2i = dsa_pubkey_ex_d2i, - .asn1_ex_i2d = dsa_pubkey_ex_i2d, - .asn1_ex_print = NULL, -}; - -const ASN1_ITEM DSA_PUBKEY_it = { - .itype = ASN1_ITYPE_EXTERN, - .utype = 0, - .templates = NULL, - .tcount = 0, - .funcs = &dsa_pubkey_asn1_ff, - .size = 0, - .sname = NULL, -}; - -DSA * -d2i_DSA_PUBKEY(DSA **dsa, const unsigned char **in, long len) -{ - return (DSA *)ASN1_item_d2i((ASN1_VALUE **)dsa, in, len, - &DSA_PUBKEY_it); -} -LCRYPTO_ALIAS(d2i_DSA_PUBKEY); - -int -i2d_DSA_PUBKEY(DSA *dsa, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)dsa, out, &DSA_PUBKEY_it); -} -LCRYPTO_ALIAS(i2d_DSA_PUBKEY); - -DSA * -d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa) -{ - return (DSA *)ASN1_item_d2i_bio(&DSA_PUBKEY_it, bp, (ASN1_VALUE **)dsa); -} -LCRYPTO_ALIAS(d2i_DSA_PUBKEY_bio); - -int -i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa) -{ - return ASN1_item_i2d_bio(&DSA_PUBKEY_it, bp, (ASN1_VALUE *)dsa); -} -LCRYPTO_ALIAS(i2d_DSA_PUBKEY_bio); - -DSA * -d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa) -{ - return (DSA *)ASN1_item_d2i_fp(&DSA_PUBKEY_it, fp, (ASN1_VALUE **)dsa); -} -LCRYPTO_ALIAS(d2i_DSA_PUBKEY_fp); - -int -i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa) -{ - return ASN1_item_i2d_fp(&DSA_PUBKEY_it, fp, (ASN1_VALUE *)dsa); -} -LCRYPTO_ALIAS(i2d_DSA_PUBKEY_fp); - -#endif - -#ifndef OPENSSL_NO_EC - -static int -ec_pubkey_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - if ((*pval = (ASN1_VALUE *)EC_KEY_new()) == NULL) - return 0; - - return 1; -} - -static void -ec_pubkey_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it) -{ - EC_KEY_free((EC_KEY *)*pval); - *pval = NULL; -} - -static int -ec_pubkey_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, - const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx) -{ - return pubkey_ex_d2i(EVP_PKEY_EC, pval, in, len, it); -} - -static int -ec_pubkey_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, - int tag, int aclass) -{ - return pubkey_ex_i2d(EVP_PKEY_EC, pval, out, it); -} - -const ASN1_EXTERN_FUNCS ec_pubkey_asn1_ff = { - .app_data = NULL, - .asn1_ex_new = ec_pubkey_ex_new, - .asn1_ex_free = ec_pubkey_ex_free, - .asn1_ex_clear = NULL, - .asn1_ex_d2i = ec_pubkey_ex_d2i, - .asn1_ex_i2d = ec_pubkey_ex_i2d, - .asn1_ex_print = NULL, -}; - -const ASN1_ITEM EC_PUBKEY_it = { - .itype = ASN1_ITYPE_EXTERN, - .utype = 0, - .templates = NULL, - .tcount = 0, - .funcs = &ec_pubkey_asn1_ff, - .size = 0, - .sname = NULL, -}; - -EC_KEY * -d2i_EC_PUBKEY(EC_KEY **ec, const unsigned char **in, long len) -{ - return (EC_KEY *)ASN1_item_d2i((ASN1_VALUE **)ec, in, len, - &EC_PUBKEY_it); -} -LCRYPTO_ALIAS(d2i_EC_PUBKEY); - -int -i2d_EC_PUBKEY(EC_KEY *ec, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)ec, out, &EC_PUBKEY_it); -} -LCRYPTO_ALIAS(i2d_EC_PUBKEY); - -EC_KEY * -d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **ec) -{ - return (EC_KEY *)ASN1_item_d2i_bio(&EC_PUBKEY_it, bp, (ASN1_VALUE **)ec); -} -LCRYPTO_ALIAS(d2i_EC_PUBKEY_bio); - -int -i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *ec) -{ - return ASN1_item_i2d_bio(&EC_PUBKEY_it, bp, (ASN1_VALUE *)ec); -} -LCRYPTO_ALIAS(i2d_EC_PUBKEY_bio); - -EC_KEY * -d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **ec) -{ - return (EC_KEY *)ASN1_item_d2i_fp(&EC_PUBKEY_it, fp, (ASN1_VALUE **)ec); -} -LCRYPTO_ALIAS(d2i_EC_PUBKEY_fp); - -int -i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *ec) -{ - return ASN1_item_i2d_fp(&EC_PUBKEY_it, fp, (ASN1_VALUE *)ec); -} -LCRYPTO_ALIAS(i2d_EC_PUBKEY_fp); -#endif - -int -X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj, int ptype, - void *pval, unsigned char *penc, int penclen) -{ - if (!X509_ALGOR_set0(pub->algor, aobj, ptype, pval)) - return 0; - - if (penc == NULL) - return 1; - - ASN1_STRING_set0(pub->public_key, penc, penclen); - - return asn1_abs_set_unused_bits(pub->public_key, 0); -} -LCRYPTO_ALIAS(X509_PUBKEY_set0_param); - -int -X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, const unsigned char **pk, - int *ppklen, X509_ALGOR **pa, X509_PUBKEY *pub) -{ - if (ppkalg) - *ppkalg = pub->algor->algorithm; - if (pk) { - *pk = pub->public_key->data; - *ppklen = pub->public_key->length; - } - if (pa) - *pa = pub->algor; - return 1; -} -LCRYPTO_ALIAS(X509_PUBKEY_get0_param); diff --git a/src/lib/libcrypto/asn1/x_req.c b/src/lib/libcrypto/asn1/x_req.c deleted file mode 100644 index 50b55ecf50..0000000000 --- a/src/lib/libcrypto/asn1/x_req.c +++ /dev/null @@ -1,258 +0,0 @@ -/* $OpenBSD: x_req.c,v 1.23 2024/07/08 14:48:49 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include - -#include "x509_local.h" - -/* X509_REQ_INFO is handled in an unusual way to get round - * invalid encodings. Some broken certificate requests don't - * encode the attributes field if it is empty. This is in - * violation of PKCS#10 but we need to tolerate it. We do - * this by making the attributes field OPTIONAL then using - * the callback to initialise it to an empty STACK. - * - * This means that the field will be correctly encoded unless - * we NULL out the field. - * - * As a result we no longer need the req_kludge field because - * the information is now contained in the attributes field: - * 1. If it is NULL then it's the invalid omission. - * 2. If it is empty it is the correct encoding. - * 3. If it is not empty then some attributes are present. - * - */ - -static int -rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) -{ - X509_REQ_INFO *rinf = (X509_REQ_INFO *)*pval; - - if (operation == ASN1_OP_NEW_POST) { - rinf->attributes = sk_X509_ATTRIBUTE_new_null(); - if (!rinf->attributes) - return 0; - } - return 1; -} - -static const ASN1_AUX X509_REQ_INFO_aux = { - .flags = ASN1_AFLG_ENCODING, - .asn1_cb = rinf_cb, - .enc_offset = offsetof(X509_REQ_INFO, enc), -}; -static const ASN1_TEMPLATE X509_REQ_INFO_seq_tt[] = { - { - .offset = offsetof(X509_REQ_INFO, version), - .field_name = "version", - .item = &ASN1_INTEGER_it, - }, - { - .offset = offsetof(X509_REQ_INFO, subject), - .field_name = "subject", - .item = &X509_NAME_it, - }, - { - .offset = offsetof(X509_REQ_INFO, pubkey), - .field_name = "pubkey", - .item = &X509_PUBKEY_it, - }, - /* This isn't really OPTIONAL but it gets round invalid - * encodings - */ - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL, - .offset = offsetof(X509_REQ_INFO, attributes), - .field_name = "attributes", - .item = &X509_ATTRIBUTE_it, - }, -}; - -const ASN1_ITEM X509_REQ_INFO_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = X509_REQ_INFO_seq_tt, - .tcount = sizeof(X509_REQ_INFO_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &X509_REQ_INFO_aux, - .size = sizeof(X509_REQ_INFO), - .sname = "X509_REQ_INFO", -}; -LCRYPTO_ALIAS(X509_REQ_INFO_it); - - -X509_REQ_INFO * -d2i_X509_REQ_INFO(X509_REQ_INFO **a, const unsigned char **in, long len) -{ - return (X509_REQ_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &X509_REQ_INFO_it); -} -LCRYPTO_ALIAS(d2i_X509_REQ_INFO); - -int -i2d_X509_REQ_INFO(X509_REQ_INFO *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_REQ_INFO_it); -} -LCRYPTO_ALIAS(i2d_X509_REQ_INFO); - -X509_REQ_INFO * -X509_REQ_INFO_new(void) -{ - return (X509_REQ_INFO *)ASN1_item_new(&X509_REQ_INFO_it); -} -LCRYPTO_ALIAS(X509_REQ_INFO_new); - -void -X509_REQ_INFO_free(X509_REQ_INFO *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &X509_REQ_INFO_it); -} -LCRYPTO_ALIAS(X509_REQ_INFO_free); - -static const ASN1_AUX X509_REQ_aux = { - .app_data = NULL, - .flags = ASN1_AFLG_REFCOUNT, - .ref_offset = offsetof(X509_REQ, references), - .ref_lock = CRYPTO_LOCK_X509_REQ, -}; -static const ASN1_TEMPLATE X509_REQ_seq_tt[] = { - { - .offset = offsetof(X509_REQ, req_info), - .field_name = "req_info", - .item = &X509_REQ_INFO_it, - }, - { - .offset = offsetof(X509_REQ, sig_alg), - .field_name = "sig_alg", - .item = &X509_ALGOR_it, - }, - { - .offset = offsetof(X509_REQ, signature), - .field_name = "signature", - .item = &ASN1_BIT_STRING_it, - }, -}; - -const ASN1_ITEM X509_REQ_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = X509_REQ_seq_tt, - .tcount = sizeof(X509_REQ_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &X509_REQ_aux, - .size = sizeof(X509_REQ), - .sname = "X509_REQ", -}; -LCRYPTO_ALIAS(X509_REQ_it); - - -X509_REQ * -d2i_X509_REQ(X509_REQ **a, const unsigned char **in, long len) -{ - return (X509_REQ *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &X509_REQ_it); -} -LCRYPTO_ALIAS(d2i_X509_REQ); - -int -i2d_X509_REQ(X509_REQ *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_REQ_it); -} -LCRYPTO_ALIAS(i2d_X509_REQ); - -X509_REQ * -X509_REQ_new(void) -{ - return (X509_REQ *)ASN1_item_new(&X509_REQ_it); -} -LCRYPTO_ALIAS(X509_REQ_new); - -void -X509_REQ_free(X509_REQ *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &X509_REQ_it); -} -LCRYPTO_ALIAS(X509_REQ_free); - -X509_REQ * -X509_REQ_dup(X509_REQ *x) -{ - return ASN1_item_dup(&X509_REQ_it, x); -} -LCRYPTO_ALIAS(X509_REQ_dup); - -int -X509_REQ_get_signature_nid(const X509_REQ *req) -{ - return OBJ_obj2nid(req->sig_alg->algorithm); -} -LCRYPTO_ALIAS(X509_REQ_get_signature_nid); - -void -X509_REQ_get0_signature(const X509_REQ *req, const ASN1_BIT_STRING **psig, - const X509_ALGOR **palg) -{ - if (psig != NULL) - *psig = req->signature; - if (palg != NULL) - *palg = req->sig_alg; -} -LCRYPTO_ALIAS(X509_REQ_get0_signature); diff --git a/src/lib/libcrypto/asn1/x_sig.c b/src/lib/libcrypto/asn1/x_sig.c deleted file mode 100644 index be28e9722b..0000000000 --- a/src/lib/libcrypto/asn1/x_sig.c +++ /dev/null @@ -1,138 +0,0 @@ -/* $OpenBSD: x_sig.c,v 1.18 2024/07/08 14:48:49 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include - -#include "x509_local.h" - -static const ASN1_TEMPLATE X509_SIG_seq_tt[] = { - { - .offset = offsetof(X509_SIG, algor), - .field_name = "algor", - .item = &X509_ALGOR_it, - }, - { - .offset = offsetof(X509_SIG, digest), - .field_name = "digest", - .item = &ASN1_OCTET_STRING_it, - }, -}; - -const ASN1_ITEM X509_SIG_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = X509_SIG_seq_tt, - .tcount = sizeof(X509_SIG_seq_tt) / sizeof(ASN1_TEMPLATE), - .size = sizeof(X509_SIG), - .sname = "X509_SIG", -}; -LCRYPTO_ALIAS(X509_SIG_it); - - -X509_SIG * -d2i_X509_SIG(X509_SIG **a, const unsigned char **in, long len) -{ - return (X509_SIG *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &X509_SIG_it); -} -LCRYPTO_ALIAS(d2i_X509_SIG); - -int -i2d_X509_SIG(X509_SIG *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_SIG_it); -} -LCRYPTO_ALIAS(i2d_X509_SIG); - -X509_SIG * -X509_SIG_new(void) -{ - return (X509_SIG *)ASN1_item_new(&X509_SIG_it); -} -LCRYPTO_ALIAS(X509_SIG_new); - -void -X509_SIG_free(X509_SIG *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &X509_SIG_it); -} -LCRYPTO_ALIAS(X509_SIG_free); - -void -X509_SIG_get0(const X509_SIG *sig, const X509_ALGOR **palg, - const ASN1_OCTET_STRING **pdigest) -{ - if (palg != NULL) - *palg = sig->algor; - if (pdigest != NULL) - *pdigest = sig->digest; -} -LCRYPTO_ALIAS(X509_SIG_get0); - -void -X509_SIG_getm(X509_SIG *sig, X509_ALGOR **palg, ASN1_OCTET_STRING **pdigest) -{ - if (palg != NULL) - *palg = sig->algor; - if (pdigest != NULL) - *pdigest = sig->digest; -} -LCRYPTO_ALIAS(X509_SIG_getm); diff --git a/src/lib/libcrypto/asn1/x_spki.c b/src/lib/libcrypto/asn1/x_spki.c deleted file mode 100644 index e711b80611..0000000000 --- a/src/lib/libcrypto/asn1/x_spki.c +++ /dev/null @@ -1,184 +0,0 @@ -/* $OpenBSD: x_spki.c,v 1.15 2024/07/08 14:48:49 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - - /* This module was send to me my Pat Richards who - * wrote it. It is under my Copyright with his permission - */ - -#include - -#include -#include - -static const ASN1_TEMPLATE NETSCAPE_SPKAC_seq_tt[] = { - { - .offset = offsetof(NETSCAPE_SPKAC, pubkey), - .field_name = "pubkey", - .item = &X509_PUBKEY_it, - }, - { - .offset = offsetof(NETSCAPE_SPKAC, challenge), - .field_name = "challenge", - .item = &ASN1_IA5STRING_it, - }, -}; - -const ASN1_ITEM NETSCAPE_SPKAC_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = NETSCAPE_SPKAC_seq_tt, - .tcount = sizeof(NETSCAPE_SPKAC_seq_tt) / sizeof(ASN1_TEMPLATE), - .size = sizeof(NETSCAPE_SPKAC), - .sname = "NETSCAPE_SPKAC", -}; -LCRYPTO_ALIAS(NETSCAPE_SPKAC_it); - - -NETSCAPE_SPKAC * -d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a, const unsigned char **in, long len) -{ - return (NETSCAPE_SPKAC *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &NETSCAPE_SPKAC_it); -} -LCRYPTO_ALIAS(d2i_NETSCAPE_SPKAC); - -int -i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &NETSCAPE_SPKAC_it); -} -LCRYPTO_ALIAS(i2d_NETSCAPE_SPKAC); - -NETSCAPE_SPKAC * -NETSCAPE_SPKAC_new(void) -{ - return (NETSCAPE_SPKAC *)ASN1_item_new(&NETSCAPE_SPKAC_it); -} -LCRYPTO_ALIAS(NETSCAPE_SPKAC_new); - -void -NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &NETSCAPE_SPKAC_it); -} -LCRYPTO_ALIAS(NETSCAPE_SPKAC_free); - -static const ASN1_TEMPLATE NETSCAPE_SPKI_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(NETSCAPE_SPKI, spkac), - .field_name = "spkac", - .item = &NETSCAPE_SPKAC_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(NETSCAPE_SPKI, sig_algor), - .field_name = "sig_algor", - .item = &X509_ALGOR_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(NETSCAPE_SPKI, signature), - .field_name = "signature", - .item = &ASN1_BIT_STRING_it, - }, -}; - -const ASN1_ITEM NETSCAPE_SPKI_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = NETSCAPE_SPKI_seq_tt, - .tcount = sizeof(NETSCAPE_SPKI_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(NETSCAPE_SPKI), - .sname = "NETSCAPE_SPKI", -}; -LCRYPTO_ALIAS(NETSCAPE_SPKI_it); - - -NETSCAPE_SPKI * -d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **a, const unsigned char **in, long len) -{ - return (NETSCAPE_SPKI *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &NETSCAPE_SPKI_it); -} -LCRYPTO_ALIAS(d2i_NETSCAPE_SPKI); - -int -i2d_NETSCAPE_SPKI(NETSCAPE_SPKI *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &NETSCAPE_SPKI_it); -} -LCRYPTO_ALIAS(i2d_NETSCAPE_SPKI); - -NETSCAPE_SPKI * -NETSCAPE_SPKI_new(void) -{ - return (NETSCAPE_SPKI *)ASN1_item_new(&NETSCAPE_SPKI_it); -} -LCRYPTO_ALIAS(NETSCAPE_SPKI_new); - -void -NETSCAPE_SPKI_free(NETSCAPE_SPKI *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &NETSCAPE_SPKI_it); -} -LCRYPTO_ALIAS(NETSCAPE_SPKI_free); diff --git a/src/lib/libcrypto/asn1/x_val.c b/src/lib/libcrypto/asn1/x_val.c deleted file mode 100644 index 08501f17e0..0000000000 --- a/src/lib/libcrypto/asn1/x_val.c +++ /dev/null @@ -1,117 +0,0 @@ -/* $OpenBSD: x_val.c,v 1.16 2024/08/31 10:14:17 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include - -#include "x509_local.h" - -static const ASN1_TEMPLATE X509_VAL_seq_tt[] = { - { - .offset = offsetof(X509_VAL, notBefore), - .field_name = "notBefore", - .item = &ASN1_TIME_it, - }, - { - .offset = offsetof(X509_VAL, notAfter), - .field_name = "notAfter", - .item = &ASN1_TIME_it, - }, -}; - -const ASN1_ITEM X509_VAL_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = X509_VAL_seq_tt, - .tcount = sizeof(X509_VAL_seq_tt) / sizeof(ASN1_TEMPLATE), - .size = sizeof(X509_VAL), - .sname = "X509_VAL", -}; -LCRYPTO_ALIAS(X509_VAL_it); - - -X509_VAL * -d2i_X509_VAL(X509_VAL **a, const unsigned char **in, long len) -{ - return (X509_VAL *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &X509_VAL_it); -} -LCRYPTO_ALIAS(d2i_X509_VAL); - -int -i2d_X509_VAL(X509_VAL *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_VAL_it); -} -LCRYPTO_ALIAS(i2d_X509_VAL); - -X509_VAL * -X509_VAL_new(void) -{ - return (X509_VAL *)ASN1_item_new(&X509_VAL_it); -} -LCRYPTO_ALIAS(X509_VAL_new); - -void -X509_VAL_free(X509_VAL *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &X509_VAL_it); -} -LCRYPTO_ALIAS(X509_VAL_free); diff --git a/src/lib/libcrypto/asn1/x_x509.c b/src/lib/libcrypto/asn1/x_x509.c deleted file mode 100644 index 069d84926f..0000000000 --- a/src/lib/libcrypto/asn1/x_x509.c +++ /dev/null @@ -1,387 +0,0 @@ -/* $OpenBSD: x_x509.c,v 1.41 2025/02/21 05:44:28 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include - -#include -#include -#include -#include - -#include "x509_local.h" - -static const ASN1_AUX X509_CINF_aux = { - .flags = ASN1_AFLG_ENCODING, - .enc_offset = offsetof(X509_CINF, enc), -}; -static const ASN1_TEMPLATE X509_CINF_seq_tt[] = { - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .offset = offsetof(X509_CINF, version), - .field_name = "version", - .item = &ASN1_INTEGER_it, - }, - { - .offset = offsetof(X509_CINF, serialNumber), - .field_name = "serialNumber", - .item = &ASN1_INTEGER_it, - }, - { - .offset = offsetof(X509_CINF, signature), - .field_name = "signature", - .item = &X509_ALGOR_it, - }, - { - .offset = offsetof(X509_CINF, issuer), - .field_name = "issuer", - .item = &X509_NAME_it, - }, - { - .offset = offsetof(X509_CINF, validity), - .field_name = "validity", - .item = &X509_VAL_it, - }, - { - .offset = offsetof(X509_CINF, subject), - .field_name = "subject", - .item = &X509_NAME_it, - }, - { - .offset = offsetof(X509_CINF, key), - .field_name = "key", - .item = &X509_PUBKEY_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(X509_CINF, issuerUID), - .field_name = "issuerUID", - .item = &ASN1_BIT_STRING_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 2, - .offset = offsetof(X509_CINF, subjectUID), - .field_name = "subjectUID", - .item = &ASN1_BIT_STRING_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF | - ASN1_TFLG_OPTIONAL, - .tag = 3, - .offset = offsetof(X509_CINF, extensions), - .field_name = "extensions", - .item = &X509_EXTENSION_it, - }, -}; - -const ASN1_ITEM X509_CINF_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = X509_CINF_seq_tt, - .tcount = sizeof(X509_CINF_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &X509_CINF_aux, - .size = sizeof(X509_CINF), - .sname = "X509_CINF", -}; -LCRYPTO_ALIAS(X509_CINF_it); - - -X509_CINF * -d2i_X509_CINF(X509_CINF **a, const unsigned char **in, long len) -{ - return (X509_CINF *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &X509_CINF_it); -} -LCRYPTO_ALIAS(d2i_X509_CINF); - -int -i2d_X509_CINF(X509_CINF *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_CINF_it); -} -LCRYPTO_ALIAS(i2d_X509_CINF); - -X509_CINF * -X509_CINF_new(void) -{ - return (X509_CINF *)ASN1_item_new(&X509_CINF_it); -} -LCRYPTO_ALIAS(X509_CINF_new); - -void -X509_CINF_free(X509_CINF *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &X509_CINF_it); -} -LCRYPTO_ALIAS(X509_CINF_free); -/* X509 top level structure needs a bit of customisation */ - -static int -x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) -{ - X509 *ret = (X509 *)*pval; - - switch (operation) { - - case ASN1_OP_NEW_POST: - ret->ex_flags = 0; - ret->ex_pathlen = -1; - ret->skid = NULL; - ret->akid = NULL; - ret->aux = NULL; - ret->crldp = NULL; -#ifndef OPENSSL_NO_RFC3779 - ret->rfc3779_addr = NULL; - ret->rfc3779_asid = NULL; -#endif - CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data); - break; - - case ASN1_OP_FREE_POST: - CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data); - X509_CERT_AUX_free(ret->aux); - ASN1_OCTET_STRING_free(ret->skid); - AUTHORITY_KEYID_free(ret->akid); - CRL_DIST_POINTS_free(ret->crldp); - GENERAL_NAMES_free(ret->altname); - NAME_CONSTRAINTS_free(ret->nc); -#ifndef OPENSSL_NO_RFC3779 - sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free); - ASIdentifiers_free(ret->rfc3779_asid); -#endif - break; - } - - return 1; -} -LCRYPTO_ALIAS(d2i_X509_CINF); - -static const ASN1_AUX X509_aux = { - .app_data = NULL, - .flags = ASN1_AFLG_REFCOUNT, - .ref_offset = offsetof(X509, references), - .ref_lock = CRYPTO_LOCK_X509, - .asn1_cb = x509_cb, -}; -static const ASN1_TEMPLATE X509_seq_tt[] = { - { - .offset = offsetof(X509, cert_info), - .field_name = "cert_info", - .item = &X509_CINF_it, - }, - { - .offset = offsetof(X509, sig_alg), - .field_name = "sig_alg", - .item = &X509_ALGOR_it, - }, - { - .offset = offsetof(X509, signature), - .field_name = "signature", - .item = &ASN1_BIT_STRING_it, - }, -}; - -const ASN1_ITEM X509_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = X509_seq_tt, - .tcount = sizeof(X509_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &X509_aux, - .size = sizeof(X509), - .sname = "X509", -}; -LCRYPTO_ALIAS(X509_it); - - -X509 * -d2i_X509(X509 **a, const unsigned char **in, long len) -{ - return (X509 *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &X509_it); -} -LCRYPTO_ALIAS(d2i_X509); - -int -i2d_X509(X509 *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_it); -} -LCRYPTO_ALIAS(i2d_X509); - -X509 * -X509_new(void) -{ - return (X509 *)ASN1_item_new(&X509_it); -} -LCRYPTO_ALIAS(X509_new); - -void -X509_free(X509 *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &X509_it); -} -LCRYPTO_ALIAS(X509_free); - -X509 * -X509_dup(X509 *x) -{ - return ASN1_item_dup(&X509_it, x); -} -LCRYPTO_ALIAS(X509_dup); - -int -X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) -{ - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, argl, argp, - new_func, dup_func, free_func); -} -LCRYPTO_ALIAS(X509_get_ex_new_index); - -int -X509_set_ex_data(X509 *r, int idx, void *arg) -{ - return (CRYPTO_set_ex_data(&r->ex_data, idx, arg)); -} -LCRYPTO_ALIAS(X509_set_ex_data); - -void * -X509_get_ex_data(X509 *r, int idx) -{ - return (CRYPTO_get_ex_data(&r->ex_data, idx)); -} -LCRYPTO_ALIAS(X509_get_ex_data); - -/* X509_AUX ASN1 routines. X509_AUX is the name given to - * a certificate with extra info tagged on the end. Since these - * functions set how a certificate is trusted they should only - * be used when the certificate comes from a reliable source - * such as local storage. - * - */ - -X509 * -d2i_X509_AUX(X509 **a, const unsigned char **pp, long length) -{ - const unsigned char *q; - X509 *ret; - - /* Save start position */ - q = *pp; - ret = d2i_X509(NULL, pp, length); - /* If certificate unreadable then forget it */ - if (!ret) - return NULL; - /* update length */ - length -= *pp - q; - if (length > 0) { - if (!d2i_X509_CERT_AUX(&ret->aux, pp, length)) - goto err; - } - if (a != NULL) { - X509_free(*a); - *a = ret; - } - return ret; - - err: - X509_free(ret); - return NULL; -} -LCRYPTO_ALIAS(d2i_X509_AUX); - -int -i2d_X509_AUX(X509 *a, unsigned char **pp) -{ - int length; - - length = i2d_X509(a, pp); - if (a) - length += i2d_X509_CERT_AUX(a->aux, pp); - return length; -} -LCRYPTO_ALIAS(i2d_X509_AUX); - -int -i2d_re_X509_tbs(X509 *x, unsigned char **pp) -{ - x->cert_info->enc.modified = 1; - return i2d_X509_CINF(x->cert_info, pp); -} -LCRYPTO_ALIAS(i2d_re_X509_tbs); - -void -X509_get0_signature(const ASN1_BIT_STRING **psig, const X509_ALGOR **palg, - const X509 *x) -{ - if (psig != NULL) - *psig = x->signature; - if (palg != NULL) - *palg = x->sig_alg; -} -LCRYPTO_ALIAS(X509_get0_signature); - -int -X509_get_signature_nid(const X509 *x) -{ - return OBJ_obj2nid(x->sig_alg->algorithm); -} -LCRYPTO_ALIAS(X509_get_signature_nid); diff --git a/src/lib/libcrypto/asn1/x_x509a.c b/src/lib/libcrypto/asn1/x_x509a.c deleted file mode 100644 index aaa22d1351..0000000000 --- a/src/lib/libcrypto/asn1/x_x509a.c +++ /dev/null @@ -1,282 +0,0 @@ -/* $OpenBSD: x_x509a.c,v 1.22 2024/04/09 13:55:02 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include - -#include "x509_local.h" - -/* X509_CERT_AUX routines. These are used to encode additional - * user modifiable data about a certificate. This data is - * appended to the X509 encoding when the *_X509_AUX routines - * are used. This means that the "traditional" X509 routines - * will simply ignore the extra data. - */ - -static X509_CERT_AUX *aux_get(X509 *x); - -static const ASN1_TEMPLATE X509_CERT_AUX_seq_tt[] = { - { - .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, - .offset = offsetof(X509_CERT_AUX, trust), - .field_name = "trust", - .item = &ASN1_OBJECT_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | - ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(X509_CERT_AUX, reject), - .field_name = "reject", - .item = &ASN1_OBJECT_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .offset = offsetof(X509_CERT_AUX, alias), - .field_name = "alias", - .item = &ASN1_UTF8STRING_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .offset = offsetof(X509_CERT_AUX, keyid), - .field_name = "keyid", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | - ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(X509_CERT_AUX, other), - .field_name = "other", - .item = &X509_ALGOR_it, - }, -}; - -const ASN1_ITEM X509_CERT_AUX_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = X509_CERT_AUX_seq_tt, - .tcount = sizeof(X509_CERT_AUX_seq_tt) / sizeof(ASN1_TEMPLATE), - .size = sizeof(X509_CERT_AUX), - .sname = "X509_CERT_AUX", -}; - - -X509_CERT_AUX * -d2i_X509_CERT_AUX(X509_CERT_AUX **a, const unsigned char **in, long len) -{ - return (X509_CERT_AUX *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &X509_CERT_AUX_it); -} - -int -i2d_X509_CERT_AUX(X509_CERT_AUX *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_CERT_AUX_it); -} - -X509_CERT_AUX * -X509_CERT_AUX_new(void) -{ - return (X509_CERT_AUX *)ASN1_item_new(&X509_CERT_AUX_it); -} - -void -X509_CERT_AUX_free(X509_CERT_AUX *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &X509_CERT_AUX_it); -} - -static X509_CERT_AUX * -aux_get(X509 *x) -{ - if (!x) - return NULL; - if (!x->aux && !(x->aux = X509_CERT_AUX_new())) - return NULL; - return x->aux; -} - -int -X509_alias_set1(X509 *x, const unsigned char *name, int len) -{ - X509_CERT_AUX *aux; - if (!name) { - if (!x || !x->aux || !x->aux->alias) - return 1; - ASN1_UTF8STRING_free(x->aux->alias); - x->aux->alias = NULL; - return 1; - } - if (!(aux = aux_get(x))) - return 0; - if (!aux->alias && !(aux->alias = ASN1_UTF8STRING_new())) - return 0; - return ASN1_STRING_set(aux->alias, name, len); -} -LCRYPTO_ALIAS(X509_alias_set1); - -int -X509_keyid_set1(X509 *x, const unsigned char *id, int len) -{ - X509_CERT_AUX *aux; - if (!id) { - if (!x || !x->aux || !x->aux->keyid) - return 1; - ASN1_OCTET_STRING_free(x->aux->keyid); - x->aux->keyid = NULL; - return 1; - } - if (!(aux = aux_get(x))) - return 0; - if (!aux->keyid && !(aux->keyid = ASN1_OCTET_STRING_new())) - return 0; - return ASN1_STRING_set(aux->keyid, id, len); -} -LCRYPTO_ALIAS(X509_keyid_set1); - -unsigned char * -X509_alias_get0(X509 *x, int *len) -{ - if (!x->aux || !x->aux->alias) - return NULL; - if (len) - *len = x->aux->alias->length; - return x->aux->alias->data; -} -LCRYPTO_ALIAS(X509_alias_get0); - -unsigned char * -X509_keyid_get0(X509 *x, int *len) -{ - if (!x->aux || !x->aux->keyid) - return NULL; - if (len) - *len = x->aux->keyid->length; - return x->aux->keyid->data; -} -LCRYPTO_ALIAS(X509_keyid_get0); - -int -X509_add1_trust_object(X509 *x, const ASN1_OBJECT *obj) -{ - X509_CERT_AUX *aux; - ASN1_OBJECT *objtmp; - int rc; - - if (!(objtmp = OBJ_dup(obj))) - return 0; - if (!(aux = aux_get(x))) - goto err; - if (!aux->trust && !(aux->trust = sk_ASN1_OBJECT_new_null())) - goto err; - rc = sk_ASN1_OBJECT_push(aux->trust, objtmp); - if (rc != 0) - return rc; - - err: - ASN1_OBJECT_free(objtmp); - return 0; -} -LCRYPTO_ALIAS(X509_add1_trust_object); - -int -X509_add1_reject_object(X509 *x, const ASN1_OBJECT *obj) -{ - X509_CERT_AUX *aux; - ASN1_OBJECT *objtmp; - int rc; - - if (!(objtmp = OBJ_dup(obj))) - return 0; - if (!(aux = aux_get(x))) - goto err; - if (!aux->reject && !(aux->reject = sk_ASN1_OBJECT_new_null())) - goto err; - rc = sk_ASN1_OBJECT_push(aux->reject, objtmp); - if (rc != 0) - return rc; - - err: - ASN1_OBJECT_free(objtmp); - return 0; -} -LCRYPTO_ALIAS(X509_add1_reject_object); - -void -X509_trust_clear(X509 *x) -{ - if (x->aux && x->aux->trust) { - sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free); - x->aux->trust = NULL; - } -} -LCRYPTO_ALIAS(X509_trust_clear); - -void -X509_reject_clear(X509 *x) -{ - if (x->aux && x->aux->reject) { - sk_ASN1_OBJECT_pop_free(x->aux->reject, ASN1_OBJECT_free); - x->aux->reject = NULL; - } -} -LCRYPTO_ALIAS(X509_reject_clear); diff --git a/src/lib/libcrypto/bf/bf_local.h b/src/lib/libcrypto/bf/bf_local.h deleted file mode 100644 index 8fc5a5dbd8..0000000000 --- a/src/lib/libcrypto/bf/bf_local.h +++ /dev/null @@ -1,156 +0,0 @@ -/* $OpenBSD: bf_local.h,v 1.3 2024/03/27 11:54:29 jsing Exp $ */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include /* BF_PTR */ - -#ifndef HEADER_BF_LOCL_H -#define HEADER_BF_LOCL_H - -/* NOTE - c is not incremented as per n2l */ -#define n2ln(c,l1,l2,n) { \ - c+=n; \ - l1=l2=0; \ - switch (n) { \ - case 8: l2 =((unsigned long)(*(--(c)))) ; \ - case 7: l2|=((unsigned long)(*(--(c))))<< 8; \ - case 6: l2|=((unsigned long)(*(--(c))))<<16; \ - case 5: l2|=((unsigned long)(*(--(c))))<<24; \ - case 4: l1 =((unsigned long)(*(--(c)))) ; \ - case 3: l1|=((unsigned long)(*(--(c))))<< 8; \ - case 2: l1|=((unsigned long)(*(--(c))))<<16; \ - case 1: l1|=((unsigned long)(*(--(c))))<<24; \ - } \ - } - -/* NOTE - c is not incremented as per l2n */ -#define l2nn(l1,l2,c,n) { \ - c+=n; \ - switch (n) { \ - case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \ - case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \ - case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \ - case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \ - case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \ - case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \ - case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \ - case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \ - } \ - } - -#undef n2l -#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \ - l|=((unsigned long)(*((c)++)))<<16L, \ - l|=((unsigned long)(*((c)++)))<< 8L, \ - l|=((unsigned long)(*((c)++)))) - -#undef l2n -#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ - *((c)++)=(unsigned char)(((l) )&0xff)) - -/* This is actually a big endian algorithm, the most significant byte - * is used to lookup array 0 */ - -#if defined(BF_PTR) - -#ifndef BF_LONG_LOG2 -#define BF_LONG_LOG2 2 /* default to BF_LONG being 32 bits */ -#endif -#define BF_M (0xFF<>BF_i)&BF_M gets folded into a single instruction, namely - * rlwinm. So let'em double-check if their compiler does it. - */ - -#define BF_ENC(LL,R,S,P) ( \ - LL^=P, \ - LL^= (((*(BF_LONG *)((unsigned char *)&(S[ 0])+((R>>BF_0)&BF_M))+ \ - *(BF_LONG *)((unsigned char *)&(S[256])+((R>>BF_1)&BF_M)))^ \ - *(BF_LONG *)((unsigned char *)&(S[512])+((R>>BF_2)&BF_M)))+ \ - *(BF_LONG *)((unsigned char *)&(S[768])+((R<>24)&0xff)] + \ - S[0x0100+((int)(R>>16)&0xff)])^ \ - S[0x0200+((int)(R>> 8)&0xff)])+ \ - S[0x0300+((int)(R )&0xff)])&0xffffffffL \ - ) -#endif - -#endif diff --git a/src/lib/libcrypto/bf/blowfish.c b/src/lib/libcrypto/bf/blowfish.c deleted file mode 100644 index 330d7a8e07..0000000000 --- a/src/lib/libcrypto/bf/blowfish.c +++ /dev/null @@ -1,696 +0,0 @@ -/* $OpenBSD: blowfish.c,v 1.3 2024/03/29 02:37:20 joshua Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include - -#include "bf_local.h" - -/* - * Blowfish as implemented from 'Blowfish: Springer-Verlag paper' - * (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION, - * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993) - */ - -#if (BF_ROUNDS != 16) && (BF_ROUNDS != 20) -#error If you set BF_ROUNDS to some value other than 16 or 20, you will have \ -to modify the code. -#endif - -static const BF_KEY bf_init = { - .P = { - 0x243f6a88L, 0x85a308d3L, 0x13198a2eL, 0x03707344L, - 0xa4093822L, 0x299f31d0L, 0x082efa98L, 0xec4e6c89L, - 0x452821e6L, 0x38d01377L, 0xbe5466cfL, 0x34e90c6cL, - 0xc0ac29b7L, 0xc97c50ddL, 0x3f84d5b5L, 0xb5470917L, - 0x9216d5d9L, 0x8979fb1b - }, - .S = { - 0xd1310ba6L, 0x98dfb5acL, 0x2ffd72dbL, 0xd01adfb7L, - 0xb8e1afedL, 0x6a267e96L, 0xba7c9045L, 0xf12c7f99L, - 0x24a19947L, 0xb3916cf7L, 0x0801f2e2L, 0x858efc16L, - 0x636920d8L, 0x71574e69L, 0xa458fea3L, 0xf4933d7eL, - 0x0d95748fL, 0x728eb658L, 0x718bcd58L, 0x82154aeeL, - 0x7b54a41dL, 0xc25a59b5L, 0x9c30d539L, 0x2af26013L, - 0xc5d1b023L, 0x286085f0L, 0xca417918L, 0xb8db38efL, - 0x8e79dcb0L, 0x603a180eL, 0x6c9e0e8bL, 0xb01e8a3eL, - 0xd71577c1L, 0xbd314b27L, 0x78af2fdaL, 0x55605c60L, - 0xe65525f3L, 0xaa55ab94L, 0x57489862L, 0x63e81440L, - 0x55ca396aL, 0x2aab10b6L, 0xb4cc5c34L, 0x1141e8ceL, - 0xa15486afL, 0x7c72e993L, 0xb3ee1411L, 0x636fbc2aL, - 0x2ba9c55dL, 0x741831f6L, 0xce5c3e16L, 0x9b87931eL, - 0xafd6ba33L, 0x6c24cf5cL, 0x7a325381L, 0x28958677L, - 0x3b8f4898L, 0x6b4bb9afL, 0xc4bfe81bL, 0x66282193L, - 0x61d809ccL, 0xfb21a991L, 0x487cac60L, 0x5dec8032L, - 0xef845d5dL, 0xe98575b1L, 0xdc262302L, 0xeb651b88L, - 0x23893e81L, 0xd396acc5L, 0x0f6d6ff3L, 0x83f44239L, - 0x2e0b4482L, 0xa4842004L, 0x69c8f04aL, 0x9e1f9b5eL, - 0x21c66842L, 0xf6e96c9aL, 0x670c9c61L, 0xabd388f0L, - 0x6a51a0d2L, 0xd8542f68L, 0x960fa728L, 0xab5133a3L, - 0x6eef0b6cL, 0x137a3be4L, 0xba3bf050L, 0x7efb2a98L, - 0xa1f1651dL, 0x39af0176L, 0x66ca593eL, 0x82430e88L, - 0x8cee8619L, 0x456f9fb4L, 0x7d84a5c3L, 0x3b8b5ebeL, - 0xe06f75d8L, 0x85c12073L, 0x401a449fL, 0x56c16aa6L, - 0x4ed3aa62L, 0x363f7706L, 0x1bfedf72L, 0x429b023dL, - 0x37d0d724L, 0xd00a1248L, 0xdb0fead3L, 0x49f1c09bL, - 0x075372c9L, 0x80991b7bL, 0x25d479d8L, 0xf6e8def7L, - 0xe3fe501aL, 0xb6794c3bL, 0x976ce0bdL, 0x04c006baL, - 0xc1a94fb6L, 0x409f60c4L, 0x5e5c9ec2L, 0x196a2463L, - 0x68fb6fafL, 0x3e6c53b5L, 0x1339b2ebL, 0x3b52ec6fL, - 0x6dfc511fL, 0x9b30952cL, 0xcc814544L, 0xaf5ebd09L, - 0xbee3d004L, 0xde334afdL, 0x660f2807L, 0x192e4bb3L, - 0xc0cba857L, 0x45c8740fL, 0xd20b5f39L, 0xb9d3fbdbL, - 0x5579c0bdL, 0x1a60320aL, 0xd6a100c6L, 0x402c7279L, - 0x679f25feL, 0xfb1fa3ccL, 0x8ea5e9f8L, 0xdb3222f8L, - 0x3c7516dfL, 0xfd616b15L, 0x2f501ec8L, 0xad0552abL, - 0x323db5faL, 0xfd238760L, 0x53317b48L, 0x3e00df82L, - 0x9e5c57bbL, 0xca6f8ca0L, 0x1a87562eL, 0xdf1769dbL, - 0xd542a8f6L, 0x287effc3L, 0xac6732c6L, 0x8c4f5573L, - 0x695b27b0L, 0xbbca58c8L, 0xe1ffa35dL, 0xb8f011a0L, - 0x10fa3d98L, 0xfd2183b8L, 0x4afcb56cL, 0x2dd1d35bL, - 0x9a53e479L, 0xb6f84565L, 0xd28e49bcL, 0x4bfb9790L, - 0xe1ddf2daL, 0xa4cb7e33L, 0x62fb1341L, 0xcee4c6e8L, - 0xef20cadaL, 0x36774c01L, 0xd07e9efeL, 0x2bf11fb4L, - 0x95dbda4dL, 0xae909198L, 0xeaad8e71L, 0x6b93d5a0L, - 0xd08ed1d0L, 0xafc725e0L, 0x8e3c5b2fL, 0x8e7594b7L, - 0x8ff6e2fbL, 0xf2122b64L, 0x8888b812L, 0x900df01cL, - 0x4fad5ea0L, 0x688fc31cL, 0xd1cff191L, 0xb3a8c1adL, - 0x2f2f2218L, 0xbe0e1777L, 0xea752dfeL, 0x8b021fa1L, - 0xe5a0cc0fL, 0xb56f74e8L, 0x18acf3d6L, 0xce89e299L, - 0xb4a84fe0L, 0xfd13e0b7L, 0x7cc43b81L, 0xd2ada8d9L, - 0x165fa266L, 0x80957705L, 0x93cc7314L, 0x211a1477L, - 0xe6ad2065L, 0x77b5fa86L, 0xc75442f5L, 0xfb9d35cfL, - 0xebcdaf0cL, 0x7b3e89a0L, 0xd6411bd3L, 0xae1e7e49L, - 0x00250e2dL, 0x2071b35eL, 0x226800bbL, 0x57b8e0afL, - 0x2464369bL, 0xf009b91eL, 0x5563911dL, 0x59dfa6aaL, - 0x78c14389L, 0xd95a537fL, 0x207d5ba2L, 0x02e5b9c5L, - 0x83260376L, 0x6295cfa9L, 0x11c81968L, 0x4e734a41L, - 0xb3472dcaL, 0x7b14a94aL, 0x1b510052L, 0x9a532915L, - 0xd60f573fL, 0xbc9bc6e4L, 0x2b60a476L, 0x81e67400L, - 0x08ba6fb5L, 0x571be91fL, 0xf296ec6bL, 0x2a0dd915L, - 0xb6636521L, 0xe7b9f9b6L, 0xff34052eL, 0xc5855664L, - 0x53b02d5dL, 0xa99f8fa1L, 0x08ba4799L, 0x6e85076aL, - 0x4b7a70e9L, 0xb5b32944L, 0xdb75092eL, 0xc4192623L, - 0xad6ea6b0L, 0x49a7df7dL, 0x9cee60b8L, 0x8fedb266L, - 0xecaa8c71L, 0x699a17ffL, 0x5664526cL, 0xc2b19ee1L, - 0x193602a5L, 0x75094c29L, 0xa0591340L, 0xe4183a3eL, - 0x3f54989aL, 0x5b429d65L, 0x6b8fe4d6L, 0x99f73fd6L, - 0xa1d29c07L, 0xefe830f5L, 0x4d2d38e6L, 0xf0255dc1L, - 0x4cdd2086L, 0x8470eb26L, 0x6382e9c6L, 0x021ecc5eL, - 0x09686b3fL, 0x3ebaefc9L, 0x3c971814L, 0x6b6a70a1L, - 0x687f3584L, 0x52a0e286L, 0xb79c5305L, 0xaa500737L, - 0x3e07841cL, 0x7fdeae5cL, 0x8e7d44ecL, 0x5716f2b8L, - 0xb03ada37L, 0xf0500c0dL, 0xf01c1f04L, 0x0200b3ffL, - 0xae0cf51aL, 0x3cb574b2L, 0x25837a58L, 0xdc0921bdL, - 0xd19113f9L, 0x7ca92ff6L, 0x94324773L, 0x22f54701L, - 0x3ae5e581L, 0x37c2dadcL, 0xc8b57634L, 0x9af3dda7L, - 0xa9446146L, 0x0fd0030eL, 0xecc8c73eL, 0xa4751e41L, - 0xe238cd99L, 0x3bea0e2fL, 0x3280bba1L, 0x183eb331L, - 0x4e548b38L, 0x4f6db908L, 0x6f420d03L, 0xf60a04bfL, - 0x2cb81290L, 0x24977c79L, 0x5679b072L, 0xbcaf89afL, - 0xde9a771fL, 0xd9930810L, 0xb38bae12L, 0xdccf3f2eL, - 0x5512721fL, 0x2e6b7124L, 0x501adde6L, 0x9f84cd87L, - 0x7a584718L, 0x7408da17L, 0xbc9f9abcL, 0xe94b7d8cL, - 0xec7aec3aL, 0xdb851dfaL, 0x63094366L, 0xc464c3d2L, - 0xef1c1847L, 0x3215d908L, 0xdd433b37L, 0x24c2ba16L, - 0x12a14d43L, 0x2a65c451L, 0x50940002L, 0x133ae4ddL, - 0x71dff89eL, 0x10314e55L, 0x81ac77d6L, 0x5f11199bL, - 0x043556f1L, 0xd7a3c76bL, 0x3c11183bL, 0x5924a509L, - 0xf28fe6edL, 0x97f1fbfaL, 0x9ebabf2cL, 0x1e153c6eL, - 0x86e34570L, 0xeae96fb1L, 0x860e5e0aL, 0x5a3e2ab3L, - 0x771fe71cL, 0x4e3d06faL, 0x2965dcb9L, 0x99e71d0fL, - 0x803e89d6L, 0x5266c825L, 0x2e4cc978L, 0x9c10b36aL, - 0xc6150ebaL, 0x94e2ea78L, 0xa5fc3c53L, 0x1e0a2df4L, - 0xf2f74ea7L, 0x361d2b3dL, 0x1939260fL, 0x19c27960L, - 0x5223a708L, 0xf71312b6L, 0xebadfe6eL, 0xeac31f66L, - 0xe3bc4595L, 0xa67bc883L, 0xb17f37d1L, 0x018cff28L, - 0xc332ddefL, 0xbe6c5aa5L, 0x65582185L, 0x68ab9802L, - 0xeecea50fL, 0xdb2f953bL, 0x2aef7dadL, 0x5b6e2f84L, - 0x1521b628L, 0x29076170L, 0xecdd4775L, 0x619f1510L, - 0x13cca830L, 0xeb61bd96L, 0x0334fe1eL, 0xaa0363cfL, - 0xb5735c90L, 0x4c70a239L, 0xd59e9e0bL, 0xcbaade14L, - 0xeecc86bcL, 0x60622ca7L, 0x9cab5cabL, 0xb2f3846eL, - 0x648b1eafL, 0x19bdf0caL, 0xa02369b9L, 0x655abb50L, - 0x40685a32L, 0x3c2ab4b3L, 0x319ee9d5L, 0xc021b8f7L, - 0x9b540b19L, 0x875fa099L, 0x95f7997eL, 0x623d7da8L, - 0xf837889aL, 0x97e32d77L, 0x11ed935fL, 0x16681281L, - 0x0e358829L, 0xc7e61fd6L, 0x96dedfa1L, 0x7858ba99L, - 0x57f584a5L, 0x1b227263L, 0x9b83c3ffL, 0x1ac24696L, - 0xcdb30aebL, 0x532e3054L, 0x8fd948e4L, 0x6dbc3128L, - 0x58ebf2efL, 0x34c6ffeaL, 0xfe28ed61L, 0xee7c3c73L, - 0x5d4a14d9L, 0xe864b7e3L, 0x42105d14L, 0x203e13e0L, - 0x45eee2b6L, 0xa3aaabeaL, 0xdb6c4f15L, 0xfacb4fd0L, - 0xc742f442L, 0xef6abbb5L, 0x654f3b1dL, 0x41cd2105L, - 0xd81e799eL, 0x86854dc7L, 0xe44b476aL, 0x3d816250L, - 0xcf62a1f2L, 0x5b8d2646L, 0xfc8883a0L, 0xc1c7b6a3L, - 0x7f1524c3L, 0x69cb7492L, 0x47848a0bL, 0x5692b285L, - 0x095bbf00L, 0xad19489dL, 0x1462b174L, 0x23820e00L, - 0x58428d2aL, 0x0c55f5eaL, 0x1dadf43eL, 0x233f7061L, - 0x3372f092L, 0x8d937e41L, 0xd65fecf1L, 0x6c223bdbL, - 0x7cde3759L, 0xcbee7460L, 0x4085f2a7L, 0xce77326eL, - 0xa6078084L, 0x19f8509eL, 0xe8efd855L, 0x61d99735L, - 0xa969a7aaL, 0xc50c06c2L, 0x5a04abfcL, 0x800bcadcL, - 0x9e447a2eL, 0xc3453484L, 0xfdd56705L, 0x0e1e9ec9L, - 0xdb73dbd3L, 0x105588cdL, 0x675fda79L, 0xe3674340L, - 0xc5c43465L, 0x713e38d8L, 0x3d28f89eL, 0xf16dff20L, - 0x153e21e7L, 0x8fb03d4aL, 0xe6e39f2bL, 0xdb83adf7L, - 0xe93d5a68L, 0x948140f7L, 0xf64c261cL, 0x94692934L, - 0x411520f7L, 0x7602d4f7L, 0xbcf46b2eL, 0xd4a20068L, - 0xd4082471L, 0x3320f46aL, 0x43b7d4b7L, 0x500061afL, - 0x1e39f62eL, 0x97244546L, 0x14214f74L, 0xbf8b8840L, - 0x4d95fc1dL, 0x96b591afL, 0x70f4ddd3L, 0x66a02f45L, - 0xbfbc09ecL, 0x03bd9785L, 0x7fac6dd0L, 0x31cb8504L, - 0x96eb27b3L, 0x55fd3941L, 0xda2547e6L, 0xabca0a9aL, - 0x28507825L, 0x530429f4L, 0x0a2c86daL, 0xe9b66dfbL, - 0x68dc1462L, 0xd7486900L, 0x680ec0a4L, 0x27a18deeL, - 0x4f3ffea2L, 0xe887ad8cL, 0xb58ce006L, 0x7af4d6b6L, - 0xaace1e7cL, 0xd3375fecL, 0xce78a399L, 0x406b2a42L, - 0x20fe9e35L, 0xd9f385b9L, 0xee39d7abL, 0x3b124e8bL, - 0x1dc9faf7L, 0x4b6d1856L, 0x26a36631L, 0xeae397b2L, - 0x3a6efa74L, 0xdd5b4332L, 0x6841e7f7L, 0xca7820fbL, - 0xfb0af54eL, 0xd8feb397L, 0x454056acL, 0xba489527L, - 0x55533a3aL, 0x20838d87L, 0xfe6ba9b7L, 0xd096954bL, - 0x55a867bcL, 0xa1159a58L, 0xcca92963L, 0x99e1db33L, - 0xa62a4a56L, 0x3f3125f9L, 0x5ef47e1cL, 0x9029317cL, - 0xfdf8e802L, 0x04272f70L, 0x80bb155cL, 0x05282ce3L, - 0x95c11548L, 0xe4c66d22L, 0x48c1133fL, 0xc70f86dcL, - 0x07f9c9eeL, 0x41041f0fL, 0x404779a4L, 0x5d886e17L, - 0x325f51ebL, 0xd59bc0d1L, 0xf2bcc18fL, 0x41113564L, - 0x257b7834L, 0x602a9c60L, 0xdff8e8a3L, 0x1f636c1bL, - 0x0e12b4c2L, 0x02e1329eL, 0xaf664fd1L, 0xcad18115L, - 0x6b2395e0L, 0x333e92e1L, 0x3b240b62L, 0xeebeb922L, - 0x85b2a20eL, 0xe6ba0d99L, 0xde720c8cL, 0x2da2f728L, - 0xd0127845L, 0x95b794fdL, 0x647d0862L, 0xe7ccf5f0L, - 0x5449a36fL, 0x877d48faL, 0xc39dfd27L, 0xf33e8d1eL, - 0x0a476341L, 0x992eff74L, 0x3a6f6eabL, 0xf4f8fd37L, - 0xa812dc60L, 0xa1ebddf8L, 0x991be14cL, 0xdb6e6b0dL, - 0xc67b5510L, 0x6d672c37L, 0x2765d43bL, 0xdcd0e804L, - 0xf1290dc7L, 0xcc00ffa3L, 0xb5390f92L, 0x690fed0bL, - 0x667b9ffbL, 0xcedb7d9cL, 0xa091cf0bL, 0xd9155ea3L, - 0xbb132f88L, 0x515bad24L, 0x7b9479bfL, 0x763bd6ebL, - 0x37392eb3L, 0xcc115979L, 0x8026e297L, 0xf42e312dL, - 0x6842ada7L, 0xc66a2b3bL, 0x12754cccL, 0x782ef11cL, - 0x6a124237L, 0xb79251e7L, 0x06a1bbe6L, 0x4bfb6350L, - 0x1a6b1018L, 0x11caedfaL, 0x3d25bdd8L, 0xe2e1c3c9L, - 0x44421659L, 0x0a121386L, 0xd90cec6eL, 0xd5abea2aL, - 0x64af674eL, 0xda86a85fL, 0xbebfe988L, 0x64e4c3feL, - 0x9dbc8057L, 0xf0f7c086L, 0x60787bf8L, 0x6003604dL, - 0xd1fd8346L, 0xf6381fb0L, 0x7745ae04L, 0xd736fcccL, - 0x83426b33L, 0xf01eab71L, 0xb0804187L, 0x3c005e5fL, - 0x77a057beL, 0xbde8ae24L, 0x55464299L, 0xbf582e61L, - 0x4e58f48fL, 0xf2ddfda2L, 0xf474ef38L, 0x8789bdc2L, - 0x5366f9c3L, 0xc8b38e74L, 0xb475f255L, 0x46fcd9b9L, - 0x7aeb2661L, 0x8b1ddf84L, 0x846a0e79L, 0x915f95e2L, - 0x466e598eL, 0x20b45770L, 0x8cd55591L, 0xc902de4cL, - 0xb90bace1L, 0xbb8205d0L, 0x11a86248L, 0x7574a99eL, - 0xb77f19b6L, 0xe0a9dc09L, 0x662d09a1L, 0xc4324633L, - 0xe85a1f02L, 0x09f0be8cL, 0x4a99a025L, 0x1d6efe10L, - 0x1ab93d1dL, 0x0ba5a4dfL, 0xa186f20fL, 0x2868f169L, - 0xdcb7da83L, 0x573906feL, 0xa1e2ce9bL, 0x4fcd7f52L, - 0x50115e01L, 0xa70683faL, 0xa002b5c4L, 0x0de6d027L, - 0x9af88c27L, 0x773f8641L, 0xc3604c06L, 0x61a806b5L, - 0xf0177a28L, 0xc0f586e0L, 0x006058aaL, 0x30dc7d62L, - 0x11e69ed7L, 0x2338ea63L, 0x53c2dd94L, 0xc2c21634L, - 0xbbcbee56L, 0x90bcb6deL, 0xebfc7da1L, 0xce591d76L, - 0x6f05e409L, 0x4b7c0188L, 0x39720a3dL, 0x7c927c24L, - 0x86e3725fL, 0x724d9db9L, 0x1ac15bb4L, 0xd39eb8fcL, - 0xed545578L, 0x08fca5b5L, 0xd83d7cd3L, 0x4dad0fc4L, - 0x1e50ef5eL, 0xb161e6f8L, 0xa28514d9L, 0x6c51133cL, - 0x6fd5c7e7L, 0x56e14ec4L, 0x362abfceL, 0xddc6c837L, - 0xd79a3234L, 0x92638212L, 0x670efa8eL, 0x406000e0L, - 0x3a39ce37L, 0xd3faf5cfL, 0xabc27737L, 0x5ac52d1bL, - 0x5cb0679eL, 0x4fa33742L, 0xd3822740L, 0x99bc9bbeL, - 0xd5118e9dL, 0xbf0f7315L, 0xd62d1c7eL, 0xc700c47bL, - 0xb78c1b6bL, 0x21a19045L, 0xb26eb1beL, 0x6a366eb4L, - 0x5748ab2fL, 0xbc946e79L, 0xc6a376d2L, 0x6549c2c8L, - 0x530ff8eeL, 0x468dde7dL, 0xd5730a1dL, 0x4cd04dc6L, - 0x2939bbdbL, 0xa9ba4650L, 0xac9526e8L, 0xbe5ee304L, - 0xa1fad5f0L, 0x6a2d519aL, 0x63ef8ce2L, 0x9a86ee22L, - 0xc089c2b8L, 0x43242ef6L, 0xa51e03aaL, 0x9cf2d0a4L, - 0x83c061baL, 0x9be96a4dL, 0x8fe51550L, 0xba645bd6L, - 0x2826a2f9L, 0xa73a3ae1L, 0x4ba99586L, 0xef5562e9L, - 0xc72fefd3L, 0xf752f7daL, 0x3f046f69L, 0x77fa0a59L, - 0x80e4a915L, 0x87b08601L, 0x9b09e6adL, 0x3b3ee593L, - 0xe990fd5aL, 0x9e34d797L, 0x2cf0b7d9L, 0x022b8b51L, - 0x96d5ac3aL, 0x017da67dL, 0xd1cf3ed6L, 0x7c7d2d28L, - 0x1f9f25cfL, 0xadf2b89bL, 0x5ad6b472L, 0x5a88f54cL, - 0xe029ac71L, 0xe019a5e6L, 0x47b0acfdL, 0xed93fa9bL, - 0xe8d3c48dL, 0x283b57ccL, 0xf8d56629L, 0x79132e28L, - 0x785f0191L, 0xed756055L, 0xf7960e44L, 0xe3d35e8cL, - 0x15056dd4L, 0x88f46dbaL, 0x03a16125L, 0x0564f0bdL, - 0xc3eb9e15L, 0x3c9057a2L, 0x97271aecL, 0xa93a072aL, - 0x1b3f6d9bL, 0x1e6321f5L, 0xf59c66fbL, 0x26dcf319L, - 0x7533d928L, 0xb155fdf5L, 0x03563482L, 0x8aba3cbbL, - 0x28517711L, 0xc20ad9f8L, 0xabcc5167L, 0xccad925fL, - 0x4de81751L, 0x3830dc8eL, 0x379d5862L, 0x9320f991L, - 0xea7a90c2L, 0xfb3e7bceL, 0x5121ce64L, 0x774fbe32L, - 0xa8b6e37eL, 0xc3293d46L, 0x48de5369L, 0x6413e680L, - 0xa2ae0810L, 0xdd6db224L, 0x69852dfdL, 0x09072166L, - 0xb39a460aL, 0x6445c0ddL, 0x586cdecfL, 0x1c20c8aeL, - 0x5bbef7ddL, 0x1b588d40L, 0xccd2017fL, 0x6bb4e3bbL, - 0xdda26a7eL, 0x3a59ff45L, 0x3e350a44L, 0xbcb4cdd5L, - 0x72eacea8L, 0xfa6484bbL, 0x8d6612aeL, 0xbf3c6f47L, - 0xd29be463L, 0x542f5d9eL, 0xaec2771bL, 0xf64e6370L, - 0x740e0d8dL, 0xe75b1357L, 0xf8721671L, 0xaf537d5dL, - 0x4040cb08L, 0x4eb4e2ccL, 0x34d2466aL, 0x0115af84L, - 0xe1b00428L, 0x95983a1dL, 0x06b89fb4L, 0xce6ea048L, - 0x6f3f3b82L, 0x3520ab82L, 0x011a1d4bL, 0x277227f8L, - 0x611560b1L, 0xe7933fdcL, 0xbb3a792bL, 0x344525bdL, - 0xa08839e1L, 0x51ce794bL, 0x2f32c9b7L, 0xa01fbac9L, - 0xe01cc87eL, 0xbcc7d1f6L, 0xcf0111c3L, 0xa1e8aac7L, - 0x1a908749L, 0xd44fbd9aL, 0xd0dadecbL, 0xd50ada38L, - 0x0339c32aL, 0xc6913667L, 0x8df9317cL, 0xe0b12b4fL, - 0xf79e59b7L, 0x43f5bb3aL, 0xf2d519ffL, 0x27d9459cL, - 0xbf97222cL, 0x15e6fc2aL, 0x0f91fc71L, 0x9b941525L, - 0xfae59361L, 0xceb69cebL, 0xc2a86459L, 0x12baa8d1L, - 0xb6c1075eL, 0xe3056a0cL, 0x10d25065L, 0xcb03a442L, - 0xe0ec6e0eL, 0x1698db3bL, 0x4c98a0beL, 0x3278e964L, - 0x9f1f9532L, 0xe0d392dfL, 0xd3a0342bL, 0x8971f21eL, - 0x1b0a7441L, 0x4ba3348cL, 0xc5be7120L, 0xc37632d8L, - 0xdf359f8dL, 0x9b992f2eL, 0xe60b6f47L, 0x0fe3f11dL, - 0xe54cda54L, 0x1edad891L, 0xce6279cfL, 0xcd3e7e6fL, - 0x1618b166L, 0xfd2c1d05L, 0x848fd2c5L, 0xf6fb2299L, - 0xf523f357L, 0xa6327623L, 0x93a83531L, 0x56cccd02L, - 0xacf08162L, 0x5a75ebb5L, 0x6e163697L, 0x88d273ccL, - 0xde966292L, 0x81b949d0L, 0x4c50901bL, 0x71c65614L, - 0xe6c6c7bdL, 0x327a140aL, 0x45e1d006L, 0xc3f27b9aL, - 0xc9aa53fdL, 0x62a80f00L, 0xbb25bfe2L, 0x35bdd2f6L, - 0x71126905L, 0xb2040222L, 0xb6cbcf7cL, 0xcd769c2bL, - 0x53113ec0L, 0x1640e3d3L, 0x38abbd60L, 0x2547adf0L, - 0xba38209cL, 0xf746ce76L, 0x77afa1c5L, 0x20756060L, - 0x85cbfe4eL, 0x8ae88dd8L, 0x7aaaf9b0L, 0x4cf9aa7eL, - 0x1948c25cL, 0x02fb8a8cL, 0x01c36ae4L, 0xd6ebe1f9L, - 0x90d4f869L, 0xa65cdea0L, 0x3f09252dL, 0xc208e69fL, - 0xb74e6132L, 0xce77e25bL, 0x578fdfe3L, 0x3ac372e6L, - } -}; - -void -BF_encrypt(BF_LONG *data, const BF_KEY *key) -{ - BF_LONG l, r; - const BF_LONG *p, *s; - - p = key->P; - s = &(key->S[0]); - l = data[0]; - r = data[1]; - - l ^= p[0]; - BF_ENC(r, l,s, p[1]); - BF_ENC(l, r,s, p[2]); - BF_ENC(r, l,s, p[3]); - BF_ENC(l, r,s, p[4]); - BF_ENC(r, l,s, p[5]); - BF_ENC(l, r,s, p[6]); - BF_ENC(r, l,s, p[7]); - BF_ENC(l, r,s, p[8]); - BF_ENC(r, l,s, p[9]); - BF_ENC(l, r,s, p[10]); - BF_ENC(r, l,s, p[11]); - BF_ENC(l, r,s, p[12]); - BF_ENC(r, l,s, p[13]); - BF_ENC(l, r,s, p[14]); - BF_ENC(r, l,s, p[15]); - BF_ENC(l, r,s, p[16]); -#if BF_ROUNDS == 20 - BF_ENC(r, l,s, p[17]); - BF_ENC(l, r,s, p[18]); - BF_ENC(r, l,s, p[19]); - BF_ENC(l, r,s, p[20]); -#endif - r ^= p[BF_ROUNDS + 1]; - - data[1] = l&0xffffffffL; - data[0] = r&0xffffffffL; -} -LCRYPTO_ALIAS(BF_encrypt); - -#ifndef BF_DEFAULT_OPTIONS - -void -BF_decrypt(BF_LONG *data, const BF_KEY *key) -{ - BF_LONG l, r; - const BF_LONG *p, *s; - - p = key->P; - s = &(key->S[0]); - l = data[0]; - r = data[1]; - - l ^= p[BF_ROUNDS + 1]; -#if BF_ROUNDS == 20 - BF_ENC(r, l,s, p[20]); - BF_ENC(l, r,s, p[19]); - BF_ENC(r, l,s, p[18]); - BF_ENC(l, r,s, p[17]); -#endif - BF_ENC(r, l,s, p[16]); - BF_ENC(l, r,s, p[15]); - BF_ENC(r, l,s, p[14]); - BF_ENC(l, r,s, p[13]); - BF_ENC(r, l,s, p[12]); - BF_ENC(l, r,s, p[11]); - BF_ENC(r, l,s, p[10]); - BF_ENC(l, r,s, p[9]); - BF_ENC(r, l,s, p[8]); - BF_ENC(l, r,s, p[7]); - BF_ENC(r, l,s, p[6]); - BF_ENC(l, r,s, p[5]); - BF_ENC(r, l,s, p[4]); - BF_ENC(l, r,s, p[3]); - BF_ENC(r, l,s, p[2]); - BF_ENC(l, r,s, p[1]); - r ^= p[0]; - - data[1] = l&0xffffffffL; - data[0] = r&0xffffffffL; -} -LCRYPTO_ALIAS(BF_decrypt); - -void -BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, - const BF_KEY *schedule, unsigned char *ivec, int encrypt) -{ - BF_LONG tin0, tin1; - BF_LONG tout0, tout1, xor0, xor1; - long l = length; - BF_LONG tin[2]; - - if (encrypt) { - n2l(ivec, tout0); - n2l(ivec, tout1); - ivec -= 8; - for (l -= 8; l >= 0; l -= 8) { - n2l(in, tin0); - n2l(in, tin1); - tin0 ^= tout0; - tin1 ^= tout1; - tin[0] = tin0; - tin[1] = tin1; - BF_encrypt(tin, schedule); - tout0 = tin[0]; - tout1 = tin[1]; - l2n(tout0, out); - l2n(tout1, out); - } - if (l != -8) { - n2ln(in, tin0, tin1, l + 8); - tin0 ^= tout0; - tin1 ^= tout1; - tin[0] = tin0; - tin[1] = tin1; - BF_encrypt(tin, schedule); - tout0 = tin[0]; - tout1 = tin[1]; - l2n(tout0, out); - l2n(tout1, out); - } - l2n(tout0, ivec); - l2n(tout1, ivec); - } else { - n2l(ivec, xor0); - n2l(ivec, xor1); - ivec -= 8; - for (l -= 8; l >= 0; l -= 8) { - n2l(in, tin0); - n2l(in, tin1); - tin[0] = tin0; - tin[1] = tin1; - BF_decrypt(tin, schedule); - tout0 = tin[0]^xor0; - tout1 = tin[1]^xor1; - l2n(tout0, out); - l2n(tout1, out); - xor0 = tin0; - xor1 = tin1; - } - if (l != -8) { - n2l(in, tin0); - n2l(in, tin1); - tin[0] = tin0; - tin[1] = tin1; - BF_decrypt(tin, schedule); - tout0 = tin[0]^xor0; - tout1 = tin[1]^xor1; - l2nn(tout0, tout1, out, l + 8); - xor0 = tin0; - xor1 = tin1; - } - l2n(xor0, ivec); - l2n(xor1, ivec); - } - tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0; - tin[0] = tin[1] = 0; -} -LCRYPTO_ALIAS(BF_cbc_encrypt); - -/* - * The input and output encrypted as though 64bit cfb mode is being - * used. The extra state information to record how much of the - * 64bit block we have used is contained in *num; - */ - -void -BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length, - const BF_KEY *schedule, unsigned char *ivec, int *num, int encrypt) -{ - BF_LONG v0, v1, t; - int n= *num; - long l = length; - BF_LONG ti[2]; - unsigned char *iv, c, cc; - - iv = (unsigned char *)ivec; - if (encrypt) { - while (l--) { - if (n == 0) { - n2l(iv, v0); - ti[0] = v0; - n2l(iv, v1); - ti[1] = v1; - BF_encrypt((BF_LONG *)ti, schedule); - iv = (unsigned char *)ivec; - t = ti[0]; - l2n(t, iv); - t = ti[1]; - l2n(t, iv); - iv = (unsigned char *)ivec; - } - c= *(in++)^iv[n]; - *(out++) = c; - iv[n] = c; - n = (n + 1)&0x07; - } - } else { - while (l--) { - if (n == 0) { - n2l(iv, v0); - ti[0] = v0; - n2l(iv, v1); - ti[1] = v1; - BF_encrypt((BF_LONG *)ti, schedule); - iv = (unsigned char *)ivec; - t = ti[0]; - l2n(t, iv); - t = ti[1]; - l2n(t, iv); - iv = (unsigned char *)ivec; - } - cc= *(in++); - c = iv[n]; - iv[n] = cc; - *(out++) = c^cc; - n = (n + 1)&0x07; - } - } - v0 = v1 = ti[0] = ti[1] = t=c = cc = 0; - *num = n; -} -LCRYPTO_ALIAS(BF_cfb64_encrypt); - -void -BF_ecb_encrypt(const unsigned char *in, unsigned char *out, - const BF_KEY *key, int encrypt) -{ - BF_LONG l, d[2]; - - n2l(in, l); - d[0] = l; - n2l(in, l); - d[1] = l; - if (encrypt) - BF_encrypt(d, key); - else - BF_decrypt(d, key); - l = d[0]; - l2n(l, out); - l = d[1]; - l2n(l, out); - l = d[0] = d[1] = 0; -} -LCRYPTO_ALIAS(BF_ecb_encrypt); - -/* - * The input and output encrypted as though 64bit ofb mode is being - * used. The extra state information to record how much of the - * 64bit block we have used is contained in *num; - */ -void -BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length, - const BF_KEY *schedule, unsigned char *ivec, int *num) -{ - BF_LONG v0, v1, t; - int n= *num; - long l = length; - unsigned char d[8]; - char *dp; - BF_LONG ti[2]; - unsigned char *iv; - int save = 0; - - iv = (unsigned char *)ivec; - n2l(iv, v0); - n2l(iv, v1); - ti[0] = v0; - ti[1] = v1; - dp = (char *)d; - l2n(v0, dp); - l2n(v1, dp); - while (l--) { - if (n == 0) { - BF_encrypt((BF_LONG *)ti, schedule); - dp = (char *)d; - t = ti[0]; - l2n(t, dp); - t = ti[1]; - l2n(t, dp); - save++; - } - *(out++)= *(in++)^d[n]; - n = (n + 1)&0x07; - } - if (save) { - v0 = ti[0]; - v1 = ti[1]; - iv = (unsigned char *)ivec; - l2n(v0, iv); - l2n(v1, iv); - } - t = v0 = v1 = ti[0] = ti[1] = 0; - *num = n; -} -LCRYPTO_ALIAS(BF_ofb64_encrypt); - -void -BF_set_key(BF_KEY *key, int len, const unsigned char *data) -{ - int i; - BF_LONG *p, ri, in[2]; - const unsigned char *d, *end; - - memcpy(key, &bf_init, sizeof(BF_KEY)); - p = key->P; - - if (len > ((BF_ROUNDS + 2)*4)) - len = (BF_ROUNDS + 2)*4; - - d = data; - end = &(data[len]); - for (i = 0; i < (BF_ROUNDS + 2); i++) { - ri= *(d++); - if (d >= end) - d = data; - - ri <<= 8; - ri |= *(d++); - if (d >= end) - d = data; - - ri <<= 8; - ri |= *(d++); - if (d >= end) - d = data; - - ri <<= 8; - ri |= *(d++); - if (d >= end) - d = data; - - p[i]^=ri; - } - - in[0] = 0L; - in[1] = 0L; - for (i = 0; i < (BF_ROUNDS + 2); i += 2) { - BF_encrypt(in, key); - p[i ] = in[0]; - p[i + 1] = in[1]; - } - - p = key->S; - for (i = 0; i < 4*256; i += 2) { - BF_encrypt(in, key); - p[i ] = in[0]; - p[i + 1] = in[1]; - } -} -LCRYPTO_ALIAS(BF_set_key); -#endif diff --git a/src/lib/libcrypto/bf/blowfish.h b/src/lib/libcrypto/bf/blowfish.h deleted file mode 100644 index 5ea99af396..0000000000 --- a/src/lib/libcrypto/bf/blowfish.h +++ /dev/null @@ -1,106 +0,0 @@ -/* $OpenBSD: blowfish.h,v 1.18 2025/01/25 17:59:44 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_BLOWFISH_H -#define HEADER_BLOWFISH_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#define BF_ENCRYPT 1 -#define BF_DECRYPT 0 - -/* - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - * ! BF_LONG has to be at least 32 bits wide. If it's wider, then ! - * ! BF_LONG_LOG2 has to be defined along. ! - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - */ - -#define BF_LONG unsigned int - -#define BF_ROUNDS 16 -#define BF_BLOCK 8 - -typedef struct bf_key_st { - BF_LONG P[BF_ROUNDS + 2]; - BF_LONG S[4*256]; -} BF_KEY; - -void BF_set_key(BF_KEY *key, int len, const unsigned char *data); - -void BF_encrypt(BF_LONG *data, const BF_KEY *key); -void BF_decrypt(BF_LONG *data, const BF_KEY *key); - -void BF_ecb_encrypt(const unsigned char *in, unsigned char *out, - const BF_KEY *key, int enc); -void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, - const BF_KEY *schedule, unsigned char *ivec, int enc); -void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length, - const BF_KEY *schedule, unsigned char *ivec, int *num, int enc); -void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length, - const BF_KEY *schedule, unsigned char *ivec, int *num); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/bio/b_dump.c b/src/lib/libcrypto/bio/b_dump.c deleted file mode 100644 index 4dcf710bbe..0000000000 --- a/src/lib/libcrypto/bio/b_dump.c +++ /dev/null @@ -1,211 +0,0 @@ -/* $OpenBSD: b_dump.c,v 1.30 2024/03/02 09:21:24 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include - -#include -#include - -#include "bytestring.h" - -#define MAX_BYTES_PER_LINE 16 - -/* - * The byte string s is dumped as lines of the following form: - * indent | byte count (4 digits) | " - " | hex dump | " " | ASCII dump - * Each byte uses 4 characters (two hex digits followed by a space and one - * ASCII character). - */ - -int -BIO_dump_indent(BIO *bio, const char *s, int len, int indent) -{ - CBB cbb; - CBS cbs; - int bytes_per_line, dumped, printed, trailing, written; - int ret = -1; - - memset(&cbb, 0, sizeof(cbb)); - - if (len < 0) - goto err; - CBS_init(&cbs, s, len); - - if (indent < 0) - indent = 0; - if (indent > 64) - indent = 64; - - /* - * Less obfuscated version of the original calculation attempting to - * ensure that the dump doesn't overshoot 80 characters per line. For - * a very long string the byte count will still make it go past that. - */ - bytes_per_line = MAX_BYTES_PER_LINE; - if (indent > 6) - bytes_per_line -= (indent - 3) / 4; - if (bytes_per_line <= 0) - goto err; - - /* Strip and count trailing spaces and NULs. */ - trailing = 0; - while (CBS_len(&cbs) > 0) { - uint8_t u8; - - if (!CBS_peek_last_u8(&cbs, &u8)) - goto err; - if (u8 != '\0' && u8 != ' ') - break; - if (!CBS_get_last_u8(&cbs, &u8)) - goto err; - trailing++; - } - - printed = 0; - dumped = 0; - while (CBS_len(&cbs) > 0) { - CBS row; - uint8_t ascii_dump[MAX_BYTES_PER_LINE]; - int missing, row_bytes; - - if ((row_bytes = CBS_len(&cbs)) > bytes_per_line) - row_bytes = bytes_per_line; - if (!CBS_get_bytes(&cbs, &row, row_bytes)) - goto err; - - /* Write out indent, byte count and initial " - ". */ - if ((written = BIO_printf(bio, "%*s%04x - ", indent, "", - dumped)) < 0) - goto err; - if (printed > INT_MAX - written) - goto err; - printed += written; - - /* - * Write out hex dump, prepare ASCII dump. - */ - - if (!CBB_init_fixed(&cbb, ascii_dump, sizeof(ascii_dump))) - goto err; - while (CBS_len(&row) > 0) { - uint8_t u8; - char sep = ' '; - - if (!CBS_get_u8(&row, &u8)) - goto err; - - /* Historic behavior: print a '-' after eighth byte. */ - if (row_bytes - CBS_len(&row) == 8) - sep = '-'; - if ((written = BIO_printf(bio, "%02x%c", u8, sep)) < 0) - goto err; - if (printed > INT_MAX - written) - goto err; - printed += written; - - /* Locale-independent version of !isprint(u8). */ - if (u8 < ' ' || u8 > '~') - u8 = '.'; - if (!CBB_add_u8(&cbb, u8)) - goto err; - } - if (!CBB_finish(&cbb, NULL, NULL)) - goto err; - - /* Calculate number of bytes missing in dump of last line. */ - if ((missing = bytes_per_line - row_bytes) < 0) - goto err; - - /* Pad missing bytes, add 2 spaces and print the ASCII dump. */ - if ((written = BIO_printf(bio, "%*s%.*s\n", 3 * missing + 2, "", - row_bytes, ascii_dump)) < 0) - goto err; - if (printed > INT_MAX - written) - goto err; - printed += written; - - dumped += row_bytes; - } - - if (trailing > 0) { - if ((written = BIO_printf(bio, "%*s%04x - \n", - indent, "", dumped + trailing)) < 0) - goto err; - if (printed > INT_MAX - written) - goto err; - printed += written; - } - - ret = printed; - - err: - CBB_cleanup(&cbb); - - return ret; -} -LCRYPTO_ALIAS(BIO_dump_indent); - -int -BIO_dump(BIO *bio, const char *s, int len) -{ - return BIO_dump_indent(bio, s, len, 0); -} -LCRYPTO_ALIAS(BIO_dump); diff --git a/src/lib/libcrypto/bio/b_posix.c b/src/lib/libcrypto/bio/b_posix.c deleted file mode 100644 index d78f25a1f7..0000000000 --- a/src/lib/libcrypto/bio/b_posix.c +++ /dev/null @@ -1,93 +0,0 @@ -/* $OpenBSD: b_posix.c,v 1.3 2023/07/05 21:23:37 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* - * Functions that need to be overridden by non-POSIX operating systems. - */ - -#include -#include - -#include - -int -BIO_sock_init(void) -{ - if (!OPENSSL_init_crypto(0, NULL)) /* XXX do we need this? */ - return (0); - return (1); -} -LCRYPTO_ALIAS(BIO_sock_init); - -void -BIO_sock_cleanup(void) -{ -} -LCRYPTO_ALIAS(BIO_sock_cleanup); - -int -BIO_socket_nbio(int s, int mode) -{ - int flags = fcntl(s, F_GETFD); - if (mode && !(flags & O_NONBLOCK)) - return (fcntl(s, F_SETFL, flags | O_NONBLOCK) != -1); - else if (!mode && (flags & O_NONBLOCK)) - return (fcntl(s, F_SETFL, flags & ~O_NONBLOCK) != -1); - return (1); -} -LCRYPTO_ALIAS(BIO_socket_nbio); diff --git a/src/lib/libcrypto/bio/b_print.c b/src/lib/libcrypto/bio/b_print.c deleted file mode 100644 index f6943ea3f3..0000000000 --- a/src/lib/libcrypto/bio/b_print.c +++ /dev/null @@ -1,62 +0,0 @@ -/* $OpenBSD: b_print.c,v 1.28 2024/03/02 09:18:28 tb Exp $ */ - -/* Theo de Raadt places this file in the public domain. */ - -#include - -#include "bio_local.h" - -#ifdef HAVE_FUNOPEN -static int -_BIO_write(void *cookie, const char *buf, int nbytes) -{ - return BIO_write(cookie, buf, nbytes); -} - -int -BIO_vprintf(BIO *bio, const char *format, va_list args) -{ - int ret; - FILE *fp; - - fp = funopen(bio, NULL, &_BIO_write, NULL, NULL); - if (fp == NULL) { - ret = -1; - goto fail; - } - ret = vfprintf(fp, format, args); - fclose(fp); -fail: - return (ret); -} - -#else /* !HAVE_FUNOPEN */ - -int -BIO_vprintf(BIO *bio, const char *format, va_list args) -{ - int ret; - char *buf = NULL; - - ret = vasprintf(&buf, format, args); - if (ret == -1) - return (ret); - BIO_write(bio, buf, ret); - free(buf); - return (ret); -} - -#endif /* HAVE_FUNOPEN */ - -int -BIO_printf(BIO *bio, const char *format, ...) -{ - va_list args; - int ret; - - va_start(args, format); - ret = BIO_vprintf(bio, format, args); - va_end(args); - return (ret); -} -LCRYPTO_ALIAS(BIO_printf); diff --git a/src/lib/libcrypto/bio/b_sock.c b/src/lib/libcrypto/bio/b_sock.c deleted file mode 100644 index 00bbe9c37e..0000000000 --- a/src/lib/libcrypto/bio/b_sock.c +++ /dev/null @@ -1,261 +0,0 @@ -/* $OpenBSD: b_sock.c,v 1.71 2023/07/05 21:23:37 beck Exp $ */ -/* - * Copyright (c) 2017 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include -#include - -#include -#include -#include - -#include -#include -#include -#include -#include -#include - -#include -#include -#include - -int -BIO_get_host_ip(const char *str, unsigned char *ip) -{ - struct addrinfo *res = NULL; - struct addrinfo hints = { - .ai_family = AF_INET, - .ai_socktype = SOCK_STREAM, - .ai_flags = AI_PASSIVE, - }; - uint32_t *iap = (in_addr_t *)ip; - int error; - - if (str == NULL) { - BIOerror(BIO_R_BAD_HOSTNAME_LOOKUP); - ERR_asprintf_error_data("NULL host provided"); - return (0); - } - - if ((error = getaddrinfo(str, NULL, &hints, &res)) != 0) { - BIOerror(BIO_R_BAD_HOSTNAME_LOOKUP); - ERR_asprintf_error_data("getaddrinfo: host='%s' : %s'", str, - gai_strerror(error)); - return (0); - } - *iap = (uint32_t)(((struct sockaddr_in *)(res->ai_addr))->sin_addr.s_addr); - freeaddrinfo(res); - return (1); -} -LCRYPTO_ALIAS(BIO_get_host_ip); - -int -BIO_get_port(const char *str, unsigned short *port_ptr) -{ - struct addrinfo *res = NULL; - struct addrinfo hints = { - .ai_family = AF_UNSPEC, - .ai_socktype = SOCK_STREAM, - .ai_flags = AI_PASSIVE, - }; - int error; - - if (str == NULL) { - BIOerror(BIO_R_NO_PORT_SPECIFIED); - return (0); - } - - if ((error = getaddrinfo(NULL, str, &hints, &res)) != 0) { - BIOerror(BIO_R_INVALID_ARGUMENT); - ERR_asprintf_error_data("getaddrinfo: service='%s' : %s'", str, - gai_strerror(error)); - return (0); - } - *port_ptr = ntohs(((struct sockaddr_in *)(res->ai_addr))->sin_port); - freeaddrinfo(res); - return (1); -} -LCRYPTO_ALIAS(BIO_get_port); - -int -BIO_sock_error(int sock) -{ - socklen_t len; - int err; - - len = sizeof(err); - if (getsockopt(sock, SOL_SOCKET, SO_ERROR, &err, &len) != 0) - return (1); - return (err); -} -LCRYPTO_ALIAS(BIO_sock_error); - -struct hostent * -BIO_gethostbyname(const char *name) -{ - return gethostbyname(name); -} -LCRYPTO_ALIAS(BIO_gethostbyname); - -int -BIO_socket_ioctl(int fd, long type, void *arg) -{ - int ret; - - ret = ioctl(fd, type, arg); - if (ret < 0) - SYSerror(errno); - return (ret); -} -LCRYPTO_ALIAS(BIO_socket_ioctl); - -int -BIO_get_accept_socket(char *host, int bind_mode) -{ - struct addrinfo hints = { - .ai_family = AF_INET, - .ai_socktype = SOCK_STREAM, - .ai_flags = AI_PASSIVE, - }; - struct addrinfo *res = NULL; - char *h, *p, *str = NULL; - int error, ret = 0, s = -1; - - if (host == NULL) { - BIOerror(BIO_R_NO_PORT_SPECIFIED); - return (-1); - } - if ((str = strdup(host)) == NULL) { - BIOerror(ERR_R_MALLOC_FAILURE); - return (-1); - } - p = NULL; - h = str; - if ((p = strrchr(str, ':')) == NULL) { - /* A string without a colon is treated as a port. */ - p = str; - h = NULL; - } else { - *p++ = '\0'; - if (*p == '\0') { - BIOerror(BIO_R_NO_PORT_SPECIFIED); - goto err; - } - if (*h == '\0' || strcmp(h, "*") == 0) - h = NULL; - } - - if ((error = getaddrinfo(h, p, &hints, &res)) != 0) { - BIOerror(BIO_R_BAD_HOSTNAME_LOOKUP); - ERR_asprintf_error_data("getaddrinfo: '%s:%s': %s'", h, p, - gai_strerror(error)); - goto err; - } - if (h == NULL) { - struct sockaddr_in *sin = (struct sockaddr_in *)res->ai_addr; - sin->sin_addr.s_addr = INADDR_ANY; - } - - s = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); - if (s == -1) { - SYSerror(errno); - ERR_asprintf_error_data("host='%s'", host); - BIOerror(BIO_R_UNABLE_TO_CREATE_SOCKET); - goto err; - } - if (bind_mode == BIO_BIND_REUSEADDR) { - int i = 1; - - ret = setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &i, sizeof(i)); - bind_mode = BIO_BIND_NORMAL; - } - if (bind(s, res->ai_addr, res->ai_addrlen) == -1) { - SYSerror(errno); - ERR_asprintf_error_data("host='%s'", host); - BIOerror(BIO_R_UNABLE_TO_BIND_SOCKET); - goto err; - } - if (listen(s, SOMAXCONN) == -1) { - SYSerror(errno); - ERR_asprintf_error_data("host='%s'", host); - BIOerror(BIO_R_UNABLE_TO_LISTEN_SOCKET); - goto err; - } - ret = 1; - -err: - free(str); - if (res != NULL) - freeaddrinfo(res); - if ((ret == 0) && (s != -1)) { - close(s); - s = -1; - } - return (s); -} -LCRYPTO_ALIAS(BIO_get_accept_socket); - -int -BIO_accept(int sock, char **addr) -{ - char h[NI_MAXHOST], s[NI_MAXSERV]; - struct sockaddr_in sin; - socklen_t sin_len = sizeof(sin); - int ret = -1; - - if (addr == NULL) { - BIOerror(BIO_R_NULL_PARAMETER); - goto end; - } - ret = accept(sock, (struct sockaddr *)&sin, &sin_len); - if (ret == -1) { - if (BIO_sock_should_retry(ret)) - return -2; - SYSerror(errno); - BIOerror(BIO_R_ACCEPT_ERROR); - goto end; - } - /* XXX Crazy API. Can't be helped */ - if (*addr != NULL) { - free(*addr); - *addr = NULL; - } - - if (sin.sin_family != AF_INET) - goto end; - - if (getnameinfo((struct sockaddr *)&sin, sin_len, h, sizeof(h), - s, sizeof(s), NI_NUMERICHOST|NI_NUMERICSERV) != 0) - goto end; - - if ((asprintf(addr, "%s:%s", h, s)) == -1) { - BIOerror(ERR_R_MALLOC_FAILURE); - *addr = NULL; - goto end; - } -end: - return (ret); -} -LCRYPTO_ALIAS(BIO_accept); - -int -BIO_set_tcp_ndelay(int s, int on) -{ - return (setsockopt(s, IPPROTO_TCP, TCP_NODELAY, &on, sizeof(on)) == 0); -} -LCRYPTO_ALIAS(BIO_set_tcp_ndelay); diff --git a/src/lib/libcrypto/bio/bf_buff.c b/src/lib/libcrypto/bio/bf_buff.c deleted file mode 100644 index 226c16835a..0000000000 --- a/src/lib/libcrypto/bio/bf_buff.c +++ /dev/null @@ -1,523 +0,0 @@ -/* $OpenBSD: bf_buff.c,v 1.28 2023/07/05 21:23:37 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include -#include - -#include "bio_local.h" - -static int buffer_write(BIO *h, const char *buf, int num); -static int buffer_read(BIO *h, char *buf, int size); -static int buffer_puts(BIO *h, const char *str); -static int buffer_gets(BIO *h, char *str, int size); -static long buffer_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int buffer_new(BIO *h); -static int buffer_free(BIO *data); -static long buffer_callback_ctrl(BIO *h, int cmd, BIO_info_cb *fp); -#define DEFAULT_BUFFER_SIZE 4096 - -static const BIO_METHOD methods_buffer = { - .type = BIO_TYPE_BUFFER, - .name = "buffer", - .bwrite = buffer_write, - .bread = buffer_read, - .bputs = buffer_puts, - .bgets = buffer_gets, - .ctrl = buffer_ctrl, - .create = buffer_new, - .destroy = buffer_free, - .callback_ctrl = buffer_callback_ctrl -}; - -const BIO_METHOD * -BIO_f_buffer(void) -{ - return (&methods_buffer); -} -LCRYPTO_ALIAS(BIO_f_buffer); - -static int -buffer_new(BIO *bi) -{ - BIO_F_BUFFER_CTX *ctx; - - ctx = malloc(sizeof(BIO_F_BUFFER_CTX)); - if (ctx == NULL) - return (0); - ctx->ibuf = malloc(DEFAULT_BUFFER_SIZE); - if (ctx->ibuf == NULL) { - free(ctx); - return (0); - } - ctx->obuf = malloc(DEFAULT_BUFFER_SIZE); - if (ctx->obuf == NULL) { - free(ctx->ibuf); - free(ctx); - return (0); - } - ctx->ibuf_size = DEFAULT_BUFFER_SIZE; - ctx->obuf_size = DEFAULT_BUFFER_SIZE; - ctx->ibuf_len = 0; - ctx->ibuf_off = 0; - ctx->obuf_len = 0; - ctx->obuf_off = 0; - - bi->init = 1; - bi->ptr = (char *)ctx; - bi->flags = 0; - return (1); -} - -static int -buffer_free(BIO *a) -{ - BIO_F_BUFFER_CTX *b; - - if (a == NULL) - return (0); - b = (BIO_F_BUFFER_CTX *)a->ptr; - free(b->ibuf); - free(b->obuf); - free(a->ptr); - a->ptr = NULL; - a->init = 0; - a->flags = 0; - return (1); -} - -static int -buffer_read(BIO *b, char *out, int outl) -{ - int i, num = 0; - BIO_F_BUFFER_CTX *ctx; - - if (out == NULL) - return (0); - ctx = (BIO_F_BUFFER_CTX *)b->ptr; - - if ((ctx == NULL) || (b->next_bio == NULL)) - return (0); - num = 0; - BIO_clear_retry_flags(b); - -start: - i = ctx->ibuf_len; - /* If there is stuff left over, grab it */ - if (i != 0) { - if (i > outl) - i = outl; - memcpy(out, &(ctx->ibuf[ctx->ibuf_off]), i); - ctx->ibuf_off += i; - ctx->ibuf_len -= i; - num += i; - if (outl == i) - return (num); - outl -= i; - out += i; - } - - /* We may have done a partial read. try to do more. - * We have nothing in the buffer. - * If we get an error and have read some data, just return it - * and let them retry to get the error again. - * copy direct to parent address space */ - if (outl > ctx->ibuf_size) { - for (;;) { - i = BIO_read(b->next_bio, out, outl); - if (i <= 0) { - BIO_copy_next_retry(b); - if (i < 0) - return ((num > 0) ? num : i); - if (i == 0) - return (num); - } - num += i; - if (outl == i) - return (num); - out += i; - outl -= i; - } - } - /* else */ - - /* we are going to be doing some buffering */ - i = BIO_read(b->next_bio, ctx->ibuf, ctx->ibuf_size); - if (i <= 0) { - BIO_copy_next_retry(b); - if (i < 0) - return ((num > 0) ? num : i); - if (i == 0) - return (num); - } - ctx->ibuf_off = 0; - ctx->ibuf_len = i; - - /* Lets re-read using ourselves :-) */ - goto start; -} - -static int -buffer_write(BIO *b, const char *in, int inl) -{ - int i, num = 0; - BIO_F_BUFFER_CTX *ctx; - - if ((in == NULL) || (inl <= 0)) - return (0); - ctx = (BIO_F_BUFFER_CTX *)b->ptr; - if ((ctx == NULL) || (b->next_bio == NULL)) - return (0); - - BIO_clear_retry_flags(b); -start: - i = ctx->obuf_size - (ctx->obuf_len + ctx->obuf_off); - /* add to buffer and return */ - if (i >= inl) { - memcpy(&(ctx->obuf[ctx->obuf_off + ctx->obuf_len]), in, inl); - ctx->obuf_len += inl; - return (num + inl); - } - /* else */ - /* stuff already in buffer, so add to it first, then flush */ - if (ctx->obuf_len != 0) { - if (i > 0) /* lets fill it up if we can */ - { - memcpy(&(ctx->obuf[ctx->obuf_off + ctx->obuf_len]), in, i); - in += i; - inl -= i; - num += i; - ctx->obuf_len += i; - } - /* we now have a full buffer needing flushing */ - for (;;) { - i = BIO_write(b->next_bio, &(ctx->obuf[ctx->obuf_off]), - ctx->obuf_len); - if (i <= 0) { - BIO_copy_next_retry(b); - - if (i < 0) - return ((num > 0) ? num : i); - if (i == 0) - return (num); - } - ctx->obuf_off += i; - ctx->obuf_len -= i; - if (ctx->obuf_len == 0) - break; - } - } - /* we only get here if the buffer has been flushed and we - * still have stuff to write */ - ctx->obuf_off = 0; - - /* we now have inl bytes to write */ - while (inl >= ctx->obuf_size) { - i = BIO_write(b->next_bio, in, inl); - if (i <= 0) { - BIO_copy_next_retry(b); - if (i < 0) - return ((num > 0) ? num : i); - if (i == 0) - return (num); - } - num += i; - in += i; - inl -= i; - if (inl == 0) - return (num); - } - - /* copy the rest into the buffer since we have only a small - * amount left */ - goto start; -} - -static long -buffer_ctrl(BIO *b, int cmd, long num, void *ptr) -{ - BIO *dbio; - BIO_F_BUFFER_CTX *ctx; - long ret = 1; - char *p1, *p2; - int r, i, *ip; - int ibs, obs; - - ctx = (BIO_F_BUFFER_CTX *)b->ptr; - - switch (cmd) { - case BIO_CTRL_RESET: - ctx->ibuf_off = 0; - ctx->ibuf_len = 0; - ctx->obuf_off = 0; - ctx->obuf_len = 0; - if (b->next_bio == NULL) - return (0); - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); - break; - case BIO_CTRL_INFO: - ret = (long)ctx->obuf_len; - break; - case BIO_C_GET_BUFF_NUM_LINES: - ret = 0; - p1 = ctx->ibuf; - for (i = 0; i < ctx->ibuf_len; i++) { - if (p1[ctx->ibuf_off + i] == '\n') - ret++; - } - break; - case BIO_CTRL_WPENDING: - ret = (long)ctx->obuf_len; - if (ret == 0) { - if (b->next_bio == NULL) - return (0); - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); - } - break; - case BIO_CTRL_PENDING: - ret = (long)ctx->ibuf_len; - if (ret == 0) { - if (b->next_bio == NULL) - return (0); - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); - } - break; - case BIO_C_SET_BUFF_READ_DATA: - if (num > ctx->ibuf_size) { - p1 = malloc(num); - if (p1 == NULL) - goto malloc_error; - free(ctx->ibuf); - ctx->ibuf = p1; - } - ctx->ibuf_off = 0; - ctx->ibuf_len = (int)num; - memcpy(ctx->ibuf, ptr, num); - ret = 1; - break; - case BIO_C_SET_BUFF_SIZE: - if (ptr != NULL) { - ip = (int *)ptr; - if (*ip == 0) { - ibs = (int)num; - obs = ctx->obuf_size; - } - else /* if (*ip == 1) */ - { - ibs = ctx->ibuf_size; - obs = (int)num; - } - } else { - ibs = (int)num; - obs = (int)num; - } - p1 = ctx->ibuf; - p2 = ctx->obuf; - if ((ibs > DEFAULT_BUFFER_SIZE) && (ibs != ctx->ibuf_size)) { - p1 = malloc(num); - if (p1 == NULL) - goto malloc_error; - } - if ((obs > DEFAULT_BUFFER_SIZE) && (obs != ctx->obuf_size)) { - p2 = malloc(num); - if (p2 == NULL) { - if (p1 != ctx->ibuf) - free(p1); - goto malloc_error; - } - } - if (ctx->ibuf != p1) { - free(ctx->ibuf); - ctx->ibuf = p1; - ctx->ibuf_off = 0; - ctx->ibuf_len = 0; - ctx->ibuf_size = ibs; - } - if (ctx->obuf != p2) { - free(ctx->obuf); - ctx->obuf = p2; - ctx->obuf_off = 0; - ctx->obuf_len = 0; - ctx->obuf_size = obs; - } - break; - case BIO_C_DO_STATE_MACHINE: - if (b->next_bio == NULL) - return (0); - BIO_clear_retry_flags(b); - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); - BIO_copy_next_retry(b); - break; - - case BIO_CTRL_FLUSH: - if (b->next_bio == NULL) - return (0); - if (ctx->obuf_len <= 0) { - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); - break; - } - - for (;;) { - BIO_clear_retry_flags(b); - if (ctx->obuf_len > 0) { - r = BIO_write(b->next_bio, - &(ctx->obuf[ctx->obuf_off]), - ctx->obuf_len); - BIO_copy_next_retry(b); - if (r <= 0) - return ((long)r); - ctx->obuf_off += r; - ctx->obuf_len -= r; - } else { - ctx->obuf_len = 0; - ctx->obuf_off = 0; - break; - } - } - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); - break; - case BIO_CTRL_DUP: - dbio = (BIO *)ptr; - if (!BIO_set_read_buffer_size(dbio, ctx->ibuf_size) || - !BIO_set_write_buffer_size(dbio, ctx->obuf_size)) - ret = 0; - break; - default: - if (b->next_bio == NULL) - return (0); - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); - break; - } - return (ret); -malloc_error: - BIOerror(ERR_R_MALLOC_FAILURE); - return (0); -} - -static long -buffer_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp) -{ - long ret = 1; - - if (b->next_bio == NULL) - return (0); - switch (cmd) { - default: - ret = BIO_callback_ctrl(b->next_bio, cmd, fp); - break; - } - return (ret); -} - -static int -buffer_gets(BIO *b, char *buf, int size) -{ - BIO_F_BUFFER_CTX *ctx; - int num = 0, i, flag; - char *p; - - ctx = (BIO_F_BUFFER_CTX *)b->ptr; - size--; /* reserve space for a '\0' */ - BIO_clear_retry_flags(b); - - for (;;) { - if (ctx->ibuf_len > 0) { - p = &(ctx->ibuf[ctx->ibuf_off]); - flag = 0; - for (i = 0; (i < ctx->ibuf_len) && (i < size); i++) { - *(buf++) = p[i]; - if (p[i] == '\n') { - flag = 1; - i++; - break; - } - } - num += i; - size -= i; - ctx->ibuf_len -= i; - ctx->ibuf_off += i; - if (flag || size == 0) { - *buf = '\0'; - return (num); - } - } - else /* read another chunk */ - { - i = BIO_read(b->next_bio, ctx->ibuf, ctx->ibuf_size); - if (i <= 0) { - BIO_copy_next_retry(b); - *buf = '\0'; - if (i < 0) - return ((num > 0) ? num : i); - if (i == 0) - return (num); - } - ctx->ibuf_len = i; - ctx->ibuf_off = 0; - } - } -} - -static int -buffer_puts(BIO *b, const char *str) -{ - return (buffer_write(b, str, strlen(str))); -} diff --git a/src/lib/libcrypto/bio/bf_nbio.c b/src/lib/libcrypto/bio/bf_nbio.c deleted file mode 100644 index 2aed3b8fb6..0000000000 --- a/src/lib/libcrypto/bio/bf_nbio.c +++ /dev/null @@ -1,255 +0,0 @@ -/* $OpenBSD: bf_nbio.c,v 1.23 2023/07/05 21:23:37 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include - -#include "bio_local.h" - -/* BIO_put and BIO_get both add to the digest, - * BIO_gets returns the digest */ - -static int nbiof_write(BIO *h, const char *buf, int num); -static int nbiof_read(BIO *h, char *buf, int size); -static int nbiof_puts(BIO *h, const char *str); -static int nbiof_gets(BIO *h, char *str, int size); -static long nbiof_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int nbiof_new(BIO *h); -static int nbiof_free(BIO *data); -static long nbiof_callback_ctrl(BIO *h, int cmd, BIO_info_cb *fp); - -typedef struct nbio_test_st { - /* only set if we sent a 'should retry' error */ - int lrn; - int lwn; -} NBIO_TEST; - -static const BIO_METHOD methods_nbiof = { - .type = BIO_TYPE_NBIO_TEST, - .name = "non-blocking IO test filter", - .bwrite = nbiof_write, - .bread = nbiof_read, - .bputs = nbiof_puts, - .bgets = nbiof_gets, - .ctrl = nbiof_ctrl, - .create = nbiof_new, - .destroy = nbiof_free, - .callback_ctrl = nbiof_callback_ctrl -}; - -const BIO_METHOD * -BIO_f_nbio_test(void) -{ - return (&methods_nbiof); -} -LCRYPTO_ALIAS(BIO_f_nbio_test); - -static int -nbiof_new(BIO *bi) -{ - NBIO_TEST *nt; - - if (!(nt = malloc(sizeof(NBIO_TEST)))) - return (0); - nt->lrn = -1; - nt->lwn = -1; - bi->ptr = (char *)nt; - bi->init = 1; - bi->flags = 0; - return (1); -} - -static int -nbiof_free(BIO *a) -{ - if (a == NULL) - return (0); - free(a->ptr); - a->ptr = NULL; - a->init = 0; - a->flags = 0; - return (1); -} - -static int -nbiof_read(BIO *b, char *out, int outl) -{ - int ret = 0; - int num; - unsigned char n; - - if (out == NULL) - return (0); - if (b->next_bio == NULL) - return (0); - - BIO_clear_retry_flags(b); - - arc4random_buf(&n, 1); - num = (n & 0x07); - - if (outl > num) - outl = num; - - if (num == 0) { - ret = -1; - BIO_set_retry_read(b); - } else { - ret = BIO_read(b->next_bio, out, outl); - if (ret < 0) - BIO_copy_next_retry(b); - } - return (ret); -} - -static int -nbiof_write(BIO *b, const char *in, int inl) -{ - NBIO_TEST *nt; - int ret = 0; - int num; - unsigned char n; - - if ((in == NULL) || (inl <= 0)) - return (0); - if (b->next_bio == NULL) - return (0); - nt = (NBIO_TEST *)b->ptr; - - BIO_clear_retry_flags(b); - - if (nt->lwn > 0) { - num = nt->lwn; - nt->lwn = 0; - } else { - arc4random_buf(&n, 1); - num = (n&7); - } - - if (inl > num) - inl = num; - - if (num == 0) { - ret = -1; - BIO_set_retry_write(b); - } else { - ret = BIO_write(b->next_bio, in, inl); - if (ret < 0) { - BIO_copy_next_retry(b); - nt->lwn = inl; - } - } - return (ret); -} - -static long -nbiof_ctrl(BIO *b, int cmd, long num, void *ptr) -{ - long ret; - - if (b->next_bio == NULL) - return (0); - switch (cmd) { - case BIO_C_DO_STATE_MACHINE: - BIO_clear_retry_flags(b); - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); - BIO_copy_next_retry(b); - break; - case BIO_CTRL_DUP: - ret = 0L; - break; - default: - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); - break; - } - return (ret); -} - -static long -nbiof_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp) -{ - long ret = 1; - - if (b->next_bio == NULL) - return (0); - switch (cmd) { - default: - ret = BIO_callback_ctrl(b->next_bio, cmd, fp); - break; - } - return (ret); -} - -static int -nbiof_gets(BIO *bp, char *buf, int size) -{ - if (bp->next_bio == NULL) - return (0); - return (BIO_gets(bp->next_bio, buf, size)); -} - -static int -nbiof_puts(BIO *bp, const char *str) -{ - if (bp->next_bio == NULL) - return (0); - return (BIO_puts(bp->next_bio, str)); -} diff --git a/src/lib/libcrypto/bio/bf_null.c b/src/lib/libcrypto/bio/bf_null.c deleted file mode 100644 index 055daeb7a9..0000000000 --- a/src/lib/libcrypto/bio/bf_null.c +++ /dev/null @@ -1,199 +0,0 @@ -/* $OpenBSD: bf_null.c,v 1.15 2023/07/05 21:23:37 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include - -#include "bio_local.h" - -/* BIO_put and BIO_get both add to the digest, - * BIO_gets returns the digest */ - -static int nullf_write(BIO *h, const char *buf, int num); -static int nullf_read(BIO *h, char *buf, int size); -static int nullf_puts(BIO *h, const char *str); -static int nullf_gets(BIO *h, char *str, int size); -static long nullf_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int nullf_new(BIO *h); -static int nullf_free(BIO *data); -static long nullf_callback_ctrl(BIO *h, int cmd, BIO_info_cb *fp); - -static const BIO_METHOD methods_nullf = { - .type = BIO_TYPE_NULL_FILTER, - .name = "NULL filter", - .bwrite = nullf_write, - .bread = nullf_read, - .bputs = nullf_puts, - .bgets = nullf_gets, - .ctrl = nullf_ctrl, - .create = nullf_new, - .destroy = nullf_free, - .callback_ctrl = nullf_callback_ctrl -}; - -const BIO_METHOD * -BIO_f_null(void) -{ - return (&methods_nullf); -} -LCRYPTO_ALIAS(BIO_f_null); - -static int -nullf_new(BIO *bi) -{ - bi->init = 1; - bi->ptr = NULL; - bi->flags = 0; - return (1); -} - -static int -nullf_free(BIO *a) -{ - if (a == NULL) - return (0); -/* a->ptr=NULL; - a->init=0; - a->flags=0;*/ - return (1); -} - -static int -nullf_read(BIO *b, char *out, int outl) -{ - int ret = 0; - - if (out == NULL) - return (0); - if (b->next_bio == NULL) - return (0); - ret = BIO_read(b->next_bio, out, outl); - BIO_clear_retry_flags(b); - BIO_copy_next_retry(b); - return (ret); -} - -static int -nullf_write(BIO *b, const char *in, int inl) -{ - int ret = 0; - - if ((in == NULL) || (inl <= 0)) - return (0); - if (b->next_bio == NULL) - return (0); - ret = BIO_write(b->next_bio, in, inl); - BIO_clear_retry_flags(b); - BIO_copy_next_retry(b); - return (ret); -} - -static long -nullf_ctrl(BIO *b, int cmd, long num, void *ptr) -{ - long ret; - - if (b->next_bio == NULL) - return (0); - switch (cmd) { - case BIO_C_DO_STATE_MACHINE: - BIO_clear_retry_flags(b); - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); - BIO_copy_next_retry(b); - break; - case BIO_CTRL_DUP: - ret = 0L; - break; - default: - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); - } - return (ret); -} - -static long -nullf_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp) -{ - long ret = 1; - - if (b->next_bio == NULL) - return (0); - switch (cmd) { - default: - ret = BIO_callback_ctrl(b->next_bio, cmd, fp); - break; - } - return (ret); -} - -static int -nullf_gets(BIO *bp, char *buf, int size) -{ - if (bp->next_bio == NULL) - return (0); - return (BIO_gets(bp->next_bio, buf, size)); -} - -static int -nullf_puts(BIO *bp, const char *str) -{ - if (bp->next_bio == NULL) - return (0); - return (BIO_puts(bp->next_bio, str)); -} diff --git a/src/lib/libcrypto/bio/bio.h b/src/lib/libcrypto/bio/bio.h deleted file mode 100644 index 8327ffc071..0000000000 --- a/src/lib/libcrypto/bio/bio.h +++ /dev/null @@ -1,717 +0,0 @@ -/* $OpenBSD: bio.h,v 1.64 2024/05/19 07:12:50 jsg Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_BIO_H -#define HEADER_BIO_H -#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__OpenBSD__) -#define __bounded__(x, y, z) -#endif -#include - -# include -#include - -#include - - -#ifdef __cplusplus -extern "C" { -#endif - -/* These are the 'types' of BIOs */ -#define BIO_TYPE_NONE 0 -#define BIO_TYPE_MEM (1|0x0400) -#define BIO_TYPE_FILE (2|0x0400) - -#define BIO_TYPE_FD (4|0x0400|0x0100) -#define BIO_TYPE_SOCKET (5|0x0400|0x0100) -#define BIO_TYPE_NULL (6|0x0400) -#define BIO_TYPE_SSL (7|0x0200) -#define BIO_TYPE_MD (8|0x0200) /* passive filter */ -#define BIO_TYPE_BUFFER (9|0x0200) /* filter */ -#define BIO_TYPE_CIPHER (10|0x0200) /* filter */ -#define BIO_TYPE_BASE64 (11|0x0200) /* filter */ -#define BIO_TYPE_CONNECT (12|0x0400|0x0100) /* socket - connect */ -#define BIO_TYPE_ACCEPT (13|0x0400|0x0100) /* socket for accept */ -#define BIO_TYPE_PROXY_CLIENT (14|0x0200) /* client proxy BIO */ -#define BIO_TYPE_PROXY_SERVER (15|0x0200) /* server proxy BIO */ -#define BIO_TYPE_NBIO_TEST (16|0x0200) /* server proxy BIO */ -#define BIO_TYPE_NULL_FILTER (17|0x0200) -#define BIO_TYPE_BER (18|0x0200) /* BER -> bin filter */ -#define BIO_TYPE_BIO (19|0x0400) /* (half a) BIO pair */ -#define BIO_TYPE_LINEBUFFER (20|0x0200) /* filter */ -#define BIO_TYPE_DGRAM (21|0x0400|0x0100) -#define BIO_TYPE_ASN1 (22|0x0200) /* filter */ -#define BIO_TYPE_COMP (23|0x0200) /* filter */ - -#define BIO_TYPE_DESCRIPTOR 0x0100 /* socket, fd, connect or accept */ -#define BIO_TYPE_FILTER 0x0200 -#define BIO_TYPE_SOURCE_SINK 0x0400 - -/* - * BIO_TYPE_START is the first user-allocated BIO type. No pre-defined type, - * flag bits aside, may exceed this value. - */ -#define BIO_TYPE_START 128 - -/* BIO_FILENAME_READ|BIO_CLOSE to open or close on free. - * BIO_set_fp(in,stdin,BIO_NOCLOSE); */ -#define BIO_NOCLOSE 0x00 -#define BIO_CLOSE 0x01 - -/* These are used in the following macros and are passed to - * BIO_ctrl() */ -#define BIO_CTRL_RESET 1 /* opt - rewind/zero etc */ -#define BIO_CTRL_EOF 2 /* opt - are we at the eof */ -#define BIO_CTRL_INFO 3 /* opt - extra tit-bits */ -#define BIO_CTRL_SET 4 /* man - set the 'IO' type */ -#define BIO_CTRL_GET 5 /* man - get the 'IO' type */ -#define BIO_CTRL_PUSH 6 /* opt - internal, used to signify change */ -#define BIO_CTRL_POP 7 /* opt - internal, used to signify change */ -#define BIO_CTRL_GET_CLOSE 8 /* man - set the 'close' on free */ -#define BIO_CTRL_SET_CLOSE 9 /* man - set the 'close' on free */ -#define BIO_CTRL_PENDING 10 /* opt - is their more data buffered */ -#define BIO_CTRL_FLUSH 11 /* opt - 'flush' buffered output */ -#define BIO_CTRL_DUP 12 /* man - extra stuff for 'duped' BIO */ -#define BIO_CTRL_WPENDING 13 /* opt - number of bytes still to write */ -/* callback is int cb(BIO *bio,state,ret); */ -#define BIO_CTRL_SET_CALLBACK 14 /* opt - set callback function */ -#define BIO_CTRL_GET_CALLBACK 15 /* opt - set callback function */ - -#define BIO_CTRL_SET_FILENAME 30 /* BIO_s_file special */ - -/* dgram BIO stuff */ -#define BIO_CTRL_DGRAM_CONNECT 31 /* BIO dgram special */ -#define BIO_CTRL_DGRAM_SET_CONNECTED 32 /* allow for an externally - * connected socket to be - * passed in */ -#define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33 /* setsockopt, essentially */ -#define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34 /* getsockopt, essentially */ -#define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35 /* setsockopt, essentially */ -#define BIO_CTRL_DGRAM_GET_SEND_TIMEOUT 36 /* getsockopt, essentially */ - -#define BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP 37 /* flag whether the last */ -#define BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP 38 /* I/O operation tiemd out */ - -/* #ifdef IP_MTU_DISCOVER */ -#define BIO_CTRL_DGRAM_MTU_DISCOVER 39 /* set DF bit on egress packets */ -/* #endif */ - -#define BIO_CTRL_DGRAM_QUERY_MTU 40 /* as kernel for current MTU */ -#define BIO_CTRL_DGRAM_GET_FALLBACK_MTU 47 -#define BIO_CTRL_DGRAM_GET_MTU 41 /* get cached value for MTU */ -#define BIO_CTRL_DGRAM_SET_MTU 42 /* set cached value for - * MTU. want to use this - * if asking the kernel - * fails */ - -#define BIO_CTRL_DGRAM_MTU_EXCEEDED 43 /* check whether the MTU - * was exceed in the - * previous write - * operation */ - -#define BIO_CTRL_DGRAM_GET_PEER 46 -#define BIO_CTRL_DGRAM_SET_PEER 44 /* Destination for the data */ - -#define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT 45 /* Next DTLS handshake timeout to - * adjust socket timeouts */ - - -/* modifiers */ -#define BIO_FP_READ 0x02 -#define BIO_FP_WRITE 0x04 -#define BIO_FP_APPEND 0x08 -#define BIO_FP_TEXT 0x10 - -#define BIO_FLAGS_READ 0x01 -#define BIO_FLAGS_WRITE 0x02 -#define BIO_FLAGS_IO_SPECIAL 0x04 -#define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL) -#define BIO_FLAGS_SHOULD_RETRY 0x08 - -/* Used in BIO_gethostbyname() */ -#define BIO_GHBN_CTRL_HITS 1 -#define BIO_GHBN_CTRL_MISSES 2 -#define BIO_GHBN_CTRL_CACHE_SIZE 3 -#define BIO_GHBN_CTRL_GET_ENTRY 4 -#define BIO_GHBN_CTRL_FLUSH 5 - -/* Mostly used in the SSL BIO */ -/* Not used anymore - * #define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10 - * #define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20 - * #define BIO_FLAGS_PROTOCOL_STARTUP 0x40 - */ - -#define BIO_FLAGS_BASE64_NO_NL 0x100 - -/* This is used with memory BIOs: it means we shouldn't free up or change the - * data in any way. - */ -#define BIO_FLAGS_MEM_RDONLY 0x200 - -void BIO_set_flags(BIO *b, int flags); -int BIO_test_flags(const BIO *b, int flags); -void BIO_clear_flags(BIO *b, int flags); - -#define BIO_get_flags(b) BIO_test_flags(b, ~(0x0)) -#define BIO_set_retry_special(b) \ - BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY)) -#define BIO_set_retry_read(b) \ - BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY)) -#define BIO_set_retry_write(b) \ - BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY)) - -/* These are normally used internally in BIOs */ -#define BIO_clear_retry_flags(b) \ - BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY)) -#define BIO_get_retry_flags(b) \ - BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY)) - -/* These should be used by the application to tell why we should retry */ -#define BIO_should_read(a) BIO_test_flags(a, BIO_FLAGS_READ) -#define BIO_should_write(a) BIO_test_flags(a, BIO_FLAGS_WRITE) -#define BIO_should_io_special(a) BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL) -#define BIO_retry_type(a) BIO_test_flags(a, BIO_FLAGS_RWS) -#define BIO_should_retry(a) BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY) - -/* The next three are used in conjunction with the - * BIO_should_io_special() condition. After this returns true, - * BIO *BIO_get_retry_BIO(BIO *bio, int *reason); will walk the BIO - * stack and return the 'reason' for the special and the offending BIO. - * Given a BIO, BIO_get_retry_reason(bio) will return the code. */ -/* Returned from the SSL bio when the certificate retrieval code had an error */ -#define BIO_RR_SSL_X509_LOOKUP 0x01 -/* Returned from the connect BIO when a connect would have blocked */ -#define BIO_RR_CONNECT 0x02 -/* Returned from the accept BIO when an accept would have blocked */ -#define BIO_RR_ACCEPT 0x03 - -/* These are passed by the BIO callback */ -#define BIO_CB_FREE 0x01 -#define BIO_CB_READ 0x02 -#define BIO_CB_WRITE 0x03 -#define BIO_CB_PUTS 0x04 -#define BIO_CB_GETS 0x05 -#define BIO_CB_CTRL 0x06 - -/* - * The callback is called before and after the underling operation, - * the BIO_CB_RETURN flag indicates if it is after the call. - */ -#define BIO_CB_RETURN 0x80 -#define BIO_CB_return(a) ((a)|BIO_CB_RETURN)) -#define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN)) -#define BIO_cb_post(a) ((a)&BIO_CB_RETURN) - -typedef long (*BIO_callback_fn)(BIO *b, int oper, const char *argp, int argi, - long argl, long ret); -typedef long (*BIO_callback_fn_ex)(BIO *b, int oper, const char *argp, - size_t len, int argi, long argl, int ret, size_t *processed); - -BIO_callback_fn BIO_get_callback(const BIO *b); -void BIO_set_callback(BIO *b, BIO_callback_fn callback); - -BIO_callback_fn_ex BIO_get_callback_ex(const BIO *b); -void BIO_set_callback_ex(BIO *b, BIO_callback_fn_ex callback); - -char *BIO_get_callback_arg(const BIO *b); -void BIO_set_callback_arg(BIO *b, char *arg); - -const char *BIO_method_name(const BIO *b); -int BIO_method_type(const BIO *b); - -typedef int BIO_info_cb(BIO *, int, int); -/* Compatibility with OpenSSL's backward compatibility. */ -typedef BIO_info_cb bio_info_cb; - -typedef struct bio_method_st BIO_METHOD; - -DECLARE_STACK_OF(BIO) - -/* Prefix and suffix callback in ASN1 BIO */ -typedef int asn1_ps_func(BIO *b, unsigned char **pbuf, int *plen, void *parg); - -/* BIO_METHOD accessors */ -BIO_METHOD *BIO_meth_new(int type, const char *name); -void BIO_meth_free(BIO_METHOD *biom); -int (*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int); -int BIO_meth_set_write(BIO_METHOD *biom, - int (*write)(BIO *, const char *, int)); -int (*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int); -int BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int)); -int (*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *); -int BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *)); -int (*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int); -int BIO_meth_set_gets(BIO_METHOD *biom, int (*gets)(BIO *, char *, int)); -long (*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *); -int BIO_meth_set_ctrl(BIO_METHOD *biom, long (*ctrl)(BIO *, int, long, void *)); -int (*BIO_meth_get_create(const BIO_METHOD *biom))(BIO *); -int BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *)); -int (*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *); -int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *)); -long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *); -int BIO_meth_set_callback_ctrl(BIO_METHOD *biom, - long (*callback_ctrl)(BIO *, int, BIO_info_cb *)); - -/* connect BIO stuff */ -#define BIO_CONN_S_BEFORE 1 -#define BIO_CONN_S_GET_IP 2 -#define BIO_CONN_S_GET_PORT 3 -#define BIO_CONN_S_CREATE_SOCKET 4 -#define BIO_CONN_S_CONNECT 5 -#define BIO_CONN_S_OK 6 -#define BIO_CONN_S_BLOCKED_CONNECT 7 -#define BIO_CONN_S_NBIO 8 -/*#define BIO_CONN_get_param_hostname BIO_ctrl */ - -#define BIO_C_SET_CONNECT 100 -#define BIO_C_DO_STATE_MACHINE 101 -#define BIO_C_SET_NBIO 102 -#define BIO_C_SET_PROXY_PARAM 103 -#define BIO_C_SET_FD 104 -#define BIO_C_GET_FD 105 -#define BIO_C_SET_FILE_PTR 106 -#define BIO_C_GET_FILE_PTR 107 -#define BIO_C_SET_FILENAME 108 -#define BIO_C_SET_SSL 109 -#define BIO_C_GET_SSL 110 -#define BIO_C_SET_MD 111 -#define BIO_C_GET_MD 112 -#define BIO_C_GET_CIPHER_STATUS 113 -#define BIO_C_SET_BUF_MEM 114 -#define BIO_C_GET_BUF_MEM_PTR 115 -#define BIO_C_GET_BUFF_NUM_LINES 116 -#define BIO_C_SET_BUFF_SIZE 117 -#define BIO_C_SET_ACCEPT 118 -#define BIO_C_SSL_MODE 119 -#define BIO_C_GET_MD_CTX 120 -#define BIO_C_GET_PROXY_PARAM 121 -#define BIO_C_SET_BUFF_READ_DATA 122 /* data to read first */ -#define BIO_C_GET_CONNECT 123 -#define BIO_C_GET_ACCEPT 124 -#define BIO_C_SET_SSL_RENEGOTIATE_BYTES 125 -#define BIO_C_GET_SSL_NUM_RENEGOTIATES 126 -#define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT 127 -#define BIO_C_FILE_SEEK 128 -#define BIO_C_GET_CIPHER_CTX 129 -#define BIO_C_SET_BUF_MEM_EOF_RETURN 130/*return end of input value*/ -#define BIO_C_SET_BIND_MODE 131 -#define BIO_C_GET_BIND_MODE 132 -#define BIO_C_FILE_TELL 133 -#define BIO_C_GET_SOCKS 134 -#define BIO_C_SET_SOCKS 135 - -#define BIO_C_SET_WRITE_BUF_SIZE 136/* for BIO_s_bio */ -#define BIO_C_GET_WRITE_BUF_SIZE 137 -#define BIO_C_MAKE_BIO_PAIR 138 -#define BIO_C_DESTROY_BIO_PAIR 139 -#define BIO_C_GET_WRITE_GUARANTEE 140 -#define BIO_C_GET_READ_REQUEST 141 -#define BIO_C_SHUTDOWN_WR 142 -#define BIO_C_RESET_READ_REQUEST 147 -#define BIO_C_SET_MD_CTX 148 - -#define BIO_C_SET_EX_ARG 153 -#define BIO_C_GET_EX_ARG 154 - -#define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,arg) -#define BIO_get_app_data(s) BIO_get_ex_data(s,0) - -/* BIO_s_connect() and BIO_s_socks4a_connect() */ -#define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name) -#define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port) -#define BIO_set_conn_ip(b,ip) BIO_ctrl(b,BIO_C_SET_CONNECT,2,(char *)ip) -#define BIO_set_conn_int_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,3,(char *)port) -#define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0) -#define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1) -#define BIO_get_conn_ip(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2) -#define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3,0) - - -#define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) - -/* BIO_s_accept_socket() */ -#define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name) -#define BIO_get_accept_port(b) BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0) -/* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */ -#define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?(void *)"a":NULL) -#define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio) - -#define BIO_BIND_NORMAL 0 -#define BIO_BIND_REUSEADDR_IF_UNUSED 1 -#define BIO_BIND_REUSEADDR 2 -#define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL) -#define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL) - -#define BIO_do_connect(b) BIO_do_handshake(b) -#define BIO_do_accept(b) BIO_do_handshake(b) -#define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL) - -/* BIO_s_proxy_client() */ -#define BIO_set_url(b,url) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,0,(char *)(url)) -#define BIO_set_proxies(b,p) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,1,(char *)(p)) -/* BIO_set_nbio(b,n) */ -#define BIO_set_filter_bio(b,s) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,2,(char *)(s)) -/* BIO *BIO_get_filter_bio(BIO *bio); */ -#define BIO_set_proxy_cb(b,cb) BIO_callback_ctrl(b,BIO_C_SET_PROXY_PARAM,3,(void *(*cb)())) -#define BIO_set_proxy_header(b,sk) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,4,(char *)sk) -#define BIO_set_no_connect_return(b,bool) BIO_int_ctrl(b,BIO_C_SET_PROXY_PARAM,5,bool) - -#define BIO_get_proxy_header(b,skp) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,0,(char *)skp) -#define BIO_get_proxies(b,pxy_p) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,1,(char *)(pxy_p)) -#define BIO_get_url(b,url) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url)) -#define BIO_get_no_connect_return(b) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL) - -#define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd) -#define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c) - -#define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp) -#define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp) - -#define BIO_seek(b,ofs) (int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL) -#define BIO_tell(b) (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL) - -/* name is cast to lose const, but might be better to route through a function - so we can do it safely */ -#define BIO_read_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \ - BIO_CLOSE|BIO_FP_READ,(char *)name) -#define BIO_write_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \ - BIO_CLOSE|BIO_FP_WRITE,name) -#define BIO_append_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \ - BIO_CLOSE|BIO_FP_APPEND,name) -#define BIO_rw_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \ - BIO_CLOSE|BIO_FP_READ|BIO_FP_WRITE,name) - -/* WARNING WARNING, this ups the reference count on the read bio of the - * SSL structure. This is because the ssl read BIO is now pointed to by - * the next_bio field in the bio. So when you free the BIO, make sure - * you are doing a BIO_free_all() to catch the underlying BIO. */ -#define BIO_set_ssl(b,ssl,c) BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl) -#define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp) -#define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL) -#define BIO_set_ssl_renegotiate_bytes(b,num) \ - BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL) -#define BIO_get_num_renegotiates(b) \ - BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL) -#define BIO_set_ssl_renegotiate_timeout(b,seconds) \ - BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL) - -/* defined in evp.h */ -/* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */ - -#define BIO_get_mem_data(b,pp) BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp) -#define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)bm) -#define BIO_get_mem_ptr(b,pp) BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp) -#define BIO_set_mem_eof_return(b,v) \ - BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,NULL) - -/* For the BIO_f_buffer() type */ -#define BIO_get_buffer_num_lines(b) BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL) -#define BIO_set_buffer_size(b,size) BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL) -#define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0) -#define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1) -#define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf) - -/* Don't use the next one unless you know what you are doing :-) */ -#define BIO_dup_state(b,ret) BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)(ret)) - -#define BIO_reset(b) (int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL) -#define BIO_eof(b) (int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL) -#define BIO_set_close(b,c) (int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL) -#define BIO_get_close(b) (int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL) -#define BIO_pending(b) (int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL) -#define BIO_wpending(b) (int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL) -/* ...pending macros have inappropriate return type */ -size_t BIO_ctrl_pending(BIO *b); -size_t BIO_ctrl_wpending(BIO *b); -#define BIO_flush(b) (int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL) -#define BIO_get_info_callback(b,cbp) (int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0, \ - cbp) -#define BIO_set_info_callback(b,cb) (int)BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,cb) - -/* For the BIO_f_buffer() type */ -#define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL) - -/* For BIO_s_bio() */ -#define BIO_set_write_buf_size(b,size) (int)BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,NULL) -#define BIO_get_write_buf_size(b,size) (size_t)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL) -#define BIO_make_bio_pair(b1,b2) (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2) -#define BIO_destroy_bio_pair(b) (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL) -#define BIO_shutdown_wr(b) (int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL) -/* macros with inappropriate type -- but ...pending macros use int too: */ -#define BIO_get_write_guarantee(b) (int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL) -#define BIO_get_read_request(b) (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL) -size_t BIO_ctrl_get_write_guarantee(BIO *b); -size_t BIO_ctrl_get_read_request(BIO *b); -int BIO_ctrl_reset_read_request(BIO *b); - -/* ctrl macros for dgram */ -#define BIO_ctrl_dgram_connect(b,peer) \ - (int)BIO_ctrl(b,BIO_CTRL_DGRAM_CONNECT,0, (char *)peer) -#define BIO_ctrl_set_connected(b, state, peer) \ - (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_CONNECTED, state, (char *)peer) -#define BIO_dgram_recv_timedout(b) \ - (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP, 0, NULL) -#define BIO_dgram_send_timedout(b) \ - (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP, 0, NULL) -#define BIO_dgram_get_peer(b,peer) \ - (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char *)peer) -#define BIO_dgram_set_peer(b,peer) \ - (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char *)peer) - -/* These two aren't currently implemented */ -/* int BIO_get_ex_num(BIO *bio); */ -/* void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); */ -int BIO_set_ex_data(BIO *bio, int idx, void *data); -void *BIO_get_ex_data(BIO *bio, int idx); -int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -unsigned long BIO_number_read(BIO *bio); -unsigned long BIO_number_written(BIO *bio); - -int BIO_get_new_index(void); -const BIO_METHOD *BIO_s_file(void); -BIO *BIO_new_file(const char *filename, const char *mode); -BIO *BIO_new_fp(FILE *stream, int close_flag); -BIO *BIO_new(const BIO_METHOD *type); -int BIO_free(BIO *a); -int BIO_up_ref(BIO *bio); -void *BIO_get_data(BIO *a); -void BIO_set_data(BIO *a, void *ptr); -int BIO_get_init(BIO *a); -void BIO_set_init(BIO *a, int init); -int BIO_get_shutdown(BIO *a); -void BIO_set_shutdown(BIO *a, int shut); -void BIO_vfree(BIO *a); -int BIO_read(BIO *b, void *data, int len) - __attribute__((__bounded__(__buffer__,2,3))); -int BIO_gets(BIO *bp, char *buf, int size) - __attribute__((__bounded__ (__string__,2,3))); -int BIO_write(BIO *b, const void *data, int len) - __attribute__((__bounded__(__buffer__,2,3))); -int BIO_puts(BIO *bp, const char *buf); -int BIO_indent(BIO *b, int indent, int max); -long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg); -long BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp); -char * BIO_ptr_ctrl(BIO *bp, int cmd, long larg); -long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg); -BIO * BIO_push(BIO *b, BIO *append); -BIO * BIO_pop(BIO *b); -void BIO_free_all(BIO *a); -BIO * BIO_find_type(BIO *b, int bio_type); -BIO * BIO_next(BIO *b); -void BIO_set_next(BIO *b, BIO *next); -BIO * BIO_get_retry_BIO(BIO *bio, int *reason); -int BIO_get_retry_reason(BIO *bio); -void BIO_set_retry_reason(BIO *bio, int reason); -BIO * BIO_dup_chain(BIO *in); - -long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi, - long argl, long ret); - -const BIO_METHOD *BIO_s_mem(void); -BIO *BIO_new_mem_buf(const void *buf, int len); -const BIO_METHOD *BIO_s_socket(void); -const BIO_METHOD *BIO_s_connect(void); -const BIO_METHOD *BIO_s_accept(void); -const BIO_METHOD *BIO_s_fd(void); -const BIO_METHOD *BIO_s_log(void); -const BIO_METHOD *BIO_s_bio(void); -const BIO_METHOD *BIO_s_null(void); -const BIO_METHOD *BIO_f_null(void); -const BIO_METHOD *BIO_f_buffer(void); -const BIO_METHOD *BIO_f_nbio_test(void); -#ifndef OPENSSL_NO_DGRAM -const BIO_METHOD *BIO_s_datagram(void); -#endif - -/* BIO_METHOD *BIO_f_ber(void); */ - -int BIO_sock_should_retry(int i); -int BIO_sock_non_fatal_error(int _error); -int BIO_dgram_non_fatal_error(int _error); - -int BIO_fd_should_retry(int i); -int BIO_fd_non_fatal_error(int _error); - -int BIO_dump(BIO *b, const char *bytes, int len); -int BIO_dump_indent(BIO *b, const char *bytes, int len, int indent); - -struct hostent *BIO_gethostbyname(const char *name); -/* We might want a thread-safe interface too: - * struct hostent *BIO_gethostbyname_r(const char *name, - * struct hostent *result, void *buffer, size_t buflen); - * or something similar (caller allocates a struct hostent, - * pointed to by "result", and additional buffer space for the various - * substructures; if the buffer does not suffice, NULL is returned - * and an appropriate error code is set). - */ -int BIO_sock_error(int sock); -int BIO_socket_ioctl(int fd, long type, void *arg); -int BIO_socket_nbio(int fd, int mode); -int BIO_get_port(const char *str, unsigned short *port_ptr); -int BIO_get_host_ip(const char *str, unsigned char *ip); -int BIO_get_accept_socket(char *host_port, int mode); -int BIO_accept(int sock, char **ip_port); -int BIO_sock_init(void ); -void BIO_sock_cleanup(void); -int BIO_set_tcp_ndelay(int sock, int turn_on); - -BIO *BIO_new_socket(int sock, int close_flag); -BIO *BIO_new_dgram(int fd, int close_flag); -BIO *BIO_new_fd(int fd, int close_flag); -BIO *BIO_new_connect(const char *host_port); -BIO *BIO_new_accept(const char *host_port); - -int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, - BIO **bio2, size_t writebuf2); -/* If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints. - * Otherwise returns 0 and sets *bio1 and *bio2 to NULL. - * Size 0 uses default value. - */ - -void BIO_copy_next_retry(BIO *b); - -/*long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);*/ - -/* Needed for libressl-portable. */ -#ifndef __MINGW_PRINTF_FORMAT -int BIO_printf(BIO *bio, const char *format, ...) - __attribute__((__format__(__printf__, 2, 3), __nonnull__(2))); -#else -int BIO_printf(BIO *bio, const char *format, ...) - __attribute__((__format__(__MINGW_PRINTF_FORMAT, 2, 3), __nonnull__(2))); -#endif - -void ERR_load_BIO_strings(void); - -/* Error codes for the BIO functions. */ - -/* Function codes. */ -#define BIO_F_ACPT_STATE 100 -#define BIO_F_BIO_ACCEPT 101 -#define BIO_F_BIO_BER_GET_HEADER 102 -#define BIO_F_BIO_CALLBACK_CTRL 131 -#define BIO_F_BIO_CTRL 103 -#define BIO_F_BIO_GETHOSTBYNAME 120 -#define BIO_F_BIO_GETS 104 -#define BIO_F_BIO_GET_ACCEPT_SOCKET 105 -#define BIO_F_BIO_GET_HOST_IP 106 -#define BIO_F_BIO_GET_PORT 107 -#define BIO_F_BIO_MAKE_PAIR 121 -#define BIO_F_BIO_NEW 108 -#define BIO_F_BIO_NEW_FILE 109 -#define BIO_F_BIO_NEW_MEM_BUF 126 -#define BIO_F_BIO_NREAD 123 -#define BIO_F_BIO_NREAD0 124 -#define BIO_F_BIO_NWRITE 125 -#define BIO_F_BIO_NWRITE0 122 -#define BIO_F_BIO_PUTS 110 -#define BIO_F_BIO_READ 111 -#define BIO_F_BIO_SOCK_INIT 112 -#define BIO_F_BIO_WRITE 113 -#define BIO_F_BUFFER_CTRL 114 -#define BIO_F_CONN_CTRL 127 -#define BIO_F_CONN_STATE 115 -#define BIO_F_DGRAM_SCTP_READ 132 -#define BIO_F_FILE_CTRL 116 -#define BIO_F_FILE_READ 130 -#define BIO_F_LINEBUFFER_CTRL 129 -#define BIO_F_MEM_READ 128 -#define BIO_F_MEM_WRITE 117 -#define BIO_F_SSL_NEW 118 -#define BIO_F_WSASTARTUP 119 - -/* Reason codes. */ -#define BIO_R_ACCEPT_ERROR 100 -#define BIO_R_BAD_FOPEN_MODE 101 -#define BIO_R_BAD_HOSTNAME_LOOKUP 102 -#define BIO_R_BROKEN_PIPE 124 -#define BIO_R_CONNECT_ERROR 103 -#define BIO_R_EOF_ON_MEMORY_BIO 127 -#define BIO_R_ERROR_SETTING_NBIO 104 -#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET 105 -#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET 106 -#define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET 107 -#define BIO_R_INVALID_ARGUMENT 125 -#define BIO_R_INVALID_IP_ADDRESS 108 -#define BIO_R_INVALID_PORT_NUMBER 129 -#define BIO_R_IN_USE 123 -#define BIO_R_KEEPALIVE 109 -#define BIO_R_LENGTH_TOO_LONG 130 -#define BIO_R_NBIO_CONNECT_ERROR 110 -#define BIO_R_NO_ACCEPT_PORT_SPECIFIED 111 -#define BIO_R_NO_HOSTNAME_SPECIFIED 112 -#define BIO_R_NO_PORT_DEFINED 113 -#define BIO_R_NO_PORT_SPECIFIED 114 -#define BIO_R_NO_SUCH_FILE 128 -#define BIO_R_NULL_PARAMETER 115 -#define BIO_R_TAG_MISMATCH 116 -#define BIO_R_UNABLE_TO_BIND_SOCKET 117 -#define BIO_R_UNABLE_TO_CREATE_SOCKET 118 -#define BIO_R_UNABLE_TO_LISTEN_SOCKET 119 -#define BIO_R_UNINITIALIZED 120 -#define BIO_R_UNSUPPORTED_METHOD 121 -#define BIO_R_WRITE_TO_READ_ONLY_BIO 126 -#define BIO_R_WSASTARTUP 122 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/bio/bio_cb.c b/src/lib/libcrypto/bio/bio_cb.c deleted file mode 100644 index 18e9be8d68..0000000000 --- a/src/lib/libcrypto/bio/bio_cb.c +++ /dev/null @@ -1,156 +0,0 @@ -/* $OpenBSD: bio_cb.c,v 1.19 2023/07/05 21:23:37 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include -#include - -#include "bio_local.h" - -long -BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi, long argl, - long ret) -{ - BIO *b; - char buf[256]; - char *p; - int nbuf; - long r = 1; - size_t p_maxlen; - - if (BIO_CB_RETURN & cmd) - r = ret; - - nbuf = snprintf(buf, sizeof(buf), "BIO[%p]: ", bio); - if (nbuf < 0) - nbuf = 0; /* Ignore error; continue printing. */ - if (nbuf >= sizeof(buf)) - goto out; - - p = buf + nbuf; - p_maxlen = sizeof(buf) - nbuf; - - switch (cmd) { - case BIO_CB_FREE: - snprintf(p, p_maxlen, "Free - %s\n", bio->method->name); - break; - case BIO_CB_READ: - if (bio->method->type & BIO_TYPE_DESCRIPTOR) - snprintf(p, p_maxlen, - "read(%d,%lu) - %s fd=%d\n", - bio->num, (unsigned long)argi, - bio->method->name, bio->num); - else - snprintf(p, p_maxlen, "read(%d,%lu) - %s\n", - bio->num, (unsigned long)argi, bio->method->name); - break; - case BIO_CB_WRITE: - if (bio->method->type & BIO_TYPE_DESCRIPTOR) - snprintf(p, p_maxlen, - "write(%d,%lu) - %s fd=%d\n", - bio->num, (unsigned long)argi, - bio->method->name, bio->num); - else - snprintf(p, p_maxlen, "write(%d,%lu) - %s\n", - bio->num, (unsigned long)argi, bio->method->name); - break; - case BIO_CB_PUTS: - snprintf(p, p_maxlen, - "puts() - %s\n", bio->method->name); - break; - case BIO_CB_GETS: - snprintf(p, p_maxlen, "gets(%lu) - %s\n", - (unsigned long)argi, bio->method->name); - break; - case BIO_CB_CTRL: - snprintf(p, p_maxlen, "ctrl(%lu) - %s\n", - (unsigned long)argi, bio->method->name); - break; - case BIO_CB_RETURN|BIO_CB_READ: - snprintf(p, p_maxlen, "read return %ld\n", ret); - break; - case BIO_CB_RETURN|BIO_CB_WRITE: - snprintf(p, p_maxlen, "write return %ld\n", ret); - break; - case BIO_CB_RETURN|BIO_CB_GETS: - snprintf(p, p_maxlen, "gets return %ld\n", ret); - break; - case BIO_CB_RETURN|BIO_CB_PUTS: - snprintf(p, p_maxlen, "puts return %ld\n", ret); - break; - case BIO_CB_RETURN|BIO_CB_CTRL: - snprintf(p, p_maxlen, "ctrl return %ld\n", ret); - break; - default: - snprintf(p, p_maxlen, - "bio callback - unknown type (%d)\n", cmd); - break; - } - - out: - b = (BIO *)bio->cb_arg; - if (b != NULL) - BIO_write(b, buf, strlen(buf)); - else - fputs(buf, stderr); - return (r); -} -LCRYPTO_ALIAS(BIO_debug_callback); diff --git a/src/lib/libcrypto/bio/bio_err.c b/src/lib/libcrypto/bio/bio_err.c deleted file mode 100644 index 4541adb240..0000000000 --- a/src/lib/libcrypto/bio/bio_err.c +++ /dev/null @@ -1,122 +0,0 @@ -/* $OpenBSD: bio_err.c,v 1.21 2024/06/24 06:43:22 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include - -#include "err_local.h" - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_BIO,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_BIO,0,reason) - -static const ERR_STRING_DATA BIO_str_functs[] = { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static const ERR_STRING_DATA BIO_str_reasons[] = { - {ERR_REASON(BIO_R_ACCEPT_ERROR) , "accept error"}, - {ERR_REASON(BIO_R_BAD_FOPEN_MODE) , "bad fopen mode"}, - {ERR_REASON(BIO_R_BAD_HOSTNAME_LOOKUP) , "bad hostname lookup"}, - {ERR_REASON(BIO_R_BROKEN_PIPE) , "broken pipe"}, - {ERR_REASON(BIO_R_CONNECT_ERROR) , "connect error"}, - {ERR_REASON(BIO_R_EOF_ON_MEMORY_BIO) , "EOF on memory BIO"}, - {ERR_REASON(BIO_R_ERROR_SETTING_NBIO) , "error setting nbio"}, - {ERR_REASON(BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET), "error setting nbio on accepted socket"}, - {ERR_REASON(BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET), "error setting nbio on accept socket"}, - {ERR_REASON(BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET), "gethostbyname addr is not af inet"}, - {ERR_REASON(BIO_R_INVALID_ARGUMENT) , "invalid argument"}, - {ERR_REASON(BIO_R_INVALID_IP_ADDRESS) , "invalid ip address"}, - {ERR_REASON(BIO_R_INVALID_PORT_NUMBER) , "invalid port number"}, - {ERR_REASON(BIO_R_IN_USE) , "in use"}, - {ERR_REASON(BIO_R_KEEPALIVE) , "keepalive"}, - {ERR_REASON(BIO_R_LENGTH_TOO_LONG) , "too long"}, - {ERR_REASON(BIO_R_NBIO_CONNECT_ERROR) , "nbio connect error"}, - {ERR_REASON(BIO_R_NO_ACCEPT_PORT_SPECIFIED), "no accept port specified"}, - {ERR_REASON(BIO_R_NO_HOSTNAME_SPECIFIED) , "no hostname specified"}, - {ERR_REASON(BIO_R_NO_PORT_DEFINED) , "no port defined"}, - {ERR_REASON(BIO_R_NO_PORT_SPECIFIED) , "no port specified"}, - {ERR_REASON(BIO_R_NO_SUCH_FILE) , "no such file"}, - {ERR_REASON(BIO_R_NULL_PARAMETER) , "null parameter"}, - {ERR_REASON(BIO_R_TAG_MISMATCH) , "tag mismatch"}, - {ERR_REASON(BIO_R_UNABLE_TO_BIND_SOCKET) , "unable to bind socket"}, - {ERR_REASON(BIO_R_UNABLE_TO_CREATE_SOCKET), "unable to create socket"}, - {ERR_REASON(BIO_R_UNABLE_TO_LISTEN_SOCKET), "unable to listen socket"}, - {ERR_REASON(BIO_R_UNINITIALIZED) , "uninitialized"}, - {ERR_REASON(BIO_R_UNSUPPORTED_METHOD) , "unsupported method"}, - {ERR_REASON(BIO_R_WRITE_TO_READ_ONLY_BIO), "write to read only BIO"}, - {ERR_REASON(BIO_R_WSASTARTUP) , "WSAStartup"}, - {0, NULL} -}; - -#endif - -void -ERR_load_BIO_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(BIO_str_functs[0].error) == NULL) { - ERR_load_const_strings(BIO_str_functs); - ERR_load_const_strings(BIO_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_BIO_strings); diff --git a/src/lib/libcrypto/bio/bio_lib.c b/src/lib/libcrypto/bio/bio_lib.c deleted file mode 100644 index 463d2ad23a..0000000000 --- a/src/lib/libcrypto/bio/bio_lib.c +++ /dev/null @@ -1,886 +0,0 @@ -/* $OpenBSD: bio_lib.c,v 1.54 2024/07/09 06:14:59 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include -#include -#include -#include - -#include "bio_local.h" - -/* - * Helper function to work out whether to call the new style callback or the old - * one, and translate between the two. - * - * This has a long return type for consistency with the old callback. Similarly - * for the "long" used for "inret" - */ -static long -bio_call_callback(BIO *b, int oper, const char *argp, size_t len, int argi, - long argl, long inret, size_t *processed) -{ - long ret; - int bareoper; - - if (b->callback_ex != NULL) - return b->callback_ex(b, oper, argp, len, argi, argl, inret, - processed); - - /* - * We have an old style callback, so we will have to do nasty casts and - * check for overflows. - */ - - bareoper = oper & ~BIO_CB_RETURN; - - if (bareoper == BIO_CB_READ || bareoper == BIO_CB_WRITE || - bareoper == BIO_CB_GETS) { - /* In this case len is set and should be used instead of argi. */ - if (len > INT_MAX) - return -1; - argi = (int)len; - } - - if (inret > 0 && (oper & BIO_CB_RETURN) && bareoper != BIO_CB_CTRL) { - if (*processed > INT_MAX) - return -1; - inret = *processed; - } - - ret = b->callback(b, oper, argp, argi, argl, inret); - - if (ret > 0 && (oper & BIO_CB_RETURN) && bareoper != BIO_CB_CTRL) { - *processed = (size_t)ret; - ret = 1; - } - - return ret; -} - -int -BIO_get_new_index(void) -{ - static int bio_type_index = BIO_TYPE_START; - int index; - - /* The index will collide with the BIO flag bits if it exceeds 255. */ - index = CRYPTO_add(&bio_type_index, 1, CRYPTO_LOCK_BIO); - if (index > 255) - return -1; - - return index; -} -LCRYPTO_ALIAS(BIO_get_new_index); - -BIO * -BIO_new(const BIO_METHOD *method) -{ - BIO *bio = NULL; - - if ((bio = calloc(1, sizeof(BIO))) == NULL) { - BIOerror(ERR_R_MALLOC_FAILURE); - return NULL; - } - - bio->method = method; - bio->shutdown = 1; - bio->references = 1; - - CRYPTO_new_ex_data(CRYPTO_EX_INDEX_BIO, bio, &bio->ex_data); - - if (method->create != NULL) { - if (!method->create(bio)) { - CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, bio, - &bio->ex_data); - free(bio); - return NULL; - } - } - - return bio; -} -LCRYPTO_ALIAS(BIO_new); - -int -BIO_free(BIO *bio) -{ - int ret; - - if (bio == NULL) - return 0; - - if (CRYPTO_add(&bio->references, -1, CRYPTO_LOCK_BIO) > 0) - return 1; - - if (bio->callback != NULL || bio->callback_ex != NULL) { - if ((ret = (int)bio_call_callback(bio, BIO_CB_FREE, NULL, 0, 0, - 0L, 1L, NULL)) <= 0) - return ret; - } - - CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, bio, &bio->ex_data); - - if (bio->method != NULL && bio->method->destroy != NULL) - bio->method->destroy(bio); - - free(bio); - - return 1; -} -LCRYPTO_ALIAS(BIO_free); - -void -BIO_vfree(BIO *bio) -{ - BIO_free(bio); -} -LCRYPTO_ALIAS(BIO_vfree); - -int -BIO_up_ref(BIO *bio) -{ - return CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO) > 1; -} -LCRYPTO_ALIAS(BIO_up_ref); - -void * -BIO_get_data(BIO *bio) -{ - return bio->ptr; -} -LCRYPTO_ALIAS(BIO_get_data); - -void -BIO_set_data(BIO *bio, void *ptr) -{ - bio->ptr = ptr; -} -LCRYPTO_ALIAS(BIO_set_data); - -int -BIO_get_init(BIO *bio) -{ - return bio->init; -} -LCRYPTO_ALIAS(BIO_get_init); - -void -BIO_set_init(BIO *bio, int init) -{ - bio->init = init; -} -LCRYPTO_ALIAS(BIO_set_init); - -int -BIO_get_shutdown(BIO *bio) -{ - return bio->shutdown; -} -LCRYPTO_ALIAS(BIO_get_shutdown); - -void -BIO_set_shutdown(BIO *bio, int shut) -{ - bio->shutdown = shut; -} -LCRYPTO_ALIAS(BIO_set_shutdown); - -void -BIO_clear_flags(BIO *bio, int flags) -{ - bio->flags &= ~flags; -} -LCRYPTO_ALIAS(BIO_clear_flags); - -int -BIO_test_flags(const BIO *bio, int flags) -{ - return (bio->flags & flags); -} -LCRYPTO_ALIAS(BIO_test_flags); - -void -BIO_set_flags(BIO *bio, int flags) -{ - bio->flags |= flags; -} -LCRYPTO_ALIAS(BIO_set_flags); - -BIO_callback_fn -BIO_get_callback(const BIO *bio) -{ - return bio->callback; -} -LCRYPTO_ALIAS(BIO_get_callback); - -void -BIO_set_callback(BIO *bio, BIO_callback_fn cb) -{ - bio->callback = cb; -} -LCRYPTO_ALIAS(BIO_set_callback); - -BIO_callback_fn_ex -BIO_get_callback_ex(const BIO *bio) -{ - return bio->callback_ex; -} -LCRYPTO_ALIAS(BIO_get_callback_ex); - -void -BIO_set_callback_ex(BIO *bio, BIO_callback_fn_ex cb) -{ - bio->callback_ex = cb; -} -LCRYPTO_ALIAS(BIO_set_callback_ex); - -void -BIO_set_callback_arg(BIO *bio, char *arg) -{ - bio->cb_arg = arg; -} -LCRYPTO_ALIAS(BIO_set_callback_arg); - -char * -BIO_get_callback_arg(const BIO *bio) -{ - return bio->cb_arg; -} -LCRYPTO_ALIAS(BIO_get_callback_arg); - -const char * -BIO_method_name(const BIO *bio) -{ - return bio->method->name; -} -LCRYPTO_ALIAS(BIO_method_name); - -int -BIO_method_type(const BIO *bio) -{ - return bio->method->type; -} -LCRYPTO_ALIAS(BIO_method_type); - -int -BIO_read(BIO *b, void *out, int outl) -{ - size_t readbytes = 0; - int ret; - - if (b == NULL) { - BIOerror(ERR_R_PASSED_NULL_PARAMETER); - return (-1); - } - - if (outl <= 0) - return (0); - - if (out == NULL) { - BIOerror(ERR_R_PASSED_NULL_PARAMETER); - return (-1); - } - - if (b->method == NULL || b->method->bread == NULL) { - BIOerror(BIO_R_UNSUPPORTED_METHOD); - return (-2); - } - - if (b->callback != NULL || b->callback_ex != NULL) { - if ((ret = (int)bio_call_callback(b, BIO_CB_READ, out, outl, 0, - 0L, 1L, NULL)) <= 0) - return (ret); - } - - if (!b->init) { - BIOerror(BIO_R_UNINITIALIZED); - return (-2); - } - - if ((ret = b->method->bread(b, out, outl)) > 0) - readbytes = (size_t)ret; - - b->num_read += readbytes; - - if (b->callback != NULL || b->callback_ex != NULL) { - ret = (int)bio_call_callback(b, BIO_CB_READ | BIO_CB_RETURN, - out, outl, 0, 0L, (ret > 0) ? 1 : ret, &readbytes); - } - - if (ret > 0) { - if (readbytes > INT_MAX) { - BIOerror(BIO_R_LENGTH_TOO_LONG); - ret = -1; - } else { - ret = (int)readbytes; - } - } - - return (ret); -} -LCRYPTO_ALIAS(BIO_read); - -int -BIO_write(BIO *b, const void *in, int inl) -{ - size_t writebytes = 0; - int ret; - - /* Not an error. Things like SMIME_text() assume that this succeeds. */ - if (b == NULL) - return (0); - - if (inl <= 0) - return (0); - - if (in == NULL) { - BIOerror(ERR_R_PASSED_NULL_PARAMETER); - return (-1); - } - - if (b->method == NULL || b->method->bwrite == NULL) { - BIOerror(BIO_R_UNSUPPORTED_METHOD); - return (-2); - } - - if (b->callback != NULL || b->callback_ex != NULL) { - if ((ret = (int)bio_call_callback(b, BIO_CB_WRITE, in, inl, 0, - 0L, 1L, NULL)) <= 0) - return (ret); - } - - if (!b->init) { - BIOerror(BIO_R_UNINITIALIZED); - return (-2); - } - - if ((ret = b->method->bwrite(b, in, inl)) > 0) - writebytes = ret; - - b->num_write += writebytes; - - if (b->callback != NULL || b->callback_ex != NULL) { - ret = (int)bio_call_callback(b, BIO_CB_WRITE | BIO_CB_RETURN, - in, inl, 0, 0L, (ret > 0) ? 1 : ret, &writebytes); - } - - if (ret > 0) { - if (writebytes > INT_MAX) { - BIOerror(BIO_R_LENGTH_TOO_LONG); - ret = -1; - } else { - ret = (int)writebytes; - } - } - - return (ret); -} -LCRYPTO_ALIAS(BIO_write); - -int -BIO_puts(BIO *b, const char *in) -{ - size_t writebytes = 0; - int ret; - - if (b == NULL || b->method == NULL || b->method->bputs == NULL) { - BIOerror(BIO_R_UNSUPPORTED_METHOD); - return (-2); - } - - if (b->callback != NULL || b->callback_ex != NULL) { - if ((ret = (int)bio_call_callback(b, BIO_CB_PUTS, in, 0, 0, 0L, - 1L, NULL)) <= 0) - return (ret); - } - - if (!b->init) { - BIOerror(BIO_R_UNINITIALIZED); - return (-2); - } - - if ((ret = b->method->bputs(b, in)) > 0) - writebytes = ret; - - b->num_write += writebytes; - - if (b->callback != NULL || b->callback_ex != NULL) { - ret = (int)bio_call_callback(b, BIO_CB_PUTS | BIO_CB_RETURN, - in, 0, 0, 0L, (ret > 0) ? 1 : ret, &writebytes); - } - - if (ret > 0) { - if (writebytes > INT_MAX) { - BIOerror(BIO_R_LENGTH_TOO_LONG); - ret = -1; - } else { - ret = (int)writebytes; - } - } - - return (ret); -} -LCRYPTO_ALIAS(BIO_puts); - -int -BIO_gets(BIO *b, char *in, int inl) -{ - size_t readbytes = 0; - int ret; - - if (b == NULL || b->method == NULL || b->method->bgets == NULL) { - BIOerror(BIO_R_UNSUPPORTED_METHOD); - return (-2); - } - - if (b->callback != NULL || b->callback_ex != NULL) { - if ((ret = (int)bio_call_callback(b, BIO_CB_GETS, in, inl, 0, 0L, - 1, NULL)) <= 0) - return (ret); - } - - if (!b->init) { - BIOerror(BIO_R_UNINITIALIZED); - return (-2); - } - - if ((ret = b->method->bgets(b, in, inl)) > 0) - readbytes = ret; - - if (b->callback != NULL || b->callback_ex != NULL) { - ret = (int)bio_call_callback(b, BIO_CB_GETS | BIO_CB_RETURN, in, - inl, 0, 0L, (ret > 0) ? 1 : ret, &readbytes); - } - - if (ret > 0) { - if (readbytes > INT_MAX) { - BIOerror(BIO_R_LENGTH_TOO_LONG); - ret = -1; - } else { - ret = (int)readbytes; - } - } - - return (ret); -} -LCRYPTO_ALIAS(BIO_gets); - -int -BIO_indent(BIO *bio, int indent, int max) -{ - if (indent > max) - indent = max; - if (indent <= 0) - return 1; - if (BIO_printf(bio, "%*s", indent, "") <= 0) - return 0; - return 1; -} -LCRYPTO_ALIAS(BIO_indent); - -long -BIO_int_ctrl(BIO *bio, int cmd, long larg, int iarg) -{ - int i; - - i = iarg; - return BIO_ctrl(bio, cmd, larg, (char *)&i); -} -LCRYPTO_ALIAS(BIO_int_ctrl); - -char * -BIO_ptr_ctrl(BIO *bio, int cmd, long larg) -{ - char *p = NULL; - - if (BIO_ctrl(bio, cmd, larg, (char *)&p) <= 0) - return NULL; - else - return p; -} -LCRYPTO_ALIAS(BIO_ptr_ctrl); - -long -BIO_ctrl(BIO *b, int cmd, long larg, void *parg) -{ - long ret; - - if (b == NULL) - return (0); - - if (b->method == NULL || b->method->ctrl == NULL) { - BIOerror(BIO_R_UNSUPPORTED_METHOD); - return (-2); - } - - if (b->callback != NULL || b->callback_ex != NULL) { - if ((ret = bio_call_callback(b, BIO_CB_CTRL, parg, 0, cmd, larg, - 1L, NULL)) <= 0) - return (ret); - } - - ret = b->method->ctrl(b, cmd, larg, parg); - - if (b->callback != NULL || b->callback_ex != NULL) { - ret = bio_call_callback(b, BIO_CB_CTRL | BIO_CB_RETURN, parg, 0, - cmd, larg, ret, NULL); - } - - return (ret); -} -LCRYPTO_ALIAS(BIO_ctrl); - -long -BIO_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp) -{ - long ret; - - if (b == NULL) - return (0); - - if (b->method == NULL || b->method->callback_ctrl == NULL || - cmd != BIO_CTRL_SET_CALLBACK) { - BIOerror(BIO_R_UNSUPPORTED_METHOD); - return (-2); - } - - if (b->callback != NULL || b->callback_ex != NULL) { - if ((ret = bio_call_callback(b, BIO_CB_CTRL, (void *)&fp, 0, - cmd, 0, 1L, NULL)) <= 0) - return (ret); - } - - ret = b->method->callback_ctrl(b, cmd, fp); - - if (b->callback != NULL || b->callback_ex != NULL) { - ret = bio_call_callback(b, BIO_CB_CTRL | BIO_CB_RETURN, - (void *)&fp, 0, cmd, 0, ret, NULL); - } - - return (ret); -} -LCRYPTO_ALIAS(BIO_callback_ctrl); - -/* It is unfortunate to duplicate in functions what the BIO_(w)pending macros - * do; but those macros have inappropriate return type, and for interfacing - * from other programming languages, C macros aren't much of a help anyway. */ -size_t -BIO_ctrl_pending(BIO *bio) -{ - return BIO_ctrl(bio, BIO_CTRL_PENDING, 0, NULL); -} -LCRYPTO_ALIAS(BIO_ctrl_pending); - -size_t -BIO_ctrl_wpending(BIO *bio) -{ - return BIO_ctrl(bio, BIO_CTRL_WPENDING, 0, NULL); -} -LCRYPTO_ALIAS(BIO_ctrl_wpending); - - -/* - * Append "bio" to the end of the chain containing "b": - * Two chains "b -> lb" and "oldhead -> bio" - * become two chains "b -> lb -> bio" and "oldhead". - */ -BIO * -BIO_push(BIO *b, BIO *bio) -{ - BIO *lb; - - if (b == NULL) - return (bio); - lb = b; - while (lb->next_bio != NULL) - lb = lb->next_bio; - lb->next_bio = bio; - if (bio != NULL) { - if (bio->prev_bio != NULL) - bio->prev_bio->next_bio = NULL; - bio->prev_bio = lb; - } - /* called to do internal processing */ - BIO_ctrl(b, BIO_CTRL_PUSH, 0, lb); - return (b); -} -LCRYPTO_ALIAS(BIO_push); - -/* Remove the first and return the rest */ -BIO * -BIO_pop(BIO *b) -{ - BIO *ret; - - if (b == NULL) - return (NULL); - ret = b->next_bio; - - BIO_ctrl(b, BIO_CTRL_POP, 0, b); - - if (b->prev_bio != NULL) - b->prev_bio->next_bio = b->next_bio; - if (b->next_bio != NULL) - b->next_bio->prev_bio = b->prev_bio; - - b->next_bio = NULL; - b->prev_bio = NULL; - return (ret); -} -LCRYPTO_ALIAS(BIO_pop); - -BIO * -BIO_get_retry_BIO(BIO *bio, int *reason) -{ - BIO *b, *last; - - b = last = bio; - for (;;) { - if (!BIO_should_retry(b)) - break; - last = b; - b = b->next_bio; - if (b == NULL) - break; - } - if (reason != NULL) - *reason = last->retry_reason; - return (last); -} -LCRYPTO_ALIAS(BIO_get_retry_BIO); - -int -BIO_get_retry_reason(BIO *bio) -{ - return bio->retry_reason; -} -LCRYPTO_ALIAS(BIO_get_retry_reason); - -void -BIO_set_retry_reason(BIO *bio, int reason) -{ - bio->retry_reason = reason; -} -LCRYPTO_ALIAS(BIO_set_retry_reason); - -BIO * -BIO_find_type(BIO *bio, int type) -{ - int mt, mask; - - if (!bio) - return NULL; - mask = type & 0xff; - do { - if (bio->method != NULL) { - mt = bio->method->type; - if (!mask) { - if (mt & type) - return (bio); - } else if (mt == type) - return (bio); - } - bio = bio->next_bio; - } while (bio != NULL); - return (NULL); -} -LCRYPTO_ALIAS(BIO_find_type); - -BIO * -BIO_next(BIO *b) -{ - if (!b) - return NULL; - return b->next_bio; -} -LCRYPTO_ALIAS(BIO_next); - -/* - * Two chains "bio -> oldtail" and "oldhead -> next" become - * three chains "oldtail", "bio -> next", and "oldhead". - */ -void -BIO_set_next(BIO *bio, BIO *next) -{ - /* Cut off the tail of the chain containing bio after bio. */ - if (bio->next_bio != NULL) - bio->next_bio->prev_bio = NULL; - - /* Cut off the head of the chain containing next before next. */ - if (next != NULL && next->prev_bio != NULL) - next->prev_bio->next_bio = NULL; - - /* Append the chain starting at next to the chain ending at bio. */ - bio->next_bio = next; - if (next != NULL) - next->prev_bio = bio; -} -LCRYPTO_ALIAS(BIO_set_next); - -void -BIO_free_all(BIO *bio) -{ - BIO *b; - int ref; - - while (bio != NULL) { - b = bio; - ref = b->references; - bio = bio->next_bio; - BIO_free(b); - /* Since ref count > 1, don't free anyone else. */ - if (ref > 1) - break; - } -} -LCRYPTO_ALIAS(BIO_free_all); - -BIO * -BIO_dup_chain(BIO *in) -{ - BIO *new_chain = NULL, *new_bio = NULL, *tail = NULL; - BIO *bio; - - for (bio = in; bio != NULL; bio = bio->next_bio) { - if ((new_bio = BIO_new(bio->method)) == NULL) - goto err; - new_bio->callback = bio->callback; - new_bio->callback_ex = bio->callback_ex; - new_bio->cb_arg = bio->cb_arg; - new_bio->init = bio->init; - new_bio->shutdown = bio->shutdown; - new_bio->flags = bio->flags; - new_bio->num = bio->num; - - if (!BIO_dup_state(bio, new_bio)) - goto err; - - if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_BIO, - &new_bio->ex_data, &bio->ex_data)) - goto err; - - if (BIO_push(tail, new_bio) == NULL) - goto err; - - tail = new_bio; - if (new_chain == NULL) - new_chain = new_bio; - } - - return new_chain; - - err: - BIO_free(new_bio); - BIO_free_all(new_chain); - - return NULL; -} -LCRYPTO_ALIAS(BIO_dup_chain); - -void -BIO_copy_next_retry(BIO *b) -{ - BIO_set_flags(b, BIO_get_retry_flags(b->next_bio)); - b->retry_reason = b->next_bio->retry_reason; -} -LCRYPTO_ALIAS(BIO_copy_next_retry); - -int -BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) -{ - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_BIO, argl, argp, - new_func, dup_func, free_func); -} -LCRYPTO_ALIAS(BIO_get_ex_new_index); - -int -BIO_set_ex_data(BIO *bio, int idx, void *data) -{ - return (CRYPTO_set_ex_data(&(bio->ex_data), idx, data)); -} -LCRYPTO_ALIAS(BIO_set_ex_data); - -void * -BIO_get_ex_data(BIO *bio, int idx) -{ - return (CRYPTO_get_ex_data(&(bio->ex_data), idx)); -} -LCRYPTO_ALIAS(BIO_get_ex_data); - -unsigned long -BIO_number_read(BIO *bio) -{ - if (bio) - return bio->num_read; - return 0; -} -LCRYPTO_ALIAS(BIO_number_read); - -unsigned long -BIO_number_written(BIO *bio) -{ - if (bio) - return bio->num_write; - return 0; -} -LCRYPTO_ALIAS(BIO_number_written); diff --git a/src/lib/libcrypto/bio/bio_local.h b/src/lib/libcrypto/bio/bio_local.h deleted file mode 100644 index f59b5756c9..0000000000 --- a/src/lib/libcrypto/bio/bio_local.h +++ /dev/null @@ -1,127 +0,0 @@ -/* $OpenBSD: bio_local.h,v 1.6 2024/03/02 09:18:28 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_BIO_LOCAL_H -#define HEADER_BIO_LOCAL_H - -#include - -__BEGIN_HIDDEN_DECLS - -struct bio_method_st { - int type; - const char *name; - int (*bwrite)(BIO *, const char *, int); - int (*bread)(BIO *, char *, int); - int (*bputs)(BIO *, const char *); - int (*bgets)(BIO *, char *, int); - long (*ctrl)(BIO *, int, long, void *); - int (*create)(BIO *); - int (*destroy)(BIO *); - long (*callback_ctrl)(BIO *, int, BIO_info_cb *); -} /* BIO_METHOD */; - -struct bio_st { - const BIO_METHOD *method; - BIO_callback_fn callback; - BIO_callback_fn_ex callback_ex; - char *cb_arg; /* first argument for the callback */ - - int init; - int shutdown; - int flags; /* extra storage */ - int retry_reason; - int num; - void *ptr; - struct bio_st *next_bio; /* used by filter BIOs */ - struct bio_st *prev_bio; /* used by filter BIOs */ - int references; - unsigned long num_read; - unsigned long num_write; - - CRYPTO_EX_DATA ex_data; -} /* BIO */; - -typedef struct bio_f_buffer_ctx_struct { - /* Buffers are setup like this: - * - * <---------------------- size -----------------------> - * +---------------------------------------------------+ - * | consumed | remaining | free space | - * +---------------------------------------------------+ - * <-- off --><------- len -------> - */ - - /* BIO *bio; */ /* this is now in the BIO struct */ - int ibuf_size; /* how big is the input buffer */ - int obuf_size; /* how big is the output buffer */ - - char *ibuf; /* the char array */ - int ibuf_len; /* how many bytes are in it */ - int ibuf_off; /* write/read offset */ - - char *obuf; /* the char array */ - int obuf_len; /* how many bytes are in it */ - int obuf_off; /* write/read offset */ -} BIO_F_BUFFER_CTX; - -int BIO_vprintf(BIO *bio, const char *format, va_list args); - -__END_HIDDEN_DECLS - -#endif /* !HEADER_BIO_LOCAL_H */ diff --git a/src/lib/libcrypto/bio/bio_meth.c b/src/lib/libcrypto/bio/bio_meth.c deleted file mode 100644 index 37f866a0c4..0000000000 --- a/src/lib/libcrypto/bio/bio_meth.c +++ /dev/null @@ -1,165 +0,0 @@ -/* $OpenBSD: bio_meth.c,v 1.9 2023/07/05 21:23:37 beck Exp $ */ -/* - * Copyright (c) 2018 Theo Buehler - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include - -#include "bio_local.h" - -BIO_METHOD * -BIO_meth_new(int type, const char *name) -{ - BIO_METHOD *biom; - - if ((biom = calloc(1, sizeof(*biom))) == NULL) - return NULL; - - biom->type = type; - biom->name = name; - - return biom; -} -LCRYPTO_ALIAS(BIO_meth_new); - -void -BIO_meth_free(BIO_METHOD *biom) -{ - free(biom); -} -LCRYPTO_ALIAS(BIO_meth_free); - -int -(*BIO_meth_get_write(const BIO_METHOD *biom))(BIO *, const char *, int) -{ - return biom->bwrite; -} -LCRYPTO_ALIAS(BIO_meth_get_write); - -int -BIO_meth_set_write(BIO_METHOD *biom, int (*write)(BIO *, const char *, int)) -{ - biom->bwrite = write; - return 1; -} -LCRYPTO_ALIAS(BIO_meth_set_write); - -int -(*BIO_meth_get_read(const BIO_METHOD *biom))(BIO *, char *, int) -{ - return biom->bread; -} -LCRYPTO_ALIAS(BIO_meth_get_read); - -int -BIO_meth_set_read(BIO_METHOD *biom, int (*read)(BIO *, char *, int)) -{ - biom->bread = read; - return 1; -} -LCRYPTO_ALIAS(BIO_meth_set_read); - -int -(*BIO_meth_get_puts(const BIO_METHOD *biom))(BIO *, const char *) -{ - return biom->bputs; -} -LCRYPTO_ALIAS(BIO_meth_get_puts); - -int -BIO_meth_set_puts(BIO_METHOD *biom, int (*puts)(BIO *, const char *)) -{ - biom->bputs = puts; - return 1; -} -LCRYPTO_ALIAS(BIO_meth_set_puts); - -int -(*BIO_meth_get_gets(const BIO_METHOD *biom))(BIO *, char *, int) -{ - return biom->bgets; -} -LCRYPTO_ALIAS(BIO_meth_get_gets); - -int -BIO_meth_set_gets(BIO_METHOD *biom, int (*gets)(BIO *, char *, int)) -{ - biom->bgets = gets; - return 1; -} -LCRYPTO_ALIAS(BIO_meth_set_gets); - -long -(*BIO_meth_get_ctrl(const BIO_METHOD *biom))(BIO *, int, long, void *) -{ - return biom->ctrl; -} -LCRYPTO_ALIAS(BIO_meth_get_ctrl); - -int -BIO_meth_set_ctrl(BIO_METHOD *biom, long (*ctrl)(BIO *, int, long, void *)) -{ - biom->ctrl = ctrl; - return 1; -} -LCRYPTO_ALIAS(BIO_meth_set_ctrl); - -int -(*BIO_meth_get_create(const BIO_METHOD *biom))(BIO *) -{ - return biom->create; -} -LCRYPTO_ALIAS(BIO_meth_get_create); - -int -BIO_meth_set_create(BIO_METHOD *biom, int (*create)(BIO *)) -{ - biom->create = create; - return 1; -} -LCRYPTO_ALIAS(BIO_meth_set_create); - -int -(*BIO_meth_get_destroy(const BIO_METHOD *biom))(BIO *) -{ - return biom->destroy; -} -LCRYPTO_ALIAS(BIO_meth_get_destroy); - -int -BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy)(BIO *)) -{ - biom->destroy = destroy; - return 1; -} -LCRYPTO_ALIAS(BIO_meth_set_destroy); - -long -(*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))(BIO *, int, BIO_info_cb *) -{ - return biom->callback_ctrl; -} -LCRYPTO_ALIAS(BIO_meth_get_callback_ctrl); - -int -BIO_meth_set_callback_ctrl(BIO_METHOD *biom, - long (*callback_ctrl)(BIO *, int, BIO_info_cb *)) -{ - biom->callback_ctrl = callback_ctrl; - return 1; -} -LCRYPTO_ALIAS(BIO_meth_set_callback_ctrl); diff --git a/src/lib/libcrypto/bio/bss_acpt.c b/src/lib/libcrypto/bio/bss_acpt.c deleted file mode 100644 index d74c710a7f..0000000000 --- a/src/lib/libcrypto/bio/bss_acpt.c +++ /dev/null @@ -1,456 +0,0 @@ -/* $OpenBSD: bss_acpt.c,v 1.31 2023/07/05 21:23:37 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include -#include -#include - -#include -#include -#include - -#include "bio_local.h" - -#define SOCKET_PROTOCOL IPPROTO_TCP - -typedef struct bio_accept_st { - int state; - char *param_addr; - - int accept_sock; - int accept_nbio; - - char *addr; - int nbio; - /* If 0, it means normal, if 1, do a connect on bind failure, - * and if there is no-one listening, bind with SO_REUSEADDR. - * If 2, always use SO_REUSEADDR. */ - int bind_mode; - BIO *bio_chain; -} BIO_ACCEPT; - -static int acpt_write(BIO *h, const char *buf, int num); -static int acpt_read(BIO *h, char *buf, int size); -static int acpt_puts(BIO *h, const char *str); -static long acpt_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int acpt_new(BIO *h); -static int acpt_free(BIO *data); -static int acpt_state(BIO *b, BIO_ACCEPT *c); -static void acpt_close_socket(BIO *data); -static BIO_ACCEPT *BIO_ACCEPT_new(void ); -static void BIO_ACCEPT_free(BIO_ACCEPT *a); - -#define ACPT_S_BEFORE 1 -#define ACPT_S_GET_ACCEPT_SOCKET 2 -#define ACPT_S_OK 3 - -static const BIO_METHOD methods_acceptp = { - .type = BIO_TYPE_ACCEPT, - .name = "socket accept", - .bwrite = acpt_write, - .bread = acpt_read, - .bputs = acpt_puts, - .ctrl = acpt_ctrl, - .create = acpt_new, - .destroy = acpt_free -}; - -const BIO_METHOD * -BIO_s_accept(void) -{ - return (&methods_acceptp); -} -LCRYPTO_ALIAS(BIO_s_accept); - -static int -acpt_new(BIO *bi) -{ - BIO_ACCEPT *ba; - - bi->init = 0; - bi->num = -1; - bi->flags = 0; - if ((ba = BIO_ACCEPT_new()) == NULL) - return (0); - bi->ptr = (char *)ba; - ba->state = ACPT_S_BEFORE; - bi->shutdown = 1; - return (1); -} - -static BIO_ACCEPT * -BIO_ACCEPT_new(void) -{ - BIO_ACCEPT *ret; - - if ((ret = calloc(1, sizeof(BIO_ACCEPT))) == NULL) - return (NULL); - ret->accept_sock = -1; - ret->bind_mode = BIO_BIND_NORMAL; - return (ret); -} - -static void -BIO_ACCEPT_free(BIO_ACCEPT *a) -{ - if (a == NULL) - return; - - free(a->param_addr); - free(a->addr); - BIO_free(a->bio_chain); - free(a); -} - -static void -acpt_close_socket(BIO *bio) -{ - BIO_ACCEPT *c; - - c = (BIO_ACCEPT *)bio->ptr; - if (c->accept_sock != -1) { - shutdown(c->accept_sock, SHUT_RDWR); - close(c->accept_sock); - c->accept_sock = -1; - bio->num = -1; - } -} - -static int -acpt_free(BIO *a) -{ - BIO_ACCEPT *data; - - if (a == NULL) - return (0); - data = (BIO_ACCEPT *)a->ptr; - - if (a->shutdown) { - acpt_close_socket(a); - BIO_ACCEPT_free(data); - a->ptr = NULL; - a->flags = 0; - a->init = 0; - } - return (1); -} - -static int -acpt_state(BIO *b, BIO_ACCEPT *c) -{ - BIO *bio = NULL, *dbio; - int s = -1; - int i; - -again: - switch (c->state) { - case ACPT_S_BEFORE: - if (c->param_addr == NULL) { - BIOerror(BIO_R_NO_ACCEPT_PORT_SPECIFIED); - return (-1); - } - s = BIO_get_accept_socket(c->param_addr, c->bind_mode); - if (s == -1) - return (-1); - - if (c->accept_nbio) { - if (!BIO_socket_nbio(s, 1)) { - close(s); - BIOerror(BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET); - return (-1); - } - } - c->accept_sock = s; - b->num = s; - c->state = ACPT_S_GET_ACCEPT_SOCKET; - return (1); - /* break; */ - case ACPT_S_GET_ACCEPT_SOCKET: - if (b->next_bio != NULL) { - c->state = ACPT_S_OK; - goto again; - } - BIO_clear_retry_flags(b); - b->retry_reason = 0; - i = BIO_accept(c->accept_sock, &(c->addr)); - - /* -2 return means we should retry */ - if (i == -2) { - BIO_set_retry_special(b); - b->retry_reason = BIO_RR_ACCEPT; - return -1; - } - - if (i < 0) - return (i); - - bio = BIO_new_socket(i, BIO_CLOSE); - if (bio == NULL) - goto err; - - BIO_set_callback(bio, BIO_get_callback(b)); - BIO_set_callback_arg(bio, BIO_get_callback_arg(b)); - - if (c->nbio) { - if (!BIO_socket_nbio(i, 1)) { - BIOerror(BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET); - goto err; - } - } - - /* If the accept BIO has an bio_chain, we dup it and - * put the new socket at the end. */ - if (c->bio_chain != NULL) { - if ((dbio = BIO_dup_chain(c->bio_chain)) == NULL) - goto err; - if (!BIO_push(dbio, bio)) goto err; - bio = dbio; - } - if (BIO_push(b, bio) - == NULL) goto err; - - c->state = ACPT_S_OK; - return (1); - -err: - if (bio != NULL) - BIO_free(bio); - return (0); - /* break; */ - case ACPT_S_OK: - if (b->next_bio == NULL) { - c->state = ACPT_S_GET_ACCEPT_SOCKET; - goto again; - } - return (1); - /* break; */ - default: - return (0); - /* break; */ - } -} - -static int -acpt_read(BIO *b, char *out, int outl) -{ - int ret = 0; - BIO_ACCEPT *data; - - BIO_clear_retry_flags(b); - data = (BIO_ACCEPT *)b->ptr; - - while (b->next_bio == NULL) { - ret = acpt_state(b, data); - if (ret <= 0) - return (ret); - } - - ret = BIO_read(b->next_bio, out, outl); - BIO_copy_next_retry(b); - return (ret); -} - -static int -acpt_write(BIO *b, const char *in, int inl) -{ - int ret; - BIO_ACCEPT *data; - - BIO_clear_retry_flags(b); - data = (BIO_ACCEPT *)b->ptr; - - while (b->next_bio == NULL) { - ret = acpt_state(b, data); - if (ret <= 0) - return (ret); - } - - ret = BIO_write(b->next_bio, in, inl); - BIO_copy_next_retry(b); - return (ret); -} - -static long -acpt_ctrl(BIO *b, int cmd, long num, void *ptr) -{ - int *ip; - long ret = 1; - BIO_ACCEPT *data; - char **pp; - - data = (BIO_ACCEPT *)b->ptr; - - switch (cmd) { - case BIO_CTRL_RESET: - ret = 0; - data->state = ACPT_S_BEFORE; - acpt_close_socket(b); - b->flags = 0; - break; - case BIO_C_DO_STATE_MACHINE: - /* use this one to start the connection */ - ret = (long)acpt_state(b, data); - break; - case BIO_C_SET_ACCEPT: - if (ptr != NULL) { - if (num == 0) { - b->init = 1; - free(data->param_addr); - data->param_addr = strdup(ptr); - } else if (num == 1) { - data->accept_nbio = (ptr != NULL); - } else if (num == 2) { - BIO_free(data->bio_chain); - data->bio_chain = (BIO *)ptr; - } - } - break; - case BIO_C_SET_NBIO: - data->nbio = (int)num; - break; - case BIO_C_SET_FD: - b->init = 1; - b->num= *((int *)ptr); - data->accept_sock = b->num; - data->state = ACPT_S_GET_ACCEPT_SOCKET; - b->shutdown = (int)num; - b->init = 1; - break; - case BIO_C_GET_FD: - if (b->init) { - ip = (int *)ptr; - if (ip != NULL) - *ip = data->accept_sock; - ret = data->accept_sock; - } else - ret = -1; - break; - case BIO_C_GET_ACCEPT: - if (b->init) { - if (ptr != NULL) { - pp = (char **)ptr; - *pp = data->param_addr; - } else - ret = -1; - } else - ret = -1; - break; - case BIO_CTRL_GET_CLOSE: - ret = b->shutdown; - break; - case BIO_CTRL_SET_CLOSE: - b->shutdown = (int)num; - break; - case BIO_CTRL_PENDING: - case BIO_CTRL_WPENDING: - ret = 0; - break; - case BIO_CTRL_FLUSH: - break; - case BIO_C_SET_BIND_MODE: - data->bind_mode = (int)num; - break; - case BIO_C_GET_BIND_MODE: - ret = (long)data->bind_mode; - break; - case BIO_CTRL_DUP: -/* dbio=(BIO *)ptr; - if (data->param_port) EAY EAY - BIO_set_port(dbio,data->param_port); - if (data->param_hostname) - BIO_set_hostname(dbio,data->param_hostname); - BIO_set_nbio(dbio,data->nbio); -*/ - break; - - default: - ret = 0; - break; - } - return (ret); -} - -static int -acpt_puts(BIO *bp, const char *str) -{ - int n, ret; - - n = strlen(str); - ret = acpt_write(bp, str, n); - return (ret); -} - -BIO * -BIO_new_accept(const char *str) -{ - BIO *ret; - - ret = BIO_new(BIO_s_accept()); - if (ret == NULL) - return (NULL); - if (BIO_set_accept_port(ret, str)) - return (ret); - else { - BIO_free(ret); - return (NULL); - } -} -LCRYPTO_ALIAS(BIO_new_accept); diff --git a/src/lib/libcrypto/bio/bss_bio.c b/src/lib/libcrypto/bio/bss_bio.c deleted file mode 100644 index 39d8d1e46c..0000000000 --- a/src/lib/libcrypto/bio/bss_bio.c +++ /dev/null @@ -1,641 +0,0 @@ -/* $OpenBSD: bss_bio.c,v 1.29 2024/07/09 06:14:59 beck Exp $ */ -/* ==================================================================== - * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* Special method for a BIO where the other endpoint is also a BIO - * of this kind, handled by the same thread (i.e. the "peer" is actually - * ourselves, wearing a different hat). - * Such "BIO pairs" are mainly for using the SSL library with I/O interfaces - * for which no specific BIO method is available. - * See ssl/ssltest.c for some hints on how this can be used. */ - -/* BIO_DEBUG implies BIO_PAIR_DEBUG */ -#ifdef BIO_DEBUG -# ifndef BIO_PAIR_DEBUG -# define BIO_PAIR_DEBUG -# endif -#endif - -/* disable assert() unless BIO_PAIR_DEBUG has been defined */ -#ifndef BIO_PAIR_DEBUG -# ifndef NDEBUG -# define NDEBUG -# endif -#endif - -#include -#include -#include -#include -#include - -#include -#include -#include - -#include "bio_local.h" - -static int bio_new(BIO *bio); -static int bio_free(BIO *bio); -static int bio_read(BIO *bio, char *buf, int size); -static int bio_write(BIO *bio, const char *buf, int num); -static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr); -static int bio_puts(BIO *bio, const char *str); - -static int bio_make_pair(BIO *bio1, BIO *bio2); -static void bio_destroy_pair(BIO *bio); - -static const BIO_METHOD methods_biop = { - .type = BIO_TYPE_BIO, - .name = "BIO pair", - .bwrite = bio_write, - .bread = bio_read, - .bputs = bio_puts, - .ctrl = bio_ctrl, - .create = bio_new, - .destroy = bio_free -}; - -const BIO_METHOD * -BIO_s_bio(void) -{ - return &methods_biop; -} -LCRYPTO_ALIAS(BIO_s_bio); - -struct bio_bio_st { - BIO *peer; /* NULL if buf == NULL. - * If peer != NULL, then peer->ptr is also a bio_bio_st, - * and its "peer" member points back to us. - * peer != NULL iff init != 0 in the BIO. */ - - /* This is for what we write (i.e. reading uses peer's struct): */ - int closed; /* valid iff peer != NULL */ - size_t len; /* valid iff buf != NULL; 0 if peer == NULL */ - size_t offset; /* valid iff buf != NULL; 0 if len == 0 */ - size_t size; - char *buf; /* "size" elements (if != NULL) */ - - size_t request; /* valid iff peer != NULL; 0 if len != 0, - * otherwise set by peer to number of bytes - * it (unsuccessfully) tried to read, - * never more than buffer space (size-len) warrants. */ -}; - -static int -bio_new(BIO *bio) -{ - struct bio_bio_st *b; - - b = malloc(sizeof *b); - if (b == NULL) - return 0; - - b->peer = NULL; - b->size = 17 * 1024; /* enough for one TLS record (just a default) */ - b->buf = NULL; - - bio->ptr = b; - return 1; -} - -static int -bio_free(BIO *bio) -{ - struct bio_bio_st *b; - - if (bio == NULL) - return 0; - b = bio->ptr; - - assert(b != NULL); - - if (b->peer) - bio_destroy_pair(bio); - - free(b->buf); - free(b); - return 1; -} - - - -static int -bio_read(BIO *bio, char *buf, int size_) -{ - size_t size = size_; - size_t rest; - struct bio_bio_st *b, *peer_b; - - BIO_clear_retry_flags(bio); - - if (!bio->init) - return 0; - - b = bio->ptr; - assert(b != NULL); - assert(b->peer != NULL); - peer_b = b->peer->ptr; - assert(peer_b != NULL); - assert(peer_b->buf != NULL); - - peer_b->request = 0; /* will be set in "retry_read" situation */ - - if (buf == NULL || size == 0) - return 0; - - if (peer_b->len == 0) { - if (peer_b->closed) - return 0; /* writer has closed, and no data is left */ - else { - BIO_set_retry_read(bio); /* buffer is empty */ - if (size <= peer_b->size) - peer_b->request = size; - else - /* don't ask for more than the peer can - * deliver in one write */ - peer_b->request = peer_b->size; - return -1; - } - } - - /* we can read */ - if (peer_b->len < size) - size = peer_b->len; - - /* now read "size" bytes */ - - rest = size; - - assert(rest > 0); - do /* one or two iterations */ - { - size_t chunk; - - assert(rest <= peer_b->len); - if (peer_b->offset + rest <= peer_b->size) - chunk = rest; - else - /* wrap around ring buffer */ - chunk = peer_b->size - peer_b->offset; - assert(peer_b->offset + chunk <= peer_b->size); - - memcpy(buf, peer_b->buf + peer_b->offset, chunk); - - peer_b->len -= chunk; - if (peer_b->len) { - peer_b->offset += chunk; - assert(peer_b->offset <= peer_b->size); - if (peer_b->offset == peer_b->size) - peer_b->offset = 0; - buf += chunk; - } else { - /* buffer now empty, no need to advance "buf" */ - assert(chunk == rest); - peer_b->offset = 0; - } - rest -= chunk; - } while (rest); - - return size; -} - -static int -bio_write(BIO *bio, const char *buf, int num_) -{ - size_t num = num_; - size_t rest; - struct bio_bio_st *b; - - BIO_clear_retry_flags(bio); - - if (!bio->init || buf == NULL || num == 0) - return 0; - - b = bio->ptr; - - assert(b != NULL); - assert(b->peer != NULL); - assert(b->buf != NULL); - - b->request = 0; - if (b->closed) { - /* we already closed */ - BIOerror(BIO_R_BROKEN_PIPE); - return -1; - } - - assert(b->len <= b->size); - - if (b->len == b->size) { - BIO_set_retry_write(bio); /* buffer is full */ - return -1; - } - - /* we can write */ - if (num > b->size - b->len) - num = b->size - b->len; - - /* now write "num" bytes */ - - rest = num; - - assert(rest > 0); - do /* one or two iterations */ - { - size_t write_offset; - size_t chunk; - - assert(b->len + rest <= b->size); - - write_offset = b->offset + b->len; - if (write_offset >= b->size) - write_offset -= b->size; - /* b->buf[write_offset] is the first byte we can write to. */ - - if (write_offset + rest <= b->size) - chunk = rest; - else - /* wrap around ring buffer */ - chunk = b->size - write_offset; - - memcpy(b->buf + write_offset, buf, chunk); - - b->len += chunk; - - assert(b->len <= b->size); - - rest -= chunk; - buf += chunk; - } while (rest); - - return num; -} - -static long -bio_ctrl(BIO *bio, int cmd, long num, void *ptr) -{ - long ret; - struct bio_bio_st *b = bio->ptr; - - assert(b != NULL); - - switch (cmd) { - /* specific CTRL codes */ - - case BIO_C_SET_WRITE_BUF_SIZE: - if (b->peer) { - BIOerror(BIO_R_IN_USE); - ret = 0; - } else if (num == 0) { - BIOerror(BIO_R_INVALID_ARGUMENT); - ret = 0; - } else { - size_t new_size = num; - - if (b->size != new_size) { - free(b->buf); - b->buf = NULL; - b->size = new_size; - } - ret = 1; - } - break; - - case BIO_C_GET_WRITE_BUF_SIZE: - ret = (long) b->size; - break; - - case BIO_C_MAKE_BIO_PAIR: - { - BIO *other_bio = ptr; - - if (bio_make_pair(bio, other_bio)) - ret = 1; - else - ret = 0; - } - break; - - case BIO_C_DESTROY_BIO_PAIR: - /* Affects both BIOs in the pair -- call just once! - * Or let BIO_free(bio1); BIO_free(bio2); do the job. */ - bio_destroy_pair(bio); - ret = 1; - break; - - case BIO_C_GET_WRITE_GUARANTEE: - /* How many bytes can the caller feed to the next write - * without having to keep any? */ - if (b->peer == NULL || b->closed) - ret = 0; - else - ret = (long) b->size - b->len; - break; - - case BIO_C_GET_READ_REQUEST: - /* If the peer unsuccessfully tried to read, how many bytes - * were requested? (As with BIO_CTRL_PENDING, that number - * can usually be treated as boolean.) */ - ret = (long) b->request; - break; - - case BIO_C_RESET_READ_REQUEST: - /* Reset request. (Can be useful after read attempts - * at the other side that are meant to be non-blocking, - * e.g. when probing SSL_read to see if any data is - * available.) */ - b->request = 0; - ret = 1; - break; - - case BIO_C_SHUTDOWN_WR: - /* similar to shutdown(..., SHUT_WR) */ - b->closed = 1; - ret = 1; - break; - - /* standard CTRL codes follow */ - - case BIO_CTRL_RESET: - if (b->buf != NULL) { - b->len = 0; - b->offset = 0; - } - ret = 0; - break; - - - case BIO_CTRL_GET_CLOSE: - ret = bio->shutdown; - break; - - case BIO_CTRL_SET_CLOSE: - bio->shutdown = (int) num; - ret = 1; - break; - - case BIO_CTRL_PENDING: - if (b->peer != NULL) { - struct bio_bio_st *peer_b = b->peer->ptr; - - ret = (long) peer_b->len; - } else - ret = 0; - break; - - case BIO_CTRL_WPENDING: - if (b->buf != NULL) - ret = (long) b->len; - else - ret = 0; - break; - - case BIO_CTRL_DUP: - /* See BIO_dup_chain for circumstances we have to expect. */ - { - BIO *other_bio = ptr; - struct bio_bio_st *other_b; - - assert(other_bio != NULL); - other_b = other_bio->ptr; - assert(other_b != NULL); - - assert(other_b->buf == NULL); /* other_bio is always fresh */ - - other_b->size = b->size; - } - - ret = 1; - break; - - case BIO_CTRL_FLUSH: - ret = 1; - break; - - case BIO_CTRL_EOF: - { - BIO *other_bio = ptr; - - if (other_bio) { - struct bio_bio_st *other_b = other_bio->ptr; - - assert(other_b != NULL); - ret = other_b->len == 0 && other_b->closed; - } else - ret = 1; - } - break; - - default: - ret = 0; - } - return ret; -} - -static int -bio_puts(BIO *bio, const char *str) -{ - return bio_write(bio, str, strlen(str)); -} - - -static int -bio_make_pair(BIO *bio1, BIO *bio2) -{ - struct bio_bio_st *b1, *b2; - - assert(bio1 != NULL); - assert(bio2 != NULL); - - b1 = bio1->ptr; - b2 = bio2->ptr; - - if (b1->peer != NULL || b2->peer != NULL) { - BIOerror(BIO_R_IN_USE); - return 0; - } - - if (b1->buf == NULL) { - b1->buf = malloc(b1->size); - if (b1->buf == NULL) { - BIOerror(ERR_R_MALLOC_FAILURE); - return 0; - } - b1->len = 0; - b1->offset = 0; - } - - if (b2->buf == NULL) { - b2->buf = malloc(b2->size); - if (b2->buf == NULL) { - BIOerror(ERR_R_MALLOC_FAILURE); - return 0; - } - b2->len = 0; - b2->offset = 0; - } - - b1->peer = bio2; - b1->closed = 0; - b1->request = 0; - b2->peer = bio1; - b2->closed = 0; - b2->request = 0; - - bio1->init = 1; - bio2->init = 1; - - return 1; -} - -static void -bio_destroy_pair(BIO *bio) -{ - struct bio_bio_st *b = bio->ptr; - - if (b != NULL) { - BIO *peer_bio = b->peer; - - if (peer_bio != NULL) { - struct bio_bio_st *peer_b = peer_bio->ptr; - - assert(peer_b != NULL); - assert(peer_b->peer == bio); - - peer_b->peer = NULL; - peer_bio->init = 0; - assert(peer_b->buf != NULL); - peer_b->len = 0; - peer_b->offset = 0; - - b->peer = NULL; - bio->init = 0; - assert(b->buf != NULL); - b->len = 0; - b->offset = 0; - } - } -} - - -/* Exported convenience functions */ -int -BIO_new_bio_pair(BIO **bio1_p, size_t writebuf1, BIO **bio2_p, size_t writebuf2) -{ - BIO *bio1 = NULL, *bio2 = NULL; - long r; - int ret = 0; - - bio1 = BIO_new(BIO_s_bio()); - if (bio1 == NULL) - goto err; - bio2 = BIO_new(BIO_s_bio()); - if (bio2 == NULL) - goto err; - - if (writebuf1) { - r = BIO_set_write_buf_size(bio1, writebuf1); - if (!r) - goto err; - } - if (writebuf2) { - r = BIO_set_write_buf_size(bio2, writebuf2); - if (!r) - goto err; - } - - r = BIO_make_bio_pair(bio1, bio2); - if (!r) - goto err; - ret = 1; - - err: - if (ret == 0) { - if (bio1) { - BIO_free(bio1); - bio1 = NULL; - } - if (bio2) { - BIO_free(bio2); - bio2 = NULL; - } - } - - *bio1_p = bio1; - *bio2_p = bio2; - return ret; -} -LCRYPTO_ALIAS(BIO_new_bio_pair); - -size_t -BIO_ctrl_get_write_guarantee(BIO *bio) -{ - return BIO_ctrl(bio, BIO_C_GET_WRITE_GUARANTEE, 0, NULL); -} -LCRYPTO_ALIAS(BIO_ctrl_get_write_guarantee); - -size_t -BIO_ctrl_get_read_request(BIO *bio) -{ - return BIO_ctrl(bio, BIO_C_GET_READ_REQUEST, 0, NULL); -} -LCRYPTO_ALIAS(BIO_ctrl_get_read_request); - -int -BIO_ctrl_reset_read_request(BIO *bio) -{ - return (BIO_ctrl(bio, BIO_C_RESET_READ_REQUEST, 0, NULL) != 0); -} -LCRYPTO_ALIAS(BIO_ctrl_reset_read_request); diff --git a/src/lib/libcrypto/bio/bss_conn.c b/src/lib/libcrypto/bio/bss_conn.c deleted file mode 100644 index 3b0e3d3bdd..0000000000 --- a/src/lib/libcrypto/bio/bss_conn.c +++ /dev/null @@ -1,598 +0,0 @@ -/* $OpenBSD: bss_conn.c,v 1.41 2024/04/19 09:54:36 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include - -#include -#include -#include -#include -#include - -#include -#include -#include - -#include "bio_local.h" - -#define SOCKET_PROTOCOL IPPROTO_TCP - -typedef struct bio_connect_st { - int state; - - char *param_hostname; - char *param_port; - int nbio; - - unsigned char ip[4]; - unsigned short port; - - struct sockaddr_in them; - - /* int socket; this will be kept in bio->num so that it is - * compatible with the bss_sock bio */ - - /* called when the connection is initially made - * callback(BIO,state,ret); The callback should return - * 'ret'. state is for compatibility with the ssl info_callback */ - BIO_info_cb *info_callback; -} BIO_CONNECT; - -static int conn_write(BIO *h, const char *buf, int num); -static int conn_read(BIO *h, char *buf, int size); -static int conn_puts(BIO *h, const char *str); -static long conn_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int conn_new(BIO *h); -static int conn_free(BIO *data); -static long conn_callback_ctrl(BIO *h, int cmd, BIO_info_cb *); - -static int conn_state(BIO *b, BIO_CONNECT *c); -static void conn_close_socket(BIO *data); -static BIO_CONNECT *BIO_CONNECT_new(void); -static void BIO_CONNECT_free(BIO_CONNECT *a); - -static const BIO_METHOD methods_connectp = { - .type = BIO_TYPE_CONNECT, - .name = "socket connect", - .bwrite = conn_write, - .bread = conn_read, - .bputs = conn_puts, - .ctrl = conn_ctrl, - .create = conn_new, - .destroy = conn_free, - .callback_ctrl = conn_callback_ctrl -}; - -static int -conn_state(BIO *b, BIO_CONNECT *c) -{ - int ret = -1, i; - unsigned long l; - char *p, *q; - BIO_info_cb *cb = NULL; - - if (c->info_callback != NULL) - cb = c->info_callback; - - for (;;) { - switch (c->state) { - case BIO_CONN_S_BEFORE: - p = c->param_hostname; - if (p == NULL) { - BIOerror(BIO_R_NO_HOSTNAME_SPECIFIED); - goto exit_loop; - } - for (; *p != '\0'; p++) { - if ((*p == ':') || (*p == '/')) - break; - } - - i= *p; - if ((i == ':') || (i == '/')) { - *(p++) = '\0'; - if (i == ':') { - for (q = p; *q; q++) - if (*q == '/') { - *q = '\0'; - break; - } - free(c->param_port); - c->param_port = strdup(p); - } - } - - if (c->param_port == NULL) { - BIOerror(BIO_R_NO_PORT_SPECIFIED); - ERR_asprintf_error_data("host=%s", - c->param_hostname); - goto exit_loop; - } - c->state = BIO_CONN_S_GET_IP; - break; - - case BIO_CONN_S_GET_IP: - if (BIO_get_host_ip(c->param_hostname, &(c->ip[0])) <= 0) - goto exit_loop; - c->state = BIO_CONN_S_GET_PORT; - break; - - case BIO_CONN_S_GET_PORT: - if (c->param_port == NULL) { - /* abort(); */ - goto exit_loop; - } else if (BIO_get_port(c->param_port, &c->port) <= 0) - goto exit_loop; - c->state = BIO_CONN_S_CREATE_SOCKET; - break; - - case BIO_CONN_S_CREATE_SOCKET: - /* now setup address */ - memset((char *)&c->them, 0, sizeof(c->them)); - c->them.sin_family = AF_INET; - c->them.sin_port = htons((unsigned short)c->port); - l = (unsigned long) - ((unsigned long)c->ip[0] << 24L)| - ((unsigned long)c->ip[1] << 16L)| - ((unsigned long)c->ip[2] << 8L)| - ((unsigned long)c->ip[3]); - c->them.sin_addr.s_addr = htonl(l); - c->state = BIO_CONN_S_CREATE_SOCKET; - - ret = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL); - if (ret == -1) { - SYSerror(errno); - ERR_asprintf_error_data("host=%s:%s", - c->param_hostname, c->param_port); - BIOerror(BIO_R_UNABLE_TO_CREATE_SOCKET); - goto exit_loop; - } - b->num = ret; - c->state = BIO_CONN_S_NBIO; - break; - - case BIO_CONN_S_NBIO: - if (c->nbio) { - if (!BIO_socket_nbio(b->num, 1)) { - BIOerror(BIO_R_ERROR_SETTING_NBIO); - ERR_asprintf_error_data("host=%s:%s", - c->param_hostname, c->param_port); - goto exit_loop; - } - } - c->state = BIO_CONN_S_CONNECT; - -#if defined(SO_KEEPALIVE) - i = 1; - i = setsockopt(b->num, SOL_SOCKET, SO_KEEPALIVE, &i, sizeof(i)); - if (i < 0) { - SYSerror(errno); - ERR_asprintf_error_data("host=%s:%s", - c->param_hostname, c->param_port); - BIOerror(BIO_R_KEEPALIVE); - goto exit_loop; - } -#endif - break; - - case BIO_CONN_S_CONNECT: - BIO_clear_retry_flags(b); - ret = connect(b->num, - (struct sockaddr *)&c->them, - sizeof(c->them)); - b->retry_reason = 0; - if (ret < 0) { - if (BIO_sock_should_retry(ret)) { - BIO_set_retry_special(b); - c->state = BIO_CONN_S_BLOCKED_CONNECT; - b->retry_reason = BIO_RR_CONNECT; - } else { - SYSerror(errno); - ERR_asprintf_error_data("host=%s:%s", - c->param_hostname, c->param_port); - BIOerror(BIO_R_CONNECT_ERROR); - } - goto exit_loop; - } else - c->state = BIO_CONN_S_OK; - break; - - case BIO_CONN_S_BLOCKED_CONNECT: - i = BIO_sock_error(b->num); - if (i) { - BIO_clear_retry_flags(b); - SYSerror(i); - ERR_asprintf_error_data("host=%s:%s", - c->param_hostname, c->param_port); - BIOerror(BIO_R_NBIO_CONNECT_ERROR); - ret = 0; - goto exit_loop; - } else - c->state = BIO_CONN_S_OK; - break; - - case BIO_CONN_S_OK: - ret = 1; - goto exit_loop; - default: - /* abort(); */ - goto exit_loop; - } - - if (cb != NULL) { - if (!(ret = cb((BIO *)b, c->state, ret))) - goto end; - } - } - - /* Loop does not exit */ -exit_loop: - if (cb != NULL) - ret = cb((BIO *)b, c->state, ret); -end: - return (ret); -} - -static BIO_CONNECT * -BIO_CONNECT_new(void) -{ - BIO_CONNECT *ret; - - if ((ret = malloc(sizeof(BIO_CONNECT))) == NULL) - return (NULL); - ret->state = BIO_CONN_S_BEFORE; - ret->param_hostname = NULL; - ret->param_port = NULL; - ret->info_callback = NULL; - ret->nbio = 0; - ret->ip[0] = 0; - ret->ip[1] = 0; - ret->ip[2] = 0; - ret->ip[3] = 0; - ret->port = 0; - memset((char *)&ret->them, 0, sizeof(ret->them)); - return (ret); -} - -static void -BIO_CONNECT_free(BIO_CONNECT *a) -{ - if (a == NULL) - return; - - free(a->param_hostname); - free(a->param_port); - free(a); -} - -const BIO_METHOD * -BIO_s_connect(void) -{ - return (&methods_connectp); -} -LCRYPTO_ALIAS(BIO_s_connect); - -static int -conn_new(BIO *bi) -{ - bi->init = 0; - bi->num = -1; - bi->flags = 0; - if ((bi->ptr = (char *)BIO_CONNECT_new()) == NULL) - return (0); - else - return (1); -} - -static void -conn_close_socket(BIO *bio) -{ - BIO_CONNECT *c; - - c = (BIO_CONNECT *)bio->ptr; - if (bio->num != -1) { - /* Only do a shutdown if things were established */ - if (c->state == BIO_CONN_S_OK) - shutdown(bio->num, SHUT_RDWR); - close(bio->num); - bio->num = -1; - } -} - -static int -conn_free(BIO *a) -{ - BIO_CONNECT *data; - - if (a == NULL) - return (0); - data = (BIO_CONNECT *)a->ptr; - - if (a->shutdown) { - conn_close_socket(a); - BIO_CONNECT_free(data); - a->ptr = NULL; - a->flags = 0; - a->init = 0; - } - return (1); -} - -static int -conn_read(BIO *b, char *out, int outl) -{ - int ret = 0; - BIO_CONNECT *data; - - data = (BIO_CONNECT *)b->ptr; - if (data->state != BIO_CONN_S_OK) { - ret = conn_state(b, data); - if (ret <= 0) - return (ret); - } - - if (out != NULL) { - errno = 0; - ret = read(b->num, out, outl); - BIO_clear_retry_flags(b); - if (ret <= 0) { - if (BIO_sock_should_retry(ret)) - BIO_set_retry_read(b); - } - } - return (ret); -} - -static int -conn_write(BIO *b, const char *in, int inl) -{ - int ret; - BIO_CONNECT *data; - - data = (BIO_CONNECT *)b->ptr; - if (data->state != BIO_CONN_S_OK) { - ret = conn_state(b, data); - if (ret <= 0) - return (ret); - } - - errno = 0; - ret = write(b->num, in, inl); - BIO_clear_retry_flags(b); - if (ret <= 0) { - if (BIO_sock_should_retry(ret)) - BIO_set_retry_write(b); - } - return (ret); -} - -static long -conn_ctrl(BIO *b, int cmd, long num, void *ptr) -{ - BIO *dbio; - int *ip; - const char **pptr; - long ret = 1; - BIO_CONNECT *data; - - data = (BIO_CONNECT *)b->ptr; - - switch (cmd) { - case BIO_CTRL_RESET: - ret = 0; - data->state = BIO_CONN_S_BEFORE; - conn_close_socket(b); - b->flags = 0; - break; - case BIO_C_DO_STATE_MACHINE: - /* use this one to start the connection */ - if (data->state != BIO_CONN_S_OK) - ret = (long)conn_state(b, data); - else - ret = 1; - break; - case BIO_C_GET_CONNECT: - if (ptr != NULL) { - pptr = (const char **)ptr; - if (num == 0) { - *pptr = data->param_hostname; - - } else if (num == 1) { - *pptr = data->param_port; - } else if (num == 2) { - *pptr = (char *)&(data->ip[0]); - } else if (num == 3) { - *((int *)ptr) = data->port; - } - if ((!b->init) || (ptr == NULL)) - *pptr = "not initialized"; - ret = 1; - } - break; - case BIO_C_SET_CONNECT: - if (ptr != NULL) { - b->init = 1; - if (num == 0) { - free(data->param_hostname); - data->param_hostname = strdup(ptr); - } else if (num == 1) { - free(data->param_port); - data->param_port = strdup(ptr); - } else if (num == 2) { - unsigned char *p = ptr; - free(data->param_hostname); - if (asprintf(&data->param_hostname, - "%u.%u.%u.%u", p[0], p[1], - p[2], p[3]) == -1) - data->param_hostname = NULL; - memcpy(&(data->ip[0]), ptr, 4); - } else if (num == 3) { - free(data->param_port); - data->port= *(int *)ptr; - if (asprintf(&data->param_port, "%d", - data->port) == -1) - data->param_port = NULL; - } - } - break; - case BIO_C_SET_NBIO: - data->nbio = (int)num; - break; - case BIO_C_GET_FD: - if (b->init) { - ip = (int *)ptr; - if (ip != NULL) - *ip = b->num; - ret = b->num; - } else - ret = -1; - break; - case BIO_CTRL_GET_CLOSE: - ret = b->shutdown; - break; - case BIO_CTRL_SET_CLOSE: - b->shutdown = (int)num; - break; - case BIO_CTRL_PENDING: - case BIO_CTRL_WPENDING: - ret = 0; - break; - case BIO_CTRL_FLUSH: - break; - case BIO_CTRL_DUP: - { - dbio = (BIO *)ptr; - if (data->param_port) - BIO_set_conn_port(dbio, data->param_port); - if (data->param_hostname) - BIO_set_conn_hostname(dbio, - data->param_hostname); - BIO_set_nbio(dbio, data->nbio); - (void)BIO_set_info_callback(dbio, data->info_callback); - } - break; - case BIO_CTRL_SET_CALLBACK: - { -#if 0 /* FIXME: Should this be used? -- Richard Levitte */ - BIOerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - ret = -1; -#else - ret = 0; -#endif - } - break; - case BIO_CTRL_GET_CALLBACK: - { - BIO_info_cb **fptr = ptr; - - *fptr = data->info_callback; - } - break; - default: - ret = 0; - break; - } - return (ret); -} - -static long -conn_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp) -{ - long ret = 1; - BIO_CONNECT *data; - - data = (BIO_CONNECT *)b->ptr; - - switch (cmd) { - case BIO_CTRL_SET_CALLBACK: - data->info_callback = (BIO_info_cb *)fp; - break; - default: - ret = 0; - break; - } - return (ret); -} - -static int -conn_puts(BIO *bp, const char *str) -{ - int n, ret; - - n = strlen(str); - ret = conn_write(bp, str, n); - return (ret); -} - -BIO * -BIO_new_connect(const char *str) -{ - BIO *ret; - - ret = BIO_new(BIO_s_connect()); - if (ret == NULL) - return (NULL); - if (BIO_set_conn_hostname(ret, str)) - return (ret); - else { - BIO_free(ret); - return (NULL); - } -} -LCRYPTO_ALIAS(BIO_new_connect); diff --git a/src/lib/libcrypto/bio/bss_dgram.c b/src/lib/libcrypto/bio/bss_dgram.c deleted file mode 100644 index 65a8f6fae4..0000000000 --- a/src/lib/libcrypto/bio/bss_dgram.c +++ /dev/null @@ -1,663 +0,0 @@ -/* $OpenBSD: bss_dgram.c,v 1.45 2023/07/05 21:23:37 beck Exp $ */ -/* - * DTLS implementation written by Nagendra Modadugu - * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. - */ -/* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include - -#include -#include -#include -#include -#include - -#include - -#include - -#include "bio_local.h" - -#ifndef OPENSSL_NO_DGRAM - - -static int dgram_write(BIO *h, const char *buf, int num); -static int dgram_read(BIO *h, char *buf, int size); -static int dgram_puts(BIO *h, const char *str); -static long dgram_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int dgram_new(BIO *h); -static int dgram_free(BIO *data); -static int dgram_clear(BIO *bio); - - -static int BIO_dgram_should_retry(int s); - -static const BIO_METHOD methods_dgramp = { - .type = BIO_TYPE_DGRAM, - .name = "datagram socket", - .bwrite = dgram_write, - .bread = dgram_read, - .bputs = dgram_puts, - .ctrl = dgram_ctrl, - .create = dgram_new, - .destroy = dgram_free -}; - - -typedef struct bio_dgram_data_st { - union { - struct sockaddr sa; - struct sockaddr_in sa_in; - struct sockaddr_in6 sa_in6; - } peer; - unsigned int connected; - unsigned int _errno; - unsigned int mtu; - struct timeval next_timeout; - struct timeval socket_timeout; -} bio_dgram_data; - - -const BIO_METHOD * -BIO_s_datagram(void) -{ - return (&methods_dgramp); -} -LCRYPTO_ALIAS(BIO_s_datagram); - -BIO * -BIO_new_dgram(int fd, int close_flag) -{ - BIO *ret; - - ret = BIO_new(BIO_s_datagram()); - if (ret == NULL) - return (NULL); - BIO_set_fd(ret, fd, close_flag); - return (ret); -} -LCRYPTO_ALIAS(BIO_new_dgram); - -static int -dgram_new(BIO *bi) -{ - bio_dgram_data *data = NULL; - - bi->init = 0; - bi->num = 0; - data = calloc(1, sizeof(bio_dgram_data)); - if (data == NULL) - return 0; - bi->ptr = data; - - bi->flags = 0; - return (1); -} - -static int -dgram_free(BIO *a) -{ - bio_dgram_data *data; - - if (a == NULL) - return (0); - if (!dgram_clear(a)) - return 0; - - data = (bio_dgram_data *)a->ptr; - free(data); - - return (1); -} - -static int -dgram_clear(BIO *a) -{ - if (a == NULL) - return (0); - if (a->shutdown) { - if (a->init) { - shutdown(a->num, SHUT_RDWR); - close(a->num); - } - a->init = 0; - a->flags = 0; - } - return (1); -} - -static void -dgram_adjust_rcv_timeout(BIO *b) -{ -#if defined(SO_RCVTIMEO) - bio_dgram_data *data = (bio_dgram_data *)b->ptr; - - /* Is a timer active? */ - if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0) { - struct timeval timenow, timeleft; - - /* Read current socket timeout */ - socklen_t sz = sizeof(data->socket_timeout); - if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, - &(data->socket_timeout), &sz) < 0) { - perror("getsockopt"); - } - - /* Get current time */ - gettimeofday(&timenow, NULL); - - /* Calculate time left until timer expires */ - memcpy(&timeleft, &(data->next_timeout), sizeof(struct timeval)); - timeleft.tv_sec -= timenow.tv_sec; - timeleft.tv_usec -= timenow.tv_usec; - if (timeleft.tv_usec < 0) { - timeleft.tv_sec--; - timeleft.tv_usec += 1000000; - } - - if (timeleft.tv_sec < 0) { - timeleft.tv_sec = 0; - timeleft.tv_usec = 1; - } - - /* Adjust socket timeout if next handshake message timer - * will expire earlier. - */ - if ((data->socket_timeout.tv_sec == 0 && - data->socket_timeout.tv_usec == 0) || - (data->socket_timeout.tv_sec > timeleft.tv_sec) || - (data->socket_timeout.tv_sec == timeleft.tv_sec && - data->socket_timeout.tv_usec >= timeleft.tv_usec)) { - if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, - &timeleft, sizeof(struct timeval)) < 0) { - perror("setsockopt"); - } - } - } -#endif -} - -static void -dgram_reset_rcv_timeout(BIO *b) -{ -#if defined(SO_RCVTIMEO) - bio_dgram_data *data = (bio_dgram_data *)b->ptr; - - /* Is a timer active? */ - if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0) { - if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, - &(data->socket_timeout), sizeof(struct timeval)) < 0) { - perror("setsockopt"); - } - } -#endif -} - -static int -dgram_read(BIO *b, char *out, int outl) -{ - int ret = 0; - bio_dgram_data *data = (bio_dgram_data *)b->ptr; - - struct { - socklen_t len; - union { - struct sockaddr sa; - struct sockaddr_in sa_in; - struct sockaddr_in6 sa_in6; - } peer; - } sa; - - sa.len = sizeof(sa.peer); - - if (out != NULL) { - errno = 0; - memset(&sa.peer, 0, sizeof(sa.peer)); - dgram_adjust_rcv_timeout(b); - ret = recvfrom(b->num, out, outl, 0, &sa.peer.sa, &sa.len); - - if (! data->connected && ret >= 0) - BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &sa.peer); - - BIO_clear_retry_flags(b); - if (ret < 0) { - if (BIO_dgram_should_retry(ret)) { - BIO_set_retry_read(b); - data->_errno = errno; - } - } - - dgram_reset_rcv_timeout(b); - } - return (ret); -} - -static int -dgram_write(BIO *b, const char *in, int inl) -{ - int ret; - bio_dgram_data *data = (bio_dgram_data *)b->ptr; - errno = 0; - - if (data->connected) - ret = write(b->num, in, inl); - else { - int peerlen = sizeof(data->peer); - - if (data->peer.sa.sa_family == AF_INET) - peerlen = sizeof(data->peer.sa_in); - else if (data->peer.sa.sa_family == AF_INET6) - peerlen = sizeof(data->peer.sa_in6); - ret = sendto(b->num, in, inl, 0, &data->peer.sa, peerlen); - } - - BIO_clear_retry_flags(b); - if (ret <= 0) { - if (BIO_dgram_should_retry(ret)) { - BIO_set_retry_write(b); - - data->_errno = errno; - /* - * higher layers are responsible for querying MTU, - * if necessary - */ - } - } - return (ret); -} - -static long -dgram_ctrl(BIO *b, int cmd, long num, void *ptr) -{ - long ret = 1; - int *ip; - struct sockaddr *to = NULL; - bio_dgram_data *data = NULL; -#if (defined(IP_MTU_DISCOVER) || defined(IP_MTU)) - int sockopt_val = 0; - socklen_t sockopt_len; /* assume that system supporting IP_MTU is - * modern enough to define socklen_t */ - socklen_t addr_len; - union { - struct sockaddr sa; - struct sockaddr_in s4; - struct sockaddr_in6 s6; - } addr; -#endif - - data = (bio_dgram_data *)b->ptr; - - switch (cmd) { - case BIO_CTRL_RESET: - num = 0; - case BIO_C_FILE_SEEK: - ret = 0; - break; - case BIO_C_FILE_TELL: - case BIO_CTRL_INFO: - ret = 0; - break; - case BIO_C_SET_FD: - dgram_clear(b); - b->num= *((int *)ptr); - b->shutdown = (int)num; - b->init = 1; - break; - case BIO_C_GET_FD: - if (b->init) { - ip = (int *)ptr; - if (ip != NULL) - *ip = b->num; - ret = b->num; - } else - ret = -1; - break; - case BIO_CTRL_GET_CLOSE: - ret = b->shutdown; - break; - case BIO_CTRL_SET_CLOSE: - b->shutdown = (int)num; - break; - case BIO_CTRL_PENDING: - case BIO_CTRL_WPENDING: - ret = 0; - break; - case BIO_CTRL_DUP: - case BIO_CTRL_FLUSH: - ret = 1; - break; - case BIO_CTRL_DGRAM_CONNECT: - to = (struct sockaddr *)ptr; - switch (to->sa_family) { - case AF_INET: - memcpy(&data->peer, to, sizeof(data->peer.sa_in)); - break; - case AF_INET6: - memcpy(&data->peer, to, sizeof(data->peer.sa_in6)); - break; - default: - memcpy(&data->peer, to, sizeof(data->peer.sa)); - break; - } - break; - /* (Linux)kernel sets DF bit on outgoing IP packets */ - case BIO_CTRL_DGRAM_MTU_DISCOVER: -#if defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DO) - addr_len = (socklen_t)sizeof(addr); - memset((void *)&addr, 0, sizeof(addr)); - if (getsockname(b->num, &addr.sa, &addr_len) < 0) { - ret = 0; - break; - } - switch (addr.sa.sa_family) { - case AF_INET: - sockopt_val = IP_PMTUDISC_DO; - ret = setsockopt(b->num, IPPROTO_IP, IP_MTU_DISCOVER, - &sockopt_val, sizeof(sockopt_val)); - if (ret < 0) - perror("setsockopt"); - break; -#if defined(IPV6_MTU_DISCOVER) && defined(IPV6_PMTUDISC_DO) - case AF_INET6: - sockopt_val = IPV6_PMTUDISC_DO; - ret = setsockopt(b->num, IPPROTO_IPV6, - IPV6_MTU_DISCOVER, &sockopt_val, - sizeof(sockopt_val)); - if (ret < 0) - perror("setsockopt"); - break; -#endif - default: - ret = -1; - break; - } -#else - ret = -1; -#endif - break; - case BIO_CTRL_DGRAM_QUERY_MTU: -#if defined(IP_MTU) - addr_len = (socklen_t)sizeof(addr); - memset((void *)&addr, 0, sizeof(addr)); - if (getsockname(b->num, &addr.sa, &addr_len) < 0) { - ret = 0; - break; - } - sockopt_len = sizeof(sockopt_val); - switch (addr.sa.sa_family) { - case AF_INET: - ret = getsockopt(b->num, IPPROTO_IP, IP_MTU, - &sockopt_val, &sockopt_len); - if (ret < 0 || sockopt_val < 0) { - ret = 0; - } else { - /* we assume that the transport protocol is UDP and no - * IP options are used. - */ - data->mtu = sockopt_val - 8 - 20; - ret = data->mtu; - } - break; -#if defined(IPV6_MTU) - case AF_INET6: - ret = getsockopt(b->num, IPPROTO_IPV6, IPV6_MTU, - &sockopt_val, &sockopt_len); - if (ret < 0 || sockopt_val < 0) { - ret = 0; - } else { - /* we assume that the transport protocol is UDP and no - * IPV6 options are used. - */ - data->mtu = sockopt_val - 8 - 40; - ret = data->mtu; - } - break; -#endif -default: - ret = 0; - break; - } -#else - ret = 0; -#endif - break; - case BIO_CTRL_DGRAM_GET_FALLBACK_MTU: - switch (data->peer.sa.sa_family) { - case AF_INET: - ret = 576 - 20 - 8; - break; - case AF_INET6: -#ifdef IN6_IS_ADDR_V4MAPPED - if (IN6_IS_ADDR_V4MAPPED(&data->peer.sa_in6.sin6_addr)) - ret = 576 - 20 - 8; - else -#endif - ret = 1280 - 40 - 8; - break; - default: - ret = 576 - 20 - 8; - break; - } - break; - case BIO_CTRL_DGRAM_GET_MTU: - return data->mtu; - break; - case BIO_CTRL_DGRAM_SET_MTU: - data->mtu = num; - ret = num; - break; - case BIO_CTRL_DGRAM_SET_CONNECTED: - to = (struct sockaddr *)ptr; - - if (to != NULL) { - data->connected = 1; - switch (to->sa_family) { - case AF_INET: - memcpy(&data->peer, to, sizeof(data->peer.sa_in)); - break; - case AF_INET6: - memcpy(&data->peer, to, sizeof(data->peer.sa_in6)); - break; - default: - memcpy(&data->peer, to, sizeof(data->peer.sa)); - break; - } - } else { - data->connected = 0; - memset(&(data->peer), 0, sizeof(data->peer)); - } - break; - case BIO_CTRL_DGRAM_GET_PEER: - switch (data->peer.sa.sa_family) { - case AF_INET: - ret = sizeof(data->peer.sa_in); - break; - case AF_INET6: - ret = sizeof(data->peer.sa_in6); - break; - default: - ret = sizeof(data->peer.sa); - break; - } - if (num == 0 || num > ret) - num = ret; - memcpy(ptr, &data->peer, (ret = num)); - break; - case BIO_CTRL_DGRAM_SET_PEER: - to = (struct sockaddr *) ptr; - switch (to->sa_family) { - case AF_INET: - memcpy(&data->peer, to, sizeof(data->peer.sa_in)); - break; - case AF_INET6: - memcpy(&data->peer, to, sizeof(data->peer.sa_in6)); - break; - default: - memcpy(&data->peer, to, sizeof(data->peer.sa)); - break; - } - break; - case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT: - memcpy(&(data->next_timeout), ptr, sizeof(struct timeval)); - break; -#if defined(SO_RCVTIMEO) - case BIO_CTRL_DGRAM_SET_RECV_TIMEOUT: - if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, ptr, - sizeof(struct timeval)) < 0) { - perror("setsockopt"); - ret = -1; - } - break; - case BIO_CTRL_DGRAM_GET_RECV_TIMEOUT: - { - socklen_t sz = sizeof(struct timeval); - if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, - ptr, &sz) < 0) { - perror("getsockopt"); - ret = -1; - } else - ret = sz; - } - break; -#endif -#if defined(SO_SNDTIMEO) - case BIO_CTRL_DGRAM_SET_SEND_TIMEOUT: - if (setsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO, ptr, - sizeof(struct timeval)) < 0) { - perror("setsockopt"); - ret = -1; - } - break; - case BIO_CTRL_DGRAM_GET_SEND_TIMEOUT: - { - socklen_t sz = sizeof(struct timeval); - if (getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO, - ptr, &sz) < 0) { - perror("getsockopt"); - ret = -1; - } else - ret = sz; - } - break; -#endif - case BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP: - /* fall-through */ - case BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP: - if (data->_errno == EAGAIN) { - ret = 1; - data->_errno = 0; - } else - ret = 0; - break; -#ifdef EMSGSIZE - case BIO_CTRL_DGRAM_MTU_EXCEEDED: - if (data->_errno == EMSGSIZE) { - ret = 1; - data->_errno = 0; - } else - ret = 0; - break; -#endif - default: - ret = 0; - break; - } - return (ret); -} - -static int -dgram_puts(BIO *bp, const char *str) -{ - int n, ret; - - n = strlen(str); - ret = dgram_write(bp, str, n); - return (ret); -} - - -static int -BIO_dgram_should_retry(int i) -{ - int err; - - if ((i == 0) || (i == -1)) { - err = errno; - return (BIO_dgram_non_fatal_error(err)); - } - return (0); -} - -int -BIO_dgram_non_fatal_error(int err) -{ - switch (err) { - case EINTR: - case EAGAIN: - case EINPROGRESS: - case EALREADY: - return (1); - default: - break; - } - return (0); -} -LCRYPTO_ALIAS(BIO_dgram_non_fatal_error); - -#endif diff --git a/src/lib/libcrypto/bio/bss_fd.c b/src/lib/libcrypto/bio/bss_fd.c deleted file mode 100644 index 63eac32329..0000000000 --- a/src/lib/libcrypto/bio/bss_fd.c +++ /dev/null @@ -1,273 +0,0 @@ -/* $OpenBSD: bss_fd.c,v 1.21 2023/07/05 21:23:37 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include - -#include - -#include - -#include "bio_local.h" - -static int fd_write(BIO *h, const char *buf, int num); -static int fd_read(BIO *h, char *buf, int size); -static int fd_puts(BIO *h, const char *str); -static int fd_gets(BIO *h, char *buf, int size); -static long fd_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int fd_new(BIO *h); -static int fd_free(BIO *data); -int BIO_fd_should_retry(int s); - -static const BIO_METHOD methods_fdp = { - .type = BIO_TYPE_FD, - .name = "file descriptor", - .bwrite = fd_write, - .bread = fd_read, - .bputs = fd_puts, - .bgets = fd_gets, - .ctrl = fd_ctrl, - .create = fd_new, - .destroy = fd_free -}; - -const BIO_METHOD * -BIO_s_fd(void) -{ - return (&methods_fdp); -} -LCRYPTO_ALIAS(BIO_s_fd); - -BIO * -BIO_new_fd(int fd, int close_flag) -{ - BIO *ret; - ret = BIO_new(BIO_s_fd()); - if (ret == NULL) - return (NULL); - BIO_set_fd(ret, fd, close_flag); - return (ret); -} -LCRYPTO_ALIAS(BIO_new_fd); - -static int -fd_new(BIO *bi) -{ - bi->init = 0; - bi->num = -1; - bi->ptr = NULL; - bi->flags=0; - return (1); -} - -static int -fd_free(BIO *a) -{ - if (a == NULL) - return (0); - if (a->shutdown) { - if (a->init) { - close(a->num); - } - a->init = 0; - a->flags = 0; - } - return (1); -} - -static int -fd_read(BIO *b, char *out, int outl) -{ - int ret = 0; - - if (out != NULL) { - errno = 0; - ret = read(b->num, out, outl); - BIO_clear_retry_flags(b); - if (ret <= 0) { - if (BIO_fd_should_retry(ret)) - BIO_set_retry_read(b); - } - } - return (ret); -} - -static int -fd_write(BIO *b, const char *in, int inl) -{ - int ret; - errno = 0; - ret = write(b->num, in, inl); - BIO_clear_retry_flags(b); - if (ret <= 0) { - if (BIO_fd_should_retry(ret)) - BIO_set_retry_write(b); - } - return (ret); -} - -static long -fd_ctrl(BIO *b, int cmd, long num, void *ptr) -{ - long ret = 1; - int *ip; - - switch (cmd) { - case BIO_CTRL_RESET: - num = 0; - case BIO_C_FILE_SEEK: - ret = (long)lseek(b->num, num, 0); - break; - case BIO_C_FILE_TELL: - case BIO_CTRL_INFO: - ret = (long)lseek(b->num, 0, 1); - break; - case BIO_C_SET_FD: - fd_free(b); - b->num= *((int *)ptr); - b->shutdown = (int)num; - b->init = 1; - break; - case BIO_C_GET_FD: - if (b->init) { - ip = (int *)ptr; - if (ip != NULL) - *ip = b->num; - ret = b->num; - } else - ret = -1; - break; - case BIO_CTRL_GET_CLOSE: - ret = b->shutdown; - break; - case BIO_CTRL_SET_CLOSE: - b->shutdown = (int)num; - break; - case BIO_CTRL_PENDING: - case BIO_CTRL_WPENDING: - ret = 0; - break; - case BIO_CTRL_DUP: - case BIO_CTRL_FLUSH: - ret = 1; - break; - default: - ret = 0; - break; - } - return (ret); -} - -static int -fd_puts(BIO *bp, const char *str) -{ - int n, ret; - - n = strlen(str); - ret = fd_write(bp, str, n); - return (ret); -} - -static int -fd_gets(BIO *bp, char *buf, int size) -{ - int ret = 0; - char *ptr = buf; - char *end = buf + size - 1; - - while ((ptr < end) && (fd_read(bp, ptr, 1) > 0) && (ptr[0] != '\n')) - ptr++; - - ptr[0] = '\0'; - - if (buf[0] != '\0') - ret = strlen(buf); - return (ret); -} - -int -BIO_fd_should_retry(int i) -{ - int err; - - if ((i == 0) || (i == -1)) { - err = errno; - return (BIO_fd_non_fatal_error(err)); - } - return (0); -} -LCRYPTO_ALIAS(BIO_fd_should_retry); - -int -BIO_fd_non_fatal_error(int err) -{ - switch (err) { - case ENOTCONN: - case EINTR: - case EAGAIN: - case EINPROGRESS: - case EALREADY: - return (1); - default: - break; - } - return (0); -} -LCRYPTO_ALIAS(BIO_fd_non_fatal_error); diff --git a/src/lib/libcrypto/bio/bss_file.c b/src/lib/libcrypto/bio/bss_file.c deleted file mode 100644 index 9b6ca2bdd8..0000000000 --- a/src/lib/libcrypto/bio/bss_file.c +++ /dev/null @@ -1,325 +0,0 @@ -/* $OpenBSD: bss_file.c,v 1.35 2023/07/05 21:23:37 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* - * 03-Dec-1997 rdenny@dc3.com Fix bug preventing use of stdin/stdout - * with binary data (e.g. asn1parse -inform DER < xxx) under - * Windows - */ - -#ifndef HEADER_BSS_FILE_C -#define HEADER_BSS_FILE_C - -#if defined(__linux) || defined(__sun) || defined(__hpux) -/* Following definition aliases fopen to fopen64 on above mentioned - * platforms. This makes it possible to open and sequentially access - * files larger than 2GB from 32-bit application. It does not allow to - * traverse them beyond 2GB with fseek/ftell, but on the other hand *no* - * 32-bit platform permits that, not with fseek/ftell. Not to mention - * that breaking 2GB limit for seeking would require surgery to *our* - * API. But sequential access suffices for practical cases when you - * can run into large files, such as fingerprinting, so we can let API - * alone. For reference, the list of 32-bit platforms which allow for - * sequential access of large files without extra "magic" comprise *BSD, - * Darwin, IRIX... - */ -#ifndef _FILE_OFFSET_BITS -#define _FILE_OFFSET_BITS 64 -#endif -#endif - -#include -#include -#include - -#include -#include - -#include "bio_local.h" - -static int file_write(BIO *h, const char *buf, int num); -static int file_read(BIO *h, char *buf, int size); -static int file_puts(BIO *h, const char *str); -static int file_gets(BIO *h, char *str, int size); -static long file_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int file_new(BIO *h); -static int file_free(BIO *data); - -static const BIO_METHOD methods_filep = { - .type = BIO_TYPE_FILE, - .name = "FILE pointer", - .bwrite = file_write, - .bread = file_read, - .bputs = file_puts, - .bgets = file_gets, - .ctrl = file_ctrl, - .create = file_new, - .destroy = file_free -}; - -BIO * -BIO_new_file(const char *filename, const char *mode) -{ - BIO *ret; - FILE *file = NULL; - - file = fopen(filename, mode); - - if (file == NULL) { - SYSerror(errno); - ERR_asprintf_error_data("fopen('%s', '%s')", filename, mode); - if (errno == ENOENT) - BIOerror(BIO_R_NO_SUCH_FILE); - else - BIOerror(ERR_R_SYS_LIB); - return (NULL); - } - if ((ret = BIO_new(BIO_s_file())) == NULL) { - fclose(file); - return (NULL); - } - - BIO_set_fp(ret, file, BIO_CLOSE); - return (ret); -} -LCRYPTO_ALIAS(BIO_new_file); - -BIO * -BIO_new_fp(FILE *stream, int close_flag) -{ - BIO *ret; - - if ((ret = BIO_new(BIO_s_file())) == NULL) - return (NULL); - - BIO_set_fp(ret, stream, close_flag); - return (ret); -} -LCRYPTO_ALIAS(BIO_new_fp); - -const BIO_METHOD * -BIO_s_file(void) -{ - return (&methods_filep); -} -LCRYPTO_ALIAS(BIO_s_file); - -static int -file_new(BIO *bi) -{ - bi->init = 0; - bi->num = 0; - bi->ptr = NULL; - bi->flags=0; - return (1); -} - -static int -file_free(BIO *a) -{ - if (a == NULL) - return (0); - if (a->shutdown) { - if ((a->init) && (a->ptr != NULL)) { - fclose (a->ptr); - a->ptr = NULL; - a->flags = 0; - } - a->init = 0; - } - return (1); -} - -static int -file_read(BIO *b, char *out, int outl) -{ - int ret = 0; - - if (b->init && out != NULL) { - ret = fread(out, 1, outl, (FILE *)b->ptr); - if (ret == 0 && ferror((FILE *)b->ptr)) { - SYSerror(errno); - BIOerror(ERR_R_SYS_LIB); - ret = -1; - } - } - return (ret); -} - -static int -file_write(BIO *b, const char *in, int inl) -{ - int ret = 0; - - if (b->init && in != NULL) - ret = fwrite(in, 1, inl, (FILE *)b->ptr); - return (ret); -} - -static long -file_ctrl(BIO *b, int cmd, long num, void *ptr) -{ - long ret = 1; - FILE *fp = (FILE *)b->ptr; - FILE **fpp; - char p[4]; - - switch (cmd) { - case BIO_C_FILE_SEEK: - case BIO_CTRL_RESET: - ret = (long)fseek(fp, num, 0); - break; - case BIO_CTRL_EOF: - ret = (long)feof(fp); - break; - case BIO_C_FILE_TELL: - case BIO_CTRL_INFO: - ret = ftell(fp); - break; - case BIO_C_SET_FILE_PTR: - file_free(b); - b->shutdown = (int)num&BIO_CLOSE; - b->ptr = ptr; - b->init = 1; - break; - case BIO_C_SET_FILENAME: - file_free(b); - b->shutdown = (int)num&BIO_CLOSE; - if (num & BIO_FP_APPEND) { - if (num & BIO_FP_READ) - strlcpy(p, "a+", sizeof p); - else strlcpy(p, "a", sizeof p); - } else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE)) - strlcpy(p, "r+", sizeof p); - else if (num & BIO_FP_WRITE) - strlcpy(p, "w", sizeof p); - else if (num & BIO_FP_READ) - strlcpy(p, "r", sizeof p); - else { - BIOerror(BIO_R_BAD_FOPEN_MODE); - ret = 0; - break; - } - fp = fopen(ptr, p); - if (fp == NULL) { - SYSerror(errno); - ERR_asprintf_error_data("fopen('%s', '%s')", ptr, p); - BIOerror(ERR_R_SYS_LIB); - ret = 0; - break; - } - b->ptr = fp; - b->init = 1; - break; - case BIO_C_GET_FILE_PTR: - /* the ptr parameter is actually a FILE ** in this case. */ - if (ptr != NULL) { - fpp = (FILE **)ptr; - *fpp = (FILE *)b->ptr; - } - break; - case BIO_CTRL_GET_CLOSE: - ret = (long)b->shutdown; - break; - case BIO_CTRL_SET_CLOSE: - b->shutdown = (int)num; - break; - case BIO_CTRL_FLUSH: - fflush((FILE *)b->ptr); - break; - case BIO_CTRL_DUP: - ret = 1; - break; - - case BIO_CTRL_WPENDING: - case BIO_CTRL_PENDING: - case BIO_CTRL_PUSH: - case BIO_CTRL_POP: - default: - ret = 0; - break; - } - return (ret); -} - -static int -file_gets(BIO *bp, char *buf, int size) -{ - int ret = 0; - - buf[0] = '\0'; - if (!fgets(buf, size,(FILE *)bp->ptr)) - goto err; - if (buf[0] != '\0') - ret = strlen(buf); -err: - return (ret); -} - -static int -file_puts(BIO *bp, const char *str) -{ - int n, ret; - - n = strlen(str); - ret = file_write(bp, str, n); - return (ret); -} - - -#endif /* HEADER_BSS_FILE_C */ diff --git a/src/lib/libcrypto/bio/bss_log.c b/src/lib/libcrypto/bio/bss_log.c deleted file mode 100644 index 9e2e882646..0000000000 --- a/src/lib/libcrypto/bio/bss_log.c +++ /dev/null @@ -1,216 +0,0 @@ -/* $OpenBSD: bss_log.c,v 1.24 2023/07/05 21:23:37 beck Exp $ */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* - Why BIO_s_log? - - BIO_s_log is useful for system daemons (or services under NT). - It is one-way BIO, it sends all stuff to syslogd (on system that - commonly use that), or event log (on NT), or OPCOM (on OpenVMS). - -*/ - -#include -#include -#include -#include - -#include -#include - -#include "bio_local.h" - -#ifndef NO_SYSLOG - -static int slg_write(BIO *h, const char *buf, int num); -static int slg_puts(BIO *h, const char *str); -static long slg_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int slg_new(BIO *h); -static int slg_free(BIO *data); -static void xopenlog(BIO* bp, char* name, int level); -static void xsyslog(BIO* bp, int priority, const char* string); -static void xcloselog(BIO* bp); - -static const BIO_METHOD methods_slg = { - .type = BIO_TYPE_MEM, - .name = "syslog", - .bwrite = slg_write, - .bputs = slg_puts, - .ctrl = slg_ctrl, - .create = slg_new, - .destroy = slg_free -}; - -const BIO_METHOD * -BIO_s_log(void) -{ - return (&methods_slg); -} -LCRYPTO_ALIAS(BIO_s_log); - -static int -slg_new(BIO *bi) -{ - bi->init = 1; - bi->num = 0; - bi->ptr = NULL; - xopenlog(bi, "application", LOG_DAEMON); - return (1); -} - -static int -slg_free(BIO *a) -{ - if (a == NULL) - return (0); - xcloselog(a); - return (1); -} - -static int -slg_write(BIO *b, const char *in, int inl) -{ - int ret = inl; - char* buf; - char* pp; - int priority, i; - static const struct { - int strl; - char str[10]; - int log_level; - } - mapping[] = { - { 6, "PANIC ", LOG_EMERG }, - { 6, "EMERG ", LOG_EMERG }, - { 4, "EMR ", LOG_EMERG }, - { 6, "ALERT ", LOG_ALERT }, - { 4, "ALR ", LOG_ALERT }, - { 5, "CRIT ", LOG_CRIT }, - { 4, "CRI ", LOG_CRIT }, - { 6, "ERROR ", LOG_ERR }, - { 4, "ERR ", LOG_ERR }, - { 8, "WARNING ", LOG_WARNING }, - { 5, "WARN ", LOG_WARNING }, - { 4, "WAR ", LOG_WARNING }, - { 7, "NOTICE ", LOG_NOTICE }, - { 5, "NOTE ", LOG_NOTICE }, - { 4, "NOT ", LOG_NOTICE }, - { 5, "INFO ", LOG_INFO }, - { 4, "INF ", LOG_INFO }, - { 6, "DEBUG ", LOG_DEBUG }, - { 4, "DBG ", LOG_DEBUG }, - { 0, "", LOG_ERR } /* The default */ - }; - - if ((buf = malloc(inl + 1)) == NULL) { - return (0); - } - strlcpy(buf, in, inl + 1); - i = 0; - while (strncmp(buf, mapping[i].str, mapping[i].strl) != 0) - i++; - priority = mapping[i].log_level; - pp = buf + mapping[i].strl; - - xsyslog(b, priority, pp); - - free(buf); - return (ret); -} - -static long -slg_ctrl(BIO *b, int cmd, long num, void *ptr) -{ - switch (cmd) { - case BIO_CTRL_SET: - xcloselog(b); - xopenlog(b, ptr, num); - break; - default: - break; - } - return (0); -} - -static int -slg_puts(BIO *bp, const char *str) -{ - int n, ret; - - n = strlen(str); - ret = slg_write(bp, str, n); - return (ret); -} - - -static void -xopenlog(BIO* bp, char* name, int level) -{ - openlog(name, LOG_PID|LOG_CONS, level); -} - -static void -xsyslog(BIO *bp, int priority, const char *string) -{ - syslog(priority, "%s", string); -} - -static void -xcloselog(BIO* bp) -{ - closelog(); -} - -#endif /* NO_SYSLOG */ diff --git a/src/lib/libcrypto/bio/bss_mem.c b/src/lib/libcrypto/bio/bss_mem.c deleted file mode 100644 index 6d0d54db84..0000000000 --- a/src/lib/libcrypto/bio/bss_mem.c +++ /dev/null @@ -1,367 +0,0 @@ -/* $OpenBSD: bss_mem.c,v 1.22 2023/07/05 21:23:37 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include - -#include -#include -#include - -#include "bio_local.h" - -struct bio_mem { - BUF_MEM *buf; - size_t read_offset; -}; - -static size_t -bio_mem_pending(struct bio_mem *bm) -{ - if (bm->read_offset > bm->buf->length) - return 0; - - return bm->buf->length - bm->read_offset; -} - -static uint8_t * -bio_mem_read_ptr(struct bio_mem *bm) -{ - return &bm->buf->data[bm->read_offset]; -} - -static int mem_new(BIO *bio); -static int mem_free(BIO *bio); -static int mem_write(BIO *bio, const char *in, int in_len); -static int mem_read(BIO *bio, char *out, int out_len); -static int mem_puts(BIO *bio, const char *in); -static int mem_gets(BIO *bio, char *out, int out_len); -static long mem_ctrl(BIO *bio, int cmd, long arg1, void *arg2); - -static const BIO_METHOD mem_method = { - .type = BIO_TYPE_MEM, - .name = "memory buffer", - .bwrite = mem_write, - .bread = mem_read, - .bputs = mem_puts, - .bgets = mem_gets, - .ctrl = mem_ctrl, - .create = mem_new, - .destroy = mem_free -}; - -/* - * bio->num is used to hold the value to return on 'empty', if it is - * 0, should_retry is not set. - */ - -const BIO_METHOD * -BIO_s_mem(void) -{ - return &mem_method; -} -LCRYPTO_ALIAS(BIO_s_mem); - -BIO * -BIO_new_mem_buf(const void *buf, int buf_len) -{ - struct bio_mem *bm; - BIO *bio; - - if (buf == NULL) { - BIOerror(BIO_R_NULL_PARAMETER); - return NULL; - } - if (buf_len == -1) - buf_len = strlen(buf); - if (buf_len < 0) { - BIOerror(BIO_R_INVALID_ARGUMENT); - return NULL; - } - - if ((bio = BIO_new(BIO_s_mem())) == NULL) - return NULL; - - bm = bio->ptr; - bm->buf->data = (void *)buf; /* Trust in the BIO_FLAGS_MEM_RDONLY flag. */ - bm->buf->length = buf_len; - bm->buf->max = buf_len; - bio->flags |= BIO_FLAGS_MEM_RDONLY; - /* Since this is static data retrying will not help. */ - bio->num = 0; - - return bio; -} -LCRYPTO_ALIAS(BIO_new_mem_buf); - -static int -mem_new(BIO *bio) -{ - struct bio_mem *bm; - - if ((bm = calloc(1, sizeof(*bm))) == NULL) - return 0; - if ((bm->buf = BUF_MEM_new()) == NULL) { - free(bm); - return 0; - } - - bio->shutdown = 1; - bio->init = 1; - bio->num = -1; - bio->ptr = bm; - - return 1; -} - -static int -mem_free(BIO *bio) -{ - struct bio_mem *bm; - - if (bio == NULL) - return 0; - if (!bio->init || bio->ptr == NULL) - return 1; - - bm = bio->ptr; - if (bio->shutdown) { - if (bio->flags & BIO_FLAGS_MEM_RDONLY) - bm->buf->data = NULL; - BUF_MEM_free(bm->buf); - } - free(bm); - bio->ptr = NULL; - - return 1; -} - -static int -mem_read(BIO *bio, char *out, int out_len) -{ - struct bio_mem *bm = bio->ptr; - - BIO_clear_retry_flags(bio); - - if (out == NULL || out_len <= 0) - return 0; - - if ((size_t)out_len > bio_mem_pending(bm)) - out_len = bio_mem_pending(bm); - - if (out_len == 0) { - if (bio->num != 0) - BIO_set_retry_read(bio); - return bio->num; - } - - memcpy(out, bio_mem_read_ptr(bm), out_len); - bm->read_offset += out_len; - - return out_len; -} - -static int -mem_write(BIO *bio, const char *in, int in_len) -{ - struct bio_mem *bm = bio->ptr; - size_t buf_len; - - BIO_clear_retry_flags(bio); - - if (in == NULL || in_len <= 0) - return 0; - - if (bio->flags & BIO_FLAGS_MEM_RDONLY) { - BIOerror(BIO_R_WRITE_TO_READ_ONLY_BIO); - return -1; - } - - if (bm->read_offset > 4096) { - memmove(bm->buf->data, bio_mem_read_ptr(bm), - bio_mem_pending(bm)); - bm->buf->length = bio_mem_pending(bm); - bm->read_offset = 0; - } - - /* - * Check for overflow and ensure we do not exceed an int, otherwise we - * cannot tell if BUF_MEM_grow_clean() succeeded. - */ - buf_len = bm->buf->length + in_len; - if (buf_len < bm->buf->length || buf_len > INT_MAX) - return -1; - - if (BUF_MEM_grow_clean(bm->buf, buf_len) != buf_len) - return -1; - - memcpy(&bm->buf->data[buf_len - in_len], in, in_len); - - return in_len; -} - -static long -mem_ctrl(BIO *bio, int cmd, long num, void *ptr) -{ - struct bio_mem *bm = bio->ptr; - void **pptr; - long ret = 1; - - switch (cmd) { - case BIO_CTRL_RESET: - if (bm->buf->data != NULL) { - if (!(bio->flags & BIO_FLAGS_MEM_RDONLY)) { - memset(bm->buf->data, 0, bm->buf->max); - bm->buf->length = 0; - } - bm->read_offset = 0; - } - break; - case BIO_CTRL_EOF: - ret = (long)(bio_mem_pending(bm) == 0); - break; - case BIO_C_SET_BUF_MEM_EOF_RETURN: - bio->num = (int)num; - break; - case BIO_CTRL_INFO: - if (ptr != NULL) { - pptr = (void **)ptr; - *pptr = bio_mem_read_ptr(bm); - } - ret = (long)bio_mem_pending(bm); - break; - case BIO_C_SET_BUF_MEM: - BUF_MEM_free(bm->buf); - bio->shutdown = (int)num; - bm->buf = ptr; - bm->read_offset = 0; - break; - case BIO_C_GET_BUF_MEM_PTR: - if (ptr != NULL) { - pptr = (void **)ptr; - *pptr = bm->buf; - } - break; - case BIO_CTRL_GET_CLOSE: - ret = (long)bio->shutdown; - break; - case BIO_CTRL_SET_CLOSE: - bio->shutdown = (int)num; - break; - case BIO_CTRL_WPENDING: - ret = 0L; - break; - case BIO_CTRL_PENDING: - ret = (long)bio_mem_pending(bm); - break; - case BIO_CTRL_DUP: - case BIO_CTRL_FLUSH: - ret = 1; - break; - case BIO_CTRL_PUSH: - case BIO_CTRL_POP: - default: - ret = 0; - break; - } - return ret; -} - -static int -mem_gets(BIO *bio, char *out, int out_len) -{ - struct bio_mem *bm = bio->ptr; - int i, out_max; - char *p; - int ret = -1; - - BIO_clear_retry_flags(bio); - - out_max = bio_mem_pending(bm); - if (out_len - 1 < out_max) - out_max = out_len - 1; - if (out_max <= 0) { - *out = '\0'; - return 0; - } - - p = bio_mem_read_ptr(bm); - for (i = 0; i < out_max; i++) { - if (p[i] == '\n') { - i++; - break; - } - } - - /* - * i is now the max num of bytes to copy, either out_max or up to and - * including the first newline - */ - if ((ret = mem_read(bio, out, i)) > 0) - out[ret] = '\0'; - - return ret; -} - -static int -mem_puts(BIO *bio, const char *in) -{ - return mem_write(bio, in, strlen(in)); -} diff --git a/src/lib/libcrypto/bio/bss_null.c b/src/lib/libcrypto/bio/bss_null.c deleted file mode 100644 index 5f9340967b..0000000000 --- a/src/lib/libcrypto/bio/bss_null.c +++ /dev/null @@ -1,161 +0,0 @@ -/* $OpenBSD: bss_null.c,v 1.13 2023/07/05 21:23:37 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include - -#include "bio_local.h" - -static int null_write(BIO *h, const char *buf, int num); -static int null_read(BIO *h, char *buf, int size); -static int null_puts(BIO *h, const char *str); -static int null_gets(BIO *h, char *str, int size); -static long null_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int null_new(BIO *h); -static int null_free(BIO *data); - -static const BIO_METHOD null_method = { - .type = BIO_TYPE_NULL, - .name = "NULL", - .bwrite = null_write, - .bread = null_read, - .bputs = null_puts, - .bgets = null_gets, - .ctrl = null_ctrl, - .create = null_new, - .destroy = null_free -}; - -const BIO_METHOD * -BIO_s_null(void) -{ - return (&null_method); -} -LCRYPTO_ALIAS(BIO_s_null); - -static int -null_new(BIO *bi) -{ - bi->init = 1; - bi->num = 0; - bi->ptr = (NULL); - return (1); -} - -static int -null_free(BIO *a) -{ - if (a == NULL) - return (0); - return (1); -} - -static int -null_read(BIO *b, char *out, int outl) -{ - return (0); -} - -static int -null_write(BIO *b, const char *in, int inl) -{ - return (inl); -} - -static long -null_ctrl(BIO *b, int cmd, long num, void *ptr) -{ - long ret = 1; - - switch (cmd) { - case BIO_CTRL_RESET: - case BIO_CTRL_EOF: - case BIO_CTRL_SET: - case BIO_CTRL_SET_CLOSE: - case BIO_CTRL_FLUSH: - case BIO_CTRL_DUP: - ret = 1; - break; - case BIO_CTRL_GET_CLOSE: - case BIO_CTRL_INFO: - case BIO_CTRL_GET: - case BIO_CTRL_PENDING: - case BIO_CTRL_WPENDING: - default: - ret = 0; - break; - } - return (ret); -} - -static int -null_gets(BIO *bp, char *buf, int size) -{ - return (0); -} - -static int -null_puts(BIO *bp, const char *str) -{ - if (str == NULL) - return (0); - return (strlen(str)); -} diff --git a/src/lib/libcrypto/bio/bss_sock.c b/src/lib/libcrypto/bio/bss_sock.c deleted file mode 100644 index 79194a7e5e..0000000000 --- a/src/lib/libcrypto/bio/bss_sock.c +++ /dev/null @@ -1,244 +0,0 @@ -/* $OpenBSD: bss_sock.c,v 1.27 2023/08/07 10:54:14 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include -#include -#include - -#include - -#include "bio_local.h" - -static int sock_write(BIO *h, const char *buf, int num); -static int sock_read(BIO *h, char *buf, int size); -static int sock_puts(BIO *h, const char *str); -static long sock_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int sock_new(BIO *h); -static int sock_free(BIO *data); -int BIO_sock_should_retry(int s); - -static const BIO_METHOD methods_sockp = { - .type = BIO_TYPE_SOCKET, - .name = "socket", - .bwrite = sock_write, - .bread = sock_read, - .bputs = sock_puts, - .ctrl = sock_ctrl, - .create = sock_new, - .destroy = sock_free -}; - -const BIO_METHOD * -BIO_s_socket(void) -{ - return (&methods_sockp); -} -LCRYPTO_ALIAS(BIO_s_socket); - -BIO * -BIO_new_socket(int fd, int close_flag) -{ - BIO *ret; - - ret = BIO_new(BIO_s_socket()); - if (ret == NULL) - return (NULL); - BIO_set_fd(ret, fd, close_flag); - return (ret); -} -LCRYPTO_ALIAS(BIO_new_socket); - -static int -sock_new(BIO *bi) -{ - bi->init = 0; - bi->num = 0; - bi->ptr = NULL; - bi->flags = 0; - return (1); -} - -static int -sock_free(BIO *a) -{ - if (a == NULL) - return (0); - if (a->shutdown) { - if (a->init) { - shutdown(a->num, SHUT_RDWR); - close(a->num); - } - a->init = 0; - a->flags = 0; - } - return (1); -} - -static int -sock_read(BIO *b, char *out, int outl) -{ - int ret = 0; - - if (out != NULL) { - errno = 0; - ret = read(b->num, out, outl); - BIO_clear_retry_flags(b); - if (ret <= 0) { - if (BIO_sock_should_retry(ret)) - BIO_set_retry_read(b); - } - } - return (ret); -} - -static int -sock_write(BIO *b, const char *in, int inl) -{ - int ret; - - errno = 0; - ret = write(b->num, in, inl); - BIO_clear_retry_flags(b); - if (ret <= 0) { - if (BIO_sock_should_retry(ret)) - BIO_set_retry_write(b); - } - return (ret); -} - -static long -sock_ctrl(BIO *b, int cmd, long num, void *ptr) -{ - long ret = 1; - int *ip; - - switch (cmd) { - case BIO_C_SET_FD: - sock_free(b); - b->num = *((int *)ptr); - b->shutdown = (int)num; - b->init = 1; - break; - case BIO_C_GET_FD: - if (b->init) { - ip = (int *)ptr; - if (ip != NULL) - *ip = b->num; - ret = b->num; - } else - ret = -1; - break; - case BIO_CTRL_GET_CLOSE: - ret = b->shutdown; - break; - case BIO_CTRL_SET_CLOSE: - b->shutdown = (int)num; - break; - case BIO_CTRL_DUP: - case BIO_CTRL_FLUSH: - ret = 1; - break; - default: - ret = 0; - break; - } - return (ret); -} - -static int -sock_puts(BIO *bp, const char *str) -{ - int n, ret; - - n = strlen(str); - ret = sock_write(bp, str, n); - return (ret); -} - -int -BIO_sock_should_retry(int i) -{ - int err; - - if ((i == 0) || (i == -1)) { - err = errno; - return (BIO_sock_non_fatal_error(err)); - } - return (0); -} -LCRYPTO_ALIAS(BIO_sock_should_retry); - -int -BIO_sock_non_fatal_error(int err) -{ - switch (err) { - case ENOTCONN: - case EINTR: - case EAGAIN: - case EINPROGRESS: - case EALREADY: - return (1); - default: - break; - } - return (0); -} -LCRYPTO_ALIAS(BIO_sock_non_fatal_error); diff --git a/src/lib/libcrypto/bn/arch/aarch64/bn_arch.h b/src/lib/libcrypto/bn/arch/aarch64/bn_arch.h deleted file mode 100644 index fe6f8a3aea..0000000000 --- a/src/lib/libcrypto/bn/arch/aarch64/bn_arch.h +++ /dev/null @@ -1,369 +0,0 @@ -/* $OpenBSD: bn_arch.h,v 1.13 2023/07/24 10:21:29 jsing Exp $ */ -/* - * Copyright (c) 2023 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#ifndef HEADER_BN_ARCH_H -#define HEADER_BN_ARCH_H - -#ifndef OPENSSL_NO_ASM - -#if defined(__GNUC__) - -#define HAVE_BN_CLZW - -static inline int -bn_clzw(BN_ULONG w) -{ - BN_ULONG n; - - __asm__ ("clz %[n], %[w]" - : [n]"=r"(n) - : [w]"r"(w)); - - return n; -} - -#define HAVE_BN_ADDW - -static inline void -bn_addw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULONG carry, r0; - - __asm__ ( - "adds %[r0], %[a], %[b] \n" - "cset %[carry], cs \n" - : [carry]"=r"(carry), [r0]"=r"(r0) - : [a]"r"(a), [b]"r"(b) - : "cc"); - - *out_r1 = carry; - *out_r0 = r0; -} - -#define HAVE_BN_ADDW_ADDW - -static inline void -bn_addw_addw(BN_ULONG a, BN_ULONG b, BN_ULONG c, BN_ULONG *out_r1, - BN_ULONG *out_r0) -{ - BN_ULONG carry, r0; - - __asm__ ( - "adds %[r0], %[a], %[b] \n" - "cset %[carry], cs \n" - "adds %[r0], %[r0], %[c] \n" - "cinc %[carry], %[carry], cs \n" - : [carry]"=&r"(carry), [r0]"=&r"(r0) - : [a]"r"(a), [b]"r"(b), [c]"r"(c) - : "cc"); - - *out_r1 = carry; - *out_r0 = r0; -} - -#define HAVE_BN_QWADDQW - -static inline void -bn_qwaddqw(BN_ULONG a3, BN_ULONG a2, BN_ULONG a1, BN_ULONG a0, BN_ULONG b3, - BN_ULONG b2, BN_ULONG b1, BN_ULONG b0, BN_ULONG carry, BN_ULONG *out_carry, - BN_ULONG *out_r3, BN_ULONG *out_r2, BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULONG r3, r2, r1, r0; - - __asm__ ( - "adds xzr, %[carry], #-1 \n" - "adcs %[r0], %[a0], %[b0] \n" - "adcs %[r1], %[a1], %[b1] \n" - "adcs %[r2], %[a2], %[b2] \n" - "adcs %[r3], %[a3], %[b3] \n" - "cset %[carry], cs \n" - : [carry]"+r"(carry), [r3]"=&r"(r3), [r2]"=&r"(r2), - [r1]"=&r"(r1), [r0]"=&r"(r0) - : [a3]"r"(a3), [a2]"r"(a2), [a1]"r"(a1), [a0]"r"(a0), - [b3]"r"(b3), [b2]"r"(b2), [b1]"r"(b1), [b0]"r"(b0) - : "cc"); - - *out_carry = carry; - *out_r3 = r3; - *out_r2 = r2; - *out_r1 = r1; - *out_r0 = r0; -} - -#define HAVE_BN_MULW - -static inline void -bn_mulw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULONG r1, r0; - - /* Unsigned multiplication using a umulh/mul pair. */ - __asm__ ( - "umulh %[r1], %[a], %[b] \n" - "mul %[r0], %[a], %[b] \n" - : [r1]"=&r"(r1), [r0]"=r"(r0) - : [a]"r"(a), [b]"r"(b)); - - *out_r1 = r1; - *out_r0 = r0; -} - -#define HAVE_BN_MULW_ADDW - -static inline void -bn_mulw_addw(BN_ULONG a, BN_ULONG b, BN_ULONG c, BN_ULONG *out_r1, - BN_ULONG *out_r0) -{ - BN_ULONG r1, r0; - - __asm__ ( - "umulh %[r1], %[a], %[b] \n" - "mul %[r0], %[a], %[b] \n" - "adds %[r0], %[r0], %[c] \n" - "adc %[r1], %[r1], xzr \n" - : [r1]"=&r"(r1), [r0]"=&r"(r0) - : [a]"r"(a), [b]"r"(b), [c]"r"(c) - : "cc"); - - *out_r1 = r1; - *out_r0 = r0; -} - -#define HAVE_BN_MULW_ADDW_ADDW - -static inline void -bn_mulw_addw_addw(BN_ULONG a, BN_ULONG b, BN_ULONG c, BN_ULONG d, - BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULONG r1, r0; - - __asm__ ( - "umulh %[r1], %[a], %[b] \n" - "mul %[r0], %[a], %[b] \n" - "adds %[r0], %[r0], %[c] \n" - "adc %[r1], %[r1], xzr \n" - "adds %[r0], %[r0], %[d] \n" - "adc %[r1], %[r1], xzr \n" - : [r1]"=&r"(r1), [r0]"=&r"(r0) - : [a]"r"(a), [b]"r"(b), [c]"r"(c), [d]"r"(d) - : "cc"); - - *out_r1 = r1; - *out_r0 = r0; -} - -#define HAVE_BN_MULW_ADDTW - -static inline void -bn_mulw_addtw(BN_ULONG a, BN_ULONG b, BN_ULONG c2, BN_ULONG c1, BN_ULONG c0, - BN_ULONG *out_r2, BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULONG r2, r1, r0; - - __asm__ ( - "umulh %[r1], %[a], %[b] \n" - "mul %[r0], %[a], %[b] \n" - "adds %[r0], %[r0], %[c0] \n" - "adcs %[r1], %[r1], %[c1] \n" - "adc %[r2], xzr, %[c2] \n" - : [r2]"=&r"(r2), [r1]"=&r"(r1), [r0]"=&r"(r0) - : [a]"r"(a), [b]"r"(b), [c2]"r"(c2), [c1]"r"(c1), [c0]"r"(c0) - : "cc"); - - *out_r2 = r2; - *out_r1 = r1; - *out_r0 = r0; -} - -#define HAVE_BN_MUL2_MULW_ADDTW - -static inline void -bn_mul2_mulw_addtw(BN_ULONG a, BN_ULONG b, BN_ULONG c2, BN_ULONG c1, BN_ULONG c0, - BN_ULONG *out_r2, BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULONG r2, r1, r0, x1, x0; - - __asm__ ( - "umulh %[x1], %[a], %[b] \n" - "mul %[x0], %[a], %[b] \n" - "adds %[r0], %[c0], %[x0] \n" - "adcs %[r1], %[c1], %[x1] \n" - "adc %[r2], xzr, %[c2] \n" - "adds %[r0], %[r0], %[x0] \n" - "adcs %[r1], %[r1], %[x1] \n" - "adc %[r2], xzr, %[r2] \n" - : [r2]"=&r"(r2), [r1]"=&r"(r1), [r0]"=&r"(r0), [x1]"=&r"(x1), - [x0]"=&r"(x0) - : [a]"r"(a), [b]"r"(b), [c2]"r"(c2), [c1]"r"(c1), [c0]"r"(c0) - : "cc"); - - *out_r2 = r2; - *out_r1 = r1; - *out_r0 = r0; -} - -#define HAVE_BN_QWMULW_ADDW - -static inline void -bn_qwmulw_addw(BN_ULONG a3, BN_ULONG a2, BN_ULONG a1, BN_ULONG a0, BN_ULONG b, - BN_ULONG c, BN_ULONG *out_r4, BN_ULONG *out_r3, BN_ULONG *out_r2, - BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULONG r4, r3, r2, r1, r0; - - __asm__ ( - "umulh %[r1], %[a0], %[b] \n" - "mul %[r0], %[a0], %[b] \n" - "adds %[r0], %[r0], %[c] \n" - "umulh %[r2], %[a1], %[b] \n" - "mul %[c], %[a1], %[b] \n" - "adcs %[r1], %[r1], %[c] \n" - "umulh %[r3], %[a2], %[b] \n" - "mul %[c], %[a2], %[b] \n" - "adcs %[r2], %[r2], %[c] \n" - "umulh %[r4], %[a3], %[b] \n" - "mul %[c], %[a3], %[b] \n" - "adcs %[r3], %[r3], %[c] \n" - "adc %[r4], %[r4], xzr \n" - : [c]"+&r"(c), [r4]"=&r"(r4), [r3]"=&r"(r3), [r2]"=&r"(r2), - [r1]"=&r"(r1), [r0]"=&r"(r0) - : [a3]"r"(a3), [a2]"r"(a2), [a1]"r"(a1), [a0]"r"(a0), [b]"r"(b) - : "cc"); - - *out_r4 = r4; - *out_r3 = r3; - *out_r2 = r2; - *out_r1 = r1; - *out_r0 = r0; -} - -#define HAVE_BN_QWMULW_ADDQW_ADDW - -static inline void -bn_qwmulw_addqw_addw(BN_ULONG a3, BN_ULONG a2, BN_ULONG a1, BN_ULONG a0, - BN_ULONG b, BN_ULONG c3, BN_ULONG c2, BN_ULONG c1, BN_ULONG c0, BN_ULONG d, - BN_ULONG *out_r4, BN_ULONG *out_r3, BN_ULONG *out_r2, BN_ULONG *out_r1, - BN_ULONG *out_r0) -{ - BN_ULONG r4, r3, r2, r1, r0; - - __asm__ ( - "umulh %[r1], %[a0], %[b] \n" - "mul %[r0], %[a0], %[b] \n" - "adds %[r0], %[r0], %[d] \n" - "umulh %[r2], %[a1], %[b] \n" - "mul %[d], %[a1], %[b] \n" - "adcs %[r1], %[r1], %[d] \n" - "umulh %[r3], %[a2], %[b] \n" - "mul %[d], %[a2], %[b] \n" - "adcs %[r2], %[r2], %[d] \n" - "umulh %[r4], %[a3], %[b] \n" - "mul %[d], %[a3], %[b] \n" - "adcs %[r3], %[r3], %[d] \n" - "adc %[r4], %[r4], xzr \n" - "adds %[r0], %[r0], %[c0] \n" - "adcs %[r1], %[r1], %[c1] \n" - "adcs %[r2], %[r2], %[c2] \n" - "adcs %[r3], %[r3], %[c3] \n" - "adc %[r4], %[r4], xzr \n" - : [d]"+&r"(d), [r4]"=&r"(r4), [r3]"=&r"(r3), [r2]"=&r"(r2), - [r1]"=&r"(r1), [r0]"=&r"(r0) - : [a3]"r"(a3), [a2]"r"(a2), [a1]"r"(a1), [a0]"r"(a0), [b]"r"(b), - [c3]"r"(c3), [c2]"r"(c2), [c1]"r"(c1), [c0]"r"(c0) - : "cc"); - - *out_r4 = r4; - *out_r3 = r3; - *out_r2 = r2; - *out_r1 = r1; - *out_r0 = r0; -} - -#define HAVE_BN_SUBW - -static inline void -bn_subw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_borrow, BN_ULONG *out_r0) -{ - BN_ULONG borrow, r0; - - __asm__ ( - "subs %[r0], %[a], %[b] \n" - "cset %[borrow], cc \n" - : [borrow]"=r"(borrow), [r0]"=r"(r0) - : [a]"r"(a), [b]"r"(b) - : "cc"); - - *out_borrow = borrow; - *out_r0 = r0; -} - -#define HAVE_BN_SUBW_SUBW - -static inline void -bn_subw_subw(BN_ULONG a, BN_ULONG b, BN_ULONG c, BN_ULONG *out_borrow, - BN_ULONG *out_r0) -{ - BN_ULONG borrow, r0; - - __asm__ ( - "subs %[r0], %[a], %[b] \n" - "cset %[borrow], cc \n" - "subs %[r0], %[r0], %[c] \n" - "cinc %[borrow], %[borrow], cc \n" - : [borrow]"=&r"(borrow), [r0]"=&r"(r0) - : [a]"r"(a), [b]"r"(b), [c]"r"(c) - : "cc"); - - *out_borrow = borrow; - *out_r0 = r0; -} - -#define HAVE_BN_QWSUBQW - -static inline void -bn_qwsubqw(BN_ULONG a3, BN_ULONG a2, BN_ULONG a1, BN_ULONG a0, BN_ULONG b3, - BN_ULONG b2, BN_ULONG b1, BN_ULONG b0, BN_ULONG borrow, BN_ULONG *out_borrow, - BN_ULONG *out_r3, BN_ULONG *out_r2, BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULONG r3, r2, r1, r0; - - __asm__ ( - "subs xzr, xzr, %[borrow] \n" - "sbcs %[r0], %[a0], %[b0] \n" - "sbcs %[r1], %[a1], %[b1] \n" - "sbcs %[r2], %[a2], %[b2] \n" - "sbcs %[r3], %[a3], %[b3] \n" - "cset %[borrow], cc \n" - : [borrow]"+r"(borrow), [r3]"=&r"(r3), [r2]"=&r"(r2), - [r1]"=&r"(r1), [r0]"=&r"(r0) - : [a3]"r"(a3), [a2]"r"(a2), [a1]"r"(a1), [a0]"r"(a0), - [b3]"r"(b3), [b2]"r"(b2), [b1]"r"(b1), [b0]"r"(b0) - : "cc"); - - *out_borrow = borrow; - *out_r3 = r3; - *out_r2 = r2; - *out_r1 = r1; - *out_r0 = r0; -} - -#endif /* __GNUC__ */ - -#endif -#endif diff --git a/src/lib/libcrypto/bn/arch/alpha/bn_arch.h b/src/lib/libcrypto/bn/arch/alpha/bn_arch.h deleted file mode 100644 index 5bf4ba8722..0000000000 --- a/src/lib/libcrypto/bn/arch/alpha/bn_arch.h +++ /dev/null @@ -1,44 +0,0 @@ -/* $OpenBSD: bn_arch.h,v 1.4 2023/02/16 10:41:03 jsing Exp $ */ -/* - * Copyright (c) 2023 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_BN_ARCH_H -#define HEADER_BN_ARCH_H - -#ifndef OPENSSL_NO_ASM - -#if 0 /* Needs testing and enabling. */ -#if defined(__GNUC__) -#define HAVE_BN_MULW - -static inline void -bn_mulw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULONG r1, r0; - - /* Unsigned multiplication using a umulh/mulq pair. */ - __asm__ ("umulh %2, %3, %0; mulq %2, %3, %1" - : "=&r"(r1), "=r"(r0) - : "r"(a), "r"(b)); - - *out_r1 = r1; - *out_r0 = r0; -} -#endif /* __GNUC__ */ -#endif - -#endif -#endif diff --git a/src/lib/libcrypto/bn/arch/amd64/bignum_add.S b/src/lib/libcrypto/bn/arch/amd64/bignum_add.S deleted file mode 100644 index 5fe4aae7a1..0000000000 --- a/src/lib/libcrypto/bn/arch/amd64/bignum_add.S +++ /dev/null @@ -1,165 +0,0 @@ -// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. -// -// Permission to use, copy, modify, and/or distribute this software for any -// purpose with or without fee is hereby granted, provided that the above -// copyright notice and this permission notice appear in all copies. -// -// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -// ---------------------------------------------------------------------------- -// Add, z := x + y -// Inputs x[m], y[n]; outputs function return (carry-out) and z[p] -// -// extern uint64_t bignum_add -// (uint64_t p, uint64_t *z, -// uint64_t m, uint64_t *x, uint64_t n, uint64_t *y); -// -// Does the z := x + y operation, truncating modulo p words in general and -// returning a top carry (0 or 1) in the p'th place, only adding the input -// words below p (as well as m and n respectively) to get the sum and carry. -// -// Standard x86-64 ABI: RDI = p, RSI = z, RDX = m, RCX = x, R8 = n, R9 = y, returns RAX -// Microsoft x64 ABI: RCX = p, RDX = z, R8 = m, R9 = x, [RSP+40] = n, [RSP+48] = y, returns RAX -// ---------------------------------------------------------------------------- - -#include "s2n_bignum_internal.h" - - .intel_syntax noprefix - S2N_BN_SYM_VISIBILITY_DIRECTIVE(bignum_add) - S2N_BN_SYM_PRIVACY_DIRECTIVE(bignum_add) - .text - -#define p rdi -#define z rsi -#define m rdx -#define x rcx -#define n r8 -#define y r9 -#define i r10 -#define a rax - -#define ashort eax - - - -S2N_BN_SYMBOL(bignum_add): - _CET_ENDBR - -#if WINDOWS_ABI - push rdi - push rsi - mov rdi, rcx - mov rsi, rdx - mov rdx, r8 - mov rcx, r9 - mov r8, [rsp+56] - mov r9, [rsp+64] -#endif - -// Zero the main index counter for both branches - - xor i, i - -// First clamp the two input sizes m := min(p,m) and n := min(p,n) since -// we'll never need words past the p'th. Can now assume m <= p and n <= p. -// Then compare the modified m and n and branch accordingly - - cmp p, m - cmovc m, p - cmp p, n - cmovc n, p - cmp m, n - jc ylonger - -// The case where x is longer or of the same size (p >= m >= n) - - sub p, m - sub m, n - inc m - test n, n - jz xtest -xmainloop: - mov a, [x+8*i] - adc a, [y+8*i] - mov [z+8*i],a - inc i - dec n - jnz xmainloop - jmp xtest -xtoploop: - mov a, [x+8*i] - adc a, 0 - mov [z+8*i],a - inc i -xtest: - dec m - jnz xtoploop - mov ashort, 0 - adc a, 0 - test p, p - jnz tails -#if WINDOWS_ABI - pop rsi - pop rdi -#endif - ret - -// The case where y is longer (p >= n > m) - -ylonger: - - sub p, n - sub n, m - test m, m - jz ytoploop -ymainloop: - mov a, [x+8*i] - adc a, [y+8*i] - mov [z+8*i],a - inc i - dec m - jnz ymainloop -ytoploop: - mov a, [y+8*i] - adc a, 0 - mov [z+8*i],a - inc i - dec n - jnz ytoploop - mov ashort, 0 - adc a, 0 - test p, p - jnz tails -#if WINDOWS_ABI - pop rsi - pop rdi -#endif - ret - -// Adding a non-trivial tail, when p > max(m,n) - -tails: - mov [z+8*i],a - xor a, a - jmp tail -tailloop: - mov [z+8*i],a -tail: - inc i - dec p - jnz tailloop -#if WINDOWS_ABI - pop rsi - pop rdi -#endif - ret - -#if defined(__linux__) && defined(__ELF__) -.section .note.GNU-stack,"",%progbits -#endif diff --git a/src/lib/libcrypto/bn/arch/amd64/bignum_cmadd.S b/src/lib/libcrypto/bn/arch/amd64/bignum_cmadd.S deleted file mode 100644 index 25ba17bce2..0000000000 --- a/src/lib/libcrypto/bn/arch/amd64/bignum_cmadd.S +++ /dev/null @@ -1,155 +0,0 @@ -// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. -// -// Permission to use, copy, modify, and/or distribute this software for any -// purpose with or without fee is hereby granted, provided that the above -// copyright notice and this permission notice appear in all copies. -// -// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -// ---------------------------------------------------------------------------- -// Multiply-add with single-word multiplier, z := z + c * y -// Inputs c, y[n]; outputs function return (carry-out) and z[k] -// -// extern uint64_t bignum_cmadd -// (uint64_t k, uint64_t *z, uint64_t c, uint64_t n, uint64_t *y); -// -// Does the "z := z + c * y" operation where y is n digits, result z is p. -// Truncates the result in general. -// -// The return value is a high/carry word that is meaningful when p = n + 1, or -// more generally when n <= p and the result fits in p + 1 digits. In these -// cases it gives the top digit of the (p + 1)-digit result. -// -// Standard x86-64 ABI: RDI = k, RSI = z, RDX = c, RCX = n, R8 = y, returns RAX -// Microsoft x64 ABI: RCX = k, RDX = z, R8 = c, R9 = n, [RSP+40] = y, returns RAX -// ---------------------------------------------------------------------------- - -#include "s2n_bignum_internal.h" - - .intel_syntax noprefix - S2N_BN_SYM_VISIBILITY_DIRECTIVE(bignum_cmadd) - S2N_BN_SYM_PRIVACY_DIRECTIVE(bignum_cmadd) - .text - -#define p rdi -#define z rsi -#define c r9 -#define n rcx -#define x r8 - -#define i r10 -#define h r11 - -#define r rbx - -#define hshort r11d -#define ishort r10d - - - -S2N_BN_SYMBOL(bignum_cmadd): - _CET_ENDBR - -#if WINDOWS_ABI - push rdi - push rsi - mov rdi, rcx - mov rsi, rdx - mov rdx, r8 - mov rcx, r9 - mov r8, [rsp+56] -#endif - -// Seems hard to avoid one more register - - push rbx - -// First clamp the input size n := min(p,n) since we can never need to read -// past the p'th term of the input to generate p-digit output. -// Subtract p := p - min(n,p) so it holds the size of the extra tail needed - - cmp p, n - cmovc n, p - sub p, n - -// Initialize high part h = 0; if n = 0 do nothing but return that zero - - xor h, h - test n, n - jz end - -// Move c into a safer register as multiplies overwrite rdx - - mov c, rdx - -// Initialization of the loop: 2^64 * CF + [h,z_0'] = z_0 + c * x_0 - - mov rax, [x] - mul c - add [z], rax - mov h, rdx - mov ishort, 1 - dec n - jz hightail - -// Main loop, where we always have CF + previous high part h to add in - -loop: - adc h, [z+8*i] - sbb r, r - mov rax, [x+8*i] - mul c - sub rdx, r - add rax, h - mov [z+8*i], rax - mov h, rdx - inc i - dec n - jnz loop - -hightail: - adc h, 0 - -// Propagate the carry all the way to the end with h as extra carry word - -tail: - test p, p - jz end - - add [z+8*i], h - mov hshort, 0 - inc i - dec p - jz highend - -tloop: - adc [z+8*i], h - inc i - dec p - jnz tloop - -highend: - - adc h, 0 - -// Return the high/carry word - -end: - mov rax, h - - pop rbx -#if WINDOWS_ABI - pop rsi - pop rdi -#endif - ret - -#if defined(__linux__) && defined(__ELF__) -.section .note.GNU-stack,"",%progbits -#endif diff --git a/src/lib/libcrypto/bn/arch/amd64/bignum_cmul.S b/src/lib/libcrypto/bn/arch/amd64/bignum_cmul.S deleted file mode 100644 index 12f785d63a..0000000000 --- a/src/lib/libcrypto/bn/arch/amd64/bignum_cmul.S +++ /dev/null @@ -1,138 +0,0 @@ -// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. -// -// Permission to use, copy, modify, and/or distribute this software for any -// purpose with or without fee is hereby granted, provided that the above -// copyright notice and this permission notice appear in all copies. -// -// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -// ---------------------------------------------------------------------------- -// Multiply by a single word, z := c * y -// Inputs c, y[n]; outputs function return (carry-out) and z[k] -// -// extern uint64_t bignum_cmul -// (uint64_t k, uint64_t *z, uint64_t c, uint64_t n, uint64_t *y); -// -// Does the "z := c * y" operation where y is n digits, result z is p. -// Truncates the result in general unless p >= n + 1. -// -// The return value is a high/carry word that is meaningful when p >= n as -// giving the high part of the result. Since this is always zero if p > n, -// it is mainly of interest in the special case p = n, i.e. where the source -// and destination have the same nominal size, when it gives the extra word -// of the full result. -// -// Standard x86-64 ABI: RDI = k, RSI = z, RDX = c, RCX = n, R8 = y, returns RAX -// Microsoft x64 ABI: RCX = k, RDX = z, R8 = c, R9 = n, [RSP+40] = y, returns RAX -// ---------------------------------------------------------------------------- - -#include "s2n_bignum_internal.h" - - .intel_syntax noprefix - S2N_BN_SYM_VISIBILITY_DIRECTIVE(bignum_cmul) - S2N_BN_SYM_PRIVACY_DIRECTIVE(bignum_cmul) - .text - -#define p rdi -#define z rsi -#define c r9 -#define n rcx -#define x r8 - -#define i r10 -#define h r11 - - - -S2N_BN_SYMBOL(bignum_cmul): - _CET_ENDBR - -#if WINDOWS_ABI - push rdi - push rsi - mov rdi, rcx - mov rsi, rdx - mov rdx, r8 - mov rcx, r9 - mov r8, [rsp+56] -#endif - -// First clamp the input size n := min(p,n) since we can never need to read -// past the p'th term of the input to generate p-digit output. Now we can -// assume that n <= p - - cmp p, n - cmovc n, p - -// Initialize current input/output pointer offset i and high part h. -// But then if n = 0 skip the multiplication and go to the tail part - - xor h, h - xor i, i - test n, n - jz tail - -// Move c into a safer register as multiplies overwrite rdx - - mov c, rdx - -// Initialization of the loop: [h,l] = c * x_0 - - mov rax, [x] - mul c - mov [z], rax - mov h, rdx - inc i - cmp i, n - jz tail - -// Main loop doing the multiplications - -loop: - mov rax, [x+8*i] - mul c - add rax, h - adc rdx, 0 - mov [z+8*i], rax - mov h, rdx - inc i - cmp i, n - jc loop - -// Add a tail when the destination is longer - -tail: - cmp i, p - jnc end - mov [z+8*i], h - xor h, h - inc i - cmp i, p - jnc end - -tloop: - mov [z+8*i], h - inc i - cmp i, p - jc tloop - -// Return the high/carry word - -end: - mov rax, h - -#if WINDOWS_ABI - pop rsi - pop rdi -#endif - ret - -#if defined(__linux__) && defined(__ELF__) -.section .note.GNU-stack,"",%progbits -#endif diff --git a/src/lib/libcrypto/bn/arch/amd64/bignum_mul.S b/src/lib/libcrypto/bn/arch/amd64/bignum_mul.S deleted file mode 100644 index a3552679a2..0000000000 --- a/src/lib/libcrypto/bn/arch/amd64/bignum_mul.S +++ /dev/null @@ -1,167 +0,0 @@ -// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. -// -// Permission to use, copy, modify, and/or distribute this software for any -// purpose with or without fee is hereby granted, provided that the above -// copyright notice and this permission notice appear in all copies. -// -// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -// ---------------------------------------------------------------------------- -// Multiply z := x * y -// Inputs x[m], y[n]; output z[k] -// -// extern void bignum_mul -// (uint64_t k, uint64_t *z, -// uint64_t m, uint64_t *x, uint64_t n, uint64_t *y); -// -// Does the "z := x * y" operation where x is m digits, y is n, result z is k. -// Truncates the result in general unless k >= m + n -// -// Standard x86-64 ABI: RDI = k, RSI = z, RDX = m, RCX = x, R8 = n, R9 = y -// Microsoft x64 ABI: RCX = k, RDX = z, R8 = m, R9 = x, [RSP+40] = n, [RSP+48] = y -// ---------------------------------------------------------------------------- - -#include "s2n_bignum_internal.h" - - .intel_syntax noprefix - S2N_BN_SYM_VISIBILITY_DIRECTIVE(bignum_mul) - S2N_BN_SYM_PRIVACY_DIRECTIVE(bignum_mul) - .text - -// These are actually right - -#define p rdi -#define z rsi -#define n r8 - -// These are not - -#define c r15 -#define h r14 -#define l r13 -#define x r12 -#define y r11 -#define i rbx -#define k r10 -#define m rbp - -// These are always local scratch since multiplier result is in these - -#define a rax -#define d rdx - - - -S2N_BN_SYMBOL(bignum_mul): - _CET_ENDBR - -#if WINDOWS_ABI - push rdi - push rsi - mov rdi, rcx - mov rsi, rdx - mov rdx, r8 - mov rcx, r9 - mov r8, [rsp+56] - mov r9, [rsp+64] -#endif - -// We use too many registers, and also we need rax:rdx for multiplications - - push rbx - push rbp - push r12 - push r13 - push r14 - push r15 - mov m, rdx - -// If the result size is zero, do nothing -// Note that even if either or both inputs has size zero, we can't -// just give up because we at least need to zero the output array -// If we did a multiply-add variant, however, then we could - - test p, p - jz end - -// Set initial 2-part sum to zero (we zero c inside the body) - - xor h,h - xor l,l - -// Otherwise do outer loop k = 0 ... k = p - 1 - - xor k, k - -outerloop: - -// Zero our carry term first; we eventually want it and a zero is useful now -// Set a = max 0 (k + 1 - n), i = min (k + 1) m -// This defines the range a <= j < i for the inner summation -// Note that since k < p < 2^64 we can assume k + 1 doesn't overflow -// And since we want to increment it anyway, we might as well do it now - - xor c, c // c = 0 - inc k // k = k + 1 - - mov a, k // a = k + 1 - sub a, n // a = k + 1 - n - cmovc a, c // a = max 0 (k + 1 - n) - - mov i, m // i = m - cmp k, m // CF <=> k + 1 < m - cmovc i, k // i = min (k + 1) m - -// Turn i into a loop count, and skip things if it's <= 0 -// Otherwise set up initial pointers x -> x0[a] and y -> y0[k - a] -// and then launch into the main inner loop, postdecrementing i - - mov d, k - sub d, i - sub i, a - jbe innerend - lea x,[rcx+8*a] - lea y,[r9+8*d-8] - -innerloop: - mov rax, [y+8*i] - mul QWORD PTR [x] - add x, 8 - add l, rax - adc h, rdx - adc c, 0 - dec i - jnz innerloop - -innerend: - - mov [z], l - mov l, h - mov h, c - add z, 8 - - cmp k, p - jc outerloop - -end: - pop r15 - pop r14 - pop r13 - pop r12 - pop rbp - pop rbx -#if WINDOWS_ABI - pop rsi - pop rdi -#endif - ret - -#if defined(__linux__) && defined(__ELF__) -.section .note.GNU-stack,"",%progbits -#endif diff --git a/src/lib/libcrypto/bn/arch/amd64/bignum_mul_4_8_alt.S b/src/lib/libcrypto/bn/arch/amd64/bignum_mul_4_8_alt.S deleted file mode 100644 index 70ff69e372..0000000000 --- a/src/lib/libcrypto/bn/arch/amd64/bignum_mul_4_8_alt.S +++ /dev/null @@ -1,157 +0,0 @@ -// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. -// -// Permission to use, copy, modify, and/or distribute this software for any -// purpose with or without fee is hereby granted, provided that the above -// copyright notice and this permission notice appear in all copies. -// -// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -// ---------------------------------------------------------------------------- -// Multiply z := x * y -// Inputs x[4], y[4]; output z[8] -// -// extern void bignum_mul_4_8_alt -// (uint64_t z[static 8], uint64_t x[static 4], uint64_t y[static 4]); -// -// Standard x86-64 ABI: RDI = z, RSI = x, RDX = y -// Microsoft x64 ABI: RCX = z, RDX = x, R8 = y -// ---------------------------------------------------------------------------- - -#include "s2n_bignum_internal.h" - - .intel_syntax noprefix - S2N_BN_SYM_VISIBILITY_DIRECTIVE(bignum_mul_4_8_alt) - S2N_BN_SYM_PRIVACY_DIRECTIVE(bignum_mul_4_8_alt) - .text - -// These are actually right - -#define z rdi -#define x rsi - -// This is moved from rdx to free it for muls - -#define y rcx - -// Other variables used as a rotating 3-word window to add terms to - -#define t0 r8 -#define t1 r9 -#define t2 r10 - -// Macro for the key "multiply and add to (c,h,l)" step - -#define combadd(c,h,l,numa,numb) \ - mov rax, numa; \ - mul QWORD PTR numb; \ - add l, rax; \ - adc h, rdx; \ - adc c, 0 - -// A minutely shorter form for when c = 0 initially - -#define combadz(c,h,l,numa,numb) \ - mov rax, numa; \ - mul QWORD PTR numb; \ - add l, rax; \ - adc h, rdx; \ - adc c, c - -// A short form where we don't expect a top carry - -#define combads(h,l,numa,numb) \ - mov rax, numa; \ - mul QWORD PTR numb; \ - add l, rax; \ - adc h, rdx - -S2N_BN_SYMBOL(bignum_mul_4_8_alt): - _CET_ENDBR - -#if WINDOWS_ABI - push rdi - push rsi - mov rdi, rcx - mov rsi, rdx - mov rdx, r8 -#endif - -// Copy y into a safe register to start with - - mov y, rdx - -// Result term 0 - - mov rax, [x] - mul QWORD PTR [y] - - mov [z], rax - mov t0, rdx - xor t1, t1 - -// Result term 1 - - xor t2, t2 - combads(t1,t0,[x],[y+8]) - combadz(t2,t1,t0,[x+8],[y]) - mov [z+8], t0 - -// Result term 2 - - xor t0, t0 - combadz(t0,t2,t1,[x],[y+16]) - combadd(t0,t2,t1,[x+8],[y+8]) - combadd(t0,t2,t1,[x+16],[y]) - mov [z+16], t1 - -// Result term 3 - - xor t1, t1 - combadz(t1,t0,t2,[x],[y+24]) - combadd(t1,t0,t2,[x+8],[y+16]) - combadd(t1,t0,t2,[x+16],[y+8]) - combadd(t1,t0,t2,[x+24],[y]) - mov [z+24], t2 - -// Result term 4 - - xor t2, t2 - combadz(t2,t1,t0,[x+8],[y+24]) - combadd(t2,t1,t0,[x+16],[y+16]) - combadd(t2,t1,t0,[x+24],[y+8]) - mov [z+32], t0 - -// Result term 5 - - xor t0, t0 - combadz(t0,t2,t1,[x+16],[y+24]) - combadd(t0,t2,t1,[x+24],[y+16]) - mov [z+40], t1 - -// Result term 6 - - xor t1, t1 - combads(t0,t2,[x+24],[y+24]) - mov [z+48], t2 - -// Result term 7 - - mov [z+56], t0 - -// Return - -#if WINDOWS_ABI - pop rsi - pop rdi -#endif - ret - -#if defined(__linux__) && defined(__ELF__) -.section .note.GNU-stack,"",%progbits -#endif diff --git a/src/lib/libcrypto/bn/arch/amd64/bignum_mul_8_16_alt.S b/src/lib/libcrypto/bn/arch/amd64/bignum_mul_8_16_alt.S deleted file mode 100644 index 066403b074..0000000000 --- a/src/lib/libcrypto/bn/arch/amd64/bignum_mul_8_16_alt.S +++ /dev/null @@ -1,244 +0,0 @@ -// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. -// -// Permission to use, copy, modify, and/or distribute this software for any -// purpose with or without fee is hereby granted, provided that the above -// copyright notice and this permission notice appear in all copies. -// -// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -// ---------------------------------------------------------------------------- -// Multiply z := x * y -// Inputs x[8], y[8]; output z[16] -// -// extern void bignum_mul_8_16_alt -// (uint64_t z[static 16], uint64_t x[static 8], uint64_t y[static 8]); -// -// Standard x86-64 ABI: RDI = z, RSI = x, RDX = y -// Microsoft x64 ABI: RCX = z, RDX = x, R8 = y -// ---------------------------------------------------------------------------- - -#include "s2n_bignum_internal.h" - - .intel_syntax noprefix - S2N_BN_SYM_VISIBILITY_DIRECTIVE(bignum_mul_8_16_alt) - S2N_BN_SYM_PRIVACY_DIRECTIVE(bignum_mul_8_16_alt) - .text - -// These are actually right - -#define z rdi -#define x rsi - -// This is moved from rdx to free it for muls - -#define y rcx - -// Other variables used as a rotating 3-word window to add terms to - -#define t0 r8 -#define t1 r9 -#define t2 r10 - -// Macro for the key "multiply and add to (c,h,l)" step - -#define combadd(c,h,l,numa,numb) \ - mov rax, numa; \ - mul QWORD PTR numb; \ - add l, rax; \ - adc h, rdx; \ - adc c, 0 - -// A minutely shorter form for when c = 0 initially - -#define combadz(c,h,l,numa,numb) \ - mov rax, numa; \ - mul QWORD PTR numb; \ - add l, rax; \ - adc h, rdx; \ - adc c, c - -// A short form where we don't expect a top carry - -#define combads(h,l,numa,numb) \ - mov rax, numa; \ - mul QWORD PTR numb; \ - add l, rax; \ - adc h, rdx - -S2N_BN_SYMBOL(bignum_mul_8_16_alt): - _CET_ENDBR - -#if WINDOWS_ABI - push rdi - push rsi - mov rdi, rcx - mov rsi, rdx - mov rdx, r8 -#endif - -// Copy y into a safe register to start with - - mov y, rdx - -// Result term 0 - - mov rax, [x] - mul QWORD PTR [y] - - mov [z], rax - mov t0, rdx - xor t1, t1 - -// Result term 1 - - xor t2, t2 - combads(t1,t0,[x],[y+8]) - combadz(t2,t1,t0,[x+8],[y]) - mov [z+8], t0 - -// Result term 2 - - xor t0, t0 - combadz(t0,t2,t1,[x],[y+16]) - combadd(t0,t2,t1,[x+8],[y+8]) - combadd(t0,t2,t1,[x+16],[y]) - mov [z+16], t1 - -// Result term 3 - - xor t1, t1 - combadz(t1,t0,t2,[x],[y+24]) - combadd(t1,t0,t2,[x+8],[y+16]) - combadd(t1,t0,t2,[x+16],[y+8]) - combadd(t1,t0,t2,[x+24],[y]) - mov [z+24], t2 - -// Result term 4 - - xor t2, t2 - combadz(t2,t1,t0,[x],[y+32]) - combadd(t2,t1,t0,[x+8],[y+24]) - combadd(t2,t1,t0,[x+16],[y+16]) - combadd(t2,t1,t0,[x+24],[y+8]) - combadd(t2,t1,t0,[x+32],[y]) - mov [z+32], t0 - -// Result term 5 - - xor t0, t0 - combadz(t0,t2,t1,[x],[y+40]) - combadd(t0,t2,t1,[x+8],[y+32]) - combadd(t0,t2,t1,[x+16],[y+24]) - combadd(t0,t2,t1,[x+24],[y+16]) - combadd(t0,t2,t1,[x+32],[y+8]) - combadd(t0,t2,t1,[x+40],[y]) - mov [z+40], t1 - -// Result term 6 - - xor t1, t1 - combadz(t1,t0,t2,[x],[y+48]) - combadd(t1,t0,t2,[x+8],[y+40]) - combadd(t1,t0,t2,[x+16],[y+32]) - combadd(t1,t0,t2,[x+24],[y+24]) - combadd(t1,t0,t2,[x+32],[y+16]) - combadd(t1,t0,t2,[x+40],[y+8]) - combadd(t1,t0,t2,[x+48],[y]) - mov [z+48], t2 - -// Result term 7 - - xor t2, t2 - combadz(t2,t1,t0,[x],[y+56]) - combadd(t2,t1,t0,[x+8],[y+48]) - combadd(t2,t1,t0,[x+16],[y+40]) - combadd(t2,t1,t0,[x+24],[y+32]) - combadd(t2,t1,t0,[x+32],[y+24]) - combadd(t2,t1,t0,[x+40],[y+16]) - combadd(t2,t1,t0,[x+48],[y+8]) - combadd(t2,t1,t0,[x+56],[y]) - mov [z+56], t0 - -// Result term 8 - - xor t0, t0 - combadz(t0,t2,t1,[x+8],[y+56]) - combadd(t0,t2,t1,[x+16],[y+48]) - combadd(t0,t2,t1,[x+24],[y+40]) - combadd(t0,t2,t1,[x+32],[y+32]) - combadd(t0,t2,t1,[x+40],[y+24]) - combadd(t0,t2,t1,[x+48],[y+16]) - combadd(t0,t2,t1,[x+56],[y+8]) - mov [z+64], t1 - -// Result term 9 - - xor t1, t1 - combadz(t1,t0,t2,[x+16],[y+56]) - combadd(t1,t0,t2,[x+24],[y+48]) - combadd(t1,t0,t2,[x+32],[y+40]) - combadd(t1,t0,t2,[x+40],[y+32]) - combadd(t1,t0,t2,[x+48],[y+24]) - combadd(t1,t0,t2,[x+56],[y+16]) - mov [z+72], t2 - -// Result term 10 - - xor t2, t2 - combadz(t2,t1,t0,[x+24],[y+56]) - combadd(t2,t1,t0,[x+32],[y+48]) - combadd(t2,t1,t0,[x+40],[y+40]) - combadd(t2,t1,t0,[x+48],[y+32]) - combadd(t2,t1,t0,[x+56],[y+24]) - mov [z+80], t0 - -// Result term 11 - - xor t0, t0 - combadz(t0,t2,t1,[x+32],[y+56]) - combadd(t0,t2,t1,[x+40],[y+48]) - combadd(t0,t2,t1,[x+48],[y+40]) - combadd(t0,t2,t1,[x+56],[y+32]) - mov [z+88], t1 - -// Result term 12 - - xor t1, t1 - combadz(t1,t0,t2,[x+40],[y+56]) - combadd(t1,t0,t2,[x+48],[y+48]) - combadd(t1,t0,t2,[x+56],[y+40]) - mov [z+96], t2 - -// Result term 13 - - xor t2, t2 - combadz(t2,t1,t0,[x+48],[y+56]) - combadd(t2,t1,t0,[x+56],[y+48]) - mov [z+104], t0 - -// Result term 14 - - combads(t2,t1,[x+56],[y+56]) - mov [z+112], t1 - -// Result term 11 - - mov [z+120], t2 - -// Return - -#if WINDOWS_ABI - pop rsi - pop rdi -#endif - ret - -#if defined(__linux__) && defined(__ELF__) -.section .note.GNU-stack,"",%progbits -#endif diff --git a/src/lib/libcrypto/bn/arch/amd64/bignum_sqr.S b/src/lib/libcrypto/bn/arch/amd64/bignum_sqr.S deleted file mode 100644 index 54e3f59442..0000000000 --- a/src/lib/libcrypto/bn/arch/amd64/bignum_sqr.S +++ /dev/null @@ -1,197 +0,0 @@ -// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. -// -// Permission to use, copy, modify, and/or distribute this software for any -// purpose with or without fee is hereby granted, provided that the above -// copyright notice and this permission notice appear in all copies. -// -// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -// ---------------------------------------------------------------------------- -// Square z := x^2 -// Input x[n]; output z[k] -// -// extern void bignum_sqr -// (uint64_t k, uint64_t *z, uint64_t n, uint64_t *x); -// -// Does the "z := x^2" operation where x is n digits and result z is k. -// Truncates the result in general unless k >= 2 * n -// -// Standard x86-64 ABI: RDI = k, RSI = z, RDX = n, RCX = x -// Microsoft x64 ABI: RCX = k, RDX = z, R8 = n, R9 = x -// ---------------------------------------------------------------------------- - -#include "s2n_bignum_internal.h" - - .intel_syntax noprefix - S2N_BN_SYM_VISIBILITY_DIRECTIVE(bignum_sqr) - S2N_BN_SYM_PRIVACY_DIRECTIVE(bignum_sqr) - .text - -// First three are where arguments come in, but n is moved. - -#define p rdi -#define z rsi -#define x rcx -#define n r8 - -// These are always local scratch since multiplier result is in these - -#define a rax -#define d rdx - -// Other variables - -#define i rbx -#define ll rbp -#define hh r9 -#define k r10 -#define y r11 -#define htop r12 -#define l r13 -#define h r14 -#define c r15 - -// Short versions - -#define llshort ebp - -S2N_BN_SYMBOL(bignum_sqr): - _CET_ENDBR - -#if WINDOWS_ABI - push rdi - push rsi - mov rdi, rcx - mov rsi, rdx - mov rdx, r8 - mov rcx, r9 -#endif - -// We use too many registers, and also we need rax:rdx for multiplications - - push rbx - push rbp - push r12 - push r13 - push r14 - push r15 - mov n, rdx - -// If p = 0 the result is trivial and nothing needs doing - - test p, p - jz end - -// initialize (hh,ll) = 0 - - xor llshort, llshort - xor hh, hh - -// Iterate outer loop from k = 0 ... k = p - 1 producing result digits - - xor k, k - -outerloop: - -// First let bot = MAX 0 (k + 1 - n) and top = MIN (k + 1) n -// We want to accumulate all x[i] * x[k - i] for bot <= i < top -// For the optimization of squaring we avoid duplication and do -// 2 * x[i] * x[k - i] for i < htop, where htop = MIN ((k+1)/2) n -// Initialize i = bot; in fact just compute bot as i directly. - - xor c, c - lea i, [k+1] - mov htop, i - shr htop, 1 - sub i, n - cmovc i, c - cmp htop, n - cmovnc htop, n - -// Initialize the three-part local sum (c,h,l); c was already done above - - xor l, l - xor h, h - -// If htop <= bot then main doubled part of the sum is empty - - cmp i, htop - jnc nosumming - -// Use a moving pointer for [y] = x[k-i] for the cofactor - - mov a, k - sub a, i - lea y, [x+8*a] - -// Do the main part of the sum x[i] * x[k - i] for 2 * i < k - -innerloop: - mov a, [x+8*i] - mul QWORD PTR [y] - add l, a - adc h, d - adc c, 0 - sub y, 8 - inc i - cmp i, htop - jc innerloop - -// Now double it - - add l, l - adc h, h - adc c, c - -// If k is even (which means 2 * i = k) and i < n add the extra x[i]^2 term - -nosumming: - test k, 1 - jnz innerend - cmp i, n - jnc innerend - - mov a, [x+8*i] - mul a - add l, a - adc h, d - adc c, 0 - -// Now add the local sum into the global sum, store and shift - -innerend: - add l, ll - mov [z+8*k], l - adc h, hh - mov ll, h - adc c, 0 - mov hh, c - - inc k - cmp k, p - jc outerloop - -// Restore registers and return - -end: - pop r15 - pop r14 - pop r13 - pop r12 - pop rbp - pop rbx -#if WINDOWS_ABI - pop rsi - pop rdi -#endif - ret - -#if defined(__linux__) && defined(__ELF__) -.section .note.GNU-stack,"",%progbits -#endif diff --git a/src/lib/libcrypto/bn/arch/amd64/bignum_sqr_4_8_alt.S b/src/lib/libcrypto/bn/arch/amd64/bignum_sqr_4_8_alt.S deleted file mode 100644 index 7c534ae907..0000000000 --- a/src/lib/libcrypto/bn/arch/amd64/bignum_sqr_4_8_alt.S +++ /dev/null @@ -1,145 +0,0 @@ -// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. -// -// Permission to use, copy, modify, and/or distribute this software for any -// purpose with or without fee is hereby granted, provided that the above -// copyright notice and this permission notice appear in all copies. -// -// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -// ---------------------------------------------------------------------------- -// Square, z := x^2 -// Input x[4]; output z[8] -// -// extern void bignum_sqr_4_8_alt -// (uint64_t z[static 8], uint64_t x[static 4]); -// -// Standard x86-64 ABI: RDI = z, RSI = x -// Microsoft x64 ABI: RCX = z, RDX = x -// ---------------------------------------------------------------------------- - -#include "s2n_bignum_internal.h" - - .intel_syntax noprefix - S2N_BN_SYM_VISIBILITY_DIRECTIVE(bignum_sqr_4_8_alt) - S2N_BN_SYM_PRIVACY_DIRECTIVE(bignum_sqr_4_8_alt) - .text - -// Input arguments - -#define z rdi -#define x rsi - -// Other variables used as a rotating 3-word window to add terms to - -#define t0 rcx -#define t1 r8 -#define t2 r9 - -// Macro for the key "multiply and add to (c,h,l)" step, for square term - -#define combadd1(c,h,l,numa) \ - mov rax, numa; \ - mul rax; \ - add l, rax; \ - adc h, rdx; \ - adc c, 0 - -// A short form where we don't expect a top carry - -#define combads(h,l,numa) \ - mov rax, numa; \ - mul rax; \ - add l, rax; \ - adc h, rdx - -// A version doubling before adding, for non-square terms - -#define combadd2(c,h,l,numa,numb) \ - mov rax, numa; \ - mul QWORD PTR numb; \ - add rax, rax; \ - adc rdx, rdx; \ - adc c, 0; \ - add l, rax; \ - adc h, rdx; \ - adc c, 0 - -S2N_BN_SYMBOL(bignum_sqr_4_8_alt): - _CET_ENDBR - -#if WINDOWS_ABI - push rdi - push rsi - mov rdi, rcx - mov rsi, rdx -#endif - -// Result term 0 - - mov rax, [x] - mul rax - - mov [z], rax - mov t0, rdx - xor t1, t1 - -// Result term 1 - - xor t2, t2 - combadd2(t2,t1,t0,[x],[x+8]) - mov [z+8], t0 - -// Result term 2 - - xor t0, t0 - combadd1(t0,t2,t1,[x+8]) - combadd2(t0,t2,t1,[x],[x+16]) - mov [z+16], t1 - -// Result term 3 - - xor t1, t1 - combadd2(t1,t0,t2,[x],[x+24]) - combadd2(t1,t0,t2,[x+8],[x+16]) - mov [z+24], t2 - -// Result term 4 - - xor t2, t2 - combadd2(t2,t1,t0,[x+8],[x+24]) - combadd1(t2,t1,t0,[x+16]) - mov [z+32], t0 - -// Result term 5 - - xor t0, t0 - combadd2(t0,t2,t1,[x+16],[x+24]) - mov [z+40], t1 - -// Result term 6 - - xor t1, t1 - combads(t0,t2,[x+24]) - mov [z+48], t2 - -// Result term 7 - - mov [z+56], t0 - -// Return - -#if WINDOWS_ABI - pop rsi - pop rdi -#endif - ret - -#if defined(__linux__) && defined(__ELF__) -.section .note.GNU-stack,"",%progbits -#endif diff --git a/src/lib/libcrypto/bn/arch/amd64/bignum_sqr_8_16_alt.S b/src/lib/libcrypto/bn/arch/amd64/bignum_sqr_8_16_alt.S deleted file mode 100644 index ac0b6f96c2..0000000000 --- a/src/lib/libcrypto/bn/arch/amd64/bignum_sqr_8_16_alt.S +++ /dev/null @@ -1,242 +0,0 @@ -// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. -// -// Permission to use, copy, modify, and/or distribute this software for any -// purpose with or without fee is hereby granted, provided that the above -// copyright notice and this permission notice appear in all copies. -// -// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -// ---------------------------------------------------------------------------- -// Square, z := x^2 -// Input x[8]; output z[16] -// -// extern void bignum_sqr_8_16_alt (uint64_t z[static 16], uint64_t x[static 8]); -// -// Standard x86-64 ABI: RDI = z, RSI = x -// Microsoft x64 ABI: RCX = z, RDX = x -// ---------------------------------------------------------------------------- - -#include "s2n_bignum_internal.h" - - .intel_syntax noprefix - S2N_BN_SYM_VISIBILITY_DIRECTIVE(bignum_sqr_8_16_alt) - S2N_BN_SYM_PRIVACY_DIRECTIVE(bignum_sqr_8_16_alt) - .text - -// Input arguments - -#define z rdi -#define x rsi - -// Other variables used as a rotating 3-word window to add terms to - -#define t0 r8 -#define t1 r9 -#define t2 r10 - -// Additional temporaries for local windows to share doublings - -#define u0 rcx -#define u1 r11 - -// Macro for the key "multiply and add to (c,h,l)" step - -#define combadd(c,h,l,numa,numb) \ - mov rax, numa; \ - mul QWORD PTR numb; \ - add l, rax; \ - adc h, rdx; \ - adc c, 0 - -// Set up initial window (c,h,l) = numa * numb - -#define combaddz(c,h,l,numa,numb) \ - mov rax, numa; \ - mul QWORD PTR numb; \ - xor c, c; \ - mov l, rax; \ - mov h, rdx - -// Doubling step (c,h,l) = 2 * (c,hh,ll) + (0,h,l) - -#define doubladd(c,h,l,hh,ll) \ - add ll, ll; \ - adc hh, hh; \ - adc c, c; \ - add l, ll; \ - adc h, hh; \ - adc c, 0 - -// Square term incorporation (c,h,l) += numba^2 - -#define combadd1(c,h,l,numa) \ - mov rax, numa; \ - mul rax; \ - add l, rax; \ - adc h, rdx; \ - adc c, 0 - -// A short form where we don't expect a top carry - -#define combads(h,l,numa) \ - mov rax, numa; \ - mul rax; \ - add l, rax; \ - adc h, rdx - -// A version doubling directly before adding, for single non-square terms - -#define combadd2(c,h,l,numa,numb) \ - mov rax, numa; \ - mul QWORD PTR numb; \ - add rax, rax; \ - adc rdx, rdx; \ - adc c, 0; \ - add l, rax; \ - adc h, rdx; \ - adc c, 0 - -S2N_BN_SYMBOL(bignum_sqr_8_16_alt): - _CET_ENDBR - -#if WINDOWS_ABI - push rdi - push rsi - mov rdi, rcx - mov rsi, rdx -#endif - -// Result term 0 - - mov rax, [x] - mul rax - - mov [z], rax - mov t0, rdx - xor t1, t1 - -// Result term 1 - - xor t2, t2 - combadd2(t2,t1,t0,[x],[x+8]) - mov [z+8], t0 - -// Result term 2 - - xor t0, t0 - combadd1(t0,t2,t1,[x+8]) - combadd2(t0,t2,t1,[x],[x+16]) - mov [z+16], t1 - -// Result term 3 - - combaddz(t1,u1,u0,[x],[x+24]) - combadd(t1,u1,u0,[x+8],[x+16]) - doubladd(t1,t0,t2,u1,u0) - mov [z+24], t2 - -// Result term 4 - - combaddz(t2,u1,u0,[x],[x+32]) - combadd(t2,u1,u0,[x+8],[x+24]) - doubladd(t2,t1,t0,u1,u0) - combadd1(t2,t1,t0,[x+16]) - mov [z+32], t0 - -// Result term 5 - - combaddz(t0,u1,u0,[x],[x+40]) - combadd(t0,u1,u0,[x+8],[x+32]) - combadd(t0,u1,u0,[x+16],[x+24]) - doubladd(t0,t2,t1,u1,u0) - mov [z+40], t1 - -// Result term 6 - - combaddz(t1,u1,u0,[x],[x+48]) - combadd(t1,u1,u0,[x+8],[x+40]) - combadd(t1,u1,u0,[x+16],[x+32]) - doubladd(t1,t0,t2,u1,u0) - combadd1(t1,t0,t2,[x+24]) - mov [z+48], t2 - -// Result term 7 - - combaddz(t2,u1,u0,[x],[x+56]) - combadd(t2,u1,u0,[x+8],[x+48]) - combadd(t2,u1,u0,[x+16],[x+40]) - combadd(t2,u1,u0,[x+24],[x+32]) - doubladd(t2,t1,t0,u1,u0) - mov [z+56], t0 - -// Result term 8 - - combaddz(t0,u1,u0,[x+8],[x+56]) - combadd(t0,u1,u0,[x+16],[x+48]) - combadd(t0,u1,u0,[x+24],[x+40]) - doubladd(t0,t2,t1,u1,u0) - combadd1(t0,t2,t1,[x+32]) - mov [z+64], t1 - -// Result term 9 - - combaddz(t1,u1,u0,[x+16],[x+56]) - combadd(t1,u1,u0,[x+24],[x+48]) - combadd(t1,u1,u0,[x+32],[x+40]) - doubladd(t1,t0,t2,u1,u0) - mov [z+72], t2 - -// Result term 10 - - combaddz(t2,u1,u0,[x+24],[x+56]) - combadd(t2,u1,u0,[x+32],[x+48]) - doubladd(t2,t1,t0,u1,u0) - combadd1(t2,t1,t0,[x+40]) - mov [z+80], t0 - -// Result term 11 - - combaddz(t0,u1,u0,[x+32],[x+56]) - combadd(t0,u1,u0,[x+40],[x+48]) - doubladd(t0,t2,t1,u1,u0) - mov [z+88], t1 - -// Result term 12 - - xor t1, t1 - combadd2(t1,t0,t2,[x+40],[x+56]) - combadd1(t1,t0,t2,[x+48]) - mov [z+96], t2 - -// Result term 13 - - xor t2, t2 - combadd2(t2,t1,t0,[x+48],[x+56]) - mov [z+104], t0 - -// Result term 14 - - combads(t2,t1,[x+56]) - mov [z+112], t1 - -// Result term 15 - - mov [z+120], t2 - -// Return - -#if WINDOWS_ABI - pop rsi - pop rdi -#endif - ret - -#if defined(__linux__) && defined(__ELF__) -.section .note.GNU-stack,"",%progbits -#endif diff --git a/src/lib/libcrypto/bn/arch/amd64/bignum_sub.S b/src/lib/libcrypto/bn/arch/amd64/bignum_sub.S deleted file mode 100644 index 3ff8a30510..0000000000 --- a/src/lib/libcrypto/bn/arch/amd64/bignum_sub.S +++ /dev/null @@ -1,153 +0,0 @@ -// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. -// -// Permission to use, copy, modify, and/or distribute this software for any -// purpose with or without fee is hereby granted, provided that the above -// copyright notice and this permission notice appear in all copies. -// -// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -// ---------------------------------------------------------------------------- -// Subtract, z := x - y -// Inputs x[m], y[n]; outputs function return (carry-out) and z[p] -// -// extern uint64_t bignum_sub -// (uint64_t p, uint64_t *z, -// uint64_t m, uint64_t *x, uint64_t n, uint64_t *y); -// -// Does the z := x - y operation, truncating modulo p words in general and -// returning a top borrow (0 or 1) in the p'th place, only subtracting input -// words below p (as well as m and n respectively) to get the diff and borrow. -// -// Standard x86-64 ABI: RDI = p, RSI = z, RDX = m, RCX = x, R8 = n, R9 = y, returns RAX -// Microsoft x64 ABI: RCX = p, RDX = z, R8 = m, R9 = x, [RSP+40] = n, [RSP+48] = y, returns RAX -// ---------------------------------------------------------------------------- - -#include "s2n_bignum_internal.h" - - .intel_syntax noprefix - S2N_BN_SYM_VISIBILITY_DIRECTIVE(bignum_sub) - S2N_BN_SYM_PRIVACY_DIRECTIVE(bignum_sub) - .text - -#define p rdi -#define z rsi -#define m rdx -#define x rcx -#define n r8 -#define y r9 -#define i r10 -#define a rax - -#define ashort eax - - - -S2N_BN_SYMBOL(bignum_sub): - _CET_ENDBR - -#if WINDOWS_ABI - push rdi - push rsi - mov rdi, rcx - mov rsi, rdx - mov rdx, r8 - mov rcx, r9 - mov r8, [rsp+56] - mov r9, [rsp+64] -#endif - -// Zero the main index counter for both branches - - xor i, i - -// First clamp the two input sizes m := min(p,m) and n := min(p,n) since -// we'll never need words past the p'th. Can now assume m <= p and n <= p. -// Then compare the modified m and n and branch accordingly - - cmp p, m - cmovc m, p - cmp p, n - cmovc n, p - cmp m, n - jc ylonger - -// The case where x is longer or of the same size (p >= m >= n) - - sub p, m - sub m, n - inc m - test n, n - jz xtest -xmainloop: - mov a, [x+8*i] - sbb a, [y+8*i] - mov [z+8*i],a - inc i - dec n - jnz xmainloop - jmp xtest -xtoploop: - mov a, [x+8*i] - sbb a, 0 - mov [z+8*i],a - inc i -xtest: - dec m - jnz xtoploop - sbb a, a - test p, p - jz tailskip -tailloop: - mov [z+8*i],a - inc i - dec p - jnz tailloop -tailskip: - neg a -#if WINDOWS_ABI - pop rsi - pop rdi -#endif - ret - -// The case where y is longer (p >= n > m) - -ylonger: - - sub p, n - sub n, m - test m, m - jz ytoploop -ymainloop: - mov a, [x+8*i] - sbb a, [y+8*i] - mov [z+8*i],a - inc i - dec m - jnz ymainloop -ytoploop: - mov ashort, 0 - sbb a, [y+8*i] - mov [z+8*i],a - inc i - dec n - jnz ytoploop - sbb a, a - test p, p - jnz tailloop - neg a -#if WINDOWS_ABI - pop rsi - pop rdi -#endif - ret - -#if defined(__linux__) && defined(__ELF__) -.section .note.GNU-stack,"",%progbits -#endif diff --git a/src/lib/libcrypto/bn/arch/amd64/bn_arch.c b/src/lib/libcrypto/bn/arch/amd64/bn_arch.c deleted file mode 100644 index a377a05681..0000000000 --- a/src/lib/libcrypto/bn/arch/amd64/bn_arch.c +++ /dev/null @@ -1,131 +0,0 @@ -/* $OpenBSD: bn_arch.c,v 1.7 2023/06/24 16:01:44 jsing Exp $ */ -/* - * Copyright (c) 2023 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include "bn_arch.h" -#include "bn_local.h" -#include "s2n_bignum.h" - -#ifdef HAVE_BN_ADD -BN_ULONG -bn_add(BN_ULONG *r, int r_len, const BN_ULONG *a, int a_len, const BN_ULONG *b, - int b_len) -{ - return bignum_add(r_len, (uint64_t *)r, a_len, (uint64_t *)a, - b_len, (uint64_t *)b); -} -#endif - - -#ifdef HAVE_BN_ADD_WORDS -BN_ULONG -bn_add_words(BN_ULONG *rd, const BN_ULONG *ad, const BN_ULONG *bd, int n) -{ - return bignum_add(n, (uint64_t *)rd, n, (uint64_t *)ad, n, - (uint64_t *)bd); -} -#endif - -#ifdef HAVE_BN_SUB -BN_ULONG -bn_sub(BN_ULONG *r, int r_len, const BN_ULONG *a, int a_len, const BN_ULONG *b, - int b_len) -{ - return bignum_sub(r_len, (uint64_t *)r, a_len, (uint64_t *)a, - b_len, (uint64_t *)b); -} -#endif - -#ifdef HAVE_BN_SUB_WORDS -BN_ULONG -bn_sub_words(BN_ULONG *rd, const BN_ULONG *ad, const BN_ULONG *bd, int n) -{ - return bignum_sub(n, (uint64_t *)rd, n, (uint64_t *)ad, n, - (uint64_t *)bd); -} -#endif - -#ifdef HAVE_BN_MUL_ADD_WORDS -BN_ULONG -bn_mul_add_words(BN_ULONG *rd, const BN_ULONG *ad, int num, BN_ULONG w) -{ - return bignum_cmadd(num, (uint64_t *)rd, w, num, (uint64_t *)ad); -} -#endif - -#ifdef HAVE_BN_MUL_WORDS -BN_ULONG -bn_mul_words(BN_ULONG *rd, const BN_ULONG *ad, int num, BN_ULONG w) -{ - return bignum_cmul(num, (uint64_t *)rd, w, num, (uint64_t *)ad); -} -#endif - -#ifdef HAVE_BN_MUL_COMBA4 -void -bn_mul_comba4(BN_ULONG *rd, BN_ULONG *ad, BN_ULONG *bd) -{ - /* XXX - consider using non-alt on CPUs that have the ADX extension. */ - bignum_mul_4_8_alt((uint64_t *)rd, (uint64_t *)ad, (uint64_t *)bd); -} -#endif - -#ifdef HAVE_BN_MUL_COMBA8 -void -bn_mul_comba8(BN_ULONG *rd, BN_ULONG *ad, BN_ULONG *bd) -{ - /* XXX - consider using non-alt on CPUs that have the ADX extension. */ - bignum_mul_8_16_alt((uint64_t *)rd, (uint64_t *)ad, (uint64_t *)bd); -} -#endif - -#ifdef HAVE_BN_SQR -int -bn_sqr(BIGNUM *r, const BIGNUM *a, int r_len, BN_CTX *ctx) -{ - bignum_sqr(r_len, (uint64_t *)r->d, a->top, (uint64_t *)a->d); - - return 1; -} -#endif - -#ifdef HAVE_BN_SQR_COMBA4 -void -bn_sqr_comba4(BN_ULONG *rd, const BN_ULONG *ad) -{ - /* XXX - consider using non-alt on CPUs that have the ADX extension. */ - bignum_sqr_4_8_alt((uint64_t *)rd, (uint64_t *)ad); -} -#endif - -#ifdef HAVE_BN_SQR_COMBA8 -void -bn_sqr_comba8(BN_ULONG *rd, const BN_ULONG *ad) -{ - /* XXX - consider using non-alt on CPUs that have the ADX extension. */ - bignum_sqr_8_16_alt((uint64_t *)rd, (uint64_t *)ad); -} -#endif - -#ifdef HAVE_BN_WORD_CLZ -int -bn_word_clz(BN_ULONG w) -{ - return word_clz(w); -} -#endif diff --git a/src/lib/libcrypto/bn/arch/amd64/bn_arch.h b/src/lib/libcrypto/bn/arch/amd64/bn_arch.h deleted file mode 100644 index 927cd75208..0000000000 --- a/src/lib/libcrypto/bn/arch/amd64/bn_arch.h +++ /dev/null @@ -1,109 +0,0 @@ -/* $OpenBSD: bn_arch.h,v 1.14 2024/03/26 06:09:25 jsing Exp $ */ -/* - * Copyright (c) 2023 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#ifndef HEADER_BN_ARCH_H -#define HEADER_BN_ARCH_H - -#ifndef OPENSSL_NO_ASM - -#define HAVE_BN_ADD -#define HAVE_BN_ADD_WORDS - -#define HAVE_BN_DIV_WORDS - -#define HAVE_BN_MUL_ADD_WORDS -#define HAVE_BN_MUL_COMBA4 -#define HAVE_BN_MUL_COMBA8 -#define HAVE_BN_MUL_WORDS - -#define HAVE_BN_SQR -#define HAVE_BN_SQR_COMBA4 -#define HAVE_BN_SQR_COMBA8 - -#define HAVE_BN_SUB -#define HAVE_BN_SUB_WORDS - -#define HAVE_BN_WORD_CLZ - -#if defined(__GNUC__) - -#define HAVE_BN_DIV_REM_WORDS_INLINE - -static inline void -bn_div_rem_words_inline(BN_ULONG h, BN_ULONG l, BN_ULONG d, BN_ULONG *out_q, - BN_ULONG *out_r) -{ - BN_ULONG q, r; - - /* - * Unsigned division of %rdx:%rax by d with quotient being stored in - * %rax and remainder in %rdx. - */ - __asm__ volatile ("divq %4" - : "=a"(q), "=d"(r) - : "d"(h), "a"(l), "rm"(d) - : "cc"); - - *out_q = q; - *out_r = r; -} - -#define HAVE_BN_MULW - -static inline void -bn_mulw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULONG r1, r0; - - /* - * Unsigned multiplication of %rax, with the double word result being - * stored in %rdx:%rax. - */ - __asm__ ("mulq %3" - : "=d"(r1), "=a"(r0) - : "a"(a), "rm"(b) - : "cc"); - - *out_r1 = r1; - *out_r0 = r0; -} - -#define HAVE_BN_SUBW - -static inline void -bn_subw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_borrow, BN_ULONG *out_r0) -{ - BN_ULONG borrow, r0; - - __asm__ ( - "subq %3, %1 \n" - "setb %b0 \n" - "and $1, %0 \n" - : "=r"(borrow), "=r"(r0) - : "1"(a), "rm"(b) - : "cc"); - - *out_borrow = borrow; - *out_r0 = r0; -} - -#endif /* __GNUC__ */ - -#endif -#endif diff --git a/src/lib/libcrypto/bn/arch/amd64/word_clz.S b/src/lib/libcrypto/bn/arch/amd64/word_clz.S deleted file mode 100644 index 3926fcd4b0..0000000000 --- a/src/lib/libcrypto/bn/arch/amd64/word_clz.S +++ /dev/null @@ -1,60 +0,0 @@ -// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. -// -// Permission to use, copy, modify, and/or distribute this software for any -// purpose with or without fee is hereby granted, provided that the above -// copyright notice and this permission notice appear in all copies. -// -// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -// ---------------------------------------------------------------------------- -// Count leading zero bits in a single word -// Input a; output function return -// -// extern uint64_t word_clz (uint64_t a); -// -// Standard x86-64 ABI: RDI = a, returns RAX -// Microsoft x64 ABI: RCX = a, returns RAX -// ---------------------------------------------------------------------------- - -#include "s2n_bignum_internal.h" - - .intel_syntax noprefix - S2N_BN_SYM_VISIBILITY_DIRECTIVE(word_clz) - S2N_BN_SYM_PRIVACY_DIRECTIVE(word_clz) - .text - -S2N_BN_SYMBOL(word_clz): - _CET_ENDBR - -#if WINDOWS_ABI - push rdi - push rsi - mov rdi, rcx -#endif - -// First do rax = 63 - bsr(a), which is right except (maybe) for zero inputs - - bsr rax, rdi - xor rax, 63 - -// Force return of 64 in the zero-input case - - mov edx, 64 - test rdi, rdi - cmove rax, rdx - -#if WINDOWS_ABI - pop rsi - pop rdi -#endif - ret - -#if defined(__linux__) && defined(__ELF__) -.section .note.GNU-stack,"",%progbits -#endif diff --git a/src/lib/libcrypto/bn/arch/arm/bn_arch.h b/src/lib/libcrypto/bn/arch/arm/bn_arch.h deleted file mode 100644 index ef9bf7f156..0000000000 --- a/src/lib/libcrypto/bn/arch/arm/bn_arch.h +++ /dev/null @@ -1,73 +0,0 @@ -/* $OpenBSD: bn_arch.h,v 1.2 2023/06/24 15:51:47 jsing Exp $ */ -/* - * Copyright (c) 2023 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#ifndef HEADER_BN_ARCH_H -#define HEADER_BN_ARCH_H - -#ifndef OPENSSL_NO_ASM - -#if defined(__GNUC__) - -#define HAVE_BN_SUBW - -static inline void -bn_subw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_borrow, BN_ULONG *out_r0) -{ - BN_ULONG borrow, r0; - - __asm__ ( - "mov %[borrow], #0 \n" - "subs %[r0], %[a], %[b] \n" - "sbc %[borrow], %[borrow], #0 \n" - "neg %[borrow], %[borrow] \n" - : [borrow]"=&r"(borrow), [r0]"=r"(r0) - : [a]"r"(a), [b]"r"(b) - : "cc"); - - *out_borrow = borrow; - *out_r0 = r0; -} - -#define HAVE_BN_SUBW_SUBW - -static inline void -bn_subw_subw(BN_ULONG a, BN_ULONG b, BN_ULONG c, BN_ULONG *out_borrow, - BN_ULONG *out_r0) -{ - BN_ULONG borrow, r0; - - __asm__ ( - "mov %[borrow], #0 \n" - "subs %[r0], %[a], %[b] \n" - "sbc %[borrow], %[borrow], #0 \n" - "subs %[r0], %[r0], %[c] \n" - "sbc %[borrow], %[borrow], #0 \n" - "neg %[borrow], %[borrow] \n" - : [borrow]"=&r"(borrow), [r0]"=&r"(r0) - : [a]"r"(a), [b]"r"(b), [c]"r"(c) - : "cc"); - - *out_borrow = borrow; - *out_r0 = r0; -} - -#endif /* __GNUC__ */ - -#endif -#endif diff --git a/src/lib/libcrypto/bn/arch/hppa/bn_arch.h b/src/lib/libcrypto/bn/arch/hppa/bn_arch.h deleted file mode 100644 index 136adf0e97..0000000000 --- a/src/lib/libcrypto/bn/arch/hppa/bn_arch.h +++ /dev/null @@ -1,24 +0,0 @@ -/* $OpenBSD: bn_arch.h,v 1.1 2023/01/20 10:04:33 jsing Exp $ */ -/* - * Copyright (c) 2023 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_BN_ARCH_H -#define HEADER_BN_ARCH_H - -#ifndef OPENSSL_NO_ASM - -#endif -#endif diff --git a/src/lib/libcrypto/bn/arch/i386/bn_arch.h b/src/lib/libcrypto/bn/arch/i386/bn_arch.h deleted file mode 100644 index eef519fcc7..0000000000 --- a/src/lib/libcrypto/bn/arch/i386/bn_arch.h +++ /dev/null @@ -1,86 +0,0 @@ -/* $OpenBSD: bn_arch.h,v 1.9 2023/02/16 10:41:03 jsing Exp $ */ -/* - * Copyright (c) 2023 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#ifndef HEADER_BN_ARCH_H -#define HEADER_BN_ARCH_H - -#ifndef OPENSSL_NO_ASM - -#define HAVE_BN_ADD_WORDS - -#define HAVE_BN_DIV_WORDS - -#define HAVE_BN_MUL_ADD_WORDS -#define HAVE_BN_MUL_COMBA4 -#define HAVE_BN_MUL_COMBA8 -#define HAVE_BN_MUL_WORDS - -#define HAVE_BN_SQR_COMBA4 -#define HAVE_BN_SQR_COMBA8 -#define HAVE_BN_SQR_WORDS - -#define HAVE_BN_SUB_WORDS - -#if defined(__GNUC__) -#define HAVE_BN_DIV_REM_WORDS_INLINE - -static inline void -bn_div_rem_words_inline(BN_ULONG h, BN_ULONG l, BN_ULONG d, BN_ULONG *out_q, - BN_ULONG *out_r) -{ - BN_ULONG q, r; - - /* - * Unsigned division of %edx:%eax by d with quotient being stored in - * %eax and remainder in %edx. - */ - __asm__ volatile ("divl %4" - : "=a"(q), "=d"(r) - : "a"(l), "d"(h), "rm"(d) - : "cc"); - - *out_q = q; - *out_r = r; -} -#endif /* __GNUC__ */ - -#if defined(__GNUC__) -#define HAVE_BN_MULW - -static inline void -bn_mulw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULONG r1, r0; - - /* - * Unsigned multiplication of %eax, with the double word result being - * stored in %edx:%eax. - */ - __asm__ ("mull %3" - : "=d"(r1), "=a"(r0) - : "a"(a), "rm"(b) - : "cc"); - - *out_r1 = r1; - *out_r0 = r0; -} -#endif /* __GNUC__ */ - -#endif -#endif diff --git a/src/lib/libcrypto/bn/arch/m88k/bn_arch.h b/src/lib/libcrypto/bn/arch/m88k/bn_arch.h deleted file mode 100644 index 136adf0e97..0000000000 --- a/src/lib/libcrypto/bn/arch/m88k/bn_arch.h +++ /dev/null @@ -1,24 +0,0 @@ -/* $OpenBSD: bn_arch.h,v 1.1 2023/01/20 10:04:33 jsing Exp $ */ -/* - * Copyright (c) 2023 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_BN_ARCH_H -#define HEADER_BN_ARCH_H - -#ifndef OPENSSL_NO_ASM - -#endif -#endif diff --git a/src/lib/libcrypto/bn/arch/mips64/bn_arch.h b/src/lib/libcrypto/bn/arch/mips64/bn_arch.h deleted file mode 100644 index 53771bce1e..0000000000 --- a/src/lib/libcrypto/bn/arch/mips64/bn_arch.h +++ /dev/null @@ -1,40 +0,0 @@ -/* $OpenBSD: bn_arch.h,v 1.7 2023/01/23 12:17:58 jsing Exp $ */ -/* - * Copyright (c) 2023 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_BN_ARCH_H -#define HEADER_BN_ARCH_H - -#ifndef OPENSSL_NO_ASM - -#define HAVE_BN_ADD_WORDS - -#define HAVE_BN_DIV_WORDS -#define HAVE_BN_DIV_3_WORDS - -#define HAVE_BN_MUL_ADD_WORDS -#define HAVE_BN_MUL_COMBA4 -#define HAVE_BN_MUL_COMBA8 -#define HAVE_BN_MUL_WORDS - -#define HAVE_BN_SQR_COMBA4 -#define HAVE_BN_SQR_COMBA8 -#define HAVE_BN_SQR_WORDS - -#define HAVE_BN_SUB_WORDS - -#endif -#endif diff --git a/src/lib/libcrypto/bn/arch/powerpc/bn_arch.h b/src/lib/libcrypto/bn/arch/powerpc/bn_arch.h deleted file mode 100644 index 46e932a2d5..0000000000 --- a/src/lib/libcrypto/bn/arch/powerpc/bn_arch.h +++ /dev/null @@ -1,39 +0,0 @@ -/* $OpenBSD: bn_arch.h,v 1.6 2023/01/23 12:17:58 jsing Exp $ */ -/* - * Copyright (c) 2023 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_BN_ARCH_H -#define HEADER_BN_ARCH_H - -#ifndef OPENSSL_NO_ASM - -#define HAVE_BN_ADD_WORDS - -#define HAVE_BN_DIV_WORDS - -#define HAVE_BN_MUL_ADD_WORDS -#define HAVE_BN_MUL_COMBA4 -#define HAVE_BN_MUL_COMBA8 -#define HAVE_BN_MUL_WORDS - -#define HAVE_BN_SQR_COMBA4 -#define HAVE_BN_SQR_COMBA8 -#define HAVE_BN_SQR_WORDS - -#define HAVE_BN_SUB_WORDS - -#endif -#endif diff --git a/src/lib/libcrypto/bn/arch/powerpc64/bn_arch.h b/src/lib/libcrypto/bn/arch/powerpc64/bn_arch.h deleted file mode 100644 index 18bac203eb..0000000000 --- a/src/lib/libcrypto/bn/arch/powerpc64/bn_arch.h +++ /dev/null @@ -1,44 +0,0 @@ -/* $OpenBSD: bn_arch.h,v 1.4 2023/02/16 10:41:03 jsing Exp $ */ -/* - * Copyright (c) 2023 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_BN_ARCH_H -#define HEADER_BN_ARCH_H - -#ifndef OPENSSL_NO_ASM - -#if 0 /* Needs testing and enabling. */ -#if defined(__GNUC__) -#define HAVE_BN_MULW - -static inline void -bn_mulw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULONG r1, r0; - - /* Unsigned multiplication using a mulhdu/mul pair. */ - __asm__ ("mulhdu %0, %2, %3; mul %1, %2, %3" - : "=&r"(r1), "=r"(r0) - : "r"(a), "r"(b)); - - *out_r1 = r1; - *out_r0 = r0; -} -#endif /* __GNUC__ */ -#endif - -#endif -#endif diff --git a/src/lib/libcrypto/bn/arch/riscv64/bn_arch.h b/src/lib/libcrypto/bn/arch/riscv64/bn_arch.h deleted file mode 100644 index e67de835cf..0000000000 --- a/src/lib/libcrypto/bn/arch/riscv64/bn_arch.h +++ /dev/null @@ -1,86 +0,0 @@ -/* $OpenBSD: bn_arch.h,v 1.7 2023/07/09 10:37:32 jsing Exp $ */ -/* - * Copyright (c) 2023 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#ifndef HEADER_BN_ARCH_H -#define HEADER_BN_ARCH_H - -#ifndef OPENSSL_NO_ASM - -#if defined(__GNUC__) - -#define HAVE_BN_ADDW - -static inline void -bn_addw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULONG carry, r0; - - __asm__ ( - "add %[r0], %[a], %[b] \n" - "sltu %[carry], %[r0], %[a] \n" - : [carry]"=r"(carry), [r0]"=&r"(r0) - : [a]"r"(a), [b]"r"(b)); - - *out_r1 = carry; - *out_r0 = r0; -} - -#define HAVE_BN_MULW - -static inline void -bn_mulw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULONG r1, r0; - - /* - * Unsigned multiplication using a mulh/mul pair. Note that the order - * of these instructions is important, as they can potentially be fused - * into a single operation. - */ - __asm__ ( - "mulhu %[r1], %[a], %[b] \n" - "mul %[r0], %[a], %[b] \n" - : [r1]"=&r"(r1), [r0]"=r"(r0) - : [a]"r"(a), [b]"r"(b)); - - *out_r1 = r1; - *out_r0 = r0; -} - -#define HAVE_BN_SUBW - -static inline void -bn_subw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_borrow, BN_ULONG *out_r0) -{ - BN_ULONG borrow, r0; - - __asm__ ( - "sub %[r0], %[a], %[b] \n" - "sltu %[borrow], %[a], %[r0] \n" - : [borrow]"=r"(borrow), [r0]"=&r"(r0) - : [a]"r"(a), [b]"r"(b)); - - *out_borrow = borrow; - *out_r0 = r0; -} - -#endif /* __GNUC__ */ - -#endif -#endif diff --git a/src/lib/libcrypto/bn/arch/sh/bn_arch.h b/src/lib/libcrypto/bn/arch/sh/bn_arch.h deleted file mode 100644 index 4d6571f9cb..0000000000 --- a/src/lib/libcrypto/bn/arch/sh/bn_arch.h +++ /dev/null @@ -1,24 +0,0 @@ -/* $OpenBSD: bn_arch.h,v 1.1 2023/01/20 10:04:34 jsing Exp $ */ -/* - * Copyright (c) 2023 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_BN_ARCH_H -#define HEADER_BN_ARCH_H - -#ifndef OPENSSL_NO_ASM - -#endif -#endif diff --git a/src/lib/libcrypto/bn/arch/sparc64/bn_arch.h b/src/lib/libcrypto/bn/arch/sparc64/bn_arch.h deleted file mode 100644 index 4d6571f9cb..0000000000 --- a/src/lib/libcrypto/bn/arch/sparc64/bn_arch.h +++ /dev/null @@ -1,24 +0,0 @@ -/* $OpenBSD: bn_arch.h,v 1.1 2023/01/20 10:04:34 jsing Exp $ */ -/* - * Copyright (c) 2023 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_BN_ARCH_H -#define HEADER_BN_ARCH_H - -#ifndef OPENSSL_NO_ASM - -#endif -#endif diff --git a/src/lib/libcrypto/bn/asm/alpha-mont.pl b/src/lib/libcrypto/bn/asm/alpha-mont.pl deleted file mode 100644 index 874597f1c0..0000000000 --- a/src/lib/libcrypto/bn/asm/alpha-mont.pl +++ /dev/null @@ -1,315 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== -# -# On 21264 RSA sign performance improves by 70/35/20/15 percent for -# 512/1024/2048/4096 bit key lengths. This is against vendor compiler -# instructed to '-tune host' code with in-line assembler. Other -# benchmarks improve by 15-20%. To anchor it to something else, the -# code provides approximately the same performance per GHz as AMD64. -# I.e. if you compare 1GHz 21264 and 2GHz Opteron, you'll observe ~2x -# difference. - -# int bn_mul_mont( -$rp="a0"; # BN_ULONG *rp, -$ap="a1"; # const BN_ULONG *ap, -$bp="a2"; # const BN_ULONG *bp, -$np="a3"; # const BN_ULONG *np, -$n0="a4"; # const BN_ULONG *n0, -$num="a5"; # int num); - -$lo0="t0"; -$hi0="t1"; -$lo1="t2"; -$hi1="t3"; -$aj="t4"; -$bi="t5"; -$nj="t6"; -$tp="t7"; -$alo="t8"; -$ahi="t9"; -$nlo="t10"; -$nhi="t11"; -$tj="t12"; -$i="s3"; -$j="s4"; -$m1="s5"; - -$code=<<___; -#include - -.text - -.set noat -.set noreorder - -.globl bn_mul_mont -.align 5 -.ent bn_mul_mont -bn_mul_mont: - lda sp,-48(sp) - stq ra,0(sp) - stq s3,8(sp) - stq s4,16(sp) - stq s5,24(sp) - stq fp,32(sp) - mov sp,fp - .mask 0x0400f000,-48 - .frame fp,48,ra - .prologue 0 - - .align 4 - .set reorder - sextl $num,$num - mov 0,v0 - cmplt $num,4,AT - bne AT,.Lexit - - ldq $hi0,0($ap) # ap[0] - s8addq $num,16,AT - ldq $aj,8($ap) - subq sp,AT,sp - ldq $bi,0($bp) # bp[0] - lda AT,-4096(zero) # mov -4096,AT - ldq $n0,0($n0) - and sp,AT,sp - - mulq $hi0,$bi,$lo0 - ldq $hi1,0($np) # np[0] - umulh $hi0,$bi,$hi0 - ldq $nj,8($np) - - mulq $lo0,$n0,$m1 - - mulq $hi1,$m1,$lo1 - umulh $hi1,$m1,$hi1 - - addq $lo1,$lo0,$lo1 - cmpult $lo1,$lo0,AT - addq $hi1,AT,$hi1 - - mulq $aj,$bi,$alo - mov 2,$j - umulh $aj,$bi,$ahi - mov sp,$tp - - mulq $nj,$m1,$nlo - s8addq $j,$ap,$aj - umulh $nj,$m1,$nhi - s8addq $j,$np,$nj -.align 4 -.L1st: - .set noreorder - ldq $aj,0($aj) - addl $j,1,$j - ldq $nj,0($nj) - lda $tp,8($tp) - - addq $alo,$hi0,$lo0 - mulq $aj,$bi,$alo - cmpult $lo0,$hi0,AT - addq $nlo,$hi1,$lo1 - - mulq $nj,$m1,$nlo - addq $ahi,AT,$hi0 - cmpult $lo1,$hi1,v0 - cmplt $j,$num,$tj - - umulh $aj,$bi,$ahi - addq $nhi,v0,$hi1 - addq $lo1,$lo0,$lo1 - s8addq $j,$ap,$aj - - umulh $nj,$m1,$nhi - cmpult $lo1,$lo0,v0 - addq $hi1,v0,$hi1 - s8addq $j,$np,$nj - - stq $lo1,-8($tp) - nop - unop - bne $tj,.L1st - .set reorder - - addq $alo,$hi0,$lo0 - addq $nlo,$hi1,$lo1 - cmpult $lo0,$hi0,AT - cmpult $lo1,$hi1,v0 - addq $ahi,AT,$hi0 - addq $nhi,v0,$hi1 - - addq $lo1,$lo0,$lo1 - cmpult $lo1,$lo0,v0 - addq $hi1,v0,$hi1 - - stq $lo1,0($tp) - - addq $hi1,$hi0,$hi1 - cmpult $hi1,$hi0,AT - stq $hi1,8($tp) - stq AT,16($tp) - - mov 1,$i -.align 4 -.Louter: - s8addq $i,$bp,$bi - ldq $hi0,0($ap) - ldq $aj,8($ap) - ldq $bi,0($bi) - ldq $hi1,0($np) - ldq $nj,8($np) - ldq $tj,0(sp) - - mulq $hi0,$bi,$lo0 - umulh $hi0,$bi,$hi0 - - addq $lo0,$tj,$lo0 - cmpult $lo0,$tj,AT - addq $hi0,AT,$hi0 - - mulq $lo0,$n0,$m1 - - mulq $hi1,$m1,$lo1 - umulh $hi1,$m1,$hi1 - - addq $lo1,$lo0,$lo1 - cmpult $lo1,$lo0,AT - mov 2,$j - addq $hi1,AT,$hi1 - - mulq $aj,$bi,$alo - mov sp,$tp - umulh $aj,$bi,$ahi - - mulq $nj,$m1,$nlo - s8addq $j,$ap,$aj - umulh $nj,$m1,$nhi -.align 4 -.Linner: - .set noreorder - ldq $tj,8($tp) #L0 - nop #U1 - ldq $aj,0($aj) #L1 - s8addq $j,$np,$nj #U0 - - ldq $nj,0($nj) #L0 - nop #U1 - addq $alo,$hi0,$lo0 #L1 - lda $tp,8($tp) - - mulq $aj,$bi,$alo #U1 - cmpult $lo0,$hi0,AT #L0 - addq $nlo,$hi1,$lo1 #L1 - addl $j,1,$j - - mulq $nj,$m1,$nlo #U1 - addq $ahi,AT,$hi0 #L0 - addq $lo0,$tj,$lo0 #L1 - cmpult $lo1,$hi1,v0 #U0 - - umulh $aj,$bi,$ahi #U1 - cmpult $lo0,$tj,AT #L0 - addq $lo1,$lo0,$lo1 #L1 - addq $nhi,v0,$hi1 #U0 - - umulh $nj,$m1,$nhi #U1 - s8addq $j,$ap,$aj #L0 - cmpult $lo1,$lo0,v0 #L1 - cmplt $j,$num,$tj #U0 # borrow $tj - - addq $hi0,AT,$hi0 #L0 - addq $hi1,v0,$hi1 #U1 - stq $lo1,-8($tp) #L1 - bne $tj,.Linner #U0 - .set reorder - - ldq $tj,8($tp) - addq $alo,$hi0,$lo0 - addq $nlo,$hi1,$lo1 - cmpult $lo0,$hi0,AT - cmpult $lo1,$hi1,v0 - addq $ahi,AT,$hi0 - addq $nhi,v0,$hi1 - - addq $lo0,$tj,$lo0 - cmpult $lo0,$tj,AT - addq $hi0,AT,$hi0 - - ldq $tj,16($tp) - addq $lo1,$lo0,$j - cmpult $j,$lo0,v0 - addq $hi1,v0,$hi1 - - addq $hi1,$hi0,$lo1 - stq $j,0($tp) - cmpult $lo1,$hi0,$hi1 - addq $lo1,$tj,$lo1 - cmpult $lo1,$tj,AT - addl $i,1,$i - addq $hi1,AT,$hi1 - stq $lo1,8($tp) - cmplt $i,$num,$tj # borrow $tj - stq $hi1,16($tp) - bne $tj,.Louter - - s8addq $num,sp,$tj # &tp[num] - mov $rp,$bp # put rp aside - mov sp,$tp - mov sp,$ap - mov 0,$hi0 # clear borrow bit - -.align 4 -.Lsub: ldq $lo0,0($tp) - ldq $lo1,0($np) - lda $tp,8($tp) - lda $np,8($np) - subq $lo0,$lo1,$lo1 # tp[i]-np[i] - cmpult $lo0,$lo1,AT - subq $lo1,$hi0,$lo0 - cmpult $lo1,$lo0,$hi0 - or $hi0,AT,$hi0 - stq $lo0,0($rp) - cmpult $tp,$tj,v0 - lda $rp,8($rp) - bne v0,.Lsub - - subq $hi1,$hi0,$hi0 # handle upmost overflow bit - mov sp,$tp - mov $bp,$rp # restore rp - - and sp,$hi0,$ap - bic $bp,$hi0,$bp - bis $bp,$ap,$ap # ap=borrow?tp:rp - -.align 4 -.Lcopy: ldq $aj,0($ap) # copy or in-place refresh - lda $tp,8($tp) - lda $rp,8($rp) - lda $ap,8($ap) - stq zero,-8($tp) # zap tp - cmpult $tp,$tj,AT - stq $aj,-8($rp) - bne AT,.Lcopy - mov 1,v0 - -.Lexit: - .set noreorder - mov fp,sp - /*ldq ra,0(sp)*/ - ldq s3,8(sp) - ldq s4,16(sp) - ldq s5,24(sp) - ldq fp,32(sp) - lda sp,48(sp) - ret (ra) -.end bn_mul_mont -.align 2 -___ - -print $code; -close STDOUT; diff --git a/src/lib/libcrypto/bn/asm/armv4-mont.pl b/src/lib/libcrypto/bn/asm/armv4-mont.pl deleted file mode 100644 index f78a8b5f0f..0000000000 --- a/src/lib/libcrypto/bn/asm/armv4-mont.pl +++ /dev/null @@ -1,204 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# January 2007. - -# Montgomery multiplication for ARMv4. -# -# Performance improvement naturally varies among CPU implementations -# and compilers. The code was observed to provide +65-35% improvement -# [depending on key length, less for longer keys] on ARM920T, and -# +115-80% on Intel IXP425. This is compared to pre-bn_mul_mont code -# base and compiler generated code with in-lined umull and even umlal -# instructions. The latter means that this code didn't really have an -# "advantage" of utilizing some "secret" instruction. -# -# The code is interoperable with Thumb ISA and is rather compact, less -# than 1/2KB. Windows CE port would be trivial, as it's exclusively -# about decorations, ABI and instruction syntax are identical. - -while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {} -open STDOUT,">$output"; - -$num="r0"; # starts as num argument, but holds &tp[num-1] -$ap="r1"; -$bp="r2"; $bi="r2"; $rp="r2"; -$np="r3"; -$tp="r4"; -$aj="r5"; -$nj="r6"; -$tj="r7"; -$n0="r8"; -########### # r9 is reserved by ELF as platform specific, e.g. TLS pointer -$alo="r10"; # sl, gcc uses it to keep @GOT -$ahi="r11"; # fp -$nlo="r12"; # ip -########### # r13 is stack pointer -$nhi="r14"; # lr -########### # r15 is program counter - -#### argument block layout relative to &tp[num-1], a.k.a. $num -$_rp="$num,#12*4"; -# ap permanently resides in r1 -$_bp="$num,#13*4"; -# np permanently resides in r3 -$_n0="$num,#14*4"; -$_num="$num,#15*4"; $_bpend=$_num; - -$code=<<___; -.text - -.global bn_mul_mont -.type bn_mul_mont,%function - -.align 2 -bn_mul_mont: - stmdb sp!,{r0,r2} @ sp points at argument block - ldr $num,[sp,#3*4] @ load num - cmp $num,#2 - movlt r0,#0 - addlt sp,sp,#2*4 - blt .Labrt - - stmdb sp!,{r4-r12,lr} @ save 10 registers - - mov $num,$num,lsl#2 @ rescale $num for byte count - sub sp,sp,$num @ alloca(4*num) - sub sp,sp,#4 @ +extra dword - sub $num,$num,#4 @ "num=num-1" - add $tp,$bp,$num @ &bp[num-1] - - add $num,sp,$num @ $num to point at &tp[num-1] - ldr $n0,[$_n0] @ &n0 - ldr $bi,[$bp] @ bp[0] - ldr $aj,[$ap],#4 @ ap[0],ap++ - ldr $nj,[$np],#4 @ np[0],np++ - ldr $n0,[$n0] @ *n0 - str $tp,[$_bpend] @ save &bp[num] - - umull $alo,$ahi,$aj,$bi @ ap[0]*bp[0] - str $n0,[$_n0] @ save n0 value - mul $n0,$alo,$n0 @ "tp[0]"*n0 - mov $nlo,#0 - umlal $alo,$nlo,$nj,$n0 @ np[0]*n0+"t[0]" - mov $tp,sp - -.L1st: - ldr $aj,[$ap],#4 @ ap[j],ap++ - mov $alo,$ahi - ldr $nj,[$np],#4 @ np[j],np++ - mov $ahi,#0 - umlal $alo,$ahi,$aj,$bi @ ap[j]*bp[0] - mov $nhi,#0 - umlal $nlo,$nhi,$nj,$n0 @ np[j]*n0 - adds $nlo,$nlo,$alo - str $nlo,[$tp],#4 @ tp[j-1]=,tp++ - adc $nlo,$nhi,#0 - cmp $tp,$num - bne .L1st - - adds $nlo,$nlo,$ahi - ldr $tp,[$_bp] @ restore bp - mov $nhi,#0 - ldr $n0,[$_n0] @ restore n0 - adc $nhi,$nhi,#0 - str $nlo,[$num] @ tp[num-1]= - str $nhi,[$num,#4] @ tp[num]= - -.Louter: - sub $tj,$num,sp @ "original" $num-1 value - sub $ap,$ap,$tj @ "rewind" ap to &ap[1] - ldr $bi,[$tp,#4]! @ *(++bp) - sub $np,$np,$tj @ "rewind" np to &np[1] - ldr $aj,[$ap,#-4] @ ap[0] - ldr $alo,[sp] @ tp[0] - ldr $nj,[$np,#-4] @ np[0] - ldr $tj,[sp,#4] @ tp[1] - - mov $ahi,#0 - umlal $alo,$ahi,$aj,$bi @ ap[0]*bp[i]+tp[0] - str $tp,[$_bp] @ save bp - mul $n0,$alo,$n0 - mov $nlo,#0 - umlal $alo,$nlo,$nj,$n0 @ np[0]*n0+"tp[0]" - mov $tp,sp - -.Linner: - ldr $aj,[$ap],#4 @ ap[j],ap++ - adds $alo,$ahi,$tj @ +=tp[j] - ldr $nj,[$np],#4 @ np[j],np++ - mov $ahi,#0 - umlal $alo,$ahi,$aj,$bi @ ap[j]*bp[i] - mov $nhi,#0 - umlal $nlo,$nhi,$nj,$n0 @ np[j]*n0 - adc $ahi,$ahi,#0 - ldr $tj,[$tp,#8] @ tp[j+1] - adds $nlo,$nlo,$alo - str $nlo,[$tp],#4 @ tp[j-1]=,tp++ - adc $nlo,$nhi,#0 - cmp $tp,$num - bne .Linner - - adds $nlo,$nlo,$ahi - mov $nhi,#0 - ldr $tp,[$_bp] @ restore bp - adc $nhi,$nhi,#0 - ldr $n0,[$_n0] @ restore n0 - adds $nlo,$nlo,$tj - ldr $tj,[$_bpend] @ restore &bp[num] - adc $nhi,$nhi,#0 - str $nlo,[$num] @ tp[num-1]= - str $nhi,[$num,#4] @ tp[num]= - - cmp $tp,$tj - bne .Louter - - ldr $rp,[$_rp] @ pull rp - add $num,$num,#4 @ $num to point at &tp[num] - sub $aj,$num,sp @ "original" num value - mov $tp,sp @ "rewind" $tp - mov $ap,$tp @ "borrow" $ap - sub $np,$np,$aj @ "rewind" $np to &np[0] - - subs $tj,$tj,$tj @ "clear" carry flag -.Lsub: ldr $tj,[$tp],#4 - ldr $nj,[$np],#4 - sbcs $tj,$tj,$nj @ tp[j]-np[j] - str $tj,[$rp],#4 @ rp[j]= - teq $tp,$num @ preserve carry - bne .Lsub - sbcs $nhi,$nhi,#0 @ upmost carry - mov $tp,sp @ "rewind" $tp - sub $rp,$rp,$aj @ "rewind" $rp - - and $ap,$tp,$nhi - bic $np,$rp,$nhi - orr $ap,$ap,$np @ ap=borrow?tp:rp - -.Lcopy: ldr $tj,[$ap],#4 @ copy or in-place refresh - str sp,[$tp],#4 @ zap tp - str $tj,[$rp],#4 - cmp $tp,$num - bne .Lcopy - - add sp,$num,#4 @ skip over tp[num+1] - ldmia sp!,{r4-r12,lr} @ restore registers - add sp,sp,#2*4 @ skip over {r0,r2} - mov r0,#1 -.Labrt: tst lr,#1 - moveq pc,lr @ be binary compatible with V4, yet - bx lr @ interoperable with Thumb ISA:-) -.size bn_mul_mont,.-bn_mul_mont -.asciz "Montgomery multiplication for ARMv4, CRYPTOGAMS by " -.align 2 -___ - -$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm; # make it possible to compile with -march=armv4 -print $code; -close STDOUT; diff --git a/src/lib/libcrypto/bn/asm/bn-586.pl b/src/lib/libcrypto/bn/asm/bn-586.pl deleted file mode 100644 index 71b775af8d..0000000000 --- a/src/lib/libcrypto/bn/asm/bn-586.pl +++ /dev/null @@ -1,567 +0,0 @@ -#!/usr/local/bin/perl - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -push(@INC,"${dir}","${dir}../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],$0); - -$sse2=0; -for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } - -&external_label("OPENSSL_ia32cap_P") if ($sse2); - -&bn_mul_add_words("bn_mul_add_words"); -&bn_mul_words("bn_mul_words"); -&bn_sqr_words("bn_sqr_words"); -&bn_div_words("bn_div_words"); -&bn_add_words("bn_add_words"); -&bn_sub_words("bn_sub_words"); - -&asm_finish(); - -sub bn_mul_add_words - { - local($name)=@_; - - &function_begin_B($name,""); - - $r="eax"; - $a="edx"; - $c="ecx"; - - if ($sse2) { - &picsetup("eax"); - &picsymbol("eax", "OPENSSL_ia32cap_P", "eax"); - &bt(&DWP(0,"eax"),"\$IA32CAP_BIT0_SSE2"); - &jnc(&label("maw_non_sse2")); - - &mov($r,&wparam(0)); - &mov($a,&wparam(1)); - &mov($c,&wparam(2)); - &movd("mm0",&wparam(3)); # mm0 = w - &pxor("mm1","mm1"); # mm1 = carry_in - &jmp(&label("maw_sse2_entry")); - - &set_label("maw_sse2_unrolled",16); - &movd("mm3",&DWP(0,$r,"",0)); # mm3 = r[0] - &paddq("mm1","mm3"); # mm1 = carry_in + r[0] - &movd("mm2",&DWP(0,$a,"",0)); # mm2 = a[0] - &pmuludq("mm2","mm0"); # mm2 = w*a[0] - &movd("mm4",&DWP(4,$a,"",0)); # mm4 = a[1] - &pmuludq("mm4","mm0"); # mm4 = w*a[1] - &movd("mm6",&DWP(8,$a,"",0)); # mm6 = a[2] - &pmuludq("mm6","mm0"); # mm6 = w*a[2] - &movd("mm7",&DWP(12,$a,"",0)); # mm7 = a[3] - &pmuludq("mm7","mm0"); # mm7 = w*a[3] - &paddq("mm1","mm2"); # mm1 = carry_in + r[0] + w*a[0] - &movd("mm3",&DWP(4,$r,"",0)); # mm3 = r[1] - &paddq("mm3","mm4"); # mm3 = r[1] + w*a[1] - &movd("mm5",&DWP(8,$r,"",0)); # mm5 = r[2] - &paddq("mm5","mm6"); # mm5 = r[2] + w*a[2] - &movd("mm4",&DWP(12,$r,"",0)); # mm4 = r[3] - &paddq("mm7","mm4"); # mm7 = r[3] + w*a[3] - &movd(&DWP(0,$r,"",0),"mm1"); - &movd("mm2",&DWP(16,$a,"",0)); # mm2 = a[4] - &pmuludq("mm2","mm0"); # mm2 = w*a[4] - &psrlq("mm1",32); # mm1 = carry0 - &movd("mm4",&DWP(20,$a,"",0)); # mm4 = a[5] - &pmuludq("mm4","mm0"); # mm4 = w*a[5] - &paddq("mm1","mm3"); # mm1 = carry0 + r[1] + w*a[1] - &movd("mm6",&DWP(24,$a,"",0)); # mm6 = a[6] - &pmuludq("mm6","mm0"); # mm6 = w*a[6] - &movd(&DWP(4,$r,"",0),"mm1"); - &psrlq("mm1",32); # mm1 = carry1 - &movd("mm3",&DWP(28,$a,"",0)); # mm3 = a[7] - &add($a,32); - &pmuludq("mm3","mm0"); # mm3 = w*a[7] - &paddq("mm1","mm5"); # mm1 = carry1 + r[2] + w*a[2] - &movd("mm5",&DWP(16,$r,"",0)); # mm5 = r[4] - &paddq("mm2","mm5"); # mm2 = r[4] + w*a[4] - &movd(&DWP(8,$r,"",0),"mm1"); - &psrlq("mm1",32); # mm1 = carry2 - &paddq("mm1","mm7"); # mm1 = carry2 + r[3] + w*a[3] - &movd("mm5",&DWP(20,$r,"",0)); # mm5 = r[5] - &paddq("mm4","mm5"); # mm4 = r[5] + w*a[5] - &movd(&DWP(12,$r,"",0),"mm1"); - &psrlq("mm1",32); # mm1 = carry3 - &paddq("mm1","mm2"); # mm1 = carry3 + r[4] + w*a[4] - &movd("mm5",&DWP(24,$r,"",0)); # mm5 = r[6] - &paddq("mm6","mm5"); # mm6 = r[6] + w*a[6] - &movd(&DWP(16,$r,"",0),"mm1"); - &psrlq("mm1",32); # mm1 = carry4 - &paddq("mm1","mm4"); # mm1 = carry4 + r[5] + w*a[5] - &movd("mm5",&DWP(28,$r,"",0)); # mm5 = r[7] - &paddq("mm3","mm5"); # mm3 = r[7] + w*a[7] - &movd(&DWP(20,$r,"",0),"mm1"); - &psrlq("mm1",32); # mm1 = carry5 - &paddq("mm1","mm6"); # mm1 = carry5 + r[6] + w*a[6] - &movd(&DWP(24,$r,"",0),"mm1"); - &psrlq("mm1",32); # mm1 = carry6 - &paddq("mm1","mm3"); # mm1 = carry6 + r[7] + w*a[7] - &movd(&DWP(28,$r,"",0),"mm1"); - &lea($r,&DWP(32,$r)); - &psrlq("mm1",32); # mm1 = carry_out - - &sub($c,8); - &jz(&label("maw_sse2_exit")); - &set_label("maw_sse2_entry"); - &test($c,0xfffffff8); - &jnz(&label("maw_sse2_unrolled")); - - &set_label("maw_sse2_loop",4); - &movd("mm2",&DWP(0,$a)); # mm2 = a[i] - &movd("mm3",&DWP(0,$r)); # mm3 = r[i] - &pmuludq("mm2","mm0"); # a[i] *= w - &lea($a,&DWP(4,$a)); - &paddq("mm1","mm3"); # carry += r[i] - &paddq("mm1","mm2"); # carry += a[i]*w - &movd(&DWP(0,$r),"mm1"); # r[i] = carry_low - &sub($c,1); - &psrlq("mm1",32); # carry = carry_high - &lea($r,&DWP(4,$r)); - &jnz(&label("maw_sse2_loop")); - &set_label("maw_sse2_exit"); - &movd("eax","mm1"); # c = carry_out - &emms(); - &ret(); - - &set_label("maw_non_sse2",16); - } - - # function_begin prologue - &push("ebp"); - &push("ebx"); - &push("esi"); - &push("edi"); - - &comment(""); - $Low="eax"; - $High="edx"; - $a="ebx"; - $w="ebp"; - $r="edi"; - $c="esi"; - - &xor($c,$c); # clear carry - &mov($r,&wparam(0)); # - - &mov("ecx",&wparam(2)); # - &mov($a,&wparam(1)); # - - &and("ecx",0xfffffff8); # num / 8 - &mov($w,&wparam(3)); # - - &push("ecx"); # Up the stack for a tmp variable - - &jz(&label("maw_finish")); - - &set_label("maw_loop",16); - - for ($i=0; $i<32; $i+=4) - { - &comment("Round $i"); - - &mov("eax",&DWP($i,$a)); # *a - &mul($w); # *a * w - &add("eax",$c); # L(t)+= c - &adc("edx",0); # H(t)+=carry - &add("eax",&DWP($i,$r)); # L(t)+= *r - &adc("edx",0); # H(t)+=carry - &mov(&DWP($i,$r),"eax"); # *r= L(t); - &mov($c,"edx"); # c= H(t); - } - - &comment(""); - &sub("ecx",8); - &lea($a,&DWP(32,$a)); - &lea($r,&DWP(32,$r)); - &jnz(&label("maw_loop")); - - &set_label("maw_finish",0); - &mov("ecx",&wparam(2)); # get num - &and("ecx",7); - &jnz(&label("maw_finish2")); # helps branch prediction - &jmp(&label("maw_end")); - - &set_label("maw_finish2",1); - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov("eax",&DWP($i*4,$a)); # *a - &mul($w); # *a * w - &add("eax",$c); # L(t)+=c - &adc("edx",0); # H(t)+=carry - &add("eax",&DWP($i*4,$r)); # L(t)+= *r - &adc("edx",0); # H(t)+=carry - &dec("ecx") if ($i != 7-1); - &mov(&DWP($i*4,$r),"eax"); # *r= L(t); - &mov($c,"edx"); # c= H(t); - &jz(&label("maw_end")) if ($i != 7-1); - } - &set_label("maw_end",0); - &mov("eax",$c); - - &pop("ecx"); # clear variable from - - &function_end($name); - } - -sub bn_mul_words - { - local($name)=@_; - - &function_begin_B($name,""); - - $r="eax"; - $a="edx"; - $c="ecx"; - - if ($sse2) { - &picsetup("eax"); - &picsymbol("eax", "OPENSSL_ia32cap_P", "eax"); - &bt(&DWP(0,"eax"),"\$IA32CAP_BIT0_SSE2"); - &jnc(&label("mw_non_sse2")); - - &mov($r,&wparam(0)); - &mov($a,&wparam(1)); - &mov($c,&wparam(2)); - &movd("mm0",&wparam(3)); # mm0 = w - &pxor("mm1","mm1"); # mm1 = carry = 0 - - &set_label("mw_sse2_loop",16); - &movd("mm2",&DWP(0,$a)); # mm2 = a[i] - &pmuludq("mm2","mm0"); # a[i] *= w - &lea($a,&DWP(4,$a)); - &paddq("mm1","mm2"); # carry += a[i]*w - &movd(&DWP(0,$r),"mm1"); # r[i] = carry_low - &sub($c,1); - &psrlq("mm1",32); # carry = carry_high - &lea($r,&DWP(4,$r)); - &jnz(&label("mw_sse2_loop")); - - &movd("eax","mm1"); # return carry - &emms(); - &ret(); - &set_label("mw_non_sse2",16); - } - - # function_begin prologue - &push("ebp"); - &push("ebx"); - &push("esi"); - &push("edi"); - - &comment(""); - $Low="eax"; - $High="edx"; - $a="ebx"; - $w="ecx"; - $r="edi"; - $c="esi"; - $num="ebp"; - - &xor($c,$c); # clear carry - &mov($r,&wparam(0)); # - &mov($a,&wparam(1)); # - &mov($num,&wparam(2)); # - &mov($w,&wparam(3)); # - - &and($num,0xfffffff8); # num / 8 - &jz(&label("mw_finish")); - - &set_label("mw_loop",0); - for ($i=0; $i<32; $i+=4) - { - &comment("Round $i"); - - &mov("eax",&DWP($i,$a,"",0)); # *a - &mul($w); # *a * w - &add("eax",$c); # L(t)+=c - # XXX - - &adc("edx",0); # H(t)+=carry - &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t); - - &mov($c,"edx"); # c= H(t); - } - - &comment(""); - &add($a,32); - &add($r,32); - &sub($num,8); - &jz(&label("mw_finish")); - &jmp(&label("mw_loop")); - - &set_label("mw_finish",0); - &mov($num,&wparam(2)); # get num - &and($num,7); - &jnz(&label("mw_finish2")); - &jmp(&label("mw_end")); - - &set_label("mw_finish2",1); - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov("eax",&DWP($i*4,$a,"",0));# *a - &mul($w); # *a * w - &add("eax",$c); # L(t)+=c - # XXX - &adc("edx",0); # H(t)+=carry - &mov(&DWP($i*4,$r,"",0),"eax");# *r= L(t); - &mov($c,"edx"); # c= H(t); - &dec($num) if ($i != 7-1); - &jz(&label("mw_end")) if ($i != 7-1); - } - &set_label("mw_end",0); - &mov("eax",$c); - - &function_end($name); - } - -sub bn_sqr_words - { - local($name)=@_; - - &function_begin_B($name,""); - - $r="eax"; - $a="edx"; - $c="ecx"; - - if ($sse2) { - &picsetup("eax"); - &picsymbol("eax", "OPENSSL_ia32cap_P", "eax"); - &bt(&DWP(0,"eax"),"\$IA32CAP_BIT0_SSE2"); - &jnc(&label("sqr_non_sse2")); - - &mov($r,&wparam(0)); - &mov($a,&wparam(1)); - &mov($c,&wparam(2)); - - &set_label("sqr_sse2_loop",16); - &movd("mm0",&DWP(0,$a)); # mm0 = a[i] - &pmuludq("mm0","mm0"); # a[i] *= a[i] - &lea($a,&DWP(4,$a)); # a++ - &movq(&QWP(0,$r),"mm0"); # r[i] = a[i]*a[i] - &sub($c,1); - &lea($r,&DWP(8,$r)); # r += 2 - &jnz(&label("sqr_sse2_loop")); - - &emms(); - &ret(); - &set_label("sqr_non_sse2",16); - } - - # function_begin prologue - &push("ebp"); - &push("ebx"); - &push("esi"); - &push("edi"); - - &comment(""); - $r="esi"; - $a="edi"; - $num="ebx"; - - &mov($r,&wparam(0)); # - &mov($a,&wparam(1)); # - &mov($num,&wparam(2)); # - - &and($num,0xfffffff8); # num / 8 - &jz(&label("sw_finish")); - - &set_label("sw_loop",0); - for ($i=0; $i<32; $i+=4) - { - &comment("Round $i"); - &mov("eax",&DWP($i,$a,"",0)); # *a - # XXX - &mul("eax"); # *a * *a - &mov(&DWP($i*2,$r,"",0),"eax"); # - &mov(&DWP($i*2+4,$r,"",0),"edx");# - } - - &comment(""); - &add($a,32); - &add($r,64); - &sub($num,8); - &jnz(&label("sw_loop")); - - &set_label("sw_finish",0); - &mov($num,&wparam(2)); # get num - &and($num,7); - &jz(&label("sw_end")); - - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov("eax",&DWP($i*4,$a,"",0)); # *a - # XXX - &mul("eax"); # *a * *a - &mov(&DWP($i*8,$r,"",0),"eax"); # - &dec($num) if ($i != 7-1); - &mov(&DWP($i*8+4,$r,"",0),"edx"); - &jz(&label("sw_end")) if ($i != 7-1); - } - &set_label("sw_end",0); - - &function_end($name); - } - -sub bn_div_words - { - local($name)=@_; - - &function_begin_B($name,""); - &mov("edx",&wparam(0)); # - &mov("eax",&wparam(1)); # - &mov("ecx",&wparam(2)); # - &div("ecx"); - &ret(); - &function_end_B($name); - } - -sub bn_add_words - { - local($name)=@_; - - &function_begin($name,""); - - &comment(""); - $a="esi"; - $b="edi"; - $c="eax"; - $r="ebx"; - $tmp1="ecx"; - $tmp2="edx"; - $num="ebp"; - - &mov($r,&wparam(0)); # get r - &mov($a,&wparam(1)); # get a - &mov($b,&wparam(2)); # get b - &mov($num,&wparam(3)); # get num - &xor($c,$c); # clear carry - &and($num,0xfffffff8); # num / 8 - - &jz(&label("aw_finish")); - - &set_label("aw_loop",0); - for ($i=0; $i<8; $i++) - { - &comment("Round $i"); - - &mov($tmp1,&DWP($i*4,$a,"",0)); # *a - &mov($tmp2,&DWP($i*4,$b,"",0)); # *b - &add($tmp1,$c); - &mov($c,0); - &adc($c,$c); - &add($tmp1,$tmp2); - &adc($c,0); - &mov(&DWP($i*4,$r,"",0),$tmp1); # *r - } - - &comment(""); - &add($a,32); - &add($b,32); - &add($r,32); - &sub($num,8); - &jnz(&label("aw_loop")); - - &set_label("aw_finish",0); - &mov($num,&wparam(3)); # get num - &and($num,7); - &jz(&label("aw_end")); - - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov($tmp1,&DWP($i*4,$a,"",0)); # *a - &mov($tmp2,&DWP($i*4,$b,"",0));# *b - &add($tmp1,$c); - &mov($c,0); - &adc($c,$c); - &add($tmp1,$tmp2); - &adc($c,0); - &dec($num) if ($i != 6); - &mov(&DWP($i*4,$r,"",0),$tmp1); # *r - &jz(&label("aw_end")) if ($i != 6); - } - &set_label("aw_end",0); - -# &mov("eax",$c); # $c is "eax" - - &function_end($name); - } - -sub bn_sub_words - { - local($name)=@_; - - &function_begin($name,""); - - &comment(""); - $a="esi"; - $b="edi"; - $c="eax"; - $r="ebx"; - $tmp1="ecx"; - $tmp2="edx"; - $num="ebp"; - - &mov($r,&wparam(0)); # get r - &mov($a,&wparam(1)); # get a - &mov($b,&wparam(2)); # get b - &mov($num,&wparam(3)); # get num - &xor($c,$c); # clear carry - &and($num,0xfffffff8); # num / 8 - - &jz(&label("aw_finish")); - - &set_label("aw_loop",0); - for ($i=0; $i<8; $i++) - { - &comment("Round $i"); - - &mov($tmp1,&DWP($i*4,$a,"",0)); # *a - &mov($tmp2,&DWP($i*4,$b,"",0)); # *b - &sub($tmp1,$c); - &mov($c,0); - &adc($c,$c); - &sub($tmp1,$tmp2); - &adc($c,0); - &mov(&DWP($i*4,$r,"",0),$tmp1); # *r - } - - &comment(""); - &add($a,32); - &add($b,32); - &add($r,32); - &sub($num,8); - &jnz(&label("aw_loop")); - - &set_label("aw_finish",0); - &mov($num,&wparam(3)); # get num - &and($num,7); - &jz(&label("aw_end")); - - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov($tmp1,&DWP($i*4,$a,"",0)); # *a - &mov($tmp2,&DWP($i*4,$b,"",0));# *b - &sub($tmp1,$c); - &mov($c,0); - &adc($c,$c); - &sub($tmp1,$tmp2); - &adc($c,0); - &dec($num) if ($i != 6); - &mov(&DWP($i*4,$r,"",0),$tmp1); # *r - &jz(&label("aw_end")) if ($i != 6); - } - &set_label("aw_end",0); - -# &mov("eax",$c); # $c is "eax" - - &function_end($name); - } diff --git a/src/lib/libcrypto/bn/asm/co-586.pl b/src/lib/libcrypto/bn/asm/co-586.pl deleted file mode 100644 index 37d79cc0c1..0000000000 --- a/src/lib/libcrypto/bn/asm/co-586.pl +++ /dev/null @@ -1,287 +0,0 @@ -#!/usr/local/bin/perl - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -push(@INC,"${dir}","${dir}../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],$0); - -&bn_mul_comba("bn_mul_comba8",8); -&bn_mul_comba("bn_mul_comba4",4); -&bn_sqr_comba("bn_sqr_comba8",8); -&bn_sqr_comba("bn_sqr_comba4",4); - -&asm_finish(); - -sub mul_add_c - { - local($a,$ai,$b,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_; - - # pos == -1 if eax and edx are pre-loaded, 0 to load from next - # words, and 1 if load return value - - &comment("mul a[$ai]*b[$bi]"); - - # "eax" and "edx" will always be pre-loaded. - # &mov("eax",&DWP($ai*4,$a,"",0)) ; - # &mov("edx",&DWP($bi*4,$b,"",0)); - - &mul("edx"); - &add($c0,"eax"); - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a - &mov("eax",&wparam(0)) if $pos > 0; # load r[] - ### - &adc($c1,"edx"); - &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0; # load next b - &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1; # load next b - ### - &adc($c2,0); - # is pos > 1, it means it is the last loop - &mov(&DWP($i*4,"eax","",0),$c0) if $pos > 0; # save r[]; - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next a - } - -sub sqr_add_c - { - local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_; - - # pos == -1 if eax and edx are pre-loaded, 0 to load from next - # words, and 1 if load return value - - &comment("sqr a[$ai]*a[$bi]"); - - # "eax" and "edx" will always be pre-loaded. - # &mov("eax",&DWP($ai*4,$a,"",0)) ; - # &mov("edx",&DWP($bi*4,$b,"",0)); - - if ($ai == $bi) - { &mul("eax");} - else - { &mul("edx");} - &add($c0,"eax"); - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a - ### - &adc($c1,"edx"); - &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos == 1) && ($na != $nb); - ### - &adc($c2,0); - # is pos > 1, it means it is the last loop - &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0; # save r[]; - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next b - } - -sub sqr_add_c2 - { - local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_; - - # pos == -1 if eax and edx are pre-loaded, 0 to load from next - # words, and 1 if load return value - - &comment("sqr a[$ai]*a[$bi]"); - - # "eax" and "edx" will always be pre-loaded. - # &mov("eax",&DWP($ai*4,$a,"",0)) ; - # &mov("edx",&DWP($bi*4,$a,"",0)); - - if ($ai == $bi) - { &mul("eax");} - else - { &mul("edx");} - &add("eax","eax"); - ### - &adc("edx","edx"); - ### - &adc($c2,0); - &add($c0,"eax"); - &adc($c1,"edx"); - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next b - &adc($c2,0); - &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0; # save r[]; - &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos <= 1) && ($na != $nb); - ### - } - -sub bn_mul_comba - { - local($name,$num)=@_; - local($a,$b,$c0,$c1,$c2); - local($i,$as,$ae,$bs,$be,$ai,$bi); - local($tot,$end); - - &function_begin_B($name,""); - - $c0="ebx"; - $c1="ecx"; - $c2="ebp"; - $a="esi"; - $b="edi"; - - $as=0; - $ae=0; - $bs=0; - $be=0; - $tot=$num+$num-1; - - &push("esi"); - &mov($a,&wparam(1)); - &push("edi"); - &mov($b,&wparam(2)); - &push("ebp"); - &push("ebx"); - - &xor($c0,$c0); - &mov("eax",&DWP(0,$a,"",0)); # load the first word - &xor($c1,$c1); - &mov("edx",&DWP(0,$b,"",0)); # load the first second - - for ($i=0; $i<$tot; $i++) - { - $ai=$as; - $bi=$bs; - $end=$be+1; - - &comment("################## Calculate word $i"); - - for ($j=$bs; $j<$end; $j++) - { - &xor($c2,$c2) if ($j == $bs); - if (($j+1) == $end) - { - $v=1; - $v=2 if (($i+1) == $tot); - } - else - { $v=0; } - if (($j+1) != $end) - { - $na=($ai-1); - $nb=($bi+1); - } - else - { - $na=$as+($i < ($num-1)); - $nb=$bs+($i >= ($num-1)); - } -#printf STDERR "[$ai,$bi] -> [$na,$nb]\n"; - &mul_add_c($a,$ai,$b,$bi,$c0,$c1,$c2,$v,$i,$na,$nb); - if ($v) - { - &comment("saved r[$i]"); - # &mov("eax",&wparam(0)); - # &mov(&DWP($i*4,"eax","",0),$c0); - ($c0,$c1,$c2)=($c1,$c2,$c0); - } - $ai--; - $bi++; - } - $as++ if ($i < ($num-1)); - $ae++ if ($i >= ($num-1)); - - $bs++ if ($i >= ($num-1)); - $be++ if ($i < ($num-1)); - } - &comment("save r[$i]"); - # &mov("eax",&wparam(0)); - &mov(&DWP($i*4,"eax","",0),$c0); - - &pop("ebx"); - &pop("ebp"); - &pop("edi"); - &pop("esi"); - &ret(); - &function_end_B($name); - } - -sub bn_sqr_comba - { - local($name,$num)=@_; - local($r,$a,$c0,$c1,$c2)=@_; - local($i,$as,$ae,$bs,$be,$ai,$bi); - local($b,$tot,$end,$half); - - &function_begin_B($name,""); - - $c0="ebx"; - $c1="ecx"; - $c2="ebp"; - $a="esi"; - $r="edi"; - - &push("esi"); - &push("edi"); - &push("ebp"); - &push("ebx"); - &mov($r,&wparam(0)); - &mov($a,&wparam(1)); - &xor($c0,$c0); - &xor($c1,$c1); - &mov("eax",&DWP(0,$a,"",0)); # load the first word - - $as=0; - $ae=0; - $bs=0; - $be=0; - $tot=$num+$num-1; - - for ($i=0; $i<$tot; $i++) - { - $ai=$as; - $bi=$bs; - $end=$be+1; - - &comment("############### Calculate word $i"); - for ($j=$bs; $j<$end; $j++) - { - &xor($c2,$c2) if ($j == $bs); - if (($ai-1) < ($bi+1)) - { - $v=1; - $v=2 if ($i+1) == $tot; - } - else - { $v=0; } - if (!$v) - { - $na=$ai-1; - $nb=$bi+1; - } - else - { - $na=$as+($i < ($num-1)); - $nb=$bs+($i >= ($num-1)); - } - if ($ai == $bi) - { - &sqr_add_c($r,$a,$ai,$bi, - $c0,$c1,$c2,$v,$i,$na,$nb); - } - else - { - &sqr_add_c2($r,$a,$ai,$bi, - $c0,$c1,$c2,$v,$i,$na,$nb); - } - if ($v) - { - &comment("saved r[$i]"); - #&mov(&DWP($i*4,$r,"",0),$c0); - ($c0,$c1,$c2)=($c1,$c2,$c0); - last; - } - $ai--; - $bi++; - } - $as++ if ($i < ($num-1)); - $ae++ if ($i >= ($num-1)); - - $bs++ if ($i >= ($num-1)); - $be++ if ($i < ($num-1)); - } - &mov(&DWP($i*4,$r,"",0),$c0); - &pop("ebx"); - &pop("ebp"); - &pop("edi"); - &pop("esi"); - &ret(); - &function_end_B($name); - } diff --git a/src/lib/libcrypto/bn/asm/mips-mont.pl b/src/lib/libcrypto/bn/asm/mips-mont.pl deleted file mode 100644 index caae04ed3a..0000000000 --- a/src/lib/libcrypto/bn/asm/mips-mont.pl +++ /dev/null @@ -1,426 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# This module doesn't present direct interest for OpenSSL, because it -# doesn't provide better performance for longer keys, at least not on -# in-order-execution cores. While 512-bit RSA sign operations can be -# 65% faster in 64-bit mode, 1024-bit ones are only 15% faster, and -# 4096-bit ones are up to 15% slower. In 32-bit mode it varies from -# 16% improvement for 512-bit RSA sign to -33% for 4096-bit RSA -# verify:-( All comparisons are against bn_mul_mont-free assembler. -# The module might be of interest to embedded system developers, as -# the code is smaller than 1KB, yet offers >3x improvement on MIPS64 -# and 75-30% [less for longer keys] on MIPS32 over compiler-generated -# code. - -###################################################################### -# There is a number of MIPS ABI in use, O32 and N32/64 are most -# widely used. Then there is a new contender: NUBI. It appears that if -# one picks the latter, it's possible to arrange code in ABI neutral -# manner. Therefore let's stick to NUBI register layout: -# -($zero,$at,$t0,$t1,$t2)=map("\$$_",(0..2,24,25)); -($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11)); -($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7,$s8,$s9,$s10,$s11)=map("\$$_",(12..23)); -($gp,$tp,$sp,$fp,$ra)=map("\$$_",(3,28..31)); -# -# The return value is placed in $a0. Following coding rules facilitate -# interoperability: -# -# - never ever touch $tp, "thread pointer", former $gp; -# - copy return value to $t0, former $v0 [or to $a0 if you're adapting -# old code]; -# - on O32 populate $a4-$a7 with 'lw $aN,4*N($sp)' if necessary; -# -# For reference here is register layout for N32/64 MIPS ABIs: -# -# ($zero,$at,$v0,$v1)=map("\$$_",(0..3)); -# ($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11)); -# ($t0,$t1,$t2,$t3,$t8,$t9)=map("\$$_",(12..15,24,25)); -# ($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7)=map("\$$_",(16..23)); -# ($gp,$sp,$fp,$ra)=map("\$$_",(28..31)); -# -$flavour = shift; # supported flavours are o32,n32,64,nubi32,nubi64 - -if ($flavour =~ /64|n32/i) { - $PTR_ADD="dadd"; # incidentally works even on n32 - $PTR_SUB="dsub"; # incidentally works even on n32 - $REG_S="sd"; - $REG_L="ld"; - $SZREG=8; -} else { - $PTR_ADD="add"; - $PTR_SUB="sub"; - $REG_S="sw"; - $REG_L="lw"; - $SZREG=4; -} -$SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0x00fff000 : 0x00ff0000; -# -# -# -###################################################################### - -while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {} -open STDOUT,">$output"; - -if ($flavour =~ /64|n32/i) { - $LD="ld"; - $ST="sd"; - $MULTU="dmultu"; - $ADDU="daddu"; - $SUBU="dsubu"; - $BNSZ=8; -} else { - $LD="lw"; - $ST="sw"; - $MULTU="multu"; - $ADDU="addu"; - $SUBU="subu"; - $BNSZ=4; -} - -# int bn_mul_mont( -$rp=$a0; # BN_ULONG *rp, -$ap=$a1; # const BN_ULONG *ap, -$bp=$a2; # const BN_ULONG *bp, -$np=$a3; # const BN_ULONG *np, -$n0=$a4; # const BN_ULONG *n0, -$num=$a5; # int num); - -$lo0=$a6; -$hi0=$a7; -$lo1=$t1; -$hi1=$t2; -$aj=$s0; -$bi=$s1; -$nj=$s2; -$tp=$s3; -$alo=$s4; -$ahi=$s5; -$nlo=$s6; -$nhi=$s7; -$tj=$s8; -$i=$s9; -$j=$s10; -$m1=$s11; - -$FRAMESIZE=14; - -$code=<<___; -.text - -.set noat -.set noreorder - -.align 5 -.globl bn_mul_mont -.ent bn_mul_mont -bn_mul_mont: -___ -$code.=<<___ if ($flavour =~ /o32/i); - lw $n0,16($sp) - lw $num,20($sp) -___ -$code.=<<___; - slt $at,$num,4 - bnez $at,1f - li $t0,0 - slt $at,$num,17 # on in-order CPU - bnez $at,bn_mul_mont_internal - nop -1: jr $ra - li $a0,0 -.end bn_mul_mont - -.align 5 -.ent bn_mul_mont_internal -bn_mul_mont_internal: - .frame $fp,$FRAMESIZE*$SZREG,$ra - .mask 0x40000000|$SAVED_REGS_MASK,-$SZREG - $PTR_SUB $sp,$FRAMESIZE*$SZREG - $REG_S $fp,($FRAMESIZE-1)*$SZREG($sp) - $REG_S $s11,($FRAMESIZE-2)*$SZREG($sp) - $REG_S $s10,($FRAMESIZE-3)*$SZREG($sp) - $REG_S $s9,($FRAMESIZE-4)*$SZREG($sp) - $REG_S $s8,($FRAMESIZE-5)*$SZREG($sp) - $REG_S $s7,($FRAMESIZE-6)*$SZREG($sp) - $REG_S $s6,($FRAMESIZE-7)*$SZREG($sp) - $REG_S $s5,($FRAMESIZE-8)*$SZREG($sp) - $REG_S $s4,($FRAMESIZE-9)*$SZREG($sp) -___ -$code.=<<___ if ($flavour =~ /nubi/i); - $REG_S $s3,($FRAMESIZE-10)*$SZREG($sp) - $REG_S $s2,($FRAMESIZE-11)*$SZREG($sp) - $REG_S $s1,($FRAMESIZE-12)*$SZREG($sp) - $REG_S $s0,($FRAMESIZE-13)*$SZREG($sp) -___ -$code.=<<___; - move $fp,$sp - - .set reorder - $LD $n0,0($n0) - $LD $bi,0($bp) # bp[0] - $LD $aj,0($ap) # ap[0] - $LD $nj,0($np) # np[0] - - $PTR_SUB $sp,2*$BNSZ # place for two extra words - sll $num,`log($BNSZ)/log(2)` - li $at,-4096 - $PTR_SUB $sp,$num - and $sp,$at - - $MULTU $aj,$bi - $LD $alo,$BNSZ($ap) - $LD $nlo,$BNSZ($np) - mflo $lo0 - mfhi $hi0 - $MULTU $lo0,$n0 - mflo $m1 - - $MULTU $alo,$bi - mflo $alo - mfhi $ahi - - $MULTU $nj,$m1 - mflo $lo1 - mfhi $hi1 - $MULTU $nlo,$m1 - $ADDU $lo1,$lo0 - sltu $at,$lo1,$lo0 - $ADDU $hi1,$at - mflo $nlo - mfhi $nhi - - move $tp,$sp - li $j,2*$BNSZ -.align 4 -.L1st: - .set noreorder - $PTR_ADD $aj,$ap,$j - $PTR_ADD $nj,$np,$j - $LD $aj,($aj) - $LD $nj,($nj) - - $MULTU $aj,$bi - $ADDU $lo0,$alo,$hi0 - $ADDU $lo1,$nlo,$hi1 - sltu $at,$lo0,$hi0 - sltu $t0,$lo1,$hi1 - $ADDU $hi0,$ahi,$at - $ADDU $hi1,$nhi,$t0 - mflo $alo - mfhi $ahi - - $ADDU $lo1,$lo0 - sltu $at,$lo1,$lo0 - $MULTU $nj,$m1 - $ADDU $hi1,$at - addu $j,$BNSZ - $ST $lo1,($tp) - sltu $t0,$j,$num - mflo $nlo - mfhi $nhi - - bnez $t0,.L1st - $PTR_ADD $tp,$BNSZ - .set reorder - - $ADDU $lo0,$alo,$hi0 - sltu $at,$lo0,$hi0 - $ADDU $hi0,$ahi,$at - - $ADDU $lo1,$nlo,$hi1 - sltu $t0,$lo1,$hi1 - $ADDU $hi1,$nhi,$t0 - $ADDU $lo1,$lo0 - sltu $at,$lo1,$lo0 - $ADDU $hi1,$at - - $ST $lo1,($tp) - - $ADDU $hi1,$hi0 - sltu $at,$hi1,$hi0 - $ST $hi1,$BNSZ($tp) - $ST $at,2*$BNSZ($tp) - - li $i,$BNSZ -.align 4 -.Louter: - $PTR_ADD $bi,$bp,$i - $LD $bi,($bi) - $LD $aj,($ap) - $LD $alo,$BNSZ($ap) - $LD $tj,($sp) - - $MULTU $aj,$bi - $LD $nj,($np) - $LD $nlo,$BNSZ($np) - mflo $lo0 - mfhi $hi0 - $ADDU $lo0,$tj - $MULTU $lo0,$n0 - sltu $at,$lo0,$tj - $ADDU $hi0,$at - mflo $m1 - - $MULTU $alo,$bi - mflo $alo - mfhi $ahi - - $MULTU $nj,$m1 - mflo $lo1 - mfhi $hi1 - - $MULTU $nlo,$m1 - $ADDU $lo1,$lo0 - sltu $at,$lo1,$lo0 - $ADDU $hi1,$at - mflo $nlo - mfhi $nhi - - move $tp,$sp - li $j,2*$BNSZ - $LD $tj,$BNSZ($tp) -.align 4 -.Linner: - .set noreorder - $PTR_ADD $aj,$ap,$j - $PTR_ADD $nj,$np,$j - $LD $aj,($aj) - $LD $nj,($nj) - - $MULTU $aj,$bi - $ADDU $lo0,$alo,$hi0 - $ADDU $lo1,$nlo,$hi1 - sltu $at,$lo0,$hi0 - sltu $t0,$lo1,$hi1 - $ADDU $hi0,$ahi,$at - $ADDU $hi1,$nhi,$t0 - mflo $alo - mfhi $ahi - - $ADDU $lo0,$tj - addu $j,$BNSZ - $MULTU $nj,$m1 - sltu $at,$lo0,$tj - $ADDU $lo1,$lo0 - $ADDU $hi0,$at - sltu $t0,$lo1,$lo0 - $LD $tj,2*$BNSZ($tp) - $ADDU $hi1,$t0 - sltu $at,$j,$num - mflo $nlo - mfhi $nhi - $ST $lo1,($tp) - bnez $at,.Linner - $PTR_ADD $tp,$BNSZ - .set reorder - - $ADDU $lo0,$alo,$hi0 - sltu $at,$lo0,$hi0 - $ADDU $hi0,$ahi,$at - $ADDU $lo0,$tj - sltu $t0,$lo0,$tj - $ADDU $hi0,$t0 - - $LD $tj,2*$BNSZ($tp) - $ADDU $lo1,$nlo,$hi1 - sltu $at,$lo1,$hi1 - $ADDU $hi1,$nhi,$at - $ADDU $lo1,$lo0 - sltu $t0,$lo1,$lo0 - $ADDU $hi1,$t0 - $ST $lo1,($tp) - - $ADDU $lo1,$hi1,$hi0 - sltu $hi1,$lo1,$hi0 - $ADDU $lo1,$tj - sltu $at,$lo1,$tj - $ADDU $hi1,$at - $ST $lo1,$BNSZ($tp) - $ST $hi1,2*$BNSZ($tp) - - addu $i,$BNSZ - sltu $t0,$i,$num - bnez $t0,.Louter - - .set noreorder - $PTR_ADD $tj,$sp,$num # &tp[num] - move $tp,$sp - move $ap,$sp - li $hi0,0 # clear borrow bit - -.align 4 -.Lsub: $LD $lo0,($tp) - $LD $lo1,($np) - $PTR_ADD $tp,$BNSZ - $PTR_ADD $np,$BNSZ - $SUBU $lo1,$lo0,$lo1 # tp[i]-np[i] - sgtu $at,$lo1,$lo0 - $SUBU $lo0,$lo1,$hi0 - sgtu $hi0,$lo0,$lo1 - $ST $lo0,($rp) - or $hi0,$at - sltu $at,$tp,$tj - bnez $at,.Lsub - $PTR_ADD $rp,$BNSZ - - $SUBU $hi0,$hi1,$hi0 # handle upmost overflow bit - move $tp,$sp - $PTR_SUB $rp,$num # restore rp - not $hi1,$hi0 - - and $ap,$hi0,$sp - and $bp,$hi1,$rp - or $ap,$ap,$bp # ap=borrow?tp:rp - -.align 4 -.Lcopy: $LD $aj,($ap) - $PTR_ADD $ap,$BNSZ - $ST $zero,($tp) - $PTR_ADD $tp,$BNSZ - sltu $at,$tp,$tj - $ST $aj,($rp) - bnez $at,.Lcopy - $PTR_ADD $rp,$BNSZ - - li $a0,1 - li $t0,1 - - .set noreorder - move $sp,$fp - $REG_L $fp,($FRAMESIZE-1)*$SZREG($sp) - $REG_L $s11,($FRAMESIZE-2)*$SZREG($sp) - $REG_L $s10,($FRAMESIZE-3)*$SZREG($sp) - $REG_L $s9,($FRAMESIZE-4)*$SZREG($sp) - $REG_L $s8,($FRAMESIZE-5)*$SZREG($sp) - $REG_L $s7,($FRAMESIZE-6)*$SZREG($sp) - $REG_L $s6,($FRAMESIZE-7)*$SZREG($sp) - $REG_L $s5,($FRAMESIZE-8)*$SZREG($sp) - $REG_L $s4,($FRAMESIZE-9)*$SZREG($sp) -___ -$code.=<<___ if ($flavour =~ /nubi/i); - $REG_L $s3,($FRAMESIZE-10)*$SZREG($sp) - $REG_L $s2,($FRAMESIZE-11)*$SZREG($sp) - $REG_L $s1,($FRAMESIZE-12)*$SZREG($sp) - $REG_L $s0,($FRAMESIZE-13)*$SZREG($sp) -___ -$code.=<<___; - jr $ra - $PTR_ADD $sp,$FRAMESIZE*$SZREG -.end bn_mul_mont_internal -.rdata -.asciiz "Montgomery Multiplication for MIPS, CRYPTOGAMS by " -___ - -$code =~ s/\`([^\`]*)\`/eval $1/gem; - -print $code; -close STDOUT; diff --git a/src/lib/libcrypto/bn/asm/mips.pl b/src/lib/libcrypto/bn/asm/mips.pl deleted file mode 100644 index 02d43e15b0..0000000000 --- a/src/lib/libcrypto/bn/asm/mips.pl +++ /dev/null @@ -1,2234 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. -# -# Rights for redistribution and usage in source and binary forms are -# granted according to the OpenSSL license. Warranty of any kind is -# disclaimed. -# ==================================================================== - - -# July 1999 -# -# This is drop-in MIPS III/IV ISA replacement for crypto/bn/bn_asm.c. -# -# The module is designed to work with either of the "new" MIPS ABI(5), -# namely N32 or N64, offered by IRIX 6.x. It's not meant to work under -# IRIX 5.x not only because it doesn't support new ABIs but also -# because 5.x kernels put R4x00 CPU into 32-bit mode and all those -# 64-bit instructions (daddu, dmultu, etc.) found below gonna only -# cause illegal instruction exception:-( -# -# In addition the code depends on preprocessor flags set up by MIPSpro -# compiler driver (either as or cc) and therefore (probably?) can't be -# compiled by the GNU assembler. GNU C driver manages fine though... -# I mean as long as -mmips-as is specified or is the default option, -# because then it simply invokes /usr/bin/as which in turn takes -# perfect care of the preprocessor definitions. Another neat feature -# offered by the MIPSpro assembler is an optimization pass. This gave -# me the opportunity to have the code looking more regular as all those -# architecture dependent instruction rescheduling details were left to -# the assembler. Cool, huh? -# -# Performance improvement is astonishing! 'apps/openssl speed rsa dsa' -# goes way over 3 times faster! -# -# - -# October 2010 -# -# Adapt the module even for 32-bit ABIs and other OSes. The former was -# achieved by mechanical replacement of 64-bit arithmetic instructions -# such as dmultu, daddu, etc. with their 32-bit counterparts and -# adjusting offsets denoting multiples of BN_ULONG. Above mentioned -# >3x performance improvement naturally does not apply to 32-bit code -# [because there is no instruction 32-bit compiler can't use], one -# has to content with 40-85% improvement depending on benchmark and -# key length, more for longer keys. - -$flavour = shift; -while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {} -open STDOUT,">$output"; - -if ($flavour =~ /64|n32/i) { - $LD="ld"; - $ST="sd"; - $MULTU="dmultu"; - $DIVU="ddivu"; - $ADDU="daddu"; - $SUBU="dsubu"; - $SRL="dsrl"; - $SLL="dsll"; - $BNSZ=8; - $PTR_ADD="daddu"; - $PTR_SUB="dsubu"; - $SZREG=8; - $REG_S="sd"; - $REG_L="ld"; -} else { - $LD="lw"; - $ST="sw"; - $MULTU="multu"; - $DIVU="divu"; - $ADDU="addu"; - $SUBU="subu"; - $SRL="srl"; - $SLL="sll"; - $BNSZ=4; - $PTR_ADD="addu"; - $PTR_SUB="subu"; - $SZREG=4; - $REG_S="sw"; - $REG_L="lw"; - $code=".set mips2\n"; -} - -# Below is N32/64 register layout used in the original module. -# -($zero,$at,$v0,$v1)=map("\$$_",(0..3)); -($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11)); -($t0,$t1,$t2,$t3,$t8,$t9)=map("\$$_",(12..15,24,25)); -($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7)=map("\$$_",(16..23)); -($gp,$sp,$fp,$ra)=map("\$$_",(28..31)); -($ta0,$ta1,$ta2,$ta3)=($a4,$a5,$a6,$a7); -# -# No special adaptation is required for O32. NUBI on the other hand -# is treated by saving/restoring ($v1,$t0..$t3). - -$gp=$v1 if ($flavour =~ /nubi/i); - -$minus4=$v1; - -$code.=<<___; -.rdata -.asciiz "mips3.s, Version 1.2" -.asciiz "MIPS II/III/IV ISA artwork by Andy Polyakov " - -.text -.set noat - -.align 5 -.globl bn_mul_add_words -.ent bn_mul_add_words -bn_mul_add_words: - .set noreorder - bgtz $a2,bn_mul_add_words_internal - move $v0,$zero - jr $ra - move $a0,$v0 -.end bn_mul_add_words - -.align 5 -.ent bn_mul_add_words_internal -bn_mul_add_words_internal: -___ -$code.=<<___ if ($flavour =~ /nubi/i); - .frame $sp,6*$SZREG,$ra - .mask 0x8000f008,-$SZREG - .set noreorder - $PTR_SUB $sp,6*$SZREG - $REG_S $ra,5*$SZREG($sp) - $REG_S $t3,4*$SZREG($sp) - $REG_S $t2,3*$SZREG($sp) - $REG_S $t1,2*$SZREG($sp) - $REG_S $t0,1*$SZREG($sp) - $REG_S $gp,0*$SZREG($sp) -___ -$code.=<<___; - .set reorder - li $minus4,-4 - and $ta0,$a2,$minus4 - beqz $ta0,.L_bn_mul_add_words_tail - -.L_bn_mul_add_words_loop: - $LD $t0,0($a1) - $MULTU $t0,$a3 - $LD $t1,0($a0) - $LD $t2,$BNSZ($a1) - $LD $t3,$BNSZ($a0) - $LD $ta0,2*$BNSZ($a1) - $LD $ta1,2*$BNSZ($a0) - $ADDU $t1,$v0 - sltu $v0,$t1,$v0 # All manuals say it "compares 32-bit - # values", but it seems to work fine - # even on 64-bit registers. - mflo $at - mfhi $t0 - $ADDU $t1,$at - $ADDU $v0,$t0 - $MULTU $t2,$a3 - sltu $at,$t1,$at - $ST $t1,0($a0) - $ADDU $v0,$at - - $LD $ta2,3*$BNSZ($a1) - $LD $ta3,3*$BNSZ($a0) - $ADDU $t3,$v0 - sltu $v0,$t3,$v0 - mflo $at - mfhi $t2 - $ADDU $t3,$at - $ADDU $v0,$t2 - $MULTU $ta0,$a3 - sltu $at,$t3,$at - $ST $t3,$BNSZ($a0) - $ADDU $v0,$at - - subu $a2,4 - $PTR_ADD $a0,4*$BNSZ - $PTR_ADD $a1,4*$BNSZ - $ADDU $ta1,$v0 - sltu $v0,$ta1,$v0 - mflo $at - mfhi $ta0 - $ADDU $ta1,$at - $ADDU $v0,$ta0 - $MULTU $ta2,$a3 - sltu $at,$ta1,$at - $ST $ta1,-2*$BNSZ($a0) - $ADDU $v0,$at - - - and $ta0,$a2,$minus4 - $ADDU $ta3,$v0 - sltu $v0,$ta3,$v0 - mflo $at - mfhi $ta2 - $ADDU $ta3,$at - $ADDU $v0,$ta2 - sltu $at,$ta3,$at - $ST $ta3,-$BNSZ($a0) - .set noreorder - bgtz $ta0,.L_bn_mul_add_words_loop - $ADDU $v0,$at - - beqz $a2,.L_bn_mul_add_words_return - nop - -.L_bn_mul_add_words_tail: - .set reorder - $LD $t0,0($a1) - $MULTU $t0,$a3 - $LD $t1,0($a0) - subu $a2,1 - $ADDU $t1,$v0 - sltu $v0,$t1,$v0 - mflo $at - mfhi $t0 - $ADDU $t1,$at - $ADDU $v0,$t0 - sltu $at,$t1,$at - $ST $t1,0($a0) - $ADDU $v0,$at - beqz $a2,.L_bn_mul_add_words_return - - $LD $t0,$BNSZ($a1) - $MULTU $t0,$a3 - $LD $t1,$BNSZ($a0) - subu $a2,1 - $ADDU $t1,$v0 - sltu $v0,$t1,$v0 - mflo $at - mfhi $t0 - $ADDU $t1,$at - $ADDU $v0,$t0 - sltu $at,$t1,$at - $ST $t1,$BNSZ($a0) - $ADDU $v0,$at - beqz $a2,.L_bn_mul_add_words_return - - $LD $t0,2*$BNSZ($a1) - $MULTU $t0,$a3 - $LD $t1,2*$BNSZ($a0) - $ADDU $t1,$v0 - sltu $v0,$t1,$v0 - mflo $at - mfhi $t0 - $ADDU $t1,$at - $ADDU $v0,$t0 - sltu $at,$t1,$at - $ST $t1,2*$BNSZ($a0) - $ADDU $v0,$at - -.L_bn_mul_add_words_return: - .set noreorder -___ -$code.=<<___ if ($flavour =~ /nubi/i); - $REG_L $t3,4*$SZREG($sp) - $REG_L $t2,3*$SZREG($sp) - $REG_L $t1,2*$SZREG($sp) - $REG_L $t0,1*$SZREG($sp) - $REG_L $gp,0*$SZREG($sp) - $PTR_ADD $sp,6*$SZREG -___ -$code.=<<___; - jr $ra - move $a0,$v0 -.end bn_mul_add_words_internal - -.align 5 -.globl bn_mul_words -.ent bn_mul_words -bn_mul_words: - .set noreorder - bgtz $a2,bn_mul_words_internal - move $v0,$zero - jr $ra - move $a0,$v0 -.end bn_mul_words - -.align 5 -.ent bn_mul_words_internal -bn_mul_words_internal: -___ -$code.=<<___ if ($flavour =~ /nubi/i); - .frame $sp,6*$SZREG,$ra - .mask 0x8000f008,-$SZREG - .set noreorder - $PTR_SUB $sp,6*$SZREG - $REG_S $ra,5*$SZREG($sp) - $REG_S $t3,4*$SZREG($sp) - $REG_S $t2,3*$SZREG($sp) - $REG_S $t1,2*$SZREG($sp) - $REG_S $t0,1*$SZREG($sp) - $REG_S $gp,0*$SZREG($sp) -___ -$code.=<<___; - .set reorder - li $minus4,-4 - and $ta0,$a2,$minus4 - beqz $ta0,.L_bn_mul_words_tail - -.L_bn_mul_words_loop: - $LD $t0,0($a1) - $MULTU $t0,$a3 - $LD $t2,$BNSZ($a1) - $LD $ta0,2*$BNSZ($a1) - $LD $ta2,3*$BNSZ($a1) - mflo $at - mfhi $t0 - $ADDU $v0,$at - sltu $t1,$v0,$at - $MULTU $t2,$a3 - $ST $v0,0($a0) - $ADDU $v0,$t1,$t0 - - subu $a2,4 - $PTR_ADD $a0,4*$BNSZ - $PTR_ADD $a1,4*$BNSZ - mflo $at - mfhi $t2 - $ADDU $v0,$at - sltu $t3,$v0,$at - $MULTU $ta0,$a3 - $ST $v0,-3*$BNSZ($a0) - $ADDU $v0,$t3,$t2 - - mflo $at - mfhi $ta0 - $ADDU $v0,$at - sltu $ta1,$v0,$at - $MULTU $ta2,$a3 - $ST $v0,-2*$BNSZ($a0) - $ADDU $v0,$ta1,$ta0 - - and $ta0,$a2,$minus4 - mflo $at - mfhi $ta2 - $ADDU $v0,$at - sltu $ta3,$v0,$at - $ST $v0,-$BNSZ($a0) - .set noreorder - bgtz $ta0,.L_bn_mul_words_loop - $ADDU $v0,$ta3,$ta2 - - beqz $a2,.L_bn_mul_words_return - nop - -.L_bn_mul_words_tail: - .set reorder - $LD $t0,0($a1) - $MULTU $t0,$a3 - subu $a2,1 - mflo $at - mfhi $t0 - $ADDU $v0,$at - sltu $t1,$v0,$at - $ST $v0,0($a0) - $ADDU $v0,$t1,$t0 - beqz $a2,.L_bn_mul_words_return - - $LD $t0,$BNSZ($a1) - $MULTU $t0,$a3 - subu $a2,1 - mflo $at - mfhi $t0 - $ADDU $v0,$at - sltu $t1,$v0,$at - $ST $v0,$BNSZ($a0) - $ADDU $v0,$t1,$t0 - beqz $a2,.L_bn_mul_words_return - - $LD $t0,2*$BNSZ($a1) - $MULTU $t0,$a3 - mflo $at - mfhi $t0 - $ADDU $v0,$at - sltu $t1,$v0,$at - $ST $v0,2*$BNSZ($a0) - $ADDU $v0,$t1,$t0 - -.L_bn_mul_words_return: - .set noreorder -___ -$code.=<<___ if ($flavour =~ /nubi/i); - $REG_L $t3,4*$SZREG($sp) - $REG_L $t2,3*$SZREG($sp) - $REG_L $t1,2*$SZREG($sp) - $REG_L $t0,1*$SZREG($sp) - $REG_L $gp,0*$SZREG($sp) - $PTR_ADD $sp,6*$SZREG -___ -$code.=<<___; - jr $ra - move $a0,$v0 -.end bn_mul_words_internal - -.align 5 -.globl bn_sqr_words -.ent bn_sqr_words -bn_sqr_words: - .set noreorder - bgtz $a2,bn_sqr_words_internal - move $v0,$zero - jr $ra - move $a0,$v0 -.end bn_sqr_words - -.align 5 -.ent bn_sqr_words_internal -bn_sqr_words_internal: -___ -$code.=<<___ if ($flavour =~ /nubi/i); - .frame $sp,6*$SZREG,$ra - .mask 0x8000f008,-$SZREG - .set noreorder - $PTR_SUB $sp,6*$SZREG - $REG_S $ra,5*$SZREG($sp) - $REG_S $t3,4*$SZREG($sp) - $REG_S $t2,3*$SZREG($sp) - $REG_S $t1,2*$SZREG($sp) - $REG_S $t0,1*$SZREG($sp) - $REG_S $gp,0*$SZREG($sp) -___ -$code.=<<___; - .set reorder - li $minus4,-4 - and $ta0,$a2,$minus4 - beqz $ta0,.L_bn_sqr_words_tail - -.L_bn_sqr_words_loop: - $LD $t0,0($a1) - $MULTU $t0,$t0 - $LD $t2,$BNSZ($a1) - $LD $ta0,2*$BNSZ($a1) - $LD $ta2,3*$BNSZ($a1) - mflo $t1 - mfhi $t0 - $ST $t1,0($a0) - $ST $t0,$BNSZ($a0) - - $MULTU $t2,$t2 - subu $a2,4 - $PTR_ADD $a0,8*$BNSZ - $PTR_ADD $a1,4*$BNSZ - mflo $t3 - mfhi $t2 - $ST $t3,-6*$BNSZ($a0) - $ST $t2,-5*$BNSZ($a0) - - $MULTU $ta0,$ta0 - mflo $ta1 - mfhi $ta0 - $ST $ta1,-4*$BNSZ($a0) - $ST $ta0,-3*$BNSZ($a0) - - - $MULTU $ta2,$ta2 - and $ta0,$a2,$minus4 - mflo $ta3 - mfhi $ta2 - $ST $ta3,-2*$BNSZ($a0) - - .set noreorder - bgtz $ta0,.L_bn_sqr_words_loop - $ST $ta2,-$BNSZ($a0) - - beqz $a2,.L_bn_sqr_words_return - nop - -.L_bn_sqr_words_tail: - .set reorder - $LD $t0,0($a1) - $MULTU $t0,$t0 - subu $a2,1 - mflo $t1 - mfhi $t0 - $ST $t1,0($a0) - $ST $t0,$BNSZ($a0) - beqz $a2,.L_bn_sqr_words_return - - $LD $t0,$BNSZ($a1) - $MULTU $t0,$t0 - subu $a2,1 - mflo $t1 - mfhi $t0 - $ST $t1,2*$BNSZ($a0) - $ST $t0,3*$BNSZ($a0) - beqz $a2,.L_bn_sqr_words_return - - $LD $t0,2*$BNSZ($a1) - $MULTU $t0,$t0 - mflo $t1 - mfhi $t0 - $ST $t1,4*$BNSZ($a0) - $ST $t0,5*$BNSZ($a0) - -.L_bn_sqr_words_return: - .set noreorder -___ -$code.=<<___ if ($flavour =~ /nubi/i); - $REG_L $t3,4*$SZREG($sp) - $REG_L $t2,3*$SZREG($sp) - $REG_L $t1,2*$SZREG($sp) - $REG_L $t0,1*$SZREG($sp) - $REG_L $gp,0*$SZREG($sp) - $PTR_ADD $sp,6*$SZREG -___ -$code.=<<___; - jr $ra - move $a0,$v0 - -.end bn_sqr_words_internal - -.align 5 -.globl bn_add_words -.ent bn_add_words -bn_add_words: - .set noreorder - bgtz $a3,bn_add_words_internal - move $v0,$zero - jr $ra - move $a0,$v0 -.end bn_add_words - -.align 5 -.ent bn_add_words_internal -bn_add_words_internal: -___ -$code.=<<___ if ($flavour =~ /nubi/i); - .frame $sp,6*$SZREG,$ra - .mask 0x8000f008,-$SZREG - .set noreorder - $PTR_SUB $sp,6*$SZREG - $REG_S $ra,5*$SZREG($sp) - $REG_S $t3,4*$SZREG($sp) - $REG_S $t2,3*$SZREG($sp) - $REG_S $t1,2*$SZREG($sp) - $REG_S $t0,1*$SZREG($sp) - $REG_S $gp,0*$SZREG($sp) -___ -$code.=<<___; - .set reorder - li $minus4,-4 - and $at,$a3,$minus4 - beqz $at,.L_bn_add_words_tail - -.L_bn_add_words_loop: - $LD $t0,0($a1) - $LD $ta0,0($a2) - subu $a3,4 - $LD $t1,$BNSZ($a1) - and $at,$a3,$minus4 - $LD $t2,2*$BNSZ($a1) - $PTR_ADD $a2,4*$BNSZ - $LD $t3,3*$BNSZ($a1) - $PTR_ADD $a0,4*$BNSZ - $LD $ta1,-3*$BNSZ($a2) - $PTR_ADD $a1,4*$BNSZ - $LD $ta2,-2*$BNSZ($a2) - $LD $ta3,-$BNSZ($a2) - $ADDU $ta0,$t0 - sltu $t8,$ta0,$t0 - $ADDU $t0,$ta0,$v0 - sltu $v0,$t0,$ta0 - $ST $t0,-4*$BNSZ($a0) - $ADDU $v0,$t8 - - $ADDU $ta1,$t1 - sltu $t9,$ta1,$t1 - $ADDU $t1,$ta1,$v0 - sltu $v0,$t1,$ta1 - $ST $t1,-3*$BNSZ($a0) - $ADDU $v0,$t9 - - $ADDU $ta2,$t2 - sltu $t8,$ta2,$t2 - $ADDU $t2,$ta2,$v0 - sltu $v0,$t2,$ta2 - $ST $t2,-2*$BNSZ($a0) - $ADDU $v0,$t8 - - $ADDU $ta3,$t3 - sltu $t9,$ta3,$t3 - $ADDU $t3,$ta3,$v0 - sltu $v0,$t3,$ta3 - $ST $t3,-$BNSZ($a0) - - .set noreorder - bgtz $at,.L_bn_add_words_loop - $ADDU $v0,$t9 - - beqz $a3,.L_bn_add_words_return - nop - -.L_bn_add_words_tail: - .set reorder - $LD $t0,0($a1) - $LD $ta0,0($a2) - $ADDU $ta0,$t0 - subu $a3,1 - sltu $t8,$ta0,$t0 - $ADDU $t0,$ta0,$v0 - sltu $v0,$t0,$ta0 - $ST $t0,0($a0) - $ADDU $v0,$t8 - beqz $a3,.L_bn_add_words_return - - $LD $t1,$BNSZ($a1) - $LD $ta1,$BNSZ($a2) - $ADDU $ta1,$t1 - subu $a3,1 - sltu $t9,$ta1,$t1 - $ADDU $t1,$ta1,$v0 - sltu $v0,$t1,$ta1 - $ST $t1,$BNSZ($a0) - $ADDU $v0,$t9 - beqz $a3,.L_bn_add_words_return - - $LD $t2,2*$BNSZ($a1) - $LD $ta2,2*$BNSZ($a2) - $ADDU $ta2,$t2 - sltu $t8,$ta2,$t2 - $ADDU $t2,$ta2,$v0 - sltu $v0,$t2,$ta2 - $ST $t2,2*$BNSZ($a0) - $ADDU $v0,$t8 - -.L_bn_add_words_return: - .set noreorder -___ -$code.=<<___ if ($flavour =~ /nubi/i); - $REG_L $t3,4*$SZREG($sp) - $REG_L $t2,3*$SZREG($sp) - $REG_L $t1,2*$SZREG($sp) - $REG_L $t0,1*$SZREG($sp) - $REG_L $gp,0*$SZREG($sp) - $PTR_ADD $sp,6*$SZREG -___ -$code.=<<___; - jr $ra - move $a0,$v0 - -.end bn_add_words_internal - -.align 5 -.globl bn_sub_words -.ent bn_sub_words -bn_sub_words: - .set noreorder - bgtz $a3,bn_sub_words_internal - move $v0,$zero - jr $ra - move $a0,$zero -.end bn_sub_words - -.align 5 -.ent bn_sub_words_internal -bn_sub_words_internal: -___ -$code.=<<___ if ($flavour =~ /nubi/i); - .frame $sp,6*$SZREG,$ra - .mask 0x8000f008,-$SZREG - .set noreorder - $PTR_SUB $sp,6*$SZREG - $REG_S $ra,5*$SZREG($sp) - $REG_S $t3,4*$SZREG($sp) - $REG_S $t2,3*$SZREG($sp) - $REG_S $t1,2*$SZREG($sp) - $REG_S $t0,1*$SZREG($sp) - $REG_S $gp,0*$SZREG($sp) -___ -$code.=<<___; - .set reorder - li $minus4,-4 - and $at,$a3,$minus4 - beqz $at,.L_bn_sub_words_tail - -.L_bn_sub_words_loop: - $LD $t0,0($a1) - $LD $ta0,0($a2) - subu $a3,4 - $LD $t1,$BNSZ($a1) - and $at,$a3,$minus4 - $LD $t2,2*$BNSZ($a1) - $PTR_ADD $a2,4*$BNSZ - $LD $t3,3*$BNSZ($a1) - $PTR_ADD $a0,4*$BNSZ - $LD $ta1,-3*$BNSZ($a2) - $PTR_ADD $a1,4*$BNSZ - $LD $ta2,-2*$BNSZ($a2) - $LD $ta3,-$BNSZ($a2) - sltu $t8,$t0,$ta0 - $SUBU $ta0,$t0,$ta0 - $SUBU $t0,$ta0,$v0 - sgtu $v0,$t0,$ta0 - $ST $t0,-4*$BNSZ($a0) - $ADDU $v0,$t8 - - sltu $t9,$t1,$ta1 - $SUBU $ta1,$t1,$ta1 - $SUBU $t1,$ta1,$v0 - sgtu $v0,$t1,$ta1 - $ST $t1,-3*$BNSZ($a0) - $ADDU $v0,$t9 - - - sltu $t8,$t2,$ta2 - $SUBU $ta2,$t2,$ta2 - $SUBU $t2,$ta2,$v0 - sgtu $v0,$t2,$ta2 - $ST $t2,-2*$BNSZ($a0) - $ADDU $v0,$t8 - - sltu $t9,$t3,$ta3 - $SUBU $ta3,$t3,$ta3 - $SUBU $t3,$ta3,$v0 - sgtu $v0,$t3,$ta3 - $ST $t3,-$BNSZ($a0) - - .set noreorder - bgtz $at,.L_bn_sub_words_loop - $ADDU $v0,$t9 - - beqz $a3,.L_bn_sub_words_return - nop - -.L_bn_sub_words_tail: - .set reorder - $LD $t0,0($a1) - $LD $ta0,0($a2) - subu $a3,1 - sltu $t8,$t0,$ta0 - $SUBU $ta0,$t0,$ta0 - $SUBU $t0,$ta0,$v0 - sgtu $v0,$t0,$ta0 - $ST $t0,0($a0) - $ADDU $v0,$t8 - beqz $a3,.L_bn_sub_words_return - - $LD $t1,$BNSZ($a1) - subu $a3,1 - $LD $ta1,$BNSZ($a2) - sltu $t9,$t1,$ta1 - $SUBU $ta1,$t1,$ta1 - $SUBU $t1,$ta1,$v0 - sgtu $v0,$t1,$ta1 - $ST $t1,$BNSZ($a0) - $ADDU $v0,$t9 - beqz $a3,.L_bn_sub_words_return - - $LD $t2,2*$BNSZ($a1) - $LD $ta2,2*$BNSZ($a2) - sltu $t8,$t2,$ta2 - $SUBU $ta2,$t2,$ta2 - $SUBU $t2,$ta2,$v0 - sgtu $v0,$t2,$ta2 - $ST $t2,2*$BNSZ($a0) - $ADDU $v0,$t8 - -.L_bn_sub_words_return: - .set noreorder -___ -$code.=<<___ if ($flavour =~ /nubi/i); - $REG_L $t3,4*$SZREG($sp) - $REG_L $t2,3*$SZREG($sp) - $REG_L $t1,2*$SZREG($sp) - $REG_L $t0,1*$SZREG($sp) - $REG_L $gp,0*$SZREG($sp) - $PTR_ADD $sp,6*$SZREG -___ -$code.=<<___; - jr $ra - move $a0,$v0 -.end bn_sub_words_internal - -.align 5 -.globl bn_div_3_words -.ent bn_div_3_words -bn_div_3_words: - .set noreorder - move $a3,$a0 # we know that bn_div_words does not - # touch $a3, $ta2, $ta3 and preserves $a2 - # so that we can save two arguments - # and return address in registers - # instead of stack:-) - - $LD $a0,($a3) - move $ta2,$a1 - bne $a0,$a2,bn_div_3_words_internal - $LD $a1,-$BNSZ($a3) - li $v0,-1 - jr $ra - move $a0,$v0 -.end bn_div_3_words - -.align 5 -.ent bn_div_3_words_internal -bn_div_3_words_internal: -___ -$code.=<<___ if ($flavour =~ /nubi/i); - .frame $sp,6*$SZREG,$ra - .mask 0x8000f008,-$SZREG - .set noreorder - $PTR_SUB $sp,6*$SZREG - $REG_S $ra,5*$SZREG($sp) - $REG_S $t3,4*$SZREG($sp) - $REG_S $t2,3*$SZREG($sp) - $REG_S $t1,2*$SZREG($sp) - $REG_S $t0,1*$SZREG($sp) - $REG_S $gp,0*$SZREG($sp) -___ -$code.=<<___; - .set reorder - move $ta3,$ra - bal bn_div_words_internal - move $ra,$ta3 - $MULTU $ta2,$v0 - $LD $t2,-2*$BNSZ($a3) - move $ta0,$zero - mfhi $t1 - mflo $t0 - sltu $t8,$t1,$a1 -.L_bn_div_3_words_inner_loop: - bnez $t8,.L_bn_div_3_words_inner_loop_done - sgeu $at,$t2,$t0 - seq $t9,$t1,$a1 - and $at,$t9 - sltu $t3,$t0,$ta2 - $ADDU $a1,$a2 - $SUBU $t1,$t3 - $SUBU $t0,$ta2 - sltu $t8,$t1,$a1 - sltu $ta0,$a1,$a2 - or $t8,$ta0 - .set noreorder - beqz $at,.L_bn_div_3_words_inner_loop - $SUBU $v0,1 - $ADDU $v0,1 - .set reorder -.L_bn_div_3_words_inner_loop_done: - .set noreorder -___ -$code.=<<___ if ($flavour =~ /nubi/i); - $REG_L $t3,4*$SZREG($sp) - $REG_L $t2,3*$SZREG($sp) - $REG_L $t1,2*$SZREG($sp) - $REG_L $t0,1*$SZREG($sp) - $REG_L $gp,0*$SZREG($sp) - $PTR_ADD $sp,6*$SZREG -___ -$code.=<<___; - jr $ra - move $a0,$v0 -.end bn_div_3_words_internal - -.align 5 -.globl bn_div_words -.ent bn_div_words -bn_div_words: - .set noreorder - bnez $a2,bn_div_words_internal - li $v0,-1 # I would rather signal div-by-zero - # which can be done with 'break 7' - jr $ra - move $a0,$v0 -.end bn_div_words - -.align 5 -.ent bn_div_words_internal -bn_div_words_internal: -___ -$code.=<<___ if ($flavour =~ /nubi/i); - .frame $sp,6*$SZREG,$ra - .mask 0x8000f008,-$SZREG - .set noreorder - $PTR_SUB $sp,6*$SZREG - $REG_S $ra,5*$SZREG($sp) - $REG_S $t3,4*$SZREG($sp) - $REG_S $t2,3*$SZREG($sp) - $REG_S $t1,2*$SZREG($sp) - $REG_S $t0,1*$SZREG($sp) - $REG_S $gp,0*$SZREG($sp) -___ -$code.=<<___; - move $v1,$zero - bltz $a2,.L_bn_div_words_body - move $t9,$v1 - $SLL $a2,1 - bgtz $a2,.-4 - addu $t9,1 - - .set reorder - negu $t1,$t9 - li $t2,-1 - $SLL $t2,$t1 - and $t2,$a0 - $SRL $at,$a1,$t1 - .set noreorder - beqz $t2,.+12 - nop - break 6 # signal overflow - .set reorder - $SLL $a0,$t9 - $SLL $a1,$t9 - or $a0,$at -___ -$QT=$ta0; -$HH=$ta1; -$DH=$v1; -$code.=<<___; -.L_bn_div_words_body: - $SRL $DH,$a2,4*$BNSZ # bits - sgeu $at,$a0,$a2 - .set noreorder - beqz $at,.+12 - nop - $SUBU $a0,$a2 - .set reorder - - li $QT,-1 - $SRL $HH,$a0,4*$BNSZ # bits - $SRL $QT,4*$BNSZ # q=0xffffffff - beq $DH,$HH,.L_bn_div_words_skip_div1 - $DIVU $zero,$a0,$DH - mflo $QT -.L_bn_div_words_skip_div1: - $MULTU $a2,$QT - $SLL $t3,$a0,4*$BNSZ # bits - $SRL $at,$a1,4*$BNSZ # bits - or $t3,$at - mflo $t0 - mfhi $t1 -.L_bn_div_words_inner_loop1: - sltu $t2,$t3,$t0 - seq $t8,$HH,$t1 - sltu $at,$HH,$t1 - and $t2,$t8 - sltu $v0,$t0,$a2 - or $at,$t2 - .set noreorder - beqz $at,.L_bn_div_words_inner_loop1_done - $SUBU $t1,$v0 - $SUBU $t0,$a2 - b .L_bn_div_words_inner_loop1 - $SUBU $QT,1 - .set reorder -.L_bn_div_words_inner_loop1_done: - - $SLL $a1,4*$BNSZ # bits - $SUBU $a0,$t3,$t0 - $SLL $v0,$QT,4*$BNSZ # bits - - li $QT,-1 - $SRL $HH,$a0,4*$BNSZ # bits - $SRL $QT,4*$BNSZ # q=0xffffffff - beq $DH,$HH,.L_bn_div_words_skip_div2 - $DIVU $zero,$a0,$DH - mflo $QT -.L_bn_div_words_skip_div2: - $MULTU $a2,$QT - $SLL $t3,$a0,4*$BNSZ # bits - $SRL $at,$a1,4*$BNSZ # bits - or $t3,$at - mflo $t0 - mfhi $t1 -.L_bn_div_words_inner_loop2: - sltu $t2,$t3,$t0 - seq $t8,$HH,$t1 - sltu $at,$HH,$t1 - and $t2,$t8 - sltu $v1,$t0,$a2 - or $at,$t2 - .set noreorder - beqz $at,.L_bn_div_words_inner_loop2_done - $SUBU $t1,$v1 - $SUBU $t0,$a2 - b .L_bn_div_words_inner_loop2 - $SUBU $QT,1 - .set reorder -.L_bn_div_words_inner_loop2_done: - - $SUBU $a0,$t3,$t0 - or $v0,$QT - $SRL $v1,$a0,$t9 # $v1 contains remainder if anybody wants it - $SRL $a2,$t9 # restore $a2 - - .set noreorder - move $a1,$v1 -___ -$code.=<<___ if ($flavour =~ /nubi/i); - $REG_L $t3,4*$SZREG($sp) - $REG_L $t2,3*$SZREG($sp) - $REG_L $t1,2*$SZREG($sp) - $REG_L $t0,1*$SZREG($sp) - $REG_L $gp,0*$SZREG($sp) - $PTR_ADD $sp,6*$SZREG -___ -$code.=<<___; - jr $ra - move $a0,$v0 -.end bn_div_words_internal -___ -undef $HH; undef $QT; undef $DH; - -($a_0,$a_1,$a_2,$a_3)=($t0,$t1,$t2,$t3); -($b_0,$b_1,$b_2,$b_3)=($ta0,$ta1,$ta2,$ta3); - -($a_4,$a_5,$a_6,$a_7)=($s0,$s2,$s4,$a1); # once we load a[7], no use for $a1 -($b_4,$b_5,$b_6,$b_7)=($s1,$s3,$s5,$a2); # once we load b[7], no use for $a2 - -($t_1,$t_2,$c_1,$c_2,$c_3)=($t8,$t9,$v0,$v1,$a3); - -$code.=<<___; - -.align 5 -.globl bn_mul_comba8 -.ent bn_mul_comba8 -bn_mul_comba8: - .set noreorder -___ -$code.=<<___ if ($flavour =~ /nubi/i); - .frame $sp,12*$SZREG,$ra - .mask 0x803ff008,-$SZREG - $PTR_SUB $sp,12*$SZREG - $REG_S $ra,11*$SZREG($sp) - $REG_S $s5,10*$SZREG($sp) - $REG_S $s4,9*$SZREG($sp) - $REG_S $s3,8*$SZREG($sp) - $REG_S $s2,7*$SZREG($sp) - $REG_S $s1,6*$SZREG($sp) - $REG_S $s0,5*$SZREG($sp) - $REG_S $t3,4*$SZREG($sp) - $REG_S $t2,3*$SZREG($sp) - $REG_S $t1,2*$SZREG($sp) - $REG_S $t0,1*$SZREG($sp) - $REG_S $gp,0*$SZREG($sp) -___ -$code.=<<___ if ($flavour !~ /nubi/i); - .frame $sp,6*$SZREG,$ra - .mask 0x003f0000,-$SZREG - $PTR_SUB $sp,6*$SZREG - $REG_S $s5,5*$SZREG($sp) - $REG_S $s4,4*$SZREG($sp) - $REG_S $s3,3*$SZREG($sp) - $REG_S $s2,2*$SZREG($sp) - $REG_S $s1,1*$SZREG($sp) - $REG_S $s0,0*$SZREG($sp) -___ -$code.=<<___; - - .set reorder - $LD $a_0,0($a1) # If compiled with -mips3 option on - # R5000 box assembler barks on this - # 1ine with "should not have mult/div - # as last instruction in bb (R10K - # bug)" warning. If anybody out there - # has a clue about how to circumvent - # this do send me a note. - # - - $LD $b_0,0($a2) - $LD $a_1,$BNSZ($a1) - $LD $a_2,2*$BNSZ($a1) - $MULTU $a_0,$b_0 # mul_add_c(a[0],b[0],c1,c2,c3); - $LD $a_3,3*$BNSZ($a1) - $LD $b_1,$BNSZ($a2) - $LD $b_2,2*$BNSZ($a2) - $LD $b_3,3*$BNSZ($a2) - mflo $c_1 - mfhi $c_2 - - $LD $a_4,4*$BNSZ($a1) - $LD $a_5,5*$BNSZ($a1) - $MULTU $a_0,$b_1 # mul_add_c(a[0],b[1],c2,c3,c1); - $LD $a_6,6*$BNSZ($a1) - $LD $a_7,7*$BNSZ($a1) - $LD $b_4,4*$BNSZ($a2) - $LD $b_5,5*$BNSZ($a2) - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_1,$b_0 # mul_add_c(a[1],b[0],c2,c3,c1); - $ADDU $c_3,$t_2,$at - $LD $b_6,6*$BNSZ($a2) - $LD $b_7,7*$BNSZ($a2) - $ST $c_1,0($a0) # r[0]=c1; - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_2,$b_0 # mul_add_c(a[2],b[0],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $c_1,$c_3,$t_2 - $ST $c_2,$BNSZ($a0) # r[1]=c2; - - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_1,$b_1 # mul_add_c(a[1],b[1],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_0,$b_2 # mul_add_c(a[0],b[2],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $c_2,$c_1,$t_2 - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_0,$b_3 # mul_add_c(a[0],b[3],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $at,$c_1,$t_2 - $ADDU $c_2,$at - $ST $c_3,2*$BNSZ($a0) # r[2]=c3; - - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_1,$b_2 # mul_add_c(a[1],b[2],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $c_3,$c_2,$t_2 - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_2,$b_1 # mul_add_c(a[2],b[1],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $at,$c_2,$t_2 - $ADDU $c_3,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_3,$b_0 # mul_add_c(a[3],b[0],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $at,$c_2,$t_2 - $ADDU $c_3,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_4,$b_0 # mul_add_c(a[4],b[0],c2,c3,c1); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $at,$c_2,$t_2 - $ADDU $c_3,$at - $ST $c_1,3*$BNSZ($a0) # r[3]=c1; - - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_3,$b_1 # mul_add_c(a[3],b[1],c2,c3,c1); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $c_1,$c_3,$t_2 - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_2,$b_2 # mul_add_c(a[2],b[2],c2,c3,c1); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $at,$c_3,$t_2 - $ADDU $c_1,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_1,$b_3 # mul_add_c(a[1],b[3],c2,c3,c1); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $at,$c_3,$t_2 - $ADDU $c_1,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_0,$b_4 # mul_add_c(a[0],b[4],c2,c3,c1); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $at,$c_3,$t_2 - $ADDU $c_1,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_0,$b_5 # mul_add_c(a[0],b[5],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $at,$c_3,$t_2 - $ADDU $c_1,$at - $ST $c_2,4*$BNSZ($a0) # r[4]=c2; - - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_1,$b_4 # mul_add_c(a[1],b[4],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $c_2,$c_1,$t_2 - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_2,$b_3 # mul_add_c(a[2],b[3],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $at,$c_1,$t_2 - $ADDU $c_2,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_3,$b_2 # mul_add_c(a[3],b[2],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $at,$c_1,$t_2 - $ADDU $c_2,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_4,$b_1 # mul_add_c(a[4],b[1],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $at,$c_1,$t_2 - $ADDU $c_2,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_5,$b_0 # mul_add_c(a[5],b[0],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $at,$c_1,$t_2 - $ADDU $c_2,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_6,$b_0 # mul_add_c(a[6],b[0],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $at,$c_1,$t_2 - $ADDU $c_2,$at - $ST $c_3,5*$BNSZ($a0) # r[5]=c3; - - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_5,$b_1 # mul_add_c(a[5],b[1],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $c_3,$c_2,$t_2 - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_4,$b_2 # mul_add_c(a[4],b[2],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $at,$c_2,$t_2 - $ADDU $c_3,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_3,$b_3 # mul_add_c(a[3],b[3],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $at,$c_2,$t_2 - $ADDU $c_3,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_2,$b_4 # mul_add_c(a[2],b[4],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $at,$c_2,$t_2 - $ADDU $c_3,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_1,$b_5 # mul_add_c(a[1],b[5],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $at,$c_2,$t_2 - $ADDU $c_3,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_0,$b_6 # mul_add_c(a[0],b[6],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $at,$c_2,$t_2 - $ADDU $c_3,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_0,$b_7 # mul_add_c(a[0],b[7],c2,c3,c1); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $at,$c_2,$t_2 - $ADDU $c_3,$at - $ST $c_1,6*$BNSZ($a0) # r[6]=c1; - - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_1,$b_6 # mul_add_c(a[1],b[6],c2,c3,c1); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $c_1,$c_3,$t_2 - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_2,$b_5 # mul_add_c(a[2],b[5],c2,c3,c1); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $at,$c_3,$t_2 - $ADDU $c_1,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_3,$b_4 # mul_add_c(a[3],b[4],c2,c3,c1); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $at,$c_3,$t_2 - $ADDU $c_1,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_4,$b_3 # mul_add_c(a[4],b[3],c2,c3,c1); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $at,$c_3,$t_2 - $ADDU $c_1,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_5,$b_2 # mul_add_c(a[5],b[2],c2,c3,c1); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $at,$c_3,$t_2 - $ADDU $c_1,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_6,$b_1 # mul_add_c(a[6],b[1],c2,c3,c1); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $at,$c_3,$t_2 - $ADDU $c_1,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_7,$b_0 # mul_add_c(a[7],b[0],c2,c3,c1); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $at,$c_3,$t_2 - $ADDU $c_1,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_7,$b_1 # mul_add_c(a[7],b[1],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $at,$c_3,$t_2 - $ADDU $c_1,$at - $ST $c_2,7*$BNSZ($a0) # r[7]=c2; - - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_6,$b_2 # mul_add_c(a[6],b[2],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $c_2,$c_1,$t_2 - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_5,$b_3 # mul_add_c(a[5],b[3],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $at,$c_1,$t_2 - $ADDU $c_2,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_4,$b_4 # mul_add_c(a[4],b[4],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $at,$c_1,$t_2 - $ADDU $c_2,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_3,$b_5 # mul_add_c(a[3],b[5],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $at,$c_1,$t_2 - $ADDU $c_2,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_2,$b_6 # mul_add_c(a[2],b[6],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $at,$c_1,$t_2 - $ADDU $c_2,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_1,$b_7 # mul_add_c(a[1],b[7],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $at,$c_1,$t_2 - $ADDU $c_2,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_2,$b_7 # mul_add_c(a[2],b[7],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $at,$c_1,$t_2 - $ADDU $c_2,$at - $ST $c_3,8*$BNSZ($a0) # r[8]=c3; - - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_3,$b_6 # mul_add_c(a[3],b[6],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $c_3,$c_2,$t_2 - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_4,$b_5 # mul_add_c(a[4],b[5],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $at,$c_2,$t_2 - $ADDU $c_3,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_5,$b_4 # mul_add_c(a[5],b[4],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $at,$c_2,$t_2 - $ADDU $c_3,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_6,$b_3 # mul_add_c(a[6],b[3],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $at,$c_2,$t_2 - $ADDU $c_3,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_7,$b_2 # mul_add_c(a[7],b[2],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $at,$c_2,$t_2 - $ADDU $c_3,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_7,$b_3 # mul_add_c(a[7],b[3],c2,c3,c1); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $at,$c_2,$t_2 - $ADDU $c_3,$at - $ST $c_1,9*$BNSZ($a0) # r[9]=c1; - - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_6,$b_4 # mul_add_c(a[6],b[4],c2,c3,c1); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $c_1,$c_3,$t_2 - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_5,$b_5 # mul_add_c(a[5],b[5],c2,c3,c1); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $at,$c_3,$t_2 - $ADDU $c_1,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_4,$b_6 # mul_add_c(a[4],b[6],c2,c3,c1); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $at,$c_3,$t_2 - $ADDU $c_1,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_3,$b_7 # mul_add_c(a[3],b[7],c2,c3,c1); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $at,$c_3,$t_2 - $ADDU $c_1,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_4,$b_7 # mul_add_c(a[4],b[7],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $at,$c_3,$t_2 - $ADDU $c_1,$at - $ST $c_2,10*$BNSZ($a0) # r[10]=c2; - - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_5,$b_6 # mul_add_c(a[5],b[6],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $c_2,$c_1,$t_2 - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_6,$b_5 # mul_add_c(a[6],b[5],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $at,$c_1,$t_2 - $ADDU $c_2,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_7,$b_4 # mul_add_c(a[7],b[4],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $at,$c_1,$t_2 - $ADDU $c_2,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_7,$b_5 # mul_add_c(a[7],b[5],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $at,$c_1,$t_2 - $ADDU $c_2,$at - $ST $c_3,11*$BNSZ($a0) # r[11]=c3; - - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_6,$b_6 # mul_add_c(a[6],b[6],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $c_3,$c_2,$t_2 - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_5,$b_7 # mul_add_c(a[5],b[7],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $at,$c_2,$t_2 - $ADDU $c_3,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_6,$b_7 # mul_add_c(a[6],b[7],c2,c3,c1); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $at,$c_2,$t_2 - $ADDU $c_3,$at - $ST $c_1,12*$BNSZ($a0) # r[12]=c1; - - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_7,$b_6 # mul_add_c(a[7],b[6],c2,c3,c1); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $c_1,$c_3,$t_2 - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_7,$b_7 # mul_add_c(a[7],b[7],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $at,$c_3,$t_2 - $ADDU $c_1,$at - $ST $c_2,13*$BNSZ($a0) # r[13]=c2; - - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - $ST $c_3,14*$BNSZ($a0) # r[14]=c3; - $ST $c_1,15*$BNSZ($a0) # r[15]=c1; - - .set noreorder -___ -$code.=<<___ if ($flavour =~ /nubi/i); - $REG_L $s5,10*$SZREG($sp) - $REG_L $s4,9*$SZREG($sp) - $REG_L $s3,8*$SZREG($sp) - $REG_L $s2,7*$SZREG($sp) - $REG_L $s1,6*$SZREG($sp) - $REG_L $s0,5*$SZREG($sp) - $REG_L $t3,4*$SZREG($sp) - $REG_L $t2,3*$SZREG($sp) - $REG_L $t1,2*$SZREG($sp) - $REG_L $t0,1*$SZREG($sp) - $REG_L $gp,0*$SZREG($sp) - jr $ra - $PTR_ADD $sp,12*$SZREG -___ -$code.=<<___ if ($flavour !~ /nubi/i); - $REG_L $s5,5*$SZREG($sp) - $REG_L $s4,4*$SZREG($sp) - $REG_L $s3,3*$SZREG($sp) - $REG_L $s2,2*$SZREG($sp) - $REG_L $s1,1*$SZREG($sp) - $REG_L $s0,0*$SZREG($sp) - jr $ra - $PTR_ADD $sp,6*$SZREG -___ -$code.=<<___; -.end bn_mul_comba8 - -.align 5 -.globl bn_mul_comba4 -.ent bn_mul_comba4 -bn_mul_comba4: -___ -$code.=<<___ if ($flavour =~ /nubi/i); - .frame $sp,6*$SZREG,$ra - .mask 0x8000f008,-$SZREG - .set noreorder - $PTR_SUB $sp,6*$SZREG - $REG_S $ra,5*$SZREG($sp) - $REG_S $t3,4*$SZREG($sp) - $REG_S $t2,3*$SZREG($sp) - $REG_S $t1,2*$SZREG($sp) - $REG_S $t0,1*$SZREG($sp) - $REG_S $gp,0*$SZREG($sp) -___ -$code.=<<___; - .set reorder - $LD $a_0,0($a1) - $LD $b_0,0($a2) - $LD $a_1,$BNSZ($a1) - $LD $a_2,2*$BNSZ($a1) - $MULTU $a_0,$b_0 # mul_add_c(a[0],b[0],c1,c2,c3); - $LD $a_3,3*$BNSZ($a1) - $LD $b_1,$BNSZ($a2) - $LD $b_2,2*$BNSZ($a2) - $LD $b_3,3*$BNSZ($a2) - mflo $c_1 - mfhi $c_2 - $ST $c_1,0($a0) - - $MULTU $a_0,$b_1 # mul_add_c(a[0],b[1],c2,c3,c1); - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_1,$b_0 # mul_add_c(a[1],b[0],c2,c3,c1); - $ADDU $c_3,$t_2,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_2,$b_0 # mul_add_c(a[2],b[0],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $c_1,$c_3,$t_2 - $ST $c_2,$BNSZ($a0) - - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_1,$b_1 # mul_add_c(a[1],b[1],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_0,$b_2 # mul_add_c(a[0],b[2],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $c_2,$c_1,$t_2 - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_0,$b_3 # mul_add_c(a[0],b[3],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $at,$c_1,$t_2 - $ADDU $c_2,$at - $ST $c_3,2*$BNSZ($a0) - - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_1,$b_2 # mul_add_c(a[1],b[2],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $c_3,$c_2,$t_2 - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_2,$b_1 # mul_add_c(a[2],b[1],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $at,$c_2,$t_2 - $ADDU $c_3,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_3,$b_0 # mul_add_c(a[3],b[0],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $at,$c_2,$t_2 - $ADDU $c_3,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_3,$b_1 # mul_add_c(a[3],b[1],c2,c3,c1); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $at,$c_2,$t_2 - $ADDU $c_3,$at - $ST $c_1,3*$BNSZ($a0) - - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_2,$b_2 # mul_add_c(a[2],b[2],c2,c3,c1); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $c_1,$c_3,$t_2 - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_1,$b_3 # mul_add_c(a[1],b[3],c2,c3,c1); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $at,$c_3,$t_2 - $ADDU $c_1,$at - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_2,$b_3 # mul_add_c(a[2],b[3],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $at,$c_3,$t_2 - $ADDU $c_1,$at - $ST $c_2,4*$BNSZ($a0) - - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_3,$b_2 # mul_add_c(a[3],b[2],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $c_2,$c_1,$t_2 - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_3,$b_3 # mul_add_c(a[3],b[3],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $at,$c_1,$t_2 - $ADDU $c_2,$at - $ST $c_3,5*$BNSZ($a0) - - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - $ST $c_1,6*$BNSZ($a0) - $ST $c_2,7*$BNSZ($a0) - - .set noreorder -___ -$code.=<<___ if ($flavour =~ /nubi/i); - $REG_L $t3,4*$SZREG($sp) - $REG_L $t2,3*$SZREG($sp) - $REG_L $t1,2*$SZREG($sp) - $REG_L $t0,1*$SZREG($sp) - $REG_L $gp,0*$SZREG($sp) - $PTR_ADD $sp,6*$SZREG -___ -$code.=<<___; - jr $ra - nop -.end bn_mul_comba4 -___ - -($a_4,$a_5,$a_6,$a_7)=($b_0,$b_1,$b_2,$b_3); - -sub add_c2 () { -my ($hi,$lo,$c0,$c1,$c2, - $warm, # !$warm denotes first call with specific sequence of - # $c_[XYZ] when there is no Z-carry to accumulate yet; - $an,$bn # these two are arguments for multiplication which - # result is used in *next* step [which is why it's - # commented as "forward multiplication" below]; - )=@_; -$code.=<<___; - mflo $lo - mfhi $hi - $ADDU $c0,$lo - sltu $at,$c0,$lo - $MULTU $an,$bn # forward multiplication - $ADDU $c0,$lo - $ADDU $at,$hi - sltu $lo,$c0,$lo - $ADDU $c1,$at - $ADDU $hi,$lo -___ -$code.=<<___ if (!$warm); - sltu $c2,$c1,$at - $ADDU $c1,$hi - sltu $hi,$c1,$hi - $ADDU $c2,$hi -___ -$code.=<<___ if ($warm); - sltu $at,$c1,$at - $ADDU $c1,$hi - $ADDU $c2,$at - sltu $hi,$c1,$hi - $ADDU $c2,$hi -___ -} - -$code.=<<___; - -.align 5 -.globl bn_sqr_comba8 -.ent bn_sqr_comba8 -bn_sqr_comba8: -___ -$code.=<<___ if ($flavour =~ /nubi/i); - .frame $sp,6*$SZREG,$ra - .mask 0x8000f008,-$SZREG - .set noreorder - $PTR_SUB $sp,6*$SZREG - $REG_S $ra,5*$SZREG($sp) - $REG_S $t3,4*$SZREG($sp) - $REG_S $t2,3*$SZREG($sp) - $REG_S $t1,2*$SZREG($sp) - $REG_S $t0,1*$SZREG($sp) - $REG_S $gp,0*$SZREG($sp) -___ -$code.=<<___; - .set reorder - $LD $a_0,0($a1) - $LD $a_1,$BNSZ($a1) - $LD $a_2,2*$BNSZ($a1) - $LD $a_3,3*$BNSZ($a1) - - $MULTU $a_0,$a_0 # mul_add_c(a[0],b[0],c1,c2,c3); - $LD $a_4,4*$BNSZ($a1) - $LD $a_5,5*$BNSZ($a1) - $LD $a_6,6*$BNSZ($a1) - $LD $a_7,7*$BNSZ($a1) - mflo $c_1 - mfhi $c_2 - $ST $c_1,0($a0) - - $MULTU $a_0,$a_1 # mul_add_c2(a[0],b[1],c2,c3,c1); - mflo $t_1 - mfhi $t_2 - slt $c_1,$t_2,$zero - $SLL $t_2,1 - $MULTU $a_2,$a_0 # mul_add_c2(a[2],b[0],c3,c1,c2); - slt $a2,$t_1,$zero - $ADDU $t_2,$a2 - $SLL $t_1,1 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $ADDU $c_3,$t_2,$at - $ST $c_2,$BNSZ($a0) -___ - &add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0, - $a_1,$a_1); # mul_add_c(a[1],b[1],c3,c1,c2); -$code.=<<___; - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_0,$a_3 # mul_add_c2(a[0],b[3],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $at,$c_1,$t_2 - $ADDU $c_2,$at - $ST $c_3,2*$BNSZ($a0) -___ - &add_c2($t_2,$t_1,$c_1,$c_2,$c_3,0, - $a_1,$a_2); # mul_add_c2(a[1],b[2],c1,c2,c3); - &add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1, - $a_4,$a_0); # mul_add_c2(a[4],b[0],c2,c3,c1); -$code.=<<___; - $ST $c_1,3*$BNSZ($a0) -___ - &add_c2($t_2,$t_1,$c_2,$c_3,$c_1,0, - $a_3,$a_1); # mul_add_c2(a[3],b[1],c2,c3,c1); - &add_c2($t_2,$t_1,$c_2,$c_3,$c_1,1, - $a_2,$a_2); # mul_add_c(a[2],b[2],c2,c3,c1); -$code.=<<___; - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_0,$a_5 # mul_add_c2(a[0],b[5],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $at,$c_3,$t_2 - $ADDU $c_1,$at - $ST $c_2,4*$BNSZ($a0) -___ - &add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0, - $a_1,$a_4); # mul_add_c2(a[1],b[4],c3,c1,c2); - &add_c2($t_2,$t_1,$c_3,$c_1,$c_2,1, - $a_2,$a_3); # mul_add_c2(a[2],b[3],c3,c1,c2); - &add_c2($t_2,$t_1,$c_3,$c_1,$c_2,1, - $a_6,$a_0); # mul_add_c2(a[6],b[0],c1,c2,c3); -$code.=<<___; - $ST $c_3,5*$BNSZ($a0) -___ - &add_c2($t_2,$t_1,$c_1,$c_2,$c_3,0, - $a_5,$a_1); # mul_add_c2(a[5],b[1],c1,c2,c3); - &add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1, - $a_4,$a_2); # mul_add_c2(a[4],b[2],c1,c2,c3); - &add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1, - $a_3,$a_3); # mul_add_c(a[3],b[3],c1,c2,c3); -$code.=<<___; - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_0,$a_7 # mul_add_c2(a[0],b[7],c2,c3,c1); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $at,$c_2,$t_2 - $ADDU $c_3,$at - $ST $c_1,6*$BNSZ($a0) -___ - &add_c2($t_2,$t_1,$c_2,$c_3,$c_1,0, - $a_1,$a_6); # mul_add_c2(a[1],b[6],c2,c3,c1); - &add_c2($t_2,$t_1,$c_2,$c_3,$c_1,1, - $a_2,$a_5); # mul_add_c2(a[2],b[5],c2,c3,c1); - &add_c2($t_2,$t_1,$c_2,$c_3,$c_1,1, - $a_3,$a_4); # mul_add_c2(a[3],b[4],c2,c3,c1); - &add_c2($t_2,$t_1,$c_2,$c_3,$c_1,1, - $a_7,$a_1); # mul_add_c2(a[7],b[1],c3,c1,c2); -$code.=<<___; - $ST $c_2,7*$BNSZ($a0) -___ - &add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0, - $a_6,$a_2); # mul_add_c2(a[6],b[2],c3,c1,c2); - &add_c2($t_2,$t_1,$c_3,$c_1,$c_2,1, - $a_5,$a_3); # mul_add_c2(a[5],b[3],c3,c1,c2); - &add_c2($t_2,$t_1,$c_3,$c_1,$c_2,1, - $a_4,$a_4); # mul_add_c(a[4],b[4],c3,c1,c2); -$code.=<<___; - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_2,$a_7 # mul_add_c2(a[2],b[7],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $at,$c_1,$t_2 - $ADDU $c_2,$at - $ST $c_3,8*$BNSZ($a0) -___ - &add_c2($t_2,$t_1,$c_1,$c_2,$c_3,0, - $a_3,$a_6); # mul_add_c2(a[3],b[6],c1,c2,c3); - &add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1, - $a_4,$a_5); # mul_add_c2(a[4],b[5],c1,c2,c3); - &add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1, - $a_7,$a_3); # mul_add_c2(a[7],b[3],c2,c3,c1); -$code.=<<___; - $ST $c_1,9*$BNSZ($a0) -___ - &add_c2($t_2,$t_1,$c_2,$c_3,$c_1,0, - $a_6,$a_4); # mul_add_c2(a[6],b[4],c2,c3,c1); - &add_c2($t_2,$t_1,$c_2,$c_3,$c_1,1, - $a_5,$a_5); # mul_add_c(a[5],b[5],c2,c3,c1); -$code.=<<___; - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_4,$a_7 # mul_add_c2(a[4],b[7],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $at,$c_3,$t_2 - $ADDU $c_1,$at - $ST $c_2,10*$BNSZ($a0) -___ - &add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0, - $a_5,$a_6); # mul_add_c2(a[5],b[6],c3,c1,c2); - &add_c2($t_2,$t_1,$c_3,$c_1,$c_2,1, - $a_7,$a_5); # mul_add_c2(a[7],b[5],c1,c2,c3); -$code.=<<___; - $ST $c_3,11*$BNSZ($a0) -___ - &add_c2($t_2,$t_1,$c_1,$c_2,$c_3,0, - $a_6,$a_6); # mul_add_c(a[6],b[6],c1,c2,c3); -$code.=<<___; - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $MULTU $a_6,$a_7 # mul_add_c2(a[6],b[7],c2,c3,c1); - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - sltu $at,$c_2,$t_2 - $ADDU $c_3,$at - $ST $c_1,12*$BNSZ($a0) -___ - &add_c2($t_2,$t_1,$c_2,$c_3,$c_1,0, - $a_7,$a_7); # mul_add_c(a[7],b[7],c3,c1,c2); -$code.=<<___; - $ST $c_2,13*$BNSZ($a0) - - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - $ST $c_3,14*$BNSZ($a0) - $ST $c_1,15*$BNSZ($a0) - - .set noreorder -___ -$code.=<<___ if ($flavour =~ /nubi/i); - $REG_L $t3,4*$SZREG($sp) - $REG_L $t2,3*$SZREG($sp) - $REG_L $t1,2*$SZREG($sp) - $REG_L $t0,1*$SZREG($sp) - $REG_L $gp,0*$SZREG($sp) - $PTR_ADD $sp,6*$SZREG -___ -$code.=<<___; - jr $ra - nop -.end bn_sqr_comba8 - -.align 5 -.globl bn_sqr_comba4 -.ent bn_sqr_comba4 -bn_sqr_comba4: -___ -$code.=<<___ if ($flavour =~ /nubi/i); - .frame $sp,6*$SZREG,$ra - .mask 0x8000f008,-$SZREG - .set noreorder - $PTR_SUB $sp,6*$SZREG - $REG_S $ra,5*$SZREG($sp) - $REG_S $t3,4*$SZREG($sp) - $REG_S $t2,3*$SZREG($sp) - $REG_S $t1,2*$SZREG($sp) - $REG_S $t0,1*$SZREG($sp) - $REG_S $gp,0*$SZREG($sp) -___ -$code.=<<___; - .set reorder - $LD $a_0,0($a1) - $LD $a_1,$BNSZ($a1) - $MULTU $a_0,$a_0 # mul_add_c(a[0],b[0],c1,c2,c3); - $LD $a_2,2*$BNSZ($a1) - $LD $a_3,3*$BNSZ($a1) - mflo $c_1 - mfhi $c_2 - $ST $c_1,0($a0) - - $MULTU $a_0,$a_1 # mul_add_c2(a[0],b[1],c2,c3,c1); - mflo $t_1 - mfhi $t_2 - slt $c_1,$t_2,$zero - $SLL $t_2,1 - $MULTU $a_2,$a_0 # mul_add_c2(a[2],b[0],c3,c1,c2); - slt $a2,$t_1,$zero - $ADDU $t_2,$a2 - $SLL $t_1,1 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $ADDU $c_3,$t_2,$at - $ST $c_2,$BNSZ($a0) -___ - &add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0, - $a_1,$a_1); # mul_add_c(a[1],b[1],c3,c1,c2); -$code.=<<___; - mflo $t_1 - mfhi $t_2 - $ADDU $c_3,$t_1 - sltu $at,$c_3,$t_1 - $MULTU $a_0,$a_3 # mul_add_c2(a[0],b[3],c1,c2,c3); - $ADDU $t_2,$at - $ADDU $c_1,$t_2 - sltu $at,$c_1,$t_2 - $ADDU $c_2,$at - $ST $c_3,2*$BNSZ($a0) -___ - &add_c2($t_2,$t_1,$c_1,$c_2,$c_3,0, - $a_1,$a_2); # mul_add_c2(a2[1],b[2],c1,c2,c3); - &add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1, - $a_3,$a_1); # mul_add_c2(a[3],b[1],c2,c3,c1); -$code.=<<___; - $ST $c_1,3*$BNSZ($a0) -___ - &add_c2($t_2,$t_1,$c_2,$c_3,$c_1,0, - $a_2,$a_2); # mul_add_c(a[2],b[2],c2,c3,c1); -$code.=<<___; - mflo $t_1 - mfhi $t_2 - $ADDU $c_2,$t_1 - sltu $at,$c_2,$t_1 - $MULTU $a_2,$a_3 # mul_add_c2(a[2],b[3],c3,c1,c2); - $ADDU $t_2,$at - $ADDU $c_3,$t_2 - sltu $at,$c_3,$t_2 - $ADDU $c_1,$at - $ST $c_2,4*$BNSZ($a0) -___ - &add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0, - $a_3,$a_3); # mul_add_c(a[3],b[3],c1,c2,c3); -$code.=<<___; - $ST $c_3,5*$BNSZ($a0) - - mflo $t_1 - mfhi $t_2 - $ADDU $c_1,$t_1 - sltu $at,$c_1,$t_1 - $ADDU $t_2,$at - $ADDU $c_2,$t_2 - $ST $c_1,6*$BNSZ($a0) - $ST $c_2,7*$BNSZ($a0) - - .set noreorder -___ -$code.=<<___ if ($flavour =~ /nubi/i); - $REG_L $t3,4*$SZREG($sp) - $REG_L $t2,3*$SZREG($sp) - $REG_L $t1,2*$SZREG($sp) - $REG_L $t0,1*$SZREG($sp) - $REG_L $gp,0*$SZREG($sp) - $PTR_ADD $sp,6*$SZREG -___ -$code.=<<___; - jr $ra - nop -.end bn_sqr_comba4 -___ -print $code; -close STDOUT; diff --git a/src/lib/libcrypto/bn/asm/modexp512-x86_64.pl b/src/lib/libcrypto/bn/asm/modexp512-x86_64.pl deleted file mode 100644 index 8645d5adcc..0000000000 --- a/src/lib/libcrypto/bn/asm/modexp512-x86_64.pl +++ /dev/null @@ -1,1393 +0,0 @@ -#!/usr/bin/env perl -# -# Copyright (c) 2010-2011 Intel Corp. -# Author: Vinodh.Gopal@intel.com -# Jim Guilford -# Erdinc.Ozturk@intel.com -# Maxim.Perminov@intel.com -# -# More information about algorithm used can be found at: -# http://www.cse.buffalo.edu/srds2009/escs2009_submission_Gopal.pdf -# -# ==================================================================== -# Copyright (c) 2011 The OpenSSL Project. All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in -# the documentation and/or other materials provided with the -# distribution. -# -# 3. All advertising materials mentioning features or use of this -# software must display the following acknowledgment: -# "This product includes software developed by the OpenSSL Project -# for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" -# -# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -# endorse or promote products derived from this software without -# prior written permission. For written permission, please contact -# licensing@OpenSSL.org. -# -# 5. Products derived from this software may not be called "OpenSSL" -# nor may "OpenSSL" appear in their names without prior written -# permission of the OpenSSL Project. -# -# 6. Redistributions of any form whatsoever must retain the following -# acknowledgment: -# "This product includes software developed by the OpenSSL Project -# for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" -# -# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -# OF THE POSSIBILITY OF SUCH DAMAGE. -# ==================================================================== - -$flavour = shift; -$output = shift; -if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or -( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or -die "can't locate x86_64-xlate.pl"; - -open OUT,"| \"$^X\" $xlate $flavour $output"; -*STDOUT=*OUT; - -use strict; -my $code=".text\n\n"; -my $m=0; - -# -# Define x512 macros -# - -#MULSTEP_512_ADD MACRO x7, x6, x5, x4, x3, x2, x1, x0, dst, src1, src2, add_src, tmp1, tmp2 -# -# uses rax, rdx, and args -sub MULSTEP_512_ADD -{ - my ($x, $DST, $SRC2, $ASRC, $OP, $TMP)=@_; - my @X=@$x; # make a copy -$code.=<<___; - mov (+8*0)($SRC2), %rax - mul $OP # rdx:rax = %OP * [0] - mov ($ASRC), $X[0] - add %rax, $X[0] - adc \$0, %rdx - mov $X[0], $DST -___ -for(my $i=1;$i<8;$i++) { -$code.=<<___; - mov %rdx, $TMP - - mov (+8*$i)($SRC2), %rax - mul $OP # rdx:rax = %OP * [$i] - mov (+8*$i)($ASRC), $X[$i] - add %rax, $X[$i] - adc \$0, %rdx - add $TMP, $X[$i] - adc \$0, %rdx -___ -} -$code.=<<___; - mov %rdx, $X[0] -___ -} - -#MULSTEP_512 MACRO x7, x6, x5, x4, x3, x2, x1, x0, dst, src2, src1_val, tmp -# -# uses rax, rdx, and args -sub MULSTEP_512 -{ - my ($x, $DST, $SRC2, $OP, $TMP)=@_; - my @X=@$x; # make a copy -$code.=<<___; - mov (+8*0)($SRC2), %rax - mul $OP # rdx:rax = %OP * [0] - add %rax, $X[0] - adc \$0, %rdx - mov $X[0], $DST -___ -for(my $i=1;$i<8;$i++) { -$code.=<<___; - mov %rdx, $TMP - - mov (+8*$i)($SRC2), %rax - mul $OP # rdx:rax = %OP * [$i] - add %rax, $X[$i] - adc \$0, %rdx - add $TMP, $X[$i] - adc \$0, %rdx -___ -} -$code.=<<___; - mov %rdx, $X[0] -___ -} - -# -# Swizzle Macros -# - -# macro to copy data from flat space to swizzled table -#MACRO swizzle pDst, pSrc, tmp1, tmp2 -# pDst and pSrc are modified -sub swizzle -{ - my ($pDst, $pSrc, $cnt, $d0)=@_; -$code.=<<___; - mov \$8, $cnt -loop_$m: - mov ($pSrc), $d0 - mov $d0#w, ($pDst) - shr \$16, $d0 - mov $d0#w, (+64*1)($pDst) - shr \$16, $d0 - mov $d0#w, (+64*2)($pDst) - shr \$16, $d0 - mov $d0#w, (+64*3)($pDst) - lea 8($pSrc), $pSrc - lea 64*4($pDst), $pDst - dec $cnt - jnz loop_$m -___ - - $m++; -} - -# macro to copy data from swizzled table to flat space -#MACRO unswizzle pDst, pSrc, tmp*3 -sub unswizzle -{ - my ($pDst, $pSrc, $cnt, $d0, $d1)=@_; -$code.=<<___; - mov \$4, $cnt -loop_$m: - movzxw (+64*3+256*0)($pSrc), $d0 - movzxw (+64*3+256*1)($pSrc), $d1 - shl \$16, $d0 - shl \$16, $d1 - mov (+64*2+256*0)($pSrc), $d0#w - mov (+64*2+256*1)($pSrc), $d1#w - shl \$16, $d0 - shl \$16, $d1 - mov (+64*1+256*0)($pSrc), $d0#w - mov (+64*1+256*1)($pSrc), $d1#w - shl \$16, $d0 - shl \$16, $d1 - mov (+64*0+256*0)($pSrc), $d0#w - mov (+64*0+256*1)($pSrc), $d1#w - mov $d0, (+8*0)($pDst) - mov $d1, (+8*1)($pDst) - lea 256*2($pSrc), $pSrc - lea 8*2($pDst), $pDst - sub \$1, $cnt - jnz loop_$m -___ - - $m++; -} - -# -# Data Structures -# - -# Reduce Data -# -# -# Offset Value -# 0C0 Carries -# 0B8 X2[10] -# 0B0 X2[9] -# 0A8 X2[8] -# 0A0 X2[7] -# 098 X2[6] -# 090 X2[5] -# 088 X2[4] -# 080 X2[3] -# 078 X2[2] -# 070 X2[1] -# 068 X2[0] -# 060 X1[12] P[10] -# 058 X1[11] P[9] Z[8] -# 050 X1[10] P[8] Z[7] -# 048 X1[9] P[7] Z[6] -# 040 X1[8] P[6] Z[5] -# 038 X1[7] P[5] Z[4] -# 030 X1[6] P[4] Z[3] -# 028 X1[5] P[3] Z[2] -# 020 X1[4] P[2] Z[1] -# 018 X1[3] P[1] Z[0] -# 010 X1[2] P[0] Y[2] -# 008 X1[1] Q[1] Y[1] -# 000 X1[0] Q[0] Y[0] - -my $X1_offset = 0; # 13 qwords -my $X2_offset = $X1_offset + 13*8; # 11 qwords -my $Carries_offset = $X2_offset + 11*8; # 1 qword -my $Q_offset = 0; # 2 qwords -my $P_offset = $Q_offset + 2*8; # 11 qwords -my $Y_offset = 0; # 3 qwords -my $Z_offset = $Y_offset + 3*8; # 9 qwords - -my $Red_Data_Size = $Carries_offset + 1*8; # (25 qwords) - -# -# Stack Frame -# -# -# offset value -# ... -# ... -# 280 Garray - -# 278 tmp16[15] -# ... ... -# 200 tmp16[0] - -# 1F8 tmp[7] -# ... ... -# 1C0 tmp[0] - -# 1B8 GT[7] -# ... ... -# 180 GT[0] - -# 178 Reduce Data -# ... ... -# 0B8 Reduce Data -# 0B0 reserved -# 0A8 reserved -# 0A0 reserved -# 098 reserved -# 090 reserved -# 088 reduce result addr -# 080 exp[8] - -# ... -# 048 exp[1] -# 040 exp[0] - -# 038 reserved -# 030 loop_idx -# 028 pg -# 020 i -# 018 pData ; arg 4 -# 010 pG ; arg 2 -# 008 pResult ; arg 1 -# 000 rsp ; stack pointer before subtract - -my $rsp_offset = 0; -my $pResult_offset = 8*1 + $rsp_offset; -my $pG_offset = 8*1 + $pResult_offset; -my $pData_offset = 8*1 + $pG_offset; -my $i_offset = 8*1 + $pData_offset; -my $pg_offset = 8*1 + $i_offset; -my $loop_idx_offset = 8*1 + $pg_offset; -my $reserved1_offset = 8*1 + $loop_idx_offset; -my $exp_offset = 8*1 + $reserved1_offset; -my $red_result_addr_offset= 8*9 + $exp_offset; -my $reserved2_offset = 8*1 + $red_result_addr_offset; -my $Reduce_Data_offset = 8*5 + $reserved2_offset; -my $GT_offset = $Red_Data_Size + $Reduce_Data_offset; -my $tmp_offset = 8*8 + $GT_offset; -my $tmp16_offset = 8*8 + $tmp_offset; -my $garray_offset = 8*16 + $tmp16_offset; -my $mem_size = 8*8*32 + $garray_offset; - -# -# Offsets within Reduce Data -# -# -# struct MODF_2FOLD_MONT_512_C1_DATA { -# UINT64 t[8][8]; -# UINT64 m[8]; -# UINT64 m1[8]; /* 2^768 % m */ -# UINT64 m2[8]; /* 2^640 % m */ -# UINT64 k1[2]; /* (- 1/m) % 2^128 */ -# }; - -my $T = 0; -my $M = 512; # = 8 * 8 * 8 -my $M1 = 576; # = 8 * 8 * 9 /* += 8 * 8 */ -my $M2 = 640; # = 8 * 8 * 10 /* += 8 * 8 */ -my $K1 = 704; # = 8 * 8 * 11 /* += 8 * 8 */ - -# -# FUNCTIONS -# - -{{{ -# -# MULADD_128x512 : Function to multiply 128-bits (2 qwords) by 512-bits (8 qwords) -# and add 512-bits (8 qwords) -# to get 640 bits (10 qwords) -# Input: 128-bit mul source: [rdi+8*1], rbp -# 512-bit mul source: [rsi+8*n] -# 512-bit add source: r15, r14, ..., r9, r8 -# Output: r9, r8, r15, r14, r13, r12, r11, r10, [rcx+8*1], [rcx+8*0] -# Clobbers all regs except: rcx, rsi, rdi -$code.=<<___; -.type MULADD_128x512,\@abi-omnipotent -.align 16 -MULADD_128x512: - _CET_ENDBR -___ - &MULSTEP_512([map("%r$_",(8..15))], "(+8*0)(%rcx)", "%rsi", "%rbp", "%rbx"); -$code.=<<___; - mov (+8*1)(%rdi), %rbp -___ - &MULSTEP_512([map("%r$_",(9..15,8))], "(+8*1)(%rcx)", "%rsi", "%rbp", "%rbx"); -$code.=<<___; - ret -.size MULADD_128x512,.-MULADD_128x512 -___ -}}} - -{{{ -#MULADD_256x512 MACRO pDst, pA, pB, OP, TMP, X7, X6, X5, X4, X3, X2, X1, X0 -# -# Inputs: pDst: Destination (768 bits, 12 qwords) -# pA: Multiplicand (1024 bits, 16 qwords) -# pB: Multiplicand (512 bits, 8 qwords) -# Dst = Ah * B + Al -# where Ah is (in qwords) A[15:12] (256 bits) and Al is A[7:0] (512 bits) -# Results in X3 X2 X1 X0 X7 X6 X5 X4 Dst[3:0] -# Uses registers: arguments, RAX, RDX -sub MULADD_256x512 -{ - my ($pDst, $pA, $pB, $OP, $TMP, $X)=@_; -$code.=<<___; - mov (+8*12)($pA), $OP -___ - &MULSTEP_512_ADD($X, "(+8*0)($pDst)", $pB, $pA, $OP, $TMP); - push(@$X,shift(@$X)); - -$code.=<<___; - mov (+8*13)($pA), $OP -___ - &MULSTEP_512($X, "(+8*1)($pDst)", $pB, $OP, $TMP); - push(@$X,shift(@$X)); - -$code.=<<___; - mov (+8*14)($pA), $OP -___ - &MULSTEP_512($X, "(+8*2)($pDst)", $pB, $OP, $TMP); - push(@$X,shift(@$X)); - -$code.=<<___; - mov (+8*15)($pA), $OP -___ - &MULSTEP_512($X, "(+8*3)($pDst)", $pB, $OP, $TMP); - push(@$X,shift(@$X)); -} - -# -# mont_reduce(UINT64 *x, /* 1024 bits, 16 qwords */ -# UINT64 *m, /* 512 bits, 8 qwords */ -# MODF_2FOLD_MONT_512_C1_DATA *data, -# UINT64 *r) /* 512 bits, 8 qwords */ -# Input: x (number to be reduced): tmp16 (Implicit) -# m (modulus): [pM] (Implicit) -# data (reduce data): [pData] (Implicit) -# Output: r (result): Address in [red_res_addr] -# result also in: r9, r8, r15, r14, r13, r12, r11, r10 - -my @X=map("%r$_",(8..15)); - -$code.=<<___; -.type mont_reduce,\@abi-omnipotent -.align 16 -mont_reduce: - _CET_ENDBR -___ - -my $STACK_DEPTH = 8; - # - # X1 = Xh * M1 + Xl -$code.=<<___; - lea (+$Reduce_Data_offset+$X1_offset+$STACK_DEPTH)(%rsp), %rdi # pX1 (Dst) 769 bits, 13 qwords - mov (+$pData_offset+$STACK_DEPTH)(%rsp), %rsi # pM1 (Bsrc) 512 bits, 8 qwords - add \$$M1, %rsi - lea (+$tmp16_offset+$STACK_DEPTH)(%rsp), %rcx # X (Asrc) 1024 bits, 16 qwords - -___ - - &MULADD_256x512("%rdi", "%rcx", "%rsi", "%rbp", "%rbx", \@X); # rotates @X 4 times - # results in r11, r10, r9, r8, r15, r14, r13, r12, X1[3:0] - -$code.=<<___; - xor %rax, %rax - # X1 += xl - add (+8*8)(%rcx), $X[4] - adc (+8*9)(%rcx), $X[5] - adc (+8*10)(%rcx), $X[6] - adc (+8*11)(%rcx), $X[7] - adc \$0, %rax - # X1 is now rax, r11-r8, r15-r12, tmp16[3:0] - - # - # check for carry ;; carry stored in rax - mov $X[4], (+8*8)(%rdi) # rdi points to X1 - mov $X[5], (+8*9)(%rdi) - mov $X[6], %rbp - mov $X[7], (+8*11)(%rdi) - - mov %rax, (+$Reduce_Data_offset+$Carries_offset+$STACK_DEPTH)(%rsp) - - mov (+8*0)(%rdi), $X[4] - mov (+8*1)(%rdi), $X[5] - mov (+8*2)(%rdi), $X[6] - mov (+8*3)(%rdi), $X[7] - - # X1 is now stored in: X1[11], rbp, X1[9:8], r15-r8 - # rdi -> X1 - # rsi -> M1 - - # - # X2 = Xh * M2 + Xl - # do first part (X2 = Xh * M2) - add \$8*10, %rdi # rdi -> pXh ; 128 bits, 2 qwords - # Xh is actually { [rdi+8*1], rbp } - add \$`$M2-$M1`, %rsi # rsi -> M2 - lea (+$Reduce_Data_offset+$X2_offset+$STACK_DEPTH)(%rsp), %rcx # rcx -> pX2 ; 641 bits, 11 qwords -___ - unshift(@X,pop(@X)); unshift(@X,pop(@X)); -$code.=<<___; - - call MULADD_128x512 # args in rcx, rdi / rbp, rsi, r15-r8 - # result in r9, r8, r15, r14, r13, r12, r11, r10, X2[1:0] - mov (+$Reduce_Data_offset+$Carries_offset+$STACK_DEPTH)(%rsp), %rax - - # X2 += Xl - add (+8*8-8*10)(%rdi), $X[6] # (-8*10) is to adjust rdi -> Xh to Xl - adc (+8*9-8*10)(%rdi), $X[7] - mov $X[6], (+8*8)(%rcx) - mov $X[7], (+8*9)(%rcx) - - adc %rax, %rax - mov %rax, (+$Reduce_Data_offset+$Carries_offset+$STACK_DEPTH)(%rsp) - - lea (+$Reduce_Data_offset+$Q_offset+$STACK_DEPTH)(%rsp), %rdi # rdi -> pQ ; 128 bits, 2 qwords - add \$`$K1-$M2`, %rsi # rsi -> pK1 ; 128 bits, 2 qwords - - # MUL_128x128t128 rdi, rcx, rsi ; Q = X2 * K1 (bottom half) - # B1:B0 = rsi[1:0] = K1[1:0] - # A1:A0 = rcx[1:0] = X2[1:0] - # Result = rdi[1],rbp = Q[1],rbp - mov (%rsi), %r8 # B0 - mov (+8*1)(%rsi), %rbx # B1 - - mov (%rcx), %rax # A0 - mul %r8 # B0 - mov %rax, %rbp - mov %rdx, %r9 - - mov (+8*1)(%rcx), %rax # A1 - mul %r8 # B0 - add %rax, %r9 - - mov (%rcx), %rax # A0 - mul %rbx # B1 - add %rax, %r9 - - mov %r9, (+8*1)(%rdi) - # end MUL_128x128t128 - - sub \$`$K1-$M`, %rsi - - mov (%rcx), $X[6] - mov (+8*1)(%rcx), $X[7] # r9:r8 = X2[1:0] - - call MULADD_128x512 # args in rcx, rdi / rbp, rsi, r15-r8 - # result in r9, r8, r15, r14, r13, r12, r11, r10, X2[1:0] - - # load first half of m to rdx, rdi, rbx, rax - # moved this here for efficiency - mov (+8*0)(%rsi), %rax - mov (+8*1)(%rsi), %rbx - mov (+8*2)(%rsi), %rdi - mov (+8*3)(%rsi), %rdx - - # continue with reduction - mov (+$Reduce_Data_offset+$Carries_offset+$STACK_DEPTH)(%rsp), %rbp - - add (+8*8)(%rcx), $X[6] - adc (+8*9)(%rcx), $X[7] - - #accumulate the final carry to rbp - adc %rbp, %rbp - - # Add in overflow corrections: R = (X2>>128) += T[overflow] - # R = {r9, r8, r15, r14, ..., r10} - shl \$3, %rbp - mov (+$pData_offset+$STACK_DEPTH)(%rsp), %rcx # rsi -> Data (and points to T) - add %rcx, %rbp # pT ; 512 bits, 8 qwords, spread out - - # rsi will be used to generate a mask after the addition - xor %rsi, %rsi - - add (+8*8*0)(%rbp), $X[0] - adc (+8*8*1)(%rbp), $X[1] - adc (+8*8*2)(%rbp), $X[2] - adc (+8*8*3)(%rbp), $X[3] - adc (+8*8*4)(%rbp), $X[4] - adc (+8*8*5)(%rbp), $X[5] - adc (+8*8*6)(%rbp), $X[6] - adc (+8*8*7)(%rbp), $X[7] - - # if there is a carry: rsi = 0xFFFFFFFFFFFFFFFF - # if carry is clear: rsi = 0x0000000000000000 - sbb \$0, %rsi - - # if carry is clear, subtract 0. Otherwise, subtract 256 bits of m - and %rsi, %rax - and %rsi, %rbx - and %rsi, %rdi - and %rsi, %rdx - - mov \$1, %rbp - sub %rax, $X[0] - sbb %rbx, $X[1] - sbb %rdi, $X[2] - sbb %rdx, $X[3] - - # if there is a borrow: rbp = 0 - # if there is no borrow: rbp = 1 - # this is used to save the borrows in between the first half and the 2nd half of the subtraction of m - sbb \$0, %rbp - - #load second half of m to rdx, rdi, rbx, rax - - add \$$M, %rcx - mov (+8*4)(%rcx), %rax - mov (+8*5)(%rcx), %rbx - mov (+8*6)(%rcx), %rdi - mov (+8*7)(%rcx), %rdx - - # use the rsi mask as before - # if carry is clear, subtract 0. Otherwise, subtract 256 bits of m - and %rsi, %rax - and %rsi, %rbx - and %rsi, %rdi - and %rsi, %rdx - - # if rbp = 0, there was a borrow before, it is moved to the carry flag - # if rbp = 1, there was not a borrow before, carry flag is cleared - sub \$1, %rbp - - sbb %rax, $X[4] - sbb %rbx, $X[5] - sbb %rdi, $X[6] - sbb %rdx, $X[7] - - # write R back to memory - - mov (+$red_result_addr_offset+$STACK_DEPTH)(%rsp), %rsi - mov $X[0], (+8*0)(%rsi) - mov $X[1], (+8*1)(%rsi) - mov $X[2], (+8*2)(%rsi) - mov $X[3], (+8*3)(%rsi) - mov $X[4], (+8*4)(%rsi) - mov $X[5], (+8*5)(%rsi) - mov $X[6], (+8*6)(%rsi) - mov $X[7], (+8*7)(%rsi) - - ret -.size mont_reduce,.-mont_reduce -___ -}}} - -{{{ -#MUL_512x512 MACRO pDst, pA, pB, x7, x6, x5, x4, x3, x2, x1, x0, tmp*2 -# -# Inputs: pDst: Destination (1024 bits, 16 qwords) -# pA: Multiplicand (512 bits, 8 qwords) -# pB: Multiplicand (512 bits, 8 qwords) -# Uses registers rax, rdx, args -# B operand in [pB] and also in x7...x0 -sub MUL_512x512 -{ - my ($pDst, $pA, $pB, $x, $OP, $TMP, $pDst_o)=@_; - my ($pDst, $pDst_o) = ($pDst =~ m/([^+]*)\+?(.*)?/); - my @X=@$x; # make a copy - -$code.=<<___; - mov (+8*0)($pA), $OP - - mov $X[0], %rax - mul $OP # rdx:rax = %OP * [0] - mov %rax, (+$pDst_o+8*0)($pDst) - mov %rdx, $X[0] -___ -for(my $i=1;$i<8;$i++) { -$code.=<<___; - mov $X[$i], %rax - mul $OP # rdx:rax = %OP * [$i] - add %rax, $X[$i-1] - adc \$0, %rdx - mov %rdx, $X[$i] -___ -} - -for(my $i=1;$i<8;$i++) { -$code.=<<___; - mov (+8*$i)($pA), $OP -___ - - &MULSTEP_512(\@X, "(+$pDst_o+8*$i)($pDst)", $pB, $OP, $TMP); - push(@X,shift(@X)); -} - -$code.=<<___; - mov $X[0], (+$pDst_o+8*8)($pDst) - mov $X[1], (+$pDst_o+8*9)($pDst) - mov $X[2], (+$pDst_o+8*10)($pDst) - mov $X[3], (+$pDst_o+8*11)($pDst) - mov $X[4], (+$pDst_o+8*12)($pDst) - mov $X[5], (+$pDst_o+8*13)($pDst) - mov $X[6], (+$pDst_o+8*14)($pDst) - mov $X[7], (+$pDst_o+8*15)($pDst) -___ -} - -# -# mont_mul_a3b : subroutine to compute (Src1 * Src2) % M (all 512-bits) -# Input: src1: Address of source 1: rdi -# src2: Address of source 2: rsi -# Output: dst: Address of destination: [red_res_addr] -# src2 and result also in: r9, r8, r15, r14, r13, r12, r11, r10 -# Temp: Clobbers [tmp16], all registers -$code.=<<___; -.type mont_mul_a3b,\@abi-omnipotent -.align 16 -mont_mul_a3b: - _CET_ENDBR - # - # multiply tmp = src1 * src2 - # For multiply: dst = rcx, src1 = rdi, src2 = rsi - # stack depth is extra 8 from call -___ - &MUL_512x512("%rsp+$tmp16_offset+8", "%rdi", "%rsi", [map("%r$_",(10..15,8..9))], "%rbp", "%rbx"); -$code.=<<___; - # - # Dst = tmp % m - # Call reduce(tmp, m, data, dst) - - # tail recursion optimization: jmp to mont_reduce and return from there - jmp mont_reduce - # call mont_reduce - # ret -.size mont_mul_a3b,.-mont_mul_a3b -___ -}}} - -{{{ -#SQR_512 MACRO pDest, pA, x7, x6, x5, x4, x3, x2, x1, x0, tmp*4 -# -# Input in memory [pA] and also in x7...x0 -# Uses all argument registers plus rax and rdx -# -# This version computes all of the off-diagonal terms into memory, -# and then it adds in the diagonal terms - -sub SQR_512 -{ - my ($pDst, $pA, $x, $A, $tmp, $x7, $x6, $pDst_o)=@_; - my ($pDst, $pDst_o) = ($pDst =~ m/([^+]*)\+?(.*)?/); - my @X=@$x; # make a copy -$code.=<<___; - # ------------------ - # first pass 01...07 - # ------------------ - mov $X[0], $A - - mov $X[1],%rax - mul $A - mov %rax, (+$pDst_o+8*1)($pDst) -___ -for(my $i=2;$i<8;$i++) { -$code.=<<___; - mov %rdx, $X[$i-2] - mov $X[$i],%rax - mul $A - add %rax, $X[$i-2] - adc \$0, %rdx -___ -} -$code.=<<___; - mov %rdx, $x7 - - mov $X[0], (+$pDst_o+8*2)($pDst) - - # ------------------ - # second pass 12...17 - # ------------------ - - mov (+8*1)($pA), $A - - mov (+8*2)($pA),%rax - mul $A - add %rax, $X[1] - adc \$0, %rdx - mov $X[1], (+$pDst_o+8*3)($pDst) - - mov %rdx, $X[0] - mov (+8*3)($pA),%rax - mul $A - add %rax, $X[2] - adc \$0, %rdx - add $X[0], $X[2] - adc \$0, %rdx - mov $X[2], (+$pDst_o+8*4)($pDst) - - mov %rdx, $X[0] - mov (+8*4)($pA),%rax - mul $A - add %rax, $X[3] - adc \$0, %rdx - add $X[0], $X[3] - adc \$0, %rdx - - mov %rdx, $X[0] - mov (+8*5)($pA),%rax - mul $A - add %rax, $X[4] - adc \$0, %rdx - add $X[0], $X[4] - adc \$0, %rdx - - mov %rdx, $X[0] - mov $X[6],%rax - mul $A - add %rax, $X[5] - adc \$0, %rdx - add $X[0], $X[5] - adc \$0, %rdx - - mov %rdx, $X[0] - mov $X[7],%rax - mul $A - add %rax, $x7 - adc \$0, %rdx - add $X[0], $x7 - adc \$0, %rdx - - mov %rdx, $X[1] - - # ------------------ - # third pass 23...27 - # ------------------ - mov (+8*2)($pA), $A - - mov (+8*3)($pA),%rax - mul $A - add %rax, $X[3] - adc \$0, %rdx - mov $X[3], (+$pDst_o+8*5)($pDst) - - mov %rdx, $X[0] - mov (+8*4)($pA),%rax - mul $A - add %rax, $X[4] - adc \$0, %rdx - add $X[0], $X[4] - adc \$0, %rdx - mov $X[4], (+$pDst_o+8*6)($pDst) - - mov %rdx, $X[0] - mov (+8*5)($pA),%rax - mul $A - add %rax, $X[5] - adc \$0, %rdx - add $X[0], $X[5] - adc \$0, %rdx - - mov %rdx, $X[0] - mov $X[6],%rax - mul $A - add %rax, $x7 - adc \$0, %rdx - add $X[0], $x7 - adc \$0, %rdx - - mov %rdx, $X[0] - mov $X[7],%rax - mul $A - add %rax, $X[1] - adc \$0, %rdx - add $X[0], $X[1] - adc \$0, %rdx - - mov %rdx, $X[2] - - # ------------------ - # fourth pass 34...37 - # ------------------ - - mov (+8*3)($pA), $A - - mov (+8*4)($pA),%rax - mul $A - add %rax, $X[5] - adc \$0, %rdx - mov $X[5], (+$pDst_o+8*7)($pDst) - - mov %rdx, $X[0] - mov (+8*5)($pA),%rax - mul $A - add %rax, $x7 - adc \$0, %rdx - add $X[0], $x7 - adc \$0, %rdx - mov $x7, (+$pDst_o+8*8)($pDst) - - mov %rdx, $X[0] - mov $X[6],%rax - mul $A - add %rax, $X[1] - adc \$0, %rdx - add $X[0], $X[1] - adc \$0, %rdx - - mov %rdx, $X[0] - mov $X[7],%rax - mul $A - add %rax, $X[2] - adc \$0, %rdx - add $X[0], $X[2] - adc \$0, %rdx - - mov %rdx, $X[5] - - # ------------------ - # fifth pass 45...47 - # ------------------ - mov (+8*4)($pA), $A - - mov (+8*5)($pA),%rax - mul $A - add %rax, $X[1] - adc \$0, %rdx - mov $X[1], (+$pDst_o+8*9)($pDst) - - mov %rdx, $X[0] - mov $X[6],%rax - mul $A - add %rax, $X[2] - adc \$0, %rdx - add $X[0], $X[2] - adc \$0, %rdx - mov $X[2], (+$pDst_o+8*10)($pDst) - - mov %rdx, $X[0] - mov $X[7],%rax - mul $A - add %rax, $X[5] - adc \$0, %rdx - add $X[0], $X[5] - adc \$0, %rdx - - mov %rdx, $X[1] - - # ------------------ - # sixth pass 56...57 - # ------------------ - mov (+8*5)($pA), $A - - mov $X[6],%rax - mul $A - add %rax, $X[5] - adc \$0, %rdx - mov $X[5], (+$pDst_o+8*11)($pDst) - - mov %rdx, $X[0] - mov $X[7],%rax - mul $A - add %rax, $X[1] - adc \$0, %rdx - add $X[0], $X[1] - adc \$0, %rdx - mov $X[1], (+$pDst_o+8*12)($pDst) - - mov %rdx, $X[2] - - # ------------------ - # seventh pass 67 - # ------------------ - mov $X[6], $A - - mov $X[7],%rax - mul $A - add %rax, $X[2] - adc \$0, %rdx - mov $X[2], (+$pDst_o+8*13)($pDst) - - mov %rdx, (+$pDst_o+8*14)($pDst) - - # start finalize (add in squares, and double off-terms) - mov (+$pDst_o+8*1)($pDst), $X[0] - mov (+$pDst_o+8*2)($pDst), $X[1] - mov (+$pDst_o+8*3)($pDst), $X[2] - mov (+$pDst_o+8*4)($pDst), $X[3] - mov (+$pDst_o+8*5)($pDst), $X[4] - mov (+$pDst_o+8*6)($pDst), $X[5] - - mov (+8*3)($pA), %rax - mul %rax - mov %rax, $x6 - mov %rdx, $X[6] - - add $X[0], $X[0] - adc $X[1], $X[1] - adc $X[2], $X[2] - adc $X[3], $X[3] - adc $X[4], $X[4] - adc $X[5], $X[5] - adc \$0, $X[6] - - mov (+8*0)($pA), %rax - mul %rax - mov %rax, (+$pDst_o+8*0)($pDst) - mov %rdx, $A - - mov (+8*1)($pA), %rax - mul %rax - - add $A, $X[0] - adc %rax, $X[1] - adc \$0, %rdx - - mov %rdx, $A - mov $X[0], (+$pDst_o+8*1)($pDst) - mov $X[1], (+$pDst_o+8*2)($pDst) - - mov (+8*2)($pA), %rax - mul %rax - - add $A, $X[2] - adc %rax, $X[3] - adc \$0, %rdx - - mov %rdx, $A - - mov $X[2], (+$pDst_o+8*3)($pDst) - mov $X[3], (+$pDst_o+8*4)($pDst) - - xor $tmp, $tmp - add $A, $X[4] - adc $x6, $X[5] - adc \$0, $tmp - - mov $X[4], (+$pDst_o+8*5)($pDst) - mov $X[5], (+$pDst_o+8*6)($pDst) - - # %%tmp has 0/1 in column 7 - # %%A6 has a full value in column 7 - - mov (+$pDst_o+8*7)($pDst), $X[0] - mov (+$pDst_o+8*8)($pDst), $X[1] - mov (+$pDst_o+8*9)($pDst), $X[2] - mov (+$pDst_o+8*10)($pDst), $X[3] - mov (+$pDst_o+8*11)($pDst), $X[4] - mov (+$pDst_o+8*12)($pDst), $X[5] - mov (+$pDst_o+8*13)($pDst), $x6 - mov (+$pDst_o+8*14)($pDst), $x7 - - mov $X[7], %rax - mul %rax - mov %rax, $X[7] - mov %rdx, $A - - add $X[0], $X[0] - adc $X[1], $X[1] - adc $X[2], $X[2] - adc $X[3], $X[3] - adc $X[4], $X[4] - adc $X[5], $X[5] - adc $x6, $x6 - adc $x7, $x7 - adc \$0, $A - - add $tmp, $X[0] - - mov (+8*4)($pA), %rax - mul %rax - - add $X[6], $X[0] - adc %rax, $X[1] - adc \$0, %rdx - - mov %rdx, $tmp - - mov $X[0], (+$pDst_o+8*7)($pDst) - mov $X[1], (+$pDst_o+8*8)($pDst) - - mov (+8*5)($pA), %rax - mul %rax - - add $tmp, $X[2] - adc %rax, $X[3] - adc \$0, %rdx - - mov %rdx, $tmp - - mov $X[2], (+$pDst_o+8*9)($pDst) - mov $X[3], (+$pDst_o+8*10)($pDst) - - mov (+8*6)($pA), %rax - mul %rax - - add $tmp, $X[4] - adc %rax, $X[5] - adc \$0, %rdx - - mov $X[4], (+$pDst_o+8*11)($pDst) - mov $X[5], (+$pDst_o+8*12)($pDst) - - add %rdx, $x6 - adc $X[7], $x7 - adc \$0, $A - - mov $x6, (+$pDst_o+8*13)($pDst) - mov $x7, (+$pDst_o+8*14)($pDst) - mov $A, (+$pDst_o+8*15)($pDst) -___ -} - -# -# sqr_reduce: subroutine to compute Result = reduce(Result * Result) -# -# input and result also in: r9, r8, r15, r14, r13, r12, r11, r10 -# -$code.=<<___; -.type sqr_reduce,\@abi-omnipotent -.align 16 -sqr_reduce: - _CET_ENDBR - mov (+$pResult_offset+8)(%rsp), %rcx -___ - &SQR_512("%rsp+$tmp16_offset+8", "%rcx", [map("%r$_",(10..15,8..9))], "%rbx", "%rbp", "%rsi", "%rdi"); -$code.=<<___; - # tail recursion optimization: jmp to mont_reduce and return from there - jmp mont_reduce - # call mont_reduce - # ret -.size sqr_reduce,.-sqr_reduce -___ -}}} - -# -# MAIN FUNCTION -# - -#mod_exp_512(UINT64 *result, /* 512 bits, 8 qwords */ -# UINT64 *g, /* 512 bits, 8 qwords */ -# UINT64 *exp, /* 512 bits, 8 qwords */ -# struct mod_ctx_512 *data) - -# window size = 5 -# table size = 2^5 = 32 -#table_entries equ 32 -#table_size equ table_entries * 8 -$code.=<<___; -.globl mod_exp_512 -.type mod_exp_512,\@function,4 -mod_exp_512: - _CET_ENDBR - push %rbp - push %rbx - push %r12 - push %r13 - push %r14 - push %r15 - - # adjust stack down and then align it with cache boundary - mov %rsp, %r8 - sub \$$mem_size, %rsp - and \$-64, %rsp - - # store previous stack pointer and arguments - mov %r8, (+$rsp_offset)(%rsp) - mov %rdi, (+$pResult_offset)(%rsp) - mov %rsi, (+$pG_offset)(%rsp) - mov %rcx, (+$pData_offset)(%rsp) -.Lbody: - # transform g into montgomery space - # GT = reduce(g * C2) = reduce(g * (2^256)) - # reduce expects to have the input in [tmp16] - pxor %xmm4, %xmm4 - movdqu (+16*0)(%rsi), %xmm0 - movdqu (+16*1)(%rsi), %xmm1 - movdqu (+16*2)(%rsi), %xmm2 - movdqu (+16*3)(%rsi), %xmm3 - movdqa %xmm4, (+$tmp16_offset+16*0)(%rsp) - movdqa %xmm4, (+$tmp16_offset+16*1)(%rsp) - movdqa %xmm4, (+$tmp16_offset+16*6)(%rsp) - movdqa %xmm4, (+$tmp16_offset+16*7)(%rsp) - movdqa %xmm0, (+$tmp16_offset+16*2)(%rsp) - movdqa %xmm1, (+$tmp16_offset+16*3)(%rsp) - movdqa %xmm2, (+$tmp16_offset+16*4)(%rsp) - movdqa %xmm3, (+$tmp16_offset+16*5)(%rsp) - - # load pExp before rdx gets blown away - movdqu (+16*0)(%rdx), %xmm0 - movdqu (+16*1)(%rdx), %xmm1 - movdqu (+16*2)(%rdx), %xmm2 - movdqu (+16*3)(%rdx), %xmm3 - - lea (+$GT_offset)(%rsp), %rbx - mov %rbx, (+$red_result_addr_offset)(%rsp) - call mont_reduce - - # Initialize tmp = C - lea (+$tmp_offset)(%rsp), %rcx - xor %rax, %rax - mov %rax, (+8*0)(%rcx) - mov %rax, (+8*1)(%rcx) - mov %rax, (+8*3)(%rcx) - mov %rax, (+8*4)(%rcx) - mov %rax, (+8*5)(%rcx) - mov %rax, (+8*6)(%rcx) - mov %rax, (+8*7)(%rcx) - mov %rax, (+$exp_offset+8*8)(%rsp) - movq \$1, (+8*2)(%rcx) - - lea (+$garray_offset)(%rsp), %rbp - mov %rcx, %rsi # pTmp - mov %rbp, %rdi # Garray[][0] -___ - - &swizzle("%rdi", "%rcx", "%rax", "%rbx"); - - # for (rax = 31; rax != 0; rax--) { - # tmp = reduce(tmp * G) - # swizzle(pg, tmp); - # pg += 2; } -$code.=<<___; - mov \$31, %rax - mov %rax, (+$i_offset)(%rsp) - mov %rbp, (+$pg_offset)(%rsp) - # rsi -> pTmp - mov %rsi, (+$red_result_addr_offset)(%rsp) - mov (+8*0)(%rsi), %r10 - mov (+8*1)(%rsi), %r11 - mov (+8*2)(%rsi), %r12 - mov (+8*3)(%rsi), %r13 - mov (+8*4)(%rsi), %r14 - mov (+8*5)(%rsi), %r15 - mov (+8*6)(%rsi), %r8 - mov (+8*7)(%rsi), %r9 -init_loop: - lea (+$GT_offset)(%rsp), %rdi - call mont_mul_a3b - lea (+$tmp_offset)(%rsp), %rsi - mov (+$pg_offset)(%rsp), %rbp - add \$2, %rbp - mov %rbp, (+$pg_offset)(%rsp) - mov %rsi, %rcx # rcx = rsi = addr of tmp -___ - - &swizzle("%rbp", "%rcx", "%rax", "%rbx"); -$code.=<<___; - mov (+$i_offset)(%rsp), %rax - sub \$1, %rax - mov %rax, (+$i_offset)(%rsp) - jne init_loop - - # - # Copy exponent onto stack - movdqa %xmm0, (+$exp_offset+16*0)(%rsp) - movdqa %xmm1, (+$exp_offset+16*1)(%rsp) - movdqa %xmm2, (+$exp_offset+16*2)(%rsp) - movdqa %xmm3, (+$exp_offset+16*3)(%rsp) - - - # - # Do exponentiation - # Initialize result to G[exp{511:507}] - mov (+$exp_offset+62)(%rsp), %eax - mov %rax, %rdx - shr \$11, %rax - and \$0x07FF, %edx - mov %edx, (+$exp_offset+62)(%rsp) - lea (+$garray_offset)(%rsp,%rax,2), %rsi - mov (+$pResult_offset)(%rsp), %rdx -___ - - &unswizzle("%rdx", "%rsi", "%rbp", "%rbx", "%rax"); - - # - # Loop variables - # rcx = [loop_idx] = index: 510-5 to 0 by 5 -$code.=<<___; - movq \$505, (+$loop_idx_offset)(%rsp) - - mov (+$pResult_offset)(%rsp), %rcx - mov %rcx, (+$red_result_addr_offset)(%rsp) - mov (+8*0)(%rcx), %r10 - mov (+8*1)(%rcx), %r11 - mov (+8*2)(%rcx), %r12 - mov (+8*3)(%rcx), %r13 - mov (+8*4)(%rcx), %r14 - mov (+8*5)(%rcx), %r15 - mov (+8*6)(%rcx), %r8 - mov (+8*7)(%rcx), %r9 - jmp sqr_2 - -main_loop_a3b: - call sqr_reduce - call sqr_reduce - call sqr_reduce -sqr_2: - call sqr_reduce - call sqr_reduce - - # - # Do multiply, first look up proper value in Garray - mov (+$loop_idx_offset)(%rsp), %rcx # bit index - mov %rcx, %rax - shr \$4, %rax # rax is word pointer - mov (+$exp_offset)(%rsp,%rax,2), %edx - and \$15, %rcx - shrq %cl, %rdx - and \$0x1F, %rdx - - lea (+$garray_offset)(%rsp,%rdx,2), %rsi - lea (+$tmp_offset)(%rsp), %rdx - mov %rdx, %rdi -___ - - &unswizzle("%rdx", "%rsi", "%rbp", "%rbx", "%rax"); - # rdi = tmp = pG - - # - # Call mod_mul_a1(pDst, pSrc1, pSrc2, pM, pData) - # result result pG M Data -$code.=<<___; - mov (+$pResult_offset)(%rsp), %rsi - call mont_mul_a3b - - # - # finish loop - mov (+$loop_idx_offset)(%rsp), %rcx - sub \$5, %rcx - mov %rcx, (+$loop_idx_offset)(%rsp) - jge main_loop_a3b - - # - -end_main_loop_a3b: - # transform result out of Montgomery space - # result = reduce(result) - mov (+$pResult_offset)(%rsp), %rdx - pxor %xmm4, %xmm4 - movdqu (+16*0)(%rdx), %xmm0 - movdqu (+16*1)(%rdx), %xmm1 - movdqu (+16*2)(%rdx), %xmm2 - movdqu (+16*3)(%rdx), %xmm3 - movdqa %xmm4, (+$tmp16_offset+16*4)(%rsp) - movdqa %xmm4, (+$tmp16_offset+16*5)(%rsp) - movdqa %xmm4, (+$tmp16_offset+16*6)(%rsp) - movdqa %xmm4, (+$tmp16_offset+16*7)(%rsp) - movdqa %xmm0, (+$tmp16_offset+16*0)(%rsp) - movdqa %xmm1, (+$tmp16_offset+16*1)(%rsp) - movdqa %xmm2, (+$tmp16_offset+16*2)(%rsp) - movdqa %xmm3, (+$tmp16_offset+16*3)(%rsp) - call mont_reduce - - # If result > m, subtract m - # load result into r15:r8 - mov (+$pResult_offset)(%rsp), %rax - mov (+8*0)(%rax), %r8 - mov (+8*1)(%rax), %r9 - mov (+8*2)(%rax), %r10 - mov (+8*3)(%rax), %r11 - mov (+8*4)(%rax), %r12 - mov (+8*5)(%rax), %r13 - mov (+8*6)(%rax), %r14 - mov (+8*7)(%rax), %r15 - - # subtract m - mov (+$pData_offset)(%rsp), %rbx - add \$$M, %rbx - - sub (+8*0)(%rbx), %r8 - sbb (+8*1)(%rbx), %r9 - sbb (+8*2)(%rbx), %r10 - sbb (+8*3)(%rbx), %r11 - sbb (+8*4)(%rbx), %r12 - sbb (+8*5)(%rbx), %r13 - sbb (+8*6)(%rbx), %r14 - sbb (+8*7)(%rbx), %r15 - - # if Carry is clear, replace result with difference - mov (+8*0)(%rax), %rsi - mov (+8*1)(%rax), %rdi - mov (+8*2)(%rax), %rcx - mov (+8*3)(%rax), %rdx - cmovnc %r8, %rsi - cmovnc %r9, %rdi - cmovnc %r10, %rcx - cmovnc %r11, %rdx - mov %rsi, (+8*0)(%rax) - mov %rdi, (+8*1)(%rax) - mov %rcx, (+8*2)(%rax) - mov %rdx, (+8*3)(%rax) - - mov (+8*4)(%rax), %rsi - mov (+8*5)(%rax), %rdi - mov (+8*6)(%rax), %rcx - mov (+8*7)(%rax), %rdx - cmovnc %r12, %rsi - cmovnc %r13, %rdi - cmovnc %r14, %rcx - cmovnc %r15, %rdx - mov %rsi, (+8*4)(%rax) - mov %rdi, (+8*5)(%rax) - mov %rcx, (+8*6)(%rax) - mov %rdx, (+8*7)(%rax) - - mov (+$rsp_offset)(%rsp), %rsi - mov 0(%rsi),%r15 - mov 8(%rsi),%r14 - mov 16(%rsi),%r13 - mov 24(%rsi),%r12 - mov 32(%rsi),%rbx - mov 40(%rsi),%rbp - lea 48(%rsi),%rsp -.Lepilogue: - ret -.size mod_exp_512, . - mod_exp_512 -___ - -sub reg_part { -my ($reg,$conv)=@_; - if ($reg =~ /%r[0-9]+/) { $reg .= $conv; } - elsif ($conv eq "b") { $reg =~ s/%[er]([^x]+)x?/%$1l/; } - elsif ($conv eq "w") { $reg =~ s/%[er](.+)/%$1/; } - elsif ($conv eq "d") { $reg =~ s/%[er](.+)/%e$1/; } - return $reg; -} - -$code =~ s/(%[a-z0-9]+)#([bwd])/reg_part($1,$2)/gem; -$code =~ s/\`([^\`]*)\`/eval $1/gem; -$code =~ s/(\(\+[^)]+\))/eval $1/gem; -print $code; -close STDOUT; diff --git a/src/lib/libcrypto/bn/asm/parisc-mont.pl b/src/lib/libcrypto/bn/asm/parisc-mont.pl deleted file mode 100644 index 0c7aff93b9..0000000000 --- a/src/lib/libcrypto/bn/asm/parisc-mont.pl +++ /dev/null @@ -1,985 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# On PA-7100LC this module performs ~90-50% better, less for longer -# keys, than code generated by gcc 3.2 for PA-RISC 1.1. Latter means -# that compiler utilized xmpyu instruction to perform 32x32=64-bit -# multiplication, which in turn means that "baseline" performance was -# optimal in respect to instruction set capabilities. Fair comparison -# with vendor compiler is problematic, because OpenSSL doesn't define -# BN_LLONG [presumably] for historical reasons, which drives compiler -# toward 4 times 16x16=32-bit multiplicatons [plus complementary -# shifts and additions] instead. This means that you should observe -# several times improvement over code generated by vendor compiler -# for PA-RISC 1.1, but the "baseline" is far from optimal. The actual -# improvement coefficient was never collected on PA-7100LC, or any -# other 1.1 CPU, because I don't have access to such machine with -# vendor compiler. But to give you a taste, PA-RISC 1.1 code path -# reportedly outperformed code generated by cc +DA1.1 +O3 by factor -# of ~5x on PA-8600. -# -# On PA-RISC 2.0 it has to compete with pa-risc2[W].s, which is -# reportedly ~2x faster than vendor compiler generated code [according -# to comment in pa-risc2[W].s]. Here comes a catch. Execution core of -# this implementation is actually 32-bit one, in the sense that it -# operates on 32-bit values. But pa-risc2[W].s operates on arrays of -# 64-bit BN_LONGs... How do they interoperate then? No problem. This -# module picks halves of 64-bit values in reverse order and pretends -# they were 32-bit BN_LONGs. But can 32-bit core compete with "pure" -# 64-bit code such as pa-risc2[W].s then? Well, the thing is that -# 32x32=64-bit multiplication is the best even PA-RISC 2.0 can do, -# i.e. there is no "wider" multiplication like on most other 64-bit -# platforms. This means that even being effectively 32-bit, this -# implementation performs "64-bit" computational task in same amount -# of arithmetic operations, most notably multiplications. It requires -# more memory references, most notably to tp[num], but this doesn't -# seem to exhaust memory port capacity. And indeed, dedicated PA-RISC -# 2.0 code path provides virtually same performance as pa-risc2[W].s: -# it's ~10% better for shortest key length and ~10% worse for longest -# one. -# -# In case it wasn't clear. The module has two distinct code paths: -# PA-RISC 1.1 and PA-RISC 2.0 ones. Latter features carry-free 64-bit -# additions and 64-bit integer loads, not to mention specific -# instruction scheduling. In 64-bit build naturally only 2.0 code path -# is assembled. In 32-bit application context both code paths are -# assembled, PA-RISC 2.0 CPU is detected at run-time and proper path -# is taken automatically. Also, in 32-bit build the module imposes -# couple of limitations: vector lengths has to be even and vector -# addresses has to be 64-bit aligned. Normally neither is a problem: -# most common key lengths are even and vectors are commonly malloc-ed, -# which ensures alignment. -# -# Special thanks to polarhome.com for providing HP-UX account on -# PA-RISC 1.1 machine, and to correspondent who chose to remain -# anonymous for testing the code on PA-RISC 2.0 machine. - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; - -$flavour = shift; -$output = shift; - -open STDOUT,">$output"; - -if ($flavour =~ /64/) { - $LEVEL ="2.0W"; - $SIZE_T =8; - $FRAME_MARKER =80; - $SAVED_RP =16; - $PUSH ="std"; - $PUSHMA ="std,ma"; - $POP ="ldd"; - $POPMB ="ldd,mb"; - $BN_SZ =$SIZE_T; -} else { - $LEVEL ="1.1"; #$LEVEL.="\n\t.ALLOW\t2.0"; - $SIZE_T =4; - $FRAME_MARKER =48; - $SAVED_RP =20; - $PUSH ="stw"; - $PUSHMA ="stwm"; - $POP ="ldw"; - $POPMB ="ldwm"; - $BN_SZ =$SIZE_T; -} - -$FRAME=8*$SIZE_T+$FRAME_MARKER; # 8 saved regs + frame marker - # [+ argument transfer] -$LOCALS=$FRAME-$FRAME_MARKER; -$FRAME+=32; # local variables - -$tp="%r31"; -$ti1="%r29"; -$ti0="%r28"; - -$rp="%r26"; -$ap="%r25"; -$bp="%r24"; -$np="%r23"; -$n0="%r22"; # passed through stack in 32-bit -$num="%r21"; # passed through stack in 32-bit -$idx="%r20"; -$arrsz="%r19"; - -$nm1="%r7"; -$nm0="%r6"; -$ab1="%r5"; -$ab0="%r4"; - -$fp="%r3"; -$hi1="%r2"; -$hi0="%r1"; - -$xfer=$n0; # accommodates [-16..15] offset in fld[dw]s - -$fm0="%fr4"; $fti=$fm0; -$fbi="%fr5L"; -$fn0="%fr5R"; -$fai="%fr6"; $fab0="%fr7"; $fab1="%fr8"; -$fni="%fr9"; $fnm0="%fr10"; $fnm1="%fr11"; - -$code=<<___; - .LEVEL $LEVEL - .text - - .EXPORT bn_mul_mont,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR - .ALIGN 64 -bn_mul_mont - .PROC - .CALLINFO FRAME=`$FRAME-8*$SIZE_T`,NO_CALLS,SAVE_RP,SAVE_SP,ENTRY_GR=6 - .ENTRY - $PUSH %r2,-$SAVED_RP(%sp) ; standard prologue - $PUSHMA %r3,$FRAME(%sp) - $PUSH %r4,`-$FRAME+1*$SIZE_T`(%sp) - $PUSH %r5,`-$FRAME+2*$SIZE_T`(%sp) - $PUSH %r6,`-$FRAME+3*$SIZE_T`(%sp) - $PUSH %r7,`-$FRAME+4*$SIZE_T`(%sp) - $PUSH %r8,`-$FRAME+5*$SIZE_T`(%sp) - $PUSH %r9,`-$FRAME+6*$SIZE_T`(%sp) - $PUSH %r10,`-$FRAME+7*$SIZE_T`(%sp) - ldo -$FRAME(%sp),$fp -___ -$code.=<<___ if ($SIZE_T==4); - ldw `-$FRAME_MARKER-4`($fp),$n0 - ldw `-$FRAME_MARKER-8`($fp),$num - nop - nop ; alignment -___ -$code.=<<___ if ($BN_SZ==4); - comiclr,<= 6,$num,%r0 ; are vectors long enough? - b L\$abort - ldi 0,%r28 ; signal "unhandled" - add,ev %r0,$num,$num ; is $num even? - b L\$abort - nop - or $ap,$np,$ti1 - extru,= $ti1,31,3,%r0 ; are ap and np 64-bit aligned? - b L\$abort - nop - nop ; alignment - nop - - fldws 0($n0),${fn0} - fldws,ma 4($bp),${fbi} ; bp[0] -___ -$code.=<<___ if ($BN_SZ==8); - comib,> 3,$num,L\$abort ; are vectors long enough? - ldi 0,%r28 ; signal "unhandled" - addl $num,$num,$num ; I operate on 32-bit values - - fldws 4($n0),${fn0} ; only low part of n0 - fldws 4($bp),${fbi} ; bp[0] in flipped word order -___ -$code.=<<___; - fldds 0($ap),${fai} ; ap[0,1] - fldds 0($np),${fni} ; np[0,1] - - sh2addl $num,%r0,$arrsz - ldi 31,$hi0 - ldo 36($arrsz),$hi1 ; space for tp[num+1] - andcm $hi1,$hi0,$hi1 ; align - addl $hi1,%sp,%sp - $PUSH $fp,-$SIZE_T(%sp) - - ldo `$LOCALS+16`($fp),$xfer - ldo `$LOCALS+32+4`($fp),$tp - - xmpyu ${fai}L,${fbi},${fab0} ; ap[0]*bp[0] - xmpyu ${fai}R,${fbi},${fab1} ; ap[1]*bp[0] - xmpyu ${fn0},${fab0}R,${fm0} - - addl $arrsz,$ap,$ap ; point at the end - addl $arrsz,$np,$np - subi 0,$arrsz,$idx ; j=0 - ldo 8($idx),$idx ; j++++ - - xmpyu ${fni}L,${fm0}R,${fnm0} ; np[0]*m - xmpyu ${fni}R,${fm0}R,${fnm1} ; np[1]*m - fstds ${fab0},-16($xfer) - fstds ${fnm0},-8($xfer) - fstds ${fab1},0($xfer) - fstds ${fnm1},8($xfer) - flddx $idx($ap),${fai} ; ap[2,3] - flddx $idx($np),${fni} ; np[2,3] -___ -$code.=<<___ if ($BN_SZ==4); -#ifdef __LP64__ - mtctl $hi0,%cr11 ; $hi0 still holds 31 - extrd,u,*= $hi0,%sar,1,$hi0 ; executes on PA-RISC 1.0 - b L\$parisc11 - nop -___ -$code.=<<___; # PA-RISC 2.0 code-path - xmpyu ${fai}L,${fbi},${fab0} ; ap[j]*bp[0] - xmpyu ${fni}L,${fm0}R,${fnm0} ; np[j]*m - ldd -16($xfer),$ab0 - fstds ${fab0},-16($xfer) - - extrd,u $ab0,31,32,$hi0 - extrd,u $ab0,63,32,$ab0 - ldd -8($xfer),$nm0 - fstds ${fnm0},-8($xfer) - ldo 8($idx),$idx ; j++++ - addl $ab0,$nm0,$nm0 ; low part is discarded - extrd,u $nm0,31,32,$hi1 - -L\$1st - xmpyu ${fai}R,${fbi},${fab1} ; ap[j+1]*bp[0] - xmpyu ${fni}R,${fm0}R,${fnm1} ; np[j+1]*m - ldd 0($xfer),$ab1 - fstds ${fab1},0($xfer) - addl $hi0,$ab1,$ab1 - extrd,u $ab1,31,32,$hi0 - ldd 8($xfer),$nm1 - fstds ${fnm1},8($xfer) - extrd,u $ab1,63,32,$ab1 - addl $hi1,$nm1,$nm1 - flddx $idx($ap),${fai} ; ap[j,j+1] - flddx $idx($np),${fni} ; np[j,j+1] - addl $ab1,$nm1,$nm1 - extrd,u $nm1,31,32,$hi1 - - xmpyu ${fai}L,${fbi},${fab0} ; ap[j]*bp[0] - xmpyu ${fni}L,${fm0}R,${fnm0} ; np[j]*m - ldd -16($xfer),$ab0 - fstds ${fab0},-16($xfer) - addl $hi0,$ab0,$ab0 - extrd,u $ab0,31,32,$hi0 - ldd -8($xfer),$nm0 - fstds ${fnm0},-8($xfer) - extrd,u $ab0,63,32,$ab0 - addl $hi1,$nm0,$nm0 - stw $nm1,-4($tp) ; tp[j-1] - addl $ab0,$nm0,$nm0 - stw,ma $nm0,8($tp) ; tp[j-1] - addib,<> 8,$idx,L\$1st ; j++++ - extrd,u $nm0,31,32,$hi1 - - xmpyu ${fai}R,${fbi},${fab1} ; ap[j]*bp[0] - xmpyu ${fni}R,${fm0}R,${fnm1} ; np[j]*m - ldd 0($xfer),$ab1 - fstds ${fab1},0($xfer) - addl $hi0,$ab1,$ab1 - extrd,u $ab1,31,32,$hi0 - ldd 8($xfer),$nm1 - fstds ${fnm1},8($xfer) - extrd,u $ab1,63,32,$ab1 - addl $hi1,$nm1,$nm1 - ldd -16($xfer),$ab0 - addl $ab1,$nm1,$nm1 - ldd -8($xfer),$nm0 - extrd,u $nm1,31,32,$hi1 - - addl $hi0,$ab0,$ab0 - extrd,u $ab0,31,32,$hi0 - stw $nm1,-4($tp) ; tp[j-1] - extrd,u $ab0,63,32,$ab0 - addl $hi1,$nm0,$nm0 - ldd 0($xfer),$ab1 - addl $ab0,$nm0,$nm0 - ldd,mb 8($xfer),$nm1 - extrd,u $nm0,31,32,$hi1 - stw,ma $nm0,8($tp) ; tp[j-1] - - ldo -1($num),$num ; i-- - subi 0,$arrsz,$idx ; j=0 -___ -$code.=<<___ if ($BN_SZ==4); - fldws,ma 4($bp),${fbi} ; bp[1] -___ -$code.=<<___ if ($BN_SZ==8); - fldws 0($bp),${fbi} ; bp[1] in flipped word order -___ -$code.=<<___; - flddx $idx($ap),${fai} ; ap[0,1] - flddx $idx($np),${fni} ; np[0,1] - fldws 8($xfer),${fti}R ; tp[0] - addl $hi0,$ab1,$ab1 - extrd,u $ab1,31,32,$hi0 - extrd,u $ab1,63,32,$ab1 - ldo 8($idx),$idx ; j++++ - xmpyu ${fai}L,${fbi},${fab0} ; ap[0]*bp[1] - xmpyu ${fai}R,${fbi},${fab1} ; ap[1]*bp[1] - addl $hi1,$nm1,$nm1 - addl $ab1,$nm1,$nm1 - extrd,u $nm1,31,32,$hi1 - fstws,mb ${fab0}L,-8($xfer) ; save high part - stw $nm1,-4($tp) ; tp[j-1] - - fcpy,sgl %fr0,${fti}L ; zero high part - fcpy,sgl %fr0,${fab0}L - addl $hi1,$hi0,$hi0 - extrd,u $hi0,31,32,$hi1 - fcnvxf,dbl,dbl ${fti},${fti} ; 32-bit unsigned int -> double - fcnvxf,dbl,dbl ${fab0},${fab0} - stw $hi0,0($tp) - stw $hi1,4($tp) - - fadd,dbl ${fti},${fab0},${fab0} ; add tp[0] - fcnvfx,dbl,dbl ${fab0},${fab0} ; double -> 33-bit unsigned int - xmpyu ${fn0},${fab0}R,${fm0} - ldo `$LOCALS+32+4`($fp),$tp -L\$outer - xmpyu ${fni}L,${fm0}R,${fnm0} ; np[0]*m - xmpyu ${fni}R,${fm0}R,${fnm1} ; np[1]*m - fstds ${fab0},-16($xfer) ; 33-bit value - fstds ${fnm0},-8($xfer) - flddx $idx($ap),${fai} ; ap[2] - flddx $idx($np),${fni} ; np[2] - ldo 8($idx),$idx ; j++++ - ldd -16($xfer),$ab0 ; 33-bit value - ldd -8($xfer),$nm0 - ldw 0($xfer),$hi0 ; high part - - xmpyu ${fai}L,${fbi},${fab0} ; ap[j]*bp[i] - xmpyu ${fni}L,${fm0}R,${fnm0} ; np[j]*m - extrd,u $ab0,31,32,$ti0 ; carry bit - extrd,u $ab0,63,32,$ab0 - fstds ${fab1},0($xfer) - addl $ti0,$hi0,$hi0 ; account carry bit - fstds ${fnm1},8($xfer) - addl $ab0,$nm0,$nm0 ; low part is discarded - ldw 0($tp),$ti1 ; tp[1] - extrd,u $nm0,31,32,$hi1 - fstds ${fab0},-16($xfer) - fstds ${fnm0},-8($xfer) - -L\$inner - xmpyu ${fai}R,${fbi},${fab1} ; ap[j+1]*bp[i] - xmpyu ${fni}R,${fm0}R,${fnm1} ; np[j+1]*m - ldd 0($xfer),$ab1 - fstds ${fab1},0($xfer) - addl $hi0,$ti1,$ti1 - addl $ti1,$ab1,$ab1 - ldd 8($xfer),$nm1 - fstds ${fnm1},8($xfer) - extrd,u $ab1,31,32,$hi0 - extrd,u $ab1,63,32,$ab1 - flddx $idx($ap),${fai} ; ap[j,j+1] - flddx $idx($np),${fni} ; np[j,j+1] - addl $hi1,$nm1,$nm1 - addl $ab1,$nm1,$nm1 - ldw 4($tp),$ti0 ; tp[j] - stw $nm1,-4($tp) ; tp[j-1] - - xmpyu ${fai}L,${fbi},${fab0} ; ap[j]*bp[i] - xmpyu ${fni}L,${fm0}R,${fnm0} ; np[j]*m - ldd -16($xfer),$ab0 - fstds ${fab0},-16($xfer) - addl $hi0,$ti0,$ti0 - addl $ti0,$ab0,$ab0 - ldd -8($xfer),$nm0 - fstds ${fnm0},-8($xfer) - extrd,u $ab0,31,32,$hi0 - extrd,u $nm1,31,32,$hi1 - ldw 8($tp),$ti1 ; tp[j] - extrd,u $ab0,63,32,$ab0 - addl $hi1,$nm0,$nm0 - addl $ab0,$nm0,$nm0 - stw,ma $nm0,8($tp) ; tp[j-1] - addib,<> 8,$idx,L\$inner ; j++++ - extrd,u $nm0,31,32,$hi1 - - xmpyu ${fai}R,${fbi},${fab1} ; ap[j]*bp[i] - xmpyu ${fni}R,${fm0}R,${fnm1} ; np[j]*m - ldd 0($xfer),$ab1 - fstds ${fab1},0($xfer) - addl $hi0,$ti1,$ti1 - addl $ti1,$ab1,$ab1 - ldd 8($xfer),$nm1 - fstds ${fnm1},8($xfer) - extrd,u $ab1,31,32,$hi0 - extrd,u $ab1,63,32,$ab1 - ldw 4($tp),$ti0 ; tp[j] - addl $hi1,$nm1,$nm1 - addl $ab1,$nm1,$nm1 - ldd -16($xfer),$ab0 - ldd -8($xfer),$nm0 - extrd,u $nm1,31,32,$hi1 - - addl $hi0,$ab0,$ab0 - addl $ti0,$ab0,$ab0 - stw $nm1,-4($tp) ; tp[j-1] - extrd,u $ab0,31,32,$hi0 - ldw 8($tp),$ti1 ; tp[j] - extrd,u $ab0,63,32,$ab0 - addl $hi1,$nm0,$nm0 - ldd 0($xfer),$ab1 - addl $ab0,$nm0,$nm0 - ldd,mb 8($xfer),$nm1 - extrd,u $nm0,31,32,$hi1 - stw,ma $nm0,8($tp) ; tp[j-1] - - addib,= -1,$num,L\$outerdone ; i-- - subi 0,$arrsz,$idx ; j=0 -___ -$code.=<<___ if ($BN_SZ==4); - fldws,ma 4($bp),${fbi} ; bp[i] -___ -$code.=<<___ if ($BN_SZ==8); - ldi 12,$ti0 ; bp[i] in flipped word order - addl,ev %r0,$num,$num - ldi -4,$ti0 - addl $ti0,$bp,$bp - fldws 0($bp),${fbi} -___ -$code.=<<___; - flddx $idx($ap),${fai} ; ap[0] - addl $hi0,$ab1,$ab1 - flddx $idx($np),${fni} ; np[0] - fldws 8($xfer),${fti}R ; tp[0] - addl $ti1,$ab1,$ab1 - extrd,u $ab1,31,32,$hi0 - extrd,u $ab1,63,32,$ab1 - - ldo 8($idx),$idx ; j++++ - xmpyu ${fai}L,${fbi},${fab0} ; ap[0]*bp[i] - xmpyu ${fai}R,${fbi},${fab1} ; ap[1]*bp[i] - ldw 4($tp),$ti0 ; tp[j] - - addl $hi1,$nm1,$nm1 - fstws,mb ${fab0}L,-8($xfer) ; save high part - addl $ab1,$nm1,$nm1 - extrd,u $nm1,31,32,$hi1 - fcpy,sgl %fr0,${fti}L ; zero high part - fcpy,sgl %fr0,${fab0}L - stw $nm1,-4($tp) ; tp[j-1] - - fcnvxf,dbl,dbl ${fti},${fti} ; 32-bit unsigned int -> double - fcnvxf,dbl,dbl ${fab0},${fab0} - addl $hi1,$hi0,$hi0 - fadd,dbl ${fti},${fab0},${fab0} ; add tp[0] - addl $ti0,$hi0,$hi0 - extrd,u $hi0,31,32,$hi1 - fcnvfx,dbl,dbl ${fab0},${fab0} ; double -> 33-bit unsigned int - stw $hi0,0($tp) - stw $hi1,4($tp) - xmpyu ${fn0},${fab0}R,${fm0} - - b L\$outer - ldo `$LOCALS+32+4`($fp),$tp - -L\$outerdone - addl $hi0,$ab1,$ab1 - addl $ti1,$ab1,$ab1 - extrd,u $ab1,31,32,$hi0 - extrd,u $ab1,63,32,$ab1 - - ldw 4($tp),$ti0 ; tp[j] - - addl $hi1,$nm1,$nm1 - addl $ab1,$nm1,$nm1 - extrd,u $nm1,31,32,$hi1 - stw $nm1,-4($tp) ; tp[j-1] - - addl $hi1,$hi0,$hi0 - addl $ti0,$hi0,$hi0 - extrd,u $hi0,31,32,$hi1 - stw $hi0,0($tp) - stw $hi1,4($tp) - - ldo `$LOCALS+32`($fp),$tp - sub %r0,%r0,%r0 ; clear borrow -___ -$code.=<<___ if ($BN_SZ==4); - ldws,ma 4($tp),$ti0 - extru,= $rp,31,3,%r0 ; is rp 64-bit aligned? - b L\$sub_pa11 - addl $tp,$arrsz,$tp -L\$sub - ldwx $idx($np),$hi0 - subb $ti0,$hi0,$hi1 - ldwx $idx($tp),$ti0 - addib,<> 4,$idx,L\$sub - stws,ma $hi1,4($rp) - - subb $ti0,%r0,$hi1 - ldo -4($tp),$tp -___ -$code.=<<___ if ($BN_SZ==8); - ldd,ma 8($tp),$ti0 -L\$sub - ldd $idx($np),$hi0 - shrpd $ti0,$ti0,32,$ti0 ; flip word order - std $ti0,-8($tp) ; save flipped value - sub,db $ti0,$hi0,$hi1 - ldd,ma 8($tp),$ti0 - addib,<> 8,$idx,L\$sub - std,ma $hi1,8($rp) - - extrd,u $ti0,31,32,$ti0 ; carry in flipped word order - sub,db $ti0,%r0,$hi1 - ldo -8($tp),$tp -___ -$code.=<<___; - and $tp,$hi1,$ap - andcm $rp,$hi1,$bp - or $ap,$bp,$np - - sub $rp,$arrsz,$rp ; rewind rp - subi 0,$arrsz,$idx - ldo `$LOCALS+32`($fp),$tp -L\$copy - ldd $idx($np),$hi0 - std,ma %r0,8($tp) - addib,<> 8,$idx,.-8 ; L\$copy - std,ma $hi0,8($rp) -___ - -if ($BN_SZ==4) { # PA-RISC 1.1 code-path -$ablo=$ab0; -$abhi=$ab1; -$nmlo0=$nm0; -$nmhi0=$nm1; -$nmlo1="%r9"; -$nmhi1="%r8"; - -$code.=<<___; - b L\$done - nop - - .ALIGN 8 -L\$parisc11 -#endif - xmpyu ${fai}L,${fbi},${fab0} ; ap[j]*bp[0] - xmpyu ${fni}L,${fm0}R,${fnm0} ; np[j]*m - ldw -12($xfer),$ablo - ldw -16($xfer),$hi0 - ldw -4($xfer),$nmlo0 - ldw -8($xfer),$nmhi0 - fstds ${fab0},-16($xfer) - fstds ${fnm0},-8($xfer) - - ldo 8($idx),$idx ; j++++ - add $ablo,$nmlo0,$nmlo0 ; discarded - addc %r0,$nmhi0,$hi1 - ldw 4($xfer),$ablo - ldw 0($xfer),$abhi - nop - -L\$1st_pa11 - xmpyu ${fai}R,${fbi},${fab1} ; ap[j+1]*bp[0] - flddx $idx($ap),${fai} ; ap[j,j+1] - xmpyu ${fni}R,${fm0}R,${fnm1} ; np[j+1]*m - flddx $idx($np),${fni} ; np[j,j+1] - add $hi0,$ablo,$ablo - ldw 12($xfer),$nmlo1 - addc %r0,$abhi,$hi0 - ldw 8($xfer),$nmhi1 - add $ablo,$nmlo1,$nmlo1 - fstds ${fab1},0($xfer) - addc %r0,$nmhi1,$nmhi1 - fstds ${fnm1},8($xfer) - add $hi1,$nmlo1,$nmlo1 - ldw -12($xfer),$ablo - addc %r0,$nmhi1,$hi1 - ldw -16($xfer),$abhi - - xmpyu ${fai}L,${fbi},${fab0} ; ap[j]*bp[0] - ldw -4($xfer),$nmlo0 - xmpyu ${fni}L,${fm0}R,${fnm0} ; np[j]*m - ldw -8($xfer),$nmhi0 - add $hi0,$ablo,$ablo - stw $nmlo1,-4($tp) ; tp[j-1] - addc %r0,$abhi,$hi0 - fstds ${fab0},-16($xfer) - add $ablo,$nmlo0,$nmlo0 - fstds ${fnm0},-8($xfer) - addc %r0,$nmhi0,$nmhi0 - ldw 0($xfer),$abhi - add $hi1,$nmlo0,$nmlo0 - ldw 4($xfer),$ablo - stws,ma $nmlo0,8($tp) ; tp[j-1] - addib,<> 8,$idx,L\$1st_pa11 ; j++++ - addc %r0,$nmhi0,$hi1 - - ldw 8($xfer),$nmhi1 - ldw 12($xfer),$nmlo1 - xmpyu ${fai}R,${fbi},${fab1} ; ap[j]*bp[0] - xmpyu ${fni}R,${fm0}R,${fnm1} ; np[j]*m - add $hi0,$ablo,$ablo - fstds ${fab1},0($xfer) - addc %r0,$abhi,$hi0 - fstds ${fnm1},8($xfer) - add $ablo,$nmlo1,$nmlo1 - ldw -16($xfer),$abhi - addc %r0,$nmhi1,$nmhi1 - ldw -12($xfer),$ablo - add $hi1,$nmlo1,$nmlo1 - ldw -8($xfer),$nmhi0 - addc %r0,$nmhi1,$hi1 - ldw -4($xfer),$nmlo0 - - add $hi0,$ablo,$ablo - stw $nmlo1,-4($tp) ; tp[j-1] - addc %r0,$abhi,$hi0 - ldw 0($xfer),$abhi - add $ablo,$nmlo0,$nmlo0 - ldw 4($xfer),$ablo - addc %r0,$nmhi0,$nmhi0 - ldws,mb 8($xfer),$nmhi1 - add $hi1,$nmlo0,$nmlo0 - ldw 4($xfer),$nmlo1 - addc %r0,$nmhi0,$hi1 - stws,ma $nmlo0,8($tp) ; tp[j-1] - - ldo -1($num),$num ; i-- - subi 0,$arrsz,$idx ; j=0 - - fldws,ma 4($bp),${fbi} ; bp[1] - flddx $idx($ap),${fai} ; ap[0,1] - flddx $idx($np),${fni} ; np[0,1] - fldws 8($xfer),${fti}R ; tp[0] - add $hi0,$ablo,$ablo - addc %r0,$abhi,$hi0 - ldo 8($idx),$idx ; j++++ - xmpyu ${fai}L,${fbi},${fab0} ; ap[0]*bp[1] - xmpyu ${fai}R,${fbi},${fab1} ; ap[1]*bp[1] - add $hi1,$nmlo1,$nmlo1 - addc %r0,$nmhi1,$nmhi1 - add $ablo,$nmlo1,$nmlo1 - addc %r0,$nmhi1,$hi1 - fstws,mb ${fab0}L,-8($xfer) ; save high part - stw $nmlo1,-4($tp) ; tp[j-1] - - fcpy,sgl %fr0,${fti}L ; zero high part - fcpy,sgl %fr0,${fab0}L - add $hi1,$hi0,$hi0 - addc %r0,%r0,$hi1 - fcnvxf,dbl,dbl ${fti},${fti} ; 32-bit unsigned int -> double - fcnvxf,dbl,dbl ${fab0},${fab0} - stw $hi0,0($tp) - stw $hi1,4($tp) - - fadd,dbl ${fti},${fab0},${fab0} ; add tp[0] - fcnvfx,dbl,dbl ${fab0},${fab0} ; double -> 33-bit unsigned int - xmpyu ${fn0},${fab0}R,${fm0} - ldo `$LOCALS+32+4`($fp),$tp -L\$outer_pa11 - xmpyu ${fni}L,${fm0}R,${fnm0} ; np[0]*m - xmpyu ${fni}R,${fm0}R,${fnm1} ; np[1]*m - fstds ${fab0},-16($xfer) ; 33-bit value - fstds ${fnm0},-8($xfer) - flddx $idx($ap),${fai} ; ap[2,3] - flddx $idx($np),${fni} ; np[2,3] - ldw -16($xfer),$abhi ; carry bit actually - ldo 8($idx),$idx ; j++++ - ldw -12($xfer),$ablo - ldw -8($xfer),$nmhi0 - ldw -4($xfer),$nmlo0 - ldw 0($xfer),$hi0 ; high part - - xmpyu ${fai}L,${fbi},${fab0} ; ap[j]*bp[i] - xmpyu ${fni}L,${fm0}R,${fnm0} ; np[j]*m - fstds ${fab1},0($xfer) - addl $abhi,$hi0,$hi0 ; account carry bit - fstds ${fnm1},8($xfer) - add $ablo,$nmlo0,$nmlo0 ; discarded - ldw 0($tp),$ti1 ; tp[1] - addc %r0,$nmhi0,$hi1 - fstds ${fab0},-16($xfer) - fstds ${fnm0},-8($xfer) - ldw 4($xfer),$ablo - ldw 0($xfer),$abhi - -L\$inner_pa11 - xmpyu ${fai}R,${fbi},${fab1} ; ap[j+1]*bp[i] - flddx $idx($ap),${fai} ; ap[j,j+1] - xmpyu ${fni}R,${fm0}R,${fnm1} ; np[j+1]*m - flddx $idx($np),${fni} ; np[j,j+1] - add $hi0,$ablo,$ablo - ldw 4($tp),$ti0 ; tp[j] - addc %r0,$abhi,$abhi - ldw 12($xfer),$nmlo1 - add $ti1,$ablo,$ablo - ldw 8($xfer),$nmhi1 - addc %r0,$abhi,$hi0 - fstds ${fab1},0($xfer) - add $ablo,$nmlo1,$nmlo1 - fstds ${fnm1},8($xfer) - addc %r0,$nmhi1,$nmhi1 - ldw -12($xfer),$ablo - add $hi1,$nmlo1,$nmlo1 - ldw -16($xfer),$abhi - addc %r0,$nmhi1,$hi1 - - xmpyu ${fai}L,${fbi},${fab0} ; ap[j]*bp[i] - ldw 8($tp),$ti1 ; tp[j] - xmpyu ${fni}L,${fm0}R,${fnm0} ; np[j]*m - ldw -4($xfer),$nmlo0 - add $hi0,$ablo,$ablo - ldw -8($xfer),$nmhi0 - addc %r0,$abhi,$abhi - stw $nmlo1,-4($tp) ; tp[j-1] - add $ti0,$ablo,$ablo - fstds ${fab0},-16($xfer) - addc %r0,$abhi,$hi0 - fstds ${fnm0},-8($xfer) - add $ablo,$nmlo0,$nmlo0 - ldw 4($xfer),$ablo - addc %r0,$nmhi0,$nmhi0 - ldw 0($xfer),$abhi - add $hi1,$nmlo0,$nmlo0 - stws,ma $nmlo0,8($tp) ; tp[j-1] - addib,<> 8,$idx,L\$inner_pa11 ; j++++ - addc %r0,$nmhi0,$hi1 - - xmpyu ${fai}R,${fbi},${fab1} ; ap[j]*bp[i] - ldw 12($xfer),$nmlo1 - xmpyu ${fni}R,${fm0}R,${fnm1} ; np[j]*m - ldw 8($xfer),$nmhi1 - add $hi0,$ablo,$ablo - ldw 4($tp),$ti0 ; tp[j] - addc %r0,$abhi,$abhi - fstds ${fab1},0($xfer) - add $ti1,$ablo,$ablo - fstds ${fnm1},8($xfer) - addc %r0,$abhi,$hi0 - ldw -16($xfer),$abhi - add $ablo,$nmlo1,$nmlo1 - ldw -12($xfer),$ablo - addc %r0,$nmhi1,$nmhi1 - ldw -8($xfer),$nmhi0 - add $hi1,$nmlo1,$nmlo1 - ldw -4($xfer),$nmlo0 - addc %r0,$nmhi1,$hi1 - - add $hi0,$ablo,$ablo - stw $nmlo1,-4($tp) ; tp[j-1] - addc %r0,$abhi,$abhi - add $ti0,$ablo,$ablo - ldw 8($tp),$ti1 ; tp[j] - addc %r0,$abhi,$hi0 - ldw 0($xfer),$abhi - add $ablo,$nmlo0,$nmlo0 - ldw 4($xfer),$ablo - addc %r0,$nmhi0,$nmhi0 - ldws,mb 8($xfer),$nmhi1 - add $hi1,$nmlo0,$nmlo0 - ldw 4($xfer),$nmlo1 - addc %r0,$nmhi0,$hi1 - stws,ma $nmlo0,8($tp) ; tp[j-1] - - addib,= -1,$num,L\$outerdone_pa11; i-- - subi 0,$arrsz,$idx ; j=0 - - fldws,ma 4($bp),${fbi} ; bp[i] - flddx $idx($ap),${fai} ; ap[0] - add $hi0,$ablo,$ablo - addc %r0,$abhi,$abhi - flddx $idx($np),${fni} ; np[0] - fldws 8($xfer),${fti}R ; tp[0] - add $ti1,$ablo,$ablo - addc %r0,$abhi,$hi0 - - ldo 8($idx),$idx ; j++++ - xmpyu ${fai}L,${fbi},${fab0} ; ap[0]*bp[i] - xmpyu ${fai}R,${fbi},${fab1} ; ap[1]*bp[i] - ldw 4($tp),$ti0 ; tp[j] - - add $hi1,$nmlo1,$nmlo1 - addc %r0,$nmhi1,$nmhi1 - fstws,mb ${fab0}L,-8($xfer) ; save high part - add $ablo,$nmlo1,$nmlo1 - addc %r0,$nmhi1,$hi1 - fcpy,sgl %fr0,${fti}L ; zero high part - fcpy,sgl %fr0,${fab0}L - stw $nmlo1,-4($tp) ; tp[j-1] - - fcnvxf,dbl,dbl ${fti},${fti} ; 32-bit unsigned int -> double - fcnvxf,dbl,dbl ${fab0},${fab0} - add $hi1,$hi0,$hi0 - addc %r0,%r0,$hi1 - fadd,dbl ${fti},${fab0},${fab0} ; add tp[0] - add $ti0,$hi0,$hi0 - addc %r0,$hi1,$hi1 - fcnvfx,dbl,dbl ${fab0},${fab0} ; double -> 33-bit unsigned int - stw $hi0,0($tp) - stw $hi1,4($tp) - xmpyu ${fn0},${fab0}R,${fm0} - - b L\$outer_pa11 - ldo `$LOCALS+32+4`($fp),$tp - -L\$outerdone_pa11 - add $hi0,$ablo,$ablo - addc %r0,$abhi,$abhi - add $ti1,$ablo,$ablo - addc %r0,$abhi,$hi0 - - ldw 4($tp),$ti0 ; tp[j] - - add $hi1,$nmlo1,$nmlo1 - addc %r0,$nmhi1,$nmhi1 - add $ablo,$nmlo1,$nmlo1 - addc %r0,$nmhi1,$hi1 - stw $nmlo1,-4($tp) ; tp[j-1] - - add $hi1,$hi0,$hi0 - addc %r0,%r0,$hi1 - add $ti0,$hi0,$hi0 - addc %r0,$hi1,$hi1 - stw $hi0,0($tp) - stw $hi1,4($tp) - - ldo `$LOCALS+32+4`($fp),$tp - sub %r0,%r0,%r0 ; clear borrow - ldw -4($tp),$ti0 - addl $tp,$arrsz,$tp -L\$sub_pa11 - ldwx $idx($np),$hi0 - subb $ti0,$hi0,$hi1 - ldwx $idx($tp),$ti0 - addib,<> 4,$idx,L\$sub_pa11 - stws,ma $hi1,4($rp) - - subb $ti0,%r0,$hi1 - ldo -4($tp),$tp - and $tp,$hi1,$ap - andcm $rp,$hi1,$bp - or $ap,$bp,$np - - sub $rp,$arrsz,$rp ; rewind rp - subi 0,$arrsz,$idx - ldo `$LOCALS+32`($fp),$tp -L\$copy_pa11 - ldwx $idx($np),$hi0 - stws,ma %r0,4($tp) - addib,<> 4,$idx,L\$copy_pa11 - stws,ma $hi0,4($rp) - - nop ; alignment -L\$done -___ -} - -$code.=<<___; - ldi 1,%r28 ; signal "handled" - ldo $FRAME($fp),%sp ; destroy tp[num+1] - - $POP `-$FRAME-$SAVED_RP`(%sp),%r2 ; standard epilogue - $POP `-$FRAME+1*$SIZE_T`(%sp),%r4 - $POP `-$FRAME+2*$SIZE_T`(%sp),%r5 - $POP `-$FRAME+3*$SIZE_T`(%sp),%r6 - $POP `-$FRAME+4*$SIZE_T`(%sp),%r7 - $POP `-$FRAME+5*$SIZE_T`(%sp),%r8 - $POP `-$FRAME+6*$SIZE_T`(%sp),%r9 - $POP `-$FRAME+7*$SIZE_T`(%sp),%r10 -L\$abort - bv (%r2) - .EXIT - $POPMB -$FRAME(%sp),%r3 - .PROCEND -___ - -# Explicitly encode PA-RISC 2.0 instructions used in this module, so -# that it can be compiled with .LEVEL 1.0. It should be noted that I -# wouldn't have to do this, if GNU assembler understood .ALLOW 2.0 -# directive... - -my $ldd = sub { - my ($mod,$args) = @_; - my $orig = "ldd$mod\t$args"; - - if ($args =~ /%r([0-9]+)\(%r([0-9]+)\),%r([0-9]+)/) # format 4 - { my $opcode=(0x03<<26)|($2<<21)|($1<<16)|(3<<6)|$3; - sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig; - } - elsif ($args =~ /(\-?[0-9]+)\(%r([0-9]+)\),%r([0-9]+)/) # format 5 - { my $opcode=(0x03<<26)|($2<<21)|(1<<12)|(3<<6)|$3; - $opcode|=(($1&0xF)<<17)|(($1&0x10)<<12); # encode offset - $opcode|=(1<<5) if ($mod =~ /^,m/); - $opcode|=(1<<13) if ($mod =~ /^,mb/); - sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig; - } - else { "\t".$orig; } -}; - -my $std = sub { - my ($mod,$args) = @_; - my $orig = "std$mod\t$args"; - - if ($args =~ /%r([0-9]+),(\-?[0-9]+)\(%r([0-9]+)\)/) # format 6 - { my $opcode=(0x03<<26)|($3<<21)|($1<<16)|(1<<12)|(0xB<<6); - $opcode|=(($2&0xF)<<1)|(($2&0x10)>>4); # encode offset - $opcode|=(1<<5) if ($mod =~ /^,m/); - $opcode|=(1<<13) if ($mod =~ /^,mb/); - sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig; - } - else { "\t".$orig; } -}; - -my $extrd = sub { - my ($mod,$args) = @_; - my $orig = "extrd$mod\t$args"; - - # I only have ",u" completer, it's implicitly encoded... - if ($args =~ /%r([0-9]+),([0-9]+),([0-9]+),%r([0-9]+)/) # format 15 - { my $opcode=(0x36<<26)|($1<<21)|($4<<16); - my $len=32-$3; - $opcode |= (($2&0x20)<<6)|(($2&0x1f)<<5); # encode pos - $opcode |= (($len&0x20)<<7)|($len&0x1f); # encode len - sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig; - } - elsif ($args =~ /%r([0-9]+),%sar,([0-9]+),%r([0-9]+)/) # format 12 - { my $opcode=(0x34<<26)|($1<<21)|($3<<16)|(2<<11)|(1<<9); - my $len=32-$2; - $opcode |= (($len&0x20)<<3)|($len&0x1f); # encode len - $opcode |= (1<<13) if ($mod =~ /,\**=/); - sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig; - } - else { "\t".$orig; } -}; - -my $shrpd = sub { - my ($mod,$args) = @_; - my $orig = "shrpd$mod\t$args"; - - if ($args =~ /%r([0-9]+),%r([0-9]+),([0-9]+),%r([0-9]+)/) # format 14 - { my $opcode=(0x34<<26)|($2<<21)|($1<<16)|(1<<10)|$4; - my $cpos=63-$3; - $opcode |= (($cpos&0x20)<<6)|(($cpos&0x1f)<<5); # encode sa - sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig; - } - else { "\t".$orig; } -}; - -my $sub = sub { - my ($mod,$args) = @_; - my $orig = "sub$mod\t$args"; - - if ($mod eq ",db" && $args =~ /%r([0-9]+),%r([0-9]+),%r([0-9]+)/) { - my $opcode=(0x02<<26)|($2<<21)|($1<<16)|$3; - $opcode|=(1<<10); # e1 - $opcode|=(1<<8); # e2 - $opcode|=(1<<5); # d - sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig - } - else { "\t".$orig; } -}; - -sub assemble { - my ($mnemonic,$mod,$args)=@_; - my $opcode = eval("\$$mnemonic"); - - ref($opcode) eq 'CODE' ? &$opcode($mod,$args) : "\t$mnemonic$mod\t$args"; -} - -foreach (split("\n",$code)) { - s/\`([^\`]*)\`/eval $1/ge; - # flip word order in 64-bit mode... - s/(xmpyu\s+)($fai|$fni)([LR])/$1.$2.($3 eq "L"?"R":"L")/e if ($BN_SZ==8); - # assemble 2.0 instructions in 32-bit mode... - s/^\s+([a-z]+)([\S]*)\s+([\S]*)/&assemble($1,$2,$3)/e if ($BN_SZ==4); - - s/\bbv\b/bve/gm if ($SIZE_T==8); - - print $_,"\n"; -} -close STDOUT; diff --git a/src/lib/libcrypto/bn/asm/ppc-mont.pl b/src/lib/libcrypto/bn/asm/ppc-mont.pl deleted file mode 100644 index 68320a87f7..0000000000 --- a/src/lib/libcrypto/bn/asm/ppc-mont.pl +++ /dev/null @@ -1,329 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# April 2006 - -# "Teaser" Montgomery multiplication module for PowerPC. It's possible -# to gain a bit more by modulo-scheduling outer loop, then dedicated -# squaring procedure should give further 20% and code can be adapted -# for 32-bit application running on 64-bit CPU. As for the latter. -# It won't be able to achieve "native" 64-bit performance, because in -# 32-bit application context every addc instruction will have to be -# expanded as addc, twice right shift by 32 and finally adde, etc. -# So far RSA *sign* performance improvement over pre-bn_mul_mont asm -# for 64-bit application running on PPC970/G5 is: -# -# 512-bit +65% -# 1024-bit +35% -# 2048-bit +18% -# 4096-bit +4% - -$flavour = shift; - -if ($flavour =~ /32/) { - $BITS= 32; - $BNSZ= $BITS/8; - $SIZE_T=4; - $RZONE= 224; - - $LD= "lwz"; # load - $LDU= "lwzu"; # load and update - $LDX= "lwzx"; # load indexed - $ST= "stw"; # store - $STU= "stwu"; # store and update - $STX= "stwx"; # store indexed - $STUX= "stwux"; # store indexed and update - $UMULL= "mullw"; # unsigned multiply low - $UMULH= "mulhwu"; # unsigned multiply high - $UCMP= "cmplw"; # unsigned compare - $SHRI= "srwi"; # unsigned shift right by immediate - $PUSH= $ST; - $POP= $LD; -} elsif ($flavour =~ /64/) { - $BITS= 64; - $BNSZ= $BITS/8; - $SIZE_T=8; - $RZONE= 288; - - # same as above, but 64-bit mnemonics... - $LD= "ld"; # load - $LDU= "ldu"; # load and update - $LDX= "ldx"; # load indexed - $ST= "std"; # store - $STU= "stdu"; # store and update - $STX= "stdx"; # store indexed - $STUX= "stdux"; # store indexed and update - $UMULL= "mulld"; # unsigned multiply low - $UMULH= "mulhdu"; # unsigned multiply high - $UCMP= "cmpld"; # unsigned compare - $SHRI= "srdi"; # unsigned shift right by immediate - $PUSH= $ST; - $POP= $LD; -} else { die "nonsense $flavour"; } - -$FRAME=8*$SIZE_T+$RZONE; -$LOCALS=8*$SIZE_T; - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or -( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or -die "can't locate ppc-xlate.pl"; - -open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!"; - -$sp="r1"; -$toc="r2"; -$rp="r3"; $ovf="r3"; -$ap="r4"; -$bp="r5"; -$np="r6"; -$n0="r7"; -$num="r8"; -$rp="r9"; # $rp is reassigned -$aj="r10"; -$nj="r11"; -$tj="r12"; -# non-volatile registers -$i="r20"; -$j="r21"; -$tp="r22"; -$m0="r23"; -$m1="r24"; -$lo0="r25"; -$hi0="r26"; -$lo1="r27"; -$hi1="r28"; -$alo="r29"; -$ahi="r30"; -$nlo="r31"; -# -$nhi="r0"; - -$code=<<___; -.machine "any" -.text - -.globl .bn_mul_mont -.align 4 -.bn_mul_mont: - cmpwi $num,4 - mr $rp,r3 ; $rp is reassigned - li r3,0 - bltlr -___ -$code.=<<___ if ($BNSZ==4); - cmpwi $num,32 ; longer key performance is not better - bgelr -___ -$code.=<<___; - slwi $num,$num,`log($BNSZ)/log(2)` - li $tj,-4096 - addi $ovf,$num,$FRAME - subf $ovf,$ovf,$sp ; $sp-$ovf - and $ovf,$ovf,$tj ; minimize TLB usage - subf $ovf,$sp,$ovf ; $ovf-$sp - mr $tj,$sp - srwi $num,$num,`log($BNSZ)/log(2)` - $STUX $sp,$sp,$ovf - - $PUSH r20,`-12*$SIZE_T`($tj) - $PUSH r21,`-11*$SIZE_T`($tj) - $PUSH r22,`-10*$SIZE_T`($tj) - $PUSH r23,`-9*$SIZE_T`($tj) - $PUSH r24,`-8*$SIZE_T`($tj) - $PUSH r25,`-7*$SIZE_T`($tj) - $PUSH r26,`-6*$SIZE_T`($tj) - $PUSH r27,`-5*$SIZE_T`($tj) - $PUSH r28,`-4*$SIZE_T`($tj) - $PUSH r29,`-3*$SIZE_T`($tj) - $PUSH r30,`-2*$SIZE_T`($tj) - $PUSH r31,`-1*$SIZE_T`($tj) - - $LD $n0,0($n0) ; pull n0[0] value - addi $num,$num,-2 ; adjust $num for counter register - - $LD $m0,0($bp) ; m0=bp[0] - $LD $aj,0($ap) ; ap[0] - addi $tp,$sp,$LOCALS - $UMULL $lo0,$aj,$m0 ; ap[0]*bp[0] - $UMULH $hi0,$aj,$m0 - - $LD $aj,$BNSZ($ap) ; ap[1] - $LD $nj,0($np) ; np[0] - - $UMULL $m1,$lo0,$n0 ; "tp[0]"*n0 - - $UMULL $alo,$aj,$m0 ; ap[1]*bp[0] - $UMULH $ahi,$aj,$m0 - - $UMULL $lo1,$nj,$m1 ; np[0]*m1 - $UMULH $hi1,$nj,$m1 - $LD $nj,$BNSZ($np) ; np[1] - addc $lo1,$lo1,$lo0 - addze $hi1,$hi1 - - $UMULL $nlo,$nj,$m1 ; np[1]*m1 - $UMULH $nhi,$nj,$m1 - - mtctr $num - li $j,`2*$BNSZ` -.align 4 -L1st: - $LDX $aj,$ap,$j ; ap[j] - addc $lo0,$alo,$hi0 - $LDX $nj,$np,$j ; np[j] - addze $hi0,$ahi - $UMULL $alo,$aj,$m0 ; ap[j]*bp[0] - addc $lo1,$nlo,$hi1 - $UMULH $ahi,$aj,$m0 - addze $hi1,$nhi - $UMULL $nlo,$nj,$m1 ; np[j]*m1 - addc $lo1,$lo1,$lo0 ; np[j]*m1+ap[j]*bp[0] - $UMULH $nhi,$nj,$m1 - addze $hi1,$hi1 - $ST $lo1,0($tp) ; tp[j-1] - - addi $j,$j,$BNSZ ; j++ - addi $tp,$tp,$BNSZ ; tp++ - bdnz- L1st -;L1st - addc $lo0,$alo,$hi0 - addze $hi0,$ahi - - addc $lo1,$nlo,$hi1 - addze $hi1,$nhi - addc $lo1,$lo1,$lo0 ; np[j]*m1+ap[j]*bp[0] - addze $hi1,$hi1 - $ST $lo1,0($tp) ; tp[j-1] - - li $ovf,0 - addc $hi1,$hi1,$hi0 - addze $ovf,$ovf ; upmost overflow bit - $ST $hi1,$BNSZ($tp) - - li $i,$BNSZ -.align 4 -Louter: - $LDX $m0,$bp,$i ; m0=bp[i] - $LD $aj,0($ap) ; ap[0] - addi $tp,$sp,$LOCALS - $LD $tj,$LOCALS($sp); tp[0] - $UMULL $lo0,$aj,$m0 ; ap[0]*bp[i] - $UMULH $hi0,$aj,$m0 - $LD $aj,$BNSZ($ap) ; ap[1] - $LD $nj,0($np) ; np[0] - addc $lo0,$lo0,$tj ; ap[0]*bp[i]+tp[0] - $UMULL $alo,$aj,$m0 ; ap[j]*bp[i] - addze $hi0,$hi0 - $UMULL $m1,$lo0,$n0 ; tp[0]*n0 - $UMULH $ahi,$aj,$m0 - $UMULL $lo1,$nj,$m1 ; np[0]*m1 - $UMULH $hi1,$nj,$m1 - $LD $nj,$BNSZ($np) ; np[1] - addc $lo1,$lo1,$lo0 - $UMULL $nlo,$nj,$m1 ; np[1]*m1 - addze $hi1,$hi1 - $UMULH $nhi,$nj,$m1 - - mtctr $num - li $j,`2*$BNSZ` -.align 4 -Linner: - $LDX $aj,$ap,$j ; ap[j] - addc $lo0,$alo,$hi0 - $LD $tj,$BNSZ($tp) ; tp[j] - addze $hi0,$ahi - $LDX $nj,$np,$j ; np[j] - addc $lo1,$nlo,$hi1 - $UMULL $alo,$aj,$m0 ; ap[j]*bp[i] - addze $hi1,$nhi - $UMULH $ahi,$aj,$m0 - addc $lo0,$lo0,$tj ; ap[j]*bp[i]+tp[j] - $UMULL $nlo,$nj,$m1 ; np[j]*m1 - addze $hi0,$hi0 - $UMULH $nhi,$nj,$m1 - addc $lo1,$lo1,$lo0 ; np[j]*m1+ap[j]*bp[i]+tp[j] - addi $j,$j,$BNSZ ; j++ - addze $hi1,$hi1 - $ST $lo1,0($tp) ; tp[j-1] - addi $tp,$tp,$BNSZ ; tp++ - bdnz- Linner -;Linner - $LD $tj,$BNSZ($tp) ; tp[j] - addc $lo0,$alo,$hi0 - addze $hi0,$ahi - addc $lo0,$lo0,$tj ; ap[j]*bp[i]+tp[j] - addze $hi0,$hi0 - - addc $lo1,$nlo,$hi1 - addze $hi1,$nhi - addc $lo1,$lo1,$lo0 ; np[j]*m1+ap[j]*bp[i]+tp[j] - addze $hi1,$hi1 - $ST $lo1,0($tp) ; tp[j-1] - - addic $ovf,$ovf,-1 ; move upmost overflow to XER[CA] - li $ovf,0 - adde $hi1,$hi1,$hi0 - addze $ovf,$ovf - $ST $hi1,$BNSZ($tp) -; - slwi $tj,$num,`log($BNSZ)/log(2)` - $UCMP $i,$tj - addi $i,$i,$BNSZ - ble- Louter - - addi $num,$num,2 ; restore $num - subfc $j,$j,$j ; j=0 and "clear" XER[CA] - addi $tp,$sp,$LOCALS - mtctr $num - -.align 4 -Lsub: $LDX $tj,$tp,$j - $LDX $nj,$np,$j - subfe $aj,$nj,$tj ; tp[j]-np[j] - $STX $aj,$rp,$j - addi $j,$j,$BNSZ - bdnz- Lsub - - li $j,0 - mtctr $num - subfe $ovf,$j,$ovf ; handle upmost overflow bit - and $ap,$tp,$ovf - andc $np,$rp,$ovf - or $ap,$ap,$np ; ap=borrow?tp:rp - -.align 4 -Lcopy: ; copy or in-place refresh - $LDX $tj,$ap,$j - $STX $tj,$rp,$j - $STX $j,$tp,$j ; zap at once - addi $j,$j,$BNSZ - bdnz- Lcopy - - $POP $tj,0($sp) - li r3,1 - $POP r20,`-12*$SIZE_T`($tj) - $POP r21,`-11*$SIZE_T`($tj) - $POP r22,`-10*$SIZE_T`($tj) - $POP r23,`-9*$SIZE_T`($tj) - $POP r24,`-8*$SIZE_T`($tj) - $POP r25,`-7*$SIZE_T`($tj) - $POP r26,`-6*$SIZE_T`($tj) - $POP r27,`-5*$SIZE_T`($tj) - $POP r28,`-4*$SIZE_T`($tj) - $POP r29,`-3*$SIZE_T`($tj) - $POP r30,`-2*$SIZE_T`($tj) - $POP r31,`-1*$SIZE_T`($tj) - mr $sp,$tj - blr -___ - -$code =~ s/\`([^\`]*)\`/eval $1/gem; -print $code; -close STDOUT; diff --git a/src/lib/libcrypto/bn/asm/ppc.pl b/src/lib/libcrypto/bn/asm/ppc.pl deleted file mode 100644 index c9b7f9477d..0000000000 --- a/src/lib/libcrypto/bn/asm/ppc.pl +++ /dev/null @@ -1,1968 +0,0 @@ -#!/usr/bin/env perl -# -# Implemented as a Perl wrapper as we want to support several different -# architectures with single file. We pick up the target based on the -# file name we are asked to generate. -# -# It should be noted though that this perl code is nothing like -# /crypto/perlasm/x86*. In this case perl is used pretty much -# as pre-processor to cover for platform differences in name decoration, -# linker tables, 32-/64-bit instruction sets... -# -# As you might know there're several PowerPC ABI in use. Most notably -# Linux and AIX use different 32-bit ABIs. Good news are that these ABIs -# are similar enough to implement leaf(!) functions, which would be ABI -# neutral. And that's what you find here: ABI neutral leaf functions. -# In case you wonder what that is... -# -# AIX performance -# -# MEASUREMENTS WITH cc ON a 200 MhZ PowerPC 604e. -# -# The following is the performance of 32-bit compiler -# generated code: -# -# OpenSSL 0.9.6c 21 dec 2001 -# built on: Tue Jun 11 11:06:51 EDT 2002 -# options:bn(64,32) ... -#compiler: cc -DTHREADS -DAIX -DB_ENDIAN -DBN_LLONG -O3 -# sign verify sign/s verify/s -#rsa 512 bits 0.0098s 0.0009s 102.0 1170.6 -#rsa 1024 bits 0.0507s 0.0026s 19.7 387.5 -#rsa 2048 bits 0.3036s 0.0085s 3.3 117.1 -#rsa 4096 bits 2.0040s 0.0299s 0.5 33.4 -#dsa 512 bits 0.0087s 0.0106s 114.3 94.5 -#dsa 1024 bits 0.0256s 0.0313s 39.0 32.0 -# -# Same benchmark with this assembler code: -# -#rsa 512 bits 0.0056s 0.0005s 178.6 2049.2 -#rsa 1024 bits 0.0283s 0.0015s 35.3 674.1 -#rsa 2048 bits 0.1744s 0.0050s 5.7 201.2 -#rsa 4096 bits 1.1644s 0.0179s 0.9 55.7 -#dsa 512 bits 0.0052s 0.0062s 191.6 162.0 -#dsa 1024 bits 0.0149s 0.0180s 67.0 55.5 -# -# Number of operations increases by at almost 75% -# -# Here are performance numbers for 64-bit compiler -# generated code: -# -# OpenSSL 0.9.6g [engine] 9 Aug 2002 -# built on: Fri Apr 18 16:59:20 EDT 2003 -# options:bn(64,64) ... -# compiler: cc -DTHREADS -D_REENTRANT -q64 -DB_ENDIAN -O3 -# sign verify sign/s verify/s -#rsa 512 bits 0.0028s 0.0003s 357.1 3844.4 -#rsa 1024 bits 0.0148s 0.0008s 67.5 1239.7 -#rsa 2048 bits 0.0963s 0.0028s 10.4 353.0 -#rsa 4096 bits 0.6538s 0.0102s 1.5 98.1 -#dsa 512 bits 0.0026s 0.0032s 382.5 313.7 -#dsa 1024 bits 0.0081s 0.0099s 122.8 100.6 -# -# Same benchmark with this assembler code: -# -#rsa 512 bits 0.0020s 0.0002s 510.4 6273.7 -#rsa 1024 bits 0.0088s 0.0005s 114.1 2128.3 -#rsa 2048 bits 0.0540s 0.0016s 18.5 622.5 -#rsa 4096 bits 0.3700s 0.0058s 2.7 171.0 -#dsa 512 bits 0.0016s 0.0020s 610.7 507.1 -#dsa 1024 bits 0.0047s 0.0058s 212.5 173.2 -# -# Again, performance increases by at about 75% -# -# Mac OS X, Apple G5 1.8GHz (Note this is 32 bit code) -# OpenSSL 0.9.7c 30 Sep 2003 -# -# Original code. -# -#rsa 512 bits 0.0011s 0.0001s 906.1 11012.5 -#rsa 1024 bits 0.0060s 0.0003s 166.6 3363.1 -#rsa 2048 bits 0.0370s 0.0010s 27.1 982.4 -#rsa 4096 bits 0.2426s 0.0036s 4.1 280.4 -#dsa 512 bits 0.0010s 0.0012s 1038.1 841.5 -#dsa 1024 bits 0.0030s 0.0037s 329.6 269.7 -#dsa 2048 bits 0.0101s 0.0127s 98.9 78.6 -# -# Same benchmark with this assembler code: -# -#rsa 512 bits 0.0007s 0.0001s 1416.2 16645.9 -#rsa 1024 bits 0.0036s 0.0002s 274.4 5380.6 -#rsa 2048 bits 0.0222s 0.0006s 45.1 1589.5 -#rsa 4096 bits 0.1469s 0.0022s 6.8 449.6 -#dsa 512 bits 0.0006s 0.0007s 1664.2 1376.2 -#dsa 1024 bits 0.0018s 0.0023s 545.0 442.2 -#dsa 2048 bits 0.0061s 0.0075s 163.5 132.8 -# -# Performance increase of ~60% -# -# If you have comments or suggestions to improve code send -# me a note at schari@us.ibm.com -# - -$flavour = shift; - -if ($flavour =~ /32/) { - $BITS= 32; - $BNSZ= $BITS/8; - $ISA= "\"ppc\""; - - $LD= "lwz"; # load - $LDU= "lwzu"; # load and update - $ST= "stw"; # store - $STU= "stwu"; # store and update - $UMULL= "mullw"; # unsigned multiply low - $UMULH= "mulhwu"; # unsigned multiply high - $UDIV= "divwu"; # unsigned divide - $UCMPI= "cmplwi"; # unsigned compare with immediate - $UCMP= "cmplw"; # unsigned compare - $CNTLZ= "cntlzw"; # count leading zeros - $SHL= "slw"; # shift left - $SHR= "srw"; # unsigned shift right - $SHRI= "srwi"; # unsigned shift right by immediate - $SHLI= "slwi"; # shift left by immediate - $CLRU= "clrlwi"; # clear upper bits - $INSR= "insrwi"; # insert right - $ROTL= "rotlwi"; # rotate left by immediate - $TR= "tw"; # conditional trap -} elsif ($flavour =~ /64/) { - $BITS= 64; - $BNSZ= $BITS/8; - $ISA= "\"ppc64\""; - - # same as above, but 64-bit mnemonics... - $LD= "ld"; # load - $LDU= "ldu"; # load and update - $ST= "std"; # store - $STU= "stdu"; # store and update - $UMULL= "mulld"; # unsigned multiply low - $UMULH= "mulhdu"; # unsigned multiply high - $UDIV= "divdu"; # unsigned divide - $UCMPI= "cmpldi"; # unsigned compare with immediate - $UCMP= "cmpld"; # unsigned compare - $CNTLZ= "cntlzd"; # count leading zeros - $SHL= "sld"; # shift left - $SHR= "srd"; # unsigned shift right - $SHRI= "srdi"; # unsigned shift right by immediate - $SHLI= "sldi"; # shift left by immediate - $CLRU= "clrldi"; # clear upper bits - $INSR= "insrdi"; # insert right - $ROTL= "rotldi"; # rotate left by immediate - $TR= "td"; # conditional trap -} else { die "nonsense $flavour"; } - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or -( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or -die "can't locate ppc-xlate.pl"; - -open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!"; - -$data=< 0 then result !=0 - # In either case carry bit is set. - beq Lppcasm_sub_adios - addi r4,r4,-$BNSZ - addi r3,r3,-$BNSZ - addi r5,r5,-$BNSZ - mtctr r6 -Lppcasm_sub_mainloop: - $LDU r7,$BNSZ(r4) - $LDU r8,$BNSZ(r5) - subfe r6,r8,r7 # r6 = r7+carry bit + onescomplement(r8) - # if carry = 1 this is r7-r8. Else it - # is r7-r8 -1 as we need. - $STU r6,$BNSZ(r3) - bdnz- Lppcasm_sub_mainloop -Lppcasm_sub_adios: - subfze r3,r0 # if carry bit is set then r3 = 0 else -1 - andi. r3,r3,1 # keep only last bit. - blr - -# -# NOTE: The following label name should be changed to -# "bn_add_words" i.e. remove the first dot -# for the gcc compiler. This should be automatically -# done in the build -# - -.align 4 -.bn_add_words: -# -# Handcoded version of bn_add_words -# -#BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) -# -# r3 = r -# r4 = a -# r5 = b -# r6 = n -# -# Note: No loop unrolling done since this is not a performance -# critical loop. - - xor r0,r0,r0 -# -# check for r6 = 0. Is this needed? -# - addic. r6,r6,0 #test r6 and clear carry bit. - beq Lppcasm_add_adios - addi r4,r4,-$BNSZ - addi r3,r3,-$BNSZ - addi r5,r5,-$BNSZ - mtctr r6 -Lppcasm_add_mainloop: - $LDU r7,$BNSZ(r4) - $LDU r8,$BNSZ(r5) - adde r8,r7,r8 - $STU r8,$BNSZ(r3) - bdnz- Lppcasm_add_mainloop -Lppcasm_add_adios: - addze r3,r0 #return carry bit. - blr - -# -# NOTE: The following label name should be changed to -# "bn_div_words" i.e. remove the first dot -# for the gcc compiler. This should be automatically -# done in the build -# - -.align 4 -.bn_div_words: -# -# This is a cleaned up version of code generated by -# the AIX compiler. The only optimization is to use -# the PPC instruction to count leading zeros instead -# of call to num_bits_word. Since this was compiled -# only at level -O2 we can possibly squeeze it more? -# -# r3 = h -# r4 = l -# r5 = d - - $UCMPI 0,r5,0 # compare r5 and 0 - bne Lppcasm_div1 # proceed if d!=0 - li r3,-1 # d=0 return -1 - blr -Lppcasm_div1: - xor r0,r0,r0 #r0=0 - li r8,$BITS - $CNTLZ. r7,r5 #r7 = num leading 0s in d. - beq Lppcasm_div2 #proceed if no leading zeros - subf r8,r7,r8 #r8 = BN_num_bits_word(d) - $SHR. r9,r3,r8 #are there any bits above r8'th? - $TR 16,r9,r0 #if there're, signal to dump core... -Lppcasm_div2: - $UCMP 0,r3,r5 #h>=d? - blt Lppcasm_div3 #goto Lppcasm_div3 if not - subf r3,r5,r3 #h-=d ; -Lppcasm_div3: #r7 = BN_BITS2-i. so r7=i - cmpi 0,0,r7,0 # is (i == 0)? - beq Lppcasm_div4 - $SHL r3,r3,r7 # h = (h<< i) - $SHR r8,r4,r8 # r8 = (l >> BN_BITS2 -i) - $SHL r5,r5,r7 # d<<=i - or r3,r3,r8 # h = (h<>(BN_BITS2-i)) - $SHL r4,r4,r7 # l <<=i -Lppcasm_div4: - $SHRI r9,r5,`$BITS/2` # r9 = dh - # dl will be computed when needed - # as it saves registers. - li r6,2 #r6=2 - mtctr r6 #counter will be in count. -Lppcasm_divouterloop: - $SHRI r8,r3,`$BITS/2` #r8 = (h>>BN_BITS4) - $SHRI r11,r4,`$BITS/2` #r11= (l&BN_MASK2h)>>BN_BITS4 - # compute here for innerloop. - $UCMP 0,r8,r9 # is (h>>BN_BITS4)==dh - bne Lppcasm_div5 # goto Lppcasm_div5 if not - - li r8,-1 - $CLRU r8,r8,`$BITS/2` #q = BN_MASK2l - b Lppcasm_div6 -Lppcasm_div5: - $UDIV r8,r3,r9 #q = h/dh -Lppcasm_div6: - $UMULL r12,r9,r8 #th = q*dh - $CLRU r10,r5,`$BITS/2` #r10=dl - $UMULL r6,r8,r10 #tl = q*dl - -Lppcasm_divinnerloop: - subf r10,r12,r3 #t = h -th - $SHRI r7,r10,`$BITS/2` #r7= (t &BN_MASK2H), sort of... - addic. r7,r7,0 #test if r7 == 0. used below. - # now want to compute - # r7 = (t<>BN_BITS4) - # the following 2 instructions do that - $SHLI r7,r10,`$BITS/2` # r7 = (t<>BN_BITS4) - $UCMP cr1,r6,r7 # compare (tl <= r7) - bne Lppcasm_divinnerexit - ble cr1,Lppcasm_divinnerexit - addi r8,r8,-1 #q-- - subf r12,r9,r12 #th -=dh - $CLRU r10,r5,`$BITS/2` #r10=dl. t is no longer needed in loop. - subf r6,r10,r6 #tl -=dl - b Lppcasm_divinnerloop -Lppcasm_divinnerexit: - $SHRI r10,r6,`$BITS/2` #t=(tl>>BN_BITS4) - $SHLI r11,r6,`$BITS/2` #tl=(tl<=tl) goto Lppcasm_div7 - addi r12,r12,1 # th++ -Lppcasm_div7: - subf r11,r11,r4 #r11=l-tl - $UCMP cr1,r3,r12 #compare h and th - bge cr1,Lppcasm_div8 #if (h>=th) goto Lppcasm_div8 - addi r8,r8,-1 # q-- - add r3,r5,r3 # h+=d -Lppcasm_div8: - subf r12,r12,r3 #r12 = h-th - $SHLI r4,r11,`$BITS/2` #l=(l&BN_MASK2l)<>BN_BITS4))&BN_MASK2 - # the following 2 instructions will do this. - $INSR r11,r12,`$BITS/2`,`$BITS/2` # r11 is the value we want rotated $BITS/2. - $ROTL r3,r11,`$BITS/2` # rotate by $BITS/2 and store in r3 - bdz Lppcasm_div9 #if (count==0) break ; - $SHLI r0,r8,`$BITS/2` #ret =q<> 2 - beq Lppcasm_mw_REM - mtctr r7 -Lppcasm_mw_LOOP: - #mul(rp[0],ap[0],w,c1); - $LD r8,`0*$BNSZ`(r4) - $UMULL r9,r6,r8 - $UMULH r10,r6,r8 - addc r9,r9,r12 - #addze r10,r10 #carry is NOT ignored. - #will be taken care of - #in second spin below - #using adde. - $ST r9,`0*$BNSZ`(r3) - #mul(rp[1],ap[1],w,c1); - $LD r8,`1*$BNSZ`(r4) - $UMULL r11,r6,r8 - $UMULH r12,r6,r8 - adde r11,r11,r10 - #addze r12,r12 - $ST r11,`1*$BNSZ`(r3) - #mul(rp[2],ap[2],w,c1); - $LD r8,`2*$BNSZ`(r4) - $UMULL r9,r6,r8 - $UMULH r10,r6,r8 - adde r9,r9,r12 - #addze r10,r10 - $ST r9,`2*$BNSZ`(r3) - #mul_add(rp[3],ap[3],w,c1); - $LD r8,`3*$BNSZ`(r4) - $UMULL r11,r6,r8 - $UMULH r12,r6,r8 - adde r11,r11,r10 - addze r12,r12 #this spin we collect carry into - #r12 - $ST r11,`3*$BNSZ`(r3) - - addi r3,r3,`4*$BNSZ` - addi r4,r4,`4*$BNSZ` - bdnz- Lppcasm_mw_LOOP - -Lppcasm_mw_REM: - andi. r5,r5,0x3 - beq Lppcasm_mw_OVER - #mul(rp[0],ap[0],w,c1); - $LD r8,`0*$BNSZ`(r4) - $UMULL r9,r6,r8 - $UMULH r10,r6,r8 - addc r9,r9,r12 - addze r10,r10 - $ST r9,`0*$BNSZ`(r3) - addi r12,r10,0 - - addi r5,r5,-1 - cmpli 0,0,r5,0 - beq Lppcasm_mw_OVER - - - #mul(rp[1],ap[1],w,c1); - $LD r8,`1*$BNSZ`(r4) - $UMULL r9,r6,r8 - $UMULH r10,r6,r8 - addc r9,r9,r12 - addze r10,r10 - $ST r9,`1*$BNSZ`(r3) - addi r12,r10,0 - - addi r5,r5,-1 - cmpli 0,0,r5,0 - beq Lppcasm_mw_OVER - - #mul_add(rp[2],ap[2],w,c1); - $LD r8,`2*$BNSZ`(r4) - $UMULL r9,r6,r8 - $UMULH r10,r6,r8 - addc r9,r9,r12 - addze r10,r10 - $ST r9,`2*$BNSZ`(r3) - addi r12,r10,0 - -Lppcasm_mw_OVER: - addi r3,r12,0 - blr - -# -# NOTE: The following label name should be changed to -# "bn_mul_add_words" i.e. remove the first dot -# for the gcc compiler. This should be automatically -# done in the build -# - -.align 4 -.bn_mul_add_words: -# -# BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w) -# -# r3 = rp -# r4 = ap -# r5 = num -# r6 = w -# -# empirical evidence suggests that unrolled version performs best!! -# - xor r0,r0,r0 #r0 = 0 - xor r12,r12,r12 #r12 = 0 . used for carry - rlwinm. r7,r5,30,2,31 # num >> 2 - beq Lppcasm_maw_leftover # if (num < 4) go LPPCASM_maw_leftover - mtctr r7 -Lppcasm_maw_mainloop: - #mul_add(rp[0],ap[0],w,c1); - $LD r8,`0*$BNSZ`(r4) - $LD r11,`0*$BNSZ`(r3) - $UMULL r9,r6,r8 - $UMULH r10,r6,r8 - addc r9,r9,r12 #r12 is carry. - addze r10,r10 - addc r9,r9,r11 - #addze r10,r10 - #the above instruction addze - #is NOT needed. Carry will NOT - #be ignored. It's not affected - #by multiply and will be collected - #in the next spin - $ST r9,`0*$BNSZ`(r3) - - #mul_add(rp[1],ap[1],w,c1); - $LD r8,`1*$BNSZ`(r4) - $LD r9,`1*$BNSZ`(r3) - $UMULL r11,r6,r8 - $UMULH r12,r6,r8 - adde r11,r11,r10 #r10 is carry. - addze r12,r12 - addc r11,r11,r9 - #addze r12,r12 - $ST r11,`1*$BNSZ`(r3) - - #mul_add(rp[2],ap[2],w,c1); - $LD r8,`2*$BNSZ`(r4) - $UMULL r9,r6,r8 - $LD r11,`2*$BNSZ`(r3) - $UMULH r10,r6,r8 - adde r9,r9,r12 - addze r10,r10 - addc r9,r9,r11 - #addze r10,r10 - $ST r9,`2*$BNSZ`(r3) - - #mul_add(rp[3],ap[3],w,c1); - $LD r8,`3*$BNSZ`(r4) - $UMULL r11,r6,r8 - $LD r9,`3*$BNSZ`(r3) - $UMULH r12,r6,r8 - adde r11,r11,r10 - addze r12,r12 - addc r11,r11,r9 - addze r12,r12 - $ST r11,`3*$BNSZ`(r3) - addi r3,r3,`4*$BNSZ` - addi r4,r4,`4*$BNSZ` - bdnz- Lppcasm_maw_mainloop - -Lppcasm_maw_leftover: - andi. r5,r5,0x3 - beq Lppcasm_maw_adios - addi r3,r3,-$BNSZ - addi r4,r4,-$BNSZ - #mul_add(rp[0],ap[0],w,c1); - mtctr r5 - $LDU r8,$BNSZ(r4) - $UMULL r9,r6,r8 - $UMULH r10,r6,r8 - $LDU r11,$BNSZ(r3) - addc r9,r9,r11 - addze r10,r10 - addc r9,r9,r12 - addze r12,r10 - $ST r9,0(r3) - - bdz Lppcasm_maw_adios - #mul_add(rp[1],ap[1],w,c1); - $LDU r8,$BNSZ(r4) - $UMULL r9,r6,r8 - $UMULH r10,r6,r8 - $LDU r11,$BNSZ(r3) - addc r9,r9,r11 - addze r10,r10 - addc r9,r9,r12 - addze r12,r10 - $ST r9,0(r3) - - bdz Lppcasm_maw_adios - #mul_add(rp[2],ap[2],w,c1); - $LDU r8,$BNSZ(r4) - $UMULL r9,r6,r8 - $UMULH r10,r6,r8 - $LDU r11,$BNSZ(r3) - addc r9,r9,r11 - addze r10,r10 - addc r9,r9,r12 - addze r12,r10 - $ST r9,0(r3) - -Lppcasm_maw_adios: - addi r3,r12,0 - blr - .align 4 -EOF -$data =~ s/\`([^\`]*)\`/eval $1/gem; -print $data; -close STDOUT; diff --git a/src/lib/libcrypto/bn/asm/x86-mont.pl b/src/lib/libcrypto/bn/asm/x86-mont.pl deleted file mode 100755 index 6524651748..0000000000 --- a/src/lib/libcrypto/bn/asm/x86-mont.pl +++ /dev/null @@ -1,592 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# October 2005 -# -# This is a "teaser" code, as it can be improved in several ways... -# First of all non-SSE2 path should be implemented (yes, for now it -# performs Montgomery multiplication/convolution only on SSE2-capable -# CPUs such as P4, others fall down to original code). Then inner loop -# can be unrolled and modulo-scheduled to improve ILP and possibly -# moved to 128-bit XMM register bank (though it would require input -# rearrangement and/or increase bus bandwidth utilization). Dedicated -# squaring procedure should give further performance improvement... -# Yet, for being draft, the code improves rsa512 *sign* benchmark by -# 110%(!), rsa1024 one - by 70% and rsa4096 - by 20%:-) - -# December 2006 -# -# Modulo-scheduling SSE2 loops results in further 15-20% improvement. -# Integer-only code [being equipped with dedicated squaring procedure] -# gives ~40% on rsa512 sign benchmark... - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -push(@INC,"${dir}","${dir}../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],$0); - -$sse2=0; -for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } - -&external_label("OPENSSL_ia32cap_P") if ($sse2); - -&function_begin("bn_mul_mont"); - -$i="edx"; -$j="ecx"; -$ap="esi"; $tp="esi"; # overlapping variables!!! -$rp="edi"; $bp="edi"; # overlapping variables!!! -$np="ebp"; -$num="ebx"; - -$_num=&DWP(4*0,"esp"); # stack top layout -$_rp=&DWP(4*1,"esp"); -$_ap=&DWP(4*2,"esp"); -$_bp=&DWP(4*3,"esp"); -$_np=&DWP(4*4,"esp"); -$_n0=&DWP(4*5,"esp"); $_n0q=&QWP(4*5,"esp"); -$_sp=&DWP(4*6,"esp"); -$_bpend=&DWP(4*7,"esp"); -$frame=32; # size of above frame rounded up to 16n - - &xor ("eax","eax"); - &mov ("edi",&wparam(5)); # int num - &cmp ("edi",4); - &jl (&label("just_leave")); - - &lea ("esi",&wparam(0)); # put aside pointer to argument block - &lea ("edx",&wparam(1)); # load ap - &mov ("ebp","esp"); # saved stack pointer! - &add ("edi",2); # extra two words on top of tp - &neg ("edi"); - &lea ("esp",&DWP(-$frame,"esp","edi",4)); # alloca($frame+4*(num+2)) - &neg ("edi"); - - # minimize cache contention by arranging 2K window between stack - # pointer and ap argument [np is also position sensitive vector, - # but it's assumed to be near ap, as it's allocated at ~same - # time]. - &mov ("eax","esp"); - &sub ("eax","edx"); - &and ("eax",2047); - &sub ("esp","eax"); # this aligns sp and ap modulo 2048 - - &xor ("edx","esp"); - &and ("edx",2048); - &xor ("edx",2048); - &sub ("esp","edx"); # this splits them apart modulo 4096 - - &and ("esp",-64); # align to cache line - - ################################# load argument block... - &mov ("eax",&DWP(0*4,"esi"));# BN_ULONG *rp - &mov ("ebx",&DWP(1*4,"esi"));# const BN_ULONG *ap - &mov ("ecx",&DWP(2*4,"esi"));# const BN_ULONG *bp - &mov ("edx",&DWP(3*4,"esi"));# const BN_ULONG *np - &mov ("esi",&DWP(4*4,"esi"));# const BN_ULONG *n0 - #&mov ("edi",&DWP(5*4,"esi"));# int num - - &mov ("esi",&DWP(0,"esi")); # pull n0[0] - &mov ($_rp,"eax"); # ... save a copy of argument block - &mov ($_ap,"ebx"); - &mov ($_bp,"ecx"); - &mov ($_np,"edx"); - &mov ($_n0,"esi"); - &lea ($num,&DWP(-3,"edi")); # num=num-1 to assist modulo-scheduling - #&mov ($_num,$num); # redundant as $num is not reused - &mov ($_sp,"ebp"); # saved stack pointer! - -if($sse2) { -$acc0="mm0"; # mmx register bank layout -$acc1="mm1"; -$car0="mm2"; -$car1="mm3"; -$mul0="mm4"; -$mul1="mm5"; -$temp="mm6"; -$mask="mm7"; - - &picsetup("eax"); - &picsymbol("eax", "OPENSSL_ia32cap_P", "eax"); - &bt (&DWP(0,"eax"),"\$IA32CAP_BIT0_SSE2"); - &jnc (&label("non_sse2")); - - &mov ("eax",-1); - &movd ($mask,"eax"); # mask 32 lower bits - - &mov ($ap,$_ap); # load input pointers - &mov ($bp,$_bp); - &mov ($np,$_np); - - &xor ($i,$i); # i=0 - &xor ($j,$j); # j=0 - - &movd ($mul0,&DWP(0,$bp)); # bp[0] - &movd ($mul1,&DWP(0,$ap)); # ap[0] - &movd ($car1,&DWP(0,$np)); # np[0] - - &pmuludq($mul1,$mul0); # ap[0]*bp[0] - &movq ($car0,$mul1); - &movq ($acc0,$mul1); # I wish movd worked for - &pand ($acc0,$mask); # inter-register transfers - - &pmuludq($mul1,$_n0q); # *=n0 - - &pmuludq($car1,$mul1); # "t[0]"*np[0]*n0 - &paddq ($car1,$acc0); - - &movd ($acc1,&DWP(4,$np)); # np[1] - &movd ($acc0,&DWP(4,$ap)); # ap[1] - - &psrlq ($car0,32); - &psrlq ($car1,32); - - &inc ($j); # j++ -&set_label("1st",16); - &pmuludq($acc0,$mul0); # ap[j]*bp[0] - &pmuludq($acc1,$mul1); # np[j]*m1 - &paddq ($car0,$acc0); # +=c0 - &paddq ($car1,$acc1); # +=c1 - - &movq ($acc0,$car0); - &pand ($acc0,$mask); - &movd ($acc1,&DWP(4,$np,$j,4)); # np[j+1] - &paddq ($car1,$acc0); # +=ap[j]*bp[0]; - &movd ($acc0,&DWP(4,$ap,$j,4)); # ap[j+1] - &psrlq ($car0,32); - &movd (&DWP($frame-4,"esp",$j,4),$car1); # tp[j-1]= - &psrlq ($car1,32); - - &lea ($j,&DWP(1,$j)); - &cmp ($j,$num); - &jl (&label("1st")); - - &pmuludq($acc0,$mul0); # ap[num-1]*bp[0] - &pmuludq($acc1,$mul1); # np[num-1]*m1 - &paddq ($car0,$acc0); # +=c0 - &paddq ($car1,$acc1); # +=c1 - - &movq ($acc0,$car0); - &pand ($acc0,$mask); - &paddq ($car1,$acc0); # +=ap[num-1]*bp[0]; - &movd (&DWP($frame-4,"esp",$j,4),$car1); # tp[num-2]= - - &psrlq ($car0,32); - &psrlq ($car1,32); - - &paddq ($car1,$car0); - &movq (&QWP($frame,"esp",$num,4),$car1); # tp[num].tp[num-1] - - &inc ($i); # i++ -&set_label("outer"); - &xor ($j,$j); # j=0 - - &movd ($mul0,&DWP(0,$bp,$i,4)); # bp[i] - &movd ($mul1,&DWP(0,$ap)); # ap[0] - &movd ($temp,&DWP($frame,"esp")); # tp[0] - &movd ($car1,&DWP(0,$np)); # np[0] - &pmuludq($mul1,$mul0); # ap[0]*bp[i] - - &paddq ($mul1,$temp); # +=tp[0] - &movq ($acc0,$mul1); - &movq ($car0,$mul1); - &pand ($acc0,$mask); - - &pmuludq($mul1,$_n0q); # *=n0 - - &pmuludq($car1,$mul1); - &paddq ($car1,$acc0); - - &movd ($temp,&DWP($frame+4,"esp")); # tp[1] - &movd ($acc1,&DWP(4,$np)); # np[1] - &movd ($acc0,&DWP(4,$ap)); # ap[1] - - &psrlq ($car0,32); - &psrlq ($car1,32); - &paddq ($car0,$temp); # +=tp[1] - - &inc ($j); # j++ - &dec ($num); -&set_label("inner"); - &pmuludq($acc0,$mul0); # ap[j]*bp[i] - &pmuludq($acc1,$mul1); # np[j]*m1 - &paddq ($car0,$acc0); # +=c0 - &paddq ($car1,$acc1); # +=c1 - - &movq ($acc0,$car0); - &movd ($temp,&DWP($frame+4,"esp",$j,4));# tp[j+1] - &pand ($acc0,$mask); - &movd ($acc1,&DWP(4,$np,$j,4)); # np[j+1] - &paddq ($car1,$acc0); # +=ap[j]*bp[i]+tp[j] - &movd ($acc0,&DWP(4,$ap,$j,4)); # ap[j+1] - &psrlq ($car0,32); - &movd (&DWP($frame-4,"esp",$j,4),$car1);# tp[j-1]= - &psrlq ($car1,32); - &paddq ($car0,$temp); # +=tp[j+1] - - &dec ($num); - &lea ($j,&DWP(1,$j)); # j++ - &jnz (&label("inner")); - - &mov ($num,$j); - &pmuludq($acc0,$mul0); # ap[num-1]*bp[i] - &pmuludq($acc1,$mul1); # np[num-1]*m1 - &paddq ($car0,$acc0); # +=c0 - &paddq ($car1,$acc1); # +=c1 - - &movq ($acc0,$car0); - &pand ($acc0,$mask); - &paddq ($car1,$acc0); # +=ap[num-1]*bp[i]+tp[num-1] - &movd (&DWP($frame-4,"esp",$j,4),$car1); # tp[num-2]= - &psrlq ($car0,32); - &psrlq ($car1,32); - - &movd ($temp,&DWP($frame+4,"esp",$num,4)); # += tp[num] - &paddq ($car1,$car0); - &paddq ($car1,$temp); - &movq (&QWP($frame,"esp",$num,4),$car1); # tp[num].tp[num-1] - - &lea ($i,&DWP(1,$i)); # i++ - &cmp ($i,$num); - &jle (&label("outer")); - - &emms (); # done with mmx bank - &jmp (&label("common_tail")); - -&set_label("non_sse2",16); -} - -if (0) { - &mov ("esp",$_sp); - &xor ("eax","eax"); # signal "not fast enough [yet]" - &jmp (&label("just_leave")); - # While the below code provides competitive performance for - # all key lengths on modern Intel cores, it's still more - # than 10% slower for 4096-bit key elsewhere:-( "Competitive" - # means compared to the original integer-only assembler. - # 512-bit RSA sign is better by ~40%, but that's about all - # one can say about all CPUs... -} else { -$inp="esi"; # integer path uses these registers differently -$word="edi"; -$carry="ebp"; - - &mov ($inp,$_ap); - &lea ($carry,&DWP(1,$num)); - &mov ($word,$_bp); - &xor ($j,$j); # j=0 - &mov ("edx",$inp); - &and ($carry,1); # see if num is even - &sub ("edx",$word); # see if ap==bp - &lea ("eax",&DWP(4,$word,$num,4)); # &bp[num] - &or ($carry,"edx"); - &mov ($word,&DWP(0,$word)); # bp[0] - &jz (&label("bn_sqr_mont")); - &mov ($_bpend,"eax"); - &mov ("eax",&DWP(0,$inp)); - &xor ("edx","edx"); - -&set_label("mull",16); - &mov ($carry,"edx"); - &mul ($word); # ap[j]*bp[0] - &add ($carry,"eax"); - &lea ($j,&DWP(1,$j)); - &adc ("edx",0); - &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j+1] - &cmp ($j,$num); - &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]= - &jl (&label("mull")); - - &mov ($carry,"edx"); - &mul ($word); # ap[num-1]*bp[0] - &mov ($word,$_n0); - &add ("eax",$carry); - &mov ($inp,$_np); - &adc ("edx",0); - &imul ($word,&DWP($frame,"esp")); # n0*tp[0] - - &mov (&DWP($frame,"esp",$num,4),"eax"); # tp[num-1]= - &xor ($j,$j); - &mov (&DWP($frame+4,"esp",$num,4),"edx"); # tp[num]= - &mov (&DWP($frame+8,"esp",$num,4),$j); # tp[num+1]= - - &mov ("eax",&DWP(0,$inp)); # np[0] - &mul ($word); # np[0]*m - &add ("eax",&DWP($frame,"esp")); # +=tp[0] - &mov ("eax",&DWP(4,$inp)); # np[1] - &adc ("edx",0); - &inc ($j); - - &jmp (&label("2ndmadd")); - -&set_label("1stmadd",16); - &mov ($carry,"edx"); - &mul ($word); # ap[j]*bp[i] - &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j] - &lea ($j,&DWP(1,$j)); - &adc ("edx",0); - &add ($carry,"eax"); - &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j+1] - &adc ("edx",0); - &cmp ($j,$num); - &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]= - &jl (&label("1stmadd")); - - &mov ($carry,"edx"); - &mul ($word); # ap[num-1]*bp[i] - &add ("eax",&DWP($frame,"esp",$num,4)); # +=tp[num-1] - &mov ($word,$_n0); - &adc ("edx",0); - &mov ($inp,$_np); - &add ($carry,"eax"); - &adc ("edx",0); - &imul ($word,&DWP($frame,"esp")); # n0*tp[0] - - &xor ($j,$j); - &add ("edx",&DWP($frame+4,"esp",$num,4)); # carry+=tp[num] - &mov (&DWP($frame,"esp",$num,4),$carry); # tp[num-1]= - &adc ($j,0); - &mov ("eax",&DWP(0,$inp)); # np[0] - &mov (&DWP($frame+4,"esp",$num,4),"edx"); # tp[num]= - &mov (&DWP($frame+8,"esp",$num,4),$j); # tp[num+1]= - - &mul ($word); # np[0]*m - &add ("eax",&DWP($frame,"esp")); # +=tp[0] - &mov ("eax",&DWP(4,$inp)); # np[1] - &adc ("edx",0); - &mov ($j,1); - -&set_label("2ndmadd",16); - &mov ($carry,"edx"); - &mul ($word); # np[j]*m - &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j] - &lea ($j,&DWP(1,$j)); - &adc ("edx",0); - &add ($carry,"eax"); - &mov ("eax",&DWP(0,$inp,$j,4)); # np[j+1] - &adc ("edx",0); - &cmp ($j,$num); - &mov (&DWP($frame-8,"esp",$j,4),$carry); # tp[j-1]= - &jl (&label("2ndmadd")); - - &mov ($carry,"edx"); - &mul ($word); # np[j]*m - &add ($carry,&DWP($frame,"esp",$num,4)); # +=tp[num-1] - &adc ("edx",0); - &add ($carry,"eax"); - &adc ("edx",0); - &mov (&DWP($frame-4,"esp",$num,4),$carry); # tp[num-2]= - - &xor ("eax","eax"); - &mov ($j,$_bp); # &bp[i] - &add ("edx",&DWP($frame+4,"esp",$num,4)); # carry+=tp[num] - &adc ("eax",&DWP($frame+8,"esp",$num,4)); # +=tp[num+1] - &lea ($j,&DWP(4,$j)); - &mov (&DWP($frame,"esp",$num,4),"edx"); # tp[num-1]= - &cmp ($j,$_bpend); - &mov (&DWP($frame+4,"esp",$num,4),"eax"); # tp[num]= - &je (&label("common_tail")); - - &mov ($word,&DWP(0,$j)); # bp[i+1] - &mov ($inp,$_ap); - &mov ($_bp,$j); # &bp[++i] - &xor ($j,$j); - &xor ("edx","edx"); - &mov ("eax",&DWP(0,$inp)); - &jmp (&label("1stmadd")); - -&set_label("bn_sqr_mont",16); -$sbit=$num; - &mov ($_num,$num); - &mov ($_bp,$j); # i=0 - - &mov ("eax",$word); # ap[0] - &mul ($word); # ap[0]*ap[0] - &mov (&DWP($frame,"esp"),"eax"); # tp[0]= - &mov ($sbit,"edx"); - &shr ("edx",1); - &and ($sbit,1); - &inc ($j); -&set_label("sqr",16); - &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j] - &mov ($carry,"edx"); - &mul ($word); # ap[j]*ap[0] - &add ("eax",$carry); - &lea ($j,&DWP(1,$j)); - &adc ("edx",0); - &lea ($carry,&DWP(0,$sbit,"eax",2)); - &shr ("eax",31); - &cmp ($j,$_num); - &mov ($sbit,"eax"); - &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]= - &jl (&label("sqr")); - - &mov ("eax",&DWP(0,$inp,$j,4)); # ap[num-1] - &mov ($carry,"edx"); - &mul ($word); # ap[num-1]*ap[0] - &add ("eax",$carry); - &mov ($word,$_n0); - &adc ("edx",0); - &mov ($inp,$_np); - &lea ($carry,&DWP(0,$sbit,"eax",2)); - &imul ($word,&DWP($frame,"esp")); # n0*tp[0] - &shr ("eax",31); - &mov (&DWP($frame,"esp",$j,4),$carry); # tp[num-1]= - - &lea ($carry,&DWP(0,"eax","edx",2)); - &mov ("eax",&DWP(0,$inp)); # np[0] - &shr ("edx",31); - &mov (&DWP($frame+4,"esp",$j,4),$carry); # tp[num]= - &mov (&DWP($frame+8,"esp",$j,4),"edx"); # tp[num+1]= - - &mul ($word); # np[0]*m - &add ("eax",&DWP($frame,"esp")); # +=tp[0] - &mov ($num,$j); - &adc ("edx",0); - &mov ("eax",&DWP(4,$inp)); # np[1] - &mov ($j,1); - -&set_label("3rdmadd",16); - &mov ($carry,"edx"); - &mul ($word); # np[j]*m - &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j] - &adc ("edx",0); - &add ($carry,"eax"); - &mov ("eax",&DWP(4,$inp,$j,4)); # np[j+1] - &adc ("edx",0); - &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j-1]= - - &mov ($carry,"edx"); - &mul ($word); # np[j+1]*m - &add ($carry,&DWP($frame+4,"esp",$j,4)); # +=tp[j+1] - &lea ($j,&DWP(2,$j)); - &adc ("edx",0); - &add ($carry,"eax"); - &mov ("eax",&DWP(0,$inp,$j,4)); # np[j+2] - &adc ("edx",0); - &cmp ($j,$num); - &mov (&DWP($frame-8,"esp",$j,4),$carry); # tp[j]= - &jl (&label("3rdmadd")); - - &mov ($carry,"edx"); - &mul ($word); # np[j]*m - &add ($carry,&DWP($frame,"esp",$num,4)); # +=tp[num-1] - &adc ("edx",0); - &add ($carry,"eax"); - &adc ("edx",0); - &mov (&DWP($frame-4,"esp",$num,4),$carry); # tp[num-2]= - - &mov ($j,$_bp); # i - &xor ("eax","eax"); - &mov ($inp,$_ap); - &add ("edx",&DWP($frame+4,"esp",$num,4)); # carry+=tp[num] - &adc ("eax",&DWP($frame+8,"esp",$num,4)); # +=tp[num+1] - &mov (&DWP($frame,"esp",$num,4),"edx"); # tp[num-1]= - &cmp ($j,$num); - &mov (&DWP($frame+4,"esp",$num,4),"eax"); # tp[num]= - &je (&label("common_tail")); - - &mov ($word,&DWP(4,$inp,$j,4)); # ap[i] - &lea ($j,&DWP(1,$j)); - &mov ("eax",$word); - &mov ($_bp,$j); # ++i - &mul ($word); # ap[i]*ap[i] - &add ("eax",&DWP($frame,"esp",$j,4)); # +=tp[i] - &adc ("edx",0); - &mov (&DWP($frame,"esp",$j,4),"eax"); # tp[i]= - &xor ($carry,$carry); - &cmp ($j,$num); - &lea ($j,&DWP(1,$j)); - &je (&label("sqrlast")); - - &mov ($sbit,"edx"); # zaps $num - &shr ("edx",1); - &and ($sbit,1); -&set_label("sqradd",16); - &mov ("eax",&DWP(0,$inp,$j,4)); # ap[j] - &mov ($carry,"edx"); - &mul ($word); # ap[j]*ap[i] - &add ("eax",$carry); - &lea ($carry,&DWP(0,"eax","eax")); - &adc ("edx",0); - &shr ("eax",31); - &add ($carry,&DWP($frame,"esp",$j,4)); # +=tp[j] - &lea ($j,&DWP(1,$j)); - &adc ("eax",0); - &add ($carry,$sbit); - &adc ("eax",0); - &cmp ($j,$_num); - &mov (&DWP($frame-4,"esp",$j,4),$carry); # tp[j]= - &mov ($sbit,"eax"); - &jle (&label("sqradd")); - - &mov ($carry,"edx"); - &add ("edx","edx"); - &shr ($carry,31); - &add ("edx",$sbit); - &adc ($carry,0); -&set_label("sqrlast"); - &mov ($word,$_n0); - &mov ($inp,$_np); - &imul ($word,&DWP($frame,"esp")); # n0*tp[0] - - &add ("edx",&DWP($frame,"esp",$j,4)); # +=tp[num] - &mov ("eax",&DWP(0,$inp)); # np[0] - &adc ($carry,0); - &mov (&DWP($frame,"esp",$j,4),"edx"); # tp[num]= - &mov (&DWP($frame+4,"esp",$j,4),$carry); # tp[num+1]= - - &mul ($word); # np[0]*m - &add ("eax",&DWP($frame,"esp")); # +=tp[0] - &lea ($num,&DWP(-1,$j)); - &adc ("edx",0); - &mov ($j,1); - &mov ("eax",&DWP(4,$inp)); # np[1] - - &jmp (&label("3rdmadd")); -} - -&set_label("common_tail",16); - &mov ($np,$_np); # load modulus pointer - &mov ($rp,$_rp); # load result pointer - &lea ($tp,&DWP($frame,"esp")); # [$ap and $bp are zapped] - - &mov ("eax",&DWP(0,$tp)); # tp[0] - &mov ($j,$num); # j=num-1 - &xor ($i,$i); # i=0 and clear CF! - -&set_label("sub",16); - &sbb ("eax",&DWP(0,$np,$i,4)); - &mov (&DWP(0,$rp,$i,4),"eax"); # rp[i]=tp[i]-np[i] - &dec ($j); # doesn't affect CF! - &mov ("eax",&DWP(4,$tp,$i,4)); # tp[i+1] - &lea ($i,&DWP(1,$i)); # i++ - &jge (&label("sub")); - - &sbb ("eax",0); # handle upmost overflow bit - &and ($tp,"eax"); - ¬ ("eax"); - &mov ($np,$rp); - &and ($np,"eax"); - &or ($tp,$np); # tp=carry?tp:rp - -&set_label("copy",16); # copy or in-place refresh - &mov ("eax",&DWP(0,$tp,$num,4)); - &mov (&DWP(0,$rp,$num,4),"eax"); # rp[i]=tp[i] - &mov (&DWP($frame,"esp",$num,4),$j); # zap temporary vector - &dec ($num); - &jge (&label("copy")); - - &mov ("esp",$_sp); # pull saved stack pointer - &mov ("eax",1); -&set_label("just_leave"); -&function_end("bn_mul_mont"); - -&asm_finish(); diff --git a/src/lib/libcrypto/bn/asm/x86_64-mont.pl b/src/lib/libcrypto/bn/asm/x86_64-mont.pl deleted file mode 100755 index 30cfab4fce..0000000000 --- a/src/lib/libcrypto/bn/asm/x86_64-mont.pl +++ /dev/null @@ -1,1503 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# October 2005. -# -# Montgomery multiplication routine for x86_64. While it gives modest -# 9% improvement of rsa4096 sign on Opteron, rsa512 sign runs more -# than twice, >2x, as fast. Most common rsa1024 sign is improved by -# respectful 50%. It remains to be seen if loop unrolling and -# dedicated squaring routine can provide further improvement... - -# July 2011. -# -# Add dedicated squaring procedure. Performance improvement varies -# from platform to platform, but in average it's ~5%/15%/25%/33% -# for 512-/1024-/2048-/4096-bit RSA *sign* benchmarks respectively. - -# August 2011. -# -# Unroll and modulo-schedule inner loops in such manner that they -# are "fallen through" for input lengths of 8, which is critical for -# 1024-bit RSA *sign*. Average performance improvement in comparison -# to *initial* version of this module from 2005 is ~0%/30%/40%/45% -# for 512-/1024-/2048-/4096-bit RSA *sign* benchmarks respectively. - -$flavour = shift; -$output = shift; -if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or -( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or -die "can't locate x86_64-xlate.pl"; - -open OUT,"| \"$^X\" $xlate $flavour $output"; -*STDOUT=*OUT; - -# int bn_mul_mont( -$rp="%rdi"; # BN_ULONG *rp, -$ap="%rsi"; # const BN_ULONG *ap, -$bp="%rdx"; # const BN_ULONG *bp, -$np="%rcx"; # const BN_ULONG *np, -$n0="%r8"; # const BN_ULONG *n0, -$num="%r9"; # int num); -$lo0="%r10"; -$hi0="%r11"; -$hi1="%r13"; -$i="%r14"; -$j="%r15"; -$m0="%rbx"; -$m1="%rbp"; - -$code=<<___; -.text - -.globl bn_mul_mont -.type bn_mul_mont,\@function,6 -.align 16 -bn_mul_mont: - _CET_ENDBR - test \$3,${num}d - jnz .Lmul_enter - cmp \$8,${num}d - jb .Lmul_enter - cmp $ap,$bp - jne .Lmul4x_enter - jmp .Lsqr4x_enter - -.align 16 -.Lmul_enter: - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - - mov ${num}d,${num}d - lea 2($num),%r10 - mov %rsp,%r11 - neg %r10 - lea (%rsp,%r10,8),%rsp # tp=alloca(8*(num+2)) - and \$-1024,%rsp # minimize TLB usage - - mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp -.Lmul_body: - mov $bp,%r12 # reassign $bp -___ - $bp="%r12"; -$code.=<<___; - mov ($n0),$n0 # pull n0[0] value - mov ($bp),$m0 # m0=bp[0] - mov ($ap),%rax - - xor $i,$i # i=0 - xor $j,$j # j=0 - - mov $n0,$m1 - mulq $m0 # ap[0]*bp[0] - mov %rax,$lo0 - mov ($np),%rax - - imulq $lo0,$m1 # "tp[0]"*n0 - mov %rdx,$hi0 - - mulq $m1 # np[0]*m1 - add %rax,$lo0 # discarded - mov 8($ap),%rax - adc \$0,%rdx - mov %rdx,$hi1 - - lea 1($j),$j # j++ - jmp .L1st_enter - -.align 16 -.L1st: - add %rax,$hi1 - mov ($ap,$j,8),%rax - adc \$0,%rdx - add $hi0,$hi1 # np[j]*m1+ap[j]*bp[0] - mov $lo0,$hi0 - adc \$0,%rdx - mov $hi1,-16(%rsp,$j,8) # tp[j-1] - mov %rdx,$hi1 - -.L1st_enter: - mulq $m0 # ap[j]*bp[0] - add %rax,$hi0 - mov ($np,$j,8),%rax - adc \$0,%rdx - lea 1($j),$j # j++ - mov %rdx,$lo0 - - mulq $m1 # np[j]*m1 - cmp $num,$j - jl .L1st - - add %rax,$hi1 - mov ($ap),%rax # ap[0] - adc \$0,%rdx - add $hi0,$hi1 # np[j]*m1+ap[j]*bp[0] - adc \$0,%rdx - mov $hi1,-16(%rsp,$j,8) # tp[j-1] - mov %rdx,$hi1 - mov $lo0,$hi0 - - xor %rdx,%rdx - add $hi0,$hi1 - adc \$0,%rdx - mov $hi1,-8(%rsp,$num,8) - mov %rdx,(%rsp,$num,8) # store upmost overflow bit - - lea 1($i),$i # i++ - jmp .Louter -.align 16 -.Louter: - mov ($bp,$i,8),$m0 # m0=bp[i] - xor $j,$j # j=0 - mov $n0,$m1 - mov (%rsp),$lo0 - mulq $m0 # ap[0]*bp[i] - add %rax,$lo0 # ap[0]*bp[i]+tp[0] - mov ($np),%rax - adc \$0,%rdx - - imulq $lo0,$m1 # tp[0]*n0 - mov %rdx,$hi0 - - mulq $m1 # np[0]*m1 - add %rax,$lo0 # discarded - mov 8($ap),%rax - adc \$0,%rdx - mov 8(%rsp),$lo0 # tp[1] - mov %rdx,$hi1 - - lea 1($j),$j # j++ - jmp .Linner_enter - -.align 16 -.Linner: - add %rax,$hi1 - mov ($ap,$j,8),%rax - adc \$0,%rdx - add $lo0,$hi1 # np[j]*m1+ap[j]*bp[i]+tp[j] - mov (%rsp,$j,8),$lo0 - adc \$0,%rdx - mov $hi1,-16(%rsp,$j,8) # tp[j-1] - mov %rdx,$hi1 - -.Linner_enter: - mulq $m0 # ap[j]*bp[i] - add %rax,$hi0 - mov ($np,$j,8),%rax - adc \$0,%rdx - add $hi0,$lo0 # ap[j]*bp[i]+tp[j] - mov %rdx,$hi0 - adc \$0,$hi0 - lea 1($j),$j # j++ - - mulq $m1 # np[j]*m1 - cmp $num,$j - jl .Linner - - add %rax,$hi1 - mov ($ap),%rax # ap[0] - adc \$0,%rdx - add $lo0,$hi1 # np[j]*m1+ap[j]*bp[i]+tp[j] - mov (%rsp,$j,8),$lo0 - adc \$0,%rdx - mov $hi1,-16(%rsp,$j,8) # tp[j-1] - mov %rdx,$hi1 - - xor %rdx,%rdx - add $hi0,$hi1 - adc \$0,%rdx - add $lo0,$hi1 # pull upmost overflow bit - adc \$0,%rdx - mov $hi1,-8(%rsp,$num,8) - mov %rdx,(%rsp,$num,8) # store upmost overflow bit - - lea 1($i),$i # i++ - cmp $num,$i - jl .Louter - - xor $i,$i # i=0 and clear CF! - mov (%rsp),%rax # tp[0] - lea (%rsp),$ap # borrow ap for tp - mov $num,$j # j=num - jmp .Lsub -.align 16 -.Lsub: sbb ($np,$i,8),%rax - mov %rax,($rp,$i,8) # rp[i]=tp[i]-np[i] - mov 8($ap,$i,8),%rax # tp[i+1] - lea 1($i),$i # i++ - dec $j # doesnn't affect CF! - jnz .Lsub - - sbb \$0,%rax # handle upmost overflow bit - xor $i,$i - and %rax,$ap - not %rax - mov $rp,$np - and %rax,$np - mov $num,$j # j=num - or $np,$ap # ap=borrow?tp:rp -.align 16 -.Lcopy: # copy or in-place refresh - mov ($ap,$i,8),%rax - mov $i,(%rsp,$i,8) # zap temporary vector - mov %rax,($rp,$i,8) # rp[i]=tp[i] - lea 1($i),$i - sub \$1,$j - jnz .Lcopy - - mov 8(%rsp,$num,8),%rsi # restore %rsp - mov \$1,%rax - mov (%rsi),%r15 - mov 8(%rsi),%r14 - mov 16(%rsi),%r13 - mov 24(%rsi),%r12 - mov 32(%rsi),%rbp - mov 40(%rsi),%rbx - lea 48(%rsi),%rsp -.Lmul_epilogue: - ret -.size bn_mul_mont,.-bn_mul_mont -___ -{{{ -my @A=("%r10","%r11"); -my @N=("%r13","%rdi"); -$code.=<<___; -.type bn_mul4x_mont,\@function,6 -.align 16 -bn_mul4x_mont: -.Lmul4x_enter: - _CET_ENDBR - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - - mov ${num}d,${num}d - lea 4($num),%r10 - mov %rsp,%r11 - neg %r10 - lea (%rsp,%r10,8),%rsp # tp=alloca(8*(num+4)) - and \$-1024,%rsp # minimize TLB usage - - mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp -.Lmul4x_body: - mov $rp,16(%rsp,$num,8) # tp[num+2]=$rp - mov %rdx,%r12 # reassign $bp -___ - $bp="%r12"; -$code.=<<___; - mov ($n0),$n0 # pull n0[0] value - mov ($bp),$m0 # m0=bp[0] - mov ($ap),%rax - - xor $i,$i # i=0 - xor $j,$j # j=0 - - mov $n0,$m1 - mulq $m0 # ap[0]*bp[0] - mov %rax,$A[0] - mov ($np),%rax - - imulq $A[0],$m1 # "tp[0]"*n0 - mov %rdx,$A[1] - - mulq $m1 # np[0]*m1 - add %rax,$A[0] # discarded - mov 8($ap),%rax - adc \$0,%rdx - mov %rdx,$N[1] - - mulq $m0 - add %rax,$A[1] - mov 8($np),%rax - adc \$0,%rdx - mov %rdx,$A[0] - - mulq $m1 - add %rax,$N[1] - mov 16($ap),%rax - adc \$0,%rdx - add $A[1],$N[1] - lea 4($j),$j # j++ - adc \$0,%rdx - mov $N[1],(%rsp) - mov %rdx,$N[0] - jmp .L1st4x -.align 16 -.L1st4x: - mulq $m0 # ap[j]*bp[0] - add %rax,$A[0] - mov -16($np,$j,8),%rax - adc \$0,%rdx - mov %rdx,$A[1] - - mulq $m1 # np[j]*m1 - add %rax,$N[0] - mov -8($ap,$j,8),%rax - adc \$0,%rdx - add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0] - adc \$0,%rdx - mov $N[0],-24(%rsp,$j,8) # tp[j-1] - mov %rdx,$N[1] - - mulq $m0 # ap[j]*bp[0] - add %rax,$A[1] - mov -8($np,$j,8),%rax - adc \$0,%rdx - mov %rdx,$A[0] - - mulq $m1 # np[j]*m1 - add %rax,$N[1] - mov ($ap,$j,8),%rax - adc \$0,%rdx - add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0] - adc \$0,%rdx - mov $N[1],-16(%rsp,$j,8) # tp[j-1] - mov %rdx,$N[0] - - mulq $m0 # ap[j]*bp[0] - add %rax,$A[0] - mov ($np,$j,8),%rax - adc \$0,%rdx - mov %rdx,$A[1] - - mulq $m1 # np[j]*m1 - add %rax,$N[0] - mov 8($ap,$j,8),%rax - adc \$0,%rdx - add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0] - adc \$0,%rdx - mov $N[0],-8(%rsp,$j,8) # tp[j-1] - mov %rdx,$N[1] - - mulq $m0 # ap[j]*bp[0] - add %rax,$A[1] - mov 8($np,$j,8),%rax - adc \$0,%rdx - lea 4($j),$j # j++ - mov %rdx,$A[0] - - mulq $m1 # np[j]*m1 - add %rax,$N[1] - mov -16($ap,$j,8),%rax - adc \$0,%rdx - add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0] - adc \$0,%rdx - mov $N[1],-32(%rsp,$j,8) # tp[j-1] - mov %rdx,$N[0] - cmp $num,$j - jl .L1st4x - - mulq $m0 # ap[j]*bp[0] - add %rax,$A[0] - mov -16($np,$j,8),%rax - adc \$0,%rdx - mov %rdx,$A[1] - - mulq $m1 # np[j]*m1 - add %rax,$N[0] - mov -8($ap,$j,8),%rax - adc \$0,%rdx - add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0] - adc \$0,%rdx - mov $N[0],-24(%rsp,$j,8) # tp[j-1] - mov %rdx,$N[1] - - mulq $m0 # ap[j]*bp[0] - add %rax,$A[1] - mov -8($np,$j,8),%rax - adc \$0,%rdx - mov %rdx,$A[0] - - mulq $m1 # np[j]*m1 - add %rax,$N[1] - mov ($ap),%rax # ap[0] - adc \$0,%rdx - add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0] - adc \$0,%rdx - mov $N[1],-16(%rsp,$j,8) # tp[j-1] - mov %rdx,$N[0] - - xor $N[1],$N[1] - add $A[0],$N[0] - adc \$0,$N[1] - mov $N[0],-8(%rsp,$j,8) - mov $N[1],(%rsp,$j,8) # store upmost overflow bit - - lea 1($i),$i # i++ -.align 4 -.Louter4x: - mov ($bp,$i,8),$m0 # m0=bp[i] - xor $j,$j # j=0 - mov (%rsp),$A[0] - mov $n0,$m1 - mulq $m0 # ap[0]*bp[i] - add %rax,$A[0] # ap[0]*bp[i]+tp[0] - mov ($np),%rax - adc \$0,%rdx - - imulq $A[0],$m1 # tp[0]*n0 - mov %rdx,$A[1] - - mulq $m1 # np[0]*m1 - add %rax,$A[0] # "$N[0]", discarded - mov 8($ap),%rax - adc \$0,%rdx - mov %rdx,$N[1] - - mulq $m0 # ap[j]*bp[i] - add %rax,$A[1] - mov 8($np),%rax - adc \$0,%rdx - add 8(%rsp),$A[1] # +tp[1] - adc \$0,%rdx - mov %rdx,$A[0] - - mulq $m1 # np[j]*m1 - add %rax,$N[1] - mov 16($ap),%rax - adc \$0,%rdx - add $A[1],$N[1] # np[j]*m1+ap[j]*bp[i]+tp[j] - lea 4($j),$j # j+=2 - adc \$0,%rdx - mov $N[1],(%rsp) # tp[j-1] - mov %rdx,$N[0] - jmp .Linner4x -.align 16 -.Linner4x: - mulq $m0 # ap[j]*bp[i] - add %rax,$A[0] - mov -16($np,$j,8),%rax - adc \$0,%rdx - add -16(%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j] - adc \$0,%rdx - mov %rdx,$A[1] - - mulq $m1 # np[j]*m1 - add %rax,$N[0] - mov -8($ap,$j,8),%rax - adc \$0,%rdx - add $A[0],$N[0] - adc \$0,%rdx - mov $N[0],-24(%rsp,$j,8) # tp[j-1] - mov %rdx,$N[1] - - mulq $m0 # ap[j]*bp[i] - add %rax,$A[1] - mov -8($np,$j,8),%rax - adc \$0,%rdx - add -8(%rsp,$j,8),$A[1] - adc \$0,%rdx - mov %rdx,$A[0] - - mulq $m1 # np[j]*m1 - add %rax,$N[1] - mov ($ap,$j,8),%rax - adc \$0,%rdx - add $A[1],$N[1] - adc \$0,%rdx - mov $N[1],-16(%rsp,$j,8) # tp[j-1] - mov %rdx,$N[0] - - mulq $m0 # ap[j]*bp[i] - add %rax,$A[0] - mov ($np,$j,8),%rax - adc \$0,%rdx - add (%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j] - adc \$0,%rdx - mov %rdx,$A[1] - - mulq $m1 # np[j]*m1 - add %rax,$N[0] - mov 8($ap,$j,8),%rax - adc \$0,%rdx - add $A[0],$N[0] - adc \$0,%rdx - mov $N[0],-8(%rsp,$j,8) # tp[j-1] - mov %rdx,$N[1] - - mulq $m0 # ap[j]*bp[i] - add %rax,$A[1] - mov 8($np,$j,8),%rax - adc \$0,%rdx - add 8(%rsp,$j,8),$A[1] - adc \$0,%rdx - lea 4($j),$j # j++ - mov %rdx,$A[0] - - mulq $m1 # np[j]*m1 - add %rax,$N[1] - mov -16($ap,$j,8),%rax - adc \$0,%rdx - add $A[1],$N[1] - adc \$0,%rdx - mov $N[1],-32(%rsp,$j,8) # tp[j-1] - mov %rdx,$N[0] - cmp $num,$j - jl .Linner4x - - mulq $m0 # ap[j]*bp[i] - add %rax,$A[0] - mov -16($np,$j,8),%rax - adc \$0,%rdx - add -16(%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j] - adc \$0,%rdx - mov %rdx,$A[1] - - mulq $m1 # np[j]*m1 - add %rax,$N[0] - mov -8($ap,$j,8),%rax - adc \$0,%rdx - add $A[0],$N[0] - adc \$0,%rdx - mov $N[0],-24(%rsp,$j,8) # tp[j-1] - mov %rdx,$N[1] - - mulq $m0 # ap[j]*bp[i] - add %rax,$A[1] - mov -8($np,$j,8),%rax - adc \$0,%rdx - add -8(%rsp,$j,8),$A[1] - adc \$0,%rdx - lea 1($i),$i # i++ - mov %rdx,$A[0] - - mulq $m1 # np[j]*m1 - add %rax,$N[1] - mov ($ap),%rax # ap[0] - adc \$0,%rdx - add $A[1],$N[1] - adc \$0,%rdx - mov $N[1],-16(%rsp,$j,8) # tp[j-1] - mov %rdx,$N[0] - - xor $N[1],$N[1] - add $A[0],$N[0] - adc \$0,$N[1] - add (%rsp,$num,8),$N[0] # pull upmost overflow bit - adc \$0,$N[1] - mov $N[0],-8(%rsp,$j,8) - mov $N[1],(%rsp,$j,8) # store upmost overflow bit - - cmp $num,$i - jl .Louter4x -___ -{ -my @ri=("%rax","%rdx",$m0,$m1); -$code.=<<___; - mov 16(%rsp,$num,8),$rp # restore $rp - mov 0(%rsp),@ri[0] # tp[0] - pxor %xmm0,%xmm0 - mov 8(%rsp),@ri[1] # tp[1] - shr \$2,$num # num/=4 - lea (%rsp),$ap # borrow ap for tp - xor $i,$i # i=0 and clear CF! - - sub 0($np),@ri[0] - mov 16($ap),@ri[2] # tp[2] - mov 24($ap),@ri[3] # tp[3] - sbb 8($np),@ri[1] - lea -1($num),$j # j=num/4-1 - jmp .Lsub4x -.align 16 -.Lsub4x: - mov @ri[0],0($rp,$i,8) # rp[i]=tp[i]-np[i] - mov @ri[1],8($rp,$i,8) # rp[i]=tp[i]-np[i] - sbb 16($np,$i,8),@ri[2] - mov 32($ap,$i,8),@ri[0] # tp[i+1] - mov 40($ap,$i,8),@ri[1] - sbb 24($np,$i,8),@ri[3] - mov @ri[2],16($rp,$i,8) # rp[i]=tp[i]-np[i] - mov @ri[3],24($rp,$i,8) # rp[i]=tp[i]-np[i] - sbb 32($np,$i,8),@ri[0] - mov 48($ap,$i,8),@ri[2] - mov 56($ap,$i,8),@ri[3] - sbb 40($np,$i,8),@ri[1] - lea 4($i),$i # i++ - dec $j # doesnn't affect CF! - jnz .Lsub4x - - mov @ri[0],0($rp,$i,8) # rp[i]=tp[i]-np[i] - mov 32($ap,$i,8),@ri[0] # load overflow bit - sbb 16($np,$i,8),@ri[2] - mov @ri[1],8($rp,$i,8) # rp[i]=tp[i]-np[i] - sbb 24($np,$i,8),@ri[3] - mov @ri[2],16($rp,$i,8) # rp[i]=tp[i]-np[i] - - sbb \$0,@ri[0] # handle upmost overflow bit - mov @ri[3],24($rp,$i,8) # rp[i]=tp[i]-np[i] - xor $i,$i # i=0 - and @ri[0],$ap - not @ri[0] - mov $rp,$np - and @ri[0],$np - lea -1($num),$j - or $np,$ap # ap=borrow?tp:rp - - movdqu ($ap),%xmm1 - movdqa %xmm0,(%rsp) - movdqu %xmm1,($rp) - jmp .Lcopy4x -.align 16 -.Lcopy4x: # copy or in-place refresh - movdqu 16($ap,$i),%xmm2 - movdqu 32($ap,$i),%xmm1 - movdqa %xmm0,16(%rsp,$i) - movdqu %xmm2,16($rp,$i) - movdqa %xmm0,32(%rsp,$i) - movdqu %xmm1,32($rp,$i) - lea 32($i),$i - dec $j - jnz .Lcopy4x - - shl \$2,$num - movdqu 16($ap,$i),%xmm2 - movdqa %xmm0,16(%rsp,$i) - movdqu %xmm2,16($rp,$i) -___ -} -$code.=<<___; - mov 8(%rsp,$num,8),%rsi # restore %rsp - mov \$1,%rax - mov (%rsi),%r15 - mov 8(%rsi),%r14 - mov 16(%rsi),%r13 - mov 24(%rsi),%r12 - mov 32(%rsi),%rbp - mov 40(%rsi),%rbx - lea 48(%rsi),%rsp -.Lmul4x_epilogue: - ret -.size bn_mul4x_mont,.-bn_mul4x_mont -___ -}}} - {{{ -###################################################################### -# void bn_sqr4x_mont( -my $rptr="%rdi"; # const BN_ULONG *rptr, -my $aptr="%rsi"; # const BN_ULONG *aptr, -my $bptr="%rdx"; # not used -my $nptr="%rcx"; # const BN_ULONG *nptr, -my $n0 ="%r8"; # const BN_ULONG *n0); -my $num ="%r9"; # int num, has to be divisible by 4 and - # not less than 8 - -my ($i,$j,$tptr)=("%rbp","%rcx",$rptr); -my @A0=("%r10","%r11"); -my @A1=("%r12","%r13"); -my ($a0,$a1,$ai)=("%r14","%r15","%rbx"); - -$code.=<<___; -.type bn_sqr4x_mont,\@function,6 -.align 16 -bn_sqr4x_mont: -.Lsqr4x_enter: - _CET_ENDBR - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - - shl \$3,${num}d # convert $num to bytes - xor %r10,%r10 - mov %rsp,%r11 # put aside %rsp - sub $num,%r10 # -$num - mov ($n0),$n0 # *n0 - lea -72(%rsp,%r10,2),%rsp # alloca(frame+2*$num) - and \$-1024,%rsp # minimize TLB usage - ############################################################## - # Stack layout - # - # +0 saved $num, used in reduction section - # +8 &t[2*$num], used in reduction section - # +32 saved $rptr - # +40 saved $nptr - # +48 saved *n0 - # +56 saved %rsp - # +64 t[2*$num] - # - mov $rptr,32(%rsp) # save $rptr - mov $nptr,40(%rsp) - mov $n0, 48(%rsp) - mov %r11, 56(%rsp) # save original %rsp -.Lsqr4x_body: - ############################################################## - # Squaring part: - # - # a) multiply-n-add everything but a[i]*a[i]; - # b) shift result of a) by 1 to the left and accumulate - # a[i]*a[i] products; - # - lea 32(%r10),$i # $i=-($num-32) - lea ($aptr,$num),$aptr # end of a[] buffer, ($aptr,$i)=&ap[2] - - mov $num,$j # $j=$num - - # comments apply to $num==8 case - mov -32($aptr,$i),$a0 # a[0] - lea 64(%rsp,$num,2),$tptr # end of tp[] buffer, &tp[2*$num] - mov -24($aptr,$i),%rax # a[1] - lea -32($tptr,$i),$tptr # end of tp[] window, &tp[2*$num-"$i"] - mov -16($aptr,$i),$ai # a[2] - mov %rax,$a1 - - mul $a0 # a[1]*a[0] - mov %rax,$A0[0] # a[1]*a[0] - mov $ai,%rax # a[2] - mov %rdx,$A0[1] - mov $A0[0],-24($tptr,$i) # t[1] - - xor $A0[0],$A0[0] - mul $a0 # a[2]*a[0] - add %rax,$A0[1] - mov $ai,%rax - adc %rdx,$A0[0] - mov $A0[1],-16($tptr,$i) # t[2] - - lea -16($i),$j # j=-16 - - - mov 8($aptr,$j),$ai # a[3] - mul $a1 # a[2]*a[1] - mov %rax,$A1[0] # a[2]*a[1]+t[3] - mov $ai,%rax - mov %rdx,$A1[1] - - xor $A0[1],$A0[1] - add $A1[0],$A0[0] - lea 16($j),$j - adc \$0,$A0[1] - mul $a0 # a[3]*a[0] - add %rax,$A0[0] # a[3]*a[0]+a[2]*a[1]+t[3] - mov $ai,%rax - adc %rdx,$A0[1] - mov $A0[0],-8($tptr,$j) # t[3] - jmp .Lsqr4x_1st - -.align 16 -.Lsqr4x_1st: - mov ($aptr,$j),$ai # a[4] - xor $A1[0],$A1[0] - mul $a1 # a[3]*a[1] - add %rax,$A1[1] # a[3]*a[1]+t[4] - mov $ai,%rax - adc %rdx,$A1[0] - - xor $A0[0],$A0[0] - add $A1[1],$A0[1] - adc \$0,$A0[0] - mul $a0 # a[4]*a[0] - add %rax,$A0[1] # a[4]*a[0]+a[3]*a[1]+t[4] - mov $ai,%rax # a[3] - adc %rdx,$A0[0] - mov $A0[1],($tptr,$j) # t[4] - - - mov 8($aptr,$j),$ai # a[5] - xor $A1[1],$A1[1] - mul $a1 # a[4]*a[3] - add %rax,$A1[0] # a[4]*a[3]+t[5] - mov $ai,%rax - adc %rdx,$A1[1] - - xor $A0[1],$A0[1] - add $A1[0],$A0[0] - adc \$0,$A0[1] - mul $a0 # a[5]*a[2] - add %rax,$A0[0] # a[5]*a[2]+a[4]*a[3]+t[5] - mov $ai,%rax - adc %rdx,$A0[1] - mov $A0[0],8($tptr,$j) # t[5] - - mov 16($aptr,$j),$ai # a[6] - xor $A1[0],$A1[0] - mul $a1 # a[5]*a[3] - add %rax,$A1[1] # a[5]*a[3]+t[6] - mov $ai,%rax - adc %rdx,$A1[0] - - xor $A0[0],$A0[0] - add $A1[1],$A0[1] - adc \$0,$A0[0] - mul $a0 # a[6]*a[2] - add %rax,$A0[1] # a[6]*a[2]+a[5]*a[3]+t[6] - mov $ai,%rax # a[3] - adc %rdx,$A0[0] - mov $A0[1],16($tptr,$j) # t[6] - - - mov 24($aptr,$j),$ai # a[7] - xor $A1[1],$A1[1] - mul $a1 # a[6]*a[5] - add %rax,$A1[0] # a[6]*a[5]+t[7] - mov $ai,%rax - adc %rdx,$A1[1] - - xor $A0[1],$A0[1] - add $A1[0],$A0[0] - lea 32($j),$j - adc \$0,$A0[1] - mul $a0 # a[7]*a[4] - add %rax,$A0[0] # a[7]*a[4]+a[6]*a[5]+t[6] - mov $ai,%rax - adc %rdx,$A0[1] - mov $A0[0],-8($tptr,$j) # t[7] - - cmp \$0,$j - jne .Lsqr4x_1st - - xor $A1[0],$A1[0] - add $A0[1],$A1[1] - adc \$0,$A1[0] - mul $a1 # a[7]*a[5] - add %rax,$A1[1] - adc %rdx,$A1[0] - - mov $A1[1],($tptr) # t[8] - lea 16($i),$i - mov $A1[0],8($tptr) # t[9] - jmp .Lsqr4x_outer - -.align 16 -.Lsqr4x_outer: # comments apply to $num==6 case - mov -32($aptr,$i),$a0 # a[0] - lea 64(%rsp,$num,2),$tptr # end of tp[] buffer, &tp[2*$num] - mov -24($aptr,$i),%rax # a[1] - lea -32($tptr,$i),$tptr # end of tp[] window, &tp[2*$num-"$i"] - mov -16($aptr,$i),$ai # a[2] - mov %rax,$a1 - - mov -24($tptr,$i),$A0[0] # t[1] - xor $A0[1],$A0[1] - mul $a0 # a[1]*a[0] - add %rax,$A0[0] # a[1]*a[0]+t[1] - mov $ai,%rax # a[2] - adc %rdx,$A0[1] - mov $A0[0],-24($tptr,$i) # t[1] - - xor $A0[0],$A0[0] - add -16($tptr,$i),$A0[1] # a[2]*a[0]+t[2] - adc \$0,$A0[0] - mul $a0 # a[2]*a[0] - add %rax,$A0[1] - mov $ai,%rax - adc %rdx,$A0[0] - mov $A0[1],-16($tptr,$i) # t[2] - - lea -16($i),$j # j=-16 - xor $A1[0],$A1[0] - - - mov 8($aptr,$j),$ai # a[3] - xor $A1[1],$A1[1] - add 8($tptr,$j),$A1[0] - adc \$0,$A1[1] - mul $a1 # a[2]*a[1] - add %rax,$A1[0] # a[2]*a[1]+t[3] - mov $ai,%rax - adc %rdx,$A1[1] - - xor $A0[1],$A0[1] - add $A1[0],$A0[0] - adc \$0,$A0[1] - mul $a0 # a[3]*a[0] - add %rax,$A0[0] # a[3]*a[0]+a[2]*a[1]+t[3] - mov $ai,%rax - adc %rdx,$A0[1] - mov $A0[0],8($tptr,$j) # t[3] - - lea 16($j),$j - jmp .Lsqr4x_inner - -.align 16 -.Lsqr4x_inner: - mov ($aptr,$j),$ai # a[4] - xor $A1[0],$A1[0] - add ($tptr,$j),$A1[1] - adc \$0,$A1[0] - mul $a1 # a[3]*a[1] - add %rax,$A1[1] # a[3]*a[1]+t[4] - mov $ai,%rax - adc %rdx,$A1[0] - - xor $A0[0],$A0[0] - add $A1[1],$A0[1] - adc \$0,$A0[0] - mul $a0 # a[4]*a[0] - add %rax,$A0[1] # a[4]*a[0]+a[3]*a[1]+t[4] - mov $ai,%rax # a[3] - adc %rdx,$A0[0] - mov $A0[1],($tptr,$j) # t[4] - - mov 8($aptr,$j),$ai # a[5] - xor $A1[1],$A1[1] - add 8($tptr,$j),$A1[0] - adc \$0,$A1[1] - mul $a1 # a[4]*a[3] - add %rax,$A1[0] # a[4]*a[3]+t[5] - mov $ai,%rax - adc %rdx,$A1[1] - - xor $A0[1],$A0[1] - add $A1[0],$A0[0] - lea 16($j),$j # j++ - adc \$0,$A0[1] - mul $a0 # a[5]*a[2] - add %rax,$A0[0] # a[5]*a[2]+a[4]*a[3]+t[5] - mov $ai,%rax - adc %rdx,$A0[1] - mov $A0[0],-8($tptr,$j) # t[5], "preloaded t[1]" below - - cmp \$0,$j - jne .Lsqr4x_inner - - xor $A1[0],$A1[0] - add $A0[1],$A1[1] - adc \$0,$A1[0] - mul $a1 # a[5]*a[3] - add %rax,$A1[1] - adc %rdx,$A1[0] - - mov $A1[1],($tptr) # t[6], "preloaded t[2]" below - mov $A1[0],8($tptr) # t[7], "preloaded t[3]" below - - add \$16,$i - jnz .Lsqr4x_outer - - # comments apply to $num==4 case - mov -32($aptr),$a0 # a[0] - lea 64(%rsp,$num,2),$tptr # end of tp[] buffer, &tp[2*$num] - mov -24($aptr),%rax # a[1] - lea -32($tptr,$i),$tptr # end of tp[] window, &tp[2*$num-"$i"] - mov -16($aptr),$ai # a[2] - mov %rax,$a1 - - xor $A0[1],$A0[1] - mul $a0 # a[1]*a[0] - add %rax,$A0[0] # a[1]*a[0]+t[1], preloaded t[1] - mov $ai,%rax # a[2] - adc %rdx,$A0[1] - mov $A0[0],-24($tptr) # t[1] - - xor $A0[0],$A0[0] - add $A1[1],$A0[1] # a[2]*a[0]+t[2], preloaded t[2] - adc \$0,$A0[0] - mul $a0 # a[2]*a[0] - add %rax,$A0[1] - mov $ai,%rax - adc %rdx,$A0[0] - mov $A0[1],-16($tptr) # t[2] - - mov -8($aptr),$ai # a[3] - mul $a1 # a[2]*a[1] - add %rax,$A1[0] # a[2]*a[1]+t[3], preloaded t[3] - mov $ai,%rax - adc \$0,%rdx - - xor $A0[1],$A0[1] - add $A1[0],$A0[0] - mov %rdx,$A1[1] - adc \$0,$A0[1] - mul $a0 # a[3]*a[0] - add %rax,$A0[0] # a[3]*a[0]+a[2]*a[1]+t[3] - mov $ai,%rax - adc %rdx,$A0[1] - mov $A0[0],-8($tptr) # t[3] - - xor $A1[0],$A1[0] - add $A0[1],$A1[1] - adc \$0,$A1[0] - mul $a1 # a[3]*a[1] - add %rax,$A1[1] - mov -16($aptr),%rax # a[2] - adc %rdx,$A1[0] - - mov $A1[1],($tptr) # t[4] - mov $A1[0],8($tptr) # t[5] - - mul $ai # a[2]*a[3] -___ -{ -my ($shift,$carry)=($a0,$a1); -my @S=(@A1,$ai,$n0); -$code.=<<___; - add \$16,$i - xor $shift,$shift - sub $num,$i # $i=16-$num - xor $carry,$carry - - add $A1[0],%rax # t[5] - adc \$0,%rdx - mov %rax,8($tptr) # t[5] - mov %rdx,16($tptr) # t[6] - mov $carry,24($tptr) # t[7] - - mov -16($aptr,$i),%rax # a[0] - lea 64(%rsp,$num,2),$tptr - xor $A0[0],$A0[0] # t[0] - mov -24($tptr,$i,2),$A0[1] # t[1] - - lea ($shift,$A0[0],2),$S[0] # t[2*i]<<1 | shift - shr \$63,$A0[0] - lea ($j,$A0[1],2),$S[1] # t[2*i+1]<<1 | - shr \$63,$A0[1] - or $A0[0],$S[1] # | t[2*i]>>63 - mov -16($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch - mov $A0[1],$shift # shift=t[2*i+1]>>63 - mul %rax # a[i]*a[i] - neg $carry # mov $carry,cf - mov -8($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch - adc %rax,$S[0] - mov -8($aptr,$i),%rax # a[i+1] # prefetch - mov $S[0],-32($tptr,$i,2) - adc %rdx,$S[1] - - lea ($shift,$A0[0],2),$S[2] # t[2*i]<<1 | shift - mov $S[1],-24($tptr,$i,2) - sbb $carry,$carry # mov cf,$carry - shr \$63,$A0[0] - lea ($j,$A0[1],2),$S[3] # t[2*i+1]<<1 | - shr \$63,$A0[1] - or $A0[0],$S[3] # | t[2*i]>>63 - mov 0($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch - mov $A0[1],$shift # shift=t[2*i+1]>>63 - mul %rax # a[i]*a[i] - neg $carry # mov $carry,cf - mov 8($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch - adc %rax,$S[2] - mov 0($aptr,$i),%rax # a[i+1] # prefetch - mov $S[2],-16($tptr,$i,2) - adc %rdx,$S[3] - lea 16($i),$i - mov $S[3],-40($tptr,$i,2) - sbb $carry,$carry # mov cf,$carry - jmp .Lsqr4x_shift_n_add - -.align 16 -.Lsqr4x_shift_n_add: - lea ($shift,$A0[0],2),$S[0] # t[2*i]<<1 | shift - shr \$63,$A0[0] - lea ($j,$A0[1],2),$S[1] # t[2*i+1]<<1 | - shr \$63,$A0[1] - or $A0[0],$S[1] # | t[2*i]>>63 - mov -16($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch - mov $A0[1],$shift # shift=t[2*i+1]>>63 - mul %rax # a[i]*a[i] - neg $carry # mov $carry,cf - mov -8($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch - adc %rax,$S[0] - mov -8($aptr,$i),%rax # a[i+1] # prefetch - mov $S[0],-32($tptr,$i,2) - adc %rdx,$S[1] - - lea ($shift,$A0[0],2),$S[2] # t[2*i]<<1 | shift - mov $S[1],-24($tptr,$i,2) - sbb $carry,$carry # mov cf,$carry - shr \$63,$A0[0] - lea ($j,$A0[1],2),$S[3] # t[2*i+1]<<1 | - shr \$63,$A0[1] - or $A0[0],$S[3] # | t[2*i]>>63 - mov 0($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch - mov $A0[1],$shift # shift=t[2*i+1]>>63 - mul %rax # a[i]*a[i] - neg $carry # mov $carry,cf - mov 8($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch - adc %rax,$S[2] - mov 0($aptr,$i),%rax # a[i+1] # prefetch - mov $S[2],-16($tptr,$i,2) - adc %rdx,$S[3] - - lea ($shift,$A0[0],2),$S[0] # t[2*i]<<1 | shift - mov $S[3],-8($tptr,$i,2) - sbb $carry,$carry # mov cf,$carry - shr \$63,$A0[0] - lea ($j,$A0[1],2),$S[1] # t[2*i+1]<<1 | - shr \$63,$A0[1] - or $A0[0],$S[1] # | t[2*i]>>63 - mov 16($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch - mov $A0[1],$shift # shift=t[2*i+1]>>63 - mul %rax # a[i]*a[i] - neg $carry # mov $carry,cf - mov 24($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch - adc %rax,$S[0] - mov 8($aptr,$i),%rax # a[i+1] # prefetch - mov $S[0],0($tptr,$i,2) - adc %rdx,$S[1] - - lea ($shift,$A0[0],2),$S[2] # t[2*i]<<1 | shift - mov $S[1],8($tptr,$i,2) - sbb $carry,$carry # mov cf,$carry - shr \$63,$A0[0] - lea ($j,$A0[1],2),$S[3] # t[2*i+1]<<1 | - shr \$63,$A0[1] - or $A0[0],$S[3] # | t[2*i]>>63 - mov 32($tptr,$i,2),$A0[0] # t[2*i+2] # prefetch - mov $A0[1],$shift # shift=t[2*i+1]>>63 - mul %rax # a[i]*a[i] - neg $carry # mov $carry,cf - mov 40($tptr,$i,2),$A0[1] # t[2*i+2+1] # prefetch - adc %rax,$S[2] - mov 16($aptr,$i),%rax # a[i+1] # prefetch - mov $S[2],16($tptr,$i,2) - adc %rdx,$S[3] - mov $S[3],24($tptr,$i,2) - sbb $carry,$carry # mov cf,$carry - add \$32,$i - jnz .Lsqr4x_shift_n_add - - lea ($shift,$A0[0],2),$S[0] # t[2*i]<<1 | shift - shr \$63,$A0[0] - lea ($j,$A0[1],2),$S[1] # t[2*i+1]<<1 | - shr \$63,$A0[1] - or $A0[0],$S[1] # | t[2*i]>>63 - mov -16($tptr),$A0[0] # t[2*i+2] # prefetch - mov $A0[1],$shift # shift=t[2*i+1]>>63 - mul %rax # a[i]*a[i] - neg $carry # mov $carry,cf - mov -8($tptr),$A0[1] # t[2*i+2+1] # prefetch - adc %rax,$S[0] - mov -8($aptr),%rax # a[i+1] # prefetch - mov $S[0],-32($tptr) - adc %rdx,$S[1] - - lea ($shift,$A0[0],2),$S[2] # t[2*i]<<1|shift - mov $S[1],-24($tptr) - sbb $carry,$carry # mov cf,$carry - shr \$63,$A0[0] - lea ($j,$A0[1],2),$S[3] # t[2*i+1]<<1 | - shr \$63,$A0[1] - or $A0[0],$S[3] # | t[2*i]>>63 - mul %rax # a[i]*a[i] - neg $carry # mov $carry,cf - adc %rax,$S[2] - adc %rdx,$S[3] - mov $S[2],-16($tptr) - mov $S[3],-8($tptr) -___ -} -############################################################## -# Montgomery reduction part, "word-by-word" algorithm. -# -{ -my ($topbit,$nptr)=("%rbp",$aptr); -my ($m0,$m1)=($a0,$a1); -my @Ni=("%rbx","%r9"); -$code.=<<___; - mov 40(%rsp),$nptr # restore $nptr - mov 48(%rsp),$n0 # restore *n0 - xor $j,$j - mov $num,0(%rsp) # save $num - sub $num,$j # $j=-$num - mov 64(%rsp),$A0[0] # t[0] # modsched # - mov $n0,$m0 # # modsched # - lea 64(%rsp,$num,2),%rax # end of t[] buffer - lea 64(%rsp,$num),$tptr # end of t[] window - mov %rax,8(%rsp) # save end of t[] buffer - lea ($nptr,$num),$nptr # end of n[] buffer - xor $topbit,$topbit # $topbit=0 - - mov 0($nptr,$j),%rax # n[0] # modsched # - mov 8($nptr,$j),$Ni[1] # n[1] # modsched # - imulq $A0[0],$m0 # m0=t[0]*n0 # modsched # - mov %rax,$Ni[0] # # modsched # - jmp .Lsqr4x_mont_outer - -.align 16 -.Lsqr4x_mont_outer: - xor $A0[1],$A0[1] - mul $m0 # n[0]*m0 - add %rax,$A0[0] # n[0]*m0+t[0] - mov $Ni[1],%rax - adc %rdx,$A0[1] - mov $n0,$m1 - - xor $A0[0],$A0[0] - add 8($tptr,$j),$A0[1] - adc \$0,$A0[0] - mul $m0 # n[1]*m0 - add %rax,$A0[1] # n[1]*m0+t[1] - mov $Ni[0],%rax - adc %rdx,$A0[0] - - imulq $A0[1],$m1 - - mov 16($nptr,$j),$Ni[0] # n[2] - xor $A1[1],$A1[1] - add $A0[1],$A1[0] - adc \$0,$A1[1] - mul $m1 # n[0]*m1 - add %rax,$A1[0] # n[0]*m1+"t[1]" - mov $Ni[0],%rax - adc %rdx,$A1[1] - mov $A1[0],8($tptr,$j) # "t[1]" - - xor $A0[1],$A0[1] - add 16($tptr,$j),$A0[0] - adc \$0,$A0[1] - mul $m0 # n[2]*m0 - add %rax,$A0[0] # n[2]*m0+t[2] - mov $Ni[1],%rax - adc %rdx,$A0[1] - - mov 24($nptr,$j),$Ni[1] # n[3] - xor $A1[0],$A1[0] - add $A0[0],$A1[1] - adc \$0,$A1[0] - mul $m1 # n[1]*m1 - add %rax,$A1[1] # n[1]*m1+"t[2]" - mov $Ni[1],%rax - adc %rdx,$A1[0] - mov $A1[1],16($tptr,$j) # "t[2]" - - xor $A0[0],$A0[0] - add 24($tptr,$j),$A0[1] - lea 32($j),$j - adc \$0,$A0[0] - mul $m0 # n[3]*m0 - add %rax,$A0[1] # n[3]*m0+t[3] - mov $Ni[0],%rax - adc %rdx,$A0[0] - jmp .Lsqr4x_mont_inner - -.align 16 -.Lsqr4x_mont_inner: - mov ($nptr,$j),$Ni[0] # n[4] - xor $A1[1],$A1[1] - add $A0[1],$A1[0] - adc \$0,$A1[1] - mul $m1 # n[2]*m1 - add %rax,$A1[0] # n[2]*m1+"t[3]" - mov $Ni[0],%rax - adc %rdx,$A1[1] - mov $A1[0],-8($tptr,$j) # "t[3]" - - xor $A0[1],$A0[1] - add ($tptr,$j),$A0[0] - adc \$0,$A0[1] - mul $m0 # n[4]*m0 - add %rax,$A0[0] # n[4]*m0+t[4] - mov $Ni[1],%rax - adc %rdx,$A0[1] - - mov 8($nptr,$j),$Ni[1] # n[5] - xor $A1[0],$A1[0] - add $A0[0],$A1[1] - adc \$0,$A1[0] - mul $m1 # n[3]*m1 - add %rax,$A1[1] # n[3]*m1+"t[4]" - mov $Ni[1],%rax - adc %rdx,$A1[0] - mov $A1[1],($tptr,$j) # "t[4]" - - xor $A0[0],$A0[0] - add 8($tptr,$j),$A0[1] - adc \$0,$A0[0] - mul $m0 # n[5]*m0 - add %rax,$A0[1] # n[5]*m0+t[5] - mov $Ni[0],%rax - adc %rdx,$A0[0] - - - mov 16($nptr,$j),$Ni[0] # n[6] - xor $A1[1],$A1[1] - add $A0[1],$A1[0] - adc \$0,$A1[1] - mul $m1 # n[4]*m1 - add %rax,$A1[0] # n[4]*m1+"t[5]" - mov $Ni[0],%rax - adc %rdx,$A1[1] - mov $A1[0],8($tptr,$j) # "t[5]" - - xor $A0[1],$A0[1] - add 16($tptr,$j),$A0[0] - adc \$0,$A0[1] - mul $m0 # n[6]*m0 - add %rax,$A0[0] # n[6]*m0+t[6] - mov $Ni[1],%rax - adc %rdx,$A0[1] - - mov 24($nptr,$j),$Ni[1] # n[7] - xor $A1[0],$A1[0] - add $A0[0],$A1[1] - adc \$0,$A1[0] - mul $m1 # n[5]*m1 - add %rax,$A1[1] # n[5]*m1+"t[6]" - mov $Ni[1],%rax - adc %rdx,$A1[0] - mov $A1[1],16($tptr,$j) # "t[6]" - - xor $A0[0],$A0[0] - add 24($tptr,$j),$A0[1] - lea 32($j),$j - adc \$0,$A0[0] - mul $m0 # n[7]*m0 - add %rax,$A0[1] # n[7]*m0+t[7] - mov $Ni[0],%rax - adc %rdx,$A0[0] - cmp \$0,$j - jne .Lsqr4x_mont_inner - - sub 0(%rsp),$j # $j=-$num # modsched # - mov $n0,$m0 # # modsched # - - xor $A1[1],$A1[1] - add $A0[1],$A1[0] - adc \$0,$A1[1] - mul $m1 # n[6]*m1 - add %rax,$A1[0] # n[6]*m1+"t[7]" - mov $Ni[1],%rax - adc %rdx,$A1[1] - mov $A1[0],-8($tptr) # "t[7]" - - xor $A0[1],$A0[1] - add ($tptr),$A0[0] # +t[8] - adc \$0,$A0[1] - mov 0($nptr,$j),$Ni[0] # n[0] # modsched # - add $topbit,$A0[0] - adc \$0,$A0[1] - - imulq 16($tptr,$j),$m0 # m0=t[0]*n0 # modsched # - xor $A1[0],$A1[0] - mov 8($nptr,$j),$Ni[1] # n[1] # modsched # - add $A0[0],$A1[1] - mov 16($tptr,$j),$A0[0] # t[0] # modsched # - adc \$0,$A1[0] - mul $m1 # n[7]*m1 - add %rax,$A1[1] # n[7]*m1+"t[8]" - mov $Ni[0],%rax # # modsched # - adc %rdx,$A1[0] - mov $A1[1],($tptr) # "t[8]" - - xor $topbit,$topbit - add 8($tptr),$A1[0] # +t[9] - adc $topbit,$topbit - add $A0[1],$A1[0] - lea 16($tptr),$tptr # "t[$num]>>128" - adc \$0,$topbit - mov $A1[0],-8($tptr) # "t[9]" - cmp 8(%rsp),$tptr # are we done? - jb .Lsqr4x_mont_outer - - mov 0(%rsp),$num # restore $num - mov $topbit,($tptr) # save $topbit -___ -} -############################################################## -# Post-condition, 4x unrolled copy from bn_mul_mont -# -{ -my ($tptr,$nptr)=("%rbx",$aptr); -my @ri=("%rax","%rdx","%r10","%r11"); -$code.=<<___; - mov 64(%rsp,$num),@ri[0] # tp[0] - lea 64(%rsp,$num),$tptr # upper half of t[2*$num] holds result - mov 40(%rsp),$nptr # restore $nptr - shr \$5,$num # num/4 - mov 8($tptr),@ri[1] # t[1] - xor $i,$i # i=0 and clear CF! - - mov 32(%rsp),$rptr # restore $rptr - sub 0($nptr),@ri[0] - mov 16($tptr),@ri[2] # t[2] - mov 24($tptr),@ri[3] # t[3] - sbb 8($nptr),@ri[1] - lea -1($num),$j # j=num/4-1 - jmp .Lsqr4x_sub -.align 16 -.Lsqr4x_sub: - mov @ri[0],0($rptr,$i,8) # rp[i]=tp[i]-np[i] - mov @ri[1],8($rptr,$i,8) # rp[i]=tp[i]-np[i] - sbb 16($nptr,$i,8),@ri[2] - mov 32($tptr,$i,8),@ri[0] # tp[i+1] - mov 40($tptr,$i,8),@ri[1] - sbb 24($nptr,$i,8),@ri[3] - mov @ri[2],16($rptr,$i,8) # rp[i]=tp[i]-np[i] - mov @ri[3],24($rptr,$i,8) # rp[i]=tp[i]-np[i] - sbb 32($nptr,$i,8),@ri[0] - mov 48($tptr,$i,8),@ri[2] - mov 56($tptr,$i,8),@ri[3] - sbb 40($nptr,$i,8),@ri[1] - lea 4($i),$i # i++ - dec $j # doesn't affect CF! - jnz .Lsqr4x_sub - - mov @ri[0],0($rptr,$i,8) # rp[i]=tp[i]-np[i] - mov 32($tptr,$i,8),@ri[0] # load overflow bit - sbb 16($nptr,$i,8),@ri[2] - mov @ri[1],8($rptr,$i,8) # rp[i]=tp[i]-np[i] - sbb 24($nptr,$i,8),@ri[3] - mov @ri[2],16($rptr,$i,8) # rp[i]=tp[i]-np[i] - - sbb \$0,@ri[0] # handle upmost overflow bit - mov @ri[3],24($rptr,$i,8) # rp[i]=tp[i]-np[i] - xor $i,$i # i=0 - and @ri[0],$tptr - not @ri[0] - mov $rptr,$nptr - and @ri[0],$nptr - lea -1($num),$j - or $nptr,$tptr # tp=borrow?tp:rp - - pxor %xmm0,%xmm0 - lea 64(%rsp,$num,8),$nptr - movdqu ($tptr),%xmm1 - lea ($nptr,$num,8),$nptr - movdqa %xmm0,64(%rsp) # zap lower half of temporary vector - movdqa %xmm0,($nptr) # zap upper half of temporary vector - movdqu %xmm1,($rptr) - jmp .Lsqr4x_copy -.align 16 -.Lsqr4x_copy: # copy or in-place refresh - movdqu 16($tptr,$i),%xmm2 - movdqu 32($tptr,$i),%xmm1 - movdqa %xmm0,80(%rsp,$i) # zap lower half of temporary vector - movdqa %xmm0,96(%rsp,$i) # zap lower half of temporary vector - movdqa %xmm0,16($nptr,$i) # zap upper half of temporary vector - movdqa %xmm0,32($nptr,$i) # zap upper half of temporary vector - movdqu %xmm2,16($rptr,$i) - movdqu %xmm1,32($rptr,$i) - lea 32($i),$i - dec $j - jnz .Lsqr4x_copy - - movdqu 16($tptr,$i),%xmm2 - movdqa %xmm0,80(%rsp,$i) # zap lower half of temporary vector - movdqa %xmm0,16($nptr,$i) # zap upper half of temporary vector - movdqu %xmm2,16($rptr,$i) -___ -} -$code.=<<___; - mov 56(%rsp),%rsi # restore %rsp - mov \$1,%rax - mov 0(%rsi),%r15 - mov 8(%rsi),%r14 - mov 16(%rsi),%r13 - mov 24(%rsi),%r12 - mov 32(%rsi),%rbp - mov 40(%rsi),%rbx - lea 48(%rsi),%rsp -.Lsqr4x_epilogue: - ret -.size bn_sqr4x_mont,.-bn_sqr4x_mont -___ -}}} - -print $code; -close STDOUT; diff --git a/src/lib/libcrypto/bn/asm/x86_64-mont5.pl b/src/lib/libcrypto/bn/asm/x86_64-mont5.pl deleted file mode 100755 index 38751ec5de..0000000000 --- a/src/lib/libcrypto/bn/asm/x86_64-mont5.pl +++ /dev/null @@ -1,1192 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# August 2011. -# -# Companion to x86_64-mont.pl that optimizes cache-timing attack -# countermeasures. The subroutines are produced by replacing bp[i] -# references in their x86_64-mont.pl counterparts with cache-neutral -# references to powers table computed in BN_mod_exp_mont_consttime. -# In addition subroutine that scatters elements of the powers table -# is implemented, so that scatter-/gathering can be tuned without -# bn_exp.c modifications. - -$flavour = shift; -$output = shift; -if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } - -$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/); - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or -( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or -die "can't locate x86_64-xlate.pl"; - -open OUT,"| \"$^X\" $xlate $flavour $output"; -*STDOUT=*OUT; - -# int bn_mul_mont_gather5( -$rp="%rdi"; # BN_ULONG *rp, -$ap="%rsi"; # const BN_ULONG *ap, -$bp="%rdx"; # const BN_ULONG *bp, -$np="%rcx"; # const BN_ULONG *np, -$n0="%r8"; # const BN_ULONG *n0, -$num="%r9"; # int num, - # int idx); # 0 to 2^5-1, "index" in $bp holding - # pre-computed powers of a', interlaced - # in such manner that b[0] is $bp[idx], - # b[1] is [2^5+idx], etc. -$lo0="%r10"; -$hi0="%r11"; -$hi1="%r13"; -$i="%r14"; -$j="%r15"; -$m0="%rbx"; -$m1="%rbp"; - -$code=<<___; -.text - -.globl bn_mul_mont_gather5 -.type bn_mul_mont_gather5,\@function,6 -.align 64 -bn_mul_mont_gather5: - _CET_ENDBR - test \$3,${num}d - jnz .Lmul_enter - cmp \$8,${num}d - jb .Lmul_enter - jmp .Lmul4x_enter - -.align 16 -.Lmul_enter: - mov ${num}d,${num}d - movd `($win64?56:8)`(%rsp),%xmm5 # load 7th argument - lea .Linc(%rip),%r10 - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - -.Lmul_alloca: - mov %rsp,%rax - lea 2($num),%r11 - neg %r11 - lea -264(%rsp,%r11,8),%rsp # tp=alloca(8*(num+2)+256+8) - and \$-1024,%rsp # minimize TLB usage - - mov %rax,8(%rsp,$num,8) # tp[num+1]=%rsp -.Lmul_body: - lea 128($bp),%r12 # reassign $bp (+size optimization) -___ - $bp="%r12"; - $STRIDE=2**5*8; # 5 is "window size" - $N=$STRIDE/4; # should match cache line size -$code.=<<___; - movdqa 0(%r10),%xmm0 # 00000001000000010000000000000000 - movdqa 16(%r10),%xmm1 # 00000002000000020000000200000002 - lea 24-112(%rsp,$num,8),%r10# place the mask after tp[num+3] (+ICache optimization) - and \$-16,%r10 - - pshufd \$0,%xmm5,%xmm5 # broadcast index - movdqa %xmm1,%xmm4 - movdqa %xmm1,%xmm2 -___ -######################################################################## -# calculate mask by comparing 0..31 to index and save result to stack -# -$code.=<<___; - paddd %xmm0,%xmm1 - pcmpeqd %xmm5,%xmm0 # compare to 1,0 - .byte 0x67 - movdqa %xmm4,%xmm3 -___ -for($k=0;$k<$STRIDE/16-4;$k+=4) { -$code.=<<___; - paddd %xmm1,%xmm2 - pcmpeqd %xmm5,%xmm1 # compare to 3,2 - movdqa %xmm0,`16*($k+0)+112`(%r10) - movdqa %xmm4,%xmm0 - - paddd %xmm2,%xmm3 - pcmpeqd %xmm5,%xmm2 # compare to 5,4 - movdqa %xmm1,`16*($k+1)+112`(%r10) - movdqa %xmm4,%xmm1 - - paddd %xmm3,%xmm0 - pcmpeqd %xmm5,%xmm3 # compare to 7,6 - movdqa %xmm2,`16*($k+2)+112`(%r10) - movdqa %xmm4,%xmm2 - - paddd %xmm0,%xmm1 - pcmpeqd %xmm5,%xmm0 - movdqa %xmm3,`16*($k+3)+112`(%r10) - movdqa %xmm4,%xmm3 -___ -} -$code.=<<___; # last iteration can be optimized - paddd %xmm1,%xmm2 - pcmpeqd %xmm5,%xmm1 - movdqa %xmm0,`16*($k+0)+112`(%r10) - - paddd %xmm2,%xmm3 - .byte 0x67 - pcmpeqd %xmm5,%xmm2 - movdqa %xmm1,`16*($k+1)+112`(%r10) - - pcmpeqd %xmm5,%xmm3 - movdqa %xmm2,`16*($k+2)+112`(%r10) - pand `16*($k+0)-128`($bp),%xmm0 # while it's still in register - - pand `16*($k+1)-128`($bp),%xmm1 - pand `16*($k+2)-128`($bp),%xmm2 - movdqa %xmm3,`16*($k+3)+112`(%r10) - pand `16*($k+3)-128`($bp),%xmm3 - por %xmm2,%xmm0 - por %xmm3,%xmm1 -___ -for($k=0;$k<$STRIDE/16-4;$k+=4) { -$code.=<<___; - movdqa `16*($k+0)-128`($bp),%xmm4 - movdqa `16*($k+1)-128`($bp),%xmm5 - movdqa `16*($k+2)-128`($bp),%xmm2 - pand `16*($k+0)+112`(%r10),%xmm4 - movdqa `16*($k+3)-128`($bp),%xmm3 - pand `16*($k+1)+112`(%r10),%xmm5 - por %xmm4,%xmm0 - pand `16*($k+2)+112`(%r10),%xmm2 - por %xmm5,%xmm1 - pand `16*($k+3)+112`(%r10),%xmm3 - por %xmm2,%xmm0 - por %xmm3,%xmm1 -___ -} -$code.=<<___; - por %xmm1,%xmm0 - pshufd \$0x4e,%xmm0,%xmm1 - por %xmm1,%xmm0 - lea $STRIDE($bp),$bp - movd %xmm0,$m0 # m0=bp[0] - - mov ($n0),$n0 # pull n0[0] value - mov ($ap),%rax - - xor $i,$i # i=0 - xor $j,$j # j=0 - - mov $n0,$m1 - mulq $m0 # ap[0]*bp[0] - mov %rax,$lo0 - mov ($np),%rax - - imulq $lo0,$m1 # "tp[0]"*n0 - mov %rdx,$hi0 - - mulq $m1 # np[0]*m1 - add %rax,$lo0 # discarded - mov 8($ap),%rax - adc \$0,%rdx - mov %rdx,$hi1 - - lea 1($j),$j # j++ - jmp .L1st_enter - -.align 16 -.L1st: - add %rax,$hi1 - mov ($ap,$j,8),%rax - adc \$0,%rdx - add $hi0,$hi1 # np[j]*m1+ap[j]*bp[0] - mov $lo0,$hi0 - adc \$0,%rdx - mov $hi1,-16(%rsp,$j,8) # tp[j-1] - mov %rdx,$hi1 - -.L1st_enter: - mulq $m0 # ap[j]*bp[0] - add %rax,$hi0 - mov ($np,$j,8),%rax - adc \$0,%rdx - lea 1($j),$j # j++ - mov %rdx,$lo0 - - mulq $m1 # np[j]*m1 - cmp $num,$j - jl .L1st - - add %rax,$hi1 - mov ($ap),%rax # ap[0] - adc \$0,%rdx - add $hi0,$hi1 # np[j]*m1+ap[j]*bp[0] - adc \$0,%rdx - mov $hi1,-16(%rsp,$j,8) # tp[j-1] - mov %rdx,$hi1 - mov $lo0,$hi0 - - xor %rdx,%rdx - add $hi0,$hi1 - adc \$0,%rdx - mov $hi1,-8(%rsp,$num,8) - mov %rdx,(%rsp,$num,8) # store upmost overflow bit - - lea 1($i),$i # i++ - jmp .Louter -.align 16 -.Louter: - lea 24+128(%rsp,$num,8),%rdx # where 256-byte mask is (+size optimization) - and \$-16,%rdx - pxor %xmm4,%xmm4 - pxor %xmm5,%xmm5 -___ -for($k=0;$k<$STRIDE/16;$k+=4) { -$code.=<<___; - movdqa `16*($k+0)-128`($bp),%xmm0 - movdqa `16*($k+1)-128`($bp),%xmm1 - movdqa `16*($k+2)-128`($bp),%xmm2 - movdqa `16*($k+3)-128`($bp),%xmm3 - pand `16*($k+0)-128`(%rdx),%xmm0 - pand `16*($k+1)-128`(%rdx),%xmm1 - por %xmm0,%xmm4 - pand `16*($k+2)-128`(%rdx),%xmm2 - por %xmm1,%xmm5 - pand `16*($k+3)-128`(%rdx),%xmm3 - por %xmm2,%xmm4 - por %xmm3,%xmm5 -___ -} -$code.=<<___; - por %xmm5,%xmm4 - pshufd \$0x4e,%xmm4,%xmm0 - por %xmm4,%xmm0 - lea $STRIDE($bp),$bp - movd %xmm0,$m0 # m0=bp[i] - - xor $j,$j # j=0 - mov $n0,$m1 - mov (%rsp),$lo0 - - mulq $m0 # ap[0]*bp[i] - add %rax,$lo0 # ap[0]*bp[i]+tp[0] - mov ($np),%rax - adc \$0,%rdx - - imulq $lo0,$m1 # tp[0]*n0 - mov %rdx,$hi0 - - mulq $m1 # np[0]*m1 - add %rax,$lo0 # discarded - mov 8($ap),%rax - adc \$0,%rdx - mov 8(%rsp),$lo0 # tp[1] - mov %rdx,$hi1 - - lea 1($j),$j # j++ - jmp .Linner_enter - -.align 16 -.Linner: - add %rax,$hi1 - mov ($ap,$j,8),%rax - adc \$0,%rdx - add $lo0,$hi1 # np[j]*m1+ap[j]*bp[i]+tp[j] - mov (%rsp,$j,8),$lo0 - adc \$0,%rdx - mov $hi1,-16(%rsp,$j,8) # tp[j-1] - mov %rdx,$hi1 - -.Linner_enter: - mulq $m0 # ap[j]*bp[i] - add %rax,$hi0 - mov ($np,$j,8),%rax - adc \$0,%rdx - add $hi0,$lo0 # ap[j]*bp[i]+tp[j] - mov %rdx,$hi0 - adc \$0,$hi0 - lea 1($j),$j # j++ - - mulq $m1 # np[j]*m1 - cmp $num,$j - jl .Linner - - add %rax,$hi1 - mov ($ap),%rax # ap[0] - adc \$0,%rdx - add $lo0,$hi1 # np[j]*m1+ap[j]*bp[i]+tp[j] - mov (%rsp,$j,8),$lo0 - adc \$0,%rdx - mov $hi1,-16(%rsp,$j,8) # tp[j-1] - mov %rdx,$hi1 - - xor %rdx,%rdx - add $hi0,$hi1 - adc \$0,%rdx - add $lo0,$hi1 # pull upmost overflow bit - adc \$0,%rdx - mov $hi1,-8(%rsp,$num,8) - mov %rdx,(%rsp,$num,8) # store upmost overflow bit - - lea 1($i),$i # i++ - cmp $num,$i - jl .Louter - - xor $i,$i # i=0 and clear CF! - mov (%rsp),%rax # tp[0] - lea (%rsp),$ap # borrow ap for tp - mov $num,$j # j=num - jmp .Lsub -.align 16 -.Lsub: sbb ($np,$i,8),%rax - mov %rax,($rp,$i,8) # rp[i]=tp[i]-np[i] - mov 8($ap,$i,8),%rax # tp[i+1] - lea 1($i),$i # i++ - dec $j # doesnn't affect CF! - jnz .Lsub - - sbb \$0,%rax # handle upmost overflow bit - xor $i,$i - and %rax,$ap - not %rax - mov $rp,$np - and %rax,$np - mov $num,$j # j=num - or $np,$ap # ap=borrow?tp:rp -.align 16 -.Lcopy: # copy or in-place refresh - mov ($ap,$i,8),%rax - mov $i,(%rsp,$i,8) # zap temporary vector - mov %rax,($rp,$i,8) # rp[i]=tp[i] - lea 1($i),$i - sub \$1,$j - jnz .Lcopy - - mov 8(%rsp,$num,8),%rsi # restore %rsp - mov \$1,%rax - - mov (%rsi),%r15 - mov 8(%rsi),%r14 - mov 16(%rsi),%r13 - mov 24(%rsi),%r12 - mov 32(%rsi),%rbp - mov 40(%rsi),%rbx - lea 48(%rsi),%rsp -.Lmul_epilogue: - ret -.size bn_mul_mont_gather5,.-bn_mul_mont_gather5 -___ -{{{ -my @A=("%r10","%r11"); -my @N=("%r13","%rdi"); -$code.=<<___; -.type bn_mul4x_mont_gather5,\@function,6 -.align 16 -bn_mul4x_mont_gather5: - _CET_ENDBR -.Lmul4x_enter: - mov ${num}d,${num}d - movd `($win64?56:8)`(%rsp),%xmm5 # load 7th argument - lea .Linc(%rip),%r10 - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - -.Lmul4x_alloca: - mov %rsp,%rax - lea 4($num),%r11 - neg %r11 - lea -256(%rsp,%r11,8),%rsp # tp=alloca(8*(num+4)+256) - and \$-1024,%rsp # minimize TLB usage - - mov %rax,8(%rsp,$num,8) # tp[num+1]=%rsp -.Lmul4x_body: - mov $rp,16(%rsp,$num,8) # tp[num+2]=$rp - lea 128(%rdx),%r12 # reassign $bp (+size optimization) -___ - $bp="%r12"; - $STRIDE=2**5*8; # 5 is "window size" - $N=$STRIDE/4; # should match cache line size -$code.=<<___; - movdqa 0(%r10),%xmm0 # 00000001000000010000000000000000 - movdqa 16(%r10),%xmm1 # 00000002000000020000000200000002 - lea 32-112(%rsp,$num,8),%r10# place the mask after tp[num+4] (+ICache optimization) - - pshufd \$0,%xmm5,%xmm5 # broadcast index - movdqa %xmm1,%xmm4 - .byte 0x67,0x67 - movdqa %xmm1,%xmm2 -___ -######################################################################## -# calculate mask by comparing 0..31 to index and save result to stack -# -$code.=<<___; - paddd %xmm0,%xmm1 - pcmpeqd %xmm5,%xmm0 # compare to 1,0 - .byte 0x67 - movdqa %xmm4,%xmm3 -___ -for($k=0;$k<$STRIDE/16-4;$k+=4) { -$code.=<<___; - paddd %xmm1,%xmm2 - pcmpeqd %xmm5,%xmm1 # compare to 3,2 - movdqa %xmm0,`16*($k+0)+112`(%r10) - movdqa %xmm4,%xmm0 - - paddd %xmm2,%xmm3 - pcmpeqd %xmm5,%xmm2 # compare to 5,4 - movdqa %xmm1,`16*($k+1)+112`(%r10) - movdqa %xmm4,%xmm1 - - paddd %xmm3,%xmm0 - pcmpeqd %xmm5,%xmm3 # compare to 7,6 - movdqa %xmm2,`16*($k+2)+112`(%r10) - movdqa %xmm4,%xmm2 - - paddd %xmm0,%xmm1 - pcmpeqd %xmm5,%xmm0 - movdqa %xmm3,`16*($k+3)+112`(%r10) - movdqa %xmm4,%xmm3 -___ -} -$code.=<<___; # last iteration can be optimized - paddd %xmm1,%xmm2 - pcmpeqd %xmm5,%xmm1 - movdqa %xmm0,`16*($k+0)+112`(%r10) - - paddd %xmm2,%xmm3 - .byte 0x67 - pcmpeqd %xmm5,%xmm2 - movdqa %xmm1,`16*($k+1)+112`(%r10) - - pcmpeqd %xmm5,%xmm3 - movdqa %xmm2,`16*($k+2)+112`(%r10) - pand `16*($k+0)-128`($bp),%xmm0 # while it's still in register - - pand `16*($k+1)-128`($bp),%xmm1 - pand `16*($k+2)-128`($bp),%xmm2 - movdqa %xmm3,`16*($k+3)+112`(%r10) - pand `16*($k+3)-128`($bp),%xmm3 - por %xmm2,%xmm0 - por %xmm3,%xmm1 -___ -for($k=0;$k<$STRIDE/16-4;$k+=4) { -$code.=<<___; - movdqa `16*($k+0)-128`($bp),%xmm4 - movdqa `16*($k+1)-128`($bp),%xmm5 - movdqa `16*($k+2)-128`($bp),%xmm2 - pand `16*($k+0)+112`(%r10),%xmm4 - movdqa `16*($k+3)-128`($bp),%xmm3 - pand `16*($k+1)+112`(%r10),%xmm5 - por %xmm4,%xmm0 - pand `16*($k+2)+112`(%r10),%xmm2 - por %xmm5,%xmm1 - pand `16*($k+3)+112`(%r10),%xmm3 - por %xmm2,%xmm0 - por %xmm3,%xmm1 -___ -} -$code.=<<___; - por %xmm1,%xmm0 - pshufd \$0x4e,%xmm0,%xmm1 - por %xmm1,%xmm0 - lea $STRIDE($bp),$bp - movd %xmm0,$m0 # m0=bp[0] - - mov ($n0),$n0 # pull n0[0] value - mov ($ap),%rax - - xor $i,$i # i=0 - xor $j,$j # j=0 - - mov $n0,$m1 - mulq $m0 # ap[0]*bp[0] - mov %rax,$A[0] - mov ($np),%rax - - imulq $A[0],$m1 # "tp[0]"*n0 - mov %rdx,$A[1] - - mulq $m1 # np[0]*m1 - add %rax,$A[0] # discarded - mov 8($ap),%rax - adc \$0,%rdx - mov %rdx,$N[1] - - mulq $m0 - add %rax,$A[1] - mov 8($np),%rax - adc \$0,%rdx - mov %rdx,$A[0] - - mulq $m1 - add %rax,$N[1] - mov 16($ap),%rax - adc \$0,%rdx - add $A[1],$N[1] - lea 4($j),$j # j++ - adc \$0,%rdx - mov $N[1],(%rsp) - mov %rdx,$N[0] - jmp .L1st4x -.align 16 -.L1st4x: - mulq $m0 # ap[j]*bp[0] - add %rax,$A[0] - mov -16($np,$j,8),%rax - adc \$0,%rdx - mov %rdx,$A[1] - - mulq $m1 # np[j]*m1 - add %rax,$N[0] - mov -8($ap,$j,8),%rax - adc \$0,%rdx - add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0] - adc \$0,%rdx - mov $N[0],-24(%rsp,$j,8) # tp[j-1] - mov %rdx,$N[1] - - mulq $m0 # ap[j]*bp[0] - add %rax,$A[1] - mov -8($np,$j,8),%rax - adc \$0,%rdx - mov %rdx,$A[0] - - mulq $m1 # np[j]*m1 - add %rax,$N[1] - mov ($ap,$j,8),%rax - adc \$0,%rdx - add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0] - adc \$0,%rdx - mov $N[1],-16(%rsp,$j,8) # tp[j-1] - mov %rdx,$N[0] - - mulq $m0 # ap[j]*bp[0] - add %rax,$A[0] - mov ($np,$j,8),%rax - adc \$0,%rdx - mov %rdx,$A[1] - - mulq $m1 # np[j]*m1 - add %rax,$N[0] - mov 8($ap,$j,8),%rax - adc \$0,%rdx - add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0] - adc \$0,%rdx - mov $N[0],-8(%rsp,$j,8) # tp[j-1] - mov %rdx,$N[1] - - mulq $m0 # ap[j]*bp[0] - add %rax,$A[1] - mov 8($np,$j,8),%rax - adc \$0,%rdx - lea 4($j),$j # j++ - mov %rdx,$A[0] - - mulq $m1 # np[j]*m1 - add %rax,$N[1] - mov -16($ap,$j,8),%rax - adc \$0,%rdx - add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0] - adc \$0,%rdx - mov $N[1],-32(%rsp,$j,8) # tp[j-1] - mov %rdx,$N[0] - cmp $num,$j - jl .L1st4x - - mulq $m0 # ap[j]*bp[0] - add %rax,$A[0] - mov -16($np,$j,8),%rax - adc \$0,%rdx - mov %rdx,$A[1] - - mulq $m1 # np[j]*m1 - add %rax,$N[0] - mov -8($ap,$j,8),%rax - adc \$0,%rdx - add $A[0],$N[0] # np[j]*m1+ap[j]*bp[0] - adc \$0,%rdx - mov $N[0],-24(%rsp,$j,8) # tp[j-1] - mov %rdx,$N[1] - - mulq $m0 # ap[j]*bp[0] - add %rax,$A[1] - mov -8($np,$j,8),%rax - adc \$0,%rdx - mov %rdx,$A[0] - - mulq $m1 # np[j]*m1 - add %rax,$N[1] - mov ($ap),%rax # ap[0] - adc \$0,%rdx - add $A[1],$N[1] # np[j]*m1+ap[j]*bp[0] - adc \$0,%rdx - mov $N[1],-16(%rsp,$j,8) # tp[j-1] - mov %rdx,$N[0] - - xor $N[1],$N[1] - add $A[0],$N[0] - adc \$0,$N[1] - mov $N[0],-8(%rsp,$j,8) - mov $N[1],(%rsp,$j,8) # store upmost overflow bit - - lea 1($i),$i # i++ -.align 4 -.Louter4x: - lea 32+128(%rsp,$num,8),%rdx # where 256-byte mask is (+size optimization) - pxor %xmm4,%xmm4 - pxor %xmm5,%xmm5 -___ -for($k=0;$k<$STRIDE/16;$k+=4) { -$code.=<<___; - movdqa `16*($k+0)-128`($bp),%xmm0 - movdqa `16*($k+1)-128`($bp),%xmm1 - movdqa `16*($k+2)-128`($bp),%xmm2 - movdqa `16*($k+3)-128`($bp),%xmm3 - pand `16*($k+0)-128`(%rdx),%xmm0 - pand `16*($k+1)-128`(%rdx),%xmm1 - por %xmm0,%xmm4 - pand `16*($k+2)-128`(%rdx),%xmm2 - por %xmm1,%xmm5 - pand `16*($k+3)-128`(%rdx),%xmm3 - por %xmm2,%xmm4 - por %xmm3,%xmm5 -___ -} -$code.=<<___; - por %xmm5,%xmm4 - pshufd \$0x4e,%xmm4,%xmm0 - por %xmm4,%xmm0 - lea $STRIDE($bp),$bp - movd %xmm0,$m0 # m0=bp[i] - - xor $j,$j # j=0 - - mov (%rsp),$A[0] - mov $n0,$m1 - mulq $m0 # ap[0]*bp[i] - add %rax,$A[0] # ap[0]*bp[i]+tp[0] - mov ($np),%rax - adc \$0,%rdx - - imulq $A[0],$m1 # tp[0]*n0 - mov %rdx,$A[1] - - mulq $m1 # np[0]*m1 - add %rax,$A[0] # "$N[0]", discarded - mov 8($ap),%rax - adc \$0,%rdx - mov %rdx,$N[1] - - mulq $m0 # ap[j]*bp[i] - add %rax,$A[1] - mov 8($np),%rax - adc \$0,%rdx - add 8(%rsp),$A[1] # +tp[1] - adc \$0,%rdx - mov %rdx,$A[0] - - mulq $m1 # np[j]*m1 - add %rax,$N[1] - mov 16($ap),%rax - adc \$0,%rdx - add $A[1],$N[1] # np[j]*m1+ap[j]*bp[i]+tp[j] - lea 4($j),$j # j+=2 - adc \$0,%rdx - mov %rdx,$N[0] - jmp .Linner4x -.align 16 -.Linner4x: - mulq $m0 # ap[j]*bp[i] - add %rax,$A[0] - mov -16($np,$j,8),%rax - adc \$0,%rdx - add -16(%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j] - adc \$0,%rdx - mov %rdx,$A[1] - - mulq $m1 # np[j]*m1 - add %rax,$N[0] - mov -8($ap,$j,8),%rax - adc \$0,%rdx - add $A[0],$N[0] - adc \$0,%rdx - mov $N[1],-32(%rsp,$j,8) # tp[j-1] - mov %rdx,$N[1] - - mulq $m0 # ap[j]*bp[i] - add %rax,$A[1] - mov -8($np,$j,8),%rax - adc \$0,%rdx - add -8(%rsp,$j,8),$A[1] - adc \$0,%rdx - mov %rdx,$A[0] - - mulq $m1 # np[j]*m1 - add %rax,$N[1] - mov ($ap,$j,8),%rax - adc \$0,%rdx - add $A[1],$N[1] - adc \$0,%rdx - mov $N[0],-24(%rsp,$j,8) # tp[j-1] - mov %rdx,$N[0] - - mulq $m0 # ap[j]*bp[i] - add %rax,$A[0] - mov ($np,$j,8),%rax - adc \$0,%rdx - add (%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j] - adc \$0,%rdx - mov %rdx,$A[1] - - mulq $m1 # np[j]*m1 - add %rax,$N[0] - mov 8($ap,$j,8),%rax - adc \$0,%rdx - add $A[0],$N[0] - adc \$0,%rdx - mov $N[1],-16(%rsp,$j,8) # tp[j-1] - mov %rdx,$N[1] - - mulq $m0 # ap[j]*bp[i] - add %rax,$A[1] - mov 8($np,$j,8),%rax - adc \$0,%rdx - add 8(%rsp,$j,8),$A[1] - adc \$0,%rdx - lea 4($j),$j # j++ - mov %rdx,$A[0] - - mulq $m1 # np[j]*m1 - add %rax,$N[1] - mov -16($ap,$j,8),%rax - adc \$0,%rdx - add $A[1],$N[1] - adc \$0,%rdx - mov $N[0],-40(%rsp,$j,8) # tp[j-1] - mov %rdx,$N[0] - cmp $num,$j - jl .Linner4x - - mulq $m0 # ap[j]*bp[i] - add %rax,$A[0] - mov -16($np,$j,8),%rax - adc \$0,%rdx - add -16(%rsp,$j,8),$A[0] # ap[j]*bp[i]+tp[j] - adc \$0,%rdx - mov %rdx,$A[1] - - mulq $m1 # np[j]*m1 - add %rax,$N[0] - mov -8($ap,$j,8),%rax - adc \$0,%rdx - add $A[0],$N[0] - adc \$0,%rdx - mov $N[1],-32(%rsp,$j,8) # tp[j-1] - mov %rdx,$N[1] - - mulq $m0 # ap[j]*bp[i] - add %rax,$A[1] - mov -8($np,$j,8),%rax - adc \$0,%rdx - add -8(%rsp,$j,8),$A[1] - adc \$0,%rdx - lea 1($i),$i # i++ - mov %rdx,$A[0] - - mulq $m1 # np[j]*m1 - add %rax,$N[1] - mov ($ap),%rax # ap[0] - adc \$0,%rdx - add $A[1],$N[1] - adc \$0,%rdx - mov $N[0],-24(%rsp,$j,8) # tp[j-1] - mov %rdx,$N[0] - - mov $N[1],-16(%rsp,$j,8) # tp[j-1] - - xor $N[1],$N[1] - add $A[0],$N[0] - adc \$0,$N[1] - add (%rsp,$num,8),$N[0] # pull upmost overflow bit - adc \$0,$N[1] - mov $N[0],-8(%rsp,$j,8) - mov $N[1],(%rsp,$j,8) # store upmost overflow bit - - cmp $num,$i - jl .Louter4x -___ -{ -my @ri=("%rax","%rdx",$m0,$m1); -$code.=<<___; - mov 16(%rsp,$num,8),$rp # restore $rp - mov 0(%rsp),@ri[0] # tp[0] - pxor %xmm0,%xmm0 - mov 8(%rsp),@ri[1] # tp[1] - shr \$2,$num # num/=4 - lea (%rsp),$ap # borrow ap for tp - xor $i,$i # i=0 and clear CF! - - sub 0($np),@ri[0] - mov 16($ap),@ri[2] # tp[2] - mov 24($ap),@ri[3] # tp[3] - sbb 8($np),@ri[1] - lea -1($num),$j # j=num/4-1 - jmp .Lsub4x -.align 16 -.Lsub4x: - mov @ri[0],0($rp,$i,8) # rp[i]=tp[i]-np[i] - mov @ri[1],8($rp,$i,8) # rp[i]=tp[i]-np[i] - sbb 16($np,$i,8),@ri[2] - mov 32($ap,$i,8),@ri[0] # tp[i+1] - mov 40($ap,$i,8),@ri[1] - sbb 24($np,$i,8),@ri[3] - mov @ri[2],16($rp,$i,8) # rp[i]=tp[i]-np[i] - mov @ri[3],24($rp,$i,8) # rp[i]=tp[i]-np[i] - sbb 32($np,$i,8),@ri[0] - mov 48($ap,$i,8),@ri[2] - mov 56($ap,$i,8),@ri[3] - sbb 40($np,$i,8),@ri[1] - lea 4($i),$i # i++ - dec $j # doesnn't affect CF! - jnz .Lsub4x - - mov @ri[0],0($rp,$i,8) # rp[i]=tp[i]-np[i] - mov 32($ap,$i,8),@ri[0] # load overflow bit - sbb 16($np,$i,8),@ri[2] - mov @ri[1],8($rp,$i,8) # rp[i]=tp[i]-np[i] - sbb 24($np,$i,8),@ri[3] - mov @ri[2],16($rp,$i,8) # rp[i]=tp[i]-np[i] - - sbb \$0,@ri[0] # handle upmost overflow bit - mov @ri[3],24($rp,$i,8) # rp[i]=tp[i]-np[i] - xor $i,$i # i=0 - and @ri[0],$ap - not @ri[0] - mov $rp,$np - and @ri[0],$np - lea -1($num),$j - or $np,$ap # ap=borrow?tp:rp - - movdqu ($ap),%xmm1 - movdqa %xmm0,(%rsp) - movdqu %xmm1,($rp) - jmp .Lcopy4x -.align 16 -.Lcopy4x: # copy or in-place refresh - movdqu 16($ap,$i),%xmm2 - movdqu 32($ap,$i),%xmm1 - movdqa %xmm0,16(%rsp,$i) - movdqu %xmm2,16($rp,$i) - movdqa %xmm0,32(%rsp,$i) - movdqu %xmm1,32($rp,$i) - lea 32($i),$i - dec $j - jnz .Lcopy4x - - shl \$2,$num - movdqu 16($ap,$i),%xmm2 - movdqa %xmm0,16(%rsp,$i) - movdqu %xmm2,16($rp,$i) -___ -} -$code.=<<___; - mov 8(%rsp,$num,8),%rsi # restore %rsp - mov \$1,%rax - - mov (%rsi),%r15 - mov 8(%rsi),%r14 - mov 16(%rsi),%r13 - mov 24(%rsi),%r12 - mov 32(%rsi),%rbp - mov 40(%rsi),%rbx - lea 48(%rsi),%rsp -.Lmul4x_epilogue: - ret -.size bn_mul4x_mont_gather5,.-bn_mul4x_mont_gather5 -___ -}}} - -{ -my ($inp,$num,$tbl,$idx)=$win64?("%rcx","%rdx","%r8", "%r9d") : # Win64 order - ("%rdi","%rsi","%rdx","%ecx"); # Unix order -my $out=$inp; -my $STRIDE=2**5*8; -my $N=$STRIDE/4; - -$code.=<<___; -.globl bn_scatter5 -.type bn_scatter5,\@abi-omnipotent -.align 16 -bn_scatter5: - _CET_ENDBR - cmp \$0, $num - jz .Lscatter_epilogue - lea ($tbl,$idx,8),$tbl -.Lscatter: - mov ($inp),%rax - lea 8($inp),$inp - mov %rax,($tbl) - lea 32*8($tbl),$tbl - sub \$1,$num - jnz .Lscatter -.Lscatter_epilogue: - ret -.size bn_scatter5,.-bn_scatter5 - -.globl bn_gather5 -.type bn_gather5,\@abi-omnipotent -.align 16 -bn_gather5: - _CET_ENDBR -.LSEH_begin_bn_gather5: # Win64 thing, but harmless in other cases - # I can't trust assembler to use specific encoding:-( - .byte 0x4c,0x8d,0x14,0x24 # lea (%rsp),%r10 - .byte 0x48,0x81,0xec,0x08,0x01,0x00,0x00 # sub $0x108,%rsp - lea .Linc(%rip),%rax - and \$-16,%rsp # shouldn't be formally required - - movd $idx,%xmm5 - movdqa 0(%rax),%xmm0 # 00000001000000010000000000000000 - movdqa 16(%rax),%xmm1 # 00000002000000020000000200000002 - lea 128($tbl),%r11 # size optimization - lea 128(%rsp),%rax # size optimization - - pshufd \$0,%xmm5,%xmm5 # broadcast $idx - movdqa %xmm1,%xmm4 - movdqa %xmm1,%xmm2 -___ -######################################################################## -# calculate mask by comparing 0..31 to $idx and save result to stack -# -for($i=0;$i<$STRIDE/16;$i+=4) { -$code.=<<___; - paddd %xmm0,%xmm1 - pcmpeqd %xmm5,%xmm0 # compare to 1,0 -___ -$code.=<<___ if ($i); - movdqa %xmm3,`16*($i-1)-128`(%rax) -___ -$code.=<<___; - movdqa %xmm4,%xmm3 - - paddd %xmm1,%xmm2 - pcmpeqd %xmm5,%xmm1 # compare to 3,2 - movdqa %xmm0,`16*($i+0)-128`(%rax) - movdqa %xmm4,%xmm0 - - paddd %xmm2,%xmm3 - pcmpeqd %xmm5,%xmm2 # compare to 5,4 - movdqa %xmm1,`16*($i+1)-128`(%rax) - movdqa %xmm4,%xmm1 - - paddd %xmm3,%xmm0 - pcmpeqd %xmm5,%xmm3 # compare to 7,6 - movdqa %xmm2,`16*($i+2)-128`(%rax) - movdqa %xmm4,%xmm2 -___ -} -$code.=<<___; - movdqa %xmm3,`16*($i-1)-128`(%rax) - jmp .Lgather - -.align 32 -.Lgather: - pxor %xmm4,%xmm4 - pxor %xmm5,%xmm5 -___ -for($i=0;$i<$STRIDE/16;$i+=4) { -$code.=<<___; - movdqa `16*($i+0)-128`(%r11),%xmm0 - movdqa `16*($i+1)-128`(%r11),%xmm1 - movdqa `16*($i+2)-128`(%r11),%xmm2 - pand `16*($i+0)-128`(%rax),%xmm0 - movdqa `16*($i+3)-128`(%r11),%xmm3 - pand `16*($i+1)-128`(%rax),%xmm1 - por %xmm0,%xmm4 - pand `16*($i+2)-128`(%rax),%xmm2 - por %xmm1,%xmm5 - pand `16*($i+3)-128`(%rax),%xmm3 - por %xmm2,%xmm4 - por %xmm3,%xmm5 -___ -} -$code.=<<___; - por %xmm5,%xmm4 - lea $STRIDE(%r11),%r11 - pshufd \$0x4e,%xmm4,%xmm0 - por %xmm4,%xmm0 - movq %xmm0,($out) # m0=bp[0] - lea 8($out),$out - sub \$1,$num - jnz .Lgather - - lea (%r10),%rsp - ret -.LSEH_end_bn_gather5: -.size bn_gather5,.-bn_gather5 -___ -} -$code.=<<___; -.section .rodata -.align 64 -.Linc: - .long 0,0, 1,1 - .long 2,2, 2,2 -.text -___ - -# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame, -# CONTEXT *context,DISPATCHER_CONTEXT *disp) -if ($win64) { -$rec="%rcx"; -$frame="%rdx"; -$context="%r8"; -$disp="%r9"; - -$code.=<<___; -.extern __imp_RtlVirtualUnwind -.type mul_handler,\@abi-omnipotent -.align 16 -mul_handler: - _CET_ENDBR - push %rsi - push %rdi - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - pushfq - sub \$64,%rsp - - mov 120($context),%rax # pull context->Rax - mov 248($context),%rbx # pull context->Rip - - mov 8($disp),%rsi # disp->ImageBase - mov 56($disp),%r11 # disp->HandlerData - - mov 0(%r11),%r10d # HandlerData[0] - lea (%rsi,%r10),%r10 # end of prologue label - cmp %r10,%rbx # context->RipRipRsp - - mov 8(%r11),%r10d # HandlerData[2] - lea (%rsi,%r10),%r10 # epilogue label - cmp %r10,%rbx # context->Rip>=epilogue label - jae .Lcommon_seh_tail - - mov 192($context),%r10 # pull $num - mov 8(%rax,%r10,8),%rax # pull saved stack pointer - - lea 48(%rax),%rax - - mov -8(%rax),%rbx - mov -16(%rax),%rbp - mov -24(%rax),%r12 - mov -32(%rax),%r13 - mov -40(%rax),%r14 - mov -48(%rax),%r15 - mov %rbx,144($context) # restore context->Rbx - mov %rbp,160($context) # restore context->Rbp - mov %r12,216($context) # restore context->R12 - mov %r13,224($context) # restore context->R13 - mov %r14,232($context) # restore context->R14 - mov %r15,240($context) # restore context->R15 - -.Lcommon_seh_tail: - mov 8(%rax),%rdi - mov 16(%rax),%rsi - mov %rax,152($context) # restore context->Rsp - mov %rsi,168($context) # restore context->Rsi - mov %rdi,176($context) # restore context->Rdi - - mov 40($disp),%rdi # disp->ContextRecord - mov $context,%rsi # context - mov \$154,%ecx # sizeof(CONTEXT) - .long 0xa548f3fc # cld; rep movsq - - mov $disp,%rsi - xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER - mov 8(%rsi),%rdx # arg2, disp->ImageBase - mov 0(%rsi),%r8 # arg3, disp->ControlPc - mov 16(%rsi),%r9 # arg4, disp->FunctionEntry - mov 40(%rsi),%r10 # disp->ContextRecord - lea 56(%rsi),%r11 # &disp->HandlerData - lea 24(%rsi),%r12 # &disp->EstablisherFrame - mov %r10,32(%rsp) # arg5 - mov %r11,40(%rsp) # arg6 - mov %r12,48(%rsp) # arg7 - mov %rcx,56(%rsp) # arg8, (NULL) - call *__imp_RtlVirtualUnwind(%rip) - - mov \$1,%eax # ExceptionContinueSearch - add \$64,%rsp - popfq - pop %r15 - pop %r14 - pop %r13 - pop %r12 - pop %rbp - pop %rbx - pop %rdi - pop %rsi - ret -.size mul_handler,.-mul_handler - -.section .pdata -.align 4 - .rva .LSEH_begin_bn_mul_mont_gather5 - .rva .LSEH_end_bn_mul_mont_gather5 - .rva .LSEH_info_bn_mul_mont_gather5 - - .rva .LSEH_begin_bn_mul4x_mont_gather5 - .rva .LSEH_end_bn_mul4x_mont_gather5 - .rva .LSEH_info_bn_mul4x_mont_gather5 - - .rva .LSEH_begin_bn_gather5 - .rva .LSEH_end_bn_gather5 - .rva .LSEH_info_bn_gather5 - -.section .xdata -.align 8 -.LSEH_info_bn_mul_mont_gather5: - .byte 9,0,0,0 - .rva mul_handler - .rva .Lmul_alloca,.Lmul_body,.Lmul_epilogue # HandlerData[] -.align 8 -.LSEH_info_bn_mul4x_mont_gather5: - .byte 9,0,0,0 - .rva mul_handler - .rva .Lmul4x_alloca,.Lmul4x_body,.Lmul4x_epilogue # HandlerData[] -.align 8 -.LSEH_info_bn_gather5: - .byte 0x01,0x0b,0x03,0x0a - .byte 0x0b,0x01,0x21,0x00 # sub rsp,0x108 - .byte 0x04,0xa3,0x00,0x00 # lea r10,(rsp), set_frame r10 -.align 8 -___ -} - -$code =~ s/\`([^\`]*)\`/eval($1)/gem; - -print $code; -close STDOUT; diff --git a/src/lib/libcrypto/bn/bn.h b/src/lib/libcrypto/bn/bn.h deleted file mode 100644 index 7c3c0b142f..0000000000 --- a/src/lib/libcrypto/bn/bn.h +++ /dev/null @@ -1,520 +0,0 @@ -/* $OpenBSD: bn.h,v 1.80 2025/03/09 15:22:40 tb Exp $ */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * - * Portions of the attached software ("Contribution") are developed by - * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. - * - * The Contribution is licensed pursuant to the Eric Young open source - * license provided above. - * - * The binary polynomial arithmetic software is originally written by - * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. - * - */ - -#ifndef HEADER_BN_H -#define HEADER_BN_H - -#include -#include - -#include - -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* This next option uses the C libraries (2 word)/(1 word) function. - * If it is not defined, I use my C version (which is slower). - * The reason for this flag is that when the particular C compiler - * library routine is used, and the library is linked with a different - * compiler, the library is missing. This mostly happens when the - * library is built with gcc and then linked using normal cc. This would - * be a common occurrence because gcc normally produces code that is - * 2 times faster than system compilers for the big number stuff. - * For machines with only one compiler (or shared libraries), this should - * be on. Again this in only really a problem on machines - * using "long long's", are 32bit, and are not using my assembler code. */ -/* #define BN_DIV2W */ - -#ifdef _LP64 -#undef BN_LLONG -#define BN_ULONG unsigned long -#define BN_LONG long -#define BN_BITS 128 -#define BN_BYTES 8 -#define BN_BITS2 64 -#define BN_BITS4 32 -#define BN_MASK2 (0xffffffffffffffffL) -#define BN_MASK2l (0xffffffffL) -#define BN_MASK2h (0xffffffff00000000L) -#define BN_MASK2h1 (0xffffffff80000000L) -#define BN_TBIT (0x8000000000000000L) -#define BN_DEC_CONV (10000000000000000000UL) -#define BN_DEC_FMT1 "%lu" -#define BN_DEC_FMT2 "%019lu" -#define BN_DEC_NUM 19 -#define BN_HEX_FMT1 "%lX" -#define BN_HEX_FMT2 "%016lX" -#else -#define BN_ULLONG unsigned long long -#define BN_LLONG -#define BN_ULONG unsigned int -#define BN_LONG int -#define BN_BITS 64 -#define BN_BYTES 4 -#define BN_BITS2 32 -#define BN_BITS4 16 -#define BN_MASK (0xffffffffffffffffLL) -#define BN_MASK2 (0xffffffffL) -#define BN_MASK2l (0xffff) -#define BN_MASK2h1 (0xffff8000L) -#define BN_MASK2h (0xffff0000L) -#define BN_TBIT (0x80000000L) -#define BN_DEC_CONV (1000000000L) -#define BN_DEC_FMT1 "%u" -#define BN_DEC_FMT2 "%09u" -#define BN_DEC_NUM 9 -#define BN_HEX_FMT1 "%X" -#define BN_HEX_FMT2 "%08X" -#endif - -#define BN_FLG_MALLOCED 0x01 -#define BN_FLG_STATIC_DATA 0x02 -#define BN_FLG_CONSTTIME 0x04 /* avoid leaking exponent information through timing, - * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime, - * BN_div() will call BN_div_no_branch, - * BN_mod_inverse() will call BN_mod_inverse_no_branch. - */ - -void BN_set_flags(BIGNUM *b, int n); -int BN_get_flags(const BIGNUM *b, int n); -void BN_with_flags(BIGNUM *dest, const BIGNUM *src, int flags); - -/* Values for |top| in BN_rand() */ -#define BN_RAND_TOP_ANY -1 -#define BN_RAND_TOP_ONE 0 -#define BN_RAND_TOP_TWO 1 - -/* Values for |bottom| in BN_rand() */ -#define BN_RAND_BOTTOM_ANY 0 -#define BN_RAND_BOTTOM_ODD 1 - -BN_GENCB *BN_GENCB_new(void); -void BN_GENCB_free(BN_GENCB *cb); - -/* Wrapper function to make using BN_GENCB easier, */ -int BN_GENCB_call(BN_GENCB *cb, int a, int b); - -/* Populate a BN_GENCB structure with an "old"-style callback */ -void BN_GENCB_set_old(BN_GENCB *gencb, void (*callback)(int, int, void *), - void *cb_arg); - -/* Populate a BN_GENCB structure with a "new"-style callback */ -void BN_GENCB_set(BN_GENCB *gencb, int (*callback)(int, int, BN_GENCB *), - void *cb_arg); - -void *BN_GENCB_get_arg(BN_GENCB *cb); - -#define BN_prime_checks 0 /* default: select number of iterations - based on the size of the number */ - -/* - * BN_prime_checks_for_size() returns the number of Miller-Rabin - * iterations that will be done for checking that a random number - * is probably prime. The error rate for accepting a composite - * number as prime depends on the size of the prime |b|. The error - * rates used are for calculating an RSA key with 2 primes, and so - * the level is what you would expect for a key of double the size - * of the prime. - * - * This table is generated using the algorithm of FIPS PUB 186-4 - * Digital Signature Standard (DSS), section F.1, page 117. - * (https://dx.doi.org/10.6028/NIST.FIPS.186-4) - * - * The following magma script was used to generate the output: - * securitybits:=125; - * k:=1024; - * for t:=1 to 65 do - * for M:=3 to Floor(2*Sqrt(k-1)-1) do - * S:=0; - * // Sum over m - * for m:=3 to M do - * s:=0; - * // Sum over j - * for j:=2 to m do - * s+:=(RealField(32)!2)^-(j+(k-1)/j); - * end for; - * S+:=2^(m-(m-1)*t)*s; - * end for; - * A:=2^(k-2-M*t); - * B:=8*(Pi(RealField(32))^2-6)/3*2^(k-2)*S; - * pkt:=2.00743*Log(2)*k*2^-k*(A+B); - * seclevel:=Floor(-Log(2,pkt)); - * if seclevel ge securitybits then - * printf "k: %5o, security: %o bits (t: %o, M: %o)\n",k,seclevel,t,M; - * break; - * end if; - * end for; - * if seclevel ge securitybits then break; end if; - * end for; - * - * It can be run online at: - * http://magma.maths.usyd.edu.au/calc - * - * And will output: - * k: 1024, security: 129 bits (t: 6, M: 23) - * - * k is the number of bits of the prime, securitybits is the level - * we want to reach. - * - * prime length | RSA key size | # MR tests | security level - * -------------+--------------|------------+--------------- - * (b) >= 6394 | >= 12788 | 3 | 256 bit - * (b) >= 3747 | >= 7494 | 3 | 192 bit - * (b) >= 1345 | >= 2690 | 4 | 128 bit - * (b) >= 1080 | >= 2160 | 5 | 128 bit - * (b) >= 852 | >= 1704 | 5 | 112 bit - * (b) >= 476 | >= 952 | 5 | 80 bit - * (b) >= 400 | >= 800 | 6 | 80 bit - * (b) >= 347 | >= 694 | 7 | 80 bit - * (b) >= 308 | >= 616 | 8 | 80 bit - * (b) >= 55 | >= 110 | 27 | 64 bit - * (b) >= 6 | >= 12 | 34 | 64 bit - */ - -#define BN_prime_checks_for_size(b) ((b) >= 3747 ? 3 : \ - (b) >= 1345 ? 4 : \ - (b) >= 476 ? 5 : \ - (b) >= 400 ? 6 : \ - (b) >= 347 ? 7 : \ - (b) >= 308 ? 8 : \ - (b) >= 55 ? 27 : \ - /* b >= 6 */ 34) - -#define BN_num_bytes(a) ((BN_num_bits(a)+7)/8) - -int BN_abs_is_word(const BIGNUM *a, const BN_ULONG w); -int BN_is_zero(const BIGNUM *a); -int BN_is_one(const BIGNUM *a); -int BN_is_word(const BIGNUM *a, const BN_ULONG w); -int BN_is_odd(const BIGNUM *a); - -void BN_zero(BIGNUM *a); -int BN_one(BIGNUM *a); - -const BIGNUM *BN_value_one(void); -BN_CTX *BN_CTX_new(void); -void BN_CTX_free(BN_CTX *c); -void BN_CTX_start(BN_CTX *ctx); -BIGNUM *BN_CTX_get(BN_CTX *ctx); -void BN_CTX_end(BN_CTX *ctx); -int BN_rand(BIGNUM *rnd, int bits, int top, int bottom); -int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom); -int BN_rand_range(BIGNUM *rnd, const BIGNUM *range); -int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range); -int BN_num_bits(const BIGNUM *a); -int BN_num_bits_word(BN_ULONG); -BIGNUM *BN_new(void); -void BN_clear_free(BIGNUM *a); -BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b); -void BN_swap(BIGNUM *a, BIGNUM *b); -BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret); -int BN_bn2bin(const BIGNUM *a, unsigned char *to); -int BN_bn2binpad(const BIGNUM *a, unsigned char *to, int tolen); -BIGNUM *BN_lebin2bn(const unsigned char *s, int len, BIGNUM *ret); -int BN_bn2lebinpad(const BIGNUM *a, unsigned char *to, int tolen); -BIGNUM *BN_mpi2bn(const unsigned char *s, int len, BIGNUM *ret); -int BN_bn2mpi(const BIGNUM *a, unsigned char *to); -int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); -int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); -int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); -int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); -int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); -int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx); -void BN_set_negative(BIGNUM *b, int n); - -int BN_is_negative(const BIGNUM *b); - -int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, - BN_CTX *ctx); -#define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx)) - -int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx); -int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); -int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m); -int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); -int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m); -int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - const BIGNUM *m, BN_CTX *ctx); -int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); -int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); -int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m); -int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m, BN_CTX *ctx); -int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m); - -BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w); -BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w); -int BN_mul_word(BIGNUM *a, BN_ULONG w); -int BN_add_word(BIGNUM *a, BN_ULONG w); -int BN_sub_word(BIGNUM *a, BN_ULONG w); -int BN_set_word(BIGNUM *a, BN_ULONG w); -BN_ULONG BN_get_word(const BIGNUM *a); - -int BN_cmp(const BIGNUM *a, const BIGNUM *b); -void BN_free(BIGNUM *a); -int BN_is_bit_set(const BIGNUM *a, int n); -int BN_lshift(BIGNUM *r, const BIGNUM *a, int n); -int BN_lshift1(BIGNUM *r, const BIGNUM *a); -int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx); - -int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); -int BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); -int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont); - -int BN_mask_bits(BIGNUM *a, int n); -int BN_print_fp(FILE *fp, const BIGNUM *a); -int BN_print(BIO *fp, const BIGNUM *a); -int BN_rshift(BIGNUM *r, const BIGNUM *a, int n); -int BN_rshift1(BIGNUM *r, const BIGNUM *a); -void BN_clear(BIGNUM *a); -BIGNUM *BN_dup(const BIGNUM *a); -int BN_ucmp(const BIGNUM *a, const BIGNUM *b); -int BN_set_bit(BIGNUM *a, int n); -int BN_clear_bit(BIGNUM *a, int n); -char * BN_bn2hex(const BIGNUM *a); -char * BN_bn2dec(const BIGNUM *a); -int BN_hex2bn(BIGNUM **a, const char *str); -int BN_dec2bn(BIGNUM **a, const char *str); -int BN_asc2bn(BIGNUM **a, const char *str); -int BN_gcd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); -int BN_kronecker(const BIGNUM *a,const BIGNUM *b,BN_CTX *ctx); /* returns -2 for error */ -BIGNUM *BN_mod_inverse(BIGNUM *ret, - const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx); -BIGNUM *BN_mod_sqrt(BIGNUM *ret, - const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx); - -void BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords); - -int BN_security_bits(int L, int N); - -int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add, - const BIGNUM *rem, BN_GENCB *cb); -int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb); -int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, - int do_trial_division, BN_GENCB *cb); - -BN_MONT_CTX *BN_MONT_CTX_new(void); -int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - BN_MONT_CTX *mont, BN_CTX *ctx); -int BN_to_montgomery(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont, - BN_CTX *ctx); -int BN_from_montgomery(BIGNUM *r, const BIGNUM *a, - BN_MONT_CTX *mont, BN_CTX *ctx); -void BN_MONT_CTX_free(BN_MONT_CTX *mont); -int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx); -BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, const BN_MONT_CTX *from); -BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock, - const BIGNUM *mod, BN_CTX *ctx); - -/* Primes from RFC 2409 */ -BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn); -BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn); - -/* Primes from RFC 3526 */ -BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn); -BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn); -BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn); -BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn); -BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn); -BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn); - -void ERR_load_BN_strings(void); - -/* Error codes for the BN functions. */ - -/* Function codes. */ -#define BN_F_BNRAND 127 -#define BN_F_BN_BLINDING_CONVERT_EX 100 -#define BN_F_BN_BLINDING_CREATE_PARAM 128 -#define BN_F_BN_BLINDING_INVERT_EX 101 -#define BN_F_BN_BLINDING_NEW 102 -#define BN_F_BN_BLINDING_UPDATE 103 -#define BN_F_BN_BN2DEC 104 -#define BN_F_BN_BN2HEX 105 -#define BN_F_BN_CTX_GET 116 -#define BN_F_BN_CTX_NEW 106 -#define BN_F_BN_CTX_START 129 -#define BN_F_BN_DIV 107 -#define BN_F_BN_DIV_NO_BRANCH 138 -#define BN_F_BN_DIV_RECP 130 -#define BN_F_BN_EXP 123 -#define BN_F_BN_EXPAND2 108 -#define BN_F_BN_GENERATE_PRIME_EX 140 -#define BN_F_BN_EXPAND_INTERNAL 120 -#define BN_F_BN_GF2M_MOD 131 -#define BN_F_BN_GF2M_MOD_EXP 132 -#define BN_F_BN_GF2M_MOD_MUL 133 -#define BN_F_BN_GF2M_MOD_SOLVE_QUAD 134 -#define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 135 -#define BN_F_BN_GF2M_MOD_SQR 136 -#define BN_F_BN_GF2M_MOD_SQRT 137 -#define BN_F_BN_MOD_EXP2_MONT 118 -#define BN_F_BN_MOD_EXP_MONT 109 -#define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124 -#define BN_F_BN_MOD_EXP_MONT_WORD 117 -#define BN_F_BN_MOD_EXP_RECP 125 -#define BN_F_BN_MOD_EXP_SIMPLE 126 -#define BN_F_BN_MOD_INVERSE 110 -#define BN_F_BN_MOD_INVERSE_NO_BRANCH 139 -#define BN_F_BN_MOD_LSHIFT_QUICK 119 -#define BN_F_BN_MOD_MUL_RECIPROCAL 111 -#define BN_F_BN_MOD_SQRT 121 -#define BN_F_BN_MPI2BN 112 -#define BN_F_BN_NEW 113 -#define BN_F_BN_RAND 114 -#define BN_F_BN_RAND_RANGE 122 -#define BN_F_BN_USUB 115 - -/* Reason codes. */ -#define BN_R_ARG2_LT_ARG3 100 -#define BN_R_BAD_RECIPROCAL 101 -#define BN_R_BIGNUM_TOO_LONG 114 -#define BN_R_BITS_TOO_SMALL 117 -#define BN_R_CALLED_WITH_EVEN_MODULUS 102 -#define BN_R_DIV_BY_ZERO 103 -#define BN_R_ENCODING_ERROR 104 -#define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 105 -#define BN_R_INPUT_NOT_REDUCED 110 -#define BN_R_INVALID_ARGUMENT 118 -#define BN_R_INVALID_LENGTH 106 -#define BN_R_INVALID_RANGE 115 -#define BN_R_NOT_A_SQUARE 111 -#define BN_R_NOT_INITIALIZED 107 -#define BN_R_NO_INVERSE 108 -#define BN_R_NO_SOLUTION 116 -#define BN_R_P_IS_NOT_PRIME 112 -#define BN_R_TOO_MANY_ITERATIONS 113 -#define BN_R_TOO_MANY_TEMPORARY_VARIABLES 109 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/bn/bn_add.c b/src/lib/libcrypto/bn/bn_add.c deleted file mode 100644 index 86768a312a..0000000000 --- a/src/lib/libcrypto/bn/bn_add.c +++ /dev/null @@ -1,341 +0,0 @@ -/* $OpenBSD: bn_add.c,v 1.26 2023/07/08 12:21:58 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include - -#include "bn_arch.h" -#include "bn_local.h" -#include "bn_internal.h" - -/* - * bn_add_words() computes (carry:r[i]) = a[i] + b[i] + carry, where a and b - * are both arrays of words. Any carry resulting from the addition is returned. - */ -#ifndef HAVE_BN_ADD_WORDS -BN_ULONG -bn_add_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n) -{ - BN_ULONG carry = 0; - - assert(n >= 0); - if (n <= 0) - return 0; - - while (n & ~3) { - bn_qwaddqw(a[3], a[2], a[1], a[0], b[3], b[2], b[1], b[0], - carry, &carry, &r[3], &r[2], &r[1], &r[0]); - a += 4; - b += 4; - r += 4; - n -= 4; - } - while (n) { - bn_addw_addw(a[0], b[0], carry, &carry, &r[0]); - a++; - b++; - r++; - n--; - } - return carry; -} -#endif - -/* - * bn_add() computes (carry:r[i]) = a[i] + b[i] + carry, where a and b are both - * arrays of words (r may be the same as a or b). The length of a and b may - * differ, while r must be at least max(a_len, b_len) in length. Any carry - * resulting from the addition is returned. - */ -#ifndef HAVE_BN_ADD -BN_ULONG -bn_add(BN_ULONG *r, int r_len, const BN_ULONG *a, int a_len, const BN_ULONG *b, - int b_len) -{ - int min_len, diff_len; - BN_ULONG carry = 0; - - if ((min_len = a_len) > b_len) - min_len = b_len; - - diff_len = a_len - b_len; - - carry = bn_add_words(r, a, b, min_len); - - a += min_len; - b += min_len; - r += min_len; - - /* XXX - consider doing four at a time to match bn_add_words(). */ - while (diff_len < 0) { - /* Compute r[0] = 0 + b[0] + carry. */ - bn_addw(b[0], carry, &carry, &r[0]); - diff_len++; - b++; - r++; - } - - /* XXX - consider doing four at a time to match bn_add_words(). */ - while (diff_len > 0) { - /* Compute r[0] = a[0] + 0 + carry. */ - bn_addw(a[0], carry, &carry, &r[0]); - diff_len--; - a++; - r++; - } - - return carry; -} -#endif - -/* - * bn_sub_words() computes (borrow:r[i]) = a[i] - b[i] - borrow, where a and b - * are both arrays of words. Any borrow resulting from the subtraction is - * returned. - */ -#ifndef HAVE_BN_SUB_WORDS -BN_ULONG -bn_sub_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n) -{ - BN_ULONG borrow = 0; - - assert(n >= 0); - if (n <= 0) - return 0; - - while (n & ~3) { - bn_qwsubqw(a[3], a[2], a[1], a[0], b[3], b[2], b[1], b[0], - borrow, &borrow, &r[3], &r[2], &r[1], &r[0]); - a += 4; - b += 4; - r += 4; - n -= 4; - } - while (n) { - bn_subw_subw(a[0], b[0], borrow, &borrow, &r[0]); - a++; - b++; - r++; - n--; - } - return borrow; -} -#endif - -/* - * bn_sub() computes (borrow:r[i]) = a[i] - b[i] - borrow, where a and b are both - * arrays of words (r may be the same as a or b). The length of a and b may - * differ, while r must be at least max(a_len, b_len) in length. Any borrow - * resulting from the subtraction is returned. - */ -#ifndef HAVE_BN_SUB -BN_ULONG -bn_sub(BN_ULONG *r, int r_len, const BN_ULONG *a, int a_len, const BN_ULONG *b, - int b_len) -{ - int min_len, diff_len; - BN_ULONG borrow = 0; - - if ((min_len = a_len) > b_len) - min_len = b_len; - - diff_len = a_len - b_len; - - borrow = bn_sub_words(r, a, b, min_len); - - a += min_len; - b += min_len; - r += min_len; - - /* XXX - consider doing four at a time to match bn_sub_words. */ - while (diff_len < 0) { - /* Compute r[0] = 0 - b[0] - borrow. */ - bn_subw(0 - b[0], borrow, &borrow, &r[0]); - diff_len++; - b++; - r++; - } - - /* XXX - consider doing four at a time to match bn_sub_words. */ - while (diff_len > 0) { - /* Compute r[0] = a[0] - 0 - borrow. */ - bn_subw(a[0], borrow, &borrow, &r[0]); - diff_len--; - a++; - r++; - } - - return borrow; -} -#endif - -int -BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) -{ - BN_ULONG carry; - int rn; - - if ((rn = a->top) < b->top) - rn = b->top; - if (rn == INT_MAX) - return 0; - if (!bn_wexpand(r, rn + 1)) - return 0; - - carry = bn_add(r->d, rn, a->d, a->top, b->d, b->top); - r->d[rn] = carry; - - r->top = rn + (carry & 1); - r->neg = 0; - - return 1; -} -LCRYPTO_ALIAS(BN_uadd); - -int -BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) -{ - BN_ULONG borrow; - int rn; - - if (a->top < b->top) { - BNerror(BN_R_ARG2_LT_ARG3); - return 0; - } - rn = a->top; - - if (!bn_wexpand(r, rn)) - return 0; - - borrow = bn_sub(r->d, rn, a->d, a->top, b->d, b->top); - if (borrow > 0) { - BNerror(BN_R_ARG2_LT_ARG3); - return 0; - } - - r->top = rn; - r->neg = 0; - - bn_correct_top(r); - - return 1; -} -LCRYPTO_ALIAS(BN_usub); - -int -BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) -{ - int ret, r_neg; - - if (a->neg == b->neg) { - r_neg = a->neg; - ret = BN_uadd(r, a, b); - } else { - int cmp = BN_ucmp(a, b); - - if (cmp > 0) { - r_neg = a->neg; - ret = BN_usub(r, a, b); - } else if (cmp < 0) { - r_neg = b->neg; - ret = BN_usub(r, b, a); - } else { - r_neg = 0; - BN_zero(r); - ret = 1; - } - } - - BN_set_negative(r, r_neg); - - return ret; -} -LCRYPTO_ALIAS(BN_add); - -int -BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) -{ - int ret, r_neg; - - if (a->neg != b->neg) { - r_neg = a->neg; - ret = BN_uadd(r, a, b); - } else { - int cmp = BN_ucmp(a, b); - - if (cmp > 0) { - r_neg = a->neg; - ret = BN_usub(r, a, b); - } else if (cmp < 0) { - r_neg = !b->neg; - ret = BN_usub(r, b, a); - } else { - r_neg = 0; - BN_zero(r); - ret = 1; - } - } - - BN_set_negative(r, r_neg); - - return ret; -} -LCRYPTO_ALIAS(BN_sub); diff --git a/src/lib/libcrypto/bn/bn_bpsw.c b/src/lib/libcrypto/bn/bn_bpsw.c deleted file mode 100644 index 04db17b527..0000000000 --- a/src/lib/libcrypto/bn/bn_bpsw.c +++ /dev/null @@ -1,531 +0,0 @@ -/* $OpenBSD: bn_bpsw.c,v 1.12 2025/02/13 11:10:01 tb Exp $ */ -/* - * Copyright (c) 2022 Martin Grenouilloux - * Copyright (c) 2022 Theo Buehler - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include "bn_local.h" -#include "bn_prime.h" - -/* - * For an odd n compute a / 2 (mod n). If a is even, we can do a plain - * division, otherwise calculate (a + n) / 2. Then reduce (mod n). - */ - -static int -bn_div_by_two_mod_odd_n(BIGNUM *a, const BIGNUM *n, BN_CTX *ctx) -{ - if (!BN_is_odd(n)) - return 0; - - if (BN_is_odd(a)) { - if (!BN_add(a, a, n)) - return 0; - } - if (!BN_rshift1(a, a)) - return 0; - if (!BN_mod_ct(a, a, n, ctx)) - return 0; - - return 1; -} - -/* - * Given the next binary digit of k and the current Lucas terms U and V, this - * helper computes the next terms in the Lucas sequence defined as follows: - * - * U' = U * V (mod n) - * V' = (V^2 + D * U^2) / 2 (mod n) - * - * If digit == 0, bn_lucas_step() returns U' and V'. If digit == 1, it returns - * - * U'' = (U' + V') / 2 (mod n) - * V'' = (V' + D * U') / 2 (mod n) - * - * Compare with FIPS 186-4, Appendix C.3.3, step 6. - */ - -static int -bn_lucas_step(BIGNUM *U, BIGNUM *V, int digit, const BIGNUM *D, - const BIGNUM *n, BN_CTX *ctx) -{ - BIGNUM *tmp; - int ret = 0; - - BN_CTX_start(ctx); - - if ((tmp = BN_CTX_get(ctx)) == NULL) - goto err; - - /* Calculate D * U^2 before computing U'. */ - if (!BN_sqr(tmp, U, ctx)) - goto err; - if (!BN_mul(tmp, D, tmp, ctx)) - goto err; - - /* U' = U * V (mod n). */ - if (!BN_mod_mul(U, U, V, n, ctx)) - goto err; - - /* V' = (V^2 + D * U^2) / 2 (mod n). */ - if (!BN_sqr(V, V, ctx)) - goto err; - if (!BN_add(V, V, tmp)) - goto err; - if (!bn_div_by_two_mod_odd_n(V, n, ctx)) - goto err; - - if (digit == 1) { - /* Calculate D * U' before computing U''. */ - if (!BN_mul(tmp, D, U, ctx)) - goto err; - - /* U'' = (U' + V') / 2 (mod n). */ - if (!BN_add(U, U, V)) - goto err; - if (!bn_div_by_two_mod_odd_n(U, n, ctx)) - goto err; - - /* V'' = (V' + D * U') / 2 (mod n). */ - if (!BN_add(V, V, tmp)) - goto err; - if (!bn_div_by_two_mod_odd_n(V, n, ctx)) - goto err; - } - - ret = 1; - - err: - BN_CTX_end(ctx); - - return ret; -} - -/* - * Compute the Lucas terms U_k, V_k, see FIPS 186-4, Appendix C.3.3, steps 4-6. - */ - -static int -bn_lucas(BIGNUM *U, BIGNUM *V, const BIGNUM *k, const BIGNUM *D, - const BIGNUM *n, BN_CTX *ctx) -{ - int digit, i; - int ret = 0; - - if (!BN_one(U)) - goto err; - if (!BN_one(V)) - goto err; - - /* - * Iterate over the digits of k from MSB to LSB. Start at digit 2 - * since the first digit is dealt with by setting U = 1 and V = 1. - */ - - for (i = BN_num_bits(k) - 2; i >= 0; i--) { - digit = BN_is_bit_set(k, i); - - if (!bn_lucas_step(U, V, digit, D, n, ctx)) - goto err; - } - - ret = 1; - - err: - return ret; -} - -/* - * This is a stronger variant of the Lucas test in FIPS 186-4, Appendix C.3.3. - * Every strong Lucas pseudoprime n is also a Lucas pseudoprime since - * U_{n+1} == 0 follows from U_k == 0 or V_{k * 2^r} == 0 for 0 <= r < s. - */ - -static int -bn_strong_lucas_test(int *is_pseudoprime, const BIGNUM *n, const BIGNUM *D, - BN_CTX *ctx) -{ - BIGNUM *k, *U, *V; - int r, s; - int ret = 0; - - BN_CTX_start(ctx); - - if ((k = BN_CTX_get(ctx)) == NULL) - goto err; - if ((U = BN_CTX_get(ctx)) == NULL) - goto err; - if ((V = BN_CTX_get(ctx)) == NULL) - goto err; - - /* - * Factorize n + 1 = k * 2^s with odd k: shift away the s trailing ones - * of n and set the lowest bit of the resulting number k. - */ - - s = 0; - while (BN_is_bit_set(n, s)) - s++; - if (!BN_rshift(k, n, s)) - goto err; - if (!BN_set_bit(k, 0)) - goto err; - - /* - * Calculate the Lucas terms U_k and V_k. If either of them is zero, - * then n is a strong Lucas pseudoprime. - */ - - if (!bn_lucas(U, V, k, D, n, ctx)) - goto err; - - if (BN_is_zero(U) || BN_is_zero(V)) { - *is_pseudoprime = 1; - goto done; - } - - /* - * Calculate the Lucas terms U_{k * 2^r}, V_{k * 2^r} for 1 <= r < s. - * If any V_{k * 2^r} is zero then n is a strong Lucas pseudoprime. - */ - - for (r = 1; r < s; r++) { - if (!bn_lucas_step(U, V, 0, D, n, ctx)) - goto err; - - if (BN_is_zero(V)) { - *is_pseudoprime = 1; - goto done; - } - } - - /* - * If we got here, n is definitely composite. - */ - - *is_pseudoprime = 0; - - done: - ret = 1; - - err: - BN_CTX_end(ctx); - - return ret; -} - -/* - * Test n for primality using the strong Lucas test with Selfridge's Method A. - * Returns 1 if n is prime or a strong Lucas-Selfridge pseudoprime. - * If it returns 0 then n is definitely composite. - */ - -static int -bn_strong_lucas_selfridge(int *is_pseudoprime, const BIGNUM *n, BN_CTX *ctx) -{ - BIGNUM *D, *two; - int is_perfect_square, jacobi_symbol, sign; - int ret = 0; - - BN_CTX_start(ctx); - - /* If n is a perfect square, it is composite. */ - if (!bn_is_perfect_square(&is_perfect_square, n, ctx)) - goto err; - if (is_perfect_square) { - *is_pseudoprime = 0; - goto done; - } - - /* - * Find the first D in the Selfridge sequence 5, -7, 9, -11, 13, ... - * such that the Jacobi symbol (D/n) is -1. - */ - - if ((D = BN_CTX_get(ctx)) == NULL) - goto err; - if ((two = BN_CTX_get(ctx)) == NULL) - goto err; - - sign = 1; - if (!BN_set_word(D, 5)) - goto err; - if (!BN_set_word(two, 2)) - goto err; - - while (1) { - /* For odd n the Kronecker symbol computes the Jacobi symbol. */ - if ((jacobi_symbol = BN_kronecker(D, n, ctx)) == -2) - goto err; - - /* We found the value for D. */ - if (jacobi_symbol == -1) - break; - - /* n and D have prime factors in common. */ - if (jacobi_symbol == 0) { - *is_pseudoprime = 0; - goto done; - } - - sign = -sign; - if (!BN_uadd(D, D, two)) - goto err; - BN_set_negative(D, sign == -1); - } - - if (!bn_strong_lucas_test(is_pseudoprime, n, D, ctx)) - goto err; - - done: - ret = 1; - - err: - BN_CTX_end(ctx); - - return ret; -} - -/* - * Fermat criterion in Miller-Rabin test. - * - * Check whether 1 < base < n - 1 witnesses that n is composite. For prime n: - * - * * Fermat's little theorem: base^(n-1) = 1 (mod n). - * * The only square roots of 1 (mod n) are 1 and -1. - * - * Calculate base^((n-1)/2) by writing n - 1 = k * 2^s with odd k. Iteratively - * compute power = (base^k)^(2^(s-1)) by successive squaring of base^k. - * - * If power ever reaches -1, base^(n-1) is equal to 1 and n is a pseudoprime - * for base. If power reaches 1 before -1 during successive squaring, we have - * an unexpected square root of 1 and n is composite. Otherwise base^(n-1) != 1, - * and n is composite. - */ - -static int -bn_fermat(int *is_pseudoprime, const BIGNUM *n, const BIGNUM *n_minus_one, - const BIGNUM *k, int s, const BIGNUM *base, BN_CTX *ctx, BN_MONT_CTX *mctx) -{ - BIGNUM *power; - int ret = 0; - int i; - - BN_CTX_start(ctx); - - if ((power = BN_CTX_get(ctx)) == NULL) - goto err; - - /* Sanity check: ensure that 1 < base < n - 1. */ - if (BN_cmp(base, BN_value_one()) <= 0 || BN_cmp(base, n_minus_one) >= 0) - goto err; - - if (!BN_mod_exp_mont_ct(power, base, k, n, ctx, mctx)) - goto err; - - if (BN_is_one(power) || BN_cmp(power, n_minus_one) == 0) { - *is_pseudoprime = 1; - goto done; - } - - /* Loop invariant: power is neither 1 nor -1 (mod n). */ - for (i = 1; i < s; i++) { - if (!BN_mod_sqr(power, power, n, ctx)) - goto err; - - /* n is a pseudoprime for base. */ - if (BN_cmp(power, n_minus_one) == 0) { - *is_pseudoprime = 1; - goto done; - } - - /* n is composite: there's a square root of unity != 1 or -1. */ - if (BN_is_one(power)) { - *is_pseudoprime = 0; - goto done; - } - } - - /* - * If we get here, n is definitely composite: base^(n-1) != 1. - */ - - *is_pseudoprime = 0; - - done: - ret = 1; - - err: - BN_CTX_end(ctx); - - return ret; -} - -/* - * Miller-Rabin primality test for base 2 and for |rounds| of random bases. - * On success: is_pseudoprime == 0 implies that n is composite. - */ - -static int -bn_miller_rabin(int *is_pseudoprime, const BIGNUM *n, BN_CTX *ctx, - size_t rounds) -{ - BN_MONT_CTX *mctx = NULL; - BIGNUM *base, *k, *n_minus_one; - size_t i; - int s; - int ret = 0; - - BN_CTX_start(ctx); - - if ((base = BN_CTX_get(ctx)) == NULL) - goto err; - if ((k = BN_CTX_get(ctx)) == NULL) - goto err; - if ((n_minus_one = BN_CTX_get(ctx)) == NULL) - goto err; - - if (BN_is_word(n, 2) || BN_is_word(n, 3)) { - *is_pseudoprime = 1; - goto done; - } - - if (BN_cmp(n, BN_value_one()) <= 0 || !BN_is_odd(n)) { - *is_pseudoprime = 0; - goto done; - } - - if (!BN_sub(n_minus_one, n, BN_value_one())) - goto err; - - /* - * Factorize n - 1 = k * 2^s. - */ - - s = 0; - while (!BN_is_bit_set(n_minus_one, s)) - s++; - if (!BN_rshift(k, n_minus_one, s)) - goto err; - - /* - * Montgomery setup for n. - */ - - if ((mctx = BN_MONT_CTX_create(n, ctx)) == NULL) - goto err; - - /* - * Perform a Miller-Rabin test for base 2 as required by BPSW. - */ - - if (!BN_set_word(base, 2)) - goto err; - - if (!bn_fermat(is_pseudoprime, n, n_minus_one, k, s, base, ctx, mctx)) - goto err; - if (!*is_pseudoprime) - goto done; - - /* - * Perform Miller-Rabin tests with random 3 <= base < n - 1 to reduce - * risk of false positives in BPSW. - */ - - for (i = 0; i < rounds; i++) { - if (!bn_rand_interval(base, 3, n_minus_one)) - goto err; - - if (!bn_fermat(is_pseudoprime, n, n_minus_one, k, s, base, ctx, - mctx)) - goto err; - if (!*is_pseudoprime) - goto done; - } - - /* - * If we got here, we have a Miller-Rabin pseudoprime. - */ - - *is_pseudoprime = 1; - - done: - ret = 1; - - err: - BN_MONT_CTX_free(mctx); - BN_CTX_end(ctx); - - return ret; -} - -/* - * The Baillie-Pomerance-Selfridge-Wagstaff algorithm combines a Miller-Rabin - * test for base 2 with a Strong Lucas pseudoprime test. - */ - -int -bn_is_prime_bpsw(int *is_pseudoprime, const BIGNUM *n, BN_CTX *in_ctx, - size_t rounds) -{ - BN_CTX *ctx = NULL; - BN_ULONG mod; - int i; - int ret = 0; - - if (BN_is_word(n, 2)) { - *is_pseudoprime = 1; - goto done; - } - - if (BN_cmp(n, BN_value_one()) <= 0 || !BN_is_odd(n)) { - *is_pseudoprime = 0; - goto done; - } - - /* Trial divisions with the first 2048 primes. */ - for (i = 0; i < NUMPRIMES; i++) { - if ((mod = BN_mod_word(n, primes[i])) == (BN_ULONG)-1) - goto err; - if (mod == 0) { - *is_pseudoprime = BN_is_word(n, primes[i]); - goto done; - } - } - - if ((ctx = in_ctx) == NULL) - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - - if (!bn_miller_rabin(is_pseudoprime, n, ctx, rounds)) - goto err; - if (!*is_pseudoprime) - goto done; - - if (!bn_strong_lucas_selfridge(is_pseudoprime, n, ctx)) - goto err; - - done: - ret = 1; - - err: - if (ctx != in_ctx) - BN_CTX_free(ctx); - - return ret; -} diff --git a/src/lib/libcrypto/bn/bn_const.c b/src/lib/libcrypto/bn/bn_const.c deleted file mode 100644 index bf684c8a46..0000000000 --- a/src/lib/libcrypto/bn/bn_const.c +++ /dev/null @@ -1,433 +0,0 @@ -/* $OpenBSD: bn_const.c,v 1.8 2023/07/28 10:07:30 tb Exp $ */ -/* Insert boilerplate */ - -#include - -/* - * "First Oakley Default Group" from RFC2409, section 6.1. - * - * The prime is: 2^768 - 2 ^704 - 1 + 2^64 * { [2^638 pi] + 149686 } - * - * RFC2409 specifies a generator of 2. - * RFC2412 specifies a generator of of 22. - */ - -static const unsigned char RFC2409_PRIME_768[] = { - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, - 0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, - 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6, - 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, - 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, - 0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, - 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9, - 0xA6, 0x3A, 0x36, 0x20, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, -}; - -BIGNUM * -BN_get_rfc2409_prime_768(BIGNUM *bn) -{ - return BN_bin2bn(RFC2409_PRIME_768, sizeof(RFC2409_PRIME_768), bn); -} -LCRYPTO_ALIAS(BN_get_rfc2409_prime_768); - -/* - * "Second Oakley Default Group" from RFC2409, section 6.2. - * - * The prime is: 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }. - * - * RFC2409 specifies a generator of 2. - * RFC2412 specifies a generator of 22. - */ - -static const unsigned char RFC2409_PRIME_1024[] = { - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, - 0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, - 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6, - 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, - 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, - 0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, - 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9, - 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, - 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, - 0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE6, 0x53, 0x81, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, -}; - -BIGNUM * -BN_get_rfc2409_prime_1024(BIGNUM *bn) -{ - return BN_bin2bn(RFC2409_PRIME_1024, sizeof(RFC2409_PRIME_1024), bn); -} -LCRYPTO_ALIAS(BN_get_rfc2409_prime_1024); - -/* - * "1536-bit MODP Group" from RFC3526, Section 2. - * - * The prime is: 2^1536 - 2^1472 - 1 + 2^64 * { [2^1406 pi] + 741804 } - * - * RFC3526 specifies a generator of 2. - * RFC2312 specifies a generator of 22. - */ - -static const unsigned char RFC3526_PRIME_1536[] = { - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, - 0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, - 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6, - 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, - 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, - 0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, - 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9, - 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, - 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, - 0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, - 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, - 0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, - 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56, - 0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, - 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08, - 0xCA, 0x23, 0x73, 0x27, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, -}; - -BIGNUM * -BN_get_rfc3526_prime_1536(BIGNUM *bn) -{ - return BN_bin2bn(RFC3526_PRIME_1536, sizeof(RFC3526_PRIME_1536), bn); -} -LCRYPTO_ALIAS(BN_get_rfc3526_prime_1536); - -/* - * "2048-bit MODP Group" from RFC3526, Section 3. - * - * The prime is: 2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 } - * - * RFC3526 specifies a generator of 2. - */ - -static const unsigned char RFC3526_PRIME_2048[] = { - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, - 0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, - 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6, - 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, - 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, - 0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, - 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9, - 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, - 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, - 0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, - 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, - 0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, - 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56, - 0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, - 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08, - 0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, - 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2, - 0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, - 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C, - 0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, - 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, -}; - -BIGNUM * -BN_get_rfc3526_prime_2048(BIGNUM *bn) -{ - return BN_bin2bn(RFC3526_PRIME_2048, sizeof(RFC3526_PRIME_2048), bn); -} -LCRYPTO_ALIAS(BN_get_rfc3526_prime_2048); - -/* - * "3072-bit MODP Group" from RFC3526, Section 4. - * - * The prime is: 2^3072 - 2^3008 - 1 + 2^64 * { [2^2942 pi] + 1690314 } - * - * RFC3526 specifies a generator of 2. - */ - -static const unsigned char RFC3526_PRIME_3072[] = { - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, - 0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, - 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6, - 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, - 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, - 0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, - 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9, - 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, - 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, - 0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, - 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, - 0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, - 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56, - 0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, - 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08, - 0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, - 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2, - 0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, - 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C, - 0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, - 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D, - 0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, - 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57, - 0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, - 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0, - 0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, - 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73, - 0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, - 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0, - 0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, - 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, 0x20, - 0xA9, 0x3A, 0xD2, 0xCA, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, -}; - -BIGNUM * -BN_get_rfc3526_prime_3072(BIGNUM *bn) -{ - return BN_bin2bn(RFC3526_PRIME_3072, sizeof(RFC3526_PRIME_3072), bn); -} -LCRYPTO_ALIAS(BN_get_rfc3526_prime_3072); - -/* - * "4096-bit MODP Group" from RFC3526, Section 5. - * - * The prime is: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 } - * - * RFC3526 specifies a generator of 2. - */ - -static const unsigned char RFC3526_PRIME_4096[] = { - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, - 0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, - 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6, - 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, - 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, - 0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, - 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9, - 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, - 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, - 0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, - 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, - 0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, - 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56, - 0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, - 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08, - 0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, - 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2, - 0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, - 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C, - 0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, - 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D, - 0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, - 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57, - 0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, - 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0, - 0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, - 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73, - 0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, - 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0, - 0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, - 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, 0x20, - 0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, - 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, 0x99, 0xC3, 0x27, 0x18, - 0x6A, 0xF4, 0xE2, 0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA, - 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, 0xDB, - 0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6, - 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99, 0xB2, 0x96, 0x4F, - 0xA0, 0x90, 0xC3, 0xA2, 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED, - 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76, - 0x21, 0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9, - 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF, 0xB7, 0xDC, - 0x90, 0xA6, 0xC0, 0x8F, 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, -}; - -BIGNUM * -BN_get_rfc3526_prime_4096(BIGNUM *bn) -{ - return BN_bin2bn(RFC3526_PRIME_4096, sizeof(RFC3526_PRIME_4096), bn); -} -LCRYPTO_ALIAS(BN_get_rfc3526_prime_4096); - -/* - * "6144-bit MODP Group" from RFC3526, Section 6. - * - * The prime is: 2^6144 - 2^6080 - 1 + 2^64 * { [2^6014 pi] + 929484 } - * - * RFC3526 specifies a generator of 2. - */ - -static const unsigned char RFC3526_PRIME_6144[] = { - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, - 0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, - 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6, - 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, - 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, - 0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, - 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9, - 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, - 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, - 0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, - 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, - 0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, - 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56, - 0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, - 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08, - 0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, - 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2, - 0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, - 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C, - 0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, - 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D, - 0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, - 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57, - 0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, - 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0, - 0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, - 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73, - 0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, - 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0, - 0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, - 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, 0x20, - 0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, - 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, 0x99, 0xC3, 0x27, 0x18, - 0x6A, 0xF4, 0xE2, 0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA, - 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, 0xDB, - 0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6, - 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99, 0xB2, 0x96, 0x4F, - 0xA0, 0x90, 0xC3, 0xA2, 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED, - 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76, - 0x21, 0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9, - 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF, 0xB7, 0xDC, - 0x90, 0xA6, 0xC0, 0x8F, 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92, - 0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70, 0x26, 0xC1, 0xD4, 0xDC, 0xB2, - 0x60, 0x26, 0x46, 0xDE, 0xC9, 0x75, 0x1E, 0x76, 0x3D, 0xBA, 0x37, 0xBD, - 0xF8, 0xFF, 0x94, 0x06, 0xAD, 0x9E, 0x53, 0x0E, 0xE5, 0xDB, 0x38, 0x2F, - 0x41, 0x30, 0x01, 0xAE, 0xB0, 0x6A, 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31, - 0x17, 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18, 0xDA, 0x3E, 0xDB, 0xEB, - 0xCF, 0x9B, 0x14, 0xED, 0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4, 0xBB, 0x1B, - 0xDB, 0x7F, 0x14, 0x47, 0xE6, 0xCC, 0x25, 0x4B, 0x33, 0x20, 0x51, 0x51, - 0x2B, 0xD7, 0xAF, 0x42, 0x6F, 0xB8, 0xF4, 0x01, 0x37, 0x8C, 0xD2, 0xBF, - 0x59, 0x83, 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC, 0xF0, 0x32, 0xEA, 0x15, - 0xD1, 0x72, 0x1D, 0x03, 0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE, 0xF6, - 0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98, 0x0C, 0x82, 0xB5, 0xA8, 0x40, 0x31, - 0x90, 0x0B, 0x1C, 0x9E, 0x59, 0xE7, 0xC9, 0x7F, 0xBE, 0xC7, 0xE8, 0xF3, - 0x23, 0xA9, 0x7A, 0x7E, 0x36, 0xCC, 0x88, 0xBE, 0x0F, 0x1D, 0x45, 0xB7, - 0xFF, 0x58, 0x5A, 0xC5, 0x4B, 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA, - 0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1, 0xD8, 0x14, 0xCC, 0x5E, 0xD2, - 0x0F, 0x80, 0x37, 0xE0, 0xA7, 0x97, 0x15, 0xEE, 0xF2, 0x9B, 0xE3, 0x28, - 0x06, 0xA1, 0xD5, 0x8B, 0xB7, 0xC5, 0xDA, 0x76, 0xF5, 0x50, 0xAA, 0x3D, - 0x8A, 0x1F, 0xBF, 0xF0, 0xEB, 0x19, 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C, - 0xDA, 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32, 0x38, 0x7F, 0xE8, 0xD7, - 0x6E, 0x3C, 0x04, 0x68, 0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48, 0x60, 0xEE, - 0x12, 0xBF, 0x2D, 0x5B, 0x0B, 0x74, 0x74, 0xD6, 0xE6, 0x94, 0xF9, 0x1E, - 0x6D, 0xCC, 0x40, 0x24, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, -}; - -BIGNUM * -BN_get_rfc3526_prime_6144(BIGNUM *bn) -{ - return BN_bin2bn(RFC3526_PRIME_6144, sizeof(RFC3526_PRIME_6144), bn); -} -LCRYPTO_ALIAS(BN_get_rfc3526_prime_6144); - -/* - * "8192-bit MODP Group" from RFC3526, Section 7. - * - * The prime is: 2^8192 - 2^8128 - 1 + 2^64 * { [2^8062 pi] + 4743158 } - * - * RFC3526 specifies a generator of 2. - */ - -static const unsigned char RFC3526_PRIME_8192[] = { - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, - 0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, - 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6, - 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, - 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, - 0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, - 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9, - 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, - 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, - 0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, - 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, - 0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, - 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56, - 0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, - 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08, - 0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, - 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2, - 0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, - 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C, - 0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, - 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D, - 0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, - 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57, - 0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, - 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0, - 0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, - 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73, - 0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, - 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0, - 0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, - 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, 0x20, - 0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, - 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, 0x99, 0xC3, 0x27, 0x18, - 0x6A, 0xF4, 0xE2, 0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA, - 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, 0xDB, - 0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6, - 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99, 0xB2, 0x96, 0x4F, - 0xA0, 0x90, 0xC3, 0xA2, 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED, - 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76, - 0x21, 0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9, - 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF, 0xB7, 0xDC, - 0x90, 0xA6, 0xC0, 0x8F, 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92, - 0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70, 0x26, 0xC1, 0xD4, 0xDC, 0xB2, - 0x60, 0x26, 0x46, 0xDE, 0xC9, 0x75, 0x1E, 0x76, 0x3D, 0xBA, 0x37, 0xBD, - 0xF8, 0xFF, 0x94, 0x06, 0xAD, 0x9E, 0x53, 0x0E, 0xE5, 0xDB, 0x38, 0x2F, - 0x41, 0x30, 0x01, 0xAE, 0xB0, 0x6A, 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31, - 0x17, 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18, 0xDA, 0x3E, 0xDB, 0xEB, - 0xCF, 0x9B, 0x14, 0xED, 0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4, 0xBB, 0x1B, - 0xDB, 0x7F, 0x14, 0x47, 0xE6, 0xCC, 0x25, 0x4B, 0x33, 0x20, 0x51, 0x51, - 0x2B, 0xD7, 0xAF, 0x42, 0x6F, 0xB8, 0xF4, 0x01, 0x37, 0x8C, 0xD2, 0xBF, - 0x59, 0x83, 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC, 0xF0, 0x32, 0xEA, 0x15, - 0xD1, 0x72, 0x1D, 0x03, 0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE, 0xF6, - 0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98, 0x0C, 0x82, 0xB5, 0xA8, 0x40, 0x31, - 0x90, 0x0B, 0x1C, 0x9E, 0x59, 0xE7, 0xC9, 0x7F, 0xBE, 0xC7, 0xE8, 0xF3, - 0x23, 0xA9, 0x7A, 0x7E, 0x36, 0xCC, 0x88, 0xBE, 0x0F, 0x1D, 0x45, 0xB7, - 0xFF, 0x58, 0x5A, 0xC5, 0x4B, 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA, - 0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1, 0xD8, 0x14, 0xCC, 0x5E, 0xD2, - 0x0F, 0x80, 0x37, 0xE0, 0xA7, 0x97, 0x15, 0xEE, 0xF2, 0x9B, 0xE3, 0x28, - 0x06, 0xA1, 0xD5, 0x8B, 0xB7, 0xC5, 0xDA, 0x76, 0xF5, 0x50, 0xAA, 0x3D, - 0x8A, 0x1F, 0xBF, 0xF0, 0xEB, 0x19, 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C, - 0xDA, 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32, 0x38, 0x7F, 0xE8, 0xD7, - 0x6E, 0x3C, 0x04, 0x68, 0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48, 0x60, 0xEE, - 0x12, 0xBF, 0x2D, 0x5B, 0x0B, 0x74, 0x74, 0xD6, 0xE6, 0x94, 0xF9, 0x1E, - 0x6D, 0xBE, 0x11, 0x59, 0x74, 0xA3, 0x92, 0x6F, 0x12, 0xFE, 0xE5, 0xE4, - 0x38, 0x77, 0x7C, 0xB6, 0xA9, 0x32, 0xDF, 0x8C, 0xD8, 0xBE, 0xC4, 0xD0, - 0x73, 0xB9, 0x31, 0xBA, 0x3B, 0xC8, 0x32, 0xB6, 0x8D, 0x9D, 0xD3, 0x00, - 0x74, 0x1F, 0xA7, 0xBF, 0x8A, 0xFC, 0x47, 0xED, 0x25, 0x76, 0xF6, 0x93, - 0x6B, 0xA4, 0x24, 0x66, 0x3A, 0xAB, 0x63, 0x9C, 0x5A, 0xE4, 0xF5, 0x68, - 0x34, 0x23, 0xB4, 0x74, 0x2B, 0xF1, 0xC9, 0x78, 0x23, 0x8F, 0x16, 0xCB, - 0xE3, 0x9D, 0x65, 0x2D, 0xE3, 0xFD, 0xB8, 0xBE, 0xFC, 0x84, 0x8A, 0xD9, - 0x22, 0x22, 0x2E, 0x04, 0xA4, 0x03, 0x7C, 0x07, 0x13, 0xEB, 0x57, 0xA8, - 0x1A, 0x23, 0xF0, 0xC7, 0x34, 0x73, 0xFC, 0x64, 0x6C, 0xEA, 0x30, 0x6B, - 0x4B, 0xCB, 0xC8, 0x86, 0x2F, 0x83, 0x85, 0xDD, 0xFA, 0x9D, 0x4B, 0x7F, - 0xA2, 0xC0, 0x87, 0xE8, 0x79, 0x68, 0x33, 0x03, 0xED, 0x5B, 0xDD, 0x3A, - 0x06, 0x2B, 0x3C, 0xF5, 0xB3, 0xA2, 0x78, 0xA6, 0x6D, 0x2A, 0x13, 0xF8, - 0x3F, 0x44, 0xF8, 0x2D, 0xDF, 0x31, 0x0E, 0xE0, 0x74, 0xAB, 0x6A, 0x36, - 0x45, 0x97, 0xE8, 0x99, 0xA0, 0x25, 0x5D, 0xC1, 0x64, 0xF3, 0x1C, 0xC5, - 0x08, 0x46, 0x85, 0x1D, 0xF9, 0xAB, 0x48, 0x19, 0x5D, 0xED, 0x7E, 0xA1, - 0xB1, 0xD5, 0x10, 0xBD, 0x7E, 0xE7, 0x4D, 0x73, 0xFA, 0xF3, 0x6B, 0xC3, - 0x1E, 0xCF, 0xA2, 0x68, 0x35, 0x90, 0x46, 0xF4, 0xEB, 0x87, 0x9F, 0x92, - 0x40, 0x09, 0x43, 0x8B, 0x48, 0x1C, 0x6C, 0xD7, 0x88, 0x9A, 0x00, 0x2E, - 0xD5, 0xEE, 0x38, 0x2B, 0xC9, 0x19, 0x0D, 0xA6, 0xFC, 0x02, 0x6E, 0x47, - 0x95, 0x58, 0xE4, 0x47, 0x56, 0x77, 0xE9, 0xAA, 0x9E, 0x30, 0x50, 0xE2, - 0x76, 0x56, 0x94, 0xDF, 0xC8, 0x1F, 0x56, 0xE8, 0x80, 0xB9, 0x6E, 0x71, - 0x60, 0xC9, 0x80, 0xDD, 0x98, 0xED, 0xD3, 0xDF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, -}; - -BIGNUM * -BN_get_rfc3526_prime_8192(BIGNUM *bn) -{ - return BN_bin2bn(RFC3526_PRIME_8192, sizeof(RFC3526_PRIME_8192), bn); -} -LCRYPTO_ALIAS(BN_get_rfc3526_prime_8192); diff --git a/src/lib/libcrypto/bn/bn_convert.c b/src/lib/libcrypto/bn/bn_convert.c deleted file mode 100644 index 6a6354f44e..0000000000 --- a/src/lib/libcrypto/bn/bn_convert.c +++ /dev/null @@ -1,757 +0,0 @@ -/* $OpenBSD: bn_convert.c,v 1.23 2024/11/08 14:18:44 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include - -#include - -#include -#include -#include - -#include "bn_local.h" -#include "bytestring.h" -#include "crypto_internal.h" - -static int bn_dec2bn_cbs(BIGNUM **bnp, CBS *cbs); -static int bn_hex2bn_cbs(BIGNUM **bnp, CBS *cbs); - -static const char hex_digits[] = "0123456789ABCDEF"; - -static int -bn_bn2binpad_internal(const BIGNUM *bn, uint8_t *out, int out_len, - int little_endian) -{ - uint8_t mask, v; - BN_ULONG w; - int i, j; - int b, n; - - n = BN_num_bytes(bn); - - if (out_len == -1) - out_len = n; - if (out_len < n) - return -1; - - if (bn->dmax == 0) { - explicit_bzero(out, out_len); - return out_len; - } - - mask = 0; - b = BN_BITS2; - j = 0; - - for (i = out_len - 1; i >= 0; i--) { - if (b == BN_BITS2) { - mask = crypto_ct_lt_mask(j, bn->top); - w = bn->d[j++ % bn->dmax]; - b = 0; - } - out[i] = (w >> b) & mask; - b += 8; - } - - if (little_endian) { - for (i = 0, j = out_len - 1; i < out_len / 2; i++, j--) { - v = out[i]; - out[i] = out[j]; - out[j] = v; - } - } - - return out_len; -} - -int -BN_bn2bin(const BIGNUM *bn, unsigned char *to) -{ - return bn_bn2binpad_internal(bn, to, -1, 0); -} -LCRYPTO_ALIAS(BN_bn2bin); - -int -BN_bn2binpad(const BIGNUM *bn, unsigned char *to, int to_len) -{ - if (to_len < 0) - return -1; - - return bn_bn2binpad_internal(bn, to, to_len, 0); -} -LCRYPTO_ALIAS(BN_bn2binpad); - -static int -bn_bin2bn_cbs(BIGNUM **bnp, CBS *cbs, int lebin) -{ - BIGNUM *bn = NULL; - BN_ULONG w; - uint8_t v; - int b, i; - - if ((bn = *bnp) == NULL) - bn = BN_new(); - if (bn == NULL) - goto err; - if (!bn_expand_bytes(bn, CBS_len(cbs))) - goto err; - - b = 0; - i = 0; - w = 0; - - while (CBS_len(cbs) > 0) { - if (lebin) { - if (!CBS_get_u8(cbs, &v)) - goto err; - } else { - if (!CBS_get_last_u8(cbs, &v)) - goto err; - } - - w |= (BN_ULONG)v << b; - b += 8; - - if (b == BN_BITS2 || CBS_len(cbs) == 0) { - b = 0; - bn->d[i++] = w; - w = 0; - } - } - - bn->neg = 0; - bn->top = i; - - bn_correct_top(bn); - - *bnp = bn; - - return 1; - - err: - if (*bnp == NULL) - BN_free(bn); - - return 0; -} - -BIGNUM * -BN_bin2bn(const unsigned char *d, int len, BIGNUM *bn) -{ - CBS cbs; - - if (len < 0) - return NULL; - - CBS_init(&cbs, d, len); - - if (!bn_bin2bn_cbs(&bn, &cbs, 0)) - return NULL; - - return bn; -} -LCRYPTO_ALIAS(BN_bin2bn); - -int -BN_bn2lebinpad(const BIGNUM *bn, unsigned char *to, int to_len) -{ - if (to_len < 0) - return -1; - - return bn_bn2binpad_internal(bn, to, to_len, 1); -} -LCRYPTO_ALIAS(BN_bn2lebinpad); - -BIGNUM * -BN_lebin2bn(const unsigned char *d, int len, BIGNUM *bn) -{ - CBS cbs; - - if (len < 0) - return NULL; - - CBS_init(&cbs, d, len); - - if (!bn_bin2bn_cbs(&bn, &cbs, 1)) - return NULL; - - return bn; -} -LCRYPTO_ALIAS(BN_lebin2bn); - -int -BN_asc2bn(BIGNUM **bnp, const char *s) -{ - CBS cbs, cbs_hex; - size_t s_len; - uint8_t v; - int neg; - - if (bnp != NULL && *bnp != NULL) - BN_zero(*bnp); - - if (s == NULL) - return 0; - if ((s_len = strlen(s)) == 0) - return 0; - - CBS_init(&cbs, s, s_len); - - /* Handle negative sign. */ - if (!CBS_peek_u8(&cbs, &v)) - return 0; - if ((neg = (v == '-'))) { - if (!CBS_skip(&cbs, 1)) - return 0; - } - - /* Try parsing as hexadecimal with a 0x prefix. */ - CBS_dup(&cbs, &cbs_hex); - if (!CBS_get_u8(&cbs_hex, &v)) - goto decimal; - if (v != '0') - goto decimal; - if (!CBS_get_u8(&cbs_hex, &v)) - goto decimal; - if (v != 'X' && v != 'x') - goto decimal; - if (bn_hex2bn_cbs(bnp, &cbs_hex) == 0) - return 0; - - goto done; - - decimal: - if (bn_dec2bn_cbs(bnp, &cbs) == 0) - return 0; - - done: - if (bnp != NULL && *bnp != NULL) - BN_set_negative(*bnp, neg); - - return 1; -} -LCRYPTO_ALIAS(BN_asc2bn); - -char * -BN_bn2dec(const BIGNUM *bn) -{ - int started = 0; - BIGNUM *tmp = NULL; - uint8_t *data = NULL; - size_t data_len = 0; - uint8_t *s = NULL; - size_t s_len; - BN_ULONG v, w; - uint8_t c; - CBB cbb; - CBS cbs; - int i; - - if (!CBB_init(&cbb, 0)) - goto err; - - if ((tmp = BN_dup(bn)) == NULL) - goto err; - - /* - * Divide the BIGNUM by a large multiple of 10, then break the remainder - * into decimal digits. This produces a reversed string of digits, - * potentially with leading zeroes. - */ - while (!BN_is_zero(tmp)) { - if ((w = BN_div_word(tmp, BN_DEC_CONV)) == -1) - goto err; - for (i = 0; i < BN_DEC_NUM; i++) { - v = w % 10; - if (!CBB_add_u8(&cbb, '0' + v)) - goto err; - w /= 10; - } - } - if (!CBB_finish(&cbb, &data, &data_len)) - goto err; - - if (data_len > SIZE_MAX - 3) - goto err; - if (!CBB_init(&cbb, data_len + 3)) - goto err; - - if (BN_is_negative(bn)) { - if (!CBB_add_u8(&cbb, '-')) - goto err; - } - - /* Reverse digits and trim leading zeroes. */ - CBS_init(&cbs, data, data_len); - while (CBS_len(&cbs) > 0) { - if (!CBS_get_last_u8(&cbs, &c)) - goto err; - if (!started && c == '0') - continue; - if (!CBB_add_u8(&cbb, c)) - goto err; - started = 1; - } - - if (!started) { - if (!CBB_add_u8(&cbb, '0')) - goto err; - } - if (!CBB_add_u8(&cbb, '\0')) - goto err; - if (!CBB_finish(&cbb, &s, &s_len)) - goto err; - - err: - BN_free(tmp); - CBB_cleanup(&cbb); - freezero(data, data_len); - - return s; -} -LCRYPTO_ALIAS(BN_bn2dec); - -static int -bn_dec2bn_cbs(BIGNUM **bnp, CBS *cbs) -{ - CBS cbs_digits; - BIGNUM *bn = NULL; - int d, neg, num; - size_t digits = 0; - BN_ULONG w; - uint8_t v; - - /* Handle negative sign. */ - if (!CBS_peek_u8(cbs, &v)) - goto err; - if ((neg = (v == '-'))) { - if (!CBS_skip(cbs, 1)) - goto err; - } - - /* Scan to find last decimal digit. */ - CBS_dup(cbs, &cbs_digits); - while (CBS_len(&cbs_digits) > 0) { - if (!CBS_get_u8(&cbs_digits, &v)) - goto err; - if (!isdigit(v)) - break; - digits++; - } - if (digits > INT_MAX / 4) - goto err; - - num = digits + neg; - - if (bnp == NULL) - return num; - - if ((bn = *bnp) == NULL) - bn = BN_new(); - if (bn == NULL) - goto err; - if (!bn_expand_bits(bn, digits * 4)) - goto err; - - if ((d = digits % BN_DEC_NUM) == 0) - d = BN_DEC_NUM; - - w = 0; - - /* Work forwards from most significant digit. */ - while (digits-- > 0) { - if (!CBS_get_u8(cbs, &v)) - goto err; - - if (v < '0' || v > '9') - goto err; - - v -= '0'; - w = w * 10 + v; - d--; - - if (d == 0) { - if (!BN_mul_word(bn, BN_DEC_CONV)) - goto err; - if (!BN_add_word(bn, w)) - goto err; - - d = BN_DEC_NUM; - w = 0; - } - } - - bn_correct_top(bn); - - BN_set_negative(bn, neg); - - *bnp = bn; - - return num; - - err: - if (bnp != NULL && *bnp == NULL) - BN_free(bn); - - return 0; -} - -int -BN_dec2bn(BIGNUM **bnp, const char *s) -{ - size_t s_len; - CBS cbs; - - if (bnp != NULL && *bnp != NULL) - BN_zero(*bnp); - - if (s == NULL) - return 0; - if ((s_len = strlen(s)) == 0) - return 0; - - CBS_init(&cbs, s, s_len); - - return bn_dec2bn_cbs(bnp, &cbs); -} -LCRYPTO_ALIAS(BN_dec2bn); - -static int -bn_bn2hex_internal(const BIGNUM *bn, int include_sign, int nibbles_only, - char **out, size_t *out_len) -{ - int started = 0; - uint8_t *s = NULL; - size_t s_len = 0; - BN_ULONG v, w; - int i, j; - CBB cbb; - CBS cbs; - uint8_t nul; - int ret = 0; - - *out = NULL; - *out_len = 0; - - if (!CBB_init(&cbb, 0)) - goto err; - - if (BN_is_negative(bn) && include_sign) { - if (!CBB_add_u8(&cbb, '-')) - goto err; - } - if (BN_is_zero(bn)) { - if (!CBB_add_u8(&cbb, '0')) - goto err; - } - for (i = bn->top - 1; i >= 0; i--) { - w = bn->d[i]; - for (j = BN_BITS2 - 8; j >= 0; j -= 8) { - v = (w >> j) & 0xff; - if (!started && v == 0) - continue; - if (started || !nibbles_only || (v >> 4) != 0) { - if (!CBB_add_u8(&cbb, hex_digits[v >> 4])) - goto err; - } - if (!CBB_add_u8(&cbb, hex_digits[v & 0xf])) - goto err; - started = 1; - } - } - if (!CBB_add_u8(&cbb, '\0')) - goto err; - if (!CBB_finish(&cbb, &s, &s_len)) - goto err; - - /* The length of a C string does not include the terminating NUL. */ - CBS_init(&cbs, s, s_len); - if (!CBS_get_last_u8(&cbs, &nul)) - goto err; - - *out = (char *)CBS_data(&cbs); - *out_len = CBS_len(&cbs); - s = NULL; - s_len = 0; - - ret = 1; - - err: - CBB_cleanup(&cbb); - freezero(s, s_len); - - return ret; -} - -int -bn_bn2hex_nosign(const BIGNUM *bn, char **out, size_t *out_len) -{ - return bn_bn2hex_internal(bn, 0, 0, out, out_len); -} - -int -bn_bn2hex_nibbles(const BIGNUM *bn, char **out, size_t *out_len) -{ - return bn_bn2hex_internal(bn, 1, 1, out, out_len); -} - -char * -BN_bn2hex(const BIGNUM *bn) -{ - char *s; - size_t s_len; - - if (!bn_bn2hex_internal(bn, 1, 0, &s, &s_len)) - return NULL; - - return s; -} -LCRYPTO_ALIAS(BN_bn2hex); - -static int -bn_hex2bn_cbs(BIGNUM **bnp, CBS *cbs) -{ - CBS cbs_digits; - BIGNUM *bn = NULL; - int b, i, neg, num; - size_t digits = 0; - BN_ULONG w; - uint8_t v; - - /* Handle negative sign. */ - if (!CBS_peek_u8(cbs, &v)) - goto err; - if ((neg = (v == '-'))) { - if (!CBS_skip(cbs, 1)) - goto err; - } - - /* Scan to find last hexadecimal digit. */ - CBS_dup(cbs, &cbs_digits); - while (CBS_len(&cbs_digits) > 0) { - if (!CBS_get_u8(&cbs_digits, &v)) - goto err; - if (!isxdigit(v)) - break; - digits++; - } - if (digits > INT_MAX / 4) - goto err; - - num = digits + neg; - - if (bnp == NULL) - return num; - - if ((bn = *bnp) == NULL) - bn = BN_new(); - if (bn == NULL) - goto err; - if (!bn_expand_bits(bn, digits * 4)) - goto err; - - if (!CBS_get_bytes(cbs, cbs, digits)) - goto err; - - b = 0; - i = 0; - w = 0; - - /* Work backwards from least significant digit. */ - while (digits-- > 0) { - if (!CBS_get_last_u8(cbs, &v)) - goto err; - - if (v >= '0' && v <= '9') - v -= '0'; - else if (v >= 'a' && v <= 'f') - v -= 'a' - 10; - else if (v >= 'A' && v <= 'F') - v -= 'A' - 10; - else - goto err; - - w |= (BN_ULONG)v << b; - b += 4; - - if (b == BN_BITS2 || digits == 0) { - b = 0; - bn->d[i++] = w; - w = 0; - } - } - - bn->top = i; - bn_correct_top(bn); - - BN_set_negative(bn, neg); - - *bnp = bn; - - return num; - - err: - if (bnp != NULL && *bnp == NULL) - BN_free(bn); - - return 0; -} - -int -BN_hex2bn(BIGNUM **bnp, const char *s) -{ - size_t s_len; - CBS cbs; - - if (bnp != NULL && *bnp != NULL) - BN_zero(*bnp); - - if (s == NULL) - return 0; - if ((s_len = strlen(s)) == 0) - return 0; - - CBS_init(&cbs, s, s_len); - - return bn_hex2bn_cbs(bnp, &cbs); -} -LCRYPTO_ALIAS(BN_hex2bn); - -int -BN_bn2mpi(const BIGNUM *bn, unsigned char *d) -{ - uint8_t *out_bin; - size_t out_len, out_bin_len; - int bits, bytes; - int extend; - CBB cbb, cbb_bin; - - bits = BN_num_bits(bn); - bytes = (bits + 7) / 8; - extend = (bits != 0) && (bits % 8 == 0); - out_bin_len = extend + bytes; - out_len = 4 + out_bin_len; - - if (d == NULL) - return out_len; - - if (!CBB_init_fixed(&cbb, d, out_len)) - goto err; - if (!CBB_add_u32_length_prefixed(&cbb, &cbb_bin)) - goto err; - if (!CBB_add_space(&cbb_bin, &out_bin, out_bin_len)) - goto err; - if (BN_bn2binpad(bn, out_bin, out_bin_len) != out_bin_len) - goto err; - if (!CBB_finish(&cbb, NULL, NULL)) - goto err; - - if (bn->neg) - d[4] |= 0x80; - - return out_len; - - err: - CBB_cleanup(&cbb); - - return -1; -} -LCRYPTO_ALIAS(BN_bn2mpi); - -BIGNUM * -BN_mpi2bn(const unsigned char *d, int n, BIGNUM *bn_in) -{ - BIGNUM *bn = bn_in; - uint32_t mpi_len; - uint8_t v; - int neg = 0; - CBS cbs; - - if (n < 0) - return NULL; - - CBS_init(&cbs, d, n); - - if (!CBS_get_u32(&cbs, &mpi_len)) { - BNerror(BN_R_INVALID_LENGTH); - return NULL; - } - if (CBS_len(&cbs) != mpi_len) { - BNerror(BN_R_ENCODING_ERROR); - return NULL; - } - if (CBS_len(&cbs) > 0) { - if (!CBS_peek_u8(&cbs, &v)) - return NULL; - neg = (v >> 7) & 1; - } - - if (!bn_bin2bn_cbs(&bn, &cbs, 0)) - return NULL; - - if (neg) - BN_clear_bit(bn, BN_num_bits(bn) - 1); - - BN_set_negative(bn, neg); - - return bn; -} -LCRYPTO_ALIAS(BN_mpi2bn); diff --git a/src/lib/libcrypto/bn/bn_ctx.c b/src/lib/libcrypto/bn/bn_ctx.c deleted file mode 100644 index 129b9c9781..0000000000 --- a/src/lib/libcrypto/bn/bn_ctx.c +++ /dev/null @@ -1,161 +0,0 @@ -/* $OpenBSD: bn_ctx.c,v 1.22 2023/07/08 12:21:58 beck Exp $ */ -/* - * Copyright (c) 2023 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include - -#include -#include - -#include "bn_local.h" - -#define BN_CTX_INITIAL_LEN 8 - -struct bignum_ctx { - BIGNUM **bignums; - uint8_t *groups; - uint8_t group; - size_t index; - size_t len; - - int error; -}; - -static int -bn_ctx_grow(BN_CTX *bctx) -{ - BIGNUM **bignums = NULL; - uint8_t *groups = NULL; - size_t len; - - if ((len = bctx->len) == 0) { - len = BN_CTX_INITIAL_LEN; - } else { - if (SIZE_MAX - len < len) - return 0; - len *= 2; - } - - if ((bignums = recallocarray(bctx->bignums, bctx->len, len, - sizeof(bctx->bignums[0]))) == NULL) - return 0; - bctx->bignums = bignums; - - if ((groups = reallocarray(bctx->groups, len, - sizeof(bctx->groups[0]))) == NULL) - return 0; - bctx->groups = groups; - - bctx->len = len; - - return 1; -} - -BN_CTX * -BN_CTX_new(void) -{ - return calloc(1, sizeof(struct bignum_ctx)); -} -LCRYPTO_ALIAS(BN_CTX_new); - -void -BN_CTX_free(BN_CTX *bctx) -{ - size_t i; - - if (bctx == NULL) - return; - - for (i = 0; i < bctx->len; i++) { - BN_free(bctx->bignums[i]); - bctx->bignums[i] = NULL; - } - - free(bctx->bignums); - free(bctx->groups); - - freezero(bctx, sizeof(*bctx)); -} -LCRYPTO_ALIAS(BN_CTX_free); - -void -BN_CTX_start(BN_CTX *bctx) -{ - bctx->group++; - - if (bctx->group == 0) { - BNerror(BN_R_TOO_MANY_TEMPORARY_VARIABLES); - bctx->error = 1; - return; - } -} -LCRYPTO_ALIAS(BN_CTX_start); - -BIGNUM * -BN_CTX_get(BN_CTX *bctx) -{ - BIGNUM *bn = NULL; - - if (bctx->error) - return NULL; - - if (bctx->group == 0) { - BNerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - bctx->error = 1; - return NULL; - } - - if (bctx->index == bctx->len) { - if (!bn_ctx_grow(bctx)) { - BNerror(BN_R_TOO_MANY_TEMPORARY_VARIABLES); - bctx->error = 1; - return NULL; - } - } - - if ((bn = bctx->bignums[bctx->index]) == NULL) { - if ((bn = BN_new()) == NULL) { - BNerror(BN_R_TOO_MANY_TEMPORARY_VARIABLES); - bctx->error = 1; - return NULL; - } - bctx->bignums[bctx->index] = bn; - } - bctx->groups[bctx->index] = bctx->group; - bctx->index++; - - BN_zero(bn); - - return bn; -} -LCRYPTO_ALIAS(BN_CTX_get); - -void -BN_CTX_end(BN_CTX *bctx) -{ - if (bctx == NULL || bctx->error || bctx->group == 0) - return; - - while (bctx->index > 0 && bctx->groups[bctx->index - 1] == bctx->group) { - BN_zero(bctx->bignums[bctx->index - 1]); - bctx->groups[bctx->index - 1] = 0; - bctx->index--; - } - - bctx->group--; -} -LCRYPTO_ALIAS(BN_CTX_end); diff --git a/src/lib/libcrypto/bn/bn_div.c b/src/lib/libcrypto/bn/bn_div.c deleted file mode 100644 index 09a8a364df..0000000000 --- a/src/lib/libcrypto/bn/bn_div.c +++ /dev/null @@ -1,458 +0,0 @@ -/* $OpenBSD: bn_div.c,v 1.41 2024/04/10 14:58:06 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include - -#include -#include - -#include "bn_arch.h" -#include "bn_local.h" -#include "bn_internal.h" - -BN_ULONG bn_div_3_words(const BN_ULONG *m, BN_ULONG d1, BN_ULONG d0); - -#ifndef HAVE_BN_DIV_WORDS -#if defined(BN_LLONG) && defined(BN_DIV2W) - -BN_ULONG -bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d) -{ - return ((BN_ULONG)(((((BN_ULLONG)h) << BN_BITS2)|l)/(BN_ULLONG)d)); -} - -#else - -/* Divide h,l by d and return the result. */ -/* I need to test this some more :-( */ -BN_ULONG -bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d) -{ - BN_ULONG dh, dl, q,ret = 0, th, tl, t; - int i, count = 2; - - if (d == 0) - return (BN_MASK2); - - i = BN_num_bits_word(d); - assert((i == BN_BITS2) || (h <= (BN_ULONG)1 << i)); - - i = BN_BITS2 - i; - if (h >= d) - h -= d; - - if (i) { - d <<= i; - h = (h << i) | (l >> (BN_BITS2 - i)); - l <<= i; - } - dh = (d & BN_MASK2h) >> BN_BITS4; - dl = (d & BN_MASK2l); - for (;;) { - if ((h >> BN_BITS4) == dh) - q = BN_MASK2l; - else - q = h / dh; - - th = q * dh; - tl = dl * q; - for (;;) { - t = h - th; - if ((t & BN_MASK2h) || - ((tl) <= ( - (t << BN_BITS4) | - ((l & BN_MASK2h) >> BN_BITS4)))) - break; - q--; - th -= dh; - tl -= dl; - } - t = (tl >> BN_BITS4); - tl = (tl << BN_BITS4) & BN_MASK2h; - th += t; - - if (l < tl) - th++; - l -= tl; - if (h < th) { - h += d; - q--; - } - h -= th; - - if (--count == 0) - break; - - ret = q << BN_BITS4; - h = ((h << BN_BITS4) | (l >> BN_BITS4)) & BN_MASK2; - l = (l & BN_MASK2l) << BN_BITS4; - } - ret |= q; - return (ret); -} -#endif /* !defined(BN_LLONG) && defined(BN_DIV2W) */ -#endif - -/* - * Divide a double word (h:l) by d, returning the quotient q and the remainder - * r, such that q * d + r is equal to the numerator. - */ -#ifndef HAVE_BN_DIV_REM_WORDS -#ifndef HAVE_BN_DIV_REM_WORDS_INLINE -static inline void -bn_div_rem_words_inline(BN_ULONG h, BN_ULONG l, BN_ULONG d, BN_ULONG *out_q, - BN_ULONG *out_r) -{ - BN_ULONG q, r; - - q = bn_div_words(h, l, d); - r = (l - q * d) & BN_MASK2; - - *out_q = q; - *out_r = r; -} -#endif - -void -bn_div_rem_words(BN_ULONG h, BN_ULONG l, BN_ULONG d, BN_ULONG *out_q, - BN_ULONG *out_r) -{ - bn_div_rem_words_inline(h, l, d, out_q, out_r); -} -#endif - -#ifndef HAVE_BN_DIV_3_WORDS - -/* - * Interface is somewhat quirky, |m| is pointer to most significant limb, - * and less significant limb is referred at |m[-1]|. This means that caller - * is responsible for ensuring that |m[-1]| is valid. Second condition that - * has to be met is that |d0|'s most significant bit has to be set. Or in - * other words divisor has to be "bit-aligned to the left." The subroutine - * considers four limbs, two of which are "overlapping," hence the name... - */ -BN_ULONG -bn_div_3_words(const BN_ULONG *m, BN_ULONG d1, BN_ULONG d0) -{ - BN_ULONG n0, n1, q, t2h, t2l; - BN_ULONG rem = 0; - - n0 = m[0]; - n1 = m[-1]; - - if (n0 == d0) - return BN_MASK2; - - /* n0 < d0 */ - bn_div_rem_words(n0, n1, d0, &q, &rem); - - bn_mulw(d1, q, &t2h, &t2l); - - for (;;) { - if (t2h < rem || (t2h == rem && t2l <= m[-2])) - break; - q--; - rem += d0; - if (rem < d0) - break; /* don't let rem overflow */ - if (t2l < d1) - t2h--; - t2l -= d1; - } - - return q; -} -#endif /* !HAVE_BN_DIV_3_WORDS */ - -/* - * BN_div_internal computes quotient := numerator / divisor, rounding towards - * zero and setting remainder such that quotient * divisor + remainder equals - * the numerator. Thus: - * - * quotient->neg == numerator->neg ^ divisor->neg (unless result is zero) - * remainder->neg == numerator->neg (unless the remainder is zero) - * - * If either the quotient or remainder is NULL, the respective value is not - * returned. - */ -static int -BN_div_internal(BIGNUM *quotient, BIGNUM *remainder, const BIGNUM *numerator, - const BIGNUM *divisor, BN_CTX *ctx, int ct) -{ - int norm_shift, i, loop, r_neg; - BIGNUM *tmp, wnum, *snum, *sdiv, *res; - BN_ULONG *resp, *wnump; - BN_ULONG d0, d1; - int num_n, div_n; - int no_branch = 0; - int ret = 0; - - BN_CTX_start(ctx); - - /* Invalid zero-padding would have particularly bad consequences. */ - if (numerator->top > 0 && numerator->d[numerator->top - 1] == 0) { - BNerror(BN_R_NOT_INITIALIZED); - goto err; - } - - if (ct) - no_branch = 1; - - if (BN_is_zero(divisor)) { - BNerror(BN_R_DIV_BY_ZERO); - goto err; - } - - if (!no_branch) { - if (BN_ucmp(numerator, divisor) < 0) { - if (remainder != NULL) { - if (!bn_copy(remainder, numerator)) - goto err; - } - if (quotient != NULL) - BN_zero(quotient); - - goto done; - } - } - - if ((tmp = BN_CTX_get(ctx)) == NULL) - goto err; - if ((snum = BN_CTX_get(ctx)) == NULL) - goto err; - if ((sdiv = BN_CTX_get(ctx)) == NULL) - goto err; - if ((res = quotient) == NULL) { - if ((res = BN_CTX_get(ctx)) == NULL) - goto err; - } - - /* First we normalise the numbers. */ - norm_shift = BN_BITS2 - BN_num_bits(divisor) % BN_BITS2; - if (!BN_lshift(sdiv, divisor, norm_shift)) - goto err; - sdiv->neg = 0; - norm_shift += BN_BITS2; - if (!BN_lshift(snum, numerator, norm_shift)) - goto err; - snum->neg = 0; - - if (no_branch) { - /* - * Since we don't know whether snum is larger than sdiv, we pad - * snum with enough zeroes without changing its value. - */ - if (snum->top <= sdiv->top + 1) { - if (!bn_wexpand(snum, sdiv->top + 2)) - goto err; - for (i = snum->top; i < sdiv->top + 2; i++) - snum->d[i] = 0; - snum->top = sdiv->top + 2; - } else { - if (!bn_wexpand(snum, snum->top + 1)) - goto err; - snum->d[snum->top] = 0; - snum->top++; - } - } - - div_n = sdiv->top; - num_n = snum->top; - loop = num_n - div_n; - - /* - * Setup a 'window' into snum - this is the part that corresponds to the - * current 'area' being divided. - */ - wnum.neg = 0; - wnum.d = &(snum->d[loop]); - wnum.top = div_n; - /* only needed when BN_ucmp messes up the values between top and max */ - wnum.dmax = snum->dmax - loop; /* so we don't step out of bounds */ - wnum.flags = snum->flags | BN_FLG_STATIC_DATA; - - /* Get the top 2 words of sdiv */ - /* div_n=sdiv->top; */ - d0 = sdiv->d[div_n - 1]; - d1 = (div_n == 1) ? 0 : sdiv->d[div_n - 2]; - - /* pointer to the 'top' of snum */ - wnump = &(snum->d[num_n - 1]); - - /* Setup to 'res' */ - if (!bn_wexpand(res, (loop + 1))) - goto err; - res->top = loop - no_branch; - r_neg = numerator->neg ^ divisor->neg; - resp = &(res->d[loop - 1]); - - /* space for temp */ - if (!bn_wexpand(tmp, (div_n + 1))) - goto err; - - if (!no_branch) { - if (BN_ucmp(&wnum, sdiv) >= 0) { - bn_sub_words(wnum.d, wnum.d, sdiv->d, div_n); - *resp = 1; - } else - res->top--; - } - - /* - * If res->top == 0 then clear the neg value otherwise decrease the resp - * pointer. - */ - if (res->top == 0) - res->neg = 0; - else - resp--; - - for (i = 0; i < loop - 1; i++, wnump--, resp--) { - BN_ULONG q, l0; - - /* - * The first part of the loop uses the top two words of snum and - * sdiv to calculate a BN_ULONG q such that: - * - * | wnum - sdiv * q | < sdiv - */ - q = bn_div_3_words(wnump, d1, d0); - l0 = bn_mul_words(tmp->d, sdiv->d, div_n, q); - tmp->d[div_n] = l0; - wnum.d--; - - /* - * Ignore top values of the bignums just sub the two BN_ULONG - * arrays with bn_sub_words. - */ - if (bn_sub_words(wnum.d, wnum.d, tmp->d, div_n + 1)) { - /* - * Note: As we have considered only the leading two - * BN_ULONGs in the calculation of q, sdiv * q might be - * greater than wnum (but then (q-1) * sdiv is less or - * equal than wnum). - */ - q--; - if (bn_add_words(wnum.d, wnum.d, sdiv->d, div_n)) { - /* - * We can't have an overflow here (assuming - * that q != 0, but if q == 0 then tmp is - * zero anyway). - */ - (*wnump)++; - } - } - /* store part of the result */ - *resp = q; - } - - bn_correct_top(snum); - - if (remainder != NULL) { - /* - * Keep a copy of the neg flag in numerator because if - * remainder == numerator, BN_rshift() will overwrite it. - */ - int neg = numerator->neg; - - BN_rshift(remainder, snum, norm_shift); - BN_set_negative(remainder, neg); - } - - if (no_branch) - bn_correct_top(res); - - BN_set_negative(res, r_neg); - - done: - ret = 1; - err: - BN_CTX_end(ctx); - - return ret; -} - -int -BN_div(BIGNUM *quotient, BIGNUM *remainder, const BIGNUM *numerator, - const BIGNUM *divisor, BN_CTX *ctx) -{ - int ct; - - ct = BN_get_flags(numerator, BN_FLG_CONSTTIME) != 0 || - BN_get_flags(divisor, BN_FLG_CONSTTIME) != 0; - - return BN_div_internal(quotient, remainder, numerator, divisor, ctx, ct); -} -LCRYPTO_ALIAS(BN_div); - -int -BN_div_nonct(BIGNUM *quotient, BIGNUM *remainder, const BIGNUM *numerator, - const BIGNUM *divisor, BN_CTX *ctx) -{ - return BN_div_internal(quotient, remainder, numerator, divisor, ctx, 0); -} - -int -BN_div_ct(BIGNUM *quotient, BIGNUM *remainder, const BIGNUM *numerator, - const BIGNUM *divisor, BN_CTX *ctx) -{ - return BN_div_internal(quotient, remainder, numerator, divisor, ctx, 1); -} diff --git a/src/lib/libcrypto/bn/bn_err.c b/src/lib/libcrypto/bn/bn_err.c deleted file mode 100644 index 3ee6b4311f..0000000000 --- a/src/lib/libcrypto/bn/bn_err.c +++ /dev/null @@ -1,110 +0,0 @@ -/* $OpenBSD: bn_err.c,v 1.18 2024/06/24 06:43:22 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include - -#include "err_local.h" - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_BN,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_BN,0,reason) - -static const ERR_STRING_DATA BN_str_functs[] = { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static const ERR_STRING_DATA BN_str_reasons[] = { - {ERR_REASON(BN_R_ARG2_LT_ARG3) , "arg2 lt arg3"}, - {ERR_REASON(BN_R_BAD_RECIPROCAL) , "bad reciprocal"}, - {ERR_REASON(BN_R_BIGNUM_TOO_LONG) , "bignum too long"}, - {ERR_REASON(BN_R_BITS_TOO_SMALL) , "bits too small"}, - {ERR_REASON(BN_R_CALLED_WITH_EVEN_MODULUS), "called with even modulus"}, - {ERR_REASON(BN_R_DIV_BY_ZERO) , "div by zero"}, - {ERR_REASON(BN_R_ENCODING_ERROR) , "encoding error"}, - {ERR_REASON(BN_R_EXPAND_ON_STATIC_BIGNUM_DATA), "expand on static bignum data"}, - {ERR_REASON(BN_R_INPUT_NOT_REDUCED) , "input not reduced"}, - {ERR_REASON(BN_R_INVALID_ARGUMENT) , "invalid argument"}, - {ERR_REASON(BN_R_INVALID_LENGTH) , "invalid length"}, - {ERR_REASON(BN_R_INVALID_RANGE) , "invalid range"}, - {ERR_REASON(BN_R_NOT_A_SQUARE) , "not a square"}, - {ERR_REASON(BN_R_NOT_INITIALIZED) , "not initialized"}, - {ERR_REASON(BN_R_NO_INVERSE) , "no inverse"}, - {ERR_REASON(BN_R_NO_SOLUTION) , "no solution"}, - {ERR_REASON(BN_R_P_IS_NOT_PRIME) , "p is not prime"}, - {ERR_REASON(BN_R_TOO_MANY_ITERATIONS) , "too many iterations"}, - {ERR_REASON(BN_R_TOO_MANY_TEMPORARY_VARIABLES), "too many temporary variables"}, - {0, NULL} -}; - -#endif - -void -ERR_load_BN_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(BN_str_functs[0].error) == NULL) { - ERR_load_const_strings(BN_str_functs); - ERR_load_const_strings(BN_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_BN_strings); diff --git a/src/lib/libcrypto/bn/bn_exp.c b/src/lib/libcrypto/bn/bn_exp.c deleted file mode 100644 index e925d325d2..0000000000 --- a/src/lib/libcrypto/bn/bn_exp.c +++ /dev/null @@ -1,1330 +0,0 @@ -/* $OpenBSD: bn_exp.c,v 1.58 2025/02/13 11:15:09 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include - -#include "bn_local.h" -#include "constant_time.h" - -/* maximum precomputation table size for *variable* sliding windows */ -#define TABLE_SIZE 32 - -/* Calculates r = a^p by successive squaring of a. Not constant time. */ -int -BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) -{ - BIGNUM *rr, *v; - int i; - int ret = 0; - - if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) { - BNerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - return -1; - } - - BN_CTX_start(ctx); - - if ((v = BN_CTX_get(ctx)) == NULL) - goto err; - - rr = r; - if (r == a || r == p) - rr = BN_CTX_get(ctx); - if (rr == NULL) - goto err; - - if (!BN_one(rr)) - goto err; - if (BN_is_odd(p)) { - if (!bn_copy(rr, a)) - goto err; - } - - if (!bn_copy(v, a)) - goto err; - - for (i = 1; i < BN_num_bits(p); i++) { - if (!BN_sqr(v, v, ctx)) - goto err; - if (!BN_is_bit_set(p, i)) - continue; - if (!BN_mul(rr, rr, v, ctx)) - goto err; - } - - if (!bn_copy(r, rr)) - goto err; - - ret = 1; - - err: - BN_CTX_end(ctx); - - return ret; -} -LCRYPTO_ALIAS(BN_exp); - -/* The old fallback, simple version :-) */ -int -BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, - BN_CTX *ctx) -{ - int i, j, bits, wstart, wend, window, wvalue; - int start = 1; - BIGNUM *d, *q; - /* Table of variables obtained from 'ctx' */ - BIGNUM *val[TABLE_SIZE]; - int ret = 0; - - if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) { - /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */ - BNerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - return -1; - } - - if (r == m) { - BNerror(BN_R_INVALID_ARGUMENT); - return 0; - } - - bits = BN_num_bits(p); - if (bits == 0) { - /* x**0 mod 1 is still zero. */ - if (BN_abs_is_word(m, 1)) { - ret = 1; - BN_zero(r); - } else - ret = BN_one(r); - return ret; - } - - BN_CTX_start(ctx); - if ((d = BN_CTX_get(ctx)) == NULL) - goto err; - if ((q = BN_CTX_get(ctx)) == NULL) - goto err; - if ((val[0] = BN_CTX_get(ctx)) == NULL) - goto err; - - if (!BN_nnmod(val[0], a, m, ctx)) - goto err; - if (BN_is_zero(val[0])) { - BN_zero(r); - goto done; - } - if (!bn_copy(q, p)) - goto err; - - window = BN_window_bits_for_exponent_size(bits); - if (window > 1) { - if (!BN_mod_mul(d, val[0], val[0], m, ctx)) - goto err; - j = 1 << (window - 1); - for (i = 1; i < j; i++) { - if (((val[i] = BN_CTX_get(ctx)) == NULL) || - !BN_mod_mul(val[i], val[i - 1], d,m, ctx)) - goto err; - } - } - - start = 1; /* This is used to avoid multiplication etc - * when there is only the value '1' in the - * buffer. */ - wvalue = 0; /* The 'value' of the window */ - wstart = bits - 1; /* The top bit of the window */ - wend = 0; /* The bottom bit of the window */ - - if (!BN_one(r)) - goto err; - - for (;;) { - if (BN_is_bit_set(q, wstart) == 0) { - if (!start) - if (!BN_mod_mul(r, r, r, m, ctx)) - goto err; - if (wstart == 0) - break; - wstart--; - continue; - } - /* We now have wstart on a 'set' bit, we now need to work out - * how bit a window to do. To do this we need to scan - * forward until the last set bit before the end of the - * window */ - j = wstart; - wvalue = 1; - wend = 0; - for (i = 1; i < window; i++) { - if (wstart - i < 0) - break; - if (BN_is_bit_set(q, wstart - i)) { - wvalue <<= (i - wend); - wvalue |= 1; - wend = i; - } - } - - /* wend is the size of the current window */ - j = wend + 1; - /* add the 'bytes above' */ - if (!start) - for (i = 0; i < j; i++) { - if (!BN_mod_mul(r, r, r, m, ctx)) - goto err; - } - - /* wvalue will be an odd number < 2^window */ - if (!BN_mod_mul(r, r, val[wvalue >> 1], m, ctx)) - goto err; - - /* move the 'window' down further */ - wstart -= wend + 1; - wvalue = 0; - start = 0; - if (wstart < 0) - break; - } - - done: - ret = 1; - - err: - BN_CTX_end(ctx); - - return ret; -} - -/* BN_mod_exp_mont_consttime() stores the precomputed powers in a specific layout - * so that accessing any of these table values shows the same access pattern as far - * as cache lines are concerned. The following functions are used to transfer a BIGNUM - * from/to that table. */ - -static int -MOD_EXP_CTIME_COPY_TO_PREBUF(const BIGNUM *b, int top, unsigned char *buf, - int idx, int window) -{ - int i, j; - int width = 1 << window; - BN_ULONG *table = (BN_ULONG *)buf; - - if (top > b->top) - top = b->top; /* this works because 'buf' is explicitly zeroed */ - - for (i = 0, j = idx; i < top; i++, j += width) { - table[j] = b->d[i]; - } - - return 1; -} - -static int -MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top, unsigned char *buf, int idx, - int window) -{ - int i, j; - int width = 1 << window; - volatile BN_ULONG *table = (volatile BN_ULONG *)buf; - - if (!bn_wexpand(b, top)) - return 0; - - if (window <= 3) { - for (i = 0; i < top; i++, table += width) { - BN_ULONG acc = 0; - - for (j = 0; j < width; j++) { - acc |= table[j] & - ((BN_ULONG)0 - (constant_time_eq_int(j,idx)&1)); - } - - b->d[i] = acc; - } - } else { - int xstride = 1 << (window - 2); - BN_ULONG y0, y1, y2, y3; - - i = idx >> (window - 2); /* equivalent of idx / xstride */ - idx &= xstride - 1; /* equivalent of idx % xstride */ - - y0 = (BN_ULONG)0 - (constant_time_eq_int(i,0)&1); - y1 = (BN_ULONG)0 - (constant_time_eq_int(i,1)&1); - y2 = (BN_ULONG)0 - (constant_time_eq_int(i,2)&1); - y3 = (BN_ULONG)0 - (constant_time_eq_int(i,3)&1); - - for (i = 0; i < top; i++, table += width) { - BN_ULONG acc = 0; - - for (j = 0; j < xstride; j++) { - acc |= ( (table[j + 0 * xstride] & y0) | - (table[j + 1 * xstride] & y1) | - (table[j + 2 * xstride] & y2) | - (table[j + 3 * xstride] & y3) ) - & ((BN_ULONG)0 - (constant_time_eq_int(j,idx)&1)); - } - - b->d[i] = acc; - } - } - b->top = top; - bn_correct_top(b); - return 1; -} - -/* Given a pointer value, compute the next address that is a cache line multiple. */ -#define MOD_EXP_CTIME_ALIGN(x_) \ - ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((size_t)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK)))) - -/* This variant of BN_mod_exp_mont() uses fixed windows and the special - * precomputation memory layout to limit data-dependency to a minimum - * to protect secret exponents (cf. the hyper-threading timing attacks - * pointed out by Colin Percival, - * http://www.daemonology.net/hyperthreading-considered-harmful/) - */ -int -BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) -{ - int i, bits, ret = 0, window, wvalue; - int top; - BN_MONT_CTX *mont = NULL; - int numPowers; - unsigned char *powerbufFree = NULL; - int powerbufLen = 0; - unsigned char *powerbuf = NULL; - BIGNUM tmp, am; - - - if (!BN_is_odd(m)) { - BNerror(BN_R_CALLED_WITH_EVEN_MODULUS); - return (0); - } - - top = m->top; - - bits = BN_num_bits(p); - if (bits == 0) { - /* x**0 mod 1 is still zero. */ - if (BN_abs_is_word(m, 1)) { - ret = 1; - BN_zero(rr); - } else - ret = BN_one(rr); - return ret; - } - - BN_CTX_start(ctx); - - if ((mont = in_mont) == NULL) - mont = BN_MONT_CTX_create(m, ctx); - if (mont == NULL) - goto err; - - /* Get the window size to use with size of p. */ - window = BN_window_bits_for_ctime_exponent_size(bits); -#if defined(OPENSSL_BN_ASM_MONT5) - if (window == 6 && bits <= 1024) - window = 5; /* ~5% improvement of 2048-bit RSA sign */ -#endif - - /* Allocate a buffer large enough to hold all of the pre-computed - * powers of am, am itself and tmp. - */ - numPowers = 1 << window; - powerbufLen = sizeof(m->d[0]) * (top * numPowers + - ((2*top) > numPowers ? (2*top) : numPowers)); - if ((powerbufFree = calloc(powerbufLen + - MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH, 1)) == NULL) - goto err; - powerbuf = MOD_EXP_CTIME_ALIGN(powerbufFree); - - /* lay down tmp and am right after powers table */ - tmp.d = (BN_ULONG *)(powerbuf + sizeof(m->d[0]) * top * numPowers); - am.d = tmp.d + top; - tmp.top = am.top = 0; - tmp.dmax = am.dmax = top; - tmp.neg = am.neg = 0; - tmp.flags = am.flags = BN_FLG_STATIC_DATA; - - /* prepare a^0 in Montgomery domain */ -#if 1 - if (!BN_to_montgomery(&tmp, BN_value_one(), mont, ctx)) - goto err; -#else - tmp.d[0] = (0 - m - >d[0]) & BN_MASK2; /* 2^(top*BN_BITS2) - m */ - for (i = 1; i < top; i++) - tmp.d[i] = (~m->d[i]) & BN_MASK2; - tmp.top = top; -#endif - - /* prepare a^1 in Montgomery domain */ - if (!BN_nnmod(&am, a, m, ctx)) - goto err; - if (!BN_to_montgomery(&am, &am, mont, ctx)) - goto err; - -#if defined(OPENSSL_BN_ASM_MONT5) - /* This optimization uses ideas from http://eprint.iacr.org/2011/239, - * specifically optimization of cache-timing attack countermeasures - * and pre-computation optimization. */ - - /* Dedicated window==4 case improves 512-bit RSA sign by ~15%, but as - * 512-bit RSA is hardly relevant, we omit it to spare size... */ - if (window == 5 && top > 1) { - void bn_mul_mont_gather5(BN_ULONG *rp, const BN_ULONG *ap, - const void *table, const BN_ULONG *np, - const BN_ULONG *n0, int num, int power); - void bn_scatter5(const BN_ULONG *inp, size_t num, - void *table, size_t power); - void bn_gather5(BN_ULONG *out, size_t num, - void *table, size_t power); - - BN_ULONG *np = mont->N.d, *n0 = mont->n0; - - /* BN_to_montgomery can contaminate words above .top - * [in BN_DEBUG[_DEBUG] build]... */ - for (i = am.top; i < top; i++) - am.d[i] = 0; - for (i = tmp.top; i < top; i++) - tmp.d[i] = 0; - - bn_scatter5(tmp.d, top, powerbuf, 0); - bn_scatter5(am.d, am.top, powerbuf, 1); - bn_mul_mont(tmp.d, am.d, am.d, np, n0, top); - bn_scatter5(tmp.d, top, powerbuf, 2); - -#if 0 - for (i = 3; i < 32; i++) { - /* Calculate a^i = a^(i-1) * a */ - bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np, - n0, top, i - 1); - bn_scatter5(tmp.d, top, powerbuf, i); - } -#else - /* same as above, but uses squaring for 1/2 of operations */ - for (i = 4; i < 32; i*=2) { - bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top); - bn_scatter5(tmp.d, top, powerbuf, i); - } - for (i = 3; i < 8; i += 2) { - int j; - bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np, - n0, top, i - 1); - bn_scatter5(tmp.d, top, powerbuf, i); - for (j = 2 * i; j < 32; j *= 2) { - bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top); - bn_scatter5(tmp.d, top, powerbuf, j); - } - } - for (; i < 16; i += 2) { - bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np, - n0, top, i - 1); - bn_scatter5(tmp.d, top, powerbuf, i); - bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top); - bn_scatter5(tmp.d, top, powerbuf, 2*i); - } - for (; i < 32; i += 2) { - bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np, - n0, top, i - 1); - bn_scatter5(tmp.d, top, powerbuf, i); - } -#endif - bits--; - for (wvalue = 0, i = bits % 5; i >= 0; i--, bits--) - wvalue = (wvalue << 1) + BN_is_bit_set(p, bits); - bn_gather5(tmp.d, top, powerbuf, wvalue); - - /* Scan the exponent one window at a time starting from the most - * significant bits. - */ - while (bits >= 0) { - for (wvalue = 0, i = 0; i < 5; i++, bits--) - wvalue = (wvalue << 1) + BN_is_bit_set(p, bits); - - bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top); - bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top); - bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top); - bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top); - bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top); - bn_mul_mont_gather5(tmp.d, tmp.d, powerbuf, np, n0, top, wvalue); - } - - tmp.top = top; - bn_correct_top(&tmp); - } else -#endif - { - if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top, powerbuf, 0, - window)) - goto err; - if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&am, top, powerbuf, 1, - window)) - goto err; - - /* If the window size is greater than 1, then calculate - * val[i=2..2^winsize-1]. Powers are computed as a*a^(i-1) - * (even powers could instead be computed as (a^(i/2))^2 - * to use the slight performance advantage of sqr over mul). - */ - if (window > 1) { - if (!BN_mod_mul_montgomery(&tmp, &am, &am, mont, ctx)) - goto err; - if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top, powerbuf, - 2, window)) - goto err; - for (i = 3; i < numPowers; i++) { - /* Calculate a^i = a^(i-1) * a */ - if (!BN_mod_mul_montgomery(&tmp, &am, &tmp, - mont, ctx)) - goto err; - if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top, - powerbuf, i, window)) - goto err; - } - } - - bits--; - for (wvalue = 0, i = bits % window; i >= 0; i--, bits--) - wvalue = (wvalue << 1) + BN_is_bit_set(p, bits); - if (!MOD_EXP_CTIME_COPY_FROM_PREBUF(&tmp, top, powerbuf, - wvalue, window)) - goto err; - - /* Scan the exponent one window at a time starting from the most - * significant bits. - */ - while (bits >= 0) { - wvalue = 0; /* The 'value' of the window */ - - /* Scan the window, squaring the result as we go */ - for (i = 0; i < window; i++, bits--) { - if (!BN_mod_mul_montgomery(&tmp, &tmp, &tmp, - mont, ctx)) - goto err; - wvalue = (wvalue << 1) + BN_is_bit_set(p, bits); - } - - /* Fetch the appropriate pre-computed value from the pre-buf */ - if (!MOD_EXP_CTIME_COPY_FROM_PREBUF(&am, top, powerbuf, - wvalue, window)) - goto err; - - /* Multiply the result into the intermediate result */ - if (!BN_mod_mul_montgomery(&tmp, &tmp, &am, mont, ctx)) - goto err; - } - } - - /* Convert the final result from montgomery to standard format */ - if (!BN_from_montgomery(rr, &tmp, mont, ctx)) - goto err; - - ret = 1; - - err: - if (mont != in_mont) - BN_MONT_CTX_free(mont); - BN_CTX_end(ctx); - freezero(powerbufFree, powerbufLen + MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH); - - return ret; -} -LCRYPTO_ALIAS(BN_mod_exp_mont_consttime); - -static int -BN_mod_exp_mont_internal(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont, int ct) -{ - int i, j, bits, ret = 0, wstart, wend, window, wvalue; - int start = 1; - BIGNUM *d, *r; - const BIGNUM *aa; - /* Table of variables obtained from 'ctx' */ - BIGNUM *val[TABLE_SIZE]; - BN_MONT_CTX *mont = NULL; - - if (ct) { - return BN_mod_exp_mont_consttime(rr, a, p, m, ctx, in_mont); - } - - - if (!BN_is_odd(m)) { - BNerror(BN_R_CALLED_WITH_EVEN_MODULUS); - return (0); - } - - bits = BN_num_bits(p); - if (bits == 0) { - /* x**0 mod 1 is still zero. */ - if (BN_abs_is_word(m, 1)) { - ret = 1; - BN_zero(rr); - } else - ret = BN_one(rr); - return ret; - } - - BN_CTX_start(ctx); - if ((d = BN_CTX_get(ctx)) == NULL) - goto err; - if ((r = BN_CTX_get(ctx)) == NULL) - goto err; - if ((val[0] = BN_CTX_get(ctx)) == NULL) - goto err; - - if ((mont = in_mont) == NULL) - mont = BN_MONT_CTX_create(m, ctx); - if (mont == NULL) - goto err; - - if (!BN_nnmod(val[0], a,m, ctx)) - goto err; - aa = val[0]; - if (BN_is_zero(aa)) { - BN_zero(rr); - ret = 1; - goto err; - } - if (!BN_to_montgomery(val[0], aa, mont, ctx)) - goto err; - - window = BN_window_bits_for_exponent_size(bits); - if (window > 1) { - if (!BN_mod_mul_montgomery(d, val[0], val[0], mont, ctx)) - goto err; - j = 1 << (window - 1); - for (i = 1; i < j; i++) { - if (((val[i] = BN_CTX_get(ctx)) == NULL) || - !BN_mod_mul_montgomery(val[i], val[i - 1], - d, mont, ctx)) - goto err; - } - } - - start = 1; /* This is used to avoid multiplication etc - * when there is only the value '1' in the - * buffer. */ - wvalue = 0; /* The 'value' of the window */ - wstart = bits - 1; /* The top bit of the window */ - wend = 0; /* The bottom bit of the window */ - - if (!BN_to_montgomery(r, BN_value_one(), mont, ctx)) - goto err; - for (;;) { - if (BN_is_bit_set(p, wstart) == 0) { - if (!start) { - if (!BN_mod_mul_montgomery(r, r, r, mont, ctx)) - goto err; - } - if (wstart == 0) - break; - wstart--; - continue; - } - /* We now have wstart on a 'set' bit, we now need to work out - * how bit a window to do. To do this we need to scan - * forward until the last set bit before the end of the - * window */ - j = wstart; - wvalue = 1; - wend = 0; - for (i = 1; i < window; i++) { - if (wstart - i < 0) - break; - if (BN_is_bit_set(p, wstart - i)) { - wvalue <<= (i - wend); - wvalue |= 1; - wend = i; - } - } - - /* wend is the size of the current window */ - j = wend + 1; - /* add the 'bytes above' */ - if (!start) - for (i = 0; i < j; i++) { - if (!BN_mod_mul_montgomery(r, r, r, mont, ctx)) - goto err; - } - - /* wvalue will be an odd number < 2^window */ - if (!BN_mod_mul_montgomery(r, r, val[wvalue >> 1], mont, ctx)) - goto err; - - /* move the 'window' down further */ - wstart -= wend + 1; - wvalue = 0; - start = 0; - if (wstart < 0) - break; - } - if (!BN_from_montgomery(rr, r,mont, ctx)) - goto err; - - ret = 1; - - err: - if (mont != in_mont) - BN_MONT_CTX_free(mont); - BN_CTX_end(ctx); - - return ret; -} - -int -BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont) -{ - return BN_mod_exp_mont_internal(rr, a, p, m, ctx, in_mont, - (BN_get_flags(p, BN_FLG_CONSTTIME) != 0)); -} -LCRYPTO_ALIAS(BN_mod_exp_mont); - -int -BN_mod_exp_mont_ct(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont) -{ - return BN_mod_exp_mont_internal(rr, a, p, m, ctx, in_mont, 1); -} - -int -BN_mod_exp_mont_nonct(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont) -{ - return BN_mod_exp_mont_internal(rr, a, p, m, ctx, in_mont, 0); -} - -int -BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, const BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont) -{ - BN_MONT_CTX *mont = NULL; - int b, bits, ret = 0; - int r_is_one; - BN_ULONG w, next_w; - BIGNUM *d, *r, *t; - BIGNUM *swap_tmp; - -#define BN_MOD_MUL_WORD(r, w, m) \ - (BN_mul_word(r, (w)) && \ - (/* BN_ucmp(r, (m)) < 0 ? 1 :*/ \ - (BN_mod_ct(t, r, m, ctx) && (swap_tmp = r, r = t, t = swap_tmp, 1)))) - /* BN_MOD_MUL_WORD is only used with 'w' large, - * so the BN_ucmp test is probably more overhead - * than always using BN_mod (which uses bn_copy if - * a similar test returns true). */ - /* We can use BN_mod and do not need BN_nnmod because our - * accumulator is never negative (the result of BN_mod does - * not depend on the sign of the modulus). - */ -#define BN_TO_MONTGOMERY_WORD(r, w, mont) \ - (BN_set_word(r, (w)) && BN_to_montgomery(r, r, (mont), ctx)) - - if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) { - /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */ - BNerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - return -1; - } - - - if (!BN_is_odd(m)) { - BNerror(BN_R_CALLED_WITH_EVEN_MODULUS); - return (0); - } - if (m->top == 1) - a %= m->d[0]; /* make sure that 'a' is reduced */ - - bits = BN_num_bits(p); - if (bits == 0) { - /* x**0 mod 1 is still zero. */ - if (BN_abs_is_word(m, 1)) { - ret = 1; - BN_zero(rr); - } else - ret = BN_one(rr); - return ret; - } - if (a == 0) { - BN_zero(rr); - ret = 1; - return ret; - } - - BN_CTX_start(ctx); - if ((d = BN_CTX_get(ctx)) == NULL) - goto err; - if ((r = BN_CTX_get(ctx)) == NULL) - goto err; - if ((t = BN_CTX_get(ctx)) == NULL) - goto err; - - if ((mont = in_mont) == NULL) - mont = BN_MONT_CTX_create(m, ctx); - if (mont == NULL) - goto err; - - r_is_one = 1; /* except for Montgomery factor */ - - /* bits-1 >= 0 */ - - /* The result is accumulated in the product r*w. */ - w = a; /* bit 'bits-1' of 'p' is always set */ - for (b = bits - 2; b >= 0; b--) { - /* First, square r*w. */ - next_w = w * w; - if ((next_w / w) != w) /* overflow */ - { - if (r_is_one) { - if (!BN_TO_MONTGOMERY_WORD(r, w, mont)) - goto err; - r_is_one = 0; - } else { - if (!BN_MOD_MUL_WORD(r, w, m)) - goto err; - } - next_w = 1; - } - w = next_w; - if (!r_is_one) { - if (!BN_mod_mul_montgomery(r, r, r, mont, ctx)) - goto err; - } - - /* Second, multiply r*w by 'a' if exponent bit is set. */ - if (BN_is_bit_set(p, b)) { - next_w = w * a; - if ((next_w / a) != w) /* overflow */ - { - if (r_is_one) { - if (!BN_TO_MONTGOMERY_WORD(r, w, mont)) - goto err; - r_is_one = 0; - } else { - if (!BN_MOD_MUL_WORD(r, w, m)) - goto err; - } - next_w = a; - } - w = next_w; - } - } - - /* Finally, set r:=r*w. */ - if (w != 1) { - if (r_is_one) { - if (!BN_TO_MONTGOMERY_WORD(r, w, mont)) - goto err; - r_is_one = 0; - } else { - if (!BN_MOD_MUL_WORD(r, w, m)) - goto err; - } - } - - if (r_is_one) /* can happen only if a == 1*/ - { - if (!BN_one(rr)) - goto err; - } else { - if (!BN_from_montgomery(rr, r, mont, ctx)) - goto err; - } - - ret = 1; - - err: - if (mont != in_mont) - BN_MONT_CTX_free(mont); - BN_CTX_end(ctx); - - return ret; -} - -int -BN_mod_exp_reciprocal(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, - BN_CTX *ctx) -{ - int i, j, bits, wstart, wend, window, wvalue; - int start = 1; - BIGNUM *aa, *q; - /* Table of variables obtained from 'ctx' */ - BIGNUM *val[TABLE_SIZE]; - BN_RECP_CTX *recp = NULL; - int ret = 0; - - if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) { - /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */ - BNerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - return -1; - } - - bits = BN_num_bits(p); - if (bits == 0) { - /* x**0 mod 1 is still zero. */ - if (BN_abs_is_word(m, 1)) { - ret = 1; - BN_zero(r); - } else - ret = BN_one(r); - return ret; - } - - BN_CTX_start(ctx); - if ((aa = BN_CTX_get(ctx)) == NULL) - goto err; - if ((q = BN_CTX_get(ctx)) == NULL) - goto err; - if ((val[0] = BN_CTX_get(ctx)) == NULL) - goto err; - - if ((recp = BN_RECP_CTX_create(m)) == NULL) - goto err; - - if (!BN_nnmod(val[0], a, m, ctx)) - goto err; - if (BN_is_zero(val[0])) { - BN_zero(r); - goto done; - } - if (!bn_copy(q, p)) - goto err; - - window = BN_window_bits_for_exponent_size(bits); - if (window > 1) { - if (!BN_mod_sqr_reciprocal(aa, val[0], recp, ctx)) - goto err; - j = 1 << (window - 1); - for (i = 1; i < j; i++) { - if (((val[i] = BN_CTX_get(ctx)) == NULL) || - !BN_mod_mul_reciprocal(val[i], val[i - 1], - aa, recp, ctx)) - goto err; - } - } - - start = 1; /* This is used to avoid multiplication etc - * when there is only the value '1' in the - * buffer. */ - wvalue = 0; /* The 'value' of the window */ - wstart = bits - 1; /* The top bit of the window */ - wend = 0; /* The bottom bit of the window */ - - if (!BN_one(r)) - goto err; - - for (;;) { - if (BN_is_bit_set(q, wstart) == 0) { - if (!start) - if (!BN_mod_sqr_reciprocal(r, r, recp, ctx)) - goto err; - if (wstart == 0) - break; - wstart--; - continue; - } - /* We now have wstart on a 'set' bit, we now need to work out - * how bit a window to do. To do this we need to scan - * forward until the last set bit before the end of the - * window */ - j = wstart; - wvalue = 1; - wend = 0; - for (i = 1; i < window; i++) { - if (wstart - i < 0) - break; - if (BN_is_bit_set(q, wstart - i)) { - wvalue <<= (i - wend); - wvalue |= 1; - wend = i; - } - } - - /* wend is the size of the current window */ - j = wend + 1; - /* add the 'bytes above' */ - if (!start) - for (i = 0; i < j; i++) { - if (!BN_mod_sqr_reciprocal(r, r, recp, ctx)) - goto err; - } - - /* wvalue will be an odd number < 2^window */ - if (!BN_mod_mul_reciprocal(r, r, val[wvalue >> 1], recp, ctx)) - goto err; - - /* move the 'window' down further */ - wstart -= wend + 1; - wvalue = 0; - start = 0; - if (wstart < 0) - break; - } - - done: - ret = 1; - - err: - BN_CTX_end(ctx); - BN_RECP_CTX_free(recp); - - return ret; -} - -static int -BN_mod_exp_internal(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, - BN_CTX *ctx, int ct) -{ - int ret; - - - /* For even modulus m = 2^k*m_odd, it might make sense to compute - * a^p mod m_odd and a^p mod 2^k separately (with Montgomery - * exponentiation for the odd part), using appropriate exponent - * reductions, and combine the results using the CRT. - * - * For now, we use Montgomery only if the modulus is odd; otherwise, - * exponentiation using the reciprocal-based quick remaindering - * algorithm is used. - * - * (Timing obtained with expspeed.c [computations a^p mod m - * where a, p, m are of the same length: 256, 512, 1024, 2048, - * 4096, 8192 bits], compared to the running time of the - * standard algorithm: - * - * BN_mod_exp_mont 33 .. 40 % [AMD K6-2, Linux, debug configuration] - * 55 .. 77 % [UltraSparc processor, but - * debug-solaris-sparcv8-gcc conf.] - * - * BN_mod_exp_recp 50 .. 70 % [AMD K6-2, Linux, debug configuration] - * 62 .. 118 % [UltraSparc, debug-solaris-sparcv8-gcc] - * - * On the Sparc, BN_mod_exp_recp was faster than BN_mod_exp_mont - * at 2048 and more bits, but at 512 and 1024 bits, it was - * slower even than the standard algorithm! - * - * "Real" timings [linux-elf, solaris-sparcv9-gcc configurations] - * should be obtained when the new Montgomery reduction code - * has been integrated into OpenSSL.) - */ - - if (BN_is_odd(m)) { - if (a->top == 1 && !a->neg && !ct) { - BN_ULONG A = a->d[0]; - ret = BN_mod_exp_mont_word(r, A,p, m,ctx, NULL); - } else - ret = BN_mod_exp_mont_ct(r, a,p, m,ctx, NULL); - } else { - ret = BN_mod_exp_reciprocal(r, a,p, m, ctx); - } - - return (ret); -} - -int -BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, - BN_CTX *ctx) -{ - return BN_mod_exp_internal(r, a, p, m, ctx, - (BN_get_flags(p, BN_FLG_CONSTTIME) != 0)); -} -LCRYPTO_ALIAS(BN_mod_exp); - -int -BN_mod_exp_ct(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, - BN_CTX *ctx) -{ - return BN_mod_exp_internal(r, a, p, m, ctx, 1); -} - -int -BN_mod_exp_nonct(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, - BN_CTX *ctx) -{ - return BN_mod_exp_internal(r, a, p, m, ctx, 0); -} - -int -BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1, - const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *in_mont) -{ - int i, j, bits, b, bits1, bits2, ret = 0, wpos1, wpos2, window1, window2, wvalue1, wvalue2; - int r_is_one = 1; - BIGNUM *d, *r; - const BIGNUM *a_mod_m; - /* Tables of variables obtained from 'ctx' */ - BIGNUM *val1[TABLE_SIZE], *val2[TABLE_SIZE]; - BN_MONT_CTX *mont = NULL; - - - if (!BN_is_odd(m)) { - BNerror(BN_R_CALLED_WITH_EVEN_MODULUS); - return (0); - } - bits1 = BN_num_bits(p1); - bits2 = BN_num_bits(p2); - if ((bits1 == 0) && (bits2 == 0)) { - ret = BN_one(rr); - return ret; - } - - bits = (bits1 > bits2) ? bits1 : bits2; - - BN_CTX_start(ctx); - if ((d = BN_CTX_get(ctx)) == NULL) - goto err; - if ((r = BN_CTX_get(ctx)) == NULL) - goto err; - if ((val1[0] = BN_CTX_get(ctx)) == NULL) - goto err; - if ((val2[0] = BN_CTX_get(ctx)) == NULL) - goto err; - - if ((mont = in_mont) == NULL) - mont = BN_MONT_CTX_create(m, ctx); - if (mont == NULL) - goto err; - - window1 = BN_window_bits_for_exponent_size(bits1); - window2 = BN_window_bits_for_exponent_size(bits2); - - /* - * Build table for a1: val1[i] := a1^(2*i + 1) mod m for i = 0 .. 2^(window1-1) - */ - if (!BN_nnmod(val1[0], a1, m, ctx)) - goto err; - a_mod_m = val1[0]; - if (BN_is_zero(a_mod_m)) { - BN_zero(rr); - ret = 1; - goto err; - } - - if (!BN_to_montgomery(val1[0], a_mod_m, mont, ctx)) - goto err; - if (window1 > 1) { - if (!BN_mod_mul_montgomery(d, val1[0], val1[0], mont, ctx)) - goto err; - - j = 1 << (window1 - 1); - for (i = 1; i < j; i++) { - if (((val1[i] = BN_CTX_get(ctx)) == NULL) || - !BN_mod_mul_montgomery(val1[i], val1[i - 1], - d, mont, ctx)) - goto err; - } - } - - - /* - * Build table for a2: val2[i] := a2^(2*i + 1) mod m for i = 0 .. 2^(window2-1) - */ - if (!BN_nnmod(val2[0], a2, m, ctx)) - goto err; - a_mod_m = val2[0]; - if (BN_is_zero(a_mod_m)) { - BN_zero(rr); - ret = 1; - goto err; - } - if (!BN_to_montgomery(val2[0], a_mod_m, mont, ctx)) - goto err; - if (window2 > 1) { - if (!BN_mod_mul_montgomery(d, val2[0], val2[0], mont, ctx)) - goto err; - - j = 1 << (window2 - 1); - for (i = 1; i < j; i++) { - if (((val2[i] = BN_CTX_get(ctx)) == NULL) || - !BN_mod_mul_montgomery(val2[i], val2[i - 1], - d, mont, ctx)) - goto err; - } - } - - - /* Now compute the power product, using independent windows. */ - r_is_one = 1; - wvalue1 = 0; /* The 'value' of the first window */ - wvalue2 = 0; /* The 'value' of the second window */ - wpos1 = 0; /* If wvalue1 > 0, the bottom bit of the first window */ - wpos2 = 0; /* If wvalue2 > 0, the bottom bit of the second window */ - - if (!BN_to_montgomery(r, BN_value_one(), mont, ctx)) - goto err; - for (b = bits - 1; b >= 0; b--) { - if (!r_is_one) { - if (!BN_mod_mul_montgomery(r, r,r, mont, ctx)) - goto err; - } - - if (!wvalue1) - if (BN_is_bit_set(p1, b)) { - /* consider bits b-window1+1 .. b for this window */ - i = b - window1 + 1; - while (!BN_is_bit_set(p1, i)) /* works for i<0 */ - i++; - wpos1 = i; - wvalue1 = 1; - for (i = b - 1; i >= wpos1; i--) { - wvalue1 <<= 1; - if (BN_is_bit_set(p1, i)) - wvalue1++; - } - } - - if (!wvalue2) - if (BN_is_bit_set(p2, b)) { - /* consider bits b-window2+1 .. b for this window */ - i = b - window2 + 1; - while (!BN_is_bit_set(p2, i)) - i++; - wpos2 = i; - wvalue2 = 1; - for (i = b - 1; i >= wpos2; i--) { - wvalue2 <<= 1; - if (BN_is_bit_set(p2, i)) - wvalue2++; - } - } - - if (wvalue1 && b == wpos1) { - /* wvalue1 is odd and < 2^window1 */ - if (!BN_mod_mul_montgomery(r, r, val1[wvalue1 >> 1], - mont, ctx)) - goto err; - wvalue1 = 0; - r_is_one = 0; - } - - if (wvalue2 && b == wpos2) { - /* wvalue2 is odd and < 2^window2 */ - if (!BN_mod_mul_montgomery(r, r, val2[wvalue2 >> 1], - mont, ctx)) - goto err; - wvalue2 = 0; - r_is_one = 0; - } - } - if (!BN_from_montgomery(rr, r,mont, ctx)) - goto err; - - ret = 1; - - err: - if (mont != in_mont) - BN_MONT_CTX_free(mont); - BN_CTX_end(ctx); - - return ret; -} diff --git a/src/lib/libcrypto/bn/bn_gcd.c b/src/lib/libcrypto/bn/bn_gcd.c deleted file mode 100644 index fa5d71a7f3..0000000000 --- a/src/lib/libcrypto/bn/bn_gcd.c +++ /dev/null @@ -1,818 +0,0 @@ -/* $OpenBSD: bn_gcd.c,v 1.29 2024/04/10 14:58:06 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include "bn_local.h" - -static BIGNUM * -euclid(BIGNUM *a, BIGNUM *b) -{ - BIGNUM *t; - int shifts = 0; - - /* Loop invariant: 0 <= b <= a. */ - while (!BN_is_zero(b)) { - if (BN_is_odd(a) && BN_is_odd(b)) { - if (!BN_sub(a, a, b)) - goto err; - if (!BN_rshift1(a, a)) - goto err; - } else if (BN_is_odd(a) && !BN_is_odd(b)) { - if (!BN_rshift1(b, b)) - goto err; - } else if (!BN_is_odd(a) && BN_is_odd(b)) { - if (!BN_rshift1(a, a)) - goto err; - } else { - if (!BN_rshift1(a, a)) - goto err; - if (!BN_rshift1(b, b)) - goto err; - shifts++; - continue; - } - - if (BN_cmp(a, b) < 0) { - t = a; - a = b; - b = t; - } - } - - if (shifts) { - if (!BN_lshift(a, a, shifts)) - goto err; - } - - return a; - - err: - return NULL; -} - -int -BN_gcd(BIGNUM *r, const BIGNUM *in_a, const BIGNUM *in_b, BN_CTX *ctx) -{ - BIGNUM *a, *b, *t; - int ret = 0; - - BN_CTX_start(ctx); - if ((a = BN_CTX_get(ctx)) == NULL) - goto err; - if ((b = BN_CTX_get(ctx)) == NULL) - goto err; - - if (!bn_copy(a, in_a)) - goto err; - if (!bn_copy(b, in_b)) - goto err; - a->neg = 0; - b->neg = 0; - - if (BN_cmp(a, b) < 0) { - t = a; - a = b; - b = t; - } - t = euclid(a, b); - if (t == NULL) - goto err; - - if (!bn_copy(r, t)) - goto err; - ret = 1; - - err: - BN_CTX_end(ctx); - return (ret); -} -LCRYPTO_ALIAS(BN_gcd); - -/* - * BN_gcd_no_branch is a special version of BN_mod_inverse_no_branch. - * that returns the GCD. - */ -static BIGNUM * -BN_gcd_no_branch(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, - BN_CTX *ctx) -{ - BIGNUM *A, *B, *X, *Y, *M, *D, *T, *R = NULL; - BIGNUM local_A, local_B; - BIGNUM *pA, *pB; - BIGNUM *ret = NULL; - int sign; - - if (in == NULL) - goto err; - R = in; - - BN_init(&local_A); - BN_init(&local_B); - - BN_CTX_start(ctx); - if ((A = BN_CTX_get(ctx)) == NULL) - goto err; - if ((B = BN_CTX_get(ctx)) == NULL) - goto err; - if ((X = BN_CTX_get(ctx)) == NULL) - goto err; - if ((D = BN_CTX_get(ctx)) == NULL) - goto err; - if ((M = BN_CTX_get(ctx)) == NULL) - goto err; - if ((Y = BN_CTX_get(ctx)) == NULL) - goto err; - if ((T = BN_CTX_get(ctx)) == NULL) - goto err; - - if (!BN_one(X)) - goto err; - BN_zero(Y); - if (!bn_copy(B, a)) - goto err; - if (!bn_copy(A, n)) - goto err; - A->neg = 0; - - if (B->neg || (BN_ucmp(B, A) >= 0)) { - /* - * Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked, - * BN_div_no_branch will be called eventually. - */ - pB = &local_B; - /* BN_init() done at the top of the function. */ - BN_with_flags(pB, B, BN_FLG_CONSTTIME); - if (!BN_nnmod(B, pB, A, ctx)) - goto err; - } - sign = -1; - /* From B = a mod |n|, A = |n| it follows that - * - * 0 <= B < A, - * -sign*X*a == B (mod |n|), - * sign*Y*a == A (mod |n|). - */ - - while (!BN_is_zero(B)) { - BIGNUM *tmp; - - /* - * 0 < B < A, - * (*) -sign*X*a == B (mod |n|), - * sign*Y*a == A (mod |n|) - */ - - /* - * Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked, - * BN_div_no_branch will be called eventually. - */ - pA = &local_A; - /* BN_init() done at the top of the function. */ - BN_with_flags(pA, A, BN_FLG_CONSTTIME); - - /* (D, M) := (A/B, A%B) ... */ - if (!BN_div_ct(D, M, pA, B, ctx)) - goto err; - - /* Now - * A = D*B + M; - * thus we have - * (**) sign*Y*a == D*B + M (mod |n|). - */ - tmp = A; /* keep the BIGNUM object, the value does not matter */ - - /* (A, B) := (B, A mod B) ... */ - A = B; - B = M; - /* ... so we have 0 <= B < A again */ - - /* Since the former M is now B and the former B is now A, - * (**) translates into - * sign*Y*a == D*A + B (mod |n|), - * i.e. - * sign*Y*a - D*A == B (mod |n|). - * Similarly, (*) translates into - * -sign*X*a == A (mod |n|). - * - * Thus, - * sign*Y*a + D*sign*X*a == B (mod |n|), - * i.e. - * sign*(Y + D*X)*a == B (mod |n|). - * - * So if we set (X, Y, sign) := (Y + D*X, X, -sign), we arrive back at - * -sign*X*a == B (mod |n|), - * sign*Y*a == A (mod |n|). - * Note that X and Y stay non-negative all the time. - */ - - if (!BN_mul(tmp, D, X, ctx)) - goto err; - if (!BN_add(tmp, tmp, Y)) - goto err; - - M = Y; /* keep the BIGNUM object, the value does not matter */ - Y = X; - X = tmp; - sign = -sign; - } - - /* - * The while loop (Euclid's algorithm) ends when - * A == gcd(a,n); - */ - - if (!bn_copy(R, A)) - goto err; - ret = R; - err: - if ((ret == NULL) && (in == NULL)) - BN_free(R); - BN_CTX_end(ctx); - return (ret); -} - -int -BN_gcd_ct(BIGNUM *r, const BIGNUM *in_a, const BIGNUM *in_b, BN_CTX *ctx) -{ - if (BN_gcd_no_branch(r, in_a, in_b, ctx) == NULL) - return 0; - return 1; -} - -/* BN_mod_inverse_no_branch is a special version of BN_mod_inverse. - * It does not contain branches that may leak sensitive information. - */ -static BIGNUM * -BN_mod_inverse_no_branch(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, - BN_CTX *ctx) -{ - BIGNUM *A, *B, *X, *Y, *M, *D, *T, *R = NULL; - BIGNUM local_A, local_B; - BIGNUM *pA, *pB; - BIGNUM *ret = NULL; - int sign; - - BN_init(&local_A); - BN_init(&local_B); - - BN_CTX_start(ctx); - if ((A = BN_CTX_get(ctx)) == NULL) - goto err; - if ((B = BN_CTX_get(ctx)) == NULL) - goto err; - if ((X = BN_CTX_get(ctx)) == NULL) - goto err; - if ((D = BN_CTX_get(ctx)) == NULL) - goto err; - if ((M = BN_CTX_get(ctx)) == NULL) - goto err; - if ((Y = BN_CTX_get(ctx)) == NULL) - goto err; - if ((T = BN_CTX_get(ctx)) == NULL) - goto err; - - if (in == NULL) - R = BN_new(); - else - R = in; - if (R == NULL) - goto err; - - if (!BN_one(X)) - goto err; - BN_zero(Y); - if (!bn_copy(B, a)) - goto err; - if (!bn_copy(A, n)) - goto err; - A->neg = 0; - - if (B->neg || (BN_ucmp(B, A) >= 0)) { - /* - * Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked, - * BN_div_no_branch will be called eventually. - */ - pB = &local_B; - /* BN_init() done at the top of the function. */ - BN_with_flags(pB, B, BN_FLG_CONSTTIME); - if (!BN_nnmod(B, pB, A, ctx)) - goto err; - } - sign = -1; - /* From B = a mod |n|, A = |n| it follows that - * - * 0 <= B < A, - * -sign*X*a == B (mod |n|), - * sign*Y*a == A (mod |n|). - */ - - while (!BN_is_zero(B)) { - BIGNUM *tmp; - - /* - * 0 < B < A, - * (*) -sign*X*a == B (mod |n|), - * sign*Y*a == A (mod |n|) - */ - - /* - * Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked, - * BN_div_no_branch will be called eventually. - */ - pA = &local_A; - /* BN_init() done at the top of the function. */ - BN_with_flags(pA, A, BN_FLG_CONSTTIME); - - /* (D, M) := (A/B, A%B) ... */ - if (!BN_div_ct(D, M, pA, B, ctx)) - goto err; - - /* Now - * A = D*B + M; - * thus we have - * (**) sign*Y*a == D*B + M (mod |n|). - */ - tmp = A; /* keep the BIGNUM object, the value does not matter */ - - /* (A, B) := (B, A mod B) ... */ - A = B; - B = M; - /* ... so we have 0 <= B < A again */ - - /* Since the former M is now B and the former B is now A, - * (**) translates into - * sign*Y*a == D*A + B (mod |n|), - * i.e. - * sign*Y*a - D*A == B (mod |n|). - * Similarly, (*) translates into - * -sign*X*a == A (mod |n|). - * - * Thus, - * sign*Y*a + D*sign*X*a == B (mod |n|), - * i.e. - * sign*(Y + D*X)*a == B (mod |n|). - * - * So if we set (X, Y, sign) := (Y + D*X, X, -sign), we arrive back at - * -sign*X*a == B (mod |n|), - * sign*Y*a == A (mod |n|). - * Note that X and Y stay non-negative all the time. - */ - - if (!BN_mul(tmp, D, X, ctx)) - goto err; - if (!BN_add(tmp, tmp, Y)) - goto err; - - M = Y; /* keep the BIGNUM object, the value does not matter */ - Y = X; - X = tmp; - sign = -sign; - } - - /* - * The while loop (Euclid's algorithm) ends when - * A == gcd(a,n); - * we have - * sign*Y*a == A (mod |n|), - * where Y is non-negative. - */ - - if (sign < 0) { - if (!BN_sub(Y, n, Y)) - goto err; - } - /* Now Y*a == A (mod |n|). */ - - if (!BN_is_one(A)) { - BNerror(BN_R_NO_INVERSE); - goto err; - } - - if (!BN_nnmod(Y, Y, n, ctx)) - goto err; - if (!bn_copy(R, Y)) - goto err; - - ret = R; - - err: - if ((ret == NULL) && (in == NULL)) - BN_free(R); - BN_CTX_end(ctx); - return (ret); -} - -/* solves ax == 1 (mod n) */ -static BIGNUM * -BN_mod_inverse_internal(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx, - int ct) -{ - BIGNUM *A, *B, *X, *Y, *M, *D, *T, *R = NULL; - BIGNUM *ret = NULL; - int sign; - - if (ct) - return BN_mod_inverse_no_branch(in, a, n, ctx); - - BN_CTX_start(ctx); - if ((A = BN_CTX_get(ctx)) == NULL) - goto err; - if ((B = BN_CTX_get(ctx)) == NULL) - goto err; - if ((X = BN_CTX_get(ctx)) == NULL) - goto err; - if ((D = BN_CTX_get(ctx)) == NULL) - goto err; - if ((M = BN_CTX_get(ctx)) == NULL) - goto err; - if ((Y = BN_CTX_get(ctx)) == NULL) - goto err; - if ((T = BN_CTX_get(ctx)) == NULL) - goto err; - - if (in == NULL) - R = BN_new(); - else - R = in; - if (R == NULL) - goto err; - - if (!BN_one(X)) - goto err; - BN_zero(Y); - if (!bn_copy(B, a)) - goto err; - if (!bn_copy(A, n)) - goto err; - A->neg = 0; - if (B->neg || (BN_ucmp(B, A) >= 0)) { - if (!BN_nnmod(B, B, A, ctx)) - goto err; - } - sign = -1; - /* From B = a mod |n|, A = |n| it follows that - * - * 0 <= B < A, - * -sign*X*a == B (mod |n|), - * sign*Y*a == A (mod |n|). - */ - - if (BN_is_odd(n) && (BN_num_bits(n) <= (BN_BITS <= 32 ? 450 : 2048))) { - /* Binary inversion algorithm; requires odd modulus. - * This is faster than the general algorithm if the modulus - * is sufficiently small (about 400 .. 500 bits on 32-bit - * systems, but much more on 64-bit systems) */ - int shift; - - while (!BN_is_zero(B)) { - /* - * 0 < B < |n|, - * 0 < A <= |n|, - * (1) -sign*X*a == B (mod |n|), - * (2) sign*Y*a == A (mod |n|) - */ - - /* Now divide B by the maximum possible power of two in the integers, - * and divide X by the same value mod |n|. - * When we're done, (1) still holds. */ - shift = 0; - while (!BN_is_bit_set(B, shift)) /* note that 0 < B */ - { - shift++; - - if (BN_is_odd(X)) { - if (!BN_uadd(X, X, n)) - goto err; - } - /* now X is even, so we can easily divide it by two */ - if (!BN_rshift1(X, X)) - goto err; - } - if (shift > 0) { - if (!BN_rshift(B, B, shift)) - goto err; - } - - /* Same for A and Y. Afterwards, (2) still holds. */ - shift = 0; - while (!BN_is_bit_set(A, shift)) /* note that 0 < A */ - { - shift++; - - if (BN_is_odd(Y)) { - if (!BN_uadd(Y, Y, n)) - goto err; - } - /* now Y is even */ - if (!BN_rshift1(Y, Y)) - goto err; - } - if (shift > 0) { - if (!BN_rshift(A, A, shift)) - goto err; - } - - /* We still have (1) and (2). - * Both A and B are odd. - * The following computations ensure that - * - * 0 <= B < |n|, - * 0 < A < |n|, - * (1) -sign*X*a == B (mod |n|), - * (2) sign*Y*a == A (mod |n|), - * - * and that either A or B is even in the next iteration. - */ - if (BN_ucmp(B, A) >= 0) { - /* -sign*(X + Y)*a == B - A (mod |n|) */ - if (!BN_uadd(X, X, Y)) - goto err; - /* NB: we could use BN_mod_add_quick(X, X, Y, n), but that - * actually makes the algorithm slower */ - if (!BN_usub(B, B, A)) - goto err; - } else { - /* sign*(X + Y)*a == A - B (mod |n|) */ - if (!BN_uadd(Y, Y, X)) - goto err; - /* as above, BN_mod_add_quick(Y, Y, X, n) would slow things down */ - if (!BN_usub(A, A, B)) - goto err; - } - } - } else { - /* general inversion algorithm */ - - while (!BN_is_zero(B)) { - BIGNUM *tmp; - - /* - * 0 < B < A, - * (*) -sign*X*a == B (mod |n|), - * sign*Y*a == A (mod |n|) - */ - - /* (D, M) := (A/B, A%B) ... */ - if (BN_num_bits(A) == BN_num_bits(B)) { - if (!BN_one(D)) - goto err; - if (!BN_sub(M, A, B)) - goto err; - } else if (BN_num_bits(A) == BN_num_bits(B) + 1) { - /* A/B is 1, 2, or 3 */ - if (!BN_lshift1(T, B)) - goto err; - if (BN_ucmp(A, T) < 0) { - /* A < 2*B, so D=1 */ - if (!BN_one(D)) - goto err; - if (!BN_sub(M, A, B)) - goto err; - } else { - /* A >= 2*B, so D=2 or D=3 */ - if (!BN_sub(M, A, T)) - goto err; - if (!BN_add(D,T,B)) goto err; /* use D (:= 3*B) as temp */ - if (BN_ucmp(A, D) < 0) { - /* A < 3*B, so D=2 */ - if (!BN_set_word(D, 2)) - goto err; - /* M (= A - 2*B) already has the correct value */ - } else { - /* only D=3 remains */ - if (!BN_set_word(D, 3)) - goto err; - /* currently M = A - 2*B, but we need M = A - 3*B */ - if (!BN_sub(M, M, B)) - goto err; - } - } - } else { - if (!BN_div_nonct(D, M, A, B, ctx)) - goto err; - } - - /* Now - * A = D*B + M; - * thus we have - * (**) sign*Y*a == D*B + M (mod |n|). - */ - tmp = A; /* keep the BIGNUM object, the value does not matter */ - - /* (A, B) := (B, A mod B) ... */ - A = B; - B = M; - /* ... so we have 0 <= B < A again */ - - /* Since the former M is now B and the former B is now A, - * (**) translates into - * sign*Y*a == D*A + B (mod |n|), - * i.e. - * sign*Y*a - D*A == B (mod |n|). - * Similarly, (*) translates into - * -sign*X*a == A (mod |n|). - * - * Thus, - * sign*Y*a + D*sign*X*a == B (mod |n|), - * i.e. - * sign*(Y + D*X)*a == B (mod |n|). - * - * So if we set (X, Y, sign) := (Y + D*X, X, -sign), we arrive back at - * -sign*X*a == B (mod |n|), - * sign*Y*a == A (mod |n|). - * Note that X and Y stay non-negative all the time. - */ - - /* most of the time D is very small, so we can optimize tmp := D*X+Y */ - if (BN_is_one(D)) { - if (!BN_add(tmp, X, Y)) - goto err; - } else { - if (BN_is_word(D, 2)) { - if (!BN_lshift1(tmp, X)) - goto err; - } else if (BN_is_word(D, 4)) { - if (!BN_lshift(tmp, X, 2)) - goto err; - } else if (D->top == 1) { - if (!bn_copy(tmp, X)) - goto err; - if (!BN_mul_word(tmp, D->d[0])) - goto err; - } else { - if (!BN_mul(tmp, D,X, ctx)) - goto err; - } - if (!BN_add(tmp, tmp, Y)) - goto err; - } - - M = Y; /* keep the BIGNUM object, the value does not matter */ - Y = X; - X = tmp; - sign = -sign; - } - } - - /* - * The while loop (Euclid's algorithm) ends when - * A == gcd(a,n); - * we have - * sign*Y*a == A (mod |n|), - * where Y is non-negative. - */ - - if (sign < 0) { - if (!BN_sub(Y, n, Y)) - goto err; - } - /* Now Y*a == A (mod |n|). */ - - if (!BN_is_one(A)) { - BNerror(BN_R_NO_INVERSE); - goto err; - } - - if (!BN_nnmod(Y, Y, n, ctx)) - goto err; - if (!bn_copy(R, Y)) - goto err; - - ret = R; - - err: - if ((ret == NULL) && (in == NULL)) - BN_free(R); - BN_CTX_end(ctx); - return (ret); -} - -BIGNUM * -BN_mod_inverse(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx) -{ - int ct = ((BN_get_flags(a, BN_FLG_CONSTTIME) != 0) || - (BN_get_flags(n, BN_FLG_CONSTTIME) != 0)); - return BN_mod_inverse_internal(in, a, n, ctx, ct); -} -LCRYPTO_ALIAS(BN_mod_inverse); - -BIGNUM * -BN_mod_inverse_nonct(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx) -{ - return BN_mod_inverse_internal(in, a, n, ctx, 0); -} - -BIGNUM * -BN_mod_inverse_ct(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx) -{ - return BN_mod_inverse_internal(in, a, n, ctx, 1); -} diff --git a/src/lib/libcrypto/bn/bn_internal.h b/src/lib/libcrypto/bn/bn_internal.h deleted file mode 100644 index fd04bc9f8a..0000000000 --- a/src/lib/libcrypto/bn/bn_internal.h +++ /dev/null @@ -1,568 +0,0 @@ -/* $OpenBSD: bn_internal.h,v 1.15 2023/06/25 11:42:26 jsing Exp $ */ -/* - * Copyright (c) 2023 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include "bn_arch.h" - -#ifndef HEADER_BN_INTERNAL_H -#define HEADER_BN_INTERNAL_H - -int bn_word_clz(BN_ULONG w); - -int bn_bitsize(const BIGNUM *bn); - -#ifndef HAVE_BN_CT_NE_ZERO -static inline int -bn_ct_ne_zero(BN_ULONG w) -{ - return (w | ~(w - 1)) >> (BN_BITS2 - 1); -} -#endif - -#ifndef HAVE_BN_CT_NE_ZERO_MASK -static inline BN_ULONG -bn_ct_ne_zero_mask(BN_ULONG w) -{ - return 0 - bn_ct_ne_zero(w); -} -#endif - -#ifndef HAVE_BN_CT_EQ_ZERO -static inline int -bn_ct_eq_zero(BN_ULONG w) -{ - return 1 - bn_ct_ne_zero(w); -} -#endif - -#ifndef HAVE_BN_CT_EQ_ZERO_MASK -static inline BN_ULONG -bn_ct_eq_zero_mask(BN_ULONG w) -{ - return 0 - bn_ct_eq_zero(w); -} -#endif - -#ifndef HAVE_BN_CLZW -static inline int -bn_clzw(BN_ULONG w) -{ - return bn_word_clz(w); -} -#endif - -/* - * Big number primitives are named as the operation followed by a suffix - * that indicates the number of words that it operates on, where 'w' means - * single word, 'dw' means double word, 'tw' means triple word and 'qw' means - * quadruple word. Unless otherwise noted, the size of the output is implied - * based on its inputs, for example bn_mulw() takes two single word inputs - * and is going to produce a double word result. - * - * Where a function implements multiple operations, these are listed in order. - * For example, a function that computes (r1:r0) = a * b + c is named - * bn_mulw_addw(), producing a double word result. - */ - -/* - * Default implementations for BN_ULLONG architectures. - * - * On these platforms the C compiler is generally better at optimising without - * the use of inline assembly primitives. However, it can be difficult for the - * compiler to see through primitives in order to combine operations, due to - * type changes/narrowing. For this reason compound primitives are usually - * explicitly provided. - */ -#ifdef BN_ULLONG - -#ifndef HAVE_BN_ADDW -#define HAVE_BN_ADDW -static inline void -bn_addw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULLONG r; - - r = (BN_ULLONG)a + (BN_ULLONG)b; - - *out_r1 = r >> BN_BITS2; - *out_r0 = r & BN_MASK2; -} -#endif - -#ifndef HAVE_BN_ADDW_ADDW -#define HAVE_BN_ADDW_ADDW -static inline void -bn_addw_addw(BN_ULONG a, BN_ULONG b, BN_ULONG c, BN_ULONG *out_r1, - BN_ULONG *out_r0) -{ - BN_ULLONG r; - - r = (BN_ULLONG)a + (BN_ULLONG)b + (BN_ULLONG)c; - - *out_r1 = r >> BN_BITS2; - *out_r0 = r & BN_MASK2; -} -#endif - -#ifndef HAVE_BN_MULW -#define HAVE_BN_MULW -static inline void -bn_mulw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULLONG r; - - r = (BN_ULLONG)a * (BN_ULLONG)b; - - *out_r1 = r >> BN_BITS2; - *out_r0 = r & BN_MASK2; -} -#endif - -#ifndef HAVE_BN_MULW_ADDW -#define HAVE_BN_MULW_ADDW -static inline void -bn_mulw_addw(BN_ULONG a, BN_ULONG b, BN_ULONG c, BN_ULONG *out_r1, - BN_ULONG *out_r0) -{ - BN_ULLONG r; - - r = (BN_ULLONG)a * (BN_ULLONG)b + (BN_ULLONG)c; - - *out_r1 = r >> BN_BITS2; - *out_r0 = r & BN_MASK2; -} -#endif - -#ifndef HAVE_BN_MULW_ADDW_ADDW -#define HAVE_BN_MULW_ADDW_ADDW -static inline void -bn_mulw_addw_addw(BN_ULONG a, BN_ULONG b, BN_ULONG c, BN_ULONG d, - BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULLONG r; - - r = (BN_ULLONG)a * (BN_ULLONG)b + (BN_ULLONG)c + (BN_ULLONG)d; - - *out_r1 = r >> BN_BITS2; - *out_r0 = r & BN_MASK2; -} -#endif - -#endif /* !BN_ULLONG */ - -/* - * bn_addw() computes (r1:r0) = a + b, where both inputs are single words, - * producing a double word result. The value of r1 is the carry from the - * addition. - */ -#ifndef HAVE_BN_ADDW -static inline void -bn_addw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULONG r1, r0, c1, c2; - - c1 = a | b; - c2 = a & b; - r0 = a + b; - r1 = ((c1 & ~r0) | c2) >> (BN_BITS2 - 1); /* carry */ - - *out_r1 = r1; - *out_r0 = r0; -} -#endif - -/* - * bn_addw_addw() computes (r1:r0) = a + b + c, where all inputs are single - * words, producing a double word result. - */ -#ifndef HAVE_BN_ADDW_ADDW -static inline void -bn_addw_addw(BN_ULONG a, BN_ULONG b, BN_ULONG c, BN_ULONG *out_r1, - BN_ULONG *out_r0) -{ - BN_ULONG carry, r1, r0; - - bn_addw(a, b, &r1, &r0); - bn_addw(r0, c, &carry, &r0); - r1 += carry; - - *out_r1 = r1; - *out_r0 = r0; -} -#endif - -/* - * bn_qwaddqw() computes - * (r4:r3:r2:r1:r0) = (a3:a2:a1:a0) + (b3:b2:b1:b0) + carry, where a is a quad word, - * b is a quad word, and carry is a single word with value 0 or 1, producing a four - * word result and carry. - */ -#ifndef HAVE_BN_QWADDQW -static inline void -bn_qwaddqw(BN_ULONG a3, BN_ULONG a2, BN_ULONG a1, BN_ULONG a0, BN_ULONG b3, - BN_ULONG b2, BN_ULONG b1, BN_ULONG b0, BN_ULONG carry, BN_ULONG *out_carry, - BN_ULONG *out_r3, BN_ULONG *out_r2, BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULONG r3, r2, r1, r0; - - bn_addw_addw(a0, b0, carry, &carry, &r0); - bn_addw_addw(a1, b1, carry, &carry, &r1); - bn_addw_addw(a2, b2, carry, &carry, &r2); - bn_addw_addw(a3, b3, carry, &carry, &r3); - - *out_carry = carry; - *out_r3 = r3; - *out_r2 = r2; - *out_r1 = r1; - *out_r0 = r0; -} -#endif - -/* - * bn_subw() computes r0 = a - b, where both inputs are single words, - * producing a single word result and borrow. - */ -#ifndef HAVE_BN_SUBW -static inline void -bn_subw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_borrow, BN_ULONG *out_r0) -{ - BN_ULONG borrow, r0; - - r0 = a - b; - borrow = ((r0 | (b & ~a)) & (b | ~a)) >> (BN_BITS2 - 1); - - *out_borrow = borrow; - *out_r0 = r0; -} -#endif - -/* - * bn_subw_subw() computes r0 = a - b - c, where all inputs are single words, - * producing a single word result and borrow. - */ -#ifndef HAVE_BN_SUBW_SUBW -static inline void -bn_subw_subw(BN_ULONG a, BN_ULONG b, BN_ULONG c, BN_ULONG *out_borrow, - BN_ULONG *out_r0) -{ - BN_ULONG b1, b2, r0; - - bn_subw(a, b, &b1, &r0); - bn_subw(r0, c, &b2, &r0); - - *out_borrow = b1 + b2; - *out_r0 = r0; -} -#endif - -/* - * bn_qwsubqw() computes - * (r3:r2:r1:r0) = (a3:a2:a1:a0) - (b3:b2:b1:b0) - borrow, where a is a quad word, - * b is a quad word, and borrow is a single word with value 0 or 1, producing a - * four word result and borrow. - */ -#ifndef HAVE_BN_QWSUBQW -static inline void -bn_qwsubqw(BN_ULONG a3, BN_ULONG a2, BN_ULONG a1, BN_ULONG a0, BN_ULONG b3, - BN_ULONG b2, BN_ULONG b1, BN_ULONG b0, BN_ULONG borrow, BN_ULONG *out_borrow, - BN_ULONG *out_r3, BN_ULONG *out_r2, BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULONG r3, r2, r1, r0; - - bn_subw_subw(a0, b0, borrow, &borrow, &r0); - bn_subw_subw(a1, b1, borrow, &borrow, &r1); - bn_subw_subw(a2, b2, borrow, &borrow, &r2); - bn_subw_subw(a3, b3, borrow, &borrow, &r3); - - *out_borrow = borrow; - *out_r3 = r3; - *out_r2 = r2; - *out_r1 = r1; - *out_r0 = r0; -} -#endif - -/* - * bn_mulw() computes (r1:r0) = a * b, where both inputs are single words, - * producing a double word result. - */ -#ifndef HAVE_BN_MULW -/* - * Multiply two words (a * b) producing a double word result (h:l). - * - * This can be rewritten as: - * - * a * b = (hi32(a) * 2^32 + lo32(a)) * (hi32(b) * 2^32 + lo32(b)) - * = hi32(a) * hi32(b) * 2^64 + - * hi32(a) * lo32(b) * 2^32 + - * hi32(b) * lo32(a) * 2^32 + - * lo32(a) * lo32(b) - * - * The multiplication for each part of a and b can be calculated for each of - * these four terms without overflowing a BN_ULONG, as the maximum value of a - * 32 bit x 32 bit multiplication is 32 + 32 = 64 bits. Once these - * multiplications have been performed the result can be partitioned and summed - * into a double word (h:l). The same applies on a 32 bit system, substituting - * 16 for 32 and 32 for 64. - */ -#if 1 -static inline void -bn_mulw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULONG a1, a0, b1, b0, r1, r0; - BN_ULONG carry, x; - - a1 = a >> BN_BITS4; - a0 = a & BN_MASK2l; - b1 = b >> BN_BITS4; - b0 = b & BN_MASK2l; - - r1 = a1 * b1; - r0 = a0 * b0; - - /* (a1 * b0) << BN_BITS4, partition the result across r1:r0 with carry. */ - x = a1 * b0; - r1 += x >> BN_BITS4; - bn_addw(r0, x << BN_BITS4, &carry, &r0); - r1 += carry; - - /* (b1 * a0) << BN_BITS4, partition the result across r1:r0 with carry. */ - x = b1 * a0; - r1 += x >> BN_BITS4; - bn_addw(r0, x << BN_BITS4, &carry, &r0); - r1 += carry; - - *out_r1 = r1; - *out_r0 = r0; -} -#else - -/* - * XXX - this accumulator based version uses fewer instructions, however - * requires more variables/registers. It seems to be slower on at least amd64 - * and i386, however may be faster on other architectures that have more - * registers available. Further testing is required and one of the two - * implementations should eventually be removed. - */ -static inline void -bn_mulw(BN_ULONG a, BN_ULONG b, BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULONG a1, a0, b1, b0, r1, r0, x; - BN_ULONG acc0, acc1, acc2, acc3; - - a1 = a >> BN_BITS4; - b1 = b >> BN_BITS4; - a0 = a & BN_MASK2l; - b0 = b & BN_MASK2l; - - r1 = a1 * b1; - r0 = a0 * b0; - - acc0 = r0 & BN_MASK2l; - acc1 = r0 >> BN_BITS4; - acc2 = r1 & BN_MASK2l; - acc3 = r1 >> BN_BITS4; - - /* (a1 * b0) << BN_BITS4, partition the result across r1:r0. */ - x = a1 * b0; - acc1 += x & BN_MASK2l; - acc2 += (acc1 >> BN_BITS4) + (x >> BN_BITS4); - acc1 &= BN_MASK2l; - acc3 += acc2 >> BN_BITS4; - acc2 &= BN_MASK2l; - - /* (b1 * a0) << BN_BITS4, partition the result across r1:r0. */ - x = b1 * a0; - acc1 += x & BN_MASK2l; - acc2 += (acc1 >> BN_BITS4) + (x >> BN_BITS4); - acc1 &= BN_MASK2l; - acc3 += acc2 >> BN_BITS4; - acc2 &= BN_MASK2l; - - *out_r1 = (acc3 << BN_BITS4) | acc2; - *out_r0 = (acc1 << BN_BITS4) | acc0; -} -#endif -#endif - -#ifndef HAVE_BN_MULW_LO -static inline BN_ULONG -bn_mulw_lo(BN_ULONG a, BN_ULONG b) -{ - return a * b; -} -#endif - -#ifndef HAVE_BN_MULW_HI -static inline BN_ULONG -bn_mulw_hi(BN_ULONG a, BN_ULONG b) -{ - BN_ULONG h, l; - - bn_mulw(a, b, &h, &l); - - return h; -} -#endif - -/* - * bn_mulw_addw() computes (r1:r0) = a * b + c with all inputs being single - * words, producing a double word result. - */ -#ifndef HAVE_BN_MULW_ADDW -static inline void -bn_mulw_addw(BN_ULONG a, BN_ULONG b, BN_ULONG c, BN_ULONG *out_r1, - BN_ULONG *out_r0) -{ - BN_ULONG carry, r1, r0; - - bn_mulw(a, b, &r1, &r0); - bn_addw(r0, c, &carry, &r0); - r1 += carry; - - *out_r1 = r1; - *out_r0 = r0; -} -#endif - -/* - * bn_mulw_addw_addw() computes (r1:r0) = a * b + c + d with all inputs being - * single words, producing a double word result. - */ -#ifndef HAVE_BN_MULW_ADDW_ADDW -static inline void -bn_mulw_addw_addw(BN_ULONG a, BN_ULONG b, BN_ULONG c, BN_ULONG d, - BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULONG carry, r1, r0; - - bn_mulw_addw(a, b, c, &r1, &r0); - bn_addw(r0, d, &carry, &r0); - r1 += carry; - - *out_r1 = r1; - *out_r0 = r0; -} -#endif - -/* - * bn_mulw_addtw() computes (r2:r1:r0) = a * b + (c2:c1:c0), where a and b are - * single words and (c2:c1:c0) is a triple word, producing a triple word result. - * The caller must ensure that the inputs provided do not result in c2 - * overflowing. - */ -#ifndef HAVE_BN_MULW_ADDTW -static inline void -bn_mulw_addtw(BN_ULONG a, BN_ULONG b, BN_ULONG c2, BN_ULONG c1, BN_ULONG c0, - BN_ULONG *out_r2, BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULONG carry, r2, r1, r0, x1; - - bn_mulw_addw(a, b, c0, &x1, &r0); - bn_addw(c1, x1, &carry, &r1); - r2 = c2 + carry; - - *out_r2 = r2; - *out_r1 = r1; - *out_r0 = r0; -} -#endif - -/* - * bn_mul2_mulw_addtw() computes (r2:r1:r0) = 2 * a * b + (c2:c1:c0), where a - * and b are single words and (c2:c1:c0) is a triple word, producing a triple - * word result. The caller must ensure that the inputs provided do not result - * in c2 overflowing. - */ -#ifndef HAVE_BN_MUL2_MULW_ADDTW -static inline void -bn_mul2_mulw_addtw(BN_ULONG a, BN_ULONG b, BN_ULONG c2, BN_ULONG c1, BN_ULONG c0, - BN_ULONG *out_r2, BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULONG r2, r1, r0, x1, x0; - BN_ULONG carry; - - bn_mulw(a, b, &x1, &x0); - bn_addw(c0, x0, &carry, &r0); - bn_addw(c1, x1 + carry, &r2, &r1); - bn_addw(c2, r2, &carry, &r2); - bn_addw(r0, x0, &carry, &r0); - bn_addw(r1, x1 + carry, &carry, &r1); - r2 += carry; - - *out_r2 = r2; - *out_r1 = r1; - *out_r0 = r0; -} -#endif - -/* - * bn_qwmulw_addw() computes (r4:r3:r2:r1:r0) = (a3:a2:a1:a0) * b + c, where a - * is a quad word, b is a single word and c is a single word, producing a five - * word result. - */ -#ifndef HAVE_BN_QWMULW_ADDW -static inline void -bn_qwmulw_addw(BN_ULONG a3, BN_ULONG a2, BN_ULONG a1, BN_ULONG a0, BN_ULONG b, - BN_ULONG c, BN_ULONG *out_r4, BN_ULONG *out_r3, BN_ULONG *out_r2, - BN_ULONG *out_r1, BN_ULONG *out_r0) -{ - BN_ULONG r3, r2, r1, r0; - - bn_mulw_addw(a0, b, c, &c, &r0); - bn_mulw_addw(a1, b, c, &c, &r1); - bn_mulw_addw(a2, b, c, &c, &r2); - bn_mulw_addw(a3, b, c, &c, &r3); - - *out_r4 = c; - *out_r3 = r3; - *out_r2 = r2; - *out_r1 = r1; - *out_r0 = r0; -} -#endif - -/* - * bn_qwmulw_addqw_addw() computes - * (r4:r3:r2:r1:r0) = (a3:a2:a1:a0) * b + (c3:c2:c1:c0) + d, where a - * is a quad word, b is a single word, c is a quad word, and d is a single word, - * producing a five word result. - */ -#ifndef HAVE_BN_QWMULW_ADDQW_ADDW -static inline void -bn_qwmulw_addqw_addw(BN_ULONG a3, BN_ULONG a2, BN_ULONG a1, BN_ULONG a0, - BN_ULONG b, BN_ULONG c3, BN_ULONG c2, BN_ULONG c1, BN_ULONG c0, BN_ULONG d, - BN_ULONG *out_r4, BN_ULONG *out_r3, BN_ULONG *out_r2, BN_ULONG *out_r1, - BN_ULONG *out_r0) -{ - BN_ULONG r3, r2, r1, r0; - - bn_mulw_addw_addw(a0, b, c0, d, &d, &r0); - bn_mulw_addw_addw(a1, b, c1, d, &d, &r1); - bn_mulw_addw_addw(a2, b, c2, d, &d, &r2); - bn_mulw_addw_addw(a3, b, c3, d, &d, &r3); - - *out_r4 = d; - *out_r3 = r3; - *out_r2 = r2; - *out_r1 = r1; - *out_r0 = r0; -} -#endif - -#endif diff --git a/src/lib/libcrypto/bn/bn_isqrt.c b/src/lib/libcrypto/bn/bn_isqrt.c deleted file mode 100644 index 018d5f34bd..0000000000 --- a/src/lib/libcrypto/bn/bn_isqrt.c +++ /dev/null @@ -1,234 +0,0 @@ -/* $OpenBSD: bn_isqrt.c,v 1.10 2023/06/04 17:28:35 tb Exp $ */ -/* - * Copyright (c) 2022 Theo Buehler - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include - -#include -#include - -#include "bn_local.h" -#include "crypto_internal.h" - -/* - * Calculate integer square root of |n| using a variant of Newton's method. - * - * Returns the integer square root of |n| in the caller-provided |out_sqrt|; - * |*out_perfect| is set to 1 if and only if |n| is a perfect square. - * One of |out_sqrt| and |out_perfect| can be NULL; |in_ctx| can be NULL. - * - * Returns 0 on error, 1 on success. - * - * Adapted from pure Python describing cpython's math.isqrt(), without bothering - * with any of the optimizations in the C code. A correctness proof is here: - * https://github.com/mdickinson/snippets/blob/master/proofs/isqrt/src/isqrt.lean - * The comments in the Python code also give a rather detailed proof. - */ - -int -bn_isqrt(BIGNUM *out_sqrt, int *out_perfect, const BIGNUM *n, BN_CTX *in_ctx) -{ - BN_CTX *ctx = NULL; - BIGNUM *a, *b; - int c, d, e, s; - int cmp, perfect; - int ret = 0; - - if (out_perfect == NULL && out_sqrt == NULL) { - BNerror(ERR_R_PASSED_NULL_PARAMETER); - goto err; - } - - if (BN_is_negative(n)) { - BNerror(BN_R_INVALID_RANGE); - goto err; - } - - if ((ctx = in_ctx) == NULL) - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - - BN_CTX_start(ctx); - - if ((a = BN_CTX_get(ctx)) == NULL) - goto err; - if ((b = BN_CTX_get(ctx)) == NULL) - goto err; - - if (BN_is_zero(n)) { - perfect = 1; - BN_zero(a); - goto done; - } - - if (!BN_one(a)) - goto err; - - c = (BN_num_bits(n) - 1) / 2; - d = 0; - - /* Calculate s = floor(log(c)). */ - if (!BN_set_word(b, c)) - goto err; - s = BN_num_bits(b) - 1; - - /* - * By definition, the loop below is run <= floor(log(log(n))) times. - * Comments in the cpython code establish the loop invariant that - * - * (a - 1)^2 < n / 4^(c - d) < (a + 1)^2 - * - * holds true in every iteration. Once this is proved via induction, - * correctness of the algorithm is easy. - * - * Roughly speaking, A = (a << (d - e)) is used for one Newton step - * "a = (A >> 1) + (m >> 1) / A" approximating m = (n >> 2 * (c - d)). - */ - - for (; s >= 0; s--) { - e = d; - d = c >> s; - - if (!BN_rshift(b, n, 2 * c - d - e + 1)) - goto err; - - if (!BN_div_ct(b, NULL, b, a, ctx)) - goto err; - - if (!BN_lshift(a, a, d - e - 1)) - goto err; - - if (!BN_add(a, a, b)) - goto err; - } - - /* - * The loop invariant implies that either a or a - 1 is isqrt(n). - * Figure out which one it is. The invariant also implies that for - * a perfect square n, a must be the square root. - */ - - if (!BN_sqr(b, a, ctx)) - goto err; - - /* If a^2 > n, we must have isqrt(n) == a - 1. */ - if ((cmp = BN_cmp(b, n)) > 0) { - if (!BN_sub_word(a, 1)) - goto err; - } - - perfect = cmp == 0; - - done: - if (out_perfect != NULL) - *out_perfect = perfect; - - if (out_sqrt != NULL) { - if (!bn_copy(out_sqrt, a)) - goto err; - } - - ret = 1; - - err: - BN_CTX_end(ctx); - - if (ctx != in_ctx) - BN_CTX_free(ctx); - - return ret; -} - -/* - * is_square_mod_N[r % N] indicates whether r % N has a square root modulo N. - * The tables are generated in regress/lib/libcrypto/bn/bn_isqrt.c. - */ - -const uint8_t is_square_mod_11[] = { - 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 0, -}; -CTASSERT(sizeof(is_square_mod_11) == 11); - -const uint8_t is_square_mod_63[] = { - 1, 1, 0, 0, 1, 0, 0, 1, 0, 1, 0, 0, 0, 0, 0, 0, - 1, 0, 1, 0, 0, 0, 1, 0, 0, 1, 0, 0, 1, 0, 0, 0, - 0, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 1, 0, 0, 1, 0, - 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, -}; -CTASSERT(sizeof(is_square_mod_63) == 63); - -const uint8_t is_square_mod_64[] = { - 1, 1, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, - 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, - 0, 1, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, - 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, -}; -CTASSERT(sizeof(is_square_mod_64) == 64); - -const uint8_t is_square_mod_65[] = { - 1, 1, 0, 0, 1, 0, 0, 0, 0, 1, 1, 0, 0, 0, 1, 0, - 1, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 1, 0, - 0, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 0, 0, 0, 0, 0, - 0, 1, 0, 1, 0, 0, 0, 1, 1, 0, 0, 0, 0, 1, 0, 0, - 1, -}; -CTASSERT(sizeof(is_square_mod_65) == 65); - -/* - * Determine whether n is a perfect square or not. - * - * Returns 1 on success and 0 on error. In case of success, |*out_perfect| is - * set to 1 if and only if |n| is a perfect square. - */ - -int -bn_is_perfect_square(int *out_perfect, const BIGNUM *n, BN_CTX *ctx) -{ - BN_ULONG r; - - *out_perfect = 0; - - if (BN_is_negative(n)) - return 1; - - /* - * Before performing an expensive bn_isqrt() operation, weed out many - * obvious non-squares. See H. Cohen, "A course in computational - * algebraic number theory", Algorithm 1.7.3. - * - * The idea is that a square remains a square when reduced modulo any - * number. The moduli are chosen in such a way that a non-square has - * probability < 1% of passing the four table lookups. - */ - - /* n % 64 */ - r = BN_lsw(n) & 0x3f; - - if (!is_square_mod_64[r % 64]) - return 1; - - if ((r = BN_mod_word(n, 11 * 63 * 65)) == (BN_ULONG)-1) - return 0; - - if (!is_square_mod_63[r % 63] || - !is_square_mod_65[r % 65] || - !is_square_mod_11[r % 11]) - return 1; - - return bn_isqrt(NULL, out_perfect, n, ctx); -} diff --git a/src/lib/libcrypto/bn/bn_kron.c b/src/lib/libcrypto/bn/bn_kron.c deleted file mode 100644 index a170d688e9..0000000000 --- a/src/lib/libcrypto/bn/bn_kron.c +++ /dev/null @@ -1,195 +0,0 @@ -/* $OpenBSD: bn_kron.c,v 1.15 2023/07/08 12:21:58 beck Exp $ */ -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include "bn_local.h" - -/* - * Kronecker symbol, implemented according to Henri Cohen, "A Course in - * Computational Algebraic Number Theory", Algorithm 1.4.10. - * - * Returns -1, 0, or 1 on success and -2 on error. - */ - -int -BN_kronecker(const BIGNUM *A, const BIGNUM *B, BN_CTX *ctx) -{ - /* tab[BN_lsw(n) & 7] = (-1)^((n^2 - 1)) / 8) for odd values of n. */ - static const int tab[8] = {0, 1, 0, -1, 0, -1, 0, 1}; - BIGNUM *a, *b, *tmp; - int k, v; - int ret = -2; - - BN_CTX_start(ctx); - - if ((a = BN_CTX_get(ctx)) == NULL) - goto end; - if ((b = BN_CTX_get(ctx)) == NULL) - goto end; - - if (!bn_copy(a, A)) - goto end; - if (!bn_copy(b, B)) - goto end; - - /* - * Cohen's step 1: - */ - - /* If b is zero, output 1 if |a| is 1, otherwise output 0. */ - if (BN_is_zero(b)) { - ret = BN_abs_is_word(a, 1); - goto end; - } - - /* - * Cohen's step 2: - */ - - /* If both are even, they have a factor in common, so output 0. */ - if (!BN_is_odd(a) && !BN_is_odd(b)) { - ret = 0; - goto end; - } - - /* Factorize b = 2^v * u with odd u and replace b with u. */ - v = 0; - while (!BN_is_bit_set(b, v)) - v++; - if (!BN_rshift(b, b, v)) - goto end; - - /* If v is even set k = 1, otherwise set it to (-1)^((a^2 - 1) / 8). */ - k = 1; - if (v % 2 != 0) - k = tab[BN_lsw(a) & 7]; - - /* - * If b is negative, replace it with -b and if a is also negative - * replace k with -k. - */ - if (BN_is_negative(b)) { - BN_set_negative(b, 0); - - if (BN_is_negative(a)) - k = -k; - } - - /* - * Now b is positive and odd, so compute the Jacobi symbol (a/b) - * and multiply it by k. - */ - - while (1) { - /* - * Cohen's step 3: - */ - - /* b is positive and odd. */ - - /* If a is zero output k if b is one, otherwise output 0. */ - if (BN_is_zero(a)) { - ret = BN_is_one(b) ? k : 0; - goto end; - } - - /* Factorize a = 2^v * u with odd u and replace a with u. */ - v = 0; - while (!BN_is_bit_set(a, v)) - v++; - if (!BN_rshift(a, a, v)) - goto end; - - /* If v is odd, multiply k with (-1)^((b^2 - 1) / 8). */ - if (v % 2 != 0) - k *= tab[BN_lsw(b) & 7]; - - /* - * Cohen's step 4: - */ - - /* - * Apply the reciprocity law: multiply k by (-1)^((a-1)(b-1)/4). - * - * This expression is -1 if and only if a and b are 3 (mod 4). - * In turn, this is the case if and only if their two's - * complement representations have the second bit set. - * a could be negative in the first iteration, b is positive. - */ - if ((BN_is_negative(a) ? ~BN_lsw(a) : BN_lsw(a)) & BN_lsw(b) & 2) - k = -k; - - /* - * (a, b) := (b mod |a|, |a|) - * - * Once this is done, we know that 0 < a < b at the start of the - * loop. Since b is strictly decreasing, the loop terminates. - */ - - if (!BN_nnmod(b, b, a, ctx)) - goto end; - - tmp = a; - a = b; - b = tmp; - - BN_set_negative(b, 0); - } - - end: - BN_CTX_end(ctx); - - return ret; -} -LCRYPTO_ALIAS(BN_kronecker); diff --git a/src/lib/libcrypto/bn/bn_lib.c b/src/lib/libcrypto/bn/bn_lib.c deleted file mode 100644 index 72b988650c..0000000000 --- a/src/lib/libcrypto/bn/bn_lib.c +++ /dev/null @@ -1,752 +0,0 @@ -/* $OpenBSD: bn_lib.c,v 1.93 2024/04/16 13:07:14 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include - -#include - -#include - -#include "bn_local.h" -#include "bn_internal.h" - -BIGNUM * -BN_new(void) -{ - BIGNUM *bn; - - if ((bn = calloc(1, sizeof(BIGNUM))) == NULL) { - BNerror(ERR_R_MALLOC_FAILURE); - return NULL; - } - bn->flags = BN_FLG_MALLOCED; - - return bn; -} -LCRYPTO_ALIAS(BN_new); - -void -BN_init(BIGNUM *a) -{ - memset(a, 0, sizeof(BIGNUM)); -} - -void -BN_clear(BIGNUM *a) -{ - if (a->d != NULL) - explicit_bzero(a->d, a->dmax * sizeof(a->d[0])); - a->top = 0; - a->neg = 0; -} -LCRYPTO_ALIAS(BN_clear); - -void -BN_free(BIGNUM *bn) -{ - if (bn == NULL) - return; - - if (!BN_get_flags(bn, BN_FLG_STATIC_DATA)) - freezero(bn->d, bn->dmax * sizeof(bn->d[0])); - - if (!BN_get_flags(bn, BN_FLG_MALLOCED)) { - explicit_bzero(bn, sizeof(*bn)); - return; - } - - freezero(bn, sizeof(*bn)); -} -LCRYPTO_ALIAS(BN_free); - -void -BN_clear_free(BIGNUM *bn) -{ - BN_free(bn); -} -LCRYPTO_ALIAS(BN_clear_free); - -void -BN_set_flags(BIGNUM *b, int n) -{ - b->flags |= n; -} -LCRYPTO_ALIAS(BN_set_flags); - -int -BN_get_flags(const BIGNUM *b, int n) -{ - return b->flags & n; -} -LCRYPTO_ALIAS(BN_get_flags); - -void -BN_with_flags(BIGNUM *dest, const BIGNUM *b, int flags) -{ - int dest_flags; - - dest_flags = (dest->flags & BN_FLG_MALLOCED) | - (b->flags & ~BN_FLG_MALLOCED) | BN_FLG_STATIC_DATA | flags; - - *dest = *b; - dest->flags = dest_flags; -} -LCRYPTO_ALIAS(BN_with_flags); - -static const BN_ULONG bn_value_one_data = 1; -static const BIGNUM bn_value_one = { - .d = (BN_ULONG *)&bn_value_one_data, - .top = 1, - .dmax = 1, - .neg = 0, - .flags = BN_FLG_STATIC_DATA, -}; - -const BIGNUM * -BN_value_one(void) -{ - return &bn_value_one; -} -LCRYPTO_ALIAS(BN_value_one); - -int -BN_num_bits_word(BN_ULONG w) -{ - return BN_BITS2 - bn_clzw(w); -} -LCRYPTO_ALIAS(BN_num_bits_word); - -int -BN_num_bits(const BIGNUM *bn) -{ - return bn_bitsize(bn); -} -LCRYPTO_ALIAS(BN_num_bits); - -void -bn_correct_top(BIGNUM *a) -{ - while (a->top > 0 && a->d[a->top - 1] == 0) - a->top--; -} - -static int -bn_expand_internal(BIGNUM *bn, int words) -{ - BN_ULONG *d; - - if (words < 0) { - BNerror(BN_R_BIGNUM_TOO_LONG); // XXX - return 0; - } - - if (words > INT_MAX / (4 * BN_BITS2)) { - BNerror(BN_R_BIGNUM_TOO_LONG); - return 0; - } - if (BN_get_flags(bn, BN_FLG_STATIC_DATA)) { - BNerror(BN_R_EXPAND_ON_STATIC_BIGNUM_DATA); - return 0; - } - - d = recallocarray(bn->d, bn->dmax, words, sizeof(BN_ULONG)); - if (d == NULL) { - BNerror(ERR_R_MALLOC_FAILURE); - return 0; - } - bn->d = d; - bn->dmax = words; - - return 1; -} - -int -bn_expand_bits(BIGNUM *bn, size_t bits) -{ - int words; - - if (bits > (INT_MAX - BN_BITS2 + 1)) - return 0; - - words = (bits + BN_BITS2 - 1) / BN_BITS2; - - return bn_wexpand(bn, words); -} - -int -bn_expand_bytes(BIGNUM *bn, size_t bytes) -{ - int words; - - if (bytes > (INT_MAX - BN_BYTES + 1)) - return 0; - - words = (bytes + BN_BYTES - 1) / BN_BYTES; - - return bn_wexpand(bn, words); -} - -int -bn_wexpand(BIGNUM *bn, int words) -{ - if (words < 0) - return 0; - - if (words <= bn->dmax) - return 1; - - return bn_expand_internal(bn, words); -} - -BIGNUM * -BN_dup(const BIGNUM *a) -{ - BIGNUM *t; - - if (a == NULL) - return NULL; - - t = BN_new(); - if (t == NULL) - return NULL; - if (!bn_copy(t, a)) { - BN_free(t); - return NULL; - } - return t; -} -LCRYPTO_ALIAS(BN_dup); - -static inline void -bn_copy_words(BN_ULONG *ap, const BN_ULONG *bp, int n) -{ - while (n > 0) { - ap[0] = bp[0]; - ap++; - bp++; - n--; - } -} - -BIGNUM * -BN_copy(BIGNUM *a, const BIGNUM *b) -{ - if (a == b) - return (a); - - if (!bn_wexpand(a, b->top)) - return (NULL); - - bn_copy_words(a->d, b->d, b->top); - - /* Copy constant time flag from b, but make it sticky on a. */ - a->flags |= b->flags & BN_FLG_CONSTTIME; - - a->top = b->top; - a->neg = b->neg; - - return (a); -} -LCRYPTO_ALIAS(BN_copy); - -int -bn_copy(BIGNUM *dst, const BIGNUM *src) -{ - return BN_copy(dst, src) != NULL; -} - -void -BN_swap(BIGNUM *a, BIGNUM *b) -{ - int flags_old_a, flags_old_b; - BN_ULONG *tmp_d; - int tmp_top, tmp_dmax, tmp_neg; - - - flags_old_a = a->flags; - flags_old_b = b->flags; - - tmp_d = a->d; - tmp_top = a->top; - tmp_dmax = a->dmax; - tmp_neg = a->neg; - - a->d = b->d; - a->top = b->top; - a->dmax = b->dmax; - a->neg = b->neg; - - b->d = tmp_d; - b->top = tmp_top; - b->dmax = tmp_dmax; - b->neg = tmp_neg; - - a->flags = (flags_old_a & BN_FLG_MALLOCED) | - (flags_old_b & BN_FLG_STATIC_DATA); - b->flags = (flags_old_b & BN_FLG_MALLOCED) | - (flags_old_a & BN_FLG_STATIC_DATA); -} -LCRYPTO_ALIAS(BN_swap); - -BN_ULONG -BN_get_word(const BIGNUM *a) -{ - if (a->top > 1) - return BN_MASK2; - else if (a->top == 1) - return a->d[0]; - /* a->top == 0 */ - return 0; -} -LCRYPTO_ALIAS(BN_get_word); - -int -BN_set_word(BIGNUM *a, BN_ULONG w) -{ - if (!bn_wexpand(a, 1)) - return (0); - a->neg = 0; - a->d[0] = w; - a->top = (w ? 1 : 0); - return (1); -} -LCRYPTO_ALIAS(BN_set_word); - -int -BN_ucmp(const BIGNUM *a, const BIGNUM *b) -{ - int i; - - if (a->top < b->top) - return -1; - if (a->top > b->top) - return 1; - - for (i = a->top - 1; i >= 0; i--) { - if (a->d[i] != b->d[i]) - return (a->d[i] > b->d[i] ? 1 : -1); - } - - return 0; -} -LCRYPTO_ALIAS(BN_ucmp); - -int -BN_cmp(const BIGNUM *a, const BIGNUM *b) -{ - if (a == NULL || b == NULL) { - if (a != NULL) - return -1; - if (b != NULL) - return 1; - return 0; - } - - if (a->neg != b->neg) - return b->neg - a->neg; - - if (a->neg) - return BN_ucmp(b, a); - - return BN_ucmp(a, b); -} -LCRYPTO_ALIAS(BN_cmp); - -int -BN_set_bit(BIGNUM *a, int n) -{ - int i, j, k; - - if (n < 0) - return 0; - - i = n / BN_BITS2; - j = n % BN_BITS2; - if (a->top <= i) { - if (!bn_wexpand(a, i + 1)) - return (0); - for (k = a->top; k < i + 1; k++) - a->d[k] = 0; - a->top = i + 1; - } - - a->d[i] |= (((BN_ULONG)1) << j); - return (1); -} -LCRYPTO_ALIAS(BN_set_bit); - -int -BN_clear_bit(BIGNUM *a, int n) -{ - int i, j; - - if (n < 0) - return 0; - - i = n / BN_BITS2; - j = n % BN_BITS2; - if (a->top <= i) - return (0); - - a->d[i] &= (~(((BN_ULONG)1) << j)); - bn_correct_top(a); - - BN_set_negative(a, a->neg); - - return (1); -} -LCRYPTO_ALIAS(BN_clear_bit); - -int -BN_is_bit_set(const BIGNUM *a, int n) -{ - int i, j; - - if (n < 0) - return 0; - i = n / BN_BITS2; - j = n % BN_BITS2; - if (a->top <= i) - return 0; - return (int)(((a->d[i]) >> j) & ((BN_ULONG)1)); -} -LCRYPTO_ALIAS(BN_is_bit_set); - -int -BN_mask_bits(BIGNUM *a, int n) -{ - int b, w; - - if (n < 0) - return 0; - - w = n / BN_BITS2; - b = n % BN_BITS2; - if (w >= a->top) - return 0; - if (b == 0) - a->top = w; - else { - a->top = w + 1; - a->d[w] &= ~(BN_MASK2 << b); - } - bn_correct_top(a); - - BN_set_negative(a, a->neg); - - return (1); -} -LCRYPTO_ALIAS(BN_mask_bits); - -void -BN_set_negative(BIGNUM *bn, int neg) -{ - bn->neg = ~BN_is_zero(bn) & bn_ct_ne_zero(neg); -} -LCRYPTO_ALIAS(BN_set_negative); - -/* - * Constant-time conditional swap of a and b. - * a and b are swapped if condition is not 0. - * The code assumes that at most one bit of condition is set. - * nwords is the number of words to swap. - * The code assumes that at least nwords are allocated in both a and b, - * and that no more than nwords are used by either a or b. - * a and b cannot be the same number - */ -void -BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords) -{ - BN_ULONG t; - int i; - - assert(a != b); - assert((condition & (condition - 1)) == 0); - assert(sizeof(BN_ULONG) >= sizeof(int)); - - condition = ((condition - 1) >> (BN_BITS2 - 1)) - 1; - - t = (a->top^b->top) & condition; - a->top ^= t; - b->top ^= t; - -#define BN_CONSTTIME_SWAP(ind) \ - do { \ - t = (a->d[ind] ^ b->d[ind]) & condition; \ - a->d[ind] ^= t; \ - b->d[ind] ^= t; \ - } while (0) - - - switch (nwords) { - default: - for (i = 10; i < nwords; i++) - BN_CONSTTIME_SWAP(i); - /* Fallthrough */ - case 10: BN_CONSTTIME_SWAP(9); /* Fallthrough */ - case 9: BN_CONSTTIME_SWAP(8); /* Fallthrough */ - case 8: BN_CONSTTIME_SWAP(7); /* Fallthrough */ - case 7: BN_CONSTTIME_SWAP(6); /* Fallthrough */ - case 6: BN_CONSTTIME_SWAP(5); /* Fallthrough */ - case 5: BN_CONSTTIME_SWAP(4); /* Fallthrough */ - case 4: BN_CONSTTIME_SWAP(3); /* Fallthrough */ - case 3: BN_CONSTTIME_SWAP(2); /* Fallthrough */ - case 2: BN_CONSTTIME_SWAP(1); /* Fallthrough */ - case 1: - BN_CONSTTIME_SWAP(0); - } -#undef BN_CONSTTIME_SWAP -} -LCRYPTO_ALIAS(BN_consttime_swap); - -/* - * Constant-time conditional swap of a and b. - * a and b are swapped if condition is not 0. - * nwords is the number of words to swap. - */ -int -BN_swap_ct(BN_ULONG condition, BIGNUM *a, BIGNUM *b, size_t nwords) -{ - BN_ULONG t; - int i, words; - - if (a == b) - return 1; - if (nwords > INT_MAX) - return 0; - words = (int)nwords; - if (!bn_wexpand(a, words) || !bn_wexpand(b, words)) - return 0; - if (a->top > words || b->top > words) { - BNerror(BN_R_INVALID_LENGTH); - return 0; - } - - /* Set condition to 0 (if it was zero) or all 1s otherwise. */ - condition = ((~condition & (condition - 1)) >> (BN_BITS2 - 1)) - 1; - - /* swap top field */ - t = (a->top ^ b->top) & condition; - a->top ^= t; - b->top ^= t; - - /* swap neg field */ - t = (a->neg ^ b->neg) & condition; - a->neg ^= t; - b->neg ^= t; - - /* swap BN_FLG_CONSTTIME from flag field */ - t = ((a->flags ^ b->flags) & BN_FLG_CONSTTIME) & condition; - a->flags ^= t; - b->flags ^= t; - - /* swap the data */ - for (i = 0; i < words; i++) { - t = (a->d[i] ^ b->d[i]) & condition; - a->d[i] ^= t; - b->d[i] ^= t; - } - - return 1; -} - -void -BN_zero(BIGNUM *a) -{ - a->neg = 0; - a->top = 0; -} -LCRYPTO_ALIAS(BN_zero); - -int -BN_one(BIGNUM *a) -{ - return BN_set_word(a, 1); -} -LCRYPTO_ALIAS(BN_one); - -int -BN_abs_is_word(const BIGNUM *a, const BN_ULONG w) -{ - return (a->top == 1 && a->d[0] == w) || (w == 0 && a->top == 0); -} -LCRYPTO_ALIAS(BN_abs_is_word); - -int -BN_is_zero(const BIGNUM *bn) -{ - BN_ULONG bits = 0; - int i; - - for (i = 0; i < bn->top; i++) - bits |= bn->d[i]; - - return bits == 0; -} -LCRYPTO_ALIAS(BN_is_zero); - -int -BN_is_one(const BIGNUM *a) -{ - return BN_abs_is_word(a, 1) && !a->neg; -} -LCRYPTO_ALIAS(BN_is_one); - -int -BN_is_word(const BIGNUM *a, const BN_ULONG w) -{ - return BN_abs_is_word(a, w) && (w == 0 || !a->neg); -} -LCRYPTO_ALIAS(BN_is_word); - -int -BN_is_odd(const BIGNUM *a) -{ - return a->top > 0 && (a->d[0] & 1); -} -LCRYPTO_ALIAS(BN_is_odd); - -int -BN_is_negative(const BIGNUM *a) -{ - return a->neg != 0; -} -LCRYPTO_ALIAS(BN_is_negative); - -/* - * Bits of security, see SP800-57, section 5.6.11, table 2. - */ -int -BN_security_bits(int L, int N) -{ - int secbits, bits; - - if (L >= 15360) - secbits = 256; - else if (L >= 7680) - secbits = 192; - else if (L >= 3072) - secbits = 128; - else if (L >= 2048) - secbits = 112; - else if (L >= 1024) - secbits = 80; - else - return 0; - - if (N == -1) - return secbits; - - bits = N / 2; - if (bits < 80) - return 0; - - return bits >= secbits ? secbits : bits; -} -LCRYPTO_ALIAS(BN_security_bits); - -BN_GENCB * -BN_GENCB_new(void) -{ - BN_GENCB *cb; - - if ((cb = calloc(1, sizeof(*cb))) == NULL) - return NULL; - - return cb; -} -LCRYPTO_ALIAS(BN_GENCB_new); - -void -BN_GENCB_free(BN_GENCB *cb) -{ - if (cb == NULL) - return; - free(cb); -} -LCRYPTO_ALIAS(BN_GENCB_free); - -/* Populate a BN_GENCB structure with an "old"-style callback */ -void -BN_GENCB_set_old(BN_GENCB *gencb, void (*cb)(int, int, void *), void *cb_arg) -{ - gencb->ver = 1; - gencb->cb.cb_1 = cb; - gencb->arg = cb_arg; -} -LCRYPTO_ALIAS(BN_GENCB_set_old); - -/* Populate a BN_GENCB structure with a "new"-style callback */ -void -BN_GENCB_set(BN_GENCB *gencb, int (*cb)(int, int, BN_GENCB *), void *cb_arg) -{ - gencb->ver = 2; - gencb->cb.cb_2 = cb; - gencb->arg = cb_arg; -} -LCRYPTO_ALIAS(BN_GENCB_set); - -void * -BN_GENCB_get_arg(BN_GENCB *cb) -{ - return cb->arg; -} -LCRYPTO_ALIAS(BN_GENCB_get_arg); diff --git a/src/lib/libcrypto/bn/bn_local.h b/src/lib/libcrypto/bn/bn_local.h deleted file mode 100644 index 067ffab3d9..0000000000 --- a/src/lib/libcrypto/bn/bn_local.h +++ /dev/null @@ -1,335 +0,0 @@ -/* $OpenBSD: bn_local.h,v 1.50 2025/02/13 11:04:20 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_BN_LOCAL_H -#define HEADER_BN_LOCAL_H - -#include - -#include - -__BEGIN_HIDDEN_DECLS - -struct bignum_st { - BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */ - int top; /* Index of last used d +1. */ - /* The next are internal book keeping for bn_expand. */ - int dmax; /* Size of the d array. */ - int neg; /* one if the number is negative */ - int flags; -}; - -struct bn_mont_ctx_st { - int ri; /* Number of bits in R */ - BIGNUM RR; /* Used to convert to Montgomery form */ - BIGNUM N; /* Modulus */ - - /* Least significant word(s) of Ni; R*(1/R mod N) - N*Ni = 1 */ - BN_ULONG n0[2]; - - int flags; -}; - -typedef struct bn_recp_ctx_st BN_RECP_CTX; - -/* Used for slow "generation" functions. */ -struct bn_gencb_st { - unsigned int ver; /* To handle binary (in)compatibility */ - void *arg; /* callback-specific data */ - union { - /* if(ver==1) - handles old style callbacks */ - void (*cb_1)(int, int, void *); - /* if(ver==2) - new callback style */ - int (*cb_2)(int, int, BN_GENCB *); - } cb; -}; - -/* - * BN_window_bits_for_exponent_size -- macro for sliding window mod_exp functions - * - * - * For window size 'w' (w >= 2) and a random 'b' bits exponent, - * the number of multiplications is a constant plus on average - * - * 2^(w-1) + (b-w)/(w+1); - * - * here 2^(w-1) is for precomputing the table (we actually need - * entries only for windows that have the lowest bit set), and - * (b-w)/(w+1) is an approximation for the expected number of - * w-bit windows, not counting the first one. - * - * Thus we should use - * - * w >= 6 if b > 671 - * w = 5 if 671 > b > 239 - * w = 4 if 239 > b > 79 - * w = 3 if 79 > b > 23 - * w <= 2 if 23 > b - * - * (with draws in between). Very small exponents are often selected - * with low Hamming weight, so we use w = 1 for b <= 23. - */ -#define BN_window_bits_for_exponent_size(b) \ - ((b) > 671 ? 6 : \ - (b) > 239 ? 5 : \ - (b) > 79 ? 4 : \ - (b) > 23 ? 3 : 1) - - -/* BN_mod_exp_mont_consttime is based on the assumption that the - * L1 data cache line width of the target processor is at least - * the following value. - */ -#define MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH ( 64 ) -#define MOD_EXP_CTIME_MIN_CACHE_LINE_MASK (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - 1) - -/* Window sizes optimized for fixed window size modular exponentiation - * algorithm (BN_mod_exp_mont_consttime). - * - * To achieve the security goals of BN_mode_exp_mont_consttime, the - * maximum size of the window must not exceed - * log_2(MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH). - * - * Window size thresholds are defined for cache line sizes of 32 and 64, - * cache line sizes where log_2(32)=5 and log_2(64)=6 respectively. A - * window size of 7 should only be used on processors that have a 128 - * byte or greater cache line size. - */ -#if MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH == 64 - -# define BN_window_bits_for_ctime_exponent_size(b) \ - ((b) > 937 ? 6 : \ - (b) > 306 ? 5 : \ - (b) > 89 ? 4 : \ - (b) > 22 ? 3 : 1) -# define BN_MAX_WINDOW_BITS_FOR_CTIME_EXPONENT_SIZE (6) - -#elif MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH == 32 - -# define BN_window_bits_for_ctime_exponent_size(b) \ - ((b) > 306 ? 5 : \ - (b) > 89 ? 4 : \ - (b) > 22 ? 3 : 1) -# define BN_MAX_WINDOW_BITS_FOR_CTIME_EXPONENT_SIZE (5) - -#endif - - -/* Pentium pro 16,16,16,32,64 */ -/* Alpha 16,16,16,16.64 */ -#define BN_MULL_SIZE_NORMAL (16) /* 32 */ -#define BN_MUL_RECURSIVE_SIZE_NORMAL (16) /* 32 less than */ -#define BN_SQR_RECURSIVE_SIZE_NORMAL (16) /* 32 */ -#define BN_MUL_LOW_RECURSIVE_SIZE_NORMAL (32) /* 32 */ -#define BN_MONT_CTX_SET_SIZE_WORD (64) /* 32 */ - -/* The least significant word of a BIGNUM. */ -#define BN_lsw(n) (((n)->top == 0) ? (BN_ULONG) 0 : (n)->d[0]) - -BN_ULONG bn_add(BN_ULONG *r, int r_len, const BN_ULONG *a, int a_len, - const BN_ULONG *b, int b_len); -BN_ULONG bn_sub(BN_ULONG *r, int r_len, const BN_ULONG *a, int a_len, - const BN_ULONG *b, int b_len); - -void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb); -void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b); -void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b); - -void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a); -void bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a); - -int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, - const BN_ULONG *np, const BN_ULONG *n0, int num); - -void bn_correct_top(BIGNUM *a); -int bn_expand_bits(BIGNUM *a, size_t bits); -int bn_expand_bytes(BIGNUM *a, size_t bytes); -int bn_wexpand(BIGNUM *a, int words); - -BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, - int num); -BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, - int num); -BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w); -BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w); -void bn_sqr_words(BN_ULONG *rp, const BN_ULONG *ap, int num); -BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d); -void bn_div_rem_words(BN_ULONG h, BN_ULONG l, BN_ULONG d, BN_ULONG *out_q, - BN_ULONG *out_r); - -int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom); -int bn_rand_in_range(BIGNUM *rnd, const BIGNUM *lower_inc, const BIGNUM *upper_exc); -int bn_rand_interval(BIGNUM *rnd, BN_ULONG lower_word, const BIGNUM *upper_exc); - -void BN_init(BIGNUM *); - -BN_MONT_CTX *BN_MONT_CTX_create(const BIGNUM *bn, BN_CTX *ctx); - -BN_RECP_CTX *BN_RECP_CTX_create(const BIGNUM *N); -void BN_RECP_CTX_free(BN_RECP_CTX *recp); -int BN_div_reciprocal(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, - BN_RECP_CTX *recp, BN_CTX *ctx); -int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y, - BN_RECP_CTX *recp, BN_CTX *ctx); -int BN_mod_sqr_reciprocal(BIGNUM *r, const BIGNUM *x, BN_RECP_CTX *recp, - BN_CTX *ctx); -int BN_mod_exp_reciprocal(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); - -/* Explicitly const time / non-const time versions for internal use */ -int BN_mod_exp_ct(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); -int BN_mod_exp_nonct(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); -int BN_mod_exp_mont_ct(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); -int BN_mod_exp_mont_nonct(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); -int BN_div_nonct(BIGNUM *q, BIGNUM *r, const BIGNUM *n, const BIGNUM *d, - BN_CTX *ctx); -int BN_div_ct(BIGNUM *q, BIGNUM *r, const BIGNUM *n, const BIGNUM *d, - BN_CTX *ctx); -int BN_mod_ct(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); -int BN_mod_nonct(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); - -int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); -int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1, - const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *m_ctx); - -int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); - -BIGNUM *BN_mod_inverse_ct(BIGNUM *ret, const BIGNUM *a, const BIGNUM *n, - BN_CTX *ctx); -BIGNUM *BN_mod_inverse_nonct(BIGNUM *ret, const BIGNUM *a, const BIGNUM *n, - BN_CTX *ctx); -int BN_gcd_ct(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); - -int BN_swap_ct(BN_ULONG swap, BIGNUM *a, BIGNUM *b, size_t nwords); - -int bn_copy(BIGNUM *dst, const BIGNUM *src); - -int bn_isqrt(BIGNUM *out_sqrt, int *out_perfect, const BIGNUM *n, BN_CTX *ctx); -int bn_is_perfect_square(int *out_perfect, const BIGNUM *n, BN_CTX *ctx); - -int bn_is_prime_bpsw(int *is_prime, const BIGNUM *n, BN_CTX *ctx, size_t rounds); - -int bn_printf(BIO *bio, const BIGNUM *bn, int indent, const char *fmt, ...) - __attribute__((__format__ (printf, 4, 5))) - __attribute__((__nonnull__ (4))); - -int bn_bn2hex_nosign(const BIGNUM *bn, char **out, size_t *out_len); -int bn_bn2hex_nibbles(const BIGNUM *bn, char **out, size_t *out_len); - -__END_HIDDEN_DECLS -#endif /* !HEADER_BN_LOCAL_H */ diff --git a/src/lib/libcrypto/bn/bn_mod.c b/src/lib/libcrypto/bn/bn_mod.c deleted file mode 100644 index 365f6fcf03..0000000000 --- a/src/lib/libcrypto/bn/bn_mod.c +++ /dev/null @@ -1,369 +0,0 @@ -/* $OpenBSD: bn_mod.c,v 1.22 2023/07/08 12:21:58 beck Exp $ */ -/* Includes code written by Lenka Fibikova - * for the OpenSSL project. */ -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include "bn_local.h" - -int -BN_mod_ct(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx) -{ - return BN_div_ct(NULL, r, a, m, ctx); -} - -int -BN_mod_nonct(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx) -{ - return BN_div_nonct(NULL, r, a, m, ctx); -} - -/* - * BN_nnmod() is like BN_mod(), but always returns a non-negative remainder - * (that is 0 <= r < |m| always holds). If both a and m have the same sign then - * the result is already non-negative. Otherwise, -|m| < r < 0, which needs to - * be adjusted as r := r + |m|. This equates to r := |m| - |r|. - */ -int -BN_nnmod(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx) -{ - if (r == m) { - BNerror(BN_R_INVALID_ARGUMENT); - return 0; - } - if (!BN_mod_ct(r, a, m, ctx)) - return 0; - if (BN_is_negative(r)) - return BN_usub(r, m, r); - return 1; -} -LCRYPTO_ALIAS(BN_nnmod); - -int -BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, - BN_CTX *ctx) -{ - if (r == m) { - BNerror(BN_R_INVALID_ARGUMENT); - return 0; - } - if (!BN_add(r, a, b)) - return 0; - return BN_nnmod(r, r, m, ctx); -} -LCRYPTO_ALIAS(BN_mod_add); - -/* - * BN_mod_add() variant that may only be used if both a and b are non-negative - * and have already been reduced (less than m). - */ -int -BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m) -{ - if (r == m) { - BNerror(BN_R_INVALID_ARGUMENT); - return 0; - } - if (!BN_uadd(r, a, b)) - return 0; - if (BN_ucmp(r, m) >= 0) - return BN_usub(r, r, m); - return 1; -} -LCRYPTO_ALIAS(BN_mod_add_quick); - -int -BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, - BN_CTX *ctx) -{ - if (r == m) { - BNerror(BN_R_INVALID_ARGUMENT); - return 0; - } - if (!BN_sub(r, a, b)) - return 0; - return BN_nnmod(r, r, m, ctx); -} -LCRYPTO_ALIAS(BN_mod_sub); - -/* - * BN_mod_sub() variant that may only be used if both a and b are non-negative - * and have already been reduced (less than m). - */ -int -BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m) -{ - if (r == m) { - BNerror(BN_R_INVALID_ARGUMENT); - return 0; - } - if (BN_ucmp(a, b) >= 0) - return BN_usub(r, a, b); - if (!BN_usub(r, b, a)) - return 0; - return BN_usub(r, m, r); -} -LCRYPTO_ALIAS(BN_mod_sub_quick); - -int -BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, - BN_CTX *ctx) -{ - BIGNUM *rr; - int ret = 0; - - BN_CTX_start(ctx); - - if (r == m) { - BNerror(BN_R_INVALID_ARGUMENT); - goto err; - } - - rr = r; - if (rr == a || rr == b) - rr = BN_CTX_get(ctx); - if (rr == NULL) - goto err; - - if (a == b) { - if (!BN_sqr(rr, a, ctx)) - goto err; - } else { - if (!BN_mul(rr, a, b, ctx)) - goto err; - } - if (!BN_nnmod(r, rr, m, ctx)) - goto err; - - ret = 1; - - err: - BN_CTX_end(ctx); - - return ret; -} -LCRYPTO_ALIAS(BN_mod_mul); - -int -BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx) -{ - return BN_mod_mul(r, a, a, m, ctx); -} -LCRYPTO_ALIAS(BN_mod_sqr); - -int -BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx) -{ - if (r == m) { - BNerror(BN_R_INVALID_ARGUMENT); - return 0; - } - if (!BN_lshift1(r, a)) - return 0; - return BN_nnmod(r, r, m, ctx); -} -LCRYPTO_ALIAS(BN_mod_lshift1); - -/* - * BN_mod_lshift1() variant that may be used if a is non-negative - * and has already been reduced (less than m). - */ -int -BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m) -{ - if (r == m) { - BNerror(BN_R_INVALID_ARGUMENT); - return 0; - } - if (!BN_lshift1(r, a)) - return 0; - if (BN_ucmp(r, m) >= 0) - return BN_usub(r, r, m); - return 1; -} -LCRYPTO_ALIAS(BN_mod_lshift1_quick); - -int -BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m, BN_CTX *ctx) -{ - BIGNUM *abs_m; - int ret = 0; - - BN_CTX_start(ctx); - - if (r == m) { - BNerror(BN_R_INVALID_ARGUMENT); - goto err; - } - - if (!BN_nnmod(r, a, m, ctx)) - goto err; - - if (BN_is_negative(m)) { - if ((abs_m = BN_CTX_get(ctx)) == NULL) - goto err; - if (!bn_copy(abs_m, m)) - goto err; - BN_set_negative(abs_m, 0); - m = abs_m; - } - if (!BN_mod_lshift_quick(r, r, n, m)) - goto err; - - ret = 1; - err: - BN_CTX_end(ctx); - - return ret; -} -LCRYPTO_ALIAS(BN_mod_lshift); - -/* - * BN_mod_lshift() variant that may be used if a is non-negative - * and has already been reduced (less than m). - */ -int -BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m) -{ - int max_shift; - - if (r == m) { - BNerror(BN_R_INVALID_ARGUMENT); - return 0; - } - - if (!bn_copy(r, a)) - return 0; - - while (n > 0) { - if ((max_shift = BN_num_bits(m) - BN_num_bits(r)) < 0) { - BNerror(BN_R_INPUT_NOT_REDUCED); - return 0; - } - if (max_shift == 0) - max_shift = 1; - if (max_shift > n) - max_shift = n; - - if (!BN_lshift(r, r, max_shift)) - return 0; - n -= max_shift; - - if (BN_ucmp(r, m) >= 0) { - if (!BN_usub(r, r, m)) - return 0; - } - } - - return 1; -} -LCRYPTO_ALIAS(BN_mod_lshift_quick); diff --git a/src/lib/libcrypto/bn/bn_mod_sqrt.c b/src/lib/libcrypto/bn/bn_mod_sqrt.c deleted file mode 100644 index 280002cc48..0000000000 --- a/src/lib/libcrypto/bn/bn_mod_sqrt.c +++ /dev/null @@ -1,723 +0,0 @@ -/* $OpenBSD: bn_mod_sqrt.c,v 1.3 2023/08/03 18:53:55 tb Exp $ */ - -/* - * Copyright (c) 2022 Theo Buehler - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include "bn_local.h" - -/* - * Tonelli-Shanks according to H. Cohen "A Course in Computational Algebraic - * Number Theory", Section 1.5.1, Springer GTM volume 138, Berlin, 1996. - * - * Under the assumption that p is prime and a is a quadratic residue, we know: - * - * a^[(p-1)/2] = 1 (mod p). (*) - * - * To find a square root of a (mod p), we handle three cases of increasing - * complexity. In the first two cases, we can compute a square root using an - * explicit formula, thus avoiding the probabilistic nature of Tonelli-Shanks. - * - * 1. p = 3 (mod 4). - * - * Set n = (p+1)/4. Then 2n = 1 + (p-1)/2 and (*) shows that x = a^n (mod p) - * is a square root of a: x^2 = a^(2n) = a * a^[(p-1)/2] = a (mod p). - * - * 2. p = 5 (mod 8). - * - * This uses a simplification due to Atkin. By Theorem 1.4.7 and 1.4.9, the - * Kronecker symbol (2/p) evaluates to (-1)^[(p^2-1)/8]. From p = 5 (mod 8) - * we get (p^2-1)/8 = 1 (mod 2), so (2/p) = -1, and thus - * - * 2^[(p-1)/2] = -1 (mod p). (**) - * - * Set b = (2a)^[(p-5)/8]. With (p-1)/2 = 2 + (p-5)/2, (*) and (**) show - * - * i = 2 a b^2 is a square root of -1 (mod p). - * - * Indeed, i^2 = 2^2 a^2 b^4 = 2^[(p-1)/2] a^[(p-1)/2] = -1 (mod p). Because - * of (i-1)^2 = -2i (mod p) and i (-i) = 1 (mod p), a square root of a is - * - * x = a b (i-1) - * - * as x^2 = a^2 b^2 (-2i) = a (2 a b^2) (-i) = a (mod p). - * - * 3. p = 1 (mod 8). - * - * This is the Tonelli-Shanks algorithm. For a prime p, the multiplicative - * group of GF(p) is cyclic of order p - 1 = 2^s q, with odd q. Denote its - * 2-Sylow subgroup by S. It is cyclic of order 2^s. The squares in S have - * order dividing 2^(s-1). They are the even powers of any generator z of S. - * If a is a quadratic residue, 1 = a^[(p-1)/2] = (a^q)^[2^(s-1)], so b = a^q - * is a square in S. Therefore there is an integer k such that b z^(2k) = 1. - * Set x = a^[(q+1)/2] z^k, and find x^2 = a (mod p). - * - * The problem is thus reduced to finding a generator z of the 2-Sylow - * subgroup S of GF(p)* and finding k. An iterative constructions avoids - * the need for an explicit k, a generator is found by a randomized search. - * - * While we do not actually know that p is a prime number, we can still apply - * the formulas in cases 1 and 2 and verify that we have indeed found a square - * root of p. Similarly, in case 3, we can try to find a quadratic non-residue, - * which will fail for example if p is a square. The iterative construction - * may or may not find a candidate square root which we can then validate. - */ - -/* - * Handle the cases where p is 2, p isn't odd or p is one. Since BN_mod_sqrt() - * can run on untrusted data, a primality check is too expensive. Also treat - * the obvious cases where a is 0 or 1. - */ - -static int -bn_mod_sqrt_trivial_cases(int *done, BIGNUM *out_sqrt, const BIGNUM *a, - const BIGNUM *p, BN_CTX *ctx) -{ - *done = 1; - - if (BN_abs_is_word(p, 2)) - return BN_set_word(out_sqrt, BN_is_odd(a)); - - if (!BN_is_odd(p) || BN_abs_is_word(p, 1)) { - BNerror(BN_R_P_IS_NOT_PRIME); - return 0; - } - - if (BN_is_zero(a) || BN_is_one(a)) - return BN_set_word(out_sqrt, BN_is_one(a)); - - *done = 0; - - return 1; -} - -/* - * Case 1. We know that (a/p) = 1 and that p = 3 (mod 4). - */ - -static int -bn_mod_sqrt_p_is_3_mod_4(BIGNUM *out_sqrt, const BIGNUM *a, const BIGNUM *p, - BN_CTX *ctx) -{ - BIGNUM *n; - int ret = 0; - - BN_CTX_start(ctx); - - if ((n = BN_CTX_get(ctx)) == NULL) - goto err; - - /* Calculate n = (|p| + 1) / 4. */ - if (!BN_uadd(n, p, BN_value_one())) - goto err; - if (!BN_rshift(n, n, 2)) - goto err; - - /* By case 1 above, out_sqrt = a^n is a square root of a (mod p). */ - if (!BN_mod_exp_ct(out_sqrt, a, n, p, ctx)) - goto err; - - ret = 1; - - err: - BN_CTX_end(ctx); - - return ret; -} - -/* - * Case 2. We know that (a/p) = 1 and that p = 5 (mod 8). - */ - -static int -bn_mod_sqrt_p_is_5_mod_8(BIGNUM *out_sqrt, const BIGNUM *a, const BIGNUM *p, - BN_CTX *ctx) -{ - BIGNUM *b, *i, *n, *tmp; - int ret = 0; - - BN_CTX_start(ctx); - - if ((b = BN_CTX_get(ctx)) == NULL) - goto err; - if ((i = BN_CTX_get(ctx)) == NULL) - goto err; - if ((n = BN_CTX_get(ctx)) == NULL) - goto err; - if ((tmp = BN_CTX_get(ctx)) == NULL) - goto err; - - /* Calculate n = (|p| - 5) / 8. Since p = 5 (mod 8), simply shift. */ - if (!BN_rshift(n, p, 3)) - goto err; - BN_set_negative(n, 0); - - /* Compute tmp = 2a (mod p) for later use. */ - if (!BN_mod_lshift1(tmp, a, p, ctx)) - goto err; - - /* Calculate b = (2a)^n (mod p). */ - if (!BN_mod_exp_ct(b, tmp, n, p, ctx)) - goto err; - - /* Calculate i = 2 a b^2 (mod p). */ - if (!BN_mod_sqr(i, b, p, ctx)) - goto err; - if (!BN_mod_mul(i, tmp, i, p, ctx)) - goto err; - - /* A square root is out_sqrt = a b (i-1) (mod p). */ - if (!BN_sub_word(i, 1)) - goto err; - if (!BN_mod_mul(out_sqrt, a, b, p, ctx)) - goto err; - if (!BN_mod_mul(out_sqrt, out_sqrt, i, p, ctx)) - goto err; - - ret = 1; - - err: - BN_CTX_end(ctx); - - return ret; -} - -/* - * Case 3. We know that (a/p) = 1 and that p = 1 (mod 8). - */ - -/* - * Simple helper. To find a generator of the 2-Sylow subgroup of GF(p)*, we - * need to find a quadratic non-residue of p, i.e., n such that (n/p) = -1. - */ - -static int -bn_mod_sqrt_n_is_non_residue(int *is_non_residue, const BIGNUM *n, - const BIGNUM *p, BN_CTX *ctx) -{ - switch (BN_kronecker(n, p, ctx)) { - case -1: - *is_non_residue = 1; - return 1; - case 1: - *is_non_residue = 0; - return 1; - case 0: - /* n divides p, so ... */ - BNerror(BN_R_P_IS_NOT_PRIME); - return 0; - default: - return 0; - } -} - -/* - * The following is the only non-deterministic part preparing Tonelli-Shanks. - * - * If we find n such that (n/p) = -1, then n^q (mod p) is a generator of the - * 2-Sylow subgroup of GF(p)*. To find such n, first try some small numbers, - * then random ones. - */ - -static int -bn_mod_sqrt_find_sylow_generator(BIGNUM *out_generator, const BIGNUM *p, - const BIGNUM *q, BN_CTX *ctx) -{ - BIGNUM *n, *p_abs; - int i, is_non_residue; - int ret = 0; - - BN_CTX_start(ctx); - - if ((n = BN_CTX_get(ctx)) == NULL) - goto err; - if ((p_abs = BN_CTX_get(ctx)) == NULL) - goto err; - - for (i = 2; i < 32; i++) { - if (!BN_set_word(n, i)) - goto err; - if (!bn_mod_sqrt_n_is_non_residue(&is_non_residue, n, p, ctx)) - goto err; - if (is_non_residue) - goto found; - } - - if (!bn_copy(p_abs, p)) - goto err; - BN_set_negative(p_abs, 0); - - for (i = 0; i < 128; i++) { - if (!bn_rand_interval(n, 32, p_abs)) - goto err; - if (!bn_mod_sqrt_n_is_non_residue(&is_non_residue, n, p, ctx)) - goto err; - if (is_non_residue) - goto found; - } - - /* - * The probability to get here is < 2^(-128) for prime p. For squares - * it is easy: for p = 1369 = 37^2 this happens in ~3% of runs. - */ - - BNerror(BN_R_TOO_MANY_ITERATIONS); - goto err; - - found: - /* - * If p is prime, n^q generates the 2-Sylow subgroup S of GF(p)*. - */ - - if (!BN_mod_exp_ct(out_generator, n, q, p, ctx)) - goto err; - - /* Sanity: p is not necessarily prime, so we could have found 0 or 1. */ - if (BN_is_zero(out_generator) || BN_is_one(out_generator)) { - BNerror(BN_R_P_IS_NOT_PRIME); - goto err; - } - - ret = 1; - - err: - BN_CTX_end(ctx); - - return ret; -} - -/* - * Initialization step for Tonelli-Shanks. - * - * In the end, b = a^q (mod p) and x = a^[(q+1)/2] (mod p). Cohen optimizes this - * to minimize taking powers of a. This is a bit confusing and distracting, so - * factor this into a separate function. - */ - -static int -bn_mod_sqrt_tonelli_shanks_initialize(BIGNUM *b, BIGNUM *x, const BIGNUM *a, - const BIGNUM *p, const BIGNUM *q, BN_CTX *ctx) -{ - BIGNUM *k; - int ret = 0; - - BN_CTX_start(ctx); - - if ((k = BN_CTX_get(ctx)) == NULL) - goto err; - - /* k = (q-1)/2. Since q is odd, we can shift. */ - if (!BN_rshift1(k, q)) - goto err; - - /* x = a^[(q-1)/2] (mod p). */ - if (!BN_mod_exp_ct(x, a, k, p, ctx)) - goto err; - - /* b = ax^2 = a^q (mod p). */ - if (!BN_mod_sqr(b, x, p, ctx)) - goto err; - if (!BN_mod_mul(b, a, b, p, ctx)) - goto err; - - /* x = ax = a^[(q+1)/2] (mod p). */ - if (!BN_mod_mul(x, a, x, p, ctx)) - goto err; - - ret = 1; - - err: - BN_CTX_end(ctx); - - return ret; -} - -/* - * Find smallest exponent m such that b^(2^m) = 1 (mod p). Assuming that a - * is a quadratic residue and p is a prime, we know that 1 <= m < r. - */ - -static int -bn_mod_sqrt_tonelli_shanks_find_exponent(int *out_exponent, const BIGNUM *b, - const BIGNUM *p, int r, BN_CTX *ctx) -{ - BIGNUM *x; - int m; - int ret = 0; - - BN_CTX_start(ctx); - - if ((x = BN_CTX_get(ctx)) == NULL) - goto err; - - /* - * If r <= 1, the Tonelli-Shanks iteration should have terminated as - * r == 1 implies b == 1. - */ - if (r <= 1) { - BNerror(BN_R_P_IS_NOT_PRIME); - goto err; - } - - /* - * Sanity check to ensure taking squares actually does something: - * If b is 1, the Tonelli-Shanks iteration should have terminated. - * If b is 0, something's very wrong, in particular p can't be prime. - */ - if (BN_is_zero(b) || BN_is_one(b)) { - BNerror(BN_R_P_IS_NOT_PRIME); - goto err; - } - - if (!bn_copy(x, b)) - goto err; - - for (m = 1; m < r; m++) { - if (!BN_mod_sqr(x, x, p, ctx)) - goto err; - if (BN_is_one(x)) - break; - } - - if (m >= r) { - /* This means a is not a quadratic residue. As (a/p) = 1, ... */ - BNerror(BN_R_P_IS_NOT_PRIME); - goto err; - } - - *out_exponent = m; - - ret = 1; - - err: - BN_CTX_end(ctx); - - return ret; -} - -/* - * The update step. With the minimal m such that b^(2^m) = 1 (mod m), - * set t = y^[2^(r-m-1)] (mod p) and update x = xt, y = t^2, b = by. - * This preserves the loop invariants a b = x^2, y^[2^(r-1)] = -1 and - * b^[2^(r-1)] = 1. - */ - -static int -bn_mod_sqrt_tonelli_shanks_update(BIGNUM *b, BIGNUM *x, BIGNUM *y, - const BIGNUM *p, int m, int r, BN_CTX *ctx) -{ - BIGNUM *t; - int ret = 0; - - BN_CTX_start(ctx); - - if ((t = BN_CTX_get(ctx)) == NULL) - goto err; - - /* t = y^[2^(r-m-1)] (mod p). */ - if (!BN_set_bit(t, r - m - 1)) - goto err; - if (!BN_mod_exp_ct(t, y, t, p, ctx)) - goto err; - - /* x = xt (mod p). */ - if (!BN_mod_mul(x, x, t, p, ctx)) - goto err; - - /* y = t^2 = y^[2^(r-m)] (mod p). */ - if (!BN_mod_sqr(y, t, p, ctx)) - goto err; - - /* b = by (mod p). */ - if (!BN_mod_mul(b, b, y, p, ctx)) - goto err; - - ret = 1; - - err: - BN_CTX_end(ctx); - - return ret; -} - -static int -bn_mod_sqrt_p_is_1_mod_8(BIGNUM *out_sqrt, const BIGNUM *a, const BIGNUM *p, - BN_CTX *ctx) -{ - BIGNUM *b, *q, *x, *y; - int e, m, r; - int ret = 0; - - BN_CTX_start(ctx); - - if ((b = BN_CTX_get(ctx)) == NULL) - goto err; - if ((q = BN_CTX_get(ctx)) == NULL) - goto err; - if ((x = BN_CTX_get(ctx)) == NULL) - goto err; - if ((y = BN_CTX_get(ctx)) == NULL) - goto err; - - /* - * Factor p - 1 = 2^e q with odd q. Since p = 1 (mod 8), we know e >= 3. - */ - - e = 1; - while (!BN_is_bit_set(p, e)) - e++; - if (!BN_rshift(q, p, e)) - goto err; - - if (!bn_mod_sqrt_find_sylow_generator(y, p, q, ctx)) - goto err; - - /* - * Set b = a^q (mod p) and x = a^[(q+1)/2] (mod p). - */ - if (!bn_mod_sqrt_tonelli_shanks_initialize(b, x, a, p, q, ctx)) - goto err; - - /* - * The Tonelli-Shanks iteration. Starting with r = e, the following loop - * invariants hold at the start of the loop. - * - * a b = x^2 (mod p) - * y^[2^(r-1)] = -1 (mod p) - * b^[2^(r-1)] = 1 (mod p) - * - * In particular, if b = 1 (mod p), x is a square root of a. - * - * Since p - 1 = 2^e q, we have 2^(e-1) q = (p - 1) / 2, so in the first - * iteration this follows from (a/p) = 1, (n/p) = -1, y = n^q, b = a^q. - * - * In subsequent iterations, t = y^[2^(r-m-1)], where m is the smallest - * m such that b^(2^m) = 1. With x = xt (mod p) and b = bt^2 (mod p) the - * first invariant is preserved, the second and third follow from - * y = t^2 (mod p) and r = m as well as the choice of m. - * - * Finally, r is strictly decreasing in each iteration. If p is prime, - * let S be the 2-Sylow subgroup of GF(p)*. We can prove the algorithm - * stops: Let S_r be the subgroup of S consisting of elements of order - * dividing 2^r. Then S_r = and b is in S_(r-1). The S_r form a - * descending filtration of S and when r = 1, then b = 1. - */ - - for (r = e; r >= 1; r = m) { - /* - * Termination condition. If b == 1 then x is a square root. - */ - if (BN_is_one(b)) - goto done; - - /* Find smallest exponent 1 <= m < r such that b^(2^m) == 1. */ - if (!bn_mod_sqrt_tonelli_shanks_find_exponent(&m, b, p, r, ctx)) - goto err; - - /* - * With t = y^[2^(r-m-1)], update x = xt, y = t^2, b = by. - */ - if (!bn_mod_sqrt_tonelli_shanks_update(b, x, y, p, m, r, ctx)) - goto err; - - /* - * Sanity check to make sure we don't loop indefinitely. - * bn_mod_sqrt_tonelli_shanks_find_exponent() ensures m < r. - */ - if (r <= m) - goto err; - } - - /* - * If p is prime, we should not get here. - */ - - BNerror(BN_R_NOT_A_SQUARE); - goto err; - - done: - if (!bn_copy(out_sqrt, x)) - goto err; - - ret = 1; - - err: - BN_CTX_end(ctx); - - return ret; -} - -/* - * Choose the smaller of sqrt and |p| - sqrt. - */ - -static int -bn_mod_sqrt_normalize(BIGNUM *sqrt, const BIGNUM *p, BN_CTX *ctx) -{ - BIGNUM *x; - int ret = 0; - - BN_CTX_start(ctx); - - if ((x = BN_CTX_get(ctx)) == NULL) - goto err; - - if (!BN_lshift1(x, sqrt)) - goto err; - - if (BN_ucmp(x, p) > 0) { - if (!BN_usub(sqrt, p, sqrt)) - goto err; - } - - ret = 1; - - err: - BN_CTX_end(ctx); - - return ret; -} - -/* - * Verify that a = (sqrt_a)^2 (mod p). Requires that a is reduced (mod p). - */ - -static int -bn_mod_sqrt_verify(const BIGNUM *a, const BIGNUM *sqrt_a, const BIGNUM *p, - BN_CTX *ctx) -{ - BIGNUM *x; - int ret = 0; - - BN_CTX_start(ctx); - - if ((x = BN_CTX_get(ctx)) == NULL) - goto err; - - if (!BN_mod_sqr(x, sqrt_a, p, ctx)) - goto err; - - if (BN_cmp(x, a) != 0) { - BNerror(BN_R_NOT_A_SQUARE); - goto err; - } - - ret = 1; - - err: - BN_CTX_end(ctx); - - return ret; -} - -static int -bn_mod_sqrt_internal(BIGNUM *out_sqrt, const BIGNUM *a, const BIGNUM *p, - BN_CTX *ctx) -{ - BIGNUM *a_mod_p, *sqrt; - BN_ULONG lsw; - int done; - int kronecker; - int ret = 0; - - BN_CTX_start(ctx); - - if ((a_mod_p = BN_CTX_get(ctx)) == NULL) - goto err; - if ((sqrt = BN_CTX_get(ctx)) == NULL) - goto err; - - if (!BN_nnmod(a_mod_p, a, p, ctx)) - goto err; - - if (!bn_mod_sqrt_trivial_cases(&done, sqrt, a_mod_p, p, ctx)) - goto err; - if (done) - goto verify; - - /* - * Make sure that the Kronecker symbol (a/p) == 1. In case p is prime - * this is equivalent to a having a square root (mod p). The cost of - * BN_kronecker() is O(log^2(n)). This is small compared to the cost - * O(log^4(n)) of Tonelli-Shanks. - */ - - if ((kronecker = BN_kronecker(a_mod_p, p, ctx)) == -2) - goto err; - if (kronecker <= 0) { - /* This error is only accurate if p is known to be a prime. */ - BNerror(BN_R_NOT_A_SQUARE); - goto err; - } - - lsw = BN_lsw(p); - - if (lsw % 4 == 3) { - if (!bn_mod_sqrt_p_is_3_mod_4(sqrt, a_mod_p, p, ctx)) - goto err; - } else if (lsw % 8 == 5) { - if (!bn_mod_sqrt_p_is_5_mod_8(sqrt, a_mod_p, p, ctx)) - goto err; - } else if (lsw % 8 == 1) { - if (!bn_mod_sqrt_p_is_1_mod_8(sqrt, a_mod_p, p, ctx)) - goto err; - } else { - /* Impossible to hit since the trivial cases ensure p is odd. */ - BNerror(BN_R_P_IS_NOT_PRIME); - goto err; - } - - if (!bn_mod_sqrt_normalize(sqrt, p, ctx)) - goto err; - - verify: - if (!bn_mod_sqrt_verify(a_mod_p, sqrt, p, ctx)) - goto err; - - if (!bn_copy(out_sqrt, sqrt)) - goto err; - - ret = 1; - - err: - BN_CTX_end(ctx); - - return ret; -} - -BIGNUM * -BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) -{ - BIGNUM *out_sqrt; - - if ((out_sqrt = in) == NULL) - out_sqrt = BN_new(); - if (out_sqrt == NULL) - goto err; - - if (!bn_mod_sqrt_internal(out_sqrt, a, p, ctx)) - goto err; - - return out_sqrt; - - err: - if (out_sqrt != in) - BN_free(out_sqrt); - - return NULL; -} -LCRYPTO_ALIAS(BN_mod_sqrt); diff --git a/src/lib/libcrypto/bn/bn_mont.c b/src/lib/libcrypto/bn/bn_mont.c deleted file mode 100644 index edd7bcd0c8..0000000000 --- a/src/lib/libcrypto/bn/bn_mont.c +++ /dev/null @@ -1,621 +0,0 @@ -/* $OpenBSD: bn_mont.c,v 1.66 2025/03/09 15:22:40 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* - * Details about Montgomery multiplication algorithms can be found at - * http://security.ece.orst.edu/publications.html, e.g. - * http://security.ece.orst.edu/koc/papers/j37acmon.pdf and - * sections 3.8 and 4.2 in http://security.ece.orst.edu/koc/papers/r01rsasw.pdf - */ - -#include -#include -#include - -#include "bn_internal.h" -#include "bn_local.h" - -BN_MONT_CTX * -BN_MONT_CTX_new(void) -{ - BN_MONT_CTX *mctx; - - if ((mctx = calloc(1, sizeof(BN_MONT_CTX))) == NULL) - return NULL; - mctx->flags = BN_FLG_MALLOCED; - - BN_init(&mctx->RR); - BN_init(&mctx->N); - - return mctx; -} -LCRYPTO_ALIAS(BN_MONT_CTX_new); - -void -BN_MONT_CTX_free(BN_MONT_CTX *mctx) -{ - if (mctx == NULL) - return; - - BN_free(&mctx->RR); - BN_free(&mctx->N); - - if (mctx->flags & BN_FLG_MALLOCED) - free(mctx); -} -LCRYPTO_ALIAS(BN_MONT_CTX_free); - -BN_MONT_CTX * -BN_MONT_CTX_create(const BIGNUM *bn, BN_CTX *bn_ctx) -{ - BN_MONT_CTX *mctx; - - if ((mctx = BN_MONT_CTX_new()) == NULL) - goto err; - if (!BN_MONT_CTX_set(mctx, bn, bn_ctx)) - goto err; - - return mctx; - - err: - BN_MONT_CTX_free(mctx); - - return NULL; -} - -BN_MONT_CTX * -BN_MONT_CTX_copy(BN_MONT_CTX *dst, const BN_MONT_CTX *src) -{ - if (dst == src) - return dst; - - if (!bn_copy(&dst->RR, &src->RR)) - return NULL; - if (!bn_copy(&dst->N, &src->N)) - return NULL; - - dst->ri = src->ri; - dst->n0[0] = src->n0[0]; - dst->n0[1] = src->n0[1]; - - return dst; -} -LCRYPTO_ALIAS(BN_MONT_CTX_copy); - -int -BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx) -{ - BIGNUM *N, *Ninv, *Rinv, *R; - int ret = 0; - - BN_CTX_start(ctx); - - if ((N = BN_CTX_get(ctx)) == NULL) - goto err; - if ((Ninv = BN_CTX_get(ctx)) == NULL) - goto err; - if ((R = BN_CTX_get(ctx)) == NULL) - goto err; - if ((Rinv = BN_CTX_get(ctx)) == NULL) - goto err; - - /* Save modulus and determine length of R. */ - if (BN_is_zero(mod)) - goto err; - if (!bn_copy(&mont->N, mod)) - goto err; - mont->N.neg = 0; - mont->ri = ((BN_num_bits(mod) + BN_BITS2 - 1) / BN_BITS2) * BN_BITS2; - if (mont->ri * 2 < mont->ri) - goto err; - - /* - * Compute Ninv = (R * Rinv - 1)/N mod R, for R = 2^64. This provides - * a single or double word result (dependent on BN word size), that is - * later used to implement Montgomery reduction. - */ - BN_zero(R); - if (!BN_set_bit(R, 64)) - goto err; - - /* N = N mod R. */ - if (!bn_wexpand(N, 2)) - goto err; - if (!BN_set_word(N, mod->d[0])) - goto err; -#if BN_BITS2 == 32 - if (mod->top > 1) { - N->d[1] = mod->d[1]; - N->top += bn_ct_ne_zero(N->d[1]); - } -#endif - - /* Rinv = R^-1 mod N */ - if ((BN_mod_inverse_ct(Rinv, R, N, ctx)) == NULL) - goto err; - - /* Ninv = (R * Rinv - 1) / N */ - if (!BN_lshift(Ninv, Rinv, 64)) - goto err; - if (BN_is_zero(Ninv)) { - /* R * Rinv == 0, set to R so that R * Rinv - 1 is mod R. */ - if (!BN_set_bit(Ninv, 64)) - goto err; - } - if (!BN_sub_word(Ninv, 1)) - goto err; - if (!BN_div_ct(Ninv, NULL, Ninv, N, ctx)) - goto err; - - /* Store least significant word(s) of Ninv. */ - mont->n0[0] = mont->n0[1] = 0; - if (Ninv->top > 0) - mont->n0[0] = Ninv->d[0]; -#if BN_BITS2 == 32 - /* Some BN_BITS2 == 32 platforms (namely parisc) use two words of Ninv. */ - if (Ninv->top > 1) - mont->n0[1] = Ninv->d[1]; -#endif - - /* Compute RR = R * R mod N, for use when converting to Montgomery form. */ - BN_zero(&mont->RR); - if (!BN_set_bit(&mont->RR, mont->ri * 2)) - goto err; - if (!BN_mod_ct(&mont->RR, &mont->RR, &mont->N, ctx)) - goto err; - - ret = 1; - err: - BN_CTX_end(ctx); - - return ret; -} -LCRYPTO_ALIAS(BN_MONT_CTX_set); - -BN_MONT_CTX * -BN_MONT_CTX_set_locked(BN_MONT_CTX **pmctx, int lock, const BIGNUM *mod, - BN_CTX *ctx) -{ - BN_MONT_CTX *mctx = NULL; - - CRYPTO_r_lock(lock); - mctx = *pmctx; - CRYPTO_r_unlock(lock); - - if (mctx != NULL) - goto done; - - if ((mctx = BN_MONT_CTX_create(mod, ctx)) == NULL) - goto err; - - CRYPTO_w_lock(lock); - if (*pmctx != NULL) { - /* Someone else raced us... */ - BN_MONT_CTX_free(mctx); - mctx = *pmctx; - } else { - *pmctx = mctx; - } - CRYPTO_w_unlock(lock); - - goto done; - err: - BN_MONT_CTX_free(mctx); - mctx = NULL; - done: - return mctx; -} -LCRYPTO_ALIAS(BN_MONT_CTX_set_locked); - -/* - * bn_montgomery_reduce() performs Montgomery reduction, reducing the input - * from its Montgomery form aR to a, returning the result in r. Note that the - * input is mutated in the process of performing the reduction, destroying its - * original value. - */ -static int -bn_montgomery_reduce(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mctx) -{ - BIGNUM *n; - BN_ULONG *ap, *rp, n0, v, carry, mask; - int i, max, n_len; - - n = &mctx->N; - n_len = mctx->N.top; - - if (n_len == 0) { - BN_zero(r); - return 1; - } - - if (!bn_wexpand(r, n_len)) - return 0; - - /* - * Expand a to twice the length of the modulus, zero if necessary. - * XXX - make this a requirement of the caller. - */ - if ((max = 2 * n_len) < n_len) - return 0; - if (!bn_wexpand(a, max)) - return 0; - for (i = a->top; i < max; i++) - a->d[i] = 0; - - carry = 0; - n0 = mctx->n0[0]; - - /* Add multiples of the modulus, so that it becomes divisible by R. */ - for (i = 0; i < n_len; i++) { - v = bn_mul_add_words(&a->d[i], n->d, n_len, a->d[i] * n0); - bn_addw_addw(v, a->d[i + n_len], carry, &carry, - &a->d[i + n_len]); - } - - /* Divide by R (this is the equivalent of right shifting by n_len). */ - ap = &a->d[n_len]; - - /* - * The output is now in the range of [0, 2N). Attempt to reduce once by - * subtracting the modulus. If the reduction was necessary then the - * result is already in r, otherwise copy the value prior to reduction - * from the top half of a. - */ - mask = carry - bn_sub_words(r->d, ap, n->d, n_len); - - rp = r->d; - for (i = 0; i < n_len; i++) { - *rp = (*rp & ~mask) | (*ap & mask); - rp++; - ap++; - } - r->top = n_len; - - bn_correct_top(r); - - BN_set_negative(r, a->neg ^ n->neg); - - return 1; -} - -static int -bn_mod_mul_montgomery_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - BN_MONT_CTX *mctx, BN_CTX *ctx) -{ - BIGNUM *tmp; - int ret = 0; - - BN_CTX_start(ctx); - - if ((tmp = BN_CTX_get(ctx)) == NULL) - goto err; - - if (a == b) { - if (!BN_sqr(tmp, a, ctx)) - goto err; - } else { - if (!BN_mul(tmp, a, b, ctx)) - goto err; - } - - /* Reduce from aRR to aR. */ - if (!bn_montgomery_reduce(r, tmp, mctx)) - goto err; - - ret = 1; - err: - BN_CTX_end(ctx); - - return ret; -} - -static void -bn_montgomery_multiply_word(const BN_ULONG *ap, BN_ULONG b, const BN_ULONG *np, - BN_ULONG *tp, BN_ULONG w, BN_ULONG *carry_a, BN_ULONG *carry_n, int n_len) -{ - BN_ULONG x3, x2, x1, x0; - - *carry_a = *carry_n = 0; - - while (n_len & ~3) { - bn_qwmulw_addqw_addw(ap[3], ap[2], ap[1], ap[0], b, - tp[3], tp[2], tp[1], tp[0], *carry_a, carry_a, - &x3, &x2, &x1, &x0); - bn_qwmulw_addqw_addw(np[3], np[2], np[1], np[0], w, - x3, x2, x1, x0, *carry_n, carry_n, - &tp[3], &tp[2], &tp[1], &tp[0]); - ap += 4; - np += 4; - tp += 4; - n_len -= 4; - } - while (n_len > 0) { - bn_mulw_addw_addw(ap[0], b, tp[0], *carry_a, carry_a, &x0); - bn_mulw_addw_addw(np[0], w, x0, *carry_n, carry_n, &tp[0]); - ap++; - np++; - tp++; - n_len--; - } -} - -/* - * bn_montgomery_multiply_words() computes r = aR * bR * R^-1 = abR for the - * given word arrays. The caller must ensure that rp, ap, bp and np are all - * n_len words in length, while tp must be n_len * 2 + 2 words in length. - */ -static void -bn_montgomery_multiply_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, - const BN_ULONG *np, BN_ULONG *tp, BN_ULONG n0, int n_len) -{ - BN_ULONG a0, b, carry_a, carry_n, carry, mask, w; - int i; - - carry = 0; - - for (i = 0; i < n_len; i++) - tp[i] = 0; - - a0 = ap[0]; - - for (i = 0; i < n_len; i++) { - b = bp[i]; - - /* Compute new t[0] * n0, as we need it for this iteration. */ - w = (a0 * b + tp[0]) * n0; - - bn_montgomery_multiply_word(ap, b, np, tp, w, &carry_a, - &carry_n, n_len); - bn_addw_addw(carry_a, carry_n, carry, &carry, &tp[n_len]); - - tp++; - } - tp[n_len] = carry; - - /* - * The output is now in the range of [0, 2N). Attempt to reduce once by - * subtracting the modulus. If the reduction was necessary then the - * result is already in r, otherwise copy the value prior to reduction - * from tp. - */ - mask = bn_ct_ne_zero(tp[n_len]) - bn_sub_words(rp, tp, np, n_len); - - for (i = 0; i < n_len; i++) { - *rp = (*rp & ~mask) | (*tp & mask); - rp++; - tp++; - } -} - -/* - * bn_montgomery_multiply() computes r = aR * bR * R^-1 = abR for the given - * BIGNUMs. The caller must ensure that the modulus is two or more words in - * length and that a and b have the same number of words as the modulus. - */ -static int -bn_montgomery_multiply(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - BN_MONT_CTX *mctx, BN_CTX *ctx) -{ - BIGNUM *t; - int ret = 0; - - BN_CTX_start(ctx); - - if (mctx->N.top <= 1 || a->top != mctx->N.top || b->top != mctx->N.top) - goto err; - if (!bn_wexpand(r, mctx->N.top)) - goto err; - - if ((t = BN_CTX_get(ctx)) == NULL) - goto err; - if (!bn_wexpand(t, mctx->N.top * 2 + 2)) - goto err; - - bn_montgomery_multiply_words(r->d, a->d, b->d, mctx->N.d, t->d, - mctx->n0[0], mctx->N.top); - - r->top = mctx->N.top; - bn_correct_top(r); - - BN_set_negative(r, a->neg ^ b->neg); - - ret = 1; - err: - BN_CTX_end(ctx); - - return ret; -} - -#ifndef OPENSSL_BN_ASM_MONT -static int -bn_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - BN_MONT_CTX *mctx, BN_CTX *ctx) -{ - if (mctx->N.top <= 1 || a->top != mctx->N.top || b->top != mctx->N.top) - return bn_mod_mul_montgomery_simple(r, a, b, mctx, ctx); - - return bn_montgomery_multiply(r, a, b, mctx, ctx); -} -#else - -static int -bn_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - BN_MONT_CTX *mctx, BN_CTX *ctx) -{ - if (mctx->N.top <= 1 || a->top != mctx->N.top || b->top != mctx->N.top) - return bn_mod_mul_montgomery_simple(r, a, b, mctx, ctx); - - /* - * Legacy bn_mul_mont() performs stack based allocation, without - * size limitation. Allowing a large size results in the stack - * being blown. - */ - if (mctx->N.top > (8 * 1024 / sizeof(BN_ULONG))) - return bn_montgomery_multiply(r, a, b, mctx, ctx); - - if (!bn_wexpand(r, mctx->N.top)) - return 0; - - /* - * Legacy bn_mul_mont() can indicate that we should "fallback" to - * another implementation. - */ - if (!bn_mul_mont(r->d, a->d, b->d, mctx->N.d, mctx->n0, mctx->N.top)) - return bn_montgomery_multiply(r, a, b, mctx, ctx); - - r->top = mctx->N.top; - bn_correct_top(r); - - BN_set_negative(r, a->neg ^ b->neg); - - return (1); -} -#endif - -int -BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - BN_MONT_CTX *mctx, BN_CTX *ctx) -{ - /* Compute r = aR * bR * R^-1 mod N = abR mod N */ - return bn_mod_mul_montgomery(r, a, b, mctx, ctx); -} -LCRYPTO_ALIAS(BN_mod_mul_montgomery); - -int -BN_to_montgomery(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mctx, BN_CTX *ctx) -{ - /* Compute r = a * R * R * R^-1 mod N = aR mod N */ - return bn_mod_mul_montgomery(r, a, &mctx->RR, mctx, ctx); -} -LCRYPTO_ALIAS(BN_to_montgomery); - -int -BN_from_montgomery(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mctx, BN_CTX *ctx) -{ - BIGNUM *tmp; - int ret = 0; - - BN_CTX_start(ctx); - - if ((tmp = BN_CTX_get(ctx)) == NULL) - goto err; - if (!bn_copy(tmp, a)) - goto err; - if (!bn_montgomery_reduce(r, tmp, mctx)) - goto err; - - ret = 1; - err: - BN_CTX_end(ctx); - - return ret; -} -LCRYPTO_ALIAS(BN_from_montgomery); diff --git a/src/lib/libcrypto/bn/bn_mul.c b/src/lib/libcrypto/bn/bn_mul.c deleted file mode 100644 index bdeb9b0fe8..0000000000 --- a/src/lib/libcrypto/bn/bn_mul.c +++ /dev/null @@ -1,370 +0,0 @@ -/* $OpenBSD: bn_mul.c,v 1.39 2023/07/08 12:21:58 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include - -#include "bn_arch.h" -#include "bn_internal.h" -#include "bn_local.h" - -/* - * bn_mul_comba4() computes r[] = a[] * b[] using Comba multiplication - * (https://everything2.com/title/Comba+multiplication), where a and b are both - * four word arrays, producing an eight word array result. - */ -#ifndef HAVE_BN_MUL_COMBA4 -void -bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b) -{ - BN_ULONG c0, c1, c2; - - bn_mulw_addtw(a[0], b[0], 0, 0, 0, &c2, &c1, &r[0]); - - bn_mulw_addtw(a[0], b[1], 0, c2, c1, &c2, &c1, &c0); - bn_mulw_addtw(a[1], b[0], c2, c1, c0, &c2, &c1, &r[1]); - - bn_mulw_addtw(a[2], b[0], 0, c2, c1, &c2, &c1, &c0); - bn_mulw_addtw(a[1], b[1], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[0], b[2], c2, c1, c0, &c2, &c1, &r[2]); - - bn_mulw_addtw(a[0], b[3], 0, c2, c1, &c2, &c1, &c0); - bn_mulw_addtw(a[1], b[2], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[2], b[1], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[3], b[0], c2, c1, c0, &c2, &c1, &r[3]); - - bn_mulw_addtw(a[3], b[1], 0, c2, c1, &c2, &c1, &c0); - bn_mulw_addtw(a[2], b[2], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[1], b[3], c2, c1, c0, &c2, &c1, &r[4]); - - bn_mulw_addtw(a[2], b[3], 0, c2, c1, &c2, &c1, &c0); - bn_mulw_addtw(a[3], b[2], c2, c1, c0, &c2, &c1, &r[5]); - - bn_mulw_addtw(a[3], b[3], 0, c2, c1, &c2, &r[7], &r[6]); -} -#endif - -/* - * bn_mul_comba8() computes r[] = a[] * b[] using Comba multiplication - * (https://everything2.com/title/Comba+multiplication), where a and b are both - * eight word arrays, producing a 16 word array result. - */ -#ifndef HAVE_BN_MUL_COMBA8 -void -bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b) -{ - BN_ULONG c0, c1, c2; - - bn_mulw_addtw(a[0], b[0], 0, 0, 0, &c2, &c1, &r[0]); - - bn_mulw_addtw(a[0], b[1], 0, c2, c1, &c2, &c1, &c0); - bn_mulw_addtw(a[1], b[0], c2, c1, c0, &c2, &c1, &r[1]); - - bn_mulw_addtw(a[2], b[0], 0, c2, c1, &c2, &c1, &c0); - bn_mulw_addtw(a[1], b[1], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[0], b[2], c2, c1, c0, &c2, &c1, &r[2]); - - bn_mulw_addtw(a[0], b[3], 0, c2, c1, &c2, &c1, &c0); - bn_mulw_addtw(a[1], b[2], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[2], b[1], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[3], b[0], c2, c1, c0, &c2, &c1, &r[3]); - - bn_mulw_addtw(a[4], b[0], 0, c2, c1, &c2, &c1, &c0); - bn_mulw_addtw(a[3], b[1], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[2], b[2], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[1], b[3], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[0], b[4], c2, c1, c0, &c2, &c1, &r[4]); - - bn_mulw_addtw(a[0], b[5], 0, c2, c1, &c2, &c1, &c0); - bn_mulw_addtw(a[1], b[4], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[2], b[3], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[3], b[2], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[4], b[1], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[5], b[0], c2, c1, c0, &c2, &c1, &r[5]); - - bn_mulw_addtw(a[6], b[0], 0, c2, c1, &c2, &c1, &c0); - bn_mulw_addtw(a[5], b[1], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[4], b[2], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[3], b[3], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[2], b[4], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[1], b[5], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[0], b[6], c2, c1, c0, &c2, &c1, &r[6]); - - bn_mulw_addtw(a[0], b[7], 0, c2, c1, &c2, &c1, &c0); - bn_mulw_addtw(a[1], b[6], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[2], b[5], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[3], b[4], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[4], b[3], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[5], b[2], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[6], b[1], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[7], b[0], c2, c1, c0, &c2, &c1, &r[7]); - - bn_mulw_addtw(a[7], b[1], 0, c2, c1, &c2, &c1, &c0); - bn_mulw_addtw(a[6], b[2], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[5], b[3], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[4], b[4], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[3], b[5], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[2], b[6], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[1], b[7], c2, c1, c0, &c2, &c1, &r[8]); - - bn_mulw_addtw(a[2], b[7], 0, c2, c1, &c2, &c1, &c0); - bn_mulw_addtw(a[3], b[6], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[4], b[5], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[5], b[4], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[6], b[3], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[7], b[2], c2, c1, c0, &c2, &c1, &r[9]); - - bn_mulw_addtw(a[7], b[3], 0, c2, c1, &c2, &c1, &c0); - bn_mulw_addtw(a[6], b[4], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[5], b[5], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[4], b[6], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[3], b[7], c2, c1, c0, &c2, &c1, &r[10]); - - bn_mulw_addtw(a[4], b[7], 0, c2, c1, &c2, &c1, &c0); - bn_mulw_addtw(a[5], b[6], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[6], b[5], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[7], b[4], c2, c1, c0, &c2, &c1, &r[11]); - - bn_mulw_addtw(a[7], b[5], 0, c2, c1, &c2, &c1, &c0); - bn_mulw_addtw(a[6], b[6], c2, c1, c0, &c2, &c1, &c0); - bn_mulw_addtw(a[5], b[7], c2, c1, c0, &c2, &c1, &r[12]); - - bn_mulw_addtw(a[6], b[7], 0, c2, c1, &c2, &c1, &c0); - bn_mulw_addtw(a[7], b[6], c2, c1, c0, &c2, &c1, &r[13]); - - bn_mulw_addtw(a[7], b[7], 0, c2, c1, &c2, &r[15], &r[14]); -} -#endif - -/* - * bn_mul_words() computes (carry:r[i]) = a[i] * w + carry, where a is an array - * of words and w is a single word. This should really be called bn_mulw_words() - * since only one input is an array. This is used as a step in the multiplication - * of word arrays. - */ -#ifndef HAVE_BN_MUL_WORDS -BN_ULONG -bn_mul_words(BN_ULONG *r, const BN_ULONG *a, int num, BN_ULONG w) -{ - BN_ULONG carry = 0; - - assert(num >= 0); - if (num <= 0) - return 0; - - while (num & ~3) { - bn_qwmulw_addw(a[3], a[2], a[1], a[0], w, carry, &carry, - &r[3], &r[2], &r[1], &r[0]); - a += 4; - r += 4; - num -= 4; - } - while (num) { - bn_mulw_addw(a[0], w, carry, &carry, &r[0]); - a++; - r++; - num--; - } - return carry; -} -#endif - -/* - * bn_mul_add_words() computes (carry:r[i]) = a[i] * w + r[i] + carry, where - * a is an array of words and w is a single word. This should really be called - * bn_mulw_add_words() since only one input is an array. This is used as a step - * in the multiplication of word arrays. - */ -#ifndef HAVE_BN_MUL_ADD_WORDS -BN_ULONG -bn_mul_add_words(BN_ULONG *r, const BN_ULONG *a, int num, BN_ULONG w) -{ - BN_ULONG carry = 0; - - assert(num >= 0); - if (num <= 0) - return 0; - - while (num & ~3) { - bn_qwmulw_addqw_addw(a[3], a[2], a[1], a[0], w, - r[3], r[2], r[1], r[0], carry, &carry, - &r[3], &r[2], &r[1], &r[0]); - a += 4; - r += 4; - num -= 4; - } - while (num) { - bn_mulw_addw_addw(a[0], w, r[0], carry, &carry, &r[0]); - a++; - r++; - num--; - } - - return carry; -} -#endif - -void -bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb) -{ - BN_ULONG *rr; - - - if (na < nb) { - int itmp; - BN_ULONG *ltmp; - - itmp = na; - na = nb; - nb = itmp; - ltmp = a; - a = b; - b = ltmp; - - } - rr = &(r[na]); - if (nb <= 0) { - (void)bn_mul_words(r, a, na, 0); - return; - } else - rr[0] = bn_mul_words(r, a, na, b[0]); - - for (;;) { - if (--nb <= 0) - return; - rr[1] = bn_mul_add_words(&(r[1]), a, na, b[1]); - if (--nb <= 0) - return; - rr[2] = bn_mul_add_words(&(r[2]), a, na, b[2]); - if (--nb <= 0) - return; - rr[3] = bn_mul_add_words(&(r[3]), a, na, b[3]); - if (--nb <= 0) - return; - rr[4] = bn_mul_add_words(&(r[4]), a, na, b[4]); - rr += 4; - r += 4; - b += 4; - } -} - - -#ifndef HAVE_BN_MUL -int -bn_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, int rn, BN_CTX *ctx) -{ - bn_mul_normal(r->d, a->d, a->top, b->d, b->top); - - return 1; -} - -#endif /* HAVE_BN_MUL */ - -int -BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) -{ - BIGNUM *rr; - int rn; - int ret = 0; - - BN_CTX_start(ctx); - - if (BN_is_zero(a) || BN_is_zero(b)) { - BN_zero(r); - goto done; - } - - rr = r; - if (rr == a || rr == b) - rr = BN_CTX_get(ctx); - if (rr == NULL) - goto err; - - rn = a->top + b->top; - if (rn < a->top) - goto err; - if (!bn_wexpand(rr, rn)) - goto err; - - if (a->top == 4 && b->top == 4) { - bn_mul_comba4(rr->d, a->d, b->d); - } else if (a->top == 8 && b->top == 8) { - bn_mul_comba8(rr->d, a->d, b->d); - } else { - if (!bn_mul(rr, a, b, rn, ctx)) - goto err; - } - - rr->top = rn; - bn_correct_top(rr); - - BN_set_negative(rr, a->neg ^ b->neg); - - if (!bn_copy(r, rr)) - goto err; - done: - ret = 1; - err: - BN_CTX_end(ctx); - - return ret; -} -LCRYPTO_ALIAS(BN_mul); diff --git a/src/lib/libcrypto/bn/bn_prime.c b/src/lib/libcrypto/bn/bn_prime.c deleted file mode 100644 index 5a4aa50bf1..0000000000 --- a/src/lib/libcrypto/bn/bn_prime.c +++ /dev/null @@ -1,423 +0,0 @@ -/* $OpenBSD: bn_prime.c,v 1.34 2023/07/20 06:26:27 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include - -#include "bn_local.h" - -/* The quick sieve algorithm approach to weeding out primes is - * Philip Zimmermann's, as implemented in PGP. I have had a read of - * his comments and implemented my own version. - */ -#include "bn_prime.h" - -static int probable_prime(BIGNUM *rnd, int bits); -static int probable_prime_dh(BIGNUM *rnd, int bits, - const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx); -static int probable_prime_dh_safe(BIGNUM *rnd, int bits, - const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx); - -int -BN_GENCB_call(BN_GENCB *cb, int a, int b) -{ - /* No callback means continue */ - if (!cb) - return 1; - switch (cb->ver) { - case 1: - /* Deprecated-style callbacks */ - if (!cb->cb.cb_1) - return 1; - cb->cb.cb_1(a, b, cb->arg); - return 1; - case 2: - /* New-style callbacks */ - return cb->cb.cb_2(a, b, cb); - default: - break; - } - /* Unrecognised callback type */ - return 0; -} -LCRYPTO_ALIAS(BN_GENCB_call); - -int -BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add, - const BIGNUM *rem, BN_GENCB *cb) -{ - BN_CTX *ctx; - BIGNUM *p; - int is_prime; - int loops = 0; - int found = 0; - - if (bits < 2 || (bits == 2 && safe)) { - /* - * There are no prime numbers smaller than 2, and the smallest - * safe prime (7) spans three bits. - */ - BNerror(BN_R_BITS_TOO_SMALL); - return 0; - } - - if ((ctx = BN_CTX_new()) == NULL) - goto err; - BN_CTX_start(ctx); - if ((p = BN_CTX_get(ctx)) == NULL) - goto err; - - loop: - /* Make a random number and set the top and bottom bits. */ - if (add == NULL) { - if (!probable_prime(ret, bits)) - goto err; - } else { - if (safe) { - if (!probable_prime_dh_safe(ret, bits, add, rem, ctx)) - goto err; - } else { - if (!probable_prime_dh(ret, bits, add, rem, ctx)) - goto err; - } - } - - if (!BN_GENCB_call(cb, 0, loops++)) - goto err; - - if (!safe) { - if (!bn_is_prime_bpsw(&is_prime, ret, ctx, 1)) - goto err; - if (!is_prime) - goto loop; - } else { - if (!bn_is_prime_bpsw(&is_prime, ret, ctx, 1)) - goto err; - if (!is_prime) - goto loop; - - /* - * For safe prime generation, check that p = (ret-1)/2 is prime. - * Since this prime has >= 3 bits, it is odd, and we can simply - * divide by 2. - */ - if (!BN_rshift1(p, ret)) - goto err; - - if (!bn_is_prime_bpsw(&is_prime, p, ctx, 1)) - goto err; - if (!is_prime) - goto loop; - - if (!BN_GENCB_call(cb, 2, loops - 1)) - goto err; - } - - found = 1; - - err: - BN_CTX_end(ctx); - BN_CTX_free(ctx); - - return found; -} -LCRYPTO_ALIAS(BN_generate_prime_ex); - -int -BN_is_prime_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, BN_GENCB *cb) -{ - return BN_is_prime_fasttest_ex(a, checks, ctx_passed, 0, cb); -} -LCRYPTO_ALIAS(BN_is_prime_ex); - -#define BN_PRIME_MAXIMUM_BITS (32 * 1024) - -int -BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, - int do_trial_division, BN_GENCB *cb) -{ - int is_prime; - - if (checks < 0) - return -1; - - /* - * Prime numbers this large do not appear in everyday cryptography - * and checking such numbers for primality is very expensive. - */ - if (BN_num_bits(a) > BN_PRIME_MAXIMUM_BITS) { - BNerror(BN_R_BIGNUM_TOO_LONG); - return -1; - } - - if (checks == BN_prime_checks) - checks = BN_prime_checks_for_size(BN_num_bits(a)); - - /* XXX - tickle BN_GENCB in bn_is_prime_bpsw(). */ - if (!bn_is_prime_bpsw(&is_prime, a, ctx_passed, checks)) - return -1; - - return is_prime; -} -LCRYPTO_ALIAS(BN_is_prime_fasttest_ex); - -static int -probable_prime(BIGNUM *rnd, int bits) -{ - int i; - BN_ULONG mods[NUMPRIMES]; - BN_ULONG delta, maxdelta; - -again: - if (!BN_rand(rnd, bits, 1, 1)) - return (0); - /* we now have a random number 'rand' to test. */ - for (i = 1; i < NUMPRIMES; i++) { - BN_ULONG mod = BN_mod_word(rnd, primes[i]); - if (mod == (BN_ULONG)-1) - return (0); - mods[i] = mod; - } - maxdelta = BN_MASK2 - primes[NUMPRIMES - 1]; - delta = 0; -loop: - for (i = 1; i < NUMPRIMES; i++) { - /* check that rnd is not a prime and also - * that gcd(rnd-1,primes) == 1 (except for 2) */ - if (((mods[i] + delta) % primes[i]) <= 1) { - delta += 2; - if (delta > maxdelta) - goto again; - goto loop; - } - } - if (!BN_add_word(rnd, delta)) - return (0); - return (1); -} - -static int -probable_prime_dh(BIGNUM *rnd, int bits, const BIGNUM *add, const BIGNUM *rem, - BN_CTX *ctx) -{ - int i, ret = 0; - BIGNUM *t1; - - BN_CTX_start(ctx); - if ((t1 = BN_CTX_get(ctx)) == NULL) - goto err; - - if (!BN_rand(rnd, bits, 0, 1)) - goto err; - - /* we need ((rnd-rem) % add) == 0 */ - - if (!BN_mod_ct(t1, rnd, add, ctx)) - goto err; - if (!BN_sub(rnd, rnd, t1)) - goto err; - if (rem == NULL) { - if (!BN_add_word(rnd, 1)) - goto err; - } else { - if (!BN_add(rnd, rnd, rem)) - goto err; - } - - /* we now have a random number 'rand' to test. */ - -loop: - for (i = 1; i < NUMPRIMES; i++) { - /* check that rnd is a prime */ - BN_LONG mod = BN_mod_word(rnd, primes[i]); - if (mod == (BN_ULONG)-1) - goto err; - if (mod <= 1) { - if (!BN_add(rnd, rnd, add)) - goto err; - goto loop; - } - } - ret = 1; - -err: - BN_CTX_end(ctx); - return (ret); -} - -static int -probable_prime_dh_safe(BIGNUM *p, int bits, const BIGNUM *padd, - const BIGNUM *rem, BN_CTX *ctx) -{ - int i, ret = 0; - BIGNUM *t1, *qadd, *q; - - bits--; - BN_CTX_start(ctx); - if ((t1 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((q = BN_CTX_get(ctx)) == NULL) - goto err; - if ((qadd = BN_CTX_get(ctx)) == NULL) - goto err; - - if (!BN_rshift1(qadd, padd)) - goto err; - - if (!BN_rand(q, bits, 0, 1)) - goto err; - - /* we need ((rnd-rem) % add) == 0 */ - if (!BN_mod_ct(t1, q,qadd, ctx)) - goto err; - if (!BN_sub(q, q, t1)) - goto err; - if (rem == NULL) { - if (!BN_add_word(q, 1)) - goto err; - } else { - if (!BN_rshift1(t1, rem)) - goto err; - if (!BN_add(q, q, t1)) - goto err; - } - - /* we now have a random number 'rand' to test. */ - if (!BN_lshift1(p, q)) - goto err; - if (!BN_add_word(p, 1)) - goto err; - -loop: - for (i = 1; i < NUMPRIMES; i++) { - /* check that p and q are prime */ - /* check that for p and q - * gcd(p-1,primes) == 1 (except for 2) */ - BN_ULONG pmod = BN_mod_word(p, primes[i]); - BN_ULONG qmod = BN_mod_word(q, primes[i]); - if (pmod == (BN_ULONG)-1 || qmod == (BN_ULONG)-1) - goto err; - if (pmod == 0 || qmod == 0) { - if (!BN_add(p, p, padd)) - goto err; - if (!BN_add(q, q, qadd)) - goto err; - goto loop; - } - } - ret = 1; - -err: - BN_CTX_end(ctx); - return (ret); -} diff --git a/src/lib/libcrypto/bn/bn_prime.h b/src/lib/libcrypto/bn/bn_prime.h deleted file mode 100644 index 4ea2d47948..0000000000 --- a/src/lib/libcrypto/bn/bn_prime.h +++ /dev/null @@ -1,14 +0,0 @@ -/* $OpenBSD: bn_prime.h,v 1.9 2022/11/10 10:24:50 tb Exp $ */ -/* - * Public domain. - */ - -#include - -__BEGIN_HIDDEN_DECLS - -#define NUMPRIMES 2048 - -extern const uint16_t primes[NUMPRIMES]; - -__END_HIDDEN_DECLS diff --git a/src/lib/libcrypto/bn/bn_prime.pl b/src/lib/libcrypto/bn/bn_prime.pl deleted file mode 100644 index f638e4a9a4..0000000000 --- a/src/lib/libcrypto/bn/bn_prime.pl +++ /dev/null @@ -1,100 +0,0 @@ -#!/usr/bin/perl -# $OpenBSD: bn_prime.pl,v 1.12 2023/03/26 08:04:57 tb Exp $ -# -# Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) -# All rights reserved. -# -# This package is an SSL implementation written -# by Eric Young (eay@cryptsoft.com). -# The implementation was written so as to conform with Netscapes SSL. -# -# This library is free for commercial and non-commercial use as long as -# the following conditions are aheared to. The following conditions -# apply to all code found in this distribution, be it the RC4, RSA, -# lhash, DES, etc., code; not just the SSL code. The SSL documentation -# included with this distribution is covered by the same copyright terms -# except that the holder is Tim Hudson (tjh@cryptsoft.com). -# -# Copyright remains Eric Young's, and as such any Copyright notices in -# the code are not to be removed. -# If this package is used in a product, Eric Young should be given attribution -# as the author of the parts of the library used. -# This can be in the form of a textual message at program startup or -# in documentation (online or textual) provided with the package. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# 1. Redistributions of source code must retain the copyright -# notice, this list of conditions and the following disclaimer. -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# 3. All advertising materials mentioning features or use of this software -# must display the following acknowledgement: -# "This product includes cryptographic software written by -# Eric Young (eay@cryptsoft.com)" -# The word 'cryptographic' can be left out if the rouines from the library -# being used are not cryptographic related :-). -# 4. If you include any Windows specific code (or a derivative thereof) from -# the apps directory (application code) you must include an acknowledgement: -# "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" -# -# THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# The licence and distribution terms for any publically available version or -# derivative of this code cannot be changed. i.e. this code cannot simply be -# copied and put under another distribution licence -# [including the GNU Public Licence.] - -use strict; -use warnings; - -my ($i, $num, $p, $s, @primes); - -$num = 2048; -$num = $ARGV[0] if $#ARGV >= 0; - -# The 6543rd prime is 2^16 + 1. -die "$num must be smaller than 6543" if $num >= 6543; - -push(@primes, 2); -$p = 1; - -loop: -while ($#primes < $num - 1) { - $p += 2; - $s = int(sqrt($p)); - - for ($i = 0; defined($primes[$i]) && $primes[$i] <= $s; $i++) { - next loop if $p % $primes[$i] == 0; - } - - die "\$primes[$i] is too large: $primes[$i]" if $primes[$i] > 65535; - push(@primes, $p); -} - -printf("/*\t\$" . "OpenBSD" . "\$ */\n"); -print <<\EOF; -/* - * Public domain, generated by bn_prime.pl. - */ - -EOF - -print "#include \"bn_prime.h\"\n\n"; -print "const uint16_t primes[NUMPRIMES] = {"; -for ($i = 0; $i <= $#primes; $i++) { - printf("%s%5d,", $i % 8 == 0 ? "\n\t" : " ", $primes[$i]); -} -print "\n};\n"; diff --git a/src/lib/libcrypto/bn/bn_primitives.c b/src/lib/libcrypto/bn/bn_primitives.c deleted file mode 100644 index 66427a9046..0000000000 --- a/src/lib/libcrypto/bn/bn_primitives.c +++ /dev/null @@ -1,65 +0,0 @@ -/* $OpenBSD: bn_primitives.c,v 1.2 2023/06/21 07:48:41 jsing Exp $ */ -/* - * Copyright (c) 2023 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include "bn_arch.h" -#include "bn_internal.h" -#include "bn_local.h" - -#ifndef HAVE_BN_CLZW -#ifndef HAVE_BN_WORD_CLZ -int -bn_word_clz(BN_ULONG w) -{ - BN_ULONG bits, mask, shift; - - bits = shift = BN_BITS2; - mask = 0; - - while ((shift >>= 1) != 0) { - bits += (shift & mask) - (shift & ~mask); - mask = bn_ct_ne_zero_mask(w >> bits); - } - bits += 1 & mask; - - bits -= bn_ct_eq_zero(w); - - return BN_BITS2 - bits; -} -#endif -#endif - -#ifndef HAVE_BN_BITSIZE -int -bn_bitsize(const BIGNUM *bn) -{ - BN_ULONG n = 0, x = 0; - BN_ULONG mask, w; - int i = 0; - - while (i < bn->top) { - w = bn->d[i]; - mask = bn_ct_ne_zero_mask(w); - n = ((BN_ULONG)i & mask) | (n & ~mask); - x = (w & mask) | (x & ~mask); - i++; - } - - return (n + 1) * BN_BITS2 - bn_clzw(x); -} -#endif diff --git a/src/lib/libcrypto/bn/bn_print.c b/src/lib/libcrypto/bn/bn_print.c deleted file mode 100644 index cd8b663602..0000000000 --- a/src/lib/libcrypto/bn/bn_print.c +++ /dev/null @@ -1,191 +0,0 @@ -/* $OpenBSD: bn_print.c,v 1.47 2024/03/02 09:18:28 tb Exp $ */ - -/* - * Copyright (c) 2023 Theo Buehler - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include -#include -#include -#include - -#include -#include - -#include "bio_local.h" -#include "bn_local.h" -#include "bytestring.h" - -static int -bn_print_zero(BIO *bio, const BIGNUM *bn) -{ - if (!BN_is_zero(bn)) - return 0; - if (BIO_printf(bio, " 0\n") <= 0) - return 0; - return 1; -} - -static int -bn_print_word(BIO *bio, const BIGNUM *bn) -{ - unsigned long long word; - const char *neg = ""; - - if (BN_is_zero(bn) || BN_num_bytes(bn) > BN_BYTES) - return 0; - - if (BN_is_negative(bn)) - neg = "-"; - - word = BN_get_word(bn); - if (BIO_printf(bio, " %s%llu (%s0x%llx)\n", neg, word, neg, word) <= 0) - return 0; - - return 1; -} - -static int -bn_print_bignum(BIO *bio, const BIGNUM *bn, int indent) -{ - CBS cbs; - char *hex = NULL; - size_t hex_len = 0; - size_t octets = 0; - uint8_t hi, lo; - const char *sep = ":"; - int ret = 0; - - if (BN_num_bytes(bn) <= BN_BYTES) - goto err; - - /* Secondary indent is 4 spaces, capped at 128. */ - if (indent > 124) - indent = 124; - indent += 4; - if (indent < 0) - indent = 0; - - if (!bn_bn2hex_nosign(bn, &hex, &hex_len)) - goto err; - - CBS_init(&cbs, hex, hex_len); - - if (BN_is_negative(bn)) { - if (BIO_printf(bio, " (Negative)") <= 0) - goto err; - } - - while (CBS_len(&cbs) > 0) { - if (!CBS_get_u8(&cbs, &hi)) - goto err; - if (!CBS_get_u8(&cbs, &lo)) - goto err; - if (octets++ % 15 == 0) { - if (BIO_printf(bio, "\n%*s", indent, "") <= 0) - goto err; - } - /* First nibble has the high bit set. Insert leading 0 octet. */ - if (octets == 1 && hi >= '8') { - if (BIO_printf(bio, "00:") <= 0) - goto err; - octets++; - } - if (CBS_len(&cbs) == 0) - sep = ""; - if (BIO_printf(bio, "%c%c%s", tolower(hi), tolower(lo), sep) <= 0) - goto err; - } - - if (BIO_printf(bio, "\n") <= 0) - goto err; - - ret = 1; - - err: - freezero(hex, hex_len); - - return ret; -} - -int -bn_printf(BIO *bio, const BIGNUM *bn, int indent, const char *fmt, ...) -{ - va_list ap; - int rv; - - if (bn == NULL) - return 1; - - if (!BIO_indent(bio, indent, 128)) - return 0; - - va_start(ap, fmt); - rv = BIO_vprintf(bio, fmt, ap); - va_end(ap); - if (rv < 0) - return 0; - - if (BN_is_zero(bn)) - return bn_print_zero(bio, bn); - - if (BN_num_bytes(bn) <= BN_BYTES) - return bn_print_word(bio, bn); - - return bn_print_bignum(bio, bn, indent); -} - -int -BN_print(BIO *bio, const BIGNUM *bn) -{ - char *hex = NULL; - size_t hex_len = 0; - int ret = 0; - - if (!bn_bn2hex_nibbles(bn, &hex, &hex_len)) - goto err; - if (BIO_printf(bio, "%s", hex) <= 0) - goto err; - - ret = 1; - - err: - freezero(hex, hex_len); - - return ret; -} -LCRYPTO_ALIAS(BN_print); - -int -BN_print_fp(FILE *fp, const BIGNUM *bn) -{ - char *hex = NULL; - size_t hex_len = 0; - int ret = 0; - - if (!bn_bn2hex_nibbles(bn, &hex, &hex_len)) - goto err; - if (fprintf(fp, "%s", hex) < 0) - goto err; - - ret = 1; - - err: - freezero(hex, hex_len); - - return ret; -} -LCRYPTO_ALIAS(BN_print_fp); diff --git a/src/lib/libcrypto/bn/bn_rand.c b/src/lib/libcrypto/bn/bn_rand.c deleted file mode 100644 index 9cfcd8e2c0..0000000000 --- a/src/lib/libcrypto/bn/bn_rand.c +++ /dev/null @@ -1,340 +0,0 @@ -/* $OpenBSD: bn_rand.c,v 1.30 2024/03/16 20:42:33 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include -#include - -#include - -#include "bn_local.h" - -static int -bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom) -{ - unsigned char *buf = NULL; - int ret = 0, bit, bytes, mask; - - if (rnd == NULL) { - BNerror(ERR_R_PASSED_NULL_PARAMETER); - return (0); - } - - if (bits < 0 || (bits == 1 && top > 0)) { - BNerror(BN_R_BITS_TOO_SMALL); - return (0); - } - if (bits > INT_MAX - 7) { - BNerror(BN_R_BIGNUM_TOO_LONG); - return (0); - } - - if (bits == 0) { - BN_zero(rnd); - return (1); - } - - bytes = (bits + 7) / 8; - bit = (bits - 1) % 8; - mask = 0xff << (bit + 1); - - buf = malloc(bytes); - if (buf == NULL) { - BNerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - /* make a random number and set the top and bottom bits */ - arc4random_buf(buf, bytes); - -#if 1 - if (pseudorand == 2) { - /* generate patterns that are more likely to trigger BN - library bugs */ - int i; - unsigned char c; - - for (i = 0; i < bytes; i++) { - arc4random_buf(&c, 1); - if (c >= 128 && i > 0) - buf[i] = buf[i - 1]; - else if (c < 42) - buf[i] = 0; - else if (c < 84) - buf[i] = 255; - } - } -#endif - - if (top > 0) { - if (bit == 0) { - buf[0] = 1; - buf[1] |= 0x80; - } else { - buf[0] |= (3 << (bit - 1)); - } - } - if (top == 0) - buf[0] |= (1 << bit); - buf[0] &= ~mask; - if (bottom) /* set bottom bit if requested */ - buf[bytes - 1] |= 1; - if (BN_bin2bn(buf, bytes, rnd) == NULL) - goto err; - ret = 1; - -err: - freezero(buf, bytes); - return (ret); -} - -int -BN_rand(BIGNUM *rnd, int bits, int top, int bottom) -{ - return bnrand(0, rnd, bits, top, bottom); -} -LCRYPTO_ALIAS(BN_rand); - -int -BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom) -{ - return bnrand(1, rnd, bits, top, bottom); -} -LCRYPTO_ALIAS(BN_pseudo_rand); - -#if 1 -int -BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom) -{ - return bnrand(2, rnd, bits, top, bottom); -} -#endif - - -/* random number r: 0 <= r < range */ -static int -bn_rand_range(int pseudo, BIGNUM *r, const BIGNUM *range) -{ - int (*bn_rand)(BIGNUM *, int, int, int) = pseudo ? BN_pseudo_rand : BN_rand; - int n; - int count = 100; - - if (range->neg || BN_is_zero(range)) { - BNerror(BN_R_INVALID_RANGE); - return 0; - } - - n = BN_num_bits(range); /* n > 0 */ - - /* BN_is_bit_set(range, n - 1) always holds */ - - if (n == 1) - BN_zero(r); - else if (!BN_is_bit_set(range, n - 2) && !BN_is_bit_set(range, n - 3)) { - /* range = 100..._2, - * so 3*range (= 11..._2) is exactly one bit longer than range */ - do { - if (!bn_rand(r, n + 1, -1, 0)) - return 0; - /* If r < 3*range, use r := r MOD range - * (which is either r, r - range, or r - 2*range). - * Otherwise, iterate once more. - * Since 3*range = 11..._2, each iteration succeeds with - * probability >= .75. */ - if (BN_cmp(r, range) >= 0) { - if (!BN_sub(r, r, range)) - return 0; - if (BN_cmp(r, range) >= 0) - if (!BN_sub(r, r, range)) - return 0; - } - - if (!--count) { - BNerror(BN_R_TOO_MANY_ITERATIONS); - return 0; - } - - } while (BN_cmp(r, range) >= 0); - } else { - do { - /* range = 11..._2 or range = 101..._2 */ - if (!bn_rand(r, n, -1, 0)) - return 0; - - if (!--count) { - BNerror(BN_R_TOO_MANY_ITERATIONS); - return 0; - } - } while (BN_cmp(r, range) >= 0); - } - - return 1; -} - -int -BN_rand_range(BIGNUM *r, const BIGNUM *range) -{ - return bn_rand_range(0, r, range); -} -LCRYPTO_ALIAS(BN_rand_range); - -int -bn_rand_in_range(BIGNUM *rnd, const BIGNUM *lower_inc, const BIGNUM *upper_exc) -{ - BIGNUM *len; - int ret = 0; - - if ((len = BN_new()) == NULL) - goto err; - if (!BN_sub(len, upper_exc, lower_inc)) - goto err; - if (!BN_rand_range(rnd, len)) - goto err; - if (!BN_add(rnd, rnd, lower_inc)) - goto err; - - ret = 1; - - err: - BN_free(len); - - return ret; -} - -int -bn_rand_interval(BIGNUM *rnd, BN_ULONG lower_word, const BIGNUM *upper_exc) -{ - BIGNUM *lower_inc = NULL; - int ret = 0; - - if ((lower_inc = BN_new()) == NULL) - goto err; - if (!BN_set_word(lower_inc, lower_word)) - goto err; - if (!bn_rand_in_range(rnd, lower_inc, upper_exc)) - goto err; - - ret = 1; - - err: - BN_free(lower_inc); - - return ret; -} - -int -BN_pseudo_rand_range(BIGNUM *r, const BIGNUM *range) -{ - return bn_rand_range(1, r, range); -} -LCRYPTO_ALIAS(BN_pseudo_rand_range); diff --git a/src/lib/libcrypto/bn/bn_recp.c b/src/lib/libcrypto/bn/bn_recp.c deleted file mode 100644 index e3f22c52a9..0000000000 --- a/src/lib/libcrypto/bn/bn_recp.c +++ /dev/null @@ -1,222 +0,0 @@ -/* $OpenBSD: bn_recp.c,v 1.33 2025/02/04 20:22:20 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include - -#include "bn_local.h" - -struct bn_recp_ctx_st { - BIGNUM *N; /* the divisor */ - BIGNUM *Nr; /* the reciprocal 2^shift / N */ - int num_bits; /* number of bits in N */ - int shift; -} /* BN_RECP_CTX */; - -BN_RECP_CTX * -BN_RECP_CTX_create(const BIGNUM *N) -{ - BN_RECP_CTX *recp; - - if ((recp = calloc(1, sizeof(*recp))) == NULL) - goto err; - - if ((recp->N = BN_dup(N)) == NULL) - goto err; - BN_set_negative(recp->N, 0); - recp->num_bits = BN_num_bits(recp->N); - - if ((recp->Nr = BN_new()) == NULL) - goto err; - - return recp; - - err: - BN_RECP_CTX_free(recp); - - return NULL; -} - -void -BN_RECP_CTX_free(BN_RECP_CTX *recp) -{ - if (recp == NULL) - return; - - BN_free(recp->N); - BN_free(recp->Nr); - freezero(recp, sizeof(*recp)); -} - -int -BN_div_reciprocal(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, BN_RECP_CTX *recp, - BN_CTX *ctx) -{ - int i, j, ret = 0; - BIGNUM *a, *b, *d, *r; - - if (BN_ucmp(m, recp->N) < 0) { - if (dv != NULL) - BN_zero(dv); - if (rem != NULL) - return bn_copy(rem, m); - return 1; - } - - BN_CTX_start(ctx); - if ((a = BN_CTX_get(ctx)) == NULL) - goto err; - if ((b = BN_CTX_get(ctx)) == NULL) - goto err; - - if ((d = dv) == NULL) - d = BN_CTX_get(ctx); - if (d == NULL) - goto err; - - if ((r = rem) == NULL) - r = BN_CTX_get(ctx); - if (r == NULL) - goto err; - - /* - * We want the remainder. Given input of ABCDEF / ab we need to - * multiply ABCDEF by 3 digits of the reciprocal of ab. - */ - - /* i := max(BN_num_bits(m), 2*BN_num_bits(N)) */ - i = BN_num_bits(m); - j = recp->num_bits << 1; - if (j > i) - i = j; - - /* Compute Nr := (1 << i) / N if necessary. */ - if (i != recp->shift) { - BN_zero(recp->Nr); - if (!BN_set_bit(recp->Nr, i)) - goto err; - if (!BN_div_ct(recp->Nr, NULL, recp->Nr, recp->N, ctx)) - goto err; - recp->shift = i; - } - - /* - * d := |((m >> BN_num_bits(N)) * recp->Nr) >> (i - BN_num_bits(N))| - * = |((m >> BN_num_bits(N)) * (1 << i) / N) >> (i - BN_num_bits(N))| - * <= |(m / 2^BN_num_bits(N)) * (2^i / N) * 2^BN_num_bits(N) / 2^i | - * = |m / N| - */ - if (!BN_rshift(a, m, recp->num_bits)) - goto err; - if (!BN_mul(b, a, recp->Nr, ctx)) - goto err; - if (!BN_rshift(d, b, i - recp->num_bits)) - goto err; - d->neg = 0; - - if (!BN_mul(b, recp->N, d, ctx)) - goto err; - if (!BN_usub(r, m, b)) - goto err; - r->neg = 0; - -#if 1 - j = 0; - while (BN_ucmp(r, recp->N) >= 0) { - if (j++ > 2) { - BNerror(BN_R_BAD_RECIPROCAL); - goto err; - } - if (!BN_usub(r, r, recp->N)) - goto err; - if (!BN_add_word(d, 1)) - goto err; - } -#endif - - BN_set_negative(r, m->neg); - BN_set_negative(d, m->neg ^ recp->N->neg); - - ret = 1; - -err: - BN_CTX_end(ctx); - return ret; -} - -/* Compute r = (x * y) % m. */ -int -BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y, - BN_RECP_CTX *recp, BN_CTX *ctx) -{ - if (!BN_mul(r, x, y, ctx)) - return 0; - - return BN_div_reciprocal(NULL, r, r, recp, ctx); -} - -/* Compute r = x^2 % m. */ -int -BN_mod_sqr_reciprocal(BIGNUM *r, const BIGNUM *x, BN_RECP_CTX *recp, BN_CTX *ctx) -{ - if (!BN_sqr(r, x, ctx)) - return 0; - - return BN_div_reciprocal(NULL, r, r, recp, ctx); -} diff --git a/src/lib/libcrypto/bn/bn_shift.c b/src/lib/libcrypto/bn/bn_shift.c deleted file mode 100644 index 12edc7c0a0..0000000000 --- a/src/lib/libcrypto/bn/bn_shift.c +++ /dev/null @@ -1,175 +0,0 @@ -/* $OpenBSD: bn_shift.c,v 1.22 2023/07/08 12:21:58 beck Exp $ */ -/* - * Copyright (c) 2022, 2023 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include - -#include "bn_local.h" - -static inline int -bn_lshift(BIGNUM *r, const BIGNUM *a, int n) -{ - size_t count, shift_bits, shift_words; - size_t lshift, rshift; - ssize_t rstride; - BN_ULONG *dst, *src; - - if (n < 0) { - BNerror(BN_R_INVALID_LENGTH); - return 0; - } - shift_bits = n; - - /* - * Left bit shift, potentially across word boundaries. - * - * When shift is not an exact multiple of BN_BITS2, the bottom bits of - * the previous word need to be right shifted and combined with the left - * shifted bits using bitwise OR. If shift is an exact multiple of - * BN_BITS2, the source for the left and right shifts are the same - * and the shifts become zero bits (which is effectively a memmove). - */ - shift_words = shift_bits / BN_BITS2; - lshift = shift_bits % BN_BITS2; - rshift = (BN_BITS2 - lshift) % BN_BITS2; - rstride = 0 - (lshift + rshift) / BN_BITS2; - - if (a->top < 1) { - BN_zero(r); - return 1; - } - - count = a->top + shift_words + 1; - - if (count < shift_words) - return 0; - - if (!bn_wexpand(r, count)) - return 0; - - src = a->d + a->top - 1; - dst = r->d + a->top + shift_words; - - /* Handle right shift for top most word. */ - *dst = (*src >> rshift) & rstride; - dst--; - - /* Handle left shift and right shift for remaining words. */ - while (src > a->d) { - *dst = *src << lshift | src[rstride] >> rshift; - src--; - dst--; - } - *dst = *src << lshift; - - /* Zero any additional words resulting from the left shift. */ - while (dst > r->d) { - dst--; - *dst = 0; - } - - r->top = count; - bn_correct_top(r); - - BN_set_negative(r, a->neg); - - return 1; -} - -static inline int -bn_rshift(BIGNUM *r, const BIGNUM *a, int n) -{ - size_t count, shift_bits, shift_words; - size_t lshift, rshift; - ssize_t lstride; - BN_ULONG *dst, *src; - size_t i; - - if (n < 0) { - BNerror(BN_R_INVALID_LENGTH); - return 0; - } - shift_bits = n; - - /* - * Right bit shift, potentially across word boundaries. - * - * When shift is not an exact multiple of BN_BITS2, the top bits of - * the next word need to be left shifted and combined with the right - * shifted bits using bitwise OR. If shift is an exact multiple of - * BN_BITS2, the source for the left and right shifts are the same - * and the shifts become zero (which is effectively a memmove). - */ - shift_words = shift_bits / BN_BITS2; - rshift = shift_bits % BN_BITS2; - lshift = (BN_BITS2 - rshift) % BN_BITS2; - lstride = (lshift + rshift) / BN_BITS2; - - if (a->top <= shift_words) { - BN_zero(r); - return 1; - } - count = a->top - shift_words; - - if (!bn_wexpand(r, count)) - return 0; - - src = a->d + shift_words; - dst = r->d; - - for (i = 1; i < count; i++) { - *dst = src[lstride] << lshift | *src >> rshift; - src++; - dst++; - } - *dst = *src >> rshift; - - r->top = count; - bn_correct_top(r); - - BN_set_negative(r, a->neg); - - return 1; -} - -int -BN_lshift1(BIGNUM *r, const BIGNUM *a) -{ - return bn_lshift(r, a, 1); -} -LCRYPTO_ALIAS(BN_lshift1); - -int -BN_lshift(BIGNUM *r, const BIGNUM *a, int n) -{ - return bn_lshift(r, a, n); -} -LCRYPTO_ALIAS(BN_lshift); - -int -BN_rshift1(BIGNUM *r, const BIGNUM *a) -{ - return bn_rshift(r, a, 1); -} -LCRYPTO_ALIAS(BN_rshift1); - -int -BN_rshift(BIGNUM *r, const BIGNUM *a, int n) -{ - return bn_rshift(r, a, n); -} -LCRYPTO_ALIAS(BN_rshift); diff --git a/src/lib/libcrypto/bn/bn_small_primes.c b/src/lib/libcrypto/bn/bn_small_primes.c deleted file mode 100644 index bfb7903a54..0000000000 --- a/src/lib/libcrypto/bn/bn_small_primes.c +++ /dev/null @@ -1,265 +0,0 @@ -/* $OpenBSD: bn_small_primes.c,v 1.1 2022/11/09 22:52:51 tb Exp $ */ -/* - * Public domain, generated by bn_prime.pl. - */ - -#include "bn_prime.h" - -const uint16_t primes[NUMPRIMES] = { - 2, 3, 5, 7, 11, 13, 17, 19, - 23, 29, 31, 37, 41, 43, 47, 53, - 59, 61, 67, 71, 73, 79, 83, 89, - 97, 101, 103, 107, 109, 113, 127, 131, - 137, 139, 149, 151, 157, 163, 167, 173, - 179, 181, 191, 193, 197, 199, 211, 223, - 227, 229, 233, 239, 241, 251, 257, 263, - 269, 271, 277, 281, 283, 293, 307, 311, - 313, 317, 331, 337, 347, 349, 353, 359, - 367, 373, 379, 383, 389, 397, 401, 409, - 419, 421, 431, 433, 439, 443, 449, 457, - 461, 463, 467, 479, 487, 491, 499, 503, - 509, 521, 523, 541, 547, 557, 563, 569, - 571, 577, 587, 593, 599, 601, 607, 613, - 617, 619, 631, 641, 643, 647, 653, 659, - 661, 673, 677, 683, 691, 701, 709, 719, - 727, 733, 739, 743, 751, 757, 761, 769, - 773, 787, 797, 809, 811, 821, 823, 827, - 829, 839, 853, 857, 859, 863, 877, 881, - 883, 887, 907, 911, 919, 929, 937, 941, - 947, 953, 967, 971, 977, 983, 991, 997, - 1009, 1013, 1019, 1021, 1031, 1033, 1039, 1049, - 1051, 1061, 1063, 1069, 1087, 1091, 1093, 1097, - 1103, 1109, 1117, 1123, 1129, 1151, 1153, 1163, - 1171, 1181, 1187, 1193, 1201, 1213, 1217, 1223, - 1229, 1231, 1237, 1249, 1259, 1277, 1279, 1283, - 1289, 1291, 1297, 1301, 1303, 1307, 1319, 1321, - 1327, 1361, 1367, 1373, 1381, 1399, 1409, 1423, - 1427, 1429, 1433, 1439, 1447, 1451, 1453, 1459, - 1471, 1481, 1483, 1487, 1489, 1493, 1499, 1511, - 1523, 1531, 1543, 1549, 1553, 1559, 1567, 1571, - 1579, 1583, 1597, 1601, 1607, 1609, 1613, 1619, - 1621, 1627, 1637, 1657, 1663, 1667, 1669, 1693, - 1697, 1699, 1709, 1721, 1723, 1733, 1741, 1747, - 1753, 1759, 1777, 1783, 1787, 1789, 1801, 1811, - 1823, 1831, 1847, 1861, 1867, 1871, 1873, 1877, - 1879, 1889, 1901, 1907, 1913, 1931, 1933, 1949, - 1951, 1973, 1979, 1987, 1993, 1997, 1999, 2003, - 2011, 2017, 2027, 2029, 2039, 2053, 2063, 2069, - 2081, 2083, 2087, 2089, 2099, 2111, 2113, 2129, - 2131, 2137, 2141, 2143, 2153, 2161, 2179, 2203, - 2207, 2213, 2221, 2237, 2239, 2243, 2251, 2267, - 2269, 2273, 2281, 2287, 2293, 2297, 2309, 2311, - 2333, 2339, 2341, 2347, 2351, 2357, 2371, 2377, - 2381, 2383, 2389, 2393, 2399, 2411, 2417, 2423, - 2437, 2441, 2447, 2459, 2467, 2473, 2477, 2503, - 2521, 2531, 2539, 2543, 2549, 2551, 2557, 2579, - 2591, 2593, 2609, 2617, 2621, 2633, 2647, 2657, - 2659, 2663, 2671, 2677, 2683, 2687, 2689, 2693, - 2699, 2707, 2711, 2713, 2719, 2729, 2731, 2741, - 2749, 2753, 2767, 2777, 2789, 2791, 2797, 2801, - 2803, 2819, 2833, 2837, 2843, 2851, 2857, 2861, - 2879, 2887, 2897, 2903, 2909, 2917, 2927, 2939, - 2953, 2957, 2963, 2969, 2971, 2999, 3001, 3011, - 3019, 3023, 3037, 3041, 3049, 3061, 3067, 3079, - 3083, 3089, 3109, 3119, 3121, 3137, 3163, 3167, - 3169, 3181, 3187, 3191, 3203, 3209, 3217, 3221, - 3229, 3251, 3253, 3257, 3259, 3271, 3299, 3301, - 3307, 3313, 3319, 3323, 3329, 3331, 3343, 3347, - 3359, 3361, 3371, 3373, 3389, 3391, 3407, 3413, - 3433, 3449, 3457, 3461, 3463, 3467, 3469, 3491, - 3499, 3511, 3517, 3527, 3529, 3533, 3539, 3541, - 3547, 3557, 3559, 3571, 3581, 3583, 3593, 3607, - 3613, 3617, 3623, 3631, 3637, 3643, 3659, 3671, - 3673, 3677, 3691, 3697, 3701, 3709, 3719, 3727, - 3733, 3739, 3761, 3767, 3769, 3779, 3793, 3797, - 3803, 3821, 3823, 3833, 3847, 3851, 3853, 3863, - 3877, 3881, 3889, 3907, 3911, 3917, 3919, 3923, - 3929, 3931, 3943, 3947, 3967, 3989, 4001, 4003, - 4007, 4013, 4019, 4021, 4027, 4049, 4051, 4057, - 4073, 4079, 4091, 4093, 4099, 4111, 4127, 4129, - 4133, 4139, 4153, 4157, 4159, 4177, 4201, 4211, - 4217, 4219, 4229, 4231, 4241, 4243, 4253, 4259, - 4261, 4271, 4273, 4283, 4289, 4297, 4327, 4337, - 4339, 4349, 4357, 4363, 4373, 4391, 4397, 4409, - 4421, 4423, 4441, 4447, 4451, 4457, 4463, 4481, - 4483, 4493, 4507, 4513, 4517, 4519, 4523, 4547, - 4549, 4561, 4567, 4583, 4591, 4597, 4603, 4621, - 4637, 4639, 4643, 4649, 4651, 4657, 4663, 4673, - 4679, 4691, 4703, 4721, 4723, 4729, 4733, 4751, - 4759, 4783, 4787, 4789, 4793, 4799, 4801, 4813, - 4817, 4831, 4861, 4871, 4877, 4889, 4903, 4909, - 4919, 4931, 4933, 4937, 4943, 4951, 4957, 4967, - 4969, 4973, 4987, 4993, 4999, 5003, 5009, 5011, - 5021, 5023, 5039, 5051, 5059, 5077, 5081, 5087, - 5099, 5101, 5107, 5113, 5119, 5147, 5153, 5167, - 5171, 5179, 5189, 5197, 5209, 5227, 5231, 5233, - 5237, 5261, 5273, 5279, 5281, 5297, 5303, 5309, - 5323, 5333, 5347, 5351, 5381, 5387, 5393, 5399, - 5407, 5413, 5417, 5419, 5431, 5437, 5441, 5443, - 5449, 5471, 5477, 5479, 5483, 5501, 5503, 5507, - 5519, 5521, 5527, 5531, 5557, 5563, 5569, 5573, - 5581, 5591, 5623, 5639, 5641, 5647, 5651, 5653, - 5657, 5659, 5669, 5683, 5689, 5693, 5701, 5711, - 5717, 5737, 5741, 5743, 5749, 5779, 5783, 5791, - 5801, 5807, 5813, 5821, 5827, 5839, 5843, 5849, - 5851, 5857, 5861, 5867, 5869, 5879, 5881, 5897, - 5903, 5923, 5927, 5939, 5953, 5981, 5987, 6007, - 6011, 6029, 6037, 6043, 6047, 6053, 6067, 6073, - 6079, 6089, 6091, 6101, 6113, 6121, 6131, 6133, - 6143, 6151, 6163, 6173, 6197, 6199, 6203, 6211, - 6217, 6221, 6229, 6247, 6257, 6263, 6269, 6271, - 6277, 6287, 6299, 6301, 6311, 6317, 6323, 6329, - 6337, 6343, 6353, 6359, 6361, 6367, 6373, 6379, - 6389, 6397, 6421, 6427, 6449, 6451, 6469, 6473, - 6481, 6491, 6521, 6529, 6547, 6551, 6553, 6563, - 6569, 6571, 6577, 6581, 6599, 6607, 6619, 6637, - 6653, 6659, 6661, 6673, 6679, 6689, 6691, 6701, - 6703, 6709, 6719, 6733, 6737, 6761, 6763, 6779, - 6781, 6791, 6793, 6803, 6823, 6827, 6829, 6833, - 6841, 6857, 6863, 6869, 6871, 6883, 6899, 6907, - 6911, 6917, 6947, 6949, 6959, 6961, 6967, 6971, - 6977, 6983, 6991, 6997, 7001, 7013, 7019, 7027, - 7039, 7043, 7057, 7069, 7079, 7103, 7109, 7121, - 7127, 7129, 7151, 7159, 7177, 7187, 7193, 7207, - 7211, 7213, 7219, 7229, 7237, 7243, 7247, 7253, - 7283, 7297, 7307, 7309, 7321, 7331, 7333, 7349, - 7351, 7369, 7393, 7411, 7417, 7433, 7451, 7457, - 7459, 7477, 7481, 7487, 7489, 7499, 7507, 7517, - 7523, 7529, 7537, 7541, 7547, 7549, 7559, 7561, - 7573, 7577, 7583, 7589, 7591, 7603, 7607, 7621, - 7639, 7643, 7649, 7669, 7673, 7681, 7687, 7691, - 7699, 7703, 7717, 7723, 7727, 7741, 7753, 7757, - 7759, 7789, 7793, 7817, 7823, 7829, 7841, 7853, - 7867, 7873, 7877, 7879, 7883, 7901, 7907, 7919, - 7927, 7933, 7937, 7949, 7951, 7963, 7993, 8009, - 8011, 8017, 8039, 8053, 8059, 8069, 8081, 8087, - 8089, 8093, 8101, 8111, 8117, 8123, 8147, 8161, - 8167, 8171, 8179, 8191, 8209, 8219, 8221, 8231, - 8233, 8237, 8243, 8263, 8269, 8273, 8287, 8291, - 8293, 8297, 8311, 8317, 8329, 8353, 8363, 8369, - 8377, 8387, 8389, 8419, 8423, 8429, 8431, 8443, - 8447, 8461, 8467, 8501, 8513, 8521, 8527, 8537, - 8539, 8543, 8563, 8573, 8581, 8597, 8599, 8609, - 8623, 8627, 8629, 8641, 8647, 8663, 8669, 8677, - 8681, 8689, 8693, 8699, 8707, 8713, 8719, 8731, - 8737, 8741, 8747, 8753, 8761, 8779, 8783, 8803, - 8807, 8819, 8821, 8831, 8837, 8839, 8849, 8861, - 8863, 8867, 8887, 8893, 8923, 8929, 8933, 8941, - 8951, 8963, 8969, 8971, 8999, 9001, 9007, 9011, - 9013, 9029, 9041, 9043, 9049, 9059, 9067, 9091, - 9103, 9109, 9127, 9133, 9137, 9151, 9157, 9161, - 9173, 9181, 9187, 9199, 9203, 9209, 9221, 9227, - 9239, 9241, 9257, 9277, 9281, 9283, 9293, 9311, - 9319, 9323, 9337, 9341, 9343, 9349, 9371, 9377, - 9391, 9397, 9403, 9413, 9419, 9421, 9431, 9433, - 9437, 9439, 9461, 9463, 9467, 9473, 9479, 9491, - 9497, 9511, 9521, 9533, 9539, 9547, 9551, 9587, - 9601, 9613, 9619, 9623, 9629, 9631, 9643, 9649, - 9661, 9677, 9679, 9689, 9697, 9719, 9721, 9733, - 9739, 9743, 9749, 9767, 9769, 9781, 9787, 9791, - 9803, 9811, 9817, 9829, 9833, 9839, 9851, 9857, - 9859, 9871, 9883, 9887, 9901, 9907, 9923, 9929, - 9931, 9941, 9949, 9967, 9973, 10007, 10009, 10037, - 10039, 10061, 10067, 10069, 10079, 10091, 10093, 10099, - 10103, 10111, 10133, 10139, 10141, 10151, 10159, 10163, - 10169, 10177, 10181, 10193, 10211, 10223, 10243, 10247, - 10253, 10259, 10267, 10271, 10273, 10289, 10301, 10303, - 10313, 10321, 10331, 10333, 10337, 10343, 10357, 10369, - 10391, 10399, 10427, 10429, 10433, 10453, 10457, 10459, - 10463, 10477, 10487, 10499, 10501, 10513, 10529, 10531, - 10559, 10567, 10589, 10597, 10601, 10607, 10613, 10627, - 10631, 10639, 10651, 10657, 10663, 10667, 10687, 10691, - 10709, 10711, 10723, 10729, 10733, 10739, 10753, 10771, - 10781, 10789, 10799, 10831, 10837, 10847, 10853, 10859, - 10861, 10867, 10883, 10889, 10891, 10903, 10909, 10937, - 10939, 10949, 10957, 10973, 10979, 10987, 10993, 11003, - 11027, 11047, 11057, 11059, 11069, 11071, 11083, 11087, - 11093, 11113, 11117, 11119, 11131, 11149, 11159, 11161, - 11171, 11173, 11177, 11197, 11213, 11239, 11243, 11251, - 11257, 11261, 11273, 11279, 11287, 11299, 11311, 11317, - 11321, 11329, 11351, 11353, 11369, 11383, 11393, 11399, - 11411, 11423, 11437, 11443, 11447, 11467, 11471, 11483, - 11489, 11491, 11497, 11503, 11519, 11527, 11549, 11551, - 11579, 11587, 11593, 11597, 11617, 11621, 11633, 11657, - 11677, 11681, 11689, 11699, 11701, 11717, 11719, 11731, - 11743, 11777, 11779, 11783, 11789, 11801, 11807, 11813, - 11821, 11827, 11831, 11833, 11839, 11863, 11867, 11887, - 11897, 11903, 11909, 11923, 11927, 11933, 11939, 11941, - 11953, 11959, 11969, 11971, 11981, 11987, 12007, 12011, - 12037, 12041, 12043, 12049, 12071, 12073, 12097, 12101, - 12107, 12109, 12113, 12119, 12143, 12149, 12157, 12161, - 12163, 12197, 12203, 12211, 12227, 12239, 12241, 12251, - 12253, 12263, 12269, 12277, 12281, 12289, 12301, 12323, - 12329, 12343, 12347, 12373, 12377, 12379, 12391, 12401, - 12409, 12413, 12421, 12433, 12437, 12451, 12457, 12473, - 12479, 12487, 12491, 12497, 12503, 12511, 12517, 12527, - 12539, 12541, 12547, 12553, 12569, 12577, 12583, 12589, - 12601, 12611, 12613, 12619, 12637, 12641, 12647, 12653, - 12659, 12671, 12689, 12697, 12703, 12713, 12721, 12739, - 12743, 12757, 12763, 12781, 12791, 12799, 12809, 12821, - 12823, 12829, 12841, 12853, 12889, 12893, 12899, 12907, - 12911, 12917, 12919, 12923, 12941, 12953, 12959, 12967, - 12973, 12979, 12983, 13001, 13003, 13007, 13009, 13033, - 13037, 13043, 13049, 13063, 13093, 13099, 13103, 13109, - 13121, 13127, 13147, 13151, 13159, 13163, 13171, 13177, - 13183, 13187, 13217, 13219, 13229, 13241, 13249, 13259, - 13267, 13291, 13297, 13309, 13313, 13327, 13331, 13337, - 13339, 13367, 13381, 13397, 13399, 13411, 13417, 13421, - 13441, 13451, 13457, 13463, 13469, 13477, 13487, 13499, - 13513, 13523, 13537, 13553, 13567, 13577, 13591, 13597, - 13613, 13619, 13627, 13633, 13649, 13669, 13679, 13681, - 13687, 13691, 13693, 13697, 13709, 13711, 13721, 13723, - 13729, 13751, 13757, 13759, 13763, 13781, 13789, 13799, - 13807, 13829, 13831, 13841, 13859, 13873, 13877, 13879, - 13883, 13901, 13903, 13907, 13913, 13921, 13931, 13933, - 13963, 13967, 13997, 13999, 14009, 14011, 14029, 14033, - 14051, 14057, 14071, 14081, 14083, 14087, 14107, 14143, - 14149, 14153, 14159, 14173, 14177, 14197, 14207, 14221, - 14243, 14249, 14251, 14281, 14293, 14303, 14321, 14323, - 14327, 14341, 14347, 14369, 14387, 14389, 14401, 14407, - 14411, 14419, 14423, 14431, 14437, 14447, 14449, 14461, - 14479, 14489, 14503, 14519, 14533, 14537, 14543, 14549, - 14551, 14557, 14561, 14563, 14591, 14593, 14621, 14627, - 14629, 14633, 14639, 14653, 14657, 14669, 14683, 14699, - 14713, 14717, 14723, 14731, 14737, 14741, 14747, 14753, - 14759, 14767, 14771, 14779, 14783, 14797, 14813, 14821, - 14827, 14831, 14843, 14851, 14867, 14869, 14879, 14887, - 14891, 14897, 14923, 14929, 14939, 14947, 14951, 14957, - 14969, 14983, 15013, 15017, 15031, 15053, 15061, 15073, - 15077, 15083, 15091, 15101, 15107, 15121, 15131, 15137, - 15139, 15149, 15161, 15173, 15187, 15193, 15199, 15217, - 15227, 15233, 15241, 15259, 15263, 15269, 15271, 15277, - 15287, 15289, 15299, 15307, 15313, 15319, 15329, 15331, - 15349, 15359, 15361, 15373, 15377, 15383, 15391, 15401, - 15413, 15427, 15439, 15443, 15451, 15461, 15467, 15473, - 15493, 15497, 15511, 15527, 15541, 15551, 15559, 15569, - 15581, 15583, 15601, 15607, 15619, 15629, 15641, 15643, - 15647, 15649, 15661, 15667, 15671, 15679, 15683, 15727, - 15731, 15733, 15737, 15739, 15749, 15761, 15767, 15773, - 15787, 15791, 15797, 15803, 15809, 15817, 15823, 15859, - 15877, 15881, 15887, 15889, 15901, 15907, 15913, 15919, - 15923, 15937, 15959, 15971, 15973, 15991, 16001, 16007, - 16033, 16057, 16061, 16063, 16067, 16069, 16073, 16087, - 16091, 16097, 16103, 16111, 16127, 16139, 16141, 16183, - 16187, 16189, 16193, 16217, 16223, 16229, 16231, 16249, - 16253, 16267, 16273, 16301, 16319, 16333, 16339, 16349, - 16361, 16363, 16369, 16381, 16411, 16417, 16421, 16427, - 16433, 16447, 16451, 16453, 16477, 16481, 16487, 16493, - 16519, 16529, 16547, 16553, 16561, 16567, 16573, 16603, - 16607, 16619, 16631, 16633, 16649, 16651, 16657, 16661, - 16673, 16691, 16693, 16699, 16703, 16729, 16741, 16747, - 16759, 16763, 16787, 16811, 16823, 16829, 16831, 16843, - 16871, 16879, 16883, 16889, 16901, 16903, 16921, 16927, - 16931, 16937, 16943, 16963, 16979, 16981, 16987, 16993, - 17011, 17021, 17027, 17029, 17033, 17041, 17047, 17053, - 17077, 17093, 17099, 17107, 17117, 17123, 17137, 17159, - 17167, 17183, 17189, 17191, 17203, 17207, 17209, 17231, - 17239, 17257, 17291, 17293, 17299, 17317, 17321, 17327, - 17333, 17341, 17351, 17359, 17377, 17383, 17387, 17389, - 17393, 17401, 17417, 17419, 17431, 17443, 17449, 17467, - 17471, 17477, 17483, 17489, 17491, 17497, 17509, 17519, - 17539, 17551, 17569, 17573, 17579, 17581, 17597, 17599, - 17609, 17623, 17627, 17657, 17659, 17669, 17681, 17683, - 17707, 17713, 17729, 17737, 17747, 17749, 17761, 17783, - 17789, 17791, 17807, 17827, 17837, 17839, 17851, 17863, -}; diff --git a/src/lib/libcrypto/bn/bn_sqr.c b/src/lib/libcrypto/bn/bn_sqr.c deleted file mode 100644 index 0dbccbf85d..0000000000 --- a/src/lib/libcrypto/bn/bn_sqr.c +++ /dev/null @@ -1,305 +0,0 @@ -/* $OpenBSD: bn_sqr.c,v 1.36 2023/07/08 12:21:58 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include "bn_arch.h" -#include "bn_local.h" -#include "bn_internal.h" - -int bn_sqr(BIGNUM *r, const BIGNUM *a, int max, BN_CTX *ctx); - -/* - * bn_sqr_comba4() computes r[] = a[] * a[] using Comba multiplication - * (https://everything2.com/title/Comba+multiplication), where a is a - * four word array, producing an eight word array result. - */ -#ifndef HAVE_BN_SQR_COMBA4 -void -bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a) -{ - BN_ULONG c2, c1, c0; - - bn_mulw_addtw(a[0], a[0], 0, 0, 0, &c2, &c1, &r[0]); - - bn_mul2_mulw_addtw(a[1], a[0], 0, c2, c1, &c2, &c1, &r[1]); - - bn_mulw_addtw(a[1], a[1], 0, c2, c1, &c2, &c1, &c0); - bn_mul2_mulw_addtw(a[2], a[0], c2, c1, c0, &c2, &c1, &r[2]); - - bn_mul2_mulw_addtw(a[3], a[0], 0, c2, c1, &c2, &c1, &c0); - bn_mul2_mulw_addtw(a[2], a[1], c2, c1, c0, &c2, &c1, &r[3]); - - bn_mulw_addtw(a[2], a[2], 0, c2, c1, &c2, &c1, &c0); - bn_mul2_mulw_addtw(a[3], a[1], c2, c1, c0, &c2, &c1, &r[4]); - - bn_mul2_mulw_addtw(a[3], a[2], 0, c2, c1, &c2, &c1, &r[5]); - - bn_mulw_addtw(a[3], a[3], 0, c2, c1, &c2, &r[7], &r[6]); -} -#endif - -/* - * bn_sqr_comba8() computes r[] = a[] * a[] using Comba multiplication - * (https://everything2.com/title/Comba+multiplication), where a is an - * eight word array, producing an 16 word array result. - */ -#ifndef HAVE_BN_SQR_COMBA8 -void -bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a) -{ - BN_ULONG c2, c1, c0; - - bn_mulw_addtw(a[0], a[0], 0, 0, 0, &c2, &c1, &r[0]); - - bn_mul2_mulw_addtw(a[1], a[0], 0, c2, c1, &c2, &c1, &r[1]); - - bn_mulw_addtw(a[1], a[1], 0, c2, c1, &c2, &c1, &c0); - bn_mul2_mulw_addtw(a[2], a[0], c2, c1, c0, &c2, &c1, &r[2]); - - bn_mul2_mulw_addtw(a[3], a[0], 0, c2, c1, &c2, &c1, &c0); - bn_mul2_mulw_addtw(a[2], a[1], c2, c1, c0, &c2, &c1, &r[3]); - - bn_mulw_addtw(a[2], a[2], 0, c2, c1, &c2, &c1, &c0); - bn_mul2_mulw_addtw(a[3], a[1], c2, c1, c0, &c2, &c1, &c0); - bn_mul2_mulw_addtw(a[4], a[0], c2, c1, c0, &c2, &c1, &r[4]); - - bn_mul2_mulw_addtw(a[5], a[0], 0, c2, c1, &c2, &c1, &c0); - bn_mul2_mulw_addtw(a[4], a[1], c2, c1, c0, &c2, &c1, &c0); - bn_mul2_mulw_addtw(a[3], a[2], c2, c1, c0, &c2, &c1, &r[5]); - - bn_mulw_addtw(a[3], a[3], 0, c2, c1, &c2, &c1, &c0); - bn_mul2_mulw_addtw(a[4], a[2], c2, c1, c0, &c2, &c1, &c0); - bn_mul2_mulw_addtw(a[5], a[1], c2, c1, c0, &c2, &c1, &c0); - bn_mul2_mulw_addtw(a[6], a[0], c2, c1, c0, &c2, &c1, &r[6]); - - bn_mul2_mulw_addtw(a[7], a[0], 0, c2, c1, &c2, &c1, &c0); - bn_mul2_mulw_addtw(a[6], a[1], c2, c1, c0, &c2, &c1, &c0); - bn_mul2_mulw_addtw(a[5], a[2], c2, c1, c0, &c2, &c1, &c0); - bn_mul2_mulw_addtw(a[4], a[3], c2, c1, c0, &c2, &c1, &r[7]); - - bn_mulw_addtw(a[4], a[4], 0, c2, c1, &c2, &c1, &c0); - bn_mul2_mulw_addtw(a[5], a[3], c2, c1, c0, &c2, &c1, &c0); - bn_mul2_mulw_addtw(a[6], a[2], c2, c1, c0, &c2, &c1, &c0); - bn_mul2_mulw_addtw(a[7], a[1], c2, c1, c0, &c2, &c1, &r[8]); - - bn_mul2_mulw_addtw(a[7], a[2], 0, c2, c1, &c2, &c1, &c0); - bn_mul2_mulw_addtw(a[6], a[3], c2, c1, c0, &c2, &c1, &c0); - bn_mul2_mulw_addtw(a[5], a[4], c2, c1, c0, &c2, &c1, &r[9]); - - bn_mulw_addtw(a[5], a[5], 0, c2, c1, &c2, &c1, &c0); - bn_mul2_mulw_addtw(a[6], a[4], c2, c1, c0, &c2, &c1, &c0); - bn_mul2_mulw_addtw(a[7], a[3], c2, c1, c0, &c2, &c1, &r[10]); - - bn_mul2_mulw_addtw(a[7], a[4], 0, c2, c1, &c2, &c1, &c0); - bn_mul2_mulw_addtw(a[6], a[5], c2, c1, c0, &c2, &c1, &r[11]); - - bn_mulw_addtw(a[6], a[6], 0, c2, c1, &c2, &c1, &c0); - bn_mul2_mulw_addtw(a[7], a[5], c2, c1, c0, &c2, &c1, &r[12]); - - bn_mul2_mulw_addtw(a[7], a[6], 0, c2, c1, &c2, &c1, &r[13]); - - bn_mulw_addtw(a[7], a[7], 0, c2, c1, &c2, &r[15], &r[14]); -} -#endif - -#ifndef HAVE_BN_SQR -/* - * bn_sqr_add_words() computes (r[i*2+1]:r[i*2]) = (r[i*2+1]:r[i*2]) + a[i] * a[i]. - */ -static void -bn_sqr_add_words(BN_ULONG *r, const BN_ULONG *a, int n) -{ - BN_ULONG x3, x2, x1, x0; - BN_ULONG carry = 0; - - assert(n >= 0); - if (n <= 0) - return; - - while (n & ~3) { - bn_mulw(a[0], a[0], &x1, &x0); - bn_mulw(a[1], a[1], &x3, &x2); - bn_qwaddqw(x3, x2, x1, x0, r[3], r[2], r[1], r[0], carry, - &carry, &r[3], &r[2], &r[1], &r[0]); - bn_mulw(a[2], a[2], &x1, &x0); - bn_mulw(a[3], a[3], &x3, &x2); - bn_qwaddqw(x3, x2, x1, x0, r[7], r[6], r[5], r[4], carry, - &carry, &r[7], &r[6], &r[5], &r[4]); - - a += 4; - r += 8; - n -= 4; - } - while (n) { - bn_mulw_addw_addw(a[0], a[0], r[0], carry, &carry, &r[0]); - bn_addw(r[1], carry, &carry, &r[1]); - a++; - r += 2; - n--; - } -} - -static void -bn_sqr_normal(BN_ULONG *r, int r_len, const BN_ULONG *a, int a_len) -{ - const BN_ULONG *ap; - BN_ULONG *rp; - BN_ULONG w; - int n; - - if (a_len <= 0) - return; - - ap = a; - w = ap[0]; - ap++; - - rp = r; - rp[0] = rp[r_len - 1] = 0; - rp++; - - /* Compute initial product - r[n:1] = a[n:1] * a[0] */ - n = a_len - 1; - if (n > 0) { - rp[n] = bn_mul_words(rp, ap, n, w); - } - rp += 2; - n--; - - /* Compute and sum remaining products. */ - while (n > 0) { - w = ap[0]; - ap++; - - rp[n] = bn_mul_add_words(rp, ap, n, w); - rp += 2; - n--; - } - - /* Double the sum of products. */ - bn_add_words(r, r, r, r_len); - - /* Add squares. */ - bn_sqr_add_words(r, a, a_len); -} - -/* - * bn_sqr() computes a * a, storing the result in r. The caller must ensure that - * r is not the same BIGNUM as a and that r has been expanded to rn = a->top * 2 - * words. - */ -int -bn_sqr(BIGNUM *r, const BIGNUM *a, int r_len, BN_CTX *ctx) -{ - bn_sqr_normal(r->d, r_len, a->d, a->top); - - return 1; -} -#endif - -int -BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) -{ - BIGNUM *rr; - int r_len; - int ret = 1; - - BN_CTX_start(ctx); - - if (a->top < 1) { - BN_zero(r); - goto done; - } - - if ((rr = r) == a) - rr = BN_CTX_get(ctx); - if (rr == NULL) - goto err; - - if ((r_len = a->top * 2) < a->top) - goto err; - if (!bn_wexpand(rr, r_len)) - goto err; - - if (a->top == 4) { - bn_sqr_comba4(rr->d, a->d); - } else if (a->top == 8) { - bn_sqr_comba8(rr->d, a->d); - } else { - if (!bn_sqr(rr, a, r_len, ctx)) - goto err; - } - - rr->top = r_len; - bn_correct_top(rr); - - rr->neg = 0; - - if (!bn_copy(r, rr)) - goto err; - done: - ret = 1; - err: - BN_CTX_end(ctx); - - return ret; -} -LCRYPTO_ALIAS(BN_sqr); diff --git a/src/lib/libcrypto/bn/bn_word.c b/src/lib/libcrypto/bn/bn_word.c deleted file mode 100644 index a82b911e67..0000000000 --- a/src/lib/libcrypto/bn/bn_word.c +++ /dev/null @@ -1,245 +0,0 @@ -/* $OpenBSD: bn_word.c,v 1.21 2023/07/08 12:21:58 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include "bn_local.h" - -BN_ULONG -BN_mod_word(const BIGNUM *a, BN_ULONG w) -{ -#ifndef BN_LLONG - BN_ULONG ret = 0; -#else - BN_ULLONG ret = 0; -#endif - int i; - - if (w == 0) - return (BN_ULONG) - 1; - -#ifndef BN_ULLONG - /* If |w| is too long and we don't have |BN_ULLONG| then we need to fall back - * to using |BN_div_word|. */ - if (w > ((BN_ULONG)1 << BN_BITS4)) { - BIGNUM *tmp = BN_dup(a); - if (tmp == NULL) { - return (BN_ULONG)-1; - } - ret = BN_div_word(tmp, w); - BN_free(tmp); - return ret; - } -#endif - - w &= BN_MASK2; - for (i = a->top - 1; i >= 0; i--) { -#ifndef BN_LLONG - ret = ((ret << BN_BITS4) | ((a->d[i] >> BN_BITS4) & - BN_MASK2l)) % w; - ret = ((ret << BN_BITS4) | (a->d[i] & BN_MASK2l)) % w; -#else - ret = (BN_ULLONG)(((ret << (BN_ULLONG)BN_BITS2) | - a->d[i]) % (BN_ULLONG)w); -#endif - } - return ((BN_ULONG)ret); -} -LCRYPTO_ALIAS(BN_mod_word); - -BN_ULONG -BN_div_word(BIGNUM *a, BN_ULONG w) -{ - BN_ULONG ret = 0; - int i, j; - - w &= BN_MASK2; - - if (!w) - /* actually this an error (division by zero) */ - return (BN_ULONG) - 1; - if (a->top == 0) - return 0; - - /* normalize input (so bn_div_words doesn't complain) */ - j = BN_BITS2 - BN_num_bits_word(w); - w <<= j; - if (!BN_lshift(a, a, j)) - return (BN_ULONG) - 1; - - for (i = a->top - 1; i >= 0; i--) { - BN_ULONG l, d; - - l = a->d[i]; - bn_div_rem_words(ret, l, w, &d, &ret); - a->d[i] = d; - } - if ((a->top > 0) && (a->d[a->top - 1] == 0)) - a->top--; - ret >>= j; - - /* Set negative again, to handle -0 case. */ - BN_set_negative(a, a->neg); - - return (ret); -} -LCRYPTO_ALIAS(BN_div_word); - -int -BN_add_word(BIGNUM *a, BN_ULONG w) -{ - BN_ULONG l; - int i; - - w &= BN_MASK2; - - /* degenerate case: w is zero */ - if (!w) - return 1; - /* degenerate case: a is zero */ - if (BN_is_zero(a)) - return BN_set_word(a, w); - /* handle 'a' when negative */ - if (a->neg) { - a->neg = 0; - i = BN_sub_word(a, w); - BN_set_negative(a, !a->neg); - return (i); - } - for (i = 0; w != 0 && i < a->top; i++) { - a->d[i] = l = (a->d[i] + w) & BN_MASK2; - w = (w > l) ? 1 : 0; - } - if (w && i == a->top) { - if (!bn_wexpand(a, a->top + 1)) - return 0; - a->top++; - a->d[i] = w; - } - return (1); -} -LCRYPTO_ALIAS(BN_add_word); - -int -BN_sub_word(BIGNUM *a, BN_ULONG w) -{ - int i; - - w &= BN_MASK2; - - /* degenerate case: w is zero */ - if (!w) - return 1; - /* degenerate case: a is zero */ - if (BN_is_zero(a)) { - i = BN_set_word(a, w); - if (i != 0) - BN_set_negative(a, 1); - return i; - } - /* handle 'a' when negative */ - if (a->neg) { - a->neg = 0; - i = BN_add_word(a, w); - BN_set_negative(a, !a->neg); - return (i); - } - - if ((a->top == 1) && (a->d[0] < w)) { - a->d[0] = w - a->d[0]; - BN_set_negative(a, 1); - return (1); - } - i = 0; - for (;;) { - if (a->d[i] >= w) { - a->d[i] -= w; - break; - } else { - a->d[i] = (a->d[i] - w) & BN_MASK2; - i++; - w = 1; - } - } - if ((a->d[i] == 0) && (i == (a->top - 1))) - a->top--; - return (1); -} -LCRYPTO_ALIAS(BN_sub_word); - -int -BN_mul_word(BIGNUM *a, BN_ULONG w) -{ - BN_ULONG ll; - - w &= BN_MASK2; - if (a->top) { - if (w == 0) - BN_zero(a); - else { - ll = bn_mul_words(a->d, a->d, a->top, w); - if (ll) { - if (!bn_wexpand(a, a->top + 1)) - return (0); - a->d[a->top++] = ll; - } - } - } - return (1); -} -LCRYPTO_ALIAS(BN_mul_word); diff --git a/src/lib/libcrypto/bn/s2n_bignum.h b/src/lib/libcrypto/bn/s2n_bignum.h deleted file mode 100644 index ce6e8cdc94..0000000000 --- a/src/lib/libcrypto/bn/s2n_bignum.h +++ /dev/null @@ -1,856 +0,0 @@ -// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. -// -// Permission to use, copy, modify, and/or distribute this software for any -// purpose with or without fee is hereby granted, provided that the above -// copyright notice and this permission notice appear in all copies. -// -// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -// ---------------------------------------------------------------------------- -// C prototypes for s2n-bignum functions, so you can use them in C programs via -// -// #include "s2n-bignum.h" -// -// The functions are listed in alphabetical order with a brief description -// in comments for each one. For more detailed documentation see the comment -// banner at the top of the corresponding assembly (.S) file, and -// for the last word in what properties it satisfies see the spec in the -// formal proof (the .ml file in the architecture-specific directory). -// -// For some functions there are additional variants with names ending in -// "_alt". These have the same core mathematical functionality as their -// non-"alt" versions, but can be better suited to some microarchitectures: -// -// - On x86, the "_alt" forms avoid BMI and ADX instruction set -// extensions, so will run on any x86_64 machine, even older ones -// -// - On ARM, the "_alt" forms target machines with higher multiplier -// throughput, generally offering higher performance there. -// ---------------------------------------------------------------------------- - -// Add, z := x + y -// Inputs x[m], y[n]; outputs function return (carry-out) and z[p] -extern uint64_t bignum_add (uint64_t p, uint64_t *z, uint64_t m, uint64_t *x, uint64_t n, uint64_t *y); - -// Add modulo p_25519, z := (x + y) mod p_25519, assuming x and y reduced -// Inputs x[4], y[4]; output z[4] -extern void bignum_add_p25519 (uint64_t z[static 4], uint64_t x[static 4], uint64_t y[static 4]); - -// Add modulo p_256, z := (x + y) mod p_256, assuming x and y reduced -// Inputs x[4], y[4]; output z[4] -extern void bignum_add_p256 (uint64_t z[static 4], uint64_t x[static 4], uint64_t y[static 4]); - -// Add modulo p_256k1, z := (x + y) mod p_256k1, assuming x and y reduced -// Inputs x[4], y[4]; output z[4] -extern void bignum_add_p256k1 (uint64_t z[static 4], uint64_t x[static 4], uint64_t y[static 4]); - -// Add modulo p_384, z := (x + y) mod p_384, assuming x and y reduced -// Inputs x[6], y[6]; output z[6] -extern void bignum_add_p384 (uint64_t z[static 6], uint64_t x[static 6], uint64_t y[static 6]); - -// Add modulo p_521, z := (x + y) mod p_521, assuming x and y reduced -// Inputs x[9], y[9]; output z[9] -extern void bignum_add_p521 (uint64_t z[static 9], uint64_t x[static 9], uint64_t y[static 9]); - -// Compute "amontification" constant z :== 2^{128k} (congruent mod m) -// Input m[k]; output z[k]; temporary buffer t[>=k] -extern void bignum_amontifier (uint64_t k, uint64_t *z, uint64_t *m, uint64_t *t); - -// Almost-Montgomery multiply, z :== (x * y / 2^{64k}) (congruent mod m) -// Inputs x[k], y[k], m[k]; output z[k] -extern void bignum_amontmul (uint64_t k, uint64_t *z, uint64_t *x, uint64_t *y, uint64_t *m); - -// Almost-Montgomery reduce, z :== (x' / 2^{64p}) (congruent mod m) -// Inputs x[n], m[k], p; output z[k] -extern void bignum_amontredc (uint64_t k, uint64_t *z, uint64_t n, uint64_t *x, uint64_t *m, uint64_t p); - -// Almost-Montgomery square, z :== (x^2 / 2^{64k}) (congruent mod m) -// Inputs x[k], m[k]; output z[k] -extern void bignum_amontsqr (uint64_t k, uint64_t *z, uint64_t *x, uint64_t *m); - -// Convert 4-digit (256-bit) bignum to/from big-endian form -// Input x[4]; output z[4] -extern void bignum_bigendian_4 (uint64_t z[static 4], uint64_t x[static 4]); - -// Convert 6-digit (384-bit) bignum to/from big-endian form -// Input x[6]; output z[6] -extern void bignum_bigendian_6 (uint64_t z[static 6], uint64_t x[static 6]); - -// Select bitfield starting at bit n with length l <= 64 -// Inputs x[k], n, l; output function return -extern uint64_t bignum_bitfield (uint64_t k, uint64_t *x, uint64_t n, uint64_t l); - -// Return size of bignum in bits -// Input x[k]; output function return -extern uint64_t bignum_bitsize (uint64_t k, uint64_t *x); - -// Divide by a single (nonzero) word, z := x / m and return x mod m -// Inputs x[n], m; outputs function return (remainder) and z[k] -extern uint64_t bignum_cdiv (uint64_t k, uint64_t *z, uint64_t n, uint64_t *x, uint64_t m); - -// Divide by a single word, z := x / m when known to be exact -// Inputs x[n], m; output z[k] -extern void bignum_cdiv_exact (uint64_t k, uint64_t *z, uint64_t n, uint64_t *x, uint64_t m); - -// Count leading zero digits (64-bit words) -// Input x[k]; output function return -extern uint64_t bignum_cld (uint64_t k, uint64_t *x); - -// Count leading zero bits -// Input x[k]; output function return -extern uint64_t bignum_clz (uint64_t k, uint64_t *x); - -// Multiply-add with single-word multiplier, z := z + c * y -// Inputs c, y[n]; outputs function return (carry-out) and z[k] -extern uint64_t bignum_cmadd (uint64_t k, uint64_t *z, uint64_t c, uint64_t n, uint64_t *y); - -// Negated multiply-add with single-word multiplier, z := z - c * y -// Inputs c, y[n]; outputs function return (negative carry-out) and z[k] -extern uint64_t bignum_cmnegadd (uint64_t k, uint64_t *z, uint64_t c, uint64_t n, uint64_t *y); - -// Find modulus of bignum w.r.t. single nonzero word m, returning x mod m -// Input x[k], m; output function return -extern uint64_t bignum_cmod (uint64_t k, uint64_t *x, uint64_t m); - -// Multiply by a single word, z := c * y -// Inputs c, y[n]; outputs function return (carry-out) and z[k] -extern uint64_t bignum_cmul (uint64_t k, uint64_t *z, uint64_t c, uint64_t n, uint64_t *y); - -// Multiply by a single word modulo p_25519, z := (c * x) mod p_25519, assuming x reduced -// Inputs c, x[4]; output z[4] -extern void bignum_cmul_p25519 (uint64_t z[static 4], uint64_t c, uint64_t x[static 4]); -extern void bignum_cmul_p25519_alt (uint64_t z[static 4], uint64_t c, uint64_t x[static 4]); - -// Multiply by a single word modulo p_256, z := (c * x) mod p_256, assuming x reduced -// Inputs c, x[4]; output z[4] -extern void bignum_cmul_p256 (uint64_t z[static 4], uint64_t c, uint64_t x[static 4]); -extern void bignum_cmul_p256_alt (uint64_t z[static 4], uint64_t c, uint64_t x[static 4]); - -// Multiply by a single word modulo p_256k1, z := (c * x) mod p_256k1, assuming x reduced -// Inputs c, x[4]; output z[4] -extern void bignum_cmul_p256k1 (uint64_t z[static 4], uint64_t c, uint64_t x[static 4]); -extern void bignum_cmul_p256k1_alt (uint64_t z[static 4], uint64_t c, uint64_t x[static 4]); - -// Multiply by a single word modulo p_384, z := (c * x) mod p_384, assuming x reduced -// Inputs c, x[6]; output z[6] -extern void bignum_cmul_p384 (uint64_t z[static 6], uint64_t c, uint64_t x[static 6]); -extern void bignum_cmul_p384_alt (uint64_t z[static 6], uint64_t c, uint64_t x[static 6]); - -// Multiply by a single word modulo p_521, z := (c * x) mod p_521, assuming x reduced -// Inputs c, x[9]; output z[9] -extern void bignum_cmul_p521 (uint64_t z[static 9], uint64_t c, uint64_t x[static 9]); -extern void bignum_cmul_p521_alt (uint64_t z[static 9], uint64_t c, uint64_t x[static 9]); - -// Test bignums for coprimality, gcd(x,y) = 1 -// Inputs x[m], y[n]; output function return; temporary buffer t[>=2*max(m,n)] -extern uint64_t bignum_coprime (uint64_t m, uint64_t *x, uint64_t n, uint64_t *y, uint64_t *t); - -// Copy bignum with zero-extension or truncation, z := x -// Input x[n]; output z[k] -extern void bignum_copy (uint64_t k, uint64_t *z, uint64_t n, uint64_t *x); - -// Count trailing zero digits (64-bit words) -// Input x[k]; output function return -extern uint64_t bignum_ctd (uint64_t k, uint64_t *x); - -// Count trailing zero bits -// Input x[k]; output function return -extern uint64_t bignum_ctz (uint64_t k, uint64_t *x); - -// Convert from almost-Montgomery form, z := (x / 2^256) mod p_256 -// Input x[4]; output z[4] -extern void bignum_deamont_p256 (uint64_t z[static 4], uint64_t x[static 4]); -extern void bignum_deamont_p256_alt (uint64_t z[static 4], uint64_t x[static 4]); - -// Convert from almost-Montgomery form, z := (x / 2^256) mod p_256k1 -// Input x[4]; output z[4] -extern void bignum_deamont_p256k1 (uint64_t z[static 4], uint64_t x[static 4]); - -// Convert from almost-Montgomery form, z := (x / 2^384) mod p_384 -// Input x[6]; output z[6] -extern void bignum_deamont_p384 (uint64_t z[static 6], uint64_t x[static 6]); -extern void bignum_deamont_p384_alt (uint64_t z[static 6], uint64_t x[static 6]); - -// Convert from almost-Montgomery form z := (x / 2^576) mod p_521 -// Input x[9]; output z[9] -extern void bignum_deamont_p521 (uint64_t z[static 9], uint64_t x[static 9]); - -// Convert from (almost-)Montgomery form z := (x / 2^{64k}) mod m -// Inputs x[k], m[k]; output z[k] -extern void bignum_demont (uint64_t k, uint64_t *z, uint64_t *x, uint64_t *m); - -// Convert from Montgomery form z := (x / 2^256) mod p_256, assuming x reduced -// Input x[4]; output z[4] -extern void bignum_demont_p256 (uint64_t z[static 4], uint64_t x[static 4]); -extern void bignum_demont_p256_alt (uint64_t z[static 4], uint64_t x[static 4]); - -// Convert from Montgomery form z := (x / 2^256) mod p_256k1, assuming x reduced -// Input x[4]; output z[4] -extern void bignum_demont_p256k1 (uint64_t z[static 4], uint64_t x[static 4]); - -// Convert from Montgomery form z := (x / 2^384) mod p_384, assuming x reduced -// Input x[6]; output z[6] -extern void bignum_demont_p384 (uint64_t z[static 6], uint64_t x[static 6]); -extern void bignum_demont_p384_alt (uint64_t z[static 6], uint64_t x[static 6]); - -// Convert from Montgomery form z := (x / 2^576) mod p_521, assuming x reduced -// Input x[9]; output z[9] -extern void bignum_demont_p521 (uint64_t z[static 9], uint64_t x[static 9]); - -// Select digit x[n] -// Inputs x[k], n; output function return -extern uint64_t bignum_digit (uint64_t k, uint64_t *x, uint64_t n); - -// Return size of bignum in digits (64-bit word) -// Input x[k]; output function return -extern uint64_t bignum_digitsize (uint64_t k, uint64_t *x); - -// Divide bignum by 10: z' := z div 10, returning remainder z mod 10 -// Inputs z[k]; outputs function return (remainder) and z[k] -extern uint64_t bignum_divmod10 (uint64_t k, uint64_t *z); - -// Double modulo p_25519, z := (2 * x) mod p_25519, assuming x reduced -// Input x[4]; output z[4] -extern void bignum_double_p25519 (uint64_t z[static 4], uint64_t x[static 4]); - -// Double modulo p_256, z := (2 * x) mod p_256, assuming x reduced -// Input x[4]; output z[4] -extern void bignum_double_p256 (uint64_t z[static 4], uint64_t x[static 4]); - -// Double modulo p_256k1, z := (2 * x) mod p_256k1, assuming x reduced -// Input x[4]; output z[4] -extern void bignum_double_p256k1 (uint64_t z[static 4], uint64_t x[static 4]); - -// Double modulo p_384, z := (2 * x) mod p_384, assuming x reduced -// Input x[6]; output z[6] -extern void bignum_double_p384 (uint64_t z[static 6], uint64_t x[static 6]); - -// Double modulo p_521, z := (2 * x) mod p_521, assuming x reduced -// Input x[9]; output z[9] -extern void bignum_double_p521 (uint64_t z[static 9], uint64_t x[static 9]); - -// Extended Montgomery reduce, returning results in input-output buffer -// Inputs z[2*k], m[k], w; outputs function return (extra result bit) and z[2*k] -extern uint64_t bignum_emontredc (uint64_t k, uint64_t *z, uint64_t *m, uint64_t w); - -// Extended Montgomery reduce in 8-digit blocks, results in input-output buffer -// Inputs z[2*k], m[k], w; outputs function return (extra result bit) and z[2*k] -extern uint64_t bignum_emontredc_8n (uint64_t k, uint64_t *z, uint64_t *m, uint64_t w); - -// Test bignums for equality, x = y -// Inputs x[m], y[n]; output function return -extern uint64_t bignum_eq (uint64_t m, uint64_t *x, uint64_t n, uint64_t *y); - -// Test bignum for even-ness -// Input x[k]; output function return -extern uint64_t bignum_even (uint64_t k, uint64_t *x); - -// Convert 4-digit (256-bit) bignum from big-endian bytes -// Input x[32] (bytes); output z[4] -extern void bignum_frombebytes_4 (uint64_t z[static 4], uint8_t x[static 32]); - -// Convert 6-digit (384-bit) bignum from big-endian bytes -// Input x[48] (bytes); output z[6] -extern void bignum_frombebytes_6 (uint64_t z[static 6], uint8_t x[static 48]); - -// Convert 4-digit (256-bit) bignum from little-endian bytes -// Input x[32] (bytes); output z[4] -extern void bignum_fromlebytes_4 (uint64_t z[static 4], uint8_t x[static 32]); - -// Convert 6-digit (384-bit) bignum from little-endian bytes -// Input x[48] (bytes); output z[6] -extern void bignum_fromlebytes_6 (uint64_t z[static 6], uint8_t x[static 48]); - -// Convert little-endian bytes to 9-digit 528-bit bignum -// Input x[66] (bytes); output z[9] -extern void bignum_fromlebytes_p521 (uint64_t z[static 9],uint8_t x[static 66]); - -// Compare bignums, x >= y -// Inputs x[m], y[n]; output function return -extern uint64_t bignum_ge (uint64_t m, uint64_t *x, uint64_t n, uint64_t *y); - -// Compare bignums, x > y -// Inputs x[m], y[n]; output function return -extern uint64_t bignum_gt (uint64_t m, uint64_t *x, uint64_t n, uint64_t *y); - -// Halve modulo p_256, z := (x / 2) mod p_256, assuming x reduced -// Input x[4]; output z[4] -extern void bignum_half_p256 (uint64_t z[static 4], uint64_t x[static 4]); - -// Halve modulo p_256k1, z := (x / 2) mod p_256k1, assuming x reduced -// Input x[4]; output z[4] -extern void bignum_half_p256k1 (uint64_t z[static 4], uint64_t x[static 4]); - -// Halve modulo p_384, z := (x / 2) mod p_384, assuming x reduced -// Input x[6]; output z[6] -extern void bignum_half_p384 (uint64_t z[static 6], uint64_t x[static 6]); - -// Halve modulo p_521, z := (x / 2) mod p_521, assuming x reduced -// Input x[9]; output z[9] -extern void bignum_half_p521 (uint64_t z[static 9], uint64_t x[static 9]); - -// Test bignum for zero-ness, x = 0 -// Input x[k]; output function return -extern uint64_t bignum_iszero (uint64_t k, uint64_t *x); - -// Multiply z := x * y -// Inputs x[16], y[16]; output z[32]; temporary buffer t[>=32] -extern void bignum_kmul_16_32 (uint64_t z[static 32], uint64_t x[static 16], uint64_t y[static 16], uint64_t t[static 32]); - -// Multiply z := x * y -// Inputs x[32], y[32]; output z[64]; temporary buffer t[>=96] -extern void bignum_kmul_32_64 (uint64_t z[static 64], uint64_t x[static 32], uint64_t y[static 32], uint64_t t[static 96]); - -// Square, z := x^2 -// Input x[16]; output z[32]; temporary buffer t[>=24] -extern void bignum_ksqr_16_32 (uint64_t z[static 32], uint64_t x[static 16], uint64_t t[static 24]); - -// Square, z := x^2 -// Input x[32]; output z[64]; temporary buffer t[>=72] -extern void bignum_ksqr_32_64 (uint64_t z[static 64], uint64_t x[static 32], uint64_t t[static 72]); - -// Compare bignums, x <= y -// Inputs x[m], y[n]; output function return -extern uint64_t bignum_le (uint64_t m, uint64_t *x, uint64_t n, uint64_t *y); - -// Convert 4-digit (256-bit) bignum to/from little-endian form -// Input x[4]; output z[4] -extern void bignum_littleendian_4 (uint64_t z[static 4], uint64_t x[static 4]); - -// Convert 6-digit (384-bit) bignum to/from little-endian form -// Input x[6]; output z[6] -extern void bignum_littleendian_6 (uint64_t z[static 6], uint64_t x[static 6]); - -// Compare bignums, x < y -// Inputs x[m], y[n]; output function return -extern uint64_t bignum_lt (uint64_t m, uint64_t *x, uint64_t n, uint64_t *y); - -// Multiply-add, z := z + x * y -// Inputs x[m], y[n]; outputs function return (carry-out) and z[k] -extern uint64_t bignum_madd (uint64_t k, uint64_t *z, uint64_t m, uint64_t *x, uint64_t n, uint64_t *y); - -// Reduce modulo group order, z := x mod n_256 -// Input x[k]; output z[4] -extern void bignum_mod_n256 (uint64_t z[static 4], uint64_t k, uint64_t *x); -extern void bignum_mod_n256_alt (uint64_t z[static 4], uint64_t k, uint64_t *x); - -// Reduce modulo group order, z := x mod n_256 -// Input x[4]; output z[4] -extern void bignum_mod_n256_4 (uint64_t z[static 4], uint64_t x[static 4]); - -// Reduce modulo group order, z := x mod n_256k1 -// Input x[4]; output z[4] -extern void bignum_mod_n256k1_4 (uint64_t z[static 4], uint64_t x[static 4]); - -// Reduce modulo group order, z := x mod n_384 -// Input x[k]; output z[6] -extern void bignum_mod_n384 (uint64_t z[static 6], uint64_t k, uint64_t *x); -extern void bignum_mod_n384_alt (uint64_t z[static 6], uint64_t k, uint64_t *x); - -// Reduce modulo group order, z := x mod n_384 -// Input x[6]; output z[6] -extern void bignum_mod_n384_6 (uint64_t z[static 6], uint64_t x[static 6]); - -// Reduce modulo group order, z := x mod n_521 -// Input x[9]; output z[9] -extern void bignum_mod_n521_9 (uint64_t z[static 9], uint64_t x[static 9]); -extern void bignum_mod_n521_9_alt (uint64_t z[static 9], uint64_t x[static 9]); - -// Reduce modulo field characteristic, z := x mod p_25519 -// Input x[4]; output z[4] -extern void bignum_mod_p25519_4 (uint64_t z[static 4], uint64_t x[static 4]); - -// Reduce modulo field characteristic, z := x mod p_256 -// Input x[k]; output z[4] -extern void bignum_mod_p256 (uint64_t z[static 4], uint64_t k, uint64_t *x); -extern void bignum_mod_p256_alt (uint64_t z[static 4], uint64_t k, uint64_t *x); - -// Reduce modulo field characteristic, z := x mod p_256 -// Input x[4]; output z[4] -extern void bignum_mod_p256_4 (uint64_t z[static 4], uint64_t x[static 4]); - -// Reduce modulo field characteristic, z := x mod p_256k1 -// Input x[4]; output z[4] -extern void bignum_mod_p256k1_4 (uint64_t z[static 4], uint64_t x[static 4]); - -// Reduce modulo field characteristic, z := x mod p_384 -// Input x[k]; output z[6] -extern void bignum_mod_p384 (uint64_t z[static 6], uint64_t k, uint64_t *x); -extern void bignum_mod_p384_alt (uint64_t z[static 6], uint64_t k, uint64_t *x); - -// Reduce modulo field characteristic, z := x mod p_384 -// Input x[6]; output z[6] -extern void bignum_mod_p384_6 (uint64_t z[static 6], uint64_t x[static 6]); - -// Reduce modulo field characteristic, z := x mod p_521 -// Input x[9]; output z[9] -extern void bignum_mod_p521_9 (uint64_t z[static 9], uint64_t x[static 9]); - -// Add modulo m, z := (x + y) mod m, assuming x and y reduced -// Inputs x[k], y[k], m[k]; output z[k] -extern void bignum_modadd (uint64_t k, uint64_t *z, uint64_t *x, uint64_t *y, uint64_t *m); - -// Double modulo m, z := (2 * x) mod m, assuming x reduced -// Inputs x[k], m[k]; output z[k] -extern void bignum_moddouble (uint64_t k, uint64_t *z, uint64_t *x, uint64_t *m); - -// Compute "modification" constant z := 2^{64k} mod m -// Input m[k]; output z[k]; temporary buffer t[>=k] -extern void bignum_modifier (uint64_t k, uint64_t *z, uint64_t *m, uint64_t *t); - -// Invert modulo m, z = (1/a) mod b, assuming b is an odd number > 1, a coprime to b -// Inputs a[k], b[k]; output z[k]; temporary buffer t[>=3*k] -extern void bignum_modinv (uint64_t k, uint64_t *z, uint64_t *a, uint64_t *b, uint64_t *t); - -// Optionally negate modulo m, z := (-x) mod m (if p nonzero) or z := x (if p zero), assuming x reduced -// Inputs p, x[k], m[k]; output z[k] -extern void bignum_modoptneg (uint64_t k, uint64_t *z, uint64_t p, uint64_t *x, uint64_t *m); - -// Subtract modulo m, z := (x - y) mod m, assuming x and y reduced -// Inputs x[k], y[k], m[k]; output z[k] -extern void bignum_modsub (uint64_t k, uint64_t *z, uint64_t *x, uint64_t *y, uint64_t *m); - -// Compute "montification" constant z := 2^{128k} mod m -// Input m[k]; output z[k]; temporary buffer t[>=k] -extern void bignum_montifier (uint64_t k, uint64_t *z, uint64_t *m, uint64_t *t); - -// Montgomery multiply, z := (x * y / 2^{64k}) mod m -// Inputs x[k], y[k], m[k]; output z[k] -extern void bignum_montmul (uint64_t k, uint64_t *z, uint64_t *x, uint64_t *y, uint64_t *m); - -// Montgomery multiply, z := (x * y / 2^256) mod p_256 -// Inputs x[4], y[4]; output z[4] -extern void bignum_montmul_p256 (uint64_t z[static 4], uint64_t x[static 4], uint64_t y[static 4]); -extern void bignum_montmul_p256_alt (uint64_t z[static 4], uint64_t x[static 4], uint64_t y[static 4]); - -// Montgomery multiply, z := (x * y / 2^256) mod p_256k1 -// Inputs x[4], y[4]; output z[4] -extern void bignum_montmul_p256k1 (uint64_t z[static 4], uint64_t x[static 4], uint64_t y[static 4]); -extern void bignum_montmul_p256k1_alt (uint64_t z[static 4], uint64_t x[static 4], uint64_t y[static 4]); - -// Montgomery multiply, z := (x * y / 2^384) mod p_384 -// Inputs x[6], y[6]; output z[6] -extern void bignum_montmul_p384 (uint64_t z[static 6], uint64_t x[static 6], uint64_t y[static 6]); -extern void bignum_montmul_p384_alt (uint64_t z[static 6], uint64_t x[static 6], uint64_t y[static 6]); - -// Montgomery multiply, z := (x * y / 2^576) mod p_521 -// Inputs x[9], y[9]; output z[9] -extern void bignum_montmul_p521 (uint64_t z[static 9], uint64_t x[static 9], uint64_t y[static 9]); -extern void bignum_montmul_p521_alt (uint64_t z[static 9], uint64_t x[static 9], uint64_t y[static 9]); - -// Montgomery reduce, z := (x' / 2^{64p}) MOD m -// Inputs x[n], m[k], p; output z[k] -extern void bignum_montredc (uint64_t k, uint64_t *z, uint64_t n, uint64_t *x, uint64_t *m, uint64_t p); - -// Montgomery square, z := (x^2 / 2^{64k}) mod m -// Inputs x[k], m[k]; output z[k] -extern void bignum_montsqr (uint64_t k, uint64_t *z, uint64_t *x, uint64_t *m); - -// Montgomery square, z := (x^2 / 2^256) mod p_256 -// Input x[4]; output z[4] -extern void bignum_montsqr_p256 (uint64_t z[static 4], uint64_t x[static 4]); -extern void bignum_montsqr_p256_alt (uint64_t z[static 4], uint64_t x[static 4]); - -// Montgomery square, z := (x^2 / 2^256) mod p_256k1 -// Input x[4]; output z[4] -extern void bignum_montsqr_p256k1 (uint64_t z[static 4], uint64_t x[static 4]); -extern void bignum_montsqr_p256k1_alt (uint64_t z[static 4], uint64_t x[static 4]); - -// Montgomery square, z := (x^2 / 2^384) mod p_384 -// Input x[6]; output z[6] -extern void bignum_montsqr_p384 (uint64_t z[static 6], uint64_t x[static 6]); -extern void bignum_montsqr_p384_alt (uint64_t z[static 6], uint64_t x[static 6]); - -// Montgomery square, z := (x^2 / 2^576) mod p_521 -// Input x[9]; output z[9] -extern void bignum_montsqr_p521 (uint64_t z[static 9], uint64_t x[static 9]); -extern void bignum_montsqr_p521_alt (uint64_t z[static 9], uint64_t x[static 9]); - -// Multiply z := x * y -// Inputs x[m], y[n]; output z[k] -extern void bignum_mul (uint64_t k, uint64_t *z, uint64_t m, uint64_t *x, uint64_t n, uint64_t *y); - -// Multiply z := x * y -// Inputs x[4], y[4]; output z[8] -extern void bignum_mul_4_8 (uint64_t z[static 8], uint64_t x[static 4], uint64_t y[static 4]); -extern void bignum_mul_4_8_alt (uint64_t z[static 8], uint64_t x[static 4], uint64_t y[static 4]); - -// Multiply z := x * y -// Inputs x[6], y[6]; output z[12] -extern void bignum_mul_6_12 (uint64_t z[static 12], uint64_t x[static 6], uint64_t y[static 6]); -extern void bignum_mul_6_12_alt (uint64_t z[static 12], uint64_t x[static 6], uint64_t y[static 6]); - -// Multiply z := x * y -// Inputs x[8], y[8]; output z[16] -extern void bignum_mul_8_16 (uint64_t z[static 16], uint64_t x[static 8], uint64_t y[static 8]); -extern void bignum_mul_8_16_alt (uint64_t z[static 16], uint64_t x[static 8], uint64_t y[static 8]); - -// Multiply modulo p_25519, z := (x * y) mod p_25519 -// Inputs x[4], y[4]; output z[4] -extern void bignum_mul_p25519 (uint64_t z[static 4], uint64_t x[static 4], uint64_t y[static 4]); -extern void bignum_mul_p25519_alt (uint64_t z[static 4], uint64_t x[static 4], uint64_t y[static 4]); - -// Multiply modulo p_256k1, z := (x * y) mod p_256k1 -// Inputs x[4], y[4]; output z[4] -extern void bignum_mul_p256k1 (uint64_t z[static 4], uint64_t x[static 4], uint64_t y[static 4]); -extern void bignum_mul_p256k1_alt (uint64_t z[static 4], uint64_t x[static 4], uint64_t y[static 4]); - -// Multiply modulo p_521, z := (x * y) mod p_521, assuming x and y reduced -// Inputs x[9], y[9]; output z[9] -extern void bignum_mul_p521 (uint64_t z[static 9], uint64_t x[static 9], uint64_t y[static 9]); -extern void bignum_mul_p521_alt (uint64_t z[static 9], uint64_t x[static 9], uint64_t y[static 9]); - -// Multiply bignum by 10 and add word: z := 10 * z + d -// Inputs z[k], d; outputs function return (carry) and z[k] -extern uint64_t bignum_muladd10 (uint64_t k, uint64_t *z, uint64_t d); - -// Multiplex/select z := x (if p nonzero) or z := y (if p zero) -// Inputs p, x[k], y[k]; output z[k] -extern void bignum_mux (uint64_t p, uint64_t k, uint64_t *z, uint64_t *x, uint64_t *y); - -// 256-bit multiplex/select z := x (if p nonzero) or z := y (if p zero) -// Inputs p, x[4], y[4]; output z[4] -extern void bignum_mux_4 (uint64_t p, uint64_t z[static 4],uint64_t x[static 4], uint64_t y[static 4]); - -// 384-bit multiplex/select z := x (if p nonzero) or z := y (if p zero) -// Inputs p, x[6], y[6]; output z[6] -extern void bignum_mux_6 (uint64_t p, uint64_t z[static 6],uint64_t x[static 6], uint64_t y[static 6]); - -// Select element from 16-element table, z := xs[k*i] -// Inputs xs[16*k], i; output z[k] -extern void bignum_mux16 (uint64_t k, uint64_t *z, uint64_t *xs, uint64_t i); - -// Negate modulo p_25519, z := (-x) mod p_25519, assuming x reduced -// Input x[4]; output z[4] -extern void bignum_neg_p25519 (uint64_t z[static 4], uint64_t x[static 4]); - -// Negate modulo p_256, z := (-x) mod p_256, assuming x reduced -// Input x[4]; output z[4] -extern void bignum_neg_p256 (uint64_t z[static 4], uint64_t x[static 4]); - -// Negate modulo p_256k1, z := (-x) mod p_256k1, assuming x reduced -// Input x[4]; output z[4] -extern void bignum_neg_p256k1 (uint64_t z[static 4], uint64_t x[static 4]); - -// Negate modulo p_384, z := (-x) mod p_384, assuming x reduced -// Input x[6]; output z[6] -extern void bignum_neg_p384 (uint64_t z[static 6], uint64_t x[static 6]); - -// Negate modulo p_521, z := (-x) mod p_521, assuming x reduced -// Input x[9]; output z[9] -extern void bignum_neg_p521 (uint64_t z[static 9], uint64_t x[static 9]); - -// Negated modular inverse, z := (-1/x) mod 2^{64k} -// Input x[k]; output z[k] -extern void bignum_negmodinv (uint64_t k, uint64_t *z, uint64_t *x); - -// Test bignum for nonzero-ness x =/= 0 -// Input x[k]; output function return -extern uint64_t bignum_nonzero (uint64_t k, uint64_t *x); - -// Test 256-bit bignum for nonzero-ness x =/= 0 -// Input x[4]; output function return -extern uint64_t bignum_nonzero_4(uint64_t x[static 4]); - -// Test 384-bit bignum for nonzero-ness x =/= 0 -// Input x[6]; output function return -extern uint64_t bignum_nonzero_6(uint64_t x[static 6]); - -// Normalize bignum in-place by shifting left till top bit is 1 -// Input z[k]; outputs function return (bits shifted left) and z[k] -extern uint64_t bignum_normalize (uint64_t k, uint64_t *z); - -// Test bignum for odd-ness -// Input x[k]; output function return -extern uint64_t bignum_odd (uint64_t k, uint64_t *x); - -// Convert single digit to bignum, z := n -// Input n; output z[k] -extern void bignum_of_word (uint64_t k, uint64_t *z, uint64_t n); - -// Optionally add, z := x + y (if p nonzero) or z := x (if p zero) -// Inputs x[k], p, y[k]; outputs function return (carry-out) and z[k] -extern uint64_t bignum_optadd (uint64_t k, uint64_t *z, uint64_t *x, uint64_t p, uint64_t *y); - -// Optionally negate, z := -x (if p nonzero) or z := x (if p zero) -// Inputs p, x[k]; outputs function return (nonzero input) and z[k] -extern uint64_t bignum_optneg (uint64_t k, uint64_t *z, uint64_t p, uint64_t *x); - -// Optionally negate modulo p_25519, z := (-x) mod p_25519 (if p nonzero) or z := x (if p zero), assuming x reduced -// Inputs p, x[4]; output z[4] -extern void bignum_optneg_p25519 (uint64_t z[static 4], uint64_t p, uint64_t x[static 4]); - -// Optionally negate modulo p_256, z := (-x) mod p_256 (if p nonzero) or z := x (if p zero), assuming x reduced -// Inputs p, x[4]; output z[4] -extern void bignum_optneg_p256 (uint64_t z[static 4], uint64_t p, uint64_t x[static 4]); - -// Optionally negate modulo p_256k1, z := (-x) mod p_256k1 (if p nonzero) or z := x (if p zero), assuming x reduced -// Inputs p, x[4]; output z[4] -extern void bignum_optneg_p256k1 (uint64_t z[static 4], uint64_t p, uint64_t x[static 4]); - -// Optionally negate modulo p_384, z := (-x) mod p_384 (if p nonzero) or z := x (if p zero), assuming x reduced -// Inputs p, x[6]; output z[6] -extern void bignum_optneg_p384 (uint64_t z[static 6], uint64_t p, uint64_t x[static 6]); - -// Optionally negate modulo p_521, z := (-x) mod p_521 (if p nonzero) or z := x (if p zero), assuming x reduced -// Inputs p, x[9]; output z[9] -extern void bignum_optneg_p521 (uint64_t z[static 9], uint64_t p, uint64_t x[static 9]); - -// Optionally subtract, z := x - y (if p nonzero) or z := x (if p zero) -// Inputs x[k], p, y[k]; outputs function return (carry-out) and z[k] -extern uint64_t bignum_optsub (uint64_t k, uint64_t *z, uint64_t *x, uint64_t p, uint64_t *y); - -// Optionally subtract or add, z := x + sgn(p) * y interpreting p as signed -// Inputs x[k], p, y[k]; outputs function return (carry-out) and z[k] -extern uint64_t bignum_optsubadd (uint64_t k, uint64_t *z, uint64_t *x, uint64_t p, uint64_t *y); - -// Return bignum of power of 2, z := 2^n -// Input n; output z[k] -extern void bignum_pow2 (uint64_t k, uint64_t *z, uint64_t n); - -// Shift bignum left by c < 64 bits z := x * 2^c -// Inputs x[n], c; outputs function return (carry-out) and z[k] -extern uint64_t bignum_shl_small (uint64_t k, uint64_t *z, uint64_t n, uint64_t *x, uint64_t c); - -// Shift bignum right by c < 64 bits z := floor(x / 2^c) -// Inputs x[n], c; outputs function return (bits shifted out) and z[k] -extern uint64_t bignum_shr_small (uint64_t k, uint64_t *z, uint64_t n, uint64_t *x, uint64_t c); - -// Square, z := x^2 -// Input x[n]; output z[k] -extern void bignum_sqr (uint64_t k, uint64_t *z, uint64_t n, uint64_t *x); - -// Square, z := x^2 -// Input x[4]; output z[8] -extern void bignum_sqr_4_8 (uint64_t z[static 8], uint64_t x[static 4]); -extern void bignum_sqr_4_8_alt (uint64_t z[static 8], uint64_t x[static 4]); - -// Square, z := x^2 -// Input x[6]; output z[12] -extern void bignum_sqr_6_12 (uint64_t z[static 12], uint64_t x[static 6]); -extern void bignum_sqr_6_12_alt (uint64_t z[static 12], uint64_t x[static 6]); - -// Square, z := x^2 -// Input x[8]; output z[16] -extern void bignum_sqr_8_16 (uint64_t z[static 16], uint64_t x[static 8]); -extern void bignum_sqr_8_16_alt (uint64_t z[static 16], uint64_t x[static 8]); - -// Square modulo p_25519, z := (x^2) mod p_25519 -// Input x[4]; output z[4] -extern void bignum_sqr_p25519 (uint64_t z[static 4], uint64_t x[static 4]); -extern void bignum_sqr_p25519_alt (uint64_t z[static 4], uint64_t x[static 4]); - -// Square modulo p_256k1, z := (x^2) mod p_256k1 -// Input x[4]; output z[4] -extern void bignum_sqr_p256k1 (uint64_t z[static 4], uint64_t x[static 4]); -extern void bignum_sqr_p256k1_alt (uint64_t z[static 4], uint64_t x[static 4]); - -// Square modulo p_521, z := (x^2) mod p_521, assuming x reduced -// Input x[9]; output z[9] -extern void bignum_sqr_p521 (uint64_t z[static 9], uint64_t x[static 9]); -extern void bignum_sqr_p521_alt (uint64_t z[static 9], uint64_t x[static 9]); - -// Subtract, z := x - y -// Inputs x[m], y[n]; outputs function return (carry-out) and z[p] -extern uint64_t bignum_sub (uint64_t p, uint64_t *z, uint64_t m, uint64_t *x, uint64_t n, uint64_t *y); - -// Subtract modulo p_25519, z := (x - y) mod p_25519, assuming x and y reduced -// Inputs x[4], y[4]; output z[4] -extern void bignum_sub_p25519 (uint64_t z[static 4], uint64_t x[static 4], uint64_t y[static 4]); - -// Subtract modulo p_256, z := (x - y) mod p_256, assuming x and y reduced -// Inputs x[4], y[4]; output z[4] -extern void bignum_sub_p256 (uint64_t z[static 4], uint64_t x[static 4], uint64_t y[static 4]); - -// Subtract modulo p_256k1, z := (x - y) mod p_256k1, assuming x and y reduced -// Inputs x[4], y[4]; output z[4] -extern void bignum_sub_p256k1 (uint64_t z[static 4], uint64_t x[static 4], uint64_t y[static 4]); - -// Subtract modulo p_384, z := (x - y) mod p_384, assuming x and y reduced -// Inputs x[6], y[6]; output z[6] -extern void bignum_sub_p384 (uint64_t z[static 6], uint64_t x[static 6], uint64_t y[static 6]); - -// Subtract modulo p_521, z := (x - y) mod p_521, assuming x and y reduced -// Inputs x[9], y[9]; output z[9] -extern void bignum_sub_p521 (uint64_t z[static 9], uint64_t x[static 9], uint64_t y[static 9]); - -// Convert 4-digit (256-bit) bignum to big-endian bytes -// Input x[4]; output z[32] (bytes) -extern void bignum_tobebytes_4 (uint8_t z[static 32], uint64_t x[static 4]); - -// Convert 6-digit (384-bit) bignum to big-endian bytes -// Input x[6]; output z[48] (bytes) -extern void bignum_tobebytes_6 (uint8_t z[static 48], uint64_t x[static 6]); - -// Convert 4-digit (256-bit) bignum to little-endian bytes -// Input x[4]; output z[32] (bytes) -extern void bignum_tolebytes_4 (uint8_t z[static 32], uint64_t x[static 4]); - -// Convert 6-digit (384-bit) bignum to little-endian bytes -// Input x[6]; output z[48] (bytes) -extern void bignum_tolebytes_6 (uint8_t z[static 48], uint64_t x[static 6]); - -// Convert 9-digit 528-bit bignum to little-endian bytes -// Input x[6]; output z[66] (bytes) -extern void bignum_tolebytes_p521 (uint8_t z[static 66], uint64_t x[static 9]); - -// Convert to Montgomery form z := (2^256 * x) mod p_256 -// Input x[4]; output z[4] -extern void bignum_tomont_p256 (uint64_t z[static 4], uint64_t x[static 4]); -extern void bignum_tomont_p256_alt (uint64_t z[static 4], uint64_t x[static 4]); - -// Convert to Montgomery form z := (2^256 * x) mod p_256k1 -// Input x[4]; output z[4] -extern void bignum_tomont_p256k1 (uint64_t z[static 4], uint64_t x[static 4]); -extern void bignum_tomont_p256k1_alt (uint64_t z[static 4], uint64_t x[static 4]); - -// Convert to Montgomery form z := (2^384 * x) mod p_384 -// Input x[6]; output z[6] -extern void bignum_tomont_p384 (uint64_t z[static 6], uint64_t x[static 6]); -extern void bignum_tomont_p384_alt (uint64_t z[static 6], uint64_t x[static 6]); - -// Convert to Montgomery form z := (2^576 * x) mod p_521 -// Input x[9]; output z[9] -extern void bignum_tomont_p521 (uint64_t z[static 9], uint64_t x[static 9]); - -// Triple modulo p_256, z := (3 * x) mod p_256 -// Input x[4]; output z[4] -extern void bignum_triple_p256 (uint64_t z[static 4], uint64_t x[static 4]); -extern void bignum_triple_p256_alt (uint64_t z[static 4], uint64_t x[static 4]); - -// Triple modulo p_256k1, z := (3 * x) mod p_256k1 -// Input x[4]; output z[4] -extern void bignum_triple_p256k1 (uint64_t z[static 4], uint64_t x[static 4]); -extern void bignum_triple_p256k1_alt (uint64_t z[static 4], uint64_t x[static 4]); - -// Triple modulo p_384, z := (3 * x) mod p_384 -// Input x[6]; output z[6] -extern void bignum_triple_p384 (uint64_t z[static 6], uint64_t x[static 6]); -extern void bignum_triple_p384_alt (uint64_t z[static 6], uint64_t x[static 6]); - -// Triple modulo p_521, z := (3 * x) mod p_521, assuming x reduced -// Input x[9]; output z[9] -extern void bignum_triple_p521 (uint64_t z[static 9], uint64_t x[static 9]); -extern void bignum_triple_p521_alt (uint64_t z[static 9], uint64_t x[static 9]); - -// Montgomery ladder step for curve25519 -// Inputs point[8], pp[16], b; output rr[16] -extern void curve25519_ladderstep(uint64_t rr[16],uint64_t point[8],uint64_t pp[16],uint64_t b); -extern void curve25519_ladderstep_alt(uint64_t rr[16],uint64_t point[8],uint64_t pp[16],uint64_t b); - -// Projective scalar multiplication, x coordinate only, for curve25519 -// Inputs scalar[4], point[4]; output res[8] -extern void curve25519_pxscalarmul(uint64_t res[static 8],uint64_t scalar[static 4],uint64_t point[static 4]); -extern void curve25519_pxscalarmul_alt(uint64_t res[static 8],uint64_t scalar[static 4],uint64_t point[static 4]); - -// x25519 function for curve25519 -// Inputs scalar[4], point[4]; output res[4] -extern void curve25519_x25519(uint64_t res[static 4],uint64_t scalar[static 4],uint64_t point[static 4]); -extern void curve25519_x25519_alt(uint64_t res[static 4],uint64_t scalar[static 4],uint64_t point[static 4]); - -// x25519 function for curve25519 on base element 9 -// Input scalar[4]; output res[4] -extern void curve25519_x25519base(uint64_t res[static 4],uint64_t scalar[static 4]); -extern void curve25519_x25519base_alt(uint64_t res[static 4],uint64_t scalar[static 4]); - -// Extended projective addition for edwards25519 -// Inputs p1[16], p2[16]; output p3[16] -extern void edwards25519_epadd(uint64_t p3[static 16],uint64_t p1[static 16],uint64_t p2[static 16]); -extern void edwards25519_epadd_alt(uint64_t p3[static 16],uint64_t p1[static 16],uint64_t p2[static 16]); - -// Extended projective doubling for edwards25519 -// Inputs p1[12]; output p3[16] -extern void edwards25519_epdouble(uint64_t p3[static 16],uint64_t p1[static 12]); -extern void edwards25519_epdouble_alt(uint64_t p3[static 16],uint64_t p1[static 12]); - -// Projective doubling for edwards25519 -// Inputs p1[12]; output p3[12] -extern void edwards25519_pdouble(uint64_t p3[static 12],uint64_t p1[static 12]); -extern void edwards25519_pdouble_alt(uint64_t p3[static 12],uint64_t p1[static 12]); - -// Extended projective + precomputed mixed addition for edwards25519 -// Inputs p1[16], p2[12]; output p3[16] -extern void edwards25519_pepadd(uint64_t p3[static 16],uint64_t p1[static 16],uint64_t p2[static 12]); -extern void edwards25519_pepadd_alt(uint64_t p3[static 16],uint64_t p1[static 16],uint64_t p2[static 12]); - -// Point addition on NIST curve P-256 in Montgomery-Jacobian coordinates -// Inputs p1[12], p2[12]; output p3[12] -extern void p256_montjadd(uint64_t p3[static 12],uint64_t p1[static 12],uint64_t p2[static 12]); - -// Point doubling on NIST curve P-256 in Montgomery-Jacobian coordinates -// Inputs p1[12]; output p3[12] -extern void p256_montjdouble(uint64_t p3[static 12],uint64_t p1[static 12]); - -// Point mixed addition on NIST curve P-256 in Montgomery-Jacobian coordinates -// Inputs p1[12], p2[8]; output p3[12] -extern void p256_montjmixadd(uint64_t p3[static 12],uint64_t p1[static 12],uint64_t p2[static 8]); - -// Point addition on NIST curve P-384 in Montgomery-Jacobian coordinates -// Inputs p1[18], p2[18]; output p3[18] -extern void p384_montjadd(uint64_t p3[static 18],uint64_t p1[static 18],uint64_t p2[static 18]); - -// Point doubling on NIST curve P-384 in Montgomery-Jacobian coordinates -// Inputs p1[18]; output p3[18] -extern void p384_montjdouble(uint64_t p3[static 18],uint64_t p1[static 18]); - -// Point mixed addition on NIST curve P-384 in Montgomery-Jacobian coordinates -// Inputs p1[18], p2[12]; output p3[18] -extern void p384_montjmixadd(uint64_t p3[static 18],uint64_t p1[static 18],uint64_t p2[static 12]); - -// Point addition on NIST curve P-521 in Jacobian coordinates -// Inputs p1[27], p2[27]; output p3[27] -extern void p521_jadd(uint64_t p3[static 27],uint64_t p1[static 27],uint64_t p2[static 27]); - -// Point doubling on NIST curve P-521 in Jacobian coordinates -// Input p1[27]; output p3[27] -extern void p521_jdouble(uint64_t p3[static 27],uint64_t p1[static 27]); - -// Point mixed addition on NIST curve P-521 in Jacobian coordinates -// Inputs p1[27], p2[18]; output p3[27] -extern void p521_jmixadd(uint64_t p3[static 27],uint64_t p1[static 27],uint64_t p2[static 18]); - -// Point addition on SECG curve secp256k1 in Jacobian coordinates -// Inputs p1[12], p2[12]; output p3[12] -extern void secp256k1_jadd(uint64_t p3[static 12],uint64_t p1[static 12],uint64_t p2[static 12]); - -// Point doubling on SECG curve secp256k1 in Jacobian coordinates -// Input p1[12]; output p3[12] -extern void secp256k1_jdouble(uint64_t p3[static 12],uint64_t p1[static 12]); - -// Point mixed addition on SECG curve secp256k1 in Jacobian coordinates -// Inputs p1[12], p2[8]; output p3[12] -extern void secp256k1_jmixadd(uint64_t p3[static 12],uint64_t p1[static 12],uint64_t p2[static 8]); - -// Reverse the bytes in a single word -// Input a; output function return -extern uint64_t word_bytereverse (uint64_t a); - -// Count leading zero bits in a single word -// Input a; output function return -extern uint64_t word_clz (uint64_t a); - -// Count trailing zero bits in a single word -// Input a; output function return -extern uint64_t word_ctz (uint64_t a); - -// Return maximum of two unsigned 64-bit words -// Inputs a, b; output function return -extern uint64_t word_max (uint64_t a, uint64_t b); - -// Return minimum of two unsigned 64-bit words -// Inputs a, b; output function return -extern uint64_t word_min (uint64_t a, uint64_t b); - -// Single-word negated modular inverse (-1/a) mod 2^64 -// Input a; output function return -extern uint64_t word_negmodinv (uint64_t a); - -// Single-word reciprocal, 2^64 + ret = ceil(2^128/a) - 1 if MSB of "a" is set -// Input a; output function return -extern uint64_t word_recip (uint64_t a); diff --git a/src/lib/libcrypto/bn/s2n_bignum_internal.h b/src/lib/libcrypto/bn/s2n_bignum_internal.h deleted file mode 100644 index b82db7d019..0000000000 --- a/src/lib/libcrypto/bn/s2n_bignum_internal.h +++ /dev/null @@ -1,36 +0,0 @@ -// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. -// -// Permission to use, copy, modify, and/or distribute this software for any -// purpose with or without fee is hereby granted, provided that the above -// copyright notice and this permission notice appear in all copies. -// -// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -#ifdef __APPLE__ -# define S2N_BN_SYMBOL(NAME) _##NAME -#else -# define S2N_BN_SYMBOL(name) name -#endif - -#ifdef __CET__ -# include -#else -# define _CET_ENDBR -#endif - -#define S2N_BN_SYM_VISIBILITY_DIRECTIVE(name) .globl S2N_BN_SYMBOL(name) -#ifdef S2N_BN_HIDE_SYMBOLS -# ifdef __APPLE__ -# define S2N_BN_SYM_PRIVACY_DIRECTIVE(name) .private_extern S2N_BN_SYMBOL(name) -# else -# define S2N_BN_SYM_PRIVACY_DIRECTIVE(name) .hidden S2N_BN_SYMBOL(name) -# endif -#else -# define S2N_BN_SYM_PRIVACY_DIRECTIVE(name) /* NO-OP: S2N_BN_SYM_PRIVACY_DIRECTIVE */ -#endif diff --git a/src/lib/libcrypto/buffer/buf_err.c b/src/lib/libcrypto/buffer/buf_err.c deleted file mode 100644 index 8637a06a76..0000000000 --- a/src/lib/libcrypto/buffer/buf_err.c +++ /dev/null @@ -1,91 +0,0 @@ -/* $OpenBSD: buf_err.c,v 1.14 2024/06/24 06:43:22 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include - -#include "err_local.h" - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_BUF,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_BUF,0,reason) - -static const ERR_STRING_DATA BUF_str_functs[] = { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static const ERR_STRING_DATA BUF_str_reasons[] = { - {0, NULL} -}; - -#endif - -void -ERR_load_BUF_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(BUF_str_functs[0].error) == NULL) { - ERR_load_const_strings(BUF_str_functs); - ERR_load_const_strings(BUF_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_BUF_strings); diff --git a/src/lib/libcrypto/buffer/buffer.c b/src/lib/libcrypto/buffer/buffer.c deleted file mode 100644 index 51ce90ff80..0000000000 --- a/src/lib/libcrypto/buffer/buffer.c +++ /dev/null @@ -1,155 +0,0 @@ -/* $OpenBSD: buffer.c,v 1.28 2023/07/08 08:26:26 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include -#include - -/* - * LIMIT_BEFORE_EXPANSION is the maximum n such that (n + 3) / 3 * 4 < 2**31. - * That function is applied in several functions in this file and this limit - * ensures that the result fits in an int. - */ -#define LIMIT_BEFORE_EXPANSION 0x5ffffffc - -BUF_MEM * -BUF_MEM_new(void) -{ - BUF_MEM *ret; - - if ((ret = calloc(1, sizeof(BUF_MEM))) == NULL) { - BUFerror(ERR_R_MALLOC_FAILURE); - return (NULL); - } - - return (ret); -} -LCRYPTO_ALIAS(BUF_MEM_new); - -void -BUF_MEM_free(BUF_MEM *a) -{ - if (a == NULL) - return; - - freezero(a->data, a->max); - free(a); -} -LCRYPTO_ALIAS(BUF_MEM_free); - -int -BUF_MEM_grow(BUF_MEM *str, size_t len) -{ - return BUF_MEM_grow_clean(str, len); -} -LCRYPTO_ALIAS(BUF_MEM_grow); - -int -BUF_MEM_grow_clean(BUF_MEM *str, size_t len) -{ - char *ret; - size_t n; - - if (str->max >= len) { - if (str->length >= len) - memset(&str->data[len], 0, str->length - len); - str->length = len; - return (len); - } - - if (len > LIMIT_BEFORE_EXPANSION) { - BUFerror(ERR_R_MALLOC_FAILURE); - return 0; - } - - n = (len + 3) / 3 * 4; - if ((ret = recallocarray(str->data, str->max, n, 1)) == NULL) { - BUFerror(ERR_R_MALLOC_FAILURE); - return (0); - } - str->data = ret; - str->max = n; - str->length = len; - - return (len); -} -LCRYPTO_ALIAS(BUF_MEM_grow_clean); - -void -BUF_reverse(unsigned char *out, const unsigned char *in, size_t size) -{ - size_t i; - - if (in) { - out += size - 1; - for (i = 0; i < size; i++) - *out-- = *in++; - } else { - unsigned char *q; - char c; - q = out + size - 1; - for (i = 0; i < size / 2; i++) { - c = *q; - *q-- = *out; - *out++ = c; - } - } -} diff --git a/src/lib/libcrypto/buffer/buffer.h b/src/lib/libcrypto/buffer/buffer.h deleted file mode 100644 index d461d6493c..0000000000 --- a/src/lib/libcrypto/buffer/buffer.h +++ /dev/null @@ -1,102 +0,0 @@ -/* $OpenBSD: buffer.h,v 1.17 2023/07/28 10:17:21 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_BUFFER_H -#define HEADER_BUFFER_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#include -#include - -/* Already declared in ossl_typ.h */ -/* typedef struct buf_mem_st BUF_MEM; */ - -struct buf_mem_st { - size_t length; /* current number of bytes */ - char *data; - size_t max; /* size of buffer */ -}; - -BUF_MEM *BUF_MEM_new(void); -void BUF_MEM_free(BUF_MEM *a); -int BUF_MEM_grow(BUF_MEM *str, size_t len); -int BUF_MEM_grow_clean(BUF_MEM *str, size_t len); - -void ERR_load_BUF_strings(void); - -/* Error codes for the BUF functions. */ - -/* Function codes. */ -#define BUF_F_BUF_MEMDUP 103 -#define BUF_F_BUF_MEM_GROW 100 -#define BUF_F_BUF_MEM_GROW_CLEAN 105 -#define BUF_F_BUF_MEM_NEW 101 -#define BUF_F_BUF_STRDUP 102 -#define BUF_F_BUF_STRNDUP 104 - -/* Reason codes. */ - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/bytestring/bs_ber.c b/src/lib/libcrypto/bytestring/bs_ber.c deleted file mode 100644 index 6d7daaf77f..0000000000 --- a/src/lib/libcrypto/bytestring/bs_ber.c +++ /dev/null @@ -1,270 +0,0 @@ -/* $OpenBSD: bs_ber.c,v 1.4 2025/03/28 12:13:03 tb Exp $ */ -/* - * Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include - -#include "bytestring.h" - -/* - * kMaxDepth is a just a sanity limit. The code should be such that the length - * of the input being processes always decreases. None the less, a very large - * input could otherwise cause the stack to overflow. - */ -static const unsigned int kMaxDepth = 2048; - -/* Non-strict version that allows a relaxed DER with indefinite form. */ -static int -cbs_nonstrict_get_any_asn1_element(CBS *cbs, CBS *out, unsigned int *out_tag, - size_t *out_header_len) -{ - return cbs_get_any_asn1_element_internal(cbs, out, - out_tag, out_header_len, 0); -} - -/* - * cbs_find_indefinite walks an ASN.1 structure in |orig_in| and sets - * |*indefinite_found| depending on whether an indefinite length element was - * found. The value of |orig_in| is not modified. - * - * Returns one on success (i.e. |*indefinite_found| was set) and zero on error. - */ -static int -cbs_find_indefinite(const CBS *orig_in, char *indefinite_found, - unsigned int depth) -{ - CBS in; - - if (depth > kMaxDepth) - return 0; - - CBS_init(&in, CBS_data(orig_in), CBS_len(orig_in)); - - while (CBS_len(&in) > 0) { - CBS contents; - unsigned int tag; - size_t header_len; - - if (!cbs_nonstrict_get_any_asn1_element(&in, &contents, &tag, - &header_len)) - return 0; - - /* Indefinite form not allowed by DER. */ - if (CBS_len(&contents) == header_len && header_len > 0 && - CBS_data(&contents)[header_len - 1] == 0x80) { - *indefinite_found = 1; - return 1; - } - if (tag & CBS_ASN1_CONSTRUCTED) { - if (!CBS_skip(&contents, header_len) || - !cbs_find_indefinite(&contents, indefinite_found, - depth + 1)) - return 0; - } - } - - *indefinite_found = 0; - return 1; -} - -/* - * is_primitive_type returns true if |tag| likely a primitive type. Normally - * one can just test the "constructed" bit in the tag but, in BER, even - * primitive tags can have the constructed bit if they have indefinite - * length. - */ -static char -is_primitive_type(unsigned int tag) -{ - return (tag & 0xc0) == 0 && - (tag & 0x1f) != (CBS_ASN1_SEQUENCE & 0x1f) && - (tag & 0x1f) != (CBS_ASN1_SET & 0x1f); -} - -/* - * is_eoc returns true if |header_len| and |contents|, as returned by - * |cbs_nonstrict_get_any_asn1_element|, indicate an "end of contents" (EOC) - * value. - */ -static char -is_eoc(size_t header_len, CBS *contents) -{ - const unsigned char eoc[] = {0x0, 0x0}; - - return header_len == 2 && CBS_mem_equal(contents, eoc, 2); -} - -/* - * cbs_convert_indefinite reads data with DER encoding (but relaxed to allow - * indefinite form) from |in| and writes definite form DER data to |out|. If - * |squash_header| is set then the top-level of elements from |in| will not - * have their headers written. This is used when concatenating the fragments of - * an indefinite length, primitive value. If |looking_for_eoc| is set then any - * EOC elements found will cause the function to return after consuming it. - * It returns one on success and zero on error. - */ -static int -cbs_convert_indefinite(CBS *in, CBB *out, char squash_header, - char looking_for_eoc, unsigned int depth) -{ - if (depth > kMaxDepth) - return 0; - - while (CBS_len(in) > 0) { - CBS contents; - unsigned int tag; - size_t header_len; - CBB *out_contents, out_contents_storage; - - if (!cbs_nonstrict_get_any_asn1_element(in, &contents, &tag, - &header_len)) - return 0; - - out_contents = out; - - if (CBS_len(&contents) == header_len) { - if (is_eoc(header_len, &contents)) - return looking_for_eoc; - - if (header_len > 0 && - CBS_data(&contents)[header_len - 1] == 0x80) { - /* - * This is an indefinite length element. If - * it's a SEQUENCE or SET then we just need to - * write the out the contents as normal, but - * with a concrete length prefix. - * - * If it's a something else then the contents - * will be a series of DER elements of the same - * type which need to be concatenated. - */ - const char context_specific = (tag & 0xc0) - == 0x80; - char squash_child_headers = - is_primitive_type(tag); - - /* - * This is a hack, but it sufficies to handle - * NSS's output. If we find an indefinite - * length, context-specific tag with a definite, - * primitive tag inside it, then we assume that - * the context-specific tag is implicit and the - * tags within are fragments of a primitive type - * that need to be concatenated. - */ - if (context_specific && - (tag & CBS_ASN1_CONSTRUCTED)) { - CBS in_copy, inner_contents; - unsigned int inner_tag; - size_t inner_header_len; - - CBS_init(&in_copy, CBS_data(in), - CBS_len(in)); - if (!cbs_nonstrict_get_any_asn1_element( - &in_copy, &inner_contents, - &inner_tag, &inner_header_len)) - return 0; - - if (CBS_len(&inner_contents) > - inner_header_len && - is_primitive_type(inner_tag)) - squash_child_headers = 1; - } - - if (!squash_header) { - unsigned int out_tag = tag; - - if (squash_child_headers) - out_tag &= - ~CBS_ASN1_CONSTRUCTED; - - if (!CBB_add_asn1(out, - &out_contents_storage, out_tag)) - return 0; - - out_contents = &out_contents_storage; - } - - if (!cbs_convert_indefinite(in, out_contents, - squash_child_headers, - 1 /* looking for eoc */, depth + 1)) - return 0; - - if (out_contents != out && !CBB_flush(out)) - return 0; - - continue; - } - } - - if (!squash_header) { - if (!CBB_add_asn1(out, &out_contents_storage, tag)) - return 0; - - out_contents = &out_contents_storage; - } - - if (!CBS_skip(&contents, header_len)) - return 0; - - if (tag & CBS_ASN1_CONSTRUCTED) { - if (!cbs_convert_indefinite(&contents, out_contents, - 0 /* don't squash header */, - 0 /* not looking for eoc */, depth + 1)) - return 0; - } else { - if (!CBB_add_bytes(out_contents, CBS_data(&contents), - CBS_len(&contents))) - return 0; - } - - if (out_contents != out && !CBB_flush(out)) - return 0; - } - - return looking_for_eoc == 0; -} - -int -CBS_asn1_indefinite_to_definite(CBS *in, uint8_t **out, size_t *out_len) -{ - CBB cbb; - - /* - * First, do a quick walk to find any indefinite-length elements. Most - * of the time we hope that there aren't any and thus we can quickly - * return. - */ - char conversion_needed; - if (!cbs_find_indefinite(in, &conversion_needed, 0)) - return 0; - - if (!conversion_needed) { - *out = NULL; - *out_len = 0; - return 1; - } - - if (!CBB_init(&cbb, CBS_len(in))) - return 0; - if (!cbs_convert_indefinite(in, &cbb, 0, 0, 0)) { - CBB_cleanup(&cbb); - return 0; - } - - return CBB_finish(&cbb, out, out_len); -} diff --git a/src/lib/libcrypto/bytestring/bs_cbb.c b/src/lib/libcrypto/bytestring/bs_cbb.c deleted file mode 100644 index cd29e168dc..0000000000 --- a/src/lib/libcrypto/bytestring/bs_cbb.c +++ /dev/null @@ -1,490 +0,0 @@ -/* $OpenBSD: bs_cbb.c,v 1.6 2024/06/22 15:32:51 jsing Exp $ */ -/* - * Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include -#include - -#include "bytestring.h" - -#define CBB_INITIAL_SIZE 64 - -static int -cbb_init(CBB *cbb, uint8_t *buf, size_t cap) -{ - struct cbb_buffer_st *base; - - if ((base = calloc(1, sizeof(struct cbb_buffer_st))) == NULL) - return 0; - - base->buf = buf; - base->len = 0; - base->cap = cap; - base->can_resize = 1; - - cbb->base = base; - cbb->is_top_level = 1; - - return 1; -} - -int -CBB_init(CBB *cbb, size_t initial_capacity) -{ - uint8_t *buf = NULL; - - memset(cbb, 0, sizeof(*cbb)); - - if (initial_capacity == 0) - initial_capacity = CBB_INITIAL_SIZE; - - if ((buf = calloc(1, initial_capacity)) == NULL) - return 0; - - if (!cbb_init(cbb, buf, initial_capacity)) { - free(buf); - return 0; - } - - return 1; -} - -int -CBB_init_fixed(CBB *cbb, uint8_t *buf, size_t len) -{ - memset(cbb, 0, sizeof(*cbb)); - - if (!cbb_init(cbb, buf, len)) - return 0; - - cbb->base->can_resize = 0; - - return 1; -} - -void -CBB_cleanup(CBB *cbb) -{ - if (cbb->base) { - if (cbb->base->can_resize) - freezero(cbb->base->buf, cbb->base->cap); - free(cbb->base); - } - cbb->base = NULL; - cbb->child = NULL; -} - -static int -cbb_buffer_add(struct cbb_buffer_st *base, uint8_t **out, size_t len) -{ - size_t newlen; - - if (base == NULL) - return 0; - - newlen = base->len + len; - if (newlen < base->len) - /* Overflow */ - return 0; - - if (newlen > base->cap) { - size_t newcap = base->cap * 2; - uint8_t *newbuf; - - if (!base->can_resize) - return 0; - - if (newcap < base->cap || newcap < newlen) - newcap = newlen; - - newbuf = recallocarray(base->buf, base->cap, newcap, 1); - if (newbuf == NULL) - return 0; - - base->buf = newbuf; - base->cap = newcap; - } - - if (out) - *out = base->buf + base->len; - - base->len = newlen; - return 1; -} - -static int -cbb_add_u(CBB *cbb, uint32_t v, size_t len_len) -{ - uint8_t *buf; - size_t i; - - if (len_len == 0) - return 1; - - if (len_len > 4) - return 0; - - if (!CBB_flush(cbb) || !cbb_buffer_add(cbb->base, &buf, len_len)) - return 0; - - for (i = len_len - 1; i < len_len; i--) { - buf[i] = v; - v >>= 8; - } - return 1; -} - -int -CBB_finish(CBB *cbb, uint8_t **out_data, size_t *out_len) -{ - if (!cbb->is_top_level) - return 0; - - if (!CBB_flush(cbb)) - return 0; - - if (cbb->base->can_resize && (out_data == NULL || out_len == NULL)) - /* - * |out_data| and |out_len| can only be NULL if the CBB is - * fixed. - */ - return 0; - - if (out_data != NULL && *out_data != NULL) - return 0; - - if (out_data != NULL) - *out_data = cbb->base->buf; - - if (out_len != NULL) - *out_len = cbb->base->len; - - cbb->base->buf = NULL; - CBB_cleanup(cbb); - return 1; -} - -/* - * CBB_flush recurses and then writes out any pending length prefix. The current - * length of the underlying base is taken to be the length of the - * length-prefixed data. - */ -int -CBB_flush(CBB *cbb) -{ - size_t child_start, i, len; - - if (cbb->base == NULL) - return 0; - - if (cbb->child == NULL || cbb->pending_len_len == 0) - return 1; - - child_start = cbb->offset + cbb->pending_len_len; - - if (!CBB_flush(cbb->child) || child_start < cbb->offset || - cbb->base->len < child_start) - return 0; - - len = cbb->base->len - child_start; - - if (cbb->pending_is_asn1) { - /* - * For ASN.1, we assumed that we were using short form which - * only requires a single byte for the length octet. - * - * If it turns out that we need long form, we have to move - * the contents along in order to make space for more length - * octets. - */ - size_t len_len = 1; /* total number of length octets */ - uint8_t initial_length_byte; - - /* We already wrote 1 byte for the length. */ - if (cbb->pending_len_len != 1) - return 0; - - /* Check for long form */ - if (len > 0xfffffffe) - return 0; /* 0xffffffff is reserved */ - else if (len > 0xffffff) - len_len = 5; - else if (len > 0xffff) - len_len = 4; - else if (len > 0xff) - len_len = 3; - else if (len > 0x7f) - len_len = 2; - - if (len_len == 1) { - /* For short form, the initial byte is the length. */ - initial_length_byte = len; - len = 0; - - } else { - /* - * For long form, the initial byte is the number of - * subsequent length octets (plus bit 8 set). - */ - initial_length_byte = 0x80 | (len_len - 1); - - /* - * We need to move the contents along in order to make - * space for the long form length octets. - */ - size_t extra_bytes = len_len - 1; - if (!cbb_buffer_add(cbb->base, NULL, extra_bytes)) - return 0; - - memmove(cbb->base->buf + child_start + extra_bytes, - cbb->base->buf + child_start, len); - } - cbb->base->buf[cbb->offset++] = initial_length_byte; - cbb->pending_len_len = len_len - 1; - } - - for (i = cbb->pending_len_len - 1; i < cbb->pending_len_len; i--) { - cbb->base->buf[cbb->offset + i] = len; - len >>= 8; - } - if (len != 0) - return 0; - - cbb->child->base = NULL; - cbb->child = NULL; - cbb->pending_len_len = 0; - cbb->pending_is_asn1 = 0; - cbb->offset = 0; - - return 1; -} - -void -CBB_discard_child(CBB *cbb) -{ - if (cbb->child == NULL) - return; - - cbb->base->len = cbb->offset; - - cbb->child->base = NULL; - cbb->child = NULL; - cbb->pending_len_len = 0; - cbb->pending_is_asn1 = 0; - cbb->offset = 0; -} - -static int -cbb_add_length_prefixed(CBB *cbb, CBB *out_contents, size_t len_len) -{ - uint8_t *prefix_bytes; - - if (!CBB_flush(cbb)) - return 0; - - cbb->offset = cbb->base->len; - if (!cbb_buffer_add(cbb->base, &prefix_bytes, len_len)) - return 0; - - memset(prefix_bytes, 0, len_len); - memset(out_contents, 0, sizeof(CBB)); - out_contents->base = cbb->base; - cbb->child = out_contents; - cbb->pending_len_len = len_len; - cbb->pending_is_asn1 = 0; - - return 1; -} - -int -CBB_add_u8_length_prefixed(CBB *cbb, CBB *out_contents) -{ - return cbb_add_length_prefixed(cbb, out_contents, 1); -} - -int -CBB_add_u16_length_prefixed(CBB *cbb, CBB *out_contents) -{ - return cbb_add_length_prefixed(cbb, out_contents, 2); -} - -int -CBB_add_u24_length_prefixed(CBB *cbb, CBB *out_contents) -{ - return cbb_add_length_prefixed(cbb, out_contents, 3); -} - -int -CBB_add_u32_length_prefixed(CBB *cbb, CBB *out_contents) -{ - return cbb_add_length_prefixed(cbb, out_contents, 4); -} - -int -CBB_add_asn1(CBB *cbb, CBB *out_contents, unsigned int tag) -{ - if (tag > UINT8_MAX) - return 0; - - /* Long form identifier octets are not supported. */ - if ((tag & 0x1f) == 0x1f) - return 0; - - /* Short-form identifier octet only needs a single byte */ - if (!CBB_flush(cbb) || !CBB_add_u8(cbb, tag)) - return 0; - - /* - * Add 1 byte to cover the short-form length octet case. If it turns - * out we need long-form, it will be extended later. - */ - cbb->offset = cbb->base->len; - if (!CBB_add_u8(cbb, 0)) - return 0; - - memset(out_contents, 0, sizeof(CBB)); - out_contents->base = cbb->base; - cbb->child = out_contents; - cbb->pending_len_len = 1; - cbb->pending_is_asn1 = 1; - - return 1; -} - -int -CBB_add_bytes(CBB *cbb, const uint8_t *data, size_t len) -{ - uint8_t *dest; - - if (!CBB_flush(cbb) || !cbb_buffer_add(cbb->base, &dest, len)) - return 0; - - memcpy(dest, data, len); - return 1; -} - -int -CBB_add_space(CBB *cbb, uint8_t **out_data, size_t len) -{ - if (!CBB_flush(cbb) || !cbb_buffer_add(cbb->base, out_data, len)) - return 0; - - memset(*out_data, 0, len); - return 1; -} - -int -CBB_add_u8(CBB *cbb, size_t value) -{ - if (value > UINT8_MAX) - return 0; - - return cbb_add_u(cbb, (uint32_t)value, 1); -} - -int -CBB_add_u16(CBB *cbb, size_t value) -{ - if (value > UINT16_MAX) - return 0; - - return cbb_add_u(cbb, (uint32_t)value, 2); -} - -int -CBB_add_u24(CBB *cbb, size_t value) -{ - if (value > 0xffffffUL) - return 0; - - return cbb_add_u(cbb, (uint32_t)value, 3); -} - -int -CBB_add_u32(CBB *cbb, size_t value) -{ - if (value > 0xffffffffUL) - return 0; - - return cbb_add_u(cbb, (uint32_t)value, 4); -} - -int -CBB_add_u64(CBB *cbb, uint64_t value) -{ - uint32_t a, b; - - a = value >> 32; - b = value & 0xffffffff; - - if (!CBB_add_u32(cbb, a)) - return 0; - return CBB_add_u32(cbb, b); -} - -int -CBB_add_asn1_uint64(CBB *cbb, uint64_t value) -{ - CBB child; - size_t i; - int started = 0; - - if (!CBB_add_asn1(cbb, &child, CBS_ASN1_INTEGER)) - return 0; - - for (i = 0; i < 8; i++) { - uint8_t byte = (value >> 8 * (7 - i)) & 0xff; - - /* - * ASN.1 restriction: first 9 bits cannot be all zeroes or - * all ones. Since this function only encodes unsigned - * integers, the only concerns are not encoding leading - * zeros and adding a padding byte if necessary. - * - * In practice, this means: - * 1) Skip leading octets of all zero bits in the value - * 2) After skipping the leading zero octets, if the next 9 - * bits are all ones, add an all zero prefix octet (and - * set the high bit of the prefix octet if negative). - * - * Additionally, for an unsigned value, add an all zero - * prefix if the high bit of the first octet would be one. - */ - if (!started) { - if (byte == 0) - /* Don't encode leading zeros. */ - continue; - - /* - * If the high bit is set, add a padding byte to make it - * unsigned. - */ - if ((byte & 0x80) && !CBB_add_u8(&child, 0)) - return 0; - - started = 1; - } - if (!CBB_add_u8(&child, byte)) - return 0; - } - - /* 0 is encoded as a single 0, not the empty string. */ - if (!started && !CBB_add_u8(&child, 0)) - return 0; - - return CBB_flush(cbb); -} diff --git a/src/lib/libcrypto/bytestring/bs_cbs.c b/src/lib/libcrypto/bytestring/bs_cbs.c deleted file mode 100644 index 7852d78503..0000000000 --- a/src/lib/libcrypto/bytestring/bs_cbs.c +++ /dev/null @@ -1,616 +0,0 @@ -/* $OpenBSD: bs_cbs.c,v 1.3 2024/05/25 15:12:47 tb Exp $ */ -/* - * Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include -#include - -#include "bytestring.h" - -void -CBS_init(CBS *cbs, const uint8_t *data, size_t len) -{ - cbs->data = data; - cbs->initial_len = len; - cbs->len = len; -} - -void -CBS_dup(const CBS *cbs, CBS *out) -{ - CBS_init(out, CBS_data(cbs), CBS_len(cbs)); - out->initial_len = cbs->initial_len; -} - -static int -cbs_get(CBS *cbs, const uint8_t **p, size_t n) -{ - if (cbs->len < n) - return 0; - - *p = cbs->data; - cbs->data += n; - cbs->len -= n; - return 1; -} - -static int -cbs_peek(CBS *cbs, const uint8_t **p, size_t n) -{ - if (cbs->len < n) - return 0; - - *p = cbs->data; - return 1; -} - -size_t -CBS_offset(const CBS *cbs) -{ - return cbs->initial_len - cbs->len; -} - -int -CBS_skip(CBS *cbs, size_t len) -{ - const uint8_t *dummy; - return cbs_get(cbs, &dummy, len); -} - -const uint8_t * -CBS_data(const CBS *cbs) -{ - return cbs->data; -} - -size_t -CBS_len(const CBS *cbs) -{ - return cbs->len; -} - -int -CBS_stow(const CBS *cbs, uint8_t **out_ptr, size_t *out_len) -{ - free(*out_ptr); - *out_ptr = NULL; - *out_len = 0; - - if (cbs->len == 0) - return 1; - - if ((*out_ptr = malloc(cbs->len)) == NULL) - return 0; - - memcpy(*out_ptr, cbs->data, cbs->len); - - *out_len = cbs->len; - return 1; -} - -int -CBS_strdup(const CBS *cbs, char **out_ptr) -{ - free(*out_ptr); - *out_ptr = NULL; - - if (CBS_contains_zero_byte(cbs)) - return 0; - - *out_ptr = strndup((const char *)cbs->data, cbs->len); - return (*out_ptr != NULL); -} - -int -CBS_write_bytes(const CBS *cbs, uint8_t *dst, size_t dst_len, size_t *copied) -{ - if (dst_len < cbs->len) - return 0; - - memmove(dst, cbs->data, cbs->len); - - if (copied != NULL) - *copied = cbs->len; - - return 1; -} - -int -CBS_contains_zero_byte(const CBS *cbs) -{ - return memchr(cbs->data, 0, cbs->len) != NULL; -} - -int -CBS_mem_equal(const CBS *cbs, const uint8_t *data, size_t len) -{ - if (len != cbs->len) - return 0; - - return timingsafe_memcmp(cbs->data, data, len) == 0; -} - -static int -cbs_get_u(CBS *cbs, uint32_t *out, size_t len) -{ - uint32_t result = 0; - size_t i; - const uint8_t *data; - - if (len < 1 || len > 4) - return 0; - - if (!cbs_get(cbs, &data, len)) - return 0; - - for (i = 0; i < len; i++) { - result <<= 8; - result |= data[i]; - } - *out = result; - return 1; -} - -int -CBS_get_u8(CBS *cbs, uint8_t *out) -{ - const uint8_t *v; - - if (!cbs_get(cbs, &v, 1)) - return 0; - - *out = *v; - return 1; -} - -int -CBS_get_u16(CBS *cbs, uint16_t *out) -{ - uint32_t v; - - if (!cbs_get_u(cbs, &v, 2)) - return 0; - - *out = v; - return 1; -} - -int -CBS_get_u24(CBS *cbs, uint32_t *out) -{ - return cbs_get_u(cbs, out, 3); -} - -int -CBS_get_u32(CBS *cbs, uint32_t *out) -{ - return cbs_get_u(cbs, out, 4); -} - -int -CBS_get_u64(CBS *cbs, uint64_t *out) -{ - uint32_t a, b; - - if (cbs->len < 8) - return 0; - - if (!CBS_get_u32(cbs, &a)) - return 0; - if (!CBS_get_u32(cbs, &b)) - return 0; - - *out = (uint64_t)a << 32 | b; - return 1; -} - -int -CBS_get_last_u8(CBS *cbs, uint8_t *out) -{ - if (cbs->len == 0) - return 0; - - *out = cbs->data[cbs->len - 1]; - cbs->len--; - return 1; -} - -int -CBS_get_bytes(CBS *cbs, CBS *out, size_t len) -{ - const uint8_t *v; - - if (!cbs_get(cbs, &v, len)) - return 0; - - CBS_init(out, v, len); - return 1; -} - -static int -cbs_get_length_prefixed(CBS *cbs, CBS *out, size_t len_len) -{ - uint32_t len; - - if (!cbs_get_u(cbs, &len, len_len)) - return 0; - - return CBS_get_bytes(cbs, out, len); -} - -int -CBS_get_u8_length_prefixed(CBS *cbs, CBS *out) -{ - return cbs_get_length_prefixed(cbs, out, 1); -} - -int -CBS_get_u16_length_prefixed(CBS *cbs, CBS *out) -{ - return cbs_get_length_prefixed(cbs, out, 2); -} - -int -CBS_get_u24_length_prefixed(CBS *cbs, CBS *out) -{ - return cbs_get_length_prefixed(cbs, out, 3); -} - -static int -cbs_peek_u(CBS *cbs, uint32_t *out, size_t len) -{ - uint32_t result = 0; - size_t i; - const uint8_t *data; - - if (len < 1 || len > 4) - return 0; - - if (!cbs_peek(cbs, &data, len)) - return 0; - - for (i = 0; i < len; i++) { - result <<= 8; - result |= data[i]; - } - *out = result; - return 1; -} - -int -CBS_peek_u8(CBS *cbs, uint8_t *out) -{ - const uint8_t *v; - - if (!cbs_peek(cbs, &v, 1)) - return 0; - - *out = *v; - return 1; -} - -int -CBS_peek_u16(CBS *cbs, uint16_t *out) -{ - uint32_t v; - - if (!cbs_peek_u(cbs, &v, 2)) - return 0; - - *out = v; - return 1; -} - -int -CBS_peek_u24(CBS *cbs, uint32_t *out) -{ - return cbs_peek_u(cbs, out, 3); -} - -int -CBS_peek_u32(CBS *cbs, uint32_t *out) -{ - return cbs_peek_u(cbs, out, 4); -} - -int -CBS_peek_last_u8(CBS *cbs, uint8_t *out) -{ - if (cbs->len == 0) - return 0; - - *out = cbs->data[cbs->len - 1]; - return 1; -} - -int -CBS_get_any_asn1_element(CBS *cbs, CBS *out, unsigned int *out_tag, - size_t *out_header_len) -{ - return cbs_get_any_asn1_element_internal(cbs, out, out_tag, - out_header_len, 1); -} - -/* - * Review X.690 for details on ASN.1 DER encoding. - * - * If non-strict mode is enabled, then DER rules are relaxed - * for indefinite constructs (violates DER but a little closer to BER). - * Non-strict mode should only be used by bs_ber.c - * - * Sections 8, 10 and 11 for DER encoding - */ -int -cbs_get_any_asn1_element_internal(CBS *cbs, CBS *out, unsigned int *out_tag, - size_t *out_header_len, int strict) -{ - uint8_t tag, length_byte; - CBS header = *cbs; - CBS throwaway; - size_t len; - - if (out == NULL) - out = &throwaway; - - /* - * Get identifier octet and length octet. Only 1 octet for each - * is a CBS limitation. - */ - if (!CBS_get_u8(&header, &tag) || !CBS_get_u8(&header, &length_byte)) - return 0; - - /* CBS limitation: long form tags are not supported. */ - if ((tag & 0x1f) == 0x1f) - return 0; - - if (out_tag != NULL) - *out_tag = tag; - - if ((length_byte & 0x80) == 0) { - /* Short form length. */ - len = ((size_t) length_byte) + 2; - if (out_header_len != NULL) - *out_header_len = 2; - - } else { - /* Long form length. */ - const size_t num_bytes = length_byte & 0x7f; - uint32_t len32; - - /* ASN.1 reserved value for future extensions */ - if (num_bytes == 0x7f) - return 0; - - /* Handle indefinite form length */ - if (num_bytes == 0) { - /* DER encoding doesn't allow for indefinite form. */ - if (strict) - return 0; - - /* Primitive cannot use indefinite in BER or DER. */ - if ((tag & CBS_ASN1_CONSTRUCTED) == 0) - return 0; - - /* Constructed, indefinite length allowed in BER. */ - if (out_header_len != NULL) - *out_header_len = 2; - return CBS_get_bytes(cbs, out, 2); - } - - /* CBS limitation. */ - if (num_bytes > 4) - return 0; - - if (!cbs_get_u(&header, &len32, num_bytes)) - return 0; - - /* DER has a minimum length octet requirement. */ - if (len32 < 128) - /* Should have used short form instead */ - return 0; - - if ((len32 >> ((num_bytes - 1) * 8)) == 0) - /* Length should have been at least one byte shorter. */ - return 0; - - len = len32; - if (len + 2 + num_bytes < len) - /* Overflow. */ - return 0; - - len += 2 + num_bytes; - if (out_header_len != NULL) - *out_header_len = 2 + num_bytes; - } - - return CBS_get_bytes(cbs, out, len); -} - -static int -cbs_get_asn1(CBS *cbs, CBS *out, unsigned int tag_value, int skip_header) -{ - size_t header_len; - unsigned int tag; - CBS throwaway; - - if (out == NULL) - out = &throwaway; - - if (!CBS_get_any_asn1_element(cbs, out, &tag, &header_len) || - tag != tag_value) - return 0; - - if (skip_header && !CBS_skip(out, header_len)) - return 0; - - return 1; -} - -int -CBS_get_asn1(CBS *cbs, CBS *out, unsigned int tag_value) -{ - return cbs_get_asn1(cbs, out, tag_value, 1 /* skip header */); -} - -int -CBS_get_asn1_element(CBS *cbs, CBS *out, unsigned int tag_value) -{ - return cbs_get_asn1(cbs, out, tag_value, 0 /* include header */); -} - -int -CBS_peek_asn1_tag(const CBS *cbs, unsigned int tag_value) -{ - if (CBS_len(cbs) < 1) - return 0; - - /* - * Tag number 31 indicates the start of a long form number. - * This is valid in ASN.1, but CBS only supports short form. - */ - if ((tag_value & 0x1f) == 0x1f) - return 0; - - return CBS_data(cbs)[0] == tag_value; -} - -/* Encoding details are in ASN.1: X.690 section 8.3 */ -int -CBS_get_asn1_uint64(CBS *cbs, uint64_t *out) -{ - CBS bytes; - const uint8_t *data; - size_t i, len; - - if (!CBS_get_asn1(cbs, &bytes, CBS_ASN1_INTEGER)) - return 0; - - *out = 0; - data = CBS_data(&bytes); - len = CBS_len(&bytes); - - if (len == 0) - /* An INTEGER is encoded with at least one content octet. */ - return 0; - - if ((data[0] & 0x80) != 0) - /* Negative number. */ - return 0; - - if (data[0] == 0 && len > 1 && (data[1] & 0x80) == 0) - /* Violates smallest encoding rule: excessive leading zeros. */ - return 0; - - for (i = 0; i < len; i++) { - if ((*out >> 56) != 0) - /* Too large to represent as a uint64_t. */ - return 0; - - *out <<= 8; - *out |= data[i]; - } - - return 1; -} - -int -CBS_get_optional_asn1(CBS *cbs, CBS *out, int *out_present, unsigned int tag) -{ - if (CBS_peek_asn1_tag(cbs, tag)) { - if (!CBS_get_asn1(cbs, out, tag)) - return 0; - - *out_present = 1; - } else { - *out_present = 0; - } - return 1; -} - -int -CBS_get_optional_asn1_octet_string(CBS *cbs, CBS *out, int *out_present, - unsigned int tag) -{ - CBS child; - int present; - - if (!CBS_get_optional_asn1(cbs, &child, &present, tag)) - return 0; - - if (present) { - if (!CBS_get_asn1(&child, out, CBS_ASN1_OCTETSTRING) || - CBS_len(&child) != 0) - return 0; - } else { - CBS_init(out, NULL, 0); - } - if (out_present) - *out_present = present; - - return 1; -} - -int -CBS_get_optional_asn1_uint64(CBS *cbs, uint64_t *out, unsigned int tag, - uint64_t default_value) -{ - CBS child; - int present; - - if (!CBS_get_optional_asn1(cbs, &child, &present, tag)) - return 0; - - if (present) { - if (!CBS_get_asn1_uint64(&child, out) || - CBS_len(&child) != 0) - return 0; - } else { - *out = default_value; - } - return 1; -} - -int -CBS_get_optional_asn1_bool(CBS *cbs, int *out, unsigned int tag, - int default_value) -{ - CBS child, child2; - int present; - - if (!CBS_get_optional_asn1(cbs, &child, &present, tag)) - return 0; - - if (present) { - uint8_t boolean; - - if (!CBS_get_asn1(&child, &child2, CBS_ASN1_BOOLEAN) || - CBS_len(&child2) != 1 || CBS_len(&child) != 0) - return 0; - - boolean = CBS_data(&child2)[0]; - if (boolean == 0) - *out = 0; - else if (boolean == 0xff) - *out = 1; - else - return 0; - - } else { - *out = default_value; - } - return 1; -} diff --git a/src/lib/libcrypto/bytestring/bytestring.h b/src/lib/libcrypto/bytestring/bytestring.h deleted file mode 100644 index a8028c29f7..0000000000 --- a/src/lib/libcrypto/bytestring/bytestring.h +++ /dev/null @@ -1,571 +0,0 @@ -/* $OpenBSD: bytestring.h,v 1.6 2024/12/05 19:57:37 tb Exp $ */ -/* - * Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef OPENSSL_HEADER_BYTESTRING_H -#define OPENSSL_HEADER_BYTESTRING_H - -#include -#include - -__BEGIN_HIDDEN_DECLS - -/* - * Bytestrings are used for parsing and building TLS and ASN.1 messages. - * - * A "CBS" (CRYPTO ByteString) represents a string of bytes in memory and - * provides utility functions for safely parsing length-prefixed structures - * like TLS and ASN.1 from it. - * - * A "CBB" (CRYPTO ByteBuilder) is a memory buffer that grows as needed and - * provides utility functions for building length-prefixed messages. - */ - -/* CRYPTO ByteString */ -typedef struct cbs_st { - const uint8_t *data; - size_t initial_len; - size_t len; -} CBS; - -/* - * CBS_init sets |cbs| to point to |data|. It does not take ownership of - * |data|. - */ -void CBS_init(CBS *cbs, const uint8_t *data, size_t len); - -/* - * CBS_skip advances |cbs| by |len| bytes. It returns one on success and zero - * otherwise. - */ -int CBS_skip(CBS *cbs, size_t len); - -/* - * CBS_data returns a pointer to the contents of |cbs|. - */ -const uint8_t *CBS_data(const CBS *cbs); - -/* - * CBS_len returns the number of bytes remaining in |cbs|. - */ -size_t CBS_len(const CBS *cbs); - -/* - * CBS_offset returns the current offset into the original data of |cbs|. - */ -size_t CBS_offset(const CBS *cbs); - -/* - * CBS_stow copies the current contents of |cbs| into |*out_ptr| and - * |*out_len|. If |*out_ptr| is not NULL, the contents are freed with - * free. It returns one on success and zero on allocation failure. On - * success, |*out_ptr| should be freed with free. If |cbs| is empty, - * |*out_ptr| will be NULL. - */ -int CBS_stow(const CBS *cbs, uint8_t **out_ptr, size_t *out_len); - -/* - * CBS_strdup copies the current contents of |cbs| into |*out_ptr| as a - * NUL-terminated C string. If |*out_ptr| is not NULL, the contents are freed - * with free. It returns one on success and zero on failure. On success, - * |*out_ptr| should be freed with free. If |cbs| contains NUL bytes, - * CBS_strdup will fail. - */ -int CBS_strdup(const CBS *cbs, char **out_ptr); - -/* - * CBS_write_bytes writes all of the remaining data from |cbs| into |dst| - * if it is at most |dst_len| bytes. If |copied| is not NULL, it will be set - * to the amount copied. It returns one on success and zero otherwise. - */ -int CBS_write_bytes(const CBS *cbs, uint8_t *dst, size_t dst_len, - size_t *copied); - -/* - * CBS_contains_zero_byte returns one if the current contents of |cbs| contains - * a NUL byte and zero otherwise. - */ -int CBS_contains_zero_byte(const CBS *cbs); - -/* - * CBS_mem_equal compares the current contents of |cbs| with the |len| bytes - * starting at |data|. If they're equal, it returns one, otherwise zero. If the - * lengths match, it uses a constant-time comparison. - */ -int CBS_mem_equal(const CBS *cbs, const uint8_t *data, size_t len); - -/* - * CBS_get_u8 sets |*out| to the next uint8_t from |cbs| and advances |cbs|. It - * returns one on success and zero on error. - */ -int CBS_get_u8(CBS *cbs, uint8_t *out); - -/* - * CBS_get_u16 sets |*out| to the next, big-endian uint16_t from |cbs| and - * advances |cbs|. It returns one on success and zero on error. - */ -int CBS_get_u16(CBS *cbs, uint16_t *out); - -/* - * CBS_get_u24 sets |*out| to the next, big-endian 24-bit value from |cbs| and - * advances |cbs|. It returns one on success and zero on error. - */ -int CBS_get_u24(CBS *cbs, uint32_t *out); - -/* - * CBS_get_u32 sets |*out| to the next, big-endian uint32_t value from |cbs| - * and advances |cbs|. It returns one on success and zero on error. - */ -int CBS_get_u32(CBS *cbs, uint32_t *out); - -/* - * CBS_get_u64 sets |*out| to the next, big-endian uint64_t value from |cbs| - * and advances |cbs|. It returns one on success and zero on error. - */ -int CBS_get_u64(CBS *cbs, uint64_t *out); - -/* - * CBS_get_last_u8 sets |*out| to the last uint8_t from |cbs| and shortens - * |cbs|. It returns one on success and zero on error. - */ -int CBS_get_last_u8(CBS *cbs, uint8_t *out); - -/* - * CBS_get_bytes sets |*out| to the next |len| bytes from |cbs| and advances - * |cbs|. It returns one on success and zero on error. - */ -int CBS_get_bytes(CBS *cbs, CBS *out, size_t len); - -/* - * CBS_get_u8_length_prefixed sets |*out| to the contents of an 8-bit, - * length-prefixed value from |cbs| and advances |cbs| over it. It returns one - * on success and zero on error. - */ -int CBS_get_u8_length_prefixed(CBS *cbs, CBS *out); - -/* - * CBS_get_u16_length_prefixed sets |*out| to the contents of a 16-bit, - * big-endian, length-prefixed value from |cbs| and advances |cbs| over it. It - * returns one on success and zero on error. - */ -int CBS_get_u16_length_prefixed(CBS *cbs, CBS *out); - -/* - * CBS_get_u24_length_prefixed sets |*out| to the contents of a 24-bit, - * big-endian, length-prefixed value from |cbs| and advances |cbs| over it. It - * returns one on success and zero on error. - */ -int CBS_get_u24_length_prefixed(CBS *cbs, CBS *out); - -/* - * CBS_peek_u8 sets |*out| to the next uint8_t from |cbs|, but does not advance - * |cbs|. It returns one on success and zero on error. - */ -int CBS_peek_u8(CBS *cbs, uint8_t *out); - -/* - * CBS_peek_u16 sets |*out| to the next, big-endian uint16_t from |cbs|, but - * does not advance |cbs|. It returns one on success and zero on error. - */ -int CBS_peek_u16(CBS *cbs, uint16_t *out); - -/* - * CBS_peek_u24 sets |*out| to the next, big-endian 24-bit value from |cbs|, but - * does not advance |cbs|. It returns one on success and zero on error. - */ -int CBS_peek_u24(CBS *cbs, uint32_t *out); - -/* - * CBS_peek_u32 sets |*out| to the next, big-endian uint32_t value from |cbs|, - * but does not advance |cbs|. It returns one on success and zero on error. - */ -int CBS_peek_u32(CBS *cbs, uint32_t *out); - -/* - * CBS_peek_last_u8 sets |*out| to the last uint8_t from |cbs|, but does not - * shorten |cbs|. It returns one on success and zero on error. - */ -int CBS_peek_last_u8(CBS *cbs, uint8_t *out); - - -/* Parsing ASN.1 */ - -/* - * While an identifier can be multiple octets, this library only handles the - * single octet variety currently. This limits support up to tag number 30 - * since tag number 31 is a reserved value to indicate multiple octets. - */ - -/* Bits 8 and 7: class tag type: See X.690 section 8.1.2.2. */ -#define CBS_ASN1_UNIVERSAL 0x00 -#define CBS_ASN1_APPLICATION 0x40 -#define CBS_ASN1_CONTEXT_SPECIFIC 0x80 -#define CBS_ASN1_PRIVATE 0xc0 - -/* Bit 6: Primitive or constructed: See X.690 section 8.1.2.3. */ -#define CBS_ASN1_PRIMITIVE 0x00 -#define CBS_ASN1_CONSTRUCTED 0x20 - -/* - * Bits 5 to 1 are the tag number. See X.680 section 8.6 for tag numbers of - * the universal class. - */ - -/* - * Common universal identifier octets. - * See X.690 section 8.1 and X.680 section 8.6 for universal tag numbers. - * - * Note: These definitions are the cause of some of the strange behavior in - * CBS's bs_ber.c. - * - * In BER, it is the sender's option to use primitive or constructed for - * bitstring (X.690 section 8.6.1) and octetstring (X.690 section 8.7.1). - * - * In DER, bitstring and octetstring are required to be primitive - * (X.690 section 10.2). - */ -#define CBS_ASN1_BOOLEAN (CBS_ASN1_UNIVERSAL | CBS_ASN1_PRIMITIVE | 0x1) -#define CBS_ASN1_INTEGER (CBS_ASN1_UNIVERSAL | CBS_ASN1_PRIMITIVE | 0x2) -#define CBS_ASN1_BITSTRING (CBS_ASN1_UNIVERSAL | CBS_ASN1_PRIMITIVE | 0x3) -#define CBS_ASN1_OCTETSTRING (CBS_ASN1_UNIVERSAL | CBS_ASN1_PRIMITIVE | 0x4) -#define CBS_ASN1_OBJECT (CBS_ASN1_UNIVERSAL | CBS_ASN1_PRIMITIVE | 0x6) -#define CBS_ASN1_ENUMERATED (CBS_ASN1_UNIVERSAL | CBS_ASN1_PRIMITIVE | 0xa) -#define CBS_ASN1_SEQUENCE (CBS_ASN1_UNIVERSAL | CBS_ASN1_CONSTRUCTED | 0x10) -#define CBS_ASN1_SET (CBS_ASN1_UNIVERSAL | CBS_ASN1_CONSTRUCTED | 0x11) - -/* - * CBS_get_asn1 sets |*out| to the contents of DER-encoded, ASN.1 element (not - * including tag and length bytes) and advances |cbs| over it. The ASN.1 - * element must match |tag_value|. It returns one on success and zero - * on error. - * - * Tag numbers greater than 30 are not supported (i.e. short form only). - */ -int CBS_get_asn1(CBS *cbs, CBS *out, unsigned int tag_value); - -/* - * CBS_get_asn1_element acts like |CBS_get_asn1| but |out| will include the - * ASN.1 header bytes too. - */ -int CBS_get_asn1_element(CBS *cbs, CBS *out, unsigned int tag_value); - -/* - * CBS_peek_asn1_tag looks ahead at the next ASN.1 tag and returns one - * if the next ASN.1 element on |cbs| would have tag |tag_value|. If - * |cbs| is empty or the tag does not match, it returns zero. Note: if - * it returns one, CBS_get_asn1 may still fail if the rest of the - * element is malformed. - */ -int CBS_peek_asn1_tag(const CBS *cbs, unsigned int tag_value); - -/* - * CBS_get_any_asn1_element sets |*out| to contain the next ASN.1 element from - * |*cbs| (including header bytes) and advances |*cbs|. It sets |*out_tag| to - * the tag number and |*out_header_len| to the length of the ASN.1 header. - * Each of |out|, |out_tag|, and |out_header_len| may be NULL to ignore - * the value. - * - * Tag numbers greater than 30 are not supported (i.e. short form only). - */ -int CBS_get_any_asn1_element(CBS *cbs, CBS *out, unsigned int *out_tag, - size_t *out_header_len); - -/* - * CBS_get_asn1_uint64 gets an ASN.1 INTEGER from |cbs| using |CBS_get_asn1| - * and sets |*out| to its value. It returns one on success and zero on error, - * where error includes the integer being negative, or too large to represent - * in 64 bits. - */ -int CBS_get_asn1_uint64(CBS *cbs, uint64_t *out); - -/* - * CBS_get_optional_asn1 gets an optional explicitly-tagged element - * from |cbs| tagged with |tag| and sets |*out| to its contents. If - * present, it sets |*out_present| to one, otherwise zero. It returns - * one on success, whether or not the element was present, and zero on - * decode failure. - */ -int CBS_get_optional_asn1(CBS *cbs, CBS *out, int *out_present, - unsigned int tag); - -/* - * CBS_get_optional_asn1_octet_string gets an optional - * explicitly-tagged OCTET STRING from |cbs|. If present, it sets - * |*out| to the string and |*out_present| to one. Otherwise, it sets - * |*out| to empty and |*out_present| to zero. |out_present| may be - * NULL. It returns one on success, whether or not the element was - * present, and zero on decode failure. - */ -int CBS_get_optional_asn1_octet_string(CBS *cbs, CBS *out, int *out_present, - unsigned int tag); - -/* - * CBS_get_optional_asn1_uint64 gets an optional explicitly-tagged - * INTEGER from |cbs|. If present, it sets |*out| to the - * value. Otherwise, it sets |*out| to |default_value|. It returns one - * on success, whether or not the element was present, and zero on - * decode failure. - */ -int CBS_get_optional_asn1_uint64(CBS *cbs, uint64_t *out, unsigned int tag, - uint64_t default_value); - -/* - * CBS_get_optional_asn1_bool gets an optional, explicitly-tagged BOOLEAN from - * |cbs|. If present, it sets |*out| to either zero or one, based on the - * boolean. Otherwise, it sets |*out| to |default_value|. It returns one on - * success, whether or not the element was present, and zero on decode - * failure. - */ -int CBS_get_optional_asn1_bool(CBS *cbs, int *out, unsigned int tag, - int default_value); - - -/* - * CRYPTO ByteBuilder. - * - * |CBB| objects allow one to build length-prefixed serialisations. A |CBB| - * object is associated with a buffer and new buffers are created with - * |CBB_init|. Several |CBB| objects can point at the same buffer when a - * length-prefix is pending, however only a single |CBB| can be 'current' at - * any one time. For example, if one calls |CBB_add_u8_length_prefixed| then - * the new |CBB| points at the same buffer as the original. But if the original - * |CBB| is used then the length prefix is written out and the new |CBB| must - * not be used again. - * - * If one needs to force a length prefix to be written out because a |CBB| is - * going out of scope, use |CBB_flush|. - */ - -struct cbb_buffer_st { - uint8_t *buf; - - /* The number of valid bytes. */ - size_t len; - - /* The size of buf. */ - size_t cap; - - /* - * One iff |buf| is owned by this object. If not then |buf| cannot be - * resized. - */ - char can_resize; -}; - -typedef struct cbb_st { - struct cbb_buffer_st *base; - - /* - * offset is the offset from the start of |base->buf| to the position of any - * pending length-prefix. - */ - size_t offset; - - /* child points to a child CBB if a length-prefix is pending. */ - struct cbb_st *child; - - /* - * pending_len_len contains the number of bytes in a pending length-prefix, - * or zero if no length-prefix is pending. - */ - uint8_t pending_len_len; - - char pending_is_asn1; - - /* - * is_top_level is true iff this is a top-level |CBB| (as opposed to a child - * |CBB|). Top-level objects are valid arguments for |CBB_finish|. - */ - char is_top_level; -} CBB; - -/* - * CBB_init initialises |cbb| with |initial_capacity|. Since a |CBB| grows as - * needed, the |initial_capacity| is just a hint. It returns one on success or - * zero on error. - */ -int CBB_init(CBB *cbb, size_t initial_capacity); - -/* - * CBB_init_fixed initialises |cbb| to write to |len| bytes at |buf|. Since - * |buf| cannot grow, trying to write more than |len| bytes will cause CBB - * functions to fail. It returns one on success or zero on error. - */ -int CBB_init_fixed(CBB *cbb, uint8_t *buf, size_t len); - -/* - * CBB_cleanup frees all resources owned by |cbb| and other |CBB| objects - * writing to the same buffer. This should be used in an error case where a - * serialisation is abandoned. - */ -void CBB_cleanup(CBB *cbb); - -/* - * CBB_finish completes any pending length prefix and sets |*out_data| to a - * malloced buffer and |*out_len| to the length of that buffer. The caller - * takes ownership of the buffer and, unless the buffer was fixed with - * |CBB_init_fixed|, must call |free| when done. - * - * It can only be called on a "top level" |CBB|, i.e. one initialised with - * |CBB_init| or |CBB_init_fixed|. It returns one on success and zero on - * error. - */ -int CBB_finish(CBB *cbb, uint8_t **out_data, size_t *out_len); - -/* - * CBB_flush causes any pending length prefixes to be written out and any child - * |CBB| objects of |cbb| to be invalidated. It returns one on success or zero - * on error. - */ -int CBB_flush(CBB *cbb); - -/* - * CBB_discard_child discards the current unflushed child of |cbb|. Neither the - * child's contents nor the length prefix will be included in the output. - */ -void CBB_discard_child(CBB *cbb); - -/* - * CBB_add_u8_length_prefixed sets |*out_contents| to a new child of |cbb|. The - * data written to |*out_contents| will be prefixed in |cbb| with an 8-bit - * length. It returns one on success or zero on error. - */ -int CBB_add_u8_length_prefixed(CBB *cbb, CBB *out_contents); - -/* - * CBB_add_u16_length_prefixed sets |*out_contents| to a new child of |cbb|. - * The data written to |*out_contents| will be prefixed in |cbb| with a 16-bit, - * big-endian length. It returns one on success or zero on error. - */ -int CBB_add_u16_length_prefixed(CBB *cbb, CBB *out_contents); - -/* - * CBB_add_u24_length_prefixed sets |*out_contents| to a new child of |cbb|. - * The data written to |*out_contents| will be prefixed in |cbb| with a 24-bit, - * big-endian length. It returns one on success or zero on error. - */ -int CBB_add_u24_length_prefixed(CBB *cbb, CBB *out_contents); - -/* - * CBB_add_u32_length_prefixed sets |*out_contents| to a new child of |cbb|. - * The data written to |*out_contents| will be prefixed in |cbb| with a 32-bit, - * big-endian length. It returns one on success or zero on error. - */ -int CBB_add_u32_length_prefixed(CBB *cbb, CBB *out_contents); - -/* - * CBB_add_asn sets |*out_contents| to a |CBB| into which the contents of an - * ASN.1 object can be written. The |tag| argument will be used as the tag for - * the object. Passing in |tag| number 31 will return in an error since only - * single octet identifiers are supported. It returns one on success or zero - * on error. - */ -int CBB_add_asn1(CBB *cbb, CBB *out_contents, unsigned int tag); - -/* - * CBB_add_bytes appends |len| bytes from |data| to |cbb|. It returns one on - * success and zero otherwise. - */ -int CBB_add_bytes(CBB *cbb, const uint8_t *data, size_t len); - -/* - * CBB_add_space appends |len| bytes to |cbb| and sets |*out_data| to point to - * the beginning of that space. The caller must then write |len| bytes of - * actual contents to |*out_data|. It returns one on success and zero - * otherwise. - */ -int CBB_add_space(CBB *cbb, uint8_t **out_data, size_t len); - -/* - * CBB_add_u8 appends an 8-bit number from |value| to |cbb|. It returns one on - * success and zero otherwise. - */ -int CBB_add_u8(CBB *cbb, size_t value); - -/* - * CBB_add_u8 appends a 16-bit, big-endian number from |value| to |cbb|. It - * returns one on success and zero otherwise. - */ -int CBB_add_u16(CBB *cbb, size_t value); - -/* - * CBB_add_u24 appends a 24-bit, big-endian number from |value| to |cbb|. It - * returns one on success and zero otherwise. - */ -int CBB_add_u24(CBB *cbb, size_t value); - -/* - * CBB_add_u32 appends a 32-bit, big-endian number from |value| to |cbb|. It - * returns one on success and zero otherwise. - */ -int CBB_add_u32(CBB *cbb, size_t value); - -/* - * CBB_add_u64 appends a 64-bit, big-endian number from |value| to |cbb|. It - * returns one on success and zero otherwise. - */ -int CBB_add_u64(CBB *cbb, uint64_t value); - -/* - * CBB_add_asn1_uint64 writes an ASN.1 INTEGER into |cbb| using |CBB_add_asn1| - * and writes |value| in its contents. It returns one on success and zero on - * error. - */ -int CBB_add_asn1_uint64(CBB *cbb, uint64_t value); - -#ifdef LIBRESSL_INTERNAL -/* - * CBS_dup sets |out| to point to cbs's |data| and |len|. It results in two - * CBS that point to the same buffer. - */ -void CBS_dup(const CBS *cbs, CBS *out); - -/* - * cbs_get_any_asn1_element sets |*out| to contain the next ASN.1 element from - * |*cbs| (including header bytes) and advances |*cbs|. It sets |*out_tag| to - * the tag number and |*out_header_len| to the length of the ASN.1 header. If - * strict mode is disabled and the element has indefinite length then |*out| - * will only contain the header. Each of |out|, |out_tag|, and - * |out_header_len| may be NULL to ignore the value. - * - * Tag numbers greater than 30 are not supported (i.e. short form only). - */ -int cbs_get_any_asn1_element_internal(CBS *cbs, CBS *out, unsigned int *out_tag, - size_t *out_header_len, int strict); - -/* - * CBS_asn1_indefinite_to_definite reads an ASN.1 structure from |in|. If it - * finds indefinite-length elements that otherwise appear to be valid DER, it - * attempts to convert the DER-like data to DER and sets |*out| and - * |*out_length| to describe a malloced buffer containing the DER data. - * Additionally, |*in| will be advanced over the ASN.1 data. - * - * If it doesn't find any indefinite-length elements then it sets |*out| to - * NULL and |*in| is unmodified. - * - * This is NOT a conversion from BER to DER. There are many restrictions when - * dealing with DER data. This is only concerned with one: indefinite vs. - * definite form. However, this suffices to handle the PKCS#7 and PKCS#12 output - * from NSS. - * - * It returns one on success and zero otherwise. - */ -int CBS_asn1_indefinite_to_definite(CBS *in, uint8_t **out, size_t *out_len); -#endif /* LIBRESSL_INTERNAL */ - -__END_HIDDEN_DECLS - -#endif /* OPENSSL_HEADER_BYTESTRING_H */ diff --git a/src/lib/libcrypto/camellia/camellia.c b/src/lib/libcrypto/camellia/camellia.c deleted file mode 100644 index 94e81a4773..0000000000 --- a/src/lib/libcrypto/camellia/camellia.c +++ /dev/null @@ -1,696 +0,0 @@ -/* $OpenBSD: camellia.c,v 1.14 2024/03/30 04:58:12 joshua Exp $ */ -/* ==================================================================== - * Copyright 2006 NTT (Nippon Telegraph and Telephone Corporation) . - * ALL RIGHTS RESERVED. - * - * Intellectual Property information for Camellia: - * http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html - * - * News Release for Announcement of Camellia open source: - * http://www.ntt.co.jp/news/news06e/0604/060413a.html - * - * The Camellia Code included herein is developed by - * NTT (Nippon Telegraph and Telephone Corporation), and is contributed - * to the OpenSSL project. - * - * The Camellia Code is licensed pursuant to the OpenSSL open source - * license provided below. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -/* - * Algorithm Specification - * http://info.isl.ntt.co.jp/crypt/eng/camellia/specifications.html - */ - -/* - * This release balances code size and performance. In particular key - * schedule setup is fully unrolled, because doing so *significantly* - * reduces amount of instructions per setup round and code increase is - * justifiable. In block functions on the other hand only inner loops - * are unrolled, as full unroll gives only nominal performance boost, - * while code size grows 4 or 7 times. Also, unlike previous versions - * this one "encourages" compiler to keep intermediate variables in - * registers, which should give better "all round" results, in other - * words reasonable performance even with not so modern compilers. - */ - -#include -#include - -#include - -#include -#include - -typedef unsigned int u32; -typedef unsigned char u8; - -int Camellia_Ekeygen(int keyBitLength, const u8 *rawKey, - KEY_TABLE_TYPE keyTable); -void Camellia_EncryptBlock_Rounds(int grandRounds, const u8 plaintext[], - const KEY_TABLE_TYPE keyTable, u8 ciphertext[]); -void Camellia_DecryptBlock_Rounds(int grandRounds, const u8 ciphertext[], - const KEY_TABLE_TYPE keyTable, u8 plaintext[]); -void Camellia_EncryptBlock(int keyBitLength, const u8 plaintext[], - const KEY_TABLE_TYPE keyTable, u8 ciphertext[]); -void Camellia_DecryptBlock(int keyBitLength, const u8 ciphertext[], - const KEY_TABLE_TYPE keyTable, u8 plaintext[]); - -/* 32-bit rotations */ -#if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) -# if defined(__GNUC__) && __GNUC__>=2 -# if defined(__i386) || defined(__x86_64) -# define RightRotate(x,s) ({u32 ret; asm ("rorl %1,%0":"=r"(ret):"I"(s),"0"(x):"cc"); ret; }) -# define LeftRotate(x,s) ({u32 ret; asm ("roll %1,%0":"=r"(ret):"I"(s),"0"(x):"cc"); ret; }) -# define GETU32(p) ({u32 r=*(const u32 *)(p); asm("bswapl %0":"=r"(r):"0"(r)); r; }) -# define PUTU32(p,v) ({u32 r=(v); asm("bswapl %0":"=r"(r):"0"(r)); *(u32 *)(p)=r; }) -# elif defined(_ARCH_PPC) || defined(_ARCH_PPC64) || \ - defined(__powerpc) || defined(__ppc__) || defined(__powerpc64__) -# define LeftRotate(x,s) ({u32 ret; asm ("rlwinm %0,%1,%2,0,31":"=r"(ret):"r"(x),"I"(s)); ret; }) -# define RightRotate(x,s) LeftRotate(x,(32-s)) -# endif -# endif -#endif - -#if !defined(RightRotate) && !defined(LeftRotate) -# define RightRotate(x, s) ( ((x) >> (s)) + ((x) << (32 - s)) ) -# define LeftRotate(x, s) ( ((x) << (s)) + ((x) >> (32 - s)) ) -#endif - -#if !defined(GETU32) && !defined(PUTU32) -# define GETU32(p) (((u32)(p)[0] << 24) ^ ((u32)(p)[1] << 16) ^ ((u32)(p)[2] << 8) ^ ((u32)(p)[3])) -# define PUTU32(p,v) ((p)[0] = (u8)((v) >> 24), (p)[1] = (u8)((v) >> 16), (p)[2] = (u8)((v) >> 8), (p)[3] = (u8)(v)) -#endif - -/* S-box data */ -#define SBOX1_1110 Camellia_SBOX[0] -#define SBOX4_4404 Camellia_SBOX[1] -#define SBOX2_0222 Camellia_SBOX[2] -#define SBOX3_3033 Camellia_SBOX[3] -static const u32 Camellia_SBOX[][256] = { -{ 0x70707000, 0x82828200, 0x2c2c2c00, 0xececec00, 0xb3b3b300, 0x27272700, - 0xc0c0c000, 0xe5e5e500, 0xe4e4e400, 0x85858500, 0x57575700, 0x35353500, - 0xeaeaea00, 0x0c0c0c00, 0xaeaeae00, 0x41414100, 0x23232300, 0xefefef00, - 0x6b6b6b00, 0x93939300, 0x45454500, 0x19191900, 0xa5a5a500, 0x21212100, - 0xededed00, 0x0e0e0e00, 0x4f4f4f00, 0x4e4e4e00, 0x1d1d1d00, 0x65656500, - 0x92929200, 0xbdbdbd00, 0x86868600, 0xb8b8b800, 0xafafaf00, 0x8f8f8f00, - 0x7c7c7c00, 0xebebeb00, 0x1f1f1f00, 0xcecece00, 0x3e3e3e00, 0x30303000, - 0xdcdcdc00, 0x5f5f5f00, 0x5e5e5e00, 0xc5c5c500, 0x0b0b0b00, 0x1a1a1a00, - 0xa6a6a600, 0xe1e1e100, 0x39393900, 0xcacaca00, 0xd5d5d500, 0x47474700, - 0x5d5d5d00, 0x3d3d3d00, 0xd9d9d900, 0x01010100, 0x5a5a5a00, 0xd6d6d600, - 0x51515100, 0x56565600, 0x6c6c6c00, 0x4d4d4d00, 0x8b8b8b00, 0x0d0d0d00, - 0x9a9a9a00, 0x66666600, 0xfbfbfb00, 0xcccccc00, 0xb0b0b000, 0x2d2d2d00, - 0x74747400, 0x12121200, 0x2b2b2b00, 0x20202000, 0xf0f0f000, 0xb1b1b100, - 0x84848400, 0x99999900, 0xdfdfdf00, 0x4c4c4c00, 0xcbcbcb00, 0xc2c2c200, - 0x34343400, 0x7e7e7e00, 0x76767600, 0x05050500, 0x6d6d6d00, 0xb7b7b700, - 0xa9a9a900, 0x31313100, 0xd1d1d100, 0x17171700, 0x04040400, 0xd7d7d700, - 0x14141400, 0x58585800, 0x3a3a3a00, 0x61616100, 0xdedede00, 0x1b1b1b00, - 0x11111100, 0x1c1c1c00, 0x32323200, 0x0f0f0f00, 0x9c9c9c00, 0x16161600, - 0x53535300, 0x18181800, 0xf2f2f200, 0x22222200, 0xfefefe00, 0x44444400, - 0xcfcfcf00, 0xb2b2b200, 0xc3c3c300, 0xb5b5b500, 0x7a7a7a00, 0x91919100, - 0x24242400, 0x08080800, 0xe8e8e800, 0xa8a8a800, 0x60606000, 0xfcfcfc00, - 0x69696900, 0x50505000, 0xaaaaaa00, 0xd0d0d000, 0xa0a0a000, 0x7d7d7d00, - 0xa1a1a100, 0x89898900, 0x62626200, 0x97979700, 0x54545400, 0x5b5b5b00, - 0x1e1e1e00, 0x95959500, 0xe0e0e000, 0xffffff00, 0x64646400, 0xd2d2d200, - 0x10101000, 0xc4c4c400, 0x00000000, 0x48484800, 0xa3a3a300, 0xf7f7f700, - 0x75757500, 0xdbdbdb00, 0x8a8a8a00, 0x03030300, 0xe6e6e600, 0xdadada00, - 0x09090900, 0x3f3f3f00, 0xdddddd00, 0x94949400, 0x87878700, 0x5c5c5c00, - 0x83838300, 0x02020200, 0xcdcdcd00, 0x4a4a4a00, 0x90909000, 0x33333300, - 0x73737300, 0x67676700, 0xf6f6f600, 0xf3f3f300, 0x9d9d9d00, 0x7f7f7f00, - 0xbfbfbf00, 0xe2e2e200, 0x52525200, 0x9b9b9b00, 0xd8d8d800, 0x26262600, - 0xc8c8c800, 0x37373700, 0xc6c6c600, 0x3b3b3b00, 0x81818100, 0x96969600, - 0x6f6f6f00, 0x4b4b4b00, 0x13131300, 0xbebebe00, 0x63636300, 0x2e2e2e00, - 0xe9e9e900, 0x79797900, 0xa7a7a700, 0x8c8c8c00, 0x9f9f9f00, 0x6e6e6e00, - 0xbcbcbc00, 0x8e8e8e00, 0x29292900, 0xf5f5f500, 0xf9f9f900, 0xb6b6b600, - 0x2f2f2f00, 0xfdfdfd00, 0xb4b4b400, 0x59595900, 0x78787800, 0x98989800, - 0x06060600, 0x6a6a6a00, 0xe7e7e700, 0x46464600, 0x71717100, 0xbababa00, - 0xd4d4d400, 0x25252500, 0xababab00, 0x42424200, 0x88888800, 0xa2a2a200, - 0x8d8d8d00, 0xfafafa00, 0x72727200, 0x07070700, 0xb9b9b900, 0x55555500, - 0xf8f8f800, 0xeeeeee00, 0xacacac00, 0x0a0a0a00, 0x36363600, 0x49494900, - 0x2a2a2a00, 0x68686800, 0x3c3c3c00, 0x38383800, 0xf1f1f100, 0xa4a4a400, - 0x40404000, 0x28282800, 0xd3d3d300, 0x7b7b7b00, 0xbbbbbb00, 0xc9c9c900, - 0x43434300, 0xc1c1c100, 0x15151500, 0xe3e3e300, 0xadadad00, 0xf4f4f400, - 0x77777700, 0xc7c7c700, 0x80808000, 0x9e9e9e00 }, -{ 0x70700070, 0x2c2c002c, 0xb3b300b3, 0xc0c000c0, 0xe4e400e4, 0x57570057, - 0xeaea00ea, 0xaeae00ae, 0x23230023, 0x6b6b006b, 0x45450045, 0xa5a500a5, - 0xeded00ed, 0x4f4f004f, 0x1d1d001d, 0x92920092, 0x86860086, 0xafaf00af, - 0x7c7c007c, 0x1f1f001f, 0x3e3e003e, 0xdcdc00dc, 0x5e5e005e, 0x0b0b000b, - 0xa6a600a6, 0x39390039, 0xd5d500d5, 0x5d5d005d, 0xd9d900d9, 0x5a5a005a, - 0x51510051, 0x6c6c006c, 0x8b8b008b, 0x9a9a009a, 0xfbfb00fb, 0xb0b000b0, - 0x74740074, 0x2b2b002b, 0xf0f000f0, 0x84840084, 0xdfdf00df, 0xcbcb00cb, - 0x34340034, 0x76760076, 0x6d6d006d, 0xa9a900a9, 0xd1d100d1, 0x04040004, - 0x14140014, 0x3a3a003a, 0xdede00de, 0x11110011, 0x32320032, 0x9c9c009c, - 0x53530053, 0xf2f200f2, 0xfefe00fe, 0xcfcf00cf, 0xc3c300c3, 0x7a7a007a, - 0x24240024, 0xe8e800e8, 0x60600060, 0x69690069, 0xaaaa00aa, 0xa0a000a0, - 0xa1a100a1, 0x62620062, 0x54540054, 0x1e1e001e, 0xe0e000e0, 0x64640064, - 0x10100010, 0x00000000, 0xa3a300a3, 0x75750075, 0x8a8a008a, 0xe6e600e6, - 0x09090009, 0xdddd00dd, 0x87870087, 0x83830083, 0xcdcd00cd, 0x90900090, - 0x73730073, 0xf6f600f6, 0x9d9d009d, 0xbfbf00bf, 0x52520052, 0xd8d800d8, - 0xc8c800c8, 0xc6c600c6, 0x81810081, 0x6f6f006f, 0x13130013, 0x63630063, - 0xe9e900e9, 0xa7a700a7, 0x9f9f009f, 0xbcbc00bc, 0x29290029, 0xf9f900f9, - 0x2f2f002f, 0xb4b400b4, 0x78780078, 0x06060006, 0xe7e700e7, 0x71710071, - 0xd4d400d4, 0xabab00ab, 0x88880088, 0x8d8d008d, 0x72720072, 0xb9b900b9, - 0xf8f800f8, 0xacac00ac, 0x36360036, 0x2a2a002a, 0x3c3c003c, 0xf1f100f1, - 0x40400040, 0xd3d300d3, 0xbbbb00bb, 0x43430043, 0x15150015, 0xadad00ad, - 0x77770077, 0x80800080, 0x82820082, 0xecec00ec, 0x27270027, 0xe5e500e5, - 0x85850085, 0x35350035, 0x0c0c000c, 0x41410041, 0xefef00ef, 0x93930093, - 0x19190019, 0x21210021, 0x0e0e000e, 0x4e4e004e, 0x65650065, 0xbdbd00bd, - 0xb8b800b8, 0x8f8f008f, 0xebeb00eb, 0xcece00ce, 0x30300030, 0x5f5f005f, - 0xc5c500c5, 0x1a1a001a, 0xe1e100e1, 0xcaca00ca, 0x47470047, 0x3d3d003d, - 0x01010001, 0xd6d600d6, 0x56560056, 0x4d4d004d, 0x0d0d000d, 0x66660066, - 0xcccc00cc, 0x2d2d002d, 0x12120012, 0x20200020, 0xb1b100b1, 0x99990099, - 0x4c4c004c, 0xc2c200c2, 0x7e7e007e, 0x05050005, 0xb7b700b7, 0x31310031, - 0x17170017, 0xd7d700d7, 0x58580058, 0x61610061, 0x1b1b001b, 0x1c1c001c, - 0x0f0f000f, 0x16160016, 0x18180018, 0x22220022, 0x44440044, 0xb2b200b2, - 0xb5b500b5, 0x91910091, 0x08080008, 0xa8a800a8, 0xfcfc00fc, 0x50500050, - 0xd0d000d0, 0x7d7d007d, 0x89890089, 0x97970097, 0x5b5b005b, 0x95950095, - 0xffff00ff, 0xd2d200d2, 0xc4c400c4, 0x48480048, 0xf7f700f7, 0xdbdb00db, - 0x03030003, 0xdada00da, 0x3f3f003f, 0x94940094, 0x5c5c005c, 0x02020002, - 0x4a4a004a, 0x33330033, 0x67670067, 0xf3f300f3, 0x7f7f007f, 0xe2e200e2, - 0x9b9b009b, 0x26260026, 0x37370037, 0x3b3b003b, 0x96960096, 0x4b4b004b, - 0xbebe00be, 0x2e2e002e, 0x79790079, 0x8c8c008c, 0x6e6e006e, 0x8e8e008e, - 0xf5f500f5, 0xb6b600b6, 0xfdfd00fd, 0x59590059, 0x98980098, 0x6a6a006a, - 0x46460046, 0xbaba00ba, 0x25250025, 0x42420042, 0xa2a200a2, 0xfafa00fa, - 0x07070007, 0x55550055, 0xeeee00ee, 0x0a0a000a, 0x49490049, 0x68680068, - 0x38380038, 0xa4a400a4, 0x28280028, 0x7b7b007b, 0xc9c900c9, 0xc1c100c1, - 0xe3e300e3, 0xf4f400f4, 0xc7c700c7, 0x9e9e009e }, -{ 0x00e0e0e0, 0x00050505, 0x00585858, 0x00d9d9d9, 0x00676767, 0x004e4e4e, - 0x00818181, 0x00cbcbcb, 0x00c9c9c9, 0x000b0b0b, 0x00aeaeae, 0x006a6a6a, - 0x00d5d5d5, 0x00181818, 0x005d5d5d, 0x00828282, 0x00464646, 0x00dfdfdf, - 0x00d6d6d6, 0x00272727, 0x008a8a8a, 0x00323232, 0x004b4b4b, 0x00424242, - 0x00dbdbdb, 0x001c1c1c, 0x009e9e9e, 0x009c9c9c, 0x003a3a3a, 0x00cacaca, - 0x00252525, 0x007b7b7b, 0x000d0d0d, 0x00717171, 0x005f5f5f, 0x001f1f1f, - 0x00f8f8f8, 0x00d7d7d7, 0x003e3e3e, 0x009d9d9d, 0x007c7c7c, 0x00606060, - 0x00b9b9b9, 0x00bebebe, 0x00bcbcbc, 0x008b8b8b, 0x00161616, 0x00343434, - 0x004d4d4d, 0x00c3c3c3, 0x00727272, 0x00959595, 0x00ababab, 0x008e8e8e, - 0x00bababa, 0x007a7a7a, 0x00b3b3b3, 0x00020202, 0x00b4b4b4, 0x00adadad, - 0x00a2a2a2, 0x00acacac, 0x00d8d8d8, 0x009a9a9a, 0x00171717, 0x001a1a1a, - 0x00353535, 0x00cccccc, 0x00f7f7f7, 0x00999999, 0x00616161, 0x005a5a5a, - 0x00e8e8e8, 0x00242424, 0x00565656, 0x00404040, 0x00e1e1e1, 0x00636363, - 0x00090909, 0x00333333, 0x00bfbfbf, 0x00989898, 0x00979797, 0x00858585, - 0x00686868, 0x00fcfcfc, 0x00ececec, 0x000a0a0a, 0x00dadada, 0x006f6f6f, - 0x00535353, 0x00626262, 0x00a3a3a3, 0x002e2e2e, 0x00080808, 0x00afafaf, - 0x00282828, 0x00b0b0b0, 0x00747474, 0x00c2c2c2, 0x00bdbdbd, 0x00363636, - 0x00222222, 0x00383838, 0x00646464, 0x001e1e1e, 0x00393939, 0x002c2c2c, - 0x00a6a6a6, 0x00303030, 0x00e5e5e5, 0x00444444, 0x00fdfdfd, 0x00888888, - 0x009f9f9f, 0x00656565, 0x00878787, 0x006b6b6b, 0x00f4f4f4, 0x00232323, - 0x00484848, 0x00101010, 0x00d1d1d1, 0x00515151, 0x00c0c0c0, 0x00f9f9f9, - 0x00d2d2d2, 0x00a0a0a0, 0x00555555, 0x00a1a1a1, 0x00414141, 0x00fafafa, - 0x00434343, 0x00131313, 0x00c4c4c4, 0x002f2f2f, 0x00a8a8a8, 0x00b6b6b6, - 0x003c3c3c, 0x002b2b2b, 0x00c1c1c1, 0x00ffffff, 0x00c8c8c8, 0x00a5a5a5, - 0x00202020, 0x00898989, 0x00000000, 0x00909090, 0x00474747, 0x00efefef, - 0x00eaeaea, 0x00b7b7b7, 0x00151515, 0x00060606, 0x00cdcdcd, 0x00b5b5b5, - 0x00121212, 0x007e7e7e, 0x00bbbbbb, 0x00292929, 0x000f0f0f, 0x00b8b8b8, - 0x00070707, 0x00040404, 0x009b9b9b, 0x00949494, 0x00212121, 0x00666666, - 0x00e6e6e6, 0x00cecece, 0x00ededed, 0x00e7e7e7, 0x003b3b3b, 0x00fefefe, - 0x007f7f7f, 0x00c5c5c5, 0x00a4a4a4, 0x00373737, 0x00b1b1b1, 0x004c4c4c, - 0x00919191, 0x006e6e6e, 0x008d8d8d, 0x00767676, 0x00030303, 0x002d2d2d, - 0x00dedede, 0x00969696, 0x00262626, 0x007d7d7d, 0x00c6c6c6, 0x005c5c5c, - 0x00d3d3d3, 0x00f2f2f2, 0x004f4f4f, 0x00191919, 0x003f3f3f, 0x00dcdcdc, - 0x00797979, 0x001d1d1d, 0x00525252, 0x00ebebeb, 0x00f3f3f3, 0x006d6d6d, - 0x005e5e5e, 0x00fbfbfb, 0x00696969, 0x00b2b2b2, 0x00f0f0f0, 0x00313131, - 0x000c0c0c, 0x00d4d4d4, 0x00cfcfcf, 0x008c8c8c, 0x00e2e2e2, 0x00757575, - 0x00a9a9a9, 0x004a4a4a, 0x00575757, 0x00848484, 0x00111111, 0x00454545, - 0x001b1b1b, 0x00f5f5f5, 0x00e4e4e4, 0x000e0e0e, 0x00737373, 0x00aaaaaa, - 0x00f1f1f1, 0x00dddddd, 0x00595959, 0x00141414, 0x006c6c6c, 0x00929292, - 0x00545454, 0x00d0d0d0, 0x00787878, 0x00707070, 0x00e3e3e3, 0x00494949, - 0x00808080, 0x00505050, 0x00a7a7a7, 0x00f6f6f6, 0x00777777, 0x00939393, - 0x00868686, 0x00838383, 0x002a2a2a, 0x00c7c7c7, 0x005b5b5b, 0x00e9e9e9, - 0x00eeeeee, 0x008f8f8f, 0x00010101, 0x003d3d3d }, -{ 0x38003838, 0x41004141, 0x16001616, 0x76007676, 0xd900d9d9, 0x93009393, - 0x60006060, 0xf200f2f2, 0x72007272, 0xc200c2c2, 0xab00abab, 0x9a009a9a, - 0x75007575, 0x06000606, 0x57005757, 0xa000a0a0, 0x91009191, 0xf700f7f7, - 0xb500b5b5, 0xc900c9c9, 0xa200a2a2, 0x8c008c8c, 0xd200d2d2, 0x90009090, - 0xf600f6f6, 0x07000707, 0xa700a7a7, 0x27002727, 0x8e008e8e, 0xb200b2b2, - 0x49004949, 0xde00dede, 0x43004343, 0x5c005c5c, 0xd700d7d7, 0xc700c7c7, - 0x3e003e3e, 0xf500f5f5, 0x8f008f8f, 0x67006767, 0x1f001f1f, 0x18001818, - 0x6e006e6e, 0xaf00afaf, 0x2f002f2f, 0xe200e2e2, 0x85008585, 0x0d000d0d, - 0x53005353, 0xf000f0f0, 0x9c009c9c, 0x65006565, 0xea00eaea, 0xa300a3a3, - 0xae00aeae, 0x9e009e9e, 0xec00ecec, 0x80008080, 0x2d002d2d, 0x6b006b6b, - 0xa800a8a8, 0x2b002b2b, 0x36003636, 0xa600a6a6, 0xc500c5c5, 0x86008686, - 0x4d004d4d, 0x33003333, 0xfd00fdfd, 0x66006666, 0x58005858, 0x96009696, - 0x3a003a3a, 0x09000909, 0x95009595, 0x10001010, 0x78007878, 0xd800d8d8, - 0x42004242, 0xcc00cccc, 0xef00efef, 0x26002626, 0xe500e5e5, 0x61006161, - 0x1a001a1a, 0x3f003f3f, 0x3b003b3b, 0x82008282, 0xb600b6b6, 0xdb00dbdb, - 0xd400d4d4, 0x98009898, 0xe800e8e8, 0x8b008b8b, 0x02000202, 0xeb00ebeb, - 0x0a000a0a, 0x2c002c2c, 0x1d001d1d, 0xb000b0b0, 0x6f006f6f, 0x8d008d8d, - 0x88008888, 0x0e000e0e, 0x19001919, 0x87008787, 0x4e004e4e, 0x0b000b0b, - 0xa900a9a9, 0x0c000c0c, 0x79007979, 0x11001111, 0x7f007f7f, 0x22002222, - 0xe700e7e7, 0x59005959, 0xe100e1e1, 0xda00dada, 0x3d003d3d, 0xc800c8c8, - 0x12001212, 0x04000404, 0x74007474, 0x54005454, 0x30003030, 0x7e007e7e, - 0xb400b4b4, 0x28002828, 0x55005555, 0x68006868, 0x50005050, 0xbe00bebe, - 0xd000d0d0, 0xc400c4c4, 0x31003131, 0xcb00cbcb, 0x2a002a2a, 0xad00adad, - 0x0f000f0f, 0xca00caca, 0x70007070, 0xff00ffff, 0x32003232, 0x69006969, - 0x08000808, 0x62006262, 0x00000000, 0x24002424, 0xd100d1d1, 0xfb00fbfb, - 0xba00baba, 0xed00eded, 0x45004545, 0x81008181, 0x73007373, 0x6d006d6d, - 0x84008484, 0x9f009f9f, 0xee00eeee, 0x4a004a4a, 0xc300c3c3, 0x2e002e2e, - 0xc100c1c1, 0x01000101, 0xe600e6e6, 0x25002525, 0x48004848, 0x99009999, - 0xb900b9b9, 0xb300b3b3, 0x7b007b7b, 0xf900f9f9, 0xce00cece, 0xbf00bfbf, - 0xdf00dfdf, 0x71007171, 0x29002929, 0xcd00cdcd, 0x6c006c6c, 0x13001313, - 0x64006464, 0x9b009b9b, 0x63006363, 0x9d009d9d, 0xc000c0c0, 0x4b004b4b, - 0xb700b7b7, 0xa500a5a5, 0x89008989, 0x5f005f5f, 0xb100b1b1, 0x17001717, - 0xf400f4f4, 0xbc00bcbc, 0xd300d3d3, 0x46004646, 0xcf00cfcf, 0x37003737, - 0x5e005e5e, 0x47004747, 0x94009494, 0xfa00fafa, 0xfc00fcfc, 0x5b005b5b, - 0x97009797, 0xfe00fefe, 0x5a005a5a, 0xac00acac, 0x3c003c3c, 0x4c004c4c, - 0x03000303, 0x35003535, 0xf300f3f3, 0x23002323, 0xb800b8b8, 0x5d005d5d, - 0x6a006a6a, 0x92009292, 0xd500d5d5, 0x21002121, 0x44004444, 0x51005151, - 0xc600c6c6, 0x7d007d7d, 0x39003939, 0x83008383, 0xdc00dcdc, 0xaa00aaaa, - 0x7c007c7c, 0x77007777, 0x56005656, 0x05000505, 0x1b001b1b, 0xa400a4a4, - 0x15001515, 0x34003434, 0x1e001e1e, 0x1c001c1c, 0xf800f8f8, 0x52005252, - 0x20002020, 0x14001414, 0xe900e9e9, 0xbd00bdbd, 0xdd00dddd, 0xe400e4e4, - 0xa100a1a1, 0xe000e0e0, 0x8a008a8a, 0xf100f1f1, 0xd600d6d6, 0x7a007a7a, - 0xbb00bbbb, 0xe300e3e3, 0x40004040, 0x4f004f4f } -}; - -/* Key generation constants */ -static const u32 SIGMA[] = { - 0xa09e667f, 0x3bcc908b, 0xb67ae858, 0x4caa73b2, 0xc6ef372f, 0xe94f82be, - 0x54ff53a5, 0xf1d36f1c, 0x10e527fa, 0xde682d1d, 0xb05688c2, 0xb3e6c1fd -}; - -/* The phi algorithm given in C.2.7 of the Camellia spec document. */ -/* - * This version does not attempt to minimize amount of temporary - * variables, but instead explicitly exposes algorithm's parallelism. - * It is therefore most appropriate for platforms with not less than - * ~16 registers. For platforms with fewer registers [well, x86 to be - * specific] assembler version should be/is provided anyway... - */ -#define Camellia_Feistel(_s0,_s1,_s2,_s3,_key) \ -do { \ - u32 _t0, _t1, _t2, _t3; \ - _t0 = _s0 ^ (_key)[0]; \ - _t3 = SBOX4_4404[_t0 & 0xff]; \ - _t1 = _s1 ^ (_key)[1]; \ - _t3 ^= SBOX3_3033[(_t0 >> 8) & 0xff]; \ - _t2 = SBOX1_1110[_t1 & 0xff]; \ - _t3 ^= SBOX2_0222[(_t0 >> 16) & 0xff]; \ - _t2 ^= SBOX4_4404[(_t1 >> 8) & 0xff]; \ - _t3 ^= SBOX1_1110[(_t0 >> 24)]; \ - _t2 ^= _t3; \ - _t3 = RightRotate(_t3, 8); \ - _t2 ^= SBOX3_3033[(_t1 >> 16) & 0xff]; \ - _s3 ^= _t3; \ - _t2 ^= SBOX2_0222[(_t1 >> 24)]; \ - _s2 ^= _t2; \ - _s3 ^= _t2; \ -} while(0) - -/* - * Note that n has to be less than 32. Rotations for larger amount - * of bits are achieved by "rotating" order of s-elements and - * adjusting n accordingly, e.g. RotLeft128(s1, s2, s3, s0, n - 32). - */ -#define RotLeft128(_s0, _s1, _s2, _s3, _n) \ -do { \ - u32 _t0 = _s0 >> (32 - _n); \ - _s0 = (_s0 << _n) | (_s1 >> (32 - _n)); \ - _s1 = (_s1 << _n) | (_s2 >> (32 - _n)); \ - _s2 = (_s2 << _n) | (_s3 >> (32 - _n)); \ - _s3 = (_s3 << _n) | _t0; \ -} while (0) - -int -Camellia_Ekeygen(int keyBitLength, const u8 *rawKey, KEY_TABLE_TYPE k) -{ - u32 s0, s1, s2, s3; - - k[0] = s0 = GETU32(rawKey); - k[1] = s1 = GETU32(rawKey + 4); - k[2] = s2 = GETU32(rawKey + 8); - k[3] = s3 = GETU32(rawKey + 12); - - if (keyBitLength != 128) { - k[8] = s0 = GETU32(rawKey + 16); - k[9] = s1 = GETU32(rawKey + 20); - if (keyBitLength == 192) { - k[10] = s2 = ~s0; - k[11] = s3 = ~s1; - } else { - k[10] = s2 = GETU32(rawKey + 24); - k[11] = s3 = GETU32(rawKey + 28); - } - s0 ^= k[0], s1 ^= k[1], s2 ^= k[2], s3 ^= k[3]; - } - - /* Use the Feistel routine to scramble the key material */ - Camellia_Feistel(s0, s1, s2, s3, SIGMA + 0); - Camellia_Feistel(s2, s3, s0, s1, SIGMA + 2); - - s0 ^= k[0], s1 ^= k[1], s2 ^= k[2], s3 ^= k[3]; - Camellia_Feistel(s0, s1, s2, s3, SIGMA + 4); - Camellia_Feistel(s2, s3, s0, s1, SIGMA + 6); - - /* Fill the keyTable. Requires many block rotations. */ - if (keyBitLength == 128) { - k[ 4] = s0, k[ 5] = s1, k[ 6] = s2, k[ 7] = s3; - RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 15 */ - k[12] = s0, k[13] = s1, k[14] = s2, k[15] = s3; - RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 30 */ - k[16] = s0, k[17] = s1, k[18] = s2, k[19] = s3; - RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 45 */ - k[24] = s0, k[25] = s1; - RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 60 */ - k[28] = s0, k[29] = s1, k[30] = s2, k[31] = s3; - RotLeft128(s1, s2, s3, s0, 2); /* KA <<< 94 */ - k[40] = s1, k[41] = s2, k[42] = s3, k[43] = s0; - RotLeft128(s1, s2, s3, s0, 17); /* KA <<<111 */ - k[48] = s1, k[49] = s2, k[50] = s3, k[51] = s0; - - s0 = k[ 0], s1 = k[ 1], s2 = k[ 2], s3 = k[ 3]; - RotLeft128(s0, s1, s2, s3, 15); /* KL <<< 15 */ - k[ 8] = s0, k[ 9] = s1, k[10] = s2, k[11] = s3; - RotLeft128(s0, s1, s2, s3, 30); /* KL <<< 45 */ - k[20] = s0, k[21] = s1, k[22] = s2, k[23] = s3; - RotLeft128(s0, s1, s2, s3, 15); /* KL <<< 60 */ - k[26] = s2, k[27] = s3; - RotLeft128(s0, s1, s2, s3, 17); /* KL <<< 77 */ - k[32] = s0, k[33] = s1, k[34] = s2, k[35] = s3; - RotLeft128(s0, s1, s2, s3, 17); /* KL <<< 94 */ - k[36] = s0, k[37] = s1, k[38] = s2, k[39] = s3; - RotLeft128(s0, s1, s2, s3, 17); /* KL <<<111 */ - k[44] = s0, k[45] = s1, k[46] = s2, k[47] = s3; - - return 3; /* grand rounds */ - } else { - k[12] = s0, k[13] = s1, k[14] = s2, k[15] = s3; - s0 ^= k[8], s1 ^= k[9], s2 ^=k[10], s3 ^=k[11]; - Camellia_Feistel(s0, s1, s2, s3, (SIGMA + 8)); - Camellia_Feistel(s2, s3, s0, s1, (SIGMA + 10)); - - k[ 4] = s0, k[ 5] = s1, k[ 6] = s2, k[ 7] = s3; - RotLeft128(s0, s1, s2, s3, 30); /* KB <<< 30 */ - k[20] = s0, k[21] = s1, k[22] = s2, k[23] = s3; - RotLeft128(s0, s1, s2, s3, 30); /* KB <<< 60 */ - k[40] = s0, k[41] = s1, k[42] = s2, k[43] = s3; - RotLeft128(s1, s2, s3, s0, 19); /* KB <<<111 */ - k[64] = s1, k[65] = s2, k[66] = s3, k[67] = s0; - - s0 = k[ 8], s1 = k[ 9], s2 = k[10], s3 = k[11]; - RotLeft128(s0, s1, s2, s3, 15); /* KR <<< 15 */ - k[ 8] = s0, k[ 9] = s1, k[10] = s2, k[11] = s3; - RotLeft128(s0, s1, s2, s3, 15); /* KR <<< 30 */ - k[16] = s0, k[17] = s1, k[18] = s2, k[19] = s3; - RotLeft128(s0, s1, s2, s3, 30); /* KR <<< 60 */ - k[36] = s0, k[37] = s1, k[38] = s2, k[39] = s3; - RotLeft128(s1, s2, s3, s0, 2); /* KR <<< 94 */ - k[52] = s1, k[53] = s2, k[54] = s3, k[55] = s0; - - s0 = k[12], s1 = k[13], s2 = k[14], s3 = k[15]; - RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 15 */ - k[12] = s0, k[13] = s1, k[14] = s2, k[15] = s3; - RotLeft128(s0, s1, s2, s3, 30); /* KA <<< 45 */ - k[28] = s0, k[29] = s1, k[30] = s2, k[31] = s3; - /* KA <<< 77 */ - k[48] = s1, k[49] = s2, k[50] = s3, k[51] = s0; - RotLeft128(s1, s2, s3, s0, 17); /* KA <<< 94 */ - k[56] = s1, k[57] = s2, k[58] = s3, k[59] = s0; - - s0 = k[ 0], s1 = k[ 1], s2 = k[ 2], s3 = k[ 3]; - RotLeft128(s1, s2, s3, s0, 13); /* KL <<< 45 */ - k[24] = s1, k[25] = s2, k[26] = s3, k[27] = s0; - RotLeft128(s1, s2, s3, s0, 15); /* KL <<< 60 */ - k[32] = s1, k[33] = s2, k[34] = s3, k[35] = s0; - RotLeft128(s1, s2, s3, s0, 17); /* KL <<< 77 */ - k[44] = s1, k[45] = s2, k[46] = s3, k[47] = s0; - RotLeft128(s2, s3, s0, s1, 2); /* KL <<<111 */ - k[60] = s2, k[61] = s3, k[62] = s0, k[63] = s1; - - return 4; /* grand rounds */ - } - /* - * It is possible to perform certain precalculations, which - * would spare few cycles in block procedure. It's not done, - * because it upsets the performance balance between key - * setup and block procedures, negatively affecting overall - * throughput in applications operating on short messages - * and volatile keys. - */ -} - -void -Camellia_EncryptBlock_Rounds(int grandRounds, const u8 plaintext[], - const KEY_TABLE_TYPE keyTable, u8 ciphertext[]) -{ - u32 s0, s1, s2, s3; - const u32 *k = keyTable, *kend = keyTable + grandRounds * 16; - - s0 = GETU32(plaintext) ^ k[0]; - s1 = GETU32(plaintext + 4) ^ k[1]; - s2 = GETU32(plaintext + 8) ^ k[2]; - s3 = GETU32(plaintext + 12) ^ k[3]; - k += 4; - - while (1) { - /* Camellia makes 6 Feistel rounds */ - Camellia_Feistel(s0, s1, s2, s3, k + 0); - Camellia_Feistel(s2, s3, s0, s1, k + 2); - Camellia_Feistel(s0, s1, s2, s3, k + 4); - Camellia_Feistel(s2, s3, s0, s1, k + 6); - Camellia_Feistel(s0, s1, s2, s3, k + 8); - Camellia_Feistel(s2, s3, s0, s1, k + 10); - k += 12; - - if (k == kend) - break; - - /* This is the same function as the diffusion function D - * of the accompanying documentation. See section 3.2 - * for properties of the FLlayer function. */ - s1 ^= LeftRotate(s0 & k[0], 1); - s2 ^= s3 | k[3]; - s0 ^= s1 | k[1]; - s3 ^= LeftRotate(s2 & k[2], 1); - k += 4; - } - - s2 ^= k[0], s3 ^= k[1], s0 ^= k[2], s1 ^= k[3]; - - PUTU32(ciphertext, s2); - PUTU32(ciphertext + 4, s3); - PUTU32(ciphertext + 8, s0); - PUTU32(ciphertext + 12, s1); -} - -void -Camellia_EncryptBlock(int keyBitLength, const u8 plaintext[], - const KEY_TABLE_TYPE keyTable, u8 ciphertext[]) -{ - Camellia_EncryptBlock_Rounds(keyBitLength == 128 ? 3 : 4, - plaintext, keyTable, ciphertext); -} - -void -Camellia_DecryptBlock_Rounds(int grandRounds, const u8 ciphertext[], - const KEY_TABLE_TYPE keyTable, u8 plaintext[]) -{ - u32 s0, s1, s2, s3; - const u32 *k = keyTable+grandRounds * 16, *kend = keyTable+4; - - s0 = GETU32(ciphertext) ^ k[0]; - s1 = GETU32(ciphertext+4) ^ k[1]; - s2 = GETU32(ciphertext+8) ^ k[2]; - s3 = GETU32(ciphertext+12) ^ k[3]; - - while (1) { - /* Camellia makes 6 Feistel rounds */ - k -= 12; - Camellia_Feistel(s0, s1, s2, s3, k+10); - Camellia_Feistel(s2, s3, s0, s1, k+8); - Camellia_Feistel(s0, s1, s2, s3, k+6); - Camellia_Feistel(s2, s3, s0, s1, k+4); - Camellia_Feistel(s0, s1, s2, s3, k+2); - Camellia_Feistel(s2, s3, s0, s1, k+0); - - if (k == kend) - break; - - /* This is the same function as the diffusion function D - * of the accompanying documentation. See section 3.2 - * for properties of the FLlayer function. */ - k -= 4; - s1 ^= LeftRotate(s0 & k[2], 1); - s2 ^= s3 | k[1]; - s0 ^= s1 | k[3]; - s3 ^= LeftRotate(s2 & k[0], 1); - } - - k -= 4; - s2 ^= k[0], s3 ^= k[1], s0 ^= k[2], s1 ^= k[3]; - - PUTU32(plaintext, s2); - PUTU32(plaintext+4, s3); - PUTU32(plaintext+8, s0); - PUTU32(plaintext+12, s1); -} - -void -Camellia_DecryptBlock(int keyBitLength, const u8 plaintext[], - const KEY_TABLE_TYPE keyTable, u8 ciphertext[]) -{ - Camellia_DecryptBlock_Rounds(keyBitLength == 128 ? 3 : 4, - plaintext, keyTable, ciphertext); -} - -int -Camellia_set_key(const unsigned char *userKey, const int bits, - CAMELLIA_KEY *key) -{ - if (userKey == NULL || key == NULL) - return -1; - if (bits != 128 && bits != 192 && bits != 256) - return -2; - key->grand_rounds = Camellia_Ekeygen(bits, userKey, key->u.rd_key); - return 0; -} -LCRYPTO_ALIAS(Camellia_set_key); - -void -Camellia_encrypt(const unsigned char *in, unsigned char *out, - const CAMELLIA_KEY *key) -{ - Camellia_EncryptBlock_Rounds(key->grand_rounds, in, key->u.rd_key, out); -} -LCRYPTO_ALIAS(Camellia_encrypt); - -void -Camellia_decrypt(const unsigned char *in, unsigned char *out, - const CAMELLIA_KEY *key) -{ - Camellia_DecryptBlock_Rounds(key->grand_rounds, in, key->u.rd_key, out); -} -LCRYPTO_ALIAS(Camellia_decrypt); - -void -Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out, size_t len, - const CAMELLIA_KEY *key, unsigned char *ivec, const int enc) -{ - if (enc) - CRYPTO_cbc128_encrypt(in, out, len, key, ivec, - (block128_f)Camellia_encrypt); - else - CRYPTO_cbc128_decrypt(in, out, len, key, ivec, - (block128_f)Camellia_decrypt); -} -LCRYPTO_ALIAS(Camellia_cbc_encrypt); - -/* - * The input and output encrypted as though 128bit cfb mode is being - * used. The extra state information to record how much of the - * 128bit block we have used is contained in *num; - */ - -void -Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const CAMELLIA_KEY *key, unsigned char *ivec, int *num, - const int enc) -{ - CRYPTO_cfb128_encrypt(in, out, length, key, ivec, num, enc, - (block128_f)Camellia_encrypt); -} -LCRYPTO_ALIAS(Camellia_cfb128_encrypt); - -/* N.B. This expects the input to be packed, MS bit first */ -void -Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const CAMELLIA_KEY *key, unsigned char *ivec, int *num, - const int enc) -{ - CRYPTO_cfb128_1_encrypt(in, out, length, key, ivec, num, enc, - (block128_f)Camellia_encrypt); -} -LCRYPTO_ALIAS(Camellia_cfb1_encrypt); - -void -Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const CAMELLIA_KEY *key, unsigned char *ivec, int *num, - const int enc) -{ - CRYPTO_cfb128_8_encrypt(in, out, length, key, ivec, num, enc, - (block128_f)Camellia_encrypt); -} -LCRYPTO_ALIAS(Camellia_cfb8_encrypt); - -void -Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const CAMELLIA_KEY *key, - unsigned char ivec[CAMELLIA_BLOCK_SIZE], - unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE], unsigned int *num) -{ - CRYPTO_ctr128_encrypt(in, out, length, key, ivec, ecount_buf, num, - (block128_f)Camellia_encrypt); -} -LCRYPTO_ALIAS(Camellia_ctr128_encrypt); - -void -Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out, - const CAMELLIA_KEY *key, const int enc) -{ - if (CAMELLIA_ENCRYPT == enc) - Camellia_encrypt(in, out, key); - else - Camellia_decrypt(in, out, key); -} -LCRYPTO_ALIAS(Camellia_ecb_encrypt); - -/* - * The input and output encrypted as though 128bit ofb mode is being - * used. The extra state information to record how much of the - * 128bit block we have used is contained in *num; - */ -void -Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const CAMELLIA_KEY *key, unsigned char *ivec, int *num) -{ - CRYPTO_ofb128_encrypt(in, out, length, key, ivec, num, - (block128_f)Camellia_encrypt); -} -LCRYPTO_ALIAS(Camellia_ofb128_encrypt); diff --git a/src/lib/libcrypto/camellia/camellia.h b/src/lib/libcrypto/camellia/camellia.h deleted file mode 100644 index c1f1a179c1..0000000000 --- a/src/lib/libcrypto/camellia/camellia.h +++ /dev/null @@ -1,121 +0,0 @@ -/* $OpenBSD: camellia.h,v 1.6 2025/01/25 17:59:44 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - */ - -#ifndef HEADER_CAMELLIA_H -#define HEADER_CAMELLIA_H - -#include - -#include - -#define CAMELLIA_ENCRYPT 1 -#define CAMELLIA_DECRYPT 0 - -/* Because array size can't be a const in C, the following two are macros. - Both sizes are in bytes. */ - -#ifdef __cplusplus -extern "C" { -#endif - -/* This should be a hidden type, but EVP requires that the size be known */ - -#define CAMELLIA_BLOCK_SIZE 16 -#define CAMELLIA_TABLE_BYTE_LEN 272 -#define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / 4) - -typedef unsigned int KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN]; /* to match with WORD */ - -struct camellia_key_st { - union { - double d; /* ensures 64-bit align */ - KEY_TABLE_TYPE rd_key; - } u; - int grand_rounds; -}; -typedef struct camellia_key_st CAMELLIA_KEY; - -int Camellia_set_key(const unsigned char *userKey, const int bits, - CAMELLIA_KEY *key); - -void Camellia_encrypt(const unsigned char *in, unsigned char *out, - const CAMELLIA_KEY *key); -void Camellia_decrypt(const unsigned char *in, unsigned char *out, - const CAMELLIA_KEY *key); - -void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out, - const CAMELLIA_KEY *key, const int enc); -void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const CAMELLIA_KEY *key, - unsigned char *ivec, const int enc); -void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const CAMELLIA_KEY *key, - unsigned char *ivec, int *num, const int enc); -void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const CAMELLIA_KEY *key, - unsigned char *ivec, int *num, const int enc); -void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const CAMELLIA_KEY *key, - unsigned char *ivec, int *num, const int enc); -void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const CAMELLIA_KEY *key, - unsigned char *ivec, int *num); -void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const CAMELLIA_KEY *key, - unsigned char ivec[CAMELLIA_BLOCK_SIZE], - unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE], - unsigned int *num); - -#ifdef __cplusplus -} -#endif - -#endif /* !HEADER_Camellia_H */ diff --git a/src/lib/libcrypto/cast/cast.c b/src/lib/libcrypto/cast/cast.c deleted file mode 100644 index b0aeb62670..0000000000 --- a/src/lib/libcrypto/cast/cast.c +++ /dev/null @@ -1,983 +0,0 @@ -/* $OpenBSD: cast.c,v 1.1 2024/03/29 07:36:38 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include "cast_local.h" - -const CAST_LONG CAST_S_table0[256] = { - 0x30fb40d4, 0x9fa0ff0b, 0x6beccd2f, 0x3f258c7a, - 0x1e213f2f, 0x9c004dd3, 0x6003e540, 0xcf9fc949, - 0xbfd4af27, 0x88bbbdb5, 0xe2034090, 0x98d09675, - 0x6e63a0e0, 0x15c361d2, 0xc2e7661d, 0x22d4ff8e, - 0x28683b6f, 0xc07fd059, 0xff2379c8, 0x775f50e2, - 0x43c340d3, 0xdf2f8656, 0x887ca41a, 0xa2d2bd2d, - 0xa1c9e0d6, 0x346c4819, 0x61b76d87, 0x22540f2f, - 0x2abe32e1, 0xaa54166b, 0x22568e3a, 0xa2d341d0, - 0x66db40c8, 0xa784392f, 0x004dff2f, 0x2db9d2de, - 0x97943fac, 0x4a97c1d8, 0x527644b7, 0xb5f437a7, - 0xb82cbaef, 0xd751d159, 0x6ff7f0ed, 0x5a097a1f, - 0x827b68d0, 0x90ecf52e, 0x22b0c054, 0xbc8e5935, - 0x4b6d2f7f, 0x50bb64a2, 0xd2664910, 0xbee5812d, - 0xb7332290, 0xe93b159f, 0xb48ee411, 0x4bff345d, - 0xfd45c240, 0xad31973f, 0xc4f6d02e, 0x55fc8165, - 0xd5b1caad, 0xa1ac2dae, 0xa2d4b76d, 0xc19b0c50, - 0x882240f2, 0x0c6e4f38, 0xa4e4bfd7, 0x4f5ba272, - 0x564c1d2f, 0xc59c5319, 0xb949e354, 0xb04669fe, - 0xb1b6ab8a, 0xc71358dd, 0x6385c545, 0x110f935d, - 0x57538ad5, 0x6a390493, 0xe63d37e0, 0x2a54f6b3, - 0x3a787d5f, 0x6276a0b5, 0x19a6fcdf, 0x7a42206a, - 0x29f9d4d5, 0xf61b1891, 0xbb72275e, 0xaa508167, - 0x38901091, 0xc6b505eb, 0x84c7cb8c, 0x2ad75a0f, - 0x874a1427, 0xa2d1936b, 0x2ad286af, 0xaa56d291, - 0xd7894360, 0x425c750d, 0x93b39e26, 0x187184c9, - 0x6c00b32d, 0x73e2bb14, 0xa0bebc3c, 0x54623779, - 0x64459eab, 0x3f328b82, 0x7718cf82, 0x59a2cea6, - 0x04ee002e, 0x89fe78e6, 0x3fab0950, 0x325ff6c2, - 0x81383f05, 0x6963c5c8, 0x76cb5ad6, 0xd49974c9, - 0xca180dcf, 0x380782d5, 0xc7fa5cf6, 0x8ac31511, - 0x35e79e13, 0x47da91d0, 0xf40f9086, 0xa7e2419e, - 0x31366241, 0x051ef495, 0xaa573b04, 0x4a805d8d, - 0x548300d0, 0x00322a3c, 0xbf64cddf, 0xba57a68e, - 0x75c6372b, 0x50afd341, 0xa7c13275, 0x915a0bf5, - 0x6b54bfab, 0x2b0b1426, 0xab4cc9d7, 0x449ccd82, - 0xf7fbf265, 0xab85c5f3, 0x1b55db94, 0xaad4e324, - 0xcfa4bd3f, 0x2deaa3e2, 0x9e204d02, 0xc8bd25ac, - 0xeadf55b3, 0xd5bd9e98, 0xe31231b2, 0x2ad5ad6c, - 0x954329de, 0xadbe4528, 0xd8710f69, 0xaa51c90f, - 0xaa786bf6, 0x22513f1e, 0xaa51a79b, 0x2ad344cc, - 0x7b5a41f0, 0xd37cfbad, 0x1b069505, 0x41ece491, - 0xb4c332e6, 0x032268d4, 0xc9600acc, 0xce387e6d, - 0xbf6bb16c, 0x6a70fb78, 0x0d03d9c9, 0xd4df39de, - 0xe01063da, 0x4736f464, 0x5ad328d8, 0xb347cc96, - 0x75bb0fc3, 0x98511bfb, 0x4ffbcc35, 0xb58bcf6a, - 0xe11f0abc, 0xbfc5fe4a, 0xa70aec10, 0xac39570a, - 0x3f04442f, 0x6188b153, 0xe0397a2e, 0x5727cb79, - 0x9ceb418f, 0x1cacd68d, 0x2ad37c96, 0x0175cb9d, - 0xc69dff09, 0xc75b65f0, 0xd9db40d8, 0xec0e7779, - 0x4744ead4, 0xb11c3274, 0xdd24cb9e, 0x7e1c54bd, - 0xf01144f9, 0xd2240eb1, 0x9675b3fd, 0xa3ac3755, - 0xd47c27af, 0x51c85f4d, 0x56907596, 0xa5bb15e6, - 0x580304f0, 0xca042cf1, 0x011a37ea, 0x8dbfaadb, - 0x35ba3e4a, 0x3526ffa0, 0xc37b4d09, 0xbc306ed9, - 0x98a52666, 0x5648f725, 0xff5e569d, 0x0ced63d0, - 0x7c63b2cf, 0x700b45e1, 0xd5ea50f1, 0x85a92872, - 0xaf1fbda7, 0xd4234870, 0xa7870bf3, 0x2d3b4d79, - 0x42e04198, 0x0cd0ede7, 0x26470db8, 0xf881814c, - 0x474d6ad7, 0x7c0c5e5c, 0xd1231959, 0x381b7298, - 0xf5d2f4db, 0xab838653, 0x6e2f1e23, 0x83719c9e, - 0xbd91e046, 0x9a56456e, 0xdc39200c, 0x20c8c571, - 0x962bda1c, 0xe1e696ff, 0xb141ab08, 0x7cca89b9, - 0x1a69e783, 0x02cc4843, 0xa2f7c579, 0x429ef47d, - 0x427b169c, 0x5ac9f049, 0xdd8f0f00, 0x5c8165bf, -}; -const CAST_LONG CAST_S_table1[256] = { - 0x1f201094, 0xef0ba75b, 0x69e3cf7e, 0x393f4380, - 0xfe61cf7a, 0xeec5207a, 0x55889c94, 0x72fc0651, - 0xada7ef79, 0x4e1d7235, 0xd55a63ce, 0xde0436ba, - 0x99c430ef, 0x5f0c0794, 0x18dcdb7d, 0xa1d6eff3, - 0xa0b52f7b, 0x59e83605, 0xee15b094, 0xe9ffd909, - 0xdc440086, 0xef944459, 0xba83ccb3, 0xe0c3cdfb, - 0xd1da4181, 0x3b092ab1, 0xf997f1c1, 0xa5e6cf7b, - 0x01420ddb, 0xe4e7ef5b, 0x25a1ff41, 0xe180f806, - 0x1fc41080, 0x179bee7a, 0xd37ac6a9, 0xfe5830a4, - 0x98de8b7f, 0x77e83f4e, 0x79929269, 0x24fa9f7b, - 0xe113c85b, 0xacc40083, 0xd7503525, 0xf7ea615f, - 0x62143154, 0x0d554b63, 0x5d681121, 0xc866c359, - 0x3d63cf73, 0xcee234c0, 0xd4d87e87, 0x5c672b21, - 0x071f6181, 0x39f7627f, 0x361e3084, 0xe4eb573b, - 0x602f64a4, 0xd63acd9c, 0x1bbc4635, 0x9e81032d, - 0x2701f50c, 0x99847ab4, 0xa0e3df79, 0xba6cf38c, - 0x10843094, 0x2537a95e, 0xf46f6ffe, 0xa1ff3b1f, - 0x208cfb6a, 0x8f458c74, 0xd9e0a227, 0x4ec73a34, - 0xfc884f69, 0x3e4de8df, 0xef0e0088, 0x3559648d, - 0x8a45388c, 0x1d804366, 0x721d9bfd, 0xa58684bb, - 0xe8256333, 0x844e8212, 0x128d8098, 0xfed33fb4, - 0xce280ae1, 0x27e19ba5, 0xd5a6c252, 0xe49754bd, - 0xc5d655dd, 0xeb667064, 0x77840b4d, 0xa1b6a801, - 0x84db26a9, 0xe0b56714, 0x21f043b7, 0xe5d05860, - 0x54f03084, 0x066ff472, 0xa31aa153, 0xdadc4755, - 0xb5625dbf, 0x68561be6, 0x83ca6b94, 0x2d6ed23b, - 0xeccf01db, 0xa6d3d0ba, 0xb6803d5c, 0xaf77a709, - 0x33b4a34c, 0x397bc8d6, 0x5ee22b95, 0x5f0e5304, - 0x81ed6f61, 0x20e74364, 0xb45e1378, 0xde18639b, - 0x881ca122, 0xb96726d1, 0x8049a7e8, 0x22b7da7b, - 0x5e552d25, 0x5272d237, 0x79d2951c, 0xc60d894c, - 0x488cb402, 0x1ba4fe5b, 0xa4b09f6b, 0x1ca815cf, - 0xa20c3005, 0x8871df63, 0xb9de2fcb, 0x0cc6c9e9, - 0x0beeff53, 0xe3214517, 0xb4542835, 0x9f63293c, - 0xee41e729, 0x6e1d2d7c, 0x50045286, 0x1e6685f3, - 0xf33401c6, 0x30a22c95, 0x31a70850, 0x60930f13, - 0x73f98417, 0xa1269859, 0xec645c44, 0x52c877a9, - 0xcdff33a6, 0xa02b1741, 0x7cbad9a2, 0x2180036f, - 0x50d99c08, 0xcb3f4861, 0xc26bd765, 0x64a3f6ab, - 0x80342676, 0x25a75e7b, 0xe4e6d1fc, 0x20c710e6, - 0xcdf0b680, 0x17844d3b, 0x31eef84d, 0x7e0824e4, - 0x2ccb49eb, 0x846a3bae, 0x8ff77888, 0xee5d60f6, - 0x7af75673, 0x2fdd5cdb, 0xa11631c1, 0x30f66f43, - 0xb3faec54, 0x157fd7fa, 0xef8579cc, 0xd152de58, - 0xdb2ffd5e, 0x8f32ce19, 0x306af97a, 0x02f03ef8, - 0x99319ad5, 0xc242fa0f, 0xa7e3ebb0, 0xc68e4906, - 0xb8da230c, 0x80823028, 0xdcdef3c8, 0xd35fb171, - 0x088a1bc8, 0xbec0c560, 0x61a3c9e8, 0xbca8f54d, - 0xc72feffa, 0x22822e99, 0x82c570b4, 0xd8d94e89, - 0x8b1c34bc, 0x301e16e6, 0x273be979, 0xb0ffeaa6, - 0x61d9b8c6, 0x00b24869, 0xb7ffce3f, 0x08dc283b, - 0x43daf65a, 0xf7e19798, 0x7619b72f, 0x8f1c9ba4, - 0xdc8637a0, 0x16a7d3b1, 0x9fc393b7, 0xa7136eeb, - 0xc6bcc63e, 0x1a513742, 0xef6828bc, 0x520365d6, - 0x2d6a77ab, 0x3527ed4b, 0x821fd216, 0x095c6e2e, - 0xdb92f2fb, 0x5eea29cb, 0x145892f5, 0x91584f7f, - 0x5483697b, 0x2667a8cc, 0x85196048, 0x8c4bacea, - 0x833860d4, 0x0d23e0f9, 0x6c387e8a, 0x0ae6d249, - 0xb284600c, 0xd835731d, 0xdcb1c647, 0xac4c56ea, - 0x3ebd81b3, 0x230eabb0, 0x6438bc87, 0xf0b5b1fa, - 0x8f5ea2b3, 0xfc184642, 0x0a036b7a, 0x4fb089bd, - 0x649da589, 0xa345415e, 0x5c038323, 0x3e5d3bb9, - 0x43d79572, 0x7e6dd07c, 0x06dfdf1e, 0x6c6cc4ef, - 0x7160a539, 0x73bfbe70, 0x83877605, 0x4523ecf1, -}; -const CAST_LONG CAST_S_table2[256] = { - 0x8defc240, 0x25fa5d9f, 0xeb903dbf, 0xe810c907, - 0x47607fff, 0x369fe44b, 0x8c1fc644, 0xaececa90, - 0xbeb1f9bf, 0xeefbcaea, 0xe8cf1950, 0x51df07ae, - 0x920e8806, 0xf0ad0548, 0xe13c8d83, 0x927010d5, - 0x11107d9f, 0x07647db9, 0xb2e3e4d4, 0x3d4f285e, - 0xb9afa820, 0xfade82e0, 0xa067268b, 0x8272792e, - 0x553fb2c0, 0x489ae22b, 0xd4ef9794, 0x125e3fbc, - 0x21fffcee, 0x825b1bfd, 0x9255c5ed, 0x1257a240, - 0x4e1a8302, 0xbae07fff, 0x528246e7, 0x8e57140e, - 0x3373f7bf, 0x8c9f8188, 0xa6fc4ee8, 0xc982b5a5, - 0xa8c01db7, 0x579fc264, 0x67094f31, 0xf2bd3f5f, - 0x40fff7c1, 0x1fb78dfc, 0x8e6bd2c1, 0x437be59b, - 0x99b03dbf, 0xb5dbc64b, 0x638dc0e6, 0x55819d99, - 0xa197c81c, 0x4a012d6e, 0xc5884a28, 0xccc36f71, - 0xb843c213, 0x6c0743f1, 0x8309893c, 0x0feddd5f, - 0x2f7fe850, 0xd7c07f7e, 0x02507fbf, 0x5afb9a04, - 0xa747d2d0, 0x1651192e, 0xaf70bf3e, 0x58c31380, - 0x5f98302e, 0x727cc3c4, 0x0a0fb402, 0x0f7fef82, - 0x8c96fdad, 0x5d2c2aae, 0x8ee99a49, 0x50da88b8, - 0x8427f4a0, 0x1eac5790, 0x796fb449, 0x8252dc15, - 0xefbd7d9b, 0xa672597d, 0xada840d8, 0x45f54504, - 0xfa5d7403, 0xe83ec305, 0x4f91751a, 0x925669c2, - 0x23efe941, 0xa903f12e, 0x60270df2, 0x0276e4b6, - 0x94fd6574, 0x927985b2, 0x8276dbcb, 0x02778176, - 0xf8af918d, 0x4e48f79e, 0x8f616ddf, 0xe29d840e, - 0x842f7d83, 0x340ce5c8, 0x96bbb682, 0x93b4b148, - 0xef303cab, 0x984faf28, 0x779faf9b, 0x92dc560d, - 0x224d1e20, 0x8437aa88, 0x7d29dc96, 0x2756d3dc, - 0x8b907cee, 0xb51fd240, 0xe7c07ce3, 0xe566b4a1, - 0xc3e9615e, 0x3cf8209d, 0x6094d1e3, 0xcd9ca341, - 0x5c76460e, 0x00ea983b, 0xd4d67881, 0xfd47572c, - 0xf76cedd9, 0xbda8229c, 0x127dadaa, 0x438a074e, - 0x1f97c090, 0x081bdb8a, 0x93a07ebe, 0xb938ca15, - 0x97b03cff, 0x3dc2c0f8, 0x8d1ab2ec, 0x64380e51, - 0x68cc7bfb, 0xd90f2788, 0x12490181, 0x5de5ffd4, - 0xdd7ef86a, 0x76a2e214, 0xb9a40368, 0x925d958f, - 0x4b39fffa, 0xba39aee9, 0xa4ffd30b, 0xfaf7933b, - 0x6d498623, 0x193cbcfa, 0x27627545, 0x825cf47a, - 0x61bd8ba0, 0xd11e42d1, 0xcead04f4, 0x127ea392, - 0x10428db7, 0x8272a972, 0x9270c4a8, 0x127de50b, - 0x285ba1c8, 0x3c62f44f, 0x35c0eaa5, 0xe805d231, - 0x428929fb, 0xb4fcdf82, 0x4fb66a53, 0x0e7dc15b, - 0x1f081fab, 0x108618ae, 0xfcfd086d, 0xf9ff2889, - 0x694bcc11, 0x236a5cae, 0x12deca4d, 0x2c3f8cc5, - 0xd2d02dfe, 0xf8ef5896, 0xe4cf52da, 0x95155b67, - 0x494a488c, 0xb9b6a80c, 0x5c8f82bc, 0x89d36b45, - 0x3a609437, 0xec00c9a9, 0x44715253, 0x0a874b49, - 0xd773bc40, 0x7c34671c, 0x02717ef6, 0x4feb5536, - 0xa2d02fff, 0xd2bf60c4, 0xd43f03c0, 0x50b4ef6d, - 0x07478cd1, 0x006e1888, 0xa2e53f55, 0xb9e6d4bc, - 0xa2048016, 0x97573833, 0xd7207d67, 0xde0f8f3d, - 0x72f87b33, 0xabcc4f33, 0x7688c55d, 0x7b00a6b0, - 0x947b0001, 0x570075d2, 0xf9bb88f8, 0x8942019e, - 0x4264a5ff, 0x856302e0, 0x72dbd92b, 0xee971b69, - 0x6ea22fde, 0x5f08ae2b, 0xaf7a616d, 0xe5c98767, - 0xcf1febd2, 0x61efc8c2, 0xf1ac2571, 0xcc8239c2, - 0x67214cb8, 0xb1e583d1, 0xb7dc3e62, 0x7f10bdce, - 0xf90a5c38, 0x0ff0443d, 0x606e6dc6, 0x60543a49, - 0x5727c148, 0x2be98a1d, 0x8ab41738, 0x20e1be24, - 0xaf96da0f, 0x68458425, 0x99833be5, 0x600d457d, - 0x282f9350, 0x8334b362, 0xd91d1120, 0x2b6d8da0, - 0x642b1e31, 0x9c305a00, 0x52bce688, 0x1b03588a, - 0xf7baefd5, 0x4142ed9c, 0xa4315c11, 0x83323ec5, - 0xdfef4636, 0xa133c501, 0xe9d3531c, 0xee353783, -}; -const CAST_LONG CAST_S_table3[256] = { - 0x9db30420, 0x1fb6e9de, 0xa7be7bef, 0xd273a298, - 0x4a4f7bdb, 0x64ad8c57, 0x85510443, 0xfa020ed1, - 0x7e287aff, 0xe60fb663, 0x095f35a1, 0x79ebf120, - 0xfd059d43, 0x6497b7b1, 0xf3641f63, 0x241e4adf, - 0x28147f5f, 0x4fa2b8cd, 0xc9430040, 0x0cc32220, - 0xfdd30b30, 0xc0a5374f, 0x1d2d00d9, 0x24147b15, - 0xee4d111a, 0x0fca5167, 0x71ff904c, 0x2d195ffe, - 0x1a05645f, 0x0c13fefe, 0x081b08ca, 0x05170121, - 0x80530100, 0xe83e5efe, 0xac9af4f8, 0x7fe72701, - 0xd2b8ee5f, 0x06df4261, 0xbb9e9b8a, 0x7293ea25, - 0xce84ffdf, 0xf5718801, 0x3dd64b04, 0xa26f263b, - 0x7ed48400, 0x547eebe6, 0x446d4ca0, 0x6cf3d6f5, - 0x2649abdf, 0xaea0c7f5, 0x36338cc1, 0x503f7e93, - 0xd3772061, 0x11b638e1, 0x72500e03, 0xf80eb2bb, - 0xabe0502e, 0xec8d77de, 0x57971e81, 0xe14f6746, - 0xc9335400, 0x6920318f, 0x081dbb99, 0xffc304a5, - 0x4d351805, 0x7f3d5ce3, 0xa6c866c6, 0x5d5bcca9, - 0xdaec6fea, 0x9f926f91, 0x9f46222f, 0x3991467d, - 0xa5bf6d8e, 0x1143c44f, 0x43958302, 0xd0214eeb, - 0x022083b8, 0x3fb6180c, 0x18f8931e, 0x281658e6, - 0x26486e3e, 0x8bd78a70, 0x7477e4c1, 0xb506e07c, - 0xf32d0a25, 0x79098b02, 0xe4eabb81, 0x28123b23, - 0x69dead38, 0x1574ca16, 0xdf871b62, 0x211c40b7, - 0xa51a9ef9, 0x0014377b, 0x041e8ac8, 0x09114003, - 0xbd59e4d2, 0xe3d156d5, 0x4fe876d5, 0x2f91a340, - 0x557be8de, 0x00eae4a7, 0x0ce5c2ec, 0x4db4bba6, - 0xe756bdff, 0xdd3369ac, 0xec17b035, 0x06572327, - 0x99afc8b0, 0x56c8c391, 0x6b65811c, 0x5e146119, - 0x6e85cb75, 0xbe07c002, 0xc2325577, 0x893ff4ec, - 0x5bbfc92d, 0xd0ec3b25, 0xb7801ab7, 0x8d6d3b24, - 0x20c763ef, 0xc366a5fc, 0x9c382880, 0x0ace3205, - 0xaac9548a, 0xeca1d7c7, 0x041afa32, 0x1d16625a, - 0x6701902c, 0x9b757a54, 0x31d477f7, 0x9126b031, - 0x36cc6fdb, 0xc70b8b46, 0xd9e66a48, 0x56e55a79, - 0x026a4ceb, 0x52437eff, 0x2f8f76b4, 0x0df980a5, - 0x8674cde3, 0xedda04eb, 0x17a9be04, 0x2c18f4df, - 0xb7747f9d, 0xab2af7b4, 0xefc34d20, 0x2e096b7c, - 0x1741a254, 0xe5b6a035, 0x213d42f6, 0x2c1c7c26, - 0x61c2f50f, 0x6552daf9, 0xd2c231f8, 0x25130f69, - 0xd8167fa2, 0x0418f2c8, 0x001a96a6, 0x0d1526ab, - 0x63315c21, 0x5e0a72ec, 0x49bafefd, 0x187908d9, - 0x8d0dbd86, 0x311170a7, 0x3e9b640c, 0xcc3e10d7, - 0xd5cad3b6, 0x0caec388, 0xf73001e1, 0x6c728aff, - 0x71eae2a1, 0x1f9af36e, 0xcfcbd12f, 0xc1de8417, - 0xac07be6b, 0xcb44a1d8, 0x8b9b0f56, 0x013988c3, - 0xb1c52fca, 0xb4be31cd, 0xd8782806, 0x12a3a4e2, - 0x6f7de532, 0x58fd7eb6, 0xd01ee900, 0x24adffc2, - 0xf4990fc5, 0x9711aac5, 0x001d7b95, 0x82e5e7d2, - 0x109873f6, 0x00613096, 0xc32d9521, 0xada121ff, - 0x29908415, 0x7fbb977f, 0xaf9eb3db, 0x29c9ed2a, - 0x5ce2a465, 0xa730f32c, 0xd0aa3fe8, 0x8a5cc091, - 0xd49e2ce7, 0x0ce454a9, 0xd60acd86, 0x015f1919, - 0x77079103, 0xdea03af6, 0x78a8565e, 0xdee356df, - 0x21f05cbe, 0x8b75e387, 0xb3c50651, 0xb8a5c3ef, - 0xd8eeb6d2, 0xe523be77, 0xc2154529, 0x2f69efdf, - 0xafe67afb, 0xf470c4b2, 0xf3e0eb5b, 0xd6cc9876, - 0x39e4460c, 0x1fda8538, 0x1987832f, 0xca007367, - 0xa99144f8, 0x296b299e, 0x492fc295, 0x9266beab, - 0xb5676e69, 0x9bd3ddda, 0xdf7e052f, 0xdb25701c, - 0x1b5e51ee, 0xf65324e6, 0x6afce36c, 0x0316cc04, - 0x8644213e, 0xb7dc59d0, 0x7965291f, 0xccd6fd43, - 0x41823979, 0x932bcdf6, 0xb657c34d, 0x4edfd282, - 0x7ae5290c, 0x3cb9536b, 0x851e20fe, 0x9833557e, - 0x13ecf0b0, 0xd3ffb372, 0x3f85c5c1, 0x0aef7ed2, -}; -const CAST_LONG CAST_S_table4[256] = { - 0x7ec90c04, 0x2c6e74b9, 0x9b0e66df, 0xa6337911, - 0xb86a7fff, 0x1dd358f5, 0x44dd9d44, 0x1731167f, - 0x08fbf1fa, 0xe7f511cc, 0xd2051b00, 0x735aba00, - 0x2ab722d8, 0x386381cb, 0xacf6243a, 0x69befd7a, - 0xe6a2e77f, 0xf0c720cd, 0xc4494816, 0xccf5c180, - 0x38851640, 0x15b0a848, 0xe68b18cb, 0x4caadeff, - 0x5f480a01, 0x0412b2aa, 0x259814fc, 0x41d0efe2, - 0x4e40b48d, 0x248eb6fb, 0x8dba1cfe, 0x41a99b02, - 0x1a550a04, 0xba8f65cb, 0x7251f4e7, 0x95a51725, - 0xc106ecd7, 0x97a5980a, 0xc539b9aa, 0x4d79fe6a, - 0xf2f3f763, 0x68af8040, 0xed0c9e56, 0x11b4958b, - 0xe1eb5a88, 0x8709e6b0, 0xd7e07156, 0x4e29fea7, - 0x6366e52d, 0x02d1c000, 0xc4ac8e05, 0x9377f571, - 0x0c05372a, 0x578535f2, 0x2261be02, 0xd642a0c9, - 0xdf13a280, 0x74b55bd2, 0x682199c0, 0xd421e5ec, - 0x53fb3ce8, 0xc8adedb3, 0x28a87fc9, 0x3d959981, - 0x5c1ff900, 0xfe38d399, 0x0c4eff0b, 0x062407ea, - 0xaa2f4fb1, 0x4fb96976, 0x90c79505, 0xb0a8a774, - 0xef55a1ff, 0xe59ca2c2, 0xa6b62d27, 0xe66a4263, - 0xdf65001f, 0x0ec50966, 0xdfdd55bc, 0x29de0655, - 0x911e739a, 0x17af8975, 0x32c7911c, 0x89f89468, - 0x0d01e980, 0x524755f4, 0x03b63cc9, 0x0cc844b2, - 0xbcf3f0aa, 0x87ac36e9, 0xe53a7426, 0x01b3d82b, - 0x1a9e7449, 0x64ee2d7e, 0xcddbb1da, 0x01c94910, - 0xb868bf80, 0x0d26f3fd, 0x9342ede7, 0x04a5c284, - 0x636737b6, 0x50f5b616, 0xf24766e3, 0x8eca36c1, - 0x136e05db, 0xfef18391, 0xfb887a37, 0xd6e7f7d4, - 0xc7fb7dc9, 0x3063fcdf, 0xb6f589de, 0xec2941da, - 0x26e46695, 0xb7566419, 0xf654efc5, 0xd08d58b7, - 0x48925401, 0xc1bacb7f, 0xe5ff550f, 0xb6083049, - 0x5bb5d0e8, 0x87d72e5a, 0xab6a6ee1, 0x223a66ce, - 0xc62bf3cd, 0x9e0885f9, 0x68cb3e47, 0x086c010f, - 0xa21de820, 0xd18b69de, 0xf3f65777, 0xfa02c3f6, - 0x407edac3, 0xcbb3d550, 0x1793084d, 0xb0d70eba, - 0x0ab378d5, 0xd951fb0c, 0xded7da56, 0x4124bbe4, - 0x94ca0b56, 0x0f5755d1, 0xe0e1e56e, 0x6184b5be, - 0x580a249f, 0x94f74bc0, 0xe327888e, 0x9f7b5561, - 0xc3dc0280, 0x05687715, 0x646c6bd7, 0x44904db3, - 0x66b4f0a3, 0xc0f1648a, 0x697ed5af, 0x49e92ff6, - 0x309e374f, 0x2cb6356a, 0x85808573, 0x4991f840, - 0x76f0ae02, 0x083be84d, 0x28421c9a, 0x44489406, - 0x736e4cb8, 0xc1092910, 0x8bc95fc6, 0x7d869cf4, - 0x134f616f, 0x2e77118d, 0xb31b2be1, 0xaa90b472, - 0x3ca5d717, 0x7d161bba, 0x9cad9010, 0xaf462ba2, - 0x9fe459d2, 0x45d34559, 0xd9f2da13, 0xdbc65487, - 0xf3e4f94e, 0x176d486f, 0x097c13ea, 0x631da5c7, - 0x445f7382, 0x175683f4, 0xcdc66a97, 0x70be0288, - 0xb3cdcf72, 0x6e5dd2f3, 0x20936079, 0x459b80a5, - 0xbe60e2db, 0xa9c23101, 0xeba5315c, 0x224e42f2, - 0x1c5c1572, 0xf6721b2c, 0x1ad2fff3, 0x8c25404e, - 0x324ed72f, 0x4067b7fd, 0x0523138e, 0x5ca3bc78, - 0xdc0fd66e, 0x75922283, 0x784d6b17, 0x58ebb16e, - 0x44094f85, 0x3f481d87, 0xfcfeae7b, 0x77b5ff76, - 0x8c2302bf, 0xaaf47556, 0x5f46b02a, 0x2b092801, - 0x3d38f5f7, 0x0ca81f36, 0x52af4a8a, 0x66d5e7c0, - 0xdf3b0874, 0x95055110, 0x1b5ad7a8, 0xf61ed5ad, - 0x6cf6e479, 0x20758184, 0xd0cefa65, 0x88f7be58, - 0x4a046826, 0x0ff6f8f3, 0xa09c7f70, 0x5346aba0, - 0x5ce96c28, 0xe176eda3, 0x6bac307f, 0x376829d2, - 0x85360fa9, 0x17e3fe2a, 0x24b79767, 0xf5a96b20, - 0xd6cd2595, 0x68ff1ebf, 0x7555442c, 0xf19f06be, - 0xf9e0659a, 0xeeb9491d, 0x34010718, 0xbb30cab8, - 0xe822fe15, 0x88570983, 0x750e6249, 0xda627e55, - 0x5e76ffa8, 0xb1534546, 0x6d47de08, 0xefe9e7d4, -}; -const CAST_LONG CAST_S_table5[256] = { - 0xf6fa8f9d, 0x2cac6ce1, 0x4ca34867, 0xe2337f7c, - 0x95db08e7, 0x016843b4, 0xeced5cbc, 0x325553ac, - 0xbf9f0960, 0xdfa1e2ed, 0x83f0579d, 0x63ed86b9, - 0x1ab6a6b8, 0xde5ebe39, 0xf38ff732, 0x8989b138, - 0x33f14961, 0xc01937bd, 0xf506c6da, 0xe4625e7e, - 0xa308ea99, 0x4e23e33c, 0x79cbd7cc, 0x48a14367, - 0xa3149619, 0xfec94bd5, 0xa114174a, 0xeaa01866, - 0xa084db2d, 0x09a8486f, 0xa888614a, 0x2900af98, - 0x01665991, 0xe1992863, 0xc8f30c60, 0x2e78ef3c, - 0xd0d51932, 0xcf0fec14, 0xf7ca07d2, 0xd0a82072, - 0xfd41197e, 0x9305a6b0, 0xe86be3da, 0x74bed3cd, - 0x372da53c, 0x4c7f4448, 0xdab5d440, 0x6dba0ec3, - 0x083919a7, 0x9fbaeed9, 0x49dbcfb0, 0x4e670c53, - 0x5c3d9c01, 0x64bdb941, 0x2c0e636a, 0xba7dd9cd, - 0xea6f7388, 0xe70bc762, 0x35f29adb, 0x5c4cdd8d, - 0xf0d48d8c, 0xb88153e2, 0x08a19866, 0x1ae2eac8, - 0x284caf89, 0xaa928223, 0x9334be53, 0x3b3a21bf, - 0x16434be3, 0x9aea3906, 0xefe8c36e, 0xf890cdd9, - 0x80226dae, 0xc340a4a3, 0xdf7e9c09, 0xa694a807, - 0x5b7c5ecc, 0x221db3a6, 0x9a69a02f, 0x68818a54, - 0xceb2296f, 0x53c0843a, 0xfe893655, 0x25bfe68a, - 0xb4628abc, 0xcf222ebf, 0x25ac6f48, 0xa9a99387, - 0x53bddb65, 0xe76ffbe7, 0xe967fd78, 0x0ba93563, - 0x8e342bc1, 0xe8a11be9, 0x4980740d, 0xc8087dfc, - 0x8de4bf99, 0xa11101a0, 0x7fd37975, 0xda5a26c0, - 0xe81f994f, 0x9528cd89, 0xfd339fed, 0xb87834bf, - 0x5f04456d, 0x22258698, 0xc9c4c83b, 0x2dc156be, - 0x4f628daa, 0x57f55ec5, 0xe2220abe, 0xd2916ebf, - 0x4ec75b95, 0x24f2c3c0, 0x42d15d99, 0xcd0d7fa0, - 0x7b6e27ff, 0xa8dc8af0, 0x7345c106, 0xf41e232f, - 0x35162386, 0xe6ea8926, 0x3333b094, 0x157ec6f2, - 0x372b74af, 0x692573e4, 0xe9a9d848, 0xf3160289, - 0x3a62ef1d, 0xa787e238, 0xf3a5f676, 0x74364853, - 0x20951063, 0x4576698d, 0xb6fad407, 0x592af950, - 0x36f73523, 0x4cfb6e87, 0x7da4cec0, 0x6c152daa, - 0xcb0396a8, 0xc50dfe5d, 0xfcd707ab, 0x0921c42f, - 0x89dff0bb, 0x5fe2be78, 0x448f4f33, 0x754613c9, - 0x2b05d08d, 0x48b9d585, 0xdc049441, 0xc8098f9b, - 0x7dede786, 0xc39a3373, 0x42410005, 0x6a091751, - 0x0ef3c8a6, 0x890072d6, 0x28207682, 0xa9a9f7be, - 0xbf32679d, 0xd45b5b75, 0xb353fd00, 0xcbb0e358, - 0x830f220a, 0x1f8fb214, 0xd372cf08, 0xcc3c4a13, - 0x8cf63166, 0x061c87be, 0x88c98f88, 0x6062e397, - 0x47cf8e7a, 0xb6c85283, 0x3cc2acfb, 0x3fc06976, - 0x4e8f0252, 0x64d8314d, 0xda3870e3, 0x1e665459, - 0xc10908f0, 0x513021a5, 0x6c5b68b7, 0x822f8aa0, - 0x3007cd3e, 0x74719eef, 0xdc872681, 0x073340d4, - 0x7e432fd9, 0x0c5ec241, 0x8809286c, 0xf592d891, - 0x08a930f6, 0x957ef305, 0xb7fbffbd, 0xc266e96f, - 0x6fe4ac98, 0xb173ecc0, 0xbc60b42a, 0x953498da, - 0xfba1ae12, 0x2d4bd736, 0x0f25faab, 0xa4f3fceb, - 0xe2969123, 0x257f0c3d, 0x9348af49, 0x361400bc, - 0xe8816f4a, 0x3814f200, 0xa3f94043, 0x9c7a54c2, - 0xbc704f57, 0xda41e7f9, 0xc25ad33a, 0x54f4a084, - 0xb17f5505, 0x59357cbe, 0xedbd15c8, 0x7f97c5ab, - 0xba5ac7b5, 0xb6f6deaf, 0x3a479c3a, 0x5302da25, - 0x653d7e6a, 0x54268d49, 0x51a477ea, 0x5017d55b, - 0xd7d25d88, 0x44136c76, 0x0404a8c8, 0xb8e5a121, - 0xb81a928a, 0x60ed5869, 0x97c55b96, 0xeaec991b, - 0x29935913, 0x01fdb7f1, 0x088e8dfa, 0x9ab6f6f5, - 0x3b4cbf9f, 0x4a5de3ab, 0xe6051d35, 0xa0e1d855, - 0xd36b4cf1, 0xf544edeb, 0xb0e93524, 0xbebb8fbd, - 0xa2d762cf, 0x49c92f54, 0x38b5f331, 0x7128a454, - 0x48392905, 0xa65b1db8, 0x851c97bd, 0xd675cf2f, -}; -const CAST_LONG CAST_S_table6[256] = { - 0x85e04019, 0x332bf567, 0x662dbfff, 0xcfc65693, - 0x2a8d7f6f, 0xab9bc912, 0xde6008a1, 0x2028da1f, - 0x0227bce7, 0x4d642916, 0x18fac300, 0x50f18b82, - 0x2cb2cb11, 0xb232e75c, 0x4b3695f2, 0xb28707de, - 0xa05fbcf6, 0xcd4181e9, 0xe150210c, 0xe24ef1bd, - 0xb168c381, 0xfde4e789, 0x5c79b0d8, 0x1e8bfd43, - 0x4d495001, 0x38be4341, 0x913cee1d, 0x92a79c3f, - 0x089766be, 0xbaeeadf4, 0x1286becf, 0xb6eacb19, - 0x2660c200, 0x7565bde4, 0x64241f7a, 0x8248dca9, - 0xc3b3ad66, 0x28136086, 0x0bd8dfa8, 0x356d1cf2, - 0x107789be, 0xb3b2e9ce, 0x0502aa8f, 0x0bc0351e, - 0x166bf52a, 0xeb12ff82, 0xe3486911, 0xd34d7516, - 0x4e7b3aff, 0x5f43671b, 0x9cf6e037, 0x4981ac83, - 0x334266ce, 0x8c9341b7, 0xd0d854c0, 0xcb3a6c88, - 0x47bc2829, 0x4725ba37, 0xa66ad22b, 0x7ad61f1e, - 0x0c5cbafa, 0x4437f107, 0xb6e79962, 0x42d2d816, - 0x0a961288, 0xe1a5c06e, 0x13749e67, 0x72fc081a, - 0xb1d139f7, 0xf9583745, 0xcf19df58, 0xbec3f756, - 0xc06eba30, 0x07211b24, 0x45c28829, 0xc95e317f, - 0xbc8ec511, 0x38bc46e9, 0xc6e6fa14, 0xbae8584a, - 0xad4ebc46, 0x468f508b, 0x7829435f, 0xf124183b, - 0x821dba9f, 0xaff60ff4, 0xea2c4e6d, 0x16e39264, - 0x92544a8b, 0x009b4fc3, 0xaba68ced, 0x9ac96f78, - 0x06a5b79a, 0xb2856e6e, 0x1aec3ca9, 0xbe838688, - 0x0e0804e9, 0x55f1be56, 0xe7e5363b, 0xb3a1f25d, - 0xf7debb85, 0x61fe033c, 0x16746233, 0x3c034c28, - 0xda6d0c74, 0x79aac56c, 0x3ce4e1ad, 0x51f0c802, - 0x98f8f35a, 0x1626a49f, 0xeed82b29, 0x1d382fe3, - 0x0c4fb99a, 0xbb325778, 0x3ec6d97b, 0x6e77a6a9, - 0xcb658b5c, 0xd45230c7, 0x2bd1408b, 0x60c03eb7, - 0xb9068d78, 0xa33754f4, 0xf430c87d, 0xc8a71302, - 0xb96d8c32, 0xebd4e7be, 0xbe8b9d2d, 0x7979fb06, - 0xe7225308, 0x8b75cf77, 0x11ef8da4, 0xe083c858, - 0x8d6b786f, 0x5a6317a6, 0xfa5cf7a0, 0x5dda0033, - 0xf28ebfb0, 0xf5b9c310, 0xa0eac280, 0x08b9767a, - 0xa3d9d2b0, 0x79d34217, 0x021a718d, 0x9ac6336a, - 0x2711fd60, 0x438050e3, 0x069908a8, 0x3d7fedc4, - 0x826d2bef, 0x4eeb8476, 0x488dcf25, 0x36c9d566, - 0x28e74e41, 0xc2610aca, 0x3d49a9cf, 0xbae3b9df, - 0xb65f8de6, 0x92aeaf64, 0x3ac7d5e6, 0x9ea80509, - 0xf22b017d, 0xa4173f70, 0xdd1e16c3, 0x15e0d7f9, - 0x50b1b887, 0x2b9f4fd5, 0x625aba82, 0x6a017962, - 0x2ec01b9c, 0x15488aa9, 0xd716e740, 0x40055a2c, - 0x93d29a22, 0xe32dbf9a, 0x058745b9, 0x3453dc1e, - 0xd699296e, 0x496cff6f, 0x1c9f4986, 0xdfe2ed07, - 0xb87242d1, 0x19de7eae, 0x053e561a, 0x15ad6f8c, - 0x66626c1c, 0x7154c24c, 0xea082b2a, 0x93eb2939, - 0x17dcb0f0, 0x58d4f2ae, 0x9ea294fb, 0x52cf564c, - 0x9883fe66, 0x2ec40581, 0x763953c3, 0x01d6692e, - 0xd3a0c108, 0xa1e7160e, 0xe4f2dfa6, 0x693ed285, - 0x74904698, 0x4c2b0edd, 0x4f757656, 0x5d393378, - 0xa132234f, 0x3d321c5d, 0xc3f5e194, 0x4b269301, - 0xc79f022f, 0x3c997e7e, 0x5e4f9504, 0x3ffafbbd, - 0x76f7ad0e, 0x296693f4, 0x3d1fce6f, 0xc61e45be, - 0xd3b5ab34, 0xf72bf9b7, 0x1b0434c0, 0x4e72b567, - 0x5592a33d, 0xb5229301, 0xcfd2a87f, 0x60aeb767, - 0x1814386b, 0x30bcc33d, 0x38a0c07d, 0xfd1606f2, - 0xc363519b, 0x589dd390, 0x5479f8e6, 0x1cb8d647, - 0x97fd61a9, 0xea7759f4, 0x2d57539d, 0x569a58cf, - 0xe84e63ad, 0x462e1b78, 0x6580f87e, 0xf3817914, - 0x91da55f4, 0x40a230f3, 0xd1988f35, 0xb6e318d2, - 0x3ffa50bc, 0x3d40f021, 0xc3c0bdae, 0x4958c24c, - 0x518f36b2, 0x84b1d370, 0x0fedce83, 0x878ddada, - 0xf2a279c7, 0x94e01be8, 0x90716f4b, 0x954b8aa3, -}; -const CAST_LONG CAST_S_table7[256] = { - 0xe216300d, 0xbbddfffc, 0xa7ebdabd, 0x35648095, - 0x7789f8b7, 0xe6c1121b, 0x0e241600, 0x052ce8b5, - 0x11a9cfb0, 0xe5952f11, 0xece7990a, 0x9386d174, - 0x2a42931c, 0x76e38111, 0xb12def3a, 0x37ddddfc, - 0xde9adeb1, 0x0a0cc32c, 0xbe197029, 0x84a00940, - 0xbb243a0f, 0xb4d137cf, 0xb44e79f0, 0x049eedfd, - 0x0b15a15d, 0x480d3168, 0x8bbbde5a, 0x669ded42, - 0xc7ece831, 0x3f8f95e7, 0x72df191b, 0x7580330d, - 0x94074251, 0x5c7dcdfa, 0xabbe6d63, 0xaa402164, - 0xb301d40a, 0x02e7d1ca, 0x53571dae, 0x7a3182a2, - 0x12a8ddec, 0xfdaa335d, 0x176f43e8, 0x71fb46d4, - 0x38129022, 0xce949ad4, 0xb84769ad, 0x965bd862, - 0x82f3d055, 0x66fb9767, 0x15b80b4e, 0x1d5b47a0, - 0x4cfde06f, 0xc28ec4b8, 0x57e8726e, 0x647a78fc, - 0x99865d44, 0x608bd593, 0x6c200e03, 0x39dc5ff6, - 0x5d0b00a3, 0xae63aff2, 0x7e8bd632, 0x70108c0c, - 0xbbd35049, 0x2998df04, 0x980cf42a, 0x9b6df491, - 0x9e7edd53, 0x06918548, 0x58cb7e07, 0x3b74ef2e, - 0x522fffb1, 0xd24708cc, 0x1c7e27cd, 0xa4eb215b, - 0x3cf1d2e2, 0x19b47a38, 0x424f7618, 0x35856039, - 0x9d17dee7, 0x27eb35e6, 0xc9aff67b, 0x36baf5b8, - 0x09c467cd, 0xc18910b1, 0xe11dbf7b, 0x06cd1af8, - 0x7170c608, 0x2d5e3354, 0xd4de495a, 0x64c6d006, - 0xbcc0c62c, 0x3dd00db3, 0x708f8f34, 0x77d51b42, - 0x264f620f, 0x24b8d2bf, 0x15c1b79e, 0x46a52564, - 0xf8d7e54e, 0x3e378160, 0x7895cda5, 0x859c15a5, - 0xe6459788, 0xc37bc75f, 0xdb07ba0c, 0x0676a3ab, - 0x7f229b1e, 0x31842e7b, 0x24259fd7, 0xf8bef472, - 0x835ffcb8, 0x6df4c1f2, 0x96f5b195, 0xfd0af0fc, - 0xb0fe134c, 0xe2506d3d, 0x4f9b12ea, 0xf215f225, - 0xa223736f, 0x9fb4c428, 0x25d04979, 0x34c713f8, - 0xc4618187, 0xea7a6e98, 0x7cd16efc, 0x1436876c, - 0xf1544107, 0xbedeee14, 0x56e9af27, 0xa04aa441, - 0x3cf7c899, 0x92ecbae6, 0xdd67016d, 0x151682eb, - 0xa842eedf, 0xfdba60b4, 0xf1907b75, 0x20e3030f, - 0x24d8c29e, 0xe139673b, 0xefa63fb8, 0x71873054, - 0xb6f2cf3b, 0x9f326442, 0xcb15a4cc, 0xb01a4504, - 0xf1e47d8d, 0x844a1be5, 0xbae7dfdc, 0x42cbda70, - 0xcd7dae0a, 0x57e85b7a, 0xd53f5af6, 0x20cf4d8c, - 0xcea4d428, 0x79d130a4, 0x3486ebfb, 0x33d3cddc, - 0x77853b53, 0x37effcb5, 0xc5068778, 0xe580b3e6, - 0x4e68b8f4, 0xc5c8b37e, 0x0d809ea2, 0x398feb7c, - 0x132a4f94, 0x43b7950e, 0x2fee7d1c, 0x223613bd, - 0xdd06caa2, 0x37df932b, 0xc4248289, 0xacf3ebc3, - 0x5715f6b7, 0xef3478dd, 0xf267616f, 0xc148cbe4, - 0x9052815e, 0x5e410fab, 0xb48a2465, 0x2eda7fa4, - 0xe87b40e4, 0xe98ea084, 0x5889e9e1, 0xefd390fc, - 0xdd07d35b, 0xdb485694, 0x38d7e5b2, 0x57720101, - 0x730edebc, 0x5b643113, 0x94917e4f, 0x503c2fba, - 0x646f1282, 0x7523d24a, 0xe0779695, 0xf9c17a8f, - 0x7a5b2121, 0xd187b896, 0x29263a4d, 0xba510cdf, - 0x81f47c9f, 0xad1163ed, 0xea7b5965, 0x1a00726e, - 0x11403092, 0x00da6d77, 0x4a0cdd61, 0xad1f4603, - 0x605bdfb0, 0x9eedc364, 0x22ebe6a8, 0xcee7d28a, - 0xa0e736a0, 0x5564a6b9, 0x10853209, 0xc7eb8f37, - 0x2de705ca, 0x8951570f, 0xdf09822b, 0xbd691a6c, - 0xaa12e4f2, 0x87451c0f, 0xe0f6a27a, 0x3ada4819, - 0x4cf1764f, 0x0d771c2b, 0x67cdb156, 0x350d8384, - 0x5938fa0f, 0x42399ef3, 0x36997b07, 0x0e84093d, - 0x4aa93e61, 0x8360d87b, 0x1fa98b0c, 0x1149382c, - 0xe97625a5, 0x0614d1b7, 0x0e25244b, 0x0c768347, - 0x589e8d82, 0x0d2059d1, 0xa466bb1e, 0xf8da0a82, - 0x04f19130, 0xba6e4ec0, 0x99265164, 0x1ee7230d, - 0x50b2ad80, 0xeaee6801, 0x8db2a283, 0xea8bf59e, -}; - -#ifndef OPENBSD_CAST_ASM -void -CAST_encrypt(CAST_LONG *data, const CAST_KEY *key) -{ - CAST_LONG l, r, t; - const CAST_LONG *k; - - k = &(key->data[0]); - l = data[0]; - r = data[1]; - - E_CAST( 0, k,l, r,+,^, -); - E_CAST( 1, k,r, l,^, -,+); - E_CAST( 2, k,l, r, -,+,^); - E_CAST( 3, k,r, l,+,^, -); - E_CAST( 4, k,l, r,^, -,+); - E_CAST( 5, k,r, l, -,+,^); - E_CAST( 6, k,l, r,+,^, -); - E_CAST( 7, k,r, l,^, -,+); - E_CAST( 8, k,l, r, -,+,^); - E_CAST( 9, k,r, l,+,^, -); - E_CAST(10, k,l, r,^, -,+); - E_CAST(11, k,r, l, -,+,^); - if (!key->short_key) { - E_CAST(12, k,l, r,+,^, -); - E_CAST(13, k,r, l,^, -,+); - E_CAST(14, k,l, r, -,+,^); - E_CAST(15, k,r, l,+,^, -); - } - - data[1] = l&0xffffffffL; - data[0] = r&0xffffffffL; -} -LCRYPTO_ALIAS(CAST_encrypt); - -void -CAST_decrypt(CAST_LONG *data, const CAST_KEY *key) -{ - CAST_LONG l, r, t; - const CAST_LONG *k; - - k = &(key->data[0]); - l = data[0]; - r = data[1]; - - if (!key->short_key) { - E_CAST(15, k,l, r,+,^, -); - E_CAST(14, k,r, l, -,+,^); - E_CAST(13, k,l, r,^, -,+); - E_CAST(12, k,r, l,+,^, -); - } - E_CAST(11, k,l, r, -,+,^); - E_CAST(10, k,r, l,^, -,+); - E_CAST( 9, k,l, r,+,^, -); - E_CAST( 8, k,r, l, -,+,^); - E_CAST( 7, k,l, r,^, -,+); - E_CAST( 6, k,r, l,+,^, -); - E_CAST( 5, k,l, r, -,+,^); - E_CAST( 4, k,r, l,^, -,+); - E_CAST( 3, k,l, r,+,^, -); - E_CAST( 2, k,r, l, -,+,^); - E_CAST( 1, k,l, r,^, -,+); - E_CAST( 0, k,r, l,+,^, -); - - data[1] = l&0xffffffffL; - data[0] = r&0xffffffffL; -} -LCRYPTO_ALIAS(CAST_decrypt); -#endif - -#define CAST_exp(l,A,a,n) \ - A[n/4]=l; \ - a[n+3]=(l )&0xff; \ - a[n+2]=(l>> 8)&0xff; \ - a[n+1]=(l>>16)&0xff; \ - a[n+0]=(l>>24)&0xff; - -#define S4 CAST_S_table4 -#define S5 CAST_S_table5 -#define S6 CAST_S_table6 -#define S7 CAST_S_table7 -void -CAST_set_key(CAST_KEY *key, int len, const unsigned char *data) -{ - CAST_LONG x[16]; - CAST_LONG z[16]; - CAST_LONG k[32]; - CAST_LONG X[4], Z[4]; - CAST_LONG l, *K; - int i; - - for (i = 0; - i < 16; - i++) x[i] = 0; - if (len > 16) - len = 16; - for (i = 0; i < len; i++) - x[i] = data[i]; - if (len <= 10) - key->short_key = 1; - else - key->short_key = 0; - - K = &k[0]; - X[0] = ((x[ 0]<<24)|(x[ 1]<<16)|(x[ 2]<<8)|x[ 3])&0xffffffffL; - X[1] = ((x[ 4]<<24)|(x[ 5]<<16)|(x[ 6]<<8)|x[ 7])&0xffffffffL; - X[2] = ((x[ 8]<<24)|(x[ 9]<<16)|(x[10]<<8)|x[11])&0xffffffffL; - X[3] = ((x[12]<<24)|(x[13]<<16)|(x[14]<<8)|x[15])&0xffffffffL; - - for (;;) { - l = X[0]^S4[x[13]]^S5[x[15]]^S6[x[12]]^S7[x[14]]^S6[x[ 8]]; - CAST_exp(l, Z, z, 0); - l = X[2]^S4[z[ 0]]^S5[z[ 2]]^S6[z[ 1]]^S7[z[ 3]]^S7[x[10]]; - CAST_exp(l, Z, z, 4); - l = X[3]^S4[z[ 7]]^S5[z[ 6]]^S6[z[ 5]]^S7[z[ 4]]^S4[x[ 9]]; - CAST_exp(l, Z, z, 8); - l = X[1]^S4[z[10]]^S5[z[ 9]]^S6[z[11]]^S7[z[ 8]]^S5[x[11]]; - CAST_exp(l, Z,z, 12); - - K[0] = S4[z[ 8]]^S5[z[ 9]]^S6[z[ 7]]^S7[z[ 6]]^S4[z[ 2]]; - K[1] = S4[z[10]]^S5[z[11]]^S6[z[ 5]]^S7[z[ 4]]^S5[z[ 6]]; - K[2] = S4[z[12]]^S5[z[13]]^S6[z[ 3]]^S7[z[ 2]]^S6[z[ 9]]; - K[3] = S4[z[14]]^S5[z[15]]^S6[z[ 1]]^S7[z[ 0]]^S7[z[12]]; - - l = Z[2]^S4[z[ 5]]^S5[z[ 7]]^S6[z[ 4]]^S7[z[ 6]]^S6[z[ 0]]; - CAST_exp(l, X, x, 0); - l = Z[0]^S4[x[ 0]]^S5[x[ 2]]^S6[x[ 1]]^S7[x[ 3]]^S7[z[ 2]]; - CAST_exp(l, X, x, 4); - l = Z[1]^S4[x[ 7]]^S5[x[ 6]]^S6[x[ 5]]^S7[x[ 4]]^S4[z[ 1]]; - CAST_exp(l, X, x, 8); - l = Z[3]^S4[x[10]]^S5[x[ 9]]^S6[x[11]]^S7[x[ 8]]^S5[z[ 3]]; - CAST_exp(l, X,x, 12); - - K[4] = S4[x[ 3]]^S5[x[ 2]]^S6[x[12]]^S7[x[13]]^S4[x[ 8]]; - K[5] = S4[x[ 1]]^S5[x[ 0]]^S6[x[14]]^S7[x[15]]^S5[x[13]]; - K[6] = S4[x[ 7]]^S5[x[ 6]]^S6[x[ 8]]^S7[x[ 9]]^S6[x[ 3]]; - K[7] = S4[x[ 5]]^S5[x[ 4]]^S6[x[10]]^S7[x[11]]^S7[x[ 7]]; - - l = X[0]^S4[x[13]]^S5[x[15]]^S6[x[12]]^S7[x[14]]^S6[x[ 8]]; - CAST_exp(l, Z, z, 0); - l = X[2]^S4[z[ 0]]^S5[z[ 2]]^S6[z[ 1]]^S7[z[ 3]]^S7[x[10]]; - CAST_exp(l, Z, z, 4); - l = X[3]^S4[z[ 7]]^S5[z[ 6]]^S6[z[ 5]]^S7[z[ 4]]^S4[x[ 9]]; - CAST_exp(l, Z, z, 8); - l = X[1]^S4[z[10]]^S5[z[ 9]]^S6[z[11]]^S7[z[ 8]]^S5[x[11]]; - CAST_exp(l, Z,z, 12); - - K[8] = S4[z[ 3]]^S5[z[ 2]]^S6[z[12]]^S7[z[13]]^S4[z[ 9]]; - K[9] = S4[z[ 1]]^S5[z[ 0]]^S6[z[14]]^S7[z[15]]^S5[z[12]]; - K[10] = S4[z[ 7]]^S5[z[ 6]]^S6[z[ 8]]^S7[z[ 9]]^S6[z[ 2]]; - K[11] = S4[z[ 5]]^S5[z[ 4]]^S6[z[10]]^S7[z[11]]^S7[z[ 6]]; - - l = Z[2]^S4[z[ 5]]^S5[z[ 7]]^S6[z[ 4]]^S7[z[ 6]]^S6[z[ 0]]; - CAST_exp(l, X, x, 0); - l = Z[0]^S4[x[ 0]]^S5[x[ 2]]^S6[x[ 1]]^S7[x[ 3]]^S7[z[ 2]]; - CAST_exp(l, X, x, 4); - l = Z[1]^S4[x[ 7]]^S5[x[ 6]]^S6[x[ 5]]^S7[x[ 4]]^S4[z[ 1]]; - CAST_exp(l, X, x, 8); - l = Z[3]^S4[x[10]]^S5[x[ 9]]^S6[x[11]]^S7[x[ 8]]^S5[z[ 3]]; - CAST_exp(l, X,x, 12); - - K[12] = S4[x[ 8]]^S5[x[ 9]]^S6[x[ 7]]^S7[x[ 6]]^S4[x[ 3]]; - K[13] = S4[x[10]]^S5[x[11]]^S6[x[ 5]]^S7[x[ 4]]^S5[x[ 7]]; - K[14] = S4[x[12]]^S5[x[13]]^S6[x[ 3]]^S7[x[ 2]]^S6[x[ 8]]; - K[15] = S4[x[14]]^S5[x[15]]^S6[x[ 1]]^S7[x[ 0]]^S7[x[13]]; - if (K != k) - break; - K += 16; - } - - for (i = 0; i < 16; i++) { - key->data[i*2] = k[i]; - key->data[i*2 + 1] = ((k[i + 16]) + 16)&0x1f; - } -} -LCRYPTO_ALIAS(CAST_set_key); - -void -CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, - const CAST_KEY *ks, unsigned char *iv, int enc) -{ - CAST_LONG tin0, tin1; - CAST_LONG tout0, tout1, xor0, xor1; - long l = length; - CAST_LONG tin[2]; - - if (enc) { - n2l(iv, tout0); - n2l(iv, tout1); - iv -= 8; - for (l -= 8; l >= 0; l -= 8) { - n2l(in, tin0); - n2l(in, tin1); - tin0 ^= tout0; - tin1 ^= tout1; - tin[0] = tin0; - tin[1] = tin1; - CAST_encrypt(tin, ks); - tout0 = tin[0]; - tout1 = tin[1]; - l2n(tout0, out); - l2n(tout1, out); - } - if (l != -8) { - n2ln(in, tin0, tin1, l + 8); - tin0 ^= tout0; - tin1 ^= tout1; - tin[0] = tin0; - tin[1] = tin1; - CAST_encrypt(tin, ks); - tout0 = tin[0]; - tout1 = tin[1]; - l2n(tout0, out); - l2n(tout1, out); - } - l2n(tout0, iv); - l2n(tout1, iv); - } else { - n2l(iv, xor0); - n2l(iv, xor1); - iv -= 8; - for (l -= 8; l >= 0; l -= 8) { - n2l(in, tin0); - n2l(in, tin1); - tin[0] = tin0; - tin[1] = tin1; - CAST_decrypt(tin, ks); - tout0 = tin[0]^xor0; - tout1 = tin[1]^xor1; - l2n(tout0, out); - l2n(tout1, out); - xor0 = tin0; - xor1 = tin1; - } - if (l != -8) { - n2l(in, tin0); - n2l(in, tin1); - tin[0] = tin0; - tin[1] = tin1; - CAST_decrypt(tin, ks); - tout0 = tin[0]^xor0; - tout1 = tin[1]^xor1; - l2nn(tout0, tout1, out, l + 8); - xor0 = tin0; - xor1 = tin1; - } - l2n(xor0, iv); - l2n(xor1, iv); - } - tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0; - tin[0] = tin[1] = 0; -} -LCRYPTO_ALIAS(CAST_cbc_encrypt); - -/* - * The input and output encrypted as though 64bit cfb mode is being - * used. The extra state information to record how much of the - * 64bit block we have used is contained in *num; - */ - -void -CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out, - long length, const CAST_KEY *schedule, unsigned char *ivec, - int *num, int enc) -{ - CAST_LONG v0, v1, t; - int n= *num; - long l = length; - CAST_LONG ti[2]; - unsigned char *iv, c, cc; - - iv = ivec; - if (enc) { - while (l--) { - if (n == 0) { - n2l(iv, v0); - ti[0] = v0; - n2l(iv, v1); - ti[1] = v1; - CAST_encrypt((CAST_LONG *)ti, schedule); - iv = ivec; - t = ti[0]; - l2n(t, iv); - t = ti[1]; - l2n(t, iv); - iv = ivec; - } - c= *(in++)^iv[n]; - *(out++) = c; - iv[n] = c; - n = (n + 1)&0x07; - } - } else { - while (l--) { - if (n == 0) { - n2l(iv, v0); - ti[0] = v0; - n2l(iv, v1); - ti[1] = v1; - CAST_encrypt((CAST_LONG *)ti, schedule); - iv = ivec; - t = ti[0]; - l2n(t, iv); - t = ti[1]; - l2n(t, iv); - iv = ivec; - } - cc= *(in++); - c = iv[n]; - iv[n] = cc; - *(out++) = c^cc; - n = (n + 1)&0x07; - } - } - v0 = v1 = ti[0] = ti[1] = t=c = cc = 0; - *num = n; -} -LCRYPTO_ALIAS(CAST_cfb64_encrypt); - -void -CAST_ecb_encrypt(const unsigned char *in, unsigned char *out, - const CAST_KEY *ks, int enc) -{ - CAST_LONG l, d[2]; - - n2l(in, l); - d[0] = l; - n2l(in, l); - d[1] = l; - if (enc) - CAST_encrypt(d, ks); - else - CAST_decrypt(d, ks); - l = d[0]; - l2n(l, out); - l = d[1]; - l2n(l, out); - l = d[0] = d[1] = 0; -} -LCRYPTO_ALIAS(CAST_ecb_encrypt); - -/* - * The input and output encrypted as though 64bit ofb mode is being - * used. The extra state information to record how much of the - * 64bit block we have used is contained in *num; - */ -void -CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out, - long length, const CAST_KEY *schedule, unsigned char *ivec, - int *num) -{ - CAST_LONG v0, v1, t; - int n= *num; - long l = length; - unsigned char d[8]; - char *dp; - CAST_LONG ti[2]; - unsigned char *iv; - int save = 0; - - iv = ivec; - n2l(iv, v0); - n2l(iv, v1); - ti[0] = v0; - ti[1] = v1; - dp = (char *)d; - l2n(v0, dp); - l2n(v1, dp); - while (l--) { - if (n == 0) { - CAST_encrypt((CAST_LONG *)ti, schedule); - dp = (char *)d; - t = ti[0]; - l2n(t, dp); - t = ti[1]; - l2n(t, dp); - save++; - } - *(out++)= *(in++)^d[n]; - n = (n + 1)&0x07; - } - if (save) { - v0 = ti[0]; - v1 = ti[1]; - iv = ivec; - l2n(v0, iv); - l2n(v1, iv); - } - t = v0 = v1 = ti[0] = ti[1] = 0; - *num = n; -} -LCRYPTO_ALIAS(CAST_ofb64_encrypt); diff --git a/src/lib/libcrypto/cast/cast.h b/src/lib/libcrypto/cast/cast.h deleted file mode 100644 index 5c12d91f97..0000000000 --- a/src/lib/libcrypto/cast/cast.h +++ /dev/null @@ -1,99 +0,0 @@ -/* $OpenBSD: cast.h,v 1.14 2025/01/25 17:59:44 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_CAST_H -#define HEADER_CAST_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#define CAST_ENCRYPT 1 -#define CAST_DECRYPT 0 - -#define CAST_LONG unsigned int - -#define CAST_BLOCK 8 -#define CAST_KEY_LENGTH 16 - -typedef struct cast_key_st { - CAST_LONG data[32]; - int short_key; /* Use reduced rounds for short key */ -} CAST_KEY; - -void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data); -void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out, const CAST_KEY *key, - int enc); -void CAST_encrypt(CAST_LONG *data, const CAST_KEY *key); -void CAST_decrypt(CAST_LONG *data, const CAST_KEY *key); -void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, - const CAST_KEY *ks, unsigned char *iv, int enc); -void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out, - long length, const CAST_KEY *schedule, unsigned char *ivec, - int *num, int enc); -void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out, - long length, const CAST_KEY *schedule, unsigned char *ivec, - int *num); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/cast/cast_local.h b/src/lib/libcrypto/cast/cast_local.h deleted file mode 100644 index 5fb9911105..0000000000 --- a/src/lib/libcrypto/cast/cast_local.h +++ /dev/null @@ -1,216 +0,0 @@ -/* $OpenBSD: cast_local.h,v 1.2 2023/07/08 07:25:43 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#undef c2l -#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \ - l|=((unsigned long)(*((c)++)))<< 8L, \ - l|=((unsigned long)(*((c)++)))<<16L, \ - l|=((unsigned long)(*((c)++)))<<24L) - -/* NOTE - c is not incremented as per c2l */ -#undef c2ln -#define c2ln(c,l1,l2,n) { \ - c+=n; \ - l1=l2=0; \ - switch (n) { \ - case 8: l2 =((unsigned long)(*(--(c))))<<24L; \ - case 7: l2|=((unsigned long)(*(--(c))))<<16L; \ - case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \ - case 5: l2|=((unsigned long)(*(--(c)))); \ - case 4: l1 =((unsigned long)(*(--(c))))<<24L; \ - case 3: l1|=((unsigned long)(*(--(c))))<<16L; \ - case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \ - case 1: l1|=((unsigned long)(*(--(c)))); \ - } \ - } - -#undef l2c -#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>24L)&0xff)) - -/* NOTE - c is not incremented as per l2c */ -#undef l2cn -#define l2cn(l1,l2,c,n) { \ - c+=n; \ - switch (n) { \ - case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \ - case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \ - case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \ - case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \ - case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \ - case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \ - case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \ - case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \ - } \ - } - -/* NOTE - c is not incremented as per n2l */ -#define n2ln(c,l1,l2,n) { \ - c+=n; \ - l1=l2=0; \ - switch (n) { \ - case 8: l2 =((unsigned long)(*(--(c)))) ; \ - case 7: l2|=((unsigned long)(*(--(c))))<< 8; \ - case 6: l2|=((unsigned long)(*(--(c))))<<16; \ - case 5: l2|=((unsigned long)(*(--(c))))<<24; \ - case 4: l1 =((unsigned long)(*(--(c)))) ; \ - case 3: l1|=((unsigned long)(*(--(c))))<< 8; \ - case 2: l1|=((unsigned long)(*(--(c))))<<16; \ - case 1: l1|=((unsigned long)(*(--(c))))<<24; \ - } \ - } - -/* NOTE - c is not incremented as per l2n */ -#define l2nn(l1,l2,c,n) { \ - c+=n; \ - switch (n) { \ - case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \ - case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \ - case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \ - case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \ - case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \ - case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \ - case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \ - case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \ - } \ - } - -#undef n2l -#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \ - l|=((unsigned long)(*((c)++)))<<16L, \ - l|=((unsigned long)(*((c)++)))<< 8L, \ - l|=((unsigned long)(*((c)++)))) - -#undef l2n -#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ - *((c)++)=(unsigned char)(((l) )&0xff)) - -/* only invoked with 0 <= n <= 31 */ -#define ROTL(a,n) ((((a)<<(n))&0xffffffffL)|((a)>>((32-(n))&31))) - -#define C_M 0x3fc -#define C_0 22L -#define C_1 14L -#define C_2 6L -#define C_3 2L /* left shift */ - -/* The rotate has an extra 16 added to it to help the x86 asm */ -#if defined(CAST_PTR) -#define E_CAST(n,key,L,R,OP1,OP2,OP3) \ - { \ - int i; \ - t=(key[n*2] OP1 R)&0xffffffffL; \ - i=key[n*2+1]; \ - t=ROTL(t,i); \ - L^= (((((*(CAST_LONG *)((unsigned char *) \ - CAST_S_table0+((t>>C_2)&C_M)) OP2 \ - *(CAST_LONG *)((unsigned char *) \ - CAST_S_table1+((t<>C_0)&C_M)))&0xffffffffL) OP1 \ - *(CAST_LONG *)((unsigned char *) \ - CAST_S_table3+((t>>C_1)&C_M)))&0xffffffffL; \ - } -#elif defined(CAST_PTR2) -#define E_CAST(n,key,L,R,OP1,OP2,OP3) \ - { \ - int i; \ - CAST_LONG u,v,w; \ - w=(key[n*2] OP1 R)&0xffffffffL; \ - i=key[n*2+1]; \ - w=ROTL(w,i); \ - u=w>>C_2; \ - v=w<>C_0; \ - t=(t OP2 *(CAST_LONG *)((unsigned char *)CAST_S_table1+v))&0xffffffffL;\ - v=w>>C_1; \ - u&=C_M; \ - v&=C_M; \ - t=(t OP3 *(CAST_LONG *)((unsigned char *)CAST_S_table2+u)&0xffffffffL);\ - t=(t OP1 *(CAST_LONG *)((unsigned char *)CAST_S_table3+v)&0xffffffffL);\ - L^=(t&0xffffffff); \ - } -#else -#define E_CAST(n,key,L,R,OP1,OP2,OP3) \ - { \ - CAST_LONG a,b,c,d; \ - t=(key[n*2] OP1 R)&0xffffffff; \ - t=ROTL(t,(key[n*2+1])); \ - a=CAST_S_table0[(t>> 8)&0xff]; \ - b=CAST_S_table1[(t )&0xff]; \ - c=CAST_S_table2[(t>>24)&0xff]; \ - d=CAST_S_table3[(t>>16)&0xff]; \ - L^=(((((a OP2 b)&0xffffffffL) OP3 c)&0xffffffffL) OP1 d)&0xffffffffL; \ - } -#endif - -extern const CAST_LONG CAST_S_table0[256]; -extern const CAST_LONG CAST_S_table1[256]; -extern const CAST_LONG CAST_S_table2[256]; -extern const CAST_LONG CAST_S_table3[256]; -extern const CAST_LONG CAST_S_table4[256]; -extern const CAST_LONG CAST_S_table5[256]; -extern const CAST_LONG CAST_S_table6[256]; -extern const CAST_LONG CAST_S_table7[256]; diff --git a/src/lib/libcrypto/cert.pem b/src/lib/libcrypto/cert.pem deleted file mode 100644 index a7fd3519fb..0000000000 --- a/src/lib/libcrypto/cert.pem +++ /dev/null @@ -1,7073 +0,0 @@ -# $OpenBSD: cert.pem,v 1.31 2025/03/16 07:44:35 tb Exp $ -### /C=ES/CN=Autoridad de Certificacion Firmaprofesional CIF A62634068 - -=== /C=ES/CN=Autoridad de Certificacion Firmaprofesional CIF A62634068 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 1977337328857672817 (0x1b70e9d2ffae6c71) - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Sep 23 15:22:07 2014 GMT - Not After : May 5 15:22:07 2036 GMT - Subject: C=ES, CN=Autoridad de Certificacion Firmaprofesional CIF A62634068 - X509v3 extensions: - X509v3 Subject Key Identifier: - 65:CD:EB:AB:35:1E:00:3E:7E:D5:74:C0:1C:B4:73:47:0E:1A:64:2F - X509v3 Basic Constraints: critical - CA:TRUE, pathlen:1 - X509v3 Certificate Policies: - Policy: X509v3 Any Policy - CPS: http://www.firmaprofesional.com/cps - User Notice: - Explicit Text: - - X509v3 Key Usage: critical - Certificate Sign, CRL Sign -SHA1 Fingerprint=0B:BE:C2:27:22:49:CB:39:AA:DB:35:5C:53:E3:8C:AE:78:FF:B6:FE -SHA256 Fingerprint=57:DE:05:83:EF:D2:B2:6E:03:61:DA:99:DA:9D:F4:64:8D:EF:7E:E8:44:1C:3B:72:8A:FA:9B:CD:E0:F9:B2:6A ------BEGIN CERTIFICATE----- -MIIGFDCCA/ygAwIBAgIIG3Dp0v+ubHEwDQYJKoZIhvcNAQELBQAwUTELMAkGA1UE -BhMCRVMxQjBABgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1h -cHJvZmVzaW9uYWwgQ0lGIEE2MjYzNDA2ODAeFw0xNDA5MjMxNTIyMDdaFw0zNjA1 -MDUxNTIyMDdaMFExCzAJBgNVBAYTAkVTMUIwQAYDVQQDDDlBdXRvcmlkYWQgZGUg -Q2VydGlmaWNhY2lvbiBGaXJtYXByb2Zlc2lvbmFsIENJRiBBNjI2MzQwNjgwggIi -MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKlmuO6vj78aI14H9M2uDDUtd9 -thDIAl6zQyrET2qyyhxdKJp4ERppWVevtSBC5IsP5t9bpgOSL/UR5GLXMnE42QQM -cas9UX4PB99jBVzpv5RvwSmCwLTaUbDBPLutN0pcyvFLNg4kq7/DhHf9qFD0sefG -L9ItWY16Ck6WaVICqjaY7Pz6FIMMNx/Jkjd/14Et5cS54D40/mf0PmbR0/RAz15i -NA9wBj4gGFrO93IbJWyTdBSTo3OxDqqHECNZXyAFGUftaI6SEspd/NYrspI8IM/h -X68gvqB2f3bl7BqGYTM+53u0P6APjqK5am+5hyZvQWyIplD9amML9ZMWGxmPsu2b -m8mQ9QEM3xk9Dz44I8kvjwzRAv4bVdZO0I08r0+k8/6vKtMFnXkIoctXMbScyJCy -Z/QYFpM6/EfY0XiWMR+6KwxfXZmtY4laJCB22N/9q06mIqqdXuYnin1oKaPnirja -EbsXLZmdEyRG98Xi2J+Of8ePdG1asuhy9azuJBCtLxTa/y2aRnFHvkLfuwHb9H/T -KI8xWVvTyQKmtFLKbpf7Q8UIJm+K9Lv9nyiqDdVF8xM6HdjAeI9BZzwelGSuewvF -6NkBiDkal4ZkQdU7hwxu+g/GvUgUvzlN1J5Bto+WHWOWk9mVBngxaJ43BjuAiUVh -OSPHG0SjFeUc+JIwuwIDAQABo4HvMIHsMB0GA1UdDgQWBBRlzeurNR4APn7VdMAc -tHNHDhpkLzASBgNVHRMBAf8ECDAGAQH/AgEBMIGmBgNVHSAEgZ4wgZswgZgGBFUd -IAAwgY8wLwYIKwYBBQUHAgEWI2h0dHA6Ly93d3cuZmlybWFwcm9mZXNpb25hbC5j -b20vY3BzMFwGCCsGAQUFBwICMFAeTgBQAGEAcwBlAG8AIABkAGUAIABsAGEAIABC -AG8AbgBhAG4AbwB2AGEAIAA0ADcAIABCAGEAcgBjAGUAbABvAG4AYQAgADAAOAAw -ADEANzAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggIBAHSHKAIrdx9m -iWTtj3QuRhy7qPj4Cx2Dtjqn6EWKB7fgPiDL4QjbEwj4KKE1soCzC1HA01aajTNF -Sa9J8OA9B3pFE1r/yJfY0xgsfZb43aJlQ3CTkBW6kN/oGbDbLIpgD7dvlAceHabJ -hfa9NPhAeGIQcDq+fUs5gakQ1JZBu/hfHAsdCPKxsIl68veg4MSPi3i1O1ilI45P -Vf42O+AMt8oqMEEgtIDNrvx2ZnOorm7hfNoD6JQg5iKj0B+QXSBTFCZX2lSX3xZE -EAEeiGaPcjiT3SC3NL7X8e5jjkd5KAb881lFJWAiMxujX6i6KtoaPc1A6ozuBRWV -1aUsIC+nmCjuRfzxuIgALI9C2lHVnOUTaHFFQ4ueCyE8S1wF3BqfmI7avSKecs2t -CsvMo2ebKHTEm9caPARYpoKdrcd7b/+Alun4jWq9GJAd/0kakFI3ky88Al2CdgtR -5xbHV/g4+afNmyJU72OwFW1TZQNKXkqgsqeOSQBZONXH9IBk9W6VULgRfhVwOEqw -f9DEMnDAGf/JOC0ULGb0QkTmVXYbgBVX/8Cnp6o5qtjTcNAuuuuUavpfNIbnYrX9 -ivAwhZTJryQCL2/W3Wf+47BVTwSYT6RBVuKT0Gro1vP7ZeDOdcQxWQzugsgMYDNK -GbqEZycPvEJdvSRUDewdcAZfpLz6IHxV ------END CERTIFICATE----- - -### ACCV - -=== /CN=ACCVRAIZ1/OU=PKIACCV/O=ACCV/C=ES -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 6828503384748696800 (0x5ec3b7a6437fa4e0) - Signature Algorithm: sha1WithRSAEncryption - Validity - Not Before: May 5 09:37:37 2011 GMT - Not After : Dec 31 09:37:37 2030 GMT - Subject: CN=ACCVRAIZ1, OU=PKIACCV, O=ACCV, C=ES - X509v3 extensions: - Authority Information Access: - CA Issuers - URI:http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1.crt - OCSP - URI:http://ocsp.accv.es - - X509v3 Subject Key Identifier: - D2:87:B4:E3:DF:37:27:93:55:F6:56:EA:81:E5:36:CC:8C:1E:3F:BD - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Authority Key Identifier: - keyid:D2:87:B4:E3:DF:37:27:93:55:F6:56:EA:81:E5:36:CC:8C:1E:3F:BD - - X509v3 Certificate Policies: - Policy: X509v3 Any Policy - User Notice: - Explicit Text: - CPS: http://www.accv.es/legislacion_c.htm - - X509v3 CRL Distribution Points: - - Full Name: - URI:http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl - - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Alternative Name: - email:accv@accv.es -SHA1 Fingerprint=93:05:7A:88:15:C6:4F:CE:88:2F:FA:91:16:52:28:78:BC:53:64:17 -SHA256 Fingerprint=9A:6E:C0:12:E1:A7:DA:9D:BE:34:19:4D:47:8A:D7:C0:DB:18:22:FB:07:1D:F1:29:81:49:6E:D1:04:38:41:13 ------BEGIN CERTIFICATE----- -MIIH0zCCBbugAwIBAgIIXsO3pkN/pOAwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UE -AwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQsw -CQYDVQQGEwJFUzAeFw0xMTA1MDUwOTM3MzdaFw0zMDEyMzEwOTM3MzdaMEIxEjAQ -BgNVBAMMCUFDQ1ZSQUlaMTEQMA4GA1UECwwHUEtJQUNDVjENMAsGA1UECgwEQUND -VjELMAkGA1UEBhMCRVMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCb -qau/YUqXry+XZpp0X9DZlv3P4uRm7x8fRzPCRKPfmt4ftVTdFXxpNRFvu8gMjmoY -HtiP2Ra8EEg2XPBjs5BaXCQ316PWywlxufEBcoSwfdtNgM3802/J+Nq2DoLSRYWo -G2ioPej0RGy9ocLLA76MPhMAhN9KSMDjIgro6TenGEyxCQ0jVn8ETdkXhBilyNpA -lHPrzg5XPAOBOp0KoVdDaaxXbXmQeOW1tDvYvEyNKKGno6e6Ak4l0Squ7a4DIrhr -IA8wKFSVf+DuzgpmndFALW4ir50awQUZ0m/A8p/4e7MCQvtQqR0tkw8jq8bBD5L/ -0KIV9VMJcRz/RROE5iZe+OCIHAr8Fraocwa48GOEAqDGWuzndN9wrqODJerWx5eH -k6fGioozl2A3ED6XPm4pFdahD9GILBKfb6qkxkLrQaLjlUPTAYVtjrs78yM2x/47 -4KElB0iryYl0/wiPgL/AlmXz7uxLaL2diMMxs0Dx6M/2OLuc5NF/1OVYm3z61PMO -m3WR5LpSLhl+0fXNWhn8ugb2+1KoS5kE3fj5tItQo05iifCHJPqDQsGH+tUtKSpa -cXpkatcnYGMN285J9Y0fkIkyF/hzQ7jSWpOGYdbhdQrqeWZ2iE9x6wQl1gpaepPl -uUsXQA+xtrn13k/c4LOsOxFwYIRKQ26ZIMApcQrAZQIDAQABo4ICyzCCAscwfQYI -KwYBBQUHAQEEcTBvMEwGCCsGAQUFBzAChkBodHRwOi8vd3d3LmFjY3YuZXMvZmls -ZWFkbWluL0FyY2hpdm9zL2NlcnRpZmljYWRvcy9yYWl6YWNjdjEuY3J0MB8GCCsG -AQUFBzABhhNodHRwOi8vb2NzcC5hY2N2LmVzMB0GA1UdDgQWBBTSh7Tj3zcnk1X2 -VuqB5TbMjB4/vTAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNKHtOPfNyeT -VfZW6oHlNsyMHj+9MIIBcwYDVR0gBIIBajCCAWYwggFiBgRVHSAAMIIBWDCCASIG -CCsGAQUFBwICMIIBFB6CARAAQQB1AHQAbwByAGkAZABhAGQAIABkAGUAIABDAGUA -cgB0AGkAZgBpAGMAYQBjAGkA8wBuACAAUgBhAO0AegAgAGQAZQAgAGwAYQAgAEEA -QwBDAFYAIAAoAEEAZwBlAG4AYwBpAGEAIABkAGUAIABUAGUAYwBuAG8AbABvAGcA -7QBhACAAeQAgAEMAZQByAHQAaQBmAGkAYwBhAGMAaQDzAG4AIABFAGwAZQBjAHQA -cgDzAG4AaQBjAGEALAAgAEMASQBGACAAUQA0ADYAMAAxADEANQA2AEUAKQAuACAA -QwBQAFMAIABlAG4AIABoAHQAdABwADoALwAvAHcAdwB3AC4AYQBjAGMAdgAuAGUA -czAwBggrBgEFBQcCARYkaHR0cDovL3d3dy5hY2N2LmVzL2xlZ2lzbGFjaW9uX2Mu -aHRtMFUGA1UdHwROMEwwSqBIoEaGRGh0dHA6Ly93d3cuYWNjdi5lcy9maWxlYWRt -aW4vQXJjaGl2b3MvY2VydGlmaWNhZG9zL3JhaXphY2N2MV9kZXIuY3JsMA4GA1Ud -DwEB/wQEAwIBBjAXBgNVHREEEDAOgQxhY2N2QGFjY3YuZXMwDQYJKoZIhvcNAQEF -BQADggIBAJcxAp/n/UNnSEQU5CmH7UwoZtCPNdpNYbdKl02125DgBS4OxnnQ8pdp -D70ER9m+27Up2pvZrqmZ1dM8MJP1jaGo/AaNRPTKFpV8M9xii6g3+CfYCS0b78gU -JyCpZET/LtZ1qmxNYEAZSUNUY9rizLpm5U9EelvZaoErQNV/+QEnWCzI7UiRfD+m -AM/EKXMRNt6GGT6d7hmKG9Ww7Y49nCrADdg9ZuM8Db3VlFzi4qc1GwQA9j9ajepD -vV+JHanBsMyZ4k0ACtrJJ1vnE5Bc5PUzolVt3OAJTS+xJlsndQAJxGJ3KQhfnlms -tn6tn1QwIgPBHnFk/vk4CpYY3QIUrCPLBhwepH2NDd4nQeit2hW3sCPdK6jT2iWH -7ehVRE2I9DZ+hJp4rPcOVkkO1jMl1oRQQmwgEh0q1b688nCBpHBgvgW1m54ERL5h -I6zppSSMEYCUWqKiuUnSwdzRp+0xESyeGabu4VXhwOrPDYTkF7eifKXeVSUG7szA -h1xA2syVP1XgNce4hL60Xc16gwFy7ofmXx2utYXGJt/mwZrpHgJHnyqobalbz+xF -d3+YJ5oyXSrjhO7FmGYvliAd3djDJ9ew+f7Zfc3Qn48LFFhRny+Lwzgt3uiP1o2H -pPVWQxaZLPSkVrQ0uGE3ycJYgBugl6H8WY3pEfbRD0tVNEYqi4Y7 ------END CERTIFICATE----- - -### ANF Autoridad de Certificacion - -=== /serialNumber=G63287510/C=ES/O=ANF Autoridad de Certificacion/OU=ANF CA Raiz/CN=ANF Secure Server Root CA -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 996390341000653745 (0xdd3e3bc6cf96bb1) - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Sep 4 10:00:38 2019 GMT - Not After : Aug 30 10:00:38 2039 GMT - Subject: serialNumber=G63287510, C=ES, O=ANF Autoridad de Certificacion, OU=ANF CA Raiz, CN=ANF Secure Server Root CA - X509v3 extensions: - X509v3 Authority Key Identifier: - keyid:9C:5F:D0:6C:63:A3:5F:93:CA:93:98:08:AD:8C:87:A5:2C:5C:C1:37 - - X509v3 Subject Key Identifier: - 9C:5F:D0:6C:63:A3:5F:93:CA:93:98:08:AD:8C:87:A5:2C:5C:C1:37 - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE -SHA1 Fingerprint=5B:6E:68:D0:CC:15:B6:A0:5F:1E:C1:5F:AE:02:FC:6B:2F:5D:6F:74 -SHA256 Fingerprint=FB:8F:EC:75:91:69:B9:10:6B:1E:51:16:44:C6:18:C5:13:04:37:3F:6C:06:43:08:8D:8B:EF:FD:1B:99:75:99 ------BEGIN CERTIFICATE----- -MIIF7zCCA9egAwIBAgIIDdPjvGz5a7EwDQYJKoZIhvcNAQELBQAwgYQxEjAQBgNV -BAUTCUc2MzI4NzUxMDELMAkGA1UEBhMCRVMxJzAlBgNVBAoTHkFORiBBdXRvcmlk -YWQgZGUgQ2VydGlmaWNhY2lvbjEUMBIGA1UECxMLQU5GIENBIFJhaXoxIjAgBgNV -BAMTGUFORiBTZWN1cmUgU2VydmVyIFJvb3QgQ0EwHhcNMTkwOTA0MTAwMDM4WhcN -MzkwODMwMTAwMDM4WjCBhDESMBAGA1UEBRMJRzYzMjg3NTEwMQswCQYDVQQGEwJF -UzEnMCUGA1UEChMeQU5GIEF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uMRQwEgYD -VQQLEwtBTkYgQ0EgUmFpejEiMCAGA1UEAxMZQU5GIFNlY3VyZSBTZXJ2ZXIgUm9v -dCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANvrayvmZFSVgpCj -cqQZAZ2cC4Ffc0m6p6zzBE57lgvsEeBbphzOG9INgxwruJ4dfkUyYA8H6XdYfp9q -yGFOtibBTI3/TO80sh9l2Ll49a2pcbnvT1gdpd50IJeh7WhM3pIXS7yr/2WanvtH -2Vdy8wmhrnZEE26cLUQ5vPnHO6RYPUG9tMJJo8gN0pcvB2VSAKduyK9o7PQUlrZX -H1bDOZ8rbeTzPvY1ZNoMHKGESy9LS+IsJJ1tk0DrtSOOMspvRdOoiXsezx76W0OL -zc2oD2rKDF65nkeP8Nm2CgtYZRczuSPkdxl9y0oukntPLxB3sY0vaJxizOBQ+OyR -p1RMVwnVdmPF6GUe7m1qzwmd+nxPrWAI/VaZDxUse6mAq4xhj0oHdkLePfTdsiQz -W7i1o0TJrH93PB0j7IKppuLIBkwC/qxcmZkLLxCKpvR/1Yd0DVlJRfbwcVw5Kda/ -SiOL9V8BY9KHcyi1Swr1+KuCLH5zJTIdC2MKF4EA/7Z2Xue0sUDKIbvVgFHlSFJn -LNJhiQcND85Cd8BEc5xEUKDbEAotlRyBr+Qc5RQe8TZBAQIvfXOn3kLMTOmJDVb3 -n5HUA8ZsyY/b2BzgQJhdZpmYgG4t/wHFzstGH6wCxkPmrqKEPMVOHj1tyRRM4y5B -u8o5vzY8KhmqQYdOpc5LMnndkEl/AgMBAAGjYzBhMB8GA1UdIwQYMBaAFJxf0Gxj -o1+TypOYCK2Mh6UsXME3MB0GA1UdDgQWBBScX9BsY6Nfk8qTmAitjIelLFzBNzAO -BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOC -AgEATh65isagmD9uw2nAalxJUqzLK114OMHVVISfk/CHGT0sZonrDUL8zPB1hT+L -9IBdeeUXZ701guLyPI59WzbLWoAAKfLOKyzxj6ptBZNscsdW699QIyjlRRA96Gej -rw5VD5AJYu9LWaL2U/HANeQvwSS9eS9OICI7/RogsKQOLHDtdD+4E5UGUcjohybK -pFtqFiGS3XNgnhAY3jyB6ugYw3yJ8otQPr0R4hUDqDZ9MwFsSBXXiJCZBMXM5gf0 -vPSQ7RPi6ovDj6MzD8EpTBNO2hVWcXNyglD2mjN8orGoGjR0ZVzO0eurU+AagNjq -OknkJjCb5RyKqKkVMoaZkgoQI1YS4PbOTOK7vtuNknMBZi9iPrJyJ0U27U1W45eZ -/zo1PqVUSlJZS2Db7v54EX9K3BR5YLZrZAPbFYPhor72I5dQ8AkzNqdxliXzuUJ9 -2zg/LFis6ELhDtjTO0wugumDLmsx2d1Hhk9tl5EuT+IocTUW0fJz/iUrB0ckYyfI -+PbZa/wSMVYIwFNCr5zQM378BvAxRAMU8Vjq8moNqRGyg77FGr8H6lnco4g175x2 -MjxNBiLOFeXdntiP2t7SxDnlF4HPOEfrf4htWRvfn0IUrn7PqLBmZdo3r5+qPeoo -tt7VMVgWglvquxl1AnMaykgaIZOQCo6ThKd9OyMYkomgjaw= ------END CERTIFICATE----- - -### Actalis S.p.A./03358520967 - -=== /C=IT/L=Milan/O=Actalis S.p.A./03358520967/CN=Actalis Authentication Root CA -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 6271844772424770508 (0x570a119742c4e3cc) - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Sep 22 11:22:02 2011 GMT - Not After : Sep 22 11:22:02 2030 GMT - Subject: C=IT, L=Milan, O=Actalis S.p.A./03358520967, CN=Actalis Authentication Root CA - X509v3 extensions: - X509v3 Subject Key Identifier: - 52:D8:88:3A:C8:9F:78:66:ED:89:F3:7B:38:70:94:C9:02:02:36:D0 - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Authority Key Identifier: - keyid:52:D8:88:3A:C8:9F:78:66:ED:89:F3:7B:38:70:94:C9:02:02:36:D0 - - X509v3 Key Usage: critical - Certificate Sign, CRL Sign -SHA1 Fingerprint=F3:73:B3:87:06:5A:28:84:8A:F2:F3:4A:CE:19:2B:DD:C7:8E:9C:AC -SHA256 Fingerprint=55:92:60:84:EC:96:3A:64:B9:6E:2A:BE:01:CE:0B:A8:6A:64:FB:FE:BC:C7:AA:B5:AF:C1:55:B3:7F:D7:60:66 ------BEGIN CERTIFICATE----- -MIIFuzCCA6OgAwIBAgIIVwoRl0LE48wwDQYJKoZIhvcNAQELBQAwazELMAkGA1UE -BhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8w -MzM1ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290 -IENBMB4XDTExMDkyMjExMjIwMloXDTMwMDkyMjExMjIwMlowazELMAkGA1UEBhMC -SVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1 -ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290IENB -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp8bEpSmkLO/lGMWwUKNv -UTufClrJwkg4CsIcoBh/kbWHuUA/3R1oHwiD1S0eiKD4j1aPbZkCkpAW1V8IbInX -4ay8IMKx4INRimlNAJZaby/ARH6jDuSRzVju3PvHHkVH3Se5CAGfpiEd9UEtL0z9 -KK3giq0itFZljoZUj5NDKd45RnijMCO6zfB9E1fAXdKDa0hMxKufgFpbOr3JpyI/ -gCczWw63igxdBzcIy2zSekciRDXFzMwujt0q7bd9Zg1fYVEiVRvjRuPjPdA1Yprb -rxTIW6HMiRvhMCb8oJsfgadHHwTrozmSBp+Z07/T6k9QnBn+locePGX2oxgkg4YQ -51Q+qDp2JE+BIcXjDwL4k5RHILv+1A7TaLndxHqEguNTVHnd25zS8gebLra8Pu2F -be8lEfKXGkJh90qX6IuxEAf6ZYGyojnP9zz/GPvG8VqLWeICrHuS0E4UT1lF9gxe -KF+w6D9Fz8+vm2/7hNN3WpVvrJSEnu68wEqPSpP4RCHiMUVhUE4Q2OM1fEwZtN4F -v6MGn8i1zeQf1xcGDXqVdFUNaBr8EBtiZJ1t4JWgw5QHVw0U5r0F+7if5t+L4sbn -fpb2U8WANFAoWPASUHEXMLrmeGO89LKtmyuy/uE5jF66CyCU3nuDuP/jVo23Eek7 -jPKxwV2dpAtMK9myGPW1n0sCAwEAAaNjMGEwHQYDVR0OBBYEFFLYiDrIn3hm7Ynz -ezhwlMkCAjbQMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUUtiIOsifeGbt -ifN7OHCUyQICNtAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQAL -e3KHwGCmSUyIWOYdiPcUZEim2FgKDk8TNd81HdTtBjHIgT5q1d07GjLukD0R0i70 -jsNjLiNmsGe+b7bAEzlgqqI0JZN1Ut6nna0Oh4lScWoWPBkdg/iaKWW+9D+a2fDz -WochcYBNy+A4mz+7+uAwTc+G02UQGRjRlwKxK3JCaKygvU5a2hi/a5iB0P2avl4V -SM0RFbnAKVy06Ij3Pjaut2L9HmLecHgQHEhb2rykOLpn7VU+Xlff1ANATIGk0k9j -pwlCCRT8AKnCgHNPLsBA2RF7SOp6AsDT6ygBJlh0wcBzIm2Tlf05fbsq4/aC4yyX -X04fkZT6/iyj2HYauE2yOE+b+h1IYHkm4vP9qdCa6HCPSXrW5b0KDtst842/6+Ok -fcvHlXHo2qN8xcL4dJIEG4aspCJTQLas/kx2z/uUMsA1n3Y/buWQbqCmJqK4LL7R -K4X9p2jIugErsWx0Hbhzlefut8cl8ABMALJ+tguLHPPAUJ4lueAI3jZm/zel0btU -ZCzJJ7VLkn5l/9Mt4blOvH+kQSGQQXemOR/qnuOf0GZvBeyqdn6/axag67XH/JJU -LysRJyU3eExRarDzzFhdFPFqSBX/wge2sY0PjlxQRrM9vwGYT7JZVEc+NHt4bVaT -LnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhlg== ------END CERTIFICATE----- - -### AffirmTrust - -=== /C=US/O=AffirmTrust/CN=AffirmTrust Commercial -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 8608355977964138876 (0x7777062726a9b17c) - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Jan 29 14:06:06 2010 GMT - Not After : Dec 31 14:06:06 2030 GMT - Subject: C=US, O=AffirmTrust, CN=AffirmTrust Commercial - X509v3 extensions: - X509v3 Subject Key Identifier: - 9D:93:C6:53:8B:5E:CA:AF:3F:9F:1E:0F:E5:99:95:BC:24:F6:94:8F - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign -SHA1 Fingerprint=F9:B5:B6:32:45:5F:9C:BE:EC:57:5F:80:DC:E9:6E:2C:C7:B2:78:B7 -SHA256 Fingerprint=03:76:AB:1D:54:C5:F9:80:3C:E4:B2:E2:01:A0:EE:7E:EF:7B:57:B6:36:E8:A9:3C:9B:8D:48:60:C9:6F:5F:A7 ------BEGIN CERTIFICATE----- -MIIDTDCCAjSgAwIBAgIId3cGJyapsXwwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UE -BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz -dCBDb21tZXJjaWFsMB4XDTEwMDEyOTE0MDYwNloXDTMwMTIzMTE0MDYwNlowRDEL -MAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZp -cm1UcnVzdCBDb21tZXJjaWFsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEA9htPZwcroRX1BiLLHwGy43NFBkRJLLtJJRTWzsO3qyxPxkEylFf6EqdbDuKP -Hx6GGaeqtS25Xw2Kwq+FNXkyLbscYjfysVtKPcrNcV/pQr6U6Mje+SJIZMblq8Yr -ba0F8PrVC8+a5fBQpIs7R6UjW3p6+DM/uO+Zl+MgwdYoic+U+7lF7eNAFxHUdPAL -MeIrJmqbTFeurCA+ukV6BfO9m2kVrn1OIGPENXY6BwLJN/3HR+7o8XYdcxXyl6S1 -yHp52UKqK39c/s4mT6NmgTWvRLpUHhwwMmWd5jyTXlBOeuM61G7MGvv50jeuJCqr -VwMiKA1JdX+3KNp1v47j3A55MQIDAQABo0IwQDAdBgNVHQ4EFgQUnZPGU4teyq8/ -nx4P5ZmVvCT2lI8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJ -KoZIhvcNAQELBQADggEBAFis9AQOzcAN/wr91LoWXym9e2iZWEnStB03TX8nfUYG -XUPGhi4+c7ImfU+TqbbEKpqrIZcUsd6M06uJFdhrJNTxFq7YpFzUf1GO7RgBsZNj -vbz4YYCanrHOQnDiqX0GJX0nof5v7LMeJNrjS1UaADs1tDvZ110w/YETifLCBivt -Z8SOyUOyXGsViQK8YvxO8rUzqrJv0wqiUOP2O+guRMLbZjipM1ZI8W0bM40NjD9g -N53Tym1+NH4Nn3J2ixufcv1SNUFFApYvHLKac0khsUlHRUe072o0EclNmsxZt9YC -nlpOZbWUrhvfKbAW8b8Angc6F2S1BLUjIZkKlTuXfO8= ------END CERTIFICATE----- -=== /C=US/O=AffirmTrust/CN=AffirmTrust Networking -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 8957382827206547757 (0x7c4f04391cd4992d) - Signature Algorithm: sha1WithRSAEncryption - Validity - Not Before: Jan 29 14:08:24 2010 GMT - Not After : Dec 31 14:08:24 2030 GMT - Subject: C=US, O=AffirmTrust, CN=AffirmTrust Networking - X509v3 extensions: - X509v3 Subject Key Identifier: - 07:1F:D2:E7:9C:DA:C2:6E:A2:40:B4:B0:7A:50:10:50:74:C4:C8:BD - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign -SHA1 Fingerprint=29:36:21:02:8B:20:ED:02:F5:66:C5:32:D1:D6:ED:90:9F:45:00:2F -SHA256 Fingerprint=0A:81:EC:5A:92:97:77:F1:45:90:4A:F3:8D:5D:50:9F:66:B5:E2:C5:8F:CD:B5:31:05:8B:0E:17:F3:F0:B4:1B ------BEGIN CERTIFICATE----- -MIIDTDCCAjSgAwIBAgIIfE8EORzUmS0wDQYJKoZIhvcNAQEFBQAwRDELMAkGA1UE -BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz -dCBOZXR3b3JraW5nMB4XDTEwMDEyOTE0MDgyNFoXDTMwMTIzMTE0MDgyNFowRDEL -MAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZp -cm1UcnVzdCBOZXR3b3JraW5nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEAtITMMxcua5Rsa2FSoOujz3mUTOWUgJnLVWREZY9nZOIG41w3SfYvm4SEHi3y -YJ0wTsyEheIszx6e/jarM3c1RNg1lho9Nuh6DtjVR6FqaYvZ/Ls6rnla1fTWcbua -kCNrmreIdIcMHl+5ni36q1Mr3Lt2PpNMCAiMHqIjHNRqrSK6mQEubWXLviRmVSRL -QESxG9fhwoXA3hA/Pe24/PHxI1Pcv2WXb9n5QHGNfb2V1M6+oF4nI979ptAmDgAp -6zxG8D1gvz9Q0twmQVGeFDdCBKNwV6gbh+0t+nvujArjqWaJGctB+d1ENmHP4ndG -yH329JKBNv3bNPFyfvMMFr20FQIDAQABo0IwQDAdBgNVHQ4EFgQUBx/S55zawm6i -QLSwelAQUHTEyL0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJ -KoZIhvcNAQEFBQADggEBAIlXshZ6qML91tmbmzTCnLQyFE2npN/svqe++EPbkTfO -tDIuUFUaNU52Q3Eg75N3ThVwLofDwR1t3Mu1J9QsVtFSUzpE0nPIxBsFZVpikpzu -QY0x2+c06lkh1QF612S4ZDnNye2v7UsDSKegmQGA3GWjNq5lWUhPgkvIZfFXHeVZ -Lgo/bNjR9eUJtGxUAArgFU2HdW23WJZa3W3SAKD0m0i+wzekujbgfIeFlxoVot4u -olu9rxj5kFDNcFn4J2dHy8egBzp90SxdbBk6ZrV9/ZFvgrG+CJPbFEfxojfHRZ48 -x3evZKiT3/Zpg4Jg8klCNO1aAFSFHBY2kgxc+qatv9s= ------END CERTIFICATE----- -=== /C=US/O=AffirmTrust/CN=AffirmTrust Premium -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 7893706540734352110 (0x6d8c1446b1a60aee) - Signature Algorithm: sha384WithRSAEncryption - Validity - Not Before: Jan 29 14:10:36 2010 GMT - Not After : Dec 31 14:10:36 2040 GMT - Subject: C=US, O=AffirmTrust, CN=AffirmTrust Premium - X509v3 extensions: - X509v3 Subject Key Identifier: - 9D:C0:67:A6:0C:22:D9:26:F5:45:AB:A6:65:52:11:27:D8:45:AC:63 - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign -SHA1 Fingerprint=D8:A6:33:2C:E0:03:6F:B1:85:F6:63:4F:7D:6A:06:65:26:32:28:27 -SHA256 Fingerprint=70:A7:3F:7F:37:6B:60:07:42:48:90:45:34:B1:14:82:D5:BF:0E:69:8E:CC:49:8D:F5:25:77:EB:F2:E9:3B:9A ------BEGIN CERTIFICATE----- -MIIFRjCCAy6gAwIBAgIIbYwURrGmCu4wDQYJKoZIhvcNAQEMBQAwQTELMAkGA1UE -BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVz -dCBQcmVtaXVtMB4XDTEwMDEyOTE0MTAzNloXDTQwMTIzMTE0MTAzNlowQTELMAkG -A1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1U -cnVzdCBQcmVtaXVtMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxBLf -qV/+Qd3d9Z+K4/as4Tx4mrzY8H96oDMq3I0gW64tb+eT2TZwamjPjlGjhVtnBKAQ -JG9dKILBl1fYSCkTtuG+kU3fhQxTGJoeJKJPj/CihQvL9Cl/0qRY7iZNyaqoe5rZ -+jjeRFcV5fiMyNlI4g0WJx0eyIOFJbe6qlVBzAMiSy2RjYvmia9mx+n/K+k8rNrS -s8PhaJyJ+HoAVt70VZVs+7pk3WKL3wt3MutizCaam7uqYoNMtAZ6MMgpv+0GTZe5 -HMQxK9VfvFMSF5yZVylmd2EhMQcuJUmdGPLu8ytxjLW6OQdJd/zvLpKQBY0tL3d7 -70O/Nbua2Plzpyzy0FfuKE4mX4+QaAkvuPjcBukumj5Rp9EixAqnOEhss/n/fauG -V+O61oV4d7pD6kh/9ti+I20ev9E2bFhc8e6kGVQa9QPSdubhjL08s9NIS+LI+H+S -qHZGnEJlPqQewQcDWkYtuJfzt9WyVSHvutxMAJf7FJUnM7/oQ0dG0giZFmA7mn7S -5u046uwBHjxIVkkJx0w3AJ6IDsBz4W9m6XJHMD4Q5QsDyZpCAGzFlH5hxIrff4Ia -C1nEWTJ3s7xgaVY5/bQGeyzWZDbZvUjthB9+pSKPKrhC9IK31FOQeE4tGv2Bb0TX -OwF0lkLgAOIua+rF7nKsu7/+6qqo+Nz2snmKtmcCAwEAAaNCMEAwHQYDVR0OBBYE -FJ3AZ6YMItkm9UWrpmVSESfYRaxjMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ -BAQDAgEGMA0GCSqGSIb3DQEBDAUAA4ICAQCzV00QYk465KzquByvMiPIs0laUZx2 -KI15qldGF9X1Uva3ROgIRL8YhNILgM3FEv0AVQVhh0HctSSePMTYyPtwni94loMg -Nt58D2kTiKV1NpgIpsbfrM7jWNa3Pt668+s0QNiigfV4Py/VpfzZotReBA4Xrf5B -8OWycvpEgjNC6C1Y91aMYj+6QrCcDFx+LmUmXFNPALJ4fqENmS2NuB2OosSw/WDQ -MKSOyARiqcTtNd56l+0OOF6SL5Nwpamcb6d9Ex1+xghIsV5n61EIJenmJWtSKZGc -0jlzCFfemQa0W50QBuHCAKi4HEoCChTQwUHK+4w1IX2COPKpVJEZNZOUbWo6xbLQ -u4mGk+ibyQ86p3q4ofB4Rvr8Ny/lioTz3/4E2aFooC8k4gmVBtWVyuEklut89pMF -u+1z6S3RdTnX5yTb2E5fQ4+e0BQ5v1VwSJlXMbSc7kqYA5YwH2AG7hsj/oFgIxpH -YoWlzBk0gG+zrBrjn/B7SK3VAdlntqlyk+otZrWyuOQ9PLLvTIzq6we/qzWaVYa8 -GKa1qF60g2xraUDTn9zxw2lrueFtCfTxqlB2Cnp9ehehVZZCmTEJ3WARjQUwfuaO -RtGdFNrHF+QFlozEJLUbzxQHskD4o55BhrwE0GuWyCqANP2/7waj3VjFhT0+j/6e -KeC2uAloGRwYQw== ------END CERTIFICATE----- -=== /C=US/O=AffirmTrust/CN=AffirmTrust Premium ECC -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 8401224907861490260 (0x7497258ac73f7a54) - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Jan 29 14:20:24 2010 GMT - Not After : Dec 31 14:20:24 2040 GMT - Subject: C=US, O=AffirmTrust, CN=AffirmTrust Premium ECC - X509v3 extensions: - X509v3 Subject Key Identifier: - 9A:AF:29:7A:C0:11:35:35:26:51:30:00:C3:6A:FE:40:D5:AE:D6:3C - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign -SHA1 Fingerprint=B8:23:6B:00:2F:1D:16:86:53:01:55:6C:11:A4:37:CA:EB:FF:C3:BB -SHA256 Fingerprint=BD:71:FD:F6:DA:97:E4:CF:62:D1:64:7A:DD:25:81:B0:7D:79:AD:F8:39:7E:B4:EC:BA:9C:5E:84:88:82:14:23 ------BEGIN CERTIFICATE----- -MIIB/jCCAYWgAwIBAgIIdJclisc/elQwCgYIKoZIzj0EAwMwRTELMAkGA1UEBhMC -VVMxFDASBgNVBAoMC0FmZmlybVRydXN0MSAwHgYDVQQDDBdBZmZpcm1UcnVzdCBQ -cmVtaXVtIEVDQzAeFw0xMDAxMjkxNDIwMjRaFw00MDEyMzExNDIwMjRaMEUxCzAJ -BgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1UcnVzdDEgMB4GA1UEAwwXQWZmaXJt -VHJ1c3QgUHJlbWl1bSBFQ0MwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQNMF4bFZ0D -0KF5Nbc6PJJ6yhUczWLznCZcBz3lVPqj1swS6vQUX+iOGasvLkjmrBhDeKzQN8O9 -ss0s5kfiGuZjuD0uL3jET9v0D6RoTFVya5UdThhClXjMNzyR4ptlKymjQjBAMB0G -A1UdDgQWBBSaryl6wBE1NSZRMADDav5A1a7WPDAPBgNVHRMBAf8EBTADAQH/MA4G -A1UdDwEB/wQEAwIBBjAKBggqhkjOPQQDAwNnADBkAjAXCfOHiFBar8jAQr9HX/Vs -aobgxCd05DhT1wV/GzTjxi+zygk8N53X57hG8f2h4nECMEJZh0PUUd+60wkyWs6I -flc9nF9Ca/UHLbXwgpP5WW+uZPpY5Yse42O+tYHNbwKMeQ== ------END CERTIFICATE----- - -### Agence Nationale de Certification Electronique - -=== /C=TN/O=Agence Nationale de Certification Electronique/CN=TunTrust Root CA -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 13:02:d5:e2:40:4c:92:46:86:16:67:5d:b4:bb:bb:b2:6b:3e:fc:13 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Apr 26 08:57:56 2019 GMT - Not After : Apr 26 08:57:56 2044 GMT - Subject: C=TN, O=Agence Nationale de Certification Electronique, CN=TunTrust Root CA - X509v3 extensions: - X509v3 Subject Key Identifier: - 06:9A:9B:1F:53:7D:F1:F5:A4:C8:D3:86:3E:A1:73:59:B4:F7:44:21 - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Authority Key Identifier: - keyid:06:9A:9B:1F:53:7D:F1:F5:A4:C8:D3:86:3E:A1:73:59:B4:F7:44:21 - - X509v3 Key Usage: critical - Certificate Sign, CRL Sign -SHA1 Fingerprint=CF:E9:70:84:0F:E0:73:0F:9D:F6:0C:7F:2C:4B:EE:20:46:34:9C:BB -SHA256 Fingerprint=2E:44:10:2A:B5:8C:B8:54:19:45:1C:8E:19:D9:AC:F3:66:2C:AF:BC:61:4B:6A:53:96:0A:30:F7:D0:E2:EB:41 ------BEGIN CERTIFICATE----- -MIIFszCCA5ugAwIBAgIUEwLV4kBMkkaGFmddtLu7sms+/BMwDQYJKoZIhvcNAQEL -BQAwYTELMAkGA1UEBhMCVE4xNzA1BgNVBAoMLkFnZW5jZSBOYXRpb25hbGUgZGUg -Q2VydGlmaWNhdGlvbiBFbGVjdHJvbmlxdWUxGTAXBgNVBAMMEFR1blRydXN0IFJv -b3QgQ0EwHhcNMTkwNDI2MDg1NzU2WhcNNDQwNDI2MDg1NzU2WjBhMQswCQYDVQQG -EwJUTjE3MDUGA1UECgwuQWdlbmNlIE5hdGlvbmFsZSBkZSBDZXJ0aWZpY2F0aW9u -IEVsZWN0cm9uaXF1ZTEZMBcGA1UEAwwQVHVuVHJ1c3QgUm9vdCBDQTCCAiIwDQYJ -KoZIhvcNAQEBBQADggIPADCCAgoCggIBAMPN0/y9BFPdDCA61YguBUtB9YOCfvdZ -n56eY+hz2vYGqU8ftPkLHzmMmiDQfgbU7DTZhrx1W4eI8NLZ1KMKsmwb60ksPqxd -2JQDoOw05TDENX37Jk0bbjBU2PWARZw5rZzJJQRNmpA+TkBuimvNKWfGzC3gdOgF -VwpIUPp6Q9p+7FuaDmJ2/uqdHYVy7BG7NegfJ7/Boce7SBbdVtfMTqDhuazb1YMZ -GoXRlJfXyqNlC/M4+QKu3fZnz8k/9YosRxqZbwUN/dAdgjH8KcwAWJeRTIAAHDOF -li/LQcKLEITDCSSJH7UP2dl3RxiSlGBcx5kDPP73lad9UKGAwqmDrViWVSHbhlnU -r8a83YFuB9tgYv7sEG7aaAH0gxupPqJbI9dkxt/con3YS7qC0lH4Zr8GRuR5KiY2 -eY8fTpkdso8MDhz/yV3A/ZAQprE38806JG60hZC/gLkMjNWb1sjxVj8agIl6qeIb -MlEsPvLfe/ZdeikZjuXIvTZxi11Mwh0/rViizz1wTaZQmCXcI/m4WEEIcb9PuISg -jwBUFfyRbVinljvrS5YnzWuioYasDXxU5mZMZl+QviGaAkYt5IPCgLnPSz7ofzwB -7I9ezX/SKEIBlYrilz0QIX32nRzFNKHsLA4KUiwSVXAkPcvCFDVDXSdOvsC9qnyW -5/yeYa1E0wCXAgMBAAGjYzBhMB0GA1UdDgQWBBQGmpsfU33x9aTI04Y+oXNZtPdE -ITAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFAaamx9TffH1pMjThj6hc1m0 -90QhMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAqgVutt0Vyb+z -xiD2BkewhpMl0425yAA/l/VSJ4hxyXT968pk21vvHl26v9Hr7lxpuhbI87mP0zYu -QEkHDVneixCwSQXi/5E/S7fdAo74gShczNxtr18UnH1YeA32gAm56Q6XKRm4t+v4 -FstVEuTGfbvE7Pi1HE4+Z7/FXxttbUcoqgRYYdZ2vyJ/0Adqp2RT8JeNnYA/u8EH -22Wv5psymsNUk8QcCMNE+3tjEUPRahphanltkE8pjkcFwRJpadbGNjHh/PqAulxP -xOu3Mqz4dWEX1xAZufHSCe96Qp1bWgvUxpVOKs7/B9dPfhgGiPEZtdmYu65xxBzn -dFlY7wyJz4sfdZMaBBSSSFCp61cpABbjNhzI+L/wM9VBD8TMPN3pM0MBkRArHtG5 -Xc0yGYuPjCB31yLEQtyEFpslbei0VXF/sHyz03FJuc9SpAQ/3D2gu68zngowYI7b -nV2UqL1g52KAdoGDDIzMMEZJ4gzSqK/rYXHv5yJiqfdcZGyfFoxnNidF9Ql7v/YQ -CvGwjVRDjAS6oz/v4jXH+XTgbzRB0L9zZVcg+ZtnemZoJE6AZb0QmQZZ8mWvuMZH -u/2QeItBcy6vVR/cO5JyboTT0GFMDcx2V+IthSIVNg3rAZ3r2OvEhJn7wAzMMujj -d9qDRIueVSjAi1jTkD5OGwDxFa2DK5o= ------END CERTIFICATE----- - -### Amazon - -=== /C=US/O=Amazon/CN=Amazon Root CA 1 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 06:6c:9f:cf:99:bf:8c:0a:39:e2:f0:78:8a:43:e6:96:36:5b:ca - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: May 26 00:00:00 2015 GMT - Not After : Jan 17 00:00:00 2038 GMT - Subject: C=US, O=Amazon, CN=Amazon Root CA 1 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - 84:18:CC:85:34:EC:BC:0C:94:94:2E:08:59:9C:C7:B2:10:4E:0A:08 -SHA1 Fingerprint=8D:A7:F9:65:EC:5E:FC:37:91:0F:1C:6E:59:FD:C1:CC:6A:6E:DE:16 -SHA256 Fingerprint=8E:CD:E6:88:4F:3D:87:B1:12:5B:A3:1A:C3:FC:B1:3D:70:16:DE:7F:57:CC:90:4F:E1:CB:97:C6:AE:98:19:6E ------BEGIN CERTIFICATE----- -MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF -ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6 -b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL -MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv -b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj -ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM -9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw -IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6 -VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L -93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm -jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC -AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA -A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI -U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs -N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv -o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU -5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy -rqXRfboQnoZsG4q5WTP468SQvvG5 ------END CERTIFICATE----- -=== /C=US/O=Amazon/CN=Amazon Root CA 2 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 06:6c:9f:d2:96:35:86:9f:0a:0f:e5:86:78:f8:5b:26:bb:8a:37 - Signature Algorithm: sha384WithRSAEncryption - Validity - Not Before: May 26 00:00:00 2015 GMT - Not After : May 26 00:00:00 2040 GMT - Subject: C=US, O=Amazon, CN=Amazon Root CA 2 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - B0:0C:F0:4C:30:F4:05:58:02:48:FD:33:E5:52:AF:4B:84:E3:66:52 -SHA1 Fingerprint=5A:8C:EF:45:D7:A6:98:59:76:7A:8C:8B:44:96:B5:78:CF:47:4B:1A -SHA256 Fingerprint=1B:A5:B2:AA:8C:65:40:1A:82:96:01:18:F8:0B:EC:4F:62:30:4D:83:CE:C4:71:3A:19:C3:9C:01:1E:A4:6D:B4 ------BEGIN CERTIFICATE----- -MIIFQTCCAymgAwIBAgITBmyf0pY1hp8KD+WGePhbJruKNzANBgkqhkiG9w0BAQwF -ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6 -b24gUm9vdCBDQSAyMB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTEL -MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv -b3QgQ0EgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK2Wny2cSkxK -gXlRmeyKy2tgURO8TW0G/LAIjd0ZEGrHJgw12MBvIITplLGbhQPDW9tK6Mj4kHbZ -W0/jTOgGNk3Mmqw9DJArktQGGWCsN0R5hYGCrVo34A3MnaZMUnbqQ523BNFQ9lXg -1dKmSYXpN+nKfq5clU1Imj+uIFptiJXZNLhSGkOQsL9sBbm2eLfq0OQ6PBJTYv9K -8nu+NQWpEjTj82R0Yiw9AElaKP4yRLuH3WUnAnE72kr3H9rN9yFVkE8P7K6C4Z9r -2UXTu/Bfh+08LDmG2j/e7HJV63mjrdvdfLC6HM783k81ds8P+HgfajZRRidhW+me -z/CiVX18JYpvL7TFz4QuK/0NURBs+18bvBt+xa47mAExkv8LV/SasrlX6avvDXbR -8O70zoan4G7ptGmh32n2M8ZpLpcTnqWHsFcQgTfJU7O7f/aS0ZzQGPSSbtqDT6Zj -mUyl+17vIWR6IF9sZIUVyzfpYgwLKhbcAS4y2j5L9Z469hdAlO+ekQiG+r5jqFoz -7Mt0Q5X5bGlSNscpb/xVA1wf+5+9R+vnSUeVC06JIglJ4PVhHvG/LopyboBZ/1c6 -+XUyo05f7O0oYtlNc/LMgRdg7c3r3NunysV+Ar3yVAhU/bQtCSwXVEqY0VThUWcI -0u1ufm8/0i2BWSlmy5A5lREedCf+3euvAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMB -Af8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSwDPBMMPQFWAJI/TPlUq9LhONm -UjANBgkqhkiG9w0BAQwFAAOCAgEAqqiAjw54o+Ci1M3m9Zh6O+oAA7CXDpO8Wqj2 -LIxyh6mx/H9z/WNxeKWHWc8w4Q0QshNabYL1auaAn6AFC2jkR2vHat+2/XcycuUY -+gn0oJMsXdKMdYV2ZZAMA3m3MSNjrXiDCYZohMr/+c8mmpJ5581LxedhpxfL86kS -k5Nrp+gvU5LEYFiwzAJRGFuFjWJZY7attN6a+yb3ACfAXVU3dJnJUH/jWS5E4ywl -7uxMMne0nxrpS10gxdr9HIcWxkPo1LsmmkVwXqkLN1PiRnsn/eBG8om3zEK2yygm -btmlyTrIQRNg91CMFa6ybRoVGld45pIq2WWQgj9sAq+uEjonljYE1x2igGOpm/Hl -urR8FLBOybEfdF849lHqm/osohHUqS0nGkWxr7JOcQ3AWEbWaQbLU8uz/mtBzUF+ -fUwPfHJ5elnNXkoOrJupmHN5fLT0zLm4BwyydFy4x2+IoZCn9Kr5v2c69BoVYh63 -n749sSmvZ6ES8lgQGVMDMBu4Gon2nL2XA46jCfMdiyHxtN/kHNGfZQIG6lzWE7OE -76KlXIx3KadowGuuQNKotOrN8I1LOJwZmhsoVLiJkO/KdYE+HvJkJMcYr07/R54H -9jVlpNMKVv/1F2Rs76giJUmTtt8AF9pYfl3uxRuw0dFfIRDH+fO6AgonB8Xx1sfT -4PsJYGw= ------END CERTIFICATE----- -=== /C=US/O=Amazon/CN=Amazon Root CA 3 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 06:6c:9f:d5:74:97:36:66:3f:3b:0b:9a:d9:e8:9e:76:03:f2:4a - Signature Algorithm: ecdsa-with-SHA256 - Validity - Not Before: May 26 00:00:00 2015 GMT - Not After : May 26 00:00:00 2040 GMT - Subject: C=US, O=Amazon, CN=Amazon Root CA 3 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - AB:B6:DB:D7:06:9E:37:AC:30:86:07:91:70:C7:9C:C4:19:B1:78:C0 -SHA1 Fingerprint=0D:44:DD:8C:3C:8C:1A:1A:58:75:64:81:E9:0F:2E:2A:FF:B3:D2:6E -SHA256 Fingerprint=18:CE:6C:FE:7B:F1:4E:60:B2:E3:47:B8:DF:E8:68:CB:31:D0:2E:BB:3A:DA:27:15:69:F5:03:43:B4:6D:B3:A4 ------BEGIN CERTIFICATE----- -MIIBtjCCAVugAwIBAgITBmyf1XSXNmY/Owua2eiedgPySjAKBggqhkjOPQQDAjA5 -MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g -Um9vdCBDQSAzMB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkG -A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJvb3Qg -Q0EgMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABCmXp8ZBf8ANm+gBG1bG8lKl -ui2yEujSLtf6ycXYqm0fc4E7O5hrOXwzpcVOho6AF2hiRVd9RFgdszflZwjrZt6j -QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSr -ttvXBp43rDCGB5Fwx5zEGbF4wDAKBggqhkjOPQQDAgNJADBGAiEA4IWSoxe3jfkr -BqWTrBqYaGFy+uGh0PsceGCmQ5nFuMQCIQCcAu/xlJyzlvnrxir4tiz+OpAUFteM -YyRIHN8wfdVoOw== ------END CERTIFICATE----- -=== /C=US/O=Amazon/CN=Amazon Root CA 4 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 06:6c:9f:d7:c1:bb:10:4c:29:43:e5:71:7b:7b:2c:c8:1a:c1:0e - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: May 26 00:00:00 2015 GMT - Not After : May 26 00:00:00 2040 GMT - Subject: C=US, O=Amazon, CN=Amazon Root CA 4 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - D3:EC:C7:3A:65:6E:CC:E1:DA:76:9A:56:FB:9C:F3:86:6D:57:E5:81 -SHA1 Fingerprint=F6:10:84:07:D6:F8:BB:67:98:0C:C2:E2:44:C2:EB:AE:1C:EF:63:BE -SHA256 Fingerprint=E3:5D:28:41:9E:D0:20:25:CF:A6:90:38:CD:62:39:62:45:8D:A5:C6:95:FB:DE:A3:C2:2B:0B:FB:25:89:70:92 ------BEGIN CERTIFICATE----- -MIIB8jCCAXigAwIBAgITBmyf18G7EEwpQ+Vxe3ssyBrBDjAKBggqhkjOPQQDAzA5 -MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g -Um9vdCBDQSA0MB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkG -A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJvb3Qg -Q0EgNDB2MBAGByqGSM49AgEGBSuBBAAiA2IABNKrijdPo1MN/sGKe0uoe0ZLY7Bi -9i0b2whxIdIA6GO9mif78DluXeo9pcmBqqNbIJhFXRbb/egQbeOc4OO9X4Ri83Bk -M6DLJC9wuoihKqB1+IGuYgbEgds5bimwHvouXKNCMEAwDwYDVR0TAQH/BAUwAwEB -/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYEFNPsxzplbszh2naaVvuc84ZtV+WB -MAoGCCqGSM49BAMDA2gAMGUCMDqLIfG9fhGt0O9Yli/W651+kI0rz2ZVwyzjKKlw -CkcO8DdZEv8tmZQoTipPNU0zWgIxAOp1AE47xDqUEpHJWEadIRNyp4iciuRMStuW -1KyLa2tJElMzrdfkviT8tQp21KW8EA== ------END CERTIFICATE----- - -### Asseco Data Systems S.A. - -=== /C=PL/O=Asseco Data Systems S.A./OU=Certum Certification Authority/CN=Certum EC-384 CA -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 78:8f:27:5c:81:12:52:20:a5:04:d0:2d:dd:ba:73:f4 - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Mar 26 07:24:54 2018 GMT - Not After : Mar 26 07:24:54 2043 GMT - Subject: C=PL, O=Asseco Data Systems S.A., OU=Certum Certification Authority, CN=Certum EC-384 CA - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 8D:06:66:74:24:76:3A:F3:89:F7:BC:D6:BD:47:7D:2F:BC:10:5F:4B - X509v3 Key Usage: critical - Certificate Sign, CRL Sign -SHA1 Fingerprint=F3:3E:78:3C:AC:DF:F4:A2:CC:AC:67:55:69:56:D7:E5:16:3C:E1:ED -SHA256 Fingerprint=6B:32:80:85:62:53:18:AA:50:D1:73:C9:8D:8B:DA:09:D5:7E:27:41:3D:11:4C:F7:87:A0:F5:D0:6C:03:0C:F6 ------BEGIN CERTIFICATE----- -MIICZTCCAeugAwIBAgIQeI8nXIESUiClBNAt3bpz9DAKBggqhkjOPQQDAzB0MQsw -CQYDVQQGEwJQTDEhMB8GA1UEChMYQXNzZWNvIERhdGEgU3lzdGVtcyBTLkEuMScw -JQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxGTAXBgNVBAMT -EENlcnR1bSBFQy0zODQgQ0EwHhcNMTgwMzI2MDcyNDU0WhcNNDMwMzI2MDcyNDU0 -WjB0MQswCQYDVQQGEwJQTDEhMB8GA1UEChMYQXNzZWNvIERhdGEgU3lzdGVtcyBT -LkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxGTAX -BgNVBAMTEENlcnR1bSBFQy0zODQgQ0EwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATE -KI6rGFtqvm5kN2PkzeyrOvfMobgOgknXhimfoZTy42B4mIF4Bk3y7JoOV2CDn7Tm -Fy8as10CW4kjPMIRBSqniBMY81CE1700LCeJVf/OTOffph8oxPBUw7l8t1Ot68Kj -QjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI0GZnQkdjrzife81r1HfS+8 -EF9LMA4GA1UdDwEB/wQEAwIBBjAKBggqhkjOPQQDAwNoADBlAjADVS2m5hjEfO/J -UG7BJw+ch69u1RsIGL2SKcHvlJF40jocVYli5RsJHrpka/F2tNQCMQC0QoSZ/6vn -nvuRlydd3LBbMHHOXjgaatkl5+r3YZJW+OraNsKHZZYuciUvf9/DE8k= ------END CERTIFICATE----- -=== /C=PL/O=Asseco Data Systems S.A./OU=Certum Certification Authority/CN=Certum Trusted Root CA -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 1e:bf:59:50:b8:c9:80:37:4c:06:f7:eb:55:4f:b5:ed - Signature Algorithm: sha512WithRSAEncryption - Validity - Not Before: Mar 16 12:10:13 2018 GMT - Not After : Mar 16 12:10:13 2043 GMT - Subject: C=PL, O=Asseco Data Systems S.A., OU=Certum Certification Authority, CN=Certum Trusted Root CA - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 8C:FB:1C:75:BC:02:D3:9F:4E:2E:48:D9:F9:60:54:AA:C4:B3:4F:FA - X509v3 Key Usage: critical - Certificate Sign, CRL Sign -SHA1 Fingerprint=C8:83:44:C0:18:AE:9F:CC:F1:87:B7:8F:22:D1:C5:D7:45:84:BA:E5 -SHA256 Fingerprint=FE:76:96:57:38:55:77:3E:37:A9:5E:7A:D4:D9:CC:96:C3:01:57:C1:5D:31:76:5B:A9:B1:57:04:E1:AE:78:FD ------BEGIN CERTIFICATE----- -MIIFwDCCA6igAwIBAgIQHr9ZULjJgDdMBvfrVU+17TANBgkqhkiG9w0BAQ0FADB6 -MQswCQYDVQQGEwJQTDEhMB8GA1UEChMYQXNzZWNvIERhdGEgU3lzdGVtcyBTLkEu -MScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxHzAdBgNV -BAMTFkNlcnR1bSBUcnVzdGVkIFJvb3QgQ0EwHhcNMTgwMzE2MTIxMDEzWhcNNDMw -MzE2MTIxMDEzWjB6MQswCQYDVQQGEwJQTDEhMB8GA1UEChMYQXNzZWNvIERhdGEg -U3lzdGVtcyBTLkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRo -b3JpdHkxHzAdBgNVBAMTFkNlcnR1bSBUcnVzdGVkIFJvb3QgQ0EwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQDRLY67tzbqbTeRn06TpwXkKQMlzhyC93yZ -n0EGze2jusDbCSzBfN8pfktlL5On1AFrAygYo9idBcEq2EXxkd7fO9CAAozPOA/q -p1x4EaTByIVcJdPTsuclzxFUl6s1wB52HO8AU5853BSlLCIls3Jy/I2z5T4IHhQq -NwuIPMqw9MjCoa68wb4pZ1Xi/K1ZXP69VyywkI3C7Te2fJmItdUDmj0VDT06qKhF -8JVOJVkdzZhpu9PMMsmN74H+rX2Ju7pgE8pllWeg8xn2A1bUatMn4qGtg/BKEiJ3 -HAVz4hlxQsDsdUaakFjgao4rpUYwBI4Zshfjvqm6f1bxJAPXsiEodg42MEx51UGa -mqi4NboMOvJEGyCI98Ul1z3G4z5D3Yf+xOr1Uz5MZf87Sst4WmsXXw3Hw09Omiqi -7VdNIuJGmj8PkTQkfVXjjJU30xrwCSss0smNtA0Aq2cpKNgB9RkEth2+dv5yXMSF -ytKAQd8FqKPVhJBPC/PgP5sZ0jeJP/J7UhyM9uH3PAeXjA6iWYEMspA90+NZRu0P -qafegGtaqge2Gcu8V/OXIXoMsSt0Puvap2ctTMSYnjYJdmZm/Bo/6khUHL4wvYBQ -v3y1zgD2DGHZ5yQD4OMBgQ692IU0iL2yNqh7XAjlRICMb/gv1SHKHRzQ+8S1h9E6 -Tsd2tTVItQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSM+xx1 -vALTn04uSNn5YFSqxLNP+jAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQENBQAD -ggIBAEii1QALLtA/vBzVtVRJHlpr9OTy4EA34MwUe7nJ+jW1dReTagVphZzNTxl4 -WxmB82M+w85bj/UvXgF2Ez8sALnNllI5SW0ETsXpD4YN4fqzX4IS8TrOZgYkNCvo -zMrnadyHncI013nR03e4qllY/p0m+jiGPp2Kh2RX5Rc64vmNueMzeMGQ2Ljdt4NR -5MTMI9UGfOZR0800McD2RrsLrfw9EAUqO0qRJe6M1ISHgCq8CYyqOhNf6DR5UMEQ -GfnTKB7U0VEwKbOukGfWHwpjscWpxkIxYxeU72nLL/qMFH3EQxiJ2fAyQOaA4kZf -5ePBAFmo+eggvIksDkc0C+pXwlM2/KfUrzHN/gLldfq5Jwn58/U7yn2fqSLLiMmq -0Uc9NneoWWRrJ8/vJ8HjJLWG965+Mk2weWjROeiQWMODvA8s1pfrzgzhIMfatz7D -P78v3DSk+yshzWePS/Tj6tQ/50+6uaWTRRxmHyH6ZF5v4HaUMst19W7l9o/HuKTM -qJZ9ZPskWkoDbGs4xugDQ5r3V7mzKWmTOPQD8rv7gmsHINFSH5pkAnuYZttcTVoP -0ISVoDwUQwbKytu4QTbaakRnh6+v40URFWkIsr4WOZckbxJF0WddCajJFdr60qZf -E2Efv4WstK2tBZQIgx51F9NxO5NQI1mg7TyRVJ12AMXDuDjb ------END CERTIFICATE----- - -### Atos - -=== /CN=Atos TrustedRoot 2011/O=Atos/C=DE -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 6643877497813316402 (0x5c33cb622c5fb332) - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Jul 7 14:58:30 2011 GMT - Not After : Dec 31 23:59:59 2030 GMT - Subject: CN=Atos TrustedRoot 2011, O=Atos, C=DE - X509v3 extensions: - X509v3 Subject Key Identifier: - A7:A5:06:B1:2C:A6:09:60:EE:D1:97:E9:70:AE:BC:3B:19:6C:DB:21 - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Authority Key Identifier: - keyid:A7:A5:06:B1:2C:A6:09:60:EE:D1:97:E9:70:AE:BC:3B:19:6C:DB:21 - - X509v3 Certificate Policies: - Policy: 1.3.6.1.4.1.6189.3.4.1.1 - - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign -SHA1 Fingerprint=2B:B1:F5:3E:55:0C:1D:C5:F1:D4:E6:B7:6A:46:4B:55:06:02:AC:21 -SHA256 Fingerprint=F3:56:BE:A2:44:B7:A9:1E:B3:5D:53:CA:9A:D7:86:4A:CE:01:8E:2D:35:D5:F8:F9:6D:DF:68:A6:F4:1A:A4:74 ------BEGIN CERTIFICATE----- -MIIDdzCCAl+gAwIBAgIIXDPLYixfszIwDQYJKoZIhvcNAQELBQAwPDEeMBwGA1UE -AwwVQXRvcyBUcnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQG -EwJERTAeFw0xMTA3MDcxNDU4MzBaFw0zMDEyMzEyMzU5NTlaMDwxHjAcBgNVBAMM -FUF0b3MgVHJ1c3RlZFJvb3QgMjAxMTENMAsGA1UECgwEQXRvczELMAkGA1UEBhMC -REUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVhTuXbyo7LjvPpvMp -Nb7PGKw+qtn4TaA+Gke5vJrf8v7MPkfoepbCJI419KkM/IL9bcFyYie96mvr54rM -VD6QUM+A1JX76LWC1BTFtqlVJVfbsVD2sGBkWXppzwO3bw2+yj5vdHLqqjAqc2K+ -SZFhyBH+DgMq92og3AIVDV4VavzjgsG1xZ1kCWyjWZgHJ8cblithdHFsQ/H3NYkQ -4J7sVaE3IqKHBAUsR320HLliKWYoyrfhk/WklAOZuXCFteZI6o1Q/NnezG8HDt0L -cp2AMBYHlT8oDv3FdU9T1nSatCQujgKRz3bFmx5VdJx4IbHwLfELn8LVlhgf8FQi -eowHAgMBAAGjfTB7MB0GA1UdDgQWBBSnpQaxLKYJYO7Rl+lwrrw7GWzbITAPBgNV -HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKelBrEspglg7tGX6XCuvDsZbNshMBgG -A1UdIAQRMA8wDQYLKwYBBAGwLQMEAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3 -DQEBCwUAA4IBAQAmdzTblEiGKkGdLD4GkGDEjKwLVLgfuXvTBznk+j57sj1O7Z8j -vZfza1zv7v1Apt+hk6EKhqzvINB5Ab149xnYJDE0BAGmuhWawyfc2E8PzBhj/5kP -DpFrdRbhIfzYJsdHt6bPWHJxfrrhTZVHO8mvbaG0weyJ9rQPOLXiZNwlz6bb65pc -maHFCN795trV1lpFDMS3wrUU77QR/w4VtfX128a961qn8FYiqTxlVMYVqL2Gns2D -lmh6cYGJ4Qvh6hEbaAjMaZ7snkGeRDImeuKHCnE96+RapNLbxc3G3mB/ufNPRJLv -KrcYPqcZ2Qt9sTdBQrC6YB3y/gkRsPCHe6ed ------END CERTIFICATE----- -=== /CN=Atos TrustedRoot Root CA ECC TLS 2021/O=Atos/C=DE -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 3d:98:3b:a6:66:3d:90:63:f7:7e:26:57:38:04:ef:00 - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Apr 22 09:26:23 2021 GMT - Not After : Apr 17 09:26:22 2041 GMT - Subject: CN=Atos TrustedRoot Root CA ECC TLS 2021, O=Atos, C=DE - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 76:28:25:D6:7D:E0:66:9A:7A:09:B2:6A:3B:8E:33:D7:36:D3:4F:A2 - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign -SHA1 Fingerprint=9E:BC:75:10:42:B3:02:F3:81:F4:F7:30:62:D4:8F:C3:A7:51:B2:DD -SHA256 Fingerprint=B2:FA:E5:3E:14:CC:D7:AB:92:12:06:47:01:AE:27:9C:1D:89:88:FA:CB:77:5F:A8:A0:08:91:4E:66:39:88:A8 ------BEGIN CERTIFICATE----- -MIICFTCCAZugAwIBAgIQPZg7pmY9kGP3fiZXOATvADAKBggqhkjOPQQDAzBMMS4w -LAYDVQQDDCVBdG9zIFRydXN0ZWRSb290IFJvb3QgQ0EgRUNDIFRMUyAyMDIxMQ0w -CwYDVQQKDARBdG9zMQswCQYDVQQGEwJERTAeFw0yMTA0MjIwOTI2MjNaFw00MTA0 -MTcwOTI2MjJaMEwxLjAsBgNVBAMMJUF0b3MgVHJ1c3RlZFJvb3QgUm9vdCBDQSBF -Q0MgVExTIDIwMjExDTALBgNVBAoMBEF0b3MxCzAJBgNVBAYTAkRFMHYwEAYHKoZI -zj0CAQYFK4EEACIDYgAEloZYKDcKZ9Cg3iQZGeHkBQcfl+3oZIK59sRxUM6KDP/X -tXa7oWyTbIOiaG6l2b4siJVBzV3dscqDY4PMwL502eCdpO5KTlbgmClBk1IQ1SQ4 -AjJn8ZQSb+/Xxd4u/RmAo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR2 -KCXWfeBmmnoJsmo7jjPXNtNPojAOBgNVHQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwMD -aAAwZQIwW5kp85wxtolrbNa9d+F851F+uDrNozZffPc8dz7kUK2o59JZDCaOMDtu -CCrCp1rIAjEAmeMM56PDr9NJLkaCI2ZdyQAUEv049OGYa3cpetskz2VAv9LcjBHo -9H1/IISpQuQo ------END CERTIFICATE----- -=== /CN=Atos TrustedRoot Root CA RSA TLS 2021/O=Atos/C=DE -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 53:d5:cf:e6:19:93:0b:fb:2b:05:12:d8:c2:2a:a2:a4 - Signature Algorithm: sha384WithRSAEncryption - Validity - Not Before: Apr 22 09:21:10 2021 GMT - Not After : Apr 17 09:21:09 2041 GMT - Subject: CN=Atos TrustedRoot Root CA RSA TLS 2021, O=Atos, C=DE - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 74:49:99:D1:FF:B4:7A:68:45:75:C3:7E:B4:DC:CC:CE:39:33:DA:08 - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign -SHA1 Fingerprint=18:52:3B:0D:06:37:E4:D6:3A:DF:23:E4:98:FB:5B:16:FB:86:74:48 -SHA256 Fingerprint=81:A9:08:8E:A5:9F:B3:64:C5:48:A6:F8:55:59:09:9B:6F:04:05:EF:BF:18:E5:32:4E:C9:F4:57:BA:00:11:2F ------BEGIN CERTIFICATE----- -MIIFZDCCA0ygAwIBAgIQU9XP5hmTC/srBRLYwiqipDANBgkqhkiG9w0BAQwFADBM -MS4wLAYDVQQDDCVBdG9zIFRydXN0ZWRSb290IFJvb3QgQ0EgUlNBIFRMUyAyMDIx -MQ0wCwYDVQQKDARBdG9zMQswCQYDVQQGEwJERTAeFw0yMTA0MjIwOTIxMTBaFw00 -MTA0MTcwOTIxMDlaMEwxLjAsBgNVBAMMJUF0b3MgVHJ1c3RlZFJvb3QgUm9vdCBD -QSBSU0EgVExTIDIwMjExDTALBgNVBAoMBEF0b3MxCzAJBgNVBAYTAkRFMIICIjAN -BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtoAOxHm9BYx9sKOdTSJNy/BBl01Z -4NH+VoyX8te9j2y3I49f1cTYQcvyAh5x5en2XssIKl4w8i1mx4QbZFc4nXUtVsYv -Ye+W/CBGvevUez8/fEc4BKkbqlLfEzfTFRVOvV98r61jx3ncCHvVoOX3W3WsgFWZ -kmGbzSoXfduP9LVq6hdKZChmFSlsAvFr1bqjM9xaZ6cF4r9lthawEO3NUDPJcFDs -GY6wx/J0W2tExn2WuZgIWWbeKQGb9Cpt0xU6kGpn8bRrZtkh68rZYnxGEFzedUln -nkL5/nWpo63/dgpnQOPF943HhZpZnmKaau1Fh5hnstVKPNe0OwANwI8f4UDErmwh -3El+fsqyjW22v5MvoVw+j8rtgI5Y4dtXz4U2OLJxpAmMkokIiEjxQGMYsluMWuPD -0xeqqxmjLBvk1cbiZnrXghmmOxYsL3GHX0WelXOTwkKBIROW1527k2gV+p2kHYzy -geBYBr3JtuP2iV2J+axEoctr+hbxx1A9JNr3w+SH1VbxT5Aw+kUJWdo0zuATHAR8 -ANSbhqRAvNncTFd+rrcztl524WWLZt+NyteYr842mIycg5kDcPOvdO3GDjbnvezB -c6eUWsuSZIKmAMFwoW4sKeFYV+xafJlrJaSQOoD0IJ2azsct+bJLKZWD6TWNp0lI -pw9MGZHQ9b8Q4HECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU -dEmZ0f+0emhFdcN+tNzMzjkz2ggwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEB -DAUAA4ICAQAjQ1MkYlxt/T7Cz1UAbMVWiLkO3TriJQ2VSpfKgInuKs1l+NsW4AmS -4BjHeJi78+xCUvuppILXTdiK/ORO/auQxDh1MoSf/7OwKwIzNsAQkG8dnK/haZPs -o0UvFJ/1TCplQ3IM98P4lYsU84UgYt1UU90s3BiVaU+DR3BAM1h3Egyi61IxHkzJ -qM7F78PRreBrAwA0JrRUITWXAdxfG/F851X6LWh3e9NpzNMOa7pNdkTWwhWaJuyw -xfW70Xp0wmzNxbVe9kzmWy2B27O3Opee7c9GslA9hGCZcbUztVdF5kJHdWoOsAgM -rr3e97sPWD2PAzHoPYJQyi9eDF20l74gNAf0xBLh7tew2VktafcxBPTy+av5EzH4 -AXcOPUIjJsyacmdRIXrMPIWo6iFqO9taPKU0nprALN+AnCng33eU0aKAQv9qTFsR -0PXNor6uzFFcw9VUewyu1rkGd4Di7wcaaMxZUa1+XGdrudviB0JbuAEFWDlN5LuY -o7Ey7Nmj1m+UI/87tyll5gfp77YZ6ufCOB0yiJA8EytuzO+rdwY0d4RPcuSBhPm5 -dDTedk+SKlOxJTnbPP/lPqYO5Wue/9vsL3SD3460s6neFE3/MaNFcyT6lSnMEpcE -oji2jbDwN/zIIX8/syQbPYtuzE2wFg2WHYMfRsCbvUOZ58SWLs5fyQ== ------END CERTIFICATE----- - -### BEIJING CERTIFICATE AUTHORITY - -=== /C=CN/O=BEIJING CERTIFICATE AUTHORITY/CN=BJCA Global Root CA1 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 55:6f:65:e3:b4:d9:90:6a:1b:09:d1:6c:3e:c0:6c:20 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Dec 19 03:16:17 2019 GMT - Not After : Dec 12 03:16:17 2044 GMT - Subject: C=CN, O=BEIJING CERTIFICATE AUTHORITY, CN=BJCA Global Root CA1 - X509v3 extensions: - X509v3 Subject Key Identifier: - C5:EF:ED:CC:D8:8D:21:C6:48:E4:E3:D7:14:2E:A7:16:93:E5:98:01 - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign -SHA1 Fingerprint=D5:EC:8D:7B:4C:BA:79:F4:E7:E8:CB:9D:6B:AE:77:83:10:03:21:6A -SHA256 Fingerprint=F3:89:6F:88:FE:7C:0A:88:27:66:A7:FA:6A:D2:74:9F:B5:7A:7F:3E:98:FB:76:9C:1F:A7:B0:9C:2C:44:D5:AE ------BEGIN CERTIFICATE----- -MIIFdDCCA1ygAwIBAgIQVW9l47TZkGobCdFsPsBsIDANBgkqhkiG9w0BAQsFADBU -MQswCQYDVQQGEwJDTjEmMCQGA1UECgwdQkVJSklORyBDRVJUSUZJQ0FURSBBVVRI -T1JJVFkxHTAbBgNVBAMMFEJKQ0EgR2xvYmFsIFJvb3QgQ0ExMB4XDTE5MTIxOTAz -MTYxN1oXDTQ0MTIxMjAzMTYxN1owVDELMAkGA1UEBhMCQ04xJjAkBgNVBAoMHUJF -SUpJTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZMR0wGwYDVQQDDBRCSkNBIEdsb2Jh -bCBSb290IENBMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAPFmCL3Z -xRVhy4QEQaVpN3cdwbB7+sN3SJATcmTRuHyQNZ0YeYjjlwE8R4HyDqKYDZ4/N+AZ -spDyRhySsTphzvq3Rp4Dhtczbu33RYx2N95ulpH3134rhxfVizXuhJFyV9xgw8O5 -58dnJCNPYwpj9mZ9S1WnP3hkSWkSl+BMDdMJoDIwOvqfwPKcxRIqLhy1BDPapDgR -at7GGPZHOiJBhyL8xIkoVNiMpTAK+BcWyqw3/XmnkRd4OJmtWO2y3syJfQOcs4ll -5+M7sSKGjwZteAf9kRJ/sGsciQ35uMt0WwfCyPQ10WRjeulumijWML3mG90Vr4Tq -nMfK9Q7q8l0ph49pczm+LiRvRSGsxdRpJQaDrXpIhRMsDQa4bHlW/KNnMoH1V6XK -V0Jp6VwkYe/iMBhORJhVb3rCk9gZtt58R4oRTklH2yiUAguUSiz5EtBP6DF+bHq/ -pj+bOT0CFqMYs2esWz8sgytnOYFcuX6U1WTdno9uruh8W7TXakdI136z1C2OVnZO -z2nxbkRs1CTqjSShGL+9V/6pmTW12xB3uD1IutbB5/EjPtffhZ0nPNRAvQoMvfXn -jSXWgXSHRtQpdaJCbPdzied9v3pKH9MiyRVVz99vfFXQpIsHETdfg6YmV6YBW37+ -WGgHqel62bno/1Afq8K0wM7o6v0PvY1NuLxxAgMBAAGjQjBAMB0GA1UdDgQWBBTF -7+3M2I0hxkjk49cULqcWk+WYATAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE -AwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAUoKsITQfI/Ki2Pm4rzc2IInRNwPWaZ+4 -YRC6ojGYWUfo0Q0lHhVBDOAqVdVXUsv45Mdpox1NcQJeXyFFYEhcCY5JEMEE3Kli -awLwQ8hOnThJdMkycFRtwUf8jrQ2ntScvd0g1lPJGKm1Vrl2i5VnZu69mP6u775u -+2D2/VnGKhs/I0qUJDAnyIm860Qkmss9vk/Ves6OF8tiwdneHg56/0OGNFK8YT88 -X7vZdrRTvJez/opMEi4r89fO4aL/3Xtw+zuhTaRjAv04l5U/BXCga99igUOLtFkN -SoxUnMW7gZ/NfaXvCyUeOiDbHPwfmGcCCtRzRBPbUYQaVQNW4AB+dAb/OMRyHdOo -P2gxXdMJxy6MW2Pg6Nwe0uxhHvLe5e/2mXZgLR6UcnHGCyoyx5JO1UbXHfmpGQrI -+pXObSOYqgs4rZpWDW+N8TEAiMEXnM0ZNjX+VVOg4DwzX5Ze4jLp3zO7Bkqp2IRz -znfSxqxx4VyjHQy7Ct9f4qNx2No3WqB4K/TUfet27fJhcKVlmtOJNBir+3I+17Q9 -eVzYH6Eze9mCUAyTF6ps3MKCuwJXNq+YJyo5UOGwifUll35HaBC07HPKs5fRJNz2 -YqAo07WjuGS3iGJCz51TzZm+ZGiPTx4SSPfSKcOYKMryMguTjClPPGAyzQWWYezy -r/6zcCwupvI= ------END CERTIFICATE----- -=== /C=CN/O=BEIJING CERTIFICATE AUTHORITY/CN=BJCA Global Root CA2 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 2c:17:08:7d:64:2a:c0:fe:85:18:59:06:cf:b4:4a:eb - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Dec 19 03:18:21 2019 GMT - Not After : Dec 12 03:18:21 2044 GMT - Subject: C=CN, O=BEIJING CERTIFICATE AUTHORITY, CN=BJCA Global Root CA2 - X509v3 extensions: - X509v3 Subject Key Identifier: - D2:4A:B1:51:7F:06:F0:D1:82:1F:4E:6E:5F:AB:83:FC:48:D4:B0:91 - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign -SHA1 Fingerprint=F4:27:86:EB:6E:B8:6D:88:31:67:02:FB:BA:66:A4:53:00:AA:7A:A6 -SHA256 Fingerprint=57:4D:F6:93:1E:27:80:39:66:7B:72:0A:FD:C1:60:0F:C2:7E:B6:6D:D3:09:29:79:FB:73:85:64:87:21:28:82 ------BEGIN CERTIFICATE----- -MIICJTCCAaugAwIBAgIQLBcIfWQqwP6FGFkGz7RK6zAKBggqhkjOPQQDAzBUMQsw -CQYDVQQGEwJDTjEmMCQGA1UECgwdQkVJSklORyBDRVJUSUZJQ0FURSBBVVRIT1JJ -VFkxHTAbBgNVBAMMFEJKQ0EgR2xvYmFsIFJvb3QgQ0EyMB4XDTE5MTIxOTAzMTgy -MVoXDTQ0MTIxMjAzMTgyMVowVDELMAkGA1UEBhMCQ04xJjAkBgNVBAoMHUJFSUpJ -TkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZMR0wGwYDVQQDDBRCSkNBIEdsb2JhbCBS -b290IENBMjB2MBAGByqGSM49AgEGBSuBBAAiA2IABJ3LgJGNU2e1uVCxA/jlSR9B -IgmwUVJY1is0j8USRhTFiy8shP8sbqjV8QnjAyEUxEM9fMEsxEtqSs3ph+B99iK+ -+kpRuDCK/eHeGBIK9ke35xe/J4rUQUyWPGCWwf0VHKNCMEAwHQYDVR0OBBYEFNJK -sVF/BvDRgh9Obl+rg/xI1LCRMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD -AgEGMAoGCCqGSM49BAMDA2gAMGUCMBq8W9f+qdJUDkpd0m2xQNz0Q9XSSpkZElaA -94M04TVOSG0ED1cxMDAtsaqdAzjbBgIxAMvMh1PLet8gUXOQwKhbYdDFUDn9hf7B -43j4ptZLvZuHjw/l1lOWqzzIQNph91Oj9w== ------END CERTIFICATE----- - -### Baltimore - -=== /C=IE/O=Baltimore/OU=CyberTrust/CN=Baltimore CyberTrust Root -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 33554617 (0x20000b9) - Signature Algorithm: sha1WithRSAEncryption - Validity - Not Before: May 12 18:46:00 2000 GMT - Not After : May 12 23:59:00 2025 GMT - Subject: C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root - X509v3 extensions: - X509v3 Subject Key Identifier: - E5:9D:59:30:82:47:58:CC:AC:FA:08:54:36:86:7B:3A:B5:04:4D:F0 - X509v3 Basic Constraints: critical - CA:TRUE, pathlen:3 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign -SHA1 Fingerprint=D4:DE:20:D0:5E:66:FC:53:FE:1A:50:88:2C:78:DB:28:52:CA:E4:74 -SHA256 Fingerprint=16:AF:57:A9:F6:76:B0:AB:12:60:95:AA:5E:BA:DE:F2:2A:B3:11:19:D6:44:AC:95:CD:4B:93:DB:F3:F2:6A:EB ------BEGIN CERTIFICATE----- -MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ -RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD -VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoX -DTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9y -ZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVy -VHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKr -mD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjr -IZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeK -mpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSu -XmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZy -dc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/ye -jl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1 -BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3 -DQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT92 -9hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx -jkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0 -Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz -ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS -R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp ------END CERTIFICATE----- - -### Buypass AS-983163327 - -=== /C=NO/O=Buypass AS-983163327/CN=Buypass Class 2 Root CA -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 2 (0x2) - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Oct 26 08:38:03 2010 GMT - Not After : Oct 26 08:38:03 2040 GMT - Subject: C=NO, O=Buypass AS-983163327, CN=Buypass Class 2 Root CA - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - C9:80:77:E0:62:92:82:F5:46:9C:F3:BA:F7:4C:C3:DE:B8:A3:AD:39 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign -SHA1 Fingerprint=49:0A:75:74:DE:87:0A:47:FE:58:EE:F6:C7:6B:EB:C6:0B:12:40:99 -SHA256 Fingerprint=9A:11:40:25:19:7C:5B:B9:5D:94:E6:3D:55:CD:43:79:08:47:B6:46:B2:3C:DF:11:AD:A4:A0:0E:FF:15:FB:48 ------BEGIN CERTIFICATE----- -MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd -MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg -Q2xhc3MgMiBSb290IENBMB4XDTEwMTAyNjA4MzgwM1oXDTQwMTAyNjA4MzgwM1ow -TjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MSAw -HgYDVQQDDBdCdXlwYXNzIENsYXNzIDIgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEB -BQADggIPADCCAgoCggIBANfHXvfBB9R3+0Mh9PT1aeTuMgHbo4Yf5FkNuud1g1Lr -6hxhFUi7HQfKjK6w3Jad6sNgkoaCKHOcVgb/S2TwDCo3SbXlzwx87vFKu3MwZfPV -L4O2fuPn9Z6rYPnT8Z2SdIrkHJasW4DptfQxh6NR/Md+oW+OU3fUl8FVM5I+GC91 -1K2GScuVr1QGbNgGE41b/+EmGVnAJLqBcXmQRFBoJJRfuLMR8SlBYaNByyM21cHx -MlAQTn/0hpPshNOOvEu/XAFOBz3cFIqUCqTqc/sLUegTBxj6DvEr0VQVfTzh97QZ -QmdiXnfgolXsttlpF9U6r0TtSsWe5HonfOV116rLJeffawrbD02TTqigzXsu8lkB -arcNuAeBfos4GzjmCleZPe4h6KP1DBbdi+w0jpwqHAAVF41og9JwnxgIzRFo1clr -Us3ERo/ctfPYV3Me6ZQ5BL/T3jjetFPsaRyifsSP5BtwrfKi+fv3FmRmaZ9JUaLi -FRhnBkp/1Wy1TbMz4GHrXb7pmA8y1x1LPC5aAVKRCfLf6o3YBkBjqhHk/sM3nhRS -P/TizPJhk9H9Z2vXUq6/aKtAQ6BXNVN48FP4YUIHZMbXb5tMOA1jrGKvNouicwoN -9SG9dKpN6nIDSdvHXx1iY8f93ZHsM+71bbRuMGjeyNYmsHVee7QHIJihdjK4TWxP -AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMmAd+BikoL1Rpzz -uvdMw964o605MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAU18h -9bqwOlI5LJKwbADJ784g7wbylp7ppHR/ehb8t/W2+xUbP6umwHJdELFx7rxP462s -A20ucS6vxOOto70MEae0/0qyexAQH6dXQbLArvQsWdZHEIjzIVEpMMpghq9Gqx3t -OluwlN5E40EIosHsHdb9T7bWR9AUC8rmyrV7d35BH16Dx7aMOZawP5aBQW9gkOLo -+fsicdl9sz1Gv7SEr5AcD48Saq/v7h56rgJKihcrdv6sVIkkLE8/trKnToyokZf7 -KcZ7XC25y2a2t6hbElGFtQl+Ynhw/qlqYLYdDnkM/crqJIByw5c/8nerQyIKx+u2 -DISCLIBrQYoIwOula9+ZEsuK1V6ADJHgJgg2SMX6OBE1/yWDLfJ6v9r9jv6ly0Us -H8SIU653DtmadsWOLB2jutXsMq7Aqqz30XpN69QH4kj3Io6wpJ9qzo6ysmD0oyLQ -I+uUWnpp3Q+/QFesa1lQ2aOZ4W7+jQF5JyMV3pKdewlNWudLSDBaGOYKbeaP4NK7 -5t98biGCwWg5TbSYWGZizEqQXsP6JwSxeRV0mcy+rSDeJmAc61ZRpqPq5KM/p/9h -3PFaTWwyI0PurKju7koSCTxdccK+efrCh2gdC/1cacwG0Jp9VJkqyTkaGa9LKkPz -Y11aWOIv4x3kqdbQCtCev9eBCfHJxyYNrJgWVqA= ------END CERTIFICATE----- -=== /C=NO/O=Buypass AS-983163327/CN=Buypass Class 3 Root CA -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 2 (0x2) - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Oct 26 08:28:58 2010 GMT - Not After : Oct 26 08:28:58 2040 GMT - Subject: C=NO, O=Buypass AS-983163327, CN=Buypass Class 3 Root CA - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 47:B8:CD:FF:E5:6F:EE:F8:B2:EC:2F:4E:0E:F9:25:B0:8E:3C:6B:C3 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign -SHA1 Fingerprint=DA:FA:F7:FA:66:84:EC:06:8F:14:50:BD:C7:C2:81:A5:BC:A9:64:57 -SHA256 Fingerprint=ED:F7:EB:BC:A2:7A:2A:38:4D:38:7B:7D:40:10:C6:66:E2:ED:B4:84:3E:4C:29:B4:AE:1D:5B:93:32:E6:B2:4D ------BEGIN CERTIFICATE----- -MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd -MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg -Q2xhc3MgMyBSb290IENBMB4XDTEwMTAyNjA4Mjg1OFoXDTQwMTAyNjA4Mjg1OFow -TjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MSAw -HgYDVQQDDBdCdXlwYXNzIENsYXNzIDMgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEB -BQADggIPADCCAgoCggIBAKXaCpUWUOOV8l6ddjEGMnqb8RB2uACatVI2zSRHsJ8Y -ZLya9vrVediQYkwiL944PdbgqOkcLNt4EemOaFEVcsfzM4fkoF0LXOBXByow9c3E -N3coTRiR5r/VUv1xLXA+58bEiuPwKAv0dpihi4dVsjoT/Lc+JzeOIuOoTyrvYLs9 -tznDDgFHmV0ST9tD+leh7fmdvhFHJlsTmKtdFoqwNxxXnUX/iJY2v7vKB3tvh2PX -0DJq1l1sDPGzbjniazEuOQAnFN44wOwZZoYS6J1yFhNkUsepNxz9gjDthBgd9K5c -/3ATAOux9TN6S9ZV+AWNS2mw9bMoNlwUxFFzTWsL8TQH2xc519woe2v1n/MuwU8X -KhDzzMro6/1rqy6any2CbgTUUgGTLT2G/H783+9CHaZr77kgxve9oKeV/afmiSTY -zIw0bOIjL9kSGiG5VZFvC5F5GQytQIgLcOJ60g7YaEi7ghM5EFjp2CoHxhLbWNvS -O1UQRwUVZ2J+GGOmRj8JDlQyXr8NYnon74Do29lLBlo3WiXQCBJ31G8JUJc9yB3D -34xFMFbG02SrZvPAXpacw8Tvw3xrizp5f7NJzz3iiZ+gMEuFuZyUJHmPfWupRWgP -K9Dx2hzLabjKSWJtyNBjYt1gD1iqj6G8BaVmos8bdrKEZLFMOVLAMLrwjEsCsLa3 -AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFEe4zf/lb+74suwv -Tg75JbCOPGvDMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAACAj -QTUEkMJAYmDv4jVM1z+s4jSQuKFvdvoWFqRINyzpkMLyPPgKn9iB5btb2iUspKdV -cSQy9sgL8rxq+JOssgfCX5/bzMiKqr5qb+FJEMwx14C7u8jYog5kV+qi9cKpMRXS -IGrs/CIBKM+GuIAeqcwRpTzyFrNHnfzSgCHEy9BHcEGhyoMZCCxt8l13nIoUE9Q2 -HJLw5QY33KbmkJs4j1xrG0aGQ0JfPgEHU1RdZX33inOhmlRaHylDFCfChQ+1iHsa -O5S3HWCntZznKWlXWpuTekMwGwPXYshApqr8ZORK15FTAaggiG6cX0S5y2CBNOxv -033aSF/rtJC8LakcC6wc1aJoIIAE1vyxjy+7SjENSoYc6+I2KSb12tjE8nVhz36u -dmNKekBlk4f4HoCMhuWG1o8O/FMsYOgWYRqiPkN7zTlgVGr18okmAWiDSKIz6MkE -kbIRNBE+6tBDGR8Dk5AM/1E9V/RBbuHLoL7ryWPNbczk+DaqaJ3tvV2XcEQNtg41 -3OEMXbugUZTLfhbrES+jkkXITHHZvMmZUldGL1DPvTVp9D0VzgalLA8+9oG6lLvD -u79leNKGef9JOxqDDPDeeOzI8k1MGt6CKfjBWtrt7uYnXuhF0J0cUahoq0Tj0Itq -4/g7u9xN12TyUb7mqqta6THuBrxzvxNiCp/HuZc= ------END CERTIFICATE----- - -### CERTSIGN SA - -=== /C=RO/O=CERTSIGN SA/OU=certSIGN ROOT CA G2 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 11:00:34:b6:4e:c6:36:2d:36 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Feb 6 09:27:35 2017 GMT - Not After : Feb 6 09:27:35 2042 GMT - Subject: C=RO, O=CERTSIGN SA, OU=certSIGN ROOT CA G2 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - 82:21:2D:66:C6:D7:A0:E0:15:EB:CE:4C:09:77:C4:60:9E:54:6E:03 -SHA1 Fingerprint=26:F9:93:B4:ED:3D:28:27:B0:B9:4B:A7:E9:15:1D:A3:8D:92:E5:32 -SHA256 Fingerprint=65:7C:FE:2F:A7:3F:AA:38:46:25:71:F3:32:A2:36:3A:46:FC:E7:02:09:51:71:07:02:CD:FB:B6:EE:DA:33:05 ------BEGIN CERTIFICATE----- -MIIFRzCCAy+gAwIBAgIJEQA0tk7GNi02MA0GCSqGSIb3DQEBCwUAMEExCzAJBgNV -BAYTAlJPMRQwEgYDVQQKEwtDRVJUU0lHTiBTQTEcMBoGA1UECxMTY2VydFNJR04g -Uk9PVCBDQSBHMjAeFw0xNzAyMDYwOTI3MzVaFw00MjAyMDYwOTI3MzVaMEExCzAJ -BgNVBAYTAlJPMRQwEgYDVQQKEwtDRVJUU0lHTiBTQTEcMBoGA1UECxMTY2VydFNJ -R04gUk9PVCBDQSBHMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMDF -dRmRfUR0dIf+DjuW3NgBFszuY5HnC2/OOwppGnzC46+CjobXXo9X69MhWf05N0Iw -vlDqtg+piNguLWkh59E3GE59kdUWX2tbAMI5Qw02hVK5U2UPHULlj88F0+7cDBrZ -uIt4ImfkabBoxTzkbFpG583H+u/E7Eu9aqSs/cwoUe+StCmrqzWaTOTECMYmzPhp -n+Sc8CnTXPnGFiWeI8MgwT0PPzhAsP6CRDiqWhqKa2NYOLQV07YRaXseVO6MGiKs -cpc/I1mbySKEwQdPzH/iV8oScLumZfNpdWO9lfsbl83kqK/20U6o2YpxJM02PbyW -xPFsqa7lzw1uKA2wDrXKUXt4FMMgL3/7FFXhEZn91QqhngLjYl/rNUssuHLoPj1P -rCy7Lobio3aP5ZMqz6WryFyNSwb/EkaseMsUBzXgqd+L6a8VTxaJW732jcZZroiF -DsGJ6x9nxUWO/203Nit4ZoORUSs9/1F3dmKh7Gc+PoGD4FapUB8fepmrY7+EF3fx -DTvf95xhszWYijqy7DwaNz9+j5LP2RIUZNoQAhVB/0/E6xyjyfqZ90bp4RjZsbgy -LcsUDFDYg2WD7rlcz8sFWkz6GZdr1l0T08JcVLwyc6B49fFtHsufpaafItzRUZ6C -eWRgKRM+o/1Pcmqr4tTluCRVLERLiohEnMqE0yo7AgMBAAGjQjBAMA8GA1UdEwEB -/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSCIS1mxteg4BXrzkwJ -d8RgnlRuAzANBgkqhkiG9w0BAQsFAAOCAgEAYN4auOfyYILVAzOBywaK8SJJ6ejq -kX/GM15oGQOGO0MBzwdw5AgeZYWR5hEit/UCI46uuR59H35s5r0l1ZUa8gWmr4UC -b6741jH/JclKyMeKqdmfS0mbEVeZkkMR3rYzpMzXjWR91M08KCy0mpbqTfXERMQl -qiCA2ClV9+BB/AYm/7k29UMUA2Z44RGx2iBfRgB4ACGlHgAoYXhvqAEBj500mv/0 -OJD7uNGzcgbJceaBxXntC6Z58hMLnPddDnskk7RI24Zf3lCGeOdA5jGokHZwYa+c -NywRtYK3qq4kNFtyDGkNzVmf9nGvnAvRCjj5BiKDUyUM/FHE5r7iOZULJK2v0ZXk -ltd0ZGtxTgI8qoXzIKNDOXZbbFD+mpwUHmUUihW9o4JFWklWatKcsWMy5WHgUyIO -pwpJ6st+H6jiYoD2EEVSmAYY3qXNL3+q1Ok+CHLsIwMCPKaq2LxndD0UF/tUSxfj -03k9bWtJySgOLnRQvwzZRjoQhsmnP+mg7H/rpXdYaXHmgwo38oZJar55CJD2AhZk -PuXaTH4MNMn5X7azKFGnpyuqSfqNZSlO42sTp5SjLVFteAxEy9/eCG/Oo2Sr05WE -1LlSVHJ7liXMvGnjSG4N0MedJ5qq+BOS3R7fY581qRY27Iy4g/Q9iY/NtBde17MX -QRBdJ3NghVdJIgc= ------END CERTIFICATE----- - -### COMODO CA Limited - -=== /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO Certification Authority -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 4e:81:2d:8a:82:65:e0:0b:02:ee:3e:35:02:46:e5:3d - Signature Algorithm: sha1WithRSAEncryption - Validity - Not Before: Dec 1 00:00:00 2006 GMT - Not After : Dec 31 23:59:59 2029 GMT - Subject: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO Certification Authority - X509v3 extensions: - X509v3 Subject Key Identifier: - 0B:58:E5:8B:C6:4C:15:37:A4:40:A9:30:A9:21:BE:47:36:5A:56:FF - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 CRL Distribution Points: - - Full Name: - URI:http://crl.comodoca.com/COMODOCertificationAuthority.crl - -SHA1 Fingerprint=66:31:BF:9E:F7:4F:9E:B6:C9:D5:A6:0C:BA:6A:BE:D1:F7:BD:EF:7B -SHA256 Fingerprint=0C:2C:D6:3D:F7:80:6F:A3:99:ED:E8:09:11:6B:57:5B:F8:79:89:F0:65:18:F9:80:8C:86:05:03:17:8B:AF:66 ------BEGIN CERTIFICATE----- -MIIEHTCCAwWgAwIBAgIQToEtioJl4AsC7j41AkblPTANBgkqhkiG9w0BAQUFADCB -gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G -A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNV -BAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEyMDEwMDAw -MDBaFw0yOTEyMzEyMzU5NTlaMIGBMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3Jl -YXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01P -RE8gQ0EgTGltaXRlZDEnMCUGA1UEAxMeQ09NT0RPIENlcnRpZmljYXRpb24gQXV0 -aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ECLi3LjkRv3 -UcEbVASY06m/weaKXTuH+7uIzg3jLz8GlvCiKVCZrts7oVewdFFxze1CkU1B/qnI -2GqGd0S7WWaXUF601CxwRM/aN5VCaTwwxHGzUvAhTaHYujl8HJ6jJJ3ygxaYqhZ8 -Q5sVW7euNJH+1GImGEaaP+vB+fGQV+useg2L23IwambV4EajcNxo2f8ESIl33rXp -+2dtQem8Ob0y2WIC8bGoPW43nOIv4tOiJovGuFVDiOEjPqXSJDlqR6sA1KGzqSX+ -DT+nHbrTUcELpNqsOO9VUCQFZUaTNE8tja3G1CEZ0o7KBWFxB3NH5YoZEr0ETc5O -nKVIrLsm9wIDAQABo4GOMIGLMB0GA1UdDgQWBBQLWOWLxkwVN6RAqTCpIb5HNlpW -/zAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBJBgNVHR8EQjBAMD6g -PKA6hjhodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9DZXJ0aWZpY2F0aW9u -QXV0aG9yaXR5LmNybDANBgkqhkiG9w0BAQUFAAOCAQEAPpiem/Yb6dc5t3iuHXIY -SdOH5EOC6z/JqvWote9VfCFSZfnVDeFs9D6Mk3ORLgLETgdxb8CPOGEIqB6BCsAv -IC9Bi5HcSEW88cbeunZrM8gALTFGTO3nnc+IlP8zwFboJIYmuNg4ON8qa90SzMc/ -RxdMosIGlgnW2/4/PEZB31jiVg88O8EckzXZOFKs7sjsLjBOlDW0JB9LeGna8gI4 -zJVSk/BwJVmcIGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5dd -BA6+C4OmF4O5MBKgxTMVBbkN+8cFduPYSo38NBejxiEovjBFMR7HeL5YYTisO+IB -ZQ== ------END CERTIFICATE----- -=== /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Certification Authority -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 1f:47:af:aa:62:00:70:50:54:4c:01:9e:9b:63:99:2a - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Mar 6 00:00:00 2008 GMT - Not After : Jan 18 23:59:59 2038 GMT - Subject: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO ECC Certification Authority - X509v3 extensions: - X509v3 Subject Key Identifier: - 75:71:A7:19:48:19:BC:9D:9D:EA:41:47:DF:94:C4:48:77:99:D3:79 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE -SHA1 Fingerprint=9F:74:4E:9F:2B:4D:BA:EC:0F:31:2C:50:B6:56:3B:8E:2D:93:C3:11 -SHA256 Fingerprint=17:93:92:7A:06:14:54:97:89:AD:CE:2F:8F:34:F7:F0:B6:6D:0F:3A:E3:A3:B8:4D:21:EC:15:DB:BA:4F:AD:C7 ------BEGIN CERTIFICATE----- -MIICiTCCAg+gAwIBAgIQH0evqmIAcFBUTAGem2OZKjAKBggqhkjOPQQDAzCBhTEL -MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE -BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMT -IkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwMzA2MDAw -MDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdy -ZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09N -T0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlv -biBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQDR3svdcmCFYX7deSR -FtSrYpn1PlILBs5BAH+X4QokPB0BBO490o0JlwzgdeT6+3eKKvUDYEs2ixYjFq0J -cfRK9ChQtP6IHG4/bC8vCVlbpVsLM5niwz2J+Wos77LTBumjQjBAMB0GA1UdDgQW -BBR1cacZSBm8nZ3qQUfflMRId5nTeTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/ -BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjEA7wNbeqy3eApyt4jf/7VGFAkK+qDm -fQjGGoe9GKhzvSbKYAydzpmfz1wPMOG+FDHqAjAU9JM8SaczepBGR7NjfRObTrdv -GDeAU/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdY= ------END CERTIFICATE----- -=== /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d - Signature Algorithm: sha384WithRSAEncryption - Validity - Not Before: Jan 19 00:00:00 2010 GMT - Not After : Jan 18 23:59:59 2038 GMT - Subject: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority - X509v3 extensions: - X509v3 Subject Key Identifier: - BB:AF:7E:02:3D:FA:A6:F1:3C:84:8E:AD:EE:38:98:EC:D9:32:32:D4 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE -SHA1 Fingerprint=AF:E5:D2:44:A8:D1:19:42:30:FF:47:9F:E2:F8:97:BB:CD:7A:8C:B4 -SHA256 Fingerprint=52:F0:E1:C4:E5:8E:C6:29:29:1B:60:31:7F:07:46:71:B8:5D:7E:A8:0D:5B:07:27:34:63:53:4B:32:B4:02:34 ------BEGIN CERTIFICATE----- -MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCB -hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G -A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV -BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMTE5 -MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgT -EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR -Q09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNh -dGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCR -6FSS0gpWsawNJN3Fz0RndJkrN6N9I3AAcbxT38T6KhKPS38QVr2fcHK3YX/JSw8X -pz3jsARh7v8Rl8f0hj4K+j5c+ZPmNHrZFGvnnLOFoIJ6dq9xkNfs/Q36nGz637CC -9BR++b7Epi9Pf5l/tfxnQ3K9DADWietrLNPtj5gcFKt+5eNu/Nio5JIk2kNrYrhV -/erBvGy2i/MOjZrkm2xpmfh4SDBF1a3hDTxFYPwyllEnvGfDyi62a+pGx8cgoLEf -Zd5ICLqkTqnyg0Y3hOvozIFIQ2dOciqbXL1MGyiKXCJ7tKuY2e7gUYPDCUZObT6Z -+pUX2nwzV0E8jVHtC7ZcryxjGt9XyD+86V3Em69FmeKjWiS0uqlWPc9vqv9JWL7w -qP/0uK3pN/u6uPQLOvnoQ0IeidiEyxPx2bvhiWC4jChWrBQdnArncevPDt09qZah -SL0896+1DSJMwBGB7FY79tOi4lu3sgQiUpWAk2nojkxl8ZEDLXB0AuqLZxUpaVIC -u9ffUGpVRr+goyhhf3DQw6KqLCGqR84onAZFdr+CGCe01a60y1Dma/RMhnEw6abf -Fobg2P9A3fvQQoh/ozM6LlweQRGBY84YcWsr7KaKtzFcOmpH4MN5WdYgGq/yapiq -crxXStJLnbsQ/LBMQeXtHT1eKJ2czL+zUdqnR+WEUwIDAQABo0IwQDAdBgNVHQ4E -FgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB -/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAArx1UaEt65Ru2yyTUEUAJNMnMvl -wFTPoCWOAvn9sKIN9SCYPBMtrFaisNZ+EZLpLrqeLppysb0ZRGxhNaKatBYSaVqM -4dc+pBroLwP0rmEdEBsqpIt6xf4FpuHA1sj+nq6PK7o9mfjYcwlYRm6mnPTXJ9OV -2jeDchzTc+CiR5kDOF3VSXkAKRzH7JsgHAckaVd4sjn8OoSgtZx8jb8uk2Intzna -FxiuvTwJaP+EmzzV1gsD41eeFPfR60/IvYcjt7ZJQ3mFXLrrkguhxuhoqEwWsRqZ -CuhTLJK7oQkYdQxlqHvLI7cawiiFwxv/0Cti76R7CZGYZ4wUAc1oBmpjIXUDgIiK -boHGhfKppC3n9KUkEEeDys30jXlYsQab5xoq2Z0B15R97QNKyvDb6KkBPvVWmcke -jkk9u+UJueBPSZI9FoJAzMxZxuY67RIuaTxslbH9qh17f4a+Hg4yRvv7E491f0yL -S0Zj/gA0QHDBw7mh3aZw4gSzQbzpgJHqZJx64SIDqZxubw5lT2yHh17zbqD5daWb -QOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk527RH89elWsn2/x20Kk4yl -0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7ILaZRfyHB -NVOFBkpdn627G190 ------END CERTIFICATE----- - -### Certainly - -=== /C=US/O=Certainly/CN=Certainly Root E1 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 06:25:33:b1:47:03:33:27:5c:f9:8d:9a:b9:bf:cc:f8 - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Apr 1 00:00:00 2021 GMT - Not After : Apr 1 00:00:00 2046 GMT - Subject: C=US, O=Certainly, CN=Certainly Root E1 - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - F3:28:18:CB:64:75:EE:29:2A:EB:ED:AE:23:58:38:85:EB:C8:22:07 -SHA1 Fingerprint=F9:E1:6D:DC:01:89:CF:D5:82:45:63:3E:C5:37:7D:C2:EB:93:6F:2B -SHA256 Fingerprint=B4:58:5F:22:E4:AC:75:6A:4E:86:12:A1:36:1C:5D:9D:03:1A:93:FD:84:FE:BB:77:8F:A3:06:8B:0F:C4:2D:C2 ------BEGIN CERTIFICATE----- -MIIB9zCCAX2gAwIBAgIQBiUzsUcDMydc+Y2aub/M+DAKBggqhkjOPQQDAzA9MQsw -CQYDVQQGEwJVUzESMBAGA1UEChMJQ2VydGFpbmx5MRowGAYDVQQDExFDZXJ0YWlu -bHkgUm9vdCBFMTAeFw0yMTA0MDEwMDAwMDBaFw00NjA0MDEwMDAwMDBaMD0xCzAJ -BgNVBAYTAlVTMRIwEAYDVQQKEwlDZXJ0YWlubHkxGjAYBgNVBAMTEUNlcnRhaW5s -eSBSb290IEUxMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE3m/4fxzf7flHh4axpMCK -+IKXgOqPyEpeKn2IaKcBYhSRJHpcnqMXfYqGITQYUBsQ3tA3SybHGWCA6TS9YBk2 -QNYphwk8kXr2vBMj3VlOBF7PyAIcGFPBMdjaIOlEjeR2o0IwQDAOBgNVHQ8BAf8E -BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU8ygYy2R17ikq6+2uI1g4 -hevIIgcwCgYIKoZIzj0EAwMDaAAwZQIxALGOWiDDshliTd6wT99u0nCK8Z9+aozm -ut6Dacpps6kFtZaSF4fC0urQe87YQVt8rgIwRt7qy12a7DLCZRawTDBcMPPaTnOG -BtjOiQRINzf43TNRnXCve1XYAS59BWQOhriR ------END CERTIFICATE----- -=== /C=US/O=Certainly/CN=Certainly Root R1 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 8e:0f:f9:4b:90:71:68:65:33:54:f4:d4:44:39:b7:e0 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Apr 1 00:00:00 2021 GMT - Not After : Apr 1 00:00:00 2046 GMT - Subject: C=US, O=Certainly, CN=Certainly Root R1 - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - E0:AA:3F:25:8D:9F:44:5C:C1:3A:E8:2E:AE:77:4C:84:3E:67:0C:F4 -SHA1 Fingerprint=A0:50:EE:0F:28:71:F4:27:B2:12:6D:6F:50:96:25:BA:CC:86:42:AF -SHA256 Fingerprint=77:B8:2C:D8:64:4C:43:05:F7:AC:C5:CB:15:6B:45:67:50:04:03:3D:51:C6:0C:62:02:A8:E0:C3:34:67:D3:A0 ------BEGIN CERTIFICATE----- -MIIFRzCCAy+gAwIBAgIRAI4P+UuQcWhlM1T01EQ5t+AwDQYJKoZIhvcNAQELBQAw -PTELMAkGA1UEBhMCVVMxEjAQBgNVBAoTCUNlcnRhaW5seTEaMBgGA1UEAxMRQ2Vy -dGFpbmx5IFJvb3QgUjEwHhcNMjEwNDAxMDAwMDAwWhcNNDYwNDAxMDAwMDAwWjA9 -MQswCQYDVQQGEwJVUzESMBAGA1UEChMJQ2VydGFpbmx5MRowGAYDVQQDExFDZXJ0 -YWlubHkgUm9vdCBSMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANA2 -1B/q3avk0bbm+yLA3RMNansiExyXPGhjZjKcA7WNpIGD2ngwEc/csiu+kr+O5MQT -vqRoTNoCaBZ0vrLdBORrKt03H2As2/X3oXyVtwxwhi7xOu9S98zTm/mLvg7fMbed -aFySpvXl8wo0tf97ouSHocavFwDvA5HtqRxOcT3Si2yJ9HiG5mpJoM610rCrm/b0 -1C7jcvk2xusVtyWMOvwlDbMicyF0yEqWYZL1LwsYpfSt4u5BvQF5+paMjRcCMLT5 -r3gajLQ2EBAHBXDQ9DGQilHFhiZ5shGIXsXwClTNSaa/ApzSRKft43jvRl5tcdF5 -cBxGX1HpyTfcX35pe0HfNEXgO4T0oYoKNp43zGJS4YkNKPl6I7ENPT2a/Z2B7yyQ -wHtETrtJ4A5KVpK8y7XdeReJkd5hiXSSqOMyhb5OhaRLWcsrxXiOcVTQAjeZjOVJ -6uBUcqQRBi8LjMFbvrWhsFNunLhgkR9Za/kt9JQKl7XsxXYDVBtlUrpMklZRNaBA -2CnbrlJ2Oy0wQJuK0EJWtLeIAaSHO1OWzaMWj/Nmqhexx2DgwUMFDO6bW2BvBlyH -Wyf5QBGenDPBt+U1VwV/J84XIIwc/PH72jEpSe31C4SnT8H2TsIonPru4K8H+zMR -eiFPCyEQtkA6qyI6BJyLm4SGcprSp6XEtHWRqSsjAgMBAAGjQjBAMA4GA1UdDwEB -/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTgqj8ljZ9EXME66C6u -d0yEPmcM9DANBgkqhkiG9w0BAQsFAAOCAgEAuVevuBLaV4OPaAszHQNTVfSVcOQr -PbA56/qJYv331hgELyE03fFo8NWWWt7CgKPBjcZq91l3rhVkz1t5BXdm6ozTaw3d -8VkswTOlMIAVRQdFGjEitpIAq5lNOo93r6kiyi9jyhXWx8bwPWz8HA2YEGGeEaIi -1wrykXprOQ4vMMM2SZ/g6Q8CRFA3lFV96p/2O7qUpUzpvD5RtOjKkjZUbVwlKNrd -rRT90+7iIgXr0PK3aBLXWopBGsaSpVo7Y0VPv+E6dyIvXL9G+VoDhRNCX8reU9di -taY1BMJH/5n9hN9czulegChB8n3nHpDYT3Y+gjwN/KUD+nsa2UUeYNrEjvn8K8l7 -lcUq/6qJ34IxD3L/DCfXCh5WAFAeDJDBlrXYFIW7pw0WwfgHJBu6haEaBQmAupVj -yTrsJZ9/nbqkRxWbRHDxakvWOF5D8xh+UG7pWijmZeZ3Gzr9Hb4DJqPb1OG7fpYn -Kx3upPvaJVQTA945xsMfTZDsjxtK0hzthZU4UHlG1sGQUDGpXJpuHfUzVounmdLy -yCwzk5Iwx06MZTMQZBf9JBeW0Y3COmor6xOLRPIh80oat3df1+2IpHLlOR+Vnb5n -wXARPbv0+Em34yaXOp/SX3z7wJl8OSngex2/DaeP0ik0biQVy96QXr8axGbqwua6 -OV+KmalBWQewLK8= ------END CERTIFICATE----- - -### China Financial Certification Authority - -=== /C=CN/O=China Financial Certification Authority/CN=CFCA EV ROOT -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 407555286 (0x184accd6) - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Aug 8 03:07:01 2012 GMT - Not After : Dec 31 03:07:01 2029 GMT - Subject: C=CN, O=China Financial Certification Authority, CN=CFCA EV ROOT - X509v3 extensions: - X509v3 Authority Key Identifier: - keyid:E3:FE:2D:FD:28:D0:0B:B5:BA:B6:A2:C4:BF:06:AA:05:8C:93:FB:2F - - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - E3:FE:2D:FD:28:D0:0B:B5:BA:B6:A2:C4:BF:06:AA:05:8C:93:FB:2F -SHA1 Fingerprint=E2:B8:29:4B:55:84:AB:6B:58:C2:90:46:6C:AC:3F:B8:39:8F:84:83 -SHA256 Fingerprint=5C:C3:D7:8E:4E:1D:5E:45:54:7A:04:E6:87:3E:64:F9:0C:F9:53:6D:1C:CC:2E:F8:00:F3:55:C4:C5:FD:70:FD ------BEGIN CERTIFICATE----- -MIIFjTCCA3WgAwIBAgIEGErM1jANBgkqhkiG9w0BAQsFADBWMQswCQYDVQQGEwJD -TjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9y -aXR5MRUwEwYDVQQDDAxDRkNBIEVWIFJPT1QwHhcNMTIwODA4MDMwNzAxWhcNMjkx -MjMxMDMwNzAxWjBWMQswCQYDVQQGEwJDTjEwMC4GA1UECgwnQ2hpbmEgRmluYW5j -aWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRUwEwYDVQQDDAxDRkNBIEVWIFJP -T1QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDXXWvNED8fBVnVBU03 -sQ7smCuOFR36k0sXgiFxEFLXUWRwFsJVaU2OFW2fvwwbwuCjZ9YMrM8irq93VCpL -TIpTUnrD7i7es3ElweldPe6hL6P3KjzJIx1qqx2hp/Hz7KDVRM8Vz3IvHWOX6Jn5 -/ZOkVIBMUtRSqy5J35DNuF++P96hyk0g1CXohClTt7GIH//62pCfCqktQT+x8Rgp -7hZZLDRJGqgG16iI0gNyejLi6mhNbiyWZXvKWfry4t3uMCz7zEasxGPrb382KzRz -EpR/38wmnvFyXVBlWY9ps4deMm/DGIq1lY+wejfeWkU7xzbh72fROdOXW3NiGUgt -hxwG+3SYIElz8AXSG7Ggo7cbcNOIabla1jj0Ytwli3i/+Oh+uFzJlU9fpy25IGvP -a931DfSCt/SyZi4QKPaXWnuWFo8BGS1sbn85WAZkgwGDg8NNkt0yxoekN+kWzqot -aK8KgWU6cMGbrU1tVMoqLUuFG7OA5nBFDWteNfB/O7ic5ARwiRIlk9oKmSJgamNg -TnYGmE69g60dWIolhdLHZR4tjsbftsbhf4oEIRUpdPA+nJCdDC7xij5aqgwJHsfV -PKPtl8MeNPo4+QgO48BdK4PRVmrJtqhUUy54Mmc9gn900PvhtgVguXDbjgv5E1hv -cWAQUhC5wUEJ73IfZzF4/5YFjQIDAQABo2MwYTAfBgNVHSMEGDAWgBTj/i39KNAL -tbq2osS/BqoFjJP7LzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAd -BgNVHQ4EFgQU4/4t/SjQC7W6tqLEvwaqBYyT+y8wDQYJKoZIhvcNAQELBQADggIB -ACXGumvrh8vegjmWPfBEp2uEcwPenStPuiB/vHiyz5ewG5zz13ku9Ui20vsXiObT -ej/tUxPQ4i9qecsAIyjmHjdXNYmEwnZPNDatZ8POQQaIxffu2Bq41gt/UP+TqhdL -jOztUmCypAbqTuv0axn96/Ua4CUqmtzHQTb3yHQFhDmVOdYLO6Qn+gjYXB74BGBS -ESgoA//vU2YApUo0FmZ8/Qmkrp5nGm9BC2sGE5uPhnEFtC+NiWYzKXZUmhH4J/qy -P5Hgzg0b8zAarb8iXRvTvyUFTeGSGn+ZnzxEk8rUQElsgIfXBDrDMlI1Dlb4pd19 -xIsNER9Tyx6yF7Zod1rg1MvIB671Oi6ON7fQAUtDKXeMOZePglr4UeWJoBjnaH9d -Ci77o0cOPaYjesYBx4/IXr9tgFa+iiS6M+qf4TIRnvHST4D2G0CvOJ4RUHlzEhLN -5mydLIhyPDCBBpEi6lmt2hkuIsKNuYyH4Ga8cyNfIWRjgEj1oDwYPZTISEEdQLpe -/v5WOaHIz16eGWRGENoXkbcFgKyLmZJ956LYBws2J+dIeWCKw9cTXPhyQN9Ky8+Z -AAoACxGV2lZFA4gKn2fQ1XmxqI1AbQ3CekD6819kR5LLU7m7Wc5P/dAVUwHY3+vZ -5nbv0CO7O6l5s9UCKc2Jo5YPSjXnTkLAdc0Hz+Ys63su ------END CERTIFICATE----- - -### Chunghwa Telecom Co., Ltd. - -=== /C=TW/O=Chunghwa Telecom Co., Ltd./CN=HiPKI Root CA - G1 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 2d:dd:ac:ce:62:97:94:a1:43:e8:b0:cd:76:6a:5e:60 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Feb 22 09:46:04 2019 GMT - Not After : Dec 31 15:59:59 2037 GMT - Subject: C=TW, O=Chunghwa Telecom Co., Ltd., CN=HiPKI Root CA - G1 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - F2:77:17:FA:5E:A8:FE:F6:3D:71:D5:68:BA:C9:46:0C:38:D8:AF:B0 - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign -SHA1 Fingerprint=6A:92:E4:A8:EE:1B:EC:96:45:37:E3:29:57:49:CD:96:E3:E5:D2:60 -SHA256 Fingerprint=F0:15:CE:3C:C2:39:BF:EF:06:4B:E9:F1:D2:C4:17:E1:A0:26:4A:0A:94:BE:1F:0C:8D:12:18:64:EB:69:49:CC ------BEGIN CERTIFICATE----- -MIIFajCCA1KgAwIBAgIQLd2szmKXlKFD6LDNdmpeYDANBgkqhkiG9w0BAQsFADBP -MQswCQYDVQQGEwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0 -ZC4xGzAZBgNVBAMMEkhpUEtJIFJvb3QgQ0EgLSBHMTAeFw0xOTAyMjIwOTQ2MDRa -Fw0zNzEyMzExNTU5NTlaME8xCzAJBgNVBAYTAlRXMSMwIQYDVQQKDBpDaHVuZ2h3 -YSBUZWxlY29tIENvLiwgTHRkLjEbMBkGA1UEAwwSSGlQS0kgUm9vdCBDQSAtIEcx -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9B5/UnMyDHPkvRN0o9Qw -qNCuS9i233VHZvR85zkEHmpwINJaR3JnVfSl6J3VHiGh8Ge6zCFovkRTv4354twv -Vcg3Px+kwJyz5HdcoEb+d/oaoDjq7Zpy3iu9lFc6uux55199QmQ5eiY29yTw1S+6 -lZgRZq2XNdZ1AYDgr/SEYYwNHl98h5ZeQa/rh+r4XfEuiAU+TCK72h8q3VJGZDnz -Qs7ZngyzsHeXZJzA9KMuH5UHsBffMNsAGJZMoYFL3QRtU6M9/Aes1MU3guvklQgZ -KILSQjqj2FPseYlgSGDIcpJQ3AOPgz+yQlda22rpEZfdhSi8MEyr48KxRURHH+CK -FgeW0iEPU8DtqX7UTuybCeyvQqww1r/REEXgphaypcXTT3OUM3ECoWqj1jOXTyFj -HluP2cFeRXF3D4FdXyGarYPM+l7WjSNfGz1BryB1ZlpK9p/7qxj3ccC2HTHsOyDr -y+K49a6SsvfhhEvyovKTmiKe0xRvNlS9H15ZFblzqMF8b3ti6RZsR1pl8w4Rm0bZ -/W3c1pzAtH2lsN0/Vm+h+fbkEkj9Bn8SV7apI09bA8PgcSojt/ewsTu8mL3WmKgM -a/aOEmem8rJY5AIJEzypuxC00jBF8ez3ABHfZfjcK0NVvxaXxA/VLGGEqnKG/uY6 -fsI/fe78LxQ+5oXdUG+3Se0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNV -HQ4EFgQU8ncX+l6o/vY9cdVouslGDDjYr7AwDgYDVR0PAQH/BAQDAgGGMA0GCSqG -SIb3DQEBCwUAA4ICAQBQUfB13HAE4/+qddRxosuej6ip0691x1TPOhwEmSKsxBHi -7zNKpiMdDg1H2DfHb680f0+BazVP6XKlMeJ45/dOlBhbQH3PayFUhuaVevvGyuqc -SE5XCV0vrPSltJczWNWseanMX/mF+lLFjfiRFOs6DRfQUsJ748JzjkZ4Bjgs6Fza -ZsT0pPBWGTMpWmWSBUdGSquEwx4noR8RkpkndZMPvDY7l1ePJlsMu5wP1G4wB9Tc -XzZoZjmDlicmisjEOf6aIW/Vcobpf2Lll07QJNBAsNB1CI69aO4I1258EHBGG3zg -iLKecoaZAeO/n0kZtCW+VmWuF2PlHt/o/0elv+EmBYTksMCv5wiZqAxeJoBF1Pho -L5aPruJKHJwWDBNvOIf2u8g0X5IDUXlwpt/L9ZlNec1OvFefQ05rLisY+GpzjLrF -Ne85akEez3GoorKGB1s6yeHvP2UEgEcyRHCVTjFnanRbEEV16rCf0OY1/k6fi8wr -kkVbbiVghUbN0aqwdmaTd5a+g744tiROJgvM7XpWGuDpWsZkrUx6AEhEL7lAuxM+ -vhV4nYWBSipX3tUZQ9rbyltHhoMLP7YNdnhzeSJesYAfz77RP1YQmCuVh6EfnWQU -YDksswBVLuT1sw5XxJFBAJw/6KXf6vb/yPCtbVKoF6ubYfwSUTXkJf2vqmqGOQ== ------END CERTIFICATE----- -=== /C=TW/O=Chunghwa Telecom Co., Ltd./OU=ePKI Root Certification Authority -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 15:c8:bd:65:47:5c:af:b8:97:00:5e:e4:06:d2:bc:9d - Signature Algorithm: sha1WithRSAEncryption - Validity - Not Before: Dec 20 02:31:27 2004 GMT - Not After : Dec 20 02:31:27 2034 GMT - Subject: C=TW, O=Chunghwa Telecom Co., Ltd., OU=ePKI Root Certification Authority - X509v3 extensions: - X509v3 Subject Key Identifier: - 1E:0C:F7:B6:67:F2:E1:92:26:09:45:C0:55:39:2E:77:3F:42:4A:A2 - X509v3 Basic Constraints: - CA:TRUE - setCext-hashedRoot: - 0/0-...0...+......0...g*.....E... -V|.[x....S..... -SHA1 Fingerprint=67:65:0D:F1:7E:8E:7E:5B:82:40:A4:F4:56:4B:CF:E2:3D:69:C6:F0 -SHA256 Fingerprint=C0:A6:F4:DC:63:A2:4B:FD:CF:54:EF:2A:6A:08:2A:0A:72:DE:35:80:3E:2F:F5:FF:52:7A:E5:D8:72:06:DF:D5 ------BEGIN CERTIFICATE----- -MIIFsDCCA5igAwIBAgIQFci9ZUdcr7iXAF7kBtK8nTANBgkqhkiG9w0BAQUFADBe -MQswCQYDVQQGEwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0 -ZC4xKjAoBgNVBAsMIWVQS0kgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe -Fw0wNDEyMjAwMjMxMjdaFw0zNDEyMjAwMjMxMjdaMF4xCzAJBgNVBAYTAlRXMSMw -IQYDVQQKDBpDaHVuZ2h3YSBUZWxlY29tIENvLiwgTHRkLjEqMCgGA1UECwwhZVBL -SSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG9w0BAQEF -AAOCAg8AMIICCgKCAgEA4SUP7o3biDN1Z82tH306Tm2d0y8U82N0ywEhajfqhFAH -SyZbCUNsIZ5qyNUD9WBpj8zwIuQf5/dqIjG3LBXy4P4AakP/h2XGtRrBp0xtInAh -ijHyl3SJCRImHJ7K2RKilTza6We/CKBk49ZCt0Xvl/T29de1ShUCWH2YWEtgvM3X -DZoTM1PRYfl61dd4s5oz9wCGzh1NlDivqOx4UXCKXBCDUSH3ET00hl7lSM2XgYI1 -TBnsZfZrxQWh7kcT1rMhJ5QQCtkkO7q+RBNGMD+XPNjX12ruOzjjK9SXDrkb5wdJ -fzcq+Xd4z1TtW0ado4AOkUPB1ltfFLqfpo0kR0BZv3I4sjZsN/+Z0V0OWQqraffA -sgRFelQArr5T9rXn4fg8ozHSqf4hUmTFpmfwdQcGlBSBVcYn5AGPF8Fqcde+S/uU -WH1+ETOxQvdibBjWzwloPn9s9h6PYq2lY9sJpx8iQkEeb5mKPtf5P0B6ebClAZLS -nT0IFaUQAS2zMnaolQ2zepr7BxB4EW/hj8e6DyUadCrlHJhBmd8hh+iVBmoKs2pH -dmX2Os+PYhcZewoozRrSgx4hxyy/vv9haLdnG7t4TY3OZ+XkwY63I2binZB1NJip -NiuKmpS5nezMirH4JYlcWrYvjB9teSSnUmjDhDXiZo1jDiVN1Rmy5nk3pyKdVDEC -AwEAAaNqMGgwHQYDVR0OBBYEFB4M97Zn8uGSJglFwFU5Lnc/QkqiMAwGA1UdEwQF -MAMBAf8wOQYEZyoHAAQxMC8wLQIBADAJBgUrDgMCGgUAMAcGBWcqAwAABBRFsMLH -ClZ87lt4DJX5GFPBphzYEDANBgkqhkiG9w0BAQUFAAOCAgEACbODU1kBPpVJufGB -uvl2ICO1J2B01GqZNF5sAFPZn/KmsSQHRGoqxqWOeBLoR9lYGxMqXnmbnwoqZ6Yl -PwZpVnPDimZI+ymBV3QGypzqKOg4ZyYr8dW1P2WT+DZdjo2NQCCHGervJ8A9tDkP -JXtoUHRVnAxZfVo9QZQlUgjgRywVMRnVvwdVxrsStZf0X4OFunHB2WyBEXYKCrC/ -gpf36j36+uwtqSiUO1bd0lEursC9CBWMd1I0ltabrNMdjmEPNXubrjlpC2JgQCA2 -j6/7Nu4tCEoduL+bXPjqpRugc6bY+G7gMwRfaKonh+3ZwZCc7b3jajWvY9+rGNm6 -5ulK6lCKD2GTHuItGeIwlDWSXQ62B68ZgI9HkFFLLk3dheLSClIKF5r8GrBQAuUB -o2M3IUxExJtRmREOc5wGj1QupyheRDmHVi03vYVElOEMSyycw5KFNGHLD7ibSkNS -/jQ6fbjpKdx2qcgw+BRxgMYeNkh0IkFch4LoGHGLQYlE535YW6i4jRPpp2zDR+2z -Gp1iro2C6pSe3VkQw63d4k3jMdXH7OjysP6SHhYKGvzZ8/gntsm+HbRsZJB/9OTE -W9c3rkIO3aQab3yIVMUWbuF6aC74Or8NpDyJO3inTmODBCEIZ43ygknQW/2xzQ+D -hNQ+IIX3Sj0rnP0qCglN6oH4EZw= ------END CERTIFICATE----- - -### CommScope - -=== /C=US/O=CommScope/CN=CommScope Public Trust ECC Root-01 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 43:70:82:77:cf:4d:5d:34:f1:ca:ae:32:2f:37:f7:f4:7f:75:a0:9e - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Apr 28 17:35:43 2021 GMT - Not After : Apr 28 17:35:42 2046 GMT - Subject: C=US, O=CommScope, CN=CommScope Public Trust ECC Root-01 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - 8E:07:62:C0:50:DD:C6:19:06:00:46:74:04:F7:F3:AE:7D:75:4D:30 -SHA1 Fingerprint=07:86:C0:D8:DD:8E:C0:80:98:06:98:D0:58:7A:EF:DE:A6:CC:A2:5D -SHA256 Fingerprint=11:43:7C:DA:7B:B4:5E:41:36:5F:45:B3:9A:38:98:6B:0D:E0:0D:EF:34:8E:0C:7B:B0:87:36:33:80:0B:C3:8B ------BEGIN CERTIFICATE----- -MIICHTCCAaOgAwIBAgIUQ3CCd89NXTTxyq4yLzf39H91oJ4wCgYIKoZIzj0EAwMw -TjELMAkGA1UEBhMCVVMxEjAQBgNVBAoMCUNvbW1TY29wZTErMCkGA1UEAwwiQ29t -bVNjb3BlIFB1YmxpYyBUcnVzdCBFQ0MgUm9vdC0wMTAeFw0yMTA0MjgxNzM1NDNa -Fw00NjA0MjgxNzM1NDJaME4xCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlDb21tU2Nv -cGUxKzApBgNVBAMMIkNvbW1TY29wZSBQdWJsaWMgVHJ1c3QgRUNDIFJvb3QtMDEw -djAQBgcqhkjOPQIBBgUrgQQAIgNiAARLNumuV16ocNfQj3Rid8NeeqrltqLxeP0C -flfdkXmcbLlSiFS8LwS+uM32ENEp7LXQoMPwiXAZu1FlxUOcw5tjnSCDPgYLpkJE -hRGnSjot6dZoL0hOUysHP029uax3OVejQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYD -VR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSOB2LAUN3GGQYARnQE9/OufXVNMDAKBggq -hkjOPQQDAwNoADBlAjEAnDPfQeMjqEI2Jpc1XHvr20v4qotzVRVcrHgpD7oh2MSg -2NED3W3ROT3Ek2DS43KyAjB8xX6I01D1HiXo+k515liWpDVfG2XqYZpwI7UNo5uS -Um9poIyNStDuiw7LR47QjRE= ------END CERTIFICATE----- -=== /C=US/O=CommScope/CN=CommScope Public Trust ECC Root-02 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 28:fd:99:60:41:47:a6:01:3a:ca:14:7b:1f:ef:f9:68:08:83:5d:7d - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Apr 28 17:44:54 2021 GMT - Not After : Apr 28 17:44:53 2046 GMT - Subject: C=US, O=CommScope, CN=CommScope Public Trust ECC Root-02 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - E6:18:75:FF:EF:60:DE:84:A4:F5:46:C7:DE:4A:55:E3:32:36:79:F5 -SHA1 Fingerprint=3C:3F:EF:57:0F:FE:65:93:86:9E:A0:FE:B0:F6:ED:8E:D1:13:C7:E5 -SHA256 Fingerprint=2F:FB:7F:81:3B:BB:B3:C8:9A:B4:E8:16:2D:0F:16:D7:15:09:A8:30:CC:9D:73:C2:62:E5:14:08:75:D1:AD:4A ------BEGIN CERTIFICATE----- -MIICHDCCAaOgAwIBAgIUKP2ZYEFHpgE6yhR7H+/5aAiDXX0wCgYIKoZIzj0EAwMw -TjELMAkGA1UEBhMCVVMxEjAQBgNVBAoMCUNvbW1TY29wZTErMCkGA1UEAwwiQ29t -bVNjb3BlIFB1YmxpYyBUcnVzdCBFQ0MgUm9vdC0wMjAeFw0yMTA0MjgxNzQ0NTRa -Fw00NjA0MjgxNzQ0NTNaME4xCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlDb21tU2Nv -cGUxKzApBgNVBAMMIkNvbW1TY29wZSBQdWJsaWMgVHJ1c3QgRUNDIFJvb3QtMDIw -djAQBgcqhkjOPQIBBgUrgQQAIgNiAAR4MIHoYx7l63FRD/cHB8o5mXxO1Q/MMDAL -j2aTPs+9xYa9+bG3tD60B8jzljHz7aRP+KNOjSkVWLjVb3/ubCK1sK9IRQq9qEmU -v4RDsNuESgMjGWdqb8FuvAY5N9GIIvejQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYD -VR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTmGHX/72DehKT1RsfeSlXjMjZ59TAKBggq -hkjOPQQDAwNnADBkAjAmc0l6tqvmSfR9Uj/UQQSugEODZXW5hYA4O9Zv5JOGq4/n -ich/m35rChJVYaoR4HkCMHfoMXGsPHED1oQmHhS48zs73u1Z/GtMMH9ZzkXpc2AV -mkzw5l4lIhVtwodZ0LKOag== ------END CERTIFICATE----- -=== /C=US/O=CommScope/CN=CommScope Public Trust RSA Root-01 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 3e:03:49:81:75:16:74:31:8e:4c:ab:d5:c5:90:29:96:c5:39:10:dd - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Apr 28 16:45:54 2021 GMT - Not After : Apr 28 16:45:53 2046 GMT - Subject: C=US, O=CommScope, CN=CommScope Public Trust RSA Root-01 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - 37:5D:A6:9A:74:32:C2:C2:F9:C7:A6:15:10:59:B8:E4:FD:E5:B8:6D -SHA1 Fingerprint=6D:0A:5F:F7:B4:23:06:B4:85:B3:B7:97:64:FC:AC:75:F5:33:F2:93 -SHA256 Fingerprint=02:BD:F9:6E:2A:45:DD:9B:F1:8F:C7:E1:DB:DF:21:A0:37:9B:A3:C9:C2:61:03:44:CF:D8:D6:06:FE:C1:ED:81 ------BEGIN CERTIFICATE----- -MIIFbDCCA1SgAwIBAgIUPgNJgXUWdDGOTKvVxZAplsU5EN0wDQYJKoZIhvcNAQEL -BQAwTjELMAkGA1UEBhMCVVMxEjAQBgNVBAoMCUNvbW1TY29wZTErMCkGA1UEAwwi -Q29tbVNjb3BlIFB1YmxpYyBUcnVzdCBSU0EgUm9vdC0wMTAeFw0yMTA0MjgxNjQ1 -NTRaFw00NjA0MjgxNjQ1NTNaME4xCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlDb21t -U2NvcGUxKzApBgNVBAMMIkNvbW1TY29wZSBQdWJsaWMgVHJ1c3QgUlNBIFJvb3Qt -MDEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCwSGWjDR1C45FtnYSk -YZYSwu3D2iM0GXb26v1VWvZVAVMP8syMl0+5UMuzAURWlv2bKOx7dAvnQmtVzslh -suitQDy6uUEKBU8bJoWPQ7VAtYXR1HHcg0Hz9kXHgKKEUJdGzqAMxGBWBB0HW0al -DrJLpA6lfO741GIDuZNqihS4cPgugkY4Iw50x2tBt9Apo52AsH53k2NC+zSDO3Oj -WiE260f6GBfZumbCk6SP/F2krfxQapWsvCQz0b2If4b19bJzKo98rwjyGpg/qYFl -P8GMicWWMJoKz/TUyDTtnS+8jTiGU+6Xn6myY5QXjQ/cZip8UlF1y5mO6D1cv547 -KI2DAg+pn3LiLCuz3GaXAEDQpFSOm117RTYm1nJD68/A6g3czhLmfTifBSeolz7p -UcZsBSjBAg/pGG3svZwG1KdJ9FQFa2ww8esD1eo9anbCyxooSU1/ZOD6K9pzg4H/ -kQO9lLvkuI6cMmPNn7togbGEW682v3fuHX/3SZtS7NJ3Wn2RnU3COS3kuoL4b/JO -Hg9O5j9ZpSPcPYeoKFgo0fEbNttPxP/hjFtyjMcmAyejOQoBqsCyMWCDIqFPEgkB -Ea801M/XrmLTBQe0MXXgDW1XT2mH+VepuhX2yFJtocucH+X8eKg1mp9BFM6ltM6U -CBwJrVbl2rZJmkrqYxhTnCwuwwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4G -A1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUN12mmnQywsL5x6YVEFm45P3luG0wDQYJ -KoZIhvcNAQELBQADggIBAK+nz97/4L1CjU3lIpbfaOp9TSp90K09FlxD533Ahuh6 -NWPxzIHIxgvoLlI1pKZJkGNRrDSsBTtXAOnTYtPZKdVUvhwQkZyybf5Z/Xn36lbQ -nmhUQo8mUuJM3y+Xpi/SB5io82BdS5pYV4jvguX6r2yBS5KPQJqTRlnLX3gWsWc+ -QgvfKNmwrZggvkN80V4aCRckjXtdlemrwWCrWxhkgPut4AZ9HcpZuPN4KWfGVh2v -trV0KnahP/t1MJ+UXjulYPPLXAziDslg+MkfFoom3ecnf+slpoq9uC02EJqxWE2a -aE9gVOX2RhOOiKy8IUISrcZKiX2bwdgt6ZYD9KJ0DLwAHb/WNyVntHKLr4W96ioD -j8z7PEQkguIBpQtZtjSNMgsSDesnwv1B10A8ckYpwIzqug/xBpMu95yo9GA+o/E4 -Xo4TwbM6l4c/ksp4qRyv0LAbJh6+cOx69TOY6lz/KwsETkPdY34Op054A5U+1C0w -lREQKC6/oAI+/15Z0wUOlV9TRe9rh9VIzRamloPh37MG88EU26fsHItdkJANclHn -YfkUyq+Dj7+vsQpZXdxc1+SWrVtgHdqul7I52Qb1dgAT+GhMIbA1xNxVssnBQVoc -icCMb3SgazNNtQEo/a2tiRc7ppqEvOuM6sRxJKi6KfkIsidWNTJf6jn7MZrVGczw ------END CERTIFICATE----- -=== /C=US/O=CommScope/CN=CommScope Public Trust RSA Root-02 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 54:16:bf:3b:7e:39:95:71:8d:d1:aa:00:a5:86:0d:2b:8f:7a:05:4e - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Apr 28 17:16:43 2021 GMT - Not After : Apr 28 17:16:42 2046 GMT - Subject: C=US, O=CommScope, CN=CommScope Public Trust RSA Root-02 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - 47:D0:E7:B1:22:FF:9D:2C:F5:D9:57:60:B3:B1:B1:70:95:EF:61:7A -SHA1 Fingerprint=EA:B0:E2:52:1B:89:93:4C:11:68:F2:D8:9A:AC:22:4C:A3:8A:57:AE -SHA256 Fingerprint=FF:E9:43:D7:93:42:4B:4F:7C:44:0C:1C:3D:64:8D:53:63:F3:4B:82:DC:87:AA:7A:9F:11:8F:C5:DE:E1:01:F1 ------BEGIN CERTIFICATE----- -MIIFbDCCA1SgAwIBAgIUVBa/O345lXGN0aoApYYNK496BU4wDQYJKoZIhvcNAQEL -BQAwTjELMAkGA1UEBhMCVVMxEjAQBgNVBAoMCUNvbW1TY29wZTErMCkGA1UEAwwi -Q29tbVNjb3BlIFB1YmxpYyBUcnVzdCBSU0EgUm9vdC0wMjAeFw0yMTA0MjgxNzE2 -NDNaFw00NjA0MjgxNzE2NDJaME4xCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlDb21t -U2NvcGUxKzApBgNVBAMMIkNvbW1TY29wZSBQdWJsaWMgVHJ1c3QgUlNBIFJvb3Qt -MDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDh+g77aAASyE3VrCLE -NQE7xVTlWXZjpX/rwcRqmL0yjReA61260WI9JSMZNRTpf4mnG2I81lDnNJUDMrG0 -kyI9p+Kx7eZ7Ti6Hmw0zdQreqjXnfuU2mKKuJZ6VszKWpCtYHu8//mI0SFHRtI1C -rWDaSWqVcN3SAOLMV2MCe5bdSZdbkk6V0/nLKR8YSvgBKtJjCW4k6YnS5cciTNxz -hkcAqg2Ijq6FfUrpuzNPDlJwnZXjfG2WWy09X6GDRl224yW4fKcZgBzqZUPckXk2 -LHR88mcGyYnJ27/aaL8j7dxrrSiDeS/sOKUNNwFnJ5rpM9kzXzehxfCrPfp4sOcs -n/Y+n2Dg70jpkEUeBVF4GiwSLFworA2iI540jwXmojPOEXcT1A6kHkIfhs1w/tku -FT0du7jyU1fbzMZ0KZwYszZ1OC4PVKH4kh+Jlk+71O6d6Ts2QrUKOyrUZHk2EOH5 -kQMreyBUzQ0ZGshBMjTRsJnhkB4BQDa1t/qp5Xd1pCKBXbCL5CcSD1SIxtuFdOa3 -wNemKfrb3vOTlycEVS8KbzfFPROvCgCpLIscgSjX74Yxqa7ybrjKaixUR9gqiC6v -wQcQeKwRoi9C8DfF8rhW3Q5iLc4tVn5V8qdE9isy9COoR+jUKgF4z2rDN6ieZdIs -5fq6M8EGRPbmz6UNp2YINIos8wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4G -A1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUR9DnsSL/nSz12Vdgs7GxcJXvYXowDQYJ -KoZIhvcNAQELBQADggIBAIZpsU0v6Z9PIpNojuQhmaPORVMbc0RTAIFhzTHjCLqB -KCh6krm2qMhDnscTJk3C2OVVnJJdUNjCK9v+5qiXz1I6JMNlZFxHMaNlNRPDk7n3 -+VGXu6TwYofF1gbTl4MgqX67tiHCpQ2EAOHyJxCDut0DgdXdaMNmEMjRdrSzbyme -APnCKfWxkxlSaRosTKCL4BWaMS/TiJVZbuXEs1DIFAhKm4sTg7GkcrI7djNB3Nyq -pgdvHSQSn8h2vS/ZjvQs7rfSOBAkNlEv41xdgSGn2rtO/+YHqP65DSdsu3BaVXoT -6fEqSWnHX4dXTEN5bTpl6TBcQe7rd6VzEojov32u5cSoHw2OHG1QAk8mGEPej1WF -sQs3BWDJVTkSBKEqz3EWnzZRSb9wO55nnPt7eck5HHisd5FUmrh1CoFSl+NmYWvt -PjgelmFV4ZFUjO2MJB+ByRCac5krFk5yAD9UG/iNuovnFNa2RU9g7Jauwy8CTl2d -lklyALKrdVwPaFsdZcJfMw8eD/A7hvWwTruc9+olBdytoptLFwG+Qt81IR2tq670 -v64fG9PiO/yzcnMcmyiQiRM9HcEARwmWmjgb3bHPDcK0RPOWlc4yOo80nOAXx17O -rg3bhzjlP1v9mxnhMUF6cKojawHhRUzNlM47ni3niAIi9G7oyOzWPPO5std3eqx7 ------END CERTIFICATE----- - -### Comodo CA Limited - -=== /C=GB/ST=Greater Manchester/L=Salford/O=Comodo CA Limited/CN=AAA Certificate Services -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 1 (0x1) - Signature Algorithm: sha1WithRSAEncryption - Validity - Not Before: Jan 1 00:00:00 2004 GMT - Not After : Dec 31 23:59:59 2028 GMT - Subject: C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services - X509v3 extensions: - X509v3 Subject Key Identifier: - A0:11:0A:23:3E:96:F1:07:EC:E2:AF:29:EF:82:A5:7F:D0:30:A4:B4 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 CRL Distribution Points: - - Full Name: - URI:http://crl.comodoca.com/AAACertificateServices.crl - - Full Name: - URI:http://crl.comodo.net/AAACertificateServices.crl - -SHA1 Fingerprint=D1:EB:23:A4:6D:17:D6:8F:D9:25:64:C2:F1:F1:60:17:64:D8:E3:49 -SHA256 Fingerprint=D7:A7:A0:FB:5D:7E:27:31:D7:71:E9:48:4E:BC:DE:F7:1D:5F:0C:3E:0A:29:48:78:2B:C8:3E:E0:EA:69:9E:F4 ------BEGIN CERTIFICATE----- -MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEb -MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow -GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UEAwwYQUFBIENlcnRpZmlj -YXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVowezEL -MAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE -BwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNVBAMM -GEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAL5AnfRu4ep2hxxNRUSOvkbIgwadwSr+GB+O5AL686tdUIoWMQua -BtDFcCLNSS1UY8y2bmhGC1Pqy0wkwLxyTurxFa70VJoSCsN6sjNg4tqJVfMiWPPe -3M/vg4aijJRPn2jymJBGhCfHdr/jzDUsi14HZGWCwEiwqJH5YZ92IFCokcdmtet4 -YgNW8IoaE+oxox6gmf049vYnMlhvB/VruPsUK6+3qszWY19zjNoFmag4qMsXeDZR -rOme9Hg6jc8P2ULimAyrL58OAd7vn5lJ8S3frHRNG5i1R8XlKdH5kBjHYpy+g8cm -ez6KJcfA3Z3mNWgQIJ2P2N7Sw4ScDV7oL8kCAwEAAaOBwDCBvTAdBgNVHQ4EFgQU -oBEKIz6W8Qfs4q8p74Klf9AwpLQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF -MAMBAf8wewYDVR0fBHQwcjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20v -QUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNqA0oDKGMGh0dHA6Ly9jcmwuY29t -b2RvLm5ldC9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDANBgkqhkiG9w0BAQUF -AAOCAQEACFb8AvCb6P+k+tZ7xkSAzk/ExfYAWMymtrwUSWgEdujm7l3sAg9g1o1Q -GE8mTgHj5rCl7r+8dFRBv/38ErjHT1r0iWAFf2C3BUrz9vHCv8S5dIa2LX1rzNLz -Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2 -G9w84FoVxp7Z8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsi -l2D4kF501KKaU73yqWjgom7C12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3 -smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg== ------END CERTIFICATE----- - -### Cybertrust Japan Co., Ltd. - -=== /C=JP/O=Cybertrust Japan Co., Ltd./CN=SecureSign Root CA12 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 66:f9:c7:c1:af:ec:c2:51:b4:ed:53:97:e6:e6:82:c3:2b:1c:90:16 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Apr 8 05:36:46 2020 GMT - Not After : Apr 8 05:36:46 2040 GMT - Subject: C=JP, O=Cybertrust Japan Co., Ltd., CN=SecureSign Root CA12 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - 57:34:F3:74:CF:04:4B:D5:25:E6:F1:40:B6:2C:4C:D9:2D:E9:A0:AD -SHA1 Fingerprint=7A:22:1E:3D:DE:1B:06:AC:9E:C8:47:70:16:8E:3C:E5:F7:6B:06:F4 -SHA256 Fingerprint=3F:03:4B:B5:70:4D:44:B2:D0:85:45:A0:20:57:DE:93:EB:F3:90:5F:CE:72:1A:CB:C7:30:C0:6D:DA:EE:90:4E ------BEGIN CERTIFICATE----- -MIIDcjCCAlqgAwIBAgIUZvnHwa/swlG07VOX5uaCwysckBYwDQYJKoZIhvcNAQEL -BQAwUTELMAkGA1UEBhMCSlAxIzAhBgNVBAoTGkN5YmVydHJ1c3QgSmFwYW4gQ28u -LCBMdGQuMR0wGwYDVQQDExRTZWN1cmVTaWduIFJvb3QgQ0ExMjAeFw0yMDA0MDgw -NTM2NDZaFw00MDA0MDgwNTM2NDZaMFExCzAJBgNVBAYTAkpQMSMwIQYDVQQKExpD -eWJlcnRydXN0IEphcGFuIENvLiwgTHRkLjEdMBsGA1UEAxMUU2VjdXJlU2lnbiBS -b290IENBMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6OcE3emhF -KxS06+QT61d1I02PJC0W6K6OyX2kVzsqdiUzg2zqMoqUm048luT9Ub+ZyZN+v/mt -p7JIKwccJ/VMvHASd6SFVLX9kHrko+RRWAPNEHl57muTH2SOa2SroxPjcf59q5zd -J1M3s6oYwlkm7Fsf0uZlfO+TvdhYXAvA42VvPMfKWeP+bl+sg779XSVOKik71gur -FzJ4pOE+lEa+Ym6b3kaosRbnhW70CEBFEaCeVESE99g2zvVQR9wsMJvuwPWW0v4J -hscGWa5Pro4RmHvzC1KqYiaqId+OJTN5lxZJjfU+1UefNzFJM3IFTQy2VYzxV4+K -h9GtxRESOaCtAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD -AgEGMB0GA1UdDgQWBBRXNPN0zwRL1SXm8UC2LEzZLemgrTANBgkqhkiG9w0BAQsF -AAOCAQEAPrvbFxbS8hQBICw4g0utvsqFepq2m2um4fylOqyttCg6r9cBg0krY6Ld -mmQOmFxv3Y67ilQiLUoT865AQ9tPkbeGGuwAtEGBpE/6aouIs3YIcipJQMPTw4WJ -mBClnW8Zt7vPemVV2zfrPIpyMpcemik+rY3moxtt9XUa5rBouVui7mlHJzWhhpmA -8zNL4WukJsPvdFlseqJkth5Ew1DgDzk9qTPxpfPSvWKErI4cqc1avTc7bgoitPQV -55FYxTpE05Uo2cBl6XLK0A+9H7MV2anjpEcJnuDLN/v9vZfVvhgaaaI5gdka9at/ -yOPiZwud9AzqVN/Ssq+xIvEg37xEHA== ------END CERTIFICATE----- -=== /C=JP/O=Cybertrust Japan Co., Ltd./CN=SecureSign Root CA14 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 64:db:5a:0c:20:4e:e8:d7:29:77:c8:50:27:a2:5a:27:dd:2d:f2:cb - Signature Algorithm: sha384WithRSAEncryption - Validity - Not Before: Apr 8 07:06:19 2020 GMT - Not After : Apr 8 07:06:19 2045 GMT - Subject: C=JP, O=Cybertrust Japan Co., Ltd., CN=SecureSign Root CA14 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - 06:93:A3:0A:5E:28:69:37:AA:61:1D:EB:EB:FC:2D:6F:23:E4:F3:A0 -SHA1 Fingerprint=DD:50:C0:F7:79:B3:64:2E:74:A2:B8:9D:9F:D3:40:DD:BB:F0:F2:4F -SHA256 Fingerprint=4B:00:9C:10:34:49:4F:9A:B5:6B:BA:3B:A1:D6:27:31:FC:4D:20:D8:95:5A:DC:EC:10:A9:25:60:72:61:E3:38 ------BEGIN CERTIFICATE----- -MIIFcjCCA1qgAwIBAgIUZNtaDCBO6Ncpd8hQJ6JaJ90t8sswDQYJKoZIhvcNAQEM -BQAwUTELMAkGA1UEBhMCSlAxIzAhBgNVBAoTGkN5YmVydHJ1c3QgSmFwYW4gQ28u -LCBMdGQuMR0wGwYDVQQDExRTZWN1cmVTaWduIFJvb3QgQ0ExNDAeFw0yMDA0MDgw -NzA2MTlaFw00NTA0MDgwNzA2MTlaMFExCzAJBgNVBAYTAkpQMSMwIQYDVQQKExpD -eWJlcnRydXN0IEphcGFuIENvLiwgTHRkLjEdMBsGA1UEAxMUU2VjdXJlU2lnbiBS -b290IENBMTQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDF0nqh1oq/ -FjHQmNE6lPxauG4iwWL3pwon71D2LrGeaBLwbCRjOfHw3xDG3rdSINVSW0KZnvOg -vlIfX8xnbacuUKLBl422+JX1sLrcneC+y9/3OPJH9aaakpUqYllQC6KxNedlsmGy -6pJxaeQp8E+BgQQ8sqVb1MWoWWd7VRxJq3qdwudzTe/NCcLEVxLbAQ4jeQkHO6Lo -/IrPj8BGJJw4J+CDnRugv3gVEOuGTgpa/d/aLIJ+7sr2KeH6caH3iGicnPCNvg9J -kdjqOvn90Ghx2+m1K06Ckm9mH+Dw3EzsytHqunQG+bOEkJTRX45zGRBdAuVwpcAQ -0BB8b8VYSbSwbprafZX1zNoCr7gsfXmPvkPx+SgojQlD+Ajda8iLLCSxjVIHvXib -y8posqTdDEx5YMaZ0ZPxMBoH064iwurO8YQJzOAUbn8/ftKChazcqRZOhaBgy/ac -18izju3Gm5h1DVXoX+WViwKkrkMpKBGk5hIwAUt1ax5mnXkvpXYvHUC0bcl9eQjs -0Wq2XSqypWa9a4X0dFbD9ed1Uigspf9mR6XU/v6eVL9lfgHWMI+lNpyiUBzuOIAB -SMbHdPTGrMNASRZhdCyvjG817XsYAFs2PJxQDcqSMxDxJklt33UkN4Ii1+iW/RVL -ApY+B3KVfqs9TC7XyvDf4Fg/LS8EmjijAQIDAQABo0IwQDAPBgNVHRMBAf8EBTAD -AQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUBpOjCl4oaTeqYR3r6/wtbyPk -86AwDQYJKoZIhvcNAQEMBQADggIBAJaAcgkGfpzMkwQWu6A6jZJOtxEaCnFxEM0E -rX+lRVAQZk5KQaID2RFPeje5S+LGjzJmdSX7684/AykmjbgWHfYfM25I5uj4V7Ib -ed87hwriZLoAymzvftAj63iP/2SbNDefNWWipAA9EiOWWF3KY4fGoweITedpdopT -zfFP7ELyk+OZpDc8h7hi2/DsHzc/N19DzFGdtfCXwreFamgLRB7lUe6TzktuhsHS -DCRZNhqfLJGP4xjblJUK7ZGqDpncllPjYYPGFrojutzdfhrGe0K22VoF3Jpf1d+4 -2kd92jjbrDnVHmtsKheMYc2xbXIBw8MgAGJoFjHVdqqGuw6qnsb58Nn4DSEC5MUo -FlkRudlpcyqSeLiSV5sI8jrlL5WwWLdrIBRtFO8KvH7YVdiI2i/6GaX7i+B/OfVy -K4XELKzvGUWSTLNhB9xNH27SgRNcmvMSZ4PPmz+Ln52kuaiWA3rF7iDeM9ovnhp6 -dB7h7sxaOgTdsxoEqBRjrLdHEoOabPXm6RUVkRqEGQ6UROcSjiVbgGcZ3GOTEAtl -Lor6CZpO2oYofaphNdgOpygau1LgePhsumywbrmHXumZNTfxPWQrqaA0k89jL9WB -365jJ6UeTo3cKXhZ+PmhIIynJkBugnLNeLLIjzwec+fBH7/PzqUqm9tEZDKgu39c -JRNItX+S ------END CERTIFICATE----- -=== /C=JP/O=Cybertrust Japan Co., Ltd./CN=SecureSign Root CA15 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 16:15:c7:c3:d8:49:a7:be:69:0c:8a:88:ed:f0:70:f9:dd:b7:3e:87 - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Apr 8 08:32:56 2020 GMT - Not After : Apr 8 08:32:56 2045 GMT - Subject: C=JP, O=Cybertrust Japan Co., Ltd., CN=SecureSign Root CA15 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - EB:41:C8:AE:FC:D5:9E:51:48:F5:BD:8B:F4:87:20:93:41:2B:D3:F4 -SHA1 Fingerprint=CB:BA:83:C8:C1:5A:5D:F1:F9:73:6F:CA:D7:EF:28:13:06:4A:07:7D -SHA256 Fingerprint=E7:78:F0:F0:95:FE:84:37:29:CD:1A:00:82:17:9E:53:14:A9:C2:91:44:28:05:E1:FB:1D:8F:B6:B8:88:6C:3A ------BEGIN CERTIFICATE----- -MIICIzCCAamgAwIBAgIUFhXHw9hJp75pDIqI7fBw+d23PocwCgYIKoZIzj0EAwMw -UTELMAkGA1UEBhMCSlAxIzAhBgNVBAoTGkN5YmVydHJ1c3QgSmFwYW4gQ28uLCBM -dGQuMR0wGwYDVQQDExRTZWN1cmVTaWduIFJvb3QgQ0ExNTAeFw0yMDA0MDgwODMy -NTZaFw00NTA0MDgwODMyNTZaMFExCzAJBgNVBAYTAkpQMSMwIQYDVQQKExpDeWJl -cnRydXN0IEphcGFuIENvLiwgTHRkLjEdMBsGA1UEAxMUU2VjdXJlU2lnbiBSb290 -IENBMTUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQLUHSNZDKZmbPSYAi4Io5GdCx4 -wCtELW1fHcmuS1Iggz24FG1Th2CeX2yF2wYUleDHKP+dX+Sq8bOLbe1PL0vJSpSR -ZHX+AezB2Ot6lHhWGENfa4HL9rzatAy2KZMIaY+jQjBAMA8GA1UdEwEB/wQFMAMB -Af8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTrQciu/NWeUUj1vYv0hyCTQSvT -9DAKBggqhkjOPQQDAwNoADBlAjEA2S6Jfl5OpBEHvVnCB96rMjhTKkZEBhd6zlHp -4P9mLQlO4E/0BdGF9jVg3PVys0Z9AjBEmEYagoUeYWmJSwdLZrWeqrqgHkHZAXQ6 -bkU6iYAZezKYVWOr62Nuk22rGwlgMU4= ------END CERTIFICATE----- - -### D-Trust GmbH - -=== /C=DE/O=D-Trust GmbH/CN=D-TRUST BR Root CA 1 2020 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 7c:c9:8f:2b:84:d7:df:ea:0f:c9:65:9a:d3:4b:4d:96 - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Feb 11 09:45:00 2020 GMT - Not After : Feb 11 09:44:59 2035 GMT - Subject: C=DE, O=D-Trust GmbH, CN=D-TRUST BR Root CA 1 2020 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 73:91:10:AB:FF:55:B3:5A:7C:09:25:D5:B2:BA:08:A0:6B:AB:1F:6D - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 CRL Distribution Points: - - Full Name: - URI:http://crl.d-trust.net/crl/d-trust_br_root_ca_1_2020.crl - - Full Name: - URI:ldap://directory.d-trust.net/CN=D-TRUST%20BR%20Root%20CA%201%202020,O=D-Trust%20GmbH,C=DE?certificaterevocationlist - -SHA1 Fingerprint=1F:5B:98:F0:E3:B5:F7:74:3C:ED:E6:B0:36:7D:32:CD:F4:09:41:67 -SHA256 Fingerprint=E5:9A:AA:81:60:09:C2:2B:FF:5B:25:BA:D3:7D:F3:06:F0:49:79:7C:1F:81:D8:5A:B0:89:E6:57:BD:8F:00:44 ------BEGIN CERTIFICATE----- -MIIC2zCCAmCgAwIBAgIQfMmPK4TX3+oPyWWa00tNljAKBggqhkjOPQQDAzBIMQsw -CQYDVQQGEwJERTEVMBMGA1UEChMMRC1UcnVzdCBHbWJIMSIwIAYDVQQDExlELVRS -VVNUIEJSIFJvb3QgQ0EgMSAyMDIwMB4XDTIwMDIxMTA5NDUwMFoXDTM1MDIxMTA5 -NDQ1OVowSDELMAkGA1UEBhMCREUxFTATBgNVBAoTDEQtVHJ1c3QgR21iSDEiMCAG -A1UEAxMZRC1UUlVTVCBCUiBSb290IENBIDEgMjAyMDB2MBAGByqGSM49AgEGBSuB -BAAiA2IABMbLxyjR+4T1mu9CFCDhQ2tuda38KwOE1HaTJddZO0Flax7mNCq7dPYS -zuht56vkPE4/RAiLzRZxy7+SmfSk1zxQVFKQhYN4lGdnoxwJGT11NIXe7WB9xwy0 -QVK5buXuQqOCAQ0wggEJMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFHOREKv/ -VbNafAkl1bK6CKBrqx9tMA4GA1UdDwEB/wQEAwIBBjCBxgYDVR0fBIG+MIG7MD6g -PKA6hjhodHRwOi8vY3JsLmQtdHJ1c3QubmV0L2NybC9kLXRydXN0X2JyX3Jvb3Rf -Y2FfMV8yMDIwLmNybDB5oHegdYZzbGRhcDovL2RpcmVjdG9yeS5kLXRydXN0Lm5l -dC9DTj1ELVRSVVNUJTIwQlIlMjBSb290JTIwQ0ElMjAxJTIwMjAyMCxPPUQtVHJ1 -c3QlMjBHbWJILEM9REU/Y2VydGlmaWNhdGVyZXZvY2F0aW9ubGlzdDAKBggqhkjO -PQQDAwNpADBmAjEAlJAtE/rhY/hhY+ithXhUkZy4kzg+GkHaQBZTQgjKL47xPoFW -wKrY7RjEsK70PvomAjEA8yjixtsrmfu3Ubgko6SUeho/5jbiA1czijDLgsfWFBHV -dWNbFJWcHwHP2NVypw87 ------END CERTIFICATE----- -=== /C=DE/O=D-Trust GmbH/CN=D-TRUST BR Root CA 2 2023 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 73:3b:30:04:48:5b:d9:4d:78:2e:73:4b:c9:a1:dc:66 - Signature Algorithm: sha512WithRSAEncryption - Validity - Not Before: May 9 08:56:31 2023 GMT - Not After : May 9 08:56:30 2038 GMT - Subject: C=DE, O=D-Trust GmbH, CN=D-TRUST BR Root CA 2 2023 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 67:90:F0:D6:DE:B5:18:D5:46:29:7E:5C:AB:F8:9E:08:BC:64:95:10 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 CRL Distribution Points: - - Full Name: - URI:http://crl.d-trust.net/crl/d-trust_br_root_ca_2_2023.crl - -SHA1 Fingerprint=2D:B0:70:EE:71:94:AF:69:68:17:DB:79:CE:58:9F:A0:6B:96:F7:87 -SHA256 Fingerprint=05:52:E6:F8:3F:DF:65:E8:FA:96:70:E6:66:DF:28:A4:E2:13:40:B5:10:CB:E5:25:66:F9:7C:4F:B9:4B:2B:D1 ------BEGIN CERTIFICATE----- -MIIFqTCCA5GgAwIBAgIQczswBEhb2U14LnNLyaHcZjANBgkqhkiG9w0BAQ0FADBI -MQswCQYDVQQGEwJERTEVMBMGA1UEChMMRC1UcnVzdCBHbWJIMSIwIAYDVQQDExlE -LVRSVVNUIEJSIFJvb3QgQ0EgMiAyMDIzMB4XDTIzMDUwOTA4NTYzMVoXDTM4MDUw -OTA4NTYzMFowSDELMAkGA1UEBhMCREUxFTATBgNVBAoTDEQtVHJ1c3QgR21iSDEi -MCAGA1UEAxMZRC1UUlVTVCBCUiBSb290IENBIDIgMjAyMzCCAiIwDQYJKoZIhvcN -AQEBBQADggIPADCCAgoCggIBAK7/CVmRgApKaOYkP7in5Mg6CjoWzckjYaCTcfKr -i3OPoGdlYNJUa2NRb0kz4HIHE304zQaSBylSa053bATTlfrdTIzZXcFhfUvnKLNE -gXtRr90zsWh81k5M/itoucpmacTsXld/9w3HnDY25QdgrMBM6ghs7wZ8T1soegj8 -k12b9py0i4a6Ibn08OhZWiihNIQaJZG2tY/vsvmA+vk9PBFy2OMvhnbFeSzBqZCT -Rphny4NqoFAjpzv2gTng7fC5v2Xx2Mt6++9zA84A9H3X4F07ZrjcjrqDy4d2A/wl -2ecjbwb9Z/Pg/4S8R7+1FhhGaRTMBffb00msa8yr5LULQyReS2tNZ9/WtT5PeB+U -cSTq3nD88ZP+npNa5JRal1QMNXtfbO4AHyTsA7oC9Xb0n9Sa7YUsOCIvx9gvdhFP -/Wxc6PWOJ4d/GUohR5AdeY0cW/jPSoXk7bNbjb7EZChdQcRurDhaTyN0dKkSw/bS -uREVMweR2Ds3OmMwBtHFIjYoYiMQ4EbMl6zWK11kJNXuHA7e+whadSr2Y23OC0K+ -0bpwHJwh5Q8xaRfX/Aq03u2AnMuStIv13lmiWAmlY0cL4UEyNEHZmrHZqLAbWt4N -DfTisl01gLmB1IRpkQLLddCNxbU9CZEJjxShFHR5PtbJFR2kWVki3PaKRT08EtY+ -XTIvAgMBAAGjgY4wgYswDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUZ5Dw1t61 -GNVGKX5cq/ieCLxklRAwDgYDVR0PAQH/BAQDAgEGMEkGA1UdHwRCMEAwPqA8oDqG -OGh0dHA6Ly9jcmwuZC10cnVzdC5uZXQvY3JsL2QtdHJ1c3RfYnJfcm9vdF9jYV8y -XzIwMjMuY3JsMA0GCSqGSIb3DQEBDQUAA4ICAQA097N3U9swFrktpSHxQCF16+tI -FoE9c+CeJyrrd6kTpGoKWloUMz1oH4Guaf2Mn2VsNELZLdB/eBaxOqwjMa1ef67n -riv6uvw8l5VAk1/DLQOj7aRvU9f6QA4w9QAgLABMjDu0ox+2v5Eyq6+SmNMW5tTR -VFxDWy6u71cqqLRvpO8NVhTaIasgdp4D/Ca4nj8+AybmTNudX0KEPUUDAxxZiMrc -LmEkWqTqJwtzEr5SswrPMhfiHocaFpVIbVrg0M8JkiZmkdijYQ6qgYF/6FKC0ULn -4B0Y+qSFNueG4A3rvNTJ1jxD8V1Jbn6Bm2m1iWKPiFLY1/4nwSPFyysCu7Ff/vtD -hQNGvl3GyiEm/9cCnnRK3PgTFbGBVzbLZVzRHTF36SXDw7IyN9XxmAnkbWOACKsG -koHU6XCPpz+y7YaMgmo1yEJagtFSGkUPFaUA8JR7ZSdXOUPPfH/mvTWze/EZTN46 -ls/pdu4D58JDUjxqgejBWoC9EV2Ta/vH5mQ/u2kc6d0li690yVRAysuTEwrt+2aS -Ecr1wPrYg1UDfNPFIkZ1cGt5SAYqgpq/5usWDiJFAbzdNpQ0qTUmiteXue4Icr80 -knCDgKs4qllo3UCkGJCy89UDyibK79XH4I9TjvAA46jtn/mtd+ArY0+ew+43u3gJ -hJ65bvspmZDogNOfJA== ------END CERTIFICATE----- -=== /C=DE/O=D-Trust GmbH/CN=D-TRUST EV Root CA 1 2020 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 5f:02:41:d7:7a:87:7c:4c:03:a3:ac:96:8d:fb:ff:d0 - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Feb 11 10:00:00 2020 GMT - Not After : Feb 11 09:59:59 2035 GMT - Subject: C=DE, O=D-Trust GmbH, CN=D-TRUST EV Root CA 1 2020 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 7F:10:01:16:37:3A:A4:28:E4:50:F8:A4:F7:EC:6B:32:B6:FE:E9:8B - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 CRL Distribution Points: - - Full Name: - URI:http://crl.d-trust.net/crl/d-trust_ev_root_ca_1_2020.crl - - Full Name: - URI:ldap://directory.d-trust.net/CN=D-TRUST%20EV%20Root%20CA%201%202020,O=D-Trust%20GmbH,C=DE?certificaterevocationlist - -SHA1 Fingerprint=61:DB:8C:21:59:69:03:90:D8:7C:9C:12:86:54:CF:9D:3D:F4:DD:07 -SHA256 Fingerprint=08:17:0D:1A:A3:64:53:90:1A:2F:95:92:45:E3:47:DB:0C:8D:37:AB:AA:BC:56:B8:1A:A1:00:DC:95:89:70:DB ------BEGIN CERTIFICATE----- -MIIC2zCCAmCgAwIBAgIQXwJB13qHfEwDo6yWjfv/0DAKBggqhkjOPQQDAzBIMQsw -CQYDVQQGEwJERTEVMBMGA1UEChMMRC1UcnVzdCBHbWJIMSIwIAYDVQQDExlELVRS -VVNUIEVWIFJvb3QgQ0EgMSAyMDIwMB4XDTIwMDIxMTEwMDAwMFoXDTM1MDIxMTA5 -NTk1OVowSDELMAkGA1UEBhMCREUxFTATBgNVBAoTDEQtVHJ1c3QgR21iSDEiMCAG -A1UEAxMZRC1UUlVTVCBFViBSb290IENBIDEgMjAyMDB2MBAGByqGSM49AgEGBSuB -BAAiA2IABPEL3YZDIBnfl4XoIkqbz52Yv7QFJsnL46bSj8WeeHsxiamJrSc8ZRCC -/N/DnU7wMyPE0jL1HLDfMxddxfCxivnvubcUyilKwg+pf3VlSSowZ/Rk99Yad9rD -wpdhQntJraOCAQ0wggEJMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFH8QARY3 -OqQo5FD4pPfsazK2/umLMA4GA1UdDwEB/wQEAwIBBjCBxgYDVR0fBIG+MIG7MD6g -PKA6hjhodHRwOi8vY3JsLmQtdHJ1c3QubmV0L2NybC9kLXRydXN0X2V2X3Jvb3Rf -Y2FfMV8yMDIwLmNybDB5oHegdYZzbGRhcDovL2RpcmVjdG9yeS5kLXRydXN0Lm5l -dC9DTj1ELVRSVVNUJTIwRVYlMjBSb290JTIwQ0ElMjAxJTIwMjAyMCxPPUQtVHJ1 -c3QlMjBHbWJILEM9REU/Y2VydGlmaWNhdGVyZXZvY2F0aW9ubGlzdDAKBggqhkjO -PQQDAwNpADBmAjEAyjzGKnXCXnViOTYAYFqLwZOZzNnbQTs7h5kXO9XMT8oi96CA -y/m0sRtW9XLS/BnRAjEAkfcwkz8QRitxpNA7RJvAKQIFskF3UfN5Wp6OFKBOQtJb -gfM0agPnIjhQW+0ZT0MW ------END CERTIFICATE----- -=== /C=DE/O=D-Trust GmbH/CN=D-TRUST EV Root CA 2 2023 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 69:26:09:7e:80:4b:4c:a0:a7:8c:78:62:53:5f:5a:6f - Signature Algorithm: sha512WithRSAEncryption - Validity - Not Before: May 9 09:10:33 2023 GMT - Not After : May 9 09:10:32 2038 GMT - Subject: C=DE, O=D-Trust GmbH, CN=D-TRUST EV Root CA 2 2023 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - AA:FC:91:10:1B:87:91:5F:16:B9:BF:4F:4B:91:5E:00:1C:B1:32:80 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 CRL Distribution Points: - - Full Name: - URI:http://crl.d-trust.net/crl/d-trust_ev_root_ca_2_2023.crl - -SHA1 Fingerprint=A5:5B:D8:47:6C:8F:19:F7:4C:F4:6D:6B:B6:C2:79:82:22:DF:54:8B -SHA256 Fingerprint=8E:82:21:B2:E7:D4:00:78:36:A1:67:2F:0D:CC:29:9C:33:BC:07:D3:16:F1:32:FA:1A:20:6D:58:71:50:F1:CE ------BEGIN CERTIFICATE----- -MIIFqTCCA5GgAwIBAgIQaSYJfoBLTKCnjHhiU19abzANBgkqhkiG9w0BAQ0FADBI -MQswCQYDVQQGEwJERTEVMBMGA1UEChMMRC1UcnVzdCBHbWJIMSIwIAYDVQQDExlE -LVRSVVNUIEVWIFJvb3QgQ0EgMiAyMDIzMB4XDTIzMDUwOTA5MTAzM1oXDTM4MDUw -OTA5MTAzMlowSDELMAkGA1UEBhMCREUxFTATBgNVBAoTDEQtVHJ1c3QgR21iSDEi -MCAGA1UEAxMZRC1UUlVTVCBFViBSb290IENBIDIgMjAyMzCCAiIwDQYJKoZIhvcN -AQEBBQADggIPADCCAgoCggIBANiOo4mAC7JXUtypU0w3uX9jFxPvp1sjW2l1sJkK -F8GLxNuo4MwxusLyzV3pt/gdr2rElYfXR8mV2IIEUD2BCP/kPbOx1sWy/YgJ25yE -7CUXFId/MHibaljJtnMoPDT3mfd/06b4HEV8rSyMlD/YZxBTfiLNTiVR8CUkNRFe -EMbsh2aJgWi6zCudR3Mfvc2RpHJqnKIbGKBv7FD0fUDCqDDPvXPIEysQEx6Lmqg6 -lHPTGGkKSv/BAQP/eX+1SH977ugpbzZMlWGG2Pmic4ruri+W7mjNPU0oQvlFKzIb -RlUWaqZLKfm7lVa/Rh3sHZMdwGWyH6FDrlaeoLGPaxK3YG14C8qKXO0elg6DpkiV -jTujIcSuWMYAsoS0I6SWhjW42J7YrDRJmGOVxcttSEfi8i4YHtAxq9107PncjLgc -jmgjutDzUNzPZY9zOjLHfP7KgiJPvo5iR2blzYfi6NUPGJ/lBHJLRjwQ8kTCZFZx -TnXonMkmdMV9WdEKWw9t/p51HBjGGjp82A0EzM23RWV6sY+4roRIPrN6TagD4uJ+ -ARZZaBhDM7DS3LAaQzXupdqpRlyuhoFBAUp0JuyfBr/CBTdkdXgpaP3F9ev+R/nk -hbDhezGdpn9yo7nELC7MmVcOIQxFAZRl62UJxmMiCzNJkkg8/M3OsD6Onov4/knF -NXJHAgMBAAGjgY4wgYswDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUqvyREBuH -kV8Wub9PS5FeAByxMoAwDgYDVR0PAQH/BAQDAgEGMEkGA1UdHwRCMEAwPqA8oDqG -OGh0dHA6Ly9jcmwuZC10cnVzdC5uZXQvY3JsL2QtdHJ1c3RfZXZfcm9vdF9jYV8y -XzIwMjMuY3JsMA0GCSqGSIb3DQEBDQUAA4ICAQCTy6UfmRHsmg1fLBWTxj++EI14 -QvBukEdHjqOSMo1wj/Zbjb6JzkcBahsgIIlbyIIQbODnmaprxiqgYzWRaoUlrRc4 -pZt+UPJ26oUFKidBK7GB0aL2QHWpDsvxVUjY7NHss+jOFKE17MJeNRqrphYBBo7q -3C+jisosketSjl8MmxfPy3MHGcRqwnNU73xDUmPBEcrCRbH0O1P1aa4846XerOhU -t7KR/aypH/KH5BfGSah82ApB9PI+53c0BFLd6IHyTS9URZ0V4U/M5d40VxDJI3IX -cI1QcB9WbMy5/zpaT2N6w25lBx2Eof+pDGOJbbJAiDnXH3dotfyc1dZnaVuodNv8 -ifYbMvekJKZ2t0dT741Jj6m2g1qllpBFYfXeA08mD6iL8AOWsKwV0HFaanuU5nCT -2vFp4LJiTZ6P/4mdm13NRemUAiKN4DV/6PEEeXFsVIP4M7kFMhtYVRFP0OUnR3Hs -7dpn1mKmS00PaaLJvOwiS5THaJQXfuKOKD62xur1NGyfN4gHONuGcfrNlUhDbqNP -gofXNJhuS5N5YHVpD/Aa1VP6IQzCP+k/HxiMkl14p3ZnGbuy6n/pcAlWVqOwDAst -Nl7F6cTVg8uGF5csbBNvh1qvSaYd2804BC5f4ko1Di1L+KIkBI3Y4WNeApI02phh -XBxvWHZks/wCuPWdCg== ------END CERTIFICATE----- -=== /C=DE/O=D-Trust GmbH/CN=D-TRUST Root Class 3 CA 2 2009 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 623603 (0x983f3) - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Nov 5 08:35:58 2009 GMT - Not After : Nov 5 08:35:58 2029 GMT - Subject: C=DE, O=D-Trust GmbH, CN=D-TRUST Root Class 3 CA 2 2009 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - FD:DA:14:C4:9F:30:DE:21:BD:1E:42:39:FC:AB:63:23:49:E0:F1:84 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 CRL Distribution Points: - - Full Name: - URI:ldap://directory.d-trust.net/CN=D-TRUST%20Root%20Class%203%20CA%202%202009,O=D-Trust%20GmbH,C=DE?certificaterevocationlist - - Full Name: - URI:http://www.d-trust.net/crl/d-trust_root_class_3_ca_2_2009.crl - -SHA1 Fingerprint=58:E8:AB:B0:36:15:33:FB:80:F7:9B:1B:6D:29:D3:FF:8D:5F:00:F0 -SHA256 Fingerprint=49:E7:A4:42:AC:F0:EA:62:87:05:00:54:B5:25:64:B6:50:E4:F4:9E:42:E3:48:D6:AA:38:E0:39:E9:57:B1:C1 ------BEGIN CERTIFICATE----- -MIIEMzCCAxugAwIBAgIDCYPzMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRF -MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBD -bGFzcyAzIENBIDIgMjAwOTAeFw0wOTExMDUwODM1NThaFw0yOTExMDUwODM1NTha -ME0xCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMM -HkQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgMjAwOTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBANOySs96R+91myP6Oi/WUEWJNTrGa9v+2wBoqOADER03 -UAifTUpolDWzU9GUY6cgVq/eUXjsKj3zSEhQPgrfRlWLJ23DEE0NkVJD2IfgXU42 -tSHKXzlABF9bfsyjxiupQB7ZNoTWSPOSHjRGICTBpFGOShrvUD9pXRl/RcPHAY9R -ySPocq60vFYJfxLLHLGvKZAKyVXMD9O0Gu1HNVpK7ZxzBCHQqr0ME7UAyiZsxGsM -lFqVlNpQmvH/pStmMaTJOKDfHR+4CS7zp+hnUquVH+BGPtikw8paxTGA6Eian5Rp -/hnd2HN8gcqW3o7tszIFZYQ05ub9VxC1X3a/L7AQDcUCAwEAAaOCARowggEWMA8G -A1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFP3aFMSfMN4hvR5COfyrYyNJ4PGEMA4G -A1UdDwEB/wQEAwIBBjCB0wYDVR0fBIHLMIHIMIGAoH6gfIZ6bGRhcDovL2RpcmVj -dG9yeS5kLXRydXN0Lm5ldC9DTj1ELVRSVVNUJTIwUm9vdCUyMENsYXNzJTIwMyUy -MENBJTIwMiUyMDIwMDksTz1ELVRydXN0JTIwR21iSCxDPURFP2NlcnRpZmljYXRl -cmV2b2NhdGlvbmxpc3QwQ6BBoD+GPWh0dHA6Ly93d3cuZC10cnVzdC5uZXQvY3Js -L2QtdHJ1c3Rfcm9vdF9jbGFzc18zX2NhXzJfMjAwOS5jcmwwDQYJKoZIhvcNAQEL -BQADggEBAH+X2zDI36ScfSF6gHDOFBJpiBSVYEQBrLLpME+bUMJm2H6NMLVwMeni -acfzcNsgFYbQDfC+rAF1hM5+n02/t2A7nPPKHeJeaNijnZflQGDSNiH+0LS4F9p0 -o3/U37CYAqxva2ssJSRyoWXuJVrl5jLn8t+rSfrzkGkj2wTZ51xY/GXUl77M/C4K -zCUqNQT4YJEVdT1B/yMfGchs64JTBKbkTCJNjYy6zltz7GRUUG3RnFX7acM2w4y8 -PIWmawomDeCTmGCufsYkl4phX5GOZpIJhzbNi5stPvZR1FDUWSi9g/LMKHtThm3Y -Johw1+qRzT65ysCQblrGXnRl11z+o+I= ------END CERTIFICATE----- -=== /C=DE/O=D-Trust GmbH/CN=D-TRUST Root Class 3 CA 2 EV 2009 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 623604 (0x983f4) - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Nov 5 08:50:46 2009 GMT - Not After : Nov 5 08:50:46 2029 GMT - Subject: C=DE, O=D-Trust GmbH, CN=D-TRUST Root Class 3 CA 2 EV 2009 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - D3:94:8A:4C:62:13:2A:19:2E:CC:AF:72:8A:7D:36:D7:9A:1C:DC:67 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 CRL Distribution Points: - - Full Name: - URI:ldap://directory.d-trust.net/CN=D-TRUST%20Root%20Class%203%20CA%202%20EV%202009,O=D-Trust%20GmbH,C=DE?certificaterevocationlist - - Full Name: - URI:http://www.d-trust.net/crl/d-trust_root_class_3_ca_2_ev_2009.crl - -SHA1 Fingerprint=96:C9:1B:0B:95:B4:10:98:42:FA:D0:D8:22:79:FE:60:FA:B9:16:83 -SHA256 Fingerprint=EE:C5:49:6B:98:8C:E9:86:25:B9:34:09:2E:EC:29:08:BE:D0:B0:F3:16:C2:D4:73:0C:84:EA:F1:F3:D3:48:81 ------BEGIN CERTIFICATE----- -MIIEQzCCAyugAwIBAgIDCYP0MA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNVBAYTAkRF -MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBD -bGFzcyAzIENBIDIgRVYgMjAwOTAeFw0wOTExMDUwODUwNDZaFw0yOTExMDUwODUw -NDZaMFAxCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNV -BAMMIUQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgRVYgMjAwOTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAJnxhDRwui+3MKCOvXwEz75ivJn9gpfSegpn -ljgJ9hBOlSJzmY3aFS3nBfwZcyK3jpgAvDw9rKFs+9Z5JUut8Mxk2og+KbgPCdM0 -3TP1YtHhzRnp7hhPTFiu4h7WDFsVWtg6uMQYZB7jM7K1iXdODL/ZlGsTl28So/6Z -qQTMFexgaDbtCHu39b+T7WYxg4zGcTSHThfqr4uRjRxWQa4iN1438h3Z0S0NL2lR -p75mpoo6Kr3HGrHhFPC+Oh25z1uxav60sUYgovseO3Dvk5h9jHOW8sXvhXCtKSb8 -HgQ+HKDYD8tSg2J87otTlZCpV6LqYQXY+U3EJ/pure3511H3a6UCAwEAAaOCASQw -ggEgMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNOUikxiEyoZLsyvcop9Ntea -HNxnMA4GA1UdDwEB/wQEAwIBBjCB3QYDVR0fBIHVMIHSMIGHoIGEoIGBhn9sZGFw -Oi8vZGlyZWN0b3J5LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBSb290JTIwQ2xh -c3MlMjAzJTIwQ0ElMjAyJTIwRVYlMjAyMDA5LE89RC1UcnVzdCUyMEdtYkgsQz1E -RT9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0MEagRKBChkBodHRwOi8vd3d3LmQt -dHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2xhc3NfM19jYV8yX2V2XzIwMDku -Y3JsMA0GCSqGSIb3DQEBCwUAA4IBAQA07XtaPKSUiO8aEXUHL7P+PPoeUSbrh/Yp -3uDx1MYkCenBz1UbtDDZzhr+BlGmFaQt77JLvyAoJUnRpjZ3NOhk31KxEcdzes05 -nsKtjHEh8lprr988TlWvsoRlFIm5d8sqMb7Po23Pb0iUMkZv53GMoKaEGTcH8gNF -CSuGdXzfX2lXANtu2KZyIktQ1HWYVt+3GP9DQ1CuekR78HlR10M9p9OB0/DJT7na -xpeG0ILD5EJt/rDiZE4OJudANCa1CInXCGNjOCd1HjPqbqjdn5lPdE2BiYBL3ZqX -KVwvvoFBuYz/6n1gBp7N1z3TLqMVvKjmJuVvw9y4AyHqnxbxLFS1 ------END CERTIFICATE----- - -### Deutsche Telekom Security GmbH - -=== /C=DE/O=Deutsche Telekom Security GmbH/CN=Telekom Security TLS ECC Root 2020 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 36:3a:96:8c:c9:5c:b2:58:cd:d0:01:5d:c5:e5:57:00 - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Aug 25 07:48:20 2020 GMT - Not After : Aug 25 23:59:59 2045 GMT - Subject: C=DE, O=Deutsche Telekom Security GmbH, CN=Telekom Security TLS ECC Root 2020 - X509v3 extensions: - X509v3 Subject Key Identifier: - E3:72:CC:6E:95:99:47:B1:E6:B3:61:4C:D1:CB:AB:E3:BA:CD:DE:9F - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign -SHA1 Fingerprint=C0:F8:96:C5:A9:3B:01:06:21:07:DA:18:42:48:BC:E9:9D:88:D5:EC -SHA256 Fingerprint=57:8A:F4:DE:D0:85:3F:4E:59:98:DB:4A:EA:F9:CB:EA:8D:94:5F:60:B6:20:A3:8D:1A:3C:13:B2:BC:7B:A8:E1 ------BEGIN CERTIFICATE----- -MIICQjCCAcmgAwIBAgIQNjqWjMlcsljN0AFdxeVXADAKBggqhkjOPQQDAzBjMQsw -CQYDVQQGEwJERTEnMCUGA1UECgweRGV1dHNjaGUgVGVsZWtvbSBTZWN1cml0eSBH -bWJIMSswKQYDVQQDDCJUZWxla29tIFNlY3VyaXR5IFRMUyBFQ0MgUm9vdCAyMDIw -MB4XDTIwMDgyNTA3NDgyMFoXDTQ1MDgyNTIzNTk1OVowYzELMAkGA1UEBhMCREUx -JzAlBgNVBAoMHkRldXRzY2hlIFRlbGVrb20gU2VjdXJpdHkgR21iSDErMCkGA1UE -AwwiVGVsZWtvbSBTZWN1cml0eSBUTFMgRUNDIFJvb3QgMjAyMDB2MBAGByqGSM49 -AgEGBSuBBAAiA2IABM6//leov9Wq9xCazbzREaK9Z0LMkOsVGJDZos0MKiXrPk/O -tdKPD/M12kOLAoC+b1EkHQ9rK8qfwm9QMuU3ILYg/4gND21Ju9sGpIeQkpT0CdDP -f8iAC8GXs7s1J8nCG6NCMEAwHQYDVR0OBBYEFONyzG6VmUex5rNhTNHLq+O6zd6f -MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMAoGCCqGSM49BAMDA2cA -MGQCMHVSi7ekEE+uShCLsoRbQuHmKjYC2qBuGT8lv9pZMo7k+5Dck2TOrbRBR2Di -z6fLHgIwN0GMZt9Ba9aDAEH9L1r3ULRn0SyocddDypwnJJGDSA3PzfdUga/sf+Rn -27iQ7t0l ------END CERTIFICATE----- -=== /C=DE/O=Deutsche Telekom Security GmbH/CN=Telekom Security TLS RSA Root 2023 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 21:9c:54:2d:e8:f6:ec:71:77:fa:4e:e8:c3:70:57:97 - Signature Algorithm: sha384WithRSAEncryption - Validity - Not Before: Mar 28 12:16:45 2023 GMT - Not After : Mar 27 23:59:59 2048 GMT - Subject: C=DE, O=Deutsche Telekom Security GmbH, CN=Telekom Security TLS RSA Root 2023 - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - B6:A7:97:82:3D:74:85:9B:F7:3C:9F:93:9A:95:79:75:52:8C:6D:47 - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Authority Key Identifier: - keyid:B6:A7:97:82:3D:74:85:9B:F7:3C:9F:93:9A:95:79:75:52:8C:6D:47 - -SHA1 Fingerprint=54:D3:AC:B3:BD:57:56:F6:85:9D:CE:E5:C3:21:E2:D4:AD:83:D0:93 -SHA256 Fingerprint=EF:C6:5C:AD:BB:59:AD:B6:EF:E8:4D:A2:23:11:B3:56:24:B7:1B:3B:1E:A0:DA:8B:66:55:17:4E:C8:97:86:46 ------BEGIN CERTIFICATE----- -MIIFszCCA5ugAwIBAgIQIZxULej27HF3+k7ow3BXlzANBgkqhkiG9w0BAQwFADBj -MQswCQYDVQQGEwJERTEnMCUGA1UECgweRGV1dHNjaGUgVGVsZWtvbSBTZWN1cml0 -eSBHbWJIMSswKQYDVQQDDCJUZWxla29tIFNlY3VyaXR5IFRMUyBSU0EgUm9vdCAy -MDIzMB4XDTIzMDMyODEyMTY0NVoXDTQ4MDMyNzIzNTk1OVowYzELMAkGA1UEBhMC -REUxJzAlBgNVBAoMHkRldXRzY2hlIFRlbGVrb20gU2VjdXJpdHkgR21iSDErMCkG -A1UEAwwiVGVsZWtvbSBTZWN1cml0eSBUTFMgUlNBIFJvb3QgMjAyMzCCAiIwDQYJ -KoZIhvcNAQEBBQADggIPADCCAgoCggIBAO01oYGA88tKaVvC+1GDrib94W7zgRJ9 -cUD/h3VCKSHtgVIs3xLBGYSJwb3FKNXVS2xE1kzbB5ZKVXrKNoIENqil/Cf2SfHV -cp6R+SPWcHu79ZvB7JPPGeplfohwoHP89v+1VmLhc2o0mD6CuKyVU/QBoCcHcqMA -U6DksquDOFczJZSfvkgdmOGjup5czQRxUX11eKvzWarE4GC+j4NSuHUaQTXtvPM6 -Y+mpFEXX5lLRbtLevOP1Czvm4MS9Q2QTps70mDdsipWol8hHD/BeEIvnHRz+sTug -BTNoBUGCwQMrAcjnj02r6LX2zWtEtefdi+zqJbQAIldNsLGyMcEWzv/9FIS3R/qy -8XDe24tsNlikfLMR0cN3f1+2JeANxdKz+bi4d9s3cXFH42AYTyS2dTd4uaNir73J -co4vzLuu2+QVUhkHM/tqty1LkCiCc/4YizWN26cEar7qwU02OxY2kTLvtkCJkUPg -8qKrBC7m8kwOFjQgrIfBLX7JZkcXFBGk8/ehJImr2BrIoVyxo/eMbcgByU/J7MT8 -rFEz0ciD0cmfHdRHNCk+y7AO+oMLKFjlKdw/fKifybYKu6boRhYPluV75Gp6SG12 -mAWl3G0eQh5C2hrgUve1g8Aae3g1LDj1H/1Joy7SWWO/gLCMk3PLNaaZlSJhZQNg -+y+TS/qanIA7AgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUtqeX -gj10hZv3PJ+TmpV5dVKMbUcwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBS2 -p5eCPXSFm/c8n5OalXl1UoxtRzANBgkqhkiG9w0BAQwFAAOCAgEAqMxhpr51nhVQ -pGv7qHBFfLp+sVr8WyP6Cnf4mHGCDG3gXkaqk/QeoMPhk9tLrbKmXauw1GLLXrtm -9S3ul0A8Yute1hTWjOKWi0FpkzXmuZlrYrShF2Y0pmtjxrlO8iLpWA1WQdH6DErw -M807u20hOq6OcrXDSvvpfeWxm4bu4uB9tPcy/SKE8YXJN3nptT+/XOR0so8RYgDd -GGah2XsjX/GO1WfoVNpbOms2b/mBsTNHM3dA+VKq3dSDz4V4mZqTuXNnQkYRIer+ -CqkbGmVps4+uFrb2S1ayLfmlyOw7YqPta9BO1UAJpB+Y1zqlklkg5LB9zVtzaL1t -xKITDmcZuI1CfmwMmm6gJC3VRRvcxAIU/oVbZZfKTpBQCHpCNfnqwmbU+AGuHrS+ -w6jv/naaoqYfRvaE7fzbzsQCzndILIyy7MMAo+wsVRjBfhnu4S/yrYObnqsZ38aK -L4x35bcF7DvB7L6Gs4a8wPfc5+pbrrLMtTWGS9DiP7bY+A4A7l3j941Y/8+LN+lj -X273CXE2whJdV/LItM3z7gLfEdxquVeEHVlNjM7IDiPCtyaaEBRx/pOyiriA8A4Q -ntOoUAw3gi/q4Iqd4Sw5/7W0cwDk90imc6y/st53BIe0o82bNSQ3+pCTE4FCxpgm -dTdmQRCsu/WU48IxK63nI1bMNSWSs1A= ------END CERTIFICATE----- - -### Dhimyotis - -=== /C=FR/O=Dhimyotis/CN=Certigna -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - fe:dc:e3:01:0f:c9:48:ff - Signature Algorithm: sha1WithRSAEncryption - Validity - Not Before: Jun 29 15:13:05 2007 GMT - Not After : Jun 29 15:13:05 2027 GMT - Subject: C=FR, O=Dhimyotis, CN=Certigna - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 1A:ED:FE:41:39:90:B4:24:59:BE:01:F2:52:D5:45:F6:5A:39:DC:11 - X509v3 Authority Key Identifier: - keyid:1A:ED:FE:41:39:90:B4:24:59:BE:01:F2:52:D5:45:F6:5A:39:DC:11 - DirName:/C=FR/O=Dhimyotis/CN=Certigna - serial:FE:DC:E3:01:0F:C9:48:FF - - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - Netscape Cert Type: - SSL CA, S/MIME CA, Object Signing CA -SHA1 Fingerprint=B1:2E:13:63:45:86:A4:6F:1A:B2:60:68:37:58:2D:C4:AC:FD:94:97 -SHA256 Fingerprint=E3:B6:A2:DB:2E:D7:CE:48:84:2F:7A:C5:32:41:C7:B7:1D:54:14:4B:FB:40:C1:1F:3F:1D:0B:42:F5:EE:A1:2D ------BEGIN CERTIFICATE----- -MIIDqDCCApCgAwIBAgIJAP7c4wEPyUj/MA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNV -BAYTAkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hMB4X -DTA3MDYyOTE1MTMwNVoXDTI3MDYyOTE1MTMwNVowNDELMAkGA1UEBhMCRlIxEjAQ -BgNVBAoMCURoaW15b3RpczERMA8GA1UEAwwIQ2VydGlnbmEwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQDIaPHJ1tazNHUmgh7stL7qXOEm7RFHYeGifBZ4 -QCHkYJ5ayGPhxLGWkv8YbWkj4Sti993iNi+RB7lIzw7sebYs5zRLcAglozyHGxny -gQcPOJAZ0xH+hrTy0V4eHpbNgGzOOzGTtvKg0KmVEn2lmsxryIRWijOp5yIVUxbw -zBfsV1/pogqYCd7jX5xv3EjjhQsVWqa6n6xI4wmy9/Qy3l40vhx4XUJbzg4ij02Q -130yGLMLLGq/jj8UEYkgDncUtT2UCIf3JR7VsmAA7G8qKCVuKj4YYxclPz5EIBb2 -JsglrgVKtOdjLPOMFlN+XPsRGgjBRmKfIrjxwo1p3Po6WAbfAgMBAAGjgbwwgbkw -DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUGu3+QTmQtCRZvgHyUtVF9lo53BEw -ZAYDVR0jBF0wW4AUGu3+QTmQtCRZvgHyUtVF9lo53BGhOKQ2MDQxCzAJBgNVBAYT -AkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hggkA/tzj -AQ/JSP8wDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIABzANBgkqhkiG -9w0BAQUFAAOCAQEAhQMeknH2Qq/ho2Ge6/PAD/Kl1NqV5ta+aDY9fm4fTIrv0Q8h -bV6lUmPOEvjvKtpv6zf+EwLHyzs+ImvaYS5/1HI93TDhHkxAGYwP15zRgzB7mFnc -fca5DClMoTOi62c6ZYTTluLtdkVwj7Ur3vkj1kluPBS1xp81HlDQwY9qcEQCYsuu -HWhBp6pX6FOqB9IG9tUUBguRA3UsbHK1YZWaDYu5Def131TN3ubY1gkIl2PlwS6w -t0QmwCbAr1UwnjvVNioZBPRcHv/PLLf/0P2HQBHVESO7SMAhqaQoLf0V+LBOK/Qw -WyH8EZE0vkHve52Xdf+XlcCWWC/qu0bXu+TZLg== ------END CERTIFICATE----- -=== /C=FR/O=Dhimyotis/OU=0002 48146308100036/CN=Certigna Root CA -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - ca:e9:1b:89:f1:55:03:0d:a3:e6:41:6d:c4:e3:a6:e1 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Oct 1 08:32:27 2013 GMT - Not After : Oct 1 08:32:27 2033 GMT - Subject: C=FR, O=Dhimyotis, OU=0002 48146308100036, CN=Certigna Root CA - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - 18:87:56:E0:6E:77:EE:24:35:3C:4E:73:9A:1F:D6:E1:E2:79:7E:2B - X509v3 Authority Key Identifier: - keyid:18:87:56:E0:6E:77:EE:24:35:3C:4E:73:9A:1F:D6:E1:E2:79:7E:2B - - X509v3 Certificate Policies: - Policy: X509v3 Any Policy - CPS: https://wwww.certigna.fr/autorites/ - - X509v3 CRL Distribution Points: - - Full Name: - URI:http://crl.certigna.fr/certignarootca.crl - - Full Name: - URI:http://crl.dhimyotis.com/certignarootca.crl - -SHA1 Fingerprint=2D:0D:52:14:FF:9E:AD:99:24:01:74:20:47:6E:6C:85:27:27:F5:43 -SHA256 Fingerprint=D4:8D:3D:23:EE:DB:50:A4:59:E5:51:97:60:1C:27:77:4B:9D:7B:18:C9:4D:5A:05:95:11:A1:02:50:B9:31:68 ------BEGIN CERTIFICATE----- -MIIGWzCCBEOgAwIBAgIRAMrpG4nxVQMNo+ZBbcTjpuEwDQYJKoZIhvcNAQELBQAw -WjELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCURoaW15b3RpczEcMBoGA1UECwwTMDAw -MiA0ODE0NjMwODEwMDAzNjEZMBcGA1UEAwwQQ2VydGlnbmEgUm9vdCBDQTAeFw0x -MzEwMDEwODMyMjdaFw0zMzEwMDEwODMyMjdaMFoxCzAJBgNVBAYTAkZSMRIwEAYD -VQQKDAlEaGlteW90aXMxHDAaBgNVBAsMEzAwMDIgNDgxNDYzMDgxMDAwMzYxGTAX -BgNVBAMMEENlcnRpZ25hIFJvb3QgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw -ggIKAoICAQDNGDllGlmx6mQWDoyUJJV8g9PFOSbcDO8WV43X2KyjQn+Cyu3NW9sO -ty3tRQgXstmzy9YXUnIo245Onoq2C/mehJpNdt4iKVzSs9IGPjA5qXSjklYcoW9M -CiBtnyN6tMbaLOQdLNyzKNAT8kxOAkmhVECe5uUFoC2EyP+YbNDrihqECB63aCPu -I9Vwzm1RaRDuoXrC0SIxwoKF0vJVdlB8JXrJhFwLrN1CTivngqIkicuQstDuI7pm -TLtipPlTWmR7fJj6o0ieD5Wupxj0auwuA0Wv8HT4Ks16XdG+RCYyKfHx9WzMfgIh -C59vpD++nVPiz32pLHxYGpfhPTc3GGYo0kDFUYqMwy3OU4gkWGQwFsWq4NYKpkDf -ePb1BHxpE4S80dGnBs8B92jAqFe7OmGtBIyT46388NtEbVncSVmurJqZNjBBe3Yz -IoejwpKGbvlw7q6Hh5UbxHq9MfPU0uWZ/75I7HX1eBYdpnDBfzwboZL7z8g81sWT -Co/1VTp2lc5ZmIoJlXcymoO6LAQ6l73UL77XbJuiyn1tJslV1c/DeVIICZkHJC1k -JWumIWmbat10TWuXekG9qxf5kBdIjzb5LdXF2+6qhUVB+s06RbFo5jZMm5BX7CO5 -hwjCxAnxl4YqKE3idMDaxIzb3+KhF1nOJFl0Mdp//TBt2dzhauH8XwIDAQABo4IB -GjCCARYwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYE -FBiHVuBud+4kNTxOc5of1uHieX4rMB8GA1UdIwQYMBaAFBiHVuBud+4kNTxOc5of -1uHieX4rMEQGA1UdIAQ9MDswOQYEVR0gADAxMC8GCCsGAQUFBwIBFiNodHRwczov -L3d3d3cuY2VydGlnbmEuZnIvYXV0b3JpdGVzLzBtBgNVHR8EZjBkMC+gLaArhilo -dHRwOi8vY3JsLmNlcnRpZ25hLmZyL2NlcnRpZ25hcm9vdGNhLmNybDAxoC+gLYYr -aHR0cDovL2NybC5kaGlteW90aXMuY29tL2NlcnRpZ25hcm9vdGNhLmNybDANBgkq -hkiG9w0BAQsFAAOCAgEAlLieT/DjlQgi581oQfccVdV8AOItOoldaDgvUSILSo3L -6btdPrtcPbEo/uRTVRPPoZAbAh1fZkYJMyjhDSSXcNMQH+pkV5a7XdrnxIxPTGRG -HVyH41neQtGbqH6mid2PHMkwgu07nM3A6RngatgCdTer9zQoKJHyBApPNeNgJgH6 -0BGM+RFq7q89w1DTj18zeTyGqHNFkIwgtnJzFyO+B2XleJINugHA64wcZr+shncB -lA2c5uk5jR+mUYyZDDl34bSb+hxnV29qao6pK0xXeXpXIs/NX2NGjVxZOob4Mkdi -o2cNGJHc+6Zr9UhhcyNZjgKnvETq9Emd8VRY+WCv2hikLyhF3HqgiIZd8zvn/yk1 -gPxkQ5Tm4xxvvq0OKmOZK8l+hfZx6AYDlf7ej0gcWtSS6Cvu5zHbugRqh5jnxV/v -faci9wHYTfmJ0A6aBVmknpjZbyvKcL5kwlWj9Omvw5Ip3IgWJJk8jSaYtlu3zM63 -Nwf9JtmYhST/WSMDmu2dnajkXjjO11INb9I/bbEFa0nOipFGc/T2L/Coc3cOZayh -jWZSaX5LaAzHHjcng6WMxwLkFM1JAbBzs/3GkDpv0mztO+7skb6iQ12LAEpmJURw -3kAP+HwV96LOPNdeE4yBFxgX0b3xdxA61GU5wSesVywlVP+i2k+KYTlerj1KjL0= ------END CERTIFICATE----- - -### DigiCert Inc - -=== /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Assured ID Root CA -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39 - Signature Algorithm: sha1WithRSAEncryption - Validity - Not Before: Nov 10 00:00:00 2006 GMT - Not After : Nov 10 00:00:00 2031 GMT - Subject: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA - X509v3 extensions: - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 45:EB:A2:AF:F4:92:CB:82:31:2D:51:8B:A7:A7:21:9D:F3:6D:C8:0F - X509v3 Authority Key Identifier: - keyid:45:EB:A2:AF:F4:92:CB:82:31:2D:51:8B:A7:A7:21:9D:F3:6D:C8:0F - -SHA1 Fingerprint=05:63:B8:63:0D:62:D7:5A:BB:C8:AB:1E:4B:DF:B5:A8:99:B2:4D:43 -SHA256 Fingerprint=3E:90:99:B5:01:5E:8F:48:6C:00:BC:EA:9D:11:1E:E7:21:FA:BA:35:5A:89:BC:F1:DF:69:56:1E:3D:C6:32:5C ------BEGIN CERTIFICATE----- -MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBl -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv -b3QgQ0EwHhcNMDYxMTEwMDAwMDAwWhcNMzExMTEwMDAwMDAwWjBlMQswCQYDVQQG -EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl -cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0EwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtDhXO5EOAXLGH87dg+XESpa7c -JpSIqvTO9SA5KFhgDPiA2qkVlTJhPLWxKISKityfCgyDF3qPkKyK53lTXDGEKvYP -mDI2dsze3Tyoou9q+yHyUmHfnyDXH+Kx2f4YZNISW1/5WBg1vEfNoTb5a3/UsDg+ -wRvDjDPZ2C8Y/igPs6eD1sNuRMBhNZYW/lmci3Zt1/GiSw0r/wty2p5g0I6QNcZ4 -VYcgoc/lbQrISXwxmDNsIumH0DJaoroTghHtORedmTpyoeb6pNnVFzF1roV9Iq4/ -AUaG9ih5yLHa5FcXxH4cDrC0kqZWs72yl+2qp/C3xag/lRbQ/6GW6whfGHdPAgMB -AAGjYzBhMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW -BBRF66Kv9JLLgjEtUYunpyGd823IDzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYun -pyGd823IDzANBgkqhkiG9w0BAQUFAAOCAQEAog683+Lt8ONyc3pklL/3cmbYMuRC -dWKuh+vy1dneVrOfzM4UKLkNl2BcEkxY5NM9g0lFWJc1aRqoR+pWxnmrEthngYTf -fwk8lOa4JiwgvT2zKIn3X/8i4peEH+ll74fg38FnSbNd67IJKusm7Xi+fT8r87cm -NW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i8b5QZ7dsvfPx -H2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe -+o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8g== ------END CERTIFICATE----- -=== /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Assured ID Root G2 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 0b:93:1c:3a:d6:39:67:ea:67:23:bf:c3:af:9a:f4:4b - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Aug 1 12:00:00 2013 GMT - Not After : Jan 15 12:00:00 2038 GMT - Subject: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root G2 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - CE:C3:4A:B9:99:55:F2:B8:DB:60:BF:A9:7E:BD:56:B5:97:36:A7:D6 -SHA1 Fingerprint=A1:4B:48:D9:43:EE:0A:0E:40:90:4F:3C:E0:A4:C0:91:93:51:5D:3F -SHA256 Fingerprint=7D:05:EB:B6:82:33:9F:8C:94:51:EE:09:4E:EB:FE:FA:79:53:A1:14:ED:B2:F4:49:49:45:2F:AB:7D:2F:C1:85 ------BEGIN CERTIFICATE----- -MIIDljCCAn6gAwIBAgIQC5McOtY5Z+pnI7/Dr5r0SzANBgkqhkiG9w0BAQsFADBl -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv -b3QgRzIwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBlMQswCQYDVQQG -EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl -cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzIwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ5ygvUj82ckmIkzTz+GoeMVSA -n61UQbVH35ao1K+ALbkKz3X9iaV9JPrjIgwrvJUXCzO/GU1BBpAAvQxNEP4Htecc -biJVMWWXvdMX0h5i89vqbFCMP4QMls+3ywPgym2hFEwbid3tALBSfK+RbLE4E9Hp -EgjAALAcKxHad3A2m67OeYfcgnDmCXRwVWmvo2ifv922ebPynXApVfSr/5Vh88lA -bx3RvpO704gqu52/clpWcTs/1PPRCv4o76Pu2ZmvA9OPYLfykqGxvYmJHzDNw6Yu -YjOuFgJ3RFrngQo8p0Quebg/BLxcoIfhG69Rjs3sLPr4/m3wOnyqi+RnlTGNAgMB -AAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQW -BBTOw0q5mVXyuNtgv6l+vVa1lzan1jANBgkqhkiG9w0BAQsFAAOCAQEAyqVVjOPI -QW5pJ6d1Ee88hjZv0p3GeDgdaZaikmkuOGybfQTUiaWxMTeKySHMq2zNixya1r9I -0jJmwYrA8y8678Dj1JGG0VDjA9tzd29KOVPt3ibHtX2vK0LRdWLjSisCx1BL4Gni -lmwORGYQRI+tBev4eaymG+g3NJ1TyWGqolKvSnAWhsI6yLETcDbYz+70CjTVW0z9 -B5yiutkBclzzTcHdDrEcDcRjvq30FPuJ7KJBDkzMyFdA0G4Dqs0MjomZmWzwPDCv -ON9vvKO+KSAnq3T/EyJ43pdSVR6DtVQgA+6uwE9W3jfMw3+qBCe703e4YtsXfJwo -IhNzbM8m9Yop5w== ------END CERTIFICATE----- -=== /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Assured ID Root G3 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 0b:a1:5a:fa:1d:df:a0:b5:49:44:af:cd:24:a0:6c:ec - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Aug 1 12:00:00 2013 GMT - Not After : Jan 15 12:00:00 2038 GMT - Subject: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root G3 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - CB:D0:BD:A9:E1:98:05:51:A1:4D:37:A2:83:79:CE:8D:1D:2A:E4:84 -SHA1 Fingerprint=F5:17:A2:4F:9A:48:C6:C9:F8:A2:00:26:9F:DC:0F:48:2C:AB:30:89 -SHA256 Fingerprint=7E:37:CB:8B:4C:47:09:0C:AB:36:55:1B:A6:F4:5D:B8:40:68:0F:BA:16:6A:95:2D:B1:00:71:7F:43:05:3F:C2 ------BEGIN CERTIFICATE----- -MIICRjCCAc2gAwIBAgIQC6Fa+h3foLVJRK/NJKBs7DAKBggqhkjOPQQDAzBlMQsw -CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu -ZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3Qg -RzMwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBlMQswCQYDVQQGEwJV -UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu -Y29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzMwdjAQBgcq -hkjOPQIBBgUrgQQAIgNiAAQZ57ysRGXtzbg/WPuNsVepRC0FFfLvC/8QdJ+1YlJf -Zn4f5dwbRXkLzMZTCp2NXQLZqVneAlr2lSoOjThKiknGvMYDOAdfVdp+CW7if17Q -RSAPWXYQ1qAk8C3eNvJsKTmjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ -BAQDAgGGMB0GA1UdDgQWBBTL0L2p4ZgFUaFNN6KDec6NHSrkhDAKBggqhkjOPQQD -AwNnADBkAjAlpIFFAmsSS3V0T8gj43DydXLefInwz5FyYZ5eEJJZVrmDxxDnOOlY -JjZ91eQ0hjkCMHw2U/Aw5WJjOpnitqM7mzT6HtoQknFekROn3aRukswy1vUhZscv -6pZjamVFkpUBtA== ------END CERTIFICATE----- -=== /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 08:3b:e0:56:90:42:46:b1:a1:75:6a:c9:59:91:c7:4a - Signature Algorithm: sha1WithRSAEncryption - Validity - Not Before: Nov 10 00:00:00 2006 GMT - Not After : Nov 10 00:00:00 2031 GMT - Subject: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA - X509v3 extensions: - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 03:DE:50:35:56:D1:4C:BB:66:F0:A3:E2:1B:1B:C3:97:B2:3D:D1:55 - X509v3 Authority Key Identifier: - keyid:03:DE:50:35:56:D1:4C:BB:66:F0:A3:E2:1B:1B:C3:97:B2:3D:D1:55 - -SHA1 Fingerprint=A8:98:5D:3A:65:E5:E5:C4:B2:D7:D6:6D:40:C6:DD:2F:B1:9C:54:36 -SHA256 Fingerprint=43:48:A0:E9:44:4C:78:CB:26:5E:05:8D:5E:89:44:B4:D8:4F:96:62:BD:26:DB:25:7F:89:34:A4:43:C7:01:61 ------BEGIN CERTIFICATE----- -MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD -QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT -MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j -b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB -CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97 -nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt -43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P -T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4 -gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO -BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR -TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw -DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr -hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg -06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF -PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls -YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk -CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4= ------END CERTIFICATE----- -=== /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root G2 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 03:3a:f1:e6:a7:11:a9:a0:bb:28:64:b1:1d:09:fa:e5 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Aug 1 12:00:00 2013 GMT - Not After : Jan 15 12:00:00 2038 GMT - Subject: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - 4E:22:54:20:18:95:E6:E3:6E:E6:0F:FA:FA:B9:12:ED:06:17:8F:39 -SHA1 Fingerprint=DF:3C:24:F9:BF:D6:66:76:1B:26:80:73:FE:06:D1:CC:8D:4F:82:A4 -SHA256 Fingerprint=CB:3C:CB:B7:60:31:E5:E0:13:8F:8D:D3:9A:23:F9:DE:47:FF:C3:5E:43:C1:14:4C:EA:27:D4:6A:5A:B1:CB:5F ------BEGIN CERTIFICATE----- -MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH -MjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVT -MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j -b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI -2/Ou8jqJkTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx -1x7e/dfgy5SDN67sH0NO3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQ -q2EGnI/yuum06ZIya7XzV+hdG82MHauVBJVJ8zUtluNJbd134/tJS7SsVQepj5Wz -tCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyMUNGPHgm+F6HmIcr9g+UQ -vIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQABo0IwQDAP -BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV -5uNu5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY -1Yl9PMWLSn/pvtsrF9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4 -NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NG -Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91 -8rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTe -pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl -MrY= ------END CERTIFICATE----- -=== /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root G3 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 05:55:56:bc:f2:5e:a4:35:35:c3:a4:0f:d5:ab:45:72 - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Aug 1 12:00:00 2013 GMT - Not After : Jan 15 12:00:00 2038 GMT - Subject: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G3 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - B3:DB:48:A4:F9:A1:C5:D8:AE:36:41:CC:11:63:69:62:29:BC:4B:C6 -SHA1 Fingerprint=7E:04:DE:89:6A:3E:66:6D:00:E6:87:D3:3F:FA:D9:3B:E8:3D:34:9E -SHA256 Fingerprint=31:AD:66:48:F8:10:41:38:C7:38:F3:9E:A4:32:01:33:39:3E:3A:18:CC:02:29:6E:F9:7C:2A:C9:EF:67:31:D0 ------BEGIN CERTIFICATE----- -MIICPzCCAcWgAwIBAgIQBVVWvPJepDU1w6QP1atFcjAKBggqhkjOPQQDAzBhMQsw -CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu -ZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAe -Fw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVTMRUw -EwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20x -IDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEczMHYwEAYHKoZIzj0CAQYF -K4EEACIDYgAE3afZu4q4C/sLfyHS8L6+c/MzXRq8NOrexpu80JX28MzQC7phW1FG -fp4tn+6OYwwX7Adw9c+ELkCDnOg/QW07rdOkFFk2eJ0DQ+4QE2xy3q6Ip6FrtUPO -Z9wj/wMco+I+o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAd -BgNVHQ4EFgQUs9tIpPmhxdiuNkHMEWNpYim8S8YwCgYIKoZIzj0EAwMDaAAwZQIx -AK288mw/EkrRLTnDCgmXc/SINoyIJ7vmiI1Qhadj+Z4y3maTD/HMsQmP3Wyr+mt/ -oAIwOWZbwmSNuJ5Q3KjVSaLtx9zRSX8XAbjIho9OjIgrqJqpisXRAL34VOKa5Vt8 -sycX ------END CERTIFICATE----- -=== /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77 - Signature Algorithm: sha1WithRSAEncryption - Validity - Not Before: Nov 10 00:00:00 2006 GMT - Not After : Nov 10 00:00:00 2031 GMT - Subject: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA - X509v3 extensions: - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - B1:3E:C3:69:03:F8:BF:47:01:D4:98:26:1A:08:02:EF:63:64:2B:C3 - X509v3 Authority Key Identifier: - keyid:B1:3E:C3:69:03:F8:BF:47:01:D4:98:26:1A:08:02:EF:63:64:2B:C3 - -SHA1 Fingerprint=5F:B7:EE:06:33:E2:59:DB:AD:0C:4C:9A:E6:D3:8F:1A:61:C7:DC:25 -SHA256 Fingerprint=74:31:E5:F4:C3:C1:CE:46:90:77:4F:0B:61:E0:54:40:88:3B:A9:A0:1E:D0:0B:A6:AB:D7:80:6E:D3:B1:18:CF ------BEGIN CERTIFICATE----- -MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j -ZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAwMFoXDTMxMTExMDAwMDAwMFowbDEL -MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3 -LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug -RVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm -+9S75S0tMqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTW -PNt0OKRKzE0lgvdKpVMSOO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEM -xChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFB -Ik5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQNAQTXKFx01p8VdteZOE3 -hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUeh10aUAsg -EsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQF -MAMBAf8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaA -FLE+w2kD+L9HAdSYJhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3Nec -nzyIZgYIVyHbIUf4KmeqvxgydkAQV8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6z -eM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFpmyPInngiK3BD41VHMWEZ71jF -hS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkKmNEVX58Svnw2 -Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe -vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep -+OkuE6N36B9K ------END CERTIFICATE----- -=== /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Trusted Root G4 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c - Signature Algorithm: sha384WithRSAEncryption - Validity - Not Before: Aug 1 12:00:00 2013 GMT - Not After : Jan 15 12:00:00 2038 GMT - Subject: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Trusted Root G4 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - EC:D7:E3:82:D2:71:5D:64:4C:DF:2E:67:3F:E7:BA:98:AE:1C:0F:4F -SHA1 Fingerprint=DD:FB:16:CD:49:31:C9:73:A2:03:7D:3F:C8:3A:4D:7D:77:5D:05:E4 -SHA256 Fingerprint=55:2F:7B:DC:F1:A7:AF:9E:6C:E6:72:01:7F:4F:12:AB:F7:72:40:C7:8E:76:1A:C2:03:D1:D9:D2:0A:C8:99:88 ------BEGIN CERTIFICATE----- -MIIFkDCCA3igAwIBAgIQBZsbV56OITLiOQe9p3d1XDANBgkqhkiG9w0BAQwFADBi -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3Qg -RzQwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBiMQswCQYDVQQGEwJV -UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu -Y29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQC/5pBzaN675F1KPDAiMGkz7MKnJS7JIT3y -ithZwuEppz1Yq3aaza57G4QNxDAf8xukOBbrVsaXbR2rsnnyyhHS5F/WBTxSD1If -xp4VpX6+n6lXFllVcq9ok3DCsrp1mWpzMpTREEQQLt+C8weE5nQ7bXHiLQwb7iDV -ySAdYyktzuxeTsiT+CFhmzTrBcZe7FsavOvJz82sNEBfsXpm7nfISKhmV1efVFiO -DCu3T6cw2Vbuyntd463JT17lNecxy9qTXtyOj4DatpGYQJB5w3jHtrHEtWoYOAMQ -jdjUN6QuBX2I9YI+EJFwq1WCQTLX2wRzKm6RAXwhTNS8rhsDdV14Ztk6MUSaM0C/ -CNdaSaTC5qmgZ92kJ7yhTzm1EVgX9yRcRo9k98FpiHaYdj1ZXUJ2h4mXaXpI8OCi -EhtmmnTK3kse5w5jrubU75KSOp493ADkRSWJtppEGSt+wJS00mFt6zPZxd9LBADM -fRyVw4/3IbKyEbe7f/LVjHAsQWCqsWMYRJUadmJ+9oCw++hkpjPRiQfhvbfmQ6QY -uKZ3AeEPlAwhHbJUKSWJbOUOUlFHdL4mrLZBdd56rF+NP8m800ERElvlEFDrMcXK -chYiCd98THU/Y+whX8QgUWtvsauGi0/C1kVfnSD8oR7FwI+isX4KJpn15GkvmB0t -9dmpsh3lGwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -hjAdBgNVHQ4EFgQU7NfjgtJxXWRM3y5nP+e6mK4cD08wDQYJKoZIhvcNAQEMBQAD -ggIBALth2X2pbL4XxJEbw6GiAI3jZGgPVs93rnD5/ZpKmbnJeFwMDF/k5hQpVgs2 -SV1EY+CtnJYYZhsjDT156W1r1lT40jzBQ0CuHVD1UvyQO7uYmWlrx8GnqGikJ9yd -+SeuMIW59mdNOj6PWTkiU0TryF0Dyu1Qen1iIQqAyHNm0aAFYF/opbSnr6j3bTWc -fFqK1qI4mfN4i/RN0iAL3gTujJtHgXINwBQy7zBZLq7gcfJW5GqXb5JQbZaNaHqa -sjYUegbyJLkJEVDXCLG4iXqEI2FCKeWjzaIgQdfRnGTZ6iahixTXTBmyUEFxPT9N -cCOGDErcgdLMMpSEDQgJlxxPwO5rIHQw0uA5NBCFIRUBCOhVMt5xSdkoF1BN5r5N -0XWs0Mr7QbhDparTwwVETyw2m+L64kW4I1NsBm9nVX9GtUw/bihaeSbSpKhil9Ie -4u1Ki7wb/UdKDd9nZn6yW0HQO+T0O/QEY+nvwlQAUaCKKsnOeMzV6ocEGLPOr0mI -r/OSmbaz5mEP0oUA51Aa5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1 -/YldvIViHTLSoCtU7ZpXwdv6EM8Zt4tKG48BtieVU+i2iW1bvGjUI+iLUaJW+fCm -gKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP82Z+ ------END CERTIFICATE----- - -### DigiCert, Inc. - -=== /C=US/O=DigiCert, Inc./CN=DigiCert TLS ECC P384 Root G5 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 09:e0:93:65:ac:f7:d9:c8:b9:3e:1c:0b:04:2a:2e:f3 - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Jan 15 00:00:00 2021 GMT - Not After : Jan 14 23:59:59 2046 GMT - Subject: C=US, O=DigiCert, Inc., CN=DigiCert TLS ECC P384 Root G5 - X509v3 extensions: - X509v3 Subject Key Identifier: - C1:51:45:50:59:AB:3E:E7:2C:5A:FA:20:22:12:07:80:88:7C:11:6A - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE -SHA1 Fingerprint=17:F3:DE:5E:9F:0F:19:E9:8E:F6:1F:32:26:6E:20:C4:07:AE:30:EE -SHA256 Fingerprint=01:8E:13:F0:77:25:32:CF:80:9B:D1:B1:72:81:86:72:83:FC:48:C6:E1:3B:E9:C6:98:12:85:4A:49:0C:1B:05 ------BEGIN CERTIFICATE----- -MIICGTCCAZ+gAwIBAgIQCeCTZaz32ci5PhwLBCou8zAKBggqhkjOPQQDAzBOMQsw -CQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xJjAkBgNVBAMTHURp -Z2lDZXJ0IFRMUyBFQ0MgUDM4NCBSb290IEc1MB4XDTIxMDExNTAwMDAwMFoXDTQ2 -MDExNDIzNTk1OVowTjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDkRpZ2lDZXJ0LCBJ -bmMuMSYwJAYDVQQDEx1EaWdpQ2VydCBUTFMgRUNDIFAzODQgUm9vdCBHNTB2MBAG -ByqGSM49AgEGBSuBBAAiA2IABMFEoc8Rl1Ca3iOCNQfN0MsYndLxf3c1TzvdlHJS -7cI7+Oz6e2tYIOyZrsn8aLN1udsJ7MgT9U7GCh1mMEy7H0cKPGEQQil8pQgO4CLp -0zVozptjn4S1mU1YoI71VOeVyaNCMEAwHQYDVR0OBBYEFMFRRVBZqz7nLFr6ICIS -B4CIfBFqMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49 -BAMDA2gAMGUCMQCJao1H5+z8blUD2WdsJk6Dxv3J+ysTvLd6jLRl0mlpYxNjOyZQ -LgGheQaRnUi/wr4CMEfDFXuxoJGZSZOoPHzoRgaLLPIxAJSdYsiJvRmEFOml+wG4 -DXZDjC5Ty3zfDBeWUA== ------END CERTIFICATE----- -=== /C=US/O=DigiCert, Inc./CN=DigiCert TLS RSA4096 Root G5 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 08:f9:b4:78:a8:fa:7e:da:6a:33:37:89:de:7c:cf:8a - Signature Algorithm: sha384WithRSAEncryption - Validity - Not Before: Jan 15 00:00:00 2021 GMT - Not After : Jan 14 23:59:59 2046 GMT - Subject: C=US, O=DigiCert, Inc., CN=DigiCert TLS RSA4096 Root G5 - X509v3 extensions: - X509v3 Subject Key Identifier: - 51:33:1C:ED:36:40:AF:17:D3:25:CD:69:68:F2:AF:4E:23:3E:B3:41 - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE -SHA1 Fingerprint=A7:88:49:DC:5D:7C:75:8C:8C:DE:39:98:56:B3:AA:D0:B2:A5:71:35 -SHA256 Fingerprint=37:1A:00:DC:05:33:B3:72:1A:7E:EB:40:E8:41:9E:70:79:9D:2B:0A:0F:2C:1D:80:69:31:65:F7:CE:C4:AD:75 ------BEGIN CERTIFICATE----- -MIIFZjCCA06gAwIBAgIQCPm0eKj6ftpqMzeJ3nzPijANBgkqhkiG9w0BAQwFADBN -MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xJTAjBgNVBAMT -HERpZ2lDZXJ0IFRMUyBSU0E0MDk2IFJvb3QgRzUwHhcNMjEwMTE1MDAwMDAwWhcN -NDYwMTE0MjM1OTU5WjBNMQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQs -IEluYy4xJTAjBgNVBAMTHERpZ2lDZXJ0IFRMUyBSU0E0MDk2IFJvb3QgRzUwggIi -MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCz0PTJeRGd/fxmgefM1eS87IE+ -ajWOLrfn3q/5B03PMJ3qCQuZvWxX2hhKuHisOjmopkisLnLlvevxGs3npAOpPxG0 -2C+JFvuUAT27L/gTBaF4HI4o4EXgg/RZG5Wzrn4DReW+wkL+7vI8toUTmDKdFqgp -wgscONyfMXdcvyej/Cestyu9dJsXLfKB2l2w4SMXPohKEiPQ6s+d3gMXsUJKoBZM -pG2T6T867jp8nVid9E6P/DsjyG244gXazOvswzH016cpVIDPRFtMbzCe88zdH5RD -nU1/cHAN1DrRN/BsnZvAFJNY781BOHW8EwOVfH/jXOnVDdXifBBiqmvwPXbzP6Po -sMH976pXTayGpxi0KcEsDr9kvimM2AItzVwv8n/vFfQMFawKsPHTDU9qTXeXAaDx -Zre3zu/O7Oyldcqs4+Fj97ihBMi8ez9dLRYiVu1ISf6nL3kwJZu6ay0/nTvEF+cd -Lvvyz6b84xQslpghjLSR6Rlgg/IwKwZzUNWYOwbpx4oMYIwo+FKbbuH2TbsGJJvX -KyY//SovcfXWJL5/MZ4PbeiPT02jP/816t9JXkGPhvnxd3lLG7SjXi/7RgLQZhNe -XoVPzthwiHvOAbWWl9fNff2C+MIkwcoBOU+NosEUQB+cZtUMCUbW8tDRSHZWOkPL -tgoRObqME2wGtZ7P6wIDAQABo0IwQDAdBgNVHQ4EFgQUUTMc7TZArxfTJc1paPKv -TiM+s0EwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcN -AQEMBQADggIBAGCmr1tfV9qJ20tQqcQjNSH/0GEwhJG3PxDPJY7Jv0Y02cEhJhxw -GXIeo8mH/qlDZJY6yFMECrZBu8RHANmfGBg7sg7zNOok992vIGCukihfNudd5N7H -PNtQOa27PShNlnx2xlv0wdsUpasZYgcYQF+Xkdycx6u1UQ3maVNVzDl92sURVXLF -O4uJ+DQtpBflF+aZfTCIITfNMBc9uPK8qHWgQ9w+iUuQrm0D4ByjoJYJu32jtyoQ -REtGBzRj7TG5BO6jm5qu5jF49OokYTurWGT/u4cnYiWB39yhL/btp/96j1EuMPik -AdKFOV8BmZZvWltwGUb+hmA+rYAQCd05JS9Yf7vSdPD3Rh9GOUrYU9DzLjtxpdRv -/PNn5AeP3SYZ4Y1b+qOTEZvpyDrDVWiakuFSdjjo4bq9+0/V77PnSIMx8IIh47a+ -p6tv75/fTM8BuGJqIz3nCU2AG3swpMPdB380vqQmsvZB6Akd4yCYqjdP//fx4ilw -MUc/dNAUFvohigLVigmUdy7yWSiLfFCSCmZ4OIN1xLVaqBHG5cGdZlXPU8Sv13WF -qUITVuwhd4GTWgzqltlJyqEI8pc7bZsEGCREjnwB8twl2F6GmrE52/WRMmrRpnCK -ovfepEWFJqgejF0pW8hL2JpqA15w8oVPbEtoL8pU9ozaMv7Da4M/OMZ+ ------END CERTIFICATE----- - -### Disig a.s. - -=== /C=SK/L=Bratislava/O=Disig a.s./CN=CA Disig Root R2 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 92:b8:88:db:b0:8a:c1:63 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Jul 19 09:15:30 2012 GMT - Not After : Jul 19 09:15:30 2042 GMT - Subject: C=SK, L=Bratislava, O=Disig a.s., CN=CA Disig Root R2 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - B5:99:F8:AF:B0:94:F5:E3:20:D6:0A:AD:CE:4E:56:A4:2E:6E:42:ED -SHA1 Fingerprint=B5:61:EB:EA:A4:DE:E4:25:4B:69:1A:98:A5:57:47:C2:34:C7:D9:71 -SHA256 Fingerprint=E2:3D:4A:03:6D:7B:70:E9:F5:95:B1:42:20:79:D2:B9:1E:DF:BB:1F:B6:51:A0:63:3E:AA:8A:9D:C5:F8:07:03 ------BEGIN CERTIFICATE----- -MIIFaTCCA1GgAwIBAgIJAJK4iNuwisFjMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNV -BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu -MRkwFwYDVQQDExBDQSBEaXNpZyBSb290IFIyMB4XDTEyMDcxOTA5MTUzMFoXDTQy -MDcxOTA5MTUzMFowUjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmEx -EzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjIw -ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCio8QACdaFXS1tFPbCw3Oe -NcJxVX6B+6tGUODBfEl45qt5WDza/3wcn9iXAng+a0EE6UG9vgMsRfYvZNSrXaNH -PWSb6WiaxswbP7q+sos0Ai6YVRn8jG+qX9pMzk0DIaPY0jSTVpbLTAwAFjxfGs3I -x2ymrdMxp7zo5eFm1tL7A7RBZckQrg4FY8aAamkw/dLukO8NJ9+flXP04SXabBbe -QTg06ov80egEFGEtQX6sx3dOy1FU+16SGBsEWmjGycT6txOgmLcRK7fWV8x8nhfR -yyX+hk4kLlYMeE2eARKmK6cBZW58Yh2EhN/qwGu1pSqVg8NTEQxzHQuyRpDRQjrO -QG6Vrf/GlK1ul4SOfW+eioANSW1z4nuSHsPzwfPrLgVv2RvPN3YEyLRa5Beny912 -H9AZdugsBbPWnDTYltxhh5EF5EQIM8HauQhl1K6yNg3ruji6DOWbnuuNZt2Zz9aJ -QfYEkoopKW1rOhzndX0CcQ7zwOe9yxndnWCywmZgtrEE7snmhrmaZkCo5xHtgUUD -i/ZnWejBBhG93c+AAk9lQHhcR1DIm+YfgXvkRKhbhZri3lrVx/k6RGZL5DJUfORs -nLMOPReisjQS1n6yqEm70XooQL6iFh/f5DcfEXP7kAplQ6INfPgGAVUzfbANuPT1 -rqVCV3w2EYx7XsQDnYx5nQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud -DwEB/wQEAwIBBjAdBgNVHQ4EFgQUtZn4r7CU9eMg1gqtzk5WpC5uQu0wDQYJKoZI -hvcNAQELBQADggIBACYGXnDnZTPIgm7ZnBc6G3pmsgH2eDtpXi/q/075KMOYKmFM -tCQSin1tERT3nLXK5ryeJ45MGcipvXrA1zYObYVybqjGom32+nNjf7xueQgcnYqf -GopTpti72TVVsRHFqQOzVju5hJMiXn7B9hJSi+osZ7z+Nkz1uM/Rs0mSO9MpDpkb -lvdhuDvEK7Z4bLQjb/D907JedR+Zlais9trhxTF7+9FGs9K8Z7RiVLoJ92Owk6Ka -+elSLotgEqv89WBW7xBci8QaQtyDW2QOy7W81k/BfDxujRNt+3vrMNDcTa/F1bal -TFtxyegxvug4BkihGuLq0t4SOVga/4AOgnXmt8kHbA7v/zjxmHHEt38OFdAlab0i -nSvtBfZGR6ztwPDUO+Ls7pZbkBNOHlY667DvlruWIxG68kOGdGSVyCh13x01utI3 -gzhTODY7z2zp+WsO0PsE6E9312UBeIYMej4hYvF/Y3EMyZ9E26gnonW+boE+18Dr -G5gPcFw0sorMwIUY6256s/daoQe/qUKS82Ail+QUoQebTnbAjn39pCXHR+3/H3Os -zMOl6W8KjptlwlCFtaOgUxLMVYdh84GuEEZhvUQhuMI9dM9+JDX6HAcOmz0iyu8x -L4ysEr3vQCj8KWefshNPZiTEUxnpHikV7+ZtsH8tZ/3zbBt1RqPlShfppNcL ------END CERTIFICATE----- - -### Entrust, Inc. - -=== /C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2009 Entrust, Inc. - for authorized use only/CN=Entrust Root Certification Authority - G2 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 1246989352 (0x4a538c28) - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Jul 7 17:25:54 2009 GMT - Not After : Dec 7 17:55:54 2030 GMT - Subject: C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2 - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 6A:72:26:7A:D0:1E:EF:7D:E7:3B:69:51:D4:6C:8D:9F:90:12:66:AB -SHA1 Fingerprint=8C:F4:27:FD:79:0C:3A:D1:66:06:8D:E8:1E:57:EF:BB:93:22:72:D4 -SHA256 Fingerprint=43:DF:57:74:B0:3E:7F:EF:5F:E4:0D:93:1A:7B:ED:F1:BB:2E:6B:42:73:8C:4E:6D:38:41:10:3D:3A:A7:F3:39 ------BEGIN CERTIFICATE----- -MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMC -VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50 -cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3Qs -IEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVz -dCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwHhcNMDkwNzA3MTcy -NTU0WhcNMzAxMjA3MTc1NTU0WjCBvjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVu -dHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwt -dGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0 -aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVzdCBSb290IENlcnRpZmlj -YXRpb24gQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK -AoIBAQC6hLZy254Ma+KZ6TABp3bqMriVQRrJ2mFOWHLP/vaCeb9zYQYKpSfYs1/T -RU4cctZOMvJyig/3gxnQaoCAAEUesMfnmr8SVycco2gvCoe9amsOXmXzHHfV1IWN -cCG0szLni6LVhjkCsbjSR87kyUnEO6fe+1R9V77w6G7CebI6C1XiUJgWMhNcL3hW -wcKUs/Ja5CeanyTXxuzQmyWC48zCxEXFjJd6BmsqEZ+pCm5IO2/b1BEZQvePB7/1 -U1+cPvQXLOZprE4yTGJ36rfo5bs0vBmLrpxR57d+tVOxMyLlbc9wPBr64ptntoP0 -jaWvYkxN4FisZDQSA/i2jZRjJKRxAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAP -BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqciZ60B7vfec7aVHUbI2fkBJmqzAN -BgkqhkiG9w0BAQsFAAOCAQEAeZ8dlsa2eT8ijYfThwMEYGprmi5ZiXMRrEPR9RP/ -jTkrwPK9T3CMqS/qF8QLVJ7UG5aYMzyorWKiAHarWWluBh1+xLlEjZivEtRh2woZ -Rkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v -1fN2D807iDginWyTmsQ9v4IbZT+mD12q/OWyFcq1rca8PdCE6OoGcrBNOTJ4vz4R -nAuknZoh8/CbCzB428Hch0P+vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmH -VHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xOe4pIb4tF9g== ------END CERTIFICATE----- -=== /C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2012 Entrust, Inc. - for authorized use only/CN=Entrust Root Certification Authority - EC1 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - a6:8b:79:29:00:00:00:00:50:d0:91:f9 - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Dec 18 15:25:36 2012 GMT - Not After : Dec 18 15:55:36 2037 GMT - Subject: C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2012 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - EC1 - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - B7:63:E7:1A:DD:8D:E9:08:A6:55:83:A4:E0:6A:50:41:65:11:42:49 -SHA1 Fingerprint=20:D8:06:40:DF:9B:25:F5:12:25:3A:11:EA:F7:59:8A:EB:14:B5:47 -SHA256 Fingerprint=02:ED:0E:B2:8C:14:DA:45:16:5C:56:67:91:70:0D:64:51:D7:FB:56:F0:B2:AB:1D:3B:8E:B0:70:E5:6E:DF:F5 ------BEGIN CERTIFICATE----- -MIIC+TCCAoCgAwIBAgINAKaLeSkAAAAAUNCR+TAKBggqhkjOPQQDAzCBvzELMAkG -A1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3 -d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDEyIEVu -dHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEzMDEGA1UEAxMq -RW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRUMxMB4XDTEy -MTIxODE1MjUzNloXDTM3MTIxODE1NTUzNlowgb8xCzAJBgNVBAYTAlVTMRYwFAYD -VQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1c3QubmV0 -L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxMiBFbnRydXN0LCBJbmMuIC0g -Zm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMzAxBgNVBAMTKkVudHJ1c3QgUm9vdCBD -ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEVDMTB2MBAGByqGSM49AgEGBSuBBAAi -A2IABIQTydC6bUF74mzQ61VfZgIaJPRbiWlH47jCffHyAsWfoPZb1YsGGYZPUxBt -ByQnoaD41UcZYUx9ypMn6nQM72+WCf5j7HBdNq1nd67JnXxVRDqiY1Ef9eNi1KlH -Bz7MIKNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O -BBYEFLdj5xrdjekIplWDpOBqUEFlEUJJMAoGCCqGSM49BAMDA2cAMGQCMGF52OVC -R98crlOZF7ZvHH3hvxGU0QOIdeSNiaSKd0bebWHvAvX7td/M/k7//qnmpwIwW5nX -hTcGtXsI/esni0qU+eH6p44mCOh8kmhtc9hvJqwhAriZtyZBWyVgrtBIGu4G ------END CERTIFICATE----- -=== /C=US/O=Entrust, Inc./OU=www.entrust.net/CPS is incorporated by reference/OU=(c) 2006 Entrust, Inc./CN=Entrust Root Certification Authority -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 1164660820 (0x456b5054) - Signature Algorithm: sha1WithRSAEncryption - Validity - Not Before: Nov 27 20:23:42 2006 GMT - Not After : Nov 27 20:53:42 2026 GMT - Subject: C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Private Key Usage Period: - Not Before: Nov 27 20:23:42 2006 GMT, Not After: Nov 27 20:53:42 2026 GMT - X509v3 Authority Key Identifier: - keyid:68:90:E4:67:A4:A6:53:80:C7:86:66:A4:F1:F7:4B:43:FB:84:BD:6D - - X509v3 Subject Key Identifier: - 68:90:E4:67:A4:A6:53:80:C7:86:66:A4:F1:F7:4B:43:FB:84:BD:6D - 1.2.840.113533.7.65.0: - 0...V7.1:4.0.... -SHA1 Fingerprint=B3:1E:B1:B7:40:E3:6C:84:02:DA:DC:37:D4:4D:F5:D4:67:49:52:F9 -SHA256 Fingerprint=73:C1:76:43:4F:1B:C6:D5:AD:F4:5B:0E:76:E7:27:28:7C:8D:E5:76:16:C1:E6:E6:14:1A:2B:2C:BC:7D:8E:4C ------BEGIN CERTIFICATE----- -MIIEkTCCA3mgAwIBAgIERWtQVDANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMC -VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0 -Lm5ldC9DUFMgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW -KGMpIDIwMDYgRW50cnVzdCwgSW5jLjEtMCsGA1UEAxMkRW50cnVzdCBSb290IENl -cnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA2MTEyNzIwMjM0MloXDTI2MTEyNzIw -NTM0MlowgbAxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMTkw -NwYDVQQLEzB3d3cuZW50cnVzdC5uZXQvQ1BTIGlzIGluY29ycG9yYXRlZCBieSBy -ZWZlcmVuY2UxHzAdBgNVBAsTFihjKSAyMDA2IEVudHJ1c3QsIEluYy4xLTArBgNV -BAMTJEVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJ -KoZIhvcNAQEBBQADggEPADCCAQoCggEBALaVtkNC+sZtKm9I35RMOVcF7sN5EUFo -Nu3s/poBj6E4KPz3EEZmLk0eGrEaTsbRwJWIsMn/MYszA9u3g3s+IIRe7bJWKKf4 -4LlAcTfFy0cOlypowCKVYhXbR9n10Cv/gkvJrT7eTNuQgFA/CYqEAOwwCj0Yzfv9 -KlmaI5UXLEWeH25DeW0MXJj+SKfFI0dcXv1u5x609mhF0YaDW6KKjbHjKYD+JXGI -rb68j6xSlkuqUY3kEzEZ6E5Nn9uss2rVvDlUccp6en+Q3X0dgNmBu1kmwhH+5pPi -94DkZfs0Nw4pgHBNrziGLp5/V6+eF67rHMsoIV+2HNjnogQi+dPa2MsCAwEAAaOB -sDCBrTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zArBgNVHRAEJDAi -gA8yMDA2MTEyNzIwMjM0MlqBDzIwMjYxMTI3MjA1MzQyWjAfBgNVHSMEGDAWgBRo -kORnpKZTgMeGZqTx90tD+4S9bTAdBgNVHQ4EFgQUaJDkZ6SmU4DHhmak8fdLQ/uE -vW0wHQYJKoZIhvZ9B0EABBAwDhsIVjcuMTo0LjADAgSQMA0GCSqGSIb3DQEBBQUA -A4IBAQCT1DCw1wMgKtD5Y+iRDAUgqV8ZyntyTtSx29CW+1RaGSwMCPeyvIWonX9t -O1KzKtvn1ISMY/YPyyYBkVBs9F8U4pN0wBOeMDpQ47RgxRzwIkSNcUesyBrJ6Zua -AGAT/3B+XxFNSRuzFVJ7yVTav52Vr2ua2J7p8eRDjeIRRDq/r72DQnNSi6q7pynP -9WQcCk3RvKqsnyrQ/39/2n3qse0wJcGE2jTSW3iDVuycNsMm4hH2Z0kdkquM++v/ -eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0tHuu2guQOHXvgR1m -0vdXcDazv/wor3ElhVsT/h5/WrQ8 ------END CERTIFICATE----- - -### Entrust.net - -=== /O=Entrust.net/OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)/OU=(c) 1999 Entrust.net Limited/CN=Entrust.net Certification Authority (2048) -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 946069240 (0x3863def8) - Signature Algorithm: sha1WithRSAEncryption - Validity - Not Before: Dec 24 17:50:51 1999 GMT - Not After : Jul 24 14:15:12 2029 GMT - Subject: O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048) - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 55:E4:81:D1:11:80:BE:D8:89:B9:08:A3:31:F9:A1:24:09:16:B9:70 -SHA1 Fingerprint=50:30:06:09:1D:97:D4:F5:AE:39:F7:CB:E7:92:7D:7D:65:2D:34:31 -SHA256 Fingerprint=6D:C4:71:72:E0:1C:BC:B0:BF:62:58:0D:89:5F:E2:B8:AC:9A:D4:F8:73:80:1E:0C:10:B9:C8:37:D2:1E:B1:77 ------BEGIN CERTIFICATE----- -MIIEKjCCAxKgAwIBAgIEOGPe+DANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML -RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp -bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5 -IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp -ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw05OTEyMjQxNzUwNTFaFw0yOTA3 -MjQxNDE1MTJaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3d3d3 -LmVudHJ1c3QubmV0L0NQU18yMDQ4IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxp -YWIuKTElMCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEG -A1UEAxMqRW50cnVzdC5uZXQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgp -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU1LqRKGsuqjIAcVFmQq -K0vRvwtKTY7tgHalZ7d4QMBzQshowNtTK91euHaYNZOLGp18EzoOH1u3Hs/lJBQe -sYGpjX24zGtLA/ECDNyrpUAkAH90lKGdCCmziAv1h3edVc3kw37XamSrhRSGlVuX -MlBvPci6Zgzj/L24ScF2iUkZ/cCovYmjZy/Gn7xxGWC4LeksyZB2ZnuU4q941mVT -XTzWnLLPKQP5L6RQstRIzgUyVYr9smRMDuSYB3Xbf9+5CFVghTAp+XtIpGmG4zU/ -HoZdenoVve8AjhUiVBcAkCaTvA5JaJG/+EfTnZVCwQ5N328mz8MYIWJmQ3DW1cAH -4QIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV -HQ4EFgQUVeSB0RGAvtiJuQijMfmhJAkWuXAwDQYJKoZIhvcNAQEFBQADggEBADub -j1abMOdTmXx6eadNl9cZlZD7Bh/KM3xGY4+WZiT6QBshJ8rmcnPyT/4xmf3IDExo -U8aAghOY+rat2l098c5u9hURlIIM7j+VrxGrD9cv3h8Dj1csHsm7mhpElesYT6Yf -zX1XEC+bBAlahLVu2B064dae0Wx5XnkcFMXj0EyTO2U87d89vqbllRrDtRnDvV5b -u/8j72gZyxKTJ1wDLW8w0B62GqzeWvfRqqgnpv55gcR5mTNXuhKwqeBCbJPKVt7+ -bYQLCIt+jerXmCHG8+c8eS9enNFMFY3h7CI3zJpDC5fcgJCNs2ebb0gIFVbPv/Er -fF6adulZkMV8gzURZVE= ------END CERTIFICATE----- - -### FNMT-RCM - -=== /C=ES/O=FNMT-RCM/OU=AC RAIZ FNMT-RCM -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 5d:93:8d:30:67:36:c8:06:1d:1a:c7:54:84:69:07 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Oct 29 15:59:56 2008 GMT - Not After : Jan 1 00:00:00 2030 GMT - Subject: C=ES, O=FNMT-RCM, OU=AC RAIZ FNMT-RCM - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - F7:7D:C5:FD:C4:E8:9A:1B:77:64:A7:F5:1D:A0:CC:BF:87:60:9A:6D - X509v3 Certificate Policies: - Policy: X509v3 Any Policy - CPS: http://www.cert.fnmt.es/dpcs/ - -SHA1 Fingerprint=EC:50:35:07:B2:15:C4:95:62:19:E2:A8:9A:5B:42:99:2C:4C:2C:20 -SHA256 Fingerprint=EB:C5:57:0C:29:01:8C:4D:67:B1:AA:12:7B:AF:12:F7:03:B4:61:1E:BC:17:B7:DA:B5:57:38:94:17:9B:93:FA ------BEGIN CERTIFICATE----- -MIIFgzCCA2ugAwIBAgIPXZONMGc2yAYdGsdUhGkHMA0GCSqGSIb3DQEBCwUAMDsx -CzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJ -WiBGTk1ULVJDTTAeFw0wODEwMjkxNTU5NTZaFw0zMDAxMDEwMDAwMDBaMDsxCzAJ -BgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJWiBG -Tk1ULVJDTTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALpxgHpMhm5/ -yBNtwMZ9HACXjywMI7sQmkCpGreHiPibVmr75nuOi5KOpyVdWRHbNi63URcfqQgf -BBckWKo3Shjf5TnUV/3XwSyRAZHiItQDwFj8d0fsjz50Q7qsNI1NOHZnjrDIbzAz -WHFctPVrbtQBULgTfmxKo0nRIBnuvMApGGWn3v7v3QqQIecaZ5JCEJhfTzC8PhxF -tBDXaEAUwED653cXeuYLj2VbPNmaUtu1vZ5Gzz3rkQUCwJaydkxNEJY7kvqcfw+Z -374jNUUeAlz+taibmSXaXvMiwzn15Cou08YfxGyqxRxqAQVKL9LFwag0Jl1mpdIC -IfkYtwb1TplvqKtMUejPUBjFd8g5CSxJkjKZqLsXF3mwWsXmo8RZZUc1g16p6DUL -mbvkzSDGm0oGObVo/CK67lWMK07q87Hj/LaZmtVC+nFNCM+HHmpxffnTtOmlcYF7 -wk5HlqX2doWjKI/pgG6BU6VtX7hI+cL5NqYuSf+4lsKMB7ObiFj86xsc3i1w4peS -MKGJ47xVqCfWS+2QrYv6YyVZLag13cqXM7zlzced0ezvXg5KkAYmY6252TUtB7p2 -ZSysV4999AeU14ECll2jB0nVetBX+RvnU0Z1qrB5QstocQjpYL05ac70r8NWQMet -UqIJ5G+GR4of6ygnXYMgrwTJbFaai0b1AgMBAAGjgYMwgYAwDwYDVR0TAQH/BAUw -AwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFPd9xf3E6Jobd2Sn9R2gzL+H -YJptMD4GA1UdIAQ3MDUwMwYEVR0gADArMCkGCCsGAQUFBwIBFh1odHRwOi8vd3d3 -LmNlcnQuZm5tdC5lcy9kcGNzLzANBgkqhkiG9w0BAQsFAAOCAgEAB5BK3/MjTvDD -nFFlm5wioooMhfNzKWtN/gHiqQxjAb8EZ6WdmF/9ARP67Jpi6Yb+tmLSbkyU+8B1 -RXxlDPiyN8+sD8+Nb/kZ94/sHvJwnvDKuO+3/3Y3dlv2bojzr2IyIpMNOmqOFGYM -LVN0V2Ue1bLdI4E7pWYjJ2cJj+F3qkPNZVEI7VFY/uY5+ctHhKQV8Xa7pO6kO8Rf -77IzlhEYt8llvhjho6Tc+hj507wTmzl6NLrTQfv6MooqtyuGC2mDOL7Nii4LcK2N -JpLuHvUBKwrZ1pebbuCoGRw6IYsMHkCtA+fdZn71uSANA+iW+YJF1DngoABd15jm -fZ5nc8OaKveri6E6FO80vFIOiZiaBECEHX5FaZNXzuvO+FB8TxxuBEOb+dY7Ixjp -6o7RTUaN8Tvkasq6+yO3m/qZASlaWFot4/nUbQ4mrcFuNLwy+AwF+mWj2zs3gyLp -1txyM/1d8iC9djwj2ij3+RvrWWTV3F9yfiD8zYm1kGdNYno/Tq0dwzn+evQoFt9B -9kiABdcPUXmsEKvU7ANm5mqwujGSQkBqvjrTcuFqN1W8rB2Vt2lh8kORdOag0wok -RqEIr9baRRmW1FMdW4R58MD3R++Lj8UGrp1MYp3/RgT408m2ECVAdf4WqslKYIYv -uu8wd+RU4riEmViAqhOLUTpPSPaLtrM= ------END CERTIFICATE----- -=== /C=ES/O=FNMT-RCM/OU=Ceres/2.5.4.97=VATES-Q2826004J/CN=AC RAIZ FNMT-RCM SERVIDORES SEGUROS -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 62:f6:32:6c:e5:c4:e3:68:5c:1b:62:dd:9c:2e:9d:95 - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Dec 20 09:37:33 2018 GMT - Not After : Dec 20 09:37:33 2043 GMT - Subject: C=ES, O=FNMT-RCM, OU=Ceres, 2.5.4.97=VATES-Q2826004J, CN=AC RAIZ FNMT-RCM SERVIDORES SEGUROS - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - 01:B9:2F:EF:BF:11:86:60:F2:4F:D0:41:6E:AB:73:1F:E7:D2:6E:49 -SHA1 Fingerprint=62:FF:D9:9E:C0:65:0D:03:CE:75:93:D2:ED:3F:2D:32:C9:E3:E5:4A -SHA256 Fingerprint=55:41:53:B1:3D:2C:F9:DD:B7:53:BF:BE:1A:4E:0A:E0:8D:0A:A4:18:70:58:FE:60:A2:B8:62:B2:E4:B8:7B:CB ------BEGIN CERTIFICATE----- -MIICbjCCAfOgAwIBAgIQYvYybOXE42hcG2LdnC6dlTAKBggqhkjOPQQDAzB4MQsw -CQYDVQQGEwJFUzERMA8GA1UECgwIRk5NVC1SQ00xDjAMBgNVBAsMBUNlcmVzMRgw -FgYDVQRhDA9WQVRFUy1RMjgyNjAwNEoxLDAqBgNVBAMMI0FDIFJBSVogRk5NVC1S -Q00gU0VSVklET1JFUyBTRUdVUk9TMB4XDTE4MTIyMDA5MzczM1oXDTQzMTIyMDA5 -MzczM1oweDELMAkGA1UEBhMCRVMxETAPBgNVBAoMCEZOTVQtUkNNMQ4wDAYDVQQL -DAVDZXJlczEYMBYGA1UEYQwPVkFURVMtUTI4MjYwMDRKMSwwKgYDVQQDDCNBQyBS -QUlaIEZOTVQtUkNNIFNFUlZJRE9SRVMgU0VHVVJPUzB2MBAGByqGSM49AgEGBSuB -BAAiA2IABPa6V1PIyqvfNkpSIeSX0oNnnvBlUdBeh8dHsVnyV0ebAAKTRBdp20LH -sbI6GA60XYyzZl2hNPk2LEnb80b8s0RpRBNm/dfF/a82Tc4DTQdxz69qBdKiQ1oK -Um8BA06Oi6NCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD -VR0OBBYEFAG5L++/EYZg8k/QQW6rcx/n0m5JMAoGCCqGSM49BAMDA2kAMGYCMQCu -SuMrQMN0EfKVrRYj3k4MGuZdpSRea0R7/DjiT8ucRRcRTBQnJlU5dUoDzBOQn5IC -MQD6SmxgiHPz7riYYqnOK8LZiqZwMR2vsJRM60/G49HzYqc8/5MuB1xJAWdpEgJy -v+c= ------END CERTIFICATE----- - -### Firmaprofesional SA - -=== /C=ES/O=Firmaprofesional SA/2.5.4.97=VATES-A62634068/CN=FIRMAPROFESIONAL CA ROOT-A WEB -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 31:97:21:ed:af:89:42:7f:35:41:87:a1:67:56:4c:6d - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Apr 6 09:01:36 2022 GMT - Not After : Mar 31 09:01:36 2047 GMT - Subject: C=ES, O=Firmaprofesional SA, 2.5.4.97=VATES-A62634068, CN=FIRMAPROFESIONAL CA ROOT-A WEB - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Authority Key Identifier: - keyid:93:E1:43:63:5C:3C:9D:D6:27:F3:52:EC:17:B2:A9:AF:2C:F7:76:F8 - - X509v3 Subject Key Identifier: - 93:E1:43:63:5C:3C:9D:D6:27:F3:52:EC:17:B2:A9:AF:2C:F7:76:F8 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign -SHA1 Fingerprint=A8:31:11:74:A6:14:15:0D:CA:77:DD:0E:E4:0C:5D:58:FC:A0:72:A5 -SHA256 Fingerprint=BE:F2:56:DA:F2:6E:9C:69:BD:EC:16:02:35:97:98:F3:CA:F7:18:21:A0:3E:01:82:57:C5:3C:65:61:7F:3D:4A ------BEGIN CERTIFICATE----- -MIICejCCAgCgAwIBAgIQMZch7a+JQn81QYehZ1ZMbTAKBggqhkjOPQQDAzBuMQsw -CQYDVQQGEwJFUzEcMBoGA1UECgwTRmlybWFwcm9mZXNpb25hbCBTQTEYMBYGA1UE -YQwPVkFURVMtQTYyNjM0MDY4MScwJQYDVQQDDB5GSVJNQVBST0ZFU0lPTkFMIENB -IFJPT1QtQSBXRUIwHhcNMjIwNDA2MDkwMTM2WhcNNDcwMzMxMDkwMTM2WjBuMQsw -CQYDVQQGEwJFUzEcMBoGA1UECgwTRmlybWFwcm9mZXNpb25hbCBTQTEYMBYGA1UE -YQwPVkFURVMtQTYyNjM0MDY4MScwJQYDVQQDDB5GSVJNQVBST0ZFU0lPTkFMIENB -IFJPT1QtQSBXRUIwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARHU+osEaR3xyrq89Zf -e9MEkVz6iMYiuYMQYneEMy3pA4jU4DP37XcsSmDq5G+tbbT4TIqk5B/K6k84Si6C -cyvHZpsKjECcfIr28jlgst7L7Ljkb+qbXbdTkBgyVcUgt5SjYzBhMA8GA1UdEwEB -/wQFMAMBAf8wHwYDVR0jBBgwFoAUk+FDY1w8ndYn81LsF7Kpryz3dvgwHQYDVR0O -BBYEFJPhQ2NcPJ3WJ/NS7Beyqa8s93b4MA4GA1UdDwEB/wQEAwIBBjAKBggqhkjO -PQQDAwNoADBlAjAdfKR7w4l1M+E7qUW/Runpod3JIha3RxEL2Jq68cgLcFBTApFw -hVmpHqTm6iMxoAACMQD94vizrxa5HnPEluPBMBnYfubDl94cT7iJLzPrSA8Z94dG -XSaQpYXFuXqUPoeovQA= ------END CERTIFICATE----- - -### GUANG DONG CERTIFICATE AUTHORITY CO.,LTD. - -=== /C=CN/O=GUANG DONG CERTIFICATE AUTHORITY CO.,LTD./CN=GDCA TrustAUTH R5 ROOT -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 9009899650740120186 (0x7d0997fef047ea7a) - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Nov 26 05:13:15 2014 GMT - Not After : Dec 31 15:59:59 2040 GMT - Subject: C=CN, O=GUANG DONG CERTIFICATE AUTHORITY CO.,LTD., CN=GDCA TrustAUTH R5 ROOT - X509v3 extensions: - X509v3 Subject Key Identifier: - E2:C9:40:9F:4D:CE:E8:9A:A1:7C:CF:0E:3F:65:C5:29:88:6A:19:51 - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign -SHA1 Fingerprint=0F:36:38:5B:81:1A:25:C3:9B:31:4E:83:CA:E9:34:66:70:CC:74:B4 -SHA256 Fingerprint=BF:FF:8F:D0:44:33:48:7D:6A:8A:A6:0C:1A:29:76:7A:9F:C2:BB:B0:5E:42:0F:71:3A:13:B9:92:89:1D:38:93 ------BEGIN CERTIFICATE----- -MIIFiDCCA3CgAwIBAgIIfQmX/vBH6nowDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE -BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ -IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE0 -MTEyNjA1MTMxNVoXDTQwMTIzMTE1NTk1OVowYjELMAkGA1UEBhMCQ04xMjAwBgNV -BAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZIENPLixMVEQuMR8w -HQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMIICIjANBgkqhkiG9w0BAQEF -AAOCAg8AMIICCgKCAgEA2aMW8Mh0dHeb7zMNOwZ+Vfy1YI92hhJCfVZmPoiC7XJj -Dp6L3TQsAlFRwxn9WVSEyfFrs0yw6ehGXTjGoqcuEVe6ghWinI9tsJlKCvLriXBj -TnnEt1u9ol2x8kECK62pOqPseQrsXzrj/e+APK00mxqriCZ7VqKChh/rNYmDf1+u -KU49tm7srsHwJ5uu4/Ts765/94Y9cnrrpftZTqfrlYwiOXnhLQiPzLyRuEH3FMEj -qcOtmkVEs7LXLM3GKeJQEK5cy4KOFxg2fZfmiJqwTTQJ9Cy5WmYqsBebnh52nUpm -MUHfP/vFBu8btn4aRjb3ZGM74zkYI+dndRTVdVeSN72+ahsmUPI2JgaQxXABZG12 -ZuGR224HwGGALrIuL4xwp9E7PLOR5G62xDtw8mySlwnNR30YwPO7ng/Wi64HtloP -zgsMR6flPri9fcebNaBhlzpBdRfMK5Z3KpIhHtmVdiBnaM8Nvd/WHwlqmuLMc3Gk -L30SgLdTMEZeS1SZD2fJpcjyIMGC7J0R38IC+xo70e0gmu9lZJIQDSri3nDxGGeC -jGHeuLzRL5z7D9Ar7Rt2ueQ5Vfj4oR24qoAATILnsn8JuLwwoC8N9VKejveSswoA -HQBUlwbgsQfZxw9cZX08bVlX5O2ljelAU58VS6Bx9hoh49pwBiFYFIeFd3mqgnkC -AwEAAaNCMEAwHQYDVR0OBBYEFOLJQJ9NzuiaoXzPDj9lxSmIahlRMA8GA1UdEwEB -/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQDRSVfg -p8xoWLoBDysZzY2wYUWsEe1jUGn4H3++Fo/9nesLqjJHdtJnJO29fDMylyrHBYZm -DRd9FBUb1Ov9H5r2XpdptxolpAqzkT9fNqyL7FeoPueBihhXOYV0GkLH6VsTX4/5 -COmSdI31R9KrO9b7eGZONn356ZLpBN79SWP8bfsUcZNnL0dKt7n/HipzcEYwv1ry -L3ml4Y0M2fmyYzeMN2WFcGpcWwlyua1jPLHd+PwyvzeG5LuOmCd+uh8W4XAR8gPf -JWIyJyYYMoSf/wA6E7qaTfRPuBRwIrHKK5DOKcFw9C+df/KQHtZa37dG/OaG+svg -IHZ6uqbL9XzeYqWxi+7egmaKTjowHz+Ay60nugxe19CxVsp3cbK1daFQqUBDF8Io -2c9Si1vIY9RCPqAzekYu9wogRlR+ak8x8YF+QnQ4ZXMn7sZ8uI7XpTrXmKGcjBBV -09tL7ECQ8s1uV9JiDnxXk7Gnbc2dg7sq5+W2O3FYrf3RRbxake5TFW/TRQl1brqQ -XR4EzzffHqhmsYzmIGrv/EhOdJhCrylvLmrH+33RZjEizIYAfmaDDEL0vTSSwxrq -T8p+ck0LcIymSLumoRT2+1hEmRSuqguTaaApJUqlyyvdimYHFngVV3Eb7PVHhPOe -MTd61X8kreS8/f3MboPoDKi3QWwH3b08hpcv0g== ------END CERTIFICATE----- - -### GlobalSign - -=== /OU=GlobalSign ECC Root CA - R4/O=GlobalSign/CN=GlobalSign -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 02:03:e5:7e:f5:3f:93:fd:a5:09:21:b2:a6 - Signature Algorithm: ecdsa-with-SHA256 - Validity - Not Before: Nov 13 00:00:00 2012 GMT - Not After : Jan 19 03:14:07 2038 GMT - Subject: OU=GlobalSign ECC Root CA - R4, O=GlobalSign, CN=GlobalSign - X509v3 extensions: - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 54:B0:7B:AD:45:B8:E2:40:7F:FB:0A:6E:FB:BE:33:C9:3C:A3:84:D5 -SHA1 Fingerprint=6B:A0:B0:98:E1:71:EF:5A:AD:FE:48:15:80:77:10:F4:BD:6F:0B:28 -SHA256 Fingerprint=B0:85:D7:0B:96:4F:19:1A:73:E4:AF:0D:54:AE:7A:0E:07:AA:FD:AF:9B:71:DD:08:62:13:8A:B7:32:5A:24:A2 ------BEGIN CERTIFICATE----- -MIIB3DCCAYOgAwIBAgINAgPlfvU/k/2lCSGypjAKBggqhkjOPQQDAjBQMSQwIgYD -VQQLExtHbG9iYWxTaWduIEVDQyBSb290IENBIC0gUjQxEzARBgNVBAoTCkdsb2Jh -bFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTIxMTEzMDAwMDAwWhcNMzgw -MTE5MDMxNDA3WjBQMSQwIgYDVQQLExtHbG9iYWxTaWduIEVDQyBSb290IENBIC0g -UjQxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wWTAT -BgcqhkjOPQIBBggqhkjOPQMBBwNCAAS4xnnTj2wlDp8uORkcA6SumuU5BwkWymOx -uYb4ilfBV85C+nOh92VC/x7BALJucw7/xyHlGKSq2XE/qNS5zowdo0IwQDAOBgNV -HQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUVLB7rUW44kB/ -+wpu+74zyTyjhNUwCgYIKoZIzj0EAwIDRwAwRAIgIk90crlgr/HmnKAWBVBfw147 -bmF0774BxL4YSFlhgjICICadVGNA3jdgUM/I2O2dgq43mLyjj0xMqTQrbO/7lZsm ------END CERTIFICATE----- -=== /OU=GlobalSign ECC Root CA - R5/O=GlobalSign/CN=GlobalSign -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 60:59:49:e0:26:2e:bb:55:f9:0a:77:8a:71:f9:4a:d8:6c - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Nov 13 00:00:00 2012 GMT - Not After : Jan 19 03:14:07 2038 GMT - Subject: OU=GlobalSign ECC Root CA - R5, O=GlobalSign, CN=GlobalSign - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 3D:E6:29:48:9B:EA:07:CA:21:44:4A:26:DE:6E:DE:D2:83:D0:9F:59 -SHA1 Fingerprint=1F:24:C6:30:CD:A4:18:EF:20:69:FF:AD:4F:DD:5F:46:3A:1B:69:AA -SHA256 Fingerprint=17:9F:BC:14:8A:3D:D0:0F:D2:4E:A1:34:58:CC:43:BF:A7:F5:9C:81:82:D7:83:A5:13:F6:EB:EC:10:0C:89:24 ------BEGIN CERTIFICATE----- -MIICHjCCAaSgAwIBAgIRYFlJ4CYuu1X5CneKcflK2GwwCgYIKoZIzj0EAwMwUDEk -MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpH -bG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoX -DTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBD -QSAtIFI1MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu -MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAER0UOlvt9Xb/pOdEh+J8LttV7HpI6SFkc -8GIxLcB6KP4ap1yztsyX50XUWPrRd21DosCHZTQKH3rd6zwzocWdTaRvQZU4f8ke -hOvRnkmSh5SHDDqFSmafnVmTTZdhBoZKo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYD -VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUPeYpSJvqB8ohREom3m7e0oPQn1kwCgYI -KoZIzj0EAwMDaAAwZQIxAOVpEslu28YxuglB4Zf4+/2a4n0Sye18ZNPLBSWLVtmg -515dTguDnFt2KaAJJiFqYgIwcdK1j1zqO+F4CYWodZI7yFz9SO8NdCKoCOJuxUnO -xwy8p2Fp8fc74SrL+SvzZpA3 ------END CERTIFICATE----- -=== /OU=GlobalSign Root CA - R3/O=GlobalSign/CN=GlobalSign -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 04:00:00:00:00:01:21:58:53:08:a2 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Mar 18 10:00:00 2009 GMT - Not After : Mar 18 10:00:00 2029 GMT - Subject: OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 8F:F0:4B:7F:A8:2E:45:24:AE:4D:50:FA:63:9A:8B:DE:E2:DD:1B:BC -SHA1 Fingerprint=D6:9B:56:11:48:F0:1C:77:C5:45:78:C1:09:26:DF:5B:85:69:76:AD -SHA256 Fingerprint=CB:B5:22:D7:B7:F1:27:AD:6A:01:13:86:5B:DF:1C:D4:10:2E:7D:07:59:AF:63:5A:7C:F4:72:0D:C9:63:C5:3B ------BEGIN CERTIFICATE----- -MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G -A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp -Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4 -MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEG -A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWtiHL8 -RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsT -gHeMCOFJ0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmm -KPZpO/bLyCiR5Z2KYVc3rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zd -QQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjlOCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZ -XriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2xmmFghcCAwEAAaNCMEAw -DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI/wS3+o -LkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZU -RUm7lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMp -jjM5RcOO5LlXbKr8EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK -6fBdRoyV3XpYKBovHd7NADdBj+1EbddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQX -mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs -Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH -WD9f ------END CERTIFICATE----- -=== /OU=GlobalSign Root CA - R6/O=GlobalSign/CN=GlobalSign -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51 - Signature Algorithm: sha384WithRSAEncryption - Validity - Not Before: Dec 10 00:00:00 2014 GMT - Not After : Dec 10 00:00:00 2034 GMT - Subject: OU=GlobalSign Root CA - R6, O=GlobalSign, CN=GlobalSign - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - AE:6C:05:A3:93:13:E2:A2:E7:E2:D7:1C:D6:C7:F0:7F:C8:67:53:A0 - X509v3 Authority Key Identifier: - keyid:AE:6C:05:A3:93:13:E2:A2:E7:E2:D7:1C:D6:C7:F0:7F:C8:67:53:A0 - -SHA1 Fingerprint=80:94:64:0E:B5:A7:A1:CA:11:9C:1F:DD:D5:9F:81:02:63:A7:FB:D1 -SHA256 Fingerprint=2C:AB:EA:FE:37:D0:6C:A2:2A:BA:73:91:C0:03:3D:25:98:29:52:C4:53:64:73:49:76:3A:3A:B5:AD:6C:CF:69 ------BEGIN CERTIFICATE----- -MIIFgzCCA2ugAwIBAgIORea7A4Mzw4VlSOb/RVEwDQYJKoZIhvcNAQEMBQAwTDEg -MB4GA1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjYxEzARBgNVBAoTCkdsb2Jh -bFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTQxMjEwMDAwMDAwWhcNMzQx -MjEwMDAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSNjET -MBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCAiIwDQYJ -KoZIhvcNAQEBBQADggIPADCCAgoCggIBAJUH6HPKZvnsFMp7PPcNCPG0RQssgrRI -xutbPK6DuEGSMxSkb3/pKszGsIhrxbaJ0cay/xTOURQh7ErdG1rG1ofuTToVBu1k -ZguSgMpE3nOUTvOniX9PeGMIyBJQbUJmL025eShNUhqKGoC3GYEOfsSKvGRMIRxD -aNc9PIrFsmbVkJq3MQbFvuJtMgamHvm566qjuL++gmNQ0PAYid/kD3n16qIfKtJw -LnvnvJO7bVPiSHyMEAc4/2ayd2F+4OqMPKq0pPbzlUoSB239jLKJz9CgYXfIWHSw -1CM69106yqLbnQneXUQtkPGBzVeS+n68UARjNN9rkxi+azayOeSsJDa38O+2HBNX -k7besvjihbdzorg1qkXy4J02oW9UivFyVm4uiMVRQkQVlO6jxTiWm05OWgtH8wY2 -SXcwvHE35absIQh1/OZhFj931dmRl4QKbNQCTXTAFO39OfuD8l4UoQSwC+n+7o/h -bguyCLNhZglqsQY6ZZZZwPA1/cnaKI0aEYdwgQqomnUdnjqGBQCe24DWJfncBZ4n -WUx2OVvq+aWh2IMP0f/fMBH5hc8zSPXKbWQULHpYT9NLCEnFlWQaYw55PfWzjMpY -rZxCRXluDocZXFSxZba/jJvcE+kNb7gu3GduyYsRtYQUigAZcIN5kZeR1Bonvzce -MgfYFGM8KEyvAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTAD -AQH/MB0GA1UdDgQWBBSubAWjkxPioufi1xzWx/B/yGdToDAfBgNVHSMEGDAWgBSu -bAWjkxPioufi1xzWx/B/yGdToDANBgkqhkiG9w0BAQwFAAOCAgEAgyXt6NH9lVLN -nsAEoJFp5lzQhN7craJP6Ed41mWYqVuoPId8AorRbrcWc+ZfwFSY1XS+wc3iEZGt -Ixg93eFyRJa0lV7Ae46ZeBZDE1ZXs6KzO7V33EByrKPrmzU+sQghoefEQzd5Mr61 -55wsTLxDKZmOMNOsIeDjHfrYBzN2VAAiKrlNIC5waNrlU/yDXNOd8v9EDERm8tLj -vUYAGm0CuiVdjaExUd1URhxN25mW7xocBFymFe944Hn+Xds+qkxV/ZoVqW/hpvvf -cDDpw+5CRu3CkwWJ+n1jez/QcYF8AOiYrg54NMMl+68KnyBr3TsTjxKM4kEaSHpz -oHdpx7Zcf4LIHv5YGygrqGytXm3ABdJ7t+uA/iU3/gKbaKxCXcPu9czc8FB10jZp -nOZ7BN9uBmm23goJSFmH63sUYHpkqmlD75HHTOwY3WzvUy2MmeFe8nI+z1TIvWfs -pA9MRf/TuTAjB0yPEL+GltmZWrSZVxykzLsViVO6LAUP5MSeGbEYNNVMnbrt9x+v -JJUEeKgDu+6B5dpffItKoZB0JaezPkvILFa9x8jvOOJckvB595yEunQtYQEgfn7R -8k8HWV+LLUNS60YMlOH1Zkd5d9VUWx+tJDfLRVpOoERIyNiwmcUVhAn21klJwGW4 -5hpxbqCo8YLoRT5s1gLXCmeDBVrJpBA= ------END CERTIFICATE----- - -### GlobalSign nv-sa - -=== /C=BE/O=GlobalSign nv-sa/CN=GlobalSign Root E46 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 11:d2:bb:ba:33:6e:d4:bc:e6:24:68:c5:0d:84:1d:98:e8:43 - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Mar 20 00:00:00 2019 GMT - Not After : Mar 20 00:00:00 2046 GMT - Subject: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Root E46 - X509v3 extensions: - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 31:0A:90:8F:B6:C6:9D:D2:44:4B:80:B5:A2:E6:1F:B1:12:4F:1B:95 -SHA1 Fingerprint=39:B4:6C:D5:FE:80:06:EB:E2:2F:4A:BB:08:33:A0:AF:DB:B9:DD:84 -SHA256 Fingerprint=CB:B9:C4:4D:84:B8:04:3E:10:50:EA:31:A6:9F:51:49:55:D7:BF:D2:E2:C6:B4:93:01:01:9A:D6:1D:9F:50:58 ------BEGIN CERTIFICATE----- -MIICCzCCAZGgAwIBAgISEdK7ujNu1LzmJGjFDYQdmOhDMAoGCCqGSM49BAMDMEYx -CzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRwwGgYDVQQD -ExNHbG9iYWxTaWduIFJvb3QgRTQ2MB4XDTE5MDMyMDAwMDAwMFoXDTQ2MDMyMDAw -MDAwMFowRjELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2Ex -HDAaBgNVBAMTE0dsb2JhbFNpZ24gUm9vdCBFNDYwdjAQBgcqhkjOPQIBBgUrgQQA -IgNiAAScDrHPt+ieUnd1NPqlRqetMhkytAepJ8qUuwzSChDH2omwlwxwEwkBjtjq -R+q+soArzfwoDdusvKSGN+1wCAB16pMLey5SnCNoIwZD7JIvU4Tb+0cUB+hflGdd -yXqBPCCjQjBAMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud -DgQWBBQxCpCPtsad0kRLgLWi5h+xEk8blTAKBggqhkjOPQQDAwNoADBlAjEA31SQ -7Zvvi5QCkxeCmb6zniz2C5GMn0oUsfZkvLtoURMMA/cVi4RguYv/Uo7njLwcAjA8 -+RHUjE7AwWHCFUyqqx0LMV87HOIAl0Qx5v5zli/altP+CAezNIm8BZ/3Hobui3A= ------END CERTIFICATE----- -=== /C=BE/O=GlobalSign nv-sa/CN=GlobalSign Root R46 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 11:d2:bb:b9:d7:23:18:9e:40:5f:0a:9d:2d:d0:df:25:67:d1 - Signature Algorithm: sha384WithRSAEncryption - Validity - Not Before: Mar 20 00:00:00 2019 GMT - Not After : Mar 20 00:00:00 2046 GMT - Subject: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Root R46 - X509v3 extensions: - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 03:5C:AB:73:81:87:A8:CC:B0:A6:D5:94:E2:36:96:49:FF:05:99:2C -SHA1 Fingerprint=53:A2:B0:4B:CA:6B:D6:45:E6:39:8A:8E:C4:0D:D2:BF:77:C3:A2:90 -SHA256 Fingerprint=4F:A3:12:6D:8D:3A:11:D1:C4:85:5A:4F:80:7C:BA:D6:CF:91:9D:3A:5A:88:B0:3B:EA:2C:63:72:D9:3C:40:C9 ------BEGIN CERTIFICATE----- -MIIFWjCCA0KgAwIBAgISEdK7udcjGJ5AXwqdLdDfJWfRMA0GCSqGSIb3DQEBDAUA -MEYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRwwGgYD -VQQDExNHbG9iYWxTaWduIFJvb3QgUjQ2MB4XDTE5MDMyMDAwMDAwMFoXDTQ2MDMy -MDAwMDAwMFowRjELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYt -c2ExHDAaBgNVBAMTE0dsb2JhbFNpZ24gUm9vdCBSNDYwggIiMA0GCSqGSIb3DQEB -AQUAA4ICDwAwggIKAoICAQCsrHQy6LNl5brtQyYdpokNRbopiLKkHWPd08EsCVeJ -OaFV6Wc0dwxu5FUdUiXSE2te4R2pt32JMl8Nnp8semNgQB+msLZ4j5lUlghYruQG -vGIFAha/r6gjA7aUD7xubMLL1aa7DOn2wQL7Id5m3RerdELv8HQvJfTqa1VbkNud -316HCkD7rRlr+/fKYIje2sGP1q7Vf9Q8g+7XFkyDRTNrJ9CG0Bwta/OrffGFqfUo -0q3v84RLHIf8E6M6cqJaESvWJ3En7YEtbWaBkoe0G1h6zD8K+kZPTXhc+CtI4wSE -y132tGqzZfxCnlEmIyDLPRT5ge1lFgBPGmSXZgjPjHvjK8Cd+RTyG/FWaha/LIWF -zXg4mutCagI0GIMXTpRW+LaCtfOW3T3zvn8gdz57GSNrLNRyc0NXfeD412lPFzYE -+cCQYDdF3uYM2HSNrpyibXRdQr4G9dlkbgIQrImwTDsHTUB+JMWKmIJ5jqSngiCN -I/onccnfxkF0oE32kRbcRoxfKWMxWXEM2G/CtjJ9++ZdU6Z+Ffy7dXxd7Pj2Fxzs -x2sZy/N78CsHpdlseVR2bJ0cpm4O6XkMqCNqo98bMDGfsVR7/mrLZqrcZdCinkqa -ByFrgY/bxFn63iLABJzjqls2k+g9vXqhnQt2sQvHnf3PmKgGwvgqo6GDoLclcqUC -4wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV -HQ4EFgQUA1yrc4GHqMywptWU4jaWSf8FmSwwDQYJKoZIhvcNAQEMBQADggIBAHx4 -7PYCLLtbfpIrXTncvtgdokIzTfnvpCo7RGkerNlFo048p9gkUbJUHJNOxO97k4Vg -JuoJSOD1u8fpaNK7ajFxzHmuEajwmf3lH7wvqMxX63bEIaZHU1VNaL8FpO7XJqti -2kM3S+LGteWygxk6x9PbTZ4IevPuzz5i+6zoYMzRx6Fcg0XERczzF2sUyQQCPtIk -pnnpHs6i58FZFZ8d4kuaPp92CC1r2LpXFNqD6v6MVenQTqnMdzGxRBF6XLE+0xRF -FRhiJBPSy03OXIPBNvIQtQ6IbbjhVp+J3pZmOUdkLG5NrmJ7v2B0GbhWrJKsFjLt -rWhV/pi60zTe9Mlhww6G9kuEYO4Ne7UyWHmRVSyBQ7N0H3qqJZ4d16GLuc1CLgSk -ZoNNiTW2bKg2SnkheCLQQrzRQDGQob4Ez8pn7fXwgNNgyYMqIgXQBztSvwyeqiv5 -u+YfjyW6hY0XHgL+XVAEV8/+LbzvXMAaq7afJMbfc2hIkCwU9D9SGuTSyxTDYWnP -4vkYxboznxSjBF25cfe1lNj2M8FawTSLfJvdkzrnE6JwYZ+vj+vYxXX4M2bUdGc6 -N3ec592kD3ZDZopD8p/7DEJ4Y9HiD2971KE9dJeFt0g5QdYg/NA6s/rob8SKunE3 -vouXsXgxT7PntgMTzlSdriVZzH81Xwj3QEUxeCp6 ------END CERTIFICATE----- -=== /C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 04:00:00:00:00:01:15:4b:5a:c3:94 - Signature Algorithm: sha1WithRSAEncryption - Validity - Not Before: Sep 1 12:00:00 1998 GMT - Not After : Jan 28 12:00:00 2028 GMT - Subject: C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 60:7B:66:1A:45:0D:97:CA:89:50:2F:7D:04:CD:34:A8:FF:FC:FD:4B -SHA1 Fingerprint=B1:BC:96:8B:D4:F4:9D:62:2A:A8:9A:81:F2:15:01:52:A4:1D:82:9C -SHA256 Fingerprint=EB:D4:10:40:E4:BB:3E:C7:42:C9:E3:81:D3:1E:F2:A4:1A:48:B6:68:5C:96:E7:CE:F3:C1:DF:6C:D4:33:1C:99 ------BEGIN CERTIFICATE----- -MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG -A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv -b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw -MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i -YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT -aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ -jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp -xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp -1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG -snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ -U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8 -9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B -AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz -yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE -38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP -AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad -DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME -HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A== ------END CERTIFICATE----- - -### GoDaddy.com, Inc. - -=== /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./CN=Go Daddy Root Certificate Authority - G2 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 0 (0x0) - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Sep 1 00:00:00 2009 GMT - Not After : Dec 31 23:59:59 2037 GMT - Subject: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - 3A:9A:85:07:10:67:28:B6:EF:F6:BD:05:41:6E:20:C1:94:DA:0F:DE -SHA1 Fingerprint=47:BE:AB:C9:22:EA:E8:0E:78:78:34:62:A7:9F:45:C2:54:FD:E6:8B -SHA256 Fingerprint=45:14:0B:32:47:EB:9C:C8:C5:B4:F0:D7:B5:30:91:F7:32:92:08:9E:6E:5A:63:E2:74:9D:D3:AC:A9:19:8E:DA ------BEGIN CERTIFICATE----- -MIIDxTCCAq2gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT -EUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRp -ZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAwMFoXDTM3MTIzMTIz -NTk1OVowgYMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQH -EwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8GA1UE -AxMoR28gRGFkZHkgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIw -DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL9xYgjx+lk09xvJGKP3gElY6SKD -E6bFIEMBO4Tx5oVJnyfq9oQbTqC023CYxzIBsQU+B07u9PpPL1kwIuerGVZr4oAH -/PMWdYA5UXvl+TW2dE6pjYIT5LY/qQOD+qK+ihVqf94Lw7YZFAXK6sOoBJQ7Rnwy -DfMAZiLIjWltNowRGLfTshxgtDj6AozO091GB94KPutdfMh8+7ArU6SSYmlRJQVh -GkSBjCypQ5Yj36w6gZoOKcUcqeldHraenjAKOc7xiID7S13MMuyFYkMlNAJWJwGR -tDtwKj9useiciAF9n9T521NtYJ2/LOdYq7hfRvzOxBsDPAnrSTFcaUaz4EcCAwEA -AaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYE -FDqahQcQZyi27/a9BUFuIMGU2g/eMA0GCSqGSIb3DQEBCwUAA4IBAQCZ21151fmX -WWcDYfF+OwYxdS2hII5PZYe096acvNjpL9DbWu7PdIxztDhC2gV7+AJ1uP2lsdeu -9tfeE8tTEH6KRtGX+rcuKxGrkLAngPnon1rpN5+r5N9ss4UXnT3ZJE95kTXWXwTr -gIOrmgIttRD02JDHBHNA7XIloKmf7J6raBKZV8aPEjoJpL1E/QYVN8Gb5DKj7Tjo -2GTzLH4U/ALqn83/B2gX2yKQOC16jdFU8WnjXzPKej17CuPKf1855eJ1usV2GDPO -LPAvTK33sefOT6jEm0pUBsV/fdUID+Ic/n4XuKxe9tQWskMJDE32p2u0mYRlynqI -4uJEvlz36hz1 ------END CERTIFICATE----- - -### Google Trust Services LLC - -=== /C=US/O=Google Trust Services LLC/CN=GTS Root R1 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 02:03:e5:93:6f:31:b0:13:49:88:6b:a2:17 - Signature Algorithm: sha384WithRSAEncryption - Validity - Not Before: Jun 22 00:00:00 2016 GMT - Not After : Jun 22 00:00:00 2036 GMT - Subject: C=US, O=Google Trust Services LLC, CN=GTS Root R1 - X509v3 extensions: - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - E4:AF:2B:26:71:1A:2B:48:27:85:2F:52:66:2C:EF:F0:89:13:71:3E -SHA1 Fingerprint=E5:8C:1C:C4:91:3B:38:63:4B:E9:10:6E:E3:AD:8E:6B:9D:D9:81:4A -SHA256 Fingerprint=D9:47:43:2A:BD:E7:B7:FA:90:FC:2E:6B:59:10:1B:12:80:E0:E1:C7:E4:E4:0F:A3:C6:88:7F:FF:57:A7:F4:CF ------BEGIN CERTIFICATE----- -MIIFVzCCAz+gAwIBAgINAgPlk28xsBNJiGuiFzANBgkqhkiG9w0BAQwFADBHMQsw -CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU -MBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIyMDAw -MDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp -Y2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEBAQUA -A4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaMf/vo -27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vXmX7w -Cl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7zUjw -TcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0Pfybl -qAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtcvfaH -szVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4Zor8 -Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUspzBmk -MiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOORc92 -wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYWk70p -aDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+DVrN -VjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgFlQID -AQABo0IwQDAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E -FgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBAJ+qQibb -C5u+/x6Wki4+omVKapi6Ist9wTrYggoGxval3sBOh2Z5ofmmWJyq+bXmYOfg6LEe -QkEzCzc9zolwFcq1JKjPa7XSQCGYzyI0zzvFIoTgxQ6KfF2I5DUkzps+GlQebtuy -h6f88/qBVRRiClmpIgUxPoLW7ttXNLwzldMXG+gnoot7TiYaelpkttGsN/H9oPM4 -7HLwEXWdyzRSjeZ2axfG34arJ45JK3VmgRAhpuo+9K4l/3wV3s6MJT/KYnAK9y8J -ZgfIPxz88NtFMN9iiMG1D53Dn0reWVlHxYciNuaCp+0KueIHoI17eko8cdLiA6Ef -MgfdG+RCzgwARWGAtQsgWSl4vflVy2PFPEz0tv/bal8xa5meLMFrUKTX5hgUvYU/ -Z6tGn6D/Qqc6f1zLXbBwHSs09dR2CQzreExZBfMzQsNhFRAbd03OIozUhfJFfbdT -6u9AWpQKXCBfTkBdYiJ23//OYb2MI3jSNwLgjt7RETeJ9r/tSQdirpLsQBqvFAnZ -0E6yove+7u7Y/9waLd64NnHi/Hm3lCXRSHNboTXns5lndcEZOitHTtNCjv0xyBZm -2tIMPNuzjsmhDYAPexZ3FL//2wmUspO8IFgV6dtxQ/PeEMMA3KgqlbbC1j+Qa3bb -bP6MvPJwNQzcmRk13NfIRmPVNnGuV/u3gm3c ------END CERTIFICATE----- -=== /C=US/O=Google Trust Services LLC/CN=GTS Root R2 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 02:03:e5:ae:c5:8d:04:25:1a:ab:11:25:aa - Signature Algorithm: sha384WithRSAEncryption - Validity - Not Before: Jun 22 00:00:00 2016 GMT - Not After : Jun 22 00:00:00 2036 GMT - Subject: C=US, O=Google Trust Services LLC, CN=GTS Root R2 - X509v3 extensions: - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - BB:FF:CA:8E:23:9F:4F:99:CA:DB:E2:68:A6:A5:15:27:17:1E:D9:0E -SHA1 Fingerprint=9A:44:49:76:32:DB:DE:FA:D0:BC:FB:5A:7B:17:BD:9E:56:09:24:94 -SHA256 Fingerprint=8D:25:CD:97:22:9D:BF:70:35:6B:DA:4E:B3:CC:73:40:31:E2:4C:F0:0F:AF:CF:D3:2D:C7:6E:B5:84:1C:7E:A8 ------BEGIN CERTIFICATE----- -MIIFVzCCAz+gAwIBAgINAgPlrsWNBCUaqxElqjANBgkqhkiG9w0BAQwFADBHMQsw -CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU -MBIGA1UEAxMLR1RTIFJvb3QgUjIwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIyMDAw -MDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp -Y2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjIwggIiMA0GCSqGSIb3DQEBAQUA -A4ICDwAwggIKAoICAQDO3v2m++zsFDQ8BwZabFn3GTXd98GdVarTzTukk3LvCvpt -nfbwhYBboUhSnznFt+4orO/LdmgUud+tAWyZH8QiHZ/+cnfgLFuv5AS/T3KgGjSY -6Dlo7JUle3ah5mm5hRm9iYz+re026nO8/4Piy33B0s5Ks40FnotJk9/BW9BuXvAu -MC6C/Pq8tBcKSOWIm8Wba96wyrQD8Nr0kLhlZPdcTK3ofmZemde4wj7I0BOdre7k -RXuJVfeKH2JShBKzwkCX44ofR5GmdFrS+LFjKBC4swm4VndAoiaYecb+3yXuPuWg -f9RhD1FLPD+M2uFwdNjCaKH5wQzpoeJ/u1U8dgbuak7MkogwTZq9TwtImoS1mKPV -+3PBV2HdKFZ1E66HjucMUQkQdYhMvI35ezzUIkgfKtzra7tEscszcTJGr61K8Yzo -dDqs5xoic4DSMPclQsciOzsSrZYuxsN2B6ogtzVJV+mSSeh2FnIxZyuWfoqjx5RW -Ir9qS34BIbIjMt/kmkRtWVtd9QCgHJvGeJeNkP+byKq0rxFROV7Z+2et1VsRnTKa -G73VululycslaVNVJ1zgyjbLiGH7HrfQy+4W+9OmTN6SpdTi3/UGVN4unUu0kzCq -gc7dGtxRcw1PcOnlthYhGXmy5okLdWTK1au8CcEYof/UVKGFPP0UJAOyh9OktwID -AQABo0IwQDAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E -FgQUu//KjiOfT5nK2+JopqUVJxce2Q4wDQYJKoZIhvcNAQEMBQADggIBAB/Kzt3H -vqGf2SdMC9wXmBFqiN495nFWcrKeGk6c1SuYJF2ba3uwM4IJvd8lRuqYnrYb/oM8 -0mJhwQTtzuDFycgTE1XnqGOtjHsB/ncw4c5omwX4Eu55MaBBRTUoCnGkJE+M3DyC -B19m3H0Q/gxhswWV7uGugQ+o+MePTagjAiZrHYNSVc61LwDKgEDg4XSsYPWHgJ2u -NmSRXbBoGOqKYcl3qJfEycel/FVL8/B/uWU9J2jQzGv6U53hkRrJXRqWbTKH7QMg -yALOWr7Z6v2yTcQvG99fevX4i8buMTolUVVnjWQye+mew4K6Ki3pHrTgSAai/Gev -HyICc/sgCq+dVEuhzf9gR7A/Xe8bVr2XIZYtCtFenTgCR2y59PYjJbigapordwj6 -xLEokCZYCDzifqrXPW+6MYgKBesntaFJ7qBFVHvmJ2WZICGoo7z7GJa7Um8M7YNR -TOlZ4iBgxcJlkoKM8xAfDoqXvneCbT+PHV28SSe9zE8P4c52hgQjxcCMElv924Sg -JPFI/2R80L5cFtHvma3AH/vLrrw4IgYmZNralw4/KBVEqE8AyvCazM90arQ+POuV -7LXTWtiBmelDGDfrs7vRWGJB82bSj6p4lVQgw1oudCvV0b4YacCs1aTPObpRhANl -6WLAYv7YTVWW4tAR+kg0Eeye7QUd5MjWHYbL ------END CERTIFICATE----- -=== /C=US/O=Google Trust Services LLC/CN=GTS Root R3 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 02:03:e5:b8:82:eb:20:f8:25:27:6d:3d:66 - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Jun 22 00:00:00 2016 GMT - Not After : Jun 22 00:00:00 2036 GMT - Subject: C=US, O=Google Trust Services LLC, CN=GTS Root R3 - X509v3 extensions: - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - C1:F1:26:BA:A0:2D:AE:85:81:CF:D3:F1:2A:12:BD:B8:0A:67:FD:BC -SHA1 Fingerprint=ED:E5:71:80:2B:C8:92:B9:5B:83:3C:D2:32:68:3F:09:CD:A0:1E:46 -SHA256 Fingerprint=34:D8:A7:3E:E2:08:D9:BC:DB:0D:95:65:20:93:4B:4E:40:E6:94:82:59:6E:8B:6F:73:C8:42:6B:01:0A:6F:48 ------BEGIN CERTIFICATE----- -MIICCTCCAY6gAwIBAgINAgPluILrIPglJ209ZjAKBggqhkjOPQQDAzBHMQswCQYD -VQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEUMBIG -A1UEAxMLR1RTIFJvb3QgUjMwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIyMDAwMDAw -WjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2Vz -IExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjMwdjAQBgcqhkjOPQIBBgUrgQQAIgNi -AAQfTzOHMymKoYTey8chWEGJ6ladK0uFxh1MJ7x/JlFyb+Kf1qPKzEUURout736G -jOyxfi//qXGdGIRFBEFVbivqJn+7kAHjSxm65FSWRQmx1WyRRK2EE46ajA2ADDL2 -4CejQjBAMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW -BBTB8Sa6oC2uhYHP0/EqEr24Cmf9vDAKBggqhkjOPQQDAwNpADBmAjEA9uEglRR7 -VKOQFhG/hMjqb2sXnh5GmCCbn9MN2azTL818+FsuVbu/3ZL3pAzcMeGiAjEA/Jdm -ZuVDFhOD3cffL74UOO0BzrEXGhF16b0DjyZ+hOXJYKaV11RZt+cRLInUue4X ------END CERTIFICATE----- -=== /C=US/O=Google Trust Services LLC/CN=GTS Root R4 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 02:03:e5:c0:68:ef:63:1a:9c:72:90:50:52 - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Jun 22 00:00:00 2016 GMT - Not After : Jun 22 00:00:00 2036 GMT - Subject: C=US, O=Google Trust Services LLC, CN=GTS Root R4 - X509v3 extensions: - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 80:4C:D6:EB:74:FF:49:36:A3:D5:D8:FC:B5:3E:C5:6A:F0:94:1D:8C -SHA1 Fingerprint=77:D3:03:67:B5:E0:0C:15:F6:0C:38:61:DF:7C:E1:3B:92:46:4D:47 -SHA256 Fingerprint=34:9D:FA:40:58:C5:E2:63:12:3B:39:8A:E7:95:57:3C:4E:13:13:C8:3F:E6:8F:93:55:6C:D5:E8:03:1B:3C:7D ------BEGIN CERTIFICATE----- -MIICCTCCAY6gAwIBAgINAgPlwGjvYxqccpBQUjAKBggqhkjOPQQDAzBHMQswCQYD -VQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEUMBIG -A1UEAxMLR1RTIFJvb3QgUjQwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIyMDAwMDAw -WjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2Vz -IExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjQwdjAQBgcqhkjOPQIBBgUrgQQAIgNi -AATzdHOnaItgrkO4NcWBMHtLSZ37wWHO5t5GvWvVYRg1rkDdc/eJkTBa6zzuhXyi -QHY7qca4R9gq55KRanPpsXI5nymfopjTX15YhmUPoYRlBtHci8nHc8iMai/lxKvR -HYqjQjBAMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW -BBSATNbrdP9JNqPV2Py1PsVq8JQdjDAKBggqhkjOPQQDAwNpADBmAjEA6ED/g94D -9J+uHXqnLrmvT/aDHQ4thQEd0dlq7A/Cr8deVl5c1RxYIigL9zC2L7F8AjEA8GE8 -p/SgguMh1YQdc4acLa/KNJvxn7kjNuK8YAOdgLOaVsjh4rsUecrNIdSUtUlD ------END CERTIFICATE----- - -### Hellenic Academic and Research Institutions CA - -=== /C=GR/O=Hellenic Academic and Research Institutions CA/CN=HARICA TLS ECC Root CA 2021 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 67:74:9d:8d:77:d8:3b:6a:db:22:f4:ff:59:e2:bf:ce - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Feb 19 11:01:10 2021 GMT - Not After : Feb 13 11:01:09 2045 GMT - Subject: C=GR, O=Hellenic Academic and Research Institutions CA, CN=HARICA TLS ECC Root CA 2021 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - C9:1B:53:81:12:FE:04:D5:16:D1:AA:BC:9A:6F:B7:A0:95:19:6E:CA - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign -SHA1 Fingerprint=BC:B0:C1:9D:E9:98:92:70:19:38:57:E9:8D:A7:B4:5D:6E:EE:01:48 -SHA256 Fingerprint=3F:99:CC:47:4A:CF:CE:4D:FE:D5:87:94:66:5E:47:8D:15:47:73:9F:2E:78:0F:1B:B4:CA:9B:13:30:97:D4:01 ------BEGIN CERTIFICATE----- -MIICVDCCAdugAwIBAgIQZ3SdjXfYO2rbIvT/WeK/zjAKBggqhkjOPQQDAzBsMQsw -CQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2Vh -cmNoIEluc3RpdHV0aW9ucyBDQTEkMCIGA1UEAwwbSEFSSUNBIFRMUyBFQ0MgUm9v -dCBDQSAyMDIxMB4XDTIxMDIxOTExMDExMFoXDTQ1MDIxMzExMDEwOVowbDELMAkG -A1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJj -aCBJbnN0aXR1dGlvbnMgQ0ExJDAiBgNVBAMMG0hBUklDQSBUTFMgRUNDIFJvb3Qg -Q0EgMjAyMTB2MBAGByqGSM49AgEGBSuBBAAiA2IABDgI/rGgltJ6rK9JOtDA4MM7 -KKrxcm1lAEeIhPyaJmuqS7psBAqIXhfyVYf8MLA04jRYVxqEU+kw2anylnTDUR9Y -STHMmE5gEYd103KUkE+bECUqqHgtvpBBWJAVcqeht6NCMEAwDwYDVR0TAQH/BAUw -AwEB/zAdBgNVHQ4EFgQUyRtTgRL+BNUW0aq8mm+3oJUZbsowDgYDVR0PAQH/BAQD -AgGGMAoGCCqGSM49BAMDA2cAMGQCMBHervjcToiwqfAircJRQO9gcS3ujwLEXQNw -SaSS6sUUiHCm0w2wqsosQJz76YJumgIwK0eaB8bRwoF8yguWGEEbo/QwCZ61IygN -nxS2PFOiTAZpffpskcYqSUXm7LcT4Tps ------END CERTIFICATE----- -=== /C=GR/O=Hellenic Academic and Research Institutions CA/CN=HARICA TLS RSA Root CA 2021 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 39:ca:93:1c:ef:43:f3:c6:8e:93:c7:f4:64:89:38:7e - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Feb 19 10:55:38 2021 GMT - Not After : Feb 13 10:55:37 2045 GMT - Subject: C=GR, O=Hellenic Academic and Research Institutions CA, CN=HARICA TLS RSA Root CA 2021 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 0A:48:23:A6:60:A4:92:0A:33:EA:93:5B:C5:57:EA:25:4D:BD:12:EE - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign -SHA1 Fingerprint=02:2D:05:82:FA:88:CE:14:0C:06:79:DE:7F:14:10:E9:45:D7:A5:6D -SHA256 Fingerprint=D9:5D:0E:8E:DA:79:52:5B:F9:BE:B1:1B:14:D2:10:0D:32:94:98:5F:0C:62:D9:FA:BD:9C:D9:99:EC:CB:7B:1D ------BEGIN CERTIFICATE----- -MIIFpDCCA4ygAwIBAgIQOcqTHO9D88aOk8f0ZIk4fjANBgkqhkiG9w0BAQsFADBs -MQswCQYDVQQGEwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl -c2VhcmNoIEluc3RpdHV0aW9ucyBDQTEkMCIGA1UEAwwbSEFSSUNBIFRMUyBSU0Eg -Um9vdCBDQSAyMDIxMB4XDTIxMDIxOTEwNTUzOFoXDTQ1MDIxMzEwNTUzN1owbDEL -MAkGA1UEBhMCR1IxNzA1BgNVBAoMLkhlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNl -YXJjaCBJbnN0aXR1dGlvbnMgQ0ExJDAiBgNVBAMMG0hBUklDQSBUTFMgUlNBIFJv -b3QgQ0EgMjAyMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAIvC569l -mwVnlskNJLnQDmT8zuIkGCyEf3dRywQRNrhe7Wlxp57kJQmXZ8FHws+RFjZiPTgE -4VGC/6zStGndLuwRo0Xua2s7TL+MjaQenRG56Tj5eg4MmOIjHdFOY9TnuEFE+2uv -a9of08WRiFukiZLRgeaMOVig1mlDqa2YUlhu2wr7a89o+uOkXjpFc5gH6l8Cct4M -pbOfrqkdtx2z/IpZ525yZa31MJQjB/OCFks1mJxTuy/K5FrZx40d/JiZ+yykgmvw -Kh+OC19xXFyuQnspiYHLA6OZyoieC0AJQTPb5lh6/a6ZcMBaD9YThnEvdmn8kN3b -LW7R8pv1GmuebxWMevBLKKAiOIAkbDakO/IwkfN4E8/BPzWr8R0RI7VDIp4BkrcY -AuUR0YLbFQDMYTfBKnya4dC6s1BG7oKsnTH4+yPiAwBIcKMJJnkVU2DzOFytOOqB -AGMUuTNe3QvboEUHGjMJ+E20pwKmafTCWQWIZYVWrkvL4N48fS0ayOn7H6NhStYq -E613TBoYm5EPWNgGVMWX+Ko/IIqmhaZ39qb8HOLubpQzKoNQhArlT4b4UEV4AIHr -W2jjJo3Me1xR9BQsQL4aYB16cmEdH2MtiKrOokWQCPxrvrNQKlr9qEgYRtaQQJKQ -CoReaDH46+0N0x3GfZkYVVYnZS6NRcUk7M7jAgMBAAGjQjBAMA8GA1UdEwEB/wQF -MAMBAf8wHQYDVR0OBBYEFApII6ZgpJIKM+qTW8VX6iVNvRLuMA4GA1UdDwEB/wQE -AwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAPpBIqm5iFSVmewzVjIuJndftTgfvnNAU -X15QvWiWkKQUEapobQk1OUAJ2vQJLDSle1mESSmXdMgHHkdt8s4cUCbjnj1AUz/3 -f5Z2EMVGpdAgS1D0NTsY9FVqQRtHBmg8uwkIYtlfVUKqrFOFrJVWNlar5AWMxaja -H6NpvVMPxP/cyuN+8kyIhkdGGvMA9YCRotxDQpSbIPDRzbLrLFPCU3hKTwSUQZqP -JzLB5UkZv/HywouoCjkxKLR9YjYsTewfM7Z+d21+UPCfDtcRj88YxeMn/ibvBZ3P -zzfF0HvaO7AWhAw6k9a+F9sPPg4ZeAnHqQJyIkv3N3a6dcSFA1pj1bF1BcK5vZSt -jBWZp5N99sXzqnTPBIWUmAD04vnKJGW/4GKvyMX6ssmeVkjaef2WdhW+o45WxLM0 -/L5H9MG0qPzVMIho7suuyWPEdr6sOBjhXlzPrjoiUevRi7PzKzMHVIf6tLITe7pT -BGIBnfHAT+7hOtSLIBD6Alfm78ELt5BGnBkpjNxvoEppaZS3JGWg/6w/zgH7IS79 -aPib8qXPMThcFarmlwDB31qlpzmq6YR/PFGoOtmUW4y/Twhx5duoXNTSpv4Ao8YW -xw/ogM4cKGR0GQjTQuPOAF1/sdwTsOEFy9EgqoZ0njnnkf3/W9b3raYvAwtt41dU -63ZTGI0RmLo= ------END CERTIFICATE----- - -### Hellenic Academic and Research Institutions Cert. Authority - -=== /C=GR/L=Athens/O=Hellenic Academic and Research Institutions Cert. Authority/CN=Hellenic Academic and Research Institutions ECC RootCA 2015 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 0 (0x0) - Signature Algorithm: ecdsa-with-SHA256 - Validity - Not Before: Jul 7 10:37:12 2015 GMT - Not After : Jun 30 10:37:12 2040 GMT - Subject: C=GR, L=Athens, O=Hellenic Academic and Research Institutions Cert. Authority, CN=Hellenic Academic and Research Institutions ECC RootCA 2015 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - B4:22:0B:82:99:24:01:0E:9C:BB:E4:0E:FD:BF:FB:97:20:93:99:2A -SHA1 Fingerprint=9F:F1:71:8D:92:D5:9A:F3:7D:74:97:B4:BC:6F:84:68:0B:BA:B6:66 -SHA256 Fingerprint=44:B5:45:AA:8A:25:E6:5A:73:CA:15:DC:27:FC:36:D2:4C:1C:B9:95:3A:06:65:39:B1:15:82:DC:48:7B:48:33 ------BEGIN CERTIFICATE----- -MIICwzCCAkqgAwIBAgIBADAKBggqhkjOPQQDAjCBqjELMAkGA1UEBhMCR1IxDzAN -BgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl -c2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkxRDBCBgNVBAMTO0hl -bGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgRUNDIFJv -b3RDQSAyMDE1MB4XDTE1MDcwNzEwMzcxMloXDTQwMDYzMDEwMzcxMlowgaoxCzAJ -BgNVBAYTAkdSMQ8wDQYDVQQHEwZBdGhlbnMxRDBCBgNVBAoTO0hlbGxlbmljIEFj -YWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9yaXR5 -MUQwQgYDVQQDEztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0 -dXRpb25zIEVDQyBSb290Q0EgMjAxNTB2MBAGByqGSM49AgEGBSuBBAAiA2IABJKg -QehLgoRc4vgxEZmGZE4JJS+dQS8KrjVPdJWyUWRrjWvmP3CV8AVER6ZyOFB2lQJa -jq4onvktTpnvLEhvTCUp6NFxW98dwXU3tNf6e3pCnGoKVlp8aQuqgAkkbH7BRqNC -MEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFLQi -C4KZJAEOnLvkDv2/+5cgk5kqMAoGCCqGSM49BAMCA2cAMGQCMGfOFmI4oqxiRaep -lSTAGiecMjvAwNW6qef4BENThe5SId6d9SWDPp5YSy/XZxMOIQIwBeF1Ad5o7Sof -TUwJCA3sS61kFyjndc5FZXIhF8siQQ6ME5g4mlRtm8rifOoCWCKR ------END CERTIFICATE----- -=== /C=GR/L=Athens/O=Hellenic Academic and Research Institutions Cert. Authority/CN=Hellenic Academic and Research Institutions RootCA 2015 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 0 (0x0) - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Jul 7 10:11:21 2015 GMT - Not After : Jun 30 10:11:21 2040 GMT - Subject: C=GR, L=Athens, O=Hellenic Academic and Research Institutions Cert. Authority, CN=Hellenic Academic and Research Institutions RootCA 2015 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - 71:15:67:C8:C8:C9:BD:75:5D:72:D0:38:18:6A:9D:F3:71:24:54:0B -SHA1 Fingerprint=01:0C:06:95:A6:98:19:14:FF:BF:5F:C6:B0:B6:95:EA:29:E9:12:A6 -SHA256 Fingerprint=A0:40:92:9A:02:CE:53:B4:AC:F4:F2:FF:C6:98:1C:E4:49:6F:75:5E:6D:45:FE:0B:2A:69:2B:CD:52:52:3F:36 ------BEGIN CERTIFICATE----- -MIIGCzCCA/OgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCR1Ix -DzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5k -IFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkxQDA+BgNVBAMT -N0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgUm9v -dENBIDIwMTUwHhcNMTUwNzA3MTAxMTIxWhcNNDAwNjMwMTAxMTIxWjCBpjELMAkG -A1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNh -ZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkx -QDA+BgNVBAMTN0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1 -dGlvbnMgUm9vdENBIDIwMTUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC -AQDC+Kk/G4n8PDwEXT2QNrCROnk8ZlrvbTkBSRq0t89/TSNTt5AA4xMqKKYx8ZEA -4yjsriFBzh/a/X0SWwGDD7mwX5nh8hKDgE0GPt+sr+ehiGsxr/CL0BgzuNtFajT0 -AoAkKAoCFZVedioNmToUW/bLy1O8E00BiDeUJRtCvCLYjqOWXjrZMts+6PAQZe10 -4S+nfK8nNLspfZu2zwnI5dMK/IhlZXQK3HMcXM1AsRzUtoSMTFDPaI6oWa7CJ06C -ojXdFPQf/7J31Ycvqm59JCfnxssm5uX+Zwdj2EUN3TpZZTlYepKZcj2chF6IIbjV -9Cz82XBST3i4vTwri5WY9bPRaM8gFH5MXF/ni+X1NYEZN9cRCLdmvtNKzoNXADrD -gfgXy5I2XdGj2HUb4Ysn6npIQf1FGQatJ5lOwXBH3bWfgVMS5bGMSF0xQxfjjMZ6 -Y5ZLKTBOhE5iGV48zpeQpX8B653g+IuJ3SWYPZK2fu/Z8VFRfS0myGlZYeCsargq -NhEEelC9MoS+L9xy1dcdFkfkR2YgP/SWxa+OAXqlD3pk9Q0Yh9muiNX6hME6wGko -LfINaFGq46V3xqSQDqE3izEjR8EJCOtu93ib14L8hCCZSRm2Ekax+0VVFqmjZayc -Bw/qa9wfLgZy7IaIEuQt218FL+TwA9MmM+eAws1CoRc0CwIDAQABo0IwQDAPBgNV -HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUcRVnyMjJvXVd -ctA4GGqd83EkVAswDQYJKoZIhvcNAQELBQADggIBAHW7bVRLqhBYRjTyYtcWNl0I -XtVsyIe9tC5G8jH4fOpCtZMWVdyhDBKg2mF+D1hYc2Ryx+hFjtyp8iY/xnmMsVMI -M4GwVhO+5lFc2JsKT0ucVlMC6U/2DWDqTUJV6HwbISHTGzrMd/K4kPFox/la/vot -9L/J9UUbzjgQKjeKeaO04wlshYaT/4mWJ3iBj2fjRnRUjtkNaeJK9E10A/+yd+2V -Z5fkscWrv2oj6NSU4kQoYsRL4vDY4ilrGnB+JGGTe08DMiUNRSQrlrRGar9KC/ea -j8GsGsVn82800vpzY4zvFrCopEYq+OsS7HK07/grfoxSwIuEVPkvPuNVqNxmsdnh -X9izjFk0WaSrT2y7HxjbdavYy5LNlDhhDgcGH0tGEPEVvo2FXDtKK4F5D7Rpn0lQ -l033DlZdwJVqwjbDG2jJ9SrcR5q+ss7FJej6A7na+RZukYT1HCjI/CbM1xyQVqdf -bzoEvM14iQuODy+jqk+iGxI9FghAD/FGTNeqewjBCvVtJ94Cj8rDtSvK6evIIVM4 -pcw72Hc3MKJP2W/R8kCtQXoXxdZKNYm3QdV8hn9VTYNKpXMgwDqvkPGaJI7ZjnHK -e7iG2rKPmT4dEw0SEe7Uq/DpFXYC5ODfqiAeW2GFZECpkJcNrVPSWh2HagCXZWK0 -vm9qp/UsQu0yrbYhnr68 ------END CERTIFICATE----- - -### Hongkong Post - -=== /C=HK/ST=Hong Kong/L=Hong Kong/O=Hongkong Post/CN=Hongkong Post Root CA 3 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 08:16:5f:8a:4c:a5:ec:00:c9:93:40:df:c4:c6:ae:23:b8:1c:5a:a4 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Jun 3 02:29:46 2017 GMT - Not After : Jun 3 02:29:46 2042 GMT - Subject: C=HK, ST=Hong Kong, L=Hong Kong, O=Hongkong Post, CN=Hongkong Post Root CA 3 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Authority Key Identifier: - keyid:17:9D:CD:1E:8B:D6:39:2B:70:D3:5C:D4:A0:B8:1F:B0:00:FC:C5:61 - - X509v3 Subject Key Identifier: - 17:9D:CD:1E:8B:D6:39:2B:70:D3:5C:D4:A0:B8:1F:B0:00:FC:C5:61 -SHA1 Fingerprint=58:A2:D0:EC:20:52:81:5B:C1:F3:F8:64:02:24:4E:C2:8E:02:4B:02 -SHA256 Fingerprint=5A:2F:C0:3F:0C:83:B0:90:BB:FA:40:60:4B:09:88:44:6C:76:36:18:3D:F9:84:6E:17:10:1A:44:7F:B8:EF:D6 ------BEGIN CERTIFICATE----- -MIIFzzCCA7egAwIBAgIUCBZfikyl7ADJk0DfxMauI7gcWqQwDQYJKoZIhvcNAQEL -BQAwbzELMAkGA1UEBhMCSEsxEjAQBgNVBAgTCUhvbmcgS29uZzESMBAGA1UEBxMJ -SG9uZyBLb25nMRYwFAYDVQQKEw1Ib25na29uZyBQb3N0MSAwHgYDVQQDExdIb25n -a29uZyBQb3N0IFJvb3QgQ0EgMzAeFw0xNzA2MDMwMjI5NDZaFw00MjA2MDMwMjI5 -NDZaMG8xCzAJBgNVBAYTAkhLMRIwEAYDVQQIEwlIb25nIEtvbmcxEjAQBgNVBAcT -CUhvbmcgS29uZzEWMBQGA1UEChMNSG9uZ2tvbmcgUG9zdDEgMB4GA1UEAxMXSG9u -Z2tvbmcgUG9zdCBSb290IENBIDMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQCziNfqzg8gTr7m1gNt7ln8wlffKWihgw4+aMdoWJwcYEuJQwy51BWy7sFO -dem1p+/l6TWZ5Mwc50tfjTMwIDNT2aa71T4Tjukfh0mtUC1Qyhi+AViiE3CWu4mI -VoBc+L0sPOFMV4i707mV78vH9toxdCim5lSJ9UExyuUmGs2C4HDaOym71QP1mbpV -9WTRYA6ziUm4ii8F0oRFKHyPaFASePwLtVPLwpgchKOesL4jpNrcyCse2m5FHomY -2vkALgbpDDtw1VAliJnLzXNg99X/NWfFobxeq81KuEXryGgeDQ0URhLj0mRiikKY -vLTGCAj4/ahMZJx2Ab0vqWwzD9g/KLg8aQFChn5pwckGyuV6RmXpwtZQQS4/t+Tt -bNe/JgERohYpSms0BpDsE9K2+2p20jzt8NYt3eEV7KObLyzJPivkaTv/ciWxNoZb -x39ri1UbSsUgYT2uy1DhCDq+sI9jQVMwCFk8mB13umOResoQUGC/8Ne8lYePl8X+ -l2oBlKN8W4UdKjk60FSh0Tlxnf0h+bV78OLgAo9uliQlLKAeLKjEiafv7ZkGL7YK -TE/bosw3Gq9HhS2KX8Q0NEwA/RiTZxPRN+ZItIsGxVd7GYYKecsAyVKvQv83j+Gj -Hno9UKtjBucVtT+2RTeUN7F+8kjDf8V1/peNRY8apxpyKBpADwIDAQABo2MwYTAP -BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAWgBQXnc0e -i9Y5K3DTXNSguB+wAPzFYTAdBgNVHQ4EFgQUF53NHovWOStw01zUoLgfsAD8xWEw -DQYJKoZIhvcNAQELBQADggIBAFbVe27mIgHSQpsY1Q7XZiNc4/6gx5LS6ZStS6LG -7BJ8dNVI0lkUmcDrudHr9EgwW62nV3OZqdPlt9EuWSRY3GguLmLYauRwCy0gUCCk -MpXRAJi70/33MvJJrsZ64Ee+bs7Lo3I6LWldy8joRTnU+kLBEUx3XZL7av9YROXr -gZ6voJmtvqkBZss4HTzfQx/0TW60uhdG/H39h4F5ag0zD/ov+BS5gLNdTaqX4fnk -GMX41TiMJjz98iji7lpJiCzfeT2OnpA8vUFKOt1b9pq0zj8lMH8yfaIDlNDceqFS -3m6TjRgm/VWsvY+b0s+v54Ysyx8Jb6NvqYTUc79NoXQbTiNg8swOqn+knEwlqLJm -Ozj/2ZQw9nKEvmhVEA/GcywWaZMH/rFF7buiVWqw2rVKAiUnhde3t4ZEFolsgCs+ -l6mc1X5VTMbeRRAc6uk7nwNT7u56AQIWeNTowr5GdogTPyK7SBIdUgC0An4hGh6c -JfTzPV4e0hz5sy229zdcxsshTrD3mUcYhcErulWuBurQB7Lcq9CClnXO0lD+mefP -L5/ndtFhKvshuzHQqp9HpLIiyhY6UFfEW0NnxWViA0kB60PZ2Pierc+xYw5F9KBa -LJstxabArahH9CdMOA0uG0k7UvToiIMrVCjU8jVStDKDYmlkDJGcn5fqdBb9HxEG -mpv0 ------END CERTIFICATE----- - -### IZENPE S.A. - -=== /C=ES/O=IZENPE S.A./CN=Izenpe.com -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - b0:b7:5a:16:48:5f:bf:e1:cb:f5:8b:d7:19:e6:7d - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Dec 13 13:08:28 2007 GMT - Not After : Dec 13 08:27:25 2037 GMT - Subject: C=ES, O=IZENPE S.A., CN=Izenpe.com - X509v3 extensions: - X509v3 Subject Alternative Name: - email:info@izenpe.com, DirName:/O=IZENPE S.A. - CIF A01337260-RMerc.Vitoria-Gasteiz T1055 F62 S8/street=Avda del Mediterraneo Etorbidea 14 - 01010 Vitoria-Gasteiz - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - 1D:1C:65:0E:A8:F2:25:7B:B4:91:CF:E4:B1:B1:E6:BD:55:74:6C:05 -SHA1 Fingerprint=2F:78:3D:25:52:18:A7:4A:65:39:71:B5:2C:A2:9C:45:15:6F:E9:19 -SHA256 Fingerprint=25:30:CC:8E:98:32:15:02:BA:D9:6F:9B:1F:BA:1B:09:9E:2D:29:9E:0F:45:48:BB:91:4F:36:3B:C0:D4:53:1F ------BEGIN CERTIFICATE----- -MIIF8TCCA9mgAwIBAgIQALC3WhZIX7/hy/WL1xnmfTANBgkqhkiG9w0BAQsFADA4 -MQswCQYDVQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6 -ZW5wZS5jb20wHhcNMDcxMjEzMTMwODI4WhcNMzcxMjEzMDgyNzI1WjA4MQswCQYD -VQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6ZW5wZS5j -b20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJ03rKDx6sp4boFmVq -scIbRTJxldn+EFvMr+eleQGPicPK8lVx93e+d5TzcqQsRNiekpsUOqHnJJAKClaO -xdgmlOHZSOEtPtoKct2jmRXagaKH9HtuJneJWK3W6wyyQXpzbm3benhB6QiIEn6H -LmYRY2xU+zydcsC8Lv/Ct90NduM61/e0aL6i9eOBbsFGb12N4E3GVFWJGjMxCrFX -uaOKmMPsOzTFlUFpfnXCPCDFYbpRR6AgkJOhkEvzTnyFRVSa0QUmQbC1TR0zvsQD -yCV8wXDbO/QJLVQnSKwv4cSsPsjLkkxTOTcj7NMB+eAJRE1NZMDhDVqHIrytG6P+ -JrUV86f8hBnp7KGItERphIPzidF0BqnMC9bC3ieFUCbKF7jJeodWLBoBHmy+E60Q -rLUk9TiRodZL2vG70t5HtfG8gfZZa88ZU+mNFctKy6lvROUbQc/hhqfK0GqfvEyN -BjNaooXlkDWgYlwWTvDjovoDGrQscbNYLN57C9saD+veIR8GdwYDsMnvmfzAuU8L -hij+0rnq49qlw0dpEuDb8PYZi+17cNcC1u2HGCgsBCRMd+RIihrGO5rUD8r6ddIB -QFqNeb+Lz0vPqhbBleStTIo+F5HUsWLlguWABKQDfo2/2n+iD5dPDNMN+9fR5XJ+ -HMh3/1uaD7euBUbl8agW7EekFwIDAQABo4H2MIHzMIGwBgNVHREEgagwgaWBD2lu -Zm9AaXplbnBlLmNvbaSBkTCBjjFHMEUGA1UECgw+SVpFTlBFIFMuQS4gLSBDSUYg -QTAxMzM3MjYwLVJNZXJjLlZpdG9yaWEtR2FzdGVpeiBUMTA1NSBGNjIgUzgxQzBB -BgNVBAkMOkF2ZGEgZGVsIE1lZGl0ZXJyYW5lbyBFdG9yYmlkZWEgMTQgLSAwMTAx -MCBWaXRvcmlhLUdhc3RlaXowDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC -AQYwHQYDVR0OBBYEFB0cZQ6o8iV7tJHP5LGx5r1VdGwFMA0GCSqGSIb3DQEBCwUA -A4ICAQB4pgwWSp9MiDrAyw6lFn2fuUhfGI8NYjb2zRlrrKvV9pF9rnHzP7MOeIWb -laQnIUdCSnxIOvVFfLMMjlF4rJUT3sb9fbgakEyrkgPH7UIBzg/YsfqikuFgba56 -awmqxinuaElnMIAkejEWOVt+8Rwu3WwJrfIxwYJOubv5vr8qhT/AQKM6WfxZSzwo -JNu0FXWuDYi6LnPAvViH5ULy617uHjAimcs30cQhbIHsvm0m5hzkQiCeR7Csg1lw -LDXWrzY0tM07+DKo7+N4ifuNRSzanLh+QBxh5z6ikixL8s36mLYp//Pye6kfLqCT -VyvehQP5aTfLnnhqBbTFMXiJ7HqnheG5ezzevh55hM6fcA5ZwjUukCox2eRFekGk -LhObNA5me0mrZJfQRsN5nXJQY6aYWwa9SG3YOYNw6DXwBdGqvOPbyALqfP2C2sJb -UjWumDqtujWTI6cfSN01RpiyEGjkpTHCClguGYEQyVB1/OpaFs4R1+7vUIgtYf8/ -QnMFlEPVjjxOAToZpR9GTnfQXeWBIiGH/pR9hNiTrdZoQ0iy2+tzJOeRf1SktoA+ -naM8THLCV8Sg1Mw4J87VBp6iSNnpn86CcDaTmjvfliHjWbcM2pE38P1ZWrOZyGls -QyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxw== ------END CERTIFICATE----- - -### IdenTrust - -=== /C=US/O=IdenTrust/CN=IdenTrust Commercial Root CA 1 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 0a:01:42:80:00:00:01:45:23:c8:44:b5:00:00:00:02 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Jan 16 18:12:23 2014 GMT - Not After : Jan 16 18:12:23 2034 GMT - Subject: C=US, O=IdenTrust, CN=IdenTrust Commercial Root CA 1 - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - ED:44:19:C0:D3:F0:06:8B:EE:A4:7B:BE:42:E7:26:54:C8:8E:36:76 -SHA1 Fingerprint=DF:71:7E:AA:4A:D9:4E:C9:55:84:99:60:2D:48:DE:5F:BC:F0:3A:25 -SHA256 Fingerprint=5D:56:49:9B:E4:D2:E0:8B:CF:CA:D0:8A:3E:38:72:3D:50:50:3B:DE:70:69:48:E4:2F:55:60:30:19:E5:28:AE ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIQCgFCgAAAAUUjyES1AAAAAjANBgkqhkiG9w0BAQsFADBK -MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVu -VHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwHhcNMTQwMTE2MTgxMjIzWhcNMzQw -MTE2MTgxMjIzWjBKMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScw -JQYDVQQDEx5JZGVuVHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCnUBneP5k91DNG8W9RYYKyqU+PZ4ldhNlT -3Qwo2dfw/66VQ3KZ+bVdfIrBQuExUHTRgQ18zZshq0PirK1ehm7zCYofWjK9ouuU -+ehcCuz/mNKvcbO0U59Oh++SvL3sTzIwiEsXXlfEU8L2ApeN2WIrvyQfYo3fw7gp -S0l4PJNgiCL8mdo2yMKi1CxUAGc1bnO/AljwpN3lsKImesrgNqUZFvX9t++uP0D1 -bVoE/c40yiTcdCMbXTMTEl3EASX2MN0CXZ/g1Ue9tOsbobtJSdifWwLziuQkkORi -T0/Br4sOdBeo0XKIanoBScy0RnnGF7HamB4HWfp1IYVl3ZBWzvurpWCdxJ35UrCL -vYf5jysjCiN2O/cz4ckA82n5S6LgTrx+kzmEB/dEcH7+B1rlsazRGMzyNeVJSQjK -Vsk9+w8YfYs7wRPCTY/JTw436R+hDmrfYi7LNQZReSzIJTj0+kuniVyc0uMNOYZK -dHzVWYfCP04MXFL0PfdSgvHqo6z9STQaKPNBiDoT7uje/5kdX7rL6B7yuVBgwDHT -c+XvvqDtMwt0viAgxGds8AgDelWAf0ZOlqf0Hj7h9tgJ4TNkK2PXMl6f+cB7D3hv -l7yTmvmcEpB4eoCHFddydJxVdHixuuFucAS6T6C6aMN7/zHwcz09lCqxC0EOoP5N -iGVreTO01wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB -/zAdBgNVHQ4EFgQU7UQZwNPwBovupHu+QucmVMiONnYwDQYJKoZIhvcNAQELBQAD -ggIBAA2ukDL2pkt8RHYZYR4nKM1eVO8lvOMIkPkp165oCOGUAFjvLi5+U1KMtlwH -6oi6mYtQlNeCgN9hCQCTrQ0U5s7B8jeUeLBfnLOic7iPBZM4zY0+sLj7wM+x8uwt -LRvM7Kqas6pgghstO8OEPVeKlh6cdbjTMM1gCIOQ045U8U1mwF10A0Cj7oV+wh93 -nAbowacYXVKV7cndJZ5t+qntozo00Fl72u1Q8zW/7esUTTHHYPTa8Yec4kjixsU3 -+wYQ+nVZZjFHKdp2mhzpgq7vmrlR94gjmmmVYjzlVYA211QC//G5Xc7UI2/YRYRK -W2XviQzdFKcgyxilJbQN+QHwotL0AMh0jqEqSI5l2xPE4iUXfeu+h1sXIFRRk0pT -AwvsXcoz7WL9RccvW9xYoIA55vrX/hMUpu09lEpCdNTDd1lzzY9GvlU47/rokTLq -l1gEIt44w8y8bckzOmoKaT+gyOpyj4xjhiO9bTyWnpXgSUyqorkqG5w2gXjtw+hG -4iZZRHUe2XWJUc0QhJ1hYMtd+ZciTY6Y5uN/9lu7rs3KSoFrXgvzUeF0K+l+J6fZ -mUlO+KWA2yUPHGNiiskzZ2s8EIPGrd6ozRaOjfAHN3Gf8qv8QfXBi+wAN10J5U6A -7/qxXDgGpRtK4dw4LTzcqx+QGtVKnO7RcGzM7vRX+Bi6hG6H ------END CERTIFICATE----- -=== /C=US/O=IdenTrust/CN=IdenTrust Public Sector Root CA 1 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 0a:01:42:80:00:00:01:45:23:cf:46:7c:00:00:00:02 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Jan 16 17:53:32 2014 GMT - Not After : Jan 16 17:53:32 2034 GMT - Subject: C=US, O=IdenTrust, CN=IdenTrust Public Sector Root CA 1 - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - E3:71:E0:9E:D8:A7:42:D9:DB:71:91:6B:94:93:EB:C3:A3:D1:14:A3 -SHA1 Fingerprint=BA:29:41:60:77:98:3F:F4:F3:EF:F2:31:05:3B:2E:EA:6D:4D:45:FD -SHA256 Fingerprint=30:D0:89:5A:9A:44:8A:26:20:91:63:55:22:D1:F5:20:10:B5:86:7A:CA:E1:2C:78:EF:95:8F:D4:F4:38:9F:2F ------BEGIN CERTIFICATE----- -MIIFZjCCA06gAwIBAgIQCgFCgAAAAUUjz0Z8AAAAAjANBgkqhkiG9w0BAQsFADBN -MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVu -VHJ1c3QgUHVibGljIFNlY3RvciBSb290IENBIDEwHhcNMTQwMTE2MTc1MzMyWhcN -MzQwMTE2MTc1MzMyWjBNMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0 -MSowKAYDVQQDEyFJZGVuVHJ1c3QgUHVibGljIFNlY3RvciBSb290IENBIDEwggIi -MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2IpT8pEiv6EdrCvsnduTyP4o7 -ekosMSqMjbCpwzFrqHd2hCa2rIFCDQjrVVi7evi8ZX3yoG2LqEfpYnYeEe4IFNGy -RBb06tD6Hi9e28tzQa68ALBKK0CyrOE7S8ItneShm+waOh7wCLPQ5CQ1B5+ctMlS -bdsHyo+1W/CD80/HLaXIrcuVIKQxKFdYWuSNG5qrng0M8gozOSI5Cpcu81N3uURF -/YTLNiCBWS2ab21ISGHKTN9T0a9SvESfqy9rg3LvdYDaBjMbXcjaY8ZNzaxmMc3R -3j6HEDbhuaR672BQssvKplbgN6+rNBM5Jeg5ZuSYeqoSmJxZZoY+rfGwyj4GD3vw -EUs3oERte8uojHH01bWRNszwFcYr3lEXsZdMUD2xlVl8BX0tIdUAvwFnol57plzy -9yLxkA2T26pEUWbMfXYD62qoKjgZl3YNa4ph+bz27nb9cCvdKTz4Ch5bQhyLVi9V -GxyhLrXHFub4qjySjmm2AcG1hp2JDws4lFTo6tyePSW8Uybt1as5qsVATFSrsrTZ -2fjXctscvG29ZV/viDUqZi/u9rNl8DONfJhBaUYPQxxp+pu10GFqzcpL2UyQRqsV -WaFHVCkugyhfHMKiq3IXAAaOReyL4jM9f9oZRORicsPfIsbyVtTdX5Vy7W1f90gD -W/3FKqD2cyOEEBsB5wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/ -BAUwAwEB/zAdBgNVHQ4EFgQU43HgntinQtnbcZFrlJPrw6PRFKMwDQYJKoZIhvcN -AQELBQADggIBAEf63QqwEZE4rU1d9+UOl1QZgkiHVIyqZJnYWv6IAcVYpZmxI1Qj -t2odIFflAWJBF9MJ23XLblSQdf4an4EKwt3X9wnQW3IV5B4Jaj0z8yGa5hV+rVHV -DRDtfULAj+7AmgjVQdZcDiFpboBhDhXAuM/FSRJSzL46zNQuOAXeNf0fb7iAaJg9 -TaDKQGXSc3z1i9kKlT/YPyNtGtEqJBnZhbMX73huqVjRI9PHE+1yJX9dsXNw0H8G -lwmEKYBhHfpe/3OsoOOJuBxxFcbeMX8S3OFtm6/n6J91eEyrRjuazr8FGF1NFTwW -mhlQBJqymm9li1JfPFgEKCXAZmExfrngdbkaqIHWchezxQMxNRF4eKLg6TCMf4Df -WN88uieW4oA0beOY02QnrEh+KHdcxiVhJfiFDGX6xDIvpZgF5PgLZxYWxoK4Mhn5 -+bl53B/N66+rDt0b20XkeucC4pVd/GnwU2lhlXV5C15V5jgclKlZM57IcXR5f1GJ -tshquDDIajjDbp7hNxbqBWJMWxJH7ae0s1hWx0nzfxJoCTFx8G34Tkf71oXuxVhA -GaQdp/lLQzfcaFpPz+vCZHTetBXZ9FRUGi8c15dxVJCO2SCdUyt/q4/i6jC8UDfv -8Ue1fXwsBOxonbRJRBD0ckscZOf85muQ3Wl9af0AVqW3rLatt8o+Ae+c ------END CERTIFICATE----- - -### Internet Security Research Group - -=== /C=US/O=Internet Security Research Group/CN=ISRG Root X1 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 82:10:cf:b0:d2:40:e3:59:44:63:e0:bb:63:82:8b:00 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Jun 4 11:04:38 2015 GMT - Not After : Jun 4 11:04:38 2035 GMT - Subject: C=US, O=Internet Security Research Group, CN=ISRG Root X1 - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 79:B4:59:E6:7B:B6:E5:E4:01:73:80:08:88:C8:1A:58:F6:E9:9B:6E -SHA1 Fingerprint=CA:BD:2A:79:A1:07:6A:31:F2:1D:25:36:35:CB:03:9D:43:29:A5:E8 -SHA256 Fingerprint=96:BC:EC:06:26:49:76:F3:74:60:77:9A:CF:28:C5:A7:CF:E8:A3:C0:AA:E1:1A:8F:FC:EE:05:C0:BD:DF:08:C6 ------BEGIN CERTIFICATE----- -MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw -TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh -cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4 -WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu -ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY -MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc -h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+ -0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U -A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW -T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH -B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC -B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv -KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn -OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn -jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw -qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI -rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq -hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL -ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ -3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK -NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5 -ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur -TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC -jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc -oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq -4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA -mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d -emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc= ------END CERTIFICATE----- -=== /C=US/O=Internet Security Research Group/CN=ISRG Root X2 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 41:d2:9d:d1:72:ea:ee:a7:80:c1:2c:6c:e9:2f:87:52 - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Sep 4 00:00:00 2020 GMT - Not After : Sep 17 16:00:00 2040 GMT - Subject: C=US, O=Internet Security Research Group, CN=ISRG Root X2 - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 7C:42:96:AE:DE:4B:48:3B:FA:92:F8:9E:8C:CF:6D:8B:A9:72:37:95 -SHA1 Fingerprint=BD:B1:B9:3C:D5:97:8D:45:C6:26:14:55:F8:DB:95:C7:5A:D1:53:AF -SHA256 Fingerprint=69:72:9B:8E:15:A8:6E:FC:17:7A:57:AF:B7:17:1D:FC:64:AD:D2:8C:2F:CA:8C:F1:50:7E:34:45:3C:CB:14:70 ------BEGIN CERTIFICATE----- -MIICGzCCAaGgAwIBAgIQQdKd0XLq7qeAwSxs6S+HUjAKBggqhkjOPQQDAzBPMQsw -CQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2gg -R3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMjAeFw0yMDA5MDQwMDAwMDBaFw00 -MDA5MTcxNjAwMDBaME8xCzAJBgNVBAYTAlVTMSkwJwYDVQQKEyBJbnRlcm5ldCBT -ZWN1cml0eSBSZXNlYXJjaCBHcm91cDEVMBMGA1UEAxMMSVNSRyBSb290IFgyMHYw -EAYHKoZIzj0CAQYFK4EEACIDYgAEzZvVn4CDCuwJSvMWSj5cz3es3mcFDR0HttwW -+1qLFNvicWDEukWVEYmO6gbf9yoWHKS5xcUy4APgHoIYOIvXRdgKam7mAHf7AlF9 -ItgKbppbd9/w+kHsOdx1ymgHDB/qo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0T -AQH/BAUwAwEB/zAdBgNVHQ4EFgQUfEKWrt5LSDv6kviejM9ti6lyN5UwCgYIKoZI -zj0EAwMDaAAwZQIwe3lORlCEwkSHRhtFcP9Ymd70/aTSVaYgLXTWNLxBo1BfASdW -tL4ndQavEi51mI38AjEAi/V3bNTIZargCyzuFJ0nN6T5U6VR5CmD1/iQMVtCnwr1 -/q4AaOeMSQ+2b1tbFfLn ------END CERTIFICATE----- - -### Krajowa Izba Rozliczeniowa S.A. - -=== /C=PL/O=Krajowa Izba Rozliczeniowa S.A./CN=SZAFIR ROOT CA2 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 3e:8a:5d:07:ec:55:d2:32:d5:b7:e3:b6:5f:01:eb:2d:dc:e4:d6:e4 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Oct 19 07:43:30 2015 GMT - Not After : Oct 19 07:43:30 2035 GMT - Subject: C=PL, O=Krajowa Izba Rozliczeniowa S.A., CN=SZAFIR ROOT CA2 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - 2E:16:A9:4A:18:B5:CB:CC:F5:6F:50:F3:23:5F:F8:5D:E7:AC:F0:C8 -SHA1 Fingerprint=E2:52:FA:95:3F:ED:DB:24:60:BD:6E:28:F3:9C:CC:CF:5E:B3:3F:DE -SHA256 Fingerprint=A1:33:9D:33:28:1A:0B:56:E5:57:D3:D3:2B:1C:E7:F9:36:7E:B0:94:BD:5F:A7:2A:7E:50:04:C8:DE:D7:CA:FE ------BEGIN CERTIFICATE----- -MIIDcjCCAlqgAwIBAgIUPopdB+xV0jLVt+O2XwHrLdzk1uQwDQYJKoZIhvcNAQEL -BQAwUTELMAkGA1UEBhMCUEwxKDAmBgNVBAoMH0tyYWpvd2EgSXpiYSBSb3psaWN6 -ZW5pb3dhIFMuQS4xGDAWBgNVBAMMD1NaQUZJUiBST09UIENBMjAeFw0xNTEwMTkw -NzQzMzBaFw0zNTEwMTkwNzQzMzBaMFExCzAJBgNVBAYTAlBMMSgwJgYDVQQKDB9L -cmFqb3dhIEl6YmEgUm96bGljemVuaW93YSBTLkEuMRgwFgYDVQQDDA9TWkFGSVIg -Uk9PVCBDQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3vD5QqEvN -QLXOYeeWyrSh2gwisPq1e3YAd4wLz32ohswmUeQgPYUM1ljj5/QqGJ3a0a4m7utT -3PSQ1hNKDJA8w/Ta0o4NkjrcsbH/ON7Dui1fgLkCvUqdGw+0w8LBZwPd3BucPbOw -3gAeqDRHu5rr/gsUvTaE2g0gv/pby6kWIK05YO4vdbbnl5z5Pv1+TW9NL++IDWr6 -3fE9biCloBK0TXC5ztdyO4mTp4CEHCdJckm1/zuVnsHMyAHs6A6KCpbns6aH5db5 -BSsNl0BwPLqsdVqc1U2dAgrSS5tmS0YHF2Wtn2yIANwiieDhZNRnvDF5YTy7ykHN -XGoAyDw4jlivAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD -AgEGMB0GA1UdDgQWBBQuFqlKGLXLzPVvUPMjX/hd56zwyDANBgkqhkiG9w0BAQsF -AAOCAQEAtXP4A9xZWx126aMqe5Aosk3AM0+qmrHUuOQn/6mWmc5G4G18TKI4pAZw -8PRBEew/R40/cof5O/2kbytTAOD/OblqBw7rHRz2onKQy4I9EYKL0rufKq8h5mOG -nXkZ7/e7DDWQw4rtTw/1zBLZpD67oPwglV9PJi8RI4NOdQcPv5vRtB3pEAT+ymCP -oky4rc/hkA/NrgrHXXu3UNLUYfrVFdvXn4dRVOul4+vJhaAlIDf7js4MNIThPIGy -d05DpYhfhmehPea0XGG2Ptv+tyjFogeutcrKjSoS75ftwjCkySp6+/NNIxuZMzSg -LvWpCz/UXeHPhJ/iGcJfitYgHuNztw== ------END CERTIFICATE----- - -### Microsec Ltd. - -=== /C=HU/L=Budapest/O=Microsec Ltd./2.5.4.97=VATHU-23584497/CN=e-Szigno Root CA 2017 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 01:54:48:ef:21:fd:97:59:0d:f5:04:0a - Signature Algorithm: ecdsa-with-SHA256 - Validity - Not Before: Aug 22 12:07:06 2017 GMT - Not After : Aug 22 12:07:06 2042 GMT - Subject: C=HU, L=Budapest, O=Microsec Ltd., 2.5.4.97=VATHU-23584497, CN=e-Szigno Root CA 2017 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - 87:11:15:08:D1:AA:C1:78:0C:B1:AF:CE:C6:C9:90:EF:BF:30:04:C0 - X509v3 Authority Key Identifier: - keyid:87:11:15:08:D1:AA:C1:78:0C:B1:AF:CE:C6:C9:90:EF:BF:30:04:C0 - -SHA1 Fingerprint=89:D4:83:03:4F:9E:9A:48:80:5F:72:37:D4:A9:A6:EF:CB:7C:1F:D1 -SHA256 Fingerprint=BE:B0:0B:30:83:9B:9B:C3:2C:32:E4:44:79:05:95:06:41:F2:64:21:B1:5E:D0:89:19:8B:51:8A:E2:EA:1B:99 ------BEGIN CERTIFICATE----- -MIICQDCCAeWgAwIBAgIMAVRI7yH9l1kN9QQKMAoGCCqGSM49BAMCMHExCzAJBgNV -BAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEWMBQGA1UECgwNTWljcm9zZWMgTHRk -LjEXMBUGA1UEYQwOVkFUSFUtMjM1ODQ0OTcxHjAcBgNVBAMMFWUtU3ppZ25vIFJv -b3QgQ0EgMjAxNzAeFw0xNzA4MjIxMjA3MDZaFw00MjA4MjIxMjA3MDZaMHExCzAJ -BgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEWMBQGA1UECgwNTWljcm9zZWMg -THRkLjEXMBUGA1UEYQwOVkFUSFUtMjM1ODQ0OTcxHjAcBgNVBAMMFWUtU3ppZ25v -IFJvb3QgQ0EgMjAxNzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJbcPYrYsHtv -xie+RJCxs1YVe45DJH0ahFnuY2iyxl6H0BVIHqiQrb1TotreOpCmYF9oMrWGQd+H -Wyx7xf58etqjYzBhMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0G -A1UdDgQWBBSHERUI0arBeAyxr87GyZDvvzAEwDAfBgNVHSMEGDAWgBSHERUI0arB -eAyxr87GyZDvvzAEwDAKBggqhkjOPQQDAgNJADBGAiEAtVfd14pVCzbhhkT61Nlo -jbjcI4qKDdQvfepz7L9NbKgCIQDLpbQS+ue16M9+k/zzNY9vTlp8tLxOsvxyqltZ -+efcMQ== ------END CERTIFICATE----- -=== /C=HU/L=Budapest/O=Microsec Ltd./CN=Microsec e-Szigno Root CA 2009/emailAddress=info@e-szigno.hu -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - c2:7e:43:04:4e:47:3f:19 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Jun 16 11:30:18 2009 GMT - Not After : Dec 30 11:30:18 2029 GMT - Subject: C=HU, L=Budapest, O=Microsec Ltd., CN=Microsec e-Szigno Root CA 2009, emailAddress=info@e-szigno.hu - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - CB:0F:C6:DF:42:43:CC:3D:CB:B5:48:23:A1:1A:7A:A6:2A:BB:34:68 - X509v3 Authority Key Identifier: - keyid:CB:0F:C6:DF:42:43:CC:3D:CB:B5:48:23:A1:1A:7A:A6:2A:BB:34:68 - - X509v3 Subject Alternative Name: - email:info@e-szigno.hu -SHA1 Fingerprint=89:DF:74:FE:5C:F4:0F:4A:80:F9:E3:37:7D:54:DA:91:E1:01:31:8E -SHA256 Fingerprint=3C:5F:81:FE:A5:FA:B8:2C:64:BF:A2:EA:EC:AF:CD:E8:E0:77:FC:86:20:A7:CA:E5:37:16:3D:F3:6E:DB:F3:78 ------BEGIN CERTIFICATE----- -MIIECjCCAvKgAwIBAgIJAMJ+QwRORz8ZMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD -VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0 -ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3ppZ25vIFJvb3QgQ0EgMjAwOTEfMB0G -CSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5odTAeFw0wOTA2MTYxMTMwMThaFw0y -OTEyMzAxMTMwMThaMIGCMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3Qx -FjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3pp -Z25vIFJvb3QgQ0EgMjAwOTEfMB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5o -dTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOn4j/NjrdqG2KfgQvvP -kd6mJviZpWNwrZuuyjNAfW2WbqEORO7hE52UQlKavXWFdCyoDh2Tthi3jCyoz/tc -cbna7P7ofo/kLx2yqHWH2Leh5TvPmUpG0IMZfcChEhyVbUr02MelTTMuhTlAdX4U -fIASmFDHQWe4oIBhVKZsTh/gnQ4H6cm6M+f+wFUoLAKApxn1ntxVUwOXewdI/5n7 -N4okxFnMUBBjjqqpGrCEGob5X7uxUG6k0QrM1XF+H6cbfPVTbiJfyyvm1HxdrtbC -xkzlBQHZ7Vf8wSN5/PrIJIOV87VqUQHQd9bpEqH5GoP7ghu5sJf0dgYzQ0mg/wu1 -+rUCAwEAAaOBgDB+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0G -A1UdDgQWBBTLD8bfQkPMPcu1SCOhGnqmKrs0aDAfBgNVHSMEGDAWgBTLD8bfQkPM -Pcu1SCOhGnqmKrs0aDAbBgNVHREEFDASgRBpbmZvQGUtc3ppZ25vLmh1MA0GCSqG -SIb3DQEBCwUAA4IBAQDJ0Q5eLtXMs3w+y/w9/w0olZMEyL/azXm4Q5DwpL7v8u8h -mLzU1F0G9u5C7DBsoKqpyvGvivo/C3NqPuouQH4frlRheesuCDfXI/OMn74dseGk -ddug4lQUsbocKaQY9hK6ohQU4zE1yED/t+AFdlfBHFny+L/k7SViXITwfn4fs775 -tyERzAMBVnCnEJIeGzSBHq2cGsMEPO0CYdYeBvNfOofyK/FFh+U9rNHHV4S9a67c -2Pm2G2JwCz02yULyMtd6YebS2z3PyKnJm9zbWETXbzivf3jTo60adbocwTZ8jx5t -HMN1Rq41Bab2XD0h7lbwyYIiLXpUq3DDfSJlgnCW ------END CERTIFICATE----- - -### Microsoft Corporation - -=== /C=US/O=Microsoft Corporation/CN=Microsoft ECC Root Certificate Authority 2017 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 66:f2:3d:af:87:de:8b:b1:4a:ea:0c:57:31:01:c2:ec - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Dec 18 23:06:45 2019 GMT - Not After : Jul 18 23:16:04 2042 GMT - Subject: C=US, O=Microsoft Corporation, CN=Microsoft ECC Root Certificate Authority 2017 - X509v3 extensions: - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - C8:CB:99:72:70:52:0C:F8:E6:BE:B2:04:57:29:2A:CF:42:10:ED:35 - 1.3.6.1.4.1.311.21.1: - ... -SHA1 Fingerprint=99:9A:64:C3:7F:F4:7D:9F:AB:95:F1:47:69:89:14:60:EE:C4:C3:C5 -SHA256 Fingerprint=35:8D:F3:9D:76:4A:F9:E1:B7:66:E9:C9:72:DF:35:2E:E1:5C:FA:C2:27:AF:6A:D1:D7:0E:8E:4A:6E:DC:BA:02 ------BEGIN CERTIFICATE----- -MIICWTCCAd+gAwIBAgIQZvI9r4fei7FK6gxXMQHC7DAKBggqhkjOPQQDAzBlMQsw -CQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTYwNAYD -VQQDEy1NaWNyb3NvZnQgRUNDIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIw -MTcwHhcNMTkxMjE4MjMwNjQ1WhcNNDIwNzE4MjMxNjA0WjBlMQswCQYDVQQGEwJV -UzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTYwNAYDVQQDEy1NaWNy -b3NvZnQgRUNDIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTcwdjAQBgcq -hkjOPQIBBgUrgQQAIgNiAATUvD0CQnVBEyPNgASGAlEvaqiBYgtlzPbKnR5vSmZR -ogPZnZH6thaxjG7efM3beaYvzrvOcS/lpaso7GMEZpn4+vKTEAXhgShC48Zo9OYb -hGBKia/teQ87zvH2RPUBeMCjVDBSMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8E -BTADAQH/MB0GA1UdDgQWBBTIy5lycFIM+Oa+sgRXKSrPQhDtNTAQBgkrBgEEAYI3 -FQEEAwIBADAKBggqhkjOPQQDAwNoADBlAjBY8k3qDPlfXu5gKcs68tvWMoQZP3zV -L8KxzJOuULsJMsbG7X7JNpQS5GiFBqIb0C8CMQCZ6Ra0DvpWSNSkMBaReNtUjGUB -iudQZsIxtzm6uBoiB078a1QWIP8rtedMDE2mT3M= ------END CERTIFICATE----- -=== /C=US/O=Microsoft Corporation/CN=Microsoft RSA Root Certificate Authority 2017 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 1e:d3:97:09:5f:d8:b4:b3:47:70:1e:aa:be:7f:45:b3 - Signature Algorithm: sha384WithRSAEncryption - Validity - Not Before: Dec 18 22:51:22 2019 GMT - Not After : Jul 18 23:00:23 2042 GMT - Subject: C=US, O=Microsoft Corporation, CN=Microsoft RSA Root Certificate Authority 2017 - X509v3 extensions: - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 09:CB:59:7F:86:B2:70:8F:1A:C3:39:E3:C0:D9:E9:BF:BB:4D:B2:23 - 1.3.6.1.4.1.311.21.1: - ... -SHA1 Fingerprint=73:A5:E6:4A:3B:FF:83:16:FF:0E:DC:CC:61:8A:90:6E:4E:AE:4D:74 -SHA256 Fingerprint=C7:41:F7:0F:4B:2A:8D:88:BF:2E:71:C1:41:22:EF:53:EF:10:EB:A0:CF:A5:E6:4C:FA:20:F4:18:85:30:73:E0 ------BEGIN CERTIFICATE----- -MIIFqDCCA5CgAwIBAgIQHtOXCV/YtLNHcB6qvn9FszANBgkqhkiG9w0BAQwFADBl -MQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTYw -NAYDVQQDEy1NaWNyb3NvZnQgUlNBIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 -IDIwMTcwHhcNMTkxMjE4MjI1MTIyWhcNNDIwNzE4MjMwMDIzWjBlMQswCQYDVQQG -EwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTYwNAYDVQQDEy1N -aWNyb3NvZnQgUlNBIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTcwggIi -MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKW76UM4wplZEWCpW9R2LBifOZ -Nt9GkMml7Xhqb0eRaPgnZ1AzHaGm++DlQ6OEAlcBXZxIQIJTELy/xztokLaCLeX0 -ZdDMbRnMlfl7rEqUrQ7eS0MdhweSE5CAg2Q1OQT85elss7YfUJQ4ZVBcF0a5toW1 -HLUX6NZFndiyJrDKxHBKrmCk3bPZ7Pw71VdyvD/IybLeS2v4I2wDwAW9lcfNcztm -gGTjGqwu+UcF8ga2m3P1eDNbx6H7JyqhtJqRjJHTOoI+dkC0zVJhUXAoP8XFWvLJ -jEm7FFtNyP9nTUwSlq31/niol4fX/V4ggNyhSyL71Imtus5Hl0dVe49FyGcohJUc -aDDv70ngNXtk55iwlNpNhTs+VcQor1fznhPbRiefHqJeRIOkpcrVE7NLP8TjwuaG -YaRSMLl6IE9vDzhTyzMMEyuP1pq9KsgtsRx9S1HKR9FIJ3Jdh+vVReZIZZ2vUpC6 -W6IYZVcSn2i51BVrlMRpIpj0M+Dt+VGOQVDJNE92kKz8OMHY4Xu54+OU4UZpyw4K -UGsTuqwPN1q3ErWQgR5WrlcihtnJ0tHXUeOrO8ZV/R4O03QK0dqq6mm4lyiPSMQH -+FJDOvTKVTUssKZqwJz58oHhEmrARdlns87/I6KJClTUFLkqqNfs+avNJVgyeY+Q -W5g5xAgGwax/Dj0ApQIDAQABo1QwUjAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/ -BAUwAwEB/zAdBgNVHQ4EFgQUCctZf4aycI8awznjwNnpv7tNsiMwEAYJKwYBBAGC -NxUBBAMCAQAwDQYJKoZIhvcNAQEMBQADggIBAKyvPl3CEZaJjqPnktaXFbgToqZC -LgLNFgVZJ8og6Lq46BrsTaiXVq5lQ7GPAJtSzVXNUzltYkyLDVt8LkS/gxCP81OC -gMNPOsduET/m4xaRhPtthH80dK2Jp86519efhGSSvpWhrQlTM93uCupKUY5vVau6 -tZRGrox/2KJQJWVggEbbMwSubLWYdFQl3JPk+ONVFT24bcMKpBLBaYVu32TxU5nh -SnUgnZUP5NbcA/FZGOhHibJXWpS2qdgXKxdJ5XbLwVaZOjex/2kskZGT4d9Mozd2 -TaGf+G0eHdP67Pv0RR0Tbc/3WeUiJ3IrhvNXuzDtJE3cfVa7o7P4NHmJweDyAmH3 -pvwPuxwXC65B2Xy9J6P9LjrRk5Sxcx0ki69bIImtt2dmefU6xqaWM/5TkshGsRGR -xpl/j8nWZjEgQRCHLQzWwa80mMpkg/sTV9HB8Dx6jKXB/ZUhoHHBk2dxEuqPiApp -GWSZI1b7rCoucL5mxAyE7+WL85MB+GqQk2dLsmijtWKP6T+MejteD+eMuMZ87zf9 -dOLITzNy4ZQ5bb0Sr74MTnB8G2+NszKTc0QWbej09+CVgI+WXTik9KveCjCHk9hN -AHFiRSdLOkKEW39lt2c0Ui2cFmuqqNh7o0JMcccMyj6D5KbvtwEwXlGjefVwaaZB -RA+GsCyRxj3qrg+E ------END CERTIFICATE----- - -### NAVER BUSINESS PLATFORM Corp. - -=== /C=KR/O=NAVER BUSINESS PLATFORM Corp./CN=NAVER Global Root Certification Authority -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 01:94:30:1e:a2:0b:dd:f5:c5:33:2a:b1:43:44:71:f8:d6:50:4d:0d - Signature Algorithm: sha384WithRSAEncryption - Validity - Not Before: Aug 18 08:58:42 2017 GMT - Not After : Aug 18 23:59:59 2037 GMT - Subject: C=KR, O=NAVER BUSINESS PLATFORM Corp., CN=NAVER Global Root Certification Authority - X509v3 extensions: - X509v3 Subject Key Identifier: - D2:9F:88:DF:A1:CD:2C:BD:EC:F5:3B:01:01:93:33:27:B2:EB:60:4B - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE -SHA1 Fingerprint=8F:6B:F2:A9:27:4A:DA:14:A0:C4:F4:8E:61:27:F9:C0:1E:78:5D:D1 -SHA256 Fingerprint=88:F4:38:DC:F8:FF:D1:FA:8F:42:91:15:FF:E5:F8:2A:E1:E0:6E:0C:70:C3:75:FA:AD:71:7B:34:A4:9E:72:65 ------BEGIN CERTIFICATE----- -MIIFojCCA4qgAwIBAgIUAZQwHqIL3fXFMyqxQ0Rx+NZQTQ0wDQYJKoZIhvcNAQEM -BQAwaTELMAkGA1UEBhMCS1IxJjAkBgNVBAoMHU5BVkVSIEJVU0lORVNTIFBMQVRG -T1JNIENvcnAuMTIwMAYDVQQDDClOQVZFUiBHbG9iYWwgUm9vdCBDZXJ0aWZpY2F0 -aW9uIEF1dGhvcml0eTAeFw0xNzA4MTgwODU4NDJaFw0zNzA4MTgyMzU5NTlaMGkx -CzAJBgNVBAYTAktSMSYwJAYDVQQKDB1OQVZFUiBCVVNJTkVTUyBQTEFURk9STSBD -b3JwLjEyMDAGA1UEAwwpTkFWRVIgR2xvYmFsIFJvb3QgQ2VydGlmaWNhdGlvbiBB -dXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC21PGTXLVA -iQqrDZBbUGOukJR0F0Vy1ntlWilLp1agS7gvQnXp2XskWjFlqxcX0TM62RHcQDaH -38dq6SZeWYp34+hInDEW+j6RscrJo+KfziFTowI2MMtSAuXaMl3Dxeb57hHHi8lE -HoSTGEq0n+USZGnQJoViAbbJAh2+g1G7XNr4rRVqmfeSVPc0W+m/6imBEtRTkZaz -kVrd/pBzKPswRrXKCAfHcXLJZtM0l/aM9BhK4dA9WkW2aacp+yPOiNgSnABIqKYP -szuSjXEOdMWLyEz59JuOuDxp7W87UC9Y7cSw0BwbagzivESq2M0UXZR4Yb8Obtoq -vC8MC3GmsxY/nOb5zJ9TNeIDoKAYv7vxvvTWjIcNQvcGufFt7QSUqP620wbGQGHf -nZ3zVHbOUzoBppJB7ASjjw2i1QnK1sua8e9DXcCrpUHPXFNwcMmIpi3Ua2FzUCaG -YQ5fG8Ir4ozVu53BA0K6lNpfqbDKzE0K70dpAy8i+/Eozr9dUGWokG2zdLAIx6yo -0es+nPxdGoMuK8u180SdOqcXYZaicdNwlhVNt0xz7hlcxVs+Qf6sdWA7G2POAN3a -CJBitOUt7kinaxeZVL6HSuOpXgRM6xBtVNbv8ejyYhbLgGvtPe31HzClrkvJE+2K -AQHJuFFYwGY6sWZLxNUxAmLpdIQM201GLQIDAQABo0IwQDAdBgNVHQ4EFgQU0p+I -36HNLL3s9TsBAZMzJ7LrYEswDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMB -Af8wDQYJKoZIhvcNAQEMBQADggIBADLKgLOdPVQG3dLSLvCkASELZ0jKbY7gyKoN -qo0hV4/GPnrK21HUUrPUloSlWGB/5QuOH/XcChWB5Tu2tyIvCZwTFrFsDDUIbatj -cu3cvuzHV+YwIHHW1xDBE1UBjCpD5EHxzzp6U5LOogMFDTjfArsQLtk70pt6wKGm -+LUx5vR1yblTmXVHIloUFcd4G7ad6Qz4G3bxhYTeodoS76TiEJd6eN4MUZeoIUCL -hr0N8F5OSza7OyAfikJW4Qsav3vQIkMsRIz75Sq0bBwcupTgE34h5prCy8VCZLQe -lHsIJchxzIdFV4XTnyliIoNRlwAYl3dqmJLJfGBs32x9SuRwTMKeuB330DTHD8z7 -p/8Dvq1wkNoL3chtl1+afwkyQf3NosxabUzyqkn+Zvjp2DXrDige7kgvOtB5CTh8 -piKCk5XQA76+AqAF3SAi428diDRgxuYKuQl1C/AH6GmWNcf7I4GOODm4RStDeKLR -LBT/DShycpWbXgnbiUSYqqFJu3FS8r/2/yehNq+4tneI3TqkbZs0kNwUXTC/t+sX -5Ie3cdCh13cV1ELX8vMxmV2b3RZtP+oGI/hGoiLtk/bdmuYqh7GYVPEi92tF4+KO -dh2ajcQGjTa3FPOdVGm3jjzVpG2Tgbet9r1ke8LJaDmgkpzNNIaRkPpkUZ3+/uul -9XXeifdy ------END CERTIFICATE----- - -### NetLock Kft. - -=== /C=HU/L=Budapest/O=NetLock Kft./OU=Tan\xC3\xBAs\xC3\xADtv\xC3\xA1nykiad\xC3\xB3k (Certification Services)/CN=NetLock Arany (Class Gold) F\xC5\x91tan\xC3\xBAs\xC3\xADtv\xC3\xA1ny -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 80544274841616 (0x49412ce40010) - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Dec 11 15:08:21 2008 GMT - Not After : Dec 6 15:08:21 2028 GMT - Subject: C=HU, L=Budapest, O=NetLock Kft., OU=Tan\xC3\xBAs\xC3\xADtv\xC3\xA1nykiad\xC3\xB3k (Certification Services), CN=NetLock Arany (Class Gold) F\xC5\x91tan\xC3\xBAs\xC3\xADtv\xC3\xA1ny - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE, pathlen:4 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - CC:FA:67:93:F0:B6:B8:D0:A5:C0:1E:F3:53:FD:8C:53:DF:83:D7:96 -SHA1 Fingerprint=06:08:3F:59:3F:15:A1:04:A0:69:A4:6B:A9:03:D0:06:B7:97:09:91 -SHA256 Fingerprint=6C:61:DA:C3:A2:DE:F0:31:50:6B:E0:36:D2:A6:FE:40:19:94:FB:D1:3D:F9:C8:D4:66:59:92:74:C4:46:EC:98 ------BEGIN CERTIFICATE----- -MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG -EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3 -MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl -cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR -dGFuw7pzw610dsOhbnkwHhcNMDgxMjExMTUwODIxWhcNMjgxMjA2MTUwODIxWjCB -pzELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRM -b2NrIEtmdC4xNzA1BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlm -aWNhdGlvbiBTZXJ2aWNlcykxNTAzBgNVBAMMLE5ldExvY2sgQXJhbnkgKENsYXNz -IEdvbGQpIEbFkXRhbsO6c8OtdHbDoW55MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A -MIIBCgKCAQEAxCRec75LbRTDofTjl5Bu0jBFHjzuZ9lk4BqKf8owyoPjIMHj9DrT -lF8afFttvzBPhCf2nx9JvMaZCpDyD/V/Q4Q3Y1GLeqVw/HpYzY6b7cNGbIRwXdrz -AZAj/E4wqX7hJ2Pn7WQ8oLjJM2P+FpD/sLj916jAwJRDC7bVWaaeVtAkH3B5r9s5 -VA1lddkVQZQBr17s9o3x/61k/iCa11zr/qYfCGSji3ZVrR47KGAuhyXoqq8fxmRG -ILdwfzzeSNuWU7c5d+Qa4scWhHaXWy+7GRWF+GmF9ZmnqfI0p6m2pgP8b4Y9VHx2 -BJtr+UBdADTHLpl1neWIA6pN+APSQnbAGwIDAKiLo0UwQzASBgNVHRMBAf8ECDAG -AQH/AgEEMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUzPpnk/C2uNClwB7zU/2M -U9+D15YwDQYJKoZIhvcNAQELBQADggEBAKt/7hwWqZw8UQCgwBEIBaeZ5m8BiFRh -bvG5GK1Krf6BQCOUL/t1fC8oS2IkgYIL9WHxHG64YTjrgfpioTtaYtOUZcTh5m2C -+C8lcLIhJsFyUR+MLMOEkMNaj7rP9KdlpeuY0fsFskZ1FSNqb4VjMIDw1Z4fKRzC -bLBQWV2QWzuoDTDPv31/zvGdg73JRm4gpvlhUbohL3u+pRVjodSVh/GeufOJ8z2F -uLjbvrW5KfnaNwUASZQDhETnv0Mxz3WLJdH0pmT1kvarBes96aULNmLazAZfNou2 -XjG4Kvte9nHfRCaexOYNkbQudZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7E= ------END CERTIFICATE----- - -### QuoVadis Limited - -=== /C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 1 G3 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 78:58:5f:2e:ad:2c:19:4b:e3:37:07:35:34:13:28:b5:96:d4:65:93 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Jan 12 17:27:44 2012 GMT - Not After : Jan 12 17:27:44 2042 GMT - Subject: C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 1 G3 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - A3:97:D6:F3:5E:A2:10:E1:AB:45:9F:3C:17:64:3C:EE:01:70:9C:CC -SHA1 Fingerprint=1B:8E:EA:57:96:29:1A:C9:39:EA:B8:0A:81:1A:73:73:C0:93:79:67 -SHA256 Fingerprint=8A:86:6F:D1:B2:76:B5:7E:57:8E:92:1C:65:82:8A:2B:ED:58:E9:F2:F2:88:05:41:34:B7:F1:F4:BF:C9:CC:74 ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIUeFhfLq0sGUvjNwc1NBMotZbUZZMwDQYJKoZIhvcNAQEL -BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc -BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0xMjAxMTIxNzI3NDRaFw00 -MjAxMTIxNzI3NDRaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM -aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDEgRzMwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCgvlAQjunybEC0BJyFuTHK3C3kEakEPBtV -wedYMB0ktMPvhd6MLOHBPd+C5k+tR4ds7FtJwUrVu4/sh6x/gpqG7D0DmVIB0jWe -rNrwU8lmPNSsAgHaJNM7qAJGr6Qc4/hzWHa39g6QDbXwz8z6+cZM5cOGMAqNF341 -68Xfuw6cwI2H44g4hWf6Pser4BOcBRiYz5P1sZK0/CPTz9XEJ0ngnjybCKOLXSoh -4Pw5qlPafX7PGglTvF0FBM+hSo+LdoINofjSxxR3W5A2B4GbPgb6Ul5jxaYA/qXp -UhtStZI5cgMJYr2wYBZupt0lwgNm3fME0UDiTouG9G/lg6AnhF4EwfWQvTA9xO+o -abw4m6SkltFi2mnAAZauy8RRNOoMqv8hjlmPSlzkYZqn0ukqeI1RPToV7qJZjqlc -3sX5kCLliEVx3ZGZbHqfPT2YfF72vhZooF6uCyP8Wg+qInYtyaEQHeTTRCOQiJ/G -KubX9ZqzWB4vMIkIG1SitZgj7Ah3HJVdYdHLiZxfokqRmu8hqkkWCKi9YSgxyXSt -hfbZxbGL0eUQMk1fiyA6PEkfM4VZDdvLCXVDaXP7a3F98N/ETH3Goy7IlXnLc6KO -Tk0k+17kBL5yG6YnLUlamXrXXAkgt3+UuU/xDRxeiEIbEbfnkduebPRq34wGmAOt -zCjvpUfzUwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -BjAdBgNVHQ4EFgQUo5fW816iEOGrRZ88F2Q87gFwnMwwDQYJKoZIhvcNAQELBQAD -ggIBABj6W3X8PnrHX3fHyt/PX8MSxEBd1DKquGrX1RUVRpgjpeaQWxiZTOOtQqOC -MTaIzen7xASWSIsBx40Bz1szBpZGZnQdT+3Btrm0DWHMY37XLneMlhwqI2hrhVd2 -cDMT/uFPpiN3GPoajOi9ZcnPP/TJF9zrx7zABC4tRi9pZsMbj/7sPtPKlL92CiUN -qXsCHKnQO18LwIE6PWThv6ctTr1NxNgpxiIY0MWscgKCP6o6ojoilzHdCGPDdRS5 -YCgtW2jgFqlmgiNR9etT2DGbe+m3nUvriBbP+V04ikkwj+3x6xn0dxoxGE1nVGwv -b2X52z3sIexe9PSLymBlVNFxZPT5pqOBMzYzcfCkeF9OrYMh3jRJjehZrJ3ydlo2 -8hP0r+AJx2EqbPfgna67hkooby7utHnNkDPDs3b69fBsnQGQ+p6Q9pxyz0fawx/k -NSBT8lTR32GDpgLiJTjehTItXnOQUl1CxM49S+H5GYQd1aJQzEH7QRTDvdbJWqNj -ZgKAvQU6O0ec7AAmTPWIUb+oI38YB7AL7YsmoWTTYUrrXJ/es69nA7Mf3W1daWhp -q1467HxpvMc7hU6eFbm0FU/DlXpY18ls6Wy58yljXrQs8C097Vpl4KlbQMJImYFt -nh8GKjwStIsPm6Ik8KaN1nrgS7ZklmOVhMJKzRwuJIczYOXD ------END CERTIFICATE----- -=== /C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 2 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 1289 (0x509) - Signature Algorithm: sha1WithRSAEncryption - Validity - Not Before: Nov 24 18:27:00 2006 GMT - Not After : Nov 24 18:23:33 2031 GMT - Subject: C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - 1A:84:62:BC:48:4C:33:25:04:D4:EE:D0:F6:03:C4:19:46:D1:94:6B - X509v3 Authority Key Identifier: - keyid:1A:84:62:BC:48:4C:33:25:04:D4:EE:D0:F6:03:C4:19:46:D1:94:6B - DirName:/C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 2 - serial:05:09 - -SHA1 Fingerprint=CA:3A:FB:CF:12:40:36:4B:44:B2:16:20:88:80:48:39:19:93:7C:F7 -SHA256 Fingerprint=85:A0:DD:7D:D7:20:AD:B7:FF:05:F8:3D:54:2B:20:9D:C7:FF:45:28:F7:D6:77:B1:83:89:FE:A5:E5:C4:9E:86 ------BEGIN CERTIFICATE----- -MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x -GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv -b3QgQ0EgMjAeFw0wNjExMjQxODI3MDBaFw0zMTExMjQxODIzMzNaMEUxCzAJBgNV -BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W -YWRpcyBSb290IENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCa -GMpLlA0ALa8DKYrwD4HIrkwZhR0In6spRIXzL4GtMh6QRr+jhiYaHv5+HBg6XJxg -Fyo6dIMzMH1hVBHL7avg5tKifvVrbxi3Cgst/ek+7wrGsxDp3MJGF/hd/aTa/55J -WpzmM+Yklvc/ulsrHHo1wtZn/qtmUIttKGAr79dgw8eTvI02kfN/+NsRE8Scd3bB -rrcCaoF6qUWD4gXmuVbBlDePSHFjIuwXZQeVikvfj8ZaCuWw419eaxGrDPmF60Tp -+ARz8un+XJiM9XOva7R+zdRcAitMOeGylZUtQofX1bOQQ7dsE/He3fbE+Ik/0XX1 -ksOR1YqI0JDs3G3eicJlcZaLDQP9nL9bFqyS2+r+eXyt66/3FsvbzSUr5R/7mp/i -Ucw6UwxI5g69ybR2BlLmEROFcmMDBOAENisgGQLodKcftslWZvB1JdxnwQ5hYIiz -PtGo/KPaHbDRsSNU30R2be1B2MGyIrZTHN81Hdyhdyox5C315eXbyOD/5YDXC2Og -/zOhD7osFRXql7PSorW+8oyWHhqPHWykYTe5hnMz15eWniN9gqRMgeKh0bpnX5UH -oycR7hYQe7xFSkyyBNKr79X9DFHOUGoIMfmR2gyPZFwDwzqLID9ujWc9Otb+fVuI -yV77zGHcizN300QyNQliBJIWENieJ0f7OyHj+OsdWwIDAQABo4GwMIGtMA8GA1Ud -EwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBQahGK8SEwzJQTU7tD2 -A8QZRtGUazBuBgNVHSMEZzBlgBQahGK8SEwzJQTU7tD2A8QZRtGUa6FJpEcwRTEL -MAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMT -ElF1b1ZhZGlzIFJvb3QgQ0EgMoICBQkwDQYJKoZIhvcNAQEFBQADggIBAD4KFk2f -BluornFdLwUvZ+YTRYPENvbzwCYMDbVHZF34tHLJRqUDGCdViXh9duqWNIAXINzn -g/iN/Ae42l9NLmeyhP3ZRPx3UIHmfLTJDQtyU/h2BwdBR5YM++CCJpNVjP4iH2Bl -fF/nJrP3MpCYUNQ3cVX2kiF495V5+vgtJodmVjB3pjd4M1IQWK4/YY7yarHvGH5K -WWPKjaJW1acvvFYfzznB4vsKqBUsfU16Y8Zsl0Q80m/DShcK+JDSV6IZUaUtl0Ha -B0+pUNqQjZRG4T7wlP0QADj1O+hA4bRuVhogzG9Yje0uRY/W6ZM/57Es3zrWIozc -hLsib9D45MY56QSIPMO661V6bYCZJPVsAfv4l7CUW+v90m/xd2gNNWQjrLhVoQPR -TUIZ3Ph1WVaj+ahJefivDrkRoHy3au000LYmYjgahwz46P0u05B/B5EqHdZ+XIWD -mbA4CD/pXvk1B+TJYm5Xf6dQlfe6yJvmjqIBxdZmv3lh8zwc4bmCXF2gw+nYSL0Z -ohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y -4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8VCLAAVBpQ570su9t+Oza -8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0u ------END CERTIFICATE----- -=== /C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 2 G3 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 44:57:34:24:5b:81:89:9b:35:f2:ce:b8:2b:3b:5b:a7:26:f0:75:28 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Jan 12 18:59:32 2012 GMT - Not After : Jan 12 18:59:32 2042 GMT - Subject: C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2 G3 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - ED:E7:6F:76:5A:BF:60:EC:49:5B:C6:A5:77:BB:72:16:71:9B:C4:3D -SHA1 Fingerprint=09:3C:61:F3:8B:8B:DC:7D:55:DF:75:38:02:05:00:E1:25:F5:C8:36 -SHA256 Fingerprint=8F:E4:FB:0A:F9:3A:4D:0D:67:DB:0B:EB:B2:3E:37:C7:1B:F3:25:DC:BC:DD:24:0E:A0:4D:AF:58:B4:7E:18:40 ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIURFc0JFuBiZs18s64KztbpybwdSgwDQYJKoZIhvcNAQEL -BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc -BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMzAeFw0xMjAxMTIxODU5MzJaFw00 -MjAxMTIxODU5MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM -aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDIgRzMwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQChriWyARjcV4g/Ruv5r+LrI3HimtFhZiFf -qq8nUeVuGxbULX1QsFN3vXg6YOJkApt8hpvWGo6t/x8Vf9WVHhLL5hSEBMHfNrMW -n4rjyduYNM7YMxcoRvynyfDStNVNCXJJ+fKH46nafaF9a7I6JaltUkSs+L5u+9ym -c5GQYaYDFCDy54ejiK2toIz/pgslUiXnFgHVy7g1gQyjO/Dh4fxaXc6AcW34Sas+ -O7q414AB+6XrW7PFXmAqMaCvN+ggOp+oMiwMzAkd056OXbxMmO7FGmh77FOm6RQ1 -o9/NgJ8MSPsc9PG/Srj61YxxSscfrf5BmrODXfKEVu+lV0POKa2Mq1W/xPtbAd0j -IaFYAI7D0GoT7RPjEiuA3GfmlbLNHiJuKvhB1PLKFAeNilUSxmn1uIZoL1NesNKq -IcGY5jDjZ1XHm26sGahVpkUG0CM62+tlXSoREfA7T8pt9DTEceT/AFr2XK4jYIVz -8eQQsSWu1ZK7E8EM4DnatDlXtas1qnIhO4M15zHfeiFuuDIIfR0ykRVKYnLP43eh -vNURG3YBZwjgQQvD6xVu+KQZ2aKrr+InUlYrAoosFCT5v0ICvybIxo/gbjh9Uy3l -7ZizlWNof/k19N+IxWA1ksB8aRxhlRbQ694Lrz4EEEVlWFA4r0jyWbYW8jwNkALG -cC4BrTwV1wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -BjAdBgNVHQ4EFgQU7edvdlq/YOxJW8ald7tyFnGbxD0wDQYJKoZIhvcNAQELBQAD -ggIBAJHfgD9DCX5xwvfrs4iP4VGyvD11+ShdyLyZm3tdquXK4Qr36LLTn91nMX66 -AarHakE7kNQIXLJgapDwyM4DYvmL7ftuKtwGTTwpD4kWilhMSA/ohGHqPHKmd+RC -roijQ1h5fq7KpVMNqT1wvSAZYaRsOPxDMuHBR//47PERIjKWnML2W2mWeyAMQ0Ga -W/ZZGYjeVYg3UQt4XAoeo0L9x52ID8DyeAIkVJOviYeIyUqAHerQbj5hLja7NQ4n -lv1mNDthcnPxFlxHBlRJAHpYErAK74X9sbgzdWqTHBLmYF5vHX/JHyPLhGGfHoJE -+V+tYlUkmlKY7VHnoX6XOuYvHxHaU4AshZ6rNRDbIl9qxV6XU/IyAgkwo1jwDQHV -csaxfGl7w/U2Rcxhbl5MlMVerugOXou/983g7aEOGzPuVBj+D77vfoRrQ+NwmNtd -dbINWQeFFSM51vHfqSYP1kjHs6Yi9TM3WpVHn3u6GBVv/9YUZINJ0gpnIdsPNWNg -KCLjsZWDzYWm3S8P52dSbrsvhXz1SnPnxT7AvSESBT/8twNJAlvIJebiVDj1eYeM -HVOyToV7BjjHLPj4sHKNJeV3UvQDHEimUF+IIDBu8oJDqz2XhOdT+yHBTw8imoa4 -WSr2Rz0ZiC3oheGe7IUIarFsNMkd7EgrO3jtZsSOeWmD3n+M ------END CERTIFICATE----- -=== /C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 3 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 1478 (0x5c6) - Signature Algorithm: sha1WithRSAEncryption - Validity - Not Before: Nov 24 19:11:23 2006 GMT - Not After : Nov 24 19:06:44 2031 GMT - Subject: C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 3 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Certificate Policies: - Policy: 1.3.6.1.4.1.8024.0.3 - User Notice: - Explicit Text: Any use of this Certificate constitutes acceptance of the QuoVadis Root CA 3 Certificate Policy / Certification Practice Statement. - CPS: http://www.quovadisglobal.com/cps - - X509v3 Key Usage: - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - F2:C0:13:E0:82:43:3E:FB:EE:2F:67:32:96:35:5C:DB:B8:CB:02:D0 - X509v3 Authority Key Identifier: - keyid:F2:C0:13:E0:82:43:3E:FB:EE:2F:67:32:96:35:5C:DB:B8:CB:02:D0 - DirName:/C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 3 - serial:05:C6 - -SHA1 Fingerprint=1F:49:14:F7:D8:74:95:1D:DD:AE:02:C0:BE:FD:3A:2D:82:75:51:85 -SHA256 Fingerprint=18:F1:FC:7F:20:5D:F8:AD:DD:EB:7F:E0:07:DD:57:E3:AF:37:5A:9C:4D:8D:73:54:6B:F4:F1:FE:D1:E1:8D:35 ------BEGIN CERTIFICATE----- -MIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x -GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv -b3QgQ0EgMzAeFw0wNjExMjQxOTExMjNaFw0zMTExMjQxOTA2NDRaMEUxCzAJBgNV -BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W -YWRpcyBSb290IENBIDMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDM -V0IWVJzmmNPTTe7+7cefQzlKZbPoFog02w1ZkXTPkrgEQK0CSzGrvI2RaNggDhoB -4hp7Thdd4oq3P5kazethq8Jlph+3t723j/z9cI8LoGe+AaJZz3HmDyl2/7FWeUUr -H556VOijKTVopAFPD6QuN+8bv+OPEKhyq1hX51SGyMnzW9os2l2ObjyjPtr7guXd -8lyyBTNvijbO0BNO/79KDDRMpsMhvVAEVeuxu537RR5kFd5VAYwCdrXLoT9Cabwv -vWhDFlaJKjdhkf2mrk7AyxRllDdLkgbvBNDInIjbC3uBr7E9KsRlOni27tyAsdLT -mZw67mtaa7ONt9XOnMK+pUsvFrGeaDsGb659n/je7Mwpp5ijJUMv7/FfJuGITfhe -btfZFG4ZM2mnO4SJk8RTVROhUXhA+LjJou57ulJCg54U7QVSWllWp5f8nT8KKdjc -T5EOE7zelaTfi5m+rJsziO+1ga8bxiJTyPbH7pcUsMV8eFLI8M5ud2CEpukqdiDt -WAEXMJPpGovgc2PZapKUSU60rUqFxKMiMPwJ7Wgic6aIDFUhWMXhOp8q3crhkODZ -c6tsgLjoC2SToJyMGf+z0gzskSaHirOi4XCPLArlzW1oUevaPwV/izLmE1xr/l9A -4iLItLRkT9a6fUg+qGkM17uGcclzuD87nSVL2v9A6wIDAQABo4IBlTCCAZEwDwYD -VR0TAQH/BAUwAwEB/zCB4QYDVR0gBIHZMIHWMIHTBgkrBgEEAb5YAAMwgcUwgZMG -CCsGAQUFBwICMIGGGoGDQW55IHVzZSBvZiB0aGlzIENlcnRpZmljYXRlIGNvbnN0 -aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFF1b1ZhZGlzIFJvb3QgQ0EgMyBDZXJ0 -aWZpY2F0ZSBQb2xpY3kgLyBDZXJ0aWZpY2F0aW9uIFByYWN0aWNlIFN0YXRlbWVu -dC4wLQYIKwYBBQUHAgEWIWh0dHA6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL2Nw -czALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFPLAE+CCQz777i9nMpY1XNu4ywLQMG4G -A1UdIwRnMGWAFPLAE+CCQz777i9nMpY1XNu4ywLQoUmkRzBFMQswCQYDVQQGEwJC -TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEbMBkGA1UEAxMSUXVvVmFkaXMg -Um9vdCBDQSAzggIFxjANBgkqhkiG9w0BAQUFAAOCAgEAT62gLEz6wPJv92ZVqyM0 -7ucp2sNbtrCD2dDQ4iH782CnO11gUyeim/YIIirnv6By5ZwkajGxkHon24QRiSem -d1o417+shvzuXYO8BsbRd2sPbSQvS3pspweWyuOEn62Iix2rFo1bZhfZFvSLgNLd -+LJ2w/w4E6oM3kJpK27zPOuAJ9v1pkQNn1pVWQvVDVJIxa6f8i+AxeoyUDUSly7B -4f/xI4hROJ/yZlZ25w9Rl6VSDE1JUZU2Pb+iSwwQHYaZTKrzchGT5Or2m9qoXadN -t54CrnMAyNojA+j56hl0YgCUyyIgvpSnWbWCar6ZeXqp8kokUvd0/bpO5qgdAm6x -DYBEwa7TIzdfu4V8K5Iu6H6li92Z4b8nby1dqnuH/grdS/yO9SbkbnBCbjPsMZ57 -k8HkyWkaPcBrTiJt7qtYTcbQQcEr6k8Sh17rRdhs9ZgC06DYVYoGmRmioHfRMJ6s -zHXug/WwYjnPbFfiTNKRCw51KBuav/0aQ/HKd/s7j2G4aSgWQgRecCocIdiP4b0j -Wy10QJLZYxkNc91pvGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeT -mJlglFwjz1onl14LBQaTNx47aTbrqZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK -4SVhM7JZG+Ju1zdXtg2pEto= ------END CERTIFICATE----- -=== /C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 3 G3 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 2e:f5:9b:02:28:a7:db:7a:ff:d5:a3:a9:ee:bd:03:a0:cf:12:6a:1d - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Jan 12 20:26:32 2012 GMT - Not After : Jan 12 20:26:32 2042 GMT - Subject: C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 3 G3 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - C6:17:D0:BC:A8:EA:02:43:F2:1B:06:99:5D:2B:90:20:B9:D7:9C:E4 -SHA1 Fingerprint=48:12:BD:92:3C:A8:C4:39:06:E7:30:6D:27:96:E6:A4:CF:22:2E:7D -SHA256 Fingerprint=88:EF:81:DE:20:2E:B0:18:45:2E:43:F8:64:72:5C:EA:5F:BD:1F:C2:D9:D2:05:73:07:09:C5:D8:B8:69:0F:46 ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIULvWbAiin23r/1aOp7r0DoM8Sah0wDQYJKoZIhvcNAQEL -BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc -BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMyBHMzAeFw0xMjAxMTIyMDI2MzJaFw00 -MjAxMTIyMDI2MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM -aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDMgRzMwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCzyw4QZ47qFJenMioKVjZ/aEzHs286IxSR -/xl/pcqs7rN2nXrpixurazHb+gtTTK/FpRp5PIpM/6zfJd5O2YIyC0TeytuMrKNu -FoM7pmRLMon7FhY4futD4tN0SsJiCnMK3UmzV9KwCoWdcTzeo8vAMvMBOSBDGzXR -U7Ox7sWTaYI+FrUoRqHe6okJ7UO4BUaKhvVZR74bbwEhELn9qdIoyhA5CcoTNs+c -ra1AdHkrAj80//ogaX3T7mH1urPnMNA3I4ZyYUUpSFlob3emLoG+B01vr87ERROR -FHAGjx+f+IdpsQ7vw4kZ6+ocYfx6bIrc1gMLnia6Et3UVDmrJqMz6nWB2i3ND0/k -A9HvFZcba5DFApCTZgIhsUfei5pKgLlVj7WiL8DWM2fafsSntARE60f75li59wzw -eyuxwHApw0BiLTtIadwjPEjrewl5qW3aqDCYz4ByA4imW0aucnl8CAMhZa634Ryl -sSqiMd5mBPfAdOhx3v89WcyWJhKLhZVXGqtrdQtEPREoPHtht+KPZ0/l7DxMYIBp -VzgeAVuNVejH38DMdyM0SXV89pgR6y3e7UEuFAUCf+D+IOs15xGsIs5XPd7JMG0Q -A4XN8f+MFrXBsj6IbGB/kE+V9/YtrQE5BwT6dYB9v0lQ7e/JxHwc64B+27bQ3RP+ -ydOc17KXqQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -BjAdBgNVHQ4EFgQUxhfQvKjqAkPyGwaZXSuQILnXnOQwDQYJKoZIhvcNAQELBQAD -ggIBADRh2Va1EodVTd2jNTFGu6QHcrxfYWLopfsLN7E8trP6KZ1/AvWkyaiTt3px -KGmPc+FSkNrVvjrlt3ZqVoAh313m6Tqe5T72omnHKgqwGEfcIHB9UqM+WXzBusnI -FUBhynLWcKzSt/Ac5IYp8M7vaGPQtSCKFWGafoaYtMnCdvvMujAWzKNhxnQT5Wvv -oxXqA/4Ti2Tk08HS6IT7SdEQTXlm66r99I0xHnAUrdzeZxNMgRVhvLfZkXdxGYFg -u/BYpbWcC/ePIlUnwEsBbTuZDdQdm2NnL9DuDcpmvJRPpq3t/O5jrFc/ZSXPsoaP -0Aj/uHYUbt7lJ+yreLVTubY/6CD50qi+YUbKh4yE8/nxoGibIh6BJpsQBJFxwAYf -3KDTuVan45gtf4Od34wrnDKOMpTwATwiKp9Dwi7DmDkHOHv8XgBCH/MyJnmDhPbl -8MFREsALHgQjDFSlTC9JxUrRtm5gDWv8a4uFJGS3iQ6rJUdbPM9+Sb3H6QrG2vd+ -DhcI00iX0HGS8A85PjRqHH3Y8iKuu2n0M7SmSFXRDw4m6Oy2Cy2nhTXN/VnIn9HN -PlopNLk9hM6xZdRZkZFWdSHBd575euFgndOtBBj0fOtek49TSiIp+EgrPk2GrFt/ -ywaZWWDYWGWVjUTR939+J399roD1B0y2PpxxVJkES/1Y+Zj0 ------END CERTIFICATE----- - -### SECOM Trust Systems CO.,LTD. - -=== /C=JP/O=SECOM Trust Systems CO.,LTD./CN=Security Communication ECC RootCA1 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - d6:5d:9b:b3:78:81:2e:eb - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Jun 16 05:15:28 2016 GMT - Not After : Jan 18 05:15:28 2038 GMT - Subject: C=JP, O=SECOM Trust Systems CO.,LTD., CN=Security Communication ECC RootCA1 - X509v3 extensions: - X509v3 Subject Key Identifier: - 86:1C:E7:FE:2D:A5:4A:8B:08:FE:28:11:FA:BE:A3:66:F8:60:59:2F - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE -SHA1 Fingerprint=B8:0E:26:A9:BF:D2:B2:3B:C0:EF:46:C9:BA:C7:BB:F6:1D:0D:41:41 -SHA256 Fingerprint=E7:4F:BD:A5:5B:D5:64:C4:73:A3:6B:44:1A:A7:99:C8:A6:8E:07:74:40:E8:28:8B:9F:A1:E5:0E:4B:BA:CA:11 ------BEGIN CERTIFICATE----- -MIICODCCAb6gAwIBAgIJANZdm7N4gS7rMAoGCCqGSM49BAMDMGExCzAJBgNVBAYT -AkpQMSUwIwYDVQQKExxTRUNPTSBUcnVzdCBTeXN0ZW1zIENPLixMVEQuMSswKQYD -VQQDEyJTZWN1cml0eSBDb21tdW5pY2F0aW9uIEVDQyBSb290Q0ExMB4XDTE2MDYx -NjA1MTUyOFoXDTM4MDExODA1MTUyOFowYTELMAkGA1UEBhMCSlAxJTAjBgNVBAoT -HFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xKzApBgNVBAMTIlNlY3VyaXR5 -IENvbW11bmljYXRpb24gRUNDIFJvb3RDQTEwdjAQBgcqhkjOPQIBBgUrgQQAIgNi -AASkpW9gAwPDvTH00xecK4R1rOX9PVdu12O/5gSJko6BnOPpR27KkBLIE+Cnnfdl -dB9sELLo5OnvbYUymUSxXv3MdhDYW72ixvnWQuRXdtyQwjWpS4g8EkdtXP9JTxpK -ULGjQjBAMB0GA1UdDgQWBBSGHOf+LaVKiwj+KBH6vqNm+GBZLzAOBgNVHQ8BAf8E -BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjAVXUI9/Lbu -9zuxNuie9sRGKEkz0FhDKmMpzE2xtHqiuQ04pV1IKv3LsnNdo4gIxwwCMQDAqy0O -be0YottT6SXbVQjgUMzfRGEWgqtJsLKB7HOHeLRMsmIbEvoWTSVLY70eN9k= ------END CERTIFICATE----- -=== /C=JP/O=SECOM Trust Systems CO.,LTD./OU=Security Communication RootCA2 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 0 (0x0) - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: May 29 05:00:39 2009 GMT - Not After : May 29 05:00:39 2029 GMT - Subject: C=JP, O=SECOM Trust Systems CO.,LTD., OU=Security Communication RootCA2 - X509v3 extensions: - X509v3 Subject Key Identifier: - 0A:85:A9:77:65:05:98:7C:40:81:F8:0F:97:2C:38:F1:0A:EC:3C:CF - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE -SHA1 Fingerprint=5F:3B:8C:F2:F8:10:B3:7D:78:B4:CE:EC:19:19:C3:73:34:B9:C7:74 -SHA256 Fingerprint=51:3B:2C:EC:B8:10:D4:CD:E5:DD:85:39:1A:DF:C6:C2:DD:60:D8:7B:B7:36:D2:B5:21:48:4A:A4:7A:0E:BE:F6 ------BEGIN CERTIFICATE----- -MIIDdzCCAl+gAwIBAgIBADANBgkqhkiG9w0BAQsFADBdMQswCQYDVQQGEwJKUDEl -MCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEnMCUGA1UECxMe -U2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBSb290Q0EyMB4XDTA5MDUyOTA1MDAzOVoX -DTI5MDUyOTA1MDAzOVowXTELMAkGA1UEBhMCSlAxJTAjBgNVBAoTHFNFQ09NIFRy -dXN0IFN5c3RlbXMgQ08uLExURC4xJzAlBgNVBAsTHlNlY3VyaXR5IENvbW11bmlj -YXRpb24gUm9vdENBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANAV -OVKxUrO6xVmCxF1SrjpDZYBLx/KWvNs2l9amZIyoXvDjChz335c9S672XewhtUGr -zbl+dp+++T42NKA7wfYxEUV0kz1XgMX5iZnK5atq1LXaQZAQwdbWQonCv/Q4EpVM -VAX3NuRFg3sUZdbcDE3R3n4MqzvEFb46VqZab3ZpUql6ucjrappdUtAtCms1FgkQ -hNBqyjoGADdH5H5XTz+L62e4iKrFvlNVspHEfbmwhRkGeC7bYRr6hfVKkaHnFtWO -ojnflLhwHyg/i/xAXmODPIMqGplrz95Zajv8bxbXH/1KEOtOghY6rCcMU/Gt1SSw -awNQwS08Ft1ENCcadfsCAwEAAaNCMEAwHQYDVR0OBBYEFAqFqXdlBZh8QIH4D5cs -OPEK7DzPMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3 -DQEBCwUAA4IBAQBMOqNErLlFsceTfsgLCkLfZOoc7llsCLqJX2rKSpWeeo8HxdpF -coJxDjrSzG+ntKEju/Ykn8sX/oymzsLS28yN/HH8AynBbF0zX2S2ZTuJbxh2ePXc -okgfGT+Ok+vx+hfuzU7jBBJV1uXk3fs+BXziHV7Gp7yXT2g69ekuCkO2r1dcYmh8 -t/2jioSgrGK+KwmHNPBqAbubKVY8/gA3zyNs8U6qtnRGEmyR7jTV7JqR50S+kDFy -1UkC9gLl9B/rfNmWVan/7Ir5mUf/NVoCqgTLiluHcSmRvaS0eg29mvVXIwAHIRc/ -SjnRBUkLp7Y3gaVdjKozXoEofKd9J+sAro03 ------END CERTIFICATE----- - -### SSL Corporation - -=== /C=US/O=SSL Corporation/CN=SSL.com TLS ECC Root CA 2022 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 14:03:f5:ab:fb:37:8b:17:40:5b:e2:43:b2:a5:d1:c4 - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Aug 25 16:33:48 2022 GMT - Not After : Aug 19 16:33:47 2046 GMT - Subject: C=US, O=SSL Corporation, CN=SSL.com TLS ECC Root CA 2022 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Authority Key Identifier: - keyid:89:8F:2F:A3:E8:2B:A0:14:54:7B:F3:56:B8:26:5F:67:38:0B:9C:D0 - - X509v3 Subject Key Identifier: - 89:8F:2F:A3:E8:2B:A0:14:54:7B:F3:56:B8:26:5F:67:38:0B:9C:D0 - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign -SHA1 Fingerprint=9F:5F:D9:1A:54:6D:F5:0C:71:F0:EE:7A:BD:17:49:98:84:73:E2:39 -SHA256 Fingerprint=C3:2F:FD:9F:46:F9:36:D1:6C:36:73:99:09:59:43:4B:9A:D6:0A:AF:BB:9E:7C:F3:36:54:F1:44:CC:1B:A1:43 ------BEGIN CERTIFICATE----- -MIICOjCCAcCgAwIBAgIQFAP1q/s3ixdAW+JDsqXRxDAKBggqhkjOPQQDAzBOMQsw -CQYDVQQGEwJVUzEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMSUwIwYDVQQDDBxT -U0wuY29tIFRMUyBFQ0MgUm9vdCBDQSAyMDIyMB4XDTIyMDgyNTE2MzM0OFoXDTQ2 -MDgxOTE2MzM0N1owTjELMAkGA1UEBhMCVVMxGDAWBgNVBAoMD1NTTCBDb3Jwb3Jh -dGlvbjElMCMGA1UEAwwcU1NMLmNvbSBUTFMgRUNDIFJvb3QgQ0EgMjAyMjB2MBAG -ByqGSM49AgEGBSuBBAAiA2IABEUpNXP6wrgjzhR9qLFNoFs27iosU8NgCTWyJGYm -acCzldZdkkAZDsalE3D07xJRKF3nzL35PIXBz5SQySvOkkJYWWf9lCcQZIxPBLFN -SeR7T5v15wj4A4j3p8OSSxlUgaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSME -GDAWgBSJjy+j6CugFFR781a4Jl9nOAuc0DAdBgNVHQ4EFgQUiY8vo+groBRUe/NW -uCZfZzgLnNAwDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMDA2gAMGUCMFXjIlbp -15IkWE8elDIPDAI2wv2sdDJO4fscgIijzPvX6yv/N33w7deedWo1dlJF4AIxAMeN -b0Igj762TVntd00pxCAgRWSGOlDGxK0tk/UYfXLtqc/ErFc2KAhl3zx5Zn6g6g== ------END CERTIFICATE----- -=== /C=US/O=SSL Corporation/CN=SSL.com TLS RSA Root CA 2022 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 6f:be:da:ad:73:bd:08:40:e2:8b:4d:be:d4:f7:5b:91 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Aug 25 16:34:22 2022 GMT - Not After : Aug 19 16:34:21 2046 GMT - Subject: C=US, O=SSL Corporation, CN=SSL.com TLS RSA Root CA 2022 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Authority Key Identifier: - keyid:FB:2E:37:EE:E3:84:7A:27:2E:CD:19:35:B1:33:7C:FF:D4:44:42:B9 - - X509v3 Subject Key Identifier: - FB:2E:37:EE:E3:84:7A:27:2E:CD:19:35:B1:33:7C:FF:D4:44:42:B9 - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign -SHA1 Fingerprint=EC:2C:83:40:72:AF:26:95:10:FF:0E:F2:03:EE:31:70:F6:78:9D:CA -SHA256 Fingerprint=8F:AF:7D:2E:2C:B4:70:9B:B8:E0:B3:36:66:BF:75:A5:DD:45:B5:DE:48:0F:8E:A8:D4:BF:E6:BE:BC:17:F2:ED ------BEGIN CERTIFICATE----- -MIIFiTCCA3GgAwIBAgIQb77arXO9CEDii02+1PdbkTANBgkqhkiG9w0BAQsFADBO -MQswCQYDVQQGEwJVUzEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMSUwIwYDVQQD -DBxTU0wuY29tIFRMUyBSU0EgUm9vdCBDQSAyMDIyMB4XDTIyMDgyNTE2MzQyMloX -DTQ2MDgxOTE2MzQyMVowTjELMAkGA1UEBhMCVVMxGDAWBgNVBAoMD1NTTCBDb3Jw -b3JhdGlvbjElMCMGA1UEAwwcU1NMLmNvbSBUTFMgUlNBIFJvb3QgQ0EgMjAyMjCC -AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANCkCXJPQIgSYT41I57u9nTP -L3tYPc48DRAokC+X94xI2KDYJbFMsBFMF3NQ0CJKY7uB0ylu1bUJPiYYf7ISf5OY -t6/wNr/y7hienDtSxUcZXXTzZGbVXcdotL8bHAajvI9AI7YexoS9UcQbOcGV0ins -S657Lb85/bRi3pZ7QcacoOAGcvvwB5cJOYF0r/c0WRFXCsJbwST0MXMwgsadugL3 -PnxEX4MN8/HdIGkWCVDi1FW24IBydm5MR7d1VVm0U3TZlMZBrViKMWYPHqIbKUBO -L9975hYsLfy/7PO0+r4Y9ptJ1O4Fbtk085zx7AGL0SDGD6C1vBdOSHtRwvzpXGk3 -R2azaPgVKPC506QVzFpPulJwoxJF3ca6TvvC0PeoUidtbnm1jPx7jMEWTO6Af77w -dr5BUxIzrlo4QqvXDz5BjXYHMtWrifZOZ9mxQnUjbvPNQrL8VfVThxc7wDNY8VLS -+YCk8OjwO4s4zKTGkH8PnP2L0aPP2oOnaclQNtVcBdIKQXTbYxE3waWglksejBYS -d66UNHsef8JmAOSqg+qKkK3ONkRN0VHpvB/zagX9wHQfJRlAUW7qglFA35u5CCoG -AtUjHBPW6dvbxrB6y3snm/vg1UYk7RBLY0ulBY+6uB0rpvqR4pJSvezrZ5dtmi2f -gTIFZzL7SAg/2SW4BCUvAgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0j -BBgwFoAU+y437uOEeicuzRk1sTN8/9REQrkwHQYDVR0OBBYEFPsuN+7jhHonLs0Z -NbEzfP/UREK5MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAjYlt -hEUY8U+zoO9opMAdrDC8Z2awms22qyIZZtM7QbUQnRC6cm4pJCAcAZli05bg4vsM -QtfhWsSWTVTNj8pDU/0quOr4ZcoBwq1gaAafORpR2eCNJvkLTqVTJXojpBzOCBvf -R4iyrT7gJ4eLSYwfqUdYe5byiB0YrrPRpgqU+tvT5TgKa3kSM/tKWTcWQA673vWJ -DPFs0/dRa1419dvAJuoSc06pkZCmF8NsLzjUo3KUQyxi4U5cMj29TH0ZR6LDSeeW -P4+a0zvkEdiLA9z2tmBVGKaBUfPhqBVq6+AL8BQx1rmMRTqoENjwuSfr98t67wVy -lrXEj5ZzxOhWc5y8aVFjvO9nHEMaX3cZHxj4HCUp+UmZKbaSPaKDN7EgkaibMOlq -bLQjk2UEqxHzDh1TJElTHaE/nUiSEeJ9DU/1172iWD54nR4fK/4huxoTtrEoZP2w -AgDHbICivRZQIA9ygV/MlP+7mea6kMvq+cYMwq7FGc4zoWtcu358NFcXrfA/rs3q -r5nsLFR+jM4uElZI7xc7P0peYNLcdDa8pUNjyw9bowJWCZ4kLOGGgYz+qxcs+sji -Mho6/4UIyYOf8kpIEFR3N+2ivEC+5BB09+Rbu7nzifmPQdjH5FCQNYA+HLhNkNPU -98OwoX6EyneSMSy4kLGCenROmxMmtNVQZlR4rmA= ------END CERTIFICATE----- -=== /C=US/ST=Texas/L=Houston/O=SSL Corporation/CN=SSL.com EV Root Certification Authority ECC -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 3182246526754555285 (0x2c299c5b16ed0595) - Signature Algorithm: ecdsa-with-SHA256 - Validity - Not Before: Feb 12 18:15:23 2016 GMT - Not After : Feb 12 18:15:23 2041 GMT - Subject: C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com EV Root Certification Authority ECC - X509v3 extensions: - X509v3 Subject Key Identifier: - 5B:CA:5E:E5:DE:D2:81:AA:CD:A8:2D:64:51:B6:D9:72:9B:97:E6:4F - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Authority Key Identifier: - keyid:5B:CA:5E:E5:DE:D2:81:AA:CD:A8:2D:64:51:B6:D9:72:9B:97:E6:4F - - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign -SHA1 Fingerprint=4C:DD:51:A3:D1:F5:20:32:14:B0:C6:C5:32:23:03:91:C7:46:42:6D -SHA256 Fingerprint=22:A2:C1:F7:BD:ED:70:4C:C1:E7:01:B5:F4:08:C3:10:88:0F:E9:56:B5:DE:2A:4A:44:F9:9C:87:3A:25:A7:C8 ------BEGIN CERTIFICATE----- -MIIClDCCAhqgAwIBAgIILCmcWxbtBZUwCgYIKoZIzj0EAwIwfzELMAkGA1UEBhMC -VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T -U0wgQ29ycG9yYXRpb24xNDAyBgNVBAMMK1NTTC5jb20gRVYgUm9vdCBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNTIzWhcNNDEwMjEyMTgx -NTIzWjB/MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv -dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjE0MDIGA1UEAwwrU1NMLmNv -bSBFViBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49 -AgEGBSuBBAAiA2IABKoSR5CYG/vvw0AHgyBO8TCCogbR8pKGYfL2IWjKAMTH6kMA -VIbc/R/fALhBYlzccBYy3h+Z1MzFB8gIH2EWB1E9fVwHU+M1OIzfzZ/ZLg1Kthku -WnBaBu2+8KGwytAJKaNjMGEwHQYDVR0OBBYEFFvKXuXe0oGqzagtZFG22XKbl+ZP -MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUW8pe5d7SgarNqC1kUbbZcpuX -5k8wDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2gAMGUCMQCK5kCJN+vp1RPZ -ytRrJPOwPYdGWBrssd9v+1a6cGvHOMzosYxPD/fxZ3YOg9AeUY8CMD32IygmTMZg -h5Mmm7I1HrrW9zzRHM76JTymGoEVW/MSD2zuZYrJh6j5B+BimoxcSg== ------END CERTIFICATE----- -=== /C=US/ST=Texas/L=Houston/O=SSL Corporation/CN=SSL.com EV Root Certification Authority RSA R2 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 6248227494352943350 (0x56b629cd34bc78f6) - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: May 31 18:14:37 2017 GMT - Not After : May 30 18:14:37 2042 GMT - Subject: C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com EV Root Certification Authority RSA R2 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Authority Key Identifier: - keyid:F9:60:BB:D4:E3:D5:34:F6:B8:F5:06:80:25:A7:73:DB:46:69:A8:9E - - X509v3 Subject Key Identifier: - F9:60:BB:D4:E3:D5:34:F6:B8:F5:06:80:25:A7:73:DB:46:69:A8:9E - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign -SHA1 Fingerprint=74:3A:F0:52:9B:D0:32:A0:F4:4A:83:CD:D4:BA:A9:7B:7C:2E:C4:9A -SHA256 Fingerprint=2E:7B:F1:6C:C2:24:85:A7:BB:E2:AA:86:96:75:07:61:B0:AE:39:BE:3B:2F:E9:D0:CC:6D:4E:F7:34:91:42:5C ------BEGIN CERTIFICATE----- -MIIF6zCCA9OgAwIBAgIIVrYpzTS8ePYwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNV -BAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjEYMBYGA1UE -CgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQDDC5TU0wuY29tIEVWIFJvb3QgQ2Vy -dGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIyMB4XDTE3MDUzMTE4MTQzN1oXDTQy -MDUzMDE4MTQzN1owgYIxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4G -A1UEBwwHSG91c3RvbjEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQD -DC5TU0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIy -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAjzZlQOHWTcDXtOlG2mvq -M0fNTPl9fb69LT3w23jhhqXZuglXaO1XPqDQCEGD5yhBJB/jchXQARr7XnAjssuf -OePPxU7Gkm0mxnu7s9onnQqG6YE3Bf7wcXHswxzpY6IXFJ3vG2fThVUCAtZJycxa -4bH3bzKfydQ7iEGonL3Lq9ttewkfokxykNorCPzPPFTOZw+oz12WGQvE43LrrdF9 -HSfvkusQv1vrO6/PgN3B0pYEW3p+pKk8OHakYo6gOV7qd89dAFmPZiw+B6KjBSYR -aZfqhbcPlgtLyEDhULouisv3D5oi53+aNxPN8k0TayHRwMwi8qFG9kRpnMphNQcA -b9ZhCBHqurj26bNg5U257J8UZslXWNvNh2n4ioYSA0e/ZhN2rHd9NCSFg83XqpyQ -Gp8hLH94t2S42Oim9HizVcuE0jLEeK6jj2HdzghTreyI/BXkmg3mnxp3zkyPuBQV -PWKchjgGAGYS5Fl2WlPAApiiECtoRHuOec4zSnaqW4EWG7WK2NAAe15itAnWhmMO -pgWVSbooi4iTsjQc2KRVbrcc0N6ZVTsj9CLg+SlmJuwgUHfbSguPvuUCYHBBXtSu -UDkiFCbLsjtzdFVHB3mBOagwE0TlBIqulhMlQg+5U8Sb/M3kHN48+qvWBkofZ6aY -MBzdLNvcGJVXZsb/XItW9XcCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAfBgNV -HSMEGDAWgBT5YLvU49U09rj1BoAlp3PbRmmonjAdBgNVHQ4EFgQU+WC71OPVNPa4 -9QaAJadz20ZpqJ4wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBW -s47LCp1Jjr+kxJG7ZhcFUZh1++VQLHqe8RT6q9OKPv+RKY9ji9i0qVQBDb6Thi/5 -Sm3HXvVX+cpVHBK+Rw82xd9qt9t1wkclf7nxY/hoLVUE0fKNsKTPvDxeH3jnpaAg -cLAExbf3cqfeIg29MyVGjGSSJuM+LmOW2puMPfgYCdcDzH2GguDKBAdRUNf/ktUM -79qGn5nX67evaOI5JpS6aLe/g9Pqemc9YmeuJeVy6OLk7K4S9ksrPJ/psEDzOFSz -/bdoyNrGj1E8svuR3Bznm53htw1yj+KkxKl4+esUrMZDBcJlOSgYAsOCsp0FvmXt -ll9ldDz7CTUue5wT/RsPXcdtgTpWD8w74a8CLyKsRspGPKAcTNZEtF4uXBVmCeEm -Kf7GUmG6sXP/wwyc5WxqlD8UykAWlYTzWamsX0xhk23RO8yilQwipmdnRC652dKK -QbNmC1r7fSOl8hqw/96bg5Qu0T/fkreRrwU7ZcegbLHNYhLDkBvjJc40vG93drEQ -w/cFGsDWr3RiSBd3kmmQYRzelYB0VI8YHMPzA9C/pEN1hlMYegouCRw2n5H9gooi -S9EOUCXdywMMF8mDAAhONU2Ki+3wApRmLER/y5UnlhetCTCstnEXbosX9hwJ1C07 -mKVx01QT2WDz9UtmT/rx7iASjbSsV7FFY6GsdqnC+w== ------END CERTIFICATE----- -=== /C=US/ST=Texas/L=Houston/O=SSL Corporation/CN=SSL.com Root Certification Authority ECC -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 8495723813297216424 (0x75e6dfcbc1685ba8) - Signature Algorithm: ecdsa-with-SHA256 - Validity - Not Before: Feb 12 18:14:03 2016 GMT - Not After : Feb 12 18:14:03 2041 GMT - Subject: C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com Root Certification Authority ECC - X509v3 extensions: - X509v3 Subject Key Identifier: - 82:D1:85:73:30:E7:35:04:D3:8E:02:92:FB:E5:A4:D1:C4:21:E8:CD - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Authority Key Identifier: - keyid:82:D1:85:73:30:E7:35:04:D3:8E:02:92:FB:E5:A4:D1:C4:21:E8:CD - - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign -SHA1 Fingerprint=C3:19:7C:39:24:E6:54:AF:1B:C4:AB:20:95:7A:E2:C3:0E:13:02:6A -SHA256 Fingerprint=34:17:BB:06:CC:60:07:DA:1B:96:1C:92:0B:8A:B4:CE:3F:AD:82:0E:4A:A3:0B:9A:CB:C4:A7:4E:BD:CE:BC:65 ------BEGIN CERTIFICATE----- -MIICjTCCAhSgAwIBAgIIdebfy8FoW6gwCgYIKoZIzj0EAwIwfDELMAkGA1UEBhMC -VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T -U0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZpY2F0 -aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNDAzWhcNNDEwMjEyMTgxNDAz -WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0 -b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBS -b290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49AgEGBSuB -BAAiA2IABEVuqVDEpiM2nl8ojRfLliJkP9x6jh3MCLOicSS6jkm5BBtHllirLZXI -7Z4INcgn64mMU1jrYor+8FsPazFSY0E7ic3s7LaNGdM0B9y7xgZ/wkWV7Mt/qCPg -CemB+vNH06NjMGEwHQYDVR0OBBYEFILRhXMw5zUE044CkvvlpNHEIejNMA8GA1Ud -EwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUgtGFczDnNQTTjgKS++Wk0cQh6M0wDgYD -VR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2cAMGQCMG/n61kRpGDPYbCWe+0F+S8T -kdzt5fxQaxFGRrMcIQBiu77D5+jNB5n5DQtdcj7EqgIwH7y6C+IwJPt8bYBVCpk+ -gA0z5Wajs6O7pdWLjwkspl1+4vAHCGht0nxpbl/f5Wpl ------END CERTIFICATE----- -=== /C=US/ST=Texas/L=Houston/O=SSL Corporation/CN=SSL.com Root Certification Authority RSA -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 8875640296558310041 (0x7b2c9bd316803299) - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Feb 12 17:39:39 2016 GMT - Not After : Feb 12 17:39:39 2041 GMT - Subject: C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com Root Certification Authority RSA - X509v3 extensions: - X509v3 Subject Key Identifier: - DD:04:09:07:A2:F5:7A:7D:52:53:12:92:95:EE:38:80:25:0D:A6:59 - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Authority Key Identifier: - keyid:DD:04:09:07:A2:F5:7A:7D:52:53:12:92:95:EE:38:80:25:0D:A6:59 - - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign -SHA1 Fingerprint=B7:AB:33:08:D1:EA:44:77:BA:14:80:12:5A:6F:BD:A9:36:49:0C:BB -SHA256 Fingerprint=85:66:6A:56:2E:E0:BE:5C:E9:25:C1:D8:89:0A:6F:76:A8:7E:C1:6D:4D:7D:5F:29:EA:74:19:CF:20:12:3B:69 ------BEGIN CERTIFICATE----- -MIIF3TCCA8WgAwIBAgIIeyyb0xaAMpkwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UE -BhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQK -DA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTYwMjEyMTczOTM5WhcNNDEwMjEyMTcz -OTM5WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv -dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNv -bSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTCCAiIwDQYJKoZIhvcN -AQEBBQADggIPADCCAgoCggIBAPkP3aMrfcvQKv7sZ4Wm5y4bunfh4/WvpOz6Sl2R -xFdHaxh3a3by/ZPkPQ/CFp4LZsNWlJ4Xg4XOVu/yFv0AYvUiCVToZRdOQbngT0aX -qhvIuG5iXmmxX9sqAn78bMrzQdjt0Oj8P2FI7bADFB0QDksZ4LtO7IZl/zbzXmcC -C52GVWH9ejjt/uIZALdvoVBidXQ8oPrIJZK0bnoix/geoeOy3ZExqysdBP+lSgQ3 -6YWkMyv94tZVNHwZpEpox7Ko07fKoZOI68GXvIz5HdkihCR0xwQ9aqkpk8zruFvh -/l8lqjRYyMEjVJ0bmBHDOJx+PYZspQ9AhnwC9FwCTyjLrnGfDzrIM/4RJTXq/LrF -YD3ZfBjVsqnTdXgDciLKOsMf7yzlLqn6niy2UUb9rwPW6mBo6oUWNmuF6R7As93E -JNyAKoFBbZQ+yODJgUEAnl6/f8UImKIYLEJAs/lvOCdLToD0PYFH4Ih86hzOtXVc -US4cK38acijnALXRdMbX5J+tB5O2UzU1/Dfkw/ZdFr4hc96SCvigY2q8lpJqPvi8 -ZVWb3vUNiSYE/CUapiVpy8JtynziWV+XrOvvLsi81xtZPCvM8hnIk2snYxnP/Okm -+Mpxm3+T/jRnhE6Z6/yzeAkzcLpmpnbtG3PrGqUNxCITIJRWCk4sbE6x/c+cCbqi -M+2HAgMBAAGjYzBhMB0GA1UdDgQWBBTdBAkHovV6fVJTEpKV7jiAJQ2mWTAPBgNV -HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFN0ECQei9Xp9UlMSkpXuOIAlDaZZMA4G -A1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAIBgRlCn7Jp0cHh5wYfGV -cpNxJK1ok1iOMq8bs3AD/CUrdIWQPXhq9LmLpZc7tRiRux6n+UBbkflVma8eEdBc -Hadm47GUBwwyOabqG7B52B2ccETjit3E+ZUfijhDPwGFpUenPUayvOUiaPd7nNgs -PgohyC0zrL/FgZkxdMF1ccW+sfAjRfSda/wZY52jvATGGAslu1OJD7OAUN5F7kR/ -q5R4ZJjT9ijdh9hwZXT7DrkT66cPYakylszeu+1jTBi7qUD3oFRuIIhxdRjqerQ0 -cuAjJ3dctpDqhiVAq+8zD8ufgr6iIPv2tS0a5sKFsXQP+8hlAqRSAUfdSSLBv9jr -a6x+3uxjMxW3IwiPxg+NQVrdjsW5j+VFP3jbutIbQLH+cU0/4IGiul607BXgk90I -H37hVZkLId6Tngr75qNJvTYw/ud3sqB1l7UtgYgXZSD32pAAn8lSzDLKNXz1PQ/Y -K9f1JmzJBjSWFupwWRoyeXkLtoh/D1JIPb9s2KJELtFOt3JY04kTlf5Eq/jXixtu -nLwsoFvVagCvXzfh1foQC5ichucmj87w7G6KVwuA406ywKBjYZC6VWg3dGq2ktuf -oYYitmUnDuy2n0Jg5GfCtdpBC8TTi2EbvPofkSvXRAdeuims2cXp71NIWuuA8ShY -Ic2wBlX7Jz9TkHCpBB5XJ7k= ------END CERTIFICATE----- - -### Sectigo Limited - -=== /C=GB/O=Sectigo Limited/CN=Sectigo Public Server Authentication Root E46 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 42:f2:cc:da:1b:69:37:44:5f:15:fe:75:28:10:b8:f4 - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Mar 22 00:00:00 2021 GMT - Not After : Mar 21 23:59:59 2046 GMT - Subject: C=GB, O=Sectigo Limited, CN=Sectigo Public Server Authentication Root E46 - X509v3 extensions: - X509v3 Subject Key Identifier: - D1:22:DA:4C:59:F1:4B:5F:26:38:AA:9D:D6:EE:EB:0D:C3:FB:A9:61 - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE -SHA1 Fingerprint=EC:8A:39:6C:40:F0:2E:BC:42:75:D4:9F:AB:1C:1A:5B:67:BE:D2:9A -SHA256 Fingerprint=C9:0F:26:F0:FB:1B:40:18:B2:22:27:51:9B:5C:A2:B5:3E:2C:A5:B3:BE:5C:F1:8E:FE:1B:EF:47:38:0C:53:83 ------BEGIN CERTIFICATE----- -MIICOjCCAcGgAwIBAgIQQvLM2htpN0RfFf51KBC49DAKBggqhkjOPQQDAzBfMQsw -CQYDVQQGEwJHQjEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTYwNAYDVQQDEy1T -ZWN0aWdvIFB1YmxpYyBTZXJ2ZXIgQXV0aGVudGljYXRpb24gUm9vdCBFNDYwHhcN -MjEwMzIyMDAwMDAwWhcNNDYwMzIxMjM1OTU5WjBfMQswCQYDVQQGEwJHQjEYMBYG -A1UEChMPU2VjdGlnbyBMaW1pdGVkMTYwNAYDVQQDEy1TZWN0aWdvIFB1YmxpYyBT -ZXJ2ZXIgQXV0aGVudGljYXRpb24gUm9vdCBFNDYwdjAQBgcqhkjOPQIBBgUrgQQA -IgNiAAR2+pmpbiDt+dd34wc7qNs9Xzjoq1WmVk/WSOrsfy2qw7LFeeyZYX8QeccC -WvkEN/U0NSt3zn8gj1KjAIns1aeibVvjS5KToID1AZTc8GgHHs3u/iVStSBDHBv+ -6xnOQ6OjQjBAMB0GA1UdDgQWBBTRItpMWfFLXyY4qp3W7usNw/upYTAOBgNVHQ8B -Af8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNnADBkAjAn7qRa -qCG76UeXlImldCBteU/IvZNeWBj7LRoAasm4PdCkT0RHlAFWovgzJQxC36oCMB3q -4S6ILuH5px0CMk7yn2xVdOOurvulGu7t0vzCAxHrRVxgED1cf5kDW21USAGKcw== ------END CERTIFICATE----- -=== /C=GB/O=Sectigo Limited/CN=Sectigo Public Server Authentication Root R46 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 75:8d:fd:8b:ae:7c:07:00:fa:a9:25:a7:e1:c7:ad:14 - Signature Algorithm: sha384WithRSAEncryption - Validity - Not Before: Mar 22 00:00:00 2021 GMT - Not After : Mar 21 23:59:59 2046 GMT - Subject: C=GB, O=Sectigo Limited, CN=Sectigo Public Server Authentication Root R46 - X509v3 extensions: - X509v3 Subject Key Identifier: - 56:73:58:64:95:F9:92:1A:B0:12:2A:04:62:79:A1:40:15:88:21:49 - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE -SHA1 Fingerprint=AD:98:F9:F3:E4:7D:75:3B:65:D4:82:B3:A4:52:17:BB:6E:F5:E4:38 -SHA256 Fingerprint=7B:B6:47:A6:2A:EE:AC:88:BF:25:7A:A5:22:D0:1F:FE:A3:95:E0:AB:45:C7:3F:93:F6:56:54:EC:38:F2:5A:06 ------BEGIN CERTIFICATE----- -MIIFijCCA3KgAwIBAgIQdY39i658BwD6qSWn4cetFDANBgkqhkiG9w0BAQwFADBf -MQswCQYDVQQGEwJHQjEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTYwNAYDVQQD -Ey1TZWN0aWdvIFB1YmxpYyBTZXJ2ZXIgQXV0aGVudGljYXRpb24gUm9vdCBSNDYw -HhcNMjEwMzIyMDAwMDAwWhcNNDYwMzIxMjM1OTU5WjBfMQswCQYDVQQGEwJHQjEY -MBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTYwNAYDVQQDEy1TZWN0aWdvIFB1Ymxp -YyBTZXJ2ZXIgQXV0aGVudGljYXRpb24gUm9vdCBSNDYwggIiMA0GCSqGSIb3DQEB -AQUAA4ICDwAwggIKAoICAQCTvtU2UnXYASOgHEdCSe5jtrch/cSV1UgrJnwUUxDa -ef0rty2k1Cz66jLdScK5vQ9IPXtamFSvnl0xdE8H/FAh3aTPaE8bEmNtJZlMKpnz -SDBh+oF8HqcIStw+KxwfGExxqjWMrfhu6DtK2eWUAtaJhBOqbchPM8xQljeSM9xf -iOefVNlI8JhD1mb9nxc4Q8UBUQvX4yMPFF1bFOdLvt30yNoDN9HWOaEhUTCDsG3X -ME6WW5HwcCSrv0WBZEMNvSE6Lzzpng3LILVCJ8zab5vuZDCQOc2TZYEhMbUjUDM3 -IuM47fgxMMxF/mL50V0yeUKH32rMVhlATc6qu/m1dkmU8Sf4kaWD5QazYw6A3OAS -VYCmO2a0OYctyPDQ0RTp5A1NDvZdV3LFOxxHVp3i1fuBYYzMTYCQNFu31xR13NgE -SJ/AwSiItOkcyqex8Va3e0lMWeUgFaiEAin6OJRpmkkGj80feRQXEgyDet4fsZfu -+Zd4KKTIRJLpfSYFplhym3kT2BFfrsU4YjRosoYwjviQYZ4ybPUHNs2iTG7sijbt -8uaZFURww3y8nDnAtOFr94MlI1fZEoDlSfB1D++N6xybVCi0ITz8fAr/73trdf+L -HaAZBav6+CuBQug4urv7qv094PPK306Xlynt8xhW6aWWrL3DkJiy4Pmi1KZHQ3xt -zwIDAQABo0IwQDAdBgNVHQ4EFgQUVnNYZJX5khqwEioEYnmhQBWIIUkwDgYDVR0P -AQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAC9c -mTz8Bl6MlC5w6tIyMY208FHVvArzZJ8HXtXBc2hkeqK5Duj5XYUtqDdFqij0lgVQ -YKlJfp/imTYpE0RHap1VIDzYm/EDMrraQKFz6oOht0SmDpkBm+S8f74TlH7Kph52 -gDY9hAaLMyZlbcp+nv4fjFg4exqDsQ+8FxG75gbMY/qB8oFM2gsQa6H61SilzwZA -Fv97fRheORKkU55+MkIQpiGRqRxOF3yEvJ+M0ejf5lG5Nkc/kLnHvALcWxxPDkjB -JYOcCj+esQMzEhonrPcibCTRAUH4WAP+JWgiH5paPHxsnnVI84HxZmduTILA7rpX -DhjvLpr3Etiga+kFpaHpaPi8TD8SHkXoUsCjvxInebnMMTzD9joiFgOgyY9mpFui -TdaBJQbpdqQACj7LzTWb4OE4y2BThihCQRxEV+ioratF4yUQvNs+ZUH7G6aXD+u5 -dHn5HrwdVw1Hr8Mvn4dGp+smWg9WY7ViYG4A++MnESLn/pmPNPW56MORcr3Ywx65 -LvKRRFHQV80MNNVIIb/bE/FmJUNS0nAiNs2fxBx1IK1jcmMGDw4nztJqDby1ORrp -0XZ60Vzk50lJLVU3aPAaOpg+VBeHVOmmJ1CJeyAvP/+/oYtKR5j/K3tJPsMpRmAY -QqszKbrAKbkTidOIijlBO8n9pu0f9GBj39ItVQGL ------END CERTIFICATE----- - -### SecureTrust Corporation - -=== /C=US/O=SecureTrust Corporation/CN=Secure Global CA -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 07:56:22:a4:e8:d4:8a:89:4d:f4:13:c8:f0:f8:ea:a5 - Signature Algorithm: sha1WithRSAEncryption - Validity - Not Before: Nov 7 19:42:28 2006 GMT - Not After : Dec 31 19:52:06 2029 GMT - Subject: C=US, O=SecureTrust Corporation, CN=Secure Global CA - X509v3 extensions: - 1.3.6.1.4.1.311.20.2: - ...C.A - X509v3 Key Usage: - Digital Signature, Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - AF:44:04:C2:41:7E:48:83:DB:4E:39:02:EC:EC:84:7A:E6:CE:C9:A4 - X509v3 CRL Distribution Points: - - Full Name: - URI:http://crl.securetrust.com/SGCA.crl - - 1.3.6.1.4.1.311.21.1: - ... -SHA1 Fingerprint=3A:44:73:5A:E5:81:90:1F:24:86:61:46:1E:3B:9C:C4:5F:F5:3A:1B -SHA256 Fingerprint=42:00:F5:04:3A:C8:59:0E:BB:52:7D:20:9E:D1:50:30:29:FB:CB:D4:1C:A1:B5:06:EC:27:F1:5A:DE:7D:AC:69 ------BEGIN CERTIFICATE----- -MIIDvDCCAqSgAwIBAgIQB1YipOjUiolN9BPI8PjqpTANBgkqhkiG9w0BAQUFADBK -MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x -GTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwHhcNMDYxMTA3MTk0MjI4WhcNMjkx -MjMxMTk1MjA2WjBKMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3Qg -Q29ycG9yYXRpb24xGTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvNS7YrGxVaQZx5RNoJLNP2MwhR/jxYDiJ -iQPpvepeRlMJ3Fz1Wuj3RSoC6zFh1ykzTM7HfAo3fg+6MpjhHZevj8fcyTiW89sa -/FHtaMbQbqR8JNGuQsiWUGMu4P51/pinX0kuleM5M2SOHqRfkNJnPLLZ/kG5VacJ -jnIFHovdRIWCQtBJwB1g8NEXLJXr9qXBkqPFwqcIYA1gBBCWeZ4WNOaptvolRTnI -HmX5k/Wq8VLcmZg9pYYaDDUz+kulBAYVHDGA76oYa8J719rO+TMg1fW9ajMtgQT7 -sFzUnKPiXB3jqUJ1XnvUd+85VLrJChgbEplJL4hL/VBi0XPnj3pDAgMBAAGjgZ0w -gZowEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQF -MAMBAf8wHQYDVR0OBBYEFK9EBMJBfkiD2045AuzshHrmzsmkMDQGA1UdHwQtMCsw -KaAnoCWGI2h0dHA6Ly9jcmwuc2VjdXJldHJ1c3QuY29tL1NHQ0EuY3JsMBAGCSsG -AQQBgjcVAQQDAgEAMA0GCSqGSIb3DQEBBQUAA4IBAQBjGghAfaReUw132HquHw0L -URYD7xh8yOOvaliTFGCRsoTciE6+OYo68+aCiV0BN7OrJKQVDpI1WkpEXk5X+nXO -H0jOZvQ8QCaSmGwb7iRGDBezUqXbpZGRzzfTb+cnCDpOGR86p1hcF895P4vkp9Mm -I50mD1hp/Ed+stCNi5O/KU9DaXR2Z0vPB4zmAve14bRDtUstFJ/53CYNv6ZHdAbY -iNE6KTCEztI5gGIbqMdXSbxqVVFnFUq+NQfk1XWYN3kwFNspnWzFacxHVaIw98xc -f8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cW ------END CERTIFICATE----- -=== /C=US/O=SecureTrust Corporation/CN=SecureTrust CA -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 0c:f0:8e:5c:08:16:a5:ad:42:7f:f0:eb:27:18:59:d0 - Signature Algorithm: sha1WithRSAEncryption - Validity - Not Before: Nov 7 19:31:18 2006 GMT - Not After : Dec 31 19:40:55 2029 GMT - Subject: C=US, O=SecureTrust Corporation, CN=SecureTrust CA - X509v3 extensions: - 1.3.6.1.4.1.311.20.2: - ...C.A - X509v3 Key Usage: - Digital Signature, Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 42:32:B6:16:FA:04:FD:FE:5D:4B:7A:C3:FD:F7:4C:40:1D:5A:43:AF - X509v3 CRL Distribution Points: - - Full Name: - URI:http://crl.securetrust.com/STCA.crl - - 1.3.6.1.4.1.311.21.1: - ... -SHA1 Fingerprint=87:82:C6:C3:04:35:3B:CF:D2:96:92:D2:59:3E:7D:44:D9:34:FF:11 -SHA256 Fingerprint=F1:C1:B5:0A:E5:A2:0D:D8:03:0E:C9:F6:BC:24:82:3D:D3:67:B5:25:57:59:B4:E7:1B:61:FC:E9:F7:37:5D:73 ------BEGIN CERTIFICATE----- -MIIDuDCCAqCgAwIBAgIQDPCOXAgWpa1Cf/DrJxhZ0DANBgkqhkiG9w0BAQUFADBI -MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x -FzAVBgNVBAMTDlNlY3VyZVRydXN0IENBMB4XDTA2MTEwNzE5MzExOFoXDTI5MTIz -MTE5NDA1NVowSDELMAkGA1UEBhMCVVMxIDAeBgNVBAoTF1NlY3VyZVRydXN0IENv -cnBvcmF0aW9uMRcwFQYDVQQDEw5TZWN1cmVUcnVzdCBDQTCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAKukgeWVzfX2FI7CT8rU4niVWJxB4Q2ZQCQXOZEz -Zum+4YOvYlyJ0fwkW2Gz4BERQRwdbvC4u/jep4G6pkjGnx29vo6pQT64lO0pGtSO -0gMdA+9tDWccV9cGrcrI9f4Or2YlSASWC12juhbDCE/RRvgUXPLIXgGZbf2IzIao -wW8xQmxSPmjL8xk037uHGFaAJsTQ3MBv396gwpEWoGQRS0S8Hvbn+mPeZqx2pHGj -7DaUaHp3pLHnDi+BeuK1cobvomuL8A/b01k/unK8RCSc43Oz969XL0Imnal0ugBS -8kvNU3xHCzaFDmapCJcWNFfBZveA4+1wVMeT4C4oFVmHursCAwEAAaOBnTCBmjAT -BgkrBgEEAYI3FAIEBh4EAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB -/zAdBgNVHQ4EFgQUQjK2FvoE/f5dS3rD/fdMQB1aQ68wNAYDVR0fBC0wKzApoCeg -JYYjaHR0cDovL2NybC5zZWN1cmV0cnVzdC5jb20vU1RDQS5jcmwwEAYJKwYBBAGC -NxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBADDtT0rhWDpSclu1pqNlGKa7UTt3 -6Z3q059c4EVlew3KW+JwULKUBRSuSceNQQcSc5R+DCMh/bwQf2AQWnL1mA6s7Ll/ -3XpvXdMc9P+IBWlCqQVxyLesJugutIxq/3HcuLHfmbx8IVQr5Fiiu1cprp6poxkm -D5kuCLDv/WnPmRoJjeOnnyvJNjR7JLN4TJUXpAYmHrZkUjZfYGfZnMUFdAvnZyPS -CPyI6a6Lf+Ew9Dd+/cYy2i2eRDAwbO4H3tI0/NL/QPZL9GZGBlSm8jIKYyYwa5vR -3ItHuuG51WLQoqD0ZwV4KWMabwTW+MZMo5qxN7SN5ShLHZ4swrhovO0C7jE= ------END CERTIFICATE----- - -### Starfield Technologies, Inc. - -=== /C=US/O=Starfield Technologies, Inc./OU=Starfield Class 2 Certification Authority -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 0 (0x0) - Signature Algorithm: sha1WithRSAEncryption - Validity - Not Before: Jun 29 17:39:16 2004 GMT - Not After : Jun 29 17:39:16 2034 GMT - Subject: C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority - X509v3 extensions: - X509v3 Subject Key Identifier: - BF:5F:B7:D1:CE:DD:1F:86:F4:5B:55:AC:DC:D7:10:C2:0E:A9:88:E7 - X509v3 Authority Key Identifier: - keyid:BF:5F:B7:D1:CE:DD:1F:86:F4:5B:55:AC:DC:D7:10:C2:0E:A9:88:E7 - DirName:/C=US/O=Starfield Technologies, Inc./OU=Starfield Class 2 Certification Authority - serial:00 - - X509v3 Basic Constraints: - CA:TRUE -SHA1 Fingerprint=AD:7E:1C:28:B0:64:EF:8F:60:03:40:20:14:C3:D0:E3:37:0E:B5:8A -SHA256 Fingerprint=14:65:FA:20:53:97:B8:76:FA:A6:F0:A9:95:8E:55:90:E4:0F:CC:7F:AA:4F:B7:C2:C8:67:75:21:FB:5F:B6:58 ------BEGIN CERTIFICATE----- -MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl -MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp -U3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQw -NjI5MTczOTE2WhcNMzQwNjI5MTczOTE2WjBoMQswCQYDVQQGEwJVUzElMCMGA1UE -ChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMpU3RhcmZp -ZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEgMA0GCSqGSIb3 -DQEBAQUAA4IBDQAwggEIAoIBAQC3Msj+6XGmBIWtDBFk385N78gDGIc/oav7PKaf -8MOh2tTYbitTkPskpD6E8J7oX+zlJ0T1KKY/e97gKvDIr1MvnsoFAZMej2YcOadN -+lq2cwQlZut3f+dZxkqZJRRU6ybH838Z1TBwj6+wRir/resp7defqgSHo9T5iaU0 -X9tDkYI22WY8sbi5gv2cOj4QyDvvBmVmepsZGD3/cVE8MC5fvj13c7JdBmzDI1aa -K4UmkhynArPkPw2vCHmCuDY96pzTNbO8acr1zJ3o/WSNF4Azbl5KXZnJHoe0nRrA -1W4TNSNe35tfPe/W93bC6j67eA0cQmdrBNj41tpvi/JEoAGrAgEDo4HFMIHCMB0G -A1UdDgQWBBS/X7fRzt0fhvRbVazc1xDCDqmI5zCBkgYDVR0jBIGKMIGHgBS/X7fR -zt0fhvRbVazc1xDCDqmI56FspGowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0 -YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBD -bGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8w -DQYJKoZIhvcNAQEFBQADggEBAAWdP4id0ckaVaGsafPzWdqbAYcaT1epoXkJKtv3 -L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLMPUxA2IGvd56D -eruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl -xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynp -VSJYACPq4xJDKVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEY -WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5Q= ------END CERTIFICATE----- -=== /C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./CN=Starfield Root Certificate Authority - G2 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 0 (0x0) - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Sep 1 00:00:00 2009 GMT - Not After : Dec 31 23:59:59 2037 GMT - Subject: C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - 7C:0C:32:1F:A7:D9:30:7F:C4:7D:68:A3:62:A8:A1:CE:AB:07:5B:27 -SHA1 Fingerprint=B5:1C:06:7C:EE:2B:0C:3D:F8:55:AB:2D:92:F4:FE:39:D4:E7:0F:0E -SHA256 Fingerprint=2C:E1:CB:0B:F9:D2:F9:E1:02:99:3F:BE:21:51:52:C3:B2:DD:0C:AB:DE:1C:68:E5:31:9B:83:91:54:DB:B7:F5 ------BEGIN CERTIFICATE----- -MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT -HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAMTKVN0YXJmaWVs -ZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAw -MFoXDTM3MTIzMTIzNTk1OVowgY8xCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6 -b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQgVGVj -aG5vbG9naWVzLCBJbmMuMTIwMAYDVQQDEylTdGFyZmllbGQgUm9vdCBDZXJ0aWZp -Y2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC -ggEBAL3twQP89o/8ArFvW59I2Z154qK3A2FWGMNHttfKPTUuiUP3oWmb3ooa/RMg -nLRJdzIpVv257IzdIvpy3Cdhl+72WoTsbhm5iSzchFvVdPtrX8WJpRBSiUZV9Lh1 -HOZ/5FSuS/hVclcCGfgXcVnrHigHdMWdSL5stPSksPNkN3mSwOxGXn/hbVNMYq/N -Hwtjuzqd+/x5AJhhdM8mgkBj87JyahkNmcrUDnXMN/uLicFZ8WJ/X7NfZTD4p7dN -dloedl40wOiWVpmKs/B/pM293DIxfJHP4F8R+GuqSVzRmZTRouNjWwl2tVZi4Ut0 -HZbUJtQIBFnQmA4O5t78w+wfkPECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAO -BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFHwMMh+n2TB/xH1oo2Kooc6rB1snMA0G -CSqGSIb3DQEBCwUAA4IBAQARWfolTwNvlJk7mh+ChTnUdgWUXuEok21iXQnCoKjU -sHU48TRqneSfioYmUeYs0cYtbpUgSpIB7LiKZ3sx4mcujJUDJi5DnUox9g61DLu3 -4jd/IroAow57UvtruzvE03lRTs2Q9GcHGcg8RnoNAX3FWOdt5oUwF5okxBDgBPfg -8n/Uqgr/Qh037ZTlZFkSIHc40zI+OIF1lnP6aI+xy84fxez6nH7PfrHxBy22/L/K -pL/QlwVKvOoYKAKQvVR4CSFx09F9HdkWsKlhPdAKACL8x3vLCWRFCztAgfd9fDL1 -mMpYjn0q7pBZc2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0 ------END CERTIFICATE----- -=== /C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./CN=Starfield Services Root Certificate Authority - G2 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 0 (0x0) - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Sep 1 00:00:00 2009 GMT - Not After : Dec 31 23:59:59 2037 GMT - Subject: C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - 9C:5F:00:DF:AA:01:D7:30:2B:38:88:A2:B8:6D:4A:9C:F2:11:91:83 -SHA1 Fingerprint=92:5A:8F:8D:2C:6D:04:E0:66:5F:59:6A:FF:22:D8:63:E8:25:6F:3F -SHA256 Fingerprint=56:8D:69:05:A2:C8:87:08:A4:B3:02:51:90:ED:CF:ED:B1:97:4A:60:6A:13:C6:E5:29:0F:CB:2A:E6:3E:DA:B5 ------BEGIN CERTIFICATE----- -MIID7zCCAtegAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT -HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xOzA5BgNVBAMTMlN0YXJmaWVs -ZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5 -MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgZgxCzAJBgNVBAYTAlVTMRAwDgYD -VQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFy -ZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTswOQYDVQQDEzJTdGFyZmllbGQgU2Vy -dmljZXMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBANUMOsQq+U7i9b4Zl1+OiFOxHz/Lz58gE20p -OsgPfTz3a3Y4Y9k2YKibXlwAgLIvWX/2h/klQ4bnaRtSmpDhcePYLQ1Ob/bISdm2 -8xpWriu2dBTrz/sm4xq6HZYuajtYlIlHVv8loJNwU4PahHQUw2eeBGg6345AWh1K -Ts9DkTvnVtYAcMtS7nt9rjrnvDH5RfbCYM8TWQIrgMw0R9+53pBlbQLPLJGmpufe -hRhJfGZOozptqbXuNC66DQO4M99H67FrjSXZm86B0UVGMpZwh94CDklDhbZsc7tk -6mFBrMnUVN+HL8cisibMn1lUaJ/8viovxFUcdUBgF4UCVTmLfwUCAwEAAaNCMEAw -DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJxfAN+q -AdcwKziIorhtSpzyEZGDMA0GCSqGSIb3DQEBCwUAA4IBAQBLNqaEd2ndOxmfZyMI -bw5hyf2E3F/YNoHN2BtBLZ9g3ccaaNnRbobhiCPPE95Dz+I0swSdHynVv/heyNXB -ve6SbzJ08pGCL72CQnqtKrcgfU28elUSwhXqvfdqlS5sdJ/PHLTyxQGjhdByPq1z -qwubdQxtRbeOlKyWN7Wg0I8VRw7j6IPdj/3vQQF3zCepYoUz8jcI73HPdwbeyBkd -iEDPfUYd/x7H4c7/I9vG+o1VTqkC50cRRj70/b17KSa7qWFiNyi2LSr2EIZkyXCn -0q23KXB56jzaYyWf/Wi3MOxw+3WKt21gZ7IeyLnp2KhvAotnDU0mV3HaIPzBSlCN -sSi6 ------END CERTIFICATE----- - -### SwissSign AG - -=== /C=CH/O=SwissSign AG/CN=SwissSign Gold CA - G2 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - bb:40:1c:43:f5:5e:4f:b0 - Signature Algorithm: sha1WithRSAEncryption - Validity - Not Before: Oct 25 08:30:35 2006 GMT - Not After : Oct 25 08:30:35 2036 GMT - Subject: C=CH, O=SwissSign AG, CN=SwissSign Gold CA - G2 - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 5B:25:7B:96:A4:65:51:7E:B8:39:F3:C0:78:66:5E:E8:3A:E7:F0:EE - X509v3 Authority Key Identifier: - keyid:5B:25:7B:96:A4:65:51:7E:B8:39:F3:C0:78:66:5E:E8:3A:E7:F0:EE - - X509v3 Certificate Policies: - Policy: 2.16.756.1.89.1.2.1.1 - CPS: http://repository.swisssign.com/ - -SHA1 Fingerprint=D8:C5:38:8A:B7:30:1B:1B:6E:D4:7A:E6:45:25:3A:6F:9F:1A:27:61 -SHA256 Fingerprint=62:DD:0B:E9:B9:F5:0A:16:3E:A0:F8:E7:5C:05:3B:1E:CA:57:EA:55:C8:68:8F:64:7C:68:81:F2:C8:35:7B:95 ------BEGIN CERTIFICATE----- -MIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV -BAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2ln -biBHb2xkIENBIC0gRzIwHhcNMDYxMDI1MDgzMDM1WhcNMzYxMDI1MDgzMDM1WjBF -MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMR8wHQYDVQQDExZT -d2lzc1NpZ24gR29sZCBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC -CgKCAgEAr+TufoskDhJuqVAtFkQ7kpJcyrhdhJJCEyq8ZVeCQD5XJM1QiyUqt2/8 -76LQwB8CJEoTlo8jE+YoWACjR8cGp4QjK7u9lit/VcyLwVcfDmJlD909Vopz2q5+ -bbqBHH5CjCA12UNNhPqE21Is8w4ndwtrvxEvcnifLtg+5hg3Wipy+dpikJKVyh+c -6bM8K8vzARO/Ws/BtQpgvd21mWRTuKCWs2/iJneRjOBiEAKfNA+k1ZIzUd6+jbqE -emA8atufK+ze3gE/bk3lUIbLtK/tREDFylqM2tIrfKjuvqblCqoOpd8FUrdVxyJd -MmqXl2MT28nbeTZ7hTpKxVKJ+STnnXepgv9VHKVxaSvRAiTysybUa9oEVeXBCsdt -MDeQKuSeFDNeFhdVxVu1yzSJkvGdJo+hB9TGsnhQ2wwMC3wLjEHXuendjIj3o02y -MszYF9rNt85mndT9Xv+9lz4pded+p2JYryU0pUHHPbwNUMoDAw8IWh+Vc3hiv69y -FGkOpeUDDniOJihC8AcLYiAQZzlG+qkDzAQ4embvIIO1jEpWjpEA/I5cgt6IoMPi -aG59je883WX0XaxR7ySArqpWl2/5rX3aYT+YdzylkbYcjCbaZaIJbcHiVOO5ykxM -gI93e2CaHt+28kgeDrpOVG2Y4OGiGqJ3UM/EY5LsRxmd6+ZrzsECAwEAAaOBrDCB -qTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUWyV7 -lqRlUX64OfPAeGZe6Drn8O4wHwYDVR0jBBgwFoAUWyV7lqRlUX64OfPAeGZe6Drn -8O4wRgYDVR0gBD8wPTA7BglghXQBWQECAQEwLjAsBggrBgEFBQcCARYgaHR0cDov -L3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIBACe6 -45R88a7A3hfm5djV9VSwg/S7zV4Fe0+fdWavPOhWfvxyeDgD2StiGwC5+OlgzczO -UYrHUDFu4Up+GC9pWbY9ZIEr44OE5iKHjn3g7gKZYbge9LgriBIWhMIxkziWMaa5 -O1M/wySTVltpkuzFwbs4AOPsF6m43Md8AYOfMke6UiI0HTJ6CVanfCU2qT1L2sCC -bwq7EsiHSycR+R4tx5M/nttfJmtS2S6K8RTGRI0Vqbe/vd6mGu6uLftIdxf+u+yv -GPUqUfA5hJeVbG4bwyvEdGB5JbAKJ9/fXtI5z0V9QkvfsywexcZdylU6oJxpmo/a -77KwPJ+HbBIrZXAVUjEaJM9vMSNQH4xPjyPDdEFjHFWoFN0+4FFQz/EbMFYOkrCC -hdiDyyJkvC24JdVUorgG6q2SpCSgwYa1ShNqR88uC1aVVMvOmttqtKay20EIhid3 -92qgQmwLOM7XdVAyksLfKzAiSNDVQTglXaTpXZ/GlHXQRf0wl0OPkKsKx4ZzYEpp -Ld6leNcG2mqeSz53OiATIgHQv2ieY2BrNU0LbbqhPcCT4H8js1WtciVORvnSFu+w -ZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6LqjviOvrv1vA+ACOzB2+htt -Qc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ ------END CERTIFICATE----- - -### T-Systems Enterprise Services GmbH - -=== /C=DE/O=T-Systems Enterprise Services GmbH/OU=T-Systems Trust Center/CN=T-TeleSec GlobalRoot Class 2 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 1 (0x1) - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Oct 1 10:40:14 2008 GMT - Not After : Oct 1 23:59:59 2033 GMT - Subject: C=DE, O=T-Systems Enterprise Services GmbH, OU=T-Systems Trust Center, CN=T-TeleSec GlobalRoot Class 2 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - BF:59:20:36:00:79:A0:A0:22:6B:8C:D5:F2:61:D2:B8:2C:CB:82:4A -SHA1 Fingerprint=59:0D:2D:7D:88:4F:40:2E:61:7E:A5:62:32:17:65:CF:17:D8:94:E9 -SHA256 Fingerprint=91:E2:F5:78:8D:58:10:EB:A7:BA:58:73:7D:E1:54:8A:8E:CA:CD:01:45:98:BC:0B:14:3E:04:1B:17:05:25:52 ------BEGIN CERTIFICATE----- -MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx -KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd -BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl -YyBHbG9iYWxSb290IENsYXNzIDIwHhcNMDgxMDAxMTA0MDE0WhcNMzMxMDAxMjM1 -OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy -aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50 -ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqX9obX+hzkeXaXPSi5kfl82hVYAUd -AqSzm1nzHoqvNK38DcLZSBnuaY/JIPwhqgcZ7bBcrGXHX+0CfHt8LRvWurmAwhiC -FoT6ZrAIxlQjgeTNuUk/9k9uN0goOA/FvudocP05l03Sx5iRUKrERLMjfTlH6VJi -1hKTXrcxlkIF+3anHqP1wvzpesVsqXFP6st4vGCvx9702cu+fjOlbpSD8DT6Iavq -jnKgP6TeMFvvhk1qlVtDRKgQFRzlAVfFmPHmBiiRqiDFt1MmUUOyCxGVWOHAD3bZ -wI18gfNycJ5v/hqO2V81xrJvNHy+SE/iWjnX2J14np+GPgNeGYtEotXHAgMBAAGj -QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS/ -WSA2AHmgoCJrjNXyYdK4LMuCSjANBgkqhkiG9w0BAQsFAAOCAQEAMQOiYQsfdOhy -NsZt+U2e+iKo4YFWz827n+qrkRk4r6p8FU3ztqONpfSO9kSpp+ghla0+AGIWiPAC -uvxhI+YzmzB6azZie60EI4RYZeLbK4rnJVM3YlNfvNoBYimipidx5joifsFvHZVw -IEoHNN/q/xWA5brXethbdXwFeilHfkCoMRN3zUA7tFFHei4R40cR3p1m0IvVVGb6 -g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN -9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlP -BSeOE6Fuwg== ------END CERTIFICATE----- -=== /C=DE/O=T-Systems Enterprise Services GmbH/OU=T-Systems Trust Center/CN=T-TeleSec GlobalRoot Class 3 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 1 (0x1) - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Oct 1 10:29:56 2008 GMT - Not After : Oct 1 23:59:59 2033 GMT - Subject: C=DE, O=T-Systems Enterprise Services GmbH, OU=T-Systems Trust Center, CN=T-TeleSec GlobalRoot Class 3 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - B5:03:F7:76:3B:61:82:6A:12:AA:18:53:EB:03:21:94:BF:FE:CE:CA -SHA1 Fingerprint=55:A6:72:3E:CB:F2:EC:CD:C3:23:74:70:19:9D:2A:BE:11:E3:81:D1 -SHA256 Fingerprint=FD:73:DA:D3:1C:64:4F:F1:B4:3B:EF:0C:CD:DA:96:71:0B:9C:D9:87:5E:CA:7E:31:70:7A:F3:E9:6D:52:2B:BD ------BEGIN CERTIFICATE----- -MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx -KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd -BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl -YyBHbG9iYWxSb290IENsYXNzIDMwHhcNMDgxMDAxMTAyOTU2WhcNMzMxMDAxMjM1 -OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy -aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50 -ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDMwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9dZPwYiJvJK7genasfb3ZJNW4t/zN -8ELg63iIVl6bmlQdTQyK9tPPcPRStdiTBONGhnFBSivwKixVA9ZIw+A5OO3yXDw/ -RLyTPWGrTs0NvvAgJ1gORH8EGoel15YUNpDQSXuhdfsaa3Ox+M6pCSzyU9XDFES4 -hqX2iys52qMzVNn6chr3IhUciJFrf2blw2qAsCTz34ZFiP0Zf3WHHx+xGwpzJFu5 -ZeAsVMhg02YXP+HMVDNzkQI6pn97djmiH5a2OK61yJN0HZ65tOVgnS9W0eDrXltM -EnAMbEQgqxHY9Bn20pxSN+f6tsIxO0rUFJmtxxr1XV/6B7h8DR/Wgx6zAgMBAAGj -QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS1 -A/d2O2GCahKqGFPrAyGUv/7OyjANBgkqhkiG9w0BAQsFAAOCAQEAVj3vlNW92nOy -WL6ukK2YJ5f+AbGwUgC4TeQbIXQbfsDuXmkqJa9c1h3a0nnJ85cp4IaH3gRZD/FZ -1GSFS5mvJQQeyUapl96Cshtwn5z2r3Ex3XsFpSzTucpH9sry9uetuUg/vBa3wW30 -6gmv7PO15wWeph6KU1HWk4HMdJP2udqmJQV0eVp+QD6CSyYRMG7hP0HHRwA11fXT -91Q+gT3aSWqas+8QPebrb9HIIkfLzM8BMZLZGOMivgkeGj5asuRrDFR6fUNOuIml -e9eiPZaGzPImNC1qkp2aGtAw4l1OBLBfiyB+d8E9lYLRRpo7PHi4b6HQDWSieB4p -TpPDpFQUWw== ------END CERTIFICATE----- - -### TAIWAN-CA - -=== /C=TW/O=TAIWAN-CA/OU=Root CA/CN=TWCA CYBER Root CA -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 40:01:34:8c:c2:00:00:00:00:00:00:00:01:3c:f2:c6 - Signature Algorithm: sha384WithRSAEncryption - Validity - Not Before: Nov 22 06:54:29 2022 GMT - Not After : Nov 22 15:59:59 2047 GMT - Subject: C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA CYBER Root CA - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Authority Key Identifier: - keyid:9D:85:61:14:7C:C1:62:6F:97:68:E4:4F:37:40:E1:AD:E0:0D:56:37 - - X509v3 Subject Key Identifier: - 9D:85:61:14:7C:C1:62:6F:97:68:E4:4F:37:40:E1:AD:E0:0D:56:37 -SHA1 Fingerprint=F6:B1:1C:1A:83:38:E9:7B:DB:B3:A8:C8:33:24:E0:2D:9C:7F:26:66 -SHA256 Fingerprint=3F:63:BB:28:14:BE:17:4E:C8:B6:43:9C:F0:8D:6D:56:F0:B7:C4:05:88:3A:56:48:A3:34:42:4D:6B:3E:C5:58 ------BEGIN CERTIFICATE----- -MIIFjTCCA3WgAwIBAgIQQAE0jMIAAAAAAAAAATzyxjANBgkqhkiG9w0BAQwFADBQ -MQswCQYDVQQGEwJUVzESMBAGA1UEChMJVEFJV0FOLUNBMRAwDgYDVQQLEwdSb290 -IENBMRswGQYDVQQDExJUV0NBIENZQkVSIFJvb3QgQ0EwHhcNMjIxMTIyMDY1NDI5 -WhcNNDcxMTIyMTU1OTU5WjBQMQswCQYDVQQGEwJUVzESMBAGA1UEChMJVEFJV0FO -LUNBMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJUV0NBIENZQkVSIFJvb3Qg -Q0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDG+Moe2Qkgfh1sTs6P -40czRJzHyWmqOlt47nDSkvgEs1JSHWdyKKHfi12VCv7qze33Kc7wb3+szT3vsxxF -avcokPFhV8UMxKNQXd7UtcsZyoC5dc4pztKFIuwCY8xEMCDa6pFbVuYdHNWdZsc/ -34bKS1PE2Y2yHer43CdTo0fhYcx9tbD47nORxc5zb87uEB8aBs/pJ2DFTxnk684i -JkXXYJndzk834H/nY62wuFm40AZoNWDTNq5xQwTxaWV4fPMf88oon1oglWa0zbfu -j3ikRRjpJi+NmykosaS3Om251Bw4ckVYsV7r8Cibt4LK/c/WMw+f+5eesRycnupf -Xtuq3VTpMCEobY5583WSjCb+3MX2w7DfRFlDo7YDKPYIMKoNM+HvnKkHIuNZW0CP -2oi3aQiotyMuRAlZN1vH4xfyIutuOVLF3lSnmMlLIJXcRolftBL5hSmO68gnFSDA -S9TMfAxsNAwmmyYxpjyn9tnQS6Jk/zuZQXLB4HCX8SS7K8R0IrGsayIyJNN4KsDA -oS/xUgXJP+92ZuJF2A09rZXIx4kmyA+upwMu+8Ff+iDhcK2wZSA3M2Cw1a/XDBzC -kHDXShi8fgGwsOsVHkQGzaRP6AzRwyAQ4VRlnrZR0Bp2a0JaWHY06rc3Ga4udfmW -5cFZ95RXKSWNOkyrTZpB0F8mAwIDAQABo2MwYTAOBgNVHQ8BAf8EBAMCAQYwDwYD -VR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBSdhWEUfMFib5do5E83QOGt4A1WNzAd -BgNVHQ4EFgQUnYVhFHzBYm+XaORPN0DhreANVjcwDQYJKoZIhvcNAQEMBQADggIB -AGSPesRiDrWIzLjHhg6hShbNcAu3p4ULs3a2D6f/CIsLJc+o1IN1KriWiLb73y0t -tGlTITVX1olNc79pj3CjYcya2x6a4CD4bLubIp1dhDGaLIrdaqHXKGnK/nZVekZn -68xDiBaiA9a5F/gZbG0jAn/xX9AKKSM70aoK7akXJlQKTcKlTfjF/biBzysseKNn -TKkHmvPfXvt89YnNdJdhEGoHK4Fa0o635yDRIG4kqIQnoVesqlVYL9zZyvpoBJ7t -RCT5dEA7IzOrg1oYJkK2bVS1FmAwbLGg+LhBoF1JSdJlBTrq/p1hvIbZv97Tujqx -f36SNI7JAG7cmL3c7IAFrQI932XtCwP39xaEBDG6k5TY8hL4iuO/Qq+n1M0RFxbI -Qh0UqEL20kCGoE8jypZFVmAGzbdVAaYBlGX+bgUJurSkquLvWL69J1bY73NxW0Qz -8ppy6rBePm6pUlvscG21h483XjyMnM7k8M4MZ0HMzvaAq07MTFb1wWFZk7Q+ptq4 -NxKfKjLji7gh7MMrZQzvIt6IKTtM1/r+t+FHvpw+PoP7UV31aPcuIYXcv/Fa4nzX -xeSDwWrruoBa3lwtcHb4yOWHh8qgnaHlIhInD0Q9HWzq1MKLL295q39QpsQZp6F6 -t5b5wR9iWqJDB0BeJsas7a5wFsWqynKKTbDPAYsDP27X ------END CERTIFICATE----- -=== /C=TW/O=TAIWAN-CA/OU=Root CA/CN=TWCA Global Root CA -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 3262 (0xcbe) - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Jun 27 06:28:33 2012 GMT - Not After : Dec 31 15:59:59 2030 GMT - Subject: C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Global Root CA - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE -SHA1 Fingerprint=9C:BB:48:53:F6:A4:F6:D3:52:A4:E8:32:52:55:60:13:F5:AD:AF:65 -SHA256 Fingerprint=59:76:90:07:F7:68:5D:0F:CD:50:87:2F:9F:95:D5:75:5A:5B:2B:45:7D:81:F3:69:2B:61:0A:98:67:2F:0E:1B ------BEGIN CERTIFICATE----- -MIIFQTCCAymgAwIBAgICDL4wDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVFcx -EjAQBgNVBAoTCVRBSVdBTi1DQTEQMA4GA1UECxMHUm9vdCBDQTEcMBoGA1UEAxMT -VFdDQSBHbG9iYWwgUm9vdCBDQTAeFw0xMjA2MjcwNjI4MzNaFw0zMDEyMzExNTU5 -NTlaMFExCzAJBgNVBAYTAlRXMRIwEAYDVQQKEwlUQUlXQU4tQ0ExEDAOBgNVBAsT -B1Jvb3QgQ0ExHDAaBgNVBAMTE1RXQ0EgR2xvYmFsIFJvb3QgQ0EwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCwBdvI64zEbooh745NnHEKH1Jw7W2CnJfF -10xORUnLQEK1EjRsGcJ0pDFfhQKX7EMzClPSnIyOt7h52yvVavKOZsTuKwEHktSz -0ALfUPZVr2YOy+BHYC8rMjk1Ujoog/h7FsYYuGLWRyWRzvAZEk2tY/XTP3VfKfCh -MBwqoJimFb3u/Rk28OKRQ4/6ytYQJ0lM793B8YVwm8rqqFpD/G2Gb3PpN0Wp8DbH -zIh1HrtsBv+baz4X7GGqcXzGHaL3SekVtTzWoWH1EfcFbx39Eb7QMAfCKbAJTibc -46KokWofwpFFiFzlmLhxpRUZyXx1EcxwdE8tmx2RRP1WKKD+u4ZqyPpcC1jcxkt2 -yKsi2XMPpfRaAok/T54igu6idFMqPVMnaR1sjjIsZAAmY2E2TqNGtz99sy2sbZCi -laLOz9qC5wc0GZbpuCGqKX6mOL6OKUohZnkfs8O1CWfe1tQHRvMq2uYiN2DLgbYP -oA/pyJV/v1WRBXrPPRXAb94JlAGD1zQbzECl8LibZ9WYkTunhHiVJqRaCPgrdLQA -BDzfuBSO6N+pjWxnkjMdwLfS7JLIvgm/LCkFbwJrnu+8vyq8W8BQj0FwcYeyTbcE -qYSjMq+u7msXi7Kx/mzhkIyIqJdIzshNy/MGz19qCkKxHh53L46g5pIOBvwFItIm -4TFRfTLcDwIDAQABoyMwITAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB -/zANBgkqhkiG9w0BAQsFAAOCAgEAXzSBdu+WHdXltdkCY4QWwa6gcFGn90xHNcgL -1yg9iXHZqjNB6hQbbCEAwGxCGX6faVsgQt+i0trEfJdLjbDorMjupWkEmQqSpqsn -LhpNgb+E1HAerUf+/UqdM+DyucRFCCEK2mlpc3INvjT+lIutwx4116KD7+U4x6WF -H6vPNOw/KP4M8VeGTslV9xzU2KV9Bnpv1d8Q34FOIWWxtuEXeZVFBs5fzNxGiWNo -RI2T9GRwoD2dKAXDOXC4Ynsg/eTb6QihuJ49CcdP+yz4k3ZB3lLg4VfSnQO8d57+ -nile98FRYB/e2guyLXW3Q0iT5/Z5xoRdgFlglPx4mI88k1HtQJAH32RjJMtOcQWh -15QaiDLxInQirqWm2BJpTGCjAu4r7NRjkgtevi92a6O2JryPA9gK8kxkRr05YuWW -6zRjESjMlfGt7+/cgFhI6Uu46mWs6fyAtbXIRfmswZ/ZuepiiI7E8UuDEq3mi4TW -nsLrgxifarsbJGAzcMzs9zLzXNl5fe+epP7JI8Mk7hWSsT2RTyaGvWZzJBPqpK5j -wa19hAM8EHiGG3njxPPyBJUgriOCxLM6AGK/5jYk4Ve6xx6QddVfP5VhK8E7zeWz -aGHQRiapIVJpLesux+t3zqY6tQMzT3bR51xUAV3LePTJDL/PEo4XLSNolOer/qmy -KwbQBM0= ------END CERTIFICATE----- -=== /C=TW/O=TAIWAN-CA/OU=Root CA/CN=TWCA Root Certification Authority -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 1 (0x1) - Signature Algorithm: sha1WithRSAEncryption - Validity - Not Before: Aug 28 07:24:33 2008 GMT - Not After : Dec 31 15:59:59 2030 GMT - Subject: C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Root Certification Authority - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 6A:38:5B:26:8D:DE:8B:5A:F2:4F:7A:54:83:19:18:E3:08:35:A6:BA -SHA1 Fingerprint=CF:9E:87:6D:D3:EB:FC:42:26:97:A3:B5:A3:7A:A0:76:A9:06:23:48 -SHA256 Fingerprint=BF:D8:8F:E1:10:1C:41:AE:3E:80:1B:F8:BE:56:35:0E:E9:BA:D1:A6:B9:BD:51:5E:DC:5C:6D:5B:87:11:AC:44 ------BEGIN CERTIFICATE----- -MIIDezCCAmOgAwIBAgIBATANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJUVzES -MBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFU -V0NBIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwODI4MDcyNDMz -WhcNMzAxMjMxMTU1OTU5WjBfMQswCQYDVQQGEwJUVzESMBAGA1UECgwJVEFJV0FO -LUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFUV0NBIFJvb3QgQ2VydGlm -aWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB -AQCwfnK4pAOU5qfeCTiRShFAh6d8WWQUe7UREN3+v9XAu1bihSX0NXIP+FPQQeFE -AcK0HMMxQhZHhTMidrIKbw/lJVBPhYa+v5guEGcevhEFhgWQxFnQfHgQsIBct+HH -K3XLfJ+utdGdIzdjp9xCoi2SBBtQwXu4PhvJVgSLL1KbralW6cH/ralYhzC2gfeX -RfwZVzsrb+RH9JlF/h3x+JejiB03HFyP4HYlmlD4oFT/RJB2I9IyxsOrBr/8+7/z -rX2SYgJbKdM1o5OaQ2RgXbL6Mv87BK9NQGr5x+PvI/1ry+UPizgN7gr8/g+YnzAx -3WxSZfmLgb4i4RxYA7qRG4kHAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqOFsmjd6LWvJPelSDGRjjCDWmujANBgkq -hkiG9w0BAQUFAAOCAQEAPNV3PdrfibqHDAhUaiBQkr6wQT25JmSDCi/oQMCXKCeC -MErJk/9q56YAf4lCmtYR5VPOL8zy2gXE/uJQxDqGfczafhAJO5I1KlOy/usrBdls -XebQ79NqZp4VKIV66IIArB6nCWlWQtNoURi+VJq/REG6Sb4gumlc7rh3zc5sH62D -lhh9DrUUOYTxKOkto557HnpyWoOzeW/vtPzQCqVYT0bf+215WfKEIlKuD8z7fDvn -aspHYcN6+NOSBB+4IIThNlQWx0DeO4pz3N/GCUzf7Nr/1FNCocnyYh0igzyXxfkZ -YiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8Hrw== ------END CERTIFICATE----- - -### Telia Finland Oyj - -=== /C=FI/O=Telia Finland Oyj/CN=Telia Root CA v2 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 01:67:5f:27:d6:fe:7a:e3:e4:ac:be:09:5b:05:9e - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Nov 29 11:55:54 2018 GMT - Not After : Nov 29 11:55:54 2043 GMT - Subject: C=FI, O=Telia Finland Oyj, CN=Telia Root CA v2 - X509v3 extensions: - X509v3 Authority Key Identifier: - keyid:72:AC:E4:33:79:AA:45:87:F6:FD:AC:1D:9E:D6:C7:2F:86:D8:24:39 - - X509v3 Subject Key Identifier: - 72:AC:E4:33:79:AA:45:87:F6:FD:AC:1D:9E:D6:C7:2F:86:D8:24:39 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE -SHA1 Fingerprint=B9:99:CD:D1:73:50:8A:C4:47:05:08:9C:8C:88:FB:BE:A0:2B:40:CD -SHA256 Fingerprint=24:2B:69:74:2F:CB:1E:5B:2A:BF:98:89:8B:94:57:21:87:54:4E:5B:4D:99:11:78:65:73:62:1F:6A:74:B8:2C ------BEGIN CERTIFICATE----- -MIIFdDCCA1ygAwIBAgIPAWdfJ9b+euPkrL4JWwWeMA0GCSqGSIb3DQEBCwUAMEQx -CzAJBgNVBAYTAkZJMRowGAYDVQQKDBFUZWxpYSBGaW5sYW5kIE95ajEZMBcGA1UE -AwwQVGVsaWEgUm9vdCBDQSB2MjAeFw0xODExMjkxMTU1NTRaFw00MzExMjkxMTU1 -NTRaMEQxCzAJBgNVBAYTAkZJMRowGAYDVQQKDBFUZWxpYSBGaW5sYW5kIE95ajEZ -MBcGA1UEAwwQVGVsaWEgUm9vdCBDQSB2MjCCAiIwDQYJKoZIhvcNAQEBBQADggIP -ADCCAgoCggIBALLQPwe84nvQa5n44ndp586dpAO8gm2h/oFlH0wnrI4AuhZ76zBq -AMCzdGh+sq/H1WKzej9Qyow2RCRj0jbpDIX2Q3bVTKFgcmfiKDOlyzG4OiIjNLh9 -vVYiQJ3q9HsDrWj8soFPmNB06o3lfc1jw6P23pLCWBnglrvFxKk9pXSW/q/5iaq9 -lRdU2HhE8Qx3FZLgmEKnpNaqIJLNwaCzlrI6hEKNfdWV5Nbb6WLEWLN5xYzTNTOD -n3WhUidhOPFZPY5Q4L15POdslv5e2QJltI5c0BE0312/UqeBAMN/mUWZFdUXyApT -7GPzmX3MaRKGwhfwAZ6/hLzRUssbkmbOpFPlob/E2wnW5olWK8jjfN7j/4nlNW4o -6GwLI1GpJQXrSPjdscr6bAhR77cYbETKJuFzxokGgeWKrLDiKca5JLNrRBH0pUPC -TEPlcDaMtjNXepUugqD0XBCzYYP2AgWGLnwtbNwDRm41k9V6lS/eINhbfpSQBGq6 -WT0EBXWdN6IOLj3rwaRSg/7Qa9RmjtzG6RJOHSpXqhC8fF6CfaamyfItufUXJ63R -DolUK5X6wK0dmBR4M0KGCqlztft0DbcbMBnEWg4cJ7faGND/isgFuvGqHKI3t+ZI -pEYslOqodmJHixBTB0hXbOKSTbauBcvcwUpej6w9GU7C7WB1K9vBykLVAgMBAAGj -YzBhMB8GA1UdIwQYMBaAFHKs5DN5qkWH9v2sHZ7Wxy+G2CQ5MB0GA1UdDgQWBBRy -rOQzeapFh/b9rB2e1scvhtgkOTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUw -AwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAoDtZpwmUPjaE0n4vOaWWl/oRrfxn83EJ -8rKJhGdEr7nv7ZbsnGTbMjBvZ5qsfl+yqwE2foH65IRe0qw24GtixX1LDoJt0nZi -0f6X+J8wfBj5tFJ3gh1229MdqfDBmgC9bXXYfef6xzijnHDoRnkDry5023X4blMM -A8iZGok1GTzTyVR8qPAs5m4HeW9q4ebqkYJpCh3DflminmtGFZhb069GHWLIzoBS -SRE/yQQSwxN8PzuKlts8oB4KtItUsiRnDe+Cy748fdHif64W1lZYudogsYMVoe+K -TTJvQS8TUoKU1xrBeKJR3Stwbbca+few4GeXVtt8YVMJAygCQMez2P2ccGrGKMOF -6eLtGpOg3kuYooQ+BXcBlj37tCAPnHICehIv1aO6UXivKitEZU61/Qrowc15h2Er -3oBXRb9n8ZuRXqWk7FlIEA04x7D6w0RtBPV4UBySllva9bguulvP5fBqnUsvWHMt -Ty3EHD70sz+rFQ47GUGKpMFXEmZxTPpT41frYpUJnlTd0cI8Vzy9OK2YZLe4A5pT -VmBds9hCG1xLEooc6+t9xnppxyd/pPiL8uSUZodL6ZQHCRJ5irLrdATczvREWeAW -ysUsWNc8e89ihmpQfTU2Zqf7N+cox9jQraVplI/owd8k+BsHMYeB2F326CjYSlKA -rBPuUBQemMc= ------END CERTIFICATE----- - -### TeliaSonera - -=== /O=TeliaSonera/CN=TeliaSonera Root CA v1 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 95:be:16:a0:f7:2e:46:f1:7b:39:82:72:fa:8b:cd:96 - Signature Algorithm: sha1WithRSAEncryption - Validity - Not Before: Oct 18 12:00:50 2007 GMT - Not After : Oct 18 12:00:50 2032 GMT - Subject: O=TeliaSonera, CN=TeliaSonera Root CA v1 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - F0:8F:59:38:00:B3:F5:8F:9A:96:0C:D5:EB:FA:7B:AA:17:E8:13:12 -SHA1 Fingerprint=43:13:BB:96:F1:D5:86:9B:C1:4E:6A:92:F6:CF:F6:34:69:87:82:37 -SHA256 Fingerprint=DD:69:36:FE:21:F8:F0:77:C1:23:A1:A5:21:C1:22:24:F7:22:55:B7:3E:03:A7:26:06:93:E8:A2:4B:0F:A3:89 ------BEGIN CERTIFICATE----- -MIIFODCCAyCgAwIBAgIRAJW+FqD3LkbxezmCcvqLzZYwDQYJKoZIhvcNAQEFBQAw -NzEUMBIGA1UECgwLVGVsaWFTb25lcmExHzAdBgNVBAMMFlRlbGlhU29uZXJhIFJv -b3QgQ0EgdjEwHhcNMDcxMDE4MTIwMDUwWhcNMzIxMDE4MTIwMDUwWjA3MRQwEgYD -VQQKDAtUZWxpYVNvbmVyYTEfMB0GA1UEAwwWVGVsaWFTb25lcmEgUm9vdCBDQSB2 -MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMK+6yfwIaPzaSZVfp3F -VRaRXP3vIb9TgHot0pGMYzHw7CTww6XScnwQbfQ3t+XmfHnqjLWCi65ItqwA3GV1 -7CpNX8GH9SBlK4GoRz6JI5UwFpB/6FcHSOcZrr9FZ7E3GwYq/t75rH2D+1665I+X -Z75Ljo1kB1c4VWk0Nj0TSO9P4tNmHqTPGrdeNjPUtAa9GAH9d4RQAEX1jF3oI7x+ -/jXh7VB7qTCNGdMJjmhnXb88lxhTuylixcpecsHHltTbLaC0H2kD7OriUPEMPPCs -81Mt8Bz17Ww5OXOAFshSsCPN4D7c3TxHoLs1iuKYaIu+5b9y7tL6pe0S7fyYGKkm -dtwoSxAgHNN/Fnct7W+A90m7UwW7XWjH1Mh1Fj+JWov3F0fUTPHSiXk+TT2YqGHe -Oh7S+F4D4MHJHIzTjU3TlTazN19jY5szFPAtJmtTfImMMsJu7D0hADnJoWjiUIMu -sDor8zagrC/kb2HCUQk5PotTubtn2txTuXZZNp1D5SDgPTJghSJRt8czu90VL6R4 -pgd7gUY2BIbdeTXHlSw7sKMXNeVzH7RcWe/a6hBle3rQf5+ztCo3O3CLm1u5K7fs -slESl1MpWtTwEhDcTwK7EpIvYtQ/aUN8Ddb8WHUBiJ1YFkveupD/RwGJBmr2X7KQ -arMCpgKIv7NHfirZ1fpoeDVNAgMBAAGjPzA9MA8GA1UdEwEB/wQFMAMBAf8wCwYD -VR0PBAQDAgEGMB0GA1UdDgQWBBTwj1k4ALP1j5qWDNXr+nuqF+gTEjANBgkqhkiG -9w0BAQUFAAOCAgEAvuRcYk4k9AwI//DTDGjkk0kiP0Qnb7tt3oNmzqjMDfz1mgbl -dxSR651Be5kqhOX//CHBXfDkH1e3damhXwIm/9fH907eT/j3HEbAek9ALCI18Bmx -0GtnLLCo4MBANzX2hFxc469CeP6nyQ1Q6g2EdvZR74NTxnr/DlZJLo961gzmJ1Tj -TQpgcmLNkQfWpb/ImWvtxBnmq0wROMVvMeJuScg/doAmAyYp4Db29iBT4xdwNBed -Y2gea+zDTYa4EzAvXUYNR0PVG6pZDrlcjQZIrXSHX8f8MVRBE+LHIQ6e4B4N4cB7 -Q4WQxYpYxmUKeFfyxiMPAdkgS94P+5KFdSpcc41teyWRyu5FrgZLAMzTsVlQ2jqI -OylDRl6XK1TOU2+NSueW+r9xDkKLfP0ooNBIytrEgUy7onOTJsjrDNYmiLbAJM+7 -vVvrdX3pCI6GMyx5dwlppYn8s3CQh3aP0yK7Qs69cwsgJirQmz1wHiRszYd2qReW -t88NkvuOGKmYSdGe/mBEciG5Ge3C9THxOUiIkCR1VBatzvT4aRRkOfujuLpwQMcn -HL/EVlP6Y2XQ8xwOFvVrhlhNGNTkDY6lnVuR3HYkUD/GKvvZt5y11ubQ2egZixVx -SK236thZiNSQvxaz2emsWWFUyBy6ysHK4bkgTI86k4mloMy/0/Z1pHWWbVY= ------END CERTIFICATE----- - -### The Go Daddy Group, Inc. - -=== /C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 0 (0x0) - Signature Algorithm: sha1WithRSAEncryption - Validity - Not Before: Jun 29 17:06:20 2004 GMT - Not After : Jun 29 17:06:20 2034 GMT - Subject: C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority - X509v3 extensions: - X509v3 Subject Key Identifier: - D2:C4:B0:D2:91:D4:4C:11:71:B3:61:CB:3D:A1:FE:DD:A8:6A:D4:E3 - X509v3 Authority Key Identifier: - keyid:D2:C4:B0:D2:91:D4:4C:11:71:B3:61:CB:3D:A1:FE:DD:A8:6A:D4:E3 - DirName:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority - serial:00 - - X509v3 Basic Constraints: - CA:TRUE -SHA1 Fingerprint=27:96:BA:E6:3F:18:01:E2:77:26:1B:A0:D7:77:70:02:8F:20:EE:E4 -SHA256 Fingerprint=C3:84:6B:F2:4B:9E:93:CA:64:27:4C:0E:C6:7C:1E:CC:5E:02:4F:FC:AC:D2:D7:40:19:35:0E:81:FE:54:6A:E4 ------BEGIN CERTIFICATE----- -MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh -MB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBE -YWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3 -MDYyMFoXDTM0MDYyOTE3MDYyMFowYzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFRo -ZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28gRGFkZHkgQ2xhc3Mg -MiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQADggEN -ADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCA -PVYYYwhv2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6w -wdhFJ2+qN1j3hybX2C32qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXi -EqITLdiOr18SPaAIBQi2XKVlOARFmR6jYGB0xUGlcmIbYsUfb18aQr4CUWWoriMY -avx4A6lNf4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmYvLEHZ6IVDd2gWMZEewo+ -YihfukEHU1jPEX44dMX4/7VpkI+EdOqXG68CAQOjgcAwgb0wHQYDVR0OBBYEFNLE -sNKR1EwRcbNhyz2h/t2oatTjMIGNBgNVHSMEgYUwgYKAFNLEsNKR1EwRcbNhyz2h -/t2oatTjoWekZTBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYVGhlIEdvIERhZGR5 -IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRpZmlj -YXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD -ggEBADJL87LKPpH8EsahB4yOd6AzBhRckB4Y9wimPQoZ+YeAEW5p5JYXMP80kWNy -OO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKtI3lpjbi2Tc7P -TMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ -HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mER -dEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5Cuf -ReYNnyicsbkqWletNw+vHX/bvZ8= ------END CERTIFICATE----- - -### The USERTRUST Network - -=== /C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust ECC Certification Authority -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 5c:8b:99:c5:5a:94:c5:d2:71:56:de:cd:89:80:cc:26 - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Feb 1 00:00:00 2010 GMT - Not After : Jan 18 23:59:59 2038 GMT - Subject: C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust ECC Certification Authority - X509v3 extensions: - X509v3 Subject Key Identifier: - 3A:E1:09:86:D4:CF:19:C2:96:76:74:49:76:DC:E0:35:C6:63:63:9A - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE -SHA1 Fingerprint=D1:CB:CA:5D:B2:D5:2A:7F:69:3B:67:4D:E5:F0:5A:1D:0C:95:7D:F0 -SHA256 Fingerprint=4F:F4:60:D5:4B:9C:86:DA:BF:BC:FC:57:12:E0:40:0D:2B:ED:3F:BC:4D:4F:BD:AA:86:E0:6A:DC:D2:A9:AD:7A ------BEGIN CERTIFICATE----- -MIICjzCCAhWgAwIBAgIQXIuZxVqUxdJxVt7NiYDMJjAKBggqhkjOPQQDAzCBiDEL -MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl -eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT -JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMjAx -MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgT -Ck5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUg -VVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBFQ0MgQ2VydGlm -aWNhdGlvbiBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQarFRaqflo -I+d61SRvU8Za2EurxtW20eZzca7dnNYMYf3boIkDuAUU7FfO7l0/4iGzzvfUinng -o4N+LZfQYcTxmdwlkWOrfzCjtHDix6EznPO/LlxTsV+zfTJ/ijTjeXmjQjBAMB0G -A1UdDgQWBBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAOBgNVHQ8BAf8EBAMCAQYwDwYD -VR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjA2Z6EWCNzklwBBHU6+4WMB -zzuqQhFkoJ2UOQIReVx7Hfpkue4WQrO/isIJxOzksU0CMQDpKmFHjFJKS04YcPbW -RNZu9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1Xahg= ------END CERTIFICATE----- -=== /C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Certification Authority -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 01:fd:6d:30:fc:a3:ca:51:a8:1b:bc:64:0e:35:03:2d - Signature Algorithm: sha384WithRSAEncryption - Validity - Not Before: Feb 1 00:00:00 2010 GMT - Not After : Jan 18 23:59:59 2038 GMT - Subject: C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority - X509v3 extensions: - X509v3 Subject Key Identifier: - 53:79:BF:5A:AA:2B:4A:CF:54:80:E1:D8:9B:C0:9D:F2:B2:03:66:CB - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE -SHA1 Fingerprint=2B:8F:1B:57:33:0D:BB:A2:D0:7A:6C:51:F7:0E:E9:0D:DA:B9:AD:8E -SHA256 Fingerprint=E7:93:C9:B0:2F:D8:AA:13:E2:1C:31:22:8A:CC:B0:81:19:64:3B:74:9C:89:89:64:B1:74:6D:46:C3:D4:CB:D2 ------BEGIN CERTIFICATE----- -MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB -iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl -cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV -BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAw -MjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNV -BAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU -aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2Vy -dGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQCAEmUXNg7D2wiz0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B -3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2jY0K2dvKpOyuR+OJv0OwWIJAJPuLodMkY -tJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFnRghRy4YUVD+8M/5+bJz/ -Fp0YvVGONaanZshyZ9shZrHUm3gDwFA66Mzw3LyeTP6vBZY1H1dat//O+T23LLb2 -VN3I5xI6Ta5MirdcmrS3ID3KfyI0rn47aGYBROcBTkZTmzNg95S+UzeQc0PzMsNT -79uq/nROacdrjGCT3sTHDN/hMq7MkztReJVni+49Vv4M0GkPGw/zJSZrM233bkf6 -c0Plfg6lZrEpfDKEY1WJxA3Bk1QwGROs0303p+tdOmw1XNtB1xLaqUkL39iAigmT -Yo61Zs8liM2EuLE/pDkP2QKe6xJMlXzzawWpXhaDzLhn4ugTncxbgtNMs+1b/97l -c6wjOy0AvzVVdAlJ2ElYGn+SNuZRkg7zJn0cTRe8yexDJtC/QV9AqURE9JnnV4ee -UB9XVKg+/XRjL7FQZQnmWEIuQxpMtPAlR1n6BB6T1CZGSlCBst6+eLf8ZxXhyVeE -Hg9j1uliutZfVS7qXMYoCAQlObgOK6nyTJccBz8NUvXt7y+CDwIDAQABo0IwQDAd -BgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgEGMA8G -A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAFzUfA3P9wF9QZllDHPF -Up/L+M+ZBn8b2kMVn54CVVeWFPFSPCeHlCjtHzoBN6J2/FNQwISbxmtOuowhT6KO -VWKR82kV2LyI48SqC/3vqOlLVSoGIG1VeCkZ7l8wXEskEVX/JJpuXior7gtNn3/3 -ATiUFJVDBwn7YKnuHKsSjKCaXqeYalltiz8I+8jRRa8YFWSQEg9zKC7F4iRO/Fjs -8PRF/iKz6y+O0tlFYQXBl2+odnKPi4w2r78NBc5xjeambx9spnFixdjQg3IM8WcR -iQycE0xyNN+81XHfqnHd4blsjDwSXWXavVcStkNr/+XeTWYRUc+ZruwXtuhxkYze -Sf7dNXGiFSeUHM9h4ya7b6NnJSFd5t0dCy5oGzuCr+yDZ4XUmFF0sbmZgIn/f3gZ -XHlKYC6SQK5MNyosycdiyA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/ -qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9cJ2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRB -VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB -L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG -jjxDah2nGN59PRbxYvnKkKj9 ------END CERTIFICATE----- - -### TrustAsia Technologies, Inc. - -=== /C=CN/O=TrustAsia Technologies, Inc./CN=TrustAsia Global Root CA G3 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 64:f6:0e:65:77:61:6a:ab:3b:b4:ea:85:84:bb:b1:89:b8:71:93:0f - Signature Algorithm: sha384WithRSAEncryption - Validity - Not Before: May 20 02:10:19 2021 GMT - Not After : May 19 02:10:19 2046 GMT - Subject: C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia Global Root CA G3 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Authority Key Identifier: - keyid:40:E4:E4:F2:23:EF:38:CA:B0:AE:57:7F:F2:21:30:16:34:DB:BC:92 - - X509v3 Subject Key Identifier: - 40:E4:E4:F2:23:EF:38:CA:B0:AE:57:7F:F2:21:30:16:34:DB:BC:92 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign -SHA1 Fingerprint=63:CF:B6:C1:27:2B:56:E4:88:8E:1C:23:9A:B6:2E:81:47:24:C3:C7 -SHA256 Fingerprint=E0:D3:22:6A:EB:11:63:C2:E4:8F:F9:BE:3B:50:B4:C6:43:1B:E7:BB:1E:AC:C5:C3:6B:5D:5E:C5:09:03:9A:08 ------BEGIN CERTIFICATE----- -MIIFpTCCA42gAwIBAgIUZPYOZXdhaqs7tOqFhLuxibhxkw8wDQYJKoZIhvcNAQEM -BQAwWjELMAkGA1UEBhMCQ04xJTAjBgNVBAoMHFRydXN0QXNpYSBUZWNobm9sb2dp -ZXMsIEluYy4xJDAiBgNVBAMMG1RydXN0QXNpYSBHbG9iYWwgUm9vdCBDQSBHMzAe -Fw0yMTA1MjAwMjEwMTlaFw00NjA1MTkwMjEwMTlaMFoxCzAJBgNVBAYTAkNOMSUw -IwYDVQQKDBxUcnVzdEFzaWEgVGVjaG5vbG9naWVzLCBJbmMuMSQwIgYDVQQDDBtU -cnVzdEFzaWEgR2xvYmFsIFJvb3QgQ0EgRzMwggIiMA0GCSqGSIb3DQEBAQUAA4IC -DwAwggIKAoICAQDAMYJhkuSUGwoqZdC+BqmHO1ES6nBBruL7dOoKjbmzTNyPtxNS -T1QY4SxzlZHFZjtqz6xjbYdT8PfxObegQ2OwxANdV6nnRM7EoYNl9lA+sX4WuDqK -AtCWHwDNBSHvBm3dIZwZQ0WhxeiAysKtQGIXBsaqvPPW5vxQfmZCHzyLpnl5hkA1 -nyDvP+uLRx+PjsXUjrYsyUQE49RDdT/VP68czH5GX6zfZBCK70bwkPAPLfSIC7Ep -qq+FqklYqL9joDiR5rPmd2jE+SoZhLsO4fWvieylL1AgdB4SQXMeJNnKziyhWTXA -yB1GJ2Faj/lN03J5Zh6fFZAhLf3ti1ZwA0pJPn9pMRJpxx5cynoTi+jm9WAPzJMs -hH/x/Gr8m0ed262IPfN2dTPXS6TIi/n1Q1hPy8gDVI+lhXgEGvNz8teHHUGf59gX -zhqcD0r83ERoVGjiQTz+LISGNzzNPy+i2+f3VANfWdP3kXjHi3dqFuVJhZBFcnAv -kV34PmVACxmZySYgWmjBNb9Pp1Hx2BErW+Canig7CjoKH8GB5S7wprlppYiU5msT -f9FkPz2ccEblooV7WIQn3MSAPmeamseaMQ4w7OYXQJXZRe0Blqq/DPNL0WP3E1jA -uPP6Z92bfW1K/zJMtSU7/xxnD4UiWQWRkUF3gdCFTIcQcf+eQxuulXUtgQIDAQAB -o2MwYTAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFEDk5PIj7zjKsK5Xf/Ih -MBY027ySMB0GA1UdDgQWBBRA5OTyI+84yrCuV3/yITAWNNu8kjAOBgNVHQ8BAf8E -BAMCAQYwDQYJKoZIhvcNAQEMBQADggIBACY7UeFNOPMyGLS0XuFlXsSUT9SnYaP4 -wM8zAQLpw6o1D/GUE3d3NZ4tVlFEbuHGLige/9rsR82XRBf34EzC4Xx8MnpmyFq2 -XFNFV1pF1AWZLy4jVe5jaN/TG3inEpQGAHUNcoTpLrxaatXeL1nHo+zSh2bbt1S1 -JKv0Q3jbSwTEb93mPmY+KfJLaHEih6D4sTNjduMNhXJEIlU/HHzp/LgV6FL6qj6j -ITk1dImmasI5+njPtqzn59ZW/yOSLlALqbUHM/Q4X6RJpstlcHboCoWASzY9M/eV -VHUl2qzEc4Jl6VL1XP04lQJqaTDFHApXB64ipCz5xUG3uOyfT0gA+QEEVcys+TIx -xHWVBqB/0Y0n3bOppHKH/lmLmnp0Ft0WpWIp6zqW3IunaFnT63eROfjXy9mPX1on -AX1daBli2MjN9LdyR75bl87yraKZk62Uy5P2EgmVtqvXO9A/EcswFi55gORngS1d -7XB4tmBZrOFdRWOPyN9yaFvqHbgB8X7754qz41SgOAngPN5C8sLtLpvzHzW2Ntjj -gKGLzZlkD8Kqq7HK9W+eQ42EVJmzbsASZthwEPEGNTNDqJwuuhQxzhB/HIbjj9LV -+Hfsm6vxL2PZQl/gZ4FkkfGXL/xuJvYz+NO1+MRiqzFRJQJ6+N1rZdVtTTDIZbpo -FGWsJwt0ivKH ------END CERTIFICATE----- -=== /C=CN/O=TrustAsia Technologies, Inc./CN=TrustAsia Global Root CA G4 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 4f:23:64:b8:8e:97:63:9e:c6:53:81:c1:76:4e:cb:2a:74:15:d6:d7 - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: May 20 02:10:22 2021 GMT - Not After : May 19 02:10:22 2046 GMT - Subject: C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia Global Root CA G4 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Authority Key Identifier: - keyid:A5:BB:4A:97:CE:B3:2B:7F:A4:31:DE:97:83:59:83:A6:6F:71:CB:DE - - X509v3 Subject Key Identifier: - A5:BB:4A:97:CE:B3:2B:7F:A4:31:DE:97:83:59:83:A6:6F:71:CB:DE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign -SHA1 Fingerprint=57:73:A5:61:5D:80:B2:E6:AC:38:82:FC:68:07:31:AC:9F:B5:92:5A -SHA256 Fingerprint=BE:4B:56:CB:50:56:C0:13:6A:52:6D:F4:44:50:8D:AA:36:A0:B5:4F:42:E4:AC:38:F7:2A:F4:70:E4:79:65:4C ------BEGIN CERTIFICATE----- -MIICVTCCAdygAwIBAgIUTyNkuI6XY57GU4HBdk7LKnQV1tcwCgYIKoZIzj0EAwMw -WjELMAkGA1UEBhMCQ04xJTAjBgNVBAoMHFRydXN0QXNpYSBUZWNobm9sb2dpZXMs -IEluYy4xJDAiBgNVBAMMG1RydXN0QXNpYSBHbG9iYWwgUm9vdCBDQSBHNDAeFw0y -MTA1MjAwMjEwMjJaFw00NjA1MTkwMjEwMjJaMFoxCzAJBgNVBAYTAkNOMSUwIwYD -VQQKDBxUcnVzdEFzaWEgVGVjaG5vbG9naWVzLCBJbmMuMSQwIgYDVQQDDBtUcnVz -dEFzaWEgR2xvYmFsIFJvb3QgQ0EgRzQwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATx -s8045CVD5d4ZCbuBeaIVXxVjAd7Cq92zphtnS4CDr5nLrBfbK5bKfFJV4hrhPVbw -LxYI+hW8m7tH5j/uqOFMjPXTNvk4XatwmkcN4oFBButJ+bAp3TPsUKV/eSm4IJij -YzBhMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUpbtKl86zK3+kMd6Xg1mD -pm9xy94wHQYDVR0OBBYEFKW7SpfOsyt/pDHel4NZg6ZvccveMA4GA1UdDwEB/wQE -AwIBBjAKBggqhkjOPQQDAwNnADBkAjBe8usGzEkxn0AAbbd+NvBNEU/zy4k6LHiR -UKNbwMp1JvK/kF0LgoxgKJ/GcJpo5PECMFxYDlZ2z1jD1xCMuo6u47xkdUfFVZDj -/bpV6wfEU6s3qe4hsiFbYI89MvHVI5TWWA== ------END CERTIFICATE----- - -### Trustwave Holdings, Inc. - -=== /C=US/ST=Illinois/L=Chicago/O=Trustwave Holdings, Inc./CN=Trustwave Global Certification Authority -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 05:f7:0e:86:da:49:f3:46:35:2e:ba:b2 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Aug 23 19:34:12 2017 GMT - Not After : Aug 23 19:34:12 2042 GMT - Subject: C=US, ST=Illinois, L=Chicago, O=Trustwave Holdings, Inc., CN=Trustwave Global Certification Authority - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 99:E0:19:67:0D:62:DB:76:B3:DA:3D:B8:5B:E8:FD:42:D2:31:0E:87 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign -SHA1 Fingerprint=2F:8F:36:4F:E1:58:97:44:21:59:87:A5:2A:9A:D0:69:95:26:7F:B5 -SHA256 Fingerprint=97:55:20:15:F5:DD:FC:3C:87:88:C0:06:94:45:55:40:88:94:45:00:84:F1:00:86:70:86:BC:1A:2B:B5:8D:C8 ------BEGIN CERTIFICATE----- -MIIF2jCCA8KgAwIBAgIMBfcOhtpJ80Y1LrqyMA0GCSqGSIb3DQEBCwUAMIGIMQsw -CQYDVQQGEwJVUzERMA8GA1UECAwISWxsaW5vaXMxEDAOBgNVBAcMB0NoaWNhZ28x -ITAfBgNVBAoMGFRydXN0d2F2ZSBIb2xkaW5ncywgSW5jLjExMC8GA1UEAwwoVHJ1 -c3R3YXZlIEdsb2JhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xNzA4MjMx -OTM0MTJaFw00MjA4MjMxOTM0MTJaMIGIMQswCQYDVQQGEwJVUzERMA8GA1UECAwI -SWxsaW5vaXMxEDAOBgNVBAcMB0NoaWNhZ28xITAfBgNVBAoMGFRydXN0d2F2ZSBI -b2xkaW5ncywgSW5jLjExMC8GA1UEAwwoVHJ1c3R3YXZlIEdsb2JhbCBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB -ALldUShLPDeS0YLOvR29zd24q88KPuFd5dyqCblXAj7mY2Hf8g+CY66j96xz0Xzn -swuvCAAJWX/NKSqIk4cXGIDtiLK0thAfLdZfVaITXdHG6wZWiYj+rDKd/VzDBcdu -7oaJuogDnXIhhpCujwOl3J+IKMujkkkP7NAP4m1ET4BqstTnoApTAbqOl5F2brz8 -1Ws25kCI1nsvXwXoLG0R8+eyvpJETNKXpP7ScoFDB5zpET71ixpZfR9oWN0EACyW -80OzfpgZdNmcc9kYvkHHNHnZ9GLCQ7mzJ7Aiy/k9UscwR7PJPrhq4ufogXBeQotP -JqX+OsIgbrv4Fo7NDKm0G2x2EOFYeUY+VM6AqFcJNykbmROPDMjWLBz7BegIlT1l -RtzuzWniTY+HKE40Cz7PFNm73bZQmq131BnW2hqIyE4bJ3XYsgjxroMwuREOzYfw -hI0Vcnyh78zyiGG69Gm7DIwLdVcEuE4qFC49DxweMqZiNu5m4iK4BUBjECLzMx10 -coos9TkpoNPnG4CELcU9402x/RpvumUHO1jsQkUm+9jaJXLE9gCxInm943xZYkqc -BW89zubWR2OZxiRvchLIrH+QtAuRcOi35hYQcRfO3gZPSEF9NUqjifLJS3tBEW1n -twiYTOURGa5CgNz7kAXU+FDKvuStx8KU1xad5hePrzb7AgMBAAGjQjBAMA8GA1Ud -EwEB/wQFMAMBAf8wHQYDVR0OBBYEFJngGWcNYtt2s9o9uFvo/ULSMQ6HMA4GA1Ud -DwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAmHNw4rDT7TnsTGDZqRKGFx6W -0OhUKDtkLSGm+J1WE2pIPU/HPinbbViDVD2HfSMF1OQc3Og4ZYbFdada2zUFvXfe -uyk3QAUHw5RSn8pk3fEbK9xGChACMf1KaA0HZJDmHvUqoai7PF35owgLEQzxPy0Q -lG/+4jSHg9bP5Rs1bdID4bANqKCqRieCNqcVtgimQlRXtpla4gt5kNdXElE1GYhB -aCXUNxeEFfsBctyV3lImIJgm4nb1J2/6ADtKYdkNy1GTKv0WBpanI5ojSP5RvbbE -sLFUzt5sQa0WZ37b/TjNuThOssFgy50X31ieemKyJo90lZvkWx3SD92YHJtZuSPT -MaCm/zjdzyBP6VhWOmfD0faZmZ26NraAL4hHT4a/RDqA5Dccprrql5gR0IRiR2Qe -qu5AvzSxnI9O4fKSTx+O856X3vOmeWqJcU9LJxdI/uz0UA9PSX3MReO9ekDFQdxh -VicGaeVyQYHTtgGJoC86cnn+OjC/QezHYj6RS8fZMXZC+fc8Y+wmjHMMfRod6qh8 -h6jCJ3zhM0EPz8/8AKAigJ5Kp28AsEFFtyLKaEjFQqKu3R3y4G5OBVixwJAWKqQ9 -EEC+j2Jjg6mcgn0tAumDMHzLJ8n9HmYAsC7TIS+OMxZsmO0QqAfWzJPP29FpHOTK -yeC2nOnOcXHebD8WpHk= ------END CERTIFICATE----- -=== /C=US/ST=Illinois/L=Chicago/O=Trustwave Holdings, Inc./CN=Trustwave Global ECC P256 Certification Authority -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 0d:6a:5f:08:3f:28:5c:3e:51:95:df:5d - Signature Algorithm: ecdsa-with-SHA256 - Validity - Not Before: Aug 23 19:35:10 2017 GMT - Not After : Aug 23 19:35:10 2042 GMT - Subject: C=US, ST=Illinois, L=Chicago, O=Trustwave Holdings, Inc., CN=Trustwave Global ECC P256 Certification Authority - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - A3:41:06:AC:90:6D:D1:4A:EB:75:A5:4A:10:99:B3:B1:A1:8B:4A:F7 -SHA1 Fingerprint=B4:90:82:DD:45:0C:BE:8B:5B:B1:66:D3:E2:A4:08:26:CD:ED:42:CF -SHA256 Fingerprint=94:5B:BC:82:5E:A5:54:F4:89:D1:FD:51:A7:3D:DF:2E:A6:24:AC:70:19:A0:52:05:22:5C:22:A7:8C:CF:A8:B4 ------BEGIN CERTIFICATE----- -MIICYDCCAgegAwIBAgIMDWpfCD8oXD5Rld9dMAoGCCqGSM49BAMCMIGRMQswCQYD -VQQGEwJVUzERMA8GA1UECBMISWxsaW5vaXMxEDAOBgNVBAcTB0NoaWNhZ28xITAf -BgNVBAoTGFRydXN0d2F2ZSBIb2xkaW5ncywgSW5jLjE6MDgGA1UEAxMxVHJ1c3R3 -YXZlIEdsb2JhbCBFQ0MgUDI1NiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0x -NzA4MjMxOTM1MTBaFw00MjA4MjMxOTM1MTBaMIGRMQswCQYDVQQGEwJVUzERMA8G -A1UECBMISWxsaW5vaXMxEDAOBgNVBAcTB0NoaWNhZ28xITAfBgNVBAoTGFRydXN0 -d2F2ZSBIb2xkaW5ncywgSW5jLjE6MDgGA1UEAxMxVHJ1c3R3YXZlIEdsb2JhbCBF -Q0MgUDI1NiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTBZMBMGByqGSM49AgEGCCqG -SM49AwEHA0IABH77bOYj43MyCMpg5lOcunSNGLB4kFKA3TjASh3RqMyTpJcGOMoN -FWLGjgEqZZ2q3zSRLoHB5DOSMcT9CTqmP62jQzBBMA8GA1UdEwEB/wQFMAMBAf8w -DwYDVR0PAQH/BAUDAwcGADAdBgNVHQ4EFgQUo0EGrJBt0UrrdaVKEJmzsaGLSvcw -CgYIKoZIzj0EAwIDRwAwRAIgB+ZU2g6gWrKuEZ+Hxbb/ad4lvvigtwjzRM4q3wgh -DDcCIC0mA6AFvWvR9lz4ZcyGbbOcNEhjhAnFjXca4syc4XR7 ------END CERTIFICATE----- -=== /C=US/ST=Illinois/L=Chicago/O=Trustwave Holdings, Inc./CN=Trustwave Global ECC P384 Certification Authority -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 08:bd:85:97:6c:99:27:a4:80:68:47:3b - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Aug 23 19:36:43 2017 GMT - Not After : Aug 23 19:36:43 2042 GMT - Subject: C=US, ST=Illinois, L=Chicago, O=Trustwave Holdings, Inc., CN=Trustwave Global ECC P384 Certification Authority - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - 55:A9:84:89:D2:C1:32:BD:18:CB:6C:A6:07:4E:C8:E7:9D:BE:82:90 -SHA1 Fingerprint=E7:F3:A3:C8:CF:6F:C3:04:2E:6D:0E:67:32:C5:9E:68:95:0D:5E:D2 -SHA256 Fingerprint=55:90:38:59:C8:C0:C3:EB:B8:75:9E:CE:4E:25:57:22:5F:F5:75:8B:BD:38:EB:D4:82:76:60:1E:1B:D5:80:97 ------BEGIN CERTIFICATE----- -MIICnTCCAiSgAwIBAgIMCL2Fl2yZJ6SAaEc7MAoGCCqGSM49BAMDMIGRMQswCQYD -VQQGEwJVUzERMA8GA1UECBMISWxsaW5vaXMxEDAOBgNVBAcTB0NoaWNhZ28xITAf -BgNVBAoTGFRydXN0d2F2ZSBIb2xkaW5ncywgSW5jLjE6MDgGA1UEAxMxVHJ1c3R3 -YXZlIEdsb2JhbCBFQ0MgUDM4NCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0x -NzA4MjMxOTM2NDNaFw00MjA4MjMxOTM2NDNaMIGRMQswCQYDVQQGEwJVUzERMA8G -A1UECBMISWxsaW5vaXMxEDAOBgNVBAcTB0NoaWNhZ28xITAfBgNVBAoTGFRydXN0 -d2F2ZSBIb2xkaW5ncywgSW5jLjE6MDgGA1UEAxMxVHJ1c3R3YXZlIEdsb2JhbCBF -Q0MgUDM4NCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTB2MBAGByqGSM49AgEGBSuB -BAAiA2IABGvaDXU1CDFHBa5FmVXxERMuSvgQMSOjfoPTfygIOiYaOs+Xgh+AtycJ -j9GOMMQKmw6sWASr9zZ9lCOkmwqKi6vr/TklZvFe/oyujUF5nQlgziip04pt89ZF -1PKYhDhloKNDMEEwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwYAMB0G -A1UdDgQWBBRVqYSJ0sEyvRjLbKYHTsjnnb6CkDAKBggqhkjOPQQDAwNnADBkAjA3 -AZKXRRJ+oPM+rRk6ct30UJMDEr5E0k9BpIycnR+j9sKS50gU/k6bpZFXrsY3crsC -MGclCrEMXu6pY5Jv5ZAL/mYiykf9ijH3g/56vxC+GCsej/YpHpRZ744hN8tRmKVu -Sw== ------END CERTIFICATE----- - -### Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK - -=== /C=TR/L=Gebze - Kocaeli/O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK/OU=Kamu Sertifikasyon Merkezi - Kamu SM/CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 1 (0x1) - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Nov 25 08:25:55 2013 GMT - Not After : Oct 25 08:25:55 2043 GMT - Subject: C=TR, L=Gebze - Kocaeli, O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK, OU=Kamu Sertifikasyon Merkezi - Kamu SM, CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1 - X509v3 extensions: - X509v3 Subject Key Identifier: - 65:3F:C7:8A:86:C6:3C:DD:3C:54:5C:35:F8:3A:ED:52:0C:47:57:C8 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE -SHA1 Fingerprint=31:43:64:9B:EC:CE:27:EC:ED:3A:3F:0B:8F:0D:E4:E8:91:DD:EE:CA -SHA256 Fingerprint=46:ED:C3:68:90:46:D5:3A:45:3F:B3:10:4A:B8:0D:CA:EC:65:8B:26:60:EA:16:29:DD:7E:86:79:90:64:87:16 ------BEGIN CERTIFICATE----- -MIIEYzCCA0ugAwIBAgIBATANBgkqhkiG9w0BAQsFADCB0jELMAkGA1UEBhMCVFIx -GDAWBgNVBAcTD0dlYnplIC0gS29jYWVsaTFCMEAGA1UEChM5VHVya2l5ZSBCaWxp -bXNlbCB2ZSBUZWtub2xvamlrIEFyYXN0aXJtYSBLdXJ1bXUgLSBUVUJJVEFLMS0w -KwYDVQQLEyRLYW11IFNlcnRpZmlrYXN5b24gTWVya2V6aSAtIEthbXUgU00xNjA0 -BgNVBAMTLVRVQklUQUsgS2FtdSBTTSBTU0wgS29rIFNlcnRpZmlrYXNpIC0gU3Vy -dW0gMTAeFw0xMzExMjUwODI1NTVaFw00MzEwMjUwODI1NTVaMIHSMQswCQYDVQQG -EwJUUjEYMBYGA1UEBxMPR2ViemUgLSBLb2NhZWxpMUIwQAYDVQQKEzlUdXJraXll -IEJpbGltc2VsIHZlIFRla25vbG9qaWsgQXJhc3Rpcm1hIEt1cnVtdSAtIFRVQklU -QUsxLTArBgNVBAsTJEthbXUgU2VydGlmaWthc3lvbiBNZXJrZXppIC0gS2FtdSBT -TTE2MDQGA1UEAxMtVFVCSVRBSyBLYW11IFNNIFNTTCBLb2sgU2VydGlmaWthc2kg -LSBTdXJ1bSAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3UwM6q7 -a9OZLBI3hNmNe5eA027n/5tQlT6QlVZC1xl8JoSNkvoBHToP4mQ4t4y86Ij5iySr -LqP1N+RAjhgleYN1Hzv/bKjFxlb4tO2KRKOrbEz8HdDc72i9z+SqzvBV96I01INr -N3wcwv61A+xXzry0tcXtAA9TNypN9E8Mg/uGz8v+jE69h/mniyFXnHrfA2eJLJ2X -YacQuFWQfw4tJzh03+f92k4S400VIgLI4OD8D62K18lUUMw7D8oWgITQUVbDjlZ/ -iSIzL+aFCr2lqBs23tPcLG07xxO9WSMs5uWk99gL7eqQQESolbuT1dCANLZGeA4f -AJNG4e7p+exPFwIDAQABo0IwQDAdBgNVHQ4EFgQUZT/HiobGPN08VFw1+DrtUgxH -V8gwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEL -BQADggEBACo/4fEyjq7hmFxLXs9rHmoJ0iKpEsdeV31zVmSAhHqT5Am5EM2fKifh -AHe+SMg1qIGf5LgsyX8OsNJLN13qudULXjS99HMpw+0mFZx+CFOKWI3QSyjfwbPf -IPP54+M638yclNhOT8NrF7f3cuitZjO1JVOr4PhMqZ398g26rrnZqsZr+ZO7rqu4 -lzwDGrpDxpa5RXI4s6ehlj2Re37AIVNMh+3yC1SVUZPVIqUNivGTDj5UDrDYyU7c -8jEyVupk+eq1nRZmQnLzf9OxMUP8pI4X8W0jq5Rm+K37DwhuJi1/FwcJsoz7UMCf -lo3Ptv0AnVoUmr8CRPXBwp8iXqIPoeM= ------END CERTIFICATE----- - -### UniTrust - -=== /C=CN/O=UniTrust/CN=UCA Extended Validation Root -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 4f:d2:2b:8f:f5:64:c8:33:9e:4f:34:58:66:23:70:60 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Mar 13 00:00:00 2015 GMT - Not After : Dec 31 00:00:00 2038 GMT - Subject: C=CN, O=UniTrust, CN=UCA Extended Validation Root - X509v3 extensions: - X509v3 Subject Key Identifier: - D9:74:3A:E4:30:3D:0D:F7:12:DC:7E:5A:05:9F:1E:34:9A:F7:E1:14 - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign -SHA1 Fingerprint=A3:A1:B0:6F:24:61:23:4A:E3:36:A5:C2:37:FC:A6:FF:DD:F0:D7:3A -SHA256 Fingerprint=D4:3A:F9:B3:54:73:75:5C:96:84:FC:06:D7:D8:CB:70:EE:5C:28:E7:73:FB:29:4E:B4:1E:E7:17:22:92:4D:24 ------BEGIN CERTIFICATE----- -MIIFWjCCA0KgAwIBAgIQT9Irj/VkyDOeTzRYZiNwYDANBgkqhkiG9w0BAQsFADBH -MQswCQYDVQQGEwJDTjERMA8GA1UECgwIVW5pVHJ1c3QxJTAjBgNVBAMMHFVDQSBF -eHRlbmRlZCBWYWxpZGF0aW9uIFJvb3QwHhcNMTUwMzEzMDAwMDAwWhcNMzgxMjMx -MDAwMDAwWjBHMQswCQYDVQQGEwJDTjERMA8GA1UECgwIVW5pVHJ1c3QxJTAjBgNV -BAMMHFVDQSBFeHRlbmRlZCBWYWxpZGF0aW9uIFJvb3QwggIiMA0GCSqGSIb3DQEB -AQUAA4ICDwAwggIKAoICAQCpCQcoEwKwmeBkqh5DFnpzsZGgdT6o+uM4AHrsiWog -D4vFsJszA1qGxliG1cGFu0/GnEBNyr7uaZa4rYEwmnySBesFK5pI0Lh2PpbIILvS -sPGP2KxFRv+qZ2C0d35qHzwaUnoEPQc8hQ2E0B92CvdqFN9y4zR8V05WAT558aop -O2z6+I9tTcg1367r3CTueUWnhbYFiN6IXSV8l2RnCdm/WhUFhvMJHuxYMjMR83dk -sHYf5BA1FxvyDrFspCqjc/wJHx4yGVMR59mzLC52LqGj3n5qiAno8geK+LLNEOfi -c0CTuwjRP+H8C5SzJe98ptfRr5//lpr1kXuYC3fUfugH0mK1lTnj8/FtDw5lhIpj -VMWAtuCeS31HJqcBCF3RiJ7XwzJE+oJKCmhUfzhTA8ykADNkUVkLo4KRel7sFsLz -KuZi2irbWWIQJUoqgQtHB0MGcIfS+pMRKXpITeuUx3BNr2fVUbGAIAEBtHoIppB/ -TuDvB0GHr2qlXov7z1CymlSvw4m6WC31MJixNnI5fkkE/SmnTHnkBVfblLkWU41G -sx2VYVdWf6/wFlthWG82UBEL2KwrlRYaDh8IzTY0ZRBiZtWAXxQgXy0MoHgKaNYs -1+lvK9JKBZP8nm9rZ/+I8U6laUpSNwXqxhaN0sSZ0YIrO7o1dfdRUVjzyAfd5LQD -fwIDAQABo0IwQDAdBgNVHQ4EFgQU2XQ65DA9DfcS3H5aBZ8eNJr34RQwDwYDVR0T -AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggIBADaN -l8xCFWQpN5smLNb7rhVpLGsaGvdftvkHTFnq88nIua7Mui563MD1sC3AO6+fcAUR -ap8lTwEpcOPlDOHqWnzcSbvBHiqB9RZLcpHIojG5qtr8nR/zXUACE/xOHAbKsxSQ -VBcZEhrxH9cMaVr2cXj0lH2RC47skFSOvG+hTKv8dGT9cZr4QQehzZHkPJrgmzI5 -c6sq1WnIeJEmMX3ixzDx/BR4dxIOE/TdFpS/S2d7cFOFyrC78zhNLJA5wA3CXWvp -4uXViI3WLL+rG761KIcSF3Ru/H38j9CHJrAb+7lsq+KePRXBOy5nAliRn+/4Qh8s -t2j1da3Ptfb/EX3C8CSlrdP6oDyp+l3cpaDvRKS+1ujl5BOWF3sGPjLtx7dCvHaj -2GU4Kzg1USEODm8uNBNA4StnDG1KQTAYI1oyVZnJF+A83vbsea0rWBmirSwiGpWO -vpaQXUJXxPkUAzUrHC1RVwinOt4/5Mi0A3PCwSaAuwtCH60NryZy2sy+s6ODWA2C -xR9GUeOcGMyNm43sSet1UNWMKFnKdDTajAshqx7qG+XH/RU+wBeq+yNuJkbL+vmx -cmtpzyKEC2IPrNkZAJSidjzULZrtBJ4tBmIQN1IchXIbJ+XMxjHsN+xjWZsLHXbM -fjKaiJUINlK73nZfdklJrX+9ZSCyycErdhh2n1ax ------END CERTIFICATE----- -=== /C=CN/O=UniTrust/CN=UCA Global G2 Root -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 5d:df:b1:da:5a:a3:ed:5d:be:5a:65:20:65:03:90:ef - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Mar 11 00:00:00 2016 GMT - Not After : Dec 31 00:00:00 2040 GMT - Subject: C=CN, O=UniTrust, CN=UCA Global G2 Root - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 81:C4:8C:CC:F5:E4:30:FF:A5:0C:08:5F:8C:15:67:21:74:01:DF:DF -SHA1 Fingerprint=28:F9:78:16:19:7A:FF:18:25:18:AA:44:FE:C1:A0:CE:5C:B6:4C:8A -SHA256 Fingerprint=9B:EA:11:C9:76:FE:01:47:64:C1:BE:56:A6:F9:14:B5:A5:60:31:7A:BD:99:88:39:33:82:E5:16:1A:A0:49:3C ------BEGIN CERTIFICATE----- -MIIFRjCCAy6gAwIBAgIQXd+x2lqj7V2+WmUgZQOQ7zANBgkqhkiG9w0BAQsFADA9 -MQswCQYDVQQGEwJDTjERMA8GA1UECgwIVW5pVHJ1c3QxGzAZBgNVBAMMElVDQSBH -bG9iYWwgRzIgUm9vdDAeFw0xNjAzMTEwMDAwMDBaFw00MDEyMzEwMDAwMDBaMD0x -CzAJBgNVBAYTAkNOMREwDwYDVQQKDAhVbmlUcnVzdDEbMBkGA1UEAwwSVUNBIEds -b2JhbCBHMiBSb290MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxeYr -b3zvJgUno4Ek2m/LAfmZmqkywiKHYUGRO8vDaBsGxUypK8FnFyIdK+35KYmToni9 -kmugow2ifsqTs6bRjDXVdfkX9s9FxeV67HeToI8jrg4aA3++1NDtLnurRiNb/yzm -VHqUwCoV8MmNsHo7JOHXaOIxPAYzRrZUEaalLyJUKlgNAQLx+hVRZ2zA+te2G3/R -VogvGjqNO7uCEeBHANBSh6v7hn4PJGtAnTRnvI3HLYZveT6OqTwXS3+wmeOwcWDc -C/Vkw85DvG1xudLeJ1uK6NjGruFZfc8oLTW4lVYa8bJYS7cSN8h8s+1LgOGN+jIj -tm+3SJUIsUROhYw6AlQgL9+/V087OpAh18EmNVQg7Mc/R+zvWr9LesGtOxdQXGLY -D0tK3Cv6brxzks3sx1DoQZbXqX5t2Okdj4q1uViSukqSKwxW/YDrCPBeKW4bHAyv -j5OJrdu9o54hyokZ7N+1wxrrFv54NkzWbtA+FxyQF2smuvt6L78RHBgOLXMDj6Dl -NaBa4kx1HXHhOThTeEDMg5PXCp6dW4+K5OXgSORIskfNTip1KnvyIvbJvgmRlld6 -iIis7nCs+dwp4wwcOxJORNanTrAmyPPZGpeRaOrvjUYG0lZFWJo8DA+DuAUlwznP -O6Q0ibd5Ei9Hxeepl2n8pndntd978XplFeRhVmUCAwEAAaNCMEAwDgYDVR0PAQH/ -BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFIHEjMz15DD/pQwIX4wV -ZyF0Ad/fMA0GCSqGSIb3DQEBCwUAA4ICAQATZSL1jiutROTL/7lo5sOASD0Ee/oj -L3rtNtqyzm325p7lX1iPyzcyochltq44PTUbPrw7tgTQvPlJ9Zv3hcU2tsu8+Mg5 -1eRfB70VVJd0ysrtT7q6ZHafgbiERUlMjW+i67HM0cOU2kTC5uLqGOiiHycFutfl -1qnN3e92mI0ADs0b+gO3joBYDic/UvuUospeZcnWhNq5NXHzJsBPd+aBJ9J3O5oU -b3n09tDh05S60FdRvScFDcH9yBIw7m+NESsIndTUv4BFFJqIRNow6rSn4+7vW4LV -PtateJLbXDzz2K36uGt/xDYotgIVilQsnLAXc47QN6MUPJiVAAwpBVueSUmxX8fj -y88nZY41F7dXyDDZQVu5FLbowg+UMaeUmMxq67XhJ/UQqAHojhJi6IjMtX9Gl8Cb -EGY4GjZGXyJoPd/JxhMnq1MGrKI8hgZlb7F+sSlEmqO6SWkoaY/X5V+tBIZkbxqg -DMUIYs6Ao9Dz7GjevjPHF1t/gMRMTLGmhIrDO7gJzRSBuhjjVFc2/tsvfEehOjPI -+Vg7RE+xygKJBJYoaMVLuCaJu9YzL1DV/pqJuhgyklTGW+Cd+V7lDSKb9triyCGy -YiGqhkCyLmTTX8jjfhFnRR8F/uOi77Oos/N9j/gMHyIfLXC0uAE0djAA5SN4p1bX -UB+K+wb1whnw0A== ------END CERTIFICATE----- - -### Unizeto Technologies S.A. - -=== /C=PL/O=Unizeto Technologies S.A./OU=Certum Certification Authority/CN=Certum Trusted Network CA -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 279744 (0x444c0) - Signature Algorithm: sha1WithRSAEncryption - Validity - Not Before: Oct 22 12:07:37 2008 GMT - Not After : Dec 31 12:07:37 2029 GMT - Subject: C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 08:76:CD:CB:07:FF:24:F6:C5:CD:ED:BB:90:BC:E2:84:37:46:75:F7 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign -SHA1 Fingerprint=07:E0:32:E0:20:B7:2C:3F:19:2F:06:28:A2:59:3A:19:A7:0F:06:9E -SHA256 Fingerprint=5C:58:46:8D:55:F5:8E:49:7E:74:39:82:D2:B5:00:10:B6:D1:65:37:4A:CF:83:A7:D4:A3:2D:B7:68:C4:40:8E ------BEGIN CERTIFICATE----- -MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBM -MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D -ZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxIjAgBgNVBAMTGUNlcnR1bSBU -cnVzdGVkIE5ldHdvcmsgQ0EwHhcNMDgxMDIyMTIwNzM3WhcNMjkxMjMxMTIwNzM3 -WjB+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMg -Uy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIw -IAYDVQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMIIBIjANBgkqhkiG9w0B -AQEFAAOCAQ8AMIIBCgKCAQEA4/t9o3K6wvDJFIf1awFO4W5AB7ptJ11/91sts1rH -UV+rpDKmYYe2bg+G0jACl/jXaVehGDldamR5xgFZrDwxSjh80gTSSyjoIF87B6LM -TXPb865Px1bVWqeWifrzq2jUI4ZZJ88JJ7ysbnKDHDBy3+Ci6dLhdHUZvSqeexVU -BBvXQzmtVSjF4hq79MDkrjhJM8x2hZ85RdKknvISjFH4fOQtf/WsX+sWn7Et0brM -kUJ3TCXJkDhv2/DM+44el1k+1WBO5gUo7Ul5E0u6SNsv+XLTOcr+H9g0cvW0QM8x -AcPs3hEtF10fuFDRXhmnad4HMyjKUJX5p1TLVIZQRan5SQIDAQABo0IwQDAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBQIds3LB/8k9sXN7buQvOKEN0Z19zAOBgNV -HQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAKaorSLOAT2mo/9i0Eidi15y -sHhE49wcrwn9I0j6vSrEuVUEtRCjjSfeC4Jj0O7eDDd5QVsisrCaQVymcODU0HfL -I9MA4GxWL+FpDQ3Zqr8hgVDZBqWo/5U30Kr+4rP1mS1FhIrlQgnXdAIv94nYmem8 -J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5ajZt3hrvJBW8qY -VoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI -03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw= ------END CERTIFICATE----- - -### WISeKey - -=== /C=CH/O=WISeKey/OU=OISTE Foundation Endorsed/CN=OISTE WISeKey Global Root GB CA -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 76:b1:20:52:74:f0:85:87:46:b3:f8:23:1a:f6:c2:c0 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Dec 1 15:00:32 2014 GMT - Not After : Dec 1 15:10:31 2039 GMT - Subject: C=CH, O=WISeKey, OU=OISTE Foundation Endorsed, CN=OISTE WISeKey Global Root GB CA - X509v3 extensions: - X509v3 Key Usage: - Digital Signature, Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 35:0F:C8:36:63:5E:E2:A3:EC:F9:3B:66:15:CE:51:52:E3:91:9A:3D - 1.3.6.1.4.1.311.21.1: - ... -SHA1 Fingerprint=0F:F9:40:76:18:D3:D7:6A:4B:98:F0:A8:35:9E:0C:FD:27:AC:CC:ED -SHA256 Fingerprint=6B:9C:08:E8:6E:B0:F7:67:CF:AD:65:CD:98:B6:21:49:E5:49:4A:67:F5:84:5E:7B:D1:ED:01:9F:27:B8:6B:D6 ------BEGIN CERTIFICATE----- -MIIDtTCCAp2gAwIBAgIQdrEgUnTwhYdGs/gjGvbCwDANBgkqhkiG9w0BAQsFADBt -MQswCQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUg -Rm91bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9i -YWwgUm9vdCBHQiBDQTAeFw0xNDEyMDExNTAwMzJaFw0zOTEyMDExNTEwMzFaMG0x -CzAJBgNVBAYTAkNIMRAwDgYDVQQKEwdXSVNlS2V5MSIwIAYDVQQLExlPSVNURSBG -b3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5IEdsb2Jh -bCBSb290IEdCIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Be3 -HEokKtaXscriHvt9OO+Y9bI5mE4nuBFde9IllIiCFSZqGzG7qFshISvYD06fWvGx -WuR51jIjK+FTzJlFXHtPrby/h0oLS5daqPZI7H17Dc0hBt+eFf1Biki3IPShehtX -1F1Q/7pn2COZH8g/497/b1t3sWtuuMlk9+HKQUYOKXHQuSP8yYFfTvdv37+ErXNk -u7dCjmn21HYdfp2nuFeKUWdy19SouJVUQHMD9ur06/4oQnc/nSMbsrY9gBQHTC5P -99UKFg29ZkM3fiNDecNAhvVMKdqOmq0NpQSHiB6F4+lT1ZvIiwNjeOvgGUpuuy9r -M2RYk61pv48b74JIxwIDAQABo1EwTzALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUw -AwEB/zAdBgNVHQ4EFgQUNQ/INmNe4qPs+TtmFc5RUuORmj0wEAYJKwYBBAGCNxUB -BAMCAQAwDQYJKoZIhvcNAQELBQADggEBAEBM+4eymYGQfp3FsLAmzYh7KzKNbrgh -cViXfa43FK8+5/ea4n32cZiZBKpDdHij40lhPnOMTZTg+XHEthYOU3gf1qKHLwI5 -gSk8rxWYITD+KJAAjNHhy/peyP34EEY7onhCkRd0VQreUGdNZtGn//3ZwLWoo4rO -ZvUPQ82nK1d7Y0Zqqi5S2PTt4W2tKZB4SLrhI6qjiey1q5bAtEuiHZeeevJuQHHf -aPFlTc58Bd9TZaml8LGXBHAVRgOY1NK/VLSgWH1Sb9pWJmLU2NuJMW8c8CLC02Ic -Nc1MaRVUGpCY3useX8p3x8uOPUNpnJpY0CQ73xtAln41rYHHTnG6iBM= ------END CERTIFICATE----- -=== /C=CH/O=WISeKey/OU=OISTE Foundation Endorsed/CN=OISTE WISeKey Global Root GC CA -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 21:2a:56:0c:ae:da:0c:ab:40:45:bf:2b:a2:2d:3a:ea - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: May 9 09:48:34 2017 GMT - Not After : May 9 09:58:33 2042 GMT - Subject: C=CH, O=WISeKey, OU=OISTE Foundation Endorsed, CN=OISTE WISeKey Global Root GC CA - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 48:87:14:AC:E3:C3:9E:90:60:3A:D7:CA:89:EE:D3:AD:8C:B4:50:66 - 1.3.6.1.4.1.311.21.1: - ... -SHA1 Fingerprint=E0:11:84:5E:34:DE:BE:88:81:B9:9C:F6:16:26:D1:96:1F:C3:B9:31 -SHA256 Fingerprint=85:60:F9:1C:36:24:DA:BA:95:70:B5:FE:A0:DB:E3:6F:F1:1A:83:23:BE:94:86:85:4F:B3:F3:4A:55:71:19:8D ------BEGIN CERTIFICATE----- -MIICaTCCAe+gAwIBAgIQISpWDK7aDKtARb8roi066jAKBggqhkjOPQQDAzBtMQsw -CQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUgRm91 -bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9iYWwg -Um9vdCBHQyBDQTAeFw0xNzA1MDkwOTQ4MzRaFw00MjA1MDkwOTU4MzNaMG0xCzAJ -BgNVBAYTAkNIMRAwDgYDVQQKEwdXSVNlS2V5MSIwIAYDVQQLExlPSVNURSBGb3Vu -ZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5IEdsb2JhbCBS -b290IEdDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAETOlQwMYPchi82PG6s4ni -eUqjFqdrVCTbUf/q9Akkwwsin8tqJ4KBDdLArzHkdIJuyiXZjHWd8dvQmqJLIX4W -p2OQ0jnUsYd4XxiWD1AbNTcPasbc2RNNpI6QN+a9WzGRo1QwUjAOBgNVHQ8BAf8E -BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUSIcUrOPDnpBgOtfKie7T -rYy0UGYwEAYJKwYBBAGCNxUBBAMCAQAwCgYIKoZIzj0EAwMDaAAwZQIwJsdpW9zV -57LnyAyMjMPdeYwbY9XJUpROTYJKcx6ygISpJcBMWm1JKWB4E+J+SOtkAjEA2zQg -Mgj/mkkCtojeFK9dbJlxjRo/i9fgojaGHAeCOnZT/cKi7e97sIBPWA9LUzm9 ------END CERTIFICATE----- - -### XRamp Security Services Inc - -=== /C=US/OU=www.xrampsecurity.com/O=XRamp Security Services Inc/CN=XRamp Global Certification Authority -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 50:94:6c:ec:18:ea:d5:9c:4d:d5:97:ef:75:8f:a0:ad - Signature Algorithm: sha1WithRSAEncryption - Validity - Not Before: Nov 1 17:14:04 2004 GMT - Not After : Jan 1 05:37:19 2035 GMT - Subject: C=US, OU=www.xrampsecurity.com, O=XRamp Security Services Inc, CN=XRamp Global Certification Authority - X509v3 extensions: - 1.3.6.1.4.1.311.20.2: - ...C.A - X509v3 Key Usage: - Digital Signature, Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - C6:4F:A2:3D:06:63:84:09:9C:CE:62:E4:04:AC:8D:5C:B5:E9:B6:1B - X509v3 CRL Distribution Points: - - Full Name: - URI:http://crl.xrampsecurity.com/XGCA.crl - - 1.3.6.1.4.1.311.21.1: - ... -SHA1 Fingerprint=B8:01:86:D1:EB:9C:86:A5:41:04:CF:30:54:F3:4C:52:B7:E5:58:C6 -SHA256 Fingerprint=CE:CD:DC:90:50:99:D8:DA:DF:C5:B1:D2:09:B7:37:CB:E2:C1:8C:FB:2C:10:C0:FF:0B:CF:0D:32:86:FC:1A:A2 ------BEGIN CERTIFICATE----- -MIIEMDCCAxigAwIBAgIQUJRs7Bjq1ZxN1ZfvdY+grTANBgkqhkiG9w0BAQUFADCB -gjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEk -MCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2VydmljZXMgSW5jMS0wKwYDVQQDEyRY -UmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQxMTAxMTcx -NDA0WhcNMzUwMTAxMDUzNzE5WjCBgjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3 -dy54cmFtcHNlY3VyaXR5LmNvbTEkMCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2Vy -dmljZXMgSW5jMS0wKwYDVQQDEyRYUmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBB -dXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYJB69FbS6 -38eMpSe2OAtp87ZOqCwuIR1cRN8hXX4jdP5efrRKt6atH67gBhbim1vZZ3RrXYCP -KZ2GG9mcDZhtdhAoWORlsH9KmHmf4MMxfoArtYzAQDsRhtDLooY2YKTVMIJt2W7Q -DxIEM5dfT2Fa8OT5kavnHTu86M/0ay00fOJIYRyO82FEzG+gSqmUsE3a56k0enI4 -qEHMPJQRfevIpoy3hsvKMzvZPTeL+3o+hiznc9cKV6xkmxnr9A8ECIqsAxcZZPRa -JSKNNCyy9mgdEm3Tih4U2sSPpuIjhdV6Db1q4Ons7Be7QhtnqiXtRYMh/MHJfNVi -PvryxS3T/dRlAgMBAAGjgZ8wgZwwEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0P -BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMZPoj0GY4QJnM5i5ASs -jVy16bYbMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwueHJhbXBzZWN1cml0 -eS5jb20vWEdDQS5jcmwwEAYJKwYBBAGCNxUBBAMCAQEwDQYJKoZIhvcNAQEFBQAD -ggEBAJEVOQMBG2f7Shz5CmBbodpNl2L5JFMn14JkTpAuw0kbK5rc/Kh4ZzXxHfAR -vbdI4xD2Dd8/0sm2qlWkSLoC295ZLhVbO50WfUfXN+pfTXYSNrsf16GBBEYgoyxt -qZ4Bfj8pzgCT3/3JknOJiWSe5yvkHJEs0rnOfc5vMZnT5r7SHpDwCRR5XCOrTdLa -IR9NmXmd4c8nnxCbHIgNsIpkQTG4DmyQJKSbXHGPurt+HBvbaoAPIbzp26a3QPSy -i6mx5O+aGtA9aZnuqCij4Tyz8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQ -O+7ETPTsJ3xCwnR8gooJybQDJbw= ------END CERTIFICATE----- - -### certSIGN - -=== /C=RO/O=certSIGN/OU=certSIGN ROOT CA -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 35210227249154 (0x200605167002) - Signature Algorithm: sha1WithRSAEncryption - Validity - Not Before: Jul 4 17:20:04 2006 GMT - Not After : Jul 4 17:20:04 2031 GMT - Subject: C=RO, O=certSIGN, OU=certSIGN ROOT CA - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Digital Signature, Non Repudiation, Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - E0:8C:9B:DB:25:49:B3:F1:7C:86:D6:B2:42:87:0B:D0:6B:A0:D9:E4 -SHA1 Fingerprint=FA:B7:EE:36:97:26:62:FB:2D:B0:2A:F6:BF:03:FD:E8:7C:4B:2F:9B -SHA256 Fingerprint=EA:A9:62:C4:FA:4A:6B:AF:EB:E4:15:19:6D:35:1C:CD:88:8D:4F:53:F3:FA:8A:E6:D7:C4:66:A9:4E:60:42:BB ------BEGIN CERTIFICATE----- -MIIDODCCAiCgAwIBAgIGIAYFFnACMA0GCSqGSIb3DQEBBQUAMDsxCzAJBgNVBAYT -AlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBD -QTAeFw0wNjA3MDQxNzIwMDRaFw0zMTA3MDQxNzIwMDRaMDsxCzAJBgNVBAYTAlJP -MREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBDQTCC -ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALczuX7IJUqOtdu0KBuqV5Do -0SLTZLrTk+jUrIZhQGpgV2hUhE28alQCBf/fm5oqrl0Hj0rDKH/v+yv6efHHrfAQ -UySQi2bJqIirr1qjAOm+ukbuW3N7LBeCgV5iLKECZbO9xSsAfsT8AzNXDe3i+s5d -RdY4zTW2ssHQnIFKquSyAVwdj1+ZxLGt24gh65AIgoDzMKND5pCCrlUoSe1b16kQ -OA7+j0xbm0bqQfWwCHTD0IgztnzXdN/chNFDDnU5oSVAKOp4yw4sLjmdjItuFhwv -JoIQ4uNllAoEwF73XVv4EOLQunpL+943AAAaWyjj0pxzPjKHmKHJUS/X3qwzs08C -AwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAcYwHQYDVR0O -BBYEFOCMm9slSbPxfIbWskKHC9BroNnkMA0GCSqGSIb3DQEBBQUAA4IBAQA+0hyJ -LjX8+HXd5n9liPRyTMks1zJO890ZeUe9jjtbkw9QSSQTaxQGcu8J06Gh40CEyecY -MnQ8SG4Pn0vU9x7Tk4ZkVJdjclDVVc/6IJMCopvDI5NOFlV2oHB5bc0hH88vLbwZ -44gx+FkagQnIl6Z0x2DEW8xXjrJ1/RsCCdtZb3KTafcxQdaIOL+Hsr0Wefmq5L6I -Jd1hJyMctTEHBDa0GpC9oHRxUIltvBTjD4au8as+x6AJzKNI0eDbZOeStc+vckNw -i/nDhDwTqn6Sm1dTk/pwwpEOMfmbZ13pljheX7NzTogVZ96edhBiIL5VaZVDADlN -9u6wWk5JRFRYX0KD ------END CERTIFICATE----- - -### e-commerce monitoring GmbH - -=== /C=AT/O=e-commerce monitoring GmbH/CN=GLOBALTRUST 2020 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 5a:4b:bd:5a:fb:4f:8a:5b:fa:65:e5 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Feb 10 00:00:00 2020 GMT - Not After : Jun 10 00:00:00 2040 GMT - Subject: C=AT, O=e-commerce monitoring GmbH, CN=GLOBALTRUST 2020 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - DC:2E:1F:D1:61:37:79:E4:AB:D5:D5:B3:12:71:68:3D:6A:68:9C:22 - X509v3 Authority Key Identifier: - keyid:DC:2E:1F:D1:61:37:79:E4:AB:D5:D5:B3:12:71:68:3D:6A:68:9C:22 - -SHA1 Fingerprint=D0:67:C1:13:51:01:0C:AA:D0:C7:6A:65:37:31:16:26:4F:53:71:A2 -SHA256 Fingerprint=9A:29:6A:51:82:D1:D4:51:A2:E3:7F:43:9B:74:DA:AF:A2:67:52:33:29:F9:0F:9A:0D:20:07:C3:34:E2:3C:9A ------BEGIN CERTIFICATE----- -MIIFgjCCA2qgAwIBAgILWku9WvtPilv6ZeUwDQYJKoZIhvcNAQELBQAwTTELMAkG -A1UEBhMCQVQxIzAhBgNVBAoTGmUtY29tbWVyY2UgbW9uaXRvcmluZyBHbWJIMRkw -FwYDVQQDExBHTE9CQUxUUlVTVCAyMDIwMB4XDTIwMDIxMDAwMDAwMFoXDTQwMDYx -MDAwMDAwMFowTTELMAkGA1UEBhMCQVQxIzAhBgNVBAoTGmUtY29tbWVyY2UgbW9u -aXRvcmluZyBHbWJIMRkwFwYDVQQDExBHTE9CQUxUUlVTVCAyMDIwMIICIjANBgkq -hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAri5WrRsc7/aVj6B3GyvTY4+ETUWiD59b -RatZe1E0+eyLinjF3WuvvcTfk0Uev5E4C64OFudBc/jbu9G4UeDLgztzOG53ig9Z -YybNpyrOVPu44sB8R85gfD+yc/LAGbaKkoc1DZAoouQVBGM+uq/ufF7MpotQsjj3 -QWPKzv9pj2gOlTblzLmMCcpL3TGQlsjMH/1WljTbjhzqLL6FLmPdqqmV0/0plRPw -yJiT2S0WR5ARg6I6IqIoV6Lr/sCMKKCmfecqQjuCgGOlYx8ZzHyyZqjC0203b+J+ -BlHZRYQfEs4kUmSFC0iAToexIiIwquuuvuAC4EDosEKAA1GqtH6qRNdDYfOiaxaJ -SaSjpCuKAsR49GiKweR6NrFvG5Ybd0mN1MkGco/PU+PcF4UgStyYJ9ORJitHHmkH -r96i5OTUawuzXnzUJIBHKWk7buis/UDr2O1xcSvy6Fgd60GXIsUf1DnQJ4+H4xj0 -4KlGDfV0OoIu0G4skaMxXDtG6nsEEFZegB31pWXogvziB4xiRfUg3kZwhqG8k9Me -dKZssCz3AwyIDMvUclOGvGBG85hqwvG/Q/lwIHfKN0F5VVJjjVsSn8VoxIidrPIw -q7ejMZdnrY8XD2zHc+0klGvIg5rQmjdJBKuxFshsSUktq6HQjJLyQUp5ISXbY9e2 -nKd+Qmn7OmMCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC -AQYwHQYDVR0OBBYEFNwuH9FhN3nkq9XVsxJxaD1qaJwiMB8GA1UdIwQYMBaAFNwu -H9FhN3nkq9XVsxJxaD1qaJwiMA0GCSqGSIb3DQEBCwUAA4ICAQCR8EICaEDuw2jA -VC/f7GLDw56KoDEoqoOOpFaWEhCGVrqXctJUMHytGdUdaG/7FELYjQ7ztdGl4wJC -XtzoRlgHNQIw4Lx0SsFDKv/bGtCwr2zD/cuz9X9tAy5ZVp0tLTWMstZDFyySCstd -6IwPS3BD0IL/qMy/pJTAvoe9iuOTe8aPmxadJ2W8esVCgmxcB9CpwYhgROmYhRZf -+I/KARDOJcP5YBugxZfD0yyIMaK9MOzQ0MAS8cE54+X1+NZK3TTN+2/BT+MAi1bi -kvcoskJ3ciNnxz8RFbLEAwW+uxF7Cr+obuf/WEPPm2eggAe2HcqtbepBEX4tdJP7 -wry+UUTF72glJ4DjyKDUEuzZpTcdN3y0kcra1LGWge9oXHYQSa9+pTeAsRxSvTOB -TI/53WXZFM2KJVj04sWDpQmQ1GwUY7VA3+vA/MRYfg0UFodUJ25W5HCEuGwyEn6C -MUO+1918oa2u1qsgEu8KwxCMSZY13At1XrFP1U80DhEgB3VDRemjEdqso5nCtnkn -4rnvyOL2NSl6dPrFf4IFYqYK6miyeUcGbvJXqBUzxvd4Sj1Ce2t+/vdG6tHrju+I -aFvowdlxfv1k7/9nR4hYJS8+hge9+6jlgqispdNpQ80xiEmEU5LAsTkbOYMBMMTy -qfrQA71yN2BWHzZ8vTmR9W0Nv3vXkg== ------END CERTIFICATE----- - -### eMudhra Inc - -=== /C=US/OU=emSign PKI/O=eMudhra Inc/CN=emSign ECC Root CA - C3 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 7b:71:b6:82:56:b8:12:7c:9c:a8 - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Feb 18 18:30:00 2018 GMT - Not After : Feb 18 18:30:00 2043 GMT - Subject: C=US, OU=emSign PKI, O=eMudhra Inc, CN=emSign ECC Root CA - C3 - X509v3 extensions: - X509v3 Subject Key Identifier: - FB:5A:48:D0:80:20:40:F2:A8:E9:00:07:69:19:77:A7:E6:C3:F4:CF - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE -SHA1 Fingerprint=B6:AF:43:C2:9B:81:53:7D:F6:EF:6B:C3:1F:1F:60:15:0C:EE:48:66 -SHA256 Fingerprint=BC:4D:80:9B:15:18:9D:78:DB:3E:1D:8C:F4:F9:72:6A:79:5D:A1:64:3C:A5:F1:35:8E:1D:DB:0E:DC:0D:7E:B3 ------BEGIN CERTIFICATE----- -MIICKzCCAbGgAwIBAgIKe3G2gla4EnycqDAKBggqhkjOPQQDAzBaMQswCQYDVQQG -EwJVUzETMBEGA1UECxMKZW1TaWduIFBLSTEUMBIGA1UEChMLZU11ZGhyYSBJbmMx -IDAeBgNVBAMTF2VtU2lnbiBFQ0MgUm9vdCBDQSAtIEMzMB4XDTE4MDIxODE4MzAw -MFoXDTQzMDIxODE4MzAwMFowWjELMAkGA1UEBhMCVVMxEzARBgNVBAsTCmVtU2ln -biBQS0kxFDASBgNVBAoTC2VNdWRocmEgSW5jMSAwHgYDVQQDExdlbVNpZ24gRUND -IFJvb3QgQ0EgLSBDMzB2MBAGByqGSM49AgEGBSuBBAAiA2IABP2lYa57JhAd6bci -MK4G9IGzsUJxlTm801Ljr6/58pc1kjZGDoeVjbk5Wum739D+yAdBPLtVb4Ojavti -sIGJAnB9SMVK4+kiVCJNk7tCDK93nCOmfddhEc5lx/h//vXyqaNCMEAwHQYDVR0O -BBYEFPtaSNCAIEDyqOkAB2kZd6fmw/TPMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMB -Af8EBTADAQH/MAoGCCqGSM49BAMDA2gAMGUCMQC02C8Cif22TGK6Q04ThHK1rt0c -3ta13FaPWEBaLd4gTCKDypOofu4SQMfWh0/434UCMBwUZOR8loMRnLDRWmFLpg9J -0wD8ofzkpf9/rdcw0Md3f76BB1UwUCAU9Vc4CqgxUQ== ------END CERTIFICATE----- -=== /C=US/OU=emSign PKI/O=eMudhra Inc/CN=emSign Root CA - C1 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - ae:cf:00:ba:c4:cf:32:f8:43:b2 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Feb 18 18:30:00 2018 GMT - Not After : Feb 18 18:30:00 2043 GMT - Subject: C=US, OU=emSign PKI, O=eMudhra Inc, CN=emSign Root CA - C1 - X509v3 extensions: - X509v3 Subject Key Identifier: - FE:A1:E0:70:1E:2A:03:39:52:5A:42:BE:5C:91:85:7A:18:AA:4D:B5 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE -SHA1 Fingerprint=E7:2E:F1:DF:FC:B2:09:28:CF:5D:D4:D5:67:37:B1:51:CB:86:4F:01 -SHA256 Fingerprint=12:56:09:AA:30:1D:A0:A2:49:B9:7A:82:39:CB:6A:34:21:6F:44:DC:AC:9F:39:54:B1:42:92:F2:E8:C8:60:8F ------BEGIN CERTIFICATE----- -MIIDczCCAlugAwIBAgILAK7PALrEzzL4Q7IwDQYJKoZIhvcNAQELBQAwVjELMAkG -A1UEBhMCVVMxEzARBgNVBAsTCmVtU2lnbiBQS0kxFDASBgNVBAoTC2VNdWRocmEg -SW5jMRwwGgYDVQQDExNlbVNpZ24gUm9vdCBDQSAtIEMxMB4XDTE4MDIxODE4MzAw -MFoXDTQzMDIxODE4MzAwMFowVjELMAkGA1UEBhMCVVMxEzARBgNVBAsTCmVtU2ln -biBQS0kxFDASBgNVBAoTC2VNdWRocmEgSW5jMRwwGgYDVQQDExNlbVNpZ24gUm9v -dCBDQSAtIEMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+upufGZ -BczYKCFK83M0UYRWEPWgTywS4/oTmifQz/l5GnRfHXk5/Fv4cI7gklL35CX5VIPZ -HdPIWoU/Xse2B+4+wM6ar6xWQio5JXDWv7V7Nq2s9nPczdcdioOl+yuQFTdrHCZH -3DspVpNqs8FqOp099cGXOFgFixwR4+S0uF2FHYP+eF8LRWgYSKVGczQ7/g/IdrvH -GPMF0Ybzhe3nudkyrVWIzqa2kbBPrH4VI5b2P/AgNBbeCsbEBEV5f6f9vtKppa+c -xSMq9zwhbL2vj07FOrLzNBL834AaSaTUqZX3noleoomslMuoaJuvimUnzYnu3Yy1 -aylwQ6BpC+S5DwIDAQABo0IwQDAdBgNVHQ4EFgQU/qHgcB4qAzlSWkK+XJGFehiq -TbUwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEL -BQADggEBAMJKVvoVIXsoounlHfv4LcQ5lkFMOycsxGwYFYDGrK9HWS8mC+M2sO87 -/kOXSTKZEhVb3xEp/6tT+LvBeA+snFOvV71ojD1pM/CjoCNjO2RnIkSt1XHLVip4 -kqNPEjE2NuLe/gDEo2APJ62gsIq1NnpSob0n9CAnYuhNlCQT5AoE6TyrLshDCUrG -YQTlSTR+08TI9Q/Aqum6VF7zYytPT1DU/rl7mYw9wC68AivTxEDkigcxHpvOJpkT -+xHqmiIMERnHXhuBUDDIlhJu58tBf5E7oke3VIAb3ADMmpDqw8NQBmIMMMAVSKeo -WXzhriKi4gp6D/piq1JM4fHfyr6DDUI= ------END CERTIFICATE----- - -### eMudhra Technologies Limited - -=== /C=IN/OU=emSign PKI/O=eMudhra Technologies Limited/CN=emSign ECC Root CA - G3 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 3c:f6:07:a9:68:70:0e:da:8b:84 - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Feb 18 18:30:00 2018 GMT - Not After : Feb 18 18:30:00 2043 GMT - Subject: C=IN, OU=emSign PKI, O=eMudhra Technologies Limited, CN=emSign ECC Root CA - G3 - X509v3 extensions: - X509v3 Subject Key Identifier: - 7C:5D:02:84:13:D4:CC:8A:9B:81:CE:17:1C:2E:29:1E:9C:48:63:42 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE -SHA1 Fingerprint=30:43:FA:4F:F2:57:DC:A0:C3:80:EE:2E:58:EA:78:B2:3F:E6:BB:C1 -SHA256 Fingerprint=86:A1:EC:BA:08:9C:4A:8D:3B:BE:27:34:C6:12:BA:34:1D:81:3E:04:3C:F9:E8:A8:62:CD:5C:57:A3:6B:BE:6B ------BEGIN CERTIFICATE----- -MIICTjCCAdOgAwIBAgIKPPYHqWhwDtqLhDAKBggqhkjOPQQDAzBrMQswCQYDVQQG -EwJJTjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBUZWNo -bm9sb2dpZXMgTGltaXRlZDEgMB4GA1UEAxMXZW1TaWduIEVDQyBSb290IENBIC0g -RzMwHhcNMTgwMjE4MTgzMDAwWhcNNDMwMjE4MTgzMDAwWjBrMQswCQYDVQQGEwJJ -TjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBUZWNobm9s -b2dpZXMgTGltaXRlZDEgMB4GA1UEAxMXZW1TaWduIEVDQyBSb290IENBIC0gRzMw -djAQBgcqhkjOPQIBBgUrgQQAIgNiAAQjpQy4LRL1KPOxst3iAhKAnjlfSU2fySU0 -WXTsuwYc58Byr+iuL+FBVIcUqEqy6HyC5ltqtdyzdc6LBtCGI79G1Y4PPwT01xyS -fvalY8L1X44uT6EYGQIrMgqCZH0Wk9GjQjBAMB0GA1UdDgQWBBR8XQKEE9TMipuB -zhccLikenEhjQjAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAKBggq -hkjOPQQDAwNpADBmAjEAvvNhzwIQHWSVB7gYboiFBS+DCBeQyh+KTOgNG3qxrdWB -CUfvO6wIBHxcmbHtRwfSAjEAnbpV/KlK6O3t5nYBQnvI+GDZjVGLVTv7jHvrZQnD -+JbNR6iC8hZVdyR+EhCVBCyj ------END CERTIFICATE----- -=== /C=IN/OU=emSign PKI/O=eMudhra Technologies Limited/CN=emSign Root CA - G1 -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 31:f5:e4:62:0c:6c:58:ed:d6:d8 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Feb 18 18:30:00 2018 GMT - Not After : Feb 18 18:30:00 2043 GMT - Subject: C=IN, OU=emSign PKI, O=eMudhra Technologies Limited, CN=emSign Root CA - G1 - X509v3 extensions: - X509v3 Subject Key Identifier: - FB:EF:0D:86:9E:B0:E3:DD:A9:B9:F1:21:17:7F:3E:FC:F0:77:2B:1A - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE -SHA1 Fingerprint=8A:C7:AD:8F:73:AC:4E:C1:B5:75:4D:A5:40:F4:FC:CF:7C:B5:8E:8C -SHA256 Fingerprint=40:F6:AF:03:46:A9:9A:A1:CD:1D:55:5A:4E:9C:CE:62:C7:F9:63:46:03:EE:40:66:15:83:3D:C8:C8:D0:03:67 ------BEGIN CERTIFICATE----- -MIIDlDCCAnygAwIBAgIKMfXkYgxsWO3W2DANBgkqhkiG9w0BAQsFADBnMQswCQYD -VQQGEwJJTjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBU -ZWNobm9sb2dpZXMgTGltaXRlZDEcMBoGA1UEAxMTZW1TaWduIFJvb3QgQ0EgLSBH -MTAeFw0xODAyMTgxODMwMDBaFw00MzAyMTgxODMwMDBaMGcxCzAJBgNVBAYTAklO -MRMwEQYDVQQLEwplbVNpZ24gUEtJMSUwIwYDVQQKExxlTXVkaHJhIFRlY2hub2xv -Z2llcyBMaW1pdGVkMRwwGgYDVQQDExNlbVNpZ24gUm9vdCBDQSAtIEcxMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0u76WaK7p1b1TST0Bsew+eeuGQz -f2N4aLTNLnF115sgxk0pvLZoYIr3IZpWNVrzdr3YzZr/k1ZLpVkGoZM0Kd0WNHVO -8oG0x5ZOrRkVUkr+PHB1cM2vK6sVmjM8qrOLqs1D/fXqcP/tzxE7lM5OMhbTI0Aq -d7OvPAEsbO2ZLIvZTmmYsvePQbAyeGHWDV/D+qJAkh1cF+ZwPjXnorfCYuKrpDhM -tTk1b+oDafo6VGiFbdbyL0NVHpENDtjVaqSW0RM8LHhQ6DqS0hdW5TUaQBw+jSzt -Od9C4INBdN+jzcKGYEho42kLVACL5HZpIQ15TjQIXhTCzLG3rdd8cIrHhQIDAQAB -o0IwQDAdBgNVHQ4EFgQU++8Nhp6w492pufEhF38+/PB3KxowDgYDVR0PAQH/BAQD -AgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAFn/8oz1h31x -PaOfG1vR2vjTnGs2vZupYeveFix0PZ7mddrXuqe8QhfnPZHr5X3dPpzxz5KsbEjM -wiI/aTvFthUvozXGaCocV685743QNcMYDHsAVhzNixl03r4PEuDQqqE/AjSxcM6d -GNYIAwlG7mDgfrbESQRRfXBgvKqy/3lyeqYdPV8q+Mri/Tm3R7nrft8EI6/6nAYH -6ftjk4BAtcZsCjEozgyfz7MjNYBBjWzEN3uBL4ChQEKF6dk4jeihU80Bv2noWgby -RQuQ+q7hv53yrlc8pa6yVvSLZUDp/TGBLPQ5Cdjua6e0ph0VpZj3AYHYhX3zUVxx -iN66zB+Afko= ------END CERTIFICATE----- - -### iTrusChina Co.,Ltd. - -=== /C=CN/O=iTrusChina Co.,Ltd./CN=vTrus ECC Root CA -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 6e:6a:bc:59:aa:53:be:98:39:67:a2:d2:6b:a4:3b:e6:6d:1c:d6:da - Signature Algorithm: ecdsa-with-SHA384 - Validity - Not Before: Jul 31 07:26:44 2018 GMT - Not After : Jul 31 07:26:44 2043 GMT - Subject: C=CN, O=iTrusChina Co.,Ltd., CN=vTrus ECC Root CA - X509v3 extensions: - X509v3 Subject Key Identifier: - 98:39:CD:BE:D8:B2:8C:F7:B2:AB:E1:AD:24:AF:7B:7C:A1:DB:1F:CF - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign -SHA1 Fingerprint=F6:9C:DB:B0:FC:F6:02:13:B6:52:32:A6:A3:91:3F:16:70:DA:C3:E1 -SHA256 Fingerprint=30:FB:BA:2C:32:23:8E:2A:98:54:7A:F9:79:31:E5:50:42:8B:9B:3F:1C:8E:EB:66:33:DC:FA:86:C5:B2:7D:D3 ------BEGIN CERTIFICATE----- -MIICDzCCAZWgAwIBAgIUbmq8WapTvpg5Z6LSa6Q75m0c1towCgYIKoZIzj0EAwMw -RzELMAkGA1UEBhMCQ04xHDAaBgNVBAoTE2lUcnVzQ2hpbmEgQ28uLEx0ZC4xGjAY -BgNVBAMTEXZUcnVzIEVDQyBSb290IENBMB4XDTE4MDczMTA3MjY0NFoXDTQzMDcz -MTA3MjY0NFowRzELMAkGA1UEBhMCQ04xHDAaBgNVBAoTE2lUcnVzQ2hpbmEgQ28u -LEx0ZC4xGjAYBgNVBAMTEXZUcnVzIEVDQyBSb290IENBMHYwEAYHKoZIzj0CAQYF -K4EEACIDYgAEZVBKrox5lkqqHAjDo6LN/llWQXf9JpRCux3NCNtzslt188+cToL0 -v/hhJoVs1oVbcnDS/dtitN9Ti72xRFhiQgnH+n9bEOf+QP3A2MMrMudwpremIFUd -e4BdS49nTPEQo0IwQDAdBgNVHQ4EFgQUmDnNvtiyjPeyq+GtJK97fKHbH88wDwYD -VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwCgYIKoZIzj0EAwMDaAAwZQIw -V53dVvHH4+m4SVBrm2nDb+zDfSXkV5UTQJtS0zvzQBm8JsctBp61ezaf9SXUY2sA -AjEA6dPGnlaaKsyh2j/IZivTWJwghfqrkYpwcBE4YGQLYgmRWAD5Tfs0aNoJrSEG -GJTO ------END CERTIFICATE----- -=== /C=CN/O=iTrusChina Co.,Ltd./CN=vTrus Root CA -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 43:e3:71:13:d8:b3:59:14:5d:b7:ce:8c:fd:35:fd:6f:bc:05:8d:45 - Signature Algorithm: sha256WithRSAEncryption - Validity - Not Before: Jul 31 07:24:05 2018 GMT - Not After : Jul 31 07:24:05 2043 GMT - Subject: C=CN, O=iTrusChina Co.,Ltd., CN=vTrus Root CA - X509v3 extensions: - X509v3 Subject Key Identifier: - 54:62:70:63:F1:75:84:43:58:8E:D1:16:20:B1:C6:AC:1A:BC:F6:89 - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign -SHA1 Fingerprint=84:1A:69:FB:F5:CD:1A:25:34:13:3D:E3:F8:FC:B8:99:D0:C9:14:B7 -SHA256 Fingerprint=8A:71:DE:65:59:33:6F:42:6C:26:E5:38:80:D0:0D:88:A1:8D:A4:C6:A9:1F:0D:CB:61:94:E2:06:C5:C9:63:87 ------BEGIN CERTIFICATE----- -MIIFVjCCAz6gAwIBAgIUQ+NxE9izWRRdt86M/TX9b7wFjUUwDQYJKoZIhvcNAQEL -BQAwQzELMAkGA1UEBhMCQ04xHDAaBgNVBAoTE2lUcnVzQ2hpbmEgQ28uLEx0ZC4x -FjAUBgNVBAMTDXZUcnVzIFJvb3QgQ0EwHhcNMTgwNzMxMDcyNDA1WhcNNDMwNzMx -MDcyNDA1WjBDMQswCQYDVQQGEwJDTjEcMBoGA1UEChMTaVRydXNDaGluYSBDby4s -THRkLjEWMBQGA1UEAxMNdlRydXMgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEBBQAD -ggIPADCCAgoCggIBAL1VfGHTuB0EYgWgrmy3cLRB6ksDXhA/kFocizuwZotsSKYc -IrrVQJLuM7IjWcmOvFjai57QGfIvWcaMY1q6n6MLsLOaXLoRuBLpDLvPbmyAhykU -AyyNJJrIZIO1aqwTLDPxn9wsYTwaP3BVm60AUn/PBLn+NvqcwBauYv6WTEN+VRS+ -GrPSbcKvdmaVayqwlHeFXgQPYh1jdfdr58tbmnDsPmcF8P4HCIDPKNsFxhQnL4Z9 -8Cfe/+Z+M0jnCx5Y0ScrUw5XSmXX+6KAYPxMvDVTAWqXcoKv8R1w6Jz1717CbMdH -flqUhSZNO7rrTOiwCcJlwp2dCZtOtZcFrPUGoPc2BX70kLJrxLT5ZOrpGgrIDajt -J8nU57O5q4IikCc9Kuh8kO+8T/3iCiSn3mUkpF3qwHYw03dQ+A0Em5Q2AXPKBlim -0zvc+gRGE1WKyURHuFE5Gi7oNOJ5y1lKCn+8pu8fA2dqWSslYpPZUxlmPCdiKYZN -pGvu/9ROutW04o5IWgAZCfEF2c6Rsffr6TlP9m8EQ5pV9T4FFL2/s1m02I4zhKOQ -UqqzApVg+QxMaPnu1RcN+HFXtSXkKe5lXa/R7jwXC1pDxaWG6iSe4gUH3DRCEpHW -OXSuTEGC2/KmSNGzm/MzqvOmwMVO9fSddmPmAsYiS8GVP1BkLFTltvA8Kc9XAgMB -AAGjQjBAMB0GA1UdDgQWBBRUYnBj8XWEQ1iO0RYgscasGrz2iTAPBgNVHRMBAf8E -BTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAKbqSSaet -8PFww+SX8J+pJdVrnjT+5hpk9jprUrIQeBqfTNqK2uwcN1LgQkv7bHbKJAs5EhWd -nxEt/Hlk3ODg9d3gV8mlsnZwUKT+twpw1aA08XXXTUm6EdGz2OyC/+sOxL9kLX1j -bhd47F18iMjrjld22VkE+rxSH0Ws8HqA7Oxvdq6R2xCOBNyS36D25q5J08FsEhvM -Kar5CKXiNxTKsbhm7xqC5PD48acWabfbqWE8n/Uxy+QARsIvdLGx14HuqCaVvIiv -TDUHKgLKeBRtRytAVunLKmChZwOgzoy8sHJnxDHO2zTlJQNgJXtxmOTAGytfdELS -S8VZCAeHvsXDf+eW2eHcKJfWjwXj9ZtOyh1QRwVTsMo554WgicEFOwE30z9J4nfr -I8iIZjs9OXYhRvHsXyO466JmdXTBQPfYaJqT4i2pLr0cox7IdMakLXogqzu4sEb9 -b91fUlV1YvCXoHzXOP0l382gmxDPi7g4Xl7FtKYCNqEeXxzP4padKar9mK5S4fNB -UvupLnKWnyfjqnN9+BojZns7q2WwMgFLFT49ok8MKzWixtlnEjUwzXYuFrOZnk1P -Ti07NEPhmg4NpGaXutIcSkwsKouLgU9xGqndXHt7CMUADTdA43x7VF8vhV929ven -sBxXVsFy6K2ir40zSbofitzmdHxghm+Hl3s= ------END CERTIFICATE----- diff --git a/src/lib/libcrypto/chacha/chacha-merged.c b/src/lib/libcrypto/chacha/chacha-merged.c deleted file mode 100644 index debb776c8f..0000000000 --- a/src/lib/libcrypto/chacha/chacha-merged.c +++ /dev/null @@ -1,323 +0,0 @@ -/* $OpenBSD: chacha-merged.c,v 1.13 2024/06/05 19:43:06 tb Exp $ */ -/* -chacha-merged.c version 20080118 -D. J. Bernstein -Public domain. -*/ - -#include - -#define CHACHA_MINKEYLEN 16 -#define CHACHA_NONCELEN 8 -#define CHACHA_CTRLEN 8 -#define CHACHA_STATELEN (CHACHA_NONCELEN+CHACHA_CTRLEN) -#define CHACHA_BLOCKLEN 64 - -typedef uint8_t u8; -typedef uint32_t u32; - -struct chacha_ctx { - u32 input[16]; - u8 ks[CHACHA_BLOCKLEN]; - u8 unused; -}; - -static inline void chacha_keysetup(struct chacha_ctx *x, const u8 *k, u32 kbits) - __attribute__((__bounded__(__minbytes__, 2, CHACHA_MINKEYLEN))); -static inline void chacha_ivsetup(struct chacha_ctx *x, const u8 *iv, - const u8 *ctr) - __attribute__((__bounded__(__minbytes__, 2, CHACHA_NONCELEN))) - __attribute__((__bounded__(__minbytes__, 3, CHACHA_CTRLEN))); -static inline void chacha_encrypt_bytes(struct chacha_ctx *x, const u8 *m, - u8 *c, u32 bytes) - __attribute__((__bounded__(__buffer__, 2, 4))) - __attribute__((__bounded__(__buffer__, 3, 4))); - -typedef struct chacha_ctx chacha_ctx; - -#define U8C(v) (v##U) -#define U32C(v) (v##U) - -#define U8V(v) ((u8)(v) & U8C(0xFF)) -#define U32V(v) ((u32)(v) & U32C(0xFFFFFFFF)) - -#define ROTL32(v, n) \ - (U32V((v) << (n)) | ((v) >> (32 - (n)))) - -#define U8TO32_LITTLE(p) \ - (((u32)((p)[0])) | \ - ((u32)((p)[1]) << 8) | \ - ((u32)((p)[2]) << 16) | \ - ((u32)((p)[3]) << 24)) - -#define U32TO8_LITTLE(p, v) \ - do { \ - (p)[0] = U8V((v)); \ - (p)[1] = U8V((v) >> 8); \ - (p)[2] = U8V((v) >> 16); \ - (p)[3] = U8V((v) >> 24); \ - } while (0) - -#define ROTATE(v,c) (ROTL32(v,c)) -#define XOR(v,w) ((v) ^ (w)) -#define PLUS(v,w) (U32V((v) + (w))) -#define PLUSONE(v) (PLUS((v),1)) - -#define QUARTERROUND(a,b,c,d) \ - a = PLUS(a,b); d = ROTATE(XOR(d,a),16); \ - c = PLUS(c,d); b = ROTATE(XOR(b,c),12); \ - a = PLUS(a,b); d = ROTATE(XOR(d,a), 8); \ - c = PLUS(c,d); b = ROTATE(XOR(b,c), 7); - -/* Initialise with "expand 32-byte k". */ -static const char sigma[16] = { - 0x65, 0x78, 0x70, 0x61, 0x6e, 0x64, 0x20, 0x33, - 0x32, 0x2d, 0x62, 0x79, 0x74, 0x65, 0x20, 0x6b, -}; - -/* Initialise with "expand 16-byte k". */ -static const char tau[16] = { - 0x65, 0x78, 0x70, 0x61, 0x6e, 0x64, 0x20, 0x31, - 0x36, 0x2d, 0x62, 0x79, 0x74, 0x65, 0x20, 0x6b, -}; - -static inline void -chacha_keysetup(chacha_ctx *x, const u8 *k, u32 kbits) -{ - const char *constants; - - x->input[4] = U8TO32_LITTLE(k + 0); - x->input[5] = U8TO32_LITTLE(k + 4); - x->input[6] = U8TO32_LITTLE(k + 8); - x->input[7] = U8TO32_LITTLE(k + 12); - if (kbits == 256) { /* recommended */ - k += 16; - constants = sigma; - } else { /* kbits == 128 */ - constants = tau; - } - x->input[8] = U8TO32_LITTLE(k + 0); - x->input[9] = U8TO32_LITTLE(k + 4); - x->input[10] = U8TO32_LITTLE(k + 8); - x->input[11] = U8TO32_LITTLE(k + 12); - x->input[0] = U8TO32_LITTLE(constants + 0); - x->input[1] = U8TO32_LITTLE(constants + 4); - x->input[2] = U8TO32_LITTLE(constants + 8); - x->input[3] = U8TO32_LITTLE(constants + 12); -} - -static inline void -chacha_ivsetup(chacha_ctx *x, const u8 *iv, const u8 *counter) -{ - x->input[12] = counter == NULL ? 0 : U8TO32_LITTLE(counter + 0); - x->input[13] = counter == NULL ? 0 : U8TO32_LITTLE(counter + 4); - x->input[14] = U8TO32_LITTLE(iv + 0); - x->input[15] = U8TO32_LITTLE(iv + 4); -} - -static inline void -chacha_encrypt_bytes(chacha_ctx *x, const u8 *m, u8 *c, u32 bytes) -{ - u32 x0, x1, x2, x3, x4, x5, x6, x7; - u32 x8, x9, x10, x11, x12, x13, x14, x15; - u32 j0, j1, j2, j3, j4, j5, j6, j7; - u32 j8, j9, j10, j11, j12, j13, j14, j15; - u8 *ctarget = NULL; - u8 tmp[64]; - u32 i; - - if (!bytes) - return; - - j0 = x->input[0]; - j1 = x->input[1]; - j2 = x->input[2]; - j3 = x->input[3]; - j4 = x->input[4]; - j5 = x->input[5]; - j6 = x->input[6]; - j7 = x->input[7]; - j8 = x->input[8]; - j9 = x->input[9]; - j10 = x->input[10]; - j11 = x->input[11]; - j12 = x->input[12]; - j13 = x->input[13]; - j14 = x->input[14]; - j15 = x->input[15]; - - for (;;) { - if (bytes < 64) { - for (i = 0; i < bytes; ++i) - tmp[i] = m[i]; - m = tmp; - ctarget = c; - c = tmp; - } - x0 = j0; - x1 = j1; - x2 = j2; - x3 = j3; - x4 = j4; - x5 = j5; - x6 = j6; - x7 = j7; - x8 = j8; - x9 = j9; - x10 = j10; - x11 = j11; - x12 = j12; - x13 = j13; - x14 = j14; - x15 = j15; - for (i = 20; i > 0; i -= 2) { - QUARTERROUND(x0, x4, x8, x12) - QUARTERROUND(x1, x5, x9, x13) - QUARTERROUND(x2, x6, x10, x14) - QUARTERROUND(x3, x7, x11, x15) - QUARTERROUND(x0, x5, x10, x15) - QUARTERROUND(x1, x6, x11, x12) - QUARTERROUND(x2, x7, x8, x13) - QUARTERROUND(x3, x4, x9, x14) - } - x0 = PLUS(x0, j0); - x1 = PLUS(x1, j1); - x2 = PLUS(x2, j2); - x3 = PLUS(x3, j3); - x4 = PLUS(x4, j4); - x5 = PLUS(x5, j5); - x6 = PLUS(x6, j6); - x7 = PLUS(x7, j7); - x8 = PLUS(x8, j8); - x9 = PLUS(x9, j9); - x10 = PLUS(x10, j10); - x11 = PLUS(x11, j11); - x12 = PLUS(x12, j12); - x13 = PLUS(x13, j13); - x14 = PLUS(x14, j14); - x15 = PLUS(x15, j15); - - if (bytes < 64) { - U32TO8_LITTLE(x->ks + 0, x0); - U32TO8_LITTLE(x->ks + 4, x1); - U32TO8_LITTLE(x->ks + 8, x2); - U32TO8_LITTLE(x->ks + 12, x3); - U32TO8_LITTLE(x->ks + 16, x4); - U32TO8_LITTLE(x->ks + 20, x5); - U32TO8_LITTLE(x->ks + 24, x6); - U32TO8_LITTLE(x->ks + 28, x7); - U32TO8_LITTLE(x->ks + 32, x8); - U32TO8_LITTLE(x->ks + 36, x9); - U32TO8_LITTLE(x->ks + 40, x10); - U32TO8_LITTLE(x->ks + 44, x11); - U32TO8_LITTLE(x->ks + 48, x12); - U32TO8_LITTLE(x->ks + 52, x13); - U32TO8_LITTLE(x->ks + 56, x14); - U32TO8_LITTLE(x->ks + 60, x15); - } - - x0 = XOR(x0, U8TO32_LITTLE(m + 0)); - x1 = XOR(x1, U8TO32_LITTLE(m + 4)); - x2 = XOR(x2, U8TO32_LITTLE(m + 8)); - x3 = XOR(x3, U8TO32_LITTLE(m + 12)); - x4 = XOR(x4, U8TO32_LITTLE(m + 16)); - x5 = XOR(x5, U8TO32_LITTLE(m + 20)); - x6 = XOR(x6, U8TO32_LITTLE(m + 24)); - x7 = XOR(x7, U8TO32_LITTLE(m + 28)); - x8 = XOR(x8, U8TO32_LITTLE(m + 32)); - x9 = XOR(x9, U8TO32_LITTLE(m + 36)); - x10 = XOR(x10, U8TO32_LITTLE(m + 40)); - x11 = XOR(x11, U8TO32_LITTLE(m + 44)); - x12 = XOR(x12, U8TO32_LITTLE(m + 48)); - x13 = XOR(x13, U8TO32_LITTLE(m + 52)); - x14 = XOR(x14, U8TO32_LITTLE(m + 56)); - x15 = XOR(x15, U8TO32_LITTLE(m + 60)); - - j12 = PLUSONE(j12); - if (!j12) { - j13 = PLUSONE(j13); - /* - * Stopping at 2^70 bytes per nonce is the user's - * responsibility. - */ - } - - U32TO8_LITTLE(c + 0, x0); - U32TO8_LITTLE(c + 4, x1); - U32TO8_LITTLE(c + 8, x2); - U32TO8_LITTLE(c + 12, x3); - U32TO8_LITTLE(c + 16, x4); - U32TO8_LITTLE(c + 20, x5); - U32TO8_LITTLE(c + 24, x6); - U32TO8_LITTLE(c + 28, x7); - U32TO8_LITTLE(c + 32, x8); - U32TO8_LITTLE(c + 36, x9); - U32TO8_LITTLE(c + 40, x10); - U32TO8_LITTLE(c + 44, x11); - U32TO8_LITTLE(c + 48, x12); - U32TO8_LITTLE(c + 52, x13); - U32TO8_LITTLE(c + 56, x14); - U32TO8_LITTLE(c + 60, x15); - - if (bytes <= 64) { - if (bytes < 64) { - for (i = 0; i < bytes; ++i) - ctarget[i] = c[i]; - } - x->input[12] = j12; - x->input[13] = j13; - x->unused = 64 - bytes; - return; - } - bytes -= 64; - c += 64; - m += 64; - } -} - -void -CRYPTO_hchacha_20(unsigned char subkey[32], const unsigned char key[32], - const unsigned char nonce[16]) -{ - uint32_t x[16]; - int i; - - x[0] = U8TO32_LITTLE(sigma + 0); - x[1] = U8TO32_LITTLE(sigma + 4); - x[2] = U8TO32_LITTLE(sigma + 8); - x[3] = U8TO32_LITTLE(sigma + 12); - x[4] = U8TO32_LITTLE(key + 0); - x[5] = U8TO32_LITTLE(key + 4); - x[6] = U8TO32_LITTLE(key + 8); - x[7] = U8TO32_LITTLE(key + 12); - x[8] = U8TO32_LITTLE(key + 16); - x[9] = U8TO32_LITTLE(key + 20); - x[10] = U8TO32_LITTLE(key + 24); - x[11] = U8TO32_LITTLE(key + 28); - x[12] = U8TO32_LITTLE(nonce + 0); - x[13] = U8TO32_LITTLE(nonce + 4); - x[14] = U8TO32_LITTLE(nonce + 8); - x[15] = U8TO32_LITTLE(nonce + 12); - - for (i = 20; i > 0; i -= 2) { - QUARTERROUND(x[0], x[4], x[8], x[12]) - QUARTERROUND(x[1], x[5], x[9], x[13]) - QUARTERROUND(x[2], x[6], x[10], x[14]) - QUARTERROUND(x[3], x[7], x[11], x[15]) - QUARTERROUND(x[0], x[5], x[10], x[15]) - QUARTERROUND(x[1], x[6], x[11], x[12]) - QUARTERROUND(x[2], x[7], x[8], x[13]) - QUARTERROUND(x[3], x[4], x[9], x[14]) - } - - U32TO8_LITTLE(subkey + 0, x[0]); - U32TO8_LITTLE(subkey + 4, x[1]); - U32TO8_LITTLE(subkey + 8, x[2]); - U32TO8_LITTLE(subkey + 12, x[3]); - - U32TO8_LITTLE(subkey + 16, x[12]); - U32TO8_LITTLE(subkey + 20, x[13]); - U32TO8_LITTLE(subkey + 24, x[14]); - U32TO8_LITTLE(subkey + 28, x[15]); -} -LCRYPTO_ALIAS(CRYPTO_hchacha_20); diff --git a/src/lib/libcrypto/chacha/chacha.c b/src/lib/libcrypto/chacha/chacha.c deleted file mode 100644 index b60e3c4f27..0000000000 --- a/src/lib/libcrypto/chacha/chacha.c +++ /dev/null @@ -1,112 +0,0 @@ -/* $OpenBSD: chacha.c,v 1.10 2023/07/05 16:17:20 beck Exp $ */ -/* - * Copyright (c) 2014 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include - -#include "chacha-merged.c" - -void -ChaCha_set_key(ChaCha_ctx *ctx, const unsigned char *key, uint32_t keybits) -{ - chacha_keysetup((chacha_ctx *)ctx, key, keybits); - ctx->unused = 0; -} -LCRYPTO_ALIAS(ChaCha_set_key); - -void -ChaCha_set_iv(ChaCha_ctx *ctx, const unsigned char *iv, - const unsigned char *counter) -{ - chacha_ivsetup((chacha_ctx *)ctx, iv, counter); - ctx->unused = 0; -} -LCRYPTO_ALIAS(ChaCha_set_iv); - -void -ChaCha(ChaCha_ctx *ctx, unsigned char *out, const unsigned char *in, size_t len) -{ - unsigned char *k; - uint64_t n; - int i, l; - - /* Consume remaining keystream, if any exists. */ - if (ctx->unused > 0) { - k = ctx->ks + 64 - ctx->unused; - l = (len > ctx->unused) ? ctx->unused : len; - for (i = 0; i < l; i++) - *(out++) = *(in++) ^ *(k++); - ctx->unused -= l; - len -= l; - } - - while (len > 0) { - if ((n = len) > UINT32_MAX) - n = UINT32_MAX; - - chacha_encrypt_bytes((chacha_ctx *)ctx, in, out, (uint32_t)n); - - in += n; - out += n; - len -= n; - } -} -LCRYPTO_ALIAS(ChaCha); - -void -CRYPTO_chacha_20(unsigned char *out, const unsigned char *in, size_t len, - const unsigned char key[32], const unsigned char iv[8], uint64_t counter) -{ - struct chacha_ctx ctx; - uint64_t n; - - /* - * chacha_ivsetup expects the counter to be in u8. Rather than - * converting size_t to u8 and then back again, pass a counter of - * NULL and manually assign it afterwards. - */ - chacha_keysetup(&ctx, key, 256); - chacha_ivsetup(&ctx, iv, NULL); - if (counter != 0) { - ctx.input[12] = (uint32_t)counter; - ctx.input[13] = (uint32_t)(counter >> 32); - } - - while (len > 0) { - if ((n = len) > UINT32_MAX) - n = UINT32_MAX; - - chacha_encrypt_bytes(&ctx, in, out, (uint32_t)n); - - in += n; - out += n; - len -= n; - } -} -LCRYPTO_ALIAS(CRYPTO_chacha_20); - -void -CRYPTO_xchacha_20(unsigned char *out, const unsigned char *in, size_t len, - const unsigned char key[32], const unsigned char iv[24]) -{ - uint8_t subkey[32]; - - CRYPTO_hchacha_20(subkey, key, iv); - CRYPTO_chacha_20(out, in, len, subkey, iv + 16, 0); -} -LCRYPTO_ALIAS(CRYPTO_xchacha_20); diff --git a/src/lib/libcrypto/chacha/chacha.h b/src/lib/libcrypto/chacha/chacha.h deleted file mode 100644 index 7d30c518a4..0000000000 --- a/src/lib/libcrypto/chacha/chacha.h +++ /dev/null @@ -1,54 +0,0 @@ -/* $OpenBSD: chacha.h,v 1.9 2025/01/25 17:59:44 tb Exp $ */ -/* - * Copyright (c) 2014 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_CHACHA_H -#define HEADER_CHACHA_H - -#include - -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct { - unsigned int input[16]; - unsigned char ks[64]; - unsigned char unused; -} ChaCha_ctx; - -void ChaCha_set_key(ChaCha_ctx *ctx, const unsigned char *key, - unsigned int keybits); -void ChaCha_set_iv(ChaCha_ctx *ctx, const unsigned char *iv, - const unsigned char *counter); -void ChaCha(ChaCha_ctx *ctx, unsigned char *out, const unsigned char *in, - size_t len); - -void CRYPTO_chacha_20(unsigned char *out, const unsigned char *in, size_t len, - const unsigned char key[32], const unsigned char iv[8], uint64_t counter); -void CRYPTO_xchacha_20(unsigned char *out, const unsigned char *in, size_t len, - const unsigned char key[32], const unsigned char iv[24]); -void CRYPTO_hchacha_20(unsigned char out[32], - const unsigned char key[32], const unsigned char iv[16]); - -#ifdef __cplusplus -} -#endif - -#endif /* HEADER_CHACHA_H */ diff --git a/src/lib/libcrypto/cmac/cm_ameth.c b/src/lib/libcrypto/cmac/cm_ameth.c deleted file mode 100644 index 50db61756c..0000000000 --- a/src/lib/libcrypto/cmac/cm_ameth.c +++ /dev/null @@ -1,88 +0,0 @@ -/* $OpenBSD: cm_ameth.c,v 1.11 2024/01/04 17:01:26 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2010. - */ -/* ==================================================================== - * Copyright (c) 2010 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include - -#include -#include - -#include "asn1_local.h" -#include "evp_local.h" - -/* CMAC "ASN1" method. This is just here to indicate the - * maximum CMAC output length and to free up a CMAC - * key. - */ - -static int -cmac_size(const EVP_PKEY *pkey) -{ - return EVP_MAX_BLOCK_LENGTH; -} - -static void -cmac_key_free(EVP_PKEY *pkey) -{ - CMAC_CTX_free(pkey->pkey.ptr); -} - -const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = { - .base_method = &cmac_asn1_meth, - .pkey_id = EVP_PKEY_CMAC, - - .pem_str = "CMAC", - .info = "OpenSSL CMAC method", - - .pkey_size = cmac_size, - .pkey_free = cmac_key_free -}; diff --git a/src/lib/libcrypto/cmac/cm_pmeth.c b/src/lib/libcrypto/cmac/cm_pmeth.c deleted file mode 100644 index 03538e204e..0000000000 --- a/src/lib/libcrypto/cmac/cm_pmeth.c +++ /dev/null @@ -1,217 +0,0 @@ -/* $OpenBSD: cm_pmeth.c,v 1.12 2023/12/28 21:56:12 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2010. - */ -/* ==================================================================== - * Copyright (c) 2010 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include - -#include -#include -#include -#include - -#include "evp_local.h" - -/* The context structure and "key" is simply a CMAC_CTX */ - -static int -pkey_cmac_init(EVP_PKEY_CTX *ctx) -{ - ctx->data = CMAC_CTX_new(); - if (!ctx->data) - return 0; - ctx->keygen_info_count = 0; - return 1; -} - -static int -pkey_cmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) -{ - if (!pkey_cmac_init(dst)) - return 0; - if (!CMAC_CTX_copy(dst->data, src->data)) - return 0; - return 1; -} - -static void -pkey_cmac_cleanup(EVP_PKEY_CTX *ctx) -{ - CMAC_CTX_free(ctx->data); -} - -static int -pkey_cmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -{ - CMAC_CTX *cmkey; - int ret = 0; - - if ((cmkey = CMAC_CTX_new()) == NULL) - goto err; - if (!CMAC_CTX_copy(cmkey, ctx->data)) - goto err; - if (!EVP_PKEY_assign(pkey, EVP_PKEY_CMAC, cmkey)) - goto err; - cmkey = NULL; - - ret = 1; - - err: - CMAC_CTX_free(cmkey); - - return ret; -} - -static int -int_update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - if (!CMAC_Update(ctx->pctx->data, data, count)) - return 0; - return 1; -} - -static int -cmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) -{ - EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT); - mctx->update = int_update; - return 1; -} - -static int -cmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - EVP_MD_CTX *mctx) -{ - return CMAC_Final(ctx->data, sig, siglen); -} - -static int -pkey_cmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) -{ - CMAC_CTX *cmctx = ctx->data; - - switch (type) { - case EVP_PKEY_CTRL_SET_MAC_KEY: - if (!p2 || p1 < 0) - return 0; - if (!CMAC_Init(cmctx, p2, p1, NULL, NULL)) - return 0; - break; - - case EVP_PKEY_CTRL_CIPHER: - if (!CMAC_Init(cmctx, NULL, 0, p2, NULL)) - return 0; - break; - - case EVP_PKEY_CTRL_MD: - if (ctx->pkey && !CMAC_CTX_copy(ctx->data, ctx->pkey->pkey.ptr)) - return 0; - if (!CMAC_Init(cmctx, NULL, 0, NULL, NULL)) - return 0; - break; - - default: - return -2; - } - return 1; -} - -static int -pkey_cmac_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value) -{ - if (!value) - return 0; - if (!strcmp(type, "key")) { - void *p = (void *)value; - return pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, - strlen(p), p); - } - if (!strcmp(type, "cipher")) { - const EVP_CIPHER *c; - - c = EVP_get_cipherbyname(value); - if (!c) - return 0; - return pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_CIPHER, -1, (void *)c); - } - if (!strcmp(type, "hexkey")) { - unsigned char *key; - int r; - long keylen; - - key = string_to_hex(value, &keylen); - if (!key) - return 0; - r = pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key); - free(key); - return r; - } - - return -2; -} - -const EVP_PKEY_METHOD cmac_pkey_meth = { - .pkey_id = EVP_PKEY_CMAC, - .flags = EVP_PKEY_FLAG_SIGCTX_CUSTOM, - - .init = pkey_cmac_init, - .copy = pkey_cmac_copy, - .cleanup = pkey_cmac_cleanup, - - .keygen = pkey_cmac_keygen, - - .signctx_init = cmac_signctx_init, - .signctx = cmac_signctx, - - .ctrl = pkey_cmac_ctrl, - .ctrl_str = pkey_cmac_ctrl_str -}; diff --git a/src/lib/libcrypto/cmac/cmac.c b/src/lib/libcrypto/cmac/cmac.c deleted file mode 100644 index 5c917439a1..0000000000 --- a/src/lib/libcrypto/cmac/cmac.c +++ /dev/null @@ -1,325 +0,0 @@ -/* $OpenBSD: cmac.c,v 1.24 2024/05/20 14:53:37 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2010 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include -#include - -#include - -#include "evp_local.h" - -/* - * This implementation follows https://doi.org/10.6028/NIST.SP.800-38B - */ - -/* - * CMAC context. k1 and k2 are the secret subkeys, computed as in section 6.1. - * The temporary block tbl is a scratch buffer that holds intermediate secrets. - */ -struct CMAC_CTX_st { - EVP_CIPHER_CTX *cipher_ctx; - unsigned char k1[EVP_MAX_BLOCK_LENGTH]; - unsigned char k2[EVP_MAX_BLOCK_LENGTH]; - unsigned char tbl[EVP_MAX_BLOCK_LENGTH]; - unsigned char last_block[EVP_MAX_BLOCK_LENGTH]; - /* Bytes in last block. -1 means not initialized. */ - int nlast_block; -}; - -/* - * SP 800-38B, section 6.1, steps 2 and 3: given the input key l, calculate - * the subkeys k1 and k2: shift l one bit to the left. If the most significant - * bit of l was 1, additionally xor the result with Rb to get kn. - * - * Step 2: calculate k1 with l being the intermediate block CIPH_K(0), - * Step 3: calculate k2 from l == k1. - * - * Per 5.3, Rb is the lexically first irreducible polynomial of degree b with - * the minimum number of non-zero terms. This gives R128 = (1 << 128) | 0x87 - * and R64 = (1 << 64) | 0x1b for the only supported block sizes 128 and 64. - */ -static void -make_kn(unsigned char *kn, const unsigned char *l, int block_size) -{ - unsigned char mask, Rb; - int i; - - /* Choose Rb according to the block size in bytes. */ - Rb = block_size == 16 ? 0x87 : 0x1b; - - /* Compute l << 1 up to last byte. */ - for (i = 0; i < block_size - 1; i++) - kn[i] = (l[i] << 1) | (l[i + 1] >> 7); - - /* Only xor with Rb if the MSB is one. */ - mask = 0 - (l[0] >> 7); - kn[block_size - 1] = (l[block_size - 1] << 1) ^ (Rb & mask); -} - -CMAC_CTX * -CMAC_CTX_new(void) -{ - CMAC_CTX *ctx; - - if ((ctx = calloc(1, sizeof(CMAC_CTX))) == NULL) - goto err; - if ((ctx->cipher_ctx = EVP_CIPHER_CTX_new()) == NULL) - goto err; - - ctx->nlast_block = -1; - - return ctx; - - err: - CMAC_CTX_free(ctx); - - return NULL; -} -LCRYPTO_ALIAS(CMAC_CTX_new); - -void -CMAC_CTX_cleanup(CMAC_CTX *ctx) -{ - (void)EVP_CIPHER_CTX_reset(ctx->cipher_ctx); - explicit_bzero(ctx->tbl, EVP_MAX_BLOCK_LENGTH); - explicit_bzero(ctx->k1, EVP_MAX_BLOCK_LENGTH); - explicit_bzero(ctx->k2, EVP_MAX_BLOCK_LENGTH); - explicit_bzero(ctx->last_block, EVP_MAX_BLOCK_LENGTH); - ctx->nlast_block = -1; -} -LCRYPTO_ALIAS(CMAC_CTX_cleanup); - -EVP_CIPHER_CTX * -CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx) -{ - return ctx->cipher_ctx; -} -LCRYPTO_ALIAS(CMAC_CTX_get0_cipher_ctx); - -void -CMAC_CTX_free(CMAC_CTX *ctx) -{ - if (ctx == NULL) - return; - - CMAC_CTX_cleanup(ctx); - EVP_CIPHER_CTX_free(ctx->cipher_ctx); - freezero(ctx, sizeof(CMAC_CTX)); -} -LCRYPTO_ALIAS(CMAC_CTX_free); - -int -CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in) -{ - int block_size; - - if (in->nlast_block == -1) - return 0; - if (!EVP_CIPHER_CTX_copy(out->cipher_ctx, in->cipher_ctx)) - return 0; - block_size = EVP_CIPHER_CTX_block_size(in->cipher_ctx); - memcpy(out->k1, in->k1, block_size); - memcpy(out->k2, in->k2, block_size); - memcpy(out->tbl, in->tbl, block_size); - memcpy(out->last_block, in->last_block, block_size); - out->nlast_block = in->nlast_block; - return 1; -} -LCRYPTO_ALIAS(CMAC_CTX_copy); - -int -CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen, - const EVP_CIPHER *cipher, ENGINE *impl) -{ - static const unsigned char zero_iv[EVP_MAX_BLOCK_LENGTH]; - int block_size; - - /* All zeros means restart */ - if (key == NULL && cipher == NULL && keylen == 0) { - /* Not initialised */ - if (ctx->nlast_block == -1) - return 0; - if (!EVP_EncryptInit_ex(ctx->cipher_ctx, NULL, NULL, NULL, zero_iv)) - return 0; - explicit_bzero(ctx->tbl, sizeof(ctx->tbl)); - ctx->nlast_block = 0; - return 1; - } - - /* Initialise context. */ - if (cipher != NULL) { - /* - * Disallow ciphers for which EVP_Cipher() behaves differently. - * These are AEAD ciphers (or AES keywrap) for which the CMAC - * construction makes little sense. - */ - if ((cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) != 0) - return 0; - if (!EVP_EncryptInit_ex(ctx->cipher_ctx, cipher, NULL, NULL, NULL)) - return 0; - } - - /* Non-NULL key means initialisation is complete. */ - if (key != NULL) { - if (EVP_CIPHER_CTX_cipher(ctx->cipher_ctx) == NULL) - return 0; - - /* make_kn() only supports block sizes of 8 and 16 bytes. */ - block_size = EVP_CIPHER_CTX_block_size(ctx->cipher_ctx); - if (block_size != 8 && block_size != 16) - return 0; - - /* - * Section 6.1, step 1: store the intermediate secret CIPH_K(0) - * in ctx->tbl. - */ - if (!EVP_CIPHER_CTX_set_key_length(ctx->cipher_ctx, keylen)) - return 0; - if (!EVP_EncryptInit_ex(ctx->cipher_ctx, NULL, NULL, key, zero_iv)) - return 0; - if (!EVP_Cipher(ctx->cipher_ctx, ctx->tbl, zero_iv, block_size)) - return 0; - - /* Section 6.1, step 2: compute k1 from intermediate secret. */ - make_kn(ctx->k1, ctx->tbl, block_size); - /* Section 6.1, step 3: compute k2 from k1. */ - make_kn(ctx->k2, ctx->k1, block_size); - - /* Destroy intermediate secret and reset last block count. */ - explicit_bzero(ctx->tbl, sizeof(ctx->tbl)); - ctx->nlast_block = 0; - - /* Reset context again to get ready for the first data block. */ - if (!EVP_EncryptInit_ex(ctx->cipher_ctx, NULL, NULL, NULL, zero_iv)) - return 0; - } - - return 1; -} -LCRYPTO_ALIAS(CMAC_Init); - -int -CMAC_Update(CMAC_CTX *ctx, const void *in, size_t dlen) -{ - const unsigned char *data = in; - size_t block_size; - - if (ctx->nlast_block == -1) - return 0; - if (dlen == 0) - return 1; - block_size = EVP_CIPHER_CTX_block_size(ctx->cipher_ctx); - /* Copy into partial block if we need to */ - if (ctx->nlast_block > 0) { - size_t nleft; - - nleft = block_size - ctx->nlast_block; - if (dlen < nleft) - nleft = dlen; - memcpy(ctx->last_block + ctx->nlast_block, data, nleft); - dlen -= nleft; - ctx->nlast_block += nleft; - /* If no more to process return */ - if (dlen == 0) - return 1; - data += nleft; - /* Else not final block so encrypt it */ - if (!EVP_Cipher(ctx->cipher_ctx, ctx->tbl, ctx->last_block, - block_size)) - return 0; - } - /* Encrypt all but one of the complete blocks left */ - while (dlen > block_size) { - if (!EVP_Cipher(ctx->cipher_ctx, ctx->tbl, data, block_size)) - return 0; - dlen -= block_size; - data += block_size; - } - /* Copy any data left to last block buffer */ - memcpy(ctx->last_block, data, dlen); - ctx->nlast_block = dlen; - return 1; -} -LCRYPTO_ALIAS(CMAC_Update); - -int -CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen) -{ - int i, block_size, lb; - - if (ctx->nlast_block == -1) - return 0; - block_size = EVP_CIPHER_CTX_block_size(ctx->cipher_ctx); - *poutlen = (size_t)block_size; - if (!out) - return 1; - lb = ctx->nlast_block; - /* Is last block complete? */ - if (lb == block_size) { - for (i = 0; i < block_size; i++) - out[i] = ctx->last_block[i] ^ ctx->k1[i]; - } else { - ctx->last_block[lb] = 0x80; - if (block_size - lb > 1) - memset(ctx->last_block + lb + 1, 0, block_size - lb - 1); - for (i = 0; i < block_size; i++) - out[i] = ctx->last_block[i] ^ ctx->k2[i]; - } - if (!EVP_Cipher(ctx->cipher_ctx, out, out, block_size)) { - explicit_bzero(out, block_size); - return 0; - } - return 1; -} -LCRYPTO_ALIAS(CMAC_Final); diff --git a/src/lib/libcrypto/cmac/cmac.h b/src/lib/libcrypto/cmac/cmac.h deleted file mode 100644 index f77dae12b3..0000000000 --- a/src/lib/libcrypto/cmac/cmac.h +++ /dev/null @@ -1,81 +0,0 @@ -/* $OpenBSD: cmac.h,v 1.4 2024/03/02 09:30:21 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2010 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - - -#ifndef HEADER_CMAC_H -#define HEADER_CMAC_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include - -/* Opaque */ -typedef struct CMAC_CTX_st CMAC_CTX; - -CMAC_CTX *CMAC_CTX_new(void); -void CMAC_CTX_cleanup(CMAC_CTX *ctx); -void CMAC_CTX_free(CMAC_CTX *ctx); -EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx); -int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in); - -int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen, - const EVP_CIPHER *cipher, ENGINE *impl); -int CMAC_Update(CMAC_CTX *ctx, const void *data, size_t dlen); -int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen); - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/cms/cms.h b/src/lib/libcrypto/cms/cms.h deleted file mode 100644 index 90030bdde0..0000000000 --- a/src/lib/libcrypto/cms/cms.h +++ /dev/null @@ -1,534 +0,0 @@ -/* $OpenBSD: cms.h,v 1.18 2024/03/30 00:35:15 joshua Exp $ */ -/* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#ifndef HEADER_CMS_H -#define HEADER_CMS_H - -#include - -#ifndef OPENSSL_NO_CMS - -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct CMS_ContentInfo_st CMS_ContentInfo; -typedef struct CMS_SignerInfo_st CMS_SignerInfo; -typedef struct CMS_CertificateChoices CMS_CertificateChoices; -typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice; -typedef struct CMS_RecipientInfo_st CMS_RecipientInfo; -typedef struct CMS_ReceiptRequest_st CMS_ReceiptRequest; -typedef struct CMS_Receipt_st CMS_Receipt; -typedef struct CMS_RecipientEncryptedKey_st CMS_RecipientEncryptedKey; -typedef struct CMS_OtherKeyAttribute_st CMS_OtherKeyAttribute; - -DECLARE_STACK_OF(CMS_SignerInfo) -DECLARE_STACK_OF(CMS_RecipientEncryptedKey) -DECLARE_STACK_OF(CMS_RecipientInfo) -DECLARE_STACK_OF(CMS_RevocationInfoChoice) -CMS_ContentInfo *CMS_ContentInfo_new(void); -void CMS_ContentInfo_free(CMS_ContentInfo *a); -CMS_ContentInfo *d2i_CMS_ContentInfo(CMS_ContentInfo **a, const unsigned char **in, long len); -int i2d_CMS_ContentInfo(CMS_ContentInfo *a, unsigned char **out); -extern const ASN1_ITEM CMS_ContentInfo_it; -CMS_ReceiptRequest *CMS_ReceiptRequest_new(void); -void CMS_ReceiptRequest_free(CMS_ReceiptRequest *a); -CMS_ReceiptRequest *d2i_CMS_ReceiptRequest(CMS_ReceiptRequest **a, const unsigned char **in, long len); -int i2d_CMS_ReceiptRequest(CMS_ReceiptRequest *a, unsigned char **out); -extern const ASN1_ITEM CMS_ReceiptRequest_it; -int CMS_ContentInfo_print_ctx(BIO *out, CMS_ContentInfo *x, int indent, const ASN1_PCTX *pctx); - -#define CMS_SIGNERINFO_ISSUER_SERIAL 0 -#define CMS_SIGNERINFO_KEYIDENTIFIER 1 - -#define CMS_RECIPINFO_NONE -1 -#define CMS_RECIPINFO_TRANS 0 -#define CMS_RECIPINFO_AGREE 1 -#define CMS_RECIPINFO_KEK 2 -#define CMS_RECIPINFO_PASS 3 -#define CMS_RECIPINFO_OTHER 4 - -/* S/MIME related flags */ - -#define CMS_TEXT 0x1 -#define CMS_NOCERTS 0x2 -#define CMS_NO_CONTENT_VERIFY 0x4 -#define CMS_NO_ATTR_VERIFY 0x8 -#define CMS_NOSIGS \ - (CMS_NO_CONTENT_VERIFY|CMS_NO_ATTR_VERIFY) -#define CMS_NOINTERN 0x10 -#define CMS_NO_SIGNER_CERT_VERIFY 0x20 -#define CMS_NOVERIFY 0x20 -#define CMS_DETACHED 0x40 -#define CMS_BINARY 0x80 -#define CMS_NOATTR 0x100 -#define CMS_NOSMIMECAP 0x200 -#define CMS_NOOLDMIMETYPE 0x400 -#define CMS_CRLFEOL 0x800 -#define CMS_STREAM 0x1000 -#define CMS_NOCRL 0x2000 -#define CMS_PARTIAL 0x4000 -#define CMS_REUSE_DIGEST 0x8000 -#define CMS_USE_KEYID 0x10000 -#define CMS_DEBUG_DECRYPT 0x20000 -#define CMS_KEY_PARAM 0x40000 -#define CMS_ASCIICRLF 0x80000 - -const ASN1_OBJECT *CMS_get0_type(const CMS_ContentInfo *cms); - -int CMS_get_version(const CMS_ContentInfo *cms, long *version); -int CMS_SignerInfo_get_version(const CMS_SignerInfo *si, long *version); - -BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont); -int CMS_dataFinal(CMS_ContentInfo *cms, BIO *bio); - -ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms); -int CMS_is_detached(CMS_ContentInfo *cms); -int CMS_set_detached(CMS_ContentInfo *cms, int detached); - -CMS_ContentInfo *PEM_read_bio_CMS(BIO *bp, CMS_ContentInfo **x, - pem_password_cb *cb, void *u); -CMS_ContentInfo *PEM_read_CMS(FILE *fp, CMS_ContentInfo **x, - pem_password_cb *cb, void *u); -int PEM_write_bio_CMS(BIO *bp, const CMS_ContentInfo *x); -int PEM_write_CMS(FILE *fp, const CMS_ContentInfo *x); -int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms); -CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms); -int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms); - -BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms); -int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags); -int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, - int flags); -CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont); -int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags); - -int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags); - -CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, - BIO *data, unsigned int flags); - -CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si, X509 *signcert, - EVP_PKEY *pkey, STACK_OF(X509) *certs, unsigned int flags); - -int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags); -CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags); - -int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out, - unsigned int flags); -CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md, - unsigned int flags); - -int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms, const unsigned char *key, - size_t keylen, BIO *dcont, BIO *out, unsigned int flags); - -CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher, - const unsigned char *key, size_t keylen, unsigned int flags); - -int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph, - const unsigned char *key, size_t keylen); - -int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, - X509_STORE *store, BIO *dcont, BIO *out, unsigned int flags); - -int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms, - STACK_OF(X509) *certs, X509_STORE *store, unsigned int flags); - -STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms); - -CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in, - const EVP_CIPHER *cipher, unsigned int flags); - -int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert, - BIO *dcont, BIO *out, unsigned int flags); - -int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert); -int CMS_decrypt_set1_key(CMS_ContentInfo *cms, unsigned char *key, - size_t keylen, const unsigned char *id, size_t idlen); -int CMS_decrypt_set1_password(CMS_ContentInfo *cms, unsigned char *pass, - ssize_t passlen); - -STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms); -int CMS_RecipientInfo_type(CMS_RecipientInfo *ri); -EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri); -CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher); -CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms, X509 *recip, - unsigned int flags); -int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey); -int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert); -int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri, EVP_PKEY **pk, - X509 **recip, X509_ALGOR **palg); -int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri, - ASN1_OCTET_STRING **keyid, X509_NAME **issuer, ASN1_INTEGER **sno); - -CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid, - unsigned char *key, size_t keylen, unsigned char *id, size_t idlen, - ASN1_GENERALIZEDTIME *date, ASN1_OBJECT *otherTypeId, ASN1_TYPE *otherType); - -int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, X509_ALGOR **palg, - ASN1_OCTET_STRING **pid, ASN1_GENERALIZEDTIME **pdate, - ASN1_OBJECT **potherid, ASN1_TYPE **pothertype); - -int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri, unsigned char *key, - size_t keylen); - -int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri, - const unsigned char *id, size_t idlen); - -int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri, unsigned char *pass, - ssize_t passlen); - -CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms, int iter, - int wrap_nid, int pbe_nid, unsigned char *pass, ssize_t passlen, - const EVP_CIPHER *kekciph); - -int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri); -int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri); - -int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out, - unsigned int flags); -CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags); - -int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid); -const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms); - -CMS_CertificateChoices *CMS_add0_CertificateChoices(CMS_ContentInfo *cms); -int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert); -int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert); -STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms); - -CMS_RevocationInfoChoice *CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms); -int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl); -int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl); -STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms); - -int CMS_SignedData_init(CMS_ContentInfo *cms); -CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, X509 *signer, - EVP_PKEY *pk, const EVP_MD *md, unsigned int flags); -EVP_PKEY_CTX *CMS_SignerInfo_get0_pkey_ctx(CMS_SignerInfo *si); -EVP_MD_CTX *CMS_SignerInfo_get0_md_ctx(CMS_SignerInfo *si); -STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms); - -void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer); -int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si, ASN1_OCTET_STRING **keyid, - X509_NAME **issuer, ASN1_INTEGER **sno); -int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert); -int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *certs, - unsigned int flags); -void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk, X509 **signer, - X509_ALGOR **pdig, X509_ALGOR **psig); -ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si); -int CMS_SignerInfo_sign(CMS_SignerInfo *si); -int CMS_SignerInfo_verify(CMS_SignerInfo *si); -int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain); - -int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs); -int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs, int algnid, - int keysize); -int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap); - -int CMS_signed_get_attr_count(const CMS_SignerInfo *si); -int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid, int lastpos); -int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, const ASN1_OBJECT *obj, - int lastpos); -X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc); -X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc); -int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr); -int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si, const ASN1_OBJECT *obj, - int type, const void *bytes, int len); -int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si, int nid, int type, - const void *bytes, int len); -int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si, - const char *attrname, int type, const void *bytes, int len); -void *CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, const ASN1_OBJECT *oid, - int lastpos, int type); - -int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si); -int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid, - int lastpos); -int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si, - const ASN1_OBJECT *obj, int lastpos); -X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc); -X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc); -int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr); -int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si, - const ASN1_OBJECT *obj, int type, const void *bytes, int len); -int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si, int nid, int type, - const void *bytes, int len); -int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si, const char *attrname, - int type, const void *bytes, int len); -void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid, - int lastpos, int type); - -int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr); -CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen, - int allorfirst, STACK_OF(GENERAL_NAMES) *receiptList, - STACK_OF(GENERAL_NAMES) *receiptsTo); -int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr); -void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr, ASN1_STRING **pcid, - int *pallorfirst, STACK_OF(GENERAL_NAMES) **plist, - STACK_OF(GENERAL_NAMES) **prto); - -int CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri, X509_ALGOR **palg, - ASN1_OCTET_STRING **pukm); -STACK_OF(CMS_RecipientEncryptedKey) * - CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri); - -int CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo *ri, - X509_ALGOR **pubalg, ASN1_BIT_STRING **pubkey, ASN1_OCTET_STRING **keyid, - X509_NAME **issuer, ASN1_INTEGER **sno); - -int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert); - -int CMS_RecipientEncryptedKey_get0_id(CMS_RecipientEncryptedKey *rek, - ASN1_OCTET_STRING **keyid, ASN1_GENERALIZEDTIME **tm, - CMS_OtherKeyAttribute **other, X509_NAME **issuer, ASN1_INTEGER **sno); -int CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey *rek, - X509 *cert); -int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk); -EVP_CIPHER_CTX *CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri); -int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms, - CMS_RecipientInfo *ri, CMS_RecipientEncryptedKey *rek); - -int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg, - ASN1_OCTET_STRING *ukm, int keylen); - -/* Backward compatibility for spelling errors. */ -#define CMS_R_UNKNOWN_DIGEST_ALGORITM CMS_R_UNKNOWN_DIGEST_ALGORITHM -#define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE \ - CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE - -int ERR_load_CMS_strings(void); - -/* - * CMS function codes. - */ -#define CMS_F_CHECK_CONTENT 99 -#define CMS_F_CMS_ADD0_CERT 164 -#define CMS_F_CMS_ADD0_RECIPIENT_KEY 100 -#define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD 165 -#define CMS_F_CMS_ADD1_RECEIPTREQUEST 158 -#define CMS_F_CMS_ADD1_RECIPIENT_CERT 101 -#define CMS_F_CMS_ADD1_SIGNER 102 -#define CMS_F_CMS_ADD1_SIGNINGTIME 103 -#define CMS_F_CMS_COMPRESS 104 -#define CMS_F_CMS_COMPRESSEDDATA_CREATE 105 -#define CMS_F_CMS_COMPRESSEDDATA_INIT_BIO 106 -#define CMS_F_CMS_COPY_CONTENT 107 -#define CMS_F_CMS_COPY_MESSAGEDIGEST 108 -#define CMS_F_CMS_DATA 109 -#define CMS_F_CMS_DATAFINAL 110 -#define CMS_F_CMS_DATAINIT 111 -#define CMS_F_CMS_DECRYPT 112 -#define CMS_F_CMS_DECRYPT_SET1_KEY 113 -#define CMS_F_CMS_DECRYPT_SET1_PASSWORD 166 -#define CMS_F_CMS_DECRYPT_SET1_PKEY 114 -#define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX 115 -#define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO 116 -#define CMS_F_CMS_DIGESTEDDATA_DO_FINAL 117 -#define CMS_F_CMS_DIGEST_VERIFY 118 -#define CMS_F_CMS_ENCODE_RECEIPT 161 -#define CMS_F_CMS_ENCRYPT 119 -#define CMS_F_CMS_ENCRYPTEDCONTENT_INIT 179 -#define CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO 120 -#define CMS_F_CMS_ENCRYPTEDDATA_DECRYPT 121 -#define CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT 122 -#define CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY 123 -#define CMS_F_CMS_ENVELOPEDDATA_CREATE 124 -#define CMS_F_CMS_ENVELOPEDDATA_INIT_BIO 125 -#define CMS_F_CMS_ENVELOPED_DATA_INIT 126 -#define CMS_F_CMS_ENV_ASN1_CTRL 171 -#define CMS_F_CMS_FINAL 127 -#define CMS_F_CMS_GET0_CERTIFICATE_CHOICES 128 -#define CMS_F_CMS_GET0_CONTENT 129 -#define CMS_F_CMS_GET0_ECONTENT_TYPE 130 -#define CMS_F_CMS_GET0_ENVELOPED 131 -#define CMS_F_CMS_GET0_REVOCATION_CHOICES 132 -#define CMS_F_CMS_GET0_SIGNED 133 -#define CMS_F_CMS_MSGSIGDIGEST_ADD1 162 -#define CMS_F_CMS_RECEIPTREQUEST_CREATE0 159 -#define CMS_F_CMS_RECEIPT_VERIFY 160 -#define CMS_F_CMS_RECIPIENTINFO_DECRYPT 134 -#define CMS_F_CMS_RECIPIENTINFO_ENCRYPT 169 -#define CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT 178 -#define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG 175 -#define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID 173 -#define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS 172 -#define CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP 174 -#define CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT 135 -#define CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT 136 -#define CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID 137 -#define CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP 138 -#define CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP 139 -#define CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT 140 -#define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT 141 -#define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS 142 -#define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID 143 -#define CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT 167 -#define CMS_F_CMS_RECIPIENTINFO_SET0_KEY 144 -#define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD 168 -#define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY 145 -#define CMS_F_CMS_SD_ASN1_CTRL 170 -#define CMS_F_CMS_SET1_IAS 176 -#define CMS_F_CMS_SET1_KEYID 177 -#define CMS_F_CMS_SET1_SIGNERIDENTIFIER 146 -#define CMS_F_CMS_SET_DETACHED 147 -#define CMS_F_CMS_SIGN 148 -#define CMS_F_CMS_SIGNED_DATA_INIT 149 -#define CMS_F_CMS_SIGNERINFO_CONTENT_SIGN 150 -#define CMS_F_CMS_SIGNERINFO_SIGN 151 -#define CMS_F_CMS_SIGNERINFO_VERIFY 152 -#define CMS_F_CMS_SIGNERINFO_VERIFY_CERT 153 -#define CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT 154 -#define CMS_F_CMS_SIGN_RECEIPT 163 -#define CMS_F_CMS_STREAM 155 -#define CMS_F_CMS_UNCOMPRESS 156 -#define CMS_F_CMS_VERIFY 157 -#define CMS_F_KEK_UNWRAP_KEY 180 - -/* - * CMS reason codes. - */ -#define CMS_R_ADD_SIGNER_ERROR 99 -#define CMS_R_CERTIFICATE_ALREADY_PRESENT 175 -#define CMS_R_CERTIFICATE_HAS_NO_KEYID 160 -#define CMS_R_CERTIFICATE_VERIFY_ERROR 100 -#define CMS_R_CIPHER_INITIALISATION_ERROR 101 -#define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR 102 -#define CMS_R_CMS_DATAFINAL_ERROR 103 -#define CMS_R_CMS_LIB 104 -#define CMS_R_CONTENTIDENTIFIER_MISMATCH 170 -#define CMS_R_CONTENT_NOT_FOUND 105 -#define CMS_R_CONTENT_TYPE_MISMATCH 171 -#define CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA 106 -#define CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA 107 -#define CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA 108 -#define CMS_R_CONTENT_VERIFY_ERROR 109 -#define CMS_R_CTRL_ERROR 110 -#define CMS_R_CTRL_FAILURE 111 -#define CMS_R_DECRYPT_ERROR 112 -#define CMS_R_ERROR_GETTING_PUBLIC_KEY 113 -#define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE 114 -#define CMS_R_ERROR_SETTING_KEY 115 -#define CMS_R_ERROR_SETTING_RECIPIENTINFO 116 -#define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH 117 -#define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER 176 -#define CMS_R_INVALID_KEY_LENGTH 118 -#define CMS_R_MD_BIO_INIT_ERROR 119 -#define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH 120 -#define CMS_R_MESSAGEDIGEST_WRONG_LENGTH 121 -#define CMS_R_MSGSIGDIGEST_ERROR 172 -#define CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE 162 -#define CMS_R_MSGSIGDIGEST_WRONG_LENGTH 163 -#define CMS_R_NEED_ONE_SIGNER 164 -#define CMS_R_NOT_A_SIGNED_RECEIPT 165 -#define CMS_R_NOT_ENCRYPTED_DATA 122 -#define CMS_R_NOT_KEK 123 -#define CMS_R_NOT_KEY_AGREEMENT 181 -#define CMS_R_NOT_KEY_TRANSPORT 124 -#define CMS_R_NOT_PWRI 177 -#define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 125 -#define CMS_R_NO_CIPHER 126 -#define CMS_R_NO_CONTENT 127 -#define CMS_R_NO_CONTENT_TYPE 173 -#define CMS_R_NO_DEFAULT_DIGEST 128 -#define CMS_R_NO_DIGEST_SET 129 -#define CMS_R_NO_KEY 130 -#define CMS_R_NO_KEY_OR_CERT 174 -#define CMS_R_NO_MATCHING_DIGEST 131 -#define CMS_R_NO_MATCHING_RECIPIENT 132 -#define CMS_R_NO_MATCHING_SIGNATURE 166 -#define CMS_R_NO_MSGSIGDIGEST 167 -#define CMS_R_NO_PASSWORD 178 -#define CMS_R_NO_PRIVATE_KEY 133 -#define CMS_R_NO_PUBLIC_KEY 134 -#define CMS_R_NO_RECEIPT_REQUEST 168 -#define CMS_R_NO_SIGNERS 135 -#define CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 136 -#define CMS_R_RECEIPT_DECODE_ERROR 169 -#define CMS_R_RECIPIENT_ERROR 137 -#define CMS_R_SIGNER_CERTIFICATE_NOT_FOUND 138 -#define CMS_R_SIGNFINAL_ERROR 139 -#define CMS_R_SMIME_TEXT_ERROR 140 -#define CMS_R_STORE_INIT_ERROR 141 -#define CMS_R_TYPE_NOT_COMPRESSED_DATA 142 -#define CMS_R_TYPE_NOT_DATA 143 -#define CMS_R_TYPE_NOT_DIGESTED_DATA 144 -#define CMS_R_TYPE_NOT_ENCRYPTED_DATA 145 -#define CMS_R_TYPE_NOT_ENVELOPED_DATA 146 -#define CMS_R_UNABLE_TO_FINALIZE_CONTEXT 147 -#define CMS_R_UNKNOWN_CIPHER 148 -#define CMS_R_UNKNOWN_DIGEST_ALGORITHM 149 -#define CMS_R_UNKNOWN_ID 150 -#define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM 151 -#define CMS_R_UNSUPPORTED_CONTENT_TYPE 152 -#define CMS_R_UNSUPPORTED_KEK_ALGORITHM 153 -#define CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM 179 -#define CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE 155 -#define CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154 -#define CMS_R_UNSUPPORTED_TYPE 156 -#define CMS_R_UNWRAP_ERROR 157 -#define CMS_R_UNWRAP_FAILURE 180 -#define CMS_R_VERIFICATION_FAILURE 158 -#define CMS_R_WRAP_ERROR 159 - -#ifdef __cplusplus -} -#endif -#endif -#endif diff --git a/src/lib/libcrypto/cms/cms_asn1.c b/src/lib/libcrypto/cms/cms_asn1.c deleted file mode 100644 index 2c95eddf03..0000000000 --- a/src/lib/libcrypto/cms/cms_asn1.c +++ /dev/null @@ -1,1629 +0,0 @@ -/* $OpenBSD: cms_asn1.c,v 1.25 2024/11/01 18:53:35 tb Exp $ */ -/* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include - -#include -#include -#include -#include -#include -#include - -#include "cms_local.h" - -static const ASN1_TEMPLATE CMS_IssuerAndSerialNumber_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_IssuerAndSerialNumber, issuer), - .field_name = "issuer", - .item = &X509_NAME_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_IssuerAndSerialNumber, serialNumber), - .field_name = "serialNumber", - .item = &ASN1_INTEGER_it, - }, -}; - -const ASN1_ITEM CMS_IssuerAndSerialNumber_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_IssuerAndSerialNumber_seq_tt, - .tcount = sizeof(CMS_IssuerAndSerialNumber_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_IssuerAndSerialNumber), - .sname = "CMS_IssuerAndSerialNumber", -}; - -static const ASN1_TEMPLATE CMS_OtherCertificateFormat_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_OtherCertificateFormat, otherCertFormat), - .field_name = "otherCertFormat", - .item = &ASN1_OBJECT_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(CMS_OtherCertificateFormat, otherCert), - .field_name = "otherCert", - .item = &ASN1_ANY_it, - }, -}; - -static const ASN1_ITEM CMS_OtherCertificateFormat_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_OtherCertificateFormat_seq_tt, - .tcount = sizeof(CMS_OtherCertificateFormat_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_OtherCertificateFormat), - .sname = "CMS_OtherCertificateFormat", -}; - -static const ASN1_TEMPLATE CMS_CertificateChoices_ch_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_CertificateChoices, d.certificate), - .field_name = "d.certificate", - .item = &X509_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = 0, - .offset = offsetof(CMS_CertificateChoices, d.extendedCertificate), - .field_name = "d.extendedCertificate", - .item = &ASN1_SEQUENCE_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = 1, - .offset = offsetof(CMS_CertificateChoices, d.v1AttrCert), - .field_name = "d.v1AttrCert", - .item = &ASN1_SEQUENCE_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = 2, - .offset = offsetof(CMS_CertificateChoices, d.v2AttrCert), - .field_name = "d.v2AttrCert", - .item = &ASN1_SEQUENCE_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = 3, - .offset = offsetof(CMS_CertificateChoices, d.other), - .field_name = "d.other", - .item = &CMS_OtherCertificateFormat_it, - }, -}; - -const ASN1_ITEM CMS_CertificateChoices_it = { - .itype = ASN1_ITYPE_CHOICE, - .utype = offsetof(CMS_CertificateChoices, type), - .templates = CMS_CertificateChoices_ch_tt, - .tcount = sizeof(CMS_CertificateChoices_ch_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_CertificateChoices), - .sname = "CMS_CertificateChoices", -}; - -static const ASN1_TEMPLATE CMS_SignerIdentifier_ch_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_SignerIdentifier, d.issuerAndSerialNumber), - .field_name = "d.issuerAndSerialNumber", - .item = &CMS_IssuerAndSerialNumber_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = 0, - .offset = offsetof(CMS_SignerIdentifier, d.subjectKeyIdentifier), - .field_name = "d.subjectKeyIdentifier", - .item = &ASN1_OCTET_STRING_it, - }, -}; - -static const ASN1_ITEM CMS_SignerIdentifier_it = { - .itype = ASN1_ITYPE_CHOICE, - .utype = offsetof(CMS_SignerIdentifier, type), - .templates = CMS_SignerIdentifier_ch_tt, - .tcount = sizeof(CMS_SignerIdentifier_ch_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_SignerIdentifier), - .sname = "CMS_SignerIdentifier", -}; - -static const ASN1_TEMPLATE CMS_EncapsulatedContentInfo_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_EncapsulatedContentInfo, eContentType), - .field_name = "eContentType", - .item = &ASN1_OBJECT_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL | ASN1_TFLG_NDEF, - .tag = 0, - .offset = offsetof(CMS_EncapsulatedContentInfo, eContent), - .field_name = "eContent", - .item = &ASN1_OCTET_STRING_NDEF_it, - }, -}; - -static const ASN1_ITEM CMS_EncapsulatedContentInfo_it = { - .itype = ASN1_ITYPE_NDEF_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_EncapsulatedContentInfo_seq_tt, - .tcount = sizeof(CMS_EncapsulatedContentInfo_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_EncapsulatedContentInfo), - .sname = "CMS_EncapsulatedContentInfo", -}; - -/* Minor tweak to operation: free up signer key, cert */ -static int -cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) -{ - if (operation == ASN1_OP_FREE_POST) { - CMS_SignerInfo *si = (CMS_SignerInfo *)*pval; - EVP_PKEY_free(si->pkey); - X509_free(si->signer); - EVP_MD_CTX_free(si->mctx); - } - return 1; -} - -static const ASN1_AUX CMS_SignerInfo_aux = { - .app_data = NULL, - .flags = 0, - .ref_offset = 0, - .ref_lock = 0, - .asn1_cb = cms_si_cb, - .enc_offset = 0, -}; -static const ASN1_TEMPLATE CMS_SignerInfo_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_SignerInfo, version), - .field_name = "version", - .item = &LONG_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_SignerInfo, sid), - .field_name = "sid", - .item = &CMS_SignerIdentifier_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_SignerInfo, digestAlgorithm), - .field_name = "digestAlgorithm", - .item = &X509_ALGOR_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(CMS_SignerInfo, signedAttrs), - .field_name = "signedAttrs", - .item = &X509_ATTRIBUTE_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_SignerInfo, signatureAlgorithm), - .field_name = "signatureAlgorithm", - .item = &X509_ALGOR_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_SignerInfo, signature), - .field_name = "signature", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(CMS_SignerInfo, unsignedAttrs), - .field_name = "unsignedAttrs", - .item = &X509_ATTRIBUTE_it, - }, -}; - -const ASN1_ITEM CMS_SignerInfo_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_SignerInfo_seq_tt, - .tcount = sizeof(CMS_SignerInfo_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &CMS_SignerInfo_aux, - .size = sizeof(CMS_SignerInfo), - .sname = "CMS_SignerInfo", -}; - -static const ASN1_TEMPLATE CMS_OtherRevocationInfoFormat_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_OtherRevocationInfoFormat, otherRevInfoFormat), - .field_name = "otherRevInfoFormat", - .item = &ASN1_OBJECT_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(CMS_OtherRevocationInfoFormat, otherRevInfo), - .field_name = "otherRevInfo", - .item = &ASN1_ANY_it, - }, -}; - -static const ASN1_ITEM CMS_OtherRevocationInfoFormat_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_OtherRevocationInfoFormat_seq_tt, - .tcount = sizeof(CMS_OtherRevocationInfoFormat_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_OtherRevocationInfoFormat), - .sname = "CMS_OtherRevocationInfoFormat", -}; - -static const ASN1_TEMPLATE CMS_RevocationInfoChoice_ch_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_RevocationInfoChoice, d.crl), - .field_name = "d.crl", - .item = &X509_CRL_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = 1, - .offset = offsetof(CMS_RevocationInfoChoice, d.other), - .field_name = "d.other", - .item = &CMS_OtherRevocationInfoFormat_it, - }, -}; - -const ASN1_ITEM CMS_RevocationInfoChoice_it = { - .itype = ASN1_ITYPE_CHOICE, - .utype = offsetof(CMS_RevocationInfoChoice, type), - .templates = CMS_RevocationInfoChoice_ch_tt, - .tcount = sizeof(CMS_RevocationInfoChoice_ch_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_RevocationInfoChoice), - .sname = "CMS_RevocationInfoChoice", -}; - -static const ASN1_TEMPLATE CMS_SignedData_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_SignedData, version), - .field_name = "version", - .item = &LONG_it, - }, - { - .flags = ASN1_TFLG_SET_OF, - .tag = 0, - .offset = offsetof(CMS_SignedData, digestAlgorithms), - .field_name = "digestAlgorithms", - .item = &X509_ALGOR_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_SignedData, encapContentInfo), - .field_name = "encapContentInfo", - .item = &CMS_EncapsulatedContentInfo_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(CMS_SignedData, certificates), - .field_name = "certificates", - .item = &CMS_CertificateChoices_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(CMS_SignedData, crls), - .field_name = "crls", - .item = &CMS_RevocationInfoChoice_it, - }, - { - .flags = ASN1_TFLG_SET_OF, - .tag = 0, - .offset = offsetof(CMS_SignedData, signerInfos), - .field_name = "signerInfos", - .item = &CMS_SignerInfo_it, - }, -}; - -const ASN1_ITEM CMS_SignedData_it = { - .itype = ASN1_ITYPE_NDEF_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_SignedData_seq_tt, - .tcount = sizeof(CMS_SignedData_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_SignedData), - .sname = "CMS_SignedData", -}; - -static const ASN1_TEMPLATE CMS_OriginatorInfo_seq_tt[] = { - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(CMS_OriginatorInfo, certificates), - .field_name = "certificates", - .item = &CMS_CertificateChoices_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(CMS_OriginatorInfo, crls), - .field_name = "crls", - .item = &CMS_RevocationInfoChoice_it, - }, -}; - -static const ASN1_ITEM CMS_OriginatorInfo_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_OriginatorInfo_seq_tt, - .tcount = sizeof(CMS_OriginatorInfo_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_OriginatorInfo), - .sname = "CMS_OriginatorInfo", -}; - -static const ASN1_TEMPLATE CMS_EncryptedContentInfo_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_EncryptedContentInfo, contentType), - .field_name = "contentType", - .item = &ASN1_OBJECT_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_EncryptedContentInfo, contentEncryptionAlgorithm), - .field_name = "contentEncryptionAlgorithm", - .item = &X509_ALGOR_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(CMS_EncryptedContentInfo, encryptedContent), - .field_name = "encryptedContent", - .item = &ASN1_OCTET_STRING_NDEF_it, - }, -}; - -static const ASN1_ITEM CMS_EncryptedContentInfo_it = { - .itype = ASN1_ITYPE_NDEF_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_EncryptedContentInfo_seq_tt, - .tcount = sizeof(CMS_EncryptedContentInfo_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_EncryptedContentInfo), - .sname = "CMS_EncryptedContentInfo", -}; - -static const ASN1_TEMPLATE CMS_KeyTransRecipientInfo_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_KeyTransRecipientInfo, version), - .field_name = "version", - .item = &LONG_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_KeyTransRecipientInfo, rid), - .field_name = "rid", - .item = &CMS_SignerIdentifier_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_KeyTransRecipientInfo, keyEncryptionAlgorithm), - .field_name = "keyEncryptionAlgorithm", - .item = &X509_ALGOR_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_KeyTransRecipientInfo, encryptedKey), - .field_name = "encryptedKey", - .item = &ASN1_OCTET_STRING_it, - }, -}; - -const ASN1_ITEM CMS_KeyTransRecipientInfo_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_KeyTransRecipientInfo_seq_tt, - .tcount = sizeof(CMS_KeyTransRecipientInfo_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_KeyTransRecipientInfo), - .sname = "CMS_KeyTransRecipientInfo", -}; - -static const ASN1_TEMPLATE CMS_OtherKeyAttribute_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_OtherKeyAttribute, keyAttrId), - .field_name = "keyAttrId", - .item = &ASN1_OBJECT_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(CMS_OtherKeyAttribute, keyAttr), - .field_name = "keyAttr", - .item = &ASN1_ANY_it, - }, -}; - -const ASN1_ITEM CMS_OtherKeyAttribute_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_OtherKeyAttribute_seq_tt, - .tcount = sizeof(CMS_OtherKeyAttribute_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_OtherKeyAttribute), - .sname = "CMS_OtherKeyAttribute", -}; - -static const ASN1_TEMPLATE CMS_RecipientKeyIdentifier_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_RecipientKeyIdentifier, subjectKeyIdentifier), - .field_name = "subjectKeyIdentifier", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(CMS_RecipientKeyIdentifier, date), - .field_name = "date", - .item = &ASN1_GENERALIZEDTIME_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(CMS_RecipientKeyIdentifier, other), - .field_name = "other", - .item = &CMS_OtherKeyAttribute_it, - }, -}; - -const ASN1_ITEM CMS_RecipientKeyIdentifier_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_RecipientKeyIdentifier_seq_tt, - .tcount = sizeof(CMS_RecipientKeyIdentifier_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_RecipientKeyIdentifier), - .sname = "CMS_RecipientKeyIdentifier", -}; - -static const ASN1_TEMPLATE CMS_KeyAgreeRecipientIdentifier_ch_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_KeyAgreeRecipientIdentifier, d.issuerAndSerialNumber), - .field_name = "d.issuerAndSerialNumber", - .item = &CMS_IssuerAndSerialNumber_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = 0, - .offset = offsetof(CMS_KeyAgreeRecipientIdentifier, d.rKeyId), - .field_name = "d.rKeyId", - .item = &CMS_RecipientKeyIdentifier_it, - }, -}; - -static const ASN1_ITEM CMS_KeyAgreeRecipientIdentifier_it = { - .itype = ASN1_ITYPE_CHOICE, - .utype = offsetof(CMS_KeyAgreeRecipientIdentifier, type), - .templates = CMS_KeyAgreeRecipientIdentifier_ch_tt, - .tcount = sizeof(CMS_KeyAgreeRecipientIdentifier_ch_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_KeyAgreeRecipientIdentifier), - .sname = "CMS_KeyAgreeRecipientIdentifier", -}; - -static int -cms_rek_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) -{ - CMS_RecipientEncryptedKey *rek = (CMS_RecipientEncryptedKey *)*pval; - if (operation == ASN1_OP_FREE_POST) { - EVP_PKEY_free(rek->pkey); - } - return 1; -} - -static const ASN1_AUX CMS_RecipientEncryptedKey_aux = { - .app_data = NULL, - .flags = 0, - .ref_offset = 0, - .ref_lock = 0, - .asn1_cb = cms_rek_cb, - .enc_offset = 0, -}; -static const ASN1_TEMPLATE CMS_RecipientEncryptedKey_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_RecipientEncryptedKey, rid), - .field_name = "rid", - .item = &CMS_KeyAgreeRecipientIdentifier_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_RecipientEncryptedKey, encryptedKey), - .field_name = "encryptedKey", - .item = &ASN1_OCTET_STRING_it, - }, -}; - -const ASN1_ITEM CMS_RecipientEncryptedKey_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_RecipientEncryptedKey_seq_tt, - .tcount = sizeof(CMS_RecipientEncryptedKey_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &CMS_RecipientEncryptedKey_aux, - .size = sizeof(CMS_RecipientEncryptedKey), - .sname = "CMS_RecipientEncryptedKey", -}; - -static const ASN1_TEMPLATE CMS_OriginatorPublicKey_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_OriginatorPublicKey, algorithm), - .field_name = "algorithm", - .item = &X509_ALGOR_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_OriginatorPublicKey, publicKey), - .field_name = "publicKey", - .item = &ASN1_BIT_STRING_it, - }, -}; - -const ASN1_ITEM CMS_OriginatorPublicKey_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_OriginatorPublicKey_seq_tt, - .tcount = sizeof(CMS_OriginatorPublicKey_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_OriginatorPublicKey), - .sname = "CMS_OriginatorPublicKey", -}; - -static const ASN1_TEMPLATE CMS_OriginatorIdentifierOrKey_ch_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_OriginatorIdentifierOrKey, d.issuerAndSerialNumber), - .field_name = "d.issuerAndSerialNumber", - .item = &CMS_IssuerAndSerialNumber_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = 0, - .offset = offsetof(CMS_OriginatorIdentifierOrKey, d.subjectKeyIdentifier), - .field_name = "d.subjectKeyIdentifier", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = 1, - .offset = offsetof(CMS_OriginatorIdentifierOrKey, d.originatorKey), - .field_name = "d.originatorKey", - .item = &CMS_OriginatorPublicKey_it, - }, -}; - -static const ASN1_ITEM CMS_OriginatorIdentifierOrKey_it = { - .itype = ASN1_ITYPE_CHOICE, - .utype = offsetof(CMS_OriginatorIdentifierOrKey, type), - .templates = CMS_OriginatorIdentifierOrKey_ch_tt, - .tcount = sizeof(CMS_OriginatorIdentifierOrKey_ch_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_OriginatorIdentifierOrKey), - .sname = "CMS_OriginatorIdentifierOrKey", -}; - -static int -cms_kari_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) -{ - CMS_KeyAgreeRecipientInfo *kari = (CMS_KeyAgreeRecipientInfo *)*pval; - if (operation == ASN1_OP_NEW_POST) { - kari->ctx = EVP_CIPHER_CTX_new(); - if (kari->ctx == NULL) - return 0; - EVP_CIPHER_CTX_set_flags(kari->ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW); - kari->pctx = NULL; - } else if (operation == ASN1_OP_FREE_POST) { - EVP_PKEY_CTX_free(kari->pctx); - EVP_CIPHER_CTX_free(kari->ctx); - } - return 1; -} - -static const ASN1_AUX CMS_KeyAgreeRecipientInfo_aux = { - .app_data = NULL, - .flags = 0, - .ref_offset = 0, - .ref_lock = 0, - .asn1_cb = cms_kari_cb, - .enc_offset = 0, -}; -static const ASN1_TEMPLATE CMS_KeyAgreeRecipientInfo_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_KeyAgreeRecipientInfo, version), - .field_name = "version", - .item = &LONG_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 0, - .offset = offsetof(CMS_KeyAgreeRecipientInfo, originator), - .field_name = "originator", - .item = &CMS_OriginatorIdentifierOrKey_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(CMS_KeyAgreeRecipientInfo, ukm), - .field_name = "ukm", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_KeyAgreeRecipientInfo, keyEncryptionAlgorithm), - .field_name = "keyEncryptionAlgorithm", - .item = &X509_ALGOR_it, - }, - { - .flags = ASN1_TFLG_SEQUENCE_OF, - .tag = 0, - .offset = offsetof(CMS_KeyAgreeRecipientInfo, recipientEncryptedKeys), - .field_name = "recipientEncryptedKeys", - .item = &CMS_RecipientEncryptedKey_it, - }, -}; - -const ASN1_ITEM CMS_KeyAgreeRecipientInfo_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_KeyAgreeRecipientInfo_seq_tt, - .tcount = sizeof(CMS_KeyAgreeRecipientInfo_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &CMS_KeyAgreeRecipientInfo_aux, - .size = sizeof(CMS_KeyAgreeRecipientInfo), - .sname = "CMS_KeyAgreeRecipientInfo", -}; - -static const ASN1_TEMPLATE CMS_KEKIdentifier_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_KEKIdentifier, keyIdentifier), - .field_name = "keyIdentifier", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(CMS_KEKIdentifier, date), - .field_name = "date", - .item = &ASN1_GENERALIZEDTIME_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(CMS_KEKIdentifier, other), - .field_name = "other", - .item = &CMS_OtherKeyAttribute_it, - }, -}; - -static const ASN1_ITEM CMS_KEKIdentifier_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_KEKIdentifier_seq_tt, - .tcount = sizeof(CMS_KEKIdentifier_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_KEKIdentifier), - .sname = "CMS_KEKIdentifier", -}; - -static const ASN1_TEMPLATE CMS_KEKRecipientInfo_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_KEKRecipientInfo, version), - .field_name = "version", - .item = &LONG_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_KEKRecipientInfo, kekid), - .field_name = "kekid", - .item = &CMS_KEKIdentifier_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_KEKRecipientInfo, keyEncryptionAlgorithm), - .field_name = "keyEncryptionAlgorithm", - .item = &X509_ALGOR_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_KEKRecipientInfo, encryptedKey), - .field_name = "encryptedKey", - .item = &ASN1_OCTET_STRING_it, - }, -}; - -const ASN1_ITEM CMS_KEKRecipientInfo_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_KEKRecipientInfo_seq_tt, - .tcount = sizeof(CMS_KEKRecipientInfo_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_KEKRecipientInfo), - .sname = "CMS_KEKRecipientInfo", -}; - -static const ASN1_TEMPLATE CMS_PasswordRecipientInfo_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_PasswordRecipientInfo, version), - .field_name = "version", - .item = &LONG_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(CMS_PasswordRecipientInfo, keyDerivationAlgorithm), - .field_name = "keyDerivationAlgorithm", - .item = &X509_ALGOR_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_PasswordRecipientInfo, keyEncryptionAlgorithm), - .field_name = "keyEncryptionAlgorithm", - .item = &X509_ALGOR_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_PasswordRecipientInfo, encryptedKey), - .field_name = "encryptedKey", - .item = &ASN1_OCTET_STRING_it, - }, -}; - -const ASN1_ITEM CMS_PasswordRecipientInfo_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_PasswordRecipientInfo_seq_tt, - .tcount = sizeof(CMS_PasswordRecipientInfo_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_PasswordRecipientInfo), - .sname = "CMS_PasswordRecipientInfo", -}; - -static const ASN1_TEMPLATE CMS_OtherRecipientInfo_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_OtherRecipientInfo, oriType), - .field_name = "oriType", - .item = &ASN1_OBJECT_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(CMS_OtherRecipientInfo, oriValue), - .field_name = "oriValue", - .item = &ASN1_ANY_it, - }, -}; - -static const ASN1_ITEM CMS_OtherRecipientInfo_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_OtherRecipientInfo_seq_tt, - .tcount = sizeof(CMS_OtherRecipientInfo_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_OtherRecipientInfo), - .sname = "CMS_OtherRecipientInfo", -}; - -/* Free up RecipientInfo additional data */ -static int -cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) -{ - if (operation == ASN1_OP_FREE_PRE) { - CMS_RecipientInfo *ri = (CMS_RecipientInfo *)*pval; - if (ri->type == CMS_RECIPINFO_TRANS) { - CMS_KeyTransRecipientInfo *ktri = ri->d.ktri; - EVP_PKEY_free(ktri->pkey); - X509_free(ktri->recip); - EVP_PKEY_CTX_free(ktri->pctx); - } else if (ri->type == CMS_RECIPINFO_KEK) { - CMS_KEKRecipientInfo *kekri = ri->d.kekri; - freezero(kekri->key, kekri->keylen); - } else if (ri->type == CMS_RECIPINFO_PASS) { - CMS_PasswordRecipientInfo *pwri = ri->d.pwri; - freezero(pwri->pass, pwri->passlen); - } - } - return 1; -} - -static const ASN1_AUX CMS_RecipientInfo_aux = { - .app_data = NULL, - .flags = 0, - .ref_offset = 0, - .ref_lock = 0, - .asn1_cb = cms_ri_cb, - .enc_offset = 0, -}; -static const ASN1_TEMPLATE CMS_RecipientInfo_ch_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_RecipientInfo, d.ktri), - .field_name = "d.ktri", - .item = &CMS_KeyTransRecipientInfo_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = 1, - .offset = offsetof(CMS_RecipientInfo, d.kari), - .field_name = "d.kari", - .item = &CMS_KeyAgreeRecipientInfo_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = 2, - .offset = offsetof(CMS_RecipientInfo, d.kekri), - .field_name = "d.kekri", - .item = &CMS_KEKRecipientInfo_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = 3, - .offset = offsetof(CMS_RecipientInfo, d.pwri), - .field_name = "d.pwri", - .item = &CMS_PasswordRecipientInfo_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = 4, - .offset = offsetof(CMS_RecipientInfo, d.ori), - .field_name = "d.ori", - .item = &CMS_OtherRecipientInfo_it, - }, -}; - -const ASN1_ITEM CMS_RecipientInfo_it = { - .itype = ASN1_ITYPE_CHOICE, - .utype = offsetof(CMS_RecipientInfo, type), - .templates = CMS_RecipientInfo_ch_tt, - .tcount = sizeof(CMS_RecipientInfo_ch_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &CMS_RecipientInfo_aux, - .size = sizeof(CMS_RecipientInfo), - .sname = "CMS_RecipientInfo", -}; - -static const ASN1_TEMPLATE CMS_EnvelopedData_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_EnvelopedData, version), - .field_name = "version", - .item = &LONG_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(CMS_EnvelopedData, originatorInfo), - .field_name = "originatorInfo", - .item = &CMS_OriginatorInfo_it, - }, - { - .flags = ASN1_TFLG_SET_OF, - .tag = 0, - .offset = offsetof(CMS_EnvelopedData, recipientInfos), - .field_name = "recipientInfos", - .item = &CMS_RecipientInfo_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_EnvelopedData, encryptedContentInfo), - .field_name = "encryptedContentInfo", - .item = &CMS_EncryptedContentInfo_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(CMS_EnvelopedData, unprotectedAttrs), - .field_name = "unprotectedAttrs", - .item = &X509_ATTRIBUTE_it, - }, -}; - -const ASN1_ITEM CMS_EnvelopedData_it = { - .itype = ASN1_ITYPE_NDEF_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_EnvelopedData_seq_tt, - .tcount = sizeof(CMS_EnvelopedData_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_EnvelopedData), - .sname = "CMS_EnvelopedData", -}; - -static const ASN1_TEMPLATE CMS_DigestedData_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_DigestedData, version), - .field_name = "version", - .item = &LONG_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_DigestedData, digestAlgorithm), - .field_name = "digestAlgorithm", - .item = &X509_ALGOR_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_DigestedData, encapContentInfo), - .field_name = "encapContentInfo", - .item = &CMS_EncapsulatedContentInfo_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_DigestedData, digest), - .field_name = "digest", - .item = &ASN1_OCTET_STRING_it, - }, -}; - -const ASN1_ITEM CMS_DigestedData_it = { - .itype = ASN1_ITYPE_NDEF_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_DigestedData_seq_tt, - .tcount = sizeof(CMS_DigestedData_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_DigestedData), - .sname = "CMS_DigestedData", -}; - -static const ASN1_TEMPLATE CMS_EncryptedData_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_EncryptedData, version), - .field_name = "version", - .item = &LONG_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_EncryptedData, encryptedContentInfo), - .field_name = "encryptedContentInfo", - .item = &CMS_EncryptedContentInfo_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(CMS_EncryptedData, unprotectedAttrs), - .field_name = "unprotectedAttrs", - .item = &X509_ATTRIBUTE_it, - }, -}; - -const ASN1_ITEM CMS_EncryptedData_it = { - .itype = ASN1_ITYPE_NDEF_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_EncryptedData_seq_tt, - .tcount = sizeof(CMS_EncryptedData_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_EncryptedData), - .sname = "CMS_EncryptedData", -}; - -static const ASN1_TEMPLATE CMS_AuthenticatedData_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_AuthenticatedData, version), - .field_name = "version", - .item = &LONG_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(CMS_AuthenticatedData, originatorInfo), - .field_name = "originatorInfo", - .item = &CMS_OriginatorInfo_it, - }, - { - .flags = ASN1_TFLG_SET_OF, - .tag = 0, - .offset = offsetof(CMS_AuthenticatedData, recipientInfos), - .field_name = "recipientInfos", - .item = &CMS_RecipientInfo_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_AuthenticatedData, macAlgorithm), - .field_name = "macAlgorithm", - .item = &X509_ALGOR_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = 1, - .offset = offsetof(CMS_AuthenticatedData, digestAlgorithm), - .field_name = "digestAlgorithm", - .item = &X509_ALGOR_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_AuthenticatedData, encapContentInfo), - .field_name = "encapContentInfo", - .item = &CMS_EncapsulatedContentInfo_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL, - .tag = 2, - .offset = offsetof(CMS_AuthenticatedData, authAttrs), - .field_name = "authAttrs", - .item = &X509_ALGOR_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_AuthenticatedData, mac), - .field_name = "mac", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL, - .tag = 3, - .offset = offsetof(CMS_AuthenticatedData, unauthAttrs), - .field_name = "unauthAttrs", - .item = &X509_ALGOR_it, - }, -}; - -static const ASN1_ITEM CMS_AuthenticatedData_it = { - .itype = ASN1_ITYPE_NDEF_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_AuthenticatedData_seq_tt, - .tcount = sizeof(CMS_AuthenticatedData_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_AuthenticatedData), - .sname = "CMS_AuthenticatedData", -}; - -static const ASN1_TEMPLATE CMS_CompressedData_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_CompressedData, version), - .field_name = "version", - .item = &LONG_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_CompressedData, compressionAlgorithm), - .field_name = "compressionAlgorithm", - .item = &X509_ALGOR_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_CompressedData, encapContentInfo), - .field_name = "encapContentInfo", - .item = &CMS_EncapsulatedContentInfo_it, - }, -}; - -const ASN1_ITEM CMS_CompressedData_it = { - .itype = ASN1_ITYPE_NDEF_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_CompressedData_seq_tt, - .tcount = sizeof(CMS_CompressedData_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_CompressedData), - .sname = "CMS_CompressedData", -}; - -/* This is the ANY DEFINED BY table for the top level ContentInfo structure */ - -static const ASN1_TEMPLATE cms_default_tt = { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 0, - .offset = offsetof(CMS_ContentInfo, d.other), - .field_name = "d.other", - .item = &ASN1_ANY_it, -}; - -static const ASN1_ADB_TABLE CMS_ContentInfo_adbtbl[] = { - { - .value = NID_pkcs7_data, - .tt = { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_NDEF, - .tag = 0, - .offset = offsetof(CMS_ContentInfo, d.data), - .field_name = "d.data", - .item = &ASN1_OCTET_STRING_NDEF_it, - }, - }, - { - .value = NID_pkcs7_signed, - .tt = { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_NDEF, - .tag = 0, - .offset = offsetof(CMS_ContentInfo, d.signedData), - .field_name = "d.signedData", - .item = &CMS_SignedData_it, - }, - }, - { - .value = NID_pkcs7_enveloped, - .tt = { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_NDEF, - .tag = 0, - .offset = offsetof(CMS_ContentInfo, d.envelopedData), - .field_name = "d.envelopedData", - .item = &CMS_EnvelopedData_it, - }, - }, - { - .value = NID_pkcs7_digest, - .tt = { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_NDEF, - .tag = 0, - .offset = offsetof(CMS_ContentInfo, d.digestedData), - .field_name = "d.digestedData", - .item = &CMS_DigestedData_it, - }, - }, - { - .value = NID_pkcs7_encrypted, - .tt = { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_NDEF, - .tag = 0, - .offset = offsetof(CMS_ContentInfo, d.encryptedData), - .field_name = "d.encryptedData", - .item = &CMS_EncryptedData_it, - }, - }, - { - .value = NID_id_smime_ct_authData, - .tt = { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_NDEF, - .tag = 0, - .offset = offsetof(CMS_ContentInfo, d.authenticatedData), - .field_name = "d.authenticatedData", - .item = &CMS_AuthenticatedData_it, - }, - }, - { - .value = NID_id_smime_ct_compressedData, - .tt = { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_NDEF, - .tag = 0, - .offset = offsetof(CMS_ContentInfo, d.compressedData), - .field_name = "d.compressedData", - .item = &CMS_CompressedData_it, - }, - }, -}; - -static const ASN1_ADB CMS_ContentInfo_adb = { - .flags = 0, - .offset = offsetof(CMS_ContentInfo, contentType), - .tbl = CMS_ContentInfo_adbtbl, - .tblcount = sizeof(CMS_ContentInfo_adbtbl) / sizeof(ASN1_ADB_TABLE), - .default_tt = &cms_default_tt, - .null_tt = NULL, -}; - -/* CMS streaming support */ -static int -cms_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) -{ - ASN1_STREAM_ARG *sarg = exarg; - CMS_ContentInfo *cms = NULL; - - if (pval) - cms = (CMS_ContentInfo *)*pval; - else - return 1; - - switch (operation) { - case ASN1_OP_STREAM_PRE: - if (CMS_stream(&sarg->boundary, cms) <= 0) - return 0; - /* FALLTHROUGH */ - - case ASN1_OP_DETACHED_PRE: - sarg->ndef_bio = CMS_dataInit(cms, sarg->out); - if (!sarg->ndef_bio) - return 0; - break; - - case ASN1_OP_STREAM_POST: - case ASN1_OP_DETACHED_POST: - if (CMS_dataFinal(cms, sarg->ndef_bio) <= 0) - return 0; - break; - } - - return 1; -} - -static const ASN1_AUX CMS_ContentInfo_aux = { - .app_data = NULL, - .flags = 0, - .ref_offset = 0, - .ref_lock = 0, - .asn1_cb = cms_cb, - .enc_offset = 0, -}; -static const ASN1_TEMPLATE CMS_ContentInfo_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_ContentInfo, contentType), - .field_name = "contentType", - .item = &ASN1_OBJECT_it, - }, - { - .flags = ASN1_TFLG_ADB_OID, - .tag = -1, - .offset = 0, - .field_name = "CMS_ContentInfo", - .item = (const ASN1_ITEM *)&CMS_ContentInfo_adb, - }, -}; - -const ASN1_ITEM CMS_ContentInfo_it = { - .itype = ASN1_ITYPE_NDEF_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_ContentInfo_seq_tt, - .tcount = sizeof(CMS_ContentInfo_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &CMS_ContentInfo_aux, - .size = sizeof(CMS_ContentInfo), - .sname = "CMS_ContentInfo", -}; -LCRYPTO_ALIAS(CMS_ContentInfo_it); - -/* Specials for signed attributes */ - -/* - * When signing attributes we want to reorder them to match the sorted - * encoding. - */ - -static const ASN1_TEMPLATE CMS_Attributes_Sign_item_tt = { - .flags = ASN1_TFLG_SET_ORDER, - .tag = 0, - .offset = 0, - .field_name = "CMS_ATTRIBUTES", - .item = &X509_ATTRIBUTE_it, -}; - -const ASN1_ITEM CMS_Attributes_Sign_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = -1, - .templates = &CMS_Attributes_Sign_item_tt, - .tcount = 0, - .funcs = NULL, - .size = 0, - .sname = "CMS_Attributes_Sign", -}; - -/* - * When verifying attributes we need to use the received order. So we use - * SEQUENCE OF and tag it to SET OF - */ - -static const ASN1_TEMPLATE CMS_Attributes_Verify_item_tt = { - .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_IMPTAG | ASN1_TFLG_UNIVERSAL, - .tag = V_ASN1_SET, - .offset = 0, - .field_name = "CMS_ATTRIBUTES", - .item = &X509_ATTRIBUTE_it, -}; - -const ASN1_ITEM CMS_Attributes_Verify_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = -1, - .templates = &CMS_Attributes_Verify_item_tt, - .tcount = 0, - .funcs = NULL, - .size = 0, - .sname = "CMS_Attributes_Verify", -}; - - - -static const ASN1_TEMPLATE CMS_ReceiptsFrom_ch_tt[] = { - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = 0, - .offset = offsetof(CMS_ReceiptsFrom, d.allOrFirstTier), - .field_name = "d.allOrFirstTier", - .item = &LONG_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF, - .tag = 1, - .offset = offsetof(CMS_ReceiptsFrom, d.receiptList), - .field_name = "d.receiptList", - .item = &GENERAL_NAMES_it, - }, -}; - -static const ASN1_ITEM CMS_ReceiptsFrom_it = { - .itype = ASN1_ITYPE_CHOICE, - .utype = offsetof(CMS_ReceiptsFrom, type), - .templates = CMS_ReceiptsFrom_ch_tt, - .tcount = sizeof(CMS_ReceiptsFrom_ch_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_ReceiptsFrom), - .sname = "CMS_ReceiptsFrom", -}; - -static const ASN1_TEMPLATE CMS_ReceiptRequest_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_ReceiptRequest, signedContentIdentifier), - .field_name = "signedContentIdentifier", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_ReceiptRequest, receiptsFrom), - .field_name = "receiptsFrom", - .item = &CMS_ReceiptsFrom_it, - }, - { - .flags = ASN1_TFLG_SEQUENCE_OF, - .tag = 0, - .offset = offsetof(CMS_ReceiptRequest, receiptsTo), - .field_name = "receiptsTo", - .item = &GENERAL_NAMES_it, - }, -}; - -const ASN1_ITEM CMS_ReceiptRequest_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_ReceiptRequest_seq_tt, - .tcount = sizeof(CMS_ReceiptRequest_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_ReceiptRequest), - .sname = "CMS_ReceiptRequest", -}; -LCRYPTO_ALIAS(CMS_ReceiptRequest_it); - -static const ASN1_TEMPLATE CMS_Receipt_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_Receipt, version), - .field_name = "version", - .item = &LONG_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_Receipt, contentType), - .field_name = "contentType", - .item = &ASN1_OBJECT_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_Receipt, signedContentIdentifier), - .field_name = "signedContentIdentifier", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_Receipt, originatorSignatureValue), - .field_name = "originatorSignatureValue", - .item = &ASN1_OCTET_STRING_it, - }, -}; - -const ASN1_ITEM CMS_Receipt_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_Receipt_seq_tt, - .tcount = sizeof(CMS_Receipt_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_Receipt), - .sname = "CMS_Receipt", -}; - -/* - * Utilities to encode the CMS_SharedInfo structure used during key - * derivation. - */ - -typedef struct { - X509_ALGOR *keyInfo; - ASN1_OCTET_STRING *entityUInfo; - ASN1_OCTET_STRING *suppPubInfo; -} CMS_SharedInfo; - -static const ASN1_TEMPLATE CMS_SharedInfo_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(CMS_SharedInfo, keyInfo), - .field_name = "keyInfo", - .item = &X509_ALGOR_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(CMS_SharedInfo, entityUInfo), - .field_name = "entityUInfo", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 2, - .offset = offsetof(CMS_SharedInfo, suppPubInfo), - .field_name = "suppPubInfo", - .item = &ASN1_OCTET_STRING_it, - }, -}; - -static const ASN1_ITEM CMS_SharedInfo_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = CMS_SharedInfo_seq_tt, - .tcount = sizeof(CMS_SharedInfo_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(CMS_SharedInfo), - .sname = "CMS_SharedInfo", -}; - -int -CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg, - ASN1_OCTET_STRING *ukm, int keylen) -{ - union { - CMS_SharedInfo *pecsi; - ASN1_VALUE *a; - } intsi = { - NULL - }; - - ASN1_OCTET_STRING oklen; - unsigned char kl[4]; - CMS_SharedInfo ecsi; - - keylen <<= 3; - kl[0] = (keylen >> 24) & 0xff; - kl[1] = (keylen >> 16) & 0xff; - kl[2] = (keylen >> 8) & 0xff; - kl[3] = keylen & 0xff; - oklen.length = 4; - oklen.data = kl; - oklen.type = V_ASN1_OCTET_STRING; - oklen.flags = 0; - ecsi.keyInfo = kekalg; - ecsi.entityUInfo = ukm; - ecsi.suppPubInfo = &oklen; - intsi.pecsi = &ecsi; - - return ASN1_item_i2d(intsi.a, pder, &CMS_SharedInfo_it); -} -LCRYPTO_ALIAS(CMS_SharedInfo_encode); diff --git a/src/lib/libcrypto/cms/cms_att.c b/src/lib/libcrypto/cms/cms_att.c deleted file mode 100644 index 5dbaf3cb20..0000000000 --- a/src/lib/libcrypto/cms/cms_att.c +++ /dev/null @@ -1,231 +0,0 @@ -/* $OpenBSD: cms_att.c,v 1.13 2024/08/27 01:19:27 tb Exp $ */ -/* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include -#include - -#include "cms_local.h" -#include "x509_local.h" - -/* CMS SignedData Attribute utilities */ - -int -CMS_signed_get_attr_count(const CMS_SignerInfo *si) -{ - return sk_X509_ATTRIBUTE_num(si->signedAttrs); -} -LCRYPTO_ALIAS(CMS_signed_get_attr_count); - -int -CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid, int lastpos) -{ - return X509at_get_attr_by_NID(si->signedAttrs, nid, lastpos); -} -LCRYPTO_ALIAS(CMS_signed_get_attr_by_NID); - -int -CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, const ASN1_OBJECT *obj, - int lastpos) -{ - return X509at_get_attr_by_OBJ(si->signedAttrs, obj, lastpos); -} -LCRYPTO_ALIAS(CMS_signed_get_attr_by_OBJ); - -X509_ATTRIBUTE * -CMS_signed_get_attr(const CMS_SignerInfo *si, int loc) -{ - return sk_X509_ATTRIBUTE_value(si->signedAttrs, loc); -} -LCRYPTO_ALIAS(CMS_signed_get_attr); - -X509_ATTRIBUTE * -CMS_signed_delete_attr(CMS_SignerInfo *si, int loc) -{ - return sk_X509_ATTRIBUTE_delete(si->signedAttrs, loc); -} -LCRYPTO_ALIAS(CMS_signed_delete_attr); - -int -CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr) -{ - if (X509at_add1_attr(&si->signedAttrs, attr)) - return 1; - return 0; -} -LCRYPTO_ALIAS(CMS_signed_add1_attr); - -int -CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si, const ASN1_OBJECT *obj, int type, - const void *bytes, int len) -{ - if (X509at_add1_attr_by_OBJ(&si->signedAttrs, obj, type, bytes, len)) - return 1; - return 0; -} -LCRYPTO_ALIAS(CMS_signed_add1_attr_by_OBJ); - -int -CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si, int nid, int type, - const void *bytes, int len) -{ - if (X509at_add1_attr_by_NID(&si->signedAttrs, nid, type, bytes, len)) - return 1; - return 0; -} -LCRYPTO_ALIAS(CMS_signed_add1_attr_by_NID); - -int -CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si, const char *attrname, int type, - const void *bytes, int len) -{ - if (X509at_add1_attr_by_txt(&si->signedAttrs, attrname, type, bytes, len)) - return 1; - return 0; -} -LCRYPTO_ALIAS(CMS_signed_add1_attr_by_txt); - -void * -CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, const ASN1_OBJECT *oid, - int lastpos, int type) -{ - return X509at_get0_data_by_OBJ(si->signedAttrs, oid, lastpos, type); -} -LCRYPTO_ALIAS(CMS_signed_get0_data_by_OBJ); - -int -CMS_unsigned_get_attr_count(const CMS_SignerInfo *si) -{ - return sk_X509_ATTRIBUTE_num(si->unsignedAttrs); -} -LCRYPTO_ALIAS(CMS_unsigned_get_attr_count); - -int -CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid, int lastpos) -{ - return X509at_get_attr_by_NID(si->unsignedAttrs, nid, lastpos); -} -LCRYPTO_ALIAS(CMS_unsigned_get_attr_by_NID); - -int -CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si, const ASN1_OBJECT *obj, - int lastpos) -{ - return X509at_get_attr_by_OBJ(si->unsignedAttrs, obj, lastpos); -} -LCRYPTO_ALIAS(CMS_unsigned_get_attr_by_OBJ); - -X509_ATTRIBUTE * -CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc) -{ - return sk_X509_ATTRIBUTE_value(si->unsignedAttrs, loc); -} -LCRYPTO_ALIAS(CMS_unsigned_get_attr); - -X509_ATTRIBUTE * -CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc) -{ - return sk_X509_ATTRIBUTE_delete(si->unsignedAttrs, loc); -} -LCRYPTO_ALIAS(CMS_unsigned_delete_attr); - -int -CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr) -{ - if (X509at_add1_attr(&si->unsignedAttrs, attr)) - return 1; - return 0; -} -LCRYPTO_ALIAS(CMS_unsigned_add1_attr); - -int -CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si, const ASN1_OBJECT *obj, - int type, const void *bytes, int len) -{ - if (X509at_add1_attr_by_OBJ(&si->unsignedAttrs, obj, type, bytes, len)) - return 1; - return 0; -} -LCRYPTO_ALIAS(CMS_unsigned_add1_attr_by_OBJ); - -int -CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si, int nid, int type, - const void *bytes, int len) -{ - if (X509at_add1_attr_by_NID(&si->unsignedAttrs, nid, type, bytes, len)) - return 1; - return 0; -} -LCRYPTO_ALIAS(CMS_unsigned_add1_attr_by_NID); - -int -CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si, const char *attrname, - int type, const void *bytes, int len) -{ - if (X509at_add1_attr_by_txt(&si->unsignedAttrs, attrname, type, - bytes, len)) - return 1; - return 0; -} -LCRYPTO_ALIAS(CMS_unsigned_add1_attr_by_txt); - -void * -CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid, int lastpos, - int type) -{ - return X509at_get0_data_by_OBJ(si->unsignedAttrs, oid, lastpos, type); -} -LCRYPTO_ALIAS(CMS_unsigned_get0_data_by_OBJ); - -/* Specific attribute cases */ diff --git a/src/lib/libcrypto/cms/cms_dd.c b/src/lib/libcrypto/cms/cms_dd.c deleted file mode 100644 index 0a357094c5..0000000000 --- a/src/lib/libcrypto/cms/cms_dd.c +++ /dev/null @@ -1,152 +0,0 @@ -/* $OpenBSD: cms_dd.c,v 1.17 2023/10/26 09:08:57 tb Exp $ */ -/* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include - -#include -#include -#include -#include -#include - -#include "cms_local.h" -#include "x509_local.h" - -/* CMS DigestedData Utilities */ - -CMS_ContentInfo * -cms_DigestedData_create(const EVP_MD *md) -{ - CMS_ContentInfo *cms; - CMS_DigestedData *dd; - - cms = CMS_ContentInfo_new(); - if (cms == NULL) - return NULL; - - dd = (CMS_DigestedData *)ASN1_item_new(&CMS_DigestedData_it); - - if (dd == NULL) - goto err; - - cms->contentType = OBJ_nid2obj(NID_pkcs7_digest); - cms->d.digestedData = dd; - - dd->version = 0; - dd->encapContentInfo->eContentType = OBJ_nid2obj(NID_pkcs7_data); - - if (!X509_ALGOR_set_evp_md(dd->digestAlgorithm, md)) - goto err; - - return cms; - - err: - CMS_ContentInfo_free(cms); - - return NULL; -} - -BIO * -cms_DigestedData_init_bio(CMS_ContentInfo *cms) -{ - CMS_DigestedData *dd; - - dd = cms->d.digestedData; - - return cms_DigestAlgorithm_init_bio(dd->digestAlgorithm); -} - -int -cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify) -{ - EVP_MD_CTX *mctx = EVP_MD_CTX_new(); - unsigned char md[EVP_MAX_MD_SIZE]; - unsigned int mdlen; - int r = 0; - CMS_DigestedData *dd; - - if (mctx == NULL) { - CMSerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - dd = cms->d.digestedData; - - if (!cms_DigestAlgorithm_find_ctx(mctx, chain, dd->digestAlgorithm)) - goto err; - - if (EVP_DigestFinal_ex(mctx, md, &mdlen) <= 0) - goto err; - - if (verify) { - if (mdlen != (unsigned int)dd->digest->length) { - CMSerror(CMS_R_MESSAGEDIGEST_WRONG_LENGTH); - goto err; - } - - if (memcmp(md, dd->digest->data, mdlen)) - CMSerror(CMS_R_VERIFICATION_FAILURE); - else - r = 1; - } else { - if (!ASN1_STRING_set(dd->digest, md, mdlen)) - goto err; - r = 1; - } - - err: - EVP_MD_CTX_free(mctx); - - return r; -} diff --git a/src/lib/libcrypto/cms/cms_enc.c b/src/lib/libcrypto/cms/cms_enc.c deleted file mode 100644 index ef6925dbd6..0000000000 --- a/src/lib/libcrypto/cms/cms_enc.c +++ /dev/null @@ -1,266 +0,0 @@ -/* $OpenBSD: cms_enc.c,v 1.25 2024/11/01 18:34:06 tb Exp $ */ -/* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include - -#include -#include -#include -#include -#include -#include -#include - -#include "cms_local.h" -#include "evp_local.h" - -/* CMS EncryptedData Utilities */ - -/* Return BIO based on EncryptedContentInfo and key */ - -BIO * -cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec) -{ - BIO *b; - EVP_CIPHER_CTX *ctx; - const EVP_CIPHER *ciph; - X509_ALGOR *calg = ec->contentEncryptionAlgorithm; - unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL; - unsigned char *tkey = NULL; - size_t tkeylen = 0; - - int ok = 0; - - int enc, keep_key = 0; - - enc = ec->cipher ? 1 : 0; - - b = BIO_new(BIO_f_cipher()); - if (b == NULL) { - CMSerror(ERR_R_MALLOC_FAILURE); - return NULL; - } - - BIO_get_cipher_ctx(b, &ctx); - - if (enc) { - ciph = ec->cipher; - /* - * If not keeping key set cipher to NULL so subsequent calls decrypt. - */ - if (ec->key) - ec->cipher = NULL; - } else { - ciph = EVP_get_cipherbyobj(calg->algorithm); - - if (!ciph) { - CMSerror(CMS_R_UNKNOWN_CIPHER); - goto err; - } - } - - if (EVP_CipherInit_ex(ctx, ciph, NULL, NULL, NULL, enc) <= 0) { - CMSerror(CMS_R_CIPHER_INITIALISATION_ERROR); - goto err; - } - - if (enc) { - int ivlen; - calg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(ctx)); - /* Generate a random IV if we need one */ - ivlen = EVP_CIPHER_CTX_iv_length(ctx); - if (ivlen > 0) { - arc4random_buf(iv, ivlen); - piv = iv; - } - } else if (EVP_CIPHER_asn1_to_param(ctx, calg->parameter) <= 0) { - CMSerror(CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR); - goto err; - } - tkeylen = EVP_CIPHER_CTX_key_length(ctx); - /* Generate random session key */ - if (!enc || !ec->key) { - tkey = malloc(tkeylen); - if (tkey == NULL) { - CMSerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if (EVP_CIPHER_CTX_rand_key(ctx, tkey) <= 0) - goto err; - } - - if (!ec->key) { - ec->key = tkey; - ec->keylen = tkeylen; - tkey = NULL; - if (enc) - keep_key = 1; - else - ERR_clear_error(); - - } - - if (ec->keylen != tkeylen) { - /* If necessary set key length */ - if (!EVP_CIPHER_CTX_set_key_length(ctx, ec->keylen)) { - /* - * Only reveal failure if debugging so we don't leak information - * which may be useful in MMA. - */ - if (enc || ec->debug) { - CMSerror(CMS_R_INVALID_KEY_LENGTH); - goto err; - } else { - /* Use random key */ - freezero(ec->key, ec->keylen); - ec->key = tkey; - ec->keylen = tkeylen; - tkey = NULL; - ERR_clear_error(); - } - } - } - - if (EVP_CipherInit_ex(ctx, NULL, NULL, ec->key, piv, enc) <= 0) { - CMSerror(CMS_R_CIPHER_INITIALISATION_ERROR); - goto err; - } - if (enc) { - calg->parameter = ASN1_TYPE_new(); - if (calg->parameter == NULL) { - CMSerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if (EVP_CIPHER_param_to_asn1(ctx, calg->parameter) <= 0) { - CMSerror(CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR); - goto err; - } - /* If parameter type not set omit parameter */ - if (calg->parameter->type == V_ASN1_UNDEF) { - ASN1_TYPE_free(calg->parameter); - calg->parameter = NULL; - } - } - ok = 1; - - err: - if (!keep_key || !ok) { - freezero(ec->key, ec->keylen); - ec->key = NULL; - } - freezero(tkey, tkeylen); - if (ok) - return b; - BIO_free(b); - return NULL; -} - -int -cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec, - const EVP_CIPHER *cipher, const unsigned char *key, size_t keylen) -{ - ec->cipher = cipher; - if (key) { - if ((ec->key = malloc(keylen)) == NULL) { - CMSerror(ERR_R_MALLOC_FAILURE); - return 0; - } - memcpy(ec->key, key, keylen); - } - ec->keylen = keylen; - if (cipher) - ec->contentType = OBJ_nid2obj(NID_pkcs7_data); - - return 1; -} - -int -CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph, - const unsigned char *key, size_t keylen) -{ - CMS_EncryptedContentInfo *ec; - - if (!key || !keylen) { - CMSerror(CMS_R_NO_KEY); - return 0; - } - if (ciph) { - cms->d.encryptedData = (CMS_EncryptedData *)ASN1_item_new(&CMS_EncryptedData_it); - if (!cms->d.encryptedData) { - CMSerror(ERR_R_MALLOC_FAILURE); - return 0; - } - cms->contentType = OBJ_nid2obj(NID_pkcs7_encrypted); - cms->d.encryptedData->version = 0; - } else if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_encrypted) { - CMSerror(CMS_R_NOT_ENCRYPTED_DATA); - return 0; - } - ec = cms->d.encryptedData->encryptedContentInfo; - - return cms_EncryptedContent_init(ec, ciph, key, keylen); -} -LCRYPTO_ALIAS(CMS_EncryptedData_set1_key); - -BIO * -cms_EncryptedData_init_bio(CMS_ContentInfo *cms) -{ - CMS_EncryptedData *enc = cms->d.encryptedData; - - if (enc->encryptedContentInfo->cipher && enc->unprotectedAttrs) - enc->version = 2; - - return cms_EncryptedContent_init_bio(enc->encryptedContentInfo); -} diff --git a/src/lib/libcrypto/cms/cms_env.c b/src/lib/libcrypto/cms/cms_env.c deleted file mode 100644 index 629d23215e..0000000000 --- a/src/lib/libcrypto/cms/cms_env.c +++ /dev/null @@ -1,996 +0,0 @@ -/* $OpenBSD: cms_env.c,v 1.28 2024/11/01 18:42:10 tb Exp $ */ -/* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include - -#include "cms_local.h" -#include "evp_local.h" - -/* CMS EnvelopedData Utilities */ - -CMS_EnvelopedData * -cms_get0_enveloped(CMS_ContentInfo *cms) -{ - if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_enveloped) { - CMSerror(CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA); - return NULL; - } - return cms->d.envelopedData; -} - -static CMS_EnvelopedData * -cms_enveloped_data_init(CMS_ContentInfo *cms) -{ - if (cms->d.other == NULL) { - cms->d.envelopedData = (CMS_EnvelopedData *)ASN1_item_new(&CMS_EnvelopedData_it); - if (!cms->d.envelopedData) { - CMSerror(ERR_R_MALLOC_FAILURE); - return NULL; - } - cms->d.envelopedData->version = 0; - cms->d.envelopedData->encryptedContentInfo->contentType = - OBJ_nid2obj(NID_pkcs7_data); - ASN1_OBJECT_free(cms->contentType); - cms->contentType = OBJ_nid2obj(NID_pkcs7_enveloped); - return cms->d.envelopedData; - } - return cms_get0_enveloped(cms); -} - -int -cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd) -{ - EVP_PKEY *pkey; - int i; - - if (ri->type == CMS_RECIPINFO_TRANS) - pkey = ri->d.ktri->pkey; - else if (ri->type == CMS_RECIPINFO_AGREE) { - EVP_PKEY_CTX *pctx = ri->d.kari->pctx; - if (!pctx) - return 0; - pkey = EVP_PKEY_CTX_get0_pkey(pctx); - if (!pkey) - return 0; - } else - return 0; - if (!pkey->ameth || !pkey->ameth->pkey_ctrl) - return 1; - i = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_CMS_ENVELOPE, cmd, ri); - if (i == -2) { - CMSerror(CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); - return 0; - } - if (i <= 0) { - CMSerror(CMS_R_CTRL_FAILURE); - return 0; - } - - return 1; -} - -STACK_OF(CMS_RecipientInfo) * -CMS_get0_RecipientInfos(CMS_ContentInfo *cms) -{ - CMS_EnvelopedData *env; - - env = cms_get0_enveloped(cms); - if (!env) - return NULL; - - return env->recipientInfos; -} -LCRYPTO_ALIAS(CMS_get0_RecipientInfos); - -int -CMS_RecipientInfo_type(CMS_RecipientInfo *ri) -{ - return ri->type; -} -LCRYPTO_ALIAS(CMS_RecipientInfo_type); - -EVP_PKEY_CTX * -CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri) -{ - if (ri->type == CMS_RECIPINFO_TRANS) - return ri->d.ktri->pctx; - else if (ri->type == CMS_RECIPINFO_AGREE) - return ri->d.kari->pctx; - - return NULL; -} -LCRYPTO_ALIAS(CMS_RecipientInfo_get0_pkey_ctx); - -CMS_ContentInfo * -CMS_EnvelopedData_create(const EVP_CIPHER *cipher) -{ - CMS_ContentInfo *cms; - CMS_EnvelopedData *env; - - cms = CMS_ContentInfo_new(); - if (cms == NULL) - goto merr; - env = cms_enveloped_data_init(cms); - if (env == NULL) - goto merr; - if (!cms_EncryptedContent_init(env->encryptedContentInfo, cipher, - NULL, 0)) - goto merr; - - return cms; - - merr: - CMS_ContentInfo_free(cms); - CMSerror(ERR_R_MALLOC_FAILURE); - return NULL; -} -LCRYPTO_ALIAS(CMS_EnvelopedData_create); - -/* Key Transport Recipient Info (KTRI) routines */ - -/* Initialise a ktri based on passed certificate and key */ - -static int -cms_RecipientInfo_ktri_init(CMS_RecipientInfo *ri, X509 *recip, EVP_PKEY *pk, - unsigned int flags) -{ - CMS_KeyTransRecipientInfo *ktri; - int idtype; - - ri->d.ktri = (CMS_KeyTransRecipientInfo *)ASN1_item_new(&CMS_KeyTransRecipientInfo_it); - if (!ri->d.ktri) - return 0; - ri->type = CMS_RECIPINFO_TRANS; - - ktri = ri->d.ktri; - - if (flags & CMS_USE_KEYID) { - ktri->version = 2; - idtype = CMS_RECIPINFO_KEYIDENTIFIER; - } else { - ktri->version = 0; - idtype = CMS_RECIPINFO_ISSUER_SERIAL; - } - - /* - * Not a typo: RecipientIdentifier and SignerIdentifier are the same - * structure. - */ - - if (!cms_set1_SignerIdentifier(ktri->rid, recip, idtype)) - return 0; - - X509_up_ref(recip); - EVP_PKEY_up_ref(pk); - - ktri->pkey = pk; - ktri->recip = recip; - - if (flags & CMS_KEY_PARAM) { - ktri->pctx = EVP_PKEY_CTX_new(ktri->pkey, NULL); - if (ktri->pctx == NULL) - return 0; - if (EVP_PKEY_encrypt_init(ktri->pctx) <= 0) - return 0; - } else if (!cms_env_asn1_ctrl(ri, 0)) - return 0; - - return 1; -} - -/* - * Add a recipient certificate using appropriate type of RecipientInfo - */ - -CMS_RecipientInfo * -CMS_add1_recipient_cert(CMS_ContentInfo *cms, X509 *recip, unsigned int flags) -{ - CMS_RecipientInfo *ri = NULL; - CMS_EnvelopedData *env; - EVP_PKEY *pk = NULL; - - env = cms_get0_enveloped(cms); - if (!env) - goto err; - - /* Initialize recipient info */ - ri = (CMS_RecipientInfo *)ASN1_item_new(&CMS_RecipientInfo_it); - if (!ri) - goto merr; - - pk = X509_get0_pubkey(recip); - if (!pk) { - CMSerror(CMS_R_ERROR_GETTING_PUBLIC_KEY); - goto err; - } - - switch (cms_pkey_get_ri_type(pk)) { - - case CMS_RECIPINFO_TRANS: - if (!cms_RecipientInfo_ktri_init(ri, recip, pk, flags)) - goto err; - break; - - case CMS_RECIPINFO_AGREE: - if (!cms_RecipientInfo_kari_init(ri, recip, pk, flags)) - goto err; - break; - - default: - CMSerror(CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); - goto err; - - } - - if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri)) - goto merr; - - return ri; - - merr: - CMSerror(ERR_R_MALLOC_FAILURE); - err: - ASN1_item_free((ASN1_VALUE *)ri, &CMS_RecipientInfo_it); - return NULL; -} -LCRYPTO_ALIAS(CMS_add1_recipient_cert); - -int -CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri, EVP_PKEY **pk, - X509 **recip, X509_ALGOR **palg) -{ - CMS_KeyTransRecipientInfo *ktri; - - if (ri->type != CMS_RECIPINFO_TRANS) { - CMSerror(CMS_R_NOT_KEY_TRANSPORT); - return 0; - } - - ktri = ri->d.ktri; - - if (pk) - *pk = ktri->pkey; - if (recip) - *recip = ktri->recip; - if (palg) - *palg = ktri->keyEncryptionAlgorithm; - - return 1; -} -LCRYPTO_ALIAS(CMS_RecipientInfo_ktri_get0_algs); - -int -CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri, - ASN1_OCTET_STRING **keyid, X509_NAME **issuer, ASN1_INTEGER **sno) -{ - CMS_KeyTransRecipientInfo *ktri; - - if (ri->type != CMS_RECIPINFO_TRANS) { - CMSerror(CMS_R_NOT_KEY_TRANSPORT); - return 0; - } - ktri = ri->d.ktri; - - return cms_SignerIdentifier_get0_signer_id(ktri->rid, keyid, issuer, sno); -} -LCRYPTO_ALIAS(CMS_RecipientInfo_ktri_get0_signer_id); - -int -CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert) -{ - if (ri->type != CMS_RECIPINFO_TRANS) { - CMSerror(CMS_R_NOT_KEY_TRANSPORT); - return -2; - } - - return cms_SignerIdentifier_cert_cmp(ri->d.ktri->rid, cert); -} -LCRYPTO_ALIAS(CMS_RecipientInfo_ktri_cert_cmp); - -int -CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey) -{ - if (ri->type != CMS_RECIPINFO_TRANS) { - CMSerror(CMS_R_NOT_KEY_TRANSPORT); - return 0; - } - EVP_PKEY_free(ri->d.ktri->pkey); - ri->d.ktri->pkey = pkey; - - return 1; -} -LCRYPTO_ALIAS(CMS_RecipientInfo_set0_pkey); - -/* Encrypt content key in key transport recipient info */ - -static int -cms_RecipientInfo_ktri_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri) -{ - CMS_KeyTransRecipientInfo *ktri; - CMS_EncryptedContentInfo *ec; - EVP_PKEY_CTX *pctx; - unsigned char *ek = NULL; - size_t eklen; - - int ret = 0; - - if (ri->type != CMS_RECIPINFO_TRANS) { - CMSerror(CMS_R_NOT_KEY_TRANSPORT); - return 0; - } - ktri = ri->d.ktri; - ec = cms->d.envelopedData->encryptedContentInfo; - - pctx = ktri->pctx; - - if (pctx) { - if (!cms_env_asn1_ctrl(ri, 0)) - goto err; - } else { - pctx = EVP_PKEY_CTX_new(ktri->pkey, NULL); - if (pctx == NULL) - return 0; - - if (EVP_PKEY_encrypt_init(pctx) <= 0) - goto err; - } - - if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_ENCRYPT, - EVP_PKEY_CTRL_CMS_ENCRYPT, 0, ri) <= 0) { - CMSerror(CMS_R_CTRL_ERROR); - goto err; - } - - if (EVP_PKEY_encrypt(pctx, NULL, &eklen, ec->key, ec->keylen) <= 0) - goto err; - - ek = malloc(eklen); - - if (ek == NULL) { - CMSerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (EVP_PKEY_encrypt(pctx, ek, &eklen, ec->key, ec->keylen) <= 0) - goto err; - - ASN1_STRING_set0(ktri->encryptedKey, ek, eklen); - ek = NULL; - - ret = 1; - - err: - EVP_PKEY_CTX_free(pctx); - ktri->pctx = NULL; - free(ek); - - return ret; -} - -/* Decrypt content key from KTRI */ - -static int -cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri) -{ - CMS_KeyTransRecipientInfo *ktri = ri->d.ktri; - EVP_PKEY *pkey = ktri->pkey; - unsigned char *ek = NULL; - size_t eklen; - size_t fixlen = 0; - int ret = 0; - CMS_EncryptedContentInfo *ec; - - ec = cms->d.envelopedData->encryptedContentInfo; - - if (ktri->pkey == NULL) { - CMSerror(CMS_R_NO_PRIVATE_KEY); - return 0; - } - - if (cms->d.envelopedData->encryptedContentInfo->havenocert && - !cms->d.envelopedData->encryptedContentInfo->debug) { - X509_ALGOR *calg = ec->contentEncryptionAlgorithm; - const EVP_CIPHER *ciph; - - if ((ciph = EVP_get_cipherbyobj(calg->algorithm)) == NULL) { - CMSerror(CMS_R_UNKNOWN_CIPHER); - return 0; - } - - fixlen = EVP_CIPHER_key_length(ciph); - } - - ktri->pctx = EVP_PKEY_CTX_new(pkey, NULL); - if (ktri->pctx == NULL) - return 0; - - if (EVP_PKEY_decrypt_init(ktri->pctx) <= 0) - goto err; - - if (!cms_env_asn1_ctrl(ri, 1)) - goto err; - - if (EVP_PKEY_CTX_ctrl(ktri->pctx, -1, EVP_PKEY_OP_DECRYPT, - EVP_PKEY_CTRL_CMS_DECRYPT, 0, ri) <= 0) { - CMSerror(CMS_R_CTRL_ERROR); - goto err; - } - - if (EVP_PKEY_decrypt(ktri->pctx, NULL, &eklen, ktri->encryptedKey->data, - ktri->encryptedKey->length) <= 0 || eklen == 0 || - (fixlen != 0 && eklen != fixlen)) { - CMSerror(CMS_R_CMS_LIB); - goto err; - } - - ek = malloc(eklen); - - if (ek == NULL) { - CMSerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (EVP_PKEY_decrypt(ktri->pctx, ek, &eklen, ktri->encryptedKey->data, - ktri->encryptedKey->length) <= 0) { - CMSerror(CMS_R_CMS_LIB); - goto err; - } - - ret = 1; - - freezero(ec->key, ec->keylen); - ec->key = ek; - ec->keylen = eklen; - - err: - EVP_PKEY_CTX_free(ktri->pctx); - ktri->pctx = NULL; - if (!ret) - free(ek); - - return ret; -} - -/* Key Encrypted Key (KEK) RecipientInfo routines */ - -int -CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri, const unsigned char *id, - size_t idlen) -{ - ASN1_OCTET_STRING tmp_os; - CMS_KEKRecipientInfo *kekri; - - if (ri->type != CMS_RECIPINFO_KEK) { - CMSerror(CMS_R_NOT_KEK); - return -2; - } - kekri = ri->d.kekri; - tmp_os.type = V_ASN1_OCTET_STRING; - tmp_os.flags = 0; - tmp_os.data = (unsigned char *)id; - tmp_os.length = (int)idlen; - - return ASN1_OCTET_STRING_cmp(&tmp_os, kekri->kekid->keyIdentifier); -} -LCRYPTO_ALIAS(CMS_RecipientInfo_kekri_id_cmp); - -/* For now hard code AES key wrap info */ - -static size_t -aes_wrap_keylen(int nid) -{ - switch (nid) { - case NID_id_aes128_wrap: - return 16; - - case NID_id_aes192_wrap: - return 24; - - case NID_id_aes256_wrap: - return 32; - - default: - return 0; - } -} - -CMS_RecipientInfo * -CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid, unsigned char *key, - size_t keylen, unsigned char *id, size_t idlen, ASN1_GENERALIZEDTIME *date, - ASN1_OBJECT *otherTypeId, ASN1_TYPE *otherType) -{ - CMS_RecipientInfo *ri = NULL; - CMS_EnvelopedData *env; - CMS_KEKRecipientInfo *kekri; - - env = cms_get0_enveloped(cms); - if (!env) - goto err; - - if (nid == NID_undef) { - switch (keylen) { - case 16: - nid = NID_id_aes128_wrap; - break; - - case 24: - nid = NID_id_aes192_wrap; - break; - - case 32: - nid = NID_id_aes256_wrap; - break; - - default: - CMSerror(CMS_R_INVALID_KEY_LENGTH); - goto err; - } - - } else { - - size_t exp_keylen = aes_wrap_keylen(nid); - - if (!exp_keylen) { - CMSerror(CMS_R_UNSUPPORTED_KEK_ALGORITHM); - goto err; - } - - if (keylen != exp_keylen) { - CMSerror(CMS_R_INVALID_KEY_LENGTH); - goto err; - } - - } - - /* Initialize recipient info */ - ri = (CMS_RecipientInfo *)ASN1_item_new(&CMS_RecipientInfo_it); - if (!ri) - goto merr; - - ri->d.kekri = (CMS_KEKRecipientInfo *)ASN1_item_new(&CMS_KEKRecipientInfo_it); - if (!ri->d.kekri) - goto merr; - ri->type = CMS_RECIPINFO_KEK; - - kekri = ri->d.kekri; - - if (otherTypeId) { - kekri->kekid->other = (CMS_OtherKeyAttribute *)ASN1_item_new(&CMS_OtherKeyAttribute_it); - if (kekri->kekid->other == NULL) - goto merr; - } - - if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri)) - goto merr; - - /* After this point no calls can fail */ - - kekri->version = 4; - - kekri->key = key; - kekri->keylen = keylen; - - ASN1_STRING_set0(kekri->kekid->keyIdentifier, id, idlen); - - kekri->kekid->date = date; - - if (kekri->kekid->other) { - kekri->kekid->other->keyAttrId = otherTypeId; - kekri->kekid->other->keyAttr = otherType; - } - - X509_ALGOR_set0(kekri->keyEncryptionAlgorithm, - OBJ_nid2obj(nid), V_ASN1_UNDEF, NULL); - - return ri; - - merr: - CMSerror(ERR_R_MALLOC_FAILURE); - err: - ASN1_item_free((ASN1_VALUE *)ri, &CMS_RecipientInfo_it); - return NULL; -} -LCRYPTO_ALIAS(CMS_add0_recipient_key); - -int -CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, X509_ALGOR **palg, - ASN1_OCTET_STRING **pid, ASN1_GENERALIZEDTIME **pdate, - ASN1_OBJECT **potherid, ASN1_TYPE **pothertype) -{ - CMS_KEKIdentifier *rkid; - - if (ri->type != CMS_RECIPINFO_KEK) { - CMSerror(CMS_R_NOT_KEK); - return 0; - } - rkid = ri->d.kekri->kekid; - if (palg) - *palg = ri->d.kekri->keyEncryptionAlgorithm; - if (pid) - *pid = rkid->keyIdentifier; - if (pdate) - *pdate = rkid->date; - if (potherid) { - if (rkid->other) - *potherid = rkid->other->keyAttrId; - else - *potherid = NULL; - } - if (pothertype) { - if (rkid->other) - *pothertype = rkid->other->keyAttr; - else - *pothertype = NULL; - } - - return 1; -} -LCRYPTO_ALIAS(CMS_RecipientInfo_kekri_get0_id); - -int -CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri, unsigned char *key, - size_t keylen) -{ - CMS_KEKRecipientInfo *kekri; - - if (ri->type != CMS_RECIPINFO_KEK) { - CMSerror(CMS_R_NOT_KEK); - return 0; - } - - kekri = ri->d.kekri; - kekri->key = key; - kekri->keylen = keylen; - return 1; -} -LCRYPTO_ALIAS(CMS_RecipientInfo_set0_key); - -/* Encrypt content key in KEK recipient info */ - -static int -cms_RecipientInfo_kekri_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri) -{ - CMS_EncryptedContentInfo *ec; - CMS_KEKRecipientInfo *kekri; - AES_KEY actx; - unsigned char *wkey = NULL; - int wkeylen; - int r = 0; - - ec = cms->d.envelopedData->encryptedContentInfo; - kekri = ri->d.kekri; - - if (!kekri->key) { - CMSerror(CMS_R_NO_KEY); - return 0; - } - - if (AES_set_encrypt_key(kekri->key, kekri->keylen << 3, &actx)) { - CMSerror(CMS_R_ERROR_SETTING_KEY); - goto err; - } - - wkey = malloc(ec->keylen + 8); - if (wkey == NULL) { - CMSerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - wkeylen = AES_wrap_key(&actx, NULL, wkey, ec->key, ec->keylen); - if (wkeylen <= 0) { - CMSerror(CMS_R_WRAP_ERROR); - goto err; - } - - ASN1_STRING_set0(kekri->encryptedKey, wkey, wkeylen); - - r = 1; - - err: - if (!r) - free(wkey); - explicit_bzero(&actx, sizeof(actx)); - - return r; -} - -/* Decrypt content key in KEK recipient info */ - -static int -cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri) -{ - CMS_EncryptedContentInfo *ec; - CMS_KEKRecipientInfo *kekri; - AES_KEY actx; - unsigned char *ukey = NULL; - int ukeylen; - int r = 0, wrap_nid; - - ec = cms->d.envelopedData->encryptedContentInfo; - kekri = ri->d.kekri; - - if (!kekri->key) { - CMSerror(CMS_R_NO_KEY); - return 0; - } - - wrap_nid = OBJ_obj2nid(kekri->keyEncryptionAlgorithm->algorithm); - if (aes_wrap_keylen(wrap_nid) != kekri->keylen) { - CMSerror(CMS_R_INVALID_KEY_LENGTH); - return 0; - } - - /* If encrypted key length is invalid don't bother */ - - if (kekri->encryptedKey->length < 16) { - CMSerror(CMS_R_INVALID_ENCRYPTED_KEY_LENGTH); - goto err; - } - - if (AES_set_decrypt_key(kekri->key, kekri->keylen << 3, &actx)) { - CMSerror(CMS_R_ERROR_SETTING_KEY); - goto err; - } - - ukey = malloc(kekri->encryptedKey->length - 8); - if (ukey == NULL) { - CMSerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - ukeylen = AES_unwrap_key(&actx, NULL, ukey, kekri->encryptedKey->data, - kekri->encryptedKey->length); - - if (ukeylen <= 0) { - CMSerror(CMS_R_UNWRAP_ERROR); - goto err; - } - - freezero(ec->key, ec->keylen); - ec->key = ukey; - ec->keylen = ukeylen; - - r = 1; - - err: - - if (!r) - free(ukey); - explicit_bzero(&actx, sizeof(actx)); - - return r; -} - -int -CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri) -{ - switch (ri->type) { - case CMS_RECIPINFO_TRANS: - return cms_RecipientInfo_ktri_decrypt(cms, ri); - - case CMS_RECIPINFO_KEK: - return cms_RecipientInfo_kekri_decrypt(cms, ri); - - case CMS_RECIPINFO_PASS: - return cms_RecipientInfo_pwri_crypt(cms, ri, 0); - - default: - CMSerror(CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE); - return 0; - } -} -LCRYPTO_ALIAS(CMS_RecipientInfo_decrypt); - -int -CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri) -{ - switch (ri->type) { - case CMS_RECIPINFO_TRANS: - return cms_RecipientInfo_ktri_encrypt(cms, ri); - - case CMS_RECIPINFO_AGREE: - return cms_RecipientInfo_kari_encrypt(cms, ri); - - case CMS_RECIPINFO_KEK: - return cms_RecipientInfo_kekri_encrypt(cms, ri); - - case CMS_RECIPINFO_PASS: - return cms_RecipientInfo_pwri_crypt(cms, ri, 1); - - default: - CMSerror(CMS_R_UNSUPPORTED_RECIPIENT_TYPE); - return 0; - } -} -LCRYPTO_ALIAS(CMS_RecipientInfo_encrypt); - -/* Check structures and fixup version numbers (if necessary) */ - -static void -cms_env_set_originfo_version(CMS_EnvelopedData *env) -{ - CMS_OriginatorInfo *org = env->originatorInfo; - int i; - - if (org == NULL) - return; - for (i = 0; i < sk_CMS_CertificateChoices_num(org->certificates); i++) { - CMS_CertificateChoices *cch; - - cch = sk_CMS_CertificateChoices_value(org->certificates, i); - if (cch->type == CMS_CERTCHOICE_OTHER) { - env->version = 4; - return; - } else if (cch->type == CMS_CERTCHOICE_V2ACERT) { - if (env->version < 3) - env->version = 3; - } - } - - for (i = 0; i < sk_CMS_RevocationInfoChoice_num(org->crls); i++) { - CMS_RevocationInfoChoice *rch; - - rch = sk_CMS_RevocationInfoChoice_value(org->crls, i); - if (rch->type == CMS_REVCHOICE_OTHER) { - env->version = 4; - return; - } - } -} - -static void -cms_env_set_version(CMS_EnvelopedData *env) -{ - int i; - CMS_RecipientInfo *ri; - - /* - * Can't set version higher than 4 so if 4 or more already nothing to do. - */ - if (env->version >= 4) - return; - - cms_env_set_originfo_version(env); - - if (env->version >= 3) - return; - - for (i = 0; i < sk_CMS_RecipientInfo_num(env->recipientInfos); i++) { - ri = sk_CMS_RecipientInfo_value(env->recipientInfos, i); - if (ri->type == CMS_RECIPINFO_PASS || ri->type == CMS_RECIPINFO_OTHER) { - env->version = 3; - return; - } else if (ri->type != CMS_RECIPINFO_TRANS - || ri->d.ktri->version != 0) { - env->version = 2; - } - } - if (env->originatorInfo || env->unprotectedAttrs) - env->version = 2; - if (env->version == 2) - return; - env->version = 0; -} - -BIO * -cms_EnvelopedData_init_bio(CMS_ContentInfo *cms) -{ - CMS_EncryptedContentInfo *ec; - STACK_OF(CMS_RecipientInfo) *rinfos; - CMS_RecipientInfo *ri; - int i, ok = 0; - BIO *ret; - - /* Get BIO first to set up key */ - - ec = cms->d.envelopedData->encryptedContentInfo; - ret = cms_EncryptedContent_init_bio(ec); - - /* If error or no cipher end of processing */ - - if (!ret || !ec->cipher) - return ret; - - /* Now encrypt content key according to each RecipientInfo type */ - - rinfos = cms->d.envelopedData->recipientInfos; - - for (i = 0; i < sk_CMS_RecipientInfo_num(rinfos); i++) { - ri = sk_CMS_RecipientInfo_value(rinfos, i); - if (CMS_RecipientInfo_encrypt(cms, ri) <= 0) { - CMSerror(CMS_R_ERROR_SETTING_RECIPIENTINFO); - goto err; - } - } - cms_env_set_version(cms->d.envelopedData); - - ok = 1; - - err: - ec->cipher = NULL; - freezero(ec->key, ec->keylen); - ec->key = NULL; - ec->keylen = 0; - if (ok) - return ret; - BIO_free(ret); - return NULL; -} - -/* - * Get RecipientInfo type (if any) supported by a key (public or private). To - * retain compatibility with previous behaviour if the ctrl value isn't - * supported we assume key transport. - */ -int -cms_pkey_get_ri_type(EVP_PKEY *pk) -{ - if (pk->ameth && pk->ameth->pkey_ctrl) { - int i, r; - i = pk->ameth->pkey_ctrl(pk, ASN1_PKEY_CTRL_CMS_RI_TYPE, 0, &r); - if (i > 0) - return r; - } - return CMS_RECIPINFO_TRANS; -} diff --git a/src/lib/libcrypto/cms/cms_err.c b/src/lib/libcrypto/cms/cms_err.c deleted file mode 100644 index 5431ab4bb8..0000000000 --- a/src/lib/libcrypto/cms/cms_err.c +++ /dev/null @@ -1,166 +0,0 @@ -/* $OpenBSD: cms_err.c,v 1.15 2024/06/24 06:43:22 tb Exp $ */ -/* - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include -#include - -#include "err_local.h" - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_CMS,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_CMS,0,reason) - -static const ERR_STRING_DATA CMS_str_functs[] = { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static const ERR_STRING_DATA CMS_str_reasons[] = { - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_ADD_SIGNER_ERROR), "add signer error"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CERTIFICATE_ALREADY_PRESENT), - "certificate already present"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CERTIFICATE_HAS_NO_KEYID), - "certificate has no keyid"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CERTIFICATE_VERIFY_ERROR), - "certificate verify error"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CIPHER_INITIALISATION_ERROR), - "cipher initialisation error"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR), - "cipher parameter initialisation error"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CMS_DATAFINAL_ERROR), - "cms datafinal error"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CMS_LIB), "cms lib"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CONTENTIDENTIFIER_MISMATCH), - "contentidentifier mismatch"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CONTENT_NOT_FOUND), "content not found"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CONTENT_TYPE_MISMATCH), - "content type mismatch"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA), - "content type not compressed data"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA), - "content type not enveloped data"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA), - "content type not signed data"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CONTENT_VERIFY_ERROR), - "content verify error"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CTRL_ERROR), "ctrl error"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CTRL_FAILURE), "ctrl failure"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_DECRYPT_ERROR), "decrypt error"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_ERROR_GETTING_PUBLIC_KEY), - "error getting public key"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE), - "error reading messagedigest attribute"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_ERROR_SETTING_KEY), "error setting key"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_ERROR_SETTING_RECIPIENTINFO), - "error setting recipientinfo"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_INVALID_ENCRYPTED_KEY_LENGTH), - "invalid encrypted key length"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER), - "invalid key encryption parameter"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_INVALID_KEY_LENGTH), "invalid key length"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_MD_BIO_INIT_ERROR), "md bio init error"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH), - "messagedigest attribute wrong length"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_MESSAGEDIGEST_WRONG_LENGTH), - "messagedigest wrong length"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_MSGSIGDIGEST_ERROR), "msgsigdigest error"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE), - "msgsigdigest verification failure"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_MSGSIGDIGEST_WRONG_LENGTH), - "msgsigdigest wrong length"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NEED_ONE_SIGNER), "need one signer"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NOT_A_SIGNED_RECEIPT), - "not a signed receipt"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NOT_ENCRYPTED_DATA), "not encrypted data"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NOT_KEK), "not kek"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NOT_KEY_AGREEMENT), "not key agreement"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NOT_KEY_TRANSPORT), "not key transport"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NOT_PWRI), "not pwri"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE), - "not supported for this key type"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_CIPHER), "no cipher"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_CONTENT), "no content"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_CONTENT_TYPE), "no content type"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_DEFAULT_DIGEST), "no default digest"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_DIGEST_SET), "no digest set"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_KEY), "no key"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_KEY_OR_CERT), "no key or cert"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_MATCHING_DIGEST), "no matching digest"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_MATCHING_RECIPIENT), - "no matching recipient"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_MATCHING_SIGNATURE), - "no matching signature"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_MSGSIGDIGEST), "no msgsigdigest"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_PASSWORD), "no password"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_PRIVATE_KEY), "no private key"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_PUBLIC_KEY), "no public key"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_RECEIPT_REQUEST), "no receipt request"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_SIGNERS), "no signers"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE), - "private key does not match certificate"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_RECEIPT_DECODE_ERROR), - "receipt decode error"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_RECIPIENT_ERROR), "recipient error"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_SIGNER_CERTIFICATE_NOT_FOUND), - "signer certificate not found"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_SIGNFINAL_ERROR), "signfinal error"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_SMIME_TEXT_ERROR), "smime text error"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_STORE_INIT_ERROR), "store init error"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_TYPE_NOT_COMPRESSED_DATA), - "type not compressed data"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_TYPE_NOT_DATA), "type not data"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_TYPE_NOT_DIGESTED_DATA), - "type not digested data"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_TYPE_NOT_ENCRYPTED_DATA), - "type not encrypted data"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_TYPE_NOT_ENVELOPED_DATA), - "type not enveloped data"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNABLE_TO_FINALIZE_CONTEXT), - "unable to finalize context"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNKNOWN_CIPHER), "unknown cipher"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNKNOWN_DIGEST_ALGORITHM), - "unknown digest algorithm"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNKNOWN_ID), "unknown id"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM), - "unsupported compression algorithm"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_CONTENT_TYPE), - "unsupported content type"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_KEK_ALGORITHM), - "unsupported kek algorithm"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM), - "unsupported key encryption algorithm"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE), - "unsupported recipientinfo type"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_RECIPIENT_TYPE), - "unsupported recipient type"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_TYPE), "unsupported type"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNWRAP_ERROR), "unwrap error"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNWRAP_FAILURE), "unwrap failure"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_VERIFICATION_FAILURE), - "verification failure"}, - {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_WRAP_ERROR), "wrap error"}, - {0, NULL} -}; - -#endif - -int -ERR_load_CMS_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(CMS_str_functs[0].error) == NULL) { - ERR_load_const_strings(CMS_str_functs); - ERR_load_const_strings(CMS_str_reasons); - } -#endif - return 1; -} -LCRYPTO_ALIAS(ERR_load_CMS_strings); diff --git a/src/lib/libcrypto/cms/cms_ess.c b/src/lib/libcrypto/cms/cms_ess.c deleted file mode 100644 index f01dcf73ed..0000000000 --- a/src/lib/libcrypto/cms/cms_ess.c +++ /dev/null @@ -1,413 +0,0 @@ -/* $OpenBSD: cms_ess.c,v 1.26 2024/11/01 18:53:35 tb Exp $ */ -/* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include - -#include -#include -#include -#include -#include -#include -#include - -#include "cms_local.h" - -CMS_ReceiptRequest * -d2i_CMS_ReceiptRequest(CMS_ReceiptRequest **a, const unsigned char **in, long len) -{ - return (CMS_ReceiptRequest *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &CMS_ReceiptRequest_it); -} -LCRYPTO_ALIAS(d2i_CMS_ReceiptRequest); - -int -i2d_CMS_ReceiptRequest(CMS_ReceiptRequest *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &CMS_ReceiptRequest_it); -} -LCRYPTO_ALIAS(i2d_CMS_ReceiptRequest); - -CMS_ReceiptRequest * -CMS_ReceiptRequest_new(void) -{ - return (CMS_ReceiptRequest *)ASN1_item_new(&CMS_ReceiptRequest_it); -} -LCRYPTO_ALIAS(CMS_ReceiptRequest_new); - -void -CMS_ReceiptRequest_free(CMS_ReceiptRequest *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &CMS_ReceiptRequest_it); -} -LCRYPTO_ALIAS(CMS_ReceiptRequest_free); - -/* ESS services: for now just Signed Receipt related */ - -int -CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr) -{ - ASN1_STRING *str; - CMS_ReceiptRequest *rr = NULL; - - if (prr) - *prr = NULL; - str = CMS_signed_get0_data_by_OBJ(si, - OBJ_nid2obj(NID_id_smime_aa_receiptRequest), -3, V_ASN1_SEQUENCE); - if (!str) - return 0; - - rr = ASN1_item_unpack(str, &CMS_ReceiptRequest_it); - if (!rr) - return -1; - if (prr) - *prr = rr; - else - CMS_ReceiptRequest_free(rr); - - return 1; -} -LCRYPTO_ALIAS(CMS_get1_ReceiptRequest); - -CMS_ReceiptRequest * -CMS_ReceiptRequest_create0(unsigned char *id, int idlen, int allorfirst, - STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo) -{ - CMS_ReceiptRequest *rr = NULL; - - rr = CMS_ReceiptRequest_new(); - if (rr == NULL) - goto merr; - if (id) - ASN1_STRING_set0(rr->signedContentIdentifier, id, idlen); - else { - if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32)) - goto merr; - arc4random_buf(rr->signedContentIdentifier->data, 32); - } - - sk_GENERAL_NAMES_pop_free(rr->receiptsTo, GENERAL_NAMES_free); - rr->receiptsTo = receiptsTo; - - if (receiptList) { - rr->receiptsFrom->type = 1; - rr->receiptsFrom->d.receiptList = receiptList; - } else { - rr->receiptsFrom->type = 0; - rr->receiptsFrom->d.allOrFirstTier = allorfirst; - } - - return rr; - - merr: - CMSerror(ERR_R_MALLOC_FAILURE); - CMS_ReceiptRequest_free(rr); - - return NULL; -} -LCRYPTO_ALIAS(CMS_ReceiptRequest_create0); - -int -CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr) -{ - unsigned char *rrder = NULL; - int rrderlen, r = 0; - - rrderlen = i2d_CMS_ReceiptRequest(rr, &rrder); - if (rrderlen < 0) - goto merr; - - if (!CMS_signed_add1_attr_by_NID(si, NID_id_smime_aa_receiptRequest, - V_ASN1_SEQUENCE, rrder, rrderlen)) - goto merr; - - r = 1; - - merr: - if (!r) - CMSerror(ERR_R_MALLOC_FAILURE); - - free(rrder); - - return r; -} -LCRYPTO_ALIAS(CMS_add1_ReceiptRequest); - -void -CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr, ASN1_STRING **pcid, - int *pallorfirst, STACK_OF(GENERAL_NAMES) **plist, - STACK_OF(GENERAL_NAMES) **prto) -{ - if (pcid) - *pcid = rr->signedContentIdentifier; - if (rr->receiptsFrom->type == 0) { - if (pallorfirst) - *pallorfirst = (int)rr->receiptsFrom->d.allOrFirstTier; - if (plist) - *plist = NULL; - } else { - if (pallorfirst) - *pallorfirst = -1; - if (plist) - *plist = rr->receiptsFrom->d.receiptList; - } - if (prto) - *prto = rr->receiptsTo; -} -LCRYPTO_ALIAS(CMS_ReceiptRequest_get0_values); - -/* Digest a SignerInfo structure for msgSigDigest attribute processing */ - -static int -cms_msgSigDigest(CMS_SignerInfo *si, unsigned char *dig, unsigned int *diglen) -{ - const EVP_MD *md; - - md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm); - if (md == NULL) - return 0; - if (!ASN1_item_digest(&CMS_Attributes_Verify_it, md, - si->signedAttrs, dig, diglen)) - return 0; - - return 1; -} - -/* Add a msgSigDigest attribute to a SignerInfo */ - -int -cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src) -{ - unsigned char dig[EVP_MAX_MD_SIZE]; - unsigned int diglen; - - if (!cms_msgSigDigest(src, dig, &diglen)) { - CMSerror(CMS_R_MSGSIGDIGEST_ERROR); - return 0; - } - if (!CMS_signed_add1_attr_by_NID(dest, NID_id_smime_aa_msgSigDigest, - V_ASN1_OCTET_STRING, dig, diglen)) { - CMSerror(ERR_R_MALLOC_FAILURE); - return 0; - } - - return 1; -} - -/* Verify signed receipt after it has already passed normal CMS verify */ - -int -cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms) -{ - int r = 0, i; - CMS_ReceiptRequest *rr = NULL; - CMS_Receipt *rct = NULL; - STACK_OF(CMS_SignerInfo) *sis, *osis; - CMS_SignerInfo *si, *osi = NULL; - ASN1_OCTET_STRING *msig, **pcont; - ASN1_OBJECT *octype; - unsigned char dig[EVP_MAX_MD_SIZE]; - unsigned int diglen; - - /* Get SignerInfos, also checks SignedData content type */ - osis = CMS_get0_SignerInfos(req_cms); - sis = CMS_get0_SignerInfos(cms); - if (!osis || !sis) - goto err; - - if (sk_CMS_SignerInfo_num(sis) != 1) { - CMSerror(CMS_R_NEED_ONE_SIGNER); - goto err; - } - - /* Check receipt content type */ - if (OBJ_obj2nid(CMS_get0_eContentType(cms)) != NID_id_smime_ct_receipt) { - CMSerror(CMS_R_NOT_A_SIGNED_RECEIPT); - goto err; - } - - /* Extract and decode receipt content */ - pcont = CMS_get0_content(cms); - if (!pcont || !*pcont) { - CMSerror(CMS_R_NO_CONTENT); - goto err; - } - - rct = ASN1_item_unpack(*pcont, &CMS_Receipt_it); - - if (!rct) { - CMSerror(CMS_R_RECEIPT_DECODE_ERROR); - goto err; - } - - /* Locate original request */ - - for (i = 0; i < sk_CMS_SignerInfo_num(osis); i++) { - osi = sk_CMS_SignerInfo_value(osis, i); - if (!ASN1_STRING_cmp(osi->signature, rct->originatorSignatureValue)) - break; - } - - if (i == sk_CMS_SignerInfo_num(osis)) { - CMSerror(CMS_R_NO_MATCHING_SIGNATURE); - goto err; - } - - si = sk_CMS_SignerInfo_value(sis, 0); - - /* Get msgSigDigest value and compare */ - - msig = CMS_signed_get0_data_by_OBJ(si, - OBJ_nid2obj(NID_id_smime_aa_msgSigDigest), -3, V_ASN1_OCTET_STRING); - - if (!msig) { - CMSerror(CMS_R_NO_MSGSIGDIGEST); - goto err; - } - - if (!cms_msgSigDigest(osi, dig, &diglen)) { - CMSerror(CMS_R_MSGSIGDIGEST_ERROR); - goto err; - } - - if (diglen != (unsigned int)msig->length) { - CMSerror(CMS_R_MSGSIGDIGEST_WRONG_LENGTH); - goto err; - } - - if (memcmp(dig, msig->data, diglen)) { - CMSerror(CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE); - goto err; - } - - /* Compare content types */ - - octype = CMS_signed_get0_data_by_OBJ(osi, - OBJ_nid2obj(NID_pkcs9_contentType), -3, V_ASN1_OBJECT); - if (!octype) { - CMSerror(CMS_R_NO_CONTENT_TYPE); - goto err; - } - - /* Compare details in receipt request */ - - if (OBJ_cmp(octype, rct->contentType)) { - CMSerror(CMS_R_CONTENT_TYPE_MISMATCH); - goto err; - } - - /* Get original receipt request details */ - - if (CMS_get1_ReceiptRequest(osi, &rr) <= 0) { - CMSerror(CMS_R_NO_RECEIPT_REQUEST); - goto err; - } - - if (ASN1_STRING_cmp(rr->signedContentIdentifier, - rct->signedContentIdentifier)) { - CMSerror(CMS_R_CONTENTIDENTIFIER_MISMATCH); - goto err; - } - - r = 1; - - err: - CMS_ReceiptRequest_free(rr); - ASN1_item_free((ASN1_VALUE *)rct, &CMS_Receipt_it); - return r; -} - -/* - * Encode a Receipt into an OCTET STRING read for including into content of a - * SignedData ContentInfo. - */ - -ASN1_OCTET_STRING * -cms_encode_Receipt(CMS_SignerInfo *si) -{ - CMS_Receipt rct; - CMS_ReceiptRequest *rr = NULL; - ASN1_OBJECT *ctype; - ASN1_OCTET_STRING *os = NULL; - - /* Get original receipt request */ - - /* Get original receipt request details */ - - if (CMS_get1_ReceiptRequest(si, &rr) <= 0) { - CMSerror(CMS_R_NO_RECEIPT_REQUEST); - goto err; - } - - /* Get original content type */ - - ctype = CMS_signed_get0_data_by_OBJ(si, - OBJ_nid2obj(NID_pkcs9_contentType), -3, V_ASN1_OBJECT); - if (!ctype) { - CMSerror(CMS_R_NO_CONTENT_TYPE); - goto err; - } - - rct.version = 1; - rct.contentType = ctype; - rct.signedContentIdentifier = rr->signedContentIdentifier; - rct.originatorSignatureValue = si->signature; - - os = ASN1_item_pack(&rct, &CMS_Receipt_it, NULL); - - err: - CMS_ReceiptRequest_free(rr); - return os; -} diff --git a/src/lib/libcrypto/cms/cms_io.c b/src/lib/libcrypto/cms/cms_io.c deleted file mode 100644 index 84ada47c49..0000000000 --- a/src/lib/libcrypto/cms/cms_io.c +++ /dev/null @@ -1,180 +0,0 @@ -/* $OpenBSD: cms_io.c,v 1.21 2024/03/30 01:53:05 joshua Exp $ */ -/* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include -#include -#include -#include - -#include "asn1_local.h" -#include "cms_local.h" - -int -CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms) -{ - ASN1_OCTET_STRING **pos; - - if ((pos = CMS_get0_content(cms)) == NULL) - return 0; - - if (*pos == NULL) - *pos = ASN1_OCTET_STRING_new(); - if (*pos == NULL) { - CMSerror(ERR_R_MALLOC_FAILURE); - return 0; - } - - (*pos)->flags |= ASN1_STRING_FLAG_NDEF; - (*pos)->flags &= ~ASN1_STRING_FLAG_CONT; - *boundary = &(*pos)->data; - - return 1; -} -LCRYPTO_ALIAS(CMS_stream); - -CMS_ContentInfo * -d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms) -{ - return ASN1_item_d2i_bio(&CMS_ContentInfo_it, bp, cms); -} -LCRYPTO_ALIAS(d2i_CMS_bio); - -int -i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms) -{ - return ASN1_item_i2d_bio(&CMS_ContentInfo_it, bp, cms); -} -LCRYPTO_ALIAS(i2d_CMS_bio); - - -CMS_ContentInfo * -PEM_read_bio_CMS(BIO *bp, CMS_ContentInfo **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read_bio((d2i_of_void *)d2i_CMS_ContentInfo, - PEM_STRING_CMS, bp, (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_bio_CMS); - -CMS_ContentInfo * -PEM_read_CMS(FILE *fp, CMS_ContentInfo **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read((d2i_of_void *)d2i_CMS_ContentInfo, - PEM_STRING_CMS, fp, (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_CMS); - -int -PEM_write_bio_CMS(BIO *bp, const CMS_ContentInfo *x) -{ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_CMS_ContentInfo, - PEM_STRING_CMS, bp, (void *)x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_bio_CMS); - -int -PEM_write_CMS(FILE *fp, const CMS_ContentInfo *x) -{ - return PEM_ASN1_write((i2d_of_void *)i2d_CMS_ContentInfo, - PEM_STRING_CMS, fp, (void *)x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_CMS); - -BIO * -BIO_new_CMS(BIO *out, CMS_ContentInfo *cms) -{ - return BIO_new_NDEF(out, (ASN1_VALUE *)cms, &CMS_ContentInfo_it); -} -LCRYPTO_ALIAS(BIO_new_CMS); - -/* CMS wrappers round generalised stream and MIME routines */ - -int -i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags) -{ - return i2d_ASN1_bio_stream(out, (ASN1_VALUE *)cms, in, flags, - &CMS_ContentInfo_it); -} -LCRYPTO_ALIAS(i2d_CMS_bio_stream); - -int -PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags) -{ - return PEM_write_bio_ASN1_stream(out, (ASN1_VALUE *)cms, in, flags, - "CMS", &CMS_ContentInfo_it); -} -LCRYPTO_ALIAS(PEM_write_bio_CMS_stream); - -int -SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags) -{ - STACK_OF(X509_ALGOR) *mdalgs = NULL; - int ctype_nid = OBJ_obj2nid(cms->contentType); - int econt_nid = OBJ_obj2nid(CMS_get0_eContentType(cms)); - - if (ctype_nid == NID_pkcs7_signed) - mdalgs = cms->d.signedData->digestAlgorithms; - - return SMIME_write_ASN1(bio, (ASN1_VALUE *)cms, data, flags, ctype_nid, - econt_nid, mdalgs, &CMS_ContentInfo_it); -} -LCRYPTO_ALIAS(SMIME_write_CMS); - -CMS_ContentInfo * -SMIME_read_CMS(BIO *bio, BIO **bcont) -{ - return (CMS_ContentInfo *)SMIME_read_ASN1(bio, bcont, - &CMS_ContentInfo_it); -} -LCRYPTO_ALIAS(SMIME_read_CMS); diff --git a/src/lib/libcrypto/cms/cms_kari.c b/src/lib/libcrypto/cms/cms_kari.c deleted file mode 100644 index 86b1ad9e83..0000000000 --- a/src/lib/libcrypto/cms/cms_kari.c +++ /dev/null @@ -1,490 +0,0 @@ -/* $OpenBSD: cms_kari.c,v 1.17 2024/11/01 18:34:06 tb Exp $ */ -/* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2013 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include - -#include -#include -#include -#include - -#include "cms_local.h" - -/* Key Agreement Recipient Info (KARI) routines */ - -int -CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri, X509_ALGOR **palg, - ASN1_OCTET_STRING **pukm) -{ - if (ri->type != CMS_RECIPINFO_AGREE) { - CMSerror(CMS_R_NOT_KEY_AGREEMENT); - return 0; - } - if (palg) - *palg = ri->d.kari->keyEncryptionAlgorithm; - if (pukm) - *pukm = ri->d.kari->ukm; - - return 1; -} -LCRYPTO_ALIAS(CMS_RecipientInfo_kari_get0_alg); - -/* Retrieve recipient encrypted keys from a kari */ - -STACK_OF(CMS_RecipientEncryptedKey) * -CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri) -{ - if (ri->type != CMS_RECIPINFO_AGREE) { - CMSerror(CMS_R_NOT_KEY_AGREEMENT); - return NULL; - } - return ri->d.kari->recipientEncryptedKeys; -} -LCRYPTO_ALIAS(CMS_RecipientInfo_kari_get0_reks); - -int -CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo *ri, X509_ALGOR **pubalg, - ASN1_BIT_STRING **pubkey, ASN1_OCTET_STRING **keyid, X509_NAME **issuer, - ASN1_INTEGER **sno) -{ - CMS_OriginatorIdentifierOrKey *oik; - - if (ri->type != CMS_RECIPINFO_AGREE) { - CMSerror(CMS_R_NOT_KEY_AGREEMENT); - return 0; - } - oik = ri->d.kari->originator; - if (issuer) - *issuer = NULL; - if (sno) - *sno = NULL; - if (keyid) - *keyid = NULL; - if (pubalg) - *pubalg = NULL; - if (pubkey) - *pubkey = NULL; - if (oik->type == CMS_OIK_ISSUER_SERIAL) { - if (issuer) - *issuer = oik->d.issuerAndSerialNumber->issuer; - if (sno) - *sno = oik->d.issuerAndSerialNumber->serialNumber; - } else if (oik->type == CMS_OIK_KEYIDENTIFIER) { - if (keyid) - *keyid = oik->d.subjectKeyIdentifier; - } else if (oik->type == CMS_OIK_PUBKEY) { - if (pubalg) - *pubalg = oik->d.originatorKey->algorithm; - if (pubkey) - *pubkey = oik->d.originatorKey->publicKey; - } else - return 0; - - return 1; -} -LCRYPTO_ALIAS(CMS_RecipientInfo_kari_get0_orig_id); - -int -CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert) -{ - CMS_OriginatorIdentifierOrKey *oik; - - if (ri->type != CMS_RECIPINFO_AGREE) { - CMSerror(CMS_R_NOT_KEY_AGREEMENT); - return -2; - } - oik = ri->d.kari->originator; - if (oik->type == CMS_OIK_ISSUER_SERIAL) - return cms_ias_cert_cmp(oik->d.issuerAndSerialNumber, cert); - else if (oik->type == CMS_OIK_KEYIDENTIFIER) - return cms_keyid_cert_cmp(oik->d.subjectKeyIdentifier, cert); - - return -1; -} -LCRYPTO_ALIAS(CMS_RecipientInfo_kari_orig_id_cmp); - -int -CMS_RecipientEncryptedKey_get0_id(CMS_RecipientEncryptedKey *rek, - ASN1_OCTET_STRING **keyid, ASN1_GENERALIZEDTIME **tm, - CMS_OtherKeyAttribute **other, X509_NAME **issuer, ASN1_INTEGER **sno) -{ - CMS_KeyAgreeRecipientIdentifier *rid = rek->rid; - - if (rid->type == CMS_REK_ISSUER_SERIAL) { - if (issuer) - *issuer = rid->d.issuerAndSerialNumber->issuer; - if (sno) - *sno = rid->d.issuerAndSerialNumber->serialNumber; - if (keyid) - *keyid = NULL; - if (tm) - *tm = NULL; - if (other) - *other = NULL; - } else if (rid->type == CMS_REK_KEYIDENTIFIER) { - if (keyid) - *keyid = rid->d.rKeyId->subjectKeyIdentifier; - if (tm) - *tm = rid->d.rKeyId->date; - if (other) - *other = rid->d.rKeyId->other; - if (issuer) - *issuer = NULL; - if (sno) - *sno = NULL; - } else - return 0; - - return 1; -} -LCRYPTO_ALIAS(CMS_RecipientEncryptedKey_get0_id); - -int -CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey *rek, X509 *cert) -{ - CMS_KeyAgreeRecipientIdentifier *rid = rek->rid; - - if (rid->type == CMS_REK_ISSUER_SERIAL) - return cms_ias_cert_cmp(rid->d.issuerAndSerialNumber, cert); - else if (rid->type == CMS_REK_KEYIDENTIFIER) - return cms_keyid_cert_cmp(rid->d.rKeyId->subjectKeyIdentifier, cert); - else - return -1; -} -LCRYPTO_ALIAS(CMS_RecipientEncryptedKey_cert_cmp); - -int -CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk) -{ - EVP_PKEY_CTX *pctx; - CMS_KeyAgreeRecipientInfo *kari = ri->d.kari; - - EVP_PKEY_CTX_free(kari->pctx); - kari->pctx = NULL; - if (!pk) - return 1; - pctx = EVP_PKEY_CTX_new(pk, NULL); - if (!pctx || !EVP_PKEY_derive_init(pctx)) - goto err; - kari->pctx = pctx; - return 1; - - err: - EVP_PKEY_CTX_free(pctx); - return 0; -} -LCRYPTO_ALIAS(CMS_RecipientInfo_kari_set0_pkey); - -EVP_CIPHER_CTX * -CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri) -{ - if (ri->type == CMS_RECIPINFO_AGREE) - return ri->d.kari->ctx; - return NULL; -} -LCRYPTO_ALIAS(CMS_RecipientInfo_kari_get0_ctx); - -/* - * Derive KEK and decrypt/encrypt with it to produce either the original CEK - * or the encrypted CEK. - */ - -static int -cms_kek_cipher(unsigned char **pout, size_t *poutlen, const unsigned char *in, - size_t inlen, CMS_KeyAgreeRecipientInfo *kari, int enc) -{ - /* Key encryption key */ - unsigned char kek[EVP_MAX_KEY_LENGTH]; - size_t keklen; - int rv = 0; - unsigned char *out = NULL; - int outlen; - - keklen = EVP_CIPHER_CTX_key_length(kari->ctx); - if (keklen > EVP_MAX_KEY_LENGTH) - return 0; - /* Derive KEK */ - if (EVP_PKEY_derive(kari->pctx, kek, &keklen) <= 0) - goto err; - /* Set KEK in context */ - if (!EVP_CipherInit_ex(kari->ctx, NULL, NULL, kek, NULL, enc)) - goto err; - /* obtain output length of ciphered key */ - if (!EVP_CipherUpdate(kari->ctx, NULL, &outlen, in, inlen)) - goto err; - out = malloc(outlen); - if (out == NULL) - goto err; - if (!EVP_CipherUpdate(kari->ctx, out, &outlen, in, inlen)) - goto err; - *pout = out; - *poutlen = (size_t)outlen; - rv = 1; - - err: - explicit_bzero(kek, keklen); - if (!rv) - free(out); - (void)EVP_CIPHER_CTX_reset(kari->ctx); - /* FIXME: WHY IS kari->pctx freed here? /RL */ - EVP_PKEY_CTX_free(kari->pctx); - kari->pctx = NULL; - - return rv; -} - -int -CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri, - CMS_RecipientEncryptedKey *rek) -{ - int rv = 0; - unsigned char *enckey = NULL, *cek = NULL; - size_t enckeylen; - size_t ceklen; - CMS_EncryptedContentInfo *ec; - - enckeylen = rek->encryptedKey->length; - enckey = rek->encryptedKey->data; - /* Setup all parameters to derive KEK */ - if (!cms_env_asn1_ctrl(ri, 1)) - goto err; - /* Attempt to decrypt CEK */ - if (!cms_kek_cipher(&cek, &ceklen, enckey, enckeylen, ri->d.kari, 0)) - goto err; - ec = cms->d.envelopedData->encryptedContentInfo; - freezero(ec->key, ec->keylen); - ec->key = cek; - ec->keylen = ceklen; - cek = NULL; - rv = 1; - - err: - free(cek); - - return rv; -} -LCRYPTO_ALIAS(CMS_RecipientInfo_kari_decrypt); - -/* Create ephemeral key and initialise context based on it */ -static int -cms_kari_create_ephemeral_key(CMS_KeyAgreeRecipientInfo *kari, EVP_PKEY *pk) -{ - EVP_PKEY_CTX *pctx = NULL; - EVP_PKEY *ekey = NULL; - int rv = 0; - - pctx = EVP_PKEY_CTX_new(pk, NULL); - if (!pctx) - goto err; - if (EVP_PKEY_keygen_init(pctx) <= 0) - goto err; - if (EVP_PKEY_keygen(pctx, &ekey) <= 0) - goto err; - EVP_PKEY_CTX_free(pctx); - pctx = EVP_PKEY_CTX_new(ekey, NULL); - if (!pctx) - goto err; - if (EVP_PKEY_derive_init(pctx) <= 0) - goto err; - kari->pctx = pctx; - rv = 1; - - err: - if (!rv) - EVP_PKEY_CTX_free(pctx); - EVP_PKEY_free(ekey); - - return rv; -} - -/* Initialise a kari based on passed certificate and key */ - -int -cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip, EVP_PKEY *pk, - unsigned int flags) -{ - CMS_KeyAgreeRecipientInfo *kari; - CMS_RecipientEncryptedKey *rek = NULL; - - ri->d.kari = (CMS_KeyAgreeRecipientInfo *)ASN1_item_new(&CMS_KeyAgreeRecipientInfo_it); - if (!ri->d.kari) - return 0; - ri->type = CMS_RECIPINFO_AGREE; - - kari = ri->d.kari; - kari->version = 3; - - rek = (CMS_RecipientEncryptedKey *)ASN1_item_new(&CMS_RecipientEncryptedKey_it); - if (rek == NULL) - return 0; - - if (!sk_CMS_RecipientEncryptedKey_push(kari->recipientEncryptedKeys, rek)) { - ASN1_item_free((ASN1_VALUE *)rek, &CMS_RecipientEncryptedKey_it); - return 0; - } - - if (flags & CMS_USE_KEYID) { - rek->rid->type = CMS_REK_KEYIDENTIFIER; - rek->rid->d.rKeyId = (CMS_RecipientKeyIdentifier *)ASN1_item_new(&CMS_RecipientKeyIdentifier_it); - if (rek->rid->d.rKeyId == NULL) - return 0; - if (!cms_set1_keyid(&rek->rid->d.rKeyId->subjectKeyIdentifier, recip)) - return 0; - } else { - rek->rid->type = CMS_REK_ISSUER_SERIAL; - if (!cms_set1_ias(&rek->rid->d.issuerAndSerialNumber, recip)) - return 0; - } - - /* Create ephemeral key */ - if (!cms_kari_create_ephemeral_key(kari, pk)) - return 0; - - EVP_PKEY_up_ref(pk); - rek->pkey = pk; - - return 1; -} - -static int -cms_wrap_init(CMS_KeyAgreeRecipientInfo *kari, const EVP_CIPHER *cipher) -{ - EVP_CIPHER_CTX *ctx = kari->ctx; - const EVP_CIPHER *kekcipher; - int keylen = EVP_CIPHER_key_length(cipher); - - /* If a suitable wrap algorithm is already set nothing to do */ - kekcipher = EVP_CIPHER_CTX_cipher(ctx); - - if (kekcipher) { - if (EVP_CIPHER_CTX_mode(ctx) != EVP_CIPH_WRAP_MODE) - return 0; - return 1; - } - /* - * Pick a cipher based on content encryption cipher. If it is DES3 use - * DES3 wrap otherwise use AES wrap similar to key size. - */ -#ifndef OPENSSL_NO_DES -#if 0 - /* - * XXX - we do not currently support DES3 wrap and probably should just - * drop this code. - */ - if (EVP_CIPHER_type(cipher) == NID_des_ede3_cbc) - kekcipher = EVP_des_ede3_wrap(); - else -#endif -#endif - if (keylen <= 16) - kekcipher = EVP_aes_128_wrap(); - else if (keylen <= 24) - kekcipher = EVP_aes_192_wrap(); - else - kekcipher = EVP_aes_256_wrap(); - - return EVP_EncryptInit_ex(ctx, kekcipher, NULL, NULL, NULL); -} - -/* Encrypt content key in key agreement recipient info */ - -int -cms_RecipientInfo_kari_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri) -{ - CMS_KeyAgreeRecipientInfo *kari; - CMS_EncryptedContentInfo *ec; - CMS_RecipientEncryptedKey *rek; - STACK_OF(CMS_RecipientEncryptedKey) *reks; - int i; - - if (ri->type != CMS_RECIPINFO_AGREE) { - CMSerror(CMS_R_NOT_KEY_AGREEMENT); - return 0; - } - kari = ri->d.kari; - reks = kari->recipientEncryptedKeys; - ec = cms->d.envelopedData->encryptedContentInfo; - /* Initialise wrap algorithm parameters */ - if (!cms_wrap_init(kari, ec->cipher)) - return 0; - /* - * If no originator key set up initialise for ephemeral key the public key - * ASN1 structure will set the actual public key value. - */ - if (kari->originator->type == -1) { - CMS_OriginatorIdentifierOrKey *oik = kari->originator; - oik->type = CMS_OIK_PUBKEY; - oik->d.originatorKey = (CMS_OriginatorPublicKey *)ASN1_item_new(&CMS_OriginatorPublicKey_it); - if (!oik->d.originatorKey) - return 0; - } - /* Initialise KDF algorithm */ - if (!cms_env_asn1_ctrl(ri, 0)) - return 0; - /* For each rek, derive KEK, encrypt CEK */ - for (i = 0; i < sk_CMS_RecipientEncryptedKey_num(reks); i++) { - unsigned char *enckey; - size_t enckeylen; - rek = sk_CMS_RecipientEncryptedKey_value(reks, i); - if (EVP_PKEY_derive_set_peer(kari->pctx, rek->pkey) <= 0) - return 0; - if (!cms_kek_cipher(&enckey, &enckeylen, ec->key, ec->keylen, - kari, 1)) - return 0; - ASN1_STRING_set0(rek->encryptedKey, enckey, enckeylen); - } - - return 1; -} diff --git a/src/lib/libcrypto/cms/cms_lib.c b/src/lib/libcrypto/cms/cms_lib.c deleted file mode 100644 index 2d7a8d9f21..0000000000 --- a/src/lib/libcrypto/cms/cms_lib.c +++ /dev/null @@ -1,780 +0,0 @@ -/* $OpenBSD: cms_lib.c,v 1.26 2024/11/01 18:53:35 tb Exp $ */ -/* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include - -#include -#include -#include -#include -#include -#include -#include -#include - -#include "cms_local.h" -#include "x509_local.h" - -CMS_ContentInfo * -d2i_CMS_ContentInfo(CMS_ContentInfo **a, const unsigned char **in, long len) -{ - return (CMS_ContentInfo *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &CMS_ContentInfo_it); -} -LCRYPTO_ALIAS(d2i_CMS_ContentInfo); - -int -i2d_CMS_ContentInfo(CMS_ContentInfo *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &CMS_ContentInfo_it); -} -LCRYPTO_ALIAS(i2d_CMS_ContentInfo); - -CMS_ContentInfo * -CMS_ContentInfo_new(void) -{ - return (CMS_ContentInfo *)ASN1_item_new(&CMS_ContentInfo_it); -} -LCRYPTO_ALIAS(CMS_ContentInfo_new); - -void -CMS_ContentInfo_free(CMS_ContentInfo *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &CMS_ContentInfo_it); -} -LCRYPTO_ALIAS(CMS_ContentInfo_free); - -int -CMS_ContentInfo_print_ctx(BIO *out, CMS_ContentInfo *x, int indent, const ASN1_PCTX *pctx) -{ - return ASN1_item_print(out, (ASN1_VALUE *)x, indent, - &CMS_ContentInfo_it, pctx); -} -LCRYPTO_ALIAS(CMS_ContentInfo_print_ctx); - -const ASN1_OBJECT * -CMS_get0_type(const CMS_ContentInfo *cms) -{ - return cms->contentType; -} -LCRYPTO_ALIAS(CMS_get0_type); - -CMS_ContentInfo * -cms_Data_create(void) -{ - CMS_ContentInfo *cms; - - cms = CMS_ContentInfo_new(); - if (cms != NULL) { - cms->contentType = OBJ_nid2obj(NID_pkcs7_data); - /* Never detached */ - CMS_set_detached(cms, 0); - } - return cms; -} - -static BIO * -cms_content_bio(CMS_ContentInfo *cms) -{ - ASN1_OCTET_STRING **pos; - - if ((pos = CMS_get0_content(cms)) == NULL) - return NULL; - - /* If content is detached, data goes nowhere: create null BIO. */ - if (*pos == NULL) - return BIO_new(BIO_s_null()); - - /* If content is not detached and was created, return memory BIO. */ - if ((*pos)->flags == ASN1_STRING_FLAG_CONT) - return BIO_new(BIO_s_mem()); - - /* Else content was read in: return read-only BIO for it. */ - return BIO_new_mem_buf((*pos)->data, (*pos)->length); -} - -BIO * -CMS_dataInit(CMS_ContentInfo *cms, BIO *in_content_bio) -{ - BIO *cms_bio = NULL, *content_bio = NULL; - - if ((content_bio = in_content_bio) == NULL) - content_bio = cms_content_bio(cms); - if (content_bio == NULL) { - CMSerror(CMS_R_NO_CONTENT); - goto err; - } - - switch (OBJ_obj2nid(cms->contentType)) { - case NID_pkcs7_data: - return content_bio; - case NID_pkcs7_signed: - if ((cms_bio = cms_SignedData_init_bio(cms)) == NULL) - goto err; - break; - case NID_pkcs7_digest: - if ((cms_bio = cms_DigestedData_init_bio(cms)) == NULL) - goto err; - break; - case NID_pkcs7_encrypted: - if ((cms_bio = cms_EncryptedData_init_bio(cms)) == NULL) - goto err; - break; - case NID_pkcs7_enveloped: - if ((cms_bio = cms_EnvelopedData_init_bio(cms)) == NULL) - goto err; - break; - default: - CMSerror(CMS_R_UNSUPPORTED_TYPE); - goto err; - } - - return BIO_push(cms_bio, content_bio); - - err: - if (content_bio != in_content_bio) - BIO_free(content_bio); - - return NULL; -} -LCRYPTO_ALIAS(CMS_dataInit); - -int -CMS_dataFinal(CMS_ContentInfo *cms, BIO *cmsbio) -{ - ASN1_OCTET_STRING **pos = CMS_get0_content(cms); - - if (!pos) - return 0; - /* If embedded content find memory BIO and set content */ - if (*pos && ((*pos)->flags & ASN1_STRING_FLAG_CONT)) { - BIO *mbio; - unsigned char *cont; - long contlen; - mbio = BIO_find_type(cmsbio, BIO_TYPE_MEM); - if (!mbio) { - CMSerror(CMS_R_CONTENT_NOT_FOUND); - return 0; - } - contlen = BIO_get_mem_data(mbio, &cont); - /* Set bio as read only so its content can't be clobbered */ - BIO_set_flags(mbio, BIO_FLAGS_MEM_RDONLY); - BIO_set_mem_eof_return(mbio, 0); - ASN1_STRING_set0(*pos, cont, contlen); - (*pos)->flags &= ~ASN1_STRING_FLAG_CONT; - } - - switch (OBJ_obj2nid(cms->contentType)) { - - case NID_pkcs7_data: - case NID_pkcs7_enveloped: - case NID_pkcs7_encrypted: - case NID_id_smime_ct_compressedData: - /* Nothing to do */ - return 1; - - case NID_pkcs7_signed: - return cms_SignedData_final(cms, cmsbio); - - case NID_pkcs7_digest: - return cms_DigestedData_do_final(cms, cmsbio, 0); - - default: - CMSerror(CMS_R_UNSUPPORTED_TYPE); - return 0; - } -} -LCRYPTO_ALIAS(CMS_dataFinal); - -int -CMS_get_version(const CMS_ContentInfo *cms, long *version) -{ - switch (OBJ_obj2nid(cms->contentType)) { - case NID_pkcs7_signed: - *version = cms->d.signedData->version; - return 1; - - case NID_pkcs7_enveloped: - *version = cms->d.envelopedData->version; - return 1; - - case NID_pkcs7_digest: - *version = cms->d.digestedData->version; - return 1; - - case NID_pkcs7_encrypted: - *version = cms->d.encryptedData->version; - return 1; - - case NID_id_smime_ct_authData: - *version = cms->d.authenticatedData->version; - return 1; - - case NID_id_smime_ct_compressedData: - *version = cms->d.compressedData->version; - return 1; - - default: - CMSerror(CMS_R_UNSUPPORTED_TYPE); - return 0; - } -} -LCRYPTO_ALIAS(CMS_get_version); - -int -CMS_SignerInfo_get_version(const CMS_SignerInfo *si, long *version) -{ - *version = si->version; - return 1; -} -LCRYPTO_ALIAS(CMS_SignerInfo_get_version); - -/* - * Return an OCTET STRING pointer to content. This allows it to be accessed - * or set later. - */ - -ASN1_OCTET_STRING ** -CMS_get0_content(CMS_ContentInfo *cms) -{ - switch (OBJ_obj2nid(cms->contentType)) { - case NID_pkcs7_data: - return &cms->d.data; - - case NID_pkcs7_signed: - return &cms->d.signedData->encapContentInfo->eContent; - - case NID_pkcs7_enveloped: - return &cms->d.envelopedData->encryptedContentInfo->encryptedContent; - - case NID_pkcs7_digest: - return &cms->d.digestedData->encapContentInfo->eContent; - - case NID_pkcs7_encrypted: - return &cms->d.encryptedData->encryptedContentInfo->encryptedContent; - - case NID_id_smime_ct_authData: - return &cms->d.authenticatedData->encapContentInfo->eContent; - - case NID_id_smime_ct_compressedData: - return &cms->d.compressedData->encapContentInfo->eContent; - - default: - if (cms->d.other->type == V_ASN1_OCTET_STRING) - return &cms->d.other->value.octet_string; - CMSerror(CMS_R_UNSUPPORTED_CONTENT_TYPE); - return NULL; - } -} -LCRYPTO_ALIAS(CMS_get0_content); - -/* - * Return an ASN1_OBJECT pointer to content type. This allows it to be - * accessed or set later. - */ - -static ASN1_OBJECT ** -cms_get0_econtent_type(CMS_ContentInfo *cms) -{ - switch (OBJ_obj2nid(cms->contentType)) { - case NID_pkcs7_signed: - return &cms->d.signedData->encapContentInfo->eContentType; - - case NID_pkcs7_enveloped: - return &cms->d.envelopedData->encryptedContentInfo->contentType; - - case NID_pkcs7_digest: - return &cms->d.digestedData->encapContentInfo->eContentType; - - case NID_pkcs7_encrypted: - return &cms->d.encryptedData->encryptedContentInfo->contentType; - - case NID_id_smime_ct_authData: - return &cms->d.authenticatedData->encapContentInfo->eContentType; - - case NID_id_smime_ct_compressedData: - return &cms->d.compressedData->encapContentInfo->eContentType; - - default: - CMSerror(CMS_R_UNSUPPORTED_CONTENT_TYPE); - return NULL; - } -} - -const ASN1_OBJECT * -CMS_get0_eContentType(CMS_ContentInfo *cms) -{ - ASN1_OBJECT **petype; - - petype = cms_get0_econtent_type(cms); - if (petype) - return *petype; - - return NULL; -} -LCRYPTO_ALIAS(CMS_get0_eContentType); - -int -CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid) -{ - ASN1_OBJECT **petype, *etype; - - petype = cms_get0_econtent_type(cms); - if (!petype) - return 0; - if (!oid) - return 1; - etype = OBJ_dup(oid); - if (!etype) - return 0; - ASN1_OBJECT_free(*petype); - *petype = etype; - - return 1; -} -LCRYPTO_ALIAS(CMS_set1_eContentType); - -int -CMS_is_detached(CMS_ContentInfo *cms) -{ - ASN1_OCTET_STRING **pos; - - pos = CMS_get0_content(cms); - if (!pos) - return -1; - if (*pos) - return 0; - - return 1; -} -LCRYPTO_ALIAS(CMS_is_detached); - -int -CMS_set_detached(CMS_ContentInfo *cms, int detached) -{ - ASN1_OCTET_STRING **pos; - - pos = CMS_get0_content(cms); - if (!pos) - return 0; - if (detached) { - ASN1_OCTET_STRING_free(*pos); - *pos = NULL; - return 1; - } - if (*pos == NULL) - *pos = ASN1_OCTET_STRING_new(); - if (*pos != NULL) { - /* - * NB: special flag to show content is created and not read in. - */ - (*pos)->flags |= ASN1_STRING_FLAG_CONT; - return 1; - } - CMSerror(ERR_R_MALLOC_FAILURE); - - return 0; -} -LCRYPTO_ALIAS(CMS_set_detached); - -/* Create a digest BIO from an X509_ALGOR structure */ - -BIO * -cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm) -{ - BIO *mdbio = NULL; - const ASN1_OBJECT *digestoid; - const EVP_MD *digest; - - X509_ALGOR_get0(&digestoid, NULL, NULL, digestAlgorithm); - digest = EVP_get_digestbyobj(digestoid); - if (!digest) { - CMSerror(CMS_R_UNKNOWN_DIGEST_ALGORITHM); - goto err; - } - mdbio = BIO_new(BIO_f_md()); - if (mdbio == NULL || !BIO_set_md(mdbio, digest)) { - CMSerror(CMS_R_MD_BIO_INIT_ERROR); - goto err; - } - return mdbio; - - err: - BIO_free(mdbio); - - return NULL; -} - -/* Locate a message digest content from a BIO chain based on SignerInfo */ - -int -cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain, X509_ALGOR *mdalg) -{ - int nid; - const ASN1_OBJECT *mdoid; - - X509_ALGOR_get0(&mdoid, NULL, NULL, mdalg); - nid = OBJ_obj2nid(mdoid); - /* Look for digest type to match signature */ - for (;;) { - EVP_MD_CTX *mtmp; - chain = BIO_find_type(chain, BIO_TYPE_MD); - if (chain == NULL) { - CMSerror(CMS_R_NO_MATCHING_DIGEST); - return 0; - } - BIO_get_md_ctx(chain, &mtmp); - if (EVP_MD_CTX_type(mtmp) == nid - /* - * Workaround for broken implementations that use signature - * algorithm OID instead of digest. - */ - || EVP_MD_pkey_type(EVP_MD_CTX_md(mtmp)) == nid) - return EVP_MD_CTX_copy_ex(mctx, mtmp); - chain = BIO_next(chain); - } -} - -static STACK_OF(CMS_CertificateChoices) ** -cms_get0_certificate_choices(CMS_ContentInfo *cms) -{ - switch (OBJ_obj2nid(cms->contentType)) { - case NID_pkcs7_signed: - return &cms->d.signedData->certificates; - - case NID_pkcs7_enveloped: - if (cms->d.envelopedData->originatorInfo == NULL) - return NULL; - return &cms->d.envelopedData->originatorInfo->certificates; - - default: - CMSerror(CMS_R_UNSUPPORTED_CONTENT_TYPE); - return NULL; - } -} - -CMS_CertificateChoices * -CMS_add0_CertificateChoices(CMS_ContentInfo *cms) -{ - STACK_OF(CMS_CertificateChoices) **pcerts; - CMS_CertificateChoices *cch; - - pcerts = cms_get0_certificate_choices(cms); - if (!pcerts) - return NULL; - if (!*pcerts) - *pcerts = sk_CMS_CertificateChoices_new_null(); - if (!*pcerts) - return NULL; - cch = (CMS_CertificateChoices *)ASN1_item_new(&CMS_CertificateChoices_it); - if (!cch) - return NULL; - if (!sk_CMS_CertificateChoices_push(*pcerts, cch)) { - ASN1_item_free((ASN1_VALUE *)cch, &CMS_CertificateChoices_it); - return NULL; - } - - return cch; -} -LCRYPTO_ALIAS(CMS_add0_CertificateChoices); - -int -CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert) -{ - CMS_CertificateChoices *cch; - STACK_OF(CMS_CertificateChoices) **pcerts; - int i; - - pcerts = cms_get0_certificate_choices(cms); - if (!pcerts) - return 0; - for (i = 0; i < sk_CMS_CertificateChoices_num(*pcerts); i++) { - cch = sk_CMS_CertificateChoices_value(*pcerts, i); - if (cch->type == CMS_CERTCHOICE_CERT) { - if (!X509_cmp(cch->d.certificate, cert)) { - CMSerror(CMS_R_CERTIFICATE_ALREADY_PRESENT); - return 0; - } - } - } - cch = CMS_add0_CertificateChoices(cms); - if (!cch) - return 0; - cch->type = CMS_CERTCHOICE_CERT; - cch->d.certificate = cert; - - return 1; -} -LCRYPTO_ALIAS(CMS_add0_cert); - -int -CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert) -{ - int r; - - r = CMS_add0_cert(cms, cert); - if (r > 0) - X509_up_ref(cert); - - return r; -} -LCRYPTO_ALIAS(CMS_add1_cert); - -static STACK_OF(CMS_RevocationInfoChoice) ** -cms_get0_revocation_choices(CMS_ContentInfo *cms) -{ - switch (OBJ_obj2nid(cms->contentType)) { - case NID_pkcs7_signed: - return &cms->d.signedData->crls; - - case NID_pkcs7_enveloped: - if (cms->d.envelopedData->originatorInfo == NULL) - return NULL; - return &cms->d.envelopedData->originatorInfo->crls; - - default: - CMSerror(CMS_R_UNSUPPORTED_CONTENT_TYPE); - return NULL; - } -} - -CMS_RevocationInfoChoice * -CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms) -{ - STACK_OF(CMS_RevocationInfoChoice) **pcrls; - CMS_RevocationInfoChoice *rch; - - pcrls = cms_get0_revocation_choices(cms); - if (!pcrls) - return NULL; - if (!*pcrls) - *pcrls = sk_CMS_RevocationInfoChoice_new_null(); - if (!*pcrls) - return NULL; - rch = (CMS_RevocationInfoChoice *)ASN1_item_new(&CMS_RevocationInfoChoice_it); - if (!rch) - return NULL; - if (!sk_CMS_RevocationInfoChoice_push(*pcrls, rch)) { - ASN1_item_free((ASN1_VALUE *)rch, &CMS_RevocationInfoChoice_it); - return NULL; - } - - return rch; -} -LCRYPTO_ALIAS(CMS_add0_RevocationInfoChoice); - -int -CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl) -{ - CMS_RevocationInfoChoice *rch; - - rch = CMS_add0_RevocationInfoChoice(cms); - if (!rch) - return 0; - rch->type = CMS_REVCHOICE_CRL; - rch->d.crl = crl; - - return 1; -} -LCRYPTO_ALIAS(CMS_add0_crl); - -int -CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl) -{ - int r; - - r = CMS_add0_crl(cms, crl); - if (r > 0) - X509_CRL_up_ref(crl); - - return r; -} -LCRYPTO_ALIAS(CMS_add1_crl); - -STACK_OF(X509) * -CMS_get1_certs(CMS_ContentInfo *cms) -{ - STACK_OF(X509) *certs = NULL; - CMS_CertificateChoices *cch; - STACK_OF(CMS_CertificateChoices) **pcerts; - int i; - - pcerts = cms_get0_certificate_choices(cms); - if (!pcerts) - return NULL; - for (i = 0; i < sk_CMS_CertificateChoices_num(*pcerts); i++) { - cch = sk_CMS_CertificateChoices_value(*pcerts, i); - if (cch->type == 0) { - if (!certs) { - certs = sk_X509_new_null(); - if (!certs) - return NULL; - } - if (!sk_X509_push(certs, cch->d.certificate)) { - sk_X509_pop_free(certs, X509_free); - return NULL; - } - X509_up_ref(cch->d.certificate); - } - } - return certs; -} -LCRYPTO_ALIAS(CMS_get1_certs); - -STACK_OF(X509_CRL) * -CMS_get1_crls(CMS_ContentInfo *cms) -{ - STACK_OF(X509_CRL) *crls = NULL; - STACK_OF(CMS_RevocationInfoChoice) **pcrls; - CMS_RevocationInfoChoice *rch; - int i; - - pcrls = cms_get0_revocation_choices(cms); - if (!pcrls) - return NULL; - for (i = 0; i < sk_CMS_RevocationInfoChoice_num(*pcrls); i++) { - rch = sk_CMS_RevocationInfoChoice_value(*pcrls, i); - if (rch->type == 0) { - if (!crls) { - crls = sk_X509_CRL_new_null(); - if (!crls) - return NULL; - } - if (!sk_X509_CRL_push(crls, rch->d.crl)) { - sk_X509_CRL_pop_free(crls, X509_CRL_free); - return NULL; - } - X509_CRL_up_ref(rch->d.crl); - } - } - return crls; -} -LCRYPTO_ALIAS(CMS_get1_crls); - -static const ASN1_OCTET_STRING * -cms_X509_get0_subject_key_id(X509 *x) -{ - /* Call for side-effect of computing hash and caching extensions */ - X509_check_purpose(x, -1, -1); - return x->skid; -} - -int -cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert) -{ - int ret; - - ret = X509_NAME_cmp(ias->issuer, X509_get_issuer_name(cert)); - if (ret) - return ret; - - return ASN1_INTEGER_cmp(ias->serialNumber, X509_get_serialNumber(cert)); -} - -int -cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert) -{ - const ASN1_OCTET_STRING *cert_keyid = cms_X509_get0_subject_key_id(cert); - - if (cert_keyid == NULL) - return -1; - - return ASN1_OCTET_STRING_cmp(keyid, cert_keyid); -} - -int -cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert) -{ - CMS_IssuerAndSerialNumber *ias; - - ias = (CMS_IssuerAndSerialNumber *)ASN1_item_new(&CMS_IssuerAndSerialNumber_it); - if (!ias) - goto err; - if (!X509_NAME_set(&ias->issuer, X509_get_issuer_name(cert))) - goto err; - if (!ASN1_STRING_copy(ias->serialNumber, X509_get_serialNumber(cert))) - goto err; - ASN1_item_free((ASN1_VALUE *)*pias, &CMS_IssuerAndSerialNumber_it); - *pias = ias; - - return 1; - - err: - ASN1_item_free((ASN1_VALUE *)ias, &CMS_IssuerAndSerialNumber_it); - CMSerror(ERR_R_MALLOC_FAILURE); - - return 0; -} - -int -cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert) -{ - ASN1_OCTET_STRING *keyid = NULL; - const ASN1_OCTET_STRING *cert_keyid; - - cert_keyid = cms_X509_get0_subject_key_id(cert); - if (cert_keyid == NULL) { - CMSerror(CMS_R_CERTIFICATE_HAS_NO_KEYID); - return 0; - } - keyid = ASN1_STRING_dup(cert_keyid); - if (!keyid) { - CMSerror(ERR_R_MALLOC_FAILURE); - return 0; - } - ASN1_OCTET_STRING_free(*pkeyid); - *pkeyid = keyid; - - return 1; -} diff --git a/src/lib/libcrypto/cms/cms_local.h b/src/lib/libcrypto/cms/cms_local.h deleted file mode 100644 index 6be60e9047..0000000000 --- a/src/lib/libcrypto/cms/cms_local.h +++ /dev/null @@ -1,472 +0,0 @@ -/* $OpenBSD: cms_local.h,v 1.6 2024/05/19 07:12:50 jsg Exp $ */ -/* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#ifndef HEADER_CMS_LOCAL_H -#define HEADER_CMS_LOCAL_H - -#include - -/* - * Cryptographic message syntax (CMS) structures: taken from RFC3852 - */ - -/* Forward references */ - -typedef struct CMS_IssuerAndSerialNumber_st CMS_IssuerAndSerialNumber; -typedef struct CMS_EncapsulatedContentInfo_st CMS_EncapsulatedContentInfo; -typedef struct CMS_SignerIdentifier_st CMS_SignerIdentifier; -typedef struct CMS_SignedData_st CMS_SignedData; -typedef struct CMS_OtherRevocationInfoFormat_st CMS_OtherRevocationInfoFormat; -typedef struct CMS_OriginatorInfo_st CMS_OriginatorInfo; -typedef struct CMS_EncryptedContentInfo_st CMS_EncryptedContentInfo; -typedef struct CMS_EnvelopedData_st CMS_EnvelopedData; -typedef struct CMS_DigestedData_st CMS_DigestedData; -typedef struct CMS_EncryptedData_st CMS_EncryptedData; -typedef struct CMS_AuthenticatedData_st CMS_AuthenticatedData; -typedef struct CMS_CompressedData_st CMS_CompressedData; -typedef struct CMS_OtherCertificateFormat_st CMS_OtherCertificateFormat; -typedef struct CMS_KeyTransRecipientInfo_st CMS_KeyTransRecipientInfo; -typedef struct CMS_OriginatorPublicKey_st CMS_OriginatorPublicKey; -typedef struct CMS_OriginatorIdentifierOrKey_st CMS_OriginatorIdentifierOrKey; -typedef struct CMS_KeyAgreeRecipientInfo_st CMS_KeyAgreeRecipientInfo; -typedef struct CMS_RecipientKeyIdentifier_st CMS_RecipientKeyIdentifier; -typedef struct CMS_KeyAgreeRecipientIdentifier_st - CMS_KeyAgreeRecipientIdentifier; -typedef struct CMS_KEKIdentifier_st CMS_KEKIdentifier; -typedef struct CMS_KEKRecipientInfo_st CMS_KEKRecipientInfo; -typedef struct CMS_PasswordRecipientInfo_st CMS_PasswordRecipientInfo; -typedef struct CMS_OtherRecipientInfo_st CMS_OtherRecipientInfo; -typedef struct CMS_ReceiptsFrom_st CMS_ReceiptsFrom; - -struct CMS_ContentInfo_st { - ASN1_OBJECT *contentType; - union { - ASN1_OCTET_STRING *data; - CMS_SignedData *signedData; - CMS_EnvelopedData *envelopedData; - CMS_DigestedData *digestedData; - CMS_EncryptedData *encryptedData; - CMS_AuthenticatedData *authenticatedData; - CMS_CompressedData *compressedData; - ASN1_TYPE *other; - /* Other types ... */ - void *otherData; - } d; -}; - -DECLARE_STACK_OF(CMS_CertificateChoices) - -struct CMS_SignedData_st { - long version; - STACK_OF(X509_ALGOR) *digestAlgorithms; - CMS_EncapsulatedContentInfo *encapContentInfo; - STACK_OF(CMS_CertificateChoices) *certificates; - STACK_OF(CMS_RevocationInfoChoice) *crls; - STACK_OF(CMS_SignerInfo) *signerInfos; -}; - -struct CMS_EncapsulatedContentInfo_st { - ASN1_OBJECT *eContentType; - ASN1_OCTET_STRING *eContent; - /* Set to 1 if incomplete structure only part set up */ - int partial; -}; - -struct CMS_SignerInfo_st { - long version; - CMS_SignerIdentifier *sid; - X509_ALGOR *digestAlgorithm; - STACK_OF(X509_ATTRIBUTE) *signedAttrs; - X509_ALGOR *signatureAlgorithm; - ASN1_OCTET_STRING *signature; - STACK_OF(X509_ATTRIBUTE) *unsignedAttrs; - /* Signing certificate and key */ - X509 *signer; - EVP_PKEY *pkey; - /* Digest and public key context for alternative parameters */ - EVP_MD_CTX *mctx; - EVP_PKEY_CTX *pctx; -}; - -struct CMS_SignerIdentifier_st { - int type; - union { - CMS_IssuerAndSerialNumber *issuerAndSerialNumber; - ASN1_OCTET_STRING *subjectKeyIdentifier; - } d; -}; - -struct CMS_EnvelopedData_st { - long version; - CMS_OriginatorInfo *originatorInfo; - STACK_OF(CMS_RecipientInfo) *recipientInfos; - CMS_EncryptedContentInfo *encryptedContentInfo; - STACK_OF(X509_ATTRIBUTE) *unprotectedAttrs; -}; - -struct CMS_OriginatorInfo_st { - STACK_OF(CMS_CertificateChoices) *certificates; - STACK_OF(CMS_RevocationInfoChoice) *crls; -}; - -struct CMS_EncryptedContentInfo_st { - ASN1_OBJECT *contentType; - X509_ALGOR *contentEncryptionAlgorithm; - ASN1_OCTET_STRING *encryptedContent; - /* Content encryption algorithm and key */ - const EVP_CIPHER *cipher; - unsigned char *key; - size_t keylen; - /* Set to 1 if we are debugging decrypt and don't fake keys for MMA */ - int debug; - /* Set to 1 if we have no cert and need extra safety measures for MMA */ - int havenocert; -}; - -struct CMS_RecipientInfo_st { - int type; - union { - CMS_KeyTransRecipientInfo *ktri; - CMS_KeyAgreeRecipientInfo *kari; - CMS_KEKRecipientInfo *kekri; - CMS_PasswordRecipientInfo *pwri; - CMS_OtherRecipientInfo *ori; - } d; -}; - -typedef CMS_SignerIdentifier CMS_RecipientIdentifier; - -struct CMS_KeyTransRecipientInfo_st { - long version; - CMS_RecipientIdentifier *rid; - X509_ALGOR *keyEncryptionAlgorithm; - ASN1_OCTET_STRING *encryptedKey; - /* Recipient Key and cert */ - X509 *recip; - EVP_PKEY *pkey; - /* Public key context for this operation */ - EVP_PKEY_CTX *pctx; -}; - -struct CMS_KeyAgreeRecipientInfo_st { - long version; - CMS_OriginatorIdentifierOrKey *originator; - ASN1_OCTET_STRING *ukm; - X509_ALGOR *keyEncryptionAlgorithm; - STACK_OF(CMS_RecipientEncryptedKey) *recipientEncryptedKeys; - /* Public key context associated with current operation */ - EVP_PKEY_CTX *pctx; - /* Cipher context for CEK wrapping */ - EVP_CIPHER_CTX *ctx; -}; - -struct CMS_OriginatorIdentifierOrKey_st { - int type; - union { - CMS_IssuerAndSerialNumber *issuerAndSerialNumber; - ASN1_OCTET_STRING *subjectKeyIdentifier; - CMS_OriginatorPublicKey *originatorKey; - } d; -}; - -struct CMS_OriginatorPublicKey_st { - X509_ALGOR *algorithm; - ASN1_BIT_STRING *publicKey; -}; - -struct CMS_RecipientEncryptedKey_st { - CMS_KeyAgreeRecipientIdentifier *rid; - ASN1_OCTET_STRING *encryptedKey; - /* Public key associated with this recipient */ - EVP_PKEY *pkey; -}; - -struct CMS_KeyAgreeRecipientIdentifier_st { - int type; - union { - CMS_IssuerAndSerialNumber *issuerAndSerialNumber; - CMS_RecipientKeyIdentifier *rKeyId; - } d; -}; - -struct CMS_RecipientKeyIdentifier_st { - ASN1_OCTET_STRING *subjectKeyIdentifier; - ASN1_GENERALIZEDTIME *date; - CMS_OtherKeyAttribute *other; -}; - -struct CMS_KEKRecipientInfo_st { - long version; - CMS_KEKIdentifier *kekid; - X509_ALGOR *keyEncryptionAlgorithm; - ASN1_OCTET_STRING *encryptedKey; - /* Extra info: symmetric key to use */ - unsigned char *key; - size_t keylen; -}; - -struct CMS_KEKIdentifier_st { - ASN1_OCTET_STRING *keyIdentifier; - ASN1_GENERALIZEDTIME *date; - CMS_OtherKeyAttribute *other; -}; - -struct CMS_PasswordRecipientInfo_st { - long version; - X509_ALGOR *keyDerivationAlgorithm; - X509_ALGOR *keyEncryptionAlgorithm; - ASN1_OCTET_STRING *encryptedKey; - /* Extra info: password to use */ - unsigned char *pass; - size_t passlen; -}; - -struct CMS_OtherRecipientInfo_st { - ASN1_OBJECT *oriType; - ASN1_TYPE *oriValue; -}; - -struct CMS_DigestedData_st { - long version; - X509_ALGOR *digestAlgorithm; - CMS_EncapsulatedContentInfo *encapContentInfo; - ASN1_OCTET_STRING *digest; -}; - -struct CMS_EncryptedData_st { - long version; - CMS_EncryptedContentInfo *encryptedContentInfo; - STACK_OF(X509_ATTRIBUTE) *unprotectedAttrs; -}; - -struct CMS_AuthenticatedData_st { - long version; - CMS_OriginatorInfo *originatorInfo; - STACK_OF(CMS_RecipientInfo) *recipientInfos; - X509_ALGOR *macAlgorithm; - X509_ALGOR *digestAlgorithm; - CMS_EncapsulatedContentInfo *encapContentInfo; - STACK_OF(X509_ATTRIBUTE) *authAttrs; - ASN1_OCTET_STRING *mac; - STACK_OF(X509_ATTRIBUTE) *unauthAttrs; -}; - -struct CMS_CompressedData_st { - long version; - X509_ALGOR *compressionAlgorithm; - STACK_OF(CMS_RecipientInfo) *recipientInfos; - CMS_EncapsulatedContentInfo *encapContentInfo; -}; - -struct CMS_RevocationInfoChoice_st { - int type; - union { - X509_CRL *crl; - CMS_OtherRevocationInfoFormat *other; - } d; -}; - -#define CMS_REVCHOICE_CRL 0 -#define CMS_REVCHOICE_OTHER 1 - -struct CMS_OtherRevocationInfoFormat_st { - ASN1_OBJECT *otherRevInfoFormat; - ASN1_TYPE *otherRevInfo; -}; - -struct CMS_CertificateChoices { - int type; - union { - X509 *certificate; - ASN1_STRING *extendedCertificate; /* Obsolete */ - ASN1_STRING *v1AttrCert; /* Left encoded for now */ - ASN1_STRING *v2AttrCert; /* Left encoded for now */ - CMS_OtherCertificateFormat *other; - } d; -}; - -#define CMS_CERTCHOICE_CERT 0 -#define CMS_CERTCHOICE_EXCERT 1 -#define CMS_CERTCHOICE_V1ACERT 2 -#define CMS_CERTCHOICE_V2ACERT 3 -#define CMS_CERTCHOICE_OTHER 4 - -struct CMS_OtherCertificateFormat_st { - ASN1_OBJECT *otherCertFormat; - ASN1_TYPE *otherCert; -}; - -/* - * This is also defined in pkcs7.h but we duplicate it to allow the CMS code - * to be independent of PKCS#7 - */ - -struct CMS_IssuerAndSerialNumber_st { - X509_NAME *issuer; - ASN1_INTEGER *serialNumber; -}; - -struct CMS_OtherKeyAttribute_st { - ASN1_OBJECT *keyAttrId; - ASN1_TYPE *keyAttr; -}; - -/* ESS structures */ - -#ifdef HEADER_X509V3_H - -struct CMS_ReceiptRequest_st { - ASN1_OCTET_STRING *signedContentIdentifier; - CMS_ReceiptsFrom *receiptsFrom; - STACK_OF(GENERAL_NAMES) *receiptsTo; -}; - -struct CMS_ReceiptsFrom_st { - int type; - union { - long allOrFirstTier; - STACK_OF(GENERAL_NAMES) *receiptList; - } d; -}; -#endif - -struct CMS_Receipt_st { - long version; - ASN1_OBJECT *contentType; - ASN1_OCTET_STRING *signedContentIdentifier; - ASN1_OCTET_STRING *originatorSignatureValue; -}; - -extern const ASN1_ITEM CMS_SignerInfo_it; -extern const ASN1_ITEM CMS_IssuerAndSerialNumber_it; -extern const ASN1_ITEM CMS_Attributes_Sign_it; -extern const ASN1_ITEM CMS_Attributes_Verify_it; -extern const ASN1_ITEM CMS_RecipientInfo_it; -extern const ASN1_ITEM CMS_PasswordRecipientInfo_it; - -#define CMS_SIGNERINFO_ISSUER_SERIAL 0 -#define CMS_SIGNERINFO_KEYIDENTIFIER 1 - -#define CMS_RECIPINFO_ISSUER_SERIAL 0 -#define CMS_RECIPINFO_KEYIDENTIFIER 1 - -#define CMS_REK_ISSUER_SERIAL 0 -#define CMS_REK_KEYIDENTIFIER 1 - -#define CMS_OIK_ISSUER_SERIAL 0 -#define CMS_OIK_KEYIDENTIFIER 1 -#define CMS_OIK_PUBKEY 2 - -CMS_ContentInfo *cms_Data_create(void); - -CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md); -BIO *cms_DigestedData_init_bio(CMS_ContentInfo *cms); -int cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify); - -BIO *cms_SignedData_init_bio(CMS_ContentInfo *cms); -int cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain); -int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert, int type); -int cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid, - ASN1_OCTET_STRING **keyid, X509_NAME **issuer, ASN1_INTEGER **sno); -int cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert); - -BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm); -int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain, - X509_ALGOR *mdalg); - -int cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert); -int cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert); -int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert); -int cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert); - -BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec); -BIO *cms_EncryptedData_init_bio(CMS_ContentInfo *cms); -int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec, - const EVP_CIPHER *cipher, const unsigned char *key, size_t keylen); - -int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms); -int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src); -ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si); - -BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms); -CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms); -int cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd); -int cms_pkey_get_ri_type(EVP_PKEY *pk); -/* KARI routines */ -int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip, - EVP_PKEY *pk, unsigned int flags); -int cms_RecipientInfo_kari_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri); - -/* PWRI routines */ -int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri, - int en_de); - -extern const ASN1_ITEM CMS_CertificateChoices_it; -extern const ASN1_ITEM CMS_DigestedData_it; -extern const ASN1_ITEM CMS_EncryptedData_it; -extern const ASN1_ITEM CMS_EnvelopedData_it; -extern const ASN1_ITEM CMS_KEKRecipientInfo_it; -extern const ASN1_ITEM CMS_KeyAgreeRecipientInfo_it; -extern const ASN1_ITEM CMS_KeyTransRecipientInfo_it; -extern const ASN1_ITEM CMS_OriginatorPublicKey_it; -extern const ASN1_ITEM CMS_OtherKeyAttribute_it; -extern const ASN1_ITEM CMS_Receipt_it; -extern const ASN1_ITEM CMS_ReceiptRequest_it; -extern const ASN1_ITEM CMS_RecipientEncryptedKey_it; -extern const ASN1_ITEM CMS_RecipientKeyIdentifier_it; -extern const ASN1_ITEM CMS_RevocationInfoChoice_it; -extern const ASN1_ITEM CMS_SignedData_it; -extern const ASN1_ITEM CMS_CompressedData_it; - -#endif /* !HEADER_CMS_LOCAL_H */ diff --git a/src/lib/libcrypto/cms/cms_pwri.c b/src/lib/libcrypto/cms/cms_pwri.c deleted file mode 100644 index b6fe5df961..0000000000 --- a/src/lib/libcrypto/cms/cms_pwri.c +++ /dev/null @@ -1,438 +0,0 @@ -/* $OpenBSD: cms_pwri.c,v 1.31 2024/01/14 18:40:24 tb Exp $ */ -/* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2009 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include - -#include -#include - -#include -#include -#include -#include -#include -#include - -#include "cms_local.h" -#include "evp_local.h" -#include "x509_local.h" - -int -CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri, unsigned char *pass, - ssize_t passlen) -{ - CMS_PasswordRecipientInfo *pwri; - - if (ri->type != CMS_RECIPINFO_PASS) { - CMSerror(CMS_R_NOT_PWRI); - return 0; - } - - pwri = ri->d.pwri; - pwri->pass = pass; - if (pass && passlen < 0) - passlen = strlen((char *)pass); - pwri->passlen = passlen; - - return 1; -} -LCRYPTO_ALIAS(CMS_RecipientInfo_set0_password); - -CMS_RecipientInfo * -CMS_add0_recipient_password(CMS_ContentInfo *cms, int iter, int wrap_nid, - int pbe_nid, unsigned char *pass, ssize_t passlen, - const EVP_CIPHER *kekciph) -{ - CMS_RecipientInfo *ri = NULL; - CMS_EnvelopedData *env; - CMS_PasswordRecipientInfo *pwri; - EVP_CIPHER_CTX *ctx = NULL; - X509_ALGOR *encalg = NULL; - unsigned char iv[EVP_MAX_IV_LENGTH]; - int ivlen; - - env = cms_get0_enveloped(cms); - if (!env) - return NULL; - - if (wrap_nid <= 0) - wrap_nid = NID_id_alg_PWRI_KEK; - - if (pbe_nid <= 0) - pbe_nid = NID_id_pbkdf2; - - /* Get from enveloped data */ - if (kekciph == NULL) - kekciph = env->encryptedContentInfo->cipher; - - if (kekciph == NULL) { - CMSerror(CMS_R_NO_CIPHER); - return NULL; - } - if (wrap_nid != NID_id_alg_PWRI_KEK) { - CMSerror(CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM); - return NULL; - } - - /* Setup algorithm identifier for cipher */ - encalg = X509_ALGOR_new(); - if (encalg == NULL) { - goto merr; - } - - if ((ctx = EVP_CIPHER_CTX_new()) == NULL) - goto merr; - - if (EVP_EncryptInit_ex(ctx, kekciph, NULL, NULL, NULL) <= 0) { - CMSerror(ERR_R_EVP_LIB); - goto err; - } - - ivlen = EVP_CIPHER_CTX_iv_length(ctx); - - if (ivlen > 0) { - arc4random_buf(iv, ivlen); - if (EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv) <= 0) { - CMSerror(ERR_R_EVP_LIB); - goto err; - } - encalg->parameter = ASN1_TYPE_new(); - if (!encalg->parameter) { - CMSerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if (EVP_CIPHER_param_to_asn1(ctx, encalg->parameter) <= 0) { - CMSerror(CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR); - goto err; - } - } - - encalg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(ctx)); - - EVP_CIPHER_CTX_free(ctx); - ctx = NULL; - - /* Initialize recipient info */ - ri = (CMS_RecipientInfo *)ASN1_item_new(&CMS_RecipientInfo_it); - if (ri == NULL) - goto merr; - - ri->d.pwri = (CMS_PasswordRecipientInfo *)ASN1_item_new(&CMS_PasswordRecipientInfo_it); - if (ri->d.pwri == NULL) - goto merr; - ri->type = CMS_RECIPINFO_PASS; - - pwri = ri->d.pwri; - /* Since this is overwritten, free up empty structure already there */ - X509_ALGOR_free(pwri->keyEncryptionAlgorithm); - pwri->keyEncryptionAlgorithm = X509_ALGOR_new(); - if (pwri->keyEncryptionAlgorithm == NULL) - goto merr; - pwri->keyEncryptionAlgorithm->algorithm = OBJ_nid2obj(wrap_nid); - pwri->keyEncryptionAlgorithm->parameter = ASN1_TYPE_new(); - if (pwri->keyEncryptionAlgorithm->parameter == NULL) - goto merr; - - if (!ASN1_item_pack(encalg, &X509_ALGOR_it, - &pwri->keyEncryptionAlgorithm->parameter->value.sequence)) - goto merr; - pwri->keyEncryptionAlgorithm->parameter->type = V_ASN1_SEQUENCE; - - X509_ALGOR_free(encalg); - encalg = NULL; - - /* Setup PBE algorithm */ - - pwri->keyDerivationAlgorithm = PKCS5_pbkdf2_set(iter, NULL, 0, -1, -1); - - if (!pwri->keyDerivationAlgorithm) - goto err; - - CMS_RecipientInfo_set0_password(ri, pass, passlen); - pwri->version = 0; - - if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri)) - goto merr; - - return ri; - - merr: - CMSerror(ERR_R_MALLOC_FAILURE); - err: - EVP_CIPHER_CTX_free(ctx); - if (ri) - ASN1_item_free((ASN1_VALUE *)ri, &CMS_RecipientInfo_it); - X509_ALGOR_free(encalg); - - return NULL; -} -LCRYPTO_ALIAS(CMS_add0_recipient_password); - -/* - * This is an implementation of the key wrapping mechanism in RFC3211, at - * some point this should go into EVP. - */ - -static int -kek_unwrap_key(unsigned char *out, size_t *outlen, const unsigned char *in, - size_t inlen, EVP_CIPHER_CTX *ctx) -{ - size_t blocklen = EVP_CIPHER_CTX_block_size(ctx); - unsigned char *tmp; - int outl, rv = 0; - - if (inlen < 2 * blocklen) { - /* too small */ - return 0; - } - if (inlen % blocklen) { - /* Invalid size */ - return 0; - } - if ((tmp = malloc(inlen)) == NULL) { - CMSerror(ERR_R_MALLOC_FAILURE); - return 0; - } - - /* setup IV by decrypting last two blocks */ - if (!EVP_DecryptUpdate(ctx, tmp + inlen - 2 * blocklen, &outl, - in + inlen - 2 * blocklen, blocklen * 2) - /* - * Do a decrypt of last decrypted block to set IV to correct value - * output it to start of buffer so we don't corrupt decrypted block - * this works because buffer is at least two block lengths long. - */ - || !EVP_DecryptUpdate(ctx, tmp, &outl, tmp + inlen - blocklen, blocklen) - /* Can now decrypt first n - 1 blocks */ - || !EVP_DecryptUpdate(ctx, tmp, &outl, in, inlen - blocklen) - - /* Reset IV to original value */ - || !EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL) - /* Decrypt again */ - || !EVP_DecryptUpdate(ctx, tmp, &outl, tmp, inlen)) - goto err; - /* Check check bytes */ - if (((tmp[1] ^ tmp[4]) & (tmp[2] ^ tmp[5]) & (tmp[3] ^ tmp[6])) != 0xff) { - /* Check byte failure */ - goto err; - } - if (inlen < (size_t)(tmp[0] - 4)) { - /* Invalid length value */ - goto err; - } - *outlen = (size_t)tmp[0]; - memcpy(out, tmp + 4, *outlen); - rv = 1; - - err: - freezero(tmp, inlen); - - return rv; -} - -static int -kek_wrap_key(unsigned char *out, size_t *outlen, const unsigned char *in, - size_t inlen, EVP_CIPHER_CTX *ctx) -{ - size_t blocklen = EVP_CIPHER_CTX_block_size(ctx); - size_t olen; - int dummy; - - /* - * First decide length of output buffer: need header and round up to - * multiple of block length. - */ - olen = (inlen + 4 + blocklen - 1) / blocklen; - olen *= blocklen; - if (olen < 2 * blocklen) { - /* Key too small */ - return 0; - } - if (inlen > 0xFF) { - /* Key too large */ - return 0; - } - if (out) { - /* Set header */ - out[0] = (unsigned char)inlen; - out[1] = in[0] ^ 0xFF; - out[2] = in[1] ^ 0xFF; - out[3] = in[2] ^ 0xFF; - memcpy(out + 4, in, inlen); - /* Add random padding to end */ - if (olen > inlen + 4) - arc4random_buf(out + 4 + inlen, olen - 4 - inlen); - /* Encrypt twice */ - if (!EVP_EncryptUpdate(ctx, out, &dummy, out, olen) || - !EVP_EncryptUpdate(ctx, out, &dummy, out, olen)) - return 0; - } - - *outlen = olen; - - return 1; -} - -/* Encrypt/Decrypt content key in PWRI recipient info */ - -int -cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri, - int en_de) -{ - CMS_EncryptedContentInfo *ec; - CMS_PasswordRecipientInfo *pwri; - int r = 0; - X509_ALGOR *algtmp, *kekalg = NULL; - EVP_CIPHER_CTX *kekctx = NULL; - const EVP_CIPHER *kekcipher; - unsigned char *key = NULL; - size_t keylen; - - ec = cms->d.envelopedData->encryptedContentInfo; - - pwri = ri->d.pwri; - - if (!pwri->pass) { - CMSerror(CMS_R_NO_PASSWORD); - return 0; - } - algtmp = pwri->keyEncryptionAlgorithm; - - if (!algtmp || OBJ_obj2nid(algtmp->algorithm) != NID_id_alg_PWRI_KEK) { - CMSerror(CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM); - return 0; - } - - if (algtmp->parameter != NULL && - algtmp->parameter->type == V_ASN1_SEQUENCE && - algtmp->parameter->value.sequence != NULL) - kekalg = ASN1_item_unpack(algtmp->parameter->value.sequence, - &X509_ALGOR_it); - - if (kekalg == NULL) { - CMSerror(CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER); - return 0; - } - - kekcipher = EVP_get_cipherbyobj(kekalg->algorithm); - if (!kekcipher) { - CMSerror(CMS_R_UNKNOWN_CIPHER); - return 0; - } - - kekctx = EVP_CIPHER_CTX_new(); - if (kekctx == NULL) { - CMSerror(ERR_R_MALLOC_FAILURE); - return 0; - } - /* Fixup cipher based on AlgorithmIdentifier to set IV etc */ - if (!EVP_CipherInit_ex(kekctx, kekcipher, NULL, NULL, NULL, en_de)) - goto err; - EVP_CIPHER_CTX_set_padding(kekctx, 0); - if (EVP_CIPHER_asn1_to_param(kekctx, kekalg->parameter) <= 0) { - CMSerror(CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR); - goto err; - } - - algtmp = pwri->keyDerivationAlgorithm; - - /* Finish password based key derivation to setup key in "ctx" */ - - if (EVP_PBE_CipherInit(algtmp->algorithm, (char *)pwri->pass, - pwri->passlen, algtmp->parameter, kekctx, en_de) < 0) { - CMSerror(ERR_R_EVP_LIB); - goto err; - } - - /* Finally wrap/unwrap the key */ - - if (en_de) { - if (!kek_wrap_key(NULL, &keylen, ec->key, ec->keylen, kekctx)) - goto err; - - key = malloc(keylen); - if (key == NULL) - goto err; - - if (!kek_wrap_key(key, &keylen, ec->key, ec->keylen, kekctx)) - goto err; - pwri->encryptedKey->data = key; - pwri->encryptedKey->length = keylen; - } else { - key = malloc(pwri->encryptedKey->length); - if (key == NULL) { - CMSerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if (!kek_unwrap_key(key, &keylen, pwri->encryptedKey->data, - pwri->encryptedKey->length, kekctx)) { - CMSerror(CMS_R_UNWRAP_FAILURE); - goto err; - } - - freezero(ec->key, ec->keylen); - ec->key = key; - ec->keylen = keylen; - } - - r = 1; - - err: - EVP_CIPHER_CTX_free(kekctx); - if (!r) - free(key); - X509_ALGOR_free(kekalg); - - return r; -} diff --git a/src/lib/libcrypto/cms/cms_sd.c b/src/lib/libcrypto/cms/cms_sd.c deleted file mode 100644 index 9cdd4ce143..0000000000 --- a/src/lib/libcrypto/cms/cms_sd.c +++ /dev/null @@ -1,1088 +0,0 @@ -/* $OpenBSD: cms_sd.c,v 1.33 2024/04/20 10:11:55 tb Exp $ */ -/* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include - -#include "asn1_local.h" -#include "cms_local.h" -#include "evp_local.h" -#include "x509_local.h" - -/* CMS SignedData Utilities */ - -static CMS_SignedData * -cms_get0_signed(CMS_ContentInfo *cms) -{ - if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_signed) { - CMSerror(CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA); - return NULL; - } - return cms->d.signedData; -} - -static CMS_SignedData * -cms_signed_data_init(CMS_ContentInfo *cms) -{ - if (cms->d.other == NULL) { - cms->d.signedData = (CMS_SignedData *)ASN1_item_new(&CMS_SignedData_it); - if (!cms->d.signedData) { - CMSerror(ERR_R_MALLOC_FAILURE); - return NULL; - } - cms->d.signedData->version = 1; - cms->d.signedData->encapContentInfo->eContentType = - OBJ_nid2obj(NID_pkcs7_data); - cms->d.signedData->encapContentInfo->partial = 1; - ASN1_OBJECT_free(cms->contentType); - cms->contentType = OBJ_nid2obj(NID_pkcs7_signed); - return cms->d.signedData; - } - return cms_get0_signed(cms); -} - -/* Just initialise SignedData e.g. for certs only structure */ - -int -CMS_SignedData_init(CMS_ContentInfo *cms) -{ - if (cms_signed_data_init(cms)) - return 1; - else - return 0; -} -LCRYPTO_ALIAS(CMS_SignedData_init); - -/* Check structures and fixup version numbers (if necessary) */ - -static void -cms_sd_set_version(CMS_SignedData *sd) -{ - int i; - CMS_CertificateChoices *cch; - CMS_RevocationInfoChoice *rch; - CMS_SignerInfo *si; - - for (i = 0; i < sk_CMS_CertificateChoices_num(sd->certificates); i++) { - cch = sk_CMS_CertificateChoices_value(sd->certificates, i); - if (cch->type == CMS_CERTCHOICE_OTHER) { - if (sd->version < 5) - sd->version = 5; - } else if (cch->type == CMS_CERTCHOICE_V2ACERT) { - if (sd->version < 4) - sd->version = 4; - } else if (cch->type == CMS_CERTCHOICE_V1ACERT) { - if (sd->version < 3) - sd->version = 3; - } - } - - for (i = 0; i < sk_CMS_RevocationInfoChoice_num(sd->crls); i++) { - rch = sk_CMS_RevocationInfoChoice_value(sd->crls, i); - if (rch->type == CMS_REVCHOICE_OTHER) { - if (sd->version < 5) - sd->version = 5; - } - } - - if ((OBJ_obj2nid(sd->encapContentInfo->eContentType) != NID_pkcs7_data) - && (sd->version < 3)) - sd->version = 3; - - for (i = 0; i < sk_CMS_SignerInfo_num(sd->signerInfos); i++) { - si = sk_CMS_SignerInfo_value(sd->signerInfos, i); - if (si->sid->type == CMS_SIGNERINFO_KEYIDENTIFIER) { - if (si->version < 3) - si->version = 3; - if (sd->version < 3) - sd->version = 3; - } else if (si->version < 1) - si->version = 1; - } - - if (sd->version < 1) - sd->version = 1; -} - -/* Copy an existing messageDigest value */ - -static int -cms_copy_messageDigest(CMS_ContentInfo *cms, CMS_SignerInfo *si) -{ - STACK_OF(CMS_SignerInfo) *sinfos; - CMS_SignerInfo *sitmp; - int i; - - sinfos = CMS_get0_SignerInfos(cms); - for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) { - ASN1_OCTET_STRING *messageDigest; - sitmp = sk_CMS_SignerInfo_value(sinfos, i); - if (sitmp == si) - continue; - if (CMS_signed_get_attr_count(sitmp) < 0) - continue; - if (OBJ_cmp(si->digestAlgorithm->algorithm, - sitmp->digestAlgorithm->algorithm)) - continue; - messageDigest = CMS_signed_get0_data_by_OBJ(sitmp, - OBJ_nid2obj(NID_pkcs9_messageDigest), -3, V_ASN1_OCTET_STRING); - if (!messageDigest) { - CMSerror(CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE); - return 0; - } - - if (CMS_signed_add1_attr_by_NID(si, NID_pkcs9_messageDigest, - V_ASN1_OCTET_STRING, messageDigest, -1)) - return 1; - else - return 0; - } - - CMSerror(CMS_R_NO_MATCHING_DIGEST); - - return 0; -} - -int -cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert, int type) -{ - switch (type) { - case CMS_SIGNERINFO_ISSUER_SERIAL: - if (!cms_set1_ias(&sid->d.issuerAndSerialNumber, cert)) - return 0; - break; - - case CMS_SIGNERINFO_KEYIDENTIFIER: - if (!cms_set1_keyid(&sid->d.subjectKeyIdentifier, cert)) - return 0; - break; - - default: - CMSerror(CMS_R_UNKNOWN_ID); - return 0; - } - - sid->type = type; - - return 1; -} - -int -cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid, - ASN1_OCTET_STRING **keyid, X509_NAME **issuer, ASN1_INTEGER **sno) -{ - if (sid->type == CMS_SIGNERINFO_ISSUER_SERIAL) { - if (issuer) - *issuer = sid->d.issuerAndSerialNumber->issuer; - if (sno) - *sno = sid->d.issuerAndSerialNumber->serialNumber; - } else if (sid->type == CMS_SIGNERINFO_KEYIDENTIFIER) { - if (keyid) - *keyid = sid->d.subjectKeyIdentifier; - } else - return 0; - - return 1; -} - -int -cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert) -{ - if (sid->type == CMS_SIGNERINFO_ISSUER_SERIAL) - return cms_ias_cert_cmp(sid->d.issuerAndSerialNumber, cert); - else if (sid->type == CMS_SIGNERINFO_KEYIDENTIFIER) - return cms_keyid_cert_cmp(sid->d.subjectKeyIdentifier, cert); - else - return -1; -} - -static int -cms_sd_asn1_ctrl(CMS_SignerInfo *si, int cmd) -{ - EVP_PKEY *pkey = si->pkey; - int ret; - - if (pkey->ameth == NULL || pkey->ameth->pkey_ctrl == NULL) - return 1; - ret = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_CMS_SIGN, cmd, si); - if (ret == -2) { - CMSerror(CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); - return 0; - } - if (ret <= 0) { - CMSerror(CMS_R_CTRL_FAILURE); - return 0; - } - - return 1; -} - -static const EVP_MD * -cms_SignerInfo_default_digest_md(const CMS_SignerInfo *si) -{ - int rv, nid; - - if (si->pkey == NULL) { - CMSerror(CMS_R_NO_PUBLIC_KEY); - return NULL; - } - - /* On failure or unsupported operation, give up. */ - if ((rv = EVP_PKEY_get_default_digest_nid(si->pkey, &nid)) <= 0) - return NULL; - if (rv > 2) - return NULL; - - /* - * XXX - we need to identify EdDSA in a better way. Figure out where - * and how. This mimics EdDSA checks in openssl/ca.c and openssl/req.c. - */ - - /* The digest md is required to be EVP_sha512() (EdDSA). */ - if (rv == 2 && nid == NID_undef) - return EVP_sha512(); - - /* Use mandatory or default digest. */ - return EVP_get_digestbynid(nid); -} - -static const EVP_MD * -cms_SignerInfo_signature_md(const CMS_SignerInfo *si) -{ - int rv, nid; - - if (si->pkey == NULL) { - CMSerror(CMS_R_NO_PUBLIC_KEY); - return NULL; - } - - /* Fall back to digestAlgorithm unless pkey has a mandatory digest. */ - if ((rv = EVP_PKEY_get_default_digest_nid(si->pkey, &nid)) <= 1) - return EVP_get_digestbyobj(si->digestAlgorithm->algorithm); - if (rv > 2) - return NULL; - - /* - * XXX - we need to identify EdDSA in a better way. Figure out where - * and how. This mimics EdDSA checks in openssl/ca.c and openssl/req.c. - */ - - /* The signature md is required to be EVP_md_null() (EdDSA). */ - if (nid == NID_undef) - return EVP_md_null(); - - /* Use mandatory digest. */ - return EVP_get_digestbynid(nid); -} - -CMS_SignerInfo * -CMS_add1_signer(CMS_ContentInfo *cms, X509 *signer, EVP_PKEY *pk, - const EVP_MD *md, unsigned int flags) -{ - CMS_SignedData *sd; - CMS_SignerInfo *si = NULL; - X509_ALGOR *alg = NULL; - int i, type; - - if (!X509_check_private_key(signer, pk)) { - CMSerror(CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE); - return NULL; - } - sd = cms_signed_data_init(cms); - if (!sd) - goto err; - si = (CMS_SignerInfo *)ASN1_item_new(&CMS_SignerInfo_it); - if (!si) - goto merr; - /* Call for side-effect of computing hash and caching extensions */ - X509_check_purpose(signer, -1, -1); - - X509_up_ref(signer); - EVP_PKEY_up_ref(pk); - - si->pkey = pk; - si->signer = signer; - si->mctx = EVP_MD_CTX_new(); - si->pctx = NULL; - - if (si->mctx == NULL) { - CMSerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (flags & CMS_USE_KEYID) { - si->version = 3; - if (sd->version < 3) - sd->version = 3; - type = CMS_SIGNERINFO_KEYIDENTIFIER; - } else { - type = CMS_SIGNERINFO_ISSUER_SERIAL; - si->version = 1; - } - - if (!cms_set1_SignerIdentifier(si->sid, signer, type)) - goto err; - - if (md == NULL) - md = cms_SignerInfo_default_digest_md(si); - if (md == NULL) { - CMSerror(CMS_R_NO_DEFAULT_DIGEST); - goto err; - } - - if (!X509_ALGOR_set_evp_md(si->digestAlgorithm, md)) - goto err; - - /* See if digest is present in digestAlgorithms */ - for (i = 0; i < sk_X509_ALGOR_num(sd->digestAlgorithms); i++) { - const X509_ALGOR *x509_alg; - const ASN1_OBJECT *aoid; - - x509_alg = sk_X509_ALGOR_value(sd->digestAlgorithms, i); - X509_ALGOR_get0(&aoid, NULL, NULL, x509_alg); - if (OBJ_obj2nid(aoid) == EVP_MD_type(md)) - break; - } - - if (i == sk_X509_ALGOR_num(sd->digestAlgorithms)) { - if ((alg = X509_ALGOR_new()) == NULL) - goto merr; - if (!X509_ALGOR_set_evp_md(alg, md)) - goto merr; - if (!sk_X509_ALGOR_push(sd->digestAlgorithms, alg)) { - goto merr; - } - alg = NULL; - } - - if (!(flags & CMS_KEY_PARAM) && !cms_sd_asn1_ctrl(si, 0)) - goto err; - if (!(flags & CMS_NOATTR)) { - /* - * Initialize signed attributes structure so other attributes - * such as signing time etc are added later even if we add none here. - */ - if (!si->signedAttrs) { - si->signedAttrs = sk_X509_ATTRIBUTE_new_null(); - if (!si->signedAttrs) - goto merr; - } - - if (!(flags & CMS_NOSMIMECAP)) { - STACK_OF(X509_ALGOR) *smcap = NULL; - - i = CMS_add_standard_smimecap(&smcap); - if (i) - i = CMS_add_smimecap(si, smcap); - sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free); - if (!i) - goto merr; - } - if (flags & CMS_REUSE_DIGEST) { - if (!cms_copy_messageDigest(cms, si)) - goto err; - if (!(flags & (CMS_PARTIAL | CMS_KEY_PARAM)) && - !CMS_SignerInfo_sign(si)) - goto err; - } - } - - if (!(flags & CMS_NOCERTS)) { - /* NB ignore -1 return for duplicate cert */ - if (!CMS_add1_cert(cms, signer)) - goto merr; - } - - if (flags & CMS_KEY_PARAM) { - if (flags & CMS_NOATTR) { - si->pctx = EVP_PKEY_CTX_new(si->pkey, NULL); - if (si->pctx == NULL) - goto err; - if (EVP_PKEY_sign_init(si->pctx) <= 0) - goto err; - if (EVP_PKEY_CTX_set_signature_md(si->pctx, md) <= 0) - goto err; - } else if (EVP_DigestSignInit(si->mctx, &si->pctx, md, - NULL, pk) <= 0) - goto err; - } - - if (!sd->signerInfos) - sd->signerInfos = sk_CMS_SignerInfo_new_null(); - if (!sd->signerInfos || !sk_CMS_SignerInfo_push(sd->signerInfos, si)) - goto merr; - - return si; - - merr: - CMSerror(ERR_R_MALLOC_FAILURE); - err: - ASN1_item_free((ASN1_VALUE *)si, &CMS_SignerInfo_it); - X509_ALGOR_free(alg); - - return NULL; -} -LCRYPTO_ALIAS(CMS_add1_signer); - -static int -cms_add1_signingTime(CMS_SignerInfo *si, ASN1_TIME *t) -{ - ASN1_TIME *tt; - int r = 0; - - if (t) - tt = t; - else - tt = X509_gmtime_adj(NULL, 0); - - if (!tt) - goto merr; - - if (CMS_signed_add1_attr_by_NID(si, NID_pkcs9_signingTime, - tt->type, tt, -1) <= 0) - goto merr; - - r = 1; - - merr: - if (!t) - ASN1_TIME_free(tt); - if (!r) - CMSerror(ERR_R_MALLOC_FAILURE); - - return r; -} - -EVP_PKEY_CTX * -CMS_SignerInfo_get0_pkey_ctx(CMS_SignerInfo *si) -{ - return si->pctx; -} -LCRYPTO_ALIAS(CMS_SignerInfo_get0_pkey_ctx); - -EVP_MD_CTX * -CMS_SignerInfo_get0_md_ctx(CMS_SignerInfo *si) -{ - return si->mctx; -} -LCRYPTO_ALIAS(CMS_SignerInfo_get0_md_ctx); - -STACK_OF(CMS_SignerInfo) * -CMS_get0_SignerInfos(CMS_ContentInfo *cms) -{ - CMS_SignedData *sd; - - sd = cms_get0_signed(cms); - if (!sd) - return NULL; - - return sd->signerInfos; -} -LCRYPTO_ALIAS(CMS_get0_SignerInfos); - -STACK_OF(X509) * -CMS_get0_signers(CMS_ContentInfo *cms) -{ - STACK_OF(X509) *signers = NULL; - STACK_OF(CMS_SignerInfo) *sinfos; - CMS_SignerInfo *si; - int i; - - sinfos = CMS_get0_SignerInfos(cms); - for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) { - si = sk_CMS_SignerInfo_value(sinfos, i); - if (si->signer) { - if (!signers) { - signers = sk_X509_new_null(); - if (!signers) - return NULL; - } - if (!sk_X509_push(signers, si->signer)) { - sk_X509_free(signers); - return NULL; - } - } - } - - return signers; -} -LCRYPTO_ALIAS(CMS_get0_signers); - -void -CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer) -{ - if (signer) { - X509_up_ref(signer); - EVP_PKEY_free(si->pkey); - si->pkey = X509_get_pubkey(signer); - } - X509_free(si->signer); - si->signer = signer; -} -LCRYPTO_ALIAS(CMS_SignerInfo_set1_signer_cert); - -int -CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si, ASN1_OCTET_STRING **keyid, - X509_NAME **issuer, ASN1_INTEGER **sno) -{ - return cms_SignerIdentifier_get0_signer_id(si->sid, keyid, issuer, sno); -} -LCRYPTO_ALIAS(CMS_SignerInfo_get0_signer_id); - -int -CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert) -{ - return cms_SignerIdentifier_cert_cmp(si->sid, cert); -} -LCRYPTO_ALIAS(CMS_SignerInfo_cert_cmp); - -int -CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *scerts, - unsigned int flags) -{ - CMS_SignedData *sd; - CMS_SignerInfo *si; - CMS_CertificateChoices *cch; - STACK_OF(CMS_CertificateChoices) *certs; - X509 *x; - int i, j; - int ret = 0; - - sd = cms_get0_signed(cms); - if (!sd) - return -1; - certs = sd->certificates; - for (i = 0; i < sk_CMS_SignerInfo_num(sd->signerInfos); i++) { - si = sk_CMS_SignerInfo_value(sd->signerInfos, i); - if (si->signer) - continue; - - for (j = 0; j < sk_X509_num(scerts); j++) { - x = sk_X509_value(scerts, j); - if (CMS_SignerInfo_cert_cmp(si, x) == 0) { - CMS_SignerInfo_set1_signer_cert(si, x); - ret++; - break; - } - } - - if (si->signer || (flags & CMS_NOINTERN)) - continue; - - for (j = 0; j < sk_CMS_CertificateChoices_num(certs); j++) { - cch = sk_CMS_CertificateChoices_value(certs, j); - if (cch->type != 0) - continue; - x = cch->d.certificate; - if (CMS_SignerInfo_cert_cmp(si, x) == 0) { - CMS_SignerInfo_set1_signer_cert(si, x); - ret++; - break; - } - } - } - return ret; -} -LCRYPTO_ALIAS(CMS_set1_signers_certs); - -void -CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk, X509 **signer, -X509_ALGOR **pdig, X509_ALGOR **psig) -{ - if (pk) - *pk = si->pkey; - if (signer) - *signer = si->signer; - if (pdig) - *pdig = si->digestAlgorithm; - if (psig) - *psig = si->signatureAlgorithm; -} -LCRYPTO_ALIAS(CMS_SignerInfo_get0_algs); - -ASN1_OCTET_STRING * -CMS_SignerInfo_get0_signature(CMS_SignerInfo *si) -{ - return si->signature; -} -LCRYPTO_ALIAS(CMS_SignerInfo_get0_signature); - -static int -cms_SignerInfo_content_sign(CMS_ContentInfo *cms, CMS_SignerInfo *si, BIO *chain) -{ - EVP_MD_CTX *mctx = EVP_MD_CTX_new(); - int r = 0; - EVP_PKEY_CTX *pctx = NULL; - - if (mctx == NULL) { - CMSerror(ERR_R_MALLOC_FAILURE); - return 0; - } - - if (!si->pkey) { - CMSerror(CMS_R_NO_PRIVATE_KEY); - goto err; - } - - if (!cms_DigestAlgorithm_find_ctx(mctx, chain, si->digestAlgorithm)) - goto err; - /* Set SignerInfo algorithm details if we used custom parameter */ - if (si->pctx && !cms_sd_asn1_ctrl(si, 0)) - goto err; - - /* - * If any signed attributes calculate and add messageDigest attribute - */ - - if (CMS_signed_get_attr_count(si) >= 0) { - ASN1_OBJECT *ctype = - cms->d.signedData->encapContentInfo->eContentType; - unsigned char md[EVP_MAX_MD_SIZE]; - unsigned int mdlen; - - if (!EVP_DigestFinal_ex(mctx, md, &mdlen)) - goto err; - if (!CMS_signed_add1_attr_by_NID(si, NID_pkcs9_messageDigest, - V_ASN1_OCTET_STRING, md, mdlen)) - goto err; - /* Copy content type across */ - if (CMS_signed_add1_attr_by_NID(si, NID_pkcs9_contentType, - V_ASN1_OBJECT, ctype, -1) <= 0) - goto err; - if (!CMS_SignerInfo_sign(si)) - goto err; - } else if (si->pctx) { - unsigned char *sig; - size_t siglen; - unsigned char md[EVP_MAX_MD_SIZE]; - unsigned int mdlen; - - pctx = si->pctx; - if (!EVP_DigestFinal_ex(mctx, md, &mdlen)) - goto err; - siglen = EVP_PKEY_size(si->pkey); - sig = malloc(siglen); - if (sig == NULL) { - CMSerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if (EVP_PKEY_sign(pctx, sig, &siglen, md, mdlen) <= 0) { - free(sig); - goto err; - } - ASN1_STRING_set0(si->signature, sig, siglen); - } else { - unsigned char *sig; - unsigned int siglen; - - sig = malloc(EVP_PKEY_size(si->pkey)); - if (sig == NULL) { - CMSerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if (!EVP_SignFinal(mctx, sig, &siglen, si->pkey)) { - CMSerror(CMS_R_SIGNFINAL_ERROR); - free(sig); - goto err; - } - ASN1_STRING_set0(si->signature, sig, siglen); - } - - r = 1; - - err: - EVP_MD_CTX_free(mctx); - EVP_PKEY_CTX_free(pctx); - - return r; -} - -int -cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain) -{ - STACK_OF(CMS_SignerInfo) *sinfos; - CMS_SignerInfo *si; - int i; - - sinfos = CMS_get0_SignerInfos(cms); - for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) { - si = sk_CMS_SignerInfo_value(sinfos, i); - if (!cms_SignerInfo_content_sign(cms, si, chain)) - return 0; - } - cms->d.signedData->encapContentInfo->partial = 0; - - return 1; -} - -int -CMS_SignerInfo_sign(CMS_SignerInfo *si) -{ - const EVP_MD *md; - unsigned char *buf = NULL, *sig = NULL; - int buf_len = 0; - size_t sig_len = 0; - int ret = 0; - - if ((md = cms_SignerInfo_signature_md(si)) == NULL) - goto err; - - if (CMS_signed_get_attr_by_NID(si, NID_pkcs9_signingTime, -1) < 0) { - if (!cms_add1_signingTime(si, NULL)) - goto err; - } - - if (si->pctx == NULL) { - (void)EVP_MD_CTX_reset(si->mctx); - if (!EVP_DigestSignInit(si->mctx, &si->pctx, md, NULL, si->pkey)) - goto err; - } - - if (EVP_PKEY_CTX_ctrl(si->pctx, -1, EVP_PKEY_OP_SIGN, - EVP_PKEY_CTRL_CMS_SIGN, 0, si) <= 0) { - CMSerror(CMS_R_CTRL_ERROR); - goto err; - } - - if ((buf_len = ASN1_item_i2d((ASN1_VALUE *)si->signedAttrs, &buf, - &CMS_Attributes_Sign_it)) <= 0) { - buf_len = 0; - goto err; - } - if (!EVP_DigestSign(si->mctx, NULL, &sig_len, buf, buf_len)) - goto err; - if ((sig = calloc(1, sig_len)) == NULL) - goto err; - if (!EVP_DigestSign(si->mctx, sig, &sig_len, buf, buf_len)) - goto err; - - if (EVP_PKEY_CTX_ctrl(si->pctx, -1, EVP_PKEY_OP_SIGN, - EVP_PKEY_CTRL_CMS_SIGN, 1, si) <= 0) { - CMSerror(CMS_R_CTRL_ERROR); - goto err; - } - - ASN1_STRING_set0(si->signature, sig, sig_len); - sig = NULL; - - ret = 1; - - err: - (void)EVP_MD_CTX_reset(si->mctx); - freezero(buf, buf_len); - freezero(sig, sig_len); - - return ret; -} -LCRYPTO_ALIAS(CMS_SignerInfo_sign); - -int -CMS_SignerInfo_verify(CMS_SignerInfo *si) -{ - const EVP_MD *md; - unsigned char *buf = NULL; - int buf_len = 0; - int ret = -1; - - if ((md = cms_SignerInfo_signature_md(si)) == NULL) - goto err; - - if (si->mctx == NULL) - si->mctx = EVP_MD_CTX_new(); - if (si->mctx == NULL) { - CMSerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (EVP_DigestVerifyInit(si->mctx, &si->pctx, md, NULL, si->pkey) <= 0) - goto err; - - if (!cms_sd_asn1_ctrl(si, 1)) - goto err; - - if ((buf_len = ASN1_item_i2d((ASN1_VALUE *)si->signedAttrs, &buf, - &CMS_Attributes_Verify_it)) <= 0) { - buf_len = 0; - goto err; - } - - ret = EVP_DigestVerify(si->mctx, si->signature->data, si->signature->length, - buf, buf_len); - if (ret <= 0) { - CMSerror(CMS_R_VERIFICATION_FAILURE); - goto err; - } - - err: - (void)EVP_MD_CTX_reset(si->mctx); - freezero(buf, buf_len); - - return ret; -} -LCRYPTO_ALIAS(CMS_SignerInfo_verify); - -/* Create a chain of digest BIOs from a CMS ContentInfo */ - -BIO * -cms_SignedData_init_bio(CMS_ContentInfo *cms) -{ - int i; - CMS_SignedData *sd; - BIO *chain = NULL; - - sd = cms_get0_signed(cms); - if (!sd) - return NULL; - if (cms->d.signedData->encapContentInfo->partial) - cms_sd_set_version(sd); - for (i = 0; i < sk_X509_ALGOR_num(sd->digestAlgorithms); i++) { - X509_ALGOR *digestAlgorithm; - BIO *mdbio; - digestAlgorithm = sk_X509_ALGOR_value(sd->digestAlgorithms, i); - mdbio = cms_DigestAlgorithm_init_bio(digestAlgorithm); - if (!mdbio) - goto err; - if (chain) - BIO_push(chain, mdbio); - else - chain = mdbio; - } - - return chain; - - err: - BIO_free_all(chain); - - return NULL; -} - -int -CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain) -{ - ASN1_OCTET_STRING *os = NULL; - EVP_MD_CTX *mctx = EVP_MD_CTX_new(); - EVP_PKEY_CTX *pkctx = NULL; - int r = -1; - unsigned char mval[EVP_MAX_MD_SIZE]; - unsigned int mlen; - - if (mctx == NULL) { - CMSerror(ERR_R_MALLOC_FAILURE); - goto err; - } - /* If we have any signed attributes look for messageDigest value */ - if (CMS_signed_get_attr_count(si) >= 0) { - os = CMS_signed_get0_data_by_OBJ(si, - OBJ_nid2obj(NID_pkcs9_messageDigest), -3, - V_ASN1_OCTET_STRING); - if (!os) { - CMSerror(CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE); - goto err; - } - } - - if (!cms_DigestAlgorithm_find_ctx(mctx, chain, si->digestAlgorithm)) - goto err; - - if (EVP_DigestFinal_ex(mctx, mval, &mlen) <= 0) { - CMSerror(CMS_R_UNABLE_TO_FINALIZE_CONTEXT); - goto err; - } - - /* If messageDigest found compare it */ - - if (os) { - if (mlen != (unsigned int)os->length) { - CMSerror(CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH); - goto err; - } - - if (memcmp(mval, os->data, mlen)) { - CMSerror(CMS_R_VERIFICATION_FAILURE); - r = 0; - } else - r = 1; - } else { - const EVP_MD *md = EVP_MD_CTX_md(mctx); - - pkctx = EVP_PKEY_CTX_new(si->pkey, NULL); - if (pkctx == NULL) - goto err; - if (EVP_PKEY_verify_init(pkctx) <= 0) - goto err; - if (EVP_PKEY_CTX_set_signature_md(pkctx, md) <= 0) - goto err; - si->pctx = pkctx; - if (!cms_sd_asn1_ctrl(si, 1)) - goto err; - r = EVP_PKEY_verify(pkctx, si->signature->data, - si->signature->length, mval, mlen); - if (r <= 0) { - CMSerror(CMS_R_VERIFICATION_FAILURE); - r = 0; - } - } - - err: - EVP_PKEY_CTX_free(pkctx); - EVP_MD_CTX_free(mctx); - - return r; -} -LCRYPTO_ALIAS(CMS_SignerInfo_verify_content); - -int -CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs) -{ - unsigned char *smder = NULL; - int smderlen, r; - - smderlen = i2d_X509_ALGORS(algs, &smder); - if (smderlen <= 0) - return 0; - r = CMS_signed_add1_attr_by_NID(si, NID_SMIMECapabilities, - V_ASN1_SEQUENCE, smder, smderlen); - free(smder); - - return r; -} -LCRYPTO_ALIAS(CMS_add_smimecap); - -/* - * Add AlgorithmIdentifier OID of type |nid| to the SMIMECapability attribute - * set |*out_algs| (see RFC 3851, section 2.5.2). If keysize > 0, the OID has - * an integer parameter of value |keysize|, otherwise parameters are omitted. - */ -int -CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **out_algs, int nid, int keysize) -{ - STACK_OF(X509_ALGOR) *algs; - X509_ALGOR *alg = NULL; - ASN1_INTEGER *parameter = NULL; - int parameter_type = V_ASN1_UNDEF; - int ret = 0; - - if ((algs = *out_algs) == NULL) - algs = sk_X509_ALGOR_new_null(); - if (algs == NULL) - goto err; - - if (keysize > 0) { - if ((parameter = ASN1_INTEGER_new()) == NULL) - goto err; - if (!ASN1_INTEGER_set(parameter, keysize)) - goto err; - parameter_type = V_ASN1_INTEGER; - } - - if ((alg = X509_ALGOR_new()) == NULL) - goto err; - if (!X509_ALGOR_set0_by_nid(alg, nid, parameter_type, parameter)) - goto err; - parameter = NULL; - - if (sk_X509_ALGOR_push(algs, alg) <= 0) - goto err; - alg = NULL; - - *out_algs = algs; - algs = NULL; - - ret = 1; - - err: - if (algs != *out_algs) - sk_X509_ALGOR_pop_free(algs, X509_ALGOR_free); - X509_ALGOR_free(alg); - ASN1_INTEGER_free(parameter); - - return ret; -} -LCRYPTO_ALIAS(CMS_add_simple_smimecap); - -/* Check to see if a cipher exists and if so add S/MIME capabilities */ - -static int -cms_add_cipher_smcap(STACK_OF(X509_ALGOR) **sk, int nid, int arg) -{ - if (EVP_get_cipherbynid(nid)) - return CMS_add_simple_smimecap(sk, nid, arg); - return 1; -} - -int -CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap) -{ - if (!cms_add_cipher_smcap(smcap, NID_aes_256_cbc, -1) || - !cms_add_cipher_smcap(smcap, NID_aes_192_cbc, -1) || - !cms_add_cipher_smcap(smcap, NID_aes_128_cbc, -1) || - !cms_add_cipher_smcap(smcap, NID_des_ede3_cbc, -1) || - !cms_add_cipher_smcap(smcap, NID_rc2_cbc, 128) || - !cms_add_cipher_smcap(smcap, NID_rc2_cbc, 64) || - !cms_add_cipher_smcap(smcap, NID_des_cbc, -1) || - !cms_add_cipher_smcap(smcap, NID_rc2_cbc, 40)) - return 0; - - return 1; -} -LCRYPTO_ALIAS(CMS_add_standard_smimecap); diff --git a/src/lib/libcrypto/cms/cms_smime.c b/src/lib/libcrypto/cms/cms_smime.c deleted file mode 100644 index 5a194748d9..0000000000 --- a/src/lib/libcrypto/cms/cms_smime.c +++ /dev/null @@ -1,908 +0,0 @@ -/* $OpenBSD: cms_smime.c,v 1.28 2023/12/22 10:23:11 tb Exp $ */ -/* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include - -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "cms_local.h" - -static BIO * -cms_get_text_bio(BIO *out, unsigned int flags) -{ - BIO *rbio; - - if (out == NULL) - rbio = BIO_new(BIO_s_null()); - else if (flags & CMS_TEXT) { - rbio = BIO_new(BIO_s_mem()); - BIO_set_mem_eof_return(rbio, 0); - } else - rbio = out; - - return rbio; -} - -static int -cms_copy_content(BIO *out, BIO *in, unsigned int flags) -{ - unsigned char buf[4096]; - int r = 0, i; - BIO *tmpout; - - tmpout = cms_get_text_bio(out, flags); - - if (tmpout == NULL) { - CMSerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - /* Read all content through chain to process digest, decrypt etc */ - for (;;) { - i = BIO_read(in, buf, sizeof(buf)); - if (i <= 0) { - if (BIO_method_type(in) == BIO_TYPE_CIPHER) { - if (!BIO_get_cipher_status(in)) - goto err; - } - if (i < 0) - goto err; - break; - } - - if (tmpout && (BIO_write(tmpout, buf, i) != i)) - goto err; - } - - if (flags & CMS_TEXT) { - if (!SMIME_text(tmpout, out)) { - CMSerror(CMS_R_SMIME_TEXT_ERROR); - goto err; - } - } - - r = 1; - - err: - if (tmpout != out) - BIO_free(tmpout); - - return r; -} - -static int -check_content(CMS_ContentInfo *cms) -{ - ASN1_OCTET_STRING **pos = CMS_get0_content(cms); - - if (!pos || !*pos) { - CMSerror(CMS_R_NO_CONTENT); - return 0; - } - - return 1; -} - -static void -do_free_upto(BIO *f, BIO *upto) -{ - if (upto) { - BIO *tbio; - do { - tbio = BIO_pop(f); - BIO_free(f); - f = tbio; - } - while (f && f != upto); - } else - BIO_free_all(f); -} - -int -CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags) -{ - BIO *cont; - int r; - - if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_data) { - CMSerror(CMS_R_TYPE_NOT_DATA); - return 0; - } - cont = CMS_dataInit(cms, NULL); - if (!cont) - return 0; - r = cms_copy_content(out, cont, flags); - BIO_free_all(cont); - - return r; -} -LCRYPTO_ALIAS(CMS_data); - -CMS_ContentInfo * -CMS_data_create(BIO *in, unsigned int flags) -{ - CMS_ContentInfo *cms; - - cms = cms_Data_create(); - if (!cms) - return NULL; - - if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags)) - return cms; - - CMS_ContentInfo_free(cms); - - return NULL; -} -LCRYPTO_ALIAS(CMS_data_create); - -int -CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out, unsigned int flags) -{ - BIO *cont; - int r; - - if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_digest) { - CMSerror(CMS_R_TYPE_NOT_DIGESTED_DATA); - return 0; - } - - if (!dcont && !check_content(cms)) - return 0; - - cont = CMS_dataInit(cms, dcont); - if (!cont) - return 0; - r = cms_copy_content(out, cont, flags); - if (r) - r = cms_DigestedData_do_final(cms, cont, 1); - do_free_upto(cont, dcont); - - return r; -} -LCRYPTO_ALIAS(CMS_digest_verify); - -CMS_ContentInfo * -CMS_digest_create(BIO *in, const EVP_MD *md, unsigned int flags) -{ - CMS_ContentInfo *cms; - - if (!md) - md = EVP_sha1(); - cms = cms_DigestedData_create(md); - if (!cms) - return NULL; - - if (!(flags & CMS_DETACHED)) - CMS_set_detached(cms, 0); - - if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags)) - return cms; - - CMS_ContentInfo_free(cms); - - return NULL; -} -LCRYPTO_ALIAS(CMS_digest_create); - -int -CMS_EncryptedData_decrypt(CMS_ContentInfo *cms, const unsigned char *key, - size_t keylen, BIO *dcont, BIO *out, unsigned int flags) -{ - BIO *cont; - int r; - - if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_encrypted) { - CMSerror(CMS_R_TYPE_NOT_ENCRYPTED_DATA); - return 0; - } - - if (!dcont && !check_content(cms)) - return 0; - - if (CMS_EncryptedData_set1_key(cms, NULL, key, keylen) <= 0) - return 0; - cont = CMS_dataInit(cms, dcont); - if (!cont) - return 0; - r = cms_copy_content(out, cont, flags); - do_free_upto(cont, dcont); - - return r; -} -LCRYPTO_ALIAS(CMS_EncryptedData_decrypt); - -CMS_ContentInfo * -CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher, - const unsigned char *key, size_t keylen, unsigned int flags) -{ - CMS_ContentInfo *cms; - - if (!cipher) { - CMSerror(CMS_R_NO_CIPHER); - return NULL; - } - cms = CMS_ContentInfo_new(); - if (cms == NULL) - return NULL; - if (!CMS_EncryptedData_set1_key(cms, cipher, key, keylen)) - return NULL; - - if (!(flags & CMS_DETACHED)) - CMS_set_detached(cms, 0); - - if ((flags & (CMS_STREAM | CMS_PARTIAL)) || - CMS_final(cms, in, NULL, flags)) - return cms; - - CMS_ContentInfo_free(cms); - - return NULL; -} -LCRYPTO_ALIAS(CMS_EncryptedData_encrypt); - -static int -cms_signerinfo_verify_cert(CMS_SignerInfo *si, X509_STORE *store, - STACK_OF(X509) *certs, STACK_OF(X509_CRL) *crls) -{ - X509_STORE_CTX *ctx = X509_STORE_CTX_new(); - X509 *signer; - int i, j, r = 0; - - if (ctx == NULL) { - CMSerror(ERR_R_MALLOC_FAILURE); - goto err; - } - CMS_SignerInfo_get0_algs(si, NULL, &signer, NULL, NULL); - if (!X509_STORE_CTX_init(ctx, store, signer, certs)) { - CMSerror(CMS_R_STORE_INIT_ERROR); - goto err; - } - X509_STORE_CTX_set_default(ctx, "smime_sign"); - if (crls) - X509_STORE_CTX_set0_crls(ctx, crls); - - i = X509_verify_cert(ctx); - if (i <= 0) { - j = X509_STORE_CTX_get_error(ctx); - CMSerror(CMS_R_CERTIFICATE_VERIFY_ERROR); - ERR_asprintf_error_data("Verify error: %s", - X509_verify_cert_error_string(j)); - goto err; - } - r = 1; - - err: - X509_STORE_CTX_free(ctx); - - return r; -} - -int -CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, X509_STORE *store, - BIO *dcont, BIO *out, unsigned int flags) -{ - CMS_SignerInfo *si; - STACK_OF(CMS_SignerInfo) *sinfos; - STACK_OF(X509) *cms_certs = NULL; - STACK_OF(X509_CRL) *crls = NULL; - X509 *signer; - int i, scount = 0, ret = 0; - BIO *cmsbio = NULL, *tmpin = NULL, *tmpout = NULL; - - if (!dcont && !check_content(cms)) - return 0; - if (dcont && !(flags & CMS_BINARY)) { - const ASN1_OBJECT *coid = CMS_get0_eContentType(cms); - if (OBJ_obj2nid(coid) == NID_id_ct_asciiTextWithCRLF) - flags |= CMS_ASCIICRLF; - } - - /* Attempt to find all signer certificates */ - - sinfos = CMS_get0_SignerInfos(cms); - if (sk_CMS_SignerInfo_num(sinfos) <= 0) { - CMSerror(CMS_R_NO_SIGNERS); - goto err; - } - - for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) { - si = sk_CMS_SignerInfo_value(sinfos, i); - CMS_SignerInfo_get0_algs(si, NULL, &signer, NULL, NULL); - if (signer) - scount++; - } - - if (scount != sk_CMS_SignerInfo_num(sinfos)) - scount += CMS_set1_signers_certs(cms, certs, flags); - - if (scount != sk_CMS_SignerInfo_num(sinfos)) { - CMSerror(CMS_R_SIGNER_CERTIFICATE_NOT_FOUND); - goto err; - } - - /* Attempt to verify all signers certs */ - - if (!(flags & CMS_NO_SIGNER_CERT_VERIFY)) { - cms_certs = CMS_get1_certs(cms); - if (!(flags & CMS_NOCRL)) - crls = CMS_get1_crls(cms); - for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) { - si = sk_CMS_SignerInfo_value(sinfos, i); - if (!cms_signerinfo_verify_cert(si, store, cms_certs, crls)) - goto err; - } - } - - /* Attempt to verify all SignerInfo signed attribute signatures */ - - if (!(flags & CMS_NO_ATTR_VERIFY)) { - for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) { - si = sk_CMS_SignerInfo_value(sinfos, i); - if (CMS_signed_get_attr_count(si) < 0) - continue; - if (CMS_SignerInfo_verify(si) <= 0) - goto err; - } - } - - /* - * Performance optimization: if the content is a memory BIO then store - * its contents in a temporary read only memory BIO. This avoids - * potentially large numbers of slow copies of data which will occur when - * reading from a read write memory BIO when signatures are calculated. - */ - - if (dcont && (BIO_method_type(dcont) == BIO_TYPE_MEM)) { - char *ptr; - long len; - - len = BIO_get_mem_data(dcont, &ptr); - tmpin = BIO_new_mem_buf(ptr, len); - if (tmpin == NULL) { - CMSerror(ERR_R_MALLOC_FAILURE); - goto err2; - } - } else - tmpin = dcont; - - /* - * If not binary mode and detached generate digests by *writing* through - * the BIO. That makes it possible to canonicalise the input. - */ - if (!(flags & SMIME_BINARY) && dcont) { - /* - * Create output BIO so we can either handle text or to ensure - * included content doesn't override detached content. - */ - tmpout = cms_get_text_bio(out, flags); - if (!tmpout) { - CMSerror(ERR_R_MALLOC_FAILURE); - goto err; - } - cmsbio = CMS_dataInit(cms, tmpout); - if (!cmsbio) - goto err; - /* - * Don't use SMIME_TEXT for verify: it adds headers and we want to - * remove them. - */ - SMIME_crlf_copy(dcont, cmsbio, flags & ~SMIME_TEXT); - - if (flags & CMS_TEXT) { - if (!SMIME_text(tmpout, out)) { - CMSerror(CMS_R_SMIME_TEXT_ERROR); - goto err; - } - } - } else { - cmsbio = CMS_dataInit(cms, tmpin); - if (!cmsbio) - goto err; - - if (!cms_copy_content(out, cmsbio, flags)) - goto err; - - } - if (!(flags & CMS_NO_CONTENT_VERIFY)) { - for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) { - si = sk_CMS_SignerInfo_value(sinfos, i); - if (CMS_SignerInfo_verify_content(si, cmsbio) <= 0) { - CMSerror(CMS_R_CONTENT_VERIFY_ERROR); - goto err; - } - } - } - - ret = 1; - - err: - if (!(flags & SMIME_BINARY) && dcont) { - do_free_upto(cmsbio, tmpout); - if (tmpin != dcont) - BIO_free(tmpin); - } else { - if (dcont && (tmpin == dcont)) - do_free_upto(cmsbio, dcont); - else - BIO_free_all(cmsbio); - } - - if (out != tmpout) - BIO_free_all(tmpout); - - err2: - sk_X509_pop_free(cms_certs, X509_free); - sk_X509_CRL_pop_free(crls, X509_CRL_free); - - return ret; -} -LCRYPTO_ALIAS(CMS_verify); - -int -CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms, - STACK_OF(X509) *certs, X509_STORE *store, unsigned int flags) -{ - int r; - - flags &= ~(CMS_DETACHED | CMS_TEXT); - r = CMS_verify(rcms, certs, store, NULL, NULL, flags); - if (r <= 0) - return r; - - return cms_Receipt_verify(rcms, ocms); -} -LCRYPTO_ALIAS(CMS_verify_receipt); - -CMS_ContentInfo * -CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, - unsigned int flags) -{ - CMS_ContentInfo *cms; - int i; - - cms = CMS_ContentInfo_new(); - if (cms == NULL || !CMS_SignedData_init(cms)) - goto merr; - if (flags & CMS_ASCIICRLF && - !CMS_set1_eContentType(cms, OBJ_nid2obj(NID_id_ct_asciiTextWithCRLF))) - goto err; - - if (pkey && !CMS_add1_signer(cms, signcert, pkey, NULL, flags)) { - CMSerror(CMS_R_ADD_SIGNER_ERROR); - goto err; - } - - for (i = 0; i < sk_X509_num(certs); i++) { - X509 *x = sk_X509_value(certs, i); - if (!CMS_add1_cert(cms, x)) - goto merr; - } - - if (!(flags & CMS_DETACHED)) - CMS_set_detached(cms, 0); - - if ((flags & (CMS_STREAM | CMS_PARTIAL)) || - CMS_final(cms, data, NULL, flags)) - return cms; - else - goto err; - - merr: - CMSerror(ERR_R_MALLOC_FAILURE); - - err: - CMS_ContentInfo_free(cms); - - return NULL; -} -LCRYPTO_ALIAS(CMS_sign); - -CMS_ContentInfo * -CMS_sign_receipt(CMS_SignerInfo *si, X509 *signcert, EVP_PKEY *pkey, - STACK_OF(X509) *certs, unsigned int flags) -{ - CMS_SignerInfo *rct_si; - CMS_ContentInfo *cms = NULL; - ASN1_OCTET_STRING **pos, *os; - BIO *rct_cont = NULL; - int r = 0; - - flags &= ~(CMS_STREAM | CMS_TEXT); - /* Not really detached but avoids content being allocated */ - flags |= CMS_PARTIAL | CMS_BINARY | CMS_DETACHED; - if (!pkey || !signcert) { - CMSerror(CMS_R_NO_KEY_OR_CERT); - return NULL; - } - - /* Initialize signed data */ - - cms = CMS_sign(NULL, NULL, certs, NULL, flags); - if (!cms) - goto err; - - /* Set inner content type to signed receipt */ - if (!CMS_set1_eContentType(cms, OBJ_nid2obj(NID_id_smime_ct_receipt))) - goto err; - - rct_si = CMS_add1_signer(cms, signcert, pkey, NULL, flags); - if (!rct_si) { - CMSerror(CMS_R_ADD_SIGNER_ERROR); - goto err; - } - - os = cms_encode_Receipt(si); - if (!os) - goto err; - - /* Set content to digest */ - rct_cont = BIO_new_mem_buf(os->data, os->length); - if (!rct_cont) - goto err; - - /* Add msgSigDigest attribute */ - - if (!cms_msgSigDigest_add1(rct_si, si)) - goto err; - - /* Finalize structure */ - if (!CMS_final(cms, rct_cont, NULL, flags)) - goto err; - - /* Set embedded content */ - pos = CMS_get0_content(cms); - *pos = os; - - r = 1; - - err: - BIO_free(rct_cont); - if (r) - return cms; - CMS_ContentInfo_free(cms); - - return NULL; -} -LCRYPTO_ALIAS(CMS_sign_receipt); - -CMS_ContentInfo * -CMS_encrypt(STACK_OF(X509) *certs, BIO *data, const EVP_CIPHER *cipher, - unsigned int flags) -{ - CMS_ContentInfo *cms; - int i; - X509 *recip; - - cms = CMS_EnvelopedData_create(cipher); - if (!cms) - goto merr; - for (i = 0; i < sk_X509_num(certs); i++) { - recip = sk_X509_value(certs, i); - if (!CMS_add1_recipient_cert(cms, recip, flags)) { - CMSerror(CMS_R_RECIPIENT_ERROR); - goto err; - } - } - - if (!(flags & CMS_DETACHED)) - CMS_set_detached(cms, 0); - - if ((flags & (CMS_STREAM | CMS_PARTIAL)) || - CMS_final(cms, data, NULL, flags)) - return cms; - else - goto err; - - merr: - CMSerror(ERR_R_MALLOC_FAILURE); - err: - CMS_ContentInfo_free(cms); - - return NULL; -} -LCRYPTO_ALIAS(CMS_encrypt); - -static int -cms_kari_set1_pkey(CMS_ContentInfo *cms, CMS_RecipientInfo *ri, EVP_PKEY *pk, - X509 *cert) -{ - int i; - STACK_OF(CMS_RecipientEncryptedKey) *reks; - CMS_RecipientEncryptedKey *rek; - - reks = CMS_RecipientInfo_kari_get0_reks(ri); - for (i = 0; i < sk_CMS_RecipientEncryptedKey_num(reks); i++) { - int rv; - - rek = sk_CMS_RecipientEncryptedKey_value(reks, i); - if (cert != NULL && CMS_RecipientEncryptedKey_cert_cmp(rek, cert)) - continue; - CMS_RecipientInfo_kari_set0_pkey(ri, pk); - rv = CMS_RecipientInfo_kari_decrypt(cms, ri, rek); - CMS_RecipientInfo_kari_set0_pkey(ri, NULL); - if (rv > 0) - return 1; - return cert == NULL ? 0 : -1; - } - - return 0; -} - -int -CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert) -{ - STACK_OF(CMS_RecipientInfo) *ris; - CMS_RecipientInfo *ri; - int i, r, ri_type; - int debug = 0, match_ri = 0; - - ris = CMS_get0_RecipientInfos(cms); - if (ris) - debug = cms->d.envelopedData->encryptedContentInfo->debug; - ri_type = cms_pkey_get_ri_type(pk); - if (ri_type == CMS_RECIPINFO_NONE) { - CMSerror(CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); - return 0; - } - - for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++) { - ri = sk_CMS_RecipientInfo_value(ris, i); - if (CMS_RecipientInfo_type(ri) != ri_type) - continue; - match_ri = 1; - if (ri_type == CMS_RECIPINFO_AGREE) { - r = cms_kari_set1_pkey(cms, ri, pk, cert); - if (r > 0) - return 1; - if (r < 0) - return 0; - } - /* - * If we have a cert try matching RecipientInfo otherwise try them - * all. - */ - else if (!cert || !CMS_RecipientInfo_ktri_cert_cmp(ri, cert)) { - EVP_PKEY_up_ref(pk); - CMS_RecipientInfo_set0_pkey(ri, pk); - r = CMS_RecipientInfo_decrypt(cms, ri); - CMS_RecipientInfo_set0_pkey(ri, NULL); - if (cert) { - /* - * If not debugging clear any error and return success to - * avoid leaking of information useful to MMA - */ - if (!debug) { - ERR_clear_error(); - return 1; - } - if (r > 0) - return 1; - CMSerror(CMS_R_DECRYPT_ERROR); - return 0; - } - /* - * If no cert and not debugging don't leave loop after first - * successful decrypt. Always attempt to decrypt all recipients - * to avoid leaking timing of a successful decrypt. - */ - else if (r > 0 && debug) - return 1; - } - } - /* If no cert, key transport and not debugging always return success */ - if (cert == NULL && ri_type == CMS_RECIPINFO_TRANS && match_ri && !debug) { - ERR_clear_error(); - return 1; - } - - CMSerror(CMS_R_NO_MATCHING_RECIPIENT); - - return 0; -} -LCRYPTO_ALIAS(CMS_decrypt_set1_pkey); - -int -CMS_decrypt_set1_key(CMS_ContentInfo *cms, unsigned char *key, size_t keylen, - const unsigned char *id, size_t idlen) -{ - STACK_OF(CMS_RecipientInfo) *ris; - CMS_RecipientInfo *ri; - int i, r; - - ris = CMS_get0_RecipientInfos(cms); - for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++) { - ri = sk_CMS_RecipientInfo_value(ris, i); - if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_KEK) - continue; - - /* - * If we have an id try matching RecipientInfo otherwise try them - * all. - */ - if (!id || (CMS_RecipientInfo_kekri_id_cmp(ri, id, idlen) == 0)) { - CMS_RecipientInfo_set0_key(ri, key, keylen); - r = CMS_RecipientInfo_decrypt(cms, ri); - CMS_RecipientInfo_set0_key(ri, NULL, 0); - if (r > 0) - return 1; - if (id) { - CMSerror(CMS_R_DECRYPT_ERROR); - return 0; - } - ERR_clear_error(); - } - } - - CMSerror(CMS_R_NO_MATCHING_RECIPIENT); - - return 0; -} -LCRYPTO_ALIAS(CMS_decrypt_set1_key); - -int -CMS_decrypt_set1_password(CMS_ContentInfo *cms, unsigned char *pass, - ssize_t passlen) -{ - STACK_OF(CMS_RecipientInfo) *ris; - CMS_RecipientInfo *ri; - int i, r; - - ris = CMS_get0_RecipientInfos(cms); - for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++) { - ri = sk_CMS_RecipientInfo_value(ris, i); - if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_PASS) - continue; - CMS_RecipientInfo_set0_password(ri, pass, passlen); - r = CMS_RecipientInfo_decrypt(cms, ri); - CMS_RecipientInfo_set0_password(ri, NULL, 0); - if (r > 0) - return 1; - } - - CMSerror(CMS_R_NO_MATCHING_RECIPIENT); - - return 0; -} -LCRYPTO_ALIAS(CMS_decrypt_set1_password); - -int -CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert, BIO *dcont, - BIO *out, unsigned int flags) -{ - int r; - BIO *cont; - - if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_enveloped) { - CMSerror(CMS_R_TYPE_NOT_ENVELOPED_DATA); - return 0; - } - if (!dcont && !check_content(cms)) - return 0; - if (flags & CMS_DEBUG_DECRYPT) - cms->d.envelopedData->encryptedContentInfo->debug = 1; - else - cms->d.envelopedData->encryptedContentInfo->debug = 0; - if (!cert) - cms->d.envelopedData->encryptedContentInfo->havenocert = 1; - else - cms->d.envelopedData->encryptedContentInfo->havenocert = 0; - if (!pk && !cert && !dcont && !out) - return 1; - if (pk && !CMS_decrypt_set1_pkey(cms, pk, cert)) - return 0; - cont = CMS_dataInit(cms, dcont); - if (!cont) - return 0; - r = cms_copy_content(out, cont, flags); - do_free_upto(cont, dcont); - - return r; -} -LCRYPTO_ALIAS(CMS_decrypt); - -int -CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags) -{ - BIO *cmsbio; - int ret = 0; - - if ((cmsbio = CMS_dataInit(cms, dcont)) == NULL) { - CMSerror(CMS_R_CMS_LIB); - return 0; - } - - SMIME_crlf_copy(data, cmsbio, flags); - - (void)BIO_flush(cmsbio); - - if (!CMS_dataFinal(cms, cmsbio)) { - CMSerror(CMS_R_CMS_DATAFINAL_ERROR); - goto err; - } - - ret = 1; - - err: - do_free_upto(cmsbio, dcont); - - return ret; -} -LCRYPTO_ALIAS(CMS_final); - -int -CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out, unsigned int flags) -{ - CMSerror(CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM); - return 0; -} -LCRYPTO_ALIAS(CMS_uncompress); - -CMS_ContentInfo * -CMS_compress(BIO *in, int comp_nid, unsigned int flags) -{ - CMSerror(CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM); - return NULL; -} -LCRYPTO_ALIAS(CMS_compress); diff --git a/src/lib/libcrypto/comp/comp.h b/src/lib/libcrypto/comp/comp.h deleted file mode 100644 index f0330276f0..0000000000 --- a/src/lib/libcrypto/comp/comp.h +++ /dev/null @@ -1,7 +0,0 @@ -/* $OpenBSD: comp.h,v 1.13 2023/07/28 09:42:44 tb Exp $ */ - -/* - * Public domain. - * - * This header is intentionally left empty. Some software uses it unnecessarily. - */ diff --git a/src/lib/libcrypto/conf/README b/src/lib/libcrypto/conf/README deleted file mode 100644 index 96e53b34ed..0000000000 --- a/src/lib/libcrypto/conf/README +++ /dev/null @@ -1,73 +0,0 @@ -Configuration modules. These are a set of modules which can perform -various configuration functions. - -Currently the routines should be called at most once when an application -starts up: that is before it starts any threads. - -The routines read a configuration file set up like this: - ------ -#default section -openssl_conf=init_section - -[init_section] - -module1=value1 -#Second instance of module1 -module1.1=valueX -module2=value2 -module3=dso_literal -module4=dso_section - -[dso_section] - -path=/some/path/to/some/dso.so -other_stuff=other_value ----- - -When this file is loaded a configuration module with the specified string -(module* in the above example) is looked up and its init function called as: - -int conf_init_func(CONF_IMODULE *md, CONF *cnf); - -The function can then take whatever action is appropriate, for example further -lookups based on the value. Multiple instances of the same config module can be -loaded. - -When the application closes down the modules are cleaned up by calling an -optional finish function: - -void conf_finish_func(CONF_IMODULE *md); - -The finish functions are called in reverse order: that is the last module -loaded is the first one cleaned up. - -If no module exists with a given name then an attempt is made to load a DSO -with the supplied name. This might mean that "module3" attempts to load a DSO -called libmodule3.so or module3.dll for example. An explicit DSO name can be -given by including a separate section as in the module4 example above. - -The DSO is expected to at least contain an initialization function: - -int OPENSSL_init(CONF_IMODULE *md, CONF *cnf); - -and may also include a finish function: - -void OPENSSL_finish(CONF_IMODULE *md); - -Static modules can also be added using, - -int CONF_module_add(char *name, dso_mod_init_func *ifunc, dso_mod_finish_func -*ffunc); - -where "name" is the name in the configuration file this function corresponds -to. - -A set of builtin modules (currently only an ASN1 non functional test module) -can be added by calling OPENSSL_load_builtin_modules(). - -The function OPENSSL_config() is intended as a simple configuration function -that any application can call to perform various default configuration tasks. -It uses the file openssl.cnf in the usual locations. - - diff --git a/src/lib/libcrypto/conf/conf.h b/src/lib/libcrypto/conf/conf.h deleted file mode 100644 index 58a90358b1..0000000000 --- a/src/lib/libcrypto/conf/conf.h +++ /dev/null @@ -1,189 +0,0 @@ -/* $OpenBSD: conf.h,v 1.28 2025/03/01 10:11:19 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_CONF_H -#define HEADER_CONF_H - -#include - -#include -#include -#include -#include - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct { - char *section; - char *name; - char *value; -} CONF_VALUE; - -DECLARE_STACK_OF(CONF_VALUE) -DECLARE_LHASH_OF(CONF_VALUE); - -struct conf_st; -struct conf_method_st; -typedef struct conf_method_st CONF_METHOD; - -/* Module definitions */ - -typedef struct conf_imodule_st CONF_IMODULE; -typedef struct conf_module_st CONF_MODULE; - -DECLARE_STACK_OF(CONF_MODULE) -DECLARE_STACK_OF(CONF_IMODULE) - -/* DSO module function typedefs */ -typedef int conf_init_func(CONF_IMODULE *md, const CONF *cnf); -typedef void conf_finish_func(CONF_IMODULE *md); - -#define CONF_MFLAGS_IGNORE_ERRORS 0x1 -#define CONF_MFLAGS_IGNORE_RETURN_CODES 0x2 -#define CONF_MFLAGS_SILENT 0x4 -#define CONF_MFLAGS_NO_DSO 0x8 -#define CONF_MFLAGS_IGNORE_MISSING_FILE 0x10 -#define CONF_MFLAGS_DEFAULT_SECTION 0x20 - -void OPENSSL_config(const char *config_name); -void OPENSSL_no_config(void); - -struct conf_st { - const CONF_METHOD *meth; - LHASH_OF(CONF_VALUE) *data; -}; - -CONF *NCONF_new(const CONF_METHOD *meth); -void NCONF_free(CONF *conf); - -int NCONF_load(CONF *conf, const char *file, long *eline); -int NCONF_load_bio(CONF *conf, BIO *bp, long *eline); -STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf, const char *section); -char *NCONF_get_string(const CONF *conf, const char *group, const char *name); -int NCONF_get_number_e(const CONF *conf, const char *group, const char *name, - long *result); - -#define NCONF_get_number(c,g,n,r) NCONF_get_number_e(c,g,n,r) - -/* Module functions */ - -int CONF_modules_load(const CONF *cnf, const char *appname, - unsigned long flags); -int CONF_modules_load_file(const char *filename, const char *appname, - unsigned long flags); -void CONF_modules_unload(int all); -void CONF_modules_finish(void); -void CONF_modules_free(void); - -char *CONF_get1_default_config_file(void); - -void ERR_load_CONF_strings(void); - -/* Error codes for the CONF functions. */ - -/* Function codes. */ -#define CONF_F_CONF_DUMP_FP 104 -#define CONF_F_CONF_LOAD 100 -#define CONF_F_CONF_LOAD_BIO 102 -#define CONF_F_CONF_LOAD_FP 103 -#define CONF_F_CONF_MODULES_LOAD 116 -#define CONF_F_CONF_PARSE_LIST 119 -#define CONF_F_DEF_LOAD 120 -#define CONF_F_DEF_LOAD_BIO 121 -#define CONF_F_MODULE_INIT 115 -#define CONF_F_MODULE_LOAD_DSO 117 -#define CONF_F_MODULE_RUN 118 -#define CONF_F_NCONF_DUMP_BIO 105 -#define CONF_F_NCONF_DUMP_FP 106 -#define CONF_F_NCONF_GET_NUMBER 107 -#define CONF_F_NCONF_GET_NUMBER_E 112 -#define CONF_F_NCONF_GET_SECTION 108 -#define CONF_F_NCONF_GET_STRING 109 -#define CONF_F_NCONF_LOAD 113 -#define CONF_F_NCONF_LOAD_BIO 110 -#define CONF_F_NCONF_LOAD_FP 114 -#define CONF_F_NCONF_NEW 111 -#define CONF_F_STR_COPY 101 - -/* Reason codes. */ -#define CONF_R_ERROR_LOADING_DSO 110 -#define CONF_R_LIST_CANNOT_BE_NULL 115 -#define CONF_R_MISSING_CLOSE_SQUARE_BRACKET 100 -#define CONF_R_MISSING_EQUAL_SIGN 101 -#define CONF_R_MISSING_FINISH_FUNCTION 111 -#define CONF_R_MISSING_INIT_FUNCTION 112 -#define CONF_R_MODULE_INITIALIZATION_ERROR 109 -#define CONF_R_NO_CLOSE_BRACE 102 -#define CONF_R_NO_CONF 105 -#define CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE 106 -#define CONF_R_NO_SECTION 107 -#define CONF_R_NO_SUCH_FILE 114 -#define CONF_R_NO_VALUE 108 -#define CONF_R_UNABLE_TO_CREATE_NEW_SECTION 103 -#define CONF_R_UNKNOWN_MODULE_NAME 113 -#define CONF_R_VARIABLE_EXPANSION_TOO_LONG 116 -#define CONF_R_VARIABLE_HAS_NO_VALUE 104 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/conf/conf_api.c b/src/lib/libcrypto/conf/conf_api.c deleted file mode 100644 index f986243b65..0000000000 --- a/src/lib/libcrypto/conf/conf_api.c +++ /dev/null @@ -1,261 +0,0 @@ -/* $OpenBSD: conf_api.c,v 1.26 2025/03/08 09:35:53 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* Part of the code in here was originally in conf.c, which is now removed */ - -#ifndef CONF_DEBUG -# undef NDEBUG /* avoid conflicting definitions */ -# define NDEBUG -#endif - -#include -#include -#include -#include - -#include "conf_local.h" - -static void value_free_hash_doall_arg(CONF_VALUE *a, - LHASH_OF(CONF_VALUE) *conf); -static void value_free_stack_doall(CONF_VALUE *a); -static IMPLEMENT_LHASH_DOALL_ARG_FN(value_free_hash, CONF_VALUE, - LHASH_OF(CONF_VALUE)) -static IMPLEMENT_LHASH_DOALL_FN(value_free_stack, CONF_VALUE) - -/* Up until OpenSSL 0.9.5a, this was get_section */ -CONF_VALUE * -_CONF_get_section(const CONF *conf, const char *section) -{ - CONF_VALUE *v, vv; - - if ((conf == NULL) || (section == NULL)) - return (NULL); - vv.name = NULL; - vv.section = (char *)section; - v = lh_CONF_VALUE_retrieve(conf->data, &vv); - return (v); -} - -int -_CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value) -{ - CONF_VALUE *v = NULL; - STACK_OF(CONF_VALUE) *ts; - - ts = (STACK_OF(CONF_VALUE) *)section->value; - - value->section = section->section; - if (!sk_CONF_VALUE_push(ts, value)) { - return 0; - } - - v = lh_CONF_VALUE_insert(conf->data, value); - if (v != NULL) { - (void)sk_CONF_VALUE_delete_ptr(ts, v); - free(v->name); - free(v->value); - free(v); - } - return 1; -} - -char * -_CONF_get_string(const CONF *conf, const char *section, const char *name) -{ - CONF_VALUE *v, vv; - - if (name == NULL) - return (NULL); - if (conf != NULL) { - if (section != NULL) { - vv.name = (char *)name; - vv.section = (char *)section; - v = lh_CONF_VALUE_retrieve(conf->data, &vv); - if (v != NULL) - return (v->value); - } - vv.section = "default"; - vv.name = (char *)name; - v = lh_CONF_VALUE_retrieve(conf->data, &vv); - if (v != NULL) - return (v->value); - else - return (NULL); - } else - return (NULL); -} - -static unsigned long -conf_value_hash(const CONF_VALUE *v) -{ - return (lh_strhash(v->section) << 2) ^ lh_strhash(v->name); -} - -static IMPLEMENT_LHASH_HASH_FN(conf_value, CONF_VALUE) - -static int -conf_value_cmp(const CONF_VALUE *a, const CONF_VALUE *b) -{ - int i; - - if (a->section != b->section) { - i = strcmp(a->section, b->section); - if (i) - return (i); - } - if ((a->name != NULL) && (b->name != NULL)) { - i = strcmp(a->name, b->name); - return (i); - } else if (a->name == b->name) - return (0); - else - return ((a->name == NULL)?-1 : 1); -} - -static IMPLEMENT_LHASH_COMP_FN(conf_value, CONF_VALUE) - -int -_CONF_new_data(CONF *conf) -{ - if (conf == NULL) { - return 0; - } - if (conf->data == NULL) - if ((conf->data = lh_CONF_VALUE_new()) == NULL) { - return 0; - } - return 1; -} - -void -_CONF_free_data(CONF *conf) -{ - if (conf == NULL || conf->data == NULL) - return; - - lh_CONF_VALUE_doall_arg(conf->data, - LHASH_DOALL_ARG_FN(value_free_hash), - LHASH_OF(CONF_VALUE), conf->data); - - /* We now have only 'section' entries in the hash table. - * Due to problems with */ - - lh_CONF_VALUE_doall(conf->data, LHASH_DOALL_FN(value_free_stack)); - lh_CONF_VALUE_free(conf->data); -} - -static void -value_free_hash_doall_arg(CONF_VALUE *a, LHASH_OF(CONF_VALUE) *conf) -{ - if (a->name != NULL) - (void)lh_CONF_VALUE_delete(conf, a); -} - -static void -value_free_stack_doall(CONF_VALUE *a) -{ - CONF_VALUE *vv; - STACK_OF(CONF_VALUE) *sk; - int i; - - if (a->name != NULL) - return; - - sk = (STACK_OF(CONF_VALUE) *)a->value; - for (i = sk_CONF_VALUE_num(sk) - 1; i >= 0; i--) { - vv = sk_CONF_VALUE_value(sk, i); - free(vv->value); - free(vv->name); - free(vv); - } - if (sk != NULL) - sk_CONF_VALUE_free(sk); - free(a->section); - free(a); -} - -/* Up until OpenSSL 0.9.5a, this was new_section */ -CONF_VALUE * -_CONF_new_section(CONF *conf, const char *section) -{ - STACK_OF(CONF_VALUE) *sk = NULL; - CONF_VALUE *v = NULL, *vv; - - if ((sk = sk_CONF_VALUE_new_null()) == NULL) - goto err; - if ((v = calloc(1, sizeof(*v))) == NULL) - goto err; - if ((v->section = strdup(section)) == NULL) - goto err; - v->value = (char *)sk; - - vv = lh_CONF_VALUE_insert(conf->data, v); - OPENSSL_assert(vv == NULL); - if (lh_CONF_VALUE_error(conf->data)) - goto err; - - return v; - - err: - sk_CONF_VALUE_free(sk); - if (v != NULL) - free(v->section); - free(v); - - return NULL; -} diff --git a/src/lib/libcrypto/conf/conf_def.c b/src/lib/libcrypto/conf/conf_def.c deleted file mode 100644 index 0173a7117c..0000000000 --- a/src/lib/libcrypto/conf/conf_def.c +++ /dev/null @@ -1,657 +0,0 @@ -/* $OpenBSD: conf_def.c,v 1.44 2024/08/31 09:46:17 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* Part of the code in here was originally in conf.c, which is now removed */ - -#include -#include - -#include -#include -#include -#include -#include - -#include "conf_def.h" -#include "conf_local.h" - -#define MAX_CONF_VALUE_LENGTH 65536 - -static char *eat_ws(CONF *conf, char *p); -static char *eat_alpha_numeric(CONF *conf, char *p); -static void clear_comments(CONF *conf, char *p); -static int str_copy(CONF *conf, char *section, char **to, char *from); -static char *scan_quote(CONF *conf, char *p); -static char *scan_dquote(CONF *conf, char *p); -#define scan_esc(conf,p) (((IS_EOF((conf),(p)[1]))?((p)+1):((p)+2))) - -static CONF * -def_create(const CONF_METHOD *meth) -{ - CONF *ret; - - ret = calloc(1, sizeof(CONF) + sizeof(unsigned short *)); - if (ret) - if (meth->init(ret) == 0) { - free(ret); - ret = NULL; - } - return ret; -} - -static int -def_init_default(CONF *conf) -{ - if (conf == NULL) - return 0; - - conf->meth = NCONF_default(); - conf->data = NULL; - - return 1; -} - -static int -def_destroy_data(CONF *conf) -{ - if (conf == NULL) - return 0; - _CONF_free_data(conf); - return 1; -} - -static int -def_destroy(CONF *conf) -{ - if (def_destroy_data(conf)) { - free(conf); - return 1; - } - return 0; -} - -static int -def_load_bio(CONF *conf, BIO *in, long *line) -{ -/* The macro BUFSIZE conflicts with a system macro in VxWorks */ -#define CONFBUFSIZE 512 - int bufnum = 0, i, ii; - BUF_MEM *buff = NULL; - char *s, *p, *end; - int again; - long eline = 0; - CONF_VALUE *v = NULL, *tv; - CONF_VALUE *sv = NULL; - char *section = NULL, *buf; - char *start, *psection, *pname; - void *h = (void *)(conf->data); - - if ((buff = BUF_MEM_new()) == NULL) { - CONFerror(ERR_R_BUF_LIB); - goto err; - } - - section = strdup("default"); - if (section == NULL) { - CONFerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (_CONF_new_data(conf) == 0) { - CONFerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - sv = _CONF_new_section(conf, section); - if (sv == NULL) { - CONFerror(CONF_R_UNABLE_TO_CREATE_NEW_SECTION); - goto err; - } - - bufnum = 0; - again = 0; - for (;;) { - if (!BUF_MEM_grow(buff, bufnum + CONFBUFSIZE)) { - CONFerror(ERR_R_BUF_LIB); - goto err; - } - p = &(buff->data[bufnum]); - *p = '\0'; - BIO_gets(in, p, CONFBUFSIZE - 1); - p[CONFBUFSIZE - 1] = '\0'; - ii = i = strlen(p); - if (i == 0 && !again) - break; - again = 0; - while (i > 0) { - if ((p[i - 1] != '\r') && (p[i - 1] != '\n')) - break; - else - i--; - } - /* we removed some trailing stuff so there is a new - * line on the end. */ - if (ii && i == ii) - again = 1; /* long line */ - else { - p[i] = '\0'; - eline++; /* another input line */ - } - - /* we now have a line with trailing \r\n removed */ - - /* i is the number of bytes */ - bufnum += i; - - v = NULL; - /* check for line continuation */ - if (bufnum >= 1) { - /* If we have bytes and the last char '\\' and - * second last char is not '\\' */ - p = &(buff->data[bufnum - 1]); - if (IS_ESC(conf, p[0]) && - ((bufnum <= 1) || !IS_ESC(conf, p[-1]))) { - bufnum--; - again = 1; - } - } - if (again) - continue; - bufnum = 0; - buf = buff->data; - - clear_comments(conf, buf); - s = eat_ws(conf, buf); - if (IS_EOF(conf, *s)) - continue; /* blank line */ - if (*s == '[') { - char *ss; - - s++; - start = eat_ws(conf, s); - ss = start; -again: - end = eat_alpha_numeric(conf, ss); - p = eat_ws(conf, end); - if (*p != ']') { - if (*p != '\0' && ss != p) { - ss = p; - goto again; - } - CONFerror(CONF_R_MISSING_CLOSE_SQUARE_BRACKET); - goto err; - } - *end = '\0'; - if (!str_copy(conf, NULL, §ion, start)) - goto err; - if ((sv = _CONF_get_section(conf, section)) == NULL) - sv = _CONF_new_section(conf, section); - if (sv == NULL) { - CONFerror(CONF_R_UNABLE_TO_CREATE_NEW_SECTION); - goto err; - } - continue; - } else { - pname = s; - psection = NULL; - end = eat_alpha_numeric(conf, s); - if ((end[0] == ':') && (end[1] == ':')) { - *end = '\0'; - end += 2; - psection = pname; - pname = end; - end = eat_alpha_numeric(conf, end); - } - p = eat_ws(conf, end); - if (*p != '=') { - CONFerror(CONF_R_MISSING_EQUAL_SIGN); - goto err; - } - *end = '\0'; - p++; - start = eat_ws(conf, p); - while (!IS_EOF(conf, *p)) - p++; - p--; - while ((p != start) && (IS_WS(conf, *p))) - p--; - p++; - *p = '\0'; - - if (!(v = malloc(sizeof(CONF_VALUE)))) { - CONFerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if (psection == NULL) - psection = section; - v->name = strdup(pname); - v->value = NULL; - if (v->name == NULL) { - CONFerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if (!str_copy(conf, psection, &(v->value), start)) - goto err; - - if (strcmp(psection, section) != 0) { - if ((tv = _CONF_get_section(conf, psection)) - == NULL) - tv = _CONF_new_section(conf, psection); - if (tv == NULL) { - CONFerror(CONF_R_UNABLE_TO_CREATE_NEW_SECTION); - goto err; - } - } else - tv = sv; - - if (_CONF_add_string(conf, tv, v) == 0) { - CONFerror(ERR_R_MALLOC_FAILURE); - goto err; - } - v = NULL; - } - } - if (buff != NULL) - BUF_MEM_free(buff); - free(section); - return (1); - -err: - if (buff != NULL) - BUF_MEM_free(buff); - free(section); - if (line != NULL) - *line = eline; - ERR_asprintf_error_data("line %ld", eline); - if ((h != conf->data) && (conf->data != NULL)) { - CONF ctmp; - - CONF_set_nconf(&ctmp, conf->data); - ctmp.meth->destroy_data(&ctmp); - conf->data = NULL; - } - if (v != NULL) { - free(v->name); - free(v->value); - free(v); - } - return (0); -} - -static int -def_load(CONF *conf, const char *name, long *line) -{ - int ret; - BIO *in = NULL; - - in = BIO_new_file(name, "rb"); - if (in == NULL) { - if (ERR_GET_REASON(ERR_peek_last_error()) == BIO_R_NO_SUCH_FILE) - CONFerror(CONF_R_NO_SUCH_FILE); - else - CONFerror(ERR_R_SYS_LIB); - return 0; - } - - ret = def_load_bio(conf, in, line); - BIO_free(in); - - return ret; -} - -static void -clear_comments(CONF *conf, char *p) -{ - for (;;) { - if (IS_FCOMMENT(conf, *p)) { - *p = '\0'; - return; - } - if (!IS_WS(conf, *p)) { - break; - } - p++; - } - - for (;;) { - if (IS_COMMENT(conf, *p)) { - *p = '\0'; - return; - } - if (IS_DQUOTE(conf, *p)) { - p = scan_dquote(conf, p); - continue; - } - if (IS_QUOTE(conf, *p)) { - p = scan_quote(conf, p); - continue; - } - if (IS_ESC(conf, *p)) { - p = scan_esc(conf, p); - continue; - } - if (IS_EOF(conf, *p)) - return; - else - p++; - } -} - -static int -str_copy(CONF *conf, char *section, char **pto, char *from) -{ - int q, r,rr = 0, to = 0, len = 0; - char *s, *e, *rp, *p, *rrp, *np, *cp, v; - size_t newsize; - BUF_MEM *buf; - - if ((buf = BUF_MEM_new()) == NULL) - return (0); - - len = strlen(from) + 1; - if (!BUF_MEM_grow(buf, len)) - goto err; - - for (;;) { - if (IS_QUOTE(conf, *from)) { - q = *from; - from++; - while (!IS_EOF(conf, *from) && (*from != q)) { - if (IS_ESC(conf, *from)) { - from++; - if (IS_EOF(conf, *from)) - break; - } - buf->data[to++] = *(from++); - } - if (*from == q) - from++; - } else if (IS_DQUOTE(conf, *from)) { - q = *from; - from++; - while (!IS_EOF(conf, *from)) { - if (*from == q) { - if (*(from + 1) == q) { - from++; - } else { - break; - } - } - buf->data[to++] = *(from++); - } - if (*from == q) - from++; - } else if (IS_ESC(conf, *from)) { - from++; - v = *(from++); - if (IS_EOF(conf, v)) - break; - else if (v == 'r') - v = '\r'; - else if (v == 'n') - v = '\n'; - else if (v == 'b') - v = '\b'; - else if (v == 't') - v = '\t'; - buf->data[to++] = v; - } else if (IS_EOF(conf, *from)) - break; - else if (*from == '$') { - /* try to expand it */ - rrp = NULL; - s = &(from[1]); - if (*s == '{') - q = '}'; - else if (*s == '(') - q = ')'; - else - q = 0; - - if (q) - s++; - cp = section; - e = np = s; - while (IS_ALPHA_NUMERIC(conf, *e)) - e++; - if ((e[0] == ':') && (e[1] == ':')) { - cp = np; - rrp = e; - rr = *e; - *rrp = '\0'; - e += 2; - np = e; - while (IS_ALPHA_NUMERIC(conf, *e)) - e++; - } - r = *e; - *e = '\0'; - rp = e; - if (q) { - if (r != q) { - CONFerror(CONF_R_NO_CLOSE_BRACE); - goto err; - } - e++; - } - /* So at this point we have - * np which is the start of the name string which is - * '\0' terminated. - * cp which is the start of the section string which is - * '\0' terminated. - * e is the 'next point after'. - * r and rr are the chars replaced by the '\0' - * rp and rrp is where 'r' and 'rr' came from. - */ - p = _CONF_get_string(conf, cp, np); - if (rrp != NULL) - *rrp = rr; - *rp = r; - if (p == NULL) { - CONFerror(CONF_R_VARIABLE_HAS_NO_VALUE); - goto err; - } - newsize = strlen(p) + buf->length - (e - from); - if (newsize > MAX_CONF_VALUE_LENGTH) { - CONFerror(CONF_R_VARIABLE_EXPANSION_TOO_LONG); - goto err; - } - if (!BUF_MEM_grow_clean(buf, newsize)) { - CONFerror(CONF_R_MODULE_INITIALIZATION_ERROR); - goto err; - } - while (*p) - buf->data[to++] = *(p++); - - /* Since we change the pointer 'from', we also have - to change the perceived length of the string it - points at. /RL */ - len -= e - from; - from = e; - - /* In case there were no braces or parenthesis around - the variable reference, we have to put back the - character that was replaced with a '\0'. /RL */ - *rp = r; - } else - buf->data[to++] = *(from++); - } - buf->data[to]='\0'; - free(*pto); - *pto = buf->data; - free(buf); - return (1); - -err: - if (buf != NULL) - BUF_MEM_free(buf); - return (0); -} - -static char * -eat_ws(CONF *conf, char *p) -{ - while (IS_WS(conf, *p) && (!IS_EOF(conf, *p))) - p++; - return (p); -} - -static char * -eat_alpha_numeric(CONF *conf, char *p) -{ - for (;;) { - if (IS_ESC(conf, *p)) { - p = scan_esc(conf, p); - continue; - } - if (!IS_ALPHA_NUMERIC_PUNCT(conf, *p)) - return (p); - p++; - } -} - -static char * -scan_quote(CONF *conf, char *p) -{ - int q = *p; - - p++; - while (!(IS_EOF(conf, *p)) && (*p != q)) { - if (IS_ESC(conf, *p)) { - p++; - if (IS_EOF(conf, *p)) - return (p); - } - p++; - } - if (*p == q) - p++; - return (p); -} - - -static char * -scan_dquote(CONF *conf, char *p) -{ - int q = *p; - - p++; - while (!(IS_EOF(conf, *p))) { - if (*p == q) { - if (*(p + 1) == q) { - p++; - } else { - break; - } - } - p++; - } - if (*p == q) - p++; - return (p); -} - -static void -dump_value_doall_arg(CONF_VALUE *a, BIO *out) -{ - if (a->name) - BIO_printf(out, "[%s] %s=%s\n", a->section, a->name, a->value); - else - BIO_printf(out, "[[%s]]\n", a->section); -} - -static IMPLEMENT_LHASH_DOALL_ARG_FN(dump_value, CONF_VALUE, BIO) - -static int -def_dump(const CONF *conf, BIO *out) -{ - lh_CONF_VALUE_doall_arg(conf->data, LHASH_DOALL_ARG_FN(dump_value), - BIO, out); - return 1; -} - -static int -def_is_number(const CONF *conf, char c) -{ - return IS_NUMBER(conf, c); -} - -static int -def_to_int(const CONF *conf, char c) -{ - return c - '0'; -} - -static const CONF_METHOD default_method = { - .name = "OpenSSL default", - .create = def_create, - .init = def_init_default, - .destroy = def_destroy, - .destroy_data = def_destroy_data, - .load_bio = def_load_bio, - .dump = def_dump, - .is_number = def_is_number, - .to_int = def_to_int, - .load = def_load, -}; - -const CONF_METHOD * -NCONF_default(void) -{ - return &default_method; -} diff --git a/src/lib/libcrypto/conf/conf_def.h b/src/lib/libcrypto/conf/conf_def.h deleted file mode 100644 index 36a8aac4de..0000000000 --- a/src/lib/libcrypto/conf/conf_def.h +++ /dev/null @@ -1,133 +0,0 @@ -/* $OpenBSD: conf_def.h,v 1.8 2024/08/31 09:36:38 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* THIS FILE WAS AUTOMAGICALLY GENERATED! - Please modify and use keysets.pl to regenerate it. */ - -__BEGIN_HIDDEN_DECLS - -#define CONF_NUMBER 1 -#define CONF_UPPER 2 -#define CONF_LOWER 4 -#define CONF_UNDER 256 -#define CONF_PUNCTUATION 512 -#define CONF_WS 16 -#define CONF_ESC 32 -#define CONF_QUOTE 64 -#define CONF_DQUOTE 1024 -#define CONF_COMMENT 128 -#define CONF_FCOMMENT 2048 -#define CONF_EOF 8 -#define CONF_HIGHBIT 4096 -#define CONF_ALPHA (CONF_UPPER|CONF_LOWER) -#define CONF_ALPHA_NUMERIC (CONF_ALPHA|CONF_NUMBER|CONF_UNDER) -#define CONF_ALPHA_NUMERIC_PUNCT (CONF_ALPHA|CONF_NUMBER|CONF_UNDER| \ - CONF_PUNCTUATION) - -static const unsigned short CONF_type_default[256]; - -#define KEYTYPES(c) (CONF_type_default) -#define IS_COMMENT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_COMMENT) -#define IS_FCOMMENT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_FCOMMENT) -#define IS_EOF(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_EOF) -#define IS_ESC(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_ESC) -#define IS_NUMBER(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_NUMBER) -#define IS_WS(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_WS) -#define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC) -#define IS_ALPHA_NUMERIC_PUNCT(c,a) \ - (KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC_PUNCT) -#define IS_QUOTE(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_QUOTE) -#define IS_DQUOTE(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_DQUOTE) -#define IS_HIGHBIT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_HIGHBIT) - -static const unsigned short CONF_type_default[256] = { - 0x0008, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, - 0x0000, 0x0010, 0x0010, 0x0000, 0x0000, 0x0010, 0x0000, 0x0000, - 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, - 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, - 0x0010, 0x0200, 0x0040, 0x0080, 0x0000, 0x0200, 0x0200, 0x0040, - 0x0000, 0x0000, 0x0200, 0x0200, 0x0200, 0x0200, 0x0200, 0x0200, - 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, - 0x0001, 0x0001, 0x0000, 0x0200, 0x0000, 0x0000, 0x0000, 0x0200, - 0x0200, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, - 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, - 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, - 0x0002, 0x0002, 0x0002, 0x0000, 0x0020, 0x0000, 0x0200, 0x0100, - 0x0040, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, - 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, - 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, - 0x0004, 0x0004, 0x0004, 0x0000, 0x0200, 0x0000, 0x0200, 0x0000, - 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, - 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, - 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, - 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, - 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, - 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, - 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, - 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, - 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, - 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, - 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, - 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, - 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, - 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, - 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, - 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, -}; - -__END_HIDDEN_DECLS diff --git a/src/lib/libcrypto/conf/conf_err.c b/src/lib/libcrypto/conf/conf_err.c deleted file mode 100644 index 5100847d89..0000000000 --- a/src/lib/libcrypto/conf/conf_err.c +++ /dev/null @@ -1,108 +0,0 @@ -/* $OpenBSD: conf_err.c,v 1.17 2024/06/24 06:43:22 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include - -#include "err_local.h" - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_CONF,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_CONF,0,reason) - -static const ERR_STRING_DATA CONF_str_functs[] = { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static const ERR_STRING_DATA CONF_str_reasons[] = { - {ERR_REASON(CONF_R_ERROR_LOADING_DSO) , "error loading dso"}, - {ERR_REASON(CONF_R_LIST_CANNOT_BE_NULL) , "list cannot be null"}, - {ERR_REASON(CONF_R_MISSING_CLOSE_SQUARE_BRACKET), "missing close square bracket"}, - {ERR_REASON(CONF_R_MISSING_EQUAL_SIGN) , "missing equal sign"}, - {ERR_REASON(CONF_R_MISSING_FINISH_FUNCTION), "missing finish function"}, - {ERR_REASON(CONF_R_MISSING_INIT_FUNCTION), "missing init function"}, - {ERR_REASON(CONF_R_MODULE_INITIALIZATION_ERROR), "module initialization error"}, - {ERR_REASON(CONF_R_NO_CLOSE_BRACE) , "no close brace"}, - {ERR_REASON(CONF_R_NO_CONF) , "no conf"}, - {ERR_REASON(CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE), "no conf or environment variable"}, - {ERR_REASON(CONF_R_NO_SECTION) , "no section"}, - {ERR_REASON(CONF_R_NO_SUCH_FILE) , "no such file"}, - {ERR_REASON(CONF_R_NO_VALUE) , "no value"}, - {ERR_REASON(CONF_R_UNABLE_TO_CREATE_NEW_SECTION), "unable to create new section"}, - {ERR_REASON(CONF_R_UNKNOWN_MODULE_NAME) , "unknown module name"}, - {ERR_REASON(CONF_R_VARIABLE_EXPANSION_TOO_LONG), "variable expansion too long"}, - {ERR_REASON(CONF_R_VARIABLE_HAS_NO_VALUE), "variable has no value"}, - {0, NULL} -}; - -#endif - -void -ERR_load_CONF_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(CONF_str_functs[0].error) == NULL) { - ERR_load_const_strings(CONF_str_functs); - ERR_load_const_strings(CONF_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_CONF_strings); diff --git a/src/lib/libcrypto/conf/conf_lib.c b/src/lib/libcrypto/conf/conf_lib.c deleted file mode 100644 index 863e1c9475..0000000000 --- a/src/lib/libcrypto/conf/conf_lib.c +++ /dev/null @@ -1,197 +0,0 @@ -/* $OpenBSD: conf_lib.c,v 1.25 2025/03/08 09:35:53 tb Exp $ */ -/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include -#include - -#include "conf_local.h" - -static const CONF_METHOD *default_CONF_method = NULL; - -/* Init a 'CONF' structure from an old LHASH */ - -void -CONF_set_nconf(CONF *conf, LHASH_OF(CONF_VALUE) *hash) -{ - if (default_CONF_method == NULL) - default_CONF_method = NCONF_default(); - default_CONF_method->init(conf); - conf->data = hash; -} - -CONF * -NCONF_new(const CONF_METHOD *meth) -{ - CONF *ret; - - if (meth == NULL) - meth = NCONF_default(); - - ret = meth->create(meth); - if (ret == NULL) { - CONFerror(ERR_R_MALLOC_FAILURE); - return (NULL); - } - - return ret; -} -LCRYPTO_ALIAS(NCONF_new); - -void -NCONF_free(CONF *conf) -{ - if (conf == NULL) - return; - conf->meth->destroy(conf); -} -LCRYPTO_ALIAS(NCONF_free); - -int -NCONF_load(CONF *conf, const char *file, long *eline) -{ - if (conf == NULL) { - CONFerror(CONF_R_NO_CONF); - return 0; - } - - return conf->meth->load(conf, file, eline); -} -LCRYPTO_ALIAS(NCONF_load); - -int -NCONF_load_bio(CONF *conf, BIO *bp, long *eline) -{ - if (conf == NULL) { - CONFerror(CONF_R_NO_CONF); - return 0; - } - - return conf->meth->load_bio(conf, bp, eline); -} -LCRYPTO_ALIAS(NCONF_load_bio); - -STACK_OF(CONF_VALUE) * -NCONF_get_section(const CONF *conf, const char *section) -{ - CONF_VALUE *v; - - if (conf == NULL) { - CONFerror(CONF_R_NO_CONF); - return NULL; - } - - if (section == NULL) { - CONFerror(CONF_R_NO_SECTION); - return NULL; - } - - if ((v = _CONF_get_section(conf, section)) == NULL) - return NULL; - - return (STACK_OF(CONF_VALUE) *)v->value; -} -LCRYPTO_ALIAS(NCONF_get_section); - -char * -NCONF_get_string(const CONF *conf, const char *group, const char *name) -{ - char *s = _CONF_get_string(conf, group, name); - - /* Since we may get a value from an environment variable even - if conf is NULL, let's check the value first */ - if (s) - return s; - - if (conf == NULL) { - CONFerror(CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE); - return NULL; - } - CONFerror(CONF_R_NO_VALUE); - ERR_asprintf_error_data("group=%s name=%s", - group ? group : "", name); - return NULL; -} -LCRYPTO_ALIAS(NCONF_get_string); - -int -NCONF_get_number_e(const CONF *conf, const char *group, const char *name, - long *result) -{ - char *str; - - if (result == NULL) { - CONFerror(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - - str = NCONF_get_string(conf, group, name); - - if (str == NULL) - return 0; - - for (*result = 0; conf->meth->is_number(conf, *str); ) { - *result = (*result) * 10 + conf->meth->to_int(conf, *str); - str++; - } - - return 1; -} -LCRYPTO_ALIAS(NCONF_get_number_e); diff --git a/src/lib/libcrypto/conf/conf_local.h b/src/lib/libcrypto/conf/conf_local.h deleted file mode 100644 index 71cd22707b..0000000000 --- a/src/lib/libcrypto/conf/conf_local.h +++ /dev/null @@ -1,101 +0,0 @@ -/* $OpenBSD: conf_local.h,v 1.10 2025/03/08 09:35:53 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_CONF_LOCAL_H -#define HEADER_CONF_LOCAL_H - -__BEGIN_HIDDEN_DECLS - -const CONF_METHOD *NCONF_default(void); - -struct conf_method_st { - const char *name; - CONF *(*create)(const CONF_METHOD *meth); - int (*init)(CONF *conf); - int (*destroy)(CONF *conf); - int (*destroy_data)(CONF *conf); - int (*load_bio)(CONF *conf, BIO *bp, long *eline); - int (*dump)(const CONF *conf, BIO *bp); - int (*is_number)(const CONF *conf, char c); - int (*to_int)(const CONF *conf, char c); - int (*load)(CONF *conf, const char *name, long *eline); -}; - -int CONF_module_add(const char *name, conf_init_func *ifunc, - conf_finish_func *ffunc); - -const char *CONF_imodule_get_value(const CONF_IMODULE *md); - -int CONF_parse_list(const char *list, int sep, int nospc, - int (*list_cb)(const char *elem, int len, void *usr), void *arg); - -void CONF_set_nconf(CONF *conf, LHASH_OF(CONF_VALUE) *hash); - -CONF_VALUE *_CONF_new_section(CONF *conf, const char *section); -CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section); - -int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value); -char *_CONF_get_string(const CONF *conf, const char *section, - const char *name); - -int _CONF_new_data(CONF *conf); -void _CONF_free_data(CONF *conf); - -__END_HIDDEN_DECLS - -#endif /* HEADER_CONF_LOCAL_H */ diff --git a/src/lib/libcrypto/conf/conf_mod.c b/src/lib/libcrypto/conf/conf_mod.c deleted file mode 100644 index 0e07bb3ea5..0000000000 --- a/src/lib/libcrypto/conf/conf_mod.c +++ /dev/null @@ -1,480 +0,0 @@ -/* $OpenBSD: conf_mod.c,v 1.40 2024/10/10 06:51:22 tb Exp $ */ -/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL - * project 2001. - */ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include - -#include -#include -#include -#include - -/* This structure contains data about supported modules. */ -struct conf_module_st { - /* Name of the module */ - char *name; - /* Init function */ - conf_init_func *init; - /* Finish function */ - conf_finish_func *finish; - /* Number of successfully initialized modules */ - int links; -}; - - -/* This structure contains information about modules that have been - * successfully initialized. There may be more than one entry for a - * given module. - */ - -struct conf_imodule_st { - CONF_MODULE *mod; - char *value; -}; - -static STACK_OF(CONF_MODULE) *supported_modules = NULL; -static STACK_OF(CONF_IMODULE) *initialized_modules = NULL; - -static void module_free(CONF_MODULE *mod); -static void imodule_free(CONF_IMODULE *imod); -static void module_finish(CONF_IMODULE *imod); -static int module_run(const CONF *cnf, char *name, char *value, - unsigned long flags); -static int module_add(const char *name, conf_init_func *ifunc, - conf_finish_func *ffunc); -static CONF_MODULE *module_find(char *name); -static int module_init(CONF_MODULE *mod, char *name, char *value, - const CONF *cnf); - -/* Main function: load modules from a CONF structure */ - -int -CONF_modules_load(const CONF *cnf, const char *appname, unsigned long flags) -{ - STACK_OF(CONF_VALUE) *values; - CONF_VALUE *vl; - char *vsection = NULL; - - int ret, i; - - if (!cnf) - return 1; - - if (appname) - vsection = NCONF_get_string(cnf, NULL, appname); - - if (!appname || (!vsection && (flags & CONF_MFLAGS_DEFAULT_SECTION))) - vsection = NCONF_get_string(cnf, NULL, "openssl_conf"); - - if (!vsection) { - ERR_clear_error(); - return 1; - } - - values = NCONF_get_section(cnf, vsection); - - if (!values) - return 0; - - for (i = 0; i < sk_CONF_VALUE_num(values); i++) { - vl = sk_CONF_VALUE_value(values, i); - ret = module_run(cnf, vl->name, vl->value, flags); - if (ret <= 0) - if (!(flags & CONF_MFLAGS_IGNORE_ERRORS)) - return ret; - } - - return 1; -} -LCRYPTO_ALIAS(CONF_modules_load); - -int -CONF_modules_load_file(const char *filename, const char *appname, - unsigned long flags) -{ - char *file = NULL; - CONF *conf = NULL; - int ret = 0; - conf = NCONF_new(NULL); - if (!conf) - goto err; - - if (filename == NULL) { - file = CONF_get1_default_config_file(); - if (!file) - goto err; - } else - file = (char *)filename; - - if (NCONF_load(conf, file, NULL) <= 0) { - if ((flags & CONF_MFLAGS_IGNORE_MISSING_FILE) && - (ERR_GET_REASON(ERR_peek_last_error()) == - CONF_R_NO_SUCH_FILE)) { - ERR_clear_error(); - ret = 1; - } - goto err; - } - - ret = CONF_modules_load(conf, appname, flags); - -err: - if (filename == NULL) - free(file); - NCONF_free(conf); - - return ret; -} -LCRYPTO_ALIAS(CONF_modules_load_file); - -static int -module_run(const CONF *cnf, char *name, char *value, unsigned long flags) -{ - CONF_MODULE *mod; - int ret; - - if ((mod = module_find(name)) == NULL) { - if (!(flags & CONF_MFLAGS_SILENT)) { - CONFerror(CONF_R_UNKNOWN_MODULE_NAME); - ERR_asprintf_error_data("module=%s", name); - } - return -1; - } - - ret = module_init(mod, name, value, cnf); - - if (ret <= 0) { - if (!(flags & CONF_MFLAGS_SILENT)) { - CONFerror(CONF_R_MODULE_INITIALIZATION_ERROR); - ERR_asprintf_error_data - ("module=%s, value=%s, retcode=%-8d", - name, value, ret); - } - } - - return ret; -} - -static int -module_add(const char *name, conf_init_func *ifunc, conf_finish_func *ffunc) -{ - CONF_MODULE *mod = NULL; - int ret = 0; - - if (name == NULL) - goto err; - - if (supported_modules == NULL) - supported_modules = sk_CONF_MODULE_new_null(); - if (supported_modules == NULL) - goto err; - - if ((mod = calloc(1, sizeof(*mod))) == NULL) - goto err; - if ((mod->name = strdup(name)) == NULL) - goto err; - mod->init = ifunc; - mod->finish = ffunc; - - if (!sk_CONF_MODULE_push(supported_modules, mod)) - goto err; - mod = NULL; - - ret = 1; - - err: - module_free(mod); - - return ret; -} - -/* Find a module from the list. We allow module names of the - * form modname.XXXX to just search for modname to allow the - * same module to be initialized more than once. - */ - -static CONF_MODULE * -module_find(char *name) -{ - CONF_MODULE *mod; - int i, nchar; - char *p; - - p = strrchr(name, '.'); - - if (p) - nchar = p - name; - else - nchar = strlen(name); - - for (i = 0; i < sk_CONF_MODULE_num(supported_modules); i++) { - mod = sk_CONF_MODULE_value(supported_modules, i); - if (!strncmp(mod->name, name, nchar)) - return mod; - } - - return NULL; -} - -/* initialize a module */ -static int -module_init(CONF_MODULE *mod, char *name, char *value, const CONF *cnf) -{ - CONF_IMODULE *imod = NULL; - int need_finish = 0; - int ret = -1; - - if (name == NULL || value == NULL) - goto err; - - if ((imod = calloc(1, sizeof(*imod))) == NULL) - goto err; - - imod->mod = mod; - - if ((imod->value = strdup(value)) == NULL) - goto err; - - if (mod->init != NULL) { - need_finish = 1; - if (mod->init(imod, cnf) <= 0) - goto err; - } - - if (initialized_modules == NULL) - initialized_modules = sk_CONF_IMODULE_new_null(); - if (initialized_modules == NULL) - goto err; - - if (!sk_CONF_IMODULE_push(initialized_modules, imod)) - goto err; - imod = NULL; - need_finish = 0; - - mod->links++; - - ret = 1; - - err: - if (need_finish && mod->finish != NULL) - mod->finish(imod); - - imodule_free(imod); - - return ret; -} - -/* Unload any dynamic modules that have a link count of zero: - * i.e. have no active initialized modules. If 'all' is set - * then all modules are unloaded including static ones. - */ - -void -CONF_modules_unload(int all) -{ - int i; - CONF_MODULE *mod; - - CONF_modules_finish(); - - /* unload modules in reverse order */ - for (i = sk_CONF_MODULE_num(supported_modules) - 1; i >= 0; i--) { - mod = sk_CONF_MODULE_value(supported_modules, i); - if (!all) - continue; - /* Since we're working in reverse this is OK */ - (void)sk_CONF_MODULE_delete(supported_modules, i); - module_free(mod); - } - if (sk_CONF_MODULE_num(supported_modules) == 0) { - sk_CONF_MODULE_free(supported_modules); - supported_modules = NULL; - } -} -LCRYPTO_ALIAS(CONF_modules_unload); - -/* unload a single module */ -static void -module_free(CONF_MODULE *mod) -{ - if (mod == NULL) - return; - - free(mod->name); - free(mod); -} - -static void -imodule_free(CONF_IMODULE *imod) -{ - if (imod == NULL) - return; - - free(imod->value); - free(imod); -} - -/* finish and free up all modules instances */ - -void -CONF_modules_finish(void) -{ - CONF_IMODULE *imod; - - while (sk_CONF_IMODULE_num(initialized_modules) > 0) { - imod = sk_CONF_IMODULE_pop(initialized_modules); - module_finish(imod); - } - sk_CONF_IMODULE_free(initialized_modules); - initialized_modules = NULL; -} -LCRYPTO_ALIAS(CONF_modules_finish); - -/* finish a module instance */ - -static void -module_finish(CONF_IMODULE *imod) -{ - if (imod->mod->finish) - imod->mod->finish(imod); - imod->mod->links--; - - imodule_free(imod); -} - -/* Add a static module to OpenSSL */ - -int -CONF_module_add(const char *name, conf_init_func *ifunc, conf_finish_func *ffunc) -{ - return module_add(name, ifunc, ffunc); -} - -void -CONF_modules_free(void) -{ - CONF_modules_finish(); - CONF_modules_unload(1); -} -LCRYPTO_ALIAS(CONF_modules_free); - -const char * -CONF_imodule_get_value(const CONF_IMODULE *imod) -{ - return imod->value; -} - -char * -CONF_get1_default_config_file(void) -{ - char *file = NULL; - - if (asprintf(&file, "%s/openssl.cnf", - X509_get_default_cert_area()) == -1) - return (NULL); - return file; -} -LCRYPTO_ALIAS(CONF_get1_default_config_file); - -/* This function takes a list separated by 'sep' and calls the - * callback function giving the start and length of each member - * optionally stripping leading and trailing whitespace. This can - * be used to parse comma separated lists for example. - */ - -int -CONF_parse_list(const char *list_, int sep, int nospc, - int (*list_cb)(const char *elem, int len, void *usr), void *arg) -{ - int ret; - const char *lstart, *tmpend, *p; - - if (list_ == NULL) { - CONFerror(CONF_R_LIST_CANNOT_BE_NULL); - return 0; - } - - lstart = list_; - for (;;) { - if (nospc) { - while (*lstart && isspace((unsigned char)*lstart)) - lstart++; - } - p = strchr(lstart, sep); - if (p == lstart || !*lstart) - ret = list_cb(NULL, 0, arg); - else { - if (p) - tmpend = p - 1; - else - tmpend = lstart + strlen(lstart) - 1; - if (nospc) { - while (isspace((unsigned char)*tmpend)) - tmpend--; - } - ret = list_cb(lstart, tmpend - lstart + 1, arg); - } - if (ret <= 0) - return ret; - if (p == NULL) - return 1; - lstart = p + 1; - } -} diff --git a/src/lib/libcrypto/conf/conf_sap.c b/src/lib/libcrypto/conf/conf_sap.c deleted file mode 100644 index 6951718765..0000000000 --- a/src/lib/libcrypto/conf/conf_sap.c +++ /dev/null @@ -1,151 +0,0 @@ -/* $OpenBSD: conf_sap.c,v 1.18 2024/10/18 11:12:10 tb Exp $ */ -/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL - * project 2001. - */ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include - -#include -#include -#include -#include -#include - -#include "conf_local.h" - -/* This is the automatic configuration loader: it is called automatically by - * OpenSSL when any of a number of standard initialisation functions are called, - * unless this is overridden by calling OPENSSL_no_config() - */ - -static pthread_once_t openssl_configured = PTHREAD_ONCE_INIT; - -static const char *openssl_config_name; - -void ASN1_add_oid_module(void); - -static void -OPENSSL_config_internal(void) -{ - ASN1_add_oid_module(); - - ERR_clear_error(); - if (CONF_modules_load_file(NULL, openssl_config_name, - CONF_MFLAGS_DEFAULT_SECTION|CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) { - BIO *bio_err; - ERR_load_crypto_strings(); - if ((bio_err = BIO_new_fp(stderr, BIO_NOCLOSE)) != NULL) { - BIO_printf(bio_err, "Auto configuration failed\n"); - ERR_print_errors(bio_err); - BIO_free(bio_err); - } - exit(1); - } - - return; -} - -int -OpenSSL_config(const char *config_name) -{ - /* Don't override if NULL */ - /* - * Note - multiple threads calling this with *different* config names - * is probably not advisable. One thread will win, but you don't know - * if it will be the same thread as wins the pthread_once. - */ - if (config_name != NULL) - openssl_config_name = config_name; - - if (OPENSSL_init_crypto(0, NULL) == 0) - return 0; - - if (pthread_once(&openssl_configured, OPENSSL_config_internal) != 0) - return 0; - - return 1; -} - -void -OPENSSL_config(const char *config_name) -{ - (void) OpenSSL_config(config_name); -} -LCRYPTO_ALIAS(OPENSSL_config); - -static void -OPENSSL_no_config_internal(void) -{ -} - -int -OpenSSL_no_config(void) -{ - if (pthread_once(&openssl_configured, OPENSSL_no_config_internal) != 0) - return 0; - - return 1; -} - -void -OPENSSL_no_config(void) -{ - (void) OpenSSL_no_config(); -} -LCRYPTO_ALIAS(OPENSSL_no_config); diff --git a/src/lib/libcrypto/conf/keysets.pl b/src/lib/libcrypto/conf/keysets.pl deleted file mode 100644 index fe17be57fe..0000000000 --- a/src/lib/libcrypto/conf/keysets.pl +++ /dev/null @@ -1,169 +0,0 @@ -#!/usr/local/bin/perl - -$NUMBER=0x01; -$UPPER=0x02; -$LOWER=0x04; -$UNDER=0x100; -$PUNCTUATION=0x200; -$WS=0x10; -$ESC=0x20; -$QUOTE=0x40; -$DQUOTE=0x400; -$COMMENT=0x80; -$FCOMMENT=0x800; -$EOF=0x08; -$HIGHBIT=0x1000; - -foreach (0 .. 255) - { - $v=0; - $c=sprintf("%c",$_); - $v|=$NUMBER if ($c =~ /[0-9]/); - $v|=$UPPER if ($c =~ /[A-Z]/); - $v|=$LOWER if ($c =~ /[a-z]/); - $v|=$UNDER if ($c =~ /_/); - $v|=$PUNCTUATION if ($c =~ /[!\.%&\*\+,\/;\?\@\^\~\|-]/); - $v|=$WS if ($c =~ /[ \t\r\n]/); - $v|=$ESC if ($c =~ /\\/); - $v|=$QUOTE if ($c =~ /['`"]/); # for emacs: "`'}/) - $v|=$COMMENT if ($c =~ /\#/); - $v|=$EOF if ($c =~ /\0/); - $v|=$HIGHBIT if ($c =~/[\x80-\xff]/); - - push(@V_def,$v); - } - -foreach (0 .. 255) - { - $v=0; - $c=sprintf("%c",$_); - $v|=$NUMBER if ($c =~ /[0-9]/); - $v|=$UPPER if ($c =~ /[A-Z]/); - $v|=$LOWER if ($c =~ /[a-z]/); - $v|=$UNDER if ($c =~ /_/); - $v|=$PUNCTUATION if ($c =~ /[!\.%&\*\+,\/;\?\@\^\~\|-]/); - $v|=$WS if ($c =~ /[ \t\r\n]/); - $v|=$DQUOTE if ($c =~ /["]/); # for emacs: "}/) - $v|=$FCOMMENT if ($c =~ /;/); - $v|=$EOF if ($c =~ /\0/); - $v|=$HIGHBIT if ($c =~/[\x80-\xff]/); - - push(@V_w32,$v); - } - -print <<"EOF"; -/* crypto/conf/conf_def.h */ -/* Copyright (C) 1995-1998 Eric Young (eay\@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay\@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh\@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay\@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh\@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* THIS FILE WAS AUTOMAGICALLY GENERATED! - Please modify and use keysets.pl to regenerate it. */ - -#define CONF_NUMBER $NUMBER -#define CONF_UPPER $UPPER -#define CONF_LOWER $LOWER -#define CONF_UNDER $UNDER -#define CONF_PUNCTUATION $PUNCTUATION -#define CONF_WS $WS -#define CONF_ESC $ESC -#define CONF_QUOTE $QUOTE -#define CONF_DQUOTE $DQUOTE -#define CONF_COMMENT $COMMENT -#define CONF_FCOMMENT $FCOMMENT -#define CONF_EOF $EOF -#define CONF_HIGHBIT $HIGHBIT -#define CONF_ALPHA (CONF_UPPER|CONF_LOWER) -#define CONF_ALPHA_NUMERIC (CONF_ALPHA|CONF_NUMBER|CONF_UNDER) -#define CONF_ALPHA_NUMERIC_PUNCT (CONF_ALPHA|CONF_NUMBER|CONF_UNDER| \\ - CONF_PUNCTUATION) - -#define KEYTYPES(c) ((unsigned short *)((c)->meth_data)) -#define IS_COMMENT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_COMMENT) -#define IS_FCOMMENT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_FCOMMENT) -#define IS_EOF(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_EOF) -#define IS_ESC(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_ESC) -#define IS_NUMBER(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_NUMBER) -#define IS_WS(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_WS) -#define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC) -#define IS_ALPHA_NUMERIC_PUNCT(c,a) \\ - (KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC_PUNCT) -#define IS_QUOTE(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_QUOTE) -#define IS_DQUOTE(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_DQUOTE) -#define IS_HIGHBIT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_HIGHBIT) - - -EOF - -print "static unsigned short CONF_type_default[256]={"; - -for ($i=0; $i<256; $i++) - { - print "\n\t" if ($i % 8) == 0; - printf "0x%04X,",$V_def[$i]; - } - -print "\n\t};\n\n"; - -print "static unsigned short CONF_type_win32[256]={"; - -for ($i=0; $i<256; $i++) - { - print "\n\t" if ($i % 8) == 0; - printf "0x%04X,",$V_w32[$i]; - } - -print "\n\t};\n\n"; diff --git a/src/lib/libcrypto/conf/ssleay.cnf b/src/lib/libcrypto/conf/ssleay.cnf deleted file mode 100644 index ed33af601e..0000000000 --- a/src/lib/libcrypto/conf/ssleay.cnf +++ /dev/null @@ -1,78 +0,0 @@ -# -# This is a test configuration file for use in SSLeay etc... -# - -init = 5 -in\#it1 =10 -init2='10' -init3='10\'' -init4="10'" -init5='='10\'' again' - -SSLeay::version = 0.5.0 - -[genrsa] -default_bits = 512 -SSLEAY::version = 0.5.0 - -[gendh] -default_bits = 512 -def_generator = 2 - -[s_client] -cipher1 = DES_CBC_MD5:DES_CBC_SHA:DES_EDE_SHA:RC4_MD5\ -cipher2 = 'DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5' -cipher3 = "DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5" -cipher4 = DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5 - -[ default ] -cert_dir = $ENV::HOME/.ca_certs - -HOME = /tmp/eay - -tmp_cert_dir = $HOME/.ca_certs -tmp2_cert_dir = thisis$(HOME)stuff - -LOGNAME = Eric Young (home=$HOME) - -[ special ] - -H=$HOME -H=$default::HOME -H=$ENV::HOME -# -# SSLeay example configuration file. -# This is mostly being used for generation of certificate requests. -# - -RANDFILE = $HOME/.rand - -[ req ] -default_bits = 512 -default_keyfile = privkey.pem - -Attribute_type_1 = countryName -Attribute_text_1 = Country Name (2 letter code) -Attribute_default_1 = AU - -Attribute_type_2 = stateOrProvinceName -Attribute_text_2 = State or Province Name (full name) -Attribute_default_2 = Queensland - -Attribute_type_3 = localityName -Attribute_text_3 = Locality Name (eg, city) - -Attribute_type_4 = organizationName -Attribute_text_4 = Organization Name (eg, company) -Attribute_default_4 = Mincom Pty Ltd - -Attribute_type_5 = organizationalUnitName -Attribute_text_5 = Organizational Unit Name (eg, section) -Attribute_default_5 = TR - -Attribute_type_6 = commonName -Attribute_text_6 = Common Name (eg, YOUR name) - -Attribute_type_7 = emailAddress -Attribute_text_7 = Email Address - diff --git a/src/lib/libcrypto/constant_time.h b/src/lib/libcrypto/constant_time.h deleted file mode 100644 index ea7dede9db..0000000000 --- a/src/lib/libcrypto/constant_time.h +++ /dev/null @@ -1,207 +0,0 @@ -/* $OpenBSD: constant_time.h,v 1.3 2023/04/06 18:43:47 tb Exp $ */ -/*- - * Utilities for constant-time cryptography. - * - * Author: Emilia Kasper (emilia@openssl.org) - * Based on previous work by Bodo Moeller, Emilia Kasper, Adam Langley - * (Google). - * ==================================================================== - * Copyright (c) 2014 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_CONSTANT_TIME_H -#define HEADER_CONSTANT_TIME_H - -__BEGIN_HIDDEN_DECLS - -/*- - * The boolean methods return a bitmask of all ones (0xff...f) for true - * and 0 for false. This is useful for choosing a value based on the result - * of a conditional in constant time. For example, - * - * if (a < b) { - * c = a; - * } else { - * c = b; - * } - * - * can be written as - * - * unsigned int lt = constant_time_lt(a, b); - * c = constant_time_select(lt, a, b); - */ - -/* - * Returns the given value with the MSB copied to all the other - * bits. Uses the fact that arithmetic shift shifts-in the sign bit. - * However, this is not ensured by the C standard so you may need to - * replace this with something else on odd CPUs. - */ -static inline unsigned int constant_time_msb(unsigned int a); - -/* - * Returns 0xff..f if a < b and 0 otherwise. - */ -static inline unsigned int constant_time_lt(unsigned int a, unsigned int b); -/* Convenience method for getting an 8-bit mask. */ -static inline unsigned char constant_time_lt_8(unsigned int a, - unsigned int b); - -/* - * Returns 0xff..f if a >= b and 0 otherwise. - */ -static inline unsigned int constant_time_ge(unsigned int a, unsigned int b); -/* Convenience method for getting an 8-bit mask. */ -static inline unsigned char constant_time_ge_8(unsigned int a, - unsigned int b); - -/* - * Returns 0xff..f if a == 0 and 0 otherwise. - */ -static inline unsigned int constant_time_is_zero(unsigned int a); -/* Convenience method for getting an 8-bit mask. */ -static inline unsigned char constant_time_is_zero_8(unsigned int a); - -/* - * Returns 0xff..f if a == b and 0 otherwise. - */ -static inline unsigned int constant_time_eq(unsigned int a, unsigned int b); -/* Convenience method for getting an 8-bit mask. */ -static inline unsigned char constant_time_eq_8(unsigned int a, - unsigned int b); -/* Signed integers. */ -static inline unsigned int constant_time_eq_int(int a, int b); -/* Convenience method for getting an 8-bit mask. */ -static inline unsigned char constant_time_eq_int_8(int a, int b); - -/*- - * Returns (mask & a) | (~mask & b). - * - * When |mask| is all 1s or all 0s (as returned by the methods above), - * the select methods return either |a| (if |mask| is nonzero) or |b| - * (if |mask| is zero). - */ -static inline unsigned int constant_time_select(unsigned int mask, - unsigned int a, - unsigned int b); -/* Convenience method for unsigned chars. */ -static inline unsigned char constant_time_select_8(unsigned char mask, - unsigned char a, - unsigned char b); -/* Convenience method for signed integers. */ -static inline int constant_time_select_int(unsigned int mask, int a, int b); - -static inline unsigned int constant_time_msb(unsigned int a) -{ - return 0 - (a >> (sizeof(a) * 8 - 1)); -} - -static inline unsigned int constant_time_lt(unsigned int a, unsigned int b) -{ - return constant_time_msb(a ^ ((a ^ b) | ((a - b) ^ b))); -} - -static inline unsigned char constant_time_lt_8(unsigned int a, unsigned int b) -{ - return (unsigned char)(constant_time_lt(a, b)); -} - -static inline unsigned int constant_time_ge(unsigned int a, unsigned int b) -{ - return ~constant_time_lt(a, b); -} - -static inline unsigned char constant_time_ge_8(unsigned int a, unsigned int b) -{ - return (unsigned char)(constant_time_ge(a, b)); -} - -static inline unsigned int constant_time_is_zero(unsigned int a) -{ - return constant_time_msb(~a & (a - 1)); -} - -static inline unsigned char constant_time_is_zero_8(unsigned int a) -{ - return (unsigned char)(constant_time_is_zero(a)); -} - -static inline unsigned int constant_time_eq(unsigned int a, unsigned int b) -{ - return constant_time_is_zero(a ^ b); -} - -static inline unsigned char constant_time_eq_8(unsigned int a, unsigned int b) -{ - return (unsigned char)(constant_time_eq(a, b)); -} - -static inline unsigned int constant_time_eq_int(int a, int b) -{ - return constant_time_eq((unsigned)(a), (unsigned)(b)); -} - -static inline unsigned char constant_time_eq_int_8(int a, int b) -{ - return constant_time_eq_8((unsigned)(a), (unsigned)(b)); -} - -static inline unsigned int constant_time_select(unsigned int mask, - unsigned int a, - unsigned int b) -{ - return (mask & a) | (~mask & b); -} - -static inline unsigned char constant_time_select_8(unsigned char mask, - unsigned char a, - unsigned char b) -{ - return (unsigned char)(constant_time_select(mask, a, b)); -} - -static inline int constant_time_select_int(unsigned int mask, int a, int b) -{ - return (int)(constant_time_select(mask, (unsigned)(a), (unsigned)(b))); -} - -void err_clear_last_constant_time(int clear); - -__END_HIDDEN_DECLS - -#endif /* !HEADER_CONSTANT_TIME_H */ diff --git a/src/lib/libcrypto/crypto.h b/src/lib/libcrypto/crypto.h deleted file mode 100644 index b4230f1b28..0000000000 --- a/src/lib/libcrypto/crypto.h +++ /dev/null @@ -1,458 +0,0 @@ -/* $OpenBSD: crypto.h,v 1.79 2025/03/09 15:29:56 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * ECDH support in OpenSSL originally developed by - * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. - */ - -#include -#include -#include -#include - -#ifndef HEADER_CRYPTO_H -#define HEADER_CRYPTO_H - -#include - -#include -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* Backward compatibility to SSLeay */ -/* This is more to be used to check the correct DLL is being used - * in the MS world. */ -#define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER -#define SSLEAY_VERSION 0 -/* #define SSLEAY_OPTIONS 1 no longer supported */ -#define SSLEAY_CFLAGS 2 -#define SSLEAY_BUILT_ON 3 -#define SSLEAY_PLATFORM 4 -#define SSLEAY_DIR 5 - -/* When changing the CRYPTO_LOCK_* list, be sure to maintain the text lock - * names in cryptlib.c - */ - -#define CRYPTO_LOCK_ERR 1 -#define CRYPTO_LOCK_EX_DATA 2 -#define CRYPTO_LOCK_X509 3 -#define CRYPTO_LOCK_X509_INFO 4 -#define CRYPTO_LOCK_X509_PKEY 5 -#define CRYPTO_LOCK_X509_CRL 6 -#define CRYPTO_LOCK_X509_REQ 7 -#define CRYPTO_LOCK_DSA 8 -#define CRYPTO_LOCK_RSA 9 -#define CRYPTO_LOCK_EVP_PKEY 10 -#define CRYPTO_LOCK_X509_STORE 11 -#define CRYPTO_LOCK_SSL_CTX 12 -#define CRYPTO_LOCK_SSL_CERT 13 -#define CRYPTO_LOCK_SSL_SESSION 14 -#define CRYPTO_LOCK_SSL_SESS_CERT 15 -#define CRYPTO_LOCK_SSL 16 -#define CRYPTO_LOCK_SSL_METHOD 17 -#define CRYPTO_LOCK_RAND 18 -#define CRYPTO_LOCK_RAND2 19 -#define CRYPTO_LOCK_MALLOC 20 -#define CRYPTO_LOCK_BIO 21 -#define CRYPTO_LOCK_GETHOSTBYNAME 22 -#define CRYPTO_LOCK_GETSERVBYNAME 23 -#define CRYPTO_LOCK_READDIR 24 -#define CRYPTO_LOCK_RSA_BLINDING 25 -#define CRYPTO_LOCK_DH 26 -#define CRYPTO_LOCK_MALLOC2 27 -#define CRYPTO_LOCK_DSO 28 -#define CRYPTO_LOCK_DYNLOCK 29 -#define CRYPTO_LOCK_ENGINE 30 -#define CRYPTO_LOCK_UI 31 -#define CRYPTO_LOCK_ECDSA 32 -#define CRYPTO_LOCK_EC 33 -#define CRYPTO_LOCK_ECDH 34 -#define CRYPTO_LOCK_BN 35 -#define CRYPTO_LOCK_EC_PRE_COMP 36 -#define CRYPTO_LOCK_STORE 37 -#define CRYPTO_LOCK_COMP 38 -#define CRYPTO_LOCK_FIPS 39 -#define CRYPTO_LOCK_FIPS2 40 -#define CRYPTO_NUM_LOCKS 41 - -#define CRYPTO_LOCK 1 -#define CRYPTO_UNLOCK 2 -#define CRYPTO_READ 4 -#define CRYPTO_WRITE 8 - -#ifndef CRYPTO_w_lock -#define CRYPTO_w_lock(type) \ - CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,OPENSSL_FILE,OPENSSL_LINE) -#define CRYPTO_w_unlock(type) \ - CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,OPENSSL_FILE,OPENSSL_LINE) -#define CRYPTO_r_lock(type) \ - CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,OPENSSL_FILE,OPENSSL_LINE) -#define CRYPTO_r_unlock(type) \ - CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,OPENSSL_FILE,OPENSSL_LINE) -#define CRYPTO_add(addr,amount,type) \ - CRYPTO_add_lock(addr,amount,type,OPENSSL_FILE,OPENSSL_LINE) -#endif - -/* Some applications as well as some parts of OpenSSL need to allocate - and deallocate locks in a dynamic fashion. The following typedef - makes this possible in a type-safe manner. */ -/* struct CRYPTO_dynlock_value has to be defined by the application. */ -typedef struct { - int references; - struct CRYPTO_dynlock_value *data; -} CRYPTO_dynlock; - - -/* The following can be used to detect memory leaks in the SSLeay library. - * It used, it turns on malloc checking */ - -#define CRYPTO_MEM_CHECK_OFF 0x0 /* an enume */ -#define CRYPTO_MEM_CHECK_ON 0x1 /* a bit */ -#define CRYPTO_MEM_CHECK_ENABLE 0x2 /* a bit */ -#define CRYPTO_MEM_CHECK_DISABLE 0x3 /* an enume */ - -/* The following are bit values to turn on or off options connected to the - * malloc checking functionality */ - -/* Adds time to the memory checking information */ -#define V_CRYPTO_MDEBUG_TIME 0x1 /* a bit */ -/* Adds thread number to the memory checking information */ -#define V_CRYPTO_MDEBUG_THREAD 0x2 /* a bit */ - -#define V_CRYPTO_MDEBUG_ALL (V_CRYPTO_MDEBUG_TIME | V_CRYPTO_MDEBUG_THREAD) - - -/* predec of the BIO type */ -typedef struct bio_st BIO_dummy; - -struct crypto_ex_data_st { - void *sk; -}; -DECLARE_STACK_OF(void) - -#define CRYPTO_EX_INDEX_SSL 0 -#define CRYPTO_EX_INDEX_SSL_CTX 1 -#define CRYPTO_EX_INDEX_SSL_SESSION 2 -#define CRYPTO_EX_INDEX_APP 3 -#define CRYPTO_EX_INDEX_BIO 4 -#define CRYPTO_EX_INDEX_DH 5 -#define CRYPTO_EX_INDEX_DSA 6 -#define CRYPTO_EX_INDEX_EC_KEY 7 -#define CRYPTO_EX_INDEX_ENGINE 8 -#define CRYPTO_EX_INDEX_RSA 9 -#define CRYPTO_EX_INDEX_UI 10 -#define CRYPTO_EX_INDEX_UI_METHOD 11 -#define CRYPTO_EX_INDEX_X509 12 -#define CRYPTO_EX_INDEX_X509_STORE 13 -#define CRYPTO_EX_INDEX_X509_STORE_CTX 14 -#define CRYPTO_EX_INDEX__COUNT 15 - -#ifndef LIBRESSL_INTERNAL -#define CRYPTO_malloc_init() (0) -#define CRYPTO_malloc_debug_init() (0) -#endif /* LIBRESSL_INTERNAL */ - -#if defined CRYPTO_MDEBUG_ALL || defined CRYPTO_MDEBUG_TIME || defined CRYPTO_MDEBUG_THREAD -# ifndef CRYPTO_MDEBUG /* avoid duplicate #define */ -# define CRYPTO_MDEBUG -# endif -#endif - -int CRYPTO_mem_ctrl(int mode); - -#define OPENSSL_malloc(num) CRYPTO_malloc((num),OPENSSL_FILE,OPENSSL_LINE) -#define OPENSSL_strdup(str) CRYPTO_strdup((str),OPENSSL_FILE,OPENSSL_LINE) -#define OPENSSL_free(addr) CRYPTO_free((addr),OPENSSL_FILE,OPENSSL_LINE) - -const char *OpenSSL_version(int type); -#define OPENSSL_VERSION 0 -#define OPENSSL_CFLAGS 1 -#define OPENSSL_BUILT_ON 2 -#define OPENSSL_PLATFORM 3 -#define OPENSSL_DIR 4 -#define OPENSSL_ENGINES_DIR 5 -unsigned long OpenSSL_version_num(void); - -const char *SSLeay_version(int type); -unsigned long SSLeay(void); - -/* Within a given class, get/register a new index */ -int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp, - CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); -/* Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a given - * class (invokes whatever per-class callbacks are applicable) */ -int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad); -int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to, - CRYPTO_EX_DATA *from); -void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad); -/* Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular index - * (relative to the class type involved) */ -int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val); -void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx); -/* This function cleans up all "ex_data" state. It mustn't be called under - * potential race-conditions. */ -void CRYPTO_cleanup_all_ex_data(void); - -void CRYPTO_lock(int mode, int type, const char *file, int line); -int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file, - int line); - -/* Don't use this structure directly. */ -typedef struct crypto_threadid_st CRYPTO_THREADID; - -/* These functions are deprecated no-op stubs */ -void CRYPTO_set_id_callback(unsigned long (*func)(void)); -unsigned long (*CRYPTO_get_id_callback(void))(void); -unsigned long CRYPTO_thread_id(void); - -int CRYPTO_get_new_lockid(char *name); -const char *CRYPTO_get_lock_name(int type); - -int CRYPTO_num_locks(void); -void CRYPTO_set_locking_callback(void (*func)(int mode, int type, - const char *file, int line)); -void (*CRYPTO_get_locking_callback(void))(int mode, int type, - const char *file, int line); -void CRYPTO_set_add_lock_callback(int (*func)(int *num, int mount, int type, - const char *file, int line)); -int (*CRYPTO_get_add_lock_callback(void))(int *num, int mount, int type, - const char *file, int line); - -void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val); -void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr); -int CRYPTO_THREADID_set_callback(void (*threadid_func)(CRYPTO_THREADID *)); -void (*CRYPTO_THREADID_get_callback(void))(CRYPTO_THREADID *); - -int CRYPTO_get_new_dynlockid(void); -void CRYPTO_destroy_dynlockid(int i); -struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i); -void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*dyn_create_function)(const char *file, int line)); -void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)(int mode, struct CRYPTO_dynlock_value *l, const char *file, int line)); -void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)(struct CRYPTO_dynlock_value *l, const char *file, int line)); -struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void))(const char *file, int line); -void (*CRYPTO_get_dynlock_lock_callback(void))(int mode, struct CRYPTO_dynlock_value *l, const char *file, int line); -void (*CRYPTO_get_dynlock_destroy_callback(void))(struct CRYPTO_dynlock_value *l, const char *file, int line); - -int CRYPTO_set_mem_functions(void *(*m)(size_t, const char *, int), - void *(*r)(void *, size_t, const char *, int), - void (*f)(void *, const char *, int)); - -void *CRYPTO_malloc(size_t num, const char *file, int line); -char *CRYPTO_strdup(const char *str, const char *file, int line); -void CRYPTO_free(void *ptr, const char *file, int line); - -void OPENSSL_cleanse(void *ptr, size_t len); - -/* - * Because this is a public header, use a portable method of indicating the - * function does not return, rather than __dead. - */ -#ifdef _MSC_VER -__declspec(noreturn) -#else -__attribute__((__noreturn__)) -#endif -void OpenSSLDie(const char *file, int line, const char *assertion); -#define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(OPENSSL_FILE, OPENSSL_LINE, #e),1)) - -int FIPS_mode(void); -int FIPS_mode_set(int r); - -void OPENSSL_init(void); - -/* CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal. It - * takes an amount of time dependent on |len|, but independent of the contents - * of |a| and |b|. Unlike memcmp, it cannot be used to put elements into a - * defined order as the return value when a != b is undefined, other than to be - * non-zero. */ -int CRYPTO_memcmp(const void *a, const void *b, size_t len); - -/* - * OpenSSL compatible OPENSSL_INIT options. - */ - -#define OPENSSL_INIT_NO_LOAD_CONFIG 0x00000001L -#define OPENSSL_INIT_LOAD_CONFIG 0x00000002L - -/* LibreSSL specific */ -#define _OPENSSL_INIT_FLAG_NOOP 0x80000000L - -/* - * These are provided for compatibility, but have no effect - * on how LibreSSL is initialized. - */ -#define OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_LOAD_CRYPTO_STRINGS _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_ADD_ALL_CIPHERS _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_ADD_ALL_DIGESTS _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_NO_ADD_ALL_CIPHERS _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_NO_ADD_ALL_DIGESTS _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_ASYNC _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_ENGINE_RDRAND _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_ENGINE_DYNAMIC _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_ENGINE_OPENSSL _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_ENGINE_CRYPTODEV _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_ENGINE_CAPI _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_ENGINE_PADLOCK _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_ENGINE_AFALG _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_reserved_internal _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_ATFORK _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_ENGINE_ALL_BUILTIN _OPENSSL_INIT_FLAG_NOOP -#define OPENSSL_INIT_NO_ATEXIT _OPENSSL_INIT_FLAG_NOOP - -int OPENSSL_init_crypto(uint64_t opts, const void *settings); -void OPENSSL_cleanup(void); - -/* - * CPU capabilities. - */ -#define CRYPTO_CPU_CAPS_ACCELERATED_AES 0x00000001ULL - -uint64_t OPENSSL_cpu_caps(void); - -/* - * OpenSSL helpfully put OPENSSL_gmtime() here because all other time related - * functions are in asn1.h. - */ -struct tm *OPENSSL_gmtime(const time_t *time, struct tm *out_tm); - -void ERR_load_CRYPTO_strings(void); - -/* Error codes for the CRYPTO functions. */ - -/* Function codes. */ -#define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX 100 -#define CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID 103 -#define CRYPTO_F_CRYPTO_GET_NEW_LOCKID 101 -#define CRYPTO_F_CRYPTO_SET_EX_DATA 102 -#define CRYPTO_F_DEF_ADD_INDEX 104 -#define CRYPTO_F_DEF_GET_CLASS 105 -#define CRYPTO_F_FIPS_MODE_SET 109 -#define CRYPTO_F_INT_DUP_EX_DATA 106 -#define CRYPTO_F_INT_FREE_EX_DATA 107 -#define CRYPTO_F_INT_NEW_EX_DATA 108 - -/* Reason codes. */ -#define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED 101 -#define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK 100 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/crypto_err.c b/src/lib/libcrypto/crypto_err.c deleted file mode 100644 index 08fb0ea16d..0000000000 --- a/src/lib/libcrypto/crypto_err.c +++ /dev/null @@ -1,102 +0,0 @@ -/* $OpenBSD: crypto_err.c,v 1.1 2024/11/05 11:21:15 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include - -#include "err_local.h" - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_CRYPTO,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_CRYPTO,0,reason) - -static const ERR_STRING_DATA CRYPTO_str_functs[] = { - {ERR_FUNC(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX), "CRYPTO_get_ex_new_index"}, - {ERR_FUNC(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID), "CRYPTO_get_new_dynlockid"}, - {ERR_FUNC(CRYPTO_F_CRYPTO_GET_NEW_LOCKID), "CRYPTO_get_new_lockid"}, - {ERR_FUNC(CRYPTO_F_CRYPTO_SET_EX_DATA), "CRYPTO_set_ex_data"}, - {ERR_FUNC(CRYPTO_F_DEF_ADD_INDEX), "DEF_ADD_INDEX"}, - {ERR_FUNC(CRYPTO_F_DEF_GET_CLASS), "DEF_GET_CLASS"}, - {ERR_FUNC(CRYPTO_F_FIPS_MODE_SET), "FIPS_mode_set"}, - {ERR_FUNC(CRYPTO_F_INT_DUP_EX_DATA), "INT_DUP_EX_DATA"}, - {ERR_FUNC(CRYPTO_F_INT_FREE_EX_DATA), "INT_FREE_EX_DATA"}, - {ERR_FUNC(CRYPTO_F_INT_NEW_EX_DATA), "INT_NEW_EX_DATA"}, - {0, NULL} -}; - -static const ERR_STRING_DATA CRYPTO_str_reasons[] = { - {ERR_REASON(CRYPTO_R_FIPS_MODE_NOT_SUPPORTED), "fips mode not supported"}, - {ERR_REASON(CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK), "no dynlock create callback"}, - {0, NULL} -}; - -#endif - -void -ERR_load_CRYPTO_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(CRYPTO_str_functs[0].error) == NULL) { - ERR_load_const_strings(CRYPTO_str_functs); - ERR_load_const_strings(CRYPTO_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_CRYPTO_strings); diff --git a/src/lib/libcrypto/crypto_ex_data.c b/src/lib/libcrypto/crypto_ex_data.c deleted file mode 100644 index ceb3a92e51..0000000000 --- a/src/lib/libcrypto/crypto_ex_data.c +++ /dev/null @@ -1,418 +0,0 @@ -/* $OpenBSD: crypto_ex_data.c,v 1.4 2024/08/03 07:45:26 tb Exp $ */ -/* - * Copyright (c) 2023 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include - -#define CRYPTO_EX_DATA_MAX_INDEX 32 - -struct crypto_ex_data { - int class_index; - void **slots; - size_t slots_len; -}; - -struct crypto_ex_data_index { - CRYPTO_EX_new *new_func; - CRYPTO_EX_dup *dup_func; - CRYPTO_EX_free *free_func; - long argl; - void *argp; -}; - -struct crypto_ex_data_class { - struct crypto_ex_data_index **indexes; - size_t indexes_len; - size_t next_index; -}; - -static struct crypto_ex_data_class **classes; - -static int -crypto_ex_data_classes_init(void) -{ - struct crypto_ex_data_class **classes_new = NULL; - - if (classes != NULL) - return 1; - - if ((classes_new = calloc(CRYPTO_EX_INDEX__COUNT, - sizeof(struct crypto_ex_data_index))) == NULL) - return 0; - - CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA); - if (classes == NULL) { - classes = classes_new; - classes_new = NULL; - } - CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA); - - free(classes_new); - - return 1; -} - -static struct crypto_ex_data_class * -crypto_ex_data_class_lookup(int class_index) -{ - struct crypto_ex_data_class *class; - - if (classes == NULL) - return NULL; - if (class_index < 0 || class_index >= CRYPTO_EX_INDEX__COUNT) - return NULL; - - CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA); - class = classes[class_index]; - CRYPTO_r_unlock(CRYPTO_LOCK_EX_DATA); - - return class; -} - -int -CRYPTO_get_ex_new_index(int class_index, long argl, void *argp, - CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) -{ - struct crypto_ex_data_class *new_class = NULL; - struct crypto_ex_data_index *index = NULL; - struct crypto_ex_data_class *class; - int idx = -1; - - if (!crypto_ex_data_classes_init()) - goto err; - - if (class_index < 0 || class_index >= CRYPTO_EX_INDEX__COUNT) - goto err; - - if ((class = classes[class_index]) == NULL) { - if ((new_class = calloc(1, - sizeof(struct crypto_ex_data_class))) == NULL) - goto err; - if ((new_class->indexes = calloc(CRYPTO_EX_DATA_MAX_INDEX, - sizeof(struct crypto_ex_data_index *))) == NULL) - goto err; - new_class->indexes_len = CRYPTO_EX_DATA_MAX_INDEX; - new_class->next_index = 1; - - CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA); - if (classes[class_index] == NULL) { - classes[class_index] = new_class; - new_class = NULL; - } - CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA); - - class = classes[class_index]; - } - - if ((index = calloc(1, sizeof(struct crypto_ex_data_index))) == NULL) - goto err; - - index->new_func = new_func; - index->dup_func = dup_func; - index->free_func = free_func; - - index->argl = argl; - index->argp = argp; - - CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA); - if (class->next_index < class->indexes_len) { - idx = class->next_index++; - class->indexes[idx] = index; - index = NULL; - } - CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA); - - - err: - if (new_class != NULL) { - free(new_class->indexes); - free(new_class); - } - free(index); - - return idx; -} -LCRYPTO_ALIAS(CRYPTO_get_ex_new_index); - -void -CRYPTO_cleanup_all_ex_data(void) -{ - struct crypto_ex_data_class *class; - int i, j; - - if (classes == NULL) - return; - - for (i = 0; i < CRYPTO_EX_INDEX__COUNT; i++) { - if ((class = classes[i]) == NULL) - continue; - - if (class->indexes != NULL) { - for (j = 0; j < CRYPTO_EX_DATA_MAX_INDEX; j++) - free(class->indexes[j]); - free(class->indexes); - } - - free(class); - } - - free(classes); - classes = NULL; -} -LCRYPTO_ALIAS(CRYPTO_cleanup_all_ex_data); - -static void -crypto_ex_data_clear(CRYPTO_EX_DATA *exdata) -{ - struct crypto_ex_data *ced; - - if (exdata == NULL) - return; - - if ((ced = exdata->sk) != NULL) { - freezero(ced->slots, ced->slots_len * sizeof(void *)); - freezero(ced, sizeof(*ced)); - } - - exdata->sk = NULL; -} - -static int -crypto_ex_data_init(CRYPTO_EX_DATA *exdata) -{ - struct crypto_ex_data *ced = NULL; - - if (exdata->sk != NULL) - goto err; - - if ((ced = calloc(1, sizeof(struct crypto_ex_data))) == NULL) - goto err; - - ced->class_index = -1; - - if ((ced->slots = calloc(CRYPTO_EX_DATA_MAX_INDEX, sizeof(void *))) == NULL) - goto err; - ced->slots_len = CRYPTO_EX_DATA_MAX_INDEX; - - exdata->sk = ced; - - return 1; - - err: - if (ced != NULL) { - free(ced->slots); - free(ced); - } - crypto_ex_data_clear(exdata); - - return 0; -} - -int -CRYPTO_new_ex_data(int class_index, void *parent, CRYPTO_EX_DATA *exdata) -{ - struct crypto_ex_data_class *class; - struct crypto_ex_data_index *index; - struct crypto_ex_data *ced; - size_t i, last_index; - - if (!crypto_ex_data_init(exdata)) - goto err; - if ((ced = exdata->sk) == NULL) - goto err; - - if (!crypto_ex_data_classes_init()) - goto err; - if ((class = crypto_ex_data_class_lookup(class_index)) == NULL) - goto done; - - ced->class_index = class_index; - - /* Existing indexes are immutable, we just have to know when to stop. */ - CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA); - last_index = class->next_index; - CRYPTO_r_unlock(CRYPTO_LOCK_EX_DATA); - - for (i = 0; i < last_index; i++) { - if ((index = class->indexes[i]) == NULL) - continue; - if (index->new_func == NULL) - continue; - if (!index->new_func(parent, NULL, exdata, i, index->argl, - index->argp)) - goto err; - } - - done: - return 1; - - err: - CRYPTO_free_ex_data(class_index, parent, exdata); - - return 0; -} -LCRYPTO_ALIAS(CRYPTO_new_ex_data); - -int -CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *dst, CRYPTO_EX_DATA *src) -{ - struct crypto_ex_data *dst_ced, *src_ced; - struct crypto_ex_data_class *class; - struct crypto_ex_data_index *index; - size_t i, last_index; - void *val; - - if (dst == NULL || src == NULL) - goto err; - - /* - * Some code calls CRYPTO_new_ex_data() before dup, others never call - * CRYPTO_new_ex_data()... so we get to handle both. - */ - /* XXX - parent == NULL? */ - CRYPTO_free_ex_data(class_index, NULL, dst); - - if (!crypto_ex_data_init(dst)) - goto err; - - if ((dst_ced = dst->sk) == NULL) - goto err; - if ((src_ced = src->sk) == NULL) - goto err; - - if ((class = crypto_ex_data_class_lookup(class_index)) == NULL) { - for (i = 0; i < CRYPTO_EX_DATA_MAX_INDEX; i++) - dst_ced->slots[i] = src_ced->slots[i]; - goto done; - } - - OPENSSL_assert(src_ced->class_index == class_index); - - dst_ced->class_index = class_index; - - /* Existing indexes are immutable, we just have to know when to stop. */ - CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA); - last_index = class->next_index; - CRYPTO_r_unlock(CRYPTO_LOCK_EX_DATA); - - for (i = 0; i < last_index; i++) { - if ((index = class->indexes[i]) == NULL) - continue; - - /* If there is no dup function, we copy the pointer. */ - val = src_ced->slots[i]; - if (index->dup_func != NULL) { - if (!index->dup_func(dst, src, &val, i, index->argl, - index->argp)) - goto err; - } - /* If the dup function set data, we will potentially leak. */ - if (dst_ced->slots[i] != NULL) - goto err; - dst_ced->slots[i] = val; - } - - done: - return 1; - - err: - /* XXX - parent == NULL? */ - CRYPTO_free_ex_data(class_index, NULL, dst); - - return 0; -} -LCRYPTO_ALIAS(CRYPTO_dup_ex_data); - -void -CRYPTO_free_ex_data(int class_index, void *parent, CRYPTO_EX_DATA *exdata) -{ - struct crypto_ex_data_class *class; - struct crypto_ex_data_index *index; - struct crypto_ex_data *ced; - size_t i, last_index; - - if (exdata == NULL) - return; - if ((ced = exdata->sk) == NULL) - goto done; - if (ced->class_index == -1) - goto done; - - if ((class = crypto_ex_data_class_lookup(class_index)) == NULL) - goto done; - - OPENSSL_assert(ced->class_index == class_index); - - /* Existing indexes are immutable, we just have to know when to stop. */ - CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA); - last_index = class->next_index; - CRYPTO_r_unlock(CRYPTO_LOCK_EX_DATA); - - for (i = 0; i < last_index; i++) { - if ((index = class->indexes[i]) == NULL) - continue; - if (index->free_func == NULL) - continue; - index->free_func(parent, ced->slots[i], exdata, i, index->argl, - index->argp); - } - - done: - crypto_ex_data_clear(exdata); -} -LCRYPTO_ALIAS(CRYPTO_free_ex_data); - -int -CRYPTO_set_ex_data(CRYPTO_EX_DATA *exdata, int idx, void *val) -{ - struct crypto_ex_data *ced; - - /* - * Preserve horrible historical behaviour - allow set to work even if - * new has not been called first. - */ - if ((ced = exdata->sk) == NULL) { - if (!crypto_ex_data_init(exdata)) - return 0; - ced = exdata->sk; - } - - /* XXX - consider preventing set for an unallocated index. */ - - if (idx < 0 || idx >= ced->slots_len) - return 0; - - ced->slots[idx] = val; - - return 1; -} -LCRYPTO_ALIAS(CRYPTO_set_ex_data); - -void * -CRYPTO_get_ex_data(const CRYPTO_EX_DATA *exdata, int idx) -{ - struct crypto_ex_data *ced; - - if ((ced = exdata->sk) == NULL) - return NULL; - if (idx < 0 || idx >= ced->slots_len) - return NULL; - - return ced->slots[idx]; -} -LCRYPTO_ALIAS(CRYPTO_get_ex_data); diff --git a/src/lib/libcrypto/crypto_init.c b/src/lib/libcrypto/crypto_init.c deleted file mode 100644 index 6016d1ae40..0000000000 --- a/src/lib/libcrypto/crypto_init.c +++ /dev/null @@ -1,122 +0,0 @@ -/* $OpenBSD: crypto_init.c,v 1.22 2024/10/17 14:27:57 jsing Exp $ */ -/* - * Copyright (c) 2018 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* OpenSSL style init */ - -#include -#include - -#include -#include -#include -#include -#include -#include - -#include "crypto_internal.h" -#include "x509_issuer_cache.h" - -int OpenSSL_config(const char *); -int OpenSSL_no_config(void); - -static pthread_once_t crypto_init_once = PTHREAD_ONCE_INIT; -static pthread_t crypto_init_thread; -static int crypto_init_cleaned_up; - -void -OPENSSL_init(void) -{ -} -LCRYPTO_ALIAS(OPENSSL_init); - -static void -OPENSSL_init_crypto_internal(void) -{ - crypto_init_thread = pthread_self(); - - crypto_cpu_caps_init(); - - ERR_load_crypto_strings(); -} - -int -OPENSSL_init_crypto(uint64_t opts, const void *settings) -{ - if (crypto_init_cleaned_up) { - CRYPTOerror(ERR_R_INIT_FAIL); - return 0; - } - - if (pthread_equal(pthread_self(), crypto_init_thread)) - return 1; /* don't recurse */ - - if (pthread_once(&crypto_init_once, OPENSSL_init_crypto_internal) != 0) - return 0; - - if ((opts & OPENSSL_INIT_NO_LOAD_CONFIG) && - (OpenSSL_no_config() == 0)) - return 0; - - if ((opts & OPENSSL_INIT_LOAD_CONFIG) && - (OpenSSL_config(NULL) == 0)) - return 0; - - return 1; -} -LCRYPTO_ALIAS(OPENSSL_init_crypto); - -void -OPENSSL_cleanup(void) -{ - /* This currently calls init... */ - ERR_free_strings(); - - CRYPTO_cleanup_all_ex_data(); - EVP_cleanup(); - - X509_VERIFY_PARAM_table_cleanup(); - - x509_issuer_cache_free(); - - crypto_init_cleaned_up = 1; -} -LCRYPTO_ALIAS(OPENSSL_cleanup); - -void -OpenSSL_add_all_ciphers(void) -{ -} -LCRYPTO_ALIAS(OpenSSL_add_all_ciphers); - -void -OpenSSL_add_all_digests(void) -{ -} -LCRYPTO_ALIAS(OpenSSL_add_all_digests); - -void -OPENSSL_add_all_algorithms_noconf(void) -{ -} -LCRYPTO_ALIAS(OPENSSL_add_all_algorithms_noconf); - -void -OPENSSL_add_all_algorithms_conf(void) -{ - OPENSSL_config(NULL); -} -LCRYPTO_ALIAS(OPENSSL_add_all_algorithms_conf); diff --git a/src/lib/libcrypto/crypto_internal.h b/src/lib/libcrypto/crypto_internal.h deleted file mode 100644 index 09ae7fa466..0000000000 --- a/src/lib/libcrypto/crypto_internal.h +++ /dev/null @@ -1,305 +0,0 @@ -/* $OpenBSD: crypto_internal.h,v 1.15 2025/01/19 07:51:41 jsing Exp $ */ -/* - * Copyright (c) 2023 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include -#include -#include - -#include "crypto_arch.h" - -#ifndef HEADER_CRYPTO_INTERNAL_H -#define HEADER_CRYPTO_INTERNAL_H - -#define CTASSERT(x) \ - extern char _ctassert[(x) ? 1 : -1] __attribute__((__unused__)) - -/* - * Constant time functions for size_t. - */ -#ifndef HAVE_CRYPTO_CT_NE_ZERO -static inline int -crypto_ct_ne_zero(size_t v) -{ - return (v | ~(v - 1)) >> ((sizeof(v) * 8) - 1); -} -#endif - -#ifndef HAVE_CRYPTO_CT_NE_ZERO_MASK -static inline size_t -crypto_ct_ne_zero_mask(size_t v) -{ - return 0 - crypto_ct_ne_zero(v); -} -#endif - -#ifndef HAVE_CRYPTO_CT_EQ_ZERO -static inline int -crypto_ct_eq_zero(size_t v) -{ - return 1 - crypto_ct_ne_zero(v); -} -#endif - -#ifndef HAVE_CRYPTO_CT_EQ_ZERO_MASK_U8 -static inline size_t -crypto_ct_eq_zero_mask(size_t v) -{ - return 0 - crypto_ct_eq_zero(v); -} -#endif - -#ifndef HAVE_CRYPTO_CT_LT -static inline int -crypto_ct_lt(size_t a, size_t b) -{ - return (((a - b) | (b & ~a)) & (b | ~a)) >> - (sizeof(size_t) * 8 - 1); -} -#endif - -#ifndef HAVE_CRYPTO_CT_LT_MASK -static inline size_t -crypto_ct_lt_mask(size_t a, size_t b) -{ - return 0 - crypto_ct_lt(a, b); -} -#endif - -#ifndef HAVE_CRYPTO_CT_GT -static inline int -crypto_ct_gt(size_t a, size_t b) -{ - return crypto_ct_lt(b, a); -} -#endif - -#ifndef HAVE_CRYPTO_CT_GT_MASK -static inline size_t -crypto_ct_gt_mask(size_t a, size_t b) -{ - return 0 - crypto_ct_gt(a, b); -} -#endif - -/* - * Constant time operations for uint8_t. - */ -#ifndef HAVE_CRYPTO_CT_NE_ZERO_U8 -static inline int -crypto_ct_ne_zero_u8(uint8_t v) -{ - return (uint8_t)(v | ~(v - 1)) >> ((sizeof(v) * 8) - 1); -} -#endif - -#ifndef HAVE_CRYPTO_CT_NE_ZERO_MASK_U8 -static inline uint8_t -crypto_ct_ne_zero_mask_u8(uint8_t v) -{ - return 0 - crypto_ct_ne_zero_u8(v); -} -#endif - -#ifndef HAVE_CRYPTO_CT_EQ_ZERO_U8 -static inline int -crypto_ct_eq_zero_u8(uint8_t v) -{ - return 1 - crypto_ct_ne_zero_u8(v); -} -#endif - -#ifndef HAVE_CRYPTO_CT_EQ_ZERO_MASK_U8 -static inline uint8_t -crypto_ct_eq_zero_mask_u8(uint8_t v) -{ - return 0 - crypto_ct_eq_zero_u8(v); -} -#endif - -#ifndef HAVE_CRYPTO_CT_NE_U8 -static inline int -crypto_ct_ne_u8(uint8_t a, uint8_t b) -{ - return crypto_ct_ne_zero_u8(a - b); -} -#endif - -#ifndef HAVE_CRYPTO_CT_NE_MASK_U8 -static inline uint8_t -crypto_ct_ne_mask_u8(uint8_t a, uint8_t b) -{ - return 0 - crypto_ct_ne_u8(a, b); -} -#endif - -#ifndef HAVE_CRYPTO_CT_EQ_U8 -static inline int -crypto_ct_eq_u8(uint8_t a, uint8_t b) -{ - return crypto_ct_eq_zero_u8(a - b); -} -#endif - -#ifndef HAVE_CRYPTO_CT_EQ_MASK_U8 -static inline uint8_t -crypto_ct_eq_mask_u8(uint8_t a, uint8_t b) -{ - return 0 - crypto_ct_eq_u8(a, b); -} -#endif - -/* - * crypto_load_be32toh() loads a 32 bit unsigned big endian value as a 32 bit - * unsigned host endian value, from the specified address in memory. The memory - * address may have any alignment. - */ -#ifndef HAVE_CRYPTO_LOAD_BE32TOH -static inline uint32_t -crypto_load_be32toh(const uint8_t *src) -{ - uint32_t v; - - memcpy(&v, src, sizeof(v)); - - return be32toh(v); -} -#endif - -/* - * crypto_store_htobe32() stores a 32 bit unsigned host endian value as a 32 bit - * unsigned big endian value, at the specified address in memory. The memory - * address may have any alignment. - */ -#ifndef HAVE_CRYPTO_STORE_HTOBE32 -static inline void -crypto_store_htobe32(uint8_t *dst, uint32_t v) -{ - v = htobe32(v); - memcpy(dst, &v, sizeof(v)); -} -#endif - -/* - * crypto_load_be64toh() loads a 64 bit unsigned big endian value as a 64 bit - * unsigned host endian value, from the specified address in memory. The memory - * address may have any alignment. - */ -#ifndef HAVE_CRYPTO_LOAD_BE64TOH -static inline uint64_t -crypto_load_be64toh(const uint8_t *src) -{ - uint64_t v; - - memcpy(&v, src, sizeof(v)); - - return be64toh(v); -} -#endif - -/* - * crypto_store_htobe64() stores a 64 bit unsigned host endian value as a 64 bit - * unsigned big endian value, at the specified address in memory. The memory - * address may have any alignment. - */ -#ifndef HAVE_CRYPTO_STORE_HTOBE64 -static inline void -crypto_store_htobe64(uint8_t *dst, uint64_t v) -{ - v = htobe64(v); - memcpy(dst, &v, sizeof(v)); -} -#endif - -/* - * crypto_load_le32toh() loads a 32 bit unsigned little endian value as a 32 bit - * unsigned host endian value, from the specified address in memory. The memory - * address may have any alignment. - */ -#ifndef HAVE_CRYPTO_LOAD_LE32TOH -static inline uint32_t -crypto_load_le32toh(const uint8_t *src) -{ - uint32_t v; - - memcpy(&v, src, sizeof(v)); - - return le32toh(v); -} -#endif - -/* - * crypto_store_htole32() stores a 32 bit unsigned host endian value as a 32 bit - * unsigned little endian value, at the specified address in memory. The memory - * address may have any alignment. - */ -#ifndef HAVE_CRYPTO_STORE_HTOLE32 -static inline void -crypto_store_htole32(uint8_t *dst, uint32_t v) -{ - v = htole32(v); - memcpy(dst, &v, sizeof(v)); -} -#endif - -#ifndef HAVE_CRYPTO_ADD_U32DW_U64 -static inline void -crypto_add_u32dw_u64(uint32_t *h, uint32_t *l, uint64_t v) -{ - v += ((uint64_t)*h << 32) | *l; - *h = v >> 32; - *l = v; -} -#endif - -#ifndef HAVE_CRYPTO_ROL_U32 -static inline uint32_t -crypto_rol_u32(uint32_t v, size_t shift) -{ - return (v << shift) | (v >> (32 - shift)); -} -#endif - -#ifndef HAVE_CRYPTO_ROR_U32 -static inline uint32_t -crypto_ror_u32(uint32_t v, size_t shift) -{ - return (v << (32 - shift)) | (v >> shift); -} -#endif - -#ifndef HAVE_CRYPTO_ROL_U64 -static inline uint64_t -crypto_rol_u64(uint64_t v, size_t shift) -{ - return (v << shift) | (v >> (64 - shift)); -} -#endif - -#ifndef HAVE_CRYPTO_ROR_U64 -static inline uint64_t -crypto_ror_u64(uint64_t v, size_t shift) -{ - return (v << (64 - shift)) | (v >> shift); -} -#endif - -void crypto_cpu_caps_init(void); - -uint64_t crypto_cpu_caps_ia32(void); - -#endif diff --git a/src/lib/libcrypto/crypto_legacy.c b/src/lib/libcrypto/crypto_legacy.c deleted file mode 100644 index d864fc4c3f..0000000000 --- a/src/lib/libcrypto/crypto_legacy.c +++ /dev/null @@ -1,451 +0,0 @@ -/* $OpenBSD: crypto_legacy.c,v 1.6 2024/11/06 04:18:42 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * ECDH support in OpenSSL originally developed by - * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. - */ - -#include -#include -#include -#include -#include -#include - -#include -#include -#include - -#include "crypto_internal.h" -#include "crypto_local.h" -#include "x86_arch.h" - -/* Machine independent capabilities. */ -uint64_t crypto_cpu_caps; - -static void (*locking_callback)(int mode, int type, - const char *file, int line) = NULL; -static int (*add_lock_callback)(int *pointer, int amount, - int type, const char *file, int line) = NULL; - -int -CRYPTO_num_locks(void) -{ - return 1; -} -LCRYPTO_ALIAS(CRYPTO_num_locks); - -unsigned long -(*CRYPTO_get_id_callback(void))(void) -{ - return NULL; -} -LCRYPTO_ALIAS(CRYPTO_get_id_callback); - -void -CRYPTO_set_id_callback(unsigned long (*func)(void)) -{ - return; -} -LCRYPTO_ALIAS(CRYPTO_set_id_callback); - -unsigned long -CRYPTO_thread_id(void) -{ - return (unsigned long)pthread_self(); -} -LCRYPTO_ALIAS(CRYPTO_thread_id); - -void -CRYPTO_set_locking_callback(void (*func)(int mode, int lock_num, - const char *file, int line)) -{ - locking_callback = func; -} -LCRYPTO_ALIAS(CRYPTO_set_locking_callback); - -void -(*CRYPTO_get_locking_callback(void))(int mode, int lock_num, - const char *file, int line) -{ - return locking_callback; -} -LCRYPTO_ALIAS(CRYPTO_get_locking_callback); - -void -CRYPTO_set_add_lock_callback(int (*func)(int *num, int mount, int lock_num, - const char *file, int line)) -{ - add_lock_callback = func; -} -LCRYPTO_ALIAS(CRYPTO_set_add_lock_callback); - -int -(*CRYPTO_get_add_lock_callback(void))(int *num, int mount, int type, - const char *file, int line) -{ - return add_lock_callback; -} -LCRYPTO_ALIAS(CRYPTO_get_add_lock_callback); - -const char * -CRYPTO_get_lock_name(int lock_num) -{ - return ""; -} -LCRYPTO_ALIAS(CRYPTO_get_lock_name); - -struct CRYPTO_dynlock_value * -CRYPTO_get_dynlock_value(int i) -{ - return NULL; -} -LCRYPTO_ALIAS(CRYPTO_get_dynlock_value); - -int -CRYPTO_get_new_dynlockid(void) -{ - return 0; -} -LCRYPTO_ALIAS(CRYPTO_get_new_dynlockid); - -void -CRYPTO_destroy_dynlockid(int i) -{ - return; -} -LCRYPTO_ALIAS(CRYPTO_destroy_dynlockid); - -int CRYPTO_get_new_lockid(char *name) -{ - return 0; -} -LCRYPTO_ALIAS(CRYPTO_get_new_lockid); - -int -CRYPTO_THREADID_set_callback(void (*func)(CRYPTO_THREADID *)) -{ - return 1; -} -LCRYPTO_ALIAS(CRYPTO_THREADID_set_callback); - -void -(*CRYPTO_THREADID_get_callback(void))(CRYPTO_THREADID *) -{ - return NULL; -} -LCRYPTO_ALIAS(CRYPTO_THREADID_get_callback); - -void -CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val) -{ - return; -} -LCRYPTO_ALIAS(CRYPTO_THREADID_set_numeric); - -void -CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr) -{ - return; -} -LCRYPTO_ALIAS(CRYPTO_THREADID_set_pointer); - -void -CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *( - *dyn_create_function)(const char *file, int line)) -{ - return; -} -LCRYPTO_ALIAS(CRYPTO_set_dynlock_create_callback); - -void -CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)( - int mode, struct CRYPTO_dynlock_value *l, const char *file, int line)) -{ - return; -} -LCRYPTO_ALIAS(CRYPTO_set_dynlock_lock_callback); - -void -CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)( - struct CRYPTO_dynlock_value *l, const char *file, int line)) -{ - return; -} -LCRYPTO_ALIAS(CRYPTO_set_dynlock_destroy_callback); - -struct CRYPTO_dynlock_value * -(*CRYPTO_get_dynlock_create_callback(void))(const char *file, int line) -{ - return NULL; -} -LCRYPTO_ALIAS(CRYPTO_get_dynlock_create_callback); - -void -(*CRYPTO_get_dynlock_lock_callback(void))(int mode, - struct CRYPTO_dynlock_value *l, const char *file, int line) -{ - return NULL; -} -LCRYPTO_ALIAS(CRYPTO_get_dynlock_lock_callback); - -void -(*CRYPTO_get_dynlock_destroy_callback(void))( - struct CRYPTO_dynlock_value *l, const char *file, int line) -{ - return NULL; -} -LCRYPTO_ALIAS(CRYPTO_get_dynlock_destroy_callback); - -#if !defined(OPENSSL_CPUID_SETUP) && !defined(OPENSSL_CPUID_OBJ) -void -OPENSSL_cpuid_setup(void) -{ -} -#endif - -#ifndef HAVE_CRYPTO_CPU_CAPS_INIT -void -crypto_cpu_caps_init(void) -{ - OPENSSL_cpuid_setup(); -} -#endif - -#ifndef HAVE_CRYPTO_CPU_CAPS_IA32 -uint64_t -crypto_cpu_caps_ia32(void) -{ - return 0; -} -#endif - -uint64_t -OPENSSL_cpu_caps(void) -{ - return crypto_cpu_caps; -} -LCRYPTO_ALIAS(OPENSSL_cpu_caps); - -static void -OPENSSL_showfatal(const char *fmta, ...) -{ - struct syslog_data sdata = SYSLOG_DATA_INIT; - va_list ap; - - va_start(ap, fmta); - vsyslog_r(LOG_CONS|LOG_LOCAL2, &sdata, fmta, ap); - va_end(ap); -} - -void -OpenSSLDie(const char *file, int line, const char *assertion) -{ - OPENSSL_showfatal( - "uid %u cmd %s %s(%d): OpenSSL internal error, assertion failed: %s\n", - getuid(), getprogname(), file, line, assertion); - _exit(1); -} -LCRYPTO_ALIAS(OpenSSLDie); - -int -CRYPTO_mem_ctrl(int mode) -{ - return CRYPTO_MEM_CHECK_OFF; -} -LCRYPTO_ALIAS(CRYPTO_mem_ctrl); - -int -CRYPTO_memcmp(const void *in_a, const void *in_b, size_t len) -{ - size_t i; - const unsigned char *a = in_a; - const unsigned char *b = in_b; - unsigned char x = 0; - - for (i = 0; i < len; i++) - x |= a[i] ^ b[i]; - - return x; -} -LCRYPTO_ALIAS(CRYPTO_memcmp); - -int -FIPS_mode(void) -{ - return 0; -} -LCRYPTO_ALIAS(FIPS_mode); - -int -FIPS_mode_set(int r) -{ - if (r == 0) - return 1; - CRYPTOerror(CRYPTO_R_FIPS_MODE_NOT_SUPPORTED); - return 0; -} -LCRYPTO_ALIAS(FIPS_mode_set); - -const char * -SSLeay_version(int t) -{ - switch (t) { - case SSLEAY_VERSION: - return OPENSSL_VERSION_TEXT; - case SSLEAY_BUILT_ON: - return "built on: date not available"; - case SSLEAY_CFLAGS: - return "compiler: information not available"; - case SSLEAY_PLATFORM: - return "platform: information not available"; - case SSLEAY_DIR: - return "OPENSSLDIR: \"" OPENSSLDIR "\""; - } - return "not available"; -} -LCRYPTO_ALIAS(SSLeay_version); - -unsigned long -SSLeay(void) -{ - return SSLEAY_VERSION_NUMBER; -} -LCRYPTO_ALIAS(SSLeay); - -const char * -OpenSSL_version(int t) -{ - switch (t) { - case OPENSSL_VERSION: - return OPENSSL_VERSION_TEXT; - case OPENSSL_BUILT_ON: - return "built on: date not available"; - case OPENSSL_CFLAGS: - return "compiler: information not available"; - case OPENSSL_PLATFORM: - return "platform: information not available"; - case OPENSSL_DIR: - return "OPENSSLDIR: \"" OPENSSLDIR "\""; - case OPENSSL_ENGINES_DIR: - return "ENGINESDIR: N/A"; - } - return "not available"; -} -LCRYPTO_ALIAS(OpenSSL_version); - -unsigned long -OpenSSL_version_num(void) -{ - return SSLeay(); -} -LCRYPTO_ALIAS(OpenSSL_version_num); diff --git a/src/lib/libcrypto/crypto_local.h b/src/lib/libcrypto/crypto_local.h deleted file mode 100644 index 2b4c74552f..0000000000 --- a/src/lib/libcrypto/crypto_local.h +++ /dev/null @@ -1,84 +0,0 @@ -/* $OpenBSD: crypto_local.h,v 1.4 2024/11/05 10:11:58 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_CRYPTO_LOCAL_H -#define HEADER_CRYPTO_LOCAL_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#define X509_CERT_AREA OPENSSLDIR -#define X509_CERT_DIR OPENSSLDIR "/certs" -#define X509_CERT_FILE OPENSSLDIR "/cert.pem" -#define X509_PRIVATE_DIR OPENSSLDIR "/private" -#define X509_CERT_DIR_EVP "SSL_CERT_DIR" -#define X509_CERT_FILE_EVP "SSL_CERT_FILE" - -#define CTLOG_FILE OPENSSLDIR "/ct_log_list.cnf" -#define CTLOG_FILE_EVP "CTLOG_FILE" - -void OPENSSL_cpuid_setup(void); - -#ifdef __cplusplus -} -#endif - -#endif /* HEADER_CRYPTO_LOCAL_H */ diff --git a/src/lib/libcrypto/crypto_lock.c b/src/lib/libcrypto/crypto_lock.c deleted file mode 100644 index 59c3933c7d..0000000000 --- a/src/lib/libcrypto/crypto_lock.c +++ /dev/null @@ -1,96 +0,0 @@ -/* $OpenBSD: crypto_lock.c,v 1.6 2023/07/08 08:28:23 beck Exp $ */ -/* - * Copyright (c) 2018 Brent Cook - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include - -#include "crypto_internal.h" - -static pthread_mutex_t locks[] = { - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, - PTHREAD_MUTEX_INITIALIZER, -}; - -CTASSERT((sizeof(locks) / sizeof(*locks)) == CRYPTO_NUM_LOCKS); - -void -CRYPTO_lock(int mode, int type, const char *file, int line) -{ - if (type < 0 || type >= CRYPTO_NUM_LOCKS) - return; - - if (mode & CRYPTO_LOCK) - (void) pthread_mutex_lock(&locks[type]); - else if (mode & CRYPTO_UNLOCK) - (void) pthread_mutex_unlock(&locks[type]); -} -LCRYPTO_ALIAS(CRYPTO_lock); - -int -CRYPTO_add_lock(int *pointer, int amount, int type, const char *file, - int line) -{ - int ret; - - CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE, type, file, line); - ret = *pointer + amount; - *pointer = ret; - CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE, type, file, line); - - return (ret); -} -LCRYPTO_ALIAS(CRYPTO_add_lock); diff --git a/src/lib/libcrypto/crypto_memory.c b/src/lib/libcrypto/crypto_memory.c deleted file mode 100644 index 8c7bb5fe16..0000000000 --- a/src/lib/libcrypto/crypto_memory.c +++ /dev/null @@ -1,59 +0,0 @@ -/* $OpenBSD: crypto_memory.c,v 1.4 2025/03/09 15:29:56 tb Exp $ */ -/* - * Copyright (c) 2014 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include -#include - -#include - -void -OPENSSL_cleanse(void *ptr, size_t len) -{ - explicit_bzero(ptr, len); -} -LCRYPTO_ALIAS(OPENSSL_cleanse); - -int -CRYPTO_set_mem_functions(void *(*m)(size_t, const char *, int), - void *(*r)(void *, size_t, const char *, int), - void (*f)(void *, const char *, int)) -{ - return 0; -} -LCRYPTO_ALIAS(CRYPTO_set_mem_functions); - -void * -CRYPTO_malloc(size_t num, const char *file, int line) -{ - return malloc(num); -} -LCRYPTO_ALIAS(CRYPTO_malloc); - -char * -CRYPTO_strdup(const char *str, const char *file, int line) -{ - return strdup(str); -} -LCRYPTO_ALIAS(CRYPTO_strdup); - -void -CRYPTO_free(void *ptr, const char *file, int line) -{ - free(ptr); -} -LCRYPTO_ALIAS(CRYPTO_free); diff --git a/src/lib/libcrypto/ct/ct.h b/src/lib/libcrypto/ct/ct.h deleted file mode 100644 index db5cf28b48..0000000000 --- a/src/lib/libcrypto/ct/ct.h +++ /dev/null @@ -1,567 +0,0 @@ -/* $OpenBSD: ct.h,v 1.8 2024/08/08 23:50:29 tb Exp $ */ -/* - * Public API for Certificate Transparency (CT). - * Written by Rob Percival (robpercival@google.com) for the OpenSSL project. - */ -/* ==================================================================== - * Copyright (c) 2016 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#ifndef HEADER_CT_H -#define HEADER_CT_H - -#include - -#ifndef OPENSSL_NO_CT -#include -#include -#include -#ifdef __cplusplus -extern "C" { -#endif - -/* Minimum RSA key size, from RFC6962 */ -#define SCT_MIN_RSA_BITS 2048 - -/* All hashes are SHA256 in v1 of Certificate Transparency */ -#define CT_V1_HASHLEN SHA256_DIGEST_LENGTH - -typedef enum { - CT_LOG_ENTRY_TYPE_NOT_SET = -1, - CT_LOG_ENTRY_TYPE_X509 = 0, - CT_LOG_ENTRY_TYPE_PRECERT = 1 -} ct_log_entry_type_t; - -typedef enum { - SCT_VERSION_NOT_SET = -1, - SCT_VERSION_V1 = 0 -} sct_version_t; - -typedef enum { - SCT_SOURCE_UNKNOWN, - SCT_SOURCE_TLS_EXTENSION, - SCT_SOURCE_X509V3_EXTENSION, - SCT_SOURCE_OCSP_STAPLED_RESPONSE -} sct_source_t; - -typedef enum { - SCT_VALIDATION_STATUS_NOT_SET, - SCT_VALIDATION_STATUS_UNKNOWN_LOG, - SCT_VALIDATION_STATUS_VALID, - SCT_VALIDATION_STATUS_INVALID, - SCT_VALIDATION_STATUS_UNVERIFIED, - SCT_VALIDATION_STATUS_UNKNOWN_VERSION -} sct_validation_status_t; - -DECLARE_STACK_OF(SCT) -DECLARE_STACK_OF(CTLOG) - -/****************************************** - * CT policy evaluation context functions * - ******************************************/ - -/* - * Creates a new, empty policy evaluation context. - * The caller is responsible for calling CT_POLICY_EVAL_CTX_free when finished - * with the CT_POLICY_EVAL_CTX. - */ -CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void); - -/* Deletes a policy evaluation context and anything it owns. */ -void CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx); - -/* Gets the peer certificate that the SCTs are for */ -X509 *CT_POLICY_EVAL_CTX_get0_cert(const CT_POLICY_EVAL_CTX *ctx); - -/* - * Sets the certificate associated with the received SCTs. - * Increments the reference count of cert. - * Returns 1 on success, 0 otherwise. - */ -int CT_POLICY_EVAL_CTX_set1_cert(CT_POLICY_EVAL_CTX *ctx, X509 *cert); - -/* Gets the issuer of the aforementioned certificate */ -X509 *CT_POLICY_EVAL_CTX_get0_issuer(const CT_POLICY_EVAL_CTX *ctx); - -/* - * Sets the issuer of the certificate associated with the received SCTs. - * Increments the reference count of issuer. - * Returns 1 on success, 0 otherwise. - */ -int CT_POLICY_EVAL_CTX_set1_issuer(CT_POLICY_EVAL_CTX *ctx, X509 *issuer); - -/* Gets the CT logs that are trusted sources of SCTs */ -const CTLOG_STORE *CT_POLICY_EVAL_CTX_get0_log_store(const CT_POLICY_EVAL_CTX *ctx); - -/* Sets the log store that is in use. It must outlive the CT_POLICY_EVAL_CTX. */ -void CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE(CT_POLICY_EVAL_CTX *ctx, - CTLOG_STORE *log_store); - -/* - * Gets the time, in milliseconds since the Unix epoch, that will be used as the - * current time when checking whether an SCT was issued in the future. - * Such SCTs will fail validation, as required by RFC6962. - */ -uint64_t CT_POLICY_EVAL_CTX_get_time(const CT_POLICY_EVAL_CTX *ctx); - -/* - * Sets the time to evaluate SCTs against, in milliseconds since the Unix epoch. - * If an SCT's timestamp is after this time, it will be interpreted as having - * been issued in the future. RFC6962 states that "TLS clients MUST reject SCTs - * whose timestamp is in the future", so an SCT will not validate in this case. - */ -void CT_POLICY_EVAL_CTX_set_time(CT_POLICY_EVAL_CTX *ctx, uint64_t time_in_ms); - -/***************** - * SCT functions * - *****************/ - -/* - * Creates a new, blank SCT. - * The caller is responsible for calling SCT_free when finished with the SCT. - */ -SCT *SCT_new(void); - -/* - * Creates a new SCT from some base64-encoded strings. - * The caller is responsible for calling SCT_free when finished with the SCT. - */ -SCT *SCT_new_from_base64(unsigned char version, const char *logid_base64, - ct_log_entry_type_t entry_type, uint64_t timestamp, - const char *extensions_base64, const char *signature_base64); - -/* - * Frees the SCT and the underlying data structures. - */ -void SCT_free(SCT *sct); - -/* - * Free a stack of SCTs, and the underlying SCTs themselves. - * Intended to be compatible with X509V3_EXT_FREE. - */ -void SCT_LIST_free(STACK_OF(SCT) *a); - -/* - * Returns the version of the SCT. - */ -sct_version_t SCT_get_version(const SCT *sct); - -/* - * Set the version of an SCT. - * Returns 1 on success, 0 if the version is unrecognized. - */ -int SCT_set_version(SCT *sct, sct_version_t version); - -/* - * Returns the log entry type of the SCT. - */ -ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct); - -/* - * Set the log entry type of an SCT. - * Returns 1 on success, 0 otherwise. - */ -int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type); - -/* - * Gets the ID of the log that an SCT came from. - * Ownership of the log ID remains with the SCT. - * Returns the length of the log ID. - */ -size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id); - -/* - * Set the log ID of an SCT to point directly to the *log_id specified. - * The SCT takes ownership of the specified pointer. - * Returns 1 on success, 0 otherwise. - */ -int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len); - -/* - * Set the log ID of an SCT. - * This makes a copy of the log_id. - * Returns 1 on success, 0 otherwise. - */ -int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, - size_t log_id_len); - -/* - * Returns the timestamp for the SCT (epoch time in milliseconds). - */ -uint64_t SCT_get_timestamp(const SCT *sct); - -/* - * Set the timestamp of an SCT (epoch time in milliseconds). - */ -void SCT_set_timestamp(SCT *sct, uint64_t timestamp); - -/* - * Return the NID for the signature used by the SCT. - * For CT v1, this will be either NID_sha256WithRSAEncryption or - * NID_ecdsa_with_SHA256 (or NID_undef if incorrect/unset). - */ -int SCT_get_signature_nid(const SCT *sct); - -/* - * Set the signature type of an SCT - * For CT v1, this should be either NID_sha256WithRSAEncryption or - * NID_ecdsa_with_SHA256. - * Returns 1 on success, 0 otherwise. - */ -int SCT_set_signature_nid(SCT *sct, int nid); - -/* - * Set *ext to point to the extension data for the SCT. ext must not be NULL. - * The SCT retains ownership of this pointer. - * Returns length of the data pointed to. - */ -size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext); - -/* - * Set the extensions of an SCT to point directly to the *ext specified. - * The SCT takes ownership of the specified pointer. - */ -void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len); - -/* - * Set the extensions of an SCT. - * This takes a copy of the ext. - * Returns 1 on success, 0 otherwise. - */ -int SCT_set1_extensions(SCT *sct, const unsigned char *ext, - size_t ext_len); - -/* - * Set *sig to point to the signature for the SCT. sig must not be NULL. - * The SCT retains ownership of this pointer. - * Returns length of the data pointed to. - */ -size_t SCT_get0_signature(const SCT *sct, unsigned char **sig); - -/* - * Set the signature of an SCT to point directly to the *sig specified. - * The SCT takes ownership of the specified pointer. - */ -void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len); - -/* - * Set the signature of an SCT to be a copy of the *sig specified. - * Returns 1 on success, 0 otherwise. - */ -int SCT_set1_signature(SCT *sct, const unsigned char *sig, - size_t sig_len); - -/* - * The origin of this SCT, e.g. TLS extension, OCSP response, etc. - */ -sct_source_t SCT_get_source(const SCT *sct); - -/* - * Set the origin of this SCT, e.g. TLS extension, OCSP response, etc. - * Returns 1 on success, 0 otherwise. - */ -int SCT_set_source(SCT *sct, sct_source_t source); - -/* - * Returns a text string describing the validation status of |sct|. - */ -const char *SCT_validation_status_string(const SCT *sct); - -/* - * Pretty-prints an |sct| to |out|. - * It will be indented by the number of spaces specified by |indent|. - * If |logs| is not NULL, it will be used to lookup the CT log that the SCT came - * from, so that the log name can be printed. - */ -void SCT_print(const SCT *sct, BIO *out, int indent, const CTLOG_STORE *logs); - -/* - * Pretty-prints an |sct_list| to |out|. - * It will be indented by the number of spaces specified by |indent|. - * SCTs will be delimited by |separator|. - * If |logs| is not NULL, it will be used to lookup the CT log that each SCT - * came from, so that the log names can be printed. - */ -void SCT_LIST_print(const STACK_OF(SCT) *sct_list, BIO *out, int indent, - const char *separator, const CTLOG_STORE *logs); - -/* - * Gets the last result of validating this SCT. - * If it has not been validated yet, returns SCT_VALIDATION_STATUS_NOT_SET. - */ -sct_validation_status_t SCT_get_validation_status(const SCT *sct); - -/* - * Validates the given SCT with the provided context. - * Sets the "validation_status" field of the SCT. - * Returns 1 if the SCT is valid and the signature verifies. - * Returns 0 if the SCT is invalid or could not be verified. - * Returns -1 if an error occurs. - */ -int SCT_validate(SCT *sct, const CT_POLICY_EVAL_CTX *ctx); - -/* - * Validates the given list of SCTs with the provided context. - * Sets the "validation_status" field of each SCT. - * Returns 1 if there are no invalid SCTs and all signatures verify. - * Returns 0 if at least one SCT is invalid or could not be verified. - * Returns a negative integer if an error occurs. - */ -int SCT_LIST_validate(const STACK_OF(SCT) *scts, - CT_POLICY_EVAL_CTX *ctx); - - -/********************************* - * SCT parsing and serialisation * - *********************************/ - -/* - * Serialize (to TLS format) a stack of SCTs and return the length. - * "a" must not be NULL. - * If "pp" is NULL, just return the length of what would have been serialized. - * If "pp" is not NULL and "*pp" is null, function will allocate a new pointer - * for data that caller is responsible for freeing (only if function returns - * successfully). - * If "pp" is NULL and "*pp" is not NULL, caller is responsible for ensuring - * that "*pp" is large enough to accept all of the serialized data. - * Returns < 0 on error, >= 0 indicating bytes written (or would have been) - * on success. - */ -int i2o_SCT_LIST(const STACK_OF(SCT) *a, unsigned char **pp); - -/* - * Convert TLS format SCT list to a stack of SCTs. - * If "a" or "*a" is NULL, a new stack will be created that the caller is - * responsible for freeing (by calling SCT_LIST_free). - * "**pp" and "*pp" must not be NULL. - * Upon success, "*pp" will point to after the last bytes read, and a stack - * will be returned. - * Upon failure, a NULL pointer will be returned, and the position of "*pp" is - * not defined. - */ -STACK_OF(SCT) *o2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp, - size_t len); - -/* - * Serialize (to DER format) a stack of SCTs and return the length. - * "a" must not be NULL. - * If "pp" is NULL, just returns the length of what would have been serialized. - * If "pp" is not NULL and "*pp" is null, function will allocate a new pointer - * for data that caller is responsible for freeing (only if function returns - * successfully). - * If "pp" is NULL and "*pp" is not NULL, caller is responsible for ensuring - * that "*pp" is large enough to accept all of the serialized data. - * Returns < 0 on error, >= 0 indicating bytes written (or would have been) - * on success. - */ -int i2d_SCT_LIST(const STACK_OF(SCT) *a, unsigned char **pp); - -/* - * Parses an SCT list in DER format and returns it. - * If "a" or "*a" is NULL, a new stack will be created that the caller is - * responsible for freeing (by calling SCT_LIST_free). - * "**pp" and "*pp" must not be NULL. - * Upon success, "*pp" will point to after the last bytes read, and a stack - * will be returned. - * Upon failure, a NULL pointer will be returned, and the position of "*pp" is - * not defined. - */ -STACK_OF(SCT) *d2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp, - long len); - -/* - * Serialize (to TLS format) an |sct| and write it to |out|. - * If |out| is null, no SCT will be output but the length will still be returned. - * If |out| points to a null pointer, a string will be allocated to hold the - * TLS-format SCT. It is the responsibility of the caller to free it. - * If |out| points to an allocated string, the TLS-format SCT will be written - * to it. - * The length of the SCT in TLS format will be returned. - */ -int i2o_SCT(const SCT *sct, unsigned char **out); - -/* - * Parses an SCT in TLS format and returns it. - * If |psct| is not null, it will end up pointing to the parsed SCT. If it - * already points to a non-null pointer, the pointer will be free'd. - * |in| should be a pointer to a string containing the TLS-format SCT. - * |in| will be advanced to the end of the SCT if parsing succeeds. - * |len| should be the length of the SCT in |in|. - * Returns NULL if an error occurs. - * If the SCT is an unsupported version, only the SCT's 'sct' and 'sct_len' - * fields will be populated (with |in| and |len| respectively). - */ -SCT *o2i_SCT(SCT **psct, const unsigned char **in, size_t len); - -/******************** - * CT log functions * - ********************/ - -/* - * Creates a new CT log instance with the given |public_key| and |name|. - * Takes ownership of |public_key| but copies |name|. - * Returns NULL if malloc fails or if |public_key| cannot be converted to DER. - * Should be deleted by the caller using CTLOG_free when no longer needed. - */ -CTLOG *CTLOG_new(EVP_PKEY *public_key, const char *name); - -/* - * Creates a new CTLOG instance with the base64-encoded SubjectPublicKeyInfo DER - * in |pkey_base64|. The |name| is a string to help users identify this log. - * Returns 1 on success, 0 on failure. - * Should be deleted by the caller using CTLOG_free when no longer needed. - */ -int CTLOG_new_from_base64(CTLOG **ct_log, const char *pkey_base64, - const char *name); - -/* - * Deletes a CT log instance and its fields. - */ -void CTLOG_free(CTLOG *log); - -/* Gets the name of the CT log */ -const char *CTLOG_get0_name(const CTLOG *log); -/* Gets the ID of the CT log */ -void CTLOG_get0_log_id(const CTLOG *log, const uint8_t **log_id, - size_t *log_id_len); -/* Gets the public key of the CT log */ -EVP_PKEY *CTLOG_get0_public_key(const CTLOG *log); - -/************************** - * CT log store functions * - **************************/ - -/* - * Creates a new CT log store. - * Should be deleted by the caller using CTLOG_STORE_free when no longer needed. - */ -CTLOG_STORE *CTLOG_STORE_new(void); - -/* - * Deletes a CT log store and all of the CT log instances held within. - */ -void CTLOG_STORE_free(CTLOG_STORE *store); - -/* - * Finds a CT log in the store based on its log ID. - * Returns the CT log, or NULL if no match is found. - */ -const CTLOG *CTLOG_STORE_get0_log_by_id(const CTLOG_STORE *store, - const uint8_t *log_id, size_t log_id_len); - -/* - * Loads a CT log list into a |store| from a |file|. - * Returns 1 if loading is successful, or 0 otherwise. - */ -int CTLOG_STORE_load_file(CTLOG_STORE *store, const char *file); - -/* - * Loads the default CT log list into a |store|. - * Returns 1 if loading is successful, or 0 otherwise. - */ -int CTLOG_STORE_load_default_file(CTLOG_STORE *store); - -int ERR_load_CT_strings(void); - -/* - * CT function codes. - */ -# define CT_F_CTLOG_NEW 117 -# define CT_F_CTLOG_NEW_FROM_BASE64 118 -# define CT_F_CTLOG_NEW_FROM_CONF 119 -# define CT_F_CTLOG_STORE_LOAD_CTX_NEW 122 -# define CT_F_CTLOG_STORE_LOAD_FILE 123 -# define CT_F_CTLOG_STORE_LOAD_LOG 130 -# define CT_F_CTLOG_STORE_NEW 131 -# define CT_F_CT_BASE64_DECODE 124 -# define CT_F_CT_POLICY_EVAL_CTX_NEW 133 -# define CT_F_CT_V1_LOG_ID_FROM_PKEY 125 -# define CT_F_I2O_SCT 107 -# define CT_F_I2O_SCT_LIST 108 -# define CT_F_I2O_SCT_SIGNATURE 109 -# define CT_F_O2I_SCT 110 -# define CT_F_O2I_SCT_LIST 111 -# define CT_F_O2I_SCT_SIGNATURE 112 -# define CT_F_SCT_CTX_NEW 126 -# define CT_F_SCT_CTX_VERIFY 128 -# define CT_F_SCT_NEW 100 -# define CT_F_SCT_NEW_FROM_BASE64 127 -# define CT_F_SCT_SET0_LOG_ID 101 -# define CT_F_SCT_SET1_EXTENSIONS 114 -# define CT_F_SCT_SET1_LOG_ID 115 -# define CT_F_SCT_SET1_SIGNATURE 116 -# define CT_F_SCT_SET_LOG_ENTRY_TYPE 102 -# define CT_F_SCT_SET_SIGNATURE_NID 103 -# define CT_F_SCT_SET_VERSION 104 - -/* - * CT reason codes. - */ -# define CT_R_BASE64_DECODE_ERROR 108 -# define CT_R_INVALID_LOG_ID_LENGTH 100 -# define CT_R_LOG_CONF_INVALID 109 -# define CT_R_LOG_CONF_INVALID_KEY 110 -# define CT_R_LOG_CONF_MISSING_DESCRIPTION 111 -# define CT_R_LOG_CONF_MISSING_KEY 112 -# define CT_R_LOG_KEY_INVALID 113 -# define CT_R_SCT_FUTURE_TIMESTAMP 116 -# define CT_R_SCT_INVALID 104 -# define CT_R_SCT_INVALID_SIGNATURE 107 -# define CT_R_SCT_LIST_INVALID 105 -# define CT_R_SCT_LOG_ID_MISMATCH 114 -# define CT_R_SCT_NOT_SET 106 -# define CT_R_SCT_UNSUPPORTED_VERSION 115 -# define CT_R_UNRECOGNIZED_SIGNATURE_NID 101 -# define CT_R_UNSUPPORTED_ENTRY_TYPE 102 -# define CT_R_UNSUPPORTED_VERSION 103 - -#ifdef __cplusplus -} -#endif -#endif -#endif diff --git a/src/lib/libcrypto/ct/ct_b64.c b/src/lib/libcrypto/ct/ct_b64.c deleted file mode 100644 index 101cd1e2b1..0000000000 --- a/src/lib/libcrypto/ct/ct_b64.c +++ /dev/null @@ -1,226 +0,0 @@ -/* $OpenBSD: ct_b64.c,v 1.7 2023/07/08 07:22:58 beck Exp $ */ -/* - * Written by Rob Stradling (rob@comodo.com) and Stephen Henson - * (steve@openssl.org) for the OpenSSL project 2014. - */ -/* ==================================================================== - * Copyright (c) 2014 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include - -#include "bytestring.h" -#include "ct_local.h" - -/* - * Decodes the base64 string |in| into |out|. - * A new string will be malloc'd and assigned to |out|. This will be owned by - * the caller. Do not provide a pre-allocated string in |out|. - */ -static int -ct_base64_decode(const char *in, unsigned char **out) -{ - size_t inlen = strlen(in); - int outlen, i; - unsigned char *outbuf = NULL; - - if (inlen == 0) { - *out = NULL; - return 0; - } - - outlen = (inlen / 4) * 3; - outbuf = malloc(outlen); - if (outbuf == NULL) { - CTerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - outlen = EVP_DecodeBlock(outbuf, (unsigned char *)in, inlen); - if (outlen < 0) { - CTerror(CT_R_BASE64_DECODE_ERROR); - goto err; - } - - /* - * Subtract padding bytes from |outlen|. - * Any more than 2 is malformed. - */ - i = 0; - while (in[--inlen] == '=') { - --outlen; - if (++i > 2) - goto err; - } - - *out = outbuf; - return outlen; - err: - free(outbuf); - return -1; -} - -SCT * -SCT_new_from_base64(unsigned char version, const char *logid_base64, - ct_log_entry_type_t entry_type, uint64_t timestamp, - const char *extensions_base64, const char *signature_base64) -{ - unsigned char *dec = NULL; - int declen; - SCT *sct; - CBS cbs; - - if ((sct = SCT_new()) == NULL) { - CTerror(ERR_R_MALLOC_FAILURE); - return NULL; - } - - /* - * RFC6962 section 4.1 says we "MUST NOT expect this to be 0", but we - * can only construct SCT versions that have been defined. - */ - if (!SCT_set_version(sct, version)) { - CTerror(CT_R_SCT_UNSUPPORTED_VERSION); - goto err; - } - - declen = ct_base64_decode(logid_base64, &dec); - if (declen < 0) { - CTerror(X509_R_BASE64_DECODE_ERROR); - goto err; - } - if (!SCT_set0_log_id(sct, dec, declen)) - goto err; - dec = NULL; - - declen = ct_base64_decode(extensions_base64, &dec); - if (declen < 0) { - CTerror(X509_R_BASE64_DECODE_ERROR); - goto err; - } - SCT_set0_extensions(sct, dec, declen); - dec = NULL; - - declen = ct_base64_decode(signature_base64, &dec); - if (declen < 0) { - CTerror(X509_R_BASE64_DECODE_ERROR); - goto err; - } - - CBS_init(&cbs, dec, declen); - if (!o2i_SCT_signature(sct, &cbs)) - goto err; - free(dec); - dec = NULL; - - SCT_set_timestamp(sct, timestamp); - - if (!SCT_set_log_entry_type(sct, entry_type)) - goto err; - - return sct; - - err: - free(dec); - SCT_free(sct); - return NULL; -} -LCRYPTO_ALIAS(SCT_new_from_base64); - -/* - * Allocate, build and returns a new |ct_log| from input |pkey_base64| - * It returns 1 on success, - * 0 on decoding failure, or invalid parameter if any - * -1 on internal (malloc) failure - */ -int -CTLOG_new_from_base64(CTLOG **ct_log, const char *pkey_base64, const char *name) -{ - unsigned char *pkey_der = NULL; - int pkey_der_len; - const unsigned char *p; - EVP_PKEY *pkey = NULL; - - if (ct_log == NULL) { - CTerror(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - - pkey_der_len = ct_base64_decode(pkey_base64, &pkey_der); - if (pkey_der_len < 0) { - CTerror(CT_R_LOG_CONF_INVALID_KEY); - return 0; - } - - p = pkey_der; - pkey = d2i_PUBKEY(NULL, &p, pkey_der_len); - free(pkey_der); - if (pkey == NULL) { - CTerror(CT_R_LOG_CONF_INVALID_KEY); - return 0; - } - - *ct_log = CTLOG_new(pkey, name); - if (*ct_log == NULL) { - EVP_PKEY_free(pkey); - return 0; - } - - return 1; -} -LCRYPTO_ALIAS(CTLOG_new_from_base64); diff --git a/src/lib/libcrypto/ct/ct_err.c b/src/lib/libcrypto/ct/ct_err.c deleted file mode 100644 index 494f88b898..0000000000 --- a/src/lib/libcrypto/ct/ct_err.c +++ /dev/null @@ -1,149 +0,0 @@ -/* $OpenBSD: ct_err.c,v 1.8 2024/06/24 06:43:22 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include "err_local.h" - -#ifndef OPENSSL_NO_ERR - -static const ERR_STRING_DATA CT_str_functs[] = { - {ERR_PACK(ERR_LIB_CT, CT_F_CTLOG_NEW, 0), "CTLOG_new"}, - {ERR_PACK(ERR_LIB_CT, CT_F_CTLOG_NEW_FROM_BASE64, 0), - "CTLOG_new_from_base64"}, - {ERR_PACK(ERR_LIB_CT, CT_F_CTLOG_NEW_FROM_CONF, 0), - "ctlog_new_from_conf"}, - {ERR_PACK(ERR_LIB_CT, CT_F_CTLOG_STORE_LOAD_CTX_NEW, 0), - "ctlog_store_load_ctx_new"}, - {ERR_PACK(ERR_LIB_CT, CT_F_CTLOG_STORE_LOAD_FILE, 0), - "CTLOG_STORE_load_file"}, - {ERR_PACK(ERR_LIB_CT, CT_F_CTLOG_STORE_LOAD_LOG, 0), - "ctlog_store_load_log"}, - {ERR_PACK(ERR_LIB_CT, CT_F_CTLOG_STORE_NEW, 0), "CTLOG_STORE_new"}, - {ERR_PACK(ERR_LIB_CT, CT_F_CT_BASE64_DECODE, 0), "ct_base64_decode"}, - {ERR_PACK(ERR_LIB_CT, CT_F_CT_POLICY_EVAL_CTX_NEW, 0), - "CT_POLICY_EVAL_CTX_new"}, - {ERR_PACK(ERR_LIB_CT, CT_F_CT_V1_LOG_ID_FROM_PKEY, 0), - "ct_v1_log_id_from_pkey"}, - {ERR_PACK(ERR_LIB_CT, CT_F_I2O_SCT, 0), "i2o_SCT"}, - {ERR_PACK(ERR_LIB_CT, CT_F_I2O_SCT_LIST, 0), "i2o_SCT_LIST"}, - {ERR_PACK(ERR_LIB_CT, CT_F_I2O_SCT_SIGNATURE, 0), "i2o_SCT_signature"}, - {ERR_PACK(ERR_LIB_CT, CT_F_O2I_SCT, 0), "o2i_SCT"}, - {ERR_PACK(ERR_LIB_CT, CT_F_O2I_SCT_LIST, 0), "o2i_SCT_LIST"}, - {ERR_PACK(ERR_LIB_CT, CT_F_O2I_SCT_SIGNATURE, 0), "o2i_SCT_signature"}, - {ERR_PACK(ERR_LIB_CT, CT_F_SCT_CTX_NEW, 0), "SCT_CTX_new"}, - {ERR_PACK(ERR_LIB_CT, CT_F_SCT_CTX_VERIFY, 0), "SCT_CTX_verify"}, - {ERR_PACK(ERR_LIB_CT, CT_F_SCT_NEW, 0), "SCT_new"}, - {ERR_PACK(ERR_LIB_CT, CT_F_SCT_NEW_FROM_BASE64, 0), - "SCT_new_from_base64"}, - {ERR_PACK(ERR_LIB_CT, CT_F_SCT_SET0_LOG_ID, 0), "SCT_set0_log_id"}, - {ERR_PACK(ERR_LIB_CT, CT_F_SCT_SET1_EXTENSIONS, 0), - "SCT_set1_extensions"}, - {ERR_PACK(ERR_LIB_CT, CT_F_SCT_SET1_LOG_ID, 0), "SCT_set1_log_id"}, - {ERR_PACK(ERR_LIB_CT, CT_F_SCT_SET1_SIGNATURE, 0), - "SCT_set1_signature"}, - {ERR_PACK(ERR_LIB_CT, CT_F_SCT_SET_LOG_ENTRY_TYPE, 0), - "SCT_set_log_entry_type"}, - {ERR_PACK(ERR_LIB_CT, CT_F_SCT_SET_SIGNATURE_NID, 0), - "SCT_set_signature_nid"}, - {ERR_PACK(ERR_LIB_CT, CT_F_SCT_SET_VERSION, 0), "SCT_set_version"}, - {0, NULL} -}; - -static const ERR_STRING_DATA CT_str_reasons[] = { - {ERR_PACK(ERR_LIB_CT, 0, CT_R_BASE64_DECODE_ERROR), - "base64 decode error"}, - {ERR_PACK(ERR_LIB_CT, 0, CT_R_INVALID_LOG_ID_LENGTH), - "invalid log id length"}, - {ERR_PACK(ERR_LIB_CT, 0, CT_R_LOG_CONF_INVALID), "log conf invalid"}, - {ERR_PACK(ERR_LIB_CT, 0, CT_R_LOG_CONF_INVALID_KEY), - "log conf invalid key"}, - {ERR_PACK(ERR_LIB_CT, 0, CT_R_LOG_CONF_MISSING_DESCRIPTION), - "log conf missing description"}, - {ERR_PACK(ERR_LIB_CT, 0, CT_R_LOG_CONF_MISSING_KEY), - "log conf missing key"}, - {ERR_PACK(ERR_LIB_CT, 0, CT_R_LOG_KEY_INVALID), "log key invalid"}, - {ERR_PACK(ERR_LIB_CT, 0, CT_R_SCT_FUTURE_TIMESTAMP), - "sct future timestamp"}, - {ERR_PACK(ERR_LIB_CT, 0, CT_R_SCT_INVALID), "sct invalid"}, - {ERR_PACK(ERR_LIB_CT, 0, CT_R_SCT_INVALID_SIGNATURE), - "sct invalid signature"}, - {ERR_PACK(ERR_LIB_CT, 0, CT_R_SCT_LIST_INVALID), "sct list invalid"}, - {ERR_PACK(ERR_LIB_CT, 0, CT_R_SCT_LOG_ID_MISMATCH), - "sct log id mismatch"}, - {ERR_PACK(ERR_LIB_CT, 0, CT_R_SCT_NOT_SET), "sct not set"}, - {ERR_PACK(ERR_LIB_CT, 0, CT_R_SCT_UNSUPPORTED_VERSION), - "sct unsupported version"}, - {ERR_PACK(ERR_LIB_CT, 0, CT_R_UNRECOGNIZED_SIGNATURE_NID), - "unrecognized signature nid"}, - {ERR_PACK(ERR_LIB_CT, 0, CT_R_UNSUPPORTED_ENTRY_TYPE), - "unsupported entry type"}, - {ERR_PACK(ERR_LIB_CT, 0, CT_R_UNSUPPORTED_VERSION), - "unsupported version"}, - {0, NULL} -}; - -#endif - -int -ERR_load_CT_strings(void) -{ - if (ERR_func_error_string(CT_str_functs[0].error) == NULL) { - ERR_load_const_strings(CT_str_functs); - ERR_load_const_strings(CT_str_reasons); - } - return 1; -} diff --git a/src/lib/libcrypto/ct/ct_local.h b/src/lib/libcrypto/ct/ct_local.h deleted file mode 100644 index cd19ed096a..0000000000 --- a/src/lib/libcrypto/ct/ct_local.h +++ /dev/null @@ -1,260 +0,0 @@ -/* $OpenBSD: ct_local.h,v 1.8 2021/12/20 17:19:19 jsing Exp $ */ -/* - * Written by Rob Percival (robpercival@google.com) for the OpenSSL project. - */ -/* ==================================================================== - * Copyright (c) 2016 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include - -#include -#include -#include -#include -#include - -#include "bytestring.h" - -/* Number of bytes in an SCT v1 LogID - see RFC 6962 section 3.2. */ -#define CT_V1_LOG_ID_LEN 32 - -/* Maximum size of an SCT - see RFC 6962 section 3.3. */ -#define MAX_SCT_SIZE 65535 -#define MAX_SCT_LIST_SIZE MAX_SCT_SIZE - -/* - * Macros to write integers in network-byte order. - */ - -#define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \ - c[1]=(unsigned char)(((s) )&0xff)),c+=2) - -#define l2n3(l,c) ((c[0]=(unsigned char)(((l)>>16)&0xff), \ - c[1]=(unsigned char)(((l)>> 8)&0xff), \ - c[2]=(unsigned char)(((l) )&0xff)),c+=3) - -#define l2n8(l,c) (*((c)++)=(unsigned char)(((l)>>56)&0xff), \ - *((c)++)=(unsigned char)(((l)>>48)&0xff), \ - *((c)++)=(unsigned char)(((l)>>40)&0xff), \ - *((c)++)=(unsigned char)(((l)>>32)&0xff), \ - *((c)++)=(unsigned char)(((l)>>24)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16)&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ - *((c)++)=(unsigned char)(((l) )&0xff)) - -/* Signed Certificate Timestamp */ -struct sct_st { - sct_version_t version; - /* If version is not SCT_VERSION_V1, this contains the encoded SCT */ - unsigned char *sct; - size_t sct_len; - /* - * If version is SCT_VERSION_V1, fields below contain components of - * the SCT - */ - unsigned char *log_id; - size_t log_id_len; - /* - * Note, we cannot distinguish between an unset timestamp, and one - * that is set to 0. However since CT didn't exist in 1970, no real - * SCT should ever be set as such. - */ - uint64_t timestamp; - unsigned char *ext; - size_t ext_len; - unsigned char hash_alg; - unsigned char sig_alg; - unsigned char *sig; - size_t sig_len; - /* Log entry type */ - ct_log_entry_type_t entry_type; - /* Where this SCT was found, e.g. certificate, OCSP response, etc. */ - sct_source_t source; - /* The result of the last attempt to validate this SCT. */ - sct_validation_status_t validation_status; -}; - -/* Miscellaneous data that is useful when verifying an SCT */ -struct sct_ctx_st { - /* Public key */ - EVP_PKEY *pkey; - /* Hash of public key */ - unsigned char *pkeyhash; - size_t pkeyhashlen; - /* For pre-certificate: issuer public key hash */ - unsigned char *ihash; - size_t ihashlen; - /* certificate encoding */ - unsigned char *certder; - size_t certderlen; - /* pre-certificate encoding */ - unsigned char *preder; - size_t prederlen; - /* - * milliseconds since epoch (to check that the SCT isn't from the - * future) - */ - uint64_t epoch_time_in_ms; -}; - -/* Context when evaluating whether a Certificate Transparency policy is met */ -struct ct_policy_eval_ctx_st { - X509 *cert; - X509 *issuer; - CTLOG_STORE *log_store; - /* - * milliseconds since epoch (to check that the SCT isn't from the - * future) - */ - uint64_t epoch_time_in_ms; -}; - -/* - * Creates a new context for verifying an SCT. - */ -SCT_CTX *SCT_CTX_new(void); -/* - * Deletes an SCT verification context. - */ -void SCT_CTX_free(SCT_CTX *sctx); - -/* - * Sets the certificate that the SCT was created for. - * If *cert does not have a poison extension, presigner must be NULL. - * If *cert does not have a poison extension, it may have a single SCT - * (NID_ct_precert_scts) extension. - * If either *cert or *presigner have an AKID (NID_authority_key_identifier) - * extension, both must have one. - * Returns 1 on success, 0 on failure. - */ -int SCT_CTX_set1_cert(SCT_CTX *sctx, X509 *cert, X509 *presigner); - -/* - * Sets the issuer of the certificate that the SCT was created for. - * This is just a convenience method to save extracting the public key and - * calling SCT_CTX_set1_issuer_pubkey(). - * Issuer must not be NULL. - * Returns 1 on success, 0 on failure. - */ -int SCT_CTX_set1_issuer(SCT_CTX *sctx, const X509 *issuer); - -/* - * Sets the public key of the issuer of the certificate that the SCT was created - * for. - * The public key must not be NULL. - * Returns 1 on success, 0 on failure. - */ -int SCT_CTX_set1_issuer_pubkey(SCT_CTX *sctx, X509_PUBKEY *pubkey); - -/* - * Sets the public key of the CT log that the SCT is from. - * Returns 1 on success, 0 on failure. - */ -int SCT_CTX_set1_pubkey(SCT_CTX *sctx, X509_PUBKEY *pubkey); - -/* - * Sets the time to evaluate the SCT against, in milliseconds since the Unix - * epoch. If the SCT's timestamp is after this time, it will be interpreted as - * having been issued in the future. RFC6962 states that "TLS clients MUST - * reject SCTs whose timestamp is in the future", so an SCT will not validate - * in this case. - */ -void SCT_CTX_set_time(SCT_CTX *sctx, uint64_t time_in_ms); - -/* - * Verifies an SCT with the given context. - * Returns 1 if the SCT verifies successfully; any other value indicates - * failure. See EVP_DigestVerifyFinal() for the meaning of those values. - */ -int SCT_CTX_verify(const SCT_CTX *sctx, const SCT *sct); - -/* - * Does this SCT have the minimum fields populated to be usable? - * Returns 1 if so, 0 otherwise. - */ -int SCT_is_complete(const SCT *sct); - -/* - * Does this SCT have the signature-related fields populated? - * Returns 1 if so, 0 otherwise. - * This checks that the signature and hash algorithms are set to supported - * values and that the signature field is set. - */ -int SCT_signature_is_complete(const SCT *sct); - -/* - * TODO(RJPercival): Create an SCT_signature struct and make i2o_SCT_signature - * and o2i_SCT_signature conform to the i2d/d2i conventions. - */ - -/* - * Serialize (to TLS format) an |sct| signature and write it to |out|. - * If |out| is null, no signature will be output but the length will be returned. - * If |out| points to a null pointer, a string will be allocated to hold the - * TLS-format signature. It is the responsibility of the caller to free it. - * If |out| points to an allocated string, the signature will be written to it. - * The length of the signature in TLS format will be returned. - */ -int i2o_SCT_signature(const SCT *sct, unsigned char **out); - -/* - * Parses an SCT signature in TLS format and populates the |sct| with it. - * |in| should be a pointer to a string containing the TLS-format signature. - * |in| will be advanced to the end of the signature if parsing succeeds. - * |len| should be the length of the signature in |in|. - * Returns the number of bytes parsed, or a negative integer if an error occurs. - * If an error occurs, the SCT's signature NID may be updated whilst the - * signature field itself remains unset. - */ -int o2i_SCT_signature(SCT *sct, CBS *cbs); - -/* - * Handlers for Certificate Transparency X509v3/OCSP extensions - */ -extern const X509V3_EXT_METHOD v3_ct_scts[3]; diff --git a/src/lib/libcrypto/ct/ct_log.c b/src/lib/libcrypto/ct/ct_log.c deleted file mode 100644 index 72045477ac..0000000000 --- a/src/lib/libcrypto/ct/ct_log.c +++ /dev/null @@ -1,379 +0,0 @@ -/* $OpenBSD: ct_log.c,v 1.9 2024/11/05 09:35:40 tb Exp $ */ -/* Author: Adam Eijdenberg . */ -/* ==================================================================== - * Copyright (c) 1998-2016 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include - -#include "conf_local.h" -#include "crypto_local.h" - - -/* - * Information about a CT log server. - */ -struct ctlog_st { - char *name; - uint8_t log_id[CT_V1_HASHLEN]; - EVP_PKEY *public_key; -}; - -/* - * A store for multiple CTLOG instances. - * It takes ownership of any CTLOG instances added to it. - */ -struct ctlog_store_st { - STACK_OF(CTLOG) *logs; -}; - -/* The context when loading a CT log list from a CONF file. */ -typedef struct ctlog_store_load_ctx_st { - CTLOG_STORE *log_store; - CONF *conf; - size_t invalid_log_entries; -} CTLOG_STORE_LOAD_CTX; - -/* - * Creates an empty context for loading a CT log store. - * It should be populated before use. - */ -static CTLOG_STORE_LOAD_CTX *ctlog_store_load_ctx_new(void); - -/* - * Deletes a CT log store load context. - * Does not delete any of the fields. - */ -static void ctlog_store_load_ctx_free(CTLOG_STORE_LOAD_CTX *ctx); - -static CTLOG_STORE_LOAD_CTX * -ctlog_store_load_ctx_new(void) -{ - CTLOG_STORE_LOAD_CTX *ctx = calloc(1, sizeof(*ctx)); - - if (ctx == NULL) - CTerror(ERR_R_MALLOC_FAILURE); - - return ctx; -} - -static void -ctlog_store_load_ctx_free(CTLOG_STORE_LOAD_CTX *ctx) -{ - free(ctx); -} - -/* Converts a log's public key into a SHA256 log ID */ -static int -ct_v1_log_id_from_pkey(EVP_PKEY *pkey, unsigned char log_id[CT_V1_HASHLEN]) -{ - int ret = 0; - unsigned char *pkey_der = NULL; - int pkey_der_len = i2d_PUBKEY(pkey, &pkey_der); - - if (pkey_der_len <= 0) { - CTerror(CT_R_LOG_KEY_INVALID); - goto err; - } - - SHA256(pkey_der, pkey_der_len, log_id); - ret = 1; - err: - free(pkey_der); - return ret; -} - -CTLOG_STORE * -CTLOG_STORE_new(void) -{ - CTLOG_STORE *ret = calloc(1, sizeof(*ret)); - - if (ret == NULL) { - CTerror(ERR_R_MALLOC_FAILURE); - return NULL; - } - - ret->logs = sk_CTLOG_new_null(); - if (ret->logs == NULL) - goto err; - - return ret; - err: - free(ret); - return NULL; -} -LCRYPTO_ALIAS(CTLOG_STORE_new); - -void -CTLOG_STORE_free(CTLOG_STORE *store) -{ - if (store != NULL) { - sk_CTLOG_pop_free(store->logs, CTLOG_free); - free(store); - } -} -LCRYPTO_ALIAS(CTLOG_STORE_free); - -static int -ctlog_new_from_conf(CTLOG **ct_log, const CONF *conf, const char *section) -{ - const char *description = NCONF_get_string(conf, section, - "description"); - char *pkey_base64; - - if (description == NULL) { - CTerror(CT_R_LOG_CONF_MISSING_DESCRIPTION); - return 0; - } - - pkey_base64 = NCONF_get_string(conf, section, "key"); - if (pkey_base64 == NULL) { - CTerror(CT_R_LOG_CONF_MISSING_KEY); - return 0; - } - - return CTLOG_new_from_base64(ct_log, pkey_base64, description); -} - -int -CTLOG_STORE_load_default_file(CTLOG_STORE *store) -{ - return CTLOG_STORE_load_file(store, CTLOG_FILE); -} -LCRYPTO_ALIAS(CTLOG_STORE_load_default_file); - -/* - * Called by CONF_parse_list, which stops if this returns <= 0, - * Otherwise, one bad log entry would stop loading of any of - * the following log entries. - * It may stop parsing and returns -1 on any internal (malloc) error. - */ -static int -ctlog_store_load_log(const char *log_name, int log_name_len, void *arg) -{ - CTLOG_STORE_LOAD_CTX *load_ctx = arg; - CTLOG *ct_log = NULL; - /* log_name may not be null-terminated, so fix that before using it */ - char *tmp; - int ret = 0; - - /* log_name will be NULL for empty list entries */ - if (log_name == NULL) - return 1; - - tmp = strndup(log_name, log_name_len); - if (tmp == NULL) - goto mem_err; - - ret = ctlog_new_from_conf(&ct_log, load_ctx->conf, tmp); - free(tmp); - - if (ret < 0) { - /* Propagate any internal error */ - return ret; - } - if (ret == 0) { - /* If we can't load this log, record that fact and skip it */ - ++load_ctx->invalid_log_entries; - return 1; - } - - if (!sk_CTLOG_push(load_ctx->log_store->logs, ct_log)) { - goto mem_err; - } - return 1; - - mem_err: - CTLOG_free(ct_log); - CTerror(ERR_R_MALLOC_FAILURE); - return -1; -} - -int -CTLOG_STORE_load_file(CTLOG_STORE *store, const char *file) -{ - int ret = 0; - char *enabled_logs; - CTLOG_STORE_LOAD_CTX* load_ctx = ctlog_store_load_ctx_new(); - - if (load_ctx == NULL) - return 0; - load_ctx->log_store = store; - load_ctx->conf = NCONF_new(NULL); - if (load_ctx->conf == NULL) - goto end; - - if (NCONF_load(load_ctx->conf, file, NULL) <= 0) { - CTerror(CT_R_LOG_CONF_INVALID); - goto end; - } - - enabled_logs = NCONF_get_string(load_ctx->conf, NULL, "enabled_logs"); - if (enabled_logs == NULL) { - CTerror(CT_R_LOG_CONF_INVALID); - goto end; - } - - if (!CONF_parse_list(enabled_logs, ',', 1, ctlog_store_load_log, load_ctx) || - load_ctx->invalid_log_entries > 0) { - CTerror(CT_R_LOG_CONF_INVALID); - goto end; - } - - ret = 1; - end: - NCONF_free(load_ctx->conf); - ctlog_store_load_ctx_free(load_ctx); - return ret; -} -LCRYPTO_ALIAS(CTLOG_STORE_load_file); - -/* - * Initialize a new CTLOG object. - * Takes ownership of the public key. - * Copies the name. - */ -CTLOG * -CTLOG_new(EVP_PKEY *public_key, const char *name) -{ - CTLOG *ret = calloc(1, sizeof(*ret)); - - if (ret == NULL) { - CTerror(ERR_R_MALLOC_FAILURE); - return NULL; - } - - ret->name = strdup(name); - if (ret->name == NULL) { - CTerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (ct_v1_log_id_from_pkey(public_key, ret->log_id) != 1) - goto err; - - ret->public_key = public_key; - return ret; - err: - CTLOG_free(ret); - return NULL; -} -LCRYPTO_ALIAS(CTLOG_new); - -/* Frees CT log and associated structures */ -void -CTLOG_free(CTLOG *log) -{ - if (log != NULL) { - free(log->name); - EVP_PKEY_free(log->public_key); - free(log); - } -} -LCRYPTO_ALIAS(CTLOG_free); - -const char * -CTLOG_get0_name(const CTLOG *log) -{ - return log->name; -} -LCRYPTO_ALIAS(CTLOG_get0_name); - -void -CTLOG_get0_log_id(const CTLOG *log, const uint8_t **log_id, size_t *log_id_len) -{ - *log_id = log->log_id; - *log_id_len = CT_V1_HASHLEN; -} -LCRYPTO_ALIAS(CTLOG_get0_log_id); - -EVP_PKEY * -CTLOG_get0_public_key(const CTLOG *log) -{ - return log->public_key; -} -LCRYPTO_ALIAS(CTLOG_get0_public_key); - -/* - * Given a log ID, finds the matching log. - * Returns NULL if no match found. - */ -const CTLOG * -CTLOG_STORE_get0_log_by_id(const CTLOG_STORE *store, const uint8_t *log_id, - size_t log_id_len) -{ - int i; - - for (i = 0; i < sk_CTLOG_num(store->logs); ++i) { - const CTLOG *log = sk_CTLOG_value(store->logs, i); - if (memcmp(log->log_id, log_id, log_id_len) == 0) - return log; - } - - return NULL; -} -LCRYPTO_ALIAS(CTLOG_STORE_get0_log_by_id); diff --git a/src/lib/libcrypto/ct/ct_oct.c b/src/lib/libcrypto/ct/ct_oct.c deleted file mode 100644 index 1f5e5c75d0..0000000000 --- a/src/lib/libcrypto/ct/ct_oct.c +++ /dev/null @@ -1,464 +0,0 @@ -/* $OpenBSD: ct_oct.c,v 1.9 2023/07/08 07:22:58 beck Exp $ */ -/* - * Written by Rob Stradling (rob@comodo.com) and Stephen Henson - * (steve@openssl.org) for the OpenSSL project 2014. - */ -/* ==================================================================== - * Copyright (c) 2014 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifdef OPENSSL_NO_CT -# error "CT is disabled" -#endif - -#include -#include - -#include -#include -#include -#include - -#include "bytestring.h" -#include "ct_local.h" - -int -o2i_SCT_signature(SCT *sct, CBS *cbs) -{ - uint8_t hash_alg, sig_alg; - CBS signature; - - if (sct->version != SCT_VERSION_V1) { - CTerror(CT_R_UNSUPPORTED_VERSION); - return 0; - } - - /* - * Parse a digitally-signed element - see RFC 6962 section 3.2 and - * RFC 5246 sections 4.7 and 7.4.1.4.1. - */ - if (!CBS_get_u8(cbs, &hash_alg)) - goto err_invalid; - if (!CBS_get_u8(cbs, &sig_alg)) - goto err_invalid; - if (!CBS_get_u16_length_prefixed(cbs, &signature)) - goto err_invalid; - if (CBS_len(cbs) != 0) - goto err_invalid; - - /* - * Reject empty signatures since they are invalid for all supported - * algorithms (this really should be done by SCT_set1_signature()). - */ - if (CBS_len(&signature) == 0) - goto err_invalid; - - sct->hash_alg = hash_alg; - sct->sig_alg = sig_alg; - - if (SCT_get_signature_nid(sct) == NID_undef) - goto err_invalid; - - if (!SCT_set1_signature(sct, CBS_data(&signature), CBS_len(&signature))) - return 0; - - return 1; - - err_invalid: - CTerror(CT_R_SCT_INVALID_SIGNATURE); - return 0; -} - -static int -o2i_SCT_internal(SCT **out_sct, CBS *cbs) -{ - SCT *sct = NULL; - uint8_t version; - - *out_sct = NULL; - - if ((sct = SCT_new()) == NULL) - goto err; - - if (CBS_len(cbs) > MAX_SCT_SIZE) - goto err_invalid; - if (!CBS_peek_u8(cbs, &version)) - goto err_invalid; - - sct->version = version; - - if (version == SCT_VERSION_V1) { - CBS extensions, log_id; - uint64_t timestamp; - - /* - * Parse a v1 SignedCertificateTimestamp - see RFC 6962 - * section 3.2. - */ - if (!CBS_get_u8(cbs, &version)) - goto err_invalid; - if (!CBS_get_bytes(cbs, &log_id, CT_V1_LOG_ID_LEN)) - goto err_invalid; - if (!CBS_get_u64(cbs, ×tamp)) - goto err_invalid; - if (!CBS_get_u16_length_prefixed(cbs, &extensions)) - goto err_invalid; - - if (!CBS_stow(&log_id, &sct->log_id, &sct->log_id_len)) - goto err; - - sct->timestamp = timestamp; - - if (!CBS_stow(&extensions, &sct->ext, &sct->ext_len)) - goto err; - - if (!o2i_SCT_signature(sct, cbs)) - goto err; - - if (CBS_len(cbs) != 0) - goto err_invalid; - } else { - /* If not V1 just cache encoding. */ - if (!CBS_stow(cbs, &sct->sct, &sct->sct_len)) - goto err; - } - - *out_sct = sct; - - return 1; - - err_invalid: - CTerror(CT_R_SCT_INVALID); - err: - SCT_free(sct); - - return 0; -} - -SCT * -o2i_SCT(SCT **psct, const unsigned char **in, size_t len) -{ - SCT *sct; - CBS cbs; - - CBS_init(&cbs, *in, len); - - if (psct != NULL) { - SCT_free(*psct); - *psct = NULL; - } - - if (!o2i_SCT_internal(&sct, &cbs)) - return NULL; - - if (psct != NULL) - *psct = sct; - - *in = CBS_data(&cbs); - - return sct; -} -LCRYPTO_ALIAS(o2i_SCT); - -int -i2o_SCT_signature(const SCT *sct, unsigned char **out) -{ - size_t len; - unsigned char *p = NULL, *pstart = NULL; - - if (!SCT_signature_is_complete(sct)) { - CTerror(CT_R_SCT_INVALID_SIGNATURE); - goto err; - } - - if (sct->version != SCT_VERSION_V1) { - CTerror(CT_R_UNSUPPORTED_VERSION); - goto err; - } - - /* - * (1 byte) Hash algorithm - * (1 byte) Signature algorithm - * (2 bytes + ?) Signature - */ - len = 4 + sct->sig_len; - - if (out != NULL) { - if (*out != NULL) { - p = *out; - *out += len; - } else { - pstart = p = malloc(len); - if (p == NULL) { - CTerror(ERR_R_MALLOC_FAILURE); - goto err; - } - *out = p; - } - - *p++ = sct->hash_alg; - *p++ = sct->sig_alg; - s2n(sct->sig_len, p); - memcpy(p, sct->sig, sct->sig_len); - } - - return len; - err: - free(pstart); - return -1; -} - -int -i2o_SCT(const SCT *sct, unsigned char **out) -{ - size_t len; - unsigned char *p = NULL, *pstart = NULL; - - if (!SCT_is_complete(sct)) { - CTerror(CT_R_SCT_NOT_SET); - goto err; - } - /* - * Fixed-length header: struct { (1 byte) Version sct_version; (32 bytes) - * log_id id; (8 bytes) uint64 timestamp; (2 bytes + ?) CtExtensions - * extensions; (1 byte) Hash algorithm (1 byte) Signature algorithm (2 - * bytes + ?) Signature - */ - if (sct->version == SCT_VERSION_V1) - len = 43 + sct->ext_len + 4 + sct->sig_len; - else - len = sct->sct_len; - - if (out == NULL) - return len; - - if (*out != NULL) { - p = *out; - *out += len; - } else { - pstart = p = malloc(len); - if (p == NULL) { - CTerror(ERR_R_MALLOC_FAILURE); - goto err; - } - *out = p; - } - - if (sct->version == SCT_VERSION_V1) { - *p++ = sct->version; - memcpy(p, sct->log_id, CT_V1_HASHLEN); - p += CT_V1_HASHLEN; - l2n8(sct->timestamp, p); - s2n(sct->ext_len, p); - if (sct->ext_len > 0) { - memcpy(p, sct->ext, sct->ext_len); - p += sct->ext_len; - } - if (i2o_SCT_signature(sct, &p) <= 0) - goto err; - } else { - memcpy(p, sct->sct, len); - } - - return len; - err: - free(pstart); - return -1; -} -LCRYPTO_ALIAS(i2o_SCT); - -STACK_OF(SCT) * -o2i_SCT_LIST(STACK_OF(SCT) **out_scts, const unsigned char **pp, size_t len) -{ - CBS cbs, cbs_scts, cbs_sct; - STACK_OF(SCT) *scts = NULL; - - CBS_init(&cbs, *pp, len); - - if (CBS_len(&cbs) > MAX_SCT_LIST_SIZE) - goto err_invalid; - if (!CBS_get_u16_length_prefixed(&cbs, &cbs_scts)) - goto err_invalid; - if (CBS_len(&cbs) != 0) - goto err_invalid; - - if (out_scts != NULL) { - SCT_LIST_free(*out_scts); - *out_scts = NULL; - } - - if ((scts = sk_SCT_new_null()) == NULL) - return NULL; - - while (CBS_len(&cbs_scts) > 0) { - SCT *sct; - - if (!CBS_get_u16_length_prefixed(&cbs_scts, &cbs_sct)) - goto err_invalid; - - if (!o2i_SCT_internal(&sct, &cbs_sct)) - goto err; - if (!sk_SCT_push(scts, sct)) { - SCT_free(sct); - goto err; - } - } - - if (out_scts != NULL) - *out_scts = scts; - - *pp = CBS_data(&cbs); - - return scts; - - err_invalid: - CTerror(CT_R_SCT_LIST_INVALID); - err: - SCT_LIST_free(scts); - - return NULL; -} -LCRYPTO_ALIAS(o2i_SCT_LIST); - -int -i2o_SCT_LIST(const STACK_OF(SCT) *a, unsigned char **pp) -{ - int len, sct_len, i, is_pp_new = 0; - size_t len2; - unsigned char *p = NULL, *p2; - - if (pp != NULL) { - if (*pp == NULL) { - if ((len = i2o_SCT_LIST(a, NULL)) == -1) { - CTerror(CT_R_SCT_LIST_INVALID); - return -1; - } - if ((*pp = malloc(len)) == NULL) { - CTerror(ERR_R_MALLOC_FAILURE); - return -1; - } - is_pp_new = 1; - } - p = *pp + 2; - } - - len2 = 2; - for (i = 0; i < sk_SCT_num(a); i++) { - if (pp != NULL) { - p2 = p; - p += 2; - if ((sct_len = i2o_SCT(sk_SCT_value(a, i), &p)) == -1) - goto err; - s2n(sct_len, p2); - } else { - if ((sct_len = i2o_SCT(sk_SCT_value(a, i), NULL)) == -1) - goto err; - } - len2 += 2 + sct_len; - } - - if (len2 > MAX_SCT_LIST_SIZE) - goto err; - - if (pp != NULL) { - p = *pp; - s2n(len2 - 2, p); - if (!is_pp_new) - *pp += len2; - } - return len2; - - err: - if (is_pp_new) { - free(*pp); - *pp = NULL; - } - return -1; -} -LCRYPTO_ALIAS(i2o_SCT_LIST); - -STACK_OF(SCT) * -d2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp, long len) -{ - ASN1_OCTET_STRING *oct = NULL; - STACK_OF(SCT) *sk = NULL; - const unsigned char *p; - - p = *pp; - if (d2i_ASN1_OCTET_STRING(&oct, &p, len) == NULL) - return NULL; - - p = oct->data; - if ((sk = o2i_SCT_LIST(a, &p, oct->length)) != NULL) - *pp += len; - - ASN1_OCTET_STRING_free(oct); - return sk; -} -LCRYPTO_ALIAS(d2i_SCT_LIST); - -int -i2d_SCT_LIST(const STACK_OF(SCT) *a, unsigned char **out) -{ - ASN1_OCTET_STRING oct; - int len; - - oct.data = NULL; - if ((oct.length = i2o_SCT_LIST(a, &oct.data)) == -1) - return -1; - - len = i2d_ASN1_OCTET_STRING(&oct, out); - free(oct.data); - return len; -} -LCRYPTO_ALIAS(i2d_SCT_LIST); diff --git a/src/lib/libcrypto/ct/ct_policy.c b/src/lib/libcrypto/ct/ct_policy.c deleted file mode 100644 index eb2b312019..0000000000 --- a/src/lib/libcrypto/ct/ct_policy.c +++ /dev/null @@ -1,163 +0,0 @@ -/* $OpenBSD: ct_policy.c,v 1.6 2023/07/08 07:22:58 beck Exp $ */ -/* - * Implementations of Certificate Transparency SCT policies. - * Written by Rob Percival (robpercival@google.com) for the OpenSSL project. - */ -/* ==================================================================== - * Copyright (c) 2016 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#ifdef OPENSSL_NO_CT -# error "CT is disabled" -#endif - -#include -#include -#include - -#include "ct_local.h" - -/* - * Number of seconds in the future that an SCT timestamp can be, by default, - * without being considered invalid. This is added to time() when setting a - * default value for CT_POLICY_EVAL_CTX.epoch_time_in_ms. - * It can be overridden by calling CT_POLICY_EVAL_CTX_set_time(). - */ -static const time_t SCT_CLOCK_DRIFT_TOLERANCE = 300; - -CT_POLICY_EVAL_CTX * -CT_POLICY_EVAL_CTX_new(void) -{ - CT_POLICY_EVAL_CTX *ctx = calloc(1, sizeof(CT_POLICY_EVAL_CTX)); - - if (ctx == NULL) { - CTerror(ERR_R_MALLOC_FAILURE); - return NULL; - } - - /* time(NULL) shouldn't ever fail, so don't bother checking for -1. */ - ctx->epoch_time_in_ms = (uint64_t)(time(NULL) + SCT_CLOCK_DRIFT_TOLERANCE) * - 1000; - - return ctx; -} -LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_new); - -void -CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx) -{ - if (ctx == NULL) - return; - X509_free(ctx->cert); - X509_free(ctx->issuer); - free(ctx); -} -LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_free); - -int -CT_POLICY_EVAL_CTX_set1_cert(CT_POLICY_EVAL_CTX *ctx, X509 *cert) -{ - if (!X509_up_ref(cert)) - return 0; - ctx->cert = cert; - return 1; -} -LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_set1_cert); - -int -CT_POLICY_EVAL_CTX_set1_issuer(CT_POLICY_EVAL_CTX *ctx, X509 *issuer) -{ - if (!X509_up_ref(issuer)) - return 0; - ctx->issuer = issuer; - return 1; -} -LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_set1_issuer); - -void -CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE(CT_POLICY_EVAL_CTX *ctx, - CTLOG_STORE *log_store) -{ - ctx->log_store = log_store; -} -LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE); - -void -CT_POLICY_EVAL_CTX_set_time(CT_POLICY_EVAL_CTX *ctx, uint64_t time_in_ms) -{ - ctx->epoch_time_in_ms = time_in_ms; -} -LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_set_time); - -X509 * -CT_POLICY_EVAL_CTX_get0_cert(const CT_POLICY_EVAL_CTX *ctx) -{ - return ctx->cert; -} -LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_get0_cert); - -X509 * -CT_POLICY_EVAL_CTX_get0_issuer(const CT_POLICY_EVAL_CTX *ctx) -{ - return ctx->issuer; -} -LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_get0_issuer); - -const CTLOG_STORE * -CT_POLICY_EVAL_CTX_get0_log_store(const CT_POLICY_EVAL_CTX *ctx) -{ - return ctx->log_store; -} -LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_get0_log_store); - -uint64_t -CT_POLICY_EVAL_CTX_get_time(const CT_POLICY_EVAL_CTX *ctx) -{ - return ctx->epoch_time_in_ms; -} -LCRYPTO_ALIAS(CT_POLICY_EVAL_CTX_get_time); diff --git a/src/lib/libcrypto/ct/ct_prn.c b/src/lib/libcrypto/ct/ct_prn.c deleted file mode 100644 index e6931eeb09..0000000000 --- a/src/lib/libcrypto/ct/ct_prn.c +++ /dev/null @@ -1,211 +0,0 @@ -/* $OpenBSD: ct_prn.c,v 1.7 2023/07/08 07:22:58 beck Exp $ */ -/* - * Written by Rob Stradling (rob@comodo.com) and Stephen Henson - * (steve@openssl.org) for the OpenSSL project 2014. - */ -/* ==================================================================== - * Copyright (c) 2014 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifdef OPENSSL_NO_CT -# error "CT is disabled" -#endif - -#include -#include - -#include "ct_local.h" - -/* - * XXX public api in OpenSSL 1.1.0 but this is the only thing that uses it. - * so I am stuffing it here for the moment. - */ -static int -BIO_hex_string(BIO *out, int indent, int width, unsigned char *data, - int datalen) -{ - int i, j = 0; - - if (datalen < 1) - return 1; - - for (i = 0; i < datalen - 1; i++) { - if (i && !j) - BIO_printf(out, "%*s", indent, ""); - - BIO_printf(out, "%02X:", data[i]); - - j = (j + 1) % width; - if (!j) - BIO_printf(out, "\n"); - } - - if (i && !j) - BIO_printf(out, "%*s", indent, ""); - BIO_printf(out, "%02X", data[datalen - 1]); - return 1; -} - -static void -SCT_signature_algorithms_print(const SCT *sct, BIO *out) -{ - int nid = SCT_get_signature_nid(sct); - - if (nid == NID_undef) - BIO_printf(out, "%02X%02X", sct->hash_alg, sct->sig_alg); - else - BIO_printf(out, "%s", OBJ_nid2ln(nid)); -} - -static void -timestamp_print(uint64_t timestamp, BIO *out) -{ - ASN1_GENERALIZEDTIME *gen = ASN1_GENERALIZEDTIME_new(); - char genstr[20]; - - if (gen == NULL) - return; - ASN1_GENERALIZEDTIME_adj(gen, (time_t)0, (int)(timestamp / 86400000), - (timestamp % 86400000) / 1000); - /* - * Note GeneralizedTime from ASN1_GENERALIZETIME_adj is always 15 - * characters long with a final Z. Update it with fractional seconds. - */ - snprintf(genstr, sizeof(genstr), "%.14sZ", ASN1_STRING_get0_data(gen)); - if (ASN1_GENERALIZEDTIME_set_string(gen, genstr)) - ASN1_GENERALIZEDTIME_print(out, gen); - ASN1_GENERALIZEDTIME_free(gen); -} - -const char * -SCT_validation_status_string(const SCT *sct) -{ - switch (SCT_get_validation_status(sct)) { - case SCT_VALIDATION_STATUS_NOT_SET: - return "not set"; - case SCT_VALIDATION_STATUS_UNKNOWN_VERSION: - return "unknown version"; - case SCT_VALIDATION_STATUS_UNKNOWN_LOG: - return "unknown log"; - case SCT_VALIDATION_STATUS_UNVERIFIED: - return "unverified"; - case SCT_VALIDATION_STATUS_INVALID: - return "invalid"; - case SCT_VALIDATION_STATUS_VALID: - return "valid"; - } - return "unknown status"; -} -LCRYPTO_ALIAS(SCT_validation_status_string); - -void -SCT_print(const SCT *sct, BIO *out, int indent, const CTLOG_STORE *log_store) -{ - const CTLOG *log = NULL; - - if (log_store != NULL) { - log = CTLOG_STORE_get0_log_by_id(log_store, sct->log_id, - sct->log_id_len); - } - - BIO_printf(out, "%*sSigned Certificate Timestamp:", indent, ""); - BIO_printf(out, "\n%*sVersion : ", indent + 4, ""); - - if (sct->version != SCT_VERSION_V1) { - BIO_printf(out, "unknown\n%*s", indent + 16, ""); - BIO_hex_string(out, indent + 16, 16, sct->sct, sct->sct_len); - return; - } - - BIO_printf(out, "v1 (0x0)"); - - if (log != NULL) { - BIO_printf(out, "\n%*sLog : %s", indent + 4, "", - CTLOG_get0_name(log)); - } - - BIO_printf(out, "\n%*sLog ID : ", indent + 4, ""); - BIO_hex_string(out, indent + 16, 16, sct->log_id, sct->log_id_len); - - BIO_printf(out, "\n%*sTimestamp : ", indent + 4, ""); - timestamp_print(sct->timestamp, out); - - BIO_printf(out, "\n%*sExtensions: ", indent + 4, ""); - if (sct->ext_len == 0) - BIO_printf(out, "none"); - else - BIO_hex_string(out, indent + 16, 16, sct->ext, sct->ext_len); - - BIO_printf(out, "\n%*sSignature : ", indent + 4, ""); - SCT_signature_algorithms_print(sct, out); - BIO_printf(out, "\n%*s ", indent + 4, ""); - BIO_hex_string(out, indent + 16, 16, sct->sig, sct->sig_len); -} -LCRYPTO_ALIAS(SCT_print); - -void -SCT_LIST_print(const STACK_OF(SCT) *sct_list, BIO *out, int indent, - const char *separator, const CTLOG_STORE *log_store) -{ - int sct_count = sk_SCT_num(sct_list); - int i; - - for (i = 0; i < sct_count; ++i) { - SCT *sct = sk_SCT_value(sct_list, i); - - SCT_print(sct, out, indent, log_store); - if (i < sk_SCT_num(sct_list) - 1) - BIO_printf(out, "%s", separator); - } -} -LCRYPTO_ALIAS(SCT_LIST_print); diff --git a/src/lib/libcrypto/ct/ct_sct.c b/src/lib/libcrypto/ct/ct_sct.c deleted file mode 100644 index 4b2716e734..0000000000 --- a/src/lib/libcrypto/ct/ct_sct.c +++ /dev/null @@ -1,507 +0,0 @@ -/* $OpenBSD: ct_sct.c,v 1.10 2023/07/22 17:02:49 tb Exp $ */ -/* - * Written by Rob Stradling (rob@comodo.com), Stephen Henson (steve@openssl.org) - * and Adam Eijdenberg (adam.eijdenberg@gmail.com) for the OpenSSL project 2016. - */ -/* ==================================================================== - * Copyright (c) 2014 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifdef OPENSSL_NO_CT -# error "CT disabled" -#endif - -#include -#include -#include - -#include -#include -#include -#include -#include - -#include "ct_local.h" - -SCT * -SCT_new(void) -{ - SCT *sct = calloc(1, sizeof(*sct)); - - if (sct == NULL) { - CTerror(ERR_R_MALLOC_FAILURE); - return NULL; - } - - sct->entry_type = CT_LOG_ENTRY_TYPE_NOT_SET; - sct->version = SCT_VERSION_NOT_SET; - return sct; -} -LCRYPTO_ALIAS(SCT_new); - -void -SCT_free(SCT *sct) -{ - if (sct == NULL) - return; - - free(sct->log_id); - free(sct->ext); - free(sct->sig); - free(sct->sct); - free(sct); -} -LCRYPTO_ALIAS(SCT_free); - -void -SCT_LIST_free(STACK_OF(SCT) *scts) -{ - sk_SCT_pop_free(scts, SCT_free); -} -LCRYPTO_ALIAS(SCT_LIST_free); - -int -SCT_set_version(SCT *sct, sct_version_t version) -{ - if (version != SCT_VERSION_V1) { - CTerror(CT_R_UNSUPPORTED_VERSION); - return 0; - } - sct->version = version; - sct->validation_status = SCT_VALIDATION_STATUS_NOT_SET; - return 1; -} -LCRYPTO_ALIAS(SCT_set_version); - -int -SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type) -{ - sct->validation_status = SCT_VALIDATION_STATUS_NOT_SET; - - switch (entry_type) { - case CT_LOG_ENTRY_TYPE_X509: - case CT_LOG_ENTRY_TYPE_PRECERT: - sct->entry_type = entry_type; - return 1; - case CT_LOG_ENTRY_TYPE_NOT_SET: - break; - } - CTerror(CT_R_UNSUPPORTED_ENTRY_TYPE); - return 0; -} -LCRYPTO_ALIAS(SCT_set_log_entry_type); - -int -SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len) -{ - if (sct->version == SCT_VERSION_V1 && log_id_len != CT_V1_HASHLEN) { - CTerror(CT_R_INVALID_LOG_ID_LENGTH); - return 0; - } - - free(sct->log_id); - sct->log_id = log_id; - sct->log_id_len = log_id_len; - sct->validation_status = SCT_VALIDATION_STATUS_NOT_SET; - return 1; -} -LCRYPTO_ALIAS(SCT_set0_log_id); - -int -SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len) -{ - if (sct->version == SCT_VERSION_V1 && log_id_len != CT_V1_HASHLEN) { - CTerror(CT_R_INVALID_LOG_ID_LENGTH); - return 0; - } - - free(sct->log_id); - sct->log_id = NULL; - sct->log_id_len = 0; - sct->validation_status = SCT_VALIDATION_STATUS_NOT_SET; - - if (log_id != NULL && log_id_len > 0) { - sct->log_id = malloc(log_id_len); - if (sct->log_id == NULL) { - CTerror(ERR_R_MALLOC_FAILURE); - return 0; - } - memcpy(sct->log_id, log_id, log_id_len); - sct->log_id_len = log_id_len; - } - return 1; -} -LCRYPTO_ALIAS(SCT_set1_log_id); - - -void -SCT_set_timestamp(SCT *sct, uint64_t timestamp) -{ - sct->timestamp = timestamp; - sct->validation_status = SCT_VALIDATION_STATUS_NOT_SET; -} -LCRYPTO_ALIAS(SCT_set_timestamp); - -int -SCT_set_signature_nid(SCT *sct, int nid) -{ - switch (nid) { - case NID_sha256WithRSAEncryption: - sct->hash_alg = 4; /* XXX */ - sct->sig_alg = 1; /* XXX */ - sct->validation_status = SCT_VALIDATION_STATUS_NOT_SET; - return 1; - case NID_ecdsa_with_SHA256: - sct->hash_alg = 4; /* XXX */ - sct->sig_alg = 3; /* XXX */ - sct->validation_status = SCT_VALIDATION_STATUS_NOT_SET; - return 1; - default: - CTerror(CT_R_UNRECOGNIZED_SIGNATURE_NID); - return 0; - } -} -LCRYPTO_ALIAS(SCT_set_signature_nid); - -void -SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len) -{ - free(sct->ext); - sct->ext = ext; - sct->ext_len = ext_len; - sct->validation_status = SCT_VALIDATION_STATUS_NOT_SET; -} -LCRYPTO_ALIAS(SCT_set0_extensions); - -int -SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len) -{ - free(sct->ext); - sct->ext = NULL; - sct->ext_len = 0; - sct->validation_status = SCT_VALIDATION_STATUS_NOT_SET; - - if (ext != NULL && ext_len > 0) { - sct->ext = malloc(ext_len); - if (sct->ext == NULL) { - CTerror(ERR_R_MALLOC_FAILURE); - return 0; - } - memcpy(sct->ext, ext, ext_len); - sct->ext_len = ext_len; - } - return 1; -} -LCRYPTO_ALIAS(SCT_set1_extensions); - -void -SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len) -{ - free(sct->sig); - sct->sig = sig; - sct->sig_len = sig_len; - sct->validation_status = SCT_VALIDATION_STATUS_NOT_SET; -} -LCRYPTO_ALIAS(SCT_set0_signature); - -int -SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len) -{ - free(sct->sig); - sct->sig = NULL; - sct->sig_len = 0; - sct->validation_status = SCT_VALIDATION_STATUS_NOT_SET; - - if (sig != NULL && sig_len > 0) { - sct->sig = malloc(sig_len); - if (sct->sig == NULL) { - CTerror(ERR_R_MALLOC_FAILURE); - return 0; - } - memcpy(sct->sig, sig, sig_len); - sct->sig_len = sig_len; - } - return 1; -} -LCRYPTO_ALIAS(SCT_set1_signature); - -sct_version_t -SCT_get_version(const SCT *sct) -{ - return sct->version; -} -LCRYPTO_ALIAS(SCT_get_version); - -ct_log_entry_type_t -SCT_get_log_entry_type(const SCT *sct) -{ - return sct->entry_type; -} -LCRYPTO_ALIAS(SCT_get_log_entry_type); - -size_t -SCT_get0_log_id(const SCT *sct, unsigned char **log_id) -{ - *log_id = sct->log_id; - return sct->log_id_len; -} -LCRYPTO_ALIAS(SCT_get0_log_id); - -uint64_t -SCT_get_timestamp(const SCT *sct) -{ - return sct->timestamp; -} -LCRYPTO_ALIAS(SCT_get_timestamp); - -int -SCT_get_signature_nid(const SCT *sct) -{ - if (sct->version == SCT_VERSION_V1) { - /* XXX sigalg numbers */ - if (sct->hash_alg == 4) { - switch (sct->sig_alg) { - case 3: - return NID_ecdsa_with_SHA256; - case 1: - return NID_sha256WithRSAEncryption; - default: - return NID_undef; - } - } - } - return NID_undef; -} -LCRYPTO_ALIAS(SCT_get_signature_nid); - -size_t -SCT_get0_extensions(const SCT *sct, unsigned char **ext) -{ - *ext = sct->ext; - return sct->ext_len; -} -LCRYPTO_ALIAS(SCT_get0_extensions); - -size_t -SCT_get0_signature(const SCT *sct, unsigned char **sig) -{ - *sig = sct->sig; - return sct->sig_len; -} -LCRYPTO_ALIAS(SCT_get0_signature); - -int -SCT_is_complete(const SCT *sct) -{ - switch (sct->version) { - case SCT_VERSION_NOT_SET: - return 0; - case SCT_VERSION_V1: - return sct->log_id != NULL && SCT_signature_is_complete(sct); - default: - return sct->sct != NULL; /* Just need cached encoding */ - } -} - -int -SCT_signature_is_complete(const SCT *sct) -{ - return SCT_get_signature_nid(sct) != NID_undef && - sct->sig != NULL && sct->sig_len > 0; -} - -sct_source_t -SCT_get_source(const SCT *sct) -{ - return sct->source; -} -LCRYPTO_ALIAS(SCT_get_source); - -int -SCT_set_source(SCT *sct, sct_source_t source) -{ - sct->source = source; - sct->validation_status = SCT_VALIDATION_STATUS_NOT_SET; - switch (source) { - case SCT_SOURCE_TLS_EXTENSION: - case SCT_SOURCE_OCSP_STAPLED_RESPONSE: - return SCT_set_log_entry_type(sct, CT_LOG_ENTRY_TYPE_X509); - case SCT_SOURCE_X509V3_EXTENSION: - return SCT_set_log_entry_type(sct, CT_LOG_ENTRY_TYPE_PRECERT); - case SCT_SOURCE_UNKNOWN: - break; - } - /* if we aren't sure, leave the log entry type alone */ - return 1; -} -LCRYPTO_ALIAS(SCT_set_source); - -sct_validation_status_t -SCT_get_validation_status(const SCT *sct) -{ - return sct->validation_status; -} -LCRYPTO_ALIAS(SCT_get_validation_status); - -int -SCT_validate(SCT *sct, const CT_POLICY_EVAL_CTX *ctx) -{ - int is_sct_valid = -1; - SCT_CTX *sctx = NULL; - X509_PUBKEY *pub = NULL, *log_pkey = NULL; - const CTLOG *log; - - /* - * With an unrecognized SCT version we don't know what such an SCT means, - * let alone validate one. So we return validation failure (0). - */ - if (sct->version != SCT_VERSION_V1) { - sct->validation_status = SCT_VALIDATION_STATUS_UNKNOWN_VERSION; - return 0; - } - - log = CTLOG_STORE_get0_log_by_id(ctx->log_store, sct->log_id, - sct->log_id_len); - - /* Similarly, an SCT from an unknown log also cannot be validated. */ - if (log == NULL) { - sct->validation_status = SCT_VALIDATION_STATUS_UNKNOWN_LOG; - return 0; - } - - sctx = SCT_CTX_new(); - if (sctx == NULL) - goto err; - - if (X509_PUBKEY_set(&log_pkey, CTLOG_get0_public_key(log)) != 1) - goto err; - if (SCT_CTX_set1_pubkey(sctx, log_pkey) != 1) - goto err; - - if (SCT_get_log_entry_type(sct) == CT_LOG_ENTRY_TYPE_PRECERT) { - EVP_PKEY *issuer_pkey; - - if (ctx->issuer == NULL) { - sct->validation_status = SCT_VALIDATION_STATUS_UNVERIFIED; - goto end; - } - - if ((issuer_pkey = X509_get0_pubkey(ctx->issuer)) == NULL) - goto err; - - if (X509_PUBKEY_set(&pub, issuer_pkey) != 1) - goto err; - if (SCT_CTX_set1_issuer_pubkey(sctx, pub) != 1) - goto err; - } - - SCT_CTX_set_time(sctx, ctx->epoch_time_in_ms); - - /* - * XXX: Potential for optimization. This repeats some idempotent heavy - * lifting on the certificate for each candidate SCT, and appears to not - * use any information in the SCT itself, only the certificate is - * processed. So it may make more sense to to do this just once, perhaps - * associated with the shared (by all SCTs) policy eval ctx. - * - * XXX: Failure here is global (SCT independent) and represents either an - * issue with the certificate (e.g. duplicate extensions) or an out of - * memory condition. When the certificate is incompatible with CT, we just - * mark the SCTs invalid, rather than report a failure to determine the - * validation status. That way, callbacks that want to do "soft" SCT - * processing will not abort handshakes with false positive internal - * errors. Since the function does not distinguish between certificate - * issues (peer's fault) and internal problems (out fault) the safe thing - * to do is to report a validation failure and let the callback or - * application decide what to do. - */ - if (SCT_CTX_set1_cert(sctx, ctx->cert, NULL) != 1) - sct->validation_status = SCT_VALIDATION_STATUS_UNVERIFIED; - else - sct->validation_status = SCT_CTX_verify(sctx, sct) == 1 ? - SCT_VALIDATION_STATUS_VALID : SCT_VALIDATION_STATUS_INVALID; - - end: - is_sct_valid = sct->validation_status == SCT_VALIDATION_STATUS_VALID; - err: - X509_PUBKEY_free(pub); - X509_PUBKEY_free(log_pkey); - SCT_CTX_free(sctx); - - return is_sct_valid; -} -LCRYPTO_ALIAS(SCT_validate); - -int -SCT_LIST_validate(const STACK_OF(SCT) *scts, CT_POLICY_EVAL_CTX *ctx) -{ - int are_scts_valid = 1; - int sct_count = scts != NULL ? sk_SCT_num(scts) : 0; - int i; - - for (i = 0; i < sct_count; ++i) { - int is_sct_valid = -1; - SCT *sct = sk_SCT_value(scts, i); - - if (sct == NULL) - continue; - - is_sct_valid = SCT_validate(sct, ctx); - if (is_sct_valid < 0) - return is_sct_valid; - are_scts_valid &= is_sct_valid; - } - - return are_scts_valid; -} -LCRYPTO_ALIAS(SCT_LIST_validate); diff --git a/src/lib/libcrypto/ct/ct_sct_ctx.c b/src/lib/libcrypto/ct/ct_sct_ctx.c deleted file mode 100644 index b2b6d4e269..0000000000 --- a/src/lib/libcrypto/ct/ct_sct_ctx.c +++ /dev/null @@ -1,323 +0,0 @@ -/* $OpenBSD: ct_sct_ctx.c,v 1.6 2022/06/30 11:14:47 tb Exp $ */ -/* - * Written by Rob Stradling (rob@comodo.com) and Stephen Henson - * (steve@openssl.org) for the OpenSSL project 2014. - */ -/* ==================================================================== - * Copyright (c) 2014 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifdef OPENSSL_NO_CT -# error "CT is disabled" -#endif - -#include -#include - -#include -#include -#include - -#include "ct_local.h" - -SCT_CTX * -SCT_CTX_new(void) -{ - SCT_CTX *sctx = calloc(1, sizeof(*sctx)); - - if (sctx == NULL) - CTerror(ERR_R_MALLOC_FAILURE); - - return sctx; -} - -void -SCT_CTX_free(SCT_CTX *sctx) -{ - if (sctx == NULL) - return; - EVP_PKEY_free(sctx->pkey); - free(sctx->pkeyhash); - free(sctx->ihash); - free(sctx->certder); - free(sctx->preder); - free(sctx); -} - -/* - * Finds the index of the first extension with the given NID in cert. - * If there is more than one extension with that NID, *is_duplicated is set to - * 1, otherwise 0 (unless it is NULL). - */ -static int -ct_x509_get_ext(X509 *cert, int nid, int *is_duplicated) -{ - int ret = X509_get_ext_by_NID(cert, nid, -1); - - if (is_duplicated != NULL) - *is_duplicated = ret >= 0 && - X509_get_ext_by_NID(cert, nid, ret) >= 0; - - return ret; -} - -/* - * Modifies a certificate by deleting extensions and copying the issuer and - * AKID from the presigner certificate, if necessary. - * Returns 1 on success, 0 otherwise. - */ -static int -ct_x509_cert_fixup(X509 *cert, X509 *presigner) -{ - int preidx, certidx; - int pre_akid_ext_is_dup, cert_akid_ext_is_dup; - - if (presigner == NULL) - return 1; - - preidx = ct_x509_get_ext(presigner, NID_authority_key_identifier, - &pre_akid_ext_is_dup); - certidx = ct_x509_get_ext(cert, NID_authority_key_identifier, - &cert_akid_ext_is_dup); - - /* An error occurred whilst searching for the extension */ - if (preidx < -1 || certidx < -1) - return 0; - /* Invalid certificate if they contain duplicate extensions */ - if (pre_akid_ext_is_dup || cert_akid_ext_is_dup) - return 0; - /* AKID must be present in both certificate or absent in both */ - if (preidx >= 0 && certidx == -1) - return 0; - if (preidx == -1 && certidx >= 0) - return 0; - /* Copy issuer name */ - if (!X509_set_issuer_name(cert, X509_get_issuer_name(presigner))) - return 0; - if (preidx != -1) { - /* Retrieve and copy AKID encoding */ - X509_EXTENSION *preext = X509_get_ext(presigner, preidx); - X509_EXTENSION *certext = X509_get_ext(cert, certidx); - ASN1_OCTET_STRING *preextdata; - - /* Should never happen */ - if (preext == NULL || certext == NULL) - return 0; - preextdata = X509_EXTENSION_get_data(preext); - if (preextdata == NULL || - !X509_EXTENSION_set_data(certext, preextdata)) - return 0; - } - return 1; -} - -int -SCT_CTX_set1_cert(SCT_CTX *sctx, X509 *cert, X509 *presigner) -{ - unsigned char *certder = NULL, *preder = NULL; - X509 *pretmp = NULL; - int certderlen = 0, prederlen = 0; - int idx = -1; - int poison_ext_is_dup, sct_ext_is_dup; - int poison_idx = ct_x509_get_ext(cert, NID_ct_precert_poison, &poison_ext_is_dup); - - /* Duplicate poison extensions are present - error */ - if (poison_ext_is_dup) - goto err; - - /* If *cert doesn't have a poison extension, it isn't a precert */ - if (poison_idx == -1) { - /* cert isn't a precert, so we shouldn't have a presigner */ - if (presigner != NULL) - goto err; - - certderlen = i2d_X509(cert, &certder); - if (certderlen < 0) - goto err; - } - - /* See if cert has a precert SCTs extension */ - idx = ct_x509_get_ext(cert, NID_ct_precert_scts, &sct_ext_is_dup); - /* Duplicate SCT extensions are present - error */ - if (sct_ext_is_dup) - goto err; - - if (idx >= 0 && poison_idx >= 0) { - /* - * cert can't both contain SCTs (i.e. have an SCT extension) and be a - * precert (i.e. have a poison extension). - */ - goto err; - } - - if (idx == -1) { - idx = poison_idx; - } - - /* - * If either a poison or SCT extension is present, remove it before encoding - * cert. This, along with ct_x509_cert_fixup(), gets a TBSCertificate (see - * RFC5280) from cert, which is what the CT log signed when it produced the - * SCT. - */ - if (idx >= 0) { - X509_EXTENSION *ext; - - /* Take a copy of certificate so we don't modify passed version */ - pretmp = X509_dup(cert); - if (pretmp == NULL) - goto err; - - ext = X509_delete_ext(pretmp, idx); - X509_EXTENSION_free(ext); - - if (!ct_x509_cert_fixup(pretmp, presigner)) - goto err; - - prederlen = i2d_re_X509_tbs(pretmp, &preder); - if (prederlen <= 0) - goto err; - } - - X509_free(pretmp); - - free(sctx->certder); - sctx->certder = certder; - sctx->certderlen = certderlen; - - free(sctx->preder); - sctx->preder = preder; - sctx->prederlen = prederlen; - - return 1; - err: - free(certder); - free(preder); - X509_free(pretmp); - return 0; -} - -static int -ct_public_key_hash(X509_PUBKEY *pkey, unsigned char **hash, size_t *hash_len) -{ - int ret = 0; - unsigned char *md = NULL, *der = NULL; - int der_len; - unsigned int md_len; - - /* Reuse buffer if possible */ - if (*hash != NULL && *hash_len >= SHA256_DIGEST_LENGTH) { - md = *hash; - } else { - md = malloc(SHA256_DIGEST_LENGTH); - if (md == NULL) - goto err; - } - - /* Calculate key hash */ - der_len = i2d_X509_PUBKEY(pkey, &der); - if (der_len <= 0) - goto err; - - if (!EVP_Digest(der, der_len, md, &md_len, EVP_sha256(), NULL)) - goto err; - - if (md != *hash) { - free(*hash); - *hash = md; - *hash_len = SHA256_DIGEST_LENGTH; - } - - md = NULL; - ret = 1; - err: - free(md); - free(der); - return ret; -} - -int -SCT_CTX_set1_issuer(SCT_CTX *sctx, const X509 *issuer) -{ - return SCT_CTX_set1_issuer_pubkey(sctx, X509_get_X509_PUBKEY(issuer)); -} - -int -SCT_CTX_set1_issuer_pubkey(SCT_CTX *sctx, X509_PUBKEY *pubkey) -{ - return ct_public_key_hash(pubkey, &sctx->ihash, &sctx->ihashlen); -} - -int -SCT_CTX_set1_pubkey(SCT_CTX *sctx, X509_PUBKEY *pubkey) -{ - EVP_PKEY *pkey = X509_PUBKEY_get(pubkey); - - if (pkey == NULL) - return 0; - - if (!ct_public_key_hash(pubkey, &sctx->pkeyhash, &sctx->pkeyhashlen)) { - EVP_PKEY_free(pkey); - return 0; - } - - EVP_PKEY_free(sctx->pkey); - sctx->pkey = pkey; - return 1; -} - -void -SCT_CTX_set_time(SCT_CTX *sctx, uint64_t time_in_ms) -{ - sctx->epoch_time_in_ms = time_in_ms; -} diff --git a/src/lib/libcrypto/ct/ct_vfy.c b/src/lib/libcrypto/ct/ct_vfy.c deleted file mode 100644 index 424117263a..0000000000 --- a/src/lib/libcrypto/ct/ct_vfy.c +++ /dev/null @@ -1,195 +0,0 @@ -/* $OpenBSD: ct_vfy.c,v 1.6 2022/01/06 14:34:40 jsing Exp $ */ -/* - * Written by Rob Stradling (rob@comodo.com) and Stephen Henson - * (steve@openssl.org) for the OpenSSL project 2014. - */ -/* ==================================================================== - * Copyright (c) 2014 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include -#include - -#include "ct_local.h" - -typedef enum sct_signature_type_t { - SIGNATURE_TYPE_NOT_SET = -1, - SIGNATURE_TYPE_CERT_TIMESTAMP, - SIGNATURE_TYPE_TREE_HASH -} SCT_SIGNATURE_TYPE; - -/* - * Update encoding for SCT signature verification/generation to supplied - * EVP_MD_CTX. - */ -static int -sct_ctx_update(EVP_MD_CTX *ctx, const SCT_CTX *sctx, const SCT *sct) -{ - CBB cbb, entry, extensions; - uint8_t *data = NULL; - size_t data_len; - int ret = 0; - - memset(&cbb, 0, sizeof(cbb)); - - if (sct->entry_type == CT_LOG_ENTRY_TYPE_NOT_SET) - goto err; - if (sct->entry_type == CT_LOG_ENTRY_TYPE_PRECERT && sctx->ihash == NULL) - goto err; - - if (!CBB_init(&cbb, 0)) - goto err; - - /* - * Build the digitally-signed struct per RFC 6962 section 3.2. - */ - if (!CBB_add_u8(&cbb, sct->version)) - goto err; - if (!CBB_add_u8(&cbb, SIGNATURE_TYPE_CERT_TIMESTAMP)) - goto err; - if (!CBB_add_u64(&cbb, sct->timestamp)) - goto err; - if (!CBB_add_u16(&cbb, sct->entry_type)) - goto err; - - if (sct->entry_type == CT_LOG_ENTRY_TYPE_PRECERT) { - if (!CBB_add_bytes(&cbb, sctx->ihash, sctx->ihashlen)) - goto err; - } - - if (!CBB_add_u24_length_prefixed(&cbb, &entry)) - goto err; - if (sct->entry_type == CT_LOG_ENTRY_TYPE_PRECERT) { - if (sctx->preder == NULL) - goto err; - if (!CBB_add_bytes(&entry, sctx->preder, sctx->prederlen)) - goto err; - } else { - if (sctx->certder == NULL) - goto err; - if (!CBB_add_bytes(&entry, sctx->certder, sctx->certderlen)) - goto err; - } - - if (!CBB_add_u16_length_prefixed(&cbb, &extensions)) - goto err; - if (sct->ext_len > 0) { - if (!CBB_add_bytes(&extensions, sct->ext, sct->ext_len)) - goto err; - } - - if (!CBB_finish(&cbb, &data, &data_len)) - goto err; - - if (!EVP_DigestUpdate(ctx, data, data_len)) - goto err; - - ret = 1; - - err: - CBB_cleanup(&cbb); - free(data); - - return ret; -} - -int -SCT_CTX_verify(const SCT_CTX *sctx, const SCT *sct) -{ - EVP_MD_CTX *ctx = NULL; - int ret = 0; - - if (!SCT_is_complete(sct) || sctx->pkey == NULL || - sct->entry_type == CT_LOG_ENTRY_TYPE_NOT_SET || - (sct->entry_type == CT_LOG_ENTRY_TYPE_PRECERT && - sctx->ihash == NULL)) { - CTerror(CT_R_SCT_NOT_SET); - return 0; - } - if (sct->version != SCT_VERSION_V1) { - CTerror(CT_R_SCT_UNSUPPORTED_VERSION); - return 0; - } - if (sct->log_id_len != sctx->pkeyhashlen || - memcmp(sct->log_id, sctx->pkeyhash, sctx->pkeyhashlen) != 0) { - CTerror(CT_R_SCT_LOG_ID_MISMATCH); - return 0; - } - if (sct->timestamp > sctx->epoch_time_in_ms) { - CTerror(CT_R_SCT_FUTURE_TIMESTAMP); - return 0; - } - - if ((ctx = EVP_MD_CTX_new()) == NULL) - goto end; - - if (!EVP_DigestVerifyInit(ctx, NULL, EVP_sha256(), NULL, sctx->pkey)) - goto end; - - if (!sct_ctx_update(ctx, sctx, sct)) - goto end; - - /* Verify signature */ - /* If ret < 0 some other error: fall through without setting error */ - if ((ret = EVP_DigestVerifyFinal(ctx, sct->sig, sct->sig_len)) == 0) - CTerror(CT_R_SCT_INVALID_SIGNATURE); - - end: - EVP_MD_CTX_free(ctx); - - return ret; -} diff --git a/src/lib/libcrypto/ct/ct_x509v3.c b/src/lib/libcrypto/ct/ct_x509v3.c deleted file mode 100644 index b14ffc9532..0000000000 --- a/src/lib/libcrypto/ct/ct_x509v3.c +++ /dev/null @@ -1,201 +0,0 @@ -/* $OpenBSD: ct_x509v3.c,v 1.7 2024/07/13 15:08:58 tb Exp $ */ -/* - * Written by Rob Stradling (rob@comodo.com) and Stephen Henson - * (steve@openssl.org) for the OpenSSL project 2014. - */ -/* ==================================================================== - * Copyright (c) 2014 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifdef OPENSSL_NO_CT -# error "CT is disabled" -#endif - -#include - -#include "ct_local.h" - -static char * -i2s_poison(const X509V3_EXT_METHOD *method, void *val) -{ - return strdup("NULL"); -} - -static void * -s2i_poison(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, const char *str) -{ - return ASN1_NULL_new(); -} - -static int -i2r_SCT_LIST(X509V3_EXT_METHOD *method, STACK_OF(SCT) *sct_list, BIO *out, - int indent) -{ - SCT_LIST_print(sct_list, out, indent, "\n", NULL); - return 1; -} - -static int -set_sct_list_source(STACK_OF(SCT) *s, sct_source_t source) -{ - if (s != NULL) { - int i; - - for (i = 0; i < sk_SCT_num(s); i++) { - int res = SCT_set_source(sk_SCT_value(s, i), source); - - if (res != 1) { - return 0; - } - } - } - return 1; -} - -static STACK_OF(SCT) * -x509_ext_d2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp, long len) -{ - STACK_OF(SCT) *s = d2i_SCT_LIST(a, pp, len); - - if (set_sct_list_source(s, SCT_SOURCE_X509V3_EXTENSION) != 1) { - SCT_LIST_free(s); - *a = NULL; - return NULL; - } - return s; -} - -static STACK_OF(SCT) * -ocsp_ext_d2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp, long len) -{ - STACK_OF(SCT) *s = d2i_SCT_LIST(a, pp, len); - - if (set_sct_list_source(s, SCT_SOURCE_OCSP_STAPLED_RESPONSE) != 1) { - SCT_LIST_free(s); - *a = NULL; - return NULL; - } - return s; -} - -/* X509v3 extension in certificates that contains SCTs */ -static const X509V3_EXT_METHOD x509v3_ext_ct_precert_scts = { - .ext_nid = NID_ct_precert_scts, - .ext_flags = 0, - .it = NULL, - .ext_new = NULL, - .ext_free = (X509V3_EXT_FREE)SCT_LIST_free, - .d2i = (X509V3_EXT_D2I)x509_ext_d2i_SCT_LIST, - .i2d = (X509V3_EXT_I2D)i2d_SCT_LIST, - .i2s = NULL, - .s2i = NULL, - .i2v = NULL, - .v2i = NULL, - .i2r = (X509V3_EXT_I2R)i2r_SCT_LIST, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_ct_precert_scts(void) -{ - return &x509v3_ext_ct_precert_scts; -} - -/* X509v3 extension to mark a certificate as a pre-certificate */ -static const X509V3_EXT_METHOD x509v3_ext_ct_precert_poison = { - .ext_nid = NID_ct_precert_poison, - .ext_flags = 0, - .it = &ASN1_NULL_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = i2s_poison, - .s2i = s2i_poison, - .i2v = NULL, - .v2i = NULL, - .i2r = NULL, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_ct_precert_poison(void) -{ - return &x509v3_ext_ct_precert_poison; -} - -/* OCSP extension that contains SCTs */ -static const X509V3_EXT_METHOD x509v3_ext_ct_cert_scts = { - .ext_nid = NID_ct_cert_scts, - .ext_flags = 0, - .it = NULL, - .ext_new = NULL, - .ext_free = (X509V3_EXT_FREE)SCT_LIST_free, - .d2i = (X509V3_EXT_D2I)ocsp_ext_d2i_SCT_LIST, - .i2d = (X509V3_EXT_I2D)i2d_SCT_LIST, - .i2s = NULL, - .s2i = NULL, - .i2v = NULL, - .v2i = NULL, - .i2r = (X509V3_EXT_I2R)i2r_SCT_LIST, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_ct_cert_scts(void) -{ - return &x509v3_ext_ct_cert_scts; -} diff --git a/src/lib/libcrypto/curve25519/curve25519-generic.c b/src/lib/libcrypto/curve25519/curve25519-generic.c deleted file mode 100644 index d533731ef3..0000000000 --- a/src/lib/libcrypto/curve25519/curve25519-generic.c +++ /dev/null @@ -1,34 +0,0 @@ -/* $OpenBSD: curve25519-generic.c,v 1.2 2019/05/11 15:55:52 tb Exp $ */ -/* - * Copyright (c) 2015, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * This code is mostly taken from the ref10 version of Ed25519 in SUPERCOP - * 20141124 (http://bench.cr.yp.to/supercop.html). That code is released as - * public domain but this file has the ISC license just to keep licencing - * simple. - * - * The field functions are shared by Ed25519 and X25519 where possible. - */ - -#include "curve25519_internal.h" - -void -x25519_scalar_mult(uint8_t out[32], const uint8_t scalar[32], - const uint8_t point[32]) -{ - x25519_scalar_mult_generic(out, scalar, point); -} diff --git a/src/lib/libcrypto/curve25519/curve25519.c b/src/lib/libcrypto/curve25519/curve25519.c deleted file mode 100644 index 4e644c4280..0000000000 --- a/src/lib/libcrypto/curve25519/curve25519.c +++ /dev/null @@ -1,4946 +0,0 @@ -/* $OpenBSD: curve25519.c,v 1.16 2023/07/08 15:12:49 beck Exp $ */ -/* - * Copyright (c) 2015, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * This code is mostly taken from the ref10 version of Ed25519 in SUPERCOP - * 20141124 (http://bench.cr.yp.to/supercop.html). That code is released as - * public domain but this file has the ISC license just to keep licencing - * simple. - * - * The field functions are shared by Ed25519 and X25519 where possible. - */ - -#include -#include -#include - -#include -#include - -#include "curve25519_internal.h" - -static const int64_t kBottom25Bits = 0x1ffffffLL; -static const int64_t kBottom26Bits = 0x3ffffffLL; -static const int64_t kTop39Bits = 0xfffffffffe000000LL; -static const int64_t kTop38Bits = 0xfffffffffc000000LL; - -static uint64_t load_3(const uint8_t *in) { - uint64_t result; - result = (uint64_t)in[0]; - result |= ((uint64_t)in[1]) << 8; - result |= ((uint64_t)in[2]) << 16; - return result; -} - -static uint64_t load_4(const uint8_t *in) { - uint64_t result; - result = (uint64_t)in[0]; - result |= ((uint64_t)in[1]) << 8; - result |= ((uint64_t)in[2]) << 16; - result |= ((uint64_t)in[3]) << 24; - return result; -} - -static void fe_frombytes(fe h, const uint8_t *s) { - /* Ignores top bit of h. */ - int64_t h0 = load_4(s); - int64_t h1 = load_3(s + 4) << 6; - int64_t h2 = load_3(s + 7) << 5; - int64_t h3 = load_3(s + 10) << 3; - int64_t h4 = load_3(s + 13) << 2; - int64_t h5 = load_4(s + 16); - int64_t h6 = load_3(s + 20) << 7; - int64_t h7 = load_3(s + 23) << 5; - int64_t h8 = load_3(s + 26) << 4; - int64_t h9 = (load_3(s + 29) & 8388607) << 2; - int64_t carry0; - int64_t carry1; - int64_t carry2; - int64_t carry3; - int64_t carry4; - int64_t carry5; - int64_t carry6; - int64_t carry7; - int64_t carry8; - int64_t carry9; - - carry9 = h9 + (1 << 24); h0 += (carry9 >> 25) * 19; h9 -= carry9 & kTop39Bits; - carry1 = h1 + (1 << 24); h2 += carry1 >> 25; h1 -= carry1 & kTop39Bits; - carry3 = h3 + (1 << 24); h4 += carry3 >> 25; h3 -= carry3 & kTop39Bits; - carry5 = h5 + (1 << 24); h6 += carry5 >> 25; h5 -= carry5 & kTop39Bits; - carry7 = h7 + (1 << 24); h8 += carry7 >> 25; h7 -= carry7 & kTop39Bits; - - carry0 = h0 + (1 << 25); h1 += carry0 >> 26; h0 -= carry0 & kTop38Bits; - carry2 = h2 + (1 << 25); h3 += carry2 >> 26; h2 -= carry2 & kTop38Bits; - carry4 = h4 + (1 << 25); h5 += carry4 >> 26; h4 -= carry4 & kTop38Bits; - carry6 = h6 + (1 << 25); h7 += carry6 >> 26; h6 -= carry6 & kTop38Bits; - carry8 = h8 + (1 << 25); h9 += carry8 >> 26; h8 -= carry8 & kTop38Bits; - - h[0] = h0; - h[1] = h1; - h[2] = h2; - h[3] = h3; - h[4] = h4; - h[5] = h5; - h[6] = h6; - h[7] = h7; - h[8] = h8; - h[9] = h9; -} - -/* Preconditions: - * |h| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc. - * - * Write p=2^255-19; q=floor(h/p). - * Basic claim: q = floor(2^(-255)(h + 19 2^(-25)h9 + 2^(-1))). - * - * Proof: - * Have |h|<=p so |q|<=1 so |19^2 2^(-255) q|<1/4. - * Also have |h-2^230 h9|<2^231 so |19 2^(-255)(h-2^230 h9)|<1/4. - * - * Write y=2^(-1)-19^2 2^(-255)q-19 2^(-255)(h-2^230 h9). - * Then 0> 25; - q = (h0 + q) >> 26; - q = (h1 + q) >> 25; - q = (h2 + q) >> 26; - q = (h3 + q) >> 25; - q = (h4 + q) >> 26; - q = (h5 + q) >> 25; - q = (h6 + q) >> 26; - q = (h7 + q) >> 25; - q = (h8 + q) >> 26; - q = (h9 + q) >> 25; - - /* Goal: Output h-(2^255-19)q, which is between 0 and 2^255-20. */ - h0 += 19 * q; - /* Goal: Output h-2^255 q, which is between 0 and 2^255-20. */ - - h1 += h0 >> 26; h0 &= kBottom26Bits; - h2 += h1 >> 25; h1 &= kBottom25Bits; - h3 += h2 >> 26; h2 &= kBottom26Bits; - h4 += h3 >> 25; h3 &= kBottom25Bits; - h5 += h4 >> 26; h4 &= kBottom26Bits; - h6 += h5 >> 25; h5 &= kBottom25Bits; - h7 += h6 >> 26; h6 &= kBottom26Bits; - h8 += h7 >> 25; h7 &= kBottom25Bits; - h9 += h8 >> 26; h8 &= kBottom26Bits; - h9 &= kBottom25Bits; - /* h10 = carry9 */ - - /* Goal: Output h0+...+2^255 h10-2^255 q, which is between 0 and 2^255-20. - * Have h0+...+2^230 h9 between 0 and 2^255-1; - * evidently 2^255 h10-2^255 q = 0. - * Goal: Output h0+...+2^230 h9. */ - - s[0] = h0 >> 0; - s[1] = h0 >> 8; - s[2] = h0 >> 16; - s[3] = (h0 >> 24) | ((uint32_t)(h1) << 2); - s[4] = h1 >> 6; - s[5] = h1 >> 14; - s[6] = (h1 >> 22) | ((uint32_t)(h2) << 3); - s[7] = h2 >> 5; - s[8] = h2 >> 13; - s[9] = (h2 >> 21) | ((uint32_t)(h3) << 5); - s[10] = h3 >> 3; - s[11] = h3 >> 11; - s[12] = (h3 >> 19) | ((uint32_t)(h4) << 6); - s[13] = h4 >> 2; - s[14] = h4 >> 10; - s[15] = h4 >> 18; - s[16] = h5 >> 0; - s[17] = h5 >> 8; - s[18] = h5 >> 16; - s[19] = (h5 >> 24) | ((uint32_t)(h6) << 1); - s[20] = h6 >> 7; - s[21] = h6 >> 15; - s[22] = (h6 >> 23) | ((uint32_t)(h7) << 3); - s[23] = h7 >> 5; - s[24] = h7 >> 13; - s[25] = (h7 >> 21) | ((uint32_t)(h8) << 4); - s[26] = h8 >> 4; - s[27] = h8 >> 12; - s[28] = (h8 >> 20) | ((uint32_t)(h9) << 6); - s[29] = h9 >> 2; - s[30] = h9 >> 10; - s[31] = h9 >> 18; -} - -/* h = f */ -static void fe_copy(fe h, const fe f) { - memmove(h, f, sizeof(int32_t) * 10); -} - -/* h = 0 */ -static void fe_0(fe h) { memset(h, 0, sizeof(int32_t) * 10); } - -/* h = 1 */ -static void fe_1(fe h) { - memset(h, 0, sizeof(int32_t) * 10); - h[0] = 1; -} - -/* h = f + g - * Can overlap h with f or g. - * - * Preconditions: - * |f| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc. - * |g| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc. - * - * Postconditions: - * |h| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc. */ -static void fe_add(fe h, const fe f, const fe g) { - unsigned i; - for (i = 0; i < 10; i++) { - h[i] = f[i] + g[i]; - } -} - -/* h = f - g - * Can overlap h with f or g. - * - * Preconditions: - * |f| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc. - * |g| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc. - * - * Postconditions: - * |h| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc. */ -static void fe_sub(fe h, const fe f, const fe g) { - unsigned i; - for (i = 0; i < 10; i++) { - h[i] = f[i] - g[i]; - } -} - -/* h = f * g - * Can overlap h with f or g. - * - * Preconditions: - * |f| bounded by 1.65*2^26,1.65*2^25,1.65*2^26,1.65*2^25,etc. - * |g| bounded by 1.65*2^26,1.65*2^25,1.65*2^26,1.65*2^25,etc. - * - * Postconditions: - * |h| bounded by 1.01*2^25,1.01*2^24,1.01*2^25,1.01*2^24,etc. - * - * Notes on implementation strategy: - * - * Using schoolbook multiplication. - * Karatsuba would save a little in some cost models. - * - * Most multiplications by 2 and 19 are 32-bit precomputations; - * cheaper than 64-bit postcomputations. - * - * There is one remaining multiplication by 19 in the carry chain; - * one *19 precomputation can be merged into this, - * but the resulting data flow is considerably less clean. - * - * There are 12 carries below. - * 10 of them are 2-way parallelizable and vectorizable. - * Can get away with 11 carries, but then data flow is much deeper. - * - * With tighter constraints on inputs can squeeze carries into int32. */ -static void fe_mul(fe h, const fe f, const fe g) { - int32_t f0 = f[0]; - int32_t f1 = f[1]; - int32_t f2 = f[2]; - int32_t f3 = f[3]; - int32_t f4 = f[4]; - int32_t f5 = f[5]; - int32_t f6 = f[6]; - int32_t f7 = f[7]; - int32_t f8 = f[8]; - int32_t f9 = f[9]; - int32_t g0 = g[0]; - int32_t g1 = g[1]; - int32_t g2 = g[2]; - int32_t g3 = g[3]; - int32_t g4 = g[4]; - int32_t g5 = g[5]; - int32_t g6 = g[6]; - int32_t g7 = g[7]; - int32_t g8 = g[8]; - int32_t g9 = g[9]; - int32_t g1_19 = 19 * g1; /* 1.959375*2^29 */ - int32_t g2_19 = 19 * g2; /* 1.959375*2^30; still ok */ - int32_t g3_19 = 19 * g3; - int32_t g4_19 = 19 * g4; - int32_t g5_19 = 19 * g5; - int32_t g6_19 = 19 * g6; - int32_t g7_19 = 19 * g7; - int32_t g8_19 = 19 * g8; - int32_t g9_19 = 19 * g9; - int32_t f1_2 = 2 * f1; - int32_t f3_2 = 2 * f3; - int32_t f5_2 = 2 * f5; - int32_t f7_2 = 2 * f7; - int32_t f9_2 = 2 * f9; - int64_t f0g0 = f0 * (int64_t) g0; - int64_t f0g1 = f0 * (int64_t) g1; - int64_t f0g2 = f0 * (int64_t) g2; - int64_t f0g3 = f0 * (int64_t) g3; - int64_t f0g4 = f0 * (int64_t) g4; - int64_t f0g5 = f0 * (int64_t) g5; - int64_t f0g6 = f0 * (int64_t) g6; - int64_t f0g7 = f0 * (int64_t) g7; - int64_t f0g8 = f0 * (int64_t) g8; - int64_t f0g9 = f0 * (int64_t) g9; - int64_t f1g0 = f1 * (int64_t) g0; - int64_t f1g1_2 = f1_2 * (int64_t) g1; - int64_t f1g2 = f1 * (int64_t) g2; - int64_t f1g3_2 = f1_2 * (int64_t) g3; - int64_t f1g4 = f1 * (int64_t) g4; - int64_t f1g5_2 = f1_2 * (int64_t) g5; - int64_t f1g6 = f1 * (int64_t) g6; - int64_t f1g7_2 = f1_2 * (int64_t) g7; - int64_t f1g8 = f1 * (int64_t) g8; - int64_t f1g9_38 = f1_2 * (int64_t) g9_19; - int64_t f2g0 = f2 * (int64_t) g0; - int64_t f2g1 = f2 * (int64_t) g1; - int64_t f2g2 = f2 * (int64_t) g2; - int64_t f2g3 = f2 * (int64_t) g3; - int64_t f2g4 = f2 * (int64_t) g4; - int64_t f2g5 = f2 * (int64_t) g5; - int64_t f2g6 = f2 * (int64_t) g6; - int64_t f2g7 = f2 * (int64_t) g7; - int64_t f2g8_19 = f2 * (int64_t) g8_19; - int64_t f2g9_19 = f2 * (int64_t) g9_19; - int64_t f3g0 = f3 * (int64_t) g0; - int64_t f3g1_2 = f3_2 * (int64_t) g1; - int64_t f3g2 = f3 * (int64_t) g2; - int64_t f3g3_2 = f3_2 * (int64_t) g3; - int64_t f3g4 = f3 * (int64_t) g4; - int64_t f3g5_2 = f3_2 * (int64_t) g5; - int64_t f3g6 = f3 * (int64_t) g6; - int64_t f3g7_38 = f3_2 * (int64_t) g7_19; - int64_t f3g8_19 = f3 * (int64_t) g8_19; - int64_t f3g9_38 = f3_2 * (int64_t) g9_19; - int64_t f4g0 = f4 * (int64_t) g0; - int64_t f4g1 = f4 * (int64_t) g1; - int64_t f4g2 = f4 * (int64_t) g2; - int64_t f4g3 = f4 * (int64_t) g3; - int64_t f4g4 = f4 * (int64_t) g4; - int64_t f4g5 = f4 * (int64_t) g5; - int64_t f4g6_19 = f4 * (int64_t) g6_19; - int64_t f4g7_19 = f4 * (int64_t) g7_19; - int64_t f4g8_19 = f4 * (int64_t) g8_19; - int64_t f4g9_19 = f4 * (int64_t) g9_19; - int64_t f5g0 = f5 * (int64_t) g0; - int64_t f5g1_2 = f5_2 * (int64_t) g1; - int64_t f5g2 = f5 * (int64_t) g2; - int64_t f5g3_2 = f5_2 * (int64_t) g3; - int64_t f5g4 = f5 * (int64_t) g4; - int64_t f5g5_38 = f5_2 * (int64_t) g5_19; - int64_t f5g6_19 = f5 * (int64_t) g6_19; - int64_t f5g7_38 = f5_2 * (int64_t) g7_19; - int64_t f5g8_19 = f5 * (int64_t) g8_19; - int64_t f5g9_38 = f5_2 * (int64_t) g9_19; - int64_t f6g0 = f6 * (int64_t) g0; - int64_t f6g1 = f6 * (int64_t) g1; - int64_t f6g2 = f6 * (int64_t) g2; - int64_t f6g3 = f6 * (int64_t) g3; - int64_t f6g4_19 = f6 * (int64_t) g4_19; - int64_t f6g5_19 = f6 * (int64_t) g5_19; - int64_t f6g6_19 = f6 * (int64_t) g6_19; - int64_t f6g7_19 = f6 * (int64_t) g7_19; - int64_t f6g8_19 = f6 * (int64_t) g8_19; - int64_t f6g9_19 = f6 * (int64_t) g9_19; - int64_t f7g0 = f7 * (int64_t) g0; - int64_t f7g1_2 = f7_2 * (int64_t) g1; - int64_t f7g2 = f7 * (int64_t) g2; - int64_t f7g3_38 = f7_2 * (int64_t) g3_19; - int64_t f7g4_19 = f7 * (int64_t) g4_19; - int64_t f7g5_38 = f7_2 * (int64_t) g5_19; - int64_t f7g6_19 = f7 * (int64_t) g6_19; - int64_t f7g7_38 = f7_2 * (int64_t) g7_19; - int64_t f7g8_19 = f7 * (int64_t) g8_19; - int64_t f7g9_38 = f7_2 * (int64_t) g9_19; - int64_t f8g0 = f8 * (int64_t) g0; - int64_t f8g1 = f8 * (int64_t) g1; - int64_t f8g2_19 = f8 * (int64_t) g2_19; - int64_t f8g3_19 = f8 * (int64_t) g3_19; - int64_t f8g4_19 = f8 * (int64_t) g4_19; - int64_t f8g5_19 = f8 * (int64_t) g5_19; - int64_t f8g6_19 = f8 * (int64_t) g6_19; - int64_t f8g7_19 = f8 * (int64_t) g7_19; - int64_t f8g8_19 = f8 * (int64_t) g8_19; - int64_t f8g9_19 = f8 * (int64_t) g9_19; - int64_t f9g0 = f9 * (int64_t) g0; - int64_t f9g1_38 = f9_2 * (int64_t) g1_19; - int64_t f9g2_19 = f9 * (int64_t) g2_19; - int64_t f9g3_38 = f9_2 * (int64_t) g3_19; - int64_t f9g4_19 = f9 * (int64_t) g4_19; - int64_t f9g5_38 = f9_2 * (int64_t) g5_19; - int64_t f9g6_19 = f9 * (int64_t) g6_19; - int64_t f9g7_38 = f9_2 * (int64_t) g7_19; - int64_t f9g8_19 = f9 * (int64_t) g8_19; - int64_t f9g9_38 = f9_2 * (int64_t) g9_19; - int64_t h0 = f0g0+f1g9_38+f2g8_19+f3g7_38+f4g6_19+f5g5_38+f6g4_19+f7g3_38+f8g2_19+f9g1_38; - int64_t h1 = f0g1+f1g0 +f2g9_19+f3g8_19+f4g7_19+f5g6_19+f6g5_19+f7g4_19+f8g3_19+f9g2_19; - int64_t h2 = f0g2+f1g1_2 +f2g0 +f3g9_38+f4g8_19+f5g7_38+f6g6_19+f7g5_38+f8g4_19+f9g3_38; - int64_t h3 = f0g3+f1g2 +f2g1 +f3g0 +f4g9_19+f5g8_19+f6g7_19+f7g6_19+f8g5_19+f9g4_19; - int64_t h4 = f0g4+f1g3_2 +f2g2 +f3g1_2 +f4g0 +f5g9_38+f6g8_19+f7g7_38+f8g6_19+f9g5_38; - int64_t h5 = f0g5+f1g4 +f2g3 +f3g2 +f4g1 +f5g0 +f6g9_19+f7g8_19+f8g7_19+f9g6_19; - int64_t h6 = f0g6+f1g5_2 +f2g4 +f3g3_2 +f4g2 +f5g1_2 +f6g0 +f7g9_38+f8g8_19+f9g7_38; - int64_t h7 = f0g7+f1g6 +f2g5 +f3g4 +f4g3 +f5g2 +f6g1 +f7g0 +f8g9_19+f9g8_19; - int64_t h8 = f0g8+f1g7_2 +f2g6 +f3g5_2 +f4g4 +f5g3_2 +f6g2 +f7g1_2 +f8g0 +f9g9_38; - int64_t h9 = f0g9+f1g8 +f2g7 +f3g6 +f4g5 +f5g4 +f6g3 +f7g2 +f8g1 +f9g0 ; - int64_t carry0; - int64_t carry1; - int64_t carry2; - int64_t carry3; - int64_t carry4; - int64_t carry5; - int64_t carry6; - int64_t carry7; - int64_t carry8; - int64_t carry9; - - /* |h0| <= (1.65*1.65*2^52*(1+19+19+19+19)+1.65*1.65*2^50*(38+38+38+38+38)) - * i.e. |h0| <= 1.4*2^60; narrower ranges for h2, h4, h6, h8 - * |h1| <= (1.65*1.65*2^51*(1+1+19+19+19+19+19+19+19+19)) - * i.e. |h1| <= 1.7*2^59; narrower ranges for h3, h5, h7, h9 */ - - carry0 = h0 + (1 << 25); h1 += carry0 >> 26; h0 -= carry0 & kTop38Bits; - carry4 = h4 + (1 << 25); h5 += carry4 >> 26; h4 -= carry4 & kTop38Bits; - /* |h0| <= 2^25 */ - /* |h4| <= 2^25 */ - /* |h1| <= 1.71*2^59 */ - /* |h5| <= 1.71*2^59 */ - - carry1 = h1 + (1 << 24); h2 += carry1 >> 25; h1 -= carry1 & kTop39Bits; - carry5 = h5 + (1 << 24); h6 += carry5 >> 25; h5 -= carry5 & kTop39Bits; - /* |h1| <= 2^24; from now on fits into int32 */ - /* |h5| <= 2^24; from now on fits into int32 */ - /* |h2| <= 1.41*2^60 */ - /* |h6| <= 1.41*2^60 */ - - carry2 = h2 + (1 << 25); h3 += carry2 >> 26; h2 -= carry2 & kTop38Bits; - carry6 = h6 + (1 << 25); h7 += carry6 >> 26; h6 -= carry6 & kTop38Bits; - /* |h2| <= 2^25; from now on fits into int32 unchanged */ - /* |h6| <= 2^25; from now on fits into int32 unchanged */ - /* |h3| <= 1.71*2^59 */ - /* |h7| <= 1.71*2^59 */ - - carry3 = h3 + (1 << 24); h4 += carry3 >> 25; h3 -= carry3 & kTop39Bits; - carry7 = h7 + (1 << 24); h8 += carry7 >> 25; h7 -= carry7 & kTop39Bits; - /* |h3| <= 2^24; from now on fits into int32 unchanged */ - /* |h7| <= 2^24; from now on fits into int32 unchanged */ - /* |h4| <= 1.72*2^34 */ - /* |h8| <= 1.41*2^60 */ - - carry4 = h4 + (1 << 25); h5 += carry4 >> 26; h4 -= carry4 & kTop38Bits; - carry8 = h8 + (1 << 25); h9 += carry8 >> 26; h8 -= carry8 & kTop38Bits; - /* |h4| <= 2^25; from now on fits into int32 unchanged */ - /* |h8| <= 2^25; from now on fits into int32 unchanged */ - /* |h5| <= 1.01*2^24 */ - /* |h9| <= 1.71*2^59 */ - - carry9 = h9 + (1 << 24); h0 += (carry9 >> 25) * 19; h9 -= carry9 & kTop39Bits; - /* |h9| <= 2^24; from now on fits into int32 unchanged */ - /* |h0| <= 1.1*2^39 */ - - carry0 = h0 + (1 << 25); h1 += carry0 >> 26; h0 -= carry0 & kTop38Bits; - /* |h0| <= 2^25; from now on fits into int32 unchanged */ - /* |h1| <= 1.01*2^24 */ - - h[0] = h0; - h[1] = h1; - h[2] = h2; - h[3] = h3; - h[4] = h4; - h[5] = h5; - h[6] = h6; - h[7] = h7; - h[8] = h8; - h[9] = h9; -} - -/* h = f * f - * Can overlap h with f. - * - * Preconditions: - * |f| bounded by 1.65*2^26,1.65*2^25,1.65*2^26,1.65*2^25,etc. - * - * Postconditions: - * |h| bounded by 1.01*2^25,1.01*2^24,1.01*2^25,1.01*2^24,etc. - * - * See fe_mul.c for discussion of implementation strategy. */ -static void fe_sq(fe h, const fe f) { - int32_t f0 = f[0]; - int32_t f1 = f[1]; - int32_t f2 = f[2]; - int32_t f3 = f[3]; - int32_t f4 = f[4]; - int32_t f5 = f[5]; - int32_t f6 = f[6]; - int32_t f7 = f[7]; - int32_t f8 = f[8]; - int32_t f9 = f[9]; - int32_t f0_2 = 2 * f0; - int32_t f1_2 = 2 * f1; - int32_t f2_2 = 2 * f2; - int32_t f3_2 = 2 * f3; - int32_t f4_2 = 2 * f4; - int32_t f5_2 = 2 * f5; - int32_t f6_2 = 2 * f6; - int32_t f7_2 = 2 * f7; - int32_t f5_38 = 38 * f5; /* 1.959375*2^30 */ - int32_t f6_19 = 19 * f6; /* 1.959375*2^30 */ - int32_t f7_38 = 38 * f7; /* 1.959375*2^30 */ - int32_t f8_19 = 19 * f8; /* 1.959375*2^30 */ - int32_t f9_38 = 38 * f9; /* 1.959375*2^30 */ - int64_t f0f0 = f0 * (int64_t) f0; - int64_t f0f1_2 = f0_2 * (int64_t) f1; - int64_t f0f2_2 = f0_2 * (int64_t) f2; - int64_t f0f3_2 = f0_2 * (int64_t) f3; - int64_t f0f4_2 = f0_2 * (int64_t) f4; - int64_t f0f5_2 = f0_2 * (int64_t) f5; - int64_t f0f6_2 = f0_2 * (int64_t) f6; - int64_t f0f7_2 = f0_2 * (int64_t) f7; - int64_t f0f8_2 = f0_2 * (int64_t) f8; - int64_t f0f9_2 = f0_2 * (int64_t) f9; - int64_t f1f1_2 = f1_2 * (int64_t) f1; - int64_t f1f2_2 = f1_2 * (int64_t) f2; - int64_t f1f3_4 = f1_2 * (int64_t) f3_2; - int64_t f1f4_2 = f1_2 * (int64_t) f4; - int64_t f1f5_4 = f1_2 * (int64_t) f5_2; - int64_t f1f6_2 = f1_2 * (int64_t) f6; - int64_t f1f7_4 = f1_2 * (int64_t) f7_2; - int64_t f1f8_2 = f1_2 * (int64_t) f8; - int64_t f1f9_76 = f1_2 * (int64_t) f9_38; - int64_t f2f2 = f2 * (int64_t) f2; - int64_t f2f3_2 = f2_2 * (int64_t) f3; - int64_t f2f4_2 = f2_2 * (int64_t) f4; - int64_t f2f5_2 = f2_2 * (int64_t) f5; - int64_t f2f6_2 = f2_2 * (int64_t) f6; - int64_t f2f7_2 = f2_2 * (int64_t) f7; - int64_t f2f8_38 = f2_2 * (int64_t) f8_19; - int64_t f2f9_38 = f2 * (int64_t) f9_38; - int64_t f3f3_2 = f3_2 * (int64_t) f3; - int64_t f3f4_2 = f3_2 * (int64_t) f4; - int64_t f3f5_4 = f3_2 * (int64_t) f5_2; - int64_t f3f6_2 = f3_2 * (int64_t) f6; - int64_t f3f7_76 = f3_2 * (int64_t) f7_38; - int64_t f3f8_38 = f3_2 * (int64_t) f8_19; - int64_t f3f9_76 = f3_2 * (int64_t) f9_38; - int64_t f4f4 = f4 * (int64_t) f4; - int64_t f4f5_2 = f4_2 * (int64_t) f5; - int64_t f4f6_38 = f4_2 * (int64_t) f6_19; - int64_t f4f7_38 = f4 * (int64_t) f7_38; - int64_t f4f8_38 = f4_2 * (int64_t) f8_19; - int64_t f4f9_38 = f4 * (int64_t) f9_38; - int64_t f5f5_38 = f5 * (int64_t) f5_38; - int64_t f5f6_38 = f5_2 * (int64_t) f6_19; - int64_t f5f7_76 = f5_2 * (int64_t) f7_38; - int64_t f5f8_38 = f5_2 * (int64_t) f8_19; - int64_t f5f9_76 = f5_2 * (int64_t) f9_38; - int64_t f6f6_19 = f6 * (int64_t) f6_19; - int64_t f6f7_38 = f6 * (int64_t) f7_38; - int64_t f6f8_38 = f6_2 * (int64_t) f8_19; - int64_t f6f9_38 = f6 * (int64_t) f9_38; - int64_t f7f7_38 = f7 * (int64_t) f7_38; - int64_t f7f8_38 = f7_2 * (int64_t) f8_19; - int64_t f7f9_76 = f7_2 * (int64_t) f9_38; - int64_t f8f8_19 = f8 * (int64_t) f8_19; - int64_t f8f9_38 = f8 * (int64_t) f9_38; - int64_t f9f9_38 = f9 * (int64_t) f9_38; - int64_t h0 = f0f0 +f1f9_76+f2f8_38+f3f7_76+f4f6_38+f5f5_38; - int64_t h1 = f0f1_2+f2f9_38+f3f8_38+f4f7_38+f5f6_38; - int64_t h2 = f0f2_2+f1f1_2 +f3f9_76+f4f8_38+f5f7_76+f6f6_19; - int64_t h3 = f0f3_2+f1f2_2 +f4f9_38+f5f8_38+f6f7_38; - int64_t h4 = f0f4_2+f1f3_4 +f2f2 +f5f9_76+f6f8_38+f7f7_38; - int64_t h5 = f0f5_2+f1f4_2 +f2f3_2 +f6f9_38+f7f8_38; - int64_t h6 = f0f6_2+f1f5_4 +f2f4_2 +f3f3_2 +f7f9_76+f8f8_19; - int64_t h7 = f0f7_2+f1f6_2 +f2f5_2 +f3f4_2 +f8f9_38; - int64_t h8 = f0f8_2+f1f7_4 +f2f6_2 +f3f5_4 +f4f4 +f9f9_38; - int64_t h9 = f0f9_2+f1f8_2 +f2f7_2 +f3f6_2 +f4f5_2; - int64_t carry0; - int64_t carry1; - int64_t carry2; - int64_t carry3; - int64_t carry4; - int64_t carry5; - int64_t carry6; - int64_t carry7; - int64_t carry8; - int64_t carry9; - - carry0 = h0 + (1 << 25); h1 += carry0 >> 26; h0 -= carry0 & kTop38Bits; - carry4 = h4 + (1 << 25); h5 += carry4 >> 26; h4 -= carry4 & kTop38Bits; - - carry1 = h1 + (1 << 24); h2 += carry1 >> 25; h1 -= carry1 & kTop39Bits; - carry5 = h5 + (1 << 24); h6 += carry5 >> 25; h5 -= carry5 & kTop39Bits; - - carry2 = h2 + (1 << 25); h3 += carry2 >> 26; h2 -= carry2 & kTop38Bits; - carry6 = h6 + (1 << 25); h7 += carry6 >> 26; h6 -= carry6 & kTop38Bits; - - carry3 = h3 + (1 << 24); h4 += carry3 >> 25; h3 -= carry3 & kTop39Bits; - carry7 = h7 + (1 << 24); h8 += carry7 >> 25; h7 -= carry7 & kTop39Bits; - - carry4 = h4 + (1 << 25); h5 += carry4 >> 26; h4 -= carry4 & kTop38Bits; - carry8 = h8 + (1 << 25); h9 += carry8 >> 26; h8 -= carry8 & kTop38Bits; - - carry9 = h9 + (1 << 24); h0 += (carry9 >> 25) * 19; h9 -= carry9 & kTop39Bits; - - carry0 = h0 + (1 << 25); h1 += carry0 >> 26; h0 -= carry0 & kTop38Bits; - - h[0] = h0; - h[1] = h1; - h[2] = h2; - h[3] = h3; - h[4] = h4; - h[5] = h5; - h[6] = h6; - h[7] = h7; - h[8] = h8; - h[9] = h9; -} - -static void fe_invert(fe out, const fe z) { - fe t0; - fe t1; - fe t2; - fe t3; - int i; - - fe_sq(t0, z); - fe_sq(t1, t0); - for (i = 1; i < 2; ++i) { - fe_sq(t1, t1); - } - fe_mul(t1, z, t1); - fe_mul(t0, t0, t1); - fe_sq(t2, t0); - fe_mul(t1, t1, t2); - fe_sq(t2, t1); - for (i = 1; i < 5; ++i) { - fe_sq(t2, t2); - } - fe_mul(t1, t2, t1); - fe_sq(t2, t1); - for (i = 1; i < 10; ++i) { - fe_sq(t2, t2); - } - fe_mul(t2, t2, t1); - fe_sq(t3, t2); - for (i = 1; i < 20; ++i) { - fe_sq(t3, t3); - } - fe_mul(t2, t3, t2); - fe_sq(t2, t2); - for (i = 1; i < 10; ++i) { - fe_sq(t2, t2); - } - fe_mul(t1, t2, t1); - fe_sq(t2, t1); - for (i = 1; i < 50; ++i) { - fe_sq(t2, t2); - } - fe_mul(t2, t2, t1); - fe_sq(t3, t2); - for (i = 1; i < 100; ++i) { - fe_sq(t3, t3); - } - fe_mul(t2, t3, t2); - fe_sq(t2, t2); - for (i = 1; i < 50; ++i) { - fe_sq(t2, t2); - } - fe_mul(t1, t2, t1); - fe_sq(t1, t1); - for (i = 1; i < 5; ++i) { - fe_sq(t1, t1); - } - fe_mul(out, t1, t0); -} - -/* h = -f - * - * Preconditions: - * |f| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc. - * - * Postconditions: - * |h| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc. */ -static void fe_neg(fe h, const fe f) { - unsigned i; - for (i = 0; i < 10; i++) { - h[i] = -f[i]; - } -} - -/* Replace (f,g) with (g,g) if b == 1; - * replace (f,g) with (f,g) if b == 0. - * - * Preconditions: b in {0,1}. */ -static void fe_cmov(fe f, const fe g, unsigned b) { - b = 0-b; - unsigned i; - for (i = 0; i < 10; i++) { - int32_t x = f[i] ^ g[i]; - x &= b; - f[i] ^= x; - } -} - -/* return 0 if f == 0 - * return 1 if f != 0 - * - * Preconditions: - * |f| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc. */ -static int fe_isnonzero(const fe f) { - uint8_t s[32]; - fe_tobytes(s, f); - - static const uint8_t zero[32] = {0}; - return timingsafe_memcmp(s, zero, sizeof(zero)) != 0; -} - -/* return 1 if f is in {1,3,5,...,q-2} - * return 0 if f is in {0,2,4,...,q-1} - * - * Preconditions: - * |f| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc. */ -static int fe_isnegative(const fe f) { - uint8_t s[32]; - fe_tobytes(s, f); - return s[0] & 1; -} - -/* h = 2 * f * f - * Can overlap h with f. - * - * Preconditions: - * |f| bounded by 1.65*2^26,1.65*2^25,1.65*2^26,1.65*2^25,etc. - * - * Postconditions: - * |h| bounded by 1.01*2^25,1.01*2^24,1.01*2^25,1.01*2^24,etc. - * - * See fe_mul.c for discussion of implementation strategy. */ -static void fe_sq2(fe h, const fe f) { - int32_t f0 = f[0]; - int32_t f1 = f[1]; - int32_t f2 = f[2]; - int32_t f3 = f[3]; - int32_t f4 = f[4]; - int32_t f5 = f[5]; - int32_t f6 = f[6]; - int32_t f7 = f[7]; - int32_t f8 = f[8]; - int32_t f9 = f[9]; - int32_t f0_2 = 2 * f0; - int32_t f1_2 = 2 * f1; - int32_t f2_2 = 2 * f2; - int32_t f3_2 = 2 * f3; - int32_t f4_2 = 2 * f4; - int32_t f5_2 = 2 * f5; - int32_t f6_2 = 2 * f6; - int32_t f7_2 = 2 * f7; - int32_t f5_38 = 38 * f5; /* 1.959375*2^30 */ - int32_t f6_19 = 19 * f6; /* 1.959375*2^30 */ - int32_t f7_38 = 38 * f7; /* 1.959375*2^30 */ - int32_t f8_19 = 19 * f8; /* 1.959375*2^30 */ - int32_t f9_38 = 38 * f9; /* 1.959375*2^30 */ - int64_t f0f0 = f0 * (int64_t) f0; - int64_t f0f1_2 = f0_2 * (int64_t) f1; - int64_t f0f2_2 = f0_2 * (int64_t) f2; - int64_t f0f3_2 = f0_2 * (int64_t) f3; - int64_t f0f4_2 = f0_2 * (int64_t) f4; - int64_t f0f5_2 = f0_2 * (int64_t) f5; - int64_t f0f6_2 = f0_2 * (int64_t) f6; - int64_t f0f7_2 = f0_2 * (int64_t) f7; - int64_t f0f8_2 = f0_2 * (int64_t) f8; - int64_t f0f9_2 = f0_2 * (int64_t) f9; - int64_t f1f1_2 = f1_2 * (int64_t) f1; - int64_t f1f2_2 = f1_2 * (int64_t) f2; - int64_t f1f3_4 = f1_2 * (int64_t) f3_2; - int64_t f1f4_2 = f1_2 * (int64_t) f4; - int64_t f1f5_4 = f1_2 * (int64_t) f5_2; - int64_t f1f6_2 = f1_2 * (int64_t) f6; - int64_t f1f7_4 = f1_2 * (int64_t) f7_2; - int64_t f1f8_2 = f1_2 * (int64_t) f8; - int64_t f1f9_76 = f1_2 * (int64_t) f9_38; - int64_t f2f2 = f2 * (int64_t) f2; - int64_t f2f3_2 = f2_2 * (int64_t) f3; - int64_t f2f4_2 = f2_2 * (int64_t) f4; - int64_t f2f5_2 = f2_2 * (int64_t) f5; - int64_t f2f6_2 = f2_2 * (int64_t) f6; - int64_t f2f7_2 = f2_2 * (int64_t) f7; - int64_t f2f8_38 = f2_2 * (int64_t) f8_19; - int64_t f2f9_38 = f2 * (int64_t) f9_38; - int64_t f3f3_2 = f3_2 * (int64_t) f3; - int64_t f3f4_2 = f3_2 * (int64_t) f4; - int64_t f3f5_4 = f3_2 * (int64_t) f5_2; - int64_t f3f6_2 = f3_2 * (int64_t) f6; - int64_t f3f7_76 = f3_2 * (int64_t) f7_38; - int64_t f3f8_38 = f3_2 * (int64_t) f8_19; - int64_t f3f9_76 = f3_2 * (int64_t) f9_38; - int64_t f4f4 = f4 * (int64_t) f4; - int64_t f4f5_2 = f4_2 * (int64_t) f5; - int64_t f4f6_38 = f4_2 * (int64_t) f6_19; - int64_t f4f7_38 = f4 * (int64_t) f7_38; - int64_t f4f8_38 = f4_2 * (int64_t) f8_19; - int64_t f4f9_38 = f4 * (int64_t) f9_38; - int64_t f5f5_38 = f5 * (int64_t) f5_38; - int64_t f5f6_38 = f5_2 * (int64_t) f6_19; - int64_t f5f7_76 = f5_2 * (int64_t) f7_38; - int64_t f5f8_38 = f5_2 * (int64_t) f8_19; - int64_t f5f9_76 = f5_2 * (int64_t) f9_38; - int64_t f6f6_19 = f6 * (int64_t) f6_19; - int64_t f6f7_38 = f6 * (int64_t) f7_38; - int64_t f6f8_38 = f6_2 * (int64_t) f8_19; - int64_t f6f9_38 = f6 * (int64_t) f9_38; - int64_t f7f7_38 = f7 * (int64_t) f7_38; - int64_t f7f8_38 = f7_2 * (int64_t) f8_19; - int64_t f7f9_76 = f7_2 * (int64_t) f9_38; - int64_t f8f8_19 = f8 * (int64_t) f8_19; - int64_t f8f9_38 = f8 * (int64_t) f9_38; - int64_t f9f9_38 = f9 * (int64_t) f9_38; - int64_t h0 = f0f0 +f1f9_76+f2f8_38+f3f7_76+f4f6_38+f5f5_38; - int64_t h1 = f0f1_2+f2f9_38+f3f8_38+f4f7_38+f5f6_38; - int64_t h2 = f0f2_2+f1f1_2 +f3f9_76+f4f8_38+f5f7_76+f6f6_19; - int64_t h3 = f0f3_2+f1f2_2 +f4f9_38+f5f8_38+f6f7_38; - int64_t h4 = f0f4_2+f1f3_4 +f2f2 +f5f9_76+f6f8_38+f7f7_38; - int64_t h5 = f0f5_2+f1f4_2 +f2f3_2 +f6f9_38+f7f8_38; - int64_t h6 = f0f6_2+f1f5_4 +f2f4_2 +f3f3_2 +f7f9_76+f8f8_19; - int64_t h7 = f0f7_2+f1f6_2 +f2f5_2 +f3f4_2 +f8f9_38; - int64_t h8 = f0f8_2+f1f7_4 +f2f6_2 +f3f5_4 +f4f4 +f9f9_38; - int64_t h9 = f0f9_2+f1f8_2 +f2f7_2 +f3f6_2 +f4f5_2; - int64_t carry0; - int64_t carry1; - int64_t carry2; - int64_t carry3; - int64_t carry4; - int64_t carry5; - int64_t carry6; - int64_t carry7; - int64_t carry8; - int64_t carry9; - - h0 += h0; - h1 += h1; - h2 += h2; - h3 += h3; - h4 += h4; - h5 += h5; - h6 += h6; - h7 += h7; - h8 += h8; - h9 += h9; - - carry0 = h0 + (1 << 25); h1 += carry0 >> 26; h0 -= carry0 & kTop38Bits; - carry4 = h4 + (1 << 25); h5 += carry4 >> 26; h4 -= carry4 & kTop38Bits; - - carry1 = h1 + (1 << 24); h2 += carry1 >> 25; h1 -= carry1 & kTop39Bits; - carry5 = h5 + (1 << 24); h6 += carry5 >> 25; h5 -= carry5 & kTop39Bits; - - carry2 = h2 + (1 << 25); h3 += carry2 >> 26; h2 -= carry2 & kTop38Bits; - carry6 = h6 + (1 << 25); h7 += carry6 >> 26; h6 -= carry6 & kTop38Bits; - - carry3 = h3 + (1 << 24); h4 += carry3 >> 25; h3 -= carry3 & kTop39Bits; - carry7 = h7 + (1 << 24); h8 += carry7 >> 25; h7 -= carry7 & kTop39Bits; - - carry4 = h4 + (1 << 25); h5 += carry4 >> 26; h4 -= carry4 & kTop38Bits; - carry8 = h8 + (1 << 25); h9 += carry8 >> 26; h8 -= carry8 & kTop38Bits; - - carry9 = h9 + (1 << 24); h0 += (carry9 >> 25) * 19; h9 -= carry9 & kTop39Bits; - - carry0 = h0 + (1 << 25); h1 += carry0 >> 26; h0 -= carry0 & kTop38Bits; - - h[0] = h0; - h[1] = h1; - h[2] = h2; - h[3] = h3; - h[4] = h4; - h[5] = h5; - h[6] = h6; - h[7] = h7; - h[8] = h8; - h[9] = h9; -} - -static void fe_pow22523(fe out, const fe z) { - fe t0; - fe t1; - fe t2; - int i; - - fe_sq(t0, z); - fe_sq(t1, t0); - for (i = 1; i < 2; ++i) { - fe_sq(t1, t1); - } - fe_mul(t1, z, t1); - fe_mul(t0, t0, t1); - fe_sq(t0, t0); - fe_mul(t0, t1, t0); - fe_sq(t1, t0); - for (i = 1; i < 5; ++i) { - fe_sq(t1, t1); - } - fe_mul(t0, t1, t0); - fe_sq(t1, t0); - for (i = 1; i < 10; ++i) { - fe_sq(t1, t1); - } - fe_mul(t1, t1, t0); - fe_sq(t2, t1); - for (i = 1; i < 20; ++i) { - fe_sq(t2, t2); - } - fe_mul(t1, t2, t1); - fe_sq(t1, t1); - for (i = 1; i < 10; ++i) { - fe_sq(t1, t1); - } - fe_mul(t0, t1, t0); - fe_sq(t1, t0); - for (i = 1; i < 50; ++i) { - fe_sq(t1, t1); - } - fe_mul(t1, t1, t0); - fe_sq(t2, t1); - for (i = 1; i < 100; ++i) { - fe_sq(t2, t2); - } - fe_mul(t1, t2, t1); - fe_sq(t1, t1); - for (i = 1; i < 50; ++i) { - fe_sq(t1, t1); - } - fe_mul(t0, t1, t0); - fe_sq(t0, t0); - for (i = 1; i < 2; ++i) { - fe_sq(t0, t0); - } - fe_mul(out, t0, z); -} - -void x25519_ge_tobytes(uint8_t *s, const ge_p2 *h) { - fe recip; - fe x; - fe y; - - fe_invert(recip, h->Z); - fe_mul(x, h->X, recip); - fe_mul(y, h->Y, recip); - fe_tobytes(s, y); - s[31] ^= fe_isnegative(x) << 7; -} - -static void ge_p3_tobytes(uint8_t *s, const ge_p3 *h) { - fe recip; - fe x; - fe y; - - fe_invert(recip, h->Z); - fe_mul(x, h->X, recip); - fe_mul(y, h->Y, recip); - fe_tobytes(s, y); - s[31] ^= fe_isnegative(x) << 7; -} - -static const fe d = {-10913610, 13857413, -15372611, 6949391, 114729, - -8787816, -6275908, -3247719, -18696448, -12055116}; - -static const fe sqrtm1 = {-32595792, -7943725, 9377950, 3500415, 12389472, - -272473, -25146209, -2005654, 326686, 11406482}; - -int x25519_ge_frombytes_vartime(ge_p3 *h, const uint8_t *s) { - fe u; - fe v; - fe v3; - fe vxx; - fe check; - - fe_frombytes(h->Y, s); - fe_1(h->Z); - fe_sq(u, h->Y); - fe_mul(v, u, d); - fe_sub(u, u, h->Z); /* u = y^2-1 */ - fe_add(v, v, h->Z); /* v = dy^2+1 */ - - fe_sq(v3, v); - fe_mul(v3, v3, v); /* v3 = v^3 */ - fe_sq(h->X, v3); - fe_mul(h->X, h->X, v); - fe_mul(h->X, h->X, u); /* x = uv^7 */ - - fe_pow22523(h->X, h->X); /* x = (uv^7)^((q-5)/8) */ - fe_mul(h->X, h->X, v3); - fe_mul(h->X, h->X, u); /* x = uv^3(uv^7)^((q-5)/8) */ - - fe_sq(vxx, h->X); - fe_mul(vxx, vxx, v); - fe_sub(check, vxx, u); /* vx^2-u */ - if (fe_isnonzero(check)) { - fe_add(check, vxx, u); /* vx^2+u */ - if (fe_isnonzero(check)) { - return -1; - } - fe_mul(h->X, h->X, sqrtm1); - } - - if (fe_isnegative(h->X) != (s[31] >> 7)) { - fe_neg(h->X, h->X); - } - - fe_mul(h->T, h->X, h->Y); - return 0; -} - -static void ge_p2_0(ge_p2 *h) { - fe_0(h->X); - fe_1(h->Y); - fe_1(h->Z); -} - -static void ge_p3_0(ge_p3 *h) { - fe_0(h->X); - fe_1(h->Y); - fe_1(h->Z); - fe_0(h->T); -} - -static void ge_cached_0(ge_cached *h) { - fe_1(h->YplusX); - fe_1(h->YminusX); - fe_1(h->Z); - fe_0(h->T2d); -} - -static void ge_precomp_0(ge_precomp *h) { - fe_1(h->yplusx); - fe_1(h->yminusx); - fe_0(h->xy2d); -} - -/* r = p */ -static void ge_p3_to_p2(ge_p2 *r, const ge_p3 *p) { - fe_copy(r->X, p->X); - fe_copy(r->Y, p->Y); - fe_copy(r->Z, p->Z); -} - -static const fe d2 = {-21827239, -5839606, -30745221, 13898782, 229458, - 15978800, -12551817, -6495438, 29715968, 9444199}; - -/* r = p */ -void x25519_ge_p3_to_cached(ge_cached *r, const ge_p3 *p) { - fe_add(r->YplusX, p->Y, p->X); - fe_sub(r->YminusX, p->Y, p->X); - fe_copy(r->Z, p->Z); - fe_mul(r->T2d, p->T, d2); -} - -/* r = p */ -void x25519_ge_p1p1_to_p2(ge_p2 *r, const ge_p1p1 *p) { - fe_mul(r->X, p->X, p->T); - fe_mul(r->Y, p->Y, p->Z); - fe_mul(r->Z, p->Z, p->T); -} - -/* r = p */ -void x25519_ge_p1p1_to_p3(ge_p3 *r, const ge_p1p1 *p) { - fe_mul(r->X, p->X, p->T); - fe_mul(r->Y, p->Y, p->Z); - fe_mul(r->Z, p->Z, p->T); - fe_mul(r->T, p->X, p->Y); -} - -/* r = p */ -static void ge_p1p1_to_cached(ge_cached *r, const ge_p1p1 *p) { - ge_p3 t; - x25519_ge_p1p1_to_p3(&t, p); - x25519_ge_p3_to_cached(r, &t); -} - -/* r = 2 * p */ -static void ge_p2_dbl(ge_p1p1 *r, const ge_p2 *p) { - fe t0; - - fe_sq(r->X, p->X); - fe_sq(r->Z, p->Y); - fe_sq2(r->T, p->Z); - fe_add(r->Y, p->X, p->Y); - fe_sq(t0, r->Y); - fe_add(r->Y, r->Z, r->X); - fe_sub(r->Z, r->Z, r->X); - fe_sub(r->X, t0, r->Y); - fe_sub(r->T, r->T, r->Z); -} - -/* r = 2 * p */ -static void ge_p3_dbl(ge_p1p1 *r, const ge_p3 *p) { - ge_p2 q; - ge_p3_to_p2(&q, p); - ge_p2_dbl(r, &q); -} - -/* r = p + q */ -static void ge_madd(ge_p1p1 *r, const ge_p3 *p, const ge_precomp *q) { - fe t0; - - fe_add(r->X, p->Y, p->X); - fe_sub(r->Y, p->Y, p->X); - fe_mul(r->Z, r->X, q->yplusx); - fe_mul(r->Y, r->Y, q->yminusx); - fe_mul(r->T, q->xy2d, p->T); - fe_add(t0, p->Z, p->Z); - fe_sub(r->X, r->Z, r->Y); - fe_add(r->Y, r->Z, r->Y); - fe_add(r->Z, t0, r->T); - fe_sub(r->T, t0, r->T); -} - -/* r = p - q */ -static void ge_msub(ge_p1p1 *r, const ge_p3 *p, const ge_precomp *q) { - fe t0; - - fe_add(r->X, p->Y, p->X); - fe_sub(r->Y, p->Y, p->X); - fe_mul(r->Z, r->X, q->yminusx); - fe_mul(r->Y, r->Y, q->yplusx); - fe_mul(r->T, q->xy2d, p->T); - fe_add(t0, p->Z, p->Z); - fe_sub(r->X, r->Z, r->Y); - fe_add(r->Y, r->Z, r->Y); - fe_sub(r->Z, t0, r->T); - fe_add(r->T, t0, r->T); -} - -/* r = p + q */ -void x25519_ge_add(ge_p1p1 *r, const ge_p3 *p, const ge_cached *q) { - fe t0; - - fe_add(r->X, p->Y, p->X); - fe_sub(r->Y, p->Y, p->X); - fe_mul(r->Z, r->X, q->YplusX); - fe_mul(r->Y, r->Y, q->YminusX); - fe_mul(r->T, q->T2d, p->T); - fe_mul(r->X, p->Z, q->Z); - fe_add(t0, r->X, r->X); - fe_sub(r->X, r->Z, r->Y); - fe_add(r->Y, r->Z, r->Y); - fe_add(r->Z, t0, r->T); - fe_sub(r->T, t0, r->T); -} - -/* r = p - q */ -void x25519_ge_sub(ge_p1p1 *r, const ge_p3 *p, const ge_cached *q) { - fe t0; - - fe_add(r->X, p->Y, p->X); - fe_sub(r->Y, p->Y, p->X); - fe_mul(r->Z, r->X, q->YminusX); - fe_mul(r->Y, r->Y, q->YplusX); - fe_mul(r->T, q->T2d, p->T); - fe_mul(r->X, p->Z, q->Z); - fe_add(t0, r->X, r->X); - fe_sub(r->X, r->Z, r->Y); - fe_add(r->Y, r->Z, r->Y); - fe_sub(r->Z, t0, r->T); - fe_add(r->T, t0, r->T); -} - -static uint8_t equal(signed char b, signed char c) { - uint8_t ub = b; - uint8_t uc = c; - uint8_t x = ub ^ uc; /* 0: yes; 1..255: no */ - uint32_t y = x; /* 0: yes; 1..255: no */ - y -= 1; /* 4294967295: yes; 0..254: no */ - y >>= 31; /* 1: yes; 0: no */ - return y; -} - -static void cmov(ge_precomp *t, const ge_precomp *u, uint8_t b) { - fe_cmov(t->yplusx, u->yplusx, b); - fe_cmov(t->yminusx, u->yminusx, b); - fe_cmov(t->xy2d, u->xy2d, b); -} - -void x25519_ge_scalarmult_small_precomp( - ge_p3 *h, const uint8_t a[32], const uint8_t precomp_table[15 * 2 * 32]) { - /* precomp_table is first expanded into matching |ge_precomp| - * elements. */ - ge_precomp multiples[15]; - - unsigned i; - for (i = 0; i < 15; i++) { - const uint8_t *bytes = &precomp_table[i*(2 * 32)]; - fe x, y; - fe_frombytes(x, bytes); - fe_frombytes(y, bytes + 32); - - ge_precomp *out = &multiples[i]; - fe_add(out->yplusx, y, x); - fe_sub(out->yminusx, y, x); - fe_mul(out->xy2d, x, y); - fe_mul(out->xy2d, out->xy2d, d2); - } - - /* See the comment above |k25519SmallPrecomp| about the structure of the - * precomputed elements. This loop does 64 additions and 64 doublings to - * calculate the result. */ - ge_p3_0(h); - - for (i = 63; i < 64; i--) { - unsigned j; - signed char index = 0; - - for (j = 0; j < 4; j++) { - const uint8_t bit = 1 & (a[(8 * j) + (i / 8)] >> (i & 7)); - index |= (bit << j); - } - - ge_precomp e; - ge_precomp_0(&e); - - for (j = 1; j < 16; j++) { - cmov(&e, &multiples[j-1], equal(index, j)); - } - - ge_cached cached; - ge_p1p1 r; - x25519_ge_p3_to_cached(&cached, h); - x25519_ge_add(&r, h, &cached); - x25519_ge_p1p1_to_p3(h, &r); - - ge_madd(&r, h, &e); - x25519_ge_p1p1_to_p3(h, &r); - } -} - -#if defined(OPENSSL_SMALL) - -/* This block of code replaces the standard base-point table with a much smaller - * one. The standard table is 30,720 bytes while this one is just 960. - * - * This table contains 15 pairs of group elements, (x, y), where each field - * element is serialised with |fe_tobytes|. If |i| is the index of the group - * element then consider i+1 as a four-bit number: (iâ‚€, iâ‚, iâ‚‚, i₃) (where iâ‚€ - * is the most significant bit). The value of the group element is then: - * (i₀×2^192 + iâ‚×2^128 + i₂×2^64 + i₃)G, where G is the generator. */ -static const uint8_t k25519SmallPrecomp[15 * 2 * 32] = { - 0x1a, 0xd5, 0x25, 0x8f, 0x60, 0x2d, 0x56, 0xc9, 0xb2, 0xa7, 0x25, 0x95, - 0x60, 0xc7, 0x2c, 0x69, 0x5c, 0xdc, 0xd6, 0xfd, 0x31, 0xe2, 0xa4, 0xc0, - 0xfe, 0x53, 0x6e, 0xcd, 0xd3, 0x36, 0x69, 0x21, 0x58, 0x66, 0x66, 0x66, - 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, - 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, - 0x66, 0x66, 0x66, 0x66, 0x02, 0xa2, 0xed, 0xf4, 0x8f, 0x6b, 0x0b, 0x3e, - 0xeb, 0x35, 0x1a, 0xd5, 0x7e, 0xdb, 0x78, 0x00, 0x96, 0x8a, 0xa0, 0xb4, - 0xcf, 0x60, 0x4b, 0xd4, 0xd5, 0xf9, 0x2d, 0xbf, 0x88, 0xbd, 0x22, 0x62, - 0x13, 0x53, 0xe4, 0x82, 0x57, 0xfa, 0x1e, 0x8f, 0x06, 0x2b, 0x90, 0xba, - 0x08, 0xb6, 0x10, 0x54, 0x4f, 0x7c, 0x1b, 0x26, 0xed, 0xda, 0x6b, 0xdd, - 0x25, 0xd0, 0x4e, 0xea, 0x42, 0xbb, 0x25, 0x03, 0xa2, 0xfb, 0xcc, 0x61, - 0x67, 0x06, 0x70, 0x1a, 0xc4, 0x78, 0x3a, 0xff, 0x32, 0x62, 0xdd, 0x2c, - 0xab, 0x50, 0x19, 0x3b, 0xf2, 0x9b, 0x7d, 0xb8, 0xfd, 0x4f, 0x29, 0x9c, - 0xa7, 0x91, 0xba, 0x0e, 0x46, 0x5e, 0x51, 0xfe, 0x1d, 0xbf, 0xe5, 0xe5, - 0x9b, 0x95, 0x0d, 0x67, 0xf8, 0xd1, 0xb5, 0x5a, 0xa1, 0x93, 0x2c, 0xc3, - 0xde, 0x0e, 0x97, 0x85, 0x2d, 0x7f, 0xea, 0xab, 0x3e, 0x47, 0x30, 0x18, - 0x24, 0xe8, 0xb7, 0x60, 0xae, 0x47, 0x80, 0xfc, 0xe5, 0x23, 0xe7, 0xc2, - 0xc9, 0x85, 0xe6, 0x98, 0xa0, 0x29, 0x4e, 0xe1, 0x84, 0x39, 0x2d, 0x95, - 0x2c, 0xf3, 0x45, 0x3c, 0xff, 0xaf, 0x27, 0x4c, 0x6b, 0xa6, 0xf5, 0x4b, - 0x11, 0xbd, 0xba, 0x5b, 0x9e, 0xc4, 0xa4, 0x51, 0x1e, 0xbe, 0xd0, 0x90, - 0x3a, 0x9c, 0xc2, 0x26, 0xb6, 0x1e, 0xf1, 0x95, 0x7d, 0xc8, 0x6d, 0x52, - 0xe6, 0x99, 0x2c, 0x5f, 0x9a, 0x96, 0x0c, 0x68, 0x29, 0xfd, 0xe2, 0xfb, - 0xe6, 0xbc, 0xec, 0x31, 0x08, 0xec, 0xe6, 0xb0, 0x53, 0x60, 0xc3, 0x8c, - 0xbe, 0xc1, 0xb3, 0x8a, 0x8f, 0xe4, 0x88, 0x2b, 0x55, 0xe5, 0x64, 0x6e, - 0x9b, 0xd0, 0xaf, 0x7b, 0x64, 0x2a, 0x35, 0x25, 0x10, 0x52, 0xc5, 0x9e, - 0x58, 0x11, 0x39, 0x36, 0x45, 0x51, 0xb8, 0x39, 0x93, 0xfc, 0x9d, 0x6a, - 0xbe, 0x58, 0xcb, 0xa4, 0x0f, 0x51, 0x3c, 0x38, 0x05, 0xca, 0xab, 0x43, - 0x63, 0x0e, 0xf3, 0x8b, 0x41, 0xa6, 0xf8, 0x9b, 0x53, 0x70, 0x80, 0x53, - 0x86, 0x5e, 0x8f, 0xe3, 0xc3, 0x0d, 0x18, 0xc8, 0x4b, 0x34, 0x1f, 0xd8, - 0x1d, 0xbc, 0xf2, 0x6d, 0x34, 0x3a, 0xbe, 0xdf, 0xd9, 0xf6, 0xf3, 0x89, - 0xa1, 0xe1, 0x94, 0x9f, 0x5d, 0x4c, 0x5d, 0xe9, 0xa1, 0x49, 0x92, 0xef, - 0x0e, 0x53, 0x81, 0x89, 0x58, 0x87, 0xa6, 0x37, 0xf1, 0xdd, 0x62, 0x60, - 0x63, 0x5a, 0x9d, 0x1b, 0x8c, 0xc6, 0x7d, 0x52, 0xea, 0x70, 0x09, 0x6a, - 0xe1, 0x32, 0xf3, 0x73, 0x21, 0x1f, 0x07, 0x7b, 0x7c, 0x9b, 0x49, 0xd8, - 0xc0, 0xf3, 0x25, 0x72, 0x6f, 0x9d, 0xed, 0x31, 0x67, 0x36, 0x36, 0x54, - 0x40, 0x92, 0x71, 0xe6, 0x11, 0x28, 0x11, 0xad, 0x93, 0x32, 0x85, 0x7b, - 0x3e, 0xb7, 0x3b, 0x49, 0x13, 0x1c, 0x07, 0xb0, 0x2e, 0x93, 0xaa, 0xfd, - 0xfd, 0x28, 0x47, 0x3d, 0x8d, 0xd2, 0xda, 0xc7, 0x44, 0xd6, 0x7a, 0xdb, - 0x26, 0x7d, 0x1d, 0xb8, 0xe1, 0xde, 0x9d, 0x7a, 0x7d, 0x17, 0x7e, 0x1c, - 0x37, 0x04, 0x8d, 0x2d, 0x7c, 0x5e, 0x18, 0x38, 0x1e, 0xaf, 0xc7, 0x1b, - 0x33, 0x48, 0x31, 0x00, 0x59, 0xf6, 0xf2, 0xca, 0x0f, 0x27, 0x1b, 0x63, - 0x12, 0x7e, 0x02, 0x1d, 0x49, 0xc0, 0x5d, 0x79, 0x87, 0xef, 0x5e, 0x7a, - 0x2f, 0x1f, 0x66, 0x55, 0xd8, 0x09, 0xd9, 0x61, 0x38, 0x68, 0xb0, 0x07, - 0xa3, 0xfc, 0xcc, 0x85, 0x10, 0x7f, 0x4c, 0x65, 0x65, 0xb3, 0xfa, 0xfa, - 0xa5, 0x53, 0x6f, 0xdb, 0x74, 0x4c, 0x56, 0x46, 0x03, 0xe2, 0xd5, 0x7a, - 0x29, 0x1c, 0xc6, 0x02, 0xbc, 0x59, 0xf2, 0x04, 0x75, 0x63, 0xc0, 0x84, - 0x2f, 0x60, 0x1c, 0x67, 0x76, 0xfd, 0x63, 0x86, 0xf3, 0xfa, 0xbf, 0xdc, - 0xd2, 0x2d, 0x90, 0x91, 0xbd, 0x33, 0xa9, 0xe5, 0x66, 0x0c, 0xda, 0x42, - 0x27, 0xca, 0xf4, 0x66, 0xc2, 0xec, 0x92, 0x14, 0x57, 0x06, 0x63, 0xd0, - 0x4d, 0x15, 0x06, 0xeb, 0x69, 0x58, 0x4f, 0x77, 0xc5, 0x8b, 0xc7, 0xf0, - 0x8e, 0xed, 0x64, 0xa0, 0xb3, 0x3c, 0x66, 0x71, 0xc6, 0x2d, 0xda, 0x0a, - 0x0d, 0xfe, 0x70, 0x27, 0x64, 0xf8, 0x27, 0xfa, 0xf6, 0x5f, 0x30, 0xa5, - 0x0d, 0x6c, 0xda, 0xf2, 0x62, 0x5e, 0x78, 0x47, 0xd3, 0x66, 0x00, 0x1c, - 0xfd, 0x56, 0x1f, 0x5d, 0x3f, 0x6f, 0xf4, 0x4c, 0xd8, 0xfd, 0x0e, 0x27, - 0xc9, 0x5c, 0x2b, 0xbc, 0xc0, 0xa4, 0xe7, 0x23, 0x29, 0x02, 0x9f, 0x31, - 0xd6, 0xe9, 0xd7, 0x96, 0xf4, 0xe0, 0x5e, 0x0b, 0x0e, 0x13, 0xee, 0x3c, - 0x09, 0xed, 0xf2, 0x3d, 0x76, 0x91, 0xc3, 0xa4, 0x97, 0xae, 0xd4, 0x87, - 0xd0, 0x5d, 0xf6, 0x18, 0x47, 0x1f, 0x1d, 0x67, 0xf2, 0xcf, 0x63, 0xa0, - 0x91, 0x27, 0xf8, 0x93, 0x45, 0x75, 0x23, 0x3f, 0xd1, 0xf1, 0xad, 0x23, - 0xdd, 0x64, 0x93, 0x96, 0x41, 0x70, 0x7f, 0xf7, 0xf5, 0xa9, 0x89, 0xa2, - 0x34, 0xb0, 0x8d, 0x1b, 0xae, 0x19, 0x15, 0x49, 0x58, 0x23, 0x6d, 0x87, - 0x15, 0x4f, 0x81, 0x76, 0xfb, 0x23, 0xb5, 0xea, 0xcf, 0xac, 0x54, 0x8d, - 0x4e, 0x42, 0x2f, 0xeb, 0x0f, 0x63, 0xdb, 0x68, 0x37, 0xa8, 0xcf, 0x8b, - 0xab, 0xf5, 0xa4, 0x6e, 0x96, 0x2a, 0xb2, 0xd6, 0xbe, 0x9e, 0xbd, 0x0d, - 0xb4, 0x42, 0xa9, 0xcf, 0x01, 0x83, 0x8a, 0x17, 0x47, 0x76, 0xc4, 0xc6, - 0x83, 0x04, 0x95, 0x0b, 0xfc, 0x11, 0xc9, 0x62, 0xb8, 0x0c, 0x76, 0x84, - 0xd9, 0xb9, 0x37, 0xfa, 0xfc, 0x7c, 0xc2, 0x6d, 0x58, 0x3e, 0xb3, 0x04, - 0xbb, 0x8c, 0x8f, 0x48, 0xbc, 0x91, 0x27, 0xcc, 0xf9, 0xb7, 0x22, 0x19, - 0x83, 0x2e, 0x09, 0xb5, 0x72, 0xd9, 0x54, 0x1c, 0x4d, 0xa1, 0xea, 0x0b, - 0xf1, 0xc6, 0x08, 0x72, 0x46, 0x87, 0x7a, 0x6e, 0x80, 0x56, 0x0a, 0x8a, - 0xc0, 0xdd, 0x11, 0x6b, 0xd6, 0xdd, 0x47, 0xdf, 0x10, 0xd9, 0xd8, 0xea, - 0x7c, 0xb0, 0x8f, 0x03, 0x00, 0x2e, 0xc1, 0x8f, 0x44, 0xa8, 0xd3, 0x30, - 0x06, 0x89, 0xa2, 0xf9, 0x34, 0xad, 0xdc, 0x03, 0x85, 0xed, 0x51, 0xa7, - 0x82, 0x9c, 0xe7, 0x5d, 0x52, 0x93, 0x0c, 0x32, 0x9a, 0x5b, 0xe1, 0xaa, - 0xca, 0xb8, 0x02, 0x6d, 0x3a, 0xd4, 0xb1, 0x3a, 0xf0, 0x5f, 0xbe, 0xb5, - 0x0d, 0x10, 0x6b, 0x38, 0x32, 0xac, 0x76, 0x80, 0xbd, 0xca, 0x94, 0x71, - 0x7a, 0xf2, 0xc9, 0x35, 0x2a, 0xde, 0x9f, 0x42, 0x49, 0x18, 0x01, 0xab, - 0xbc, 0xef, 0x7c, 0x64, 0x3f, 0x58, 0x3d, 0x92, 0x59, 0xdb, 0x13, 0xdb, - 0x58, 0x6e, 0x0a, 0xe0, 0xb7, 0x91, 0x4a, 0x08, 0x20, 0xd6, 0x2e, 0x3c, - 0x45, 0xc9, 0x8b, 0x17, 0x79, 0xe7, 0xc7, 0x90, 0x99, 0x3a, 0x18, 0x25, -}; - -void x25519_ge_scalarmult_base(ge_p3 *h, const uint8_t a[32]) { - x25519_ge_scalarmult_small_precomp(h, a, k25519SmallPrecomp); -} - -#else - -/* k25519Precomp[i][j] = (j+1)*256^i*B */ -static const ge_precomp k25519Precomp[32][8] = { - { - { - {25967493, -14356035, 29566456, 3660896, -12694345, 4014787, - 27544626, -11754271, -6079156, 2047605}, - {-12545711, 934262, -2722910, 3049990, -727428, 9406986, 12720692, - 5043384, 19500929, -15469378}, - {-8738181, 4489570, 9688441, -14785194, 10184609, -12363380, - 29287919, 11864899, -24514362, -4438546}, - }, - { - {-12815894, -12976347, -21581243, 11784320, -25355658, -2750717, - -11717903, -3814571, -358445, -10211303}, - {-21703237, 6903825, 27185491, 6451973, -29577724, -9554005, - -15616551, 11189268, -26829678, -5319081}, - {26966642, 11152617, 32442495, 15396054, 14353839, -12752335, - -3128826, -9541118, -15472047, -4166697}, - }, - { - {15636291, -9688557, 24204773, -7912398, 616977, -16685262, - 27787600, -14772189, 28944400, -1550024}, - {16568933, 4717097, -11556148, -1102322, 15682896, -11807043, - 16354577, -11775962, 7689662, 11199574}, - {30464156, -5976125, -11779434, -15670865, 23220365, 15915852, - 7512774, 10017326, -17749093, -9920357}, - }, - { - {-17036878, 13921892, 10945806, -6033431, 27105052, -16084379, - -28926210, 15006023, 3284568, -6276540}, - {23599295, -8306047, -11193664, -7687416, 13236774, 10506355, - 7464579, 9656445, 13059162, 10374397}, - {7798556, 16710257, 3033922, 2874086, 28997861, 2835604, 32406664, - -3839045, -641708, -101325}, - }, - { - {10861363, 11473154, 27284546, 1981175, -30064349, 12577861, - 32867885, 14515107, -15438304, 10819380}, - {4708026, 6336745, 20377586, 9066809, -11272109, 6594696, -25653668, - 12483688, -12668491, 5581306}, - {19563160, 16186464, -29386857, 4097519, 10237984, -4348115, - 28542350, 13850243, -23678021, -15815942}, - }, - { - {-15371964, -12862754, 32573250, 4720197, -26436522, 5875511, - -19188627, -15224819, -9818940, -12085777}, - {-8549212, 109983, 15149363, 2178705, 22900618, 4543417, 3044240, - -15689887, 1762328, 14866737}, - {-18199695, -15951423, -10473290, 1707278, -17185920, 3916101, - -28236412, 3959421, 27914454, 4383652}, - }, - { - {5153746, 9909285, 1723747, -2777874, 30523605, 5516873, 19480852, - 5230134, -23952439, -15175766}, - {-30269007, -3463509, 7665486, 10083793, 28475525, 1649722, - 20654025, 16520125, 30598449, 7715701}, - {28881845, 14381568, 9657904, 3680757, -20181635, 7843316, - -31400660, 1370708, 29794553, -1409300}, - }, - { - {14499471, -2729599, -33191113, -4254652, 28494862, 14271267, - 30290735, 10876454, -33154098, 2381726}, - {-7195431, -2655363, -14730155, 462251, -27724326, 3941372, - -6236617, 3696005, -32300832, 15351955}, - {27431194, 8222322, 16448760, -3907995, -18707002, 11938355, - -32961401, -2970515, 29551813, 10109425}, - }, - }, - { - { - {-13657040, -13155431, -31283750, 11777098, 21447386, 6519384, - -2378284, -1627556, 10092783, -4764171}, - {27939166, 14210322, 4677035, 16277044, -22964462, -12398139, - -32508754, 12005538, -17810127, 12803510}, - {17228999, -15661624, -1233527, 300140, -1224870, -11714777, - 30364213, -9038194, 18016357, 4397660}, - }, - { - {-10958843, -7690207, 4776341, -14954238, 27850028, -15602212, - -26619106, 14544525, -17477504, 982639}, - {29253598, 15796703, -2863982, -9908884, 10057023, 3163536, 7332899, - -4120128, -21047696, 9934963}, - {5793303, 16271923, -24131614, -10116404, 29188560, 1206517, - -14747930, 4559895, -30123922, -10897950}, - }, - { - {-27643952, -11493006, 16282657, -11036493, 28414021, -15012264, - 24191034, 4541697, -13338309, 5500568}, - {12650548, -1497113, 9052871, 11355358, -17680037, -8400164, - -17430592, 12264343, 10874051, 13524335}, - {25556948, -3045990, 714651, 2510400, 23394682, -10415330, 33119038, - 5080568, -22528059, 5376628}, - }, - { - {-26088264, -4011052, -17013699, -3537628, -6726793, 1920897, - -22321305, -9447443, 4535768, 1569007}, - {-2255422, 14606630, -21692440, -8039818, 28430649, 8775819, - -30494562, 3044290, 31848280, 12543772}, - {-22028579, 2943893, -31857513, 6777306, 13784462, -4292203, - -27377195, -2062731, 7718482, 14474653}, - }, - { - {2385315, 2454213, -22631320, 46603, -4437935, -15680415, 656965, - -7236665, 24316168, -5253567}, - {13741529, 10911568, -33233417, -8603737, -20177830, -1033297, - 33040651, -13424532, -20729456, 8321686}, - {21060490, -2212744, 15712757, -4336099, 1639040, 10656336, - 23845965, -11874838, -9984458, 608372}, - }, - { - {-13672732, -15087586, -10889693, -7557059, -6036909, 11305547, - 1123968, -6780577, 27229399, 23887}, - {-23244140, -294205, -11744728, 14712571, -29465699, -2029617, - 12797024, -6440308, -1633405, 16678954}, - {-29500620, 4770662, -16054387, 14001338, 7830047, 9564805, - -1508144, -4795045, -17169265, 4904953}, - }, - { - {24059557, 14617003, 19037157, -15039908, 19766093, -14906429, - 5169211, 16191880, 2128236, -4326833}, - {-16981152, 4124966, -8540610, -10653797, 30336522, -14105247, - -29806336, 916033, -6882542, -2986532}, - {-22630907, 12419372, -7134229, -7473371, -16478904, 16739175, - 285431, 2763829, 15736322, 4143876}, - }, - { - {2379352, 11839345, -4110402, -5988665, 11274298, 794957, 212801, - -14594663, 23527084, -16458268}, - {33431127, -11130478, -17838966, -15626900, 8909499, 8376530, - -32625340, 4087881, -15188911, -14416214}, - {1767683, 7197987, -13205226, -2022635, -13091350, 448826, 5799055, - 4357868, -4774191, -16323038}, - }, - }, - { - { - {6721966, 13833823, -23523388, -1551314, 26354293, -11863321, - 23365147, -3949732, 7390890, 2759800}, - {4409041, 2052381, 23373853, 10530217, 7676779, -12885954, 21302353, - -4264057, 1244380, -12919645}, - {-4421239, 7169619, 4982368, -2957590, 30256825, -2777540, 14086413, - 9208236, 15886429, 16489664}, - }, - { - {1996075, 10375649, 14346367, 13311202, -6874135, -16438411, - -13693198, 398369, -30606455, -712933}, - {-25307465, 9795880, -2777414, 14878809, -33531835, 14780363, - 13348553, 12076947, -30836462, 5113182}, - {-17770784, 11797796, 31950843, 13929123, -25888302, 12288344, - -30341101, -7336386, 13847711, 5387222}, - }, - { - {-18582163, -3416217, 17824843, -2340966, 22744343, -10442611, - 8763061, 3617786, -19600662, 10370991}, - {20246567, -14369378, 22358229, -543712, 18507283, -10413996, - 14554437, -8746092, 32232924, 16763880}, - {9648505, 10094563, 26416693, 14745928, -30374318, -6472621, - 11094161, 15689506, 3140038, -16510092}, - }, - { - {-16160072, 5472695, 31895588, 4744994, 8823515, 10365685, - -27224800, 9448613, -28774454, 366295}, - {19153450, 11523972, -11096490, -6503142, -24647631, 5420647, - 28344573, 8041113, 719605, 11671788}, - {8678025, 2694440, -6808014, 2517372, 4964326, 11152271, -15432916, - -15266516, 27000813, -10195553}, - }, - { - {-15157904, 7134312, 8639287, -2814877, -7235688, 10421742, 564065, - 5336097, 6750977, -14521026}, - {11836410, -3979488, 26297894, 16080799, 23455045, 15735944, - 1695823, -8819122, 8169720, 16220347}, - {-18115838, 8653647, 17578566, -6092619, -8025777, -16012763, - -11144307, -2627664, -5990708, -14166033}, - }, - { - {-23308498, -10968312, 15213228, -10081214, -30853605, -11050004, - 27884329, 2847284, 2655861, 1738395}, - {-27537433, -14253021, -25336301, -8002780, -9370762, 8129821, - 21651608, -3239336, -19087449, -11005278}, - {1533110, 3437855, 23735889, 459276, 29970501, 11335377, 26030092, - 5821408, 10478196, 8544890}, - }, - { - {32173121, -16129311, 24896207, 3921497, 22579056, -3410854, - 19270449, 12217473, 17789017, -3395995}, - {-30552961, -2228401, -15578829, -10147201, 13243889, 517024, - 15479401, -3853233, 30460520, 1052596}, - {-11614875, 13323618, 32618793, 8175907, -15230173, 12596687, - 27491595, -4612359, 3179268, -9478891}, - }, - { - {31947069, -14366651, -4640583, -15339921, -15125977, -6039709, - -14756777, -16411740, 19072640, -9511060}, - {11685058, 11822410, 3158003, -13952594, 33402194, -4165066, - 5977896, -5215017, 473099, 5040608}, - {-20290863, 8198642, -27410132, 11602123, 1290375, -2799760, - 28326862, 1721092, -19558642, -3131606}, - }, - }, - { - { - {7881532, 10687937, 7578723, 7738378, -18951012, -2553952, 21820786, - 8076149, -27868496, 11538389}, - {-19935666, 3899861, 18283497, -6801568, -15728660, -11249211, - 8754525, 7446702, -5676054, 5797016}, - {-11295600, -3793569, -15782110, -7964573, 12708869, -8456199, - 2014099, -9050574, -2369172, -5877341}, - }, - { - {-22472376, -11568741, -27682020, 1146375, 18956691, 16640559, - 1192730, -3714199, 15123619, 10811505}, - {14352098, -3419715, -18942044, 10822655, 32750596, 4699007, -70363, - 15776356, -28886779, -11974553}, - {-28241164, -8072475, -4978962, -5315317, 29416931, 1847569, - -20654173, -16484855, 4714547, -9600655}, - }, - { - {15200332, 8368572, 19679101, 15970074, -31872674, 1959451, - 24611599, -4543832, -11745876, 12340220}, - {12876937, -10480056, 33134381, 6590940, -6307776, 14872440, - 9613953, 8241152, 15370987, 9608631}, - {-4143277, -12014408, 8446281, -391603, 4407738, 13629032, -7724868, - 15866074, -28210621, -8814099}, - }, - { - {26660628, -15677655, 8393734, 358047, -7401291, 992988, -23904233, - 858697, 20571223, 8420556}, - {14620715, 13067227, -15447274, 8264467, 14106269, 15080814, - 33531827, 12516406, -21574435, -12476749}, - {236881, 10476226, 57258, -14677024, 6472998, 2466984, 17258519, - 7256740, 8791136, 15069930}, - }, - { - {1276410, -9371918, 22949635, -16322807, -23493039, -5702186, - 14711875, 4874229, -30663140, -2331391}, - {5855666, 4990204, -13711848, 7294284, -7804282, 1924647, -1423175, - -7912378, -33069337, 9234253}, - {20590503, -9018988, 31529744, -7352666, -2706834, 10650548, - 31559055, -11609587, 18979186, 13396066}, - }, - { - {24474287, 4968103, 22267082, 4407354, 24063882, -8325180, - -18816887, 13594782, 33514650, 7021958}, - {-11566906, -6565505, -21365085, 15928892, -26158305, 4315421, - -25948728, -3916677, -21480480, 12868082}, - {-28635013, 13504661, 19988037, -2132761, 21078225, 6443208, - -21446107, 2244500, -12455797, -8089383}, - }, - { - {-30595528, 13793479, -5852820, 319136, -25723172, -6263899, - 33086546, 8957937, -15233648, 5540521}, - {-11630176, -11503902, -8119500, -7643073, 2620056, 1022908, - -23710744, -1568984, -16128528, -14962807}, - {23152971, 775386, 27395463, 14006635, -9701118, 4649512, 1689819, - 892185, -11513277, -15205948}, - }, - { - {9770129, 9586738, 26496094, 4324120, 1556511, -3550024, 27453819, - 4763127, -19179614, 5867134}, - {-32765025, 1927590, 31726409, -4753295, 23962434, -16019500, - 27846559, 5931263, -29749703, -16108455}, - {27461885, -2977536, 22380810, 1815854, -23033753, -3031938, - 7283490, -15148073, -19526700, 7734629}, - }, - }, - { - { - {-8010264, -9590817, -11120403, 6196038, 29344158, -13430885, - 7585295, -3176626, 18549497, 15302069}, - {-32658337, -6171222, -7672793, -11051681, 6258878, 13504381, - 10458790, -6418461, -8872242, 8424746}, - {24687205, 8613276, -30667046, -3233545, 1863892, -1830544, - 19206234, 7134917, -11284482, -828919}, - }, - { - {11334899, -9218022, 8025293, 12707519, 17523892, -10476071, - 10243738, -14685461, -5066034, 16498837}, - {8911542, 6887158, -9584260, -6958590, 11145641, -9543680, 17303925, - -14124238, 6536641, 10543906}, - {-28946384, 15479763, -17466835, 568876, -1497683, 11223454, - -2669190, -16625574, -27235709, 8876771}, - }, - { - {-25742899, -12566864, -15649966, -846607, -33026686, -796288, - -33481822, 15824474, -604426, -9039817}, - {10330056, 70051, 7957388, -9002667, 9764902, 15609756, 27698697, - -4890037, 1657394, 3084098}, - {10477963, -7470260, 12119566, -13250805, 29016247, -5365589, - 31280319, 14396151, -30233575, 15272409}, - }, - { - {-12288309, 3169463, 28813183, 16658753, 25116432, -5630466, - -25173957, -12636138, -25014757, 1950504}, - {-26180358, 9489187, 11053416, -14746161, -31053720, 5825630, - -8384306, -8767532, 15341279, 8373727}, - {28685821, 7759505, -14378516, -12002860, -31971820, 4079242, - 298136, -10232602, -2878207, 15190420}, - }, - { - {-32932876, 13806336, -14337485, -15794431, -24004620, 10940928, - 8669718, 2742393, -26033313, -6875003}, - {-1580388, -11729417, -25979658, -11445023, -17411874, -10912854, - 9291594, -16247779, -12154742, 6048605}, - {-30305315, 14843444, 1539301, 11864366, 20201677, 1900163, - 13934231, 5128323, 11213262, 9168384}, - }, - { - {-26280513, 11007847, 19408960, -940758, -18592965, -4328580, - -5088060, -11105150, 20470157, -16398701}, - {-23136053, 9282192, 14855179, -15390078, -7362815, -14408560, - -22783952, 14461608, 14042978, 5230683}, - {29969567, -2741594, -16711867, -8552442, 9175486, -2468974, - 21556951, 3506042, -5933891, -12449708}, - }, - { - {-3144746, 8744661, 19704003, 4581278, -20430686, 6830683, - -21284170, 8971513, -28539189, 15326563}, - {-19464629, 10110288, -17262528, -3503892, -23500387, 1355669, - -15523050, 15300988, -20514118, 9168260}, - {-5353335, 4488613, -23803248, 16314347, 7780487, -15638939, - -28948358, 9601605, 33087103, -9011387}, - }, - { - {-19443170, -15512900, -20797467, -12445323, -29824447, 10229461, - -27444329, -15000531, -5996870, 15664672}, - {23294591, -16632613, -22650781, -8470978, 27844204, 11461195, - 13099750, -2460356, 18151676, 13417686}, - {-24722913, -4176517, -31150679, 5988919, -26858785, 6685065, - 1661597, -12551441, 15271676, -15452665}, - }, - }, - { - { - {11433042, -13228665, 8239631, -5279517, -1985436, -725718, - -18698764, 2167544, -6921301, -13440182}, - {-31436171, 15575146, 30436815, 12192228, -22463353, 9395379, - -9917708, -8638997, 12215110, 12028277}, - {14098400, 6555944, 23007258, 5757252, -15427832, -12950502, - 30123440, 4617780, -16900089, -655628}, - }, - { - {-4026201, -15240835, 11893168, 13718664, -14809462, 1847385, - -15819999, 10154009, 23973261, -12684474}, - {-26531820, -3695990, -1908898, 2534301, -31870557, -16550355, - 18341390, -11419951, 32013174, -10103539}, - {-25479301, 10876443, -11771086, -14625140, -12369567, 1838104, - 21911214, 6354752, 4425632, -837822}, - }, - { - {-10433389, -14612966, 22229858, -3091047, -13191166, 776729, - -17415375, -12020462, 4725005, 14044970}, - {19268650, -7304421, 1555349, 8692754, -21474059, -9910664, 6347390, - -1411784, -19522291, -16109756}, - {-24864089, 12986008, -10898878, -5558584, -11312371, -148526, - 19541418, 8180106, 9282262, 10282508}, - }, - { - {-26205082, 4428547, -8661196, -13194263, 4098402, -14165257, - 15522535, 8372215, 5542595, -10702683}, - {-10562541, 14895633, 26814552, -16673850, -17480754, -2489360, - -2781891, 6993761, -18093885, 10114655}, - {-20107055, -929418, 31422704, 10427861, -7110749, 6150669, - -29091755, -11529146, 25953725, -106158}, - }, - { - {-4234397, -8039292, -9119125, 3046000, 2101609, -12607294, - 19390020, 6094296, -3315279, 12831125}, - {-15998678, 7578152, 5310217, 14408357, -33548620, -224739, - 31575954, 6326196, 7381791, -2421839}, - {-20902779, 3296811, 24736065, -16328389, 18374254, 7318640, - 6295303, 8082724, -15362489, 12339664}, - }, - { - {27724736, 2291157, 6088201, -14184798, 1792727, 5857634, 13848414, - 15768922, 25091167, 14856294}, - {-18866652, 8331043, 24373479, 8541013, -701998, -9269457, 12927300, - -12695493, -22182473, -9012899}, - {-11423429, -5421590, 11632845, 3405020, 30536730, -11674039, - -27260765, 13866390, 30146206, 9142070}, - }, - { - {3924129, -15307516, -13817122, -10054960, 12291820, -668366, - -27702774, 9326384, -8237858, 4171294}, - {-15921940, 16037937, 6713787, 16606682, -21612135, 2790944, - 26396185, 3731949, 345228, -5462949}, - {-21327538, 13448259, 25284571, 1143661, 20614966, -8849387, - 2031539, -12391231, -16253183, -13582083}, - }, - { - {31016211, -16722429, 26371392, -14451233, -5027349, 14854137, - 17477601, 3842657, 28012650, -16405420}, - {-5075835, 9368966, -8562079, -4600902, -15249953, 6970560, - -9189873, 16292057, -8867157, 3507940}, - {29439664, 3537914, 23333589, 6997794, -17555561, -11018068, - -15209202, -15051267, -9164929, 6580396}, - }, - }, - { - { - {-12185861, -7679788, 16438269, 10826160, -8696817, -6235611, - 17860444, -9273846, -2095802, 9304567}, - {20714564, -4336911, 29088195, 7406487, 11426967, -5095705, - 14792667, -14608617, 5289421, -477127}, - {-16665533, -10650790, -6160345, -13305760, 9192020, -1802462, - 17271490, 12349094, 26939669, -3752294}, - }, - { - {-12889898, 9373458, 31595848, 16374215, 21471720, 13221525, - -27283495, -12348559, -3698806, 117887}, - {22263325, -6560050, 3984570, -11174646, -15114008, -566785, - 28311253, 5358056, -23319780, 541964}, - {16259219, 3261970, 2309254, -15534474, -16885711, -4581916, - 24134070, -16705829, -13337066, -13552195}, - }, - { - {9378160, -13140186, -22845982, -12745264, 28198281, -7244098, - -2399684, -717351, 690426, 14876244}, - {24977353, -314384, -8223969, -13465086, 28432343, -1176353, - -13068804, -12297348, -22380984, 6618999}, - {-1538174, 11685646, 12944378, 13682314, -24389511, -14413193, - 8044829, -13817328, 32239829, -5652762}, - }, - { - {-18603066, 4762990, -926250, 8885304, -28412480, -3187315, 9781647, - -10350059, 32779359, 5095274}, - {-33008130, -5214506, -32264887, -3685216, 9460461, -9327423, - -24601656, 14506724, 21639561, -2630236}, - {-16400943, -13112215, 25239338, 15531969, 3987758, -4499318, - -1289502, -6863535, 17874574, 558605}, - }, - { - {-13600129, 10240081, 9171883, 16131053, -20869254, 9599700, - 33499487, 5080151, 2085892, 5119761}, - {-22205145, -2519528, -16381601, 414691, -25019550, 2170430, - 30634760, -8363614, -31999993, -5759884}, - {-6845704, 15791202, 8550074, -1312654, 29928809, -12092256, - 27534430, -7192145, -22351378, 12961482}, - }, - { - {-24492060, -9570771, 10368194, 11582341, -23397293, -2245287, - 16533930, 8206996, -30194652, -5159638}, - {-11121496, -3382234, 2307366, 6362031, -135455, 8868177, -16835630, - 7031275, 7589640, 8945490}, - {-32152748, 8917967, 6661220, -11677616, -1192060, -15793393, - 7251489, -11182180, 24099109, -14456170}, - }, - { - {5019558, -7907470, 4244127, -14714356, -26933272, 6453165, - -19118182, -13289025, -6231896, -10280736}, - {10853594, 10721687, 26480089, 5861829, -22995819, 1972175, - -1866647, -10557898, -3363451, -6441124}, - {-17002408, 5906790, 221599, -6563147, 7828208, -13248918, 24362661, - -2008168, -13866408, 7421392}, - }, - { - {8139927, -6546497, 32257646, -5890546, 30375719, 1886181, - -21175108, 15441252, 28826358, -4123029}, - {6267086, 9695052, 7709135, -16603597, -32869068, -1886135, - 14795160, -7840124, 13746021, -1742048}, - {28584902, 7787108, -6732942, -15050729, 22846041, -7571236, - -3181936, -363524, 4771362, -8419958}, - }, - }, - { - { - {24949256, 6376279, -27466481, -8174608, -18646154, -9930606, - 33543569, -12141695, 3569627, 11342593}, - {26514989, 4740088, 27912651, 3697550, 19331575, -11472339, 6809886, - 4608608, 7325975, -14801071}, - {-11618399, -14554430, -24321212, 7655128, -1369274, 5214312, - -27400540, 10258390, -17646694, -8186692}, - }, - { - {11431204, 15823007, 26570245, 14329124, 18029990, 4796082, - -31446179, 15580664, 9280358, -3973687}, - {-160783, -10326257, -22855316, -4304997, -20861367, -13621002, - -32810901, -11181622, -15545091, 4387441}, - {-20799378, 12194512, 3937617, -5805892, -27154820, 9340370, - -24513992, 8548137, 20617071, -7482001}, - }, - { - {-938825, -3930586, -8714311, 16124718, 24603125, -6225393, - -13775352, -11875822, 24345683, 10325460}, - {-19855277, -1568885, -22202708, 8714034, 14007766, 6928528, - 16318175, -1010689, 4766743, 3552007}, - {-21751364, -16730916, 1351763, -803421, -4009670, 3950935, 3217514, - 14481909, 10988822, -3994762}, - }, - { - {15564307, -14311570, 3101243, 5684148, 30446780, -8051356, - 12677127, -6505343, -8295852, 13296005}, - {-9442290, 6624296, -30298964, -11913677, -4670981, -2057379, - 31521204, 9614054, -30000824, 12074674}, - {4771191, -135239, 14290749, -13089852, 27992298, 14998318, - -1413936, -1556716, 29832613, -16391035}, - }, - { - {7064884, -7541174, -19161962, -5067537, -18891269, -2912736, - 25825242, 5293297, -27122660, 13101590}, - {-2298563, 2439670, -7466610, 1719965, -27267541, -16328445, - 32512469, -5317593, -30356070, -4190957}, - {-30006540, 10162316, -33180176, 3981723, -16482138, -13070044, - 14413974, 9515896, 19568978, 9628812}, - }, - { - {33053803, 199357, 15894591, 1583059, 27380243, -4580435, -17838894, - -6106839, -6291786, 3437740}, - {-18978877, 3884493, 19469877, 12726490, 15913552, 13614290, - -22961733, 70104, 7463304, 4176122}, - {-27124001, 10659917, 11482427, -16070381, 12771467, -6635117, - -32719404, -5322751, 24216882, 5944158}, - }, - { - {8894125, 7450974, -2664149, -9765752, -28080517, -12389115, - 19345746, 14680796, 11632993, 5847885}, - {26942781, -2315317, 9129564, -4906607, 26024105, 11769399, - -11518837, 6367194, -9727230, 4782140}, - {19916461, -4828410, -22910704, -11414391, 25606324, -5972441, - 33253853, 8220911, 6358847, -1873857}, - }, - { - {801428, -2081702, 16569428, 11065167, 29875704, 96627, 7908388, - -4480480, -13538503, 1387155}, - {19646058, 5720633, -11416706, 12814209, 11607948, 12749789, - 14147075, 15156355, -21866831, 11835260}, - {19299512, 1155910, 28703737, 14890794, 2925026, 7269399, 26121523, - 15467869, -26560550, 5052483}, - }, - }, - { - { - {-3017432, 10058206, 1980837, 3964243, 22160966, 12322533, -6431123, - -12618185, 12228557, -7003677}, - {32944382, 14922211, -22844894, 5188528, 21913450, -8719943, - 4001465, 13238564, -6114803, 8653815}, - {22865569, -4652735, 27603668, -12545395, 14348958, 8234005, - 24808405, 5719875, 28483275, 2841751}, - }, - { - {-16420968, -1113305, -327719, -12107856, 21886282, -15552774, - -1887966, -315658, 19932058, -12739203}, - {-11656086, 10087521, -8864888, -5536143, -19278573, -3055912, - 3999228, 13239134, -4777469, -13910208}, - {1382174, -11694719, 17266790, 9194690, -13324356, 9720081, - 20403944, 11284705, -14013818, 3093230}, - }, - { - {16650921, -11037932, -1064178, 1570629, -8329746, 7352753, -302424, - 16271225, -24049421, -6691850}, - {-21911077, -5927941, -4611316, -5560156, -31744103, -10785293, - 24123614, 15193618, -21652117, -16739389}, - {-9935934, -4289447, -25279823, 4372842, 2087473, 10399484, - 31870908, 14690798, 17361620, 11864968}, - }, - { - {-11307610, 6210372, 13206574, 5806320, -29017692, -13967200, - -12331205, -7486601, -25578460, -16240689}, - {14668462, -12270235, 26039039, 15305210, 25515617, 4542480, - 10453892, 6577524, 9145645, -6443880}, - {5974874, 3053895, -9433049, -10385191, -31865124, 3225009, - -7972642, 3936128, -5652273, -3050304}, - }, - { - {30625386, -4729400, -25555961, -12792866, -20484575, 7695099, - 17097188, -16303496, -27999779, 1803632}, - {-3553091, 9865099, -5228566, 4272701, -5673832, -16689700, - 14911344, 12196514, -21405489, 7047412}, - {20093277, 9920966, -11138194, -5343857, 13161587, 12044805, - -32856851, 4124601, -32343828, -10257566}, - }, - { - {-20788824, 14084654, -13531713, 7842147, 19119038, -13822605, - 4752377, -8714640, -21679658, 2288038}, - {-26819236, -3283715, 29965059, 3039786, -14473765, 2540457, - 29457502, 14625692, -24819617, 12570232}, - {-1063558, -11551823, 16920318, 12494842, 1278292, -5869109, - -21159943, -3498680, -11974704, 4724943}, - }, - { - {17960970, -11775534, -4140968, -9702530, -8876562, -1410617, - -12907383, -8659932, -29576300, 1903856}, - {23134274, -14279132, -10681997, -1611936, 20684485, 15770816, - -12989750, 3190296, 26955097, 14109738}, - {15308788, 5320727, -30113809, -14318877, 22902008, 7767164, - 29425325, -11277562, 31960942, 11934971}, - }, - { - {-27395711, 8435796, 4109644, 12222639, -24627868, 14818669, - 20638173, 4875028, 10491392, 1379718}, - {-13159415, 9197841, 3875503, -8936108, -1383712, -5879801, - 33518459, 16176658, 21432314, 12180697}, - {-11787308, 11500838, 13787581, -13832590, -22430679, 10140205, - 1465425, 12689540, -10301319, -13872883}, - }, - }, - { - { - {5414091, -15386041, -21007664, 9643570, 12834970, 1186149, - -2622916, -1342231, 26128231, 6032912}, - {-26337395, -13766162, 32496025, -13653919, 17847801, -12669156, - 3604025, 8316894, -25875034, -10437358}, - {3296484, 6223048, 24680646, -12246460, -23052020, 5903205, - -8862297, -4639164, 12376617, 3188849}, - }, - { - {29190488, -14659046, 27549113, -1183516, 3520066, -10697301, - 32049515, -7309113, -16109234, -9852307}, - {-14744486, -9309156, 735818, -598978, -20407687, -5057904, - 25246078, -15795669, 18640741, -960977}, - {-6928835, -16430795, 10361374, 5642961, 4910474, 12345252, - -31638386, -494430, 10530747, 1053335}, - }, - { - {-29265967, -14186805, -13538216, -12117373, -19457059, -10655384, - -31462369, -2948985, 24018831, 15026644}, - {-22592535, -3145277, -2289276, 5953843, -13440189, 9425631, - 25310643, 13003497, -2314791, -15145616}, - {-27419985, -603321, -8043984, -1669117, -26092265, 13987819, - -27297622, 187899, -23166419, -2531735}, - }, - { - {-21744398, -13810475, 1844840, 5021428, -10434399, -15911473, - 9716667, 16266922, -5070217, 726099}, - {29370922, -6053998, 7334071, -15342259, 9385287, 2247707, - -13661962, -4839461, 30007388, -15823341}, - {-936379, 16086691, 23751945, -543318, -1167538, -5189036, 9137109, - 730663, 9835848, 4555336}, - }, - { - {-23376435, 1410446, -22253753, -12899614, 30867635, 15826977, - 17693930, 544696, -11985298, 12422646}, - {31117226, -12215734, -13502838, 6561947, -9876867, -12757670, - -5118685, -4096706, 29120153, 13924425}, - {-17400879, -14233209, 19675799, -2734756, -11006962, -5858820, - -9383939, -11317700, 7240931, -237388}, - }, - { - {-31361739, -11346780, -15007447, -5856218, -22453340, -12152771, - 1222336, 4389483, 3293637, -15551743}, - {-16684801, -14444245, 11038544, 11054958, -13801175, -3338533, - -24319580, 7733547, 12796905, -6335822}, - {-8759414, -10817836, -25418864, 10783769, -30615557, -9746811, - -28253339, 3647836, 3222231, -11160462}, - }, - { - {18606113, 1693100, -25448386, -15170272, 4112353, 10045021, - 23603893, -2048234, -7550776, 2484985}, - {9255317, -3131197, -12156162, -1004256, 13098013, -9214866, - 16377220, -2102812, -19802075, -3034702}, - {-22729289, 7496160, -5742199, 11329249, 19991973, -3347502, - -31718148, 9936966, -30097688, -10618797}, - }, - { - {21878590, -5001297, 4338336, 13643897, -3036865, 13160960, - 19708896, 5415497, -7360503, -4109293}, - {27736861, 10103576, 12500508, 8502413, -3413016, -9633558, - 10436918, -1550276, -23659143, -8132100}, - {19492550, -12104365, -29681976, -852630, -3208171, 12403437, - 30066266, 8367329, 13243957, 8709688}, - }, - }, - { - { - {12015105, 2801261, 28198131, 10151021, 24818120, -4743133, - -11194191, -5645734, 5150968, 7274186}, - {2831366, -12492146, 1478975, 6122054, 23825128, -12733586, - 31097299, 6083058, 31021603, -9793610}, - {-2529932, -2229646, 445613, 10720828, -13849527, -11505937, - -23507731, 16354465, 15067285, -14147707}, - }, - { - {7840942, 14037873, -33364863, 15934016, -728213, -3642706, - 21403988, 1057586, -19379462, -12403220}, - {915865, -16469274, 15608285, -8789130, -24357026, 6060030, - -17371319, 8410997, -7220461, 16527025}, - {32922597, -556987, 20336074, -16184568, 10903705, -5384487, - 16957574, 52992, 23834301, 6588044}, - }, - { - {32752030, 11232950, 3381995, -8714866, 22652988, -10744103, - 17159699, 16689107, -20314580, -1305992}, - {-4689649, 9166776, -25710296, -10847306, 11576752, 12733943, - 7924251, -2752281, 1976123, -7249027}, - {21251222, 16309901, -2983015, -6783122, 30810597, 12967303, 156041, - -3371252, 12331345, -8237197}, - }, - { - {8651614, -4477032, -16085636, -4996994, 13002507, 2950805, - 29054427, -5106970, 10008136, -4667901}, - {31486080, 15114593, -14261250, 12951354, 14369431, -7387845, - 16347321, -13662089, 8684155, -10532952}, - {19443825, 11385320, 24468943, -9659068, -23919258, 2187569, - -26263207, -6086921, 31316348, 14219878}, - }, - { - {-28594490, 1193785, 32245219, 11392485, 31092169, 15722801, - 27146014, 6992409, 29126555, 9207390}, - {32382935, 1110093, 18477781, 11028262, -27411763, -7548111, - -4980517, 10843782, -7957600, -14435730}, - {2814918, 7836403, 27519878, -7868156, -20894015, -11553689, - -21494559, 8550130, 28346258, 1994730}, - }, - { - {-19578299, 8085545, -14000519, -3948622, 2785838, -16231307, - -19516951, 7174894, 22628102, 8115180}, - {-30405132, 955511, -11133838, -15078069, -32447087, -13278079, - -25651578, 3317160, -9943017, 930272}, - {-15303681, -6833769, 28856490, 1357446, 23421993, 1057177, - 24091212, -1388970, -22765376, -10650715}, - }, - { - {-22751231, -5303997, -12907607, -12768866, -15811511, -7797053, - -14839018, -16554220, -1867018, 8398970}, - {-31969310, 2106403, -4736360, 1362501, 12813763, 16200670, - 22981545, -6291273, 18009408, -15772772}, - {-17220923, -9545221, -27784654, 14166835, 29815394, 7444469, - 29551787, -3727419, 19288549, 1325865}, - }, - { - {15100157, -15835752, -23923978, -1005098, -26450192, 15509408, - 12376730, -3479146, 33166107, -8042750}, - {20909231, 13023121, -9209752, 16251778, -5778415, -8094914, - 12412151, 10018715, 2213263, -13878373}, - {32529814, -11074689, 30361439, -16689753, -9135940, 1513226, - 22922121, 6382134, -5766928, 8371348}, - }, - }, - { - { - {9923462, 11271500, 12616794, 3544722, -29998368, -1721626, - 12891687, -8193132, -26442943, 10486144}, - {-22597207, -7012665, 8587003, -8257861, 4084309, -12970062, 361726, - 2610596, -23921530, -11455195}, - {5408411, -1136691, -4969122, 10561668, 24145918, 14240566, - 31319731, -4235541, 19985175, -3436086}, - }, - { - {-13994457, 16616821, 14549246, 3341099, 32155958, 13648976, - -17577068, 8849297, 65030, 8370684}, - {-8320926, -12049626, 31204563, 5839400, -20627288, -1057277, - -19442942, 6922164, 12743482, -9800518}, - {-2361371, 12678785, 28815050, 4759974, -23893047, 4884717, - 23783145, 11038569, 18800704, 255233}, - }, - { - {-5269658, -1773886, 13957886, 7990715, 23132995, 728773, 13393847, - 9066957, 19258688, -14753793}, - {-2936654, -10827535, -10432089, 14516793, -3640786, 4372541, - -31934921, 2209390, -1524053, 2055794}, - {580882, 16705327, 5468415, -2683018, -30926419, -14696000, - -7203346, -8994389, -30021019, 7394435}, - }, - { - {23838809, 1822728, -15738443, 15242727, 8318092, -3733104, - -21672180, -3492205, -4821741, 14799921}, - {13345610, 9759151, 3371034, -16137791, 16353039, 8577942, 31129804, - 13496856, -9056018, 7402518}, - {2286874, -4435931, -20042458, -2008336, -13696227, 5038122, - 11006906, -15760352, 8205061, 1607563}, - }, - { - {14414086, -8002132, 3331830, -3208217, 22249151, -5594188, - 18364661, -2906958, 30019587, -9029278}, - {-27688051, 1585953, -10775053, 931069, -29120221, -11002319, - -14410829, 12029093, 9944378, 8024}, - {4368715, -3709630, 29874200, -15022983, -20230386, -11410704, - -16114594, -999085, -8142388, 5640030}, - }, - { - {10299610, 13746483, 11661824, 16234854, 7630238, 5998374, 9809887, - -16694564, 15219798, -14327783}, - {27425505, -5719081, 3055006, 10660664, 23458024, 595578, -15398605, - -1173195, -18342183, 9742717}, - {6744077, 2427284, 26042789, 2720740, -847906, 1118974, 32324614, - 7406442, 12420155, 1994844}, - }, - { - {14012521, -5024720, -18384453, -9578469, -26485342, -3936439, - -13033478, -10909803, 24319929, -6446333}, - {16412690, -4507367, 10772641, 15929391, -17068788, -4658621, - 10555945, -10484049, -30102368, -4739048}, - {22397382, -7767684, -9293161, -12792868, 17166287, -9755136, - -27333065, 6199366, 21880021, -12250760}, - }, - { - {-4283307, 5368523, -31117018, 8163389, -30323063, 3209128, - 16557151, 8890729, 8840445, 4957760}, - {-15447727, 709327, -6919446, -10870178, -29777922, 6522332, - -21720181, 12130072, -14796503, 5005757}, - {-2114751, -14308128, 23019042, 15765735, -25269683, 6002752, - 10183197, -13239326, -16395286, -2176112}, - }, - }, - { - { - {-19025756, 1632005, 13466291, -7995100, -23640451, 16573537, - -32013908, -3057104, 22208662, 2000468}, - {3065073, -1412761, -25598674, -361432, -17683065, -5703415, - -8164212, 11248527, -3691214, -7414184}, - {10379208, -6045554, 8877319, 1473647, -29291284, -12507580, - 16690915, 2553332, -3132688, 16400289}, - }, - { - {15716668, 1254266, -18472690, 7446274, -8448918, 6344164, - -22097271, -7285580, 26894937, 9132066}, - {24158887, 12938817, 11085297, -8177598, -28063478, -4457083, - -30576463, 64452, -6817084, -2692882}, - {13488534, 7794716, 22236231, 5989356, 25426474, -12578208, 2350710, - -3418511, -4688006, 2364226}, - }, - { - {16335052, 9132434, 25640582, 6678888, 1725628, 8517937, -11807024, - -11697457, 15445875, -7798101}, - {29004207, -7867081, 28661402, -640412, -12794003, -7943086, - 31863255, -4135540, -278050, -15759279}, - {-6122061, -14866665, -28614905, 14569919, -10857999, -3591829, - 10343412, -6976290, -29828287, -10815811}, - }, - { - {27081650, 3463984, 14099042, -4517604, 1616303, -6205604, 29542636, - 15372179, 17293797, 960709}, - {20263915, 11434237, -5765435, 11236810, 13505955, -10857102, - -16111345, 6493122, -19384511, 7639714}, - {-2830798, -14839232, 25403038, -8215196, -8317012, -16173699, - 18006287, -16043750, 29994677, -15808121}, - }, - { - {9769828, 5202651, -24157398, -13631392, -28051003, -11561624, - -24613141, -13860782, -31184575, 709464}, - {12286395, 13076066, -21775189, -1176622, -25003198, 4057652, - -32018128, -8890874, 16102007, 13205847}, - {13733362, 5599946, 10557076, 3195751, -5557991, 8536970, -25540170, - 8525972, 10151379, 10394400}, - }, - { - {4024660, -16137551, 22436262, 12276534, -9099015, -2686099, - 19698229, 11743039, -33302334, 8934414}, - {-15879800, -4525240, -8580747, -2934061, 14634845, -698278, - -9449077, 3137094, -11536886, 11721158}, - {17555939, -5013938, 8268606, 2331751, -22738815, 9761013, 9319229, - 8835153, -9205489, -1280045}, - }, - { - {-461409, -7830014, 20614118, 16688288, -7514766, -4807119, - 22300304, 505429, 6108462, -6183415}, - {-5070281, 12367917, -30663534, 3234473, 32617080, -8422642, - 29880583, -13483331, -26898490, -7867459}, - {-31975283, 5726539, 26934134, 10237677, -3173717, -605053, - 24199304, 3795095, 7592688, -14992079}, - }, - { - {21594432, -14964228, 17466408, -4077222, 32537084, 2739898, - 6407723, 12018833, -28256052, 4298412}, - {-20650503, -11961496, -27236275, 570498, 3767144, -1717540, - 13891942, -1569194, 13717174, 10805743}, - {-14676630, -15644296, 15287174, 11927123, 24177847, -8175568, - -796431, 14860609, -26938930, -5863836}, - }, - }, - { - { - {12962541, 5311799, -10060768, 11658280, 18855286, -7954201, - 13286263, -12808704, -4381056, 9882022}, - {18512079, 11319350, -20123124, 15090309, 18818594, 5271736, - -22727904, 3666879, -23967430, -3299429}, - {-6789020, -3146043, 16192429, 13241070, 15898607, -14206114, - -10084880, -6661110, -2403099, 5276065}, - }, - { - {30169808, -5317648, 26306206, -11750859, 27814964, 7069267, - 7152851, 3684982, 1449224, 13082861}, - {10342826, 3098505, 2119311, 193222, 25702612, 12233820, 23697382, - 15056736, -21016438, -8202000}, - {-33150110, 3261608, 22745853, 7948688, 19370557, -15177665, - -26171976, 6482814, -10300080, -11060101}, - }, - { - {32869458, -5408545, 25609743, 15678670, -10687769, -15471071, - 26112421, 2521008, -22664288, 6904815}, - {29506923, 4457497, 3377935, -9796444, -30510046, 12935080, 1561737, - 3841096, -29003639, -6657642}, - {10340844, -6630377, -18656632, -2278430, 12621151, -13339055, - 30878497, -11824370, -25584551, 5181966}, - }, - { - {25940115, -12658025, 17324188, -10307374, -8671468, 15029094, - 24396252, -16450922, -2322852, -12388574}, - {-21765684, 9916823, -1300409, 4079498, -1028346, 11909559, 1782390, - 12641087, 20603771, -6561742}, - {-18882287, -11673380, 24849422, 11501709, 13161720, -4768874, - 1925523, 11914390, 4662781, 7820689}, - }, - { - {12241050, -425982, 8132691, 9393934, 32846760, -1599620, 29749456, - 12172924, 16136752, 15264020}, - {-10349955, -14680563, -8211979, 2330220, -17662549, -14545780, - 10658213, 6671822, 19012087, 3772772}, - {3753511, -3421066, 10617074, 2028709, 14841030, -6721664, 28718732, - -15762884, 20527771, 12988982}, - }, - { - {-14822485, -5797269, -3707987, 12689773, -898983, -10914866, - -24183046, -10564943, 3299665, -12424953}, - {-16777703, -15253301, -9642417, 4978983, 3308785, 8755439, 6943197, - 6461331, -25583147, 8991218}, - {-17226263, 1816362, -1673288, -6086439, 31783888, -8175991, - -32948145, 7417950, -30242287, 1507265}, - }, - { - {29692663, 6829891, -10498800, 4334896, 20945975, -11906496, - -28887608, 8209391, 14606362, -10647073}, - {-3481570, 8707081, 32188102, 5672294, 22096700, 1711240, -33020695, - 9761487, 4170404, -2085325}, - {-11587470, 14855945, -4127778, -1531857, -26649089, 15084046, - 22186522, 16002000, -14276837, -8400798}, - }, - { - {-4811456, 13761029, -31703877, -2483919, -3312471, 7869047, - -7113572, -9620092, 13240845, 10965870}, - {-7742563, -8256762, -14768334, -13656260, -23232383, 12387166, - 4498947, 14147411, 29514390, 4302863}, - {-13413405, -12407859, 20757302, -13801832, 14785143, 8976368, - -5061276, -2144373, 17846988, -13971927}, - }, - }, - { - { - {-2244452, -754728, -4597030, -1066309, -6247172, 1455299, - -21647728, -9214789, -5222701, 12650267}, - {-9906797, -16070310, 21134160, 12198166, -27064575, 708126, 387813, - 13770293, -19134326, 10958663}, - {22470984, 12369526, 23446014, -5441109, -21520802, -9698723, - -11772496, -11574455, -25083830, 4271862}, - }, - { - {-25169565, -10053642, -19909332, 15361595, -5984358, 2159192, - 75375, -4278529, -32526221, 8469673}, - {15854970, 4148314, -8893890, 7259002, 11666551, 13824734, - -30531198, 2697372, 24154791, -9460943}, - {15446137, -15806644, 29759747, 14019369, 30811221, -9610191, - -31582008, 12840104, 24913809, 9815020}, - }, - { - {-4709286, -5614269, -31841498, -12288893, -14443537, 10799414, - -9103676, 13438769, 18735128, 9466238}, - {11933045, 9281483, 5081055, -5183824, -2628162, -4905629, -7727821, - -10896103, -22728655, 16199064}, - {14576810, 379472, -26786533, -8317236, -29426508, -10812974, - -102766, 1876699, 30801119, 2164795}, - }, - { - {15995086, 3199873, 13672555, 13712240, -19378835, -4647646, - -13081610, -15496269, -13492807, 1268052}, - {-10290614, -3659039, -3286592, 10948818, 23037027, 3794475, - -3470338, -12600221, -17055369, 3565904}, - {29210088, -9419337, -5919792, -4952785, 10834811, -13327726, - -16512102, -10820713, -27162222, -14030531}, - }, - { - {-13161890, 15508588, 16663704, -8156150, -28349942, 9019123, - -29183421, -3769423, 2244111, -14001979}, - {-5152875, -3800936, -9306475, -6071583, 16243069, 14684434, - -25673088, -16180800, 13491506, 4641841}, - {10813417, 643330, -19188515, -728916, 30292062, -16600078, - 27548447, -7721242, 14476989, -12767431}, - }, - { - {10292079, 9984945, 6481436, 8279905, -7251514, 7032743, 27282937, - -1644259, -27912810, 12651324}, - {-31185513, -813383, 22271204, 11835308, 10201545, 15351028, - 17099662, 3988035, 21721536, -3148940}, - {10202177, -6545839, -31373232, -9574638, -32150642, -8119683, - -12906320, 3852694, 13216206, 14842320}, - }, - { - {-15815640, -10601066, -6538952, -7258995, -6984659, -6581778, - -31500847, 13765824, -27434397, 9900184}, - {14465505, -13833331, -32133984, -14738873, -27443187, 12990492, - 33046193, 15796406, -7051866, -8040114}, - {30924417, -8279620, 6359016, -12816335, 16508377, 9071735, - -25488601, 15413635, 9524356, -7018878}, - }, - { - {12274201, -13175547, 32627641, -1785326, 6736625, 13267305, - 5237659, -5109483, 15663516, 4035784}, - {-2951309, 8903985, 17349946, 601635, -16432815, -4612556, - -13732739, -15889334, -22258478, 4659091}, - {-16916263, -4952973, -30393711, -15158821, 20774812, 15897498, - 5736189, 15026997, -2178256, -13455585}, - }, - }, - { - { - {-8858980, -2219056, 28571666, -10155518, -474467, -10105698, - -3801496, 278095, 23440562, -290208}, - {10226241, -5928702, 15139956, 120818, -14867693, 5218603, 32937275, - 11551483, -16571960, -7442864}, - {17932739, -12437276, -24039557, 10749060, 11316803, 7535897, - 22503767, 5561594, -3646624, 3898661}, - }, - { - {7749907, -969567, -16339731, -16464, -25018111, 15122143, -1573531, - 7152530, 21831162, 1245233}, - {26958459, -14658026, 4314586, 8346991, -5677764, 11960072, - -32589295, -620035, -30402091, -16716212}, - {-12165896, 9166947, 33491384, 13673479, 29787085, 13096535, - 6280834, 14587357, -22338025, 13987525}, - }, - { - {-24349909, 7778775, 21116000, 15572597, -4833266, -5357778, - -4300898, -5124639, -7469781, -2858068}, - {9681908, -6737123, -31951644, 13591838, -6883821, 386950, 31622781, - 6439245, -14581012, 4091397}, - {-8426427, 1470727, -28109679, -1596990, 3978627, -5123623, - -19622683, 12092163, 29077877, -14741988}, - }, - { - {5269168, -6859726, -13230211, -8020715, 25932563, 1763552, - -5606110, -5505881, -20017847, 2357889}, - {32264008, -15407652, -5387735, -1160093, -2091322, -3946900, - 23104804, -12869908, 5727338, 189038}, - {14609123, -8954470, -6000566, -16622781, -14577387, -7743898, - -26745169, 10942115, -25888931, -14884697}, - }, - { - {20513500, 5557931, -15604613, 7829531, 26413943, -2019404, - -21378968, 7471781, 13913677, -5137875}, - {-25574376, 11967826, 29233242, 12948236, -6754465, 4713227, - -8940970, 14059180, 12878652, 8511905}, - {-25656801, 3393631, -2955415, -7075526, -2250709, 9366908, - -30223418, 6812974, 5568676, -3127656}, - }, - { - {11630004, 12144454, 2116339, 13606037, 27378885, 15676917, - -17408753, -13504373, -14395196, 8070818}, - {27117696, -10007378, -31282771, -5570088, 1127282, 12772488, - -29845906, 10483306, -11552749, -1028714}, - {10637467, -5688064, 5674781, 1072708, -26343588, -6982302, - -1683975, 9177853, -27493162, 15431203}, - }, - { - {20525145, 10892566, -12742472, 12779443, -29493034, 16150075, - -28240519, 14943142, -15056790, -7935931}, - {-30024462, 5626926, -551567, -9981087, 753598, 11981191, 25244767, - -3239766, -3356550, 9594024}, - {-23752644, 2636870, -5163910, -10103818, 585134, 7877383, 11345683, - -6492290, 13352335, -10977084}, - }, - { - {-1931799, -5407458, 3304649, -12884869, 17015806, -4877091, - -29783850, -7752482, -13215537, -319204}, - {20239939, 6607058, 6203985, 3483793, -18386976, -779229, -20723742, - 15077870, -22750759, 14523817}, - {27406042, -6041657, 27423596, -4497394, 4996214, 10002360, - -28842031, -4545494, -30172742, -4805667}, - }, - }, - { - { - {11374242, 12660715, 17861383, -12540833, 10935568, 1099227, - -13886076, -9091740, -27727044, 11358504}, - {-12730809, 10311867, 1510375, 10778093, -2119455, -9145702, - 32676003, 11149336, -26123651, 4985768}, - {-19096303, 341147, -6197485, -239033, 15756973, -8796662, -983043, - 13794114, -19414307, -15621255}, - }, - { - {6490081, 11940286, 25495923, -7726360, 8668373, -8751316, 3367603, - 6970005, -1691065, -9004790}, - {1656497, 13457317, 15370807, 6364910, 13605745, 8362338, -19174622, - -5475723, -16796596, -5031438}, - {-22273315, -13524424, -64685, -4334223, -18605636, -10921968, - -20571065, -7007978, -99853, -10237333}, - }, - { - {17747465, 10039260, 19368299, -4050591, -20630635, -16041286, - 31992683, -15857976, -29260363, -5511971}, - {31932027, -4986141, -19612382, 16366580, 22023614, 88450, 11371999, - -3744247, 4882242, -10626905}, - {29796507, 37186, 19818052, 10115756, -11829032, 3352736, 18551198, - 3272828, -5190932, -4162409}, - }, - { - {12501286, 4044383, -8612957, -13392385, -32430052, 5136599, - -19230378, -3529697, 330070, -3659409}, - {6384877, 2899513, 17807477, 7663917, -2358888, 12363165, 25366522, - -8573892, -271295, 12071499}, - {-8365515, -4042521, 25133448, -4517355, -6211027, 2265927, - -32769618, 1936675, -5159697, 3829363}, - }, - { - {28425966, -5835433, -577090, -4697198, -14217555, 6870930, 7921550, - -6567787, 26333140, 14267664}, - {-11067219, 11871231, 27385719, -10559544, -4585914, -11189312, - 10004786, -8709488, -21761224, 8930324}, - {-21197785, -16396035, 25654216, -1725397, 12282012, 11008919, - 1541940, 4757911, -26491501, -16408940}, - }, - { - {13537262, -7759490, -20604840, 10961927, -5922820, -13218065, - -13156584, 6217254, -15943699, 13814990}, - {-17422573, 15157790, 18705543, 29619, 24409717, -260476, 27361681, - 9257833, -1956526, -1776914}, - {-25045300, -10191966, 15366585, 15166509, -13105086, 8423556, - -29171540, 12361135, -18685978, 4578290}, - }, - { - {24579768, 3711570, 1342322, -11180126, -27005135, 14124956, - -22544529, 14074919, 21964432, 8235257}, - {-6528613, -2411497, 9442966, -5925588, 12025640, -1487420, - -2981514, -1669206, 13006806, 2355433}, - {-16304899, -13605259, -6632427, -5142349, 16974359, -10911083, - 27202044, 1719366, 1141648, -12796236}, - }, - { - {-12863944, -13219986, -8318266, -11018091, -6810145, -4843894, - 13475066, -3133972, 32674895, 13715045}, - {11423335, -5468059, 32344216, 8962751, 24989809, 9241752, - -13265253, 16086212, -28740881, -15642093}, - {-1409668, 12530728, -6368726, 10847387, 19531186, -14132160, - -11709148, 7791794, -27245943, 4383347}, - }, - }, - { - { - {-28970898, 5271447, -1266009, -9736989, -12455236, 16732599, - -4862407, -4906449, 27193557, 6245191}, - {-15193956, 5362278, -1783893, 2695834, 4960227, 12840725, 23061898, - 3260492, 22510453, 8577507}, - {-12632451, 11257346, -32692994, 13548177, -721004, 10879011, - 31168030, 13952092, -29571492, -3635906}, - }, - { - {3877321, -9572739, 32416692, 5405324, -11004407, -13656635, - 3759769, 11935320, 5611860, 8164018}, - {-16275802, 14667797, 15906460, 12155291, -22111149, -9039718, - 32003002, -8832289, 5773085, -8422109}, - {-23788118, -8254300, 1950875, 8937633, 18686727, 16459170, -905725, - 12376320, 31632953, 190926}, - }, - { - {-24593607, -16138885, -8423991, 13378746, 14162407, 6901328, - -8288749, 4508564, -25341555, -3627528}, - {8884438, -5884009, 6023974, 10104341, -6881569, -4941533, 18722941, - -14786005, -1672488, 827625}, - {-32720583, -16289296, -32503547, 7101210, 13354605, 2659080, - -1800575, -14108036, -24878478, 1541286}, - }, - { - {2901347, -1117687, 3880376, -10059388, -17620940, -3612781, - -21802117, -3567481, 20456845, -1885033}, - {27019610, 12299467, -13658288, -1603234, -12861660, -4861471, - -19540150, -5016058, 29439641, 15138866}, - {21536104, -6626420, -32447818, -10690208, -22408077, 5175814, - -5420040, -16361163, 7779328, 109896}, - }, - { - {30279744, 14648750, -8044871, 6425558, 13639621, -743509, 28698390, - 12180118, 23177719, -554075}, - {26572847, 3405927, -31701700, 12890905, -19265668, 5335866, - -6493768, 2378492, 4439158, -13279347}, - {-22716706, 3489070, -9225266, -332753, 18875722, -1140095, - 14819434, -12731527, -17717757, -5461437}, - }, - { - {-5056483, 16566551, 15953661, 3767752, -10436499, 15627060, - -820954, 2177225, 8550082, -15114165}, - {-18473302, 16596775, -381660, 15663611, 22860960, 15585581, - -27844109, -3582739, -23260460, -8428588}, - {-32480551, 15707275, -8205912, -5652081, 29464558, 2713815, - -22725137, 15860482, -21902570, 1494193}, - }, - { - {-19562091, -14087393, -25583872, -9299552, 13127842, 759709, - 21923482, 16529112, 8742704, 12967017}, - {-28464899, 1553205, 32536856, -10473729, -24691605, -406174, - -8914625, -2933896, -29903758, 15553883}, - {21877909, 3230008, 9881174, 10539357, -4797115, 2841332, 11543572, - 14513274, 19375923, -12647961}, - }, - { - {8832269, -14495485, 13253511, 5137575, 5037871, 4078777, 24880818, - -6222716, 2862653, 9455043}, - {29306751, 5123106, 20245049, -14149889, 9592566, 8447059, -2077124, - -2990080, 15511449, 4789663}, - {-20679756, 7004547, 8824831, -9434977, -4045704, -3750736, - -5754762, 108893, 23513200, 16652362}, - }, - }, - { - { - {-33256173, 4144782, -4476029, -6579123, 10770039, -7155542, - -6650416, -12936300, -18319198, 10212860}, - {2756081, 8598110, 7383731, -6859892, 22312759, -1105012, 21179801, - 2600940, -9988298, -12506466}, - {-24645692, 13317462, -30449259, -15653928, 21365574, -10869657, - 11344424, 864440, -2499677, -16710063}, - }, - { - {-26432803, 6148329, -17184412, -14474154, 18782929, -275997, - -22561534, 211300, 2719757, 4940997}, - {-1323882, 3911313, -6948744, 14759765, -30027150, 7851207, - 21690126, 8518463, 26699843, 5276295}, - {-13149873, -6429067, 9396249, 365013, 24703301, -10488939, 1321586, - 149635, -15452774, 7159369}, - }, - { - {9987780, -3404759, 17507962, 9505530, 9731535, -2165514, 22356009, - 8312176, 22477218, -8403385}, - {18155857, -16504990, 19744716, 9006923, 15154154, -10538976, - 24256460, -4864995, -22548173, 9334109}, - {2986088, -4911893, 10776628, -3473844, 10620590, -7083203, - -21413845, 14253545, -22587149, 536906}, - }, - { - {4377756, 8115836, 24567078, 15495314, 11625074, 13064599, 7390551, - 10589625, 10838060, -15420424}, - {-19342404, 867880, 9277171, -3218459, -14431572, -1986443, - 19295826, -15796950, 6378260, 699185}, - {7895026, 4057113, -7081772, -13077756, -17886831, -323126, -716039, - 15693155, -5045064, -13373962}, - }, - { - {-7737563, -5869402, -14566319, -7406919, 11385654, 13201616, - 31730678, -10962840, -3918636, -9669325}, - {10188286, -15770834, -7336361, 13427543, 22223443, 14896287, - 30743455, 7116568, -21786507, 5427593}, - {696102, 13206899, 27047647, -10632082, 15285305, -9853179, - 10798490, -4578720, 19236243, 12477404}, - }, - { - {-11229439, 11243796, -17054270, -8040865, -788228, -8167967, - -3897669, 11180504, -23169516, 7733644}, - {17800790, -14036179, -27000429, -11766671, 23887827, 3149671, - 23466177, -10538171, 10322027, 15313801}, - {26246234, 11968874, 32263343, -5468728, 6830755, -13323031, - -15794704, -101982, -24449242, 10890804}, - }, - { - {-31365647, 10271363, -12660625, -6267268, 16690207, -13062544, - -14982212, 16484931, 25180797, -5334884}, - {-586574, 10376444, -32586414, -11286356, 19801893, 10997610, - 2276632, 9482883, 316878, 13820577}, - {-9882808, -4510367, -2115506, 16457136, -11100081, 11674996, - 30756178, -7515054, 30696930, -3712849}, - }, - { - {32988917, -9603412, 12499366, 7910787, -10617257, -11931514, - -7342816, -9985397, -32349517, 7392473}, - {-8855661, 15927861, 9866406, -3649411, -2396914, -16655781, - -30409476, -9134995, 25112947, -2926644}, - {-2504044, -436966, 25621774, -5678772, 15085042, -5479877, - -24884878, -13526194, 5537438, -13914319}, - }, - }, - { - { - {-11225584, 2320285, -9584280, 10149187, -33444663, 5808648, - -14876251, -1729667, 31234590, 6090599}, - {-9633316, 116426, 26083934, 2897444, -6364437, -2688086, 609721, - 15878753, -6970405, -9034768}, - {-27757857, 247744, -15194774, -9002551, 23288161, -10011936, - -23869595, 6503646, 20650474, 1804084}, - }, - { - {-27589786, 15456424, 8972517, 8469608, 15640622, 4439847, 3121995, - -10329713, 27842616, -202328}, - {-15306973, 2839644, 22530074, 10026331, 4602058, 5048462, 28248656, - 5031932, -11375082, 12714369}, - {20807691, -7270825, 29286141, 11421711, -27876523, -13868230, - -21227475, 1035546, -19733229, 12796920}, - }, - { - {12076899, -14301286, -8785001, -11848922, -25012791, 16400684, - -17591495, -12899438, 3480665, -15182815}, - {-32361549, 5457597, 28548107, 7833186, 7303070, -11953545, - -24363064, -15921875, -33374054, 2771025}, - {-21389266, 421932, 26597266, 6860826, 22486084, -6737172, - -17137485, -4210226, -24552282, 15673397}, - }, - { - {-20184622, 2338216, 19788685, -9620956, -4001265, -8740893, - -20271184, 4733254, 3727144, -12934448}, - {6120119, 814863, -11794402, -622716, 6812205, -15747771, 2019594, - 7975683, 31123697, -10958981}, - {30069250, -11435332, 30434654, 2958439, 18399564, -976289, - 12296869, 9204260, -16432438, 9648165}, - }, - { - {32705432, -1550977, 30705658, 7451065, -11805606, 9631813, 3305266, - 5248604, -26008332, -11377501}, - {17219865, 2375039, -31570947, -5575615, -19459679, 9219903, 294711, - 15298639, 2662509, -16297073}, - {-1172927, -7558695, -4366770, -4287744, -21346413, -8434326, - 32087529, -1222777, 32247248, -14389861}, - }, - { - {14312628, 1221556, 17395390, -8700143, -4945741, -8684635, - -28197744, -9637817, -16027623, -13378845}, - {-1428825, -9678990, -9235681, 6549687, -7383069, -468664, 23046502, - 9803137, 17597934, 2346211}, - {18510800, 15337574, 26171504, 981392, -22241552, 7827556, - -23491134, -11323352, 3059833, -11782870}, - }, - { - {10141598, 6082907, 17829293, -1947643, 9830092, 13613136, - -25556636, -5544586, -33502212, 3592096}, - {33114168, -15889352, -26525686, -13343397, 33076705, 8716171, - 1151462, 1521897, -982665, -6837803}, - {-32939165, -4255815, 23947181, -324178, -33072974, -12305637, - -16637686, 3891704, 26353178, 693168}, - }, - { - {30374239, 1595580, -16884039, 13186931, 4600344, 406904, 9585294, - -400668, 31375464, 14369965}, - {-14370654, -7772529, 1510301, 6434173, -18784789, -6262728, - 32732230, -13108839, 17901441, 16011505}, - {18171223, -11934626, -12500402, 15197122, -11038147, -15230035, - -19172240, -16046376, 8764035, 12309598}, - }, - }, - { - { - {5975908, -5243188, -19459362, -9681747, -11541277, 14015782, - -23665757, 1228319, 17544096, -10593782}, - {5811932, -1715293, 3442887, -2269310, -18367348, -8359541, - -18044043, -15410127, -5565381, 12348900}, - {-31399660, 11407555, 25755363, 6891399, -3256938, 14872274, - -24849353, 8141295, -10632534, -585479}, - }, - { - {-12675304, 694026, -5076145, 13300344, 14015258, -14451394, - -9698672, -11329050, 30944593, 1130208}, - {8247766, -6710942, -26562381, -7709309, -14401939, -14648910, - 4652152, 2488540, 23550156, -271232}, - {17294316, -3788438, 7026748, 15626851, 22990044, 113481, 2267737, - -5908146, -408818, -137719}, - }, - { - {16091085, -16253926, 18599252, 7340678, 2137637, -1221657, - -3364161, 14550936, 3260525, -7166271}, - {-4910104, -13332887, 18550887, 10864893, -16459325, -7291596, - -23028869, -13204905, -12748722, 2701326}, - {-8574695, 16099415, 4629974, -16340524, -20786213, -6005432, - -10018363, 9276971, 11329923, 1862132}, - }, - { - {14763076, -15903608, -30918270, 3689867, 3511892, 10313526, - -21951088, 12219231, -9037963, -940300}, - {8894987, -3446094, 6150753, 3013931, 301220, 15693451, -31981216, - -2909717, -15438168, 11595570}, - {15214962, 3537601, -26238722, -14058872, 4418657, -15230761, - 13947276, 10730794, -13489462, -4363670}, - }, - { - {-2538306, 7682793, 32759013, 263109, -29984731, -7955452, - -22332124, -10188635, 977108, 699994}, - {-12466472, 4195084, -9211532, 550904, -15565337, 12917920, - 19118110, -439841, -30534533, -14337913}, - {31788461, -14507657, 4799989, 7372237, 8808585, -14747943, 9408237, - -10051775, 12493932, -5409317}, - }, - { - {-25680606, 5260744, -19235809, -6284470, -3695942, 16566087, - 27218280, 2607121, 29375955, 6024730}, - {842132, -2794693, -4763381, -8722815, 26332018, -12405641, - 11831880, 6985184, -9940361, 2854096}, - {-4847262, -7969331, 2516242, -5847713, 9695691, -7221186, 16512645, - 960770, 12121869, 16648078}, - }, - { - {-15218652, 14667096, -13336229, 2013717, 30598287, -464137, - -31504922, -7882064, 20237806, 2838411}, - {-19288047, 4453152, 15298546, -16178388, 22115043, -15972604, - 12544294, -13470457, 1068881, -12499905}, - {-9558883, -16518835, 33238498, 13506958, 30505848, -1114596, - -8486907, -2630053, 12521378, 4845654}, - }, - { - {-28198521, 10744108, -2958380, 10199664, 7759311, -13088600, - 3409348, -873400, -6482306, -12885870}, - {-23561822, 6230156, -20382013, 10655314, -24040585, -11621172, - 10477734, -1240216, -3113227, 13974498}, - {12966261, 15550616, -32038948, -1615346, 21025980, -629444, - 5642325, 7188737, 18895762, 12629579}, - }, - }, - { - { - {14741879, -14946887, 22177208, -11721237, 1279741, 8058600, - 11758140, 789443, 32195181, 3895677}, - {10758205, 15755439, -4509950, 9243698, -4879422, 6879879, -2204575, - -3566119, -8982069, 4429647}, - {-2453894, 15725973, -20436342, -10410672, -5803908, -11040220, - -7135870, -11642895, 18047436, -15281743}, - }, - { - {-25173001, -11307165, 29759956, 11776784, -22262383, -15820455, - 10993114, -12850837, -17620701, -9408468}, - {21987233, 700364, -24505048, 14972008, -7774265, -5718395, - 32155026, 2581431, -29958985, 8773375}, - {-25568350, 454463, -13211935, 16126715, 25240068, 8594567, - 20656846, 12017935, -7874389, -13920155}, - }, - { - {6028182, 6263078, -31011806, -11301710, -818919, 2461772, - -31841174, -5468042, -1721788, -2776725}, - {-12278994, 16624277, 987579, -5922598, 32908203, 1248608, 7719845, - -4166698, 28408820, 6816612}, - {-10358094, -8237829, 19549651, -12169222, 22082623, 16147817, - 20613181, 13982702, -10339570, 5067943}, - }, - { - {-30505967, -3821767, 12074681, 13582412, -19877972, 2443951, - -19719286, 12746132, 5331210, -10105944}, - {30528811, 3601899, -1957090, 4619785, -27361822, -15436388, - 24180793, -12570394, 27679908, -1648928}, - {9402404, -13957065, 32834043, 10838634, -26580150, -13237195, - 26653274, -8685565, 22611444, -12715406}, - }, - { - {22190590, 1118029, 22736441, 15130463, -30460692, -5991321, - 19189625, -4648942, 4854859, 6622139}, - {-8310738, -2953450, -8262579, -3388049, -10401731, -271929, - 13424426, -3567227, 26404409, 13001963}, - {-31241838, -15415700, -2994250, 8939346, 11562230, -12840670, - -26064365, -11621720, -15405155, 11020693}, - }, - { - {1866042, -7949489, -7898649, -10301010, 12483315, 13477547, - 3175636, -12424163, 28761762, 1406734}, - {-448555, -1777666, 13018551, 3194501, -9580420, -11161737, - 24760585, -4347088, 25577411, -13378680}, - {-24290378, 4759345, -690653, -1852816, 2066747, 10693769, - -29595790, 9884936, -9368926, 4745410}, - }, - { - {-9141284, 6049714, -19531061, -4341411, -31260798, 9944276, - -15462008, -11311852, 10931924, -11931931}, - {-16561513, 14112680, -8012645, 4817318, -8040464, -11414606, - -22853429, 10856641, -20470770, 13434654}, - {22759489, -10073434, -16766264, -1871422, 13637442, -10168091, - 1765144, -12654326, 28445307, -5364710}, - }, - { - {29875063, 12493613, 2795536, -3786330, 1710620, 15181182, - -10195717, -8788675, 9074234, 1167180}, - {-26205683, 11014233, -9842651, -2635485, -26908120, 7532294, - -18716888, -9535498, 3843903, 9367684}, - {-10969595, -6403711, 9591134, 9582310, 11349256, 108879, 16235123, - 8601684, -139197, 4242895}, - }, - }, - { - { - {22092954, -13191123, -2042793, -11968512, 32186753, -11517388, - -6574341, 2470660, -27417366, 16625501}, - {-11057722, 3042016, 13770083, -9257922, 584236, -544855, -7770857, - 2602725, -27351616, 14247413}, - {6314175, -10264892, -32772502, 15957557, -10157730, 168750, - -8618807, 14290061, 27108877, -1180880}, - }, - { - {-8586597, -7170966, 13241782, 10960156, -32991015, -13794596, - 33547976, -11058889, -27148451, 981874}, - {22833440, 9293594, -32649448, -13618667, -9136966, 14756819, - -22928859, -13970780, -10479804, -16197962}, - {-7768587, 3326786, -28111797, 10783824, 19178761, 14905060, - 22680049, 13906969, -15933690, 3797899}, - }, - { - {21721356, -4212746, -12206123, 9310182, -3882239, -13653110, - 23740224, -2709232, 20491983, -8042152}, - {9209270, -15135055, -13256557, -6167798, -731016, 15289673, - 25947805, 15286587, 30997318, -6703063}, - {7392032, 16618386, 23946583, -8039892, -13265164, -1533858, - -14197445, -2321576, 17649998, -250080}, - }, - { - {-9301088, -14193827, 30609526, -3049543, -25175069, -1283752, - -15241566, -9525724, -2233253, 7662146}, - {-17558673, 1763594, -33114336, 15908610, -30040870, -12174295, - 7335080, -8472199, -3174674, 3440183}, - {-19889700, -5977008, -24111293, -9688870, 10799743, -16571957, - 40450, -4431835, 4862400, 1133}, - }, - { - {-32856209, -7873957, -5422389, 14860950, -16319031, 7956142, - 7258061, 311861, -30594991, -7379421}, - {-3773428, -1565936, 28985340, 7499440, 24445838, 9325937, 29727763, - 16527196, 18278453, 15405622}, - {-4381906, 8508652, -19898366, -3674424, -5984453, 15149970, - -13313598, 843523, -21875062, 13626197}, - }, - { - {2281448, -13487055, -10915418, -2609910, 1879358, 16164207, - -10783882, 3953792, 13340839, 15928663}, - {31727126, -7179855, -18437503, -8283652, 2875793, -16390330, - -25269894, -7014826, -23452306, 5964753}, - {4100420, -5959452, -17179337, 6017714, -18705837, 12227141, - -26684835, 11344144, 2538215, -7570755}, - }, - { - {-9433605, 6123113, 11159803, -2156608, 30016280, 14966241, - -20474983, 1485421, -629256, -15958862}, - {-26804558, 4260919, 11851389, 9658551, -32017107, 16367492, - -20205425, -13191288, 11659922, -11115118}, - {26180396, 10015009, -30844224, -8581293, 5418197, 9480663, 2231568, - -10170080, 33100372, -1306171}, - }, - { - {15121113, -5201871, -10389905, 15427821, -27509937, -15992507, - 21670947, 4486675, -5931810, -14466380}, - {16166486, -9483733, -11104130, 6023908, -31926798, -1364923, - 2340060, -16254968, -10735770, -10039824}, - {28042865, -3557089, -12126526, 12259706, -3717498, -6945899, - 6766453, -8689599, 18036436, 5803270}, - }, - }, - { - { - {-817581, 6763912, 11803561, 1585585, 10958447, -2671165, 23855391, - 4598332, -6159431, -14117438}, - {-31031306, -14256194, 17332029, -2383520, 31312682, -5967183, - 696309, 50292, -20095739, 11763584}, - {-594563, -2514283, -32234153, 12643980, 12650761, 14811489, 665117, - -12613632, -19773211, -10713562}, - }, - { - {30464590, -11262872, -4127476, -12734478, 19835327, -7105613, - -24396175, 2075773, -17020157, 992471}, - {18357185, -6994433, 7766382, 16342475, -29324918, 411174, 14578841, - 8080033, -11574335, -10601610}, - {19598397, 10334610, 12555054, 2555664, 18821899, -10339780, - 21873263, 16014234, 26224780, 16452269}, - }, - { - {-30223925, 5145196, 5944548, 16385966, 3976735, 2009897, -11377804, - -7618186, -20533829, 3698650}, - {14187449, 3448569, -10636236, -10810935, -22663880, -3433596, - 7268410, -10890444, 27394301, 12015369}, - {19695761, 16087646, 28032085, 12999827, 6817792, 11427614, - 20244189, -1312777, -13259127, -3402461}, - }, - { - {30860103, 12735208, -1888245, -4699734, -16974906, 2256940, - -8166013, 12298312, -8550524, -10393462}, - {-5719826, -11245325, -1910649, 15569035, 26642876, -7587760, - -5789354, -15118654, -4976164, 12651793}, - {-2848395, 9953421, 11531313, -5282879, 26895123, -12697089, - -13118820, -16517902, 9768698, -2533218}, - }, - { - {-24719459, 1894651, -287698, -4704085, 15348719, -8156530, - 32767513, 12765450, 4940095, 10678226}, - {18860224, 15980149, -18987240, -1562570, -26233012, -11071856, - -7843882, 13944024, -24372348, 16582019}, - {-15504260, 4970268, -29893044, 4175593, -20993212, -2199756, - -11704054, 15444560, -11003761, 7989037}, - }, - { - {31490452, 5568061, -2412803, 2182383, -32336847, 4531686, - -32078269, 6200206, -19686113, -14800171}, - {-17308668, -15879940, -31522777, -2831, -32887382, 16375549, - 8680158, -16371713, 28550068, -6857132}, - {-28126887, -5688091, 16837845, -1820458, -6850681, 12700016, - -30039981, 4364038, 1155602, 5988841}, - }, - { - {21890435, -13272907, -12624011, 12154349, -7831873, 15300496, - 23148983, -4470481, 24618407, 8283181}, - {-33136107, -10512751, 9975416, 6841041, -31559793, 16356536, - 3070187, -7025928, 1466169, 10740210}, - {-1509399, -15488185, -13503385, -10655916, 32799044, 909394, - -13938903, -5779719, -32164649, -15327040}, - }, - { - {3960823, -14267803, -28026090, -15918051, -19404858, 13146868, - 15567327, 951507, -3260321, -573935}, - {24740841, 5052253, -30094131, 8961361, 25877428, 6165135, - -24368180, 14397372, -7380369, -6144105}, - {-28888365, 3510803, -28103278, -1158478, -11238128, -10631454, - -15441463, -14453128, -1625486, -6494814}, - }, - }, - { - { - {793299, -9230478, 8836302, -6235707, -27360908, -2369593, 33152843, - -4885251, -9906200, -621852}, - {5666233, 525582, 20782575, -8038419, -24538499, 14657740, 16099374, - 1468826, -6171428, -15186581}, - {-4859255, -3779343, -2917758, -6748019, 7778750, 11688288, - -30404353, -9871238, -1558923, -9863646}, - }, - { - {10896332, -7719704, 824275, 472601, -19460308, 3009587, 25248958, - 14783338, -30581476, -15757844}, - {10566929, 12612572, -31944212, 11118703, -12633376, 12362879, - 21752402, 8822496, 24003793, 14264025}, - {27713862, -7355973, -11008240, 9227530, 27050101, 2504721, - 23886875, -13117525, 13958495, -5732453}, - }, - { - {-23481610, 4867226, -27247128, 3900521, 29838369, -8212291, - -31889399, -10041781, 7340521, -15410068}, - {4646514, -8011124, -22766023, -11532654, 23184553, 8566613, - 31366726, -1381061, -15066784, -10375192}, - {-17270517, 12723032, -16993061, 14878794, 21619651, -6197576, - 27584817, 3093888, -8843694, 3849921}, - }, - { - {-9064912, 2103172, 25561640, -15125738, -5239824, 9582958, - 32477045, -9017955, 5002294, -15550259}, - {-12057553, -11177906, 21115585, -13365155, 8808712, -12030708, - 16489530, 13378448, -25845716, 12741426}, - {-5946367, 10645103, -30911586, 15390284, -3286982, -7118677, - 24306472, 15852464, 28834118, -7646072}, - }, - { - {-17335748, -9107057, -24531279, 9434953, -8472084, -583362, - -13090771, 455841, 20461858, 5491305}, - {13669248, -16095482, -12481974, -10203039, -14569770, -11893198, - -24995986, 11293807, -28588204, -9421832}, - {28497928, 6272777, -33022994, 14470570, 8906179, -1225630, - 18504674, -14165166, 29867745, -8795943}, - }, - { - {-16207023, 13517196, -27799630, -13697798, 24009064, -6373891, - -6367600, -13175392, 22853429, -4012011}, - {24191378, 16712145, -13931797, 15217831, 14542237, 1646131, - 18603514, -11037887, 12876623, -2112447}, - {17902668, 4518229, -411702, -2829247, 26878217, 5258055, -12860753, - 608397, 16031844, 3723494}, - }, - { - {-28632773, 12763728, -20446446, 7577504, 33001348, -13017745, - 17558842, -7872890, 23896954, -4314245}, - {-20005381, -12011952, 31520464, 605201, 2543521, 5991821, -2945064, - 7229064, -9919646, -8826859}, - {28816045, 298879, -28165016, -15920938, 19000928, -1665890, - -12680833, -2949325, -18051778, -2082915}, - }, - { - {16000882, -344896, 3493092, -11447198, -29504595, -13159789, - 12577740, 16041268, -19715240, 7847707}, - {10151868, 10572098, 27312476, 7922682, 14825339, 4723128, - -32855931, -6519018, -10020567, 3852848}, - {-11430470, 15697596, -21121557, -4420647, 5386314, 15063598, - 16514493, -15932110, 29330899, -15076224}, - }, - }, - { - { - {-25499735, -4378794, -15222908, -6901211, 16615731, 2051784, - 3303702, 15490, -27548796, 12314391}, - {15683520, -6003043, 18109120, -9980648, 15337968, -5997823, - -16717435, 15921866, 16103996, -3731215}, - {-23169824, -10781249, 13588192, -1628807, -3798557, -1074929, - -19273607, 5402699, -29815713, -9841101}, - }, - { - {23190676, 2384583, -32714340, 3462154, -29903655, -1529132, - -11266856, 8911517, -25205859, 2739713}, - {21374101, -3554250, -33524649, 9874411, 15377179, 11831242, - -33529904, 6134907, 4931255, 11987849}, - {-7732, -2978858, -16223486, 7277597, 105524, -322051, -31480539, - 13861388, -30076310, 10117930}, - }, - { - {-29501170, -10744872, -26163768, 13051539, -25625564, 5089643, - -6325503, 6704079, 12890019, 15728940}, - {-21972360, -11771379, -951059, -4418840, 14704840, 2695116, 903376, - -10428139, 12885167, 8311031}, - {-17516482, 5352194, 10384213, -13811658, 7506451, 13453191, - 26423267, 4384730, 1888765, -5435404}, - }, - { - {-25817338, -3107312, -13494599, -3182506, 30896459, -13921729, - -32251644, -12707869, -19464434, -3340243}, - {-23607977, -2665774, -526091, 4651136, 5765089, 4618330, 6092245, - 14845197, 17151279, -9854116}, - {-24830458, -12733720, -15165978, 10367250, -29530908, -265356, - 22825805, -7087279, -16866484, 16176525}, - }, - { - {-23583256, 6564961, 20063689, 3798228, -4740178, 7359225, 2006182, - -10363426, -28746253, -10197509}, - {-10626600, -4486402, -13320562, -5125317, 3432136, -6393229, - 23632037, -1940610, 32808310, 1099883}, - {15030977, 5768825, -27451236, -2887299, -6427378, -15361371, - -15277896, -6809350, 2051441, -15225865}, - }, - { - {-3362323, -7239372, 7517890, 9824992, 23555850, 295369, 5148398, - -14154188, -22686354, 16633660}, - {4577086, -16752288, 13249841, -15304328, 19958763, -14537274, - 18559670, -10759549, 8402478, -9864273}, - {-28406330, -1051581, -26790155, -907698, -17212414, -11030789, - 9453451, -14980072, 17983010, 9967138}, - }, - { - {-25762494, 6524722, 26585488, 9969270, 24709298, 1220360, -1677990, - 7806337, 17507396, 3651560}, - {-10420457, -4118111, 14584639, 15971087, -15768321, 8861010, - 26556809, -5574557, -18553322, -11357135}, - {2839101, 14284142, 4029895, 3472686, 14402957, 12689363, -26642121, - 8459447, -5605463, -7621941}, - }, - { - {-4839289, -3535444, 9744961, 2871048, 25113978, 3187018, -25110813, - -849066, 17258084, -7977739}, - {18164541, -10595176, -17154882, -1542417, 19237078, -9745295, - 23357533, -15217008, 26908270, 12150756}, - {-30264870, -7647865, 5112249, -7036672, -1499807, -6974257, 43168, - -5537701, -32302074, 16215819}, - }, - }, - { - { - {-6898905, 9824394, -12304779, -4401089, -31397141, -6276835, - 32574489, 12532905, -7503072, -8675347}, - {-27343522, -16515468, -27151524, -10722951, 946346, 16291093, - 254968, 7168080, 21676107, -1943028}, - {21260961, -8424752, -16831886, -11920822, -23677961, 3968121, - -3651949, -6215466, -3556191, -7913075}, - }, - { - {16544754, 13250366, -16804428, 15546242, -4583003, 12757258, - -2462308, -8680336, -18907032, -9662799}, - {-2415239, -15577728, 18312303, 4964443, -15272530, -12653564, - 26820651, 16690659, 25459437, -4564609}, - {-25144690, 11425020, 28423002, -11020557, -6144921, -15826224, - 9142795, -2391602, -6432418, -1644817}, - }, - { - {-23104652, 6253476, 16964147, -3768872, -25113972, -12296437, - -27457225, -16344658, 6335692, 7249989}, - {-30333227, 13979675, 7503222, -12368314, -11956721, -4621693, - -30272269, 2682242, 25993170, -12478523}, - {4364628, 5930691, 32304656, -10044554, -8054781, 15091131, - 22857016, -10598955, 31820368, 15075278}, - }, - { - {31879134, -8918693, 17258761, 90626, -8041836, -4917709, 24162788, - -9650886, -17970238, 12833045}, - {19073683, 14851414, -24403169, -11860168, 7625278, 11091125, - -19619190, 2074449, -9413939, 14905377}, - {24483667, -11935567, -2518866, -11547418, -1553130, 15355506, - -25282080, 9253129, 27628530, -7555480}, - }, - { - {17597607, 8340603, 19355617, 552187, 26198470, -3176583, 4593324, - -9157582, -14110875, 15297016}, - {510886, 14337390, -31785257, 16638632, 6328095, 2713355, -20217417, - -11864220, 8683221, 2921426}, - {18606791, 11874196, 27155355, -5281482, -24031742, 6265446, - -25178240, -1278924, 4674690, 13890525}, - }, - { - {13609624, 13069022, -27372361, -13055908, 24360586, 9592974, - 14977157, 9835105, 4389687, 288396}, - {9922506, -519394, 13613107, 5883594, -18758345, -434263, -12304062, - 8317628, 23388070, 16052080}, - {12720016, 11937594, -31970060, -5028689, 26900120, 8561328, - -20155687, -11632979, -14754271, -10812892}, - }, - { - {15961858, 14150409, 26716931, -665832, -22794328, 13603569, - 11829573, 7467844, -28822128, 929275}, - {11038231, -11582396, -27310482, -7316562, -10498527, -16307831, - -23479533, -9371869, -21393143, 2465074}, - {20017163, -4323226, 27915242, 1529148, 12396362, 15675764, - 13817261, -9658066, 2463391, -4622140}, - }, - { - {-16358878, -12663911, -12065183, 4996454, -1256422, 1073572, - 9583558, 12851107, 4003896, 12673717}, - {-1731589, -15155870, -3262930, 16143082, 19294135, 13385325, - 14741514, -9103726, 7903886, 2348101}, - {24536016, -16515207, 12715592, -3862155, 1511293, 10047386, - -3842346, -7129159, -28377538, 10048127}, - }, - }, - { - { - {-12622226, -6204820, 30718825, 2591312, -10617028, 12192840, - 18873298, -7297090, -32297756, 15221632}, - {-26478122, -11103864, 11546244, -1852483, 9180880, 7656409, - -21343950, 2095755, 29769758, 6593415}, - {-31994208, -2907461, 4176912, 3264766, 12538965, -868111, 26312345, - -6118678, 30958054, 8292160}, - }, - { - {31429822, -13959116, 29173532, 15632448, 12174511, -2760094, - 32808831, 3977186, 26143136, -3148876}, - {22648901, 1402143, -22799984, 13746059, 7936347, 365344, -8668633, - -1674433, -3758243, -2304625}, - {-15491917, 8012313, -2514730, -12702462, -23965846, -10254029, - -1612713, -1535569, -16664475, 8194478}, - }, - { - {27338066, -7507420, -7414224, 10140405, -19026427, -6589889, - 27277191, 8855376, 28572286, 3005164}, - {26287124, 4821776, 25476601, -4145903, -3764513, -15788984, - -18008582, 1182479, -26094821, -13079595}, - {-7171154, 3178080, 23970071, 6201893, -17195577, -4489192, - -21876275, -13982627, 32208683, -1198248}, - }, - { - {-16657702, 2817643, -10286362, 14811298, 6024667, 13349505, - -27315504, -10497842, -27672585, -11539858}, - {15941029, -9405932, -21367050, 8062055, 31876073, -238629, - -15278393, -1444429, 15397331, -4130193}, - {8934485, -13485467, -23286397, -13423241, -32446090, 14047986, - 31170398, -1441021, -27505566, 15087184}, - }, - { - {-18357243, -2156491, 24524913, -16677868, 15520427, -6360776, - -15502406, 11461896, 16788528, -5868942}, - {-1947386, 16013773, 21750665, 3714552, -17401782, -16055433, - -3770287, -10323320, 31322514, -11615635}, - {21426655, -5650218, -13648287, -5347537, -28812189, -4920970, - -18275391, -14621414, 13040862, -12112948}, - }, - { - {11293895, 12478086, -27136401, 15083750, -29307421, 14748872, - 14555558, -13417103, 1613711, 4896935}, - {-25894883, 15323294, -8489791, -8057900, 25967126, -13425460, - 2825960, -4897045, -23971776, -11267415}, - {-15924766, -5229880, -17443532, 6410664, 3622847, 10243618, - 20615400, 12405433, -23753030, -8436416}, - }, - { - {-7091295, 12556208, -20191352, 9025187, -17072479, 4333801, - 4378436, 2432030, 23097949, -566018}, - {4565804, -16025654, 20084412, -7842817, 1724999, 189254, 24767264, - 10103221, -18512313, 2424778}, - {366633, -11976806, 8173090, -6890119, 30788634, 5745705, -7168678, - 1344109, -3642553, 12412659}, - }, - { - {-24001791, 7690286, 14929416, -168257, -32210835, -13412986, - 24162697, -15326504, -3141501, 11179385}, - {18289522, -14724954, 8056945, 16430056, -21729724, 7842514, - -6001441, -1486897, -18684645, -11443503}, - {476239, 6601091, -6152790, -9723375, 17503545, -4863900, 27672959, - 13403813, 11052904, 5219329}, - }, - }, - { - { - {20678546, -8375738, -32671898, 8849123, -5009758, 14574752, - 31186971, -3973730, 9014762, -8579056}, - {-13644050, -10350239, -15962508, 5075808, -1514661, -11534600, - -33102500, 9160280, 8473550, -3256838}, - {24900749, 14435722, 17209120, -15292541, -22592275, 9878983, - -7689309, -16335821, -24568481, 11788948}, - }, - { - {-3118155, -11395194, -13802089, 14797441, 9652448, -6845904, - -20037437, 10410733, -24568470, -1458691}, - {-15659161, 16736706, -22467150, 10215878, -9097177, 7563911, - 11871841, -12505194, -18513325, 8464118}, - {-23400612, 8348507, -14585951, -861714, -3950205, -6373419, - 14325289, 8628612, 33313881, -8370517}, - }, - { - {-20186973, -4967935, 22367356, 5271547, -1097117, -4788838, - -24805667, -10236854, -8940735, -5818269}, - {-6948785, -1795212, -32625683, -16021179, 32635414, -7374245, - 15989197, -12838188, 28358192, -4253904}, - {-23561781, -2799059, -32351682, -1661963, -9147719, 10429267, - -16637684, 4072016, -5351664, 5596589}, - }, - { - {-28236598, -3390048, 12312896, 6213178, 3117142, 16078565, - 29266239, 2557221, 1768301, 15373193}, - {-7243358, -3246960, -4593467, -7553353, -127927, -912245, -1090902, - -4504991, -24660491, 3442910}, - {-30210571, 5124043, 14181784, 8197961, 18964734, -11939093, - 22597931, 7176455, -18585478, 13365930}, - }, - { - {-7877390, -1499958, 8324673, 4690079, 6261860, 890446, 24538107, - -8570186, -9689599, -3031667}, - {25008904, -10771599, -4305031, -9638010, 16265036, 15721635, - 683793, -11823784, 15723479, -15163481}, - {-9660625, 12374379, -27006999, -7026148, -7724114, -12314514, - 11879682, 5400171, 519526, -1235876}, - }, - { - {22258397, -16332233, -7869817, 14613016, -22520255, -2950923, - -20353881, 7315967, 16648397, 7605640}, - {-8081308, -8464597, -8223311, 9719710, 19259459, -15348212, - 23994942, -5281555, -9468848, 4763278}, - {-21699244, 9220969, -15730624, 1084137, -25476107, -2852390, - 31088447, -7764523, -11356529, 728112}, - }, - { - {26047220, -11751471, -6900323, -16521798, 24092068, 9158119, - -4273545, -12555558, -29365436, -5498272}, - {17510331, -322857, 5854289, 8403524, 17133918, -3112612, -28111007, - 12327945, 10750447, 10014012}, - {-10312768, 3936952, 9156313, -8897683, 16498692, -994647, - -27481051, -666732, 3424691, 7540221}, - }, - { - {30322361, -6964110, 11361005, -4143317, 7433304, 4989748, -7071422, - -16317219, -9244265, 15258046}, - {13054562, -2779497, 19155474, 469045, -12482797, 4566042, 5631406, - 2711395, 1062915, -5136345}, - {-19240248, -11254599, -29509029, -7499965, -5835763, 13005411, - -6066489, 12194497, 32960380, 1459310}, - }, - }, - { - { - {19852034, 7027924, 23669353, 10020366, 8586503, -6657907, 394197, - -6101885, 18638003, -11174937}, - {31395534, 15098109, 26581030, 8030562, -16527914, -5007134, - 9012486, -7584354, -6643087, -5442636}, - {-9192165, -2347377, -1997099, 4529534, 25766844, 607986, -13222, - 9677543, -32294889, -6456008}, - }, - { - {-2444496, -149937, 29348902, 8186665, 1873760, 12489863, -30934579, - -7839692, -7852844, -8138429}, - {-15236356, -15433509, 7766470, 746860, 26346930, -10221762, - -27333451, 10754588, -9431476, 5203576}, - {31834314, 14135496, -770007, 5159118, 20917671, -16768096, - -7467973, -7337524, 31809243, 7347066}, - }, - { - {-9606723, -11874240, 20414459, 13033986, 13716524, -11691881, - 19797970, -12211255, 15192876, -2087490}, - {-12663563, -2181719, 1168162, -3804809, 26747877, -14138091, - 10609330, 12694420, 33473243, -13382104}, - {33184999, 11180355, 15832085, -11385430, -1633671, 225884, - 15089336, -11023903, -6135662, 14480053}, - }, - { - {31308717, -5619998, 31030840, -1897099, 15674547, -6582883, - 5496208, 13685227, 27595050, 8737275}, - {-20318852, -15150239, 10933843, -16178022, 8335352, -7546022, - -31008351, -12610604, 26498114, 66511}, - {22644454, -8761729, -16671776, 4884562, -3105614, -13559366, - 30540766, -4286747, -13327787, -7515095}, - }, - { - {-28017847, 9834845, 18617207, -2681312, -3401956, -13307506, - 8205540, 13585437, -17127465, 15115439}, - {23711543, -672915, 31206561, -8362711, 6164647, -9709987, - -33535882, -1426096, 8236921, 16492939}, - {-23910559, -13515526, -26299483, -4503841, 25005590, -7687270, - 19574902, 10071562, 6708380, -6222424}, - }, - { - {2101391, -4930054, 19702731, 2367575, -15427167, 1047675, 5301017, - 9328700, 29955601, -11678310}, - {3096359, 9271816, -21620864, -15521844, -14847996, -7592937, - -25892142, -12635595, -9917575, 6216608}, - {-32615849, 338663, -25195611, 2510422, -29213566, -13820213, - 24822830, -6146567, -26767480, 7525079}, - }, - { - {-23066649, -13985623, 16133487, -7896178, -3389565, 778788, - -910336, -2782495, -19386633, 11994101}, - {21691500, -13624626, -641331, -14367021, 3285881, -3483596, - -25064666, 9718258, -7477437, 13381418}, - {18445390, -4202236, 14979846, 11622458, -1727110, -3582980, - 23111648, -6375247, 28535282, 15779576}, - }, - { - {30098053, 3089662, -9234387, 16662135, -21306940, 11308411, - -14068454, 12021730, 9955285, -16303356}, - {9734894, -14576830, -7473633, -9138735, 2060392, 11313496, - -18426029, 9924399, 20194861, 13380996}, - {-26378102, -7965207, -22167821, 15789297, -18055342, -6168792, - -1984914, 15707771, 26342023, 10146099}, - }, - }, - { - { - {-26016874, -219943, 21339191, -41388, 19745256, -2878700, - -29637280, 2227040, 21612326, -545728}, - {-13077387, 1184228, 23562814, -5970442, -20351244, -6348714, - 25764461, 12243797, -20856566, 11649658}, - {-10031494, 11262626, 27384172, 2271902, 26947504, -15997771, 39944, - 6114064, 33514190, 2333242}, - }, - { - {-21433588, -12421821, 8119782, 7219913, -21830522, -9016134, - -6679750, -12670638, 24350578, -13450001}, - {-4116307, -11271533, -23886186, 4843615, -30088339, 690623, - -31536088, -10406836, 8317860, 12352766}, - {18200138, -14475911, -33087759, -2696619, -23702521, -9102511, - -23552096, -2287550, 20712163, 6719373}, - }, - { - {26656208, 6075253, -7858556, 1886072, -28344043, 4262326, 11117530, - -3763210, 26224235, -3297458}, - {-17168938, -14854097, -3395676, -16369877, -19954045, 14050420, - 21728352, 9493610, 18620611, -16428628}, - {-13323321, 13325349, 11432106, 5964811, 18609221, 6062965, - -5269471, -9725556, -30701573, -16479657}, - }, - { - {-23860538, -11233159, 26961357, 1640861, -32413112, -16737940, - 12248509, -5240639, 13735342, 1934062}, - {25089769, 6742589, 17081145, -13406266, 21909293, -16067981, - -15136294, -3765346, -21277997, 5473616}, - {31883677, -7961101, 1083432, -11572403, 22828471, 13290673, - -7125085, 12469656, 29111212, -5451014}, - }, - { - {24244947, -15050407, -26262976, 2791540, -14997599, 16666678, - 24367466, 6388839, -10295587, 452383}, - {-25640782, -3417841, 5217916, 16224624, 19987036, -4082269, - -24236251, -5915248, 15766062, 8407814}, - {-20406999, 13990231, 15495425, 16395525, 5377168, 15166495, - -8917023, -4388953, -8067909, 2276718}, - }, - { - {30157918, 12924066, -17712050, 9245753, 19895028, 3368142, - -23827587, 5096219, 22740376, -7303417}, - {2041139, -14256350, 7783687, 13876377, -25946985, -13352459, - 24051124, 13742383, -15637599, 13295222}, - {33338237, -8505733, 12532113, 7977527, 9106186, -1715251, - -17720195, -4612972, -4451357, -14669444}, - }, - { - {-20045281, 5454097, -14346548, 6447146, 28862071, 1883651, - -2469266, -4141880, 7770569, 9620597}, - {23208068, 7979712, 33071466, 8149229, 1758231, -10834995, 30945528, - -1694323, -33502340, -14767970}, - {1439958, -16270480, -1079989, -793782, 4625402, 10647766, -5043801, - 1220118, 30494170, -11440799}, - }, - { - {-5037580, -13028295, -2970559, -3061767, 15640974, -6701666, - -26739026, 926050, -1684339, -13333647}, - {13908495, -3549272, 30919928, -6273825, -21521863, 7989039, - 9021034, 9078865, 3353509, 4033511}, - {-29663431, -15113610, 32259991, -344482, 24295849, -12912123, - 23161163, 8839127, 27485041, 7356032}, - }, - }, - { - { - {9661027, 705443, 11980065, -5370154, -1628543, 14661173, -6346142, - 2625015, 28431036, -16771834}, - {-23839233, -8311415, -25945511, 7480958, -17681669, -8354183, - -22545972, 14150565, 15970762, 4099461}, - {29262576, 16756590, 26350592, -8793563, 8529671, -11208050, - 13617293, -9937143, 11465739, 8317062}, - }, - { - {-25493081, -6962928, 32500200, -9419051, -23038724, -2302222, - 14898637, 3848455, 20969334, -5157516}, - {-20384450, -14347713, -18336405, 13884722, -33039454, 2842114, - -21610826, -3649888, 11177095, 14989547}, - {-24496721, -11716016, 16959896, 2278463, 12066309, 10137771, - 13515641, 2581286, -28487508, 9930240}, - }, - { - {-17751622, -2097826, 16544300, -13009300, -15914807, -14949081, - 18345767, -13403753, 16291481, -5314038}, - {-33229194, 2553288, 32678213, 9875984, 8534129, 6889387, -9676774, - 6957617, 4368891, 9788741}, - {16660756, 7281060, -10830758, 12911820, 20108584, -8101676, - -21722536, -8613148, 16250552, -11111103}, - }, - { - {-19765507, 2390526, -16551031, 14161980, 1905286, 6414907, 4689584, - 10604807, -30190403, 4782747}, - {-1354539, 14736941, -7367442, -13292886, 7710542, -14155590, - -9981571, 4383045, 22546403, 437323}, - {31665577, -12180464, -16186830, 1491339, -18368625, 3294682, - 27343084, 2786261, -30633590, -14097016}, - }, - { - {-14467279, -683715, -33374107, 7448552, 19294360, 14334329, - -19690631, 2355319, -19284671, -6114373}, - {15121312, -15796162, 6377020, -6031361, -10798111, -12957845, - 18952177, 15496498, -29380133, 11754228}, - {-2637277, -13483075, 8488727, -14303896, 12728761, -1622493, - 7141596, 11724556, 22761615, -10134141}, - }, - { - {16918416, 11729663, -18083579, 3022987, -31015732, -13339659, - -28741185, -12227393, 32851222, 11717399}, - {11166634, 7338049, -6722523, 4531520, -29468672, -7302055, - 31474879, 3483633, -1193175, -4030831}, - {-185635, 9921305, 31456609, -13536438, -12013818, 13348923, - 33142652, 6546660, -19985279, -3948376}, - }, - { - {-32460596, 11266712, -11197107, -7899103, 31703694, 3855903, - -8537131, -12833048, -30772034, -15486313}, - {-18006477, 12709068, 3991746, -6479188, -21491523, -10550425, - -31135347, -16049879, 10928917, 3011958}, - {-6957757, -15594337, 31696059, 334240, 29576716, 14796075, - -30831056, -12805180, 18008031, 10258577}, - }, - { - {-22448644, 15655569, 7018479, -4410003, -30314266, -1201591, - -1853465, 1367120, 25127874, 6671743}, - {29701166, -14373934, -10878120, 9279288, -17568, 13127210, - 21382910, 11042292, 25838796, 4642684}, - {-20430234, 14955537, -24126347, 8124619, -5369288, -5990470, - 30468147, -13900640, 18423289, 4177476}, - }, - }, -}; - -static uint8_t negative(signed char b) { - uint32_t x = b; - x >>= 31; /* 1: yes; 0: no */ - return x; -} - -static void table_select(ge_precomp *t, int pos, signed char b) { - ge_precomp minust; - uint8_t bnegative = negative(b); - uint8_t babs = b - ((uint8_t)((-bnegative) & b) << 1); - - ge_precomp_0(t); - cmov(t, &k25519Precomp[pos][0], equal(babs, 1)); - cmov(t, &k25519Precomp[pos][1], equal(babs, 2)); - cmov(t, &k25519Precomp[pos][2], equal(babs, 3)); - cmov(t, &k25519Precomp[pos][3], equal(babs, 4)); - cmov(t, &k25519Precomp[pos][4], equal(babs, 5)); - cmov(t, &k25519Precomp[pos][5], equal(babs, 6)); - cmov(t, &k25519Precomp[pos][6], equal(babs, 7)); - cmov(t, &k25519Precomp[pos][7], equal(babs, 8)); - fe_copy(minust.yplusx, t->yminusx); - fe_copy(minust.yminusx, t->yplusx); - fe_neg(minust.xy2d, t->xy2d); - cmov(t, &minust, bnegative); -} - -/* h = a * B - * where a = a[0]+256*a[1]+...+256^31 a[31] - * B is the Ed25519 base point (x,4/5) with x positive. - * - * Preconditions: - * a[31] <= 127 */ -void x25519_ge_scalarmult_base(ge_p3 *h, const uint8_t a[32]) { - signed char e[64]; - signed char carry; - ge_p1p1 r; - ge_p2 s; - ge_precomp t; - int i; - - for (i = 0; i < 32; ++i) { - e[2 * i + 0] = (a[i] >> 0) & 15; - e[2 * i + 1] = (a[i] >> 4) & 15; - } - /* each e[i] is between 0 and 15 */ - /* e[63] is between 0 and 7 */ - - carry = 0; - for (i = 0; i < 63; ++i) { - e[i] += carry; - carry = e[i] + 8; - carry >>= 4; - e[i] -= carry << 4; - } - e[63] += carry; - /* each e[i] is between -8 and 8 */ - - ge_p3_0(h); - for (i = 1; i < 64; i += 2) { - table_select(&t, i / 2, e[i]); - ge_madd(&r, h, &t); - x25519_ge_p1p1_to_p3(h, &r); - } - - ge_p3_dbl(&r, h); - x25519_ge_p1p1_to_p2(&s, &r); - ge_p2_dbl(&r, &s); - x25519_ge_p1p1_to_p2(&s, &r); - ge_p2_dbl(&r, &s); - x25519_ge_p1p1_to_p2(&s, &r); - ge_p2_dbl(&r, &s); - x25519_ge_p1p1_to_p3(h, &r); - - for (i = 0; i < 64; i += 2) { - table_select(&t, i / 2, e[i]); - ge_madd(&r, h, &t); - x25519_ge_p1p1_to_p3(h, &r); - } -} - -#endif - -static void cmov_cached(ge_cached *t, ge_cached *u, uint8_t b) { - fe_cmov(t->YplusX, u->YplusX, b); - fe_cmov(t->YminusX, u->YminusX, b); - fe_cmov(t->Z, u->Z, b); - fe_cmov(t->T2d, u->T2d, b); -} - -/* r = scalar * A. - * where a = a[0]+256*a[1]+...+256^31 a[31]. */ -void x25519_ge_scalarmult(ge_p2 *r, const uint8_t *scalar, const ge_p3 *A) { - ge_p2 Ai_p2[8]; - ge_cached Ai[16]; - ge_p1p1 t; - - ge_cached_0(&Ai[0]); - x25519_ge_p3_to_cached(&Ai[1], A); - ge_p3_to_p2(&Ai_p2[1], A); - - unsigned i; - for (i = 2; i < 16; i += 2) { - ge_p2_dbl(&t, &Ai_p2[i / 2]); - ge_p1p1_to_cached(&Ai[i], &t); - if (i < 8) { - x25519_ge_p1p1_to_p2(&Ai_p2[i], &t); - } - x25519_ge_add(&t, A, &Ai[i]); - ge_p1p1_to_cached(&Ai[i + 1], &t); - if (i < 7) { - x25519_ge_p1p1_to_p2(&Ai_p2[i + 1], &t); - } - } - - ge_p2_0(r); - ge_p3 u; - - for (i = 0; i < 256; i += 4) { - ge_p2_dbl(&t, r); - x25519_ge_p1p1_to_p2(r, &t); - ge_p2_dbl(&t, r); - x25519_ge_p1p1_to_p2(r, &t); - ge_p2_dbl(&t, r); - x25519_ge_p1p1_to_p2(r, &t); - ge_p2_dbl(&t, r); - x25519_ge_p1p1_to_p3(&u, &t); - - uint8_t index = scalar[31 - i/8]; - index >>= 4 - (i & 4); - index &= 0xf; - - unsigned j; - ge_cached selected; - ge_cached_0(&selected); - for (j = 0; j < 16; j++) { - cmov_cached(&selected, &Ai[j], equal(j, index)); - } - - x25519_ge_add(&t, &u, &selected); - x25519_ge_p1p1_to_p2(r, &t); - } -} - -static void slide(signed char *r, const uint8_t *a) { - int i; - int b; - int k; - - for (i = 0; i < 256; ++i) { - r[i] = 1 & (a[i >> 3] >> (i & 7)); - } - - for (i = 0; i < 256; ++i) { - if (r[i]) { - for (b = 1; b <= 6 && i + b < 256; ++b) { - if (r[i + b]) { - if (r[i] + (r[i + b] << b) <= 15) { - r[i] += r[i + b] << b; - r[i + b] = 0; - } else if (r[i] - (r[i + b] << b) >= -15) { - r[i] -= r[i + b] << b; - for (k = i + b; k < 256; ++k) { - if (!r[k]) { - r[k] = 1; - break; - } - r[k] = 0; - } - } else { - break; - } - } - } - } - } -} - -static const ge_precomp Bi[8] = { - { - {25967493, -14356035, 29566456, 3660896, -12694345, 4014787, 27544626, - -11754271, -6079156, 2047605}, - {-12545711, 934262, -2722910, 3049990, -727428, 9406986, 12720692, - 5043384, 19500929, -15469378}, - {-8738181, 4489570, 9688441, -14785194, 10184609, -12363380, 29287919, - 11864899, -24514362, -4438546}, - }, - { - {15636291, -9688557, 24204773, -7912398, 616977, -16685262, 27787600, - -14772189, 28944400, -1550024}, - {16568933, 4717097, -11556148, -1102322, 15682896, -11807043, 16354577, - -11775962, 7689662, 11199574}, - {30464156, -5976125, -11779434, -15670865, 23220365, 15915852, 7512774, - 10017326, -17749093, -9920357}, - }, - { - {10861363, 11473154, 27284546, 1981175, -30064349, 12577861, 32867885, - 14515107, -15438304, 10819380}, - {4708026, 6336745, 20377586, 9066809, -11272109, 6594696, -25653668, - 12483688, -12668491, 5581306}, - {19563160, 16186464, -29386857, 4097519, 10237984, -4348115, 28542350, - 13850243, -23678021, -15815942}, - }, - { - {5153746, 9909285, 1723747, -2777874, 30523605, 5516873, 19480852, - 5230134, -23952439, -15175766}, - {-30269007, -3463509, 7665486, 10083793, 28475525, 1649722, 20654025, - 16520125, 30598449, 7715701}, - {28881845, 14381568, 9657904, 3680757, -20181635, 7843316, -31400660, - 1370708, 29794553, -1409300}, - }, - { - {-22518993, -6692182, 14201702, -8745502, -23510406, 8844726, 18474211, - -1361450, -13062696, 13821877}, - {-6455177, -7839871, 3374702, -4740862, -27098617, -10571707, 31655028, - -7212327, 18853322, -14220951}, - {4566830, -12963868, -28974889, -12240689, -7602672, -2830569, -8514358, - -10431137, 2207753, -3209784}, - }, - { - {-25154831, -4185821, 29681144, 7868801, -6854661, -9423865, -12437364, - -663000, -31111463, -16132436}, - {25576264, -2703214, 7349804, -11814844, 16472782, 9300885, 3844789, - 15725684, 171356, 6466918}, - {23103977, 13316479, 9739013, -16149481, 817875, -15038942, 8965339, - -14088058, -30714912, 16193877}, - }, - { - {-33521811, 3180713, -2394130, 14003687, -16903474, -16270840, 17238398, - 4729455, -18074513, 9256800}, - {-25182317, -4174131, 32336398, 5036987, -21236817, 11360617, 22616405, - 9761698, -19827198, 630305}, - {-13720693, 2639453, -24237460, -7406481, 9494427, -5774029, -6554551, - -15960994, -2449256, -14291300}, - }, - { - {-3151181, -5046075, 9282714, 6866145, -31907062, -863023, -18940575, - 15033784, 25105118, -7894876}, - {-24326370, 15950226, -31801215, -14592823, -11662737, -5090925, - 1573892, -2625887, 2198790, -15804619}, - {-3099351, 10324967, -2241613, 7453183, -5446979, -2735503, -13812022, - -16236442, -32461234, -12290683}, - }, -}; - -/* r = a * A + b * B - * where a = a[0]+256*a[1]+...+256^31 a[31]. - * and b = b[0]+256*b[1]+...+256^31 b[31]. - * B is the Ed25519 base point (x,4/5) with x positive. */ -static void -ge_double_scalarmult_vartime(ge_p2 *r, const uint8_t *a, - const ge_p3 *A, const uint8_t *b) { - signed char aslide[256]; - signed char bslide[256]; - ge_cached Ai[8]; /* A,3A,5A,7A,9A,11A,13A,15A */ - ge_p1p1 t; - ge_p3 u; - ge_p3 A2; - int i; - - slide(aslide, a); - slide(bslide, b); - - x25519_ge_p3_to_cached(&Ai[0], A); - ge_p3_dbl(&t, A); - x25519_ge_p1p1_to_p3(&A2, &t); - x25519_ge_add(&t, &A2, &Ai[0]); - x25519_ge_p1p1_to_p3(&u, &t); - x25519_ge_p3_to_cached(&Ai[1], &u); - x25519_ge_add(&t, &A2, &Ai[1]); - x25519_ge_p1p1_to_p3(&u, &t); - x25519_ge_p3_to_cached(&Ai[2], &u); - x25519_ge_add(&t, &A2, &Ai[2]); - x25519_ge_p1p1_to_p3(&u, &t); - x25519_ge_p3_to_cached(&Ai[3], &u); - x25519_ge_add(&t, &A2, &Ai[3]); - x25519_ge_p1p1_to_p3(&u, &t); - x25519_ge_p3_to_cached(&Ai[4], &u); - x25519_ge_add(&t, &A2, &Ai[4]); - x25519_ge_p1p1_to_p3(&u, &t); - x25519_ge_p3_to_cached(&Ai[5], &u); - x25519_ge_add(&t, &A2, &Ai[5]); - x25519_ge_p1p1_to_p3(&u, &t); - x25519_ge_p3_to_cached(&Ai[6], &u); - x25519_ge_add(&t, &A2, &Ai[6]); - x25519_ge_p1p1_to_p3(&u, &t); - x25519_ge_p3_to_cached(&Ai[7], &u); - - ge_p2_0(r); - - for (i = 255; i >= 0; --i) { - if (aslide[i] || bslide[i]) { - break; - } - } - - for (; i >= 0; --i) { - ge_p2_dbl(&t, r); - - if (aslide[i] > 0) { - x25519_ge_p1p1_to_p3(&u, &t); - x25519_ge_add(&t, &u, &Ai[aslide[i] / 2]); - } else if (aslide[i] < 0) { - x25519_ge_p1p1_to_p3(&u, &t); - x25519_ge_sub(&t, &u, &Ai[(-aslide[i]) / 2]); - } - - if (bslide[i] > 0) { - x25519_ge_p1p1_to_p3(&u, &t); - ge_madd(&t, &u, &Bi[bslide[i] / 2]); - } else if (bslide[i] < 0) { - x25519_ge_p1p1_to_p3(&u, &t); - ge_msub(&t, &u, &Bi[(-bslide[i]) / 2]); - } - - x25519_ge_p1p1_to_p2(r, &t); - } -} - -/* The set of scalars is \Z/l - * where l = 2^252 + 27742317777372353535851937790883648493. */ - -/* Input: - * s[0]+256*s[1]+...+256^63*s[63] = s - * - * Output: - * s[0]+256*s[1]+...+256^31*s[31] = s mod l - * where l = 2^252 + 27742317777372353535851937790883648493. - * Overwrites s in place. */ -void -x25519_sc_reduce(uint8_t *s) { - int64_t s0 = 2097151 & load_3(s); - int64_t s1 = 2097151 & (load_4(s + 2) >> 5); - int64_t s2 = 2097151 & (load_3(s + 5) >> 2); - int64_t s3 = 2097151 & (load_4(s + 7) >> 7); - int64_t s4 = 2097151 & (load_4(s + 10) >> 4); - int64_t s5 = 2097151 & (load_3(s + 13) >> 1); - int64_t s6 = 2097151 & (load_4(s + 15) >> 6); - int64_t s7 = 2097151 & (load_3(s + 18) >> 3); - int64_t s8 = 2097151 & load_3(s + 21); - int64_t s9 = 2097151 & (load_4(s + 23) >> 5); - int64_t s10 = 2097151 & (load_3(s + 26) >> 2); - int64_t s11 = 2097151 & (load_4(s + 28) >> 7); - int64_t s12 = 2097151 & (load_4(s + 31) >> 4); - int64_t s13 = 2097151 & (load_3(s + 34) >> 1); - int64_t s14 = 2097151 & (load_4(s + 36) >> 6); - int64_t s15 = 2097151 & (load_3(s + 39) >> 3); - int64_t s16 = 2097151 & load_3(s + 42); - int64_t s17 = 2097151 & (load_4(s + 44) >> 5); - int64_t s18 = 2097151 & (load_3(s + 47) >> 2); - int64_t s19 = 2097151 & (load_4(s + 49) >> 7); - int64_t s20 = 2097151 & (load_4(s + 52) >> 4); - int64_t s21 = 2097151 & (load_3(s + 55) >> 1); - int64_t s22 = 2097151 & (load_4(s + 57) >> 6); - int64_t s23 = (load_4(s + 60) >> 3); - int64_t carry0; - int64_t carry1; - int64_t carry2; - int64_t carry3; - int64_t carry4; - int64_t carry5; - int64_t carry6; - int64_t carry7; - int64_t carry8; - int64_t carry9; - int64_t carry10; - int64_t carry11; - int64_t carry12; - int64_t carry13; - int64_t carry14; - int64_t carry15; - int64_t carry16; - - s11 += s23 * 666643; - s12 += s23 * 470296; - s13 += s23 * 654183; - s14 -= s23 * 997805; - s15 += s23 * 136657; - s16 -= s23 * 683901; - s23 = 0; - - s10 += s22 * 666643; - s11 += s22 * 470296; - s12 += s22 * 654183; - s13 -= s22 * 997805; - s14 += s22 * 136657; - s15 -= s22 * 683901; - s22 = 0; - - s9 += s21 * 666643; - s10 += s21 * 470296; - s11 += s21 * 654183; - s12 -= s21 * 997805; - s13 += s21 * 136657; - s14 -= s21 * 683901; - s21 = 0; - - s8 += s20 * 666643; - s9 += s20 * 470296; - s10 += s20 * 654183; - s11 -= s20 * 997805; - s12 += s20 * 136657; - s13 -= s20 * 683901; - s20 = 0; - - s7 += s19 * 666643; - s8 += s19 * 470296; - s9 += s19 * 654183; - s10 -= s19 * 997805; - s11 += s19 * 136657; - s12 -= s19 * 683901; - s19 = 0; - - s6 += s18 * 666643; - s7 += s18 * 470296; - s8 += s18 * 654183; - s9 -= s18 * 997805; - s10 += s18 * 136657; - s11 -= s18 * 683901; - s18 = 0; - - carry6 = (s6 + (1 << 20)) >> 21; - s7 += carry6; - s6 -= carry6 << 21; - carry8 = (s8 + (1 << 20)) >> 21; - s9 += carry8; - s8 -= carry8 << 21; - carry10 = (s10 + (1 << 20)) >> 21; - s11 += carry10; - s10 -= carry10 << 21; - carry12 = (s12 + (1 << 20)) >> 21; - s13 += carry12; - s12 -= carry12 << 21; - carry14 = (s14 + (1 << 20)) >> 21; - s15 += carry14; - s14 -= carry14 << 21; - carry16 = (s16 + (1 << 20)) >> 21; - s17 += carry16; - s16 -= carry16 << 21; - - carry7 = (s7 + (1 << 20)) >> 21; - s8 += carry7; - s7 -= carry7 << 21; - carry9 = (s9 + (1 << 20)) >> 21; - s10 += carry9; - s9 -= carry9 << 21; - carry11 = (s11 + (1 << 20)) >> 21; - s12 += carry11; - s11 -= carry11 << 21; - carry13 = (s13 + (1 << 20)) >> 21; - s14 += carry13; - s13 -= carry13 << 21; - carry15 = (s15 + (1 << 20)) >> 21; - s16 += carry15; - s15 -= carry15 << 21; - - s5 += s17 * 666643; - s6 += s17 * 470296; - s7 += s17 * 654183; - s8 -= s17 * 997805; - s9 += s17 * 136657; - s10 -= s17 * 683901; - s17 = 0; - - s4 += s16 * 666643; - s5 += s16 * 470296; - s6 += s16 * 654183; - s7 -= s16 * 997805; - s8 += s16 * 136657; - s9 -= s16 * 683901; - s16 = 0; - - s3 += s15 * 666643; - s4 += s15 * 470296; - s5 += s15 * 654183; - s6 -= s15 * 997805; - s7 += s15 * 136657; - s8 -= s15 * 683901; - s15 = 0; - - s2 += s14 * 666643; - s3 += s14 * 470296; - s4 += s14 * 654183; - s5 -= s14 * 997805; - s6 += s14 * 136657; - s7 -= s14 * 683901; - s14 = 0; - - s1 += s13 * 666643; - s2 += s13 * 470296; - s3 += s13 * 654183; - s4 -= s13 * 997805; - s5 += s13 * 136657; - s6 -= s13 * 683901; - s13 = 0; - - s0 += s12 * 666643; - s1 += s12 * 470296; - s2 += s12 * 654183; - s3 -= s12 * 997805; - s4 += s12 * 136657; - s5 -= s12 * 683901; - s12 = 0; - - carry0 = (s0 + (1 << 20)) >> 21; - s1 += carry0; - s0 -= carry0 << 21; - carry2 = (s2 + (1 << 20)) >> 21; - s3 += carry2; - s2 -= carry2 << 21; - carry4 = (s4 + (1 << 20)) >> 21; - s5 += carry4; - s4 -= carry4 << 21; - carry6 = (s6 + (1 << 20)) >> 21; - s7 += carry6; - s6 -= carry6 << 21; - carry8 = (s8 + (1 << 20)) >> 21; - s9 += carry8; - s8 -= carry8 << 21; - carry10 = (s10 + (1 << 20)) >> 21; - s11 += carry10; - s10 -= carry10 << 21; - - carry1 = (s1 + (1 << 20)) >> 21; - s2 += carry1; - s1 -= carry1 << 21; - carry3 = (s3 + (1 << 20)) >> 21; - s4 += carry3; - s3 -= carry3 << 21; - carry5 = (s5 + (1 << 20)) >> 21; - s6 += carry5; - s5 -= carry5 << 21; - carry7 = (s7 + (1 << 20)) >> 21; - s8 += carry7; - s7 -= carry7 << 21; - carry9 = (s9 + (1 << 20)) >> 21; - s10 += carry9; - s9 -= carry9 << 21; - carry11 = (s11 + (1 << 20)) >> 21; - s12 += carry11; - s11 -= carry11 << 21; - - s0 += s12 * 666643; - s1 += s12 * 470296; - s2 += s12 * 654183; - s3 -= s12 * 997805; - s4 += s12 * 136657; - s5 -= s12 * 683901; - s12 = 0; - - carry0 = s0 >> 21; - s1 += carry0; - s0 -= carry0 << 21; - carry1 = s1 >> 21; - s2 += carry1; - s1 -= carry1 << 21; - carry2 = s2 >> 21; - s3 += carry2; - s2 -= carry2 << 21; - carry3 = s3 >> 21; - s4 += carry3; - s3 -= carry3 << 21; - carry4 = s4 >> 21; - s5 += carry4; - s4 -= carry4 << 21; - carry5 = s5 >> 21; - s6 += carry5; - s5 -= carry5 << 21; - carry6 = s6 >> 21; - s7 += carry6; - s6 -= carry6 << 21; - carry7 = s7 >> 21; - s8 += carry7; - s7 -= carry7 << 21; - carry8 = s8 >> 21; - s9 += carry8; - s8 -= carry8 << 21; - carry9 = s9 >> 21; - s10 += carry9; - s9 -= carry9 << 21; - carry10 = s10 >> 21; - s11 += carry10; - s10 -= carry10 << 21; - carry11 = s11 >> 21; - s12 += carry11; - s11 -= carry11 << 21; - - s0 += s12 * 666643; - s1 += s12 * 470296; - s2 += s12 * 654183; - s3 -= s12 * 997805; - s4 += s12 * 136657; - s5 -= s12 * 683901; - s12 = 0; - - carry0 = s0 >> 21; - s1 += carry0; - s0 -= carry0 << 21; - carry1 = s1 >> 21; - s2 += carry1; - s1 -= carry1 << 21; - carry2 = s2 >> 21; - s3 += carry2; - s2 -= carry2 << 21; - carry3 = s3 >> 21; - s4 += carry3; - s3 -= carry3 << 21; - carry4 = s4 >> 21; - s5 += carry4; - s4 -= carry4 << 21; - carry5 = s5 >> 21; - s6 += carry5; - s5 -= carry5 << 21; - carry6 = s6 >> 21; - s7 += carry6; - s6 -= carry6 << 21; - carry7 = s7 >> 21; - s8 += carry7; - s7 -= carry7 << 21; - carry8 = s8 >> 21; - s9 += carry8; - s8 -= carry8 << 21; - carry9 = s9 >> 21; - s10 += carry9; - s9 -= carry9 << 21; - carry10 = s10 >> 21; - s11 += carry10; - s10 -= carry10 << 21; - - s[0] = s0 >> 0; - s[1] = s0 >> 8; - s[2] = (s0 >> 16) | (s1 << 5); - s[3] = s1 >> 3; - s[4] = s1 >> 11; - s[5] = (s1 >> 19) | (s2 << 2); - s[6] = s2 >> 6; - s[7] = (s2 >> 14) | (s3 << 7); - s[8] = s3 >> 1; - s[9] = s3 >> 9; - s[10] = (s3 >> 17) | (s4 << 4); - s[11] = s4 >> 4; - s[12] = s4 >> 12; - s[13] = (s4 >> 20) | (s5 << 1); - s[14] = s5 >> 7; - s[15] = (s5 >> 15) | (s6 << 6); - s[16] = s6 >> 2; - s[17] = s6 >> 10; - s[18] = (s6 >> 18) | (s7 << 3); - s[19] = s7 >> 5; - s[20] = s7 >> 13; - s[21] = s8 >> 0; - s[22] = s8 >> 8; - s[23] = (s8 >> 16) | (s9 << 5); - s[24] = s9 >> 3; - s[25] = s9 >> 11; - s[26] = (s9 >> 19) | (s10 << 2); - s[27] = s10 >> 6; - s[28] = (s10 >> 14) | (s11 << 7); - s[29] = s11 >> 1; - s[30] = s11 >> 9; - s[31] = s11 >> 17; -} - -/* Input: - * a[0]+256*a[1]+...+256^31*a[31] = a - * b[0]+256*b[1]+...+256^31*b[31] = b - * c[0]+256*c[1]+...+256^31*c[31] = c - * - * Output: - * s[0]+256*s[1]+...+256^31*s[31] = (ab+c) mod l - * where l = 2^252 + 27742317777372353535851937790883648493. */ -static void -sc_muladd(uint8_t *s, const uint8_t *a, const uint8_t *b, - const uint8_t *c) -{ - int64_t a0 = 2097151 & load_3(a); - int64_t a1 = 2097151 & (load_4(a + 2) >> 5); - int64_t a2 = 2097151 & (load_3(a + 5) >> 2); - int64_t a3 = 2097151 & (load_4(a + 7) >> 7); - int64_t a4 = 2097151 & (load_4(a + 10) >> 4); - int64_t a5 = 2097151 & (load_3(a + 13) >> 1); - int64_t a6 = 2097151 & (load_4(a + 15) >> 6); - int64_t a7 = 2097151 & (load_3(a + 18) >> 3); - int64_t a8 = 2097151 & load_3(a + 21); - int64_t a9 = 2097151 & (load_4(a + 23) >> 5); - int64_t a10 = 2097151 & (load_3(a + 26) >> 2); - int64_t a11 = (load_4(a + 28) >> 7); - int64_t b0 = 2097151 & load_3(b); - int64_t b1 = 2097151 & (load_4(b + 2) >> 5); - int64_t b2 = 2097151 & (load_3(b + 5) >> 2); - int64_t b3 = 2097151 & (load_4(b + 7) >> 7); - int64_t b4 = 2097151 & (load_4(b + 10) >> 4); - int64_t b5 = 2097151 & (load_3(b + 13) >> 1); - int64_t b6 = 2097151 & (load_4(b + 15) >> 6); - int64_t b7 = 2097151 & (load_3(b + 18) >> 3); - int64_t b8 = 2097151 & load_3(b + 21); - int64_t b9 = 2097151 & (load_4(b + 23) >> 5); - int64_t b10 = 2097151 & (load_3(b + 26) >> 2); - int64_t b11 = (load_4(b + 28) >> 7); - int64_t c0 = 2097151 & load_3(c); - int64_t c1 = 2097151 & (load_4(c + 2) >> 5); - int64_t c2 = 2097151 & (load_3(c + 5) >> 2); - int64_t c3 = 2097151 & (load_4(c + 7) >> 7); - int64_t c4 = 2097151 & (load_4(c + 10) >> 4); - int64_t c5 = 2097151 & (load_3(c + 13) >> 1); - int64_t c6 = 2097151 & (load_4(c + 15) >> 6); - int64_t c7 = 2097151 & (load_3(c + 18) >> 3); - int64_t c8 = 2097151 & load_3(c + 21); - int64_t c9 = 2097151 & (load_4(c + 23) >> 5); - int64_t c10 = 2097151 & (load_3(c + 26) >> 2); - int64_t c11 = (load_4(c + 28) >> 7); - int64_t s0; - int64_t s1; - int64_t s2; - int64_t s3; - int64_t s4; - int64_t s5; - int64_t s6; - int64_t s7; - int64_t s8; - int64_t s9; - int64_t s10; - int64_t s11; - int64_t s12; - int64_t s13; - int64_t s14; - int64_t s15; - int64_t s16; - int64_t s17; - int64_t s18; - int64_t s19; - int64_t s20; - int64_t s21; - int64_t s22; - int64_t s23; - int64_t carry0; - int64_t carry1; - int64_t carry2; - int64_t carry3; - int64_t carry4; - int64_t carry5; - int64_t carry6; - int64_t carry7; - int64_t carry8; - int64_t carry9; - int64_t carry10; - int64_t carry11; - int64_t carry12; - int64_t carry13; - int64_t carry14; - int64_t carry15; - int64_t carry16; - int64_t carry17; - int64_t carry18; - int64_t carry19; - int64_t carry20; - int64_t carry21; - int64_t carry22; - - s0 = c0 + a0 * b0; - s1 = c1 + a0 * b1 + a1 * b0; - s2 = c2 + a0 * b2 + a1 * b1 + a2 * b0; - s3 = c3 + a0 * b3 + a1 * b2 + a2 * b1 + a3 * b0; - s4 = c4 + a0 * b4 + a1 * b3 + a2 * b2 + a3 * b1 + a4 * b0; - s5 = c5 + a0 * b5 + a1 * b4 + a2 * b3 + a3 * b2 + a4 * b1 + a5 * b0; - s6 = c6 + a0 * b6 + a1 * b5 + a2 * b4 + a3 * b3 + a4 * b2 + a5 * b1 + a6 * b0; - s7 = c7 + a0 * b7 + a1 * b6 + a2 * b5 + a3 * b4 + a4 * b3 + a5 * b2 + - a6 * b1 + a7 * b0; - s8 = c8 + a0 * b8 + a1 * b7 + a2 * b6 + a3 * b5 + a4 * b4 + a5 * b3 + - a6 * b2 + a7 * b1 + a8 * b0; - s9 = c9 + a0 * b9 + a1 * b8 + a2 * b7 + a3 * b6 + a4 * b5 + a5 * b4 + - a6 * b3 + a7 * b2 + a8 * b1 + a9 * b0; - s10 = c10 + a0 * b10 + a1 * b9 + a2 * b8 + a3 * b7 + a4 * b6 + a5 * b5 + - a6 * b4 + a7 * b3 + a8 * b2 + a9 * b1 + a10 * b0; - s11 = c11 + a0 * b11 + a1 * b10 + a2 * b9 + a3 * b8 + a4 * b7 + a5 * b6 + - a6 * b5 + a7 * b4 + a8 * b3 + a9 * b2 + a10 * b1 + a11 * b0; - s12 = a1 * b11 + a2 * b10 + a3 * b9 + a4 * b8 + a5 * b7 + a6 * b6 + a7 * b5 + - a8 * b4 + a9 * b3 + a10 * b2 + a11 * b1; - s13 = a2 * b11 + a3 * b10 + a4 * b9 + a5 * b8 + a6 * b7 + a7 * b6 + a8 * b5 + - a9 * b4 + a10 * b3 + a11 * b2; - s14 = a3 * b11 + a4 * b10 + a5 * b9 + a6 * b8 + a7 * b7 + a8 * b6 + a9 * b5 + - a10 * b4 + a11 * b3; - s15 = a4 * b11 + a5 * b10 + a6 * b9 + a7 * b8 + a8 * b7 + a9 * b6 + a10 * b5 + - a11 * b4; - s16 = a5 * b11 + a6 * b10 + a7 * b9 + a8 * b8 + a9 * b7 + a10 * b6 + a11 * b5; - s17 = a6 * b11 + a7 * b10 + a8 * b9 + a9 * b8 + a10 * b7 + a11 * b6; - s18 = a7 * b11 + a8 * b10 + a9 * b9 + a10 * b8 + a11 * b7; - s19 = a8 * b11 + a9 * b10 + a10 * b9 + a11 * b8; - s20 = a9 * b11 + a10 * b10 + a11 * b9; - s21 = a10 * b11 + a11 * b10; - s22 = a11 * b11; - s23 = 0; - - carry0 = (s0 + (1 << 20)) >> 21; - s1 += carry0; - s0 -= carry0 << 21; - carry2 = (s2 + (1 << 20)) >> 21; - s3 += carry2; - s2 -= carry2 << 21; - carry4 = (s4 + (1 << 20)) >> 21; - s5 += carry4; - s4 -= carry4 << 21; - carry6 = (s6 + (1 << 20)) >> 21; - s7 += carry6; - s6 -= carry6 << 21; - carry8 = (s8 + (1 << 20)) >> 21; - s9 += carry8; - s8 -= carry8 << 21; - carry10 = (s10 + (1 << 20)) >> 21; - s11 += carry10; - s10 -= carry10 << 21; - carry12 = (s12 + (1 << 20)) >> 21; - s13 += carry12; - s12 -= carry12 << 21; - carry14 = (s14 + (1 << 20)) >> 21; - s15 += carry14; - s14 -= carry14 << 21; - carry16 = (s16 + (1 << 20)) >> 21; - s17 += carry16; - s16 -= carry16 << 21; - carry18 = (s18 + (1 << 20)) >> 21; - s19 += carry18; - s18 -= carry18 << 21; - carry20 = (s20 + (1 << 20)) >> 21; - s21 += carry20; - s20 -= carry20 << 21; - carry22 = (s22 + (1 << 20)) >> 21; - s23 += carry22; - s22 -= carry22 << 21; - - carry1 = (s1 + (1 << 20)) >> 21; - s2 += carry1; - s1 -= carry1 << 21; - carry3 = (s3 + (1 << 20)) >> 21; - s4 += carry3; - s3 -= carry3 << 21; - carry5 = (s5 + (1 << 20)) >> 21; - s6 += carry5; - s5 -= carry5 << 21; - carry7 = (s7 + (1 << 20)) >> 21; - s8 += carry7; - s7 -= carry7 << 21; - carry9 = (s9 + (1 << 20)) >> 21; - s10 += carry9; - s9 -= carry9 << 21; - carry11 = (s11 + (1 << 20)) >> 21; - s12 += carry11; - s11 -= carry11 << 21; - carry13 = (s13 + (1 << 20)) >> 21; - s14 += carry13; - s13 -= carry13 << 21; - carry15 = (s15 + (1 << 20)) >> 21; - s16 += carry15; - s15 -= carry15 << 21; - carry17 = (s17 + (1 << 20)) >> 21; - s18 += carry17; - s17 -= carry17 << 21; - carry19 = (s19 + (1 << 20)) >> 21; - s20 += carry19; - s19 -= carry19 << 21; - carry21 = (s21 + (1 << 20)) >> 21; - s22 += carry21; - s21 -= carry21 << 21; - - s11 += s23 * 666643; - s12 += s23 * 470296; - s13 += s23 * 654183; - s14 -= s23 * 997805; - s15 += s23 * 136657; - s16 -= s23 * 683901; - s23 = 0; - - s10 += s22 * 666643; - s11 += s22 * 470296; - s12 += s22 * 654183; - s13 -= s22 * 997805; - s14 += s22 * 136657; - s15 -= s22 * 683901; - s22 = 0; - - s9 += s21 * 666643; - s10 += s21 * 470296; - s11 += s21 * 654183; - s12 -= s21 * 997805; - s13 += s21 * 136657; - s14 -= s21 * 683901; - s21 = 0; - - s8 += s20 * 666643; - s9 += s20 * 470296; - s10 += s20 * 654183; - s11 -= s20 * 997805; - s12 += s20 * 136657; - s13 -= s20 * 683901; - s20 = 0; - - s7 += s19 * 666643; - s8 += s19 * 470296; - s9 += s19 * 654183; - s10 -= s19 * 997805; - s11 += s19 * 136657; - s12 -= s19 * 683901; - s19 = 0; - - s6 += s18 * 666643; - s7 += s18 * 470296; - s8 += s18 * 654183; - s9 -= s18 * 997805; - s10 += s18 * 136657; - s11 -= s18 * 683901; - s18 = 0; - - carry6 = (s6 + (1 << 20)) >> 21; - s7 += carry6; - s6 -= carry6 << 21; - carry8 = (s8 + (1 << 20)) >> 21; - s9 += carry8; - s8 -= carry8 << 21; - carry10 = (s10 + (1 << 20)) >> 21; - s11 += carry10; - s10 -= carry10 << 21; - carry12 = (s12 + (1 << 20)) >> 21; - s13 += carry12; - s12 -= carry12 << 21; - carry14 = (s14 + (1 << 20)) >> 21; - s15 += carry14; - s14 -= carry14 << 21; - carry16 = (s16 + (1 << 20)) >> 21; - s17 += carry16; - s16 -= carry16 << 21; - - carry7 = (s7 + (1 << 20)) >> 21; - s8 += carry7; - s7 -= carry7 << 21; - carry9 = (s9 + (1 << 20)) >> 21; - s10 += carry9; - s9 -= carry9 << 21; - carry11 = (s11 + (1 << 20)) >> 21; - s12 += carry11; - s11 -= carry11 << 21; - carry13 = (s13 + (1 << 20)) >> 21; - s14 += carry13; - s13 -= carry13 << 21; - carry15 = (s15 + (1 << 20)) >> 21; - s16 += carry15; - s15 -= carry15 << 21; - - s5 += s17 * 666643; - s6 += s17 * 470296; - s7 += s17 * 654183; - s8 -= s17 * 997805; - s9 += s17 * 136657; - s10 -= s17 * 683901; - s17 = 0; - - s4 += s16 * 666643; - s5 += s16 * 470296; - s6 += s16 * 654183; - s7 -= s16 * 997805; - s8 += s16 * 136657; - s9 -= s16 * 683901; - s16 = 0; - - s3 += s15 * 666643; - s4 += s15 * 470296; - s5 += s15 * 654183; - s6 -= s15 * 997805; - s7 += s15 * 136657; - s8 -= s15 * 683901; - s15 = 0; - - s2 += s14 * 666643; - s3 += s14 * 470296; - s4 += s14 * 654183; - s5 -= s14 * 997805; - s6 += s14 * 136657; - s7 -= s14 * 683901; - s14 = 0; - - s1 += s13 * 666643; - s2 += s13 * 470296; - s3 += s13 * 654183; - s4 -= s13 * 997805; - s5 += s13 * 136657; - s6 -= s13 * 683901; - s13 = 0; - - s0 += s12 * 666643; - s1 += s12 * 470296; - s2 += s12 * 654183; - s3 -= s12 * 997805; - s4 += s12 * 136657; - s5 -= s12 * 683901; - s12 = 0; - - carry0 = (s0 + (1 << 20)) >> 21; - s1 += carry0; - s0 -= carry0 << 21; - carry2 = (s2 + (1 << 20)) >> 21; - s3 += carry2; - s2 -= carry2 << 21; - carry4 = (s4 + (1 << 20)) >> 21; - s5 += carry4; - s4 -= carry4 << 21; - carry6 = (s6 + (1 << 20)) >> 21; - s7 += carry6; - s6 -= carry6 << 21; - carry8 = (s8 + (1 << 20)) >> 21; - s9 += carry8; - s8 -= carry8 << 21; - carry10 = (s10 + (1 << 20)) >> 21; - s11 += carry10; - s10 -= carry10 << 21; - - carry1 = (s1 + (1 << 20)) >> 21; - s2 += carry1; - s1 -= carry1 << 21; - carry3 = (s3 + (1 << 20)) >> 21; - s4 += carry3; - s3 -= carry3 << 21; - carry5 = (s5 + (1 << 20)) >> 21; - s6 += carry5; - s5 -= carry5 << 21; - carry7 = (s7 + (1 << 20)) >> 21; - s8 += carry7; - s7 -= carry7 << 21; - carry9 = (s9 + (1 << 20)) >> 21; - s10 += carry9; - s9 -= carry9 << 21; - carry11 = (s11 + (1 << 20)) >> 21; - s12 += carry11; - s11 -= carry11 << 21; - - s0 += s12 * 666643; - s1 += s12 * 470296; - s2 += s12 * 654183; - s3 -= s12 * 997805; - s4 += s12 * 136657; - s5 -= s12 * 683901; - s12 = 0; - - carry0 = s0 >> 21; - s1 += carry0; - s0 -= carry0 << 21; - carry1 = s1 >> 21; - s2 += carry1; - s1 -= carry1 << 21; - carry2 = s2 >> 21; - s3 += carry2; - s2 -= carry2 << 21; - carry3 = s3 >> 21; - s4 += carry3; - s3 -= carry3 << 21; - carry4 = s4 >> 21; - s5 += carry4; - s4 -= carry4 << 21; - carry5 = s5 >> 21; - s6 += carry5; - s5 -= carry5 << 21; - carry6 = s6 >> 21; - s7 += carry6; - s6 -= carry6 << 21; - carry7 = s7 >> 21; - s8 += carry7; - s7 -= carry7 << 21; - carry8 = s8 >> 21; - s9 += carry8; - s8 -= carry8 << 21; - carry9 = s9 >> 21; - s10 += carry9; - s9 -= carry9 << 21; - carry10 = s10 >> 21; - s11 += carry10; - s10 -= carry10 << 21; - carry11 = s11 >> 21; - s12 += carry11; - s11 -= carry11 << 21; - - s0 += s12 * 666643; - s1 += s12 * 470296; - s2 += s12 * 654183; - s3 -= s12 * 997805; - s4 += s12 * 136657; - s5 -= s12 * 683901; - s12 = 0; - - carry0 = s0 >> 21; - s1 += carry0; - s0 -= carry0 << 21; - carry1 = s1 >> 21; - s2 += carry1; - s1 -= carry1 << 21; - carry2 = s2 >> 21; - s3 += carry2; - s2 -= carry2 << 21; - carry3 = s3 >> 21; - s4 += carry3; - s3 -= carry3 << 21; - carry4 = s4 >> 21; - s5 += carry4; - s4 -= carry4 << 21; - carry5 = s5 >> 21; - s6 += carry5; - s5 -= carry5 << 21; - carry6 = s6 >> 21; - s7 += carry6; - s6 -= carry6 << 21; - carry7 = s7 >> 21; - s8 += carry7; - s7 -= carry7 << 21; - carry8 = s8 >> 21; - s9 += carry8; - s8 -= carry8 << 21; - carry9 = s9 >> 21; - s10 += carry9; - s9 -= carry9 << 21; - carry10 = s10 >> 21; - s11 += carry10; - s10 -= carry10 << 21; - - s[0] = s0 >> 0; - s[1] = s0 >> 8; - s[2] = (s0 >> 16) | (s1 << 5); - s[3] = s1 >> 3; - s[4] = s1 >> 11; - s[5] = (s1 >> 19) | (s2 << 2); - s[6] = s2 >> 6; - s[7] = (s2 >> 14) | (s3 << 7); - s[8] = s3 >> 1; - s[9] = s3 >> 9; - s[10] = (s3 >> 17) | (s4 << 4); - s[11] = s4 >> 4; - s[12] = s4 >> 12; - s[13] = (s4 >> 20) | (s5 << 1); - s[14] = s5 >> 7; - s[15] = (s5 >> 15) | (s6 << 6); - s[16] = s6 >> 2; - s[17] = s6 >> 10; - s[18] = (s6 >> 18) | (s7 << 3); - s[19] = s7 >> 5; - s[20] = s7 >> 13; - s[21] = s8 >> 0; - s[22] = s8 >> 8; - s[23] = (s8 >> 16) | (s9 << 5); - s[24] = s9 >> 3; - s[25] = s9 >> 11; - s[26] = (s9 >> 19) | (s10 << 2); - s[27] = s10 >> 6; - s[28] = (s10 >> 14) | (s11 << 7); - s[29] = s11 >> 1; - s[30] = s11 >> 9; - s[31] = s11 >> 17; -} - -void ED25519_public_from_private(uint8_t out_public_key[ED25519_PUBLIC_KEY_LENGTH], - const uint8_t private_key[ED25519_PRIVATE_KEY_LENGTH]) { - uint8_t az[SHA512_DIGEST_LENGTH]; - SHA512(private_key, 32, az); - - az[0] &= 248; - az[31] &= 63; - az[31] |= 64; - - ge_p3 A; - x25519_ge_scalarmult_base(&A, az); - ge_p3_tobytes(out_public_key, &A); -} - -void ED25519_keypair(uint8_t out_public_key[ED25519_PUBLIC_KEY_LENGTH], - uint8_t out_private_key[ED25519_PRIVATE_KEY_LENGTH]) { - arc4random_buf(out_private_key, 32); - - ED25519_public_from_private(out_public_key, out_private_key); -} -LCRYPTO_ALIAS(ED25519_keypair); - -int ED25519_sign(uint8_t *out_sig, const uint8_t *message, size_t message_len, - const uint8_t public_key[ED25519_PUBLIC_KEY_LENGTH], - const uint8_t private_key[ED25519_PRIVATE_KEY_LENGTH]) { - uint8_t az[SHA512_DIGEST_LENGTH]; - SHA512(private_key, 32, az); - - az[0] &= 248; - az[31] &= 63; - az[31] |= 64; - - SHA512_CTX hash_ctx; - SHA512_Init(&hash_ctx); - SHA512_Update(&hash_ctx, az + 32, 32); - SHA512_Update(&hash_ctx, message, message_len); - uint8_t nonce[SHA512_DIGEST_LENGTH]; - SHA512_Final(nonce, &hash_ctx); - - x25519_sc_reduce(nonce); - ge_p3 R; - x25519_ge_scalarmult_base(&R, nonce); - ge_p3_tobytes(out_sig, &R); - - SHA512_Init(&hash_ctx); - SHA512_Update(&hash_ctx, out_sig, 32); - SHA512_Update(&hash_ctx, public_key, 32); - SHA512_Update(&hash_ctx, message, message_len); - uint8_t hram[SHA512_DIGEST_LENGTH]; - SHA512_Final(hram, &hash_ctx); - - x25519_sc_reduce(hram); - sc_muladd(out_sig + 32, hram, az, nonce); - - return 1; -} -LCRYPTO_ALIAS(ED25519_sign); - -/* - * Little endian representation of the order of edwards25519, - * see https://www.rfc-editor.org/rfc/rfc7748#section-4.1 - */ -static const uint8_t order[] = { - 0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, - 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, -}; - -int ED25519_verify(const uint8_t *message, size_t message_len, - const uint8_t signature[ED25519_SIGNATURE_LENGTH], - const uint8_t public_key[ED25519_PUBLIC_KEY_LENGTH]) { - ge_p3 A; - int i; - if ((signature[63] & 224) != 0 || - x25519_ge_frombytes_vartime(&A, public_key) != 0) { - return 0; - } - - fe_neg(A.X, A.X); - fe_neg(A.T, A.T); - - uint8_t pkcopy[32]; - memcpy(pkcopy, public_key, 32); - uint8_t rcopy[32]; - memcpy(rcopy, signature, 32); - uint8_t scopy[32]; - memcpy(scopy, signature + 32, 32); - - /* - * https://tools.ietf.org/html/rfc8032#section-5.1.7 requires that scopy be - * in the range [0, order) to prevent signature malleability. This value is - * public, so there is no need to make this constant time. - */ - for (i = 31; i >= 0; i--) { - if (scopy[i] > order[i]) - return 0; - if (scopy[i] < order[i]) - break; - if (i == 0) - return 0; - } - - SHA512_CTX hash_ctx; - SHA512_Init(&hash_ctx); - SHA512_Update(&hash_ctx, signature, 32); - SHA512_Update(&hash_ctx, public_key, 32); - SHA512_Update(&hash_ctx, message, message_len); - uint8_t h[SHA512_DIGEST_LENGTH]; - SHA512_Final(h, &hash_ctx); - - x25519_sc_reduce(h); - - ge_p2 R; - ge_double_scalarmult_vartime(&R, h, &A, scopy); - - uint8_t rcheck[32]; - x25519_ge_tobytes(rcheck, &R); - - return timingsafe_memcmp(rcheck, rcopy, sizeof(rcheck)) == 0; -} -LCRYPTO_ALIAS(ED25519_verify); - -/* Replace (f,g) with (g,f) if b == 1; - * replace (f,g) with (f,g) if b == 0. - * - * Preconditions: b in {0,1}. */ -static void fe_cswap(fe f, fe g, unsigned int b) { - b = 0-b; - unsigned i; - for (i = 0; i < 10; i++) { - int32_t x = f[i] ^ g[i]; - x &= b; - f[i] ^= x; - g[i] ^= x; - } -} - -/* h = f * 121666 - * Can overlap h with f. - * - * Preconditions: - * |f| bounded by 1.1*2^26,1.1*2^25,1.1*2^26,1.1*2^25,etc. - * - * Postconditions: - * |h| bounded by 1.1*2^25,1.1*2^24,1.1*2^25,1.1*2^24,etc. */ -static void fe_mul121666(fe h, fe f) { - int32_t f0 = f[0]; - int32_t f1 = f[1]; - int32_t f2 = f[2]; - int32_t f3 = f[3]; - int32_t f4 = f[4]; - int32_t f5 = f[5]; - int32_t f6 = f[6]; - int32_t f7 = f[7]; - int32_t f8 = f[8]; - int32_t f9 = f[9]; - int64_t h0 = f0 * (int64_t) 121666; - int64_t h1 = f1 * (int64_t) 121666; - int64_t h2 = f2 * (int64_t) 121666; - int64_t h3 = f3 * (int64_t) 121666; - int64_t h4 = f4 * (int64_t) 121666; - int64_t h5 = f5 * (int64_t) 121666; - int64_t h6 = f6 * (int64_t) 121666; - int64_t h7 = f7 * (int64_t) 121666; - int64_t h8 = f8 * (int64_t) 121666; - int64_t h9 = f9 * (int64_t) 121666; - int64_t carry0; - int64_t carry1; - int64_t carry2; - int64_t carry3; - int64_t carry4; - int64_t carry5; - int64_t carry6; - int64_t carry7; - int64_t carry8; - int64_t carry9; - - carry9 = h9 + (1 << 24); h0 += (carry9 >> 25) * 19; h9 -= carry9 & kTop39Bits; - carry1 = h1 + (1 << 24); h2 += carry1 >> 25; h1 -= carry1 & kTop39Bits; - carry3 = h3 + (1 << 24); h4 += carry3 >> 25; h3 -= carry3 & kTop39Bits; - carry5 = h5 + (1 << 24); h6 += carry5 >> 25; h5 -= carry5 & kTop39Bits; - carry7 = h7 + (1 << 24); h8 += carry7 >> 25; h7 -= carry7 & kTop39Bits; - - carry0 = h0 + (1 << 25); h1 += carry0 >> 26; h0 -= carry0 & kTop38Bits; - carry2 = h2 + (1 << 25); h3 += carry2 >> 26; h2 -= carry2 & kTop38Bits; - carry4 = h4 + (1 << 25); h5 += carry4 >> 26; h4 -= carry4 & kTop38Bits; - carry6 = h6 + (1 << 25); h7 += carry6 >> 26; h6 -= carry6 & kTop38Bits; - carry8 = h8 + (1 << 25); h9 += carry8 >> 26; h8 -= carry8 & kTop38Bits; - - h[0] = h0; - h[1] = h1; - h[2] = h2; - h[3] = h3; - h[4] = h4; - h[5] = h5; - h[6] = h6; - h[7] = h7; - h[8] = h8; - h[9] = h9; -} - -void -x25519_scalar_mult_generic(uint8_t out[32], const uint8_t scalar[32], - const uint8_t point[32]) { - fe x1, x2, z2, x3, z3, tmp0, tmp1; - - uint8_t e[32]; - memcpy(e, scalar, 32); - e[0] &= 248; - e[31] &= 127; - e[31] |= 64; - fe_frombytes(x1, point); - fe_1(x2); - fe_0(z2); - fe_copy(x3, x1); - fe_1(z3); - - unsigned swap = 0; - int pos; - for (pos = 254; pos >= 0; --pos) { - unsigned b = 1 & (e[pos / 8] >> (pos & 7)); - swap ^= b; - fe_cswap(x2, x3, swap); - fe_cswap(z2, z3, swap); - swap = b; - fe_sub(tmp0, x3, z3); - fe_sub(tmp1, x2, z2); - fe_add(x2, x2, z2); - fe_add(z2, x3, z3); - fe_mul(z3, tmp0, x2); - fe_mul(z2, z2, tmp1); - fe_sq(tmp0, tmp1); - fe_sq(tmp1, x2); - fe_add(x3, z3, z2); - fe_sub(z2, z3, z2); - fe_mul(x2, tmp1, tmp0); - fe_sub(tmp1, tmp1, tmp0); - fe_sq(z2, z2); - fe_mul121666(z3, tmp1); - fe_sq(x3, x3); - fe_add(tmp0, tmp0, z3); - fe_mul(z3, x1, z2); - fe_mul(z2, tmp1, tmp0); - } - fe_cswap(x2, x3, swap); - fe_cswap(z2, z3, swap); - - fe_invert(z2, z2); - fe_mul(x2, x2, z2); - fe_tobytes(out, x2); -} - -#ifdef unused -void -x25519_public_from_private_generic(uint8_t out_public_key[32], - const uint8_t private_key[32]) -{ - uint8_t e[32]; - - memcpy(e, private_key, 32); - e[0] &= 248; - e[31] &= 127; - e[31] |= 64; - - ge_p3 A; - x25519_ge_scalarmult_base(&A, e); - - /* We only need the u-coordinate of the curve25519 point. The map is - * u=(y+1)/(1-y). Since y=Y/Z, this gives u=(Z+Y)/(Z-Y). */ - fe zplusy, zminusy, zminusy_inv; - fe_add(zplusy, A.Z, A.Y); - fe_sub(zminusy, A.Z, A.Y); - fe_invert(zminusy_inv, zminusy); - fe_mul(zplusy, zplusy, zminusy_inv); - fe_tobytes(out_public_key, zplusy); -} -#endif - -void -X25519_public_from_private(uint8_t out_public_key[X25519_KEY_LENGTH], - const uint8_t private_key[X25519_KEY_LENGTH]) -{ - static const uint8_t kMongomeryBasePoint[32] = {9}; - - x25519_scalar_mult(out_public_key, private_key, kMongomeryBasePoint); -} - -void -X25519_keypair(uint8_t out_public_key[X25519_KEY_LENGTH], - uint8_t out_private_key[X25519_KEY_LENGTH]) -{ - /* All X25519 implementations should decode scalars correctly (see - * https://tools.ietf.org/html/rfc7748#section-5). However, if an - * implementation doesn't then it might interoperate with random keys a - * fraction of the time because they'll, randomly, happen to be correctly - * formed. - * - * Thus we do the opposite of the masking here to make sure that our private - * keys are never correctly masked and so, hopefully, any incorrect - * implementations are deterministically broken. - * - * This does not affect security because, although we're throwing away - * entropy, a valid implementation of scalarmult should throw away the exact - * same bits anyway. */ - arc4random_buf(out_private_key, 32); - - out_private_key[0] |= 7; - out_private_key[31] &= 63; - out_private_key[31] |= 128; - - X25519_public_from_private(out_public_key, out_private_key); -} -LCRYPTO_ALIAS(X25519_keypair); - -int -X25519(uint8_t out_shared_key[X25519_KEY_LENGTH], - const uint8_t private_key[X25519_KEY_LENGTH], - const uint8_t peer_public_key[X25519_KEY_LENGTH]) -{ - static const uint8_t kZeros[32] = {0}; - - x25519_scalar_mult(out_shared_key, private_key, peer_public_key); - - /* The all-zero output results when the input is a point of small order. */ - return timingsafe_memcmp(kZeros, out_shared_key, 32) != 0; -} -LCRYPTO_ALIAS(X25519); diff --git a/src/lib/libcrypto/curve25519/curve25519.h b/src/lib/libcrypto/curve25519/curve25519.h deleted file mode 100644 index e42bc22c12..0000000000 --- a/src/lib/libcrypto/curve25519/curve25519.h +++ /dev/null @@ -1,104 +0,0 @@ -/* $OpenBSD: curve25519.h,v 1.7 2022/11/13 14:05:04 tb Exp $ */ -/* - * Copyright (c) 2015, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_CURVE25519_H -#define HEADER_CURVE25519_H - -#include - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - -/* - * Curve25519. - * - * Curve25519 is an elliptic curve. See https://tools.ietf.org/html/rfc7748. - */ - -/* - * X25519. - * - * X25519 is the Diffie-Hellman primitive built from curve25519. It is - * sometimes referred to as curve25519, but X25519 is a more precise name. - * See http://cr.yp.to/ecdh.html and https://tools.ietf.org/html/rfc7748. - */ - -#define X25519_KEY_LENGTH 32 - -/* - * X25519_keypair sets |out_public_value| and |out_private_key| to a freshly - * generated, public/private key pair. - */ -void X25519_keypair(uint8_t out_public_value[X25519_KEY_LENGTH], - uint8_t out_private_key[X25519_KEY_LENGTH]); - -/* - * X25519 writes a shared key to |out_shared_key| that is calculated from the - * given private key and the peer's public value. It returns one on success and - * zero on error. - * - * Don't use the shared key directly, rather use a KDF and also include the two - * public values as inputs. - */ -int X25519(uint8_t out_shared_key[X25519_KEY_LENGTH], - const uint8_t private_key[X25519_KEY_LENGTH], - const uint8_t peers_public_value[X25519_KEY_LENGTH]); - -/* - * ED25519 - * - * Ed25519 is a signature scheme using a twisted Edwards curve that is - * birationally equivalent to curve25519. - */ - -#define ED25519_PRIVATE_KEY_LENGTH 32 -#define ED25519_PUBLIC_KEY_LENGTH 32 -#define ED25519_SIGNATURE_LENGTH 64 - -/* - * ED25519_keypair sets |out_public_key| and |out_private_key| to a freshly - * generated, public/private key pair. - */ -void ED25519_keypair(uint8_t out_public_key[ED25519_PUBLIC_KEY_LENGTH], - uint8_t out_private_key[ED25519_PRIVATE_KEY_LENGTH]); - -/* - * ED25519_sign sets |out_sig| to be a signature of |message_len| bytes from - * |message| using |public_key| and |private_key|. It returns one on success - * or zero on allocation failure. - */ -int ED25519_sign(uint8_t *out_sig, const uint8_t *message, size_t message_len, - const uint8_t public_key[ED25519_PUBLIC_KEY_LENGTH], - const uint8_t private_key_seed[ED25519_PRIVATE_KEY_LENGTH]); - -/* - * ED25519_verify returns one iff |signature| is a valid signature by - * |public_key| of |message_len| bytes from |message|. It returns zero - * otherwise. - */ -int ED25519_verify(const uint8_t *message, size_t message_len, - const uint8_t signature[ED25519_SIGNATURE_LENGTH], - const uint8_t public_key[ED25519_PUBLIC_KEY_LENGTH]); - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* HEADER_CURVE25519_H */ diff --git a/src/lib/libcrypto/curve25519/curve25519_internal.h b/src/lib/libcrypto/curve25519/curve25519_internal.h deleted file mode 100644 index abfaaaf52b..0000000000 --- a/src/lib/libcrypto/curve25519/curve25519_internal.h +++ /dev/null @@ -1,105 +0,0 @@ -/* $OpenBSD: curve25519_internal.h,v 1.6 2022/11/09 17:45:55 jsing Exp $ */ -/* - * Copyright (c) 2015, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_CURVE25519_INTERNAL_H -#define HEADER_CURVE25519_INTERNAL_H - -#include - -__BEGIN_HIDDEN_DECLS - -/* fe means field element. Here the field is \Z/(2^255-19). An element t, - * entries t[0]...t[9], represents the integer t[0]+2^26 t[1]+2^51 t[2]+2^77 - * t[3]+2^102 t[4]+...+2^230 t[9]. Bounds on each t[i] vary depending on - * context. */ -typedef int32_t fe[10]; - -/* ge means group element. - - * Here the group is the set of pairs (x,y) of field elements (see fe.h) - * satisfying -x^2 + y^2 = 1 + d x^2y^2 - * where d = -121665/121666. - * - * Representations: - * ge_p2 (projective): (X:Y:Z) satisfying x=X/Z, y=Y/Z - * ge_p3 (extended): (X:Y:Z:T) satisfying x=X/Z, y=Y/Z, XY=ZT - * ge_p1p1 (completed): ((X:Z),(Y:T)) satisfying x=X/Z, y=Y/T - * ge_precomp (Duif): (y+x,y-x,2dxy) */ - -typedef struct { - fe X; - fe Y; - fe Z; -} ge_p2; - -typedef struct { - fe X; - fe Y; - fe Z; - fe T; -} ge_p3; - -typedef struct { - fe X; - fe Y; - fe Z; - fe T; -} ge_p1p1; - -typedef struct { - fe yplusx; - fe yminusx; - fe xy2d; -} ge_precomp; - -typedef struct { - fe YplusX; - fe YminusX; - fe Z; - fe T2d; -} ge_cached; - -void x25519_ge_tobytes(uint8_t *s, const ge_p2 *h); -int x25519_ge_frombytes_vartime(ge_p3 *h, const uint8_t *s); -void x25519_ge_p3_to_cached(ge_cached *r, const ge_p3 *p); -void x25519_ge_p1p1_to_p2(ge_p2 *r, const ge_p1p1 *p); -void x25519_ge_p1p1_to_p3(ge_p3 *r, const ge_p1p1 *p); -void x25519_ge_add(ge_p1p1 *r, const ge_p3 *p, const ge_cached *q); -void x25519_ge_sub(ge_p1p1 *r, const ge_p3 *p, const ge_cached *q); -void x25519_ge_scalarmult_small_precomp(ge_p3 *h, const uint8_t a[32], - const uint8_t precomp_table[15 * 2 * 32]); -void x25519_ge_scalarmult_base(ge_p3 *h, const uint8_t a[32]); -void x25519_ge_scalarmult(ge_p2 *r, const uint8_t *scalar, const ge_p3 *A); -void x25519_sc_reduce(uint8_t *s); - -void x25519_public_from_private(uint8_t out_public_value[32], - const uint8_t private_key[32]); - -void x25519_scalar_mult(uint8_t out[32], const uint8_t scalar[32], - const uint8_t point[32]); -void x25519_scalar_mult_generic(uint8_t out[32], const uint8_t scalar[32], - const uint8_t point[32]); - -void ED25519_public_from_private(uint8_t out_public_key[32], - const uint8_t private_key[32]); - -void X25519_public_from_private(uint8_t out_public_key[32], - const uint8_t private_key[32]); - -__END_HIDDEN_DECLS - -#endif /* HEADER_CURVE25519_INTERNAL_H */ diff --git a/src/lib/libcrypto/des/des.c b/src/lib/libcrypto/des/des.c deleted file mode 100644 index 113fc4b9f9..0000000000 --- a/src/lib/libcrypto/des/des.c +++ /dev/null @@ -1,1022 +0,0 @@ -/* $OpenBSD: des.c,v 1.9 2024/08/31 15:56:09 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include - -#include "des_local.h" - -void -DES_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, - DES_key_schedule *_schedule, DES_cblock *ivec, int enc) -{ - DES_LONG tin0, tin1; - DES_LONG tout0, tout1, xor0, xor1; - long l = length; - DES_LONG tin[2]; - unsigned char *iv; - - iv = &(*ivec)[0]; - - if (enc) { - c2l(iv, tout0); - c2l(iv, tout1); - for (l -= 8; l >= 0; l -= 8) { - c2l(in, tin0); - c2l(in, tin1); - tin0 ^= tout0; - tin[0] = tin0; - tin1 ^= tout1; - tin[1] = tin1; - DES_encrypt1((DES_LONG *)tin, _schedule, DES_ENCRYPT); - tout0 = tin[0]; - l2c(tout0, out); - tout1 = tin[1]; - l2c(tout1, out); - } - if (l != -8) { - c2ln(in, tin0, tin1, l + 8); - tin0 ^= tout0; - tin[0] = tin0; - tin1 ^= tout1; - tin[1] = tin1; - DES_encrypt1((DES_LONG *)tin, _schedule, DES_ENCRYPT); - tout0 = tin[0]; - l2c(tout0, out); - tout1 = tin[1]; - l2c(tout1, out); - } - } else { - c2l(iv, xor0); - c2l(iv, xor1); - for (l -= 8; l >= 0; l -= 8) { - c2l(in, tin0); - tin[0] = tin0; - c2l(in, tin1); - tin[1] = tin1; - DES_encrypt1((DES_LONG *)tin, _schedule, DES_DECRYPT); - tout0 = tin[0] ^ xor0; - tout1 = tin[1] ^ xor1; - l2c(tout0, out); - l2c(tout1, out); - xor0 = tin0; - xor1 = tin1; - } - if (l != -8) { - c2l(in, tin0); - tin[0] = tin0; - c2l(in, tin1); - tin[1] = tin1; - DES_encrypt1((DES_LONG *)tin, _schedule, DES_DECRYPT); - tout0 = tin[0] ^ xor0; - tout1 = tin[1] ^ xor1; - l2cn(tout0, tout1, out, l + 8); - } - } - tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0; - tin[0] = tin[1] = 0; -} -LCRYPTO_ALIAS(DES_cbc_encrypt); - -/* The input and output encrypted as though 64bit cfb mode is being - * used. The extra state information to record how much of the - * 64bit block we have used is contained in *num; - */ - -void -DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out, - long length, DES_key_schedule *ks1, - DES_key_schedule *ks2, DES_key_schedule *ks3, - DES_cblock *ivec, int *num, int enc) -{ - DES_LONG v0, v1; - long l = length; - int n = *num; - DES_LONG ti[2]; - unsigned char *iv, c, cc; - - iv = &(*ivec)[0]; - if (enc) { - while (l--) { - if (n == 0) { - c2l(iv, v0); - c2l(iv, v1); - - ti[0] = v0; - ti[1] = v1; - DES_encrypt3(ti, ks1, ks2, ks3); - v0 = ti[0]; - v1 = ti[1]; - - iv = &(*ivec)[0]; - l2c(v0, iv); - l2c(v1, iv); - iv = &(*ivec)[0]; - } - c = *(in++) ^ iv[n]; - *(out++) = c; - iv[n] = c; - n = (n + 1) & 0x07; - } - } else { - while (l--) { - if (n == 0) { - c2l(iv, v0); - c2l(iv, v1); - - ti[0] = v0; - ti[1] = v1; - DES_encrypt3(ti, ks1, ks2, ks3); - v0 = ti[0]; - v1 = ti[1]; - - iv = &(*ivec)[0]; - l2c(v0, iv); - l2c(v1, iv); - iv = &(*ivec)[0]; - } - cc = *(in++); - c = iv[n]; - iv[n] = cc; - *(out++) = c ^ cc; - n = (n + 1) & 0x07; - } - } - v0 = v1 = ti[0] = ti[1] = c = cc = 0; - *num = n; -} -LCRYPTO_ALIAS(DES_ede3_cfb64_encrypt); - -/* This is compatible with the single key CFB-r for DES, even thought that's - * not what EVP needs. - */ - -void -DES_ede3_cfb_encrypt(const unsigned char *in, unsigned char *out, - int numbits, long length, DES_key_schedule *ks1, - DES_key_schedule *ks2, DES_key_schedule *ks3, - DES_cblock *ivec, int enc) -{ - DES_LONG d0, d1, v0, v1; - unsigned long l = length, n = ((unsigned int)numbits + 7)/8; - int num = numbits, i; - DES_LONG ti[2]; - unsigned char *iv; - unsigned char ovec[16]; - - if (num > 64) - return; - iv = &(*ivec)[0]; - c2l(iv, v0); - c2l(iv, v1); - if (enc) { - while (l >= n) { - l -= n; - ti[0] = v0; - ti[1] = v1; - DES_encrypt3(ti, ks1, ks2, ks3); - c2ln(in, d0, d1, n); - in += n; - d0 ^= ti[0]; - d1 ^= ti[1]; - l2cn(d0, d1, out, n); - out += n; - /* 30-08-94 - eay - changed because l>>32 and - * l<<32 are bad under gcc :-( */ - if (num == 32) { - v0 = v1; - v1 = d0; - } else if (num == 64) { - v0 = d0; - v1 = d1; - } else { - iv = &ovec[0]; - l2c(v0, iv); - l2c(v1, iv); - l2c(d0, iv); - l2c(d1, iv); - /* shift ovec left most of the bits... */ - memmove(ovec, ovec + num/8, - 8 + (num % 8 ? 1 : 0)); - /* now the remaining bits */ - if (num % 8 != 0) { - for (i = 0; i < 8; ++i) { - ovec[i] <<= num % 8; - ovec[i] |= ovec[i + 1] >> - (8 - num % 8); - } - } - iv = &ovec[0]; - c2l(iv, v0); - c2l(iv, v1); - } - } - } else { - while (l >= n) { - l -= n; - ti[0] = v0; - ti[1] = v1; - DES_encrypt3(ti, ks1, ks2, ks3); - c2ln(in, d0, d1, n); - in += n; - /* 30-08-94 - eay - changed because l>>32 and - * l<<32 are bad under gcc :-( */ - if (num == 32) { - v0 = v1; - v1 = d0; - } else if (num == 64) { - v0 = d0; - v1 = d1; - } else { - iv = &ovec[0]; - l2c(v0, iv); - l2c(v1, iv); - l2c(d0, iv); - l2c(d1, iv); - /* shift ovec left most of the bits... */ - memmove(ovec, ovec + num/8, - 8 + (num % 8 ? 1 : 0)); - /* now the remaining bits */ - if (num % 8 != 0) { - for (i = 0; i < 8; ++i) { - ovec[i] <<= num % 8; - ovec[i] |= ovec[i + 1] >> - (8 - num % 8); - } - } - iv = &ovec[0]; - c2l(iv, v0); - c2l(iv, v1); - } - d0 ^= ti[0]; - d1 ^= ti[1]; - l2cn(d0, d1, out, n); - out += n; - } - } - iv = &(*ivec)[0]; - l2c(v0, iv); - l2c(v1, iv); - v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0; -} -LCRYPTO_ALIAS(DES_ede3_cfb_encrypt); - -/* The input and output encrypted as though 64bit cfb mode is being - * used. The extra state information to record how much of the - * 64bit block we have used is contained in *num; - */ - -void -DES_cfb64_encrypt(const unsigned char *in, unsigned char *out, - long length, DES_key_schedule *schedule, - DES_cblock *ivec, int *num, int enc) -{ - DES_LONG v0, v1; - long l = length; - int n = *num; - DES_LONG ti[2]; - unsigned char *iv, c, cc; - - iv = &(*ivec)[0]; - if (enc) { - while (l--) { - if (n == 0) { - c2l(iv, v0); - ti[0] = v0; - c2l(iv, v1); - ti[1] = v1; - DES_encrypt1(ti, schedule, DES_ENCRYPT); - iv = &(*ivec)[0]; - v0 = ti[0]; - l2c(v0, iv); - v0 = ti[1]; - l2c(v0, iv); - iv = &(*ivec)[0]; - } - c = *(in++) ^ iv[n]; - *(out++) = c; - iv[n] = c; - n = (n + 1) & 0x07; - } - } else { - while (l--) { - if (n == 0) { - c2l(iv, v0); - ti[0] = v0; - c2l(iv, v1); - ti[1] = v1; - DES_encrypt1(ti, schedule, DES_ENCRYPT); - iv = &(*ivec)[0]; - v0 = ti[0]; - l2c(v0, iv); - v0 = ti[1]; - l2c(v0, iv); - iv = &(*ivec)[0]; - } - cc = *(in++); - c = iv[n]; - iv[n] = cc; - *(out++) = c ^ cc; - n = (n + 1) & 0x07; - } - } - v0 = v1 = ti[0] = ti[1] = c = cc = 0; - *num = n; -} -LCRYPTO_ALIAS(DES_cfb64_encrypt); - -/* The input and output are loaded in multiples of 8 bits. - * What this means is that if you hame numbits=12 and length=2 - * the first 12 bits will be retrieved from the first byte and half - * the second. The second 12 bits will come from the 3rd and half the 4th - * byte. - */ -/* Until Aug 1 2003 this function did not correctly implement CFB-r, so it - * will not be compatible with any encryption prior to that date. Ben. */ -void -DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits, - long length, DES_key_schedule *schedule, DES_cblock *ivec, - int enc) -{ - DES_LONG d0, d1, v0, v1; - unsigned long l = length; - int num = numbits/8, n = (numbits + 7)/8, i, rem = numbits % 8; - DES_LONG ti[2]; - unsigned char *iv; -#if BYTE_ORDER != LITTLE_ENDIAN - unsigned char ovec[16]; -#else - unsigned int sh[4]; - unsigned char *ovec = (unsigned char *)sh; -#endif - - if (numbits <= 0 || numbits > 64) - return; - iv = &(*ivec)[0]; - c2l(iv, v0); - c2l(iv, v1); - if (enc) { - while (l >= (unsigned long)n) { - l -= n; - ti[0] = v0; - ti[1] = v1; - DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT); - c2ln(in, d0, d1, n); - in += n; - d0 ^= ti[0]; - d1 ^= ti[1]; - l2cn(d0, d1, out, n); - out += n; - /* 30-08-94 - eay - changed because l>>32 and - * l<<32 are bad under gcc :-( */ - if (numbits == 32) { - v0 = v1; - v1 = d0; - } else if (numbits == 64) { - v0 = d0; - v1 = d1; - } else { -#if BYTE_ORDER != LITTLE_ENDIAN - iv = &ovec[0]; - l2c(v0, iv); - l2c(v1, iv); - l2c(d0, iv); - l2c(d1, iv); -#else - sh[0] = v0, sh[1] = v1, sh[2] = d0, sh[3] = d1; -#endif - if (rem == 0) - memmove(ovec, ovec + num, 8); - else - for (i = 0; i < 8; ++i) - ovec[i] = ovec[i + num] << rem | - ovec[i + num + 1] >> (8 - - rem); -#if BYTE_ORDER == LITTLE_ENDIAN - v0 = sh[0], v1 = sh[1]; -#else - iv = &ovec[0]; - c2l(iv, v0); - c2l(iv, v1); -#endif - } - } - } else { - while (l >= (unsigned long)n) { - l -= n; - ti[0] = v0; - ti[1] = v1; - DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT); - c2ln(in, d0, d1, n); - in += n; - /* 30-08-94 - eay - changed because l>>32 and - * l<<32 are bad under gcc :-( */ - if (numbits == 32) { - v0 = v1; - v1 = d0; - } else if (numbits == 64) { - v0 = d0; - v1 = d1; - } else { -#if BYTE_ORDER != LITTLE_ENDIAN - iv = &ovec[0]; - l2c(v0, iv); - l2c(v1, iv); - l2c(d0, iv); - l2c(d1, iv); -#else - sh[0] = v0, sh[1] = v1, sh[2] = d0, sh[3] = d1; -#endif - if (rem == 0) - memmove(ovec, ovec + num, 8); - else - for (i = 0; i < 8; ++i) - ovec[i] = ovec[i + num] << rem | - ovec[i + num + 1] >> (8 - - rem); -#if BYTE_ORDER == LITTLE_ENDIAN - v0 = sh[0], v1 = sh[1]; -#else - iv = &ovec[0]; - c2l(iv, v0); - c2l(iv, v1); -#endif - } - d0 ^= ti[0]; - d1 ^= ti[1]; - l2cn(d0, d1, out, n); - out += n; - } - } - iv = &(*ivec)[0]; - l2c(v0, iv); - l2c(v1, iv); - v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0; -} -LCRYPTO_ALIAS(DES_cfb_encrypt); - -void -DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output, - DES_key_schedule *ks1, DES_key_schedule *ks2, - DES_key_schedule *ks3, - int enc) -{ - DES_LONG l0, l1; - DES_LONG ll[2]; - const unsigned char *in = &(*input)[0]; - unsigned char *out = &(*output)[0]; - - c2l(in, l0); - c2l(in, l1); - ll[0] = l0; - ll[1] = l1; - if (enc) - DES_encrypt3(ll, ks1, ks2, ks3); - else - DES_decrypt3(ll, ks1, ks2, ks3); - l0 = ll[0]; - l1 = ll[1]; - l2c(l0, out); - l2c(l1, out); -} -LCRYPTO_ALIAS(DES_ecb3_encrypt); - -void -DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output, - DES_key_schedule *ks, int enc) -{ - DES_LONG l; - DES_LONG ll[2]; - const unsigned char *in = &(*input)[0]; - unsigned char *out = &(*output)[0]; - - c2l(in, l); - ll[0] = l; - c2l(in, l); - ll[1] = l; - DES_encrypt1(ll, ks, enc); - l = ll[0]; - l2c(l, out); - l = ll[1]; - l2c(l, out); - l = ll[0] = ll[1] = 0; -} -LCRYPTO_ALIAS(DES_ecb_encrypt); - -/* - -This is an implementation of Triple DES Cipher Block Chaining with Output -Feedback Masking, by Coppersmith, Johnson and Matyas, (IBM and Certicom). - -Note that there is a known attack on this by Biham and Knudsen but it takes -a lot of work: - -http://www.cs.technion.ac.il/users/wwwb/cgi-bin/tr-get.cgi/1998/CS/CS0928.ps.gz - -*/ - -#ifndef OPENSSL_NO_DESCBCM -void -DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out, - long length, DES_key_schedule *ks1, DES_key_schedule *ks2, - DES_key_schedule *ks3, DES_cblock *ivec1, DES_cblock *ivec2, - int enc) -{ - DES_LONG tin0, tin1; - DES_LONG tout0, tout1, xor0, xor1, m0, m1; - long l = length; - DES_LONG tin[2]; - unsigned char *iv1, *iv2; - - iv1 = &(*ivec1)[0]; - iv2 = &(*ivec2)[0]; - - if (enc) { - c2l(iv1, m0); - c2l(iv1, m1); - c2l(iv2, tout0); - c2l(iv2, tout1); - for (l -= 8; l >= -7; l -= 8) { - tin[0] = m0; - tin[1] = m1; - DES_encrypt1(tin, ks3, 1); - m0 = tin[0]; - m1 = tin[1]; - - if (l < 0) { - c2ln(in, tin0, tin1, l + 8); - } else { - c2l(in, tin0); - c2l(in, tin1); - } - tin0 ^= tout0; - tin1 ^= tout1; - - tin[0] = tin0; - tin[1] = tin1; - DES_encrypt1(tin, ks1, 1); - tin[0] ^= m0; - tin[1] ^= m1; - DES_encrypt1(tin, ks2, 0); - tin[0] ^= m0; - tin[1] ^= m1; - DES_encrypt1(tin, ks1, 1); - tout0 = tin[0]; - tout1 = tin[1]; - - l2c(tout0, out); - l2c(tout1, out); - } - iv1 = &(*ivec1)[0]; - l2c(m0, iv1); - l2c(m1, iv1); - - iv2 = &(*ivec2)[0]; - l2c(tout0, iv2); - l2c(tout1, iv2); - } else { - DES_LONG t0, t1; - - c2l(iv1, m0); - c2l(iv1, m1); - c2l(iv2, xor0); - c2l(iv2, xor1); - for (l -= 8; l >= -7; l -= 8) { - tin[0] = m0; - tin[1] = m1; - DES_encrypt1(tin, ks3, 1); - m0 = tin[0]; - m1 = tin[1]; - - c2l(in, tin0); - c2l(in, tin1); - - t0 = tin0; - t1 = tin1; - - tin[0] = tin0; - tin[1] = tin1; - DES_encrypt1(tin, ks1, 0); - tin[0] ^= m0; - tin[1] ^= m1; - DES_encrypt1(tin, ks2, 1); - tin[0] ^= m0; - tin[1] ^= m1; - DES_encrypt1(tin, ks1, 0); - tout0 = tin[0]; - tout1 = tin[1]; - - tout0 ^= xor0; - tout1 ^= xor1; - if (l < 0) { - l2cn(tout0, tout1, out, l + 8); - } else { - l2c(tout0, out); - l2c(tout1, out); - } - xor0 = t0; - xor1 = t1; - } - - iv1 = &(*ivec1)[0]; - l2c(m0, iv1); - l2c(m1, iv1); - - iv2 = &(*ivec2)[0]; - l2c(xor0, iv2); - l2c(xor1, iv2); - } - tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0; - tin[0] = tin[1] = 0; -} -LCRYPTO_ALIAS(DES_ede3_cbcm_encrypt); -#endif - -/* The input and output encrypted as though 64bit ofb mode is being - * used. The extra state information to record how much of the - * 64bit block we have used is contained in *num; - */ -void -DES_ede3_ofb64_encrypt(const unsigned char *in, - unsigned char *out, long length, - DES_key_schedule *k1, DES_key_schedule *k2, - DES_key_schedule *k3, DES_cblock *ivec, - int *num) -{ - DES_LONG v0, v1; - int n = *num; - long l = length; - DES_cblock d; - char *dp; - DES_LONG ti[2]; - unsigned char *iv; - int save = 0; - - iv = &(*ivec)[0]; - c2l(iv, v0); - c2l(iv, v1); - ti[0] = v0; - ti[1] = v1; - dp = (char *)d; - l2c(v0, dp); - l2c(v1, dp); - while (l--) { - if (n == 0) { - /* ti[0]=v0; */ - /* ti[1]=v1; */ - DES_encrypt3(ti, k1, k2, k3); - v0 = ti[0]; - v1 = ti[1]; - - dp = (char *)d; - l2c(v0, dp); - l2c(v1, dp); - save++; - } - *(out++) = *(in++) ^ d[n]; - n = (n + 1) & 0x07; - } - if (save) { - iv = &(*ivec)[0]; - l2c(v0, iv); - l2c(v1, iv); - } - v0 = v1 = ti[0] = ti[1] = 0; - *num = n; -} -LCRYPTO_ALIAS(DES_ede3_ofb64_encrypt); - -/* The input and output encrypted as though 64bit ofb mode is being - * used. The extra state information to record how much of the - * 64bit block we have used is contained in *num; - */ -void -DES_ofb64_encrypt(const unsigned char *in, - unsigned char *out, long length, - DES_key_schedule *schedule, DES_cblock *ivec, int *num) -{ - DES_LONG v0, v1, t; - int n = *num; - long l = length; - DES_cblock d; - unsigned char *dp; - DES_LONG ti[2]; - unsigned char *iv; - int save = 0; - - iv = &(*ivec)[0]; - c2l(iv, v0); - c2l(iv, v1); - ti[0] = v0; - ti[1] = v1; - dp = d; - l2c(v0, dp); - l2c(v1, dp); - while (l--) { - if (n == 0) { - DES_encrypt1(ti, schedule, DES_ENCRYPT); - dp = d; - t = ti[0]; - l2c(t, dp); - t = ti[1]; - l2c(t, dp); - save++; - } - *(out++) = *(in++) ^ d[n]; - n = (n + 1) & 0x07; - } - if (save) { - v0 = ti[0]; - v1 = ti[1]; - iv = &(*ivec)[0]; - l2c(v0, iv); - l2c(v1, iv); - } - t = v0 = v1 = ti[0] = ti[1] = 0; - *num = n; -} -LCRYPTO_ALIAS(DES_ofb64_encrypt); - -/* The input and output are loaded in multiples of 8 bits. - * What this means is that if you hame numbits=12 and length=2 - * the first 12 bits will be retrieved from the first byte and half - * the second. The second 12 bits will come from the 3rd and half the 4th - * byte. - */ -void -DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits, - long length, DES_key_schedule *schedule, - DES_cblock *ivec) -{ - DES_LONG d0, d1, vv0, vv1, v0, v1, n = (numbits + 7)/8; - DES_LONG mask0, mask1; - long l = length; - int num = numbits; - DES_LONG ti[2]; - unsigned char *iv; - - if (num > 64) - return; - if (num > 32) { - mask0 = 0xffffffffL; - if (num >= 64) - mask1 = mask0; - else - mask1 = (1L << (num - 32)) - 1; - } else { - if (num == 32) - mask0 = 0xffffffffL; - else - mask0 = (1L << num) - 1; - mask1 = 0x00000000L; - } - - iv = &(*ivec)[0]; - c2l(iv, v0); - c2l(iv, v1); - ti[0] = v0; - ti[1] = v1; - while (l-- > 0) { - ti[0] = v0; - ti[1] = v1; - DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT); - vv0 = ti[0]; - vv1 = ti[1]; - c2ln(in, d0, d1, n); - in += n; - d0 = (d0 ^ vv0) & mask0; - d1 = (d1 ^ vv1) & mask1; - l2cn(d0, d1, out, n); - out += n; - - if (num == 32) { - v0 = v1; - v1 = vv0; - } else if (num == 64) { - v0 = vv0; - v1 = vv1; - } else if (num > 32) { /* && num != 64 */ - v0 = ((v1 >> (num - 32))|(vv0 << (64 - num))) & - 0xffffffffL; - v1 = ((vv0 >> (num - 32))|(vv1 << (64 - num))) & - 0xffffffffL; - } else /* num < 32 */ { - v0 = ((v0 >> num)|(v1 << (32 - num))) & 0xffffffffL; - v1 = ((v1 >> num)|(vv0 << (32 - num))) & 0xffffffffL; - } - } - iv = &(*ivec)[0]; - l2c(v0, iv); - l2c(v1, iv); - v0 = v1 = d0 = d1 = ti[0] = ti[1] = vv0 = vv1 = 0; -} -LCRYPTO_ALIAS(DES_ofb_encrypt); - -void -DES_pcbc_encrypt(const unsigned char *input, unsigned char *output, - long length, DES_key_schedule *schedule, - DES_cblock *ivec, int enc) -{ - DES_LONG sin0, sin1, xor0, xor1, tout0, tout1; - DES_LONG tin[2]; - const unsigned char *in; - unsigned char *out, *iv; - - in = input; - out = output; - iv = &(*ivec)[0]; - - if (enc) { - c2l(iv, xor0); - c2l(iv, xor1); - for (; length > 0; length -= 8) { - if (length >= 8) { - c2l(in, sin0); - c2l(in, sin1); - } else - c2ln(in, sin0, sin1, length); - tin[0] = sin0 ^ xor0; - tin[1] = sin1 ^ xor1; - DES_encrypt1((DES_LONG *)tin, schedule, DES_ENCRYPT); - tout0 = tin[0]; - tout1 = tin[1]; - xor0 = sin0 ^ tout0; - xor1 = sin1 ^ tout1; - l2c(tout0, out); - l2c(tout1, out); - } - } else { - c2l(iv, xor0); - c2l(iv, xor1); - for (; length > 0; length -= 8) { - c2l(in, sin0); - c2l(in, sin1); - tin[0] = sin0; - tin[1] = sin1; - DES_encrypt1((DES_LONG *)tin, schedule, DES_DECRYPT); - tout0 = tin[0] ^ xor0; - tout1 = tin[1] ^ xor1; - if (length >= 8) { - l2c(tout0, out); - l2c(tout1, out); - } else - l2cn(tout0, tout1, out, length); - xor0 = tout0 ^ sin0; - xor1 = tout1 ^ sin1; - } - } - tin[0] = tin[1] = 0; - sin0 = sin1 = xor0 = xor1 = tout0 = tout1 = 0; -} -LCRYPTO_ALIAS(DES_pcbc_encrypt); - -/* RSA's DESX */ - -void -DES_xcbc_encrypt(const unsigned char *in, unsigned char *out, - long length, DES_key_schedule *schedule, - DES_cblock *ivec, const_DES_cblock *inw, - const_DES_cblock *outw, int enc) -{ - DES_LONG tin0, tin1; - DES_LONG tout0, tout1, xor0, xor1; - DES_LONG inW0, inW1, outW0, outW1; - const unsigned char *in2; - long l = length; - DES_LONG tin[2]; - unsigned char *iv; - - in2 = &(*inw)[0]; - c2l(in2, inW0); - c2l(in2, inW1); - in2 = &(*outw)[0]; - c2l(in2, outW0); - c2l(in2, outW1); - - iv = &(*ivec)[0]; - - if (enc) { - c2l(iv, tout0); - c2l(iv, tout1); - for (l -= 8; l >= 0; l -= 8) { - c2l(in, tin0); - c2l(in, tin1); - tin0 ^= tout0 ^ inW0; - tin[0] = tin0; - tin1 ^= tout1 ^ inW1; - tin[1] = tin1; - DES_encrypt1(tin, schedule, DES_ENCRYPT); - tout0 = tin[0] ^ outW0; - l2c(tout0, out); - tout1 = tin[1] ^ outW1; - l2c(tout1, out); - } - if (l != -8) { - c2ln(in, tin0, tin1, l + 8); - tin0 ^= tout0 ^ inW0; - tin[0] = tin0; - tin1 ^= tout1 ^ inW1; - tin[1] = tin1; - DES_encrypt1(tin, schedule, DES_ENCRYPT); - tout0 = tin[0] ^ outW0; - l2c(tout0, out); - tout1 = tin[1] ^ outW1; - l2c(tout1, out); - } - iv = &(*ivec)[0]; - l2c(tout0, iv); - l2c(tout1, iv); - } else { - c2l(iv, xor0); - c2l(iv, xor1); - for (l -= 8; l > 0; l -= 8) { - c2l(in, tin0); - tin[0] = tin0 ^ outW0; - c2l(in, tin1); - tin[1] = tin1 ^ outW1; - DES_encrypt1(tin, schedule, DES_DECRYPT); - tout0 = tin[0] ^ xor0 ^ inW0; - tout1 = tin[1] ^ xor1 ^ inW1; - l2c(tout0, out); - l2c(tout1, out); - xor0 = tin0; - xor1 = tin1; - } - if (l != -8) { - c2l(in, tin0); - tin[0] = tin0 ^ outW0; - c2l(in, tin1); - tin[1] = tin1 ^ outW1; - DES_encrypt1(tin, schedule, DES_DECRYPT); - tout0 = tin[0] ^ xor0 ^ inW0; - tout1 = tin[1] ^ xor1 ^ inW1; - l2cn(tout0, tout1, out, l + 8); - xor0 = tin0; - xor1 = tin1; - } - - iv = &(*ivec)[0]; - l2c(xor0, iv); - l2c(xor1, iv); - } - tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0; - inW0 = inW1 = outW0 = outW1 = 0; - tin[0] = tin[1] = 0; -} -LCRYPTO_ALIAS(DES_xcbc_encrypt); diff --git a/src/lib/libcrypto/des/des.h b/src/lib/libcrypto/des/des.h deleted file mode 100644 index 2d957a192c..0000000000 --- a/src/lib/libcrypto/des/des.h +++ /dev/null @@ -1,206 +0,0 @@ -/* $OpenBSD: des.h,v 1.23 2025/01/25 17:59:44 tb Exp $ */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_NEW_DES_H -#define HEADER_NEW_DES_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -typedef unsigned char DES_cblock[8]; -typedef /* const */ unsigned char const_DES_cblock[8]; -/* With "const", gcc 2.8.1 on Solaris thinks that DES_cblock * - * and const_DES_cblock * are incompatible pointer types. */ - -typedef struct DES_ks { - union { - DES_cblock cblock; - /* make sure things are correct size on machines with - * 8 byte longs */ - DES_LONG deslong[2]; - } ks[16]; -} DES_key_schedule; - -#define DES_KEY_SZ (sizeof(DES_cblock)) -#define DES_SCHEDULE_SZ (sizeof(DES_key_schedule)) - -#define DES_ENCRYPT 1 -#define DES_DECRYPT 0 - -#define DES_CBC_MODE 0 -#define DES_PCBC_MODE 1 - -#define DES_ecb2_encrypt(i,o,k1,k2,e) \ - DES_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e)) - -#define DES_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \ - DES_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e)) - -#define DES_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \ - DES_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e)) - -#define DES_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \ - DES_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n)) - -extern int DES_check_key; /* defaults to false */ - -void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output, - DES_key_schedule *ks1, DES_key_schedule *ks2, - DES_key_schedule *ks3, int enc); -DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output, - long length, DES_key_schedule *schedule, - const_DES_cblock *ivec); -/* DES_cbc_encrypt does not update the IV! Use DES_ncbc_encrypt instead. */ -void DES_cbc_encrypt(const unsigned char *input, unsigned char *output, - long length, DES_key_schedule *schedule, DES_cblock *ivec, - int enc); -void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output, - long length, DES_key_schedule *schedule, DES_cblock *ivec, - int enc); -void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output, - long length, DES_key_schedule *schedule, DES_cblock *ivec, - const_DES_cblock *inw, const_DES_cblock *outw, int enc); -void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits, - long length, DES_key_schedule *schedule, DES_cblock *ivec, - int enc); -void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output, - DES_key_schedule *ks, int enc); - -/* This is the DES encryption function that gets called by just about - every other DES routine in the library. You should not use this - function except to implement 'modes' of DES. I say this because the - functions that call this routine do the conversion from 'char *' to - long, and this needs to be done to make sure 'non-aligned' memory - access do not occur. The characters are loaded 'little endian'. - Data is a pointer to 2 unsigned long's and ks is the - DES_key_schedule to use. enc, is non zero specifies encryption, - zero if decryption. */ -void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc); - -/* This functions is the same as DES_encrypt1() except that the DES - initial permutation (IP) and final permutation (FP) have been left - out. As for DES_encrypt1(), you should not use this function. - It is used by the routines in the library that implement triple DES. - IP() DES_encrypt2() DES_encrypt2() DES_encrypt2() FP() is the same - as DES_encrypt1() DES_encrypt1() DES_encrypt1() except faster :-). */ -void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc); - -void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1, - DES_key_schedule *ks2, DES_key_schedule *ks3); -void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1, - DES_key_schedule *ks2, DES_key_schedule *ks3); -void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output, - long length, - DES_key_schedule *ks1, DES_key_schedule *ks2, - DES_key_schedule *ks3, DES_cblock *ivec, int enc); -void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out, - long length, - DES_key_schedule *ks1, DES_key_schedule *ks2, - DES_key_schedule *ks3, - DES_cblock *ivec1, DES_cblock *ivec2, - int enc); -void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out, - long length, DES_key_schedule *ks1, - DES_key_schedule *ks2, DES_key_schedule *ks3, - DES_cblock *ivec, int *num, int enc); -void DES_ede3_cfb_encrypt(const unsigned char *in, unsigned char *out, - int numbits, long length, DES_key_schedule *ks1, - DES_key_schedule *ks2, DES_key_schedule *ks3, - DES_cblock *ivec, int enc); -void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out, - long length, DES_key_schedule *ks1, - DES_key_schedule *ks2, DES_key_schedule *ks3, - DES_cblock *ivec, int *num); -char *DES_fcrypt(const char *buf, const char *salt, char *ret); -char *DES_crypt(const char *buf, const char *salt); -void DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits, - long length, DES_key_schedule *schedule, DES_cblock *ivec); -void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output, - long length, DES_key_schedule *schedule, DES_cblock *ivec, - int enc); -DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[], - long length, int out_count, DES_cblock *seed); -int DES_random_key(DES_cblock *ret); -void DES_set_odd_parity(DES_cblock *key); -int DES_check_key_parity(const_DES_cblock *key); -int DES_is_weak_key(const_DES_cblock *key); -/* DES_set_key (= set_key = DES_key_sched = key_sched) calls - * DES_set_key_checked if global variable DES_check_key is set, - * DES_set_key_unchecked otherwise. */ -int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule); -int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule); -int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule); -void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule); -void DES_string_to_key(const char *str, DES_cblock *key); -void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2); -void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length, - DES_key_schedule *schedule, DES_cblock *ivec, int *num, - int enc); -void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length, - DES_key_schedule *schedule, DES_cblock *ivec, int *num); - -#define DES_fixup_key_parity DES_set_odd_parity - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/des/des_cksum.c b/src/lib/libcrypto/des/des_cksum.c deleted file mode 100644 index 6dfb8a0340..0000000000 --- a/src/lib/libcrypto/des/des_cksum.c +++ /dev/null @@ -1,173 +0,0 @@ -/* $OpenBSD: des_cksum.c,v 1.1 2024/08/31 15:56:09 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* From "Message Authentication" R.R. Jueneman, S.M. Matyas, C.H. Meyer - * IEEE Communications Magazine Sept 1985 Vol. 23 No. 9 p 29-40 - * This module in only based on the code in this paper and is - * almost definitely not the same as the MIT implementation. - */ -#include "des_local.h" - -/* bug fix for dos - 7/6/91 - Larry hughes@logos.ucs.indiana.edu */ -#define Q_B0(a) (((DES_LONG)(a))) -#define Q_B1(a) (((DES_LONG)(a))<<8) -#define Q_B2(a) (((DES_LONG)(a))<<16) -#define Q_B3(a) (((DES_LONG)(a))<<24) - -/* used to scramble things a bit */ -/* Got the value MIT uses via brute force :-) 2/10/90 eay */ -#define NOISE ((DES_LONG)83653421L) - -DES_LONG -DES_cbc_cksum(const unsigned char *in, DES_cblock *output, - long length, DES_key_schedule *schedule, - const_DES_cblock *ivec) -{ - DES_LONG tout0, tout1, tin0, tin1; - long l = length; - DES_LONG tin[2]; - unsigned char *out = &(*output)[0]; - const unsigned char *iv = &(*ivec)[0]; - - c2l(iv, tout0); - c2l(iv, tout1); - for (; l > 0; l -= 8) { - if (l >= 8) { - c2l(in, tin0); - c2l(in, tin1); - } else - c2ln(in, tin0, tin1, l); - - tin0 ^= tout0; - tin[0] = tin0; - tin1 ^= tout1; - tin[1] = tin1; - DES_encrypt1((DES_LONG *)tin, schedule, DES_ENCRYPT); - /* fix 15/10/91 eay - thanks to keithr@sco.COM */ - tout0 = tin[0]; - tout1 = tin[1]; - } - if (out != NULL) { - l2c(tout0, out); - l2c(tout1, out); - } - tout0 = tin0 = tin1 = tin[0] = tin[1] = 0; - /* - Transform the data in tout1 so that it will - match the return value that the MIT Kerberos - mit_des_cbc_cksum API returns. - */ - tout1 = ((tout1 >> 24L) & 0x000000FF) | - ((tout1 >> 8L) & 0x0000FF00) | - ((tout1 << 8L) & 0x00FF0000) | - ((tout1 << 24L) & 0xFF000000); - return (tout1); -} -LCRYPTO_ALIAS(DES_cbc_cksum); - -DES_LONG -DES_quad_cksum(const unsigned char *input, DES_cblock output[], - long length, int out_count, DES_cblock *seed) -{ - DES_LONG z0, z1, t0, t1; - int i; - long l; - const unsigned char *cp; - DES_LONG *lp; - - if (out_count < 1) - out_count = 1; - lp = (DES_LONG *)&(output[0])[0]; - - z0 = Q_B0((*seed)[0])|Q_B1((*seed)[1])|Q_B2((*seed)[2])|Q_B3( - (*seed)[3]); - z1 = Q_B0((*seed)[4])|Q_B1((*seed)[5])|Q_B2((*seed)[6])|Q_B3( - (*seed)[7]); - - for (i = 0; ((i < 4) && (i < out_count)); i++) { - cp = input; - l = length; - while (l > 0) { - if (l > 1) { - t0 = (DES_LONG)(*(cp++)); - t0 |= (DES_LONG)Q_B1(*(cp++)); - l--; - } else - t0 = (DES_LONG)(*(cp++)); - l--; - /* add */ - t0 += z0; - t0 &= 0xffffffffL; - t1 = z1; - /* square, well sort of square */ - z0 = ((((t0*t0) & 0xffffffffL) + - ((t1*t1) & 0xffffffffL)) & 0xffffffffL) % - 0x7fffffffL; - z1 = ((t0*((t1 + NOISE) & 0xffffffffL)) & 0xffffffffL) % - 0x7fffffffL; - } - if (lp != NULL) { - /* The MIT library assumes that the checksum is - * composed of 2*out_count 32 bit ints */ - *lp++ = z0; - *lp++ = z1; - } - } - return (z0); -} -LCRYPTO_ALIAS(DES_quad_cksum); diff --git a/src/lib/libcrypto/des/des_enc.c b/src/lib/libcrypto/des/des_enc.c deleted file mode 100644 index deec50bffb..0000000000 --- a/src/lib/libcrypto/des/des_enc.c +++ /dev/null @@ -1,611 +0,0 @@ -/* $OpenBSD: des_enc.c,v 1.20 2024/08/31 16:17:13 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include "des_local.h" - -const DES_LONG DES_SPtrans[8][64] = { - { -/* nibble 0 */ - 0x02080800L, 0x00080000L, 0x02000002L, 0x02080802L, - 0x02000000L, 0x00080802L, 0x00080002L, 0x02000002L, - 0x00080802L, 0x02080800L, 0x02080000L, 0x00000802L, - 0x02000802L, 0x02000000L, 0x00000000L, 0x00080002L, - 0x00080000L, 0x00000002L, 0x02000800L, 0x00080800L, - 0x02080802L, 0x02080000L, 0x00000802L, 0x02000800L, - 0x00000002L, 0x00000800L, 0x00080800L, 0x02080002L, - 0x00000800L, 0x02000802L, 0x02080002L, 0x00000000L, - 0x00000000L, 0x02080802L, 0x02000800L, 0x00080002L, - 0x02080800L, 0x00080000L, 0x00000802L, 0x02000800L, - 0x02080002L, 0x00000800L, 0x00080800L, 0x02000002L, - 0x00080802L, 0x00000002L, 0x02000002L, 0x02080000L, - 0x02080802L, 0x00080800L, 0x02080000L, 0x02000802L, - 0x02000000L, 0x00000802L, 0x00080002L, 0x00000000L, - 0x00080000L, 0x02000000L, 0x02000802L, 0x02080800L, - 0x00000002L, 0x02080002L, 0x00000800L, 0x00080802L, - }, { -/* nibble 1 */ - 0x40108010L, 0x00000000L, 0x00108000L, 0x40100000L, - 0x40000010L, 0x00008010L, 0x40008000L, 0x00108000L, - 0x00008000L, 0x40100010L, 0x00000010L, 0x40008000L, - 0x00100010L, 0x40108000L, 0x40100000L, 0x00000010L, - 0x00100000L, 0x40008010L, 0x40100010L, 0x00008000L, - 0x00108010L, 0x40000000L, 0x00000000L, 0x00100010L, - 0x40008010L, 0x00108010L, 0x40108000L, 0x40000010L, - 0x40000000L, 0x00100000L, 0x00008010L, 0x40108010L, - 0x00100010L, 0x40108000L, 0x40008000L, 0x00108010L, - 0x40108010L, 0x00100010L, 0x40000010L, 0x00000000L, - 0x40000000L, 0x00008010L, 0x00100000L, 0x40100010L, - 0x00008000L, 0x40000000L, 0x00108010L, 0x40008010L, - 0x40108000L, 0x00008000L, 0x00000000L, 0x40000010L, - 0x00000010L, 0x40108010L, 0x00108000L, 0x40100000L, - 0x40100010L, 0x00100000L, 0x00008010L, 0x40008000L, - 0x40008010L, 0x00000010L, 0x40100000L, 0x00108000L, - }, { -/* nibble 2 */ - 0x04000001L, 0x04040100L, 0x00000100L, 0x04000101L, - 0x00040001L, 0x04000000L, 0x04000101L, 0x00040100L, - 0x04000100L, 0x00040000L, 0x04040000L, 0x00000001L, - 0x04040101L, 0x00000101L, 0x00000001L, 0x04040001L, - 0x00000000L, 0x00040001L, 0x04040100L, 0x00000100L, - 0x00000101L, 0x04040101L, 0x00040000L, 0x04000001L, - 0x04040001L, 0x04000100L, 0x00040101L, 0x04040000L, - 0x00040100L, 0x00000000L, 0x04000000L, 0x00040101L, - 0x04040100L, 0x00000100L, 0x00000001L, 0x00040000L, - 0x00000101L, 0x00040001L, 0x04040000L, 0x04000101L, - 0x00000000L, 0x04040100L, 0x00040100L, 0x04040001L, - 0x00040001L, 0x04000000L, 0x04040101L, 0x00000001L, - 0x00040101L, 0x04000001L, 0x04000000L, 0x04040101L, - 0x00040000L, 0x04000100L, 0x04000101L, 0x00040100L, - 0x04000100L, 0x00000000L, 0x04040001L, 0x00000101L, - 0x04000001L, 0x00040101L, 0x00000100L, 0x04040000L, - }, { -/* nibble 3 */ - 0x00401008L, 0x10001000L, 0x00000008L, 0x10401008L, - 0x00000000L, 0x10400000L, 0x10001008L, 0x00400008L, - 0x10401000L, 0x10000008L, 0x10000000L, 0x00001008L, - 0x10000008L, 0x00401008L, 0x00400000L, 0x10000000L, - 0x10400008L, 0x00401000L, 0x00001000L, 0x00000008L, - 0x00401000L, 0x10001008L, 0x10400000L, 0x00001000L, - 0x00001008L, 0x00000000L, 0x00400008L, 0x10401000L, - 0x10001000L, 0x10400008L, 0x10401008L, 0x00400000L, - 0x10400008L, 0x00001008L, 0x00400000L, 0x10000008L, - 0x00401000L, 0x10001000L, 0x00000008L, 0x10400000L, - 0x10001008L, 0x00000000L, 0x00001000L, 0x00400008L, - 0x00000000L, 0x10400008L, 0x10401000L, 0x00001000L, - 0x10000000L, 0x10401008L, 0x00401008L, 0x00400000L, - 0x10401008L, 0x00000008L, 0x10001000L, 0x00401008L, - 0x00400008L, 0x00401000L, 0x10400000L, 0x10001008L, - 0x00001008L, 0x10000000L, 0x10000008L, 0x10401000L, - }, { -/* nibble 4 */ - 0x08000000L, 0x00010000L, 0x00000400L, 0x08010420L, - 0x08010020L, 0x08000400L, 0x00010420L, 0x08010000L, - 0x00010000L, 0x00000020L, 0x08000020L, 0x00010400L, - 0x08000420L, 0x08010020L, 0x08010400L, 0x00000000L, - 0x00010400L, 0x08000000L, 0x00010020L, 0x00000420L, - 0x08000400L, 0x00010420L, 0x00000000L, 0x08000020L, - 0x00000020L, 0x08000420L, 0x08010420L, 0x00010020L, - 0x08010000L, 0x00000400L, 0x00000420L, 0x08010400L, - 0x08010400L, 0x08000420L, 0x00010020L, 0x08010000L, - 0x00010000L, 0x00000020L, 0x08000020L, 0x08000400L, - 0x08000000L, 0x00010400L, 0x08010420L, 0x00000000L, - 0x00010420L, 0x08000000L, 0x00000400L, 0x00010020L, - 0x08000420L, 0x00000400L, 0x00000000L, 0x08010420L, - 0x08010020L, 0x08010400L, 0x00000420L, 0x00010000L, - 0x00010400L, 0x08010020L, 0x08000400L, 0x00000420L, - 0x00000020L, 0x00010420L, 0x08010000L, 0x08000020L, - }, { -/* nibble 5 */ - 0x80000040L, 0x00200040L, 0x00000000L, 0x80202000L, - 0x00200040L, 0x00002000L, 0x80002040L, 0x00200000L, - 0x00002040L, 0x80202040L, 0x00202000L, 0x80000000L, - 0x80002000L, 0x80000040L, 0x80200000L, 0x00202040L, - 0x00200000L, 0x80002040L, 0x80200040L, 0x00000000L, - 0x00002000L, 0x00000040L, 0x80202000L, 0x80200040L, - 0x80202040L, 0x80200000L, 0x80000000L, 0x00002040L, - 0x00000040L, 0x00202000L, 0x00202040L, 0x80002000L, - 0x00002040L, 0x80000000L, 0x80002000L, 0x00202040L, - 0x80202000L, 0x00200040L, 0x00000000L, 0x80002000L, - 0x80000000L, 0x00002000L, 0x80200040L, 0x00200000L, - 0x00200040L, 0x80202040L, 0x00202000L, 0x00000040L, - 0x80202040L, 0x00202000L, 0x00200000L, 0x80002040L, - 0x80000040L, 0x80200000L, 0x00202040L, 0x00000000L, - 0x00002000L, 0x80000040L, 0x80002040L, 0x80202000L, - 0x80200000L, 0x00002040L, 0x00000040L, 0x80200040L, - }, { -/* nibble 6 */ - 0x00004000L, 0x00000200L, 0x01000200L, 0x01000004L, - 0x01004204L, 0x00004004L, 0x00004200L, 0x00000000L, - 0x01000000L, 0x01000204L, 0x00000204L, 0x01004000L, - 0x00000004L, 0x01004200L, 0x01004000L, 0x00000204L, - 0x01000204L, 0x00004000L, 0x00004004L, 0x01004204L, - 0x00000000L, 0x01000200L, 0x01000004L, 0x00004200L, - 0x01004004L, 0x00004204L, 0x01004200L, 0x00000004L, - 0x00004204L, 0x01004004L, 0x00000200L, 0x01000000L, - 0x00004204L, 0x01004000L, 0x01004004L, 0x00000204L, - 0x00004000L, 0x00000200L, 0x01000000L, 0x01004004L, - 0x01000204L, 0x00004204L, 0x00004200L, 0x00000000L, - 0x00000200L, 0x01000004L, 0x00000004L, 0x01000200L, - 0x00000000L, 0x01000204L, 0x01000200L, 0x00004200L, - 0x00000204L, 0x00004000L, 0x01004204L, 0x01000000L, - 0x01004200L, 0x00000004L, 0x00004004L, 0x01004204L, - 0x01000004L, 0x01004200L, 0x01004000L, 0x00004004L, - }, { -/* nibble 7 */ - 0x20800080L, 0x20820000L, 0x00020080L, 0x00000000L, - 0x20020000L, 0x00800080L, 0x20800000L, 0x20820080L, - 0x00000080L, 0x20000000L, 0x00820000L, 0x00020080L, - 0x00820080L, 0x20020080L, 0x20000080L, 0x20800000L, - 0x00020000L, 0x00820080L, 0x00800080L, 0x20020000L, - 0x20820080L, 0x20000080L, 0x00000000L, 0x00820000L, - 0x20000000L, 0x00800000L, 0x20020080L, 0x20800080L, - 0x00800000L, 0x00020000L, 0x20820000L, 0x00000080L, - 0x00800000L, 0x00020000L, 0x20000080L, 0x20820080L, - 0x00020080L, 0x20000000L, 0x00000000L, 0x00820000L, - 0x20800080L, 0x20020080L, 0x20020000L, 0x00800080L, - 0x20820000L, 0x00000080L, 0x00800080L, 0x20020000L, - 0x20820080L, 0x00800000L, 0x20800000L, 0x20000080L, - 0x00820000L, 0x00020080L, 0x20020080L, 0x20800000L, - 0x00000080L, 0x20820000L, 0x00820080L, 0x00000000L, - 0x20000000L, 0x20800080L, 0x00020000L, 0x00820080L, - }, -}; - -void -DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc) -{ - DES_LONG l, r, t, u; -#ifndef DES_UNROLL - int i; -#endif - DES_LONG *s; - - r = data[0]; - l = data[1]; - - IP(r, l); - /* Things have been modified so that the initial rotate is - * done outside the loop. This required the - * DES_SPtrans values in sp.h to be rotated 1 bit to the right. - * One perl script later and things have a 5% speed up on a sparc2. - * Thanks to Richard Outerbridge <71755.204@CompuServe.COM> - * for pointing this out. */ - /* clear the top bits on machines with 8byte longs */ - /* shift left by 2 */ - r = ROTATE(r, 29) & 0xffffffffL; - l = ROTATE(l, 29) & 0xffffffffL; - - s = ks->ks->deslong; - /* I don't know if it is worth the effort of loop unrolling the - * inner loop */ - if (enc) { -#ifdef DES_UNROLL - D_ENCRYPT(l, r, 0); /* 1 */ - D_ENCRYPT(r, l, 2); /* 2 */ - D_ENCRYPT(l, r, 4); /* 3 */ - D_ENCRYPT(r, l, 6); /* 4 */ - D_ENCRYPT(l, r, 8); /* 5 */ - D_ENCRYPT(r, l, 10); /* 6 */ - D_ENCRYPT(l, r, 12); /* 7 */ - D_ENCRYPT(r, l, 14); /* 8 */ - D_ENCRYPT(l, r, 16); /* 9 */ - D_ENCRYPT(r, l, 18); /* 10 */ - D_ENCRYPT(l, r, 20); /* 11 */ - D_ENCRYPT(r, l, 22); /* 12 */ - D_ENCRYPT(l, r, 24); /* 13 */ - D_ENCRYPT(r, l, 26); /* 14 */ - D_ENCRYPT(l, r, 28); /* 15 */ - D_ENCRYPT(r, l, 30); /* 16 */ -#else - for (i = 0; i < 32; i += 4) { - D_ENCRYPT(l, r, i + 0); /* 1 */ - D_ENCRYPT(r, l, i + 2); /* 2 */ - } -#endif - } else { -#ifdef DES_UNROLL - D_ENCRYPT(l, r, 30); /* 16 */ - D_ENCRYPT(r, l, 28); /* 15 */ - D_ENCRYPT(l, r, 26); /* 14 */ - D_ENCRYPT(r, l, 24); /* 13 */ - D_ENCRYPT(l, r, 22); /* 12 */ - D_ENCRYPT(r, l, 20); /* 11 */ - D_ENCRYPT(l, r, 18); /* 10 */ - D_ENCRYPT(r, l, 16); /* 9 */ - D_ENCRYPT(l, r, 14); /* 8 */ - D_ENCRYPT(r, l, 12); /* 7 */ - D_ENCRYPT(l, r, 10); /* 6 */ - D_ENCRYPT(r, l, 8); /* 5 */ - D_ENCRYPT(l, r, 6); /* 4 */ - D_ENCRYPT(r, l, 4); /* 3 */ - D_ENCRYPT(l, r, 2); /* 2 */ - D_ENCRYPT(r, l, 0); /* 1 */ -#else - for (i = 30; i > 0; i -= 4) { - D_ENCRYPT(l, r, i - 0); /* 16 */ - D_ENCRYPT(r, l, i - 2); /* 15 */ - } -#endif - } - - /* rotate and clear the top bits on machines with 8byte longs */ - l = ROTATE(l, 3) & 0xffffffffL; - r = ROTATE(r, 3) & 0xffffffffL; - - FP(r, l); - data[0] = l; - data[1] = r; - l = r = t = u = 0; -} -LCRYPTO_ALIAS(DES_encrypt1); - -void -DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc) -{ - DES_LONG l, r, t, u; -#ifndef DES_UNROLL - int i; -#endif - DES_LONG *s; - - r = data[0]; - l = data[1]; - - /* Things have been modified so that the initial rotate is - * done outside the loop. This required the - * DES_SPtrans values in sp.h to be rotated 1 bit to the right. - * One perl script later and things have a 5% speed up on a sparc2. - * Thanks to Richard Outerbridge <71755.204@CompuServe.COM> - * for pointing this out. */ - /* clear the top bits on machines with 8byte longs */ - r = ROTATE(r, 29) & 0xffffffffL; - l = ROTATE(l, 29) & 0xffffffffL; - - s = ks->ks->deslong; - /* I don't know if it is worth the effort of loop unrolling the - * inner loop */ - if (enc) { -#ifdef DES_UNROLL - D_ENCRYPT(l, r, 0); /* 1 */ - D_ENCRYPT(r, l, 2); /* 2 */ - D_ENCRYPT(l, r, 4); /* 3 */ - D_ENCRYPT(r, l, 6); /* 4 */ - D_ENCRYPT(l, r, 8); /* 5 */ - D_ENCRYPT(r, l, 10); /* 6 */ - D_ENCRYPT(l, r, 12); /* 7 */ - D_ENCRYPT(r, l, 14); /* 8 */ - D_ENCRYPT(l, r, 16); /* 9 */ - D_ENCRYPT(r, l, 18); /* 10 */ - D_ENCRYPT(l, r, 20); /* 11 */ - D_ENCRYPT(r, l, 22); /* 12 */ - D_ENCRYPT(l, r, 24); /* 13 */ - D_ENCRYPT(r, l, 26); /* 14 */ - D_ENCRYPT(l, r, 28); /* 15 */ - D_ENCRYPT(r, l, 30); /* 16 */ -#else - for (i = 0; i < 32; i += 4) { - D_ENCRYPT(l, r, i + 0); /* 1 */ - D_ENCRYPT(r, l, i + 2); /* 2 */ - } -#endif - } else { -#ifdef DES_UNROLL - D_ENCRYPT(l, r, 30); /* 16 */ - D_ENCRYPT(r, l, 28); /* 15 */ - D_ENCRYPT(l, r, 26); /* 14 */ - D_ENCRYPT(r, l, 24); /* 13 */ - D_ENCRYPT(l, r, 22); /* 12 */ - D_ENCRYPT(r, l, 20); /* 11 */ - D_ENCRYPT(l, r, 18); /* 10 */ - D_ENCRYPT(r, l, 16); /* 9 */ - D_ENCRYPT(l, r, 14); /* 8 */ - D_ENCRYPT(r, l, 12); /* 7 */ - D_ENCRYPT(l, r, 10); /* 6 */ - D_ENCRYPT(r, l, 8); /* 5 */ - D_ENCRYPT(l, r, 6); /* 4 */ - D_ENCRYPT(r, l, 4); /* 3 */ - D_ENCRYPT(l, r, 2); /* 2 */ - D_ENCRYPT(r, l, 0); /* 1 */ -#else - for (i = 30; i > 0; i -= 4) { - D_ENCRYPT(l, r, i - 0); /* 16 */ - D_ENCRYPT(r, l, i - 2); /* 15 */ - } -#endif - } - /* rotate and clear the top bits on machines with 8byte longs */ - data[0] = ROTATE(l, 3) & 0xffffffffL; - data[1] = ROTATE(r, 3) & 0xffffffffL; - l = r = t = u = 0; -} -LCRYPTO_ALIAS(DES_encrypt2); - -void -DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1, - DES_key_schedule *ks2, DES_key_schedule *ks3) -{ - DES_LONG l, r; - - l = data[0]; - r = data[1]; - IP(l, r); - data[0] = l; - data[1] = r; - DES_encrypt2((DES_LONG *)data, ks1, DES_ENCRYPT); - DES_encrypt2((DES_LONG *)data, ks2, DES_DECRYPT); - DES_encrypt2((DES_LONG *)data, ks3, DES_ENCRYPT); - l = data[0]; - r = data[1]; - FP(r, l); - data[0] = l; - data[1] = r; -} -LCRYPTO_ALIAS(DES_encrypt3); - -void -DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1, - DES_key_schedule *ks2, DES_key_schedule *ks3) -{ - DES_LONG l, r; - - l = data[0]; - r = data[1]; - IP(l, r); - data[0] = l; - data[1] = r; - DES_encrypt2((DES_LONG *)data, ks3, DES_DECRYPT); - DES_encrypt2((DES_LONG *)data, ks2, DES_ENCRYPT); - DES_encrypt2((DES_LONG *)data, ks1, DES_DECRYPT); - l = data[0]; - r = data[1]; - FP(r, l); - data[0] = l; - data[1] = r; -} -LCRYPTO_ALIAS(DES_decrypt3); - -#ifndef DES_DEFAULT_OPTIONS - -void -DES_ncbc_encrypt(const unsigned char *in, unsigned char *out, long length, - DES_key_schedule *_schedule, DES_cblock *ivec, int enc) -{ - DES_LONG tin0, tin1; - DES_LONG tout0, tout1, xor0, xor1; - long l = length; - DES_LONG tin[2]; - unsigned char *iv; - - iv = &(*ivec)[0]; - - if (enc) { - c2l(iv, tout0); - c2l(iv, tout1); - for (l -= 8; l >= 0; l -= 8) { - c2l(in, tin0); - c2l(in, tin1); - tin0 ^= tout0; - tin[0] = tin0; - tin1 ^= tout1; - tin[1] = tin1; - DES_encrypt1((DES_LONG *)tin, _schedule, DES_ENCRYPT); - tout0 = tin[0]; - l2c(tout0, out); - tout1 = tin[1]; - l2c(tout1, out); - } - if (l != -8) { - c2ln(in, tin0, tin1, l + 8); - tin0 ^= tout0; - tin[0] = tin0; - tin1 ^= tout1; - tin[1] = tin1; - DES_encrypt1((DES_LONG *)tin, _schedule, DES_ENCRYPT); - tout0 = tin[0]; - l2c(tout0, out); - tout1 = tin[1]; - l2c(tout1, out); - } - iv = &(*ivec)[0]; - l2c(tout0, iv); - l2c(tout1, iv); - } else { - c2l(iv, xor0); - c2l(iv, xor1); - for (l -= 8; l >= 0; l -= 8) { - c2l(in, tin0); - tin[0] = tin0; - c2l(in, tin1); - tin[1] = tin1; - DES_encrypt1((DES_LONG *)tin, _schedule, DES_DECRYPT); - tout0 = tin[0] ^ xor0; - tout1 = tin[1] ^ xor1; - l2c(tout0, out); - l2c(tout1, out); - xor0 = tin0; - xor1 = tin1; - } - if (l != -8) { - c2l(in, tin0); - tin[0] = tin0; - c2l(in, tin1); - tin[1] = tin1; - DES_encrypt1((DES_LONG *)tin, _schedule, DES_DECRYPT); - tout0 = tin[0] ^ xor0; - tout1 = tin[1] ^ xor1; - l2cn(tout0, tout1, out, l + 8); - xor0 = tin0; - xor1 = tin1; - } - iv = &(*ivec)[0]; - l2c(xor0, iv); - l2c(xor1, iv); - } - tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0; - tin[0] = tin[1] = 0; -} -LCRYPTO_ALIAS(DES_ncbc_encrypt); - -void -DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output, - long length, DES_key_schedule *ks1, - DES_key_schedule *ks2, DES_key_schedule *ks3, - DES_cblock *ivec, int enc) -{ - DES_LONG tin0, tin1; - DES_LONG tout0, tout1, xor0, xor1; - const unsigned char *in; - unsigned char *out; - long l = length; - DES_LONG tin[2]; - unsigned char *iv; - - in = input; - out = output; - iv = &(*ivec)[0]; - - if (enc) { - c2l(iv, tout0); - c2l(iv, tout1); - for (l -= 8; l >= 0; l -= 8) { - c2l(in, tin0); - c2l(in, tin1); - tin0 ^= tout0; - tin1 ^= tout1; - - tin[0] = tin0; - tin[1] = tin1; - DES_encrypt3((DES_LONG *)tin, ks1, ks2, ks3); - tout0 = tin[0]; - tout1 = tin[1]; - - l2c(tout0, out); - l2c(tout1, out); - } - if (l != -8) { - c2ln(in, tin0, tin1, l + 8); - tin0 ^= tout0; - tin1 ^= tout1; - - tin[0] = tin0; - tin[1] = tin1; - DES_encrypt3((DES_LONG *)tin, ks1, ks2, ks3); - tout0 = tin[0]; - tout1 = tin[1]; - - l2c(tout0, out); - l2c(tout1, out); - } - iv = &(*ivec)[0]; - l2c(tout0, iv); - l2c(tout1, iv); - } else { - DES_LONG t0, t1; - - c2l(iv, xor0); - c2l(iv, xor1); - for (l -= 8; l >= 0; l -= 8) { - c2l(in, tin0); - c2l(in, tin1); - - t0 = tin0; - t1 = tin1; - - tin[0] = tin0; - tin[1] = tin1; - DES_decrypt3((DES_LONG *)tin, ks1, ks2, ks3); - tout0 = tin[0]; - tout1 = tin[1]; - - tout0 ^= xor0; - tout1 ^= xor1; - l2c(tout0, out); - l2c(tout1, out); - xor0 = t0; - xor1 = t1; - } - if (l != -8) { - c2l(in, tin0); - c2l(in, tin1); - - t0 = tin0; - t1 = tin1; - - tin[0] = tin0; - tin[1] = tin1; - DES_decrypt3((DES_LONG *)tin, ks1, ks2, ks3); - tout0 = tin[0]; - tout1 = tin[1]; - - tout0 ^= xor0; - tout1 ^= xor1; - l2cn(tout0, tout1, out, l + 8); - xor0 = t0; - xor1 = t1; - } - - iv = &(*ivec)[0]; - l2c(xor0, iv); - l2c(xor1, iv); - } - tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0; - tin[0] = tin[1] = 0; -} -LCRYPTO_ALIAS(DES_ede3_cbc_encrypt); - -#endif /* DES_DEFAULT_OPTIONS */ diff --git a/src/lib/libcrypto/des/des_fcrypt.c b/src/lib/libcrypto/des/des_fcrypt.c deleted file mode 100644 index b33b1240c2..0000000000 --- a/src/lib/libcrypto/des/des_fcrypt.c +++ /dev/null @@ -1,254 +0,0 @@ -/* $OpenBSD: des_fcrypt.c,v 1.4 2024/08/31 16:22:18 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -/* This version of crypt has been developed from my MIT compatible - * DES library. - * Eric Young (eay@cryptsoft.com) - */ - -/* Modification by Jens Kupferschmidt (Cu) - * I have included directive PARA for shared memory computers. - * I have included a directive LONGCRYPT to using this routine to cipher - * passwords with more than 8 bytes like HP-UX 10.x it used. The MAXPLEN - * definition is the maximum of length of password and can changed. I have - * defined 24. - */ - -#define DES_FCRYPT -#include "des_local.h" -#undef DES_FCRYPT - -#undef PERM_OP -#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)), \ - (b)^=(t), \ - (a)^=((t)<<(n))) - -#undef HPERM_OP -#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)), \ - (a)=(a)^(t)^(t>>(16-(n)))) \ - -static void -fcrypt_body(DES_LONG *out, DES_key_schedule *ks, DES_LONG Eswap0, - DES_LONG Eswap1) -{ - DES_LONG l, r, t, u; - DES_LONG *s; - int j; - DES_LONG E0, E1; - - l = 0; - r = 0; - - s = (DES_LONG *)ks; - E0 = Eswap0; - E1 = Eswap1; - - for (j = 0; j < 25; j++) { -#ifndef DES_UNROLL - int i; - - for (i = 0; i < 32; i += 4) { - D_ENCRYPT(l, r, i + 0); /* 1 */ - D_ENCRYPT(r, l, i + 2); /* 2 */ - } -#else - D_ENCRYPT(l, r, 0); /* 1 */ - D_ENCRYPT(r, l, 2); /* 2 */ - D_ENCRYPT(l, r, 4); /* 3 */ - D_ENCRYPT(r, l, 6); /* 4 */ - D_ENCRYPT(l, r, 8); /* 5 */ - D_ENCRYPT(r, l, 10); /* 6 */ - D_ENCRYPT(l, r, 12); /* 7 */ - D_ENCRYPT(r, l, 14); /* 8 */ - D_ENCRYPT(l, r, 16); /* 9 */ - D_ENCRYPT(r, l, 18); /* 10 */ - D_ENCRYPT(l, r, 20); /* 11 */ - D_ENCRYPT(r, l, 22); /* 12 */ - D_ENCRYPT(l, r, 24); /* 13 */ - D_ENCRYPT(r, l, 26); /* 14 */ - D_ENCRYPT(l, r, 28); /* 15 */ - D_ENCRYPT(r, l, 30); /* 16 */ -#endif - - t = l; - l = r; - r = t; - } - l = ROTATE(l, 3) & 0xffffffffL; - r = ROTATE(r, 3) & 0xffffffffL; - - PERM_OP(l, r, t, 1, 0x55555555L); - PERM_OP(r, l, t, 8, 0x00ff00ffL); - PERM_OP(l, r, t, 2, 0x33333333L); - PERM_OP(r, l, t, 16, 0x0000ffffL); - PERM_OP(l, r, t, 4, 0x0f0f0f0fL); - - out[0] = r; - out[1] = l; -} - -/* Added more values to handle illegal salt values the way normal - * crypt() implementations do. The patch was sent by - * Bjorn Gronvall - */ -static unsigned const char con_salt[128] = { - 0xD2, 0xD3, 0xD4, 0xD5, 0xD6, 0xD7, 0xD8, 0xD9, - 0xDA, 0xDB, 0xDC, 0xDD, 0xDE, 0xDF, 0xE0, 0xE1, - 0xE2, 0xE3, 0xE4, 0xE5, 0xE6, 0xE7, 0xE8, 0xE9, - 0xEA, 0xEB, 0xEC, 0xED, 0xEE, 0xEF, 0xF0, 0xF1, - 0xF2, 0xF3, 0xF4, 0xF5, 0xF6, 0xF7, 0xF8, 0xF9, - 0xFA, 0xFB, 0xFC, 0xFD, 0xFE, 0xFF, 0x00, 0x01, - 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, - 0x0A, 0x0B, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, - 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, - 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, - 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, - 0x23, 0x24, 0x25, 0x20, 0x21, 0x22, 0x23, 0x24, - 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, - 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, - 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, - 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44, -}; - -static unsigned const char cov_2char[64] = { - 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, - 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, - 0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C, - 0x4D, 0x4E, 0x4F, 0x50, 0x51, 0x52, 0x53, 0x54, - 0x55, 0x56, 0x57, 0x58, 0x59, 0x5A, 0x61, 0x62, - 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6A, - 0x6B, 0x6C, 0x6D, 0x6E, 0x6F, 0x70, 0x71, 0x72, - 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7A -}; - -char * -DES_crypt(const char *buf, const char *salt) -{ - static char buff[14]; - - return (DES_fcrypt(buf, salt, buff)); -} -LCRYPTO_ALIAS(DES_crypt); - -char * -DES_fcrypt(const char *buf, const char *salt, char *ret) -{ - unsigned int i, j, x, y; - DES_LONG Eswap0, Eswap1; - DES_LONG out[2], ll; - DES_cblock key; - DES_key_schedule ks; - unsigned char bb[9]; - unsigned char *b = bb; - unsigned char c, u; - - /* eay 25/08/92 - * If you call crypt("pwd","*") as often happens when you - * have * as the pwd field in /etc/passwd, the function - * returns *\0xxxxxxxxx - * The \0 makes the string look like * so the pwd "*" would - * crypt to "*". This was found when replacing the crypt in - * our shared libraries. People found that the disabled - * accounts effectively had no passwd :-(. */ - x = ret[0] = ((salt[0] == '\0') ? 'A' : salt[0]); - Eswap0 = con_salt[x] << 2; - x = ret[1] = ((salt[1] == '\0') ? 'A' : salt[1]); - Eswap1 = con_salt[x] << 6; -/* EAY -r=strlen(buf); -r=(r+7)/8; -*/ - for (i = 0; i < 8; i++) { - c = *(buf++); - if (!c) - break; - key[i] = (c << 1); - } - for (; i < 8; i++) - key[i] = 0; - - DES_set_key_unchecked(&key, &ks); - fcrypt_body(&(out[0]), &ks, Eswap0, Eswap1); - - ll = out[0]; - l2c(ll, b); - ll = out[1]; - l2c(ll, b); - y = 0; - u = 0x80; - bb[8] = 0; - for (i = 2; i < 13; i++) { - c = 0; - for (j = 0; j < 6; j++) { - c <<= 1; - if (bb[y] & u) - c |= 1; - u >>= 1; - if (!u) { - y++; - u = 0x80; - } - } - ret[i] = cov_2char[c]; - } - ret[13] = '\0'; - return (ret); -} -LCRYPTO_ALIAS(DES_fcrypt); diff --git a/src/lib/libcrypto/des/des_key.c b/src/lib/libcrypto/des/des_key.c deleted file mode 100644 index eee8a7e127..0000000000 --- a/src/lib/libcrypto/des/des_key.c +++ /dev/null @@ -1,523 +0,0 @@ -/* $OpenBSD: des_key.c,v 1.1 2024/08/31 15:56:09 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include - -#include "des_local.h" - -int DES_check_key = 0; /* defaults to false */ -LCRYPTO_ALIAS(DES_check_key); - -static const unsigned char odd_parity[256] = { - 1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14, - 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31, - 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47, - 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62, - 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79, - 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94, - 97, 97, 98, 98, 100, 100, 103, 103, 104, 104, 107, 107, 109, 109, 110, 110, - 112, 112, 115, 115, 117, 117, 118, 118, 121, 121, 122, 122, 124, 124, 127, 127, - 128, 128, 131, 131, 133, 133, 134, 134, 137, 137, 138, 138, 140, 140, 143, 143, - 145, 145, 146, 146, 148, 148, 151, 151, 152, 152, 155, 155, 157, 157, 158, 158, - 161, 161, 162, 162, 164, 164, 167, 167, 168, 168, 171, 171, 173, 173, 174, 174, - 176, 176, 179, 179, 181, 181, 182, 182, 185, 185, 186, 186, 188, 188, 191, 191, - 193, 193, 194, 194, 196, 196, 199, 199, 200, 200, 203, 203, 205, 205, 206, 206, - 208, 208, 211, 211, 213, 213, 214, 214, 217, 217, 218, 218, 220, 220, 223, 223, - 224, 224, 227, 227, 229, 229, 230, 230, 233, 233, 234, 234, 236, 236, 239, 239, - 241, 241, 242, 242, 244, 244, 247, 247, 248, 248, 251, 251, 253, 253, 254, 254, -}; - -void -DES_set_odd_parity(DES_cblock *key) -{ - unsigned int i; - - for (i = 0; i < DES_KEY_SZ; i++) - (*key)[i] = odd_parity[(*key)[i]]; -} -LCRYPTO_ALIAS(DES_set_odd_parity); - -int -DES_check_key_parity(const_DES_cblock *key) -{ - unsigned int i; - - for (i = 0; i < DES_KEY_SZ; i++) { - if ((*key)[i] != odd_parity[(*key)[i]]) - return (0); - } - return (1); -} -LCRYPTO_ALIAS(DES_check_key_parity); - -/* Weak and semi weak keys as taken from - * %A D.W. Davies - * %A W.L. Price - * %T Security for Computer Networks - * %I John Wiley & Sons - * %D 1984 - * Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference - * (and actual cblock values). - */ -#define NUM_WEAK_KEY 16 -static const DES_cblock weak_keys[NUM_WEAK_KEY] = { - /* weak keys */ - {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01}, - {0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE}, - {0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E}, - {0xE0, 0xE0, 0xE0, 0xE0, 0xF1, 0xF1, 0xF1, 0xF1}, - /* semi-weak keys */ - {0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE}, - {0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01}, - {0x1F, 0xE0, 0x1F, 0xE0, 0x0E, 0xF1, 0x0E, 0xF1}, - {0xE0, 0x1F, 0xE0, 0x1F, 0xF1, 0x0E, 0xF1, 0x0E}, - {0x01, 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1}, - {0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1, 0x01}, - {0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E, 0xFE}, - {0xFE, 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E}, - {0x01, 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E}, - {0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E, 0x01}, - {0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE}, - {0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1}, -}; - -int -DES_is_weak_key(const_DES_cblock *key) -{ - unsigned int i; - - for (i = 0; i < NUM_WEAK_KEY; i++) - if (memcmp(weak_keys[i], key, sizeof(DES_cblock)) == 0) - return 1; - return 0; -} -LCRYPTO_ALIAS(DES_is_weak_key); - -/* NOW DEFINED IN des_local.h - * See ecb_encrypt.c for a pseudo description of these macros. - * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\ - * (b)^=(t),\ - * (a)=((a)^((t)<<(n)))) - */ - -#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)), \ - (a)=(a)^(t)^(t>>(16-(n)))) - -static const DES_LONG des_skb[8][64] = { - { - /* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */ - 0x00000000L, 0x00000010L, 0x20000000L, 0x20000010L, - 0x00010000L, 0x00010010L, 0x20010000L, 0x20010010L, - 0x00000800L, 0x00000810L, 0x20000800L, 0x20000810L, - 0x00010800L, 0x00010810L, 0x20010800L, 0x20010810L, - 0x00000020L, 0x00000030L, 0x20000020L, 0x20000030L, - 0x00010020L, 0x00010030L, 0x20010020L, 0x20010030L, - 0x00000820L, 0x00000830L, 0x20000820L, 0x20000830L, - 0x00010820L, 0x00010830L, 0x20010820L, 0x20010830L, - 0x00080000L, 0x00080010L, 0x20080000L, 0x20080010L, - 0x00090000L, 0x00090010L, 0x20090000L, 0x20090010L, - 0x00080800L, 0x00080810L, 0x20080800L, 0x20080810L, - 0x00090800L, 0x00090810L, 0x20090800L, 0x20090810L, - 0x00080020L, 0x00080030L, 0x20080020L, 0x20080030L, - 0x00090020L, 0x00090030L, 0x20090020L, 0x20090030L, - 0x00080820L, 0x00080830L, 0x20080820L, 0x20080830L, - 0x00090820L, 0x00090830L, 0x20090820L, 0x20090830L, - }, { - /* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */ - 0x00000000L, 0x02000000L, 0x00002000L, 0x02002000L, - 0x00200000L, 0x02200000L, 0x00202000L, 0x02202000L, - 0x00000004L, 0x02000004L, 0x00002004L, 0x02002004L, - 0x00200004L, 0x02200004L, 0x00202004L, 0x02202004L, - 0x00000400L, 0x02000400L, 0x00002400L, 0x02002400L, - 0x00200400L, 0x02200400L, 0x00202400L, 0x02202400L, - 0x00000404L, 0x02000404L, 0x00002404L, 0x02002404L, - 0x00200404L, 0x02200404L, 0x00202404L, 0x02202404L, - 0x10000000L, 0x12000000L, 0x10002000L, 0x12002000L, - 0x10200000L, 0x12200000L, 0x10202000L, 0x12202000L, - 0x10000004L, 0x12000004L, 0x10002004L, 0x12002004L, - 0x10200004L, 0x12200004L, 0x10202004L, 0x12202004L, - 0x10000400L, 0x12000400L, 0x10002400L, 0x12002400L, - 0x10200400L, 0x12200400L, 0x10202400L, 0x12202400L, - 0x10000404L, 0x12000404L, 0x10002404L, 0x12002404L, - 0x10200404L, 0x12200404L, 0x10202404L, 0x12202404L, - }, { - /* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */ - 0x00000000L, 0x00000001L, 0x00040000L, 0x00040001L, - 0x01000000L, 0x01000001L, 0x01040000L, 0x01040001L, - 0x00000002L, 0x00000003L, 0x00040002L, 0x00040003L, - 0x01000002L, 0x01000003L, 0x01040002L, 0x01040003L, - 0x00000200L, 0x00000201L, 0x00040200L, 0x00040201L, - 0x01000200L, 0x01000201L, 0x01040200L, 0x01040201L, - 0x00000202L, 0x00000203L, 0x00040202L, 0x00040203L, - 0x01000202L, 0x01000203L, 0x01040202L, 0x01040203L, - 0x08000000L, 0x08000001L, 0x08040000L, 0x08040001L, - 0x09000000L, 0x09000001L, 0x09040000L, 0x09040001L, - 0x08000002L, 0x08000003L, 0x08040002L, 0x08040003L, - 0x09000002L, 0x09000003L, 0x09040002L, 0x09040003L, - 0x08000200L, 0x08000201L, 0x08040200L, 0x08040201L, - 0x09000200L, 0x09000201L, 0x09040200L, 0x09040201L, - 0x08000202L, 0x08000203L, 0x08040202L, 0x08040203L, - 0x09000202L, 0x09000203L, 0x09040202L, 0x09040203L, - }, { - /* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */ - 0x00000000L, 0x00100000L, 0x00000100L, 0x00100100L, - 0x00000008L, 0x00100008L, 0x00000108L, 0x00100108L, - 0x00001000L, 0x00101000L, 0x00001100L, 0x00101100L, - 0x00001008L, 0x00101008L, 0x00001108L, 0x00101108L, - 0x04000000L, 0x04100000L, 0x04000100L, 0x04100100L, - 0x04000008L, 0x04100008L, 0x04000108L, 0x04100108L, - 0x04001000L, 0x04101000L, 0x04001100L, 0x04101100L, - 0x04001008L, 0x04101008L, 0x04001108L, 0x04101108L, - 0x00020000L, 0x00120000L, 0x00020100L, 0x00120100L, - 0x00020008L, 0x00120008L, 0x00020108L, 0x00120108L, - 0x00021000L, 0x00121000L, 0x00021100L, 0x00121100L, - 0x00021008L, 0x00121008L, 0x00021108L, 0x00121108L, - 0x04020000L, 0x04120000L, 0x04020100L, 0x04120100L, - 0x04020008L, 0x04120008L, 0x04020108L, 0x04120108L, - 0x04021000L, 0x04121000L, 0x04021100L, 0x04121100L, - 0x04021008L, 0x04121008L, 0x04021108L, 0x04121108L, - }, { - /* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */ - 0x00000000L, 0x10000000L, 0x00010000L, 0x10010000L, - 0x00000004L, 0x10000004L, 0x00010004L, 0x10010004L, - 0x20000000L, 0x30000000L, 0x20010000L, 0x30010000L, - 0x20000004L, 0x30000004L, 0x20010004L, 0x30010004L, - 0x00100000L, 0x10100000L, 0x00110000L, 0x10110000L, - 0x00100004L, 0x10100004L, 0x00110004L, 0x10110004L, - 0x20100000L, 0x30100000L, 0x20110000L, 0x30110000L, - 0x20100004L, 0x30100004L, 0x20110004L, 0x30110004L, - 0x00001000L, 0x10001000L, 0x00011000L, 0x10011000L, - 0x00001004L, 0x10001004L, 0x00011004L, 0x10011004L, - 0x20001000L, 0x30001000L, 0x20011000L, 0x30011000L, - 0x20001004L, 0x30001004L, 0x20011004L, 0x30011004L, - 0x00101000L, 0x10101000L, 0x00111000L, 0x10111000L, - 0x00101004L, 0x10101004L, 0x00111004L, 0x10111004L, - 0x20101000L, 0x30101000L, 0x20111000L, 0x30111000L, - 0x20101004L, 0x30101004L, 0x20111004L, 0x30111004L, - }, { - /* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */ - 0x00000000L, 0x08000000L, 0x00000008L, 0x08000008L, - 0x00000400L, 0x08000400L, 0x00000408L, 0x08000408L, - 0x00020000L, 0x08020000L, 0x00020008L, 0x08020008L, - 0x00020400L, 0x08020400L, 0x00020408L, 0x08020408L, - 0x00000001L, 0x08000001L, 0x00000009L, 0x08000009L, - 0x00000401L, 0x08000401L, 0x00000409L, 0x08000409L, - 0x00020001L, 0x08020001L, 0x00020009L, 0x08020009L, - 0x00020401L, 0x08020401L, 0x00020409L, 0x08020409L, - 0x02000000L, 0x0A000000L, 0x02000008L, 0x0A000008L, - 0x02000400L, 0x0A000400L, 0x02000408L, 0x0A000408L, - 0x02020000L, 0x0A020000L, 0x02020008L, 0x0A020008L, - 0x02020400L, 0x0A020400L, 0x02020408L, 0x0A020408L, - 0x02000001L, 0x0A000001L, 0x02000009L, 0x0A000009L, - 0x02000401L, 0x0A000401L, 0x02000409L, 0x0A000409L, - 0x02020001L, 0x0A020001L, 0x02020009L, 0x0A020009L, - 0x02020401L, 0x0A020401L, 0x02020409L, 0x0A020409L, - }, { - /* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */ - 0x00000000L, 0x00000100L, 0x00080000L, 0x00080100L, - 0x01000000L, 0x01000100L, 0x01080000L, 0x01080100L, - 0x00000010L, 0x00000110L, 0x00080010L, 0x00080110L, - 0x01000010L, 0x01000110L, 0x01080010L, 0x01080110L, - 0x00200000L, 0x00200100L, 0x00280000L, 0x00280100L, - 0x01200000L, 0x01200100L, 0x01280000L, 0x01280100L, - 0x00200010L, 0x00200110L, 0x00280010L, 0x00280110L, - 0x01200010L, 0x01200110L, 0x01280010L, 0x01280110L, - 0x00000200L, 0x00000300L, 0x00080200L, 0x00080300L, - 0x01000200L, 0x01000300L, 0x01080200L, 0x01080300L, - 0x00000210L, 0x00000310L, 0x00080210L, 0x00080310L, - 0x01000210L, 0x01000310L, 0x01080210L, 0x01080310L, - 0x00200200L, 0x00200300L, 0x00280200L, 0x00280300L, - 0x01200200L, 0x01200300L, 0x01280200L, 0x01280300L, - 0x00200210L, 0x00200310L, 0x00280210L, 0x00280310L, - 0x01200210L, 0x01200310L, 0x01280210L, 0x01280310L, - }, { - /* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */ - 0x00000000L, 0x04000000L, 0x00040000L, 0x04040000L, - 0x00000002L, 0x04000002L, 0x00040002L, 0x04040002L, - 0x00002000L, 0x04002000L, 0x00042000L, 0x04042000L, - 0x00002002L, 0x04002002L, 0x00042002L, 0x04042002L, - 0x00000020L, 0x04000020L, 0x00040020L, 0x04040020L, - 0x00000022L, 0x04000022L, 0x00040022L, 0x04040022L, - 0x00002020L, 0x04002020L, 0x00042020L, 0x04042020L, - 0x00002022L, 0x04002022L, 0x00042022L, 0x04042022L, - 0x00000800L, 0x04000800L, 0x00040800L, 0x04040800L, - 0x00000802L, 0x04000802L, 0x00040802L, 0x04040802L, - 0x00002800L, 0x04002800L, 0x00042800L, 0x04042800L, - 0x00002802L, 0x04002802L, 0x00042802L, 0x04042802L, - 0x00000820L, 0x04000820L, 0x00040820L, 0x04040820L, - 0x00000822L, 0x04000822L, 0x00040822L, 0x04040822L, - 0x00002820L, 0x04002820L, 0x00042820L, 0x04042820L, - 0x00002822L, 0x04002822L, 0x00042822L, 0x04042822L, - }, -}; - -int -DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule) -{ - if (DES_check_key) { - return DES_set_key_checked(key, schedule); - } else { - DES_set_key_unchecked(key, schedule); - return 0; - } -} -LCRYPTO_ALIAS(DES_set_key); - -/* return 0 if key parity is odd (correct), - * return -1 if key parity error, - * return -2 if illegal weak key. - */ -int -DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule) -{ - if (!DES_check_key_parity(key)) - return (-1); - if (DES_is_weak_key(key)) - return (-2); - DES_set_key_unchecked(key, schedule); - return 0; -} -LCRYPTO_ALIAS(DES_set_key_checked); - -void -DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule) -{ - static const int shifts2[16] = {0, 0,1, 1,1, 1,1, 1,0, 1,1, 1,1, 1,1, 0}; - DES_LONG c, d, t, s, t2; - const unsigned char *in; - DES_LONG *k; - int i; - - k = &schedule->ks->deslong[0]; - in = &(*key)[0]; - - c2l(in, c); - c2l(in, d); - - /* do PC1 in 47 simple operations :-) - * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov) - * for the inspiration. :-) */ - PERM_OP(d, c, t, 4, 0x0f0f0f0fL); - HPERM_OP(c, t, -2, 0xcccc0000L); - HPERM_OP(d, t, -2, 0xcccc0000L); - PERM_OP(d, c, t, 1, 0x55555555L); - PERM_OP(c, d, t, 8, 0x00ff00ffL); - PERM_OP(d, c, t, 1, 0x55555555L); - d = (((d & 0x000000ffL) << 16L) | (d & 0x0000ff00L) | - ((d & 0x00ff0000L) >> 16L)|((c & 0xf0000000L) >> 4L)); - c &= 0x0fffffffL; - - for (i = 0; i < ITERATIONS; i++) { - if (shifts2[i]) { - c = ((c >> 2L)|(c << 26L)); - d = ((d >> 2L)|(d << 26L)); - } else { - c = ((c >> 1L)|(c << 27L)); - d = ((d >> 1L)|(d << 27L)); - } - c &= 0x0fffffffL; - d &= 0x0fffffffL; - /* could be a few less shifts but I am to lazy at this - * point in time to investigate */ - s = des_skb[0][(c)&0x3f]| - des_skb[1][((c >> 6L) & 0x03)|((c >> 7L) & 0x3c)]| - des_skb[2][((c >> 13L) & 0x0f)|((c >> 14L) & 0x30)]| - des_skb[3][((c >> 20L) & 0x01)|((c >> 21L) & 0x06) | - ((c >> 22L) & 0x38)]; - t = des_skb[4][(d)&0x3f]| - des_skb[5][((d >> 7L) & 0x03)|((d >> 8L) & 0x3c)]| - des_skb[6][(d >> 15L) & 0x3f]| - des_skb[7][((d >> 21L) & 0x0f)|((d >> 22L) & 0x30)]; - - /* table contained 0213 4657 */ - t2 = ((t << 16L)|(s & 0x0000ffffL)) & 0xffffffffL; - *(k++) = ROTATE(t2, 30) & 0xffffffffL; - - t2 = ((s >> 16L)|(t & 0xffff0000L)); - *(k++) = ROTATE(t2, 26) & 0xffffffffL; - } -} -LCRYPTO_ALIAS(DES_set_key_unchecked); - -int -DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule) -{ - return (DES_set_key(key, schedule)); -} -LCRYPTO_ALIAS(DES_key_sched); - -int -DES_random_key(DES_cblock *ret) -{ - do { - arc4random_buf(ret, sizeof(DES_cblock)); - DES_set_odd_parity(ret); - } while (DES_is_weak_key(ret)); - return (1); -} -LCRYPTO_ALIAS(DES_random_key); - -void -DES_string_to_key(const char *str, DES_cblock *key) -{ - DES_key_schedule ks; - int i, length; - unsigned char j; - - memset(key, 0, 8); - length = strlen(str); -#ifdef OLD_STR_TO_KEY - for (i = 0; i < length; i++) - (*key)[i % 8] ^= (str[i] << 1); -#else /* MIT COMPATIBLE */ - for (i = 0; i < length; i++) { - j = str[i]; - if ((i % 16) < 8) - (*key)[i % 8] ^= (j << 1); - else { - /* Reverse the bit order 05/05/92 eay */ - j = ((j << 4) & 0xf0)|((j >> 4) & 0x0f); - j = ((j << 2) & 0xcc)|((j >> 2) & 0x33); - j = ((j << 1) & 0xaa)|((j >> 1) & 0x55); - (*key)[7 - (i % 8)] ^= j; - } - } -#endif - DES_set_odd_parity(key); -#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY - if (DES_is_weak_key(key)) - (*key)[7] ^= 0xF0; - DES_set_key(key, &ks); -#else - DES_set_key_unchecked(key, &ks); -#endif - DES_cbc_cksum((const unsigned char *)str, key, length, &ks, key); - explicit_bzero(&ks, sizeof(ks)); - DES_set_odd_parity(key); -} -LCRYPTO_ALIAS(DES_string_to_key); - -void -DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2) -{ - DES_key_schedule ks; - int i, length; - unsigned char j; - - memset(key1, 0, 8); - memset(key2, 0, 8); - length = strlen(str); -#ifdef OLD_STR_TO_KEY - if (length <= 8) { - for (i = 0; i < length; i++) { - (*key2)[i] = (*key1)[i] = (str[i] << 1); - } - } else { - for (i = 0; i < length; i++) { - if ((i/8) & 1) - (*key2)[i % 8] ^= (str[i] << 1); - else - (*key1)[i % 8] ^= (str[i] << 1); - } - } -#else /* MIT COMPATIBLE */ - for (i = 0; i < length; i++) { - j = str[i]; - if ((i % 32) < 16) { - if ((i % 16) < 8) - (*key1)[i % 8] ^= (j << 1); - else - (*key2)[i % 8] ^= (j << 1); - } else { - j = ((j << 4) & 0xf0)|((j >> 4) & 0x0f); - j = ((j << 2) & 0xcc)|((j >> 2) & 0x33); - j = ((j << 1) & 0xaa)|((j >> 1) & 0x55); - if ((i % 16) < 8) - (*key1)[7 - (i % 8)] ^= j; - else - (*key2)[7 - (i % 8)] ^= j; - } - } - if (length <= 8) - memcpy(key2, key1, 8); -#endif - DES_set_odd_parity(key1); - DES_set_odd_parity(key2); -#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY - if (DES_is_weak_key(key1)) - (*key1)[7] ^= 0xF0; - DES_set_key(key1, &ks); -#else - DES_set_key_unchecked(key1, &ks); -#endif - DES_cbc_cksum((const unsigned char *)str, key1, length, &ks, key1); -#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY - if (DES_is_weak_key(key2)) - (*key2)[7] ^= 0xF0; - DES_set_key(key2, &ks); -#else - DES_set_key_unchecked(key2, &ks); -#endif - DES_cbc_cksum((const unsigned char *)str, key2, length, &ks, key2); - explicit_bzero(&ks, sizeof(ks)); - DES_set_odd_parity(key1); - DES_set_odd_parity(key2); -} -LCRYPTO_ALIAS(DES_string_to_2keys); diff --git a/src/lib/libcrypto/des/des_local.h b/src/lib/libcrypto/des/des_local.h deleted file mode 100644 index 61bfde7520..0000000000 --- a/src/lib/libcrypto/des/des_local.h +++ /dev/null @@ -1,226 +0,0 @@ -/* $OpenBSD: des_local.h,v 1.5 2024/08/31 16:22:18 jsing Exp $ */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_DES_LOCL_H -#define HEADER_DES_LOCL_H - -#include -#include -#include -#include -#include -#include - -#include - -#include - -__BEGIN_HIDDEN_DECLS - -#define ITERATIONS 16 - -#define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \ - l|=((DES_LONG)(*((c)++)))<< 8L, \ - l|=((DES_LONG)(*((c)++)))<<16L, \ - l|=((DES_LONG)(*((c)++)))<<24L) - -/* NOTE - c is not incremented as per c2l */ -#define c2ln(c,l1,l2,n) { \ - c+=n; \ - l1=l2=0; \ - switch (n) { \ - case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \ - case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \ - case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \ - case 5: l2|=((DES_LONG)(*(--(c)))); \ - case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \ - case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \ - case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \ - case 1: l1|=((DES_LONG)(*(--(c)))); \ - } \ - } - -#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>24L)&0xff)) - -/* NOTE - c is not incremented as per l2c */ -#define l2cn(l1,l2,c,n) { \ - c+=n; \ - switch (n) { \ - case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff);\ - case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff);\ - case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff);\ - case 5: *(--(c))=(unsigned char)(((l2) )&0xff);\ - case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff);\ - case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff);\ - case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff);\ - case 1: *(--(c))=(unsigned char)(((l1) )&0xff);\ - } \ - } - -static inline uint32_t -ROTATE(uint32_t a, uint32_t n) -{ - return (a >> n) + (a << (32 - n)); -} - -/* Don't worry about the LOAD_DATA() stuff, that is used by - * fcrypt() to add it's little bit to the front */ - -#ifdef DES_FCRYPT - -#define LOAD_DATA_tmp(R,S,u,t,E0,E1) \ - { DES_LONG tmp; LOAD_DATA(R,S,u,t,E0,E1,tmp); } - -#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \ - t=R^(R>>16L); \ - u=t&E0; t&=E1; \ - tmp=(u<<16); u^=R^s[S ]; u^=tmp; \ - tmp=(t<<16); t^=R^s[S+1]; t^=tmp -#else -#define LOAD_DATA_tmp(a,b,c,d,e,f) LOAD_DATA(a,b,c,d,e,f,g) -#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \ - u=R^s[S ]; \ - t=R^s[S+1] -#endif - -#define D_ENCRYPT(LL,R,S) { \ - LOAD_DATA_tmp(R,S,u,t,E0,E1); \ - t=ROTATE(t,4); \ - LL^= \ - DES_SPtrans[0][(u>> 2L)&0x3f]^ \ - DES_SPtrans[2][(u>>10L)&0x3f]^ \ - DES_SPtrans[4][(u>>18L)&0x3f]^ \ - DES_SPtrans[6][(u>>26L)&0x3f]^ \ - DES_SPtrans[1][(t>> 2L)&0x3f]^ \ - DES_SPtrans[3][(t>>10L)&0x3f]^ \ - DES_SPtrans[5][(t>>18L)&0x3f]^ \ - DES_SPtrans[7][(t>>26L)&0x3f]; } - - /* IP and FP - * The problem is more of a geometric problem that random bit fiddling. - 0 1 2 3 4 5 6 7 62 54 46 38 30 22 14 6 - 8 9 10 11 12 13 14 15 60 52 44 36 28 20 12 4 - 16 17 18 19 20 21 22 23 58 50 42 34 26 18 10 2 - 24 25 26 27 28 29 30 31 to 56 48 40 32 24 16 8 0 - - 32 33 34 35 36 37 38 39 63 55 47 39 31 23 15 7 - 40 41 42 43 44 45 46 47 61 53 45 37 29 21 13 5 - 48 49 50 51 52 53 54 55 59 51 43 35 27 19 11 3 - 56 57 58 59 60 61 62 63 57 49 41 33 25 17 9 1 - - The output has been subject to swaps of the form - 0 1 -> 3 1 but the odd and even bits have been put into - 2 3 2 0 - different words. The main trick is to remember that - t=((l>>size)^r)&(mask); - r^=t; - l^=(t<>(n))^(b))&(m)), \ - (b)^=(t), \ - (a)^=((t)<<(n))) - -#define IP(l,r) \ - { \ - DES_LONG tt; \ - PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \ - PERM_OP(l,r,tt,16,0x0000ffffL); \ - PERM_OP(r,l,tt, 2,0x33333333L); \ - PERM_OP(l,r,tt, 8,0x00ff00ffL); \ - PERM_OP(r,l,tt, 1,0x55555555L); \ - } - -#define FP(l,r) \ - { \ - DES_LONG tt; \ - PERM_OP(l,r,tt, 1,0x55555555L); \ - PERM_OP(r,l,tt, 8,0x00ff00ffL); \ - PERM_OP(l,r,tt, 2,0x33333333L); \ - PERM_OP(r,l,tt,16,0x0000ffffL); \ - PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \ - } - -extern const DES_LONG DES_SPtrans[8][64]; - -#ifdef OPENSSL_SMALL_FOOTPRINT -#undef DES_UNROLL -#endif - -__END_HIDDEN_DECLS - -#endif diff --git a/src/lib/libcrypto/dh/dh.h b/src/lib/libcrypto/dh/dh.h deleted file mode 100644 index 04bda3fac7..0000000000 --- a/src/lib/libcrypto/dh/dh.h +++ /dev/null @@ -1,245 +0,0 @@ -/* $OpenBSD: dh.h,v 1.38 2025/01/25 17:59:44 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_DH_H -#define HEADER_DH_H - -#include - -#ifndef OPENSSL_NO_BIO -#include -#endif -#include -#include - -#ifndef OPENSSL_DH_MAX_MODULUS_BITS -# define OPENSSL_DH_MAX_MODULUS_BITS 10000 -#endif - -#define DH_FLAG_CACHE_MONT_P 0x01 - -/* If this flag is set the DH method is FIPS compliant and can be used - * in FIPS mode. This is set in the validated module method. If an - * application sets this flag in its own methods it is its reposibility - * to ensure the result is compliant. - */ - -#define DH_FLAG_FIPS_METHOD 0x0400 - -/* If this flag is set the operations normally disabled in FIPS mode are - * permitted it is then the applications responsibility to ensure that the - * usage is compliant. - */ - -#define DH_FLAG_NON_FIPS_ALLOW 0x0400 - -#ifdef __cplusplus -extern "C" { -#endif - -#define DH_GENERATOR_2 2 -/* #define DH_GENERATOR_3 3 */ -#define DH_GENERATOR_5 5 - -/* DH_check error codes */ -#define DH_CHECK_P_NOT_PRIME 0x01 -#define DH_CHECK_P_NOT_SAFE_PRIME 0x02 -#define DH_UNABLE_TO_CHECK_GENERATOR 0x04 -#define DH_NOT_SUITABLE_GENERATOR 0x08 -#define DH_CHECK_Q_NOT_PRIME 0x10 -#define DH_CHECK_INVALID_Q_VALUE 0x20 -#define DH_CHECK_INVALID_J_VALUE 0x40 - -/* DH_check_pub_key error codes */ -#define DH_CHECK_PUBKEY_TOO_SMALL 0x01 -#define DH_CHECK_PUBKEY_TOO_LARGE 0x02 -#define DH_CHECK_PUBKEY_INVALID 0x04 - -/* primes p where (p-1)/2 is prime too are called "safe"; we define - this for backward compatibility: */ -#define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME - -DH *d2i_DHparams_bio(BIO *bp, DH **a); -int i2d_DHparams_bio(BIO *bp, DH *a); -DH *d2i_DHparams_fp(FILE *fp, DH **a); -int i2d_DHparams_fp(FILE *fp, DH *a); - -DH *DHparams_dup(DH *); - -const DH_METHOD *DH_OpenSSL(void); - -void DH_set_default_method(const DH_METHOD *meth); -const DH_METHOD *DH_get_default_method(void); -int DH_set_method(DH *dh, const DH_METHOD *meth); -DH *DH_new_method(ENGINE *engine); - -DH * DH_new(void); -void DH_free(DH *dh); -int DH_up_ref(DH *dh); -int DH_size(const DH *dh); -int DH_bits(const DH *dh); -int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int DH_set_ex_data(DH *d, int idx, void *arg); -void *DH_get_ex_data(DH *d, int idx); -int DH_security_bits(const DH *dh); - -ENGINE *DH_get0_engine(DH *d); -void DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, - const BIGNUM **g); -int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g); -void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key); -int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key); -const BIGNUM *DH_get0_p(const DH *dh); -const BIGNUM *DH_get0_q(const DH *dh); -const BIGNUM *DH_get0_g(const DH *dh); -const BIGNUM *DH_get0_priv_key(const DH *dh); -const BIGNUM *DH_get0_pub_key(const DH *dh); -void DH_clear_flags(DH *dh, int flags); -int DH_test_flags(const DH *dh, int flags); -void DH_set_flags(DH *dh, int flags); -long DH_get_length(const DH *dh); -int DH_set_length(DH *dh, long length); - -/* - * Wrapped in OPENSSL_NO_DEPRECATED in 0.9.8, added to rust-openssl in 2020, - * for "advanced DH support". - */ -DH * DH_generate_parameters(int prime_len,int generator, - void (*callback)(int,int,void *),void *cb_arg); - -/* New version */ -int DH_generate_parameters_ex(DH *dh, int prime_len,int generator, BN_GENCB *cb); - -int DH_check(const DH *dh,int *codes); -int DH_check_pub_key(const DH *dh,const BIGNUM *pub_key, int *codes); -int DH_generate_key(DH *dh); -int DH_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh); -DH * d2i_DHparams(DH **a,const unsigned char **pp, long length); -int i2d_DHparams(const DH *a,unsigned char **pp); -int DHparams_print_fp(FILE *fp, const DH *x); -#ifndef OPENSSL_NO_BIO -int DHparams_print(BIO *bp, const DH *x); -#else -int DHparams_print(char *bp, const DH *x); -#endif - -#define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \ - EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL) - -#define EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, gen) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \ - EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL) - -#define EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN (EVP_PKEY_ALG_CTRL + 1) -#define EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR (EVP_PKEY_ALG_CTRL + 2) - - -void ERR_load_DH_strings(void); - -/* Error codes for the DH functions. */ - -/* Function codes. */ -#define DH_F_COMPUTE_KEY 102 -#define DH_F_DHPARAMS_PRINT_FP 101 -#define DH_F_DH_BUILTIN_GENPARAMS 106 -#define DH_F_DH_COMPUTE_KEY 114 -#define DH_F_DH_GENERATE_KEY 115 -#define DH_F_DH_GENERATE_PARAMETERS_EX 116 -#define DH_F_DH_NEW_METHOD 105 -#define DH_F_DH_PARAM_DECODE 107 -#define DH_F_DH_PRIV_DECODE 110 -#define DH_F_DH_PRIV_ENCODE 111 -#define DH_F_DH_PUB_DECODE 108 -#define DH_F_DH_PUB_ENCODE 109 -#define DH_F_DO_DH_PRINT 100 -#define DH_F_GENERATE_KEY 103 -#define DH_F_GENERATE_PARAMETERS 104 -#define DH_F_PKEY_DH_DERIVE 112 -#define DH_F_PKEY_DH_KEYGEN 113 - -/* Reason codes. */ -#define DH_R_BAD_GENERATOR 101 -#define DH_R_BN_DECODE_ERROR 109 -#define DH_R_BN_ERROR 106 -#define DH_R_DECODE_ERROR 104 -#define DH_R_INVALID_PUBKEY 102 -#define DH_R_KEYS_NOT_SET 108 -#define DH_R_KEY_SIZE_TOO_SMALL 110 -#define DH_R_MODULUS_TOO_LARGE 103 -#define DH_R_NON_FIPS_METHOD 111 -#define DH_R_NO_PARAMETERS_SET 107 -#define DH_R_NO_PRIVATE_VALUE 100 -#define DH_R_PARAMETER_ENCODING_ERROR 105 -#define DH_R_CHECK_INVALID_J_VALUE 115 -#define DH_R_CHECK_INVALID_Q_VALUE 116 -#define DH_R_CHECK_PUBKEY_INVALID 122 -#define DH_R_CHECK_PUBKEY_TOO_LARGE 123 -#define DH_R_CHECK_PUBKEY_TOO_SMALL 124 -#define DH_R_CHECK_P_NOT_PRIME 117 -#define DH_R_CHECK_P_NOT_SAFE_PRIME 118 -#define DH_R_CHECK_Q_NOT_PRIME 119 -#define DH_R_MISSING_PUBKEY 125 -#define DH_R_NOT_SUITABLE_GENERATOR 120 -#define DH_R_UNABLE_TO_CHECK_GENERATOR 121 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/dh/dh_ameth.c b/src/lib/libcrypto/dh/dh_ameth.c deleted file mode 100644 index 289307bfd6..0000000000 --- a/src/lib/libcrypto/dh/dh_ameth.c +++ /dev/null @@ -1,527 +0,0 @@ -/* $OpenBSD: dh_ameth.c,v 1.42 2025/01/17 05:04:25 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2006. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include -#include -#include - -#include "asn1_local.h" -#include "bn_local.h" -#include "dh_local.h" -#include "evp_local.h" - -static void -dh_free(EVP_PKEY *pkey) -{ - DH_free(pkey->pkey.dh); -} - -static int -dh_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) -{ - X509_ALGOR *algor; - int ptype; - const void *pval; - const ASN1_STRING *astr; - const unsigned char *key, *params, *p; - int key_len, params_len; - ASN1_INTEGER *aint = NULL; - DH *dh = NULL; - int ret = 0; - - if (!X509_PUBKEY_get0_param(NULL, &key, &key_len, &algor, pubkey)) - goto err; - X509_ALGOR_get0(NULL, &ptype, &pval, algor); - - if (ptype != V_ASN1_SEQUENCE) { - DHerror(DH_R_PARAMETER_ENCODING_ERROR); - goto err; - } - - astr = pval; - params = astr->data; - params_len = astr->length; - - p = params; - if ((dh = d2i_DHparams(NULL, &p, params_len)) == NULL) { - DHerror(DH_R_DECODE_ERROR); - goto err; - } - p = key; - if ((aint = d2i_ASN1_INTEGER(NULL, &p, key_len)) == NULL) { - DHerror(DH_R_DECODE_ERROR); - goto err; - } - BN_free(dh->pub_key); - if ((dh->pub_key = ASN1_INTEGER_to_BN(aint, NULL)) == NULL) { - DHerror(DH_R_BN_DECODE_ERROR); - goto err; - } - - if (!EVP_PKEY_assign_DH(pkey, dh)) - goto err; - dh = NULL; - - ret = 1; - - err: - ASN1_INTEGER_free(aint); - DH_free(dh); - - return ret; -} - -static int -dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) -{ - const DH *dh = pkey->pkey.dh; - ASN1_STRING *astr = NULL; - int ptype = V_ASN1_SEQUENCE; - ASN1_INTEGER *aint = NULL; - ASN1_OBJECT *aobj; - unsigned char *params = NULL, *key = NULL; - int params_len = 0, key_len = 0; - int ret = 0; - - if ((params_len = i2d_DHparams(dh, ¶ms)) <= 0) { - DHerror(ERR_R_MALLOC_FAILURE); - params_len = 0; - goto err; - } - if ((astr = ASN1_STRING_new()) == NULL) { - DHerror(ERR_R_MALLOC_FAILURE); - goto err; - } - ASN1_STRING_set0(astr, params, params_len); - params = NULL; - params_len = 0; - - if ((aint = BN_to_ASN1_INTEGER(dh->pub_key, NULL)) == NULL) - goto err; - if ((key_len = i2d_ASN1_INTEGER(aint, &key)) <= 0) { - DHerror(ERR_R_MALLOC_FAILURE); - key_len = 0; - goto err; - } - - if ((aobj = OBJ_nid2obj(EVP_PKEY_DH)) == NULL) - goto err; - if (!X509_PUBKEY_set0_param(pk, aobj, ptype, astr, key, key_len)) - goto err; - astr = NULL; - key = NULL; - key_len = 0; - - ret = 1; - - err: - ASN1_STRING_free(astr); - ASN1_INTEGER_free(aint); - freezero(params, params_len); - freezero(key, key_len); - - return ret; -} - -/* - * PKCS#8 DH is defined in PKCS#11 of all places. It is similar to DH in - * that the AlgorithmIdentifier contains the parameters, the private key - * is explicitly included and the pubkey must be recalculated. - */ - -static int -dh_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8) -{ - const X509_ALGOR *algor; - int ptype; - const void *pval; - const ASN1_STRING *astr; - const unsigned char *key, *params, *p; - int key_len, params_len; - ASN1_INTEGER *aint = NULL; - DH *dh = NULL; - int ret = 0; - - if (!PKCS8_pkey_get0(NULL, &key, &key_len, &algor, p8)) - goto err; - X509_ALGOR_get0(NULL, &ptype, &pval, algor); - - if (ptype != V_ASN1_SEQUENCE) { - DHerror(DH_R_PARAMETER_ENCODING_ERROR); - goto err; - } - - astr = pval; - params = astr->data; - params_len = astr->length; - - p = params; - if ((dh = d2i_DHparams(NULL, &p, params_len)) == NULL) { - DHerror(DH_R_DECODE_ERROR); - goto err; - } - p = key; - if ((aint = d2i_ASN1_INTEGER(NULL, &p, key_len)) == NULL) { - DHerror(DH_R_DECODE_ERROR); - goto err; - } - BN_free(dh->priv_key); - if ((dh->priv_key = ASN1_INTEGER_to_BN(aint, NULL)) == NULL) { - DHerror(DH_R_BN_DECODE_ERROR); - goto err; - } - if (!DH_generate_key(dh)) - goto err; - - if (!EVP_PKEY_assign_DH(pkey, dh)) - goto err; - dh = NULL; - - ret = 1; - - err: - ASN1_INTEGER_free(aint); - DH_free(dh); - - return ret; -} - -static int -dh_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) -{ - const DH *dh = pkey->pkey.dh; - ASN1_STRING *astr = NULL; - int ptype = V_ASN1_SEQUENCE; - ASN1_INTEGER *aint = NULL; - ASN1_OBJECT *aobj; - unsigned char *params = NULL, *key = NULL; - int params_len = 0, key_len = 0; - int ret = 0; - - if ((params_len = i2d_DHparams(dh, ¶ms)) <= 0) { - DHerror(ERR_R_MALLOC_FAILURE); - params_len = 0; - goto err; - } - if ((astr = ASN1_STRING_type_new(V_ASN1_SEQUENCE)) == NULL) { - DHerror(ERR_R_MALLOC_FAILURE); - goto err; - } - ASN1_STRING_set0(astr, params, params_len); - params = NULL; - params_len = 0; - - if ((aint = BN_to_ASN1_INTEGER(dh->priv_key, NULL)) == NULL) { - DHerror(DH_R_BN_ERROR); - goto err; - } - if ((key_len = i2d_ASN1_INTEGER(aint, &key)) <= 0) { - DHerror(ERR_R_MALLOC_FAILURE); - key_len = 0; - goto err; - } - - if ((aobj = OBJ_nid2obj(NID_dhKeyAgreement)) == NULL) - goto err; - if (!PKCS8_pkey_set0(p8, aobj, 0, ptype, astr, key, key_len)) - goto err; - astr = NULL; - key = NULL; - key_len = 0; - - ret = 1; - - err: - ASN1_STRING_free(astr); - ASN1_INTEGER_free(aint); - freezero(params, params_len); - freezero(key, key_len); - - return ret; -} - -static int -dh_param_decode(EVP_PKEY *pkey, const unsigned char **params, int params_len) -{ - DH *dh = NULL; - int ret = 0; - - if ((dh = d2i_DHparams(NULL, params, params_len)) == NULL) { - DHerror(ERR_R_DH_LIB); - goto err; - } - if (!EVP_PKEY_assign_DH(pkey, dh)) - goto err; - dh = NULL; - - ret = 1; - - err: - DH_free(dh); - - return ret; -} - -static int -dh_param_encode(const EVP_PKEY *pkey, unsigned char **params) -{ - return i2d_DHparams(pkey->pkey.dh, params); -} - -static int -do_dh_print(BIO *bp, const DH *x, int indent, ASN1_PCTX *ctx, int ptype) -{ - int reason = ERR_R_BUF_LIB, ret = 0; - const char *ktype = NULL; - BIGNUM *priv_key, *pub_key; - - if (ptype == 2) - priv_key = x->priv_key; - else - priv_key = NULL; - - if (ptype > 0) - pub_key = x->pub_key; - else - pub_key = NULL; - - if (ptype == 2) - ktype = "PKCS#3 DH Private-Key"; - else if (ptype == 1) - ktype = "PKCS#3 DH Public-Key"; - else - ktype = "PKCS#3 DH Parameters"; - - if (x->p == NULL) { - reason = ERR_R_PASSED_NULL_PARAMETER; - goto err; - } - - if (!BIO_indent(bp, indent, 128)) - goto err; - if (BIO_printf(bp, "%s: (%d bit)\n", ktype, BN_num_bits(x->p)) <= 0) - goto err; - indent += 4; - - if (!bn_printf(bp, priv_key, indent, "private-key:")) - goto err; - if (!bn_printf(bp, pub_key, indent, "public-key:")) - goto err; - - if (!bn_printf(bp, x->p, indent, "prime:")) - goto err; - if (!bn_printf(bp, x->g, indent, "generator:")) - goto err; - if (x->length != 0) { - if (!BIO_indent(bp, indent, 128)) - goto err; - if (BIO_printf(bp, "recommended-private-length: %d bits\n", - (int)x->length) <= 0) - goto err; - } - - ret = 1; - if (0) { - err: - DHerror(reason); - } - return(ret); -} - -static int -dh_size(const EVP_PKEY *pkey) -{ - return DH_size(pkey->pkey.dh); -} - -static int -dh_bits(const EVP_PKEY *pkey) -{ - return BN_num_bits(pkey->pkey.dh->p); -} - -static int -dh_security_bits(const EVP_PKEY *pkey) -{ - return DH_security_bits(pkey->pkey.dh); -} - -static int -dh_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) -{ - if (BN_cmp(a->pkey.dh->p, b->pkey.dh->p) || - BN_cmp(a->pkey.dh->g, b->pkey.dh->g)) - return 0; - else - return 1; -} - -static int -dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) -{ - BIGNUM *a; - - if ((a = BN_dup(from->pkey.dh->p)) == NULL) - return 0; - BN_free(to->pkey.dh->p); - to->pkey.dh->p = a; - - if ((a = BN_dup(from->pkey.dh->g)) == NULL) - return 0; - BN_free(to->pkey.dh->g); - to->pkey.dh->g = a; - - return 1; -} - -static int -dh_missing_parameters(const EVP_PKEY *pkey) -{ - const DH *dh = pkey->pkey.dh; - - return dh->p == NULL || dh->g == NULL; -} - -static int -dh_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) -{ - if (dh_cmp_parameters(a, b) == 0) - return 0; - if (BN_cmp(b->pkey.dh->pub_key, a->pkey.dh->pub_key) != 0) - return 0; - else - return 1; -} - -static int -dh_param_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx) -{ - return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 0); -} - -static int -dh_public_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx) -{ - return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 1); -} - -static int -dh_private_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx) -{ - return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 2); -} - -int -DHparams_print(BIO *bp, const DH *x) -{ - return do_dh_print(bp, x, 4, NULL, 0); -} -LCRYPTO_ALIAS(DHparams_print); - -int -DHparams_print_fp(FILE *fp, const DH *x) -{ - BIO *b; - int ret; - - if ((b = BIO_new(BIO_s_file())) == NULL) { - DHerror(ERR_R_BUF_LIB); - return 0; - } - - BIO_set_fp(b, fp, BIO_NOCLOSE); - ret = DHparams_print(b, x); - BIO_free(b); - - return ret; -} -LCRYPTO_ALIAS(DHparams_print_fp); - -const EVP_PKEY_ASN1_METHOD dh_asn1_meth = { - .base_method = &dh_asn1_meth, - .pkey_id = EVP_PKEY_DH, - - .pem_str = "DH", - .info = "OpenSSL PKCS#3 DH method", - - .pub_decode = dh_pub_decode, - .pub_encode = dh_pub_encode, - .pub_cmp = dh_pub_cmp, - .pub_print = dh_public_print, - - .priv_decode = dh_priv_decode, - .priv_encode = dh_priv_encode, - .priv_print = dh_private_print, - - .pkey_size = dh_size, - .pkey_bits = dh_bits, - .pkey_security_bits = dh_security_bits, - - .param_decode = dh_param_decode, - .param_encode = dh_param_encode, - .param_missing = dh_missing_parameters, - .param_copy = dh_copy_parameters, - .param_cmp = dh_cmp_parameters, - .param_print = dh_param_print, - - .pkey_free = dh_free, -}; diff --git a/src/lib/libcrypto/dh/dh_asn1.c b/src/lib/libcrypto/dh/dh_asn1.c deleted file mode 100644 index 6731669c83..0000000000 --- a/src/lib/libcrypto/dh/dh_asn1.c +++ /dev/null @@ -1,176 +0,0 @@ -/* $OpenBSD: dh_asn1.c,v 1.13 2024/04/15 15:47:37 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include -#include - -#include "dh_local.h" - -/* Override the default free and new methods */ -static int -dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) -{ - if (operation == ASN1_OP_NEW_PRE) { - *pval = (ASN1_VALUE *)DH_new(); - if (*pval) - return 2; - return 0; - } else if (operation == ASN1_OP_FREE_PRE) { - DH_free((DH *)*pval); - *pval = NULL; - return 2; - } - return 1; -} - -static const ASN1_AUX DHparams_aux = { - .app_data = NULL, - .flags = 0, - .ref_offset = 0, - .ref_lock = 0, - .asn1_cb = dh_cb, - .enc_offset = 0, -}; -static const ASN1_TEMPLATE DHparams_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(DH, p), - .field_name = "p", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(DH, g), - .field_name = "g", - .item = &BIGNUM_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(DH, length), - .field_name = "length", - .item = &ZLONG_it, - }, -}; - -static const ASN1_ITEM DHparams_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = DHparams_seq_tt, - .tcount = sizeof(DHparams_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &DHparams_aux, - .size = sizeof(DH), - .sname = "DH", -}; - - -DH * -d2i_DHparams(DH **a, const unsigned char **in, long len) -{ - return (DH *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &DHparams_it); -} -LCRYPTO_ALIAS(d2i_DHparams); - -int -i2d_DHparams(const DH *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &DHparams_it); -} -LCRYPTO_ALIAS(i2d_DHparams); - -DH * -d2i_DHparams_bio(BIO *bp, DH **a) -{ - return ASN1_item_d2i_bio(&DHparams_it, bp, a); -} -LCRYPTO_ALIAS(d2i_DHparams_bio); - -int -i2d_DHparams_bio(BIO *bp, DH *a) -{ - return ASN1_item_i2d_bio(&DHparams_it, bp, a); -} -LCRYPTO_ALIAS(i2d_DHparams_bio); - -DH * -d2i_DHparams_fp(FILE *fp, DH **a) -{ - return ASN1_item_d2i_fp(&DHparams_it, fp, a); -} -LCRYPTO_ALIAS(d2i_DHparams_fp); - -int -i2d_DHparams_fp(FILE *fp, DH *a) -{ - return ASN1_item_i2d_fp(&DHparams_it, fp, a); -} -LCRYPTO_ALIAS(i2d_DHparams_fp); - -DH * -DHparams_dup(DH *dh) -{ - return ASN1_item_dup(&DHparams_it, dh); -} -LCRYPTO_ALIAS(DHparams_dup); diff --git a/src/lib/libcrypto/dh/dh_check.c b/src/lib/libcrypto/dh/dh_check.c deleted file mode 100644 index a880f9fca1..0000000000 --- a/src/lib/libcrypto/dh/dh_check.c +++ /dev/null @@ -1,237 +0,0 @@ -/* $OpenBSD: dh_check.c,v 1.30 2024/11/29 15:59:57 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include -#include - -#include "bn_local.h" -#include "dh_local.h" - -#define DH_NUMBER_ITERATIONS_FOR_PRIME 64 - -/* - * Check that p is odd and 1 < g < p - 1. - */ - -static int -DH_check_params(const DH *dh, int *flags) -{ - BIGNUM *max_g = NULL; - int ok = 0; - - *flags = 0; - - if (!BN_is_odd(dh->p)) - *flags |= DH_CHECK_P_NOT_PRIME; - - /* - * Check that 1 < dh->g < p - 1 - */ - - if (BN_cmp(dh->g, BN_value_one()) <= 0) - *flags |= DH_NOT_SUITABLE_GENERATOR; - /* max_g = p - 1 */ - if ((max_g = BN_dup(dh->p)) == NULL) - goto err; - if (!BN_sub_word(max_g, 1)) - goto err; - /* check that g < max_g */ - if (BN_cmp(dh->g, max_g) >= 0) - *flags |= DH_NOT_SUITABLE_GENERATOR; - - ok = 1; - - err: - BN_free(max_g); - - return ok; -} - -/* - * Check that p is a safe prime and that g is a suitable generator. - */ - -int -DH_check(const DH *dh, int *flags) -{ - BN_CTX *ctx = NULL; - int is_prime; - int ok = 0; - - *flags = 0; - - if (!DH_check_params(dh, flags)) - goto err; - - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - BN_CTX_start(ctx); - - if (dh->q != NULL) { - BIGNUM *residue; - - if ((residue = BN_CTX_get(ctx)) == NULL) - goto err; - if ((*flags & DH_NOT_SUITABLE_GENERATOR) == 0) { - /* Check g^q == 1 mod p */ - if (!BN_mod_exp_ct(residue, dh->g, dh->q, dh->p, ctx)) - goto err; - if (!BN_is_one(residue)) - *flags |= DH_NOT_SUITABLE_GENERATOR; - } - is_prime = BN_is_prime_ex(dh->q, DH_NUMBER_ITERATIONS_FOR_PRIME, - ctx, NULL); - if (is_prime < 0) - goto err; - if (is_prime == 0) - *flags |= DH_CHECK_Q_NOT_PRIME; - /* Check p == 1 mod q, i.e., q divides p - 1 */ - if (!BN_div_ct(NULL, residue, dh->p, dh->q, ctx)) - goto err; - if (!BN_is_one(residue)) - *flags |= DH_CHECK_INVALID_Q_VALUE; - } - - is_prime = BN_is_prime_ex(dh->p, DH_NUMBER_ITERATIONS_FOR_PRIME, - ctx, NULL); - if (is_prime < 0) - goto err; - if (is_prime == 0) - *flags |= DH_CHECK_P_NOT_PRIME; - else if (dh->q == NULL) { - BIGNUM *q; - - if ((q = BN_CTX_get(ctx)) == NULL) - goto err; - if (!BN_rshift1(q, dh->p)) - goto err; - is_prime = BN_is_prime_ex(q, DH_NUMBER_ITERATIONS_FOR_PRIME, - ctx, NULL); - if (is_prime < 0) - goto err; - if (is_prime == 0) - *flags |= DH_CHECK_P_NOT_SAFE_PRIME; - } - - ok = 1; - - err: - BN_CTX_end(ctx); - BN_CTX_free(ctx); - return ok; -} -LCRYPTO_ALIAS(DH_check); - -int -DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *flags) -{ - BN_CTX *ctx = NULL; - BIGNUM *max_pub_key; - int ok = 0; - - *flags = 0; - - if ((ctx = BN_CTX_new()) == NULL) - goto err; - BN_CTX_start(ctx); - if ((max_pub_key = BN_CTX_get(ctx)) == NULL) - goto err; - - /* - * Check that 1 < pub_key < dh->p - 1 - */ - - if (BN_cmp(pub_key, BN_value_one()) <= 0) - *flags |= DH_CHECK_PUBKEY_TOO_SMALL; - - /* max_pub_key = dh->p - 1 */ - if (!BN_sub(max_pub_key, dh->p, BN_value_one())) - goto err; - - if (BN_cmp(pub_key, max_pub_key) >= 0) - *flags |= DH_CHECK_PUBKEY_TOO_LARGE; - - /* - * If dh->q is set, check that pub_key^q == 1 mod p - */ - - if (dh->q != NULL) { - BIGNUM *residue; - - if ((residue = BN_CTX_get(ctx)) == NULL) - goto err; - - if (!BN_mod_exp_ct(residue, pub_key, dh->q, dh->p, ctx)) - goto err; - if (!BN_is_one(residue)) - *flags |= DH_CHECK_PUBKEY_INVALID; - } - - ok = 1; - - err: - BN_CTX_end(ctx); - BN_CTX_free(ctx); - - return ok; -} -LCRYPTO_ALIAS(DH_check_pub_key); diff --git a/src/lib/libcrypto/dh/dh_err.c b/src/lib/libcrypto/dh/dh_err.c deleted file mode 100644 index 568eff5752..0000000000 --- a/src/lib/libcrypto/dh/dh_err.c +++ /dev/null @@ -1,114 +0,0 @@ -/* $OpenBSD: dh_err.c,v 1.22 2024/06/24 06:43:22 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include - -#include "err_local.h" - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DH,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DH,0,reason) - -static const ERR_STRING_DATA DH_str_functs[] = { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static const ERR_STRING_DATA DH_str_reasons[] = { - {ERR_REASON(DH_R_BAD_GENERATOR) ,"bad generator"}, - {ERR_REASON(DH_R_BN_DECODE_ERROR) ,"bn decode error"}, - {ERR_REASON(DH_R_BN_ERROR) ,"bn error"}, - {ERR_REASON(DH_R_DECODE_ERROR) ,"decode error"}, - {ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"}, - {ERR_REASON(DH_R_KEYS_NOT_SET) ,"keys not set"}, - {ERR_REASON(DH_R_KEY_SIZE_TOO_SMALL) ,"key size too small"}, - {ERR_REASON(DH_R_MODULUS_TOO_LARGE) ,"modulus too large"}, - {ERR_REASON(DH_R_NON_FIPS_METHOD) ,"non fips method"}, - {ERR_REASON(DH_R_NO_PARAMETERS_SET) ,"no parameters set"}, - {ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"}, - {ERR_REASON(DH_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"}, - {ERR_REASON(DH_R_CHECK_INVALID_J_VALUE) ,"check invalid j value"}, - {ERR_REASON(DH_R_CHECK_INVALID_Q_VALUE) ,"check invalid q value"}, - {ERR_REASON(DH_R_CHECK_PUBKEY_INVALID) ,"check pubkey invalid"}, - {ERR_REASON(DH_R_CHECK_PUBKEY_TOO_LARGE) ,"check pubkey too large"}, - {ERR_REASON(DH_R_CHECK_PUBKEY_TOO_SMALL) ,"check pubkey too small"}, - {ERR_REASON(DH_R_CHECK_P_NOT_PRIME) ,"check p not prime"}, - {ERR_REASON(DH_R_CHECK_P_NOT_SAFE_PRIME) ,"check p not safe prime"}, - {ERR_REASON(DH_R_CHECK_Q_NOT_PRIME) ,"check q not prime"}, - {ERR_REASON(DH_R_MISSING_PUBKEY) ,"missing pubkey"}, - {ERR_REASON(DH_R_NOT_SUITABLE_GENERATOR) ,"not suitable generator"}, - {ERR_REASON(DH_R_UNABLE_TO_CHECK_GENERATOR),"unable to check generator"}, - {0,NULL} -}; - -#endif - -void -ERR_load_DH_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(DH_str_functs[0].error) == NULL) { - ERR_load_const_strings(DH_str_functs); - ERR_load_const_strings(DH_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_DH_strings); diff --git a/src/lib/libcrypto/dh/dh_gen.c b/src/lib/libcrypto/dh/dh_gen.c deleted file mode 100644 index 3ffa5d80f1..0000000000 --- a/src/lib/libcrypto/dh/dh_gen.c +++ /dev/null @@ -1,197 +0,0 @@ -/* $OpenBSD: dh_gen.c,v 1.21 2023/07/08 15:29:03 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include -#include - -#include "bn_local.h" -#include "dh_local.h" - -static int dh_builtin_genparams(DH *ret, int prime_len, int generator, - BN_GENCB *cb); - -int -DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *cb) -{ - if (ret->meth->generate_params) - return ret->meth->generate_params(ret, prime_len, generator, cb); - return dh_builtin_genparams(ret, prime_len, generator, cb); -} -LCRYPTO_ALIAS(DH_generate_parameters_ex); - -/* - * We generate DH parameters as follows: - * find a prime q which is prime_len/2 bits long. - * p=(2*q)+1 or (p-1)/2 = q - * For this case, g is a generator if - * g^((p-1)/q) mod p != 1 for values of q which are the factors of p-1. - * Since the factors of p-1 are q and 2, we just need to check - * g^2 mod p != 1 and g^q mod p != 1. - * - * Having said all that, - * there is another special case method for the generators 2, 3 and 5. - * for 2, p mod 24 == 11 - * for 3, p mod 12 == 5 <<<<< does not work for safe primes. - * for 5, p mod 10 == 3 or 7 - * - * Thanks to Phil Karn for the pointers about the - * special generators and for answering some of my questions. - * - * I've implemented the second simple method :-). - * Since DH should be using a safe prime (both p and q are prime), - * this generator function can take a very very long time to run. - */ -/* Actually there is no reason to insist that 'generator' be a generator. - * It's just as OK (and in some sense better) to use a generator of the - * order-q subgroup. - */ -static int -dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb) -{ - BIGNUM *t1, *t2; - int g, ok = -1; - BN_CTX *ctx = NULL; - - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - BN_CTX_start(ctx); - if ((t1 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((t2 = BN_CTX_get(ctx)) == NULL) - goto err; - - /* Make sure 'ret' has the necessary elements */ - if (!ret->p && ((ret->p = BN_new()) == NULL)) - goto err; - if (!ret->g && ((ret->g = BN_new()) == NULL)) - goto err; - - if (generator <= 1) { - DHerror(DH_R_BAD_GENERATOR); - goto err; - } - if (generator == DH_GENERATOR_2) { - if (!BN_set_word(t1, 24)) - goto err; - if (!BN_set_word(t2, 11)) - goto err; - g = 2; - } else if (generator == DH_GENERATOR_5) { - if (!BN_set_word(t1, 10)) - goto err; - if (!BN_set_word(t2, 3)) - goto err; - /* BN_set_word(t3,7); just have to miss - * out on these ones :-( */ - g = 5; - } else { - /* - * in the general case, don't worry if 'generator' is a - * generator or not: since we are using safe primes, - * it will generate either an order-q or an order-2q group, - * which both is OK - */ - if (!BN_set_word(t1, 2)) - goto err; - if (!BN_set_word(t2, 1)) - goto err; - g = generator; - } - - if (!BN_generate_prime_ex(ret->p, prime_len, 1, t1, t2, cb)) - goto err; - if (!BN_GENCB_call(cb, 3, 0)) - goto err; - if (!BN_set_word(ret->g, g)) - goto err; - ok = 1; -err: - if (ok == -1) { - DHerror(ERR_R_BN_LIB); - ok = 0; - } - - if (ctx != NULL) { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - return ok; -} - -DH * -DH_generate_parameters(int prime_len, int generator, - void (*callback)(int, int, void *), void *cb_arg) -{ - BN_GENCB cb; - DH *ret = NULL; - - if ((ret = DH_new()) == NULL) - return NULL; - - BN_GENCB_set_old(&cb, callback, cb_arg); - - if (DH_generate_parameters_ex(ret, prime_len, generator, &cb)) - return ret; - DH_free(ret); - return NULL; -} -LCRYPTO_ALIAS(DH_generate_parameters); diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c deleted file mode 100644 index 93b04f398f..0000000000 --- a/src/lib/libcrypto/dh/dh_key.c +++ /dev/null @@ -1,240 +0,0 @@ -/* $OpenBSD: dh_key.c,v 1.42 2024/05/09 20:43:36 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include -#include - -#include "bn_local.h" -#include "dh_local.h" - -static int -generate_key(DH *dh) -{ - int ok = 0; - unsigned l; - BN_CTX *ctx; - BN_MONT_CTX *mont = NULL; - BIGNUM *pub_key = NULL, *priv_key = NULL; - - if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) { - DHerror(DH_R_MODULUS_TOO_LARGE); - return 0; - } - - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - - if ((priv_key = dh->priv_key) == NULL) { - if ((priv_key = BN_new()) == NULL) - goto err; - } - - if ((pub_key = dh->pub_key) == NULL) { - if ((pub_key = BN_new()) == NULL) - goto err; - } - - if (dh->flags & DH_FLAG_CACHE_MONT_P) { - mont = BN_MONT_CTX_set_locked(&dh->method_mont_p, - CRYPTO_LOCK_DH, dh->p, ctx); - if (!mont) - goto err; - } - - if (dh->priv_key == NULL) { - if (dh->q) { - if (!bn_rand_interval(priv_key, 2, dh->q)) - goto err; - } else { - /* secret exponent length */ - l = dh->length ? dh->length : BN_num_bits(dh->p) - 1; - if (!BN_rand(priv_key, l, 0, 0)) - goto err; - } - } - - if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, priv_key, dh->p, ctx, - mont)) - goto err; - - dh->pub_key = pub_key; - dh->priv_key = priv_key; - ok = 1; - err: - if (ok != 1) - DHerror(ERR_R_BN_LIB); - - if (dh->pub_key == NULL) - BN_free(pub_key); - if (dh->priv_key == NULL) - BN_free(priv_key); - BN_CTX_free(ctx); - - return ok; -} - -static int -compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) -{ - BN_CTX *ctx = NULL; - BN_MONT_CTX *mont = NULL; - BIGNUM *tmp; - int ret = -1; - int check_result; - - if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) { - DHerror(DH_R_MODULUS_TOO_LARGE); - goto err; - } - - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - BN_CTX_start(ctx); - if ((tmp = BN_CTX_get(ctx)) == NULL) - goto err; - - if (dh->priv_key == NULL) { - DHerror(DH_R_NO_PRIVATE_VALUE); - goto err; - } - - if (dh->flags & DH_FLAG_CACHE_MONT_P) { - mont = BN_MONT_CTX_set_locked(&dh->method_mont_p, - CRYPTO_LOCK_DH, dh->p, ctx); - - BN_set_flags(dh->priv_key, BN_FLG_CONSTTIME); - - if (!mont) - goto err; - } - - if (!DH_check_pub_key(dh, pub_key, &check_result) || check_result) { - DHerror(DH_R_INVALID_PUBKEY); - goto err; - } - - if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key, dh->p, ctx, - mont)) { - DHerror(ERR_R_BN_LIB); - goto err; - } - - ret = BN_bn2bin(tmp, key); - err: - if (ctx != NULL) { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - return ret; -} - -static int -dh_bn_mod_exp(const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) -{ - return BN_mod_exp_mont_ct(r, a, p, m, ctx, m_ctx); -} - -static int -dh_init(DH *dh) -{ - dh->flags |= DH_FLAG_CACHE_MONT_P; - return 1; -} - -static int -dh_finish(DH *dh) -{ - BN_MONT_CTX_free(dh->method_mont_p); - return 1; -} - -int -DH_generate_key(DH *dh) -{ - return dh->meth->generate_key(dh); -} -LCRYPTO_ALIAS(DH_generate_key); - -int -DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) -{ - return dh->meth->compute_key(key, pub_key, dh); -} -LCRYPTO_ALIAS(DH_compute_key); - -static const DH_METHOD dh_ossl = { - .name = "OpenSSL DH Method", - .generate_key = generate_key, - .compute_key = compute_key, - .bn_mod_exp = dh_bn_mod_exp, - .init = dh_init, - .finish = dh_finish, -}; - -const DH_METHOD * -DH_OpenSSL(void) -{ - return &dh_ossl; -} -LCRYPTO_ALIAS(DH_OpenSSL); diff --git a/src/lib/libcrypto/dh/dh_lib.c b/src/lib/libcrypto/dh/dh_lib.c deleted file mode 100644 index 803aca6421..0000000000 --- a/src/lib/libcrypto/dh/dh_lib.c +++ /dev/null @@ -1,364 +0,0 @@ -/* $OpenBSD: dh_lib.c,v 1.46 2024/11/29 15:59:57 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include - -#include -#include -#include - -#include "dh_local.h" - -static const DH_METHOD *default_DH_method = NULL; - -void -DH_set_default_method(const DH_METHOD *meth) -{ - default_DH_method = meth; -} -LCRYPTO_ALIAS(DH_set_default_method); - -const DH_METHOD * -DH_get_default_method(void) -{ - if (!default_DH_method) - default_DH_method = DH_OpenSSL(); - return default_DH_method; -} -LCRYPTO_ALIAS(DH_get_default_method); - -int -DH_set_method(DH *dh, const DH_METHOD *meth) -{ - /* - * NB: The caller is specifically setting a method, so it's not up to us - * to deal with which ENGINE it comes from. - */ - const DH_METHOD *mtmp; - - mtmp = dh->meth; - if (mtmp->finish) - mtmp->finish(dh); - dh->meth = meth; - if (meth->init) - meth->init(dh); - return 1; -} -LCRYPTO_ALIAS(DH_set_method); - -DH * -DH_new(void) -{ - return DH_new_method(NULL); -} -LCRYPTO_ALIAS(DH_new); - -DH * -DH_new_method(ENGINE *engine) -{ - DH *dh; - - if ((dh = calloc(1, sizeof(*dh))) == NULL) { - DHerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - dh->meth = DH_get_default_method(); - dh->flags = dh->meth->flags & ~DH_FLAG_NON_FIPS_ALLOW; - dh->references = 1; - - if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, dh, &dh->ex_data)) - goto err; - if (dh->meth->init != NULL && !dh->meth->init(dh)) - goto err; - - return dh; - - err: - DH_free(dh); - - return NULL; -} -LCRYPTO_ALIAS(DH_new_method); - -void -DH_free(DH *dh) -{ - if (dh == NULL) - return; - - if (CRYPTO_add(&dh->references, -1, CRYPTO_LOCK_DH) > 0) - return; - - if (dh->meth != NULL && dh->meth->finish != NULL) - dh->meth->finish(dh); - - CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, dh, &dh->ex_data); - - BN_free(dh->p); - BN_free(dh->q); - BN_free(dh->g); - BN_free(dh->pub_key); - BN_free(dh->priv_key); - free(dh); -} -LCRYPTO_ALIAS(DH_free); - -int -DH_up_ref(DH *dh) -{ - return CRYPTO_add(&dh->references, 1, CRYPTO_LOCK_DH) > 1; -} -LCRYPTO_ALIAS(DH_up_ref); - -int -DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) -{ - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DH, argl, argp, new_func, - dup_func, free_func); -} -LCRYPTO_ALIAS(DH_get_ex_new_index); - -int -DH_set_ex_data(DH *dh, int idx, void *arg) -{ - return CRYPTO_set_ex_data(&dh->ex_data, idx, arg); -} -LCRYPTO_ALIAS(DH_set_ex_data); - -void * -DH_get_ex_data(DH *dh, int idx) -{ - return CRYPTO_get_ex_data(&dh->ex_data, idx); -} -LCRYPTO_ALIAS(DH_get_ex_data); - -int -DH_size(const DH *dh) -{ - return BN_num_bytes(dh->p); -} -LCRYPTO_ALIAS(DH_size); - -int -DH_bits(const DH *dh) -{ - return BN_num_bits(dh->p); -} -LCRYPTO_ALIAS(DH_bits); - -int -DH_security_bits(const DH *dh) -{ - int N = -1; - - if (dh->q != NULL) - N = BN_num_bits(dh->q); - else if (dh->length > 0) - N = dh->length; - - return BN_security_bits(BN_num_bits(dh->p), N); -} -LCRYPTO_ALIAS(DH_security_bits); - -ENGINE * -DH_get0_engine(DH *dh) -{ - return NULL; -} -LCRYPTO_ALIAS(DH_get0_engine); - -void -DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) -{ - if (p != NULL) - *p = dh->p; - if (q != NULL) - *q = dh->q; - if (g != NULL) - *g = dh->g; -} -LCRYPTO_ALIAS(DH_get0_pqg); - -int -DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) -{ - if ((dh->p == NULL && p == NULL) || (dh->g == NULL && g == NULL)) - return 0; - - if (p != NULL) { - BN_free(dh->p); - dh->p = p; - } - if (q != NULL) { - BN_free(dh->q); - dh->q = q; - dh->length = BN_num_bits(dh->q); - } - if (g != NULL) { - BN_free(dh->g); - dh->g = g; - } - - return 1; -} -LCRYPTO_ALIAS(DH_set0_pqg); - -void -DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key) -{ - if (pub_key != NULL) - *pub_key = dh->pub_key; - if (priv_key != NULL) - *priv_key = dh->priv_key; -} -LCRYPTO_ALIAS(DH_get0_key); - -int -DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key) -{ - if (pub_key != NULL) { - BN_free(dh->pub_key); - dh->pub_key = pub_key; - } - if (priv_key != NULL) { - BN_free(dh->priv_key); - dh->priv_key = priv_key; - } - - return 1; -} -LCRYPTO_ALIAS(DH_set0_key); - -const BIGNUM * -DH_get0_p(const DH *dh) -{ - return dh->p; -} -LCRYPTO_ALIAS(DH_get0_p); - -const BIGNUM * -DH_get0_q(const DH *dh) -{ - return dh->q; -} -LCRYPTO_ALIAS(DH_get0_q); - -const BIGNUM * -DH_get0_g(const DH *dh) -{ - return dh->g; -} -LCRYPTO_ALIAS(DH_get0_g); - -const BIGNUM * -DH_get0_priv_key(const DH *dh) -{ - return dh->priv_key; -} -LCRYPTO_ALIAS(DH_get0_priv_key); - -const BIGNUM * -DH_get0_pub_key(const DH *dh) -{ - return dh->pub_key; -} -LCRYPTO_ALIAS(DH_get0_pub_key); - -void -DH_clear_flags(DH *dh, int flags) -{ - dh->flags &= ~flags; -} -LCRYPTO_ALIAS(DH_clear_flags); - -int -DH_test_flags(const DH *dh, int flags) -{ - return dh->flags & flags; -} -LCRYPTO_ALIAS(DH_test_flags); - -void -DH_set_flags(DH *dh, int flags) -{ - dh->flags |= flags; -} -LCRYPTO_ALIAS(DH_set_flags); - -long -DH_get_length(const DH *dh) -{ - return dh->length; -} -LCRYPTO_ALIAS(DH_get_length); - -int -DH_set_length(DH *dh, long length) -{ - if (length < 0 || length > INT_MAX) - return 0; - - dh->length = length; - return 1; -} -LCRYPTO_ALIAS(DH_set_length); diff --git a/src/lib/libcrypto/dh/dh_local.h b/src/lib/libcrypto/dh/dh_local.h deleted file mode 100644 index 2c89f10127..0000000000 --- a/src/lib/libcrypto/dh/dh_local.h +++ /dev/null @@ -1,99 +0,0 @@ -/* $OpenBSD: dh_local.h,v 1.7 2024/11/29 15:59:57 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_DH_LOCAL_H -#define HEADER_DH_LOCAL_H - -__BEGIN_HIDDEN_DECLS - -struct dh_method { - const char *name; - /* Methods here */ - int (*generate_key)(DH *dh); - int (*compute_key)(unsigned char *key,const BIGNUM *pub_key,DH *dh); - int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); - int (*init)(DH *dh); - int (*finish)(DH *dh); - int flags; - char *app_data; - /* If this is non-NULL, it will be used to generate parameters */ - int (*generate_params)(DH *dh, int prime_len, int generator, - BN_GENCB *cb); -}; - -struct dh_st { - int version; - BIGNUM *p; - BIGNUM *q; - BIGNUM *g; - long length; /* optional */ - BIGNUM *pub_key; /* g^x */ - BIGNUM *priv_key; /* x */ - - int flags; - BN_MONT_CTX *method_mont_p; - - int references; - CRYPTO_EX_DATA ex_data; - const DH_METHOD *meth; -}; - -__END_HIDDEN_DECLS - -#endif /* !HEADER_DH_LOCAL_H */ diff --git a/src/lib/libcrypto/dh/dh_pmeth.c b/src/lib/libcrypto/dh/dh_pmeth.c deleted file mode 100644 index 1e5327b11f..0000000000 --- a/src/lib/libcrypto/dh/dh_pmeth.c +++ /dev/null @@ -1,265 +0,0 @@ -/* $OpenBSD: dh_pmeth.c,v 1.17 2024/08/26 22:00:47 op Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2006. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include - -#include "bn_local.h" -#include "dh_local.h" -#include "evp_local.h" - -/* DH pkey context structure */ - -typedef struct { - /* Parameter gen parameters */ - int prime_len; - int generator; - int use_dsa; - /* Keygen callback info */ - int gentmp[2]; - /* message digest */ -} DH_PKEY_CTX; - -static int -pkey_dh_init(EVP_PKEY_CTX *ctx) -{ - DH_PKEY_CTX *dctx; - - dctx = malloc(sizeof(DH_PKEY_CTX)); - if (!dctx) - return 0; - dctx->prime_len = 1024; - dctx->generator = 2; - dctx->use_dsa = 0; - - ctx->data = dctx; - ctx->keygen_info = dctx->gentmp; - ctx->keygen_info_count = 2; - - return 1; -} - -static int -pkey_dh_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) -{ - DH_PKEY_CTX *dctx, *sctx; - - if (!pkey_dh_init(dst)) - return 0; - sctx = src->data; - dctx = dst->data; - dctx->prime_len = sctx->prime_len; - dctx->generator = sctx->generator; - dctx->use_dsa = sctx->use_dsa; - return 1; -} - -static void -pkey_dh_cleanup(EVP_PKEY_CTX *ctx) -{ - DH_PKEY_CTX *dctx = ctx->data; - - free(dctx); -} - -static int -pkey_dh_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) -{ - DH_PKEY_CTX *dctx = ctx->data; - - switch (type) { - case EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN: - if (p1 < 256) - return -2; - dctx->prime_len = p1; - return 1; - - case EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR: - dctx->generator = p1; - return 1; - - case EVP_PKEY_CTRL_PEER_KEY: - /* Default behaviour is OK */ - return 1; - - default: - return -2; - } -} - -static int -pkey_dh_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value) -{ - const char *errstr; - int len; - - if (!strcmp(type, "dh_paramgen_prime_len")) { - len = strtonum(value, INT_MIN, INT_MAX, &errstr); - if (errstr != NULL) - return -2; - return EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len); - } else if (!strcmp(type, "dh_paramgen_generator")) { - len = strtonum(value, INT_MIN, INT_MAX, &errstr); - if (errstr != NULL) - return -2; - return EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, len); - } - - return -2; -} - -static int -pkey_dh_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -{ - DH *dh; - DH_PKEY_CTX *dctx = ctx->data; - BN_GENCB *pcb = NULL; - BN_GENCB cb = {0}; - int ret = 0; - - if ((dh = DH_new()) == NULL) - goto err; - if (ctx->pkey_gencb != NULL) { - pcb = &cb; - evp_pkey_set_cb_translate(pcb, ctx); - } - if (!DH_generate_parameters_ex(dh, dctx->prime_len, dctx->generator, pcb)) - goto err; - if (!EVP_PKEY_assign_DH(pkey, dh)) - goto err; - dh = NULL; - - ret = 1; - err: - DH_free(dh); - - return ret; -} - -static int -pkey_dh_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -{ - DH *dh = NULL; - int ret = 0; - - if (ctx->pkey == NULL) { - DHerror(DH_R_NO_PARAMETERS_SET); - goto err; - } - - if ((dh = DH_new()) == NULL) - goto err; - if (!EVP_PKEY_set1_DH(pkey, dh)) - goto err; - - if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey)) - goto err; - if (!DH_generate_key(dh)) - goto err; - - ret = 1; - - err: - DH_free(dh); - - return ret; -} - -static int -pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen) -{ - int ret; - - if (!ctx->pkey || !ctx->peerkey) { - DHerror(DH_R_KEYS_NOT_SET); - return 0; - } - ret = DH_compute_key(key, ctx->peerkey->pkey.dh->pub_key, - ctx->pkey->pkey.dh); - if (ret < 0) - return ret; - *keylen = ret; - return 1; -} - -const EVP_PKEY_METHOD dh_pkey_meth = { - .pkey_id = EVP_PKEY_DH, - .flags = EVP_PKEY_FLAG_AUTOARGLEN, - - .init = pkey_dh_init, - .copy = pkey_dh_copy, - .cleanup = pkey_dh_cleanup, - - .paramgen = pkey_dh_paramgen, - - .keygen = pkey_dh_keygen, - - .derive = pkey_dh_derive, - - .ctrl = pkey_dh_ctrl, - .ctrl_str = pkey_dh_ctrl_str -}; diff --git a/src/lib/libcrypto/dsa/dsa.h b/src/lib/libcrypto/dsa/dsa.h deleted file mode 100644 index 7a8e7fcba4..0000000000 --- a/src/lib/libcrypto/dsa/dsa.h +++ /dev/null @@ -1,263 +0,0 @@ -/* $OpenBSD: dsa.h,v 1.48 2025/03/01 11:33:07 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* - * The DSS routines are based on patches supplied by - * Steven Schoch . He basically did the - * work and I have just tweaked them a little to fit into my - * stylistic vision for SSLeay :-) */ - -#ifndef HEADER_DSA_H -#define HEADER_DSA_H - -#include - -#ifndef OPENSSL_NO_BIO -#include -#endif -#include -#include -#ifndef OPENSSL_NO_DH -# include -#endif - -#include - -#ifndef OPENSSL_DSA_MAX_MODULUS_BITS -# define OPENSSL_DSA_MAX_MODULUS_BITS 10000 -#endif - -#define DSA_FLAG_CACHE_MONT_P 0x01 - -/* If this flag is set the DSA method is FIPS compliant and can be used - * in FIPS mode. This is set in the validated module method. If an - * application sets this flag in its own methods it is its reposibility - * to ensure the result is compliant. - */ - -#define DSA_FLAG_FIPS_METHOD 0x0400 - -/* If this flag is set the operations normally disabled in FIPS mode are - * permitted it is then the applications responsibility to ensure that the - * usage is compliant. - */ - -#define DSA_FLAG_NON_FIPS_ALLOW 0x0400 - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct DSA_SIG_st DSA_SIG; - -DSA *d2i_DSAparams_bio(BIO *bp, DSA **a); -int i2d_DSAparams_bio(BIO *bp, DSA *a); -DSA *d2i_DSAparams_fp(FILE *fp, DSA **a); -int i2d_DSAparams_fp(FILE *fp, DSA *a); - -DSA *DSAparams_dup(DSA *x); -DSA_SIG * DSA_SIG_new(void); -void DSA_SIG_free(DSA_SIG *a); -int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp); -DSA_SIG * d2i_DSA_SIG(DSA_SIG **v, const unsigned char **pp, long length); -void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps); -int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s); - -DSA_SIG * DSA_do_sign(const unsigned char *dgst,int dlen,DSA *dsa); -int DSA_do_verify(const unsigned char *dgst,int dgst_len, - DSA_SIG *sig,DSA *dsa); - -const DSA_METHOD *DSA_OpenSSL(void); - -void DSA_set_default_method(const DSA_METHOD *); -const DSA_METHOD *DSA_get_default_method(void); -int DSA_set_method(DSA *dsa, const DSA_METHOD *); - -DSA * DSA_new(void); -DSA * DSA_new_method(ENGINE *engine); -void DSA_free(DSA *r); -/* "up" the DSA object's reference count */ -int DSA_up_ref(DSA *r); -int DSA_size(const DSA *); -int DSA_bits(const DSA *d); - /* next 4 return -1 on error */ -int DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp); -int DSA_sign(int type,const unsigned char *dgst,int dlen, - unsigned char *sig, unsigned int *siglen, DSA *dsa); -int DSA_verify(int type,const unsigned char *dgst,int dgst_len, - const unsigned char *sigbuf, int siglen, DSA *dsa); -int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int DSA_set_ex_data(DSA *d, int idx, void *arg); -void *DSA_get_ex_data(DSA *d, int idx); -int DSA_security_bits(const DSA *d); - -DSA *d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length); -int i2d_DSAPublicKey(const DSA *a, unsigned char **pp); -extern const ASN1_ITEM DSAPublicKey_it; - -DSA *d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length); -int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp); -extern const ASN1_ITEM DSAPrivateKey_it; - -DSA *d2i_DSAparams(DSA **a, const unsigned char **pp, long length); -int i2d_DSAparams(const DSA *a,unsigned char **pp); -extern const ASN1_ITEM DSAparams_it; - -/* New version */ -int DSA_generate_parameters_ex(DSA *dsa, int bits, - const unsigned char *seed,int seed_len, - int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); - -int DSA_generate_key(DSA *a); - -#ifndef OPENSSL_NO_BIO -int DSAparams_print(BIO *bp, const DSA *x); -int DSA_print(BIO *bp, const DSA *x, int off); -#endif -int DSAparams_print_fp(FILE *fp, const DSA *x); -int DSA_print_fp(FILE *bp, const DSA *x, int off); - -#ifndef OPENSSL_NO_DH -/* Convert DSA structure (key or just parameters) into DH structure - * (be careful to avoid small subgroup attacks when using this!) */ -DH *DSA_dup_DH(const DSA *r); -#endif - -void DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q, - const BIGNUM **g); -int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g); -void DSA_get0_key(const DSA *d, const BIGNUM **pub_key, const BIGNUM **priv_key); -int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key); -const BIGNUM *DSA_get0_p(const DSA *d); -const BIGNUM *DSA_get0_q(const DSA *d); -const BIGNUM *DSA_get0_g(const DSA *d); -const BIGNUM *DSA_get0_pub_key(const DSA *d); -const BIGNUM *DSA_get0_priv_key(const DSA *d); -void DSA_clear_flags(DSA *d, int flags); -int DSA_test_flags(const DSA *d, int flags); -void DSA_set_flags(DSA *d, int flags); -ENGINE *DSA_get0_engine(DSA *d); - -DSA_METHOD *DSA_meth_new(const char *name, int flags); -void DSA_meth_free(DSA_METHOD *meth); -DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth); -const char *DSA_meth_get0_name(const DSA_METHOD *meth); -int DSA_meth_set1_name(DSA_METHOD *meth, const char *name); -int DSA_meth_set_sign(DSA_METHOD *meth, - DSA_SIG *(*sign)(const unsigned char *, int, DSA *)); -int DSA_meth_set_finish(DSA_METHOD *meth, int (*finish)(DSA *)); - -#define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \ - EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL) - -#define EVP_PKEY_CTRL_DSA_PARAMGEN_BITS (EVP_PKEY_ALG_CTRL + 1) -#define EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS (EVP_PKEY_ALG_CTRL + 2) -#define EVP_PKEY_CTRL_DSA_PARAMGEN_MD (EVP_PKEY_ALG_CTRL + 3) - -void ERR_load_DSA_strings(void); - -/* Error codes for the DSA functions. */ - -/* Function codes. */ -#define DSA_F_D2I_DSA_SIG 110 -#define DSA_F_DO_DSA_PRINT 104 -#define DSA_F_DSAPARAMS_PRINT 100 -#define DSA_F_DSAPARAMS_PRINT_FP 101 -#define DSA_F_DSA_DO_SIGN 112 -#define DSA_F_DSA_DO_VERIFY 113 -#define DSA_F_DSA_GENERATE_KEY 124 -#define DSA_F_DSA_GENERATE_PARAMETERS_EX 123 -#define DSA_F_DSA_NEW_METHOD 103 -#define DSA_F_DSA_PARAM_DECODE 119 -#define DSA_F_DSA_PRINT_FP 105 -#define DSA_F_DSA_PRIV_DECODE 115 -#define DSA_F_DSA_PRIV_ENCODE 116 -#define DSA_F_DSA_PUB_DECODE 117 -#define DSA_F_DSA_PUB_ENCODE 118 -#define DSA_F_DSA_SIGN 106 -#define DSA_F_DSA_SIGN_SETUP 107 -#define DSA_F_DSA_SIG_NEW 109 -#define DSA_F_DSA_SIG_PRINT 125 -#define DSA_F_DSA_VERIFY 108 -#define DSA_F_I2D_DSA_SIG 111 -#define DSA_F_OLD_DSA_PRIV_DECODE 122 -#define DSA_F_PKEY_DSA_CTRL 120 -#define DSA_F_PKEY_DSA_KEYGEN 121 -#define DSA_F_SIG_CB 114 - -/* Reason codes. */ -#define DSA_R_BAD_Q_VALUE 102 -#define DSA_R_BN_DECODE_ERROR 108 -#define DSA_R_BN_ERROR 109 -#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100 -#define DSA_R_DECODE_ERROR 104 -#define DSA_R_INVALID_DIGEST_TYPE 106 -#define DSA_R_INVALID_PARAMETERS 112 -#define DSA_R_MISSING_PARAMETERS 101 -#define DSA_R_MODULUS_TOO_LARGE 103 -#define DSA_R_NEED_NEW_SETUP_VALUES 110 -#define DSA_R_NON_FIPS_DSA_METHOD 111 -#define DSA_R_NO_PARAMETERS_SET 107 -#define DSA_R_PARAMETER_ENCODING_ERROR 105 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/dsa/dsa_ameth.c b/src/lib/libcrypto/dsa/dsa_ameth.c deleted file mode 100644 index 866e5ec476..0000000000 --- a/src/lib/libcrypto/dsa/dsa_ameth.c +++ /dev/null @@ -1,736 +0,0 @@ -/* $OpenBSD: dsa_ameth.c,v 1.59 2024/04/13 14:02:51 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2006. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include -#include -#include -#include -#include - -#include "asn1_local.h" -#include "bn_local.h" -#include "dsa_local.h" -#include "evp_local.h" -#include "x509_local.h" - -static int -dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) -{ - X509_ALGOR *algor; - int ptype; - const void *pval; - const ASN1_STRING *astr; - const unsigned char *key, *params, *p; - int key_len, params_len; - ASN1_INTEGER *aint = NULL; - DSA *dsa = NULL; - int ret = 0; - - if (!X509_PUBKEY_get0_param(NULL, &key, &key_len, &algor, pubkey)) - goto err; - X509_ALGOR_get0(NULL, &ptype, &pval, algor); - - if (ptype == V_ASN1_SEQUENCE) { - astr = pval; - params = astr->data; - params_len = astr->length; - - p = params; - if ((dsa = d2i_DSAparams(NULL, &p, params_len)) == NULL) { - DSAerror(DSA_R_DECODE_ERROR); - goto err; - } - } else if (ptype == V_ASN1_NULL || ptype == V_ASN1_UNDEF) { - if ((dsa = DSA_new()) == NULL) { - DSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - } else { - DSAerror(DSA_R_PARAMETER_ENCODING_ERROR); - goto err; - } - - p = key; - if ((aint = d2i_ASN1_INTEGER(NULL, &p, key_len)) == NULL) { - DSAerror(DSA_R_DECODE_ERROR); - goto err; - } - BN_free(dsa->pub_key); - if ((dsa->pub_key = ASN1_INTEGER_to_BN(aint, NULL)) == NULL) { - DSAerror(DSA_R_BN_DECODE_ERROR); - goto err; - } - - /* We can only check for key consistency if we have parameters. */ - if (ptype == V_ASN1_SEQUENCE) { - if (!dsa_check_key(dsa)) - goto err; - } - - if (!EVP_PKEY_assign_DSA(pkey, dsa)) - goto err; - dsa = NULL; - - ret = 1; - - err: - ASN1_INTEGER_free(aint); - DSA_free(dsa); - - return ret; -} - -static int -dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) -{ - const DSA *dsa = pkey->pkey.dsa; - ASN1_STRING *astr = NULL; - int ptype = V_ASN1_UNDEF; - ASN1_INTEGER *aint = NULL; - ASN1_OBJECT *aobj; - unsigned char *params = NULL, *key = NULL; - int params_len = 0, key_len = 0; - int ret = 0; - - if (pkey->save_parameters > 0 && !EVP_PKEY_missing_parameters(pkey)) { - if ((params_len = i2d_DSAparams(dsa, ¶ms)) <= 0) { - DSAerror(ERR_R_MALLOC_FAILURE); - params_len = 0; - goto err; - } - if ((astr = ASN1_STRING_new()) == NULL) { - DSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - ASN1_STRING_set0(astr, params, params_len); - params = NULL; - params_len = 0; - ptype = V_ASN1_SEQUENCE; - } - - if ((aint = BN_to_ASN1_INTEGER(dsa->pub_key, NULL)) == NULL) { - DSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if ((key_len = i2d_ASN1_INTEGER(aint, &key)) <= 0) { - DSAerror(ERR_R_MALLOC_FAILURE); - key_len = 0; - goto err; - } - - if ((aobj = OBJ_nid2obj(EVP_PKEY_DSA)) == NULL) - goto err; - if (!X509_PUBKEY_set0_param(pk, aobj, ptype, astr, key, key_len)) - goto err; - astr = NULL; - key = NULL; - key_len = 0; - - ret = 1; - - err: - ASN1_STRING_free(astr); - ASN1_INTEGER_free(aint); - freezero(params, params_len); - freezero(key, key_len); - - return ret; -} - -/* - * In PKCS#8 DSA: you just get a private key integer and parameters in the - * AlgorithmIdentifier the pubkey must be recalculated. - */ -static int -dsa_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8) -{ - const X509_ALGOR *algor; - int ptype; - const void *pval; - const ASN1_STRING *astr; - const unsigned char *key, *params, *p; - int key_len, params_len; - ASN1_INTEGER *aint = NULL; - BN_CTX *ctx = NULL; - DSA *dsa = NULL; - int ret = 0; - - if (!PKCS8_pkey_get0(NULL, &key, &key_len, &algor, p8)) - goto err; - X509_ALGOR_get0(NULL, &ptype, &pval, algor); - - if (ptype != V_ASN1_SEQUENCE) { - DSAerror(DSA_R_PARAMETER_ENCODING_ERROR); - goto err; - } - - astr = pval; - params = astr->data; - params_len = astr->length; - - p = params; - if ((dsa = d2i_DSAparams(NULL, &p, params_len)) == NULL) { - DSAerror(DSA_R_DECODE_ERROR); - goto err; - } - p = key; - if ((aint = d2i_ASN1_INTEGER(NULL, &p, key_len)) == NULL) { - DSAerror(DSA_R_DECODE_ERROR); - goto err; - } - BN_free(dsa->priv_key); - if ((dsa->priv_key = ASN1_INTEGER_to_BN(aint, NULL)) == NULL) { - DSAerror(DSA_R_BN_DECODE_ERROR); - goto err; - } - - /* Check the key for basic consistency before doing expensive things. */ - if (!dsa_check_key(dsa)) - goto err; - - /* Calculate public key */ - BN_free(dsa->pub_key); - if ((dsa->pub_key = BN_new()) == NULL) { - DSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - if ((ctx = BN_CTX_new()) == NULL) { - DSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - BN_CTX_start(ctx); - - if (!BN_mod_exp_ct(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) { - DSAerror(DSA_R_BN_ERROR); - goto err; - } - - if (!EVP_PKEY_assign_DSA(pkey, dsa)) - goto err; - dsa = NULL; - - ret = 1; - - err: - DSA_free(dsa); - BN_CTX_end(ctx); - BN_CTX_free(ctx); - ASN1_INTEGER_free(aint); - - return ret; -} - -static int -dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) -{ - const DSA *dsa = pkey->pkey.dsa; - ASN1_STRING *astr = NULL; - int ptype = V_ASN1_SEQUENCE; - ASN1_INTEGER *aint = NULL; - ASN1_OBJECT *aobj; - unsigned char *params = NULL, *key = NULL; - int params_len = 0, key_len = 0; - int ret = 0; - - if ((params_len = i2d_DSAparams(dsa, ¶ms)) <= 0) { - DSAerror(ERR_R_MALLOC_FAILURE); - params_len = 0; - goto err; - } - if ((astr = ASN1_STRING_type_new(V_ASN1_SEQUENCE)) == NULL) { - DSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - ASN1_STRING_set0(astr, params, params_len); - params = NULL; - params_len = 0; - - if ((aint = BN_to_ASN1_INTEGER(dsa->priv_key, NULL)) == NULL) { - DSAerror(DSA_R_BN_ERROR); - goto err; - } - if ((key_len = i2d_ASN1_INTEGER(aint, &key)) <= 0) { - DSAerror(ERR_R_MALLOC_FAILURE); - key_len = 0; - goto err; - } - - if ((aobj = OBJ_nid2obj(NID_dsa)) == NULL) - goto err; - if (!PKCS8_pkey_set0(p8, aobj, 0, ptype, astr, key, key_len)) - goto err; - astr = NULL; - key = NULL; - key_len = 0; - - ret = 1; - - err: - ASN1_STRING_free(astr); - ASN1_INTEGER_free(aint); - freezero(params, params_len); - freezero(key, key_len); - - return ret; -} - -static int -dsa_size(const EVP_PKEY *pkey) -{ - return DSA_size(pkey->pkey.dsa); -} - -static int -dsa_bits(const EVP_PKEY *pkey) -{ - return BN_num_bits(pkey->pkey.dsa->p); -} - -static int -dsa_security_bits(const EVP_PKEY *pkey) -{ - return DSA_security_bits(pkey->pkey.dsa); -} - -static int -dsa_missing_parameters(const EVP_PKEY *pkey) -{ - const DSA *dsa = pkey->pkey.dsa; - - return dsa->p == NULL || dsa->q == NULL || dsa->g == NULL; -} - -static int -dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) -{ - BIGNUM *a; - - if ((a = BN_dup(from->pkey.dsa->p)) == NULL) - return 0; - BN_free(to->pkey.dsa->p); - to->pkey.dsa->p = a; - - if ((a = BN_dup(from->pkey.dsa->q)) == NULL) - return 0; - BN_free(to->pkey.dsa->q); - to->pkey.dsa->q = a; - - if ((a = BN_dup(from->pkey.dsa->g)) == NULL) - return 0; - BN_free(to->pkey.dsa->g); - to->pkey.dsa->g = a; - return 1; -} - -static int -dsa_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) -{ - if (BN_cmp(a->pkey.dsa->p, b->pkey.dsa->p) || - BN_cmp(a->pkey.dsa->q, b->pkey.dsa->q) || - BN_cmp(a->pkey.dsa->g, b->pkey.dsa->g)) - return 0; - else - return 1; -} - -static int -dsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) -{ - if (BN_cmp(b->pkey.dsa->pub_key, a->pkey.dsa->pub_key) != 0) - return 0; - else - return 1; -} - -static void -dsa_free(EVP_PKEY *pkey) -{ - DSA_free(pkey->pkey.dsa); -} - -static int -do_dsa_print(BIO *bp, const DSA *x, int off, int ptype) -{ - const char *ktype = NULL; - const BIGNUM *priv_key, *pub_key; - int ret = 0; - - if (ptype == 2) - priv_key = x->priv_key; - else - priv_key = NULL; - - if (ptype > 0) - pub_key = x->pub_key; - else - pub_key = NULL; - - if (ptype == 2) - ktype = "Private-Key"; - else if (ptype == 1) - ktype = "Public-Key"; - else - ktype = "DSA-Parameters"; - - if (priv_key) { - if (!BIO_indent(bp, off, 128)) - goto err; - if (BIO_printf(bp, "%s: (%d bit)\n", ktype, - BN_num_bits(x->p)) <= 0) - goto err; - } - - if (!bn_printf(bp, priv_key, off, "priv:")) - goto err; - if (!bn_printf(bp, pub_key, off, "pub: ")) - goto err; - if (!bn_printf(bp, x->p, off, "P: ")) - goto err; - if (!bn_printf(bp, x->q, off, "Q: ")) - goto err; - if (!bn_printf(bp, x->g, off, "G: ")) - goto err; - - ret = 1; - - err: - return ret; -} - -static int -dsa_param_decode(EVP_PKEY *pkey, const unsigned char **params, int params_len) -{ - DSA *dsa = NULL; - int ret = 0; - - if ((dsa = d2i_DSAparams(NULL, params, params_len)) == NULL) { - DSAerror(ERR_R_DSA_LIB); - goto err; - } - if (!dsa_check_key(dsa)) - goto err; - if (!EVP_PKEY_assign_DSA(pkey, dsa)) - goto err; - dsa = NULL; - - ret = 1; - - err: - DSA_free(dsa); - - return ret; -} - -static int -dsa_param_encode(const EVP_PKEY *pkey, unsigned char **params) -{ - return i2d_DSAparams(pkey->pkey.dsa, params); -} - -static int -dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx) -{ - return do_dsa_print(bp, pkey->pkey.dsa, indent, 0); -} - -static int -dsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx) -{ - return do_dsa_print(bp, pkey->pkey.dsa, indent, 1); -} - -static int -dsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx) -{ - return do_dsa_print(bp, pkey->pkey.dsa, indent, 2); -} - -static int -old_dsa_priv_decode(EVP_PKEY *pkey, const unsigned char **key, int key_len) -{ - DSA *dsa = NULL; - BN_CTX *ctx = NULL; - BIGNUM *result; - int ret = 0; - - if ((dsa = d2i_DSAPrivateKey(NULL, key, key_len)) == NULL) { - DSAerror(ERR_R_DSA_LIB); - goto err; - } - - if (!dsa_check_key(dsa)) - goto err; - - if ((ctx = BN_CTX_new()) == NULL) - goto err; - - BN_CTX_start(ctx); - - if ((result = BN_CTX_get(ctx)) == NULL) - goto err; - - /* - * Check that p and q are consistent with each other. dsa_check_key() - * ensures that 1 < q < p. Now check that q divides p - 1. - */ - - if (!BN_sub(result, dsa->p, BN_value_one())) - goto err; - if (!BN_mod_ct(result, result, dsa->q, ctx)) - goto err; - if (!BN_is_zero(result)) { - DSAerror(DSA_R_BAD_Q_VALUE); - goto err; - } - - /* - * Check that g generates a multiplicative subgroup of order q. - * We only check that g^q == 1, so the order is a divisor of q. - * Once we know that q is prime, this is enough. - */ - - if (!BN_mod_exp_ct(result, dsa->g, dsa->q, dsa->p, ctx)) - goto err; - if (BN_cmp(result, BN_value_one()) != 0) { - DSAerror(DSA_R_INVALID_PARAMETERS); - goto err; - } - - /* - * Check that q is not a composite number. - */ - - if (BN_is_prime_ex(dsa->q, BN_prime_checks, ctx, NULL) <= 0) { - DSAerror(DSA_R_BAD_Q_VALUE); - goto err; - } - - if (!EVP_PKEY_assign_DSA(pkey, dsa)) - goto err; - dsa = NULL; - - ret = 1; - - err: - BN_CTX_end(ctx); - BN_CTX_free(ctx); - DSA_free(dsa); - - return ret; -} - -static int -old_dsa_priv_encode(const EVP_PKEY *pkey, unsigned char **key) -{ - return i2d_DSAPrivateKey(pkey->pkey.dsa, key); -} - -static int -dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, const ASN1_STRING *sig, - int indent, ASN1_PCTX *pctx) -{ - DSA_SIG *dsa_sig; - const unsigned char *p; - - if (!sig) { - if (BIO_puts(bp, "\n") <= 0) - return 0; - else - return 1; - } - p = sig->data; - dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length); - if (dsa_sig) { - int rv = 0; - - if (BIO_write(bp, "\n", 1) != 1) - goto err; - - if (!bn_printf(bp, dsa_sig->r, indent, "r: ")) - goto err; - if (!bn_printf(bp, dsa_sig->s, indent, "s: ")) - goto err; - rv = 1; - err: - DSA_SIG_free(dsa_sig); - return rv; - } - return X509_signature_dump(bp, sig, indent); -} - -static int -dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) -{ - switch (op) { - case ASN1_PKEY_CTRL_PKCS7_SIGN: - if (arg1 == 0) { - int snid, hnid; - X509_ALGOR *alg1, *alg2; - - PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2); - if (alg1 == NULL || alg1->algorithm == NULL) - return -1; - hnid = OBJ_obj2nid(alg1->algorithm); - if (hnid == NID_undef) - return -1; - if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey))) - return -1; - if (!X509_ALGOR_set0_by_nid(alg2, snid, V_ASN1_UNDEF, - NULL)) - return -1; - } - return 1; - -#ifndef OPENSSL_NO_CMS - case ASN1_PKEY_CTRL_CMS_SIGN: - if (arg1 == 0) { - int snid, hnid; - X509_ALGOR *alg1, *alg2; - - CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2); - if (alg1 == NULL || alg1->algorithm == NULL) - return -1; - hnid = OBJ_obj2nid(alg1->algorithm); - if (hnid == NID_undef) - return -1; - if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey))) - return -1; - if (!X509_ALGOR_set0_by_nid(alg2, snid, V_ASN1_UNDEF, - NULL)) - return -1; - } - return 1; - - case ASN1_PKEY_CTRL_CMS_RI_TYPE: - *(int *)arg2 = CMS_RECIPINFO_NONE; - return 1; -#endif - - case ASN1_PKEY_CTRL_DEFAULT_MD_NID: - *(int *)arg2 = NID_sha1; - return 2; - - default: - return -2; - } -} - -const EVP_PKEY_ASN1_METHOD dsa_asn1_meth = { - .base_method = &dsa_asn1_meth, - .pkey_id = EVP_PKEY_DSA, - - .pem_str = "DSA", - .info = "OpenSSL DSA method", - - .pub_decode = dsa_pub_decode, - .pub_encode = dsa_pub_encode, - .pub_cmp = dsa_pub_cmp, - .pub_print = dsa_pub_print, - - .priv_decode = dsa_priv_decode, - .priv_encode = dsa_priv_encode, - .priv_print = dsa_priv_print, - - .pkey_size = dsa_size, - .pkey_bits = dsa_bits, - .pkey_security_bits = dsa_security_bits, - - .param_decode = dsa_param_decode, - .param_encode = dsa_param_encode, - .param_missing = dsa_missing_parameters, - .param_copy = dsa_copy_parameters, - .param_cmp = dsa_cmp_parameters, - .param_print = dsa_param_print, - .sig_print = dsa_sig_print, - - .pkey_free = dsa_free, - .pkey_ctrl = dsa_pkey_ctrl, - .old_priv_decode = old_dsa_priv_decode, - .old_priv_encode = old_dsa_priv_encode -}; - -const EVP_PKEY_ASN1_METHOD dsa1_asn1_meth = { - .base_method = &dsa_asn1_meth, - .pkey_id = EVP_PKEY_DSA1, - .pkey_flags = ASN1_PKEY_ALIAS, -}; - -const EVP_PKEY_ASN1_METHOD dsa2_asn1_meth = { - .base_method = &dsa_asn1_meth, - .pkey_id = EVP_PKEY_DSA2, - .pkey_flags = ASN1_PKEY_ALIAS, -}; - -const EVP_PKEY_ASN1_METHOD dsa3_asn1_meth = { - .base_method = &dsa_asn1_meth, - .pkey_id = EVP_PKEY_DSA3, - .pkey_flags = ASN1_PKEY_ALIAS, -}; - -const EVP_PKEY_ASN1_METHOD dsa4_asn1_meth = { - .base_method = &dsa_asn1_meth, - .pkey_id = EVP_PKEY_DSA4, - .pkey_flags = ASN1_PKEY_ALIAS, -}; diff --git a/src/lib/libcrypto/dsa/dsa_asn1.c b/src/lib/libcrypto/dsa/dsa_asn1.c deleted file mode 100644 index de6ec46195..0000000000 --- a/src/lib/libcrypto/dsa/dsa_asn1.c +++ /dev/null @@ -1,479 +0,0 @@ -/* $OpenBSD: dsa_asn1.c,v 1.33 2024/07/08 17:11:05 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include -#include -#include - -#include "dsa_local.h" - -/* Override the default new methods */ -static int -sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) -{ - if (operation == ASN1_OP_NEW_PRE) { - DSA_SIG *sig; - - if ((sig = DSA_SIG_new()) == NULL) { - DSAerror(ERR_R_MALLOC_FAILURE); - return 0; - } - *pval = (ASN1_VALUE *)sig; - return 2; - } - return 1; -} - -static const ASN1_AUX DSA_SIG_aux = { - .app_data = NULL, - .flags = 0, - .ref_offset = 0, - .ref_lock = 0, - .asn1_cb = sig_cb, - .enc_offset = 0, -}; -static const ASN1_TEMPLATE DSA_SIG_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA_SIG, r), - .field_name = "r", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA_SIG, s), - .field_name = "s", - .item = &BIGNUM_it, - }, -}; - -static const ASN1_ITEM DSA_SIG_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = DSA_SIG_seq_tt, - .tcount = sizeof(DSA_SIG_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &DSA_SIG_aux, - .size = sizeof(DSA_SIG), - .sname = "DSA_SIG", -}; - - -DSA_SIG * -d2i_DSA_SIG(DSA_SIG **a, const unsigned char **in, long len) -{ - return (DSA_SIG *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &DSA_SIG_it); -} -LCRYPTO_ALIAS(d2i_DSA_SIG); - -int -i2d_DSA_SIG(const DSA_SIG *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &DSA_SIG_it); -} -LCRYPTO_ALIAS(i2d_DSA_SIG); - -void -DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps) -{ - if (pr != NULL) - *pr = sig->r; - if (ps != NULL) - *ps = sig->s; -} -LCRYPTO_ALIAS(DSA_SIG_get0); - -int -DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s) -{ - if (r == NULL || s == NULL) - return 0; - - BN_free(sig->r); - sig->r = r; - BN_free(sig->s); - sig->s = s; - - return 1; -} -LCRYPTO_ALIAS(DSA_SIG_set0); - -/* Override the default free and new methods */ -static int -dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) -{ - if (operation == ASN1_OP_NEW_PRE) { - *pval = (ASN1_VALUE *)DSA_new(); - if (*pval) - return 2; - return 0; - } else if (operation == ASN1_OP_FREE_PRE) { - DSA_free((DSA *)*pval); - *pval = NULL; - return 2; - } - return 1; -} - -static const ASN1_AUX DSAPrivateKey_aux = { - .app_data = NULL, - .flags = 0, - .ref_offset = 0, - .ref_lock = 0, - .asn1_cb = dsa_cb, - .enc_offset = 0, -}; -static const ASN1_TEMPLATE DSAPrivateKey_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, version), - .field_name = "version", - .item = &LONG_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, p), - .field_name = "p", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, q), - .field_name = "q", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, g), - .field_name = "g", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, pub_key), - .field_name = "pub_key", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, priv_key), - .field_name = "priv_key", - .item = &BIGNUM_it, - }, -}; - -const ASN1_ITEM DSAPrivateKey_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = DSAPrivateKey_seq_tt, - .tcount = sizeof(DSAPrivateKey_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &DSAPrivateKey_aux, - .size = sizeof(DSA), - .sname = "DSA", -}; -LCRYPTO_ALIAS(DSAPrivateKey_it); - - -DSA * -d2i_DSAPrivateKey(DSA **a, const unsigned char **in, long len) -{ - return (DSA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &DSAPrivateKey_it); -} -LCRYPTO_ALIAS(d2i_DSAPrivateKey); - -int -i2d_DSAPrivateKey(const DSA *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &DSAPrivateKey_it); -} -LCRYPTO_ALIAS(i2d_DSAPrivateKey); - -static const ASN1_AUX DSAparams_aux = { - .app_data = NULL, - .flags = 0, - .ref_offset = 0, - .ref_lock = 0, - .asn1_cb = dsa_cb, - .enc_offset = 0, -}; -static const ASN1_TEMPLATE DSAparams_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, p), - .field_name = "p", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, q), - .field_name = "q", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, g), - .field_name = "g", - .item = &BIGNUM_it, - }, -}; - -const ASN1_ITEM DSAparams_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = DSAparams_seq_tt, - .tcount = sizeof(DSAparams_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &DSAparams_aux, - .size = sizeof(DSA), - .sname = "DSA", -}; -LCRYPTO_ALIAS(DSAparams_it); - - -DSA * -d2i_DSAparams(DSA **a, const unsigned char **in, long len) -{ - return (DSA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &DSAparams_it); -} -LCRYPTO_ALIAS(d2i_DSAparams); - -int -i2d_DSAparams(const DSA *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &DSAparams_it); -} -LCRYPTO_ALIAS(i2d_DSAparams); - -DSA * -d2i_DSAparams_bio(BIO *bp, DSA **a) -{ - return ASN1_item_d2i_bio(&DSAparams_it, bp, a); -} -LCRYPTO_ALIAS(d2i_DSAparams_bio); - -int -i2d_DSAparams_bio(BIO *bp, DSA *a) -{ - return ASN1_item_i2d_bio(&DSAparams_it, bp, a); -} -LCRYPTO_ALIAS(i2d_DSAparams_bio); - -DSA * -d2i_DSAparams_fp(FILE *fp, DSA **a) -{ - return ASN1_item_d2i_fp(&DSAparams_it, fp, a); -} -LCRYPTO_ALIAS(d2i_DSAparams_fp); - -int -i2d_DSAparams_fp(FILE *fp, DSA *a) -{ - return ASN1_item_i2d_fp(&DSAparams_it, fp, a); -} -LCRYPTO_ALIAS(i2d_DSAparams_fp); - -static const ASN1_AUX DSAPublicKey_aux = { - .app_data = NULL, - .flags = 0, - .ref_offset = 0, - .ref_lock = 0, - .asn1_cb = dsa_cb, - .enc_offset = 0, -}; -static const ASN1_TEMPLATE DSAPublicKey_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, pub_key), - .field_name = "pub_key", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, p), - .field_name = "p", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, q), - .field_name = "q", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, g), - .field_name = "g", - .item = &BIGNUM_it, - }, -}; - -const ASN1_ITEM DSAPublicKey_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = DSAPublicKey_seq_tt, - .tcount = sizeof(DSAPublicKey_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &DSAPublicKey_aux, - .size = sizeof(DSA), - .sname = "DSA", -}; -LCRYPTO_ALIAS(DSAPublicKey_it); - -DSA * -d2i_DSAPublicKey(DSA **a, const unsigned char **in, long len) -{ - return (DSA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &DSAPublicKey_it); -} -LCRYPTO_ALIAS(d2i_DSAPublicKey); - -int -i2d_DSAPublicKey(const DSA *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &DSAPublicKey_it); -} -LCRYPTO_ALIAS(i2d_DSAPublicKey); - -DSA * -DSAparams_dup(DSA *dsa) -{ - return ASN1_item_dup(&DSAparams_it, dsa); -} -LCRYPTO_ALIAS(DSAparams_dup); - -int -DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, - unsigned int *out_siglen, DSA *dsa) -{ - DSA_SIG *s; - int siglen; - int ret = 0; - - *out_siglen = 0; - - if ((s = DSA_do_sign(dgst, dlen, dsa)) == NULL) - goto err; - - if ((siglen = i2d_DSA_SIG(s, &sig)) < 0) - goto err; - - *out_siglen = siglen; - - ret = 1; - err: - DSA_SIG_free(s); - - return ret; -} -LCRYPTO_ALIAS(DSA_sign); - -/* - * data has already been hashed (probably with SHA or SHA-1). - * returns - * 1: correct signature - * 0: incorrect signature - * -1: error - */ -int -DSA_verify(int type, const unsigned char *dgst, int dgst_len, - const unsigned char *sigbuf, int siglen, DSA *dsa) -{ - DSA_SIG *s = NULL; - unsigned char *der = NULL; - const unsigned char *p; - int ret = -1; - - p = sigbuf; - if ((s = d2i_DSA_SIG(NULL, &p, siglen)) == NULL) - goto err; - - /* Ensure signature uses DER and doesn't have trailing garbage */ - if (i2d_DSA_SIG(s, &der) != siglen) - goto err; - - if (memcmp(der, sigbuf, siglen) != 0) - goto err; - - ret = DSA_do_verify(dgst, dgst_len, s, dsa); - err: - free(der); - DSA_SIG_free(s); - - return ret; -} -LCRYPTO_ALIAS(DSA_verify); diff --git a/src/lib/libcrypto/dsa/dsa_err.c b/src/lib/libcrypto/dsa/dsa_err.c deleted file mode 100644 index b7670f895b..0000000000 --- a/src/lib/libcrypto/dsa/dsa_err.c +++ /dev/null @@ -1,104 +0,0 @@ -/* $OpenBSD: dsa_err.c,v 1.22 2024/06/24 06:43:22 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include - -#include "err_local.h" - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DSA,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DSA,0,reason) - -static const ERR_STRING_DATA DSA_str_functs[] = { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static const ERR_STRING_DATA DSA_str_reasons[] = { - {ERR_REASON(DSA_R_BAD_Q_VALUE) ,"bad q value"}, - {ERR_REASON(DSA_R_BN_DECODE_ERROR) ,"bn decode error"}, - {ERR_REASON(DSA_R_BN_ERROR) ,"bn error"}, - {ERR_REASON(DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"}, - {ERR_REASON(DSA_R_DECODE_ERROR) ,"decode error"}, - {ERR_REASON(DSA_R_INVALID_DIGEST_TYPE) ,"invalid digest type"}, - {ERR_REASON(DSA_R_INVALID_PARAMETERS) ,"invalid parameters"}, - {ERR_REASON(DSA_R_MISSING_PARAMETERS) ,"missing parameters"}, - {ERR_REASON(DSA_R_MODULUS_TOO_LARGE) ,"modulus too large"}, - {ERR_REASON(DSA_R_NEED_NEW_SETUP_VALUES) ,"need new setup values"}, - {ERR_REASON(DSA_R_NON_FIPS_DSA_METHOD) ,"non fips dsa method"}, - {ERR_REASON(DSA_R_NO_PARAMETERS_SET) ,"no parameters set"}, - {ERR_REASON(DSA_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"}, - {0,NULL} -}; - -#endif - -void -ERR_load_DSA_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(DSA_str_functs[0].error) == NULL) { - ERR_load_const_strings(DSA_str_functs); - ERR_load_const_strings(DSA_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_DSA_strings); diff --git a/src/lib/libcrypto/dsa/dsa_gen.c b/src/lib/libcrypto/dsa/dsa_gen.c deleted file mode 100644 index c8f626cd97..0000000000 --- a/src/lib/libcrypto/dsa/dsa_gen.c +++ /dev/null @@ -1,360 +0,0 @@ -/* $OpenBSD: dsa_gen.c,v 1.34 2025/02/13 11:18:00 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include /* To see if OPENSSL_NO_SHA is defined */ - -#ifndef OPENSSL_NO_SHA - -#include -#include -#include - -#include -#include -#include - -#include "bn_local.h" -#include "dsa_local.h" - -/* - * Primality test according to FIPS PUB 186-4, Appendix C.3. Set the number - * to 64 rounds of Miller-Rabin, which corresponds to 128 bits of security. - * This is necessary for keys of size >= 3072. - * XXX - now that we do BPSW the recommendation is to do 2 for p and 27 for q. - */ -#define DSA_prime_checks 64 - -int -DSA_generate_parameters_ex(DSA *ret, int bits, const unsigned char *seed_in, - int seed_len, int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) -{ - const EVP_MD *evpmd; - size_t qbits; - - if (bits >= 2048) { - qbits = 256; - evpmd = EVP_sha256(); - } else { - qbits = 160; - evpmd = EVP_sha1(); - } - - return dsa_builtin_paramgen(ret, bits, qbits, evpmd, seed_in, seed_len, - NULL, counter_ret, h_ret, cb); -} -LCRYPTO_ALIAS(DSA_generate_parameters_ex); - -int -dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, const EVP_MD *evpmd, - const unsigned char *seed_in, size_t seed_len, unsigned char *seed_out, - int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) -{ - int ok = 0; - unsigned char seed[SHA256_DIGEST_LENGTH]; - unsigned char md[SHA256_DIGEST_LENGTH]; - unsigned char buf[SHA256_DIGEST_LENGTH], buf2[SHA256_DIGEST_LENGTH]; - BIGNUM *r0, *W, *X, *c, *test; - BIGNUM *g = NULL, *q = NULL, *p = NULL; - BN_MONT_CTX *mont = NULL; - int i, k, n = 0, m = 0, qsize = qbits >> 3; - int counter = 0; - int r = 0; - BN_CTX *ctx = NULL; - unsigned int h = 2; - - if (qsize != SHA_DIGEST_LENGTH && qsize != SHA224_DIGEST_LENGTH && - qsize != SHA256_DIGEST_LENGTH) - /* invalid q size */ - return 0; - - if (evpmd == NULL) - /* use SHA1 as default */ - evpmd = EVP_sha1(); - - if (bits < 512) - bits = 512; - - bits = (bits + 63) / 64 * 64; - - if (seed_len < (size_t)qsize) { - seed_in = NULL; /* seed buffer too small -- ignore */ - seed_len = 0; - } - /* - * App. 2.2 of FIPS PUB 186 allows larger SEED, - * but our internal buffers are restricted to 160 bits - */ - if (seed_len > (size_t)qsize) - seed_len = qsize; - if (seed_in != NULL) - memcpy(seed, seed_in, seed_len); - else if (seed_len != 0) - goto err; - - if ((ctx = BN_CTX_new()) == NULL) - goto err; - - BN_CTX_start(ctx); - - if ((r0 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((g = BN_CTX_get(ctx)) == NULL) - goto err; - if ((W = BN_CTX_get(ctx)) == NULL) - goto err; - if ((q = BN_CTX_get(ctx)) == NULL) - goto err; - if ((X = BN_CTX_get(ctx)) == NULL) - goto err; - if ((c = BN_CTX_get(ctx)) == NULL) - goto err; - if ((p = BN_CTX_get(ctx)) == NULL) - goto err; - if ((test = BN_CTX_get(ctx)) == NULL) - goto err; - - if (!BN_lshift(test, BN_value_one(), bits - 1)) - goto err; - - for (;;) { - for (;;) { /* find q */ - int seed_is_random; - - /* step 1 */ - if (!BN_GENCB_call(cb, 0, m++)) - goto err; - - if (seed_len == 0) { - arc4random_buf(seed, qsize); - seed_is_random = 1; - } else { - seed_is_random = 0; - /* use random seed if 'seed_in' turns out - to be bad */ - seed_len = 0; - } - memcpy(buf, seed, qsize); - memcpy(buf2, seed, qsize); - /* precompute "SEED + 1" for step 7: */ - for (i = qsize - 1; i >= 0; i--) { - buf[i]++; - if (buf[i] != 0) - break; - } - - /* step 2 */ - if (!EVP_Digest(seed, qsize, md, NULL, evpmd, NULL)) - goto err; - if (!EVP_Digest(buf, qsize, buf2, NULL, evpmd, NULL)) - goto err; - for (i = 0; i < qsize; i++) - md[i] ^= buf2[i]; - - /* step 3 */ - md[0] |= 0x80; - md[qsize - 1] |= 0x01; - if (!BN_bin2bn(md, qsize, q)) - goto err; - - /* step 4 */ - r = BN_is_prime_fasttest_ex(q, DSA_prime_checks, ctx, - seed_is_random, cb); - if (r > 0) - break; - if (r != 0) - goto err; - - /* do a callback call */ - /* step 5 */ - } - - if (!BN_GENCB_call(cb, 2, 0)) - goto err; - if (!BN_GENCB_call(cb, 3, 0)) - goto err; - - /* step 6 */ - counter = 0; - /* "offset = 2" */ - - n = (bits - 1) / 160; - - for (;;) { - if (counter != 0 && !BN_GENCB_call(cb, 0, counter)) - goto err; - - /* step 7 */ - BN_zero(W); - /* now 'buf' contains "SEED + offset - 1" */ - for (k = 0; k <= n; k++) { - /* obtain "SEED + offset + k" by incrementing: */ - for (i = qsize - 1; i >= 0; i--) { - buf[i]++; - if (buf[i] != 0) - break; - } - - if (!EVP_Digest(buf, qsize, md ,NULL, evpmd, - NULL)) - goto err; - - /* step 8 */ - if (!BN_bin2bn(md, qsize, r0)) - goto err; - if (!BN_lshift(r0, r0, (qsize << 3) * k)) - goto err; - if (!BN_add(W, W, r0)) - goto err; - } - - /* more of step 8 */ - if (!BN_mask_bits(W, bits - 1)) - goto err; - if (!bn_copy(X, W)) - goto err; - if (!BN_add(X, X, test)) - goto err; - - /* step 9 */ - if (!BN_lshift1(r0, q)) - goto err; - if (!BN_mod_ct(c, X, r0, ctx)) - goto err; - if (!BN_sub(r0, c, BN_value_one())) - goto err; - if (!BN_sub(p, X, r0)) - goto err; - - /* step 10 */ - if (BN_cmp(p, test) >= 0) { - /* step 11 */ - r = BN_is_prime_fasttest_ex(p, DSA_prime_checks, - ctx, 1, cb); - if (r > 0) - goto end; /* found it */ - if (r != 0) - goto err; - } - - /* step 13 */ - counter++; - /* "offset = offset + n + 1" */ - - /* step 14 */ - if (counter >= 4096) - break; - } - } -end: - if (!BN_GENCB_call(cb, 2, 1)) - goto err; - - /* We now need to generate g */ - /* Set r0=(p-1)/q */ - if (!BN_sub(test, p, BN_value_one())) - goto err; - if (!BN_div_ct(r0, NULL, test, q, ctx)) - goto err; - - if (!BN_set_word(test, h)) - goto err; - if ((mont = BN_MONT_CTX_create(p, ctx)) == NULL) - goto err; - - for (;;) { - /* g=test^r0%p */ - if (!BN_mod_exp_mont_ct(g, test, r0, p, ctx, mont)) - goto err; - if (!BN_is_one(g)) - break; - if (!BN_add(test, test, BN_value_one())) - goto err; - h++; - } - - if (!BN_GENCB_call(cb, 3, 1)) - goto err; - - ok = 1; -err: - if (ok) { - BN_free(ret->p); - BN_free(ret->q); - BN_free(ret->g); - ret->p = BN_dup(p); - ret->q = BN_dup(q); - ret->g = BN_dup(g); - if (ret->p == NULL || ret->q == NULL || ret->g == NULL) { - ok = 0; - goto err; - } - if (counter_ret != NULL) - *counter_ret = counter; - if (h_ret != NULL) - *h_ret = h; - if (seed_out != NULL) - memcpy(seed_out, seed, qsize); - } - BN_CTX_end(ctx); - BN_CTX_free(ctx); - BN_MONT_CTX_free(mont); - - return ok; -} - -#endif diff --git a/src/lib/libcrypto/dsa/dsa_key.c b/src/lib/libcrypto/dsa/dsa_key.c deleted file mode 100644 index 5fbedcf705..0000000000 --- a/src/lib/libcrypto/dsa/dsa_key.c +++ /dev/null @@ -1,111 +0,0 @@ -/* $OpenBSD: dsa_key.c,v 1.37 2024/05/11 06:43:50 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include - -#ifndef OPENSSL_NO_SHA - -#include -#include - -#include "bn_local.h" -#include "dsa_local.h" - -int -DSA_generate_key(DSA *dsa) -{ - BIGNUM *pub_key = NULL, *priv_key = NULL; - BN_CTX *ctx = NULL; - int ok = 0; - - if ((priv_key = BN_new()) == NULL) - goto err; - if ((pub_key = BN_new()) == NULL) - goto err; - - if ((ctx = BN_CTX_new()) == NULL) - goto err; - - if (!bn_rand_interval(priv_key, 1, dsa->q)) - goto err; - if (!BN_mod_exp_ct(pub_key, dsa->g, priv_key, dsa->p, ctx)) - goto err; - - BN_free(dsa->priv_key); - dsa->priv_key = priv_key; - priv_key = NULL; - - BN_free(dsa->pub_key); - dsa->pub_key = pub_key; - pub_key = NULL; - - ok = 1; - - err: - BN_free(pub_key); - BN_free(priv_key); - BN_CTX_free(ctx); - - return ok; -} -LCRYPTO_ALIAS(DSA_generate_key); - -#endif diff --git a/src/lib/libcrypto/dsa/dsa_lib.c b/src/lib/libcrypto/dsa/dsa_lib.c deleted file mode 100644 index daf2fa135b..0000000000 --- a/src/lib/libcrypto/dsa/dsa_lib.c +++ /dev/null @@ -1,483 +0,0 @@ -/* $OpenBSD: dsa_lib.c,v 1.48 2024/03/27 01:49:31 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* Original version from Steven Schoch */ - -#include - -#include - -#include -#include -#include -#include - -#ifndef OPENSSL_NO_DH -#include -#endif - -#include "dh_local.h" -#include "dsa_local.h" - -static const DSA_METHOD *default_DSA_method = NULL; - -void -DSA_set_default_method(const DSA_METHOD *meth) -{ - default_DSA_method = meth; -} -LCRYPTO_ALIAS(DSA_set_default_method); - -const DSA_METHOD * -DSA_get_default_method(void) -{ - if (!default_DSA_method) - default_DSA_method = DSA_OpenSSL(); - return default_DSA_method; -} -LCRYPTO_ALIAS(DSA_get_default_method); - -DSA * -DSA_new(void) -{ - return DSA_new_method(NULL); -} -LCRYPTO_ALIAS(DSA_new); - -int -DSA_set_method(DSA *dsa, const DSA_METHOD *meth) -{ - /* - * NB: The caller is specifically setting a method, so it's not up to us - * to deal with which ENGINE it comes from. - */ - const DSA_METHOD *mtmp; - mtmp = dsa->meth; - if (mtmp->finish) - mtmp->finish(dsa); - dsa->meth = meth; - if (meth->init) - meth->init(dsa); - return 1; -} -LCRYPTO_ALIAS(DSA_set_method); - -DSA * -DSA_new_method(ENGINE *engine) -{ - DSA *dsa; - - if ((dsa = calloc(1, sizeof(DSA))) == NULL) { - DSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - dsa->meth = DSA_get_default_method(); - dsa->flags = dsa->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW; - dsa->references = 1; - - if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, dsa, &dsa->ex_data)) - goto err; - if (dsa->meth->init != NULL && !dsa->meth->init(dsa)) - goto err; - - return dsa; - - err: - DSA_free(dsa); - - return NULL; -} -LCRYPTO_ALIAS(DSA_new_method); - -void -DSA_free(DSA *dsa) -{ - if (dsa == NULL) - return; - - if (CRYPTO_add(&dsa->references, -1, CRYPTO_LOCK_DSA) > 0) - return; - - if (dsa->meth != NULL && dsa->meth->finish != NULL) - dsa->meth->finish(dsa); - - CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, dsa, &dsa->ex_data); - - BN_free(dsa->p); - BN_free(dsa->q); - BN_free(dsa->g); - BN_free(dsa->pub_key); - BN_free(dsa->priv_key); - BN_free(dsa->kinv); - BN_free(dsa->r); - free(dsa); -} -LCRYPTO_ALIAS(DSA_free); - -int -DSA_up_ref(DSA *dsa) -{ - return CRYPTO_add(&dsa->references, 1, CRYPTO_LOCK_DSA) > 1; -} -LCRYPTO_ALIAS(DSA_up_ref); - -int -DSA_size(const DSA *dsa) -{ - DSA_SIG signature; - int ret = 0; - - signature.r = dsa->q; - signature.s = dsa->q; - - if ((ret = i2d_DSA_SIG(&signature, NULL)) < 0) - ret = 0; - - return ret; -} -LCRYPTO_ALIAS(DSA_size); - -int -DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) -{ - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, argl, argp, - new_func, dup_func, free_func); -} -LCRYPTO_ALIAS(DSA_get_ex_new_index); - -int -DSA_set_ex_data(DSA *dsa, int idx, void *arg) -{ - return CRYPTO_set_ex_data(&dsa->ex_data, idx, arg); -} -LCRYPTO_ALIAS(DSA_set_ex_data); - -void * -DSA_get_ex_data(DSA *dsa, int idx) -{ - return CRYPTO_get_ex_data(&dsa->ex_data, idx); -} -LCRYPTO_ALIAS(DSA_get_ex_data); - -int -DSA_security_bits(const DSA *dsa) -{ - if (dsa->p == NULL || dsa->q == NULL) - return -1; - - return BN_security_bits(BN_num_bits(dsa->p), BN_num_bits(dsa->q)); -} -LCRYPTO_ALIAS(DSA_security_bits); - -#ifndef OPENSSL_NO_DH -DH * -DSA_dup_DH(const DSA *dsa) -{ - /* - * DSA has p, q, g, optional pub_key, optional priv_key. - * DH has p, optional length, g, optional pub_key, optional priv_key, - * optional q. - */ - DH *dh = NULL; - - if (dsa == NULL) - goto err; - - if ((dh = DH_new()) == NULL) - goto err; - - if (dsa->p != NULL) { - if ((dh->p = BN_dup(dsa->p)) == NULL) - goto err; - } - if (dsa->q != NULL) { - dh->length = BN_num_bits(dsa->q); - if ((dh->q = BN_dup(dsa->q)) == NULL) - goto err; - } - if (dsa->g != NULL) { - if ((dh->g = BN_dup(dsa->g)) == NULL) - goto err; - } - if (dsa->pub_key != NULL) { - if ((dh->pub_key = BN_dup(dsa->pub_key)) == NULL) - goto err; - } - if (dsa->priv_key != NULL) { - if ((dh->priv_key = BN_dup(dsa->priv_key)) == NULL) - goto err; - } - - return dh; - - err: - DH_free(dh); - return NULL; -} -LCRYPTO_ALIAS(DSA_dup_DH); -#endif - -void -DSA_get0_pqg(const DSA *dsa, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) -{ - if (p != NULL) - *p = dsa->p; - if (q != NULL) - *q = dsa->q; - if (g != NULL) - *g = dsa->g; -} -LCRYPTO_ALIAS(DSA_get0_pqg); - -int -DSA_set0_pqg(DSA *dsa, BIGNUM *p, BIGNUM *q, BIGNUM *g) -{ - if ((dsa->p == NULL && p == NULL) || (dsa->q == NULL && q == NULL) || - (dsa->g == NULL && g == NULL)) - return 0; - - if (p != NULL) { - BN_free(dsa->p); - dsa->p = p; - } - if (q != NULL) { - BN_free(dsa->q); - dsa->q = q; - } - if (g != NULL) { - BN_free(dsa->g); - dsa->g = g; - } - - return 1; -} -LCRYPTO_ALIAS(DSA_set0_pqg); - -void -DSA_get0_key(const DSA *dsa, const BIGNUM **pub_key, const BIGNUM **priv_key) -{ - if (pub_key != NULL) - *pub_key = dsa->pub_key; - if (priv_key != NULL) - *priv_key = dsa->priv_key; -} -LCRYPTO_ALIAS(DSA_get0_key); - -int -DSA_set0_key(DSA *dsa, BIGNUM *pub_key, BIGNUM *priv_key) -{ - if (dsa->pub_key == NULL && pub_key == NULL) - return 0; - - if (pub_key != NULL) { - BN_free(dsa->pub_key); - dsa->pub_key = pub_key; - } - if (priv_key != NULL) { - BN_free(dsa->priv_key); - dsa->priv_key = priv_key; - } - - return 1; -} -LCRYPTO_ALIAS(DSA_set0_key); - -const BIGNUM * -DSA_get0_p(const DSA *dsa) -{ - return dsa->p; -} -LCRYPTO_ALIAS(DSA_get0_p); - -const BIGNUM * -DSA_get0_q(const DSA *dsa) -{ - return dsa->q; -} -LCRYPTO_ALIAS(DSA_get0_q); - -const BIGNUM * -DSA_get0_g(const DSA *dsa) -{ - return dsa->g; -} -LCRYPTO_ALIAS(DSA_get0_g); - -const BIGNUM * -DSA_get0_pub_key(const DSA *dsa) -{ - return dsa->pub_key; -} -LCRYPTO_ALIAS(DSA_get0_pub_key); - -const BIGNUM * -DSA_get0_priv_key(const DSA *dsa) -{ - return dsa->priv_key; -} -LCRYPTO_ALIAS(DSA_get0_priv_key); - -void -DSA_clear_flags(DSA *dsa, int flags) -{ - dsa->flags &= ~flags; -} -LCRYPTO_ALIAS(DSA_clear_flags); - -int -DSA_test_flags(const DSA *dsa, int flags) -{ - return dsa->flags & flags; -} -LCRYPTO_ALIAS(DSA_test_flags); - -void -DSA_set_flags(DSA *dsa, int flags) -{ - dsa->flags |= flags; -} -LCRYPTO_ALIAS(DSA_set_flags); - -ENGINE * -DSA_get0_engine(DSA *dsa) -{ - return NULL; -} -LCRYPTO_ALIAS(DSA_get0_engine); - -int -DSA_bits(const DSA *dsa) -{ - return BN_num_bits(dsa->p); -} -LCRYPTO_ALIAS(DSA_bits); - -int -dsa_check_key(const DSA *dsa) -{ - int p_bits, q_bits; - - if (dsa->p == NULL || dsa->q == NULL || dsa->g == NULL) { - DSAerror(DSA_R_MISSING_PARAMETERS); - return 0; - } - - /* Checking that p and q are primes is expensive. Check they are odd. */ - if (!BN_is_odd(dsa->p) || !BN_is_odd(dsa->q)) { - DSAerror(DSA_R_INVALID_PARAMETERS); - return 0; - } - - /* FIPS 186-4: 1 < g < p. */ - if (BN_cmp(dsa->g, BN_value_one()) <= 0 || - BN_cmp(dsa->g, dsa->p) >= 0) { - DSAerror(DSA_R_INVALID_PARAMETERS); - return 0; - } - - /* We know p and g are positive. The next two checks imply q > 0. */ - if (BN_is_negative(dsa->q)) { - DSAerror(DSA_R_BAD_Q_VALUE); - return 0; - } - - /* FIPS 186-4 only allows three sizes for q. */ - q_bits = BN_num_bits(dsa->q); - if (q_bits != 160 && q_bits != 224 && q_bits != 256) { - DSAerror(DSA_R_BAD_Q_VALUE); - return 0; - } - - /* - * XXX - FIPS 186-4 only allows 1024, 2048, and 3072 bits for p. - * Cap the size to reduce DoS risks. Poor defaults make keys with - * incorrect p sizes >= 512 bits common, so only enforce a weak - * lower bound. - */ - p_bits = BN_num_bits(dsa->p); - if (p_bits > OPENSSL_DSA_MAX_MODULUS_BITS) { - DSAerror(DSA_R_MODULUS_TOO_LARGE); - return 0; - } - if (p_bits < 512) { - DSAerror(DSA_R_INVALID_PARAMETERS); - return 0; - } - - /* The public key must be in the multiplicative group (mod p). */ - if (dsa->pub_key != NULL) { - if (BN_cmp(dsa->pub_key, BN_value_one()) <= 0 || - BN_cmp(dsa->pub_key, dsa->p) >= 0) { - DSAerror(DSA_R_INVALID_PARAMETERS); - return 0; - } - } - - /* The private key must be nonzero and in GF(q). */ - if (dsa->priv_key != NULL) { - if (BN_cmp(dsa->priv_key, BN_value_one()) < 0 || - BN_cmp(dsa->priv_key, dsa->q) >= 0) { - DSAerror(DSA_R_INVALID_PARAMETERS); - return 0; - } - } - - return 1; -} diff --git a/src/lib/libcrypto/dsa/dsa_local.h b/src/lib/libcrypto/dsa/dsa_local.h deleted file mode 100644 index fc77c09fcb..0000000000 --- a/src/lib/libcrypto/dsa/dsa_local.h +++ /dev/null @@ -1,104 +0,0 @@ -/* $OpenBSD: dsa_local.h,v 1.5 2024/11/29 07:42:35 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 2007 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -__BEGIN_HIDDEN_DECLS - -struct DSA_SIG_st { - BIGNUM *r; - BIGNUM *s; -} /* DSA_SIG */; - -struct dsa_method { - char *name; - DSA_SIG *(*dsa_do_sign)(const unsigned char *dgst, int dlen, DSA *dsa); - int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, - BIGNUM **rp); - int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa); - int (*init)(DSA *dsa); - int (*finish)(DSA *dsa); - int flags; -} /* DSA_METHOD */; - -struct dsa_st { - long version; - BIGNUM *p; - BIGNUM *q; /* == 20 */ - BIGNUM *g; - - BIGNUM *pub_key; /* y public key */ - BIGNUM *priv_key; /* x private key */ - - BIGNUM *kinv; /* Signing pre-calc */ - BIGNUM *r; /* Signing pre-calc */ - - int flags; - /* Normally used to cache montgomery values */ - BN_MONT_CTX *method_mont_p; - int references; - CRYPTO_EX_DATA ex_data; - const DSA_METHOD *meth; -} /* DSA */; - -int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, - const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len, - unsigned char *seed_out, - int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); - -int dsa_check_key(const DSA *dsa); - -__END_HIDDEN_DECLS diff --git a/src/lib/libcrypto/dsa/dsa_meth.c b/src/lib/libcrypto/dsa/dsa_meth.c deleted file mode 100644 index c84b5287e1..0000000000 --- a/src/lib/libcrypto/dsa/dsa_meth.c +++ /dev/null @@ -1,110 +0,0 @@ -/* $OpenBSD: dsa_meth.c,v 1.7 2023/07/08 14:28:15 beck Exp $ */ -/* - * Copyright (c) 2018 Theo Buehler - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include - -#include -#include - -#include "dsa_local.h" - -DSA_METHOD * -DSA_meth_new(const char *name, int flags) -{ - DSA_METHOD *meth; - - if ((meth = calloc(1, sizeof(*meth))) == NULL) - return NULL; - if ((meth->name = strdup(name)) == NULL) { - free(meth); - return NULL; - } - meth->flags = flags; - - return meth; -} -LCRYPTO_ALIAS(DSA_meth_new); - -void -DSA_meth_free(DSA_METHOD *meth) -{ - if (meth == NULL) - return; - - free(meth->name); - free(meth); -} -LCRYPTO_ALIAS(DSA_meth_free); - -DSA_METHOD * -DSA_meth_dup(const DSA_METHOD *meth) -{ - DSA_METHOD *copy; - - if ((copy = calloc(1, sizeof(*copy))) == NULL) - return NULL; - memcpy(copy, meth, sizeof(*copy)); - if ((copy->name = strdup(meth->name)) == NULL) { - free(copy); - return NULL; - } - - return copy; -} -LCRYPTO_ALIAS(DSA_meth_dup); - -const char * -DSA_meth_get0_name(const DSA_METHOD *meth) -{ - return meth->name; -} -LCRYPTO_ALIAS(DSA_meth_get0_name); - -int -DSA_meth_set1_name(DSA_METHOD *meth, const char *name) -{ - char *new_name; - - if ((new_name = strdup(name)) == NULL) { - DSAerror(ERR_R_MALLOC_FAILURE); - return 0; - } - - free(meth->name); - meth->name = new_name; - - return 1; -} -LCRYPTO_ALIAS(DSA_meth_set1_name); - -int -DSA_meth_set_sign(DSA_METHOD *meth, - DSA_SIG *(*sign)(const unsigned char *, int, DSA *)) -{ - meth->dsa_do_sign = sign; - return 1; -} -LCRYPTO_ALIAS(DSA_meth_set_sign); - -int -DSA_meth_set_finish(DSA_METHOD *meth, int (*finish)(DSA *)) -{ - meth->finish = finish; - return 1; -} -LCRYPTO_ALIAS(DSA_meth_set_finish); diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c deleted file mode 100644 index c53c8b9001..0000000000 --- a/src/lib/libcrypto/dsa/dsa_ossl.c +++ /dev/null @@ -1,456 +0,0 @@ -/* $OpenBSD: dsa_ossl.c,v 1.56 2024/05/11 06:43:50 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* Original version from Steven Schoch */ - -#include - -#include -#include -#include -#include -#include - -#include "bn_local.h" -#include "dsa_local.h" - -/* - * Since DSA parameters are entirely arbitrary and checking them to be - * consistent is very expensive, we cannot do so on every sign operation. - * Instead, cap the number of retries so we do not loop indefinitely if - * the generator of the multiplicative group happens to be nilpotent. - * The probability of needing a retry with valid parameters is negligible, - * so trying 32 times is amply enough. - */ -#define DSA_MAX_SIGN_ITERATIONS 32 - -static DSA_SIG * -dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) -{ - BIGNUM *b = NULL, *bm = NULL, *bxr = NULL, *binv = NULL, *m = NULL; - BIGNUM *kinv = NULL, *r = NULL, *s = NULL; - BN_CTX *ctx = NULL; - int reason = ERR_R_BN_LIB; - DSA_SIG *ret = NULL; - int attempts = 0; - int noredo = 0; - - if (!dsa_check_key(dsa)) { - reason = DSA_R_INVALID_PARAMETERS; - goto err; - } - - if ((s = BN_new()) == NULL) - goto err; - - if ((ctx = BN_CTX_new()) == NULL) - goto err; - - BN_CTX_start(ctx); - - if ((b = BN_CTX_get(ctx)) == NULL) - goto err; - if ((binv = BN_CTX_get(ctx)) == NULL) - goto err; - if ((bm = BN_CTX_get(ctx)) == NULL) - goto err; - if ((bxr = BN_CTX_get(ctx)) == NULL) - goto err; - if ((m = BN_CTX_get(ctx)) == NULL) - goto err; - - /* - * If the digest length is greater than N (the bit length of q), the - * leftmost N bits of the digest shall be used, see FIPS 186-3, 4.2. - * In this case the digest length is given in bytes. - */ - if (dlen > BN_num_bytes(dsa->q)) - dlen = BN_num_bytes(dsa->q); - if (BN_bin2bn(dgst, dlen, m) == NULL) - goto err; - - redo: - if (dsa->kinv == NULL || dsa->r == NULL) { - if (!DSA_sign_setup(dsa, ctx, &kinv, &r)) - goto err; - } else { - kinv = dsa->kinv; - dsa->kinv = NULL; - r = dsa->r; - dsa->r = NULL; - noredo = 1; - } - - /* - * Compute: - * - * s = inv(k)(m + xr) mod q - * - * In order to reduce the possibility of a side-channel attack, the - * following is calculated using a blinding value: - * - * s = inv(b)(bm + bxr)inv(k) mod q - * - * Where b is a random value in the range [1, q). - */ - if (!bn_rand_interval(b, 1, dsa->q)) - goto err; - if (BN_mod_inverse_ct(binv, b, dsa->q, ctx) == NULL) - goto err; - - if (!BN_mod_mul(bxr, b, dsa->priv_key, dsa->q, ctx)) /* bx */ - goto err; - if (!BN_mod_mul(bxr, bxr, r, dsa->q, ctx)) /* bxr */ - goto err; - if (!BN_mod_mul(bm, b, m, dsa->q, ctx)) /* bm */ - goto err; - if (!BN_mod_add(s, bxr, bm, dsa->q, ctx)) /* s = bm + bxr */ - goto err; - if (!BN_mod_mul(s, s, kinv, dsa->q, ctx)) /* s = b(m + xr)k^-1 */ - goto err; - if (!BN_mod_mul(s, s, binv, dsa->q, ctx)) /* s = (m + xr)k^-1 */ - goto err; - - /* - * Redo if r or s is zero as required by FIPS 186-3: this is very - * unlikely. - */ - if (BN_is_zero(r) || BN_is_zero(s)) { - if (noredo) { - reason = DSA_R_NEED_NEW_SETUP_VALUES; - goto err; - } - if (++attempts > DSA_MAX_SIGN_ITERATIONS) { - reason = DSA_R_INVALID_PARAMETERS; - goto err; - } - goto redo; - } - - if ((ret = DSA_SIG_new()) == NULL) { - reason = ERR_R_MALLOC_FAILURE; - goto err; - } - ret->r = r; - ret->s = s; - - err: - if (!ret) { - DSAerror(reason); - BN_free(r); - BN_free(s); - } - BN_CTX_end(ctx); - BN_CTX_free(ctx); - BN_free(kinv); - - return ret; -} - -static int -dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) -{ - BIGNUM *k = NULL, *l = NULL, *m = NULL, *kinv = NULL, *r = NULL; - BN_CTX *ctx = NULL; - int q_bits; - int ret = 0; - - if (!dsa_check_key(dsa)) - goto err; - - if ((r = BN_new()) == NULL) - goto err; - - if ((ctx = ctx_in) == NULL) - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - - BN_CTX_start(ctx); - - if ((k = BN_CTX_get(ctx)) == NULL) - goto err; - if ((l = BN_CTX_get(ctx)) == NULL) - goto err; - if ((m = BN_CTX_get(ctx)) == NULL) - goto err; - - /* Preallocate space */ - q_bits = BN_num_bits(dsa->q); - if (!BN_set_bit(k, q_bits) || - !BN_set_bit(l, q_bits) || - !BN_set_bit(m, q_bits)) - goto err; - - if (!bn_rand_interval(k, 1, dsa->q)) - goto err; - - BN_set_flags(k, BN_FLG_CONSTTIME); - - if (dsa->flags & DSA_FLAG_CACHE_MONT_P) { - if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p, - CRYPTO_LOCK_DSA, dsa->p, ctx)) - goto err; - } - - /* Compute r = (g^k mod p) mod q */ - - /* - * We do not want timing information to leak the length of k, - * so we compute G^k using an equivalent exponent of fixed - * bit-length. - * - * We unconditionally perform both of these additions to prevent a - * small timing information leakage. We then choose the sum that is - * one bit longer than the modulus. - * - * TODO: revisit the bn_copy aiming for a memory access agnostic - * conditional copy. - */ - - if (!BN_add(l, k, dsa->q) || - !BN_add(m, l, dsa->q) || - !bn_copy(k, BN_num_bits(l) > q_bits ? l : m)) - goto err; - - if (!BN_mod_exp_mont_ct(r, dsa->g, k, dsa->p, ctx, dsa->method_mont_p)) - goto err; - - if (!BN_mod_ct(r, r, dsa->q, ctx)) - goto err; - - /* Compute part of 's = inv(k) (m + xr) mod q' */ - if ((kinv = BN_mod_inverse_ct(NULL, k, dsa->q, ctx)) == NULL) - goto err; - - BN_free(*kinvp); - *kinvp = kinv; - kinv = NULL; - - BN_free(*rp); - *rp = r; - - ret = 1; - - err: - if (!ret) { - DSAerror(ERR_R_BN_LIB); - BN_free(r); - } - BN_CTX_end(ctx); - if (ctx != ctx_in) - BN_CTX_free(ctx); - - return ret; -} - -static int -dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa) -{ - BIGNUM *u1 = NULL, *u2 = NULL, *t1 = NULL; - BN_CTX *ctx = NULL; - BN_MONT_CTX *mont = NULL; - int qbits; - int ret = -1; - - if (!dsa_check_key(dsa)) - goto err; - - if ((ctx = BN_CTX_new()) == NULL) - goto err; - - BN_CTX_start(ctx); - - if ((u1 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((u2 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((t1 = BN_CTX_get(ctx)) == NULL) - goto err; - - if (BN_is_zero(sig->r) || BN_is_negative(sig->r) || - BN_ucmp(sig->r, dsa->q) >= 0) { - ret = 0; - goto err; - } - if (BN_is_zero(sig->s) || BN_is_negative(sig->s) || - BN_ucmp(sig->s, dsa->q) >= 0) { - ret = 0; - goto err; - } - - /* Calculate w = inv(s) mod q, saving w in u2. */ - if ((BN_mod_inverse_ct(u2, sig->s, dsa->q, ctx)) == NULL) - goto err; - - /* - * If the digest length is greater than the size of q use the - * BN_num_bits(dsa->q) leftmost bits of the digest, see FIPS 186-4, 4.2. - */ - qbits = BN_num_bits(dsa->q); - if (dgst_len > (qbits >> 3)) - dgst_len = (qbits >> 3); - - /* Save m in u1. */ - if (BN_bin2bn(dgst, dgst_len, u1) == NULL) - goto err; - - /* u1 = m * w mod q */ - if (!BN_mod_mul(u1, u1, u2, dsa->q, ctx)) - goto err; - - /* u2 = r * w mod q */ - if (!BN_mod_mul(u2, sig->r, u2, dsa->q, ctx)) - goto err; - - if (dsa->flags & DSA_FLAG_CACHE_MONT_P) { - mont = BN_MONT_CTX_set_locked(&dsa->method_mont_p, - CRYPTO_LOCK_DSA, dsa->p, ctx); - if (!mont) - goto err; - } - - if (!BN_mod_exp2_mont(t1, dsa->g, u1, dsa->pub_key, u2, dsa->p, - ctx, mont)) - goto err; - - /* let u1 = u1 mod q */ - if (!BN_mod_ct(u1, t1, dsa->q, ctx)) - goto err; - - /* v is in u1 - if the signature is correct, it will be equal to r. */ - ret = BN_ucmp(u1, sig->r) == 0; - - err: - if (ret < 0) - DSAerror(ERR_R_BN_LIB); - BN_CTX_end(ctx); - BN_CTX_free(ctx); - - return ret; -} - -static int -dsa_init(DSA *dsa) -{ - dsa->flags |= DSA_FLAG_CACHE_MONT_P; - return 1; -} - -static int -dsa_finish(DSA *dsa) -{ - BN_MONT_CTX_free(dsa->method_mont_p); - return 1; -} - -static const DSA_METHOD openssl_dsa_meth = { - .name = "OpenSSL DSA method", - .dsa_do_sign = dsa_do_sign, - .dsa_sign_setup = dsa_sign_setup, - .dsa_do_verify = dsa_do_verify, - .init = dsa_init, - .finish = dsa_finish, -}; - -const DSA_METHOD * -DSA_OpenSSL(void) -{ - return &openssl_dsa_meth; -} -LCRYPTO_ALIAS(DSA_OpenSSL); - -DSA_SIG * -DSA_SIG_new(void) -{ - return calloc(1, sizeof(DSA_SIG)); -} -LCRYPTO_ALIAS(DSA_SIG_new); - -void -DSA_SIG_free(DSA_SIG *sig) -{ - if (sig == NULL) - return; - - BN_free(sig->r); - BN_free(sig->s); - free(sig); -} -LCRYPTO_ALIAS(DSA_SIG_free); - -int -DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) -{ - return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp); -} -LCRYPTO_ALIAS(DSA_sign_setup); - -DSA_SIG * -DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) -{ - return dsa->meth->dsa_do_sign(dgst, dlen, dsa); -} -LCRYPTO_ALIAS(DSA_do_sign); - -int -DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa) -{ - return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa); -} -LCRYPTO_ALIAS(DSA_do_verify); diff --git a/src/lib/libcrypto/dsa/dsa_pmeth.c b/src/lib/libcrypto/dsa/dsa_pmeth.c deleted file mode 100644 index adc7319731..0000000000 --- a/src/lib/libcrypto/dsa/dsa_pmeth.c +++ /dev/null @@ -1,351 +0,0 @@ -/* $OpenBSD: dsa_pmeth.c,v 1.21 2024/10/19 14:39:44 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2006. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include - -#include -#include -#include -#include -#include - -#include "bn_local.h" -#include "dsa_local.h" -#include "evp_local.h" - -/* DSA pkey context structure */ - -typedef struct { - /* Parameter gen parameters */ - int nbits; /* size of p in bits (default: 1024) */ - int qbits; /* size of q in bits (default: 160) */ - const EVP_MD *pmd; /* MD for parameter generation */ - /* Keygen callback info */ - int gentmp[2]; - /* message digest */ - const EVP_MD *md; /* MD for the signature */ -} DSA_PKEY_CTX; - -static int -pkey_dsa_init(EVP_PKEY_CTX *ctx) -{ - DSA_PKEY_CTX *dctx; - - dctx = malloc(sizeof(DSA_PKEY_CTX)); - if (!dctx) - return 0; - dctx->nbits = 1024; - dctx->qbits = 160; - dctx->pmd = NULL; - dctx->md = NULL; - - ctx->data = dctx; - ctx->keygen_info = dctx->gentmp; - ctx->keygen_info_count = 2; - - return 1; -} - -static int -pkey_dsa_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) -{ - DSA_PKEY_CTX *dctx, *sctx; - - if (!pkey_dsa_init(dst)) - return 0; - sctx = src->data; - dctx = dst->data; - dctx->nbits = sctx->nbits; - dctx->qbits = sctx->qbits; - dctx->pmd = sctx->pmd; - dctx->md = sctx->md; - return 1; -} - -static void -pkey_dsa_cleanup(EVP_PKEY_CTX *ctx) -{ - DSA_PKEY_CTX *dctx = ctx->data; - - free(dctx); -} - -static int -pkey_dsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *out_siglen, - const unsigned char *tbs, size_t tbslen) -{ - DSA *dsa = ctx->pkey->pkey.dsa; - DSA_PKEY_CTX *dctx = ctx->data; - unsigned int siglen; - - *out_siglen = 0; - - if (tbslen > INT_MAX) - return 0; - - if (dctx->md != NULL) { - if (tbslen != EVP_MD_size(dctx->md)) - return 0; - } - - if (!DSA_sign(0, tbs, tbslen, sig, &siglen, dsa)) - return 0; - - *out_siglen = siglen; - - return 1; -} - -static int -pkey_dsa_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, - const unsigned char *tbs, size_t tbslen) -{ - DSA *dsa = ctx->pkey->pkey.dsa; - DSA_PKEY_CTX *dctx = ctx->data; - - if (tbslen > INT_MAX || siglen > INT_MAX) - return 0; - - if (dctx->md != NULL) { - if (tbslen != EVP_MD_size(dctx->md)) - return 0; - } - - return DSA_verify(0, tbs, tbslen, sig, siglen, dsa); -} - -static int -pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) -{ - DSA_PKEY_CTX *dctx = ctx->data; - - switch (type) { - case EVP_PKEY_CTRL_DSA_PARAMGEN_BITS: - if (p1 < 256) - return -2; - dctx->nbits = p1; - return 1; - - case EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS: - if (p1 != 160 && p1 != 224 && p1 && p1 != 256) - return -2; - dctx->qbits = p1; - return 1; - - case EVP_PKEY_CTRL_DSA_PARAMGEN_MD: - switch (EVP_MD_type((const EVP_MD *)p2)) { - case NID_sha1: - case NID_sha224: - case NID_sha256: - break; - default: - DSAerror(DSA_R_INVALID_DIGEST_TYPE); - return 0; - } - dctx->md = p2; - return 1; - - case EVP_PKEY_CTRL_MD: - /* ANSI X9.57 and NIST CSOR. */ - switch (EVP_MD_type(p2)) { - case NID_sha1: - case NID_dsa: - case NID_dsaWithSHA: - case NID_sha224: - case NID_sha256: - case NID_sha384: - case NID_sha512: - case NID_sha3_224: - case NID_sha3_256: - case NID_sha3_384: - case NID_sha3_512: - break; - default: - DSAerror(DSA_R_INVALID_DIGEST_TYPE); - return 0; - } - dctx->md = p2; - return 1; - - case EVP_PKEY_CTRL_GET_MD: - *(const EVP_MD **)p2 = dctx->md; - return 1; - - case EVP_PKEY_CTRL_DIGESTINIT: - case EVP_PKEY_CTRL_PKCS7_SIGN: - case EVP_PKEY_CTRL_CMS_SIGN: - return 1; - - case EVP_PKEY_CTRL_PEER_KEY: - DSAerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); - return -2; - default: - return -2; - } -} - -static int -pkey_dsa_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value) -{ - const char *errstr; - - if (!strcmp(type, "dsa_paramgen_bits")) { - int nbits; - - nbits = strtonum(value, INT_MIN, INT_MAX, &errstr); - if (errstr != NULL) - return -2; - return EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits); - } else if (!strcmp(type, "dsa_paramgen_q_bits")) { - int qbits; - - qbits = strtonum(value, INT_MIN, INT_MAX, &errstr); - if (errstr != NULL) - return -2; - return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, - EVP_PKEY_OP_PARAMGEN, EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS, - qbits, NULL); - } else if (!strcmp(type, "dsa_paramgen_md")) { - return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, - EVP_PKEY_OP_PARAMGEN, EVP_PKEY_CTRL_DSA_PARAMGEN_MD, 0, - (void *)EVP_get_digestbyname(value)); - } - - return -2; -} - -static int -pkey_dsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -{ - DSA *dsa; - DSA_PKEY_CTX *dctx = ctx->data; - BN_GENCB *pcb = NULL; - BN_GENCB cb = {0}; - int ret = 0; - - if ((dsa = DSA_new()) == NULL) - goto err; - if (ctx->pkey_gencb != NULL) { - pcb = &cb; - evp_pkey_set_cb_translate(pcb, ctx); - } - if (!dsa_builtin_paramgen(dsa, dctx->nbits, dctx->qbits, dctx->pmd, - NULL, 0, NULL, NULL, NULL, pcb)) - goto err; - if (!EVP_PKEY_assign_DSA(pkey, dsa)) - goto err; - dsa = NULL; - - ret = 1; - - err: - DSA_free(dsa); - - return ret; -} - -static int -pkey_dsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -{ - DSA *dsa = NULL; - int ret = 0; - - if (ctx->pkey == NULL) { - DSAerror(DSA_R_NO_PARAMETERS_SET); - goto err; - } - if ((dsa = DSA_new()) == NULL) - goto err; - if (!EVP_PKEY_set1_DSA(pkey, dsa)) - goto err; - - if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey)) - goto err; - if (!DSA_generate_key(dsa)) - goto err; - - ret = 1; - - err: - DSA_free(dsa); - - return ret; -} - -const EVP_PKEY_METHOD dsa_pkey_meth = { - .pkey_id = EVP_PKEY_DSA, - .flags = EVP_PKEY_FLAG_AUTOARGLEN, - - .init = pkey_dsa_init, - .copy = pkey_dsa_copy, - .cleanup = pkey_dsa_cleanup, - - .paramgen = pkey_dsa_paramgen, - - .keygen = pkey_dsa_keygen, - - .sign = pkey_dsa_sign, - - .verify = pkey_dsa_verify, - - .ctrl = pkey_dsa_ctrl, - .ctrl_str = pkey_dsa_ctrl_str -}; diff --git a/src/lib/libcrypto/dsa/dsa_prn.c b/src/lib/libcrypto/dsa/dsa_prn.c deleted file mode 100644 index f276d82482..0000000000 --- a/src/lib/libcrypto/dsa/dsa_prn.c +++ /dev/null @@ -1,135 +0,0 @@ -/* $OpenBSD: dsa_prn.c,v 1.10 2023/07/08 14:28:15 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2006. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include - -int -DSA_print_fp(FILE *fp, const DSA *x, int off) -{ - BIO *b; - int ret; - - if ((b = BIO_new(BIO_s_file())) == NULL) { - DSAerror(ERR_R_BUF_LIB); - return 0; - } - BIO_set_fp(b, fp, BIO_NOCLOSE); - ret = DSA_print(b, x, off); - BIO_free(b); - return ret; -} -LCRYPTO_ALIAS(DSA_print_fp); - -int -DSAparams_print_fp(FILE *fp, const DSA *x) -{ - BIO *b; - int ret; - - if ((b = BIO_new(BIO_s_file())) == NULL) { - DSAerror(ERR_R_BUF_LIB); - return 0; - } - BIO_set_fp(b, fp, BIO_NOCLOSE); - ret = DSAparams_print(b, x); - BIO_free(b); - return ret; -} -LCRYPTO_ALIAS(DSAparams_print_fp); - -int -DSA_print(BIO *bp, const DSA *x, int off) -{ - EVP_PKEY *pk; - int ret = 0; - - if ((pk = EVP_PKEY_new()) == NULL) - goto err; - - if (!EVP_PKEY_set1_DSA(pk, (DSA *)x)) - goto err; - - ret = EVP_PKEY_print_private(bp, pk, off, NULL); - err: - EVP_PKEY_free(pk); - return ret; -} -LCRYPTO_ALIAS(DSA_print); - -int -DSAparams_print(BIO *bp, const DSA *x) -{ - EVP_PKEY *pk; - int ret = 0; - - if ((pk = EVP_PKEY_new()) == NULL) - goto err; - - if (!EVP_PKEY_set1_DSA(pk, (DSA *)x)) - goto err; - - ret = EVP_PKEY_print_params(bp, pk, 4, NULL); - err: - EVP_PKEY_free(pk); - return ret; -} -LCRYPTO_ALIAS(DSAparams_print); diff --git a/src/lib/libcrypto/ec/ec.h b/src/lib/libcrypto/ec/ec.h deleted file mode 100644 index 5438dd8013..0000000000 --- a/src/lib/libcrypto/ec/ec.h +++ /dev/null @@ -1,675 +0,0 @@ -/* $OpenBSD: ec.h,v 1.55 2025/03/10 08:38:11 tb Exp $ */ -/* - * Originally written by Bodo Moeller for the OpenSSL project. - */ -/* ==================================================================== - * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * - * Portions of the attached software ("Contribution") are developed by - * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. - * - * The Contribution is licensed pursuant to the OpenSSL open source - * license provided above. - * - * The elliptic curve binary polynomial software is originally written by - * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. - */ - -#ifndef HEADER_EC_H -#define HEADER_EC_H - -#include - -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#ifndef OPENSSL_ECC_MAX_FIELD_BITS -#define OPENSSL_ECC_MAX_FIELD_BITS 661 -#endif - -/* Elliptic point conversion form as per X9.62, page 4 and section 4.4.2. */ -typedef enum { - POINT_CONVERSION_COMPRESSED = 2, - POINT_CONVERSION_UNCOMPRESSED = 4, - POINT_CONVERSION_HYBRID = 6 -} point_conversion_form_t; - -typedef struct ec_group_st EC_GROUP; -typedef struct ec_point_st EC_POINT; - -void EC_GROUP_free(EC_GROUP *group); -void EC_GROUP_clear_free(EC_GROUP *group); - -EC_GROUP *EC_GROUP_dup(const EC_GROUP *src); - -int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, - const BIGNUM *order, const BIGNUM *cofactor); -const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group); - -int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx); -int EC_GROUP_order_bits(const EC_GROUP *group); -int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx); - -void EC_GROUP_set_curve_name(EC_GROUP *group, int nid); -int EC_GROUP_get_curve_name(const EC_GROUP *group); - -void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag); -int EC_GROUP_get_asn1_flag(const EC_GROUP *group); - -void EC_GROUP_set_point_conversion_form(EC_GROUP *group, - point_conversion_form_t form); -point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *); - -unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x); -size_t EC_GROUP_get_seed_len(const EC_GROUP *); -size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len); - -int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, - const BIGNUM *b, BN_CTX *ctx); -int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, - BN_CTX *ctx); - -int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, - const BIGNUM *b, BN_CTX *ctx); -int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, - BIGNUM *b, BN_CTX *ctx); - -int EC_GROUP_get_degree(const EC_GROUP *group); - -int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx); -int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx); - -/* Compare two EC_GROUPs. Returns 0 if both groups are equal, 1 otherwise. */ -int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx); - -EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, - const BIGNUM *b, BN_CTX *ctx); -EC_GROUP *EC_GROUP_new_by_curve_name(int nid); - -typedef struct { - int nid; - const char *comment; -} EC_builtin_curve; - -size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems); - -const char *EC_curve_nid2nist(int nid); -int EC_curve_nist2nid(const char *name); - -EC_POINT *EC_POINT_new(const EC_GROUP *group); -void EC_POINT_free(EC_POINT *point); -void EC_POINT_clear_free(EC_POINT *point); -int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src); -EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group); - -int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point); - -int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p, - const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx); -int EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *p, - BIGNUM *x, BIGNUM *y, BN_CTX *ctx); -int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p, - const BIGNUM *x, int y_bit, BN_CTX *ctx); - -int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p, - const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx); -int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, - const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx); -int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *p, - const BIGNUM *x, int y_bit, BN_CTX *ctx); -size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p, - point_conversion_form_t form, unsigned char *buf, size_t len, BN_CTX *ctx); -int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p, - const unsigned char *buf, size_t len, BN_CTX *ctx); - -BIGNUM *EC_POINT_point2bn(const EC_GROUP *, const EC_POINT *, - point_conversion_form_t form, BIGNUM *, BN_CTX *); -EC_POINT *EC_POINT_bn2point(const EC_GROUP *, const BIGNUM *, EC_POINT *, - BN_CTX *); -char *EC_POINT_point2hex(const EC_GROUP *, const EC_POINT *, - point_conversion_form_t form, BN_CTX *); -EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *, EC_POINT *, - BN_CTX *); - -int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, - const EC_POINT *b, BN_CTX *ctx); -int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, - BN_CTX *ctx); -int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx); -int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p); -int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, - BN_CTX *ctx); -int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, - BN_CTX *ctx); - -int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx); -int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, - const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx); - -int EC_GROUP_get_basis_type(const EC_GROUP *); - -#define OPENSSL_EC_EXPLICIT_CURVE 0x000 -#define OPENSSL_EC_NAMED_CURVE 0x001 - -EC_GROUP *d2i_ECPKParameters(EC_GROUP **, const unsigned char **in, long len); -int i2d_ECPKParameters(const EC_GROUP *, unsigned char **out); - -#define d2i_ECPKParameters_bio(bp,x) ASN1_d2i_bio_of(EC_GROUP,NULL,d2i_ECPKParameters,bp,x) -#define i2d_ECPKParameters_bio(bp,x) ASN1_i2d_bio_of_const(EC_GROUP,i2d_ECPKParameters,bp,x) -#define d2i_ECPKParameters_fp(fp,x) (EC_GROUP *)ASN1_d2i_fp(NULL, \ - (char *(*)())d2i_ECPKParameters,(fp),(unsigned char **)(x)) -#define i2d_ECPKParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECPKParameters,(fp), \ - (unsigned char *)(x)) - -#ifndef OPENSSL_NO_BIO -int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off); -#endif -int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off); - -#define EC_PKEY_NO_PARAMETERS 0x001 -#define EC_PKEY_NO_PUBKEY 0x002 - -#define EC_FLAG_NON_FIPS_ALLOW 0x1 -#define EC_FLAG_FIPS_CHECKED 0x2 -#define EC_FLAG_COFACTOR_ECDH 0x1000 - -EC_KEY *EC_KEY_new(void); -int EC_KEY_get_flags(const EC_KEY *key); -void EC_KEY_set_flags(EC_KEY *key, int flags); -void EC_KEY_clear_flags(EC_KEY *key, int flags); -EC_KEY *EC_KEY_new_by_curve_name(int nid); -void EC_KEY_free(EC_KEY *key); -EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src); -EC_KEY *EC_KEY_dup(const EC_KEY *src); -int EC_KEY_up_ref(EC_KEY *key); - -const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key); -int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group); -const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key); -int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv); -const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key); -int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub); - -unsigned EC_KEY_get_enc_flags(const EC_KEY *key); -void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags); -point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key); -void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform); - -void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag); -int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx); -int EC_KEY_generate_key(EC_KEY *key); -int EC_KEY_check_key(const EC_KEY *key); -int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y); - -EC_KEY *d2i_ECPrivateKey(EC_KEY **key, const unsigned char **in, long len); -int i2d_ECPrivateKey(EC_KEY *key, unsigned char **out); -EC_KEY *d2i_ECParameters(EC_KEY **key, const unsigned char **in, long len); -int i2d_ECParameters(EC_KEY *key, unsigned char **out); - -EC_KEY *o2i_ECPublicKey(EC_KEY **key, const unsigned char **in, long len); -int i2o_ECPublicKey(const EC_KEY *key, unsigned char **out); - -#ifndef OPENSSL_NO_BIO -int ECParameters_print(BIO *bp, const EC_KEY *key); -int EC_KEY_print(BIO *bp, const EC_KEY *key, int off); -#endif -int ECParameters_print_fp(FILE *fp, const EC_KEY *key); -int EC_KEY_print_fp(FILE *fp, const EC_KEY *key, int off); - -#define EC_KEY_get_ex_new_index(l, p, newf, dupf, freef) \ - CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_EC_KEY, l, p, newf, dupf, freef) -int EC_KEY_set_ex_data(EC_KEY *key, int idx, void *arg); -void *EC_KEY_get_ex_data(const EC_KEY *key, int idx); - -const EC_KEY_METHOD *EC_KEY_OpenSSL(void); -const EC_KEY_METHOD *EC_KEY_get_default_method(void); -void EC_KEY_set_default_method(const EC_KEY_METHOD *meth); -const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key); -int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth); -EC_KEY *EC_KEY_new_method(ENGINE *engine); - -int ECDH_size(const EC_KEY *ecdh); -int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, - EC_KEY *ecdh, - void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); - -typedef struct ECDSA_SIG_st ECDSA_SIG; - -ECDSA_SIG *ECDSA_SIG_new(void); -void ECDSA_SIG_free(ECDSA_SIG *sig); -int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp); -ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len); - -const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig); -const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig); -void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps); -int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s); - -int ECDSA_size(const EC_KEY *eckey); - -ECDSA_SIG *ECDSA_do_sign(const unsigned char *digest, int digest_len, - EC_KEY *eckey); -int ECDSA_do_verify(const unsigned char *digest, int digest_len, - const ECDSA_SIG *sig, EC_KEY *eckey); - -int ECDSA_sign(int type, const unsigned char *digest, int digest_len, - unsigned char *signature, unsigned int *signature_len, EC_KEY *eckey); -int ECDSA_verify(int type, const unsigned char *digest, int digest_len, - const unsigned char *signature, int signature_len, EC_KEY *eckey); - -EC_KEY_METHOD *EC_KEY_METHOD_new(const EC_KEY_METHOD *meth); -void EC_KEY_METHOD_free(EC_KEY_METHOD *meth); -void EC_KEY_METHOD_set_init(EC_KEY_METHOD *meth, - int (*init)(EC_KEY *key), - void (*finish)(EC_KEY *key), - int (*copy)(EC_KEY *dest, const EC_KEY *src), - int (*set_group)(EC_KEY *key, const EC_GROUP *grp), - int (*set_private)(EC_KEY *key, const BIGNUM *priv_key), - int (*set_public)(EC_KEY *key, const EC_POINT *pub_key)); -void EC_KEY_METHOD_set_keygen(EC_KEY_METHOD *meth, - int (*keygen)(EC_KEY *key)); -void EC_KEY_METHOD_set_compute_key(EC_KEY_METHOD *meth, - int (*ckey)(unsigned char **out, size_t *out_len, const EC_POINT *pub_key, - const EC_KEY *ecdh)); -void EC_KEY_METHOD_set_sign(EC_KEY_METHOD *meth, - int (*sign)(int type, const unsigned char *digest, int digest_len, - unsigned char *signature, unsigned int *signature_len, - const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey), - int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp), - ECDSA_SIG *(*sign_sig)(const unsigned char *digest, int digest_len, - const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey)); -void EC_KEY_METHOD_set_verify(EC_KEY_METHOD *meth, - int (*verify)(int type, const unsigned char *digest, int digest_len, - const unsigned char *signature, int signature_len, EC_KEY *eckey), - int (*verify_sig)(const unsigned char *digest, int digest_len, - const ECDSA_SIG *sig, EC_KEY *eckey)); -void EC_KEY_METHOD_get_init(const EC_KEY_METHOD *meth, - int (**pinit)(EC_KEY *key), - void (**pfinish)(EC_KEY *key), - int (**pcopy)(EC_KEY *dest, const EC_KEY *src), - int (**pset_group)(EC_KEY *key, const EC_GROUP *grp), - int (**pset_private)(EC_KEY *key, const BIGNUM *priv_key), - int (**pset_public)(EC_KEY *key, const EC_POINT *pub_key)); -void EC_KEY_METHOD_get_keygen(const EC_KEY_METHOD *meth, - int (**pkeygen)(EC_KEY *key)); -void EC_KEY_METHOD_get_compute_key(const EC_KEY_METHOD *meth, - int (**pck)(unsigned char **out, size_t *out_len, const EC_POINT *pub_key, - const EC_KEY *ecdh)); -void EC_KEY_METHOD_get_sign(const EC_KEY_METHOD *meth, - int (**psign)(int type, const unsigned char *digest, int digest_len, - unsigned char *signature, unsigned int *signature_len, - const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey), - int (**psign_setup)(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp), - ECDSA_SIG *(**psign_sig)(const unsigned char *digest, int digest_len, - const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey)); -void EC_KEY_METHOD_get_verify(const EC_KEY_METHOD *meth, - int (**pverify)(int type, const unsigned char *digest, int digest_len, - const unsigned char *signature, int signature_len, EC_KEY *eckey), - int (**pverify_sig)(const unsigned char *digest, int digest_len, - const ECDSA_SIG *sig, EC_KEY *eckey)); - -EC_KEY *ECParameters_dup(EC_KEY *key); - -#define EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \ - EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, nid, NULL) - -#define EVP_PKEY_CTX_set_ec_param_enc(ctx, flag) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \ - EVP_PKEY_CTRL_EC_PARAM_ENC, flag, NULL) - -#define EVP_PKEY_CTX_set_ecdh_cofactor_mode(ctx, flag) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_EC_ECDH_COFACTOR, flag, NULL) - -#define EVP_PKEY_CTX_get_ecdh_cofactor_mode(ctx) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_EC_ECDH_COFACTOR, -2, NULL) - -#define EVP_PKEY_CTX_set_ecdh_kdf_type(ctx, kdf) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_EC_KDF_TYPE, kdf, NULL) - -#define EVP_PKEY_CTX_get_ecdh_kdf_type(ctx) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_EC_KDF_TYPE, -2, NULL) - -#define EVP_PKEY_CTX_set_ecdh_kdf_md(ctx, md) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_EC_KDF_MD, 0, (void *)(md)) - -#define EVP_PKEY_CTX_get_ecdh_kdf_md(ctx, pmd) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_GET_EC_KDF_MD, 0, (void *)(pmd)) - -#define EVP_PKEY_CTX_set_ecdh_kdf_outlen(ctx, len) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_EC_KDF_OUTLEN, len, NULL) - -#define EVP_PKEY_CTX_get_ecdh_kdf_outlen(ctx, plen) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN, 0, \ - (void *)(plen)) - -#define EVP_PKEY_CTX_set0_ecdh_kdf_ukm(ctx, p, plen) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_EC_KDF_UKM, plen, (void *)(p)) - -#define EVP_PKEY_CTX_get0_ecdh_kdf_ukm(ctx, p) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \ - EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_GET_EC_KDF_UKM, 0, (void *)(p)) - -/* SM2 will skip the operation check so no need to pass operation here */ -#define EVP_PKEY_CTX_set1_id(ctx, id, id_len) \ - EVP_PKEY_CTX_ctrl(ctx, -1, -1, \ - EVP_PKEY_CTRL_SET1_ID, (int)id_len, (void*)(id)) - -#define EVP_PKEY_CTX_get1_id(ctx, id) \ - EVP_PKEY_CTX_ctrl(ctx, -1, -1, \ - EVP_PKEY_CTRL_GET1_ID, 0, (void*)(id)) - -#define EVP_PKEY_CTX_get1_id_len(ctx, id_len) \ - EVP_PKEY_CTX_ctrl(ctx, -1, -1, \ - EVP_PKEY_CTRL_GET1_ID_LEN, 0, (void*)(id_len)) - -#define EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID (EVP_PKEY_ALG_CTRL + 1) -#define EVP_PKEY_CTRL_EC_PARAM_ENC (EVP_PKEY_ALG_CTRL + 2) -#define EVP_PKEY_CTRL_EC_ECDH_COFACTOR (EVP_PKEY_ALG_CTRL + 3) -#define EVP_PKEY_CTRL_EC_KDF_TYPE (EVP_PKEY_ALG_CTRL + 4) -#define EVP_PKEY_CTRL_EC_KDF_MD (EVP_PKEY_ALG_CTRL + 5) -#define EVP_PKEY_CTRL_GET_EC_KDF_MD (EVP_PKEY_ALG_CTRL + 6) -#define EVP_PKEY_CTRL_EC_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 7) -#define EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 8) -#define EVP_PKEY_CTRL_EC_KDF_UKM (EVP_PKEY_ALG_CTRL + 9) -#define EVP_PKEY_CTRL_GET_EC_KDF_UKM (EVP_PKEY_ALG_CTRL + 10) -#define EVP_PKEY_CTRL_SET1_ID (EVP_PKEY_ALG_CTRL + 11) -#define EVP_PKEY_CTRL_GET1_ID (EVP_PKEY_ALG_CTRL + 12) -#define EVP_PKEY_CTRL_GET1_ID_LEN (EVP_PKEY_ALG_CTRL + 13) - -/* KDF types */ -#define EVP_PKEY_ECDH_KDF_NONE 1 -#define EVP_PKEY_ECDH_KDF_X9_63 2 - -void ERR_load_EC_strings(void); - -/* Error codes for the EC functions. */ - -/* Function codes. */ -#define EC_F_BN_TO_FELEM 224 -#define EC_F_COMPUTE_WNAF 143 -#define EC_F_D2I_ECPARAMETERS 144 -#define EC_F_D2I_ECPKPARAMETERS 145 -#define EC_F_D2I_ECPRIVATEKEY 146 -#define EC_F_DO_EC_KEY_PRINT 221 -#define EC_F_ECKEY_PARAM2TYPE 223 -#define EC_F_ECKEY_PARAM_DECODE 212 -#define EC_F_ECKEY_PRIV_DECODE 213 -#define EC_F_ECKEY_PRIV_ENCODE 214 -#define EC_F_ECKEY_PUB_DECODE 215 -#define EC_F_ECKEY_PUB_ENCODE 216 -#define EC_F_ECKEY_TYPE2PARAM 220 -#define EC_F_ECPARAMETERS_PRINT 147 -#define EC_F_ECPARAMETERS_PRINT_FP 148 -#define EC_F_ECPKPARAMETERS_PRINT 149 -#define EC_F_ECPKPARAMETERS_PRINT_FP 150 -#define EC_F_ECP_NIST_MOD_192 203 -#define EC_F_ECP_NIST_MOD_224 204 -#define EC_F_ECP_NIST_MOD_256 205 -#define EC_F_ECP_NIST_MOD_521 206 -#define EC_F_ECP_NISTZ256_GET_AFFINE 240 -#define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE 243 -#define EC_F_ECP_NISTZ256_POINTS_MUL 241 -#define EC_F_ECP_NISTZ256_PRE_COMP_NEW 244 -#define EC_F_ECP_NISTZ256_SET_WORDS 245 -#define EC_F_ECP_NISTZ256_WINDOWED_MUL 242 -#define EC_F_EC_ASN1_GROUP2CURVE 153 -#define EC_F_EC_ASN1_GROUP2FIELDID 154 -#define EC_F_EC_ASN1_GROUP2PARAMETERS 155 -#define EC_F_EC_ASN1_GROUP2PKPARAMETERS 156 -#define EC_F_EC_ASN1_PARAMETERS2GROUP 157 -#define EC_F_EC_ASN1_PKPARAMETERS2GROUP 158 -#define EC_F_EC_EX_DATA_SET_DATA 211 -#define EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY 208 -#define EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT 159 -#define EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE 195 -#define EC_F_EC_GF2M_SIMPLE_OCT2POINT 160 -#define EC_F_EC_GF2M_SIMPLE_POINT2OCT 161 -#define EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES 162 -#define EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES 163 -#define EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES 164 -#define EC_F_EC_GFP_MONT_FIELD_DECODE 133 -#define EC_F_EC_GFP_MONT_FIELD_ENCODE 134 -#define EC_F_EC_GFP_MONT_FIELD_MUL 131 -#define EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE 209 -#define EC_F_EC_GFP_MONT_FIELD_SQR 132 -#define EC_F_EC_GFP_MONT_GROUP_SET_CURVE 189 -#define EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP 135 -#define EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE 225 -#define EC_F_EC_GFP_NISTP224_POINTS_MUL 228 -#define EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES 226 -#define EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE 230 -#define EC_F_EC_GFP_NISTP256_POINTS_MUL 231 -#define EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES 232 -#define EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE 233 -#define EC_F_EC_GFP_NISTP521_POINTS_MUL 234 -#define EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES 235 -#define EC_F_EC_GFP_NIST_FIELD_MUL 200 -#define EC_F_EC_GFP_NIST_FIELD_SQR 201 -#define EC_F_EC_GFP_NIST_GROUP_SET_CURVE 202 -#define EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT 165 -#define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE 166 -#define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP 100 -#define EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR 101 -#define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE 102 -#define EC_F_EC_GFP_SIMPLE_OCT2POINT 103 -#define EC_F_EC_GFP_SIMPLE_POINT2OCT 104 -#define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE 137 -#define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES 167 -#define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP 105 -#define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES 168 -#define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP 128 -#define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES 169 -#define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP 129 -#define EC_F_EC_GROUP_CHECK 170 -#define EC_F_EC_GROUP_CHECK_DISCRIMINANT 171 -#define EC_F_EC_GROUP_COPY 106 -#define EC_F_EC_GROUP_GET0_GENERATOR 139 -#define EC_F_EC_GROUP_GET_COFACTOR 140 -#define EC_F_EC_GROUP_GET_CURVE_GF2M 172 -#define EC_F_EC_GROUP_GET_CURVE_GFP 130 -#define EC_F_EC_GROUP_GET_DEGREE 173 -#define EC_F_EC_GROUP_GET_ORDER 141 -#define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS 193 -#define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS 194 -#define EC_F_EC_GROUP_NEW 108 -#define EC_F_EC_GROUP_NEW_BY_CURVE_NAME 174 -#define EC_F_EC_GROUP_NEW_FROM_DATA 175 -#define EC_F_EC_GROUP_PRECOMPUTE_MULT 142 -#define EC_F_EC_GROUP_SET_CURVE_GF2M 176 -#define EC_F_EC_GROUP_SET_CURVE_GFP 109 -#define EC_F_EC_GROUP_SET_EXTRA_DATA 110 -#define EC_F_EC_GROUP_SET_GENERATOR 111 -#define EC_F_EC_KEY_CHECK_KEY 177 -#define EC_F_EC_KEY_COPY 178 -#define EC_F_EC_KEY_GENERATE_KEY 179 -#define EC_F_EC_KEY_NEW 182 -#define EC_F_EC_KEY_PRINT 180 -#define EC_F_EC_KEY_PRINT_FP 181 -#define EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES 229 -#define EC_F_EC_POINTS_MAKE_AFFINE 136 -#define EC_F_EC_POINT_ADD 112 -#define EC_F_EC_POINT_CMP 113 -#define EC_F_EC_POINT_COPY 114 -#define EC_F_EC_POINT_DBL 115 -#define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M 183 -#define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP 116 -#define EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP 117 -#define EC_F_EC_POINT_INVERT 210 -#define EC_F_EC_POINT_IS_AT_INFINITY 118 -#define EC_F_EC_POINT_IS_ON_CURVE 119 -#define EC_F_EC_POINT_MAKE_AFFINE 120 -#define EC_F_EC_POINT_MUL 184 -#define EC_F_EC_POINT_NEW 121 -#define EC_F_EC_POINT_OCT2POINT 122 -#define EC_F_EC_POINT_POINT2OCT 123 -#define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M 185 -#define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP 124 -#define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M 186 -#define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP 125 -#define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP 126 -#define EC_F_EC_POINT_SET_TO_INFINITY 127 -#define EC_F_EC_PRE_COMP_DUP 207 -#define EC_F_EC_PRE_COMP_NEW 196 -#define EC_F_EC_WNAF_MUL 187 -#define EC_F_EC_WNAF_PRECOMPUTE_MULT 188 -#define EC_F_I2D_ECPARAMETERS 190 -#define EC_F_I2D_ECPKPARAMETERS 191 -#define EC_F_I2D_ECPRIVATEKEY 192 -#define EC_F_I2O_ECPUBLICKEY 151 -#define EC_F_NISTP224_PRE_COMP_NEW 227 -#define EC_F_NISTP256_PRE_COMP_NEW 236 -#define EC_F_NISTP521_PRE_COMP_NEW 237 -#define EC_F_O2I_ECPUBLICKEY 152 -#define EC_F_OLD_EC_PRIV_DECODE 222 -#define EC_F_PKEY_EC_CTRL 197 -#define EC_F_PKEY_EC_CTRL_STR 198 -#define EC_F_PKEY_EC_DERIVE 217 -#define EC_F_PKEY_EC_KEYGEN 199 -#define EC_F_PKEY_EC_PARAMGEN 219 -#define EC_F_PKEY_EC_SIGN 218 - -/* Reason codes. */ -#define EC_R_ASN1_ERROR 115 -#define EC_R_ASN1_UNKNOWN_FIELD 116 -#define EC_R_BAD_SIGNATURE 166 -#define EC_R_BIGNUM_OUT_OF_RANGE 144 -#define EC_R_BUFFER_TOO_SMALL 100 -#define EC_R_COORDINATES_OUT_OF_RANGE 146 -#define EC_R_D2I_ECPKPARAMETERS_FAILURE 117 -#define EC_R_DECODE_ERROR 142 -#define EC_R_DISCRIMINANT_IS_ZERO 118 -#define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 119 -#define EC_R_FIELD_TOO_LARGE 143 -#define EC_R_GF2M_NOT_SUPPORTED 147 -#define EC_R_GROUP2PKPARAMETERS_FAILURE 120 -#define EC_R_I2D_ECPKPARAMETERS_FAILURE 121 -#define EC_R_INCOMPATIBLE_OBJECTS 101 -#define EC_R_INVALID_ARGUMENT 112 -#define EC_R_INVALID_COMPRESSED_POINT 110 -#define EC_R_INVALID_COMPRESSION_BIT 109 -#define EC_R_INVALID_CURVE 141 -#define EC_R_INVALID_DIGEST 151 -#define EC_R_INVALID_DIGEST_TYPE 138 -#define EC_R_INVALID_ENCODING 102 -#define EC_R_INVALID_FIELD 103 -#define EC_R_INVALID_FORM 104 -#define EC_R_INVALID_GROUP_ORDER 122 -#define EC_R_INVALID_KEY 165 -#define EC_R_INVALID_OUTPUT_LENGTH 171 -#define EC_R_INVALID_PEER_KEY 152 -#define EC_R_INVALID_PENTANOMIAL_BASIS 132 -#define EC_R_INVALID_PRIVATE_KEY 123 -#define EC_R_INVALID_TRINOMIAL_BASIS 137 -#define EC_R_KDF_FAILED 167 -#define EC_R_KDF_PARAMETER_ERROR 148 -#define EC_R_KEY_TRUNCATION 168 -#define EC_R_KEYS_NOT_SET 140 -#define EC_R_MISSING_PARAMETERS 124 -#define EC_R_MISSING_PRIVATE_KEY 125 -#define EC_R_NEED_NEW_SETUP_VALUES 170 -#define EC_R_NOT_A_NIST_PRIME 135 -#define EC_R_NOT_A_SUPPORTED_NIST_PRIME 136 -#define EC_R_NOT_IMPLEMENTED 126 -#define EC_R_NOT_INITIALIZED 111 -#define EC_R_NO_FIELD_MOD 133 -#define EC_R_NO_PARAMETERS_SET 139 -#define EC_R_PASSED_NULL_PARAMETER 134 -#define EC_R_PEER_KEY_ERROR 149 -#define EC_R_PKPARAMETERS2GROUP_FAILURE 127 -#define EC_R_POINT_AT_INFINITY 106 -#define EC_R_POINT_ARITHMETIC_FAILURE 169 -#define EC_R_POINT_IS_NOT_ON_CURVE 107 -#define EC_R_SHARED_INFO_ERROR 150 -#define EC_R_SLOT_FULL 108 -#define EC_R_UNDEFINED_GENERATOR 113 -#define EC_R_UNDEFINED_ORDER 128 -#define EC_R_UNKNOWN_COFACTOR 164 -#define EC_R_UNKNOWN_GROUP 129 -#define EC_R_UNKNOWN_ORDER 114 -#define EC_R_UNSUPPORTED_FIELD 131 -#define EC_R_WRONG_CURVE_PARAMETERS 145 -#define EC_R_WRONG_ORDER 130 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/ec/ec_ameth.c b/src/lib/libcrypto/ec/ec_ameth.c deleted file mode 100644 index 903b18a8db..0000000000 --- a/src/lib/libcrypto/ec/ec_ameth.c +++ /dev/null @@ -1,1065 +0,0 @@ -/* $OpenBSD: ec_ameth.c,v 1.73 2024/11/25 06:51:39 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2006. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "asn1_local.h" -#include "bn_local.h" -#include "evp_local.h" -#include "x509_local.h" - -#ifndef OPENSSL_NO_CMS -static int ecdh_cms_decrypt(CMS_RecipientInfo *ri); -static int ecdh_cms_encrypt(CMS_RecipientInfo *ri); -#endif - -static void -eckey_param_free(int ptype, void *pval) -{ - if (pval == NULL) - return; - if (ptype == V_ASN1_OBJECT) - ASN1_OBJECT_free(pval); /* XXX - really necessary? */ - else - ASN1_STRING_free(pval); -} - -static int -eckey_get_curve_name(const EC_KEY *eckey, int *nid) -{ - const EC_GROUP *group; - - *nid = NID_undef; - - if ((group = EC_KEY_get0_group(eckey)) == NULL) { - ECerror(EC_R_MISSING_PARAMETERS); - return 0; - } - if ((EC_GROUP_get_asn1_flag(group) & OPENSSL_EC_NAMED_CURVE) != 0) - *nid = EC_GROUP_get_curve_name(group); - - return 1; -} - -static int -eckey_to_explicit_params(EC_KEY *eckey, void **out_val) -{ - ASN1_STRING *astr = NULL; - unsigned char *params = NULL; - int params_len = 0; - int ret = 0; - - *out_val = NULL; - - if ((params_len = i2d_ECParameters(eckey, ¶ms)) <= 0) { - ECerror(ERR_R_EC_LIB); - params_len = 0; - goto err; - } - - if ((astr = ASN1_STRING_new()) == NULL) - goto err; - ASN1_STRING_set0(astr, params, params_len); - params = NULL; - params_len = 0; - - *out_val = astr; - astr = NULL; - - ret = 1; - - err: - freezero(params, params_len); - ASN1_STRING_free(astr); - - return ret; -} - -static int -eckey_from_explicit_params(const ASN1_STRING *astr, EC_KEY **out_eckey) -{ - const unsigned char *params = astr->data; - int params_len = astr->length; - - EC_KEY_free(*out_eckey); - if ((*out_eckey = d2i_ECParameters(NULL, ¶ms, params_len)) == NULL) { - ECerror(EC_R_DECODE_ERROR); - return 0; - } - - return 1; -} - -static int -eckey_to_object(const EC_KEY *eckey, void **out_val) -{ - int nid = NID_undef; - - *out_val = NULL; - - if (!eckey_get_curve_name(eckey, &nid)) - return 0; - if ((*out_val = OBJ_nid2obj(nid)) == NULL) - return 0; - - return 1; -} - -static int -eckey_from_object(const ASN1_OBJECT *aobj, EC_KEY **out_eckey) -{ - int nid; - - EC_KEY_free(*out_eckey); - *out_eckey = NULL; - - if ((nid = OBJ_obj2nid(aobj)) == NID_undef) - return 0; - if ((*out_eckey = EC_KEY_new_by_curve_name(nid)) == NULL) - return 0; - - return 1; -} - -static int -eckey_to_params(EC_KEY *eckey, int *out_type, void **out_val) -{ - int nid; - - *out_type = NID_undef; - *out_val = NULL; - - if (!eckey_get_curve_name(eckey, &nid)) - return 0; - - if (nid == NID_undef) { - *out_type = V_ASN1_SEQUENCE; - return eckey_to_explicit_params(eckey, out_val); - } else { - *out_type = V_ASN1_OBJECT; - return eckey_to_object(eckey, out_val); - } -} - -static int -eckey_from_params(int ptype, const void *pval, EC_KEY **out_eckey) -{ - EC_KEY_free(*out_eckey); - *out_eckey = NULL; - - if (ptype == V_ASN1_SEQUENCE) - return eckey_from_explicit_params(pval, out_eckey); - if (ptype == V_ASN1_OBJECT) - return eckey_from_object(pval, out_eckey); - - ECerror(EC_R_DECODE_ERROR); - return 0; -} - -static int -eckey_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) -{ - EC_KEY *eckey = pkey->pkey.ec; - int ptype = V_ASN1_UNDEF; - void *pval = NULL; - ASN1_OBJECT *aobj; - unsigned char *key = NULL; - int key_len = 0; - int ret = 0; - - if (!eckey_to_params(eckey, &ptype, &pval)) { - ECerror(ERR_R_EC_LIB); - goto err; - } - if ((key_len = i2o_ECPublicKey(eckey, &key)) <= 0) { - key_len = 0; - goto err; - } - if ((aobj = OBJ_nid2obj(EVP_PKEY_EC)) == NULL) - goto err; - if (!X509_PUBKEY_set0_param(pk, aobj, ptype, pval, key, key_len)) - goto err; - pval = NULL; - key = NULL; - key_len = 0; - - ret = 1; - - err: - eckey_param_free(ptype, pval); - freezero(key, key_len); - - return ret; -} - -static int -eckey_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) -{ - const unsigned char *p = NULL; - const void *pval; - int ptype, pklen; - EC_KEY *eckey = NULL; - X509_ALGOR *palg; - int ret = 0; - - if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey)) - goto err; - - X509_ALGOR_get0(NULL, &ptype, &pval, palg); - if (!eckey_from_params(ptype, pval, &eckey)) - goto err; - - if (!o2i_ECPublicKey(&eckey, &p, pklen)) { - ECerror(EC_R_DECODE_ERROR); - goto err; - } - if (!EVP_PKEY_assign_EC_KEY(pkey, eckey)) - goto err; - eckey = NULL; - - ret = 1; - - err: - EC_KEY_free(eckey); - - return ret; -} - -static int -eckey_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) -{ - const EC_GROUP *group = EC_KEY_get0_group(b->pkey.ec); - const EC_POINT *pa = EC_KEY_get0_public_key(a->pkey.ec); - const EC_POINT *pb = EC_KEY_get0_public_key(b->pkey.ec); - int r; - - r = EC_POINT_cmp(group, pa, pb, NULL); - if (r == 0) - return 1; - if (r == 1) - return 0; - return -2; -} - -int -eckey_compute_pubkey(EC_KEY *eckey) -{ - const BIGNUM *priv_key; - const EC_GROUP *group; - EC_POINT *pub_key = NULL; - int ret = 0; - - if ((priv_key = EC_KEY_get0_private_key(eckey)) == NULL) - goto err; - if ((group = EC_KEY_get0_group(eckey)) == NULL) - goto err; - if ((pub_key = EC_POINT_new(group)) == NULL) - goto err; - if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, NULL)) - goto err; - if (!EC_KEY_set_public_key(eckey, pub_key)) - goto err; - - ret = 1; - - err: - EC_POINT_free(pub_key); - - return ret; -} - -static int -eckey_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8) -{ - const unsigned char *priv = NULL; - int priv_len; - const void *pval; - int ptype; - EC_KEY *eckey = NULL; - const X509_ALGOR *palg; - int ret = 0; - - if (!PKCS8_pkey_get0(NULL, &priv, &priv_len, &palg, p8)) - goto err; - - X509_ALGOR_get0(NULL, &ptype, &pval, palg); - if (!eckey_from_params(ptype, pval, &eckey)) - goto err; - - /* Decode private key into eckey. */ - if (d2i_ECPrivateKey(&eckey, &priv, priv_len) == NULL) { - ECerror(EC_R_DECODE_ERROR); - goto err; - } - /* If public key was missing from SEC1 key, compute it. */ - if (EC_KEY_get0_public_key(eckey) == NULL) { - if (!eckey_compute_pubkey(eckey)) - goto err; - } - - if (!EVP_PKEY_assign_EC_KEY(pkey, eckey)) - goto err; - eckey = NULL; - - ret = 1; - - err: - EC_KEY_free(eckey); - - return ret; -} - -static int -eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) -{ - EC_KEY *eckey = pkey->pkey.ec; - void *pval = NULL; - int ptype = V_ASN1_UNDEF; - ASN1_OBJECT *aobj; - unsigned char *key = NULL; - int key_len = 0; - unsigned int flags; - int ret = 0; - - flags = EC_KEY_get_enc_flags(eckey); - - if (!eckey_to_params(eckey, &ptype, &pval)) { - ECerror(EC_R_DECODE_ERROR); - goto err; - } - - /* PKCS#11 12.11: don't include parameters in the SEC1 private key. */ - EC_KEY_set_enc_flags(eckey, flags | EC_PKEY_NO_PARAMETERS); - - if ((key_len = i2d_ECPrivateKey(eckey, &key)) <= 0) { - ECerror(ERR_R_EC_LIB); - key_len = 0; - goto err; - } - if ((aobj = OBJ_nid2obj(NID_X9_62_id_ecPublicKey)) == NULL) - goto err; - if (!PKCS8_pkey_set0(p8, aobj, 0, ptype, pval, key, key_len)) - goto err; - pval = NULL; - key = NULL; - key_len = 0; - - ret = 1; - - err: - eckey_param_free(ptype, pval); - freezero(key, key_len); - - EC_KEY_set_enc_flags(eckey, flags); - - return ret; -} - -static int -ec_size(const EVP_PKEY *pkey) -{ - return ECDSA_size(pkey->pkey.ec); -} - -static int -ec_bits(const EVP_PKEY *pkey) -{ - const EC_GROUP *group; - - if ((group = EC_KEY_get0_group(pkey->pkey.ec)) == NULL) - return 0; - - return EC_GROUP_order_bits(group); -} - -static int -ec_security_bits(const EVP_PKEY *pkey) -{ - int ecbits = ec_bits(pkey); - - if (ecbits >= 512) - return 256; - if (ecbits >= 384) - return 192; - if (ecbits >= 256) - return 128; - if (ecbits >= 224) - return 112; - if (ecbits >= 160) - return 80; - - return ecbits / 2; -} - -static int -ec_missing_parameters(const EVP_PKEY *pkey) -{ - if (EC_KEY_get0_group(pkey->pkey.ec) == NULL) - return 1; - return 0; -} - -static int -ec_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) -{ - return EC_KEY_set_group(to->pkey.ec, EC_KEY_get0_group(from->pkey.ec)); -} - -static int -ec_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) -{ - const EC_GROUP *group_a = EC_KEY_get0_group(a->pkey.ec); - const EC_GROUP *group_b = EC_KEY_get0_group(b->pkey.ec); - - if (EC_GROUP_cmp(group_a, group_b, NULL)) - return 0; - else - return 1; -} - -static void -ec_free(EVP_PKEY *pkey) -{ - EC_KEY_free(pkey->pkey.ec); -} - -static int -do_EC_KEY_print(BIO *bp, const EC_KEY *x, int off, int ktype) -{ - const char *ecstr; - int ret = 0, reason = ERR_R_BIO_LIB; - BIGNUM *pub_key = NULL; - BN_CTX *ctx = NULL; - const EC_GROUP *group; - const EC_POINT *public_key; - const BIGNUM *priv_key; - - if (x == NULL || (group = EC_KEY_get0_group(x)) == NULL) { - reason = ERR_R_PASSED_NULL_PARAMETER; - goto err; - } - ctx = BN_CTX_new(); - if (ctx == NULL) { - reason = ERR_R_MALLOC_FAILURE; - goto err; - } - if (ktype > 0) { - public_key = EC_KEY_get0_public_key(x); - if (public_key != NULL) { - if ((pub_key = EC_POINT_point2bn(group, public_key, - EC_KEY_get_conv_form(x), NULL, ctx)) == NULL) { - reason = ERR_R_EC_LIB; - goto err; - } - } - } - if (ktype == 2) { - priv_key = EC_KEY_get0_private_key(x); - } else - priv_key = NULL; - - if (ktype == 2) - ecstr = "Private-Key"; - else if (ktype == 1) - ecstr = "Public-Key"; - else - ecstr = "ECDSA-Parameters"; - - if (!BIO_indent(bp, off, 128)) - goto err; - if (BIO_printf(bp, "%s: (%d bit)\n", ecstr, - EC_GROUP_order_bits(group)) <= 0) - goto err; - - if (!bn_printf(bp, priv_key, off, "priv:")) - goto err; - if (!bn_printf(bp, pub_key, off, "pub: ")) - goto err; - if (!ECPKParameters_print(bp, group, off)) - goto err; - - ret = 1; - - err: - if (!ret) - ECerror(reason); - BN_free(pub_key); - BN_CTX_free(ctx); - - return (ret); -} - -static int -eckey_param_decode(EVP_PKEY *pkey, const unsigned char **param, int param_len) -{ - EC_KEY *eckey; - int ret = 0; - - if ((eckey = d2i_ECParameters(NULL, param, param_len)) == NULL) - goto err; - if (!EVP_PKEY_assign_EC_KEY(pkey, eckey)) - goto err; - eckey = NULL; - - ret = 1; - - err: - EC_KEY_free(eckey); - - return ret; -} - -static int -eckey_param_encode(const EVP_PKEY *pkey, unsigned char **param) -{ - return i2d_ECParameters(pkey->pkey.ec, param); -} - -static int -eckey_param_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx) -{ - return do_EC_KEY_print(bp, pkey->pkey.ec, indent, 0); -} - -static int -eckey_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx) -{ - return do_EC_KEY_print(bp, pkey->pkey.ec, indent, 1); -} - - -static int -eckey_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx) -{ - return do_EC_KEY_print(bp, pkey->pkey.ec, indent, 2); -} - -static int -old_ec_priv_decode(EVP_PKEY *pkey, const unsigned char **priv, int priv_len) -{ - EC_KEY *eckey; - int ret = 0; - - if ((eckey = d2i_ECPrivateKey(NULL, priv, priv_len)) == NULL) - goto err; - if (!EVP_PKEY_assign_EC_KEY(pkey, eckey)) - goto err; - eckey = NULL; - - ret = 1; - - err: - EC_KEY_free(eckey); - - return ret; -} - -static int -old_ec_priv_encode(const EVP_PKEY *pkey, unsigned char **priv) -{ - return i2d_ECPrivateKey(pkey->pkey.ec, priv); -} - -static int -ec_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) -{ - switch (op) { - case ASN1_PKEY_CTRL_PKCS7_SIGN: - if (arg1 == 0) { - int snid, hnid; - X509_ALGOR *alg1, *alg2; - PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2); - if (alg1 == NULL || alg1->algorithm == NULL) - return -1; - hnid = OBJ_obj2nid(alg1->algorithm); - if (hnid == NID_undef) - return -1; - if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey))) - return -1; - if (!X509_ALGOR_set0_by_nid(alg2, snid, V_ASN1_UNDEF, - NULL)) - return -1; - } - return 1; - -#ifndef OPENSSL_NO_CMS - case ASN1_PKEY_CTRL_CMS_SIGN: - if (arg1 == 0) { - X509_ALGOR *alg1, *alg2; - int snid, hnid; - - CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2); - if (alg1 == NULL || alg1->algorithm == NULL) - return -1; - hnid = OBJ_obj2nid(alg1->algorithm); - if (hnid == NID_undef) - return -1; - if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey))) - return -1; - if (!X509_ALGOR_set0_by_nid(alg2, snid, V_ASN1_UNDEF, - NULL)) - return -1; - } - return 1; - - case ASN1_PKEY_CTRL_CMS_ENVELOPE: - if (arg1 == 0) - return ecdh_cms_encrypt(arg2); - else if (arg1 == 1) - return ecdh_cms_decrypt(arg2); - return -2; - - case ASN1_PKEY_CTRL_CMS_RI_TYPE: - *(int *)arg2 = CMS_RECIPINFO_AGREE; - return 1; -#endif - - case ASN1_PKEY_CTRL_DEFAULT_MD_NID: - *(int *) arg2 = NID_sha1; - return 2; - - default: - return -2; - - } - -} - -#ifndef OPENSSL_NO_CMS - -static int -ecdh_cms_set_peerkey(EVP_PKEY_CTX *pctx, X509_ALGOR *alg, - ASN1_BIT_STRING *pubkey) -{ - const ASN1_OBJECT *aoid; - int atype; - const void *aval; - int rv = 0; - EVP_PKEY *pkpeer = NULL; - EC_KEY *ecpeer = NULL; - const unsigned char *p; - int plen; - - X509_ALGOR_get0(&aoid, &atype, &aval, alg); - if (OBJ_obj2nid(aoid) != NID_X9_62_id_ecPublicKey) - goto err; - - /* If absent parameters get group from main key */ - if (atype == V_ASN1_UNDEF || atype == V_ASN1_NULL) { - const EC_GROUP *grp; - EVP_PKEY *pk; - - pk = EVP_PKEY_CTX_get0_pkey(pctx); - if (!pk) - goto err; - grp = EC_KEY_get0_group(pk->pkey.ec); - ecpeer = EC_KEY_new(); - if (ecpeer == NULL) - goto err; - if (!EC_KEY_set_group(ecpeer, grp)) - goto err; - } else { - if (!eckey_from_params(atype, aval, &ecpeer)) - goto err; - } - - /* We have parameters now set public key */ - plen = ASN1_STRING_length(pubkey); - p = ASN1_STRING_get0_data(pubkey); - if (!p || !plen) - goto err; - if (!o2i_ECPublicKey(&ecpeer, &p, plen)) - goto err; - pkpeer = EVP_PKEY_new(); - if (pkpeer == NULL) - goto err; - EVP_PKEY_set1_EC_KEY(pkpeer, ecpeer); - if (EVP_PKEY_derive_set_peer(pctx, pkpeer) > 0) - rv = 1; - err: - EC_KEY_free(ecpeer); - EVP_PKEY_free(pkpeer); - return rv; -} - -/* Set KDF parameters based on KDF NID */ -static int -ecdh_cms_set_kdf_param(EVP_PKEY_CTX *pctx, int eckdf_nid) -{ - int kdf_nid, kdfmd_nid, cofactor; - const EVP_MD *kdf_md; - - if (eckdf_nid == NID_undef) - return 0; - - /* Lookup KDF type, cofactor mode and digest */ - if (!OBJ_find_sigid_algs(eckdf_nid, &kdfmd_nid, &kdf_nid)) - return 0; - - if (kdf_nid == NID_dh_std_kdf) - cofactor = 0; - else if (kdf_nid == NID_dh_cofactor_kdf) - cofactor = 1; - else - return 0; - - if (EVP_PKEY_CTX_set_ecdh_cofactor_mode(pctx, cofactor) <= 0) - return 0; - - if (EVP_PKEY_CTX_set_ecdh_kdf_type(pctx, EVP_PKEY_ECDH_KDF_X9_63) <= 0) - return 0; - - kdf_md = EVP_get_digestbynid(kdfmd_nid); - if (!kdf_md) - return 0; - - if (EVP_PKEY_CTX_set_ecdh_kdf_md(pctx, kdf_md) <= 0) - return 0; - - return 1; -} - -static int -ecdh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri) -{ - X509_ALGOR *alg, *kekalg = NULL; - const ASN1_OBJECT *obj; - int nid; - const void *parameter; - int parameter_type; - ASN1_OCTET_STRING *ukm; - const unsigned char *p; - unsigned char *der = NULL; - int plen, keylen; - const EVP_CIPHER *kekcipher; - EVP_CIPHER_CTX *kekctx; - int ret = 0; - - if (!CMS_RecipientInfo_kari_get0_alg(ri, &alg, &ukm)) - goto err; - - X509_ALGOR_get0(&obj, ¶meter_type, ¶meter, alg); - - if ((nid = OBJ_obj2nid(obj)) == NID_undef) - goto err; - if (!ecdh_cms_set_kdf_param(pctx, nid)) { - ECerror(EC_R_KDF_PARAMETER_ERROR); - goto err; - } - - if (parameter_type != V_ASN1_SEQUENCE) - goto err; - if ((p = ASN1_STRING_get0_data(parameter)) == NULL) - goto err; - plen = ASN1_STRING_length(parameter); - if ((kekalg = d2i_X509_ALGOR(NULL, &p, plen)) == NULL) - goto err; - - /* - * XXX - the reaching into kekalg below is ugly, but unfortunately the - * now internal legacy EVP_CIPHER_asn1_to_param() API doesn't interact - * nicely with the X509_ALGOR API. - */ - - if ((kekctx = CMS_RecipientInfo_kari_get0_ctx(ri)) == NULL) - goto err; - if ((kekcipher = EVP_get_cipherbyobj(kekalg->algorithm)) == NULL) - goto err; - if (EVP_CIPHER_mode(kekcipher) != EVP_CIPH_WRAP_MODE) - goto err; - if (!EVP_EncryptInit_ex(kekctx, kekcipher, NULL, NULL, NULL)) - goto err; - if (EVP_CIPHER_asn1_to_param(kekctx, kekalg->parameter) <= 0) - goto err; - - keylen = EVP_CIPHER_CTX_key_length(kekctx); - if (EVP_PKEY_CTX_set_ecdh_kdf_outlen(pctx, keylen) <= 0) - goto err; - - if ((plen = CMS_SharedInfo_encode(&der, kekalg, ukm, keylen)) <= 0) - goto err; - - if (EVP_PKEY_CTX_set0_ecdh_kdf_ukm(pctx, der, plen) <= 0) - goto err; - der = NULL; - - ret = 1; - - err: - X509_ALGOR_free(kekalg); - free(der); - - return ret; -} - -static int -ecdh_cms_decrypt(CMS_RecipientInfo *ri) -{ - EVP_PKEY_CTX *pctx; - - pctx = CMS_RecipientInfo_get0_pkey_ctx(ri); - if (!pctx) - return 0; - - /* See if we need to set peer key */ - if (!EVP_PKEY_CTX_get0_peerkey(pctx)) { - X509_ALGOR *alg; - ASN1_BIT_STRING *pubkey; - - if (!CMS_RecipientInfo_kari_get0_orig_id(ri, &alg, &pubkey, - NULL, NULL, NULL)) - return 0; - if (!alg || !pubkey) - return 0; - if (!ecdh_cms_set_peerkey(pctx, alg, pubkey)) { - ECerror(EC_R_PEER_KEY_ERROR); - return 0; - } - } - - /* Set ECDH derivation parameters and initialise unwrap context */ - if (!ecdh_cms_set_shared_info(pctx, ri)) { - ECerror(EC_R_SHARED_INFO_ERROR); - return 0; - } - - return 1; -} - -static int -ecdh_cms_encrypt(CMS_RecipientInfo *ri) -{ - EVP_PKEY_CTX *pctx; - EVP_CIPHER_CTX *ctx; - int keylen; - X509_ALGOR *talg, *wrap_alg = NULL; - const ASN1_OBJECT *aoid; - ASN1_BIT_STRING *pubkey; - ASN1_STRING *wrap_str = NULL; - ASN1_OCTET_STRING *ukm; - unsigned char *penc = NULL; - int penclen; - int ecdh_nid, kdf_nid, wrap_nid; - const EVP_MD *kdf_md; - int ret = 0; - - if ((pctx = CMS_RecipientInfo_get0_pkey_ctx(ri)) == NULL) - goto err; - if (!CMS_RecipientInfo_kari_get0_orig_id(ri, &talg, &pubkey, - NULL, NULL, NULL)) - goto err; - - X509_ALGOR_get0(&aoid, NULL, NULL, talg); - if (aoid == OBJ_nid2obj(NID_undef)) { - EVP_PKEY *pkey; - - if ((pkey = EVP_PKEY_CTX_get0_pkey(pctx)) == NULL) - goto err; - - penc = NULL; - if ((penclen = i2o_ECPublicKey(pkey->pkey.ec, &penc)) <= 0) - goto err; - - ASN1_STRING_set0(pubkey, penc, penclen); - penc = NULL; - - if (!asn1_abs_set_unused_bits(pubkey, 0)) - goto err; - - if (!X509_ALGOR_set0_by_nid(talg, NID_X9_62_id_ecPublicKey, - V_ASN1_UNDEF, NULL)) - goto err; - } - - if (EVP_PKEY_CTX_get_ecdh_kdf_type(pctx) != EVP_PKEY_ECDH_KDF_NONE) - goto err; - if (EVP_PKEY_CTX_set_ecdh_kdf_type(pctx, EVP_PKEY_ECDH_KDF_X9_63) <= 0) - goto err; - - if ((ecdh_nid = EVP_PKEY_CTX_get_ecdh_cofactor_mode(pctx)) < 0) - goto err; - if (ecdh_nid == 0) - ecdh_nid = NID_dh_std_kdf; - else if (ecdh_nid == 1) - ecdh_nid = NID_dh_cofactor_kdf; - - if (!EVP_PKEY_CTX_get_ecdh_kdf_md(pctx, &kdf_md)) - goto err; - if (kdf_md == NULL) { - /* Fixme later for better MD */ - kdf_md = EVP_sha1(); - if (EVP_PKEY_CTX_set_ecdh_kdf_md(pctx, kdf_md) <= 0) - goto err; - } - - if (!CMS_RecipientInfo_kari_get0_alg(ri, &talg, &ukm)) - goto err; - - /* Lookup NID for KDF+cofactor+digest */ - if (!OBJ_find_sigid_by_algs(&kdf_nid, EVP_MD_type(kdf_md), ecdh_nid)) - goto err; - - /* Get wrap NID */ - ctx = CMS_RecipientInfo_kari_get0_ctx(ri); - wrap_nid = EVP_CIPHER_CTX_type(ctx); - keylen = EVP_CIPHER_CTX_key_length(ctx); - - /* - * Package wrap algorithm in an AlgorithmIdentifier. - * - * Incompatibility of X509_ALGOR_set0() with EVP_CIPHER_param_to_asn1() - * makes this really gross. See the XXX in ecdh_cms_set_shared_info(). - */ - - if ((wrap_alg = X509_ALGOR_new()) == NULL) - goto err; - if ((wrap_alg->algorithm = OBJ_nid2obj(wrap_nid)) == NULL) - goto err; - if ((wrap_alg->parameter = ASN1_TYPE_new()) == NULL) - goto err; - if (EVP_CIPHER_param_to_asn1(ctx, wrap_alg->parameter) <= 0) - goto err; - if (ASN1_TYPE_get(wrap_alg->parameter) == V_ASN1_UNDEF) { - ASN1_TYPE_free(wrap_alg->parameter); - wrap_alg->parameter = NULL; - } - - if ((penclen = CMS_SharedInfo_encode(&penc, wrap_alg, ukm, keylen)) <= 0) - goto err; - - if (EVP_PKEY_CTX_set_ecdh_kdf_outlen(pctx, keylen) <= 0) - goto err; - if (EVP_PKEY_CTX_set0_ecdh_kdf_ukm(pctx, penc, penclen) <= 0) - goto err; - penc = NULL; - - /* - * Wrap encoded wrap AlgorithmIdentifier into parameter of another - * AlgorithmIdentifier. - */ - - if ((penclen = i2d_X509_ALGOR(wrap_alg, &penc)) <= 0) - goto err; - - if ((wrap_str = ASN1_STRING_new()) == NULL) - goto err; - ASN1_STRING_set0(wrap_str, penc, penclen); - penc = NULL; - - if (!X509_ALGOR_set0_by_nid(talg, kdf_nid, V_ASN1_SEQUENCE, wrap_str)) - goto err; - wrap_str = NULL; - - ret = 1; - - err: - free(penc); - ASN1_STRING_free(wrap_str); - X509_ALGOR_free(wrap_alg); - - return ret; -} - -#endif - -const EVP_PKEY_ASN1_METHOD eckey_asn1_meth = { - .base_method = &eckey_asn1_meth, - .pkey_id = EVP_PKEY_EC, - - .pem_str = "EC", - .info = "OpenSSL EC algorithm", - - .pub_decode = eckey_pub_decode, - .pub_encode = eckey_pub_encode, - .pub_cmp = eckey_pub_cmp, - .pub_print = eckey_pub_print, - - .priv_decode = eckey_priv_decode, - .priv_encode = eckey_priv_encode, - .priv_print = eckey_priv_print, - - .pkey_size = ec_size, - .pkey_bits = ec_bits, - .pkey_security_bits = ec_security_bits, - - .param_decode = eckey_param_decode, - .param_encode = eckey_param_encode, - .param_missing = ec_missing_parameters, - .param_copy = ec_copy_parameters, - .param_cmp = ec_cmp_parameters, - .param_print = eckey_param_print, - - .pkey_free = ec_free, - .pkey_ctrl = ec_pkey_ctrl, - .old_priv_decode = old_ec_priv_decode, - .old_priv_encode = old_ec_priv_encode, -}; diff --git a/src/lib/libcrypto/ec/ec_asn1.c b/src/lib/libcrypto/ec/ec_asn1.c deleted file mode 100644 index ef318f8d43..0000000000 --- a/src/lib/libcrypto/ec/ec_asn1.c +++ /dev/null @@ -1,1461 +0,0 @@ -/* $OpenBSD: ec_asn1.c,v 1.111 2025/03/13 10:31:12 tb Exp $ */ -/* - * Written by Nils Larsch for the OpenSSL project. - */ -/* ==================================================================== - * Copyright (c) 2000-2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include - -#include - -#include -#include -#include -#include -#include -#include - -#include "asn1_local.h" -#include "ec_local.h" - -int -EC_GROUP_get_basis_type(const EC_GROUP *group) -{ - return 0; -} -LCRYPTO_ALIAS(EC_GROUP_get_basis_type); - -typedef struct x9_62_pentanomial_st { - long k1; - long k2; - long k3; -} X9_62_PENTANOMIAL; - -typedef struct x9_62_characteristic_two_st { - long m; - ASN1_OBJECT *type; - union { - char *ptr; - /* NID_X9_62_onBasis */ - ASN1_NULL *onBasis; - /* NID_X9_62_tpBasis */ - ASN1_INTEGER *tpBasis; - /* NID_X9_62_ppBasis */ - X9_62_PENTANOMIAL *ppBasis; - /* anything else */ - ASN1_TYPE *other; - } p; -} X9_62_CHARACTERISTIC_TWO; - -typedef struct x9_62_fieldid_st { - ASN1_OBJECT *fieldType; - union { - char *ptr; - /* NID_X9_62_prime_field */ - ASN1_INTEGER *prime; - /* NID_X9_62_characteristic_two_field */ - X9_62_CHARACTERISTIC_TWO *char_two; - /* anything else */ - ASN1_TYPE *other; - } p; -} X9_62_FIELDID; - -typedef struct x9_62_curve_st { - ASN1_OCTET_STRING *a; - ASN1_OCTET_STRING *b; - ASN1_BIT_STRING *seed; -} X9_62_CURVE; - -typedef struct ec_parameters_st { - long version; - X9_62_FIELDID *fieldID; - X9_62_CURVE *curve; - ASN1_OCTET_STRING *base; - ASN1_INTEGER *order; - ASN1_INTEGER *cofactor; -} ECPARAMETERS; - -#define ECPK_PARAM_NAMED_CURVE 0 -#define ECPK_PARAM_EXPLICIT 1 -#define ECPK_PARAM_IMPLICITLY_CA 2 - -typedef struct ecpk_parameters_st { - int type; - union { - ASN1_OBJECT *named_curve; - ECPARAMETERS *parameters; - ASN1_NULL *implicitlyCA; - } value; -} ECPKPARAMETERS; - -typedef struct ec_privatekey_st { - long version; - ASN1_OCTET_STRING *privateKey; - ECPKPARAMETERS *parameters; - ASN1_BIT_STRING *publicKey; -} EC_PRIVATEKEY; - -static const ASN1_TEMPLATE X9_62_PENTANOMIAL_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(X9_62_PENTANOMIAL, k1), - .field_name = "k1", - .item = &LONG_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(X9_62_PENTANOMIAL, k2), - .field_name = "k2", - .item = &LONG_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(X9_62_PENTANOMIAL, k3), - .field_name = "k3", - .item = &LONG_it, - }, -}; - -static const ASN1_ITEM X9_62_PENTANOMIAL_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = X9_62_PENTANOMIAL_seq_tt, - .tcount = sizeof(X9_62_PENTANOMIAL_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(X9_62_PENTANOMIAL), - .sname = "X9_62_PENTANOMIAL", -}; - -static const ASN1_TEMPLATE char_two_def_tt = { - .flags = 0, - .tag = 0, - .offset = offsetof(X9_62_CHARACTERISTIC_TWO, p.other), - .field_name = "p.other", - .item = &ASN1_ANY_it, -}; - -static const ASN1_ADB_TABLE X9_62_CHARACTERISTIC_TWO_adbtbl[] = { - { - .value = NID_X9_62_onBasis, - .tt = { - .flags = 0, - .tag = 0, - .offset = offsetof(X9_62_CHARACTERISTIC_TWO, p.onBasis), - .field_name = "p.onBasis", - .item = &ASN1_NULL_it, - }, - }, - { - .value = NID_X9_62_tpBasis, - .tt = { - .flags = 0, - .tag = 0, - .offset = offsetof(X9_62_CHARACTERISTIC_TWO, p.tpBasis), - .field_name = "p.tpBasis", - .item = &ASN1_INTEGER_it, - }, - }, - { - .value = NID_X9_62_ppBasis, - .tt = { - .flags = 0, - .tag = 0, - .offset = offsetof(X9_62_CHARACTERISTIC_TWO, p.ppBasis), - .field_name = "p.ppBasis", - .item = &X9_62_PENTANOMIAL_it, - }, - - }, -}; - -static const ASN1_ADB X9_62_CHARACTERISTIC_TWO_adb = { - .flags = 0, - .offset = offsetof(X9_62_CHARACTERISTIC_TWO, type), - .tbl = X9_62_CHARACTERISTIC_TWO_adbtbl, - .tblcount = sizeof(X9_62_CHARACTERISTIC_TWO_adbtbl) / sizeof(ASN1_ADB_TABLE), - .default_tt = &char_two_def_tt, - .null_tt = NULL, -}; - -static const ASN1_TEMPLATE X9_62_CHARACTERISTIC_TWO_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(X9_62_CHARACTERISTIC_TWO, m), - .field_name = "m", - .item = &LONG_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(X9_62_CHARACTERISTIC_TWO, type), - .field_name = "type", - .item = &ASN1_OBJECT_it, - }, - { - .flags = ASN1_TFLG_ADB_OID, - .tag = -1, - .offset = 0, - .field_name = "X9_62_CHARACTERISTIC_TWO", - .item = (const ASN1_ITEM *)&X9_62_CHARACTERISTIC_TWO_adb, - }, -}; - -static const ASN1_ITEM X9_62_CHARACTERISTIC_TWO_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = X9_62_CHARACTERISTIC_TWO_seq_tt, - .tcount = sizeof(X9_62_CHARACTERISTIC_TWO_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(X9_62_CHARACTERISTIC_TWO), - .sname = "X9_62_CHARACTERISTIC_TWO", -}; - -static const ASN1_TEMPLATE fieldID_def_tt = { - .flags = 0, - .tag = 0, - .offset = offsetof(X9_62_FIELDID, p.other), - .field_name = "p.other", - .item = &ASN1_ANY_it, -}; - -static const ASN1_ADB_TABLE X9_62_FIELDID_adbtbl[] = { - { - .value = NID_X9_62_prime_field, - .tt = { - .flags = 0, - .tag = 0, - .offset = offsetof(X9_62_FIELDID, p.prime), - .field_name = "p.prime", - .item = &ASN1_INTEGER_it, - }, - }, - { - .value = NID_X9_62_characteristic_two_field, - .tt = { - .flags = 0, - .tag = 0, - .offset = offsetof(X9_62_FIELDID, p.char_two), - .field_name = "p.char_two", - .item = &X9_62_CHARACTERISTIC_TWO_it, - }, - }, -}; - -static const ASN1_ADB X9_62_FIELDID_adb = { - .flags = 0, - .offset = offsetof(X9_62_FIELDID, fieldType), - .tbl = X9_62_FIELDID_adbtbl, - .tblcount = sizeof(X9_62_FIELDID_adbtbl) / sizeof(ASN1_ADB_TABLE), - .default_tt = &fieldID_def_tt, - .null_tt = NULL, -}; - -static const ASN1_TEMPLATE X9_62_FIELDID_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(X9_62_FIELDID, fieldType), - .field_name = "fieldType", - .item = &ASN1_OBJECT_it, - }, - { - .flags = ASN1_TFLG_ADB_OID, - .tag = -1, - .offset = 0, - .field_name = "X9_62_FIELDID", - .item = (const ASN1_ITEM *)&X9_62_FIELDID_adb, - }, -}; - -static const ASN1_ITEM X9_62_FIELDID_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = X9_62_FIELDID_seq_tt, - .tcount = sizeof(X9_62_FIELDID_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(X9_62_FIELDID), - .sname = "X9_62_FIELDID", -}; - -static const ASN1_TEMPLATE X9_62_CURVE_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(X9_62_CURVE, a), - .field_name = "a", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(X9_62_CURVE, b), - .field_name = "b", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(X9_62_CURVE, seed), - .field_name = "seed", - .item = &ASN1_BIT_STRING_it, - }, -}; - -static const ASN1_ITEM X9_62_CURVE_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = X9_62_CURVE_seq_tt, - .tcount = sizeof(X9_62_CURVE_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(X9_62_CURVE), - .sname = "X9_62_CURVE", -}; - -static const ASN1_TEMPLATE ECPARAMETERS_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(ECPARAMETERS, version), - .field_name = "version", - .item = &LONG_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(ECPARAMETERS, fieldID), - .field_name = "fieldID", - .item = &X9_62_FIELDID_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(ECPARAMETERS, curve), - .field_name = "curve", - .item = &X9_62_CURVE_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(ECPARAMETERS, base), - .field_name = "base", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(ECPARAMETERS, order), - .field_name = "order", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(ECPARAMETERS, cofactor), - .field_name = "cofactor", - .item = &ASN1_INTEGER_it, - }, -}; - -static const ASN1_ITEM ECPARAMETERS_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = ECPARAMETERS_seq_tt, - .tcount = sizeof(ECPARAMETERS_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(ECPARAMETERS), - .sname = "ECPARAMETERS", -}; - -static ECPARAMETERS * -ECPARAMETERS_new(void) -{ - return (ECPARAMETERS*)ASN1_item_new(&ECPARAMETERS_it); -} - -static void -ECPARAMETERS_free(ECPARAMETERS *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ECPARAMETERS_it); -} - -static const ASN1_TEMPLATE ECPKPARAMETERS_ch_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(ECPKPARAMETERS, value.named_curve), - .field_name = "value.named_curve", - .item = &ASN1_OBJECT_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(ECPKPARAMETERS, value.parameters), - .field_name = "value.parameters", - .item = &ECPARAMETERS_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(ECPKPARAMETERS, value.implicitlyCA), - .field_name = "value.implicitlyCA", - .item = &ASN1_NULL_it, - }, -}; - -static const ASN1_ITEM ECPKPARAMETERS_it = { - .itype = ASN1_ITYPE_CHOICE, - .utype = offsetof(ECPKPARAMETERS, type), - .templates = ECPKPARAMETERS_ch_tt, - .tcount = sizeof(ECPKPARAMETERS_ch_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(ECPKPARAMETERS), - .sname = "ECPKPARAMETERS", -}; - -static ECPKPARAMETERS * -d2i_ECPKPARAMETERS(ECPKPARAMETERS **a, const unsigned char **in, long len) -{ - return (ECPKPARAMETERS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ECPKPARAMETERS_it); -} - -static int -i2d_ECPKPARAMETERS(const ECPKPARAMETERS *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ECPKPARAMETERS_it); -} - -static ECPKPARAMETERS * -ECPKPARAMETERS_new(void) -{ - return (ECPKPARAMETERS *)ASN1_item_new(&ECPKPARAMETERS_it); -} - -static void -ECPKPARAMETERS_free(ECPKPARAMETERS *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ECPKPARAMETERS_it); -} - -static const ASN1_TEMPLATE EC_PRIVATEKEY_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(EC_PRIVATEKEY, version), - .field_name = "version", - .item = &LONG_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(EC_PRIVATEKEY, privateKey), - .field_name = "privateKey", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(EC_PRIVATEKEY, parameters), - .field_name = "parameters", - .item = &ECPKPARAMETERS_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(EC_PRIVATEKEY, publicKey), - .field_name = "publicKey", - .item = &ASN1_BIT_STRING_it, - }, -}; - -static const ASN1_ITEM EC_PRIVATEKEY_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = EC_PRIVATEKEY_seq_tt, - .tcount = sizeof(EC_PRIVATEKEY_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(EC_PRIVATEKEY), - .sname = "EC_PRIVATEKEY", -}; - -static EC_PRIVATEKEY * -d2i_EC_PRIVATEKEY(EC_PRIVATEKEY **a, const unsigned char **in, long len) -{ - return (EC_PRIVATEKEY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &EC_PRIVATEKEY_it); -} - -static int -i2d_EC_PRIVATEKEY(const EC_PRIVATEKEY *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &EC_PRIVATEKEY_it); -} - -static EC_PRIVATEKEY * -EC_PRIVATEKEY_new(void) -{ - return (EC_PRIVATEKEY *)ASN1_item_new(&EC_PRIVATEKEY_it); -} - -static void -EC_PRIVATEKEY_free(EC_PRIVATEKEY *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &EC_PRIVATEKEY_it); -} - -static int -ec_point_from_asn1_string(const EC_GROUP *group, const ASN1_STRING *astr, - EC_POINT **out_point, uint8_t *out_form) -{ - return ec_point_from_octets(group, astr->data, astr->length, - out_point, out_form, NULL); -} - -static int -ec_point_from_asn1_bit_string(const EC_GROUP *group, const ASN1_BIT_STRING *abs, - EC_POINT **out_point, uint8_t *out_form) -{ - /* - * Per SEC 1, C.3, the bit string representing the public key comes from - * an octet string, therefore the unused bits octet must be 0x00. - * XXX - move this check to a helper in a_bitstr.c? - */ - if ((abs->flags & ASN1_STRING_FLAG_BITS_LEFT) != 0 && - (abs->flags & 0x07) != 0) - return 0; - - return ec_point_from_asn1_string(group, abs, out_point, out_form); -} - -static int -ec_point_from_asn1_octet_string(const EC_GROUP *group, const ASN1_OCTET_STRING *aos, - EC_POINT **out_point, uint8_t *out_form) -{ - return ec_point_from_asn1_string(group, aos, out_point, out_form); -} - -static int -ec_point_to_asn1_string_type(const EC_GROUP *group, const EC_POINT *point, - int form, int type, ASN1_STRING **out_astr) -{ - ASN1_STRING *astr = NULL; - unsigned char *buf = NULL; - size_t len = 0; - int ret = 0; - - if (*out_astr != NULL && ASN1_STRING_type(*out_astr) != type) - goto err; - - if (!ec_point_to_octets(group, point, form, &buf, &len, NULL)) - goto err; - - if ((astr = *out_astr) == NULL) - astr = ASN1_STRING_type_new(type); - if (astr == NULL) - goto err; - - ASN1_STRING_set0(astr, buf, len); - buf = NULL; - len = 0; - - *out_astr = astr; - astr = NULL; - - ret = 1; - - err: - ASN1_STRING_free(astr); - freezero(buf, len); - - return ret; -} - -static int -ec_point_to_asn1_bit_string(const EC_GROUP *group, const EC_POINT *point, - int form, ASN1_BIT_STRING **out_abs) -{ - if (!ec_point_to_asn1_string_type(group, point, form, - V_ASN1_BIT_STRING, out_abs)) - return 0; - - return asn1_abs_set_unused_bits(*out_abs, 0); -} - -static int -ec_point_to_asn1_octet_string(const EC_GROUP *group, const EC_POINT *point, - int form, ASN1_OCTET_STRING **out_aos) -{ - return ec_point_to_asn1_string_type(group, point, form, - V_ASN1_OCTET_STRING, out_aos); -} - -static int -ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field) -{ - int ret = 0; - - if (group == NULL || field == NULL) - goto err; - - if ((field->fieldType = OBJ_nid2obj(NID_X9_62_prime_field)) == NULL) { - ECerror(ERR_R_OBJ_LIB); - goto err; - } - if ((field->p.prime = BN_to_ASN1_INTEGER(group->p, NULL)) == NULL) { - ECerror(ERR_R_ASN1_LIB); - goto err; - } - - ret = 1; - - err: - return ret; -} - -static int -ec_asn1_encode_bn(const EC_GROUP *group, const BIGNUM *bn, int len, - ASN1_OCTET_STRING *os) -{ - unsigned char *buf; - int ret = 0; - - /* One extra byte for historic NUL termination of ASN1_STRINGs. */ - if ((buf = calloc(1, len + 1)) == NULL) - goto err; - - if (BN_bn2binpad(bn, buf, len) != len) - goto err; - - ASN1_STRING_set0(os, buf, len); - buf = NULL; - len = 0; - - ret = 1; - - err: - freezero(buf, len); - - return ret; -} - -static int -ec_asn1_encode_field_element(const EC_GROUP *group, const BIGNUM *bn, - ASN1_OCTET_STRING *os) -{ - /* Zero-pad field element to byte length of p per SEC 1, 2.3.5. */ - return ec_asn1_encode_bn(group, bn, BN_num_bytes(group->p), os); -} - -static int -ec_asn1_encode_private_key(const EC_GROUP *group, const BIGNUM *bn, - ASN1_OCTET_STRING *os) -{ - /* Zero-pad private key to byte length of order per SEC 1, C.4. */ - return ec_asn1_encode_bn(group, bn, BN_num_bytes(group->order), os); -} - -static int -ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve) -{ - BIGNUM *a = NULL, *b = NULL; - int ret = 0; - - if (group == NULL) - goto err; - if (curve == NULL || curve->a == NULL || curve->b == NULL) - goto err; - - if ((a = BN_new()) == NULL || (b = BN_new()) == NULL) { - ECerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!EC_GROUP_get_curve(group, NULL, a, b, NULL)) { - ECerror(ERR_R_EC_LIB); - goto err; - } - - if (!ec_asn1_encode_field_element(group, a, curve->a)) { - ECerror(ERR_R_EC_LIB); - goto err; - } - if (!ec_asn1_encode_field_element(group, b, curve->b)) { - ECerror(ERR_R_EC_LIB); - goto err; - } - - ASN1_BIT_STRING_free(curve->seed); - curve->seed = NULL; - - if (group->seed != NULL) { - if ((curve->seed = ASN1_BIT_STRING_new()) == NULL) { - ECerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if (!ASN1_BIT_STRING_set(curve->seed, - group->seed, group->seed_len)) { - ECerror(ERR_R_ASN1_LIB); - goto err; - } - if (!asn1_abs_set_unused_bits(curve->seed, 0)) { - ECerror(ERR_R_ASN1_LIB); - goto err; - } - } - - ret = 1; - - err: - BN_free(a); - BN_free(b); - - return ret; -} - -static ECPARAMETERS * -ec_asn1_group2parameters(const EC_GROUP *group) -{ - ECPARAMETERS *parameters = NULL; - const EC_POINT *generator = NULL; - const BIGNUM *order, *cofactor; - uint8_t form; - - if ((parameters = ECPARAMETERS_new()) == NULL) { - ECerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - parameters->version = 0x1; - - if (!ec_asn1_group2fieldid(group, parameters->fieldID)) { - ECerror(ERR_R_EC_LIB); - goto err; - } - - if (!ec_asn1_group2curve(group, parameters->curve)) { - ECerror(ERR_R_EC_LIB); - goto err; - } - - if ((generator = EC_GROUP_get0_generator(group)) == NULL) { - ECerror(EC_R_UNDEFINED_GENERATOR); - goto err; - } - - form = EC_GROUP_get_point_conversion_form(group); - if (!ec_point_to_asn1_octet_string(group, generator, form, ¶meters->base)) - goto err; - - if ((order = EC_GROUP_get0_order(group)) == NULL) { - ECerror(ERR_R_EC_LIB); - goto err; - } - if (BN_is_zero(order)) { - ECerror(ERR_R_EC_LIB); - goto err; - } - ASN1_INTEGER_free(parameters->order); - if ((parameters->order = BN_to_ASN1_INTEGER(order, NULL)) == NULL) { - ECerror(ERR_R_ASN1_LIB); - goto err; - } - - ASN1_INTEGER_free(parameters->cofactor); - parameters->cofactor = NULL; - if ((cofactor = EC_GROUP_get0_cofactor(group)) == NULL) { - ECerror(ERR_R_EC_LIB); - goto err; - } - if (!BN_is_zero(cofactor)) { - if ((parameters->cofactor = BN_to_ASN1_INTEGER(cofactor, - NULL)) == NULL) { - ECerror(ERR_R_ASN1_LIB); - goto err; - } - } - - return parameters; - - err: - ECPARAMETERS_free(parameters); - - return NULL; -} - -static ECPKPARAMETERS * -ec_asn1_group2pkparameters(const EC_GROUP *group) -{ - ECPKPARAMETERS *pkparameters; - ECPARAMETERS *parameters; - ASN1_OBJECT *aobj; - int nid; - - if ((pkparameters = ECPKPARAMETERS_new()) == NULL) { - ECerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - if ((EC_GROUP_get_asn1_flag(group) & OPENSSL_EC_NAMED_CURVE) != 0) { - if ((nid = EC_GROUP_get_curve_name(group)) == NID_undef) - goto err; - if ((aobj = OBJ_nid2obj(nid)) == NULL) - goto err; - pkparameters->type = ECPK_PARAM_NAMED_CURVE; - pkparameters->value.named_curve = aobj; - } else { - if ((parameters = ec_asn1_group2parameters(group)) == NULL) - goto err; - pkparameters->type = ECPK_PARAM_EXPLICIT; - pkparameters->value.parameters = parameters; - parameters = NULL; - } - - return pkparameters; - - err: - ECPKPARAMETERS_free(pkparameters); - - return NULL; -} - -static int -ec_asn1_is_prime_field(const X9_62_FIELDID *fieldid) -{ - int nid; - - if (fieldid == NULL) { - ECerror(EC_R_ASN1_ERROR); - return 0; - } - if ((nid = OBJ_obj2nid(fieldid->fieldType)) == NID_undef) { - ECerror(EC_R_INVALID_FIELD); - return 0; - } - if (nid == NID_X9_62_characteristic_two_field) { - ECerror(EC_R_GF2M_NOT_SUPPORTED); - return 0; - } - if (nid != NID_X9_62_prime_field) { - ECerror(EC_R_UNSUPPORTED_FIELD); - return 0; - } - - /* We can't check that this is actually a prime due to DoS risk. */ - if (fieldid->p.prime == NULL) { - ECerror(EC_R_INVALID_FIELD); - return 0; - } - - return 1; -} - -static int -ec_asn1_parameters_curve2group(const X9_62_CURVE *curve, - const ASN1_INTEGER *prime, EC_GROUP **out_group) -{ - EC_GROUP *group = NULL; - BIGNUM *p = NULL, *a = NULL, *b = NULL; - int ret = 0; - - if (*out_group != NULL) - goto err; - - if ((p = ASN1_INTEGER_to_BN(prime, NULL)) == NULL) - goto err; - if ((a = BN_bin2bn(curve->a->data, curve->a->length, NULL)) == NULL) - goto err; - if ((b = BN_bin2bn(curve->b->data, curve->b->length, NULL)) == NULL) - goto err; - - /* - * XXX - move these checks to ec_GFp_simple_group_set_curve()? - * What about checking 0 <= a, b < p? - */ - if (BN_is_zero(p) || BN_is_negative(p)) { - ECerror(EC_R_INVALID_FIELD); - goto err; - } - if (BN_num_bits(p) > OPENSSL_ECC_MAX_FIELD_BITS) { - ECerror(EC_R_FIELD_TOO_LARGE); - goto err; - } - - if ((group = EC_GROUP_new_curve_GFp(p, a, b, NULL)) == NULL) - goto err; - - *out_group = group; - group = NULL; - - ret = 1; - - err: - BN_free(p); - BN_free(a); - BN_free(b); - EC_GROUP_free(group); - - return ret; -} - -static int -ec_asn1_set_group_parameters(const ECPARAMETERS *params, EC_GROUP *group) -{ - EC_POINT *generator = NULL; - BIGNUM *order = NULL, *cofactor = NULL; - const ASN1_BIT_STRING *seed; - uint8_t form; - int ret = 0; - - if (!ec_point_from_asn1_octet_string(group, params->base, &generator, &form)) - goto err; - EC_GROUP_set_point_conversion_form(group, form); - - if ((order = ASN1_INTEGER_to_BN(params->order, NULL)) == NULL) { - ECerror(ERR_R_ASN1_LIB); - goto err; - } - if (params->cofactor != NULL) { - if ((cofactor = ASN1_INTEGER_to_BN(params->cofactor, - NULL)) == NULL) { - ECerror(ERR_R_ASN1_LIB); - goto err; - } - } - - /* Checks the Hasse bound and sets the cofactor if possible or fails. */ - if (!EC_GROUP_set_generator(group, generator, order, cofactor)) { - ECerror(ERR_R_EC_LIB); - goto err; - } - - if ((seed = params->curve->seed) != NULL) { - if (EC_GROUP_set_seed(group, seed->data, seed->length) == 0) { - ECerror(ERR_R_MALLOC_FAILURE); - goto err; - } - } - - ret = 1; - - err: - EC_POINT_free(generator); - BN_free(order); - BN_free(cofactor); - - return ret; -} - -static int -ec_asn1_parameters_extract_prime_group(const ECPARAMETERS *params, - EC_GROUP **out_group) -{ - EC_GROUP *group = NULL; - int ret = 0; - - if (*out_group != NULL) - goto err; - - if (!ec_asn1_is_prime_field(params->fieldID)) - goto err; - if (!ec_asn1_parameters_curve2group(params->curve, - params->fieldID->p.prime, &group)) - goto err; - if (!ec_asn1_set_group_parameters(params, group)) - goto err; - - *out_group = group; - group = NULL; - - ret = 1; - - err: - EC_GROUP_free(group); - - return ret; -} - -static EC_GROUP * -ec_asn1_parameters2group(const ECPARAMETERS *params) -{ - EC_GROUP *group = NULL; - int nid = NID_undef; - - if (params == NULL) { - ECerror(EC_R_ASN1_ERROR); - goto err; - } - - if (!ec_asn1_parameters_extract_prime_group(params, &group)) - goto err; - if (!ec_group_is_builtin_curve(group, &nid)) - goto err; - EC_GROUP_set_curve_name(group, nid); - - return group; - - err: - EC_GROUP_free(group); - - return NULL; -} - -static EC_GROUP * -ec_asn1_pkparameters2group(const ECPKPARAMETERS *params) -{ - EC_GROUP *group; - int nid; - - if (params->type == ECPK_PARAM_NAMED_CURVE) { - if ((nid = OBJ_obj2nid(params->value.named_curve)) == NID_undef) { - ECerror(EC_R_UNKNOWN_GROUP); - return NULL; - } - if ((group = EC_GROUP_new_by_curve_name(nid)) == NULL) { - ECerror(EC_R_EC_GROUP_NEW_BY_NAME_FAILURE); - return NULL; - } - EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); - } else if (params->type == ECPK_PARAM_EXPLICIT) { - group = ec_asn1_parameters2group(params->value.parameters); - if (group == NULL) { - ECerror(ERR_R_EC_LIB); - return NULL; - } - EC_GROUP_set_asn1_flag(group, OPENSSL_EC_EXPLICIT_CURVE); - } else if (params->type == ECPK_PARAM_IMPLICITLY_CA) { - return NULL; - } else { - ECerror(EC_R_ASN1_ERROR); - return NULL; - } - - return group; -} - -EC_GROUP * -d2i_ECPKParameters(EC_GROUP **a, const unsigned char **in, long len) -{ - EC_GROUP *group = NULL; - ECPKPARAMETERS *params; - - if ((params = d2i_ECPKPARAMETERS(NULL, in, len)) == NULL) { - ECerror(EC_R_D2I_ECPKPARAMETERS_FAILURE); - goto err; - } - if ((group = ec_asn1_pkparameters2group(params)) == NULL) { - ECerror(EC_R_PKPARAMETERS2GROUP_FAILURE); - goto err; - } - - if (a != NULL) { - EC_GROUP_free(*a); - *a = group; - } - - err: - ECPKPARAMETERS_free(params); - - return group; -} -LCRYPTO_ALIAS(d2i_ECPKParameters); - -int -i2d_ECPKParameters(const EC_GROUP *group, unsigned char **out_der) -{ - ECPKPARAMETERS *parameters; - int ret = 0; - - if ((parameters = ec_asn1_group2pkparameters(group)) == NULL) { - ECerror(EC_R_GROUP2PKPARAMETERS_FAILURE); - goto err; - } - if ((ret = i2d_ECPKPARAMETERS(parameters, out_der)) <= 0) { - ECerror(EC_R_I2D_ECPKPARAMETERS_FAILURE); - goto err; - } - - err: - ECPKPARAMETERS_free(parameters); - - return ret; -} -LCRYPTO_ALIAS(i2d_ECPKParameters); - -static int -ec_key_set_group_from_parameters(EC_KEY *ec_key, const ECPKPARAMETERS *params) -{ - EC_GROUP *group = NULL; - int ret = 0; - - /* Use group in parameters, if any. Fall back to existing group. */ - if (params != NULL) { - if ((group = ec_asn1_pkparameters2group(params)) == NULL) - goto err; - if (!EC_KEY_set_group(ec_key, group)) - goto err; - } - if (ec_key->group == NULL) - goto err; - - ret = 1; - - err: - EC_GROUP_free(group); - - return ret; -} - -static int -ec_key_set_private_key(EC_KEY *ec_key, const ASN1_OCTET_STRING *aos) -{ - BIGNUM *priv_key = NULL; - int ret = 0; - - if (aos == NULL) { - ECerror(EC_R_MISSING_PRIVATE_KEY); - goto err; - } - - /* - * XXX - Sec 1, C.4 requires that this octet string be padded to the - * byte length of the group's order. This can't be enforced because - * i2d_ECPrivateKey() used to produce a semi-compatible ad hoc format. - */ - if ((priv_key = BN_bin2bn(aos->data, aos->length, NULL)) == NULL) - goto err; - if (!EC_KEY_set_private_key(ec_key, priv_key)) - goto err; - - ret = 1; - - err: - BN_free(priv_key); - - return ret; -} - -static int -ec_key_set_public_key(EC_KEY *ec_key, const ASN1_BIT_STRING *abs) -{ - EC_POINT *pub_key = NULL; - uint8_t form; - int ret = 0; - - if (abs == NULL) { - ec_key->enc_flag |= EC_PKEY_NO_PUBKEY; - return eckey_compute_pubkey(ec_key); - } - - /* XXX - SEC 1, 2.3.4 does not allow hybrid encoding. */ - if (!ec_point_from_asn1_bit_string(ec_key->group, abs, &pub_key, &form)) - goto err; - if (!EC_KEY_set_public_key(ec_key, pub_key)) - goto err; - EC_KEY_set_conv_form(ec_key, form); - - ret = 1; - - err: - EC_POINT_free(pub_key); - - return ret; -} - -EC_KEY * -d2i_ECPrivateKey(EC_KEY **out_ec_key, const unsigned char **in, long len) -{ - EC_KEY *ec_key = NULL; - EC_PRIVATEKEY *ec_privatekey = NULL; - - if (out_ec_key == NULL || (ec_key = *out_ec_key) == NULL) - ec_key = EC_KEY_new(); - if (ec_key == NULL) - goto err; - - if ((ec_privatekey = d2i_EC_PRIVATEKEY(NULL, in, len)) == NULL) { - ECerror(ERR_R_EC_LIB); - goto err; - } - - ec_key->version = ec_privatekey->version; - if (!ec_key_set_group_from_parameters(ec_key, ec_privatekey->parameters)) - goto err; - if (!ec_key_set_private_key(ec_key, ec_privatekey->privateKey)) - goto err; - if (!ec_key_set_public_key(ec_key, ec_privatekey->publicKey)) - goto err; - - EC_PRIVATEKEY_free(ec_privatekey); - ec_privatekey = NULL; - - if (out_ec_key != NULL) - *out_ec_key = ec_key; - - return ec_key; - - err: - if (out_ec_key == NULL || *out_ec_key != ec_key) - EC_KEY_free(ec_key); - EC_PRIVATEKEY_free(ec_privatekey); - - return NULL; -} -LCRYPTO_ALIAS(d2i_ECPrivateKey); - -int -i2d_ECPrivateKey(EC_KEY *ec_key, unsigned char **out) -{ - EC_PRIVATEKEY *ec_privatekey = NULL; - const EC_GROUP *group; - const BIGNUM *private_key; - const EC_POINT *public_key = NULL; - int ret = 0; - - if (ec_key == NULL) { - ECerror(ERR_R_PASSED_NULL_PARAMETER); - goto err; - } - if ((group = EC_KEY_get0_group(ec_key)) == NULL) { - ECerror(EC_R_MISSING_PARAMETERS); - goto err; - } - if ((private_key = EC_KEY_get0_private_key(ec_key)) == NULL) { - ECerror(EC_R_KEYS_NOT_SET); - goto err; - } - if ((ec_key->enc_flag & EC_PKEY_NO_PUBKEY) == 0) { - if ((public_key = EC_KEY_get0_public_key(ec_key)) == NULL) { - ECerror(EC_R_KEYS_NOT_SET); - goto err; - } - } - - if ((ec_privatekey = EC_PRIVATEKEY_new()) == NULL) { - ECerror(ERR_R_MALLOC_FAILURE); - goto err; - } - ec_privatekey->version = ec_key->version; - - if (!ec_asn1_encode_private_key(group, private_key, ec_privatekey->privateKey)) - goto err; - if ((ec_key->enc_flag & EC_PKEY_NO_PARAMETERS) == 0) { - ECPKPARAMETERS *parameters; - - if ((parameters = ec_asn1_group2pkparameters(group)) == NULL) { - ECerror(ERR_R_EC_LIB); - goto err; - } - ec_privatekey->parameters = parameters; - } - if (public_key != NULL) { - uint8_t form; - - form = EC_KEY_get_conv_form(ec_key); - if (!ec_point_to_asn1_bit_string(group, public_key, form, - &ec_privatekey->publicKey)) - goto err; - } - - if ((ret = i2d_EC_PRIVATEKEY(ec_privatekey, out)) <= 0) { - ECerror(ERR_R_EC_LIB); - goto err; - } - - err: - EC_PRIVATEKEY_free(ec_privatekey); - - return ret; -} -LCRYPTO_ALIAS(i2d_ECPrivateKey); - -int -i2d_ECParameters(EC_KEY *ec_key, unsigned char **out) -{ - if (ec_key == NULL) { - ECerror(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - return i2d_ECPKParameters(ec_key->group, out); -} -LCRYPTO_ALIAS(i2d_ECParameters); - -EC_KEY * -d2i_ECParameters(EC_KEY **out_ec_key, const unsigned char **in, long len) -{ - EC_KEY *ec_key = NULL; - - if (in == NULL || *in == NULL) { - ECerror(ERR_R_PASSED_NULL_PARAMETER); - goto err; - } - if (out_ec_key == NULL || (ec_key = *out_ec_key) == NULL) - ec_key = EC_KEY_new(); - if (ec_key == NULL) { - ECerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!d2i_ECPKParameters(&ec_key->group, in, len)) { - ECerror(ERR_R_EC_LIB); - goto err; - } - - if (out_ec_key != NULL) - *out_ec_key = ec_key; - - return ec_key; - - err: - if (out_ec_key == NULL || *out_ec_key != ec_key) - EC_KEY_free(ec_key); - - return NULL; -} -LCRYPTO_ALIAS(d2i_ECParameters); - -EC_KEY * -ECParameters_dup(EC_KEY *key) -{ - const unsigned char *p; - unsigned char *der = NULL; - EC_KEY *dup = NULL; - int len; - - if (key == NULL) - return NULL; - - if ((len = i2d_ECParameters(key, &der)) <= 0) - return NULL; - - p = der; - dup = d2i_ECParameters(NULL, &p, len); - freezero(der, len); - - return dup; -} -LCRYPTO_ALIAS(ECParameters_dup); - -EC_KEY * -o2i_ECPublicKey(EC_KEY **in_ec_key, const unsigned char **in, long len) -{ - EC_KEY *ec_key = NULL; - const EC_GROUP *group; - uint8_t form; - - if (in_ec_key == NULL || (ec_key = *in_ec_key) == NULL) { - ECerror(ERR_R_PASSED_NULL_PARAMETER); - return NULL; - } - if ((group = ec_key->group) == NULL) { - ECerror(ERR_R_PASSED_NULL_PARAMETER); - return NULL; - } - if (len < 0) { - ECerror(EC_R_INVALID_ARGUMENT); - return NULL; - } - - if (!ec_point_from_octets(group, *in, len, &ec_key->pub_key, &form, NULL)) - return NULL; - EC_KEY_set_conv_form(ec_key, form); - - *in += len; - - return ec_key; -} -LCRYPTO_ALIAS(o2i_ECPublicKey); - -int -i2o_ECPublicKey(const EC_KEY *ec_key, unsigned char **out) -{ - unsigned char *buf = NULL; - size_t buf_len = 0; - int ret = 0; - - if (ec_key == NULL) { - ECerror(ERR_R_PASSED_NULL_PARAMETER); - goto err; - } - - if (!ec_point_to_octets(ec_key->group, ec_key->pub_key, - ec_key->conv_form, &buf, &buf_len, NULL)) - goto err; - if (buf_len > INT_MAX) - goto err; - - if (out != NULL && *out != NULL) { - /* Muppet's answer to the Jackass show. */ - memcpy(*out, buf, buf_len); - *out += buf_len; - } else if (out != NULL) { - *out = buf; - buf = NULL; - } - - ret = buf_len; - - err: - freezero(buf, buf_len); - - return ret; -} -LCRYPTO_ALIAS(i2o_ECPublicKey); diff --git a/src/lib/libcrypto/ec/ec_convert.c b/src/lib/libcrypto/ec/ec_convert.c deleted file mode 100644 index a18bc49132..0000000000 --- a/src/lib/libcrypto/ec/ec_convert.c +++ /dev/null @@ -1,575 +0,0 @@ -/* $OpenBSD: ec_convert.c,v 1.14 2025/01/05 16:07:08 tb Exp $ */ -/* - * Originally written by Bodo Moeller for the OpenSSL project. - */ -/* ==================================================================== - * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * Binary polynomial ECC support in OpenSSL originally developed by - * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. - */ - -#include - -#include -#include - -#include "asn1_local.h" -#include "ec_local.h" - -/* - * Internal handling of the point conversion octet - * (see X9.62, section 4.4.2, SEC 1 section 2.3.3) - * - * Only the last three bits of the leading octet of a point should be set. - * Bits 3 and 2 encode the conversion form for all points except the point - * at infinity. In compressed and hybrid form bit 1 indicates if the even - * or the odd solution of the quadratic equation for y should be used. - * - * The public point_conversion_t enum lacks the point at infinity, so we - * ignore it except at the API boundary. - */ - -#define EC_POINT_YBIT 0x01 - -#define EC_POINT_AT_INFINITY 0x00 -#define EC_POINT_COMPRESSED 0x02 -#define EC_POINT_UNCOMPRESSED 0x04 -#define EC_POINT_HYBRID 0x06 -#define EC_POINT_CONVERSION_MASK 0x06 - -static int -ec_conversion_form_is_valid(uint8_t form) -{ - return (form & EC_POINT_CONVERSION_MASK) == form; -} - -static int -ec_check_hybrid_ybit_is_consistent(uint8_t form, int ybit, const BIGNUM *y) -{ - if (form == EC_POINT_HYBRID && ybit != BN_is_odd(y)) { - ECerror(EC_R_INVALID_ENCODING); - return 0; - } - - return 1; -} - -/* Nonzero y-bit only makes sense with compressed or hybrid encoding. */ -static int -ec_nonzero_ybit_allowed(uint8_t form) -{ - return form == EC_POINT_COMPRESSED || form == EC_POINT_HYBRID; -} - -static int -ec_add_leading_octet_cbb(CBB *cbb, uint8_t form, int ybit) -{ - if (ec_nonzero_ybit_allowed(form) && ybit != 0) - form |= EC_POINT_YBIT; - - return CBB_add_u8(cbb, form); -} - -static int -ec_get_leading_octet_cbs(CBS *cbs, uint8_t *out_form, int *out_ybit) -{ - uint8_t octet; - - if (!CBS_get_u8(cbs, &octet)) { - ECerror(EC_R_BUFFER_TOO_SMALL); - return 0; - } - - *out_ybit = octet & EC_POINT_YBIT; - *out_form = octet & ~EC_POINT_YBIT; - - if (!ec_conversion_form_is_valid(*out_form)) { - ECerror(EC_R_INVALID_ENCODING); - return 0; - } - - if (*out_ybit != 0 && !ec_nonzero_ybit_allowed(*out_form)) { - ECerror(EC_R_INVALID_ENCODING); - return 0; - } - - return 1; -} - -static int -ec_encoded_length(const EC_GROUP *group, uint8_t form, size_t *out_len) -{ - switch (form) { - case EC_POINT_AT_INFINITY: - *out_len = 1; - return 1; - case EC_POINT_COMPRESSED: - *out_len = 1 + BN_num_bytes(group->p); - return 1; - case EC_POINT_UNCOMPRESSED: - case EC_POINT_HYBRID: - *out_len = 1 + 2 * BN_num_bytes(group->p); - return 1; - default: - return 0; - } -} - -static int -ec_field_element_is_valid(const EC_GROUP *group, const BIGNUM *bn) -{ - /* Ensure bn is in the range [0, p). */ - return !BN_is_negative(bn) && BN_cmp(group->p, bn) > 0; -} - -static int -ec_add_field_element_cbb(CBB *cbb, const EC_GROUP *group, const BIGNUM *bn) -{ - uint8_t *buf = NULL; - int buf_len = BN_num_bytes(group->p); - - if (!ec_field_element_is_valid(group, bn)) { - ECerror(EC_R_BIGNUM_OUT_OF_RANGE); - return 0; - } - if (!CBB_add_space(cbb, &buf, buf_len)) { - ECerror(ERR_R_MALLOC_FAILURE); - return 0; - } - if (BN_bn2binpad(bn, buf, buf_len) != buf_len) { - ECerror(ERR_R_MALLOC_FAILURE); - return 0; - } - - return 1; -} - -static int -ec_get_field_element_cbs(CBS *cbs, const EC_GROUP *group, BIGNUM *bn) -{ - CBS field_element; - - if (!CBS_get_bytes(cbs, &field_element, BN_num_bytes(group->p))) { - ECerror(EC_R_INVALID_ENCODING); - return 0; - } - if (!BN_bin2bn(CBS_data(&field_element), CBS_len(&field_element), bn)) { - ECerror(ERR_R_MALLOC_FAILURE); - return 0; - } - if (!ec_field_element_is_valid(group, bn)) { - ECerror(EC_R_BIGNUM_OUT_OF_RANGE); - return 0; - } - - return 1; -} - -static size_t -ec_point2oct(const EC_GROUP *group, const EC_POINT *point, uint8_t form, - unsigned char *buf, size_t len, BN_CTX *ctx) -{ - CBB cbb; - BIGNUM *x, *y; - size_t encoded_length; - size_t ret = 0; - - if (EC_POINT_is_at_infinity(group, point)) - form = EC_POINT_AT_INFINITY; - - if (!ec_encoded_length(group, form, &encoded_length)) { - ECerror(EC_R_INVALID_FORM); - return 0; - } - - if (buf == NULL) - return encoded_length; - - if (len < encoded_length) { - ECerror(EC_R_BUFFER_TOO_SMALL); - return 0; - } - - BN_CTX_start(ctx); - if (!CBB_init_fixed(&cbb, buf, len)) - goto err; - - if (form == EC_POINT_AT_INFINITY) { - if (!EC_POINT_is_at_infinity(group, point)) - goto err; - if (!ec_add_leading_octet_cbb(&cbb, form, 0)) - goto err; - - goto done; - } - - if ((x = BN_CTX_get(ctx)) == NULL) - goto err; - if ((y = BN_CTX_get(ctx)) == NULL) - goto err; - if (!EC_POINT_get_affine_coordinates(group, point, x, y, ctx)) - goto err; - - if (!ec_add_leading_octet_cbb(&cbb, form, BN_is_odd(y))) - goto err; - - if (form == EC_POINT_COMPRESSED) { - if (!ec_add_field_element_cbb(&cbb, group, x)) - goto err; - } else { - if (!ec_add_field_element_cbb(&cbb, group, x)) - goto err; - if (!ec_add_field_element_cbb(&cbb, group, y)) - goto err; - } - - done: - if (!CBB_finish(&cbb, NULL, &ret)) - goto err; - - if (ret != encoded_length) { - ret = 0; - goto err; - } - - err: - CBB_cleanup(&cbb); - BN_CTX_end(ctx); - - return ret; -} - -static int -ec_oct2point(const EC_GROUP *group, EC_POINT *point, - const unsigned char *buf, size_t len, BN_CTX *ctx) -{ - CBS cbs; - uint8_t form; - int ybit; - BIGNUM *x, *y; - int ret = 0; - - BN_CTX_start(ctx); - CBS_init(&cbs, buf, len); - - if (!ec_get_leading_octet_cbs(&cbs, &form, &ybit)) - goto err; - - if (form == EC_POINT_AT_INFINITY) { - if (!EC_POINT_set_to_infinity(group, point)) - goto err; - - goto done; - } - - if ((x = BN_CTX_get(ctx)) == NULL) - goto err; - if ((y = BN_CTX_get(ctx)) == NULL) - goto err; - - if (form == EC_POINT_COMPRESSED) { - if (!ec_get_field_element_cbs(&cbs, group, x)) - goto err; - if (!EC_POINT_set_compressed_coordinates(group, point, x, ybit, ctx)) - goto err; - } else { - if (!ec_get_field_element_cbs(&cbs, group, x)) - goto err; - if (!ec_get_field_element_cbs(&cbs, group, y)) - goto err; - if (!ec_check_hybrid_ybit_is_consistent(form, ybit, y)) - goto err; - if (!EC_POINT_set_affine_coordinates(group, point, x, y, ctx)) - goto err; - } - - done: - if (CBS_len(&cbs) > 0) { - ECerror(EC_R_INVALID_ENCODING); - goto err; - } - - ret = 1; - - err: - BN_CTX_end(ctx); - - return ret; -} - -int -ec_point_to_octets(const EC_GROUP *group, const EC_POINT *point, int form, - unsigned char **out_buf, size_t *out_len, BN_CTX *ctx) -{ - unsigned char *buf = NULL; - size_t len = 0; - int ret = 0; - - *out_len = 0; - - if (out_buf == NULL || *out_buf != NULL) - goto err; - - if ((len = EC_POINT_point2oct(group, point, form, NULL, 0, ctx)) == 0) - goto err; - if ((buf = calloc(1, len)) == NULL) - goto err; - if (EC_POINT_point2oct(group, point, form, buf, len, ctx) != len) - goto err; - - *out_buf = buf; - buf = NULL; - *out_len = len; - len = 0; - - ret = 1; - - err: - freezero(buf, len); - - return ret; -} - -int -ec_point_from_octets(const EC_GROUP *group, const unsigned char *buf, size_t buf_len, - EC_POINT **out_point, uint8_t *out_form, BN_CTX *ctx) -{ - EC_POINT *point; - int ret = 0; - - if ((point = *out_point) == NULL) - point = EC_POINT_new(group); - if (point == NULL) - goto err; - - if (!EC_POINT_oct2point(group, point, buf, buf_len, ctx)) - goto err; - - if (out_form != NULL) - *out_form = buf[0] & ~EC_POINT_YBIT; - - *out_point = point; - point = NULL; - - ret = 1; - - err: - if (*out_point != point) - EC_POINT_free(point); - - return ret; -} - -static int -ec_normalize_form(const EC_GROUP *group, const EC_POINT *point, int form, - uint8_t *out_form) -{ - /* - * Established behavior is to reject a request for the form 0 for the - * point at infinity even if it is valid. - */ - if (form <= 0 || form > UINT8_MAX) - return 0; - if (!ec_conversion_form_is_valid(form)) - return 0; - - *out_form = form; - if (EC_POINT_is_at_infinity(group, point)) - *out_form = EC_POINT_AT_INFINITY; - - return 1; -} - -size_t -EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *point, - point_conversion_form_t conv_form, unsigned char *buf, size_t len, - BN_CTX *ctx_in) -{ - BN_CTX *ctx = NULL; - uint8_t form; - size_t ret = 0; - - if (!ec_normalize_form(group, point, conv_form, &form)) { - ECerror(EC_R_INVALID_FORM); - goto err; - } - - if ((ctx = ctx_in) == NULL) - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - - if (group->meth != point->meth) { - ECerror(EC_R_INCOMPATIBLE_OBJECTS); - goto err; - } - ret = ec_point2oct(group, point, form, buf, len, ctx); - - err: - if (ctx != ctx_in) - BN_CTX_free(ctx); - - return ret; -} -LCRYPTO_ALIAS(EC_POINT_point2oct); - -int -EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *point, - const unsigned char *buf, size_t len, BN_CTX *ctx_in) -{ - BN_CTX *ctx; - int ret = 0; - - if ((ctx = ctx_in) == NULL) - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - - if (group->meth != point->meth) { - ECerror(EC_R_INCOMPATIBLE_OBJECTS); - goto err; - } - ret = ec_oct2point(group, point, buf, len, ctx); - - err: - if (ctx != ctx_in) - BN_CTX_free(ctx); - - return ret; -} -LCRYPTO_ALIAS(EC_POINT_oct2point); - -BIGNUM * -EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *point, - point_conversion_form_t form, BIGNUM *in_bn, BN_CTX *ctx) -{ - BIGNUM *bn = NULL; - unsigned char *buf = NULL; - size_t buf_len = 0; - - if (!ec_point_to_octets(group, point, form, &buf, &buf_len, ctx)) - goto err; - if ((bn = BN_bin2bn(buf, buf_len, in_bn)) == NULL) - goto err; - - err: - freezero(buf, buf_len); - - return bn; -} -LCRYPTO_ALIAS(EC_POINT_point2bn); - -EC_POINT * -EC_POINT_bn2point(const EC_GROUP *group, - const BIGNUM *bn, EC_POINT *point, BN_CTX *ctx) -{ - unsigned char *buf = NULL; - size_t buf_len = 0; - - /* Of course BN_bn2bin() is in no way symmetric to BN_bin2bn()... */ - if ((buf_len = BN_num_bytes(bn)) == 0) - goto err; - if ((buf = calloc(1, buf_len)) == NULL) - goto err; - if (!BN_bn2bin(bn, buf)) - goto err; - if (!ec_point_from_octets(group, buf, buf_len, &point, NULL, ctx)) - goto err; - - err: - freezero(buf, buf_len); - - return point; -} -LCRYPTO_ALIAS(EC_POINT_bn2point); - -char * -EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *point, - point_conversion_form_t form, BN_CTX *ctx) -{ - BIGNUM *bn; - char *hex = NULL; - - if ((bn = EC_POINT_point2bn(group, point, form, NULL, ctx)) == NULL) - goto err; - if ((hex = BN_bn2hex(bn)) == NULL) - goto err; - - err: - BN_free(bn); - - return hex; -} -LCRYPTO_ALIAS(EC_POINT_point2hex); - -EC_POINT * -EC_POINT_hex2point(const EC_GROUP *group, const char *hex, - EC_POINT *in_point, BN_CTX *ctx) -{ - EC_POINT *point = NULL; - BIGNUM *bn = NULL; - - if (BN_hex2bn(&bn, hex) == 0) - goto err; - if ((point = EC_POINT_bn2point(group, bn, in_point, ctx)) == NULL) - goto err; - - err: - BN_free(bn); - - return point; -} -LCRYPTO_ALIAS(EC_POINT_hex2point); diff --git a/src/lib/libcrypto/ec/ec_curve.c b/src/lib/libcrypto/ec/ec_curve.c deleted file mode 100644 index a3ec2de7fb..0000000000 --- a/src/lib/libcrypto/ec/ec_curve.c +++ /dev/null @@ -1,1765 +0,0 @@ -/* $OpenBSD: ec_curve.c,v 1.54 2025/03/09 17:53:11 tb Exp $ */ -/* - * Written by Nils Larsch for the OpenSSL project. - */ -/* ==================================================================== - * Copyright (c) 1998-2010 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * - * Portions of the attached software ("Contribution") are developed by - * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. - * - * The Contribution is licensed pursuant to the OpenSSL open source - * license provided above. - * - * The elliptic curve binary polynomial software is originally written by - * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. - * - */ - -#include -#include -#include -#include - -#include - -#include -#include -#include -#include - -#include "ec_local.h" - -static const struct { - uint8_t seed[20]; - uint8_t p[28]; - uint8_t a[28]; - uint8_t b[28]; - uint8_t x[28]; - uint8_t y[28]; - uint8_t order[28]; -} _EC_NIST_PRIME_224 = { - .seed = { - 0xbd, 0x71, 0x34, 0x47, 0x99, 0xd5, 0xc7, 0xfc, 0xdc, 0x45, - 0xb5, 0x9f, 0xa3, 0xb9, 0xab, 0x8f, 0x6a, 0x94, 0x8b, 0xc5, - }, - .p = { - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, - }, - .a = { - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, - }, - .b = { - 0xb4, 0x05, 0x0a, 0x85, 0x0c, 0x04, 0xb3, 0xab, 0xf5, 0x41, - 0x32, 0x56, 0x50, 0x44, 0xb0, 0xb7, 0xd7, 0xbf, 0xd8, 0xba, - 0x27, 0x0b, 0x39, 0x43, 0x23, 0x55, 0xff, 0xb4, - }, - .x = { - 0xb7, 0x0e, 0x0c, 0xbd, 0x6b, 0xb4, 0xbf, 0x7f, 0x32, 0x13, - 0x90, 0xb9, 0x4a, 0x03, 0xc1, 0xd3, 0x56, 0xc2, 0x11, 0x22, - 0x34, 0x32, 0x80, 0xd6, 0x11, 0x5c, 0x1d, 0x21, - }, - .y = { - 0xbd, 0x37, 0x63, 0x88, 0xb5, 0xf7, 0x23, 0xfb, 0x4c, 0x22, - 0xdf, 0xe6, 0xcd, 0x43, 0x75, 0xa0, 0x5a, 0x07, 0x47, 0x64, - 0x44, 0xd5, 0x81, 0x99, 0x85, 0x00, 0x7e, 0x34, - }, - .order = { - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0x16, 0xa2, 0xe0, 0xb8, 0xf0, 0x3e, - 0x13, 0xdd, 0x29, 0x45, 0x5c, 0x5c, 0x2a, 0x3d, - }, -}; - -static const struct { - uint8_t seed[20]; - uint8_t p[48]; - uint8_t a[48]; - uint8_t b[48]; - uint8_t x[48]; - uint8_t y[48]; - uint8_t order[48]; -} _EC_NIST_PRIME_384 = { - .seed = { - 0xa3, 0x35, 0x92, 0x6a, 0xa3, 0x19, 0xa2, 0x7a, 0x1d, 0x00, - 0x89, 0x6a, 0x67, 0x73, 0xa4, 0x82, 0x7a, 0xcd, 0xac, 0x73, - }, - .p = { - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff, - }, - .a = { - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xfe, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xfc, - }, - .b = { - 0xb3, 0x31, 0x2f, 0xa7, 0xe2, 0x3e, 0xe7, 0xe4, 0x98, 0x8e, - 0x05, 0x6b, 0xe3, 0xf8, 0x2d, 0x19, 0x18, 0x1d, 0x9c, 0x6e, - 0xfe, 0x81, 0x41, 0x12, 0x03, 0x14, 0x08, 0x8f, 0x50, 0x13, - 0x87, 0x5a, 0xc6, 0x56, 0x39, 0x8d, 0x8a, 0x2e, 0xd1, 0x9d, - 0x2a, 0x85, 0xc8, 0xed, 0xd3, 0xec, 0x2a, 0xef, - }, - .x = { - 0xaa, 0x87, 0xca, 0x22, 0xbe, 0x8b, 0x05, 0x37, 0x8e, 0xb1, - 0xc7, 0x1e, 0xf3, 0x20, 0xad, 0x74, 0x6e, 0x1d, 0x3b, 0x62, - 0x8b, 0xa7, 0x9b, 0x98, 0x59, 0xf7, 0x41, 0xe0, 0x82, 0x54, - 0x2a, 0x38, 0x55, 0x02, 0xf2, 0x5d, 0xbf, 0x55, 0x29, 0x6c, - 0x3a, 0x54, 0x5e, 0x38, 0x72, 0x76, 0x0a, 0xb7, - }, - .y = { - 0x36, 0x17, 0xde, 0x4a, 0x96, 0x26, 0x2c, 0x6f, 0x5d, 0x9e, - 0x98, 0xbf, 0x92, 0x92, 0xdc, 0x29, 0xf8, 0xf4, 0x1d, 0xbd, - 0x28, 0x9a, 0x14, 0x7c, 0xe9, 0xda, 0x31, 0x13, 0xb5, 0xf0, - 0xb8, 0xc0, 0x0a, 0x60, 0xb1, 0xce, 0x1d, 0x7e, 0x81, 0x9d, - 0x7a, 0x43, 0x1d, 0x7c, 0x90, 0xea, 0x0e, 0x5f, - }, - .order = { - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xc7, 0x63, 0x4d, 0x81, 0xf4, 0x37, - 0x2d, 0xdf, 0x58, 0x1a, 0x0d, 0xb2, 0x48, 0xb0, 0xa7, 0x7a, - 0xec, 0xec, 0x19, 0x6a, 0xcc, 0xc5, 0x29, 0x73, - }, -}; - -static const struct { - uint8_t seed[20]; - uint8_t p[66]; - uint8_t a[66]; - uint8_t b[66]; - uint8_t x[66]; - uint8_t y[66]; - uint8_t order[66]; -} _EC_NIST_PRIME_521 = { - .seed = { - 0xd0, 0x9e, 0x88, 0x00, 0x29, 0x1c, 0xb8, 0x53, 0x96, 0xcc, - 0x67, 0x17, 0x39, 0x32, 0x84, 0xaa, 0xa0, 0xda, 0x64, 0xba, - }, - .p = { - 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - }, - .a = { - 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xfc, - }, - .b = { - 0x00, 0x51, 0x95, 0x3e, 0xb9, 0x61, 0x8e, 0x1c, 0x9a, 0x1f, - 0x92, 0x9a, 0x21, 0xa0, 0xb6, 0x85, 0x40, 0xee, 0xa2, 0xda, - 0x72, 0x5b, 0x99, 0xb3, 0x15, 0xf3, 0xb8, 0xb4, 0x89, 0x91, - 0x8e, 0xf1, 0x09, 0xe1, 0x56, 0x19, 0x39, 0x51, 0xec, 0x7e, - 0x93, 0x7b, 0x16, 0x52, 0xc0, 0xbd, 0x3b, 0xb1, 0xbf, 0x07, - 0x35, 0x73, 0xdf, 0x88, 0x3d, 0x2c, 0x34, 0xf1, 0xef, 0x45, - 0x1f, 0xd4, 0x6b, 0x50, 0x3f, 0x00, - }, - .x = { - 0x00, 0xc6, 0x85, 0x8e, 0x06, 0xb7, 0x04, 0x04, 0xe9, 0xcd, - 0x9e, 0x3e, 0xcb, 0x66, 0x23, 0x95, 0xb4, 0x42, 0x9c, 0x64, - 0x81, 0x39, 0x05, 0x3f, 0xb5, 0x21, 0xf8, 0x28, 0xaf, 0x60, - 0x6b, 0x4d, 0x3d, 0xba, 0xa1, 0x4b, 0x5e, 0x77, 0xef, 0xe7, - 0x59, 0x28, 0xfe, 0x1d, 0xc1, 0x27, 0xa2, 0xff, 0xa8, 0xde, - 0x33, 0x48, 0xb3, 0xc1, 0x85, 0x6a, 0x42, 0x9b, 0xf9, 0x7e, - 0x7e, 0x31, 0xc2, 0xe5, 0xbd, 0x66, - }, - .y = { - 0x01, 0x18, 0x39, 0x29, 0x6a, 0x78, 0x9a, 0x3b, 0xc0, 0x04, - 0x5c, 0x8a, 0x5f, 0xb4, 0x2c, 0x7d, 0x1b, 0xd9, 0x98, 0xf5, - 0x44, 0x49, 0x57, 0x9b, 0x44, 0x68, 0x17, 0xaf, 0xbd, 0x17, - 0x27, 0x3e, 0x66, 0x2c, 0x97, 0xee, 0x72, 0x99, 0x5e, 0xf4, - 0x26, 0x40, 0xc5, 0x50, 0xb9, 0x01, 0x3f, 0xad, 0x07, 0x61, - 0x35, 0x3c, 0x70, 0x86, 0xa2, 0x72, 0xc2, 0x40, 0x88, 0xbe, - 0x94, 0x76, 0x9f, 0xd1, 0x66, 0x50, - }, - .order = { - 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xfa, 0x51, 0x86, 0x87, 0x83, 0xbf, 0x2f, - 0x96, 0x6b, 0x7f, 0xcc, 0x01, 0x48, 0xf7, 0x09, 0xa5, 0xd0, - 0x3b, 0xb5, 0xc9, 0xb8, 0x89, 0x9c, 0x47, 0xae, 0xbb, 0x6f, - 0xb7, 0x1e, 0x91, 0x38, 0x64, 0x09, - }, -}; - -static const struct { - uint8_t seed[20]; - uint8_t p[30]; - uint8_t a[30]; - uint8_t b[30]; - uint8_t x[30]; - uint8_t y[30]; - uint8_t order[30]; -} _EC_X9_62_PRIME_239V1 = { - .seed = { - 0xe4, 0x3b, 0xb4, 0x60, 0xf0, 0xb8, 0x0c, 0xc0, 0xc0, 0xb0, - 0x75, 0x79, 0x8e, 0x94, 0x80, 0x60, 0xf8, 0x32, 0x1b, 0x7d, - }, - .p = { - 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0x80, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, - }, - .a = { - 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0x80, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xfc, - }, - .b = { - 0x6b, 0x01, 0x6c, 0x3b, 0xdc, 0xf1, 0x89, 0x41, 0xd0, 0xd6, - 0x54, 0x92, 0x14, 0x75, 0xca, 0x71, 0xa9, 0xdb, 0x2f, 0xb2, - 0x7d, 0x1d, 0x37, 0x79, 0x61, 0x85, 0xc2, 0x94, 0x2c, 0x0a, - }, - .x = { - 0x0f, 0xfa, 0x96, 0x3c, 0xdc, 0xa8, 0x81, 0x6c, 0xcc, 0x33, - 0xb8, 0x64, 0x2b, 0xed, 0xf9, 0x05, 0xc3, 0xd3, 0x58, 0x57, - 0x3d, 0x3f, 0x27, 0xfb, 0xbd, 0x3b, 0x3c, 0xb9, 0xaa, 0xaf, - }, - .y = { - 0x7d, 0xeb, 0xe8, 0xe4, 0xe9, 0x0a, 0x5d, 0xae, 0x6e, 0x40, - 0x54, 0xca, 0x53, 0x0b, 0xa0, 0x46, 0x54, 0xb3, 0x68, 0x18, - 0xce, 0x22, 0x6b, 0x39, 0xfc, 0xcb, 0x7b, 0x02, 0xf1, 0xae, - }, - .order = { - 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0x7f, 0xff, 0xff, 0x9e, 0x5e, 0x9a, 0x9f, 0x5d, - 0x90, 0x71, 0xfb, 0xd1, 0x52, 0x26, 0x88, 0x90, 0x9d, 0x0b, - }, -}; - -static const struct { - uint8_t seed[20]; - uint8_t p[30]; - uint8_t a[30]; - uint8_t b[30]; - uint8_t x[30]; - uint8_t y[30]; - uint8_t order[30]; -} _EC_X9_62_PRIME_239V2 = { - .seed = { - 0xe8, 0xb4, 0x01, 0x16, 0x04, 0x09, 0x53, 0x03, 0xca, 0x3b, - 0x80, 0x99, 0x98, 0x2b, 0xe0, 0x9f, 0xcb, 0x9a, 0xe6, 0x16, - }, - .p = { - 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0x80, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, - }, - .a = { - 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0x80, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xfc, - }, - .b = { - 0x61, 0x7f, 0xab, 0x68, 0x32, 0x57, 0x6c, 0xbb, 0xfe, 0xd5, - 0x0d, 0x99, 0xf0, 0x24, 0x9c, 0x3f, 0xee, 0x58, 0xb9, 0x4b, - 0xa0, 0x03, 0x8c, 0x7a, 0xe8, 0x4c, 0x8c, 0x83, 0x2f, 0x2c, - }, - .x = { - 0x38, 0xaf, 0x09, 0xd9, 0x87, 0x27, 0x70, 0x51, 0x20, 0xc9, - 0x21, 0xbb, 0x5e, 0x9e, 0x26, 0x29, 0x6a, 0x3c, 0xdc, 0xf2, - 0xf3, 0x57, 0x57, 0xa0, 0xea, 0xfd, 0x87, 0xb8, 0x30, 0xe7, - }, - .y = { - 0x5b, 0x01, 0x25, 0xe4, 0xdb, 0xea, 0x0e, 0xc7, 0x20, 0x6d, - 0xa0, 0xfc, 0x01, 0xd9, 0xb0, 0x81, 0x32, 0x9f, 0xb5, 0x55, - 0xde, 0x6e, 0xf4, 0x60, 0x23, 0x7d, 0xff, 0x8b, 0xe4, 0xba, - }, - .order = { - 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0x80, 0x00, 0x00, 0xcf, 0xa7, 0xe8, 0x59, 0x43, - 0x77, 0xd4, 0x14, 0xc0, 0x38, 0x21, 0xbc, 0x58, 0x20, 0x63, - }, -}; - -static const struct { - uint8_t seed[20]; - uint8_t p[30]; - uint8_t a[30]; - uint8_t b[30]; - uint8_t x[30]; - uint8_t y[30]; - uint8_t order[30]; -} _EC_X9_62_PRIME_239V3 = { - .seed = { - 0x7d, 0x73, 0x74, 0x16, 0x8f, 0xfe, 0x34, 0x71, 0xb6, 0x0a, - 0x85, 0x76, 0x86, 0xa1, 0x94, 0x75, 0xd3, 0xbf, 0xa2, 0xff, - }, - .p = { - 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0x80, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, - }, - .a = { - 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0x80, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xfc, - }, - .b = { - 0x25, 0x57, 0x05, 0xfa, 0x2a, 0x30, 0x66, 0x54, 0xb1, 0xf4, - 0xcb, 0x03, 0xd6, 0xa7, 0x50, 0xa3, 0x0c, 0x25, 0x01, 0x02, - 0xd4, 0x98, 0x87, 0x17, 0xd9, 0xba, 0x15, 0xab, 0x6d, 0x3e, - }, - .x = { - 0x67, 0x68, 0xae, 0x8e, 0x18, 0xbb, 0x92, 0xcf, 0xcf, 0x00, - 0x5c, 0x94, 0x9a, 0xa2, 0xc6, 0xd9, 0x48, 0x53, 0xd0, 0xe6, - 0x60, 0xbb, 0xf8, 0x54, 0xb1, 0xc9, 0x50, 0x5f, 0xe9, 0x5a, - }, - .y = { - 0x16, 0x07, 0xe6, 0x89, 0x8f, 0x39, 0x0c, 0x06, 0xbc, 0x1d, - 0x55, 0x2b, 0xad, 0x22, 0x6f, 0x3b, 0x6f, 0xcf, 0xe4, 0x8b, - 0x6e, 0x81, 0x84, 0x99, 0xaf, 0x18, 0xe3, 0xed, 0x6c, 0xf3, - }, - .order = { - 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0x7f, 0xff, 0xff, 0x97, 0x5d, 0xeb, 0x41, 0xb3, - 0xa6, 0x05, 0x7c, 0x3c, 0x43, 0x21, 0x46, 0x52, 0x65, 0x51, - }, -}; - -static const struct { - uint8_t seed[20]; - uint8_t p[32]; - uint8_t a[32]; - uint8_t b[32]; - uint8_t x[32]; - uint8_t y[32]; - uint8_t order[32]; -} _EC_X9_62_PRIME_256V1 = { - .seed = { - 0xc4, 0x9d, 0x36, 0x08, 0x86, 0xe7, 0x04, 0x93, 0x6a, 0x66, - 0x78, 0xe1, 0x13, 0x9d, 0x26, 0xb7, 0x81, 0x9f, 0x7e, 0x90, - }, - .p = { - 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, - }, - .a = { - 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xfc, - }, - .b = { - 0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7, 0xb3, 0xeb, - 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc, 0x65, 0x1d, 0x06, 0xb0, - 0xcc, 0x53, 0xb0, 0xf6, 0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, - 0x60, 0x4b, - }, - .x = { - 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47, 0xf8, 0xbc, - 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2, 0x77, 0x03, 0x7d, 0x81, - 0x2d, 0xeb, 0x33, 0xa0, 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, - 0xc2, 0x96, - }, - .y = { - 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b, 0x8e, 0xe7, - 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16, 0x2b, 0xce, 0x33, 0x57, - 0x6b, 0x31, 0x5e, 0xce, 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, - 0x51, 0xf5, - }, - .order = { - 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbc, 0xe6, 0xfa, 0xad, - 0xa7, 0x17, 0x9e, 0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, - 0x25, 0x51, - }, -}; - -static const struct { - uint8_t p[29]; - uint8_t a[29]; - uint8_t b[29]; - uint8_t x[29]; - uint8_t y[29]; - uint8_t order[29]; -} _EC_SECG_PRIME_224K1 = { - .p = { - 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xe5, 0x6d, - }, - .a = { - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - }, - .b = { - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, - }, - .x = { - 0x00, 0xa1, 0x45, 0x5b, 0x33, 0x4d, 0xf0, 0x99, 0xdf, 0x30, - 0xfc, 0x28, 0xa1, 0x69, 0xa4, 0x67, 0xe9, 0xe4, 0x70, 0x75, - 0xa9, 0x0f, 0x7e, 0x65, 0x0e, 0xb6, 0xb7, 0xa4, 0x5c, - }, - .y = { - 0x00, 0x7e, 0x08, 0x9f, 0xed, 0x7f, 0xba, 0x34, 0x42, 0x82, - 0xca, 0xfb, 0xd6, 0xf7, 0xe3, 0x19, 0xf7, 0xc0, 0xb0, 0xbd, - 0x59, 0xe2, 0xca, 0x4b, 0xdb, 0x55, 0x6d, 0x61, 0xa5, - }, - .order = { - 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x01, 0xdc, 0xe8, 0xd2, 0xec, 0x61, - 0x84, 0xca, 0xf0, 0xa9, 0x71, 0x76, 0x9f, 0xb1, 0xf7, - }, -}; - -static const struct { - uint8_t p[32]; - uint8_t a[32]; - uint8_t b[32]; - uint8_t x[32]; - uint8_t y[32]; - uint8_t order[32]; -} _EC_SECG_PRIME_256K1 = { - .p = { - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, - 0xfc, 0x2f, - }, - .a = { - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, - }, - .b = { - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x07, - }, - .x = { - 0x79, 0xbe, 0x66, 0x7e, 0xf9, 0xdc, 0xbb, 0xac, 0x55, 0xa0, - 0x62, 0x95, 0xce, 0x87, 0x0b, 0x07, 0x02, 0x9b, 0xfc, 0xdb, - 0x2d, 0xce, 0x28, 0xd9, 0x59, 0xf2, 0x81, 0x5b, 0x16, 0xf8, - 0x17, 0x98, - }, - .y = { - 0x48, 0x3a, 0xda, 0x77, 0x26, 0xa3, 0xc4, 0x65, 0x5d, 0xa4, - 0xfb, 0xfc, 0x0e, 0x11, 0x08, 0xa8, 0xfd, 0x17, 0xb4, 0x48, - 0xa6, 0x85, 0x54, 0x19, 0x9c, 0x47, 0xd0, 0x8f, 0xfb, 0x10, - 0xd4, 0xb8, - }, - .order = { - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xba, 0xae, 0xdc, 0xe6, - 0xaf, 0x48, 0xa0, 0x3b, 0xbf, 0xd2, 0x5e, 0x8c, 0xd0, 0x36, - 0x41, 0x41, - }, -}; - -static const struct { - uint8_t p[28]; - uint8_t a[28]; - uint8_t b[28]; - uint8_t x[28]; - uint8_t y[28]; - uint8_t order[28]; -} _EC_brainpoolP224r1 = { - .p = { - 0xd7, 0xc1, 0x34, 0xaa, 0x26, 0x43, 0x66, 0x86, 0x2a, 0x18, - 0x30, 0x25, 0x75, 0xd1, 0xd7, 0x87, 0xb0, 0x9f, 0x07, 0x57, - 0x97, 0xda, 0x89, 0xf5, 0x7e, 0xc8, 0xc0, 0xff, - }, - .a = { - 0x68, 0xa5, 0xe6, 0x2c, 0xa9, 0xce, 0x6c, 0x1c, 0x29, 0x98, - 0x03, 0xa6, 0xc1, 0x53, 0x0b, 0x51, 0x4e, 0x18, 0x2a, 0xd8, - 0xb0, 0x04, 0x2a, 0x59, 0xca, 0xd2, 0x9f, 0x43, - }, - .b = { - 0x25, 0x80, 0xf6, 0x3c, 0xcf, 0xe4, 0x41, 0x38, 0x87, 0x07, - 0x13, 0xb1, 0xa9, 0x23, 0x69, 0xe3, 0x3e, 0x21, 0x35, 0xd2, - 0x66, 0xdb, 0xb3, 0x72, 0x38, 0x6c, 0x40, 0x0b, - }, - .x = { - 0x0d, 0x90, 0x29, 0xad, 0x2c, 0x7e, 0x5c, 0xf4, 0x34, 0x08, - 0x23, 0xb2, 0xa8, 0x7d, 0xc6, 0x8c, 0x9e, 0x4c, 0xe3, 0x17, - 0x4c, 0x1e, 0x6e, 0xfd, 0xee, 0x12, 0xc0, 0x7d, - }, - .y = { - 0x58, 0xaa, 0x56, 0xf7, 0x72, 0xc0, 0x72, 0x6f, 0x24, 0xc6, - 0xb8, 0x9e, 0x4e, 0xcd, 0xac, 0x24, 0x35, 0x4b, 0x9e, 0x99, - 0xca, 0xa3, 0xf6, 0xd3, 0x76, 0x14, 0x02, 0xcd, - }, - .order = { - 0xd7, 0xc1, 0x34, 0xaa, 0x26, 0x43, 0x66, 0x86, 0x2a, 0x18, - 0x30, 0x25, 0x75, 0xd0, 0xfb, 0x98, 0xd1, 0x16, 0xbc, 0x4b, - 0x6d, 0xde, 0xbc, 0xa3, 0xa5, 0xa7, 0x93, 0x9f, - }, -}; - -static const struct { - uint8_t p[28]; - uint8_t a[28]; - uint8_t b[28]; - uint8_t x[28]; - uint8_t y[28]; - uint8_t order[28]; -} _EC_brainpoolP224t1 = { - .p = { - 0xd7, 0xc1, 0x34, 0xaa, 0x26, 0x43, 0x66, 0x86, 0x2a, 0x18, - 0x30, 0x25, 0x75, 0xd1, 0xd7, 0x87, 0xb0, 0x9f, 0x07, 0x57, - 0x97, 0xda, 0x89, 0xf5, 0x7e, 0xc8, 0xc0, 0xff, - }, - .a = { - 0xd7, 0xc1, 0x34, 0xaa, 0x26, 0x43, 0x66, 0x86, 0x2a, 0x18, - 0x30, 0x25, 0x75, 0xd1, 0xd7, 0x87, 0xb0, 0x9f, 0x07, 0x57, - 0x97, 0xda, 0x89, 0xf5, 0x7e, 0xc8, 0xc0, 0xfc, - }, - .b = { - 0x4b, 0x33, 0x7d, 0x93, 0x41, 0x04, 0xcd, 0x7b, 0xef, 0x27, - 0x1b, 0xf6, 0x0c, 0xed, 0x1e, 0xd2, 0x0d, 0xa1, 0x4c, 0x08, - 0xb3, 0xbb, 0x64, 0xf1, 0x8a, 0x60, 0x88, 0x8d, - }, - .x = { - 0x6a, 0xb1, 0xe3, 0x44, 0xce, 0x25, 0xff, 0x38, 0x96, 0x42, - 0x4e, 0x7f, 0xfe, 0x14, 0x76, 0x2e, 0xcb, 0x49, 0xf8, 0x92, - 0x8a, 0xc0, 0xc7, 0x60, 0x29, 0xb4, 0xd5, 0x80, - }, - .y = { - 0x03, 0x74, 0xe9, 0xf5, 0x14, 0x3e, 0x56, 0x8c, 0xd2, 0x3f, - 0x3f, 0x4d, 0x7c, 0x0d, 0x4b, 0x1e, 0x41, 0xc8, 0xcc, 0x0d, - 0x1c, 0x6a, 0xbd, 0x5f, 0x1a, 0x46, 0xdb, 0x4c, - }, - .order = { - 0xd7, 0xc1, 0x34, 0xaa, 0x26, 0x43, 0x66, 0x86, 0x2a, 0x18, - 0x30, 0x25, 0x75, 0xd0, 0xfb, 0x98, 0xd1, 0x16, 0xbc, 0x4b, - 0x6d, 0xde, 0xbc, 0xa3, 0xa5, 0xa7, 0x93, 0x9f, - }, -}; - -static const struct { - uint8_t p[32]; - uint8_t a[32]; - uint8_t b[32]; - uint8_t x[32]; - uint8_t y[32]; - uint8_t order[32]; -} _EC_brainpoolP256r1 = { - .p = { - 0xa9, 0xfb, 0x57, 0xdb, 0xa1, 0xee, 0xa9, 0xbc, 0x3e, 0x66, - 0x0a, 0x90, 0x9d, 0x83, 0x8d, 0x72, 0x6e, 0x3b, 0xf6, 0x23, - 0xd5, 0x26, 0x20, 0x28, 0x20, 0x13, 0x48, 0x1d, 0x1f, 0x6e, - 0x53, 0x77, - }, - .a = { - 0x7d, 0x5a, 0x09, 0x75, 0xfc, 0x2c, 0x30, 0x57, 0xee, 0xf6, - 0x75, 0x30, 0x41, 0x7a, 0xff, 0xe7, 0xfb, 0x80, 0x55, 0xc1, - 0x26, 0xdc, 0x5c, 0x6c, 0xe9, 0x4a, 0x4b, 0x44, 0xf3, 0x30, - 0xb5, 0xd9, - }, - .b = { - 0x26, 0xdc, 0x5c, 0x6c, 0xe9, 0x4a, 0x4b, 0x44, 0xf3, 0x30, - 0xb5, 0xd9, 0xbb, 0xd7, 0x7c, 0xbf, 0x95, 0x84, 0x16, 0x29, - 0x5c, 0xf7, 0xe1, 0xce, 0x6b, 0xcc, 0xdc, 0x18, 0xff, 0x8c, - 0x07, 0xb6, - }, - .x = { - 0x8b, 0xd2, 0xae, 0xb9, 0xcb, 0x7e, 0x57, 0xcb, 0x2c, 0x4b, - 0x48, 0x2f, 0xfc, 0x81, 0xb7, 0xaf, 0xb9, 0xde, 0x27, 0xe1, - 0xe3, 0xbd, 0x23, 0xc2, 0x3a, 0x44, 0x53, 0xbd, 0x9a, 0xce, - 0x32, 0x62, - }, - .y = { - 0x54, 0x7e, 0xf8, 0x35, 0xc3, 0xda, 0xc4, 0xfd, 0x97, 0xf8, - 0x46, 0x1a, 0x14, 0x61, 0x1d, 0xc9, 0xc2, 0x77, 0x45, 0x13, - 0x2d, 0xed, 0x8e, 0x54, 0x5c, 0x1d, 0x54, 0xc7, 0x2f, 0x04, - 0x69, 0x97, - }, - .order = { - 0xa9, 0xfb, 0x57, 0xdb, 0xa1, 0xee, 0xa9, 0xbc, 0x3e, 0x66, - 0x0a, 0x90, 0x9d, 0x83, 0x8d, 0x71, 0x8c, 0x39, 0x7a, 0xa3, - 0xb5, 0x61, 0xa6, 0xf7, 0x90, 0x1e, 0x0e, 0x82, 0x97, 0x48, - 0x56, 0xa7, - }, -}; - -static const struct { - uint8_t p[32]; - uint8_t a[32]; - uint8_t b[32]; - uint8_t x[32]; - uint8_t y[32]; - uint8_t order[32]; -} _EC_brainpoolP256t1 = { - .p = { - 0xa9, 0xfb, 0x57, 0xdb, 0xa1, 0xee, 0xa9, 0xbc, 0x3e, 0x66, - 0x0a, 0x90, 0x9d, 0x83, 0x8d, 0x72, 0x6e, 0x3b, 0xf6, 0x23, - 0xd5, 0x26, 0x20, 0x28, 0x20, 0x13, 0x48, 0x1d, 0x1f, 0x6e, - 0x53, 0x77, - }, - .a = { - 0xa9, 0xfb, 0x57, 0xdb, 0xa1, 0xee, 0xa9, 0xbc, 0x3e, 0x66, - 0x0a, 0x90, 0x9d, 0x83, 0x8d, 0x72, 0x6e, 0x3b, 0xf6, 0x23, - 0xd5, 0x26, 0x20, 0x28, 0x20, 0x13, 0x48, 0x1d, 0x1f, 0x6e, - 0x53, 0x74, - }, - .b = { - 0x66, 0x2c, 0x61, 0xc4, 0x30, 0xd8, 0x4e, 0xa4, 0xfe, 0x66, - 0xa7, 0x73, 0x3d, 0x0b, 0x76, 0xb7, 0xbf, 0x93, 0xeb, 0xc4, - 0xaf, 0x2f, 0x49, 0x25, 0x6a, 0xe5, 0x81, 0x01, 0xfe, 0xe9, - 0x2b, 0x04, - }, - .x = { - 0xa3, 0xe8, 0xeb, 0x3c, 0xc1, 0xcf, 0xe7, 0xb7, 0x73, 0x22, - 0x13, 0xb2, 0x3a, 0x65, 0x61, 0x49, 0xaf, 0xa1, 0x42, 0xc4, - 0x7a, 0xaf, 0xbc, 0x2b, 0x79, 0xa1, 0x91, 0x56, 0x2e, 0x13, - 0x05, 0xf4, - }, - .y = { - 0x2d, 0x99, 0x6c, 0x82, 0x34, 0x39, 0xc5, 0x6d, 0x7f, 0x7b, - 0x22, 0xe1, 0x46, 0x44, 0x41, 0x7e, 0x69, 0xbc, 0xb6, 0xde, - 0x39, 0xd0, 0x27, 0x00, 0x1d, 0xab, 0xe8, 0xf3, 0x5b, 0x25, - 0xc9, 0xbe, - }, - .order = { - 0xa9, 0xfb, 0x57, 0xdb, 0xa1, 0xee, 0xa9, 0xbc, 0x3e, 0x66, - 0x0a, 0x90, 0x9d, 0x83, 0x8d, 0x71, 0x8c, 0x39, 0x7a, 0xa3, - 0xb5, 0x61, 0xa6, 0xf7, 0x90, 0x1e, 0x0e, 0x82, 0x97, 0x48, - 0x56, 0xa7, - }, -}; - -static const struct { - uint8_t p[40]; - uint8_t a[40]; - uint8_t b[40]; - uint8_t x[40]; - uint8_t y[40]; - uint8_t order[40]; -} _EC_brainpoolP320r1 = { - .p = { - 0xd3, 0x5e, 0x47, 0x20, 0x36, 0xbc, 0x4f, 0xb7, 0xe1, 0x3c, - 0x78, 0x5e, 0xd2, 0x01, 0xe0, 0x65, 0xf9, 0x8f, 0xcf, 0xa6, - 0xf6, 0xf4, 0x0d, 0xef, 0x4f, 0x92, 0xb9, 0xec, 0x78, 0x93, - 0xec, 0x28, 0xfc, 0xd4, 0x12, 0xb1, 0xf1, 0xb3, 0x2e, 0x27, - }, - .a = { - 0x3e, 0xe3, 0x0b, 0x56, 0x8f, 0xba, 0xb0, 0xf8, 0x83, 0xcc, - 0xeb, 0xd4, 0x6d, 0x3f, 0x3b, 0xb8, 0xa2, 0xa7, 0x35, 0x13, - 0xf5, 0xeb, 0x79, 0xda, 0x66, 0x19, 0x0e, 0xb0, 0x85, 0xff, - 0xa9, 0xf4, 0x92, 0xf3, 0x75, 0xa9, 0x7d, 0x86, 0x0e, 0xb4, - }, - .b = { - 0x52, 0x08, 0x83, 0x94, 0x9d, 0xfd, 0xbc, 0x42, 0xd3, 0xad, - 0x19, 0x86, 0x40, 0x68, 0x8a, 0x6f, 0xe1, 0x3f, 0x41, 0x34, - 0x95, 0x54, 0xb4, 0x9a, 0xcc, 0x31, 0xdc, 0xcd, 0x88, 0x45, - 0x39, 0x81, 0x6f, 0x5e, 0xb4, 0xac, 0x8f, 0xb1, 0xf1, 0xa6, - }, - .x = { - 0x43, 0xbd, 0x7e, 0x9a, 0xfb, 0x53, 0xd8, 0xb8, 0x52, 0x89, - 0xbc, 0xc4, 0x8e, 0xe5, 0xbf, 0xe6, 0xf2, 0x01, 0x37, 0xd1, - 0x0a, 0x08, 0x7e, 0xb6, 0xe7, 0x87, 0x1e, 0x2a, 0x10, 0xa5, - 0x99, 0xc7, 0x10, 0xaf, 0x8d, 0x0d, 0x39, 0xe2, 0x06, 0x11, - }, - .y = { - 0x14, 0xfd, 0xd0, 0x55, 0x45, 0xec, 0x1c, 0xc8, 0xab, 0x40, - 0x93, 0x24, 0x7f, 0x77, 0x27, 0x5e, 0x07, 0x43, 0xff, 0xed, - 0x11, 0x71, 0x82, 0xea, 0xa9, 0xc7, 0x78, 0x77, 0xaa, 0xac, - 0x6a, 0xc7, 0xd3, 0x52, 0x45, 0xd1, 0x69, 0x2e, 0x8e, 0xe1, - }, - .order = { - 0xd3, 0x5e, 0x47, 0x20, 0x36, 0xbc, 0x4f, 0xb7, 0xe1, 0x3c, - 0x78, 0x5e, 0xd2, 0x01, 0xe0, 0x65, 0xf9, 0x8f, 0xcf, 0xa5, - 0xb6, 0x8f, 0x12, 0xa3, 0x2d, 0x48, 0x2e, 0xc7, 0xee, 0x86, - 0x58, 0xe9, 0x86, 0x91, 0x55, 0x5b, 0x44, 0xc5, 0x93, 0x11, - }, -}; - -static const struct { - uint8_t p[40]; - uint8_t a[40]; - uint8_t b[40]; - uint8_t x[40]; - uint8_t y[40]; - uint8_t order[40]; -} _EC_brainpoolP320t1 = { - .p = { - 0xd3, 0x5e, 0x47, 0x20, 0x36, 0xbc, 0x4f, 0xb7, 0xe1, 0x3c, - 0x78, 0x5e, 0xd2, 0x01, 0xe0, 0x65, 0xf9, 0x8f, 0xcf, 0xa6, - 0xf6, 0xf4, 0x0d, 0xef, 0x4f, 0x92, 0xb9, 0xec, 0x78, 0x93, - 0xec, 0x28, 0xfc, 0xd4, 0x12, 0xb1, 0xf1, 0xb3, 0x2e, 0x27, - }, - .a = { - 0xd3, 0x5e, 0x47, 0x20, 0x36, 0xbc, 0x4f, 0xb7, 0xe1, 0x3c, - 0x78, 0x5e, 0xd2, 0x01, 0xe0, 0x65, 0xf9, 0x8f, 0xcf, 0xa6, - 0xf6, 0xf4, 0x0d, 0xef, 0x4f, 0x92, 0xb9, 0xec, 0x78, 0x93, - 0xec, 0x28, 0xfc, 0xd4, 0x12, 0xb1, 0xf1, 0xb3, 0x2e, 0x24, - }, - .b = { - 0xa7, 0xf5, 0x61, 0xe0, 0x38, 0xeb, 0x1e, 0xd5, 0x60, 0xb3, - 0xd1, 0x47, 0xdb, 0x78, 0x20, 0x13, 0x06, 0x4c, 0x19, 0xf2, - 0x7e, 0xd2, 0x7c, 0x67, 0x80, 0xaa, 0xf7, 0x7f, 0xb8, 0xa5, - 0x47, 0xce, 0xb5, 0xb4, 0xfe, 0xf4, 0x22, 0x34, 0x03, 0x53, - }, - .x = { - 0x92, 0x5b, 0xe9, 0xfb, 0x01, 0xaf, 0xc6, 0xfb, 0x4d, 0x3e, - 0x7d, 0x49, 0x90, 0x01, 0x0f, 0x81, 0x34, 0x08, 0xab, 0x10, - 0x6c, 0x4f, 0x09, 0xcb, 0x7e, 0xe0, 0x78, 0x68, 0xcc, 0x13, - 0x6f, 0xff, 0x33, 0x57, 0xf6, 0x24, 0xa2, 0x1b, 0xed, 0x52, - }, - .y = { - 0x63, 0xba, 0x3a, 0x7a, 0x27, 0x48, 0x3e, 0xbf, 0x66, 0x71, - 0xdb, 0xef, 0x7a, 0xbb, 0x30, 0xeb, 0xee, 0x08, 0x4e, 0x58, - 0xa0, 0xb0, 0x77, 0xad, 0x42, 0xa5, 0xa0, 0x98, 0x9d, 0x1e, - 0xe7, 0x1b, 0x1b, 0x9b, 0xc0, 0x45, 0x5f, 0xb0, 0xd2, 0xc3, - }, - .order = { - 0xd3, 0x5e, 0x47, 0x20, 0x36, 0xbc, 0x4f, 0xb7, 0xe1, 0x3c, - 0x78, 0x5e, 0xd2, 0x01, 0xe0, 0x65, 0xf9, 0x8f, 0xcf, 0xa5, - 0xb6, 0x8f, 0x12, 0xa3, 0x2d, 0x48, 0x2e, 0xc7, 0xee, 0x86, - 0x58, 0xe9, 0x86, 0x91, 0x55, 0x5b, 0x44, 0xc5, 0x93, 0x11, - }, -}; - -static const struct { - uint8_t p[48]; - uint8_t a[48]; - uint8_t b[48]; - uint8_t x[48]; - uint8_t y[48]; - uint8_t order[48]; -} _EC_brainpoolP384r1 = { - .p = { - 0x8c, 0xb9, 0x1e, 0x82, 0xa3, 0x38, 0x6d, 0x28, 0x0f, 0x5d, - 0x6f, 0x7e, 0x50, 0xe6, 0x41, 0xdf, 0x15, 0x2f, 0x71, 0x09, - 0xed, 0x54, 0x56, 0xb4, 0x12, 0xb1, 0xda, 0x19, 0x7f, 0xb7, - 0x11, 0x23, 0xac, 0xd3, 0xa7, 0x29, 0x90, 0x1d, 0x1a, 0x71, - 0x87, 0x47, 0x00, 0x13, 0x31, 0x07, 0xec, 0x53, - }, - .a = { - 0x7b, 0xc3, 0x82, 0xc6, 0x3d, 0x8c, 0x15, 0x0c, 0x3c, 0x72, - 0x08, 0x0a, 0xce, 0x05, 0xaf, 0xa0, 0xc2, 0xbe, 0xa2, 0x8e, - 0x4f, 0xb2, 0x27, 0x87, 0x13, 0x91, 0x65, 0xef, 0xba, 0x91, - 0xf9, 0x0f, 0x8a, 0xa5, 0x81, 0x4a, 0x50, 0x3a, 0xd4, 0xeb, - 0x04, 0xa8, 0xc7, 0xdd, 0x22, 0xce, 0x28, 0x26, - }, - .b = { - 0x04, 0xa8, 0xc7, 0xdd, 0x22, 0xce, 0x28, 0x26, 0x8b, 0x39, - 0xb5, 0x54, 0x16, 0xf0, 0x44, 0x7c, 0x2f, 0xb7, 0x7d, 0xe1, - 0x07, 0xdc, 0xd2, 0xa6, 0x2e, 0x88, 0x0e, 0xa5, 0x3e, 0xeb, - 0x62, 0xd5, 0x7c, 0xb4, 0x39, 0x02, 0x95, 0xdb, 0xc9, 0x94, - 0x3a, 0xb7, 0x86, 0x96, 0xfa, 0x50, 0x4c, 0x11, - }, - .x = { - 0x1d, 0x1c, 0x64, 0xf0, 0x68, 0xcf, 0x45, 0xff, 0xa2, 0xa6, - 0x3a, 0x81, 0xb7, 0xc1, 0x3f, 0x6b, 0x88, 0x47, 0xa3, 0xe7, - 0x7e, 0xf1, 0x4f, 0xe3, 0xdb, 0x7f, 0xca, 0xfe, 0x0c, 0xbd, - 0x10, 0xe8, 0xe8, 0x26, 0xe0, 0x34, 0x36, 0xd6, 0x46, 0xaa, - 0xef, 0x87, 0xb2, 0xe2, 0x47, 0xd4, 0xaf, 0x1e, - }, - .y = { - 0x8a, 0xbe, 0x1d, 0x75, 0x20, 0xf9, 0xc2, 0xa4, 0x5c, 0xb1, - 0xeb, 0x8e, 0x95, 0xcf, 0xd5, 0x52, 0x62, 0xb7, 0x0b, 0x29, - 0xfe, 0xec, 0x58, 0x64, 0xe1, 0x9c, 0x05, 0x4f, 0xf9, 0x91, - 0x29, 0x28, 0x0e, 0x46, 0x46, 0x21, 0x77, 0x91, 0x81, 0x11, - 0x42, 0x82, 0x03, 0x41, 0x26, 0x3c, 0x53, 0x15, - }, - .order = { - 0x8c, 0xb9, 0x1e, 0x82, 0xa3, 0x38, 0x6d, 0x28, 0x0f, 0x5d, - 0x6f, 0x7e, 0x50, 0xe6, 0x41, 0xdf, 0x15, 0x2f, 0x71, 0x09, - 0xed, 0x54, 0x56, 0xb3, 0x1f, 0x16, 0x6e, 0x6c, 0xac, 0x04, - 0x25, 0xa7, 0xcf, 0x3a, 0xb6, 0xaf, 0x6b, 0x7f, 0xc3, 0x10, - 0x3b, 0x88, 0x32, 0x02, 0xe9, 0x04, 0x65, 0x65, - }, -}; - -static const struct { - uint8_t p[48]; - uint8_t a[48]; - uint8_t b[48]; - uint8_t x[48]; - uint8_t y[48]; - uint8_t order[48]; -} _EC_brainpoolP384t1 = { - .p = { - 0x8c, 0xb9, 0x1e, 0x82, 0xa3, 0x38, 0x6d, 0x28, 0x0f, 0x5d, - 0x6f, 0x7e, 0x50, 0xe6, 0x41, 0xdf, 0x15, 0x2f, 0x71, 0x09, - 0xed, 0x54, 0x56, 0xb4, 0x12, 0xb1, 0xda, 0x19, 0x7f, 0xb7, - 0x11, 0x23, 0xac, 0xd3, 0xa7, 0x29, 0x90, 0x1d, 0x1a, 0x71, - 0x87, 0x47, 0x00, 0x13, 0x31, 0x07, 0xec, 0x53, - }, - .a = { - 0x8c, 0xb9, 0x1e, 0x82, 0xa3, 0x38, 0x6d, 0x28, 0x0f, 0x5d, - 0x6f, 0x7e, 0x50, 0xe6, 0x41, 0xdf, 0x15, 0x2f, 0x71, 0x09, - 0xed, 0x54, 0x56, 0xb4, 0x12, 0xb1, 0xda, 0x19, 0x7f, 0xb7, - 0x11, 0x23, 0xac, 0xd3, 0xa7, 0x29, 0x90, 0x1d, 0x1a, 0x71, - 0x87, 0x47, 0x00, 0x13, 0x31, 0x07, 0xec, 0x50, - }, - .b = { - 0x7f, 0x51, 0x9e, 0xad, 0xa7, 0xbd, 0xa8, 0x1b, 0xd8, 0x26, - 0xdb, 0xa6, 0x47, 0x91, 0x0f, 0x8c, 0x4b, 0x93, 0x46, 0xed, - 0x8c, 0xcd, 0xc6, 0x4e, 0x4b, 0x1a, 0xbd, 0x11, 0x75, 0x6d, - 0xce, 0x1d, 0x20, 0x74, 0xaa, 0x26, 0x3b, 0x88, 0x80, 0x5c, - 0xed, 0x70, 0x35, 0x5a, 0x33, 0xb4, 0x71, 0xee, - }, - .x = { - 0x18, 0xde, 0x98, 0xb0, 0x2d, 0xb9, 0xa3, 0x06, 0xf2, 0xaf, - 0xcd, 0x72, 0x35, 0xf7, 0x2a, 0x81, 0x9b, 0x80, 0xab, 0x12, - 0xeb, 0xd6, 0x53, 0x17, 0x24, 0x76, 0xfe, 0xcd, 0x46, 0x2a, - 0xab, 0xff, 0xc4, 0xff, 0x19, 0x1b, 0x94, 0x6a, 0x5f, 0x54, - 0xd8, 0xd0, 0xaa, 0x2f, 0x41, 0x88, 0x08, 0xcc, - }, - .y = { - 0x25, 0xab, 0x05, 0x69, 0x62, 0xd3, 0x06, 0x51, 0xa1, 0x14, - 0xaf, 0xd2, 0x75, 0x5a, 0xd3, 0x36, 0x74, 0x7f, 0x93, 0x47, - 0x5b, 0x7a, 0x1f, 0xca, 0x3b, 0x88, 0xf2, 0xb6, 0xa2, 0x08, - 0xcc, 0xfe, 0x46, 0x94, 0x08, 0x58, 0x4d, 0xc2, 0xb2, 0x91, - 0x26, 0x75, 0xbf, 0x5b, 0x9e, 0x58, 0x29, 0x28, - }, - .order = { - 0x8c, 0xb9, 0x1e, 0x82, 0xa3, 0x38, 0x6d, 0x28, 0x0f, 0x5d, - 0x6f, 0x7e, 0x50, 0xe6, 0x41, 0xdf, 0x15, 0x2f, 0x71, 0x09, - 0xed, 0x54, 0x56, 0xb3, 0x1f, 0x16, 0x6e, 0x6c, 0xac, 0x04, - 0x25, 0xa7, 0xcf, 0x3a, 0xb6, 0xaf, 0x6b, 0x7f, 0xc3, 0x10, - 0x3b, 0x88, 0x32, 0x02, 0xe9, 0x04, 0x65, 0x65, - }, -}; - -static const struct { - uint8_t p[64]; - uint8_t a[64]; - uint8_t b[64]; - uint8_t x[64]; - uint8_t y[64]; - uint8_t order[64]; -} _EC_brainpoolP512r1 = { - .p = { - 0xaa, 0xdd, 0x9d, 0xb8, 0xdb, 0xe9, 0xc4, 0x8b, 0x3f, 0xd4, - 0xe6, 0xae, 0x33, 0xc9, 0xfc, 0x07, 0xcb, 0x30, 0x8d, 0xb3, - 0xb3, 0xc9, 0xd2, 0x0e, 0xd6, 0x63, 0x9c, 0xca, 0x70, 0x33, - 0x08, 0x71, 0x7d, 0x4d, 0x9b, 0x00, 0x9b, 0xc6, 0x68, 0x42, - 0xae, 0xcd, 0xa1, 0x2a, 0xe6, 0xa3, 0x80, 0xe6, 0x28, 0x81, - 0xff, 0x2f, 0x2d, 0x82, 0xc6, 0x85, 0x28, 0xaa, 0x60, 0x56, - 0x58, 0x3a, 0x48, 0xf3, - }, - .a = { - 0x78, 0x30, 0xa3, 0x31, 0x8b, 0x60, 0x3b, 0x89, 0xe2, 0x32, - 0x71, 0x45, 0xac, 0x23, 0x4c, 0xc5, 0x94, 0xcb, 0xdd, 0x8d, - 0x3d, 0xf9, 0x16, 0x10, 0xa8, 0x34, 0x41, 0xca, 0xea, 0x98, - 0x63, 0xbc, 0x2d, 0xed, 0x5d, 0x5a, 0xa8, 0x25, 0x3a, 0xa1, - 0x0a, 0x2e, 0xf1, 0xc9, 0x8b, 0x9a, 0xc8, 0xb5, 0x7f, 0x11, - 0x17, 0xa7, 0x2b, 0xf2, 0xc7, 0xb9, 0xe7, 0xc1, 0xac, 0x4d, - 0x77, 0xfc, 0x94, 0xca, - }, - .b = { - 0x3d, 0xf9, 0x16, 0x10, 0xa8, 0x34, 0x41, 0xca, 0xea, 0x98, - 0x63, 0xbc, 0x2d, 0xed, 0x5d, 0x5a, 0xa8, 0x25, 0x3a, 0xa1, - 0x0a, 0x2e, 0xf1, 0xc9, 0x8b, 0x9a, 0xc8, 0xb5, 0x7f, 0x11, - 0x17, 0xa7, 0x2b, 0xf2, 0xc7, 0xb9, 0xe7, 0xc1, 0xac, 0x4d, - 0x77, 0xfc, 0x94, 0xca, 0xdc, 0x08, 0x3e, 0x67, 0x98, 0x40, - 0x50, 0xb7, 0x5e, 0xba, 0xe5, 0xdd, 0x28, 0x09, 0xbd, 0x63, - 0x80, 0x16, 0xf7, 0x23, - }, - .x = { - 0x81, 0xae, 0xe4, 0xbd, 0xd8, 0x2e, 0xd9, 0x64, 0x5a, 0x21, - 0x32, 0x2e, 0x9c, 0x4c, 0x6a, 0x93, 0x85, 0xed, 0x9f, 0x70, - 0xb5, 0xd9, 0x16, 0xc1, 0xb4, 0x3b, 0x62, 0xee, 0xf4, 0xd0, - 0x09, 0x8e, 0xff, 0x3b, 0x1f, 0x78, 0xe2, 0xd0, 0xd4, 0x8d, - 0x50, 0xd1, 0x68, 0x7b, 0x93, 0xb9, 0x7d, 0x5f, 0x7c, 0x6d, - 0x50, 0x47, 0x40, 0x6a, 0x5e, 0x68, 0x8b, 0x35, 0x22, 0x09, - 0xbc, 0xb9, 0xf8, 0x22, - }, - .y = { - 0x7d, 0xde, 0x38, 0x5d, 0x56, 0x63, 0x32, 0xec, 0xc0, 0xea, - 0xbf, 0xa9, 0xcf, 0x78, 0x22, 0xfd, 0xf2, 0x09, 0xf7, 0x00, - 0x24, 0xa5, 0x7b, 0x1a, 0xa0, 0x00, 0xc5, 0x5b, 0x88, 0x1f, - 0x81, 0x11, 0xb2, 0xdc, 0xde, 0x49, 0x4a, 0x5f, 0x48, 0x5e, - 0x5b, 0xca, 0x4b, 0xd8, 0x8a, 0x27, 0x63, 0xae, 0xd1, 0xca, - 0x2b, 0x2f, 0xa8, 0xf0, 0x54, 0x06, 0x78, 0xcd, 0x1e, 0x0f, - 0x3a, 0xd8, 0x08, 0x92, - }, - .order = { - 0xaa, 0xdd, 0x9d, 0xb8, 0xdb, 0xe9, 0xc4, 0x8b, 0x3f, 0xd4, - 0xe6, 0xae, 0x33, 0xc9, 0xfc, 0x07, 0xcb, 0x30, 0x8d, 0xb3, - 0xb3, 0xc9, 0xd2, 0x0e, 0xd6, 0x63, 0x9c, 0xca, 0x70, 0x33, - 0x08, 0x70, 0x55, 0x3e, 0x5c, 0x41, 0x4c, 0xa9, 0x26, 0x19, - 0x41, 0x86, 0x61, 0x19, 0x7f, 0xac, 0x10, 0x47, 0x1d, 0xb1, - 0xd3, 0x81, 0x08, 0x5d, 0xda, 0xdd, 0xb5, 0x87, 0x96, 0x82, - 0x9c, 0xa9, 0x00, 0x69, - }, -}; - -static const struct { - uint8_t p[64]; - uint8_t a[64]; - uint8_t b[64]; - uint8_t x[64]; - uint8_t y[64]; - uint8_t order[64]; -} _EC_brainpoolP512t1 = { - .p = { - 0xaa, 0xdd, 0x9d, 0xb8, 0xdb, 0xe9, 0xc4, 0x8b, 0x3f, 0xd4, - 0xe6, 0xae, 0x33, 0xc9, 0xfc, 0x07, 0xcb, 0x30, 0x8d, 0xb3, - 0xb3, 0xc9, 0xd2, 0x0e, 0xd6, 0x63, 0x9c, 0xca, 0x70, 0x33, - 0x08, 0x71, 0x7d, 0x4d, 0x9b, 0x00, 0x9b, 0xc6, 0x68, 0x42, - 0xae, 0xcd, 0xa1, 0x2a, 0xe6, 0xa3, 0x80, 0xe6, 0x28, 0x81, - 0xff, 0x2f, 0x2d, 0x82, 0xc6, 0x85, 0x28, 0xaa, 0x60, 0x56, - 0x58, 0x3a, 0x48, 0xf3, - }, - .a = { - 0xaa, 0xdd, 0x9d, 0xb8, 0xdb, 0xe9, 0xc4, 0x8b, 0x3f, 0xd4, - 0xe6, 0xae, 0x33, 0xc9, 0xfc, 0x07, 0xcb, 0x30, 0x8d, 0xb3, - 0xb3, 0xc9, 0xd2, 0x0e, 0xd6, 0x63, 0x9c, 0xca, 0x70, 0x33, - 0x08, 0x71, 0x7d, 0x4d, 0x9b, 0x00, 0x9b, 0xc6, 0x68, 0x42, - 0xae, 0xcd, 0xa1, 0x2a, 0xe6, 0xa3, 0x80, 0xe6, 0x28, 0x81, - 0xff, 0x2f, 0x2d, 0x82, 0xc6, 0x85, 0x28, 0xaa, 0x60, 0x56, - 0x58, 0x3a, 0x48, 0xf0, - }, - .b = { - 0x7c, 0xbb, 0xbc, 0xf9, 0x44, 0x1c, 0xfa, 0xb7, 0x6e, 0x18, - 0x90, 0xe4, 0x68, 0x84, 0xea, 0xe3, 0x21, 0xf7, 0x0c, 0x0b, - 0xcb, 0x49, 0x81, 0x52, 0x78, 0x97, 0x50, 0x4b, 0xec, 0x3e, - 0x36, 0xa6, 0x2b, 0xcd, 0xfa, 0x23, 0x04, 0x97, 0x65, 0x40, - 0xf6, 0x45, 0x00, 0x85, 0xf2, 0xda, 0xe1, 0x45, 0xc2, 0x25, - 0x53, 0xb4, 0x65, 0x76, 0x36, 0x89, 0x18, 0x0e, 0xa2, 0x57, - 0x18, 0x67, 0x42, 0x3e, - }, - .x = { - 0x64, 0x0e, 0xce, 0x5c, 0x12, 0x78, 0x87, 0x17, 0xb9, 0xc1, - 0xba, 0x06, 0xcb, 0xc2, 0xa6, 0xfe, 0xba, 0x85, 0x84, 0x24, - 0x58, 0xc5, 0x6d, 0xde, 0x9d, 0xb1, 0x75, 0x8d, 0x39, 0xc0, - 0x31, 0x3d, 0x82, 0xba, 0x51, 0x73, 0x5c, 0xdb, 0x3e, 0xa4, - 0x99, 0xaa, 0x77, 0xa7, 0xd6, 0x94, 0x3a, 0x64, 0xf7, 0xa3, - 0xf2, 0x5f, 0xe2, 0x6f, 0x06, 0xb5, 0x1b, 0xaa, 0x26, 0x96, - 0xfa, 0x90, 0x35, 0xda, - }, - .y = { - 0x5b, 0x53, 0x4b, 0xd5, 0x95, 0xf5, 0xaf, 0x0f, 0xa2, 0xc8, - 0x92, 0x37, 0x6c, 0x84, 0xac, 0xe1, 0xbb, 0x4e, 0x30, 0x19, - 0xb7, 0x16, 0x34, 0xc0, 0x11, 0x31, 0x15, 0x9c, 0xae, 0x03, - 0xce, 0xe9, 0xd9, 0x93, 0x21, 0x84, 0xbe, 0xef, 0x21, 0x6b, - 0xd7, 0x1d, 0xf2, 0xda, 0xdf, 0x86, 0xa6, 0x27, 0x30, 0x6e, - 0xcf, 0xf9, 0x6d, 0xbb, 0x8b, 0xac, 0xe1, 0x98, 0xb6, 0x1e, - 0x00, 0xf8, 0xb3, 0x32, - }, - .order = { - 0xaa, 0xdd, 0x9d, 0xb8, 0xdb, 0xe9, 0xc4, 0x8b, 0x3f, 0xd4, - 0xe6, 0xae, 0x33, 0xc9, 0xfc, 0x07, 0xcb, 0x30, 0x8d, 0xb3, - 0xb3, 0xc9, 0xd2, 0x0e, 0xd6, 0x63, 0x9c, 0xca, 0x70, 0x33, - 0x08, 0x70, 0x55, 0x3e, 0x5c, 0x41, 0x4c, 0xa9, 0x26, 0x19, - 0x41, 0x86, 0x61, 0x19, 0x7f, 0xac, 0x10, 0x47, 0x1d, 0xb1, - 0xd3, 0x81, 0x08, 0x5d, 0xda, 0xdd, 0xb5, 0x87, 0x96, 0x82, - 0x9c, 0xa9, 0x00, 0x69, - }, -}; - -static const struct { - uint8_t p[32]; - uint8_t a[32]; - uint8_t b[32]; - uint8_t x[32]; - uint8_t y[32]; - uint8_t order[32]; -} _EC_FRP256v1 = { - .p = { - 0xf1, 0xfd, 0x17, 0x8c, 0x0b, 0x3a, 0xd5, 0x8f, 0x10, 0x12, - 0x6d, 0xe8, 0xce, 0x42, 0x43, 0x5b, 0x39, 0x61, 0xad, 0xbc, - 0xab, 0xc8, 0xca, 0x6d, 0xe8, 0xfc, 0xf3, 0x53, 0xd8, 0x6e, - 0x9c, 0x03, - }, - .a = { - 0xf1, 0xfd, 0x17, 0x8c, 0x0b, 0x3a, 0xd5, 0x8f, 0x10, 0x12, - 0x6d, 0xe8, 0xce, 0x42, 0x43, 0x5b, 0x39, 0x61, 0xad, 0xbc, - 0xab, 0xc8, 0xca, 0x6d, 0xe8, 0xfc, 0xf3, 0x53, 0xd8, 0x6e, - 0x9c, 0x00, - }, - .b = { - 0xee, 0x35, 0x3f, 0xca, 0x54, 0x28, 0xa9, 0x30, 0x0d, 0x4a, - 0xba, 0x75, 0x4a, 0x44, 0xc0, 0x0f, 0xdf, 0xec, 0x0c, 0x9a, - 0xe4, 0xb1, 0xa1, 0x80, 0x30, 0x75, 0xed, 0x96, 0x7b, 0x7b, - 0xb7, 0x3f, - }, - .x = { - 0xb6, 0xb3, 0xd4, 0xc3, 0x56, 0xc1, 0x39, 0xeb, 0x31, 0x18, - 0x3d, 0x47, 0x49, 0xd4, 0x23, 0x95, 0x8c, 0x27, 0xd2, 0xdc, - 0xaf, 0x98, 0xb7, 0x01, 0x64, 0xc9, 0x7a, 0x2d, 0xd9, 0x8f, - 0x5c, 0xff, - }, - .y = { - 0x61, 0x42, 0xe0, 0xf7, 0xc8, 0xb2, 0x04, 0x91, 0x1f, 0x92, - 0x71, 0xf0, 0xf3, 0xec, 0xef, 0x8c, 0x27, 0x01, 0xc3, 0x07, - 0xe8, 0xe4, 0xc9, 0xe1, 0x83, 0x11, 0x5a, 0x15, 0x54, 0x06, - 0x2c, 0xfb, - }, - .order = { - 0xf1, 0xfd, 0x17, 0x8c, 0x0b, 0x3a, 0xd5, 0x8f, 0x10, 0x12, - 0x6d, 0xe8, 0xce, 0x42, 0x43, 0x5b, 0x53, 0xdc, 0x67, 0xe1, - 0x40, 0xd2, 0xbf, 0x94, 0x1f, 0xfd, 0xd4, 0x59, 0xc6, 0xd6, - 0x55, 0xe1, - }, -}; - -static const struct ec_curve { - const char *comment; - int nid; - int seed_len; - int param_len; - unsigned int cofactor; - const uint8_t *seed; - const uint8_t *p; - const uint8_t *a; - const uint8_t *b; - const uint8_t *x; - const uint8_t *y; - const uint8_t *order; -} ec_curve_list[] = { - /* secg curves */ - { - .comment = "SECG curve secp224k1", - .nid = NID_secp224k1, - .param_len = sizeof(_EC_SECG_PRIME_224K1.p), - .p = _EC_SECG_PRIME_224K1.p, - .a = _EC_SECG_PRIME_224K1.a, - .b = _EC_SECG_PRIME_224K1.b, - .x = _EC_SECG_PRIME_224K1.x, - .y = _EC_SECG_PRIME_224K1.y, - .order = _EC_SECG_PRIME_224K1.order, - .cofactor = 1, - }, - { - .comment = "NIST/SECG curve secp224r1", - .nid = NID_secp224r1, - .seed_len = sizeof(_EC_NIST_PRIME_224.seed), - .param_len = sizeof(_EC_NIST_PRIME_224.p), - .seed = _EC_NIST_PRIME_224.seed, - .p = _EC_NIST_PRIME_224.p, - .a = _EC_NIST_PRIME_224.a, - .b = _EC_NIST_PRIME_224.b, - .x = _EC_NIST_PRIME_224.x, - .y = _EC_NIST_PRIME_224.y, - .order = _EC_NIST_PRIME_224.order, - .cofactor = 1, - }, - { - .comment = "SECG curve secp256k1", - .nid = NID_secp256k1, - .param_len = sizeof(_EC_SECG_PRIME_256K1.p), - .p = _EC_SECG_PRIME_256K1.p, - .a = _EC_SECG_PRIME_256K1.a, - .b = _EC_SECG_PRIME_256K1.b, - .x = _EC_SECG_PRIME_256K1.x, - .y = _EC_SECG_PRIME_256K1.y, - .order = _EC_SECG_PRIME_256K1.order, - .cofactor = 1, - }, - /* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */ - { - .comment = "NIST/SECG curve secp384r1", - .nid = NID_secp384r1, - .seed_len = sizeof(_EC_NIST_PRIME_384.seed), - .param_len = sizeof(_EC_NIST_PRIME_384.p), - .seed = _EC_NIST_PRIME_384.seed, - .p = _EC_NIST_PRIME_384.p, - .a = _EC_NIST_PRIME_384.a, - .b = _EC_NIST_PRIME_384.b, - .x = _EC_NIST_PRIME_384.x, - .y = _EC_NIST_PRIME_384.y, - .order = _EC_NIST_PRIME_384.order, - .cofactor = 1, - }, - { - .comment = "NIST/SECG curve secp521r1", - .nid = NID_secp521r1, - .seed_len = sizeof(_EC_NIST_PRIME_521.seed), - .param_len = sizeof(_EC_NIST_PRIME_521.p), - .seed = _EC_NIST_PRIME_521.seed, - .p = _EC_NIST_PRIME_521.p, - .a = _EC_NIST_PRIME_521.a, - .b = _EC_NIST_PRIME_521.b, - .x = _EC_NIST_PRIME_521.x, - .y = _EC_NIST_PRIME_521.y, - .order = _EC_NIST_PRIME_521.order, - .cofactor = 1, - }, - /* X9.62 curves */ - { - .comment = "X9.62 curve prime239v1", - .nid = NID_X9_62_prime239v1, - .seed_len = sizeof(_EC_X9_62_PRIME_239V1.seed), - .param_len = sizeof(_EC_X9_62_PRIME_239V1.p), - .seed = _EC_X9_62_PRIME_239V1.seed, - .p = _EC_X9_62_PRIME_239V1.p, - .a = _EC_X9_62_PRIME_239V1.a, - .b = _EC_X9_62_PRIME_239V1.b, - .x = _EC_X9_62_PRIME_239V1.x, - .y = _EC_X9_62_PRIME_239V1.y, - .order = _EC_X9_62_PRIME_239V1.order, - .cofactor = 1, - }, - { - .comment = "X9.62 curve prime239v2", - .nid = NID_X9_62_prime239v2, - .seed_len = sizeof(_EC_X9_62_PRIME_239V2.seed), - .param_len = sizeof(_EC_X9_62_PRIME_239V2.p), - .seed = _EC_X9_62_PRIME_239V2.seed, - .p = _EC_X9_62_PRIME_239V2.p, - .a = _EC_X9_62_PRIME_239V2.a, - .b = _EC_X9_62_PRIME_239V2.b, - .x = _EC_X9_62_PRIME_239V2.x, - .y = _EC_X9_62_PRIME_239V2.y, - .order = _EC_X9_62_PRIME_239V2.order, - .cofactor = 1, - }, - { - .comment = "X9.62 curve prime239v3", - .nid = NID_X9_62_prime239v3, - .seed_len = sizeof(_EC_X9_62_PRIME_239V3.seed), - .param_len = sizeof(_EC_X9_62_PRIME_239V3.p), - .seed = _EC_X9_62_PRIME_239V3.seed, - .p = _EC_X9_62_PRIME_239V3.p, - .a = _EC_X9_62_PRIME_239V3.a, - .b = _EC_X9_62_PRIME_239V3.b, - .x = _EC_X9_62_PRIME_239V3.x, - .y = _EC_X9_62_PRIME_239V3.y, - .order = _EC_X9_62_PRIME_239V3.order, - .cofactor = 1, - }, - { - .comment = "X9.62/SECG curve prime256v1", - .nid = NID_X9_62_prime256v1, - .seed_len = sizeof(_EC_X9_62_PRIME_256V1.seed), - .param_len = sizeof(_EC_X9_62_PRIME_256V1.p), - .seed = _EC_X9_62_PRIME_256V1.seed, - .p = _EC_X9_62_PRIME_256V1.p, - .a = _EC_X9_62_PRIME_256V1.a, - .b = _EC_X9_62_PRIME_256V1.b, - .x = _EC_X9_62_PRIME_256V1.x, - .y = _EC_X9_62_PRIME_256V1.y, - .order = _EC_X9_62_PRIME_256V1.order, - .cofactor = 1, - }, - /* RFC 5639 curves */ - { - .comment = "RFC 5639 curve brainpoolP224r1", - .nid = NID_brainpoolP224r1, - .param_len = sizeof(_EC_brainpoolP224r1.p), - .p = _EC_brainpoolP224r1.p, - .a = _EC_brainpoolP224r1.a, - .b = _EC_brainpoolP224r1.b, - .x = _EC_brainpoolP224r1.x, - .y = _EC_brainpoolP224r1.y, - .order = _EC_brainpoolP224r1.order, - .cofactor = 1, - }, - { - .comment = "RFC 5639 curve brainpoolP224r2", - .nid = NID_brainpoolP224t1, - .param_len = sizeof(_EC_brainpoolP224t1.p), - .p = _EC_brainpoolP224t1.p, - .a = _EC_brainpoolP224t1.a, - .b = _EC_brainpoolP224t1.b, - .x = _EC_brainpoolP224t1.x, - .y = _EC_brainpoolP224t1.y, - .order = _EC_brainpoolP224t1.order, - .cofactor = 1, - }, - { - .comment = "RFC 5639 curve brainpoolP256r1", - .nid = NID_brainpoolP256r1, - .param_len = sizeof(_EC_brainpoolP256r1.p), - .p = _EC_brainpoolP256r1.p, - .a = _EC_brainpoolP256r1.a, - .b = _EC_brainpoolP256r1.b, - .x = _EC_brainpoolP256r1.x, - .y = _EC_brainpoolP256r1.y, - .order = _EC_brainpoolP256r1.order, - .cofactor = 1, - }, - { - .comment = "RFC 5639 curve brainpoolP256t1", - .nid = NID_brainpoolP256t1, - .param_len = sizeof(_EC_brainpoolP256t1.p), - .p = _EC_brainpoolP256t1.p, - .a = _EC_brainpoolP256t1.a, - .b = _EC_brainpoolP256t1.b, - .x = _EC_brainpoolP256t1.x, - .y = _EC_brainpoolP256t1.y, - .order = _EC_brainpoolP256t1.order, - .cofactor = 1, - }, - { - .comment = "RFC 5639 curve brainpoolP320r1", - .nid = NID_brainpoolP320r1, - .param_len = sizeof(_EC_brainpoolP320r1.p), - .p = _EC_brainpoolP320r1.p, - .a = _EC_brainpoolP320r1.a, - .b = _EC_brainpoolP320r1.b, - .x = _EC_brainpoolP320r1.x, - .y = _EC_brainpoolP320r1.y, - .order = _EC_brainpoolP320r1.order, - .cofactor = 1, - }, - { - .comment = "RFC 5639 curve brainpoolP320t1", - .nid = NID_brainpoolP320t1, - .param_len = sizeof(_EC_brainpoolP320t1.p), - .p = _EC_brainpoolP320t1.p, - .a = _EC_brainpoolP320t1.a, - .b = _EC_brainpoolP320t1.b, - .x = _EC_brainpoolP320t1.x, - .y = _EC_brainpoolP320t1.y, - .order = _EC_brainpoolP320t1.order, - .cofactor = 1, - }, - { - .comment = "RFC 5639 curve brainpoolP384r1", - .nid = NID_brainpoolP384r1, - .param_len = sizeof(_EC_brainpoolP384r1.p), - .p = _EC_brainpoolP384r1.p, - .a = _EC_brainpoolP384r1.a, - .b = _EC_brainpoolP384r1.b, - .x = _EC_brainpoolP384r1.x, - .y = _EC_brainpoolP384r1.y, - .order = _EC_brainpoolP384r1.order, - .cofactor = 1, - }, - { - .comment = "RFC 5639 curve brainpoolP384t1", - .nid = NID_brainpoolP384t1, - .param_len = sizeof(_EC_brainpoolP384t1.p), - .p = _EC_brainpoolP384t1.p, - .a = _EC_brainpoolP384t1.a, - .b = _EC_brainpoolP384t1.b, - .x = _EC_brainpoolP384t1.x, - .y = _EC_brainpoolP384t1.y, - .order = _EC_brainpoolP384t1.order, - .cofactor = 1, - }, - { - .comment = "RFC 5639 curve brainpoolP512r1", - .nid = NID_brainpoolP512r1, - .param_len = sizeof(_EC_brainpoolP512r1.p), - .p = _EC_brainpoolP512r1.p, - .a = _EC_brainpoolP512r1.a, - .b = _EC_brainpoolP512r1.b, - .x = _EC_brainpoolP512r1.x, - .y = _EC_brainpoolP512r1.y, - .order = _EC_brainpoolP512r1.order, - .cofactor = 1, - }, - { - .comment = "RFC 5639 curve brainpoolP512t1", - .nid = NID_brainpoolP512t1, - .param_len = sizeof(_EC_brainpoolP512t1.p), - .p = _EC_brainpoolP512t1.p, - .a = _EC_brainpoolP512t1.a, - .b = _EC_brainpoolP512t1.b, - .x = _EC_brainpoolP512t1.x, - .y = _EC_brainpoolP512t1.y, - .order = _EC_brainpoolP512t1.order, - .cofactor = 1, - }, - /* ANSSI */ - { - .comment = "ANSSI curve FRP256v1", - .nid = NID_FRP256v1, - .param_len = sizeof(_EC_FRP256v1.p), - .p = _EC_FRP256v1.p, - .a = _EC_FRP256v1.a, - .b = _EC_FRP256v1.b, - .x = _EC_FRP256v1.x, - .y = _EC_FRP256v1.y, - .order = _EC_FRP256v1.order, - .cofactor = 1, - }, -}; - -#define EC_CURVE_LIST_LENGTH (sizeof(ec_curve_list) / sizeof(ec_curve_list[0])) - -static EC_GROUP * -ec_group_new_from_data(const struct ec_curve *curve) -{ - EC_GROUP *group = NULL, *ret = NULL; - EC_POINT *generator = NULL; - BN_CTX *ctx = NULL; - BIGNUM *p, *a, *b, *x, *y, *order, *cofactor; - - if ((ctx = BN_CTX_new()) == NULL) { - ECerror(ERR_R_MALLOC_FAILURE); - goto err; - } - BN_CTX_start(ctx); - - if ((p = BN_CTX_get(ctx)) == NULL) { - ECerror(ERR_R_BN_LIB); - goto err; - } - if ((a = BN_CTX_get(ctx)) == NULL) { - ECerror(ERR_R_BN_LIB); - goto err; - } - if ((b = BN_CTX_get(ctx)) == NULL) { - ECerror(ERR_R_BN_LIB); - goto err; - } - if ((x = BN_CTX_get(ctx)) == NULL) { - ECerror(ERR_R_BN_LIB); - goto err; - } - if ((y = BN_CTX_get(ctx)) == NULL) { - ECerror(ERR_R_BN_LIB); - goto err; - } - if ((order = BN_CTX_get(ctx)) == NULL) { - ECerror(ERR_R_BN_LIB); - goto err; - } - if ((cofactor = BN_CTX_get(ctx)) == NULL) { - ECerror(ERR_R_BN_LIB); - goto err; - } - - if (BN_bin2bn(curve->p, curve->param_len, p) == NULL) { - ECerror(ERR_R_BN_LIB); - goto err; - } - if (BN_bin2bn(curve->a, curve->param_len, a) == NULL) { - ECerror(ERR_R_BN_LIB); - goto err; - } - if (BN_bin2bn(curve->b, curve->param_len, b) == NULL) { - ECerror(ERR_R_BN_LIB); - goto err; - } - if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL) { - ECerror(ERR_R_EC_LIB); - goto err; - } - EC_GROUP_set_curve_name(group, curve->nid); - - if ((generator = EC_POINT_new(group)) == NULL) { - ECerror(ERR_R_EC_LIB); - goto err; - } - if (BN_bin2bn(curve->x, curve->param_len, x) == NULL) { - ECerror(ERR_R_BN_LIB); - goto err; - } - if (BN_bin2bn(curve->y, curve->param_len, y) == NULL) { - ECerror(ERR_R_BN_LIB); - goto err; - } - if (!EC_POINT_set_affine_coordinates(group, generator, x, y, ctx)) { - ECerror(ERR_R_EC_LIB); - goto err; - } - if (BN_bin2bn(curve->order, curve->param_len, order) == NULL) { - ECerror(ERR_R_EC_LIB); - goto err; - } - if (!BN_set_word(cofactor, curve->cofactor)) { - ECerror(ERR_R_BN_LIB); - goto err; - } - if (!EC_GROUP_set_generator(group, generator, order, cofactor)) { - ECerror(ERR_R_EC_LIB); - goto err; - } - - if (curve->seed != NULL) { - if (!EC_GROUP_set_seed(group, curve->seed, curve->seed_len)) { - ECerror(ERR_R_EC_LIB); - goto err; - } - } - - ret = group; - group = NULL; - - err: - EC_GROUP_free(group); - EC_POINT_free(generator); - BN_CTX_end(ctx); - BN_CTX_free(ctx); - - return ret; -} - -EC_GROUP * -EC_GROUP_new_by_curve_name(int nid) -{ - size_t i; - - if (nid <= 0) - return NULL; - - for (i = 0; i < EC_CURVE_LIST_LENGTH; i++) { - if (ec_curve_list[i].nid == nid) - return ec_group_new_from_data(&ec_curve_list[i]); - } - - ECerror(EC_R_UNKNOWN_GROUP); - return NULL; -} -LCRYPTO_ALIAS(EC_GROUP_new_by_curve_name); - -static void -ec_curve_free(struct ec_curve *curve) -{ - if (curve == NULL) - return; - - /* PERM UGLY CASTS */ - free((uint8_t *)curve->seed); - free((uint8_t *)curve->p); - free((uint8_t *)curve->a); - free((uint8_t *)curve->b); - free((uint8_t *)curve->x); - free((uint8_t *)curve->y); - free((uint8_t *)curve->order); - - free(curve); -} - -static int -ec_curve_encode_parameter(const BIGNUM *bn, int param_len, - const uint8_t **out_param) -{ - uint8_t *buf = NULL; - int ret = 0; - - if (out_param == NULL || *out_param != NULL) - goto err; - - if ((buf = calloc(1, param_len)) == NULL) - goto err; - if (BN_bn2binpad(bn, buf, param_len) != param_len) - goto err; - - *out_param = buf; - buf = NULL; - - ret = 1; - - err: - free(buf); - - return ret; -} - -static struct ec_curve * -ec_curve_from_group(const EC_GROUP *group) -{ - struct ec_curve *curve = NULL; - BN_CTX *ctx; - BIGNUM *p, *a, *b, *x, *y; - const EC_POINT *generator = NULL; - const BIGNUM *order, *cofactor; - size_t seed_len; - - if ((ctx = BN_CTX_new()) == NULL) - goto err; - BN_CTX_start(ctx); - - if ((p = BN_CTX_get(ctx)) == NULL) - goto err; - if ((a = BN_CTX_get(ctx)) == NULL) - goto err; - if ((b = BN_CTX_get(ctx)) == NULL) - goto err; - if ((x = BN_CTX_get(ctx)) == NULL) - goto err; - if ((y = BN_CTX_get(ctx)) == NULL) - goto err; - - if (!EC_GROUP_get_curve(group, p, a, b, ctx)) - goto err; - if ((generator = EC_GROUP_get0_generator(group)) == NULL) - goto err; - if (!EC_POINT_get_affine_coordinates(group, generator, x, y, ctx)) - goto err; - if ((order = EC_GROUP_get0_order(group)) == NULL) - goto err; - - if ((curve = calloc(1, sizeof(*curve))) == NULL) - goto err; - - curve->param_len = BN_num_bytes(p); - if (BN_num_bytes(order) > curve->param_len) - curve->param_len = BN_num_bytes(order); - - if (!ec_curve_encode_parameter(p, curve->param_len, &curve->p)) - goto err; - if (!ec_curve_encode_parameter(a, curve->param_len, &curve->a)) - goto err; - if (!ec_curve_encode_parameter(b, curve->param_len, &curve->b)) - goto err; - if (!ec_curve_encode_parameter(x, curve->param_len, &curve->x)) - goto err; - if (!ec_curve_encode_parameter(y, curve->param_len, &curve->y)) - goto err; - if (!ec_curve_encode_parameter(order, curve->param_len, &curve->order)) - goto err; - - if ((cofactor = EC_GROUP_get0_cofactor(group)) != NULL) { - BN_ULONG cofactor_word; - - if ((cofactor_word = BN_get_word(cofactor)) == BN_MASK2) - goto err; - if (cofactor_word > INT_MAX) - goto err; - - curve->cofactor = cofactor_word; - } - - if ((seed_len = EC_GROUP_get_seed_len(group)) > 0) { - uint8_t *seed; - - if (seed_len > INT_MAX) - goto err; - if ((seed = calloc(1, seed_len)) == NULL) - goto err; - memcpy(seed, EC_GROUP_get0_seed(group), seed_len); - - curve->seed = seed; - curve->seed_len = seed_len; - } - - BN_CTX_end(ctx); - BN_CTX_free(ctx); - - return curve; - - err: - BN_CTX_end(ctx); - BN_CTX_free(ctx); - - ec_curve_free(curve); - - return NULL; -} - -static int -ec_curve_cmp(const struct ec_curve *a, const struct ec_curve *b) -{ - int cmp; - - /* Treat nid as optional. The OID isn't part of EC parameters. */ - if (a->nid != NID_undef && b->nid != NID_undef) { - if (a->nid < b->nid) - return -1; - if (a->nid > b->nid) - return 1; - } - - if (a->cofactor < b->cofactor) - return -1; - if (a->cofactor > b->cofactor) - return 1; - if (a->param_len < b->param_len) - return -1; - if (a->param_len > b->param_len) - return 1; - - if ((cmp = memcmp(a->p, b->p, a->param_len)) != 0) - return cmp; - if ((cmp = memcmp(a->a, b->a, a->param_len)) != 0) - return cmp; - if ((cmp = memcmp(a->b, b->b, a->param_len)) != 0) - return cmp; - if ((cmp = memcmp(a->x, b->x, a->param_len)) != 0) - return cmp; - if ((cmp = memcmp(a->y, b->y, a->param_len)) != 0) - return cmp; - if ((cmp = memcmp(a->order, b->order, a->param_len)) != 0) - return cmp; - - /* Seed is optional, not used for computation. Must match if present. */ - if (a->seed_len != 0 && b->seed_len != 0) { - if (a->seed_len < b->seed_len) - return -1; - if (a->seed_len > b->seed_len) - return 1; - if (a->seed != NULL && b->seed != NULL) { - if ((cmp = memcmp(a->seed, b->seed, a->seed_len)) != 0) - return cmp; - } - } - - return 0; -} - -static int -ec_group_nid_from_curve(const struct ec_curve *curve) -{ - size_t i; - - for (i = 0; i < EC_CURVE_LIST_LENGTH; i++) { - if (ec_curve_cmp(curve, &ec_curve_list[i]) == 0) - return ec_curve_list[i].nid; - } - - return NID_undef; -} - -int -ec_group_is_builtin_curve(const EC_GROUP *group, int *out_nid) -{ - struct ec_curve *curve; - int ret = 0; - int nid; - - *out_nid = NID_undef; - - if ((curve = ec_curve_from_group(group)) == NULL) - goto err; - if ((nid = ec_group_nid_from_curve(curve)) == NID_undef) - goto err; - - *out_nid = nid; - - ret = 1; - - err: - ec_curve_free(curve); - - return ret; -} - -size_t -EC_get_builtin_curves(EC_builtin_curve *curves, size_t nitems) -{ - size_t i; - - if (curves == NULL || nitems == 0) - return EC_CURVE_LIST_LENGTH; - - if (nitems > EC_CURVE_LIST_LENGTH) - nitems = EC_CURVE_LIST_LENGTH; - - for (i = 0; i < nitems; i++) { - curves[i].nid = ec_curve_list[i].nid; - curves[i].comment = ec_curve_list[i].comment; - } - - return EC_CURVE_LIST_LENGTH; -} -LCRYPTO_ALIAS(EC_get_builtin_curves); - -static const struct { - const char *name; - int nid; -} nist_curves[] = { - { "B-163", NID_sect163r2 }, - { "B-233", NID_sect233r1 }, - { "B-283", NID_sect283r1 }, - { "B-409", NID_sect409r1 }, - { "B-571", NID_sect571r1 }, - { "K-163", NID_sect163k1 }, - { "K-233", NID_sect233k1 }, - { "K-283", NID_sect283k1 }, - { "K-409", NID_sect409k1 }, - { "K-571", NID_sect571k1 }, - { "P-192", NID_X9_62_prime192v1 }, - { "P-224", NID_secp224r1 }, - { "P-256", NID_X9_62_prime256v1 }, - { "P-384", NID_secp384r1 }, - { "P-521", NID_secp521r1 } -}; - -const char * -EC_curve_nid2nist(int nid) -{ - size_t i; - - for (i = 0; i < sizeof(nist_curves) / sizeof(nist_curves[0]); i++) { - if (nist_curves[i].nid == nid) - return nist_curves[i].name; - } - - return NULL; -} -LCRYPTO_ALIAS(EC_curve_nid2nist); - -int -EC_curve_nist2nid(const char *name) -{ - size_t i; - - for (i = 0; i < sizeof(nist_curves) / sizeof(nist_curves[0]); i++) { - if (strcmp(nist_curves[i].name, name) == 0) - return nist_curves[i].nid; - } - - return NID_undef; -} -LCRYPTO_ALIAS(EC_curve_nist2nid); diff --git a/src/lib/libcrypto/ec/ec_err.c b/src/lib/libcrypto/ec/ec_err.c deleted file mode 100644 index 2a6c419b57..0000000000 --- a/src/lib/libcrypto/ec/ec_err.c +++ /dev/null @@ -1,151 +0,0 @@ -/* $OpenBSD: ec_err.c,v 1.20 2024/06/24 06:43:22 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include - -#include "err_local.h" - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_EC,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_EC,0,reason) - -static const ERR_STRING_DATA EC_str_functs[] = { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static const ERR_STRING_DATA EC_str_reasons[] = { - {ERR_REASON(EC_R_ASN1_ERROR), "asn1 error"}, - {ERR_REASON(EC_R_ASN1_UNKNOWN_FIELD), "asn1 unknown field"}, - {ERR_REASON(EC_R_BAD_SIGNATURE), "bad signature"}, - {ERR_REASON(EC_R_BIGNUM_OUT_OF_RANGE), "bignum out of range"}, - {ERR_REASON(EC_R_BUFFER_TOO_SMALL), "buffer too small"}, - {ERR_REASON(EC_R_COORDINATES_OUT_OF_RANGE), "coordinates out of range"}, - {ERR_REASON(EC_R_D2I_ECPKPARAMETERS_FAILURE), "d2i ecpkparameters failure"}, - {ERR_REASON(EC_R_DECODE_ERROR), "decode error"}, - {ERR_REASON(EC_R_DISCRIMINANT_IS_ZERO), "discriminant is zero"}, - {ERR_REASON(EC_R_EC_GROUP_NEW_BY_NAME_FAILURE), "ec group new by name failure"}, - {ERR_REASON(EC_R_FIELD_TOO_LARGE), "field too large"}, - {ERR_REASON(EC_R_GF2M_NOT_SUPPORTED), "gf2m not supported"}, - {ERR_REASON(EC_R_GROUP2PKPARAMETERS_FAILURE), "group2pkparameters failure"}, - {ERR_REASON(EC_R_I2D_ECPKPARAMETERS_FAILURE), "i2d ecpkparameters failure"}, - {ERR_REASON(EC_R_INCOMPATIBLE_OBJECTS), "incompatible objects"}, - {ERR_REASON(EC_R_INVALID_ARGUMENT), "invalid argument"}, - {ERR_REASON(EC_R_INVALID_COMPRESSED_POINT), "invalid compressed point"}, - {ERR_REASON(EC_R_INVALID_COMPRESSION_BIT), "invalid compression bit"}, - {ERR_REASON(EC_R_INVALID_CURVE), "invalid curve"}, - {ERR_REASON(EC_R_INVALID_DIGEST), "invalid digest"}, - {ERR_REASON(EC_R_INVALID_DIGEST_TYPE), "invalid digest type"}, - {ERR_REASON(EC_R_INVALID_ENCODING), "invalid encoding"}, - {ERR_REASON(EC_R_INVALID_FIELD), "invalid field"}, - {ERR_REASON(EC_R_INVALID_FORM), "invalid form"}, - {ERR_REASON(EC_R_INVALID_GROUP_ORDER), "invalid group order"}, - {ERR_REASON(EC_R_INVALID_KEY), "invalid key"}, - {ERR_REASON(EC_R_INVALID_OUTPUT_LENGTH), "invalid output length"}, - {ERR_REASON(EC_R_INVALID_PEER_KEY), "invalid peer key"}, - {ERR_REASON(EC_R_INVALID_PENTANOMIAL_BASIS), "invalid pentanomial basis"}, - {ERR_REASON(EC_R_INVALID_PRIVATE_KEY), "invalid private key"}, - {ERR_REASON(EC_R_INVALID_TRINOMIAL_BASIS), "invalid trinomial basis"}, - {ERR_REASON(EC_R_KDF_FAILED), "kdf failed"}, - {ERR_REASON(EC_R_KDF_PARAMETER_ERROR), "kdf parameter error"}, - {ERR_REASON(EC_R_KEY_TRUNCATION), "key would be truncated"}, - {ERR_REASON(EC_R_KEYS_NOT_SET), "keys not set"}, - {ERR_REASON(EC_R_MISSING_PARAMETERS), "missing parameters"}, - {ERR_REASON(EC_R_MISSING_PRIVATE_KEY), "missing private key"}, - {ERR_REASON(EC_R_NEED_NEW_SETUP_VALUES), "need new setup values"}, - {ERR_REASON(EC_R_NOT_A_NIST_PRIME), "not a NIST prime"}, - {ERR_REASON(EC_R_NOT_A_SUPPORTED_NIST_PRIME), "not a supported NIST prime"}, - {ERR_REASON(EC_R_NOT_IMPLEMENTED), "not implemented"}, - {ERR_REASON(EC_R_NOT_INITIALIZED), "not initialized"}, - {ERR_REASON(EC_R_NO_FIELD_MOD), "no field mod"}, - {ERR_REASON(EC_R_NO_PARAMETERS_SET), "no parameters set"}, - {ERR_REASON(EC_R_PASSED_NULL_PARAMETER), "passed null parameter"}, - {ERR_REASON(EC_R_PEER_KEY_ERROR), "peer key error"}, - {ERR_REASON(EC_R_PKPARAMETERS2GROUP_FAILURE), "pkparameters2group failure"}, - {ERR_REASON(EC_R_POINT_ARITHMETIC_FAILURE), "point arithmetic failure"}, - {ERR_REASON(EC_R_POINT_AT_INFINITY), "point at infinity"}, - {ERR_REASON(EC_R_POINT_IS_NOT_ON_CURVE), "point is not on curve"}, - {ERR_REASON(EC_R_SHARED_INFO_ERROR), "shared info error"}, - {ERR_REASON(EC_R_SLOT_FULL), "slot full"}, - {ERR_REASON(EC_R_UNDEFINED_GENERATOR), "undefined generator"}, - {ERR_REASON(EC_R_UNDEFINED_ORDER), "undefined order"}, - {ERR_REASON(EC_R_UNKNOWN_COFACTOR), "unknown cofactor"}, - {ERR_REASON(EC_R_UNKNOWN_GROUP), "unknown group"}, - {ERR_REASON(EC_R_UNKNOWN_ORDER), "unknown order"}, - {ERR_REASON(EC_R_UNSUPPORTED_FIELD), "unsupported field"}, - {ERR_REASON(EC_R_WRONG_CURVE_PARAMETERS), "wrong curve parameters"}, - {ERR_REASON(EC_R_WRONG_ORDER), "wrong order"}, - {0, NULL} -}; - -#endif - -void -ERR_load_EC_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(EC_str_functs[0].error) == NULL) { - ERR_load_const_strings(EC_str_functs); - ERR_load_const_strings(EC_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_EC_strings); diff --git a/src/lib/libcrypto/ec/ec_key.c b/src/lib/libcrypto/ec/ec_key.c deleted file mode 100644 index 6257d67cd1..0000000000 --- a/src/lib/libcrypto/ec/ec_key.c +++ /dev/null @@ -1,809 +0,0 @@ -/* $OpenBSD: ec_key.c,v 1.51 2025/01/25 10:34:36 tb Exp $ */ -/* - * Written by Nils Larsch for the OpenSSL project. - */ -/* ==================================================================== - * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * Portions originally developed by SUN MICROSYSTEMS, INC., and - * contributed to the OpenSSL project. - */ - -#include - -#include - -#include -#include - -#include "bn_local.h" -#include "ec_local.h" -#include "ecdsa_local.h" - -EC_KEY * -EC_KEY_new(void) -{ - return EC_KEY_new_method(NULL); -} -LCRYPTO_ALIAS(EC_KEY_new); - -EC_KEY * -EC_KEY_new_by_curve_name(int nid) -{ - EC_KEY *ec_key; - - if ((ec_key = EC_KEY_new()) == NULL) - goto err; - - if ((ec_key->group = EC_GROUP_new_by_curve_name(nid)) == NULL) - goto err; - - /* XXX - do we want an ec_key_set0_group()? */ - if (ec_key->meth->set_group != NULL) { - if (!ec_key->meth->set_group(ec_key, ec_key->group)) - goto err; - } - - return ec_key; - - err: - EC_KEY_free(ec_key); - - return NULL; -} -LCRYPTO_ALIAS(EC_KEY_new_by_curve_name); - -void -EC_KEY_free(EC_KEY *ec_key) -{ - if (ec_key == NULL) - return; - - if (CRYPTO_add(&ec_key->references, -1, CRYPTO_LOCK_EC) > 0) - return; - - if (ec_key->meth != NULL && ec_key->meth->finish != NULL) - ec_key->meth->finish(ec_key); - - CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EC_KEY, ec_key, &ec_key->ex_data); - - EC_GROUP_free(ec_key->group); - EC_POINT_free(ec_key->pub_key); - BN_free(ec_key->priv_key); - - freezero(ec_key, sizeof(*ec_key)); -} -LCRYPTO_ALIAS(EC_KEY_free); - -EC_KEY * -EC_KEY_copy(EC_KEY *dest, const EC_KEY *src) -{ - if (dest == NULL || src == NULL) { - ECerror(ERR_R_PASSED_NULL_PARAMETER); - return NULL; - } - - if (src->meth != dest->meth) { - if (dest->meth != NULL && dest->meth->finish != NULL) - dest->meth->finish(dest); - } - - if (src->group != NULL) { - EC_GROUP_free(dest->group); - if ((dest->group = EC_GROUP_dup(src->group)) == NULL) - return NULL; - if (src->pub_key != NULL) { - EC_POINT_free(dest->pub_key); - if ((dest->pub_key = EC_POINT_dup(src->pub_key, - src->group)) == NULL) - return NULL; - } - } - - BN_free(dest->priv_key); - dest->priv_key = NULL; - if (src->priv_key != NULL) { - if ((dest->priv_key = BN_dup(src->priv_key)) == NULL) - return NULL; - } - - dest->enc_flag = src->enc_flag; - dest->conv_form = src->conv_form; - dest->version = src->version; - dest->flags = src->flags; - - /* - * The fun part about being a toolkit implementer is that the rest of - * the world gets to live with your terrible API design choices for - * eternity. (To be fair: the signature was changed in OpenSSL 3). - */ - if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_EC_KEY, &dest->ex_data, - &((EC_KEY *)src)->ex_data)) /* XXX const */ - return NULL; - - dest->meth = src->meth; - - if (src->meth != NULL && src->meth->copy != NULL) { - if (!src->meth->copy(dest, src)) - return NULL; - } - - return dest; -} -LCRYPTO_ALIAS(EC_KEY_copy); - -EC_KEY * -EC_KEY_dup(const EC_KEY *in_ec_key) -{ - EC_KEY *ec_key; - - /* XXX - Pass NULL - so we're perhaps not running the right init()? */ - if ((ec_key = EC_KEY_new_method(NULL)) == NULL) - goto err; - if (EC_KEY_copy(ec_key, in_ec_key) == NULL) - goto err; - - return ec_key; - - err: - EC_KEY_free(ec_key); - - return NULL; -} -LCRYPTO_ALIAS(EC_KEY_dup); - -int -EC_KEY_up_ref(EC_KEY *r) -{ - return CRYPTO_add(&r->references, 1, CRYPTO_LOCK_EC) > 1; -} -LCRYPTO_ALIAS(EC_KEY_up_ref); - -int -EC_KEY_set_ex_data(EC_KEY *r, int idx, void *arg) -{ - return CRYPTO_set_ex_data(&r->ex_data, idx, arg); -} -LCRYPTO_ALIAS(EC_KEY_set_ex_data); - -void * -EC_KEY_get_ex_data(const EC_KEY *r, int idx) -{ - return CRYPTO_get_ex_data(&r->ex_data, idx); -} -LCRYPTO_ALIAS(EC_KEY_get_ex_data); - -int -EC_KEY_generate_key(EC_KEY *eckey) -{ - if (eckey->meth->keygen != NULL) - return eckey->meth->keygen(eckey); - ECerror(EC_R_NOT_IMPLEMENTED); - return 0; -} -LCRYPTO_ALIAS(EC_KEY_generate_key); - -static int -ec_key_gen(EC_KEY *eckey) -{ - BIGNUM *priv_key = NULL; - EC_POINT *pub_key = NULL; - const BIGNUM *order; - int ret = 0; - - if (eckey == NULL || eckey->group == NULL) { - ECerror(ERR_R_PASSED_NULL_PARAMETER); - goto err; - } - - if ((priv_key = BN_new()) == NULL) - goto err; - if ((pub_key = EC_POINT_new(eckey->group)) == NULL) - goto err; - - if ((order = EC_GROUP_get0_order(eckey->group)) == NULL) - goto err; - if (!bn_rand_interval(priv_key, 1, order)) - goto err; - if (!EC_POINT_mul(eckey->group, pub_key, priv_key, NULL, NULL, NULL)) - goto err; - - BN_free(eckey->priv_key); - eckey->priv_key = priv_key; - priv_key = NULL; - - EC_POINT_free(eckey->pub_key); - eckey->pub_key = pub_key; - pub_key = NULL; - - ret = 1; - - err: - EC_POINT_free(pub_key); - BN_free(priv_key); - - return ret; -} - -int -EC_KEY_check_key(const EC_KEY *eckey) -{ - BN_CTX *ctx = NULL; - EC_POINT *point = NULL; - const BIGNUM *order; - int ret = 0; - - if (eckey == NULL || eckey->group == NULL || eckey->pub_key == NULL) { - ECerror(ERR_R_PASSED_NULL_PARAMETER); - goto err; - } - - if (EC_POINT_is_at_infinity(eckey->group, eckey->pub_key)) { - ECerror(EC_R_POINT_AT_INFINITY); - goto err; - } - - if ((ctx = BN_CTX_new()) == NULL) - goto err; - - if ((point = EC_POINT_new(eckey->group)) == NULL) - goto err; - - /* Ensure public key is on the elliptic curve. */ - if (EC_POINT_is_on_curve(eckey->group, eckey->pub_key, ctx) <= 0) { - ECerror(EC_R_POINT_IS_NOT_ON_CURVE); - goto err; - } - - /* Ensure public key multiplied by the order is the point at infinity. */ - if ((order = EC_GROUP_get0_order(eckey->group)) == NULL) { - ECerror(EC_R_INVALID_GROUP_ORDER); - goto err; - } - if (!EC_POINT_mul(eckey->group, point, NULL, eckey->pub_key, order, ctx)) { - ECerror(ERR_R_EC_LIB); - goto err; - } - if (!EC_POINT_is_at_infinity(eckey->group, point)) { - ECerror(EC_R_WRONG_ORDER); - goto err; - } - - /* - * If the private key is present, ensure that the private key multiplied - * by the generator matches the public key. - */ - if (eckey->priv_key != NULL) { - if (BN_cmp(eckey->priv_key, order) >= 0) { - ECerror(EC_R_WRONG_ORDER); - goto err; - } - if (!EC_POINT_mul(eckey->group, point, eckey->priv_key, NULL, - NULL, ctx)) { - ECerror(ERR_R_EC_LIB); - goto err; - } - if (EC_POINT_cmp(eckey->group, point, eckey->pub_key, - ctx) != 0) { - ECerror(EC_R_INVALID_PRIVATE_KEY); - goto err; - } - } - - ret = 1; - - err: - BN_CTX_free(ctx); - EC_POINT_free(point); - - return ret; -} -LCRYPTO_ALIAS(EC_KEY_check_key); - -int -EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y) -{ - BN_CTX *ctx = NULL; - EC_POINT *point = NULL; - BIGNUM *tx, *ty; - int ret = 0; - - if (key == NULL || key->group == NULL || x == NULL || y == NULL) { - ECerror(ERR_R_PASSED_NULL_PARAMETER); - goto err; - } - - if ((ctx = BN_CTX_new()) == NULL) - goto err; - - BN_CTX_start(ctx); - - if ((tx = BN_CTX_get(ctx)) == NULL) - goto err; - if ((ty = BN_CTX_get(ctx)) == NULL) - goto err; - - if ((point = EC_POINT_new(key->group)) == NULL) - goto err; - - if (!EC_POINT_set_affine_coordinates(key->group, point, x, y, ctx)) - goto err; - if (!EC_POINT_get_affine_coordinates(key->group, point, tx, ty, ctx)) - goto err; - - /* - * Check if retrieved coordinates match originals: if not values are - * out of range. - */ - if (BN_cmp(x, tx) != 0 || BN_cmp(y, ty) != 0) { - ECerror(EC_R_COORDINATES_OUT_OF_RANGE); - goto err; - } - if (!EC_KEY_set_public_key(key, point)) - goto err; - if (EC_KEY_check_key(key) == 0) - goto err; - - ret = 1; - - err: - BN_CTX_end(ctx); - BN_CTX_free(ctx); - EC_POINT_free(point); - - return ret; -} -LCRYPTO_ALIAS(EC_KEY_set_public_key_affine_coordinates); - -const EC_GROUP * -EC_KEY_get0_group(const EC_KEY *key) -{ - return key->group; -} -LCRYPTO_ALIAS(EC_KEY_get0_group); - -int -EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group) -{ - if (key->meth->set_group != NULL && - key->meth->set_group(key, group) == 0) - return 0; - EC_GROUP_free(key->group); - key->group = EC_GROUP_dup(group); - return (key->group == NULL) ? 0 : 1; -} -LCRYPTO_ALIAS(EC_KEY_set_group); - -const BIGNUM * -EC_KEY_get0_private_key(const EC_KEY *key) -{ - return key->priv_key; -} -LCRYPTO_ALIAS(EC_KEY_get0_private_key); - -int -EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *priv_key) -{ - if (key->meth->set_private != NULL && - key->meth->set_private(key, priv_key) == 0) - return 0; - - BN_free(key->priv_key); - if ((key->priv_key = BN_dup(priv_key)) == NULL) - return 0; - - return 1; -} -LCRYPTO_ALIAS(EC_KEY_set_private_key); - -const EC_POINT * -EC_KEY_get0_public_key(const EC_KEY *key) -{ - return key->pub_key; -} -LCRYPTO_ALIAS(EC_KEY_get0_public_key); - -int -EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub_key) -{ - if (key->meth->set_public != NULL && - key->meth->set_public(key, pub_key) == 0) - return 0; - - EC_POINT_free(key->pub_key); - if ((key->pub_key = EC_POINT_dup(pub_key, key->group)) == NULL) - return 0; - - return 1; -} -LCRYPTO_ALIAS(EC_KEY_set_public_key); - -unsigned int -EC_KEY_get_enc_flags(const EC_KEY *key) -{ - return key->enc_flag; -} -LCRYPTO_ALIAS(EC_KEY_get_enc_flags); - -void -EC_KEY_set_enc_flags(EC_KEY *key, unsigned int flags) -{ - key->enc_flag = flags; -} -LCRYPTO_ALIAS(EC_KEY_set_enc_flags); - -point_conversion_form_t -EC_KEY_get_conv_form(const EC_KEY *key) -{ - return key->conv_form; -} -LCRYPTO_ALIAS(EC_KEY_get_conv_form); - -void -EC_KEY_set_conv_form(EC_KEY *key, point_conversion_form_t cform) -{ - key->conv_form = cform; - if (key->group != NULL) - EC_GROUP_set_point_conversion_form(key->group, cform); -} -LCRYPTO_ALIAS(EC_KEY_set_conv_form); - -void -EC_KEY_set_asn1_flag(EC_KEY *key, int flag) -{ - if (key->group != NULL) - EC_GROUP_set_asn1_flag(key->group, flag); -} -LCRYPTO_ALIAS(EC_KEY_set_asn1_flag); - -int -EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx) -{ - if (key->group == NULL) - return 0; - return 1; -} -LCRYPTO_ALIAS(EC_KEY_precompute_mult); - -int -EC_KEY_get_flags(const EC_KEY *key) -{ - return key->flags; -} -LCRYPTO_ALIAS(EC_KEY_get_flags); - -void -EC_KEY_set_flags(EC_KEY *key, int flags) -{ - key->flags |= flags; -} -LCRYPTO_ALIAS(EC_KEY_set_flags); - -void -EC_KEY_clear_flags(EC_KEY *key, int flags) -{ - key->flags &= ~flags; -} -LCRYPTO_ALIAS(EC_KEY_clear_flags); - -const EC_KEY_METHOD * -EC_KEY_get_method(const EC_KEY *key) -{ - return key->meth; -} -LCRYPTO_ALIAS(EC_KEY_get_method); - -int -EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth) -{ - void (*finish)(EC_KEY *key) = key->meth->finish; - - if (finish != NULL) - finish(key); - - key->meth = meth; - if (meth->init != NULL) - return meth->init(key); - return 1; -} -LCRYPTO_ALIAS(EC_KEY_set_method); - -EC_KEY * -EC_KEY_new_method(ENGINE *engine) -{ - EC_KEY *ret; - - if ((ret = calloc(1, sizeof(EC_KEY))) == NULL) { - ECerror(ERR_R_MALLOC_FAILURE); - return NULL; - } - ret->meth = EC_KEY_get_default_method(); - ret->version = 1; - ret->flags = 0; - ret->group = NULL; - ret->pub_key = NULL; - ret->priv_key = NULL; - ret->enc_flag = 0; - ret->conv_form = POINT_CONVERSION_UNCOMPRESSED; - ret->references = 1; - - if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, &ret->ex_data)) - goto err; - if (ret->meth->init != NULL && ret->meth->init(ret) == 0) - goto err; - - return ret; - - err: - EC_KEY_free(ret); - return NULL; -} -LCRYPTO_ALIAS(EC_KEY_new_method); - -#define EC_KEY_METHOD_DYNAMIC 1 - -EC_KEY_METHOD * -EC_KEY_METHOD_new(const EC_KEY_METHOD *meth) -{ - EC_KEY_METHOD *ret; - - if ((ret = calloc(1, sizeof(*meth))) == NULL) - return NULL; - if (meth != NULL) - *ret = *meth; - ret->flags |= EC_KEY_METHOD_DYNAMIC; - return ret; -} -LCRYPTO_ALIAS(EC_KEY_METHOD_new); - -void -EC_KEY_METHOD_free(EC_KEY_METHOD *meth) -{ - if (meth == NULL) - return; - if (meth->flags & EC_KEY_METHOD_DYNAMIC) - free(meth); -} -LCRYPTO_ALIAS(EC_KEY_METHOD_free); - -void -EC_KEY_METHOD_set_init(EC_KEY_METHOD *meth, - int (*init)(EC_KEY *key), - void (*finish)(EC_KEY *key), - int (*copy)(EC_KEY *dest, const EC_KEY *src), - int (*set_group)(EC_KEY *key, const EC_GROUP *grp), - int (*set_private)(EC_KEY *key, const BIGNUM *priv_key), - int (*set_public)(EC_KEY *key, const EC_POINT *pub_key)) -{ - meth->init = init; - meth->finish = finish; - meth->copy = copy; - meth->set_group = set_group; - meth->set_private = set_private; - meth->set_public = set_public; -} -LCRYPTO_ALIAS(EC_KEY_METHOD_set_init); - -void -EC_KEY_METHOD_set_keygen(EC_KEY_METHOD *meth, int (*keygen)(EC_KEY *key)) -{ - meth->keygen = keygen; -} -LCRYPTO_ALIAS(EC_KEY_METHOD_set_keygen); - -void -EC_KEY_METHOD_set_compute_key(EC_KEY_METHOD *meth, - int (*ckey)(unsigned char **out, size_t *out_len, const EC_POINT *pub_key, - const EC_KEY *ecdh)) -{ - meth->compute_key = ckey; -} -LCRYPTO_ALIAS(EC_KEY_METHOD_set_compute_key); - -void -EC_KEY_METHOD_set_sign(EC_KEY_METHOD *meth, - int (*sign)(int type, const unsigned char *dgst, - int dlen, unsigned char *sig, unsigned int *siglen, - const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey), - int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in, - BIGNUM **kinvp, BIGNUM **rp), - ECDSA_SIG *(*sign_sig)(const unsigned char *dgst, - int dgst_len, const BIGNUM *in_kinv, - const BIGNUM *in_r, EC_KEY *eckey)) -{ - meth->sign = sign; - meth->sign_setup = sign_setup; - meth->sign_sig = sign_sig; -} -LCRYPTO_ALIAS(EC_KEY_METHOD_set_sign); - -void -EC_KEY_METHOD_set_verify(EC_KEY_METHOD *meth, - int (*verify)(int type, const unsigned char *dgst, int dgst_len, - const unsigned char *sigbuf, int sig_len, EC_KEY *eckey), - int (*verify_sig)(const unsigned char *dgst, int dgst_len, - const ECDSA_SIG *sig, EC_KEY *eckey)) -{ - meth->verify = verify; - meth->verify_sig = verify_sig; -} -LCRYPTO_ALIAS(EC_KEY_METHOD_set_verify); - - -void -EC_KEY_METHOD_get_init(const EC_KEY_METHOD *meth, - int (**pinit)(EC_KEY *key), - void (**pfinish)(EC_KEY *key), - int (**pcopy)(EC_KEY *dest, const EC_KEY *src), - int (**pset_group)(EC_KEY *key, const EC_GROUP *grp), - int (**pset_private)(EC_KEY *key, const BIGNUM *priv_key), - int (**pset_public)(EC_KEY *key, const EC_POINT *pub_key)) -{ - if (pinit != NULL) - *pinit = meth->init; - if (pfinish != NULL) - *pfinish = meth->finish; - if (pcopy != NULL) - *pcopy = meth->copy; - if (pset_group != NULL) - *pset_group = meth->set_group; - if (pset_private != NULL) - *pset_private = meth->set_private; - if (pset_public != NULL) - *pset_public = meth->set_public; -} -LCRYPTO_ALIAS(EC_KEY_METHOD_get_init); - -void -EC_KEY_METHOD_get_keygen(const EC_KEY_METHOD *meth, - int (**pkeygen)(EC_KEY *key)) -{ - if (pkeygen != NULL) - *pkeygen = meth->keygen; -} -LCRYPTO_ALIAS(EC_KEY_METHOD_get_keygen); - -void -EC_KEY_METHOD_get_compute_key(const EC_KEY_METHOD *meth, - int (**pck)(unsigned char **out, size_t *out_len, const EC_POINT *pub_key, - const EC_KEY *ecdh)) -{ - if (pck != NULL) - *pck = meth->compute_key; -} -LCRYPTO_ALIAS(EC_KEY_METHOD_get_compute_key); - -void -EC_KEY_METHOD_get_sign(const EC_KEY_METHOD *meth, - int (**psign)(int type, const unsigned char *dgst, - int dlen, unsigned char *sig, unsigned int *siglen, - const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey), - int (**psign_setup)(EC_KEY *eckey, BN_CTX *ctx_in, - BIGNUM **kinvp, BIGNUM **rp), - ECDSA_SIG *(**psign_sig)(const unsigned char *dgst, - int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, - EC_KEY *eckey)) -{ - if (psign != NULL) - *psign = meth->sign; - if (psign_setup != NULL) - *psign_setup = meth->sign_setup; - if (psign_sig != NULL) - *psign_sig = meth->sign_sig; -} -LCRYPTO_ALIAS(EC_KEY_METHOD_get_sign); - -void -EC_KEY_METHOD_get_verify(const EC_KEY_METHOD *meth, - int (**pverify)(int type, const unsigned char *dgst, int dgst_len, - const unsigned char *sigbuf, int sig_len, EC_KEY *eckey), - int (**pverify_sig)(const unsigned char *dgst, int dgst_len, - const ECDSA_SIG *sig, EC_KEY *eckey)) -{ - if (pverify != NULL) - *pverify = meth->verify; - if (pverify_sig != NULL) - *pverify_sig = meth->verify_sig; -} -LCRYPTO_ALIAS(EC_KEY_METHOD_get_verify); - -static const EC_KEY_METHOD openssl_ec_key_method = { - .name = "OpenSSL EC_KEY method", - .flags = 0, - - .init = NULL, - .finish = NULL, - .copy = NULL, - - .set_group = NULL, - .set_private = NULL, - .set_public = NULL, - - .keygen = ec_key_gen, - .compute_key = ecdh_compute_key, - - .sign = ecdsa_sign, - .sign_setup = ecdsa_sign_setup, - .sign_sig = ecdsa_sign_sig, - - .verify = ecdsa_verify, - .verify_sig = ecdsa_verify_sig, -}; - -const EC_KEY_METHOD * -EC_KEY_OpenSSL(void) -{ - return &openssl_ec_key_method; -} -LCRYPTO_ALIAS(EC_KEY_OpenSSL); - -const EC_KEY_METHOD *default_ec_key_meth = &openssl_ec_key_method; - -const EC_KEY_METHOD * -EC_KEY_get_default_method(void) -{ - return default_ec_key_meth; -} -LCRYPTO_ALIAS(EC_KEY_get_default_method); - -void -EC_KEY_set_default_method(const EC_KEY_METHOD *meth) -{ - if (meth == NULL) - default_ec_key_meth = &openssl_ec_key_method; - else - default_ec_key_meth = meth; -} -LCRYPTO_ALIAS(EC_KEY_set_default_method); diff --git a/src/lib/libcrypto/ec/ec_lib.c b/src/lib/libcrypto/ec/ec_lib.c deleted file mode 100644 index 7982d23f06..0000000000 --- a/src/lib/libcrypto/ec/ec_lib.c +++ /dev/null @@ -1,1369 +0,0 @@ -/* $OpenBSD: ec_lib.c,v 1.123 2025/03/24 13:07:04 jsing Exp $ */ -/* - * Originally written by Bodo Moeller for the OpenSSL project. - */ -/* ==================================================================== - * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * Binary polynomial ECC support in OpenSSL originally developed by - * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. - */ - -#include -#include - -#include - -#include -#include -#include -#include -#include - -#include "bn_local.h" -#include "ec_local.h" - -EC_GROUP * -EC_GROUP_new(const EC_METHOD *meth) -{ - EC_GROUP *group = NULL; - - if (meth == NULL) { - ECerror(EC_R_SLOT_FULL); - goto err; - } - if ((group = calloc(1, sizeof(*group))) == NULL) { - ECerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - group->meth = meth; - - group->asn1_flag = OPENSSL_EC_NAMED_CURVE; - group->asn1_form = POINT_CONVERSION_UNCOMPRESSED; - - if ((group->p = BN_new()) == NULL) - goto err; - if ((group->a = BN_new()) == NULL) - goto err; - if ((group->b = BN_new()) == NULL) - goto err; - - if ((group->order = BN_new()) == NULL) - goto err; - if ((group->cofactor = BN_new()) == NULL) - goto err; - - /* - * generator, seed and mont_ctx are optional. - */ - - return group; - - err: - EC_GROUP_free(group); - - return NULL; -} - -void -EC_GROUP_free(EC_GROUP *group) -{ - if (group == NULL) - return; - - BN_free(group->p); - BN_free(group->a); - BN_free(group->b); - - BN_MONT_CTX_free(group->mont_ctx); - - EC_POINT_free(group->generator); - BN_free(group->order); - BN_free(group->cofactor); - - freezero(group->seed, group->seed_len); - freezero(group, sizeof *group); -} -LCRYPTO_ALIAS(EC_GROUP_free); - -void -EC_GROUP_clear_free(EC_GROUP *group) -{ - EC_GROUP_free(group); -} -LCRYPTO_ALIAS(EC_GROUP_clear_free); - -static int -EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src) -{ - if (dst->meth != src->meth) { - ECerror(EC_R_INCOMPATIBLE_OBJECTS); - return 0; - } - if (dst == src) - return 1; - - if (!bn_copy(dst->p, src->p)) - return 0; - if (!bn_copy(dst->a, src->a)) - return 0; - if (!bn_copy(dst->b, src->b)) - return 0; - - dst->a_is_minus3 = src->a_is_minus3; - - BN_MONT_CTX_free(dst->mont_ctx); - dst->mont_ctx = NULL; - if (src->mont_ctx != NULL) { - if ((dst->mont_ctx = BN_MONT_CTX_new()) == NULL) - return 0; - if (!BN_MONT_CTX_copy(dst->mont_ctx, src->mont_ctx)) - return 0; - } - - EC_POINT_free(dst->generator); - dst->generator = NULL; - if (src->generator != NULL) { - if (!EC_GROUP_set_generator(dst, src->generator, src->order, - src->cofactor)) - return 0; - } else { - /* XXX - should do the sanity checks as in set_generator() */ - if (!bn_copy(dst->order, src->order)) - return 0; - if (!bn_copy(dst->cofactor, src->cofactor)) - return 0; - } - - dst->nid = src->nid; - dst->asn1_flag = src->asn1_flag; - dst->asn1_form = src->asn1_form; - - if (!EC_GROUP_set_seed(dst, src->seed, src->seed_len)) - return 0; - - return 1; -} - -EC_GROUP * -EC_GROUP_dup(const EC_GROUP *in_group) -{ - EC_GROUP *group = NULL; - - if (in_group == NULL) - goto err; - - if ((group = EC_GROUP_new(in_group->meth)) == NULL) - goto err; - if (!EC_GROUP_copy(group, in_group)) - goto err; - - return group; - - err: - EC_GROUP_free(group); - - return NULL; -} -LCRYPTO_ALIAS(EC_GROUP_dup); - -/* - * If there is a user-provided cofactor, sanity check and use it. Otherwise - * try computing the cofactor from generator order n and field cardinality p. - * This works for all curves of cryptographic interest. - * - * Hasse's theorem: | h * n - (p + 1) | <= 2 * sqrt(p) - * - * So: h_min = (p + 1 - 2*sqrt(p)) / n and h_max = (p + 1 + 2*sqrt(p)) / n and - * therefore h_max - h_min = 4*sqrt(p) / n. So if n > 4*sqrt(p) holds, there is - * only one possible value for h: - * - * h = \lfloor (h_min + h_max)/2 \rceil = \lfloor (p + 1)/n \rceil - * - * Otherwise, zero cofactor and return success. - */ -static int -ec_set_cofactor(EC_GROUP *group, const BIGNUM *in_cofactor) -{ - BN_CTX *ctx = NULL; - BIGNUM *cofactor; - int ret = 0; - - BN_zero(group->cofactor); - - if ((ctx = BN_CTX_new()) == NULL) - goto err; - - BN_CTX_start(ctx); - if ((cofactor = BN_CTX_get(ctx)) == NULL) - goto err; - - /* - * Unfortunately, the cofactor is an optional field in many standards. - * Internally, the library uses a 0 cofactor as a marker for "unknown - * cofactor". So accept in_cofactor == NULL or in_cofactor >= 0. - */ - if (in_cofactor != NULL && !BN_is_zero(in_cofactor)) { - if (BN_is_negative(in_cofactor)) { - ECerror(EC_R_UNKNOWN_COFACTOR); - goto err; - } - if (!bn_copy(cofactor, in_cofactor)) - goto err; - goto done; - } - - /* - * If the cofactor is too large, we cannot guess it and default to zero. - * The RHS of below is a strict overestimate of log(4 * sqrt(p)). - */ - if (BN_num_bits(group->order) <= (BN_num_bits(group->p) + 1) / 2 + 3) - goto done; - - /* - * Compute - * h = \lfloor (p + 1)/n \rceil = \lfloor (p + 1 + n/2) / n \rfloor. - */ - - /* h = n/2 */ - if (!BN_rshift1(cofactor, group->order)) - goto err; - /* h = 1 + n/2 */ - if (!BN_add_word(cofactor, 1)) - goto err; - /* h = p + 1 + n/2 */ - if (!BN_add(cofactor, cofactor, group->p)) - goto err; - /* h = (p + 1 + n/2) / n */ - if (!BN_div_ct(cofactor, NULL, cofactor, group->order, ctx)) - goto err; - - done: - /* Use Hasse's theorem to bound the cofactor. */ - if (BN_num_bits(cofactor) > BN_num_bits(group->p) + 1) { - ECerror(EC_R_INVALID_GROUP_ORDER); - goto err; - } - - if (!bn_copy(group->cofactor, cofactor)) - goto err; - - ret = 1; - - err: - BN_CTX_end(ctx); - BN_CTX_free(ctx); - - return ret; -} - -int -EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, - const BIGNUM *order, const BIGNUM *cofactor) -{ - if (generator == NULL) { - ECerror(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - - /* Require p >= 1. */ - if (BN_is_zero(group->p) || BN_is_negative(group->p)) { - ECerror(EC_R_INVALID_FIELD); - return 0; - } - - /* - * Require order > 1 and enforce an upper bound of at most one bit more - * than the field cardinality due to Hasse's theorem. - */ - if (order == NULL || BN_cmp(order, BN_value_one()) <= 0 || - BN_num_bits(order) > BN_num_bits(group->p) + 1) { - ECerror(EC_R_INVALID_GROUP_ORDER); - return 0; - } - - if (group->generator == NULL) - group->generator = EC_POINT_new(group); - if (group->generator == NULL) - return 0; - - if (!EC_POINT_copy(group->generator, generator)) - return 0; - - if (!bn_copy(group->order, order)) - return 0; - - if (!ec_set_cofactor(group, cofactor)) - return 0; - - return 1; -} -LCRYPTO_ALIAS(EC_GROUP_set_generator); - -const EC_POINT * -EC_GROUP_get0_generator(const EC_GROUP *group) -{ - return group->generator; -} -LCRYPTO_ALIAS(EC_GROUP_get0_generator); - -int -EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx) -{ - if (!bn_copy(order, group->order)) - return 0; - - return !BN_is_zero(order); -} -LCRYPTO_ALIAS(EC_GROUP_get_order); - -const BIGNUM * -EC_GROUP_get0_order(const EC_GROUP *group) -{ - return group->order; -} - -int -EC_GROUP_order_bits(const EC_GROUP *group) -{ - return BN_num_bits(group->order); -} -LCRYPTO_ALIAS(EC_GROUP_order_bits); - -int -EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx) -{ - if (!bn_copy(cofactor, group->cofactor)) - return 0; - - return !BN_is_zero(group->cofactor); -} -LCRYPTO_ALIAS(EC_GROUP_get_cofactor); - -const BIGNUM * -EC_GROUP_get0_cofactor(const EC_GROUP *group) -{ - return group->cofactor; -} - -void -EC_GROUP_set_curve_name(EC_GROUP *group, int nid) -{ - group->nid = nid; -} -LCRYPTO_ALIAS(EC_GROUP_set_curve_name); - -int -EC_GROUP_get_curve_name(const EC_GROUP *group) -{ - return group->nid; -} -LCRYPTO_ALIAS(EC_GROUP_get_curve_name); - -void -EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag) -{ - group->asn1_flag = flag; -} -LCRYPTO_ALIAS(EC_GROUP_set_asn1_flag); - -int -EC_GROUP_get_asn1_flag(const EC_GROUP *group) -{ - return group->asn1_flag; -} -LCRYPTO_ALIAS(EC_GROUP_get_asn1_flag); - -void -EC_GROUP_set_point_conversion_form(EC_GROUP *group, - point_conversion_form_t form) -{ - group->asn1_form = form; -} -LCRYPTO_ALIAS(EC_GROUP_set_point_conversion_form); - -point_conversion_form_t -EC_GROUP_get_point_conversion_form(const EC_GROUP *group) -{ - return group->asn1_form; -} -LCRYPTO_ALIAS(EC_GROUP_get_point_conversion_form); - -size_t -EC_GROUP_set_seed(EC_GROUP *group, const unsigned char *seed, size_t len) -{ - free(group->seed); - group->seed = NULL; - group->seed_len = 0; - - if (seed == NULL || len == 0) - return 1; - - if ((group->seed = malloc(len)) == NULL) - return 0; - memcpy(group->seed, seed, len); - group->seed_len = len; - - return len; -} -LCRYPTO_ALIAS(EC_GROUP_set_seed); - -unsigned char * -EC_GROUP_get0_seed(const EC_GROUP *group) -{ - return group->seed; -} -LCRYPTO_ALIAS(EC_GROUP_get0_seed); - -size_t -EC_GROUP_get_seed_len(const EC_GROUP *group) -{ - return group->seed_len; -} -LCRYPTO_ALIAS(EC_GROUP_get_seed_len); - -int -EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, - const BIGNUM *b, BN_CTX *ctx_in) -{ - BN_CTX *ctx; - int ret = 0; - - if ((ctx = ctx_in) == NULL) - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - - if (group->meth->group_set_curve == NULL) { - ECerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - goto err; - } - ret = group->meth->group_set_curve(group, p, a, b, ctx); - - err: - if (ctx != ctx_in) - BN_CTX_free(ctx); - - return ret; -} -LCRYPTO_ALIAS(EC_GROUP_set_curve); - -int -EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, - BN_CTX *ctx_in) -{ - BN_CTX *ctx; - int ret = 0; - - if ((ctx = ctx_in) == NULL) - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - - if (group->meth->group_get_curve == NULL) { - ECerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - goto err; - } - ret = group->meth->group_get_curve(group, p, a, b, ctx); - - err: - if (ctx != ctx_in) - BN_CTX_free(ctx); - - return ret; -} -LCRYPTO_ALIAS(EC_GROUP_get_curve); - -int -EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, - const BIGNUM *b, BN_CTX *ctx) -{ - return EC_GROUP_set_curve(group, p, a, b, ctx); -} -LCRYPTO_ALIAS(EC_GROUP_set_curve_GFp); - -int -EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, - BN_CTX *ctx) -{ - return EC_GROUP_get_curve(group, p, a, b, ctx); -} -LCRYPTO_ALIAS(EC_GROUP_get_curve_GFp); - -EC_GROUP * -EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, - BN_CTX *ctx) -{ - EC_GROUP *group; - - if ((group = EC_GROUP_new(EC_GFp_mont_method())) == NULL) - goto err; - - if (!EC_GROUP_set_curve(group, p, a, b, ctx)) - goto err; - - return group; - - err: - EC_GROUP_free(group); - - return NULL; -} -LCRYPTO_ALIAS(EC_GROUP_new_curve_GFp); - -int -EC_GROUP_get_degree(const EC_GROUP *group) -{ - return BN_num_bits(group->p); -} -LCRYPTO_ALIAS(EC_GROUP_get_degree); - -int -EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx_in) -{ - BN_CTX *ctx; - BIGNUM *p, *a, *b, *discriminant; - int ret = 0; - - if ((ctx = ctx_in) == NULL) - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - - BN_CTX_start(ctx); - - if ((p = BN_CTX_get(ctx)) == NULL) - goto err; - if ((a = BN_CTX_get(ctx)) == NULL) - goto err; - if ((b = BN_CTX_get(ctx)) == NULL) - goto err; - if ((discriminant = BN_CTX_get(ctx)) == NULL) - goto err; - - if (!EC_GROUP_get_curve(group, p, a, b, ctx)) - goto err; - - /* - * Check that the discriminant 4a^3 + 27b^2 is non-zero modulo p - * assuming that p > 3 is prime and that a and b are in [0, p). - */ - - if (BN_is_zero(a) && BN_is_zero(b)) - goto err; - if (BN_is_zero(a) || BN_is_zero(b)) - goto done; - - /* Compute the discriminant: first 4a^3, then 27b^2, then their sum. */ - if (!BN_mod_sqr(discriminant, a, p, ctx)) - goto err; - if (!BN_mod_mul(discriminant, discriminant, a, p, ctx)) - goto err; - if (!BN_lshift(discriminant, discriminant, 2)) - goto err; - - if (!BN_mod_sqr(b, b, p, ctx)) - goto err; - if (!BN_mul_word(b, 27)) - goto err; - - if (!BN_mod_add(discriminant, discriminant, b, p, ctx)) - goto err; - - if (BN_is_zero(discriminant)) - goto err; - - done: - ret = 1; - - err: - if (ctx != ctx_in) - BN_CTX_free(ctx); - - return ret; -} -LCRYPTO_ALIAS(EC_GROUP_check_discriminant); - -int -EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx_in) -{ - BN_CTX *ctx; - EC_POINT *point = NULL; - const EC_POINT *generator; - const BIGNUM *order; - int ret = 0; - - if ((ctx = ctx_in) == NULL) - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - - if (!EC_GROUP_check_discriminant(group, ctx)) { - ECerror(EC_R_DISCRIMINANT_IS_ZERO); - goto err; - } - - if ((generator = EC_GROUP_get0_generator(group)) == NULL) { - ECerror(EC_R_UNDEFINED_GENERATOR); - goto err; - } - if (EC_POINT_is_on_curve(group, generator, ctx) <= 0) { - ECerror(EC_R_POINT_IS_NOT_ON_CURVE); - goto err; - } - - if ((point = EC_POINT_new(group)) == NULL) - goto err; - if ((order = EC_GROUP_get0_order(group)) == NULL) - goto err; - if (BN_is_zero(order)) { - ECerror(EC_R_UNDEFINED_ORDER); - goto err; - } - if (!EC_POINT_mul(group, point, order, NULL, NULL, ctx)) - goto err; - if (!EC_POINT_is_at_infinity(group, point)) { - ECerror(EC_R_INVALID_GROUP_ORDER); - goto err; - } - - ret = 1; - - err: - if (ctx != ctx_in) - BN_CTX_free(ctx); - - EC_POINT_free(point); - - return ret; -} -LCRYPTO_ALIAS(EC_GROUP_check); - -/* - * Returns -1 on error, 0 if the groups are equal, 1 if they are distinct. - */ -int -EC_GROUP_cmp(const EC_GROUP *group1, const EC_GROUP *group2, BN_CTX *ctx_in) -{ - BN_CTX *ctx = NULL; - BIGNUM *p1, *a1, *b1, *p2, *a2, *b2; - const EC_POINT *generator1, *generator2; - const BIGNUM *order1, *order2, *cofactor1, *cofactor2; - int nid1, nid2; - int cmp = 1; - int ret = -1; - - if ((ctx = ctx_in) == NULL) - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - - BN_CTX_start(ctx); - - if ((nid1 = EC_GROUP_get_curve_name(group1)) != NID_undef && - (nid2 = EC_GROUP_get_curve_name(group2)) != NID_undef) { - if (nid1 != nid2) - goto distinct; - } - - if ((p1 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((a1 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((b1 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((p2 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((a2 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((b2 = BN_CTX_get(ctx)) == NULL) - goto err; - - /* - * If we ever support curves in non-Weierstrass form, this check needs - * to be adjusted. The comparison of the generators will fail anyway. - */ - if (!EC_GROUP_get_curve(group1, p1, a1, b1, ctx)) - goto err; - if (!EC_GROUP_get_curve(group2, p2, a2, b2, ctx)) - goto err; - - if (BN_cmp(p1, p2) != 0 || BN_cmp(a1, a2) != 0 || BN_cmp(b1, b2) != 0) - goto distinct; - - if ((generator1 = EC_GROUP_get0_generator(group1)) == NULL) - goto err; - if ((generator2 = EC_GROUP_get0_generator(group2)) == NULL) - goto err; - - /* - * It does not matter whether group1 or group2 is used: both points must - * have a matching method for this to succeed. - */ - if ((cmp = EC_POINT_cmp(group1, generator1, generator2, ctx)) < 0) - goto err; - if (cmp == 1) - goto distinct; - cmp = 1; - - if ((order1 = EC_GROUP_get0_order(group1)) == NULL) - goto err; - if ((order2 = EC_GROUP_get0_order(group2)) == NULL) - goto err; - - if ((cofactor1 = EC_GROUP_get0_cofactor(group1)) == NULL) - goto err; - if ((cofactor2 = EC_GROUP_get0_cofactor(group2)) == NULL) - goto err; - - if (BN_cmp(order1, order2) != 0 || BN_cmp(cofactor1, cofactor2) != 0) - goto distinct; - - /* All parameters match: the groups are equal. */ - cmp = 0; - - distinct: - ret = cmp; - - err: - BN_CTX_end(ctx); - - if (ctx != ctx_in) - BN_CTX_free(ctx); - - return ret; -} -LCRYPTO_ALIAS(EC_GROUP_cmp); - -EC_POINT * -EC_POINT_new(const EC_GROUP *group) -{ - EC_POINT *point = NULL; - - if (group == NULL) { - ECerror(ERR_R_PASSED_NULL_PARAMETER); - goto err; - } - - if ((point = calloc(1, sizeof(*point))) == NULL) { - ECerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - if ((point->X = BN_new()) == NULL) - goto err; - if ((point->Y = BN_new()) == NULL) - goto err; - if ((point->Z = BN_new()) == NULL) - goto err; - - point->meth = group->meth; - - return point; - - err: - EC_POINT_free(point); - - return NULL; -} -LCRYPTO_ALIAS(EC_POINT_new); - -void -EC_POINT_free(EC_POINT *point) -{ - if (point == NULL) - return; - - BN_free(point->X); - BN_free(point->Y); - BN_free(point->Z); - - freezero(point, sizeof *point); -} -LCRYPTO_ALIAS(EC_POINT_free); - -void -EC_POINT_clear_free(EC_POINT *point) -{ - EC_POINT_free(point); -} -LCRYPTO_ALIAS(EC_POINT_clear_free); - -int -EC_POINT_copy(EC_POINT *dst, const EC_POINT *src) -{ - if (dst->meth != src->meth) { - ECerror(EC_R_INCOMPATIBLE_OBJECTS); - return 0; - } - if (dst == src) - return 1; - - if (!bn_copy(dst->X, src->X)) - return 0; - if (!bn_copy(dst->Y, src->Y)) - return 0; - if (!bn_copy(dst->Z, src->Z)) - return 0; - dst->Z_is_one = src->Z_is_one; - - return 1; -} -LCRYPTO_ALIAS(EC_POINT_copy); - -EC_POINT * -EC_POINT_dup(const EC_POINT *in_point, const EC_GROUP *group) -{ - EC_POINT *point = NULL; - - if (in_point == NULL) - goto err; - - if ((point = EC_POINT_new(group)) == NULL) - goto err; - - if (!EC_POINT_copy(point, in_point)) - goto err; - - return point; - - err: - EC_POINT_free(point); - - return NULL; -} -LCRYPTO_ALIAS(EC_POINT_dup); - -int -EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point) -{ - if (group->meth != point->meth) { - ECerror(EC_R_INCOMPATIBLE_OBJECTS); - return 0; - } - - BN_zero(point->Z); - point->Z_is_one = 0; - - return 1; -} -LCRYPTO_ALIAS(EC_POINT_set_to_infinity); - -int -EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *point, - const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx_in) -{ - BN_CTX *ctx; - int ret = 0; - - if ((ctx = ctx_in) == NULL) - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - - if (group->meth->point_set_affine_coordinates == NULL) { - ECerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - goto err; - } - if (group->meth != point->meth) { - ECerror(EC_R_INCOMPATIBLE_OBJECTS); - goto err; - } - if (!group->meth->point_set_affine_coordinates(group, point, x, y, ctx)) - goto err; - - if (EC_POINT_is_on_curve(group, point, ctx) <= 0) { - ECerror(EC_R_POINT_IS_NOT_ON_CURVE); - goto err; - } - - ret = 1; - - err: - if (ctx != ctx_in) - BN_CTX_free(ctx); - - return ret; -} -LCRYPTO_ALIAS(EC_POINT_set_affine_coordinates); - -int -EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, - const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx) -{ - return EC_POINT_set_affine_coordinates(group, point, x, y, ctx); -} -LCRYPTO_ALIAS(EC_POINT_set_affine_coordinates_GFp); - -int -EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *point, - BIGNUM *x, BIGNUM *y, BN_CTX *ctx_in) -{ - BN_CTX *ctx = NULL; - int ret = 0; - - if (EC_POINT_is_at_infinity(group, point) > 0) { - ECerror(EC_R_POINT_AT_INFINITY); - goto err; - } - - if ((ctx = ctx_in) == NULL) - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - - if (group->meth->point_get_affine_coordinates == NULL) { - ECerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - goto err; - } - if (group->meth != point->meth) { - ECerror(EC_R_INCOMPATIBLE_OBJECTS); - goto err; - } - ret = group->meth->point_get_affine_coordinates(group, point, x, y, ctx); - - err: - if (ctx != ctx_in) - BN_CTX_free(ctx); - - return ret; -} -LCRYPTO_ALIAS(EC_POINT_get_affine_coordinates); - -int -EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, const EC_POINT *point, - BIGNUM *x, BIGNUM *y, BN_CTX *ctx) -{ - return EC_POINT_get_affine_coordinates(group, point, x, y, ctx); -} -LCRYPTO_ALIAS(EC_POINT_get_affine_coordinates_GFp); - -int -EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point, - const BIGNUM *in_x, int y_bit, BN_CTX *ctx_in) -{ - BIGNUM *p, *a, *b, *w, *x, *y; - BN_CTX *ctx; - int ret = 0; - - if ((ctx = ctx_in) == NULL) - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - - y_bit = (y_bit != 0); - - BN_CTX_start(ctx); - - if ((p = BN_CTX_get(ctx)) == NULL) - goto err; - if ((a = BN_CTX_get(ctx)) == NULL) - goto err; - if ((b = BN_CTX_get(ctx)) == NULL) - goto err; - if ((w = BN_CTX_get(ctx)) == NULL) - goto err; - if ((x = BN_CTX_get(ctx)) == NULL) - goto err; - if ((y = BN_CTX_get(ctx)) == NULL) - goto err; - - /* - * Weierstrass equation: y^2 = x^3 + ax + b, so y is one of the - * square roots of x^3 + ax + b. The y-bit indicates which one. - */ - - if (!EC_GROUP_get_curve(group, p, a, b, ctx)) - goto err; - - /* XXX - should we not insist on 0 <= x < p instead? */ - if (!BN_nnmod(x, in_x, p, ctx)) - goto err; - - /* y = x^3 */ - if (!BN_mod_sqr(y, x, p, ctx)) - goto err; - if (!BN_mod_mul(y, y, x, p, ctx)) - goto err; - - /* y += ax */ - if (group->a_is_minus3) { - if (!BN_mod_lshift1_quick(w, x, p)) - goto err; - if (!BN_mod_add_quick(w, w, x, p)) - goto err; - if (!BN_mod_sub_quick(y, y, w, p)) - goto err; - } else { - if (!BN_mod_mul(w, a, x, p, ctx)) - goto err; - if (!BN_mod_add_quick(y, y, w, p)) - goto err; - } - - /* y += b */ - if (!BN_mod_add_quick(y, y, b, p)) - goto err; - - if (!BN_mod_sqrt(y, y, p, ctx)) { - ECerror(EC_R_INVALID_COMPRESSED_POINT); - goto err; - } - - if (y_bit == BN_is_odd(y)) - goto done; - - if (BN_is_zero(y)) { - ECerror(EC_R_INVALID_COMPRESSION_BIT); - goto err; - } - if (!BN_usub(y, p, y)) - goto err; - - if (y_bit != BN_is_odd(y)) { - /* Can only happen if p is even and should not be reachable. */ - ECerror(ERR_R_INTERNAL_ERROR); - goto err; - } - - done: - if (!EC_POINT_set_affine_coordinates(group, point, x, y, ctx)) - goto err; - - ret = 1; - - err: - BN_CTX_end(ctx); - - if (ctx != ctx_in) - BN_CTX_free(ctx); - - return ret; -} -LCRYPTO_ALIAS(EC_POINT_set_compressed_coordinates); - -int -EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, - const BIGNUM *x, int y_bit, BN_CTX *ctx) -{ - return EC_POINT_set_compressed_coordinates(group, point, x, y_bit, ctx); -} -LCRYPTO_ALIAS(EC_POINT_set_compressed_coordinates_GFp); - -int -EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, - const EC_POINT *b, BN_CTX *ctx_in) -{ - BN_CTX *ctx; - int ret = 0; - - if ((ctx = ctx_in) == NULL) - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - - if (group->meth->add == NULL) { - ECerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - goto err; - } - if (group->meth != r->meth || group->meth != a->meth || - group->meth != b->meth) { - ECerror(EC_R_INCOMPATIBLE_OBJECTS); - goto err; - } - ret = group->meth->add(group, r, a, b, ctx); - - err: - if (ctx != ctx_in) - BN_CTX_free(ctx); - - return ret; -} -LCRYPTO_ALIAS(EC_POINT_add); - -int -EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, - BN_CTX *ctx_in) -{ - BN_CTX *ctx; - int ret = 0; - - if ((ctx = ctx_in) == NULL) - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - - if (group->meth->dbl == NULL) { - ECerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - goto err; - } - if (group->meth != r->meth || r->meth != a->meth) { - ECerror(EC_R_INCOMPATIBLE_OBJECTS); - goto err; - } - ret = group->meth->dbl(group, r, a, ctx); - - err: - if (ctx != ctx_in) - BN_CTX_free(ctx); - - return ret; -} -LCRYPTO_ALIAS(EC_POINT_dbl); - -int -EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx_in) -{ - BN_CTX *ctx; - int ret = 0; - - if ((ctx = ctx_in) == NULL) - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - - if (group->meth->invert == NULL) { - ECerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - goto err; - } - if (group->meth != a->meth) { - ECerror(EC_R_INCOMPATIBLE_OBJECTS); - goto err; - } - ret = group->meth->invert(group, a, ctx); - - err: - if (ctx != ctx_in) - BN_CTX_free(ctx); - - return ret; -} -LCRYPTO_ALIAS(EC_POINT_invert); - -int -EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *point) -{ - if (group->meth != point->meth) { - ECerror(EC_R_INCOMPATIBLE_OBJECTS); - return 0; - } - - return BN_is_zero(point->Z); -} -LCRYPTO_ALIAS(EC_POINT_is_at_infinity); - -int -EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, - BN_CTX *ctx_in) -{ - BN_CTX *ctx; - int ret = -1; - - if ((ctx = ctx_in) == NULL) - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - - if (group->meth->point_is_on_curve == NULL) { - ECerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - goto err; - } - if (group->meth != point->meth) { - ECerror(EC_R_INCOMPATIBLE_OBJECTS); - goto err; - } - ret = group->meth->point_is_on_curve(group, point, ctx); - - err: - if (ctx != ctx_in) - BN_CTX_free(ctx); - - return ret; -} -LCRYPTO_ALIAS(EC_POINT_is_on_curve); - -int -EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, - BN_CTX *ctx_in) -{ - BN_CTX *ctx; - int ret = -1; - - if ((ctx = ctx_in) == NULL) - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - - if (group->meth->point_cmp == NULL) { - ECerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - goto err; - } - if (group->meth != a->meth || a->meth != b->meth) { - ECerror(EC_R_INCOMPATIBLE_OBJECTS); - goto err; - } - ret = group->meth->point_cmp(group, a, b, ctx); - - err: - if (ctx != ctx_in) - BN_CTX_free(ctx); - - return ret; -} -LCRYPTO_ALIAS(EC_POINT_cmp); - -int -EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx_in) -{ - BN_CTX *ctx; - BIGNUM *x, *y; - int ret = 0; - - if ((ctx = ctx_in) == NULL) - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - - BN_CTX_start(ctx); - - if ((x = BN_CTX_get(ctx)) == NULL) - goto err; - if ((y = BN_CTX_get(ctx)) == NULL) - goto err; - - if (!EC_POINT_get_affine_coordinates(group, point, x, y, ctx)) - goto err; - if (!EC_POINT_set_affine_coordinates(group, point, x, y, ctx)) - goto err; - - ret = 1; - - err: - BN_CTX_end(ctx); - - if (ctx != ctx_in) - BN_CTX_free(ctx); - - return ret; -} -LCRYPTO_ALIAS(EC_POINT_make_affine); - -int -EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar, - const EC_POINT *point, const BIGNUM *p_scalar, BN_CTX *ctx_in) -{ - BN_CTX *ctx; - int ret = 0; - - if ((ctx = ctx_in) == NULL) - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - - if (group->meth->mul_single_ct == NULL || - group->meth->mul_double_nonct == NULL) { - ECerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - goto err; - } - - if (g_scalar != NULL && group->generator == NULL) { - ECerror(EC_R_UNDEFINED_GENERATOR); - goto err; - } - - if (g_scalar != NULL && point == NULL && p_scalar == NULL) { - /* - * In this case we want to compute g_scalar * GeneratorPoint: - * this codepath is reached most prominently by (ephemeral) key - * generation of EC cryptosystems (i.e. ECDSA keygen and sign - * setup, ECDH keygen/first half), where the scalar is always - * secret. This is why we ignore if BN_FLG_CONSTTIME is actually - * set and we always call the constant time version. - */ - ret = group->meth->mul_single_ct(group, r, - g_scalar, group->generator, ctx); - } else if (g_scalar == NULL && point != NULL && p_scalar != NULL) { - /* - * In this case we want to compute p_scalar * GenericPoint: - * this codepath is reached most prominently by the second half - * of ECDH, where the secret scalar is multiplied by the peer's - * public point. To protect the secret scalar, we ignore if - * BN_FLG_CONSTTIME is actually set and we always call the - * constant time version. - */ - ret = group->meth->mul_single_ct(group, r, p_scalar, point, ctx); - } else if (g_scalar != NULL && point != NULL && p_scalar != NULL) { - /* - * In this case we want to compute - * g_scalar * GeneratorPoint + p_scalar * GenericPoint: - * this codepath is reached most prominently by ECDSA signature - * verification. So we call the non-ct version. - */ - ret = group->meth->mul_double_nonct(group, r, - g_scalar, group->generator, p_scalar, point, ctx); - } else { - /* Anything else is an error. */ - ECerror(ERR_R_EC_LIB); - goto err; - } - - err: - if (ctx != ctx_in) - BN_CTX_free(ctx); - - return ret; -} -LCRYPTO_ALIAS(EC_POINT_mul); diff --git a/src/lib/libcrypto/ec/ec_local.h b/src/lib/libcrypto/ec/ec_local.h deleted file mode 100644 index c7a54d3a2b..0000000000 --- a/src/lib/libcrypto/ec/ec_local.h +++ /dev/null @@ -1,254 +0,0 @@ -/* $OpenBSD: ec_local.h,v 1.67 2025/03/24 13:07:04 jsing Exp $ */ -/* - * Originally written by Bodo Moeller for the OpenSSL project. - */ -/* ==================================================================== - * Copyright (c) 1998-2010 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * - * Portions of the attached software ("Contribution") are developed by - * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. - * - * The Contribution is licensed pursuant to the OpenSSL open source - * license provided above. - * - * The elliptic curve binary polynomial software is originally written by - * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. - * - */ - -#include - -#include -#include -#include - -#include "bn_local.h" - -__BEGIN_HIDDEN_DECLS - -typedef struct ec_method_st { - int (*group_set_curve)(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, - const BIGNUM *b, BN_CTX *); - int (*group_get_curve)(const EC_GROUP *, BIGNUM *p, BIGNUM *a, - BIGNUM *b, BN_CTX *); - - int (*point_is_on_curve)(const EC_GROUP *, const EC_POINT *, BN_CTX *); - int (*point_cmp)(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b, - BN_CTX *); - - int (*point_set_affine_coordinates)(const EC_GROUP *, EC_POINT *, - const BIGNUM *x, const BIGNUM *y, BN_CTX *); - int (*point_get_affine_coordinates)(const EC_GROUP *, const EC_POINT *, - BIGNUM *x, BIGNUM *y, BN_CTX *); - - /* Only used by the wNAF code. */ - int (*points_make_affine)(const EC_GROUP *, size_t num, EC_POINT **, - BN_CTX *); - - int (*add)(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, - const EC_POINT *b, BN_CTX *); - int (*dbl)(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *); - int (*invert)(const EC_GROUP *, EC_POINT *, BN_CTX *); - - int (*mul_single_ct)(const EC_GROUP *group, EC_POINT *r, - const BIGNUM *scalar, const EC_POINT *point, BN_CTX *); - int (*mul_double_nonct)(const EC_GROUP *group, EC_POINT *r, - const BIGNUM *scalar1, const EC_POINT *point1, - const BIGNUM *scalar2, const EC_POINT *point2, BN_CTX *); - - /* - * These can be used by 'add' and 'dbl' so that the same implementations - * of point operations can be used with different optimized versions of - * expensive field operations. - */ - int (*field_mul)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, - const BIGNUM *b, BN_CTX *); - int (*field_sqr)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, - BN_CTX *); - - /* Encode to and decode from other forms (e.g. Montgomery). */ - int (*field_encode)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, - BN_CTX *); - int (*field_decode)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, - BN_CTX *); -} EC_METHOD; - -struct ec_group_st { - const EC_METHOD *meth; - - EC_POINT *generator; /* Optional */ - BIGNUM *order; - BIGNUM *cofactor; - - int nid; /* Optional NID for named curve. */ - - /* ASN.1 encoding controls. */ - int asn1_flag; - point_conversion_form_t asn1_form; - - /* Optional seed for parameters (appears in ASN.1). */ - unsigned char *seed; - size_t seed_len; - - /* - * Coefficients of the Weierstrass equation y^2 = x^3 + a*x + b (mod p). - */ - BIGNUM *p; - BIGNUM *a; - BIGNUM *b; - - /* Enables optimized point arithmetics for special case. */ - int a_is_minus3; - - /* Montgomery context used by EC_GFp_mont_method. */ - BN_MONT_CTX *mont_ctx; -} /* EC_GROUP */; - -struct ec_point_st { - const EC_METHOD *meth; - - /* - * Jacobian projective coordinates: (X, Y, Z) represents (X/Z^2, Y/Z^3) - * if Z != 0 - */ - BIGNUM *X; - BIGNUM *Y; - BIGNUM *Z; - int Z_is_one; /* enable optimized point arithmetics for special case */ -} /* EC_POINT */; - -const EC_METHOD *EC_GFp_simple_method(void); -const EC_METHOD *EC_GFp_mont_method(void); - -/* Compute r = scalar1 * point1 + scalar2 * point2 in non-constant time. */ -int ec_wnaf_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar1, - const EC_POINT *point1, const BIGNUM *scalar2, const EC_POINT *point2, - BN_CTX *ctx); - -int ec_group_is_builtin_curve(const EC_GROUP *group, int *out_nid); - -/* - * Wrappers around the unergonomic EC_POINT_{oct2point,point2oct}(). - */ -int ec_point_from_octets(const EC_GROUP *group, const unsigned char *buf, - size_t buf_len, EC_POINT **out_point, uint8_t *out_form, BN_CTX *ctx_in); -int ec_point_to_octets(const EC_GROUP *group, const EC_POINT *point, int form, - unsigned char **out_buf, size_t *len, BN_CTX *ctx_in); - -/* Public API in OpenSSL */ -const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group); -const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group); - -struct ec_key_method_st { - const char *name; - int32_t flags; - int (*init)(EC_KEY *key); - void (*finish)(EC_KEY *key); - int (*copy)(EC_KEY *dest, const EC_KEY *src); - int (*set_group)(EC_KEY *key, const EC_GROUP *grp); - int (*set_private)(EC_KEY *key, const BIGNUM *priv_key); - int (*set_public)(EC_KEY *key, const EC_POINT *pub_key); - int (*keygen)(EC_KEY *key); - int (*compute_key)(unsigned char **out, size_t *out_len, - const EC_POINT *pub_key, const EC_KEY *ecdh); - int (*sign)(int type, const unsigned char *dgst, int dlen, unsigned char - *sig, unsigned int *siglen, const BIGNUM *kinv, - const BIGNUM *r, EC_KEY *eckey); - int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, - BIGNUM **rp); - ECDSA_SIG *(*sign_sig)(const unsigned char *dgst, int dgst_len, - const BIGNUM *in_kinv, const BIGNUM *in_r, - EC_KEY *eckey); - int (*verify)(int type, const unsigned char *dgst, int dgst_len, - const unsigned char *sigbuf, int sig_len, EC_KEY *eckey); - int (*verify_sig)(const unsigned char *dgst, int dgst_len, - const ECDSA_SIG *sig, EC_KEY *eckey); -} /* EC_KEY_METHOD */; - -struct ec_key_st { - const EC_KEY_METHOD *meth; - - int version; - - EC_GROUP *group; - - EC_POINT *pub_key; - BIGNUM *priv_key; - - unsigned int enc_flag; - point_conversion_form_t conv_form; - - int references; - int flags; - - CRYPTO_EX_DATA ex_data; -} /* EC_KEY */; - -int eckey_compute_pubkey(EC_KEY *eckey); -int ecdh_compute_key(unsigned char **out, size_t *out_len, - const EC_POINT *pub_key, const EC_KEY *ecdh); -int ecdsa_verify(int type, const unsigned char *dgst, int dgst_len, - const unsigned char *sigbuf, int sig_len, EC_KEY *eckey); -int ecdsa_verify_sig(const unsigned char *dgst, int dgst_len, - const ECDSA_SIG *sig, EC_KEY *eckey); - -/* - * ECDH Key Derivation Function as defined in ANSI X9.63. - */ -int ecdh_KDF_X9_63(unsigned char *out, size_t outlen, const unsigned char *Z, - size_t Zlen, const unsigned char *sinfo, size_t sinfolen, const EVP_MD *md); - -__END_HIDDEN_DECLS diff --git a/src/lib/libcrypto/ec/ec_mult.c b/src/lib/libcrypto/ec/ec_mult.c deleted file mode 100644 index 673696a9fd..0000000000 --- a/src/lib/libcrypto/ec/ec_mult.c +++ /dev/null @@ -1,407 +0,0 @@ -/* $OpenBSD: ec_mult.c,v 1.58 2025/03/24 13:07:04 jsing Exp $ */ -/* - * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project. - */ -/* ==================================================================== - * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * Portions of this software developed by SUN MICROSYSTEMS, INC., - * and contributed to the OpenSSL project. - */ - -#include -#include -#include - -#include -#include -#include - -#include "ec_local.h" - -/* Holds the wNAF digits of bn and the corresponding odd multiples of point. */ -struct ec_wnaf { - signed char *digits; - size_t num_digits; - EC_POINT **multiples; - size_t num_multiples; -}; - -static int -ec_window_bits(const BIGNUM *bn) -{ - int bits = BN_num_bits(bn); - - if (bits >= 2000) - return 6; - if (bits >= 800) - return 5; - if (bits >= 300) - return 4; - if (bits >= 70) - return 3; - if (bits >= 20) - return 2; - - return 1; -} - -/* - * Width-(w+1) non-adjacent form of bn = \sum_j n_j 2^j, with odd n_j, - * where at most one of any (w+1) consecutive digits is non-zero. - */ - -static int -ec_compute_wnaf(const BIGNUM *bn, signed char *digits, size_t num_digits) -{ - int digit, bit, next, sign, wbits, window; - size_t i; - int ret = 0; - - if (num_digits != BN_num_bits(bn) + 1) { - ECerror(ERR_R_INTERNAL_ERROR); - goto err; - } - - sign = BN_is_negative(bn) ? -1 : 1; - - wbits = ec_window_bits(bn); - - bit = 1 << wbits; - next = bit << 1; - - /* Extract the wbits + 1 lowest bits from bn into window. */ - window = 0; - for (i = 0; i < wbits + 1; i++) { - if (BN_is_bit_set(bn, i)) - window |= (1 << i); - } - - /* Instead of bn >>= 1 in each iteration, slide window to the left. */ - for (i = 0; i < num_digits; i++) { - digit = 0; - - /* - * If window is odd, the i-th wNAF digit is window (mods 2^w), - * where mods is the signed modulo in (-2^w-1, 2^w-1]. Subtract - * the digit from window, so window is 0 or next, and add the - * digit to the wNAF digits. - */ - if ((window & 1) != 0) { - digit = window; - if ((window & bit) != 0) - digit = window - next; - window -= digit; - } - - digits[i] = sign * digit; - - /* Slide the window to the left. */ - window >>= 1; - window += bit * BN_is_bit_set(bn, i + wbits + 1); - } - - ret = 1; - - err: - return ret; -} - -static int -ec_compute_odd_multiples(const EC_GROUP *group, const EC_POINT *point, - EC_POINT **multiples, size_t num_multiples, BN_CTX *ctx) -{ - EC_POINT *doubled = NULL; - size_t i; - int ret = 0; - - if (num_multiples < 1) - goto err; - - if ((multiples[0] = EC_POINT_dup(point, group)) == NULL) - goto err; - - if ((doubled = EC_POINT_new(group)) == NULL) - goto err; - if (!EC_POINT_dbl(group, doubled, point, ctx)) - goto err; - for (i = 1; i < num_multiples; i++) { - if ((multiples[i] = EC_POINT_new(group)) == NULL) - goto err; - if (!EC_POINT_add(group, multiples[i], multiples[i - 1], doubled, - ctx)) - goto err; - } - - ret = 1; - - err: - EC_POINT_free(doubled); - - return ret; -} - -/* - * Bring multiples held in wnaf0 and wnaf1 simultaneously into affine form - * so that the operations in the loop in ec_wnaf_mul() can take fast paths. - */ - -static int -ec_normalize_points(const EC_GROUP *group, struct ec_wnaf *wnaf0, - struct ec_wnaf *wnaf1, BN_CTX *ctx) -{ - EC_POINT **points0 = wnaf0->multiples, **points1 = wnaf1->multiples; - size_t len0 = wnaf0->num_multiples, len1 = wnaf1->num_multiples; - EC_POINT **val = NULL; - size_t len = 0; - int ret = 0; - - if (len1 > SIZE_MAX - len0) - goto err; - len = len0 + len1; - - if ((val = calloc(len, sizeof(*val))) == NULL) { - ECerror(ERR_R_MALLOC_FAILURE); - goto err; - } - memcpy(&val[0], points0, sizeof(*val) * len0); - memcpy(&val[len0], points1, sizeof(*val) * len1); - - if (!group->meth->points_make_affine(group, len, val, ctx)) - goto err; - - ret = 1; - - err: - free(val); - - return ret; -} - -static void -ec_points_free(EC_POINT **points, size_t num_points) -{ - size_t i; - - if (points == NULL) - return; - - for (i = 0; i < num_points; i++) - EC_POINT_free(points[i]); - free(points); -} - -static void -ec_wnaf_free(struct ec_wnaf *wnaf) -{ - if (wnaf == NULL) - return; - - free(wnaf->digits); - ec_points_free(wnaf->multiples, wnaf->num_multiples); - free(wnaf); -} - -/* - * Calculate wNAF splitting of bn and the corresponding odd multiples of point. - */ - -static struct ec_wnaf * -ec_wnaf_new(const EC_GROUP *group, const BIGNUM *scalar, const EC_POINT *point, - BN_CTX *ctx) -{ - struct ec_wnaf *wnaf; - - if ((wnaf = calloc(1, sizeof(*wnaf))) == NULL) - goto err; - - wnaf->num_digits = BN_num_bits(scalar) + 1; - if ((wnaf->digits = calloc(wnaf->num_digits, - sizeof(*wnaf->digits))) == NULL) - goto err; - - if (!ec_compute_wnaf(scalar, wnaf->digits, wnaf->num_digits)) - goto err; - - wnaf->num_multiples = 1ULL << (ec_window_bits(scalar) - 1); - if ((wnaf->multiples = calloc(wnaf->num_multiples, - sizeof(*wnaf->multiples))) == NULL) - goto err; - - if (!ec_compute_odd_multiples(group, point, wnaf->multiples, - wnaf->num_multiples, ctx)) - goto err; - - return wnaf; - - err: - ec_wnaf_free(wnaf); - - return NULL; -} - -static signed char -ec_wnaf_digit(struct ec_wnaf *wnaf, size_t idx) -{ - if (idx >= wnaf->num_digits) - return 0; - - return wnaf->digits[idx]; -} - -static const EC_POINT * -ec_wnaf_multiple(struct ec_wnaf *wnaf, signed char digit) -{ - if (digit < 0) - return NULL; - if (digit >= 2 * wnaf->num_multiples) - return NULL; - - return wnaf->multiples[digit >> 1]; -} - -/* - * Compute r = scalar1 * point1 + scalar2 * point2 in non-constant time. - */ - -int -ec_wnaf_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar1, - const EC_POINT *point1, const BIGNUM *scalar2, const EC_POINT *point2, - BN_CTX *ctx) -{ - struct ec_wnaf *wnaf[2] = { NULL, NULL }; - size_t i; - int k; - int r_is_inverted = 0; - size_t num_digits; - int ret = 0; - - if (scalar1 == NULL || scalar2 == NULL) { - ECerror(ERR_R_PASSED_NULL_PARAMETER); - goto err; - } - if (group->meth != r->meth || group->meth != point1->meth || - group->meth != point2->meth) { - ECerror(EC_R_INCOMPATIBLE_OBJECTS); - goto err; - } - - if ((wnaf[0] = ec_wnaf_new(group, scalar1, point1, ctx)) == NULL) - goto err; - if ((wnaf[1] = ec_wnaf_new(group, scalar2, point2, ctx)) == NULL) - goto err; - - if (!ec_normalize_points(group, wnaf[0], wnaf[1], ctx)) - goto err; - - num_digits = wnaf[0]->num_digits; - if (wnaf[1]->num_digits > num_digits) - num_digits = wnaf[1]->num_digits; - - /* - * Set r to the neutral element. Scan through the wNAF representations - * of m and n, starting at the most significant digit. Double r and for - * each wNAF digit of scalar1 add the digit times point1, and for each - * wNAF digit of scalar2 add the digit times point2, adjusting the signs - * as appropriate. - */ - - if (!EC_POINT_set_to_infinity(group, r)) - goto err; - - for (k = num_digits - 1; k >= 0; k--) { - if (!EC_POINT_dbl(group, r, r, ctx)) - goto err; - - for (i = 0; i < 2; i++) { - const EC_POINT *multiple; - signed char digit; - int is_neg = 0; - - if ((digit = ec_wnaf_digit(wnaf[i], k)) == 0) - continue; - - if (digit < 0) { - is_neg = 1; - digit = -digit; - } - - if (is_neg != r_is_inverted) { - if (!EC_POINT_invert(group, r, ctx)) - goto err; - r_is_inverted = !r_is_inverted; - } - - if ((multiple = ec_wnaf_multiple(wnaf[i], digit)) == NULL) - goto err; - - if (!EC_POINT_add(group, r, r, multiple, ctx)) - goto err; - } - } - - if (r_is_inverted) { - if (!EC_POINT_invert(group, r, ctx)) - goto err; - } - - ret = 1; - - err: - ec_wnaf_free(wnaf[0]); - ec_wnaf_free(wnaf[1]); - - return ret; -} diff --git a/src/lib/libcrypto/ec/ec_pmeth.c b/src/lib/libcrypto/ec/ec_pmeth.c deleted file mode 100644 index 85ac4822d1..0000000000 --- a/src/lib/libcrypto/ec/ec_pmeth.c +++ /dev/null @@ -1,545 +0,0 @@ -/* $OpenBSD: ec_pmeth.c,v 1.26 2025/03/13 10:39:51 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2006. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include - -#include -#include -#include -#include -#include - -#include "bn_local.h" -#include "ec_local.h" -#include "evp_local.h" - -/* EC pkey context structure */ - -typedef struct { - /* Key and paramgen group */ - EC_GROUP *gen_group; - /* message digest */ - const EVP_MD *md; - /* Duplicate key if custom cofactor needed */ - EC_KEY *co_key; - /* Cofactor mode */ - signed char cofactor_mode; - /* KDF (if any) to use for ECDH */ - char kdf_type; - /* Message digest to use for key derivation */ - const EVP_MD *kdf_md; - /* User key material */ - unsigned char *kdf_ukm; - size_t kdf_ukmlen; - /* KDF output length */ - size_t kdf_outlen; -} EC_PKEY_CTX; - -static int -pkey_ec_init(EVP_PKEY_CTX *ctx) -{ - EC_PKEY_CTX *dctx; - - if ((dctx = calloc(1, sizeof(EC_PKEY_CTX))) == NULL) { - ECerror(ERR_R_MALLOC_FAILURE); - return 0; - } - - dctx->cofactor_mode = -1; - dctx->kdf_type = EVP_PKEY_ECDH_KDF_NONE; - - ctx->data = dctx; - - return 1; -} - -static int -pkey_ec_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) -{ - EC_PKEY_CTX *dctx, *sctx; - if (!pkey_ec_init(dst)) - return 0; - sctx = src->data; - dctx = dst->data; - if (sctx->gen_group) { - dctx->gen_group = EC_GROUP_dup(sctx->gen_group); - if (!dctx->gen_group) - return 0; - } - dctx->md = sctx->md; - - if (sctx->co_key) { - dctx->co_key = EC_KEY_dup(sctx->co_key); - if (!dctx->co_key) - return 0; - } - dctx->kdf_type = sctx->kdf_type; - dctx->kdf_md = sctx->kdf_md; - dctx->kdf_outlen = sctx->kdf_outlen; - if (sctx->kdf_ukm) { - if ((dctx->kdf_ukm = calloc(1, sctx->kdf_ukmlen)) == NULL) - return 0; - memcpy(dctx->kdf_ukm, sctx->kdf_ukm, sctx->kdf_ukmlen); - } else - dctx->kdf_ukm = NULL; - - dctx->kdf_ukmlen = sctx->kdf_ukmlen; - - return 1; -} - -static void -pkey_ec_cleanup(EVP_PKEY_CTX *ctx) -{ - EC_PKEY_CTX *dctx = ctx->data; - - if (dctx != NULL) { - EC_GROUP_free(dctx->gen_group); - EC_KEY_free(dctx->co_key); - free(dctx->kdf_ukm); - free(dctx); - ctx->data = NULL; - } -} - -static int -pkey_ec_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbslen) -{ - int ret, type; - unsigned int sltmp; - EC_PKEY_CTX *dctx = ctx->data; - EC_KEY *ec = ctx->pkey->pkey.ec; - - if (!sig) { - *siglen = ECDSA_size(ec); - return 1; - } else if (*siglen < (size_t) ECDSA_size(ec)) { - ECerror(EC_R_BUFFER_TOO_SMALL); - return 0; - } - if (dctx->md) - type = EVP_MD_type(dctx->md); - else - type = NID_sha1; - - ret = ECDSA_sign(type, tbs, tbslen, sig, &sltmp, ec); - if (ret <= 0) - return ret; - *siglen = (size_t) sltmp; - return 1; -} - -static int -pkey_ec_verify(EVP_PKEY_CTX *ctx, - const unsigned char *sig, size_t siglen, - const unsigned char *tbs, size_t tbslen) -{ - int ret, type; - EC_PKEY_CTX *dctx = ctx->data; - EC_KEY *ec = ctx->pkey->pkey.ec; - - if (dctx->md) - type = EVP_MD_type(dctx->md); - else - type = NID_sha1; - - ret = ECDSA_verify(type, tbs, tbslen, sig, siglen, ec); - - return ret; -} - -static int -pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen) -{ - int ret; - size_t outlen; - const EC_POINT *pubkey = NULL; - EC_KEY *eckey; - EC_PKEY_CTX *dctx = ctx->data; - - if (!ctx->pkey || !ctx->peerkey) { - ECerror(EC_R_KEYS_NOT_SET); - return 0; - } - - eckey = dctx->co_key ? dctx->co_key : ctx->pkey->pkey.ec; - if (key == NULL) { - *keylen = BN_num_bytes(eckey->group->p); - return 1; - } - pubkey = EC_KEY_get0_public_key(ctx->peerkey->pkey.ec); - - /* - * NB: unlike PKCS#3 DH, if *outlen is less than maximum size this is - * not an error, the result is truncated. - */ - - outlen = *keylen; - - ret = ECDH_compute_key(key, outlen, pubkey, eckey, NULL); - if (ret <= 0) - return 0; - - *keylen = ret; - - return 1; -} - -static int -pkey_ec_kdf_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen) -{ - EC_PKEY_CTX *dctx = ctx->data; - unsigned char *ktmp = NULL; - size_t ktmplen; - int rv = 0; - - if (dctx->kdf_type == EVP_PKEY_ECDH_KDF_NONE) - return pkey_ec_derive(ctx, key, keylen); - - if (!key) { - *keylen = dctx->kdf_outlen; - return 1; - } - if (*keylen != dctx->kdf_outlen) - return 0; - if (!pkey_ec_derive(ctx, NULL, &ktmplen)) - return 0; - if ((ktmp = calloc(1, ktmplen)) == NULL) { - ECerror(ERR_R_MALLOC_FAILURE); - return 0; - } - if (!pkey_ec_derive(ctx, ktmp, &ktmplen)) - goto err; - /* Do KDF stuff */ - if (!ecdh_KDF_X9_63(key, *keylen, ktmp, ktmplen, dctx->kdf_ukm, - dctx->kdf_ukmlen, dctx->kdf_md)) - goto err; - rv = 1; - - err: - freezero(ktmp, ktmplen); - - return rv; -} - -static int -pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) -{ - EC_PKEY_CTX *dctx = ctx->data; - EC_GROUP *group; - - switch (type) { - case EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID: - group = EC_GROUP_new_by_curve_name(p1); - if (group == NULL) { - ECerror(EC_R_INVALID_CURVE); - return 0; - } - EC_GROUP_free(dctx->gen_group); - dctx->gen_group = group; - return 1; - - case EVP_PKEY_CTRL_EC_PARAM_ENC: - if (!dctx->gen_group) { - ECerror(EC_R_NO_PARAMETERS_SET); - return 0; - } - EC_GROUP_set_asn1_flag(dctx->gen_group, p1); - return 1; - - case EVP_PKEY_CTRL_EC_ECDH_COFACTOR: - if (p1 == -2) { - if (dctx->cofactor_mode != -1) - return dctx->cofactor_mode; - else { - EC_KEY *ec_key = ctx->pkey->pkey.ec; - return EC_KEY_get_flags(ec_key) & EC_FLAG_COFACTOR_ECDH ? 1 : 0; - } - } else if (p1 < -1 || p1 > 1) - return -2; - dctx->cofactor_mode = p1; - if (p1 != -1) { - EC_KEY *ec_key = ctx->pkey->pkey.ec; - if (!ec_key->group) - return -2; - /* If cofactor is 1 cofactor mode does nothing */ - if (BN_is_one(ec_key->group->cofactor)) - return 1; - if (!dctx->co_key) { - dctx->co_key = EC_KEY_dup(ec_key); - if (!dctx->co_key) - return 0; - } - if (p1) - EC_KEY_set_flags(dctx->co_key, EC_FLAG_COFACTOR_ECDH); - else - EC_KEY_clear_flags(dctx->co_key, EC_FLAG_COFACTOR_ECDH); - } else { - EC_KEY_free(dctx->co_key); - dctx->co_key = NULL; - } - return 1; - - case EVP_PKEY_CTRL_EC_KDF_TYPE: - if (p1 == -2) - return dctx->kdf_type; - if (p1 != EVP_PKEY_ECDH_KDF_NONE && p1 != EVP_PKEY_ECDH_KDF_X9_63) - return -2; - dctx->kdf_type = p1; - return 1; - - case EVP_PKEY_CTRL_EC_KDF_MD: - dctx->kdf_md = p2; - return 1; - - case EVP_PKEY_CTRL_GET_EC_KDF_MD: - *(const EVP_MD **)p2 = dctx->kdf_md; - return 1; - - case EVP_PKEY_CTRL_EC_KDF_OUTLEN: - if (p1 <= 0) - return -2; - dctx->kdf_outlen = (size_t)p1; - return 1; - - case EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN: - *(int *)p2 = dctx->kdf_outlen; - return 1; - - case EVP_PKEY_CTRL_EC_KDF_UKM: - free(dctx->kdf_ukm); - dctx->kdf_ukm = p2; - if (p2) - dctx->kdf_ukmlen = p1; - else - dctx->kdf_ukmlen = 0; - return 1; - - case EVP_PKEY_CTRL_GET_EC_KDF_UKM: - *(unsigned char **)p2 = dctx->kdf_ukm; - return dctx->kdf_ukmlen; - - case EVP_PKEY_CTRL_MD: - /* RFC 3279, RFC 5758 and NIST CSOR. */ - switch (EVP_MD_type(p2)) { - case NID_sha1: - case NID_ecdsa_with_SHA1: - case NID_sha224: - case NID_sha256: - case NID_sha384: - case NID_sha512: - case NID_sha3_224: - case NID_sha3_256: - case NID_sha3_384: - case NID_sha3_512: - break; - default: - ECerror(EC_R_INVALID_DIGEST_TYPE); - return 0; - } - dctx->md = p2; - return 1; - - case EVP_PKEY_CTRL_GET_MD: - *(const EVP_MD **)p2 = dctx->md; - return 1; - - case EVP_PKEY_CTRL_PEER_KEY: - /* Default behaviour is OK */ - case EVP_PKEY_CTRL_DIGESTINIT: - case EVP_PKEY_CTRL_PKCS7_SIGN: - case EVP_PKEY_CTRL_CMS_SIGN: - return 1; - - default: - return -2; - - } -} - -static int -pkey_ec_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value) -{ - if (!strcmp(type, "ec_paramgen_curve")) { - int nid; - nid = EC_curve_nist2nid(value); - if (nid == NID_undef) - nid = OBJ_sn2nid(value); - if (nid == NID_undef) - nid = OBJ_ln2nid(value); - if (nid == NID_undef) { - ECerror(EC_R_INVALID_CURVE); - return 0; - } - return EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid); - } else if (strcmp(type, "ec_param_enc") == 0) { - int param_enc; - if (strcmp(value, "explicit") == 0) - param_enc = 0; - else if (strcmp(value, "named_curve") == 0) - param_enc = OPENSSL_EC_NAMED_CURVE; - else - return -2; - return EVP_PKEY_CTX_set_ec_param_enc(ctx, param_enc); - } else if (strcmp(type, "ecdh_kdf_md") == 0) { - const EVP_MD *md; - if ((md = EVP_get_digestbyname(value)) == NULL) { - ECerror(EC_R_INVALID_DIGEST); - return 0; - } - return EVP_PKEY_CTX_set_ecdh_kdf_md(ctx, md); - } else if (strcmp(type, "ecdh_cofactor_mode") == 0) { - int cofactor_mode; - const char *errstr; - - cofactor_mode = strtonum(value, -1, 1, &errstr); - if (errstr != NULL) - return -2; - return EVP_PKEY_CTX_set_ecdh_cofactor_mode(ctx, cofactor_mode); - } - - return -2; -} - -static int -pkey_ec_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -{ - EC_KEY *ec = NULL; - EC_PKEY_CTX *dctx = ctx->data; - int ret = 0; - - if (dctx->gen_group == NULL) { - ECerror(EC_R_NO_PARAMETERS_SET); - goto err; - } - - if ((ec = EC_KEY_new()) == NULL) - goto err; - if (!EC_KEY_set_group(ec, dctx->gen_group)) - goto err; - if (!EVP_PKEY_assign_EC_KEY(pkey, ec)) - goto err; - ec = NULL; - - ret = 1; - - err: - EC_KEY_free(ec); - - return ret; -} - -static int -pkey_ec_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -{ - EC_KEY *ec = NULL; - EC_PKEY_CTX *dctx = ctx->data; - int ret = 0; - - if (ctx->pkey == NULL && dctx->gen_group == NULL) { - ECerror(EC_R_NO_PARAMETERS_SET); - goto err; - } - - if ((ec = EC_KEY_new()) == NULL) - goto err; - if (!EVP_PKEY_set1_EC_KEY(pkey, ec)) - goto err; - - if (ctx->pkey != NULL) { - if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey)) - goto err; - } else { - if (!EC_KEY_set_group(ec, dctx->gen_group)) - goto err; - } - - if (!EC_KEY_generate_key(ec)) - goto err; - - ret = 1; - - err: - EC_KEY_free(ec); - - return ret; -} - -const EVP_PKEY_METHOD ec_pkey_meth = { - .pkey_id = EVP_PKEY_EC, - - .init = pkey_ec_init, - .copy = pkey_ec_copy, - .cleanup = pkey_ec_cleanup, - - .paramgen = pkey_ec_paramgen, - - .keygen = pkey_ec_keygen, - - .sign = pkey_ec_sign, - - .verify = pkey_ec_verify, - - .derive = pkey_ec_kdf_derive, - - .ctrl = pkey_ec_ctrl, - .ctrl_str = pkey_ec_ctrl_str -}; diff --git a/src/lib/libcrypto/ec/eck_prn.c b/src/lib/libcrypto/ec/eck_prn.c deleted file mode 100644 index c40a64966a..0000000000 --- a/src/lib/libcrypto/ec/eck_prn.c +++ /dev/null @@ -1,357 +0,0 @@ -/* $OpenBSD: eck_prn.c,v 1.41 2025/01/25 10:30:17 tb Exp $ */ -/* - * Written by Nils Larsch for the OpenSSL project. - */ -/* ==================================================================== - * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * Portions originally developed by SUN MICROSYSTEMS, INC., and - * contributed to the OpenSSL project. - */ - -#include - -#include -#include -#include -#include -#include -#include - -#include "bn_local.h" -#include "ec_local.h" - -int -EC_KEY_print(BIO *bio, const EC_KEY *ec_key, int off) -{ - EVP_PKEY *pkey; - int ret = 0; - - if ((pkey = EVP_PKEY_new()) == NULL) - goto err; - - if (!EVP_PKEY_set1_EC_KEY(pkey, (EC_KEY *)ec_key)) - goto err; - - ret = EVP_PKEY_print_private(bio, pkey, off, NULL); - - err: - EVP_PKEY_free(pkey); - - return ret; -} -LCRYPTO_ALIAS(EC_KEY_print); - -int -EC_KEY_print_fp(FILE *fp, const EC_KEY *ec_key, int off) -{ - BIO *bio; - int ret; - - if ((bio = BIO_new(BIO_s_file())) == NULL) { - ECerror(ERR_R_BIO_LIB); - return 0; - } - - BIO_set_fp(bio, fp, BIO_NOCLOSE); - - ret = EC_KEY_print(bio, ec_key, off); - - BIO_free(bio); - - return ret; -} -LCRYPTO_ALIAS(EC_KEY_print_fp); - -int -ECParameters_print(BIO *bio, const EC_KEY *ec_key) -{ - EVP_PKEY *pkey; - int ret = 0; - - if ((pkey = EVP_PKEY_new()) == NULL) - goto err; - - if (!EVP_PKEY_set1_EC_KEY(pkey, (EC_KEY *)ec_key)) - goto err; - - ret = EVP_PKEY_print_params(bio, pkey, 4, NULL); - - err: - EVP_PKEY_free(pkey); - - return ret; -} -LCRYPTO_ALIAS(ECParameters_print); - -int -ECParameters_print_fp(FILE *fp, const EC_KEY *ec_key) -{ - BIO *bio; - int ret; - - if ((bio = BIO_new(BIO_s_file())) == NULL) { - ECerror(ERR_R_BIO_LIB); - return 0; - } - - BIO_set_fp(bio, fp, BIO_NOCLOSE); - - ret = ECParameters_print(bio, ec_key); - - BIO_free(bio); - - return ret; -} -LCRYPTO_ALIAS(ECParameters_print_fp); - -static int -ecpk_print_asn1_parameters(BIO *bio, const EC_GROUP *group, int off) -{ - const char *nist_name; - int nid; - int ret = 0; - - if (!BIO_indent(bio, off, 128)) { - ECerror(ERR_R_BIO_LIB); - goto err; - } - - if ((nid = EC_GROUP_get_curve_name(group)) == NID_undef) { - ECerror(ERR_R_INTERNAL_ERROR); - goto err; - } - - if (BIO_printf(bio, "ASN1 OID: %s\n", OBJ_nid2sn(nid)) <= 0) { - ECerror(ERR_R_BIO_LIB); - goto err; - } - - if ((nist_name = EC_curve_nid2nist(nid)) != NULL) { - if (!BIO_indent(bio, off, 128)) { - ECerror(ERR_R_BIO_LIB); - goto err; - } - if (BIO_printf(bio, "NIST CURVE: %s\n", nist_name) <= 0) { - ECerror(ERR_R_BIO_LIB); - goto err; - } - } - - ret = 1; - err: - - return ret; -} - -static int -ecpk_print_explicit_parameters(BIO *bio, const EC_GROUP *group, int off) -{ - BN_CTX *ctx = NULL; - const BIGNUM *order; - BIGNUM *p, *a, *b, *cofactor; - BIGNUM *gen = NULL; - const EC_POINT *generator; - const char *conversion_form; - const unsigned char *seed; - size_t seed_len; - point_conversion_form_t form; - int ret = 0; - - if ((ctx = BN_CTX_new()) == NULL) { - ECerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - BN_CTX_start(ctx); - - if ((p = BN_CTX_get(ctx)) == NULL) - goto err; - if ((a = BN_CTX_get(ctx)) == NULL) - goto err; - if ((b = BN_CTX_get(ctx)) == NULL) - goto err; - if ((cofactor = BN_CTX_get(ctx)) == NULL) - goto err; - if ((gen = BN_CTX_get(ctx)) == NULL) - goto err; - - if (!EC_GROUP_get_curve(group, p, a, b, ctx)) { - ECerror(ERR_R_EC_LIB); - goto err; - } - if ((order = EC_GROUP_get0_order(group)) == NULL) { - ECerror(ERR_R_EC_LIB); - goto err; - } - if (!EC_GROUP_get_cofactor(group, cofactor, NULL)) { - ECerror(ERR_R_EC_LIB); - goto err; - } - - if ((generator = EC_GROUP_get0_generator(group)) == NULL) { - ECerror(ERR_R_EC_LIB); - goto err; - } - - form = EC_GROUP_get_point_conversion_form(group); - if (EC_POINT_point2bn(group, generator, form, gen, ctx) == NULL) { - ECerror(ERR_R_EC_LIB); - goto err; - } - - if (!BIO_indent(bio, off, 128)) - goto err; - - if (BIO_printf(bio, "Field Type: %s\n", SN_X9_62_prime_field) <= 0) - goto err; - - if (!bn_printf(bio, p, off, "Prime:")) - goto err; - if (!bn_printf(bio, a, off, "A: ")) - goto err; - if (!bn_printf(bio, b, off, "B: ")) - goto err; - - if (form == POINT_CONVERSION_COMPRESSED) - conversion_form = "compressed"; - else if (form == POINT_CONVERSION_UNCOMPRESSED) - conversion_form = "uncompressed"; - else if (form == POINT_CONVERSION_HYBRID) - conversion_form = "hybrid"; - else - conversion_form = "unknown"; - if (!bn_printf(bio, gen, off, "Generator (%s):", conversion_form)) - goto err; - - if (!bn_printf(bio, order, off, "Order: ")) - goto err; - if (!bn_printf(bio, cofactor, off, "Cofactor: ")) - goto err; - - if ((seed = EC_GROUP_get0_seed(group)) != NULL) { - size_t i; - - seed_len = EC_GROUP_get_seed_len(group); - - /* XXX - ecx_buf_print() has a CBS version of this - dedup. */ - if (!BIO_indent(bio, off, 128)) - goto err; - if (BIO_printf(bio, "Seed:") <= 0) - goto err; - - for (i = 0; i < seed_len; i++) { - const char *sep = ":"; - - if (i % 15 == 0) { - if (BIO_printf(bio, "\n") <= 0) - goto err; - if (!BIO_indent(bio, off + 4, 128)) - goto err; - } - - if (i + 1 == seed_len) - sep = ""; - if (BIO_printf(bio, "%02x%s", seed[i], sep) <= 0) - goto err; - } - - if (BIO_printf(bio, "\n") <= 0) - goto err; - } - - ret = 1; - err: - BN_CTX_end(ctx); - BN_CTX_free(ctx); - - return ret; -} - -int -ECPKParameters_print(BIO *bio, const EC_GROUP *group, int off) -{ - if (group == NULL) { - ECerror(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - - if ((EC_GROUP_get_asn1_flag(group) & OPENSSL_EC_NAMED_CURVE) != 0) - return ecpk_print_asn1_parameters(bio, group, off); - - return ecpk_print_explicit_parameters(bio, group, off); -} -LCRYPTO_ALIAS(ECPKParameters_print); - -int -ECPKParameters_print_fp(FILE *fp, const EC_GROUP *group, int off) -{ - BIO *bio; - int ret; - - if ((bio = BIO_new(BIO_s_file())) == NULL) { - ECerror(ERR_R_BUF_LIB); - return 0; - } - - BIO_set_fp(bio, fp, BIO_NOCLOSE); - - ret = ECPKParameters_print(bio, group, off); - - BIO_free(bio); - - return ret; -} -LCRYPTO_ALIAS(ECPKParameters_print_fp); diff --git a/src/lib/libcrypto/ec/ecp_methods.c b/src/lib/libcrypto/ec/ecp_methods.c deleted file mode 100644 index ced85ceb1e..0000000000 --- a/src/lib/libcrypto/ec/ecp_methods.c +++ /dev/null @@ -1,1327 +0,0 @@ -/* $OpenBSD: ecp_methods.c,v 1.45 2025/03/24 13:07:04 jsing Exp $ */ -/* Includes code written by Lenka Fibikova - * for the OpenSSL project. - * Includes code written by Bodo Moeller for the OpenSSL project. - */ -/* ==================================================================== - * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * Portions of this software developed by SUN MICROSYSTEMS, INC., - * and contributed to the OpenSSL project. - */ - -#include - -#include -#include -#include -#include - -#include "bn_local.h" -#include "ec_local.h" - -/* - * Most method functions in this file are designed to work with non-trivial - * representations of field elements if necessary: while standard modular - * addition and subtraction are used, the field_mul and field_sqr methods will - * be used for multiplication, and field_encode and field_decode (if defined) - * will be used for converting between representations. - * - * The functions ec_points_make_affine() and ec_point_get_affine_coordinates() - * assume that if a non-trivial representation is used, it is a Montgomery - * representation (i.e. 'encoding' means multiplying by some factor R). - */ - -static inline int -ec_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - BN_CTX *ctx) -{ - return group->meth->field_mul(group, r, a, b, ctx); -} - -static inline int -ec_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) -{ - return group->meth->field_sqr(group, r, a, ctx); -} - -static int -ec_decode_scalar(const EC_GROUP *group, BIGNUM *bn, const BIGNUM *x, BN_CTX *ctx) -{ - if (bn == NULL) - return 1; - - if (group->meth->field_decode != NULL) - return group->meth->field_decode(group, bn, x, ctx); - - return bn_copy(bn, x); -} - -static int -ec_encode_scalar(const EC_GROUP *group, BIGNUM *bn, const BIGNUM *x, BN_CTX *ctx) -{ - if (!BN_nnmod(bn, x, group->p, ctx)) - return 0; - - if (group->meth->field_encode != NULL) - return group->meth->field_encode(group, bn, bn, ctx); - - return 1; -} - -static int -ec_group_set_curve(EC_GROUP *group, - const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) -{ - BIGNUM *a_plus_3; - int ret = 0; - - /* p must be a prime > 3 */ - if (BN_num_bits(p) <= 2 || !BN_is_odd(p)) { - ECerror(EC_R_INVALID_FIELD); - return 0; - } - - BN_CTX_start(ctx); - - if ((a_plus_3 = BN_CTX_get(ctx)) == NULL) - goto err; - - if (!bn_copy(group->p, p)) - goto err; - BN_set_negative(group->p, 0); - - if (!ec_encode_scalar(group, group->a, a, ctx)) - goto err; - if (!ec_encode_scalar(group, group->b, b, ctx)) - goto err; - - if (!BN_set_word(a_plus_3, 3)) - goto err; - if (!BN_mod_add(a_plus_3, a_plus_3, a, group->p, ctx)) - goto err; - - group->a_is_minus3 = BN_is_zero(a_plus_3); - - ret = 1; - - err: - BN_CTX_end(ctx); - - return ret; -} - -static int -ec_group_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, - BN_CTX *ctx) -{ - if (p != NULL) { - if (!bn_copy(p, group->p)) - return 0; - } - if (!ec_decode_scalar(group, a, group->a, ctx)) - return 0; - if (!ec_decode_scalar(group, b, group->b, ctx)) - return 0; - - return 1; -} - -static int -ec_point_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx) -{ - BIGNUM *rh, *tmp, *Z4, *Z6; - int ret = -1; - - if (EC_POINT_is_at_infinity(group, point)) - return 1; - - BN_CTX_start(ctx); - - if ((rh = BN_CTX_get(ctx)) == NULL) - goto err; - if ((tmp = BN_CTX_get(ctx)) == NULL) - goto err; - if ((Z4 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((Z6 = BN_CTX_get(ctx)) == NULL) - goto err; - - /* - * The curve is defined by a Weierstrass equation y^2 = x^3 + a*x + b. - * The point is given in Jacobian projective coordinates where (X, Y, Z) - * represents (x, y) = (X/Z^2, Y/Z^3). Substituting this and multiplying - * by Z^6 transforms the above into Y^2 = X^3 + a*X*Z^4 + b*Z^6. - */ - - /* rh := X^2 */ - if (!ec_field_sqr(group, rh, point->X, ctx)) - goto err; - - if (!point->Z_is_one) { - if (!ec_field_sqr(group, tmp, point->Z, ctx)) - goto err; - if (!ec_field_sqr(group, Z4, tmp, ctx)) - goto err; - if (!ec_field_mul(group, Z6, Z4, tmp, ctx)) - goto err; - - /* rh := (rh + a*Z^4)*X */ - if (group->a_is_minus3) { - if (!BN_mod_lshift1_quick(tmp, Z4, group->p)) - goto err; - if (!BN_mod_add_quick(tmp, tmp, Z4, group->p)) - goto err; - if (!BN_mod_sub_quick(rh, rh, tmp, group->p)) - goto err; - if (!ec_field_mul(group, rh, rh, point->X, ctx)) - goto err; - } else { - if (!ec_field_mul(group, tmp, Z4, group->a, ctx)) - goto err; - if (!BN_mod_add_quick(rh, rh, tmp, group->p)) - goto err; - if (!ec_field_mul(group, rh, rh, point->X, ctx)) - goto err; - } - - /* rh := rh + b*Z^6 */ - if (!ec_field_mul(group, tmp, group->b, Z6, ctx)) - goto err; - if (!BN_mod_add_quick(rh, rh, tmp, group->p)) - goto err; - } else { - /* point->Z_is_one */ - - /* rh := (rh + a)*X */ - if (!BN_mod_add_quick(rh, rh, group->a, group->p)) - goto err; - if (!ec_field_mul(group, rh, rh, point->X, ctx)) - goto err; - /* rh := rh + b */ - if (!BN_mod_add_quick(rh, rh, group->b, group->p)) - goto err; - } - - /* 'lh' := Y^2 */ - if (!ec_field_sqr(group, tmp, point->Y, ctx)) - goto err; - - ret = (0 == BN_ucmp(tmp, rh)); - - err: - BN_CTX_end(ctx); - - return ret; -} - -/* - * Returns -1 on error, 0 if the points are equal, 1 if the points are distinct. - */ - -static int -ec_point_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, - BN_CTX *ctx) -{ - BIGNUM *tmp1, *tmp2, *Za23, *Zb23; - const BIGNUM *tmp1_, *tmp2_; - int ret = -1; - - if (EC_POINT_is_at_infinity(group, a) && EC_POINT_is_at_infinity(group, b)) - return 0; - if (EC_POINT_is_at_infinity(group, a) || EC_POINT_is_at_infinity(group, b)) - return 1; - - if (a->Z_is_one && b->Z_is_one) - return BN_cmp(a->X, b->X) != 0 || BN_cmp(a->Y, b->Y) != 0; - - BN_CTX_start(ctx); - - if ((tmp1 = BN_CTX_get(ctx)) == NULL) - goto end; - if ((tmp2 = BN_CTX_get(ctx)) == NULL) - goto end; - if ((Za23 = BN_CTX_get(ctx)) == NULL) - goto end; - if ((Zb23 = BN_CTX_get(ctx)) == NULL) - goto end; - - /* - * Decide whether (X_a/Z_a^2, Y_a/Z_a^3) = (X_b/Z_b^2, Y_b/Z_b^3), or - * equivalently, (X_a*Z_b^2, Y_a*Z_b^3) = (X_b*Z_a^2, Y_b*Z_a^3). - */ - - if (!b->Z_is_one) { - if (!ec_field_sqr(group, Zb23, b->Z, ctx)) - goto end; - if (!ec_field_mul(group, tmp1, a->X, Zb23, ctx)) - goto end; - tmp1_ = tmp1; - } else - tmp1_ = a->X; - if (!a->Z_is_one) { - if (!ec_field_sqr(group, Za23, a->Z, ctx)) - goto end; - if (!ec_field_mul(group, tmp2, b->X, Za23, ctx)) - goto end; - tmp2_ = tmp2; - } else - tmp2_ = b->X; - - /* compare X_a*Z_b^2 with X_b*Z_a^2 */ - if (BN_cmp(tmp1_, tmp2_) != 0) { - ret = 1; /* points differ */ - goto end; - } - if (!b->Z_is_one) { - if (!ec_field_mul(group, Zb23, Zb23, b->Z, ctx)) - goto end; - if (!ec_field_mul(group, tmp1, a->Y, Zb23, ctx)) - goto end; - /* tmp1_ = tmp1 */ - } else - tmp1_ = a->Y; - if (!a->Z_is_one) { - if (!ec_field_mul(group, Za23, Za23, a->Z, ctx)) - goto end; - if (!ec_field_mul(group, tmp2, b->Y, Za23, ctx)) - goto end; - /* tmp2_ = tmp2 */ - } else - tmp2_ = b->Y; - - /* compare Y_a*Z_b^3 with Y_b*Z_a^3 */ - if (BN_cmp(tmp1_, tmp2_) != 0) { - ret = 1; /* points differ */ - goto end; - } - /* points are equal */ - ret = 0; - - end: - BN_CTX_end(ctx); - - return ret; -} - -static int -ec_point_set_affine_coordinates(const EC_GROUP *group, EC_POINT *point, - const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx) -{ - int ret = 0; - - if (x == NULL || y == NULL) { - ECerror(ERR_R_PASSED_NULL_PARAMETER); - goto err; - } - - if (!ec_encode_scalar(group, point->X, x, ctx)) - goto err; - if (!ec_encode_scalar(group, point->Y, y, ctx)) - goto err; - if (!ec_encode_scalar(group, point->Z, BN_value_one(), ctx)) - goto err; - point->Z_is_one = 1; - - ret = 1; - - err: - return ret; -} - -static int -ec_point_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *point, - BIGNUM *x, BIGNUM *y, BN_CTX *ctx) -{ - BIGNUM *z, *Z, *Z_1, *Z_2, *Z_3; - int ret = 0; - - BN_CTX_start(ctx); - - if ((z = BN_CTX_get(ctx)) == NULL) - goto err; - if ((Z = BN_CTX_get(ctx)) == NULL) - goto err; - if ((Z_1 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((Z_2 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((Z_3 = BN_CTX_get(ctx)) == NULL) - goto err; - - /* - * Convert from Jacobian projective coordinates (X, Y, Z) into - * (X/Z^2, Y/Z^3). - */ - - if (!ec_decode_scalar(group, z, point->Z, ctx)) - goto err; - - if (BN_is_one(z)) { - if (!ec_decode_scalar(group, x, point->X, ctx)) - goto err; - if (!ec_decode_scalar(group, y, point->Y, ctx)) - goto err; - goto done; - } - - if (BN_mod_inverse_ct(Z_1, z, group->p, ctx) == NULL) { - ECerror(ERR_R_BN_LIB); - goto err; - } - if (group->meth->field_encode == NULL) { - /* field_sqr works on standard representation */ - if (!ec_field_sqr(group, Z_2, Z_1, ctx)) - goto err; - } else { - if (!BN_mod_sqr(Z_2, Z_1, group->p, ctx)) - goto err; - } - - if (x != NULL) { - /* - * in the Montgomery case, field_mul will cancel out - * Montgomery factor in X: - */ - if (!ec_field_mul(group, x, point->X, Z_2, ctx)) - goto err; - } - if (y != NULL) { - if (group->meth->field_encode == NULL) { - /* field_mul works on standard representation */ - if (!ec_field_mul(group, Z_3, Z_2, Z_1, ctx)) - goto err; - } else { - if (!BN_mod_mul(Z_3, Z_2, Z_1, group->p, ctx)) - goto err; - } - - /* - * in the Montgomery case, field_mul will cancel out - * Montgomery factor in Y: - */ - if (!ec_field_mul(group, y, point->Y, Z_3, ctx)) - goto err; - } - - done: - ret = 1; - - err: - BN_CTX_end(ctx); - - return ret; -} - -static int -ec_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT **points, - BN_CTX *ctx) -{ - BIGNUM **prod_Z = NULL; - BIGNUM *one, *tmp, *tmp_Z; - size_t i; - int ret = 0; - - if (num == 0) - return 1; - - BN_CTX_start(ctx); - - if ((one = BN_CTX_get(ctx)) == NULL) - goto err; - if ((tmp = BN_CTX_get(ctx)) == NULL) - goto err; - if ((tmp_Z = BN_CTX_get(ctx)) == NULL) - goto err; - - if (!ec_encode_scalar(group, one, BN_value_one(), ctx)) - goto err; - - if ((prod_Z = calloc(num, sizeof *prod_Z)) == NULL) - goto err; - for (i = 0; i < num; i++) { - if ((prod_Z[i] = BN_CTX_get(ctx)) == NULL) - goto err; - } - - /* - * Set prod_Z[i] to the product of points[0]->Z, ..., points[i]->Z, - * skipping any zero-valued inputs (pretend that they're 1). - */ - - if (!BN_is_zero(points[0]->Z)) { - if (!bn_copy(prod_Z[0], points[0]->Z)) - goto err; - } else { - if (!bn_copy(prod_Z[0], one)) - goto err; - } - - for (i = 1; i < num; i++) { - if (!BN_is_zero(points[i]->Z)) { - if (!ec_field_mul(group, prod_Z[i], - prod_Z[i - 1], points[i]->Z, ctx)) - goto err; - } else { - if (!bn_copy(prod_Z[i], prod_Z[i - 1])) - goto err; - } - } - - /* - * Now use a single explicit inversion to replace every non-zero - * points[i]->Z by its inverse. - */ - if (!BN_mod_inverse_nonct(tmp, prod_Z[num - 1], group->p, ctx)) { - ECerror(ERR_R_BN_LIB); - goto err; - } - - if (group->meth->field_encode != NULL) { - /* - * In the Montgomery case we just turned R*H (representing H) - * into 1/(R*H), but we need R*(1/H) (representing 1/H); i.e., - * we need to multiply by the Montgomery factor twice. - */ - if (!group->meth->field_encode(group, tmp, tmp, ctx)) - goto err; - if (!group->meth->field_encode(group, tmp, tmp, ctx)) - goto err; - } - - for (i = num - 1; i > 0; i--) { - /* - * Loop invariant: tmp is the product of the inverses of - * points[0]->Z, ..., points[i]->Z (zero-valued inputs skipped). - */ - if (BN_is_zero(points[i]->Z)) - continue; - - /* Set tmp_Z to the inverse of points[i]->Z. */ - if (!ec_field_mul(group, tmp_Z, prod_Z[i - 1], tmp, ctx)) - goto err; - /* Adjust tmp to satisfy loop invariant. */ - if (!ec_field_mul(group, tmp, tmp, points[i]->Z, ctx)) - goto err; - /* Replace points[i]->Z by its inverse. */ - if (!bn_copy(points[i]->Z, tmp_Z)) - goto err; - } - - if (!BN_is_zero(points[0]->Z)) { - /* Replace points[0]->Z by its inverse. */ - if (!bn_copy(points[0]->Z, tmp)) - goto err; - } - - /* Finally, fix up the X and Y coordinates for all points. */ - for (i = 0; i < num; i++) { - EC_POINT *p = points[i]; - - if (BN_is_zero(p->Z)) - continue; - - /* turn (X, Y, 1/Z) into (X/Z^2, Y/Z^3, 1) */ - - if (!ec_field_sqr(group, tmp, p->Z, ctx)) - goto err; - if (!ec_field_mul(group, p->X, p->X, tmp, ctx)) - goto err; - - if (!ec_field_mul(group, tmp, tmp, p->Z, ctx)) - goto err; - if (!ec_field_mul(group, p->Y, p->Y, tmp, ctx)) - goto err; - - if (!bn_copy(p->Z, one)) - goto err; - p->Z_is_one = 1; - } - - ret = 1; - - err: - BN_CTX_end(ctx); - free(prod_Z); - - return ret; -} - -static int -ec_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, - BN_CTX *ctx) -{ - BIGNUM *n0, *n1, *n2, *n3, *n4, *n5, *n6; - int ret = 0; - - if (a == b) - return EC_POINT_dbl(group, r, a, ctx); - if (EC_POINT_is_at_infinity(group, a)) - return EC_POINT_copy(r, b); - if (EC_POINT_is_at_infinity(group, b)) - return EC_POINT_copy(r, a); - - BN_CTX_start(ctx); - - if ((n0 = BN_CTX_get(ctx)) == NULL) - goto end; - if ((n1 = BN_CTX_get(ctx)) == NULL) - goto end; - if ((n2 = BN_CTX_get(ctx)) == NULL) - goto end; - if ((n3 = BN_CTX_get(ctx)) == NULL) - goto end; - if ((n4 = BN_CTX_get(ctx)) == NULL) - goto end; - if ((n5 = BN_CTX_get(ctx)) == NULL) - goto end; - if ((n6 = BN_CTX_get(ctx)) == NULL) - goto end; - - /* - * Note that in this function we must not read components of 'a' or - * 'b' once we have written the corresponding components of 'r'. ('r' - * might be one of 'a' or 'b'.) - */ - - /* n1, n2 */ - if (b->Z_is_one) { - if (!bn_copy(n1, a->X)) - goto end; - if (!bn_copy(n2, a->Y)) - goto end; - /* n1 = X_a */ - /* n2 = Y_a */ - } else { - if (!ec_field_sqr(group, n0, b->Z, ctx)) - goto end; - if (!ec_field_mul(group, n1, a->X, n0, ctx)) - goto end; - /* n1 = X_a * Z_b^2 */ - - if (!ec_field_mul(group, n0, n0, b->Z, ctx)) - goto end; - if (!ec_field_mul(group, n2, a->Y, n0, ctx)) - goto end; - /* n2 = Y_a * Z_b^3 */ - } - - /* n3, n4 */ - if (a->Z_is_one) { - if (!bn_copy(n3, b->X)) - goto end; - if (!bn_copy(n4, b->Y)) - goto end; - /* n3 = X_b */ - /* n4 = Y_b */ - } else { - if (!ec_field_sqr(group, n0, a->Z, ctx)) - goto end; - if (!ec_field_mul(group, n3, b->X, n0, ctx)) - goto end; - /* n3 = X_b * Z_a^2 */ - - if (!ec_field_mul(group, n0, n0, a->Z, ctx)) - goto end; - if (!ec_field_mul(group, n4, b->Y, n0, ctx)) - goto end; - /* n4 = Y_b * Z_a^3 */ - } - - /* n5, n6 */ - if (!BN_mod_sub_quick(n5, n1, n3, group->p)) - goto end; - if (!BN_mod_sub_quick(n6, n2, n4, group->p)) - goto end; - /* n5 = n1 - n3 */ - /* n6 = n2 - n4 */ - - if (BN_is_zero(n5)) { - if (BN_is_zero(n6)) { - /* a is the same point as b */ - BN_CTX_end(ctx); - ret = EC_POINT_dbl(group, r, a, ctx); - ctx = NULL; - goto end; - } else { - /* a is the inverse of b */ - BN_zero(r->Z); - r->Z_is_one = 0; - ret = 1; - goto end; - } - } - /* 'n7', 'n8' */ - if (!BN_mod_add_quick(n1, n1, n3, group->p)) - goto end; - if (!BN_mod_add_quick(n2, n2, n4, group->p)) - goto end; - /* 'n7' = n1 + n3 */ - /* 'n8' = n2 + n4 */ - - /* Z_r */ - if (a->Z_is_one && b->Z_is_one) { - if (!bn_copy(r->Z, n5)) - goto end; - } else { - if (a->Z_is_one) { - if (!bn_copy(n0, b->Z)) - goto end; - } else if (b->Z_is_one) { - if (!bn_copy(n0, a->Z)) - goto end; - } else { - if (!ec_field_mul(group, n0, a->Z, b->Z, ctx)) - goto end; - } - if (!ec_field_mul(group, r->Z, n0, n5, ctx)) - goto end; - } - r->Z_is_one = 0; - /* Z_r = Z_a * Z_b * n5 */ - - /* X_r */ - if (!ec_field_sqr(group, n0, n6, ctx)) - goto end; - if (!ec_field_sqr(group, n4, n5, ctx)) - goto end; - if (!ec_field_mul(group, n3, n1, n4, ctx)) - goto end; - if (!BN_mod_sub_quick(r->X, n0, n3, group->p)) - goto end; - /* X_r = n6^2 - n5^2 * 'n7' */ - - /* 'n9' */ - if (!BN_mod_lshift1_quick(n0, r->X, group->p)) - goto end; - if (!BN_mod_sub_quick(n0, n3, n0, group->p)) - goto end; - /* n9 = n5^2 * 'n7' - 2 * X_r */ - - /* Y_r */ - if (!ec_field_mul(group, n0, n0, n6, ctx)) - goto end; - if (!ec_field_mul(group, n5, n4, n5, ctx)) - goto end; /* now n5 is n5^3 */ - if (!ec_field_mul(group, n1, n2, n5, ctx)) - goto end; - if (!BN_mod_sub_quick(n0, n0, n1, group->p)) - goto end; - if (BN_is_odd(n0)) - if (!BN_add(n0, n0, group->p)) - goto end; - /* now 0 <= n0 < 2*p, and n0 is even */ - if (!BN_rshift1(r->Y, n0)) - goto end; - /* Y_r = (n6 * 'n9' - 'n8' * 'n5^3') / 2 */ - - ret = 1; - - end: - BN_CTX_end(ctx); - - return ret; -} - -static int -ec_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx) -{ - BIGNUM *n0, *n1, *n2, *n3; - int ret = 0; - - if (EC_POINT_is_at_infinity(group, a)) - return EC_POINT_set_to_infinity(group, r); - - BN_CTX_start(ctx); - - if ((n0 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((n1 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((n2 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((n3 = BN_CTX_get(ctx)) == NULL) - goto err; - - /* - * Note that in this function we must not read components of 'a' once - * we have written the corresponding components of 'r'. ('r' might - * the same as 'a'.) - */ - - /* n1 */ - if (a->Z_is_one) { - if (!ec_field_sqr(group, n0, a->X, ctx)) - goto err; - if (!BN_mod_lshift1_quick(n1, n0, group->p)) - goto err; - if (!BN_mod_add_quick(n0, n0, n1, group->p)) - goto err; - if (!BN_mod_add_quick(n1, n0, group->a, group->p)) - goto err; - /* n1 = 3 * X_a^2 + a_curve */ - } else if (group->a_is_minus3) { - if (!ec_field_sqr(group, n1, a->Z, ctx)) - goto err; - if (!BN_mod_add_quick(n0, a->X, n1, group->p)) - goto err; - if (!BN_mod_sub_quick(n2, a->X, n1, group->p)) - goto err; - if (!ec_field_mul(group, n1, n0, n2, ctx)) - goto err; - if (!BN_mod_lshift1_quick(n0, n1, group->p)) - goto err; - if (!BN_mod_add_quick(n1, n0, n1, group->p)) - goto err; - /* - * n1 = 3 * (X_a + Z_a^2) * (X_a - Z_a^2) = 3 * X_a^2 - 3 * - * Z_a^4 - */ - } else { - if (!ec_field_sqr(group, n0, a->X, ctx)) - goto err; - if (!BN_mod_lshift1_quick(n1, n0, group->p)) - goto err; - if (!BN_mod_add_quick(n0, n0, n1, group->p)) - goto err; - if (!ec_field_sqr(group, n1, a->Z, ctx)) - goto err; - if (!ec_field_sqr(group, n1, n1, ctx)) - goto err; - if (!ec_field_mul(group, n1, n1, group->a, ctx)) - goto err; - if (!BN_mod_add_quick(n1, n1, n0, group->p)) - goto err; - /* n1 = 3 * X_a^2 + a_curve * Z_a^4 */ - } - - /* Z_r */ - if (a->Z_is_one) { - if (!bn_copy(n0, a->Y)) - goto err; - } else { - if (!ec_field_mul(group, n0, a->Y, a->Z, ctx)) - goto err; - } - if (!BN_mod_lshift1_quick(r->Z, n0, group->p)) - goto err; - r->Z_is_one = 0; - /* Z_r = 2 * Y_a * Z_a */ - - /* n2 */ - if (!ec_field_sqr(group, n3, a->Y, ctx)) - goto err; - if (!ec_field_mul(group, n2, a->X, n3, ctx)) - goto err; - if (!BN_mod_lshift_quick(n2, n2, 2, group->p)) - goto err; - /* n2 = 4 * X_a * Y_a^2 */ - - /* X_r */ - if (!BN_mod_lshift1_quick(n0, n2, group->p)) - goto err; - if (!ec_field_sqr(group, r->X, n1, ctx)) - goto err; - if (!BN_mod_sub_quick(r->X, r->X, n0, group->p)) - goto err; - /* X_r = n1^2 - 2 * n2 */ - - /* n3 */ - if (!ec_field_sqr(group, n0, n3, ctx)) - goto err; - if (!BN_mod_lshift_quick(n3, n0, 3, group->p)) - goto err; - /* n3 = 8 * Y_a^4 */ - - /* Y_r */ - if (!BN_mod_sub_quick(n0, n2, r->X, group->p)) - goto err; - if (!ec_field_mul(group, n0, n1, n0, ctx)) - goto err; - if (!BN_mod_sub_quick(r->Y, n0, n3, group->p)) - goto err; - /* Y_r = n1 * (n2 - X_r) - n3 */ - - ret = 1; - - err: - BN_CTX_end(ctx); - - return ret; -} - -static int -ec_invert(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx) -{ - if (EC_POINT_is_at_infinity(group, point) || BN_is_zero(point->Y)) - /* point is its own inverse */ - return 1; - - return BN_usub(point->Y, group->p, point->Y); -} - -/* - * Apply randomization of EC point Jacobian projective coordinates: - * - * (X, Y, Z) = (lambda^2 * X, lambda^3 * Y, lambda * Z) - * - * where lambda is in the interval [1, p). - */ -static int -ec_blind_coordinates(const EC_GROUP *group, EC_POINT *p, BN_CTX *ctx) -{ - BIGNUM *lambda = NULL; - BIGNUM *tmp = NULL; - int ret = 0; - - BN_CTX_start(ctx); - if ((lambda = BN_CTX_get(ctx)) == NULL) - goto err; - if ((tmp = BN_CTX_get(ctx)) == NULL) - goto err; - - /* Generate lambda in [1, p). */ - if (!bn_rand_interval(lambda, 1, group->p)) - goto err; - - if (group->meth->field_encode != NULL && - !group->meth->field_encode(group, lambda, lambda, ctx)) - goto err; - - /* Z = lambda * Z */ - if (!ec_field_mul(group, p->Z, lambda, p->Z, ctx)) - goto err; - - /* tmp = lambda^2 */ - if (!ec_field_sqr(group, tmp, lambda, ctx)) - goto err; - - /* X = lambda^2 * X */ - if (!ec_field_mul(group, p->X, tmp, p->X, ctx)) - goto err; - - /* tmp = lambda^3 */ - if (!ec_field_mul(group, tmp, tmp, lambda, ctx)) - goto err; - - /* Y = lambda^3 * Y */ - if (!ec_field_mul(group, p->Y, tmp, p->Y, ctx)) - goto err; - - /* Disable optimized arithmetics after replacing Z by lambda * Z. */ - p->Z_is_one = 0; - - ret = 1; - - err: - BN_CTX_end(ctx); - return ret; -} - -#define EC_POINT_BN_set_flags(P, flags) do { \ - BN_set_flags((P)->X, (flags)); \ - BN_set_flags((P)->Y, (flags)); \ - BN_set_flags((P)->Z, (flags)); \ -} while(0) - -#define EC_POINT_CSWAP(c, a, b, w, t) do { \ - if (!BN_swap_ct(c, (a)->X, (b)->X, w) || \ - !BN_swap_ct(c, (a)->Y, (b)->Y, w) || \ - !BN_swap_ct(c, (a)->Z, (b)->Z, w)) \ - goto err; \ - t = ((a)->Z_is_one ^ (b)->Z_is_one) & (c); \ - (a)->Z_is_one ^= (t); \ - (b)->Z_is_one ^= (t); \ -} while(0) - -/* - * This function computes (in constant time) a point multiplication over the - * EC group. - * - * At a high level, it is Montgomery ladder with conditional swaps. - * - * It performs either a fixed point multiplication - * (scalar * generator) - * when point is NULL, or a variable point multiplication - * (scalar * point) - * when point is not NULL. - * - * scalar should be in the range [0,n) otherwise all constant time bets are off. - * - * NB: This says nothing about EC_POINT_add and EC_POINT_dbl, - * which of course are not constant time themselves. - * - * The product is stored in r. - * - * Returns 1 on success, 0 otherwise. - */ -static int -ec_mul_ct(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, - const EC_POINT *point, BN_CTX *ctx) -{ - int i, cardinality_bits, group_top, kbit, pbit, Z_is_one; - EC_POINT *s = NULL; - BIGNUM *k = NULL; - BIGNUM *lambda = NULL; - BIGNUM *cardinality = NULL; - int ret = 0; - - BN_CTX_start(ctx); - - if ((s = EC_POINT_dup(point, group)) == NULL) - goto err; - - EC_POINT_BN_set_flags(s, BN_FLG_CONSTTIME); - - if ((cardinality = BN_CTX_get(ctx)) == NULL) - goto err; - if ((lambda = BN_CTX_get(ctx)) == NULL) - goto err; - if ((k = BN_CTX_get(ctx)) == NULL) - goto err; - if (!BN_mul(cardinality, group->order, group->cofactor, ctx)) - goto err; - - /* - * Group cardinalities are often on a word boundary. - * So when we pad the scalar, some timing diff might - * pop if it needs to be expanded due to carries. - * So expand ahead of time. - */ - cardinality_bits = BN_num_bits(cardinality); - group_top = cardinality->top; - if (!bn_wexpand(k, group_top + 2) || - !bn_wexpand(lambda, group_top + 2)) - goto err; - - if (!bn_copy(k, scalar)) - goto err; - - BN_set_flags(k, BN_FLG_CONSTTIME); - - if (BN_num_bits(k) > cardinality_bits || BN_is_negative(k)) { - /* - * This is an unusual input, and we don't guarantee - * constant-timeness - */ - if (!BN_nnmod(k, k, cardinality, ctx)) - goto err; - } - - if (!BN_add(lambda, k, cardinality)) - goto err; - BN_set_flags(lambda, BN_FLG_CONSTTIME); - if (!BN_add(k, lambda, cardinality)) - goto err; - /* - * lambda := scalar + cardinality - * k := scalar + 2*cardinality - */ - kbit = BN_is_bit_set(lambda, cardinality_bits); - if (!BN_swap_ct(kbit, k, lambda, group_top + 2)) - goto err; - - group_top = group->p->top; - if (!bn_wexpand(s->X, group_top) || - !bn_wexpand(s->Y, group_top) || - !bn_wexpand(s->Z, group_top) || - !bn_wexpand(r->X, group_top) || - !bn_wexpand(r->Y, group_top) || - !bn_wexpand(r->Z, group_top)) - goto err; - - /* - * Apply coordinate blinding for EC_POINT if the underlying EC_METHOD - * implements it. - */ - if (!ec_blind_coordinates(group, s, ctx)) - goto err; - - /* top bit is a 1, in a fixed pos */ - if (!EC_POINT_copy(r, s)) - goto err; - - EC_POINT_BN_set_flags(r, BN_FLG_CONSTTIME); - - if (!EC_POINT_dbl(group, s, s, ctx)) - goto err; - - pbit = 0; - - /* - * The ladder step, with branches, is - * - * k[i] == 0: S = add(R, S), R = dbl(R) - * k[i] == 1: R = add(S, R), S = dbl(S) - * - * Swapping R, S conditionally on k[i] leaves you with state - * - * k[i] == 0: T, U = R, S - * k[i] == 1: T, U = S, R - * - * Then perform the ECC ops. - * - * U = add(T, U) - * T = dbl(T) - * - * Which leaves you with state - * - * k[i] == 0: U = add(R, S), T = dbl(R) - * k[i] == 1: U = add(S, R), T = dbl(S) - * - * Swapping T, U conditionally on k[i] leaves you with state - * - * k[i] == 0: R, S = T, U - * k[i] == 1: R, S = U, T - * - * Which leaves you with state - * - * k[i] == 0: S = add(R, S), R = dbl(R) - * k[i] == 1: R = add(S, R), S = dbl(S) - * - * So we get the same logic, but instead of a branch it's a - * conditional swap, followed by ECC ops, then another conditional swap. - * - * Optimization: The end of iteration i and start of i-1 looks like - * - * ... - * CSWAP(k[i], R, S) - * ECC - * CSWAP(k[i], R, S) - * (next iteration) - * CSWAP(k[i-1], R, S) - * ECC - * CSWAP(k[i-1], R, S) - * ... - * - * So instead of two contiguous swaps, you can merge the condition - * bits and do a single swap. - * - * k[i] k[i-1] Outcome - * 0 0 No Swap - * 0 1 Swap - * 1 0 Swap - * 1 1 No Swap - * - * This is XOR. pbit tracks the previous bit of k. - */ - - for (i = cardinality_bits - 1; i >= 0; i--) { - kbit = BN_is_bit_set(k, i) ^ pbit; - EC_POINT_CSWAP(kbit, r, s, group_top, Z_is_one); - if (!EC_POINT_add(group, s, r, s, ctx)) - goto err; - if (!EC_POINT_dbl(group, r, r, ctx)) - goto err; - /* - * pbit logic merges this cswap with that of the - * next iteration - */ - pbit ^= kbit; - } - /* one final cswap to move the right value into r */ - EC_POINT_CSWAP(pbit, r, s, group_top, Z_is_one); - - ret = 1; - - err: - EC_POINT_free(s); - BN_CTX_end(ctx); - - return ret; -} - -#undef EC_POINT_BN_set_flags -#undef EC_POINT_CSWAP - -static int -ec_mul_single_ct(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, - const EC_POINT *point, BN_CTX *ctx) -{ - return ec_mul_ct(group, r, scalar, point, ctx); -} - -static int -ec_mul_double_nonct(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar1, - const EC_POINT *point1, const BIGNUM *scalar2, const EC_POINT *point2, - BN_CTX *ctx) -{ - return ec_wnaf_mul(group, r, scalar1, point1, scalar2, point2, ctx); -} - -static int -ec_simple_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, - const BIGNUM *b, BN_CTX *ctx) -{ - return BN_mod_mul(r, a, b, group->p, ctx); -} - -static int -ec_simple_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) -{ - return BN_mod_sqr(r, a, group->p, ctx); -} - -static int -ec_mont_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, - const BIGNUM *b, BN_CTX *ctx) -{ - BN_MONT_CTX_free(group->mont_ctx); - if ((group->mont_ctx = BN_MONT_CTX_create(p, ctx)) == NULL) - goto err; - - if (!ec_group_set_curve(group, p, a, b, ctx)) - goto err; - - return 1; - - err: - BN_MONT_CTX_free(group->mont_ctx); - group->mont_ctx = NULL; - - return 0; -} - -static int -ec_mont_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, - const BIGNUM *b, BN_CTX *ctx) -{ - if (group->mont_ctx == NULL) { - ECerror(EC_R_NOT_INITIALIZED); - return 0; - } - return BN_mod_mul_montgomery(r, a, b, group->mont_ctx, ctx); -} - -static int -ec_mont_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, - BN_CTX *ctx) -{ - if (group->mont_ctx == NULL) { - ECerror(EC_R_NOT_INITIALIZED); - return 0; - } - return BN_mod_mul_montgomery(r, a, a, group->mont_ctx, ctx); -} - -static int -ec_mont_field_encode(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, - BN_CTX *ctx) -{ - if (group->mont_ctx == NULL) { - ECerror(EC_R_NOT_INITIALIZED); - return 0; - } - return BN_to_montgomery(r, a, group->mont_ctx, ctx); -} - -static int -ec_mont_field_decode(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, - BN_CTX *ctx) -{ - if (group->mont_ctx == NULL) { - ECerror(EC_R_NOT_INITIALIZED); - return 0; - } - return BN_from_montgomery(r, a, group->mont_ctx, ctx); -} - -static const EC_METHOD ec_GFp_simple_method = { - .group_set_curve = ec_group_set_curve, - .group_get_curve = ec_group_get_curve, - .point_is_on_curve = ec_point_is_on_curve, - .point_cmp = ec_point_cmp, - .point_set_affine_coordinates = ec_point_set_affine_coordinates, - .point_get_affine_coordinates = ec_point_get_affine_coordinates, - .points_make_affine = ec_points_make_affine, - .add = ec_add, - .dbl = ec_dbl, - .invert = ec_invert, - .mul_single_ct = ec_mul_single_ct, - .mul_double_nonct = ec_mul_double_nonct, - .field_mul = ec_simple_field_mul, - .field_sqr = ec_simple_field_sqr, -}; - -const EC_METHOD * -EC_GFp_simple_method(void) -{ - return &ec_GFp_simple_method; -} - -static const EC_METHOD ec_GFp_mont_method = { - .group_set_curve = ec_mont_group_set_curve, - .group_get_curve = ec_group_get_curve, - .point_is_on_curve = ec_point_is_on_curve, - .point_cmp = ec_point_cmp, - .point_set_affine_coordinates = ec_point_set_affine_coordinates, - .point_get_affine_coordinates = ec_point_get_affine_coordinates, - .points_make_affine = ec_points_make_affine, - .add = ec_add, - .dbl = ec_dbl, - .invert = ec_invert, - .mul_single_ct = ec_mul_single_ct, - .mul_double_nonct = ec_mul_double_nonct, - .field_mul = ec_mont_field_mul, - .field_sqr = ec_mont_field_sqr, - .field_encode = ec_mont_field_encode, - .field_decode = ec_mont_field_decode, -}; - -const EC_METHOD * -EC_GFp_mont_method(void) -{ - return &ec_GFp_mont_method; -} diff --git a/src/lib/libcrypto/ec/ecx_methods.c b/src/lib/libcrypto/ec/ecx_methods.c deleted file mode 100644 index 6b5759d4fa..0000000000 --- a/src/lib/libcrypto/ec/ecx_methods.c +++ /dev/null @@ -1,973 +0,0 @@ -/* $OpenBSD: ecx_methods.c,v 1.14 2024/08/28 07:15:04 tb Exp $ */ -/* - * Copyright (c) 2022 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include -#include -#include -#include -#include -#include - -#include "asn1_local.h" -#include "bytestring.h" -#include "curve25519_internal.h" -#include "evp_local.h" -#include "x509_local.h" - -/* - * EVP PKEY and PKEY ASN.1 methods Ed25519 and X25519. - * - * RFC 7748 - Elliptic Curves for Security. - * RFC 8032 - Edwards-Curve Digital Signature Algorithm (EdDSA). - */ - -#define ED25519_BITS 253 -#define ED25519_SECURITY_BITS 128 -#define ED25519_SIG_SIZE 64 - -#define X25519_BITS 253 -#define X25519_SECURITY_BITS 128 - -static int -ecx_key_len(int nid) -{ - switch (nid) { - case NID_ED25519: - return ED25519_KEYLEN; - case NID_X25519: - return X25519_KEYLEN; - } - - return 0; -} - -static struct ecx_key_st * -ecx_key_new(int nid) -{ - struct ecx_key_st *ecx_key; - int key_len; - - if ((key_len = ecx_key_len(nid)) == 0) - return NULL; - - if ((ecx_key = calloc(1, sizeof(*ecx_key))) == NULL) - return NULL; - - ecx_key->nid = nid; - ecx_key->key_len = key_len; - - return ecx_key; -} - -static void -ecx_key_clear(struct ecx_key_st *ecx_key) -{ - freezero(ecx_key->priv_key, ecx_key->priv_key_len); - ecx_key->priv_key = NULL; - ecx_key->priv_key_len = 0; - - freezero(ecx_key->pub_key, ecx_key->pub_key_len); - ecx_key->pub_key = NULL; - ecx_key->pub_key_len = 0; -} - -static void -ecx_key_free(struct ecx_key_st *ecx_key) -{ - if (ecx_key == NULL) - return; - - ecx_key_clear(ecx_key); - - freezero(ecx_key, sizeof(*ecx_key)); -} - -static int -ecx_key_generate(struct ecx_key_st *ecx_key) -{ - uint8_t *pub_key = NULL, *priv_key = NULL; - int ret = 0; - - ecx_key_clear(ecx_key); - - if ((pub_key = calloc(1, ecx_key->key_len)) == NULL) - goto err; - if ((priv_key = calloc(1, ecx_key->key_len)) == NULL) - goto err; - - switch (ecx_key->nid) { - case NID_ED25519: - ED25519_keypair(pub_key, priv_key); - break; - case NID_X25519: - X25519_keypair(pub_key, priv_key); - break; - default: - goto err; - } - - ecx_key->priv_key = priv_key; - ecx_key->priv_key_len = ecx_key->key_len; - priv_key = NULL; - - ecx_key->pub_key = pub_key; - ecx_key->pub_key_len = ecx_key->key_len; - pub_key = NULL; - - ret = 1; - - err: - freezero(pub_key, ecx_key->key_len); - freezero(priv_key, ecx_key->key_len); - - return ret; -} - -static int -ecx_key_set_priv(struct ecx_key_st *ecx_key, const uint8_t *priv_key, - size_t priv_key_len) -{ - uint8_t *pub_key = NULL; - CBS cbs; - - ecx_key_clear(ecx_key); - - if (priv_key_len != ecx_key->key_len) - goto err; - - if ((pub_key = calloc(1, ecx_key->key_len)) == NULL) - goto err; - - switch (ecx_key->nid) { - case NID_ED25519: - ED25519_public_from_private(pub_key, priv_key); - break; - case NID_X25519: - X25519_public_from_private(pub_key, priv_key); - break; - default: - goto err; - } - - CBS_init(&cbs, priv_key, priv_key_len); - if (!CBS_stow(&cbs, &ecx_key->priv_key, &ecx_key->priv_key_len)) - goto err; - - ecx_key->pub_key = pub_key; - ecx_key->pub_key_len = ecx_key->key_len; - pub_key = NULL; - - err: - freezero(pub_key, ecx_key->key_len); - - return 1; -} - -static int -ecx_key_set_pub(struct ecx_key_st *ecx_key, const uint8_t *pub_key, - size_t pub_key_len) -{ - CBS cbs; - - ecx_key_clear(ecx_key); - - if (pub_key_len != ecx_key->key_len) - return 0; - - CBS_init(&cbs, pub_key, pub_key_len); - if (!CBS_stow(&cbs, &ecx_key->pub_key, &ecx_key->pub_key_len)) - return 0; - - return 1; -} - -static int -ecx_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *xpubkey) -{ - struct ecx_key_st *ecx_key = NULL; - X509_ALGOR *algor; - int algor_type; - const uint8_t *param; - int param_len; - int ret = 0; - - if (!X509_PUBKEY_get0_param(NULL, ¶m, ¶m_len, &algor, xpubkey)) - goto err; - - /* Ensure that parameters have not been specified in the encoding. */ - if (algor != NULL) { - X509_ALGOR_get0(NULL, &algor_type, NULL, algor); - if (algor_type != V_ASN1_UNDEF) { - ECerror(EC_R_INVALID_ENCODING); - goto err; - } - } - - if (param == NULL || param_len != ecx_key_len(pkey->ameth->pkey_id)) { - ECerror(EC_R_INVALID_ENCODING); - goto err; - } - - if ((ecx_key = ecx_key_new(pkey->ameth->pkey_id)) == NULL) - goto err; - if (!ecx_key_set_pub(ecx_key, param, param_len)) - goto err; - if (!EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, ecx_key)) - goto err; - ecx_key = NULL; - - ret = 1; - - err: - ecx_key_free(ecx_key); - - return ret; -} - -static int -ecx_pub_encode(X509_PUBKEY *xpubkey, const EVP_PKEY *pkey) -{ - const struct ecx_key_st *ecx_key = pkey->pkey.ecx; - uint8_t *pub_key = NULL; - size_t pub_key_len = 0; - ASN1_OBJECT *aobj; - CBS cbs; - int ret = 0; - - if (ecx_key == NULL) { - ECerror(EC_R_INVALID_KEY); - goto err; - } - - if (ecx_key->pub_key_len != ecx_key->key_len) - goto err; - - if ((aobj = OBJ_nid2obj(pkey->ameth->pkey_id)) == NULL) - goto err; - - CBS_init(&cbs, ecx_key->pub_key, ecx_key->pub_key_len); - if (!CBS_stow(&cbs, &pub_key, &pub_key_len)) - goto err; - - if (!X509_PUBKEY_set0_param(xpubkey, aobj, V_ASN1_UNDEF, NULL, - pub_key, pub_key_len)) - goto err; - - pub_key = NULL; - pub_key_len = 0; - - ret = 1; - - err: - free(pub_key); - - return ret; -} - -static int -ecx_pub_cmp(const EVP_PKEY *pkey1, const EVP_PKEY *pkey2) -{ - if (pkey1->pkey.ecx == NULL || pkey1->pkey.ecx->pub_key == NULL) - return -2; - if (pkey2->pkey.ecx == NULL || pkey2->pkey.ecx->pub_key == NULL) - return -2; - if (pkey1->pkey.ecx->pub_key_len != pkey2->pkey.ecx->pub_key_len) - return -2; - - return timingsafe_memcmp(pkey1->pkey.ecx->pub_key, pkey2->pkey.ecx->pub_key, - pkey1->pkey.ecx->pub_key_len) == 0; -} - -/* Reimplementation of ASN1_buf_print() that adds a secondary indent of 4. */ -static int -ecx_buf_print(BIO *bio, const uint8_t *buf, size_t buf_len, int indent) -{ - uint8_t u8; - size_t octets = 0; - const char *sep = ":", *nl = ""; - CBS cbs; - - if (indent > 60) - indent = 60; - indent += 4; - if (indent < 0) - indent = 0; - - CBS_init(&cbs, buf, buf_len); - while (CBS_len(&cbs) > 0) { - if (!CBS_get_u8(&cbs, &u8)) - return 0; - if (octets++ % 15 == 0) { - if (BIO_printf(bio, "%s%*s", nl, indent, "") < 0) - return 0; - nl = "\n"; - } - if (CBS_len(&cbs) == 0) - sep = ""; - if (BIO_printf(bio, "%02x%s", u8, sep) <= 0) - return 0; - } - - if (BIO_printf(bio, "\n") <= 0) - return 0; - - return 1; -} - -static int -ecx_pub_print(BIO *bio, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx) -{ - struct ecx_key_st *ecx_key = pkey->pkey.ecx; - const char *name; - - if ((name = OBJ_nid2ln(pkey->ameth->pkey_id)) == NULL) - return 0; - - if (ecx_key == NULL || ecx_key->pub_key == NULL) - return BIO_printf(bio, "%*s\n", - indent, "") > 0; - - if (BIO_printf(bio, "%*s%s Public-Key:\n", indent, "", name) <= 0) - return 0; - if (BIO_printf(bio, "%*spub:\n", indent, "") <= 0) - return 0; - if (!ecx_buf_print(bio, ecx_key->pub_key, ecx_key->pub_key_len, indent)) - return 0; - - return 1; -} - -static int -ecx_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8pki) -{ - struct ecx_key_st *ecx_key = NULL; - ASN1_OCTET_STRING *aos = NULL; - const X509_ALGOR *algor; - int algor_type; - const uint8_t *param; - int param_len; - int ret = 0; - - if (!PKCS8_pkey_get0(NULL, ¶m, ¶m_len, &algor, p8pki)) - goto err; - if ((aos = d2i_ASN1_OCTET_STRING(NULL, ¶m, param_len)) == NULL) - goto err; - - /* Ensure that parameters have not been specified in the encoding. */ - if (algor != NULL) { - X509_ALGOR_get0(NULL, &algor_type, NULL, algor); - if (algor_type != V_ASN1_UNDEF) { - ECerror(EC_R_INVALID_ENCODING); - goto err; - } - } - - if (ASN1_STRING_get0_data(aos) == NULL || - ASN1_STRING_length(aos) != ecx_key_len(pkey->ameth->pkey_id)) { - ECerror(EC_R_INVALID_ENCODING); - goto err; - } - - if ((ecx_key = ecx_key_new(pkey->ameth->pkey_id)) == NULL) - goto err; - if (!ecx_key_set_priv(ecx_key, ASN1_STRING_get0_data(aos), - ASN1_STRING_length(aos))) - goto err; - if (!EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, ecx_key)) - goto err; - ecx_key = NULL; - - ret = 1; - - err: - ASN1_OCTET_STRING_free(aos); - ecx_key_free(ecx_key); - - return ret; -} - -static int -ecx_priv_encode(PKCS8_PRIV_KEY_INFO *p8pki, const EVP_PKEY *pkey) -{ - struct ecx_key_st *ecx_key = pkey->pkey.ecx; - ASN1_OCTET_STRING *aos = NULL; - ASN1_OBJECT *aobj; - uint8_t *der = NULL; - int der_len = 0; - int ret = 0; - - if (ecx_key == NULL || ecx_key->priv_key == NULL) { - ECerror(EC_R_INVALID_PRIVATE_KEY); - goto err; - } - - if ((aobj = OBJ_nid2obj(pkey->ameth->pkey_id)) == NULL) - goto err; - - if ((aos = ASN1_OCTET_STRING_new()) == NULL) - goto err; - if (!ASN1_OCTET_STRING_set(aos, ecx_key->priv_key, - ecx_key->priv_key_len)) - goto err; - if ((der_len = i2d_ASN1_OCTET_STRING(aos, &der)) < 0) - goto err; - if (!PKCS8_pkey_set0(p8pki, aobj, 0, V_ASN1_UNDEF, NULL, der, der_len)) - goto err; - - der = NULL; - der_len = 0; - - ret = 1; - - err: - freezero(der, der_len); - ASN1_OCTET_STRING_free(aos); - - return ret; -} - -static int -ecx_priv_print(BIO *bio, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx) -{ - struct ecx_key_st *ecx_key = pkey->pkey.ecx; - const char *name; - - if ((name = OBJ_nid2ln(pkey->ameth->pkey_id)) == NULL) - return 0; - - if (ecx_key == NULL || ecx_key->priv_key == NULL) - return BIO_printf(bio, "%*s\n", - indent, "") > 0; - - if (BIO_printf(bio, "%*s%s Private-Key:\n", indent, "", name) <= 0) - return 0; - if (BIO_printf(bio, "%*spriv:\n", indent, "") <= 0) - return 0; - if (!ecx_buf_print(bio, ecx_key->priv_key, ecx_key->priv_key_len, indent)) - return 0; - if (BIO_printf(bio, "%*spub:\n", indent, "") <= 0) - return 0; - if (!ecx_buf_print(bio, ecx_key->pub_key, ecx_key->pub_key_len, indent)) - return 0; - - return 1; -} - -static int -ecx_size(const EVP_PKEY *pkey) -{ - return ecx_key_len(pkey->ameth->pkey_id); -} - -static int -ecx_sig_size(const EVP_PKEY *pkey) -{ - switch (pkey->ameth->pkey_id) { - case EVP_PKEY_ED25519: - return ED25519_SIG_SIZE; - } - return 0; -} - -static int -ecx_bits(const EVP_PKEY *pkey) -{ - switch (pkey->ameth->pkey_id) { - case EVP_PKEY_ED25519: - return ED25519_BITS; - case EVP_PKEY_X25519: - return X25519_BITS; - } - return 0; -} - -static int -ecx_security_bits(const EVP_PKEY *pkey) -{ - switch (pkey->ameth->pkey_id) { - case EVP_PKEY_ED25519: - return ED25519_SECURITY_BITS; - case EVP_PKEY_X25519: - return X25519_SECURITY_BITS; - } - return 0; -} - -static int -ecx_signature_info(const X509_ALGOR *algor, int *md_nid, int *pkey_nid, - int *security_bits, uint32_t *flags) -{ - const ASN1_OBJECT *aobj; - - X509_ALGOR_get0(&aobj, NULL, NULL, algor); - if (OBJ_obj2nid(aobj) != EVP_PKEY_ED25519) - return 0; - - *md_nid = NID_undef; - *pkey_nid = NID_ED25519; - *security_bits = ED25519_SECURITY_BITS; - *flags = X509_SIG_INFO_TLS | X509_SIG_INFO_VALID; - - return 1; -} - -static int -ecx_param_cmp(const EVP_PKEY *pkey1, const EVP_PKEY *pkey2) -{ - /* No parameters, so always equivalent. */ - return 1; -} - -static void -ecx_free(EVP_PKEY *pkey) -{ - struct ecx_key_st *ecx_key = pkey->pkey.ecx; - - ecx_key_free(ecx_key); -} - -static int -ecx_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) -{ - /* Not supported. */ - return -2; -} - -#ifndef OPENSSL_NO_CMS -static int -ecx_cms_sign_or_verify(EVP_PKEY *pkey, long verify, CMS_SignerInfo *si) -{ - X509_ALGOR *digestAlgorithm, *signatureAlgorithm; - - if (verify != 0 && verify != 1) - return -1; - - /* Check that we have an Ed25519 public key. */ - if (EVP_PKEY_id(pkey) != NID_ED25519) - return -1; - - CMS_SignerInfo_get0_algs(si, NULL, NULL, &digestAlgorithm, - &signatureAlgorithm); - - /* RFC 8419, section 2.3: digestAlgorithm MUST be SHA-512. */ - if (digestAlgorithm == NULL) - return -1; - if (OBJ_obj2nid(digestAlgorithm->algorithm) != NID_sha512) - return -1; - - /* - * RFC 8419, section 2.4: signatureAlgorithm MUST be Ed25519, and the - * parameters MUST be absent. For verification check that this is the - * case, for signing set the signatureAlgorithm accordingly. - */ - if (verify) { - const ASN1_OBJECT *obj; - int param_type; - - if (signatureAlgorithm == NULL) - return -1; - - X509_ALGOR_get0(&obj, ¶m_type, NULL, signatureAlgorithm); - if (OBJ_obj2nid(obj) != NID_ED25519) - return -1; - if (param_type != V_ASN1_UNDEF) - return -1; - - return 1; - } - - if (!X509_ALGOR_set0_by_nid(signatureAlgorithm, NID_ED25519, - V_ASN1_UNDEF, NULL)) - return -1; - - return 1; -} -#endif - -static int -ecx_sign_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) -{ - switch (op) { -#ifndef OPENSSL_NO_CMS - case ASN1_PKEY_CTRL_CMS_SIGN: - return ecx_cms_sign_or_verify(pkey, arg1, arg2); -#endif - case ASN1_PKEY_CTRL_DEFAULT_MD_NID: - /* PureEdDSA does its own hashing. */ - *(int *)arg2 = NID_undef; - return 2; - } - return -2; -} - -static int -ecx_set_priv_key(EVP_PKEY *pkey, const uint8_t *priv, size_t len) -{ - struct ecx_key_st *ecx_key = NULL; - int ret = 0; - - if (priv == NULL || len != ecx_key_len(pkey->ameth->pkey_id)) { - ECerror(EC_R_INVALID_ENCODING); - goto err; - } - - if ((ecx_key = ecx_key_new(pkey->ameth->pkey_id)) == NULL) - goto err; - if (!ecx_key_set_priv(ecx_key, priv, len)) - goto err; - if (!EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, ecx_key)) - goto err; - ecx_key = NULL; - - ret = 1; - - err: - ecx_key_free(ecx_key); - - return ret; -} - -static int -ecx_set_pub_key(EVP_PKEY *pkey, const uint8_t *pub, size_t len) -{ - struct ecx_key_st *ecx_key = NULL; - int ret = 0; - - if (pub == NULL || len != ecx_key_len(pkey->ameth->pkey_id)) { - ECerror(EC_R_INVALID_ENCODING); - goto err; - } - - if ((ecx_key = ecx_key_new(pkey->ameth->pkey_id)) == NULL) - goto err; - if (!ecx_key_set_pub(ecx_key, pub, len)) - goto err; - if (!EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, ecx_key)) - goto err; - ecx_key = NULL; - - ret = 1; - - err: - ecx_key_free(ecx_key); - - return ret; -} - -static int -ecx_get_priv_key(const EVP_PKEY *pkey, unsigned char *out_priv, size_t *out_len) -{ - struct ecx_key_st *ecx_key = pkey->pkey.ecx; - CBS cbs; - - if (out_priv == NULL) { - *out_len = ecx_key_len(pkey->ameth->pkey_id); - return 1; - } - - if (ecx_key == NULL || ecx_key->priv_key == NULL) - return 0; - - CBS_init(&cbs, ecx_key->priv_key, ecx_key->priv_key_len); - if (!CBS_write_bytes(&cbs, out_priv, *out_len, out_len)) - return 0; - - return 1; -} - -static int -ecx_get_pub_key(const EVP_PKEY *pkey, unsigned char *out_pub, size_t *out_len) -{ - struct ecx_key_st *ecx_key = pkey->pkey.ecx; - CBS cbs; - - if (out_pub == NULL) { - *out_len = ecx_key_len(pkey->ameth->pkey_id); - return 1; - } - - if (ecx_key == NULL || ecx_key->pub_key == NULL) - return 0; - - CBS_init(&cbs, ecx_key->pub_key, ecx_key->pub_key_len); - if (!CBS_write_bytes(&cbs, out_pub, *out_len, out_len)) - return 0; - - return 1; -} - -static int -pkey_ecx_keygen(EVP_PKEY_CTX *pkey_ctx, EVP_PKEY *pkey) -{ - struct ecx_key_st *ecx_key = NULL; - int ret = 0; - - if ((ecx_key = ecx_key_new(pkey_ctx->pmeth->pkey_id)) == NULL) - goto err; - if (!ecx_key_generate(ecx_key)) - goto err; - if (!EVP_PKEY_assign(pkey, pkey_ctx->pmeth->pkey_id, ecx_key)) - goto err; - ecx_key = NULL; - - ret = 1; - - err: - ecx_key_free(ecx_key); - - return ret; -} - -static int -pkey_ecx_derive(EVP_PKEY_CTX *pkey_ctx, unsigned char *out_key, - size_t *out_key_len) -{ - struct ecx_key_st *ecx_key, *ecx_peer_key; - - if (pkey_ctx->pkey == NULL || pkey_ctx->peerkey == NULL) { - ECerror(EC_R_KEYS_NOT_SET); - return 0; - } - - if ((ecx_key = pkey_ctx->pkey->pkey.ecx) == NULL) { - ECerror(EC_R_INVALID_PRIVATE_KEY); - return 0; - } - if (ecx_key->priv_key == NULL) { - ECerror(EC_R_INVALID_PRIVATE_KEY); - return 0; - } - - if ((ecx_peer_key = pkey_ctx->peerkey->pkey.ecx) == NULL) { - ECerror(EC_R_INVALID_PEER_KEY); - return 0; - } - - if (out_key != NULL) { - if (!X25519(out_key, ecx_key->priv_key, ecx_peer_key->pub_key)) - return 0; - } - - *out_key_len = X25519_KEYLEN; - - return 1; -} - -static int -pkey_ecx_ctrl(EVP_PKEY_CTX *pkey_ctx, int op, int arg1, void *arg2) -{ - if (op == EVP_PKEY_CTRL_PEER_KEY) - return 1; - - return -2; -} - -static int -ecx_item_verify(EVP_MD_CTX *md_ctx, const ASN1_ITEM *it, void *asn, - X509_ALGOR *algor, ASN1_BIT_STRING *abs, EVP_PKEY *pkey) -{ - const ASN1_OBJECT *aobj; - int nid, param_type; - - X509_ALGOR_get0(&aobj, ¶m_type, NULL, algor); - - nid = OBJ_obj2nid(aobj); - - if (nid != NID_ED25519 || param_type != V_ASN1_UNDEF) { - ECerror(EC_R_INVALID_ENCODING); - return -1; - } - - if (!EVP_DigestVerifyInit(md_ctx, NULL, NULL, NULL, pkey)) - return -1; - - return 2; -} - -static int -ecx_item_sign(EVP_MD_CTX *md_ctx, const ASN1_ITEM *it, void *asn, - X509_ALGOR *algor1, X509_ALGOR *algor2, ASN1_BIT_STRING *abs) -{ - if (!X509_ALGOR_set0_by_nid(algor1, NID_ED25519, V_ASN1_UNDEF, NULL)) - return 0; - - if (algor2 != NULL) { - if (!X509_ALGOR_set0_by_nid(algor2, NID_ED25519, V_ASN1_UNDEF, - NULL)) - return 0; - } - - /* Tell ASN1_item_sign_ctx() that identifiers are set and it needs to sign. */ - return 3; -} - -static int -pkey_ecx_digestsign(EVP_MD_CTX *md_ctx, unsigned char *out_sig, - size_t *out_sig_len, const unsigned char *message, size_t message_len) -{ - struct ecx_key_st *ecx_key; - EVP_PKEY_CTX *pkey_ctx; - - pkey_ctx = EVP_MD_CTX_pkey_ctx(md_ctx); - ecx_key = pkey_ctx->pkey->pkey.ecx; - - if (out_sig == NULL) { - *out_sig_len = ecx_sig_size(pkey_ctx->pkey); - return 1; - } - if (*out_sig_len < ecx_sig_size(pkey_ctx->pkey)) { - ECerror(EC_R_BUFFER_TOO_SMALL); - return 0; - } - - if (ecx_key == NULL) - return 0; - if (ecx_key->priv_key == NULL || ecx_key->pub_key == NULL) - return 0; - - if (!ED25519_sign(out_sig, message, message_len, ecx_key->pub_key, - ecx_key->priv_key)) - return 0; - - *out_sig_len = ecx_sig_size(pkey_ctx->pkey); - - return 1; -} - -static int -pkey_ecx_digestverify(EVP_MD_CTX *md_ctx, const unsigned char *sig, - size_t sig_len, const unsigned char *message, size_t message_len) -{ - struct ecx_key_st *ecx_key; - EVP_PKEY_CTX *pkey_ctx; - - pkey_ctx = EVP_MD_CTX_pkey_ctx(md_ctx); - ecx_key = pkey_ctx->pkey->pkey.ecx; - - if (ecx_key == NULL || ecx_key->pub_key == NULL) - return -1; - if (sig_len != ecx_sig_size(pkey_ctx->pkey)) - return -1; - - return ED25519_verify(message, message_len, sig, ecx_key->pub_key); -} - -static int -pkey_ecx_ed_ctrl(EVP_PKEY_CTX *pkey_ctx, int op, int arg1, void *arg2) -{ - switch (op) { - case EVP_PKEY_CTRL_MD: - /* PureEdDSA does its own hashing. */ - if (arg2 != NULL && (const EVP_MD *)arg2 != EVP_md_null()) { - ECerror(EC_R_INVALID_DIGEST_TYPE); - return 0; - } - return 1; - -#ifndef OPENSSL_NO_CMS - case EVP_PKEY_CTRL_CMS_SIGN: -#endif - case EVP_PKEY_CTRL_DIGESTINIT: - return 1; - } - return -2; -} - -const EVP_PKEY_ASN1_METHOD x25519_asn1_meth = { - .base_method = &x25519_asn1_meth, - .pkey_id = EVP_PKEY_X25519, - .pkey_flags = 0, - .pem_str = "X25519", - .info = "OpenSSL X25519 algorithm", - - .pub_decode = ecx_pub_decode, - .pub_encode = ecx_pub_encode, - .pub_cmp = ecx_pub_cmp, - .pub_print = ecx_pub_print, - - .priv_decode = ecx_priv_decode, - .priv_encode = ecx_priv_encode, - .priv_print = ecx_priv_print, - - .pkey_size = ecx_size, - .pkey_bits = ecx_bits, - .pkey_security_bits = ecx_security_bits, - - .param_cmp = ecx_param_cmp, - - .pkey_free = ecx_free, - .pkey_ctrl = ecx_ctrl, - - .set_priv_key = ecx_set_priv_key, - .set_pub_key = ecx_set_pub_key, - .get_priv_key = ecx_get_priv_key, - .get_pub_key = ecx_get_pub_key, -}; - -const EVP_PKEY_METHOD x25519_pkey_meth = { - .pkey_id = EVP_PKEY_X25519, - .keygen = pkey_ecx_keygen, - .derive = pkey_ecx_derive, - .ctrl = pkey_ecx_ctrl, -}; - -const EVP_PKEY_ASN1_METHOD ed25519_asn1_meth = { - .base_method = &ed25519_asn1_meth, - .pkey_id = EVP_PKEY_ED25519, - .pkey_flags = 0, - .pem_str = "ED25519", - .info = "OpenSSL ED25519 algorithm", - - .pub_decode = ecx_pub_decode, - .pub_encode = ecx_pub_encode, - .pub_cmp = ecx_pub_cmp, - .pub_print = ecx_pub_print, - - .priv_decode = ecx_priv_decode, - .priv_encode = ecx_priv_encode, - .priv_print = ecx_priv_print, - - .pkey_size = ecx_sig_size, - .pkey_bits = ecx_bits, - .pkey_security_bits = ecx_security_bits, - - .signature_info = ecx_signature_info, - - .param_cmp = ecx_param_cmp, - - .pkey_free = ecx_free, - .pkey_ctrl = ecx_sign_ctrl, - - .item_verify = ecx_item_verify, - .item_sign = ecx_item_sign, - - .set_priv_key = ecx_set_priv_key, - .set_pub_key = ecx_set_pub_key, - .get_priv_key = ecx_get_priv_key, - .get_pub_key = ecx_get_pub_key, -}; - -const EVP_PKEY_METHOD ed25519_pkey_meth = { - .pkey_id = EVP_PKEY_ED25519, - .flags = EVP_PKEY_FLAG_SIGCTX_CUSTOM, - .keygen = pkey_ecx_keygen, - .ctrl = pkey_ecx_ed_ctrl, - .digestsign = pkey_ecx_digestsign, - .digestverify = pkey_ecx_digestverify, -}; diff --git a/src/lib/libcrypto/ecdh/ecdh.c b/src/lib/libcrypto/ecdh/ecdh.c deleted file mode 100644 index dbb91f1991..0000000000 --- a/src/lib/libcrypto/ecdh/ecdh.c +++ /dev/null @@ -1,281 +0,0 @@ -/* $OpenBSD: ecdh.c,v 1.11 2025/02/17 09:25:45 tb Exp $ */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * - * The Elliptic Curve Public-Key Crypto Library (ECC Code) included - * herein is developed by SUN MICROSYSTEMS, INC., and is contributed - * to the OpenSSL project. - * - * The ECC Code is licensed pursuant to the OpenSSL open source - * license provided below. - * - * The ECDH software is originally written by Douglas Stebila of - * Sun Microsystems Laboratories. - * - */ -/* ==================================================================== - * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include - -#include -#include -#include -#include - -#include "ec_local.h" - -/* - * Key derivation function from X9.63/SECG. - */ - -/* Way more than we will ever need */ -#define ECDH_KDF_MAX (1 << 30) - -int -ecdh_KDF_X9_63(unsigned char *out, size_t outlen, const unsigned char *Z, - size_t Zlen, const unsigned char *sinfo, size_t sinfolen, const EVP_MD *md) -{ - EVP_MD_CTX *mctx = NULL; - unsigned int i; - size_t mdlen; - unsigned char ctr[4]; - int rv = 0; - - if (sinfolen > ECDH_KDF_MAX || outlen > ECDH_KDF_MAX || - Zlen > ECDH_KDF_MAX) - return 0; - mctx = EVP_MD_CTX_new(); - if (mctx == NULL) - return 0; - mdlen = EVP_MD_size(md); - for (i = 1;; i++) { - unsigned char mtmp[EVP_MAX_MD_SIZE]; - if (!EVP_DigestInit_ex(mctx, md, NULL)) - goto err; - ctr[3] = i & 0xFF; - ctr[2] = (i >> 8) & 0xFF; - ctr[1] = (i >> 16) & 0xFF; - ctr[0] = (i >> 24) & 0xFF; - if (!EVP_DigestUpdate(mctx, Z, Zlen)) - goto err; - if (!EVP_DigestUpdate(mctx, ctr, sizeof(ctr))) - goto err; - if (!EVP_DigestUpdate(mctx, sinfo, sinfolen)) - goto err; - if (outlen >= mdlen) { - if (!EVP_DigestFinal(mctx, out, NULL)) - goto err; - outlen -= mdlen; - if (outlen == 0) - break; - out += mdlen; - } else { - if (!EVP_DigestFinal(mctx, mtmp, NULL)) - goto err; - memcpy(out, mtmp, outlen); - explicit_bzero(mtmp, mdlen); - break; - } - } - rv = 1; - - err: - EVP_MD_CTX_free(mctx); - - return rv; -} - -/* - * Based on the ECKAS-DH1 and ECSVDP-DH primitives in the IEEE 1363 standard. - */ -int -ecdh_compute_key(unsigned char **out, size_t *out_len, const EC_POINT *pub_key, - const EC_KEY *ecdh) -{ - BN_CTX *ctx; - BIGNUM *x; - const BIGNUM *priv_key; - const EC_GROUP *group; - EC_POINT *point = NULL; - unsigned char *buf = NULL; - int buf_len = 0; - int ret = 0; - - *out = NULL; - *out_len = 0; - - if ((ctx = BN_CTX_new()) == NULL) - goto err; - - BN_CTX_start(ctx); - - if ((x = BN_CTX_get(ctx)) == NULL) - goto err; - - if ((group = EC_KEY_get0_group(ecdh)) == NULL) - goto err; - - if (EC_POINT_is_on_curve(group, pub_key, ctx) <= 0) - goto err; - - if ((point = EC_POINT_new(group)) == NULL) { - ECerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - if ((priv_key = EC_KEY_get0_private_key(ecdh)) == NULL) { - ECerror(EC_R_MISSING_PRIVATE_KEY); - goto err; - } - - if (!EC_POINT_mul(group, point, NULL, pub_key, priv_key, ctx)) { - ECerror(EC_R_POINT_ARITHMETIC_FAILURE); - goto err; - } - - if (!EC_POINT_get_affine_coordinates(group, point, x, NULL, ctx)) { - ECerror(EC_R_POINT_ARITHMETIC_FAILURE); - goto err; - } - - if ((buf_len = ECDH_size(ecdh)) < BN_num_bytes(x)) { - ECerror(ERR_R_INTERNAL_ERROR); - goto err; - } - if ((buf = calloc(1, buf_len)) == NULL) { - ECerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if (BN_bn2binpad(x, buf, buf_len) != buf_len) { - ECerror(ERR_R_BN_LIB); - goto err; - } - - *out = buf; - *out_len = buf_len; - buf = NULL; - buf_len = 0; - - ret = 1; - - err: - EC_POINT_free(point); - BN_CTX_end(ctx); - BN_CTX_free(ctx); - freezero(buf, buf_len); - - return ret; -} - -int -ECDH_compute_key(void *out, size_t out_len, const EC_POINT *pub_key, - EC_KEY *eckey, - void *(*KDF)(const void *in, size_t inlen, void *out, size_t *out_len)) -{ - unsigned char *secret = NULL; - size_t secret_len = 0; - int ret = 0; - - if (eckey->meth->compute_key == NULL) { - ECerror(EC_R_NOT_IMPLEMENTED); - goto err; - } - - if (out_len > INT_MAX) { - ECerror(EC_R_INVALID_OUTPUT_LENGTH); - goto err; - } - - if (!eckey->meth->compute_key(&secret, &secret_len, pub_key, eckey)) - goto err; - - memset(out, 0, out_len); - if (KDF != NULL) { - if (KDF(secret, secret_len, out, &out_len) == NULL) { - ECerror(EC_R_KDF_FAILED); - goto err; - } - } else { - if (out_len < secret_len) { - /* The resulting key would be truncated. */ - ECerror(EC_R_KEY_TRUNCATION); - goto err; - } - out_len = secret_len; - memcpy(out, secret, out_len); - } - - if (out_len > INT_MAX) { - ECerror(EC_R_INVALID_OUTPUT_LENGTH); - goto err; - } - - ret = out_len; - - err: - freezero(secret, secret_len); - - return ret; -} -LCRYPTO_ALIAS(ECDH_compute_key); - -int -ECDH_size(const EC_KEY *eckey) -{ - return BN_num_bytes(eckey->group->p); -} -LCRYPTO_ALIAS(ECDH_size); diff --git a/src/lib/libcrypto/ecdh/ecdh.h b/src/lib/libcrypto/ecdh/ecdh.h deleted file mode 100644 index 0149d5cdf6..0000000000 --- a/src/lib/libcrypto/ecdh/ecdh.h +++ /dev/null @@ -1,6 +0,0 @@ -/* $OpenBSD: ecdh.h,v 1.10 2023/07/28 09:25:12 tb Exp $ */ -/* - * Public domain. - */ - -#include diff --git a/src/lib/libcrypto/ecdsa/ecdsa.c b/src/lib/libcrypto/ecdsa/ecdsa.c deleted file mode 100644 index 5abc3586e3..0000000000 --- a/src/lib/libcrypto/ecdsa/ecdsa.c +++ /dev/null @@ -1,774 +0,0 @@ -/* $OpenBSD: ecdsa.c,v 1.19 2024/04/15 15:49:37 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include - -#include -#include -#include -#include -#include - -#include "bn_local.h" -#include "ec_local.h" -#include "ecdsa_local.h" - -static const ASN1_TEMPLATE ECDSA_SIG_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(ECDSA_SIG, r), - .field_name = "r", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(ECDSA_SIG, s), - .field_name = "s", - .item = &BIGNUM_it, - }, -}; - -static const ASN1_ITEM ECDSA_SIG_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = ECDSA_SIG_seq_tt, - .tcount = sizeof(ECDSA_SIG_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(ECDSA_SIG), - .sname = "ECDSA_SIG", -}; - -ECDSA_SIG * -d2i_ECDSA_SIG(ECDSA_SIG **a, const unsigned char **in, long len) -{ - return (ECDSA_SIG *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ECDSA_SIG_it); -} -LCRYPTO_ALIAS(d2i_ECDSA_SIG); - -int -i2d_ECDSA_SIG(const ECDSA_SIG *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ECDSA_SIG_it); -} -LCRYPTO_ALIAS(i2d_ECDSA_SIG); - -ECDSA_SIG * -ECDSA_SIG_new(void) -{ - return (ECDSA_SIG *)ASN1_item_new(&ECDSA_SIG_it); -} -LCRYPTO_ALIAS(ECDSA_SIG_new); - -void -ECDSA_SIG_free(ECDSA_SIG *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ECDSA_SIG_it); -} -LCRYPTO_ALIAS(ECDSA_SIG_free); - -void -ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps) -{ - if (pr != NULL) - *pr = sig->r; - if (ps != NULL) - *ps = sig->s; -} -LCRYPTO_ALIAS(ECDSA_SIG_get0); - -const BIGNUM * -ECDSA_SIG_get0_r(const ECDSA_SIG *sig) -{ - return sig->r; -} -LCRYPTO_ALIAS(ECDSA_SIG_get0_r); - -const BIGNUM * -ECDSA_SIG_get0_s(const ECDSA_SIG *sig) -{ - return sig->s; -} -LCRYPTO_ALIAS(ECDSA_SIG_get0_s); - -int -ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s) -{ - if (r == NULL || s == NULL) - return 0; - - BN_free(sig->r); - BN_free(sig->s); - sig->r = r; - sig->s = s; - return 1; -} -LCRYPTO_ALIAS(ECDSA_SIG_set0); - -int -ECDSA_size(const EC_KEY *key) -{ - const EC_GROUP *group; - const BIGNUM *order = NULL; - ECDSA_SIG sig; - int ret = 0; - - if (key == NULL) - goto err; - - if ((group = EC_KEY_get0_group(key)) == NULL) - goto err; - - if ((order = EC_GROUP_get0_order(group)) == NULL) - goto err; - - sig.r = (BIGNUM *)order; - sig.s = (BIGNUM *)order; - - if ((ret = i2d_ECDSA_SIG(&sig, NULL)) < 0) - ret = 0; - - err: - return ret; -} -LCRYPTO_ALIAS(ECDSA_size); - -/* - * FIPS 186-5, section 6.4.1, step 2: convert hashed message into an integer. - * Use the order_bits leftmost bits if it exceeds the group order. - */ -static int -ecdsa_prepare_digest(const unsigned char *digest, int digest_len, - const EC_KEY *key, BIGNUM *e) -{ - const EC_GROUP *group; - int digest_bits, order_bits; - - if (BN_bin2bn(digest, digest_len, e) == NULL) { - ECerror(ERR_R_BN_LIB); - return 0; - } - - if ((group = EC_KEY_get0_group(key)) == NULL) - return 0; - order_bits = EC_GROUP_order_bits(group); - - digest_bits = 8 * digest_len; - if (digest_bits <= order_bits) - return 1; - - return BN_rshift(e, e, digest_bits - order_bits); -} - -int -ecdsa_sign(int type, const unsigned char *digest, int digest_len, - unsigned char *signature, unsigned int *signature_len, const BIGNUM *kinv, - const BIGNUM *r, EC_KEY *key) -{ - ECDSA_SIG *sig = NULL; - int out_len = 0; - int ret = 0; - - if (kinv != NULL || r != NULL) { - ECerror(EC_R_NOT_IMPLEMENTED); - goto err; - } - - if ((sig = ECDSA_do_sign(digest, digest_len, key)) == NULL) - goto err; - - if ((out_len = i2d_ECDSA_SIG(sig, &signature)) < 0) { - out_len = 0; - goto err; - } - - ret = 1; - - err: - *signature_len = out_len; - ECDSA_SIG_free(sig); - - return ret; -} - -int -ECDSA_sign(int type, const unsigned char *digest, int digest_len, - unsigned char *signature, unsigned int *signature_len, EC_KEY *key) -{ - if (key->meth->sign == NULL) { - ECerror(EC_R_NOT_IMPLEMENTED); - return 0; - } - return key->meth->sign(type, digest, digest_len, signature, - signature_len, NULL, NULL, key); -} -LCRYPTO_ALIAS(ECDSA_sign); - -/* - * FIPS 186-5, section 6.4.1, steps 3-8 and 11: Generate k, calculate r and - * kinv. If r == 0, try again with a new random k. - */ - -int -ecdsa_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv, BIGNUM **out_r) -{ - const EC_GROUP *group; - EC_POINT *point = NULL; - BN_CTX *ctx = NULL; - BIGNUM *k = NULL, *r = NULL; - const BIGNUM *order; - BIGNUM *x; - int order_bits; - int ret = 0; - - BN_free(*out_kinv); - *out_kinv = NULL; - - BN_free(*out_r); - *out_r = NULL; - - if (key == NULL) { - ECerror(ERR_R_PASSED_NULL_PARAMETER); - goto err; - } - if ((group = EC_KEY_get0_group(key)) == NULL) { - ECerror(ERR_R_PASSED_NULL_PARAMETER); - goto err; - } - - if ((k = BN_new()) == NULL) - goto err; - if ((r = BN_new()) == NULL) - goto err; - - if ((ctx = in_ctx) == NULL) - ctx = BN_CTX_new(); - if (ctx == NULL) { - ECerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - BN_CTX_start(ctx); - - if ((x = BN_CTX_get(ctx)) == NULL) - goto err; - - if ((point = EC_POINT_new(group)) == NULL) { - ECerror(ERR_R_EC_LIB); - goto err; - } - if ((order = EC_GROUP_get0_order(group)) == NULL) { - ECerror(ERR_R_EC_LIB); - goto err; - } - - if (BN_cmp(order, BN_value_one()) <= 0) { - ECerror(EC_R_INVALID_GROUP_ORDER); - goto err; - } - - /* Reject curves with an order that is smaller than 80 bits. */ - if ((order_bits = BN_num_bits(order)) < 80) { - ECerror(EC_R_INVALID_GROUP_ORDER); - goto err; - } - - /* Preallocate space. */ - if (!BN_set_bit(k, order_bits) || - !BN_set_bit(r, order_bits) || - !BN_set_bit(x, order_bits)) - goto err; - - /* Step 11: repeat until r != 0. */ - do { - /* Step 3: generate random k. */ - if (!bn_rand_interval(k, 1, order)) - goto err; - - /* Step 5: P = k * G. */ - if (!EC_POINT_mul(group, point, k, NULL, NULL, ctx)) { - ECerror(ERR_R_EC_LIB); - goto err; - } - /* Steps 6 (and 7): from P = (x, y) retain the x-coordinate. */ - if (!EC_POINT_get_affine_coordinates(group, point, x, NULL, - ctx)) { - ECerror(ERR_R_EC_LIB); - goto err; - } - /* Step 8: r = x (mod order). */ - if (!BN_nnmod(r, x, order, ctx)) { - ECerror(ERR_R_BN_LIB); - goto err; - } - } while (BN_is_zero(r)); - - /* Step 4: calculate kinv. */ - if (BN_mod_inverse_ct(k, k, order, ctx) == NULL) { - ECerror(ERR_R_BN_LIB); - goto err; - } - - *out_kinv = k; - k = NULL; - - *out_r = r; - r = NULL; - - ret = 1; - - err: - BN_CTX_end(ctx); - if (ctx != in_ctx) - BN_CTX_free(ctx); - BN_free(k); - BN_free(r); - EC_POINT_free(point); - - return ret; -} - -static int -ECDSA_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv, - BIGNUM **out_r) -{ - if (key->meth->sign_setup == NULL) { - ECerror(EC_R_NOT_IMPLEMENTED); - return 0; - } - return key->meth->sign_setup(key, in_ctx, out_kinv, out_r); -} - -/* - * FIPS 186-5, section 6.4.1, step 9: compute s = inv(k)(e + xr) mod order. - * In order to reduce the possibility of a side-channel attack, the following - * is calculated using a random blinding value b in [1, order): - * s = inv(b)(be + bxr)inv(k) mod order. - */ - -static int -ecdsa_compute_s(BIGNUM **out_s, const BIGNUM *e, const BIGNUM *kinv, - const BIGNUM *r, const EC_KEY *key, BN_CTX *ctx) -{ - const EC_GROUP *group; - const BIGNUM *order, *priv_key; - BIGNUM *b, *binv, *be, *bxr; - BIGNUM *s = NULL; - int ret = 0; - - *out_s = NULL; - - BN_CTX_start(ctx); - - if ((group = EC_KEY_get0_group(key)) == NULL) { - ECerror(ERR_R_PASSED_NULL_PARAMETER); - goto err; - } - if ((order = EC_GROUP_get0_order(group)) == NULL) { - ECerror(ERR_R_EC_LIB); - goto err; - } - if ((priv_key = EC_KEY_get0_private_key(key)) == NULL) { - ECerror(ERR_R_PASSED_NULL_PARAMETER); - goto err; - } - - if ((b = BN_CTX_get(ctx)) == NULL) - goto err; - if ((binv = BN_CTX_get(ctx)) == NULL) - goto err; - if ((be = BN_CTX_get(ctx)) == NULL) - goto err; - if ((bxr = BN_CTX_get(ctx)) == NULL) - goto err; - - if ((s = BN_new()) == NULL) - goto err; - - /* - * In a valid ECDSA signature, r must be in [1, order). Since r can be - * caller provided - either directly or by replacing sign_setup() - we - * can't rely on this being the case. - */ - if (BN_cmp(r, BN_value_one()) < 0 || BN_cmp(r, order) >= 0) { - ECerror(EC_R_BAD_SIGNATURE); - goto err; - } - - if (!bn_rand_interval(b, 1, order)) { - ECerror(ERR_R_BN_LIB); - goto err; - } - - if (BN_mod_inverse_ct(binv, b, order, ctx) == NULL) { - ECerror(ERR_R_BN_LIB); - goto err; - } - - if (!BN_mod_mul(bxr, b, priv_key, order, ctx)) { - ECerror(ERR_R_BN_LIB); - goto err; - } - if (!BN_mod_mul(bxr, bxr, r, order, ctx)) { - ECerror(ERR_R_BN_LIB); - goto err; - } - if (!BN_mod_mul(be, b, e, order, ctx)) { - ECerror(ERR_R_BN_LIB); - goto err; - } - if (!BN_mod_add(s, be, bxr, order, ctx)) { - ECerror(ERR_R_BN_LIB); - goto err; - } - /* s = b(e + xr)k^-1 */ - if (!BN_mod_mul(s, s, kinv, order, ctx)) { - ECerror(ERR_R_BN_LIB); - goto err; - } - /* s = (e + xr)k^-1 */ - if (!BN_mod_mul(s, s, binv, order, ctx)) { - ECerror(ERR_R_BN_LIB); - goto err; - } - - /* Step 11: if s == 0 start over. */ - if (!BN_is_zero(s)) { - *out_s = s; - s = NULL; - } - - ret = 1; - - err: - BN_CTX_end(ctx); - BN_free(s); - - return ret; -} - -/* - * It is too expensive to check curve parameters on every sign operation. - * Instead, cap the number of retries. A single retry is very unlikely, so - * allowing 32 retries is amply enough. - */ -#define ECDSA_MAX_SIGN_ITERATIONS 32 - -/* - * FIPS 186-5: Section 6.4.1: ECDSA signature generation, steps 2-12. - * The caller provides the hash of the message, thus performs step 1. - * Step 10, zeroing k and kinv, is done by BN_free(). - */ - -ECDSA_SIG * -ecdsa_sign_sig(const unsigned char *digest, int digest_len, - const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *key) -{ - BN_CTX *ctx = NULL; - BIGNUM *kinv = NULL, *r = NULL, *s = NULL; - BIGNUM *e; - int attempts = 0; - ECDSA_SIG *sig = NULL; - - if (in_kinv != NULL || in_r != NULL) { - ECerror(EC_R_NOT_IMPLEMENTED); - goto err; - } - - if ((ctx = BN_CTX_new()) == NULL) { - ECerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - BN_CTX_start(ctx); - - if ((e = BN_CTX_get(ctx)) == NULL) - goto err; - - /* Step 2: convert hash into an integer. */ - if (!ecdsa_prepare_digest(digest, digest_len, key, e)) - goto err; - - do { - /* Steps 3-8: calculate kinv and r. */ - if (!ECDSA_sign_setup(key, ctx, &kinv, &r)) { - ECerror(ERR_R_EC_LIB); - goto err; - } - - /* - * Steps 9 and 11: if s is non-NULL, we have a valid signature. - */ - if (!ecdsa_compute_s(&s, e, kinv, r, key, ctx)) - goto err; - if (s != NULL) - break; - - if (++attempts > ECDSA_MAX_SIGN_ITERATIONS) { - ECerror(EC_R_WRONG_CURVE_PARAMETERS); - goto err; - } - } while (1); - - /* Step 12: output (r, s). */ - if ((sig = ECDSA_SIG_new()) == NULL) { - ECerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if (!ECDSA_SIG_set0(sig, r, s)) { - ECDSA_SIG_free(sig); - goto err; - } - r = NULL; - s = NULL; - - err: - BN_CTX_end(ctx); - BN_CTX_free(ctx); - BN_free(kinv); - BN_free(r); - BN_free(s); - - return sig; -} - -ECDSA_SIG * -ECDSA_do_sign(const unsigned char *digest, int digest_len, EC_KEY *key) -{ - if (key->meth->sign_sig == NULL) { - ECerror(EC_R_NOT_IMPLEMENTED); - return 0; - } - return key->meth->sign_sig(digest, digest_len, NULL, NULL, key); -} -LCRYPTO_ALIAS(ECDSA_do_sign); - -int -ecdsa_verify(int type, const unsigned char *digest, int digest_len, - const unsigned char *sigbuf, int sig_len, EC_KEY *key) -{ - ECDSA_SIG *s; - unsigned char *der = NULL; - const unsigned char *p; - int der_len = 0; - int ret = -1; - - if ((s = ECDSA_SIG_new()) == NULL) - goto err; - - p = sigbuf; - if (d2i_ECDSA_SIG(&s, &p, sig_len) == NULL) - goto err; - - /* Ensure signature uses DER and doesn't have trailing garbage. */ - if ((der_len = i2d_ECDSA_SIG(s, &der)) != sig_len) - goto err; - if (timingsafe_memcmp(sigbuf, der, der_len)) - goto err; - - ret = ECDSA_do_verify(digest, digest_len, s, key); - - err: - freezero(der, der_len); - ECDSA_SIG_free(s); - - return ret; -} - -int -ECDSA_verify(int type, const unsigned char *digest, int digest_len, - const unsigned char *sigbuf, int sig_len, EC_KEY *key) -{ - if (key->meth->verify == NULL) { - ECerror(EC_R_NOT_IMPLEMENTED); - return 0; - } - return key->meth->verify(type, digest, digest_len, sigbuf, sig_len, key); -} -LCRYPTO_ALIAS(ECDSA_verify); - -/* - * FIPS 186-5, section 6.4.2: ECDSA signature verification. - * The caller provides us with the hash of the message, so has performed step 2. - */ - -int -ecdsa_verify_sig(const unsigned char *digest, int digest_len, - const ECDSA_SIG *sig, EC_KEY *key) -{ - const EC_GROUP *group; - const EC_POINT *pub_key; - EC_POINT *point = NULL; - const BIGNUM *order; - BN_CTX *ctx = NULL; - BIGNUM *e, *sinv, *u, *v, *x; - int ret = -1; - - if (key == NULL || sig == NULL) { - ECerror(EC_R_MISSING_PARAMETERS); - goto err; - } - if ((group = EC_KEY_get0_group(key)) == NULL) { - ECerror(EC_R_MISSING_PARAMETERS); - goto err; - } - if ((pub_key = EC_KEY_get0_public_key(key)) == NULL) { - ECerror(EC_R_MISSING_PARAMETERS); - goto err; - } - - if ((ctx = BN_CTX_new()) == NULL) { - ECerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - BN_CTX_start(ctx); - - if ((e = BN_CTX_get(ctx)) == NULL) - goto err; - if ((sinv = BN_CTX_get(ctx)) == NULL) - goto err; - if ((u = BN_CTX_get(ctx)) == NULL) - goto err; - if ((v = BN_CTX_get(ctx)) == NULL) - goto err; - if ((x = BN_CTX_get(ctx)) == NULL) - goto err; - - if ((order = EC_GROUP_get0_order(group)) == NULL) { - ECerror(ERR_R_EC_LIB); - goto err; - } - - /* Step 1: verify that r and s are in the range [1, order). */ - if (BN_cmp(sig->r, BN_value_one()) < 0 || BN_cmp(sig->r, order) >= 0) { - ECerror(EC_R_BAD_SIGNATURE); - ret = 0; - goto err; - } - if (BN_cmp(sig->s, BN_value_one()) < 0 || BN_cmp(sig->s, order) >= 0) { - ECerror(EC_R_BAD_SIGNATURE); - ret = 0; - goto err; - } - - /* Step 3: convert the hash into an integer. */ - if (!ecdsa_prepare_digest(digest, digest_len, key, e)) - goto err; - - /* Step 4: compute the inverse of s modulo order. */ - if (BN_mod_inverse_ct(sinv, sig->s, order, ctx) == NULL) { - ECerror(ERR_R_BN_LIB); - goto err; - } - /* Step 5: compute u = s^-1 * e and v = s^-1 * r (modulo order). */ - if (!BN_mod_mul(u, e, sinv, order, ctx)) { - ECerror(ERR_R_BN_LIB); - goto err; - } - if (!BN_mod_mul(v, sig->r, sinv, order, ctx)) { - ECerror(ERR_R_BN_LIB); - goto err; - } - - /* - * Steps 6 and 7: compute R = G * u + pub_key * v = (x, y). Reject if - * it's the point at infinity - getting affine coordinates fails. Keep - * the x coordinate. - */ - if ((point = EC_POINT_new(group)) == NULL) { - ECerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if (!EC_POINT_mul(group, point, u, pub_key, v, ctx)) { - ECerror(ERR_R_EC_LIB); - goto err; - } - if (!EC_POINT_get_affine_coordinates(group, point, x, NULL, ctx)) { - ECerror(ERR_R_EC_LIB); - goto err; - } - /* Step 8: convert x to a number in [0, order). */ - if (!BN_nnmod(x, x, order, ctx)) { - ECerror(ERR_R_BN_LIB); - goto err; - } - - /* Step 9: the signature is valid iff the x-coordinate is equal to r. */ - ret = (BN_cmp(x, sig->r) == 0); - - err: - BN_CTX_end(ctx); - BN_CTX_free(ctx); - EC_POINT_free(point); - - return ret; -} - -int -ECDSA_do_verify(const unsigned char *digest, int digest_len, - const ECDSA_SIG *sig, EC_KEY *key) -{ - if (key->meth->verify_sig == NULL) { - ECerror(EC_R_NOT_IMPLEMENTED); - return 0; - } - return key->meth->verify_sig(digest, digest_len, sig, key); -} -LCRYPTO_ALIAS(ECDSA_do_verify); diff --git a/src/lib/libcrypto/ecdsa/ecdsa.h b/src/lib/libcrypto/ecdsa/ecdsa.h deleted file mode 100644 index 9f498eb4a2..0000000000 --- a/src/lib/libcrypto/ecdsa/ecdsa.h +++ /dev/null @@ -1,6 +0,0 @@ -/* $OpenBSD: ecdsa.h,v 1.20 2023/07/28 09:16:17 tb Exp $ */ -/* - * Public domain. - */ - -#include diff --git a/src/lib/libcrypto/ecdsa/ecdsa_local.h b/src/lib/libcrypto/ecdsa/ecdsa_local.h deleted file mode 100644 index cc3af3e10f..0000000000 --- a/src/lib/libcrypto/ecdsa/ecdsa_local.h +++ /dev/null @@ -1,81 +0,0 @@ -/* $OpenBSD: ecdsa_local.h,v 1.2 2023/07/28 15:50:33 tb Exp $ */ -/* - * Written by Nils Larsch for the OpenSSL project - */ -/* ==================================================================== - * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_ECS_LOCAL_H -#define HEADER_ECS_LOCAL_H - -#include - -__BEGIN_HIDDEN_DECLS - -struct ECDSA_SIG_st { - BIGNUM *r; - BIGNUM *s; -}; - -int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *in_ctx, BIGNUM **out_kinv, - BIGNUM **out_r); -int ecdsa_sign(int type, const unsigned char *digest, int digest_len, - unsigned char *signature, unsigned int *signature_len, const BIGNUM *kinv, - const BIGNUM *r, EC_KEY *eckey); -ECDSA_SIG *ecdsa_sign_sig(const unsigned char *digest, int digest_len, - const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey); - -__END_HIDDEN_DECLS - -#endif /* !HEADER_ECS_LOCAL_H */ diff --git a/src/lib/libcrypto/engine/engine.h b/src/lib/libcrypto/engine/engine.h deleted file mode 100644 index 20398f8d7f..0000000000 --- a/src/lib/libcrypto/engine/engine.h +++ /dev/null @@ -1,215 +0,0 @@ -/* $OpenBSD: engine.h,v 1.44 2024/03/02 10:22:07 tb Exp $ */ -/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * ECDH support in OpenSSL originally developed by - * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. - */ - -#ifndef HEADER_ENGINE_H -#define HEADER_ENGINE_H - -#include - -#include -#include - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#define ENGINE_METHOD_RSA (unsigned int)0x0001 -#define ENGINE_METHOD_DSA (unsigned int)0x0002 -#define ENGINE_METHOD_DH (unsigned int)0x0004 -#define ENGINE_METHOD_RAND (unsigned int)0x0008 -#define ENGINE_METHOD_CIPHERS (unsigned int)0x0040 -#define ENGINE_METHOD_DIGESTS (unsigned int)0x0080 -#define ENGINE_METHOD_STORE (unsigned int)0x0100 -#define ENGINE_METHOD_PKEY_METHS (unsigned int)0x0200 -#define ENGINE_METHOD_PKEY_ASN1_METHS (unsigned int)0x0400 -#define ENGINE_METHOD_EC (unsigned int)0x0800 -#define ENGINE_METHOD_ALL (unsigned int)0xFFFF -#define ENGINE_METHOD_NONE (unsigned int)0x0000 - -/* - * Prototypes for the stub functions in engine_stubs.c. They are provided to - * build M2Crypto, Dovecot, apr-utils without patching. - */ -void ENGINE_load_builtin_engines(void); -void ENGINE_load_dynamic(void); -void ENGINE_load_openssl(void); -int ENGINE_register_all_complete(void); - -void ENGINE_cleanup(void); - -ENGINE *ENGINE_new(void); -int ENGINE_free(ENGINE *engine); -int ENGINE_init(ENGINE *engine); -int ENGINE_finish(ENGINE *engine); - -ENGINE *ENGINE_by_id(const char *id); -const char *ENGINE_get_id(const ENGINE *engine); -const char *ENGINE_get_name(const ENGINE *engine); - -int ENGINE_set_default(ENGINE *engine, unsigned int flags); - -ENGINE *ENGINE_get_default_RSA(void); -int ENGINE_set_default_RSA(ENGINE *engine); - -int ENGINE_ctrl_cmd(ENGINE *engine, const char *cmd_name, long i, void *p, - void (*f)(void), int cmd_optional); -int ENGINE_ctrl_cmd_string(ENGINE *engine, const char *cmd, const char *arg, - int cmd_optional); - -EVP_PKEY *ENGINE_load_private_key(ENGINE *engine, const char *key_id, - UI_METHOD *ui_method, void *callback_data); -EVP_PKEY *ENGINE_load_public_key(ENGINE *engine, const char *key_id, - UI_METHOD *ui_method, void *callback_data); - -/* Error codes for the ENGINE functions. */ - -/* Function codes. */ -#define ENGINE_F_DYNAMIC_CTRL 180 -#define ENGINE_F_DYNAMIC_GET_DATA_CTX 181 -#define ENGINE_F_DYNAMIC_LOAD 182 -#define ENGINE_F_DYNAMIC_SET_DATA_CTX 183 -#define ENGINE_F_ENGINE_ADD 105 -#define ENGINE_F_ENGINE_BY_ID 106 -#define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE 170 -#define ENGINE_F_ENGINE_CTRL 142 -#define ENGINE_F_ENGINE_CTRL_CMD 178 -#define ENGINE_F_ENGINE_CTRL_CMD_STRING 171 -#define ENGINE_F_ENGINE_FINISH 107 -#define ENGINE_F_ENGINE_FREE_UTIL 108 -#define ENGINE_F_ENGINE_GET_CIPHER 185 -#define ENGINE_F_ENGINE_GET_DEFAULT_TYPE 177 -#define ENGINE_F_ENGINE_GET_DIGEST 186 -#define ENGINE_F_ENGINE_GET_NEXT 115 -#define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH 193 -#define ENGINE_F_ENGINE_GET_PKEY_METH 192 -#define ENGINE_F_ENGINE_GET_PREV 116 -#define ENGINE_F_ENGINE_INIT 119 -#define ENGINE_F_ENGINE_LIST_ADD 120 -#define ENGINE_F_ENGINE_LIST_REMOVE 121 -#define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150 -#define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151 -#define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 194 -#define ENGINE_F_ENGINE_NEW 122 -#define ENGINE_F_ENGINE_REMOVE 123 -#define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189 -#define ENGINE_F_ENGINE_SET_DEFAULT_TYPE 126 -#define ENGINE_F_ENGINE_SET_ID 129 -#define ENGINE_F_ENGINE_SET_NAME 130 -#define ENGINE_F_ENGINE_TABLE_REGISTER 184 -#define ENGINE_F_ENGINE_UNLOAD_KEY 152 -#define ENGINE_F_ENGINE_UNLOCKED_FINISH 191 -#define ENGINE_F_ENGINE_UP_REF 190 -#define ENGINE_F_INT_CTRL_HELPER 172 -#define ENGINE_F_INT_ENGINE_CONFIGURE 188 -#define ENGINE_F_INT_ENGINE_MODULE_INIT 187 -#define ENGINE_F_LOG_MESSAGE 141 - -/* Reason codes. */ -#define ENGINE_R_ALREADY_LOADED 100 -#define ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER 133 -#define ENGINE_R_CMD_NOT_EXECUTABLE 134 -#define ENGINE_R_COMMAND_TAKES_INPUT 135 -#define ENGINE_R_COMMAND_TAKES_NO_INPUT 136 -#define ENGINE_R_CONFLICTING_ENGINE_ID 103 -#define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED 119 -#define ENGINE_R_DH_NOT_IMPLEMENTED 139 -#define ENGINE_R_DSA_NOT_IMPLEMENTED 140 -#define ENGINE_R_DSO_FAILURE 104 -#define ENGINE_R_DSO_NOT_FOUND 132 -#define ENGINE_R_ENGINES_SECTION_ERROR 148 -#define ENGINE_R_ENGINE_CONFIGURATION_ERROR 102 -#define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105 -#define ENGINE_R_ENGINE_SECTION_ERROR 149 -#define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128 -#define ENGINE_R_FAILED_LOADING_PUBLIC_KEY 129 -#define ENGINE_R_FINISH_FAILED 106 -#define ENGINE_R_GET_HANDLE_FAILED 107 -#define ENGINE_R_ID_OR_NAME_MISSING 108 -#define ENGINE_R_INIT_FAILED 109 -#define ENGINE_R_INTERNAL_LIST_ERROR 110 -#define ENGINE_R_INVALID_ARGUMENT 143 -#define ENGINE_R_INVALID_CMD_NAME 137 -#define ENGINE_R_INVALID_CMD_NUMBER 138 -#define ENGINE_R_INVALID_INIT_VALUE 151 -#define ENGINE_R_INVALID_STRING 150 -#define ENGINE_R_NOT_INITIALISED 117 -#define ENGINE_R_NOT_LOADED 112 -#define ENGINE_R_NO_CONTROL_FUNCTION 120 -#define ENGINE_R_NO_INDEX 144 -#define ENGINE_R_NO_LOAD_FUNCTION 125 -#define ENGINE_R_NO_REFERENCE 130 -#define ENGINE_R_NO_SUCH_ENGINE 116 -#define ENGINE_R_NO_UNLOAD_FUNCTION 126 -#define ENGINE_R_PROVIDE_PARAMETERS 113 -#define ENGINE_R_RSA_NOT_IMPLEMENTED 141 -#define ENGINE_R_UNIMPLEMENTED_CIPHER 146 -#define ENGINE_R_UNIMPLEMENTED_DIGEST 147 -#define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD 101 -#define ENGINE_R_VERSION_INCOMPATIBILITY 145 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/engine/engine_stubs.c b/src/lib/libcrypto/engine/engine_stubs.c deleted file mode 100644 index 055396fba0..0000000000 --- a/src/lib/libcrypto/engine/engine_stubs.c +++ /dev/null @@ -1,140 +0,0 @@ -/* $OpenBSD: engine_stubs.c,v 1.4 2024/03/27 06:08:45 tb Exp $ */ - -/* - * Written by Theo Buehler. Public domain. - */ - -#include - -void -ENGINE_load_builtin_engines(void) -{ -} -LCRYPTO_ALIAS(ENGINE_load_builtin_engines); - -void -ENGINE_load_dynamic(void) -{ -} -LCRYPTO_ALIAS(ENGINE_load_dynamic); - -void -ENGINE_load_openssl(void) -{ -} -LCRYPTO_ALIAS(ENGINE_load_openssl); - -int -ENGINE_register_all_complete(void) -{ - return 0; -} -LCRYPTO_ALIAS(ENGINE_register_all_complete); - -void -ENGINE_cleanup(void) -{ -} -LCRYPTO_ALIAS(ENGINE_cleanup); - -ENGINE * -ENGINE_new(void) -{ - return NULL; -} -LCRYPTO_ALIAS(ENGINE_new); - -int -ENGINE_free(ENGINE *engine) -{ - return 0; -} -LCRYPTO_ALIAS(ENGINE_free); - -int -ENGINE_init(ENGINE *engine) -{ - return 0; -} -LCRYPTO_ALIAS(ENGINE_init); - -int -ENGINE_finish(ENGINE *engine) -{ - return 0; -} -LCRYPTO_ALIAS(ENGINE_finish); - -ENGINE * -ENGINE_by_id(const char *id) -{ - return NULL; -} -LCRYPTO_ALIAS(ENGINE_by_id); - -const char * -ENGINE_get_id(const ENGINE *engine) -{ - return ""; -} -LCRYPTO_ALIAS(ENGINE_get_id); - -const char * -ENGINE_get_name(const ENGINE *engine) -{ - return ""; -} -LCRYPTO_ALIAS(ENGINE_get_name); - -int -ENGINE_set_default(ENGINE *engine, unsigned int flags) -{ - return 0; -} -LCRYPTO_ALIAS(ENGINE_set_default); - -ENGINE * -ENGINE_get_default_RSA(void) -{ - return NULL; -} -LCRYPTO_ALIAS(ENGINE_get_default_RSA); - -int -ENGINE_set_default_RSA(ENGINE *engine) -{ - return 0; -} -LCRYPTO_ALIAS(ENGINE_set_default_RSA); - -int -ENGINE_ctrl_cmd(ENGINE *engine, const char *cmd_name, long i, void *p, - void (*f)(void), int cmd_optional) -{ - return 0; -} -LCRYPTO_ALIAS(ENGINE_ctrl_cmd); - -int -ENGINE_ctrl_cmd_string(ENGINE *engine, const char *cmd, const char *arg, - int cmd_optional) -{ - return 0; -} -LCRYPTO_ALIAS(ENGINE_ctrl_cmd_string); - -EVP_PKEY * -ENGINE_load_private_key(ENGINE *engine, const char *key_id, - UI_METHOD *ui_method, void *callback_data) -{ - return NULL; -} -LCRYPTO_ALIAS(ENGINE_load_private_key); - -EVP_PKEY * -ENGINE_load_public_key(ENGINE *engine, const char *key_id, - UI_METHOD *ui_method, void *callback_data) -{ - return NULL; -} -LCRYPTO_ALIAS(ENGINE_load_public_key); diff --git a/src/lib/libcrypto/err/err.c b/src/lib/libcrypto/err/err.c deleted file mode 100644 index 25fbb03875..0000000000 --- a/src/lib/libcrypto/err/err.c +++ /dev/null @@ -1,1093 +0,0 @@ -/* $OpenBSD: err.c,v 1.75 2024/11/02 12:46:36 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include - -#include - -#include -#include -#include -#include -#include - -DECLARE_LHASH_OF(ERR_STRING_DATA); -DECLARE_LHASH_OF(ERR_STATE); - -typedef struct err_state_st { - pthread_t tid; - int err_flags[ERR_NUM_ERRORS]; - unsigned long err_buffer[ERR_NUM_ERRORS]; - char *err_data[ERR_NUM_ERRORS]; - int err_data_flags[ERR_NUM_ERRORS]; - const char *err_file[ERR_NUM_ERRORS]; - int err_line[ERR_NUM_ERRORS]; - int top, bottom; -} ERR_STATE; - -#ifndef OPENSSL_NO_ERR -static const ERR_STRING_DATA ERR_str_libraries[] = { - {ERR_PACK(ERR_LIB_NONE, 0, 0), "unknown library"}, - {ERR_PACK(ERR_LIB_SYS, 0, 0), "system library"}, - {ERR_PACK(ERR_LIB_BN, 0, 0), "bignum routines"}, - {ERR_PACK(ERR_LIB_RSA, 0, 0), "rsa routines"}, - {ERR_PACK(ERR_LIB_DH, 0, 0), "Diffie-Hellman routines"}, - {ERR_PACK(ERR_LIB_EVP, 0, 0), "digital envelope routines"}, - {ERR_PACK(ERR_LIB_BUF, 0, 0), "memory buffer routines"}, - {ERR_PACK(ERR_LIB_OBJ, 0, 0), "object identifier routines"}, - {ERR_PACK(ERR_LIB_PEM, 0, 0), "PEM routines"}, - {ERR_PACK(ERR_LIB_DSA, 0, 0), "dsa routines"}, - {ERR_PACK(ERR_LIB_X509, 0, 0), "x509 certificate routines"}, - {ERR_PACK(ERR_LIB_ASN1, 0, 0), "asn1 encoding routines"}, - {ERR_PACK(ERR_LIB_CONF, 0, 0), "configuration file routines"}, - {ERR_PACK(ERR_LIB_CRYPTO, 0, 0), "common libcrypto routines"}, - {ERR_PACK(ERR_LIB_EC, 0, 0), "elliptic curve routines"}, - {ERR_PACK(ERR_LIB_SSL, 0, 0), "SSL routines"}, - {ERR_PACK(ERR_LIB_BIO, 0, 0), "BIO routines"}, - {ERR_PACK(ERR_LIB_PKCS7, 0, 0), "PKCS7 routines"}, - {ERR_PACK(ERR_LIB_X509V3, 0, 0), "X509 V3 routines"}, - {ERR_PACK(ERR_LIB_PKCS12, 0, 0), "PKCS12 routines"}, - {ERR_PACK(ERR_LIB_RAND, 0, 0), "random number generator"}, - {ERR_PACK(ERR_LIB_DSO, 0, 0), "DSO support routines"}, - {ERR_PACK(ERR_LIB_TS, 0, 0), "time stamp routines"}, - {ERR_PACK(ERR_LIB_ENGINE, 0, 0), "engine routines"}, - {ERR_PACK(ERR_LIB_OCSP, 0, 0), "OCSP routines"}, - {ERR_PACK(ERR_LIB_FIPS, 0, 0), "FIPS routines"}, - {ERR_PACK(ERR_LIB_CMS, 0, 0), "CMS routines"}, - {ERR_PACK(ERR_LIB_HMAC, 0, 0), "HMAC routines"}, - {ERR_PACK(ERR_LIB_GOST, 0, 0), "GOST routines"}, - {0, NULL}, -}; - -static const ERR_STRING_DATA ERR_str_functs[] = { - {ERR_PACK(ERR_LIB_SYS, SYS_F_FOPEN, 0), "fopen"}, - {ERR_PACK(ERR_LIB_SYS, SYS_F_CONNECT, 0), "connect"}, - {ERR_PACK(ERR_LIB_SYS, SYS_F_GETSERVBYNAME, 0), "getservbyname"}, - {ERR_PACK(ERR_LIB_SYS, SYS_F_SOCKET, 0), "socket"}, - {ERR_PACK(ERR_LIB_SYS, SYS_F_IOCTLSOCKET, 0), "ioctl"}, - {ERR_PACK(ERR_LIB_SYS, SYS_F_BIND, 0), "bind"}, - {ERR_PACK(ERR_LIB_SYS, SYS_F_LISTEN, 0), "listen"}, - {ERR_PACK(ERR_LIB_SYS, SYS_F_ACCEPT, 0), "accept"}, - {ERR_PACK(ERR_LIB_SYS, SYS_F_OPENDIR, 0), "opendir"}, - {ERR_PACK(ERR_LIB_SYS, SYS_F_FREAD, 0), "fread"}, - {0, NULL}, -}; - -static const ERR_STRING_DATA ERR_str_reasons[] = { - {ERR_R_SYS_LIB, "system lib"}, - {ERR_R_BN_LIB, "BN lib"}, - {ERR_R_RSA_LIB, "RSA lib"}, - {ERR_R_DH_LIB, "DH lib"}, - {ERR_R_EVP_LIB, "EVP lib"}, - {ERR_R_BUF_LIB, "BUF lib"}, - {ERR_R_OBJ_LIB, "OBJ lib"}, - {ERR_R_PEM_LIB, "PEM lib"}, - {ERR_R_DSA_LIB, "DSA lib"}, - {ERR_R_X509_LIB, "X509 lib"}, - {ERR_R_ASN1_LIB, "ASN1 lib"}, - {ERR_R_CONF_LIB, "CONF lib"}, - {ERR_R_CRYPTO_LIB, "CRYPTO lib"}, - {ERR_R_EC_LIB, "EC lib"}, - {ERR_R_SSL_LIB, "SSL lib"}, - {ERR_R_BIO_LIB, "BIO lib"}, - {ERR_R_PKCS7_LIB, "PKCS7 lib"}, - {ERR_R_X509V3_LIB, "X509V3 lib"}, - {ERR_R_PKCS12_LIB, "PKCS12 lib"}, - {ERR_R_RAND_LIB, "RAND lib"}, - {ERR_R_DSO_LIB, "DSO lib"}, - {ERR_R_ENGINE_LIB, "ENGINE lib"}, - {ERR_R_OCSP_LIB, "OCSP lib"}, - {ERR_R_TS_LIB, "TS lib"}, - - {ERR_R_NESTED_ASN1_ERROR, "nested asn1 error"}, - {ERR_R_BAD_ASN1_OBJECT_HEADER, "bad asn1 object header"}, - {ERR_R_BAD_GET_ASN1_OBJECT_CALL, "bad get asn1 object call"}, - {ERR_R_EXPECTING_AN_ASN1_SEQUENCE, "expecting an asn1 sequence"}, - {ERR_R_ASN1_LENGTH_MISMATCH, "asn1 length mismatch"}, - {ERR_R_MISSING_ASN1_EOS, "missing asn1 eos"}, - - {ERR_R_FATAL, "fatal"}, - {ERR_R_MALLOC_FAILURE, "malloc failure"}, - {ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED, "called a function you should not call"}, - {ERR_R_PASSED_NULL_PARAMETER, "passed a null parameter"}, - {ERR_R_INTERNAL_ERROR, "internal error"}, - {ERR_R_DISABLED, "called a function that was disabled at compile-time"}, - {ERR_R_INIT_FAIL, "initialization failure"}, - - {0, NULL}, -}; -#endif - -static void ERR_STATE_free(ERR_STATE *s); - -/* - * The internal state used by "err_defaults" - as such, the setting, reading, - * creating, and deleting of this data should only be permitted via the - * "err_defaults" functions. This way, a linked module can completely defer all - * ERR state operation (together with requisite locking) to the implementations - * and state in the loading application. - */ -static LHASH_OF(ERR_STRING_DATA) *err_error_hash = NULL; -static LHASH_OF(ERR_STATE) *err_thread_hash = NULL; -static int err_thread_hash_references = 0; -static int err_library_number = ERR_LIB_USER; - -static pthread_t err_init_thread; - -/* - * These are the callbacks provided to "lh_new()" when creating the LHASH tables - * internal to the "err_defaults" implementation. - */ - -static unsigned long -err_string_data_hash(const ERR_STRING_DATA *a) -{ - unsigned long ret, l; - - l = a->error; - ret = l^ERR_GET_LIB(l)^ERR_GET_FUNC(l); - return (ret^ret % 19*13); -} -static IMPLEMENT_LHASH_HASH_FN(err_string_data, ERR_STRING_DATA) - -static int -err_string_data_cmp(const ERR_STRING_DATA *a, const ERR_STRING_DATA *b) -{ - return (int)(a->error - b->error); -} -static IMPLEMENT_LHASH_COMP_FN(err_string_data, ERR_STRING_DATA) - -static LHASH_OF(ERR_STRING_DATA) * -err_get(int create) -{ - LHASH_OF(ERR_STRING_DATA) *ret = NULL; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - if (!err_error_hash && create) - err_error_hash = lh_ERR_STRING_DATA_new(); - if (err_error_hash) - ret = err_error_hash; - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - - return ret; -} - -static void -err_del(void) -{ - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - if (err_error_hash) { - lh_ERR_STRING_DATA_free(err_error_hash); - err_error_hash = NULL; - } - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); -} - -static const ERR_STRING_DATA * -err_get_item(const ERR_STRING_DATA *d) -{ - ERR_STRING_DATA *p; - LHASH_OF(ERR_STRING_DATA) *hash; - - hash = err_get(0); - if (!hash) - return NULL; - - CRYPTO_r_lock(CRYPTO_LOCK_ERR); - p = lh_ERR_STRING_DATA_retrieve(hash, d); - CRYPTO_r_unlock(CRYPTO_LOCK_ERR); - - return p; -} - -static const ERR_STRING_DATA * -err_set_item(const ERR_STRING_DATA *d) -{ - const ERR_STRING_DATA *p; - LHASH_OF(ERR_STRING_DATA) *hash; - - hash = err_get(1); - if (!hash) - return NULL; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - p = lh_ERR_STRING_DATA_insert(hash, (void *)d); - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - - return p; -} - -static const ERR_STRING_DATA * -err_del_item(const ERR_STRING_DATA *d) -{ - ERR_STRING_DATA *p; - LHASH_OF(ERR_STRING_DATA) *hash; - - hash = err_get(0); - if (!hash) - return NULL; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - p = lh_ERR_STRING_DATA_delete(hash, d); - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - - return p; -} - -static unsigned long -err_state_hash(const ERR_STATE *a) -{ - return 13 * (unsigned long)a->tid; -} -static IMPLEMENT_LHASH_HASH_FN(err_state, ERR_STATE) - -static int -err_state_cmp(const ERR_STATE *a, const ERR_STATE *b) -{ - return pthread_equal(a->tid, b->tid) == 0; -} -static IMPLEMENT_LHASH_COMP_FN(err_state, ERR_STATE) - -static LHASH_OF(ERR_STATE) * -err_thread_get(int create) -{ - LHASH_OF(ERR_STATE) *ret = NULL; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - if (!err_thread_hash && create) - err_thread_hash = lh_ERR_STATE_new(); - if (err_thread_hash) { - err_thread_hash_references++; - ret = err_thread_hash; - } - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - return ret; -} - -static void -err_thread_release(LHASH_OF(ERR_STATE) **hash) -{ - int i; - - if (hash == NULL || *hash == NULL) - return; - - i = CRYPTO_add(&err_thread_hash_references, -1, CRYPTO_LOCK_ERR); - if (i > 0) - return; - - *hash = NULL; -} - -static ERR_STATE * -err_thread_get_item(const ERR_STATE *d) -{ - ERR_STATE *p; - LHASH_OF(ERR_STATE) *hash; - - hash = err_thread_get(0); - if (!hash) - return NULL; - - CRYPTO_r_lock(CRYPTO_LOCK_ERR); - p = lh_ERR_STATE_retrieve(hash, d); - CRYPTO_r_unlock(CRYPTO_LOCK_ERR); - - err_thread_release(&hash); - return p; -} - -static ERR_STATE * -err_thread_set_item(ERR_STATE *d) -{ - ERR_STATE *p; - LHASH_OF(ERR_STATE) *hash; - - hash = err_thread_get(1); - if (!hash) - return NULL; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - p = lh_ERR_STATE_insert(hash, d); - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - - err_thread_release(&hash); - return p; -} - -static void -err_thread_del_item(const ERR_STATE *d) -{ - ERR_STATE *p; - LHASH_OF(ERR_STATE) *hash; - - hash = err_thread_get(0); - if (!hash) - return; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - p = lh_ERR_STATE_delete(hash, d); - /* make sure we don't leak memory */ - if (err_thread_hash_references == 1 && - err_thread_hash && lh_ERR_STATE_num_items(err_thread_hash) == 0) { - lh_ERR_STATE_free(err_thread_hash); - err_thread_hash = NULL; - } - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - - err_thread_release(&hash); - if (p) - ERR_STATE_free(p); -} - -static int -err_get_next_lib(void) -{ - int ret; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - ret = err_library_number++; - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - - return ret; -} - - -#ifndef OPENSSL_NO_ERR -#define NUM_SYS_STR_REASONS 127 -#define LEN_SYS_STR_REASON 32 - -static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1]; - -/* - * SYS_str_reasons is filled with copies of strerror() results at - * initialization. 'errno' values up to 127 should cover all usual errors, - * others will be displayed numerically by ERR_error_string. It is crucial that - * we have something for each reason code that occurs in ERR_str_reasons, or - * bogus reason strings will be returned for SYSerror(), which always gets an - * errno value and never one of those 'standard' reason codes. - */ - -static void -err_build_SYS_str_reasons(void) -{ - /* malloc cannot be used here, use static storage instead */ - static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON]; - int save_errno; - int i; - - /* strerror(3) will set errno to EINVAL when i is an unknown errno. */ - save_errno = errno; - for (i = 1; i <= NUM_SYS_STR_REASONS; i++) { - ERR_STRING_DATA *str = &SYS_str_reasons[i - 1]; - - str->error = (unsigned long)i; - if (str->string == NULL) { - char (*dest)[LEN_SYS_STR_REASON] = - &(strerror_tab[i - 1]); - const char *src = strerror(i); - if (src != NULL) { - strlcpy(*dest, src, sizeof *dest); - str->string = *dest; - } - } - if (str->string == NULL) - str->string = "unknown"; - } - errno = save_errno; - - /* - * Now we still have SYS_str_reasons[NUM_SYS_STR_REASONS] = {0, NULL}, - * as required by ERR_load_strings. - */ -} -#endif - -static void -err_clear_data(ERR_STATE *s, int i) -{ - if ((s->err_data_flags[i] & ERR_TXT_MALLOCED) != 0) - free(s->err_data[i]); - - s->err_data[i] = NULL; - s->err_data_flags[i] = 0; -} - -static void -err_clear(ERR_STATE *s, int i) -{ - s->err_flags[i] = 0; - s->err_buffer[i] = 0; - s->err_file[i] = NULL; - s->err_line[i] = -1; - - err_clear_data(s, i); -} - -static void -ERR_STATE_free(ERR_STATE *s) -{ - int i; - - if (s == NULL) - return; - - for (i = 0; i < ERR_NUM_ERRORS; i++) - err_clear_data(s, i); - - free(s); -} - -static ERR_STATE * -ERR_get_state(void) -{ - static ERR_STATE fallback; - ERR_STATE *ret, tmp, *tmpp = NULL; - int i; - - tmp.tid = pthread_self(); - ret = err_thread_get_item(&tmp); - - /* ret == the error state, if NULL, make a new one */ - if (ret == NULL) { - ret = malloc(sizeof(ERR_STATE)); - if (ret == NULL) - return (&fallback); - ret->tid = pthread_self(); - ret->top = 0; - ret->bottom = 0; - for (i = 0; i < ERR_NUM_ERRORS; i++) { - ret->err_data[i] = NULL; - ret->err_data_flags[i] = 0; - } - tmpp = err_thread_set_item(ret); - /* To check if insertion failed, do a get. */ - if (err_thread_get_item(ret) != ret) { - ERR_STATE_free(ret); /* could not insert it */ - return (&fallback); - } - /* - * If a race occurred in this function and we came second, - * tmpp is the first one that we just replaced. - */ - if (tmpp) - ERR_STATE_free(tmpp); - } - return ret; -} - -static void -err_load_strings(int lib, ERR_STRING_DATA *str) -{ - while (str->error != 0) { - if (lib) - str->error |= ERR_PACK(lib, 0, 0); - err_set_item(str); - str++; - } -} - -static void -err_load_const_strings(const ERR_STRING_DATA *str) -{ - while (str->error != 0) { - err_set_item(str); - str++; - } -} - -static unsigned long -get_error_values(int inc, int top, const char **file, int *line, - const char **data, int *flags) -{ - int i = 0; - ERR_STATE *es; - unsigned long ret; - - es = ERR_get_state(); - - if (inc && top) { - if (file) - *file = ""; - if (line) - *line = 0; - if (data) - *data = ""; - if (flags) - *flags = 0; - - return ERR_R_INTERNAL_ERROR; - } - - if (es->bottom == es->top) - return 0; - if (top) - i = es->top; /* last error */ - else - i = (es->bottom + 1) % ERR_NUM_ERRORS; /* first error */ - - ret = es->err_buffer[i]; - if (inc) { - es->bottom = i; - es->err_buffer[i] = 0; - } - - if ((file != NULL) && (line != NULL)) { - if (es->err_file[i] == NULL) { - *file = "NA"; - if (line != NULL) - *line = 0; - } else { - *file = es->err_file[i]; - if (line != NULL) - *line = es->err_line[i]; - } - } - - if (data == NULL) { - if (inc) { - err_clear_data(es, i); - } - } else { - if (es->err_data[i] == NULL) { - *data = ""; - if (flags != NULL) - *flags = 0; - } else { - *data = es->err_data[i]; - if (flags != NULL) - *flags = es->err_data_flags[i]; - } - } - return ret; -} - -void -ERR_load_ERR_strings_internal(void) -{ - err_init_thread = pthread_self(); -#ifndef OPENSSL_NO_ERR - err_load_const_strings(ERR_str_libraries); - err_load_const_strings(ERR_str_reasons); - err_load_const_strings(ERR_str_functs); - err_build_SYS_str_reasons(); - err_load_strings(ERR_LIB_SYS, SYS_str_reasons); -#endif -} - -void -ERR_load_ERR_strings(void) -{ - static pthread_once_t once = PTHREAD_ONCE_INIT; - - if (pthread_equal(pthread_self(), err_init_thread)) - return; /* don't recurse */ - - /* Prayer and clean living lets you ignore errors, OpenSSL style */ - (void) OPENSSL_init_crypto(0, NULL); - - (void) pthread_once(&once, ERR_load_ERR_strings_internal); -} -LCRYPTO_ALIAS(ERR_load_ERR_strings); - -void -ERR_load_strings(int lib, ERR_STRING_DATA *str) -{ - ERR_load_ERR_strings(); - err_load_strings(lib, str); -} -LCRYPTO_ALIAS(ERR_load_strings); - -void -ERR_load_const_strings(const ERR_STRING_DATA *str) -{ - ERR_load_ERR_strings(); - err_load_const_strings(str); -} - -void -ERR_unload_strings(int lib, ERR_STRING_DATA *str) -{ - /* Prayer and clean living lets you ignore errors, OpenSSL style */ - (void) OPENSSL_init_crypto(0, NULL); - - while (str->error) { - if (lib) - str->error |= ERR_PACK(lib, 0, 0); - err_del_item(str); - str++; - } -} -LCRYPTO_ALIAS(ERR_unload_strings); - -void -ERR_free_strings(void) -{ - /* Prayer and clean living lets you ignore errors, OpenSSL style */ - (void) OPENSSL_init_crypto(0, NULL); - - err_del(); -} -LCRYPTO_ALIAS(ERR_free_strings); - -int -ERR_get_next_error_library(void) -{ - return err_get_next_lib(); -} -LCRYPTO_ALIAS(ERR_get_next_error_library); - -void -ERR_remove_thread_state(const CRYPTO_THREADID *id) -{ - ERR_STATE tmp; - - OPENSSL_assert(id == NULL); - tmp.tid = pthread_self(); - - /* - * err_thread_del_item automatically destroys the LHASH if the number of - * items reaches zero. - */ - err_thread_del_item(&tmp); -} -LCRYPTO_ALIAS(ERR_remove_thread_state); - -void -ERR_remove_state(unsigned long pid) -{ - ERR_remove_thread_state(NULL); -} -LCRYPTO_ALIAS(ERR_remove_state); - -int -ERR_set_mark(void) -{ - ERR_STATE *es; - - es = ERR_get_state(); - - if (es->bottom == es->top) - return 0; - es->err_flags[es->top] |= ERR_FLAG_MARK; - return 1; -} -LCRYPTO_ALIAS(ERR_set_mark); - -int -ERR_pop_to_mark(void) -{ - ERR_STATE *es; - - es = ERR_get_state(); - - while (es->bottom != es->top && - (es->err_flags[es->top] & ERR_FLAG_MARK) == 0) { - err_clear(es, es->top); - es->top -= 1; - if (es->top == -1) - es->top = ERR_NUM_ERRORS - 1; - } - - if (es->bottom == es->top) - return 0; - es->err_flags[es->top]&=~ERR_FLAG_MARK; - return 1; -} -LCRYPTO_ALIAS(ERR_pop_to_mark); - -void -ERR_clear_error(void) -{ - int i; - ERR_STATE *es; - - es = ERR_get_state(); - - for (i = 0; i < ERR_NUM_ERRORS; i++) - err_clear(es, i); - - es->top = es->bottom = 0; -} -LCRYPTO_ALIAS(ERR_clear_error); - -void -err_clear_last_constant_time(int clear) -{ - ERR_STATE *es; - int top; - - es = ERR_get_state(); - if (es == NULL) - return; - - top = es->top; - - es->err_flags[top] &= ~(0 - clear); - es->err_buffer[top] &= ~(0UL - clear); - es->err_file[top] = (const char *)((uintptr_t)es->err_file[top] & - ~((uintptr_t)0 - clear)); - es->err_line[top] |= 0 - clear; - - es->top = (top + ERR_NUM_ERRORS - clear) % ERR_NUM_ERRORS; -} - -void -ERR_put_error(int lib, int func, int reason, const char *file, int line) -{ - ERR_STATE *es; - int save_errno = errno; - - es = ERR_get_state(); - - es->top = (es->top + 1) % ERR_NUM_ERRORS; - if (es->top == es->bottom) - es->bottom = (es->bottom + 1) % ERR_NUM_ERRORS; - es->err_flags[es->top] = 0; - es->err_buffer[es->top] = ERR_PACK(lib, func, reason); - es->err_file[es->top] = file; - es->err_line[es->top] = line; - err_clear_data(es, es->top); - errno = save_errno; -} -LCRYPTO_ALIAS(ERR_put_error); - -void -ERR_asprintf_error_data(char * format, ...) -{ - char *errbuf = NULL; - va_list ap; - int r; - - va_start(ap, format); - r = vasprintf(&errbuf, format, ap); - va_end(ap); - if (r == -1) - ERR_set_error_data("malloc failed", ERR_TXT_STRING); - else - ERR_set_error_data(errbuf, ERR_TXT_MALLOCED|ERR_TXT_STRING); -} -LCRYPTO_ALIAS(ERR_asprintf_error_data); - -void -ERR_set_error_data(char *data, int flags) -{ - ERR_STATE *es; - int i; - - es = ERR_get_state(); - - i = es->top; - if (i == 0) - i = ERR_NUM_ERRORS - 1; - - err_clear_data(es, i); - es->err_data[i] = data; - es->err_data_flags[i] = flags; -} -LCRYPTO_ALIAS(ERR_set_error_data); - -unsigned long -ERR_get_error(void) -{ - return (get_error_values(1, 0, NULL, NULL, NULL, NULL)); -} -LCRYPTO_ALIAS(ERR_get_error); - -unsigned long -ERR_get_error_line(const char **file, int *line) -{ - return (get_error_values(1, 0, file, line, NULL, NULL)); -} -LCRYPTO_ALIAS(ERR_get_error_line); - -unsigned long -ERR_get_error_line_data(const char **file, int *line, - const char **data, int *flags) -{ - return (get_error_values(1, 0, file, line, data, flags)); -} -LCRYPTO_ALIAS(ERR_get_error_line_data); - -unsigned long -ERR_peek_error(void) -{ - return (get_error_values(0, 0, NULL, NULL, NULL, NULL)); -} -LCRYPTO_ALIAS(ERR_peek_error); - -unsigned long -ERR_peek_error_line(const char **file, int *line) -{ - return (get_error_values(0, 0, file, line, NULL, NULL)); -} -LCRYPTO_ALIAS(ERR_peek_error_line); - -unsigned long -ERR_peek_error_line_data(const char **file, int *line, - const char **data, int *flags) -{ - return (get_error_values(0, 0, file, line, data, flags)); -} -LCRYPTO_ALIAS(ERR_peek_error_line_data); - -unsigned long -ERR_peek_last_error(void) -{ - return (get_error_values(0, 1, NULL, NULL, NULL, NULL)); -} -LCRYPTO_ALIAS(ERR_peek_last_error); - -unsigned long -ERR_peek_last_error_line(const char **file, int *line) -{ - return (get_error_values(0, 1, file, line, NULL, NULL)); -} -LCRYPTO_ALIAS(ERR_peek_last_error_line); - -unsigned long -ERR_peek_last_error_line_data(const char **file, int *line, - const char **data, int *flags) -{ - return (get_error_values(0, 1, file, line, data, flags)); -} -LCRYPTO_ALIAS(ERR_peek_last_error_line_data); - -const char * -ERR_lib_error_string(unsigned long e) -{ - const ERR_STRING_DATA *p; - ERR_STRING_DATA d; - unsigned long l; - - if (!OPENSSL_init_crypto(0, NULL)) - return NULL; - - l = ERR_GET_LIB(e); - d.error = ERR_PACK(l, 0, 0); - p = err_get_item(&d); - return ((p == NULL) ? NULL : p->string); -} -LCRYPTO_ALIAS(ERR_lib_error_string); - -const char * -ERR_func_error_string(unsigned long e) -{ - const ERR_STRING_DATA *p; - ERR_STRING_DATA d; - unsigned long l, f; - - l = ERR_GET_LIB(e); - f = ERR_GET_FUNC(e); - d.error = ERR_PACK(l, f, 0); - p = err_get_item(&d); - return ((p == NULL) ? NULL : p->string); -} -LCRYPTO_ALIAS(ERR_func_error_string); - -const char * -ERR_reason_error_string(unsigned long e) -{ - const ERR_STRING_DATA *p = NULL; - ERR_STRING_DATA d; - unsigned long l, r; - - l = ERR_GET_LIB(e); - r = ERR_GET_REASON(e); - d.error = ERR_PACK(l, 0, r); - p = err_get_item(&d); - if (!p) { - d.error = ERR_PACK(0, 0, r); - p = err_get_item(&d); - } - return ((p == NULL) ? NULL : p->string); -} -LCRYPTO_ALIAS(ERR_reason_error_string); - -void -ERR_error_string_n(unsigned long e, char *buf, size_t len) -{ - char lsbuf[30], fsbuf[30], rsbuf[30]; - const char *ls, *fs, *rs; - int l, f, r, ret; - - l = ERR_GET_LIB(e); - f = ERR_GET_FUNC(e); - r = ERR_GET_REASON(e); - - ls = ERR_lib_error_string(e); - fs = ERR_func_error_string(e); - rs = ERR_reason_error_string(e); - - if (ls == NULL) { - (void) snprintf(lsbuf, sizeof(lsbuf), "lib(%d)", l); - ls = lsbuf; - } - if (fs == NULL) { - (void) snprintf(fsbuf, sizeof(fsbuf), "func(%d)", f); - fs = fsbuf; - } - if (rs == NULL) { - (void) snprintf(rsbuf, sizeof(rsbuf), "reason(%d)", r); - rs = rsbuf; - } - - ret = snprintf(buf, len, "error:%08lX:%s:%s:%s", e, ls, fs, rs); - if (ret == -1) - return; /* can't happen, and can't do better if it does */ - if (ret >= len) { - /* - * output may be truncated; make sure we always have 5 - * colon-separated fields, i.e. 4 colons ... - */ -#define NUM_COLONS 4 - if (len > NUM_COLONS) /* ... if possible */ - { - int i; - char *s = buf; - - for (i = 0; i < NUM_COLONS; i++) { - char *colon = strchr(s, ':'); - if (colon == NULL || - colon > &buf[len - 1] - NUM_COLONS + i) { - /* set colon no. i at last possible position - * (buf[len-1] is the terminating 0)*/ - colon = &buf[len - 1] - NUM_COLONS + i; - *colon = ':'; - } - s = colon + 1; - } - } - } -} -LCRYPTO_ALIAS(ERR_error_string_n); - -/* - * ERR_error_string_n should be used instead for ret != NULL - * as ERR_error_string cannot know how large the buffer is. - * - * BAD for multi-threading: uses a local buffer if ret == NULL. - */ -char * -ERR_error_string(unsigned long e, char *ret) -{ - static char buf[256]; - - if (ret == NULL) - ret = buf; - ERR_error_string_n(e, ret, 256); - - return ret; -} -LCRYPTO_ALIAS(ERR_error_string); diff --git a/src/lib/libcrypto/err/err.h b/src/lib/libcrypto/err/err.h deleted file mode 100644 index fe6c34dd0a..0000000000 --- a/src/lib/libcrypto/err/err.h +++ /dev/null @@ -1,396 +0,0 @@ -/* $OpenBSD: err.h,v 1.36 2025/03/09 15:12:18 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_ERR_H -#define HEADER_ERR_H - -#include - -#include -#include - -#include -#ifndef OPENSSL_NO_BIO -#include -#endif -#ifndef OPENSSL_NO_LHASH -#include -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -#ifndef OPENSSL_NO_FILENAMES -#define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,d,e) -#else -#define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,NULL,0) -#endif - -#include - -#define ERR_TXT_MALLOCED 0x01 -#define ERR_TXT_STRING 0x02 - -#define ERR_FLAG_MARK 0x01 - -#define ERR_NUM_ERRORS 16 - -/* library */ -#define ERR_LIB_NONE 1 -#define ERR_LIB_SYS 2 -#define ERR_LIB_BN 3 -#define ERR_LIB_RSA 4 -#define ERR_LIB_DH 5 -#define ERR_LIB_EVP 6 -#define ERR_LIB_BUF 7 -#define ERR_LIB_OBJ 8 -#define ERR_LIB_PEM 9 -#define ERR_LIB_DSA 10 -#define ERR_LIB_X509 11 -/* #define ERR_LIB_METH 12 */ -#define ERR_LIB_ASN1 13 -#define ERR_LIB_CONF 14 -#define ERR_LIB_CRYPTO 15 -#define ERR_LIB_EC 16 -#define ERR_LIB_SSL 20 -/* #define ERR_LIB_SSL23 21 */ -/* #define ERR_LIB_SSL2 22 */ -/* #define ERR_LIB_SSL3 23 */ -/* #define ERR_LIB_RSAREF 30 */ -/* #define ERR_LIB_PROXY 31 */ -#define ERR_LIB_BIO 32 -#define ERR_LIB_PKCS7 33 -#define ERR_LIB_X509V3 34 -#define ERR_LIB_PKCS12 35 -#define ERR_LIB_RAND 36 -#define ERR_LIB_DSO 37 -#define ERR_LIB_ENGINE 38 -#define ERR_LIB_OCSP 39 -#define ERR_LIB_UI 40 -#define ERR_LIB_COMP 41 -#define ERR_LIB_ECDSA 42 -#define ERR_LIB_ECDH 43 -#define ERR_LIB_STORE 44 -#define ERR_LIB_FIPS 45 -#define ERR_LIB_CMS 46 -#define ERR_LIB_TS 47 -#define ERR_LIB_HMAC 48 -#define ERR_LIB_JPAKE 49 -#define ERR_LIB_GOST 50 -#define ERR_LIB_CT 51 -#define ERR_LIB_KDF 52 - -#define ERR_LIB_USER 128 - -#ifndef LIBRESSL_INTERNAL -#define SYSerr(f,r) ERR_PUT_error(ERR_LIB_SYS,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define BNerr(f,r) ERR_PUT_error(ERR_LIB_BN,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define RSAerr(f,r) ERR_PUT_error(ERR_LIB_RSA,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define DHerr(f,r) ERR_PUT_error(ERR_LIB_DH,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define EVPerr(f,r) ERR_PUT_error(ERR_LIB_EVP,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define BUFerr(f,r) ERR_PUT_error(ERR_LIB_BUF,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define OBJerr(f,r) ERR_PUT_error(ERR_LIB_OBJ,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define PEMerr(f,r) ERR_PUT_error(ERR_LIB_PEM,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define DSAerr(f,r) ERR_PUT_error(ERR_LIB_DSA,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define X509err(f,r) ERR_PUT_error(ERR_LIB_X509,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define ASN1err(f,r) ERR_PUT_error(ERR_LIB_ASN1,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define CONFerr(f,r) ERR_PUT_error(ERR_LIB_CONF,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define CRYPTOerr(f,r) ERR_PUT_error(ERR_LIB_CRYPTO,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define ECerr(f,r) ERR_PUT_error(ERR_LIB_EC,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define BIOerr(f,r) ERR_PUT_error(ERR_LIB_BIO,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define PKCS7err(f,r) ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define X509V3err(f,r) ERR_PUT_error(ERR_LIB_X509V3,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define PKCS12err(f,r) ERR_PUT_error(ERR_LIB_PKCS12,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define RANDerr(f,r) ERR_PUT_error(ERR_LIB_RAND,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define DSOerr(f,r) ERR_PUT_error(ERR_LIB_DSO,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define ENGINEerr(f,r) ERR_PUT_error(ERR_LIB_ENGINE,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define OCSPerr(f,r) ERR_PUT_error(ERR_LIB_OCSP,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define UIerr(f,r) ERR_PUT_error(ERR_LIB_UI,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define COMPerr(f,r) ERR_PUT_error(ERR_LIB_COMP,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define ECDSAerr(f,r) ERR_PUT_error(ERR_LIB_ECDSA,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define ECDHerr(f,r) ERR_PUT_error(ERR_LIB_ECDH,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define STOREerr(f,r) ERR_PUT_error(ERR_LIB_STORE,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define FIPSerr(f,r) ERR_PUT_error(ERR_LIB_FIPS,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define CMSerr(f,r) ERR_PUT_error(ERR_LIB_CMS,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define TSerr(f,r) ERR_PUT_error(ERR_LIB_TS,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define HMACerr(f,r) ERR_PUT_error(ERR_LIB_HMAC,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define JPAKEerr(f,r) ERR_PUT_error(ERR_LIB_JPAKE,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define GOSTerr(f,r) ERR_PUT_error(ERR_LIB_GOST,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define SSLerr(f,r) ERR_PUT_error(ERR_LIB_SSL,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define CTerr(f, r) ERR_PUT_error(ERR_LIB_CT,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#define KDFerr(f, r) ERR_PUT_error(ERR_LIB_KDF,(f),(r),OPENSSL_FILE,OPENSSL_LINE) -#endif - -#ifdef LIBRESSL_INTERNAL -#define SYSerror(r) ERR_PUT_error(ERR_LIB_SYS,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define BNerror(r) ERR_PUT_error(ERR_LIB_BN,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define RSAerror(r) ERR_PUT_error(ERR_LIB_RSA,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define DHerror(r) ERR_PUT_error(ERR_LIB_DH,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define EVPerror(r) ERR_PUT_error(ERR_LIB_EVP,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define BUFerror(r) ERR_PUT_error(ERR_LIB_BUF,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define OBJerror(r) ERR_PUT_error(ERR_LIB_OBJ,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define PEMerror(r) ERR_PUT_error(ERR_LIB_PEM,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define DSAerror(r) ERR_PUT_error(ERR_LIB_DSA,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define X509error(r) ERR_PUT_error(ERR_LIB_X509,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define ASN1error(r) ERR_PUT_error(ERR_LIB_ASN1,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define CONFerror(r) ERR_PUT_error(ERR_LIB_CONF,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define CRYPTOerror(r) ERR_PUT_error(ERR_LIB_CRYPTO,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define ECerror(r) ERR_PUT_error(ERR_LIB_EC,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define BIOerror(r) ERR_PUT_error(ERR_LIB_BIO,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define PKCS7error(r) ERR_PUT_error(ERR_LIB_PKCS7,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define X509V3error(r) ERR_PUT_error(ERR_LIB_X509V3,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define PKCS12error(r) ERR_PUT_error(ERR_LIB_PKCS12,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define RANDerror(r) ERR_PUT_error(ERR_LIB_RAND,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define DSOerror(r) ERR_PUT_error(ERR_LIB_DSO,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define ENGINEerror(r) ERR_PUT_error(ERR_LIB_ENGINE,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define OCSPerror(r) ERR_PUT_error(ERR_LIB_OCSP,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define UIerror(r) ERR_PUT_error(ERR_LIB_UI,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define COMPerror(r) ERR_PUT_error(ERR_LIB_COMP,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define ECDSAerror(r) ERR_PUT_error(ERR_LIB_ECDSA,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define ECDHerror(r) ERR_PUT_error(ERR_LIB_ECDH,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define STOREerror(r) ERR_PUT_error(ERR_LIB_STORE,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define FIPSerror(r) ERR_PUT_error(ERR_LIB_FIPS,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define CMSerror(r) ERR_PUT_error(ERR_LIB_CMS,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define TSerror(r) ERR_PUT_error(ERR_LIB_TS,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define HMACerror(r) ERR_PUT_error(ERR_LIB_HMAC,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define JPAKEerror(r) ERR_PUT_error(ERR_LIB_JPAKE,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define GOSTerror(r) ERR_PUT_error(ERR_LIB_GOST,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define CTerror(r) ERR_PUT_error(ERR_LIB_CT,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#define KDFerror(r) ERR_PUT_error(ERR_LIB_KDF,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE) -#endif - -#define ERR_PACK(l,f,r) (((((unsigned long)l)&0xffL)<<24L)| \ - ((((unsigned long)f)&0xfffL)<<12L)| \ - ((((unsigned long)r)&0xfffL))) -#define ERR_GET_LIB(l) (int)((((unsigned long)l)>>24L)&0xffL) -#define ERR_GET_FUNC(l) (int)((((unsigned long)l)>>12L)&0xfffL) -#define ERR_GET_REASON(l) (int)((l)&0xfffL) -#define ERR_FATAL_ERROR(l) (int)((l)&ERR_R_FATAL) - - -/* OS functions */ -#define SYS_F_FOPEN 1 -#define SYS_F_CONNECT 2 -#define SYS_F_GETSERVBYNAME 3 -#define SYS_F_SOCKET 4 -#define SYS_F_IOCTLSOCKET 5 -#define SYS_F_BIND 6 -#define SYS_F_LISTEN 7 -#define SYS_F_ACCEPT 8 -#define SYS_F_WSASTARTUP 9 /* Winsock stuff */ -#define SYS_F_OPENDIR 10 -#define SYS_F_FREAD 11 - - -/* reasons */ -#define ERR_R_SYS_LIB ERR_LIB_SYS /* 2 */ -#define ERR_R_BN_LIB ERR_LIB_BN /* 3 */ -#define ERR_R_RSA_LIB ERR_LIB_RSA /* 4 */ -#define ERR_R_DH_LIB ERR_LIB_DH /* 5 */ -#define ERR_R_EVP_LIB ERR_LIB_EVP /* 6 */ -#define ERR_R_BUF_LIB ERR_LIB_BUF /* 7 */ -#define ERR_R_OBJ_LIB ERR_LIB_OBJ /* 8 */ -#define ERR_R_PEM_LIB ERR_LIB_PEM /* 9 */ -#define ERR_R_DSA_LIB ERR_LIB_DSA /* 10 */ -#define ERR_R_X509_LIB ERR_LIB_X509 /* 11 */ -#define ERR_R_ASN1_LIB ERR_LIB_ASN1 /* 13 */ -#define ERR_R_CONF_LIB ERR_LIB_CONF /* 14 */ -#define ERR_R_CRYPTO_LIB ERR_LIB_CRYPTO /* 15 */ -#define ERR_R_EC_LIB ERR_LIB_EC /* 16 */ -#define ERR_R_SSL_LIB ERR_LIB_SSL /* 20 */ -#define ERR_R_BIO_LIB ERR_LIB_BIO /* 32 */ -#define ERR_R_PKCS7_LIB ERR_LIB_PKCS7 /* 33 */ -#define ERR_R_X509V3_LIB ERR_LIB_X509V3 /* 34 */ -#define ERR_R_PKCS12_LIB ERR_LIB_PKCS12 /* 35 */ -#define ERR_R_RAND_LIB ERR_LIB_RAND /* 36 */ -#define ERR_R_DSO_LIB ERR_LIB_DSO /* 37 */ -#define ERR_R_ENGINE_LIB ERR_LIB_ENGINE /* 38 */ -#define ERR_R_OCSP_LIB ERR_LIB_OCSP /* 39 */ -#define ERR_R_UI_LIB ERR_LIB_UI /* 40 */ -#define ERR_R_COMP_LIB ERR_LIB_COMP /* 41 */ -#define ERR_R_ECDSA_LIB ERR_LIB_ECDSA /* 42 */ -#define ERR_R_ECDH_LIB ERR_LIB_ECDH /* 43 */ -#define ERR_R_STORE_LIB ERR_LIB_STORE /* 44 */ -#define ERR_R_TS_LIB ERR_LIB_TS /* 45 */ - -#define ERR_R_NESTED_ASN1_ERROR 58 -#define ERR_R_BAD_ASN1_OBJECT_HEADER 59 -#define ERR_R_BAD_GET_ASN1_OBJECT_CALL 60 -#define ERR_R_EXPECTING_AN_ASN1_SEQUENCE 61 -#define ERR_R_ASN1_LENGTH_MISMATCH 62 -#define ERR_R_MISSING_ASN1_EOS 63 - -/* fatal error */ -#define ERR_R_FATAL 64 -#define ERR_R_MALLOC_FAILURE (1|ERR_R_FATAL) -#define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED (2|ERR_R_FATAL) -#define ERR_R_PASSED_NULL_PARAMETER (3|ERR_R_FATAL) -#define ERR_R_INTERNAL_ERROR (4|ERR_R_FATAL) -#define ERR_R_DISABLED (5|ERR_R_FATAL) -#define ERR_R_INIT_FAIL (6|ERR_R_FATAL) - -/* 99 is the maximum possible ERR_R_... code, higher values - * are reserved for the individual libraries */ - -typedef struct ERR_string_data_st { - unsigned long error; - const char *string; -} ERR_STRING_DATA; - -void ERR_put_error(int lib, int func, int reason, const char *file, int line); -void ERR_set_error_data(char *data, int flags); - -unsigned long ERR_get_error(void); -unsigned long ERR_get_error_line(const char **file, int *line); -unsigned long ERR_get_error_line_data(const char **file, int *line, - const char **data, int *flags); -unsigned long ERR_peek_error(void); -unsigned long ERR_peek_error_line(const char **file, int *line); -unsigned long ERR_peek_error_line_data(const char **file, int *line, - const char **data, int *flags); -unsigned long ERR_peek_last_error(void); -unsigned long ERR_peek_last_error_line(const char **file, int *line); -unsigned long ERR_peek_last_error_line_data(const char **file, int *line, - const char **data, int *flags); -void ERR_clear_error(void ); -char *ERR_error_string(unsigned long e, char *buf); -void ERR_error_string_n(unsigned long e, char *buf, size_t len); -const char *ERR_lib_error_string(unsigned long e); -const char *ERR_func_error_string(unsigned long e); -const char *ERR_reason_error_string(unsigned long e); -void ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u), - void *u); -void ERR_print_errors_fp(FILE *fp); -#ifndef OPENSSL_NO_BIO -void ERR_print_errors(BIO *bp); -#endif -void ERR_asprintf_error_data(char * format, ...); -void ERR_load_strings(int lib, ERR_STRING_DATA *str); -void ERR_unload_strings(int lib, ERR_STRING_DATA *str); -void ERR_load_ERR_strings(void); -void ERR_load_crypto_strings(void); -void ERR_free_strings(void); - -void ERR_remove_thread_state(const CRYPTO_THREADID *tid); -/* Wrapped in OPENSSL_NO_DEPRECATED in 0.9.8. Still used in 2023. */ -void ERR_remove_state(unsigned long pid); - -int ERR_get_next_error_library(void); - -int ERR_set_mark(void); -int ERR_pop_to_mark(void); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/err/err_all.c b/src/lib/libcrypto/err/err_all.c deleted file mode 100644 index 9f135a2f58..0000000000 --- a/src/lib/libcrypto/err/err_all.c +++ /dev/null @@ -1,151 +0,0 @@ -/* $OpenBSD: err_all.c,v 1.36 2024/03/29 02:22:18 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#ifndef OPENSSL_NO_DH -#include -#endif -#ifndef OPENSSL_NO_DSA -#include -#endif -#ifndef OPENSSL_NO_EC -#include -#endif -#ifndef OPENSSL_NO_RSA -#include -#endif - -void ERR_load_ERR_strings_internal(void); - -static void -ERR_load_crypto_strings_internal(void) -{ -#ifndef OPENSSL_NO_ERR - ERR_load_ERR_strings_internal(); /* include error strings for SYSerr */ - - ERR_load_ASN1_strings(); - ERR_load_BIO_strings(); - ERR_load_BN_strings(); - ERR_load_BUF_strings(); -#ifndef OPENSSL_NO_CMS - ERR_load_CMS_strings(); -#endif - ERR_load_CONF_strings(); - ERR_load_CRYPTO_strings(); -#ifndef OPENSSL_NO_CT - ERR_load_CT_strings(); -#endif -#ifndef OPENSSL_NO_DH - ERR_load_DH_strings(); -#endif -#ifndef OPENSSL_NO_DSA - ERR_load_DSA_strings(); -#endif -#ifndef OPENSSL_NO_EC - ERR_load_EC_strings(); -#endif - ERR_load_EVP_strings(); - ERR_load_KDF_strings(); - ERR_load_OBJ_strings(); - ERR_load_OCSP_strings(); - ERR_load_PEM_strings(); - ERR_load_PKCS12_strings(); - ERR_load_PKCS7_strings(); - ERR_load_RAND_strings(); -#ifndef OPENSSL_NO_RSA - ERR_load_RSA_strings(); -#endif - ERR_load_TS_strings(); - ERR_load_UI_strings(); - ERR_load_X509V3_strings(); - ERR_load_X509_strings(); -#endif -} - -void -ERR_load_crypto_strings(void) -{ - static pthread_once_t loaded = PTHREAD_ONCE_INIT; - (void) pthread_once(&loaded, ERR_load_crypto_strings_internal); -} -LCRYPTO_ALIAS(ERR_load_crypto_strings); diff --git a/src/lib/libcrypto/err/err_local.h b/src/lib/libcrypto/err/err_local.h deleted file mode 100644 index d091b979cc..0000000000 --- a/src/lib/libcrypto/err/err_local.h +++ /dev/null @@ -1,123 +0,0 @@ -/* $OpenBSD: err_local.h,v 1.1 2024/06/24 06:43:22 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#ifndef HEADER_ERR_LOCAL_H -#define HEADER_ERR_LOCAL_H - -__BEGIN_HIDDEN_DECLS - -void ERR_load_const_strings(const ERR_STRING_DATA *str); - -__END_HIDDEN_DECLS - -#endif /* HEADER_ERR_LOCAL_H */ diff --git a/src/lib/libcrypto/err/err_prn.c b/src/lib/libcrypto/err/err_prn.c deleted file mode 100644 index 4bd9482e61..0000000000 --- a/src/lib/libcrypto/err/err_prn.c +++ /dev/null @@ -1,119 +0,0 @@ -/* $OpenBSD: err_prn.c,v 1.24 2024/11/02 08:54:40 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include - -#include -#include -#include -#include - -#include "bio_local.h" - -void -ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u), void *u) -{ - unsigned long l; - char buf[256]; - char buf2[4096]; - const char *file, *data; - int line, flags; - unsigned long es; - - es = (unsigned long)pthread_self(); - while ((l = ERR_get_error_line_data(&file, &line, &data, - &flags)) != 0) { - ERR_error_string_n(l, buf, sizeof buf); - (void) snprintf(buf2, sizeof(buf2), "%lu:%s:%s:%d:%s\n", es, - buf, file, line, (flags & ERR_TXT_STRING) ? data : ""); - if (cb(buf2, strlen(buf2), u) <= 0) - break; /* abort outputting the error report */ - } -} -LCRYPTO_ALIAS(ERR_print_errors_cb); - -static int -print_fp(const char *str, size_t len, void *fp) -{ - if (len > INT_MAX) - return -1; - return fprintf(fp, "%.*s", (int)len, str); -} - -void -ERR_print_errors_fp(FILE *fp) -{ - ERR_print_errors_cb(print_fp, fp); -} -LCRYPTO_ALIAS(ERR_print_errors_fp); - -static int -print_bio(const char *str, size_t len, void *bp) -{ - return BIO_write(bp, str, len); -} - -void -ERR_print_errors(BIO *bp) -{ - ERR_print_errors_cb(print_bio, bp); -} -LCRYPTO_ALIAS(ERR_print_errors); diff --git a/src/lib/libcrypto/evp/bio_b64.c b/src/lib/libcrypto/evp/bio_b64.c deleted file mode 100644 index 32cd1f06df..0000000000 --- a/src/lib/libcrypto/evp/bio_b64.c +++ /dev/null @@ -1,572 +0,0 @@ -/* $OpenBSD: bio_b64.c,v 1.29 2024/04/09 13:52:41 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include -#include - -#include "bio_local.h" -#include "evp_local.h" - -static int b64_write(BIO *h, const char *buf, int num); -static int b64_read(BIO *h, char *buf, int size); -static int b64_puts(BIO *h, const char *str); -/*static int b64_gets(BIO *h, char *str, int size); */ -static long b64_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int b64_new(BIO *h); -static int b64_free(BIO *data); -static long b64_callback_ctrl(BIO *h, int cmd, BIO_info_cb *fp); -#define B64_BLOCK_SIZE 1024 -#define B64_BLOCK_SIZE2 768 -#define B64_NONE 0 -#define B64_ENCODE 1 -#define B64_DECODE 2 - -typedef struct b64_struct { - /*BIO *bio; moved to the BIO structure */ - int buf_len; - int buf_off; - int tmp_len; /* used to find the start when decoding */ - int tmp_nl; /* If true, scan until '\n' */ - int encode; - int start; /* have we started decoding yet? */ - int cont; /* <= 0 when finished */ - EVP_ENCODE_CTX base64; - char buf[EVP_ENCODE_LENGTH(B64_BLOCK_SIZE) + 10]; - char tmp[B64_BLOCK_SIZE]; -} BIO_B64_CTX; - -static const BIO_METHOD methods_b64 = { - .type = BIO_TYPE_BASE64, - .name = "base64 encoding", - .bwrite = b64_write, - .bread = b64_read, - .bputs = b64_puts, - .ctrl = b64_ctrl, - .create = b64_new, - .destroy = b64_free, - .callback_ctrl = b64_callback_ctrl -}; - -const BIO_METHOD * -BIO_f_base64(void) -{ - return (&methods_b64); -} -LCRYPTO_ALIAS(BIO_f_base64); - -static int -b64_new(BIO *bi) -{ - BIO_B64_CTX *ctx; - - ctx = malloc(sizeof(BIO_B64_CTX)); - if (ctx == NULL) - return (0); - - ctx->buf_len = 0; - ctx->tmp_len = 0; - ctx->tmp_nl = 0; - ctx->buf_off = 0; - ctx->cont = 1; - ctx->start = 1; - ctx->encode = 0; - - bi->init = 1; - bi->ptr = (char *)ctx; - bi->flags = 0; - bi->num = 0; - return (1); -} - -static int -b64_free(BIO *a) -{ - if (a == NULL) - return (0); - free(a->ptr); - a->ptr = NULL; - a->init = 0; - a->flags = 0; - return (1); -} - -static int -b64_read(BIO *b, char *out, int outl) -{ - int ret = 0, i, ii, j, k, x, n, num, ret_code = 0; - BIO_B64_CTX *ctx; - unsigned char *p, *q; - - if (out == NULL) - return (0); - ctx = (BIO_B64_CTX *)b->ptr; - - if ((ctx == NULL) || (b->next_bio == NULL)) - return (0); - - BIO_clear_retry_flags(b); - - if (ctx->encode != B64_DECODE) { - ctx->encode = B64_DECODE; - ctx->buf_len = 0; - ctx->buf_off = 0; - ctx->tmp_len = 0; - EVP_DecodeInit(&(ctx->base64)); - } - - /* First check if there are bytes decoded/encoded */ - if (ctx->buf_len > 0) { - OPENSSL_assert(ctx->buf_len >= ctx->buf_off); - i = ctx->buf_len - ctx->buf_off; - if (i > outl) - i = outl; - OPENSSL_assert(ctx->buf_off + i < (int)sizeof(ctx->buf)); - memcpy(out, &(ctx->buf[ctx->buf_off]), i); - ret = i; - out += i; - outl -= i; - ctx->buf_off += i; - if (ctx->buf_len == ctx->buf_off) { - ctx->buf_len = 0; - ctx->buf_off = 0; - } - } - - /* At this point, we have room of outl bytes and an empty - * buffer, so we should read in some more. */ - - ret_code = 0; - while (outl > 0) { - if (ctx->cont <= 0) - break; - - i = BIO_read(b->next_bio, &(ctx->tmp[ctx->tmp_len]), - B64_BLOCK_SIZE - ctx->tmp_len); - - if (i <= 0) { - ret_code = i; - - /* Should we continue next time we are called? */ - if (!BIO_should_retry(b->next_bio)) { - ctx->cont = i; - /* If buffer empty break */ - if (ctx->tmp_len == 0) - break; - /* Fall through and process what we have */ - else - i = 0; - } - /* else we retry and add more data to buffer */ - else - break; - } - i += ctx->tmp_len; - ctx->tmp_len = i; - - /* We need to scan, a line at a time until we - * have a valid line if we are starting. */ - if (ctx->start && (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)) { - /* ctx->start=1; */ - ctx->tmp_len = 0; - } else if (ctx->start) { - q = p =(unsigned char *)ctx->tmp; - num = 0; - for (j = 0; j < i; j++) { - if (*(q++) != '\n') - continue; - - /* due to a previous very long line, - * we need to keep on scanning for a '\n' - * before we even start looking for - * base64 encoded stuff. */ - if (ctx->tmp_nl) { - p = q; - ctx->tmp_nl = 0; - continue; - } - - k = EVP_DecodeUpdate(&(ctx->base64), - (unsigned char *)ctx->buf, - &num, p, q - p); - if ((k <= 0) && (num == 0) && (ctx->start)) - EVP_DecodeInit(&ctx->base64); - else { - if (p != (unsigned char *) - &(ctx->tmp[0])) { - i -= (p - (unsigned char *) - &(ctx->tmp[0])); - for (x = 0; x < i; x++) - ctx->tmp[x] = p[x]; - } - EVP_DecodeInit(&ctx->base64); - ctx->start = 0; - break; - } - p = q; - } - - /* we fell off the end without starting */ - if ((j == i) && (num == 0)) { - /* Is this is one long chunk?, if so, keep on - * reading until a new line. */ - if (p == (unsigned char *)&(ctx->tmp[0])) { - /* Check buffer full */ - if (i == B64_BLOCK_SIZE) { - ctx->tmp_nl = 1; - ctx->tmp_len = 0; - } - } - else if (p != q) /* finished on a '\n' */ - { - n = q - p; - for (ii = 0; ii < n; ii++) - ctx->tmp[ii] = p[ii]; - ctx->tmp_len = n; - } - /* else finished on a '\n' */ - continue; - } else { - ctx->tmp_len = 0; - } - } else if ((i < B64_BLOCK_SIZE) && (ctx->cont > 0)) { - /* If buffer isn't full and we can retry then - * restart to read in more data. - */ - continue; - } - - if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) { - int z, jj; - - jj = i & ~3; /* process per 4 */ - z = EVP_DecodeBlock((unsigned char *)ctx->buf, - (unsigned char *)ctx->tmp, jj); - if (jj > 2) { - if (ctx->tmp[jj-1] == '=') { - z--; - if (ctx->tmp[jj-2] == '=') - z--; - } - } - /* z is now number of output bytes and jj is the - * number consumed */ - if (jj != i) { - memmove(ctx->tmp, &ctx->tmp[jj], i - jj); - ctx->tmp_len = i - jj; - } - ctx->buf_len = 0; - if (z > 0) { - ctx->buf_len = z; - } - i = z; - } else { - i = EVP_DecodeUpdate(&(ctx->base64), - (unsigned char *)ctx->buf, &ctx->buf_len, - (unsigned char *)ctx->tmp, i); - ctx->tmp_len = 0; - } - ctx->buf_off = 0; - if (i < 0) { - ret_code = 0; - ctx->buf_len = 0; - break; - } - - if (ctx->buf_len <= outl) - i = ctx->buf_len; - else - i = outl; - - memcpy(out, ctx->buf, i); - ret += i; - ctx->buf_off = i; - if (ctx->buf_off == ctx->buf_len) { - ctx->buf_len = 0; - ctx->buf_off = 0; - } - outl -= i; - out += i; - } - /* BIO_clear_retry_flags(b); */ - BIO_copy_next_retry(b); - return ((ret == 0) ? ret_code : ret); -} - -static int -b64_write(BIO *b, const char *in, int inl) -{ - int ret = 0; - int n; - int i; - BIO_B64_CTX *ctx; - - ctx = (BIO_B64_CTX *)b->ptr; - BIO_clear_retry_flags(b); - - if (ctx->encode != B64_ENCODE) { - ctx->encode = B64_ENCODE; - ctx->buf_len = 0; - ctx->buf_off = 0; - ctx->tmp_len = 0; - EVP_EncodeInit(&(ctx->base64)); - } - - OPENSSL_assert(ctx->buf_off < (int)sizeof(ctx->buf)); - OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf)); - OPENSSL_assert(ctx->buf_len >= ctx->buf_off); - n = ctx->buf_len - ctx->buf_off; - while (n > 0) { - i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n); - if (i <= 0) { - BIO_copy_next_retry(b); - return (i); - } - OPENSSL_assert(i <= n); - ctx->buf_off += i; - OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf)); - OPENSSL_assert(ctx->buf_len >= ctx->buf_off); - n -= i; - } - /* at this point all pending data has been written */ - ctx->buf_off = 0; - ctx->buf_len = 0; - - if ((in == NULL) || (inl <= 0)) - return (0); - - while (inl > 0) { - n = (inl > B64_BLOCK_SIZE) ? B64_BLOCK_SIZE : inl; - - if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) { - if (ctx->tmp_len > 0) { - OPENSSL_assert(ctx->tmp_len <= 3); - n = 3 - ctx->tmp_len; - /* There's a theoretical possibility for this */ - if (n > inl) - n = inl; - memcpy(&(ctx->tmp[ctx->tmp_len]), in, n); - ctx->tmp_len += n; - ret += n; - if (ctx->tmp_len < 3) - break; - ctx->buf_len = EVP_EncodeBlock( - (unsigned char *)ctx->buf, - (unsigned char *)ctx->tmp, ctx->tmp_len); - OPENSSL_assert(ctx->buf_len <= - (int)sizeof(ctx->buf)); - OPENSSL_assert(ctx->buf_len >= ctx->buf_off); - /* Since we're now done using the temporary - buffer, the length should be 0'd */ - ctx->tmp_len = 0; - } else { - if (n < 3) { - memcpy(ctx->tmp, in, n); - ctx->tmp_len = n; - ret += n; - break; - } - n -= n % 3; - ctx->buf_len = EVP_EncodeBlock( - (unsigned char *)ctx->buf, - (const unsigned char *)in, n); - OPENSSL_assert(ctx->buf_len <= - (int)sizeof(ctx->buf)); - OPENSSL_assert(ctx->buf_len >= ctx->buf_off); - ret += n; - } - } else { - if (!EVP_EncodeUpdate(&(ctx->base64), - (unsigned char *)ctx->buf, &ctx->buf_len, - (unsigned char *)in, n)) - return ((ret == 0) ? -1 : ret); - OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf)); - OPENSSL_assert(ctx->buf_len >= ctx->buf_off); - ret += n; - } - inl -= n; - in += n; - - ctx->buf_off = 0; - n = ctx->buf_len; - while (n > 0) { - i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n); - if (i <= 0) { - BIO_copy_next_retry(b); - return ((ret == 0) ? i : ret); - } - OPENSSL_assert(i <= n); - n -= i; - ctx->buf_off += i; - OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf)); - OPENSSL_assert(ctx->buf_len >= ctx->buf_off); - } - ctx->buf_len = 0; - ctx->buf_off = 0; - } - return (ret); -} - -static long -b64_ctrl(BIO *b, int cmd, long num, void *ptr) -{ - BIO_B64_CTX *ctx; - long ret = 1; - int i; - - ctx = (BIO_B64_CTX *)b->ptr; - - switch (cmd) { - case BIO_CTRL_RESET: - ctx->cont = 1; - ctx->start = 1; - ctx->encode = B64_NONE; - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); - break; - case BIO_CTRL_EOF: /* More to read */ - if (ctx->cont <= 0) - ret = 1; - else - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); - break; - case BIO_CTRL_WPENDING: /* More to write in buffer */ - OPENSSL_assert(ctx->buf_len >= ctx->buf_off); - ret = ctx->buf_len - ctx->buf_off; - if ((ret == 0) && (ctx->encode != B64_NONE) && - (ctx->base64.num != 0)) - ret = 1; - else if (ret <= 0) - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); - break; - case BIO_CTRL_PENDING: /* More to read in buffer */ - OPENSSL_assert(ctx->buf_len >= ctx->buf_off); - ret = ctx->buf_len - ctx->buf_off; - if (ret <= 0) - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); - break; - case BIO_CTRL_FLUSH: - /* do a final write */ -again: - while (ctx->buf_len != ctx->buf_off) { - i = b64_write(b, NULL, 0); - if (i < 0) - return i; - } - if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) { - if (ctx->tmp_len != 0) { - ctx->buf_len = EVP_EncodeBlock( - (unsigned char *)ctx->buf, - (unsigned char *)ctx->tmp, - ctx->tmp_len); - ctx->buf_off = 0; - ctx->tmp_len = 0; - goto again; - } - } else if (ctx->encode != B64_NONE && ctx->base64.num != 0) { - ctx->buf_off = 0; - EVP_EncodeFinal(&(ctx->base64), - (unsigned char *)ctx->buf, - &(ctx->buf_len)); - /* push out the bytes */ - goto again; - } - /* Finally flush the underlying BIO */ - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); - break; - - case BIO_C_DO_STATE_MACHINE: - BIO_clear_retry_flags(b); - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); - BIO_copy_next_retry(b); - break; - - case BIO_CTRL_DUP: - break; - case BIO_CTRL_INFO: - case BIO_CTRL_GET: - case BIO_CTRL_SET: - default: - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); - break; - } - return (ret); -} - -static long -b64_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp) -{ - long ret = 1; - - if (b->next_bio == NULL) - return (0); - switch (cmd) { - default: - ret = BIO_callback_ctrl(b->next_bio, cmd, fp); - break; - } - return (ret); -} - -static int -b64_puts(BIO *b, const char *str) -{ - return b64_write(b, str, strlen(str)); -} diff --git a/src/lib/libcrypto/evp/bio_enc.c b/src/lib/libcrypto/evp/bio_enc.c deleted file mode 100644 index 30baf93517..0000000000 --- a/src/lib/libcrypto/evp/bio_enc.c +++ /dev/null @@ -1,433 +0,0 @@ -/* $OpenBSD: bio_enc.c,v 1.33 2024/04/12 11:10:34 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include - -#include -#include - -#include "bio_local.h" -#include "evp_local.h" - -static int enc_write(BIO *h, const char *buf, int num); -static int enc_read(BIO *h, char *buf, int size); -/*static int enc_puts(BIO *h, const char *str); */ -/*static int enc_gets(BIO *h, char *str, int size); */ -static long enc_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int enc_new(BIO *h); -static int enc_free(BIO *data); -static long enc_callback_ctrl(BIO *h, int cmd, BIO_info_cb *fps); -#define ENC_BLOCK_SIZE (1024*4) -#define BUF_OFFSET (EVP_MAX_BLOCK_LENGTH*2) - -typedef struct enc_struct { - int buf_len; - int buf_off; - int cont; /* <= 0 when finished */ - int finished; - int ok; /* bad decrypt */ - EVP_CIPHER_CTX *cipher_ctx; - /* buf is larger than ENC_BLOCK_SIZE because EVP_DecryptUpdate - * can return up to a block more data than is presented to it - */ - char buf[ENC_BLOCK_SIZE + BUF_OFFSET + 2]; -} BIO_ENC_CTX; - -static const BIO_METHOD methods_enc = { - .type = BIO_TYPE_CIPHER, - .name = "cipher", - .bwrite = enc_write, - .bread = enc_read, - .ctrl = enc_ctrl, - .create = enc_new, - .destroy = enc_free, - .callback_ctrl = enc_callback_ctrl -}; - -const BIO_METHOD * -BIO_f_cipher(void) -{ - return &methods_enc; -} -LCRYPTO_ALIAS(BIO_f_cipher); - -static void -bio_enc_ctx_free(BIO_ENC_CTX *ctx) -{ - if (ctx == NULL) - return; - - EVP_CIPHER_CTX_free(ctx->cipher_ctx); - freezero(ctx, sizeof(*ctx)); -} - -static int -enc_new(BIO *bio) -{ - BIO_ENC_CTX *ctx; - int ret = 0; - - if ((ctx = calloc(1, sizeof(BIO_ENC_CTX))) == NULL) - goto err; - if ((ctx->cipher_ctx = EVP_CIPHER_CTX_new()) == NULL) - goto err; - - ctx->cont = 1; - ctx->ok = 1; - - bio->ptr = ctx; - ctx = NULL; - - ret = 1; - - err: - bio_enc_ctx_free(ctx); - - return ret; -} - -static int -enc_free(BIO *bio) -{ - if (bio == NULL) - return 0; - - bio_enc_ctx_free(bio->ptr); - explicit_bzero(bio, sizeof(*bio)); - - return 1; -} - -static int -enc_read(BIO *bio, char *out, int outl) -{ - BIO_ENC_CTX *ctx; - int ret = 0, i; - - if (out == NULL) - return 0; - ctx = bio->ptr; - - if (ctx == NULL || bio->next_bio == NULL) - return 0; - - /* First check if there are bytes decoded/encoded */ - if (ctx->buf_len > 0) { - i = ctx->buf_len - ctx->buf_off; - if (i > outl) - i = outl; - memcpy(out, &(ctx->buf[ctx->buf_off]), i); - ret = i; - out += i; - outl -= i; - ctx->buf_off += i; - if (ctx->buf_len == ctx->buf_off) { - ctx->buf_len = 0; - ctx->buf_off = 0; - } - } - - /* At this point, we have room of outl bytes and an empty - * buffer, so we should read in some more. */ - - while (outl > 0) { - if (ctx->cont <= 0) - break; - - /* read in at IV offset, read the EVP_Cipher - * documentation about why */ - i = BIO_read(bio->next_bio, &ctx->buf[BUF_OFFSET], - ENC_BLOCK_SIZE); - - if (i <= 0) { - /* Should be continue next time we are called? */ - if (!BIO_should_retry(bio->next_bio)) { - ctx->cont = i; - i = EVP_CipherFinal_ex(ctx->cipher_ctx, - (unsigned char *)ctx->buf, - &(ctx->buf_len)); - ctx->ok = i; - ctx->buf_off = 0; - } else { - ret = (ret == 0) ? i : ret; - break; - } - } else { - EVP_CipherUpdate(ctx->cipher_ctx, - (unsigned char *)ctx->buf, &ctx->buf_len, - (unsigned char *)&ctx->buf[BUF_OFFSET], i); - ctx->cont = 1; - /* Note: it is possible for EVP_CipherUpdate to - * decrypt zero bytes because this is or looks like - * the final block: if this happens we should retry - * and either read more data or decrypt the final - * block - */ - if (ctx->buf_len == 0) - continue; - } - - if (ctx->buf_len <= outl) - i = ctx->buf_len; - else - i = outl; - if (i <= 0) - break; - memcpy(out, ctx->buf, i); - ret += i; - ctx->buf_off = i; - outl -= i; - out += i; - } - - BIO_clear_retry_flags(bio); - BIO_copy_next_retry(bio); - return ret == 0 ? ctx->cont : ret; -} - -static int -enc_write(BIO *bio, const char *in, int inl) -{ - BIO_ENC_CTX *ctx; - int ret = 0, n, i; - - ctx = bio->ptr; - ret = inl; - - BIO_clear_retry_flags(bio); - n = ctx->buf_len - ctx->buf_off; - while (n > 0) { - i = BIO_write(bio->next_bio, &(ctx->buf[ctx->buf_off]), n); - if (i <= 0) { - BIO_copy_next_retry(bio); - return i; - } - ctx->buf_off += i; - n -= i; - } - /* at this point all pending data has been written */ - - if (in == NULL || inl <= 0) - return 0; - - ctx->buf_off = 0; - while (inl > 0) { - n = inl > ENC_BLOCK_SIZE ? ENC_BLOCK_SIZE : inl; - EVP_CipherUpdate(ctx->cipher_ctx, - (unsigned char *)ctx->buf, &ctx->buf_len, - (unsigned char *)in, n); - inl -= n; - in += n; - - ctx->buf_off = 0; - n = ctx->buf_len; - while (n > 0) { - i = BIO_write(bio->next_bio, &ctx->buf[ctx->buf_off], n); - if (i <= 0) { - BIO_copy_next_retry(bio); - return ret == inl ? i : ret - inl; - } - n -= i; - ctx->buf_off += i; - } - ctx->buf_len = 0; - ctx->buf_off = 0; - } - BIO_copy_next_retry(bio); - - return ret; -} - -static long -enc_ctrl(BIO *bio, int cmd, long num, void *ptr) -{ - BIO *dbio; - BIO_ENC_CTX *ctx, *dctx; - EVP_CIPHER_CTX **c_ctx; - int i; - long ret = 1; - - ctx = bio->ptr; - - switch (cmd) { - case BIO_CTRL_RESET: - ctx->ok = 1; - ctx->finished = 0; - EVP_CipherInit_ex(ctx->cipher_ctx, NULL, NULL, NULL, NULL, - ctx->cipher_ctx->encrypt); - ret = BIO_ctrl(bio->next_bio, cmd, num, ptr); - break; - case BIO_CTRL_EOF: /* More to read */ - if (ctx->cont <= 0) - ret = 1; - else - ret = BIO_ctrl(bio->next_bio, cmd, num, ptr); - break; - case BIO_CTRL_WPENDING: - ret = ctx->buf_len - ctx->buf_off; - if (ret <= 0) - ret = BIO_ctrl(bio->next_bio, cmd, num, ptr); - break; - case BIO_CTRL_PENDING: /* More to read in buffer */ - ret = ctx->buf_len - ctx->buf_off; - if (ret <= 0) - ret = BIO_ctrl(bio->next_bio, cmd, num, ptr); - break; - case BIO_CTRL_FLUSH: - /* do a final write */ - again: - while (ctx->buf_len != ctx->buf_off) { - i = enc_write(bio, NULL, 0); - if (i < 0) - return i; - } - - if (!ctx->finished) { - ctx->finished = 1; - ctx->buf_off = 0; - ret = EVP_CipherFinal_ex(ctx->cipher_ctx, - (unsigned char *)ctx->buf, - &ctx->buf_len); - ctx->ok = (int)ret; - if (ret <= 0) - break; - - /* push out the bytes */ - goto again; - } - - /* Finally flush the underlying BIO */ - ret = BIO_ctrl(bio->next_bio, cmd, num, ptr); - break; - case BIO_C_GET_CIPHER_STATUS: - ret = (long)ctx->ok; - break; - case BIO_C_DO_STATE_MACHINE: - BIO_clear_retry_flags(bio); - ret = BIO_ctrl(bio->next_bio, cmd, num, ptr); - BIO_copy_next_retry(bio); - break; - case BIO_C_GET_CIPHER_CTX: - c_ctx = ptr; - *c_ctx = ctx->cipher_ctx; - bio->init = 1; - break; - case BIO_CTRL_DUP: - dbio = ptr; - dctx = dbio->ptr; - ret = EVP_CIPHER_CTX_copy(dctx->cipher_ctx, ctx->cipher_ctx); - if (ret) - dbio->init = 1; - break; - default: - ret = BIO_ctrl(bio->next_bio, cmd, num, ptr); - break; - } - - return ret; -} - -static long -enc_callback_ctrl(BIO *bio, int cmd, BIO_info_cb *fp) -{ - long ret = 1; - - if (bio->next_bio == NULL) - return 0; - - switch (cmd) { - default: - ret = BIO_callback_ctrl(bio->next_bio, cmd, fp); - break; - } - - return ret; -} - -int -BIO_set_cipher(BIO *bio, const EVP_CIPHER *c, const unsigned char *k, - const unsigned char *i, int e) -{ - BIO_ENC_CTX *ctx; - long (*cb)(BIO *, int, const char *, int, long, long); - - if (bio == NULL) - return 0; - - if ((ctx = BIO_get_data(bio)) == NULL) - return 0; - - if ((cb = BIO_get_callback(bio)) != NULL) { - if (cb(bio, BIO_CB_CTRL, (const char *)c, BIO_CTRL_SET, e, 0L) <= 0) - return 0; - } - - BIO_set_init(bio, 1); - - if (!EVP_CipherInit_ex(ctx->cipher_ctx, c, NULL, k, i, e)) - return 0; - - if (cb != NULL) - return cb(bio, BIO_CB_CTRL, (const char *)c, BIO_CTRL_SET, e, 1L); - - return 1; -} -LCRYPTO_ALIAS(BIO_set_cipher); diff --git a/src/lib/libcrypto/evp/bio_md.c b/src/lib/libcrypto/evp/bio_md.c deleted file mode 100644 index 420192d23c..0000000000 --- a/src/lib/libcrypto/evp/bio_md.c +++ /dev/null @@ -1,281 +0,0 @@ -/* $OpenBSD: bio_md.c,v 1.22 2024/04/09 13:52:41 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include -#include - -#include "bio_local.h" -#include "evp_local.h" - -/* BIO_put and BIO_get both add to the digest, - * BIO_gets returns the digest */ - -static int md_write(BIO *h, char const *buf, int num); -static int md_read(BIO *h, char *buf, int size); -/*static int md_puts(BIO *h, const char *str); */ -static int md_gets(BIO *h, char *str, int size); -static long md_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int md_new(BIO *h); -static int md_free(BIO *data); -static long md_callback_ctrl(BIO *h, int cmd, BIO_info_cb *fp); - -static const BIO_METHOD methods_md = { - .type = BIO_TYPE_MD, - .name = "message digest", - .bwrite = md_write, - .bread = md_read, - .bgets = md_gets, - .ctrl = md_ctrl, - .create = md_new, - .destroy = md_free, - .callback_ctrl = md_callback_ctrl -}; - -const BIO_METHOD * -BIO_f_md(void) -{ - return (&methods_md); -} -LCRYPTO_ALIAS(BIO_f_md); - -static int -md_new(BIO *bi) -{ - EVP_MD_CTX *ctx; - - ctx = EVP_MD_CTX_create(); - if (ctx == NULL) - return (0); - - bi->init = 0; - bi->ptr = (char *)ctx; - bi->flags = 0; - return (1); -} - -static int -md_free(BIO *a) -{ - if (a == NULL) - return (0); - EVP_MD_CTX_destroy(a->ptr); - a->ptr = NULL; - a->init = 0; - a->flags = 0; - return (1); -} - -static int -md_read(BIO *b, char *out, int outl) -{ - int ret = 0; - EVP_MD_CTX *ctx; - - if (out == NULL) - return (0); - ctx = b->ptr; - - if ((ctx == NULL) || (b->next_bio == NULL)) - return (0); - - ret = BIO_read(b->next_bio, out, outl); - if (b->init) { - if (ret > 0) { - if (EVP_DigestUpdate(ctx, (unsigned char *)out, - (unsigned int)ret) <= 0) - return (-1); - } - } - BIO_clear_retry_flags(b); - BIO_copy_next_retry(b); - return (ret); -} - -static int -md_write(BIO *b, const char *in, int inl) -{ - int ret = 0; - EVP_MD_CTX *ctx; - - if ((in == NULL) || (inl <= 0)) - return (0); - ctx = b->ptr; - - if ((ctx != NULL) && (b->next_bio != NULL)) - ret = BIO_write(b->next_bio, in, inl); - if (b->init) { - if (ret > 0) { - if (!EVP_DigestUpdate(ctx, (const unsigned char *)in, - (unsigned int)ret)) { - BIO_clear_retry_flags(b); - return 0; - } - } - } - if (b->next_bio != NULL) { - BIO_clear_retry_flags(b); - BIO_copy_next_retry(b); - } - return (ret); -} - -static long -md_ctrl(BIO *b, int cmd, long num, void *ptr) -{ - EVP_MD_CTX *ctx, *dctx, **pctx; - const EVP_MD **ppmd; - EVP_MD *md; - long ret = 1; - BIO *dbio; - - ctx = b->ptr; - - switch (cmd) { - case BIO_CTRL_RESET: - if (b->init) - ret = EVP_DigestInit_ex(ctx, ctx->digest, NULL); - else - ret = 0; - if (ret > 0) - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); - break; - case BIO_C_GET_MD: - if (b->init) { - ppmd = ptr; - *ppmd = ctx->digest; - } else - ret = 0; - break; - case BIO_C_GET_MD_CTX: - pctx = ptr; - *pctx = ctx; - b->init = 1; - break; - case BIO_C_SET_MD_CTX: - if (b->init) - b->ptr = ptr; - else - ret = 0; - break; - case BIO_C_DO_STATE_MACHINE: - BIO_clear_retry_flags(b); - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); - BIO_copy_next_retry(b); - break; - - case BIO_C_SET_MD: - md = ptr; - ret = EVP_DigestInit_ex(ctx, md, NULL); - if (ret > 0) - b->init = 1; - break; - case BIO_CTRL_DUP: - dbio = ptr; - dctx = dbio->ptr; - if (!EVP_MD_CTX_copy_ex(dctx, ctx)) - return 0; - b->init = 1; - break; - default: - ret = BIO_ctrl(b->next_bio, cmd, num, ptr); - break; - } - return (ret); -} - -static long -md_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp) -{ - long ret = 1; - - if (b->next_bio == NULL) - return (0); - switch (cmd) { - default: - ret = BIO_callback_ctrl(b->next_bio, cmd, fp); - break; - } - return (ret); -} - -static int -md_gets(BIO *bp, char *buf, int size) -{ - EVP_MD_CTX *ctx; - unsigned int ret; - - ctx = bp->ptr; - if (size < ctx->digest->md_size) - return (0); - if (EVP_DigestFinal_ex(ctx, (unsigned char *)buf, &ret) <= 0) - return -1; - - return ((int)ret); -} - -/* -static int md_puts(bp,str) -BIO *bp; -char *str; - { - return(-1); - } -*/ diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c deleted file mode 100644 index 7753c18c15..0000000000 --- a/src/lib/libcrypto/evp/e_aes.c +++ /dev/null @@ -1,2639 +0,0 @@ -/* $OpenBSD: e_aes.c,v 1.59 2024/09/06 09:57:32 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - */ - -#include -#include -#include - -#include - -#include "crypto_internal.h" - -#ifndef OPENSSL_NO_AES -#include -#include -#include - -#include "evp_local.h" -#include "modes_local.h" - -typedef struct { - AES_KEY ks; - block128_f block; - union { - cbc128_f cbc; - ctr128_f ctr; - } stream; -} EVP_AES_KEY; - -typedef struct { - AES_KEY ks; /* AES key schedule to use */ - int key_set; /* Set if key initialised */ - int iv_set; /* Set if an iv is set */ - GCM128_CONTEXT gcm; - unsigned char *iv; /* Temporary IV store */ - int ivlen; /* IV length */ - int taglen; - int iv_gen; /* It is OK to generate IVs */ - int tls_aad_len; /* TLS AAD length */ - ctr128_f ctr; -} EVP_AES_GCM_CTX; - -typedef struct { - AES_KEY ks1, ks2; /* AES key schedules to use */ - XTS128_CONTEXT xts; - void (*stream)(const unsigned char *in, unsigned char *out, - size_t length, const AES_KEY *key1, const AES_KEY *key2, - const unsigned char iv[16]); -} EVP_AES_XTS_CTX; - -typedef struct { - AES_KEY ks; /* AES key schedule to use */ - int key_set; /* Set if key initialised */ - int iv_set; /* Set if an iv is set */ - int tag_set; /* Set if tag is valid */ - int len_set; /* Set if message length set */ - int L, M; /* L and M parameters from RFC3610 */ - CCM128_CONTEXT ccm; - ccm128_f str; -} EVP_AES_CCM_CTX; - -#define MAXBITCHUNK ((size_t)1<<(sizeof(size_t)*8-4)) - -#ifdef VPAES_ASM -int vpaes_set_encrypt_key(const unsigned char *userKey, int bits, - AES_KEY *key); -int vpaes_set_decrypt_key(const unsigned char *userKey, int bits, - AES_KEY *key); - -void vpaes_encrypt(const unsigned char *in, unsigned char *out, - const AES_KEY *key); -void vpaes_decrypt(const unsigned char *in, unsigned char *out, - const AES_KEY *key); - -void vpaes_cbc_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const AES_KEY *key, unsigned char *ivec, int enc); -#endif -#ifdef BSAES_ASM -void bsaes_cbc_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const AES_KEY *key, unsigned char ivec[16], int enc); -void bsaes_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out, - size_t len, const AES_KEY *key, const unsigned char ivec[16]); -void bsaes_xts_encrypt(const unsigned char *inp, unsigned char *out, - size_t len, const AES_KEY *key1, const AES_KEY *key2, - const unsigned char iv[16]); -void bsaes_xts_decrypt(const unsigned char *inp, unsigned char *out, - size_t len, const AES_KEY *key1, const AES_KEY *key2, - const unsigned char iv[16]); -#endif -#ifdef AES_CTR_ASM -void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out, - size_t blocks, const AES_KEY *key, - const unsigned char ivec[AES_BLOCK_SIZE]); -#endif -#ifdef AES_XTS_ASM -void AES_xts_encrypt(const char *inp, char *out, size_t len, - const AES_KEY *key1, const AES_KEY *key2, const unsigned char iv[16]); -void AES_xts_decrypt(const char *inp, char *out, size_t len, - const AES_KEY *key1, const AES_KEY *key2, const unsigned char iv[16]); -#endif - -#if defined(AES_ASM) && ( \ - ((defined(__i386) || defined(__i386__) || \ - defined(_M_IX86)) && defined(OPENSSL_IA32_SSE2))|| \ - defined(__x86_64) || defined(__x86_64__) || \ - defined(_M_AMD64) || defined(_M_X64) || \ - defined(__INTEL__) ) - -#include "x86_arch.h" - -#ifdef VPAES_ASM -#define VPAES_CAPABLE (crypto_cpu_caps_ia32() & CPUCAP_MASK_SSSE3) -#endif -#ifdef BSAES_ASM -#define BSAES_CAPABLE VPAES_CAPABLE -#endif -/* - * AES-NI section - */ -#define AESNI_CAPABLE (crypto_cpu_caps_ia32() & CPUCAP_MASK_AESNI) - -int aesni_set_encrypt_key(const unsigned char *userKey, int bits, - AES_KEY *key); -int aesni_set_decrypt_key(const unsigned char *userKey, int bits, - AES_KEY *key); - -void aesni_encrypt(const unsigned char *in, unsigned char *out, - const AES_KEY *key); -void aesni_decrypt(const unsigned char *in, unsigned char *out, - const AES_KEY *key); - -void aesni_ecb_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const AES_KEY *key, int enc); -void aesni_cbc_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const AES_KEY *key, unsigned char *ivec, int enc); - -void aesni_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out, - size_t blocks, const void *key, const unsigned char *ivec); - -void aesni_xts_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const AES_KEY *key1, const AES_KEY *key2, - const unsigned char iv[16]); - -void aesni_xts_decrypt(const unsigned char *in, unsigned char *out, - size_t length, const AES_KEY *key1, const AES_KEY *key2, - const unsigned char iv[16]); - -void aesni_ccm64_encrypt_blocks (const unsigned char *in, unsigned char *out, - size_t blocks, const void *key, const unsigned char ivec[16], - unsigned char cmac[16]); - -void aesni_ccm64_decrypt_blocks (const unsigned char *in, unsigned char *out, - size_t blocks, const void *key, const unsigned char ivec[16], - unsigned char cmac[16]); - -static int -aesni_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - int ret, mode; - EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data; - - mode = ctx->cipher->flags & EVP_CIPH_MODE; - if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE) && - !enc) { - ret = aesni_set_decrypt_key(key, ctx->key_len * 8, - ctx->cipher_data); - dat->block = (block128_f)aesni_decrypt; - dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ? - (cbc128_f)aesni_cbc_encrypt : NULL; - } else { - ret = aesni_set_encrypt_key(key, ctx->key_len * 8, - ctx->cipher_data); - dat->block = (block128_f)aesni_encrypt; - if (mode == EVP_CIPH_CBC_MODE) - dat->stream.cbc = (cbc128_f)aesni_cbc_encrypt; - else if (mode == EVP_CIPH_CTR_MODE) - dat->stream.ctr = (ctr128_f)aesni_ctr32_encrypt_blocks; - else - dat->stream.cbc = NULL; - } - - if (ret < 0) { - EVPerror(EVP_R_AES_KEY_SETUP_FAILED); - return 0; - } - - return 1; -} - -static int -aesni_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - aesni_cbc_encrypt(in, out, len, ctx->cipher_data, ctx->iv, - ctx->encrypt); - - return 1; -} - -static int -aesni_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - size_t bl = ctx->cipher->block_size; - - if (len < bl) - return 1; - - aesni_ecb_encrypt(in, out, len, ctx->cipher_data, ctx->encrypt); - - return 1; -} - -static int -aesni_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - EVP_AES_GCM_CTX *gctx = ctx->cipher_data; - - if (!iv && !key) - return 1; - if (key) { - aesni_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks); - CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks, - (block128_f)aesni_encrypt); - gctx->ctr = (ctr128_f)aesni_ctr32_encrypt_blocks; - /* If we have an iv can set it directly, otherwise use - * saved IV. - */ - if (iv == NULL && gctx->iv_set) - iv = gctx->iv; - if (iv) { - CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen); - gctx->iv_set = 1; - } - gctx->key_set = 1; - } else { - /* If key set use IV, otherwise copy */ - if (gctx->key_set) - CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen); - else - memcpy(gctx->iv, iv, gctx->ivlen); - gctx->iv_set = 1; - gctx->iv_gen = 0; - } - return 1; -} - -static int -aesni_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - EVP_AES_XTS_CTX *xctx = ctx->cipher_data; - - if (!iv && !key) - return 1; - - if (key) { - /* key_len is two AES keys */ - if (enc) { - aesni_set_encrypt_key(key, ctx->key_len * 4, - &xctx->ks1); - xctx->xts.block1 = (block128_f)aesni_encrypt; - xctx->stream = aesni_xts_encrypt; - } else { - aesni_set_decrypt_key(key, ctx->key_len * 4, - &xctx->ks1); - xctx->xts.block1 = (block128_f)aesni_decrypt; - xctx->stream = aesni_xts_decrypt; - } - - aesni_set_encrypt_key(key + ctx->key_len / 2, - ctx->key_len * 4, &xctx->ks2); - xctx->xts.block2 = (block128_f)aesni_encrypt; - - xctx->xts.key1 = &xctx->ks1; - } - - if (iv) { - xctx->xts.key2 = &xctx->ks2; - memcpy(ctx->iv, iv, 16); - } - - return 1; -} - -static int -aesni_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - EVP_AES_CCM_CTX *cctx = ctx->cipher_data; - - if (!iv && !key) - return 1; - if (key) { - aesni_set_encrypt_key(key, ctx->key_len * 8, &cctx->ks); - CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L, - &cctx->ks, (block128_f)aesni_encrypt); - cctx->str = enc ? (ccm128_f)aesni_ccm64_encrypt_blocks : - (ccm128_f)aesni_ccm64_decrypt_blocks; - cctx->key_set = 1; - } - if (iv) { - memcpy(ctx->iv, iv, 15 - cctx->L); - cctx->iv_set = 1; - } - return 1; -} - -#endif - -static int -aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - int ret, mode; - EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data; - - mode = ctx->cipher->flags & EVP_CIPH_MODE; - if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE) && - !enc) -#ifdef BSAES_CAPABLE - if (BSAES_CAPABLE && mode == EVP_CIPH_CBC_MODE) { - ret = AES_set_decrypt_key(key, ctx->key_len * 8, - &dat->ks); - dat->block = (block128_f)AES_decrypt; - dat->stream.cbc = (cbc128_f)bsaes_cbc_encrypt; - } else -#endif -#ifdef VPAES_CAPABLE - if (VPAES_CAPABLE) { - ret = vpaes_set_decrypt_key(key, ctx->key_len * 8, - &dat->ks); - dat->block = (block128_f)vpaes_decrypt; - dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ? - (cbc128_f)vpaes_cbc_encrypt : NULL; - } else -#endif - { - ret = AES_set_decrypt_key(key, ctx->key_len * 8, - &dat->ks); - dat->block = (block128_f)AES_decrypt; - dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ? - (cbc128_f)AES_cbc_encrypt : NULL; - } else -#ifdef BSAES_CAPABLE - if (BSAES_CAPABLE && mode == EVP_CIPH_CTR_MODE) { - ret = AES_set_encrypt_key(key, ctx->key_len * 8, - &dat->ks); - dat->block = (block128_f)AES_encrypt; - dat->stream.ctr = (ctr128_f)bsaes_ctr32_encrypt_blocks; - } else -#endif -#ifdef VPAES_CAPABLE - if (VPAES_CAPABLE) { - ret = vpaes_set_encrypt_key(key, ctx->key_len * 8, - &dat->ks); - dat->block = (block128_f)vpaes_encrypt; - dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ? - (cbc128_f)vpaes_cbc_encrypt : NULL; - } else -#endif - { - ret = AES_set_encrypt_key(key, ctx->key_len * 8, - &dat->ks); - dat->block = (block128_f)AES_encrypt; - dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ? - (cbc128_f)AES_cbc_encrypt : NULL; -#ifdef AES_CTR_ASM - if (mode == EVP_CIPH_CTR_MODE) - dat->stream.ctr = (ctr128_f)AES_ctr32_encrypt; -#endif - } - - if (ret < 0) { - EVPerror(EVP_R_AES_KEY_SETUP_FAILED); - return 0; - } - - return 1; -} - -static int -aes_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data; - - if (dat->stream.cbc) - (*dat->stream.cbc)(in, out, len, &dat->ks, ctx->iv, - ctx->encrypt); - else if (ctx->encrypt) - CRYPTO_cbc128_encrypt(in, out, len, &dat->ks, ctx->iv, - dat->block); - else - CRYPTO_cbc128_decrypt(in, out, len, &dat->ks, ctx->iv, - dat->block); - - return 1; -} - -static int -aes_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - size_t bl = ctx->cipher->block_size; - size_t i; - EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data; - - if (len < bl) - return 1; - - for (i = 0, len -= bl; i <= len; i += bl) - (*dat->block)(in + i, out + i, &dat->ks); - - return 1; -} - -static int -aes_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data; - - CRYPTO_ofb128_encrypt(in, out, len, &dat->ks, ctx->iv, &ctx->num, - dat->block); - return 1; -} - -static int -aes_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data; - - CRYPTO_cfb128_encrypt(in, out, len, &dat->ks, ctx->iv, &ctx->num, - ctx->encrypt, dat->block); - return 1; -} - -static int -aes_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data; - - CRYPTO_cfb128_8_encrypt(in, out, len, &dat->ks, ctx->iv, &ctx->num, - ctx->encrypt, dat->block); - return 1; -} - -static int -aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data; - - if (ctx->flags&EVP_CIPH_FLAG_LENGTH_BITS) { - CRYPTO_cfb128_1_encrypt(in, out, len, &dat->ks, ctx->iv, - &ctx->num, ctx->encrypt, dat->block); - return 1; - } - - while (len >= MAXBITCHUNK) { - CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK*8, &dat->ks, - ctx->iv, &ctx->num, ctx->encrypt, dat->block); - len -= MAXBITCHUNK; - in += MAXBITCHUNK; - out += MAXBITCHUNK; - } - if (len) - CRYPTO_cfb128_1_encrypt(in, out, len*8, &dat->ks, - ctx->iv, &ctx->num, ctx->encrypt, dat->block); - - return 1; -} - -static int -aes_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - unsigned int num = ctx->num; - EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data; - - if (dat->stream.ctr) - CRYPTO_ctr128_encrypt_ctr32(in, out, len, &dat->ks, - ctx->iv, ctx->buf, &num, dat->stream.ctr); - else - CRYPTO_ctr128_encrypt(in, out, len, &dat->ks, - ctx->iv, ctx->buf, &num, dat->block); - ctx->num = (size_t)num; - return 1; -} - - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_128_cbc = { - .nid = NID_aes_128_cbc, - .block_size = 16, - .key_len = 16, - .iv_len = 16, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CBC_MODE, - .init = aesni_init_key, - .do_cipher = aesni_cbc_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; -#endif - -static const EVP_CIPHER aes_128_cbc = { - .nid = NID_aes_128_cbc, - .block_size = 16, - .key_len = 16, - .iv_len = 16, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CBC_MODE, - .init = aes_init_key, - .do_cipher = aes_cbc_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; - -const EVP_CIPHER * -EVP_aes_128_cbc(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_128_cbc : &aes_128_cbc; -#else - return &aes_128_cbc; -#endif -} -LCRYPTO_ALIAS(EVP_aes_128_cbc); - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_128_ecb = { - .nid = NID_aes_128_ecb, - .block_size = 16, - .key_len = 16, - .iv_len = 0, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_ECB_MODE, - .init = aesni_init_key, - .do_cipher = aesni_ecb_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; -#endif - -static const EVP_CIPHER aes_128_ecb = { - .nid = NID_aes_128_ecb, - .block_size = 16, - .key_len = 16, - .iv_len = 0, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_ECB_MODE, - .init = aes_init_key, - .do_cipher = aes_ecb_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; - -const EVP_CIPHER * -EVP_aes_128_ecb(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_128_ecb : &aes_128_ecb; -#else - return &aes_128_ecb; -#endif -} -LCRYPTO_ALIAS(EVP_aes_128_ecb); - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_128_ofb = { - .nid = NID_aes_128_ofb128, - .block_size = 1, - .key_len = 16, - .iv_len = 16, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_OFB_MODE, - .init = aesni_init_key, - .do_cipher = aes_ofb_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; -#endif - -static const EVP_CIPHER aes_128_ofb = { - .nid = NID_aes_128_ofb128, - .block_size = 1, - .key_len = 16, - .iv_len = 16, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_OFB_MODE, - .init = aes_init_key, - .do_cipher = aes_ofb_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; - -const EVP_CIPHER * -EVP_aes_128_ofb(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_128_ofb : &aes_128_ofb; -#else - return &aes_128_ofb; -#endif -} -LCRYPTO_ALIAS(EVP_aes_128_ofb); - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_128_cfb = { - .nid = NID_aes_128_cfb128, - .block_size = 1, - .key_len = 16, - .iv_len = 16, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CFB_MODE, - .init = aesni_init_key, - .do_cipher = aes_cfb_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; -#endif - -static const EVP_CIPHER aes_128_cfb = { - .nid = NID_aes_128_cfb128, - .block_size = 1, - .key_len = 16, - .iv_len = 16, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CFB_MODE, - .init = aes_init_key, - .do_cipher = aes_cfb_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; - -const EVP_CIPHER * -EVP_aes_128_cfb128(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_128_cfb : &aes_128_cfb; -#else - return &aes_128_cfb; -#endif -} -LCRYPTO_ALIAS(EVP_aes_128_cfb128); - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_128_cfb1 = { - .nid = NID_aes_128_cfb1, - .block_size = 1, - .key_len = 16, - .iv_len = 16, - .flags = EVP_CIPH_CFB_MODE, - .init = aesni_init_key, - .do_cipher = aes_cfb1_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; -#endif - -static const EVP_CIPHER aes_128_cfb1 = { - .nid = NID_aes_128_cfb1, - .block_size = 1, - .key_len = 16, - .iv_len = 16, - .flags = EVP_CIPH_CFB_MODE, - .init = aes_init_key, - .do_cipher = aes_cfb1_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; - -const EVP_CIPHER * -EVP_aes_128_cfb1(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_128_cfb1 : &aes_128_cfb1; -#else - return &aes_128_cfb1; -#endif -} -LCRYPTO_ALIAS(EVP_aes_128_cfb1); - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_128_cfb8 = { - .nid = NID_aes_128_cfb8, - .block_size = 1, - .key_len = 16, - .iv_len = 16, - .flags = EVP_CIPH_CFB_MODE, - .init = aesni_init_key, - .do_cipher = aes_cfb8_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; -#endif - -static const EVP_CIPHER aes_128_cfb8 = { - .nid = NID_aes_128_cfb8, - .block_size = 1, - .key_len = 16, - .iv_len = 16, - .flags = EVP_CIPH_CFB_MODE, - .init = aes_init_key, - .do_cipher = aes_cfb8_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; - -const EVP_CIPHER * -EVP_aes_128_cfb8(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_128_cfb8 : &aes_128_cfb8; -#else - return &aes_128_cfb8; -#endif -} -LCRYPTO_ALIAS(EVP_aes_128_cfb8); - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_128_ctr = { - .nid = NID_aes_128_ctr, - .block_size = 1, - .key_len = 16, - .iv_len = 16, - .flags = EVP_CIPH_CTR_MODE, - .init = aesni_init_key, - .do_cipher = aes_ctr_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; -#endif - -static const EVP_CIPHER aes_128_ctr = { - .nid = NID_aes_128_ctr, - .block_size = 1, - .key_len = 16, - .iv_len = 16, - .flags = EVP_CIPH_CTR_MODE, - .init = aes_init_key, - .do_cipher = aes_ctr_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; - -const EVP_CIPHER * -EVP_aes_128_ctr(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_128_ctr : &aes_128_ctr; -#else - return &aes_128_ctr; -#endif -} -LCRYPTO_ALIAS(EVP_aes_128_ctr); - - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_192_cbc = { - .nid = NID_aes_192_cbc, - .block_size = 16, - .key_len = 24, - .iv_len = 16, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CBC_MODE, - .init = aesni_init_key, - .do_cipher = aesni_cbc_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; -#endif - -static const EVP_CIPHER aes_192_cbc = { - .nid = NID_aes_192_cbc, - .block_size = 16, - .key_len = 24, - .iv_len = 16, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CBC_MODE, - .init = aes_init_key, - .do_cipher = aes_cbc_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; - -const EVP_CIPHER * -EVP_aes_192_cbc(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_192_cbc : &aes_192_cbc; -#else - return &aes_192_cbc; -#endif -} -LCRYPTO_ALIAS(EVP_aes_192_cbc); - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_192_ecb = { - .nid = NID_aes_192_ecb, - .block_size = 16, - .key_len = 24, - .iv_len = 0, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_ECB_MODE, - .init = aesni_init_key, - .do_cipher = aesni_ecb_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; -#endif - -static const EVP_CIPHER aes_192_ecb = { - .nid = NID_aes_192_ecb, - .block_size = 16, - .key_len = 24, - .iv_len = 0, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_ECB_MODE, - .init = aes_init_key, - .do_cipher = aes_ecb_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; - -const EVP_CIPHER * -EVP_aes_192_ecb(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_192_ecb : &aes_192_ecb; -#else - return &aes_192_ecb; -#endif -} -LCRYPTO_ALIAS(EVP_aes_192_ecb); - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_192_ofb = { - .nid = NID_aes_192_ofb128, - .block_size = 1, - .key_len = 24, - .iv_len = 16, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_OFB_MODE, - .init = aesni_init_key, - .do_cipher = aes_ofb_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; -#endif - -static const EVP_CIPHER aes_192_ofb = { - .nid = NID_aes_192_ofb128, - .block_size = 1, - .key_len = 24, - .iv_len = 16, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_OFB_MODE, - .init = aes_init_key, - .do_cipher = aes_ofb_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; - -const EVP_CIPHER * -EVP_aes_192_ofb(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_192_ofb : &aes_192_ofb; -#else - return &aes_192_ofb; -#endif -} -LCRYPTO_ALIAS(EVP_aes_192_ofb); - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_192_cfb = { - .nid = NID_aes_192_cfb128, - .block_size = 1, - .key_len = 24, - .iv_len = 16, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CFB_MODE, - .init = aesni_init_key, - .do_cipher = aes_cfb_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; -#endif - -static const EVP_CIPHER aes_192_cfb = { - .nid = NID_aes_192_cfb128, - .block_size = 1, - .key_len = 24, - .iv_len = 16, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CFB_MODE, - .init = aes_init_key, - .do_cipher = aes_cfb_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; - -const EVP_CIPHER * -EVP_aes_192_cfb128(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_192_cfb : &aes_192_cfb; -#else - return &aes_192_cfb; -#endif -} -LCRYPTO_ALIAS(EVP_aes_192_cfb128); - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_192_cfb1 = { - .nid = NID_aes_192_cfb1, - .block_size = 1, - .key_len = 24, - .iv_len = 16, - .flags = EVP_CIPH_CFB_MODE, - .init = aesni_init_key, - .do_cipher = aes_cfb1_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; -#endif - -static const EVP_CIPHER aes_192_cfb1 = { - .nid = NID_aes_192_cfb1, - .block_size = 1, - .key_len = 24, - .iv_len = 16, - .flags = EVP_CIPH_CFB_MODE, - .init = aes_init_key, - .do_cipher = aes_cfb1_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; - -const EVP_CIPHER * -EVP_aes_192_cfb1(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_192_cfb1 : &aes_192_cfb1; -#else - return &aes_192_cfb1; -#endif -} -LCRYPTO_ALIAS(EVP_aes_192_cfb1); - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_192_cfb8 = { - .nid = NID_aes_192_cfb8, - .block_size = 1, - .key_len = 24, - .iv_len = 16, - .flags = EVP_CIPH_CFB_MODE, - .init = aesni_init_key, - .do_cipher = aes_cfb8_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; -#endif - -static const EVP_CIPHER aes_192_cfb8 = { - .nid = NID_aes_192_cfb8, - .block_size = 1, - .key_len = 24, - .iv_len = 16, - .flags = EVP_CIPH_CFB_MODE, - .init = aes_init_key, - .do_cipher = aes_cfb8_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; - -const EVP_CIPHER * -EVP_aes_192_cfb8(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_192_cfb8 : &aes_192_cfb8; -#else - return &aes_192_cfb8; -#endif -} -LCRYPTO_ALIAS(EVP_aes_192_cfb8); - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_192_ctr = { - .nid = NID_aes_192_ctr, - .block_size = 1, - .key_len = 24, - .iv_len = 16, - .flags = EVP_CIPH_CTR_MODE, - .init = aesni_init_key, - .do_cipher = aes_ctr_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; -#endif - -static const EVP_CIPHER aes_192_ctr = { - .nid = NID_aes_192_ctr, - .block_size = 1, - .key_len = 24, - .iv_len = 16, - .flags = EVP_CIPH_CTR_MODE, - .init = aes_init_key, - .do_cipher = aes_ctr_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; - -const EVP_CIPHER * -EVP_aes_192_ctr(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_192_ctr : &aes_192_ctr; -#else - return &aes_192_ctr; -#endif -} -LCRYPTO_ALIAS(EVP_aes_192_ctr); - - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_256_cbc = { - .nid = NID_aes_256_cbc, - .block_size = 16, - .key_len = 32, - .iv_len = 16, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CBC_MODE, - .init = aesni_init_key, - .do_cipher = aesni_cbc_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; -#endif - -static const EVP_CIPHER aes_256_cbc = { - .nid = NID_aes_256_cbc, - .block_size = 16, - .key_len = 32, - .iv_len = 16, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CBC_MODE, - .init = aes_init_key, - .do_cipher = aes_cbc_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; - -const EVP_CIPHER * -EVP_aes_256_cbc(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_256_cbc : &aes_256_cbc; -#else - return &aes_256_cbc; -#endif -} -LCRYPTO_ALIAS(EVP_aes_256_cbc); - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_256_ecb = { - .nid = NID_aes_256_ecb, - .block_size = 16, - .key_len = 32, - .iv_len = 0, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_ECB_MODE, - .init = aesni_init_key, - .do_cipher = aesni_ecb_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; -#endif - -static const EVP_CIPHER aes_256_ecb = { - .nid = NID_aes_256_ecb, - .block_size = 16, - .key_len = 32, - .iv_len = 0, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_ECB_MODE, - .init = aes_init_key, - .do_cipher = aes_ecb_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; - -const EVP_CIPHER * -EVP_aes_256_ecb(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_256_ecb : &aes_256_ecb; -#else - return &aes_256_ecb; -#endif -} -LCRYPTO_ALIAS(EVP_aes_256_ecb); - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_256_ofb = { - .nid = NID_aes_256_ofb128, - .block_size = 1, - .key_len = 32, - .iv_len = 16, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_OFB_MODE, - .init = aesni_init_key, - .do_cipher = aes_ofb_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; -#endif - -static const EVP_CIPHER aes_256_ofb = { - .nid = NID_aes_256_ofb128, - .block_size = 1, - .key_len = 32, - .iv_len = 16, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_OFB_MODE, - .init = aes_init_key, - .do_cipher = aes_ofb_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; - -const EVP_CIPHER * -EVP_aes_256_ofb(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_256_ofb : &aes_256_ofb; -#else - return &aes_256_ofb; -#endif -} -LCRYPTO_ALIAS(EVP_aes_256_ofb); - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_256_cfb = { - .nid = NID_aes_256_cfb128, - .block_size = 1, - .key_len = 32, - .iv_len = 16, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CFB_MODE, - .init = aesni_init_key, - .do_cipher = aes_cfb_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; -#endif - -static const EVP_CIPHER aes_256_cfb = { - .nid = NID_aes_256_cfb128, - .block_size = 1, - .key_len = 32, - .iv_len = 16, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CFB_MODE, - .init = aes_init_key, - .do_cipher = aes_cfb_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; - -const EVP_CIPHER * -EVP_aes_256_cfb128(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_256_cfb : &aes_256_cfb; -#else - return &aes_256_cfb; -#endif -} -LCRYPTO_ALIAS(EVP_aes_256_cfb128); - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_256_cfb1 = { - .nid = NID_aes_256_cfb1, - .block_size = 1, - .key_len = 32, - .iv_len = 16, - .flags = EVP_CIPH_CFB_MODE, - .init = aesni_init_key, - .do_cipher = aes_cfb1_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; -#endif - -static const EVP_CIPHER aes_256_cfb1 = { - .nid = NID_aes_256_cfb1, - .block_size = 1, - .key_len = 32, - .iv_len = 16, - .flags = EVP_CIPH_CFB_MODE, - .init = aes_init_key, - .do_cipher = aes_cfb1_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; - -const EVP_CIPHER * -EVP_aes_256_cfb1(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_256_cfb1 : &aes_256_cfb1; -#else - return &aes_256_cfb1; -#endif -} -LCRYPTO_ALIAS(EVP_aes_256_cfb1); - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_256_cfb8 = { - .nid = NID_aes_256_cfb8, - .block_size = 1, - .key_len = 32, - .iv_len = 16, - .flags = EVP_CIPH_CFB_MODE, - .init = aesni_init_key, - .do_cipher = aes_cfb8_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; -#endif - -static const EVP_CIPHER aes_256_cfb8 = { - .nid = NID_aes_256_cfb8, - .block_size = 1, - .key_len = 32, - .iv_len = 16, - .flags = EVP_CIPH_CFB_MODE, - .init = aes_init_key, - .do_cipher = aes_cfb8_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; - -const EVP_CIPHER * -EVP_aes_256_cfb8(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_256_cfb8 : &aes_256_cfb8; -#else - return &aes_256_cfb8; -#endif -} -LCRYPTO_ALIAS(EVP_aes_256_cfb8); - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_256_ctr = { - .nid = NID_aes_256_ctr, - .block_size = 1, - .key_len = 32, - .iv_len = 16, - .flags = EVP_CIPH_CTR_MODE, - .init = aesni_init_key, - .do_cipher = aes_ctr_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; -#endif - -static const EVP_CIPHER aes_256_ctr = { - .nid = NID_aes_256_ctr, - .block_size = 1, - .key_len = 32, - .iv_len = 16, - .flags = EVP_CIPH_CTR_MODE, - .init = aes_init_key, - .do_cipher = aes_ctr_cipher, - .ctx_size = sizeof(EVP_AES_KEY), -}; - -const EVP_CIPHER * -EVP_aes_256_ctr(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_256_ctr : &aes_256_ctr; -#else - return &aes_256_ctr; -#endif -} -LCRYPTO_ALIAS(EVP_aes_256_ctr); - -static int -aes_gcm_cleanup(EVP_CIPHER_CTX *c) -{ - EVP_AES_GCM_CTX *gctx = c->cipher_data; - - if (gctx->iv != c->iv) - free(gctx->iv); - - explicit_bzero(gctx, sizeof(*gctx)); - - return 1; -} - -/* increment counter (64-bit int) by 1 */ -static void -ctr64_inc(unsigned char *counter) -{ - int n = 8; - unsigned char c; - - do { - --n; - c = counter[n]; - ++c; - counter[n] = c; - if (c) - return; - } while (n); -} - -static int -aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) -{ - EVP_AES_GCM_CTX *gctx = c->cipher_data; - - switch (type) { - case EVP_CTRL_INIT: - gctx->key_set = 0; - gctx->iv_set = 0; - if (c->cipher->iv_len == 0) { - EVPerror(EVP_R_INVALID_IV_LENGTH); - return 0; - } - gctx->ivlen = c->cipher->iv_len; - gctx->iv = c->iv; - gctx->taglen = -1; - gctx->iv_gen = 0; - gctx->tls_aad_len = -1; - return 1; - - case EVP_CTRL_AEAD_GET_IVLEN: - *(int *)ptr = gctx->ivlen; - return 1; - - case EVP_CTRL_AEAD_SET_IVLEN: - if (arg <= 0) - return 0; - /* Allocate memory for IV if needed */ - if ((arg > EVP_MAX_IV_LENGTH) && (arg > gctx->ivlen)) { - if (gctx->iv != c->iv) - free(gctx->iv); - gctx->iv = malloc(arg); - if (!gctx->iv) - return 0; - } - gctx->ivlen = arg; - return 1; - - case EVP_CTRL_GCM_SET_TAG: - if (arg <= 0 || arg > 16 || c->encrypt) - return 0; - memcpy(c->buf, ptr, arg); - gctx->taglen = arg; - return 1; - - case EVP_CTRL_GCM_GET_TAG: - if (arg <= 0 || arg > 16 || !c->encrypt || gctx->taglen < 0) - return 0; - memcpy(ptr, c->buf, arg); - return 1; - - case EVP_CTRL_GCM_SET_IV_FIXED: - /* Special case: -1 length restores whole IV */ - if (arg == -1) { - memcpy(gctx->iv, ptr, gctx->ivlen); - gctx->iv_gen = 1; - return 1; - } - /* Fixed field must be at least 4 bytes and invocation field - * at least 8. - */ - if ((arg < 4) || (gctx->ivlen - arg) < 8) - return 0; - if (arg) - memcpy(gctx->iv, ptr, arg); - if (c->encrypt) - arc4random_buf(gctx->iv + arg, gctx->ivlen - arg); - gctx->iv_gen = 1; - return 1; - - case EVP_CTRL_GCM_IV_GEN: - if (gctx->iv_gen == 0 || gctx->key_set == 0) - return 0; - CRYPTO_gcm128_setiv(&gctx->gcm, gctx->iv, gctx->ivlen); - if (arg <= 0 || arg > gctx->ivlen) - arg = gctx->ivlen; - memcpy(ptr, gctx->iv + gctx->ivlen - arg, arg); - /* Invocation field will be at least 8 bytes in size and - * so no need to check wrap around or increment more than - * last 8 bytes. - */ - ctr64_inc(gctx->iv + gctx->ivlen - 8); - gctx->iv_set = 1; - return 1; - - case EVP_CTRL_GCM_SET_IV_INV: - if (gctx->iv_gen == 0 || gctx->key_set == 0 || c->encrypt) - return 0; - memcpy(gctx->iv + gctx->ivlen - arg, ptr, arg); - CRYPTO_gcm128_setiv(&gctx->gcm, gctx->iv, gctx->ivlen); - gctx->iv_set = 1; - return 1; - - case EVP_CTRL_AEAD_TLS1_AAD: - /* Save the AAD for later use */ - if (arg != 13) - return 0; - memcpy(c->buf, ptr, arg); - gctx->tls_aad_len = arg; - { - unsigned int len = c->buf[arg - 2] << 8 | - c->buf[arg - 1]; - - /* Correct length for explicit IV */ - if (len < EVP_GCM_TLS_EXPLICIT_IV_LEN) - return 0; - len -= EVP_GCM_TLS_EXPLICIT_IV_LEN; - - /* If decrypting correct for tag too */ - if (!c->encrypt) { - if (len < EVP_GCM_TLS_TAG_LEN) - return 0; - len -= EVP_GCM_TLS_TAG_LEN; - } - c->buf[arg - 2] = len >> 8; - c->buf[arg - 1] = len & 0xff; - } - /* Extra padding: tag appended to record */ - return EVP_GCM_TLS_TAG_LEN; - - case EVP_CTRL_COPY: - { - EVP_CIPHER_CTX *out = ptr; - EVP_AES_GCM_CTX *gctx_out = out->cipher_data; - - if (gctx->gcm.key) { - if (gctx->gcm.key != &gctx->ks) - return 0; - gctx_out->gcm.key = &gctx_out->ks; - } - - if (gctx->iv == c->iv) { - gctx_out->iv = out->iv; - } else { - if ((gctx_out->iv = calloc(1, gctx->ivlen)) == NULL) - return 0; - memcpy(gctx_out->iv, gctx->iv, gctx->ivlen); - } - return 1; - } - - default: - return -1; - - } -} - -static ctr128_f -aes_gcm_set_key(AES_KEY *aes_key, GCM128_CONTEXT *gcm_ctx, - const unsigned char *key, size_t key_len) -{ -#ifdef BSAES_CAPABLE - if (BSAES_CAPABLE) { - AES_set_encrypt_key(key, key_len * 8, aes_key); - CRYPTO_gcm128_init(gcm_ctx, aes_key, (block128_f)AES_encrypt); - return (ctr128_f)bsaes_ctr32_encrypt_blocks; - } else -#endif -#ifdef VPAES_CAPABLE - if (VPAES_CAPABLE) { - vpaes_set_encrypt_key(key, key_len * 8, aes_key); - CRYPTO_gcm128_init(gcm_ctx, aes_key, (block128_f)vpaes_encrypt); - return NULL; - } else -#endif - (void)0; /* terminate potentially open 'else' */ - - AES_set_encrypt_key(key, key_len * 8, aes_key); - CRYPTO_gcm128_init(gcm_ctx, aes_key, (block128_f)AES_encrypt); -#ifdef AES_CTR_ASM - return (ctr128_f)AES_ctr32_encrypt; -#else - return NULL; -#endif -} - -static int -aes_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - EVP_AES_GCM_CTX *gctx = ctx->cipher_data; - - if (!iv && !key) - return 1; - if (key) { - gctx->ctr = aes_gcm_set_key(&gctx->ks, &gctx->gcm, - key, ctx->key_len); - - /* If we have an iv can set it directly, otherwise use - * saved IV. - */ - if (iv == NULL && gctx->iv_set) - iv = gctx->iv; - if (iv) { - CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen); - gctx->iv_set = 1; - } - gctx->key_set = 1; - } else { - /* If key set use IV, otherwise copy */ - if (gctx->key_set) - CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen); - else - memcpy(gctx->iv, iv, gctx->ivlen); - gctx->iv_set = 1; - gctx->iv_gen = 0; - } - return 1; -} - -/* Handle TLS GCM packet format. This consists of the last portion of the IV - * followed by the payload and finally the tag. On encrypt generate IV, - * encrypt payload and write the tag. On verify retrieve IV, decrypt payload - * and verify tag. - */ - -static int -aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - EVP_AES_GCM_CTX *gctx = ctx->cipher_data; - int rv = -1; - - /* Encrypt/decrypt must be performed in place */ - if (out != in || - len < (EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN)) - return -1; - - /* Set IV from start of buffer or generate IV and write to start - * of buffer. - */ - if (EVP_CIPHER_CTX_ctrl(ctx, ctx->encrypt ? - EVP_CTRL_GCM_IV_GEN : EVP_CTRL_GCM_SET_IV_INV, - EVP_GCM_TLS_EXPLICIT_IV_LEN, out) <= 0) - goto err; - - /* Use saved AAD */ - if (CRYPTO_gcm128_aad(&gctx->gcm, ctx->buf, gctx->tls_aad_len)) - goto err; - - /* Fix buffer and length to point to payload */ - in += EVP_GCM_TLS_EXPLICIT_IV_LEN; - out += EVP_GCM_TLS_EXPLICIT_IV_LEN; - len -= EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN; - if (ctx->encrypt) { - /* Encrypt payload */ - if (gctx->ctr) { - if (CRYPTO_gcm128_encrypt_ctr32(&gctx->gcm, in, out, - len, gctx->ctr)) - goto err; - } else { - if (CRYPTO_gcm128_encrypt(&gctx->gcm, in, out, len)) - goto err; - } - out += len; - - /* Finally write tag */ - CRYPTO_gcm128_tag(&gctx->gcm, out, EVP_GCM_TLS_TAG_LEN); - rv = len + EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN; - } else { - /* Decrypt */ - if (gctx->ctr) { - if (CRYPTO_gcm128_decrypt_ctr32(&gctx->gcm, in, out, - len, gctx->ctr)) - goto err; - } else { - if (CRYPTO_gcm128_decrypt(&gctx->gcm, in, out, len)) - goto err; - } - /* Retrieve tag */ - CRYPTO_gcm128_tag(&gctx->gcm, ctx->buf, EVP_GCM_TLS_TAG_LEN); - - /* If tag mismatch wipe buffer */ - if (memcmp(ctx->buf, in + len, EVP_GCM_TLS_TAG_LEN)) { - explicit_bzero(out, len); - goto err; - } - rv = len; - } - -err: - gctx->iv_set = 0; - gctx->tls_aad_len = -1; - return rv; -} - -static int -aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - EVP_AES_GCM_CTX *gctx = ctx->cipher_data; - - /* If not set up, return error */ - if (!gctx->key_set) - return -1; - - if (gctx->tls_aad_len >= 0) - return aes_gcm_tls_cipher(ctx, out, in, len); - - if (!gctx->iv_set) - return -1; - - if (in) { - if (out == NULL) { - if (CRYPTO_gcm128_aad(&gctx->gcm, in, len)) - return -1; - } else if (ctx->encrypt) { - if (gctx->ctr) { - if (CRYPTO_gcm128_encrypt_ctr32(&gctx->gcm, - in, out, len, gctx->ctr)) - return -1; - } else { - if (CRYPTO_gcm128_encrypt(&gctx->gcm, - in, out, len)) - return -1; - } - } else { - if (gctx->ctr) { - if (CRYPTO_gcm128_decrypt_ctr32(&gctx->gcm, - in, out, len, gctx->ctr)) - return -1; - } else { - if (CRYPTO_gcm128_decrypt(&gctx->gcm, - in, out, len)) - return -1; - } - } - return len; - } else { - if (!ctx->encrypt) { - if (gctx->taglen < 0) - return -1; - if (CRYPTO_gcm128_finish(&gctx->gcm, ctx->buf, - gctx->taglen) != 0) - return -1; - gctx->iv_set = 0; - return 0; - } - CRYPTO_gcm128_tag(&gctx->gcm, ctx->buf, 16); - gctx->taglen = 16; - - /* Don't reuse the IV */ - gctx->iv_set = 0; - return 0; - } - -} - -#define CUSTOM_FLAGS \ - ( EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CUSTOM_IV | \ - EVP_CIPH_FLAG_CUSTOM_IV_LENGTH | \ - EVP_CIPH_FLAG_CUSTOM_CIPHER | EVP_CIPH_ALWAYS_CALL_INIT | \ - EVP_CIPH_CTRL_INIT | EVP_CIPH_CUSTOM_COPY ) - - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_128_gcm = { - .nid = NID_aes_128_gcm, - .block_size = 1, - .key_len = 16, - .iv_len = 12, - .flags = EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS | EVP_CIPH_GCM_MODE, - .init = aesni_gcm_init_key, - .do_cipher = aes_gcm_cipher, - .cleanup = aes_gcm_cleanup, - .ctx_size = sizeof(EVP_AES_GCM_CTX), - .ctrl = aes_gcm_ctrl, -}; -#endif - -static const EVP_CIPHER aes_128_gcm = { - .nid = NID_aes_128_gcm, - .block_size = 1, - .key_len = 16, - .iv_len = 12, - .flags = EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS | EVP_CIPH_GCM_MODE, - .init = aes_gcm_init_key, - .do_cipher = aes_gcm_cipher, - .cleanup = aes_gcm_cleanup, - .ctx_size = sizeof(EVP_AES_GCM_CTX), - .ctrl = aes_gcm_ctrl, -}; - -const EVP_CIPHER * -EVP_aes_128_gcm(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_128_gcm : &aes_128_gcm; -#else - return &aes_128_gcm; -#endif -} -LCRYPTO_ALIAS(EVP_aes_128_gcm); - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_192_gcm = { - .nid = NID_aes_192_gcm, - .block_size = 1, - .key_len = 24, - .iv_len = 12, - .flags = EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS | EVP_CIPH_GCM_MODE, - .init = aesni_gcm_init_key, - .do_cipher = aes_gcm_cipher, - .cleanup = aes_gcm_cleanup, - .ctx_size = sizeof(EVP_AES_GCM_CTX), - .ctrl = aes_gcm_ctrl, -}; -#endif - -static const EVP_CIPHER aes_192_gcm = { - .nid = NID_aes_192_gcm, - .block_size = 1, - .key_len = 24, - .iv_len = 12, - .flags = EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS | EVP_CIPH_GCM_MODE, - .init = aes_gcm_init_key, - .do_cipher = aes_gcm_cipher, - .cleanup = aes_gcm_cleanup, - .ctx_size = sizeof(EVP_AES_GCM_CTX), - .ctrl = aes_gcm_ctrl, -}; - -const EVP_CIPHER * -EVP_aes_192_gcm(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_192_gcm : &aes_192_gcm; -#else - return &aes_192_gcm; -#endif -} -LCRYPTO_ALIAS(EVP_aes_192_gcm); - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_256_gcm = { - .nid = NID_aes_256_gcm, - .block_size = 1, - .key_len = 32, - .iv_len = 12, - .flags = EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS | EVP_CIPH_GCM_MODE, - .init = aesni_gcm_init_key, - .do_cipher = aes_gcm_cipher, - .cleanup = aes_gcm_cleanup, - .ctx_size = sizeof(EVP_AES_GCM_CTX), - .ctrl = aes_gcm_ctrl, -}; -#endif - -static const EVP_CIPHER aes_256_gcm = { - .nid = NID_aes_256_gcm, - .block_size = 1, - .key_len = 32, - .iv_len = 12, - .flags = EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS | EVP_CIPH_GCM_MODE, - .init = aes_gcm_init_key, - .do_cipher = aes_gcm_cipher, - .cleanup = aes_gcm_cleanup, - .ctx_size = sizeof(EVP_AES_GCM_CTX), - .ctrl = aes_gcm_ctrl, -}; - -const EVP_CIPHER * -EVP_aes_256_gcm(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_256_gcm : &aes_256_gcm; -#else - return &aes_256_gcm; -#endif -} -LCRYPTO_ALIAS(EVP_aes_256_gcm); - -static int -aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) -{ - EVP_AES_XTS_CTX *xctx = c->cipher_data; - - switch (type) { - case EVP_CTRL_INIT: - /* - * key1 and key2 are used as an indicator both key and IV - * are set - */ - xctx->xts.key1 = NULL; - xctx->xts.key2 = NULL; - return 1; - - case EVP_CTRL_COPY: - { - EVP_CIPHER_CTX *out = ptr; - EVP_AES_XTS_CTX *xctx_out = out->cipher_data; - - if (xctx->xts.key1) { - if (xctx->xts.key1 != &xctx->ks1) - return 0; - xctx_out->xts.key1 = &xctx_out->ks1; - } - if (xctx->xts.key2) { - if (xctx->xts.key2 != &xctx->ks2) - return 0; - xctx_out->xts.key2 = &xctx_out->ks2; - } - return 1; - } - } - return -1; -} - -static int -aes_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - EVP_AES_XTS_CTX *xctx = ctx->cipher_data; - - if (!iv && !key) - return 1; - - if (key) do { -#ifdef AES_XTS_ASM - xctx->stream = enc ? AES_xts_encrypt : AES_xts_decrypt; -#else - xctx->stream = NULL; -#endif - /* key_len is two AES keys */ -#ifdef BSAES_CAPABLE - if (BSAES_CAPABLE) - xctx->stream = enc ? bsaes_xts_encrypt : - bsaes_xts_decrypt; - else -#endif -#ifdef VPAES_CAPABLE - if (VPAES_CAPABLE) { - if (enc) { - vpaes_set_encrypt_key(key, ctx->key_len * 4, - &xctx->ks1); - xctx->xts.block1 = (block128_f)vpaes_encrypt; - } else { - vpaes_set_decrypt_key(key, ctx->key_len * 4, - &xctx->ks1); - xctx->xts.block1 = (block128_f)vpaes_decrypt; - } - - vpaes_set_encrypt_key(key + ctx->key_len / 2, - ctx->key_len * 4, &xctx->ks2); - xctx->xts.block2 = (block128_f)vpaes_encrypt; - - xctx->xts.key1 = &xctx->ks1; - break; - } else -#endif - (void)0; /* terminate potentially open 'else' */ - - if (enc) { - AES_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1); - xctx->xts.block1 = (block128_f)AES_encrypt; - } else { - AES_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1); - xctx->xts.block1 = (block128_f)AES_decrypt; - } - - AES_set_encrypt_key(key + ctx->key_len / 2, - ctx->key_len * 4, &xctx->ks2); - xctx->xts.block2 = (block128_f)AES_encrypt; - - xctx->xts.key1 = &xctx->ks1; - } while (0); - - if (iv) { - xctx->xts.key2 = &xctx->ks2; - memcpy(ctx->iv, iv, 16); - } - - return 1; -} - -static int -aes_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - EVP_AES_XTS_CTX *xctx = ctx->cipher_data; - - if (!xctx->xts.key1 || !xctx->xts.key2) - return 0; - if (!out || !in || len < AES_BLOCK_SIZE) - return 0; - - if (xctx->stream) - (*xctx->stream)(in, out, len, xctx->xts.key1, xctx->xts.key2, - ctx->iv); - else if (CRYPTO_xts128_encrypt(&xctx->xts, ctx->iv, in, out, len, - ctx->encrypt)) - return 0; - return 1; -} - -#define XTS_FLAGS \ - ( EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CUSTOM_IV | \ - EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT | EVP_CIPH_CUSTOM_COPY ) - - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_128_xts = { - .nid = NID_aes_128_xts, - .block_size = 1, - .key_len = 2 * 16, - .iv_len = 16, - .flags = XTS_FLAGS | EVP_CIPH_XTS_MODE, - .init = aesni_xts_init_key, - .do_cipher = aes_xts_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_AES_XTS_CTX), - .ctrl = aes_xts_ctrl, -}; -#endif - -static const EVP_CIPHER aes_128_xts = { - .nid = NID_aes_128_xts, - .block_size = 1, - .key_len = 2 * 16, - .iv_len = 16, - .flags = XTS_FLAGS | EVP_CIPH_XTS_MODE, - .init = aes_xts_init_key, - .do_cipher = aes_xts_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_AES_XTS_CTX), - .ctrl = aes_xts_ctrl, -}; - -const EVP_CIPHER * -EVP_aes_128_xts(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_128_xts : &aes_128_xts; -#else - return &aes_128_xts; -#endif -} -LCRYPTO_ALIAS(EVP_aes_128_xts); - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_256_xts = { - .nid = NID_aes_256_xts, - .block_size = 1, - .key_len = 2 * 32, - .iv_len = 16, - .flags = XTS_FLAGS | EVP_CIPH_XTS_MODE, - .init = aesni_xts_init_key, - .do_cipher = aes_xts_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_AES_XTS_CTX), - .ctrl = aes_xts_ctrl, -}; -#endif - -static const EVP_CIPHER aes_256_xts = { - .nid = NID_aes_256_xts, - .block_size = 1, - .key_len = 2 * 32, - .iv_len = 16, - .flags = XTS_FLAGS | EVP_CIPH_XTS_MODE, - .init = aes_xts_init_key, - .do_cipher = aes_xts_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_AES_XTS_CTX), - .ctrl = aes_xts_ctrl, -}; - -const EVP_CIPHER * -EVP_aes_256_xts(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_256_xts : &aes_256_xts; -#else - return &aes_256_xts; -#endif -} -LCRYPTO_ALIAS(EVP_aes_256_xts); - -static int -aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) -{ - EVP_AES_CCM_CTX *cctx = c->cipher_data; - - switch (type) { - case EVP_CTRL_INIT: - cctx->key_set = 0; - cctx->iv_set = 0; - cctx->L = 8; - cctx->M = 12; - cctx->tag_set = 0; - cctx->len_set = 0; - return 1; - - case EVP_CTRL_AEAD_GET_IVLEN: - *(int *)ptr = 15 - cctx->L; - return 1; - - case EVP_CTRL_AEAD_SET_IVLEN: - arg = 15 - arg; - - case EVP_CTRL_CCM_SET_L: - if (arg < 2 || arg > 8) - return 0; - cctx->L = arg; - return 1; - - case EVP_CTRL_CCM_SET_TAG: - if ((arg & 1) || arg < 4 || arg > 16) - return 0; - if ((c->encrypt && ptr) || (!c->encrypt && !ptr)) - return 0; - if (ptr) { - cctx->tag_set = 1; - memcpy(c->buf, ptr, arg); - } - cctx->M = arg; - return 1; - - case EVP_CTRL_CCM_GET_TAG: - if (!c->encrypt || !cctx->tag_set) - return 0; - if (!CRYPTO_ccm128_tag(&cctx->ccm, ptr, (size_t)arg)) - return 0; - cctx->tag_set = 0; - cctx->iv_set = 0; - cctx->len_set = 0; - return 1; - - case EVP_CTRL_COPY: - { - EVP_CIPHER_CTX *out = ptr; - EVP_AES_CCM_CTX *cctx_out = out->cipher_data; - - if (cctx->ccm.key) { - if (cctx->ccm.key != &cctx->ks) - return 0; - cctx_out->ccm.key = &cctx_out->ks; - } - return 1; - } - - default: - return -1; - } -} - -static int -aes_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - EVP_AES_CCM_CTX *cctx = ctx->cipher_data; - - if (!iv && !key) - return 1; - if (key) do { -#ifdef VPAES_CAPABLE - if (VPAES_CAPABLE) { - vpaes_set_encrypt_key(key, ctx->key_len*8, &cctx->ks); - CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L, - &cctx->ks, (block128_f)vpaes_encrypt); - cctx->str = NULL; - cctx->key_set = 1; - break; - } -#endif - AES_set_encrypt_key(key, ctx->key_len * 8, &cctx->ks); - CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L, - &cctx->ks, (block128_f)AES_encrypt); - cctx->str = NULL; - cctx->key_set = 1; - } while (0); - if (iv) { - memcpy(ctx->iv, iv, 15 - cctx->L); - cctx->iv_set = 1; - } - return 1; -} - -static int -aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - EVP_AES_CCM_CTX *cctx = ctx->cipher_data; - CCM128_CONTEXT *ccm = &cctx->ccm; - - /* If not set up, return error */ - if (!cctx->iv_set && !cctx->key_set) - return -1; - if (!ctx->encrypt && !cctx->tag_set) - return -1; - - if (!out) { - if (!in) { - if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L, - len)) - return -1; - cctx->len_set = 1; - return len; - } - /* If have AAD need message length */ - if (!cctx->len_set && len) - return -1; - CRYPTO_ccm128_aad(ccm, in, len); - return len; - } - /* EVP_*Final() doesn't return any data */ - if (!in) - return 0; - /* If not set length yet do it */ - if (!cctx->len_set) { - if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L, len)) - return -1; - cctx->len_set = 1; - } - if (ctx->encrypt) { - if (cctx->str ? CRYPTO_ccm128_encrypt_ccm64(ccm, in, out, len, - cctx->str) : CRYPTO_ccm128_encrypt(ccm, in, out, len)) - return -1; - cctx->tag_set = 1; - return len; - } else { - int rv = -1; - if (cctx->str ? !CRYPTO_ccm128_decrypt_ccm64(ccm, in, out, len, - cctx->str) : !CRYPTO_ccm128_decrypt(ccm, in, out, len)) { - unsigned char tag[16]; - if (CRYPTO_ccm128_tag(ccm, tag, cctx->M)) { - if (!memcmp(tag, ctx->buf, cctx->M)) - rv = len; - } - } - if (rv == -1) - explicit_bzero(out, len); - cctx->iv_set = 0; - cctx->tag_set = 0; - cctx->len_set = 0; - return rv; - } - -} - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_128_ccm = { - .nid = NID_aes_128_ccm, - .block_size = 1, - .key_len = 16, - .iv_len = 12, - .flags = CUSTOM_FLAGS | EVP_CIPH_CCM_MODE, - .init = aesni_ccm_init_key, - .do_cipher = aes_ccm_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_AES_CCM_CTX), - .ctrl = aes_ccm_ctrl, -}; -#endif - -static const EVP_CIPHER aes_128_ccm = { - .nid = NID_aes_128_ccm, - .block_size = 1, - .key_len = 16, - .iv_len = 12, - .flags = CUSTOM_FLAGS | EVP_CIPH_CCM_MODE, - .init = aes_ccm_init_key, - .do_cipher = aes_ccm_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_AES_CCM_CTX), - .ctrl = aes_ccm_ctrl, -}; - -const EVP_CIPHER * -EVP_aes_128_ccm(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_128_ccm : &aes_128_ccm; -#else - return &aes_128_ccm; -#endif -} -LCRYPTO_ALIAS(EVP_aes_128_ccm); - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_192_ccm = { - .nid = NID_aes_192_ccm, - .block_size = 1, - .key_len = 24, - .iv_len = 12, - .flags = CUSTOM_FLAGS | EVP_CIPH_CCM_MODE, - .init = aesni_ccm_init_key, - .do_cipher = aes_ccm_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_AES_CCM_CTX), - .ctrl = aes_ccm_ctrl, -}; -#endif - -static const EVP_CIPHER aes_192_ccm = { - .nid = NID_aes_192_ccm, - .block_size = 1, - .key_len = 24, - .iv_len = 12, - .flags = CUSTOM_FLAGS | EVP_CIPH_CCM_MODE, - .init = aes_ccm_init_key, - .do_cipher = aes_ccm_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_AES_CCM_CTX), - .ctrl = aes_ccm_ctrl, -}; - -const EVP_CIPHER * -EVP_aes_192_ccm(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_192_ccm : &aes_192_ccm; -#else - return &aes_192_ccm; -#endif -} -LCRYPTO_ALIAS(EVP_aes_192_ccm); - -#ifdef AESNI_CAPABLE -static const EVP_CIPHER aesni_256_ccm = { - .nid = NID_aes_256_ccm, - .block_size = 1, - .key_len = 32, - .iv_len = 12, - .flags = CUSTOM_FLAGS | EVP_CIPH_CCM_MODE, - .init = aesni_ccm_init_key, - .do_cipher = aes_ccm_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_AES_CCM_CTX), - .ctrl = aes_ccm_ctrl, -}; -#endif - -static const EVP_CIPHER aes_256_ccm = { - .nid = NID_aes_256_ccm, - .block_size = 1, - .key_len = 32, - .iv_len = 12, - .flags = CUSTOM_FLAGS | EVP_CIPH_CCM_MODE, - .init = aes_ccm_init_key, - .do_cipher = aes_ccm_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_AES_CCM_CTX), - .ctrl = aes_ccm_ctrl, -}; - -const EVP_CIPHER * -EVP_aes_256_ccm(void) -{ -#ifdef AESNI_CAPABLE - return AESNI_CAPABLE ? &aesni_256_ccm : &aes_256_ccm; -#else - return &aes_256_ccm; -#endif -} -LCRYPTO_ALIAS(EVP_aes_256_ccm); - -#define EVP_AEAD_AES_GCM_TAG_LEN 16 - -struct aead_aes_gcm_ctx { - union { - double align; - AES_KEY ks; - } ks; - GCM128_CONTEXT gcm; - ctr128_f ctr; - unsigned char tag_len; -}; - -static int -aead_aes_gcm_init(EVP_AEAD_CTX *ctx, const unsigned char *key, size_t key_len, - size_t tag_len) -{ - struct aead_aes_gcm_ctx *gcm_ctx; - const size_t key_bits = key_len * 8; - - /* EVP_AEAD_CTX_init should catch this. */ - if (key_bits != 128 && key_bits != 256) { - EVPerror(EVP_R_BAD_KEY_LENGTH); - return 0; - } - - if (tag_len == EVP_AEAD_DEFAULT_TAG_LENGTH) - tag_len = EVP_AEAD_AES_GCM_TAG_LEN; - - if (tag_len > EVP_AEAD_AES_GCM_TAG_LEN) { - EVPerror(EVP_R_TAG_TOO_LARGE); - return 0; - } - - if ((gcm_ctx = calloc(1, sizeof(struct aead_aes_gcm_ctx))) == NULL) - return 0; - -#ifdef AESNI_CAPABLE - if (AESNI_CAPABLE) { - aesni_set_encrypt_key(key, key_bits, &gcm_ctx->ks.ks); - CRYPTO_gcm128_init(&gcm_ctx->gcm, &gcm_ctx->ks.ks, - (block128_f)aesni_encrypt); - gcm_ctx->ctr = (ctr128_f) aesni_ctr32_encrypt_blocks; - } else -#endif - { - gcm_ctx->ctr = aes_gcm_set_key(&gcm_ctx->ks.ks, &gcm_ctx->gcm, - key, key_len); - } - gcm_ctx->tag_len = tag_len; - ctx->aead_state = gcm_ctx; - - return 1; -} - -static void -aead_aes_gcm_cleanup(EVP_AEAD_CTX *ctx) -{ - struct aead_aes_gcm_ctx *gcm_ctx = ctx->aead_state; - - freezero(gcm_ctx, sizeof(*gcm_ctx)); -} - -static int -aead_aes_gcm_seal(const EVP_AEAD_CTX *ctx, unsigned char *out, size_t *out_len, - size_t max_out_len, const unsigned char *nonce, size_t nonce_len, - const unsigned char *in, size_t in_len, const unsigned char *ad, - size_t ad_len) -{ - const struct aead_aes_gcm_ctx *gcm_ctx = ctx->aead_state; - GCM128_CONTEXT gcm; - size_t bulk = 0; - - if (max_out_len < in_len + gcm_ctx->tag_len) { - EVPerror(EVP_R_BUFFER_TOO_SMALL); - return 0; - } - - memcpy(&gcm, &gcm_ctx->gcm, sizeof(gcm)); - - if (nonce_len == 0) { - EVPerror(EVP_R_INVALID_IV_LENGTH); - return 0; - } - CRYPTO_gcm128_setiv(&gcm, nonce, nonce_len); - - if (ad_len > 0 && CRYPTO_gcm128_aad(&gcm, ad, ad_len)) - return 0; - - if (gcm_ctx->ctr) { - if (CRYPTO_gcm128_encrypt_ctr32(&gcm, in + bulk, out + bulk, - in_len - bulk, gcm_ctx->ctr)) - return 0; - } else { - if (CRYPTO_gcm128_encrypt(&gcm, in + bulk, out + bulk, - in_len - bulk)) - return 0; - } - - CRYPTO_gcm128_tag(&gcm, out + in_len, gcm_ctx->tag_len); - *out_len = in_len + gcm_ctx->tag_len; - - return 1; -} - -static int -aead_aes_gcm_open(const EVP_AEAD_CTX *ctx, unsigned char *out, size_t *out_len, - size_t max_out_len, const unsigned char *nonce, size_t nonce_len, - const unsigned char *in, size_t in_len, const unsigned char *ad, - size_t ad_len) -{ - const struct aead_aes_gcm_ctx *gcm_ctx = ctx->aead_state; - unsigned char tag[EVP_AEAD_AES_GCM_TAG_LEN]; - GCM128_CONTEXT gcm; - size_t plaintext_len; - size_t bulk = 0; - - if (in_len < gcm_ctx->tag_len) { - EVPerror(EVP_R_BAD_DECRYPT); - return 0; - } - - plaintext_len = in_len - gcm_ctx->tag_len; - - if (max_out_len < plaintext_len) { - EVPerror(EVP_R_BUFFER_TOO_SMALL); - return 0; - } - - memcpy(&gcm, &gcm_ctx->gcm, sizeof(gcm)); - - if (nonce_len == 0) { - EVPerror(EVP_R_INVALID_IV_LENGTH); - return 0; - } - CRYPTO_gcm128_setiv(&gcm, nonce, nonce_len); - - if (CRYPTO_gcm128_aad(&gcm, ad, ad_len)) - return 0; - - if (gcm_ctx->ctr) { - if (CRYPTO_gcm128_decrypt_ctr32(&gcm, in + bulk, out + bulk, - in_len - bulk - gcm_ctx->tag_len, gcm_ctx->ctr)) - return 0; - } else { - if (CRYPTO_gcm128_decrypt(&gcm, in + bulk, out + bulk, - in_len - bulk - gcm_ctx->tag_len)) - return 0; - } - - CRYPTO_gcm128_tag(&gcm, tag, gcm_ctx->tag_len); - if (timingsafe_memcmp(tag, in + plaintext_len, gcm_ctx->tag_len) != 0) { - EVPerror(EVP_R_BAD_DECRYPT); - return 0; - } - - *out_len = plaintext_len; - - return 1; -} - -static const EVP_AEAD aead_aes_128_gcm = { - .key_len = 16, - .nonce_len = 12, - .overhead = EVP_AEAD_AES_GCM_TAG_LEN, - .max_tag_len = EVP_AEAD_AES_GCM_TAG_LEN, - - .init = aead_aes_gcm_init, - .cleanup = aead_aes_gcm_cleanup, - .seal = aead_aes_gcm_seal, - .open = aead_aes_gcm_open, -}; - -static const EVP_AEAD aead_aes_256_gcm = { - .key_len = 32, - .nonce_len = 12, - .overhead = EVP_AEAD_AES_GCM_TAG_LEN, - .max_tag_len = EVP_AEAD_AES_GCM_TAG_LEN, - - .init = aead_aes_gcm_init, - .cleanup = aead_aes_gcm_cleanup, - .seal = aead_aes_gcm_seal, - .open = aead_aes_gcm_open, -}; - -const EVP_AEAD * -EVP_aead_aes_128_gcm(void) -{ - return &aead_aes_128_gcm; -} -LCRYPTO_ALIAS(EVP_aead_aes_128_gcm); - -const EVP_AEAD * -EVP_aead_aes_256_gcm(void) -{ - return &aead_aes_256_gcm; -} -LCRYPTO_ALIAS(EVP_aead_aes_256_gcm); - -typedef struct { - union { - double align; - AES_KEY ks; - } ks; - unsigned char *iv; -} EVP_AES_WRAP_CTX; - -static int -aes_wrap_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - EVP_AES_WRAP_CTX *wctx = (EVP_AES_WRAP_CTX *)ctx->cipher_data; - - if (iv == NULL && key == NULL) - return 1; - - if (key != NULL) { - if (ctx->encrypt) - AES_set_encrypt_key(key, 8 * ctx->key_len, - &wctx->ks.ks); - else - AES_set_decrypt_key(key, 8 * ctx->key_len, - &wctx->ks.ks); - - if (iv == NULL) - wctx->iv = NULL; - } - - if (iv != NULL) { - int iv_len = EVP_CIPHER_CTX_iv_length(ctx); - - if (iv_len < 0 || iv_len > sizeof(ctx->iv)) - return 0; - memcpy(ctx->iv, iv, iv_len); - wctx->iv = ctx->iv; - } - - return 1; -} - -static int -aes_wrap_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inlen) -{ - EVP_AES_WRAP_CTX *wctx = ctx->cipher_data; - int ret; - - if (in == NULL) - return 0; - - if (inlen % 8 != 0) - return -1; - if (ctx->encrypt && inlen < 8) - return -1; - if (!ctx->encrypt && inlen < 16) - return -1; - if (inlen > INT_MAX) - return -1; - - if (out == NULL) { - if (ctx->encrypt) - return inlen + 8; - else - return inlen - 8; - } - - if (ctx->encrypt) - ret = AES_wrap_key(&wctx->ks.ks, wctx->iv, out, in, - (unsigned int)inlen); - else - ret = AES_unwrap_key(&wctx->ks.ks, wctx->iv, out, in, - (unsigned int)inlen); - - return ret != 0 ? ret : -1; -} - -static int -aes_wrap_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) -{ - EVP_AES_WRAP_CTX *wctx = c->cipher_data; - - switch (type) { - case EVP_CTRL_COPY: - { - EVP_CIPHER_CTX *out = ptr; - EVP_AES_WRAP_CTX *wctx_out = out->cipher_data; - - if (wctx->iv != NULL) { - if (c->iv != wctx->iv) - return 0; - - wctx_out->iv = out->iv; - } - - return 1; - } - } - - return -1; -} - -#define WRAP_FLAGS \ - ( EVP_CIPH_WRAP_MODE | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER | \ - EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_FLAG_DEFAULT_ASN1 | \ - EVP_CIPH_CUSTOM_COPY ) - -static const EVP_CIPHER aes_128_wrap = { - .nid = NID_id_aes128_wrap, - .block_size = 8, - .key_len = 16, - .iv_len = 8, - .flags = WRAP_FLAGS, - .init = aes_wrap_init_key, - .do_cipher = aes_wrap_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_AES_WRAP_CTX), - .set_asn1_parameters = NULL, - .get_asn1_parameters = NULL, - .ctrl = aes_wrap_ctrl, -}; - -const EVP_CIPHER * -EVP_aes_128_wrap(void) -{ - return &aes_128_wrap; -} -LCRYPTO_ALIAS(EVP_aes_128_wrap); - -static const EVP_CIPHER aes_192_wrap = { - .nid = NID_id_aes192_wrap, - .block_size = 8, - .key_len = 24, - .iv_len = 8, - .flags = WRAP_FLAGS, - .init = aes_wrap_init_key, - .do_cipher = aes_wrap_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_AES_WRAP_CTX), - .set_asn1_parameters = NULL, - .get_asn1_parameters = NULL, - .ctrl = aes_wrap_ctrl, -}; - -const EVP_CIPHER * -EVP_aes_192_wrap(void) -{ - return &aes_192_wrap; -} -LCRYPTO_ALIAS(EVP_aes_192_wrap); - -static const EVP_CIPHER aes_256_wrap = { - .nid = NID_id_aes256_wrap, - .block_size = 8, - .key_len = 32, - .iv_len = 8, - .flags = WRAP_FLAGS, - .init = aes_wrap_init_key, - .do_cipher = aes_wrap_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_AES_WRAP_CTX), - .set_asn1_parameters = NULL, - .get_asn1_parameters = NULL, - .ctrl = aes_wrap_ctrl, -}; - -const EVP_CIPHER * -EVP_aes_256_wrap(void) -{ - return &aes_256_wrap; -} -LCRYPTO_ALIAS(EVP_aes_256_wrap); - -#endif diff --git a/src/lib/libcrypto/evp/e_bf.c b/src/lib/libcrypto/evp/e_bf.c deleted file mode 100644 index 4f3799975b..0000000000 --- a/src/lib/libcrypto/evp/e_bf.c +++ /dev/null @@ -1,247 +0,0 @@ -/* $OpenBSD: e_bf.c,v 1.19 2024/04/09 13:52:41 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include - -#ifndef OPENSSL_NO_BF - -#include -#include -#include - -#include "evp_local.h" - -typedef struct { - BF_KEY ks; -} EVP_BF_KEY; - -#define data(ctx) ((EVP_BF_KEY *)(ctx)->cipher_data) - -static int -bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - BF_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx), key); - return 1; -} - -static int -bf_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t chunk = LONG_MAX & ~0xff; - - while (inl >= chunk) { - BF_cbc_encrypt(in, out, (long)chunk, &((EVP_BF_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt); - inl -= chunk; - in += chunk; - out += chunk; - } - - if (inl) - BF_cbc_encrypt(in, out, (long)inl, &((EVP_BF_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt); - - return 1; -} - -static int -bf_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t chunk = LONG_MAX & ~0xff; - - if (inl < chunk) - chunk = inl; - - while (inl && inl >= chunk) { - BF_cfb64_encrypt(in, out, (long)chunk, &((EVP_BF_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt); - inl -= chunk; - in += chunk; - out += chunk; - if (inl < chunk) - chunk = inl; - } - - return 1; -} - -static int -bf_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t i, bl; - - bl = ctx->cipher->block_size; - - if (inl < bl) - return 1; - - inl -= bl; - - for (i = 0; i <= inl; i += bl) - BF_ecb_encrypt(in + i, out + i, &((EVP_BF_KEY *)ctx->cipher_data)->ks, ctx->encrypt); - - return 1; -} - -static int -bf_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t chunk = LONG_MAX & ~0xff; - - while (inl >= chunk) { - BF_ofb64_encrypt(in, out, (long)chunk, &((EVP_BF_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num); - inl -= chunk; - in += chunk; - out += chunk; - } - - if (inl) - BF_ofb64_encrypt(in, out, (long)inl, &((EVP_BF_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num); - - return 1; -} - -static const EVP_CIPHER bf_cbc = { - .nid = NID_bf_cbc, - .block_size = 8, - .key_len = 16, - .iv_len = 8, - .flags = EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CBC_MODE, - .init = bf_init_key, - .do_cipher = bf_cbc_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_BF_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_bf_cbc(void) -{ - return &bf_cbc; -} -LCRYPTO_ALIAS(EVP_bf_cbc); - -static const EVP_CIPHER bf_cfb64 = { - .nid = NID_bf_cfb64, - .block_size = 1, - .key_len = 16, - .iv_len = 8, - .flags = EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CFB_MODE, - .init = bf_init_key, - .do_cipher = bf_cfb64_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_BF_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_bf_cfb64(void) -{ - return &bf_cfb64; -} -LCRYPTO_ALIAS(EVP_bf_cfb64); - -static const EVP_CIPHER bf_ofb = { - .nid = NID_bf_ofb64, - .block_size = 1, - .key_len = 16, - .iv_len = 8, - .flags = EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_OFB_MODE, - .init = bf_init_key, - .do_cipher = bf_ofb_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_BF_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_bf_ofb(void) -{ - return &bf_ofb; -} -LCRYPTO_ALIAS(EVP_bf_ofb); - -static const EVP_CIPHER bf_ecb = { - .nid = NID_bf_ecb, - .block_size = 8, - .key_len = 16, - .iv_len = 0, - .flags = EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ECB_MODE, - .init = bf_init_key, - .do_cipher = bf_ecb_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_BF_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_bf_ecb(void) -{ - return &bf_ecb; -} -LCRYPTO_ALIAS(EVP_bf_ecb); -#endif diff --git a/src/lib/libcrypto/evp/e_camellia.c b/src/lib/libcrypto/evp/e_camellia.c deleted file mode 100644 index 55dcc79922..0000000000 --- a/src/lib/libcrypto/evp/e_camellia.c +++ /dev/null @@ -1,823 +0,0 @@ -/* $OpenBSD: e_camellia.c,v 1.20 2024/04/09 13:52:41 beck Exp $ */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#ifndef OPENSSL_NO_CAMELLIA -#include -#include -#include - -#include "evp_local.h" - -/* Camellia subkey Structure */ -typedef struct { - CAMELLIA_KEY ks; -} EVP_CAMELLIA_KEY; - -/* Attribute operation for Camellia */ -#define data(ctx) ((EVP_CAMELLIA_KEY *)(ctx)->cipher_data) - -static int -camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - int ret; - - ret = Camellia_set_key(key, ctx->key_len * 8, ctx->cipher_data); - - if (ret < 0) { - EVPerror(EVP_R_CAMELLIA_KEY_SETUP_FAILED); - return 0; - } - - return 1; -} - -static int -camellia_128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - while (inl >= EVP_MAXCHUNK) { - Camellia_cbc_encrypt(in, out, EVP_MAXCHUNK, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt); - inl -= EVP_MAXCHUNK; - in += EVP_MAXCHUNK; - out += EVP_MAXCHUNK; - } - - if (inl) - Camellia_cbc_encrypt(in, out, inl, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt); - - return 1; -} - -static int -camellia_128_cfb128_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t chunk = EVP_MAXCHUNK; - - if (inl < chunk) - chunk = inl; - - while (inl && inl >= chunk) { - Camellia_cfb128_encrypt(in, out, chunk, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt); - inl -= chunk; - in += chunk; - out += chunk; - if (inl < chunk) - chunk = inl; - } - - return 1; -} - -static int -camellia_128_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t i, bl; - - bl = ctx->cipher->block_size; - - if (inl < bl) - return 1; - - inl -= bl; - - for (i = 0; i <= inl; i += bl) - Camellia_ecb_encrypt(in + i, out + i, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->encrypt); - - return 1; -} - -static int -camellia_128_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - while (inl >= EVP_MAXCHUNK) { - Camellia_ofb128_encrypt(in, out, EVP_MAXCHUNK, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num); - inl -= EVP_MAXCHUNK; - in += EVP_MAXCHUNK; - out += EVP_MAXCHUNK; - } - - if (inl) - Camellia_ofb128_encrypt(in, out, inl, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num); - - return 1; -} - -static const EVP_CIPHER camellia_128_cbc = { - .nid = NID_camellia_128_cbc, - .block_size = 16, - .key_len = 16, - .iv_len = 16, - .flags = 0 | EVP_CIPH_CBC_MODE, - .init = camellia_init_key, - .do_cipher = camellia_128_cbc_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_CAMELLIA_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_camellia_128_cbc(void) -{ - return &camellia_128_cbc; -} -LCRYPTO_ALIAS(EVP_camellia_128_cbc); - -static const EVP_CIPHER camellia_128_cfb128 = { - .nid = NID_camellia_128_cfb128, - .block_size = 1, - .key_len = 16, - .iv_len = 16, - .flags = 0 | EVP_CIPH_CFB_MODE, - .init = camellia_init_key, - .do_cipher = camellia_128_cfb128_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_CAMELLIA_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_camellia_128_cfb128(void) -{ - return &camellia_128_cfb128; -} -LCRYPTO_ALIAS(EVP_camellia_128_cfb128); - -static const EVP_CIPHER camellia_128_ofb = { - .nid = NID_camellia_128_ofb128, - .block_size = 1, - .key_len = 16, - .iv_len = 16, - .flags = 0 | EVP_CIPH_OFB_MODE, - .init = camellia_init_key, - .do_cipher = camellia_128_ofb_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_CAMELLIA_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_camellia_128_ofb(void) -{ - return &camellia_128_ofb; -} -LCRYPTO_ALIAS(EVP_camellia_128_ofb); - -static const EVP_CIPHER camellia_128_ecb = { - .nid = NID_camellia_128_ecb, - .block_size = 16, - .key_len = 16, - .iv_len = 0, - .flags = 0 | EVP_CIPH_ECB_MODE, - .init = camellia_init_key, - .do_cipher = camellia_128_ecb_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_CAMELLIA_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_camellia_128_ecb(void) -{ - return &camellia_128_ecb; -} -LCRYPTO_ALIAS(EVP_camellia_128_ecb); - -static int -camellia_192_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - while (inl >= EVP_MAXCHUNK) { - Camellia_cbc_encrypt(in, out, EVP_MAXCHUNK, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt); - inl -= EVP_MAXCHUNK; - in += EVP_MAXCHUNK; - out += EVP_MAXCHUNK; - } - - if (inl) - Camellia_cbc_encrypt(in, out, inl, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt); - - return 1; -} - -static int -camellia_192_cfb128_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t chunk = EVP_MAXCHUNK; - - if (inl < chunk) - chunk = inl; - - while (inl && inl >= chunk) { - Camellia_cfb128_encrypt(in, out, chunk, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt); - inl -= chunk; - in += chunk; - out += chunk; - if (inl < chunk) - chunk = inl; - } - - return 1; -} - -static int -camellia_192_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t i, bl; - - bl = ctx->cipher->block_size; - - if (inl < bl) - return 1; - - inl -= bl; - - for (i = 0; i <= inl; i += bl) - Camellia_ecb_encrypt(in + i, out + i, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->encrypt); - - return 1; -} - -static int -camellia_192_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - while (inl >= EVP_MAXCHUNK) { - Camellia_ofb128_encrypt(in, out, EVP_MAXCHUNK, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num); - inl -= EVP_MAXCHUNK; - in += EVP_MAXCHUNK; - out += EVP_MAXCHUNK; - } - - if (inl) - Camellia_ofb128_encrypt(in, out, inl, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num); - - return 1; -} - -static const EVP_CIPHER camellia_192_cbc = { - .nid = NID_camellia_192_cbc, - .block_size = 16, - .key_len = 24, - .iv_len = 16, - .flags = 0 | EVP_CIPH_CBC_MODE, - .init = camellia_init_key, - .do_cipher = camellia_192_cbc_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_CAMELLIA_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_camellia_192_cbc(void) -{ - return &camellia_192_cbc; -} -LCRYPTO_ALIAS(EVP_camellia_192_cbc); - -static const EVP_CIPHER camellia_192_cfb128 = { - .nid = NID_camellia_192_cfb128, - .block_size = 1, - .key_len = 24, - .iv_len = 16, - .flags = 0 | EVP_CIPH_CFB_MODE, - .init = camellia_init_key, - .do_cipher = camellia_192_cfb128_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_CAMELLIA_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_camellia_192_cfb128(void) -{ - return &camellia_192_cfb128; -} -LCRYPTO_ALIAS(EVP_camellia_192_cfb128); - -static const EVP_CIPHER camellia_192_ofb = { - .nid = NID_camellia_192_ofb128, - .block_size = 1, - .key_len = 24, - .iv_len = 16, - .flags = 0 | EVP_CIPH_OFB_MODE, - .init = camellia_init_key, - .do_cipher = camellia_192_ofb_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_CAMELLIA_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_camellia_192_ofb(void) -{ - return &camellia_192_ofb; -} -LCRYPTO_ALIAS(EVP_camellia_192_ofb); - -static const EVP_CIPHER camellia_192_ecb = { - .nid = NID_camellia_192_ecb, - .block_size = 16, - .key_len = 24, - .iv_len = 0, - .flags = 0 | EVP_CIPH_ECB_MODE, - .init = camellia_init_key, - .do_cipher = camellia_192_ecb_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_CAMELLIA_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_camellia_192_ecb(void) -{ - return &camellia_192_ecb; -} -LCRYPTO_ALIAS(EVP_camellia_192_ecb); - -static int -camellia_256_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - while (inl >= EVP_MAXCHUNK) { - Camellia_cbc_encrypt(in, out, EVP_MAXCHUNK, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt); - inl -= EVP_MAXCHUNK; - in += EVP_MAXCHUNK; - out += EVP_MAXCHUNK; - } - - if (inl) - Camellia_cbc_encrypt(in, out, inl, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt); - - return 1; -} - -static int -camellia_256_cfb128_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t chunk = EVP_MAXCHUNK; - - if (inl < chunk) - chunk = inl; - - while (inl && inl >= chunk) { - Camellia_cfb128_encrypt(in, out, chunk, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt); - inl -= chunk; - in += chunk; - out += chunk; - if (inl < chunk) - chunk = inl; - } - - return 1; -} - -static int -camellia_256_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t i, bl; - - bl = ctx->cipher->block_size; - - if (inl < bl) - return 1; - - inl -= bl; - - for (i = 0; i <= inl; i += bl) - Camellia_ecb_encrypt(in + i, out + i, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->encrypt); - - return 1; -} - -static int -camellia_256_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - while (inl >= EVP_MAXCHUNK) { - Camellia_ofb128_encrypt(in, out, EVP_MAXCHUNK, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num); - inl -= EVP_MAXCHUNK; - in += EVP_MAXCHUNK; - out += EVP_MAXCHUNK; - } - - if (inl) - Camellia_ofb128_encrypt(in, out, inl, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num); - - return 1; -} - -static const EVP_CIPHER camellia_256_cbc = { - .nid = NID_camellia_256_cbc, - .block_size = 16, - .key_len = 32, - .iv_len = 16, - .flags = 0 | EVP_CIPH_CBC_MODE, - .init = camellia_init_key, - .do_cipher = camellia_256_cbc_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_CAMELLIA_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_camellia_256_cbc(void) -{ - return &camellia_256_cbc; -} -LCRYPTO_ALIAS(EVP_camellia_256_cbc); - -static const EVP_CIPHER camellia_256_cfb128 = { - .nid = NID_camellia_256_cfb128, - .block_size = 1, - .key_len = 32, - .iv_len = 16, - .flags = 0 | EVP_CIPH_CFB_MODE, - .init = camellia_init_key, - .do_cipher = camellia_256_cfb128_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_CAMELLIA_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_camellia_256_cfb128(void) -{ - return &camellia_256_cfb128; -} -LCRYPTO_ALIAS(EVP_camellia_256_cfb128); - -static const EVP_CIPHER camellia_256_ofb = { - .nid = NID_camellia_256_ofb128, - .block_size = 1, - .key_len = 32, - .iv_len = 16, - .flags = 0 | EVP_CIPH_OFB_MODE, - .init = camellia_init_key, - .do_cipher = camellia_256_ofb_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_CAMELLIA_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_camellia_256_ofb(void) -{ - return &camellia_256_ofb; -} -LCRYPTO_ALIAS(EVP_camellia_256_ofb); - -static const EVP_CIPHER camellia_256_ecb = { - .nid = NID_camellia_256_ecb, - .block_size = 16, - .key_len = 32, - .iv_len = 0, - .flags = 0 | EVP_CIPH_ECB_MODE, - .init = camellia_init_key, - .do_cipher = camellia_256_ecb_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_CAMELLIA_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_camellia_256_ecb(void) -{ - return &camellia_256_ecb; -} -LCRYPTO_ALIAS(EVP_camellia_256_ecb); - -static int -camellia_128_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t chunk = EVP_MAXCHUNK; - - chunk >>= 3; - - if (inl < chunk) - chunk = inl; - - while (inl && inl >= chunk) { - Camellia_cfb1_encrypt(in, out, ((1 == 1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ? chunk * 8 : chunk), &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt); - inl -= chunk; - in += chunk; - out += chunk; - if (inl < chunk) - chunk = inl; - } - - return 1; -} - -static const EVP_CIPHER camellia_128_cfb1 = { - .nid = NID_camellia_128_cfb1, - .block_size = 1, - .key_len = 128/8, - .iv_len = 16, - .flags = 0 | EVP_CIPH_CFB_MODE, - .init = camellia_init_key, - .do_cipher = camellia_128_cfb1_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_CAMELLIA_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_camellia_128_cfb1(void) -{ - return &camellia_128_cfb1; -} -LCRYPTO_ALIAS(EVP_camellia_128_cfb1); - -static int -camellia_192_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t chunk = EVP_MAXCHUNK; - - chunk >>= 3; - - if (inl < chunk) - chunk = inl; - - while (inl && inl >= chunk) { - Camellia_cfb1_encrypt(in, out, ((1 == 1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ? chunk * 8 : chunk), &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt); - inl -= chunk; - in += chunk; - out += chunk; - if (inl < chunk) - chunk = inl; - } - - return 1; -} - -static const EVP_CIPHER camellia_192_cfb1 = { - .nid = NID_camellia_192_cfb1, - .block_size = 1, - .key_len = 192/8, - .iv_len = 16, - .flags = 0 | EVP_CIPH_CFB_MODE, - .init = camellia_init_key, - .do_cipher = camellia_192_cfb1_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_CAMELLIA_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_camellia_192_cfb1(void) -{ - return &camellia_192_cfb1; -} -LCRYPTO_ALIAS(EVP_camellia_192_cfb1); - -static int -camellia_256_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t chunk = EVP_MAXCHUNK; - - chunk >>= 3; - - if (inl < chunk) - chunk = inl; - - while (inl && inl >= chunk) { - Camellia_cfb1_encrypt(in, out, ((1 == 1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ? chunk * 8 : chunk), &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt); - inl -= chunk; - in += chunk; - out += chunk; - if (inl < chunk) - chunk = inl; - } - - return 1; -} - -static const EVP_CIPHER camellia_256_cfb1 = { - .nid = NID_camellia_256_cfb1, - .block_size = 1, - .key_len = 256/8, - .iv_len = 16, - .flags = 0 | EVP_CIPH_CFB_MODE, - .init = camellia_init_key, - .do_cipher = camellia_256_cfb1_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_CAMELLIA_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_camellia_256_cfb1(void) -{ - return &camellia_256_cfb1; -} -LCRYPTO_ALIAS(EVP_camellia_256_cfb1); - - -static int -camellia_128_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t chunk = EVP_MAXCHUNK; - - if (inl < chunk) - chunk = inl; - - while (inl && inl >= chunk) { - Camellia_cfb8_encrypt(in, out, chunk, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt); - inl -= chunk; - in += chunk; - out += chunk; - if (inl < chunk) - chunk = inl; - } - - return 1; -} - -static const EVP_CIPHER camellia_128_cfb8 = { - .nid = NID_camellia_128_cfb8, - .block_size = 1, - .key_len = 128/8, - .iv_len = 16, - .flags = 0 | EVP_CIPH_CFB_MODE, - .init = camellia_init_key, - .do_cipher = camellia_128_cfb8_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_CAMELLIA_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_camellia_128_cfb8(void) -{ - return &camellia_128_cfb8; -} -LCRYPTO_ALIAS(EVP_camellia_128_cfb8); - -static int -camellia_192_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t chunk = EVP_MAXCHUNK; - - if (inl < chunk) - chunk = inl; - - while (inl && inl >= chunk) { - Camellia_cfb8_encrypt(in, out, chunk, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt); - inl -= chunk; - in += chunk; - out += chunk; - if (inl < chunk) - chunk = inl; - } - - return 1; -} - -static const EVP_CIPHER camellia_192_cfb8 = { - .nid = NID_camellia_192_cfb8, - .block_size = 1, - .key_len = 192/8, - .iv_len = 16, - .flags = 0 | EVP_CIPH_CFB_MODE, - .init = camellia_init_key, - .do_cipher = camellia_192_cfb8_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_CAMELLIA_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_camellia_192_cfb8(void) -{ - return &camellia_192_cfb8; -} -LCRYPTO_ALIAS(EVP_camellia_192_cfb8); - -static int -camellia_256_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t chunk = EVP_MAXCHUNK; - - if (inl < chunk) - chunk = inl; - - while (inl && inl >= chunk) { - Camellia_cfb8_encrypt(in, out, chunk, &((EVP_CAMELLIA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt); - inl -= chunk; - in += chunk; - out += chunk; - if (inl < chunk) - chunk = inl; - } - - return 1; -} - -static const EVP_CIPHER camellia_256_cfb8 = { - .nid = NID_camellia_256_cfb8, - .block_size = 1, - .key_len = 256/8, - .iv_len = 16, - .flags = 0 | EVP_CIPH_CFB_MODE, - .init = camellia_init_key, - .do_cipher = camellia_256_cfb8_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_CAMELLIA_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_camellia_256_cfb8(void) -{ - return &camellia_256_cfb8; -} -LCRYPTO_ALIAS(EVP_camellia_256_cfb8); -#endif diff --git a/src/lib/libcrypto/evp/e_cast.c b/src/lib/libcrypto/evp/e_cast.c deleted file mode 100644 index 1575a7a5bb..0000000000 --- a/src/lib/libcrypto/evp/e_cast.c +++ /dev/null @@ -1,247 +0,0 @@ -/* $OpenBSD: e_cast.c,v 1.18 2024/04/09 13:52:41 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include - -#ifndef OPENSSL_NO_CAST - -#include -#include -#include - -#include "evp_local.h" - -typedef struct { - CAST_KEY ks; -} EVP_CAST_KEY; - -#define data(ctx) ((EVP_CAST_KEY *)(ctx)->cipher_data) - -static int -cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - CAST_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx), key); - return 1; -} - -static int -cast5_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t chunk = LONG_MAX & ~0xff; - - while (inl >= chunk) { - CAST_cbc_encrypt(in, out, (long)chunk, &((EVP_CAST_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt); - inl -= chunk; - in += chunk; - out += chunk; - } - - if (inl) - CAST_cbc_encrypt(in, out, (long)inl, &((EVP_CAST_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt); - - return 1; -} - -static int -cast5_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t chunk = LONG_MAX & ~0xff; - - if (inl < chunk) - chunk = inl; - - while (inl && inl >= chunk) { - CAST_cfb64_encrypt(in, out, (long)chunk, &((EVP_CAST_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt); - inl -= chunk; - in += chunk; - out += chunk; - if (inl < chunk) - chunk = inl; - } - - return 1; -} - -static int -cast5_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t i, bl; - - bl = ctx->cipher->block_size; - - if (inl < bl) - return 1; - - inl -= bl; - - for (i = 0; i <= inl; i += bl) - CAST_ecb_encrypt(in + i, out + i, &((EVP_CAST_KEY *)ctx->cipher_data)->ks, ctx->encrypt); - - return 1; -} - -static int -cast5_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t chunk = LONG_MAX & ~0xff; - - while (inl >= chunk) { - CAST_ofb64_encrypt(in, out, (long)chunk, &((EVP_CAST_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num); - inl -= chunk; - in += chunk; - out += chunk; - } - - if (inl) - CAST_ofb64_encrypt(in, out, (long)inl, &((EVP_CAST_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num); - - return 1; -} - -static const EVP_CIPHER cast5_cbc = { - .nid = NID_cast5_cbc, - .block_size = 8, - .key_len = CAST_KEY_LENGTH, - .iv_len = 8, - .flags = EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CBC_MODE, - .init = cast_init_key, - .do_cipher = cast5_cbc_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_CAST_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_cast5_cbc(void) -{ - return &cast5_cbc; -} -LCRYPTO_ALIAS(EVP_cast5_cbc); - -static const EVP_CIPHER cast5_cfb64 = { - .nid = NID_cast5_cfb64, - .block_size = 1, - .key_len = CAST_KEY_LENGTH, - .iv_len = 8, - .flags = EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CFB_MODE, - .init = cast_init_key, - .do_cipher = cast5_cfb64_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_CAST_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_cast5_cfb64(void) -{ - return &cast5_cfb64; -} -LCRYPTO_ALIAS(EVP_cast5_cfb64); - -static const EVP_CIPHER cast5_ofb = { - .nid = NID_cast5_ofb64, - .block_size = 1, - .key_len = CAST_KEY_LENGTH, - .iv_len = 8, - .flags = EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_OFB_MODE, - .init = cast_init_key, - .do_cipher = cast5_ofb_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_CAST_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_cast5_ofb(void) -{ - return &cast5_ofb; -} -LCRYPTO_ALIAS(EVP_cast5_ofb); - -static const EVP_CIPHER cast5_ecb = { - .nid = NID_cast5_ecb, - .block_size = 8, - .key_len = CAST_KEY_LENGTH, - .iv_len = 0, - .flags = EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ECB_MODE, - .init = cast_init_key, - .do_cipher = cast5_ecb_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_CAST_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_cast5_ecb(void) -{ - return &cast5_ecb; -} -LCRYPTO_ALIAS(EVP_cast5_ecb); -#endif diff --git a/src/lib/libcrypto/evp/e_chacha.c b/src/lib/libcrypto/evp/e_chacha.c deleted file mode 100644 index 4c801b3920..0000000000 --- a/src/lib/libcrypto/evp/e_chacha.c +++ /dev/null @@ -1,77 +0,0 @@ -/* $OpenBSD: e_chacha.c,v 1.14 2024/04/09 13:52:41 beck Exp $ */ -/* - * Copyright (c) 2014 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#ifndef OPENSSL_NO_CHACHA - -#include -#include -#include - -#include "evp_local.h" - -static int -chacha_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *openssl_iv, int enc) -{ - if (key != NULL) - ChaCha_set_key((ChaCha_ctx *)ctx->cipher_data, key, - EVP_CIPHER_CTX_key_length(ctx) * 8); - if (openssl_iv != NULL) { - const unsigned char *iv = openssl_iv + 8; - const unsigned char *counter = openssl_iv; - - ChaCha_set_iv((ChaCha_ctx *)ctx->cipher_data, iv, counter); - } - return 1; -} - -static int -chacha_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, - size_t len) -{ - ChaCha((ChaCha_ctx *)ctx->cipher_data, out, in, len); - return 1; -} - -static const EVP_CIPHER chacha20_cipher = { - .nid = NID_chacha20, - .block_size = 1, - .key_len = 32, - /* - * The 16-byte EVP IV is split into 4 little-endian 4-byte words - * evpiv[15:12] evpiv[11:8] evpiv[7:4] evpiv[3:0] - * iv[1] iv[0] counter[1] counter[0] - * and passed as iv[] and counter[] to ChaCha_set_iv(). - */ - .iv_len = 16, - .flags = EVP_CIPH_STREAM_CIPHER | EVP_CIPH_ALWAYS_CALL_INIT | - EVP_CIPH_CUSTOM_IV, - .init = chacha_init, - .do_cipher = chacha_cipher, - .ctx_size = sizeof(ChaCha_ctx) -}; - -const EVP_CIPHER * -EVP_chacha20(void) -{ - return (&chacha20_cipher); -} -LCRYPTO_ALIAS(EVP_chacha20); - -#endif diff --git a/src/lib/libcrypto/evp/e_chacha20poly1305.c b/src/lib/libcrypto/evp/e_chacha20poly1305.c deleted file mode 100644 index d176569f90..0000000000 --- a/src/lib/libcrypto/evp/e_chacha20poly1305.c +++ /dev/null @@ -1,621 +0,0 @@ -/* $OpenBSD: e_chacha20poly1305.c,v 1.37 2024/12/20 20:05:29 schwarze Exp $ */ - -/* - * Copyright (c) 2022 Joel Sing - * Copyright (c) 2015 Reyk Floter - * Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include -#include - -#include - -#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) - -#include -#include -#include -#include - -#include "bytestring.h" -#include "evp_local.h" - -#define POLY1305_TAG_LEN 16 - -#define CHACHA20_CONSTANT_LEN 4 -#define CHACHA20_IV_LEN 8 -#define CHACHA20_NONCE_LEN (CHACHA20_CONSTANT_LEN + CHACHA20_IV_LEN) -#define XCHACHA20_NONCE_LEN 24 - -struct aead_chacha20_poly1305_ctx { - unsigned char key[32]; - unsigned char tag_len; -}; - -static int -aead_chacha20_poly1305_init(EVP_AEAD_CTX *ctx, const unsigned char *key, - size_t key_len, size_t tag_len) -{ - struct aead_chacha20_poly1305_ctx *c20_ctx; - - if (tag_len == 0) - tag_len = POLY1305_TAG_LEN; - - if (tag_len > POLY1305_TAG_LEN) { - EVPerror(EVP_R_TOO_LARGE); - return 0; - } - - /* Internal error - EVP_AEAD_CTX_init should catch this. */ - if (key_len != sizeof(c20_ctx->key)) - return 0; - - c20_ctx = malloc(sizeof(struct aead_chacha20_poly1305_ctx)); - if (c20_ctx == NULL) - return 0; - - memcpy(&c20_ctx->key[0], key, key_len); - c20_ctx->tag_len = tag_len; - ctx->aead_state = c20_ctx; - - return 1; -} - -static void -aead_chacha20_poly1305_cleanup(EVP_AEAD_CTX *ctx) -{ - struct aead_chacha20_poly1305_ctx *c20_ctx = ctx->aead_state; - - freezero(c20_ctx, sizeof(*c20_ctx)); -} - -static void -poly1305_update_with_length(poly1305_state *poly1305, - const unsigned char *data, size_t data_len) -{ - size_t j = data_len; - unsigned char length_bytes[8]; - unsigned i; - - for (i = 0; i < sizeof(length_bytes); i++) { - length_bytes[i] = j; - j >>= 8; - } - - if (data != NULL) - CRYPTO_poly1305_update(poly1305, data, data_len); - CRYPTO_poly1305_update(poly1305, length_bytes, sizeof(length_bytes)); -} - -static void -poly1305_pad16(poly1305_state *poly1305, size_t data_len) -{ - static const unsigned char zero_pad16[16]; - size_t pad_len; - - /* pad16() is defined in RFC 8439 2.8.1. */ - if ((pad_len = data_len % 16) == 0) - return; - - CRYPTO_poly1305_update(poly1305, zero_pad16, 16 - pad_len); -} - -static void -poly1305_update_with_pad16(poly1305_state *poly1305, - const unsigned char *data, size_t data_len) -{ - CRYPTO_poly1305_update(poly1305, data, data_len); - poly1305_pad16(poly1305, data_len); -} - -static int -aead_chacha20_poly1305_seal(const EVP_AEAD_CTX *ctx, unsigned char *out, - size_t *out_len, size_t max_out_len, const unsigned char *nonce, - size_t nonce_len, const unsigned char *in, size_t in_len, - const unsigned char *ad, size_t ad_len) -{ - const struct aead_chacha20_poly1305_ctx *c20_ctx = ctx->aead_state; - unsigned char poly1305_key[32]; - poly1305_state poly1305; - const unsigned char *iv; - uint64_t ctr; - - if (max_out_len < in_len + c20_ctx->tag_len) { - EVPerror(EVP_R_BUFFER_TOO_SMALL); - return 0; - } - - if (nonce_len != ctx->aead->nonce_len) { - EVPerror(EVP_R_IV_TOO_LARGE); - return 0; - } - - ctr = (uint64_t)((uint32_t)(nonce[0]) | (uint32_t)(nonce[1]) << 8 | - (uint32_t)(nonce[2]) << 16 | (uint32_t)(nonce[3]) << 24) << 32; - iv = nonce + CHACHA20_CONSTANT_LEN; - - memset(poly1305_key, 0, sizeof(poly1305_key)); - CRYPTO_chacha_20(poly1305_key, poly1305_key, - sizeof(poly1305_key), c20_ctx->key, iv, ctr); - - CRYPTO_poly1305_init(&poly1305, poly1305_key); - poly1305_update_with_pad16(&poly1305, ad, ad_len); - CRYPTO_chacha_20(out, in, in_len, c20_ctx->key, iv, ctr + 1); - poly1305_update_with_pad16(&poly1305, out, in_len); - poly1305_update_with_length(&poly1305, NULL, ad_len); - poly1305_update_with_length(&poly1305, NULL, in_len); - - if (c20_ctx->tag_len != POLY1305_TAG_LEN) { - unsigned char tag[POLY1305_TAG_LEN]; - CRYPTO_poly1305_finish(&poly1305, tag); - memcpy(out + in_len, tag, c20_ctx->tag_len); - *out_len = in_len + c20_ctx->tag_len; - return 1; - } - - CRYPTO_poly1305_finish(&poly1305, out + in_len); - *out_len = in_len + POLY1305_TAG_LEN; - return 1; -} - -static int -aead_chacha20_poly1305_open(const EVP_AEAD_CTX *ctx, unsigned char *out, - size_t *out_len, size_t max_out_len, const unsigned char *nonce, - size_t nonce_len, const unsigned char *in, size_t in_len, - const unsigned char *ad, size_t ad_len) -{ - const struct aead_chacha20_poly1305_ctx *c20_ctx = ctx->aead_state; - unsigned char mac[POLY1305_TAG_LEN]; - unsigned char poly1305_key[32]; - const unsigned char *iv = nonce; - poly1305_state poly1305; - size_t plaintext_len; - uint64_t ctr = 0; - - if (in_len < c20_ctx->tag_len) { - EVPerror(EVP_R_BAD_DECRYPT); - return 0; - } - - if (nonce_len != ctx->aead->nonce_len) { - EVPerror(EVP_R_IV_TOO_LARGE); - return 0; - } - - plaintext_len = in_len - c20_ctx->tag_len; - - if (max_out_len < plaintext_len) { - EVPerror(EVP_R_BUFFER_TOO_SMALL); - return 0; - } - - ctr = (uint64_t)((uint32_t)(nonce[0]) | (uint32_t)(nonce[1]) << 8 | - (uint32_t)(nonce[2]) << 16 | (uint32_t)(nonce[3]) << 24) << 32; - iv = nonce + CHACHA20_CONSTANT_LEN; - - memset(poly1305_key, 0, sizeof(poly1305_key)); - CRYPTO_chacha_20(poly1305_key, poly1305_key, - sizeof(poly1305_key), c20_ctx->key, iv, ctr); - - CRYPTO_poly1305_init(&poly1305, poly1305_key); - poly1305_update_with_pad16(&poly1305, ad, ad_len); - poly1305_update_with_pad16(&poly1305, in, plaintext_len); - poly1305_update_with_length(&poly1305, NULL, ad_len); - poly1305_update_with_length(&poly1305, NULL, plaintext_len); - - CRYPTO_poly1305_finish(&poly1305, mac); - - if (timingsafe_memcmp(mac, in + plaintext_len, c20_ctx->tag_len) != 0) { - EVPerror(EVP_R_BAD_DECRYPT); - return 0; - } - - CRYPTO_chacha_20(out, in, plaintext_len, c20_ctx->key, iv, ctr + 1); - *out_len = plaintext_len; - return 1; -} - -static int -aead_xchacha20_poly1305_seal(const EVP_AEAD_CTX *ctx, unsigned char *out, - size_t *out_len, size_t max_out_len, const unsigned char *nonce, - size_t nonce_len, const unsigned char *in, size_t in_len, - const unsigned char *ad, size_t ad_len) -{ - const struct aead_chacha20_poly1305_ctx *c20_ctx = ctx->aead_state; - unsigned char poly1305_key[32]; - unsigned char subkey[32]; - poly1305_state poly1305; - - if (max_out_len < in_len + c20_ctx->tag_len) { - EVPerror(EVP_R_BUFFER_TOO_SMALL); - return 0; - } - - if (nonce_len != ctx->aead->nonce_len) { - EVPerror(EVP_R_IV_TOO_LARGE); - return 0; - } - - CRYPTO_hchacha_20(subkey, c20_ctx->key, nonce); - - CRYPTO_chacha_20(out, in, in_len, subkey, nonce + 16, 1); - - memset(poly1305_key, 0, sizeof(poly1305_key)); - CRYPTO_chacha_20(poly1305_key, poly1305_key, sizeof(poly1305_key), - subkey, nonce + 16, 0); - - CRYPTO_poly1305_init(&poly1305, poly1305_key); - poly1305_update_with_pad16(&poly1305, ad, ad_len); - poly1305_update_with_pad16(&poly1305, out, in_len); - poly1305_update_with_length(&poly1305, NULL, ad_len); - poly1305_update_with_length(&poly1305, NULL, in_len); - - if (c20_ctx->tag_len != POLY1305_TAG_LEN) { - unsigned char tag[POLY1305_TAG_LEN]; - CRYPTO_poly1305_finish(&poly1305, tag); - memcpy(out + in_len, tag, c20_ctx->tag_len); - *out_len = in_len + c20_ctx->tag_len; - return 1; - } - - CRYPTO_poly1305_finish(&poly1305, out + in_len); - *out_len = in_len + POLY1305_TAG_LEN; - return 1; -} - -static int -aead_xchacha20_poly1305_open(const EVP_AEAD_CTX *ctx, unsigned char *out, - size_t *out_len, size_t max_out_len, const unsigned char *nonce, - size_t nonce_len, const unsigned char *in, size_t in_len, - const unsigned char *ad, size_t ad_len) -{ - const struct aead_chacha20_poly1305_ctx *c20_ctx = ctx->aead_state; - unsigned char mac[POLY1305_TAG_LEN]; - unsigned char poly1305_key[32]; - unsigned char subkey[32]; - poly1305_state poly1305; - size_t plaintext_len; - - if (in_len < c20_ctx->tag_len) { - EVPerror(EVP_R_BAD_DECRYPT); - return 0; - } - - if (nonce_len != ctx->aead->nonce_len) { - EVPerror(EVP_R_IV_TOO_LARGE); - return 0; - } - - plaintext_len = in_len - c20_ctx->tag_len; - - if (max_out_len < plaintext_len) { - EVPerror(EVP_R_BUFFER_TOO_SMALL); - return 0; - } - - CRYPTO_hchacha_20(subkey, c20_ctx->key, nonce); - - memset(poly1305_key, 0, sizeof(poly1305_key)); - CRYPTO_chacha_20(poly1305_key, poly1305_key, sizeof(poly1305_key), - subkey, nonce + 16, 0); - - CRYPTO_poly1305_init(&poly1305, poly1305_key); - poly1305_update_with_pad16(&poly1305, ad, ad_len); - poly1305_update_with_pad16(&poly1305, in, plaintext_len); - poly1305_update_with_length(&poly1305, NULL, ad_len); - poly1305_update_with_length(&poly1305, NULL, plaintext_len); - - CRYPTO_poly1305_finish(&poly1305, mac); - if (timingsafe_memcmp(mac, in + plaintext_len, c20_ctx->tag_len) != 0) { - EVPerror(EVP_R_BAD_DECRYPT); - return 0; - } - - CRYPTO_chacha_20(out, in, plaintext_len, subkey, nonce + 16, 1); - - *out_len = plaintext_len; - return 1; -} - -/* RFC 8439 */ -static const EVP_AEAD aead_chacha20_poly1305 = { - .key_len = 32, - .nonce_len = CHACHA20_NONCE_LEN, - .overhead = POLY1305_TAG_LEN, - .max_tag_len = POLY1305_TAG_LEN, - - .init = aead_chacha20_poly1305_init, - .cleanup = aead_chacha20_poly1305_cleanup, - .seal = aead_chacha20_poly1305_seal, - .open = aead_chacha20_poly1305_open, -}; - -const EVP_AEAD * -EVP_aead_chacha20_poly1305(void) -{ - return &aead_chacha20_poly1305; -} -LCRYPTO_ALIAS(EVP_aead_chacha20_poly1305); - -static const EVP_AEAD aead_xchacha20_poly1305 = { - .key_len = 32, - .nonce_len = XCHACHA20_NONCE_LEN, - .overhead = POLY1305_TAG_LEN, - .max_tag_len = POLY1305_TAG_LEN, - - .init = aead_chacha20_poly1305_init, - .cleanup = aead_chacha20_poly1305_cleanup, - .seal = aead_xchacha20_poly1305_seal, - .open = aead_xchacha20_poly1305_open, -}; - -const EVP_AEAD * -EVP_aead_xchacha20_poly1305(void) -{ - return &aead_xchacha20_poly1305; -} -LCRYPTO_ALIAS(EVP_aead_xchacha20_poly1305); - -struct chacha20_poly1305_ctx { - ChaCha_ctx chacha; - poly1305_state poly1305; - - unsigned char key[32]; - unsigned char nonce[CHACHA20_NONCE_LEN]; - size_t nonce_len; - unsigned char tag[POLY1305_TAG_LEN]; - size_t tag_len; - - size_t ad_len; - size_t in_len; - - int in_ad; - int started; -}; - -static int -chacha20_poly1305_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int encrypt) -{ - struct chacha20_poly1305_ctx *cpx = ctx->cipher_data; - uint8_t *data; - CBB cbb; - int ret = 0; - - memset(&cbb, 0, sizeof(cbb)); - - if (key == NULL && iv == NULL) - goto done; - - cpx->started = 0; - - if (key != NULL) - memcpy(cpx->key, key, sizeof(cpx->key)); - - if (iv != NULL) { - /* - * Left zero pad if configured nonce length is less than ChaCha - * nonce length. - */ - if (!CBB_init_fixed(&cbb, cpx->nonce, sizeof(cpx->nonce))) - goto err; - if (!CBB_add_space(&cbb, &data, sizeof(cpx->nonce) - cpx->nonce_len)) - goto err; - if (!CBB_add_bytes(&cbb, iv, cpx->nonce_len)) - goto err; - if (!CBB_finish(&cbb, NULL, NULL)) - goto err; - } - - done: - ret = 1; - - err: - CBB_cleanup(&cbb); - - return ret; -} - -static int -chacha20_poly1305_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - struct chacha20_poly1305_ctx *cpx = ctx->cipher_data; - - /* - * Since we're making AEAD work within the constraints of EVP_CIPHER... - * If in is non-NULL then this is an update, while if in is NULL then - * this is a final. If in is non-NULL but out is NULL, then the input - * being provided is associated data. Plus we have to handle encryption - * (sealing) and decryption (opening) in the same function. - */ - - if (!cpx->started) { - unsigned char poly1305_key[32]; - const unsigned char *iv; - uint64_t ctr; - - ctr = (uint64_t)((uint32_t)(cpx->nonce[0]) | - (uint32_t)(cpx->nonce[1]) << 8 | - (uint32_t)(cpx->nonce[2]) << 16 | - (uint32_t)(cpx->nonce[3]) << 24) << 32; - iv = cpx->nonce + CHACHA20_CONSTANT_LEN; - - ChaCha_set_key(&cpx->chacha, cpx->key, 8 * sizeof(cpx->key)); - ChaCha_set_iv(&cpx->chacha, iv, NULL); - - /* See chacha.c for details re handling of counter. */ - cpx->chacha.input[12] = (uint32_t)ctr; - cpx->chacha.input[13] = (uint32_t)(ctr >> 32); - - memset(poly1305_key, 0, sizeof(poly1305_key)); - ChaCha(&cpx->chacha, poly1305_key, poly1305_key, - sizeof(poly1305_key)); - CRYPTO_poly1305_init(&cpx->poly1305, poly1305_key); - - /* Mark remaining key block as used. */ - cpx->chacha.unused = 0; - - cpx->ad_len = 0; - cpx->in_len = 0; - cpx->in_ad = 0; - - cpx->started = 1; - } - - if (len > SIZE_MAX - cpx->in_len) { - EVPerror(EVP_R_TOO_LARGE); - return -1; - } - - /* Disallow authenticated data after plaintext/ciphertext. */ - if (cpx->in_len > 0 && in != NULL && out == NULL) - return -1; - - if (cpx->in_ad && (in == NULL || out != NULL)) { - poly1305_pad16(&cpx->poly1305, cpx->ad_len); - cpx->in_ad = 0; - } - - /* Update with AD or plaintext/ciphertext. */ - if (in != NULL) { - if (!ctx->encrypt || out == NULL) - CRYPTO_poly1305_update(&cpx->poly1305, in, len); - if (out == NULL) { - cpx->ad_len += len; - cpx->in_ad = 1; - } else { - ChaCha(&cpx->chacha, out, in, len); - cpx->in_len += len; - } - if (ctx->encrypt && out != NULL) - CRYPTO_poly1305_update(&cpx->poly1305, out, len); - - return len; - } - - /* Final. */ - poly1305_pad16(&cpx->poly1305, cpx->in_len); - poly1305_update_with_length(&cpx->poly1305, NULL, cpx->ad_len); - poly1305_update_with_length(&cpx->poly1305, NULL, cpx->in_len); - - if (ctx->encrypt) { - CRYPTO_poly1305_finish(&cpx->poly1305, cpx->tag); - cpx->tag_len = sizeof(cpx->tag); - } else { - unsigned char tag[POLY1305_TAG_LEN]; - - /* Ensure that a tag has been provided. */ - if (cpx->tag_len <= 0) - return -1; - - CRYPTO_poly1305_finish(&cpx->poly1305, tag); - if (timingsafe_memcmp(tag, cpx->tag, cpx->tag_len) != 0) - return -1; - } - - cpx->started = 0; - - return len; -} - -static int -chacha20_poly1305_cleanup(EVP_CIPHER_CTX *ctx) -{ - struct chacha20_poly1305_ctx *cpx = ctx->cipher_data; - - explicit_bzero(cpx, sizeof(*cpx)); - - return 1; -} - -static int -chacha20_poly1305_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) -{ - struct chacha20_poly1305_ctx *cpx = ctx->cipher_data; - - switch (type) { - case EVP_CTRL_INIT: - memset(cpx, 0, sizeof(*cpx)); - cpx->nonce_len = sizeof(cpx->nonce); - return 1; - - case EVP_CTRL_AEAD_GET_IVLEN: - if (cpx->nonce_len > INT_MAX) - return 0; - *(int *)ptr = (int)cpx->nonce_len; - return 1; - - case EVP_CTRL_AEAD_SET_IVLEN: - if (arg <= 0 || arg > sizeof(cpx->nonce)) - return 0; - cpx->nonce_len = arg; - return 1; - - case EVP_CTRL_AEAD_SET_TAG: - if (ctx->encrypt) - return 0; - if (arg <= 0 || arg > sizeof(cpx->tag)) - return 0; - if (ptr != NULL) { - memcpy(cpx->tag, ptr, arg); - cpx->tag_len = arg; - } - return 1; - - case EVP_CTRL_AEAD_GET_TAG: - if (!ctx->encrypt) - return 0; - if (arg <= 0 || arg > cpx->tag_len) - return 0; - memcpy(ptr, cpx->tag, arg); - return 1; - - case EVP_CTRL_AEAD_SET_IV_FIXED: - if (arg != sizeof(cpx->nonce)) - return 0; - memcpy(cpx->nonce, ptr, arg); - return 1; - } - - return -1; -} - -static const EVP_CIPHER cipher_chacha20_poly1305 = { - .nid = NID_chacha20_poly1305, - .block_size = 1, - .key_len = 32, - .iv_len = 12, - .flags = EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT | - EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_IV_LENGTH | - EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_CUSTOM_CIPHER | - EVP_CIPH_FLAG_DEFAULT_ASN1, - .init = chacha20_poly1305_init, - .do_cipher = chacha20_poly1305_cipher, - .cleanup = chacha20_poly1305_cleanup, - .ctx_size = sizeof(struct chacha20_poly1305_ctx), - .ctrl = chacha20_poly1305_ctrl, -}; - -const EVP_CIPHER * -EVP_chacha20_poly1305(void) -{ - return &cipher_chacha20_poly1305; -} -LCRYPTO_ALIAS(EVP_chacha20_poly1305); - -#endif /* !OPENSSL_NO_CHACHA && !OPENSSL_NO_POLY1305 */ diff --git a/src/lib/libcrypto/evp/e_des.c b/src/lib/libcrypto/evp/e_des.c deleted file mode 100644 index fb335e95b1..0000000000 --- a/src/lib/libcrypto/evp/e_des.c +++ /dev/null @@ -1,355 +0,0 @@ -/* $OpenBSD: e_des.c,v 1.24 2024/04/09 13:52:41 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include - -#ifndef OPENSSL_NO_DES - -#include -#include -#include - -#include "evp_local.h" - -static int -des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - DES_cblock *deskey = (DES_cblock *)key; - - DES_set_key_unchecked(deskey, ctx->cipher_data); - return 1; -} - -static int -des_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) -{ - switch (type) { - case EVP_CTRL_RAND_KEY: - if (DES_random_key((DES_cblock *)ptr) == 0) - return 0; - return 1; - - default: - return -1; - } -} - -static int -des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - size_t i, bl; - - bl = ctx->cipher->block_size; - - if (inl < bl) - return 1; - - inl -= bl; - - for (i = 0; i <= inl; i += bl) - DES_ecb_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i), - ctx->cipher_data, ctx->encrypt); - - return 1; -} - -static int -des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - size_t chunk = LONG_MAX & ~0xff; - - while (inl >= chunk) { - DES_ofb64_encrypt(in, out, (long)chunk, ctx->cipher_data, - (DES_cblock *)ctx->iv, &ctx->num); - inl -= chunk; - in += chunk; - out += chunk; - } - if (inl) - DES_ofb64_encrypt(in, out, (long)inl, ctx->cipher_data, - (DES_cblock *)ctx->iv, &ctx->num); - return 1; -} - -static int -des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - size_t chunk = LONG_MAX & ~0xff; - - while (inl >= chunk) { - DES_ncbc_encrypt(in, out, (long)chunk, ctx->cipher_data, - (DES_cblock *)ctx->iv, ctx->encrypt); - inl -= chunk; - in += chunk; - out += chunk; - } - if (inl) - DES_ncbc_encrypt(in, out, (long)inl, ctx->cipher_data, - (DES_cblock *)ctx->iv, ctx->encrypt); - return 1; -} - -static int -des_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - size_t chunk = LONG_MAX & ~0xff; - - while (inl >= chunk) { - DES_cfb64_encrypt(in, out, (long)chunk, ctx->cipher_data, - (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt); - inl -= chunk; - in += chunk; - out += chunk; - } - if (inl) - DES_cfb64_encrypt(in, out, (long)inl, ctx->cipher_data, - (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt); - return 1; -} - -/* Although we have a CFB-r implementation for DES, it doesn't pack the right - way, so wrap it here */ -static int -des_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - unsigned char c[1], d[1]; - size_t chunk = LONG_MAX / 8; - size_t n; - - if (inl < chunk) - chunk = inl; - - while (inl && inl >= chunk) { - for (n = 0; n < chunk*8; ++n) { - c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0; - DES_cfb_encrypt(c, d, 1, 1, ctx->cipher_data, - (DES_cblock *)ctx->iv, ctx->encrypt); - out[n / 8] = (out[n / 8] & - ~(0x80 >> (unsigned int)(n % 8))) | - ((d[0] & 0x80) >> (unsigned int)(n % 8)); - } - inl -= chunk; - in += chunk; - out += chunk; - if (inl < chunk) - chunk = inl; - } - - return 1; -} - -static int -des_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - size_t chunk = LONG_MAX & ~0xff; - - while (inl >= chunk) { - DES_cfb_encrypt(in, out, 8, (long)chunk, - ctx->cipher_data, (DES_cblock *)ctx->iv, ctx->encrypt); - inl -= chunk; - in += chunk; - out += chunk; - } - if (inl) - DES_cfb_encrypt(in, out, 8, (long)inl, ctx->cipher_data, - (DES_cblock *)ctx->iv, ctx->encrypt); - return 1; -} - -static const EVP_CIPHER des_cbc = { - .nid = NID_des_cbc, - .block_size = 8, - .key_len = 8, - .iv_len = 8, - .flags = EVP_CIPH_RAND_KEY | EVP_CIPH_CBC_MODE, - .init = des_init_key, - .do_cipher = des_cbc_cipher, - .cleanup = NULL, - .ctx_size = sizeof(DES_key_schedule), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = des_ctrl, -}; - -const EVP_CIPHER * -EVP_des_cbc(void) -{ - return &des_cbc; -} -LCRYPTO_ALIAS(EVP_des_cbc); - -static const EVP_CIPHER des_cfb64 = { - .nid = NID_des_cfb64, - .block_size = 1, - .key_len = 8, - .iv_len = 8, - .flags = EVP_CIPH_RAND_KEY | EVP_CIPH_CFB_MODE, - .init = des_init_key, - .do_cipher = des_cfb64_cipher, - .cleanup = NULL, - .ctx_size = sizeof(DES_key_schedule), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = des_ctrl, -}; - -const EVP_CIPHER * -EVP_des_cfb64(void) -{ - return &des_cfb64; -} -LCRYPTO_ALIAS(EVP_des_cfb64); - -static const EVP_CIPHER des_ofb = { - .nid = NID_des_ofb64, - .block_size = 1, - .key_len = 8, - .iv_len = 8, - .flags = EVP_CIPH_RAND_KEY | EVP_CIPH_OFB_MODE, - .init = des_init_key, - .do_cipher = des_ofb_cipher, - .cleanup = NULL, - .ctx_size = sizeof(DES_key_schedule), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = des_ctrl, -}; - -const EVP_CIPHER * -EVP_des_ofb(void) -{ - return &des_ofb; -} -LCRYPTO_ALIAS(EVP_des_ofb); - -static const EVP_CIPHER des_ecb = { - .nid = NID_des_ecb, - .block_size = 8, - .key_len = 8, - .iv_len = 0, - .flags = EVP_CIPH_RAND_KEY | EVP_CIPH_ECB_MODE, - .init = des_init_key, - .do_cipher = des_ecb_cipher, - .cleanup = NULL, - .ctx_size = sizeof(DES_key_schedule), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = des_ctrl, -}; - -const EVP_CIPHER * -EVP_des_ecb(void) -{ - return &des_ecb; -} -LCRYPTO_ALIAS(EVP_des_ecb); - -static const EVP_CIPHER des_cfb1 = { - .nid = NID_des_cfb1, - .block_size = 1, - .key_len = 8, - .iv_len = 8, - .flags = EVP_CIPH_RAND_KEY | EVP_CIPH_CFB_MODE, - .init = des_init_key, - .do_cipher = des_cfb1_cipher, - .cleanup = NULL, - .ctx_size = sizeof(DES_key_schedule), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = des_ctrl, -}; - -const EVP_CIPHER * -EVP_des_cfb1(void) -{ - return &des_cfb1; -} -LCRYPTO_ALIAS(EVP_des_cfb1); - -static const EVP_CIPHER des_cfb8 = { - .nid = NID_des_cfb8, - .block_size = 1, - .key_len = 8, - .iv_len = 8, - .flags = EVP_CIPH_RAND_KEY | EVP_CIPH_CFB_MODE, - .init = des_init_key, - .do_cipher = des_cfb8_cipher, - .cleanup = NULL, - .ctx_size = sizeof(DES_key_schedule), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = des_ctrl, -}; - -const EVP_CIPHER * -EVP_des_cfb8(void) -{ - return &des_cfb8; -} -LCRYPTO_ALIAS(EVP_des_cfb8); -#endif diff --git a/src/lib/libcrypto/evp/e_des3.c b/src/lib/libcrypto/evp/e_des3.c deleted file mode 100644 index 48fbcdb366..0000000000 --- a/src/lib/libcrypto/evp/e_des3.c +++ /dev/null @@ -1,497 +0,0 @@ -/* $OpenBSD: e_des3.c,v 1.30 2024/04/09 13:52:41 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include - -#ifndef OPENSSL_NO_DES - -#include -#include -#include - -#include "evp_local.h" - -typedef struct { - DES_key_schedule ks1;/* key schedule */ - DES_key_schedule ks2;/* key schedule (for ede) */ - DES_key_schedule ks3;/* key schedule (for ede3) */ -} DES_EDE_KEY; - -#define data(ctx) ((DES_EDE_KEY *)(ctx)->cipher_data) - -static int -des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - DES_cblock *deskey = (DES_cblock *)key; - - DES_set_key_unchecked(&deskey[0], &data(ctx)->ks1); - DES_set_key_unchecked(&deskey[1], &data(ctx)->ks2); - memcpy(&data(ctx)->ks3, &data(ctx)->ks1, - sizeof(data(ctx)->ks1)); - return 1; -} - -static int -des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - DES_cblock *deskey = (DES_cblock *)key; - - - DES_set_key_unchecked(&deskey[0], &data(ctx)->ks1); - DES_set_key_unchecked(&deskey[1], &data(ctx)->ks2); - DES_set_key_unchecked(&deskey[2], &data(ctx)->ks3); - return 1; -} - -static int -des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) -{ - DES_cblock *deskey = ptr; - - switch (type) { - case EVP_CTRL_RAND_KEY: - if (DES_random_key(deskey) == 0) - return 0; - if (c->key_len >= 16 && DES_random_key(deskey + 1) == 0) - return 0; - if (c->key_len >= 24 && DES_random_key(deskey + 2) == 0) - return 0; - return 1; - - default: - return -1; - } -} - -static int -des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - size_t i, bl; - - bl = ctx->cipher->block_size; - - if (inl < bl) - return 1; - - inl -= bl; - - for (i = 0; i <= inl; i += bl) - DES_ecb3_encrypt((const_DES_cblock *)(in + i), (DES_cblock *)(out + i), - &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, ctx->encrypt); - - return 1; -} - -static int -des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - size_t chunk = LONG_MAX & ~0xff; - - while (inl >= chunk) { - DES_ede3_ofb64_encrypt(in, out, (long)chunk, - &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, - (DES_cblock *)ctx->iv, &ctx->num); - inl -= chunk; - in += chunk; - out += chunk; - } - if (inl) - DES_ede3_ofb64_encrypt(in, out, (long)inl, - &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, - (DES_cblock *)ctx->iv, &ctx->num); - - return 1; -} - -static int -des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - size_t chunk = LONG_MAX & ~0xff; - - while (inl >= chunk) { - DES_ede3_cbc_encrypt(in, out, (long)chunk, - &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, - (DES_cblock *)ctx->iv, ctx->encrypt); - inl -= chunk; - in += chunk; - out += chunk; - } - if (inl) - DES_ede3_cbc_encrypt(in, out, (long)inl, - &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, - (DES_cblock *)ctx->iv, ctx->encrypt); - return 1; -} - -static int -des_ede_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - size_t chunk = LONG_MAX & ~0xff; - - while (inl >= chunk) { - DES_ede3_cfb64_encrypt(in, out, (long)chunk, - &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, - (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt); - inl -= chunk; - in += chunk; - out += chunk; - } - if (inl) - DES_ede3_cfb64_encrypt(in, out, (long)inl, - &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, - (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt); - return 1; -} - -/* Although we have a CFB-r implementation for 3-DES, it doesn't pack the right - way, so wrap it here */ -static int -des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - unsigned char c[1], d[1]; - size_t n; - - if (!(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS)) - inl *= 8; - - for (n = 0; n < inl; ++n) { - c[0] = (in[n/8]&(1 << (7 - n % 8))) ? 0x80 : 0; - DES_ede3_cfb_encrypt(c, d, 1, 1, - &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, - (DES_cblock *)ctx->iv, ctx->encrypt); - out[n / 8] = (out[n / 8] & ~(0x80 >> (unsigned int)(n % 8))) | - ((d[0] & 0x80) >> (unsigned int)(n % 8)); - } - - return 1; -} - -static int -des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - size_t chunk = LONG_MAX & ~0xff; - - while (inl >= chunk) { - DES_ede3_cfb_encrypt(in, out, 8, (long)chunk, - &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, - (DES_cblock *)ctx->iv, ctx->encrypt); - inl -= chunk; - in += chunk; - out += chunk; - } - if (inl) - DES_ede3_cfb_encrypt(in, out, 8, (long)inl, - &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, - (DES_cblock *)ctx->iv, ctx->encrypt); - return 1; -} - -static const EVP_CIPHER des_ede_cbc = { - .nid = NID_des_ede_cbc, - .block_size = 8, - .key_len = 16, - .iv_len = 8, - .flags = EVP_CIPH_RAND_KEY | EVP_CIPH_CBC_MODE, - .init = des_ede_init_key, - .do_cipher = des_ede_cbc_cipher, - .cleanup = NULL, - .ctx_size = sizeof(DES_EDE_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = des3_ctrl, -}; - -const EVP_CIPHER * -EVP_des_ede_cbc(void) -{ - return &des_ede_cbc; -} -LCRYPTO_ALIAS(EVP_des_ede_cbc); - -static const EVP_CIPHER des_ede_cfb64 = { - .nid = NID_des_ede_cfb64, - .block_size = 1, - .key_len = 16, - .iv_len = 8, - .flags = EVP_CIPH_RAND_KEY | EVP_CIPH_CFB_MODE, - .init = des_ede_init_key, - .do_cipher = des_ede_cfb64_cipher, - .cleanup = NULL, - .ctx_size = sizeof(DES_EDE_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = des3_ctrl, -}; - -const EVP_CIPHER * -EVP_des_ede_cfb64(void) -{ - return &des_ede_cfb64; -} -LCRYPTO_ALIAS(EVP_des_ede_cfb64); - -static const EVP_CIPHER des_ede_ofb = { - .nid = NID_des_ede_ofb64, - .block_size = 1, - .key_len = 16, - .iv_len = 8, - .flags = EVP_CIPH_RAND_KEY | EVP_CIPH_OFB_MODE, - .init = des_ede_init_key, - .do_cipher = des_ede_ofb_cipher, - .cleanup = NULL, - .ctx_size = sizeof(DES_EDE_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = des3_ctrl, -}; - -const EVP_CIPHER * -EVP_des_ede_ofb(void) -{ - return &des_ede_ofb; -} -LCRYPTO_ALIAS(EVP_des_ede_ofb); - -static const EVP_CIPHER des_ede_ecb = { - .nid = NID_des_ede_ecb, - .block_size = 8, - .key_len = 16, - .iv_len = 0, - .flags = EVP_CIPH_RAND_KEY | EVP_CIPH_ECB_MODE, - .init = des_ede_init_key, - .do_cipher = des_ede_ecb_cipher, - .cleanup = NULL, - .ctx_size = sizeof(DES_EDE_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = des3_ctrl, -}; - -const EVP_CIPHER * -EVP_des_ede_ecb(void) -{ - return &des_ede_ecb; -} -LCRYPTO_ALIAS(EVP_des_ede_ecb); - - -#define des_ede3_cfb64_cipher des_ede_cfb64_cipher -#define des_ede3_ofb_cipher des_ede_ofb_cipher -#define des_ede3_cbc_cipher des_ede_cbc_cipher -#define des_ede3_ecb_cipher des_ede_ecb_cipher - -static const EVP_CIPHER des_ede3_cbc = { - .nid = NID_des_ede3_cbc, - .block_size = 8, - .key_len = 24, - .iv_len = 8, - .flags = EVP_CIPH_RAND_KEY | EVP_CIPH_CBC_MODE, - .init = des_ede3_init_key, - .do_cipher = des_ede3_cbc_cipher, - .cleanup = NULL, - .ctx_size = sizeof(DES_EDE_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = des3_ctrl, -}; - -const EVP_CIPHER * -EVP_des_ede3_cbc(void) -{ - return &des_ede3_cbc; -} -LCRYPTO_ALIAS(EVP_des_ede3_cbc); - -static const EVP_CIPHER des_ede3_cfb64 = { - .nid = NID_des_ede3_cfb64, - .block_size = 1, - .key_len = 24, - .iv_len = 8, - .flags = EVP_CIPH_RAND_KEY | EVP_CIPH_CFB_MODE, - .init = des_ede3_init_key, - .do_cipher = des_ede3_cfb64_cipher, - .cleanup = NULL, - .ctx_size = sizeof(DES_EDE_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = des3_ctrl, -}; - -const EVP_CIPHER * -EVP_des_ede3_cfb64(void) -{ - return &des_ede3_cfb64; -} -LCRYPTO_ALIAS(EVP_des_ede3_cfb64); - -static const EVP_CIPHER des_ede3_ofb = { - .nid = NID_des_ede3_ofb64, - .block_size = 1, - .key_len = 24, - .iv_len = 8, - .flags = EVP_CIPH_RAND_KEY | EVP_CIPH_OFB_MODE, - .init = des_ede3_init_key, - .do_cipher = des_ede3_ofb_cipher, - .cleanup = NULL, - .ctx_size = sizeof(DES_EDE_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = des3_ctrl, -}; - -const EVP_CIPHER * -EVP_des_ede3_ofb(void) -{ - return &des_ede3_ofb; -} -LCRYPTO_ALIAS(EVP_des_ede3_ofb); - -static const EVP_CIPHER des_ede3_ecb = { - .nid = NID_des_ede3_ecb, - .block_size = 8, - .key_len = 24, - .iv_len = 0, - .flags = EVP_CIPH_RAND_KEY | EVP_CIPH_ECB_MODE, - .init = des_ede3_init_key, - .do_cipher = des_ede3_ecb_cipher, - .cleanup = NULL, - .ctx_size = sizeof(DES_EDE_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = des3_ctrl, -}; - -const EVP_CIPHER * -EVP_des_ede3_ecb(void) -{ - return &des_ede3_ecb; -} -LCRYPTO_ALIAS(EVP_des_ede3_ecb); - - -static const EVP_CIPHER des_ede3_cfb1 = { - .nid = NID_des_ede3_cfb1, - .block_size = 1, - .key_len = 24, - .iv_len = 8, - .flags = EVP_CIPH_RAND_KEY | EVP_CIPH_CFB_MODE, - .init = des_ede3_init_key, - .do_cipher = des_ede3_cfb1_cipher, - .cleanup = NULL, - .ctx_size = sizeof(DES_EDE_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = des3_ctrl, -}; - -const EVP_CIPHER * -EVP_des_ede3_cfb1(void) -{ - return &des_ede3_cfb1; -} -LCRYPTO_ALIAS(EVP_des_ede3_cfb1); - - -static const EVP_CIPHER des_ede3_cfb8 = { - .nid = NID_des_ede3_cfb8, - .block_size = 1, - .key_len = 24, - .iv_len = 8, - .flags = EVP_CIPH_RAND_KEY | EVP_CIPH_CFB_MODE, - .init = des_ede3_init_key, - .do_cipher = des_ede3_cfb8_cipher, - .cleanup = NULL, - .ctx_size = sizeof(DES_EDE_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = des3_ctrl, -}; - -const EVP_CIPHER * -EVP_des_ede3_cfb8(void) -{ - return &des_ede3_cfb8; -} -LCRYPTO_ALIAS(EVP_des_ede3_cfb8); - -const EVP_CIPHER * -EVP_des_ede(void) -{ - return &des_ede_ecb; -} -LCRYPTO_ALIAS(EVP_des_ede); - -const EVP_CIPHER * -EVP_des_ede3(void) -{ - return &des_ede3_ecb; -} -LCRYPTO_ALIAS(EVP_des_ede3); -#endif diff --git a/src/lib/libcrypto/evp/e_idea.c b/src/lib/libcrypto/evp/e_idea.c deleted file mode 100644 index 86cf77602a..0000000000 --- a/src/lib/libcrypto/evp/e_idea.c +++ /dev/null @@ -1,266 +0,0 @@ -/* $OpenBSD: e_idea.c,v 1.22 2024/04/09 13:52:41 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include - -#ifndef OPENSSL_NO_IDEA - -#include -#include -#include - -#include "evp_local.h" - -/* NB idea_ecb_encrypt doesn't take an 'encrypt' argument so we treat it as a special - * case - */ - -static int -idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - if (!enc) { - if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE) - enc = 1; - else if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE) - enc = 1; - } - if (enc) - idea_set_encrypt_key(key, ctx->cipher_data); - else { - IDEA_KEY_SCHEDULE tmp; - - idea_set_encrypt_key(key, &tmp); - idea_set_decrypt_key(&tmp, ctx->cipher_data); - explicit_bzero((unsigned char *)&tmp, - sizeof(IDEA_KEY_SCHEDULE)); - } - return 1; -} - -static int -idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - size_t i, bl; - - bl = ctx->cipher->block_size; - - if (inl < bl) - return 1; - - inl -= bl; - - for (i = 0; i <= inl; i += bl) - idea_ecb_encrypt(in + i, out + i, ctx->cipher_data); - - return 1; -} - -typedef struct { - IDEA_KEY_SCHEDULE ks; -} EVP_IDEA_KEY; - -static int -idea_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t chunk = LONG_MAX & ~0xff; - - while (inl >= chunk) { - idea_cbc_encrypt(in, out, (long)chunk, &((EVP_IDEA_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt); - inl -= chunk; - in += chunk; - out += chunk; - } - - if (inl) - idea_cbc_encrypt(in, out, (long)inl, &((EVP_IDEA_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt); - - return 1; -} - -static int -idea_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t chunk = LONG_MAX & ~0xff; - - while (inl >= chunk) { - idea_ofb64_encrypt(in, out, (long)chunk, &((EVP_IDEA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num); - inl -= chunk; - in += chunk; - out += chunk; - } - - if (inl) - idea_ofb64_encrypt(in, out, (long)inl, &((EVP_IDEA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num); - - return 1; -} - -static int -idea_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t chunk = LONG_MAX & ~0xff; - - if (inl < chunk) - chunk = inl; - - while (inl && inl >= chunk) { - idea_cfb64_encrypt(in, out, (long)chunk, &((EVP_IDEA_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt); - inl -= chunk; - in += chunk; - out += chunk; - if (inl < chunk) - chunk = inl; - } - - return 1; -} - -static const EVP_CIPHER idea_cbc = { - .nid = NID_idea_cbc, - .block_size = 8, - .key_len = 16, - .iv_len = 8, - .flags = 0 | EVP_CIPH_CBC_MODE, - .init = idea_init_key, - .do_cipher = idea_cbc_cipher, - .cleanup = NULL, - .ctx_size = sizeof(IDEA_KEY_SCHEDULE), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_idea_cbc(void) -{ - return &idea_cbc; -} -LCRYPTO_ALIAS(EVP_idea_cbc); - -static const EVP_CIPHER idea_cfb64 = { - .nid = NID_idea_cfb64, - .block_size = 1, - .key_len = 16, - .iv_len = 8, - .flags = 0 | EVP_CIPH_CFB_MODE, - .init = idea_init_key, - .do_cipher = idea_cfb64_cipher, - .cleanup = NULL, - .ctx_size = sizeof(IDEA_KEY_SCHEDULE), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_idea_cfb64(void) -{ - return &idea_cfb64; -} -LCRYPTO_ALIAS(EVP_idea_cfb64); - -static const EVP_CIPHER idea_ofb = { - .nid = NID_idea_ofb64, - .block_size = 1, - .key_len = 16, - .iv_len = 8, - .flags = 0 | EVP_CIPH_OFB_MODE, - .init = idea_init_key, - .do_cipher = idea_ofb_cipher, - .cleanup = NULL, - .ctx_size = sizeof(IDEA_KEY_SCHEDULE), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_idea_ofb(void) -{ - return &idea_ofb; -} -LCRYPTO_ALIAS(EVP_idea_ofb); - -static const EVP_CIPHER idea_ecb = { - .nid = NID_idea_ecb, - .block_size = 8, - .key_len = 16, - .iv_len = 0, - .flags = 0 | EVP_CIPH_ECB_MODE, - .init = idea_init_key, - .do_cipher = idea_ecb_cipher, - .cleanup = NULL, - .ctx_size = sizeof(IDEA_KEY_SCHEDULE), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_idea_ecb(void) -{ - return &idea_ecb; -} -LCRYPTO_ALIAS(EVP_idea_ecb); -#endif diff --git a/src/lib/libcrypto/evp/e_null.c b/src/lib/libcrypto/evp/e_null.c deleted file mode 100644 index bcb8a1e560..0000000000 --- a/src/lib/libcrypto/evp/e_null.c +++ /dev/null @@ -1,109 +0,0 @@ -/* $OpenBSD: e_null.c,v 1.21 2024/04/09 13:52:41 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include -#include - -#include "evp_local.h" - -static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); -static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl); - -static const EVP_CIPHER n_cipher = { - .nid = NID_undef, - .block_size = 1, - .key_len = 0, - .iv_len = 0, - .flags = 0, - .init = null_init_key, - .do_cipher = null_cipher, - .cleanup = NULL, - .ctx_size = 0, - .set_asn1_parameters = NULL, - .get_asn1_parameters = NULL, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_enc_null(void) -{ - return (&n_cipher); -} -LCRYPTO_ALIAS(EVP_enc_null); - -static int -null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - /* memset(&(ctx->c),0,sizeof(ctx->c));*/ - return 1; -} - -static int -null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - if (in != out) - memcpy((char *)out, (const char *)in, inl); - return 1; -} diff --git a/src/lib/libcrypto/evp/e_rc2.c b/src/lib/libcrypto/evp/e_rc2.c deleted file mode 100644 index dc404cff20..0000000000 --- a/src/lib/libcrypto/evp/e_rc2.c +++ /dev/null @@ -1,411 +0,0 @@ -/* $OpenBSD: e_rc2.c,v 1.29 2024/04/09 13:52:41 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include - -#ifndef OPENSSL_NO_RC2 - -#include -#include -#include -#include - -#include "evp_local.h" - -static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); -static int rc2_meth_to_magic(EVP_CIPHER_CTX *ctx); -static int rc2_magic_to_meth(int i); -static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type); -static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type); -static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr); - -typedef struct { - int key_bits; /* effective key bits */ - RC2_KEY ks; /* key schedule */ -} EVP_RC2_KEY; - -#define data(ctx) ((EVP_RC2_KEY *)(ctx)->cipher_data) - -static int -rc2_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t chunk = LONG_MAX & ~0xff; - - while (inl >= chunk) { - RC2_cbc_encrypt(in, out, (long)chunk, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt); - inl -= chunk; - in += chunk; - out += chunk; - } - - if (inl) - RC2_cbc_encrypt(in, out, (long)inl, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt); - - return 1; -} - -static int -rc2_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t chunk = LONG_MAX & ~0xff; - - if (inl < chunk) - chunk = inl; - - while (inl && inl >= chunk) { - RC2_cfb64_encrypt(in, out, (long)chunk, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt); - inl -= chunk; - in += chunk; - out += chunk; - if (inl < chunk) - chunk = inl; - } - - return 1; -} - -static int -rc2_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t i, bl; - - bl = ctx->cipher->block_size; - - if (inl < bl) - return 1; - - inl -= bl; - - for (i = 0; i <= inl; i += bl) - RC2_ecb_encrypt(in + i, out + i, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->encrypt); - - return 1; -} - -static int -rc2_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t chunk = LONG_MAX & ~0xff; - - while (inl >= chunk) { - RC2_ofb64_encrypt(in, out, (long)chunk, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num); - inl -= chunk; - in += chunk; - out += chunk; - } - - if (inl) - RC2_ofb64_encrypt(in, out, (long)inl, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num); - - return 1; -} - -static const EVP_CIPHER rc2_cbc = { - .nid = NID_rc2_cbc, - .block_size = 8, - .key_len = RC2_KEY_LENGTH, - .iv_len = 8, - .flags = EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT | EVP_CIPH_CBC_MODE, - .init = rc2_init_key, - .do_cipher = rc2_cbc_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_RC2_KEY), - .set_asn1_parameters = rc2_set_asn1_type_and_iv, - .get_asn1_parameters = rc2_get_asn1_type_and_iv, - .ctrl = rc2_ctrl, -}; - -const EVP_CIPHER * -EVP_rc2_cbc(void) -{ - return &rc2_cbc; -} -LCRYPTO_ALIAS(EVP_rc2_cbc); - -static const EVP_CIPHER rc2_cfb64 = { - .nid = NID_rc2_cfb64, - .block_size = 1, - .key_len = RC2_KEY_LENGTH, - .iv_len = 8, - .flags = EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT | EVP_CIPH_CFB_MODE, - .init = rc2_init_key, - .do_cipher = rc2_cfb64_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_RC2_KEY), - .set_asn1_parameters = rc2_set_asn1_type_and_iv, - .get_asn1_parameters = rc2_get_asn1_type_and_iv, - .ctrl = rc2_ctrl, -}; - -const EVP_CIPHER * -EVP_rc2_cfb64(void) -{ - return &rc2_cfb64; -} -LCRYPTO_ALIAS(EVP_rc2_cfb64); - -static const EVP_CIPHER rc2_ofb = { - .nid = NID_rc2_ofb64, - .block_size = 1, - .key_len = RC2_KEY_LENGTH, - .iv_len = 8, - .flags = EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT | EVP_CIPH_OFB_MODE, - .init = rc2_init_key, - .do_cipher = rc2_ofb_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_RC2_KEY), - .set_asn1_parameters = rc2_set_asn1_type_and_iv, - .get_asn1_parameters = rc2_get_asn1_type_and_iv, - .ctrl = rc2_ctrl, -}; - -const EVP_CIPHER * -EVP_rc2_ofb(void) -{ - return &rc2_ofb; -} -LCRYPTO_ALIAS(EVP_rc2_ofb); - -static const EVP_CIPHER rc2_ecb = { - .nid = NID_rc2_ecb, - .block_size = 8, - .key_len = RC2_KEY_LENGTH, - .iv_len = 0, - .flags = EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT | EVP_CIPH_ECB_MODE, - .init = rc2_init_key, - .do_cipher = rc2_ecb_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_RC2_KEY), - .set_asn1_parameters = rc2_set_asn1_type_and_iv, - .get_asn1_parameters = rc2_get_asn1_type_and_iv, - .ctrl = rc2_ctrl, -}; - -const EVP_CIPHER * -EVP_rc2_ecb(void) -{ - return &rc2_ecb; -} -LCRYPTO_ALIAS(EVP_rc2_ecb); - -#define RC2_40_MAGIC 0xa0 -#define RC2_64_MAGIC 0x78 -#define RC2_128_MAGIC 0x3a - -static const EVP_CIPHER r2_64_cbc_cipher = { - .nid = NID_rc2_64_cbc, - .block_size = 8, - .key_len = 8, - .iv_len = 8, - .flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, - .init = rc2_init_key, - .do_cipher = rc2_cbc_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_RC2_KEY), - .set_asn1_parameters = rc2_set_asn1_type_and_iv, - .get_asn1_parameters = rc2_get_asn1_type_and_iv, - .ctrl = rc2_ctrl, -}; - -static const EVP_CIPHER r2_40_cbc_cipher = { - .nid = NID_rc2_40_cbc, - .block_size = 8, - .key_len = 5, - .iv_len = 8, - .flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, - .init = rc2_init_key, - .do_cipher = rc2_cbc_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_RC2_KEY), - .set_asn1_parameters = rc2_set_asn1_type_and_iv, - .get_asn1_parameters = rc2_get_asn1_type_and_iv, - .ctrl = rc2_ctrl, -}; - -const EVP_CIPHER * -EVP_rc2_64_cbc(void) -{ - return (&r2_64_cbc_cipher); -} -LCRYPTO_ALIAS(EVP_rc2_64_cbc); - -const EVP_CIPHER * -EVP_rc2_40_cbc(void) -{ - return (&r2_40_cbc_cipher); -} -LCRYPTO_ALIAS(EVP_rc2_40_cbc); - -static int -rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - RC2_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx), - key, data(ctx)->key_bits); - return 1; -} - -static int -rc2_meth_to_magic(EVP_CIPHER_CTX *e) -{ - int i; - - if (EVP_CIPHER_CTX_ctrl(e, EVP_CTRL_GET_RC2_KEY_BITS, 0, &i) <= 0) - return (0); - if (i == 128) - return (RC2_128_MAGIC); - else if (i == 64) - return (RC2_64_MAGIC); - else if (i == 40) - return (RC2_40_MAGIC); - else - return (0); -} - -static int -rc2_magic_to_meth(int i) -{ - if (i == RC2_128_MAGIC) - return 128; - else if (i == RC2_64_MAGIC) - return 64; - else if (i == RC2_40_MAGIC) - return 40; - else { - EVPerror(EVP_R_UNSUPPORTED_KEY_SIZE); - return (0); - } -} - -static int -rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) -{ - long num = 0; - int i = 0; - int key_bits; - int l; - unsigned char iv[EVP_MAX_IV_LENGTH]; - - if (type != NULL) { - l = EVP_CIPHER_CTX_iv_length(c); - if (l < 0 || l > sizeof(iv)) { - EVPerror(EVP_R_IV_TOO_LARGE); - return -1; - } - i = ASN1_TYPE_get_int_octetstring(type, &num, iv, l); - if (i != l) - return (-1); - key_bits = rc2_magic_to_meth((int)num); - if (!key_bits) - return (-1); - if (i > 0 && !EVP_CipherInit_ex(c, NULL, NULL, NULL, iv, -1)) - return -1; - if (EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, - key_bits, NULL) <= 0) - return -1; - if (!EVP_CIPHER_CTX_set_key_length(c, key_bits / 8)) - return -1; - } - return (i); -} - -static int -rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) -{ - long num; - int i = 0, j; - - if (type != NULL) { - num = rc2_meth_to_magic(c); - j = EVP_CIPHER_CTX_iv_length(c); - if (j < 0 || j > sizeof(c->oiv)) - return 0; - i = ASN1_TYPE_set_int_octetstring(type, num, c->oiv, j); - } - return (i); -} - -static int -rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) -{ - switch (type) { - case EVP_CTRL_INIT: - data(c)->key_bits = EVP_CIPHER_CTX_key_length(c) * 8; - return 1; - - case EVP_CTRL_GET_RC2_KEY_BITS: - *(int *)ptr = data(c)->key_bits; - return 1; - - case EVP_CTRL_SET_RC2_KEY_BITS: - if (arg > 0) { - data(c)->key_bits = arg; - return 1; - } - return 0; - - default: - return -1; - } -} - -#endif diff --git a/src/lib/libcrypto/evp/e_rc4.c b/src/lib/libcrypto/evp/e_rc4.c deleted file mode 100644 index df07483416..0000000000 --- a/src/lib/libcrypto/evp/e_rc4.c +++ /dev/null @@ -1,144 +0,0 @@ -/* $OpenBSD: e_rc4.c,v 1.20 2024/04/09 13:52:41 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include - -#ifndef OPENSSL_NO_RC4 - -#include -#include -#include - -#include "evp_local.h" - -/* FIXME: surely this is available elsewhere? */ -#define EVP_RC4_KEY_SIZE 16 - -typedef struct { - RC4_KEY ks; /* working key */ -} EVP_RC4_KEY; - -#define data(ctx) ((EVP_RC4_KEY *)(ctx)->cipher_data) - -static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); -static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl); - -static const EVP_CIPHER r4_cipher = { - .nid = NID_rc4, - .block_size = 1, - .key_len = EVP_RC4_KEY_SIZE, - .iv_len = 0, - .flags = EVP_CIPH_VARIABLE_LENGTH, - .init = rc4_init_key, - .do_cipher = rc4_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_RC4_KEY), - .set_asn1_parameters = NULL, - .get_asn1_parameters = NULL, - .ctrl = NULL, -}; - -static const EVP_CIPHER r4_40_cipher = { - .nid = NID_rc4_40, - .block_size = 1, - .key_len = 5, - .iv_len = 0, - .flags = EVP_CIPH_VARIABLE_LENGTH, - .init = rc4_init_key, - .do_cipher = rc4_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_RC4_KEY), - .set_asn1_parameters = NULL, - .get_asn1_parameters = NULL, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_rc4(void) -{ - return (&r4_cipher); -} -LCRYPTO_ALIAS(EVP_rc4); - -const EVP_CIPHER * -EVP_rc4_40(void) -{ - return (&r4_40_cipher); -} -LCRYPTO_ALIAS(EVP_rc4_40); - -static int -rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - RC4_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx), key); - return 1; -} - -static int -rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - RC4(&data(ctx)->ks, inl, in, out); - return 1; -} -#endif diff --git a/src/lib/libcrypto/evp/e_sm4.c b/src/lib/libcrypto/evp/e_sm4.c deleted file mode 100644 index cde2f6c64b..0000000000 --- a/src/lib/libcrypto/evp/e_sm4.c +++ /dev/null @@ -1,267 +0,0 @@ -/* $OpenBSD: e_sm4.c,v 1.13 2024/04/09 13:52:41 beck Exp $ */ -/* - * Copyright (c) 2017, 2019 Ribose Inc - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#ifndef OPENSSL_NO_SM4 -#include -#include -#include - -#include "evp_local.h" - -typedef struct { - SM4_KEY ks; -} EVP_SM4_KEY; - -static int -sm4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - SM4_set_key(key, ctx->cipher_data); - return 1; -} - -static void -sm4_cbc_encrypt(const unsigned char *in, unsigned char *out, size_t len, - const SM4_KEY *key, unsigned char *ivec, const int enc) -{ - if (enc) - CRYPTO_cbc128_encrypt(in, out, len, key, ivec, - (block128_f)SM4_encrypt); - else - CRYPTO_cbc128_decrypt(in, out, len, key, ivec, - (block128_f)SM4_decrypt); -} - -static void -sm4_cfb128_encrypt(const unsigned char *in, unsigned char *out, size_t length, - const SM4_KEY *key, unsigned char *ivec, int *num, const int enc) -{ - CRYPTO_cfb128_encrypt(in, out, length, key, ivec, num, enc, - (block128_f)SM4_encrypt); -} - -static void -sm4_ecb_encrypt(const unsigned char *in, unsigned char *out, const SM4_KEY *key, - const int enc) -{ - if (enc) - SM4_encrypt(in, out, key); - else - SM4_decrypt(in, out, key); -} - -static void -sm4_ofb128_encrypt(const unsigned char *in, unsigned char *out, size_t length, - const SM4_KEY *key, unsigned char *ivec, int *num) -{ - CRYPTO_ofb128_encrypt(in, out, length, key, ivec, num, - (block128_f)SM4_encrypt); -} - -static int -sm4_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - while (inl >= EVP_MAXCHUNK) { - sm4_cbc_encrypt(in, out, EVP_MAXCHUNK, &((EVP_SM4_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt); - inl -= EVP_MAXCHUNK; - in += EVP_MAXCHUNK; - out += EVP_MAXCHUNK; - } - - if (inl) - sm4_cbc_encrypt(in, out, inl, &((EVP_SM4_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt); - - return 1; -} - -static int -sm4_cfb128_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t chunk = EVP_MAXCHUNK; - - if (inl < chunk) - chunk = inl; - - while (inl && inl >= chunk) { - sm4_cfb128_encrypt(in, out, chunk, &((EVP_SM4_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt); - inl -= chunk; - in += chunk; - out += chunk; - if (inl < chunk) - chunk = inl; - } - - return 1; -} - -static int -sm4_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - size_t i, bl; - - bl = ctx->cipher->block_size; - - if (inl < bl) - return 1; - - inl -= bl; - - for (i = 0; i <= inl; i += bl) - sm4_ecb_encrypt(in + i, out + i, &((EVP_SM4_KEY *)ctx->cipher_data)->ks, ctx->encrypt); - - return 1; -} - -static int -sm4_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) -{ - while (inl >= EVP_MAXCHUNK) { - sm4_ofb128_encrypt(in, out, EVP_MAXCHUNK, &((EVP_SM4_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num); - inl -= EVP_MAXCHUNK; - in += EVP_MAXCHUNK; - out += EVP_MAXCHUNK; - } - - if (inl) - sm4_ofb128_encrypt(in, out, inl, &((EVP_SM4_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num); - - return 1; -} - -static const EVP_CIPHER sm4_cbc = { - .nid = NID_sm4_cbc, - .block_size = 16, - .key_len = 16, - .iv_len = 16, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CBC_MODE, - .init = sm4_init_key, - .do_cipher = sm4_cbc_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_SM4_KEY), - .set_asn1_parameters = NULL, - .get_asn1_parameters = NULL, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_sm4_cbc(void) -{ - return &sm4_cbc; -} -LCRYPTO_ALIAS(EVP_sm4_cbc); - -static const EVP_CIPHER sm4_cfb128 = { - .nid = NID_sm4_cfb128, - .block_size = 1, - .key_len = 16, - .iv_len = 16, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CFB_MODE, - .init = sm4_init_key, - .do_cipher = sm4_cfb128_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_SM4_KEY), - .set_asn1_parameters = NULL, - .get_asn1_parameters = NULL, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_sm4_cfb128(void) -{ - return &sm4_cfb128; -} -LCRYPTO_ALIAS(EVP_sm4_cfb128); - -static const EVP_CIPHER sm4_ofb = { - .nid = NID_sm4_ofb128, - .block_size = 1, - .key_len = 16, - .iv_len = 16, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_OFB_MODE, - .init = sm4_init_key, - .do_cipher = sm4_ofb_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_SM4_KEY), - .set_asn1_parameters = NULL, - .get_asn1_parameters = NULL, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_sm4_ofb(void) -{ - return &sm4_ofb; -} -LCRYPTO_ALIAS(EVP_sm4_ofb); - -static const EVP_CIPHER sm4_ecb = { - .nid = NID_sm4_ecb, - .block_size = 16, - .key_len = 16, - .iv_len = 0, - .flags = EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_ECB_MODE, - .init = sm4_init_key, - .do_cipher = sm4_ecb_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_SM4_KEY), - .set_asn1_parameters = NULL, - .get_asn1_parameters = NULL, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_sm4_ecb(void) -{ - return &sm4_ecb; -} -LCRYPTO_ALIAS(EVP_sm4_ecb); - -static int -sm4_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, - size_t len) -{ - EVP_SM4_KEY *key = ((EVP_SM4_KEY *)(ctx)->cipher_data); - - CRYPTO_ctr128_encrypt(in, out, len, &key->ks, ctx->iv, ctx->buf, - &ctx->num, (block128_f)SM4_encrypt); - return 1; -} - -static const EVP_CIPHER sm4_ctr_mode = { - .nid = NID_sm4_ctr, - .block_size = 1, - .key_len = 16, - .iv_len = 16, - .flags = EVP_CIPH_CTR_MODE, - .init = sm4_init_key, - .do_cipher = sm4_ctr_cipher, - .cleanup = NULL, - .ctx_size = sizeof(EVP_SM4_KEY), - .set_asn1_parameters = NULL, - .get_asn1_parameters = NULL, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_sm4_ctr(void) -{ - return &sm4_ctr_mode; -} -LCRYPTO_ALIAS(EVP_sm4_ctr); -#endif diff --git a/src/lib/libcrypto/evp/e_xcbc_d.c b/src/lib/libcrypto/evp/e_xcbc_d.c deleted file mode 100644 index 1e3bee0791..0000000000 --- a/src/lib/libcrypto/evp/e_xcbc_d.c +++ /dev/null @@ -1,139 +0,0 @@ -/* $OpenBSD: e_xcbc_d.c,v 1.18 2024/04/09 13:52:41 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include - -#ifndef OPENSSL_NO_DES - -#include -#include -#include - -#include "evp_local.h" - -static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); -static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl); - - -typedef struct { - DES_key_schedule ks;/* key schedule */ - DES_cblock inw; - DES_cblock outw; -} DESX_CBC_KEY; - -#define data(ctx) ((DESX_CBC_KEY *)(ctx)->cipher_data) - -static const EVP_CIPHER d_xcbc_cipher = { - .nid = NID_desx_cbc, - .block_size = 8, - .key_len = 24, - .iv_len = 8, - .flags = EVP_CIPH_CBC_MODE, - .init = desx_cbc_init_key, - .do_cipher = desx_cbc_cipher, - .cleanup = NULL, - .ctx_size = sizeof(DESX_CBC_KEY), - .set_asn1_parameters = EVP_CIPHER_set_asn1_iv, - .get_asn1_parameters = EVP_CIPHER_get_asn1_iv, - .ctrl = NULL, -}; - -const EVP_CIPHER * -EVP_desx_cbc(void) -{ - return (&d_xcbc_cipher); -} -LCRYPTO_ALIAS(EVP_desx_cbc); - -static int -desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - DES_cblock *deskey = (DES_cblock *)key; - - DES_set_key_unchecked(deskey, &data(ctx)->ks); - memcpy(&data(ctx)->inw[0], &key[8], 8); - memcpy(&data(ctx)->outw[0], &key[16], 8); - - return 1; -} - -static int -desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - while (inl >= EVP_MAXCHUNK) { - DES_xcbc_encrypt(in, out, (long)EVP_MAXCHUNK, &data(ctx)->ks, - (DES_cblock *)&(ctx->iv[0]), &data(ctx)->inw, - &data(ctx)->outw, ctx->encrypt); - inl -= EVP_MAXCHUNK; - in += EVP_MAXCHUNK; - out += EVP_MAXCHUNK; - } - if (inl) - DES_xcbc_encrypt(in, out, (long)inl, &data(ctx)->ks, - (DES_cblock *)&(ctx->iv[0]), &data(ctx)->inw, - &data(ctx)->outw, ctx->encrypt); - return 1; -} -#endif diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h deleted file mode 100644 index c2b81d0576..0000000000 --- a/src/lib/libcrypto/evp/evp.h +++ /dev/null @@ -1,1292 +0,0 @@ -/* $OpenBSD: evp.h,v 1.137 2024/08/31 10:38:49 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_ENVELOPE_H -#define HEADER_ENVELOPE_H - -#include - -#include - -#ifndef OPENSSL_NO_BIO -#include -#endif - -/* -#define EVP_RC2_KEY_SIZE 16 -#define EVP_RC4_KEY_SIZE 16 -#define EVP_BLOWFISH_KEY_SIZE 16 -#define EVP_CAST5_KEY_SIZE 16 -#define EVP_RC5_32_12_16_KEY_SIZE 16 -*/ -#define EVP_MAX_MD_SIZE 64 /* longest known is SHA512 */ -#define EVP_MAX_KEY_LENGTH 64 -#define EVP_MAX_IV_LENGTH 16 -#define EVP_MAX_BLOCK_LENGTH 32 - -#define PKCS5_SALT_LEN 8 -/* Default PKCS#5 iteration count */ -#define PKCS5_DEFAULT_ITER 2048 - -#include - -#define EVP_PK_RSA 0x0001 -#define EVP_PK_DSA 0x0002 -#define EVP_PK_DH 0x0004 -#define EVP_PK_EC 0x0008 -#define EVP_PKT_SIGN 0x0010 -#define EVP_PKT_ENC 0x0020 -#define EVP_PKT_EXCH 0x0040 -#define EVP_PKS_RSA 0x0100 -#define EVP_PKS_DSA 0x0200 -#define EVP_PKS_EC 0x0400 -#define EVP_PKT_EXP 0x1000 /* <= 512 bit key */ - -#define EVP_PKEY_NONE NID_undef -#define EVP_PKEY_RSA NID_rsaEncryption -#define EVP_PKEY_RSA_PSS NID_rsassaPss -#define EVP_PKEY_RSA2 NID_rsa -#define EVP_PKEY_DSA NID_dsa -#define EVP_PKEY_DSA1 NID_dsa_2 -#define EVP_PKEY_DSA2 NID_dsaWithSHA -#define EVP_PKEY_DSA3 NID_dsaWithSHA1 -#define EVP_PKEY_DSA4 NID_dsaWithSHA1_2 -#define EVP_PKEY_DH NID_dhKeyAgreement -#define EVP_PKEY_EC NID_X9_62_id_ecPublicKey -#define EVP_PKEY_GOSTR01 NID_id_GostR3410_2001 -#define EVP_PKEY_GOSTIMIT NID_id_Gost28147_89_MAC -#define EVP_PKEY_HMAC NID_hmac -#define EVP_PKEY_CMAC NID_cmac -#define EVP_PKEY_HKDF NID_hkdf -#define EVP_PKEY_TLS1_PRF NID_tls1_prf -#define EVP_PKEY_GOSTR12_256 NID_id_tc26_gost3410_2012_256 -#define EVP_PKEY_GOSTR12_512 NID_id_tc26_gost3410_2012_512 -#define EVP_PKEY_ED25519 NID_ED25519 -#define EVP_PKEY_X25519 NID_X25519 - -#ifdef __cplusplus -extern "C" { -#endif - -#define EVP_PKEY_MO_SIGN 0x0001 -#define EVP_PKEY_MO_VERIFY 0x0002 -#define EVP_PKEY_MO_ENCRYPT 0x0004 -#define EVP_PKEY_MO_DECRYPT 0x0008 - -#ifndef EVP_MD -#define EVP_MD_FLAG_ONESHOT 0x0001 /* digest can only handle a single - * block */ - -/* DigestAlgorithmIdentifier flags... */ - -#define EVP_MD_FLAG_DIGALGID_MASK 0x0018 - -/* NULL or absent parameter accepted. Use NULL */ - -#define EVP_MD_FLAG_DIGALGID_NULL 0x0000 - -/* NULL or absent parameter accepted. Use NULL for PKCS#1 otherwise absent */ - -#define EVP_MD_FLAG_DIGALGID_ABSENT 0x0008 - -/* Custom handling via ctrl */ - -#define EVP_MD_FLAG_DIGALGID_CUSTOM 0x0018 - -#define EVP_MD_FLAG_FIPS 0x0400 /* Note if suitable for use in FIPS mode */ - -/* Digest ctrls */ - -#define EVP_MD_CTRL_DIGALGID 0x1 -#define EVP_MD_CTRL_MICALG 0x2 -#define EVP_MD_CTRL_SET_KEY 0x3 -#define EVP_MD_CTRL_GOST_SET_SBOX 0x4 - -/* Minimum Algorithm specific ctrl value */ - -#define EVP_MD_CTRL_ALG_CTRL 0x1000 - -#endif /* !EVP_MD */ - -/* values for EVP_MD_CTX flags */ - -#define EVP_MD_CTX_FLAG_ONESHOT 0x0001 /* digest update will be called - * once only */ -#define EVP_MD_CTX_FLAG_CLEANED 0x0002 /* context has already been - * cleaned */ -#define EVP_MD_CTX_FLAG_REUSE 0x0004 /* Don't free up ctx->md_data - * in EVP_MD_CTX_cleanup */ -/* FIPS and pad options are ignored in 1.0.0, definitions are here - * so we don't accidentally reuse the values for other purposes. - */ - -#define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008 /* Allow use of non FIPS digest - * in FIPS mode */ - -/* The following PAD options are also currently ignored in 1.0.0, digest - * parameters are handled through EVP_DigestSign*() and EVP_DigestVerify*() - * instead. - */ -#define EVP_MD_CTX_FLAG_PAD_MASK 0xF0 /* RSA mode to use */ -#define EVP_MD_CTX_FLAG_PAD_PKCS1 0x00 /* PKCS#1 v1.5 mode */ -#define EVP_MD_CTX_FLAG_PAD_PSS 0x20 /* PSS mode */ - -#define EVP_MD_CTX_FLAG_NO_INIT 0x0100 /* Don't initialize md_data */ - -/* Values for cipher flags */ - -/* Modes for ciphers */ - -#define EVP_CIPH_STREAM_CIPHER 0x0 -#define EVP_CIPH_ECB_MODE 0x1 -#define EVP_CIPH_CBC_MODE 0x2 -#define EVP_CIPH_CFB_MODE 0x3 -#define EVP_CIPH_OFB_MODE 0x4 -#define EVP_CIPH_CTR_MODE 0x5 -#define EVP_CIPH_GCM_MODE 0x6 -#define EVP_CIPH_CCM_MODE 0x7 -#define EVP_CIPH_XTS_MODE 0x10001 -#define EVP_CIPH_WRAP_MODE 0x10002 -#define EVP_CIPH_MODE 0xF0007 -/* Set if variable length cipher */ -#define EVP_CIPH_VARIABLE_LENGTH 0x8 -/* Set if the iv handling should be done by the cipher itself */ -#define EVP_CIPH_CUSTOM_IV 0x10 -/* Set if the cipher's init() function should be called if key is NULL */ -#define EVP_CIPH_ALWAYS_CALL_INIT 0x20 -/* Call ctrl() to init cipher parameters */ -#define EVP_CIPH_CTRL_INIT 0x40 -/* Don't use standard block padding */ -#define EVP_CIPH_NO_PADDING 0x100 -/* cipher handles random key generation */ -#define EVP_CIPH_RAND_KEY 0x200 -/* cipher has its own additional copying logic */ -#define EVP_CIPH_CUSTOM_COPY 0x400 -/* Allow use default ASN1 get/set iv */ -#define EVP_CIPH_FLAG_DEFAULT_ASN1 0x1000 -/* Buffer length in bits not bytes: CFB1 mode only */ -#define EVP_CIPH_FLAG_LENGTH_BITS 0x2000 -/* Note if suitable for use in FIPS mode */ -#define EVP_CIPH_FLAG_FIPS 0x4000 -/* Allow non FIPS cipher in FIPS mode */ -#define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x8000 -/* Cipher handles any and all padding logic as well - * as finalisation. - */ -#define EVP_CIPH_FLAG_CUSTOM_CIPHER 0x100000 -#define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000 - -/* - * Cipher context flag to indicate that we can handle wrap mode: if allowed in - * older applications, it could overflow buffers. - */ -#define EVP_CIPHER_CTX_FLAG_WRAP_ALLOW 0x1 - -/* ctrl() values */ - -#define EVP_CTRL_INIT 0x0 -#define EVP_CTRL_GET_RC2_KEY_BITS 0x2 -#define EVP_CTRL_SET_RC2_KEY_BITS 0x3 -#define EVP_CTRL_GET_RC5_ROUNDS 0x4 -#define EVP_CTRL_SET_RC5_ROUNDS 0x5 -#define EVP_CTRL_RAND_KEY 0x6 -#define EVP_CTRL_PBE_PRF_NID 0x7 -#define EVP_CTRL_COPY 0x8 -#define EVP_CTRL_AEAD_SET_IVLEN 0x9 -#define EVP_CTRL_AEAD_GET_TAG 0x10 -#define EVP_CTRL_AEAD_SET_TAG 0x11 -#define EVP_CTRL_AEAD_SET_IV_FIXED 0x12 -#define EVP_CTRL_GCM_SET_IVLEN EVP_CTRL_AEAD_SET_IVLEN -#define EVP_CTRL_GCM_GET_TAG EVP_CTRL_AEAD_GET_TAG -#define EVP_CTRL_GCM_SET_TAG EVP_CTRL_AEAD_SET_TAG -#define EVP_CTRL_GCM_SET_IV_FIXED EVP_CTRL_AEAD_SET_IV_FIXED -#define EVP_CTRL_GCM_IV_GEN 0x13 -#define EVP_CTRL_CCM_SET_IVLEN EVP_CTRL_AEAD_SET_IVLEN -#define EVP_CTRL_CCM_GET_TAG EVP_CTRL_AEAD_GET_TAG -#define EVP_CTRL_CCM_SET_TAG EVP_CTRL_AEAD_SET_TAG -#define EVP_CTRL_CCM_SET_L 0x14 -#define EVP_CTRL_CCM_SET_MSGLEN 0x15 -/* AEAD cipher deduces payload length and returns number of bytes - * required to store MAC and eventual padding. Subsequent call to - * EVP_Cipher even appends/verifies MAC. - */ -#define EVP_CTRL_AEAD_TLS1_AAD 0x16 -/* Used by composite AEAD ciphers, no-op in GCM, CCM... */ -#define EVP_CTRL_AEAD_SET_MAC_KEY 0x17 -/* Set the GCM invocation field, decrypt only */ -#define EVP_CTRL_GCM_SET_IV_INV 0x18 -/* Set the S-BOX NID for GOST ciphers */ -#define EVP_CTRL_GOST_SET_SBOX 0x19 - -/* GCM TLS constants */ -/* Length of fixed part of IV derived from PRF */ -#define EVP_GCM_TLS_FIXED_IV_LEN 4 -/* Length of explicit part of IV part of TLS records */ -#define EVP_GCM_TLS_EXPLICIT_IV_LEN 8 -/* Length of tag for TLS */ -#define EVP_GCM_TLS_TAG_LEN 16 - -/* CCM TLS constants */ -/* Length of fixed part of IV derived from PRF */ -#define EVP_CCM_TLS_FIXED_IV_LEN 4 -/* Length of explicit part of IV part of TLS records */ -#define EVP_CCM_TLS_EXPLICIT_IV_LEN 8 -/* Total length of CCM IV length for TLS */ -#define EVP_CCM_TLS_IV_LEN 12 -/* Length of tag for TLS */ -#define EVP_CCM_TLS_TAG_LEN 16 -/* Length of CCM8 tag for TLS */ -#define EVP_CCM8_TLS_TAG_LEN 8 - -/* Length of tag for TLS */ -#define EVP_CHACHAPOLY_TLS_TAG_LEN 16 - -/* XXX - do we want to expose these? */ -#if defined(LIBRESSL_INTERNAL) -#define ED25519_KEYLEN 32 -#define X25519_KEYLEN 32 -#endif - -typedef struct evp_cipher_info_st { - const EVP_CIPHER *cipher; - unsigned char iv[EVP_MAX_IV_LENGTH]; -} EVP_CIPHER_INFO; - -/* Password based encryption function */ -typedef int EVP_PBE_KEYGEN(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, - ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de); - -#ifndef OPENSSL_NO_RSA -#define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\ - (char *)(rsa)) -#endif - -#ifndef OPENSSL_NO_DSA -#define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\ - (char *)(dsa)) -#endif - -#ifndef OPENSSL_NO_DH -#define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\ - (char *)(dh)) -#endif - -#ifndef OPENSSL_NO_EC -#define EVP_PKEY_assign_EC_KEY(pkey,eckey) EVP_PKEY_assign((pkey),EVP_PKEY_EC,\ - (char *)(eckey)) -#endif - -/* Add some extra combinations */ -#define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a)) -#define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a)) -#define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a)) -#define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a)) - -int EVP_MD_type(const EVP_MD *md); -#define EVP_MD_nid(e) EVP_MD_type(e) -#define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_nid(e)) -int EVP_MD_pkey_type(const EVP_MD *md); -int EVP_MD_size(const EVP_MD *md); -int EVP_MD_block_size(const EVP_MD *md); -unsigned long EVP_MD_flags(const EVP_MD *md); - -const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx); -void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx); -EVP_PKEY_CTX *EVP_MD_CTX_pkey_ctx(const EVP_MD_CTX *ctx); -void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx); -#define EVP_MD_CTX_size(e) EVP_MD_size(EVP_MD_CTX_md(e)) -#define EVP_MD_CTX_block_size(e) EVP_MD_block_size(EVP_MD_CTX_md(e)) -#define EVP_MD_CTX_type(e) EVP_MD_type(EVP_MD_CTX_md(e)) - -int EVP_CIPHER_nid(const EVP_CIPHER *cipher); -#define EVP_CIPHER_name(e) OBJ_nid2sn(EVP_CIPHER_nid(e)) -int EVP_CIPHER_block_size(const EVP_CIPHER *cipher); -int EVP_CIPHER_key_length(const EVP_CIPHER *cipher); -int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher); -unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher); -#define EVP_CIPHER_mode(e) (EVP_CIPHER_flags(e) & EVP_CIPH_MODE) - -const EVP_CIPHER * EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx); -int EVP_CIPHER_CTX_encrypting(const EVP_CIPHER_CTX *ctx); -int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx); -int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx); -int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx); -int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx); -int EVP_CIPHER_CTX_get_iv(const EVP_CIPHER_CTX *ctx, - unsigned char *iv, size_t len); -int EVP_CIPHER_CTX_set_iv(EVP_CIPHER_CTX *ctx, - const unsigned char *iv, size_t len); -int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in); -void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx); -void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data); -void *EVP_CIPHER_CTX_get_cipher_data(const EVP_CIPHER_CTX *ctx); -void *EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX *ctx, void *cipher_data); -unsigned char *EVP_CIPHER_CTX_buf_noconst(EVP_CIPHER_CTX *ctx); -#define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c)) -unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx); -#define EVP_CIPHER_CTX_mode(e) (EVP_CIPHER_CTX_flags(e) & EVP_CIPH_MODE) - -EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len); -EVP_CIPHER *EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher); -void EVP_CIPHER_meth_free(EVP_CIPHER *cipher); - -int EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len); -int EVP_CIPHER_meth_set_flags(EVP_CIPHER *cipher, unsigned long flags); -int EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size); -int EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher, - int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc)); -int EVP_CIPHER_meth_set_do_cipher(EVP_CIPHER *cipher, - int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl)); -int EVP_CIPHER_meth_set_cleanup(EVP_CIPHER *cipher, - int (*cleanup)(EVP_CIPHER_CTX *)); -int EVP_CIPHER_meth_set_set_asn1_params(EVP_CIPHER *cipher, - int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *)); -int EVP_CIPHER_meth_set_get_asn1_params(EVP_CIPHER *cipher, - int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *)); -int EVP_CIPHER_meth_set_ctrl(EVP_CIPHER *cipher, - int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr)); - -EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *engine, - const unsigned char *private_key, size_t len); -EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *engine, - const unsigned char *public_key, size_t len); -int EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, - unsigned char *out_private_key, size_t *out_len); -int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, - unsigned char *out_public_key, size_t *out_len); - -#define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80) -#define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80) - -#define EVP_SignInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c) -#define EVP_SignInit(a,b) EVP_DigestInit(a,b) -#define EVP_SignUpdate(a,b,c) EVP_DigestUpdate(a,b,c) -#define EVP_VerifyInit_ex(a,b,c) EVP_DigestInit_ex(a,b,c) -#define EVP_VerifyInit(a,b) EVP_DigestInit(a,b) -#define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c) -#define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e) -#define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e) -#define EVP_DigestSignUpdate(a,b,c) EVP_DigestUpdate(a,b,c) -#define EVP_DigestVerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c) - -#define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,0,(char *)md) -#define BIO_get_md(b,mdp) BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp) -#define BIO_get_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp) -#define BIO_set_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_SET_MD_CTX,0,(char *)mdcp) -#define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL) -#define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp) - -int EVP_Cipher(EVP_CIPHER_CTX *c, unsigned char *out, const unsigned char *in, - unsigned int inl); - -EVP_MD_CTX *EVP_MD_CTX_new(void); -void EVP_MD_CTX_free(EVP_MD_CTX *ctx); -int EVP_MD_CTX_init(EVP_MD_CTX *ctx); -int EVP_MD_CTX_reset(EVP_MD_CTX *ctx); -EVP_MD_CTX *EVP_MD_CTX_create(void); -void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx); -int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx); -int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in); -void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags); -void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags); -int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr); -int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags); - -int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); -int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt); -int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s); -int EVP_Digest(const void *data, size_t count, unsigned char *md, - unsigned int *size, const EVP_MD *type, ENGINE *impl); - -int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in); -int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type); -int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s); - -int EVP_read_pw_string(char *buf, int length, const char *prompt, int verify); -int EVP_read_pw_string_min(char *buf, int minlen, int maxlen, - const char *prompt, int verify); -void EVP_set_pw_prompt(const char *prompt); -char *EVP_get_pw_prompt(void); - -int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, - const unsigned char *salt, const unsigned char *data, int datal, int count, - unsigned char *key, unsigned char *iv); - -void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags); -void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags); -int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags); - -int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, - const unsigned char *key, const unsigned char *iv); -int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, - ENGINE *impl, const unsigned char *key, const unsigned char *iv); -int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, - const unsigned char *in, int inl); -int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); -int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); - -int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, - const unsigned char *key, const unsigned char *iv); -int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, - ENGINE *impl, const unsigned char *key, const unsigned char *iv); -int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, - const unsigned char *in, int inl); -int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); -int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); - -int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, - const unsigned char *key, const unsigned char *iv, int enc); -int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, - ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc); -int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, - const unsigned char *in, int inl); -int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); -int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); - -int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s, - EVP_PKEY *pkey); - -int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, - unsigned int siglen, EVP_PKEY *pkey); - -int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); -int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen); - -int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen, - const unsigned char *tbs, size_t tbslen); - -int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); -int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, - size_t siglen); - -int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret, - size_t siglen, const unsigned char *tbs, size_t tbslen); - -int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, - const unsigned char *ek, int ekl, const unsigned char *iv, EVP_PKEY *priv); -int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); - -int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, - unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk, - int npubk); -int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); - -EVP_ENCODE_CTX *EVP_ENCODE_CTX_new(void); -void EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx); -void EVP_EncodeInit(EVP_ENCODE_CTX *ctx); -int EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, - const unsigned char *in, int inl); -void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl); -int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n); - -void EVP_DecodeInit(EVP_ENCODE_CTX *ctx); -int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, - const unsigned char *in, int inl); -int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl); -int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n); - -int EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a); -int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a); -EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void); -void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *a); -int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *a); -int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen); -int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad); -int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr); -int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key); - -#ifndef OPENSSL_NO_BIO -const BIO_METHOD *BIO_f_md(void); -const BIO_METHOD *BIO_f_base64(void); -const BIO_METHOD *BIO_f_cipher(void); -int BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k, - const unsigned char *i, int enc); -#endif - -const EVP_MD *EVP_md_null(void); -#ifndef OPENSSL_NO_MD4 -const EVP_MD *EVP_md4(void); -#endif -#ifndef OPENSSL_NO_MD5 -const EVP_MD *EVP_md5(void); -const EVP_MD *EVP_md5_sha1(void); -#endif -#ifndef OPENSSL_NO_SHA -const EVP_MD *EVP_sha1(void); -#endif -#ifndef OPENSSL_NO_SHA256 -const EVP_MD *EVP_sha224(void); -const EVP_MD *EVP_sha256(void); -#endif -#ifndef OPENSSL_NO_SHA512 -const EVP_MD *EVP_sha384(void); -const EVP_MD *EVP_sha512(void); -const EVP_MD *EVP_sha512_224(void); -const EVP_MD *EVP_sha512_256(void); -#endif -#ifndef OPENSSL_NO_SHA3 -const EVP_MD *EVP_sha3_224(void); -const EVP_MD *EVP_sha3_256(void); -const EVP_MD *EVP_sha3_384(void); -const EVP_MD *EVP_sha3_512(void); -#endif -#ifndef OPENSSL_NO_SM3 -const EVP_MD *EVP_sm3(void); -#endif -#ifndef OPENSSL_NO_RIPEMD -const EVP_MD *EVP_ripemd160(void); -#endif -const EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */ -#ifndef OPENSSL_NO_DES -const EVP_CIPHER *EVP_des_ecb(void); -const EVP_CIPHER *EVP_des_ede(void); -const EVP_CIPHER *EVP_des_ede3(void); -const EVP_CIPHER *EVP_des_ede_ecb(void); -const EVP_CIPHER *EVP_des_ede3_ecb(void); -const EVP_CIPHER *EVP_des_cfb64(void); -# define EVP_des_cfb EVP_des_cfb64 -const EVP_CIPHER *EVP_des_cfb1(void); -const EVP_CIPHER *EVP_des_cfb8(void); -const EVP_CIPHER *EVP_des_ede_cfb64(void); -# define EVP_des_ede_cfb EVP_des_ede_cfb64 -const EVP_CIPHER *EVP_des_ede3_cfb64(void); -# define EVP_des_ede3_cfb EVP_des_ede3_cfb64 -const EVP_CIPHER *EVP_des_ede3_cfb1(void); -const EVP_CIPHER *EVP_des_ede3_cfb8(void); -const EVP_CIPHER *EVP_des_ofb(void); -const EVP_CIPHER *EVP_des_ede_ofb(void); -const EVP_CIPHER *EVP_des_ede3_ofb(void); -const EVP_CIPHER *EVP_des_cbc(void); -const EVP_CIPHER *EVP_des_ede_cbc(void); -const EVP_CIPHER *EVP_des_ede3_cbc(void); -const EVP_CIPHER *EVP_desx_cbc(void); -#endif -#ifndef OPENSSL_NO_RC4 -const EVP_CIPHER *EVP_rc4(void); -const EVP_CIPHER *EVP_rc4_40(void); -#endif -#ifndef OPENSSL_NO_IDEA -const EVP_CIPHER *EVP_idea_ecb(void); -const EVP_CIPHER *EVP_idea_cfb64(void); -# define EVP_idea_cfb EVP_idea_cfb64 -const EVP_CIPHER *EVP_idea_ofb(void); -const EVP_CIPHER *EVP_idea_cbc(void); -#endif -#ifndef OPENSSL_NO_RC2 -const EVP_CIPHER *EVP_rc2_ecb(void); -const EVP_CIPHER *EVP_rc2_cbc(void); -const EVP_CIPHER *EVP_rc2_40_cbc(void); -const EVP_CIPHER *EVP_rc2_64_cbc(void); -const EVP_CIPHER *EVP_rc2_cfb64(void); -# define EVP_rc2_cfb EVP_rc2_cfb64 -const EVP_CIPHER *EVP_rc2_ofb(void); -#endif -#ifndef OPENSSL_NO_BF -const EVP_CIPHER *EVP_bf_ecb(void); -const EVP_CIPHER *EVP_bf_cbc(void); -const EVP_CIPHER *EVP_bf_cfb64(void); -# define EVP_bf_cfb EVP_bf_cfb64 -const EVP_CIPHER *EVP_bf_ofb(void); -#endif -#ifndef OPENSSL_NO_CAST -const EVP_CIPHER *EVP_cast5_ecb(void); -const EVP_CIPHER *EVP_cast5_cbc(void); -const EVP_CIPHER *EVP_cast5_cfb64(void); -# define EVP_cast5_cfb EVP_cast5_cfb64 -const EVP_CIPHER *EVP_cast5_ofb(void); -#endif -#ifndef OPENSSL_NO_AES -const EVP_CIPHER *EVP_aes_128_ecb(void); -const EVP_CIPHER *EVP_aes_128_cbc(void); -const EVP_CIPHER *EVP_aes_128_cfb1(void); -const EVP_CIPHER *EVP_aes_128_cfb8(void); -const EVP_CIPHER *EVP_aes_128_cfb128(void); -# define EVP_aes_128_cfb EVP_aes_128_cfb128 -const EVP_CIPHER *EVP_aes_128_ofb(void); -const EVP_CIPHER *EVP_aes_128_ctr(void); -const EVP_CIPHER *EVP_aes_128_ccm(void); -const EVP_CIPHER *EVP_aes_128_gcm(void); -const EVP_CIPHER *EVP_aes_128_wrap(void); -const EVP_CIPHER *EVP_aes_128_xts(void); -const EVP_CIPHER *EVP_aes_192_ecb(void); -const EVP_CIPHER *EVP_aes_192_cbc(void); -const EVP_CIPHER *EVP_aes_192_cfb1(void); -const EVP_CIPHER *EVP_aes_192_cfb8(void); -const EVP_CIPHER *EVP_aes_192_cfb128(void); -# define EVP_aes_192_cfb EVP_aes_192_cfb128 -const EVP_CIPHER *EVP_aes_192_ofb(void); -const EVP_CIPHER *EVP_aes_192_ctr(void); -const EVP_CIPHER *EVP_aes_192_ccm(void); -const EVP_CIPHER *EVP_aes_192_gcm(void); -const EVP_CIPHER *EVP_aes_192_wrap(void); -const EVP_CIPHER *EVP_aes_256_ecb(void); -const EVP_CIPHER *EVP_aes_256_cbc(void); -const EVP_CIPHER *EVP_aes_256_cfb1(void); -const EVP_CIPHER *EVP_aes_256_cfb8(void); -const EVP_CIPHER *EVP_aes_256_cfb128(void); -# define EVP_aes_256_cfb EVP_aes_256_cfb128 -const EVP_CIPHER *EVP_aes_256_ofb(void); -const EVP_CIPHER *EVP_aes_256_ctr(void); -const EVP_CIPHER *EVP_aes_256_ccm(void); -const EVP_CIPHER *EVP_aes_256_gcm(void); -const EVP_CIPHER *EVP_aes_256_wrap(void); -const EVP_CIPHER *EVP_aes_256_xts(void); -#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) -const EVP_CIPHER *EVP_chacha20_poly1305(void); -#endif -#endif -#ifndef OPENSSL_NO_CAMELLIA -const EVP_CIPHER *EVP_camellia_128_ecb(void); -const EVP_CIPHER *EVP_camellia_128_cbc(void); -const EVP_CIPHER *EVP_camellia_128_cfb1(void); -const EVP_CIPHER *EVP_camellia_128_cfb8(void); -const EVP_CIPHER *EVP_camellia_128_cfb128(void); -# define EVP_camellia_128_cfb EVP_camellia_128_cfb128 -const EVP_CIPHER *EVP_camellia_128_ofb(void); -const EVP_CIPHER *EVP_camellia_192_ecb(void); -const EVP_CIPHER *EVP_camellia_192_cbc(void); -const EVP_CIPHER *EVP_camellia_192_cfb1(void); -const EVP_CIPHER *EVP_camellia_192_cfb8(void); -const EVP_CIPHER *EVP_camellia_192_cfb128(void); -# define EVP_camellia_192_cfb EVP_camellia_192_cfb128 -const EVP_CIPHER *EVP_camellia_192_ofb(void); -const EVP_CIPHER *EVP_camellia_256_ecb(void); -const EVP_CIPHER *EVP_camellia_256_cbc(void); -const EVP_CIPHER *EVP_camellia_256_cfb1(void); -const EVP_CIPHER *EVP_camellia_256_cfb8(void); -const EVP_CIPHER *EVP_camellia_256_cfb128(void); -# define EVP_camellia_256_cfb EVP_camellia_256_cfb128 -const EVP_CIPHER *EVP_camellia_256_ofb(void); -#endif - -#ifndef OPENSSL_NO_CHACHA -const EVP_CIPHER *EVP_chacha20(void); -#endif - -#ifndef OPENSSL_NO_SM4 -const EVP_CIPHER *EVP_sm4_ecb(void); -const EVP_CIPHER *EVP_sm4_cbc(void); -const EVP_CIPHER *EVP_sm4_cfb128(void); -#define EVP_sm4_cfb EVP_sm4_cfb128 -const EVP_CIPHER *EVP_sm4_ofb(void); -const EVP_CIPHER *EVP_sm4_ctr(void); -#endif - -void OPENSSL_add_all_algorithms_noconf(void); -void OPENSSL_add_all_algorithms_conf(void); - -#ifdef OPENSSL_LOAD_CONF -#define OpenSSL_add_all_algorithms() OPENSSL_add_all_algorithms_conf() -#else -#define OpenSSL_add_all_algorithms() OPENSSL_add_all_algorithms_noconf() -#endif - -void OpenSSL_add_all_ciphers(void); -void OpenSSL_add_all_digests(void); - -#define SSLeay_add_all_algorithms() OpenSSL_add_all_algorithms() -#define SSLeay_add_all_ciphers() OpenSSL_add_all_ciphers() -#define SSLeay_add_all_digests() OpenSSL_add_all_digests() - -const EVP_CIPHER *EVP_get_cipherbyname(const char *name); -const EVP_MD *EVP_get_digestbyname(const char *name); -void EVP_cleanup(void); - -void EVP_CIPHER_do_all(void (*fn)(const EVP_CIPHER *ciph, const char *from, - const char *to, void *x), void *arg); -void EVP_CIPHER_do_all_sorted(void (*fn)(const EVP_CIPHER *ciph, - const char *from, const char *to, void *x), void *arg); - -void EVP_MD_do_all(void (*fn)(const EVP_MD *ciph, const char *from, - const char *to, void *x), void *arg); -void EVP_MD_do_all_sorted(void (*fn)(const EVP_MD *ciph, const char *from, - const char *to, void *x), void *arg); - -int EVP_PKEY_decrypt_old(unsigned char *dec_key, const unsigned char *enc_key, - int enc_key_len, EVP_PKEY *private_key); -int EVP_PKEY_encrypt_old(unsigned char *enc_key, const unsigned char *key, - int key_len, EVP_PKEY *pub_key); -int EVP_PKEY_type(int type); -int EVP_PKEY_id(const EVP_PKEY *pkey); -int EVP_PKEY_base_id(const EVP_PKEY *pkey); -int EVP_PKEY_bits(const EVP_PKEY *pkey); -int EVP_PKEY_security_bits(const EVP_PKEY *pkey); -int EVP_PKEY_size(const EVP_PKEY *pkey); -int EVP_PKEY_set_type(EVP_PKEY *pkey, int type); -int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len); -int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key); -void *EVP_PKEY_get0(const EVP_PKEY *pkey); -const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len); - -#ifndef OPENSSL_NO_RSA -struct rsa_st; -struct rsa_st *EVP_PKEY_get0_RSA(EVP_PKEY *pkey); -struct rsa_st *EVP_PKEY_get1_RSA(EVP_PKEY *pkey); -int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, struct rsa_st *key); -#endif -#ifndef OPENSSL_NO_DSA -struct dsa_st; -struct dsa_st *EVP_PKEY_get0_DSA(EVP_PKEY *pkey); -struct dsa_st *EVP_PKEY_get1_DSA(EVP_PKEY *pkey); -int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, struct dsa_st *key); -#endif -#ifndef OPENSSL_NO_DH -struct dh_st; -struct dh_st *EVP_PKEY_get0_DH(EVP_PKEY *pkey); -struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey); -int EVP_PKEY_set1_DH(EVP_PKEY *pkey, struct dh_st *key); -#endif -#ifndef OPENSSL_NO_EC -struct ec_key_st; -struct ec_key_st *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey); -struct ec_key_st *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey); -int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, struct ec_key_st *key); -#endif - -EVP_PKEY *EVP_PKEY_new(void); -void EVP_PKEY_free(EVP_PKEY *pkey); -int EVP_PKEY_up_ref(EVP_PKEY *pkey); - -EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, - long length); -int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp); - -EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, - long length); -EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp, - long length); -int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp); - -int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from); -int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey); -int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode); -int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b); - -int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b); - -int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx); -int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx); -int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx); - -int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid); - -int EVP_CIPHER_type(const EVP_CIPHER *ctx); - -/* PKCS5 password based encryption */ -int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, - const unsigned char *salt, int saltlen, int iter, int keylen, - unsigned char *out); -int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt, - int saltlen, int iter, const EVP_MD *digest, int keylen, - unsigned char *out); - -#define ASN1_PKEY_ALIAS 0x1 -#define ASN1_PKEY_DYNAMIC 0x2 -#define ASN1_PKEY_SIGPARAM_NULL 0x4 - -#define ASN1_PKEY_CTRL_PKCS7_SIGN 0x1 -#define ASN1_PKEY_CTRL_PKCS7_ENCRYPT 0x2 -#define ASN1_PKEY_CTRL_DEFAULT_MD_NID 0x3 -#define ASN1_PKEY_CTRL_CMS_SIGN 0x5 -#define ASN1_PKEY_CTRL_CMS_ENVELOPE 0x7 -#define ASN1_PKEY_CTRL_CMS_RI_TYPE 0x8 - -int EVP_PKEY_asn1_get_count(void); -const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx); -const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type); -const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe, - const char *str, int len); -int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id, int *ppkey_flags, - const char **pinfo, const char **ppem_str, - const EVP_PKEY_ASN1_METHOD *ameth); - -const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey); - -#define EVP_PKEY_OP_UNDEFINED 0 -#define EVP_PKEY_OP_PARAMGEN (1<<1) -#define EVP_PKEY_OP_KEYGEN (1<<2) -#define EVP_PKEY_OP_SIGN (1<<3) -#define EVP_PKEY_OP_VERIFY (1<<4) -#define EVP_PKEY_OP_VERIFYRECOVER (1<<5) -#define EVP_PKEY_OP_SIGNCTX (1<<6) -#define EVP_PKEY_OP_VERIFYCTX (1<<7) -#define EVP_PKEY_OP_ENCRYPT (1<<8) -#define EVP_PKEY_OP_DECRYPT (1<<9) -#define EVP_PKEY_OP_DERIVE (1<<10) - -#define EVP_PKEY_OP_TYPE_SIG \ - (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER \ - | EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX) - -#define EVP_PKEY_OP_TYPE_CRYPT \ - (EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT) - -#define EVP_PKEY_OP_TYPE_NOGEN \ - (EVP_PKEY_OP_SIG | EVP_PKEY_OP_CRYPT | EVP_PKEY_OP_DERIVE) - -#define EVP_PKEY_OP_TYPE_GEN \ - (EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN) - -#define EVP_PKEY_CTX_set_signature_md(ctx, md) \ - EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, \ - EVP_PKEY_CTRL_MD, 0, (void *)md) - -#define EVP_PKEY_CTX_get_signature_md(ctx, pmd) \ - EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, \ - EVP_PKEY_CTRL_GET_MD, 0, (void *)(pmd)) - -#define EVP_PKEY_CTRL_MD 1 -#define EVP_PKEY_CTRL_PEER_KEY 2 - -#define EVP_PKEY_CTRL_PKCS7_ENCRYPT 3 -#define EVP_PKEY_CTRL_PKCS7_DECRYPT 4 - -#define EVP_PKEY_CTRL_PKCS7_SIGN 5 - -#define EVP_PKEY_CTRL_SET_MAC_KEY 6 - -#define EVP_PKEY_CTRL_DIGESTINIT 7 - -/* Used by GOST key encryption in TLS */ -#define EVP_PKEY_CTRL_SET_IV 8 - -#define EVP_PKEY_CTRL_CMS_ENCRYPT 9 -#define EVP_PKEY_CTRL_CMS_DECRYPT 10 -#define EVP_PKEY_CTRL_CMS_SIGN 11 - -#define EVP_PKEY_CTRL_CIPHER 12 - -#define EVP_PKEY_CTRL_GET_MD 13 - -#define EVP_PKEY_ALG_CTRL 0x1000 - - -#define EVP_PKEY_FLAG_AUTOARGLEN 2 -/* Method handles all operations: don't assume any digest related - * defaults. - */ -#define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4 - -EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e); -EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e); -EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx); -void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx); - -int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd, - int p1, void *p2); -int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, - const char *value); - -int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx); -void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen); - -EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key, - int keylen); -EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, - size_t len, const EVP_CIPHER *cipher); - -void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data); -void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx); -EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx); - -EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx); - -void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data); -void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx); - -int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx); -int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbslen); -int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx); -int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, - const unsigned char *tbs, size_t tbslen); -int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx); -int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx, unsigned char *rout, - size_t *routlen, const unsigned char *sig, size_t siglen); -int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx); -int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen); -int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx); -int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen); - -int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx); -int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer); -int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); - -typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx); - -int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx); -int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey); -int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx); -int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey); - -void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb); -EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx); - -int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx); - -/* Authenticated Encryption with Additional Data. - * - * AEAD couples confidentiality and integrity in a single primtive. AEAD - * algorithms take a key and then can seal and open individual messages. Each - * message has a unique, per-message nonce and, optionally, additional data - * which is authenticated but not included in the output. */ - -typedef struct evp_aead_st EVP_AEAD; - -#ifndef OPENSSL_NO_AES -/* EVP_aes_128_gcm is AES-128 in Galois Counter Mode. */ -const EVP_AEAD *EVP_aead_aes_128_gcm(void); -/* EVP_aes_256_gcm is AES-256 in Galois Counter Mode. */ -const EVP_AEAD *EVP_aead_aes_256_gcm(void); -#endif - -#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) -/* EVP_aead_chacha20_poly1305 is ChaCha20 with a Poly1305 authenticator. */ -const EVP_AEAD *EVP_aead_chacha20_poly1305(void); -/* EVP_aead_xchacha20_poly1305 is XChaCha20 with a Poly1305 authenticator. */ -const EVP_AEAD *EVP_aead_xchacha20_poly1305(void); -#endif - -/* EVP_AEAD_key_length returns the length of the keys used. */ -size_t EVP_AEAD_key_length(const EVP_AEAD *aead); - -/* EVP_AEAD_nonce_length returns the length of the per-message nonce. */ -size_t EVP_AEAD_nonce_length(const EVP_AEAD *aead); - -/* EVP_AEAD_max_overhead returns the maximum number of additional bytes added - * by the act of sealing data with the AEAD. */ -size_t EVP_AEAD_max_overhead(const EVP_AEAD *aead); - -/* EVP_AEAD_max_tag_len returns the maximum tag length when using this AEAD. - * This * is the largest value that can be passed as a tag length to - * EVP_AEAD_CTX_init. */ -size_t EVP_AEAD_max_tag_len(const EVP_AEAD *aead); - -/* An EVP_AEAD_CTX represents an AEAD algorithm configured with a specific key - * and message-independent IV. */ -typedef struct evp_aead_ctx_st EVP_AEAD_CTX; - -/* EVP_AEAD_MAX_TAG_LENGTH is the maximum tag length used by any AEAD - * defined in this header. */ -#define EVP_AEAD_MAX_TAG_LENGTH 16 - -/* EVP_AEAD_DEFAULT_TAG_LENGTH is a magic value that can be passed to - * EVP_AEAD_CTX_init to indicate that the default tag length for an AEAD - * should be used. */ -#define EVP_AEAD_DEFAULT_TAG_LENGTH 0 - -/* EVP_AEAD_CTX_new allocates a new context for use with EVP_AEAD_CTX_init. - * It can be cleaned up for reuse with EVP_AEAD_CTX_cleanup and must be freed - * with EVP_AEAD_CTX_free. */ -EVP_AEAD_CTX *EVP_AEAD_CTX_new(void); - -/* EVP_AEAD_CTX_free releases all memory owned by the context. */ -void EVP_AEAD_CTX_free(EVP_AEAD_CTX *ctx); - -/* EVP_AEAD_CTX_init initializes the context for the given AEAD algorithm. - * The implementation argument may be NULL to choose the default implementation. - * Authentication tags may be truncated by passing a tag length. A tag length - * of zero indicates the default tag length should be used. */ -int EVP_AEAD_CTX_init(EVP_AEAD_CTX *ctx, const EVP_AEAD *aead, - const unsigned char *key, size_t key_len, size_t tag_len, ENGINE *impl); - -/* EVP_AEAD_CTX_cleanup frees any data allocated for this context. */ -void EVP_AEAD_CTX_cleanup(EVP_AEAD_CTX *ctx); - -/* EVP_AEAD_CTX_seal encrypts and authenticates the input and authenticates - * any additional data (AD), the result being written as output. One is - * returned on success, otherwise zero. - * - * This function may be called (with the same EVP_AEAD_CTX) concurrently with - * itself or EVP_AEAD_CTX_open. - * - * At most max_out_len bytes are written as output and, in order to ensure - * success, this value should be the length of the input plus the result of - * EVP_AEAD_overhead. On successful return, out_len is set to the actual - * number of bytes written. - * - * The length of the nonce is must be equal to the result of - * EVP_AEAD_nonce_length for this AEAD. - * - * EVP_AEAD_CTX_seal never results in a partial output. If max_out_len is - * insufficient, zero will be returned and out_len will be set to zero. - * - * If the input and output are aliased then out must be <= in. */ -int EVP_AEAD_CTX_seal(const EVP_AEAD_CTX *ctx, unsigned char *out, - size_t *out_len, size_t max_out_len, const unsigned char *nonce, - size_t nonce_len, const unsigned char *in, size_t in_len, - const unsigned char *ad, size_t ad_len); - -/* EVP_AEAD_CTX_open authenticates the input and additional data, decrypting - * the input and writing it as output. One is returned on success, otherwise - * zero. - * - * This function may be called (with the same EVP_AEAD_CTX) concurrently with - * itself or EVP_AEAD_CTX_seal. - * - * At most the number of input bytes are written as output. In order to ensure - * success, max_out_len should be at least the same as the input length. On - * successful return out_len is set to the actual number of bytes written. - * - * The length of nonce must be equal to the result of EVP_AEAD_nonce_length - * for this AEAD. - * - * EVP_AEAD_CTX_open never results in a partial output. If max_out_len is - * insufficient, zero will be returned and out_len will be set to zero. - * - * If the input and output are aliased then out must be <= in. */ -int EVP_AEAD_CTX_open(const EVP_AEAD_CTX *ctx, unsigned char *out, - size_t *out_len, size_t max_out_len, const unsigned char *nonce, - size_t nonce_len, const unsigned char *in, size_t in_len, - const unsigned char *ad, size_t ad_len); - -void ERR_load_EVP_strings(void); - -/* Error codes for the EVP functions. */ - -/* Function codes. */ -#define EVP_F_AEAD_AES_GCM_INIT 187 -#define EVP_F_AEAD_AES_GCM_OPEN 188 -#define EVP_F_AEAD_AES_GCM_SEAL 189 -#define EVP_F_AEAD_CHACHA20_POLY1305_INIT 192 -#define EVP_F_AEAD_CHACHA20_POLY1305_OPEN 193 -#define EVP_F_AEAD_CHACHA20_POLY1305_SEAL 194 -#define EVP_F_AEAD_CTX_OPEN 185 -#define EVP_F_AEAD_CTX_SEAL 186 -#define EVP_F_AESNI_INIT_KEY 165 -#define EVP_F_AESNI_XTS_CIPHER 176 -#define EVP_F_AES_INIT_KEY 133 -#define EVP_F_AES_XTS 172 -#define EVP_F_AES_XTS_CIPHER 175 -#define EVP_F_ALG_MODULE_INIT 177 -#define EVP_F_CAMELLIA_INIT_KEY 159 -#define EVP_F_CMAC_INIT 173 -#define EVP_F_D2I_PKEY 100 -#define EVP_F_DO_SIGVER_INIT 161 -#define EVP_F_DSAPKEY2PKCS8 134 -#define EVP_F_DSA_PKEY2PKCS8 135 -#define EVP_F_ECDSA_PKEY2PKCS8 129 -#define EVP_F_ECKEY_PKEY2PKCS8 132 -#define EVP_F_EVP_AEAD_CTX_INIT 180 -#define EVP_F_EVP_AEAD_CTX_OPEN 190 -#define EVP_F_EVP_AEAD_CTX_SEAL 191 -#define EVP_F_EVP_BYTESTOKEY 200 -#define EVP_F_EVP_CIPHERINIT_EX 123 -#define EVP_F_EVP_CIPHER_CTX_COPY 163 -#define EVP_F_EVP_CIPHER_CTX_CTRL 124 -#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122 -#define EVP_F_EVP_CIPHER_GET_ASN1_IV 201 -#define EVP_F_EVP_CIPHER_SET_ASN1_IV 202 -#define EVP_F_EVP_DECRYPTFINAL_EX 101 -#define EVP_F_EVP_DECRYPTUPDATE 199 -#define EVP_F_EVP_DIGESTFINAL_EX 196 -#define EVP_F_EVP_DIGESTINIT_EX 128 -#define EVP_F_EVP_ENCRYPTFINAL_EX 127 -#define EVP_F_EVP_ENCRYPTUPDATE 198 -#define EVP_F_EVP_MD_CTX_COPY_EX 110 -#define EVP_F_EVP_MD_CTX_CTRL 195 -#define EVP_F_EVP_MD_SIZE 162 -#define EVP_F_EVP_OPENINIT 102 -#define EVP_F_EVP_PBE_ALG_ADD 115 -#define EVP_F_EVP_PBE_ALG_ADD_TYPE 160 -#define EVP_F_EVP_PBE_CIPHERINIT 116 -#define EVP_F_EVP_PKCS82PKEY 111 -#define EVP_F_EVP_PKCS82PKEY_BROKEN 136 -#define EVP_F_EVP_PKEY2PKCS8_BROKEN 113 -#define EVP_F_EVP_PKEY_COPY_PARAMETERS 103 -#define EVP_F_EVP_PKEY_CTX_CTRL 137 -#define EVP_F_EVP_PKEY_CTX_CTRL_STR 150 -#define EVP_F_EVP_PKEY_CTX_DUP 156 -#define EVP_F_EVP_PKEY_DECRYPT 104 -#define EVP_F_EVP_PKEY_DECRYPT_INIT 138 -#define EVP_F_EVP_PKEY_DECRYPT_OLD 151 -#define EVP_F_EVP_PKEY_DERIVE 153 -#define EVP_F_EVP_PKEY_DERIVE_INIT 154 -#define EVP_F_EVP_PKEY_DERIVE_SET_PEER 155 -#define EVP_F_EVP_PKEY_ENCRYPT 105 -#define EVP_F_EVP_PKEY_ENCRYPT_INIT 139 -#define EVP_F_EVP_PKEY_ENCRYPT_OLD 152 -#define EVP_F_EVP_PKEY_GET1_DH 119 -#define EVP_F_EVP_PKEY_GET1_DSA 120 -#define EVP_F_EVP_PKEY_GET1_ECDSA 130 -#define EVP_F_EVP_PKEY_GET1_EC_KEY 131 -#define EVP_F_EVP_PKEY_GET1_RSA 121 -#define EVP_F_EVP_PKEY_KEYGEN 146 -#define EVP_F_EVP_PKEY_KEYGEN_INIT 147 -#define EVP_F_EVP_PKEY_NEW 106 -#define EVP_F_EVP_PKEY_PARAMGEN 148 -#define EVP_F_EVP_PKEY_PARAMGEN_INIT 149 -#define EVP_F_EVP_PKEY_SIGN 140 -#define EVP_F_EVP_PKEY_SIGN_INIT 141 -#define EVP_F_EVP_PKEY_VERIFY 142 -#define EVP_F_EVP_PKEY_VERIFY_INIT 143 -#define EVP_F_EVP_PKEY_VERIFY_RECOVER 144 -#define EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT 145 -#define EVP_F_EVP_RIJNDAEL 126 -#define EVP_F_EVP_SIGNFINAL 107 -#define EVP_F_EVP_VERIFYFINAL 108 -#define EVP_F_FIPS_CIPHERINIT 166 -#define EVP_F_FIPS_CIPHER_CTX_COPY 170 -#define EVP_F_FIPS_CIPHER_CTX_CTRL 167 -#define EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH 171 -#define EVP_F_FIPS_DIGESTINIT 168 -#define EVP_F_FIPS_MD_CTX_COPY 169 -#define EVP_F_HMAC_INIT_EX 174 -#define EVP_F_INT_CTX_NEW 157 -#define EVP_F_PKCS5_PBE_KEYIVGEN 117 -#define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118 -#define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164 -#define EVP_F_PKCS8_SET_BROKEN 112 -#define EVP_F_PKEY_SET_TYPE 158 -#define EVP_F_RC2_GET_ASN1_TYPE_AND_IV 197 -#define EVP_F_RC2_MAGIC_TO_METH 109 -#define EVP_F_RC5_CTRL 125 - -/* Reason codes. */ -#define EVP_R_AES_IV_SETUP_FAILED 162 -#define EVP_R_AES_KEY_SETUP_FAILED 143 -#define EVP_R_ASN1_LIB 140 -#define EVP_R_BAD_BLOCK_LENGTH 136 -#define EVP_R_BAD_DECRYPT 100 -#define EVP_R_BAD_KEY_LENGTH 137 -#define EVP_R_BN_DECODE_ERROR 112 -#define EVP_R_BN_PUBKEY_ERROR 113 -#define EVP_R_BUFFER_TOO_SMALL 155 -#define EVP_R_CAMELLIA_KEY_SETUP_FAILED 157 -#define EVP_R_CIPHER_PARAMETER_ERROR 122 -#define EVP_R_COMMAND_NOT_SUPPORTED 147 -#define EVP_R_CTRL_NOT_IMPLEMENTED 132 -#define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133 -#define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138 -#define EVP_R_DECODE_ERROR 114 -#define EVP_R_DIFFERENT_KEY_TYPES 101 -#define EVP_R_DIFFERENT_PARAMETERS 153 -#define EVP_R_DISABLED_FOR_FIPS 163 -#define EVP_R_ENCODE_ERROR 115 -#define EVP_R_ERROR_LOADING_SECTION 165 -#define EVP_R_ERROR_SETTING_FIPS_MODE 166 -#define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119 -#define EVP_R_EXPECTING_AN_HMAC_KEY 174 -#define EVP_R_EXPECTING_AN_RSA_KEY 127 -#define EVP_R_EXPECTING_A_DH_KEY 128 -#define EVP_R_EXPECTING_A_DSA_KEY 129 -#define EVP_R_EXPECTING_A_ECDSA_KEY 141 -#define EVP_R_EXPECTING_A_EC_KEY 142 -#define EVP_R_FIPS_MODE_NOT_SUPPORTED 167 -#define EVP_R_GET_RAW_KEY_FAILED 182 -#define EVP_R_INITIALIZATION_ERROR 134 -#define EVP_R_INPUT_NOT_INITIALIZED 111 -#define EVP_R_INVALID_DIGEST 152 -#define EVP_R_INVALID_FIPS_MODE 168 -#define EVP_R_INVALID_IV_LENGTH 194 -#define EVP_R_INVALID_KEY_LENGTH 130 -#define EVP_R_INVALID_OPERATION 148 -#define EVP_R_IV_TOO_LARGE 102 -#define EVP_R_KEYGEN_FAILURE 120 -#define EVP_R_KEY_SETUP_FAILED 180 -#define EVP_R_MESSAGE_DIGEST_IS_NULL 159 -#define EVP_R_METHOD_NOT_SUPPORTED 144 -#define EVP_R_MISSING_PARAMETERS 103 -#define EVP_R_NO_CIPHER_SET 131 -#define EVP_R_NO_DEFAULT_DIGEST 158 -#define EVP_R_NO_DIGEST_SET 139 -#define EVP_R_NO_DSA_PARAMETERS 116 -#define EVP_R_NO_KEY_SET 154 -#define EVP_R_NO_OPERATION_SET 149 -#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104 -#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105 -#define EVP_R_ONLY_ONESHOT_SUPPORTED 177 -#define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150 -#define EVP_R_OPERATON_NOT_INITIALIZED 151 -#define EVP_R_OUTPUT_ALIASES_INPUT 172 -#define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117 -#define EVP_R_PRIVATE_KEY_DECODE_ERROR 145 -#define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146 -#define EVP_R_PUBLIC_KEY_NOT_RSA 106 -#define EVP_R_TAG_TOO_LARGE 171 -#define EVP_R_TOO_LARGE 164 -#define EVP_R_UNKNOWN_CIPHER 160 -#define EVP_R_UNKNOWN_DIGEST 161 -#define EVP_R_UNKNOWN_OPTION 169 -#define EVP_R_UNKNOWN_PBE_ALGORITHM 121 -#define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135 -#define EVP_R_UNSUPPORTED_ALGORITHM 156 -#define EVP_R_UNSUPPORTED_CIPHER 107 -#define EVP_R_UNSUPPORTED_KEYLENGTH 123 -#define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 124 -#define EVP_R_UNSUPPORTED_KEY_SIZE 108 -#define EVP_R_UNSUPPORTED_PRF 125 -#define EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM 118 -#define EVP_R_WRAP_MODE_NOT_ALLOWED 170 -#define EVP_R_UNSUPPORTED_SALT_TYPE 126 -#define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109 -#define EVP_R_WRONG_PUBLIC_KEY_TYPE 110 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/evp/evp_aead.c b/src/lib/libcrypto/evp/evp_aead.c deleted file mode 100644 index b35f5157ed..0000000000 --- a/src/lib/libcrypto/evp/evp_aead.c +++ /dev/null @@ -1,170 +0,0 @@ -/* $OpenBSD: evp_aead.c,v 1.11 2024/04/09 13:52:41 beck Exp $ */ -/* - * Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include - -#include -#include - -#include "evp_local.h" - -size_t -EVP_AEAD_key_length(const EVP_AEAD *aead) -{ - return aead->key_len; -} -LCRYPTO_ALIAS(EVP_AEAD_key_length); - -size_t -EVP_AEAD_nonce_length(const EVP_AEAD *aead) -{ - return aead->nonce_len; -} -LCRYPTO_ALIAS(EVP_AEAD_nonce_length); - -size_t -EVP_AEAD_max_overhead(const EVP_AEAD *aead) -{ - return aead->overhead; -} -LCRYPTO_ALIAS(EVP_AEAD_max_overhead); - -size_t -EVP_AEAD_max_tag_len(const EVP_AEAD *aead) -{ - return aead->max_tag_len; -} -LCRYPTO_ALIAS(EVP_AEAD_max_tag_len); - -int -EVP_AEAD_CTX_init(EVP_AEAD_CTX *ctx, const EVP_AEAD *aead, - const unsigned char *key, size_t key_len, size_t tag_len, ENGINE *impl) -{ - ctx->aead = aead; - if (key_len != aead->key_len) { - EVPerror(EVP_R_UNSUPPORTED_KEY_SIZE); - return 0; - } - return aead->init(ctx, key, key_len, tag_len); -} -LCRYPTO_ALIAS(EVP_AEAD_CTX_init); - -void -EVP_AEAD_CTX_cleanup(EVP_AEAD_CTX *ctx) -{ - if (ctx->aead == NULL) - return; - ctx->aead->cleanup(ctx); - ctx->aead = NULL; -} -LCRYPTO_ALIAS(EVP_AEAD_CTX_cleanup); - -EVP_AEAD_CTX * -EVP_AEAD_CTX_new(void) -{ - return calloc(1, sizeof(EVP_AEAD_CTX)); -} -LCRYPTO_ALIAS(EVP_AEAD_CTX_new); - -void -EVP_AEAD_CTX_free(EVP_AEAD_CTX *ctx) -{ - if (ctx == NULL) - return; - - EVP_AEAD_CTX_cleanup(ctx); - free(ctx); -} -LCRYPTO_ALIAS(EVP_AEAD_CTX_free); - -/* check_alias returns 0 if out points within the buffer determined by in - * and in_len and 1 otherwise. - * - * When processing, there's only an issue if out points within in[:in_len] - * and isn't equal to in. If that's the case then writing the output will - * stomp input that hasn't been read yet. - * - * This function checks for that case. */ -static int -check_alias(const unsigned char *in, size_t in_len, const unsigned char *out) -{ - if (out <= in) - return 1; - if (in + in_len <= out) - return 1; - return 0; -} - -int -EVP_AEAD_CTX_seal(const EVP_AEAD_CTX *ctx, unsigned char *out, size_t *out_len, - size_t max_out_len, const unsigned char *nonce, size_t nonce_len, - const unsigned char *in, size_t in_len, const unsigned char *ad, - size_t ad_len) -{ - size_t possible_out_len = in_len + ctx->aead->overhead; - - /* Overflow. */ - if (possible_out_len < in_len) { - EVPerror(EVP_R_TOO_LARGE); - goto error; - } - - if (!check_alias(in, in_len, out)) { - EVPerror(EVP_R_OUTPUT_ALIASES_INPUT); - goto error; - } - - if (ctx->aead->seal(ctx, out, out_len, max_out_len, nonce, nonce_len, - in, in_len, ad, ad_len)) { - return 1; - } - -error: - /* In the event of an error, clear the output buffer so that a caller - * that doesn't check the return value doesn't send raw data. */ - memset(out, 0, max_out_len); - *out_len = 0; - return 0; -} -LCRYPTO_ALIAS(EVP_AEAD_CTX_seal); - -int -EVP_AEAD_CTX_open(const EVP_AEAD_CTX *ctx, unsigned char *out, size_t *out_len, - size_t max_out_len, const unsigned char *nonce, size_t nonce_len, - const unsigned char *in, size_t in_len, const unsigned char *ad, - size_t ad_len) -{ - if (!check_alias(in, in_len, out)) { - EVPerror(EVP_R_OUTPUT_ALIASES_INPUT); - goto error; - } - - if (ctx->aead->open(ctx, out, out_len, max_out_len, nonce, nonce_len, - in, in_len, ad, ad_len)) { - return 1; - } - -error: - /* In the event of an error, clear the output buffer so that a caller - * that doesn't check the return value doesn't try and process bad - * data. */ - memset(out, 0, max_out_len); - *out_len = 0; - return 0; -} -LCRYPTO_ALIAS(EVP_AEAD_CTX_open); diff --git a/src/lib/libcrypto/evp/evp_cipher.c b/src/lib/libcrypto/evp/evp_cipher.c deleted file mode 100644 index e9c266d1b9..0000000000 --- a/src/lib/libcrypto/evp/evp_cipher.c +++ /dev/null @@ -1,1238 +0,0 @@ -/* $OpenBSD: evp_cipher.c,v 1.23 2024/04/10 15:00:38 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 2015 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include - -#include -#include -#include - -#include "asn1_local.h" -#include "evp_local.h" - -int -EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, - const unsigned char *key, const unsigned char *iv, int enc) -{ - return EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, enc); -} -LCRYPTO_ALIAS(EVP_CipherInit); - -int -EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *engine, - const unsigned char *key, const unsigned char *iv, int enc) -{ - if (enc == -1) - enc = ctx->encrypt; - if (enc != 0) - enc = 1; - ctx->encrypt = enc; - - if (cipher == NULL && ctx->cipher == NULL) { - EVPerror(EVP_R_NO_CIPHER_SET); - return 0; - } - - /* - * Set up cipher and context. Allocate cipher data and initialize ctx. - * On ctx reuse only retain encryption direction and key wrap flag. - */ - if (cipher != NULL) { - unsigned long flags = ctx->flags; - - EVP_CIPHER_CTX_cleanup(ctx); - ctx->encrypt = enc; - ctx->flags = flags & EVP_CIPHER_CTX_FLAG_WRAP_ALLOW; - - ctx->cipher = cipher; - ctx->key_len = cipher->key_len; - - if (ctx->cipher->ctx_size != 0) { - ctx->cipher_data = calloc(1, ctx->cipher->ctx_size); - if (ctx->cipher_data == NULL) { - EVPerror(ERR_R_MALLOC_FAILURE); - return 0; - } - } - - if ((ctx->cipher->flags & EVP_CIPH_CTRL_INIT) != 0) { - if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) { - EVPerror(EVP_R_INITIALIZATION_ERROR); - return 0; - } - } - } - - /* Block sizes must be a power of 2 due to the use of block_mask. */ - if (ctx->cipher->block_size != 1 && - ctx->cipher->block_size != 8 && - ctx->cipher->block_size != 16) { - EVPerror(EVP_R_BAD_BLOCK_LENGTH); - return 0; - } - - if ((ctx->flags & EVP_CIPHER_CTX_FLAG_WRAP_ALLOW) == 0 && - EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_WRAP_MODE) { - EVPerror(EVP_R_WRAP_MODE_NOT_ALLOWED); - return 0; - } - - if ((EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV) == 0) { - int iv_len; - - switch (EVP_CIPHER_CTX_mode(ctx)) { - - case EVP_CIPH_STREAM_CIPHER: - case EVP_CIPH_ECB_MODE: - break; - - case EVP_CIPH_CFB_MODE: - case EVP_CIPH_OFB_MODE: - - ctx->num = 0; - /* fall-through */ - - case EVP_CIPH_CBC_MODE: - iv_len = EVP_CIPHER_CTX_iv_length(ctx); - if (iv_len < 0 || iv_len > sizeof(ctx->oiv) || - iv_len > sizeof(ctx->iv)) { - EVPerror(EVP_R_IV_TOO_LARGE); - return 0; - } - if (iv != NULL) - memcpy(ctx->oiv, iv, iv_len); - memcpy(ctx->iv, ctx->oiv, iv_len); - break; - - case EVP_CIPH_CTR_MODE: - ctx->num = 0; - iv_len = EVP_CIPHER_CTX_iv_length(ctx); - if (iv_len < 0 || iv_len > sizeof(ctx->iv)) { - EVPerror(EVP_R_IV_TOO_LARGE); - return 0; - } - /* Don't reuse IV for CTR mode */ - if (iv != NULL) - memcpy(ctx->iv, iv, iv_len); - break; - - default: - return 0; - break; - } - } - - if (key != NULL || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT) != 0) { - if (!ctx->cipher->init(ctx, key, iv, enc)) - return 0; - } - - ctx->partial_len = 0; - ctx->final_used = 0; - - return 1; -} -LCRYPTO_ALIAS(EVP_CipherInit_ex); - -int -EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *out_len, - const unsigned char *in, int in_len) -{ - if (ctx->encrypt) - return EVP_EncryptUpdate(ctx, out, out_len, in, in_len); - - return EVP_DecryptUpdate(ctx, out, out_len, in, in_len); -} -LCRYPTO_ALIAS(EVP_CipherUpdate); - -int -EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *out_len) -{ - if (ctx->encrypt) - return EVP_EncryptFinal_ex(ctx, out, out_len); - - return EVP_DecryptFinal_ex(ctx, out, out_len); -} -LCRYPTO_ALIAS(EVP_CipherFinal); - -int -EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *out_len) -{ - if (ctx->encrypt) - return EVP_EncryptFinal_ex(ctx, out, out_len); - - return EVP_DecryptFinal_ex(ctx, out, out_len); -} -LCRYPTO_ALIAS(EVP_CipherFinal_ex); - -int -EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, - const unsigned char *key, const unsigned char *iv) -{ - return EVP_CipherInit(ctx, cipher, key, iv, 1); -} -LCRYPTO_ALIAS(EVP_EncryptInit); - -int -EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *engine, - const unsigned char *key, const unsigned char *iv) -{ - return EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, 1); -} -LCRYPTO_ALIAS(EVP_EncryptInit_ex); - -/* - * EVP_Cipher() is an implementation detail of EVP_Cipher{Update,Final}(). - * Behavior depends on EVP_CIPH_FLAG_CUSTOM_CIPHER being set on ctx->cipher. - * - * If the flag is set, do_cipher() operates in update mode if in != NULL and - * in final mode if in == NULL. It returns the number of bytes written to out - * (which may be 0) or -1 on error. - * - * If the flag is not set, do_cipher() assumes properly aligned data and that - * padding is handled correctly by the caller. Most do_cipher() methods will - * silently produce garbage and succeed. Returns 1 on success, 0 on error. - */ -int -EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, - unsigned int in_len) -{ - return ctx->cipher->do_cipher(ctx, out, in, in_len); -} -LCRYPTO_ALIAS(EVP_Cipher); - -static int -evp_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, int *out_len, - const unsigned char *in, int in_len) -{ - int len; - - *out_len = 0; - - if (in_len < 0) - return 0; - - if ((ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) != 0) { - if ((len = ctx->cipher->do_cipher(ctx, out, in, in_len)) < 0) - return 0; - - *out_len = len; - return 1; - } - - if (!ctx->cipher->do_cipher(ctx, out, in, in_len)) - return 0; - - *out_len = in_len; - - return 1; -} - -int -EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *out_len, - const unsigned char *in, int in_len) -{ - const int block_size = ctx->cipher->block_size; - const int block_mask = block_size - 1; - int partial_len = ctx->partial_len; - int len = 0, total_len = 0; - - *out_len = 0; - - if ((block_size & block_mask) != 0) - return 0; - - if (in_len < 0) - return 0; - - if (in_len == 0 && EVP_CIPHER_mode(ctx->cipher) != EVP_CIPH_CCM_MODE) - return 1; - - if ((ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) != 0) - return evp_cipher(ctx, out, out_len, in, in_len); - - if (partial_len == 0 && (in_len & block_mask) == 0) - return evp_cipher(ctx, out, out_len, in, in_len); - - if (partial_len < 0 || partial_len >= block_size || - block_size > sizeof(ctx->buf)) { - EVPerror(EVP_R_BAD_BLOCK_LENGTH); - return 0; - } - - if (partial_len > 0) { - int partial_needed; - - if ((partial_needed = block_size - partial_len) > in_len) { - memcpy(&ctx->buf[partial_len], in, in_len); - ctx->partial_len += in_len; - return 1; - } - - /* - * Once the first partial_needed bytes from in are processed, - * the number of multiples of block_size of data remaining is - * (in_len - partial_needed) & ~block_mask. Ensure that this - * plus the block processed from ctx->buf doesn't overflow. - */ - if (((in_len - partial_needed) & ~block_mask) > INT_MAX - block_size) { - EVPerror(EVP_R_TOO_LARGE); - return 0; - } - memcpy(&ctx->buf[partial_len], in, partial_needed); - - len = 0; - if (!evp_cipher(ctx, out, &len, ctx->buf, block_size)) - return 0; - total_len = len; - - in_len -= partial_needed; - in += partial_needed; - out += len; - } - - partial_len = in_len & block_mask; - if ((in_len -= partial_len) > 0) { - if (INT_MAX - in_len < total_len) - return 0; - len = 0; - if (!evp_cipher(ctx, out, &len, in, in_len)) - return 0; - if (INT_MAX - len < total_len) - return 0; - total_len += len; - } - - if ((ctx->partial_len = partial_len) > 0) - memcpy(ctx->buf, &in[in_len], partial_len); - - *out_len = total_len; - - return 1; -} -LCRYPTO_ALIAS(EVP_EncryptUpdate); - -int -EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *out_len) -{ - return EVP_EncryptFinal_ex(ctx, out, out_len); -} -LCRYPTO_ALIAS(EVP_EncryptFinal); - -int -EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *out_len) -{ - const int block_size = ctx->cipher->block_size; - int partial_len = ctx->partial_len; - int pad; - - *out_len = 0; - - if ((ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) != 0) - return evp_cipher(ctx, out, out_len, NULL, 0); - - if (partial_len < 0 || partial_len >= block_size || - block_size > sizeof(ctx->buf)) { - EVPerror(EVP_R_BAD_BLOCK_LENGTH); - return 0; - } - if (block_size == 1) - return 1; - - if ((ctx->flags & EVP_CIPH_NO_PADDING) != 0) { - if (partial_len != 0) { - EVPerror(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); - return 0; - } - return 1; - } - - pad = block_size - partial_len; - memset(&ctx->buf[partial_len], pad, pad); - - return evp_cipher(ctx, out, out_len, ctx->buf, block_size); -} -LCRYPTO_ALIAS(EVP_EncryptFinal_ex); - -int -EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, - const unsigned char *key, const unsigned char *iv) -{ - return EVP_CipherInit(ctx, cipher, key, iv, 0); -} -LCRYPTO_ALIAS(EVP_DecryptInit); - -int -EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *engine, - const unsigned char *key, const unsigned char *iv) -{ - return EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, 0); -} -LCRYPTO_ALIAS(EVP_DecryptInit_ex); - -int -EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *out_len, - const unsigned char *in, int in_len) -{ - const int block_size = ctx->cipher->block_size; - const int block_mask = block_size - 1; - int len = 0, total_len = 0; - - *out_len = 0; - - if ((block_size & block_mask) != 0) - return 0; - - if (in_len < 0) - return 0; - - if (in_len == 0 && EVP_CIPHER_mode(ctx->cipher) != EVP_CIPH_CCM_MODE) - return 1; - - if ((ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) != 0) - return evp_cipher(ctx, out, out_len, in, in_len); - - if ((ctx->flags & EVP_CIPH_NO_PADDING) != 0) - return EVP_EncryptUpdate(ctx, out, out_len, in, in_len); - - if (block_size > sizeof(ctx->final)) { - EVPerror(EVP_R_BAD_BLOCK_LENGTH); - return 0; - } - - if (ctx->final_used) { - /* - * final_used is only set if partial_len is 0. Therefore the - * output from EVP_EncryptUpdate() is in_len & ~block_mask. - * Ensure (in_len & ~block_mask) + block_size doesn't overflow. - */ - if ((in_len & ~block_mask) > INT_MAX - block_size) { - EVPerror(EVP_R_TOO_LARGE); - return 0; - } - memcpy(out, ctx->final, block_size); - out += block_size; - total_len = block_size; - } - - ctx->final_used = 0; - - len = 0; - if (!EVP_EncryptUpdate(ctx, out, &len, in, in_len)) - return 0; - - /* Keep copy of last block if a multiple of block_size was decrypted. */ - if (block_size > 1 && ctx->partial_len == 0) { - if (len < block_size) - return 0; - len -= block_size; - memcpy(ctx->final, &out[len], block_size); - ctx->final_used = 1; - } - - if (len > INT_MAX - total_len) - return 0; - total_len += len; - - *out_len = total_len; - - return 1; -} -LCRYPTO_ALIAS(EVP_DecryptUpdate); - -int -EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *out_len) -{ - return EVP_DecryptFinal_ex(ctx, out, out_len); -} -LCRYPTO_ALIAS(EVP_DecryptFinal); - -int -EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *out_len) -{ - const int block_size = ctx->cipher->block_size; - int partial_len = ctx->partial_len; - int i, pad, plain_len; - - *out_len = 0; - - if ((ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) != 0) - return evp_cipher(ctx, out, out_len, NULL, 0); - - if ((ctx->flags & EVP_CIPH_NO_PADDING) != 0) { - if (partial_len != 0) { - EVPerror(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); - return 0; - } - return 1; - } - - if (block_size == 1) - return 1; - - if (partial_len != 0 || !ctx->final_used) { - EVPerror(EVP_R_WRONG_FINAL_BLOCK_LENGTH); - return 0; - } - - if (block_size > sizeof(ctx->final)) { - EVPerror(EVP_R_BAD_BLOCK_LENGTH); - return 0; - } - - pad = ctx->final[block_size - 1]; - if (pad <= 0 || pad > block_size) { - EVPerror(EVP_R_BAD_DECRYPT); - return 0; - } - plain_len = block_size - pad; - for (i = plain_len; i < block_size; i++) { - if (ctx->final[i] != pad) { - EVPerror(EVP_R_BAD_DECRYPT); - return 0; - } - } - - memcpy(out, ctx->final, plain_len); - *out_len = plain_len; - - return 1; -} -LCRYPTO_ALIAS(EVP_DecryptFinal_ex); - -EVP_CIPHER_CTX * -EVP_CIPHER_CTX_new(void) -{ - return calloc(1, sizeof(EVP_CIPHER_CTX)); -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_new); - -void -EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) -{ - if (ctx == NULL) - return; - - EVP_CIPHER_CTX_cleanup(ctx); - - free(ctx); -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_free); - -void -EVP_CIPHER_CTX_legacy_clear(EVP_CIPHER_CTX *ctx) -{ - memset(ctx, 0, sizeof(*ctx)); -} - -int -EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) -{ - return EVP_CIPHER_CTX_cleanup(ctx); -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_init); - -int -EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx) -{ - return EVP_CIPHER_CTX_cleanup(ctx); -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_reset); - -int -EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *ctx) -{ - if (ctx == NULL) - return 1; - - if (ctx->cipher != NULL) { - /* XXX - Avoid leaks, so ignore return value of cleanup()... */ - if (ctx->cipher->cleanup != NULL) - ctx->cipher->cleanup(ctx); - if (ctx->cipher_data != NULL) - explicit_bzero(ctx->cipher_data, ctx->cipher->ctx_size); - } - - /* XXX - store size of cipher_data so we can always freezero(). */ - free(ctx->cipher_data); - - explicit_bzero(ctx, sizeof(EVP_CIPHER_CTX)); - - return 1; -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_cleanup); - -int -EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) -{ - int ret; - - if (!ctx->cipher) { - EVPerror(EVP_R_NO_CIPHER_SET); - return 0; - } - - if (!ctx->cipher->ctrl) { - EVPerror(EVP_R_CTRL_NOT_IMPLEMENTED); - return 0; - } - - ret = ctx->cipher->ctrl(ctx, type, arg, ptr); - if (ret == -1) { - EVPerror(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED); - return 0; - } - return ret; -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_ctrl); - -int -EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key) -{ - if (ctx->cipher->flags & EVP_CIPH_RAND_KEY) - return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key); - arc4random_buf(key, ctx->key_len); - return 1; -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_rand_key); - -int -EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) -{ - if (in == NULL || in->cipher == NULL) { - EVPerror(EVP_R_INPUT_NOT_INITIALIZED); - return 0; - } - - EVP_CIPHER_CTX_cleanup(out); - memcpy(out, in, sizeof *out); - - if (in->cipher_data && in->cipher->ctx_size) { - out->cipher_data = calloc(1, in->cipher->ctx_size); - if (out->cipher_data == NULL) { - EVPerror(ERR_R_MALLOC_FAILURE); - return 0; - } - memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size); - } - - if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY) { - if (!in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, - 0, out)) { - /* - * If the custom copy control failed, assume that there - * may still be pointers copied in the cipher_data that - * we do not own. This may result in a leak from a bad - * custom copy control, but that's preferable to a - * double free... - */ - freezero(out->cipher_data, in->cipher->ctx_size); - out->cipher_data = NULL; - return 0; - } - } - - return 1; -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_copy); - -/* - * EVP_CIPHER_CTX accessors. - */ - -const EVP_CIPHER * -EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx) -{ - return ctx->cipher; -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_cipher); - -int -EVP_CIPHER_CTX_encrypting(const EVP_CIPHER_CTX *ctx) -{ - return ctx->encrypt; -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_encrypting); - -int -EVP_CIPHER_CTX_get_iv(const EVP_CIPHER_CTX *ctx, unsigned char *iv, size_t len) -{ - if (ctx == NULL || len != EVP_CIPHER_CTX_iv_length(ctx)) - return 0; - if (len > EVP_MAX_IV_LENGTH) - return 0; /* sanity check; shouldn't happen */ - /* - * Skip the memcpy entirely when the requested IV length is zero, - * since the iv pointer may be NULL or invalid. - */ - if (len != 0) { - if (iv == NULL) - return 0; - memcpy(iv, ctx->iv, len); - } - return 1; -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_get_iv); - -int -EVP_CIPHER_CTX_set_iv(EVP_CIPHER_CTX *ctx, const unsigned char *iv, size_t len) -{ - if (ctx == NULL || len != EVP_CIPHER_CTX_iv_length(ctx)) - return 0; - if (len > EVP_MAX_IV_LENGTH) - return 0; /* sanity check; shouldn't happen */ - /* - * Skip the memcpy entirely when the requested IV length is zero, - * since the iv pointer may be NULL or invalid. - */ - if (len != 0) { - if (iv == NULL) - return 0; - memcpy(ctx->iv, iv, len); - } - return 1; -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_set_iv); - -unsigned char * -EVP_CIPHER_CTX_buf_noconst(EVP_CIPHER_CTX *ctx) -{ - return ctx->buf; -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_buf_noconst); - -void * -EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx) -{ - return ctx->app_data; -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_get_app_data); - -void -EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data) -{ - ctx->app_data = data; -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_set_app_data); - -int -EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx) -{ - return ctx->key_len; -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_key_length); - -int -EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *ctx, int key_len) -{ - if (ctx->key_len == key_len) - return 1; - if (key_len > 0 && (ctx->cipher->flags & EVP_CIPH_VARIABLE_LENGTH)) { - ctx->key_len = key_len; - return 1; - } - EVPerror(EVP_R_INVALID_KEY_LENGTH); - return 0; -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_set_key_length); - -int -EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad) -{ - if (pad) - ctx->flags &= ~EVP_CIPH_NO_PADDING; - else - ctx->flags |= EVP_CIPH_NO_PADDING; - return 1; -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_set_padding); - -void -EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags) -{ - ctx->flags |= flags; -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_set_flags); - -void -EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags) -{ - ctx->flags &= ~flags; -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_clear_flags); - -int -EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags) -{ - return (ctx->flags & flags); -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_test_flags); - -void * -EVP_CIPHER_CTX_get_cipher_data(const EVP_CIPHER_CTX *ctx) -{ - return ctx->cipher_data; -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_get_cipher_data); - -void * -EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX *ctx, void *cipher_data) -{ - void *old_cipher_data; - - old_cipher_data = ctx->cipher_data; - ctx->cipher_data = cipher_data; - - return old_cipher_data; -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_set_cipher_data); - -/* - * EVP_CIPHER_CTX getters that reach into the cipher attached to the context. - */ - -int -EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx) -{ - return ctx->cipher->nid; -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_nid); - -int -EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx) -{ - return ctx->cipher->block_size; -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_block_size); - -int -EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx) -{ - int iv_length = 0; - - if ((ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_IV_LENGTH) == 0) - return ctx->cipher->iv_len; - - /* - * XXX - sanity would suggest to pass the size of the pointer along, - * but unfortunately we have to match the other crowd. - */ - if (EVP_CIPHER_CTX_ctrl((EVP_CIPHER_CTX *)ctx, EVP_CTRL_GET_IVLEN, 0, - &iv_length) != 1) - return -1; - - return iv_length; -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_iv_length); - -unsigned long -EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx) -{ - return ctx->cipher->flags; -} -LCRYPTO_ALIAS(EVP_CIPHER_CTX_flags); - -/* - * Used by CMS and its predecessors. Only GOST and RC2 have a custom method. - */ - -int -EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *ctx, ASN1_TYPE *type) -{ - int iv_len; - - if (type == NULL) - return 0; - - iv_len = EVP_CIPHER_CTX_iv_length(ctx); - if (iv_len < 0 || iv_len > sizeof(ctx->oiv) || iv_len > sizeof(ctx->iv)) { - EVPerror(EVP_R_IV_TOO_LARGE); - return 0; /* XXX */ - } - if (ASN1_TYPE_get_octetstring(type, ctx->oiv, iv_len) != iv_len) - return -1; - - if (iv_len > 0) - memcpy(ctx->iv, ctx->oiv, iv_len); - - return iv_len; -} - -int -EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *ctx, ASN1_TYPE *type) -{ - if (ctx->cipher->get_asn1_parameters != NULL) - return ctx->cipher->get_asn1_parameters(ctx, type); - - if ((ctx->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) != 0) - return EVP_CIPHER_get_asn1_iv(ctx, type); - - return -1; -} - -int -EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *ctx, ASN1_TYPE *type) -{ - int iv_len; - - if (type == NULL) - return 0; - - iv_len = EVP_CIPHER_CTX_iv_length(ctx); - if (iv_len < 0 || iv_len > sizeof(ctx->oiv)) { - EVPerror(EVP_R_IV_TOO_LARGE); - return 0; - } - - return ASN1_TYPE_set_octetstring(type, ctx->oiv, iv_len); -} - -int -EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *ctx, ASN1_TYPE *type) -{ - if (ctx->cipher->set_asn1_parameters != NULL) - return ctx->cipher->set_asn1_parameters(ctx, type); - - if ((ctx->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) != 0) - return EVP_CIPHER_set_asn1_iv(ctx, type); - - return -1; -} - -/* Convert the various cipher NIDs and dummies to a proper OID NID */ -int -EVP_CIPHER_type(const EVP_CIPHER *cipher) -{ - ASN1_OBJECT *aobj; - int nid; - - nid = EVP_CIPHER_nid(cipher); - switch (nid) { - case NID_rc2_cbc: - case NID_rc2_64_cbc: - case NID_rc2_40_cbc: - return NID_rc2_cbc; - - case NID_rc4: - case NID_rc4_40: - return NID_rc4; - - case NID_aes_128_cfb128: - case NID_aes_128_cfb8: - case NID_aes_128_cfb1: - return NID_aes_128_cfb128; - - case NID_aes_192_cfb128: - case NID_aes_192_cfb8: - case NID_aes_192_cfb1: - return NID_aes_192_cfb128; - - case NID_aes_256_cfb128: - case NID_aes_256_cfb8: - case NID_aes_256_cfb1: - return NID_aes_256_cfb128; - - case NID_des_cfb64: - case NID_des_cfb8: - case NID_des_cfb1: - return NID_des_cfb64; - - case NID_des_ede3_cfb64: - case NID_des_ede3_cfb8: - case NID_des_ede3_cfb1: - return NID_des_cfb64; - - default: - /* Check it has an OID and it is valid */ - if (((aobj = OBJ_nid2obj(nid)) == NULL) || aobj->data == NULL) - nid = NID_undef; - - ASN1_OBJECT_free(aobj); - - return nid; - } -} -LCRYPTO_ALIAS(EVP_CIPHER_type); - -/* - * Accessors. First the trivial getters, then the setters for the method API. - */ - -int -EVP_CIPHER_nid(const EVP_CIPHER *cipher) -{ - return cipher->nid; -} -LCRYPTO_ALIAS(EVP_CIPHER_nid); - -int -EVP_CIPHER_block_size(const EVP_CIPHER *cipher) -{ - return cipher->block_size; -} -LCRYPTO_ALIAS(EVP_CIPHER_block_size); - -int -EVP_CIPHER_key_length(const EVP_CIPHER *cipher) -{ - return cipher->key_len; -} -LCRYPTO_ALIAS(EVP_CIPHER_key_length); - -int -EVP_CIPHER_iv_length(const EVP_CIPHER *cipher) -{ - return cipher->iv_len; -} -LCRYPTO_ALIAS(EVP_CIPHER_iv_length); - -unsigned long -EVP_CIPHER_flags(const EVP_CIPHER *cipher) -{ - return cipher->flags; -} -LCRYPTO_ALIAS(EVP_CIPHER_flags); - -EVP_CIPHER * -EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len) -{ - EVP_CIPHER *cipher; - - if (cipher_type < 0 || key_len < 0) - return NULL; - - /* EVP_CipherInit() will fail for any other value. */ - if (block_size != 1 && block_size != 8 && block_size != 16) - return NULL; - - if ((cipher = calloc(1, sizeof(*cipher))) == NULL) - return NULL; - - cipher->nid = cipher_type; - cipher->block_size = block_size; - cipher->key_len = key_len; - - return cipher; -} -LCRYPTO_ALIAS(EVP_CIPHER_meth_new); - -EVP_CIPHER * -EVP_CIPHER_meth_dup(const EVP_CIPHER *cipher) -{ - EVP_CIPHER *copy; - - if ((copy = calloc(1, sizeof(*copy))) == NULL) - return NULL; - - *copy = *cipher; - - return copy; -} -LCRYPTO_ALIAS(EVP_CIPHER_meth_dup); - -void -EVP_CIPHER_meth_free(EVP_CIPHER *cipher) -{ - free(cipher); -} -LCRYPTO_ALIAS(EVP_CIPHER_meth_free); - -int -EVP_CIPHER_meth_set_iv_length(EVP_CIPHER *cipher, int iv_len) -{ - cipher->iv_len = iv_len; - - return 1; -} -LCRYPTO_ALIAS(EVP_CIPHER_meth_set_iv_length); - -int -EVP_CIPHER_meth_set_flags(EVP_CIPHER *cipher, unsigned long flags) -{ - cipher->flags = flags; - - return 1; -} -LCRYPTO_ALIAS(EVP_CIPHER_meth_set_flags); - -int -EVP_CIPHER_meth_set_impl_ctx_size(EVP_CIPHER *cipher, int ctx_size) -{ - cipher->ctx_size = ctx_size; - - return 1; -} -LCRYPTO_ALIAS(EVP_CIPHER_meth_set_impl_ctx_size); - -int -EVP_CIPHER_meth_set_init(EVP_CIPHER *cipher, - int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc)) -{ - cipher->init = init; - - return 1; -} -LCRYPTO_ALIAS(EVP_CIPHER_meth_set_init); - -int -EVP_CIPHER_meth_set_do_cipher(EVP_CIPHER *cipher, - int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl)) -{ - cipher->do_cipher = do_cipher; - - return 1; -} -LCRYPTO_ALIAS(EVP_CIPHER_meth_set_do_cipher); - -int -EVP_CIPHER_meth_set_cleanup(EVP_CIPHER *cipher, - int (*cleanup)(EVP_CIPHER_CTX *)) -{ - cipher->cleanup = cleanup; - - return 1; -} -LCRYPTO_ALIAS(EVP_CIPHER_meth_set_cleanup); - -int -EVP_CIPHER_meth_set_set_asn1_params(EVP_CIPHER *cipher, - int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *)) -{ - cipher->set_asn1_parameters = set_asn1_parameters; - - return 1; -} -LCRYPTO_ALIAS(EVP_CIPHER_meth_set_set_asn1_params); - -int -EVP_CIPHER_meth_set_get_asn1_params(EVP_CIPHER *cipher, - int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *)) -{ - cipher->get_asn1_parameters = get_asn1_parameters; - - return 1; -} -LCRYPTO_ALIAS(EVP_CIPHER_meth_set_get_asn1_params); - -int -EVP_CIPHER_meth_set_ctrl(EVP_CIPHER *cipher, - int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr)) -{ - cipher->ctrl = ctrl; - - return 1; -} -LCRYPTO_ALIAS(EVP_CIPHER_meth_set_ctrl); diff --git a/src/lib/libcrypto/evp/evp_digest.c b/src/lib/libcrypto/evp/evp_digest.c deleted file mode 100644 index 0a97d25c7d..0000000000 --- a/src/lib/libcrypto/evp/evp_digest.c +++ /dev/null @@ -1,500 +0,0 @@ -/* $OpenBSD: evp_digest.c,v 1.14 2024/04/10 15:00:38 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include - -#include -#include -#include - -#include "evp_local.h" - -int -EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) -{ - EVP_MD_CTX_legacy_clear(ctx); - return EVP_DigestInit_ex(ctx, type, NULL); -} -LCRYPTO_ALIAS(EVP_DigestInit); - -int -EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) -{ - EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED); - - if (ctx->digest != type) { - if (ctx->digest && ctx->digest->ctx_size && ctx->md_data && - !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) { - freezero(ctx->md_data, ctx->digest->ctx_size); - ctx->md_data = NULL; - } - ctx->digest = type; - if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) { - ctx->update = type->update; - ctx->md_data = calloc(1, type->ctx_size); - if (ctx->md_data == NULL) { - EVP_PKEY_CTX_free(ctx->pctx); - ctx->pctx = NULL; - EVPerror(ERR_R_MALLOC_FAILURE); - return 0; - } - } - } - if (ctx->pctx) { - int r; - r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG, - EVP_PKEY_CTRL_DIGESTINIT, 0, ctx); - if (r <= 0 && (r != -2)) - return 0; - } - if (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) - return 1; - return ctx->digest->init(ctx); -} -LCRYPTO_ALIAS(EVP_DigestInit_ex); - -int -EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - return ctx->update(ctx, data, count); -} -LCRYPTO_ALIAS(EVP_DigestUpdate); - -/* The caller can assume that this removes any secret data from the context */ -int -EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) -{ - int ret; - - ret = EVP_DigestFinal_ex(ctx, md, size); - EVP_MD_CTX_cleanup(ctx); - return ret; -} -LCRYPTO_ALIAS(EVP_DigestFinal); - -/* The caller can assume that this removes any secret data from the context */ -int -EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) -{ - int ret; - - if ((size_t)ctx->digest->md_size > EVP_MAX_MD_SIZE) { - EVPerror(EVP_R_TOO_LARGE); - return 0; - } - ret = ctx->digest->final(ctx, md); - if (size != NULL) - *size = ctx->digest->md_size; - if (ctx->digest->cleanup) { - ctx->digest->cleanup(ctx); - EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED); - } - memset(ctx->md_data, 0, ctx->digest->ctx_size); - return ret; -} -LCRYPTO_ALIAS(EVP_DigestFinal_ex); - -int -EVP_Digest(const void *data, size_t count, - unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl) -{ - EVP_MD_CTX ctx; - int ret; - - EVP_MD_CTX_legacy_clear(&ctx); - EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_ONESHOT); - ret = EVP_DigestInit_ex(&ctx, type, NULL) && - EVP_DigestUpdate(&ctx, data, count) && - EVP_DigestFinal_ex(&ctx, md, size); - EVP_MD_CTX_cleanup(&ctx); - - return ret; -} -LCRYPTO_ALIAS(EVP_Digest); - -EVP_MD_CTX * -EVP_MD_CTX_new(void) -{ - return calloc(1, sizeof(EVP_MD_CTX)); -} -LCRYPTO_ALIAS(EVP_MD_CTX_new); - -void -EVP_MD_CTX_free(EVP_MD_CTX *ctx) -{ - if (ctx == NULL) - return; - - EVP_MD_CTX_cleanup(ctx); - - free(ctx); -} -LCRYPTO_ALIAS(EVP_MD_CTX_free); - -EVP_MD_CTX * -EVP_MD_CTX_create(void) -{ - return EVP_MD_CTX_new(); -} -LCRYPTO_ALIAS(EVP_MD_CTX_create); - -void -EVP_MD_CTX_destroy(EVP_MD_CTX *ctx) -{ - EVP_MD_CTX_free(ctx); -} -LCRYPTO_ALIAS(EVP_MD_CTX_destroy); - -void -EVP_MD_CTX_legacy_clear(EVP_MD_CTX *ctx) -{ - memset(ctx, 0, sizeof(*ctx)); -} - -int -EVP_MD_CTX_init(EVP_MD_CTX *ctx) -{ - return EVP_MD_CTX_cleanup(ctx); -} -LCRYPTO_ALIAS(EVP_MD_CTX_init); - -int -EVP_MD_CTX_reset(EVP_MD_CTX *ctx) -{ - return EVP_MD_CTX_cleanup(ctx); -} -LCRYPTO_ALIAS(EVP_MD_CTX_reset); - -int -EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) -{ - if (ctx == NULL) - return 1; - - /* - * Don't assume ctx->md_data was cleaned in EVP_Digest_Final, - * because sometimes only copies of the context are ever finalised. - */ - if (ctx->digest && ctx->digest->cleanup && - !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED)) - ctx->digest->cleanup(ctx); - if (ctx->digest && ctx->digest->ctx_size && ctx->md_data && - !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) - freezero(ctx->md_data, ctx->digest->ctx_size); - /* - * If EVP_MD_CTX_FLAG_KEEP_PKEY_CTX is set, EVP_MD_CTX_set_pkey() was - * called and its strange API contract implies we don't own ctx->pctx. - */ - if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX)) - EVP_PKEY_CTX_free(ctx->pctx); - memset(ctx, 0, sizeof(*ctx)); - - return 1; -} -LCRYPTO_ALIAS(EVP_MD_CTX_cleanup); - -int -EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in) -{ - EVP_MD_CTX_legacy_clear(out); - return EVP_MD_CTX_copy_ex(out, in); -} -LCRYPTO_ALIAS(EVP_MD_CTX_copy); - -int -EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) -{ - unsigned char *tmp_buf; - - if ((in == NULL) || (in->digest == NULL)) { - EVPerror(EVP_R_INPUT_NOT_INITIALIZED); - return 0; - } - - if (out->digest == in->digest) { - tmp_buf = out->md_data; - EVP_MD_CTX_set_flags(out, EVP_MD_CTX_FLAG_REUSE); - } else - tmp_buf = NULL; - EVP_MD_CTX_cleanup(out); - memcpy(out, in, sizeof *out); - out->md_data = NULL; - out->pctx = NULL; - - /* - * Because of the EVP_PKEY_CTX_dup() below, EVP_MD_CTX_cleanup() needs - * to free out->pctx in all cases (even if this flag is set on in). - */ - EVP_MD_CTX_clear_flags(out, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX); - - if (in->md_data && out->digest->ctx_size) { - if (tmp_buf) { - out->md_data = tmp_buf; - } else { - out->md_data = calloc(1, out->digest->ctx_size); - if (out->md_data == NULL) { - EVPerror(ERR_R_MALLOC_FAILURE); - return 0; - } - } - memcpy(out->md_data, in->md_data, out->digest->ctx_size); - } - - out->update = in->update; - - if (in->pctx) { - out->pctx = EVP_PKEY_CTX_dup(in->pctx); - if (!out->pctx) { - EVP_MD_CTX_cleanup(out); - return 0; - } - } - - if (out->digest->copy) - return out->digest->copy(out, in); - - return 1; -} -LCRYPTO_ALIAS(EVP_MD_CTX_copy_ex); - -int -EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr) -{ - int ret; - - if (!ctx->digest) { - EVPerror(EVP_R_NO_CIPHER_SET); - return 0; - } - - if (!ctx->digest->md_ctrl) { - EVPerror(EVP_R_CTRL_NOT_IMPLEMENTED); - return 0; - } - - ret = ctx->digest->md_ctrl(ctx, type, arg, ptr); - if (ret == -1) { - EVPerror(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED); - return 0; - } - return ret; -} -LCRYPTO_ALIAS(EVP_MD_CTX_ctrl); - -const EVP_MD * -EVP_MD_CTX_md(const EVP_MD_CTX *ctx) -{ - if (!ctx) - return NULL; - return ctx->digest; -} -LCRYPTO_ALIAS(EVP_MD_CTX_md); - -void -EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags) -{ - ctx->flags &= ~flags; -} -LCRYPTO_ALIAS(EVP_MD_CTX_clear_flags); - -void -EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags) -{ - ctx->flags |= flags; -} -LCRYPTO_ALIAS(EVP_MD_CTX_set_flags); - -int -EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags) -{ - return (ctx->flags & flags); -} -LCRYPTO_ALIAS(EVP_MD_CTX_test_flags); - -void * -EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx) -{ - return ctx->md_data; -} -LCRYPTO_ALIAS(EVP_MD_CTX_md_data); - -EVP_PKEY_CTX * -EVP_MD_CTX_pkey_ctx(const EVP_MD_CTX *ctx) -{ - return ctx->pctx; -} -LCRYPTO_ALIAS(EVP_MD_CTX_pkey_ctx); - -void -EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx) -{ - if (EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX)) { - EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX); - } else { - EVP_PKEY_CTX_free(ctx->pctx); - } - - ctx->pctx = pctx; - - if (pctx != NULL) { - /* - * For unclear reasons it was decided that the caller keeps - * ownership of pctx. So a flag was invented to make sure we - * don't free it in EVP_MD_CTX_cleanup(). We also need to - * unset it in EVP_MD_CTX_copy_ex(). Fortunately, the flag - * isn't public... - */ - EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX); - } -} -LCRYPTO_ALIAS(EVP_MD_CTX_set_pkey_ctx); - -int -EVP_MD_type(const EVP_MD *md) -{ - return md->type; -} -LCRYPTO_ALIAS(EVP_MD_type); - -int -EVP_MD_pkey_type(const EVP_MD *md) -{ - return md->pkey_type; -} -LCRYPTO_ALIAS(EVP_MD_pkey_type); - -int -EVP_MD_size(const EVP_MD *md) -{ - if (!md) { - EVPerror(EVP_R_MESSAGE_DIGEST_IS_NULL); - return -1; - } - return md->md_size; -} -LCRYPTO_ALIAS(EVP_MD_size); - -unsigned long -EVP_MD_flags(const EVP_MD *md) -{ - return md->flags; -} -LCRYPTO_ALIAS(EVP_MD_flags); - -int -EVP_MD_block_size(const EVP_MD *md) -{ - return md->block_size; -} -LCRYPTO_ALIAS(EVP_MD_block_size); diff --git a/src/lib/libcrypto/evp/evp_encode.c b/src/lib/libcrypto/evp/evp_encode.c deleted file mode 100644 index ae6ec476e3..0000000000 --- a/src/lib/libcrypto/evp/evp_encode.c +++ /dev/null @@ -1,424 +0,0 @@ -/* $OpenBSD: evp_encode.c,v 1.3 2024/04/09 13:52:41 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include - -#include "evp_local.h" - -static unsigned char conv_ascii2bin(unsigned char a); -#define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f]) - -/* 64 char lines - * pad input with 0 - * left over chars are set to = - * 1 byte => xx== - * 2 bytes => xxx= - * 3 bytes => xxxx - */ -#define BIN_PER_LINE (64/4*3) -#define CHUNKS_PER_LINE (64/4) -#define CHAR_PER_LINE (64+1) - -static const unsigned char data_bin2ascii[65] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ\ -abcdefghijklmnopqrstuvwxyz0123456789+/"; - -/* 0xF0 is a EOLN - * 0xF1 is ignore but next needs to be 0xF0 (for \r\n processing). - * 0xF2 is EOF - * 0xE0 is ignore at start of line. - * 0xFF is error - */ - -#define B64_EOLN 0xF0 -#define B64_CR 0xF1 -#define B64_EOF 0xF2 -#define B64_WS 0xE0 -#define B64_ERROR 0xFF -#define B64_NOT_BASE64(a) (((a)|0x13) == 0xF3) -#define B64_BASE64(a) !B64_NOT_BASE64(a) - -static const unsigned char data_ascii2bin[128] = { - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xE0, 0xF0, 0xFF, 0xFF, 0xF1, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xE0, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0x3E, 0xFF, 0xF2, 0xFF, 0x3F, - 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, - 0x3C, 0x3D, 0xFF, 0xFF, 0xFF, 0x00, 0xFF, 0xFF, - 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, - 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, - 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, - 0x17, 0x18, 0x19, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, - 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, - 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, - 0x31, 0x32, 0x33, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, -}; - -static unsigned char -conv_ascii2bin(unsigned char a) -{ - if (a & 0x80) - return B64_ERROR; - return data_ascii2bin[a]; -} - -EVP_ENCODE_CTX * -EVP_ENCODE_CTX_new(void) -{ - return calloc(1, sizeof(EVP_ENCODE_CTX)); -} -LCRYPTO_ALIAS(EVP_ENCODE_CTX_new); - -void -EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx) -{ - free(ctx); -} -LCRYPTO_ALIAS(EVP_ENCODE_CTX_free); - -void -EVP_EncodeInit(EVP_ENCODE_CTX *ctx) -{ - ctx->length = 48; - ctx->num = 0; - ctx->line_num = 0; -} -LCRYPTO_ALIAS(EVP_EncodeInit); - -int -EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, - const unsigned char *in, int inl) -{ - int i, j; - size_t total = 0; - - *outl = 0; - if (inl <= 0) - return 0; - OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data)); - if (ctx->length - ctx->num > inl) { - memcpy(&(ctx->enc_data[ctx->num]), in, inl); - ctx->num += inl; - return 1; - } - if (ctx->num != 0) { - i = ctx->length - ctx->num; - memcpy(&(ctx->enc_data[ctx->num]), in, i); - in += i; - inl -= i; - j = EVP_EncodeBlock(out, ctx->enc_data, ctx->length); - ctx->num = 0; - out += j; - *(out++) = '\n'; - *out = '\0'; - total = j + 1; - } - while (inl >= ctx->length && total <= INT_MAX) { - j = EVP_EncodeBlock(out, in, ctx->length); - in += ctx->length; - inl -= ctx->length; - out += j; - *(out++) = '\n'; - *out = '\0'; - total += j + 1; - } - if (total > INT_MAX) { - /* Too much output data! */ - *outl = 0; - return 0; - } - if (inl != 0) - memcpy(&(ctx->enc_data[0]), in, inl); - ctx->num = inl; - *outl = total; - - return 1; -} -LCRYPTO_ALIAS(EVP_EncodeUpdate); - -void -EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl) -{ - unsigned int ret = 0; - - if (ctx->num != 0) { - ret = EVP_EncodeBlock(out, ctx->enc_data, ctx->num); - out[ret++] = '\n'; - out[ret] = '\0'; - ctx->num = 0; - } - *outl = ret; -} -LCRYPTO_ALIAS(EVP_EncodeFinal); - -int -EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int dlen) -{ - int i, ret = 0; - unsigned long l; - - for (i = dlen; i > 0; i -= 3) { - if (i >= 3) { - l = (((unsigned long)f[0]) << 16L) | - (((unsigned long)f[1]) << 8L) | f[2]; - *(t++) = conv_bin2ascii(l >> 18L); - *(t++) = conv_bin2ascii(l >> 12L); - *(t++) = conv_bin2ascii(l >> 6L); - *(t++) = conv_bin2ascii(l ); - } else { - l = ((unsigned long)f[0]) << 16L; - if (i == 2) - l |= ((unsigned long)f[1] << 8L); - - *(t++) = conv_bin2ascii(l >> 18L); - *(t++) = conv_bin2ascii(l >> 12L); - *(t++) = (i == 1) ? '=' : conv_bin2ascii(l >> 6L); - *(t++) = '='; - } - ret += 4; - f += 3; - } - - *t = '\0'; - return (ret); -} -LCRYPTO_ALIAS(EVP_EncodeBlock); - -void -EVP_DecodeInit(EVP_ENCODE_CTX *ctx) -{ - ctx->num = 0; - ctx->length = 0; - ctx->line_num = 0; - ctx->expect_nl = 0; -} -LCRYPTO_ALIAS(EVP_DecodeInit); - -int -EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, - const unsigned char *in, int inl) -{ - int seof = 0, eof = 0, rv = -1, ret = 0, i, v, tmp, n, decoded_len; - unsigned char *d; - - n = ctx->num; - d = ctx->enc_data; - - if (n > 0 && d[n - 1] == '=') { - eof++; - if (n > 1 && d[n - 2] == '=') - eof++; - } - - /* Legacy behaviour: an empty input chunk signals end of input. */ - if (inl == 0) { - rv = 0; - goto end; - } - - for (i = 0; i < inl; i++) { - tmp = *(in++); - v = conv_ascii2bin(tmp); - if (v == B64_ERROR) { - rv = -1; - goto end; - } - - if (tmp == '=') { - eof++; - } else if (eof > 0 && B64_BASE64(v)) { - /* More data after padding. */ - rv = -1; - goto end; - } - - if (eof > 2) { - rv = -1; - goto end; - } - - if (v == B64_EOF) { - seof = 1; - goto tail; - } - - /* Only save valid base64 characters. */ - if (B64_BASE64(v)) { - if (n >= 64) { - /* - * We increment n once per loop, and empty the - * buffer as soon as we reach 64 characters, so - * this can only happen if someone's manually - * messed with the ctx. Refuse to write any - * more data. - */ - rv = -1; - goto end; - } - OPENSSL_assert(n < (int)sizeof(ctx->enc_data)); - d[n++] = tmp; - } - - if (n == 64) { - decoded_len = EVP_DecodeBlock(out, d, n); - n = 0; - if (decoded_len < 0 || eof > decoded_len) { - rv = -1; - goto end; - } - ret += decoded_len - eof; - out += decoded_len - eof; - } - } - - /* - * Legacy behaviour: if the current line is a full base64-block (i.e., - * has 0 mod 4 base64 characters), it is processed immediately. We keep - * this behaviour as applications may not be calling EVP_DecodeFinal - * properly. - */ - tail: - if (n > 0) { - if ((n & 3) == 0) { - decoded_len = EVP_DecodeBlock(out, d, n); - n = 0; - if (decoded_len < 0 || eof > decoded_len) { - rv = -1; - goto end; - } - ret += (decoded_len - eof); - } else if (seof) { - /* EOF in the middle of a base64 block. */ - rv = -1; - goto end; - } - } - - rv = seof || (n == 0 && eof) ? 0 : 1; - end: - /* Legacy behaviour. This should probably rather be zeroed on error. */ - *outl = ret; - ctx->num = n; - return (rv); -} -LCRYPTO_ALIAS(EVP_DecodeUpdate); - -int -EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n) -{ - int i, ret = 0, a, b, c, d; - unsigned long l; - - /* trim white space from the start of the line. */ - while ((conv_ascii2bin(*f) == B64_WS) && (n > 0)) { - f++; - n--; - } - - /* strip off stuff at the end of the line - * ascii2bin values B64_WS, B64_EOLN, B64_EOLN and B64_EOF */ - while ((n > 3) && (B64_NOT_BASE64(conv_ascii2bin(f[n - 1])))) - n--; - - if (n % 4 != 0) - return (-1); - - for (i = 0; i < n; i += 4) { - a = conv_ascii2bin(*(f++)); - b = conv_ascii2bin(*(f++)); - c = conv_ascii2bin(*(f++)); - d = conv_ascii2bin(*(f++)); - if ((a & 0x80) || (b & 0x80) || - (c & 0x80) || (d & 0x80)) - return (-1); - l = ((((unsigned long)a) << 18L) | - (((unsigned long)b) << 12L) | - (((unsigned long)c) << 6L) | - (((unsigned long)d))); - *(t++) = (unsigned char)(l >> 16L) & 0xff; - *(t++) = (unsigned char)(l >> 8L) & 0xff; - *(t++) = (unsigned char)(l) & 0xff; - ret += 3; - } - return (ret); -} -LCRYPTO_ALIAS(EVP_DecodeBlock); - -int -EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl) -{ - int i; - - *outl = 0; - if (ctx->num != 0) { - i = EVP_DecodeBlock(out, ctx->enc_data, ctx->num); - if (i < 0) - return (-1); - ctx->num = 0; - *outl = i; - return (1); - } else - return (1); -} -LCRYPTO_ALIAS(EVP_DecodeFinal); diff --git a/src/lib/libcrypto/evp/evp_err.c b/src/lib/libcrypto/evp/evp_err.c deleted file mode 100644 index a41339c775..0000000000 --- a/src/lib/libcrypto/evp/evp_err.c +++ /dev/null @@ -1,169 +0,0 @@ -/* $OpenBSD: evp_err.c,v 1.34 2024/06/24 06:43:22 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include - -#include "err_local.h" - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_EVP,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_EVP,0,reason) - -static const ERR_STRING_DATA EVP_str_functs[] = { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static const ERR_STRING_DATA EVP_str_reasons[] = { - {ERR_REASON(EVP_R_AES_IV_SETUP_FAILED) , "aes iv setup failed"}, - {ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED) , "aes key setup failed"}, - {ERR_REASON(EVP_R_ASN1_LIB) , "asn1 lib"}, - {ERR_REASON(EVP_R_BAD_BLOCK_LENGTH) , "bad block length"}, - {ERR_REASON(EVP_R_BAD_DECRYPT) , "bad decrypt"}, - {ERR_REASON(EVP_R_BAD_KEY_LENGTH) , "bad key length"}, - {ERR_REASON(EVP_R_BN_DECODE_ERROR) , "bn decode error"}, - {ERR_REASON(EVP_R_BN_PUBKEY_ERROR) , "bn pubkey error"}, - {ERR_REASON(EVP_R_BUFFER_TOO_SMALL) , "buffer too small"}, - {ERR_REASON(EVP_R_CAMELLIA_KEY_SETUP_FAILED), "camellia key setup failed"}, - {ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR), "cipher parameter error"}, - {ERR_REASON(EVP_R_COMMAND_NOT_SUPPORTED) , "command not supported"}, - {ERR_REASON(EVP_R_CTRL_NOT_IMPLEMENTED) , "ctrl not implemented"}, - {ERR_REASON(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED), "ctrl operation not implemented"}, - {ERR_REASON(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH), "data not multiple of block length"}, - {ERR_REASON(EVP_R_DECODE_ERROR) , "decode error"}, - {ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES) , "different key types"}, - {ERR_REASON(EVP_R_DIFFERENT_PARAMETERS) , "different parameters"}, - {ERR_REASON(EVP_R_DISABLED_FOR_FIPS) , "disabled for fips"}, - {ERR_REASON(EVP_R_ENCODE_ERROR) , "encode error"}, - {ERR_REASON(EVP_R_ERROR_LOADING_SECTION) , "error loading section"}, - {ERR_REASON(EVP_R_ERROR_SETTING_FIPS_MODE), "error setting fips mode"}, - {ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR), "evp pbe cipherinit error"}, - {ERR_REASON(EVP_R_EXPECTING_AN_HMAC_KEY), "expecting an hmac key"}, - {ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) , "expecting an rsa key"}, - {ERR_REASON(EVP_R_EXPECTING_A_DH_KEY) , "expecting a dh key"}, - {ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY) , "expecting a dsa key"}, - {ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY) , "expecting a ecdsa key"}, - {ERR_REASON(EVP_R_EXPECTING_A_EC_KEY) , "expecting a ec key"}, - {ERR_REASON(EVP_R_FIPS_MODE_NOT_SUPPORTED), "fips mode not supported"}, - {ERR_REASON(EVP_R_GET_RAW_KEY_FAILED) , "get raw key failed"}, - {ERR_REASON(EVP_R_INITIALIZATION_ERROR) , "initialization error"}, - {ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED) , "input not initialized"}, - {ERR_REASON(EVP_R_INVALID_DIGEST) , "invalid digest"}, - {ERR_REASON(EVP_R_INVALID_FIPS_MODE) , "invalid fips mode"}, - {ERR_REASON(EVP_R_INVALID_IV_LENGTH) , "invalid iv length"}, - {ERR_REASON(EVP_R_INVALID_KEY_LENGTH) , "invalid key length"}, - {ERR_REASON(EVP_R_INVALID_OPERATION) , "invalid operation"}, - {ERR_REASON(EVP_R_IV_TOO_LARGE) , "iv too large"}, - {ERR_REASON(EVP_R_KEYGEN_FAILURE) , "keygen failure"}, - {ERR_REASON(EVP_R_KEY_SETUP_FAILED) , "key setup failed"}, - {ERR_REASON(EVP_R_MESSAGE_DIGEST_IS_NULL), "message digest is null"}, - {ERR_REASON(EVP_R_METHOD_NOT_SUPPORTED) , "method not supported"}, - {ERR_REASON(EVP_R_MISSING_PARAMETERS) , "missing parameters"}, - {ERR_REASON(EVP_R_NO_CIPHER_SET) , "no cipher set"}, - {ERR_REASON(EVP_R_NO_DEFAULT_DIGEST) , "no default digest"}, - {ERR_REASON(EVP_R_NO_DIGEST_SET) , "no digest set"}, - {ERR_REASON(EVP_R_NO_DSA_PARAMETERS) , "no dsa parameters"}, - {ERR_REASON(EVP_R_NO_KEY_SET) , "no key set"}, - {ERR_REASON(EVP_R_NO_OPERATION_SET) , "no operation set"}, - {ERR_REASON(EVP_R_NO_SIGN_FUNCTION_CONFIGURED), "no sign function configured"}, - {ERR_REASON(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED), "no verify function configured"}, - {ERR_REASON(EVP_R_ONLY_ONESHOT_SUPPORTED), "only oneshot supported"}, - {ERR_REASON(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE), "operation not supported for this keytype"}, - {ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED), "operaton not initialized"}, - {ERR_REASON(EVP_R_OUTPUT_ALIASES_INPUT) , "output aliases input"}, - {ERR_REASON(EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE), "pkcs8 unknown broken type"}, - {ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR), "private key decode error"}, - {ERR_REASON(EVP_R_PRIVATE_KEY_ENCODE_ERROR), "private key encode error"}, - {ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA) , "public key not rsa"}, - {ERR_REASON(EVP_R_TAG_TOO_LARGE) , "tag too large"}, - {ERR_REASON(EVP_R_TOO_LARGE) , "too large"}, - {ERR_REASON(EVP_R_UNKNOWN_CIPHER) , "unknown cipher"}, - {ERR_REASON(EVP_R_UNKNOWN_DIGEST) , "unknown digest"}, - {ERR_REASON(EVP_R_UNKNOWN_OPTION) , "unknown option"}, - {ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM) , "unknown pbe algorithm"}, - {ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS), "unsuported number of rounds"}, - {ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM) , "unsupported algorithm"}, - {ERR_REASON(EVP_R_UNSUPPORTED_CIPHER) , "unsupported cipher"}, - {ERR_REASON(EVP_R_UNSUPPORTED_KEYLENGTH) , "unsupported keylength"}, - {ERR_REASON(EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION), "unsupported key derivation function"}, - {ERR_REASON(EVP_R_UNSUPPORTED_KEY_SIZE) , "unsupported key size"}, - {ERR_REASON(EVP_R_UNSUPPORTED_PRF) , "unsupported prf"}, - {ERR_REASON(EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM), "unsupported private key algorithm"}, - {ERR_REASON(EVP_R_UNSUPPORTED_SALT_TYPE) , "unsupported salt type"}, - {ERR_REASON(EVP_R_WRAP_MODE_NOT_ALLOWED), "wrap mode not allowed"}, - {ERR_REASON(EVP_R_WRONG_FINAL_BLOCK_LENGTH), "wrong final block length"}, - {ERR_REASON(EVP_R_WRONG_PUBLIC_KEY_TYPE) , "wrong public key type"}, - {0, NULL} -}; - -#endif - -void -ERR_load_EVP_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(EVP_str_functs[0].error) == NULL) { - ERR_load_const_strings(EVP_str_functs); - ERR_load_const_strings(EVP_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_EVP_strings); diff --git a/src/lib/libcrypto/evp/evp_key.c b/src/lib/libcrypto/evp/evp_key.c deleted file mode 100644 index e7c7ec3294..0000000000 --- a/src/lib/libcrypto/evp/evp_key.c +++ /dev/null @@ -1,223 +0,0 @@ -/* $OpenBSD: evp_key.c,v 1.36 2024/04/09 13:52:41 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include -#include -#include -#include -#include - -#include "evp_local.h" - -/* should be init to zeros. */ -static char prompt_string[80]; - -void -EVP_set_pw_prompt(const char *prompt) -{ - if (prompt == NULL) - prompt_string[0] = '\0'; - else - strlcpy(prompt_string, prompt, sizeof(prompt_string)); -} -LCRYPTO_ALIAS(EVP_set_pw_prompt); - -char * -EVP_get_pw_prompt(void) -{ - if (prompt_string[0] == '\0') - return NULL; - - return prompt_string; -} -LCRYPTO_ALIAS(EVP_get_pw_prompt); - -int -EVP_read_pw_string(char *buf, int len, const char *prompt, int verify) -{ - return EVP_read_pw_string_min(buf, 0, len, prompt, verify); -} -LCRYPTO_ALIAS(EVP_read_pw_string); - -int -EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt, - int verify) -{ - UI *ui = NULL; - char buff[BUFSIZ]; - int ret = -1; - - if (len > BUFSIZ) - len = BUFSIZ; - /* Ensure that 0 <= min <= len - 1. In particular, 1 <= len. */ - if (min < 0 || len - 1 < min) - goto err; - - if (prompt == NULL && prompt_string[0] != '\0') - prompt = prompt_string; - - if ((ui = UI_new()) == NULL) - goto err; - if (UI_add_input_string(ui, prompt, 0, buf, min, len - 1) < 0) - goto err; - if (verify) { - if (UI_add_verify_string(ui, prompt, 0, buff, min, len - 1, - buf) < 0) - goto err; - } - - ret = UI_process(ui); - - err: - UI_free(ui); - explicit_bzero(buff, BUFSIZ); - - return ret; -} -LCRYPTO_ALIAS(EVP_read_pw_string_min); - -int -EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, - const unsigned char *salt, const unsigned char *data, int datal, - int count, unsigned char *key, unsigned char *iv) -{ - EVP_MD_CTX *md_ctx; - unsigned char md_buf[EVP_MAX_MD_SIZE]; - int niv, nkey, addmd = 0; - unsigned int mds = 0, i; - int rv = 0; - - nkey = type->key_len; - niv = type->iv_len; - - if ((size_t)nkey > EVP_MAX_KEY_LENGTH) { - EVPerror(EVP_R_BAD_KEY_LENGTH); - return 0; - } - if ((size_t)niv > EVP_MAX_IV_LENGTH) { - EVPerror(EVP_R_IV_TOO_LARGE); - return 0; - } - - if (data == NULL) - return nkey; - - if ((md_ctx = EVP_MD_CTX_new()) == NULL) - goto err; - - for (;;) { - if (!EVP_DigestInit_ex(md_ctx, md, NULL)) - goto err; - if (addmd++) - if (!EVP_DigestUpdate(md_ctx, &(md_buf[0]), mds)) - goto err; - if (!EVP_DigestUpdate(md_ctx, data, datal)) - goto err; - if (salt != NULL) - if (!EVP_DigestUpdate(md_ctx, salt, PKCS5_SALT_LEN)) - goto err; - if (!EVP_DigestFinal_ex(md_ctx, &(md_buf[0]), &mds)) - goto err; - - for (i = 1; i < (unsigned int)count; i++) { - if (!EVP_DigestInit_ex(md_ctx, md, NULL)) - goto err; - if (!EVP_DigestUpdate(md_ctx, &(md_buf[0]), mds)) - goto err; - if (!EVP_DigestFinal_ex(md_ctx, &(md_buf[0]), &mds)) - goto err; - } - i = 0; - if (nkey) { - for (;;) { - if (nkey == 0) - break; - if (i == mds) - break; - if (key != NULL) - *(key++) = md_buf[i]; - nkey--; - i++; - } - } - if (niv && (i != mds)) { - for (;;) { - if (niv == 0) - break; - if (i == mds) - break; - if (iv != NULL) - *(iv++) = md_buf[i]; - niv--; - i++; - } - } - if ((nkey == 0) && (niv == 0)) - break; - } - rv = type->key_len; - -err: - EVP_MD_CTX_free(md_ctx); - explicit_bzero(md_buf, sizeof md_buf); - return rv; -} -LCRYPTO_ALIAS(EVP_BytesToKey); diff --git a/src/lib/libcrypto/evp/evp_local.h b/src/lib/libcrypto/evp/evp_local.h deleted file mode 100644 index 54cd65d0af..0000000000 --- a/src/lib/libcrypto/evp/evp_local.h +++ /dev/null @@ -1,373 +0,0 @@ -/* $OpenBSD: evp_local.h,v 1.25 2024/08/29 16:58:19 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_EVP_LOCAL_H -#define HEADER_EVP_LOCAL_H - -__BEGIN_HIDDEN_DECLS - -/* XXX - move these to evp.h after unlock. */ -#define EVP_CTRL_GET_IVLEN 0x25 -#define EVP_CIPH_FLAG_CUSTOM_IV_LENGTH 0x400000 - -#define EVP_CTRL_AEAD_GET_IVLEN EVP_CTRL_GET_IVLEN - -/* - * Don't free md_ctx->pctx in EVP_MD_CTX_cleanup(). Needed for ownership - * handling in EVP_MD_CTX_set_pkey_ctx(). - */ -#define EVP_MD_CTX_FLAG_KEEP_PKEY_CTX 0x0400 - -typedef int evp_sign_method(int type, const unsigned char *m, - unsigned int m_length, unsigned char *sigret, unsigned int *siglen, - void *key); -typedef int evp_verify_method(int type, const unsigned char *m, - unsigned int m_length, const unsigned char *sigbuf, unsigned int siglen, - void *key); - -struct ecx_key_st { - int nid; - int key_len; - uint8_t *priv_key; - size_t priv_key_len; - uint8_t *pub_key; - size_t pub_key_len; -}; - -struct evp_pkey_asn1_method_st { - const EVP_PKEY_ASN1_METHOD *base_method; - int pkey_id; - unsigned long pkey_flags; - - char *pem_str; - char *info; - - int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub); - int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk); - int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b); - int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx); - - int (*priv_decode)(EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf); - int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk); - int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx); - - int (*pkey_size)(const EVP_PKEY *pk); - int (*pkey_bits)(const EVP_PKEY *pk); - int (*pkey_security_bits)(const EVP_PKEY *pk); - - int (*signature_info)(const X509_ALGOR *sig_alg, int *out_md_nid, - int *out_pkey_nid, int *out_security_bits, uint32_t *out_flags); - - int (*param_decode)(EVP_PKEY *pkey, const unsigned char **pder, - int derlen); - int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder); - int (*param_missing)(const EVP_PKEY *pk); - int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from); - int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b); - int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx); - int (*sig_print)(BIO *out, const X509_ALGOR *sigalg, - const ASN1_STRING *sig, int indent, ASN1_PCTX *pctx); - - void (*pkey_free)(EVP_PKEY *pkey); - int (*pkey_ctrl)(EVP_PKEY *pkey, int op, long arg1, void *arg2); - - /* Legacy functions for old PEM */ - - int (*old_priv_decode)(EVP_PKEY *pkey, const unsigned char **pder, - int derlen); - int (*old_priv_encode)(const EVP_PKEY *pkey, unsigned char **pder); - /* Custom ASN1 signature verification */ - int (*item_verify)(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn, - X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey); - int (*item_sign)(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn, - X509_ALGOR *alg1, X509_ALGOR *alg2, ASN1_BIT_STRING *sig); - - int (*set_priv_key)(EVP_PKEY *pk, const unsigned char *private_key, - size_t len); - int (*set_pub_key)(EVP_PKEY *pk, const unsigned char *public_key, - size_t len); - int (*get_priv_key)(const EVP_PKEY *pk, unsigned char *out_private_key, - size_t *out_len); - int (*get_pub_key)(const EVP_PKEY *pk, unsigned char *out_public_key, - size_t *out_len); -} /* EVP_PKEY_ASN1_METHOD */; - -/* Type needs to be a bit field - * Sub-type needs to be for variations on the method, as in, can it do - * arbitrary encryption.... */ -struct evp_pkey_st { - int type; - int references; - const EVP_PKEY_ASN1_METHOD *ameth; - union { - void *ptr; -#ifndef OPENSSL_NO_RSA - struct rsa_st *rsa; /* RSA */ -#endif -#ifndef OPENSSL_NO_DSA - struct dsa_st *dsa; /* DSA */ -#endif -#ifndef OPENSSL_NO_DH - struct dh_st *dh; /* DH */ -#endif -#ifndef OPENSSL_NO_EC - struct ec_key_st *ec; /* ECC */ - struct ecx_key_st *ecx; /* ECX */ -#endif - } pkey; - int save_parameters; -} /* EVP_PKEY */; - -struct evp_md_st { - int type; - int pkey_type; - int md_size; - unsigned long flags; - int (*init)(EVP_MD_CTX *ctx); - int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count); - int (*final)(EVP_MD_CTX *ctx, unsigned char *md); - int (*copy)(EVP_MD_CTX *to, const EVP_MD_CTX *from); - int (*cleanup)(EVP_MD_CTX *ctx); - - int block_size; - int ctx_size; /* how big does the ctx->md_data need to be */ - /* control function */ - int (*md_ctrl)(EVP_MD_CTX *ctx, int cmd, int p1, void *p2); -} /* EVP_MD */; - -struct evp_md_ctx_st { - const EVP_MD *digest; - unsigned long flags; - void *md_data; - /* Public key context for sign/verify */ - EVP_PKEY_CTX *pctx; - /* Update function: usually copied from EVP_MD */ - int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count); -} /* EVP_MD_CTX */; - -struct evp_cipher_st { - int nid; - int block_size; - int key_len; /* Default value for variable length ciphers */ - int iv_len; - unsigned long flags; /* Various flags */ - int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); /* init key */ - int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl);/* encrypt/decrypt data */ - int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */ - int ctx_size; /* how big ctx->cipher_data needs to be */ - int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */ - int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */ - int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); /* Miscellaneous operations */ -} /* EVP_CIPHER */; - -struct evp_cipher_ctx_st { - const EVP_CIPHER *cipher; - int encrypt; /* encrypt or decrypt */ - int partial_len; /* number of bytes written to buf */ - - unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */ - unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */ - unsigned char buf[EVP_MAX_BLOCK_LENGTH];/* saved partial block */ - int num; /* used by cfb/ofb/ctr mode */ - - void *app_data; /* application stuff */ - int key_len; /* May change for variable length cipher */ - unsigned long flags; /* Various flags */ - void *cipher_data; /* per EVP data */ - int final_used; - unsigned char final[EVP_MAX_BLOCK_LENGTH];/* possible final block */ -} /* EVP_CIPHER_CTX */; - -struct evp_Encode_Ctx_st { - - int num; /* number saved in a partial encode/decode */ - int length; /* The length is either the output line length - * (in input bytes) or the shortest input line - * length that is ok. Once decoding begins, - * the length is adjusted up each time a longer - * line is decoded */ - unsigned char enc_data[80]; /* data to encode */ - int line_num; /* number read on current line */ - int expect_nl; -} /* EVP_ENCODE_CTX */; - -#define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2)) - -struct evp_pkey_ctx_st { - /* Method associated with this operation */ - const EVP_PKEY_METHOD *pmeth; - /* Key: may be NULL */ - EVP_PKEY *pkey; - /* Peer key for key agreement, may be NULL */ - EVP_PKEY *peerkey; - /* Actual operation */ - int operation; - /* Algorithm specific data */ - void *data; - /* Application specific data */ - void *app_data; - /* Keygen callback */ - EVP_PKEY_gen_cb *pkey_gencb; - /* implementation specific keygen data */ - int *keygen_info; - int keygen_info_count; -} /* EVP_PKEY_CTX */; - -struct evp_pkey_method_st { - int pkey_id; - int flags; - - int (*init)(EVP_PKEY_CTX *ctx); - int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src); - void (*cleanup)(EVP_PKEY_CTX *ctx); - - int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); - - int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); - - int (*sign_init)(EVP_PKEY_CTX *ctx); - int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbslen); - - int (*verify_init)(EVP_PKEY_CTX *ctx); - int (*verify)(EVP_PKEY_CTX *ctx, - const unsigned char *sig, size_t siglen, - const unsigned char *tbs, size_t tbslen); - - int (*verify_recover)(EVP_PKEY_CTX *ctx, - unsigned char *rout, size_t *routlen, - const unsigned char *sig, size_t siglen); - - int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); - int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - EVP_MD_CTX *mctx); - - int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen); - - int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen); - - int (*derive_init)(EVP_PKEY_CTX *ctx); - int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); - - int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2); - int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value); - - int (*digestsign)(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbslen); - int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig, - size_t siglen, const unsigned char *tbs, size_t tbslen); -} /* EVP_PKEY_METHOD */; - -void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx); - -/* EVP_AEAD represents a specific AEAD algorithm. */ -struct evp_aead_st { - unsigned char key_len; - unsigned char nonce_len; - unsigned char overhead; - unsigned char max_tag_len; - - int (*init)(struct evp_aead_ctx_st*, const unsigned char *key, - size_t key_len, size_t tag_len); - void (*cleanup)(struct evp_aead_ctx_st*); - - int (*seal)(const struct evp_aead_ctx_st *ctx, unsigned char *out, - size_t *out_len, size_t max_out_len, const unsigned char *nonce, - size_t nonce_len, const unsigned char *in, size_t in_len, - const unsigned char *ad, size_t ad_len); - - int (*open)(const struct evp_aead_ctx_st *ctx, unsigned char *out, - size_t *out_len, size_t max_out_len, const unsigned char *nonce, - size_t nonce_len, const unsigned char *in, size_t in_len, - const unsigned char *ad, size_t ad_len); -}; - -/* An EVP_AEAD_CTX represents an AEAD algorithm configured with a specific key - * and message-independent IV. */ -struct evp_aead_ctx_st { - const EVP_AEAD *aead; - /* aead_state is an opaque pointer to the AEAD specific state. */ - void *aead_state; -}; - -/* Legacy EVP_CIPHER methods used by CMS and its predecessors. */ -int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *cipher, ASN1_TYPE *type); -int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *cipher, ASN1_TYPE *type); -int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *cipher, ASN1_TYPE *type); -int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *cipher, ASN1_TYPE *type); - -int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen, - ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de); - -int EVP_PKEY_CTX_str2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *str); -int EVP_PKEY_CTX_hex2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *hex); -int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md_name); - -void EVP_CIPHER_CTX_legacy_clear(EVP_CIPHER_CTX *ctx); -void EVP_MD_CTX_legacy_clear(EVP_MD_CTX *ctx); - -__END_HIDDEN_DECLS - -#endif /* !HEADER_EVP_LOCAL_H */ diff --git a/src/lib/libcrypto/evp/evp_names.c b/src/lib/libcrypto/evp/evp_names.c deleted file mode 100644 index 817d33602c..0000000000 --- a/src/lib/libcrypto/evp/evp_names.c +++ /dev/null @@ -1,1691 +0,0 @@ -/* $OpenBSD: evp_names.c,v 1.18 2024/08/31 10:38:49 tb Exp $ */ -/* - * Copyright (c) 2023 Theo Buehler - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include -#include - -#include -#include - -/* - * In the following two structs, .name is the lookup name that is used - * for EVP_get_cipherbyname() and EVP_get_digestbyname(), while .alias - * keeps track of the aliased name. - */ - -struct cipher_name { - const char *name; - const EVP_CIPHER *(*cipher)(void); - const char *alias; -}; - -struct digest_name { - const char *name; - const EVP_MD *(*digest)(void); - const char *alias; -}; - -/* - * Keep this table alphabetically sorted by increasing .name. - * regress/lib/libcrypto/evp/evp_test.c checks that. - */ - -static const struct cipher_name cipher_names[] = { - { - .name = SN_aes_128_cbc, - .cipher = EVP_aes_128_cbc, - }, - { - .name = SN_aes_128_cfb128, - .cipher = EVP_aes_128_cfb128, - }, - { - .name = SN_aes_128_cfb1, - .cipher = EVP_aes_128_cfb1, - }, - { - .name = SN_aes_128_cfb8, - .cipher = EVP_aes_128_cfb8, - }, - { - .name = SN_aes_128_ctr, - .cipher = EVP_aes_128_ctr, - }, - { - .name = SN_aes_128_ecb, - .cipher = EVP_aes_128_ecb, - }, - { - .name = SN_aes_128_ofb128, - .cipher = EVP_aes_128_ofb, - }, - { - .name = SN_aes_128_xts, - .cipher = EVP_aes_128_xts, - }, - - { - .name = SN_aes_192_cbc, - .cipher = EVP_aes_192_cbc, - }, - { - .name = SN_aes_192_cfb128, - .cipher = EVP_aes_192_cfb128, - }, - { - .name = SN_aes_192_cfb1, - .cipher = EVP_aes_192_cfb1, - }, - { - .name = SN_aes_192_cfb8, - .cipher = EVP_aes_192_cfb8, - }, - { - .name = SN_aes_192_ctr, - .cipher = EVP_aes_192_ctr, - }, - { - .name = SN_aes_192_ecb, - .cipher = EVP_aes_192_ecb, - }, - { - .name = SN_aes_192_ofb128, - .cipher = EVP_aes_192_ofb, - }, - - { - .name = SN_aes_256_cbc, - .cipher = EVP_aes_256_cbc, - }, - { - .name = SN_aes_256_cfb128, - .cipher = EVP_aes_256_cfb128, - }, - { - .name = SN_aes_256_cfb1, - .cipher = EVP_aes_256_cfb1, - }, - { - .name = SN_aes_256_cfb8, - .cipher = EVP_aes_256_cfb8, - }, - { - .name = SN_aes_256_ctr, - .cipher = EVP_aes_256_ctr, - }, - { - .name = SN_aes_256_ecb, - .cipher = EVP_aes_256_ecb, - }, - { - .name = SN_aes_256_ofb128, - .cipher = EVP_aes_256_ofb, - }, - { - .name = SN_aes_256_xts, - .cipher = EVP_aes_256_xts, - }, - - { - .name = "AES128", - .cipher = EVP_aes_128_cbc, - .alias = SN_aes_128_cbc, - }, - { - .name = "AES192", - .cipher = EVP_aes_192_cbc, - .alias = SN_aes_192_cbc, - }, - { - .name = "AES256", - .cipher = EVP_aes_256_cbc, - .alias = SN_aes_256_cbc, - }, - - { - .name = "BF", - .cipher = EVP_bf_cbc, - .alias = SN_bf_cbc, - }, - - { - .name = SN_bf_cbc, - .cipher = EVP_bf_cbc, - }, - { - .name = SN_bf_cfb64, - .cipher = EVP_bf_cfb64, - }, - { - .name = SN_bf_ecb, - .cipher = EVP_bf_ecb, - }, - { - .name = SN_bf_ofb64, - .cipher = EVP_bf_ofb, - }, - - { - .name = SN_camellia_128_cbc, - .cipher = EVP_camellia_128_cbc, - }, - { - .name = SN_camellia_128_cfb128, - .cipher = EVP_camellia_128_cfb128, - }, - { - .name = SN_camellia_128_cfb1, - .cipher = EVP_camellia_128_cfb1, - }, - { - .name = SN_camellia_128_cfb8, - .cipher = EVP_camellia_128_cfb8, - }, - { - .name = SN_camellia_128_ecb, - .cipher = EVP_camellia_128_ecb, - }, - { - .name = SN_camellia_128_ofb128, - .cipher = EVP_camellia_128_ofb, - }, - - { - .name = SN_camellia_192_cbc, - .cipher = EVP_camellia_192_cbc, - }, - { - .name = SN_camellia_192_cfb128, - .cipher = EVP_camellia_192_cfb128, - }, - { - .name = SN_camellia_192_cfb1, - .cipher = EVP_camellia_192_cfb1, - }, - { - .name = SN_camellia_192_cfb8, - .cipher = EVP_camellia_192_cfb8, - }, - { - .name = SN_camellia_192_ecb, - .cipher = EVP_camellia_192_ecb, - }, - { - .name = SN_camellia_192_ofb128, - .cipher = EVP_camellia_192_ofb, - }, - - { - .name = SN_camellia_256_cbc, - .cipher = EVP_camellia_256_cbc, - }, - { - .name = SN_camellia_256_cfb128, - .cipher = EVP_camellia_256_cfb128, - }, - { - .name = SN_camellia_256_cfb1, - .cipher = EVP_camellia_256_cfb1, - }, - { - .name = SN_camellia_256_cfb8, - .cipher = EVP_camellia_256_cfb8, - }, - { - .name = SN_camellia_256_ecb, - .cipher = EVP_camellia_256_ecb, - }, - { - .name = SN_camellia_256_ofb128, - .cipher = EVP_camellia_256_ofb, - }, - - { - .name = "CAMELLIA128", - .cipher = EVP_camellia_128_cbc, - .alias = SN_camellia_128_cbc, - }, - { - .name = "CAMELLIA192", - .cipher = EVP_camellia_192_cbc, - .alias = SN_camellia_192_cbc, - }, - { - .name = "CAMELLIA256", - .cipher = EVP_camellia_256_cbc, - .alias = SN_camellia_256_cbc, - }, - - { - .name = "CAST", - .cipher = EVP_cast5_cbc, - .alias = SN_cast5_cbc, - }, - { - .name = "CAST-cbc", - .cipher = EVP_cast5_cbc, - .alias = SN_cast5_cbc, - }, - - { - .name = SN_cast5_cbc, - .cipher = EVP_cast5_cbc, - }, - { - .name = SN_cast5_cfb64, - .cipher = EVP_cast5_cfb, - }, - { - .name = SN_cast5_ecb, - .cipher = EVP_cast5_ecb, - }, - { - .name = SN_cast5_ofb64, - .cipher = EVP_cast5_ofb, - }, - - { - .name = SN_chacha20, - .cipher = EVP_chacha20, - }, - { - .name = "ChaCha20", - .cipher = EVP_chacha20, - .alias = SN_chacha20, - }, - - { - .name = SN_chacha20_poly1305, - .cipher = EVP_chacha20_poly1305, - }, - - { - .name = "DES", - .cipher = EVP_des_cbc, - .alias = SN_des_cbc, - }, - - { - .name = SN_des_cbc, - .cipher = EVP_des_cbc, - }, - { - .name = SN_des_cfb64, - .cipher = EVP_des_cfb64, - }, - { - .name = SN_des_cfb1, - .cipher = EVP_des_cfb1, - }, - { - .name = SN_des_cfb8, - .cipher = EVP_des_cfb8, - }, - { - .name = SN_des_ecb, - .cipher = EVP_des_ecb, - }, - { - .name = SN_des_ede_ecb, - .cipher = EVP_des_ede, - }, - { - .name = SN_des_ede_cbc, - .cipher = EVP_des_ede_cbc, - }, - { - .name = SN_des_ede_cfb64, - .cipher = EVP_des_ede_cfb64, - }, - { - .name = SN_des_ede_ofb64, - .cipher = EVP_des_ede_ofb, - }, - { - .name = SN_des_ede3_ecb, - .cipher = EVP_des_ede3_ecb, - }, - { - .name = SN_des_ede3_cbc, - .cipher = EVP_des_ede3_cbc, - }, - { - .name = SN_des_ede3_cfb64, - .cipher = EVP_des_ede3_cfb, - }, - { - .name = SN_des_ede3_cfb1, - .cipher = EVP_des_ede3_cfb1, - }, - { - .name = SN_des_ede3_cfb8, - .cipher = EVP_des_ede3_cfb8, - }, - { - .name = SN_des_ede3_ofb64, - .cipher = EVP_des_ede3_ofb, - }, - { - .name = SN_des_ofb64, - .cipher = EVP_des_ofb, - }, - - { - .name = "DES3", - .cipher = EVP_des_ede3_cbc, - .alias = SN_des_ede3_cbc, - }, - - { - .name = "DESX", - .cipher = EVP_desx_cbc, - .alias = SN_desx_cbc, - }, - { - .name = SN_desx_cbc, - .cipher = EVP_desx_cbc, - }, - - { - .name = "IDEA", - .cipher = EVP_idea_cbc, - .alias = SN_idea_cbc, - }, - - { - .name = SN_idea_cbc, - .cipher = EVP_idea_cbc, - }, - { - .name = SN_idea_cfb64, - .cipher = EVP_idea_cfb64, - }, - { - .name = SN_idea_ecb, - .cipher = EVP_idea_ecb, - }, - { - .name = SN_idea_ofb64, - .cipher = EVP_idea_ofb, - }, - - { - .name = "RC2", - .cipher = EVP_rc2_cbc, - .alias = SN_rc2_cbc, - }, - - { - .name = SN_rc2_40_cbc, - .cipher = EVP_rc2_40_cbc, - }, - { - .name = SN_rc2_64_cbc, - .cipher = EVP_rc2_64_cbc, - }, - { - .name = SN_rc2_cbc, - .cipher = EVP_rc2_cbc, - }, - { - .name = SN_rc2_cfb64, - .cipher = EVP_rc2_cfb64, - }, - { - .name = SN_rc2_ecb, - .cipher = EVP_rc2_ecb, - }, - { - .name = SN_rc2_ofb64, - .cipher = EVP_rc2_ofb, - }, - - { - .name = SN_rc4, - .cipher = EVP_rc4, - }, - { - .name = SN_rc4_40, - .cipher = EVP_rc4_40, - }, - - { - .name = "SM4", - .cipher = EVP_sm4_cbc, - .alias = SN_sm4_cbc, - }, - - { - .name = SN_sm4_cbc, - .cipher = EVP_sm4_cbc, - }, - { - .name = SN_sm4_cfb128, - .cipher = EVP_sm4_cfb128, - }, - { - .name = SN_sm4_ctr, - .cipher = EVP_sm4_ctr, - }, - { - .name = SN_sm4_ecb, - .cipher = EVP_sm4_ecb, - }, - { - .name = SN_sm4_ofb128, - .cipher = EVP_sm4_ofb, - }, - - { - .name = LN_aes_128_cbc, - .cipher = EVP_aes_128_cbc, - }, - { - .name = LN_aes_128_ccm, - .cipher = EVP_aes_128_ccm, - }, - { - .name = LN_aes_128_cfb128, - .cipher = EVP_aes_128_cfb128, - }, - { - .name = LN_aes_128_cfb1, - .cipher = EVP_aes_128_cfb1, - }, - { - .name = LN_aes_128_cfb8, - .cipher = EVP_aes_128_cfb8, - }, - { - .name = LN_aes_128_ctr, - .cipher = EVP_aes_128_ctr, - }, - { - .name = LN_aes_128_ecb, - .cipher = EVP_aes_128_ecb, - }, - { - .name = LN_aes_128_gcm, - .cipher = EVP_aes_128_gcm, - }, - { - .name = LN_aes_128_ofb128, - .cipher = EVP_aes_128_ofb, - }, - { - .name = LN_aes_128_xts, - .cipher = EVP_aes_128_xts, - }, - - { - .name = LN_aes_192_cbc, - .cipher = EVP_aes_192_cbc, - }, - { - .name = LN_aes_192_ccm, - .cipher = EVP_aes_192_ccm, - }, - { - .name = LN_aes_192_cfb128, - .cipher = EVP_aes_192_cfb128, - }, - { - .name = LN_aes_192_cfb1, - .cipher = EVP_aes_192_cfb1, - }, - { - .name = LN_aes_192_cfb8, - .cipher = EVP_aes_192_cfb8, - }, - { - .name = LN_aes_192_ctr, - .cipher = EVP_aes_192_ctr, - }, - { - .name = LN_aes_192_ecb, - .cipher = EVP_aes_192_ecb, - }, - { - .name = LN_aes_192_gcm, - .cipher = EVP_aes_192_gcm, - }, - { - .name = LN_aes_192_ofb128, - .cipher = EVP_aes_192_ofb, - }, - - { - .name = LN_aes_256_cbc, - .cipher = EVP_aes_256_cbc, - }, - { - .name = LN_aes_256_ccm, - .cipher = EVP_aes_256_ccm, - }, - { - .name = LN_aes_256_cfb128, - .cipher = EVP_aes_256_cfb128, - }, - { - .name = LN_aes_256_cfb1, - .cipher = EVP_aes_256_cfb1, - }, - { - .name = LN_aes_256_cfb8, - .cipher = EVP_aes_256_cfb8, - }, - { - .name = LN_aes_256_ctr, - .cipher = EVP_aes_256_ctr, - }, - { - .name = LN_aes_256_ecb, - .cipher = EVP_aes_256_ecb, - }, - { - .name = LN_aes_256_gcm, - .cipher = EVP_aes_256_gcm, - }, - { - .name = LN_aes_256_ofb128, - .cipher = EVP_aes_256_ofb, - }, - { - .name = LN_aes_256_xts, - .cipher = EVP_aes_256_xts, - }, - - { - .name = "aes128", - .cipher = EVP_aes_128_cbc, - .alias = SN_aes_128_cbc, - }, - { - .name = "aes192", - .cipher = EVP_aes_192_cbc, - .alias = SN_aes_192_cbc, - }, - { - .name = "aes256", - .cipher = EVP_aes_256_cbc, - .alias = SN_aes_256_cbc, - }, - - { - .name = "bf", - .cipher = EVP_bf_cbc, - .alias = SN_bf_cbc, - }, - - { - .name = LN_bf_cbc, - .cipher = EVP_bf_cbc, - }, - { - .name = LN_bf_cfb64, - .cipher = EVP_bf_cfb64, - }, - { - .name = LN_bf_ecb, - .cipher = EVP_bf_ecb, - }, - { - .name = LN_bf_ofb64, - .cipher = EVP_bf_ofb, - }, - - { - .name = "blowfish", - .cipher = EVP_bf_cbc, - .alias = SN_bf_cbc, - }, - - { - .name = LN_camellia_128_cbc, - .cipher = EVP_camellia_128_cbc, - }, - { - .name = LN_camellia_128_cfb128, - .cipher = EVP_camellia_128_cfb128, - }, - { - .name = LN_camellia_128_cfb1, - .cipher = EVP_camellia_128_cfb1, - }, - { - .name = LN_camellia_128_cfb8, - .cipher = EVP_camellia_128_cfb8, - }, - { - .name = LN_camellia_128_ecb, - .cipher = EVP_camellia_128_ecb, - }, - { - .name = LN_camellia_128_ofb128, - .cipher = EVP_camellia_128_ofb, - }, - - { - .name = LN_camellia_192_cbc, - .cipher = EVP_camellia_192_cbc, - }, - { - .name = LN_camellia_192_cfb128, - .cipher = EVP_camellia_192_cfb128, - }, - { - .name = LN_camellia_192_cfb1, - .cipher = EVP_camellia_192_cfb1, - }, - { - .name = LN_camellia_192_cfb8, - .cipher = EVP_camellia_192_cfb8, - }, - { - .name = LN_camellia_192_ecb, - .cipher = EVP_camellia_192_ecb, - }, - { - .name = LN_camellia_192_ofb128, - .cipher = EVP_camellia_192_ofb, - }, - - { - .name = LN_camellia_256_cbc, - .cipher = EVP_camellia_256_cbc, - }, - { - .name = LN_camellia_256_cfb128, - .cipher = EVP_camellia_256_cfb128, - }, - { - .name = LN_camellia_256_cfb1, - .cipher = EVP_camellia_256_cfb1, - }, - { - .name = LN_camellia_256_cfb8, - .cipher = EVP_camellia_256_cfb8, - }, - { - .name = LN_camellia_256_ecb, - .cipher = EVP_camellia_256_ecb, - }, - { - .name = LN_camellia_256_ofb128, - .cipher = EVP_camellia_256_ofb, - }, - - { - .name = "camellia128", - .cipher = EVP_camellia_128_cbc, - .alias = SN_camellia_128_cbc, - }, - { - .name = "camellia192", - .cipher = EVP_camellia_192_cbc, - .alias = SN_camellia_192_cbc, - }, - { - .name = "camellia256", - .cipher = EVP_camellia_256_cbc, - .alias = SN_camellia_256_cbc, - }, - - { - .name = "cast", - .cipher = EVP_cast5_cbc, - .alias = SN_cast5_cbc, - }, - { - .name = "cast-cbc", - .cipher = EVP_cast5_cbc, - .alias = SN_cast5_cbc, - }, - - { - .name = LN_cast5_cbc, - .cipher = EVP_cast5_cbc, - }, - { - .name = LN_cast5_cfb64, - .cipher = EVP_cast5_cfb, - }, - { - .name = LN_cast5_ecb, - .cipher = EVP_cast5_ecb, - }, - { - .name = LN_cast5_ofb64, - .cipher = EVP_cast5_ofb, - }, - - { - .name = LN_chacha20, - .cipher = EVP_chacha20, - }, - { - .name = "chacha20", - .cipher = EVP_chacha20, - .alias = LN_chacha20, - }, - - { - .name = LN_chacha20_poly1305, - .cipher = EVP_chacha20_poly1305, - }, - - { - .name = "des", - .cipher = EVP_des_cbc, - .alias = SN_des_cbc, - }, - - { - .name = LN_des_cbc, - .cipher = EVP_des_cbc, - }, - { - .name = LN_des_cfb64, - .cipher = EVP_des_cfb64, - }, - { - .name = LN_des_cfb1, - .cipher = EVP_des_cfb1, - }, - { - .name = LN_des_cfb8, - .cipher = EVP_des_cfb8, - }, - { - .name = LN_des_ecb, - .cipher = EVP_des_ecb, - }, - { - .name = LN_des_ede_ecb, - .cipher = EVP_des_ede, - }, - { - .name = LN_des_ede_cbc, - .cipher = EVP_des_ede_cbc, - }, - { - .name = LN_des_ede_cfb64, - .cipher = EVP_des_ede_cfb64, - }, - { - .name = LN_des_ede_ofb64, - .cipher = EVP_des_ede_ofb, - }, - { - .name = LN_des_ede3_ecb, - .cipher = EVP_des_ede3_ecb, - }, - { - .name = LN_des_ede3_cbc, - .cipher = EVP_des_ede3_cbc, - }, - { - .name = LN_des_ede3_cfb64, - .cipher = EVP_des_ede3_cfb, - }, - { - .name = LN_des_ede3_cfb1, - .cipher = EVP_des_ede3_cfb1, - }, - { - .name = LN_des_ede3_cfb8, - .cipher = EVP_des_ede3_cfb8, - }, - { - .name = LN_des_ede3_ofb64, - .cipher = EVP_des_ede3_ofb, - }, - { - .name = LN_des_ofb64, - .cipher = EVP_des_ofb, - }, - - { - .name = "des3", - .cipher = EVP_des_ede3_cbc, - .alias = SN_des_ede3_cbc, - }, - - { - .name = "desx", - .cipher = EVP_desx_cbc, - .alias = SN_desx_cbc, - }, - { - .name = LN_desx_cbc, - .cipher = EVP_desx_cbc, - }, - - { - .name = SN_aes_128_ccm, - .cipher = EVP_aes_128_ccm, - }, - { - .name = SN_aes_128_gcm, - .cipher = EVP_aes_128_gcm, - }, - { - .name = SN_id_aes128_wrap, - .cipher = EVP_aes_128_wrap, - }, - - { - .name = SN_aes_192_ccm, - .cipher = EVP_aes_192_ccm, - }, - { - .name = SN_aes_192_gcm, - .cipher = EVP_aes_192_gcm, - }, - { - .name = SN_id_aes192_wrap, - .cipher = EVP_aes_192_wrap, - }, - - { - .name = SN_aes_256_ccm, - .cipher = EVP_aes_256_ccm, - }, - { - .name = SN_aes_256_gcm, - .cipher = EVP_aes_256_gcm, - }, - { - .name = SN_id_aes256_wrap, - .cipher = EVP_aes_256_wrap, - }, - - { - .name = "idea", - .cipher = EVP_idea_cbc, - .alias = SN_idea_cbc, - }, - - { - .name = LN_idea_cbc, - .cipher = EVP_idea_cbc, - }, - { - .name = LN_idea_cfb64, - .cipher = EVP_idea_cfb64, - }, - { - .name = LN_idea_ecb, - .cipher = EVP_idea_ecb, - }, - { - .name = LN_idea_ofb64, - .cipher = EVP_idea_ofb, - }, - - { - .name = "rc2", - .cipher = EVP_rc2_cbc, - .alias = SN_rc2_cbc, - }, - - { - .name = LN_rc2_40_cbc, - .cipher = EVP_rc2_40_cbc, - }, - { - .name = LN_rc2_64_cbc, - .cipher = EVP_rc2_64_cbc, - }, - { - .name = LN_rc2_cbc, - .cipher = EVP_rc2_cbc, - }, - { - .name = LN_rc2_cfb64, - .cipher = EVP_rc2_cfb64, - }, - { - .name = LN_rc2_ecb, - .cipher = EVP_rc2_ecb, - }, - { - .name = LN_rc2_ofb64, - .cipher = EVP_rc2_ofb, - }, - - { - .name = LN_rc4, - .cipher = EVP_rc4, - }, - { - .name = LN_rc4_40, - .cipher = EVP_rc4_40, - }, - - { - .name = "sm4", - .cipher = EVP_sm4_cbc, - .alias = SN_sm4_cbc, - }, - - { - .name = LN_sm4_cbc, - .cipher = EVP_sm4_cbc, - }, - { - .name = LN_sm4_cfb128, - .cipher = EVP_sm4_cfb128, - }, - { - .name = LN_sm4_ctr, - .cipher = EVP_sm4_ctr, - }, - { - .name = LN_sm4_ecb, - .cipher = EVP_sm4_ecb, - }, - { - .name = LN_sm4_ofb128, - .cipher = EVP_sm4_ofb, - }, -}; - -#define N_CIPHER_NAMES (sizeof(cipher_names) / sizeof(cipher_names[0])) - -/* - * Keep this table alphabetically sorted by increasing .name. - * regress/lib/libcrypto/evp/evp_test.c checks that. - */ - -static const struct digest_name digest_names[] = { - { - .name = SN_dsaWithSHA1, - .digest = EVP_sha1, - .alias = SN_sha1, - }, - - { - .name = SN_md4, - .digest = EVP_md4, - }, - - { - .name = SN_md5, - .digest = EVP_md5, - }, - - { - .name = SN_md5_sha1, - .digest = EVP_md5_sha1, - }, - - { - .name = SN_ripemd160, - .digest = EVP_ripemd160, - }, - - { - .name = SN_md4WithRSAEncryption, - .digest = EVP_md4, - .alias = SN_md4, - }, - { - .name = SN_md5WithRSAEncryption, - .digest = EVP_md5, - .alias = SN_md5, - }, - { - .name = SN_ripemd160WithRSA, - .digest = EVP_ripemd160, - .alias = SN_ripemd160, - }, - { - .name = SN_sha1WithRSAEncryption, - .digest = EVP_sha1, - .alias = SN_sha1, - }, - { - .name = SN_sha1WithRSA, - .digest = EVP_sha1, - .alias = SN_sha1, /* XXX - alias to SN_sha1WithRSAEncryption? */ - }, - { - .name = SN_sha224WithRSAEncryption, - .digest = EVP_sha224, - .alias = SN_sha224, - }, - { - .name = SN_sha256WithRSAEncryption, - .digest = EVP_sha256, - .alias = SN_sha256, - }, - { - .name = LN_RSA_SHA3_224, - .digest = EVP_sha3_224, - .alias = SN_sha3_224, - }, - { - .name = LN_RSA_SHA3_256, - .digest = EVP_sha3_256, - .alias = SN_sha3_256, - }, - { - .name = LN_RSA_SHA3_384, - .digest = EVP_sha3_384, - .alias = SN_sha3_384, - }, - { - .name = LN_RSA_SHA3_512, - .digest = EVP_sha3_512, - .alias = SN_sha3_512, - }, - { - .name = SN_sha384WithRSAEncryption, - .digest = EVP_sha384, - .alias = SN_sha384, - }, - { - .name = SN_sha512WithRSAEncryption, - .digest = EVP_sha512, - .alias = SN_sha512, - }, - { - .name = SN_sha512_224WithRSAEncryption, - .digest = EVP_sha512_224, - .alias = SN_sha512_224, - }, - { - .name = SN_sha512_256WithRSAEncryption, - .digest = EVP_sha512_256, - .alias = SN_sha512_256, - }, - { - .name = SN_sm3WithRSAEncryption, - .digest = EVP_sm3, - .alias = SN_sm3, - }, - - { - .name = SN_sha1, - .digest = EVP_sha1, - }, - { - .name = SN_sha224, - .digest = EVP_sha224, - }, - { - .name = SN_sha256, - .digest = EVP_sha256, - }, - { - .name = SN_sha3_224, - .digest = EVP_sha3_224, - }, - { - .name = SN_sha3_256, - .digest = EVP_sha3_256, - }, - { - .name = SN_sha3_384, - .digest = EVP_sha3_384, - }, - { - .name = SN_sha3_512, - .digest = EVP_sha3_512, - }, - - { - .name = SN_sha384, - .digest = EVP_sha384, - }, - { - .name = SN_sha512, - .digest = EVP_sha512, - }, - { - .name = SN_sha512_224, - .digest = EVP_sha512_224, - }, - { - .name = SN_sha512_256, - .digest = EVP_sha512_256, - }, - - { - .name = SN_sm3, - .digest = EVP_sm3, - }, - - { - .name = LN_dsaWithSHA1, - .digest = EVP_sha1, - .alias = SN_sha1, - }, - - { - .name = LN_dsa_with_SHA224, - .digest = EVP_sha224, - .alias = SN_sha224, - }, - { - .name = LN_dsa_with_SHA256, - .digest = EVP_sha256, - .alias = SN_sha256, - }, - { - .name = LN_dsa_with_SHA384, - .digest = EVP_sha384, - .alias = SN_sha384, - }, - { - .name = LN_dsa_with_SHA512, - .digest = EVP_sha512, - .alias = SN_sha512, - }, - - { - .name = SN_ecdsa_with_SHA1, - .digest = EVP_sha1, - .alias = SN_sha1, - }, - - { - .name = SN_ecdsa_with_SHA224, - .digest = EVP_sha224, - .alias = SN_sha224, - }, - { - .name = SN_ecdsa_with_SHA256, - .digest = EVP_sha256, - .alias = SN_sha256, - }, - { - .name = SN_ecdsa_with_SHA384, - .digest = EVP_sha384, - .alias = SN_sha384, - }, - { - .name = SN_ecdsa_with_SHA512, - .digest = EVP_sha512, - .alias = SN_sha512, - }, - - { - .name = SN_dsa_with_SHA224, - .digest = EVP_sha224, - .alias = SN_sha224, - }, - { - .name = SN_dsa_with_SHA256, - .digest = EVP_sha256, - .alias = SN_sha256, - }, - - { - .name = SN_dsa_with_SHA3_224, - .digest = EVP_sha3_224, - .alias = SN_sha3_224, - }, - { - .name = SN_dsa_with_SHA3_256, - .digest = EVP_sha3_256, - .alias = SN_sha3_256, - }, - { - .name = SN_dsa_with_SHA3_384, - .digest = EVP_sha3_384, - .alias = SN_sha3_384, - }, - { - .name = SN_dsa_with_SHA3_512, - .digest = EVP_sha3_512, - .alias = SN_sha3_512, - }, - - { - .name = SN_dsa_with_SHA384, - .digest = EVP_sha384, - .alias = SN_sha384, - }, - { - .name = SN_dsa_with_SHA512, - .digest = EVP_sha512, - .alias = SN_sha512, - }, - - { - .name = SN_ecdsa_with_SHA3_224, - .digest = EVP_sha3_224, - .alias = SN_sha3_224, - }, - { - .name = SN_ecdsa_with_SHA3_256, - .digest = EVP_sha3_256, - .alias = SN_sha3_256, - }, - { - .name = SN_ecdsa_with_SHA3_384, - .digest = EVP_sha3_384, - .alias = SN_sha3_384, - }, - { - .name = SN_ecdsa_with_SHA3_512, - .digest = EVP_sha3_512, - .alias = SN_sha3_512, - }, - - { - .name = SN_RSA_SHA3_224, - .digest = EVP_sha3_224, - .alias = SN_sha3_224, - }, - { - .name = SN_RSA_SHA3_256, - .digest = EVP_sha3_256, - .alias = SN_sha3_256, - }, - { - .name = SN_RSA_SHA3_384, - .digest = EVP_sha3_384, - .alias = SN_sha3_384, - }, - { - .name = SN_RSA_SHA3_512, - .digest = EVP_sha3_512, - .alias = SN_sha3_512, - }, - - { - .name = LN_md4, - .digest = EVP_md4, - }, - { - .name = LN_md4WithRSAEncryption, - .digest = EVP_md4, - .alias = SN_md4, - }, - - { - .name = LN_md5, - .digest = EVP_md5, - }, - { - .name = LN_md5_sha1, - .digest = EVP_md5_sha1, - }, - { - .name = LN_md5WithRSAEncryption, - .digest = EVP_md5, - .alias = SN_md5, - }, - - { - .name = "ripemd", - .digest = EVP_ripemd160, - .alias = SN_ripemd160, - }, - { - .name = LN_ripemd160, - .digest = EVP_ripemd160, - }, - { - .name = LN_ripemd160WithRSA, - .digest = EVP_ripemd160, - .alias = SN_ripemd160, - }, - { - .name = "rmd160", - .digest = EVP_ripemd160, - .alias = SN_ripemd160, - }, - - { - .name = LN_sha1, - .digest = EVP_sha1, - }, - { - .name = LN_sha1WithRSAEncryption, - .digest = EVP_sha1, - .alias = SN_sha1, - }, - - { - .name = LN_sha224, - .digest = EVP_sha224, - }, - { - .name = LN_sha224WithRSAEncryption, - .digest = EVP_sha224, - .alias = SN_sha224, - }, - { - .name = LN_sha256, - .digest = EVP_sha256, - }, - { - .name = LN_sha256WithRSAEncryption, - .digest = EVP_sha256, - .alias = SN_sha256, - }, - - { - .name = LN_sha3_224, - .digest = EVP_sha3_224, - }, - { - .name = LN_sha3_256, - .digest = EVP_sha3_256, - }, - { - .name = LN_sha3_384, - .digest = EVP_sha3_384, - }, - { - .name = LN_sha3_512, - .digest = EVP_sha3_512, - }, - - { - .name = LN_sha384, - .digest = EVP_sha384, - }, - { - .name = LN_sha384WithRSAEncryption, - .digest = EVP_sha384, - .alias = SN_sha384, - }, - { - .name = LN_sha512, - .digest = EVP_sha512, - }, - { - .name = LN_sha512_224, - .digest = EVP_sha512_224, - }, - { - .name = LN_sha512_224WithRSAEncryption, - .digest = EVP_sha512_224, - .alias = SN_sha512_224, - }, - { - .name = LN_sha512_256, - .digest = EVP_sha512_256, - }, - { - .name = LN_sha512_256WithRSAEncryption, - .digest = EVP_sha512_256, - .alias = SN_sha512_256, - }, - { - .name = LN_sha512WithRSAEncryption, - .digest = EVP_sha512, - .alias = SN_sha512, - }, - - { - .name = LN_sm3, - .digest = EVP_sm3, - }, - { - .name = LN_sm3WithRSAEncryption, - .digest = EVP_sm3, - .alias = SN_sm3, - }, - - { - .name = "ssl2-md5", - .digest = EVP_md5, - .alias = SN_md5, - }, - { - .name = "ssl3-md5", - .digest = EVP_md5, - .alias = SN_md5, - }, - - { - .name = "ssl3-sha1", - .digest = EVP_sha1, - .alias = SN_sha1, - }, -}; - -#define N_DIGEST_NAMES (sizeof(digest_names) / sizeof(digest_names[0])) - -void -EVP_CIPHER_do_all_sorted(void (*fn)(const EVP_CIPHER *, const char *, - const char *, void *), void *arg) -{ - size_t i; - - /* Prayer and clean living lets you ignore errors, OpenSSL style. */ - (void)OPENSSL_init_crypto(0, NULL); - - for (i = 0; i < N_CIPHER_NAMES; i++) { - const struct cipher_name *cipher = &cipher_names[i]; - const EVP_CIPHER *evp_cipher; - - if ((evp_cipher = cipher->cipher()) == NULL) - continue; - - if (cipher->alias != NULL) - fn(NULL, cipher->name, cipher->alias, arg); - else - fn(evp_cipher, cipher->name, NULL, arg); - } -} -LCRYPTO_ALIAS(EVP_CIPHER_do_all_sorted); - -void -EVP_CIPHER_do_all(void (*fn)(const EVP_CIPHER *, const char *, const char *, - void *), void *arg) -{ - EVP_CIPHER_do_all_sorted(fn, arg); -} -LCRYPTO_ALIAS(EVP_CIPHER_do_all); - -void -EVP_MD_do_all_sorted(void (*fn)(const EVP_MD *, const char *, const char *, - void *), void *arg) -{ - size_t i; - - /* Prayer and clean living lets you ignore errors, OpenSSL style. */ - (void)OPENSSL_init_crypto(0, NULL); - - for (i = 0; i < N_DIGEST_NAMES; i++) { - const struct digest_name *digest = &digest_names[i]; - const EVP_MD *evp_md; - - if ((evp_md = digest->digest()) == NULL) - continue; - - if (digest->alias != NULL) - fn(NULL, digest->name, digest->alias, arg); - else - fn(evp_md, digest->name, NULL, arg); - } -} -LCRYPTO_ALIAS(EVP_MD_do_all_sorted); - -void -EVP_MD_do_all(void (*fn)(const EVP_MD *, const char *, const char *, void *), - void *arg) -{ - EVP_MD_do_all_sorted(fn, arg); -} -LCRYPTO_ALIAS(EVP_MD_do_all); - -/* - * The OBJ_NAME API is completely misnamed. It has little to do with objects - * and a lot to do with EVP. Therefore we implement a saner replacement for - * the part of the old madness that we need to keep in the evp directory. - */ - -static int -OBJ_NAME_from_cipher_name(OBJ_NAME *obj_name, const struct cipher_name *cipher) -{ - const EVP_CIPHER *evp_cipher; - - if ((evp_cipher = cipher->cipher()) == NULL) - return 0; - - obj_name->type = OBJ_NAME_TYPE_CIPHER_METH; - obj_name->name = cipher->name; - if (cipher->alias != NULL) { - obj_name->alias = OBJ_NAME_ALIAS; - obj_name->data = cipher->alias; - } else { - obj_name->alias = 0; - obj_name->data = evp_cipher; - } - - return 1; -} - -static void -OBJ_NAME_do_all_ciphers(void (*fn)(const OBJ_NAME *, void *), void *arg) -{ - size_t i; - - for (i = 0; i < N_CIPHER_NAMES; i++) { - const struct cipher_name *cipher = &cipher_names[i]; - OBJ_NAME name; - - if (OBJ_NAME_from_cipher_name(&name, cipher)) - fn(&name, arg); - } -} - -static int -OBJ_NAME_from_digest_name(OBJ_NAME *obj_name, const struct digest_name *digest) -{ - const EVP_MD *evp_md; - - if ((evp_md = digest->digest()) == NULL) - return 0; - - obj_name->type = OBJ_NAME_TYPE_MD_METH; - obj_name->name = digest->name; - if (digest->alias != NULL) { - obj_name->alias = OBJ_NAME_ALIAS; - obj_name->data = digest->alias; - } else { - obj_name->alias = 0; - obj_name->data = evp_md; - } - - return 1; -} - -static void -OBJ_NAME_do_all_digests(void (*fn)(const OBJ_NAME *, void *), void *arg) -{ - size_t i; - - for (i = 0; i < N_DIGEST_NAMES; i++) { - const struct digest_name *digest = &digest_names[i]; - OBJ_NAME name; - - if (OBJ_NAME_from_digest_name(&name, digest)) - fn(&name, arg); - } -} - -void -OBJ_NAME_do_all_sorted(int type, void (*fn)(const OBJ_NAME *, void *), void *arg) -{ - /* Prayer and clean living lets you ignore errors, OpenSSL style. */ - (void)OPENSSL_init_crypto(0, NULL); - - if (type == OBJ_NAME_TYPE_CIPHER_METH) - OBJ_NAME_do_all_ciphers(fn, arg); - if (type == OBJ_NAME_TYPE_MD_METH) - OBJ_NAME_do_all_digests(fn, arg); -} -LCRYPTO_ALIAS(OBJ_NAME_do_all_sorted); - -void -OBJ_NAME_do_all(int type, void (*fn)(const OBJ_NAME *, void *), void *arg) -{ - OBJ_NAME_do_all_sorted(type, fn, arg); -} -LCRYPTO_ALIAS(OBJ_NAME_do_all); - -static int -cipher_cmp(const void *a, const void *b) -{ - return strcmp(a, ((const struct cipher_name *)b)->name); -} - -const EVP_CIPHER * -EVP_get_cipherbyname(const char *name) -{ - const struct cipher_name *cipher; - - if (!OPENSSL_init_crypto(0, NULL)) - return NULL; - - if (name == NULL) - return NULL; - - if ((cipher = bsearch(name, cipher_names, N_CIPHER_NAMES, - sizeof(*cipher), cipher_cmp)) == NULL) - return NULL; - - return cipher->cipher(); -} -LCRYPTO_ALIAS(EVP_get_cipherbyname); - -static int -digest_cmp(const void *a, const void *b) -{ - return strcmp(a, ((const struct digest_name *)b)->name); -} - -const EVP_MD * -EVP_get_digestbyname(const char *name) -{ - const struct digest_name *digest; - - if (!OPENSSL_init_crypto(0, NULL)) - return NULL; - - if (name == NULL) - return NULL; - - if ((digest = bsearch(name, digest_names, N_DIGEST_NAMES, - sizeof(*digest), digest_cmp)) == NULL) - return NULL; - - return digest->digest(); -} -LCRYPTO_ALIAS(EVP_get_digestbyname); - -/* - * XXX - this is here because most of its job was to clean up the dynamic - * tables of ciphers and digests. If we get an evp_lib.c again, it should - * probably move there. - */ - -void -EVP_cleanup(void) -{ -} -LCRYPTO_ALIAS(EVP_cleanup); diff --git a/src/lib/libcrypto/evp/evp_pbe.c b/src/lib/libcrypto/evp/evp_pbe.c deleted file mode 100644 index 88ceb14033..0000000000 --- a/src/lib/libcrypto/evp/evp_pbe.c +++ /dev/null @@ -1,647 +0,0 @@ -/* $OpenBSD: evp_pbe.c,v 1.50 2024/04/09 13:52:41 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include -#include -#include -#include -#include - -#include "evp_local.h" -#include "hmac_local.h" -#include "pkcs12_local.h" -#include "x509_local.h" - -/* Password based encryption (PBE) functions */ -int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, - ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de); -int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, - ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de); -int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, - ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md_type, - int en_de); -int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, - ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de); - -static const struct pbe_config { - int pbe_nid; - int cipher_nid; - int md_nid; - EVP_PBE_KEYGEN *keygen; -} pbe_outer[] = { - { - .pbe_nid = NID_pbeWithMD2AndDES_CBC, - .cipher_nid = NID_des_cbc, - .md_nid = NID_md2, - .keygen = PKCS5_PBE_keyivgen, - }, - { - .pbe_nid = NID_pbeWithMD5AndDES_CBC, - .cipher_nid = NID_des_cbc, - .md_nid = NID_md5, - .keygen = PKCS5_PBE_keyivgen, - }, - { - .pbe_nid = NID_pbeWithSHA1AndRC2_CBC, - .cipher_nid = NID_rc2_64_cbc, - .md_nid = NID_sha1, - .keygen = PKCS5_PBE_keyivgen, - }, - { - .pbe_nid = NID_id_pbkdf2, - .cipher_nid = -1, - .md_nid = -1, - .keygen = PKCS5_v2_PBKDF2_keyivgen, - }, - { - .pbe_nid = NID_pbe_WithSHA1And128BitRC4, - .cipher_nid = NID_rc4, - .md_nid = NID_sha1, - .keygen = PKCS12_PBE_keyivgen, - }, - { - .pbe_nid = NID_pbe_WithSHA1And40BitRC4, - .cipher_nid = NID_rc4_40, - .md_nid = NID_sha1, - .keygen = PKCS12_PBE_keyivgen, - }, - { - .pbe_nid = NID_pbe_WithSHA1And3_Key_TripleDES_CBC, - .cipher_nid = NID_des_ede3_cbc, - .md_nid = NID_sha1, - .keygen = PKCS12_PBE_keyivgen, - }, - { - .pbe_nid = NID_pbe_WithSHA1And2_Key_TripleDES_CBC, - .cipher_nid = NID_des_ede_cbc, - .md_nid = NID_sha1, - .keygen = PKCS12_PBE_keyivgen, - }, - { - .pbe_nid = NID_pbe_WithSHA1And128BitRC2_CBC, - .cipher_nid = NID_rc2_cbc, - .md_nid = NID_sha1, - .keygen = PKCS12_PBE_keyivgen, - }, - { - .pbe_nid = NID_pbe_WithSHA1And40BitRC2_CBC, - .cipher_nid = NID_rc2_40_cbc, - .md_nid = NID_sha1, - .keygen = PKCS12_PBE_keyivgen, - }, - { - .pbe_nid = NID_pbes2, - .cipher_nid = -1, - .md_nid = -1, - .keygen = PKCS5_v2_PBE_keyivgen, - }, - { - .pbe_nid = NID_pbeWithMD2AndRC2_CBC, - .cipher_nid = NID_rc2_64_cbc, - .md_nid = NID_md2, - .keygen = PKCS5_PBE_keyivgen, - }, - { - .pbe_nid = NID_pbeWithMD5AndRC2_CBC, - .cipher_nid = NID_rc2_64_cbc, - .md_nid = NID_md5, - .keygen = PKCS5_PBE_keyivgen, - }, - { - .pbe_nid = NID_pbeWithSHA1AndDES_CBC, - .cipher_nid = NID_des_cbc, - .md_nid = NID_sha1, - .keygen = PKCS5_PBE_keyivgen, - }, -}; - -#define N_PBE_OUTER (sizeof(pbe_outer) / sizeof(pbe_outer[0])) - -int -EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen, - ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de) -{ - const struct pbe_config *cfg = NULL; - const EVP_CIPHER *cipher = NULL; - const EVP_MD *md = NULL; - int pbe_nid; - size_t i; - - if ((pbe_nid = OBJ_obj2nid(pbe_obj)) == NID_undef) { - EVPerror(EVP_R_UNKNOWN_PBE_ALGORITHM); - return 0; - } - - for (i = 0; i < N_PBE_OUTER; i++) { - if (pbe_nid == pbe_outer[i].pbe_nid) { - cfg = &pbe_outer[i]; - break; - } - } - if (cfg == NULL) { - EVPerror(EVP_R_UNKNOWN_PBE_ALGORITHM); - ERR_asprintf_error_data("NID=%d", pbe_nid); - return 0; - } - - if (pass == NULL) - passlen = 0; - if (passlen == -1) - passlen = strlen(pass); - - if (cfg->cipher_nid != -1) { - if ((cipher = EVP_get_cipherbynid(cfg->cipher_nid)) == NULL) { - EVPerror(EVP_R_UNKNOWN_CIPHER); - return 0; - } - } - if (cfg->md_nid != -1) { - if ((md = EVP_get_digestbynid(cfg->md_nid)) == NULL) { - EVPerror(EVP_R_UNKNOWN_DIGEST); - return 0; - } - } - - if (!cfg->keygen(ctx, pass, passlen, param, cipher, md, en_de)) { - EVPerror(EVP_R_KEYGEN_FAILURE); - return 0; - } - - return 1; -} - -int -PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, - ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de) -{ - EVP_MD_CTX *md_ctx; - unsigned char md_tmp[EVP_MAX_MD_SIZE]; - unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH]; - int i; - PBEPARAM *pbe; - int saltlen, iter; - unsigned char *salt; - const unsigned char *pbuf; - int mdsize; - int ret = 0; - - /* Extract useful info from parameter */ - if (param == NULL || param->type != V_ASN1_SEQUENCE || - param->value.sequence == NULL) { - EVPerror(EVP_R_DECODE_ERROR); - return 0; - } - - mdsize = EVP_MD_size(md); - if (mdsize < 0) - return 0; - - pbuf = param->value.sequence->data; - if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) { - EVPerror(EVP_R_DECODE_ERROR); - return 0; - } - - if (!pbe->iter) - iter = 1; - else if ((iter = ASN1_INTEGER_get(pbe->iter)) <= 0) { - EVPerror(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS); - PBEPARAM_free(pbe); - return 0; - } - salt = pbe->salt->data; - saltlen = pbe->salt->length; - - if (!pass) - passlen = 0; - else if (passlen == -1) - passlen = strlen(pass); - - if ((md_ctx = EVP_MD_CTX_new()) == NULL) - goto err; - - if (!EVP_DigestInit_ex(md_ctx, md, NULL)) - goto err; - if (!EVP_DigestUpdate(md_ctx, pass, passlen)) - goto err; - if (!EVP_DigestUpdate(md_ctx, salt, saltlen)) - goto err; - if (!EVP_DigestFinal_ex(md_ctx, md_tmp, NULL)) - goto err; - for (i = 1; i < iter; i++) { - if (!EVP_DigestInit_ex(md_ctx, md, NULL)) - goto err; - if (!EVP_DigestUpdate(md_ctx, md_tmp, mdsize)) - goto err; - if (!EVP_DigestFinal_ex(md_ctx, md_tmp, NULL)) - goto err; - } - if ((size_t)EVP_CIPHER_key_length(cipher) > sizeof(md_tmp)) { - EVPerror(EVP_R_BAD_KEY_LENGTH); - goto err; - } - memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher)); - if ((size_t)EVP_CIPHER_iv_length(cipher) > 16) { - EVPerror(EVP_R_IV_TOO_LARGE); - goto err; - } - memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), - EVP_CIPHER_iv_length(cipher)); - if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de)) - goto err; - explicit_bzero(md_tmp, EVP_MAX_MD_SIZE); - explicit_bzero(key, EVP_MAX_KEY_LENGTH); - explicit_bzero(iv, EVP_MAX_IV_LENGTH); - - ret = 1; - - err: - EVP_MD_CTX_free(md_ctx); - PBEPARAM_free(pbe); - - return ret; -} - -/* - * PKCS#5 v2.0 password based encryption key derivation function PBKDF2. - */ - -int -PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt, - int saltlen, int iter, const EVP_MD *digest, int keylen, unsigned char *out) -{ - unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4]; - int cplen, j, k, tkeylen, mdlen; - unsigned long i = 1; - HMAC_CTX hctx_tpl, hctx; - - mdlen = EVP_MD_size(digest); - if (mdlen < 0) - return 0; - - HMAC_CTX_init(&hctx_tpl); - p = out; - tkeylen = keylen; - if (!pass) - passlen = 0; - else if (passlen == -1) - passlen = strlen(pass); - if (!HMAC_Init_ex(&hctx_tpl, pass, passlen, digest, NULL)) { - HMAC_CTX_cleanup(&hctx_tpl); - return 0; - } - while (tkeylen) { - if (tkeylen > mdlen) - cplen = mdlen; - else - cplen = tkeylen; - /* - * We are unlikely to ever use more than 256 blocks (5120 bits!) - * but just in case... - */ - itmp[0] = (unsigned char)((i >> 24) & 0xff); - itmp[1] = (unsigned char)((i >> 16) & 0xff); - itmp[2] = (unsigned char)((i >> 8) & 0xff); - itmp[3] = (unsigned char)(i & 0xff); - if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) { - HMAC_CTX_cleanup(&hctx_tpl); - return 0; - } - if (!HMAC_Update(&hctx, salt, saltlen) || - !HMAC_Update(&hctx, itmp, 4) || - !HMAC_Final(&hctx, digtmp, NULL)) { - HMAC_CTX_cleanup(&hctx_tpl); - HMAC_CTX_cleanup(&hctx); - return 0; - } - HMAC_CTX_cleanup(&hctx); - memcpy(p, digtmp, cplen); - for (j = 1; j < iter; j++) { - if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) { - HMAC_CTX_cleanup(&hctx_tpl); - return 0; - } - if (!HMAC_Update(&hctx, digtmp, mdlen) || - !HMAC_Final(&hctx, digtmp, NULL)) { - HMAC_CTX_cleanup(&hctx_tpl); - HMAC_CTX_cleanup(&hctx); - return 0; - } - HMAC_CTX_cleanup(&hctx); - for (k = 0; k < cplen; k++) - p[k] ^= digtmp[k]; - } - tkeylen -= cplen; - i++; - p += cplen; - } - HMAC_CTX_cleanup(&hctx_tpl); - return 1; -} -LCRYPTO_ALIAS(PKCS5_PBKDF2_HMAC); - -int -PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, const unsigned char *salt, - int saltlen, int iter, int keylen, unsigned char *out) -{ - return PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, - EVP_sha1(), keylen, out); -} -LCRYPTO_ALIAS(PKCS5_PBKDF2_HMAC_SHA1); - -/* - * Now the key derivation function itself. This is a bit evil because - * it has to check the ASN1 parameters are valid: and there are quite a - * few of them... - */ - -int -PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, - ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de) -{ - const unsigned char *pbuf; - int plen; - PBE2PARAM *pbe2 = NULL; - const EVP_CIPHER *cipher; - int ret = 0; - - if (param == NULL || param->type != V_ASN1_SEQUENCE || - param->value.sequence == NULL) { - EVPerror(EVP_R_DECODE_ERROR); - goto err; - } - - pbuf = param->value.sequence->data; - plen = param->value.sequence->length; - if (!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) { - EVPerror(EVP_R_DECODE_ERROR); - goto err; - } - - /* See if we recognise the key derivation function */ - - if (OBJ_obj2nid(pbe2->keyfunc->algorithm) != NID_id_pbkdf2) { - EVPerror(EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION); - goto err; - } - - /* Let's see if we recognise the encryption algorithm. */ - cipher = EVP_get_cipherbyobj(pbe2->encryption->algorithm); - if (!cipher) { - EVPerror(EVP_R_UNSUPPORTED_CIPHER); - goto err; - } - - /* Fixup cipher based on AlgorithmIdentifier */ - if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de)) - goto err; - if (EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) { - EVPerror(EVP_R_CIPHER_PARAMETER_ERROR); - goto err; - } - - ret = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen, - pbe2->keyfunc->parameter, c, md, en_de); - - err: - PBE2PARAM_free(pbe2); - - return ret; -} - -static int -md_nid_from_prf_nid(int nid) -{ - switch (nid) { - case NID_hmacWithMD5: - return NID_md5; - case NID_hmacWithSHA1: - return NID_sha1; - case NID_hmacWithSHA224: - return NID_sha224; - case NID_hmacWithSHA256: - return NID_sha256; - case NID_hmacWithSHA384: - return NID_sha384; - case NID_hmacWithSHA512: - return NID_sha512; - case NID_hmacWithSHA512_224: - return NID_sha512_224; - case NID_hmacWithSHA512_256: - return NID_sha512_256; - case NID_hmac_sha3_224: - return NID_sha3_224; - case NID_hmac_sha3_256: - return NID_sha3_256; - case NID_hmac_sha3_384: - return NID_sha3_384; - case NID_hmac_sha3_512: - return NID_sha3_512; - default: - return NID_undef; - } -} - -int -PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, - ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de) -{ - unsigned char *salt, key[EVP_MAX_KEY_LENGTH]; - const unsigned char *pbuf; - int saltlen, iter, plen; - unsigned int keylen = 0; - int prf_nid, hmac_md_nid; - PBKDF2PARAM *kdf = NULL; - const EVP_MD *prfmd; - int ret = 0; - - if (EVP_CIPHER_CTX_cipher(ctx) == NULL) { - EVPerror(EVP_R_NO_CIPHER_SET); - return 0; - } - keylen = EVP_CIPHER_CTX_key_length(ctx); - if (keylen > sizeof key) { - EVPerror(EVP_R_BAD_KEY_LENGTH); - return 0; - } - - /* Decode parameter */ - - if (!param || (param->type != V_ASN1_SEQUENCE)) { - EVPerror(EVP_R_DECODE_ERROR); - return 0; - } - - pbuf = param->value.sequence->data; - plen = param->value.sequence->length; - - if (!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) { - EVPerror(EVP_R_DECODE_ERROR); - return 0; - } - - /* Now check the parameters of the kdf */ - - if (kdf->keylength && - (ASN1_INTEGER_get(kdf->keylength) != (int)keylen)){ - EVPerror(EVP_R_UNSUPPORTED_KEYLENGTH); - goto err; - } - - if (kdf->prf) - prf_nid = OBJ_obj2nid(kdf->prf->algorithm); - else - prf_nid = NID_hmacWithSHA1; - - if ((hmac_md_nid = md_nid_from_prf_nid(prf_nid)) == NID_undef) { - EVPerror(EVP_R_UNSUPPORTED_PRF); - goto err; - } - - prfmd = EVP_get_digestbynid(hmac_md_nid); - if (prfmd == NULL) { - EVPerror(EVP_R_UNSUPPORTED_PRF); - goto err; - } - - if (kdf->salt->type != V_ASN1_OCTET_STRING) { - EVPerror(EVP_R_UNSUPPORTED_SALT_TYPE); - goto err; - } - - /* it seems that its all OK */ - salt = kdf->salt->value.octet_string->data; - saltlen = kdf->salt->value.octet_string->length; - if ((iter = ASN1_INTEGER_get(kdf->iter)) <= 0) { - EVPerror(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS); - goto err; - } - if (!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd, - keylen, key)) - goto err; - - ret = EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de); - - err: - explicit_bzero(key, keylen); - PBKDF2PARAM_free(kdf); - - return ret; -} - -void -PKCS12_PBE_add(void) -{ -} -LCRYPTO_ALIAS(PKCS12_PBE_add); - -int -PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, - ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de) -{ - PBEPARAM *pbe; - int saltlen, iter, ret; - unsigned char *salt; - const unsigned char *pbuf; - unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH]; - - /* Extract useful info from parameter */ - if (param == NULL || param->type != V_ASN1_SEQUENCE || - param->value.sequence == NULL) { - PKCS12error(PKCS12_R_DECODE_ERROR); - return 0; - } - - pbuf = param->value.sequence->data; - if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) { - PKCS12error(PKCS12_R_DECODE_ERROR); - return 0; - } - - if (!pbe->iter) - iter = 1; - else if ((iter = ASN1_INTEGER_get(pbe->iter)) <= 0) { - PKCS12error(PKCS12_R_DECODE_ERROR); - PBEPARAM_free(pbe); - return 0; - } - salt = pbe->salt->data; - saltlen = pbe->salt->length; - if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_KEY_ID, - iter, EVP_CIPHER_key_length(cipher), key, md)) { - PKCS12error(PKCS12_R_KEY_GEN_ERROR); - PBEPARAM_free(pbe); - return 0; - } - if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_IV_ID, - iter, EVP_CIPHER_iv_length(cipher), iv, md)) { - PKCS12error(PKCS12_R_IV_GEN_ERROR); - PBEPARAM_free(pbe); - return 0; - } - PBEPARAM_free(pbe); - ret = EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, en_de); - explicit_bzero(key, EVP_MAX_KEY_LENGTH); - explicit_bzero(iv, EVP_MAX_IV_LENGTH); - return ret; -} diff --git a/src/lib/libcrypto/evp/evp_pkey.c b/src/lib/libcrypto/evp/evp_pkey.c deleted file mode 100644 index a1e127352a..0000000000 --- a/src/lib/libcrypto/evp/evp_pkey.c +++ /dev/null @@ -1,144 +0,0 @@ -/* $OpenBSD: evp_pkey.c,v 1.33 2025/02/04 04:51:34 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include - -#include -#include - -#include "asn1_local.h" -#include "evp_local.h" - -/* Extract a private key from a PKCS8 structure */ - -EVP_PKEY * -EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8) -{ - EVP_PKEY *pkey = NULL; - const ASN1_OBJECT *algoid; - char obj_tmp[80]; - - if (!PKCS8_pkey_get0(&algoid, NULL, NULL, NULL, p8)) - return NULL; - - if (!(pkey = EVP_PKEY_new())) { - EVPerror(ERR_R_MALLOC_FAILURE); - return NULL; - } - - if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(algoid))) { - EVPerror(EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); - if (i2t_ASN1_OBJECT(obj_tmp, sizeof(obj_tmp), algoid) == 0) - (void)strlcpy(obj_tmp, "unknown", sizeof(obj_tmp)); - ERR_asprintf_error_data("TYPE=%s", obj_tmp); - goto error; - } - - if (pkey->ameth->priv_decode) { - if (!pkey->ameth->priv_decode(pkey, p8)) { - EVPerror(EVP_R_PRIVATE_KEY_DECODE_ERROR); - goto error; - } - } else { - EVPerror(EVP_R_METHOD_NOT_SUPPORTED); - goto error; - } - - return pkey; - -error: - EVP_PKEY_free(pkey); - return NULL; -} -LCRYPTO_ALIAS(EVP_PKCS82PKEY); - -/* Turn a private key into a PKCS8 structure */ - -PKCS8_PRIV_KEY_INFO * -EVP_PKEY2PKCS8(EVP_PKEY *pkey) -{ - PKCS8_PRIV_KEY_INFO *p8; - - if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) { - EVPerror(ERR_R_MALLOC_FAILURE); - return NULL; - } - - if (pkey->ameth) { - if (pkey->ameth->priv_encode) { - if (!pkey->ameth->priv_encode(p8, pkey)) { - EVPerror(EVP_R_PRIVATE_KEY_ENCODE_ERROR); - goto error; - } - } else { - EVPerror(EVP_R_METHOD_NOT_SUPPORTED); - goto error; - } - } else { - EVPerror(EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); - goto error; - } - return p8; - -error: - PKCS8_PRIV_KEY_INFO_free(p8); - return NULL; -} -LCRYPTO_ALIAS(EVP_PKEY2PKCS8); diff --git a/src/lib/libcrypto/evp/m_md4.c b/src/lib/libcrypto/evp/m_md4.c deleted file mode 100644 index a9d3150948..0000000000 --- a/src/lib/libcrypto/evp/m_md4.c +++ /dev/null @@ -1,114 +0,0 @@ -/* $OpenBSD: m_md4.c,v 1.22 2024/04/09 13:52:41 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include - -#ifndef OPENSSL_NO_MD4 - -#include -#include -#include -#include - -#ifndef OPENSSL_NO_RSA -#include -#endif - -#include "evp_local.h" - -static int -init(EVP_MD_CTX *ctx) -{ - return MD4_Init(ctx->md_data); -} - -static int -update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - return MD4_Update(ctx->md_data, data, count); -} - -static int -final(EVP_MD_CTX *ctx, unsigned char *md) -{ - return MD4_Final(md, ctx->md_data); -} - -static const EVP_MD md4_md = { - .type = NID_md4, - .pkey_type = NID_md4WithRSAEncryption, - .md_size = MD4_DIGEST_LENGTH, - .flags = 0, - .init = init, - .update = update, - .final = final, - .copy = NULL, - .cleanup = NULL, - .block_size = MD4_CBLOCK, - .ctx_size = sizeof(EVP_MD *) + sizeof(MD4_CTX), -}; - -const EVP_MD * -EVP_md4(void) -{ - return (&md4_md); -} -LCRYPTO_ALIAS(EVP_md4); -#endif diff --git a/src/lib/libcrypto/evp/m_md5.c b/src/lib/libcrypto/evp/m_md5.c deleted file mode 100644 index 1bba8c4e1b..0000000000 --- a/src/lib/libcrypto/evp/m_md5.c +++ /dev/null @@ -1,114 +0,0 @@ -/* $OpenBSD: m_md5.c,v 1.21 2024/04/09 13:52:41 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include - -#ifndef OPENSSL_NO_MD5 - -#include -#include -#include -#include - -#ifndef OPENSSL_NO_RSA -#include -#endif - -#include "evp_local.h" - -static int -init(EVP_MD_CTX *ctx) -{ - return MD5_Init(ctx->md_data); -} - -static int -update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - return MD5_Update(ctx->md_data, data, count); -} - -static int -final(EVP_MD_CTX *ctx, unsigned char *md) -{ - return MD5_Final(md, ctx->md_data); -} - -static const EVP_MD md5_md = { - .type = NID_md5, - .pkey_type = NID_md5WithRSAEncryption, - .md_size = MD5_DIGEST_LENGTH, - .flags = 0, - .init = init, - .update = update, - .final = final, - .copy = NULL, - .cleanup = NULL, - .block_size = MD5_CBLOCK, - .ctx_size = sizeof(EVP_MD *) + sizeof(MD5_CTX), -}; - -const EVP_MD * -EVP_md5(void) -{ - return (&md5_md); -} -LCRYPTO_ALIAS(EVP_md5); -#endif diff --git a/src/lib/libcrypto/evp/m_md5_sha1.c b/src/lib/libcrypto/evp/m_md5_sha1.c deleted file mode 100644 index 87a801f013..0000000000 --- a/src/lib/libcrypto/evp/m_md5_sha1.c +++ /dev/null @@ -1,90 +0,0 @@ -/* $OpenBSD: m_md5_sha1.c,v 1.9 2024/04/09 13:52:41 beck Exp $ */ -/* - * Copyright (c) 2017 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include -#include -#include - -#ifndef OPENSSL_NO_RSA -#include -#endif - -#include "evp_local.h" - -struct md5_sha1_ctx { - MD5_CTX md5; - SHA_CTX sha1; -}; - -static int -md5_sha1_init(EVP_MD_CTX *ctx) -{ - struct md5_sha1_ctx *mdctx = ctx->md_data; - - if (!MD5_Init(&mdctx->md5)) - return 0; - if (!SHA1_Init(&mdctx->sha1)) - return 0; - - return 1; -} - -static int -md5_sha1_update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - struct md5_sha1_ctx *mdctx = ctx->md_data; - - if (!MD5_Update(&mdctx->md5, data, count)) - return 0; - if (!SHA1_Update(&mdctx->sha1, data, count)) - return 0; - - return 1; -} - -static int -md5_sha1_final(EVP_MD_CTX *ctx, unsigned char *out) -{ - struct md5_sha1_ctx *mdctx = ctx->md_data; - - if (!MD5_Final(out, &mdctx->md5)) - return 0; - if (!SHA1_Final(out + MD5_DIGEST_LENGTH, &mdctx->sha1)) - return 0; - - return 1; -} - -static const EVP_MD md5_sha1_md = { - .type = NID_md5_sha1, - .pkey_type = NID_md5_sha1, - .md_size = MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, - .flags = 0, - .init = md5_sha1_init, - .update = md5_sha1_update, - .final = md5_sha1_final, - .block_size = MD5_CBLOCK, /* MD5_CBLOCK == SHA_CBLOCK */ - .ctx_size = sizeof(EVP_MD *) + sizeof(struct md5_sha1_ctx), -}; - -const EVP_MD * -EVP_md5_sha1(void) -{ - return &md5_sha1_md; -} -LCRYPTO_ALIAS(EVP_md5_sha1); diff --git a/src/lib/libcrypto/evp/m_null.c b/src/lib/libcrypto/evp/m_null.c deleted file mode 100644 index 65af387eaa..0000000000 --- a/src/lib/libcrypto/evp/m_null.c +++ /dev/null @@ -1,104 +0,0 @@ -/* $OpenBSD: m_null.c,v 1.15 2024/04/09 13:52:41 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include -#include - -#include "evp_local.h" - -static int -init(EVP_MD_CTX *ctx) -{ - return 1; -} - -static int -update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - return 1; -} - -static int -final(EVP_MD_CTX *ctx, unsigned char *md) -{ - return 1; -} - -static const EVP_MD null_md = { - .type = NID_undef, - .pkey_type = NID_undef, - .md_size = 0, - .flags = 0, - .init = init, - .update = update, - .final = final, - .copy = NULL, - .cleanup = NULL, - .block_size = 0, - .ctx_size = sizeof(EVP_MD *), -}; - -const EVP_MD * -EVP_md_null(void) -{ - return (&null_md); -} -LCRYPTO_ALIAS(EVP_md_null); diff --git a/src/lib/libcrypto/evp/m_ripemd.c b/src/lib/libcrypto/evp/m_ripemd.c deleted file mode 100644 index d771510868..0000000000 --- a/src/lib/libcrypto/evp/m_ripemd.c +++ /dev/null @@ -1,114 +0,0 @@ -/* $OpenBSD: m_ripemd.c,v 1.18 2024/04/09 13:52:41 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include - -#ifndef OPENSSL_NO_RIPEMD - -#include -#include -#include -#include - -#ifndef OPENSSL_NO_RSA -#include -#endif - -#include "evp_local.h" - -static int -init(EVP_MD_CTX *ctx) -{ - return RIPEMD160_Init(ctx->md_data); -} - -static int -update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - return RIPEMD160_Update(ctx->md_data, data, count); -} - -static int -final(EVP_MD_CTX *ctx, unsigned char *md) -{ - return RIPEMD160_Final(md, ctx->md_data); -} - -static const EVP_MD ripemd160_md = { - .type = NID_ripemd160, - .pkey_type = NID_ripemd160WithRSA, - .md_size = RIPEMD160_DIGEST_LENGTH, - .flags = 0, - .init = init, - .update = update, - .final = final, - .copy = NULL, - .cleanup = NULL, - .block_size = RIPEMD160_CBLOCK, - .ctx_size = sizeof(EVP_MD *) + sizeof(RIPEMD160_CTX), -}; - -const EVP_MD * -EVP_ripemd160(void) -{ - return (&ripemd160_md); -} -LCRYPTO_ALIAS(EVP_ripemd160); -#endif diff --git a/src/lib/libcrypto/evp/m_sha1.c b/src/lib/libcrypto/evp/m_sha1.c deleted file mode 100644 index cdceb99aaf..0000000000 --- a/src/lib/libcrypto/evp/m_sha1.c +++ /dev/null @@ -1,358 +0,0 @@ -/* $OpenBSD: m_sha1.c,v 1.26 2024/04/09 13:52:41 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include - -#ifndef OPENSSL_NO_SHA - -#include -#include -#include - -#ifndef OPENSSL_NO_RSA -#include -#endif - -#include "evp_local.h" -#include "sha_internal.h" - -static int -sha1_init(EVP_MD_CTX *ctx) -{ - return SHA1_Init(ctx->md_data); -} - -static int -sha1_update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - return SHA1_Update(ctx->md_data, data, count); -} - -static int -sha1_final(EVP_MD_CTX *ctx, unsigned char *md) -{ - return SHA1_Final(md, ctx->md_data); -} - -static const EVP_MD sha1_md = { - .type = NID_sha1, - .pkey_type = NID_sha1WithRSAEncryption, - .md_size = SHA_DIGEST_LENGTH, - .flags = EVP_MD_FLAG_DIGALGID_ABSENT, - .init = sha1_init, - .update = sha1_update, - .final = sha1_final, - .copy = NULL, - .cleanup = NULL, - .block_size = SHA_CBLOCK, - .ctx_size = sizeof(EVP_MD *) + sizeof(SHA_CTX), -}; - -const EVP_MD * -EVP_sha1(void) -{ - return &sha1_md; -} -LCRYPTO_ALIAS(EVP_sha1); -#endif - -#ifndef OPENSSL_NO_SHA256 -static int -sha224_init(EVP_MD_CTX *ctx) -{ - return SHA224_Init(ctx->md_data); -} - -static int -sha224_update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - /* - * Even though there're separate SHA224_[Update|Final], we call - * SHA256 functions even in SHA224 context. This is what happens - * there anyway, so we can spare few CPU cycles:-) - */ - return SHA256_Update(ctx->md_data, data, count); -} - -static int -sha224_final(EVP_MD_CTX *ctx, unsigned char *md) -{ - return SHA224_Final(md, ctx->md_data); -} - -static const EVP_MD sha224_md = { - .type = NID_sha224, - .pkey_type = NID_sha224WithRSAEncryption, - .md_size = SHA224_DIGEST_LENGTH, - .flags = EVP_MD_FLAG_DIGALGID_ABSENT, - .init = sha224_init, - .update = sha224_update, - .final = sha224_final, - .copy = NULL, - .cleanup = NULL, - .block_size = SHA256_CBLOCK, - .ctx_size = sizeof(EVP_MD *) + sizeof(SHA256_CTX), -}; - -const EVP_MD * -EVP_sha224(void) -{ - return &sha224_md; -} -LCRYPTO_ALIAS(EVP_sha224); - -static int -sha256_init(EVP_MD_CTX *ctx) -{ - return SHA256_Init(ctx->md_data); -} - -static int -sha256_update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - return SHA256_Update(ctx->md_data, data, count); -} - -static int -sha256_final(EVP_MD_CTX *ctx, unsigned char *md) -{ - return SHA256_Final(md, ctx->md_data); -} - -static const EVP_MD sha256_md = { - .type = NID_sha256, - .pkey_type = NID_sha256WithRSAEncryption, - .md_size = SHA256_DIGEST_LENGTH, - .flags = EVP_MD_FLAG_DIGALGID_ABSENT, - .init = sha256_init, - .update = sha256_update, - .final = sha256_final, - .copy = NULL, - .cleanup = NULL, - .block_size = SHA256_CBLOCK, - .ctx_size = sizeof(EVP_MD *) + sizeof(SHA256_CTX), -}; - -const EVP_MD * -EVP_sha256(void) -{ - return &sha256_md; -} -LCRYPTO_ALIAS(EVP_sha256); -#endif /* ifndef OPENSSL_NO_SHA256 */ - -#ifndef OPENSSL_NO_SHA512 -static int -sha384_init(EVP_MD_CTX *ctx) -{ - return SHA384_Init(ctx->md_data); -} - -static int -sha384_update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - /* See comment in SHA224/256 section */ - return SHA512_Update(ctx->md_data, data, count); -} - -static int -sha384_final(EVP_MD_CTX *ctx, unsigned char *md) -{ - return SHA384_Final(md, ctx->md_data); -} - -static const EVP_MD sha384_md = { - .type = NID_sha384, - .pkey_type = NID_sha384WithRSAEncryption, - .md_size = SHA384_DIGEST_LENGTH, - .flags = EVP_MD_FLAG_DIGALGID_ABSENT, - .init = sha384_init, - .update = sha384_update, - .final = sha384_final, - .copy = NULL, - .cleanup = NULL, - .block_size = SHA512_CBLOCK, - .ctx_size = sizeof(EVP_MD *) + sizeof(SHA512_CTX), -}; - -const EVP_MD * -EVP_sha384(void) -{ - return &sha384_md; -} -LCRYPTO_ALIAS(EVP_sha384); - -static int -sha512_init(EVP_MD_CTX *ctx) -{ - return SHA512_Init(ctx->md_data); -} - -static int -sha512_update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - return SHA512_Update(ctx->md_data, data, count); -} - -static int -sha512_final(EVP_MD_CTX *ctx, unsigned char *md) -{ - return SHA512_Final(md, ctx->md_data); -} - -static const EVP_MD sha512_md = { - .type = NID_sha512, - .pkey_type = NID_sha512WithRSAEncryption, - .md_size = SHA512_DIGEST_LENGTH, - .flags = EVP_MD_FLAG_DIGALGID_ABSENT, - .init = sha512_init, - .update = sha512_update, - .final = sha512_final, - .copy = NULL, - .cleanup = NULL, - .block_size = SHA512_CBLOCK, - .ctx_size = sizeof(EVP_MD *) + sizeof(SHA512_CTX), -}; - -const EVP_MD * -EVP_sha512(void) -{ - return &sha512_md; -} -LCRYPTO_ALIAS(EVP_sha512); - -static int -sha512_224_init(EVP_MD_CTX *ctx) -{ - return SHA512_224_Init(ctx->md_data); -} - -static int -sha512_224_update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - return SHA512_224_Update(ctx->md_data, data, count); -} - -static int -sha512_224_final(EVP_MD_CTX *ctx, unsigned char *md) -{ - return SHA512_224_Final(md, ctx->md_data); -} - -static const EVP_MD sha512_224_md = { - .type = NID_sha512_224, - .pkey_type = NID_sha512_224WithRSAEncryption, - .md_size = SHA512_224_DIGEST_LENGTH, - .flags = EVP_MD_FLAG_DIGALGID_ABSENT, - .init = sha512_224_init, - .update = sha512_224_update, - .final = sha512_224_final, - .copy = NULL, - .cleanup = NULL, - .block_size = SHA512_CBLOCK, - .ctx_size = sizeof(EVP_MD *) + sizeof(SHA512_CTX), -}; - -const EVP_MD * -EVP_sha512_224(void) -{ - return &sha512_224_md; -} -LCRYPTO_ALIAS(EVP_sha512_224); - -static int -sha512_256_init(EVP_MD_CTX *ctx) -{ - return SHA512_256_Init(ctx->md_data); -} - -static int -sha512_256_update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - return SHA512_256_Update(ctx->md_data, data, count); -} - -static int -sha512_256_final(EVP_MD_CTX *ctx, unsigned char *md) -{ - return SHA512_256_Final(md, ctx->md_data); -} - -static const EVP_MD sha512_256_md = { - .type = NID_sha512_256, - .pkey_type = NID_sha512_256WithRSAEncryption, - .md_size = SHA512_256_DIGEST_LENGTH, - .flags = EVP_MD_FLAG_DIGALGID_ABSENT, - .init = sha512_256_init, - .update = sha512_256_update, - .final = sha512_256_final, - .copy = NULL, - .cleanup = NULL, - .block_size = SHA512_CBLOCK, - .ctx_size = sizeof(EVP_MD *) + sizeof(SHA512_CTX), -}; - -const EVP_MD * -EVP_sha512_256(void) -{ - return &sha512_256_md; -} -LCRYPTO_ALIAS(EVP_sha512_256); -#endif /* ifndef OPENSSL_NO_SHA512 */ diff --git a/src/lib/libcrypto/evp/m_sha3.c b/src/lib/libcrypto/evp/m_sha3.c deleted file mode 100644 index a21833b605..0000000000 --- a/src/lib/libcrypto/evp/m_sha3.c +++ /dev/null @@ -1,177 +0,0 @@ -/* $OpenBSD: m_sha3.c,v 1.4 2024/04/09 13:52:41 beck Exp $ */ -/* - * Copyright (c) 2023 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include "evp_local.h" -#include "sha3_internal.h" - -static int -sha3_224_init(EVP_MD_CTX *ctx) -{ - return sha3_init(ctx->md_data, SHA3_224_DIGEST_LENGTH); -} - -static int -sha3_224_update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - return sha3_update(ctx->md_data, data, count); -} - -static int -sha3_224_final(EVP_MD_CTX *ctx, unsigned char *md) -{ - return sha3_final(md, ctx->md_data); -} - -static const EVP_MD sha3_224_md = { - .type = NID_sha3_224, - .pkey_type = NID_RSA_SHA3_224, - .md_size = SHA3_224_DIGEST_LENGTH, - .flags = EVP_MD_FLAG_DIGALGID_ABSENT, - .init = sha3_224_init, - .update = sha3_224_update, - .final = sha3_224_final, - .copy = NULL, - .cleanup = NULL, - .block_size = SHA3_224_BLOCK_SIZE, - .ctx_size = sizeof(EVP_MD *) + sizeof(sha3_ctx), -}; - -const EVP_MD * -EVP_sha3_224(void) -{ - return &sha3_224_md; -} -LCRYPTO_ALIAS(EVP_sha3_224); - -static int -sha3_256_init(EVP_MD_CTX *ctx) -{ - return sha3_init(ctx->md_data, SHA3_256_DIGEST_LENGTH); -} - -static int -sha3_256_update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - return sha3_update(ctx->md_data, data, count); -} - -static int -sha3_256_final(EVP_MD_CTX *ctx, unsigned char *md) -{ - return sha3_final(md, ctx->md_data); -} - -static const EVP_MD sha3_256_md = { - .type = NID_sha3_256, - .pkey_type = NID_RSA_SHA3_256, - .md_size = SHA3_256_DIGEST_LENGTH, - .flags = EVP_MD_FLAG_DIGALGID_ABSENT, - .init = sha3_256_init, - .update = sha3_256_update, - .final = sha3_256_final, - .copy = NULL, - .cleanup = NULL, - .block_size = SHA3_256_BLOCK_SIZE, - .ctx_size = sizeof(EVP_MD *) + sizeof(sha3_ctx), -}; - -const EVP_MD * -EVP_sha3_256(void) -{ - return &sha3_256_md; -} -LCRYPTO_ALIAS(EVP_sha3_256); - -static int -sha3_384_init(EVP_MD_CTX *ctx) -{ - return sha3_init(ctx->md_data, SHA3_384_DIGEST_LENGTH); -} - -static int -sha3_384_update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - return sha3_update(ctx->md_data, data, count); -} - -static int -sha3_384_final(EVP_MD_CTX *ctx, unsigned char *md) -{ - return sha3_final(md, ctx->md_data); -} - -static const EVP_MD sha3_384_md = { - .type = NID_sha3_384, - .pkey_type = NID_RSA_SHA3_384, - .md_size = SHA3_384_DIGEST_LENGTH, - .flags = EVP_MD_FLAG_DIGALGID_ABSENT, - .init = sha3_384_init, - .update = sha3_384_update, - .final = sha3_384_final, - .copy = NULL, - .cleanup = NULL, - .block_size = SHA3_384_BLOCK_SIZE, - .ctx_size = sizeof(EVP_MD *) + sizeof(sha3_ctx), -}; - -const EVP_MD * -EVP_sha3_384(void) -{ - return &sha3_384_md; -} -LCRYPTO_ALIAS(EVP_sha3_384); - -static int -sha3_512_init(EVP_MD_CTX *ctx) -{ - return sha3_init(ctx->md_data, SHA3_512_DIGEST_LENGTH); -} - -static int -sha3_512_update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - return sha3_update(ctx->md_data, data, count); -} - -static int -sha3_512_final(EVP_MD_CTX *ctx, unsigned char *md) -{ - return sha3_final(md, ctx->md_data); -} - -static const EVP_MD sha3_512_md = { - .type = NID_sha3_512, - .pkey_type = NID_RSA_SHA3_512, - .md_size = SHA3_512_DIGEST_LENGTH, - .flags = EVP_MD_FLAG_DIGALGID_ABSENT, - .init = sha3_512_init, - .update = sha3_512_update, - .final = sha3_512_final, - .copy = NULL, - .cleanup = NULL, - .block_size = SHA3_512_BLOCK_SIZE, - .ctx_size = sizeof(EVP_MD *) + sizeof(sha3_ctx), -}; - -const EVP_MD * -EVP_sha3_512(void) -{ - return &sha3_512_md; -} -LCRYPTO_ALIAS(EVP_sha3_512); diff --git a/src/lib/libcrypto/evp/m_sigver.c b/src/lib/libcrypto/evp/m_sigver.c deleted file mode 100644 index a3353854f1..0000000000 --- a/src/lib/libcrypto/evp/m_sigver.c +++ /dev/null @@ -1,271 +0,0 @@ -/* $OpenBSD: m_sigver.c,v 1.27 2024/04/09 13:52:41 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2006. - */ -/* ==================================================================== - * Copyright (c) 2006,2007 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include -#include - -#include "evp_local.h" - -static int -update_oneshot_only(EVP_MD_CTX *ctx, const void *data, size_t datalen) -{ - EVPerror(EVP_R_ONLY_ONESHOT_SUPPORTED); - return 0; -} - -static int -do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, - EVP_PKEY *pkey, int ver) -{ - if (ctx->pctx == NULL) - ctx->pctx = EVP_PKEY_CTX_new(pkey, NULL); - if (ctx->pctx == NULL) - return 0; - - if (!(ctx->pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)) { - if (type == NULL) { - int def_nid; - if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) > 0) - type = EVP_get_digestbynid(def_nid); - } - - if (type == NULL) { - EVPerror(EVP_R_NO_DEFAULT_DIGEST); - return 0; - } - } - - if (ver) { - if (ctx->pctx->pmeth->digestverify != NULL) { - ctx->pctx->operation = EVP_PKEY_OP_VERIFY; - ctx->update = update_oneshot_only; - } else if (EVP_PKEY_verify_init(ctx->pctx) <= 0) - return 0; - } else { - if (ctx->pctx->pmeth->signctx_init) { - if (ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx) <= 0) - return 0; - ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX; - } else if (ctx->pctx->pmeth->digestsign != NULL) { - ctx->pctx->operation = EVP_PKEY_OP_SIGN; - ctx->update = update_oneshot_only; - } else if (EVP_PKEY_sign_init(ctx->pctx) <= 0) - return 0; - } - if (EVP_PKEY_CTX_set_signature_md(ctx->pctx, type) <= 0) - return 0; - if (pctx) - *pctx = ctx->pctx; - if (ctx->pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM) - return 1; - if (!EVP_DigestInit_ex(ctx, type, NULL)) - return 0; - return 1; -} - -int -EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, - ENGINE *e, EVP_PKEY *pkey) -{ - return do_sigver_init(ctx, pctx, type, pkey, 0); -} -LCRYPTO_ALIAS(EVP_DigestSignInit); - -int -EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, - ENGINE *e, EVP_PKEY *pkey) -{ - return do_sigver_init(ctx, pctx, type, pkey, 1); -} -LCRYPTO_ALIAS(EVP_DigestVerifyInit); - -static int -evp_digestsignfinal_sigctx_custom(EVP_MD_CTX *ctx, unsigned char *sigret, - size_t *siglen) -{ - EVP_PKEY_CTX *pctx = ctx->pctx; - EVP_PKEY_CTX *dctx = NULL; - int ret = 0; - - if (sigret == NULL) - return pctx->pmeth->signctx(pctx, sigret, siglen, ctx); - - /* XXX - support EVP_MD_CTX_FLAG_FINALISE? */ - if ((dctx = EVP_PKEY_CTX_dup(pctx)) == NULL) - goto err; - - if (!dctx->pmeth->signctx(dctx, sigret, siglen, ctx)) - goto err; - - ret = 1; - - err: - EVP_PKEY_CTX_free(dctx); - - return ret; -} - -int -EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen) -{ - EVP_PKEY_CTX *pctx = ctx->pctx; - EVP_MD_CTX *md_ctx = NULL; - unsigned char md[EVP_MAX_MD_SIZE]; - unsigned int mdlen = 0; - int s; - int ret = 0; - - if (pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM) - return evp_digestsignfinal_sigctx_custom(ctx, sigret, siglen); - - if (sigret == NULL) { - if (ctx->pctx->pmeth->signctx != NULL) { - if (ctx->pctx->pmeth->signctx(ctx->pctx, NULL, - siglen, ctx) <= 0) - return 0; - return 1; - } - - if ((s = EVP_MD_size(ctx->digest)) < 0) - return 0; - if (EVP_PKEY_sign(ctx->pctx, NULL, siglen, NULL, s) <= 0) - return 0; - - return 1; - } - - /* Use a copy since EVP_DigestFinal_ex() clears secrets. */ - if ((md_ctx = EVP_MD_CTX_new()) == NULL) - goto err; - if (!EVP_MD_CTX_copy_ex(md_ctx, ctx)) - goto err; - if (md_ctx->pctx->pmeth->signctx != NULL) { - if (md_ctx->pctx->pmeth->signctx(md_ctx->pctx, - sigret, siglen, md_ctx) <= 0) - goto err; - } else { - if (!EVP_DigestFinal_ex(md_ctx, md, &mdlen)) - goto err; - /* Use the original ctx since secrets were cleared. */ - if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0) - goto err; - } - - ret = 1; - - err: - EVP_MD_CTX_free(md_ctx); - - return ret; -} -LCRYPTO_ALIAS(EVP_DigestSignFinal); - -int -EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen, - const unsigned char *tbs, size_t tbslen) -{ - if (ctx->pctx->pmeth->digestsign != NULL) - return ctx->pctx->pmeth->digestsign(ctx, sigret, siglen, - tbs, tbslen); - - if (sigret != NULL) { - if (EVP_DigestSignUpdate(ctx, tbs, tbslen) <= 0) - return 0; - } - - return EVP_DigestSignFinal(ctx, sigret, siglen); -} -LCRYPTO_ALIAS(EVP_DigestSign); - -int -EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, size_t siglen) -{ - EVP_MD_CTX tmp_ctx; - unsigned char md[EVP_MAX_MD_SIZE]; - int r; - unsigned int mdlen = 0; - - EVP_MD_CTX_legacy_clear(&tmp_ctx); - if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx)) - return -1; - r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen); - EVP_MD_CTX_cleanup(&tmp_ctx); - if (!r) - return r; - return EVP_PKEY_verify(ctx->pctx, sig, siglen, md, mdlen); -} -LCRYPTO_ALIAS(EVP_DigestVerifyFinal); - -int -EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret, size_t siglen, - const unsigned char *tbs, size_t tbslen) -{ - if (ctx->pctx->pmeth->digestverify != NULL) - return ctx->pctx->pmeth->digestverify(ctx, sigret, siglen, - tbs, tbslen); - - if (EVP_DigestVerifyUpdate(ctx, tbs, tbslen) <= 0) - return -1; - - return EVP_DigestVerifyFinal(ctx, sigret, siglen); -} -LCRYPTO_ALIAS(EVP_DigestVerify); diff --git a/src/lib/libcrypto/evp/m_sm3.c b/src/lib/libcrypto/evp/m_sm3.c deleted file mode 100644 index 672d06f9fd..0000000000 --- a/src/lib/libcrypto/evp/m_sm3.c +++ /dev/null @@ -1,69 +0,0 @@ -/* $OpenBSD: m_sm3.c,v 1.7 2024/04/09 13:52:41 beck Exp $ */ -/* - * Copyright (c) 2018, Ribose Inc - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#ifndef OPENSSL_NO_SM3 -#include -#include - -#ifndef OPENSSL_NO_RSA -#include -#endif - -#include "evp_local.h" - -static int -sm3_init(EVP_MD_CTX *ctx) -{ - return SM3_Init(ctx->md_data); -} - -static int -sm3_update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - return SM3_Update(ctx->md_data, data, count); -} - -static int -sm3_final(EVP_MD_CTX *ctx, unsigned char *md) -{ - return SM3_Final(md, ctx->md_data); -} - -static const EVP_MD sm3_md = { - .type = NID_sm3, - .pkey_type = NID_sm3WithRSAEncryption, - .md_size = SM3_DIGEST_LENGTH, - .flags = EVP_MD_FLAG_DIGALGID_ABSENT, - .init = sm3_init, - .update = sm3_update, - .final = sm3_final, - .copy = NULL, - .cleanup = NULL, - .block_size = SM3_CBLOCK, - .ctx_size = sizeof(EVP_MD *) + sizeof(SM3_CTX), -}; - -const EVP_MD * -EVP_sm3(void) -{ - return &sm3_md; -} -LCRYPTO_ALIAS(EVP_sm3); - -#endif /* OPENSSL_NO_SM3 */ diff --git a/src/lib/libcrypto/evp/p_legacy.c b/src/lib/libcrypto/evp/p_legacy.c deleted file mode 100644 index 01cfdbcd6a..0000000000 --- a/src/lib/libcrypto/evp/p_legacy.c +++ /dev/null @@ -1,200 +0,0 @@ -/* $OpenBSD: p_legacy.c,v 1.6 2024/04/09 13:52:41 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include - -#include - -#include "evp_local.h" - -int -EVP_PKEY_decrypt_old(unsigned char *to, const unsigned char *from, int from_len, - EVP_PKEY *pkey) -{ - if (pkey->type != EVP_PKEY_RSA) { - EVPerror(EVP_R_PUBLIC_KEY_NOT_RSA); - return -1; - } - - return RSA_private_decrypt(from_len, from, to, pkey->pkey.rsa, - RSA_PKCS1_PADDING); -} -LCRYPTO_ALIAS(EVP_PKEY_decrypt_old); - -int -EVP_PKEY_encrypt_old(unsigned char *to, const unsigned char *from, int from_len, - EVP_PKEY *pkey) -{ - if (pkey->type != EVP_PKEY_RSA) { - EVPerror(EVP_R_PUBLIC_KEY_NOT_RSA); - return 0; - } - - return RSA_public_encrypt(from_len, from, to, pkey->pkey.rsa, - RSA_PKCS1_PADDING); -} -LCRYPTO_ALIAS(EVP_PKEY_encrypt_old); - -int -EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, - const unsigned char *ek, int ekl, const unsigned char *iv, EVP_PKEY *priv) -{ - unsigned char *key = NULL; - int i, size = 0, ret = 0; - - if (type) { - if (!EVP_CIPHER_CTX_reset(ctx)) - return 0; - if (!EVP_DecryptInit_ex(ctx, type, NULL, NULL, NULL)) - return 0; - } - - if (!priv) - return 1; - - if (priv->type != EVP_PKEY_RSA) { - EVPerror(EVP_R_PUBLIC_KEY_NOT_RSA); - goto err; - } - - size = RSA_size(priv->pkey.rsa); - key = malloc(size + 2); - if (key == NULL) { - /* ERROR */ - EVPerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - i = EVP_PKEY_decrypt_old(key, ek, ekl, priv); - if ((i <= 0) || !EVP_CIPHER_CTX_set_key_length(ctx, i)) { - /* ERROR */ - goto err; - } - if (!EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv)) - goto err; - - ret = 1; - -err: - freezero(key, size); - return (ret); -} -LCRYPTO_ALIAS(EVP_OpenInit); - -int -EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) -{ - int i; - - i = EVP_DecryptFinal_ex(ctx, out, outl); - if (i) - i = EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL); - return (i); -} -LCRYPTO_ALIAS(EVP_OpenFinal); - -int -EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek, - int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk) -{ - unsigned char key[EVP_MAX_KEY_LENGTH]; - int i, iv_len; - - if (type) { - if (!EVP_CIPHER_CTX_reset(ctx)) - return 0; - if (!EVP_EncryptInit_ex(ctx, type, NULL, NULL, NULL)) - return 0; - } - if ((npubk <= 0) || !pubk) - return 1; - if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0) - return 0; - /* XXX - upper bound? */ - if ((iv_len = EVP_CIPHER_CTX_iv_length(ctx)) < 0) - return 0; - if (iv_len > 0) - arc4random_buf(iv, iv_len); - - if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv)) - return 0; - - for (i = 0; i < npubk; i++) { - ekl[i] = EVP_PKEY_encrypt_old(ek[i], key, - EVP_CIPHER_CTX_key_length(ctx), pubk[i]); - if (ekl[i] <= 0) - return (-1); - } - return (npubk); -} -LCRYPTO_ALIAS(EVP_SealInit); - -int -EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) -{ - int i; - - i = EVP_EncryptFinal_ex(ctx, out, outl); - if (i) - i = EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, NULL); - return i; -} -LCRYPTO_ALIAS(EVP_SealFinal); diff --git a/src/lib/libcrypto/evp/p_lib.c b/src/lib/libcrypto/evp/p_lib.c deleted file mode 100644 index 95c7721303..0000000000 --- a/src/lib/libcrypto/evp/p_lib.c +++ /dev/null @@ -1,854 +0,0 @@ -/* $OpenBSD: p_lib.c,v 1.61 2024/08/22 12:24:24 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include - -#ifndef OPENSSL_NO_DH -#include -#endif -#ifndef OPENSSL_NO_DSA -#include -#endif -#ifndef OPENSSL_NO_EC -#include -#endif -#ifndef OPENSSL_NO_RSA -#include -#endif - -#include "evp_local.h" - -extern const EVP_PKEY_ASN1_METHOD cmac_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD dsa1_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD dsa2_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD dsa3_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD dsa4_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD ed25519_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD rsa2_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD rsa_pss_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD x25519_asn1_meth; - -static const EVP_PKEY_ASN1_METHOD *asn1_methods[] = { - &cmac_asn1_meth, - &dh_asn1_meth, - &dsa_asn1_meth, - &dsa1_asn1_meth, - &dsa2_asn1_meth, - &dsa3_asn1_meth, - &dsa4_asn1_meth, - &eckey_asn1_meth, - &ed25519_asn1_meth, - &hmac_asn1_meth, - &rsa_asn1_meth, - &rsa2_asn1_meth, - &rsa_pss_asn1_meth, - &x25519_asn1_meth, -}; - -#define N_ASN1_METHODS (sizeof(asn1_methods) / sizeof(asn1_methods[0])) - -int -EVP_PKEY_asn1_get_count(void) -{ - return N_ASN1_METHODS; -} -LCRYPTO_ALIAS(EVP_PKEY_asn1_get_count); - -const EVP_PKEY_ASN1_METHOD * -EVP_PKEY_asn1_get0(int idx) -{ - if (idx < 0 || idx >= N_ASN1_METHODS) - return NULL; - - return asn1_methods[idx]; -} -LCRYPTO_ALIAS(EVP_PKEY_asn1_get0); - -const EVP_PKEY_ASN1_METHOD * -EVP_PKEY_asn1_find(ENGINE **engine, int pkey_id) -{ - size_t i; - - if (engine != NULL) - *engine = NULL; - - for (i = 0; i < N_ASN1_METHODS; i++) { - if (asn1_methods[i]->pkey_id == pkey_id) - return asn1_methods[i]->base_method; - } - - return NULL; -} -LCRYPTO_ALIAS(EVP_PKEY_asn1_find); - -const EVP_PKEY_ASN1_METHOD * -EVP_PKEY_asn1_find_str(ENGINE **engine, const char *str, int len) -{ - const EVP_PKEY_ASN1_METHOD *ameth; - size_t i, str_len; - - if (engine != NULL) - *engine = NULL; - - if (len < -1) - return NULL; - if (len == -1) - str_len = strlen(str); - else - str_len = len; - - for (i = 0; i < N_ASN1_METHODS; i++) { - ameth = asn1_methods[i]; - if ((ameth->pkey_flags & ASN1_PKEY_ALIAS) != 0) - continue; - if (strlen(ameth->pem_str) != str_len) - continue; - if (strncasecmp(ameth->pem_str, str, str_len) == 0) - return ameth; - } - - return NULL; -} -LCRYPTO_ALIAS(EVP_PKEY_asn1_find_str); - -int -EVP_PKEY_asn1_get0_info(int *pkey_id, int *pkey_base_id, int *pkey_flags, - const char **info, const char **pem_str, - const EVP_PKEY_ASN1_METHOD *ameth) -{ - if (ameth == NULL) - return 0; - - if (pkey_id != NULL) - *pkey_id = ameth->pkey_id; - if (pkey_base_id != NULL) - *pkey_base_id = ameth->base_method->pkey_id; - if (pkey_flags != NULL) - *pkey_flags = ameth->pkey_flags; - if (info != NULL) - *info = ameth->info; - if (pem_str != NULL) - *pem_str = ameth->pem_str; - - return 1; -} -LCRYPTO_ALIAS(EVP_PKEY_asn1_get0_info); - -const EVP_PKEY_ASN1_METHOD* -EVP_PKEY_get0_asn1(const EVP_PKEY *pkey) -{ - return pkey->ameth; -} -LCRYPTO_ALIAS(EVP_PKEY_get0_asn1); - -int -EVP_PKEY_bits(const EVP_PKEY *pkey) -{ - if (pkey && pkey->ameth && pkey->ameth->pkey_bits) - return pkey->ameth->pkey_bits(pkey); - return 0; -} -LCRYPTO_ALIAS(EVP_PKEY_bits); - -int -EVP_PKEY_security_bits(const EVP_PKEY *pkey) -{ - if (pkey == NULL) - return 0; - if (pkey->ameth == NULL || pkey->ameth->pkey_security_bits == NULL) - return -2; - - return pkey->ameth->pkey_security_bits(pkey); -} -LCRYPTO_ALIAS(EVP_PKEY_security_bits); - -int -EVP_PKEY_size(const EVP_PKEY *pkey) -{ - if (pkey && pkey->ameth && pkey->ameth->pkey_size) - return pkey->ameth->pkey_size(pkey); - return 0; -} -LCRYPTO_ALIAS(EVP_PKEY_size); - -int -EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode) -{ -#ifndef OPENSSL_NO_DSA - if (pkey->type == EVP_PKEY_DSA) { - int ret = pkey->save_parameters; - - if (mode >= 0) - pkey->save_parameters = mode; - return (ret); - } -#endif -#ifndef OPENSSL_NO_EC - if (pkey->type == EVP_PKEY_EC) { - int ret = pkey->save_parameters; - - if (mode >= 0) - pkey->save_parameters = mode; - return (ret); - } -#endif - return (0); -} -LCRYPTO_ALIAS(EVP_PKEY_save_parameters); - -int -EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) -{ - if (to->type != from->type) { - EVPerror(EVP_R_DIFFERENT_KEY_TYPES); - goto err; - } - - if (EVP_PKEY_missing_parameters(from)) { - EVPerror(EVP_R_MISSING_PARAMETERS); - goto err; - } - if (from->ameth && from->ameth->param_copy) - return from->ameth->param_copy(to, from); - -err: - return 0; -} -LCRYPTO_ALIAS(EVP_PKEY_copy_parameters); - -int -EVP_PKEY_missing_parameters(const EVP_PKEY *pkey) -{ - if (pkey->ameth && pkey->ameth->param_missing) - return pkey->ameth->param_missing(pkey); - return 0; -} -LCRYPTO_ALIAS(EVP_PKEY_missing_parameters); - -int -EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) -{ - if (a->type != b->type) - return -1; - if (a->ameth && a->ameth->param_cmp) - return a->ameth->param_cmp(a, b); - return -2; -} -LCRYPTO_ALIAS(EVP_PKEY_cmp_parameters); - -int -EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) -{ - if (a->type != b->type) - return -1; - - if (a->ameth) { - int ret; - /* Compare parameters if the algorithm has them */ - if (a->ameth->param_cmp) { - ret = a->ameth->param_cmp(a, b); - if (ret <= 0) - return ret; - } - - if (a->ameth->pub_cmp) - return a->ameth->pub_cmp(a, b); - } - - return -2; -} -LCRYPTO_ALIAS(EVP_PKEY_cmp); - -EVP_PKEY * -EVP_PKEY_new(void) -{ - EVP_PKEY *pkey; - - if ((pkey = calloc(1, sizeof(*pkey))) == NULL) { - EVPerror(ERR_R_MALLOC_FAILURE); - return NULL; - } - - pkey->type = EVP_PKEY_NONE; - pkey->references = 1; - pkey->save_parameters = 1; - - return pkey; -} -LCRYPTO_ALIAS(EVP_PKEY_new); - -int -EVP_PKEY_up_ref(EVP_PKEY *pkey) -{ - return CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY) > 1; -} -LCRYPTO_ALIAS(EVP_PKEY_up_ref); - -static void -evp_pkey_free_pkey_ptr(EVP_PKEY *pkey) -{ - if (pkey == NULL || pkey->ameth == NULL || pkey->ameth->pkey_free == NULL) - return; - - pkey->ameth->pkey_free(pkey); - pkey->pkey.ptr = NULL; -} - -void -EVP_PKEY_free(EVP_PKEY *pkey) -{ - if (pkey == NULL) - return; - - if (CRYPTO_add(&pkey->references, -1, CRYPTO_LOCK_EVP_PKEY) > 0) - return; - - evp_pkey_free_pkey_ptr(pkey); - freezero(pkey, sizeof(*pkey)); -} -LCRYPTO_ALIAS(EVP_PKEY_free); - -int -EVP_PKEY_set_type(EVP_PKEY *pkey, int type) -{ - const EVP_PKEY_ASN1_METHOD *ameth; - - evp_pkey_free_pkey_ptr(pkey); - - if ((ameth = EVP_PKEY_asn1_find(NULL, type)) == NULL) { - EVPerror(EVP_R_UNSUPPORTED_ALGORITHM); - return 0; - } - if (pkey != NULL) { - pkey->ameth = ameth; - pkey->type = pkey->ameth->pkey_id; - } - - return 1; -} -LCRYPTO_ALIAS(EVP_PKEY_set_type); - -int -EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len) -{ - const EVP_PKEY_ASN1_METHOD *ameth; - - evp_pkey_free_pkey_ptr(pkey); - - if ((ameth = EVP_PKEY_asn1_find_str(NULL, str, len)) == NULL) { - EVPerror(EVP_R_UNSUPPORTED_ALGORITHM); - return 0; - } - if (pkey != NULL) { - pkey->ameth = ameth; - pkey->type = pkey->ameth->pkey_id; - } - - return 1; -} -LCRYPTO_ALIAS(EVP_PKEY_set_type_str); - -int -EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key) -{ - if (!EVP_PKEY_set_type(pkey, type)) - return 0; - - return (pkey->pkey.ptr = key) != NULL; -} -LCRYPTO_ALIAS(EVP_PKEY_assign); - -EVP_PKEY * -EVP_PKEY_new_raw_private_key(int type, ENGINE *engine, - const unsigned char *private_key, size_t len) -{ - EVP_PKEY *pkey; - - if ((pkey = EVP_PKEY_new()) == NULL) - goto err; - - if (!EVP_PKEY_set_type(pkey, type)) - goto err; - - if (pkey->ameth->set_priv_key == NULL) { - EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); - goto err; - } - if (!pkey->ameth->set_priv_key(pkey, private_key, len)) { - EVPerror(EVP_R_KEY_SETUP_FAILED); - goto err; - } - - return pkey; - - err: - EVP_PKEY_free(pkey); - - return NULL; -} -LCRYPTO_ALIAS(EVP_PKEY_new_raw_private_key); - -EVP_PKEY * -EVP_PKEY_new_raw_public_key(int type, ENGINE *engine, - const unsigned char *public_key, size_t len) -{ - EVP_PKEY *pkey; - - if ((pkey = EVP_PKEY_new()) == NULL) - goto err; - - if (!EVP_PKEY_set_type(pkey, type)) - goto err; - - if (pkey->ameth->set_pub_key == NULL) { - EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); - goto err; - } - if (!pkey->ameth->set_pub_key(pkey, public_key, len)) { - EVPerror(EVP_R_KEY_SETUP_FAILED); - goto err; - } - - return pkey; - - err: - EVP_PKEY_free(pkey); - - return NULL; -} -LCRYPTO_ALIAS(EVP_PKEY_new_raw_public_key); - -int -EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, - unsigned char *out_private_key, size_t *out_len) -{ - if (pkey->ameth->get_priv_key == NULL) { - EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); - return 0; - } - if (!pkey->ameth->get_priv_key(pkey, out_private_key, out_len)) { - EVPerror(EVP_R_GET_RAW_KEY_FAILED); - return 0; - } - - return 1; -} -LCRYPTO_ALIAS(EVP_PKEY_get_raw_private_key); - -int -EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, - unsigned char *out_public_key, size_t *out_len) -{ - if (pkey->ameth->get_pub_key == NULL) { - EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); - return 0; - } - if (!pkey->ameth->get_pub_key(pkey, out_public_key, out_len)) { - EVPerror(EVP_R_GET_RAW_KEY_FAILED); - return 0; - } - - return 1; -} -LCRYPTO_ALIAS(EVP_PKEY_get_raw_public_key); - -EVP_PKEY * -EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, size_t len, - const EVP_CIPHER *cipher) -{ - EVP_PKEY *pkey = NULL; - CMAC_CTX *cmctx = NULL; - - if ((pkey = EVP_PKEY_new()) == NULL) - goto err; - if ((cmctx = CMAC_CTX_new()) == NULL) - goto err; - - if (!EVP_PKEY_set_type(pkey, EVP_PKEY_CMAC)) - goto err; - - if (!CMAC_Init(cmctx, priv, len, cipher, NULL)) { - EVPerror(EVP_R_KEY_SETUP_FAILED); - goto err; - } - - pkey->pkey.ptr = cmctx; - - return pkey; - - err: - EVP_PKEY_free(pkey); - CMAC_CTX_free(cmctx); - - return NULL; -} -LCRYPTO_ALIAS(EVP_PKEY_new_CMAC_key); - -void * -EVP_PKEY_get0(const EVP_PKEY *pkey) -{ - return pkey->pkey.ptr; -} -LCRYPTO_ALIAS(EVP_PKEY_get0); - -const unsigned char * -EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len) -{ - ASN1_OCTET_STRING *os; - - if (pkey->type != EVP_PKEY_HMAC) { - EVPerror(EVP_R_EXPECTING_AN_HMAC_KEY); - return NULL; - } - - os = EVP_PKEY_get0(pkey); - *len = os->length; - - return os->data; -} -LCRYPTO_ALIAS(EVP_PKEY_get0_hmac); - -#ifndef OPENSSL_NO_RSA -RSA * -EVP_PKEY_get0_RSA(EVP_PKEY *pkey) -{ - if (pkey->type == EVP_PKEY_RSA || pkey->type == EVP_PKEY_RSA_PSS) - return pkey->pkey.rsa; - - EVPerror(EVP_R_EXPECTING_AN_RSA_KEY); - return NULL; -} -LCRYPTO_ALIAS(EVP_PKEY_get0_RSA); - -RSA * -EVP_PKEY_get1_RSA(EVP_PKEY *pkey) -{ - RSA *rsa; - - if ((rsa = EVP_PKEY_get0_RSA(pkey)) == NULL) - return NULL; - - RSA_up_ref(rsa); - - return rsa; -} -LCRYPTO_ALIAS(EVP_PKEY_get1_RSA); - -int -EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) -{ - int ret = EVP_PKEY_assign_RSA(pkey, key); - if (ret != 0) - RSA_up_ref(key); - return ret; -} -LCRYPTO_ALIAS(EVP_PKEY_set1_RSA); -#endif - -#ifndef OPENSSL_NO_DSA -DSA * -EVP_PKEY_get0_DSA(EVP_PKEY *pkey) -{ - if (pkey->type != EVP_PKEY_DSA) { - EVPerror(EVP_R_EXPECTING_A_DSA_KEY); - return NULL; - } - return pkey->pkey.dsa; -} -LCRYPTO_ALIAS(EVP_PKEY_get0_DSA); - -DSA * -EVP_PKEY_get1_DSA(EVP_PKEY *pkey) -{ - DSA *dsa; - - if ((dsa = EVP_PKEY_get0_DSA(pkey)) == NULL) - return NULL; - - DSA_up_ref(dsa); - - return dsa; -} -LCRYPTO_ALIAS(EVP_PKEY_get1_DSA); - -int -EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) -{ - int ret = EVP_PKEY_assign_DSA(pkey, key); - if (ret != 0) - DSA_up_ref(key); - return ret; -} -LCRYPTO_ALIAS(EVP_PKEY_set1_DSA); -#endif - -#ifndef OPENSSL_NO_EC -EC_KEY * -EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey) -{ - if (pkey->type != EVP_PKEY_EC) { - EVPerror(EVP_R_EXPECTING_A_EC_KEY); - return NULL; - } - return pkey->pkey.ec; -} -LCRYPTO_ALIAS(EVP_PKEY_get0_EC_KEY); - -EC_KEY * -EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) -{ - EC_KEY *key; - - if ((key = EVP_PKEY_get0_EC_KEY(pkey)) == NULL) - return NULL; - - EC_KEY_up_ref(key); - - return key; -} -LCRYPTO_ALIAS(EVP_PKEY_get1_EC_KEY); - -int -EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) -{ - int ret = EVP_PKEY_assign_EC_KEY(pkey, key); - if (ret != 0) - EC_KEY_up_ref(key); - return ret; -} -LCRYPTO_ALIAS(EVP_PKEY_set1_EC_KEY); -#endif - - -#ifndef OPENSSL_NO_DH -DH * -EVP_PKEY_get0_DH(EVP_PKEY *pkey) -{ - if (pkey->type != EVP_PKEY_DH) { - EVPerror(EVP_R_EXPECTING_A_DH_KEY); - return NULL; - } - return pkey->pkey.dh; -} -LCRYPTO_ALIAS(EVP_PKEY_get0_DH); - -DH * -EVP_PKEY_get1_DH(EVP_PKEY *pkey) -{ - DH *dh; - - if ((dh = EVP_PKEY_get0_DH(pkey)) == NULL) - return NULL; - - DH_up_ref(dh); - - return dh; -} -LCRYPTO_ALIAS(EVP_PKEY_get1_DH); - -int -EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key) -{ - int ret = EVP_PKEY_assign_DH(pkey, key); - if (ret != 0) - DH_up_ref(key); - return ret; -} -LCRYPTO_ALIAS(EVP_PKEY_set1_DH); -#endif - -int -EVP_PKEY_type(int type) -{ - const EVP_PKEY_ASN1_METHOD *ameth; - - if ((ameth = EVP_PKEY_asn1_find(NULL, type)) != NULL) - return ameth->pkey_id; - - return NID_undef; -} -LCRYPTO_ALIAS(EVP_PKEY_type); - -int -EVP_PKEY_id(const EVP_PKEY *pkey) -{ - return pkey->type; -} -LCRYPTO_ALIAS(EVP_PKEY_id); - -int -EVP_PKEY_base_id(const EVP_PKEY *pkey) -{ - return EVP_PKEY_type(pkey->type); -} -LCRYPTO_ALIAS(EVP_PKEY_base_id); - -static int -unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent, const char *kstr) -{ - if (!BIO_indent(out, indent, 128)) - return 0; - BIO_printf(out, "%s algorithm \"%s\" unsupported\n", - kstr, OBJ_nid2ln(pkey->type)); - return 1; -} - -int -EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx) -{ - if (pkey->ameth && pkey->ameth->pub_print) - return pkey->ameth->pub_print(out, pkey, indent, pctx); - - return unsup_alg(out, pkey, indent, "Public Key"); -} -LCRYPTO_ALIAS(EVP_PKEY_print_public); - -int -EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx) -{ - if (pkey->ameth && pkey->ameth->priv_print) - return pkey->ameth->priv_print(out, pkey, indent, pctx); - - return unsup_alg(out, pkey, indent, "Private Key"); -} -LCRYPTO_ALIAS(EVP_PKEY_print_private); - -int -EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx) -{ - if (pkey->ameth && pkey->ameth->param_print) - return pkey->ameth->param_print(out, pkey, indent, pctx); - return unsup_alg(out, pkey, indent, "Parameters"); -} -LCRYPTO_ALIAS(EVP_PKEY_print_params); - -int -EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid) -{ - if (!pkey->ameth || !pkey->ameth->pkey_ctrl) - return -2; - return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID, - 0, pnid); -} -LCRYPTO_ALIAS(EVP_PKEY_get_default_digest_nid); diff --git a/src/lib/libcrypto/evp/p_sign.c b/src/lib/libcrypto/evp/p_sign.c deleted file mode 100644 index 7f472ea716..0000000000 --- a/src/lib/libcrypto/evp/p_sign.c +++ /dev/null @@ -1,107 +0,0 @@ -/* $OpenBSD: p_sign.c,v 1.22 2024/04/09 13:52:41 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include -#include -#include - -#include "evp_local.h" - -int -EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, - EVP_PKEY *pkey) -{ - unsigned char m[EVP_MAX_MD_SIZE]; - unsigned int m_len; - EVP_MD_CTX *md_ctx; - EVP_PKEY_CTX *pkctx = NULL; - size_t sltmp; - int ret = 0; - - *siglen = 0; - - if ((md_ctx = EVP_MD_CTX_new()) == NULL) - goto err; - if (!EVP_MD_CTX_copy_ex(md_ctx, ctx)) - goto err; - if (!EVP_DigestFinal_ex(md_ctx, &(m[0]), &m_len)) - goto err; - - sltmp = (size_t)EVP_PKEY_size(pkey); - - if ((pkctx = EVP_PKEY_CTX_new(pkey, NULL)) == NULL) - goto err; - if (EVP_PKEY_sign_init(pkctx) <= 0) - goto err; - if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0) - goto err; - if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0) - goto err; - *siglen = sltmp; - - ret = 1; - - err: - EVP_MD_CTX_free(md_ctx); - EVP_PKEY_CTX_free(pkctx); - return ret; -} -LCRYPTO_ALIAS(EVP_SignFinal); diff --git a/src/lib/libcrypto/evp/p_verify.c b/src/lib/libcrypto/evp/p_verify.c deleted file mode 100644 index 02132e2c38..0000000000 --- a/src/lib/libcrypto/evp/p_verify.c +++ /dev/null @@ -1,99 +0,0 @@ -/* $OpenBSD: p_verify.c,v 1.21 2024/04/09 13:52:41 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include -#include -#include - -#include "evp_local.h" - -int -EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, - unsigned int siglen, EVP_PKEY *pkey) -{ - unsigned char m[EVP_MAX_MD_SIZE]; - unsigned int m_len; - EVP_MD_CTX *md_ctx; - EVP_PKEY_CTX *pkctx = NULL; - int ret = 0; - - if ((md_ctx = EVP_MD_CTX_new()) == NULL) - goto err; - if (!EVP_MD_CTX_copy_ex(md_ctx, ctx)) - goto err; - if (!EVP_DigestFinal_ex(md_ctx, &(m[0]), &m_len)) - goto err; - - ret = -1; - if ((pkctx = EVP_PKEY_CTX_new(pkey, NULL)) == NULL) - goto err; - if (EVP_PKEY_verify_init(pkctx) <= 0) - goto err; - if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0) - goto err; - ret = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len); - - err: - EVP_MD_CTX_free(md_ctx); - EVP_PKEY_CTX_free(pkctx); - return ret; -} -LCRYPTO_ALIAS(EVP_VerifyFinal); diff --git a/src/lib/libcrypto/evp/pmeth_fn.c b/src/lib/libcrypto/evp/pmeth_fn.c deleted file mode 100644 index 308c434f0d..0000000000 --- a/src/lib/libcrypto/evp/pmeth_fn.c +++ /dev/null @@ -1,344 +0,0 @@ -/* $OpenBSD: pmeth_fn.c,v 1.11 2024/04/12 09:41:39 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2006. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include - -#include "evp_local.h" - -#define M_check_autoarg(ctx, arg, arglen, err) \ - if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) \ - { \ - size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey); \ - if (!arg) \ - { \ - *arglen = pksize; \ - return 1; \ - } \ - else if (*arglen < pksize) \ - { \ - EVPerror(EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/\ - return 0; \ - } \ - } - -int -EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx) -{ - int ret; - - if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) { - EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); - return -2; - } - ctx->operation = EVP_PKEY_OP_SIGN; - if (!ctx->pmeth->sign_init) - return 1; - ret = ctx->pmeth->sign_init(ctx); - if (ret <= 0) - ctx->operation = EVP_PKEY_OP_UNDEFINED; - return ret; -} -LCRYPTO_ALIAS(EVP_PKEY_sign_init); - -int -EVP_PKEY_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbslen) -{ - if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) { - EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); - return -2; - } - if (ctx->operation != EVP_PKEY_OP_SIGN) { - EVPerror(EVP_R_OPERATON_NOT_INITIALIZED); - return -1; - } - M_check_autoarg(ctx, sig, siglen, EVP_F_EVP_PKEY_SIGN) - return ctx->pmeth->sign(ctx, sig, siglen, tbs, tbslen); -} -LCRYPTO_ALIAS(EVP_PKEY_sign); - -int -EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx) -{ - int ret; - - if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) { - EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); - return -2; - } - ctx->operation = EVP_PKEY_OP_VERIFY; - if (!ctx->pmeth->verify_init) - return 1; - ret = ctx->pmeth->verify_init(ctx); - if (ret <= 0) - ctx->operation = EVP_PKEY_OP_UNDEFINED; - return ret; -} -LCRYPTO_ALIAS(EVP_PKEY_verify_init); - -int -EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, - const unsigned char *tbs, size_t tbslen) -{ - if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) { - EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); - return -2; - } - if (ctx->operation != EVP_PKEY_OP_VERIFY) { - EVPerror(EVP_R_OPERATON_NOT_INITIALIZED); - return -1; - } - return ctx->pmeth->verify(ctx, sig, siglen, tbs, tbslen); -} -LCRYPTO_ALIAS(EVP_PKEY_verify); - -int -EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx) -{ - if (ctx == NULL || ctx->pmeth == NULL || - ctx->pmeth->verify_recover == NULL) { - EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); - return -2; - } - - ctx->operation = EVP_PKEY_OP_VERIFYRECOVER; - - return 1; -} -LCRYPTO_ALIAS(EVP_PKEY_verify_recover_init); - -int -EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx, unsigned char *rout, size_t *routlen, - const unsigned char *sig, size_t siglen) -{ - if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) { - EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); - return -2; - } - if (ctx->operation != EVP_PKEY_OP_VERIFYRECOVER) { - EVPerror(EVP_R_OPERATON_NOT_INITIALIZED); - return -1; - } - M_check_autoarg(ctx, rout, routlen, EVP_F_EVP_PKEY_VERIFY_RECOVER) - return ctx->pmeth->verify_recover(ctx, rout, routlen, sig, siglen); -} -LCRYPTO_ALIAS(EVP_PKEY_verify_recover); - -int -EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx) -{ - if (ctx == NULL || ctx->pmeth == NULL || ctx->pmeth->encrypt == NULL) { - EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); - return -2; - } - - ctx->operation = EVP_PKEY_OP_ENCRYPT; - - return 1; -} -LCRYPTO_ALIAS(EVP_PKEY_encrypt_init); - -int -EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen) -{ - if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) { - EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); - return -2; - } - if (ctx->operation != EVP_PKEY_OP_ENCRYPT) { - EVPerror(EVP_R_OPERATON_NOT_INITIALIZED); - return -1; - } - M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_ENCRYPT) - return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen); -} -LCRYPTO_ALIAS(EVP_PKEY_encrypt); - -int -EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx) -{ - if (ctx == NULL || ctx->pmeth == NULL || ctx->pmeth->decrypt == NULL) { - EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); - return -2; - } - - ctx->operation = EVP_PKEY_OP_DECRYPT; - - return 1; -} -LCRYPTO_ALIAS(EVP_PKEY_decrypt_init); - -int -EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen) -{ - if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) { - EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); - return -2; - } - if (ctx->operation != EVP_PKEY_OP_DECRYPT) { - EVPerror(EVP_R_OPERATON_NOT_INITIALIZED); - return -1; - } - M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_DECRYPT) - return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen); -} -LCRYPTO_ALIAS(EVP_PKEY_decrypt); - -int -EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx) -{ - int ret; - - if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) { - EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); - return -2; - } - ctx->operation = EVP_PKEY_OP_DERIVE; - if (!ctx->pmeth->derive_init) - return 1; - ret = ctx->pmeth->derive_init(ctx); - if (ret <= 0) - ctx->operation = EVP_PKEY_OP_UNDEFINED; - return ret; -} -LCRYPTO_ALIAS(EVP_PKEY_derive_init); - -int -EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) -{ - int ret; - - if (!ctx || !ctx->pmeth || !(ctx->pmeth->derive || - ctx->pmeth->encrypt || ctx->pmeth->decrypt) || - !ctx->pmeth->ctrl) { - EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); - return -2; - } - if (ctx->operation != EVP_PKEY_OP_DERIVE && - ctx->operation != EVP_PKEY_OP_ENCRYPT && - ctx->operation != EVP_PKEY_OP_DECRYPT) { - EVPerror(EVP_R_OPERATON_NOT_INITIALIZED); - return -1; - } - - ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer); - - if (ret <= 0) - return ret; - - if (ret == 2) - return 1; - - if (!ctx->pkey) { - EVPerror(EVP_R_NO_KEY_SET); - return -1; - } - - if (ctx->pkey->type != peer->type) { - EVPerror(EVP_R_DIFFERENT_KEY_TYPES); - return -1; - } - - /* ran@cryptocom.ru: For clarity. The error is if parameters in peer are - * present (!missing) but don't match. EVP_PKEY_cmp_parameters may return - * 1 (match), 0 (don't match) and -2 (comparison is not defined). -1 - * (different key types) is impossible here because it is checked earlier. - * -2 is OK for us here, as well as 1, so we can check for 0 only. */ - if (!EVP_PKEY_missing_parameters(peer) && - !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) { - EVPerror(EVP_R_DIFFERENT_PARAMETERS); - return -1; - } - - EVP_PKEY_free(ctx->peerkey); - ctx->peerkey = peer; - - ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer); - - if (ret <= 0) { - ctx->peerkey = NULL; - return ret; - } - - CRYPTO_add(&peer->references, 1, CRYPTO_LOCK_EVP_PKEY); - return 1; -} -LCRYPTO_ALIAS(EVP_PKEY_derive_set_peer); - -int -EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen) -{ - if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) { - EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); - return -2; - } - if (ctx->operation != EVP_PKEY_OP_DERIVE) { - EVPerror(EVP_R_OPERATON_NOT_INITIALIZED); - return -1; - } - M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE) - return ctx->pmeth->derive(ctx, key, pkeylen); -} -LCRYPTO_ALIAS(EVP_PKEY_derive); diff --git a/src/lib/libcrypto/evp/pmeth_gn.c b/src/lib/libcrypto/evp/pmeth_gn.c deleted file mode 100644 index bc1c5bd7d2..0000000000 --- a/src/lib/libcrypto/evp/pmeth_gn.c +++ /dev/null @@ -1,227 +0,0 @@ -/* $OpenBSD: pmeth_gn.c,v 1.21 2024/08/31 09:14:21 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2006. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include -#include - -#include "asn1_local.h" -#include "bn_local.h" -#include "evp_local.h" - -int -EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx) -{ - if (ctx == NULL || ctx->pmeth == NULL || ctx->pmeth->paramgen == NULL) { - EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); - return -2; - } - - ctx->operation = EVP_PKEY_OP_PARAMGEN; - - return 1; -} -LCRYPTO_ALIAS(EVP_PKEY_paramgen_init); - -int -EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey) -{ - int ret; - - if (ctx == NULL || ctx->pmeth == NULL || ctx->pmeth->paramgen == NULL) { - EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); - return -2; - } - - if (ctx->operation != EVP_PKEY_OP_PARAMGEN) { - EVPerror(EVP_R_OPERATON_NOT_INITIALIZED); - return -1; - } - - if (ppkey == NULL) - return -1; - - if (*ppkey == NULL) - *ppkey = EVP_PKEY_new(); - if (*ppkey == NULL) - return -1; - - if ((ret = ctx->pmeth->paramgen(ctx, *ppkey)) <= 0) { - EVP_PKEY_free(*ppkey); - *ppkey = NULL; - } - - return ret; -} -LCRYPTO_ALIAS(EVP_PKEY_paramgen); - -int -EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx) -{ - if (ctx == NULL || ctx->pmeth == NULL || ctx->pmeth->keygen == NULL) { - EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); - return -2; - } - - ctx->operation = EVP_PKEY_OP_KEYGEN; - - return 1; -} -LCRYPTO_ALIAS(EVP_PKEY_keygen_init); - -int -EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey) -{ - int ret; - - if (ctx == NULL || ctx->pmeth == NULL || ctx->pmeth->keygen == NULL) { - EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); - return -2; - } - if (ctx->operation != EVP_PKEY_OP_KEYGEN) { - EVPerror(EVP_R_OPERATON_NOT_INITIALIZED); - return -1; - } - - if (ppkey == NULL) - return -1; - - if (*ppkey == NULL) - *ppkey = EVP_PKEY_new(); - if (*ppkey == NULL) - return -1; - - if ((ret = ctx->pmeth->keygen(ctx, *ppkey)) <= 0) { - EVP_PKEY_free(*ppkey); - *ppkey = NULL; - } - - return ret; -} -LCRYPTO_ALIAS(EVP_PKEY_keygen); - -void -EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb) -{ - ctx->pkey_gencb = cb; -} -LCRYPTO_ALIAS(EVP_PKEY_CTX_set_cb); - -EVP_PKEY_gen_cb * -EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx) -{ - return ctx->pkey_gencb; -} -LCRYPTO_ALIAS(EVP_PKEY_CTX_get_cb); - -/* "translation callback" to call EVP_PKEY_CTX callbacks using BN_GENCB - * style callbacks. - */ - -static int -trans_cb(int a, int b, BN_GENCB *gcb) -{ - EVP_PKEY_CTX *ctx = gcb->arg; - ctx->keygen_info[0] = a; - ctx->keygen_info[1] = b; - return ctx->pkey_gencb(ctx); -} - -void -evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx) -{ - BN_GENCB_set(cb, trans_cb, ctx); -} - -int -EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx) -{ - if (idx == -1) - return ctx->keygen_info_count; - if (idx < 0 || idx >= ctx->keygen_info_count) - return 0; - return ctx->keygen_info[idx]; -} -LCRYPTO_ALIAS(EVP_PKEY_CTX_get_keygen_info); - -EVP_PKEY * -EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key, int keylen) -{ - EVP_PKEY_CTX *mac_ctx = NULL; - EVP_PKEY *mac_key = NULL; - - mac_ctx = EVP_PKEY_CTX_new_id(type, NULL); - if (!mac_ctx) - return NULL; - if (EVP_PKEY_keygen_init(mac_ctx) <= 0) - goto merr; - if (EVP_PKEY_CTX_ctrl(mac_ctx, -1, EVP_PKEY_OP_KEYGEN, - EVP_PKEY_CTRL_SET_MAC_KEY, keylen, (void *)key) <= 0) - goto merr; - if (EVP_PKEY_keygen(mac_ctx, &mac_key) <= 0) - goto merr; - -merr: - EVP_PKEY_CTX_free(mac_ctx); - return mac_key; -} -LCRYPTO_ALIAS(EVP_PKEY_new_mac_key); diff --git a/src/lib/libcrypto/evp/pmeth_lib.c b/src/lib/libcrypto/evp/pmeth_lib.c deleted file mode 100644 index fbf4057c38..0000000000 --- a/src/lib/libcrypto/evp/pmeth_lib.c +++ /dev/null @@ -1,366 +0,0 @@ -/* $OpenBSD: pmeth_lib.c,v 1.42 2025/01/20 12:57:28 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2006. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include - -#include - -#include -#include -#include -#include - -#include "asn1_local.h" -#include "evp_local.h" - -extern const EVP_PKEY_METHOD cmac_pkey_meth; -extern const EVP_PKEY_METHOD dh_pkey_meth; -extern const EVP_PKEY_METHOD dsa_pkey_meth; -extern const EVP_PKEY_METHOD ec_pkey_meth; -extern const EVP_PKEY_METHOD ed25519_pkey_meth; -extern const EVP_PKEY_METHOD hkdf_pkey_meth; -extern const EVP_PKEY_METHOD hmac_pkey_meth; -extern const EVP_PKEY_METHOD rsa_pkey_meth; -extern const EVP_PKEY_METHOD rsa_pss_pkey_meth; -extern const EVP_PKEY_METHOD tls1_prf_pkey_meth; -extern const EVP_PKEY_METHOD x25519_pkey_meth; - -static const EVP_PKEY_METHOD *pkey_methods[] = { - &cmac_pkey_meth, - &dh_pkey_meth, - &dsa_pkey_meth, - &ec_pkey_meth, - &ed25519_pkey_meth, - &hkdf_pkey_meth, - &hmac_pkey_meth, - &rsa_pkey_meth, - &rsa_pss_pkey_meth, - &tls1_prf_pkey_meth, - &x25519_pkey_meth, -}; - -#define N_PKEY_METHODS (sizeof(pkey_methods) / sizeof(pkey_methods[0])) - -static const EVP_PKEY_METHOD * -evp_pkey_method_find(int nid) -{ - size_t i; - - for (i = 0; i < N_PKEY_METHODS; i++) { - const EVP_PKEY_METHOD *pmeth = pkey_methods[i]; - if (pmeth->pkey_id == nid) - return pmeth; - } - - return NULL; -} - -static EVP_PKEY_CTX * -evp_pkey_ctx_new(EVP_PKEY *pkey, int nid) -{ - EVP_PKEY_CTX *pkey_ctx = NULL; - const EVP_PKEY_METHOD *pmeth; - - if (nid == -1) { - if (pkey == NULL || pkey->ameth == NULL) - return NULL; - nid = pkey->ameth->pkey_id; - } - - if ((pmeth = evp_pkey_method_find(nid)) == NULL) { - EVPerror(EVP_R_UNSUPPORTED_ALGORITHM); - goto err; - } - - if ((pkey_ctx = calloc(1, sizeof(*pkey_ctx))) == NULL) { - EVPerror(ERR_R_MALLOC_FAILURE); - goto err; - } - pkey_ctx->pmeth = pmeth; - pkey_ctx->operation = EVP_PKEY_OP_UNDEFINED; - if ((pkey_ctx->pkey = pkey) != NULL) - EVP_PKEY_up_ref(pkey_ctx->pkey); - - if (pmeth->init != NULL) { - if (pmeth->init(pkey_ctx) <= 0) - goto err; - } - - return pkey_ctx; - - err: - EVP_PKEY_CTX_free(pkey_ctx); - - return NULL; -} - -EVP_PKEY_CTX * -EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *engine) -{ - return evp_pkey_ctx_new(pkey, -1); -} -LCRYPTO_ALIAS(EVP_PKEY_CTX_new); - -EVP_PKEY_CTX * -EVP_PKEY_CTX_new_id(int nid, ENGINE *engine) -{ - return evp_pkey_ctx_new(NULL, nid); -} -LCRYPTO_ALIAS(EVP_PKEY_CTX_new_id); - -EVP_PKEY_CTX * -EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx) -{ - EVP_PKEY_CTX *rctx = NULL; - - if (pctx->pmeth == NULL || pctx->pmeth->copy == NULL) - goto err; - if ((rctx = calloc(1, sizeof(*rctx))) == NULL) { - EVPerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - rctx->pmeth = pctx->pmeth; - - if ((rctx->pkey = pctx->pkey) != NULL) - EVP_PKEY_up_ref(rctx->pkey); - if ((rctx->peerkey = pctx->peerkey) != NULL) - EVP_PKEY_up_ref(rctx->peerkey); - - rctx->operation = pctx->operation; - - if (pctx->pmeth->copy(rctx, pctx) <= 0) - goto err; - - return rctx; - - err: - EVP_PKEY_CTX_free(rctx); - return NULL; -} -LCRYPTO_ALIAS(EVP_PKEY_CTX_dup); - -void -EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx) -{ - if (ctx == NULL) - return; - if (ctx->pmeth && ctx->pmeth->cleanup) - ctx->pmeth->cleanup(ctx); - EVP_PKEY_free(ctx->pkey); - EVP_PKEY_free(ctx->peerkey); - free(ctx); -} -LCRYPTO_ALIAS(EVP_PKEY_CTX_free); - -int -EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd, - int p1, void *p2) -{ - int ret; - - if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl) { - EVPerror(EVP_R_COMMAND_NOT_SUPPORTED); - return -2; - } - if ((keytype != -1) && (ctx->pmeth->pkey_id != keytype)) - return -1; - - if (ctx->operation == EVP_PKEY_OP_UNDEFINED) { - EVPerror(EVP_R_NO_OPERATION_SET); - return -1; - } - - if ((optype != -1) && !(ctx->operation & optype)) { - EVPerror(EVP_R_INVALID_OPERATION); - return -1; - } - - ret = ctx->pmeth->ctrl(ctx, cmd, p1, p2); - - if (ret == -2) - EVPerror(EVP_R_COMMAND_NOT_SUPPORTED); - - return ret; - -} -LCRYPTO_ALIAS(EVP_PKEY_CTX_ctrl); - -/* - * This is practically unused and would best be a part of the openssl(1) code, - * but, unfortunately, openssl-ruby exposes this directly in an interface and - * it's currently the only way to do RSA-PSS in Ruby. - */ -int -EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *name, const char *value) -{ - if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl_str) { - EVPerror(EVP_R_COMMAND_NOT_SUPPORTED); - return -2; - } - if (!strcmp(name, "digest")) { - return EVP_PKEY_CTX_md(ctx, EVP_PKEY_OP_TYPE_SIG, - EVP_PKEY_CTRL_MD, value); - } - return ctx->pmeth->ctrl_str(ctx, name, value); -} -LCRYPTO_ALIAS(EVP_PKEY_CTX_ctrl_str); - -int -EVP_PKEY_CTX_str2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *str) -{ - size_t len; - - if ((len = strlen(str)) > INT_MAX) - return -1; - - return ctx->pmeth->ctrl(ctx, cmd, len, (void *)str); -} - -int -EVP_PKEY_CTX_hex2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *hexstr) -{ - unsigned char *hex = NULL; - long length; - int ret = 0; - - if ((hex = string_to_hex(hexstr, &length)) == NULL) - goto err; - if (length < 0 || length > INT_MAX) { - ret = -1; - goto err; - } - - ret = ctx->pmeth->ctrl(ctx, cmd, length, hex); - - err: - free(hex); - return ret; -} - -int -EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md_name) -{ - const EVP_MD *md; - - if ((md = EVP_get_digestbyname(md_name)) == NULL) { - EVPerror(EVP_R_INVALID_DIGEST); - return 0; - } - return EVP_PKEY_CTX_ctrl(ctx, -1, optype, cmd, 0, (void *)md); -} - -int -EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx) -{ - return ctx->operation; -} -LCRYPTO_ALIAS(EVP_PKEY_CTX_get_operation); - -void -EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen) -{ - ctx->keygen_info = dat; - ctx->keygen_info_count = datlen; -} -LCRYPTO_ALIAS(EVP_PKEY_CTX_set0_keygen_info); - -void -EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data) -{ - ctx->data = data; -} -LCRYPTO_ALIAS(EVP_PKEY_CTX_set_data); - -void * -EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx) -{ - return ctx->data; -} -LCRYPTO_ALIAS(EVP_PKEY_CTX_get_data); - -EVP_PKEY * -EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx) -{ - return ctx->pkey; -} -LCRYPTO_ALIAS(EVP_PKEY_CTX_get0_pkey); - -EVP_PKEY * -EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx) -{ - return ctx->peerkey; -} -LCRYPTO_ALIAS(EVP_PKEY_CTX_get0_peerkey); - -void -EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data) -{ - ctx->app_data = data; -} -LCRYPTO_ALIAS(EVP_PKEY_CTX_set_app_data); - -void * -EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx) -{ - return ctx->app_data; -} -LCRYPTO_ALIAS(EVP_PKEY_CTX_get_app_data); diff --git a/src/lib/libcrypto/format-pem.pl b/src/lib/libcrypto/format-pem.pl deleted file mode 100644 index 5a96fe5b1d..0000000000 --- a/src/lib/libcrypto/format-pem.pl +++ /dev/null @@ -1,135 +0,0 @@ -#!/usr/bin/perl -# $OpenBSD: format-pem.pl,v 1.7 2024/11/01 11:19:13 sthen Exp $ -# -# Copyright (c) 2016 Stuart Henderson -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -# To update cert.pem based on the certificates included in Mozilla NSS, -# pkg_add curl for mk-ca-bundle(1), and: -# - perl format-pem.pl < cert.pem > /dev/null 2> calist.old -# - mk-ca-bundle -# - perl format-pem.pl < ca-bundle.crt > certnew.pem 2> calist.new -# Summarize additions/removals for review: -# - diff calist.old calist.new - -use strict; -use warnings; - -use File::Temp qw/ :seekable /; -if (! eval {require Date::Parse;1;}) { - print STDERR "Date::Parse not available - install p5-Time-TimeDate to check cert dates.\n"; -} else { - use Date::Parse; -} - -my $tmp = File::Temp->new(TEMPLATE => '/tmp/splitcert.XXXXXXXX'); -my $t = $tmp->filename; - -my $certs = 0; -my $incert = 0; -my %ca; -my $rcsid = '# $'.'OpenBSD$'; - -while(<>) { - $rcsid = $_ if ($_ =~ m/^# \$[O]penBSD/); - $incert++ if ($_ =~ m/^-----BEGIN CERTIFICATE-----/); - print $tmp $_ if ($incert); - - if ($_ =~ m/^-----END CERTIFICATE-----/) { - $certs++; - - my $issuer = `openssl x509 -in $t -noout -issuer`; - $issuer =~ s/^issuer= (.*)\n/$1/; - my $subj = `openssl x509 -in $t -noout -subject`; - $subj =~ s/^subject= (.*)\n/$1/; - - my $o = `openssl x509 -in $t -noout -nameopt sep_multiline,use_quote,esc_msb -subject`; - if ($o =~ /O=/) { - $o =~ s/.*O=([^\n]*).*/$1/sm; - } else { - $o = $subj; - } - - if (defined $ca{$o}{$subj}) { - print STDERR "ERROR: '$subj': duplicate\n"; - $ca{$o}{$subj}{'valid'} = 0; - } - - $ca{$o}{$subj}{'valid'} = 1; - - if ($issuer ne $subj) { - print STDERR "ERROR: '$subj' not self-signed"; - $ca{$o}{$subj}{'valid'} = 0; - } - - if (eval {require Date::Parse;1;}) { - my $startdate = `openssl x509 -in $t -startdate -noout`; - my $enddate = `openssl x509 -in $t -enddate -noout`; - $startdate =~ s/notBefore=(.*)\n/$1/; - $enddate =~ s/notAfter=(.*)\n/$1/; - my $starttime = str2time($startdate); - my $endtime = str2time($enddate); - - if ($starttime > time) { - print STDERR "ERROR: '$subj' not valid yet\n"; - $ca{$o}{$subj}{'valid'} = 0; - } - if ($endtime < time) { - print STDERR "ERROR: '$subj' expired on $startdate\n"; - $ca{$o}{$subj}{'valid'} = 0; - } elsif ($endtime < time + 86400 * 365 * 2) { - print STDERR "WARNING: '$subj' expires on $enddate\n"; - } - } - - my $info = qx/openssl x509 -in $t -text -fingerprint -sha1 -certopt no_pubkey,no_sigdump,no_issuer -noout/; - $info .= qx/openssl x509 -in $t -fingerprint -sha256 -noout/; - my $cert = qx/openssl x509 -in $t/; - - my $verify = qx/openssl verify -CAfile $t $t 2>&1/; - if (not $verify =~ /^$t: OK$/) { - print STDERR "ERROR: '$subj' cannot be verified with libressl\n---\n$verify---\n"; - $ca{$o}{$subj}{'valid'} = 0; - } - - $ca{$o}{$subj}{'subj'} = $subj; - $ca{$o}{$subj}{'info'} = $info; - $ca{$o}{$subj}{'cert'} = $cert; - - $tmp->seek(0, SEEK_SET); - $incert = 0; - } -} - -close $tmp; -chomp $rcsid; -print $rcsid; -foreach my $o (sort{$a cmp $b} keys %ca) { - print "\n### $o\n\n"; - foreach my $subj (sort{$a cmp $b} keys %{ $ca{$o} }) { - if ($ca{$o}{$subj}{'valid'} == 1) { - print "=== $subj\n"; - print $ca{$o}{$subj}{'info'}; - print $ca{$o}{$subj}{'cert'}; - } - } -} - -# print a visual summary at the end -foreach my $o (sort{$a cmp $b} keys %ca) { - print STDERR "\n$o\n"; - foreach my $subj (sort{$a cmp $b} keys %{ $ca{$o} }) { - print STDERR " $subj\n"; - } -} diff --git a/src/lib/libcrypto/generate_pkgconfig.sh b/src/lib/libcrypto/generate_pkgconfig.sh deleted file mode 100644 index d9ee4e79e7..0000000000 --- a/src/lib/libcrypto/generate_pkgconfig.sh +++ /dev/null @@ -1,76 +0,0 @@ -#!/bin/sh -# -# $OpenBSD: generate_pkgconfig.sh,v 1.4 2022/02/04 16:42:15 tb Exp $ -# -# Copyright (c) 2010,2011 Jasper Lievisse Adriaanse -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -# -# Generate pkg-config files for OpenSSL. - -usage() { - echo "usage: ${0##*/} -c current_directory -o obj_directory" - exit 1 -} - -curdir= -objdir= -while getopts "c:o:" flag; do - case "$flag" in - c) - curdir=$OPTARG - ;; - o) - objdir=$OPTARG - ;; - *) - usage - ;; - esac -done - -[ -n "${curdir}" ] || usage -if [ ! -d "${curdir}" ]; then - echo "${0##*/}: ${curdir}: not found" - exit 1 -fi -[ -n "${objdir}" ] || usage -if [ ! -w "${objdir}" ]; then - echo "${0##*/}: ${objdir}: not found or not writable" - exit 1 -fi - -version_re="s/^#define[[:blank:]]+SHLIB_VERSION_NUMBER[[:blank:]]+\"(.*)\".*/\1/p" -#version_file=${curdir}/src/crypto/opensslv.h -version_file=${curdir}/opensslv.h -#lib_version=$(sed -nE ${version_re} ${version_file}) -lib_version=2.0.0 - -# Put -I${includedir} into Cflags so configure script tests like -# test -n "`pkg-config --cflags openssl`" -# don't assume that OpenSSL isn't available. - -pc_file="${objdir}/libcrypto.pc" -cat > ${pc_file} << __EOF__ -prefix=/usr -exec_prefix=\${prefix} -libdir=\${exec_prefix}/lib -includedir=\${prefix}/include - -Name: OpenSSL-libcrypto -Description: OpenSSL cryptography library -Version: ${lib_version} -Libs: -L\${libdir} -lcrypto -Libs.private: -Cflags: -I\${includedir} -__EOF__ diff --git a/src/lib/libcrypto/hidden/README b/src/lib/libcrypto/hidden/README deleted file mode 100644 index de8a576a7b..0000000000 --- a/src/lib/libcrypto/hidden/README +++ /dev/null @@ -1,40 +0,0 @@ -The goals: -1) calls from inside libcrypto to other libcrypto functions should - be via identifiers that are of hidden visibility and -- to avoid - confusion or conflicts -- are in the reserved namespace. By - doing this these calls are protected from being overridden by - applications and on many platforms can avoid creation or use of - GOT or PLT entries. I've chosen a prefix of "_lcry_" for this. - Note that these symbols aren't in the dynamic symbol table of the - libcrypto.so shared library...but they are visible in the static - library. - -2) calls from libssl to symbols in libcrypto should be via identifiers - which won't be accidentally overridden by the application, libc, - other random crypto libraries that are pulled in, etc. I've - chosen a prefix of "_libre_" for this. - -These will not be declared directly; instead, the gcc "asm labels" -extension will be used rename the function. In order to actually -set up the desired asm labels, we use these in the internal .h -files: - - LCRYPTO_USED(x) Symbols used both internally and externally - In builds of libcrypto, this makes gcc convert use of x to - use _libre_x instead. In other builds that use these headers, - it makes gcc convert use of x to use _libre_x instead. Use - LCRYPTO_ALIAS(x) to create the external aliases. - ex: LCRYPTO_USED(SSL_get_verify_mode) - - LCRYPTO_UNUSED(x) Symbols that are not used internally or by libssl - No renaming is done. In builds of libcrypto, the symbol - is marked as deprecated to detect unintentional use of such - a symbol, so that it can be marked as used going forward. - ex: LCRYPTO_UNUSED(SSL_CIPHER_get_name) - -Finally, to create the expected aliases, we use these in the .c files -where the definitions are: - LCRYPTO_ALIAS(x) - This defines both x and _libre_x as strong aliases for _lcry_x. - Match uses of this with uses of LCRYPTO_USED() - ex: LCRYPTO_ALIAS(SSL_get_verify_mode) diff --git a/src/lib/libcrypto/hidden/crypto_namespace.h b/src/lib/libcrypto/hidden/crypto_namespace.h deleted file mode 100644 index 741ad08549..0000000000 --- a/src/lib/libcrypto/hidden/crypto_namespace.h +++ /dev/null @@ -1,51 +0,0 @@ -/* $OpenBSD: crypto_namespace.h,v 1.4 2024/07/11 21:31:52 miod Exp $ */ -/* - * Copyright (c) 2016 Philip Guenther - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_CRYPTO_NAMESPACE_H_ -#define _LIBCRYPTO_CRYPTO_NAMESPACE_H_ - -/* - * If marked as 'used', then internal calls use the name with prefix "_lcry_" - * and we alias that to the normal name *and* the name with prefix "_libre_"; - * external calls use the latter name. - */ - -#ifdef LIBRESSL_NAMESPACE -#ifdef LIBRESSL_CRYPTO_NAMESPACE -# define LCRYPTO_UNUSED(x) __attribute__((deprecated)) \ - __attribute__((visibility("hidden"))) \ - typeof(x) x asm("_lcry_"#x) -# define LCRYPTO_USED(x) __attribute__((visibility("hidden"))) \ - typeof(x) x asm("_lcry_"#x) -# if defined(__hppa__) -# define LCRYPTO_ALIAS1(pre,x) asm("! .global "#pre#x" ! .set "#pre#x", _lcry_"#x) -#else -# define LCRYPTO_ALIAS1(pre,x) asm(".global "#pre#x"; "#pre#x" = _lcry_"#x) -#endif -# define LCRYPTO_ALIAS(x) LCRYPTO_ALIAS1(,x); LCRYPTO_ALIAS1(_libre_,x) -#else -# define LCRYPTO_UNUSED(x) typeof(x) x __attribute__((deprecated)) -# define LCRYPTO_USED(x) typeof(x) x asm("_libre_"#x) -#endif -#else -# define LCRYPTO_UNUSED(x) -# define LCRYPTO_USED(x) -# define LCRYPTO_ALIAS1(pre,x) -# define LCRYPTO_ALIAS(x) asm("") -#endif - -#endif /* _LIBCRYPTO_CRYPTO_NAMESPACE_H_ */ diff --git a/src/lib/libcrypto/hidden/openssl/aes.h b/src/lib/libcrypto/hidden/openssl/aes.h deleted file mode 100644 index 0ec5a8d544..0000000000 --- a/src/lib/libcrypto/hidden/openssl/aes.h +++ /dev/null @@ -1,43 +0,0 @@ -/* $OpenBSD: aes.h,v 1.1 2024/03/30 05:14:12 joshua Exp $ */ -/* - * Copyright (c) 2024 Joshua Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_AES_H -#define _LIBCRYPTO_AES_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/aes.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(AES_set_encrypt_key); -LCRYPTO_USED(AES_set_decrypt_key); -LCRYPTO_USED(AES_encrypt); -LCRYPTO_USED(AES_decrypt); -LCRYPTO_USED(AES_ecb_encrypt); -LCRYPTO_USED(AES_cbc_encrypt); -LCRYPTO_USED(AES_cfb128_encrypt); -LCRYPTO_USED(AES_cfb1_encrypt); -LCRYPTO_USED(AES_cfb8_encrypt); -LCRYPTO_USED(AES_ofb128_encrypt); -LCRYPTO_USED(AES_ctr128_encrypt); -LCRYPTO_USED(AES_ige_encrypt); -LCRYPTO_USED(AES_wrap_key); -LCRYPTO_USED(AES_unwrap_key); - -#endif /* _LIBCRYPTO_AES_H */ diff --git a/src/lib/libcrypto/hidden/openssl/asn1.h b/src/lib/libcrypto/hidden/openssl/asn1.h deleted file mode 100644 index 3325cf4bef..0000000000 --- a/src/lib/libcrypto/hidden/openssl/asn1.h +++ /dev/null @@ -1,262 +0,0 @@ -/* $OpenBSD: asn1.h,v 1.15 2024/07/08 17:01:54 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_ASN1_H -#define _LIBCRYPTO_ASN1_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/asn1.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(d2i_ASN1_SEQUENCE_ANY); -LCRYPTO_USED(i2d_ASN1_SEQUENCE_ANY); -LCRYPTO_USED(d2i_ASN1_SET_ANY); -LCRYPTO_USED(i2d_ASN1_SET_ANY); -LCRYPTO_USED(ASN1_TYPE_new); -LCRYPTO_USED(ASN1_TYPE_free); -LCRYPTO_USED(d2i_ASN1_TYPE); -LCRYPTO_USED(i2d_ASN1_TYPE); -LCRYPTO_USED(ASN1_TYPE_get); -LCRYPTO_USED(ASN1_TYPE_set); -LCRYPTO_USED(ASN1_TYPE_set1); -LCRYPTO_USED(ASN1_TYPE_cmp); -LCRYPTO_USED(ASN1_OBJECT_new); -LCRYPTO_USED(ASN1_OBJECT_free); -LCRYPTO_USED(i2d_ASN1_OBJECT); -LCRYPTO_USED(d2i_ASN1_OBJECT); -LCRYPTO_USED(ASN1_STRING_new); -LCRYPTO_USED(ASN1_STRING_free); -LCRYPTO_USED(ASN1_STRING_copy); -LCRYPTO_USED(ASN1_STRING_dup); -LCRYPTO_USED(ASN1_STRING_type_new); -LCRYPTO_USED(ASN1_STRING_cmp); -LCRYPTO_USED(ASN1_STRING_set); -LCRYPTO_USED(ASN1_STRING_set0); -LCRYPTO_USED(ASN1_STRING_length); -LCRYPTO_USED(ASN1_STRING_length_set); -LCRYPTO_USED(ASN1_STRING_type); -LCRYPTO_USED(ASN1_STRING_data); -LCRYPTO_USED(ASN1_STRING_get0_data); -LCRYPTO_USED(ASN1_BIT_STRING_new); -LCRYPTO_USED(ASN1_BIT_STRING_free); -LCRYPTO_USED(d2i_ASN1_BIT_STRING); -LCRYPTO_USED(i2d_ASN1_BIT_STRING); -LCRYPTO_USED(ASN1_BIT_STRING_set); -LCRYPTO_USED(ASN1_BIT_STRING_set_bit); -LCRYPTO_USED(ASN1_BIT_STRING_get_bit); -LCRYPTO_USED(ASN1_INTEGER_new); -LCRYPTO_USED(ASN1_INTEGER_free); -LCRYPTO_USED(d2i_ASN1_INTEGER); -LCRYPTO_USED(i2d_ASN1_INTEGER); -LCRYPTO_USED(d2i_ASN1_UINTEGER); -LCRYPTO_USED(ASN1_INTEGER_dup); -LCRYPTO_USED(ASN1_INTEGER_cmp); -LCRYPTO_USED(ASN1_ENUMERATED_new); -LCRYPTO_USED(ASN1_ENUMERATED_free); -LCRYPTO_USED(d2i_ASN1_ENUMERATED); -LCRYPTO_USED(i2d_ASN1_ENUMERATED); -LCRYPTO_USED(ASN1_UTCTIME_check); -LCRYPTO_USED(ASN1_UTCTIME_set); -LCRYPTO_USED(ASN1_UTCTIME_adj); -LCRYPTO_USED(ASN1_UTCTIME_set_string); -LCRYPTO_USED(ASN1_GENERALIZEDTIME_check); -LCRYPTO_USED(ASN1_GENERALIZEDTIME_set); -LCRYPTO_USED(ASN1_GENERALIZEDTIME_adj); -LCRYPTO_USED(ASN1_GENERALIZEDTIME_set_string); -LCRYPTO_USED(ASN1_OCTET_STRING_new); -LCRYPTO_USED(ASN1_OCTET_STRING_free); -LCRYPTO_USED(d2i_ASN1_OCTET_STRING); -LCRYPTO_USED(i2d_ASN1_OCTET_STRING); -LCRYPTO_USED(ASN1_OCTET_STRING_dup); -LCRYPTO_USED(ASN1_OCTET_STRING_cmp); -LCRYPTO_USED(ASN1_OCTET_STRING_set); -LCRYPTO_USED(ASN1_VISIBLESTRING_new); -LCRYPTO_USED(ASN1_VISIBLESTRING_free); -LCRYPTO_USED(d2i_ASN1_VISIBLESTRING); -LCRYPTO_USED(i2d_ASN1_VISIBLESTRING); -LCRYPTO_USED(ASN1_UNIVERSALSTRING_new); -LCRYPTO_USED(ASN1_UNIVERSALSTRING_free); -LCRYPTO_USED(d2i_ASN1_UNIVERSALSTRING); -LCRYPTO_USED(i2d_ASN1_UNIVERSALSTRING); -LCRYPTO_USED(ASN1_UTF8STRING_new); -LCRYPTO_USED(ASN1_UTF8STRING_free); -LCRYPTO_USED(d2i_ASN1_UTF8STRING); -LCRYPTO_USED(i2d_ASN1_UTF8STRING); -LCRYPTO_USED(ASN1_NULL_new); -LCRYPTO_USED(ASN1_NULL_free); -LCRYPTO_USED(d2i_ASN1_NULL); -LCRYPTO_USED(i2d_ASN1_NULL); -LCRYPTO_USED(ASN1_BMPSTRING_new); -LCRYPTO_USED(ASN1_BMPSTRING_free); -LCRYPTO_USED(d2i_ASN1_BMPSTRING); -LCRYPTO_USED(i2d_ASN1_BMPSTRING); -LCRYPTO_USED(ASN1_PRINTABLE_new); -LCRYPTO_USED(ASN1_PRINTABLE_free); -LCRYPTO_USED(d2i_ASN1_PRINTABLE); -LCRYPTO_USED(i2d_ASN1_PRINTABLE); -LCRYPTO_USED(DIRECTORYSTRING_new); -LCRYPTO_USED(DIRECTORYSTRING_free); -LCRYPTO_USED(d2i_DIRECTORYSTRING); -LCRYPTO_USED(i2d_DIRECTORYSTRING); -LCRYPTO_USED(DISPLAYTEXT_new); -LCRYPTO_USED(DISPLAYTEXT_free); -LCRYPTO_USED(d2i_DISPLAYTEXT); -LCRYPTO_USED(i2d_DISPLAYTEXT); -LCRYPTO_USED(ASN1_PRINTABLESTRING_new); -LCRYPTO_USED(ASN1_PRINTABLESTRING_free); -LCRYPTO_USED(d2i_ASN1_PRINTABLESTRING); -LCRYPTO_USED(i2d_ASN1_PRINTABLESTRING); -LCRYPTO_USED(ASN1_T61STRING_new); -LCRYPTO_USED(ASN1_T61STRING_free); -LCRYPTO_USED(d2i_ASN1_T61STRING); -LCRYPTO_USED(i2d_ASN1_T61STRING); -LCRYPTO_USED(ASN1_IA5STRING_new); -LCRYPTO_USED(ASN1_IA5STRING_free); -LCRYPTO_USED(d2i_ASN1_IA5STRING); -LCRYPTO_USED(i2d_ASN1_IA5STRING); -LCRYPTO_USED(ASN1_GENERALSTRING_new); -LCRYPTO_USED(ASN1_GENERALSTRING_free); -LCRYPTO_USED(d2i_ASN1_GENERALSTRING); -LCRYPTO_USED(i2d_ASN1_GENERALSTRING); -LCRYPTO_USED(ASN1_UTCTIME_new); -LCRYPTO_USED(ASN1_UTCTIME_free); -LCRYPTO_USED(d2i_ASN1_UTCTIME); -LCRYPTO_USED(i2d_ASN1_UTCTIME); -LCRYPTO_USED(ASN1_GENERALIZEDTIME_new); -LCRYPTO_USED(ASN1_GENERALIZEDTIME_free); -LCRYPTO_USED(d2i_ASN1_GENERALIZEDTIME); -LCRYPTO_USED(i2d_ASN1_GENERALIZEDTIME); -LCRYPTO_USED(ASN1_TIME_new); -LCRYPTO_USED(ASN1_TIME_free); -LCRYPTO_USED(d2i_ASN1_TIME); -LCRYPTO_USED(i2d_ASN1_TIME); -LCRYPTO_USED(ASN1_TIME_to_tm); -LCRYPTO_USED(ASN1_TIME_compare); -LCRYPTO_USED(ASN1_TIME_cmp_time_t); -LCRYPTO_USED(ASN1_TIME_normalize); -LCRYPTO_USED(ASN1_TIME_set_string_X509); -LCRYPTO_USED(ASN1_TIME_diff); -LCRYPTO_USED(ASN1_TIME_set); -LCRYPTO_USED(ASN1_TIME_adj); -LCRYPTO_USED(ASN1_TIME_check); -LCRYPTO_USED(ASN1_TIME_to_generalizedtime); -LCRYPTO_USED(ASN1_TIME_set_string); -LCRYPTO_USED(i2a_ASN1_INTEGER); -LCRYPTO_USED(a2i_ASN1_INTEGER); -LCRYPTO_USED(i2a_ASN1_ENUMERATED); -LCRYPTO_USED(a2i_ASN1_ENUMERATED); -LCRYPTO_USED(i2a_ASN1_OBJECT); -LCRYPTO_USED(a2i_ASN1_STRING); -LCRYPTO_USED(i2a_ASN1_STRING); -LCRYPTO_USED(i2t_ASN1_OBJECT); -LCRYPTO_USED(a2d_ASN1_OBJECT); -LCRYPTO_USED(ASN1_OBJECT_create); -LCRYPTO_USED(ASN1_INTEGER_get_uint64); -LCRYPTO_USED(ASN1_INTEGER_set_uint64); -LCRYPTO_USED(ASN1_INTEGER_get_int64); -LCRYPTO_USED(ASN1_INTEGER_set_int64); -LCRYPTO_USED(ASN1_INTEGER_set); -LCRYPTO_USED(ASN1_INTEGER_get); -LCRYPTO_USED(BN_to_ASN1_INTEGER); -LCRYPTO_USED(ASN1_INTEGER_to_BN); -LCRYPTO_USED(ASN1_ENUMERATED_get_int64); -LCRYPTO_USED(ASN1_ENUMERATED_set_int64); -LCRYPTO_USED(ASN1_ENUMERATED_set); -LCRYPTO_USED(ASN1_ENUMERATED_get); -LCRYPTO_USED(BN_to_ASN1_ENUMERATED); -LCRYPTO_USED(ASN1_ENUMERATED_to_BN); -LCRYPTO_USED(ASN1_PRINTABLE_type); -LCRYPTO_USED(ASN1_get_object); -LCRYPTO_USED(ASN1_put_object); -LCRYPTO_USED(ASN1_put_eoc); -LCRYPTO_USED(ASN1_object_size); -LCRYPTO_USED(ASN1_item_dup); -LCRYPTO_USED(ASN1_d2i_fp); -LCRYPTO_USED(ASN1_item_d2i_fp); -LCRYPTO_USED(ASN1_i2d_fp); -LCRYPTO_USED(ASN1_item_i2d_fp); -LCRYPTO_USED(ASN1_STRING_print_ex_fp); -LCRYPTO_USED(ASN1_STRING_to_UTF8); -LCRYPTO_USED(ASN1_d2i_bio); -LCRYPTO_USED(ASN1_item_d2i_bio); -LCRYPTO_USED(ASN1_i2d_bio); -LCRYPTO_USED(ASN1_item_i2d_bio); -LCRYPTO_USED(ASN1_UTCTIME_print); -LCRYPTO_USED(ASN1_GENERALIZEDTIME_print); -LCRYPTO_USED(ASN1_TIME_print); -LCRYPTO_USED(ASN1_STRING_print); -LCRYPTO_USED(ASN1_STRING_print_ex); -LCRYPTO_USED(ASN1_parse); -LCRYPTO_USED(ASN1_parse_dump); -LCRYPTO_USED(ASN1_tag2bit); -LCRYPTO_USED(ASN1_tag2str); -LCRYPTO_USED(ASN1_UNIVERSALSTRING_to_string); -LCRYPTO_USED(ASN1_TYPE_set_octetstring); -LCRYPTO_USED(ASN1_TYPE_get_octetstring); -LCRYPTO_USED(ASN1_TYPE_set_int_octetstring); -LCRYPTO_USED(ASN1_TYPE_get_int_octetstring); -LCRYPTO_USED(ASN1_item_pack); -LCRYPTO_USED(ASN1_item_unpack); -LCRYPTO_USED(ASN1_STRING_set_default_mask); -LCRYPTO_USED(ASN1_STRING_set_default_mask_asc); -LCRYPTO_USED(ASN1_STRING_get_default_mask); -LCRYPTO_USED(ASN1_mbstring_copy); -LCRYPTO_USED(ASN1_mbstring_ncopy); -LCRYPTO_USED(ASN1_STRING_set_by_NID); -LCRYPTO_USED(ASN1_STRING_TABLE_get); -LCRYPTO_USED(ASN1_item_new); -LCRYPTO_USED(ASN1_item_free); -LCRYPTO_USED(ASN1_item_d2i); -LCRYPTO_USED(ASN1_item_i2d); -LCRYPTO_USED(ASN1_generate_nconf); -LCRYPTO_USED(ASN1_generate_v3); -LCRYPTO_USED(ASN1_item_print); -LCRYPTO_USED(SMIME_crlf_copy); -LCRYPTO_USED(SMIME_text); -LCRYPTO_USED(ERR_load_ASN1_strings); -LCRYPTO_UNUSED(ASN1_UTCTIME_cmp_time_t); -LCRYPTO_UNUSED(ASN1_dup); -#if defined(LIBRESSL_NAMESPACE) -extern LCRYPTO_USED(ASN1_SEQUENCE_ANY_it); -extern LCRYPTO_USED(ASN1_SET_ANY_it); -extern LCRYPTO_USED(ASN1_ANY_it); -extern LCRYPTO_USED(ASN1_OBJECT_it); -extern LCRYPTO_USED(ASN1_BIT_STRING_it); -extern LCRYPTO_USED(ASN1_INTEGER_it); -extern LCRYPTO_USED(ASN1_ENUMERATED_it); -extern LCRYPTO_USED(ASN1_OCTET_STRING_it); -extern LCRYPTO_USED(ASN1_VISIBLESTRING_it); -extern LCRYPTO_USED(ASN1_UNIVERSALSTRING_it); -extern LCRYPTO_USED(ASN1_UTF8STRING_it); -extern LCRYPTO_USED(ASN1_NULL_it); -extern LCRYPTO_USED(ASN1_BMPSTRING_it); -extern LCRYPTO_USED(ASN1_PRINTABLE_it); -extern LCRYPTO_USED(DIRECTORYSTRING_it); -extern LCRYPTO_USED(DISPLAYTEXT_it); -extern LCRYPTO_USED(ASN1_PRINTABLESTRING_it); -extern LCRYPTO_USED(ASN1_T61STRING_it); -extern LCRYPTO_USED(ASN1_IA5STRING_it); -extern LCRYPTO_USED(ASN1_GENERALSTRING_it); -extern LCRYPTO_USED(ASN1_UTCTIME_it); -extern LCRYPTO_USED(ASN1_GENERALIZEDTIME_it); -extern LCRYPTO_USED(ASN1_TIME_it); -#endif - -#endif /* _LIBCRYPTO_ASN1_H */ diff --git a/src/lib/libcrypto/hidden/openssl/asn1t.h b/src/lib/libcrypto/hidden/openssl/asn1t.h deleted file mode 100644 index 17bcb4e453..0000000000 --- a/src/lib/libcrypto/hidden/openssl/asn1t.h +++ /dev/null @@ -1,40 +0,0 @@ -/* $OpenBSD: asn1t.h,v 1.5 2024/07/08 17:01:54 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_ASN1T_H -#define _LIBCRYPTO_ASN1T_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/asn1t.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(ASN1_item_ex_new); -LCRYPTO_USED(ASN1_item_ex_free); -LCRYPTO_USED(ASN1_item_ex_d2i); -LCRYPTO_USED(ASN1_item_ex_i2d); -#if defined(LIBRESSL_NAMESPACE) -extern LCRYPTO_USED(ASN1_SEQUENCE_it); -extern LCRYPTO_USED(BIGNUM_it); -extern LCRYPTO_USED(LONG_it); -extern LCRYPTO_USED(ZLONG_it); -extern LCRYPTO_UNUSED(CBIGNUM_it); -#endif - -#endif /* _LIBCRYPTO_ASN1T_H */ diff --git a/src/lib/libcrypto/hidden/openssl/bio.h b/src/lib/libcrypto/hidden/openssl/bio.h deleted file mode 100644 index 03da75a795..0000000000 --- a/src/lib/libcrypto/hidden/openssl/bio.h +++ /dev/null @@ -1,142 +0,0 @@ -/* $OpenBSD: bio.h,v 1.8 2024/07/09 06:14:59 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_BIO_H -#define _LIBCRYPTO_BIO_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/bio.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(BIO_set_flags); -LCRYPTO_USED(BIO_test_flags); -LCRYPTO_USED(BIO_clear_flags); -LCRYPTO_USED(BIO_get_callback); -LCRYPTO_USED(BIO_set_callback); -LCRYPTO_USED(BIO_get_callback_ex); -LCRYPTO_USED(BIO_set_callback_ex); -LCRYPTO_USED(BIO_get_callback_arg); -LCRYPTO_USED(BIO_set_callback_arg); -LCRYPTO_USED(BIO_method_name); -LCRYPTO_USED(BIO_method_type); -LCRYPTO_USED(BIO_meth_new); -LCRYPTO_USED(BIO_meth_free); -LCRYPTO_USED(BIO_meth_get_write); -LCRYPTO_USED(BIO_meth_set_write); -LCRYPTO_USED(BIO_meth_get_read); -LCRYPTO_USED(BIO_meth_set_read); -LCRYPTO_USED(BIO_meth_get_puts); -LCRYPTO_USED(BIO_meth_set_puts); -LCRYPTO_USED(BIO_meth_get_gets); -LCRYPTO_USED(BIO_meth_set_gets); -LCRYPTO_USED(BIO_meth_get_ctrl); -LCRYPTO_USED(BIO_meth_set_ctrl); -LCRYPTO_USED(BIO_meth_get_create); -LCRYPTO_USED(BIO_meth_set_create); -LCRYPTO_USED(BIO_meth_get_destroy); -LCRYPTO_USED(BIO_meth_set_destroy); -LCRYPTO_USED(BIO_meth_get_callback_ctrl); -LCRYPTO_USED(BIO_meth_set_callback_ctrl); -LCRYPTO_USED(BIO_ctrl_pending); -LCRYPTO_USED(BIO_ctrl_wpending); -LCRYPTO_USED(BIO_ctrl_get_write_guarantee); -LCRYPTO_USED(BIO_ctrl_get_read_request); -LCRYPTO_USED(BIO_ctrl_reset_read_request); -LCRYPTO_USED(BIO_set_ex_data); -LCRYPTO_USED(BIO_get_ex_data); -LCRYPTO_USED(BIO_number_read); -LCRYPTO_USED(BIO_number_written); -LCRYPTO_USED(BIO_get_new_index); -LCRYPTO_USED(BIO_s_file); -LCRYPTO_USED(BIO_new_file); -LCRYPTO_USED(BIO_new_fp); -LCRYPTO_USED(BIO_new); -LCRYPTO_USED(BIO_free); -LCRYPTO_USED(BIO_up_ref); -LCRYPTO_USED(BIO_get_data); -LCRYPTO_USED(BIO_set_data); -LCRYPTO_USED(BIO_get_init); -LCRYPTO_USED(BIO_set_init); -LCRYPTO_USED(BIO_get_shutdown); -LCRYPTO_USED(BIO_set_shutdown); -LCRYPTO_USED(BIO_vfree); -LCRYPTO_USED(BIO_read); -LCRYPTO_USED(BIO_gets); -LCRYPTO_USED(BIO_write); -LCRYPTO_USED(BIO_puts); -LCRYPTO_USED(BIO_indent); -LCRYPTO_USED(BIO_ctrl); -LCRYPTO_USED(BIO_callback_ctrl); -LCRYPTO_USED(BIO_ptr_ctrl); -LCRYPTO_USED(BIO_int_ctrl); -LCRYPTO_USED(BIO_push); -LCRYPTO_USED(BIO_pop); -LCRYPTO_USED(BIO_free_all); -LCRYPTO_USED(BIO_find_type); -LCRYPTO_USED(BIO_next); -LCRYPTO_USED(BIO_set_next); -LCRYPTO_USED(BIO_get_retry_BIO); -LCRYPTO_USED(BIO_get_retry_reason); -LCRYPTO_USED(BIO_set_retry_reason); -LCRYPTO_USED(BIO_dup_chain); -LCRYPTO_USED(BIO_debug_callback); -LCRYPTO_USED(BIO_s_mem); -LCRYPTO_USED(BIO_new_mem_buf); -LCRYPTO_USED(BIO_s_socket); -LCRYPTO_USED(BIO_s_connect); -LCRYPTO_USED(BIO_s_accept); -LCRYPTO_USED(BIO_s_fd); -LCRYPTO_USED(BIO_s_log); -LCRYPTO_USED(BIO_s_bio); -LCRYPTO_USED(BIO_s_null); -LCRYPTO_USED(BIO_f_null); -LCRYPTO_USED(BIO_f_buffer); -LCRYPTO_USED(BIO_f_nbio_test); -LCRYPTO_USED(BIO_s_datagram); -LCRYPTO_USED(BIO_sock_should_retry); -LCRYPTO_USED(BIO_sock_non_fatal_error); -LCRYPTO_USED(BIO_dgram_non_fatal_error); -LCRYPTO_USED(BIO_fd_should_retry); -LCRYPTO_USED(BIO_fd_non_fatal_error); -LCRYPTO_USED(BIO_dump); -LCRYPTO_USED(BIO_dump_indent); -LCRYPTO_USED(BIO_gethostbyname); -LCRYPTO_USED(BIO_sock_error); -LCRYPTO_USED(BIO_socket_ioctl); -LCRYPTO_USED(BIO_socket_nbio); -LCRYPTO_USED(BIO_get_port); -LCRYPTO_USED(BIO_get_host_ip); -LCRYPTO_USED(BIO_get_accept_socket); -LCRYPTO_USED(BIO_accept); -LCRYPTO_USED(BIO_sock_init); -LCRYPTO_USED(BIO_sock_cleanup); -LCRYPTO_USED(BIO_set_tcp_ndelay); -LCRYPTO_USED(BIO_new_socket); -LCRYPTO_USED(BIO_new_dgram); -LCRYPTO_USED(BIO_new_fd); -LCRYPTO_USED(BIO_new_connect); -LCRYPTO_USED(BIO_new_accept); -LCRYPTO_USED(BIO_copy_next_retry); -LCRYPTO_USED(BIO_printf); -LCRYPTO_USED(ERR_load_BIO_strings); -LCRYPTO_USED(BIO_get_ex_new_index); -LCRYPTO_USED(BIO_new_bio_pair); - -#endif /* _LIBCRYPTO_BIO_H */ diff --git a/src/lib/libcrypto/hidden/openssl/blowfish.h b/src/lib/libcrypto/hidden/openssl/blowfish.h deleted file mode 100644 index e9a0d98fe8..0000000000 --- a/src/lib/libcrypto/hidden/openssl/blowfish.h +++ /dev/null @@ -1,36 +0,0 @@ -/* $OpenBSD: blowfish.h,v 1.1 2024/03/29 02:37:20 joshua Exp $ */ -/* - * Copyright (c) 2024 Joshua Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_BLOWFISH_H -#define _LIBCRYPTO_BLOWFISH_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/blowfish.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(BF_set_key); -LCRYPTO_USED(BF_encrypt); -LCRYPTO_USED(BF_decrypt); -LCRYPTO_USED(BF_ecb_encrypt); -LCRYPTO_USED(BF_cbc_encrypt); -LCRYPTO_USED(BF_cfb64_encrypt); -LCRYPTO_USED(BF_ofb64_encrypt); - -#endif /* _LIBCRYPTO_BLOWFISH_H */ diff --git a/src/lib/libcrypto/hidden/openssl/bn.h b/src/lib/libcrypto/hidden/openssl/bn.h deleted file mode 100644 index af3465c790..0000000000 --- a/src/lib/libcrypto/hidden/openssl/bn.h +++ /dev/null @@ -1,145 +0,0 @@ -/* $OpenBSD: bn.h,v 1.7 2024/04/10 14:58:06 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_BN_H -#define _LIBCRYPTO_BN_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/bn.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(BN_set_flags); -LCRYPTO_USED(BN_get_flags); -LCRYPTO_USED(BN_with_flags); -LCRYPTO_USED(BN_GENCB_new); -LCRYPTO_USED(BN_GENCB_free); -LCRYPTO_USED(BN_GENCB_call); -LCRYPTO_USED(BN_GENCB_set_old); -LCRYPTO_USED(BN_GENCB_set); -LCRYPTO_USED(BN_GENCB_get_arg); -LCRYPTO_USED(BN_abs_is_word); -LCRYPTO_USED(BN_is_zero); -LCRYPTO_USED(BN_is_one); -LCRYPTO_USED(BN_is_word); -LCRYPTO_USED(BN_is_odd); -LCRYPTO_USED(BN_zero); -LCRYPTO_USED(BN_one); -LCRYPTO_USED(BN_value_one); -LCRYPTO_USED(BN_CTX_new); -LCRYPTO_USED(BN_CTX_free); -LCRYPTO_USED(BN_CTX_start); -LCRYPTO_USED(BN_CTX_get); -LCRYPTO_USED(BN_CTX_end); -LCRYPTO_USED(BN_rand); -LCRYPTO_USED(BN_pseudo_rand); -LCRYPTO_USED(BN_rand_range); -LCRYPTO_USED(BN_pseudo_rand_range); -LCRYPTO_USED(BN_num_bits); -LCRYPTO_USED(BN_num_bits_word); -LCRYPTO_USED(BN_new); -LCRYPTO_USED(BN_clear_free); -LCRYPTO_USED(BN_copy); -LCRYPTO_USED(BN_swap); -LCRYPTO_USED(BN_bin2bn); -LCRYPTO_USED(BN_bn2bin); -LCRYPTO_USED(BN_bn2binpad); -LCRYPTO_USED(BN_lebin2bn); -LCRYPTO_USED(BN_bn2lebinpad); -LCRYPTO_USED(BN_mpi2bn); -LCRYPTO_USED(BN_bn2mpi); -LCRYPTO_USED(BN_sub); -LCRYPTO_USED(BN_usub); -LCRYPTO_USED(BN_uadd); -LCRYPTO_USED(BN_add); -LCRYPTO_USED(BN_mul); -LCRYPTO_USED(BN_sqr); -LCRYPTO_USED(BN_set_negative); -LCRYPTO_USED(BN_is_negative); -LCRYPTO_USED(BN_nnmod); -LCRYPTO_USED(BN_mod_add); -LCRYPTO_USED(BN_mod_add_quick); -LCRYPTO_USED(BN_mod_sub); -LCRYPTO_USED(BN_mod_sub_quick); -LCRYPTO_USED(BN_mod_mul); -LCRYPTO_USED(BN_mod_sqr); -LCRYPTO_USED(BN_mod_lshift1); -LCRYPTO_USED(BN_mod_lshift1_quick); -LCRYPTO_USED(BN_mod_lshift); -LCRYPTO_USED(BN_mod_lshift_quick); -LCRYPTO_USED(BN_mod_word); -LCRYPTO_USED(BN_div_word); -LCRYPTO_USED(BN_mul_word); -LCRYPTO_USED(BN_add_word); -LCRYPTO_USED(BN_sub_word); -LCRYPTO_USED(BN_set_word); -LCRYPTO_USED(BN_get_word); -LCRYPTO_USED(BN_cmp); -LCRYPTO_USED(BN_free); -LCRYPTO_USED(BN_is_bit_set); -LCRYPTO_USED(BN_lshift); -LCRYPTO_USED(BN_lshift1); -LCRYPTO_USED(BN_exp); -LCRYPTO_USED(BN_mod_exp_mont_consttime); -LCRYPTO_USED(BN_mask_bits); -LCRYPTO_USED(BN_print_fp); -LCRYPTO_USED(BN_print); -LCRYPTO_USED(BN_rshift); -LCRYPTO_USED(BN_rshift1); -LCRYPTO_USED(BN_clear); -LCRYPTO_USED(BN_dup); -LCRYPTO_USED(BN_ucmp); -LCRYPTO_USED(BN_set_bit); -LCRYPTO_USED(BN_clear_bit); -LCRYPTO_USED(BN_bn2hex); -LCRYPTO_USED(BN_bn2dec); -LCRYPTO_USED(BN_hex2bn); -LCRYPTO_USED(BN_dec2bn); -LCRYPTO_USED(BN_asc2bn); -LCRYPTO_USED(BN_kronecker); -LCRYPTO_USED(BN_mod_sqrt); -LCRYPTO_USED(BN_consttime_swap); -LCRYPTO_USED(BN_security_bits); -LCRYPTO_USED(BN_generate_prime_ex); -LCRYPTO_USED(BN_is_prime_ex); -LCRYPTO_USED(BN_is_prime_fasttest_ex); -LCRYPTO_USED(BN_MONT_CTX_new); -LCRYPTO_USED(BN_mod_mul_montgomery); -LCRYPTO_USED(BN_to_montgomery); -LCRYPTO_USED(BN_from_montgomery); -LCRYPTO_USED(BN_MONT_CTX_free); -LCRYPTO_USED(BN_MONT_CTX_set); -LCRYPTO_USED(BN_MONT_CTX_copy); -LCRYPTO_USED(BN_MONT_CTX_set_locked); -LCRYPTO_USED(BN_get_rfc2409_prime_768); -LCRYPTO_USED(BN_get_rfc2409_prime_1024); -LCRYPTO_USED(BN_get_rfc3526_prime_1536); -LCRYPTO_USED(BN_get_rfc3526_prime_2048); -LCRYPTO_USED(BN_get_rfc3526_prime_3072); -LCRYPTO_USED(BN_get_rfc3526_prime_4096); -LCRYPTO_USED(BN_get_rfc3526_prime_6144); -LCRYPTO_USED(BN_get_rfc3526_prime_8192); -LCRYPTO_USED(ERR_load_BN_strings); -LCRYPTO_UNUSED(BN_div); -LCRYPTO_UNUSED(BN_mod_exp); -LCRYPTO_UNUSED(BN_mod_exp_mont); -LCRYPTO_UNUSED(BN_gcd); -LCRYPTO_UNUSED(BN_mod_inverse); - -#endif /* _LIBCRYPTO_BN_H */ diff --git a/src/lib/libcrypto/hidden/openssl/buffer.h b/src/lib/libcrypto/hidden/openssl/buffer.h deleted file mode 100644 index 8dd86277f6..0000000000 --- a/src/lib/libcrypto/hidden/openssl/buffer.h +++ /dev/null @@ -1,34 +0,0 @@ -/* $OpenBSD: buffer.h,v 1.1 2023/07/08 08:26:26 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_BUFFER_H -#define _LIBCRYPTO_BUFFER_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/buffer.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(BUF_MEM_new); -LCRYPTO_USED(BUF_MEM_free); -LCRYPTO_USED(BUF_MEM_grow); -LCRYPTO_USED(BUF_MEM_grow_clean); -LCRYPTO_USED(ERR_load_BUF_strings); - -#endif /* _LIBCRYPTO_BUFFER_H */ diff --git a/src/lib/libcrypto/hidden/openssl/camellia.h b/src/lib/libcrypto/hidden/openssl/camellia.h deleted file mode 100644 index bf7f43b1b3..0000000000 --- a/src/lib/libcrypto/hidden/openssl/camellia.h +++ /dev/null @@ -1,39 +0,0 @@ -/* $OpenBSD: camellia.h,v 1.1 2024/03/30 04:58:12 joshua Exp $ */ -/* - * Copyright (c) 2024 Joshua Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_CAMELLIA_H -#define _LIBCRYPTO_CAMELLIA_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/camellia.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(Camellia_set_key); -LCRYPTO_USED(Camellia_encrypt); -LCRYPTO_USED(Camellia_decrypt); -LCRYPTO_USED(Camellia_ecb_encrypt); -LCRYPTO_USED(Camellia_cbc_encrypt); -LCRYPTO_USED(Camellia_cfb128_encrypt); -LCRYPTO_USED(Camellia_cfb1_encrypt); -LCRYPTO_USED(Camellia_cfb8_encrypt); -LCRYPTO_USED(Camellia_ofb128_encrypt); -LCRYPTO_USED(Camellia_ctr128_encrypt); - -#endif /* _LIBCRYPTO_CAMELLIA_H */ diff --git a/src/lib/libcrypto/hidden/openssl/cast.h b/src/lib/libcrypto/hidden/openssl/cast.h deleted file mode 100644 index 68cf618266..0000000000 --- a/src/lib/libcrypto/hidden/openssl/cast.h +++ /dev/null @@ -1,36 +0,0 @@ -/* $OpenBSD: cast.h,v 1.1 2023/07/08 10:44:00 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_CAST_H -#define _LIBCRYPTO_CAST_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/cast.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(CAST_set_key); -LCRYPTO_USED(CAST_ecb_encrypt); -LCRYPTO_USED(CAST_encrypt); -LCRYPTO_USED(CAST_decrypt); -LCRYPTO_USED(CAST_cbc_encrypt); -LCRYPTO_USED(CAST_cfb64_encrypt); -LCRYPTO_USED(CAST_ofb64_encrypt); - -#endif /* _LIBCRYPTO_CAST_H */ diff --git a/src/lib/libcrypto/hidden/openssl/chacha.h b/src/lib/libcrypto/hidden/openssl/chacha.h deleted file mode 100644 index a9f3b7e908..0000000000 --- a/src/lib/libcrypto/hidden/openssl/chacha.h +++ /dev/null @@ -1,35 +0,0 @@ -/* $OpenBSD: chacha.h,v 1.3 2023/07/07 19:37:54 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_CHACHA_H -#define _LIBCRYPTO_CHACHA_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/chacha.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(ChaCha_set_key); -LCRYPTO_USED(ChaCha_set_iv); -LCRYPTO_USED(ChaCha); -LCRYPTO_USED(CRYPTO_chacha_20); -LCRYPTO_USED(CRYPTO_xchacha_20); -LCRYPTO_USED(CRYPTO_hchacha_20); - -#endif /* _LIBCRYPTO_CHACHA_H */ diff --git a/src/lib/libcrypto/hidden/openssl/cmac.h b/src/lib/libcrypto/hidden/openssl/cmac.h deleted file mode 100644 index 1e802aa887..0000000000 --- a/src/lib/libcrypto/hidden/openssl/cmac.h +++ /dev/null @@ -1,37 +0,0 @@ -/* $OpenBSD: cmac.h,v 1.2 2024/03/02 09:30:21 tb Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_CMAC_H -#define _LIBCRYPTO_CMAC_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/cmac.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(CMAC_CTX_new); -LCRYPTO_USED(CMAC_CTX_cleanup); -LCRYPTO_USED(CMAC_CTX_free); -LCRYPTO_USED(CMAC_CTX_get0_cipher_ctx); -LCRYPTO_USED(CMAC_CTX_copy); -LCRYPTO_USED(CMAC_Init); -LCRYPTO_USED(CMAC_Update); -LCRYPTO_USED(CMAC_Final); - -#endif /* _LIBCRYPTO_CMAC_H */ diff --git a/src/lib/libcrypto/hidden/openssl/cms.h b/src/lib/libcrypto/hidden/openssl/cms.h deleted file mode 100644 index a99c977755..0000000000 --- a/src/lib/libcrypto/hidden/openssl/cms.h +++ /dev/null @@ -1,161 +0,0 @@ -/* $OpenBSD: cms.h,v 1.4 2024/07/09 06:12:45 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_CMS_H -#define _LIBCRYPTO_CMS_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/cms.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(CMS_ContentInfo_new); -LCRYPTO_USED(CMS_ContentInfo_free); -LCRYPTO_USED(d2i_CMS_ContentInfo); -LCRYPTO_USED(i2d_CMS_ContentInfo); -LCRYPTO_USED(CMS_ReceiptRequest_new); -LCRYPTO_USED(CMS_ReceiptRequest_free); -LCRYPTO_USED(d2i_CMS_ReceiptRequest); -LCRYPTO_USED(i2d_CMS_ReceiptRequest); -LCRYPTO_USED(CMS_ContentInfo_print_ctx); -LCRYPTO_USED(CMS_get0_type); -LCRYPTO_USED(CMS_get_version); -LCRYPTO_USED(CMS_SignerInfo_get_version); -LCRYPTO_USED(CMS_dataInit); -LCRYPTO_USED(CMS_dataFinal); -LCRYPTO_USED(CMS_get0_content); -LCRYPTO_USED(CMS_is_detached); -LCRYPTO_USED(CMS_set_detached); -LCRYPTO_USED(PEM_read_bio_CMS); -LCRYPTO_USED(PEM_read_CMS); -LCRYPTO_USED(PEM_write_bio_CMS); -LCRYPTO_USED(PEM_write_CMS); -LCRYPTO_USED(CMS_stream); -LCRYPTO_USED(d2i_CMS_bio); -LCRYPTO_USED(i2d_CMS_bio); -LCRYPTO_USED(BIO_new_CMS); -LCRYPTO_USED(i2d_CMS_bio_stream); -LCRYPTO_USED(PEM_write_bio_CMS_stream); -LCRYPTO_USED(SMIME_read_CMS); -LCRYPTO_USED(SMIME_write_CMS); -LCRYPTO_USED(CMS_final); -LCRYPTO_USED(CMS_sign); -LCRYPTO_USED(CMS_sign_receipt); -LCRYPTO_USED(CMS_data); -LCRYPTO_USED(CMS_data_create); -LCRYPTO_USED(CMS_digest_verify); -LCRYPTO_USED(CMS_digest_create); -LCRYPTO_USED(CMS_EncryptedData_decrypt); -LCRYPTO_USED(CMS_EncryptedData_encrypt); -LCRYPTO_USED(CMS_EncryptedData_set1_key); -LCRYPTO_USED(CMS_verify); -LCRYPTO_USED(CMS_verify_receipt); -LCRYPTO_USED(CMS_get0_signers); -LCRYPTO_USED(CMS_encrypt); -LCRYPTO_USED(CMS_decrypt); -LCRYPTO_USED(CMS_decrypt_set1_pkey); -LCRYPTO_USED(CMS_decrypt_set1_key); -LCRYPTO_USED(CMS_decrypt_set1_password); -LCRYPTO_USED(CMS_get0_RecipientInfos); -LCRYPTO_USED(CMS_RecipientInfo_type); -LCRYPTO_USED(CMS_RecipientInfo_get0_pkey_ctx); -LCRYPTO_USED(CMS_EnvelopedData_create); -LCRYPTO_USED(CMS_add1_recipient_cert); -LCRYPTO_USED(CMS_RecipientInfo_set0_pkey); -LCRYPTO_USED(CMS_RecipientInfo_ktri_cert_cmp); -LCRYPTO_USED(CMS_RecipientInfo_ktri_get0_algs); -LCRYPTO_USED(CMS_RecipientInfo_ktri_get0_signer_id); -LCRYPTO_USED(CMS_add0_recipient_key); -LCRYPTO_USED(CMS_RecipientInfo_kekri_get0_id); -LCRYPTO_USED(CMS_RecipientInfo_set0_key); -LCRYPTO_USED(CMS_RecipientInfo_kekri_id_cmp); -LCRYPTO_USED(CMS_RecipientInfo_set0_password); -LCRYPTO_USED(CMS_add0_recipient_password); -LCRYPTO_USED(CMS_RecipientInfo_decrypt); -LCRYPTO_USED(CMS_RecipientInfo_encrypt); -LCRYPTO_USED(CMS_uncompress); -LCRYPTO_USED(CMS_compress); -LCRYPTO_USED(CMS_set1_eContentType); -LCRYPTO_USED(CMS_get0_eContentType); -LCRYPTO_USED(CMS_add0_CertificateChoices); -LCRYPTO_USED(CMS_add0_cert); -LCRYPTO_USED(CMS_add1_cert); -LCRYPTO_USED(CMS_get1_certs); -LCRYPTO_USED(CMS_add0_RevocationInfoChoice); -LCRYPTO_USED(CMS_add0_crl); -LCRYPTO_USED(CMS_add1_crl); -LCRYPTO_USED(CMS_get1_crls); -LCRYPTO_USED(CMS_SignedData_init); -LCRYPTO_USED(CMS_add1_signer); -LCRYPTO_USED(CMS_SignerInfo_get0_pkey_ctx); -LCRYPTO_USED(CMS_SignerInfo_get0_md_ctx); -LCRYPTO_USED(CMS_get0_SignerInfos); -LCRYPTO_USED(CMS_SignerInfo_set1_signer_cert); -LCRYPTO_USED(CMS_SignerInfo_get0_signer_id); -LCRYPTO_USED(CMS_SignerInfo_cert_cmp); -LCRYPTO_USED(CMS_set1_signers_certs); -LCRYPTO_USED(CMS_SignerInfo_get0_algs); -LCRYPTO_USED(CMS_SignerInfo_get0_signature); -LCRYPTO_USED(CMS_SignerInfo_sign); -LCRYPTO_USED(CMS_SignerInfo_verify); -LCRYPTO_USED(CMS_SignerInfo_verify_content); -LCRYPTO_USED(CMS_add_smimecap); -LCRYPTO_USED(CMS_add_simple_smimecap); -LCRYPTO_USED(CMS_add_standard_smimecap); -LCRYPTO_USED(CMS_signed_get_attr_count); -LCRYPTO_USED(CMS_signed_get_attr_by_NID); -LCRYPTO_USED(CMS_signed_get_attr_by_OBJ); -LCRYPTO_USED(CMS_signed_get_attr); -LCRYPTO_USED(CMS_signed_delete_attr); -LCRYPTO_USED(CMS_signed_add1_attr); -LCRYPTO_USED(CMS_signed_add1_attr_by_OBJ); -LCRYPTO_USED(CMS_signed_add1_attr_by_NID); -LCRYPTO_USED(CMS_signed_add1_attr_by_txt); -LCRYPTO_USED(CMS_signed_get0_data_by_OBJ); -LCRYPTO_USED(CMS_unsigned_get_attr_count); -LCRYPTO_USED(CMS_unsigned_get_attr_by_NID); -LCRYPTO_USED(CMS_unsigned_get_attr_by_OBJ); -LCRYPTO_USED(CMS_unsigned_get_attr); -LCRYPTO_USED(CMS_unsigned_delete_attr); -LCRYPTO_USED(CMS_unsigned_add1_attr); -LCRYPTO_USED(CMS_unsigned_add1_attr_by_OBJ); -LCRYPTO_USED(CMS_unsigned_add1_attr_by_NID); -LCRYPTO_USED(CMS_unsigned_add1_attr_by_txt); -LCRYPTO_USED(CMS_unsigned_get0_data_by_OBJ); -LCRYPTO_USED(CMS_get1_ReceiptRequest); -LCRYPTO_USED(CMS_ReceiptRequest_create0); -LCRYPTO_USED(CMS_add1_ReceiptRequest); -LCRYPTO_USED(CMS_ReceiptRequest_get0_values); -LCRYPTO_USED(CMS_RecipientInfo_kari_get0_alg); -LCRYPTO_USED(CMS_RecipientInfo_kari_get0_reks); -LCRYPTO_USED(CMS_RecipientInfo_kari_get0_orig_id); -LCRYPTO_USED(CMS_RecipientInfo_kari_orig_id_cmp); -LCRYPTO_USED(CMS_RecipientEncryptedKey_get0_id); -LCRYPTO_USED(CMS_RecipientEncryptedKey_cert_cmp); -LCRYPTO_USED(CMS_RecipientInfo_kari_set0_pkey); -LCRYPTO_USED(CMS_RecipientInfo_kari_get0_ctx); -LCRYPTO_USED(CMS_RecipientInfo_kari_decrypt); -LCRYPTO_USED(CMS_SharedInfo_encode); -LCRYPTO_USED(ERR_load_CMS_strings); -#if defined(LIBRESSL_NAMESPACE) -extern LCRYPTO_USED(CMS_ContentInfo_it); -extern LCRYPTO_USED(CMS_ReceiptRequest_it); -#endif - -#endif /* _LIBCRYPTO_CMS_H */ diff --git a/src/lib/libcrypto/hidden/openssl/conf.h b/src/lib/libcrypto/hidden/openssl/conf.h deleted file mode 100644 index f3780985b8..0000000000 --- a/src/lib/libcrypto/hidden/openssl/conf.h +++ /dev/null @@ -1,45 +0,0 @@ -/* $OpenBSD: conf.h,v 1.9 2024/08/31 09:54:31 tb Exp $ */ -/* - * Copyright (c) 2024 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_CONF_H -#define _LIBCRYPTO_CONF_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/conf.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(OPENSSL_config); -LCRYPTO_USED(OPENSSL_no_config); -LCRYPTO_USED(NCONF_new); -LCRYPTO_USED(NCONF_free); -LCRYPTO_USED(NCONF_load); -LCRYPTO_USED(NCONF_load_bio); -LCRYPTO_USED(NCONF_get_section); -LCRYPTO_USED(NCONF_get_string); -LCRYPTO_USED(NCONF_get_number_e); -LCRYPTO_USED(CONF_modules_load); -LCRYPTO_USED(CONF_modules_load_file); -LCRYPTO_USED(CONF_modules_unload); -LCRYPTO_USED(CONF_modules_finish); -LCRYPTO_USED(CONF_modules_free); -LCRYPTO_USED(CONF_get1_default_config_file); -LCRYPTO_USED(ERR_load_CONF_strings); - -#endif /* _LIBCRYPTO_CONF_H */ diff --git a/src/lib/libcrypto/hidden/openssl/crypto.h b/src/lib/libcrypto/hidden/openssl/crypto.h deleted file mode 100644 index fcaea05d48..0000000000 --- a/src/lib/libcrypto/hidden/openssl/crypto.h +++ /dev/null @@ -1,81 +0,0 @@ -/* $OpenBSD: crypto.h,v 1.9 2025/03/09 15:29:56 tb Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_CRYPTO_H -#define _LIBCRYPTO_CRYPTO_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/crypto.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(OpenSSL_version); -LCRYPTO_USED(OpenSSL_version_num); -LCRYPTO_USED(SSLeay_version); -LCRYPTO_USED(SSLeay); -LCRYPTO_USED(CRYPTO_get_ex_new_index); -LCRYPTO_USED(CRYPTO_new_ex_data); -LCRYPTO_USED(CRYPTO_dup_ex_data); -LCRYPTO_USED(CRYPTO_free_ex_data); -LCRYPTO_USED(CRYPTO_set_ex_data); -LCRYPTO_USED(CRYPTO_get_ex_data); -LCRYPTO_USED(CRYPTO_cleanup_all_ex_data); -LCRYPTO_USED(CRYPTO_lock); -LCRYPTO_USED(CRYPTO_add_lock); -LCRYPTO_USED(CRYPTO_set_mem_functions); -LCRYPTO_USED(OpenSSLDie); -LCRYPTO_USED(OPENSSL_cpu_caps); -LCRYPTO_USED(OPENSSL_init_crypto); -LCRYPTO_USED(OPENSSL_cleanup); -LCRYPTO_USED(OPENSSL_gmtime); -LCRYPTO_USED(ERR_load_CRYPTO_strings); -LCRYPTO_UNUSED(CRYPTO_mem_ctrl); -LCRYPTO_UNUSED(CRYPTO_set_id_callback); -LCRYPTO_UNUSED(CRYPTO_get_id_callback); -LCRYPTO_UNUSED(CRYPTO_thread_id); -LCRYPTO_UNUSED(CRYPTO_get_new_lockid); -LCRYPTO_UNUSED(CRYPTO_get_lock_name); -LCRYPTO_UNUSED(CRYPTO_num_locks); -LCRYPTO_UNUSED(CRYPTO_set_locking_callback); -LCRYPTO_UNUSED(CRYPTO_get_locking_callback); -LCRYPTO_UNUSED(CRYPTO_set_add_lock_callback); -LCRYPTO_UNUSED(CRYPTO_get_add_lock_callback); -LCRYPTO_UNUSED(CRYPTO_THREADID_set_numeric); -LCRYPTO_UNUSED(CRYPTO_THREADID_set_pointer); -LCRYPTO_UNUSED(CRYPTO_THREADID_set_callback); -LCRYPTO_UNUSED(CRYPTO_THREADID_get_callback); -LCRYPTO_UNUSED(CRYPTO_get_new_dynlockid); -LCRYPTO_UNUSED(CRYPTO_destroy_dynlockid); -LCRYPTO_UNUSED(CRYPTO_get_dynlock_value); -LCRYPTO_UNUSED(CRYPTO_set_dynlock_create_callback); -LCRYPTO_UNUSED(CRYPTO_set_dynlock_lock_callback); -LCRYPTO_UNUSED(CRYPTO_set_dynlock_destroy_callback); -LCRYPTO_UNUSED(CRYPTO_get_dynlock_lock_callback); -LCRYPTO_UNUSED(CRYPTO_get_dynlock_destroy_callback); -LCRYPTO_UNUSED(CRYPTO_get_dynlock_create_callback); -LCRYPTO_UNUSED(CRYPTO_malloc); -LCRYPTO_UNUSED(CRYPTO_strdup); -LCRYPTO_UNUSED(CRYPTO_free); -LCRYPTO_UNUSED(OPENSSL_cleanse); -LCRYPTO_UNUSED(FIPS_mode); -LCRYPTO_UNUSED(FIPS_mode_set); -LCRYPTO_UNUSED(OPENSSL_init); -LCRYPTO_UNUSED(CRYPTO_memcmp); - -#endif /* _LIBCRYPTO_CRYPTO_H */ diff --git a/src/lib/libcrypto/hidden/openssl/ct.h b/src/lib/libcrypto/hidden/openssl/ct.h deleted file mode 100644 index a1c9b338ec..0000000000 --- a/src/lib/libcrypto/hidden/openssl/ct.h +++ /dev/null @@ -1,85 +0,0 @@ -/* $OpenBSD: ct.h,v 1.1 2023/07/08 07:22:58 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_CT_H -#define _LIBCRYPTO_CT_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/ct.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(CT_POLICY_EVAL_CTX_new); -LCRYPTO_USED(CT_POLICY_EVAL_CTX_free); -LCRYPTO_USED(CT_POLICY_EVAL_CTX_get0_cert); -LCRYPTO_USED(CT_POLICY_EVAL_CTX_set1_cert); -LCRYPTO_USED(CT_POLICY_EVAL_CTX_get0_issuer); -LCRYPTO_USED(CT_POLICY_EVAL_CTX_set1_issuer); -LCRYPTO_USED(CT_POLICY_EVAL_CTX_get0_log_store); -LCRYPTO_USED(CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE); -LCRYPTO_USED(CT_POLICY_EVAL_CTX_get_time); -LCRYPTO_USED(CT_POLICY_EVAL_CTX_set_time); -LCRYPTO_USED(SCT_new); -LCRYPTO_USED(SCT_new_from_base64); -LCRYPTO_USED(SCT_free); -LCRYPTO_USED(SCT_LIST_free); -LCRYPTO_USED(SCT_get_version); -LCRYPTO_USED(SCT_set_version); -LCRYPTO_USED(SCT_get_log_entry_type); -LCRYPTO_USED(SCT_set_log_entry_type); -LCRYPTO_USED(SCT_get0_log_id); -LCRYPTO_USED(SCT_set0_log_id); -LCRYPTO_USED(SCT_set1_log_id); -LCRYPTO_USED(SCT_get_timestamp); -LCRYPTO_USED(SCT_set_timestamp); -LCRYPTO_USED(SCT_get_signature_nid); -LCRYPTO_USED(SCT_set_signature_nid); -LCRYPTO_USED(SCT_get0_extensions); -LCRYPTO_USED(SCT_set0_extensions); -LCRYPTO_USED(SCT_set1_extensions); -LCRYPTO_USED(SCT_get0_signature); -LCRYPTO_USED(SCT_set0_signature); -LCRYPTO_USED(SCT_set1_signature); -LCRYPTO_USED(SCT_get_source); -LCRYPTO_USED(SCT_set_source); -LCRYPTO_USED(SCT_validation_status_string); -LCRYPTO_USED(SCT_print); -LCRYPTO_USED(SCT_LIST_print); -LCRYPTO_USED(SCT_get_validation_status); -LCRYPTO_USED(SCT_validate); -LCRYPTO_USED(SCT_LIST_validate); -LCRYPTO_USED(i2o_SCT_LIST); -LCRYPTO_USED(o2i_SCT_LIST); -LCRYPTO_USED(i2d_SCT_LIST); -LCRYPTO_USED(d2i_SCT_LIST); -LCRYPTO_USED(i2o_SCT); -LCRYPTO_USED(o2i_SCT); -LCRYPTO_USED(CTLOG_new); -LCRYPTO_USED(CTLOG_new_from_base64); -LCRYPTO_USED(CTLOG_free); -LCRYPTO_USED(CTLOG_get0_name); -LCRYPTO_USED(CTLOG_get0_log_id); -LCRYPTO_USED(CTLOG_get0_public_key); -LCRYPTO_USED(CTLOG_STORE_new); -LCRYPTO_USED(CTLOG_STORE_free); -LCRYPTO_USED(CTLOG_STORE_get0_log_by_id); -LCRYPTO_USED(CTLOG_STORE_load_file); -LCRYPTO_USED(CTLOG_STORE_load_default_file); - -#endif /* _LIBCRYPTO_CT_H */ diff --git a/src/lib/libcrypto/hidden/openssl/curve25519.h b/src/lib/libcrypto/hidden/openssl/curve25519.h deleted file mode 100644 index 3afa324e0a..0000000000 --- a/src/lib/libcrypto/hidden/openssl/curve25519.h +++ /dev/null @@ -1,34 +0,0 @@ -/* $OpenBSD: curve25519.h,v 1.1 2023/07/08 15:12:49 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_CURVE25519_H -#define _LIBCRYPTO_CURVE25519_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/curve25519.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(X25519_keypair); -LCRYPTO_USED(X25519); -LCRYPTO_USED(ED25519_keypair); -LCRYPTO_USED(ED25519_sign); -LCRYPTO_USED(ED25519_verify); - -#endif /* _LIBCRYPTO_CURVE25519_H */ diff --git a/src/lib/libcrypto/hidden/openssl/des.h b/src/lib/libcrypto/hidden/openssl/des.h deleted file mode 100644 index 645181199b..0000000000 --- a/src/lib/libcrypto/hidden/openssl/des.h +++ /dev/null @@ -1,65 +0,0 @@ -/* $OpenBSD: des.h,v 1.3 2024/08/31 10:30:16 tb Exp $ */ -/* - * Copyright (c) 2024 Joshua Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_DES_H -#define _LIBCRYPTO_DES_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/des.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(DES_ecb3_encrypt); -LCRYPTO_USED(DES_cbc_cksum); -LCRYPTO_USED(DES_cbc_encrypt); -LCRYPTO_USED(DES_ncbc_encrypt); -LCRYPTO_USED(DES_xcbc_encrypt); -LCRYPTO_USED(DES_cfb_encrypt); -LCRYPTO_USED(DES_ecb_encrypt); -LCRYPTO_USED(DES_encrypt1); -LCRYPTO_USED(DES_encrypt2); -LCRYPTO_USED(DES_encrypt3); -LCRYPTO_USED(DES_decrypt3); -LCRYPTO_USED(DES_ede3_cbc_encrypt); -LCRYPTO_USED(DES_ede3_cbcm_encrypt); -LCRYPTO_USED(DES_ede3_cfb64_encrypt); -LCRYPTO_USED(DES_ede3_cfb_encrypt); -LCRYPTO_USED(DES_ede3_ofb64_encrypt); -LCRYPTO_USED(DES_fcrypt); -LCRYPTO_USED(DES_crypt); -LCRYPTO_USED(DES_ofb_encrypt); -LCRYPTO_USED(DES_pcbc_encrypt); -LCRYPTO_USED(DES_quad_cksum); -LCRYPTO_USED(DES_random_key); -LCRYPTO_USED(DES_set_odd_parity); -LCRYPTO_USED(DES_check_key_parity); -LCRYPTO_USED(DES_is_weak_key); -LCRYPTO_USED(DES_set_key); -LCRYPTO_USED(DES_key_sched); -LCRYPTO_USED(DES_set_key_checked); -LCRYPTO_USED(DES_set_key_unchecked); -LCRYPTO_USED(DES_string_to_key); -LCRYPTO_USED(DES_string_to_2keys); -LCRYPTO_USED(DES_cfb64_encrypt); -LCRYPTO_USED(DES_ofb64_encrypt); -#if defined(LIBRESSL_NAMESPACE) -extern LCRYPTO_USED(DES_check_key); -#endif - -#endif /* _LIBCRYPTO_DES_H */ diff --git a/src/lib/libcrypto/hidden/openssl/dh.h b/src/lib/libcrypto/hidden/openssl/dh.h deleted file mode 100644 index 7e6d578151..0000000000 --- a/src/lib/libcrypto/hidden/openssl/dh.h +++ /dev/null @@ -1,74 +0,0 @@ -/* $OpenBSD: dh.h,v 1.1 2023/07/08 15:29:04 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_DH_H -#define _LIBCRYPTO_DH_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/dh.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(d2i_DHparams_bio); -LCRYPTO_USED(i2d_DHparams_bio); -LCRYPTO_USED(d2i_DHparams_fp); -LCRYPTO_USED(i2d_DHparams_fp); -LCRYPTO_USED(DHparams_dup); -LCRYPTO_USED(DH_OpenSSL); -LCRYPTO_USED(DH_set_default_method); -LCRYPTO_USED(DH_get_default_method); -LCRYPTO_USED(DH_set_method); -LCRYPTO_USED(DH_new_method); -LCRYPTO_USED(DH_new); -LCRYPTO_USED(DH_free); -LCRYPTO_USED(DH_up_ref); -LCRYPTO_USED(DH_size); -LCRYPTO_USED(DH_bits); -LCRYPTO_USED(DH_get_ex_new_index); -LCRYPTO_USED(DH_set_ex_data); -LCRYPTO_USED(DH_get_ex_data); -LCRYPTO_USED(DH_security_bits); -LCRYPTO_USED(DH_get0_engine); -LCRYPTO_USED(DH_get0_pqg); -LCRYPTO_USED(DH_set0_pqg); -LCRYPTO_USED(DH_get0_key); -LCRYPTO_USED(DH_set0_key); -LCRYPTO_USED(DH_get0_p); -LCRYPTO_USED(DH_get0_q); -LCRYPTO_USED(DH_get0_g); -LCRYPTO_USED(DH_get0_priv_key); -LCRYPTO_USED(DH_get0_pub_key); -LCRYPTO_USED(DH_clear_flags); -LCRYPTO_USED(DH_test_flags); -LCRYPTO_USED(DH_set_flags); -LCRYPTO_USED(DH_get_length); -LCRYPTO_USED(DH_set_length); -LCRYPTO_USED(DH_generate_parameters); -LCRYPTO_USED(DH_generate_parameters_ex); -LCRYPTO_USED(DH_check); -LCRYPTO_USED(DH_check_pub_key); -LCRYPTO_USED(DH_generate_key); -LCRYPTO_USED(DH_compute_key); -LCRYPTO_USED(d2i_DHparams); -LCRYPTO_USED(i2d_DHparams); -LCRYPTO_USED(DHparams_print_fp); -LCRYPTO_USED(DHparams_print); -LCRYPTO_USED(ERR_load_DH_strings); - -#endif /* _LIBCRYPTO_DH_H */ diff --git a/src/lib/libcrypto/hidden/openssl/dsa.h b/src/lib/libcrypto/hidden/openssl/dsa.h deleted file mode 100644 index c00c0af6df..0000000000 --- a/src/lib/libcrypto/hidden/openssl/dsa.h +++ /dev/null @@ -1,98 +0,0 @@ -/* $OpenBSD: dsa.h,v 1.3 2024/07/08 17:11:05 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_DSA_H -#define _LIBCRYPTO_DSA_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/dsa.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(d2i_DSAparams_bio); -LCRYPTO_USED(i2d_DSAparams_bio); -LCRYPTO_USED(d2i_DSAparams_fp); -LCRYPTO_USED(i2d_DSAparams_fp); -LCRYPTO_USED(DSAparams_dup); -LCRYPTO_USED(DSA_SIG_new); -LCRYPTO_USED(DSA_SIG_free); -LCRYPTO_USED(i2d_DSA_SIG); -LCRYPTO_USED(d2i_DSA_SIG); -LCRYPTO_USED(DSA_SIG_get0); -LCRYPTO_USED(DSA_SIG_set0); -LCRYPTO_USED(DSA_do_sign); -LCRYPTO_USED(DSA_do_verify); -LCRYPTO_USED(DSA_OpenSSL); -LCRYPTO_USED(DSA_set_default_method); -LCRYPTO_USED(DSA_get_default_method); -LCRYPTO_USED(DSA_set_method); -LCRYPTO_USED(DSA_new); -LCRYPTO_USED(DSA_new_method); -LCRYPTO_USED(DSA_free); -LCRYPTO_USED(DSA_up_ref); -LCRYPTO_USED(DSA_size); -LCRYPTO_USED(DSA_bits); -LCRYPTO_USED(DSA_sign_setup); -LCRYPTO_USED(DSA_sign); -LCRYPTO_USED(DSA_verify); -LCRYPTO_USED(DSA_get_ex_new_index); -LCRYPTO_USED(DSA_set_ex_data); -LCRYPTO_USED(DSA_get_ex_data); -LCRYPTO_USED(DSA_security_bits); -LCRYPTO_USED(d2i_DSAPublicKey); -LCRYPTO_USED(i2d_DSAPublicKey); -LCRYPTO_USED(d2i_DSAPrivateKey); -LCRYPTO_USED(i2d_DSAPrivateKey); -LCRYPTO_USED(d2i_DSAparams); -LCRYPTO_USED(i2d_DSAparams); -LCRYPTO_USED(DSA_generate_parameters_ex); -LCRYPTO_USED(DSA_generate_key); -LCRYPTO_USED(DSAparams_print); -LCRYPTO_USED(DSA_print); -LCRYPTO_USED(DSAparams_print_fp); -LCRYPTO_USED(DSA_print_fp); -LCRYPTO_USED(DSA_dup_DH); -LCRYPTO_USED(DSA_get0_pqg); -LCRYPTO_USED(DSA_set0_pqg); -LCRYPTO_USED(DSA_get0_key); -LCRYPTO_USED(DSA_set0_key); -LCRYPTO_USED(DSA_get0_p); -LCRYPTO_USED(DSA_get0_q); -LCRYPTO_USED(DSA_get0_g); -LCRYPTO_USED(DSA_get0_pub_key); -LCRYPTO_USED(DSA_get0_priv_key); -LCRYPTO_USED(DSA_clear_flags); -LCRYPTO_USED(DSA_test_flags); -LCRYPTO_USED(DSA_set_flags); -LCRYPTO_USED(DSA_get0_engine); -LCRYPTO_USED(DSA_meth_new); -LCRYPTO_USED(DSA_meth_free); -LCRYPTO_USED(DSA_meth_dup); -LCRYPTO_USED(DSA_meth_get0_name); -LCRYPTO_USED(DSA_meth_set1_name); -LCRYPTO_USED(DSA_meth_set_sign); -LCRYPTO_USED(DSA_meth_set_finish); -LCRYPTO_USED(ERR_load_DSA_strings); -#if defined(LIBRESSL_NAMESPACE) -extern LCRYPTO_USED(DSAPublicKey_it); -extern LCRYPTO_USED(DSAPrivateKey_it); -extern LCRYPTO_USED(DSAparams_it); -#endif - -#endif /* _LIBCRYPTO_DSA_H */ diff --git a/src/lib/libcrypto/hidden/openssl/ec.h b/src/lib/libcrypto/hidden/openssl/ec.h deleted file mode 100644 index 31ca83f147..0000000000 --- a/src/lib/libcrypto/hidden/openssl/ec.h +++ /dev/null @@ -1,161 +0,0 @@ -/* $OpenBSD: ec.h,v 1.12 2025/03/09 15:42:19 tb Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_EC_H -#define _LIBCRYPTO_EC_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/ec.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(EC_GROUP_free); -LCRYPTO_USED(EC_GROUP_dup); -LCRYPTO_USED(EC_GROUP_set_generator); -LCRYPTO_USED(EC_GROUP_get0_generator); -LCRYPTO_USED(EC_GROUP_get_order); -LCRYPTO_USED(EC_GROUP_order_bits); -LCRYPTO_USED(EC_GROUP_get_cofactor); -LCRYPTO_USED(EC_GROUP_set_curve_name); -LCRYPTO_USED(EC_GROUP_get_curve_name); -LCRYPTO_USED(EC_GROUP_set_asn1_flag); -LCRYPTO_USED(EC_GROUP_get_asn1_flag); -LCRYPTO_USED(EC_GROUP_set_point_conversion_form); -LCRYPTO_USED(EC_GROUP_get_point_conversion_form); -LCRYPTO_USED(EC_GROUP_get0_seed); -LCRYPTO_USED(EC_GROUP_get_seed_len); -LCRYPTO_USED(EC_GROUP_set_seed); -LCRYPTO_USED(EC_GROUP_set_curve); -LCRYPTO_USED(EC_GROUP_get_curve); -LCRYPTO_USED(EC_GROUP_get_degree); -LCRYPTO_USED(EC_GROUP_check); -LCRYPTO_USED(EC_GROUP_check_discriminant); -LCRYPTO_USED(EC_GROUP_cmp); -LCRYPTO_USED(EC_GROUP_new_curve_GFp); -LCRYPTO_USED(EC_GROUP_new_by_curve_name); -LCRYPTO_USED(EC_get_builtin_curves); -LCRYPTO_USED(EC_curve_nid2nist); -LCRYPTO_USED(EC_curve_nist2nid); -LCRYPTO_USED(EC_POINT_new); -LCRYPTO_USED(EC_POINT_free); -LCRYPTO_USED(EC_POINT_copy); -LCRYPTO_USED(EC_POINT_dup); -LCRYPTO_USED(EC_POINT_set_to_infinity); -LCRYPTO_USED(EC_POINT_set_affine_coordinates); -LCRYPTO_USED(EC_POINT_get_affine_coordinates); -LCRYPTO_USED(EC_POINT_set_compressed_coordinates); -LCRYPTO_USED(EC_POINT_point2oct); -LCRYPTO_USED(EC_POINT_oct2point); -LCRYPTO_USED(EC_POINT_point2bn); -LCRYPTO_USED(EC_POINT_bn2point); -LCRYPTO_USED(EC_POINT_point2hex); -LCRYPTO_USED(EC_POINT_hex2point); -LCRYPTO_USED(EC_POINT_add); -LCRYPTO_USED(EC_POINT_dbl); -LCRYPTO_USED(EC_POINT_invert); -LCRYPTO_USED(EC_POINT_is_at_infinity); -LCRYPTO_USED(EC_POINT_is_on_curve); -LCRYPTO_USED(EC_POINT_cmp); -LCRYPTO_USED(EC_POINT_make_affine); -LCRYPTO_USED(EC_POINT_mul); -LCRYPTO_USED(EC_GROUP_get_basis_type); -LCRYPTO_USED(d2i_ECPKParameters); -LCRYPTO_USED(i2d_ECPKParameters); -LCRYPTO_USED(ECPKParameters_print); -LCRYPTO_USED(ECPKParameters_print_fp); -LCRYPTO_USED(EC_KEY_new); -LCRYPTO_USED(EC_KEY_get_flags); -LCRYPTO_USED(EC_KEY_set_flags); -LCRYPTO_USED(EC_KEY_clear_flags); -LCRYPTO_USED(EC_KEY_new_by_curve_name); -LCRYPTO_USED(EC_KEY_free); -LCRYPTO_USED(EC_KEY_copy); -LCRYPTO_USED(EC_KEY_dup); -LCRYPTO_USED(EC_KEY_up_ref); -LCRYPTO_USED(EC_KEY_get0_group); -LCRYPTO_USED(EC_KEY_set_group); -LCRYPTO_USED(EC_KEY_get0_private_key); -LCRYPTO_USED(EC_KEY_set_private_key); -LCRYPTO_USED(EC_KEY_get0_public_key); -LCRYPTO_USED(EC_KEY_set_public_key); -LCRYPTO_USED(EC_KEY_get_enc_flags); -LCRYPTO_USED(EC_KEY_set_enc_flags); -LCRYPTO_USED(EC_KEY_get_conv_form); -LCRYPTO_USED(EC_KEY_set_conv_form); -LCRYPTO_USED(EC_KEY_set_asn1_flag); -LCRYPTO_USED(EC_KEY_precompute_mult); -LCRYPTO_USED(EC_KEY_generate_key); -LCRYPTO_USED(EC_KEY_check_key); -LCRYPTO_USED(EC_KEY_set_public_key_affine_coordinates); -LCRYPTO_USED(d2i_ECPrivateKey); -LCRYPTO_USED(i2d_ECPrivateKey); -LCRYPTO_USED(d2i_ECParameters); -LCRYPTO_USED(i2d_ECParameters); -LCRYPTO_USED(o2i_ECPublicKey); -LCRYPTO_USED(i2o_ECPublicKey); -LCRYPTO_USED(ECParameters_print); -LCRYPTO_USED(EC_KEY_print); -LCRYPTO_USED(ECParameters_print_fp); -LCRYPTO_USED(EC_KEY_print_fp); -LCRYPTO_USED(EC_KEY_set_ex_data); -LCRYPTO_USED(EC_KEY_get_ex_data); -LCRYPTO_USED(EC_KEY_OpenSSL); -LCRYPTO_USED(EC_KEY_get_default_method); -LCRYPTO_USED(EC_KEY_set_default_method); -LCRYPTO_USED(EC_KEY_get_method); -LCRYPTO_USED(EC_KEY_set_method); -LCRYPTO_USED(EC_KEY_new_method); -LCRYPTO_USED(ECDH_size); -LCRYPTO_USED(ECDH_compute_key); -LCRYPTO_USED(ECDSA_SIG_new); -LCRYPTO_USED(ECDSA_SIG_free); -LCRYPTO_USED(i2d_ECDSA_SIG); -LCRYPTO_USED(d2i_ECDSA_SIG); -LCRYPTO_USED(ECDSA_SIG_get0_r); -LCRYPTO_USED(ECDSA_SIG_get0_s); -LCRYPTO_USED(ECDSA_SIG_get0); -LCRYPTO_USED(ECDSA_SIG_set0); -LCRYPTO_USED(ECDSA_size); -LCRYPTO_USED(ECDSA_do_sign); -LCRYPTO_USED(ECDSA_do_verify); -LCRYPTO_USED(ECDSA_sign); -LCRYPTO_USED(ECDSA_verify); -LCRYPTO_USED(EC_KEY_METHOD_new); -LCRYPTO_USED(EC_KEY_METHOD_free); -LCRYPTO_USED(EC_KEY_METHOD_set_init); -LCRYPTO_USED(EC_KEY_METHOD_set_keygen); -LCRYPTO_USED(EC_KEY_METHOD_set_compute_key); -LCRYPTO_USED(EC_KEY_METHOD_set_sign); -LCRYPTO_USED(EC_KEY_METHOD_set_verify); -LCRYPTO_USED(EC_KEY_METHOD_get_init); -LCRYPTO_USED(EC_KEY_METHOD_get_keygen); -LCRYPTO_USED(EC_KEY_METHOD_get_compute_key); -LCRYPTO_USED(EC_KEY_METHOD_get_sign); -LCRYPTO_USED(EC_KEY_METHOD_get_verify); -LCRYPTO_USED(ECParameters_dup); -LCRYPTO_USED(ERR_load_EC_strings); -LCRYPTO_UNUSED(EC_GROUP_clear_free); -LCRYPTO_UNUSED(EC_GROUP_set_curve_GFp); -LCRYPTO_UNUSED(EC_GROUP_get_curve_GFp); -LCRYPTO_UNUSED(EC_POINT_clear_free); -LCRYPTO_UNUSED(EC_POINT_set_affine_coordinates_GFp); -LCRYPTO_UNUSED(EC_POINT_get_affine_coordinates_GFp); -LCRYPTO_UNUSED(EC_POINT_set_compressed_coordinates_GFp); - -#endif /* _LIBCRYPTO_EC_H */ diff --git a/src/lib/libcrypto/hidden/openssl/engine.h b/src/lib/libcrypto/hidden/openssl/engine.h deleted file mode 100644 index 78334779b1..0000000000 --- a/src/lib/libcrypto/hidden/openssl/engine.h +++ /dev/null @@ -1,48 +0,0 @@ -/* $OpenBSD: engine.h,v 1.1 2024/03/27 06:08:45 tb Exp $ */ -/* - * Copyright (c) 2024 Theo Buehler - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_ENGINE_H -#define _LIBCRYPTO_ENGINE_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/engine.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(ENGINE_load_builtin_engines); -LCRYPTO_USED(ENGINE_load_dynamic); -LCRYPTO_USED(ENGINE_load_openssl); -LCRYPTO_USED(ENGINE_register_all_complete); -LCRYPTO_USED(ENGINE_cleanup); -LCRYPTO_USED(ENGINE_new); -LCRYPTO_USED(ENGINE_free); -LCRYPTO_USED(ENGINE_init); -LCRYPTO_USED(ENGINE_finish); -LCRYPTO_USED(ENGINE_by_id); -LCRYPTO_USED(ENGINE_get_id); -LCRYPTO_USED(ENGINE_get_name); -LCRYPTO_USED(ENGINE_set_default); -LCRYPTO_USED(ENGINE_get_default_RSA); -LCRYPTO_USED(ENGINE_set_default_RSA); -LCRYPTO_USED(ENGINE_ctrl_cmd); -LCRYPTO_USED(ENGINE_ctrl_cmd_string); -LCRYPTO_USED(ENGINE_load_private_key); -LCRYPTO_USED(ENGINE_load_public_key); - -#endif /* _LIBCRYPTO_ENGINE_H */ diff --git a/src/lib/libcrypto/hidden/openssl/err.h b/src/lib/libcrypto/hidden/openssl/err.h deleted file mode 100644 index 026c18a545..0000000000 --- a/src/lib/libcrypto/hidden/openssl/err.h +++ /dev/null @@ -1,60 +0,0 @@ -/* $OpenBSD: err.h,v 1.7 2024/08/31 10:09:15 tb Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_ERR_H -#define _LIBCRYPTO_ERR_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/err.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(ERR_put_error); -LCRYPTO_USED(ERR_set_error_data); -LCRYPTO_USED(ERR_get_error); -LCRYPTO_USED(ERR_get_error_line); -LCRYPTO_USED(ERR_get_error_line_data); -LCRYPTO_USED(ERR_peek_error); -LCRYPTO_USED(ERR_peek_error_line); -LCRYPTO_USED(ERR_peek_error_line_data); -LCRYPTO_USED(ERR_peek_last_error); -LCRYPTO_USED(ERR_peek_last_error_line); -LCRYPTO_USED(ERR_peek_last_error_line_data); -LCRYPTO_USED(ERR_clear_error); -LCRYPTO_USED(ERR_error_string); -LCRYPTO_USED(ERR_error_string_n); -LCRYPTO_USED(ERR_lib_error_string); -LCRYPTO_USED(ERR_func_error_string); -LCRYPTO_USED(ERR_reason_error_string); -LCRYPTO_USED(ERR_print_errors_cb); -LCRYPTO_USED(ERR_print_errors_fp); -LCRYPTO_USED(ERR_print_errors); -LCRYPTO_USED(ERR_asprintf_error_data); -LCRYPTO_USED(ERR_load_strings); -LCRYPTO_USED(ERR_unload_strings); -LCRYPTO_USED(ERR_load_ERR_strings); -LCRYPTO_USED(ERR_load_crypto_strings); -LCRYPTO_USED(ERR_free_strings); -LCRYPTO_USED(ERR_remove_thread_state); -LCRYPTO_USED(ERR_remove_state); -LCRYPTO_USED(ERR_get_next_error_library); -LCRYPTO_USED(ERR_set_mark); -LCRYPTO_USED(ERR_pop_to_mark); - -#endif /* _LIBCRYPTO_ERR_H */ diff --git a/src/lib/libcrypto/hidden/openssl/evp.h b/src/lib/libcrypto/hidden/openssl/evp.h deleted file mode 100644 index 644ba683a5..0000000000 --- a/src/lib/libcrypto/hidden/openssl/evp.h +++ /dev/null @@ -1,379 +0,0 @@ -/* $OpenBSD: evp.h,v 1.6 2024/08/31 10:38:49 tb Exp $ */ -/* - * Copyright (c) 2024 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_EVP_H -#define _LIBCRYPTO_EVP_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/evp.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(EVP_MD_type); -LCRYPTO_USED(EVP_MD_pkey_type); -LCRYPTO_USED(EVP_MD_size); -LCRYPTO_USED(EVP_MD_block_size); -LCRYPTO_USED(EVP_MD_flags); -LCRYPTO_USED(EVP_MD_CTX_md); -LCRYPTO_USED(EVP_MD_CTX_md_data); -LCRYPTO_USED(EVP_MD_CTX_pkey_ctx); -LCRYPTO_USED(EVP_MD_CTX_set_pkey_ctx); -LCRYPTO_USED(EVP_CIPHER_nid); -LCRYPTO_USED(EVP_CIPHER_block_size); -LCRYPTO_USED(EVP_CIPHER_key_length); -LCRYPTO_USED(EVP_CIPHER_iv_length); -LCRYPTO_USED(EVP_CIPHER_flags); -LCRYPTO_USED(EVP_CIPHER_CTX_cipher); -LCRYPTO_USED(EVP_CIPHER_CTX_encrypting); -LCRYPTO_USED(EVP_CIPHER_CTX_nid); -LCRYPTO_USED(EVP_CIPHER_CTX_block_size); -LCRYPTO_USED(EVP_CIPHER_CTX_key_length); -LCRYPTO_USED(EVP_CIPHER_CTX_iv_length); -LCRYPTO_USED(EVP_CIPHER_CTX_get_iv); -LCRYPTO_USED(EVP_CIPHER_CTX_set_iv); -LCRYPTO_USED(EVP_CIPHER_CTX_copy); -LCRYPTO_USED(EVP_CIPHER_CTX_get_app_data); -LCRYPTO_USED(EVP_CIPHER_CTX_set_app_data); -LCRYPTO_USED(EVP_CIPHER_CTX_get_cipher_data); -LCRYPTO_USED(EVP_CIPHER_CTX_set_cipher_data); -LCRYPTO_USED(EVP_CIPHER_CTX_buf_noconst); -LCRYPTO_USED(EVP_CIPHER_CTX_flags); -LCRYPTO_USED(EVP_CIPHER_meth_new); -LCRYPTO_USED(EVP_CIPHER_meth_dup); -LCRYPTO_USED(EVP_CIPHER_meth_free); -LCRYPTO_USED(EVP_CIPHER_meth_set_iv_length); -LCRYPTO_USED(EVP_CIPHER_meth_set_flags); -LCRYPTO_USED(EVP_CIPHER_meth_set_impl_ctx_size); -LCRYPTO_USED(EVP_CIPHER_meth_set_init); -LCRYPTO_USED(EVP_CIPHER_meth_set_do_cipher); -LCRYPTO_USED(EVP_CIPHER_meth_set_cleanup); -LCRYPTO_USED(EVP_CIPHER_meth_set_set_asn1_params); -LCRYPTO_USED(EVP_CIPHER_meth_set_get_asn1_params); -LCRYPTO_USED(EVP_CIPHER_meth_set_ctrl); -LCRYPTO_USED(EVP_PKEY_new_raw_private_key); -LCRYPTO_USED(EVP_PKEY_new_raw_public_key); -LCRYPTO_USED(EVP_PKEY_get_raw_private_key); -LCRYPTO_USED(EVP_PKEY_get_raw_public_key); -LCRYPTO_USED(EVP_Cipher); -LCRYPTO_USED(EVP_MD_CTX_new); -LCRYPTO_USED(EVP_MD_CTX_free); -LCRYPTO_USED(EVP_MD_CTX_reset); -LCRYPTO_USED(EVP_MD_CTX_create); -LCRYPTO_USED(EVP_MD_CTX_destroy); -LCRYPTO_USED(EVP_MD_CTX_cleanup); -LCRYPTO_USED(EVP_MD_CTX_copy_ex); -LCRYPTO_USED(EVP_MD_CTX_set_flags); -LCRYPTO_USED(EVP_MD_CTX_clear_flags); -LCRYPTO_USED(EVP_MD_CTX_ctrl); -LCRYPTO_USED(EVP_MD_CTX_test_flags); -LCRYPTO_USED(EVP_DigestInit_ex); -LCRYPTO_USED(EVP_DigestUpdate); -LCRYPTO_USED(EVP_DigestFinal_ex); -LCRYPTO_USED(EVP_Digest); -LCRYPTO_USED(EVP_MD_CTX_copy); -LCRYPTO_USED(EVP_DigestInit); -LCRYPTO_USED(EVP_DigestFinal); -LCRYPTO_USED(EVP_read_pw_string); -LCRYPTO_USED(EVP_read_pw_string_min); -LCRYPTO_USED(EVP_set_pw_prompt); -LCRYPTO_USED(EVP_get_pw_prompt); -LCRYPTO_USED(EVP_BytesToKey); -LCRYPTO_USED(EVP_CIPHER_CTX_set_flags); -LCRYPTO_USED(EVP_CIPHER_CTX_clear_flags); -LCRYPTO_USED(EVP_CIPHER_CTX_test_flags); -LCRYPTO_USED(EVP_EncryptInit); -LCRYPTO_USED(EVP_EncryptInit_ex); -LCRYPTO_USED(EVP_EncryptUpdate); -LCRYPTO_USED(EVP_EncryptFinal_ex); -LCRYPTO_USED(EVP_DecryptInit); -LCRYPTO_USED(EVP_DecryptInit_ex); -LCRYPTO_USED(EVP_DecryptUpdate); -LCRYPTO_USED(EVP_DecryptFinal_ex); -LCRYPTO_USED(EVP_CipherInit); -LCRYPTO_USED(EVP_CipherInit_ex); -LCRYPTO_USED(EVP_CipherUpdate); -LCRYPTO_USED(EVP_CipherFinal_ex); -LCRYPTO_USED(EVP_SignFinal); -LCRYPTO_USED(EVP_VerifyFinal); -LCRYPTO_USED(EVP_DigestSignInit); -LCRYPTO_USED(EVP_DigestSignFinal); -LCRYPTO_USED(EVP_DigestSign); -LCRYPTO_USED(EVP_DigestVerifyInit); -LCRYPTO_USED(EVP_DigestVerifyFinal); -LCRYPTO_USED(EVP_DigestVerify); -LCRYPTO_USED(EVP_OpenInit); -LCRYPTO_USED(EVP_OpenFinal); -LCRYPTO_USED(EVP_SealInit); -LCRYPTO_USED(EVP_SealFinal); -LCRYPTO_USED(EVP_ENCODE_CTX_new); -LCRYPTO_USED(EVP_ENCODE_CTX_free); -LCRYPTO_USED(EVP_EncodeInit); -LCRYPTO_USED(EVP_EncodeUpdate); -LCRYPTO_USED(EVP_EncodeFinal); -LCRYPTO_USED(EVP_EncodeBlock); -LCRYPTO_USED(EVP_DecodeInit); -LCRYPTO_USED(EVP_DecodeUpdate); -LCRYPTO_USED(EVP_DecodeFinal); -LCRYPTO_USED(EVP_DecodeBlock); -LCRYPTO_USED(EVP_CIPHER_CTX_cleanup); -LCRYPTO_USED(EVP_CIPHER_CTX_new); -LCRYPTO_USED(EVP_CIPHER_CTX_free); -LCRYPTO_USED(EVP_CIPHER_CTX_reset); -LCRYPTO_USED(EVP_CIPHER_CTX_set_key_length); -LCRYPTO_USED(EVP_CIPHER_CTX_set_padding); -LCRYPTO_USED(EVP_CIPHER_CTX_ctrl); -LCRYPTO_USED(EVP_CIPHER_CTX_rand_key); -LCRYPTO_USED(BIO_f_md); -LCRYPTO_USED(BIO_f_base64); -LCRYPTO_USED(BIO_f_cipher); -LCRYPTO_USED(BIO_set_cipher); -LCRYPTO_USED(EVP_md_null); -LCRYPTO_USED(EVP_md4); -LCRYPTO_USED(EVP_md5); -LCRYPTO_USED(EVP_md5_sha1); -LCRYPTO_USED(EVP_sha1); -LCRYPTO_USED(EVP_sha224); -LCRYPTO_USED(EVP_sha256); -LCRYPTO_USED(EVP_sha384); -LCRYPTO_USED(EVP_sha512); -LCRYPTO_USED(EVP_sha512_224); -LCRYPTO_USED(EVP_sha512_256); -LCRYPTO_USED(EVP_sha3_224); -LCRYPTO_USED(EVP_sha3_256); -LCRYPTO_USED(EVP_sha3_384); -LCRYPTO_USED(EVP_sha3_512); -LCRYPTO_USED(EVP_sm3); -LCRYPTO_USED(EVP_ripemd160); -LCRYPTO_USED(EVP_enc_null); -LCRYPTO_USED(EVP_des_ecb); -LCRYPTO_USED(EVP_des_ede); -LCRYPTO_USED(EVP_des_ede3); -LCRYPTO_USED(EVP_des_ede_ecb); -LCRYPTO_USED(EVP_des_ede3_ecb); -LCRYPTO_USED(EVP_des_cfb64); -LCRYPTO_USED(EVP_des_cfb1); -LCRYPTO_USED(EVP_des_cfb8); -LCRYPTO_USED(EVP_des_ede_cfb64); -LCRYPTO_USED(EVP_des_ede3_cfb64); -LCRYPTO_USED(EVP_des_ede3_cfb1); -LCRYPTO_USED(EVP_des_ede3_cfb8); -LCRYPTO_USED(EVP_des_ofb); -LCRYPTO_USED(EVP_des_ede_ofb); -LCRYPTO_USED(EVP_des_ede3_ofb); -LCRYPTO_USED(EVP_des_cbc); -LCRYPTO_USED(EVP_des_ede_cbc); -LCRYPTO_USED(EVP_des_ede3_cbc); -LCRYPTO_USED(EVP_desx_cbc); -LCRYPTO_USED(EVP_rc4); -LCRYPTO_USED(EVP_rc4_40); -LCRYPTO_USED(EVP_idea_ecb); -LCRYPTO_USED(EVP_idea_cfb64); -LCRYPTO_USED(EVP_idea_ofb); -LCRYPTO_USED(EVP_idea_cbc); -LCRYPTO_USED(EVP_rc2_ecb); -LCRYPTO_USED(EVP_rc2_cbc); -LCRYPTO_USED(EVP_rc2_40_cbc); -LCRYPTO_USED(EVP_rc2_64_cbc); -LCRYPTO_USED(EVP_rc2_cfb64); -LCRYPTO_USED(EVP_rc2_ofb); -LCRYPTO_USED(EVP_bf_ecb); -LCRYPTO_USED(EVP_bf_cbc); -LCRYPTO_USED(EVP_bf_cfb64); -LCRYPTO_USED(EVP_bf_ofb); -LCRYPTO_USED(EVP_cast5_ecb); -LCRYPTO_USED(EVP_cast5_cbc); -LCRYPTO_USED(EVP_cast5_cfb64); -LCRYPTO_USED(EVP_cast5_ofb); -LCRYPTO_USED(EVP_aes_128_ecb); -LCRYPTO_USED(EVP_aes_128_cbc); -LCRYPTO_USED(EVP_aes_128_cfb1); -LCRYPTO_USED(EVP_aes_128_cfb8); -LCRYPTO_USED(EVP_aes_128_cfb128); -LCRYPTO_USED(EVP_aes_128_ofb); -LCRYPTO_USED(EVP_aes_128_ctr); -LCRYPTO_USED(EVP_aes_128_ccm); -LCRYPTO_USED(EVP_aes_128_gcm); -LCRYPTO_USED(EVP_aes_128_wrap); -LCRYPTO_USED(EVP_aes_128_xts); -LCRYPTO_USED(EVP_aes_192_ecb); -LCRYPTO_USED(EVP_aes_192_cbc); -LCRYPTO_USED(EVP_aes_192_cfb1); -LCRYPTO_USED(EVP_aes_192_cfb8); -LCRYPTO_USED(EVP_aes_192_cfb128); -LCRYPTO_USED(EVP_aes_192_ofb); -LCRYPTO_USED(EVP_aes_192_ctr); -LCRYPTO_USED(EVP_aes_192_ccm); -LCRYPTO_USED(EVP_aes_192_gcm); -LCRYPTO_USED(EVP_aes_192_wrap); -LCRYPTO_USED(EVP_aes_256_ecb); -LCRYPTO_USED(EVP_aes_256_cbc); -LCRYPTO_USED(EVP_aes_256_cfb1); -LCRYPTO_USED(EVP_aes_256_cfb8); -LCRYPTO_USED(EVP_aes_256_cfb128); -LCRYPTO_USED(EVP_aes_256_ofb); -LCRYPTO_USED(EVP_aes_256_ctr); -LCRYPTO_USED(EVP_aes_256_ccm); -LCRYPTO_USED(EVP_aes_256_gcm); -LCRYPTO_USED(EVP_aes_256_wrap); -LCRYPTO_USED(EVP_aes_256_xts); -LCRYPTO_USED(EVP_chacha20_poly1305); -LCRYPTO_USED(EVP_camellia_128_ecb); -LCRYPTO_USED(EVP_camellia_128_cbc); -LCRYPTO_USED(EVP_camellia_128_cfb1); -LCRYPTO_USED(EVP_camellia_128_cfb8); -LCRYPTO_USED(EVP_camellia_128_cfb128); -LCRYPTO_USED(EVP_camellia_128_ofb); -LCRYPTO_USED(EVP_camellia_192_ecb); -LCRYPTO_USED(EVP_camellia_192_cbc); -LCRYPTO_USED(EVP_camellia_192_cfb1); -LCRYPTO_USED(EVP_camellia_192_cfb8); -LCRYPTO_USED(EVP_camellia_192_cfb128); -LCRYPTO_USED(EVP_camellia_192_ofb); -LCRYPTO_USED(EVP_camellia_256_ecb); -LCRYPTO_USED(EVP_camellia_256_cbc); -LCRYPTO_USED(EVP_camellia_256_cfb1); -LCRYPTO_USED(EVP_camellia_256_cfb8); -LCRYPTO_USED(EVP_camellia_256_cfb128); -LCRYPTO_USED(EVP_camellia_256_ofb); -LCRYPTO_USED(EVP_chacha20); -LCRYPTO_USED(EVP_sm4_ecb); -LCRYPTO_USED(EVP_sm4_cbc); -LCRYPTO_USED(EVP_sm4_cfb128); -LCRYPTO_USED(EVP_sm4_ofb); -LCRYPTO_USED(EVP_sm4_ctr); -LCRYPTO_USED(OPENSSL_add_all_algorithms_noconf); -LCRYPTO_USED(OPENSSL_add_all_algorithms_conf); -LCRYPTO_USED(OpenSSL_add_all_ciphers); -LCRYPTO_USED(OpenSSL_add_all_digests); -LCRYPTO_USED(EVP_get_cipherbyname); -LCRYPTO_USED(EVP_get_digestbyname); -LCRYPTO_USED(EVP_cleanup); -LCRYPTO_USED(EVP_CIPHER_do_all); -LCRYPTO_USED(EVP_CIPHER_do_all_sorted); -LCRYPTO_USED(EVP_MD_do_all); -LCRYPTO_USED(EVP_MD_do_all_sorted); -LCRYPTO_USED(EVP_PKEY_decrypt_old); -LCRYPTO_USED(EVP_PKEY_encrypt_old); -LCRYPTO_USED(EVP_PKEY_type); -LCRYPTO_USED(EVP_PKEY_id); -LCRYPTO_USED(EVP_PKEY_base_id); -LCRYPTO_USED(EVP_PKEY_bits); -LCRYPTO_USED(EVP_PKEY_security_bits); -LCRYPTO_USED(EVP_PKEY_size); -LCRYPTO_USED(EVP_PKEY_set_type); -LCRYPTO_USED(EVP_PKEY_set_type_str); -LCRYPTO_USED(EVP_PKEY_assign); -LCRYPTO_USED(EVP_PKEY_get0); -LCRYPTO_USED(EVP_PKEY_get0_hmac); -LCRYPTO_USED(EVP_PKEY_get0_RSA); -LCRYPTO_USED(EVP_PKEY_get1_RSA); -LCRYPTO_USED(EVP_PKEY_set1_RSA); -LCRYPTO_USED(EVP_PKEY_get0_DSA); -LCRYPTO_USED(EVP_PKEY_get1_DSA); -LCRYPTO_USED(EVP_PKEY_set1_DSA); -LCRYPTO_USED(EVP_PKEY_get0_DH); -LCRYPTO_USED(EVP_PKEY_get1_DH); -LCRYPTO_USED(EVP_PKEY_set1_DH); -LCRYPTO_USED(EVP_PKEY_get0_EC_KEY); -LCRYPTO_USED(EVP_PKEY_get1_EC_KEY); -LCRYPTO_USED(EVP_PKEY_set1_EC_KEY); -LCRYPTO_USED(EVP_PKEY_new); -LCRYPTO_USED(EVP_PKEY_free); -LCRYPTO_USED(EVP_PKEY_up_ref); -LCRYPTO_USED(d2i_PublicKey); -LCRYPTO_USED(i2d_PublicKey); -LCRYPTO_USED(d2i_PrivateKey); -LCRYPTO_USED(d2i_AutoPrivateKey); -LCRYPTO_USED(i2d_PrivateKey); -LCRYPTO_USED(EVP_PKEY_copy_parameters); -LCRYPTO_USED(EVP_PKEY_missing_parameters); -LCRYPTO_USED(EVP_PKEY_save_parameters); -LCRYPTO_USED(EVP_PKEY_cmp_parameters); -LCRYPTO_USED(EVP_PKEY_cmp); -LCRYPTO_USED(EVP_PKEY_print_public); -LCRYPTO_USED(EVP_PKEY_print_private); -LCRYPTO_USED(EVP_PKEY_print_params); -LCRYPTO_USED(EVP_PKEY_get_default_digest_nid); -LCRYPTO_USED(EVP_CIPHER_type); -LCRYPTO_USED(PKCS5_PBKDF2_HMAC_SHA1); -LCRYPTO_USED(PKCS5_PBKDF2_HMAC); -LCRYPTO_USED(EVP_PKEY_asn1_get_count); -LCRYPTO_USED(EVP_PKEY_asn1_get0); -LCRYPTO_USED(EVP_PKEY_asn1_find); -LCRYPTO_USED(EVP_PKEY_asn1_find_str); -LCRYPTO_USED(EVP_PKEY_asn1_get0_info); -LCRYPTO_USED(EVP_PKEY_get0_asn1); -LCRYPTO_USED(EVP_PKEY_CTX_new); -LCRYPTO_USED(EVP_PKEY_CTX_new_id); -LCRYPTO_USED(EVP_PKEY_CTX_dup); -LCRYPTO_USED(EVP_PKEY_CTX_free); -LCRYPTO_USED(EVP_PKEY_CTX_ctrl); -LCRYPTO_USED(EVP_PKEY_CTX_ctrl_str); -LCRYPTO_USED(EVP_PKEY_CTX_get_operation); -LCRYPTO_USED(EVP_PKEY_CTX_set0_keygen_info); -LCRYPTO_USED(EVP_PKEY_new_mac_key); -LCRYPTO_USED(EVP_PKEY_new_CMAC_key); -LCRYPTO_USED(EVP_PKEY_CTX_set_data); -LCRYPTO_USED(EVP_PKEY_CTX_get_data); -LCRYPTO_USED(EVP_PKEY_CTX_get0_pkey); -LCRYPTO_USED(EVP_PKEY_CTX_get0_peerkey); -LCRYPTO_USED(EVP_PKEY_CTX_set_app_data); -LCRYPTO_USED(EVP_PKEY_CTX_get_app_data); -LCRYPTO_USED(EVP_PKEY_sign_init); -LCRYPTO_USED(EVP_PKEY_sign); -LCRYPTO_USED(EVP_PKEY_verify_init); -LCRYPTO_USED(EVP_PKEY_verify); -LCRYPTO_USED(EVP_PKEY_verify_recover_init); -LCRYPTO_USED(EVP_PKEY_verify_recover); -LCRYPTO_USED(EVP_PKEY_encrypt_init); -LCRYPTO_USED(EVP_PKEY_encrypt); -LCRYPTO_USED(EVP_PKEY_decrypt_init); -LCRYPTO_USED(EVP_PKEY_decrypt); -LCRYPTO_USED(EVP_PKEY_derive_init); -LCRYPTO_USED(EVP_PKEY_derive_set_peer); -LCRYPTO_USED(EVP_PKEY_derive); -LCRYPTO_USED(EVP_PKEY_paramgen_init); -LCRYPTO_USED(EVP_PKEY_paramgen); -LCRYPTO_USED(EVP_PKEY_keygen_init); -LCRYPTO_USED(EVP_PKEY_keygen); -LCRYPTO_USED(EVP_PKEY_CTX_set_cb); -LCRYPTO_USED(EVP_PKEY_CTX_get_cb); -LCRYPTO_USED(EVP_PKEY_CTX_get_keygen_info); -LCRYPTO_USED(EVP_aead_aes_128_gcm); -LCRYPTO_USED(EVP_aead_aes_256_gcm); -LCRYPTO_USED(EVP_aead_chacha20_poly1305); -LCRYPTO_USED(EVP_aead_xchacha20_poly1305); -LCRYPTO_USED(EVP_AEAD_key_length); -LCRYPTO_USED(EVP_AEAD_nonce_length); -LCRYPTO_USED(EVP_AEAD_max_overhead); -LCRYPTO_USED(EVP_AEAD_max_tag_len); -LCRYPTO_USED(EVP_AEAD_CTX_new); -LCRYPTO_USED(EVP_AEAD_CTX_free); -LCRYPTO_USED(EVP_AEAD_CTX_init); -LCRYPTO_USED(EVP_AEAD_CTX_cleanup); -LCRYPTO_USED(EVP_AEAD_CTX_seal); -LCRYPTO_USED(EVP_AEAD_CTX_open); -LCRYPTO_USED(ERR_load_EVP_strings); -LCRYPTO_UNUSED(EVP_MD_CTX_init); -LCRYPTO_UNUSED(EVP_EncryptFinal); -LCRYPTO_UNUSED(EVP_DecryptFinal); -LCRYPTO_UNUSED(EVP_CipherFinal); -LCRYPTO_UNUSED(EVP_CIPHER_CTX_init); - -#endif /* _LIBCRYPTO_EVP_H */ diff --git a/src/lib/libcrypto/hidden/openssl/hkdf.h b/src/lib/libcrypto/hidden/openssl/hkdf.h deleted file mode 100644 index 0c01cf3e6b..0000000000 --- a/src/lib/libcrypto/hidden/openssl/hkdf.h +++ /dev/null @@ -1,32 +0,0 @@ -/* $OpenBSD: hkdf.h,v 1.2 2023/07/07 19:37:54 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_HKDF_H -#define _LIBCRYPTO_HKDF_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/hkdf.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(HKDF); -LCRYPTO_USED(HKDF_extract); -LCRYPTO_USED(HKDF_expand); - -#endif /* _LIBCRYPTO_HKDF_H */ diff --git a/src/lib/libcrypto/hidden/openssl/hmac.h b/src/lib/libcrypto/hidden/openssl/hmac.h deleted file mode 100644 index ef8d2187bb..0000000000 --- a/src/lib/libcrypto/hidden/openssl/hmac.h +++ /dev/null @@ -1,39 +0,0 @@ -/* $OpenBSD: hmac.h,v 1.3 2024/08/31 10:42:21 tb Exp $ */ -/* - * Copyright (c) 2016 Philip Guenther - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_HMAC_H_ -#define _LIBCRYPTO_HMAC_H_ - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/hmac.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(HMAC_CTX_new); -LCRYPTO_USED(HMAC_CTX_free); -LCRYPTO_UNUSED(HMAC_CTX_reset); -LCRYPTO_USED(HMAC_Init_ex); -LCRYPTO_USED(HMAC_Update); -LCRYPTO_USED(HMAC_Final); -LCRYPTO_USED(HMAC); -LCRYPTO_USED(HMAC_CTX_copy); -LCRYPTO_USED(HMAC_CTX_set_flags); -LCRYPTO_USED(HMAC_CTX_get_md); - -#endif /* _LIBCRYPTO_HMAC_H_ */ diff --git a/src/lib/libcrypto/hidden/openssl/idea.h b/src/lib/libcrypto/hidden/openssl/idea.h deleted file mode 100644 index 93b20a9cc6..0000000000 --- a/src/lib/libcrypto/hidden/openssl/idea.h +++ /dev/null @@ -1,36 +0,0 @@ -/* $OpenBSD: idea.h,v 1.2 2023/07/29 03:13:38 tb Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_IDEA_H -#define _LIBCRYPTO_IDEA_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/idea.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(idea_ecb_encrypt); -LCRYPTO_USED(idea_set_encrypt_key); -LCRYPTO_USED(idea_set_decrypt_key); -LCRYPTO_USED(idea_cbc_encrypt); -LCRYPTO_USED(idea_cfb64_encrypt); -LCRYPTO_USED(idea_ofb64_encrypt); -LCRYPTO_USED(idea_encrypt); - -#endif /* _LIBCRYPTO_IDEA_H */ diff --git a/src/lib/libcrypto/hidden/openssl/lhash.h b/src/lib/libcrypto/hidden/openssl/lhash.h deleted file mode 100644 index 2cf5b2dc5a..0000000000 --- a/src/lib/libcrypto/hidden/openssl/lhash.h +++ /dev/null @@ -1,39 +0,0 @@ -/* $OpenBSD: lhash.h,v 1.4 2024/03/02 11:11:11 tb Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_LHASH_H -#define _LIBCRYPTO_LHASH_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/lhash.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(lh_new); -LCRYPTO_USED(lh_free); -LCRYPTO_USED(lh_error); -LCRYPTO_USED(lh_insert); -LCRYPTO_USED(lh_delete); -LCRYPTO_USED(lh_retrieve); -LCRYPTO_USED(lh_doall); -LCRYPTO_USED(lh_doall_arg); -LCRYPTO_USED(lh_strhash); -LCRYPTO_USED(lh_num_items); - -#endif /* _LIBCRYPTO_LHASH_H */ diff --git a/src/lib/libcrypto/hidden/openssl/md4.h b/src/lib/libcrypto/hidden/openssl/md4.h deleted file mode 100644 index c5fc22c47e..0000000000 --- a/src/lib/libcrypto/hidden/openssl/md4.h +++ /dev/null @@ -1,34 +0,0 @@ -/* $OpenBSD: md4.h,v 1.1 2023/07/08 10:45:57 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_MD4_H -#define _LIBCRYPTO_MD4_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/md4.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(MD4_Init); -LCRYPTO_USED(MD4_Update); -LCRYPTO_USED(MD4_Final); -LCRYPTO_USED(MD4); -LCRYPTO_USED(MD4_Transform); - -#endif /* _LIBCRYPTO_MD4_H */ diff --git a/src/lib/libcrypto/hidden/openssl/md5.h b/src/lib/libcrypto/hidden/openssl/md5.h deleted file mode 100644 index 3dfade7f7c..0000000000 --- a/src/lib/libcrypto/hidden/openssl/md5.h +++ /dev/null @@ -1,34 +0,0 @@ -/* $OpenBSD: md5.h,v 1.1 2023/07/08 10:45:57 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_MD5_H -#define _LIBCRYPTO_MD5_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/md5.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(MD5_Init); -LCRYPTO_USED(MD5_Update); -LCRYPTO_USED(MD5_Final); -LCRYPTO_USED(MD5); -LCRYPTO_USED(MD5_Transform); - -#endif /* _LIBCRYPTO_MD5_H */ diff --git a/src/lib/libcrypto/hidden/openssl/mlkem.h b/src/lib/libcrypto/hidden/openssl/mlkem.h deleted file mode 100644 index 8cd80eb3af..0000000000 --- a/src/lib/libcrypto/hidden/openssl/mlkem.h +++ /dev/null @@ -1,49 +0,0 @@ -/* $OpenBSD: mlkem.h,v 1.4 2024/12/20 15:10:31 tb Exp $ */ -/* - * Copyright (c) 2024 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_MLKEM_H -#define _LIBCRYPTO_MLKEM_H - -/* Undo when making public */ -#ifdef LIBRESSL_HAS_MLKEM - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/mlkem.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(MLKEM768_generate_key); -LCRYPTO_USED(MLKEM768_public_from_private); -LCRYPTO_USED(MLKEM768_encap); -LCRYPTO_USED(MLKEM768_decap); -LCRYPTO_USED(MLKEM768_marshal_public_key); -LCRYPTO_USED(MLKEM768_parse_public_key); -LCRYPTO_USED(MLKEM768_private_key_from_seed); -LCRYPTO_USED(MLKEM768_parse_private_key); -LCRYPTO_USED(MLKEM1024_generate_key); -LCRYPTO_USED(MLKEM1024_public_from_private); -LCRYPTO_USED(MLKEM1024_encap); -LCRYPTO_USED(MLKEM1024_decap); -LCRYPTO_USED(MLKEM1024_marshal_public_key); -LCRYPTO_USED(MLKEM1024_parse_public_key); -LCRYPTO_USED(MLKEM1024_private_key_from_seed); -LCRYPTO_USED(MLKEM1024_parse_private_key); -#endif /* LIBRESSL_HAS_MLKEM */ - -#endif /* _LIBCRYPTO_MLKEM_H */ diff --git a/src/lib/libcrypto/hidden/openssl/modes.h b/src/lib/libcrypto/hidden/openssl/modes.h deleted file mode 100644 index 4162861beb..0000000000 --- a/src/lib/libcrypto/hidden/openssl/modes.h +++ /dev/null @@ -1,57 +0,0 @@ -/* $OpenBSD: modes.h,v 1.1 2023/07/08 14:56:54 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_MODES_H -#define _LIBCRYPTO_MODES_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/modes.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(CRYPTO_cbc128_encrypt); -LCRYPTO_USED(CRYPTO_cbc128_decrypt); -LCRYPTO_USED(CRYPTO_ctr128_encrypt); -LCRYPTO_USED(CRYPTO_ctr128_encrypt_ctr32); -LCRYPTO_USED(CRYPTO_ofb128_encrypt); -LCRYPTO_USED(CRYPTO_cfb128_encrypt); -LCRYPTO_USED(CRYPTO_cfb128_8_encrypt); -LCRYPTO_USED(CRYPTO_cfb128_1_encrypt); -LCRYPTO_USED(CRYPTO_gcm128_new); -LCRYPTO_USED(CRYPTO_gcm128_init); -LCRYPTO_USED(CRYPTO_gcm128_setiv); -LCRYPTO_USED(CRYPTO_gcm128_aad); -LCRYPTO_USED(CRYPTO_gcm128_encrypt); -LCRYPTO_USED(CRYPTO_gcm128_decrypt); -LCRYPTO_USED(CRYPTO_gcm128_encrypt_ctr32); -LCRYPTO_USED(CRYPTO_gcm128_decrypt_ctr32); -LCRYPTO_USED(CRYPTO_gcm128_finish); -LCRYPTO_USED(CRYPTO_gcm128_tag); -LCRYPTO_USED(CRYPTO_gcm128_release); -LCRYPTO_USED(CRYPTO_ccm128_init); -LCRYPTO_USED(CRYPTO_ccm128_setiv); -LCRYPTO_USED(CRYPTO_ccm128_aad); -LCRYPTO_USED(CRYPTO_ccm128_encrypt); -LCRYPTO_USED(CRYPTO_ccm128_decrypt); -LCRYPTO_USED(CRYPTO_ccm128_encrypt_ccm64); -LCRYPTO_USED(CRYPTO_ccm128_decrypt_ccm64); -LCRYPTO_USED(CRYPTO_ccm128_tag); -LCRYPTO_USED(CRYPTO_xts128_encrypt); - -#endif /* _LIBCRYPTO_MODES_H */ diff --git a/src/lib/libcrypto/hidden/openssl/objects.h b/src/lib/libcrypto/hidden/openssl/objects.h deleted file mode 100644 index c2db51a6c9..0000000000 --- a/src/lib/libcrypto/hidden/openssl/objects.h +++ /dev/null @@ -1,51 +0,0 @@ -/* $OpenBSD: objects.h,v 1.5 2024/03/02 09:49:45 tb Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_OBJECTS_H -#define _LIBCRYPTO_OBJECTS_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/objects.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(OBJ_NAME_do_all); -LCRYPTO_USED(OBJ_NAME_do_all_sorted); -LCRYPTO_USED(OBJ_dup); -LCRYPTO_USED(OBJ_nid2obj); -LCRYPTO_USED(OBJ_nid2ln); -LCRYPTO_USED(OBJ_nid2sn); -LCRYPTO_USED(OBJ_obj2nid); -LCRYPTO_USED(OBJ_txt2obj); -LCRYPTO_USED(OBJ_obj2txt); -LCRYPTO_USED(OBJ_txt2nid); -LCRYPTO_USED(OBJ_ln2nid); -LCRYPTO_USED(OBJ_sn2nid); -LCRYPTO_USED(OBJ_cmp); -LCRYPTO_USED(OBJ_new_nid); -LCRYPTO_USED(OBJ_create); -LCRYPTO_USED(OBJ_cleanup); -LCRYPTO_USED(OBJ_create_objects); -LCRYPTO_USED(OBJ_length); -LCRYPTO_USED(OBJ_get0_data); -LCRYPTO_USED(OBJ_find_sigid_algs); -LCRYPTO_USED(OBJ_find_sigid_by_algs); -LCRYPTO_USED(ERR_load_OBJ_strings); - -#endif /* _LIBCRYPTO_OBJECTS_H */ diff --git a/src/lib/libcrypto/hidden/openssl/ocsp.h b/src/lib/libcrypto/hidden/openssl/ocsp.h deleted file mode 100644 index fa19c28612..0000000000 --- a/src/lib/libcrypto/hidden/openssl/ocsp.h +++ /dev/null @@ -1,208 +0,0 @@ -/* $OpenBSD: ocsp.h,v 1.3 2024/07/08 17:01:54 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_OCSP_H -#define _LIBCRYPTO_OCSP_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/ocsp.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(OCSP_RESPID_new); -LCRYPTO_USED(OCSP_RESPID_free); -LCRYPTO_USED(d2i_OCSP_RESPID); -LCRYPTO_USED(i2d_OCSP_RESPID); -LCRYPTO_USED(OCSP_CERTID_dup); -LCRYPTO_USED(OCSP_sendreq_bio); -LCRYPTO_USED(OCSP_sendreq_new); -LCRYPTO_USED(OCSP_sendreq_nbio); -LCRYPTO_USED(OCSP_REQ_CTX_free); -LCRYPTO_USED(OCSP_REQ_CTX_set1_req); -LCRYPTO_USED(OCSP_REQ_CTX_add1_header); -LCRYPTO_USED(OCSP_cert_to_id); -LCRYPTO_USED(OCSP_cert_id_new); -LCRYPTO_USED(OCSP_request_add0_id); -LCRYPTO_USED(OCSP_request_add1_nonce); -LCRYPTO_USED(OCSP_basic_add1_nonce); -LCRYPTO_USED(OCSP_check_nonce); -LCRYPTO_USED(OCSP_copy_nonce); -LCRYPTO_USED(OCSP_request_set1_name); -LCRYPTO_USED(OCSP_request_add1_cert); -LCRYPTO_USED(OCSP_request_sign); -LCRYPTO_USED(OCSP_response_status); -LCRYPTO_USED(OCSP_response_get1_basic); -LCRYPTO_USED(OCSP_resp_get0_signature); -LCRYPTO_USED(OCSP_resp_get0_tbs_sigalg); -LCRYPTO_USED(OCSP_resp_get0_respdata); -LCRYPTO_USED(OCSP_resp_get0_signer); -LCRYPTO_USED(OCSP_resp_count); -LCRYPTO_USED(OCSP_resp_get0); -LCRYPTO_USED(OCSP_resp_get0_produced_at); -LCRYPTO_USED(OCSP_resp_get0_certs); -LCRYPTO_USED(OCSP_resp_get0_id); -LCRYPTO_USED(OCSP_resp_find); -LCRYPTO_USED(OCSP_single_get0_status); -LCRYPTO_USED(OCSP_resp_find_status); -LCRYPTO_USED(OCSP_check_validity); -LCRYPTO_USED(OCSP_request_verify); -LCRYPTO_USED(OCSP_parse_url); -LCRYPTO_USED(OCSP_id_issuer_cmp); -LCRYPTO_USED(OCSP_id_cmp); -LCRYPTO_USED(OCSP_request_onereq_count); -LCRYPTO_USED(OCSP_request_onereq_get0); -LCRYPTO_USED(OCSP_onereq_get0_id); -LCRYPTO_USED(OCSP_id_get0_info); -LCRYPTO_USED(OCSP_request_is_signed); -LCRYPTO_USED(OCSP_response_create); -LCRYPTO_USED(OCSP_basic_add1_status); -LCRYPTO_USED(OCSP_basic_add1_cert); -LCRYPTO_USED(OCSP_basic_sign); -LCRYPTO_USED(OCSP_crlID_new); -LCRYPTO_USED(OCSP_accept_responses_new); -LCRYPTO_USED(OCSP_archive_cutoff_new); -LCRYPTO_USED(OCSP_url_svcloc_new); -LCRYPTO_USED(OCSP_REQUEST_get_ext_count); -LCRYPTO_USED(OCSP_REQUEST_get_ext_by_NID); -LCRYPTO_USED(OCSP_REQUEST_get_ext_by_OBJ); -LCRYPTO_USED(OCSP_REQUEST_get_ext_by_critical); -LCRYPTO_USED(OCSP_REQUEST_get_ext); -LCRYPTO_USED(OCSP_REQUEST_delete_ext); -LCRYPTO_USED(OCSP_REQUEST_get1_ext_d2i); -LCRYPTO_USED(OCSP_REQUEST_add1_ext_i2d); -LCRYPTO_USED(OCSP_REQUEST_add_ext); -LCRYPTO_USED(OCSP_ONEREQ_get_ext_count); -LCRYPTO_USED(OCSP_ONEREQ_get_ext_by_NID); -LCRYPTO_USED(OCSP_ONEREQ_get_ext_by_OBJ); -LCRYPTO_USED(OCSP_ONEREQ_get_ext_by_critical); -LCRYPTO_USED(OCSP_ONEREQ_get_ext); -LCRYPTO_USED(OCSP_ONEREQ_delete_ext); -LCRYPTO_USED(OCSP_ONEREQ_get1_ext_d2i); -LCRYPTO_USED(OCSP_ONEREQ_add1_ext_i2d); -LCRYPTO_USED(OCSP_ONEREQ_add_ext); -LCRYPTO_USED(OCSP_BASICRESP_get_ext_count); -LCRYPTO_USED(OCSP_BASICRESP_get_ext_by_NID); -LCRYPTO_USED(OCSP_BASICRESP_get_ext_by_OBJ); -LCRYPTO_USED(OCSP_BASICRESP_get_ext_by_critical); -LCRYPTO_USED(OCSP_BASICRESP_get_ext); -LCRYPTO_USED(OCSP_BASICRESP_delete_ext); -LCRYPTO_USED(OCSP_BASICRESP_get1_ext_d2i); -LCRYPTO_USED(OCSP_BASICRESP_add1_ext_i2d); -LCRYPTO_USED(OCSP_BASICRESP_add_ext); -LCRYPTO_USED(OCSP_SINGLERESP_get_ext_count); -LCRYPTO_USED(OCSP_SINGLERESP_get_ext_by_NID); -LCRYPTO_USED(OCSP_SINGLERESP_get_ext_by_OBJ); -LCRYPTO_USED(OCSP_SINGLERESP_get_ext_by_critical); -LCRYPTO_USED(OCSP_SINGLERESP_get_ext); -LCRYPTO_USED(OCSP_SINGLERESP_delete_ext); -LCRYPTO_USED(OCSP_SINGLERESP_get1_ext_d2i); -LCRYPTO_USED(OCSP_SINGLERESP_add1_ext_i2d); -LCRYPTO_USED(OCSP_SINGLERESP_add_ext); -LCRYPTO_USED(OCSP_SINGLERESP_get0_id); -LCRYPTO_USED(OCSP_SINGLERESP_new); -LCRYPTO_USED(OCSP_SINGLERESP_free); -LCRYPTO_USED(d2i_OCSP_SINGLERESP); -LCRYPTO_USED(i2d_OCSP_SINGLERESP); -LCRYPTO_USED(OCSP_CERTSTATUS_new); -LCRYPTO_USED(OCSP_CERTSTATUS_free); -LCRYPTO_USED(d2i_OCSP_CERTSTATUS); -LCRYPTO_USED(i2d_OCSP_CERTSTATUS); -LCRYPTO_USED(OCSP_REVOKEDINFO_new); -LCRYPTO_USED(OCSP_REVOKEDINFO_free); -LCRYPTO_USED(d2i_OCSP_REVOKEDINFO); -LCRYPTO_USED(i2d_OCSP_REVOKEDINFO); -LCRYPTO_USED(OCSP_BASICRESP_new); -LCRYPTO_USED(OCSP_BASICRESP_free); -LCRYPTO_USED(d2i_OCSP_BASICRESP); -LCRYPTO_USED(i2d_OCSP_BASICRESP); -LCRYPTO_USED(OCSP_RESPDATA_new); -LCRYPTO_USED(OCSP_RESPDATA_free); -LCRYPTO_USED(d2i_OCSP_RESPDATA); -LCRYPTO_USED(i2d_OCSP_RESPDATA); -LCRYPTO_USED(OCSP_RESPID_new); -LCRYPTO_USED(OCSP_RESPID_free); -LCRYPTO_USED(d2i_OCSP_RESPID); -LCRYPTO_USED(i2d_OCSP_RESPID); -LCRYPTO_USED(OCSP_RESPONSE_new); -LCRYPTO_USED(OCSP_RESPONSE_free); -LCRYPTO_USED(d2i_OCSP_RESPONSE); -LCRYPTO_USED(i2d_OCSP_RESPONSE); -LCRYPTO_USED(d2i_OCSP_RESPONSE_bio); -LCRYPTO_USED(i2d_OCSP_RESPONSE_bio); -LCRYPTO_USED(OCSP_RESPBYTES_new); -LCRYPTO_USED(OCSP_RESPBYTES_free); -LCRYPTO_USED(d2i_OCSP_RESPBYTES); -LCRYPTO_USED(i2d_OCSP_RESPBYTES); -LCRYPTO_USED(OCSP_ONEREQ_new); -LCRYPTO_USED(OCSP_ONEREQ_free); -LCRYPTO_USED(d2i_OCSP_ONEREQ); -LCRYPTO_USED(i2d_OCSP_ONEREQ); -LCRYPTO_USED(OCSP_CERTID_new); -LCRYPTO_USED(OCSP_CERTID_free); -LCRYPTO_USED(d2i_OCSP_CERTID); -LCRYPTO_USED(i2d_OCSP_CERTID); -LCRYPTO_USED(OCSP_REQUEST_new); -LCRYPTO_USED(OCSP_REQUEST_free); -LCRYPTO_USED(d2i_OCSP_REQUEST); -LCRYPTO_USED(i2d_OCSP_REQUEST); -LCRYPTO_USED(d2i_OCSP_REQUEST_bio); -LCRYPTO_USED(i2d_OCSP_REQUEST_bio); -LCRYPTO_USED(OCSP_SIGNATURE_new); -LCRYPTO_USED(OCSP_SIGNATURE_free); -LCRYPTO_USED(d2i_OCSP_SIGNATURE); -LCRYPTO_USED(i2d_OCSP_SIGNATURE); -LCRYPTO_USED(OCSP_REQINFO_new); -LCRYPTO_USED(OCSP_REQINFO_free); -LCRYPTO_USED(d2i_OCSP_REQINFO); -LCRYPTO_USED(i2d_OCSP_REQINFO); -LCRYPTO_USED(OCSP_CRLID_new); -LCRYPTO_USED(OCSP_CRLID_free); -LCRYPTO_USED(d2i_OCSP_CRLID); -LCRYPTO_USED(i2d_OCSP_CRLID); -LCRYPTO_USED(OCSP_SERVICELOC_new); -LCRYPTO_USED(OCSP_SERVICELOC_free); -LCRYPTO_USED(d2i_OCSP_SERVICELOC); -LCRYPTO_USED(i2d_OCSP_SERVICELOC); -LCRYPTO_USED(OCSP_response_status_str); -LCRYPTO_USED(OCSP_cert_status_str); -LCRYPTO_USED(OCSP_crl_reason_str); -LCRYPTO_USED(OCSP_REQUEST_print); -LCRYPTO_USED(OCSP_RESPONSE_print); -LCRYPTO_USED(OCSP_basic_verify); -LCRYPTO_USED(ERR_load_OCSP_strings); -#if defined(LIBRESSL_NAMESPACE) -extern LCRYPTO_USED(OCSP_RESPID_it); -extern LCRYPTO_USED(OCSP_SINGLERESP_it); -extern LCRYPTO_USED(OCSP_CERTSTATUS_it); -extern LCRYPTO_USED(OCSP_REVOKEDINFO_it); -extern LCRYPTO_USED(OCSP_BASICRESP_it); -extern LCRYPTO_USED(OCSP_RESPDATA_it); -extern LCRYPTO_USED(OCSP_RESPID_it); -extern LCRYPTO_USED(OCSP_RESPONSE_it); -extern LCRYPTO_USED(OCSP_RESPBYTES_it); -extern LCRYPTO_USED(OCSP_ONEREQ_it); -extern LCRYPTO_USED(OCSP_CERTID_it); -extern LCRYPTO_USED(OCSP_REQUEST_it); -extern LCRYPTO_USED(OCSP_SIGNATURE_it); -extern LCRYPTO_USED(OCSP_REQINFO_it); -extern LCRYPTO_USED(OCSP_CRLID_it); -extern LCRYPTO_USED(OCSP_SERVICELOC_it); -#endif - -#endif /* _LIBCRYPTO_OCSP_H */ diff --git a/src/lib/libcrypto/hidden/openssl/pem.h b/src/lib/libcrypto/hidden/openssl/pem.h deleted file mode 100644 index 5838f07f4d..0000000000 --- a/src/lib/libcrypto/hidden/openssl/pem.h +++ /dev/null @@ -1,149 +0,0 @@ -/* $OpenBSD: pem.h,v 1.2 2023/07/07 19:37:54 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_PEM_H -#define _LIBCRYPTO_PEM_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/pem.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(PEM_get_EVP_CIPHER_INFO); -LCRYPTO_USED(PEM_do_header); -LCRYPTO_USED(PEM_read_bio); -LCRYPTO_USED(PEM_write_bio); -LCRYPTO_USED(PEM_bytes_read_bio); -LCRYPTO_USED(PEM_ASN1_read_bio); -LCRYPTO_USED(PEM_ASN1_write_bio); -LCRYPTO_USED(PEM_X509_INFO_read_bio); -LCRYPTO_USED(PEM_X509_INFO_write_bio); -LCRYPTO_USED(PEM_read); -LCRYPTO_USED(PEM_write); -LCRYPTO_USED(PEM_ASN1_read); -LCRYPTO_USED(PEM_ASN1_write); -LCRYPTO_USED(PEM_X509_INFO_read); -LCRYPTO_USED(PEM_SignInit); -LCRYPTO_USED(PEM_SignUpdate); -LCRYPTO_USED(PEM_SignFinal); -LCRYPTO_USED(PEM_def_callback); -LCRYPTO_USED(PEM_proc_type); -LCRYPTO_USED(PEM_dek_info); -LCRYPTO_USED(PEM_read_X509); -LCRYPTO_USED(PEM_read_bio_X509); -LCRYPTO_USED(PEM_write_X509); -LCRYPTO_USED(PEM_write_bio_X509); -LCRYPTO_USED(PEM_read_X509_AUX); -LCRYPTO_USED(PEM_read_bio_X509_AUX); -LCRYPTO_USED(PEM_write_X509_AUX); -LCRYPTO_USED(PEM_write_bio_X509_AUX); -LCRYPTO_USED(PEM_read_X509_REQ); -LCRYPTO_USED(PEM_read_bio_X509_REQ); -LCRYPTO_USED(PEM_write_X509_REQ); -LCRYPTO_USED(PEM_write_bio_X509_REQ); -LCRYPTO_USED(PEM_write_X509_REQ_NEW); -LCRYPTO_USED(PEM_write_bio_X509_REQ_NEW); -LCRYPTO_USED(PEM_read_X509_CRL); -LCRYPTO_USED(PEM_read_bio_X509_CRL); -LCRYPTO_USED(PEM_write_X509_CRL); -LCRYPTO_USED(PEM_write_bio_X509_CRL); -LCRYPTO_USED(PEM_read_PKCS7); -LCRYPTO_USED(PEM_read_bio_PKCS7); -LCRYPTO_USED(PEM_write_PKCS7); -LCRYPTO_USED(PEM_write_bio_PKCS7); -LCRYPTO_USED(PEM_read_PKCS8); -LCRYPTO_USED(PEM_read_bio_PKCS8); -LCRYPTO_USED(PEM_write_PKCS8); -LCRYPTO_USED(PEM_write_bio_PKCS8); -LCRYPTO_USED(PEM_read_PKCS8_PRIV_KEY_INFO); -LCRYPTO_USED(PEM_read_bio_PKCS8_PRIV_KEY_INFO); -LCRYPTO_USED(PEM_write_PKCS8_PRIV_KEY_INFO); -LCRYPTO_USED(PEM_write_bio_PKCS8_PRIV_KEY_INFO); -LCRYPTO_USED(PEM_read_RSAPrivateKey); -LCRYPTO_USED(PEM_read_bio_RSAPrivateKey); -LCRYPTO_USED(PEM_write_RSAPrivateKey); -LCRYPTO_USED(PEM_write_bio_RSAPrivateKey); -LCRYPTO_USED(PEM_read_RSAPublicKey); -LCRYPTO_USED(PEM_read_bio_RSAPublicKey); -LCRYPTO_USED(PEM_write_RSAPublicKey); -LCRYPTO_USED(PEM_write_bio_RSAPublicKey); -LCRYPTO_USED(PEM_read_RSA_PUBKEY); -LCRYPTO_USED(PEM_read_bio_RSA_PUBKEY); -LCRYPTO_USED(PEM_write_RSA_PUBKEY); -LCRYPTO_USED(PEM_write_bio_RSA_PUBKEY); -LCRYPTO_USED(PEM_read_DSAPrivateKey); -LCRYPTO_USED(PEM_read_bio_DSAPrivateKey); -LCRYPTO_USED(PEM_write_DSAPrivateKey); -LCRYPTO_USED(PEM_write_bio_DSAPrivateKey); -LCRYPTO_USED(PEM_read_DSA_PUBKEY); -LCRYPTO_USED(PEM_read_bio_DSA_PUBKEY); -LCRYPTO_USED(PEM_write_DSA_PUBKEY); -LCRYPTO_USED(PEM_write_bio_DSA_PUBKEY); -LCRYPTO_USED(PEM_read_DSAparams); -LCRYPTO_USED(PEM_read_bio_DSAparams); -LCRYPTO_USED(PEM_write_DSAparams); -LCRYPTO_USED(PEM_write_bio_DSAparams); -LCRYPTO_USED(PEM_read_ECPKParameters); -LCRYPTO_USED(PEM_read_bio_ECPKParameters); -LCRYPTO_USED(PEM_write_ECPKParameters); -LCRYPTO_USED(PEM_write_bio_ECPKParameters); -LCRYPTO_USED(PEM_read_ECPrivateKey); -LCRYPTO_USED(PEM_read_bio_ECPrivateKey); -LCRYPTO_USED(PEM_write_ECPrivateKey); -LCRYPTO_USED(PEM_write_bio_ECPrivateKey); -LCRYPTO_USED(PEM_read_EC_PUBKEY); -LCRYPTO_USED(PEM_read_bio_EC_PUBKEY); -LCRYPTO_USED(PEM_write_EC_PUBKEY); -LCRYPTO_USED(PEM_write_bio_EC_PUBKEY); -LCRYPTO_USED(PEM_read_DHparams); -LCRYPTO_USED(PEM_read_bio_DHparams); -LCRYPTO_USED(PEM_write_DHparams); -LCRYPTO_USED(PEM_write_bio_DHparams); -LCRYPTO_USED(PEM_read_PrivateKey); -LCRYPTO_USED(PEM_read_bio_PrivateKey); -LCRYPTO_USED(PEM_write_PrivateKey); -LCRYPTO_USED(PEM_write_bio_PrivateKey); -LCRYPTO_USED(PEM_read_PUBKEY); -LCRYPTO_USED(PEM_read_bio_PUBKEY); -LCRYPTO_USED(PEM_write_PUBKEY); -LCRYPTO_USED(PEM_write_bio_PUBKEY); -LCRYPTO_USED(PEM_write_bio_PrivateKey_traditional); -LCRYPTO_USED(PEM_write_bio_PKCS8PrivateKey_nid); -LCRYPTO_USED(PEM_write_bio_PKCS8PrivateKey); -LCRYPTO_USED(i2d_PKCS8PrivateKey_bio); -LCRYPTO_USED(i2d_PKCS8PrivateKey_nid_bio); -LCRYPTO_USED(d2i_PKCS8PrivateKey_bio); -LCRYPTO_USED(i2d_PKCS8PrivateKey_fp); -LCRYPTO_USED(i2d_PKCS8PrivateKey_nid_fp); -LCRYPTO_USED(PEM_write_PKCS8PrivateKey_nid); -LCRYPTO_USED(d2i_PKCS8PrivateKey_fp); -LCRYPTO_USED(PEM_write_PKCS8PrivateKey); -LCRYPTO_USED(PEM_read_bio_Parameters); -LCRYPTO_USED(PEM_write_bio_Parameters); -LCRYPTO_USED(b2i_PrivateKey); -LCRYPTO_USED(b2i_PublicKey); -LCRYPTO_USED(b2i_PrivateKey_bio); -LCRYPTO_USED(b2i_PublicKey_bio); -LCRYPTO_USED(i2b_PrivateKey_bio); -LCRYPTO_USED(i2b_PublicKey_bio); -LCRYPTO_USED(b2i_PVK_bio); -LCRYPTO_USED(i2b_PVK_bio); -LCRYPTO_USED(ERR_load_PEM_strings); - -#endif /* _LIBCRYPTO_PEM_H */ diff --git a/src/lib/libcrypto/hidden/openssl/pkcs12.h b/src/lib/libcrypto/hidden/openssl/pkcs12.h deleted file mode 100644 index 7e5607ab77..0000000000 --- a/src/lib/libcrypto/hidden/openssl/pkcs12.h +++ /dev/null @@ -1,76 +0,0 @@ -/* $OpenBSD: pkcs12.h,v 1.5 2025/03/09 15:45:52 tb Exp $ */ -/* - * Copyright (c) 2022 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_PKCS12_H -#define _LIBCRYPTO_PKCS12_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/pkcs12.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(PKCS12_SAFEBAG_get0_attr); -LCRYPTO_USED(PKCS12_SAFEBAG_get0_attrs); -LCRYPTO_USED(PKCS12_SAFEBAG_get_nid); -LCRYPTO_USED(PKCS12_SAFEBAG_get_bag_nid); -LCRYPTO_USED(PKCS12_SAFEBAG_get1_cert); -LCRYPTO_USED(PKCS12_SAFEBAG_get1_crl); -LCRYPTO_USED(PKCS8_get_attr); -LCRYPTO_USED(PKCS12_mac_present); -LCRYPTO_USED(PKCS12_get0_mac); -LCRYPTO_USED(PKCS12_SAFEBAG_get0_p8inf); -LCRYPTO_USED(PKCS12_SAFEBAG_get0_pkcs8); -LCRYPTO_USED(PKCS12_SAFEBAG_get0_safes); -LCRYPTO_USED(PKCS12_SAFEBAG_get0_type); -LCRYPTO_USED(PKCS8_decrypt); -LCRYPTO_USED(PKCS12_decrypt_skey); -LCRYPTO_USED(PKCS8_encrypt); -LCRYPTO_USED(PKCS12_unpack_p7data); -LCRYPTO_USED(PKCS12_unpack_p7encdata); -LCRYPTO_USED(PKCS12_unpack_authsafes); -LCRYPTO_USED(PKCS8_add_keyusage); -LCRYPTO_USED(PKCS12_get_friendlyname); -LCRYPTO_USED(PKCS12_key_gen_uni); -LCRYPTO_USED(PKCS12_verify_mac); -LCRYPTO_USED(PKCS12_set_mac); -LCRYPTO_USED(OPENSSL_asc2uni); -LCRYPTO_USED(OPENSSL_uni2asc); -LCRYPTO_USED(PKCS12_new); -LCRYPTO_USED(PKCS12_free); -LCRYPTO_USED(d2i_PKCS12); -LCRYPTO_USED(i2d_PKCS12); -LCRYPTO_USED(PKCS12_SAFEBAG_new); -LCRYPTO_USED(PKCS12_SAFEBAG_free); -LCRYPTO_USED(d2i_PKCS12_SAFEBAG); -LCRYPTO_USED(i2d_PKCS12_SAFEBAG); -LCRYPTO_USED(PKCS12_PBE_add); -LCRYPTO_USED(PKCS12_parse); -LCRYPTO_USED(PKCS12_create); -LCRYPTO_USED(i2d_PKCS12_bio); -LCRYPTO_USED(i2d_PKCS12_fp); -LCRYPTO_USED(d2i_PKCS12_bio); -LCRYPTO_USED(d2i_PKCS12_fp); -LCRYPTO_USED(PKCS12_newpass); -LCRYPTO_USED(ERR_load_PKCS12_strings); -#if defined(LIBRESSL_NAMESPACE) -extern LCRYPTO_USED(PKCS12_it); -extern LCRYPTO_USED(PKCS12_SAFEBAG_it); -#endif - -#endif /* _LIBCRYPTO_PKCS12_H */ diff --git a/src/lib/libcrypto/hidden/openssl/pkcs7.h b/src/lib/libcrypto/hidden/openssl/pkcs7.h deleted file mode 100644 index b531b298d0..0000000000 --- a/src/lib/libcrypto/hidden/openssl/pkcs7.h +++ /dev/null @@ -1,143 +0,0 @@ -/* $OpenBSD: pkcs7.h,v 1.5 2024/07/08 17:01:54 beck Exp $ */ -/* - * Copyright (c) 2022 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_PKCS7_H -#define _LIBCRYPTO_PKCS7_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/pkcs7.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(PKCS7_ISSUER_AND_SERIAL_new); -LCRYPTO_USED(PKCS7_ISSUER_AND_SERIAL_free); -LCRYPTO_USED(d2i_PKCS7_ISSUER_AND_SERIAL); -LCRYPTO_USED(i2d_PKCS7_ISSUER_AND_SERIAL); -LCRYPTO_USED(PKCS7_ISSUER_AND_SERIAL_digest); -LCRYPTO_USED(d2i_PKCS7_fp); -LCRYPTO_USED(i2d_PKCS7_fp); -LCRYPTO_USED(PKCS7_dup); -LCRYPTO_USED(d2i_PKCS7_bio); -LCRYPTO_USED(i2d_PKCS7_bio); -LCRYPTO_USED(i2d_PKCS7_bio_stream); -LCRYPTO_USED(PEM_write_bio_PKCS7_stream); -LCRYPTO_USED(PKCS7_SIGNER_INFO_new); -LCRYPTO_USED(PKCS7_SIGNER_INFO_free); -LCRYPTO_USED(d2i_PKCS7_SIGNER_INFO); -LCRYPTO_USED(i2d_PKCS7_SIGNER_INFO); -LCRYPTO_USED(PKCS7_RECIP_INFO_new); -LCRYPTO_USED(PKCS7_RECIP_INFO_free); -LCRYPTO_USED(d2i_PKCS7_RECIP_INFO); -LCRYPTO_USED(i2d_PKCS7_RECIP_INFO); -LCRYPTO_USED(PKCS7_SIGNED_new); -LCRYPTO_USED(PKCS7_SIGNED_free); -LCRYPTO_USED(d2i_PKCS7_SIGNED); -LCRYPTO_USED(i2d_PKCS7_SIGNED); -LCRYPTO_USED(PKCS7_ENC_CONTENT_new); -LCRYPTO_USED(PKCS7_ENC_CONTENT_free); -LCRYPTO_USED(d2i_PKCS7_ENC_CONTENT); -LCRYPTO_USED(i2d_PKCS7_ENC_CONTENT); -LCRYPTO_USED(PKCS7_ENVELOPE_new); -LCRYPTO_USED(PKCS7_ENVELOPE_free); -LCRYPTO_USED(d2i_PKCS7_ENVELOPE); -LCRYPTO_USED(i2d_PKCS7_ENVELOPE); -LCRYPTO_USED(PKCS7_SIGN_ENVELOPE_new); -LCRYPTO_USED(PKCS7_SIGN_ENVELOPE_free); -LCRYPTO_USED(d2i_PKCS7_SIGN_ENVELOPE); -LCRYPTO_USED(i2d_PKCS7_SIGN_ENVELOPE); -LCRYPTO_USED(PKCS7_DIGEST_new); -LCRYPTO_USED(PKCS7_DIGEST_free); -LCRYPTO_USED(d2i_PKCS7_DIGEST); -LCRYPTO_USED(i2d_PKCS7_DIGEST); -LCRYPTO_USED(PKCS7_ENCRYPT_new); -LCRYPTO_USED(PKCS7_ENCRYPT_free); -LCRYPTO_USED(d2i_PKCS7_ENCRYPT); -LCRYPTO_USED(i2d_PKCS7_ENCRYPT); -LCRYPTO_USED(PKCS7_new); -LCRYPTO_USED(PKCS7_free); -LCRYPTO_USED(d2i_PKCS7); -LCRYPTO_USED(i2d_PKCS7); -LCRYPTO_USED(PKCS7_print_ctx); -LCRYPTO_USED(PKCS7_ctrl); -LCRYPTO_USED(PKCS7_set_type); -LCRYPTO_USED(PKCS7_set0_type_other); -LCRYPTO_USED(PKCS7_set_content); -LCRYPTO_USED(PKCS7_SIGNER_INFO_set); -LCRYPTO_USED(PKCS7_SIGNER_INFO_sign); -LCRYPTO_USED(PKCS7_add_signer); -LCRYPTO_USED(PKCS7_add_certificate); -LCRYPTO_USED(PKCS7_add_crl); -LCRYPTO_USED(PKCS7_content_new); -LCRYPTO_USED(PKCS7_dataVerify); -LCRYPTO_USED(PKCS7_signatureVerify); -LCRYPTO_USED(PKCS7_dataInit); -LCRYPTO_USED(PKCS7_dataFinal); -LCRYPTO_USED(PKCS7_dataDecode); -LCRYPTO_USED(PKCS7_add_signature); -LCRYPTO_USED(PKCS7_cert_from_signer_info); -LCRYPTO_USED(PKCS7_set_digest); -LCRYPTO_USED(PKCS7_get_signer_info); -LCRYPTO_USED(PKCS7_add_recipient); -LCRYPTO_USED(PKCS7_SIGNER_INFO_get0_algs); -LCRYPTO_USED(PKCS7_RECIP_INFO_get0_alg); -LCRYPTO_USED(PKCS7_add_recipient_info); -LCRYPTO_USED(PKCS7_RECIP_INFO_set); -LCRYPTO_USED(PKCS7_set_cipher); -LCRYPTO_USED(PKCS7_stream); -LCRYPTO_USED(PKCS7_get_issuer_and_serial); -LCRYPTO_USED(PKCS7_digest_from_attributes); -LCRYPTO_USED(PKCS7_add_signed_attribute); -LCRYPTO_USED(PKCS7_add_attribute); -LCRYPTO_USED(PKCS7_get_attribute); -LCRYPTO_USED(PKCS7_get_signed_attribute); -LCRYPTO_USED(PKCS7_set_signed_attributes); -LCRYPTO_USED(PKCS7_set_attributes); -LCRYPTO_USED(PKCS7_sign); -LCRYPTO_USED(PKCS7_sign_add_signer); -LCRYPTO_USED(PKCS7_final); -LCRYPTO_USED(PKCS7_verify); -LCRYPTO_USED(PKCS7_get0_signers); -LCRYPTO_USED(PKCS7_encrypt); -LCRYPTO_USED(PKCS7_decrypt); -LCRYPTO_USED(PKCS7_add_attrib_smimecap); -LCRYPTO_USED(PKCS7_get_smimecap); -LCRYPTO_USED(PKCS7_simple_smimecap); -LCRYPTO_USED(PKCS7_add_attrib_content_type); -LCRYPTO_USED(PKCS7_add0_attrib_signing_time); -LCRYPTO_USED(PKCS7_add1_attrib_digest); -LCRYPTO_USED(SMIME_write_PKCS7); -LCRYPTO_USED(SMIME_read_PKCS7); -LCRYPTO_USED(BIO_new_PKCS7); -LCRYPTO_USED(ERR_load_PKCS7_strings); -#if defined(LIBRESSL_NAMESPACE) -extern LCRYPTO_USED(PKCS7_ISSUER_AND_SERIAL_it); -extern LCRYPTO_USED(PKCS7_SIGNER_INFO_it); -extern LCRYPTO_USED(PKCS7_RECIP_INFO_it); -extern LCRYPTO_USED(PKCS7_SIGNED_it); -extern LCRYPTO_USED(PKCS7_ENC_CONTENT_it); -extern LCRYPTO_USED(PKCS7_ENVELOPE_it); -extern LCRYPTO_USED(PKCS7_SIGN_ENVELOPE_it); -extern LCRYPTO_USED(PKCS7_DIGEST_it); -extern LCRYPTO_USED(PKCS7_ENCRYPT_it); -extern LCRYPTO_USED(PKCS7_it); -extern LCRYPTO_USED(PKCS7_ATTR_SIGN_it); -extern LCRYPTO_USED(PKCS7_ATTR_VERIFY_it); -#endif - -#endif /* _LIBCRYPTO_PKCS7_H */ diff --git a/src/lib/libcrypto/hidden/openssl/poly1305.h b/src/lib/libcrypto/hidden/openssl/poly1305.h deleted file mode 100644 index 7a459cb5a3..0000000000 --- a/src/lib/libcrypto/hidden/openssl/poly1305.h +++ /dev/null @@ -1,32 +0,0 @@ -/* $OpenBSD: poly1305.h,v 1.2 2023/07/07 19:37:54 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_POLY1305_H -#define _LIBCRYPTO_POLY1305_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/poly1305.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(CRYPTO_poly1305_init); -LCRYPTO_USED(CRYPTO_poly1305_update); -LCRYPTO_USED(CRYPTO_poly1305_finish); - -#endif /* _LIBCRYPTO_POLY1305_H */ diff --git a/src/lib/libcrypto/hidden/openssl/posix_time.h b/src/lib/libcrypto/hidden/openssl/posix_time.h deleted file mode 100644 index 306d43eae5..0000000000 --- a/src/lib/libcrypto/hidden/openssl/posix_time.h +++ /dev/null @@ -1,32 +0,0 @@ -/* $OpenBSD: posix_time.h,v 1.1 2024/02/18 16:28:38 tb Exp $ */ -/* - * Copyright (c) 2024 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_POSIX_TIME_H -#define _LIBCRYPTO_POSIX_TIME_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/posix_time.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(OPENSSL_posix_to_tm); -LCRYPTO_USED(OPENSSL_tm_to_posix); -LCRYPTO_USED(OPENSSL_timegm); - -#endif /* _LIBCRYPTO_POSIX_TIME_H */ diff --git a/src/lib/libcrypto/hidden/openssl/rand.h b/src/lib/libcrypto/hidden/openssl/rand.h deleted file mode 100644 index d06442acdb..0000000000 --- a/src/lib/libcrypto/hidden/openssl/rand.h +++ /dev/null @@ -1,43 +0,0 @@ -/* $OpenBSD: rand.h,v 1.4 2024/04/10 14:53:01 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_RAND_H -#define _LIBCRYPTO_RAND_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/rand.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(RAND_set_rand_method); -LCRYPTO_USED(RAND_get_rand_method); -LCRYPTO_USED(RAND_SSLeay); -LCRYPTO_USED(ERR_load_RAND_strings); -LCRYPTO_UNUSED(RAND_cleanup); -LCRYPTO_UNUSED(RAND_bytes); -LCRYPTO_UNUSED(RAND_pseudo_bytes); -LCRYPTO_UNUSED(RAND_seed); -LCRYPTO_UNUSED(RAND_add); -LCRYPTO_UNUSED(RAND_load_file); -LCRYPTO_UNUSED(RAND_write_file); -LCRYPTO_UNUSED(RAND_file_name); -LCRYPTO_UNUSED(RAND_status); -LCRYPTO_UNUSED(RAND_poll); - -#endif /* _LIBCRYPTO_RAND_H */ diff --git a/src/lib/libcrypto/hidden/openssl/rc2.h b/src/lib/libcrypto/hidden/openssl/rc2.h deleted file mode 100644 index c08c38d7c8..0000000000 --- a/src/lib/libcrypto/hidden/openssl/rc2.h +++ /dev/null @@ -1,36 +0,0 @@ -/* $OpenBSD: rc2.h,v 1.1 2023/07/07 13:40:44 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_RC2_H -#define _LIBCRYPTO_RC2_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/rc2.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(RC2_set_key); -LCRYPTO_USED(RC2_ecb_encrypt); -LCRYPTO_USED(RC2_encrypt); -LCRYPTO_USED(RC2_decrypt); -LCRYPTO_USED(RC2_cbc_encrypt); -LCRYPTO_USED(RC2_cfb64_encrypt); -LCRYPTO_USED(RC2_ofb64_encrypt); - -#endif /* _LIBCRYPTO_RC2_H */ diff --git a/src/lib/libcrypto/hidden/openssl/rc4.h b/src/lib/libcrypto/hidden/openssl/rc4.h deleted file mode 100644 index 16a7ff7e12..0000000000 --- a/src/lib/libcrypto/hidden/openssl/rc4.h +++ /dev/null @@ -1,31 +0,0 @@ -/* $OpenBSD: rc4.h,v 1.1 2024/03/28 08:18:13 joshua Exp $ */ -/* - * Copyright (c) 2024 Joshua Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_RC4_H -#define _LIBCRYPTO_RC4_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/rc4.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(RC4_set_key); -LCRYPTO_USED(RC4); - -#endif /* _LIBCRYPTO_RC4_H */ diff --git a/src/lib/libcrypto/hidden/openssl/ripemd.h b/src/lib/libcrypto/hidden/openssl/ripemd.h deleted file mode 100644 index 1fd4a0a46d..0000000000 --- a/src/lib/libcrypto/hidden/openssl/ripemd.h +++ /dev/null @@ -1,34 +0,0 @@ -/* $OpenBSD: ripemd.h,v 1.1 2024/03/28 23:54:15 joshua Exp $ */ -/* - * Copyright (c) 2024 Joshua Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_RIPEMD_H -#define _LIBCRYPTO_RIPEMD_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/ripemd.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(RIPEMD160_Init); -LCRYPTO_USED(RIPEMD160_Update); -LCRYPTO_USED(RIPEMD160_Final); -LCRYPTO_USED(RIPEMD160); -LCRYPTO_USED(RIPEMD160_Transform); - -#endif /* _LIBCRYPTO_RIPEMD_H */ diff --git a/src/lib/libcrypto/hidden/openssl/rsa.h b/src/lib/libcrypto/hidden/openssl/rsa.h deleted file mode 100644 index a115684c90..0000000000 --- a/src/lib/libcrypto/hidden/openssl/rsa.h +++ /dev/null @@ -1,147 +0,0 @@ -/* $OpenBSD: rsa.h,v 1.3 2024/07/08 17:10:18 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_RSA_H -#define _LIBCRYPTO_RSA_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/rsa.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(RSA_new); -LCRYPTO_USED(RSA_new_method); -LCRYPTO_USED(RSA_bits); -LCRYPTO_USED(RSA_size); -LCRYPTO_USED(RSA_generate_key); -LCRYPTO_USED(RSA_generate_key_ex); -LCRYPTO_USED(RSA_check_key); -LCRYPTO_USED(RSA_public_encrypt); -LCRYPTO_USED(RSA_private_encrypt); -LCRYPTO_USED(RSA_public_decrypt); -LCRYPTO_USED(RSA_private_decrypt); -LCRYPTO_USED(RSA_free); -LCRYPTO_USED(RSA_up_ref); -LCRYPTO_USED(RSA_flags); -LCRYPTO_USED(RSA_set_default_method); -LCRYPTO_USED(RSA_get_default_method); -LCRYPTO_USED(RSA_get_method); -LCRYPTO_USED(RSA_set_method); -LCRYPTO_USED(RSA_PKCS1_OpenSSL); -LCRYPTO_USED(RSA_PKCS1_SSLeay); -LCRYPTO_USED(RSA_pkey_ctx_ctrl); -LCRYPTO_USED(d2i_RSAPublicKey); -LCRYPTO_USED(i2d_RSAPublicKey); -LCRYPTO_USED(d2i_RSAPrivateKey); -LCRYPTO_USED(i2d_RSAPrivateKey); -LCRYPTO_USED(RSA_PSS_PARAMS_new); -LCRYPTO_USED(RSA_PSS_PARAMS_free); -LCRYPTO_USED(d2i_RSA_PSS_PARAMS); -LCRYPTO_USED(i2d_RSA_PSS_PARAMS); -LCRYPTO_USED(RSA_OAEP_PARAMS_new); -LCRYPTO_USED(RSA_OAEP_PARAMS_free); -LCRYPTO_USED(d2i_RSA_OAEP_PARAMS); -LCRYPTO_USED(i2d_RSA_OAEP_PARAMS); -LCRYPTO_USED(RSA_print_fp); -LCRYPTO_USED(RSA_print); -LCRYPTO_USED(RSA_sign); -LCRYPTO_USED(RSA_verify); -LCRYPTO_USED(RSA_sign_ASN1_OCTET_STRING); -LCRYPTO_USED(RSA_verify_ASN1_OCTET_STRING); -LCRYPTO_USED(RSA_blinding_on); -LCRYPTO_USED(RSA_blinding_off); -LCRYPTO_USED(RSA_padding_add_PKCS1_type_1); -LCRYPTO_USED(RSA_padding_check_PKCS1_type_1); -LCRYPTO_USED(RSA_padding_add_PKCS1_type_2); -LCRYPTO_USED(RSA_padding_check_PKCS1_type_2); -LCRYPTO_USED(PKCS1_MGF1); -LCRYPTO_USED(RSA_padding_add_PKCS1_OAEP); -LCRYPTO_USED(RSA_padding_check_PKCS1_OAEP); -LCRYPTO_USED(RSA_padding_add_PKCS1_OAEP_mgf1); -LCRYPTO_USED(RSA_padding_check_PKCS1_OAEP_mgf1); -LCRYPTO_USED(RSA_padding_add_none); -LCRYPTO_USED(RSA_padding_check_none); -LCRYPTO_USED(RSA_verify_PKCS1_PSS); -LCRYPTO_USED(RSA_padding_add_PKCS1_PSS); -LCRYPTO_USED(RSA_verify_PKCS1_PSS_mgf1); -LCRYPTO_USED(RSA_padding_add_PKCS1_PSS_mgf1); -LCRYPTO_USED(RSA_get_ex_new_index); -LCRYPTO_USED(RSA_set_ex_data); -LCRYPTO_USED(RSA_get_ex_data); -LCRYPTO_USED(RSA_security_bits); -LCRYPTO_USED(RSA_get0_key); -LCRYPTO_USED(RSA_set0_key); -LCRYPTO_USED(RSA_get0_crt_params); -LCRYPTO_USED(RSA_set0_crt_params); -LCRYPTO_USED(RSA_get0_factors); -LCRYPTO_USED(RSA_set0_factors); -LCRYPTO_USED(RSA_get0_n); -LCRYPTO_USED(RSA_get0_e); -LCRYPTO_USED(RSA_get0_d); -LCRYPTO_USED(RSA_get0_p); -LCRYPTO_USED(RSA_get0_q); -LCRYPTO_USED(RSA_get0_dmp1); -LCRYPTO_USED(RSA_get0_dmq1); -LCRYPTO_USED(RSA_get0_iqmp); -LCRYPTO_USED(RSA_get0_pss_params); -LCRYPTO_USED(RSA_clear_flags); -LCRYPTO_USED(RSA_test_flags); -LCRYPTO_USED(RSA_set_flags); -LCRYPTO_USED(RSAPublicKey_dup); -LCRYPTO_USED(RSAPrivateKey_dup); -LCRYPTO_USED(RSA_meth_new); -LCRYPTO_USED(RSA_meth_free); -LCRYPTO_USED(RSA_meth_dup); -LCRYPTO_USED(RSA_meth_set1_name); -LCRYPTO_USED(RSA_meth_set_priv_enc); -LCRYPTO_USED(RSA_meth_set_priv_dec); -LCRYPTO_USED(RSA_meth_get_finish); -LCRYPTO_USED(RSA_meth_set_finish); -LCRYPTO_USED(RSA_meth_set_pub_enc); -LCRYPTO_USED(RSA_meth_set_pub_dec); -LCRYPTO_USED(RSA_meth_set_mod_exp); -LCRYPTO_USED(RSA_meth_set_bn_mod_exp); -LCRYPTO_USED(RSA_meth_set_init); -LCRYPTO_USED(RSA_meth_set_keygen); -LCRYPTO_USED(RSA_meth_set_flags); -LCRYPTO_USED(RSA_meth_set0_app_data); -LCRYPTO_USED(RSA_meth_get0_name); -LCRYPTO_USED(RSA_meth_get_pub_enc); -LCRYPTO_USED(RSA_meth_get_pub_dec); -LCRYPTO_USED(RSA_meth_get_priv_enc); -LCRYPTO_USED(RSA_meth_get_priv_dec); -LCRYPTO_USED(RSA_meth_get_mod_exp); -LCRYPTO_USED(RSA_meth_get_bn_mod_exp); -LCRYPTO_USED(RSA_meth_get_init); -LCRYPTO_USED(RSA_meth_get_keygen); -LCRYPTO_USED(RSA_meth_get_flags); -LCRYPTO_USED(RSA_meth_get0_app_data); -LCRYPTO_USED(RSA_meth_get_sign); -LCRYPTO_USED(RSA_meth_set_sign); -LCRYPTO_USED(RSA_meth_get_verify); -LCRYPTO_USED(RSA_meth_set_verify); -LCRYPTO_USED(ERR_load_RSA_strings); -#if defined(LIBRESSL_NAMESPACE) -extern LCRYPTO_USED(RSAPublicKey_it); -extern LCRYPTO_USED(RSAPrivateKey_it); -extern LCRYPTO_USED(RSA_PSS_PARAMS_it); -extern LCRYPTO_USED(RSA_OAEP_PARAMS_it); -#endif - -#endif /* _LIBCRYPTO_RSA_H */ diff --git a/src/lib/libcrypto/hidden/openssl/sha.h b/src/lib/libcrypto/hidden/openssl/sha.h deleted file mode 100644 index ee58793205..0000000000 --- a/src/lib/libcrypto/hidden/openssl/sha.h +++ /dev/null @@ -1,52 +0,0 @@ -/* $OpenBSD: sha.h,v 1.1 2023/07/08 12:24:10 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_SHA_H -#define _LIBCRYPTO_SHA_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/sha.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(SHA1_Init); -LCRYPTO_USED(SHA1_Update); -LCRYPTO_USED(SHA1_Final); -LCRYPTO_USED(SHA1); -LCRYPTO_USED(SHA1_Transform); -LCRYPTO_USED(SHA224_Init); -LCRYPTO_USED(SHA224_Update); -LCRYPTO_USED(SHA224_Final); -LCRYPTO_USED(SHA224); -LCRYPTO_USED(SHA256_Init); -LCRYPTO_USED(SHA256_Update); -LCRYPTO_USED(SHA256_Final); -LCRYPTO_USED(SHA256); -LCRYPTO_USED(SHA256_Transform); -LCRYPTO_USED(SHA384_Init); -LCRYPTO_USED(SHA384_Update); -LCRYPTO_USED(SHA384_Final); -LCRYPTO_USED(SHA384); -LCRYPTO_USED(SHA512_Init); -LCRYPTO_USED(SHA512_Update); -LCRYPTO_USED(SHA512_Final); -LCRYPTO_USED(SHA512); -LCRYPTO_USED(SHA512_Transform); - -#endif /* _LIBCRYPTO_SHA_H */ diff --git a/src/lib/libcrypto/hidden/openssl/sm3.h b/src/lib/libcrypto/hidden/openssl/sm3.h deleted file mode 100644 index 12a0e1ad1a..0000000000 --- a/src/lib/libcrypto/hidden/openssl/sm3.h +++ /dev/null @@ -1,32 +0,0 @@ -/* $OpenBSD: sm3.h,v 1.3 2023/07/08 06:13:08 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_SM3_H -#define _LIBCRYPTO_SM3_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/sm3.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(SM3_Init); -LCRYPTO_USED(SM3_Update); -LCRYPTO_USED(SM3_Final); - -#endif /* _LIBCRYPTO_SM3_H */ diff --git a/src/lib/libcrypto/hidden/openssl/sm4.h b/src/lib/libcrypto/hidden/openssl/sm4.h deleted file mode 100644 index 1b80e5cbc6..0000000000 --- a/src/lib/libcrypto/hidden/openssl/sm4.h +++ /dev/null @@ -1,32 +0,0 @@ -/* $OpenBSD: sm4.h,v 1.2 2023/07/07 19:37:54 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_SM4_H -#define _LIBCRYPTO_SM4_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/sm4.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(SM4_set_key); -LCRYPTO_USED(SM4_decrypt); -LCRYPTO_USED(SM4_encrypt); - -#endif /* _LIBCRYPTO_SM4_H */ diff --git a/src/lib/libcrypto/hidden/openssl/stack.h b/src/lib/libcrypto/hidden/openssl/stack.h deleted file mode 100644 index 3f742c1b06..0000000000 --- a/src/lib/libcrypto/hidden/openssl/stack.h +++ /dev/null @@ -1,49 +0,0 @@ -/* $OpenBSD: stack.h,v 1.3 2024/03/02 11:20:36 tb Exp $ */ -/* - * Copyright (c) 2022 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_STACK_H -#define _LIBCRYPTO_STACK_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/stack.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(sk_num); -LCRYPTO_USED(sk_value); -LCRYPTO_USED(sk_set); -LCRYPTO_USED(sk_new); -LCRYPTO_USED(sk_new_null); -LCRYPTO_USED(sk_free); -LCRYPTO_USED(sk_pop_free); -LCRYPTO_USED(sk_insert); -LCRYPTO_USED(sk_delete); -LCRYPTO_USED(sk_delete_ptr); -LCRYPTO_USED(sk_find); -LCRYPTO_USED(sk_push); -LCRYPTO_USED(sk_unshift); -LCRYPTO_USED(sk_shift); -LCRYPTO_USED(sk_pop); -LCRYPTO_USED(sk_zero); -LCRYPTO_USED(sk_set_cmp_func); -LCRYPTO_USED(sk_dup); -LCRYPTO_USED(sk_sort); -LCRYPTO_USED(sk_is_sorted); - -#endif /* _LIBCRYPTO_STACK_H */ diff --git a/src/lib/libcrypto/hidden/openssl/ts.h b/src/lib/libcrypto/hidden/openssl/ts.h deleted file mode 100644 index 0acad21373..0000000000 --- a/src/lib/libcrypto/hidden/openssl/ts.h +++ /dev/null @@ -1,217 +0,0 @@ -/* $OpenBSD: ts.h,v 1.3 2023/07/28 09:53:55 tb Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_TS_H -#define _LIBCRYPTO_TS_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/ts.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(TS_REQ_new); -LCRYPTO_USED(TS_REQ_free); -LCRYPTO_USED(i2d_TS_REQ); -LCRYPTO_USED(d2i_TS_REQ); -LCRYPTO_USED(TS_REQ_dup); -LCRYPTO_USED(d2i_TS_REQ_fp); -LCRYPTO_USED(i2d_TS_REQ_fp); -LCRYPTO_USED(d2i_TS_REQ_bio); -LCRYPTO_USED(i2d_TS_REQ_bio); -LCRYPTO_USED(TS_MSG_IMPRINT_new); -LCRYPTO_USED(TS_MSG_IMPRINT_free); -LCRYPTO_USED(i2d_TS_MSG_IMPRINT); -LCRYPTO_USED(d2i_TS_MSG_IMPRINT); -LCRYPTO_USED(TS_MSG_IMPRINT_dup); -LCRYPTO_USED(d2i_TS_MSG_IMPRINT_fp); -LCRYPTO_USED(i2d_TS_MSG_IMPRINT_fp); -LCRYPTO_USED(d2i_TS_MSG_IMPRINT_bio); -LCRYPTO_USED(i2d_TS_MSG_IMPRINT_bio); -LCRYPTO_USED(TS_RESP_new); -LCRYPTO_USED(TS_RESP_free); -LCRYPTO_USED(i2d_TS_RESP); -LCRYPTO_USED(d2i_TS_RESP); -LCRYPTO_USED(PKCS7_to_TS_TST_INFO); -LCRYPTO_USED(TS_RESP_dup); -LCRYPTO_USED(d2i_TS_RESP_fp); -LCRYPTO_USED(i2d_TS_RESP_fp); -LCRYPTO_USED(d2i_TS_RESP_bio); -LCRYPTO_USED(i2d_TS_RESP_bio); -LCRYPTO_USED(TS_STATUS_INFO_new); -LCRYPTO_USED(TS_STATUS_INFO_free); -LCRYPTO_USED(i2d_TS_STATUS_INFO); -LCRYPTO_USED(d2i_TS_STATUS_INFO); -LCRYPTO_USED(TS_STATUS_INFO_dup); -LCRYPTO_USED(TS_TST_INFO_new); -LCRYPTO_USED(TS_TST_INFO_free); -LCRYPTO_USED(i2d_TS_TST_INFO); -LCRYPTO_USED(d2i_TS_TST_INFO); -LCRYPTO_USED(TS_TST_INFO_dup); -LCRYPTO_USED(d2i_TS_TST_INFO_fp); -LCRYPTO_USED(i2d_TS_TST_INFO_fp); -LCRYPTO_USED(d2i_TS_TST_INFO_bio); -LCRYPTO_USED(i2d_TS_TST_INFO_bio); -LCRYPTO_USED(TS_ACCURACY_new); -LCRYPTO_USED(TS_ACCURACY_free); -LCRYPTO_USED(i2d_TS_ACCURACY); -LCRYPTO_USED(d2i_TS_ACCURACY); -LCRYPTO_USED(TS_ACCURACY_dup); -LCRYPTO_USED(ESS_ISSUER_SERIAL_new); -LCRYPTO_USED(ESS_ISSUER_SERIAL_free); -LCRYPTO_USED(i2d_ESS_ISSUER_SERIAL); -LCRYPTO_USED(d2i_ESS_ISSUER_SERIAL); -LCRYPTO_USED(ESS_ISSUER_SERIAL_dup); -LCRYPTO_USED(ESS_CERT_ID_new); -LCRYPTO_USED(ESS_CERT_ID_free); -LCRYPTO_USED(i2d_ESS_CERT_ID); -LCRYPTO_USED(d2i_ESS_CERT_ID); -LCRYPTO_USED(ESS_CERT_ID_dup); -LCRYPTO_USED(ESS_SIGNING_CERT_new); -LCRYPTO_USED(ESS_SIGNING_CERT_free); -LCRYPTO_USED(i2d_ESS_SIGNING_CERT); -LCRYPTO_USED(d2i_ESS_SIGNING_CERT); -LCRYPTO_USED(ESS_SIGNING_CERT_dup); -LCRYPTO_USED(TS_REQ_set_version); -LCRYPTO_USED(TS_REQ_get_version); -LCRYPTO_USED(TS_REQ_set_msg_imprint); -LCRYPTO_USED(TS_REQ_get_msg_imprint); -LCRYPTO_USED(TS_MSG_IMPRINT_set_algo); -LCRYPTO_USED(TS_MSG_IMPRINT_get_algo); -LCRYPTO_USED(TS_MSG_IMPRINT_set_msg); -LCRYPTO_USED(TS_MSG_IMPRINT_get_msg); -LCRYPTO_USED(TS_REQ_set_policy_id); -LCRYPTO_USED(TS_REQ_get_policy_id); -LCRYPTO_USED(TS_REQ_set_nonce); -LCRYPTO_USED(TS_REQ_get_nonce); -LCRYPTO_USED(TS_REQ_set_cert_req); -LCRYPTO_USED(TS_REQ_get_cert_req); -LCRYPTO_USED(TS_REQ_get_exts); -LCRYPTO_USED(TS_REQ_ext_free); -LCRYPTO_USED(TS_REQ_get_ext_count); -LCRYPTO_USED(TS_REQ_get_ext_by_NID); -LCRYPTO_USED(TS_REQ_get_ext_by_OBJ); -LCRYPTO_USED(TS_REQ_get_ext_by_critical); -LCRYPTO_USED(TS_REQ_get_ext); -LCRYPTO_USED(TS_REQ_delete_ext); -LCRYPTO_USED(TS_REQ_add_ext); -LCRYPTO_USED(TS_REQ_get_ext_d2i); -LCRYPTO_USED(TS_REQ_print_bio); -LCRYPTO_USED(TS_RESP_set_status_info); -LCRYPTO_USED(TS_RESP_get_status_info); -LCRYPTO_USED(TS_STATUS_INFO_get0_failure_info); -LCRYPTO_USED(TS_STATUS_INFO_get0_text); -LCRYPTO_USED(TS_STATUS_INFO_get0_status); -LCRYPTO_USED(TS_STATUS_INFO_set_status); -LCRYPTO_USED(TS_RESP_set_tst_info); -LCRYPTO_USED(TS_RESP_get_token); -LCRYPTO_USED(TS_RESP_get_tst_info); -LCRYPTO_USED(TS_TST_INFO_set_version); -LCRYPTO_USED(TS_TST_INFO_get_version); -LCRYPTO_USED(TS_TST_INFO_set_policy_id); -LCRYPTO_USED(TS_TST_INFO_get_policy_id); -LCRYPTO_USED(TS_TST_INFO_set_msg_imprint); -LCRYPTO_USED(TS_TST_INFO_get_msg_imprint); -LCRYPTO_USED(TS_TST_INFO_set_serial); -LCRYPTO_USED(TS_TST_INFO_get_serial); -LCRYPTO_USED(TS_TST_INFO_set_time); -LCRYPTO_USED(TS_TST_INFO_get_time); -LCRYPTO_USED(TS_TST_INFO_set_accuracy); -LCRYPTO_USED(TS_TST_INFO_get_accuracy); -LCRYPTO_USED(TS_ACCURACY_set_seconds); -LCRYPTO_USED(TS_ACCURACY_get_seconds); -LCRYPTO_USED(TS_ACCURACY_set_millis); -LCRYPTO_USED(TS_ACCURACY_get_millis); -LCRYPTO_USED(TS_ACCURACY_set_micros); -LCRYPTO_USED(TS_ACCURACY_get_micros); -LCRYPTO_USED(TS_TST_INFO_set_ordering); -LCRYPTO_USED(TS_TST_INFO_get_ordering); -LCRYPTO_USED(TS_TST_INFO_set_nonce); -LCRYPTO_USED(TS_TST_INFO_get_nonce); -LCRYPTO_USED(TS_TST_INFO_set_tsa); -LCRYPTO_USED(TS_TST_INFO_get_tsa); -LCRYPTO_USED(TS_TST_INFO_get_exts); -LCRYPTO_USED(TS_TST_INFO_ext_free); -LCRYPTO_USED(TS_TST_INFO_get_ext_count); -LCRYPTO_USED(TS_TST_INFO_get_ext_by_NID); -LCRYPTO_USED(TS_TST_INFO_get_ext_by_OBJ); -LCRYPTO_USED(TS_TST_INFO_get_ext_by_critical); -LCRYPTO_USED(TS_TST_INFO_get_ext); -LCRYPTO_USED(TS_TST_INFO_delete_ext); -LCRYPTO_USED(TS_TST_INFO_add_ext); -LCRYPTO_USED(TS_TST_INFO_get_ext_d2i); -LCRYPTO_USED(TS_RESP_CTX_new); -LCRYPTO_USED(TS_RESP_CTX_free); -LCRYPTO_USED(TS_RESP_CTX_set_signer_cert); -LCRYPTO_USED(TS_RESP_CTX_set_signer_key); -LCRYPTO_USED(TS_RESP_CTX_set_def_policy); -LCRYPTO_USED(TS_RESP_CTX_set_certs); -LCRYPTO_USED(TS_RESP_CTX_add_policy); -LCRYPTO_USED(TS_RESP_CTX_add_md); -LCRYPTO_USED(TS_RESP_CTX_set_accuracy); -LCRYPTO_USED(TS_RESP_CTX_set_clock_precision_digits); -LCRYPTO_USED(TS_RESP_CTX_add_flags); -LCRYPTO_USED(TS_RESP_CTX_set_serial_cb); -LCRYPTO_USED(TS_RESP_CTX_set_time_cb); -LCRYPTO_USED(TS_RESP_CTX_set_extension_cb); -LCRYPTO_USED(TS_RESP_CTX_set_status_info); -LCRYPTO_USED(TS_RESP_CTX_set_status_info_cond); -LCRYPTO_USED(TS_RESP_CTX_add_failure_info); -LCRYPTO_USED(TS_RESP_CTX_get_request); -LCRYPTO_USED(TS_RESP_CTX_get_tst_info); -LCRYPTO_USED(TS_RESP_create_response); -LCRYPTO_USED(TS_RESP_verify_signature); -LCRYPTO_USED(TS_RESP_verify_response); -LCRYPTO_USED(TS_RESP_verify_token); -LCRYPTO_USED(TS_VERIFY_CTX_new); -LCRYPTO_USED(TS_VERIFY_CTX_free); -LCRYPTO_USED(TS_VERIFY_CTX_cleanup); -LCRYPTO_USED(TS_VERIFY_CTX_add_flags); -LCRYPTO_USED(TS_VERIFY_CTX_set_flags); -LCRYPTO_USED(TS_VERIFY_CTX_set_data); -LCRYPTO_USED(TS_VERIFY_CTX_set_store); -LCRYPTO_USED(TS_VERIFY_CTX_set_certs); -LCRYPTO_USED(TS_VERIFY_CTX_set_imprint); -LCRYPTO_USED(TS_REQ_to_TS_VERIFY_CTX); -LCRYPTO_USED(TS_RESP_print_bio); -LCRYPTO_USED(TS_STATUS_INFO_print_bio); -LCRYPTO_USED(TS_TST_INFO_print_bio); -LCRYPTO_USED(TS_ASN1_INTEGER_print_bio); -LCRYPTO_USED(TS_OBJ_print_bio); -LCRYPTO_USED(TS_ext_print_bio); -LCRYPTO_USED(TS_X509_ALGOR_print_bio); -LCRYPTO_USED(TS_MSG_IMPRINT_print_bio); -LCRYPTO_USED(TS_CONF_load_cert); -LCRYPTO_USED(TS_CONF_load_certs); -LCRYPTO_USED(TS_CONF_load_key); -LCRYPTO_USED(TS_CONF_get_tsa_section); -LCRYPTO_USED(TS_CONF_set_serial); -LCRYPTO_USED(TS_CONF_set_signer_cert); -LCRYPTO_USED(TS_CONF_set_certs); -LCRYPTO_USED(TS_CONF_set_signer_key); -LCRYPTO_USED(TS_CONF_set_def_policy); -LCRYPTO_USED(TS_CONF_set_policies); -LCRYPTO_USED(TS_CONF_set_digests); -LCRYPTO_USED(TS_CONF_set_accuracy); -LCRYPTO_USED(TS_CONF_set_clock_precision_digits); -LCRYPTO_USED(TS_CONF_set_ordering); -LCRYPTO_USED(TS_CONF_set_tsa_name); -LCRYPTO_USED(TS_CONF_set_ess_cert_id_chain); -LCRYPTO_USED(ERR_load_TS_strings); - -#endif /* _LIBCRYPTO_TS_H */ diff --git a/src/lib/libcrypto/hidden/openssl/txt_db.h b/src/lib/libcrypto/hidden/openssl/txt_db.h deleted file mode 100644 index f93dbc67d2..0000000000 --- a/src/lib/libcrypto/hidden/openssl/txt_db.h +++ /dev/null @@ -1,35 +0,0 @@ -/* $OpenBSD: txt_db.h,v 1.1 2023/07/08 11:28:03 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_TXT_DB_H -#define _LIBCRYPTO_TXT_DB_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/txt_db.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(TXT_DB_read); -LCRYPTO_USED(TXT_DB_write); -LCRYPTO_USED(TXT_DB_create_index); -LCRYPTO_USED(TXT_DB_free); -LCRYPTO_USED(TXT_DB_get_by_index); -LCRYPTO_USED(TXT_DB_insert); - -#endif /* _LIBCRYPTO_TXT_DB_H */ diff --git a/src/lib/libcrypto/hidden/openssl/ui.h b/src/lib/libcrypto/hidden/openssl/ui.h deleted file mode 100644 index 7bf849d4c3..0000000000 --- a/src/lib/libcrypto/hidden/openssl/ui.h +++ /dev/null @@ -1,81 +0,0 @@ -/* $OpenBSD: ui.h,v 1.5 2024/08/31 10:28:03 tb Exp $ */ -/* - * Copyright (c) 2022 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_UI_H -#define _LIBCRYPTO_UI_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/ui.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(UI_new); -LCRYPTO_USED(UI_new_method); -LCRYPTO_USED(UI_free); -LCRYPTO_USED(UI_add_input_string); -LCRYPTO_USED(UI_dup_input_string); -LCRYPTO_USED(UI_add_verify_string); -LCRYPTO_USED(UI_dup_verify_string); -LCRYPTO_USED(UI_add_input_boolean); -LCRYPTO_USED(UI_dup_input_boolean); -LCRYPTO_USED(UI_add_info_string); -LCRYPTO_USED(UI_dup_info_string); -LCRYPTO_USED(UI_add_error_string); -LCRYPTO_USED(UI_dup_error_string); -LCRYPTO_USED(UI_construct_prompt); -LCRYPTO_USED(UI_add_user_data); -LCRYPTO_USED(UI_get0_user_data); -LCRYPTO_USED(UI_get0_result); -LCRYPTO_USED(UI_process); -LCRYPTO_USED(UI_ctrl); -LCRYPTO_USED(UI_get_ex_new_index); -LCRYPTO_USED(UI_set_ex_data); -LCRYPTO_USED(UI_get_ex_data); -LCRYPTO_USED(UI_set_default_method); -LCRYPTO_USED(UI_get_default_method); -LCRYPTO_USED(UI_get_method); -LCRYPTO_USED(UI_set_method); -LCRYPTO_USED(UI_OpenSSL); -LCRYPTO_USED(UI_null); -LCRYPTO_USED(UI_create_method); -LCRYPTO_USED(UI_destroy_method); -LCRYPTO_USED(UI_method_set_opener); -LCRYPTO_USED(UI_method_set_writer); -LCRYPTO_USED(UI_method_set_flusher); -LCRYPTO_USED(UI_method_set_reader); -LCRYPTO_USED(UI_method_set_closer); -LCRYPTO_USED(UI_method_set_prompt_constructor); -LCRYPTO_USED(UI_method_get_opener); -LCRYPTO_USED(UI_method_get_writer); -LCRYPTO_USED(UI_method_get_flusher); -LCRYPTO_USED(UI_method_get_reader); -LCRYPTO_USED(UI_method_get_closer); -LCRYPTO_USED(UI_get_string_type); -LCRYPTO_USED(UI_get_input_flags); -LCRYPTO_USED(UI_get0_output_string); -LCRYPTO_USED(UI_get0_action_string); -LCRYPTO_USED(UI_get0_result_string); -LCRYPTO_USED(UI_get0_test_string); -LCRYPTO_USED(UI_get_result_minsize); -LCRYPTO_USED(UI_get_result_maxsize); -LCRYPTO_USED(UI_set_result); -LCRYPTO_USED(ERR_load_UI_strings); -LCRYPTO_USED(UI_method_get_prompt_constructor); - -#endif /* _LIBCRYPTO_UI_H */ diff --git a/src/lib/libcrypto/hidden/openssl/x509.h b/src/lib/libcrypto/hidden/openssl/x509.h deleted file mode 100644 index e6104cd451..0000000000 --- a/src/lib/libcrypto/hidden/openssl/x509.h +++ /dev/null @@ -1,468 +0,0 @@ -/* $OpenBSD: x509.h,v 1.15 2025/03/09 15:17:22 tb Exp $ */ -/* - * Copyright (c) 2022 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_X509_H -#define _LIBCRYPTO_X509_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/x509.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(X509_CRL_up_ref); -LCRYPTO_USED(i2d_re_X509_CRL_tbs); -LCRYPTO_USED(X509_get_X509_PUBKEY); -LCRYPTO_USED(X509_verify_cert_error_string); -LCRYPTO_USED(X509_verify); -LCRYPTO_USED(X509_REQ_verify); -LCRYPTO_USED(NETSCAPE_SPKI_verify); -LCRYPTO_USED(NETSCAPE_SPKI_b64_decode); -LCRYPTO_USED(NETSCAPE_SPKI_b64_encode); -LCRYPTO_USED(NETSCAPE_SPKI_get_pubkey); -LCRYPTO_USED(NETSCAPE_SPKI_set_pubkey); -LCRYPTO_USED(X509_sign); -LCRYPTO_USED(X509_sign_ctx); -LCRYPTO_USED(X509_REQ_sign); -LCRYPTO_USED(X509_REQ_sign_ctx); -LCRYPTO_USED(X509_CRL_sign); -LCRYPTO_USED(X509_CRL_sign_ctx); -LCRYPTO_USED(NETSCAPE_SPKI_sign); -LCRYPTO_USED(X509_pubkey_digest); -LCRYPTO_USED(X509_digest); -LCRYPTO_USED(X509_CRL_digest); -LCRYPTO_USED(X509_REQ_digest); -LCRYPTO_USED(X509_NAME_digest); -LCRYPTO_USED(d2i_X509_fp); -LCRYPTO_USED(i2d_X509_fp); -LCRYPTO_USED(d2i_X509_CRL_fp); -LCRYPTO_USED(i2d_X509_CRL_fp); -LCRYPTO_USED(d2i_X509_REQ_fp); -LCRYPTO_USED(i2d_X509_REQ_fp); -LCRYPTO_USED(d2i_RSAPrivateKey_fp); -LCRYPTO_USED(i2d_RSAPrivateKey_fp); -LCRYPTO_USED(d2i_RSAPublicKey_fp); -LCRYPTO_USED(i2d_RSAPublicKey_fp); -LCRYPTO_USED(d2i_DSAPrivateKey_fp); -LCRYPTO_USED(i2d_DSAPrivateKey_fp); -LCRYPTO_USED(d2i_ECPrivateKey_fp); -LCRYPTO_USED(i2d_ECPrivateKey_fp); -LCRYPTO_USED(d2i_PKCS8_fp); -LCRYPTO_USED(i2d_PKCS8_fp); -LCRYPTO_USED(d2i_PKCS8_PRIV_KEY_INFO_fp); -LCRYPTO_USED(i2d_PKCS8_PRIV_KEY_INFO_fp); -LCRYPTO_USED(i2d_PKCS8PrivateKeyInfo_fp); -LCRYPTO_USED(i2d_PrivateKey_fp); -LCRYPTO_USED(d2i_PrivateKey_fp); -LCRYPTO_USED(d2i_X509_bio); -LCRYPTO_USED(i2d_X509_bio); -LCRYPTO_USED(d2i_X509_CRL_bio); -LCRYPTO_USED(i2d_X509_CRL_bio); -LCRYPTO_USED(d2i_X509_REQ_bio); -LCRYPTO_USED(i2d_X509_REQ_bio); -LCRYPTO_USED(d2i_RSAPrivateKey_bio); -LCRYPTO_USED(i2d_RSAPrivateKey_bio); -LCRYPTO_USED(d2i_RSAPublicKey_bio); -LCRYPTO_USED(i2d_RSAPublicKey_bio); -LCRYPTO_USED(d2i_DSAPrivateKey_bio); -LCRYPTO_USED(i2d_DSAPrivateKey_bio); -LCRYPTO_USED(d2i_ECPrivateKey_bio); -LCRYPTO_USED(i2d_ECPrivateKey_bio); -LCRYPTO_USED(d2i_PKCS8_bio); -LCRYPTO_USED(i2d_PKCS8_bio); -LCRYPTO_USED(d2i_PKCS8_PRIV_KEY_INFO_bio); -LCRYPTO_USED(i2d_PKCS8_PRIV_KEY_INFO_bio); -LCRYPTO_USED(i2d_PKCS8PrivateKeyInfo_bio); -LCRYPTO_USED(i2d_PrivateKey_bio); -LCRYPTO_USED(d2i_PrivateKey_bio); -LCRYPTO_USED(X509_cmp_time); -LCRYPTO_USED(X509_cmp_current_time); -LCRYPTO_USED(X509_time_adj); -LCRYPTO_USED(X509_time_adj_ex); -LCRYPTO_USED(X509_gmtime_adj); -LCRYPTO_USED(X509_get_default_cert_area); -LCRYPTO_USED(X509_get_default_cert_dir); -LCRYPTO_USED(X509_get_default_cert_file); -LCRYPTO_USED(X509_get_default_cert_dir_env); -LCRYPTO_USED(X509_get_default_cert_file_env); -LCRYPTO_USED(X509_get_default_private_dir); -LCRYPTO_USED(X509_to_X509_REQ); -LCRYPTO_USED(X509_REQ_to_X509); -LCRYPTO_USED(X509_get_pubkey_parameters); -LCRYPTO_USED(X509_NAME_oneline); -LCRYPTO_USED(X509_get0_extensions); -LCRYPTO_USED(X509_get0_tbs_sigalg); -LCRYPTO_USED(X509_get0_uids); -LCRYPTO_USED(X509_set_version); -LCRYPTO_USED(X509_get_version); -LCRYPTO_USED(X509_set_serialNumber); -LCRYPTO_USED(X509_get_serialNumber); -LCRYPTO_USED(X509_get0_serialNumber); -LCRYPTO_USED(X509_set_issuer_name); -LCRYPTO_USED(X509_get_issuer_name); -LCRYPTO_USED(X509_set_subject_name); -LCRYPTO_USED(X509_get_subject_name); -LCRYPTO_USED(X509_set_notBefore); -LCRYPTO_USED(X509_set1_notBefore); -LCRYPTO_USED(X509_set_notAfter); -LCRYPTO_USED(X509_set1_notAfter); -LCRYPTO_USED(X509_get0_notBefore); -LCRYPTO_USED(X509_getm_notBefore); -LCRYPTO_USED(X509_get0_notAfter); -LCRYPTO_USED(X509_getm_notAfter); -LCRYPTO_USED(X509_set_pubkey); -LCRYPTO_USED(X509_get_pubkey); -LCRYPTO_USED(X509_get0_pubkey); -LCRYPTO_USED(X509_get0_pubkey_bitstr); -LCRYPTO_USED(X509_certificate_type); -LCRYPTO_USED(X509_get_signature_type); -LCRYPTO_USED(X509_REQ_set_version); -LCRYPTO_USED(X509_REQ_get_version); -LCRYPTO_USED(X509_REQ_set_subject_name); -LCRYPTO_USED(X509_REQ_get_subject_name); -LCRYPTO_USED(X509_REQ_set_pubkey); -LCRYPTO_USED(X509_REQ_get_pubkey); -LCRYPTO_USED(i2d_re_X509_REQ_tbs); -LCRYPTO_USED(X509_REQ_get0_pubkey); -LCRYPTO_USED(X509_REQ_extension_nid); -LCRYPTO_USED(X509_REQ_get_extensions); -LCRYPTO_USED(X509_REQ_add_extensions_nid); -LCRYPTO_USED(X509_REQ_add_extensions); -LCRYPTO_USED(X509_REQ_get_attr_count); -LCRYPTO_USED(X509_REQ_get_attr_by_NID); -LCRYPTO_USED(X509_REQ_get_attr_by_OBJ); -LCRYPTO_USED(X509_REQ_get_attr); -LCRYPTO_USED(X509_REQ_delete_attr); -LCRYPTO_USED(X509_REQ_add1_attr); -LCRYPTO_USED(X509_REQ_add1_attr_by_OBJ); -LCRYPTO_USED(X509_REQ_add1_attr_by_NID); -LCRYPTO_USED(X509_REQ_add1_attr_by_txt); -LCRYPTO_USED(X509_CRL_set_version); -LCRYPTO_USED(X509_CRL_set_issuer_name); -LCRYPTO_USED(X509_CRL_set_lastUpdate); -LCRYPTO_USED(X509_CRL_set1_lastUpdate); -LCRYPTO_USED(X509_CRL_set_nextUpdate); -LCRYPTO_USED(X509_CRL_set1_nextUpdate); -LCRYPTO_USED(X509_CRL_sort); -LCRYPTO_USED(X509_REVOKED_get0_extensions); -LCRYPTO_USED(X509_REVOKED_get0_revocationDate); -LCRYPTO_USED(X509_REVOKED_get0_serialNumber); -LCRYPTO_USED(X509_REVOKED_set_revocationDate); -LCRYPTO_USED(X509_REVOKED_set_serialNumber); -LCRYPTO_USED(X509_REQ_check_private_key); -LCRYPTO_USED(X509_check_private_key); -LCRYPTO_USED(X509_issuer_and_serial_cmp); -LCRYPTO_USED(X509_issuer_and_serial_hash); -LCRYPTO_USED(X509_issuer_name_cmp); -LCRYPTO_USED(X509_issuer_name_hash); -LCRYPTO_USED(X509_subject_name_cmp); -LCRYPTO_USED(X509_subject_name_hash); -LCRYPTO_USED(X509_issuer_name_hash_old); -LCRYPTO_USED(X509_subject_name_hash_old); -LCRYPTO_USED(X509_cmp); -LCRYPTO_USED(X509_NAME_cmp); -LCRYPTO_USED(X509_NAME_hash); -LCRYPTO_USED(X509_NAME_hash_old); -LCRYPTO_USED(X509_CRL_cmp); -LCRYPTO_USED(X509_CRL_match); -LCRYPTO_USED(X509_NAME_entry_count); -LCRYPTO_USED(X509_NAME_get_text_by_NID); -LCRYPTO_USED(X509_NAME_get_text_by_OBJ); -LCRYPTO_USED(X509_NAME_get_index_by_NID); -LCRYPTO_USED(X509_NAME_get_index_by_OBJ); -LCRYPTO_USED(X509_NAME_get_entry); -LCRYPTO_USED(X509_NAME_delete_entry); -LCRYPTO_USED(X509_NAME_add_entry); -LCRYPTO_USED(X509_NAME_add_entry_by_OBJ); -LCRYPTO_USED(X509_NAME_add_entry_by_NID); -LCRYPTO_USED(X509_NAME_ENTRY_create_by_txt); -LCRYPTO_USED(X509_NAME_ENTRY_create_by_NID); -LCRYPTO_USED(X509_NAME_add_entry_by_txt); -LCRYPTO_USED(X509_NAME_ENTRY_create_by_OBJ); -LCRYPTO_USED(X509_NAME_ENTRY_set_object); -LCRYPTO_USED(X509_NAME_ENTRY_set_data); -LCRYPTO_USED(X509_NAME_ENTRY_get_object); -LCRYPTO_USED(X509_NAME_ENTRY_get_data); -LCRYPTO_USED(X509_NAME_ENTRY_set); -LCRYPTO_USED(X509v3_get_ext_count); -LCRYPTO_USED(X509v3_get_ext_by_NID); -LCRYPTO_USED(X509v3_get_ext_by_OBJ); -LCRYPTO_USED(X509v3_get_ext_by_critical); -LCRYPTO_USED(X509v3_get_ext); -LCRYPTO_USED(X509v3_delete_ext); -LCRYPTO_USED(X509v3_add_ext); -LCRYPTO_USED(X509_get_ext_count); -LCRYPTO_USED(X509_get_ext_by_NID); -LCRYPTO_USED(X509_get_ext_by_OBJ); -LCRYPTO_USED(X509_get_ext_by_critical); -LCRYPTO_USED(X509_get_ext); -LCRYPTO_USED(X509_delete_ext); -LCRYPTO_USED(X509_add_ext); -LCRYPTO_USED(X509_get_ext_d2i); -LCRYPTO_USED(X509_add1_ext_i2d); -LCRYPTO_USED(X509_CRL_get_ext_count); -LCRYPTO_USED(X509_CRL_get_ext_by_NID); -LCRYPTO_USED(X509_CRL_get_ext_by_OBJ); -LCRYPTO_USED(X509_CRL_get_ext_by_critical); -LCRYPTO_USED(X509_CRL_get_ext); -LCRYPTO_USED(X509_CRL_delete_ext); -LCRYPTO_USED(X509_CRL_add_ext); -LCRYPTO_USED(X509_CRL_get_ext_d2i); -LCRYPTO_USED(X509_CRL_add1_ext_i2d); -LCRYPTO_USED(X509_REVOKED_get_ext_count); -LCRYPTO_USED(X509_REVOKED_get_ext_by_NID); -LCRYPTO_USED(X509_REVOKED_get_ext_by_OBJ); -LCRYPTO_USED(X509_REVOKED_get_ext_by_critical); -LCRYPTO_USED(X509_REVOKED_get_ext); -LCRYPTO_USED(X509_REVOKED_delete_ext); -LCRYPTO_USED(X509_REVOKED_add_ext); -LCRYPTO_USED(X509_REVOKED_get_ext_d2i); -LCRYPTO_USED(X509_REVOKED_add1_ext_i2d); -LCRYPTO_USED(X509_EXTENSION_create_by_NID); -LCRYPTO_USED(X509_EXTENSION_create_by_OBJ); -LCRYPTO_USED(X509_EXTENSION_set_object); -LCRYPTO_USED(X509_EXTENSION_set_critical); -LCRYPTO_USED(X509_EXTENSION_set_data); -LCRYPTO_USED(X509_EXTENSION_get_object); -LCRYPTO_USED(X509_EXTENSION_get_data); -LCRYPTO_USED(X509_EXTENSION_get_critical); -LCRYPTO_USED(X509_ATTRIBUTE_create_by_NID); -LCRYPTO_USED(X509_ATTRIBUTE_create_by_OBJ); -LCRYPTO_USED(X509_ATTRIBUTE_create_by_txt); -LCRYPTO_USED(X509_ATTRIBUTE_set1_object); -LCRYPTO_USED(X509_ATTRIBUTE_set1_data); -LCRYPTO_USED(X509_ATTRIBUTE_get0_data); -LCRYPTO_USED(X509_ATTRIBUTE_count); -LCRYPTO_USED(X509_ATTRIBUTE_get0_object); -LCRYPTO_USED(X509_ATTRIBUTE_get0_type); -LCRYPTO_USED(X509_verify_cert); -LCRYPTO_USED(X509_find_by_issuer_and_serial); -LCRYPTO_USED(X509_find_by_subject); -LCRYPTO_USED(X509_up_ref); -LCRYPTO_USED(X509_chain_up_ref); -LCRYPTO_USED(ERR_load_X509_strings); -LCRYPTO_USED(X509_CRL_get_signature_nid); -LCRYPTO_USED(X509_CRL_get0_extensions); -LCRYPTO_USED(X509_CRL_get_version); -LCRYPTO_USED(X509_CRL_get0_lastUpdate); -LCRYPTO_USED(X509_CRL_get0_nextUpdate); -LCRYPTO_USED(X509_CRL_get_lastUpdate); -LCRYPTO_USED(X509_CRL_get_nextUpdate); -LCRYPTO_USED(X509_CRL_get_issuer); -LCRYPTO_USED(X509_CRL_get_REVOKED); -LCRYPTO_USED(X509_CRL_get0_signature); -LCRYPTO_USED(X509_CRL_get0_tbs_sigalg); -LCRYPTO_USED(X509_REQ_get_signature_nid); -LCRYPTO_USED(X509_REQ_get0_signature); -LCRYPTO_USED(X509_CRL_verify); -LCRYPTO_USED(NETSCAPE_SPKI_print); -LCRYPTO_USED(X509_signature_dump); -LCRYPTO_USED(X509_signature_print); -LCRYPTO_USED(d2i_RSA_PUBKEY_fp); -LCRYPTO_USED(i2d_RSA_PUBKEY_fp); -LCRYPTO_USED(d2i_DSA_PUBKEY_fp); -LCRYPTO_USED(i2d_DSA_PUBKEY_fp); -LCRYPTO_USED(d2i_EC_PUBKEY_fp); -LCRYPTO_USED(i2d_EC_PUBKEY_fp); -LCRYPTO_USED(i2d_PUBKEY_fp); -LCRYPTO_USED(d2i_PUBKEY_fp); -LCRYPTO_USED(d2i_RSA_PUBKEY_bio); -LCRYPTO_USED(i2d_RSA_PUBKEY_bio); -LCRYPTO_USED(d2i_DSA_PUBKEY_bio); -LCRYPTO_USED(i2d_DSA_PUBKEY_bio); -LCRYPTO_USED(d2i_EC_PUBKEY_bio); -LCRYPTO_USED(i2d_EC_PUBKEY_bio); -LCRYPTO_USED(i2d_PUBKEY_bio); -LCRYPTO_USED(d2i_PUBKEY_bio); -LCRYPTO_USED(X509_dup); -LCRYPTO_USED(X509_ATTRIBUTE_dup); -LCRYPTO_USED(X509_EXTENSION_dup); -LCRYPTO_USED(X509_CRL_dup); -LCRYPTO_USED(X509_REQ_dup); -LCRYPTO_USED(X509_ALGOR_dup); -LCRYPTO_USED(X509_ALGOR_set0); -LCRYPTO_USED(X509_ALGOR_get0); -LCRYPTO_USED(X509_ALGOR_cmp); -LCRYPTO_USED(X509_NAME_dup); -LCRYPTO_USED(X509_NAME_get0_der); -LCRYPTO_USED(X509_NAME_ENTRY_dup); -LCRYPTO_USED(X509_ALGOR_new); -LCRYPTO_USED(X509_ALGOR_free); -LCRYPTO_USED(d2i_X509_ALGOR); -LCRYPTO_USED(i2d_X509_ALGOR); -LCRYPTO_USED(d2i_X509_ALGORS); -LCRYPTO_USED(i2d_X509_ALGORS); -LCRYPTO_USED(X509_VAL_new); -LCRYPTO_USED(X509_VAL_free); -LCRYPTO_USED(d2i_X509_VAL); -LCRYPTO_USED(i2d_X509_VAL); -LCRYPTO_USED(X509_PUBKEY_new); -LCRYPTO_USED(X509_PUBKEY_free); -LCRYPTO_USED(d2i_X509_PUBKEY); -LCRYPTO_USED(i2d_X509_PUBKEY); -LCRYPTO_USED(X509_PUBKEY_set); -LCRYPTO_USED(X509_PUBKEY_get); -LCRYPTO_USED(X509_PUBKEY_get0); -LCRYPTO_USED(i2d_PUBKEY); -LCRYPTO_USED(d2i_PUBKEY); -LCRYPTO_USED(i2d_RSA_PUBKEY); -LCRYPTO_USED(d2i_RSA_PUBKEY); -LCRYPTO_USED(i2d_DSA_PUBKEY); -LCRYPTO_USED(d2i_DSA_PUBKEY); -LCRYPTO_USED(i2d_EC_PUBKEY); -LCRYPTO_USED(d2i_EC_PUBKEY); -LCRYPTO_USED(X509_SIG_new); -LCRYPTO_USED(X509_SIG_free); -LCRYPTO_USED(d2i_X509_SIG); -LCRYPTO_USED(i2d_X509_SIG); -LCRYPTO_USED(X509_SIG_get0); -LCRYPTO_USED(X509_SIG_getm); -LCRYPTO_USED(X509_REQ_INFO_new); -LCRYPTO_USED(X509_REQ_INFO_free); -LCRYPTO_USED(d2i_X509_REQ_INFO); -LCRYPTO_USED(i2d_X509_REQ_INFO); -LCRYPTO_USED(X509_REQ_new); -LCRYPTO_USED(X509_REQ_free); -LCRYPTO_USED(d2i_X509_REQ); -LCRYPTO_USED(i2d_X509_REQ); -LCRYPTO_USED(X509_ATTRIBUTE_new); -LCRYPTO_USED(X509_ATTRIBUTE_free); -LCRYPTO_USED(d2i_X509_ATTRIBUTE); -LCRYPTO_USED(i2d_X509_ATTRIBUTE); -LCRYPTO_USED(X509_ATTRIBUTE_create); -LCRYPTO_USED(X509_EXTENSION_new); -LCRYPTO_USED(X509_EXTENSION_free); -LCRYPTO_USED(d2i_X509_EXTENSION); -LCRYPTO_USED(i2d_X509_EXTENSION); -LCRYPTO_USED(d2i_X509_EXTENSIONS); -LCRYPTO_USED(i2d_X509_EXTENSIONS); -LCRYPTO_USED(X509_NAME_ENTRY_new); -LCRYPTO_USED(X509_NAME_ENTRY_free); -LCRYPTO_USED(d2i_X509_NAME_ENTRY); -LCRYPTO_USED(i2d_X509_NAME_ENTRY); -LCRYPTO_USED(X509_NAME_new); -LCRYPTO_USED(X509_NAME_free); -LCRYPTO_USED(d2i_X509_NAME); -LCRYPTO_USED(i2d_X509_NAME); -LCRYPTO_USED(X509_NAME_set); -LCRYPTO_USED(X509_CINF_new); -LCRYPTO_USED(X509_CINF_free); -LCRYPTO_USED(d2i_X509_CINF); -LCRYPTO_USED(i2d_X509_CINF); -LCRYPTO_USED(X509_new); -LCRYPTO_USED(X509_free); -LCRYPTO_USED(d2i_X509); -LCRYPTO_USED(i2d_X509); -LCRYPTO_USED(X509_get_ex_new_index); -LCRYPTO_USED(X509_set_ex_data); -LCRYPTO_USED(X509_get_ex_data); -LCRYPTO_USED(i2d_X509_AUX); -LCRYPTO_USED(d2i_X509_AUX); -LCRYPTO_USED(i2d_re_X509_tbs); -LCRYPTO_USED(X509_get_signature_info); -LCRYPTO_USED(X509_get0_signature); -LCRYPTO_USED(X509_get_signature_nid); -LCRYPTO_USED(X509_alias_set1); -LCRYPTO_USED(X509_keyid_set1); -LCRYPTO_USED(X509_alias_get0); -LCRYPTO_USED(X509_keyid_get0); -LCRYPTO_USED(X509_add1_trust_object); -LCRYPTO_USED(X509_add1_reject_object); -LCRYPTO_USED(X509_trust_clear); -LCRYPTO_USED(X509_reject_clear); -LCRYPTO_USED(X509_REVOKED_new); -LCRYPTO_USED(X509_REVOKED_free); -LCRYPTO_USED(X509_REVOKED_dup); -LCRYPTO_USED(d2i_X509_REVOKED); -LCRYPTO_USED(i2d_X509_REVOKED); -LCRYPTO_USED(X509_CRL_INFO_new); -LCRYPTO_USED(X509_CRL_INFO_free); -LCRYPTO_USED(d2i_X509_CRL_INFO); -LCRYPTO_USED(i2d_X509_CRL_INFO); -LCRYPTO_USED(X509_CRL_new); -LCRYPTO_USED(X509_CRL_free); -LCRYPTO_USED(d2i_X509_CRL); -LCRYPTO_USED(i2d_X509_CRL); -LCRYPTO_USED(X509_CRL_add0_revoked); -LCRYPTO_USED(X509_CRL_get0_by_serial); -LCRYPTO_USED(X509_CRL_get0_by_cert); -LCRYPTO_USED(X509_PKEY_new); -LCRYPTO_USED(X509_PKEY_free); -LCRYPTO_USED(NETSCAPE_SPKI_new); -LCRYPTO_USED(NETSCAPE_SPKI_free); -LCRYPTO_USED(d2i_NETSCAPE_SPKI); -LCRYPTO_USED(i2d_NETSCAPE_SPKI); -LCRYPTO_USED(NETSCAPE_SPKAC_new); -LCRYPTO_USED(NETSCAPE_SPKAC_free); -LCRYPTO_USED(d2i_NETSCAPE_SPKAC); -LCRYPTO_USED(i2d_NETSCAPE_SPKAC); -LCRYPTO_USED(X509_INFO_new); -LCRYPTO_USED(X509_INFO_free); -LCRYPTO_USED(ASN1_item_digest); -LCRYPTO_USED(ASN1_item_verify); -LCRYPTO_USED(ASN1_item_sign); -LCRYPTO_USED(ASN1_item_sign_ctx); -LCRYPTO_USED(X509_print_ex_fp); -LCRYPTO_USED(X509_print_fp); -LCRYPTO_USED(X509_CRL_print_fp); -LCRYPTO_USED(X509_REQ_print_fp); -LCRYPTO_USED(X509_NAME_print_ex_fp); -LCRYPTO_USED(X509_NAME_print_ex); -LCRYPTO_USED(X509_print_ex); -LCRYPTO_USED(X509_print); -LCRYPTO_USED(X509_ocspid_print); -LCRYPTO_USED(X509_CRL_print); -LCRYPTO_USED(X509_REQ_print_ex); -LCRYPTO_USED(X509_REQ_print); -LCRYPTO_USED(PKCS8_PRIV_KEY_INFO_new); -LCRYPTO_USED(PKCS8_PRIV_KEY_INFO_free); -LCRYPTO_USED(d2i_PKCS8_PRIV_KEY_INFO); -LCRYPTO_USED(i2d_PKCS8_PRIV_KEY_INFO); -LCRYPTO_USED(EVP_PKCS82PKEY); -LCRYPTO_USED(EVP_PKEY2PKCS8); -LCRYPTO_USED(PKCS8_pkey_set0); -LCRYPTO_USED(PKCS8_pkey_get0); -LCRYPTO_USED(PKCS8_pkey_get0_attrs); -LCRYPTO_USED(PKCS8_pkey_add1_attr_by_NID); -LCRYPTO_USED(X509_PUBKEY_set0_param); -LCRYPTO_USED(X509_PUBKEY_get0_param); -#if defined(LIBRESSL_NAMESPACE) -extern LCRYPTO_USED(X509_ALGOR_it); -extern LCRYPTO_USED(X509_ALGORS_it); -extern LCRYPTO_USED(X509_VAL_it); -extern LCRYPTO_USED(X509_PUBKEY_it); -extern LCRYPTO_USED(X509_SIG_it); -extern LCRYPTO_USED(X509_REQ_INFO_it); -extern LCRYPTO_USED(X509_REQ_it); -extern LCRYPTO_USED(X509_ATTRIBUTE_it); -extern LCRYPTO_USED(X509_EXTENSION_it); -extern LCRYPTO_USED(X509_EXTENSIONS_it); -extern LCRYPTO_USED(X509_NAME_ENTRY_it); -extern LCRYPTO_USED(X509_NAME_it); -extern LCRYPTO_USED(X509_CINF_it); -extern LCRYPTO_USED(X509_it); -extern LCRYPTO_USED(X509_REVOKED_it); -extern LCRYPTO_USED(X509_CRL_INFO_it); -extern LCRYPTO_USED(X509_CRL_it); -extern LCRYPTO_USED(NETSCAPE_SPKI_it); -extern LCRYPTO_USED(NETSCAPE_SPKAC_it); -extern LCRYPTO_USED(PBEPARAM_it); -extern LCRYPTO_USED(PKCS8_PRIV_KEY_INFO_it); -#endif - -#endif /* _LIBCRYPTO_X509_H */ diff --git a/src/lib/libcrypto/hidden/openssl/x509_vfy.h b/src/lib/libcrypto/hidden/openssl/x509_vfy.h deleted file mode 100644 index cc0991518f..0000000000 --- a/src/lib/libcrypto/hidden/openssl/x509_vfy.h +++ /dev/null @@ -1,148 +0,0 @@ -/* $OpenBSD: x509_vfy.h,v 1.10 2025/03/09 15:20:20 tb Exp $ */ -/* - * Copyright (c) 2022 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_X509_VFY_H -#define _LIBCRYPTO_X509_VFY_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/x509_vfy.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(X509_STORE_set_depth); -LCRYPTO_USED(X509_STORE_CTX_set_depth); -LCRYPTO_USED(X509_OBJECT_new); -LCRYPTO_USED(X509_OBJECT_free); -LCRYPTO_USED(X509_OBJECT_idx_by_subject); -LCRYPTO_USED(X509_OBJECT_retrieve_by_subject); -LCRYPTO_USED(X509_OBJECT_retrieve_match); -LCRYPTO_USED(X509_OBJECT_get_type); -LCRYPTO_USED(X509_OBJECT_get0_X509); -LCRYPTO_USED(X509_OBJECT_get0_X509_CRL); -LCRYPTO_USED(X509_STORE_new); -LCRYPTO_USED(X509_STORE_free); -LCRYPTO_USED(X509_STORE_up_ref); -LCRYPTO_USED(X509_STORE_get0_objects); -LCRYPTO_USED(X509_STORE_get1_objects); -LCRYPTO_USED(X509_STORE_get_ex_data); -LCRYPTO_USED(X509_STORE_set_ex_data); -LCRYPTO_USED(X509_STORE_set_flags); -LCRYPTO_USED(X509_STORE_set_purpose); -LCRYPTO_USED(X509_STORE_set_trust); -LCRYPTO_USED(X509_STORE_set1_param); -LCRYPTO_USED(X509_STORE_get0_param); -LCRYPTO_USED(X509_STORE_get_verify_cb); -LCRYPTO_USED(X509_STORE_set_verify_cb); -LCRYPTO_USED(X509_STORE_get_check_issued); -LCRYPTO_USED(X509_STORE_set_check_issued); -LCRYPTO_USED(X509_STORE_CTX_get_check_issued); -LCRYPTO_USED(X509_STORE_CTX_new); -LCRYPTO_USED(X509_STORE_CTX_get1_issuer); -LCRYPTO_USED(X509_STORE_CTX_free); -LCRYPTO_USED(X509_STORE_CTX_init); -LCRYPTO_USED(X509_STORE_CTX_get0_cert); -LCRYPTO_USED(X509_STORE_CTX_get0_chain); -LCRYPTO_USED(X509_STORE_CTX_get0_store); -LCRYPTO_USED(X509_STORE_CTX_get0_untrusted); -LCRYPTO_USED(X509_STORE_CTX_set0_untrusted); -LCRYPTO_USED(X509_STORE_CTX_get1_certs); -LCRYPTO_USED(X509_STORE_CTX_get1_crls); -LCRYPTO_USED(X509_STORE_CTX_trusted_stack); -LCRYPTO_USED(X509_STORE_CTX_set0_trusted_stack); -LCRYPTO_USED(X509_STORE_CTX_cleanup); -LCRYPTO_USED(X509_STORE_add_lookup); -LCRYPTO_USED(X509_LOOKUP_hash_dir); -LCRYPTO_USED(X509_LOOKUP_file); -LCRYPTO_USED(X509_LOOKUP_mem); -LCRYPTO_USED(X509_STORE_add_cert); -LCRYPTO_USED(X509_STORE_add_crl); -LCRYPTO_USED(X509_STORE_CTX_get_by_subject); -LCRYPTO_USED(X509_STORE_CTX_get_obj_by_subject); -LCRYPTO_USED(X509_LOOKUP_ctrl); -LCRYPTO_USED(X509_load_cert_file); -LCRYPTO_USED(X509_load_crl_file); -LCRYPTO_USED(X509_load_cert_crl_file); -LCRYPTO_USED(X509_LOOKUP_free); -LCRYPTO_USED(X509_STORE_load_locations); -LCRYPTO_USED(X509_STORE_load_mem); -LCRYPTO_USED(X509_STORE_set_default_paths); -LCRYPTO_USED(X509_STORE_CTX_get_ex_new_index); -LCRYPTO_USED(X509_STORE_CTX_set_ex_data); -LCRYPTO_USED(X509_STORE_CTX_get_ex_data); -LCRYPTO_USED(X509_STORE_CTX_get_error); -LCRYPTO_USED(X509_STORE_CTX_set_error); -LCRYPTO_USED(X509_STORE_CTX_get_error_depth); -LCRYPTO_USED(X509_STORE_CTX_set_error_depth); -LCRYPTO_USED(X509_STORE_CTX_get_current_cert); -LCRYPTO_USED(X509_STORE_CTX_set_current_cert); -LCRYPTO_USED(X509_STORE_CTX_get0_current_issuer); -LCRYPTO_USED(X509_STORE_CTX_get0_current_crl); -LCRYPTO_USED(X509_STORE_CTX_get0_parent_ctx); -LCRYPTO_USED(X509_STORE_CTX_get_chain); -LCRYPTO_USED(X509_STORE_CTX_get1_chain); -LCRYPTO_USED(X509_STORE_CTX_set_cert); -LCRYPTO_USED(X509_STORE_CTX_set_chain); -LCRYPTO_USED(X509_STORE_CTX_set0_crls); -LCRYPTO_USED(X509_STORE_CTX_set_purpose); -LCRYPTO_USED(X509_STORE_CTX_set_trust); -LCRYPTO_USED(X509_STORE_CTX_set_flags); -LCRYPTO_USED(X509_STORE_CTX_set_time); -LCRYPTO_USED(X509_STORE_CTX_set0_verified_chain); -LCRYPTO_USED(X509_STORE_CTX_get_verify); -LCRYPTO_USED(X509_STORE_CTX_set_verify); -LCRYPTO_USED(X509_STORE_CTX_get_verify_cb); -LCRYPTO_USED(X509_STORE_CTX_set_verify_cb); -LCRYPTO_USED(X509_STORE_set_verify); -LCRYPTO_USED(X509_STORE_get_verify); -LCRYPTO_USED(X509_STORE_CTX_get_num_untrusted); -LCRYPTO_USED(X509_STORE_CTX_get0_param); -LCRYPTO_USED(X509_STORE_CTX_set0_param); -LCRYPTO_USED(X509_STORE_CTX_set_default); -LCRYPTO_USED(X509_VERIFY_PARAM_new); -LCRYPTO_USED(X509_VERIFY_PARAM_free); -LCRYPTO_USED(X509_VERIFY_PARAM_inherit); -LCRYPTO_USED(X509_VERIFY_PARAM_set1); -LCRYPTO_USED(X509_VERIFY_PARAM_set1_name); -LCRYPTO_USED(X509_VERIFY_PARAM_set_flags); -LCRYPTO_USED(X509_VERIFY_PARAM_clear_flags); -LCRYPTO_USED(X509_VERIFY_PARAM_get_flags); -LCRYPTO_USED(X509_VERIFY_PARAM_set_purpose); -LCRYPTO_USED(X509_VERIFY_PARAM_set_trust); -LCRYPTO_USED(X509_VERIFY_PARAM_set_depth); -LCRYPTO_USED(X509_VERIFY_PARAM_set_auth_level); -LCRYPTO_USED(X509_VERIFY_PARAM_get_time); -LCRYPTO_USED(X509_VERIFY_PARAM_set_time); -LCRYPTO_USED(X509_VERIFY_PARAM_add0_policy); -LCRYPTO_USED(X509_VERIFY_PARAM_set1_policies); -LCRYPTO_USED(X509_VERIFY_PARAM_get_depth); -LCRYPTO_USED(X509_VERIFY_PARAM_set1_host); -LCRYPTO_USED(X509_VERIFY_PARAM_add1_host); -LCRYPTO_USED(X509_VERIFY_PARAM_set_hostflags); -LCRYPTO_USED(X509_VERIFY_PARAM_get0_peername); -LCRYPTO_USED(X509_VERIFY_PARAM_set1_email); -LCRYPTO_USED(X509_VERIFY_PARAM_set1_ip); -LCRYPTO_USED(X509_VERIFY_PARAM_set1_ip_asc); -LCRYPTO_USED(X509_VERIFY_PARAM_get0_name); -LCRYPTO_USED(X509_VERIFY_PARAM_get0); -LCRYPTO_USED(X509_VERIFY_PARAM_get_count); -LCRYPTO_USED(X509_VERIFY_PARAM_add0_table); -LCRYPTO_USED(X509_VERIFY_PARAM_lookup); -LCRYPTO_USED(X509_VERIFY_PARAM_table_cleanup); - -#endif /* _LIBCRYPTO_X509_VFY_H */ diff --git a/src/lib/libcrypto/hidden/openssl/x509v3.h b/src/lib/libcrypto/hidden/openssl/x509v3.h deleted file mode 100644 index 9f5a1ffdbc..0000000000 --- a/src/lib/libcrypto/hidden/openssl/x509v3.h +++ /dev/null @@ -1,276 +0,0 @@ -/* $OpenBSD: x509v3.h,v 1.15 2024/08/31 10:03:03 tb Exp $ */ -/* - * Copyright (c) 2022 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_X509V3_H -#define _LIBCRYPTO_X509V3_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/x509v3.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(BASIC_CONSTRAINTS_new); -LCRYPTO_USED(BASIC_CONSTRAINTS_free); -LCRYPTO_USED(d2i_BASIC_CONSTRAINTS); -LCRYPTO_USED(i2d_BASIC_CONSTRAINTS); -LCRYPTO_USED(AUTHORITY_KEYID_new); -LCRYPTO_USED(AUTHORITY_KEYID_free); -LCRYPTO_USED(d2i_AUTHORITY_KEYID); -LCRYPTO_USED(i2d_AUTHORITY_KEYID); -LCRYPTO_USED(PKEY_USAGE_PERIOD_new); -LCRYPTO_USED(PKEY_USAGE_PERIOD_free); -LCRYPTO_USED(d2i_PKEY_USAGE_PERIOD); -LCRYPTO_USED(i2d_PKEY_USAGE_PERIOD); -LCRYPTO_USED(GENERAL_NAME_new); -LCRYPTO_USED(GENERAL_NAME_free); -LCRYPTO_USED(d2i_GENERAL_NAME); -LCRYPTO_USED(i2d_GENERAL_NAME); -LCRYPTO_USED(GENERAL_NAME_dup); -LCRYPTO_USED(GENERAL_NAME_cmp); -LCRYPTO_USED(v2i_ASN1_BIT_STRING); -LCRYPTO_USED(i2v_ASN1_BIT_STRING); -LCRYPTO_USED(i2v_GENERAL_NAME); -LCRYPTO_USED(GENERAL_NAME_print); -LCRYPTO_USED(GENERAL_NAMES_new); -LCRYPTO_USED(GENERAL_NAMES_free); -LCRYPTO_USED(d2i_GENERAL_NAMES); -LCRYPTO_USED(i2d_GENERAL_NAMES); -LCRYPTO_USED(i2v_GENERAL_NAMES); -LCRYPTO_USED(v2i_GENERAL_NAMES); -LCRYPTO_USED(OTHERNAME_new); -LCRYPTO_USED(OTHERNAME_free); -LCRYPTO_USED(d2i_OTHERNAME); -LCRYPTO_USED(i2d_OTHERNAME); -LCRYPTO_USED(EDIPARTYNAME_new); -LCRYPTO_USED(EDIPARTYNAME_free); -LCRYPTO_USED(d2i_EDIPARTYNAME); -LCRYPTO_USED(i2d_EDIPARTYNAME); -LCRYPTO_USED(OTHERNAME_cmp); -LCRYPTO_USED(GENERAL_NAME_set0_value); -LCRYPTO_USED(GENERAL_NAME_get0_value); -LCRYPTO_USED(GENERAL_NAME_set0_othername); -LCRYPTO_USED(GENERAL_NAME_get0_otherName); -LCRYPTO_USED(i2s_ASN1_OCTET_STRING); -LCRYPTO_USED(s2i_ASN1_OCTET_STRING); -LCRYPTO_USED(EXTENDED_KEY_USAGE_new); -LCRYPTO_USED(EXTENDED_KEY_USAGE_free); -LCRYPTO_USED(d2i_EXTENDED_KEY_USAGE); -LCRYPTO_USED(i2d_EXTENDED_KEY_USAGE); -LCRYPTO_USED(i2a_ACCESS_DESCRIPTION); -LCRYPTO_USED(CERTIFICATEPOLICIES_new); -LCRYPTO_USED(CERTIFICATEPOLICIES_free); -LCRYPTO_USED(d2i_CERTIFICATEPOLICIES); -LCRYPTO_USED(i2d_CERTIFICATEPOLICIES); -LCRYPTO_USED(POLICYINFO_new); -LCRYPTO_USED(POLICYINFO_free); -LCRYPTO_USED(d2i_POLICYINFO); -LCRYPTO_USED(i2d_POLICYINFO); -LCRYPTO_USED(POLICYQUALINFO_new); -LCRYPTO_USED(POLICYQUALINFO_free); -LCRYPTO_USED(d2i_POLICYQUALINFO); -LCRYPTO_USED(i2d_POLICYQUALINFO); -LCRYPTO_USED(USERNOTICE_new); -LCRYPTO_USED(USERNOTICE_free); -LCRYPTO_USED(d2i_USERNOTICE); -LCRYPTO_USED(i2d_USERNOTICE); -LCRYPTO_USED(NOTICEREF_new); -LCRYPTO_USED(NOTICEREF_free); -LCRYPTO_USED(d2i_NOTICEREF); -LCRYPTO_USED(i2d_NOTICEREF); -LCRYPTO_USED(CRL_DIST_POINTS_new); -LCRYPTO_USED(CRL_DIST_POINTS_free); -LCRYPTO_USED(d2i_CRL_DIST_POINTS); -LCRYPTO_USED(i2d_CRL_DIST_POINTS); -LCRYPTO_USED(DIST_POINT_new); -LCRYPTO_USED(DIST_POINT_free); -LCRYPTO_USED(d2i_DIST_POINT); -LCRYPTO_USED(i2d_DIST_POINT); -LCRYPTO_USED(DIST_POINT_NAME_new); -LCRYPTO_USED(DIST_POINT_NAME_free); -LCRYPTO_USED(d2i_DIST_POINT_NAME); -LCRYPTO_USED(i2d_DIST_POINT_NAME); -LCRYPTO_USED(ISSUING_DIST_POINT_new); -LCRYPTO_USED(ISSUING_DIST_POINT_free); -LCRYPTO_USED(d2i_ISSUING_DIST_POINT); -LCRYPTO_USED(i2d_ISSUING_DIST_POINT); -LCRYPTO_USED(DIST_POINT_set_dpname); -LCRYPTO_USED(NAME_CONSTRAINTS_check); -LCRYPTO_USED(ACCESS_DESCRIPTION_new); -LCRYPTO_USED(ACCESS_DESCRIPTION_free); -LCRYPTO_USED(d2i_ACCESS_DESCRIPTION); -LCRYPTO_USED(i2d_ACCESS_DESCRIPTION); -LCRYPTO_USED(AUTHORITY_INFO_ACCESS_new); -LCRYPTO_USED(AUTHORITY_INFO_ACCESS_free); -LCRYPTO_USED(d2i_AUTHORITY_INFO_ACCESS); -LCRYPTO_USED(i2d_AUTHORITY_INFO_ACCESS); -LCRYPTO_USED(POLICY_MAPPING_new); -LCRYPTO_USED(POLICY_MAPPING_free); -LCRYPTO_USED(GENERAL_SUBTREE_new); -LCRYPTO_USED(GENERAL_SUBTREE_free); -LCRYPTO_USED(NAME_CONSTRAINTS_new); -LCRYPTO_USED(NAME_CONSTRAINTS_free); -LCRYPTO_USED(POLICY_CONSTRAINTS_new); -LCRYPTO_USED(POLICY_CONSTRAINTS_free); -LCRYPTO_USED(a2i_GENERAL_NAME); -LCRYPTO_USED(v2i_GENERAL_NAME); -LCRYPTO_USED(v2i_GENERAL_NAME_ex); -LCRYPTO_USED(X509V3_conf_free); -LCRYPTO_USED(X509V3_EXT_nconf_nid); -LCRYPTO_USED(X509V3_EXT_nconf); -LCRYPTO_USED(X509V3_EXT_add_nconf_sk); -LCRYPTO_USED(X509V3_EXT_add_nconf); -LCRYPTO_USED(X509V3_EXT_REQ_add_nconf); -LCRYPTO_USED(X509V3_EXT_CRL_add_nconf); -LCRYPTO_USED(X509V3_EXT_conf_nid); -LCRYPTO_USED(X509V3_EXT_conf); -LCRYPTO_USED(X509V3_set_nconf); -LCRYPTO_USED(X509V3_set_ctx); -LCRYPTO_USED(i2s_ASN1_INTEGER); -LCRYPTO_USED(s2i_ASN1_INTEGER); -LCRYPTO_USED(i2s_ASN1_ENUMERATED); -LCRYPTO_USED(i2s_ASN1_ENUMERATED_TABLE); -LCRYPTO_USED(X509V3_EXT_get); -LCRYPTO_USED(X509V3_EXT_get_nid); -LCRYPTO_USED(X509V3_add_standard_extensions); -LCRYPTO_USED(X509V3_parse_list); -LCRYPTO_USED(X509V3_EXT_d2i); -LCRYPTO_USED(X509V3_get_d2i); -LCRYPTO_USED(X509V3_EXT_i2d); -LCRYPTO_USED(X509V3_add1_i2d); -LCRYPTO_USED(hex_to_string); -LCRYPTO_USED(string_to_hex); -LCRYPTO_USED(X509V3_EXT_val_prn); -LCRYPTO_USED(X509V3_EXT_print); -LCRYPTO_USED(X509V3_EXT_print_fp); -LCRYPTO_USED(X509V3_extensions_print); -LCRYPTO_USED(X509_check_ca); -LCRYPTO_USED(X509_check_purpose); -LCRYPTO_USED(X509_supported_extension); -LCRYPTO_USED(X509_check_issued); -LCRYPTO_USED(X509_check_akid); -LCRYPTO_USED(X509_PURPOSE_get_count); -LCRYPTO_USED(X509_PURPOSE_get0); -LCRYPTO_USED(X509_PURPOSE_get_by_sname); -LCRYPTO_USED(X509_PURPOSE_get0_name); -LCRYPTO_USED(X509_PURPOSE_get0_sname); -LCRYPTO_USED(X509_PURPOSE_get_id); -LCRYPTO_USED(X509_get_extension_flags); -LCRYPTO_USED(X509_get_key_usage); -LCRYPTO_USED(X509_get_extended_key_usage); -LCRYPTO_USED(X509_get1_email); -LCRYPTO_USED(X509_REQ_get1_email); -LCRYPTO_USED(X509_email_free); -LCRYPTO_USED(X509_get1_ocsp); -LCRYPTO_USED(X509_check_host); -LCRYPTO_USED(X509_check_email); -LCRYPTO_USED(X509_check_ip); -LCRYPTO_USED(X509_check_ip_asc); -LCRYPTO_USED(a2i_IPADDRESS); -LCRYPTO_USED(a2i_IPADDRESS_NC); -LCRYPTO_USED(a2i_ipadd); -LCRYPTO_USED(X509V3_NAME_from_section); -LCRYPTO_USED(ASRange_new); -LCRYPTO_USED(ASRange_free); -LCRYPTO_USED(d2i_ASRange); -LCRYPTO_USED(i2d_ASRange); -LCRYPTO_USED(ASIdOrRange_new); -LCRYPTO_USED(ASIdOrRange_free); -LCRYPTO_USED(d2i_ASIdOrRange); -LCRYPTO_USED(i2d_ASIdOrRange); -LCRYPTO_USED(ASIdentifierChoice_new); -LCRYPTO_USED(ASIdentifierChoice_free); -LCRYPTO_USED(d2i_ASIdentifierChoice); -LCRYPTO_USED(i2d_ASIdentifierChoice); -LCRYPTO_USED(ASIdentifiers_new); -LCRYPTO_USED(ASIdentifiers_free); -LCRYPTO_USED(d2i_ASIdentifiers); -LCRYPTO_USED(i2d_ASIdentifiers); -LCRYPTO_USED(IPAddressRange_new); -LCRYPTO_USED(IPAddressRange_free); -LCRYPTO_USED(d2i_IPAddressRange); -LCRYPTO_USED(i2d_IPAddressRange); -LCRYPTO_USED(IPAddressOrRange_new); -LCRYPTO_USED(IPAddressOrRange_free); -LCRYPTO_USED(d2i_IPAddressOrRange); -LCRYPTO_USED(i2d_IPAddressOrRange); -LCRYPTO_USED(IPAddressChoice_new); -LCRYPTO_USED(IPAddressChoice_free); -LCRYPTO_USED(d2i_IPAddressChoice); -LCRYPTO_USED(i2d_IPAddressChoice); -LCRYPTO_USED(IPAddressFamily_new); -LCRYPTO_USED(IPAddressFamily_free); -LCRYPTO_USED(d2i_IPAddressFamily); -LCRYPTO_USED(i2d_IPAddressFamily); -LCRYPTO_USED(X509v3_asid_add_inherit); -LCRYPTO_USED(X509v3_asid_add_id_or_range); -LCRYPTO_USED(X509v3_addr_add_inherit); -LCRYPTO_USED(X509v3_addr_add_prefix); -LCRYPTO_USED(X509v3_addr_add_range); -LCRYPTO_USED(X509v3_addr_get_afi); -LCRYPTO_USED(X509v3_addr_get_range); -LCRYPTO_USED(X509v3_asid_is_canonical); -LCRYPTO_USED(X509v3_addr_is_canonical); -LCRYPTO_USED(X509v3_asid_canonize); -LCRYPTO_USED(X509v3_addr_canonize); -LCRYPTO_USED(X509v3_asid_inherits); -LCRYPTO_USED(X509v3_addr_inherits); -LCRYPTO_USED(X509v3_asid_subset); -LCRYPTO_USED(X509v3_addr_subset); -LCRYPTO_USED(X509v3_asid_validate_path); -LCRYPTO_USED(X509v3_addr_validate_path); -LCRYPTO_USED(X509v3_asid_validate_resource_set); -LCRYPTO_USED(X509v3_addr_validate_resource_set); -LCRYPTO_USED(ERR_load_X509V3_strings); -#if defined(LIBRESSL_NAMESPACE) -extern LCRYPTO_USED(BASIC_CONSTRAINTS_it); -extern LCRYPTO_USED(AUTHORITY_KEYID_it); -extern LCRYPTO_USED(PKEY_USAGE_PERIOD_it); -extern LCRYPTO_USED(GENERAL_NAME_it); -extern LCRYPTO_USED(GENERAL_NAMES_it); -extern LCRYPTO_USED(OTHERNAME_it); -extern LCRYPTO_USED(EDIPARTYNAME_it); -extern LCRYPTO_USED(EXTENDED_KEY_USAGE_it); -extern LCRYPTO_USED(CERTIFICATEPOLICIES_it); -extern LCRYPTO_USED(POLICYINFO_it); -extern LCRYPTO_USED(POLICYQUALINFO_it); -extern LCRYPTO_USED(USERNOTICE_it); -extern LCRYPTO_USED(NOTICEREF_it); -extern LCRYPTO_USED(CRL_DIST_POINTS_it); -extern LCRYPTO_USED(DIST_POINT_it); -extern LCRYPTO_USED(DIST_POINT_NAME_it); -extern LCRYPTO_USED(DIST_POINT_it); -extern LCRYPTO_USED(ISSUING_DIST_POINT_it); -extern LCRYPTO_USED(ACCESS_DESCRIPTION_it); -extern LCRYPTO_USED(AUTHORITY_INFO_ACCESS_it); -extern LCRYPTO_USED(POLICY_MAPPING_it); -extern LCRYPTO_USED(POLICY_MAPPINGS_it); -extern LCRYPTO_USED(GENERAL_SUBTREE_it); -extern LCRYPTO_USED(NAME_CONSTRAINTS_it); -extern LCRYPTO_USED(POLICY_CONSTRAINTS_it); -extern LCRYPTO_USED(ASRange_it); -extern LCRYPTO_USED(ASIdOrRange_it); -extern LCRYPTO_USED(ASIdentifierChoice_it); -extern LCRYPTO_USED(ASIdentifiers_it); -extern LCRYPTO_USED(IPAddressRange_it); -extern LCRYPTO_USED(IPAddressOrRange_it); -extern LCRYPTO_USED(IPAddressChoice_it); -extern LCRYPTO_USED(IPAddressFamily_it); -#endif - -#endif /* _LIBCRYPTO_X509V3_H */ diff --git a/src/lib/libcrypto/hkdf/hkdf.c b/src/lib/libcrypto/hkdf/hkdf.c deleted file mode 100644 index 6104ef0cc7..0000000000 --- a/src/lib/libcrypto/hkdf/hkdf.c +++ /dev/null @@ -1,135 +0,0 @@ -/* $OpenBSD: hkdf.c,v 1.11 2024/03/25 13:09:13 jsing Exp $ */ -/* - * Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include - -#include -#include - -#include "bytestring.h" -#include "evp_local.h" -#include "hmac_local.h" - -/* https://tools.ietf.org/html/rfc5869#section-2 */ -int -HKDF(uint8_t *out_key, size_t out_len, const EVP_MD *digest, - const uint8_t *secret, size_t secret_len, const uint8_t *salt, - size_t salt_len, const uint8_t *info, size_t info_len) -{ - uint8_t prk[EVP_MAX_MD_SIZE]; - size_t prk_len; - - if (!HKDF_extract(prk, &prk_len, digest, secret, secret_len, salt, - salt_len)) - return 0; - if (!HKDF_expand(out_key, out_len, digest, prk, prk_len, info, - info_len)) - return 0; - - return 1; -} -LCRYPTO_ALIAS(HKDF); - -/* https://tools.ietf.org/html/rfc5869#section-2.2 */ -int -HKDF_extract(uint8_t *out_key, size_t *out_len, - const EVP_MD *digest, const uint8_t *secret, size_t secret_len, - const uint8_t *salt, size_t salt_len) -{ - unsigned int len; - - /* - * If salt is not given, HashLength zeros are used. However, HMAC does - * that internally already so we can ignore it. - */ - if (HMAC(digest, salt, salt_len, secret, secret_len, out_key, &len) == - NULL) { - CRYPTOerror(ERR_R_CRYPTO_LIB); - return 0; - } - *out_len = len; - return 1; -} -LCRYPTO_ALIAS(HKDF_extract); - -/* https://tools.ietf.org/html/rfc5869#section-2.3 */ -int -HKDF_expand(uint8_t *out_key, size_t out_len, - const EVP_MD *digest, const uint8_t *prk, size_t prk_len, - const uint8_t *info, size_t info_len) -{ - const size_t digest_len = EVP_MD_size(digest); - uint8_t out_hmac[EVP_MAX_MD_SIZE]; - size_t n, remaining; - uint8_t ctr; - HMAC_CTX *hmac = NULL; - CBB cbb; - int ret = 0; - - if (!CBB_init_fixed(&cbb, out_key, out_len)) - goto err; - - if ((hmac = HMAC_CTX_new()) == NULL) - goto err; - if (!HMAC_Init_ex(hmac, prk, prk_len, digest, NULL)) - goto err; - - remaining = out_len; - ctr = 0; - - /* Expand key material to desired length. */ - while (remaining > 0) { - if (++ctr == 0) { - CRYPTOerror(EVP_R_TOO_LARGE); - goto err; - } - - if (!HMAC_Update(hmac, info, info_len)) - goto err; - if (!HMAC_Update(hmac, &ctr, 1)) - goto err; - if (!HMAC_Final(hmac, out_hmac, NULL)) - goto err; - - if ((n = remaining) > digest_len) - n = digest_len; - - if (!CBB_add_bytes(&cbb, out_hmac, n)) - goto err; - - remaining -= n; - - if (remaining > 0) { - if (!HMAC_Init_ex(hmac, NULL, 0, NULL, NULL)) - goto err; - if (!HMAC_Update(hmac, out_hmac, digest_len)) - goto err; - } - } - - ret = 1; - - err: - CBB_cleanup(&cbb); - HMAC_CTX_free(hmac); - explicit_bzero(out_hmac, sizeof(out_hmac)); - - return ret; -} -LCRYPTO_ALIAS(HKDF_expand); diff --git a/src/lib/libcrypto/hkdf/hkdf.h b/src/lib/libcrypto/hkdf/hkdf.h deleted file mode 100644 index 6cec526e3e..0000000000 --- a/src/lib/libcrypto/hkdf/hkdf.h +++ /dev/null @@ -1,65 +0,0 @@ -/* $OpenBSD: hkdf.h,v 1.3 2023/08/11 04:52:08 tb Exp $ */ -/* Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -#ifndef OPENSSL_HEADER_HKDF_H -#define OPENSSL_HEADER_HKDF_H - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - -/* - * HKDF computes HKDF (as specified by RFC 5869) of initial keying - * material |secret| with |salt| and |info| using |digest|, and - * outputs |out_len| bytes to |out_key|. It returns one on success and - * zero on error. - * - * HKDF is an Extract-and-Expand algorithm. It does not do any key - * stretching, and as such, is not suited to be used alone to generate - * a key from a password. - */ - -int HKDF(uint8_t *out_key, size_t out_len, const EVP_MD *digest, - const uint8_t *secret, size_t secret_len, const uint8_t *salt, - size_t salt_len, const uint8_t *info, size_t info_len); - -/* - * HKDF_extract computes a HKDF PRK (as specified by RFC 5869) from - * initial keying material |secret| and salt |salt| using |digest|, - * and outputs |out_len| bytes to |out_key|. The maximum output size - * is |EVP_MAX_MD_SIZE|. It returns one on success and zero on error. - */ -int HKDF_extract(uint8_t *out_key, size_t *out_len, const EVP_MD *digest, - const uint8_t *secret, size_t secret_len, - const uint8_t *salt, size_t salt_len); - -/* - * HKDF_expand computes a HKDF OKM (as specified by RFC 5869) of - * length |out_len| from the PRK |prk| and info |info| using |digest|, - * and outputs the result to |out_key|. It returns one on success and - * zero on error. - */ -int HKDF_expand(uint8_t *out_key, size_t out_len, - const EVP_MD *digest, const uint8_t *prk, size_t prk_len, - const uint8_t *info, size_t info_len); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_HKDF_H */ diff --git a/src/lib/libcrypto/hmac/hm_ameth.c b/src/lib/libcrypto/hmac/hm_ameth.c deleted file mode 100644 index 8bb1dc786f..0000000000 --- a/src/lib/libcrypto/hmac/hm_ameth.c +++ /dev/null @@ -1,171 +0,0 @@ -/* $OpenBSD: hm_ameth.c,v 1.20 2024/01/04 17:01:26 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2007. - */ -/* ==================================================================== - * Copyright (c) 2007 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include - -#include -#include - -#include "asn1_local.h" -#include "bytestring.h" -#include "evp_local.h" -#include "hmac_local.h" - -static int -hmac_pkey_public_cmp(const EVP_PKEY *a, const EVP_PKEY *b) -{ - /* The ameth pub_cmp must return 1 on match, 0 on mismatch. */ - return ASN1_OCTET_STRING_cmp(a->pkey.ptr, b->pkey.ptr) == 0; -} - -static int -hmac_size(const EVP_PKEY *pkey) -{ - return EVP_MAX_MD_SIZE; -} - -static void -hmac_key_free(EVP_PKEY *pkey) -{ - ASN1_OCTET_STRING *os; - - if ((os = pkey->pkey.ptr) == NULL) - return; - - if (os->data != NULL) - explicit_bzero(os->data, os->length); - - ASN1_OCTET_STRING_free(os); -} - -static int -hmac_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) -{ - switch (op) { - case ASN1_PKEY_CTRL_DEFAULT_MD_NID: - *(int *)arg2 = NID_sha1; - return 1; - default: - return -2; - } -} - -static int -hmac_set_priv_key(EVP_PKEY *pkey, const unsigned char *priv, size_t len) -{ - ASN1_OCTET_STRING *os = NULL; - - if (pkey->pkey.ptr != NULL) - goto err; - - if (len > INT_MAX) - goto err; - - if ((os = ASN1_OCTET_STRING_new()) == NULL) - goto err; - - if (!ASN1_OCTET_STRING_set(os, priv, len)) - goto err; - - pkey->pkey.ptr = os; - - return 1; - - err: - ASN1_OCTET_STRING_free(os); - - return 0; -} - -static int -hmac_get_priv_key(const EVP_PKEY *pkey, unsigned char *priv, size_t *len) -{ - ASN1_OCTET_STRING *os; - CBS cbs; - - if ((os = pkey->pkey.ptr) == NULL) - return 0; - - if (priv == NULL) { - *len = os->length; - return 1; - } - - CBS_init(&cbs, os->data, os->length); - return CBS_write_bytes(&cbs, priv, *len, len); -} - -const EVP_PKEY_ASN1_METHOD hmac_asn1_meth = { - .base_method = &hmac_asn1_meth, - .pkey_id = EVP_PKEY_HMAC, - - .pem_str = "HMAC", - .info = "OpenSSL HMAC method", - - .pub_cmp = hmac_pkey_public_cmp, - - .pkey_size = hmac_size, - - .pkey_free = hmac_key_free, - .pkey_ctrl = hmac_pkey_ctrl, - - .set_priv_key = hmac_set_priv_key, - .get_priv_key = hmac_get_priv_key, -}; diff --git a/src/lib/libcrypto/hmac/hm_pmeth.c b/src/lib/libcrypto/hmac/hm_pmeth.c deleted file mode 100644 index 05eb1bf85d..0000000000 --- a/src/lib/libcrypto/hmac/hm_pmeth.c +++ /dev/null @@ -1,261 +0,0 @@ -/* $OpenBSD: hm_pmeth.c,v 1.17 2023/12/28 22:00:56 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2007. - */ -/* ==================================================================== - * Copyright (c) 2007 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include -#include - -#include "evp_local.h" -#include "hmac_local.h" - -/* HMAC pkey context structure */ - -typedef struct { - const EVP_MD *md; /* MD for HMAC use */ - ASN1_OCTET_STRING ktmp; /* Temp storage for key */ - HMAC_CTX ctx; -} HMAC_PKEY_CTX; - -static int -pkey_hmac_init(EVP_PKEY_CTX *ctx) -{ - HMAC_PKEY_CTX *hctx; - - if ((hctx = calloc(1, sizeof(HMAC_PKEY_CTX))) == NULL) - return 0; - - hctx->ktmp.type = V_ASN1_OCTET_STRING; - HMAC_CTX_init(&hctx->ctx); - - ctx->data = hctx; - ctx->keygen_info_count = 0; - - return 1; -} - -static int -pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) -{ - HMAC_PKEY_CTX *sctx, *dctx; - - if (!pkey_hmac_init(dst)) - return 0; - sctx = src->data; - dctx = dst->data; - dctx->md = sctx->md; - HMAC_CTX_init(&dctx->ctx); - if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx)) - return 0; - if (sctx->ktmp.data) { - if (!ASN1_OCTET_STRING_set(&dctx->ktmp, sctx->ktmp.data, - sctx->ktmp.length)) - return 0; - } - return 1; -} - -static void -pkey_hmac_cleanup(EVP_PKEY_CTX *ctx) -{ - HMAC_PKEY_CTX *hctx; - - if ((hctx = ctx->data) == NULL) - return; - - HMAC_CTX_cleanup(&hctx->ctx); - freezero(hctx->ktmp.data, hctx->ktmp.length); - free(hctx); -} - -static int -pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -{ - ASN1_OCTET_STRING *hkey = NULL; - HMAC_PKEY_CTX *hctx = ctx->data; - int ret = 0; - - if (hctx->ktmp.data == NULL) - goto err; - if ((hkey = ASN1_OCTET_STRING_dup(&hctx->ktmp)) == NULL) - goto err; - if (!EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, hkey)) - goto err; - hkey = NULL; - - ret = 1; - - err: - ASN1_OCTET_STRING_free(hkey); - - return ret; -} - -static int -int_update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ - HMAC_PKEY_CTX *hctx = ctx->pctx->data; - - if (!HMAC_Update(&hctx->ctx, data, count)) - return 0; - return 1; -} - -static int -hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) -{ - HMAC_PKEY_CTX *hctx = ctx->data; - - HMAC_CTX_set_flags(&hctx->ctx, mctx->flags & ~EVP_MD_CTX_FLAG_NO_INIT); - EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT); - mctx->update = int_update; - return 1; -} - -static int -hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - EVP_MD_CTX *mctx) -{ - unsigned int hlen; - HMAC_PKEY_CTX *hctx = ctx->data; - int l = EVP_MD_CTX_size(mctx); - - if (l < 0) - return 0; - *siglen = l; - if (!sig) - return 1; - - if (!HMAC_Final(&hctx->ctx, sig, &hlen)) - return 0; - *siglen = (size_t)hlen; - return 1; -} - -static int -pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) -{ - HMAC_PKEY_CTX *hctx = ctx->data; - ASN1_OCTET_STRING *key; - - switch (type) { - case EVP_PKEY_CTRL_SET_MAC_KEY: - if ((!p2 && p1 > 0) || (p1 < -1)) - return 0; - if (!ASN1_OCTET_STRING_set(&hctx->ktmp, p2, p1)) - return 0; - break; - - case EVP_PKEY_CTRL_MD: - hctx->md = p2; - break; - - case EVP_PKEY_CTRL_DIGESTINIT: - key = ctx->pkey->pkey.ptr; - if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md, - NULL)) - return 0; - break; - - default: - return -2; - } - return 1; -} - -static int -pkey_hmac_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value) -{ - if (!value) - return 0; - if (!strcmp(type, "key")) { - void *p = (void *)value; - return pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, -1, p); - } - if (!strcmp(type, "hexkey")) { - unsigned char *key; - int r; - long keylen; - key = string_to_hex(value, &keylen); - if (!key) - return 0; - r = pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key); - free(key); - return r; - } - return -2; -} - -const EVP_PKEY_METHOD hmac_pkey_meth = { - .pkey_id = EVP_PKEY_HMAC, - - .init = pkey_hmac_init, - .copy = pkey_hmac_copy, - .cleanup = pkey_hmac_cleanup, - - .keygen = pkey_hmac_keygen, - - .signctx_init = hmac_signctx_init, - .signctx = hmac_signctx, - - .ctrl = pkey_hmac_ctrl, - .ctrl_str = pkey_hmac_ctrl_str -}; diff --git a/src/lib/libcrypto/hmac/hmac.c b/src/lib/libcrypto/hmac/hmac.c deleted file mode 100644 index dc1614d3ce..0000000000 --- a/src/lib/libcrypto/hmac/hmac.c +++ /dev/null @@ -1,276 +0,0 @@ -/* $OpenBSD: hmac.c,v 1.36 2024/08/31 10:42:21 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include -#include - -#include "evp_local.h" -#include "hmac_local.h" - -int -HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md, - ENGINE *impl) -{ - int i, j, reset = 0; - unsigned char pad[HMAC_MAX_MD_CBLOCK]; - - /* If we are changing MD then we must have a key */ - if (md != NULL && md != ctx->md && (key == NULL || len < 0)) - return 0; - - if (md != NULL) { - reset = 1; - ctx->md = md; - } else if (ctx->md != NULL) - md = ctx->md; - else - return 0; - - if (key != NULL) { - reset = 1; - j = EVP_MD_block_size(md); - if ((size_t)j > sizeof(ctx->key)) { - EVPerror(EVP_R_BAD_BLOCK_LENGTH); - goto err; - } - if (j < len) { - if (!EVP_DigestInit_ex(&ctx->md_ctx, md, impl)) - goto err; - if (!EVP_DigestUpdate(&ctx->md_ctx, key, len)) - goto err; - if (!EVP_DigestFinal_ex(&(ctx->md_ctx), ctx->key, - &ctx->key_length)) - goto err; - } else { - if (len < 0 || (size_t)len > sizeof(ctx->key)) { - EVPerror(EVP_R_BAD_KEY_LENGTH); - goto err; - } - memcpy(ctx->key, key, len); - ctx->key_length = len; - } - if (ctx->key_length != HMAC_MAX_MD_CBLOCK) - memset(&ctx->key[ctx->key_length], 0, - HMAC_MAX_MD_CBLOCK - ctx->key_length); - } - - if (reset) { - for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++) - pad[i] = 0x36 ^ ctx->key[i]; - if (!EVP_DigestInit_ex(&ctx->i_ctx, md, impl)) - goto err; - if (!EVP_DigestUpdate(&ctx->i_ctx, pad, EVP_MD_block_size(md))) - goto err; - - for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++) - pad[i] = 0x5c ^ ctx->key[i]; - if (!EVP_DigestInit_ex(&ctx->o_ctx, md, impl)) - goto err; - if (!EVP_DigestUpdate(&ctx->o_ctx, pad, EVP_MD_block_size(md))) - goto err; - } - if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->i_ctx)) - goto err; - return 1; -err: - return 0; -} -LCRYPTO_ALIAS(HMAC_Init_ex); - -int -HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len) -{ - if (ctx->md == NULL) - return 0; - - return EVP_DigestUpdate(&ctx->md_ctx, data, len); -} -LCRYPTO_ALIAS(HMAC_Update); - -int -HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len) -{ - unsigned int i; - unsigned char buf[EVP_MAX_MD_SIZE]; - - if (ctx->md == NULL) - goto err; - - if (!EVP_DigestFinal_ex(&ctx->md_ctx, buf, &i)) - goto err; - if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->o_ctx)) - goto err; - if (!EVP_DigestUpdate(&ctx->md_ctx, buf, i)) - goto err; - if (!EVP_DigestFinal_ex(&ctx->md_ctx, md, len)) - goto err; - return 1; -err: - return 0; -} -LCRYPTO_ALIAS(HMAC_Final); - -HMAC_CTX * -HMAC_CTX_new(void) -{ - return calloc(1, sizeof(HMAC_CTX)); -} -LCRYPTO_ALIAS(HMAC_CTX_new); - -void -HMAC_CTX_free(HMAC_CTX *ctx) -{ - if (ctx == NULL) - return; - - HMAC_CTX_cleanup(ctx); - - free(ctx); -} -LCRYPTO_ALIAS(HMAC_CTX_free); - -int -HMAC_CTX_reset(HMAC_CTX *ctx) -{ - HMAC_CTX_cleanup(ctx); - HMAC_CTX_init(ctx); - return 1; -} -LCRYPTO_ALIAS(HMAC_CTX_reset); - -void -HMAC_CTX_init(HMAC_CTX *ctx) -{ - EVP_MD_CTX_legacy_clear(&ctx->i_ctx); - EVP_MD_CTX_legacy_clear(&ctx->o_ctx); - EVP_MD_CTX_legacy_clear(&ctx->md_ctx); - ctx->md = NULL; -} - -int -HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx) -{ - if (!EVP_MD_CTX_copy(&dctx->i_ctx, &sctx->i_ctx)) - goto err; - if (!EVP_MD_CTX_copy(&dctx->o_ctx, &sctx->o_ctx)) - goto err; - if (!EVP_MD_CTX_copy(&dctx->md_ctx, &sctx->md_ctx)) - goto err; - memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK); - dctx->key_length = sctx->key_length; - dctx->md = sctx->md; - return 1; -err: - return 0; -} -LCRYPTO_ALIAS(HMAC_CTX_copy); - -void -HMAC_CTX_cleanup(HMAC_CTX *ctx) -{ - EVP_MD_CTX_cleanup(&ctx->i_ctx); - EVP_MD_CTX_cleanup(&ctx->o_ctx); - EVP_MD_CTX_cleanup(&ctx->md_ctx); - explicit_bzero(ctx, sizeof(*ctx)); -} - -void -HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags) -{ - EVP_MD_CTX_set_flags(&ctx->i_ctx, flags); - EVP_MD_CTX_set_flags(&ctx->o_ctx, flags); - EVP_MD_CTX_set_flags(&ctx->md_ctx, flags); -} -LCRYPTO_ALIAS(HMAC_CTX_set_flags); - -const EVP_MD * -HMAC_CTX_get_md(const HMAC_CTX *ctx) -{ - return ctx->md; -} -LCRYPTO_ALIAS(HMAC_CTX_get_md); - -unsigned char * -HMAC(const EVP_MD *evp_md, const void *key, int key_len, const unsigned char *d, - size_t n, unsigned char *md, unsigned int *md_len) -{ - HMAC_CTX c; - const unsigned char dummy_key[1] = { 0 }; - - if (key == NULL) { - key = dummy_key; - key_len = 0; - } - HMAC_CTX_init(&c); - if (!HMAC_Init_ex(&c, key, key_len, evp_md, NULL)) - goto err; - if (!HMAC_Update(&c, d, n)) - goto err; - if (!HMAC_Final(&c, md, md_len)) - goto err; - HMAC_CTX_cleanup(&c); - return md; -err: - HMAC_CTX_cleanup(&c); - return NULL; -} -LCRYPTO_ALIAS(HMAC); diff --git a/src/lib/libcrypto/hmac/hmac.h b/src/lib/libcrypto/hmac/hmac.h deleted file mode 100644 index 2216fd9258..0000000000 --- a/src/lib/libcrypto/hmac/hmac.h +++ /dev/null @@ -1,101 +0,0 @@ -/* $OpenBSD: hmac.h,v 1.21 2025/01/25 17:59:44 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -#ifndef HEADER_HMAC_H -#define HEADER_HMAC_H - -#include - -#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__OpenBSD__) -#define __bounded__(x, y, z) -#endif - -#include - -#define HMAC_MAX_MD_CBLOCK 144 /* largest known is SHA3-224 */ - -#ifdef __cplusplus -extern "C" { -#endif - -#define HMAC_size(e) (EVP_MD_size(HMAC_CTX_get_md((e)))) - -HMAC_CTX *HMAC_CTX_new(void); -void HMAC_CTX_free(HMAC_CTX *ctx); -int HMAC_CTX_reset(HMAC_CTX *ctx); - -int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md, - ENGINE *impl) - __attribute__ ((__bounded__(__buffer__, 2, 3))); -int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len) - __attribute__ ((__bounded__(__buffer__, 2, 3))); -int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len); -unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, - const unsigned char *d, size_t n, unsigned char *md, unsigned int *md_len) - __attribute__ ((__bounded__(__buffer__, 2, 3))) - __attribute__ ((__bounded__(__buffer__, 4, 5))) - __attribute__((__nonnull__ (6))); -int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx); - -void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags); -const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/hmac/hmac_local.h b/src/lib/libcrypto/hmac/hmac_local.h deleted file mode 100644 index e06cd6a6c7..0000000000 --- a/src/lib/libcrypto/hmac/hmac_local.h +++ /dev/null @@ -1,83 +0,0 @@ -/* $OpenBSD: hmac_local.h,v 1.4 2022/11/26 16:08:53 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -#ifndef HEADER_HMAC_LOCAL_H -#define HEADER_HMAC_LOCAL_H - -#include - -#include - -#include "evp_local.h" - -__BEGIN_HIDDEN_DECLS - -struct hmac_ctx_st { - const EVP_MD *md; - EVP_MD_CTX md_ctx; - EVP_MD_CTX i_ctx; - EVP_MD_CTX o_ctx; - unsigned int key_length; - unsigned char key[HMAC_MAX_MD_CBLOCK]; -} /* HMAC_CTX */; - -void HMAC_CTX_init(HMAC_CTX *ctx); -void HMAC_CTX_cleanup(HMAC_CTX *ctx); - -__END_HIDDEN_DECLS - -#endif /* !HEADER_HMAC_LOCAL_H */ diff --git a/src/lib/libcrypto/idea/idea.c b/src/lib/libcrypto/idea/idea.c deleted file mode 100644 index 809283b3c9..0000000000 --- a/src/lib/libcrypto/idea/idea.c +++ /dev/null @@ -1,418 +0,0 @@ -/* $OpenBSD: idea.c,v 1.1 2024/03/29 05:23:50 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "idea_local.h" - -void -idea_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, - IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int encrypt) -{ - unsigned long tin0, tin1; - unsigned long tout0, tout1, xor0, xor1; - long l = length; - unsigned long tin[2]; - - if (encrypt) { - n2l(iv, tout0); - n2l(iv, tout1); - iv -= 8; - for (l -= 8; l >= 0; l -= 8) - { - n2l(in, tin0); - n2l(in, tin1); - tin0 ^= tout0; - tin1 ^= tout1; - tin[0] = tin0; - tin[1] = tin1; - idea_encrypt(tin, ks); - tout0 = tin[0]; - l2n(tout0, out); - tout1 = tin[1]; - l2n(tout1, out); - } - if (l != -8) { - n2ln(in, tin0, tin1, l + 8); - tin0 ^= tout0; - tin1 ^= tout1; - tin[0] = tin0; - tin[1] = tin1; - idea_encrypt(tin, ks); - tout0 = tin[0]; - l2n(tout0, out); - tout1 = tin[1]; - l2n(tout1, out); - } - l2n(tout0, iv); - l2n(tout1, iv); - } else { - n2l(iv, xor0); - n2l(iv, xor1); - iv -= 8; - for (l -= 8; l >= 0; l -= 8) - { - n2l(in, tin0); - tin[0] = tin0; - n2l(in, tin1); - tin[1] = tin1; - idea_encrypt(tin, ks); - tout0 = tin[0] ^ xor0; - tout1 = tin[1] ^ xor1; - l2n(tout0, out); - l2n(tout1, out); - xor0 = tin0; - xor1 = tin1; - } - if (l != -8) { - n2l(in, tin0); - tin[0] = tin0; - n2l(in, tin1); - tin[1] = tin1; - idea_encrypt(tin, ks); - tout0 = tin[0] ^ xor0; - tout1 = tin[1] ^ xor1; - l2nn(tout0, tout1, out, l + 8); - xor0 = tin0; - xor1 = tin1; - } - l2n(xor0, iv); - l2n(xor1, iv); - } - tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0; - tin[0] = tin[1] = 0; -} -LCRYPTO_ALIAS(idea_cbc_encrypt); - -void -idea_encrypt(unsigned long *d, IDEA_KEY_SCHEDULE *key) -{ - IDEA_INT *p; - unsigned long x1, x2, x3, x4, t0, t1, ul; - - x2 = d[0]; - x1 = (x2 >> 16); - x4 = d[1]; - x3 = (x4 >> 16); - - p = &(key->data[0][0]); - - E_IDEA(0); - E_IDEA(1); - E_IDEA(2); - E_IDEA(3); - E_IDEA(4); - E_IDEA(5); - E_IDEA(6); - E_IDEA(7); - - x1 &= 0xffff; - idea_mul(x1, x1, *p, ul); - p++; - - t0 = x3 + *(p++); - t1 = x2 + *(p++); - - x4 &= 0xffff; - idea_mul(x4, x4, *p, ul); - - d[0] = (t0 & 0xffff)|((x1 & 0xffff) << 16); - d[1] = (x4 & 0xffff)|((t1 & 0xffff) << 16); -} -LCRYPTO_ALIAS(idea_encrypt); - -/* The input and output encrypted as though 64bit cfb mode is being - * used. The extra state information to record how much of the - * 64bit block we have used is contained in *num; - */ - -void -idea_cfb64_encrypt(const unsigned char *in, unsigned char *out, - long length, IDEA_KEY_SCHEDULE *schedule, - unsigned char *ivec, int *num, int encrypt) -{ - unsigned long v0, v1, t; - int n = *num; - long l = length; - unsigned long ti[2]; - unsigned char *iv, c, cc; - - iv = (unsigned char *)ivec; - if (encrypt) { - while (l--) { - if (n == 0) { - n2l(iv, v0); - ti[0] = v0; - n2l(iv, v1); - ti[1] = v1; - idea_encrypt((unsigned long *)ti, schedule); - iv = (unsigned char *)ivec; - t = ti[0]; - l2n(t, iv); - t = ti[1]; - l2n(t, iv); - iv = (unsigned char *)ivec; - } - c = *(in++) ^ iv[n]; - *(out++) = c; - iv[n] = c; - n = (n + 1) & 0x07; - } - } else { - while (l--) { - if (n == 0) { - n2l(iv, v0); - ti[0] = v0; - n2l(iv, v1); - ti[1] = v1; - idea_encrypt((unsigned long *)ti, schedule); - iv = (unsigned char *)ivec; - t = ti[0]; - l2n(t, iv); - t = ti[1]; - l2n(t, iv); - iv = (unsigned char *)ivec; - } - cc = *(in++); - c = iv[n]; - iv[n] = cc; - *(out++) = c ^ cc; - n = (n + 1) & 0x07; - } - } - v0 = v1 = ti[0] = ti[1] = t = c = cc = 0; - *num = n; -} -LCRYPTO_ALIAS(idea_cfb64_encrypt); - -void -idea_ecb_encrypt(const unsigned char *in, unsigned char *out, - IDEA_KEY_SCHEDULE *ks) -{ - unsigned long l0, l1, d[2]; - - n2l(in, l0); - d[0] = l0; - n2l(in, l1); - d[1] = l1; - idea_encrypt(d, ks); - l0 = d[0]; - l2n(l0, out); - l1 = d[1]; - l2n(l1, out); - l0 = l1 = d[0] = d[1] = 0; -} -LCRYPTO_ALIAS(idea_ecb_encrypt); - -/* - * The input and output encrypted as though 64bit ofb mode is being - * used. The extra state information to record how much of the - * 64bit block we have used is contained in *num; - */ -void -idea_ofb64_encrypt(const unsigned char *in, unsigned char *out, - long length, IDEA_KEY_SCHEDULE *schedule, - unsigned char *ivec, int *num) -{ - unsigned long v0, v1, t; - int n = *num; - long l = length; - unsigned char d[8]; - char *dp; - unsigned long ti[2]; - unsigned char *iv; - int save = 0; - - iv = (unsigned char *)ivec; - n2l(iv, v0); - n2l(iv, v1); - ti[0] = v0; - ti[1] = v1; - dp = (char *)d; - l2n(v0, dp); - l2n(v1, dp); - while (l--) { - if (n == 0) { - idea_encrypt((unsigned long *)ti, schedule); - dp = (char *)d; - t = ti[0]; - l2n(t, dp); - t = ti[1]; - l2n(t, dp); - save++; - } - *(out++) = *(in++) ^ d[n]; - n = (n + 1) & 0x07; - } - if (save) { - v0 = ti[0]; - v1 = ti[1]; - iv = (unsigned char *)ivec; - l2n(v0, iv); - l2n(v1, iv); - } - t = v0 = v1 = ti[0] = ti[1] = 0; - *num = n; -} -LCRYPTO_ALIAS(idea_ofb64_encrypt); - -/* taken directly from the 'paper' I'll have a look at it later */ -static IDEA_INT -inverse(unsigned int xin) -{ - long n1, n2, q, r, b1, b2, t; - - if (xin == 0) - b2 = 0; - else { - n1 = 0x10001; - n2 = xin; - b2 = 1; - b1 = 0; - - do { - r = (n1 % n2); - q = (n1 - r)/n2; - if (r == 0) { - if (b2 < 0) - b2 = 0x10001 + b2; - } else { - n1 = n2; - n2 = r; - t = b2; - b2 = b1 - q*b2; - b1 = t; - } - } while (r != 0); - } - return ((IDEA_INT)b2); -} - -void -idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks) -{ - int i; - IDEA_INT *kt, *kf, r0, r1, r2; - - kt = &(ks->data[0][0]); - n2s(key, kt[0]); - n2s(key, kt[1]); - n2s(key, kt[2]); - n2s(key, kt[3]); - n2s(key, kt[4]); - n2s(key, kt[5]); - n2s(key, kt[6]); - n2s(key, kt[7]); - - kf = kt; - kt += 8; - for (i = 0; i < 6; i++) - { - r2 = kf[1]; - r1 = kf[2]; - *(kt++) = ((r2 << 9) | (r1 >> 7)) & 0xffff; - r0 = kf[3]; - *(kt++) = ((r1 << 9) | (r0 >> 7)) & 0xffff; - r1 = kf[4]; - *(kt++) = ((r0 << 9) | (r1 >> 7)) & 0xffff; - r0 = kf[5]; - *(kt++) = ((r1 << 9) | (r0 >> 7)) & 0xffff; - r1 = kf[6]; - *(kt++) = ((r0 << 9) | (r1 >> 7)) & 0xffff; - r0 = kf[7]; - *(kt++) = ((r1 << 9) | (r0 >> 7)) & 0xffff; - r1 = kf[0]; - if (i >= 5) - break; - *(kt++) = ((r0 << 9) | (r1 >> 7)) & 0xffff; - *(kt++) = ((r1 << 9) | (r2 >> 7)) & 0xffff; - kf += 8; - } -} -LCRYPTO_ALIAS(idea_set_encrypt_key); - -void -idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk) -{ - int r; - IDEA_INT *fp, *tp, t; - - tp = &(dk->data[0][0]); - fp = &(ek->data[8][0]); - for (r = 0; r < 9; r++) - { - *(tp++) = inverse(fp[0]); - *(tp++) = ((int)(0x10000L - fp[2]) & 0xffff); - *(tp++) = ((int)(0x10000L - fp[1]) & 0xffff); - *(tp++) = inverse(fp[3]); - if (r == 8) - break; - fp -= 6; - *(tp++) = fp[4]; - *(tp++) = fp[5]; - } - - tp = &(dk->data[0][0]); - t = tp[1]; - tp[1] = tp[2]; - tp[2] = t; - - t = tp[49]; - tp[49] = tp[50]; - tp[50] = t; -} -LCRYPTO_ALIAS(idea_set_decrypt_key); diff --git a/src/lib/libcrypto/idea/idea.h b/src/lib/libcrypto/idea/idea.h deleted file mode 100644 index 2bdd3647fd..0000000000 --- a/src/lib/libcrypto/idea/idea.h +++ /dev/null @@ -1,94 +0,0 @@ -/* $OpenBSD: idea.h,v 1.13 2025/01/25 17:59:44 tb Exp $ */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_IDEA_H -#define HEADER_IDEA_H - -#include /* IDEA_INT, OPENSSL_NO_IDEA */ - -#define IDEA_ENCRYPT 1 -#define IDEA_DECRYPT 0 - -#define IDEA_BLOCK 8 -#define IDEA_KEY_LENGTH 16 - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct idea_key_st { - IDEA_INT data[9][6]; -} IDEA_KEY_SCHEDULE; - -void idea_ecb_encrypt(const unsigned char *in, unsigned char *out, - IDEA_KEY_SCHEDULE *ks); -void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks); -void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk); -void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, - long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int enc); -void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out, - long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, - int *num, int enc); -void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out, - long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int *num); -void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks); -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/idea/idea_local.h b/src/lib/libcrypto/idea/idea_local.h deleted file mode 100644 index c7fd3271a7..0000000000 --- a/src/lib/libcrypto/idea/idea_local.h +++ /dev/null @@ -1,149 +0,0 @@ -/* $OpenBSD: idea_local.h,v 1.2 2023/07/07 12:51:58 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* The new form of this macro (check if the a*b == 0) was suggested by - * Colin Plumb */ -/* Removal of the inner if from from Wei Dai 24/4/96 */ -#define idea_mul(r,a,b,ul) \ -ul=(unsigned long)a*b; \ -if (ul != 0) \ - { \ - r=(ul&0xffff)-(ul>>16); \ - r-=((r)>>16); \ - } \ -else \ - r=(-(int)a-b+1); /* assuming a or b is 0 and in range */ - -/* 7/12/95 - Many thanks to Rhys Weatherley - * for pointing out that I was assuming little endian - * byte order for all quantities what idea - * actually used bigendian. No where in the spec does it mention - * this, it is all in terms of 16 bit numbers and even the example - * does not use byte streams for the input example :-(. - * If you byte swap each pair of input, keys and iv, the functions - * would produce the output as the old version :-(. - */ - -/* NOTE - c is not incremented as per n2l */ -#define n2ln(c,l1,l2,n) { \ - c+=n; \ - l1=l2=0; \ - switch (n) { \ - case 8: l2 =((unsigned long)(*(--(c)))) ; \ - case 7: l2|=((unsigned long)(*(--(c))))<< 8; \ - case 6: l2|=((unsigned long)(*(--(c))))<<16; \ - case 5: l2|=((unsigned long)(*(--(c))))<<24; \ - case 4: l1 =((unsigned long)(*(--(c)))) ; \ - case 3: l1|=((unsigned long)(*(--(c))))<< 8; \ - case 2: l1|=((unsigned long)(*(--(c))))<<16; \ - case 1: l1|=((unsigned long)(*(--(c))))<<24; \ - } \ - } - -/* NOTE - c is not incremented as per l2n */ -#define l2nn(l1,l2,c,n) { \ - c+=n; \ - switch (n) { \ - case 8: *(--(c))=(unsigned char)(((l2) )&0xff);\ - case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff);\ - case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff);\ - case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff);\ - case 4: *(--(c))=(unsigned char)(((l1) )&0xff);\ - case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff);\ - case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff);\ - case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff);\ - } \ - } - -#undef n2l -#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \ - l|=((unsigned long)(*((c)++)))<<16L, \ - l|=((unsigned long)(*((c)++)))<< 8L, \ - l|=((unsigned long)(*((c)++)))) - -#undef l2n -#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ - *((c)++)=(unsigned char)(((l) )&0xff)) - -#undef s2n -#define s2n(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8L)&0xff)) - -#undef n2s -#define n2s(c,l) (l =((IDEA_INT)(*((c)++)))<< 8L, \ - l|=((IDEA_INT)(*((c)++))) ) - -#define E_IDEA(num) \ - x1&=0xffff; \ - idea_mul(x1,x1,*p,ul); p++; \ - x2+= *(p++); \ - x3+= *(p++); \ - x4&=0xffff; \ - idea_mul(x4,x4,*p,ul); p++; \ - t0=(x1^x3)&0xffff; \ - idea_mul(t0,t0,*p,ul); p++; \ - t1=(t0+(x2^x4))&0xffff; \ - idea_mul(t1,t1,*p,ul); p++; \ - t0+=t1; \ - x1^=t1; \ - x4^=t0; \ - ul=x2^t0; /* do the swap to x3 */ \ - x2=x3^t1; \ - x3=ul; diff --git a/src/lib/libcrypto/kdf/hkdf_evp.c b/src/lib/libcrypto/kdf/hkdf_evp.c deleted file mode 100644 index b33e2e0a26..0000000000 --- a/src/lib/libcrypto/kdf/hkdf_evp.c +++ /dev/null @@ -1,276 +0,0 @@ -/* $OpenBSD: hkdf_evp.c,v 1.20 2023/06/26 08:57:17 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 2016-2018 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include -#include - -#include -#include -#include -#include -#include - -#include "evp_local.h" - -#define HKDF_MAXBUF 1024 - -typedef struct { - int mode; - const EVP_MD *md; - unsigned char *salt; - size_t salt_len; - unsigned char *key; - size_t key_len; - unsigned char info[HKDF_MAXBUF]; - size_t info_len; -} HKDF_PKEY_CTX; - -static int -pkey_hkdf_init(EVP_PKEY_CTX *ctx) -{ - HKDF_PKEY_CTX *kctx; - - if ((kctx = calloc(1, sizeof(*kctx))) == NULL) { - KDFerror(ERR_R_MALLOC_FAILURE); - return 0; - } - - ctx->data = kctx; - - return 1; -} - -static void -pkey_hkdf_cleanup(EVP_PKEY_CTX *ctx) -{ - HKDF_PKEY_CTX *kctx = ctx->data; - - freezero(kctx->salt, kctx->salt_len); - freezero(kctx->key, kctx->key_len); - freezero(kctx, sizeof(*kctx)); -} - -static int -pkey_hkdf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) -{ - HKDF_PKEY_CTX *kctx = ctx->data; - - switch (type) { - case EVP_PKEY_CTRL_HKDF_MD: - if (p2 == NULL) - return 0; - - kctx->md = p2; - return 1; - - case EVP_PKEY_CTRL_HKDF_MODE: - kctx->mode = p1; - return 1; - - case EVP_PKEY_CTRL_HKDF_SALT: - if (p1 == 0 || p2 == NULL) - return 1; - - if (p1 < 0) - return 0; - - freezero(kctx->salt, kctx->salt_len); - if ((kctx->salt = malloc(p1)) == NULL) - return 0; - memcpy(kctx->salt, p2, p1); - - kctx->salt_len = p1; - return 1; - - case EVP_PKEY_CTRL_HKDF_KEY: - if (p1 < 0) - return 0; - - freezero(kctx->key, kctx->key_len); - kctx->key = NULL; - kctx->key_len = 0; - - /* Match OpenSSL's behavior. */ - if (p1 == 0 || p2 == NULL) - return 0; - - if ((kctx->key = malloc(p1)) == NULL) - return 0; - memcpy(kctx->key, p2, p1); - - kctx->key_len = p1; - return 1; - - case EVP_PKEY_CTRL_HKDF_INFO: - if (p1 == 0 || p2 == NULL) - return 1; - - if (p1 < 0 || p1 > (int)(HKDF_MAXBUF - kctx->info_len)) - return 0; - - memcpy(kctx->info + kctx->info_len, p2, p1); - kctx->info_len += p1; - return 1; - - default: - return -2; - } -} - -static int -pkey_hkdf_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, - const char *value) -{ - if (strcmp(type, "mode") == 0) { - int mode; - - if (strcmp(value, "EXTRACT_AND_EXPAND") == 0) - mode = EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND; - else if (strcmp(value, "EXTRACT_ONLY") == 0) - mode = EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY; - else if (strcmp(value, "EXPAND_ONLY") == 0) - mode = EVP_PKEY_HKDEF_MODE_EXPAND_ONLY; - else - return 0; - - return EVP_PKEY_CTX_hkdf_mode(ctx, mode); - } - - if (strcmp(type, "md") == 0) - return EVP_PKEY_CTX_md(ctx, EVP_PKEY_OP_DERIVE, - EVP_PKEY_CTRL_HKDF_MD, value); - - if (strcmp(type, "salt") == 0) - return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_HKDF_SALT, - value); - - if (strcmp(type, "hexsalt") == 0) - return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_HKDF_SALT, - value); - - if (strcmp(type, "key") == 0) - return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_HKDF_KEY, value); - - if (strcmp(type, "hexkey") == 0) - return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_HKDF_KEY, value); - - if (strcmp(type, "info") == 0) - return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_HKDF_INFO, - value); - - if (strcmp(type, "hexinfo") == 0) - return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_HKDF_INFO, - value); - - KDFerror(KDF_R_UNKNOWN_PARAMETER_TYPE); - return -2; -} - -static int -pkey_hkdf_derive_init(EVP_PKEY_CTX *ctx) -{ - HKDF_PKEY_CTX *kctx = ctx->data; - - freezero(kctx->key, kctx->key_len); - freezero(kctx->salt, kctx->salt_len); - explicit_bzero(kctx, sizeof(*kctx)); - - return 1; -} - -static int -pkey_hkdf_derive(EVP_PKEY_CTX *ctx, unsigned char *key, - size_t *keylen) -{ - HKDF_PKEY_CTX *kctx = ctx->data; - - if (kctx->md == NULL) { - KDFerror(KDF_R_MISSING_MESSAGE_DIGEST); - return 0; - } - if (kctx->key == NULL) { - KDFerror(KDF_R_MISSING_KEY); - return 0; - } - - switch (kctx->mode) { - case EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND: - return HKDF(key, *keylen, kctx->md, kctx->key, kctx->key_len, - kctx->salt, kctx->salt_len, kctx->info, kctx->info_len); - - case EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY: - if (key == NULL) { - *keylen = EVP_MD_size(kctx->md); - return 1; - } - return HKDF_extract(key, keylen, kctx->md, kctx->key, - kctx->key_len, kctx->salt, kctx->salt_len); - - case EVP_PKEY_HKDEF_MODE_EXPAND_ONLY: - return HKDF_expand(key, *keylen, kctx->md, kctx->key, - kctx->key_len, kctx->info, kctx->info_len); - - default: - return 0; - } -} - -const EVP_PKEY_METHOD hkdf_pkey_meth = { - .pkey_id = EVP_PKEY_HKDF, - .flags = 0, - - .init = pkey_hkdf_init, - .copy = NULL, - .cleanup = pkey_hkdf_cleanup, - - .derive_init = pkey_hkdf_derive_init, - .derive = pkey_hkdf_derive, - .ctrl = pkey_hkdf_ctrl, - .ctrl_str = pkey_hkdf_ctrl_str, -}; diff --git a/src/lib/libcrypto/kdf/kdf.h b/src/lib/libcrypto/kdf/kdf.h deleted file mode 100644 index 578949cb5c..0000000000 --- a/src/lib/libcrypto/kdf/kdf.h +++ /dev/null @@ -1,137 +0,0 @@ -/* $OpenBSD: kdf.h,v 1.9 2024/07/09 16:20:17 tb Exp $ */ -/* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2016-2018 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#ifndef HEADER_KDF_H -# define HEADER_KDF_H - -#ifdef __cplusplus -extern "C" { -#endif - -# define EVP_PKEY_CTRL_TLS_MD (EVP_PKEY_ALG_CTRL + 0) -# define EVP_PKEY_CTRL_TLS_SECRET (EVP_PKEY_ALG_CTRL + 1) -# define EVP_PKEY_CTRL_TLS_SEED (EVP_PKEY_ALG_CTRL + 2) - -# define EVP_PKEY_CTRL_HKDF_MD (EVP_PKEY_ALG_CTRL + 3) -# define EVP_PKEY_CTRL_HKDF_SALT (EVP_PKEY_ALG_CTRL + 4) -# define EVP_PKEY_CTRL_HKDF_KEY (EVP_PKEY_ALG_CTRL + 5) -# define EVP_PKEY_CTRL_HKDF_INFO (EVP_PKEY_ALG_CTRL + 6) -# define EVP_PKEY_CTRL_HKDF_MODE (EVP_PKEY_ALG_CTRL + 7) - -# define EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND 0 -# define EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY 1 -# define EVP_PKEY_HKDEF_MODE_EXPAND_ONLY 2 - - -# define EVP_PKEY_CTX_set_tls1_prf_md(pctx, md) \ - EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_TLS_MD, 0, (void *)(md)) - -# define EVP_PKEY_CTX_set1_tls1_prf_secret(pctx, sec, seclen) \ - EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_TLS_SECRET, seclen, (void *)(sec)) - -# define EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, seed, seedlen) \ - EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_TLS_SEED, seedlen, (void *)(seed)) - - -# define EVP_PKEY_CTX_set_hkdf_md(pctx, md) \ - EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_HKDF_MD, 0, (void *)(md)) - -# define EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt, saltlen) \ - EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_HKDF_SALT, saltlen, (void *)(salt)) - -# define EVP_PKEY_CTX_set1_hkdf_key(pctx, key, keylen) \ - EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_HKDF_KEY, keylen, (void *)(key)) - -# define EVP_PKEY_CTX_add1_hkdf_info(pctx, info, infolen) \ - EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_HKDF_INFO, infolen, (void *)(info)) - -# define EVP_PKEY_CTX_hkdf_mode(pctx, mode) \ - EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \ - EVP_PKEY_CTRL_HKDF_MODE, mode, NULL) - -int ERR_load_KDF_strings(void); - -/* - * KDF function codes. - */ -# define KDF_F_PKEY_HKDF_CTRL_STR 103 -# define KDF_F_PKEY_HKDF_DERIVE 102 -# define KDF_F_PKEY_HKDF_INIT 108 -# define KDF_F_PKEY_TLS1_PRF_CTRL_STR 100 -# define KDF_F_PKEY_TLS1_PRF_DERIVE 101 -# define KDF_F_PKEY_TLS1_PRF_INIT 110 -# define KDF_F_TLS1_PRF_ALG 111 - -/* - * KDF reason codes. - */ -# define KDF_R_INVALID_DIGEST 100 -# define KDF_R_MISSING_KEY 104 -# define KDF_R_MISSING_MESSAGE_DIGEST 105 -# define KDF_R_MISSING_SECRET 107 -# define KDF_R_MISSING_SEED 106 -# define KDF_R_UNKNOWN_PARAMETER_TYPE 103 -# define KDF_R_VALUE_MISSING 102 - -# ifdef __cplusplus -} -# endif -#endif diff --git a/src/lib/libcrypto/kdf/kdf_err.c b/src/lib/libcrypto/kdf/kdf_err.c deleted file mode 100644 index f0dfd21272..0000000000 --- a/src/lib/libcrypto/kdf/kdf_err.c +++ /dev/null @@ -1,99 +0,0 @@ -/* $OpenBSD: kdf_err.c,v 1.11 2024/07/09 16:20:17 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include "err_local.h" - -#ifndef OPENSSL_NO_ERR - -static const ERR_STRING_DATA KDF_str_functs[] = { - {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_CTRL_STR, 0), "pkey_hkdf_ctrl_str"}, - {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_DERIVE, 0), "pkey_hkdf_derive"}, - {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_INIT, 0), "pkey_hkdf_init"}, - {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_CTRL_STR, 0), "pkey_tls1_prf_ctrl_str"}, - {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_DERIVE, 0), "pkey_tls1_prf_derive"}, - {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_INIT, 0), "pkey_tls1_prf_init"}, - {ERR_PACK(ERR_LIB_KDF, KDF_F_TLS1_PRF_ALG, 0), "pkey_tls1_prf_alg"}, - {0, NULL}, -}; - -static const ERR_STRING_DATA KDF_str_reasons[] = { - {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_DIGEST), "invalid digest"}, - {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_KEY), "missing key"}, - {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_MESSAGE_DIGEST), - "missing message digest"}, - {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SECRET), "missing secret"}, - {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SEED), "missing seed"}, - {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_UNKNOWN_PARAMETER_TYPE), - "unknown parameter type"}, - {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_MISSING), "value missing"}, - {0, NULL}, -}; - -#endif - -int -ERR_load_KDF_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(KDF_str_functs[0].error) == NULL) { - ERR_load_const_strings(KDF_str_functs); - ERR_load_const_strings(KDF_str_reasons); - } -#endif - return 1; -} diff --git a/src/lib/libcrypto/kdf/tls1_prf.c b/src/lib/libcrypto/kdf/tls1_prf.c deleted file mode 100644 index 7d6231e3c7..0000000000 --- a/src/lib/libcrypto/kdf/tls1_prf.c +++ /dev/null @@ -1,345 +0,0 @@ -/* $OpenBSD: tls1_prf.c,v 1.40 2024/07/10 06:53:27 tb Exp $ */ -/* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project - * 2016. - */ -/* ==================================================================== - * Copyright (c) 2015 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include - -#include -#include -#include - -#include "evp_local.h" - -#define TLS1_PRF_MAXBUF 1024 - -struct tls1_prf_ctx { - const EVP_MD *md; - unsigned char *secret; - size_t secret_len; - unsigned char seed[TLS1_PRF_MAXBUF]; - size_t seed_len; -}; - -static int -pkey_tls1_prf_init(EVP_PKEY_CTX *ctx) -{ - struct tls1_prf_ctx *kctx; - - if ((kctx = calloc(1, sizeof(*kctx))) == NULL) { - KDFerror(ERR_R_MALLOC_FAILURE); - return 0; - } - ctx->data = kctx; - - return 1; -} - -static void -pkey_tls1_prf_cleanup(EVP_PKEY_CTX *ctx) -{ - struct tls1_prf_ctx *kctx = ctx->data; - - freezero(kctx->secret, kctx->secret_len); - freezero(kctx, sizeof(*kctx)); -} - -static int -pkey_tls1_prf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) -{ - struct tls1_prf_ctx *kctx = ctx->data; - - switch (type) { - case EVP_PKEY_CTRL_TLS_MD: - kctx->md = p2; - return 1; - - case EVP_PKEY_CTRL_TLS_SECRET: - if (p1 < 0) - return 0; - - freezero(kctx->secret, kctx->secret_len); - kctx->secret = NULL; - kctx->secret_len = 0; - - explicit_bzero(kctx->seed, kctx->seed_len); - kctx->seed_len = 0; - - if (p1 == 0 || p2 == NULL) - return 0; - - if ((kctx->secret = calloc(1, p1)) == NULL) - return 0; - memcpy(kctx->secret, p2, p1); - kctx->secret_len = p1; - - return 1; - - case EVP_PKEY_CTRL_TLS_SEED: - if (p1 == 0 || p2 == NULL) - return 1; - if (p1 < 0 || p1 > (int)(TLS1_PRF_MAXBUF - kctx->seed_len)) - return 0; - memcpy(kctx->seed + kctx->seed_len, p2, p1); - kctx->seed_len += p1; - return 1; - - default: - return -2; - } -} - -static int -pkey_tls1_prf_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value) -{ - if (value == NULL) { - KDFerror(KDF_R_VALUE_MISSING); - return 0; - } - if (strcmp(type, "md") == 0) { - struct tls1_prf_ctx *kctx = ctx->data; - - const EVP_MD *md = EVP_get_digestbyname(value); - if (md == NULL) { - KDFerror(KDF_R_INVALID_DIGEST); - return 0; - } - kctx->md = md; - return 1; - } - if (strcmp(type, "secret") == 0) - return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_TLS_SECRET, value); - if (strcmp(type, "hexsecret") == 0) - return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_TLS_SECRET, value); - if (strcmp(type, "seed") == 0) - return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_TLS_SEED, value); - if (strcmp(type, "hexseed") == 0) - return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_TLS_SEED, value); - - KDFerror(KDF_R_UNKNOWN_PARAMETER_TYPE); - return -2; -} - -static int -tls1_prf_P_hash(const EVP_MD *md, const unsigned char *secret, size_t secret_len, - const unsigned char *seed, size_t seed_len, unsigned char *out, size_t out_len) -{ - int chunk; - EVP_MD_CTX *ctx = NULL, *ctx_tmp = NULL, *ctx_init = NULL; - EVP_PKEY *mac_key = NULL; - unsigned char A1[EVP_MAX_MD_SIZE]; - size_t A1_len; - int ret = 0; - - if ((chunk = EVP_MD_size(md)) < 0) - goto err; - - if ((ctx = EVP_MD_CTX_new()) == NULL) - goto err; - if ((ctx_tmp = EVP_MD_CTX_new()) == NULL) - goto err; - if ((ctx_init = EVP_MD_CTX_new()) == NULL) - goto err; - - EVP_MD_CTX_set_flags(ctx_init, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); - - if ((mac_key = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL, - secret, secret_len)) == NULL) - goto err; - - if (!EVP_DigestSignInit(ctx_init, NULL, md, NULL, mac_key)) - goto err; - if (!EVP_MD_CTX_copy_ex(ctx, ctx_init)) - goto err; - if (seed != NULL && !EVP_DigestSignUpdate(ctx, seed, seed_len)) - goto err; - if (!EVP_DigestSignFinal(ctx, A1, &A1_len)) - goto err; - - for (;;) { - /* Reinit mac contexts */ - if (!EVP_MD_CTX_copy_ex(ctx, ctx_init)) - goto err; - if (!EVP_DigestSignUpdate(ctx, A1, A1_len)) - goto err; - if (out_len > (size_t)chunk && !EVP_MD_CTX_copy_ex(ctx_tmp, ctx)) - goto err; - if (seed != NULL && !EVP_DigestSignUpdate(ctx, seed, seed_len)) - goto err; - - if (out_len > (size_t)chunk) { - size_t mac_len; - if (!EVP_DigestSignFinal(ctx, out, &mac_len)) - goto err; - out += mac_len; - out_len -= mac_len; - if (!EVP_DigestSignFinal(ctx_tmp, A1, &A1_len)) - goto err; - } else { - if (!EVP_DigestSignFinal(ctx, A1, &A1_len)) - goto err; - memcpy(out, A1, out_len); - break; - } - } - - ret = 1; - - err: - EVP_PKEY_free(mac_key); - EVP_MD_CTX_free(ctx); - EVP_MD_CTX_free(ctx_tmp); - EVP_MD_CTX_free(ctx_init); - explicit_bzero(A1, sizeof(A1)); - - return ret; -} - -static int -tls1_prf_alg(const EVP_MD *md, const unsigned char *secret, size_t secret_len, - const unsigned char *seed, size_t seed_len, unsigned char *out, size_t out_len) -{ - unsigned char *tmp = NULL; - size_t half_len; - size_t i; - int ret = 0; - - if (EVP_MD_type(md) != NID_md5_sha1) - return tls1_prf_P_hash(md, secret, secret_len, seed, seed_len, - out, out_len); - - half_len = secret_len - secret_len / 2; - if (!tls1_prf_P_hash(EVP_md5(), secret, half_len, seed, seed_len, - out, out_len)) - goto err; - - if ((tmp = calloc(1, out_len)) == NULL) { - KDFerror(ERR_R_MALLOC_FAILURE); - goto err; - } - secret += secret_len - half_len; - if (!tls1_prf_P_hash(EVP_sha1(), secret, half_len, seed, seed_len, - tmp, out_len)) - goto err; - for (i = 0; i < out_len; i++) - out[i] ^= tmp[i]; - - ret = 1; - - err: - freezero(tmp, out_len); - - return ret; -} - -static int -pkey_tls1_prf_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *key_len) -{ - struct tls1_prf_ctx *kctx = ctx->data; - - if (kctx->md == NULL) { - KDFerror(KDF_R_MISSING_MESSAGE_DIGEST); - return 0; - } - if (kctx->secret == NULL) { - KDFerror(KDF_R_MISSING_SECRET); - return 0; - } - if (kctx->seed_len == 0) { - KDFerror(KDF_R_MISSING_SEED); - return 0; - } - - return tls1_prf_alg(kctx->md, kctx->secret, kctx->secret_len, - kctx->seed, kctx->seed_len, key, *key_len); -} - -const EVP_PKEY_METHOD tls1_prf_pkey_meth = { - .pkey_id = EVP_PKEY_TLS1_PRF, - .flags = 0, - - .init = pkey_tls1_prf_init, - .copy = NULL, - .cleanup = pkey_tls1_prf_cleanup, - - .paramgen = NULL, - - .keygen = NULL, - - .sign_init = NULL, - .sign = NULL, - - .verify_init = NULL, - .verify = NULL, - - .verify_recover = NULL, - - .signctx_init = NULL, - .signctx = NULL, - - .encrypt = NULL, - - .decrypt = NULL, - - .derive_init = NULL, - .derive = pkey_tls1_prf_derive, - - .ctrl = pkey_tls1_prf_ctrl, - .ctrl_str = pkey_tls1_prf_ctrl_str, -}; diff --git a/src/lib/libcrypto/lhash/lhash.c b/src/lib/libcrypto/lhash/lhash.c deleted file mode 100644 index aa532267de..0000000000 --- a/src/lib/libcrypto/lhash/lhash.c +++ /dev/null @@ -1,433 +0,0 @@ -/* $OpenBSD: lhash.c,v 1.28 2024/07/14 14:32:45 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include - -#include -#include - -#undef MIN_NODES -#define MIN_NODES 16 -#define UP_LOAD (2*LH_LOAD_MULT) /* load times 256 (default 2) */ -#define DOWN_LOAD (LH_LOAD_MULT) /* load times 256 (default 1) */ - -typedef struct lhash_node_st { - void *data; - struct lhash_node_st *next; -#ifndef OPENSSL_NO_HASH_COMP - unsigned long hash; -#endif -} LHASH_NODE; - -struct lhash_st { - LHASH_NODE **b; - LHASH_COMP_FN_TYPE comp; - LHASH_HASH_FN_TYPE hash; - unsigned int num_nodes; - unsigned int num_alloc_nodes; - unsigned int p; - unsigned int pmax; - unsigned long up_load; /* load times 256 */ - unsigned long down_load; /* load times 256 */ - unsigned long num_items; - - int error; -} /* _LHASH */; - -static void -expand(_LHASH *lh) -{ - LHASH_NODE **n, **n1, **n2, *np; - unsigned int p, i, j; - unsigned long hash, nni; - - lh->num_nodes++; - p = (int)lh->p++; - n1 = &(lh->b[p]); - n2 = &(lh->b[p + (int)lh->pmax]); - *n2 = NULL; /* 27/07/92 - eay - undefined pointer bug */ - nni = lh->num_alloc_nodes; - - for (np = *n1; np != NULL; ) { -#ifndef OPENSSL_NO_HASH_COMP - hash = np->hash; -#else - hash = lh->hash(np->data); -#endif - if ((hash % nni) != p) { /* move it */ - *n1 = (*n1)->next; - np->next= *n2; - *n2 = np; - } else - n1 = &((*n1)->next); - np= *n1; - } - - if ((lh->p) >= lh->pmax) { - j = (int)lh->num_alloc_nodes * 2; - n = reallocarray(lh->b, j, sizeof(LHASH_NODE *)); - if (n == NULL) { -/* fputs("realloc error in lhash", stderr); */ - lh->error++; - lh->p = 0; - return; - } - /* else */ - for (i = (int)lh->num_alloc_nodes; i < j; i++)/* 26/02/92 eay */ - n[i] = NULL; /* 02/03/92 eay */ - lh->pmax = lh->num_alloc_nodes; - lh->num_alloc_nodes = j; - lh->p = 0; - lh->b = n; - } -} - -static void -contract(_LHASH *lh) -{ - LHASH_NODE **n, *n1, *np; - - np = lh->b[lh->p + lh->pmax - 1]; - lh->b[lh->p+lh->pmax - 1] = NULL; /* 24/07-92 - eay - weird but :-( */ - if (lh->p == 0) { - n = reallocarray(lh->b, lh->pmax, sizeof(LHASH_NODE *)); - if (n == NULL) { -/* fputs("realloc error in lhash", stderr); */ - lh->error++; - return; - } - lh->num_alloc_nodes /= 2; - lh->pmax /= 2; - lh->p = lh->pmax - 1; - lh->b = n; - } else - lh->p--; - - lh->num_nodes--; - - n1 = lh->b[(int)lh->p]; - if (n1 == NULL) - lh->b[(int)lh->p] = np; - else { - while (n1->next != NULL) - n1 = n1->next; - n1->next = np; - } -} - -static LHASH_NODE ** -getrn(_LHASH *lh, const void *data, unsigned long *rhash) -{ - LHASH_NODE **ret, *n1; - unsigned long hash, nn; - LHASH_COMP_FN_TYPE cf; - - hash = (*(lh->hash))(data); - *rhash = hash; - - nn = hash % lh->pmax; - if (nn < lh->p) - nn = hash % lh->num_alloc_nodes; - - cf = lh->comp; - ret = &(lh->b[(int)nn]); - for (n1 = *ret; n1 != NULL; n1 = n1->next) { -#ifndef OPENSSL_NO_HASH_COMP - if (n1->hash != hash) { - ret = &(n1->next); - continue; - } -#endif - if (cf(n1->data, data) == 0) - break; - ret = &(n1->next); - } - return (ret); -} - -_LHASH * -lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c) -{ - _LHASH *ret; - - if ((ret = calloc(1, sizeof(_LHASH))) == NULL) - return NULL; - if ((ret->b = calloc(MIN_NODES, sizeof(LHASH_NODE *))) == NULL) { - free(ret); - return NULL; - } - ret->comp = ((c == NULL) ? (LHASH_COMP_FN_TYPE)strcmp : c); - ret->hash = ((h == NULL) ? (LHASH_HASH_FN_TYPE)lh_strhash : h); - ret->num_nodes = MIN_NODES / 2; - ret->num_alloc_nodes = MIN_NODES; - ret->pmax = MIN_NODES / 2; - ret->up_load = UP_LOAD; - ret->down_load = DOWN_LOAD; - - return (ret); -} -LCRYPTO_ALIAS(lh_new); - -void -lh_free(_LHASH *lh) -{ - unsigned int i; - LHASH_NODE *n, *nn; - - if (lh == NULL) - return; - - for (i = 0; i < lh->num_nodes; i++) { - n = lh->b[i]; - while (n != NULL) { - nn = n->next; - free(n); - n = nn; - } - } - free(lh->b); - free(lh); -} -LCRYPTO_ALIAS(lh_free); - -int -lh_error(_LHASH *lh) -{ - return lh->error; -} -LCRYPTO_ALIAS(lh_error); - -void * -lh_insert(_LHASH *lh, void *data) -{ - unsigned long hash; - LHASH_NODE *nn, **rn; - void *ret; - - lh->error = 0; - if (lh->up_load <= (lh->num_items * LH_LOAD_MULT / lh->num_nodes)) - expand(lh); - - rn = getrn(lh, data, &hash); - - if (*rn == NULL) { - if ((nn = malloc(sizeof(LHASH_NODE))) == NULL) { - lh->error++; - return (NULL); - } - nn->data = data; - nn->next = NULL; -#ifndef OPENSSL_NO_HASH_COMP - nn->hash = hash; -#endif - *rn = nn; - ret = NULL; - lh->num_items++; - } - else /* replace same key */ - { - ret = (*rn)->data; - (*rn)->data = data; - } - return (ret); -} -LCRYPTO_ALIAS(lh_insert); - -void * -lh_delete(_LHASH *lh, const void *data) -{ - unsigned long hash; - LHASH_NODE *nn, **rn; - void *ret; - - lh->error = 0; - rn = getrn(lh, data, &hash); - - if (*rn == NULL) { - return (NULL); - } else { - nn= *rn; - *rn = nn->next; - ret = nn->data; - free(nn); - } - - lh->num_items--; - if ((lh->num_nodes > MIN_NODES) && - (lh->down_load >= (lh->num_items * LH_LOAD_MULT / lh->num_nodes))) - contract(lh); - - return (ret); -} -LCRYPTO_ALIAS(lh_delete); - -void * -lh_retrieve(_LHASH *lh, const void *data) -{ - unsigned long hash; - LHASH_NODE **rn; - void *ret; - - lh->error = 0; - rn = getrn(lh, data, &hash); - - if (*rn == NULL) { - return (NULL); - } else { - ret = (*rn)->data; - } - return (ret); -} -LCRYPTO_ALIAS(lh_retrieve); - -static void -doall_util_fn(_LHASH *lh, int use_arg, LHASH_DOALL_FN_TYPE func, - LHASH_DOALL_ARG_FN_TYPE func_arg, void *arg) -{ - LHASH_NODE *a, *n; - int down_load; - int i; - - if (lh == NULL) - return; - - /* - * Disable contraction of the hash while walking, as some consumers use - * it to delete hash entries. A better option would be to snapshot the - * hash, making it insert safe as well. - */ - down_load = lh->down_load; - lh->down_load = 0; - - /* reverse the order so we search from 'top to bottom' - * We were having memory leaks otherwise */ - for (i = lh->num_nodes - 1; i >= 0; i--) { - a = lh->b[i]; - while (a != NULL) { - /* 28/05/91 - eay - n added so items can be deleted - * via lh_doall */ - /* 22/05/08 - ben - eh? since a is not passed, - * this should not be needed */ - n = a->next; - if (use_arg) - func_arg(a->data, arg); - else - func(a->data); - a = n; - } - } - - /* Restore down load factor and trigger contraction. */ - lh->down_load = down_load; - if ((lh->num_nodes > MIN_NODES) && - (lh->down_load >= (lh->num_items * LH_LOAD_MULT / lh->num_nodes))) - contract(lh); -} - -void -lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func) -{ - doall_util_fn(lh, 0, func, (LHASH_DOALL_ARG_FN_TYPE)0, NULL); -} -LCRYPTO_ALIAS(lh_doall); - -void -lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg) -{ - doall_util_fn(lh, 1, (LHASH_DOALL_FN_TYPE)0, func, arg); -} -LCRYPTO_ALIAS(lh_doall_arg); - -/* The following hash seems to work very well on normal text strings - * no collisions on /usr/dict/words and it distributes on %2^n quite - * well, not as good as MD5, but still good. - */ -unsigned long -lh_strhash(const char *c) -{ - unsigned long ret = 0; - unsigned long n, v; - unsigned int r; - - if (c == NULL || *c == '\0') - return ret; - - n = 0x100; - while (*c) { - v = n | *c; - n += 0x100; - if ((r = ((v >> 2) ^ v) & 0x0f) != 0) - ret = (ret << r) | (ret >> (32 - r)); - ret &= 0xFFFFFFFFUL; - ret ^= v * v; - c++; - } - return (ret >> 16) ^ ret; -} -LCRYPTO_ALIAS(lh_strhash); - -unsigned long -lh_num_items(const _LHASH *lh) -{ - return lh ? lh->num_items : 0; -} -LCRYPTO_ALIAS(lh_num_items); diff --git a/src/lib/libcrypto/lhash/lhash.h b/src/lib/libcrypto/lhash/lhash.h deleted file mode 100644 index 86d05544a0..0000000000 --- a/src/lib/libcrypto/lhash/lhash.h +++ /dev/null @@ -1,179 +0,0 @@ -/* $OpenBSD: lhash.h,v 1.14 2024/03/02 11:11:11 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* Header for dynamic hash table routines - * Author - Eric Young - */ - -#ifndef HEADER_LHASH_H -#define HEADER_LHASH_H - -#include - -#include - -#ifndef OPENSSL_NO_BIO -#include -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -typedef int (*LHASH_COMP_FN_TYPE)(const void *, const void *); -typedef unsigned long (*LHASH_HASH_FN_TYPE)(const void *); -typedef void (*LHASH_DOALL_FN_TYPE)(void *); -typedef void (*LHASH_DOALL_ARG_FN_TYPE)(void *, void *); - -/* Macros for declaring and implementing type-safe wrappers for LHASH callbacks. - * This way, callbacks can be provided to LHASH structures without function - * pointer casting and the macro-defined callbacks provide per-variable casting - * before deferring to the underlying type-specific callbacks. NB: It is - * possible to place a "static" in front of both the DECLARE and IMPLEMENT - * macros if the functions are strictly internal. */ - -/* First: "hash" functions */ -#define DECLARE_LHASH_HASH_FN(name, o_type) \ - unsigned long name##_LHASH_HASH(const void *); -#define IMPLEMENT_LHASH_HASH_FN(name, o_type) \ - unsigned long name##_LHASH_HASH(const void *arg) { \ - const o_type *a = arg; \ - return name##_hash(a); } -#define LHASH_HASH_FN(name) name##_LHASH_HASH - -/* Second: "compare" functions */ -#define DECLARE_LHASH_COMP_FN(name, o_type) \ - int name##_LHASH_COMP(const void *, const void *); -#define IMPLEMENT_LHASH_COMP_FN(name, o_type) \ - int name##_LHASH_COMP(const void *arg1, const void *arg2) { \ - const o_type *a = arg1; \ - const o_type *b = arg2; \ - return name##_cmp(a,b); } -#define LHASH_COMP_FN(name) name##_LHASH_COMP - -/* Third: "doall" functions */ -#define DECLARE_LHASH_DOALL_FN(name, o_type) \ - void name##_LHASH_DOALL(void *); -#define IMPLEMENT_LHASH_DOALL_FN(name, o_type) \ - void name##_LHASH_DOALL(void *arg) { \ - o_type *a = arg; \ - name##_doall(a); } -#define LHASH_DOALL_FN(name) name##_LHASH_DOALL - -/* Fourth: "doall_arg" functions */ -#define DECLARE_LHASH_DOALL_ARG_FN(name, o_type, a_type) \ - void name##_LHASH_DOALL_ARG(void *, void *); -#define IMPLEMENT_LHASH_DOALL_ARG_FN(name, o_type, a_type) \ - void name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \ - o_type *a = arg1; \ - a_type *b = arg2; \ - name##_doall_arg(a, b); } -#define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG - -typedef struct lhash_st _LHASH; - -#define LH_LOAD_MULT 256 - -_LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c); -void lh_free(_LHASH *lh); -int lh_error(_LHASH *lh); -void *lh_insert(_LHASH *lh, void *data); -void *lh_delete(_LHASH *lh, const void *data); -void *lh_retrieve(_LHASH *lh, const void *data); -void lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func); -void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg); -unsigned long lh_strhash(const char *c); -unsigned long lh_num_items(const _LHASH *lh); - -/* Type checking... */ - -#define LHASH_OF(type) struct lhash_st_##type - -#define DECLARE_LHASH_OF(type) LHASH_OF(type) - -#define CHECKED_LHASH_OF(type,lh) \ - ((_LHASH *)CHECKED_PTR_OF(LHASH_OF(type),lh)) - -/* Define wrapper functions. */ -#define LHM_lh_new(type, name) \ - ((LHASH_OF(type) *)lh_new(LHASH_HASH_FN(name), LHASH_COMP_FN(name))) -#define LHM_lh_error(type, lh) \ - lh_error(CHECKED_LHASH_OF(type,lh)) -#define LHM_lh_insert(type, lh, inst) \ - ((type *)lh_insert(CHECKED_LHASH_OF(type, lh), \ - CHECKED_PTR_OF(type, inst))) -#define LHM_lh_retrieve(type, lh, inst) \ - ((type *)lh_retrieve(CHECKED_LHASH_OF(type, lh), \ - CHECKED_PTR_OF(type, inst))) -#define LHM_lh_delete(type, lh, inst) \ - ((type *)lh_delete(CHECKED_LHASH_OF(type, lh), \ - CHECKED_PTR_OF(type, inst))) -#define LHM_lh_doall(type, lh,fn) lh_doall(CHECKED_LHASH_OF(type, lh), fn) -#define LHM_lh_doall_arg(type, lh, fn, arg_type, arg) \ - lh_doall_arg(CHECKED_LHASH_OF(type, lh), fn, CHECKED_PTR_OF(arg_type, arg)) -#define LHM_lh_num_items(type, lh) lh_num_items(CHECKED_LHASH_OF(type, lh)) -#define LHM_lh_free(type, lh) lh_free(CHECKED_LHASH_OF(type, lh)) - -DECLARE_LHASH_OF(OPENSSL_STRING); -DECLARE_LHASH_OF(OPENSSL_CSTRING); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/man/ACCESS_DESCRIPTION_new.3 b/src/lib/libcrypto/man/ACCESS_DESCRIPTION_new.3 deleted file mode 100644 index 15156ffca3..0000000000 --- a/src/lib/libcrypto/man/ACCESS_DESCRIPTION_new.3 +++ /dev/null @@ -1,151 +0,0 @@ -.\" $OpenBSD: ACCESS_DESCRIPTION_new.3,v 1.6 2022/03/31 17:27:16 naddy Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 31 2022 $ -.Dt ACCESS_DESCRIPTION_NEW 3 -.Os -.Sh NAME -.Nm ACCESS_DESCRIPTION_new , -.Nm ACCESS_DESCRIPTION_free , -.Nm AUTHORITY_INFO_ACCESS_new , -.Nm AUTHORITY_INFO_ACCESS_free -.Nd X.509 information access extensions -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft ACCESS_DESCRIPTION * -.Fn ACCESS_DESCRIPTION_new void -.Ft void -.Fn ACCESS_DESCRIPTION_free "ACCESS_DESCRIPTION *ad" -.Ft AUTHORITY_INFO_ACCESS -.Fn AUTHORITY_INFO_ACCESS_new void -.Ft void -.Fn AUTHORITY_INFO_ACCESS_free "AUTHORITY_INFO_ACCESS *aia" -.Sh DESCRIPTION -Using the information access extensions, certificates and certificate -revocation lists can point to auxiliary information and services -available online, for example online validation services or CA -policy data. -.Pp -.Fn ACCESS_DESCRIPTION_new -allocates and initializes an empty -.Vt ACCESS_DESCRIPTION -object, representing an ASN.1 -.Vt AccessDescription -structure defined in RFC 5280 section 4.2.2.1. -It can hold a pointer to a -.Vt GENERAL_NAME -object documented in -.Xr GENERAL_NAME_new 3 -and an access method identifier. -.Fn ACCESS_DESCRIPTION_free -frees -.Fa ad . -.Pp -The access method identifier is somewhat misnamed; it identifies -the type and format of the information provided. -How to access that information is often obvious from the -.Vt GENERAL_NAME -which may for example include a uniform resource identifier. -.Pp -Four standard access method identifiers are defined in RFC 5280: -.Bl -bullet -.It -.Qq id-ad-caIssuers -can occur in the authority information access extension of certificates -and certificate revocation lists and provides access to certificates -issued to the CA that issued the certificate, or provides access -to certificates used for signing the CRL, in order to help constructing -a certification path. -.It -.Qq id-ad-ocsp -can occur in the authority information access extension of certificates -and provides access to revocation information via the Online -Certificate Status Protocol (OCSP) defined in RFC 6960. -.It -.Qq id-ad-caRepository -can occur in the subject information access extension of CA -certificates and provides access to an online repository of -certificates issued by the CA. -.It -.Qq id-ad-timeStamping -can occur in the subject information access extension of end entity -certificates and indicates that the subject offers timestamping -services using the Time Stamp Protocol defined in RFC 3161. -.El -.Pp -.Fn AUTHORITY_INFO_ACCESS_new -allocates and initializes an empty -.Vt AUTHORITY_INFO_ACCESS -object, which is a -.Vt STACK_OF(ACCESS_DESCRIPTION) -and represents an ASN.1 -.Vt AuthorityInfoAccessSyntax -structure defined in RFC 5280 section 4.2.2.1. -It can be used for the authority information access extension of -certificates and certificate revocation lists and for the subject -information access extension of certificates. -.Fn AUTHORITY_INFO_ACCESS_free -frees -.Fa aia . -.Sh RETURN VALUES -.Fn ACCESS_DESCRIPTION_new -and -.Fn AUTHORITY_INFO_ACCESS_new -return the new -.Vt ACCESS_DESCRIPTION -or -.Vt AUTHORITY_INFO_ACCESS -object, respectively, or -.Dv NULL -if an error occurs. -.Sh SEE ALSO -.Xr d2i_ACCESS_DESCRIPTION 3 , -.Xr DIST_POINT_new 3 , -.Xr GENERAL_NAME_new 3 , -.Xr OCSP_REQUEST_new 3 , -.Xr TS_REQ_new 3 , -.Xr X509_CRL_new 3 , -.Xr X509_EXTENSION_new 3 , -.Xr X509_new 3 -.Sh STANDARDS -These extensions are only defined in the following RFC and not -specified in the underlying X.509 standard. -.Pp -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile: -.Bl -dash -compact -.It -section 4.2.2.1: Certificate Extensions: Authority Information Access -.It -section 4.2.2.2: Certificate Extensions: Subject Information Access -.It -section 5.2.7: CRL Extensions: Authority Information Access -.El -.Pp -Regarding OCSP and TSP, see: -.Pp -RFC 6960: X.509 Internet Public Key Infrastructure Online Certificate -Status Protocol -.Pp -RFC 3161: Internet X.509 Public Key Infrastructure Time-Stamp Protocol -.Sh HISTORY -.Fn ACCESS_DESCRIPTION_new , -.Fn ACCESS_DESCRIPTION_free , -.Fn AUTHORITY_INFO_ACCESS_new , -and -.Fn AUTHORITY_INFO_ACCESS_free -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . diff --git a/src/lib/libcrypto/man/AES_encrypt.3 b/src/lib/libcrypto/man/AES_encrypt.3 deleted file mode 100644 index f022848a61..0000000000 --- a/src/lib/libcrypto/man/AES_encrypt.3 +++ /dev/null @@ -1,173 +0,0 @@ -.\" $OpenBSD: AES_encrypt.3,v 1.1 2019/08/28 10:37:42 schwarze Exp $ -.\" -.\" Copyright (c) 2019 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: August 28 2019 $ -.Dt AES_ENCRYPT 3 -.Os -.Sh NAME -.Nm AES_set_encrypt_key , -.Nm AES_set_decrypt_key , -.Nm AES_encrypt , -.Nm AES_decrypt , -.Nm AES_cbc_encrypt -.Nd low-level interface to the AES symmetric cipher -.Sh SYNOPSIS -.In openssl/aes.h -.Ft int -.Fo AES_set_encrypt_key -.Fa "const unsigned char *userKey" -.Fa "const int bits" -.Fa "AES_KEY *key" -.Fc -.Ft int -.Fo AES_set_decrypt_key -.Fa "const unsigned char *userKey" -.Fa "const int bits" -.Fa "AES_KEY *key" -.Fc -.Ft void -.Fo AES_encrypt -.Fa "const unsigned char *in" -.Fa "unsigned char *out" -.Fa "const AES_KEY *key" -.Fc -.Ft void -.Fo AES_decrypt -.Fa "const unsigned char *in" -.Fa "unsigned char *out" -.Fa "const AES_KEY *key" -.Fc -.Ft void -.Fo AES_cbc_encrypt -.Fa "const unsigned char *in" -.Fa "unsigned char *out" -.Fa "size_t length" -.Fa "const AES_KEY *key" -.Fa "unsigned char *ivec" -.Fa "const int enc" -.Fc -.Sh DESCRIPTION -These function provide a low-level interface to the AES symmetric -cipher algorithm, also called Rijndael. -For reasons of flexibility, it is recommended that application -programs use the high-level interface described in -.Xr EVP_EncryptInit 3 -and -.Xr EVP_aes_128_cbc 3 -instead whenever possible. -.Pp -.Vt AES_KEY -is a structure that can hold up to 60 -.Vt int -values and a number of rounds. -.Pp -.Fn AES_set_encrypt_key -expands the -.Fa userKey , -which is -.Fa bits -long, into the -.Fa key -structure to prepare for encryption. -The number of bits and bytes read from -.Fa userKey , -the number of -.Vt int -values stored into -.Fa key , -and the number of rounds are as follows: -.Pp -.Bl -column bits bytes ints rounds -offset indent -compact -.It bits Ta bytes Ta ints Ta rounds -.It 128 Ta 16 Ta 44 Ta 10 -.It 192 Ta 24 Ta 52 Ta 12 -.It 256 Ta 32 Ta 60 Ta 14 -.El -.Pp -.Fn AES_set_decrypt_key -does the same, but in preparation for decryption. -.Pp -.Fn AES_encrypt -reads a single 16 byte block from -.Pf * Fa in , -encrypts it with the -.Fa key , -and writes the 16 resulting bytes to -.Pf * Fa out . -The 16 byte buffers starting at -.Fa in -and -.Fa out -can overlap, and -.Fa in -and -.Fa out -can even point to the same memory location. -.Pp -.Fn AES_decrypt -decrypts a single block and is otherwise identical to -.Fn AES_encrypt . -.Pp -If -.Fa enc -is non-zero, -.Fn AES_cbc_encrypt -encrypts -.Fa len -bytes at -.Fa in -to -.Fa out -using the 128 bit -.Fa key -and the 128 bit -initialization vector -.Fa ivec -in CBC mode. -If -.Fa enc -is 0, -.Fn AES_cbc_encrypt -performs the corresponding decryption. -.Sh RETURN VALUES -.Fn AES_set_encrypt_key -and -.Fn AES_set_decrypt_key -return 0 for success, -1 if -.Fa userKey -or -.Fa key -is -.Dv NULL , -or -2 if the number of -.Fa bits -is unsupported. -.Sh SEE ALSO -.Xr crypto 3 , -.Xr EVP_aes_128_cbc 3 , -.Xr EVP_EncryptInit 3 -.Sh STANDARDS -ISO/IEC 18033-3:2010 -Information technology \(em Security techniques \(em -Encryption algorithms \(em Part 3: Block ciphers -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.7 -and have been available since -.Ox 3.2 . -.Sh AUTHORS -.An Vincent Rijmen -.An Antoon Bosselaers -.An Paulo Barreto diff --git a/src/lib/libcrypto/man/ASIdentifiers_new.3 b/src/lib/libcrypto/man/ASIdentifiers_new.3 deleted file mode 100644 index d8473b81a0..0000000000 --- a/src/lib/libcrypto/man/ASIdentifiers_new.3 +++ /dev/null @@ -1,138 +0,0 @@ -.\" $OpenBSD: ASIdentifiers_new.3,v 1.11 2023/09/30 18:16:44 tb Exp $ -.\" -.\" Copyright (c) 2023 Theo Buehler -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: September 30 2023 $ -.Dt ASIDENTIFIERS_NEW 3 -.Os -.Sh NAME -.Nm ASIdentifiers_new , -.Nm ASIdentifiers_free , -.Nm d2i_ASIdentifiers , -.Nm i2d_ASIdentifiers -.Nd RFC 3779 autonomous system identifier delegation extensions -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft ASIdentifiers * -.Fo ASIdentifiers_new -.Fa "void" -.Fc -.Ft void -.Fo ASIdentifiers_free -.Fa "ASIdentifiers *asid" -.Fc -.Ft ASIdentifiers * -.Fo d2i_ASIdentifiers -.Fa "ASIdentifiers **asid" -.Fa "const unsigned char **in" -.Fa "long len" -.Fc -.Ft int -.Fo i2d_ASIdentifiers -.Fa "ASIdentifiers *asid" -.Fa "unsigned char **out" -.Fc -.Sh DESCRIPTION -RFC 3779 defines two X.509v3 certificate extensions that allow the -delegation of -IP addresses and autonomous system (AS) identifiers -from the issuer to the subject of the certificate. -An -.Vt ASIdentifiers -object contains collections of individual AS numbers and -ranges of AS numbers to be delegated. -.Pp -.Fn ASIdentifiers_new -allocates and initializes a new, empty -.Vt ASIdentifiers -object that can be populated with -.Xr X509v3_asid_add_id_or_range 3 . -See -.Xr ASRange_new 3 -for implementation details. -.Pp -.Fn ASIdentifiers_free -frees -.Fa asid -including any data contained in it. -If -.Fa asid -is -.Dv NULL , -no action occurs. -.Pp -.Fn d2i_ASIdentifiers -and -.Fn i2d_ASIdentifiers -decode and encode ASN.1 -.Vt ASIdentifiers -objects as defined in RFC 3779, section 3.2.3.1. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -In order for the encoding produced by -.Fn i2d_ASIdentifiers -to conform to RFC 3779, -.Fa asid -must be in -.Dq canonical form , -see -.Xr X509v3_asid_canonize 3 . -.Sh RETURN VALUES -.Fn ASIdentifiers_new -returns a new -.Vt ASIdentifiers -object or -.Dv NULL -if an error occurs. -.Pp -.Fn d2i_ASIdentifiers -returns an -.Vt ASIdentifiers -object or -.Dv NULL -if a decoding or memory allocation error occurs. -.Pp -.Fn i2d_ASIdentifiers -returns the number of bytes successfully encoded -or a value <= 0 if an error occurs. -.Sh SEE ALSO -.Xr ASRange_new 3 , -.Xr crypto 3 , -.Xr IPAddressRange_new 3 , -.Xr X509_new 3 , -.Xr X509v3_addr_add_inherit 3 , -.Xr X509v3_addr_get_range 3 , -.Xr X509v3_addr_inherits 3 , -.Xr X509v3_addr_subset 3 , -.Xr X509v3_addr_validate_path 3 , -.Xr X509v3_asid_add_id_or_range 3 -.Sh STANDARDS -RFC 3779: X.509 Extensions for IP Addresses and AS Identifiers: -.Bl -dash -compact -.It -section 3: Autonomous System Identifier Delegation Extension -.El -.Pp -RFC 7020: The Internet Numbers Registry System -.Pp -RFC 7249: Internet Numbers Registries -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.8e -and have been available since -.Ox 7.1 . -.Sh BUGS -There are no corresponding functions for the RFC 3779 -IP address delegation extension represented by -.Vt IPAddrBlocks . diff --git a/src/lib/libcrypto/man/ASN1_BIT_STRING_set.3 b/src/lib/libcrypto/man/ASN1_BIT_STRING_set.3 deleted file mode 100644 index a916ca3ab2..0000000000 --- a/src/lib/libcrypto/man/ASN1_BIT_STRING_set.3 +++ /dev/null @@ -1,139 +0,0 @@ -.\" $OpenBSD: ASN1_BIT_STRING_set.3,v 1.5 2024/12/24 09:48:56 schwarze Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: December 24 2024 $ -.Dt ASN1_BIT_STRING_SET 3 -.Os -.Sh NAME -.Nm ASN1_BIT_STRING_set , -.Nm ASN1_BIT_STRING_set_bit , -.Nm ASN1_BIT_STRING_get_bit -.Nd ASN.1 BIT STRING accessors -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft int -.Fo ASN1_BIT_STRING_set -.Fa "ASN1_BIT_STRING *bitstr" -.Fa "unsigned char *data" -.Fa "int len" -.Fc -.Ft int -.Fo ASN1_BIT_STRING_set_bit -.Fa "ASN1_BIT_STRING *bitstr" -.Fa "int bitnumber" -.Fa "int set" -.Fc -.Ft int -.Fo ASN1_BIT_STRING_get_bit -.Fa "ASN1_BIT_STRING *bitstr" -.Fa "int bitnumber" -.Fc -.Sh DESCRIPTION -.Fn ASN1_BIT_STRING_set -sets the length attribute of -.Fa bitstr -to -.Fa len -and copies that number of bytes from -.Fa data -into -.Fa bitstr , -overwriting any previous data, by merely calling -.Xr ASN1_STRING_set 3 . -This function does no validation whatsoever. -In particular, it neither checks that -.Fa bitstr -is actually of the type -.Dv V_ASN1_BIT_STRING -nor, even if it is, that the -.Fa data -and -.Fa len -arguments make sense for this particular bit string. -.Pp -If the -.Fa set -argument is non-zero, -.Fn ASN1_BIT_STRING_set_bit -sets the bit with the given -.Fa bitnumber -in the -.Fa bitstr ; -otherwise, it clears that bit. -A -.Fa bitnumber -of 0 addresses the most significant bit in the first data byte of -.Fa bitstr , -7 the least significant bit in the same byte, -8 the most significant bit in the second data byte, and so on. -.Pp -If setting a bit is requested beyond the last existing data byte, -additional bytes are added to the -.Fa bitstr -as needed. -After clearing a bit, any trailing NUL bytes are removed from the -.Fa bitstr . -.Pp -.Fn ASN1_BIT_STRING_get_bit -checks that the bit with the given -.Fa bitnumber -is set in -.Fa bitstr . -.Sh RETURN VALUES -.Fn ASN1_BIT_STRING_set -returns 1 on success or 0 if memory allocation fails or if -.Fa data -is -.Dv NULL -and -.Fa len -is \-1 in the same call. -.Pp -.Fn ASN1_BIT_STRING_set_bit -returns 1 on success or 0 if -.Fa bitstr -is -.Dv NULL -or if memory allocation fails. -.Pp -.Fn ASN1_BIT_STRING_get_bit -returns 1 if the bit with the given -.Fa bitnumber -is set in the -.Fa bitstr -or 0 if -.Fa bitstr -is -.Dv NULL , -if -.Fa bitnumber -points beyond the last data byte in -.Fa bitstr , -or if the requested bit is not set. -.Sh SEE ALSO -.Xr ASN1_BIT_STRING_new 3 , -.Xr ASN1_STRING_set 3 , -.Xr d2i_ASN1_BIT_STRING 3 , -.Xr v2i_ASN1_BIT_STRING 3 -.Sh HISTORY -.Fn ASN1_BIT_STRING_set -first appeared in SSLeay 0.6.5. -.Fn ASN1_BIT_STRING_set_bit -and -.Fn ASN1_BIT_STRING_get_bit -first appeared in SSLeay 0.9.0. -These functions have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/ASN1_INTEGER_get.3 b/src/lib/libcrypto/man/ASN1_INTEGER_get.3 deleted file mode 100644 index 84f566eda9..0000000000 --- a/src/lib/libcrypto/man/ASN1_INTEGER_get.3 +++ /dev/null @@ -1,428 +0,0 @@ -.\" $OpenBSD: ASN1_INTEGER_get.3,v 1.7 2023/05/22 19:38:04 tb Exp $ -.\" selective merge up to: -.\" OpenSSL man3/ASN1_INTEGER_get_int64 24a535ea Sep 22 13:14:20 2020 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2018, 2021, 2022 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: May 22 2023 $ -.Dt ASN1_INTEGER_GET 3 -.Os -.Sh NAME -.Nm ASN1_INTEGER_get_uint64 , -.Nm ASN1_INTEGER_get_int64 , -.Nm ASN1_INTEGER_get , -.Nm ASN1_INTEGER_set_uint64 , -.Nm ASN1_INTEGER_set_int64 , -.Nm ASN1_INTEGER_set , -.Nm ASN1_INTEGER_cmp , -.Nm ASN1_INTEGER_dup , -.Nm BN_to_ASN1_INTEGER , -.Nm ASN1_INTEGER_to_BN , -.Nm ASN1_ENUMERATED_get_int64 , -.Nm ASN1_ENUMERATED_get , -.Nm ASN1_ENUMERATED_set_int64 , -.Nm ASN1_ENUMERATED_set , -.Nm BN_to_ASN1_ENUMERATED , -.Nm ASN1_ENUMERATED_to_BN -.Nd ASN.1 INTEGER and ENUMERATED utilities -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft int -.Fo ASN1_INTEGER_get_uint64 -.Fa "uint64_t *out_val" -.Fa "const ASN1_INTEGER *a" -.Fc -.Ft int -.Fo ASN1_INTEGER_get_int64 -.Fa "int64_t *out_val" -.Fa "const ASN1_INTEGER *a" -.Fc -.Ft long -.Fo ASN1_INTEGER_get -.Fa "const ASN1_INTEGER *a" -.Fc -.Ft int -.Fo ASN1_INTEGER_set_uint64 -.Fa "ASN1_INTEGER *a" -.Fa "uint64_t v" -.Fc -.Ft int -.Fo ASN1_INTEGER_set_int64 -.Fa "ASN1_INTEGER *a" -.Fa "int64_t v" -.Fc -.Ft int -.Fo ASN1_INTEGER_set -.Fa "ASN1_INTEGER *a" -.Fa "long v" -.Fc -.Ft int -.Fo ASN1_INTEGER_cmp -.Fa "const ASN1_INTEGER *a1" -.Fa "const ASN1_INTEGER *a2" -.Fc -.Ft ASN1_INTEGER * -.Fo ASN1_INTEGER_dup -.Fa "const ASN1_INTEGER *a" -.Fc -.Ft ASN1_INTEGER * -.Fo BN_to_ASN1_INTEGER -.Fa "const BIGNUM *bn" -.Fa "ASN1_INTEGER *ai" -.Fc -.Ft BIGNUM * -.Fo ASN1_INTEGER_to_BN -.Fa "const ASN1_INTEGER *ai" -.Fa "BIGNUM *bn" -.Fc -.Ft int -.Fo ASN1_ENUMERATED_get_int64 -.Fa "int64_t *out_val" -.Fa "const ASN1_ENUMERATED *a" -.Fc -.Ft long -.Fo ASN1_ENUMERATED_get -.Fa "const ASN1_ENUMERATED *a" -.Fc -.Ft int -.Fo ASN1_ENUMERATED_set_int64 -.Fa "ASN1_ENUMERATED *a" -.Fa "int64_t v" -.Fc -.Ft int -.Fo ASN1_ENUMERATED_set -.Fa "ASN1_ENUMERATED *a" -.Fa "long v" -.Fc -.Ft ASN1_ENUMERATED * -.Fo BN_to_ASN1_ENUMERATED -.Fa "const BIGNUM *bn" -.Fa "ASN1_ENUMERATED *ai" -.Fc -.Ft BIGNUM * -.Fo ASN1_ENUMERATED_to_BN -.Fa "const ASN1_ENUMERATED *ai" -.Fa "BIGNUM *bn" -.Fc -.Sh DESCRIPTION -These functions convert to and from -.Vt ASN1_INTEGER -and -.Vt ASN1_ENUMERATED -objects. -.Pp -.Fn ASN1_INTEGER_get_uint64 -and -.Fn ASN1_INTEGER_get_int64 -store the value of -.Fa a -in -.Pf * Fa out_val -if successful. -.Pp -The deprecated function -.Fn ASN1_INTEGER_get -converts -.Fa a -to the -.Vt long -type. -.Pp -.Fn ASN1_INTEGER_set_uint64 , -.Fn ASN1_INTEGER_set_int64 , -and -.Fn ASN1_INTEGER_set -set the type of -.Fa a -to -.Dv V_ASN1_INTEGER -or -.Dv V_ASN1_NEG_INTEGER -depending on the sign of -.Fa v -and set the value of -.Fa a -to -.Fa v . -.Pp -.Fn ASN1_INTEGER_cmp -compares the signed integer numbers represented by -.Fa a1 -and -.Fa a2 . -.Pp -.Fn ASN1_INTEGER_dup -does exactly the same as -.Xr ASN1_STRING_dup 3 -without providing any type safety, -except that it fails if the -.Xr ASN1_STRING_length 3 -of -.Fa a -is 0. -.Pp -.Fn BN_to_ASN1_INTEGER -converts -.Fa bn -to an -.Vt ASN1_INTEGER . -If -.Fa ai -is -.Dv NULL , -a new -.Vt ASN1_INTEGER -object is returned. -Otherwise, the existing object -.Fa ai -is used instead. -.Pp -.Fn ASN1_INTEGER_to_BN -converts -.Fa ai -into a -.Vt BIGNUM . -If -.Fa bn -is -.Dv NULL , -a new -.Vt BIGNUM -object is returned. -Otherwise, the existing object -.Fa bn -is used instead. -.Pp -.Fn ASN1_ENUMERATED_get_int64 , -.Fn ASN1_ENUMERATED_get , -.Fn ASN1_ENUMERATED_set_int64 , -.Fn ASN1_ENUMERATED_set , -.Fn BN_to_ASN1_ENUMERATED , -and -.Fn ASN1_ENUMERATED_to_BN -behave like their -.Vt ASN1_INTEGER -counterparts except that they operate on an -.Vt ASN1_ENUMERATED -object. -.Sh RETURN VALUES -.Fn ASN1_INTEGER_get_uint64 -returns 1 in case of success or 0 if -.Fa a -is not of the type -.Dv V_ASN1_INTEGER -or greater than -.Dv UINT64_MAX . -.Pp -.Fn ASN1_INTEGER_get_int64 -returns 1 in case of success or 0 if -.Fa a -is not of the type -.Dv V_ASN1_INTEGER -or -.Dv V_ASN1_NEG_INTEGER , -less than -.Dv INT64_MIN , -or greater than -.Dv INT64_MAX . -.Pp -.Fn ASN1_INTEGER_get -and -.Fn ASN1_ENUMERATED_get -return the converted value, 0 if -.Fa a -is -.Dv NULL , -or \-1 on error, which is ambiguous because \-1 is a legitimate -value for an -.Vt ASN1_INTEGER . -.Pp -.Fn ASN1_INTEGER_set_uint64 , -.Fn ASN1_INTEGER_set_int64 , -.Fn ASN1_INTEGER_set , -.Fn ASN1_ENUMERATED_set_int64 , -and -.Fn ASN1_ENUMERATED_set -return 1 for success or 0 for failure. -They only fail if a memory allocation error occurs. -.Pp -.Fn ASN1_INTEGER_cmp -returns a value greater than, equal to, or less than 0 -if the signed integer number represented by -.Fa a1 -is greater than, equal to, or less than -the signed integer number represented by -.Fa a2 , -respectively. -.Pp -.Fn ASN1_INTEGER_dup -returns a pointer to a newly allocated -.Vt ASN1_STRING -structure or -.Dv NULL -if -.Fa a -is a -.Dv NULL -pointer, if the length of -.Fa a -is 0, or if memory allocation fails. -.Pp -.Fn BN_to_ASN1_INTEGER -and -.Fn BN_to_ASN1_ENUMERATED -return an -.Vt ASN1_INTEGER -or -.Vt ASN1_ENUMERATED -object, respectively, or -.Dv NULL -if an error occurs. -They only fail due to memory allocation errors. -.Pp -.Fn ASN1_INTEGER_to_BN -and -.Fn ASN1_ENUMERATED_to_BN -return a -.Vt BIGNUM -object of -.Dv NULL -if an error occurs. -They can fail if the passed type is incorrect (due to a programming error) -or due to memory allocation failures. -.Sh SEE ALSO -.Xr ASN1_INTEGER_new 3 , -.Xr ASN1_STRING_length 3 -.Sh HISTORY -.Fn ASN1_INTEGER_set -first appeared in SSLeay 0.5.1. -.Fn ASN1_INTEGER_get , -.Fn BN_to_ASN1_INTEGER , -and -.Fn ASN1_INTEGER_to_BN -first appeared in SSLeay 0.6.0. -.Fn ASN1_INTEGER_cmp -and -.Fn ASN1_INTEGER_dup -first appeared in SSLeay 0.6.5. -These functions have been available since -.Ox 2.3 . -.Pp -.Fn ASN1_ENUMERATED_get , -.Fn ASN1_ENUMERATED_set , -.Fn BN_to_ASN1_ENUMERATED , -and -.Fn ASN1_ENUMERATED_to_BN -first appeared in OpenSSL 0.9.2b and have been available since -.Ox 2.6 . -.Pp -.Fn ASN1_INTEGER_get_uint64 , -.Fn ASN1_INTEGER_get_int64 , -.Fn ASN1_INTEGER_set_uint64 , -.Fn ASN1_INTEGER_set_int64 , -.Fn ASN1_ENUMERATED_get_int64 , -and -.Fn ASN1_ENUMERATED_set_int64 -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 7.2 . -.Sh CAVEATS -In general an -.Vt ASN1_INTEGER -or -.Vt ASN1_ENUMERATED -type can contain an integer of almost arbitrary size -and so cannot always be represented by a C -.Vt long -type. -The ambiguous return values of -.Fn ASN1_INTEGER_get -and -.Fn ASN1_ENUMERATED_get -imply that these functions should be avoided if possible. -.Sh BUGS -.Fn ASN1_INTEGER_cmp , -.Fn ASN1_INTEGER_dup , -and -.Fn ASN1_INTEGER_to_BN -do not check whether their arguments are really of the type -.Dv V_ASN1_INTEGER -or -.Dv V_ASN1_NEG_INTEGER . -They may report success even if their arguments are of a wrong type. -Consequently, even in case of success, the return value of -.Fn ASN1_INTEGER_dup -is not guaranteed to be of the type -.Dv V_ASN1_INTEGER -or -.Dv V_ASN1_NEG_INTEGER -either. -.Pp -Similarly, -.Fn ASN1_ENUMERATED_to_BN -does not check whether its argument is really of the type -.Dv V_ASN1_ENUMERATED -or -.Dv V_ASN1_NEG_ENUMERATED -and may report success even if the argument is of a wrong type. diff --git a/src/lib/libcrypto/man/ASN1_NULL_new.3 b/src/lib/libcrypto/man/ASN1_NULL_new.3 deleted file mode 100644 index b4d2428ed1..0000000000 --- a/src/lib/libcrypto/man/ASN1_NULL_new.3 +++ /dev/null @@ -1,66 +0,0 @@ -.\" $OpenBSD: ASN1_NULL_new.3,v 1.3 2021/12/09 18:42:35 schwarze Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: December 9 2021 $ -.Dt ASN1_NULL_NEW 3 -.Os -.Sh NAME -.Nm ASN1_NULL_new , -.Nm ASN1_NULL_free -.Nd ASN.1 NULL value -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft ASN1_NULL * -.Fn ASN1_NULL_new void -.Ft void -.Fn ASN1_NULL_free "ASN1_NULL *val_in" -.Sh DESCRIPTION -.Fn ASN1_NULL_new -returns a specific invalid pointer that represents the ASN.1 NULL value, -which is the only possible value of the ASN.1 NULL type. -That pointer is different from a -.Dv NULL -pointer. -Dereferencing it almost certainly results in a segmentation fault. -This function does not allocate memory and cannot fail. -.Pp -.Fn ASN1_NULL_free -has no effect whatsoever. -In particular, it ignores the -.Fa val_in -argument and does not free any memory. -In normal use, application programs only pass the invalid pointer -obtained from -.Fn ASN1_NULL_new -to this function. -But even if a valid pointer is passed, that pointer does not become invalid. -.Pp -The ASN.1 NULL type is also represented by the -.Dv V_ASN1_NULL -type identifier constant. -.Sh SEE ALSO -.Xr ASN1_item_new 3 , -.Xr d2i_ASN1_NULL 3 -.Sh STANDARDS -ITU-T Recommendation X.208, also known as ISO/IEC 8824-1: -Specification of Abstract Syntax Notation One (ASN.1), -section 19: Notation for the null type -.Sh HISTORY -.Fn ASN1_NULL_new -and -.Fn ASN1_NULL_free -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . diff --git a/src/lib/libcrypto/man/ASN1_OBJECT_new.3 b/src/lib/libcrypto/man/ASN1_OBJECT_new.3 deleted file mode 100644 index 3e2eac02ee..0000000000 --- a/src/lib/libcrypto/man/ASN1_OBJECT_new.3 +++ /dev/null @@ -1,228 +0,0 @@ -.\" $OpenBSD: ASN1_OBJECT_new.3,v 1.16 2023/09/05 15:01:39 schwarze Exp $ -.\" full merge up to: OpenSSL 99d63d4 Mar 19 12:28:58 2016 -0400 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2017, 2021, 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson. -.\" Copyright (c) 2002, 2006 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: September 5 2023 $ -.Dt ASN1_OBJECT_NEW 3 -.Os -.Sh NAME -.Nm ASN1_OBJECT_new , -.Nm ASN1_OBJECT_create , -.Nm ASN1_OBJECT_free -.Nd ASN.1 object identifiers -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft ASN1_OBJECT * -.Fo ASN1_OBJECT_new -.Fa void -.Fc -.Ft ASN1_OBJECT * -.Fo ASN1_OBJECT_create -.Fa "int nid" -.Fa "unsigned char *content" -.Fa "int len" -.Fa "const char *short_name" -.Fa "const char *long_name" -.Fc -.Ft void -.Fo ASN1_OBJECT_free -.Fa "ASN1_OBJECT *a" -.Fc -.Sh DESCRIPTION -.Fn ASN1_OBJECT_new -allocates and initializes an empty -.Vt ASN1_OBJECT -object, representing an ASN.1 OBJECT IDENTIFIER. -It can hold a short name, a long name, a numeric identifier (NID), -and a sequence of integers identifying a node in the International -Object Identifier tree as specified in ITU-T recommendation X.660. -The new object is marked as dynamically allocated. -.Pp -The ASN.1 object identifier type is also represented by the -.Dv V_ASN1_OBJECT -type identifier constant. -.Pp -.Fn ASN1_OBJECT_create -allocates a new -.Vt ASN1_OBJECT -with the given -.Fa nid , -copies the -.Fa len -DER -.Fa content -octets, the -.Fa short_name , -and the -.Fa long_name -into it, and marks the new object and all data contained in it -as dynamically allocated. -.Pp -Application programs normally use utility functions like -.Xr OBJ_nid2obj 3 -rather than using -.Fn ASN1_OBJECT_new -or -.Fn ASN1_OBJECT_create -directly. -.Pp -.Fn ASN1_OBJECT_free -has the following effects: -.Pp -All data contained in -.Fa a -that is marked as dynamically allocated is freed, -and the respective fields of -.Fa a -become empty. -Contained data not marked as dynamically allocated remains intact. -.Pp -If the object -.Fa a -itself is marked as dynamically allocated, it is freed. -Otherwise, the pointer -.Fa a -remains valid. -.Pp -If -.Fa a -is a -.Dv NULL -pointer or if neither the object itself nor any of its content -is marked as dynamically allocated, no action occurs. -.Sh RETURN VALUES -.Fn ASN1_OBJECT_new -and -.Fn ASN1_OBJECT_create -return a pointer to the new object or -.Dv NULL -if memory allocation fails, -.Sh ERRORS -After failure of -.Fn ASN1_OBJECT_new -or -.Fn ASN1_OBJECT_create , -the following diagnostic can be retrieved with -.Xr ERR_get_error 3 , -.Xr ERR_GET_REASON 3 , -and -.Xr ERR_reason_error_string 3 : -.Bl -tag -width Ds -.It Dv ERR_R_MALLOC_FAILURE Qq "malloc failure" -Memory allocation failed. -.El -.Pp -After some cases of failure of -.Fn ASN1_OBJECT_create , -the following diagnostic can be retrieved in addition to the above: -.Bl -tag -width Ds -.It Dv ERR_R_ASN1_LIB Qq "ASN1 lib" -Memory allocation failed. -.El -.Sh SEE ALSO -.Xr a2d_ASN1_OBJECT 3 , -.Xr ASN1_TYPE_get 3 , -.Xr d2i_ASN1_OBJECT 3 , -.Xr OBJ_create 3 , -.Xr OBJ_nid2obj 3 -.Sh STANDARDS -ITU-T Recommendation X.208, also known as ISO/IEC 8824-1: -Specification of Abstract Syntax Notation One (ASN.1), -section 28: Notation for the object identifier type -.Pp -ITU-T Recommendation X.690, also known as ISO/IEC 8825-1: -Information technology - ASN.1 encoding rules: -Specification of Basic Encoding Rules (BER), Canonical Encoding -Rules (CER) and Distinguished Encoding Rules (DER), -section 8.19: Encoding of an object identifier value -.Sh HISTORY -.Fn ASN1_OBJECT_new -and -.Fn ASN1_OBJECT_free -first appeared in SSLeay 0.5.1 and -.Fn ASN1_OBJECT_create -in SSLeay 0.8.0. -These functions have been available since -.Ox 2.4 . -.Sh BUGS -The function -.Fn ASN1_OBJECT_new -is not useful for any practical purpose because the library does not -provide any function capable of adding data to an existing object. -Consequently, if the application program creates an object with -.Fn ASN1_OBJECT_new , -that object will always remain empty. -.Pp -Similarly, if an -.Fa nid -of -.Dv NID_undef -is passed to -.Fn ASN1_OBJECT_create , -or if -.Dv NULL -is passed for any of its pointer arguments, the returned object -will permanently remain incomplete. diff --git a/src/lib/libcrypto/man/ASN1_PRINTABLE_type.3 b/src/lib/libcrypto/man/ASN1_PRINTABLE_type.3 deleted file mode 100644 index 391dd32e66..0000000000 --- a/src/lib/libcrypto/man/ASN1_PRINTABLE_type.3 +++ /dev/null @@ -1,92 +0,0 @@ -.\" $OpenBSD: ASN1_PRINTABLE_type.3,v 1.1 2021/11/15 13:39:40 schwarze Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: November 15 2021 $ -.Dt ASN1_PRINTABLE_TYPE 3 -.Os -.Sh NAME -.Nm ASN1_PRINTABLE_type -.Nd classify a single-byte character string -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft int -.Fo ASN1_PRINTABLE_type -.Fa "const unsigned char *string" -.Fa "int len" -.Fc -.Sh DESCRIPTION -.Fn ASN1_PRINTABLE_type -assumes that the given -.Fa string -consists of single-byte characters and classifies it -according to which kinds characters occur. -If -.Fa len -is greater than 0, at most -.Fa len -characters are inspected. -Otherwise, the -.Fa string -needs to be NUL-terminated. -.Sh RETURN VALUES -If the given -.Fa string -contains a character outside the -.Xr ascii 7 -range, -.Fn ASN1_PRINTABLE_type -returns -.Dv V_ASN1_T61STRING . -.Pp -Otherwise, if it contains a character that is neither a letter -nor a digit nor the space character -.Po -.Ql "\ " , -ASCII 0x20 -.Pc -nor the apostrophe quote -.Po -.Ql \(aq , -ASCII 0x27 -.Pc -nor contained in the set -.Qq ()+,\-./:=?\& , -it returns -.Dv V_ASN1_IA5STRING . -.Pp -Otherwise, including if -.Fa string -is a -.Dv NULL -pointer or points to an empty string, it returns -.Dv V_ASN1_PRINTABLESTRING . -.Sh SEE ALSO -.Xr ASN1_mbstring_copy 3 , -.Xr ASN1_STRING_new 3 , -.Xr ASN1_STRING_to_UTF8 3 , -.Xr isascii 3 , -.Xr ascii 7 -.Sh HISTORY -.Fn ASN1_PRINTABLE_type -first appeared in SSLeay 0.4.5d, has been part of the public API -since SSLeay 0.5.1, and has been available since -.Ox 2.4 . -.Sh CAVEATS -The ASN.1 notion of what constitutes a -.Vt PrintableString -is more restrictive than what the C library function -.Xr isprint 3 -considers printable. diff --git a/src/lib/libcrypto/man/ASN1_STRING_TABLE_get.3 b/src/lib/libcrypto/man/ASN1_STRING_TABLE_get.3 deleted file mode 100644 index 2bf8831c12..0000000000 --- a/src/lib/libcrypto/man/ASN1_STRING_TABLE_get.3 +++ /dev/null @@ -1,94 +0,0 @@ -.\" $OpenBSD: ASN1_STRING_TABLE_get.3,v 1.4 2023/12/21 21:23:37 tb Exp $ -.\" checked up to: -.\" OpenSSL ASN1_STRING_TABLE_add.pod 7b608d08 Jul 27 01:18:50 2017 +0800 -.\" -.\" Copyright (c) 2017, 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: December 21 2023 $ -.Dt ASN1_STRING_TABLE_GET 3 -.Os -.Sh NAME -.\" .Nm ASN1_STRING_TABLE_add0 and -.\" .Nm ASN1_STRING_TABLE_cleanup are intentionally undocumented -.\" because they will be removed in the next major bump -.\" .Dv STABLE_FLAGS_MALLOC is intentionally undocumented because it is unused -.Nm ASN1_STRING_TABLE_get -.Nd retrieve an entry from the global ASN.1 string table -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft ASN1_STRING_TABLE * -.Fo ASN1_STRING_TABLE_get -.Fa "int nid" -.Fc -.Sh DESCRIPTION -The ASN.1 string table is a unique global object. -Each entry is of the type -.Vt ASN1_STRING_TABLE -and contains information about one NID object. -The entries are predefined according to RFC 5280 appendix A.1. -.Pp -The upper bounds for the number of characters in various kinds of -.Vt ASN1_STRING -objects are: -.Pp -.Bl -column -compact NID_organizationalUnitNa maxsi ub_organization_unit_na -.It object type Ta maxsize Ta symbolic constant -.It Dv NID_commonName Ta 64 Ta Dv ub_common_name -.It Dv NID_countryName Ta 2 Ta \(em -.It Dv NID_givenName Ta 32768 Ta Dv ub_name -.It Dv NID_initials Ta 32768 Ta Dv ub_name -.It Dv NID_localityName Ta 128 Ta Dv ub_locality_name -.It Dv NID_name Ta 32768 Ta Dv ub_name -.It Dv NID_organizationName Ta 64 Ta Dv ub_organization_name -.It Dv NID_organizationalUnitName Ta 64 Ta Dv ub_organization_unit_name -.It Dv NID_pkcs9_emailAddress Ta 128 Ta Dv ub_email_address -.It Dv NID_serialNumber Ta 64 Ta Dv ub_serial_number -.It Dv NID_stateOrProvinceName Ta 128 Ta Dv ub_state_name -.It Dv NID_surname Ta 32768 Ta Dv ub_name -.El -.Pp -The function -.Fn ASN1_STRING_TABLE_get -retrieves the entry for -.Fa nid . -If the -.Dv STABLE_NO_MASK -flag is set, -.Xr ASN1_STRING_set_by_NID 3 -skips applying the global mask that can be set with -.Xr ASN1_STRING_set_default_mask 3 . -.Sh RETURN VALUES -.Fn ASN1_STRING_TABLE_get -returns a valid -.Vt ASN1_STRING_TABLE -structure or -.Dv NULL -if nothing is found. -.Sh SEE ALSO -.Xr ASN1_OBJECT_new 3 , -.Xr ASN1_STRING_set_by_NID 3 , -.Xr OBJ_create 3 , -.Xr OBJ_nid2obj 3 -.Sh HISTORY -.Fn ASN1_STRING_TABLE_get -first appeared in OpenSSL 0.9.5 and has been available since -.Ox 2.7 . -.Sh BUGS -Most aspects of the semantics considerably differ from OpenSSL. -.Pp -.Dv ub_email_address , -which should really be called -.Dv ub_emailaddress_length , -was changed in RFC 5280 from 128 to 255 to match PKCS#9 (RFC 2985). diff --git a/src/lib/libcrypto/man/ASN1_STRING_length.3 b/src/lib/libcrypto/man/ASN1_STRING_length.3 deleted file mode 100644 index 0c397607a9..0000000000 --- a/src/lib/libcrypto/man/ASN1_STRING_length.3 +++ /dev/null @@ -1,461 +0,0 @@ -.\" $OpenBSD: ASN1_STRING_length.3,v 1.30 2024/12/27 15:30:17 schwarze Exp $ -.\" full merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2018, 2019, 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson. -.\" Copyright (c) 2002, 2006, 2013, 2015, 2016, 2017 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 27 2024 $ -.Dt ASN1_STRING_LENGTH 3 -.Os -.Sh NAME -.Nm ASN1_STRING_cmp , -.Nm ASN1_OCTET_STRING_cmp , -.Nm ASN1_STRING_data , -.Nm ASN1_STRING_dup , -.Nm ASN1_OCTET_STRING_dup , -.Nm ASN1_STRING_get0_data , -.Nm ASN1_STRING_length , -.Nm ASN1_STRING_length_set , -.Nm ASN1_STRING_set0 , -.Nm ASN1_STRING_set , -.Nm ASN1_OCTET_STRING_set , -.Nm ASN1_STRING_copy , -.Nm ASN1_STRING_to_UTF8 , -.Nm ASN1_STRING_type -.\" deprecated aliases, intentionally undocumented: -.\" M_ASN1_STRING_data, M_ASN1_STRING_length -.Nd ASN1_STRING utility functions -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft int -.Fo ASN1_STRING_cmp -.Fa "const ASN1_STRING *a" -.Fa "const ASN1_STRING *b" -.Fc -.Ft int -.Fo ASN1_OCTET_STRING_cmp -.Fa "const ASN1_OCTET_STRING *a" -.Fa "const ASN1_OCTET_STRING *b" -.Fc -.Ft unsigned char * -.Fo ASN1_STRING_data -.Fa "ASN1_STRING *x" -.Fc -.Ft ASN1_STRING * -.Fo ASN1_STRING_dup -.Fa "const ASN1_STRING *a" -.Fc -.Ft ASN1_OCTET_STRING * -.Fo ASN1_OCTET_STRING_dup -.Fa "const ASN1_OCTET_STRING *a" -.Fc -.Ft const unsigned char * -.Fo ASN1_STRING_get0_data -.Fa "const ASN1_STRING *x" -.Fc -.Ft int -.Fo ASN1_STRING_length -.Fa "const ASN1_STRING *x" -.Fc -.Ft void -.Fo ASN1_STRING_length_set -.Fa "ASN1_STRING *x" -.Fa "int len" -.Fc -.Ft void -.Fo ASN1_STRING_set0 -.Fa "ASN1_STRING *str" -.Fa "void *data" -.Fa "int len" -.Fc -.Ft int -.Fo ASN1_STRING_set -.Fa "ASN1_STRING *str" -.Fa "const void *data" -.Fa "int len" -.Fc -.Ft int -.Fo ASN1_OCTET_STRING_set -.Fa "ASN1_OCTET_STRING *str" -.Fa "const unsigned char *data" -.Fa "int len" -.Fc -.Ft int -.Fo ASN1_STRING_copy -.Fa "ASN1_STRING *dst" -.Fa "const ASN1_STRING *src" -.Fc -.Ft int -.Fo ASN1_STRING_to_UTF8 -.Fa "unsigned char **out" -.Fa "const ASN1_STRING *in" -.Fc -.Ft int -.Fo ASN1_STRING_type -.Fa "const ASN1_STRING *x" -.Fc -.Sh DESCRIPTION -These functions manipulate -.Vt ASN1_STRING -structures. -.Pp -.Fn ASN1_STRING_cmp -compares the type, the length, and the content of -.Fa a -and -.Fa b . -.Pp -.Fn ASN1_OCTET_STRING_cmp -does exactly the same as -.Fn ASN1_STRING_cmp -without providing any type safety. -.Pp -.Fn ASN1_STRING_data -is similar to -.Fn ASN1_STRING_get0_data -except that the returned value is not constant. -This function is deprecated. -Applications should use -.Fn ASN1_STRING_get0_data -instead. -.Pp -.Fn ASN1_STRING_dup -allocates a new -.Vt ASN1_STRING -object and copies the type, length, data, and flags from -.Fa a -into it. -.Pp -.Fn ASN1_OCTET_STRING_dup -does exactly the same as -.Fn ASN1_STRING_dup -without providing any type safety. -.Pp -.Fn ASN1_STRING_get0_data -returns an internal pointer to the data of -.Fa x . -It should not be freed or modified in any way. -.Pp -.Fn ASN1_STRING_length -returns the length attribute of -.Fa x , -measured in bytes. -.Pp -.Fn ASN1_STRING_length_set -sets the length attribute of -.Fa x -to -.Fa len . -It may put -.Fa x -into an inconsistent internal state. -.Pp -.Fn ASN1_STRING_set0 -frees any data stored in -.Fa str , -sets the length attribute to -.Fa len -bytes, and sets the data attribute to -.Fa data , -transferring ownership, without doing any validation. -.Pp -.Fn ASN1_STRING_set -sets the length attribute of -.Fa str -to -.Fa len -and copies that number of bytes from -.Fa data -into -.Fa str , -overwriting any previous data. -If -.Fa len -is \-1, then -.Fn strlen data -is used instead of -.Fa len . -If -.Fa data -is -.Dv NULL , -the content of -.Fa str -remains uninitialized; that is not considered an error unless -.Fa len -is negative. -.Pp -.Fn ASN1_OCTET_STRING_set -does exactly the same as -.Fn ASN1_STRING_set -without providing any type safety. -.Pp -.Fn ASN1_STRING_copy -copies the length and data of -.Fa src -into -.Fa dst -using -.Fn ASN1_STRING_set -and changes the type and flags of -.Fa dst -to match the type and flags of -.Fa src . -.Pp -.Fn ASN1_STRING_to_UTF8 -converts the string -.Fa in -to UTF-8 format. -The converted data is copied into a newly allocated buffer -.Pf * Fa out . -The buffer -.Pf * Fa out -should be freed using -.Xr free 3 . -.Pp -.Fn ASN1_STRING_type -returns the type of -.Fa x . -If the bit -.Dv V_ASN1_NEG -is set in the return value, -.Fa x -is an ASN.1 INTEGER or ENUMERATED object with a negative value. -.Pp -Almost all ASN.1 types are represented as -.Vt ASN1_STRING -structures. -Other types such as -.Vt ASN1_OCTET_STRING -are simply typedefed to -.Vt ASN1_STRING -and the functions call the -.Vt ASN1_STRING -equivalents. -.Vt ASN1_STRING -is also used for some CHOICE types which consist entirely of primitive -string types such as -.Vt DirectoryString -and -.Vt Time . -.Pp -These functions should -.Em not -be used to examine or modify -.Vt ASN1_INTEGER -or -.Vt ASN1_ENUMERATED -types: the relevant INTEGER or ENUMERATED utility functions should -be used instead. -.Pp -In general it cannot be assumed that the data returned by -.Fn ASN1_STRING_get0_data -and -.Fn ASN1_STRING_data -is NUL terminated, and it may contain embedded NUL characters. -The format of the data depends on the string type: -for example for an -.Vt IA5String -the data contains ASCII characters, for a -.Vt BMPString -two bytes per character in big endian format, and for a -.Vt UTF8String -UTF-8 characters. -.Pp -Similar care should be taken to ensure the data is in the correct format -when calling -.Fn ASN1_STRING_set -or -.Fn ASN1_STRING_set0 . -.Sh RETURN VALUES -.Fn ASN1_STRING_cmp -and -.Fn ASN1_OCTET_STRING_cmp -return 0 if the type, the length, and the content of -.Fa a -and -.Fa b -agree, or a non-zero value otherwise. -In contrast to -.Xr strcmp 3 , -the sign of the return value does not indicate lexicographical ordering. -.Pp -.Fn ASN1_STRING_data -and -.Fn ASN1_STRING_get0_data -return an internal pointer to the data of -.Fa x . -.Pp -.Fn ASN1_STRING_dup -and -.Fn ASN1_OCTET_STRING_dup -return a pointer to a newly allocated -.Vt ASN1_STRING -structure or -.Dv NULL -if an error occurred. -.Pp -.Fn ASN1_STRING_length -returns a number of bytes. -.Pp -.Fn ASN1_STRING_set , -.Fn ASN1_OCTET_STRING_set , -and -.Fn ASN1_STRING_copy -return 1 on success or 0 on failure. -They fail if memory allocation fails. -.Fn ASN1_STRING_set -and -.Fn ASN1_OCTET_STRING_set -also fail if -.Fa data -is -.Dv NULL -and -.Fa len -is \-1 in the same call. -.Fn ASN1_STRING_copy -also fails if -.Fa src -is -.Dv NULL . -.Pp -.Fn ASN1_STRING_to_UTF8 -returns the number of bytes in the output buffer -.Pf * Fa out , -or a negative number if an error occurred. -.Pp -.Fn ASN1_STRING_type -returns an integer constant, for example -.Dv V_ASN1_OCTET_STRING -or -.Dv V_ASN1_NEG_INTEGER . -.Pp -In some cases of failure of -.Fn ASN1_STRING_dup , -.Fn ASN1_STRING_set , -and -.Fn ASN1_STRING_to_UTF8 , -the reason can be determined with -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr a2i_ASN1_STRING 3 , -.Xr a2i_ipadd 3 , -.Xr ASN1_BIT_STRING_set 3 , -.Xr ASN1_mbstring_copy 3 , -.Xr ASN1_PRINTABLE_type 3 , -.Xr ASN1_STRING_new 3 , -.Xr ASN1_UNIVERSALSTRING_to_string 3 , -.Xr s2i_ASN1_INTEGER 3 -.Sh HISTORY -.Fn ASN1_STRING_cmp , -.Fn ASN1_STRING_dup , -.Fn ASN1_STRING_set , -and -.Fn ASN1_OCTET_STRING_set -first appeared in SSLeay 0.6.5. -.Fn ASN1_OCTET_STRING_cmp , -.Fn ASN1_STRING_data , -.Fn ASN1_OCTET_STRING_dup , -and -.Fn ASN1_STRING_type -first appeared in SSLeay 0.8.0. -.Fn ASN1_STRING_length -first appeared in SSLeay 0.9.0. -All these functions have been available since -.Ox 2.4 . -.Pp -.Fn ASN1_STRING_length_set -first appeared in OpenSSL 0.9.5 and has been available since -.Ox 2.7 . -.Pp -.Fn ASN1_STRING_to_UTF8 -first appeared in OpenSSL 0.9.6 and has been available since -.Ox 2.9 . -.Pp -.Fn ASN1_STRING_set0 -first appeared in OpenSSL 0.9.8h and has been available since -.Ox 4.5 . -.Pp -.Fn ASN1_STRING_copy -first appeared in OpenSSL 1.0.0 and has been available since -.Ox 4.9 . -.Pp -.Fn ASN1_STRING_get0_data -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 6.3 . -.Sh BUGS -.Fn ASN1_OCTET_STRING_cmp , -.Fn ASN1_OCTET_STRING_dup , -and -.Fn ASN1_OCTET_STRING_set -do not check whether their arguments are really of the type -.Dv V_ASN1_OCTET_STRING . -They may report success even if their arguments are of a wrong type. -Consequently, even in case of success, the return value of -.Fn ASN1_OCTET_STRING_dup -is not guaranteed to be of the type -.Dv V_ASN1_OCTET_STRING -either. diff --git a/src/lib/libcrypto/man/ASN1_STRING_new.3 b/src/lib/libcrypto/man/ASN1_STRING_new.3 deleted file mode 100644 index 212bacd413..0000000000 --- a/src/lib/libcrypto/man/ASN1_STRING_new.3 +++ /dev/null @@ -1,303 +0,0 @@ -.\" $OpenBSD: ASN1_STRING_new.3,v 1.27 2024/12/27 15:30:17 schwarze Exp $ -.\" OpenSSL 99d63d46 Tue Mar 24 07:52:24 2015 -0400 -.\" -.\" Copyright (c) 2017 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: December 27 2024 $ -.Dt ASN1_STRING_NEW 3 -.Os -.Sh NAME -.Nm ASN1_STRING_new , -.Nm ASN1_STRING_type_new , -.Nm ASN1_STRING_free , -.Nm ASN1_OCTET_STRING_new , -.Nm ASN1_OCTET_STRING_free , -.Nm ASN1_BIT_STRING_new , -.Nm ASN1_BIT_STRING_free , -.Nm ASN1_INTEGER_new , -.Nm ASN1_INTEGER_free , -.Nm ASN1_ENUMERATED_new , -.Nm ASN1_ENUMERATED_free , -.Nm ASN1_UTF8STRING_new , -.Nm ASN1_UTF8STRING_free , -.Nm ASN1_IA5STRING_new , -.Nm ASN1_IA5STRING_free , -.Nm ASN1_UNIVERSALSTRING_new , -.Nm ASN1_UNIVERSALSTRING_free , -.Nm ASN1_BMPSTRING_new , -.Nm ASN1_BMPSTRING_free , -.Nm ASN1_GENERALSTRING_new , -.Nm ASN1_GENERALSTRING_free , -.Nm ASN1_T61STRING_new , -.Nm ASN1_T61STRING_free , -.Nm ASN1_VISIBLESTRING_new , -.Nm ASN1_VISIBLESTRING_free , -.Nm ASN1_PRINTABLESTRING_new , -.Nm ASN1_PRINTABLESTRING_free , -.Nm ASN1_PRINTABLE_new , -.Nm ASN1_PRINTABLE_free , -.Nm DIRECTORYSTRING_new , -.Nm DIRECTORYSTRING_free , -.Nm DISPLAYTEXT_new , -.Nm DISPLAYTEXT_free , -.Nm ASN1_GENERALIZEDTIME_new , -.Nm ASN1_GENERALIZEDTIME_free , -.Nm ASN1_UTCTIME_new , -.Nm ASN1_UTCTIME_free , -.Nm ASN1_TIME_new , -.Nm ASN1_TIME_free -.\" deprecated aliases, intentionally undocumented: M_ASN1_IA5STRING_new, -.\" M_ASN1_ENUMERATED_free, M_ASN1_INTEGER_free, M_ASN1_OCTET_STRING_free -.Nd allocate and free ASN1_STRING objects -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft ASN1_STRING * -.Fn ASN1_STRING_new void -.Ft ASN1_STRING * -.Fn ASN1_STRING_type_new "int type" -.Ft void -.Fn ASN1_STRING_free "ASN1_STRING *a" -.Ft ASN1_OCTET_STRING * -.Fn ASN1_OCTET_STRING_new void -.Ft void -.Fn ASN1_OCTET_STRING_free "ASN1_OCTET_STRING *a" -.Ft ASN1_BIT_STRING * -.Fn ASN1_BIT_STRING_new void -.Ft void -.Fn ASN1_BIT_STRING_free "ASN1_BIT_STRING *a" -.Ft ASN1_INTEGER * -.Fn ASN1_INTEGER_new void -.Ft void -.Fn ASN1_INTEGER_free "ASN1_INTEGER *a" -.Ft ASN1_ENUMERATED * -.Fn ASN1_ENUMERATED_new void -.Ft void -.Fn ASN1_ENUMERATED_free "ASN1_ENUMERATED *a" -.Ft ASN1_UTF8STRING * -.Fn ASN1_UTF8STRING_new void -.Ft void -.Fn ASN1_UTF8STRING_free "ASN1_UTF8STRING *a" -.Ft ASN1_IA5STRING * -.Fn ASN1_IA5STRING_new void -.Ft void -.Fn ASN1_IA5STRING_free "ASN1_IA5STRING *a" -.Ft ASN1_UNIVERSALSTRING * -.Fn ASN1_UNIVERSALSTRING_new void -.Ft void -.Fn ASN1_UNIVERSALSTRING_free "ASN1_UNIVERSALSTRING *a" -.Ft ASN1_BMPSTRING * -.Fn ASN1_BMPSTRING_new void -.Ft void -.Fn ASN1_BMPSTRING_free "ASN1_BMPSTRING *a" -.Ft ASN1_GENERALSTRING * -.Fn ASN1_GENERALSTRING_new void -.Ft void -.Fn ASN1_GENERALSTRING_free "ASN1_GENERALSTRING *a" -.Ft ASN1_T61STRING * -.Fn ASN1_T61STRING_new void -.Ft void -.Fn ASN1_T61STRING_free "ASN1_T61STRING *a" -.Ft ASN1_VISIBLESTRING * -.Fn ASN1_VISIBLESTRING_new void -.Ft void -.Fn ASN1_VISIBLESTRING_free "ASN1_VISIBLESTRING *a" -.Ft ASN1_PRINTABLESTRING * -.Fn ASN1_PRINTABLESTRING_new void -.Ft void -.Fn ASN1_PRINTABLESTRING_free "ASN1_PRINTABLESTRING *a" -.Ft ASN1_STRING * -.Fn ASN1_PRINTABLE_new void -.Ft void -.Fn ASN1_PRINTABLE_free "ASN1_STRING *a" -.Ft ASN1_STRING * -.Fn DIRECTORYSTRING_new void -.Ft void -.Fn DIRECTORYSTRING_free "ASN1_STRING *a" -.Ft ASN1_STRING * -.Fn DISPLAYTEXT_new void -.Ft void -.Fn DISPLAYTEXT_free "ASN1_STRING *a" -.Ft ASN1_GENERALIZEDTIME * -.Fn ASN1_GENERALIZEDTIME_new void -.Ft void -.Fn ASN1_GENERALIZEDTIME_free "ASN1_GENERALIZEDTIME *a" -.Ft ASN1_UTCTIME * -.Fn ASN1_UTCTIME_new void -.Ft void -.Fn ASN1_UTCTIME_free "ASN1_UTCTIME *a" -.Ft ASN1_TIME * -.Fn ASN1_TIME_new void -.Ft void -.Fn ASN1_TIME_free "ASN1_TIME *a" -.Sh DESCRIPTION -The -.Vt ASN1_STRING -object can represent a variety of ASN.1 built-in types. -It can store a type and a value. -.Pp -All the -.Fn *_new -functions -allocate and initialize an empty -.Vt ASN1_STRING -object. -The following table shows the type assigned to the new object, -and which ASN.1 type it represents. -.Bl -column "ASN1_GENERALIZEDTIME_new()" "V_ASN1_GENERALIZEDTIME" -.It Em constructor function Ta Em OpenSSL type Ta Em ASN.1 type -.It Ta -.It Fn ASN1_STRING_new Ta Dv V_ASN1_OCTET_STRING -.It Fn ASN1_STRING_type_new Ta Fa type No argument -.It Ta -.It Fn ASN1_OCTET_STRING_new Ta Dv V_ASN1_OCTET_STRING Ta OCTET STRING -.It Fn ASN1_BIT_STRING_new Ta Dv V_ASN1_BIT_STRING Ta BIT STRING -.It Fn ASN1_INTEGER_new Ta Dv V_ASN1_INTEGER Ta INTEGER -.It Fn ASN1_ENUMERATED_new Ta Dv V_ASN1_ENUMERATED Ta ENUMERATED -.It Ta -.It Fn ASN1_UTF8STRING_new Ta Dv V_ASN1_UTF8STRING Ta UTF8String -.It Fn ASN1_IA5STRING_new Ta Dv V_ASN1_IA5STRING Ta IA5String -.It Ta -.It Fn ASN1_UNIVERSALSTRING_new Ta Dv V_ASN1_UNIVERSALSTRING Ta UniversalString -.It Fn ASN1_BMPSTRING_new Ta Dv V_ASN1_BMPSTRING Ta BMPString -.It Fn ASN1_GENERALSTRING_new Ta Dv V_ASN1_GENERALSTRING Ta GeneralString -.It Fn ASN1_T61STRING_new Ta Dv V_ASN1_T61STRING Ta T61String -.It Fn ASN1_VISIBLESTRING_new Ta Dv V_ASN1_VISIBLESTRING Ta VisibleString -.It Fn ASN1_PRINTABLESTRING_new Ta Dv V_ASN1_PRINTABLESTRING Ta PrintableString -.It Ta -.It Fn ASN1_PRINTABLE_new Ta Dv V_ASN1_UNDEF -.It Fn DIRECTORYSTRING_new Ta Dv V_ASN1_UNDEF -.It Fn DISPLAYTEXT_new Ta Dv V_ASN1_UNDEF -.It Ta -.It Fn ASN1_GENERALIZEDTIME_new Ta Dv V_ASN1_GENERALIZEDTIME Ta GeneralizedTime -.It Fn ASN1_UTCTIME_new Ta Dv V_ASN1_UTCTIME Ta UTCTime -.It Fn ASN1_TIME_new Ta Dv V_ASN1_UNDEF Ta TIME -.El -.Pp -All the -.Fn *_free -functions free -.Fa a -including any data contained in it. -If -.Fa a -is a -.Dv NULL -pointer, no action occurs. -.Sh RETURN VALUES -All the -.Fn *_new -functions return the new -.Vt ASN1_STRING -object if successful; otherwise -.Dv NULL -is returned and an error code can be retrieved with -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr a2i_ipadd 3 , -.Xr ASN1_BIT_STRING_set 3 , -.Xr ASN1_INTEGER_get 3 , -.Xr ASN1_item_pack 3 , -.Xr ASN1_mbstring_copy 3 , -.Xr ASN1_PRINTABLE_type 3 , -.Xr ASN1_STRING_length 3 , -.Xr ASN1_STRING_print_ex 3 , -.Xr ASN1_TIME_set 3 , -.Xr ASN1_TYPE_get 3 , -.Xr ASN1_UNIVERSALSTRING_to_string 3 , -.Xr d2i_ASN1_OBJECT 3 , -.Xr d2i_ASN1_OCTET_STRING 3 , -.Xr i2a_ASN1_STRING 3 , -.Xr s2i_ASN1_INTEGER 3 , -.Xr X509_cmp_time 3 , -.Xr X509_EXTENSION_get_object 3 , -.Xr X509_get_ext_by_OBJ 3 , -.Xr X509_NAME_ENTRY_get_object 3 -.Sh HISTORY -.Fn ASN1_OCTET_STRING_new , -.Fn ASN1_OCTET_STRING_free , -.Fn ASN1_BIT_STRING_new , -.Fn ASN1_BIT_STRING_free , -.Fn ASN1_INTEGER_new , -.Fn ASN1_INTEGER_free , -.Fn ASN1_IA5STRING_new , -.Fn ASN1_IA5STRING_free , -.Fn ASN1_T61STRING_new , -.Fn ASN1_T61STRING_free , -.Fn ASN1_PRINTABLESTRING_new , -.Fn ASN1_PRINTABLESTRING_free , -.Fn ASN1_PRINTABLE_new , -.Fn ASN1_PRINTABLE_free , -.Fn ASN1_UTCTIME_new , -and -.Fn ASN1_UTCTIME_free -first appeared in SSLeay 0.5.1. -.Fn ASN1_STRING_new , -.Fn ASN1_STRING_type_new , -and -.Fn ASN1_STRING_free -first appeared in SSLeay 0.6.5. -.Fn ASN1_UNIVERSALSTRING_new , -.Fn ASN1_UNIVERSALSTRING_free , -.Fn ASN1_GENERALSTRING_new , -and -.Fn ASN1_GENERALSTRING_free -first appeared in SSLeay 0.8.0. -.Fn ASN1_BMPSTRING_new , -.Fn ASN1_BMPSTRING_free , -.Fn ASN1_GENERALIZEDTIME_new , -and -.Fn ASN1_GENERALIZEDTIME_free -first appeared in SSLeay 0.9.0. -All these functions have been available since -.Ox 2.4 . -.Pp -.Fn ASN1_ENUMERATED_new , -.Fn ASN1_ENUMERATED_free , -.Fn ASN1_TIME_new , -and -.Fn ASN1_TIME_free -first appeared in OpenSSL 0.9.2b. -.Fn ASN1_UTF8STRING_new , -.Fn ASN1_UTF8STRING_free , -.Fn ASN1_VISIBLESTRING_new , -.Fn ASN1_VISIBLESTRING_free , -.Fn DIRECTORYSTRING_new , -.Fn DIRECTORYSTRING_free , -.Fn DISPLAYTEXT_new , -and -.Fn DISPLAYTEXT_free -first appeared in OpenSSL 0.9.3. -These functions have been available since -.Ox 2.6 . -.Sh BUGS -.Vt ASN1_OCTET_STRING , -.Vt ASN1_BIT_STRING , -.Vt ASN1_INTEGER , -.Vt ASN1_ENUMERATED , -.Vt ASN1_UTF8STRING , -.Vt ASN1_IA5STRING , -.Vt ASN1_UNIVERSALSTRING , -.Vt ASN1_BMPSTRING , -.Vt ASN1_GENERALSTRING , -.Vt ASN1_T61STRING , -.Vt ASN1_VISIBLESTRING , -.Vt ASN1_PRINTABLESTRING , -.Vt ASN1_GENERALIZEDTIME , -.Vt ASN1_UTCTIME , -and -.Vt ASN1_TIME -are merely typedef aliases of -.Vt ASN1_STRING -and provide no type safety whatsoever. diff --git a/src/lib/libcrypto/man/ASN1_STRING_print_ex.3 b/src/lib/libcrypto/man/ASN1_STRING_print_ex.3 deleted file mode 100644 index eb43b2fe5c..0000000000 --- a/src/lib/libcrypto/man/ASN1_STRING_print_ex.3 +++ /dev/null @@ -1,241 +0,0 @@ -.\" $OpenBSD: ASN1_STRING_print_ex.3,v 1.18 2021/12/14 19:36:18 schwarze Exp $ -.\" full merge up to: OpenSSL bb9ad09e Jun 6 00:43:05 2016 -0400 -.\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800 -.\" -.\" This file was written by Dr. Stephen Henson. -.\" Copyright (c) 2002, 2004, 2007, 2013, 2016, 2017 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 14 2021 $ -.Dt ASN1_STRING_PRINT_EX 3 -.Os -.Sh NAME -.Nm ASN1_STRING_print_ex , -.Nm ASN1_STRING_print_ex_fp , -.Nm ASN1_STRING_print , -.Nm ASN1_tag2str -.\" M_ASN1_OCTET_STRING_print is a deprecated alias, intentionally undocumented -.Nd ASN1_STRING output routines -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft int -.Fo ASN1_STRING_print_ex -.Fa "BIO *out" -.Fa "const ASN1_STRING *str" -.Fa "unsigned long flags" -.Fc -.Ft int -.Fo ASN1_STRING_print_ex_fp -.Fa "FILE *fp" -.Fa "const ASN1_STRING *str" -.Fa "unsigned long flags" -.Fc -.Ft int -.Fo ASN1_STRING_print -.Fa "BIO *out" -.Fa "const ASN1_STRING *str" -.Fc -.Ft const char * -.Fo ASN1_tag2str -.Fa "int tag" -.Fc -.Sh DESCRIPTION -These functions output an -.Vt ASN1_STRING -structure. -.Vt ASN1_STRING -is used to -represent all the ASN.1 string types. -.Pp -.Fn ASN1_STRING_print_ex -outputs -.Fa str -to -.Fa out , -the format being determined by the options -.Fa flags . -.Fn ASN1_STRING_print_ex_fp -is identical except it outputs to -.Fa fp -instead. -.Pp -.Fn ASN1_STRING_print -prints -.Fa str -to -.Fa out -but using a different format to -.Fn ASN1_STRING_print_ex . -It replaces unprintable characters (other than CR, LF) with -.Sq \&. . -.Pp -.Fn ASN1_tag2str -returns a human-readable name of the specified ASN.1 -.Fa tag . -.Pp -.Fn ASN1_STRING_print -is a deprecated function which should be avoided; use -.Fn ASN1_STRING_print_ex -instead. -.Pp -Although there are a large number of options, -.Dv ASN1_STRFLGS_RFC2253 -is often suitable, or on UTF-8 terminals -.Dv ASN1_STRFLGS_RFC2253 -and -.Pf ~ Dv ASN1_STRFLGS_ESC_MSB . -.Pp -The complete set of supported options for -.Fa flags -is listed below. -.Pp -Various characters can be escaped. -If -.Dv ASN1_STRFLGS_ESC_2253 -is set, the characters determined by RFC 2253 are escaped. -If -.Dv ASN1_STRFLGS_ESC_CTRL -is set, control characters are escaped. -If -.Dv ASN1_STRFLGS_ESC_MSB -is set, characters with the MSB set are escaped: this option should -.Em not -be used if the terminal correctly interprets UTF-8 sequences. -.Pp -Escaping takes several forms. -If the character being escaped is a 16-bit character then the form "\eUXXXX" -is used using exactly four characters for the hex representation. -If it is 32 bits then "\eWXXXXXXXX" is used using eight characters -of its hex representation. -These forms will only be used if UTF-8 conversion is not set (see below). -.Pp -Printable characters are normally escaped using the backslash -.Pq Sq \e -character. -If -.Dv ASN1_STRFLGS_ESC_QUOTE -is set, then the whole string is instead surrounded by double quote -characters: this is arguably more readable than the backslash notation. -Other characters use the "\eXX" using exactly two characters of the hex -representation. -.Pp -If -.Dv ASN1_STRFLGS_UTF8_CONVERT -is set, then characters are converted to UTF-8 format first. -If the terminal supports the display of UTF-8 sequences then this -option will correctly display multi-byte characters. -.Pp -If -.Dv ASN1_STRFLGS_IGNORE_TYPE -is set, then the string type is not interpreted at all: -everything is assumed to be one byte per character. -This is primarily for debugging purposes and can result -in confusing output in multi-character strings. -.Pp -If -.Dv ASN1_STRFLGS_SHOW_TYPE -is set, then the string type itself is printed before its value -(for example "BMPSTRING"), using -.Fn ASN1_tag2str . -.Pp -Instead of being interpreted the contents of a string can be "dumped": -this just outputs the value of the string using the form #XXXX -using hex format for each octet. -.Pp -If -.Dv ASN1_STRFLGS_DUMP_ALL -is set, then any type is dumped. -.Pp -Normally non-character string types (such as OCTET STRING) -are assumed to be one byte per character; if -.Dv ASN1_STRFLGS_DUMP_UNKNOWN -is set, then they will be dumped instead. -.Pp -When a type is dumped normally just the content octets are printed; if -.Dv ASN1_STRFLGS_DUMP_DER -is set, then the complete encoding is dumped -instead (including tag and length octets). -.Pp -.Dv ASN1_STRFLGS_RFC2253 -includes all the flags required by RFC 2253. -It is equivalent to -.Dv ASN1_STRFLGS_ESC_2253 | -.Dv ASN1_STRFLGS_ESC_CTRL | -.Dv ASN1_STRFLGS_ESC_MSB | -.Dv ASN1_STRFLGS_UTF8_CONVERT | -.Dv ASN1_STRFLGS_DUMP_UNKNOWN | -.Dv ASN1_STRFLGS_DUMP_DER . -.Sh RETURN VALUES -.Fn ASN1_STRING_print_ex -and -.Fn ASN1_STRING_print_ex_fp -return the number of characters written or \-1 if an error occurred. -.Pp -.Fn ASN1_STRING_print -returns 1 on success or 0 on error. -.Pp -.Fn ASN1_tag2str -returns a static string. -.Sh SEE ALSO -.Xr ASN1_parse_dump 3 , -.Xr ASN1_STRING_new 3 , -.Xr X509_NAME_print_ex 3 , -.Xr X509_signature_dump 3 -.Sh HISTORY -.Fn ASN1_STRING_print -first appeared in SSLeay 0.6.5 and has been available since -.Ox 2.4 . -.Pp -.Fn ASN1_tag2str -first appeared in OpenSSL 0.9.5 and has been available since -.Ox 2.7 . -.Pp -.Fn ASN1_STRING_print_ex -and -.Fn ASN1_STRING_print_ex_fp -first appeared in OpenSSL 0.9.6 and have been available since -.Ox 2.9 . diff --git a/src/lib/libcrypto/man/ASN1_TIME_set.3 b/src/lib/libcrypto/man/ASN1_TIME_set.3 deleted file mode 100644 index 233cb13f2c..0000000000 --- a/src/lib/libcrypto/man/ASN1_TIME_set.3 +++ /dev/null @@ -1,752 +0,0 @@ -.\" $OpenBSD: ASN1_TIME_set.3,v 1.23 2024/03/05 18:30:40 tb Exp $ -.\" full merge up to: OpenSSL 3d0f1cb9 Jul 11 03:01:24 2017 +0800 -.\" selective merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2022 Ingo Schwarze -.\" Copyright (c) 2022 Bob Beck -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson -.\" and Todd Short . -.\" Copyright (c) 2015, 2017 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 5 2024 $ -.Dt ASN1_TIME_SET 3 -.Os -.Sh NAME -.Nm ASN1_TIME_set , -.Nm ASN1_UTCTIME_set , -.Nm ASN1_GENERALIZEDTIME_set , -.Nm ASN1_TIME_adj , -.Nm ASN1_UTCTIME_adj , -.Nm ASN1_GENERALIZEDTIME_adj , -.Nm ASN1_TIME_set_string , -.Nm ASN1_TIME_set_string_X509 , -.Nm ASN1_UTCTIME_set_string , -.Nm ASN1_GENERALIZEDTIME_set_string , -.Nm ASN1_TIME_normalize , -.Nm ASN1_TIME_check , -.Nm ASN1_UTCTIME_check , -.Nm ASN1_GENERALIZEDTIME_check , -.Nm ASN1_TIME_print , -.Nm ASN1_UTCTIME_print , -.Nm ASN1_GENERALIZEDTIME_print , -.Nm ASN1_TIME_to_tm , -.Nm ASN1_TIME_diff , -.Nm ASN1_TIME_cmp_time_t , -.Nm ASN1_UTCTIME_cmp_time_t , -.Nm ASN1_TIME_compare , -.Nm ASN1_TIME_to_generalizedtime , -.Nm OPENSSL_gmtime , -.Nm OPENSSL_timegm , -.Nm OPENSSL_posix_to_tm , -.Nm OPENSSL_tm_to_posix -.Nd ASN.1 Time functions -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft ASN1_TIME * -.Fo ASN1_TIME_set -.Fa "ASN1_TIME *s" -.Fa "time_t t" -.Fc -.Ft ASN1_UTCTIME * -.Fo ASN1_UTCTIME_set -.Fa "ASN1_UTCTIME *s" -.Fa "time_t t" -.Fc -.Ft ASN1_GENERALIZEDTIME * -.Fo ASN1_GENERALIZEDTIME_set -.Fa "ASN1_GENERALIZEDTIME *s" -.Fa "time_t t" -.Fc -.Ft ASN1_TIME * -.Fo ASN1_TIME_adj -.Fa "ASN1_TIME *s" -.Fa "time_t t" -.Fa "int offset_day" -.Fa "long offset_sec" -.Fc -.Ft ASN1_UTCTIME * -.Fo ASN1_UTCTIME_adj -.Fa "ASN1_UTCTIME *s" -.Fa "time_t t" -.Fa "int offset_day" -.Fa "long offset_sec" -.Fc -.Ft ASN1_GENERALIZEDTIME * -.Fo ASN1_GENERALIZEDTIME_adj -.Fa "ASN1_GENERALIZEDTIME *s" -.Fa "time_t t" -.Fa "int offset_day" -.Fa "long offset_sec" -.Fc -.Ft int -.Fo ASN1_TIME_set_string -.Fa "ASN1_TIME *s" -.Fa "const char *str" -.Fc -.Ft int -.Fo ASN1_TIME_set_string_X509 -.Fa "ASN1_TIME *s" -.Fa "const char *str" -.Fc -.Ft int -.Fo ASN1_UTCTIME_set_string -.Fa "ASN1_UTCTIME *s" -.Fa "const char *str" -.Fc -.Ft int -.Fo ASN1_GENERALIZEDTIME_set_string -.Fa "ASN1_GENERALIZEDTIME *s" -.Fa "const char *str" -.Fc -.Ft int -.Fo ASN1_TIME_normalize -.Fa "ASN1_TIME *s" -.Fc -.Ft int -.Fo ASN1_TIME_check -.Fa "const ASN1_TIME *t" -.Fc -.Ft int -.Fo ASN1_UTCTIME_check -.Fa "const ASN1_UTCTIME *t" -.Fc -.Ft int -.Fo ASN1_GENERALIZEDTIME_check -.Fa "const ASN1_GENERALIZEDTIME *t" -.Fc -.Ft int -.Fo ASN1_TIME_print -.Fa "BIO *b" -.Fa "const ASN1_TIME *s" -.Fc -.Ft int -.Fo ASN1_UTCTIME_print -.Fa "BIO *b" -.Fa "const ASN1_UTCTIME *s" -.Fc -.Ft int -.Fo ASN1_GENERALIZEDTIME_print -.Fa "BIO *b" -.Fa "const ASN1_GENERALIZEDTIME *s" -.Fc -.Ft int -.Fo ASN1_TIME_to_tm -.Fa "const ASN1_TIME *s" -.Fa "struct tm *tm" -.Fc -.Ft int -.Fo ASN1_TIME_diff -.Fa "int *pday" -.Fa "int *psec" -.Fa "const ASN1_TIME *from" -.Fa "const ASN1_TIME *to" -.Fc -.Ft int -.Fo ASN1_TIME_cmp_time_t -.Fa "const ASN1_TIME *s" -.Fa "time_t t" -.Fc -.Ft int -.Fo ASN1_UTCTIME_cmp_time_t -.Fa "const ASN1_UTCTIME *s" -.Fa "time_t t" -.Fc -.Ft int -.Fo ASN1_TIME_compare -.Fa "const ASN1_TIME *s" -.Fa "const ASN1_TIME *t" -.Fc -.Ft ASN1_GENERALIZEDTIME * -.Fo ASN1_TIME_to_generalizedtime -.Fa "const ASN1_TIME *t" -.Fa "ASN1_GENERALIZEDTIME **out" -.Fc -.In openssl/crypto.h -.Ft struct tm * -.Fo OPENSSL_gmtime -.Fa "const time_t *time" -.Fa "struct tm *out_tm" -.Fc -.In openssl/posix_time.h -.Ft int -.Fo OPENSSL_timegm -.Fa "const struct tm *tm" -.Fa "time_t *out_time" -.Fc -.Ft int -.Fo OPENSSL_posix_to_tm -.Fa "int64_t time" -.Fa "struct tm *out_tm" -.Fc -.Ft int -.Fo OPENSSL_tm_to_posix -.Fa "struct tm *t_tm" -.Fa "int64_t *out" -.Fc -.Sh DESCRIPTION -An -.Vt ASN1_TIME -object is a shallow wrapper around a string containing an ASN.1 -.Vt Time -value in the restricted format valid in X.509 certificates. -An -.Vt ASN1_TIME -object is either an -.Vt ASN1_UTCTIME -object containing a string of the format -.Ar YYMMDDHHMMSS Ns Cm Z -which is valid for the years 1950 to 2049, or an -.Vt ASN1_GENERALIZEDTIME -object containing a string of the format -.Ar YYYYMMDDHHMMSS Ns Cm Z -which is valid for the years 0000 to 1949 and 2050 to 9999. -In both cases, the mandatory suffix -.Sq Cm Z -represents the GMT time zone. -LibreSSL by design does not support the full syntax of ASN.1 times. -In particular, it neither supports fractional seconds -nor any other time zone. -.Pp -The functions -.Fn ASN1_TIME_set , -.Fn ASN1_UTCTIME_set , -and -.Fn ASN1_GENERALIZEDTIME_set -set the time object -.Fa s -to the time represented by the -.Vt time_t -value -.Fa t . -If -.Fa s -is -.Dv NULL , -a new time object is allocated and returned. -.Pp -The functions -.Fn ASN1_TIME_adj , -.Fn ASN1_UTCTIME_adj , -and -.Fn ASN1_GENERALIZEDTIME_adj -set the time object -.Fa s -to the time represented by the time -.Fa offset_day -and -.Fa offset_sec -after the -.Vt time_t -value -.Fa t . -The values of -.Fa offset_day -or -.Fa offset_sec -can be negative to set a time before -.Fa t . -The -.Fa offset_sec -value can also exceed the number of seconds in a day. -If -.Fa s -is -.Dv NULL , -a new time object is allocated and returned. -.Pp -.Fn ASN1_TIME_adj -may change the type from -.Vt ASN1_GENERALIZEDTIME -to -.Vt ASN1_UTCTIME -or vice versa depending on the resulting year. -The functions -.Fn ASN1_UTCTIME_adj -and -.Fn ASN1_GENERALIZEDTIME_adj -do not modify the type of the return object. -.Pp -The functions -.Fn ASN1_TIME_set_string , -.Fn ASN1_TIME_set_string_X509 , -.Fn ASN1_UTCTIME_set_string , -and -.Fn ASN1_GENERALIZEDTIME_set_string -set the time object -.Fa s -to the time string -.Fa str , -which must be in appropriate ASN.1 time format: -YYMMDDHHMMSSZ for -.Vt ASN1_UTCTIME , -YYYYMMDDHHMMSSZ for -.Vt ASN1_GENERALIZEDTIME , -or either of the two for -.Vt ASN1_TIME . -The string -.Fa str -is copied into -.Fa s . -If -.Fa s -is -.Dv NULL , -these functions only perform a format check on -.Fa str . -.Pp -In LibreSSL, -.Fn ASN1_TIME_set_string -and -.Fn ASN1_TIME_set_string_X509 -behave identically and always set the time object -to a valid value to use in an X.509 certificate. -.Fn ASN1_GENERALIZEDTIME_set_string -may encode a time string that is not valid in an X.509 certificate. -.Pp -The function -.Fn ASN1_TIME_normalize -converts an -.Vt ASN1_GENERALIZEDTIME -into a time value that can be used in a certificate -by changing it to an -.Vt ASN1_UTCTIME -if possible. -It has no effect on an -.Vt ASN1_UTCTIME . -.Pp -The functions -.Fn ASN1_TIME_check , -.Fn ASN1_UTCTIME_check , -and -.Fn ASN1_GENERALIZEDTIME_check -check the syntax of the time string contained in the object -.Fa s . -.Pp -The functions -.Fn ASN1_TIME_print , -.Fn ASN1_UTCTIME_print , -and -.Fn ASN1_GENERALIZEDTIME_print -print out the time -.Fa s -to -.Vt BIO -.Fa b -in human readable format. -It will be of the format MMM DD HH:MM:SS YYYY [GMT], for example "Feb 3 -00:55:52 2015 GMT". -It does not include a newline. -If the time string has an invalid format, -it prints out "Bad time value" and returns an error. -.Pp -The function -.Fn ASN1_TIME_to_tm -converts the time -.Fa s -to the standard -.Vt tm -structure. -If -.Fa s -is -.Dv NULL , -then the current time is converted. -The output time is always in the GMT time zone. -The -.Fa tm_sec , tm_min , tm_hour , tm_mday , tm_mon , -and -.Fa tm_year -fields of the -.Vt tm -structure are set to the proper values, -whereas all other fields are set to 0. -If -.Fa tm -is -.Dv NULL , -this function performs a format check on -.Fa s -only. -.Pp -The function -.Fn ASN1_TIME_diff -sets -.Pf * Fa pday -and -.Pf * Fa psec -to the time difference between -.Fa from -and -.Fa to . -If -.Fa to -represents a time later than -.Fa from , -then one or both (depending on the time difference) of -.Pf * Fa pday -and -.Pf * Fa psec -will be positive. -If -.Fa to -represents a time earlier than -.Fa from , -then one or both of -.Pf * Fa pday -and -.Pf * Fa psec -will be negative. -If -.Fa to -and -.Fa from -represent the same time, then -.Pf * Fa pday -and -.Pf * Fa psec -will both be zero. -If both -.Pf * Fa pday -and -.Pf * Fa psec -are nonzero, they will always have the same sign. -The value of -.Pf * Fa psec -will always be less than the number of seconds in a day. -If -.Fa from -or -.Fa to -is -.Dv NULL , -the current time is used. -.Pp -The functions -.Fn ASN1_TIME_cmp_time_t , -.Fn ASN1_UTCTIME_cmp_time_t , -and -.Fn ASN1_TIME_compare -compare the two times represented by -.Fa s -and -.Fa t . -.Pp -The function -.Fn ASN1_TIME_to_generalizedtime -converts the -.Vt ASN1_TIME -.Fa t -to an -.Vt ASN1_GENERALIZEDTIME , -regardless of year. -If either -.Fa out -or -.Pf * Fa out -is -.Dv NULL , -then a new object is allocated and must be freed after use. -.Pp -The -.Vt ASN1_TIME , -.Vt ASN1_UTCTIME , -and -.Vt ASN1_GENERALIZEDTIME -objects are represented as -.Vt ASN1_STRING -objects internally and can be freed using -.Xr ASN1_STRING_free 3 . -.Pp -It is recommended that -.Vt ASN1_TIME -functions be used instead of -.Vt ASN1_UTCTIME -or -.Vt ASN1_GENERALIZEDTIME -functions because the -.Vt ASN1_UTCTIME -and -.Vt ASN1_GENERALIZEDTIME -functions act only on that specific time format, while the -.Vt ASN1_TIME -functions operate on either format. -.Pp -.Fn OPENSSL_gmtime -converts a time_t value in -.Fa time -to a struct tm in -.Fa out_tm -and also returns the struct passed in on success. -.Pp -.Fn OPENSSL_timegm -converts a time structure in UTC time in -.Fa tm -to a time_t value in -.Fa out_time . -.Pp -.Fn OPENSSL_posix_to_tm -converts an -.Vt int64_t -POSIX time value in -.Fa time , -which must be in the range of year 0 to 9999, -to a broken out time value in -.Fa tm . -.Pp -.Fn OPENSSL_tm_to_posix -converts a time value between the years 0 and 9999 in -.Fa tm -to a POSIX time value in -.Fa out . -.Sh RETURN VALUES -.Fn ASN1_TIME_set , -.Fn ASN1_UTCTIME_set , -.Fn ASN1_GENERALIZEDTIME_set , -.Fn ASN1_TIME_adj , -.Fn ASN1_UTCTIME_adj , -.Fn ASN1_GENERALIZEDTIME_adj , -and -.Fn ASN1_TIME_to_generalizedtime -return a pointer to a time object or -.Dv NULL -if an error occurred. -.Pp -.Fn ASN1_TIME_set_string , -.Fn ASN1_TIME_set_string_X509 , -.Fn ASN1_UTCTIME_set_string , -and -.Fn ASN1_GENERALIZEDTIME_set_string -return 1 if the time value is successfully set or 0 otherwise. -.Pp -.Fn ASN1_TIME_normalize -returns 1 on success or 0 on error. -.Pp -.Fn ASN1_TIME_check , -.Fn ASN1_UTCTIME_check , -and -.Fn ASN1_GENERALIZEDTIME_check -return 1 if the time string contained in the object is syntactically -correct or 0 otherwise. -.Pp -.Fn ASN1_TIME_print , -.Fn ASN1_UTCTIME_print , -and -.Fn ASN1_GENERALIZEDTIME_print -return 1 if the time is successfully printed or 0 if an error -occurred (I/O error or invalid time format). -.Pp -.Fn ASN1_TIME_to_tm -returns 1 if the time is successfully parsed -or 0 if an error occurred, usually due to an invalid time format. -.Pp -.Fn ASN1_TIME_diff -returns 1 for success or 0 for failure. -It can for example fail if a time string passed in has invalid syntax. -.Pp -.Fn ASN1_TIME_cmp_time_t , -.Fn ASN1_UTCTIME_cmp_time_t , -and -.Fn ASN1_TIME_compare -return \-1 if -.Fa s -is earlier than -.Fa t , -0 if both are equal, 1 if -.Fa s -is later than -.Fa t , -or \-2 on error. -.Pp -.Fn OPENSSL_timegm -returns 1 for success or 0 for failure. -It can fail if the time is not representable in a time_t, -or falls outside the range allowed in RFC 5280 times. -.Pp -.Fn OPENSSL_gmtime -returns -.Fa out_tm -on success or NULL for failure. -It can fail if the time is not representable in a struct tm, -or falls outside the range allowed in RFC 5280 times. -.Pp -.Fn OPENSSL_posix_to_tm -and -.Fn OPENSSL_tm_to_posix -return 1 for success or 0 on failure. -It is a failure if the year is less than 0 or more than 9999. -.Sh EXAMPLES -Set a time object to one hour after the current time and print it -out: -.Bd -literal -offset indent -#include -#include - -ASN1_TIME *asn1_time; -time_t t; -BIO *b; - -t = time(NULL); -asn1_time = ASN1_TIME_adj(NULL, t, 0, 60 * 60); -b = BIO_new_fp(stdout, BIO_NOCLOSE); -if (asn1_time != NULL) { - ASN1_TIME_print(b, asn1_time); - BIO_printf(b, "\en"); -} else { - BIO_printf(b, "Time out of range or un-representable\en"); -} -ASN1_STRING_free(asn1_time); -BIO_free(b); -.Ed -.Sh SEE ALSO -.Xr ASN1_TIME_new 3 , -.Xr X509_cmp_time 3 -.Sh STANDARDS -The usage of the ASN.1 -.Vt Time , -.Vt UTCTime , -and -.Vt GeneralizedTime -data types in X.509 certificates is specified in -RFC 5280, Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile, -section 4.1.2.5 (TBS Certificate Validity). -.Sh HISTORY -.Fn ASN1_UTCTIME_check -and -.Fn ASN1_UTCTIME_print -first appeared in SSLeay 0.5.1. -.Fn ASN1_UTCTIME_set -first appeared in SSLeay 0.6.0. -.Fn ASN1_UTCTIME_set_string -first appeared in SSLeay 0.9.0. -All these functions have been available since -.Ox 2.4 . -.Pp -.Fn ASN1_TIME_set , -.Fn ASN1_GENERALIZEDTIME_set , -.Fn ASN1_GENERALIZEDTIME_set_string , -.Fn ASN1_GENERALIZEDTIME_check , -.Fn ASN1_TIME_print , -and -.Fn ASN1_GENERALIZEDTIME_print -first appeared in OpenSSL 0.9.2b and have been available since -.Ox 2.6 . -.Pp -.Fn ASN1_UTCTIME_cmp_time_t -first appeared in OpenSSL 0.9.6 and has been available since -.Ox 2.9 . -.Pp -.Fn ASN1_TIME_check -and -.Fn ASN1_TIME_to_generalizedtime -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Pp -.Fn ASN1_TIME_adj , -.Fn ASN1_UTCTIME_adj , -.Fn ASN1_GENERALIZEDTIME_adj , -and -.Fn ASN1_TIME_set_string -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . -.Pp -.Fn ASN1_TIME_diff -first appeared in OpenSSL 1.0.2 and have been available since -.Ox 7.1 . -.Pp -.Fn ASN1_TIME_set_string_X509 , -.Fn ASN1_TIME_normalize , -.Fn ASN1_TIME_to_tm , -.Fn ASN1_TIME_cmp_time_t , -and -.Fn ASN1_TIME_compare -first appeared in OpenSSL 1.1.1 and have been available since -.Ox 7.2 . -.Pp -.Fn OPENSSL_gmtime -first appeared in OpenSSL 0.9.7. -.Fn OPENSSL_timegm , -.Fn OPENSSL_posix_to_tm , -and -.Fn OPENSSL_tm_to_posix -first appeared in BoringSSL; -all these functions have been available since -.Ox 7.5 . -.Sh CAVEATS -Some applications add offset times directly to a -.Vt time_t -value and pass the results to -.Fn ASN1_TIME_set -(or equivalent). -This can cause problems as the -.Vt time_t -value can overflow on some systems resulting in unexpected results. -New applications should use -.Fn ASN1_TIME_adj -instead and pass the offset value in the -.Fa offset_sec -and -.Fa offset_day -parameters instead of directly manipulating a -.Vt time_t -value. diff --git a/src/lib/libcrypto/man/ASN1_TYPE_get.3 b/src/lib/libcrypto/man/ASN1_TYPE_get.3 deleted file mode 100644 index 16af168d91..0000000000 --- a/src/lib/libcrypto/man/ASN1_TYPE_get.3 +++ /dev/null @@ -1,443 +0,0 @@ -.\" $OpenBSD: ASN1_TYPE_get.3,v 1.19 2023/10/09 16:06:01 tb Exp $ -.\" selective merge up to: OpenSSL 6328d367 Jul 4 21:58:30 2020 +0200 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2017, 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2015, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: October 9 2023 $ -.Dt ASN1_TYPE_GET 3 -.Os -.Sh NAME -.Nm ASN1_TYPE_new , -.Nm ASN1_TYPE_free , -.Nm ASN1_TYPE_get , -.Nm ASN1_TYPE_set , -.Nm ASN1_TYPE_set1 , -.Nm ASN1_TYPE_set_octetstring , -.Nm ASN1_TYPE_get_octetstring , -.Nm ASN1_TYPE_set_int_octetstring , -.Nm ASN1_TYPE_get_int_octetstring , -.Nm ASN1_TYPE_cmp -.Nd ASN.1 objects of arbitrary type -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft ASN1_TYPE * -.Fn ASN1_TYPE_new void -.Ft void -.Fn ASN1_TYPE_free "ASN1_TYPE *a" -.Ft int -.Fo ASN1_TYPE_get -.Fa "const ASN1_TYPE *a" -.Fc -.Ft void -.Fo ASN1_TYPE_set -.Fa "ASN1_TYPE *a" -.Fa "int type" -.Fa "void *value" -.Fc -.Ft int -.Fo ASN1_TYPE_set1 -.Fa "ASN1_TYPE *a" -.Fa "int type" -.Fa "const void *value" -.Fc -.Ft int -.Fo ASN1_TYPE_set_octetstring -.Fa "ASN1_TYPE *a" -.Fa "const unsigned char *data" -.Fa "int len" -.Fc -.Ft int -.Fo ASN1_TYPE_get_octetstring -.Fa "const ASN1_TYPE *a" -.Fa "unsigned char *buffer" -.Fa "int buflen" -.Fc -.Ft int -.Fo ASN1_TYPE_set_int_octetstring -.Fa "ASN1_TYPE *a" -.Fa "long num" -.Fa "const unsigned char *data" -.Fa "int len" -.Fc -.Ft int -.Fo ASN1_TYPE_get_int_octetstring -.Fa "const ASN1_TYPE *a", -.Fa "long *num" -.Fa "unsigned char *buffer", -.Fa "int buflen" -.Fc -.Ft int -.Fo ASN1_TYPE_cmp -.Fa "const ASN1_TYPE *a" -.Fa "const ASN1_TYPE *b" -.Fc -.Sh DESCRIPTION -The -.Vt ASN1_TYPE -data type and the -.Dv V_ASN1_ANY -type identifier constant represent the ASN.1 ANY type. -An -.Vt ASN1_TYPE -object can store an ASN.1 value of arbitrary type, -including constructed types such as a SEQUENCE. -It also remembers internally which type it currently holds. -.Pp -.Fn ASN1_TYPE_new -allocates and initializes an empty -.Vt ASN1_TYPE -object of type -.Dv V_ASN1_UNDEF . -.Pp -.Fn ASN1_TYPE_free -frees -.Fa a -including the value stored in it, if any. -If -.Fa a -is a -.Dv NULL -pointer, no action occurs. -.Pp -.Fn ASN1_TYPE_get -returns the type currently held by -.Fa a , -represented by one of the -.Dv V_ASN1_* -constants defined in -.In openssl/asn1.h . -.Pp -.Fn ASN1_TYPE_set -frees the value contained in -.Fa a , -if any, and sets the -.Fa value -and -.Fa type -now held in -.Fa a . -This function uses the pointer -.Fa value -internally so it must -.Sy not -be freed up after the call. -.Pp -.Fn ASN1_TYPE_set1 -sets the type held by -.Fa a -to -.Fa type -and its value to a copy of -.Fa value . -If copying succeeds, the previous value that was contained in -.Fa a -is freed. -If copying fails, -.Fa a -remains unchanged. -.Pp -The type and meaning of the -.Fa value -argument of -.Fn ASN1_TYPE_set -and -.Fn ASN1_TYPE_set1 -is determined by the -.Fa type -argument. -If -.Fa type -is -.Dv V_ASN1_NULL , -.Fa value -is ignored. -If -.Fa type -is -.Dv V_ASN1_BOOLEAN , -then the boolean is set to TRUE if -.Fa value -is not -.Dv NULL . -If -.Fa type -is -.Dv V_ASN1_OBJECT , -then -.Fa value -is an -.Vt ASN1_OBJECT -structure. -Otherwise -.Fa type -is an -.Vt ASN1_STRING -structure. -If -.Fa type -corresponds to a primitive type or a string type, then the contents -of the -.Vt ASN1_STRING -contains the content octets of the type. -If -.Fa type -corresponds to a constructed type or a tagged type -.Pq Dv V_ASN1_SEQUENCE , V_ASN1_SET , No or Dv V_ASN1_OTHER , -then the -.Vt ASN1_STRING -contains the entire ASN.1 encoding verbatim, including tag and -length octets. -.Pp -.Fn ASN1_TYPE_set_octetstring -allocates a new -.Vt ASN1_OCTET_STRING -object, copies -.Fa len -bytes of -.Fa data -into it using -.Xr ASN1_STRING_set 3 , -and replaces the value of -.Fa a -with it by calling -.Fn ASN1_TYPE_set -with a type of -.Dv V_ASN1_OCTET_STRING . -.Pp -.Fn ASN1_TYPE_get_octetstring -copies the contents of the -.Vt ASN1_OCTET_STRING -object contained in -.Fa a , -but not more than -.Fa buflen -bytes, into the -.Fa buffer -provided by the caller. -.Pp -.Fn ASN1_TYPE_set_int_octetstring -frees the value contained in -.Fa a , -if any, sets its type to -.Dv V_ASN1_SEQUENCE , -and sets its value to a two-element ASN.1 sequence consisting of -an ASN.1 INTEGER object with the value -.Fa num -and an ASN.1 OCTET STRING object -containing a copy of the -.Fa len -bytes pointed to by -.Fa data . -.Pp -.Fn ASN1_TYPE_get_int_octetstring -copies the integer value from the first element of the ASN.1 sequence -.Fa a -to -.Pf * Fa num -unless -.Fa num -is a -.Dv NULL -pointer and copies the octet string value from the second element, -but not more than -.Fa buflen -bytes, into the -.Fa buffer -provided by the caller unless -.Fa buffer -is a -.Dv NULL -pointer. -.Pp -.Fn ASN1_TYPE_cmp -checks that -.Fa a -and -.Fa b -hold the same type, the same value, and are encoded in the same way. -.Pp -If the types agree and the values have the same meaning but are -encoded differently, they are considered different. -For example, a boolean value is represented -using a single content octet. -Under BER, any non-zero octet represents the TRUE value, but -.Fn ASN1_TYPE_cmp -will only report a match if the content octet is the same. -.Pp -If either or both of the arguments passed to -.Fn ASN1_TYPE_cmp -is -.Dv NULL , -the result is a mismatch. -Technically, if both arguments are -.Dv NULL , -the two types could be absent OPTIONAL fields and so should match, -however passing -.Dv NULL -values could also indicate a programming error (for example an -unparsable type which returns -.Dv NULL ) -for types which do -.Sy not -match. -So applications should handle the case of two absent values separately. -.Sh RETURN VALUES -.Fn ASN1_TYPE_new -returns the new -.Vt ASN1_TYPE -object or -.Dv NULL -if an error occurs. -.Pp -.Fn ASN1_TYPE_get -returns the type currently held by -.Fa a -or 0 if an error occurs. -The latter can happen if -.Fa a -does not contain a value even though its type is not -.Dv V_ASN1_NULL . -For example, it will always happen for empty objects -newly constructed with -.Fn ASN1_TYPE_new . -.Pp -.Fn ASN1_TYPE_set1 , -.Fn ASN1_TYPE_set_octetstring , -and -.Fn ASN1_TYPE_set_int_octetstring -return 1 on success or 0 on failure. -.Pp -.Fn ASN1_TYPE_get_octetstring -returns the number of data bytes contained in the -.Vt ASN1_OCTET_STRING -object contained in -.Fa a -or \-1 if -.Fa a -is not of the type -.Dv V_ASN1_OCTET_STRING -or does not contain any object. -If the return value is greater than the -.Fa buflen -argument, the content was truncated when copied to the -.Fa buffer . -.Pp -.Fn ASN1_TYPE_get_int_octetstring -returns the number of data bytes contained in the -.Vt ASN1_OCTET_STRING -object that is the second element of the ASN.1 sequence -.Fa a -or \-1 if -.Fa a -is not of the type -.Dv V_ASN1_SEQUENCE -or if decoding fails. -If the return value is greater than the -.Fa buflen -argument, the content was truncated when copied to the -.Fa buffer . -.Pp -.Fn ASN1_TYPE_cmp -returns 0 for a match or non-zero for a mismatch. -.Sh SEE ALSO -.Xr ASN1_generate_nconf 3 , -.Xr ASN1_get_object 3 , -.Xr ASN1_item_free 3 , -.Xr ASN1_OBJECT_new 3 , -.Xr ASN1_parse_dump 3 , -.Xr ASN1_put_object 3 , -.Xr ASN1_STRING_dup 3 , -.Xr ASN1_STRING_new 3 , -.Xr crypto 3 , -.Xr d2i_ASN1_NULL 3 , -.Xr d2i_ASN1_SEQUENCE_ANY 3 , -.Xr d2i_ASN1_TYPE 3 , -.Xr OBJ_dup 3 -.Sh HISTORY -.Fn ASN1_TYPE_new -and -.Fn ASN1_TYPE_free -first appeared in SSLeay 0.5.1, -.Fn ASN1_TYPE_get -and -.Fn ASN1_TYPE_set -in SSLeay 0.8.0, and -.Fn ASN1_TYPE_set_octetstring , -.Fn ASN1_TYPE_get_octetstring , -.Fn ASN1_TYPE_set_int_octetstring , -and -.Fn ASN1_TYPE_get_int_octetstring -in SSLeay 0.9.0. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn ASN1_TYPE_set1 -first appeared in OpenSSL 0.9.8h and has been available since -.Ox 4.5 . -.Pp -.Fn ASN1_TYPE_cmp -first appeared in OpenSSL 0.9.8zd, 1.0.0p, and 1.0.1k -and has been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/ASN1_UNIVERSALSTRING_to_string.3 b/src/lib/libcrypto/man/ASN1_UNIVERSALSTRING_to_string.3 deleted file mode 100644 index 2af675295b..0000000000 --- a/src/lib/libcrypto/man/ASN1_UNIVERSALSTRING_to_string.3 +++ /dev/null @@ -1,64 +0,0 @@ -.\" $OpenBSD: ASN1_UNIVERSALSTRING_to_string.3,v 1.1 2021/11/15 13:39:40 schwarze Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: November 15 2021 $ -.Dt ASN1_UNIVERSALSTRING_TO_STRING 3 -.Os -.Sh NAME -.Nm ASN1_UNIVERSALSTRING_to_string -.Nd recode UTF-32 to ISO Latin-1 -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft int -.Fo ASN1_UNIVERSALSTRING_to_string -.Fa "ASN1_UNIVERSALSTRING *string" -.Fc -.Sh DESCRIPTION -.Fn ASN1_UNIVERSALSTRING_to_string -assumes that the given -.Fa string -is encoded in UTF-32, recodes it in place to ISO Latin-1, -and changes the type according to -.Xr ASN1_PRINTABLE_type 3 . -.Pp -.Fn ASN1_UNIVERSALSTRING_to_string -fails and leaves the -.Fa string -unchanged if its -.Xr ASN1_STRING_type 3 -is not -.Dv V_ASN1_UNIVERSALSTRING , -if its -.Xr ASN1_STRING_length 3 -is not a multiple of four bytes, -or if any of its characters cannot be represented in ISO Latin-1. -.Pp -In case of success, the -.Xr ASN1_STRING_length 3 -of the -.Fa string -is reduced by a factor of four. -.Sh RETURN VALUES -.Fn ASN1_UNIVERSALSTRING_to_string -returns 1 on success or 0 on failure. -.Sh SEE ALSO -.Xr ASN1_mbstring_copy 3 , -.Xr ASN1_STRING_new 3 , -.Xr ASN1_STRING_to_UTF8 3 -.Sh HISTORY -.Fn ASN1_UNIVERSALSTRING_to_string -first appeared in SSLeay 0.8.0 and has been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/ASN1_generate_nconf.3 b/src/lib/libcrypto/man/ASN1_generate_nconf.3 deleted file mode 100644 index b15d4295a9..0000000000 --- a/src/lib/libcrypto/man/ASN1_generate_nconf.3 +++ /dev/null @@ -1,394 +0,0 @@ -.\" $OpenBSD: ASN1_generate_nconf.3,v 1.13 2019/06/10 14:58:48 schwarze Exp $ -.\" OpenSSL 05ea606a Fri May 20 20:52:46 2016 -0400 -.\" -.\" This file was written by Dr. Stephen Henson. -.\" Copyright (c) 2002, 2003, 2006-2009, 2013-2015 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: June 10 2019 $ -.Dt ASN1_GENERATE_NCONF 3 -.Os -.Sh NAME -.Nm ASN1_generate_nconf , -.Nm ASN1_generate_v3 -.Nd ASN.1 generation functions -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft ASN1_TYPE * -.Fo ASN1_generate_nconf -.Fa "const char *str" -.Fa "CONF *nconf" -.Fc -.Ft ASN1_TYPE * -.Fo ASN1_generate_v3 -.Fa "const char *str" -.Fa "X509V3_CTX *cnf" -.Fc -.Sh DESCRIPTION -These functions generate the ASN.1 encoding of a string in an -.Vt ASN1_TYPE -structure. -.Pp -.Fa str -contains the string to encode -.Fa nconf -or -.Fa cnf -contains the optional configuration information -where additional strings will be read from. -.Fa nconf -will typically come from a config file whereas -.Fa cnf -is obtained from an -.Vt X509V3_CTX -structure which will typically be used -by X509 v3 certificate extension functions. -.Fa cnf -or -.Fa nconf -can be set to -.Dv NULL -if no additional configuration will be used. -.Sh GENERATION STRING FORMAT -The actual data encoded is determined by the string -.Fa str -and the configuration information. -The general format of the string is: -.Pp -.D1 Oo Ar modifier , Oc Ns Ar type Ns Op : Ns Ar value -.Pp -That is zero or more comma separated modifiers followed by a type -followed by an optional colon and a value. -The formats of -.Ar type , -.Ar value -and -.Ar modifier -are explained below. -.Ss Supported types -The supported types are listed below. -Unless otherwise specified, only the -.Cm ASCII -format is permissible. -.Bl -tag -width Ds -.It Cm BOOLEAN , BOOL -This encodes a boolean type. -The -.Ar value -string is mandatory and should be -.Cm TRUE -or -.Cm FALSE . -Additionally -.Cm true , -.Cm Y , -.Cm y , -.Cm YES , -.Cm yes , -.Cm false , -.Cm N , -.Cm n , -.Cm NO -and -.Cm no -are acceptable. -.It Cm NULL -Encode the NULL type. -The -.Ar value -string must not be present. -.It Cm INTEGER , INT -Encodes an ASN.1 INTEGER type. -The -.Ar value -string represents the value of the integer. -It can be prefaced by a minus sign -and is normally interpreted as a decimal value unless the prefix -.Cm 0x -is included. -.It Cm ENUMERATED , ENUM -Encodes the ASN.1 ENUMERATED type. -It is otherwise identical to -.Cm INTEGER . -.It Cm OBJECT , OID -Encodes an ASN.1 OBJECT IDENTIFIER. -The -.Ar value -string can be a short name, a long name, or numerical format. -.It Cm UTCTIME , UTC -Encodes an ASN.1 UTCTime structure. -The value should be in the format -.Ar YYMMDDHHMMSSZ . -.It Cm GENERALIZEDTIME , GENTIME -Encodes an ASN.1 GeneralizedTime structure. -The value should be in the format -.Ar YYYYMMDDHHMMSSZ . -.It Cm OCTETSTRING , OCT -Encodes an ASN.1 OCTET STRING. -.Ar value -represents the contents of this structure. -The format strings -.Cm ASCII -and -.Cm HEX -can be used to specify the format of -.Ar value . -.It Cm BITSTRING , BITSTR -Encodes an ASN.1 BIT STRING. -.Ar value -represents the contents of this structure. -The format strings -.Cm ASCII , -.Cm HEX , -and -.Cm BITLIST -can be used to specify the format of -.Ar value . -.Pp -If the format is anything other than -.Cm BITLIST , -the number of unused bits is set to zero. -.It Xo -.Cm BMPSTRING , BMP , -.Cm GeneralString , -.Cm IA5STRING , IA5 , -.Cm NUMERICSTRING , NUMERIC , -.Cm PRINTABLESTRING , PRINTABLE , -.Cm T61STRING , T61 , -.Cm TELETEXSTRING , -.Cm UNIVERSALSTRING , UNIV , -.Cm UTF8String , UTF8 , -.Cm VISIBLESTRING , VISIBLE -.Xc -These encode the corresponding string types. -.Ar value -represents the contents of this structure. -The format can be -.Cm ASCII -or -.Cm UTF8 . -.It Cm SEQUENCE , SEQ , SET -Formats the result as an ASN.1 SEQUENCE or SET type. -.Ar value -should be a section name which will contain the contents. -The field names in the section are ignored -and the values are in the generated string format. -If -.Ar value -is absent, then an empty SEQUENCE will be encoded. -.El -.Ss Modifiers -Modifiers affect the following structure. -They can be used to add EXPLICIT or IMPLICIT tagging, add wrappers, -or to change the string format of the final type and value. -The supported formats are: -.Bl -tag -width Ds -.It Cm EXPLICIT , EXP -Add an explicit tag to the following structure. -This string should be followed by a colon -and the tag value to use as a decimal value. -.Pp -By following the number with -.Cm U , -.Cm A , -.Cm P -or -.Cm C , -UNIVERSAL, APPLICATION, PRIVATE or CONTEXT SPECIFIC tagging can be used. -The default is CONTEXT SPECIFIC. -.It Cm IMPLICIT , IMP -This is the same as -.Cm EXPLICIT -except IMPLICIT tagging is used instead. -.It Cm OCTWRAP , SEQWRAP , SETWRAP , BITWRAP -The following structure is surrounded by -an OCTET STRING, a SEQUENCE, a SET, or a BIT STRING, respectively. -For a BIT STRING the number of unused bits is set to zero. -.It Cm FORMAT -This specifies the format of the ultimate value. -It should be followed by a colon and one of the strings -.Cm ASCII , -.Cm UTF8 , -.Cm HEX , -or -.Cm BITLIST . -.Pp -If no format specifier is included, then -.Cm ASCII -is used. -If -.Cm UTF8 -is specified, then the -.Ar value -string must be a valid UTF-8 string. -For -.Cm HEX , -the output must be a set of hex digits. -.Cm BITLIST -(which is only valid for a BIT STRING) is a comma separated list -of the indices of the set bits, all other bits are zero. -.El -.Sh RETURN VALUES -.Fn ASN1_generate_nconf -and -.Fn ASN1_generate_v3 -return the encoded data as an -.Vt ASN1_TYPE -structure or -.Dv NULL -if an error occurred. -.Pp -The error codes can be obtained by -.Xr ERR_get_error 3 . -.Sh EXAMPLES -A simple -.Vt IA5String : -.Pp -.Dl IA5STRING:Hello World -.Pp -An -.Vt IA5String -explicitly tagged: -.Pp -.Dl EXPLICIT:0,IA5STRING:Hello World -.Pp -An -.Vt IA5String -explicitly tagged using APPLICATION tagging: -.Pp -.Dl EXPLICIT:0A,IA5STRING:Hello World -.Pp -A BITSTRING with bits 1 and 5 set and all others zero: -.Pp -.Dl FORMAT:BITLIST,BITSTRING:1,5 -.Pp -A more complex example using a config file to produce a -SEQUENCE consisting of a BOOL an OID and a -.Vt UTF8String : -.Bd -literal -offset indent -asn1 = SEQUENCE:seq_section - -[seq_section] - -field1 = BOOLEAN:TRUE -field2 = OID:commonName -field3 = UTF8:Third field -.Ed -.Pp -This example produces an -.Vt RSAPrivateKey -structure. -This is the key contained in the file -.Pa client.pem -in all OpenSSL distributions. -Note that the field names such as -.Qq coeff -are ignored and are present just for clarity. -.Bd -literal -offset 2n -asn1=SEQUENCE:private_key -[private_key] -version=INTEGER:0 - -n=INTEGER:0xBB6FE79432CC6EA2D8F970675A5A87BFBE1AFF0BE63E879F2AFFB93644\e -D4D2C6D000430DEC66ABF47829E74B8C5108623A1C0EE8BE217B3AD8D36D5EB4FCA1D9 - -e=INTEGER:0x010001 - -d=INTEGER:0x6F05EAD2F27FFAEC84BEC360C4B928FD5F3A9865D0FCAAD291E2A52F4A\e -F810DC6373278C006A0ABBA27DC8C63BF97F7E666E27C5284D7D3B1FFFE16B7A87B51D - -p=INTEGER:0xF3929B9435608F8A22C208D86795271D54EBDFB09DDEF539AB083DA912\e -D4BD57 - -q=INTEGER:0xC50016F89DFF2561347ED1186A46E150E28BF2D0F539A1594BBD7FE467\e -46EC4F - -exp1=INTEGER:0x9E7D4326C924AFC1DEA40B45650134966D6F9DFA3A7F9D698CD4ABEA\e -9C0A39B9 - -exp2=INTEGER:0xBA84003BB95355AFB7C50DF140C60513D0BA51D637272E355E397779\e -E7B2458F - -coeff=INTEGER:0x30B9E4F2AFA5AC679F920FC83F1F2DF1BAF1779CF989447FABC2F5\e -628657053A -.Ed -.Pp -This example is the corresponding public key in an ASN.1 -.Vt SubjectPublicKeyInfo -structure: -.Bd -literal -offset 2n -# Start with a SEQUENCE -asn1=SEQUENCE:pubkeyinfo - -# pubkeyinfo contains an algorithm identifier and the public key -# wrapped in a BIT STRING -[pubkeyinfo] -algorithm=SEQUENCE:rsa_alg -pubkey=BITWRAP,SEQUENCE:rsapubkey - -# algorithm ID for RSA is just an OID and a NULL -[rsa_alg] -algorithm=OID:rsaEncryption -parameter=NULL - -# Actual public key: modulus and exponent -[rsapubkey] -n=INTEGER:0xBB6FE79432CC6EA2D8F970675A5A87BFBE1AFF0BE63E879F2AFFB93644\e -D4D2C6D000430DEC66ABF47829E74B8C5108623A1C0EE8BE217B3AD8D36D5EB4FCA1D9 - -e=INTEGER:0x010001 -.Ed -.Sh SEE ALSO -.Xr ASN1_TYPE_get 3 , -.Xr d2i_ASN1_TYPE 3 , -.Xr x509v3.cnf 5 -.Sh HISTORY -.Fn ASN1_generate_nconf -and -.Fn ASN1_generate_v3 -first appeared in OpenSSL 0.9.8 and have been available since -.Ox 4.5 . diff --git a/src/lib/libcrypto/man/ASN1_get_object.3 b/src/lib/libcrypto/man/ASN1_get_object.3 deleted file mode 100644 index 781b12ad5a..0000000000 --- a/src/lib/libcrypto/man/ASN1_get_object.3 +++ /dev/null @@ -1,200 +0,0 @@ -.\" $OpenBSD: ASN1_get_object.3,v 1.2 2021/07/11 19:03:45 schwarze Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: July 11 2021 $ -.Dt ASN1_GET_OBJECT 3 -.Os -.Sh NAME -.Nm ASN1_get_object -.Nd parse identifier and length octets -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft int -.Fo ASN1_get_object -.Fa "const unsigned char **ber_in" -.Fa "long *plength" -.Fa "int *ptag" -.Fa "int *pclass" -.Fa "long omax" -.Fc -.Sh DESCRIPTION -.Fn ASN1_get_object -parses the identifier and length octets of a BER-encoded value. -On function entry, -.Pf * Fa ber_in -is expected to point to the first identifier octet. -If the identifier and length octets turn out to be valid, -the function advances -.Pf * Fa ber_in -to the first content octet before returning. -.Pp -If the identifier octets are valid, -.Fn ASN1_get_object -stores the tag number in -.Pf * Fa ptag -and the class of the tag in -.Pf * Fa pclass . -The class is either -.Dv V_ASN1_UNIVERSAL -or -.Dv V_ASN1_APPLICATION -or -.Dv V_ASN1_CONTEXT_SPECIFIC -or -.Dv V_ASN1_PRIVATE . -.Pp -If the length octets are valid, too, -.Fn ASN1_get_object -stores the number encoded in the length octets in -.Pf * Fa plength . -If the length octet indicates the indefinite form, -.Pf * Fa plength -is set to 0. -.Pp -.Fn ASN1_get_object -inspects at most -.Fa omax -bytes. -If parsing of the length octets remains incomplete after inspecting -that number of bytes, parsing fails with -.Dv ASN1_R_HEADER_TOO_LONG . -.Sh RETURN VALUES -Bits set in the return value of -.Fn ASN1_get_object -have the following meanings: -.Bl -tag -width Ds -.It 0x80 -An error occurred. -One of the -.Sx ERRORS -described below has been set. -.It 0x20 = Dv V_ASN1_CONSTRUCTED -The encoding is constructed rather than primitive, -and the identifier and length octets are valid. -.It 0x01 -The length octet indicates the indefinite form. -This bit can only occur if -.Dv V_ASN1_CONSTRUCTED -is also set. -.El -.Pp -Consequently, the following combinations can occur: -.Bl -tag -width Ds -.It 0x00 -A valid primitive encoding. -.It 0x20 -A valid constructed encoding, definite form. -.It 0x21 -A valid constructed encoding, indefinite form. -.It 0x80 -Either a primitive encoding with a valid tag and definite length, -but the content octets won't fit into -.Fa omax , -or parsing failed. -Use -.Xr ERR_GET_REASON 3 -to distinguish the two cases. -.It 0xa0 -A constructed encoding with a valid tag and definite length, -but the content octets won't fit into -.Fa omax . -.El -.Pp -The bit combinations 0x01, 0x81, and 0xa1 cannot occur as return values. -.Sh ERRORS -If the bit 0x80 is set in the return value, -diagnostics can be retrieved with -.Xr ERR_get_error 3 , -.Xr ERR_GET_REASON 3 , -and -.Xr ERR_reason_error_string 3 : -.Bl -tag -width Ds -.It Dv ASN1_R_HEADER_TOO_LONG Qq "header too long" -Inspecting -.Fa omax -bytes was insufficient to finish parsing, -the tag number encoded in the identifier octets exceeds -.Dv INT_MAX , -the number encoded in the length octets exceeds -.Dv LONG_MAX , -or using the indefinite form for the length octets is attempted -even though the encoding is primitive. -.Pp -In this case, the return value is exactly 0x80; no other bits are set. -.Pp -If the problem occurred while parsing the identifier octets, -.Pf * Fa ptag -and -.Pf * Fa pclass -remain unchanged. -If the problem occurred while parsing the length octets, -.Pf * Fa ptag -and -.Pf * Fa pclass -are set according to the identifier octets. -In both cases, -.Pf * Fa ber_in -and -.Pf * Fa plength -remain unchanged. -.Pp -The wording of the error message is confusing. -On the one hand, the header might be just fine, -and the root cause of the problem could be that the chosen -.Fa omax -argument was too small. -On the other hand, outright BER syntax errors are also reported as -.Dv ASN1_R_HEADER_TOO_LONG . -.It Dv ASN1_R_TOO_LONG Qq "too long" -The identifier and length octets are valid, -but the content octets won't fit into -.Fa omax . -The following have been set as appropriate and can safely be inspected: -.Pf * pclass , -.Pf * ptag , -.Pf * plength , -and the bits -.Dv V_ASN1_CONSTRUCTED -and 0x01 in the return value. -The parse pointer -.Pf * ber_in -has been advanced to the first content octet. -.Pp -Again, the error message may occasionally sound confusing. -The length of the content may be reasonable, and the root cause of -the problem could be that the chosen -.Fa omax -argument was too small. -.El -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr ASN1_item_new 3 , -.Xr ASN1_parse_dump 3 -.Sh STANDARDS -ITU-T Recommendation X.690, also known as ISO/IEC 8825-1: -Information technology - ASN.1 encoding rules: -Specification of Basic Encoding Rules (BER), Canonical Encoding -Rules (CER) and Distinguished Encoding Rules (DER): -.Bl -dash -offset 2n -width 1n -compact -.It -Section 8.1.2: Identifier octets -.It -Section 8.1.3: Length octets -.El -.Sh HISTORY -.Fn ASN1_get_object -first appeared in SSLeay 0.5.1 and has been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/ASN1_item_d2i.3 b/src/lib/libcrypto/man/ASN1_item_d2i.3 deleted file mode 100644 index bc99f4a6da..0000000000 --- a/src/lib/libcrypto/man/ASN1_item_d2i.3 +++ /dev/null @@ -1,492 +0,0 @@ -.\" $OpenBSD: ASN1_item_d2i.3,v 1.18 2023/05/01 07:37:45 tb Exp $ -.\" selective merge up to: -.\" OpenSSL doc/man3/d2i_X509.pod 256989ce Jun 19 15:00:32 2020 +0200 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2016, 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2002, 2003, 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: May 1 2023 $ -.Dt ASN1_ITEM_D2I 3 -.Os -.Sh NAME -.Nm ASN1_item_d2i , -.Nm ASN1_item_d2i_bio , -.Nm ASN1_item_d2i_fp , -.Nm d2i_ASN1_TYPE , -.Nm ASN1_item_i2d , -.Nm ASN1_item_i2d_bio , -.Nm ASN1_item_i2d_fp , -.Nm i2d_ASN1_TYPE , -.Nm ASN1_item_dup , -.Nm ASN1_item_print -.Nd decode and encode ASN.1 objects -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft ASN1_VALUE * -.Fo ASN1_item_d2i -.Fa "ASN1_VALUE **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fa "const ASN1_ITEM *it" -.Fc -.Ft void * -.Fo ASN1_item_d2i_bio -.Fa "const ASN1_ITEM *it" -.Fa "BIO *in_bio" -.Fa "void *val_out" -.Fc -.Ft void * -.Fo ASN1_item_d2i_fp -.Fa "const ASN1_ITEM *it" -.Fa "FILE *in_fp" -.Fa "void *val_out" -.Fc -.Ft ASN1_TYPE * -.Fo d2i_ASN1_TYPE -.Fa "ASN1_TYPE **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo ASN1_item_i2d -.Fa "ASN1_VALUE *val_in" -.Fa "unsigned char **der_out" -.Fa "const ASN1_ITEM *it" -.Fc -.Ft int -.Fo ASN1_item_i2d_bio -.Fa "const ASN1_ITEM *it" -.Fa "BIO *out_bio" -.Fa "void *val_in" -.Fc -.Ft int -.Fo ASN1_item_i2d_fp -.Fa "const ASN1_ITEM *it" -.Fa "FILE *out_fp" -.Fa "void *val_in" -.Fc -.Ft int -.Fo i2d_ASN1_TYPE -.Fa "ASN1_TYPE *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft void * -.Fo ASN1_item_dup -.Fa "const ASN1_ITEM *it" -.Fa "void *val_in" -.Fc -.Ft int -.Fo ASN1_item_print -.Fa "BIO *out_bio" -.Fa "ASN1_VALUE *val_in" -.Fa "int indent" -.Fa "const ASN1_ITEM *it" -.Fa "const ASN1_PCTX *pctx" -.Fc -.Sh DESCRIPTION -These functions convert ASN.1 values from their BER encoding to -internal C structures -.Pq Dq d2i -and vice versa -.Pq Dq i2d . -Unlike the C structures which contain pointers to sub-objects, BER -is a serialized encoding, suitable for transfer over the network -and for storage in a file. -.Pp -.Fn ASN1_item_d2i -interprets -.Pf * Fa der_in -as a DER- or BER-encoded byte array and decodes one value of type -.Fa it -represented by up to -.Fa length -bytes. -If successful, -.Pf * Fa der_in -is advanced to the byte following the parsed data. -.Pp -If decoding succeeds and -.Fa val_out -or -.Pf * Fa val_out -is -.Dv NULL , -a new object is allocated. -.Pp -If decoding succeeds and -.Pf * Fa val_out -is not -.Dv NULL , -it is assumed to point to a valid populated object and an attempt -is made to reuse it. -It must not be an empty structure such as one returned by -.Xr ASN1_item_new 3 -or by one of the various type-specific -.Fn *_new -functions. -This -.Dq reuse -capability is present for backward compatibility, but its use is -strongly discouraged; see the -.Sx BUGS -section below. -.Pp -.Fn ASN1_item_d2i_bio -and -.Fn ASN1_item_d2i_fp -are similar to -.Fn ASN1_item_d2i -except that they read from a -.Vt BIO -or -.Vt FILE , -respectively. -.Pp -.Fn d2i_ASN1_TYPE -is similar to -.Fn ASN1_item_d2i -except that it does not require a desired type to be specified by -the user, but instead returns an -.Vt ASN1_TYPE -wrapper object containing both the type and the value found in the input. -.Pp -.Fn ASN1_item_i2d -encodes the object pointed to by -.Fa val_in -into DER format. -.Pp -If -.Pf * Fa der_out -is not -.Dv NULL , -it writes the DER-encoded data to the buffer at -.Pf * Fa der_out -and increments it to point after the data just written. -In this case, it is the responsibility of the user to make sure -that the buffer pointed to by -.Pf * Fa der_out -is long enough, such that no buffer overflow can occur. -.Pp -If -.Pf * Fa der_out -is -.Dv NULL , -memory is allocated for a buffer, and -.Pf * Fa der_out -is not incremented, but points to the start of the data just written. -.Pp -If -.Fa der_out -is -.Dv NULL , -the encoded bytes are not written anywhere but discarded. -For -.Fa val_in -objects of variable encoding size, this is sometimes used to first -find the number of bytes that will be written. -Then, a sufficient amount of memory is allocated before calling -.Fn ASN1_item_i2d -again. -This explicit double-call technique is often not needed because the -auto-allocation technique described in the previous paragraph can -be used. -.Pp -.Fn ASN1_item_i2d_bio -and -.Fn ASN1_item_i2d_fp -are similar to -.Fn ASN1_item_i2d -except that they write to a -.Vt BIO -or -.Vt FILE , -respectively. -.Pp -.Fn i2d_ASN1_TYPE -is similar to -.Fn ASN1_item_i2d -except that the type and the value are not provided separately, -but in the form of a single -.Vt ASN1_TYPE -object. -.Pp -.Fn ASN1_item_dup -creates a deep copy of -.Fa val_in -by calling -.Fn ASN1_item_i2d -and -.Fn ASN1_item_d2i . -.Sh RETURN VALUES -If successful, -.Fn ASN1_item_d2i , -.Fn ASN1_item_d2i_bio , -.Fn ASN1_item_d2i_fp , -and -.Fn d2i_ASN1_TYPE -return a pointer to the decoded ASN.1 value. -In addition, if -.Fa val_out -is not -.Dv NULL , -the pointer is also written to -.Pf * Fa val_out . -If an error occurs, -.Dv NULL -is returned. -.Pp -.Fn ASN1_item_i2d -and -.Fn i2d_ASN1_TYPE -return the number of bytes written -or a negative value if an error occurs. -.Pp -.Fn ASN1_item_i2d_bio -and -.Fn ASN1_item_i2d_fp -return 1 for success or 0 for failure. -.Pp -.Fn ASN1_item_dup -returns the new -.Vt ASN1_VALUE -object or -.Dv NULL -if an error occurs. -.Sh EXAMPLES -Many type-specific wrapper functions exist. -Using those wrappers is recommended in application code -because it restores part of the type safety that the low-level -interfaces using -.Vt ASN1_VALUE -lack. -.Pp -For example, to allocate a buffer and write the DER encoding of an -.Vt X509 -object into it: -.Bd -literal -offset indent -X509 *x; -unsigned char *buf; -int len; - -buf = NULL; -len = i2d_X509(x, &buf); -if (len < 0) - /* error */ -.Ed -.Pp -Attempt to decode a buffer: -.Bd -literal -offset indent -X509 *x; -unsigned char *buf; -const unsigned char *p; -int len; - -/* Set up buf and len to point to the input buffer. */ -p = buf; -x = d2i_X509(NULL, &p, len); -if (x == NULL) - /* error */ -.Ed -.Pp -Equivalent technique: -.Bd -literal -offset indent -X509 *x; -unsigned char *buf; -const unsigned char *p; -int len; - -/* Set up buf and len to point to the input buffer. */ -p = buf; -x = NULL; - -if (d2i_X509(&x, &p, len) == NULL) - /* error */ -.Ed -.Sh SEE ALSO -.Xr ASN1_get_object 3 , -.Xr ASN1_item_digest 3 , -.Xr ASN1_item_new 3 , -.Xr ASN1_item_pack 3 , -.Xr ASN1_item_sign 3 , -.Xr ASN1_item_verify 3 , -.Xr ASN1_TYPE_new 3 -.Sh HISTORY -.Fn d2i_ASN1_TYPE -and -.Fn i2d_ASN1_TYPE -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . -.Pp -.Fn ASN1_item_d2i , -.Fn ASN1_item_d2i_bio , -.Fn ASN1_item_d2i_fp , -.Fn ASN1_item_i2d , -.Fn ASN1_item_i2d_bio , -.Fn ASN1_item_i2d_fp , -and -.Fn ASN1_item_dup -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Pp -.Fn ASN1_item_print -first appeared in OpenSSL 1.0.0 and has been available since -.Ox 4.9 . -.Sh CAVEATS -If the type described by -.Fa it -fails to match the true type of -.Fa val_in -or -.Pf * Fa val_out , -buffer overflows and segmentation faults are likely to occur. -For more details about why the type -.Vt ASN1_VALUE -constitutes dangerous user interface design, see -.Xr ASN1_item_new 3 . -.Pp -The encoded data is in binary form and may contain embedded NUL bytes. -Functions such as -.Xr strlen 3 -will not return the correct length of the encoded data. -.Pp -While the way that -.Pf * Fa der_in -and -.Pf * Fa der_out -are incremented after the operation supports the typical usage -patterns of reading or writing one object after another, this -behaviour can trap the unwary. -.Pp -Using a temporary pointer into the buffer is mandatory. -A common mistake is to attempt to use a buffer directly as follows: -.Bd -literal -offset indent -X509 *x; -unsigned char *buf; -int len; - -len = i2d_X509(x, NULL); -buf = malloc(len); -i2d_X509(x, &buf); -/* do something with buf[] */ -free(buf); -.Ed -.Pp -This code will result in -.Va buf -apparently containing garbage because it was incremented during -.Fn i2d_X509 -to point after the data just written. -Also -.Va buf -will no longer contain the pointer allocated by -.Xr malloc 3 -and the subsequent call to -.Xr free 3 -is likely to crash. -.Pp -Another trap to avoid is misuse of the -.Fa val_out -argument: -.Bd -literal -offset indent -X509 *x; - -if (d2i_X509(&x, &p, len) == NULL) - /* error */ -.Ed -.Pp -This will probably crash somewhere in -.Fn d2i_X509 -because -.Va x -is uninitialized and an attempt will be made to interpret its invalid -content as an -.Vt X509 -object, typically causing a segmentation violation. -If -.Va x -is set to -.Dv NULL -first, then this will not happen. -.Sh BUGS -If the -.Dq reuse -capability is used, a valid object is passed in via -.Pf * Fa val_out , -and an error occurs, then the object is not freed and may be left -in an invalid or inconsistent state. -.Pp -In some versions of OpenSSL, the -.Dq reuse -behaviour is broken such that some parts of the reused object may -persist if they are not present in the new one. -.Pp -In many versions of OpenSSL, -.Fn ASN1_item_i2d -will not return an error if mandatory fields are not initialized -due to a programming error. -In that case, the encoded structure may contain invalid data and -some fields may be missing entirely, such that trying to parse it -with -.Fn ASN1_item_d2i -may fail. diff --git a/src/lib/libcrypto/man/ASN1_item_digest.3 b/src/lib/libcrypto/man/ASN1_item_digest.3 deleted file mode 100644 index 56a97555e9..0000000000 --- a/src/lib/libcrypto/man/ASN1_item_digest.3 +++ /dev/null @@ -1,71 +0,0 @@ -.\" $OpenBSD: ASN1_item_digest.3,v 1.2 2022/09/11 04:39:46 jsg Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: September 11 2022 $ -.Dt ASN1_ITEM_DIGEST 3 -.Os -.Sh NAME -.Nm ASN1_item_digest -.Nd DER-encode and hash an ASN.1 value -.Sh SYNOPSIS -.In openssl/x509.h -.Ft int -.Fo ASN1_item_digest -.Fa "const ASN1_ITEM *it" -.Fa "const EVP_MD *type" -.Fa "void *val_in" -.Fa "unsigned char *md" -.Fa "unsigned int *s" -.Fc -.Sh DESCRIPTION -.Fn ASN1_item_digest -assumes that -.Fa val_in -is an -.Vt ASN1_VALUE -of the type specified by -.Fa it , -encodes it into DER format by calling -.Xr ASN1_item_i2d 3 , -hashes the resulting byte array using the digest -.Fa type -by calling -.Xr EVP_Digest 3 , -places the digest value into -.Pf * Fa md , -and, unless -.Fa s -is -.Dv NULL , -places the length in bytes of the digest into -.Pf * Fa s . -Providing a buffer -.Pf * Fa md -large enough to contain the digest is the responsibility of the caller; -providing a buffer of -.Dv EVP_MAX_MD_SIZE -bytes is recommended. -.Sh RETURN VALUES -.Fn ASN1_item_digest -returns 1 for success or 0 if encoding or hashing fails. -.Sh SEE ALSO -.Xr ASN1_item_i2d 3 , -.Xr ASN1_item_sign 3 , -.Xr EVP_Digest 3 -.Sh HISTORY -.Fn ASN1_item_digest -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.1 . diff --git a/src/lib/libcrypto/man/ASN1_item_new.3 b/src/lib/libcrypto/man/ASN1_item_new.3 deleted file mode 100644 index 7015ed6319..0000000000 --- a/src/lib/libcrypto/man/ASN1_item_new.3 +++ /dev/null @@ -1,126 +0,0 @@ -.\" $OpenBSD: ASN1_item_new.3,v 1.11 2022/01/12 17:54:51 tb Exp $ -.\" -.\" Copyright (c) 2016, 2018 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: January 12 2022 $ -.Dt ASN1_ITEM_NEW 3 -.Os -.Sh NAME -.Nm ASN1_item_new , -.Nm ASN1_item_free -.Nd generic ASN.1 value constructor and destructor -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft ASN1_VALUE * -.Fo ASN1_item_new -.Fa "const ASN1_ITEM *it" -.Fc -.Ft void -.Fo ASN1_item_free -.Fa "ASN1_VALUE *val_in" -.Fa "const ASN1_ITEM *it" -.Fc -.Sh DESCRIPTION -.Fn ASN1_item_new -allocates and initializes an empty ASN.1 value -of the type described by the global static object -.Fa it . -.Pp -If the item type described by -.Fa it -is reference counted, -.Fn ASN1_item_free -decrements the reference count of -.Fa val_in . -Otherwise, or if the reference count reaches 0, -.Fn ASN1_item_free -frees -.Fa val_in , -assuming that it is of the type described by -.Fa it . -If the true type of -.Fa val_in -fails to match the specified -.Fa it , -buffer overflows and segmentation faults are likely to occur. -It is not possible to recover the type of an -.Vt ASN1_VALUE -object by inspecting it; the type always needs to be remembered -separately. -.Pp -.Vt ASN1_VALUE -is an incomplete type, and pointers to it always require casting -to the correct complete type before they can be dereferenced. -For all practical purposes, a pointer to -.Vt ASN1_VALUE -is equivalent to a -.Vt void -pointer. -.Pp -Depending on -.Fa it , -there are more than 150 different types that -.Fn ASN1_item_new -may return. -Most of them are pointers to structures or pointers to arrays of -structures, but there are a few exceptions, for example: -If -.Fa it -is -.Dv ASN1_NULL_it , -.Fn ASN1_item_new -returns a specific invalid pointer representing the unique -.Vt ASN1_NULL -object. -If -.Fa it -is -.Dv LONG_it , -.Fn ASN1_item_new -does not return a pointer at all, but a -.Vt long -value cast to -.Vt ASN1_VALUE * . -.Sh RETURN VALUES -The -.Fn ASN1_item_new -function returns the new -.Vt ASN1_VALUE -object if successful; otherwise -.Dv NULL -is returned and an error code can be retrieved with -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr ASN1_get_object 3 , -.Xr ASN1_item_d2i 3 , -.Xr ASN1_item_digest 3 , -.Xr ASN1_item_pack 3 , -.Xr ASN1_item_sign 3 , -.Xr ASN1_item_verify 3 , -.Xr ASN1_NULL_new 3 , -.Xr ASN1_TYPE_new 3 , -.Xr d2i_ASN1_NULL 3 , -.Xr OBJ_nid2obj 3 -.Sh HISTORY -.Fn ASN1_item_new -and -.Fn ASN1_item_free -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Sh BUGS -The -.Vt ASN1_VALUE -type compromises type safety and invites programming mistakes that -will typically have severe consequences. diff --git a/src/lib/libcrypto/man/ASN1_item_pack.3 b/src/lib/libcrypto/man/ASN1_item_pack.3 deleted file mode 100644 index 4c87530622..0000000000 --- a/src/lib/libcrypto/man/ASN1_item_pack.3 +++ /dev/null @@ -1,84 +0,0 @@ -.\" $OpenBSD: ASN1_item_pack.3,v 1.1 2021/11/15 11:51:09 schwarze Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: November 15 2021 $ -.Dt ASN1_ITEM_PACK 3 -.Os -.Sh NAME -.Nm ASN1_item_pack , -.Nm ASN1_item_unpack -.Nd pack an ASN.1 object into an ASN1_STRING -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft ASN1_STRING * -.Fo ASN1_item_pack -.Fa "void *val_in" -.Fa "const ASN1_ITEM *it" -.Fa "ASN1_STRING **string_out" -.Fc -.Ft void * -.Fo ASN1_item_unpack -.Fa "const ASN1_STRING *string_in" -.Fa "const ASN1_ITEM *it" -.Fc -.Sh DESCRIPTION -.Fn ASN1_item_pack -encodes the object pointed to by -.Fa val_in -into DER format using -.Xr ASN1_item_i2d 3 -and stores the encoded form in -.Pf ** Fa string_out . -If -.Fa string_out -or -.Pf * Fa string_out -is a -.Dv NULL -pointer, a new -.Vt ASN1_STRING -object is allocated and returned. -.Pp -.Fn ASN1_item_unpack -interprets the data in -.Fa string_in -as a DER- or BER-encoded byte array and decodes one value of the type -.Fa it -into a newly allocated object using -.Xr ASN1_item_d2i 3 . -.Sh RETURN VALUES -.Fn ASN1_item_pack -returns the modified or new object or -.Dv NULL -if memory allocation or encoding fails. -.Pp -.Fn ASN1_item_unpack -returns the new object or -.Dv NULL -if memory allocation or decoding fails. -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr ASN1_item_new 3 , -.Xr ASN1_STRING_new 3 -.Sh HISTORY -.Fn ASN1_item_pack -and -.Fn ASN1_item_unpack -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Sh BUGS -See the BUGS section in -.Xr ASN1_item_i2d 3 . diff --git a/src/lib/libcrypto/man/ASN1_item_sign.3 b/src/lib/libcrypto/man/ASN1_item_sign.3 deleted file mode 100644 index 8c09fe77ff..0000000000 --- a/src/lib/libcrypto/man/ASN1_item_sign.3 +++ /dev/null @@ -1,120 +0,0 @@ -.\" $OpenBSD: ASN1_item_sign.3,v 1.3 2024/12/06 12:51:13 schwarze Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: December 6 2024 $ -.Dt ASN1_ITEM_SIGN 3 -.Os -.Sh NAME -.Nm ASN1_item_sign , -.Nm ASN1_item_sign_ctx -.Nd DER-encode and sign an ASN.1 value -.Sh SYNOPSIS -.In openssl/x509.h -.Ft int -.Fo ASN1_item_sign -.Fa "const ASN1_ITEM *it" -.Fa "X509_ALGOR *algor1" -.Fa "X509_ALGOR *algor2" -.Fa "ASN1_BIT_STRING *sig_out" -.Fa "void *val_in" -.Fa "EVP_PKEY *pkey" -.Fa "const EVP_MD *type" -.Fc -.Ft int -.Fo ASN1_item_sign_ctx -.Fa "const ASN1_ITEM *it" -.Fa "X509_ALGOR *algor1" -.Fa "X509_ALGOR *algor2" -.Fa "ASN1_BIT_STRING *sig_out" -.Fa "void *val_in" -.Fa "EVP_MD_CTX *ctx" -.Fc -.Sh DESCRIPTION -.Fn ASN1_item_sign -assumes that -.Fa val_in -is an -.Vt ASN1_VALUE -of the type specified by -.Fa it , -encodes it into DER format by calling -.Xr ASN1_item_i2d 3 , -and signs the resulting byte array in a way similar to -.Xr EVP_DigestSign 3 , -using a signing context created with -.Xr EVP_DigestSignInit 3 -for the given digest -.Fa type -and private key -.Fa pkey . -The created signature is placed into the -.Fa sig_out -object provided by the caller, -freeing and replacing any data already contained in that object. -.Pp -.Fn ASN1_item_sign_ctx -is similar except that the provided -.Ft ctx -is used rather than creating a new one. -No matter whether -.Fn ASN1_item_sign_ctx -succeeds or fails, -.Xr EVP_MD_CTX_cleanup 3 -is called on -.Fa ctx -before returning. -.Pp -For both functions, unless -.Fa algor1 -is -.Dv NULL , -its algorithm OID and parameter type are set according to the digest -.Fa type -used, and its parameter value is cleared. -In RSA-PSS mode, the parameter value is also copied into -.Fa algor1 . -Unless -.Fa algor2 -is -.Dv NULL , -the same data is copied into it. -.Sh RETURN VALUES -These functions return the length of the signature in bytes -or 0 if memory allocation, encoding, or signing fails. -.Pp -.Fn ASN1_item_sign_ctx -also fails and returns 0 if -.Fa ctx -is not fully initialized. -.Sh SEE ALSO -.Xr ASN1_BIT_STRING_new 3 , -.Xr ASN1_item_digest 3 , -.Xr ASN1_item_i2d 3 , -.Xr ASN1_item_verify 3 , -.Xr EVP_Digest 3 , -.Xr EVP_DigestSign 3 , -.Xr EVP_MD_CTX_new 3 , -.Xr EVP_PKEY_new 3 , -.Xr OBJ_find_sigid_by_algs 3 , -.Xr X509_ALGOR_new 3 -.Sh HISTORY -.Fn ASN1_item_sign -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.1 . -.Pp -.Fn ASN1_item_sign_ctx -first appeared in OpenSSL 1.0.1 and has been available since -.Ox 5.3 . diff --git a/src/lib/libcrypto/man/ASN1_item_verify.3 b/src/lib/libcrypto/man/ASN1_item_verify.3 deleted file mode 100644 index d2810879e3..0000000000 --- a/src/lib/libcrypto/man/ASN1_item_verify.3 +++ /dev/null @@ -1,77 +0,0 @@ -.\" $OpenBSD: ASN1_item_verify.3,v 1.3 2021/12/18 17:47:44 schwarze Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: December 18 2021 $ -.Dt ASN1_ITEM_VERIFY 3 -.Os -.Sh NAME -.Nm ASN1_item_verify -.Nd signature verification for ASN.1 values -.Sh SYNOPSIS -.In openssl/x509.h -.Ft int -.Fo ASN1_item_verify -.Fa "const ASN1_ITEM *it" -.Fa "X509_ALGOR *algor1" -.Fa "ASN1_BIT_STRING *sig_in" -.Fa "void *val_in" -.Fa "EVP_PKEY *pkey" -.Fc -.Sh DESCRIPTION -.Fn ASN1_item_verify -assumes that -.Fa val_in -is an -.Ft ASN1_VALUE -of the type specified by -.Fa it , -encodes it into DER format by calling -.Xr ASN1_item_i2d 3 , -and verifies in a way similar to -.Xr EVP_DigestVerify 3 -that -.Fa sig_in -contains a valid signature of the resulting byte array, -a signature that was created with the signature algorithm -.Fa algor1 -and the private key corresponding to the public key -.Fa pkey . -.Sh RETURN VALUES -.Fn ASN1_item_verify -returns 1 if signature verification succeeds, 0 if signature verification -fails, or \-1 if -.Fa pkey -is -.Dv NULL , -if -.Fa sig_in -contains invalid flags, or if -.Fa algor1 -requests an invalid or unsupported digest algorithm -or does not work with the given -.Fa pkey . -.Sh SEE ALSO -.Xr ASN1_BIT_STRING_new 3 , -.Xr ASN1_item_i2d 3 , -.Xr ASN1_item_sign 3 , -.Xr EVP_DigestVerify 3 , -.Xr EVP_PKEY_new 3 , -.Xr OBJ_find_sigid_algs 3 , -.Xr X509_ALGOR_new 3 -.Sh HISTORY -.Fn ASN1_item_verify -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.1 . diff --git a/src/lib/libcrypto/man/ASN1_mbstring_copy.3 b/src/lib/libcrypto/man/ASN1_mbstring_copy.3 deleted file mode 100644 index e0b48aaa62..0000000000 --- a/src/lib/libcrypto/man/ASN1_mbstring_copy.3 +++ /dev/null @@ -1,369 +0,0 @@ -.\" $OpenBSD: ASN1_mbstring_copy.3,v 1.6 2022/02/21 00:22:03 jsg Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: February 21 2022 $ -.Dt ASN1_MBSTRING_COPY 3 -.Os -.Sh NAME -.Nm ASN1_mbstring_copy , -.Nm ASN1_mbstring_ncopy , -.Nm ASN1_STRING_set_by_NID , -.Nm ASN1_STRING_set_default_mask , -.Nm ASN1_STRING_set_default_mask_asc , -.Nm ASN1_STRING_get_default_mask , -.Nm ASN1_tag2bit -.Nd copy a multibyte string into an ASN.1 string object -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft int -.Fo ASN1_mbstring_copy -.Fa "ASN1_STRING **out" -.Fa "const unsigned char *in" -.Fa "int inbytes" -.Fa "int inform" -.Fa "unsigned long mask" -.Fc -.Ft int -.Fo ASN1_mbstring_ncopy -.Fa "ASN1_STRING **out" -.Fa "const unsigned char *in" -.Fa "int inbytes" -.Fa "int inform" -.Fa "unsigned long mask" -.Fa "long minchars" -.Fa "long maxchars" -.Fc -.Ft ASN1_STRING * -.Fo ASN1_STRING_set_by_NID -.Fa "ASN1_STRING **out" -.Fa "const unsigned char *in" -.Fa "int inbytes" -.Fa "int inform" -.Fa "int nid" -.Fc -.Ft void -.Fo ASN1_STRING_set_default_mask -.Fa "unsigned long mask" -.Fc -.Ft int -.Fo ASN1_STRING_set_default_mask_asc -.Fa "const char *maskname" -.Fc -.Ft unsigned long -.Fn ASN1_STRING_get_default_mask void -.Ft unsigned long -.Fn ASN1_tag2bit "int tag" -.Sh DESCRIPTION -.Fn ASN1_mbstring_copy -interprets -.Fa inbytes -bytes starting at -.Fa in -as a multibyte string and copies it to -.Pf * Fa out , -optionally changing the encoding. -If the -.Fa inbytes -argument is negative, the -.Xr strlen 3 -of -.Fa in -is used instead. -.Pp -The -.Fa inform -argument specifies the character encoding of -.Fa in : -.Bl -column MBSTRING_UNIV encoding -.It Ar inform Ta encoding -.It Dv MBSTRING_ASC Ta ISO-Latin-1 -.It Dv MBSTRING_BMP Ta UTF-16 -.It Dv MBSTRING_UNIV Ta UTF-32 -.It Dv MBSTRING_UTF8 Ta UTF-8 -.El -.Pp -The bit -.Fa mask -specifies a set of ASN.1 string types -that the user is willing to accept: -.Bl -column B_ASN1_UNIVERSALSTRING ASN1_UNIVERSALSTRING default -.It bit in Fa mask Ta acceptable output type Ta default -.It Dv B_ASN1_PRINTABLESTRING Ta Vt ASN1_PRINTABLESTRING Ta yes -.It Dv B_ASN1_IA5STRING Ta Vt ASN1_IA5STRING Ta no -.It Dv B_ASN1_T61STRING Ta Vt ASN1_T61STRING Ta yes -.It Dv B_ASN1_BMPSTRING Ta Vt ASN1_BMPSTRING Ta yes -.It Dv B_ASN1_UNIVERSALSTRING Ta Vt ASN1_UNIVERSALSTRING Ta no -.It any other bit Ta Vt ASN1_UTF8STRING Ta yes -.El -.Pp -The first type from the above table that is included in the -.Fa mask -argument and that can represent -.Fa in -is used as the output type. -The -.Dq default -column indicates whether the type is considered acceptable if the -.Fa mask -argument has the special value 0. -.Pp -The following bit mask constants -each include several of the bits listed above: -.Bl -column B_ASN1_DIRECTORYSTRING_ MMM MMM MMM MMM MMM MMMM -.It mask constant Ta PRI Ta IA5 Ta T61 Ta BMP Ta UNI Ta UTF8 -.It Dv B_ASN1_DIRECTORYSTRING Ta yes Ta no Ta yes Ta yes Ta yes Ta yes -.It Dv DIRSTRING_TYPE Ta yes Ta no Ta yes Ta yes Ta no Ta yes -.It Dv PKCS9STRING_TYPE Ta yes Ta yes Ta yes Ta yes Ta no Ta yes -.El -.Pp -If -.Fa out -is -.Dv NULL , -.Fa inform , -.Fa inbytes , -and -.Fa in -are validated and the output type is determined and returned, -but nothing is copied. -.Pp -Otherwise, if -.Pf * Fa out -is -.Dv NULL , -a new output object of the output type is allocated -and a pointer to it is stored in -.Pf * Fa out . -.Pp -Otherwise, -.Pf ** Fa out -is used as the output object. -Any data already stored in it is freed -and its type is changed to the output type. -.Pp -Finally, -.Fa in -is copied to the output object, changing the character encoding if -.Fa inform -does not match the encoding used by the output type. -.Pp -.Fn ASN1_mbstring_ncopy -is similar except that the number of characters in -.Fa in -is restricted to the range from -.Fa minchars -to -.Fa maxchars , -inclusive. -If -.Fa maxchars -is 0, no upper limit is enforced on the number of characters. -.Pp -.Fn ASN1_STRING_set_by_NID -is similar with the following differences: -.Bl -bullet -width 1n -.It -If -.Fa out -is -.Dv NULL , -a new output object is allocated and returned -instead of skipping the copying. -.It -If -.Fa nid -has a global string table entry that can be retrieved with -.Xr ASN1_STRING_TABLE_get 3 , -.Fa mask , -.Fa minchars , -and -.Fa maxchars -are taken from that string table entry. -For some values of -.Fa nid , -an additional global mask is AND'ed into the mask before using it. -The default value of the global mask is -.Dv B_ASN1_UTF8STRING . -.It -If -.Fa nid -has no global string table entry, -.Dv B_ASN1_PRINTABLESTRING | B_ASN1_T61STRING | -.Dv B_ASN1_BMPSTRING | B_ASN1_UTF8STRING -is used instead of the mask taken from the table, -and the global mask is also AND'ed into it. -.It -Even though success and failure happen in the same situations, -the return value is different. -.Xr ASN1_STRING_type 3 -can be used to determine the type of the return value. -.El -.Pp -.Fn ASN1_STRING_set_default_mask -sets the global mask used by -.Fn ASN1_STRING_set_by_NID -to the -.Fa mask -argument. -.Pp -.Fn ASN1_STRING_set_default_mask_asc -sets the global mask as follows: -.Bl -column utf8only -.It Ar maskname Ta Ar mask -.It Qo default Qc Ta anything -.It Qo nombstr Qc Ta anything except Dv B_ASN1_BMPSTRING | B_ASN1_UTF8STRING -.It Qo pkix Qc Ta anything except Dv B_ASN1_T61STRING -.It Qo utf8only Qc Ta Dv B_ASN1_UTF8STRING -.El -.Pp -If the -.Fa maskname -argument starts with the substring -.Qq MASK:\& , -the rest of it is interpreted as an -.Vt unsigned long -value using -.Xr strtoul 3 . -.Pp -.Fn ASN1_tag2bit -translates ASN.1 data types to type bits as follows: -.Bl -column V_ASN1_OBJECT_DESCRIPTOR B_ASN1_UNIVERSALSTRING -.It Fa tag Ta return value -.It Dv V_ASN1_BIT_STRING Ta Dv B_ASN1_BIT_STRING -.It Dv V_ASN1_BMPSTRING Ta Dv B_ASN1_BMPSTRING -.It Dv V_ASN1_BOOLEAN Ta 0 -.It Dv V_ASN1_ENUMERATED Ta Dv B_ASN1_UNKNOWN -.It Dv V_ASN1_EOC Ta 0 -.It Dv V_ASN1_EXTERNAL Ta Dv B_ASN1_UNKNOWN -.It Dv V_ASN1_GENERALIZEDTIME Ta Dv B_ASN1_GENERALIZEDTIME -.It Dv V_ASN1_GENERALSTRING Ta Dv B_ASN1_GENERALSTRING -.It Dv V_ASN1_GRAPHICSTRING Ta Dv B_ASN1_GRAPHICSTRING -.It Dv V_ASN1_IA5STRING Ta Dv B_ASN1_IA5STRING -.It Dv V_ASN1_INTEGER Ta 0 -.It Dv V_ASN1_ISO64STRING Ta Dv B_ASN1_ISO64STRING -.It Dv V_ASN1_NULL Ta 0 -.It Dv V_ASN1_NUMERICSTRING Ta Dv B_ASN1_NUMERICSTRING -.It Dv V_ASN1_OBJECT Ta 0 -.It Dv V_ASN1_OBJECT_DESCRIPTOR Ta Dv B_ASN1_UNKNOWN -.It Dv V_ASN1_OCTET_STRING Ta Dv B_ASN1_OCTET_STRING -.It Dv V_ASN1_PRINTABLESTRING Ta Dv B_ASN1_PRINTABLESTRING -.It Dv V_ASN1_REAL Ta Dv B_ASN1_UNKNOWN -.It Dv V_ASN1_SEQUENCE Ta Dv B_ASN1_SEQUENCE -.It Dv V_ASN1_SET Ta 0 -.It Dv V_ASN1_T61STRING Ta Dv B_ASN1_T61STRING -.It Dv V_ASN1_TELETEXSTRING Ta Dv B_ASN1_TELETEXSTRING -.It Dv V_ASN1_UNDEF Ta 0 -.It Dv V_ASN1_UNIVERSALSTRING Ta Dv B_ASN1_UNIVERSALSTRING -.It Dv V_ASN1_UTCTIME Ta Dv B_ASN1_UTCTIME -.It Dv V_ASN1_UTF8STRING Ta Dv B_ASN1_UTF8STRING -.It Dv V_ASN1_VIDEOTEXSTRING Ta Dv B_ASN1_VIDEOTEXSTRING -.It Dv V_ASN1_VISIBLESTRING Ta Dv B_ASN1_VISIBLESTRING -.It 11, 13, 14, 15, 29 Ta Dv B_ASN1_UNKNOWN -.It Dv other Po < 0, > 30 Pc Ta Dv 0 -.El -.Pp -In typical usage, the calling code calculates the bitwise AND -of the return value and a mask describing data types -that the calling code is willing to use. -If the result of the AND operation is non-zero, the data type is -adequate; otherwise, the calling code may need to raise an error. -.Sh RETURN VALUES -.Fn ASN1_mbstring_copy -and -.Fn ASN1_mbstring_ncopy -return the -.Dv V_ASN1_* -constant representing the output type or \-1 if -.Fa inform -is invalid, if -.Fa inbytes -or -.Fa in -is invalid for the -.Fa inform -encoding, if -.Fa in -contains an UTF-16 surrogate, -which is unsupported even for input using the UTF-16 encoding, -or if memory allocation fails. -.Pp -.Fn ASN1_mbstring_ncopy -also returns \-1 if -.Fa in -contains fewer than -.Fa minchars -or more than -.Fa maxchars -characters. -.Pp -.Fn ASN1_STRING_set_by_NID -returns the new or changed ASN.1 string object or -.Dv NULL -on failure. -.Pp -.Fn ASN1_STRING_set_default_mask_asc -returns 1 if successful or 0 if -.Qq MASK:\& -is not followed by a number, if the number is followed by a non-numeric -character, or if the -.Fa maskname -is invalid. -.Pp -.Fn ASN1_STRING_get_default_mask -returns the global mask. -.Pp -.Fn ASN1_tag2bit -returns a -.Dv B_ASN1_* -constant or 0. -.Sh SEE ALSO -.Xr ASN1_PRINTABLE_type 3 , -.Xr ASN1_STRING_new 3 , -.Xr ASN1_STRING_set 3 , -.Xr ASN1_STRING_TABLE_get 3 , -.Xr ASN1_UNIVERSALSTRING_to_string 3 -.Sh HISTORY -.Fn ASN1_mbstring_copy , -.Fn ASN1_mbstring_ncopy , -.Fn ASN1_STRING_set_by_NID , -.Fn ASN1_STRING_set_default_mask , -.Fn ASN1_STRING_set_default_mask_asc , -and -.Fn ASN1_STRING_get_default_mask -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . -.Pp -.Fn ASN1_tag2bit -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.2 . -.Sh BUGS -If integer overflow occurs in -.Fn ASN1_STRING_set_default_mask_asc -while parsing a number following -.Qq MASK:\& , -the function succeeds, essentially behaving in the same way as for -.Qq default . -.Pp -Passing -.Qq default -to -.Fn ASN1_STRING_set_default_mask_asc -does -.Em not -restore the default mask. -Instead, passing -.Qq utf8only -does that. diff --git a/src/lib/libcrypto/man/ASN1_parse_dump.3 b/src/lib/libcrypto/man/ASN1_parse_dump.3 deleted file mode 100644 index 50761f38aa..0000000000 --- a/src/lib/libcrypto/man/ASN1_parse_dump.3 +++ /dev/null @@ -1,216 +0,0 @@ -.\" $OpenBSD: ASN1_parse_dump.3,v 1.3 2021/12/09 18:52:09 schwarze Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: December 9 2021 $ -.Dt ASN1_PARSE_DUMP 3 -.Os -.Sh NAME -.Nm ASN1_parse_dump , -.Nm ASN1_parse -.Nd parse BER and print information about it -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft int -.Fo ASN1_parse_dump -.Fa "BIO *bio" -.Fa "const unsigned char *ber_in" -.Fa "long length" -.Fa "int indent" -.Fa "int dump" -.Fc -.Ft int -.Fo ASN1_parse -.Fa "BIO *bio" -.Fa "const unsigned char *ber_in" -.Fa "long length" -.Fa "int indent" -.Fc -.Sh DESCRIPTION -.Fn ASN1_parse_dump -parses BER-encoded values and prints information about them to -.Fa bio . -On function entry, -.Pf * Fa ber_in -is expected to point to the first identifier octet of an encoded value. -At most -.Fa length -bytes are inspected. -.Pp -For each value successfully parsed, the following information is printed: -.Bl -enum -.It -The index of its first identifier octet relative to -.Fa ber_in -as a decimal number followed by a colon. -For the first value parsed and printed, this is -.Qq 0:\& . -.It -The nesting depth as a decimal integer. -For the first value parsed and printed, this is -.Qq d=0 . -.It -The header length in bytes, including the identifier octets and the -length octets, as a decimal integer. -For example, for a boolean value, this is -.Qq hl=2 -because the encoding of a boolean value contains -one identifier octet (0x01) and one length octet (also 0x01, -because one content octet follows after the header). -.It -If the value is encoded using the definite form for the length octets, -the number encoded in the length octets as a decimal integer. -This is the number of content octets that follow. -For example, for a boolean value, this is -.Qq l=1 . -If the value is encoded using a length octet indicating the indefinite form, -.Qq l=inf -is printed instead. -.It -If the value is primitive, -.Qq prim:\& -is printed; -if it is constructed, -.Qq cons:\& . -.It -The next field depends on the class of the tag: -.Bl -tag -width Ds -.It Dv V_ASN1_PRIVATE -.Qq priv -followed by the decimal tag number in square brackets -.It Dv V_ASN1_CONTEXT_SPECIFIC -.Qq cont -followed by the decimal tag number in square brackets -.It Dv V_ASN1_APPLICATION -.Qq appl -followed by the decimal tag number in square brackets -.It V_ASN1_UNIVERSAL -If the tag number is 30 or less, the return value from -.Xr ASN1_tag2str 3 -is printed; otherwise, -.Qq -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: January 12 2022 $ -.Dt ASN1_PUT_OBJECT 3 -.Os -.Sh NAME -.Nm ASN1_put_object , -.Nm ASN1_put_eoc , -.Nm ASN1_object_size -.Nd start and end the BER encoding of an arbitrary ASN.1 data element -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft void -.Fo ASN1_put_object -.Fa "unsigned char **ber_out" -.Fa "int constructed" -.Fa "int content_length" -.Fa "int tag" -.Fa "int class" -.Fc -.Ft int -.Fo ASN1_put_eoc -.Fa "unsigned char **ber_out" -.Fc -.Ft int -.Fo ASN1_object_size -.Fa "int constructed" -.Fa "int content_length" -.Fa "int tag" -.Fc -.Sh DESCRIPTION -.Fn ASN1_put_object -begins writing the BER encoding of an arbitrary ASN.1 data element -to the buffer -.Pf * ber_out -by writing the identifier and the length bytes. -Making sure that there is sufficient space in the buffer -is the responsibility of the caller. -This function does not write any content bytes -nor any end-of-content bytes. -.Pp -The tag -.Fa class -can be -.Dv V_ASN1_UNIVERSAL , -.Dv V_ASN1_APPLICATION , -.Dv V_ASN1_CONTEXT_SPECIFIC , -or -.Dv V_ASN1_PRIVATE -and is written to the two most significant bits of the first byte written. -.Pp -The -.Fa constructed -argument can have the following values: -.Bl -tag -width 1n -offset 2n -compact -.It 0 -Start a primitive value by setting the third most significant bit -of the first byte written to 0. -Always use the definite form. -.It 1 -Start a constructed value by setting the third most significant bit -of the first byte written to 1, and use the definite form. -.It 2 -Start a constructed value and use the indefinite form, -.El -.Pp -If the -.Fa tag -is less than -.Dv V_ASN1_PRIMITIVE_TAG Pq = 0x1f , -it is written to the five least significant bits -of the only identifier byte written. -Otherwise, these five bits are all set to 1, and the -.Fa tag -is encoded in one or more following identifier bytes as needed. -.Pp -After completing the identifier byte(s), -when using the definite form, the given -.Fa content_length -is encoded in one or more bytes as needed, -using the long form if and only if the -.Fa content_length -is greater than 127. -When using the indefinite form, -the special byte 0x80 is written instead and the -.Fa content_length -argument is ignored. -.Pp -At the end, -.Pf * Fa ber_out -is set to the byte following the last byte written. -The calling code can then start writing content bytes. -.Pp -If the indefinite form was selected, -the calling code is also responsible for calling -.Fn ASN1_put_eoc -which writes an end-of-content marker to -.Pf * Fa ber_out , -consisting of two NUL bytes, and advances -.Pf * Fa ber_out -by two bytes. -.Pp -.Fn ASN1_object_size -calculates the total length in bytes of the BER encoding -of an ASN.1 data element with the given -.Fa tag -and the number of content bytes given by -.Fa content_length . -The -.Fa constructed -argument has the same meaning as for -.Fn ASN1_put_object . -The return value includes the identifier, length, and content bytes. -If -.Fa constructed -is 2, it also includes the end-of-content bytes. -For the definite form, only the short form is supported if the -.Fa content_length -is less than 128. -.Sh RETURN VALUES -.Fn ASN1_put_eoc -returns the number of bytes written, which is always 2. -.Pp -.Fn ASN1_object_size -returns the total number of bytes in the encoding of the data element. -.Sh SEE ALSO -.Xr ASN1_item_i2d 3 , -.Xr ASN1_TYPE_get 3 , -.Xr i2d_ASN1_NULL 3 , -.Xr i2d_ASN1_OBJECT 3 , -.Xr i2d_ASN1_OCTET_STRING 3 , -.Xr i2d_ASN1_SEQUENCE_ANY 3 -.Sh STANDARDS -ITU-T Recommendation X.690, also known as ISO/IEC 8825-1: -Information technology - ASN.1 encoding rules: -Specification of Basic Encoding Rules (BER), Canonical Encoding -Rules (CER) and Distinguished Encoding Rules (DER), -section 8.1: General rules for encoding -.Sh HISTORY -.Fn ASN1_put_object -and -.Fn ASN1_object_size -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . -.Pp -.Fn ASN1_put_eoc -first appeared in OpenSSL 0.9.8 and has been available since -.Ox 4.5 . -.Sh CAVEATS -None of these functions do any sanity checking. -When called in inconsistent ways, invalid content may result in -.Pf * Fa ber_out , -for example -.Bl -dash -compact -.It -a -.Fa tag -number less than -.Dv V_ASN1_PRIMITIVE_TAG -with a -.Fa class -other than -.Dv V_ASN1_UNIVERSAL -.It -a -.Fa tag -number equal to -.Dv V_ASN1_EOC Pq 0x00 -or -.Dv V_ASN1_PRIMITIVE_TAG Pq 0x1f -.It -a -.Vt BOOLEAN , -.Vt INTEGER , -.Vt NULL -etc. with the -.Fa constructed -bit set -.It -a -.Vt SEQUENCE -or -.Vt SET -etc. without the -.Fa constructed -bit set -.It -a -.Fa content_length -that makes no sense for the given -.Fa tag -.It -a -.Fa content_length -that disagrees with the following data -.It -a -.Vt BOOLEAN , -.Vt INTEGER , -.Vt NULL -etc. in indefinite form -.It -an end-of-content marker even though no indefinite form was started -.It -\&... -.El -.Pp -If the calling code wants to find out how many bytes were written, -it needs to save a copy of the pointer -.Pf * Fa ber_out -before calling -.Fn ASN1_put_object . diff --git a/src/lib/libcrypto/man/ASRange_new.3 b/src/lib/libcrypto/man/ASRange_new.3 deleted file mode 100644 index dc58c98e58..0000000000 --- a/src/lib/libcrypto/man/ASRange_new.3 +++ /dev/null @@ -1,410 +0,0 @@ -.\" $OpenBSD: ASRange_new.3,v 1.8 2023/10/11 12:06:11 tb Exp $ -.\" -.\" Copyright (c) 2023 Theo Buehler -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: October 11 2023 $ -.Dt ASRANGE_NEW 3 -.Os -.Sh NAME -.Nm ASRange_new , -.Nm ASRange_free , -.Nm d2i_ASRange , -.Nm i2d_ASRange , -.Nm ASIdOrRange_new , -.Nm ASIdOrRange_free , -.Nm d2i_ASIdOrRange , -.Nm i2d_ASIdOrRange , -.Nm ASIdentifierChoice_new , -.Nm ASIdentifierChoice_free , -.Nm d2i_ASIdentifierChoice , -.Nm i2d_ASIdentifierChoice -.Nd RFC 3779 autonomous system identifiers and ranges -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft "ASRange *" -.Fn ASRange_new void -.Ft void -.Fn ASRange_free "ASRange *asrange" -.Ft ASRange * -.Fo d2i_ASRange -.Fa "ASRange **asrange" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ASRange -.Fa "ASRange *asrange" -.Fa "unsigned char **der_out" -.Fc -.Ft "ASIdOrRange *" -.Fn ASIdOrRange_new void -.Ft void -.Fn ASIdOrRange_free "ASIdOrRange *aor" -.Ft ASIdOrRange * -.Fo d2i_ASIdOrRange -.Fa "ASIdOrRange **aor" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ASIdOrRange -.Fa "ASIdOrRange *aor" -.Fa "unsigned char **der_out" -.Fc -.Ft "ASIdentifierChoice *" -.Fn ASIdentifierChoice_new void -.Ft void -.Fn ASIdentifierChoice_free "ASIdentifierChoice *aic" -.Ft ASIdentifierChoice * -.Fo d2i_ASIdentifierChoice -.Fa "ASIdentifierChoice **aic" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ASIdentifierChoice -.Fa "ASIdentifierChoice *aic" -.Fa "unsigned char **der_out" -.Fc -.Sh DESCRIPTION -.Vt ASRange , -.Vt ASIdOrRange , -and -.Vt ASIdentifierChoice -are building blocks of the -.Vt ASIdentifiers -type representing the RFC 3779 -autonomous system identifier delegation extension. -.Pp -All -.Vt ASN1_INTEGER Ns s -in this manual must be representable as unsigned 32-bit integers. -The API performs no corresponding checks. -An -.Vt ASN1_INTEGER -can be set using -.Xr ASN1_INTEGER_set_uint64 3 . -.Pp -The -.Vt ASRange -type defined in RFC 3779 section 3.2.3.8 is implemented as -.Bd -literal -offset indent -typedef struct ASRange_st { - ASN1_INTEGER *min; - ASN1_INTEGER *max; -} ASRange; -.Ed -.Pp -It represents the closed range [min,max] of AS identifiers between -.Fa min -and -.Fa max , -where -.Fa min -should be strictly smaller than -.Fa max . -.Pp -.Fn ASRange_new -allocates a new -.Vt ASRange -object with allocated, empty -.Fa min -and -.Fa max , -thus representing the invalid range [0,0]. -.Pp -.Fn ASRange_free -frees -.Fa asrange -including any data contained in it. -If -.Fa asrange -is -.Dv NULL , -no action occurs. -.Pp -The -.Vt ASIdOrRange -type defined in RFC 3779 section 3.2.3.5 is implemented as -.Bd -literal -offset indent -typedef struct ASIdOrRange_st { - int type; - union { - ASN1_INTEGER *id; - ASRange *range; - } u; -} ASIdOrRange; -.Ed -.Pp -representing an individual AS identifier or a range. -When populating an -.Vt ASIdOrRange -object by hand, its -.Fa type -should be set to -.Dv ASIdOrRange_id -or -.Dv ASIdOrRange_range -to indicate which member of the union -.Fa u -is valid. -.Pp -.Fn ASIdOrRange_new -returns a new -.Vt ASIdOrRange -object with invalid type and -.Dv NULL -members of the union -.Fa u . -.Pp -.Fn ASIdOrRange_free -frees -.Fa aor -including any data contained in it, -provided -.Fa type -is set correctly. -If -.Fa asrange -is -.Dv NULL , -no action occurs. -.Pp -In order to express a list of AS identifiers and ranges, -RFC 3779 section 3.2.3.4 -uses an ASN.1 SEQUENCE, -which is implemented via a -.Xr STACK_OF 3 -construction over -.Vt ASIdOrRange : -.Bd -literal -offset indent -typedef STACK_OF(ASIdOrRange) ASIdOrRanges; -.Ed -.Pp -Since an -.Vt ASIdOrRanges -object should be sorted in a specific way (see -.Xr X509v3_asid_canonize 3 Ns ), -a comparison function is needed for a correct instantiation -with -.Xr sk_new 3 . -The -.Fn ASIdOrRange_cmp -function is not directly exposed and not easily accessible -from outside the library, -and it is non-trivial to implement. -It is therefore discouraged to use -.Vt ASIdOrRanges -objects that are not part of an -.Vt ASIdentifiers -object. -.Pp -The -.Dq inherit -marker from RFC 3779 section 3.2.3.3 is implemented as -.Vt ASN1_NULL . -It has no dedicated type or API and can be instantiated with -.Xr ASN1_NULL_new 3 . -.Pp -The -.Vt ASIdentifierChoice -type defined in RFC 3779 section 3.2.3.2 is implemented as -.Bd -literal -offset indent -typedef struct ASIdentifierChoice_st { - int type; - union { - ASN1_NULL *inherit; - ASIdOrRanges *asIdsOrRanges; - } u; -} ASIdentifierChoice; -.Ed -.Pp -where the -.Fa type -member should be set to -.Dv ASIdentifierChoice_inherit -or -.Dv ASIdentifierChoice_asIdsOrRanges -to indicate whether a given -.Vt ASIdentifierChoice -object represents an inherited list or an explicit list. -.Pp -.Fn ASIdentifierChoice_new -returns a new -.Vt ASIdentifierChoice -object with invalid type and -.Dv NULL -members of the union -.Fa u . -.Pp -.Fn ASIdentifierChoice_free -frees -.Fa aic -including any data contained in it, -provided -.Fa type -is set correctly. -.Pp -The -.Vt ASIdentifiers -type defined in RFC 3779 section 3.2.3.1 is implemented as -.Bd -literal -offset indent -typedef struct ASIdentifiers_st { - ASIdentifierChoice *asnum; - ASIdentifierChoice *rdi; -} ASIdentifiers; -.Ed -.Pp -It should be instantiated with -.Xr ASIdentifiers_new 3 -and populated with -.Xr X509v3_asid_add_id_or_range 3 . -.Pp -.Fn d2i_ASRange , -.Fn i2d_ASRange , -.Fn d2i_ASIdOrRange , -.Fn i2d_ASIdOrRange , -.Fn d2i_ASIdentifierChoice , -and -.Fn i2d_ASIdentifierChoice -decode and encode ASN.1 -.Vt ASRange , -.Vt ASIdOrRange , -and -.Vt ASIdentifierChoice -objects. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -In order for the encoding produced by -.Fn i2d_ASRange -to be correct, -.Fa min -must be strictly less than -.Fa max . -Similarly for -.Fn i2d_ASIdOrRange -and an -.Fa ASIdOrRange -object of -.Fa type -.Dv ASIdOrRange_range . -.Sh RETURN VALUES -.Fn ASRange_new -returns a new -.Vt ASRange -object with allocated, empty members, or -.Dv NULL -if an error occurs. -.Pp -.Fn ASIdOrRange_new -returns a new, empty -.Vt ASIdOrRange -object or -.Dv NULL -if an error occurs. -.Pp -.Fn ASIdentifierChoice_new -returns a new, empty -.Vt ASIdentifierChoice -object or -.Dv NULL -if an error occurs. -.Pp -The decoding functions -.Fn d2i_ASRange , -.Fn d2i_ASIdOrRange , -and -.Fn d2i_ASIdentifierChoice -return an -.Vt ASRange , -an -.Vt ASIdOrRange , -or an -.Vt ASIdentifierChoice , -object, respectively, -or -.Dv NULL -if an error occurs. -.Pp -The encoding functions -.Fn i2d_ASRange , -.Fn i2d_ASIdOrRange , -and -.Fn i2d_ASIdentifierChoice -return the number of bytes successfully encoded -or a value <= 0 if an error occurs. -.Sh SEE ALSO -.Xr ASIdentifiers_new 3 , -.Xr ASN1_INTEGER_set_uint64 3 , -.Xr crypto 3 , -.Xr IPAddressRange_new 3 , -.Xr s2i_ASN1_INTEGER 3 , -.Xr STACK_OF 3 , -.Xr X509_new 3 , -.Xr X509v3_asid_add_id_or_range 3 -.Sh STANDARDS -RFC 3779: X.509 Extensions for IP Addresses and AS Identifiers: -.Bl -dash -compact -.It -section 3.2.3: Syntax -.It -section 3.2.3.1: Type ASIdentifiers -.It -section 3.2.3.2: Elements asnum, rdi, and Type ASIdentifierChoice -.It -section 3.2.3.3: Element inherit -.It -section 3.2.3.4: Element asIdsOrRanges -.It -section 3.2.3.5: Type ASIdOrRange -.It -section 3.2.3.6: Element id -.It -section 3.2.3.7: Element range -.It -section 3.2.3.8: Type ASRange -.It -section 3.2.3.9: Elements min and max -.El -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.8e -and have been available since -.Ox 7.1 . -.Sh BUGS -An -.Fn ASIdOrRanges_new -function that installs the correct comparison function -on the stack of -.Vt ASIdOrRange -should have been part of the API to make it usable. -.Pp -.Fn ASIdentifierChoice_new -is of very limited use because -.Fn ASIdOrRanges_new -is missing. -.Pp -There is no way of ensuring that an -.Vt ASIdOrRanges -object is in canonical form unless it is part of an -.Vt ASIdentifiers -object. -It is therefore difficult to guarantee that the output of -.Fn i2d_ASIdentifierChoice -is conformant. -.Pp -RFC 3779 3.2.3.4 has -.Dq Fa asIdsOrRanges -while its type in this implementation is -.Vt ASIdOrRanges . diff --git a/src/lib/libcrypto/man/AUTHORITY_KEYID_new.3 b/src/lib/libcrypto/man/AUTHORITY_KEYID_new.3 deleted file mode 100644 index bff451ff36..0000000000 --- a/src/lib/libcrypto/man/AUTHORITY_KEYID_new.3 +++ /dev/null @@ -1,73 +0,0 @@ -.\" $OpenBSD: AUTHORITY_KEYID_new.3,v 1.4 2019/06/06 01:06:58 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: June 6 2019 $ -.Dt AUTHORITY_KEYID_NEW 3 -.Os -.Sh NAME -.Nm AUTHORITY_KEYID_new , -.Nm AUTHORITY_KEYID_free -.Nd X.509 authority key identifier extension -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft AUTHORITY_KEYID * -.Fn AUTHORITY_KEYID_new void -.Ft void -.Fn AUTHORITY_KEYID_free "AUTHORITY_KEYID *id" -.Sh DESCRIPTION -Using the authority key identifier extension, an X.509 certificate -or certificate revocation list can specify which key pair was used -for signing it. -.Pp -.Fn AUTHORITY_KEYID_new -allocates and initializes an empty -.Vt AUTHORITY_KEYID -object, representing an ASN.1 -.Vt AuthorityKeyIdentifier -structure defined in RFC 5280 section 4.2.1.1. -It can hold an issuer name, a serial number, and a key identifier. -.Pp -.Fn AUTHORITY_KEYID_free -frees -.Fa id . -.Sh RETURN VALUES -.Fn AUTHORITY_KEYID_new -returns the new -.Vt AUTHORITY_KEYID -object or -.Dv NULL -if an error occurs. -.Sh SEE ALSO -.Xr d2i_AUTHORITY_KEYID 3 , -.Xr GENERAL_NAMES_new 3 , -.Xr X509_CRL_new 3 , -.Xr X509_EXTENSION_new 3 , -.Xr X509_new 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile: -.Bl -dash -compact -.It -section 4.2.1.1: Certificate Extensions: Authority Key Identifier -.It -section 5.2.1: CRL Extensions: Authority Key Identifier -.El -.Sh HISTORY -.Fn AUTHORITY_KEYID_new -and -.Fn AUTHORITY_KEYID_free -first appeared in OpenSSL 0.9.2b and have been available since -.Ox 2.6 . diff --git a/src/lib/libcrypto/man/BASIC_CONSTRAINTS_new.3 b/src/lib/libcrypto/man/BASIC_CONSTRAINTS_new.3 deleted file mode 100644 index e60b0d223c..0000000000 --- a/src/lib/libcrypto/man/BASIC_CONSTRAINTS_new.3 +++ /dev/null @@ -1,89 +0,0 @@ -.\" $OpenBSD: BASIC_CONSTRAINTS_new.3,v 1.6 2021/10/27 11:24:47 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: October 27 2021 $ -.Dt BASIC_CONSTRAINTS_NEW 3 -.Os -.Sh NAME -.Nm BASIC_CONSTRAINTS_new , -.Nm BASIC_CONSTRAINTS_free -.Nd X.509 extension to mark CA certificates -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft BASIC_CONSTRAINTS * -.Fn BASIC_CONSTRAINTS_new void -.Ft void -.Fn BASIC_CONSTRAINTS_free "BASIC_CONSTRAINTS *bc" -.Sh DESCRIPTION -.Fn BASIC_CONSTRAINTS_new -allocates and initializes an empty -.Vt BASIC_CONSTRAINTS -object, representing an ASN.1 -.Vt BasicConstraints -structure defined in RFC 5280 section 4.2.1.9. -.Pp -This object contains two fields. -The field -.Fa "int ca" -is non-zero if the certificate is a CA certificate. -The field -.Fa "ASN1_INTEGER *pathlen" -specifies the maximum number of non-self-issued intermediate -certificates that may follow this certificate in a valid -certification path. -.Pp -If an X.509 version 3 certificate does not contain this extension -or if the -.Fa ca -field of the -.Vt BASIC_CONSTRAINTS -object is 0, or if the certificate contains a key usage extension -having the -.Dv KU_KEY_CERT_SIGN -bit unset, then it is not a CA certificate but an end entity -certificate. -.Pp -.Fn BASIC_CONSTRAINTS_free -frees -.Fa bc . -.Sh RETURN VALUES -.Fn BASIC_CONSTRAINTS_new -returns the new -.Vt BASIC_CONSTRAINTS -object or -.Dv NULL -if an error occurs. -.Sh SEE ALSO -.Xr d2i_BASIC_CONSTRAINTS 3 , -.Xr X509_check_purpose 3 , -.Xr X509_EXTENSION_new 3 , -.Xr X509_get_extension_flags 3 , -.Xr X509_new 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile: -.Bl -dash -compact -.It -section 4.2.1.9: Basic Constraints -.It -section 6.1: Basic Path Validation -.El -.Sh HISTORY -.Fn BASIC_CONSTRAINTS_new -and -.Fn BASIC_CONSTRAINTS_free -first appeared in OpenSSL 0.9.2b and have been available since -.Ox 2.6 . diff --git a/src/lib/libcrypto/man/BF_set_key.3 b/src/lib/libcrypto/man/BF_set_key.3 deleted file mode 100644 index 5f4c7a689b..0000000000 --- a/src/lib/libcrypto/man/BF_set_key.3 +++ /dev/null @@ -1,269 +0,0 @@ -.\" $OpenBSD: BF_set_key.3,v 1.12 2023/08/05 18:27:55 jmc Exp $ -.\" OpenSSL 99d63d46 Jul 19 09:27:53 2016 -0400 -.\" -.\" This file was written by Richard Levitte . -.\" Copyright (c) 2000, 2002, 2005, 2014, 2016 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: August 5 2023 $ -.Dt BF_SET_KEY 3 -.Os -.Sh NAME -.Nm BF_set_key , -.Nm BF_encrypt , -.Nm BF_decrypt , -.Nm BF_ecb_encrypt , -.Nm BF_cbc_encrypt , -.Nm BF_cfb64_encrypt , -.Nm BF_ofb64_encrypt -.Nd Blowfish encryption -.Sh SYNOPSIS -.In openssl/blowfish.h -.Ft void -.Fo BF_set_key -.Fa "BF_KEY *key" -.Fa "int len" -.Fa "const unsigned char *data" -.Fc -.Ft void -.Fo BF_encrypt -.Fa "BF_LONG *data" -.Fa "const BF_KEY *key" -.Fc -.Ft void -.Fo BF_decrypt -.Fa "BF_LONG *data" -.Fa "const BF_KEY *key" -.Fc -.Ft void -.Fo BF_ecb_encrypt -.Fa "const unsigned char *in" -.Fa "unsigned char *out" -.Fa "BF_KEY *key" -.Fa "int enc" -.Fc -.Ft void -.Fo BF_cbc_encrypt -.Fa "const unsigned char *in" -.Fa "unsigned char *out" -.Fa "long length" -.Fa "BF_KEY *schedule" -.Fa "unsigned char *ivec" -.Fa "int enc" -.Fc -.Ft void -.Fo BF_cfb64_encrypt -.Fa "const unsigned char *in" -.Fa "unsigned char *out" -.Fa "long length" -.Fa "BF_KEY *schedule" -.Fa "unsigned char *ivec" -.Fa "int *num" -.Fa "int enc" -.Fc -.Ft void -.Fo BF_ofb64_encrypt -.Fa "const unsigned char *in" -.Fa "unsigned char *out" -.Fa "long length" -.Fa "BF_KEY *schedule" -.Fa "unsigned char *ivec" -.Fa "int *num" -.Fc -.Sh DESCRIPTION -This library implements the Blowfish cipher, -which was invented and defined by -.An Counterpane . -Note that applications should use higher level functions such as -.Xr EVP_EncryptInit 3 -instead of calling the Blowfish functions directly. -.Pp -Blowfish is a block cipher that operates on 64-bit (8 byte) blocks of data. -It uses a variable size key, but typically, 128-bit (16 byte) keys -are considered good for strong encryption. -Blowfish can be used in the same modes as DES -and is currently one of the faster block ciphers. -It is quite a bit faster than DES, and much faster than IDEA or RC2. -.Pp -Blowfish consists of a key setup phase -and the actual encryption or decryption phase. -.Pp -.Fn BF_set_key -sets up the -.Vt BF_KEY -.Fa key -using the -.Fa len -bytes long key at -.Fa data . -.Pp -.Fn BF_ecb_encrypt -is the basic Blowfish encryption and decryption function. -It encrypts or decrypts the first 64 bits of -.Fa in -using the key -.Fa key , -putting the result in -.Fa out . -.Fa enc -decides if encryption -.Pq Dv BF_ENCRYPT -or decryption -.Pq Dv BF_DECRYPT -shall be performed. -The vector pointed at by -.Fa in -and -.Fa out -must be 64 bits in length, no less. -If they are larger, everything after the first 64 bits is ignored. -.Pp -The mode functions -.Fn BF_cbc_encrypt , -.Fn BF_cfb64_encrypt , -and -.Fn BF_ofb64_encrypt -all operate on variable length data. -They all take an initialization vector -.Fa ivec -which needs to be passed along into the next call of the same function -for the same message. -.Fa ivec -may be initialized with anything, but the recipient needs to know what -it was initialized with, or it won't be able to decrypt. -Some programs and protocols simplify this, like SSH, where -.Fa ivec -is simply initialized to zero. -.Fn BF_cbc_encrypt -operates on data that is a multiple of 8 bytes long, while -.Fn BF_cfb64_encrypt -and -.Fn BF_ofb64_encrypt -are used to encrypt a variable number of bytes (the amount -does not have to be an exact multiple of 8). -The purpose of the latter two is to simulate stream ciphers and, -therefore, they need the parameter -.Fa num , -which is a pointer to an integer where the current offset in -.Fa ivec -is stored between calls. -This integer must be initialized to zero when -.Fa ivec -is initialized. -.Pp -.Fn BF_cbc_encrypt -is the Cipher Block Chaining function for Blowfish. -It encrypts or decrypts the 64-bit chunks of -.Fa in -using the key -.Fa schedule , -putting the result in -.Fa out . -.Fa enc -decides if encryption -.Pq Dv BF_ENCRYPT -or decryption -.Pq Dv BF_DECRYPT -shall be performed. -.Fa ivec -must point at an 8-byte long initialization vector. -.Pp -.Fn BF_cfb64_encrypt -is the CFB mode for Blowfish with 64-bit feedback. -It encrypts or decrypts the bytes in -.Fa in -using the key -.Fa schedule , -putting the result in -.Fa out . -.Fa enc -decides if encryption -.Pq Dv BF_ENCRYPT -or decryption -.Pq Dv BF_DECRYPT -shall be performed. -.Fa ivec -must point at an -8-byte long initialization vector. -.Fa num -must point at an integer which must be initially zero. -.Pp -.Fn BF_ofb64_encrypt -is the OFB mode for Blowfish with 64-bit feedback. -It uses the same parameters as -.Fn BF_cfb64_encrypt , -which must be initialized the same way. -.Pp -.Fn BF_encrypt -and -.Fn BF_decrypt -are the lowest level functions for Blowfish encryption. -They encrypt/decrypt the first 64 bits of the vector pointed by -.Fa data , -using the key -.Fa key . -These functions should not be used unless implementing `modes' of Blowfish. -The alternative is to use -.Fn BF_ecb_encrypt . -Be aware that these functions take each 32-bit chunk in host-byte order, -which is little-endian on little-endian platforms -and big-endian on big-endian ones. -.Sh SEE ALSO -.Xr EVP_EncryptInit 3 -.Sh HISTORY -.Fn BF_set_key , -.Fn BF_encrypt , -.Fn BF_ecb_encrypt , -.Fn BF_cbc_encrypt , -.Fn BF_cfb64_encrypt , -and -.Fn BF_ofb64_encrypt -first appeared in SSLeay 0.6.6. -.Fn BF_decrypt -first appeared in SSLeay 0.9.0. -All these functions have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/BIO_accept.3 b/src/lib/libcrypto/man/BIO_accept.3 deleted file mode 100644 index e2547ac0dd..0000000000 --- a/src/lib/libcrypto/man/BIO_accept.3 +++ /dev/null @@ -1,387 +0,0 @@ -.\" $OpenBSD: BIO_accept.3,v 1.2 2023/04/30 13:38:48 schwarze Exp $ -.\" -.\" Copyright (c) 2022 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: April 30 2023 $ -.Dt BIO_ACCEPT 3 -.Os -.Sh NAME -.\" mentioned in OpenSSL documentation and still used internally in LibreSSL -.Nm BIO_get_host_ip , -.Nm BIO_get_port , -.Nm BIO_get_accept_socket , -.Nm BIO_accept , -.Nm BIO_sock_error , -.Nm BIO_sock_non_fatal_error , -.Nm BIO_sock_should_retry , -.\" used internally in LibreSSL and OpenSSL and not deprecated in OpenSSL -.Nm BIO_socket_nbio , -.\" mentioned in OpenSSL documentation and not deprecated in OpenSSL -.Nm BIO_set_tcp_ndelay -.\" deprecated in OpenSSL and unused anywhere, hence intentionally undocumented -.\" .Nm BIO_gethostbyname -.\" .Nm BIO_GHBN_CTRL_CACHE_SIZE -.\" .Nm BIO_GHBN_CTRL_FLUSH -.\" .Nm BIO_GHBN_CTRL_GET_ENTRY -.\" .Nm BIO_GHBN_CTRL_HITS -.\" .Nm BIO_GHBN_CTRL_MISSES -.\" .Nm BIO_socket_ioctl -.\" does almost nothing and used very rarely, hence intentionally undocumented -.\" .Nm BIO_sock_init -.\" .Nm BIO_sock_cleanup -.Nd wrappers for socket operations -.Sh SYNOPSIS -.In openssl/bio.h -.Ft int -.Fo BIO_get_host_ip -.Fa "const char *hostname" -.Fa "unsigned char *in_addr_buffer" -.Fc -.Ft int -.Fo BIO_get_port -.Fa "const char *servname" -.Fa "unsigned short *port" -.Fc -.Ft int -.Fo BIO_get_accept_socket -.Fa "char *host_port" -.Fa "int bind_mode" -.Fc -.Ft int -.Fo BIO_accept -.Fa "int socket" -.Fa "char **addr" -.Fc -.Ft int -.Fn BIO_sock_error "int socket" -.Ft int -.Fn BIO_sock_non_fatal_error "int errnum" -.Ft int -.Fn BIO_sock_should_retry "int retval" -.Ft int -.Fn BIO_socket_nbio "int socket" "int mode" -.Ft int -.Fn BIO_set_tcp_ndelay "int socket" "int on" -.Sh DESCRIPTION -.Fn BIO_get_host_ip -looks up one IPv4 address for the given -.Fa hostname -using -.Xr getaddrinfo 3 -and writes the first returned IPv4 address into -.Pf * Fa in_addr_buffer . -The caller is responsible for providing a buffer that is at least -.Fn sizeof in_addr_t -bytes long. -After a successful call, the caller needs to cast -.Fa in_addr_buffer -to -.Pq Vt in_addr_t * . -.Pp -.Fn BIO_get_port -looks up -.Fa servname -in the -.Xr services 5 -database using -.Xr getaddrinfo 3 -and stores the associated port number at the location specified by the -.Fa port -argument. -.Pp -.Fn BIO_get_accept_socket -creates an IPv4 TCP socket and -.Xr listen 2 Ns s -for incoming connections. -The string -.Fa host_port -is parsed. -If it contains a colon, the substring before the colon is interpreted -as a local hostname of the interface to -.Xr bind 2 -to. -If the hostname is empty, consists of a single asterisk -.Pq Qq *:... , -or if there is no colon, -.Dv INADDR_ANY -is used instead of a local hostname. -The rest of the string -.Fa host_port , -or the whole string if it contains no colon, -is treated as a service name. -The hostname and the service name are converted to a local IP address -and port number using -.Xr getaddrinfo 3 . -If -.Fa bind_mode -is the constant -.Dv BIO_BIND_REUSEADDR , -allowing local address reuse is attempted using -.Xr setsockopt 2 -with an argument of -.Dv SO_REUSEADDR -before calling -.Xr bind 2 . -.Pp -.Fn BIO_accept -calls -.Xr accept 2 -to receive one connection on the -.Fa socket . -When it receives a connection, it -.Xr free 3 Ns s -.Pf * Fa addr , -and if it is an IPv4 connection, it allocates a new string, -writes the peer IP address in dotted decimal form, a colon, -and the decimal port number into the string, and stores a pointer -to the string in -.Pf * Fa addr . -For other address families or if -.Xr getnameinfo 3 -or memory allocation fails, -.Pf * Fa addr -is set to -.Dv NULL -but -.Fn BIO_accept -succeeds anyway. -.Pp -.Fn BIO_sock_error -retrieves, clears, and returns the error status code of the -.Fa socket -by calling -.Xr getsockopt 2 -with arguments -.Dv SOL_SOCKET -and -.Dv SO_ERROR . -.Pp -.Fn BIO_sock_non_fatal_error -determines whether the error status code -.Fa errnum -represents a recoverable error. -.Pp -.Fn BIO_sock_should_retry -determines whether a recoverable error occurred by inspecting both -.Xr errno 2 -and -.Fa retval , -which is supposed to usually be -the return value of a previously called function like -.Fn BIO_accept , -.Xr BIO_read 3 , -or -.Xr BIO_write 3 . -.Pp -If -.Fa mode -is non-zero, -.Fn BIO_socket_nbio -switches the -.Fa socket -to non-blocking mode using -.Xr fcntl 2 . -If -.Fa mode -is 0, it switches to blocking mode. -.Pp -.Fn BIO_set_tcp_ndelay -sets the -.Dv TCP_NODELAY -option on the -.Fa socket -if -.Fa on -is 1 or clears it if -.Fa on -is 0; see -.Xr tcp 4 -for details. -.Sh RETURN VALUES -.Fn BIO_get_host_ip , -.Fn BIO_get_port , -and -.Fn BIO_socket_nbio -return 1 on success or 0 on failure. -.Pp -.Fn BIO_get_accept_socket -returns the file descriptor of the newly created listening socket or \-1 if -.Fa host_port -is -.Dv NULL , -no service is specified, or -.Xr getaddrinfo 3 , -.Xr socket 2 , -.Xr bind 2 , -.Xr listen 2 , -or memory allocation fails. -.Pp -.Fn BIO_accept -returns the file descriptor of the received connection, -\-1 on fatal errors, that is, when -.Fa addr -is -.Dv NULL -or -.Xr accept 2 -fails fatally, or \-2 when -.Xr accept 2 -fails in a non-fatal way and might succeed when retried later. -.Pp -.Fn BIO_sock_error -returns an error status code like -.Dv EAGAIN , -.Dv ECONNABORTED , -.Dv ECONNREFUSED , -.Dv ECONNRESET , -.Dv ELOOP , -.Dv EMSGSIZE , -.Dv ENOBUFS , -.Dv ENOTCONN , -.Dv EPIPE , -.Dv ETIMEDOUT , -or others, 0 if the -.Fa socket -is not in an error state, or 1 if -.Xr getsockopt 2 -fails. -.Pp -.Fn BIO_sock_non_fatal_error -returns 1 if -.Fa errnum -is -.Dv EAGAIN , -.Dv EALREADY , -.Dv EINPROGRESS , -.Dv EINTR , -or -.Dv ENOTCONN -and 0 otherwise, even if -.Fa errnum -is 0. -.Pp -.Fn BIO_sock_should_retry -returns 1 if -.Fn BIO_sock_non_fatal_error errno -is 1 and -.Fa retval -is either 0 or \-1, or 0 otherwise. -.Pp -.Fn BIO_set_tcp_ndelay -returns 0 on success or \-1 on failure. -.Sh ERRORS -If -.Fn BIO_get_host_ip , -.Fn BIO_get_port , -or -.Fn BIO_get_accept_socket -fail or -.Fn BIO_accept -fails fatally, the following diagnostics can be retrieved with -.Xr ERR_get_error 3 , -.Xr ERR_GET_REASON 3 , -and -.Xr ERR_reason_error_string 3 : -.Bl -tag -width Ds -.It Dv BIO_R_ACCEPT_ERROR Qq "accept error" -.Xr accept 2 -failed fatally in -.Fn BIO_accept . -.It Dv BIO_R_BAD_HOSTNAME_LOOKUP Qq "bad hostname lookup" -.Xr getaddrinfo 3 -failed or -.Fa hostname -was -.Dv NULL -in -.Fn BIO_get_host_ip , -or -.Xr getaddrinfo 3 -failed in -.Fn BIO_get_accept_socket . -.It Dv BIO_R_INVALID_ARGUMENT Qq "invalid argument" -.Xr getaddrinfo 3 -failed in -.Fn BIO_get_port . -.It Dv ERR_R_MALLOC_FAILURE Qq "malloc failure" -Memory allocation failed in -.Fn BIO_get_accept_socket , -or -.Fn BIO_accept -.Em succeeded -but was unable to allocate memory for -.Pf * Fa addr . -For -.Fn BIO_accept , -the returned file descriptor is valid, -and communication with the peer can be attempted using it. -.It Dv BIO_R_NO_PORT_SPECIFIED Qq "no port specified" -The -.Fa servname -argument was -.Dv NULL -in -.Fn BIO_get_port , -or -.Fa host_port -was -.Dv NULL -or ended after the first colon in -.Fn BIO_get_accept_socket . -.It Dv BIO_R_NULL_PARAMETER Qq "null parameter" -The -.Fa addr -argument was -.Dv NULL -in -.Fn BIO_accept . -.It Dv BIO_R_UNABLE_TO_BIND_SOCKET Qq "unable to bind socket" -.Xr bind 2 -failed in -.Fn BIO_get_accept_socket . -.It Dv BIO_R_UNABLE_TO_CREATE_SOCKET Qq "unable to create socket" -.Xr socket 2 -failed in -.Fn BIO_get_accept_socket . -.It Dv BIO_R_UNABLE_TO_LISTEN_SOCKET Qq "unable to listen socket" -.Xr listen 2 -failed in -.Fn BIO_get_accept_socket . -.El -.Sh SEE ALSO -.Xr bind 2 , -.Xr connect 2 , -.Xr errno 2 , -.Xr fcntl 2 , -.Xr getsockopt 2 , -.Xr listen 2 , -.Xr sigaction 2 , -.Xr socket 2 , -.Xr BIO_new 3 , -.Xr BIO_read 3 , -.Xr getaddrinfo 3 , -.Xr ip 4 , -.Xr tcp 4 -.Sh HISTORY -.Fn BIO_sock_should_retry -first appeared in SSLeay 0.6.5 and the other functions except -.Fn BIO_socket_nbio -in SSLeay 0.8.0. -They have all been available since -.Ox 2.4 . -.Pp -.Fn BIO_socket_nbio -first appeared in SSLeay 0.9.1 and has been available since -.Ox 2.6 . diff --git a/src/lib/libcrypto/man/BIO_ctrl.3 b/src/lib/libcrypto/man/BIO_ctrl.3 deleted file mode 100644 index 2c537956e1..0000000000 --- a/src/lib/libcrypto/man/BIO_ctrl.3 +++ /dev/null @@ -1,637 +0,0 @@ -.\" $OpenBSD: BIO_ctrl.3,v 1.25 2023/11/16 20:19:23 schwarze Exp $ -.\" full merge up to: OpenSSL 24a535eaf Tue Sep 22 13:14:20 2020 +0100 -.\" selective merge up to: OpenSSL 0c5bc96f Tue Mar 15 13:57:22 2022 +0000 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 16 2023 $ -.Dt BIO_CTRL 3 -.Os -.Sh NAME -.Nm BIO_ctrl , -.Nm BIO_callback_ctrl , -.Nm BIO_ptr_ctrl , -.Nm BIO_int_ctrl , -.Nm BIO_reset , -.Nm BIO_seek , -.Nm BIO_tell , -.Nm BIO_flush , -.Nm BIO_eof , -.Nm BIO_set_close , -.Nm BIO_get_close , -.Nm BIO_pending , -.Nm BIO_wpending , -.Nm BIO_ctrl_pending , -.Nm BIO_ctrl_wpending , -.Nm BIO_get_info_callback , -.Nm BIO_set_info_callback , -.Nm BIO_info_cb , -.Nm bio_info_cb -.Nd BIO control operations -.Sh SYNOPSIS -.In openssl/bio.h -.Ft long -.Fo BIO_ctrl -.Fa "BIO *b" -.Fa "int cmd" -.Fa "long larg" -.Fa "void *parg" -.Fc -.Ft long -.Fo BIO_callback_ctrl -.Fa "BIO *b" -.Fa "int cmd" -.Fa "BIO_info_cb *cb" -.Fc -.Ft char * -.Fo BIO_ptr_ctrl -.Fa "BIO *b" -.Fa "int cmd" -.Fa "long larg" -.Fc -.Ft long -.Fo BIO_int_ctrl -.Fa "BIO *b" -.Fa "int cmd" -.Fa "long larg" -.Fa "int iarg" -.Fc -.Ft int -.Fo BIO_reset -.Fa "BIO *b" -.Fc -.Ft int -.Fo BIO_seek -.Fa "BIO *b" -.Fa "int ofs" -.Fc -.Ft int -.Fo BIO_tell -.Fa "BIO *b" -.Fc -.Ft int -.Fo BIO_flush -.Fa "BIO *b" -.Fc -.Ft int -.Fo BIO_eof -.Fa "BIO *b" -.Fc -.Ft int -.Fo BIO_set_close -.Fa "BIO *b" -.Fa "long flag" -.Fc -.Ft int -.Fo BIO_get_close -.Fa "BIO *b" -.Fc -.Ft int -.Fo BIO_pending -.Fa "BIO *b" -.Fc -.Ft int -.Fo BIO_wpending -.Fa "BIO *b" -.Fc -.Ft size_t -.Fo BIO_ctrl_pending -.Fa "BIO *b" -.Fc -.Ft size_t -.Fo BIO_ctrl_wpending -.Fa "BIO *b" -.Fc -.Ft int -.Fo BIO_get_info_callback -.Fa "BIO *b" -.Fa "BIO_info_cb **cbp" -.Fc -.Ft int -.Fo BIO_set_info_callback -.Fa "BIO *b" -.Fa "BIO_info_cb *cb" -.Fc -.Ft typedef int -.Fo BIO_info_cb -.Fa "BIO *b" -.Fa "int state" -.Fa "int res" -.Fc -.Ft typedef int -.Fo bio_info_cb -.Fa "BIO *b" -.Fa "int state" -.Fa "int res" -.Fc -.Sh DESCRIPTION -.Fn BIO_ctrl , -.Fn BIO_callback_ctrl , -.Fn BIO_ptr_ctrl , -and -.Fn BIO_int_ctrl -are BIO "control" operations taking arguments of various types. -These functions are not normally called directly - -various macros are used instead. -The standard macros are described below. -Macros specific to a particular type of BIO -are described in the specific BIO's manual page -as well as any special features of the standard calls. -.Pp -Depending on the -.Fa cmd -and on the type of -.Fa b , -.Fn BIO_ctrl -may have a read-only effect on -.Fa b -or change data in -.Fa b -or in its sub-structures. -It may also have a side effect of changing the memory pointed to by -.Fa parg . -.Pp -.Fn BIO_callback_ctrl -does not call -.Fn BIO_ctrl -but instead requires that the BIO type of -.Fa b -provides a dedicated -.Fa callback_ctrl -function pointer, which is built into the library for some standard BIO -types and can be provided with -.Xr BIO_meth_set_callback_ctrl 3 -for application-defined BIO types. -The only -.Fa cmd -supported by -.Fn BIO_callback_ctrl -is -.Dv BIO_CTRL_SET_CALLBACK . -.Pp -.Fn BIO_ptr_ctrl -calls -.Fn BIO_ctrl -with -.Fa parg -pointing to the location of a temporary pointer variable initialized to -.Dv NULL . -.Pp -.Fn BIO_int_ctrl -calls -.Fn BIO_ctrl -with -.Fa parg -pointing to the location of a temporary -.Vt int -variable initialized to -.Fa iarg . -If -.Fn BIO_ctrl -changes the value stored at -.Pf * Fa parg , -the new value is ignored. -.Pp -.Fn BIO_reset -typically resets a BIO to some initial state. -In the case of file related BIOs, for example, -it rewinds the file pointer to the start of the file. -.Pp -.Fn BIO_seek -resets a file related BIO's (that is file descriptor and -FILE BIOs) file position pointer to -.Fa ofs -bytes from start of file. -.Pp -.Fn BIO_tell -returns the current file position of a file related BIO. -.Pp -.Fn BIO_flush -normally writes out any internally buffered data. -In some cases it is used to signal EOF and that no more data will be written. -.Pp -.Fn BIO_eof -returns 1 if the BIO has read EOF. -The precise meaning of "EOF" varies according to the BIO type. -.Pp -.Fn BIO_set_close -sets the BIO -.Fa b -close flag to -.Fa flag . -.Fa flag -can take the value -.Dv BIO_CLOSE -or -.Dv BIO_NOCLOSE . -Typically -.Dv BIO_CLOSE -is used in a source/sink BIO to indicate that the underlying I/O stream -should be closed when the BIO is freed. -.Pp -.Fn BIO_get_close -returns the BIO's close flag. -.Pp -.Fn BIO_pending , -.Fn BIO_ctrl_pending , -.Fn BIO_wpending , -and -.Fn BIO_ctrl_wpending -return the number of pending characters in the BIO's read and write buffers. -Not all BIOs support these calls. -.Fn BIO_ctrl_pending -and -.Fn BIO_ctrl_wpending -return a -.Vt size_t -type and are functions. -.Pp -.Fn BIO_set_info_callback -installs the function pointer -.Fa cb -as an info callback in -.Fa b -by calling -.Fn BIO_callback_ctrl -with a command of -.Dv BIO_CTRL_SET_CALLBACK . -Among the BIO types built into the library, only -.Xr BIO_s_connect 3 -and -.Xr BIO_f_ssl 3 -support this functionality. -Some filter BIO types forward this control call -to the next BIO in the chain instead of processing it themselves. -.Pp -.Fn BIO_get_info_callback -places the function pointer to the info callback into -.Pf * Fa cbp -if any was installed using -.Fn BIO_set_info_callback -or -.Fn BIO_callback_ctrl . -If the type of -.Fa b -supports setting an info callback but none was installed, it stores a -.Dv NULL -pointer in -.Pf * Fa cbp . -.Pp -The function type name -.Vt bio_info_cb -is a deprecated synonym for -.Vt BIO_info_cb -provided for backward compatibility with some existing application software. -.Pp -The following -.Fa cmd -constants correspond to macros: -.Bl -column BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT BIO_set_ssl_renegotiate_timeout(3) -.It Fa cmd No constant Ta corresponding macro -.It Dv BIO_C_DESTROY_BIO_PAIR Ta Xr BIO_destroy_bio_pair 3 -.It Dv BIO_C_DO_STATE_MACHINE Ta Xr BIO_do_handshake 3 -.It Dv BIO_C_FILE_SEEK Ta Fn BIO_seek -.It Dv BIO_C_FILE_TELL Ta Fn BIO_tell -.It Dv BIO_C_GET_ACCEPT Ta Xr BIO_get_accept_port 3 -.It Dv BIO_C_GET_BIND_MODE Ta Xr BIO_get_bind_mode 3 -.It Dv BIO_C_GET_BUF_MEM_PTR Ta Xr BIO_get_mem_ptr 3 -.It Dv BIO_C_GET_BUFF_NUM_LINES Ta Xr BIO_get_buffer_num_lines 3 -.It Dv BIO_C_GET_CIPHER_CTX Ta Xr BIO_get_cipher_ctx 3 -.It Dv BIO_C_GET_CIPHER_STATUS Ta Xr BIO_get_cipher_status 3 -.It Dv BIO_C_GET_FD Ta Xr BIO_get_fd 3 -.It Dv BIO_C_GET_FILE_PTR Ta Xr BIO_get_fp 3 -.It Dv BIO_C_GET_MD Ta Xr BIO_get_md 3 -.It Dv BIO_C_GET_MD_CTX Ta Xr BIO_get_md_ctx 3 -.It Dv BIO_C_GET_READ_REQUEST Ta Xr BIO_get_read_request 3 -.It Dv BIO_C_GET_SSL Ta Xr BIO_get_ssl 3 -.It Dv BIO_C_GET_SSL_NUM_RENEGOTIATES Ta Xr BIO_get_num_renegotiates 3 -.It Dv BIO_C_GET_WRITE_BUF_SIZE Ta Xr BIO_get_write_buf_size 3 -.It Dv BIO_C_GET_WRITE_GUARANTEE Ta Xr BIO_get_write_guarantee 3 -.It Dv BIO_C_MAKE_BIO_PAIR Ta Xr BIO_make_bio_pair 3 -.It Dv BIO_C_RESET_READ_REQUEST Ta Xr BIO_ctrl_reset_read_request 3 -.It Dv BIO_C_SET_BIND_MODE Ta Xr BIO_set_bind_mode 3 -.It Dv BIO_C_SET_BUF_MEM Ta Xr BIO_set_mem_buf 3 -.It Dv BIO_C_SET_BUF_MEM_EOF_RETURN Ta Xr BIO_set_mem_eof_return 3 -.It Dv BIO_C_SET_BUFF_READ_DATA Ta Xr BIO_set_buffer_read_data 3 -.It Dv BIO_C_SET_FD Ta Xr BIO_set_fd 3 -.It Dv BIO_C_SET_FILE_PTR Ta Xr BIO_set_fp 3 -.It Dv BIO_C_SET_MD Ta Xr BIO_set_md 3 -.It Dv BIO_C_SET_MD_CTX Ta Xr BIO_set_md_ctx 3 -.It Dv BIO_C_SET_NBIO Ta Xr BIO_set_nbio 3 -.It Dv BIO_C_SET_SSL Ta Xr BIO_set_ssl 3 -.It Dv BIO_C_SET_SSL_RENEGOTIATE_BYTES Ta Xr BIO_set_ssl_renegotiate_bytes 3 -.It Dv BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT Ta Xr BIO_set_ssl_renegotiate_timeout 3 -.It Dv BIO_C_SET_WRITE_BUF_SIZE Ta Xr BIO_set_write_buf_size 3 -.It Dv BIO_C_SHUTDOWN_WR Ta Xr BIO_shutdown_wr 3 -.It Dv BIO_C_SSL_MODE Ta Xr BIO_set_ssl_mode 3 -.It Dv BIO_CTRL_DGRAM_CONNECT Ta Xr BIO_ctrl_dgram_connect 3 -.It Dv BIO_CTRL_DGRAM_GET_PEER Ta Xr BIO_dgram_get_peer 3 -.It Dv BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP Ta Xr BIO_dgram_recv_timedout 3 -.It Dv BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP Ta Xr BIO_dgram_send_timedout 3 -.It Dv BIO_CTRL_DGRAM_SET_CONNECTED Ta Xr BIO_ctrl_set_connected 3 -.It Dv BIO_CTRL_DGRAM_SET_PEER Ta Xr BIO_dgram_set_peer 3 -.It Dv BIO_CTRL_DUP Ta Xr BIO_dup_state 3 -.It Dv BIO_CTRL_EOF Ta Fn BIO_eof -.It Dv BIO_CTRL_FLUSH Ta Fn BIO_flush -.It Dv BIO_CTRL_GET_CALLBACK Ta Fn BIO_get_info_callback -.It Dv BIO_CTRL_GET_CLOSE Ta Fn BIO_get_close -.It Dv BIO_CTRL_INFO Ta Xr BIO_get_mem_data 3 -.It Dv BIO_CTRL_PENDING Ta Fn BIO_pending -.It Dv BIO_CTRL_RESET Ta Fn BIO_reset -.It Dv BIO_CTRL_SET_CALLBACK Ta Fn BIO_set_info_callback -.It Dv BIO_CTRL_SET_CLOSE Ta Fn BIO_set_close -.It Dv BIO_CTRL_WPENDING Ta Fn BIO_wpending -.El -.Pp -A few -.Fa cmd -constants serve more than one macro each -and are documented in the following manual pages: -.Bl -column BIO_C_SET_BUFF_SIZE BIO_s_connect(3) -offset 3n -.It Fa cmd No constant Ta manual page -.It Dv BIO_C_GET_CONNECT Ta Xr BIO_s_connect 3 -.It Dv BIO_C_SET_ACCEPT Ta Xr BIO_s_accept 3 -.It Dv BIO_C_SET_BUFF_SIZE Ta Xr BIO_f_buffer 3 -.It Dv BIO_C_SET_CONNECT Ta Xr BIO_s_connect 3 -.It Dv BIO_C_SET_FILENAME Ta Xr BIO_s_file 3 -.El -.Pp -Some -.Fa cmd -constants are not associated with any macros. -They are documented in the following manual pages: -.Bl -column BIO_CTRL_DGRAM_SET_RECV_TIMEOUT BIO_dgram_recv_timedout(3)\ - -offset 3n -.It Fa cmd No constant Ta manual page -.\" The following constants are intentionally undocumented because -.\" BIO_f_asn1 has been removed from the public API. -.\" .It Dv BIO_C_GET_EX_ARG Ta Xr BIO_f_asn1 3 -.\" .It Dv BIO_C_SET_EX_ARG Ta Xr BIO_f_asn1 3 -.It Dv BIO_CTRL_DGRAM_GET_FALLBACK_MTU Ta Xr BIO_dgram_set_peer 3 -.It Dv BIO_CTRL_DGRAM_GET_MTU Ta Xr BIO_dgram_set_peer 3 -.It Dv BIO_CTRL_DGRAM_GET_RECV_TIMEOUT Ta Xr BIO_dgram_recv_timedout 3 -.It Dv BIO_CTRL_DGRAM_GET_SEND_TIMEOUT Ta Xr BIO_dgram_send_timedout 3 -.It Dv BIO_CTRL_DGRAM_SET_MTU Ta Xr BIO_dgram_set_peer 3 -.It Dv BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT Ta Xr BIO_dgram_recv_timedout 3 -.It Dv BIO_CTRL_DGRAM_SET_RECV_TIMEOUT Ta Xr BIO_dgram_recv_timedout 3 -.It Dv BIO_CTRL_DGRAM_SET_SEND_TIMEOUT Ta Xr BIO_dgram_send_timedout 3 -.It Dv BIO_CTRL_DGRAM_MTU_EXCEEDED Ta Xr BIO_s_datagram 3 -.It Dv BIO_CTRL_POP Ta Xr BIO_pop 3 -.It Dv BIO_CTRL_PUSH Ta Xr BIO_push 3 -.El -.Sh RETURN VALUES -The meaning of the return values of -.Fn BIO_ctrl , -.Fn BIO_callback_ctrl , -and -.Fn BIO_int_ctrl -depends on both the type of -.Fa b -and on the -.Fa cmd . -If -.Fa b -is a -.Dv NULL -pointer, no action occurs and 0 is returned. -The return value \-2 usually indicates a fatal error. -In particular, it is returned if the -.Fa cmd -is unsupported by the type of -.Fa b . -.Pp -.Fn BIO_callback_ctrl -and -.Fn BIO_set_info_callback -return 1 on success, 0 if -.Fa b -is -.Dv NULL -or to indicate failure of a valid -.Fa cmd , -or \-2 if the -.Fa cmd -is not supported by -.Fa b . -.Pp -.Fn BIO_ptr_ctrl -returns -.Dv NULL -if the -.Fn BIO_ctrl -call returns a negative value or does not change -.Pf * Fa parg , -or the pointer it puts into -.Pf * Fa parg -otherwise. -.Pp -.Fn BIO_int_ctrl -returns the return value of -.Fn BIO_ctrl . -.Pp -.Fn BIO_reset -normally returns 1 for success and 0 or -1 for failure. -File BIOs are an exception, returning 0 for success and -1 for failure. -.Pp -.Fn BIO_seek -and -.Fn BIO_tell -both return the current file position on success -and -1 for failure, except file BIOs which for -.Fn BIO_seek -always return 0 for success and -1 for failure. -.Pp -.Fn BIO_flush -returns 1 for success and 0 or -1 for failure. -.Pp -.Fn BIO_eof -returns 1 if EOF has been reached or 0 otherwise. -.Pp -.Fn BIO_set_close -always returns 1. -.Pp -.Fn BIO_get_close -returns the close flag value -.Dv BIO_CLOSE -or -.Dv BIO_NOCLOSE . -.Pp -.Fn BIO_pending , -.Fn BIO_ctrl_pending , -.Fn BIO_wpending , -and -.Fn BIO_ctrl_wpending -return the amount of pending data. -.Pp -.Fn BIO_get_info_callback -returns 1 on success, including when the type of -.Fa b -supports an info callback but none is installed, -0 if -.Fa b -is -.Dv NULL -or \-2 if the type of -.Fa b -does not support an info callback. -.Pp -If a callback was installed in -.Fa b -using -.Xr BIO_set_callback_ex 3 -or -.Xr BIO_set_callback 3 , -it can modify the return values of all these functions. -.Sh NOTES -Because it can write data, -.Fn BIO_flush -may return 0 or -1 indicating that the call should be retried later -in a similar manner to -.Xr BIO_write 3 . -The -.Xr BIO_should_retry 3 -call should be used and appropriate action taken if the call fails. -.Pp -The return values of -.Fn BIO_pending -and -.Fn BIO_wpending -may not reliably determine the amount of pending data in all cases. -For example in the case of a file BIO some data may be available in the -.Vt FILE -structure's internal buffers but it is not possible -to determine this in a portable way. -For other types of BIO they may not be supported. -.Pp -If they do not internally handle a particular -.Fn BIO_ctrl -operation, filter BIOs usually pass the operation -to the next BIO in the chain. -This often means there is no need to locate the required BIO for -a particular operation: it can be called on a chain and it will -be automatically passed to the relevant BIO. -However, this can cause unexpected results. -For example no current filter BIOs implement -.Fn BIO_seek , -but this may still succeed if the chain ends -in a FILE or file descriptor BIO. -.Pp -Source/sink BIOs return a 0 if they do not recognize the -.Fn BIO_ctrl -operation. -.Sh SEE ALSO -.Xr BIO_meth_new 3 , -.Xr BIO_new 3 -.Sh HISTORY -.Fn BIO_ctrl , -.Fn BIO_reset , -.Fn BIO_flush , -.Fn BIO_eof , -.Fn BIO_set_close , -.Fn BIO_get_close , -and -.Fn BIO_pending -first appeared in SSLeay 0.6.0. -.Fn BIO_wpending -first appeared in SSLeay 0.8.1. -.Fn BIO_ptr_ctrl , -.Fn BIO_int_ctrl , -.Fn BIO_get_info_callback -and -.Fn BIO_set_info_callback -first appeared in SSLeay 0.9.0. -All these functions have been available since -.Ox 2.4 . -.Pp -.Fn BIO_seek -and -.Fn BIO_tell -first appeared in SSLeay 0.9.1. -.Fn BIO_ctrl_pending -and -.Fn BIO_ctrl_wpending -first appeared in OpenSSL 0.9.4. -These functions have been available since -.Ox 2.6 . -.Pp -.Fn BIO_callback_ctrl -first appeared in OpenSSL 0.9.5 and has been available since -.Ox 2.7 . -.Pp -.Fn bio_info_cb -first appeared with a more complicated prototype in OpenSSL 0.9.6 -and has been available since -.Ox 2.9 . -.Pp -.Fn BIO_info_cb -first appeared in OpenSSL 1.1.0h and has been available since -.Ox 6.3 . -.Sh BUGS -Some of the return values are ambiguous and care should be taken. -In particular a return value of 0 can be returned if an operation -is not supported, if an error occurred, if EOF has not been reached -and in the case of -.Fn BIO_seek -on a file BIO for a successful operation. diff --git a/src/lib/libcrypto/man/BIO_dump.3 b/src/lib/libcrypto/man/BIO_dump.3 deleted file mode 100644 index 8817f0c4ca..0000000000 --- a/src/lib/libcrypto/man/BIO_dump.3 +++ /dev/null @@ -1,128 +0,0 @@ -.\" $OpenBSD: BIO_dump.3,v 1.4 2022/12/20 15:34:03 schwarze Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: December 20 2022 $ -.Dt BIO_DUMP 3 -.Os -.Sh NAME -.Nm BIO_dump , -.Nm BIO_dump_indent , -.Nm BIO_dump_fp , -.Nm BIO_dump_indent_fp -.\" intentionally undocumented because nothing uses these two functions: -.\" .Nm BIO_dump_cb -.\" .Nm BIO_dump_indent_cb -.Nd hexadecimal printout of arbitrary byte arrays -.Sh SYNOPSIS -.In openssl/bio.h -.Ft int -.Fo BIO_dump -.Fa "BIO *b" -.Fa "const char *s" -.Fa "int len" -.Fc -.Ft int -.Fo BIO_dump_indent -.Fa "BIO *b" -.Fa "const char *s" -.Fa "int len" -.Fa "int indent" -.Fc -.Ft int -.Fo BIO_dump_fp -.Fa "FILE *fp" -.Fa "const char *s" -.Fa "int len" -.Fc -.Ft int -.Fo BIO_dump_indent_fp -.Fa "FILE *fp" -.Fa "const char *s" -.Fa "int len" -.Fa "int indent" -.Fc -.Sh DESCRIPTION -.Fn BIO_dump -prints -.Fa len -bytes starting at -.Fa s -to -.Fa bio -in hexadecimal format. -.Pp -The first column of output contains the index, in the byte array starting at -.Fa s , -of the first byte shown on the respective output line, expressed as a -four-digit hexadecimal number starting at 0000, followed by a dash. -After the dash, sixteen bytes of data are printed as two-digit -hexadecimal numbers, respecting the order in which they appear in -the array -.Fa s . -Another dash is printed after the eighth column. -.Pp -To the right of the hexadecimal representation of the bytes, -the same bytes are printed again, this time as ASCII characters. -Non-printable ASCII characters are replaced with dots. -.Pp -Trailing space characters and NUL bytes are omitted from the main table. -If there are any, an additional line is printed, consisting of the -.Fa len -argument as a four-digit hexadecimal number, a dash, and the fixed string -.Qq . -.Pp -.Fn BIO_dump_indent -is similar except that -.Fa indent -space characters are prepended to each output line. -If -.Fa indent -is 7 or more, the number of data columns is reduced such that the -total width of the output does not exceed 79 characters per line. -.Pp -.Fn BIO_dump_fp -and -.Fn BIO_dump_indent_fp -are similar except that -.Xr fwrite 3 -is used instead of -.Xr BIO_write 3 . -.Sh RETURN VALUES -On success these functions return the total number of bytes written by -.Xr BIO_write 3 -or -.Xr fwrite 3 . -If a failure occurs at any point when writing, these -functions will stop after having potentially written out partial results, -and return -1. -.Sh SEE ALSO -.Xr hexdump 1 , -.Xr BIO_new 3 , -.Xr BIO_write 3 -.Sh HISTORY -.Fn BIO_dump -first appeared in SSLeay 0.6.5 and has been available since -.Ox 2.4 . -.Pp -.Fn BIO_dump_indent -first appeared in OpenSSL 0.9.6 and has been available since -.Ox 2.9 . -.Pp -.Fn BIO_dump_fp -and -.Fn BIO_dump_indent_fp -first appeared in OpenSSL 0.9.8 and have been available since -.Ox 4.5 . diff --git a/src/lib/libcrypto/man/BIO_dup_chain.3 b/src/lib/libcrypto/man/BIO_dup_chain.3 deleted file mode 100644 index 5c5e8c6533..0000000000 --- a/src/lib/libcrypto/man/BIO_dup_chain.3 +++ /dev/null @@ -1,141 +0,0 @@ -.\" $OpenBSD: BIO_dup_chain.3,v 1.2 2023/04/09 06:27:52 jsg Exp $ -.\" -.\" Copyright (c) 2022 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: April 9 2023 $ -.Dt BIO_DUP_CHAIN 3 -.Os -.Sh NAME -.Nm BIO_dup_chain , -.Nm BIO_dup_state -.Nd copy a BIO chain -.Sh SYNOPSIS -.In openssl/bio.h -.Ft BIO * -.Fn BIO_dup_chain "BIO *b" -.Ft long -.Fn BIO_dup_state "BIO *b" "BIO *new_bio" -.Sh DESCRIPTION -.Fn BIO_dup_chain -copies the chain starting at -.Fa b -by iteratively copying -.Fa b -and all the BIOs following it -and joining the copies in the same order as in the original chain. -The copying operation is neither a deep copy nor a shallow copy. -.Pp -Some parts of the state of each BIO are copied, -in particular with respect to the values returned by -.Xr BIO_get_init 3 , -.Xr BIO_test_flags 3 , -and -.Xr BIO_get_shutdown 3 . -.\" XXX new_bio->num = bio->num; -Other parts of the state of the BIOs are not copied -but instead initialized to 0, -in particular with respect to the values returned by -.Xr BIO_number_read 3 , -.Xr BIO_number_written 3 , -and -.Xr BIO_get_retry_reason 3 . -The custom data pointer that can be used by custom BIO types -and that can be retrieved with -.Xr BIO_get_data 3 -is set to -.Dv NULL -in the copied BIO objects rather than copied. -The reference count of each BIO in the copied chain is set to 1. -.Pp -For each BIO in the chain, copying the data that was set with -.Xr BIO_set_ex_data 3 -is attempted, which may involve calling application-defined -callback functions. -.Pp -The following pointers are copied -rather than creating deep copies of the objects pointed to: -.Bl -bullet -.It -The -.Fa type -pointer used for creating each BIO with -.Xr BIO_new 3 , -implying that functions like -.Xr BIO_method_name 3 -return pointers to the same strings for the BIOs in the copied chain, -and that these strings are not copied. -.It -All function pointers, in particular those installed with -.Xr BIO_set_callback_ex 3 -and -.Xr BIO_get_callback_ex 3 . -.It -The pointer installed with -.Xr BIO_set_callback_arg 3 , -which implies that for BIOs using -.Xr BIO_debug_callback 3 , -those in the copied chain use the same BIOs for debugging output -as the corresponding ones in the original chain, -and none of the debugging output BIOs are copied. -.El -.Pp -.Fn BIO_dup_state -is a macro that calls -.Xr BIO_ctrl 3 -with a -.Fa cmd -argument of -.Dv BIO_CTRL_DUP . -It is automatically called for each BIO during -.Fn BIO_dup_chain -after the copied BIO is initialized and data copied into it, -but before the data set with -.Xr BIO_set_ex_data 3 -is copied into the new BIO and before it is linked into the new chain. -.Pp -This control operation may modify the operation of -.Fn BIO_dup_chain -for particular types of BIOs contained in the chain, -for example initializing or copying additional data. -For BIO types provided by the library, such additional effects -are documented in the respective manual pages, in particular in -.Xr BIO_f_buffer 3 , -.Xr BIO_f_cipher 3 , -.Xr BIO_f_md 3 , -.Xr BIO_f_ssl 3 , -.Xr BIO_s_bio 3 , -and -.Xr BIO_s_connect 3 . -.Sh RETURN VALUES -.Fn BIO_dup_chain -returns a pointer to the newly allocated copy of the BIO -.Fa b -on success or -.Dv NULL -on failure . -.Pp -.Fn BIO_dup_state -returns 1 on success or a value less than or equal to zero on failure. -.Sh SEE ALSO -.Xr BIO_get_data 3 , -.Xr BIO_new 3 , -.Xr BIO_next 3 , -.Xr BIO_push 3 -.Sh HISTORY -.Fn BIO_dup_chain -and -.Fn BIO_dup_state -first appeared in SSLeay 0.8.0 and have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/BIO_f_base64.3 b/src/lib/libcrypto/man/BIO_f_base64.3 deleted file mode 100644 index e4589de035..0000000000 --- a/src/lib/libcrypto/man/BIO_f_base64.3 +++ /dev/null @@ -1,148 +0,0 @@ -.\" $OpenBSD: BIO_f_base64.3,v 1.15 2023/09/11 04:00:40 jsg Exp $ -.\" OpenSSL fc1d88f0 Wed Jul 2 22:42:40 2014 -0400 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000, 2003, 2005, 2014 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: September 11 2023 $ -.Dt BIO_F_BASE64 3 -.Os -.Sh NAME -.Nm BIO_f_base64 -.\" .Nm EVP_ENCODE_LENGTH and -.\" .Nm EVP_DECODE_LENGTH are intentionally undocumented -.\" because they are internal implementation details of BIO_f_base64(3) -.\" and practically unused outside evp/bio_b64.c. -.Nd base64 BIO filter -.Sh SYNOPSIS -.In openssl/bio.h -.In openssl/evp.h -.Ft const BIO_METHOD * -.Fo BIO_f_base64 -.Fa void -.Fc -.Sh DESCRIPTION -.Fn BIO_f_base64 -returns the base64 BIO method. -This is a filter BIO that base64 encodes any data written through it -and decodes any data read through it. -.Pp -Base64 BIOs do not support -.Xr BIO_gets 3 -or -.Xr BIO_puts 3 . -.Pp -.Xr BIO_flush 3 -on a base64 BIO that is being written through -is used to signal that no more data is to be encoded: -this is used to flush the final block through the BIO. -.Pp -To encode the data all on one line and to expect the data to be all -on one line, initialize the base64 BIO as follows: -.Bd -literal -offset indent -BIO *b64 = BIO_new(BIO_f_base64()); -BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL); -.Ed -.Sh RETURN VALUES -.Fn BIO_f_base64 -returns the base64 BIO method. -.Pp -When called on a base64 BIO object, -.Xr BIO_method_type 3 -returns the constant -.Dv BIO_TYPE_BASE64 -and -.Xr BIO_method_name 3 -returns a pointer to the static string -.Qq base64 encoding . -.Sh EXAMPLES -Base64 encode the string "hello, world\en" -and write the result to standard output: -.Bd -literal -offset indent -BIO *bio, *b64; -char message[] = "hello, world\en"; - -b64 = BIO_new(BIO_f_base64()); -bio = BIO_new_fp(stdout, BIO_NOCLOSE); -BIO_push(b64, bio); -BIO_write(b64, message, strlen(message)); -BIO_flush(b64); - -BIO_free_all(b64); -.Ed -.Pp -Read Base64-encoded data from standard input -and write the decoded data to standard output: -.Bd -literal -offset indent -BIO *bio, *b64, *bio_out; -char inbuf[512]; -int inlen; - -b64 = BIO_new(BIO_f_base64()); -bio = BIO_new_fp(stdin, BIO_NOCLOSE); -bio_out = BIO_new_fp(stdout, BIO_NOCLOSE); -BIO_push(b64, bio); -while((inlen = BIO_read(b64, inbuf, 512)) > 0) - BIO_write(bio_out, inbuf, inlen); - -BIO_flush(bio_out); -BIO_free_all(b64); -.Ed -.Sh SEE ALSO -.Xr BIO_new 3 , -.Xr EVP_EncodeInit 3 -.Sh HISTORY -.Fn BIO_f_base64 -first appeared in SSLeay 0.6.5 and has been available since -.Ox 2.4 . -.Sh BUGS -The ambiguity of EOF in base64-encoded data can cause additional -data following the base64-encoded block to be misinterpreted. -.Pp -There should be some way of specifying a test that the BIO can perform -to reliably determine EOF (for example a MIME boundary). diff --git a/src/lib/libcrypto/man/BIO_f_buffer.3 b/src/lib/libcrypto/man/BIO_f_buffer.3 deleted file mode 100644 index a3012c5c5d..0000000000 --- a/src/lib/libcrypto/man/BIO_f_buffer.3 +++ /dev/null @@ -1,262 +0,0 @@ -.\" $OpenBSD: BIO_f_buffer.3,v 1.17 2023/04/29 12:22:08 schwarze Exp $ -.\" full merge up to OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000, 2010, 2015, 2016 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: April 29 2023 $ -.Dt BIO_F_BUFFER 3 -.Os -.Sh NAME -.Nm BIO_f_buffer , -.Nm BIO_get_buffer_num_lines , -.Nm BIO_set_read_buffer_size , -.Nm BIO_set_write_buffer_size , -.Nm BIO_set_buffer_size , -.Nm BIO_set_buffer_read_data -.\" .Nm BIO_buffer_get_num_lines and -.\" .Nm BIO_CTRL_GET are intentionally undocumented. -.\" Contrary to what bio.h says, they do not *not* get some "IO type", -.\" whatever that is supposed to be, but are NOOPs, and nothing uses them. -.Nd buffering BIO -.Sh SYNOPSIS -.In openssl/bio.h -.Ft const BIO_METHOD * -.Fo BIO_f_buffer -.Fa void -.Fc -.Ft long -.Fo BIO_get_buffer_num_lines -.Fa "BIO *b" -.Fc -.Ft long -.Fo BIO_set_read_buffer_size -.Fa "BIO *b" -.Fa "long size" -.Fc -.Ft long -.Fo BIO_set_write_buffer_size -.Fa "BIO *b" -.Fa "long size" -.Fc -.Ft long -.Fo BIO_set_buffer_size -.Fa "BIO *b" -.Fa "long size" -.Fc -.Ft long -.Fo BIO_set_buffer_read_data -.Fa "BIO *b" -.Fa "void *buf" -.Fa "long num" -.Fc -.Sh DESCRIPTION -.Fn BIO_f_buffer -returns the buffering BIO method. -.Pp -Data written to a buffering BIO is buffered and periodically written -to the next BIO in the chain. -Data read from a buffering BIO comes from an internal buffer -which is filled from the next BIO in the chain. -Both -.Xr BIO_gets 3 -and -.Xr BIO_puts 3 -are supported. -.Pp -Calling -.Xr BIO_reset 3 -on a buffering BIO clears any buffered data. -.Pp -.Fn BIO_get_buffer_num_lines -returns the number of lines currently buffered. -.Pp -.Fn BIO_set_read_buffer_size , -.Fn BIO_set_write_buffer_size , -and -.Fn BIO_set_buffer_size -set the read, write or both read and write buffer sizes to -.Fa size . -The initial buffer size is -.Dv DEFAULT_BUFFER_SIZE , -currently 4096. -Any attempt to reduce the buffer size below -.Dv DEFAULT_BUFFER_SIZE -is ignored. -Any buffered data is cleared when the buffer is resized. -.Pp -.Fn BIO_set_buffer_read_data -clears the read buffer and fills it with -.Fa num -bytes of -.Fa buf . -If -.Fa num -is larger than the current buffer size, the buffer is expanded. -.Pp -Buffering BIOs implement -.Xr BIO_gets 3 -by using -.Xr BIO_read 3 -operations on the next BIO in the chain. -By prepending a buffering BIO to a chain -it is therefore possible to provide the functionality of -.Xr BIO_gets 3 -if the following BIOs do not support it (for example SSL BIOs). -.Pp -Data is only written to the next BIO in the chain -when the write buffer fills or when -.Xr BIO_flush 3 -is called. -It is therefore important to call -.Xr BIO_flush 3 -whenever any pending data should be written -such as when removing a buffering BIO using -.Xr BIO_pop 3 . -.Xr BIO_flush 3 -may need to be retried if the ultimate source/sink BIO is non-blocking. -.Pp -When a chain containing a buffering BIO is copied with -.Xr BIO_dup_chain 3 , -.Fn BIO_set_read_buffer_size -and -.Fn BIO_set_write_buffer_size -are called internally to automatically copy both buffer sizes from the -original BIO object to the new one. -.Pp -.Xr BIO_ctrl 3 -.Fa cmd -arguments correspond to macros as follows: -.Bl -column BIO_C_GET_BUFF_NUM_LINES BIO_get_buffer_num_lines() -offset 3n -.It Fa cmd No constant Ta corresponding macro -.It Dv BIO_C_GET_BUFF_NUM_LINES Ta Fn BIO_get_buffer_num_lines -.It Dv BIO_C_SET_BUFF_READ_DATA Ta Fn BIO_set_buffer_read_data -.It Dv BIO_C_SET_BUFF_SIZE Ta Fn BIO_set_buffer_size -.It Dv BIO_CTRL_FLUSH Ta Xr BIO_flush 3 -.It Dv BIO_CTRL_PENDING Ta Xr BIO_pending 3 -.It Dv BIO_CTRL_RESET Ta Xr BIO_reset 3 -.It Dv BIO_CTRL_WPENDING Ta Xr BIO_wpending 3 -.El -.Pp -The -.Fa cmd -constant -.Dv BIO_C_SET_BUFF_SIZE -is special. -It is also used for -.Xr BIO_int_ctrl 3 -with the following -.Fa iarg -arguments: -.Bl -column BIO_C_SET_BUFF_SIZE iarg BIO_set_write_buffer_size() -offset 3n -.It Fa cmd No constant Ta Fa iarg Ta corresponding macro -.It Dv BIO_C_SET_BUFF_SIZE Ta 0 Ta Fn BIO_set_read_buffer_size -.It Ta 1 Ta Fn BIO_set_write_buffer_size -.El -.Sh RETURN VALUES -.Fn BIO_f_buffer -returns the buffering BIO method. -.Pp -When called on a buffering BIO object, -.Xr BIO_method_type 3 -returns the constant -.Dv BIO_TYPE_BUFFER -and -.Xr BIO_method_name 3 -returns a pointer to the static string -.Qq buffer . -.Pp -.Fn BIO_get_buffer_num_lines -returns the number of lines buffered (may be 0). -.Pp -.Fn BIO_set_read_buffer_size , -.Fn BIO_set_write_buffer_size , -and -.Fn BIO_set_buffer_size -return 1 if the buffer was successfully resized or 0 for failure. -.Pp -.Fn BIO_set_buffer_read_data -returns 1 if the data was set correctly or 0 if there was an error. -.Sh SEE ALSO -.Xr BIO_ctrl 3 , -.Xr BIO_flush 3 , -.Xr BIO_new 3 , -.Xr BIO_pop 3 , -.Xr BIO_reset 3 -.Sh HISTORY -.Fn BIO_f_buffer -first appeared in SSLeay 0.6.0. -.Fn BIO_get_buffer_num_lines -and -.Fn BIO_set_buffer_size -first appeared in SSLeay 0.6.5. -.Fn BIO_set_read_buffer_size -and -.Fn BIO_set_write_buffer_size -first appeared in SSLeay 0.8.0. -.Fn BIO_set_buffer_read_data -first appeared in SSLeay 0.9.0. -All these functions have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/BIO_f_cipher.3 b/src/lib/libcrypto/man/BIO_f_cipher.3 deleted file mode 100644 index c5d00c6981..0000000000 --- a/src/lib/libcrypto/man/BIO_f_cipher.3 +++ /dev/null @@ -1,209 +0,0 @@ -.\" $OpenBSD: BIO_f_cipher.3,v 1.16 2023/04/29 12:01:53 schwarze Exp $ -.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000, 2003, 2015, 2016 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: April 29 2023 $ -.Dt BIO_F_CIPHER 3 -.Os -.Sh NAME -.Nm BIO_f_cipher , -.Nm BIO_set_cipher , -.Nm BIO_get_cipher_status , -.Nm BIO_get_cipher_ctx -.\" .Nm BIO_CTRL_SET is intentionally undocumented because it has no effect. -.Nd cipher BIO filter -.Sh SYNOPSIS -.In openssl/bio.h -.In openssl/evp.h -.Ft const BIO_METHOD * -.Fo BIO_f_cipher -.Fa void -.Fc -.Ft int -.Fo BIO_set_cipher -.Fa "BIO *b" -.Fa "const EVP_CIPHER *cipher" -.Fa "unsigned char *key" -.Fa "unsigned char *iv" -.Fa "int enc" -.Fc -.Ft long -.Fo BIO_get_cipher_status -.Fa "BIO *b" -.Fc -.Ft long -.Fo BIO_get_cipher_ctx -.Fa "BIO *b" -.Fa "EVP_CIPHER_CTX **pctx" -.Fc -.Sh DESCRIPTION -.Fn BIO_f_cipher -returns the cipher BIO method. -This is a filter BIO that encrypts any data written through it, -and decrypts any data read from it. -It is a BIO wrapper for the cipher routines -.Xr EVP_CipherInit 3 , -.Xr EVP_CipherUpdate 3 , -and -.Xr EVP_CipherFinal 3 . -.Pp -Cipher BIOs do not support -.Xr BIO_gets 3 -or -.Xr BIO_puts 3 . -.Pp -.Xr BIO_flush 3 -on an encryption BIO that is being written through -is used to signal that no more data is to be encrypted: -this is used to flush and possibly pad the final block through the BIO. -.Pp -.Fn BIO_set_cipher -sets the cipher of BIO -.Fa b -to -.Fa cipher -using key -.Fa key -and IV -.Fa iv . -.Fa enc -should be set to 1 for encryption and zero for decryption. -.Pp -When reading from an encryption BIO, the final block is automatically -decrypted and checked when EOF is detected. -.Fn BIO_get_cipher_status -is a -.Xr BIO_ctrl 3 -macro which can be called to determine -whether the decryption operation was successful. -.Pp -.Fn BIO_get_cipher_ctx -is a -.Xr BIO_ctrl 3 -macro which retrieves the internal BIO cipher context. -The retrieved context can be used in conjunction -with the standard cipher routines to set it up. -This is useful when -.Fn BIO_set_cipher -is not flexible enough for the applications needs. -.Pp -When a chain containing a cipher BIO is copied with -.Xr BIO_dup_chain 3 , -the cipher context is automatically copied from the existing BIO object -to the new one and the init flag that can be retrieved with -.Xr BIO_get_init 3 -is set to 1. -.Pp -When encrypting, -.Xr BIO_flush 3 -must be called to flush the final block through the BIO. -If it is not, then the final block will fail a subsequent decrypt. -.Pp -When decrypting, an error on the final block is signalled -by a zero return value from the read operation. -A successful decrypt followed by EOF -will also return zero for the final read. -.Fn BIO_get_cipher_status -should be called to determine if the decrypt was successful. -.Pp -As always, if -.Xr BIO_gets 3 -or -.Xr BIO_puts 3 -support is needed, then it can be achieved -by preceding the cipher BIO with a buffering BIO. -.Pp -.Xr BIO_ctrl 3 -.Fa cmd -arguments correspond to macros as follows: -.Bl -column BIO_C_GET_CIPHER_STATUS BIO_get_cipher_status() -offset 3n -.It Fa cmd No constant Ta corresponding macro -.It Dv BIO_C_GET_CIPHER_CTX Ta Fn BIO_get_cipher_ctx -.It Dv BIO_C_GET_CIPHER_STATUS Ta Fn BIO_get_cipher_status -.It Dv BIO_CTRL_FLUSH Ta Xr BIO_flush 3 -.It Dv BIO_CTRL_PENDING Ta Xr BIO_pending 3 -.It Dv BIO_CTRL_RESET Ta Xr BIO_reset 3 -.It Dv BIO_CTRL_WPENDING Ta Xr BIO_wpending 3 -.El -.Sh RETURN VALUES -.Fn BIO_f_cipher -returns the cipher BIO method. -.Pp -When called on a cipher BIO object, -.Xr BIO_method_type 3 -returns the constant -.Dv BIO_TYPE_CIPHER -and -.Xr BIO_method_name 3 -returns a pointer to the static string -.Qq cipher . -.Pp -.Fn BIO_set_cipher -returns 1 on success and 0 on error. -.Pp -.Fn BIO_get_cipher_status -returns 1 for a successful decrypt and 0 for failure. -.Pp -.Fn BIO_get_cipher_ctx -currently always returns 1. -.Sh SEE ALSO -.Xr BIO_new 3 , -.Xr EVP_EncryptInit 3 -.Sh HISTORY -.Fn BIO_f_cipher , -.Fn BIO_set_cipher , -and -.Fn BIO_get_cipher_status -first appeared in SSLeay 0.6.5 and have been available since -.Ox 2.4 . -.Pp -.Fn BIO_get_cipher_ctx -first appeared in SSLeay 0.9.1 and has been available since -.Ox 2.6 . diff --git a/src/lib/libcrypto/man/BIO_f_md.3 b/src/lib/libcrypto/man/BIO_f_md.3 deleted file mode 100644 index 279aabc980..0000000000 --- a/src/lib/libcrypto/man/BIO_f_md.3 +++ /dev/null @@ -1,366 +0,0 @@ -.\" $OpenBSD: BIO_f_md.3,v 1.15 2023/04/28 16:20:01 schwarze Exp $ -.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2022, 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000, 2006, 2009, 2016 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: April 28 2023 $ -.Dt BIO_F_MD 3 -.Os -.Sh NAME -.Nm BIO_f_md , -.Nm BIO_set_md , -.Nm BIO_get_md , -.Nm BIO_get_md_ctx , -.Nm BIO_set_md_ctx -.Nd message digest BIO filter -.Sh SYNOPSIS -.In openssl/bio.h -.In openssl/evp.h -.Ft const BIO_METHOD * -.Fo BIO_f_md -.Fa void -.Fc -.Ft long -.Fo BIO_set_md -.Fa "BIO *b" -.Fa "EVP_MD *md" -.Fc -.Ft long -.Fo BIO_get_md -.Fa "BIO *b" -.Fa "EVP_MD **mdp" -.Fc -.Ft long -.Fo BIO_get_md_ctx -.Fa "BIO *b" -.Fa "EVP_MD_CTX **mdcp" -.Fc -.Ft long -.Fo BIO_set_md_ctx -.Fa "BIO *b" -.Fa "EVP_MD_CTX *mdc" -.Fc -.Sh DESCRIPTION -.Fn BIO_f_md -returns the message digest BIO method. -This is a filter BIO that digests any data passed through it. -It is a BIO wrapper for the digest routines -.Xr EVP_DigestInit 3 , -.Xr EVP_DigestUpdate 3 , -and -.Xr EVP_DigestFinal 3 . -.Pp -.Fn BIO_set_md -sets the message digest of -.Fa b -to -.Fa md -and initializes it using -.Xr EVP_DigestInit_ex 3 . -Calling this function is required before any data is passed through -.Fa b . -.Pp -.Fn BIO_get_md -places a pointer to the digest method of -.Fa b -into -.Pf * Fa mdp . -.Pp -Any data written or read through a digest BIO using -.Xr BIO_read 3 -and -.Xr BIO_write 3 -is digested. -.Pp -.Xr BIO_gets 3 , -if its -.Sy size -parameter is large enough, -finishes the digest calculation and returns the digest value. -.Xr BIO_puts 3 -is -not supported. -If an application needs to call -.Xr BIO_gets 3 -or -.Xr BIO_puts 3 -through a chain containing digest BIOs, -this can be done by prepending a buffering BIO. -.Pp -After the digest has been retrieved from a digest BIO, call -.Xr BIO_reset 3 -to reinitialize it and any BIOs following it in its chain -before passing any more data through it. -If no subsequent BIOs require reinitialization, -.Fn BIO_set_md -can be used instead of -.Xr BIO_reset 3 . -.Pp -.Fn BIO_get_md_ctx -places a pointer to the digest context of -.Fa b -into -.Pf * Fa mdcp -and marks the BIO as initialized without actually initializing it. -Unless -.Fn BIO_set_md -was already called on -.Fa b , -the caller becomes responsible for initializing the digest context with -.Xr EVP_DigestInit_ex 3 . -.Pp -The context returned by -.Fn BIO_get_md_ctx -can be used in calls to -.Xr EVP_DigestFinal 3 -and also in the signature routines -.Xr EVP_SignFinal 3 -and -.Xr EVP_VerifyFinal 3 . -.Pp -The context returned by -.Fn BIO_get_md_ctx -is an internal context structure. -Changes made to this context will affect the digest BIO itself, and -the context pointer will become invalid when the digest BIO is freed. -.Pp -.Fn BIO_set_md_ctx -replaces the digest context of -.Fa b -with -.Fa mdc . -Calling this function is usually not necessary -because creating a digest BIO with -.Xr BIO_new 3 -automatically creates a digest context and stores it internally. -Before calling -.Fn BIO_set_md_ctx , -the caller has to retrieve the old context using -.Fn BIO_get_md_ctx , -and the caller also becomes responsible for calling -.Xr EVP_MD_CTX_free 3 -on the old context. -Unless -.Fa mdc -is already initialized, the caller needs to initialize it after calling -.Fn BIO_set_md_ctx -using either -.Fn BIO_set_md -or -.Xr EVP_DigestInit 3 . -.Pp -When a chain containing a message digest BIO is copied with -.Xr BIO_dup_chain 3 , -.Xr EVP_MD_CTX_copy_ex 3 -is called internally to automatically copy the message digest context -from the existing BIO object to the new one, -and the init flag that can be retrieved with -.Xr BIO_get_init 3 -is set to 1. -.Pp -.Xr BIO_ctrl 3 -.Fa cmd -arguments correspond to macros as follows: -.Bl -column BIO_C_GET_MD_CTX "corresponding macro" -offset 3n -.It Fa cmd No constant Ta corresponding macro -.It Dv BIO_C_GET_MD Ta Fn BIO_get_md -.It Dv BIO_C_GET_MD_CTX Ta Fn BIO_get_md_ctx -.It Dv BIO_C_SET_MD Ta Fn BIO_set_md -.It Dv BIO_C_SET_MD_CTX Ta Fn BIO_set_md_ctx -.It Dv BIO_CTRL_RESET Ta Xr BIO_reset 3 -.El -.Sh RETURN VALUES -.Fn BIO_f_md -returns the digest BIO method. -.Pp -When called on a message digest BIO object, -.Xr BIO_method_type 3 -returns the constant -.Dv BIO_TYPE_MD -and -.Xr BIO_method_name 3 -returns a pointer to the static string -.Qq message digest . -.Pp -.Fn BIO_set_md -returns 1 on success or 0 if -.Xr EVP_DigestInit_ex 3 -fails. -.Pp -.Fn BIO_get_md -and -.Fn BIO_set_md_ctx -return 1 on success or 0 if -.Fa b -is not initialized. -.Pp -.Fn BIO_get_md_ctx -returns 1 on success or 0 on failure, -but the current implementation cannot actually fail. -.Sh EXAMPLES -The following example creates a BIO chain containing a SHA-1 and MD5 -digest BIO and passes the string "Hello World" through it. -Error checking has been omitted for clarity. -.Bd -literal -offset 2n -BIO *bio, *mdtmp; -const char message[] = "Hello World"; -bio = BIO_new(BIO_s_null()); -mdtmp = BIO_new(BIO_f_md()); -BIO_set_md(mdtmp, EVP_sha1()); -/* - * For BIO_push() we want to append the sink BIO - * and keep a note of the start of the chain. - */ -bio = BIO_push(mdtmp, bio); -mdtmp = BIO_new(BIO_f_md()); -BIO_set_md(mdtmp, EVP_md5()); -bio = BIO_push(mdtmp, bio); -/* Note: mdtmp can now be discarded */ -BIO_write(bio, message, strlen(message)); -.Ed -.Pp -The next example digests data by reading through a chain instead: -.Bd -literal -offset 2n -BIO *bio, *mdtmp; -char buf[1024]; -int rdlen; - -bio = BIO_new_file(file, "rb"); -mdtmp = BIO_new(BIO_f_md()); -BIO_set_md(mdtmp, EVP_sha1()); -bio = BIO_push(mdtmp, bio); -mdtmp = BIO_new(BIO_f_md()); -BIO_set_md(mdtmp, EVP_md5()); -bio = BIO_push(mdtmp, bio); -do { - rdlen = BIO_read(bio, buf, sizeof(buf)); - /* Might want to do something with the data here */ -} while (rdlen > 0); -.Ed -.Pp -This next example retrieves the message digests from a BIO chain -and outputs them. -This could be used with the examples above. -.Bd -literal -offset 2n -BIO *mdtmp; -unsigned char mdbuf[EVP_MAX_MD_SIZE]; -int mdlen; -int i; - -mdtmp = bio; /* Assume bio has previously been set up */ -do { - EVP_MD *md; - mdtmp = BIO_find_type(mdtmp, BIO_TYPE_MD); - if (!mdtmp) - break; - BIO_get_md(mdtmp, &md); - printf("%s digest", OBJ_nid2sn(EVP_MD_type(md))); - mdlen = BIO_gets(mdtmp, mdbuf, EVP_MAX_MD_SIZE); - for(i = 0; i < mdlen; i++) - printf(":%02X", mdbuf[i]); - printf("\en"); - mdtmp = BIO_next(mdtmp); -} while(mdtmp); -BIO_free_all(bio); -.Ed -.Sh SEE ALSO -.Xr BIO_new 3 , -.Xr EVP_DigestInit 3 -.Sh HISTORY -.Fn BIO_f_md , -.Fn BIO_set_md , -and -.Fn BIO_get_md -first appeared in SSLeay 0.6.0. -.Fn BIO_get_md_ctx -first appeared in SSLeay 0.8.1. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn BIO_set_md_ctx -first appeared in OpenSSL 0.9.7e and has been available since -.Ox 3.8 . -.Pp -Before OpenSSL 1.0.0, the call to -.Fn BIO_get_md_ctx -would only work if the -.Vt BIO -had been initialized, for example by calling -.Fn BIO_set_md . -.Sh BUGS -The lack of support for -.Xr BIO_puts 3 -and the non-standard behaviour of -.Xr BIO_gets 3 -could be regarded as anomalous. -It could be argued that -.Xr BIO_gets 3 -and -.Xr BIO_puts 3 -should be passed to the next BIO in the chain and digest the data -passed through and that digests should be retrieved using a separate -.Xr BIO_ctrl 3 -call. diff --git a/src/lib/libcrypto/man/BIO_f_null.3 b/src/lib/libcrypto/man/BIO_f_null.3 deleted file mode 100644 index 687d991b52..0000000000 --- a/src/lib/libcrypto/man/BIO_f_null.3 +++ /dev/null @@ -1,99 +0,0 @@ -.\" $OpenBSD: BIO_f_null.3,v 1.12 2023/04/11 16:58:43 schwarze Exp $ -.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: April 11 2023 $ -.Dt BIO_F_NULL 3 -.Os -.Sh NAME -.Nm BIO_f_null -.\" .Nm BIO_f_nbio_test is intentionally undocumented -.\" because it exposes absurd functionality that is unused -.\" except in openssl(1) s_client/s_server -nbio_test. -.Nd null filter -.Sh SYNOPSIS -.In openssl/bio.h -.Ft const BIO_METHOD * -.Fo BIO_f_null -.Fa void -.Fc -.Sh DESCRIPTION -.Fn BIO_f_null -returns the null filter BIO method. -This is a filter BIO that does nothing. -As may be apparent, a null filter BIO is not particularly useful. -.Pp -All requests to a null filter BIO are passed through to the next BIO -in the chain: this means that a BIO chain containing a null filter BIO -behaves just as though the BIO was not there. -.Pp -A chain containing a null filter BIO cannot be copied with -.Xr BIO_dup_chain 3 , -and any attempt to do so fails and returns -.Dv NULL . -.Sh RETURN VALUES -.Fn BIO_f_null -returns the null filter BIO method. -.Pp -When called on a null filter BIO object, -.Xr BIO_method_type 3 -returns the constant -.Dv BIO_TYPE_NULL_FILTER -and -.Xr BIO_method_name 3 -returns a pointer to the static string -.Qq NULL filter , -not to be confused with a NUL string nor with a -.Dv NULL pointer . -.Sh SEE ALSO -.Xr BIO_new 3 -.Sh HISTORY -.Fn BIO_f_null -first appeared in SSLeay 0.8.0 and has been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/BIO_find_type.3 b/src/lib/libcrypto/man/BIO_find_type.3 deleted file mode 100644 index 4a9eee7832..0000000000 --- a/src/lib/libcrypto/man/BIO_find_type.3 +++ /dev/null @@ -1,271 +0,0 @@ -.\" $OpenBSD: BIO_find_type.3,v 1.12 2023/07/26 20:01:04 tb Exp $ -.\" full merge up to: OpenSSL 1cb7eff4 Sep 10 13:56:40 2019 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2021, 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000, 2013, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 26 2023 $ -.Dt BIO_FIND_TYPE 3 -.Os -.Sh NAME -.Nm BIO_find_type , -.Nm BIO_next , -.Nm BIO_method_type , -.Nm BIO_method_name -.Nd BIO chain traversal -.Sh SYNOPSIS -.In openssl/bio.h -.Ft BIO * -.Fo BIO_find_type -.Fa "BIO *bio" -.Fa "int type" -.Fc -.Ft BIO * -.Fo BIO_next -.Fa "BIO *bio" -.Fc -.Ft int -.Fo BIO_method_type -.Fa "const BIO *bio" -.Fc -.Ft const char * -.Fo BIO_method_name -.Fa "const BIO *bio" -.Fc -.Fd #define BIO_TYPE_NONE 0 -.Fd #define BIO_TYPE_START 128 -.Sh DESCRIPTION -.Fn BIO_find_type -searches for a BIO matching the given -.Fa type -in the chain starting at -.Fa bio . -If the least significant byte of the -.Fa type -argument is non-zero, only exact matches of the -.Fa type -are accepted. -Otherwise, a match only requires that any of the bits set in the -.Fa type -argument is also set in the candidate BIO. -.Pp -Types with a least significant byte in the range from 0 to -.Dv BIO_TYPE_START , -inclusive, are reserved for BIO types built into the library. -Types with a least significant byte greater than -.Dv BIO_TYPE_START -are available for user-defined BIO types; see -.Xr BIO_get_new_index 3 -for details. -.Pp -.Fn BIO_next -returns the next BIO in the chain after -.Fa bio . -This function can be used to traverse all BIOs in a chain -or in conjunction with -.Fn BIO_find_type -to find all BIOs of a certain type. -.Pp -.Fn BIO_method_type -returns the type of the given -.Fa bio . -.Pp -.Fn BIO_method_name -returns an ASCII string representing the type of the -.Fa bio . -.Pp -The following are the built-in source/sink BIO types -that operate on file descriptors. -They all have both of the bits -.Dv BIO_TYPE_SOURCE_SINK -and -.Dv BIO_TYPE_DESCRIPTOR -but not the bit -.Dv BIO_TYPE_FILTER -set in their type constant. -.Bl -column BIO_TYPE_NULL_FILTER "datagram socket" BIO_s_datagram(3) -.It Fa type No constant Ta Em name No string Ta Vt BIO_METHOD -.It Dv BIO_TYPE_ACCEPT Ta socket accept Ta Xr BIO_s_accept 3 -.It Dv BIO_TYPE_CONNECT Ta socket connect Ta Xr BIO_s_connect 3 -.It Dv BIO_TYPE_DGRAM Ta datagram socket Ta Xr BIO_s_datagram 3 -.It Dv BIO_TYPE_FD Ta file descriptor Ta Xr BIO_s_fd 3 -.It Dv BIO_TYPE_SOCKET Ta socket Ta Xr BIO_s_socket 3 -.El -.Pp -The following are the built-in source/sink BIO types -that do not directly operate on file descriptors. -They all have the bit -.Dv BIO_TYPE_SOURCE_SINK -but not the bits -.Dv BIO_TYPE_DESCRIPTOR -and -.Dv BIO_TYPE_FILTER -set in their type constant. -.Bl -column BIO_TYPE_NULL_FILTER "datagram socket" BIO_s_datagram(3) -.It Fa type No constant Ta Em name No string Ta Vt BIO_METHOD -.It Dv BIO_TYPE_BIO Ta BIO pair Ta Xr BIO_s_bio 3 -.It Dv BIO_TYPE_FILE Ta FILE pointer Ta Xr BIO_s_file 3 -.It Dv BIO_TYPE_MEM Ta memory buffer Ta Xr BIO_s_mem 3 -.It Dv BIO_TYPE_NULL Ta NULL Ta Xr BIO_s_null 3 -.El -.Pp -The following are the built-in filter BIO types. -They all have the bit -.Dv BIO_TYPE_FILTER -but not the bits -.Dv BIO_TYPE_SOURCE_SINK -and -.Dv BIO_TYPE_DESCRIPTOR -set in their type constant. -.Bl -column BIO_TYPE_NULL_FILTER "datagram socket" BIO_s_datagram(3) -.It Fa type No constant Ta Em name No string Ta Vt BIO_METHOD -.\" BIO_TYPE_ASN1 is intentionally undocumented because BIO_f_asn1 was -.\" removed from the public API. -.\" .It Dv BIO_TYPE_ASN1 Ta asn1 Ta Xr BIO_f_asn1 3 -.It Dv BIO_TYPE_BASE64 Ta base64 encoding Ta Xr BIO_f_base64 3 -.It Dv BIO_TYPE_BUFFER Ta buffer Ta Xr BIO_f_buffer 3 -.It Dv BIO_TYPE_CIPHER Ta cipher Ta Xr BIO_f_cipher 3 -.It Dv BIO_TYPE_MD Ta message digest Ta Xr BIO_f_md 3 -.It Dv BIO_TYPE_NULL_FILTER Ta NULL filter Ta Xr BIO_f_null 3 -.It Dv BIO_TYPE_SSL Ta ssl Ta Xr BIO_f_ssl 3 -.El -.Pp -The constants -.Dv BIO_TYPE_BER , -.Dv BIO_TYPE_PROXY_CLIENT , -and -.Dv BIO_TYPE_PROXY_SERVER -do not correspond to any BIO types implemented by the library and are -not intended to be used for application-defined types, either. -The constants -.Dv BIO_TYPE_COMP , -.Dv BIO_TYPE_LINEBUFFER , -and -.Dv BIO_TYPE_NBIO_TEST -corresponds to a deprecated BIO types that are intentionally undocumented. -.Pp -If a variable in an application program is intended -to store a BIO type but temporarily does not refer to any BIO -or refers to a BIO of an unknown type, setting the variable to -.Dv BIO_TYPE_NONE -is recommended. -.Sh RETURN VALUES -.Fn BIO_find_type -returns the next matching BIO or -.Dv NULL -if -.Fa bio -is a -.Dv NULL -pointer or if no matching BIO is found. -.Pp -.Fn BIO_next -returns the next BIO or -.Dv NULL -if -.Fa bio -is a -.Dv NULL -pointer or points to the last BIO in a chain. -.Pp -.Fn BIO_method_type -returns one of the -.Dv BIO_TYPE_* -constants. -.Pp -.Fn BIO_method_name -returns an internal pointer to a string. -.Sh EXAMPLES -Traverse a chain looking for digest BIOs: -.Bd -literal -offset 2n -BIO *btmp; - -btmp = in_bio; /* in_bio is the chain to search through */ -while (btmp != NULL) { - btmp = BIO_find_type(btmp, BIO_TYPE_MD); - if (btmp == NULL) - break; /* Not found */ - - /* btmp is a digest BIO, do something with it ... */ - ... - - btmp = BIO_next(btmp); -} -.Ed -.Sh SEE ALSO -.Xr BIO_meth_new 3 , -.Xr BIO_new 3 -.Sh HISTORY -.Fn BIO_method_type -and -.Fn BIO_method_name -first appeared in SSLeay 0.6.0. -.Fn BIO_find_type -first appeared in SSLeay 0.6.6. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn BIO_next -first appeared in OpenSSL 0.9.6 and has been available since -.Ox 2.9 . diff --git a/src/lib/libcrypto/man/BIO_get_data.3 b/src/lib/libcrypto/man/BIO_get_data.3 deleted file mode 100644 index 63750ac37b..0000000000 --- a/src/lib/libcrypto/man/BIO_get_data.3 +++ /dev/null @@ -1,406 +0,0 @@ -.\" $OpenBSD: BIO_get_data.3,v 1.8 2023/11/16 20:27:43 schwarze Exp $ -.\" full merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2018, 2022 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Matt Caswell . -.\" Copyright (c) 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 16 2023 $ -.Dt BIO_GET_DATA 3 -.Os -.Sh NAME -.Nm BIO_set_data , -.Nm BIO_get_data , -.Nm BIO_set_flags , -.Nm BIO_clear_flags , -.Nm BIO_test_flags , -.Nm BIO_get_flags , -.Nm BIO_set_retry_read , -.Nm BIO_set_retry_write , -.Nm BIO_set_retry_special , -.Nm BIO_clear_retry_flags , -.Nm BIO_get_retry_flags , -.Nm BIO_copy_next_retry , -.Nm BIO_set_init , -.Nm BIO_get_init , -.Nm BIO_set_shutdown , -.Nm BIO_get_shutdown -.Nd manage BIO state information -.Sh SYNOPSIS -.In openssl/bio.h -.Ft void -.Fo BIO_set_data -.Fa "BIO *a" -.Fa "void *ptr" -.Fc -.Ft void * -.Fo BIO_get_data -.Fa "BIO *a" -.Fc -.Ft void -.Fo BIO_set_flags -.Fa "BIO *a" -.Fa "int flags" -.Fc -.Ft void -.Fo BIO_clear_flags -.Fa "BIO *a" -.Fa "int flags" -.Fc -.Ft int -.Fo BIO_test_flags -.Fa "const BIO *a" -.Fa "int flags" -.Fc -.Ft int -.Fo BIO_get_flags -.Fa "const BIO *a" -.Fc -.Ft void -.Fo BIO_set_retry_read -.Fa "BIO *a" -.Fc -.Ft void -.Fo BIO_set_retry_write -.Fa "BIO *a" -.Fc -.Ft void -.Fo BIO_set_retry_special -.Fa "BIO *a" -.Fc -.Ft void -.Fo BIO_clear_retry_flags -.Fa "BIO *a" -.Fc -.Ft int -.Fo BIO_get_retry_flags -.Fa "BIO *a" -.Fc -.Ft void -.Fo BIO_copy_next_retry -.Fa "BIO *a" -.Fc -.Ft void -.Fo BIO_set_init -.Fa "BIO *a" -.Fa "int init" -.Fc -.Ft int -.Fo BIO_get_init -.Fa "BIO *a" -.Fc -.Ft void -.Fo BIO_set_shutdown -.Fa "BIO *a" -.Fa "int shutdown" -.Fc -.Ft int -.Fo BIO_get_shutdown -.Fa "BIO *a" -.Fc -.Sh DESCRIPTION -These functions are mainly useful when implementing a custom BIO. -.Pp -The -.Fn BIO_set_data -function associates the custom data pointed to by -.Fa ptr -with the -.Fa "BIO a" . -This data can subsequently be retrieved via a call to -.Fn BIO_get_data . -This can be used by custom BIOs for storing implementation specific -information. -.Pp -.Fn BIO_set_flags -sets all the bits contained in the -.Fa flags -argument in the flags stored in -.Fa a . -The value of a flag neither changes when it is already set in -.Fa a -nor when it is unset in the -.Fa flags -argument. -.Pp -.Fn BIO_clear_flags -clears all the bits contained in the -.Fa flags -argument from the flags stored in -.Fa a . -The value of a flag neither changes when it is already unset in -.Fa a -nor when it is unset in the -.Fa flags -argument. -.Pp -.Fn BIO_test_flags -checks whether any of the bits contained in the -.Fa flags -argument are set in the flags stored in -.Fa a . -Application programs usually call macros like those documented in -.Xr BIO_should_retry 3 -rather than calling -.Fn BIO_test_flags -directly. -Flag bits correspond to accessor macros as follows: -.Pp -.Bl -tag -width BIO_FLAGS_SHOULD_RETRY -compact -.It Dv BIO_FLAGS_READ -.Xr BIO_should_read 3 -.It Dv BIO_FLAGS_WRITE -.Xr BIO_should_write 3 -.It Dv BIO_FLAGS_IO_SPECIAL -.Xr BIO_should_io_special 3 -.It Dv BIO_FLAGS_RWS -.Xr BIO_retry_type 3 -.It Dv BIO_FLAGS_SHOULD_RETRY -.Xr BIO_should_retry 3 -.It Dv BIO_FLAGS_BASE64_NO_NL -see -.Xr BIO_f_base64 3 -.It Dv BIO_FLAGS_MEM_RDONLY -see -.Xr BIO_s_mem 3 -.El -.Pp -In particular, -.Dv BIO_FLAGS_RWS -is the bitwise OR of -.Dv BIO_FLAGS_READ , -.Dv BIO_FLAGS_WRITE , -and -.Dv BIO_FLAGS_IO_SPECIAL . -.Pp -.Fn BIO_set_retry_read , -.Fn BIO_set_retry_write , -and -.Fn BIO_set_retry_special -set the -.Dv BIO_FLAGS_READ , -.Dv BIO_FLAGS_WRITE , -and -.Dv BIO_FLAGS_IO_SPECIAL -flag bit in -.Fa a , -respectively. -They all set the -.Dv BIO_FLAGS_SHOULD_RETRY -flag bit, too. -.Pp -.Fn BIO_clear_retry_flags -clears the flag bits -.Dv BIO_FLAGS_READ , -.Dv BIO_FLAGS_WRITE , -.Dv BIO_FLAGS_IO_SPECIAL , -and -.Dv BIO_FLAGS_SHOULD_RETRY -in -.Fa a . -.Pp -.Fn BIO_copy_next_retry -copies retry-related state data from the BIO that follows -.Fa a -in its chain to -.Fa a , -that is, the data accessible with -.Fn BIO_get_retry_flags -and -.Xr BIO_get_retry_reason 3 . -Flags which are already set in -.Fa a -are not cleared. -Before calling -.Fn BIO_copy_next_retry , -making sure that -.Fa a -is not the last BIO in its chain is the responsibility of the caller, -for example by checking that -.Xr BIO_next 3 -does not return -.Dv NULL . -.Pp -The -.Fn BIO_set_init -function sets the -.Fa init -flag in -.Fa a -to the specified value. -A non-zero value indicates that initialisation is complete, -whilst zero indicates that it is not. -Often initialisation will complete -during initial construction of the BIO. -For some BIOs however, initialisation may not be complete until -additional steps have been taken, for example through calling custom -ctrls. -.Pp -The -.Fn BIO_set_shutdown -and -.Fn BIO_get_shutdown -functions are low-level interfaces to forcefully set and get the -.Fa shutdown -flag of -.Fa a , -circumventing type-dependent sanity checks, -exclusively intended for implementing a new BIO type. -The -.Fa shutdown -argument must be either -.Dv BIO_CLOSE -or -.Dv BIO_NOCLOSE . -When merely using a -.Vt BIO -object, call -.Xr BIO_set_close 3 -and -.Xr BIO_get_close 3 -instead. -.Pp -.Fn BIO_get_flags , -.Fn BIO_set_retry_read , -.Fn BIO_set_retry_write , -.Fn BIO_set_retry_special , -.Fn BIO_clear_retry_flags , -and -.Fn BIO_get_retry_flags -are implemented as macros. -.Sh RETURN VALUES -.Fn BIO_get_data -returns a pointer to the implementation specific custom data associated -with -.Fa a , -or -.Dv NULL -if none is set. -.Pp -.Fn BIO_test_flags -returns the bitwise AND of the -.Fa flags -argument and the flags stored in -.Fa a . -Consequently, it returns a non-zero value -if and only if at least one of the requested -.Fa flags -is set. -.Pp -.Fn BIO_get_flags -returns all the flags currently stored in -.Fa a . -.Pp -.Fn BIO_get_retry_flags -returns the bitwise AND of -.Pq Dv BIO_FLAGS_RWS | BIO_FLAGS_SHOULD_RETRY -and the flags stored in -.Fa a . -.Pp -.Fn BIO_get_init -returns the value of the init flag of -.Fa a . -.Pp -.Fn BIO_get_shutdown -returns the value previously set with -.Fn BIO_set_shutdown -or with -.Xr BIO_set_close 3 . -.Sh SEE ALSO -.Xr BIO_meth_new 3 , -.Xr BIO_new 3 , -.Xr BIO_set_close 3 , -.Xr BIO_should_retry 3 -.Sh HISTORY -.Fn BIO_set_flags , -.Fn BIO_clear_flags , -.Fn BIO_set_retry_read , -.Fn BIO_set_retry_write , -.Fn BIO_set_retry_special , -.Fn BIO_clear_retry_flags , -and -.Fn BIO_get_retry_flags -first appeared in SSLeay 0.8.0, -.Fn BIO_copy_next_retry -in SSLeay 0.8.1, and -.Fn BIO_get_flags -in SSLeay 0.9.0. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn BIO_test_flags -first appeared in OpenSSL 0.9.8e and has been available since -.Ox 4.5 . -.Pp -.Fn BIO_set_data , -.Fn BIO_get_data , -.Fn BIO_set_init , -.Fn BIO_set_shutdown , -and -.Fn BIO_get_shutdown -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 6.3 . -.Pp -.Fn BIO_get_init -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 7.1 . diff --git a/src/lib/libcrypto/man/BIO_get_ex_new_index.3 b/src/lib/libcrypto/man/BIO_get_ex_new_index.3 deleted file mode 100644 index 54d00775e7..0000000000 --- a/src/lib/libcrypto/man/BIO_get_ex_new_index.3 +++ /dev/null @@ -1,198 +0,0 @@ -.\" $OpenBSD: BIO_get_ex_new_index.3,v 1.17 2023/11/19 10:26:36 tb Exp $ -.\" full merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800 -.\" -.\" This file was written by Rich Salz . -.\" Copyright (c) 2015, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 19 2023 $ -.Dt BIO_GET_EX_NEW_INDEX 3 -.Os -.Sh NAME -.Nm BIO_get_ex_new_index , -.Nm BIO_set_ex_data , -.Nm BIO_get_ex_data , -.Nm BIO_set_app_data , -.Nm BIO_get_app_data , -.Nm UI_get_ex_new_index , -.Nm UI_set_ex_data , -.Nm UI_get_ex_data , -.Nm X509_get_ex_new_index , -.Nm X509_set_ex_data , -.Nm X509_get_ex_data , -.Nm EC_KEY_get_ex_new_index , -.Nm EC_KEY_get_ex_data , -.Nm EC_KEY_set_ex_data -.Nd application-specific data -.Sh SYNOPSIS -.In openssl/bio.h -.In openssl/ui.h -.In openssl/x509.h -.In openssl/ec.h -.Ft int -.Fo TYPE_get_ex_new_index -.Fa "long argl" -.Fa "void *argp" -.Fa "CRYPTO_EX_new *new_func" -.Fa "CRYPTO_EX_dup *dup_func" -.Fa "CRYPTO_EX_free *free_func" -.Fc -.Ft int -.Fo TYPE_set_ex_data -.Fa "TYPE *d" -.Fa "int idx" -.Fa "void *arg" -.Fc -.Ft void * -.Fo TYPE_get_ex_data -.Fa "TYPE *d" -.Fa "int idx" -.Fc -.Ft int -.Fo TYPE_set_app_data -.Fa "TYPE *d" -.Fa "void *arg" -.Fc -.Ft void * -.Fo TYPE_get_app_data -.Fa "TYPE *d" -.Fc -.Sh DESCRIPTION -In the description here, -.Vt TYPE -is used a placeholder for any of the OpenSSL datatypes listed in -.Xr CRYPTO_get_ex_new_index 3 . -.Pp -These functions handle application-specific data in OpenSSL data -structures. -Their usage is identical to that of -.Xr RSA_get_ex_new_index 3 , -.Xr RSA_set_ex_data 3 , -and -.Xr RSA_get_ex_data 3 . -.Pp -.Fn TYPE_get_ex_new_index -is a macro that calls -.Xr CRYPTO_get_ex_new_index 3 -with the correct index value. -.Pp -.Fn TYPE_set_ex_data -is a function that calls -.Xr CRYPTO_set_ex_data 3 -with an offset into the opaque ex_data part of the -.Vt TYPE -object. -.Pp -.Fn TYPE_get_ex_data -is a function that calls -.Xr CRYPTO_get_ex_data 3 -with an offset into the opaque ex_data part of the -.Vt TYPE -object. -.Pp -.Fn TYPE_set_app_data -and -.Fn TYPE_get_app_data -are deprecated wrapper macros that call -.Fn TYPE_set_ex_data -and -.Fn TYPE_get_ex_data -with -.Fa idx -set to 0. -.Sh RETURN VALUES -.Fn TYPE_get_new_ex_index -returns a new index on success or \-1 on error. -.Pp -.Fn TYPE_set_ex_data -and -.Fn TYPE_set_app_data -return 1 on success or 0 on error. -.Pp -.Fn TYPE_get_ex_data -and -.Fn TYPE_get_app_data -return the application data or -.Dv NULL -if an error occurred. -.Sh SEE ALSO -.Xr BIO_new 3 , -.Xr CRYPTO_get_ex_new_index 3 , -.Xr RSA_get_ex_new_index 3 , -.Xr X509_new 3 -.Sh HISTORY -.Fn BIO_set_app_data -and -.Fn BIO_get_app_data -first appeared in SSLeay 0.8.1. -.Fn BIO_get_ex_new_index , -.Fn BIO_set_ex_data , -and -.Fn BIO_get_ex_data -first appeared in SSLeay 0.9.0. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn X509_get_ex_new_index , -.Fn X509_set_ex_data , -and -.Fn X509_get_ex_data -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . -.Pp -.Fn UI_get_ex_new_index , -.Fn UI_set_ex_data , -and -.Fn UI_get_ex_data -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Pp -.Fn EC_KEY_get_ex_new_index , -.Fn EC_KEY_set_ex_data , -and -.Fn EC_KEY_get_ex_data -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 6.5 . diff --git a/src/lib/libcrypto/man/BIO_meth_new.3 b/src/lib/libcrypto/man/BIO_meth_new.3 deleted file mode 100644 index 2159560596..0000000000 --- a/src/lib/libcrypto/man/BIO_meth_new.3 +++ /dev/null @@ -1,367 +0,0 @@ -.\" $OpenBSD: BIO_meth_new.3,v 1.5 2018/07/09 09:52:18 tb Exp $ -.\" full merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2018 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Matt Caswell -.\" Copyright (c) 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 9 2018 $ -.Dt BIO_METH_NEW 3 -.Os -.Sh NAME -.Nm BIO_get_new_index , -.Nm BIO_meth_new , -.Nm BIO_meth_free , -.Nm BIO_meth_get_write , -.Nm BIO_meth_set_write , -.Nm BIO_meth_get_read , -.Nm BIO_meth_set_read , -.Nm BIO_meth_get_puts , -.Nm BIO_meth_set_puts , -.Nm BIO_meth_get_gets , -.Nm BIO_meth_set_gets , -.Nm BIO_meth_get_ctrl , -.Nm BIO_meth_set_ctrl , -.Nm BIO_meth_get_create , -.Nm BIO_meth_set_create , -.Nm BIO_meth_get_destroy , -.Nm BIO_meth_set_destroy , -.Nm BIO_meth_get_callback_ctrl , -.Nm BIO_meth_set_callback_ctrl -.Nd manipulate BIO_METHOD structures -.Sh SYNOPSIS -.In openssl/bio.h -.Ft int -.Fn BIO_get_new_index void -.Ft BIO_METHOD * -.Fo BIO_meth_new -.Fa "int type" -.Fa "const char *name" -.Fc -.Ft void -.Fo BIO_meth_free -.Fa "BIO_METHOD *biom" -.Fc -.Ft int -.Fn "(*BIO_meth_get_write(const BIO_METHOD *biom))" "BIO *" "const char *" int -.Ft int -.Fo BIO_meth_set_write -.Fa "BIO_METHOD *biom" -.Fa "int (*write)(BIO *, const char *, int)" -.Fc -.Ft int -.Fn "(*BIO_meth_get_read(const BIO_METHOD *biom))" "BIO *" "char *" int -.Ft int -.Fo BIO_meth_set_read -.Fa "BIO_METHOD *biom" -.Fa "int (*read)(BIO *, char *, int)" -.Fc -.Ft int -.Fn "(*BIO_meth_get_puts(const BIO_METHOD *biom))" "BIO *" "const char *" -.Ft int -.Fo BIO_meth_set_puts -.Fa "BIO_METHOD *biom" -.Fa "int (*puts)(BIO *, const char *)" -.Fc -.Ft int -.Fn "(*BIO_meth_get_gets(const BIO_METHOD *biom))" "BIO *" "char *" int -.Ft int -.Fo BIO_meth_set_gets -.Fa "BIO_METHOD *biom" -.Fa "int (*gets)(BIO *, char *, int)" -.Fc -.Ft long -.Fn "(*BIO_meth_get_ctrl(const BIO_METHOD *biom))" "BIO *" int long "void *" -.Ft int -.Fo BIO_meth_set_ctrl -.Fa "BIO_METHOD *biom" -.Fa "long (*ctrl)(BIO *, int, long, void *)" -.Fc -.Ft int -.Fn "(*BIO_meth_get_create(const BIO_METHOD *biom))" "BIO *" -.Ft int -.Fo BIO_meth_set_create -.Fa "BIO_METHOD *biom" -.Fa "int (*create)(BIO *)" -.Fc -.Ft int -.Fn "(*BIO_meth_get_destroy(const BIO_METHOD *biom))" "BIO *" -.Ft int -.Fo BIO_meth_set_destroy -.Fa "BIO_METHOD *biom" -.Fa "int (*destroy)(BIO *)" -.Fc -.Ft long -.Fo "(*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))" -.Fa "BIO *" -.Fa int -.Fa "BIO_info_cb *" -.Fc -.Ft int -.Fo BIO_meth_set_callback_ctrl -.Fa "BIO_METHOD *biom" -.Fa "long (*callback_ctrl)(BIO *, int, BIO_info_cb *)" -.Fc -.Sh DESCRIPTION -The -.Vt BIO_METHOD -structure stores function pointers implementing a -.Vt BIO -type. -See -.Xr BIO_new 3 -for more information about -.Vt BIO -objects. -.Pp -.Fn BIO_meth_new -creates a new -.Vt BIO_METHOD -structure. -It requires a unique integer -.Fa type ; -use -.Fn BIO_get_new_index -to get the value for -.Fa type . -Currently, the user can only create up to 127 different BIO types, and -.Fa type -is limited to the range 129\(en255. -The -.Fa name -pointer is stored in the structure and will not be freed by -.Fn BIO_meth_free . -.Pp -The standard BIO types are listed in -.In openssl/bio.h . -Some examples include -.Dv BIO_TYPE_BUFFER -and -.Dv BIO_TYPE_CIPHER . -The -.Fa type -of filter BIOs should have the -.Dv BIO_TYPE_FILTER -bit set. -Source/sink BIOs should have the -.Dv BIO_TYPE_SOURCE_SINK -bit set. -File descriptor based BIOs (e.g. socket, fd, connect, accept etc.\&) -should additionally have the -.Dv BIO_TYPE_DESCRIPTOR -bit set. -See -.Xr BIO_find_type 3 -for more information. -.Pp -.Fn BIO_meth_free -is an alias for -.Xr free 3 . -.Pp -.Fn BIO_meth_get_write , -.Fn BIO_meth_set_write , -.Fn BIO_meth_get_read , -and -.Fn BIO_meth_set_read -get and set the functions -.Fa write -and -.Fa read -used for writing and reading arbitrary length data to and from the -.Vt BIO . -These functions are called from -.Xr BIO_write 3 -and -.Xr BIO_read 3 , -respectively. -The parameters and return values of -.Fa write -and -.Fa read -have the same meaning as for -.Xr BIO_write 3 -and -.Xr BIO_read 3 . -.Pp -.Fn BIO_meth_get_puts -and -.Fn BIO_meth_set_puts -get and set the function -.Fa puts -used for writing a NUL-terminated string to the -.Vt BIO . -This function is called from -.Xr BIO_puts 3 . -The parameters and the return value of -.Fa puts -have the same meaning as for -.Xr BIO_puts 3 . -.Pp -.Fn BIO_meth_get_gets -and -.Fn BIO_meth_set_gets -get and set the function -.Fa gets -used for reading a line of data from the -.Vt BIO . -This function is called from -.Xr BIO_gets 3 . -The parameters and the return value of -.Fa gets -have the same meaning as for -.Xr BIO_gets 3 . -.Pp -.Fn BIO_meth_get_ctrl -and -.Fn BIO_meth_set_ctrl -get and set the function -.Fa ctrl -used for processing control messages in the -.Vt BIO . -This function is called from -.Xr BIO_ctrl 3 . -The parameters and return value of -.Fa ctrl -have the same meaning as for -.Xr BIO_ctrl 3 . -.Pp -.Fn BIO_meth_get_create -and -.Fn BIO_meth_set_create -get and set a function -.Fa create -used while initializing a new instance of the -.Vt BIO . -This function is called from -.Xr BIO_new 3 . -The -.Xr BIO_new 3 -function allocates the memory for the new -.Vt BIO , -and a pointer to this newly allocated structure is passed -as the parameter to -.Fa create . -.Pp -.Fn BIO_meth_get_destroy -and -.Fn BIO_meth_set_destroy -get and set a function -.Fa destroy -used while destroying an instance of a -.Vt BIO . -This function is called from -.Xr BIO_free 3 . -A pointer to the -.Vt BIO -to be destroyed is passed as the parameter. -The -.Fa destroy -function is intended to perform clean-up specific to the -.Vt BIO -.Fa type . -The memory for the -.Vt BIO -itself must not be freed by this function. -.Pp -.Fn BIO_meth_get_callback_ctrl -and -.Fn BIO_meth_set_callback_ctrl -get and set the function -.Fa callback_ctrl -used for processing callback control messages in the -.Vt BIO . -This function is called from -.Xr BIO_callback_ctrl 3 . -The parameters and return value of -.Fa callback_ctrl -have the same meaning as for -.Xr BIO_callback_ctrl 3 . -.Sh RETURN VALUES -.Fn BIO_get_new_index -returns the new BIO type value or \-1 if an error occurs. -.Pp -.Fn BIO_meth_new -returns the new -.Vt BIO_METHOD -structure or -.Dv NULL -if an error occurs. -.Pp -The -.Fn BIO_meth_set_* -functions return 1 on success or 0 on error. -Currently, they cannot fail. -.Pp -The -.Fn BIO_meth_get_* -functions return function pointers. -.Sh SEE ALSO -.Xr BIO_ctrl 3 , -.Xr BIO_find_type 3 , -.Xr BIO_new 3 , -.Xr BIO_read 3 -.Sh HISTORY -These functions first appeared in OpenSSL 1.1.0 -and have been available since -.Ox 6.3 . diff --git a/src/lib/libcrypto/man/BIO_new.3 b/src/lib/libcrypto/man/BIO_new.3 deleted file mode 100644 index f97a314826..0000000000 --- a/src/lib/libcrypto/man/BIO_new.3 +++ /dev/null @@ -1,279 +0,0 @@ -.\" $OpenBSD: BIO_new.3,v 1.28 2023/07/26 20:01:04 tb Exp $ -.\" full merge up to: -.\" OpenSSL man3/BIO_new.pod fb46be03 Feb 26 11:51:31 2016 +0000 -.\" OpenSSL man7/bio.pod 631c37be Dec 12 16:56:50 2017 +0100 -.\" partial merge up to: -.\" OpenSSL man3/BIO_new.pod e9b77246 Jan 20 19:58:49 2017 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000, 2015, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 26 2023 $ -.Dt BIO_NEW 3 -.Os -.Sh NAME -.Nm BIO_new , -.Nm BIO_up_ref , -.Nm BIO_set , -.Nm BIO_free , -.Nm BIO_vfree , -.Nm BIO_free_all -.Nd construct and destruct I/O abstraction objects -.Sh SYNOPSIS -.In openssl/bio.h -.Ft BIO * -.Fo BIO_new -.Fa "const BIO_METHOD *type" -.Fc -.Ft int -.Fo BIO_up_ref -.Fa "BIO *a" -.Fc -.Ft int -.Fo BIO_set -.Fa "BIO *a" -.Fa "const BIO_METHOD *type" -.Fc -.Ft int -.Fo BIO_free -.Fa "BIO *a" -.Fc -.Ft void -.Fo BIO_vfree -.Fa "BIO *a" -.Fc -.Ft void -.Fo BIO_free_all -.Fa "BIO *a" -.Fc -.Sh DESCRIPTION -A -.Vt BIO -is an I/O abstraction object, hiding many of the underlying I/O -details from an application. -If an application uses BIOs for its I/O, it can transparently handle -SSL connections, unencrypted network connections, and file I/O. -.Pp -The -.Fn BIO_new -function constructs a new -.Vt BIO -using the method -.Fa type -and sets its reference count to 1. -There are two groups of BIO types, source/sink BIOs and filter BIOs. -.Pp -Source/sink BIOs provide input or consume output. -Examples include socket BIOs and file BIOs. -.Pp -Filter BIOs take data from one BIO and pass it through to another, -or to the application, forming a chain of BIOs. -The data may be left unmodified (for example by a message digest BIO) -or translated (for example by an encryption BIO). -The effect of a filter BIO may change according to the I/O operation -it is performing: for example an encryption BIO encrypts data -if it is written to and decrypts data if it is read from. -.Pp -Some BIOs (such as memory BIOs) can be used immediately after calling -.Fn BIO_new . -Others (such as file BIOs) need some additional initialization, and -utility functions exists to construct and initialize such BIOs. -.Pp -Normally the -.Fa type -argument is supplied by a function which returns a pointer to a -.Vt BIO_METHOD . -There is a naming convention for such functions: -the methods for source/sink BIOs are called -.Fn BIO_s_* -and those for filter BIOs -.Fn BIO_f_* . -.Pp -.Fn BIO_up_ref -increments the reference count of -.Fa a -by 1. -.Pp -.Fn BIO_set -is a deprecated function to initialize an unused -.Vt BIO -structure located in static memory or on the stack, -to set its method to -.Fa type , -and to set its reference count to 1. -It must not be called on -.Vt BIO -objects created with -.Fn BIO_new , -nor on objects that were already used. -.Pp -.Fn BIO_free -and -.Fn BIO_vfree -decrement the reference count of -.Fa a -by 1, and if the reference count reaches 0, they destruct the single -.Vt BIO -.Fa a , -which may also have some effect on the -underlying I/O structure, for example it may close the file being -referred to under certain circumstances. -If -.Fa a -is a -.Dv NULL -pointer, no action occurs. -If -.Fn BIO_free -is called on a BIO chain, it destructs at most one BIO, -resulting in a memory leak. -.Pp -.Fn BIO_free_all -calls -.Fn BIO_free -on -.Fa a -and on all following -.Vt BIO -objects in the chain. -As soon as the reference count of a -.Vt BIO -is still non-zero after calling -.Fn BIO_free -on it, the function -.Fn BIO_free_all -returns right away and refrains from freeing the remaining -.Vt BIO -objects in the chain. -It does not halt if an error occurs -destructing an individual BIO in the chain. -If -.Fa a -is a -.Dv NULL -pointer, no action occurs. -Calling -.Fn BIO_free_all -on a single BIO has the same effect as -.Fn BIO_vfree . -.Pp -Common I/O functions are documented in -.Xr BIO_read 3 . -Forming chains is explained in -.Xr BIO_push 3 ; -inspecting them is explained in -.Xr BIO_find_type 3 . -For more details about the different kinds of BIOs, see the individual -.Vt BIO_METHOD -manual pages. -.Sh RETURN VALUES -.Fn BIO_new -returns a newly constructed -.Vt BIO -object or -.Dv NULL -on failure. -.Pp -.Fn BIO_up_ref , -.Fn BIO_set , -and -.Fn BIO_free -return 1 for success or 0 for failure. -.Sh EXAMPLES -Create a memory BIO: -.Pp -.Dl BIO *mem = BIO_new(BIO_s_mem()); -.Sh SEE ALSO -.Xr BIO_accept 3 , -.Xr BIO_ctrl 3 , -.Xr BIO_dump 3 , -.Xr BIO_dup_chain 3 , -.Xr BIO_f_base64 3 , -.Xr BIO_f_buffer 3 , -.Xr BIO_f_cipher 3 , -.Xr BIO_f_md 3 , -.Xr BIO_f_null 3 , -.Xr BIO_f_ssl 3 , -.Xr BIO_find_type 3 , -.Xr BIO_get_ex_new_index 3 , -.Xr BIO_meth_new 3 , -.Xr BIO_new_CMS 3 , -.Xr BIO_printf 3 , -.Xr BIO_push 3 , -.Xr BIO_read 3 , -.Xr BIO_s_accept 3 , -.Xr BIO_s_bio 3 , -.Xr BIO_s_connect 3 , -.Xr BIO_s_datagram 3 , -.Xr BIO_s_fd 3 , -.Xr BIO_s_file 3 , -.Xr BIO_s_mem 3 , -.Xr BIO_s_null 3 , -.Xr BIO_s_socket 3 , -.Xr BIO_set_callback 3 , -.Xr BIO_set_data 3 , -.Xr BIO_should_retry 3 , -.Xr BUF_MEM_new 3 , -.Xr crypto 3 -.Sh HISTORY -.Fn BIO_new , -.Fn BIO_set , -and -.Fn BIO_free -first appeared in SSLeay 0.6.0. -.Fn BIO_free_all -first appeared in SSLeay 0.6.6. -All these functions have been available since -.Ox 2.4 . -.Pp -.Fn BIO_vfree -first appeared in OpenSSL 0.9.6 and has been available since -.Ox 2.9 . -.Pp -.Fn BIO_up_ref -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 6.3 . diff --git a/src/lib/libcrypto/man/BIO_new_CMS.3 b/src/lib/libcrypto/man/BIO_new_CMS.3 deleted file mode 100644 index ab93e1c00c..0000000000 --- a/src/lib/libcrypto/man/BIO_new_CMS.3 +++ /dev/null @@ -1,141 +0,0 @@ -.\" $OpenBSD: BIO_new_CMS.3,v 1.9 2023/05/01 07:28:11 tb Exp $ -.\" full merge up to: OpenSSL df75c2bfc Dec 9 01:02:36 2018 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2008 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: May 1 2023 $ -.Dt BIO_NEW_CMS 3 -.Os -.Sh NAME -.Nm BIO_new_CMS -.Nd CMS streaming filter BIO -.Sh SYNOPSIS -.In openssl/cms.h -.Ft BIO * -.Fo BIO_new_CMS -.Fa "BIO *out" -.Fa "CMS_ContentInfo *cms" -.Fc -.Sh DESCRIPTION -.Fn BIO_new_CMS -returns a streaming filter -.Vt BIO -chain based on -.Fa cms . -The output of the filter is written to -.Fa out . -Any data written to the chain is automatically translated -to a BER format CMS structure of the appropriate type. -.Pp -The chain returned by this function behaves like a standard filter -.Vt BIO . -It supports non blocking I/O. -Content is processed and streamed on the fly and not all held in memory -at once: so it is possible to encode very large structures. -After all content has been written through the chain, -.Xr BIO_flush 3 -must be called to finalise the structure. -.Pp -The -.Dv CMS_STREAM -flag must be included in the corresponding -.Fa flags -parameter of the -.Fa cms -creation function. -.Pp -If an application wishes to write additional data to -.Fa out , -BIOs should be removed from the chain using -.Xr BIO_pop 3 -and freed with -.Xr BIO_free 3 -until -.Fa out -is reached. -If no additional data needs to be written, -.Xr BIO_free_all 3 -can be called to free up the whole chain. -.Pp -Any content written through the filter is used verbatim: -no canonical translation is performed. -.Pp -It is possible to chain multiple BIOs to, for example, -create a triple wrapped signed, enveloped, signed structure. -In this case it is the application's responsibility -to set the inner content type of any outer -.Vt CMS_ContentInfo -structures. -.Pp -Large numbers of small writes through the chain should be avoided as this -will produce an output consisting of lots of OCTET STRING structures. -Prepending a -.Xr BIO_f_buffer 3 -buffering BIO will prevent this. -.Sh RETURN VALUES -.Fn BIO_new_CMS -returns a -.Vt BIO -chain when successful or -.Dv NULL -if an error occurred. -The error can be obtained from -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr BIO_new 3 , -.Xr CMS_ContentInfo_new 3 , -.Xr CMS_encrypt 3 , -.Xr CMS_sign 3 -.Sh HISTORY -.Fn BIO_new_CMS -first appeared in OpenSSL 1.0.0 -and has been available since -.Ox 6.7 . -.Sh BUGS -There is currently no corresponding inverse BIO -which can decode a CMS structure on the fly. diff --git a/src/lib/libcrypto/man/BIO_printf.3 b/src/lib/libcrypto/man/BIO_printf.3 deleted file mode 100644 index 32dec0a828..0000000000 --- a/src/lib/libcrypto/man/BIO_printf.3 +++ /dev/null @@ -1,46 +0,0 @@ -.\" $OpenBSD: BIO_printf.3,v 1.4 2024/03/02 09:18:28 tb Exp $ -.\" OpenSSL 2ca2e917 Mon Mar 20 16:25:22 2017 -0400 -.\" -.\" Copyright (c) 2017 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 2 2024 $ -.Dt BIO_PRINTF 3 -.Os -.Sh NAME -.Nm BIO_printf -.Nd formatted output to a BIO -.Sh SYNOPSIS -.In openssl/bio.h -.Ft int -.Fo BIO_printf -.Fa "BIO *bio" -.Fa "const char *format" -.Fa ... -.Fc -.Sh DESCRIPTION -.Fn BIO_printf -is a wrapper around -.Xr vfprintf 3 , -sending the output to the specified -.Fa bio . -.Sh RETURN VALUES -These functions return the number of bytes written, -or -1 if an error occurs. -.Sh SEE ALSO -.Xr BIO_new 3 -.Sh HISTORY -.Fn BIO_printf -first appeared in SSLeay 0.6.5 and has been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/BIO_push.3 b/src/lib/libcrypto/man/BIO_push.3 deleted file mode 100644 index 46c736e2c2..0000000000 --- a/src/lib/libcrypto/man/BIO_push.3 +++ /dev/null @@ -1,335 +0,0 @@ -.\" $OpenBSD: BIO_push.3,v 1.14 2022/12/16 16:02:17 schwarze Exp $ -.\" full merge up to: -.\" OpenSSL doc/man3/BIO_push.pod 791bfd91 Nov 19 20:38:27 2021 +0100 -.\" OpenSSL doc/man7/bio.pod 1cb7eff4 Sep 10 13:56:40 2019 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2022 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000, 2014 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 16 2022 $ -.Dt BIO_PUSH 3 -.Os -.Sh NAME -.Nm BIO_push , -.Nm BIO_pop , -.Nm BIO_set_next -.Nd manipulate BIO chains -.Sh SYNOPSIS -.In openssl/bio.h -.Ft BIO * -.Fo BIO_push -.Fa "BIO *b" -.Fa "BIO *new_tail" -.Fc -.Ft BIO * -.Fo BIO_pop -.Fa "BIO *b" -.Fc -.Ft void -.Fo BIO_set_next -.Fa "BIO *b" -.Fa "BIO *new_tail" -.Fc -.Sh DESCRIPTION -BIOs can be joined together to form chains. -A chain normally consists of one or more filter BIOs -and one source/sink BIO at the end. -Data read from or written to the first BIO traverses the chain -to the end. -.Pp -Every BIO is a member of exactly one chain. -It is either at the beginning of its chain -or there is exactly one preceding BIO. -It is either at the end of its chain -or there is exactly one following BIO. -If there is neither a preceding nor a following BIO, -it can be regarded as a chain with one member. -Every chain has exactly one beginning and exactly one end. -.Pp -.Fn BIO_push -appends the chain starting at -.Fa new_tail -to the end of the chain that contains -.Fa b . -Unless -.Fa b -is -.Dv NULL , -it then calls -.Xr BIO_ctrl 3 -on -.Fa b -with an argument of -.Dv BIO_CTRL_PUSH . -If -.Fa b -or -.Fa new_tail -is -.Dv NULL , -nothing is appended. -.Pp -In LibreSSL, if -.Fa new_tail -is not at the beginning of its chain, -the head of that chain up to but not including -.Fa new_tail -is cut off and becomes a separate chain. -For portability, it is best to make sure that -.Fa new_tail -is at the beginning of its chain before calling -.Fn BIO_push . -.Pp -.Fn BIO_pop -removes the BIO -.Fa b -from its chain. -Despite the word -.Dq pop -in the function name, -.Fa b -can be at the beginning, in the middle, or at the end of its chain. -Before removal, -.Xr BIO_ctrl 3 -is called on -.Fa b -with an argument of -.Dv BIO_CTRL_POP . -The removed BIO -.Fa b -becomes the only member of its own chain and can thus be freed -or attached to a different chain. -If -.Fa b -is -.Dv NULL , -no action occurs. -.Pp -.Fn BIO_set_next -appends the chain starting with -.Fa new_tail -to the chain ending with -.Fa b . -.Pp -In LibreSSL, if -.Fa new_tail -is not at the beginning of its chain, -the head of that chain up to but not including -.Fa new_tail -is cut off and becomes a separate chain, -and if -.Fa b -is not at the end of its chain, -the tail of that chain starting after -.Fa b -is cut off and becomes a separate chain. -.Pp -For portability, it is best to make sure that -.Fa b -is at the end of its chain and that -.Fa new_tail -is at the beginning of its chain before calling -.Fn BIO_set_next -and to avoid calling -.Fn BIO_pop -on -.Fa new_tail -afterwards. -.Pp -In LibreSSL, the only built-in BIO type for which -.Xr BIO_ctrl 3 -calls with an argument of -.Dv BIO_CTRL_PUSH -or -.Dv BIO_CTRL_POP -have any effect is -.Xr BIO_f_ssl 3 . -.Sh RETURN VALUES -.Fn BIO_push -returns -.Fa b -if it is not -.Dv NULL -or -.Fa new_tail -if it is. -.Pp -.Fn BIO_pop -returns the BIO that followed -.Fa b -in its chain, or -.Dv NULL -if -.Fa b -is -.Dv NULL -or was at the end of its chain. -.Sh EXAMPLES -For these examples suppose -.Sy md1 -and -.Sy md2 -are digest BIOs, -.Sy b64 -is a Base64 BIO and -.Sy f -is a file BIO (see -.Xr BIO_f_md 3 , -.Xr BIO_f_base64 3 , -and -.Xr BIO_s_file 3 , -respectively). -.Pp -If the call -.Pp -.Dl BIO_push(b64, f); -.Pp -is made then the new chain will be -.Sy b64-f . -After making the calls -.Bd -literal -offset indent -BIO_push(md2, b64); -BIO_push(md1, md2); -.Ed -.Pp -the new chain is -.Sy md1-md2-b64-f . -Data written to -.Sy md1 -will be digested -by -.Sy md1 -and -.Sy md2 , -Base64-encoded and written to -.Sy f . -.Pp -It should be noted that reading causes data to pass -in the reverse direction. -That is, data is read from -.Sy f , -Base64-decoded and digested by -.Sy md1 -and -.Sy md2 . -If this call is made: -.Pp -.Dl BIO_pop(md2); -.Pp -The call will return -.Sy b64 -and the new chain will be -.Sy md1-b64-f ; -data can be written to -.Sy md1 -as before. -.Sh SEE ALSO -.Xr BIO_find_type 3 , -.Xr BIO_new 3 , -.Xr BIO_read 3 -.Sh HISTORY -.Fn BIO_push -first appeared in SSLeay 0.6.0. -.Fn BIO_pop -first appeared in SSLeay 0.6.4. -Both functions have been available since -.Ox 2.4 . -.Pp -.Fn BIO_set_next -first appeared in OpenSSL 1.1.0 -and has been available since -.Ox 7.1 . -.Sh CAVEATS -Creating a cyclic chain results in undefined behavior. -For example, infinite recursion or infinite loops may ensue. -.Pp -If it is unknown whether -.Fa b -and -.Fa new_tail -are already members of the same chain and whether joining them would -create a cycle, the calling code can use the following safe idiom: -.Bd -literal -offset indent -BIO *btest; - -for (btest = new_tail; btest != NULL; btest = BIO_next(btest)) - if (btest == b) - /* Bail out because this would create a cycle. */ -BIO_push(b, new_tail); /* This is now safe. */ -.Ed -.Pp -The same idiom can be used with -.Fn BIO_set_next -instead of -.Fn BIO_push . -.Pp -Often, the safe idiom is not needed because it is already known that -.Fa b -and -.Fa new_tail -are not members of the same chain, for example when -.Fa b -or -.Fa new_tail -was created right before. diff --git a/src/lib/libcrypto/man/BIO_read.3 b/src/lib/libcrypto/man/BIO_read.3 deleted file mode 100644 index 5fea9f728a..0000000000 --- a/src/lib/libcrypto/man/BIO_read.3 +++ /dev/null @@ -1,281 +0,0 @@ -.\" $OpenBSD: BIO_read.3,v 1.11 2022/12/18 17:40:55 schwarze Exp $ -.\" full merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2021, 2022 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 18 2022 $ -.Dt BIO_READ 3 -.Os -.Sh NAME -.Nm BIO_read , -.Nm BIO_number_read , -.Nm BIO_gets , -.Nm BIO_write , -.Nm BIO_puts , -.Nm BIO_indent , -.Nm BIO_number_written -.Nd BIO I/O functions -.Sh SYNOPSIS -.In openssl/bio.h -.Ft int -.Fo BIO_read -.Fa "BIO *b" -.Fa "void *buf" -.Fa "int len" -.Fc -.Ft unsigned long -.Fo BIO_number_read -.Fa "BIO *b" -.Fc -.Ft int -.Fo BIO_gets -.Fa "BIO *b" -.Fa "char *buf" -.Fa "int size" -.Fc -.Ft int -.Fo BIO_write -.Fa "BIO *b" -.Fa "const void *buf" -.Fa "int len" -.Fc -.Ft int -.Fo BIO_puts -.Fa "BIO *b" -.Fa "const char *string" -.Fc -.Ft int -.Fo BIO_indent -.Fa "BIO *b" -.Fa "int indent" -.Fa "int max" -.Fc -.Ft unsigned long -.Fo BIO_number_written -.Fa "BIO *b" -.Fc -.Sh DESCRIPTION -.Fn BIO_read -attempts to read -.Fa len -bytes from -.Fa b -and places the data in -.Fa buf . -.Pp -.Fn BIO_number_read -returns the grand total of bytes read from -.Fa b -using -.Fn BIO_read -so far. -Bytes read with -.Fn BIO_gets -do -.Sy not -count. -.Xr BIO_new 3 -and -.Xr BIO_set 3 -initialize the counter to 0. -When reading very large amounts of data, -the counter will eventually wrap around from -.Dv ULONG_MAX -to 0. -.Pp -.Fn BIO_gets -performs the BIOs "gets" operation and places the data in -.Fa buf . -Usually this operation will attempt to read a line of data -from the BIO of maximum length -.Fa size No \- 1 . -There are exceptions to this however, for example -.Fn BIO_gets -on a digest BIO will calculate and return the digest -and other BIOs may not support -.Fn BIO_gets -at all. -The returned string is always NUL-terminated. -.Pp -.Fn BIO_write -attempts to write -.Fa len -bytes from -.Fa buf -to -.Fa b . -.Pp -.Fn BIO_puts -attempts to write the NUL-terminated -.Fa string -to -.Fa b . -.Pp -.Fn BIO_indent -attempts to write -.Fa indent -space characters to -.Fa b , -but not more than -.Fa max -characters. -.Pp -.Fn BIO_number_written -returns the grand total of bytes written to -.Fa b -using -.Fn BIO_write , -.Fn BIO_puts , -and -.Fn BIO_indent -so far. -.Xr BIO_new 3 -and -.Xr BIO_set 3 -initialize the counter to 0. -When writing very large amounts of data, -the counter will eventually wrap around from -.Dv ULONG_MAX -to 0. -.Pp -One technique sometimes used with blocking sockets -is to use a system call (such as -.Xr select 2 , -.Xr poll 2 -or equivalent) to determine when data is available and then call -.Xr read 2 -to read the data. -The equivalent with BIOs (that is call -.Xr select 2 -on the underlying I/O structure and then call -.Fn BIO_read -to read the data) should -.Em not -be used because a single call to -.Fn BIO_read -can cause several reads (and writes in the case of SSL BIOs) -on the underlying I/O structure and may block as a result. -Instead -.Xr select 2 -(or equivalent) should be combined with non-blocking I/O -so successive reads will request a retry instead of blocking. -.Pp -See -.Xr BIO_should_retry 3 -for details of how to determine the cause of a retry and other I/O issues. -.Pp -If the -.Fn BIO_gets -function is not supported by a BIO then it is possible to -work around this by adding a buffering BIO -.Xr BIO_f_buffer 3 -to the chain. -.Sh RETURN VALUES -.Fn BIO_indent -returns 1 if successful, even if nothing was written, -or 0 if writing fails. -.Pp -.Fn BIO_number_read -and -.Fn BIO_number_written -return a number of bytes or 0 if -.Fa b -is a -.Dv NULL -pointer. -.Pp -The other functions return either the amount of data successfully -read or written (if the return value is positive) or that no data -was successfully read or written if the result is 0 or \-1. -If the return value is \-2, then the operation is not implemented -in the specific BIO type. -The trailing NUL is not included in the length returned by -.Fn BIO_gets . -.Pp -A 0 or \-1 return is not necessarily an indication of an error. -In particular when the source/sink is non-blocking or of a certain type -it may merely be an indication that no data is currently available and that -the application should retry the operation later. -.Sh SEE ALSO -.Xr BIO_meth_new 3 , -.Xr BIO_new 3 , -.Xr BIO_should_retry 3 -.Sh HISTORY -.Fn BIO_read , -.Fn BIO_gets , -.Fn BIO_write , -and -.Fn BIO_puts -first appeared in SSLeay 0.6.0. -.Fn BIO_number_read -and -.Fn BIO_number_written -first appeared in SSLeay 0.6.5. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn BIO_indent -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.4 . diff --git a/src/lib/libcrypto/man/BIO_s_accept.3 b/src/lib/libcrypto/man/BIO_s_accept.3 deleted file mode 100644 index 8e88fe1c52..0000000000 --- a/src/lib/libcrypto/man/BIO_s_accept.3 +++ /dev/null @@ -1,414 +0,0 @@ -.\" $OpenBSD: BIO_s_accept.3,v 1.16 2023/04/29 13:06:10 schwarze Exp $ -.\" full merge up to: OpenSSL c03726ca Thu Aug 27 12:28:08 2015 -0400 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000, 2014, 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: April 29 2023 $ -.Dt BIO_S_ACCEPT 3 -.Os -.Sh NAME -.Nm BIO_s_accept , -.Nm BIO_set_accept_port , -.Nm BIO_get_accept_port , -.Nm BIO_new_accept , -.Nm BIO_set_nbio_accept , -.Nm BIO_set_accept_bios , -.Nm BIO_set_bind_mode , -.Nm BIO_get_bind_mode , -.Nm BIO_do_accept -.Nd accept BIO -.Sh SYNOPSIS -.In openssl/bio.h -.Ft const BIO_METHOD * -.Fo BIO_s_accept -.Fa void -.Fc -.Ft long -.Fo BIO_set_accept_port -.Fa "BIO *b" -.Fa "char *name" -.Fc -.Ft char * -.Fo BIO_get_accept_port -.Fa "BIO *b" -.Fc -.Ft BIO * -.Fo BIO_new_accept -.Fa "const char *host_port" -.Fc -.Ft long -.Fo BIO_set_nbio_accept -.Fa "BIO *b" -.Fa "int n" -.Fc -.Ft long -.Fo BIO_set_accept_bios -.Fa "BIO *b" -.Fa "char *bio" -.Fc -.Ft long -.Fo BIO_set_bind_mode -.Fa "BIO *b" -.Fa "long mode" -.Fc -.Ft long -.Fo BIO_get_bind_mode -.Fa "BIO *b" -.Fa "long dummy" -.Fc -.Fd #define BIO_BIND_NORMAL 0 -.Fd #define BIO_BIND_REUSEADDR_IF_UNUSED 1 -.Fd #define BIO_BIND_REUSEADDR 2 -.Ft long -.Fo BIO_do_accept -.Fa "BIO *b" -.Fc -.Sh DESCRIPTION -.Fn BIO_s_accept -returns the accept BIO method. -This is a wrapper round the platform's TCP/IP socket -.Xr accept 2 -routines. -.Pp -Using accept BIOs, TCP/IP connections can be accepted -and data transferred using only BIO routines. -In this way any platform specific operations -are hidden by the BIO abstraction. -.Pp -Read and write operations on an accept BIO -will perform I/O on the underlying connection. -If no connection is established and the port (see below) is set up -properly then the BIO waits for an incoming connection. -.Pp -Accept BIOs support -.Xr BIO_puts 3 -but not -.Xr BIO_gets 3 . -.Pp -If the close flag is set on an accept BIO, then any active -connection on that chain is shut down and the socket closed when -the BIO is freed. -.Pp -Calling -.Xr BIO_reset 3 -on an accept BIO will close any active connection and reset the BIO -into a state where it awaits another incoming connection. -.Pp -.Xr BIO_get_fd 3 -and -.Xr BIO_set_fd 3 -can be called to retrieve or set the accept socket. -See -.Xr BIO_s_fd 3 . -.Pp -.Fn BIO_set_accept_port -uses the string -.Fa name -to set the accept port. -The port is represented as a string of the form -.Ar host : Ns Ar port , -where -.Ar host -is the interface to use and -.Ar port -is the port. -The host can be -.Qq * , -which is interpreted as meaning any interface; -.Ar port -has the same syntax as the port specified in -.Xr BIO_set_conn_port 3 -for connect BIOs. -It can be a numerical port string or a string to look up using -.Xr getservbyname 3 -and a string table. -.Pp -.Fn BIO_new_accept -combines -.Xr BIO_new 3 -and -.Fn BIO_set_accept_port -into a single call. -It creates a new accept BIO with port -.Fa host_port . -.Pp -.Fn BIO_set_nbio_accept -sets the accept socket to blocking mode (the default) if -.Fa n -is 0 or non-blocking mode if -.Fa n -is 1. -.Pp -.Fn BIO_set_accept_bios -can be used to set a chain of BIOs which will be duplicated -and prepended to the chain when an incoming connection is received. -This is useful if, for example, a buffering or SSL BIO -is required for each connection. -The chain of BIOs must not be freed after this call - -they will be automatically freed when the accept BIO is freed. -.Pp -.Fn BIO_set_bind_mode -and -.Fn BIO_get_bind_mode -set and retrieve the current bind mode. -If -.Dv BIO_BIND_NORMAL Pq the default -is set, then another socket cannot be bound to the same port. -If -.Dv BIO_BIND_REUSEADDR -is set, then other sockets can bind to the same port. -If -.Dv BIO_BIND_REUSEADDR_IF_UNUSED -is set, then an attempt is first made to use -.Dv BIO_BIN_NORMAL ; -if this fails and the port is not in use, -then a second attempt is made using -.Dv BIO_BIND_REUSEADDR . -.Pp -.Fn BIO_do_accept -serves two purposes. -When it is first called, after the accept BIO has been set up, -it will attempt to create the accept socket and bind an address to it. -Second and subsequent calls to -.Fn BIO_do_accept -will await an incoming connection, or request a retry in non-blocking mode. -.Sh NOTES -When an accept BIO is at the end of a chain, it will await an -incoming connection before processing I/O calls. -When an accept BIO is not at the end of a chain, -it passes I/O calls to the next BIO in the chain. -.Pp -When a connection is established, a new socket BIO is created -for the connection and appended to the chain. -That is the chain is now accept->socket. -This effectively means that attempting I/O on an initial accept -socket will await an incoming connection then perform I/O on it. -.Pp -If any additional BIOs have been set using -.Fn BIO_set_accept_bios , -then they are placed between the socket and the accept BIO; -that is, the chain will be accept->otherbios->socket. -.Pp -If a server wishes to process multiple connections (as is normally -the case), then the accept BIO must be made available for further -incoming connections. -This can be done by waiting for a connection and then calling: -.Pp -.Dl connection = BIO_pop(accept); -.Pp -After this call, -.Sy connection -will contain a BIO for the recently established connection and -.Sy accept -will now be a single BIO again which can be used -to await further incoming connections. -If no further connections will be accepted, the -.Sy accept -can be freed using -.Xr BIO_free 3 . -.Pp -If only a single connection will be processed, -it is possible to perform I/O using the accept BIO itself. -This is often undesirable however because the accept BIO -will still accept additional incoming connections. -This can be resolved by using -.Xr BIO_pop 3 -(see above) and freeing up the accept BIO after the initial connection. -.Pp -If the underlying accept socket is non-blocking and -.Fn BIO_do_accept -is called to await an incoming connection, it is possible for -.Xr BIO_should_io_special 3 -with the reason -.Dv BIO_RR_ACCEPT . -If this happens, then it is an indication that an accept attempt -would block: the application should take appropriate action -to wait until the underlying socket has accepted a connection -and retry the call. -.Pp -.Xr BIO_ctrl 3 -.Fa cmd -and -.Fa larg -arguments correspond to macros as follows: -.Bl -column BIO_C_DO_STATE_MACHINE larg BIO_get_accept_port(3) -offset 3n -.It Fa cmd No constant Ta Fa larg Ta corresponding macro -.It Dv BIO_C_DO_STATE_MACHINE Ta 0 Ta Fn BIO_do_accept -.It Dv BIO_C_GET_ACCEPT Ta 0 Ta Fn BIO_get_accept_port -.It Dv BIO_C_GET_BIND_MODE Ta 0 Ta Fn BIO_get_bind_mode -.It Dv BIO_C_GET_FD Ta 0 Ta Xr BIO_get_fd 3 -.It Dv BIO_C_SET_ACCEPT Ta 0 Ta Fn BIO_set_accept_port -.It Ta 1 Ta Fn BIO_set_nbio_accept -.It Ta 2 Ta Fn BIO_set_accept_bios -.It Dv BIO_C_SET_FD Ta Fa fd Ta Xr BIO_set_fd 3 -.It Dv BIO_C_SET_NBIO Ta Fa n Ta Xr BIO_set_nbio 3 -.It Dv BIO_C_SET_BIND_MODE Ta Fa mode Ta Fn BIO_set_bind_mode -.It Dv BIO_CTRL_GET_CLOSE Ta 0 Ta Xr BIO_get_close 3 -.It Dv BIO_CTRL_RESET Ta 0 Ta Xr BIO_reset 3 -.It Dv BIO_CTRL_SET_CLOSE Ta Fa flag Ta Xr BIO_set_close 3 -.El -.Sh RETURN VALUES -When called on an accept BIO object, -.Xr BIO_method_type 3 -returns the constant -.Dv BIO_TYPE_ACCEPT -and -.Xr BIO_method_name 3 -returns a pointer to the static string -.Qq socket accept . -.Pp -.Fn BIO_do_accept , -.Fn BIO_set_accept_port , -.Fn BIO_set_nbio_accept , -.Fn BIO_set_accept_bios , -and -.Fn BIO_set_bind_mode -return 1 for success or 0 or -1 for failure. -.Pp -.Fn BIO_get_accept_port -returns the port as a string or -.Dv NULL -on error. -.Pp -.Fn BIO_get_bind_mode -returns the set of BIO_BIND flags or -1 on failure. -.Pp -.Fn BIO_new_accept -returns a -.Vt BIO -or -.Dv NULL -on error. -.Sh EXAMPLES -This example accepts two connections on port 4444, -sends messages down each and finally closes both down. -.Bd -literal -offset 2n -BIO *abio, *cbio, *cbio2; -ERR_load_crypto_strings(); -abio = BIO_new_accept("4444"); - -/* First call to BIO_accept() sets up accept BIO */ -if (BIO_do_accept(abio) <= 0) { - fprintf(stderr, "Error setting up accept\en"); - ERR_print_errors_fp(stderr); - exit(0); -} - -/* Wait for incoming connection */ -if (BIO_do_accept(abio) <= 0) { - fprintf(stderr, "Error accepting connection\en"); - ERR_print_errors_fp(stderr); - exit(0); -} -fprintf(stderr, "Connection 1 established\en"); - -/* Retrieve BIO for connection */ -cbio = BIO_pop(abio); - -BIO_puts(cbio, "Connection 1: Sending out Data on initial connection\en"); -fprintf(stderr, "Sent out data on connection 1\en"); - -/* Wait for another connection */ -if (BIO_do_accept(abio) <= 0) { - fprintf(stderr, "Error accepting connection\en"); - ERR_print_errors_fp(stderr); - exit(0); -} -fprintf(stderr, "Connection 2 established\en"); - -/* Close accept BIO to refuse further connections */ -cbio2 = BIO_pop(abio); -BIO_free(abio); - -BIO_puts(cbio2, "Connection 2: Sending out Data on second\en"); -fprintf(stderr, "Sent out data on connection 2\en"); -BIO_puts(cbio, "Connection 1: Second connection established\en"); - -/* Close the two established connections */ -BIO_free(cbio); -BIO_free(cbio2); -.Ed -.Sh SEE ALSO -.Xr BIO_new 3 -.Sh HISTORY -.Fn BIO_s_accept , -.Fn BIO_set_accept_port , -.Fn BIO_new_accept , -.Fn BIO_set_accept_bios , -and -.Fn BIO_do_accept -first appeared in SSLeay 0.8.0. -.Fn BIO_set_nbio_accept -and -.Fn BIO_get_accept_port -first appeared in SSLeay 0.9.0. -All these functions have been available since -.Ox 2.4 . -.Pp -.Fn BIO_set_bind_mode -and -.Fn BIO_get_bind_mode -first appeared in SSLeay 0.9.1 and have been available since -.Ox 2.6 . diff --git a/src/lib/libcrypto/man/BIO_s_bio.3 b/src/lib/libcrypto/man/BIO_s_bio.3 deleted file mode 100644 index efda019df3..0000000000 --- a/src/lib/libcrypto/man/BIO_s_bio.3 +++ /dev/null @@ -1,416 +0,0 @@ -.\" $OpenBSD: BIO_s_bio.3,v 1.20 2024/05/19 07:12:50 jsg Exp $ -.\" full merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file was written by -.\" Lutz Jaenicke , -.\" Dr. Stephen Henson , -.\" Bodo Moeller , -.\" and Richard Levitte . -.\" Copyright (c) 2000, 2002, 2015, 2016 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: May 19 2024 $ -.Dt BIO_S_BIO 3 -.Os -.Sh NAME -.Nm BIO_s_bio , -.Nm BIO_make_bio_pair , -.Nm BIO_destroy_bio_pair , -.Nm BIO_shutdown_wr , -.Nm BIO_set_write_buf_size , -.Nm BIO_get_write_buf_size , -.Nm BIO_new_bio_pair , -.Nm BIO_get_write_guarantee , -.Nm BIO_ctrl_get_write_guarantee , -.Nm BIO_get_read_request , -.Nm BIO_ctrl_get_read_request , -.Nm BIO_ctrl_reset_read_request -.Nd BIO pair BIO -.Sh SYNOPSIS -.In openssl/bio.h -.Ft const BIO_METHOD * -.Fo BIO_s_bio -.Fa void -.Fc -.Ft int -.Fo BIO_make_bio_pair -.Fa "BIO *b1" -.Fa "BIO *b2" -.Fc -.Ft int -.Fo BIO_destroy_bio_pair -.Fa "BIO *b" -.Fc -.Ft int -.Fo BIO_shutdown_wr -.Fa "BIO *b" -.Fc -.Ft int -.Fo BIO_set_write_buf_size -.Fa "BIO *b" -.Fa "long size" -.Fc -.Ft size_t -.Fo BIO_get_write_buf_size -.Fa "BIO *b" -.Fa "long size" -.Fc -.Ft int -.Fo BIO_new_bio_pair -.Fa "BIO **bio1" -.Fa "size_t writebuf1" -.Fa "BIO **bio2" -.Fa "size_t writebuf2" -.Fc -.Ft int -.Fo BIO_get_write_guarantee -.Fa "BIO *b" -.Fc -.Ft size_t -.Fo BIO_ctrl_get_write_guarantee -.Fa "BIO *b" -.Fc -.Ft int -.Fo BIO_get_read_request -.Fa "BIO *b" -.Fc -.Ft size_t -.Fo BIO_ctrl_get_read_request -.Fa "BIO *b" -.Fc -.Ft int -.Fo BIO_ctrl_reset_read_request -.Fa "BIO *b" -.Fc -.Sh DESCRIPTION -.Fn BIO_s_bio -returns the method for a BIO pair. -A BIO pair is a pair of source/sink BIOs where data written to either -half of the pair is buffered and can be read from the other half. -Both halves must usually be handled by the same application thread -since no locking is done on the internal data structures. -.Pp -Since BIO chains typically end in a source/sink BIO, -it is possible to make this one half of a BIO pair and -have all the data processed by the chain under application control. -.Pp -One typical use of BIO pairs is -to place TLS/SSL I/O under application control. -This can be used when the application wishes to use a non-standard -transport for TLS/SSL or the normal socket routines are inappropriate. -.Pp -Calls to -.Xr BIO_read 3 -will read data from the buffer or request a retry if no data is available. -.Pp -Calls to -.Xr BIO_write 3 -will place data in the buffer or request a retry if the buffer is full. -.Pp -The standard calls -.Xr BIO_ctrl_pending 3 -and -.Xr BIO_ctrl_wpending 3 -can be used to determine the amount of pending data -in the read or write buffer. -.Pp -.Xr BIO_reset 3 -clears any data in the write buffer. -.Pp -.Fn BIO_make_bio_pair -joins two separate BIOs into a connected pair. -.Pp -.Fn BIO_destroy_pair -destroys the association between two connected BIOs. -Freeing up any half of the pair will automatically destroy the association. -.Pp -.Fn BIO_shutdown_wr -is used to close down a BIO -.Fa b . -After this call no further writes on BIO -.Fa b -are allowed; they will return an error. -Reads on the other half of the pair will return any pending data -or EOF when all pending data has been read. -.Pp -.Fn BIO_set_write_buf_size -sets the write buffer size of BIO -.Fa b -to -.Fa size . -If the size is not initialized, a default value is used. -This is currently 17K, sufficient for a maximum size TLS record. -When a chain containing a BIO pair is copied with -.Xr BIO_dup_chain 3 , -the write buffer size is automatically copied -from the original BIO object to the new one. -.Pp -.Fn BIO_get_write_buf_size -returns the size of the write buffer. -.Pp -.Fn BIO_new_bio_pair -combines the calls to -.Xr BIO_new 3 , -.Fn BIO_make_bio_pair -and -.Fn BIO_set_write_buf_size -to create a connected pair of BIOs -.Fa bio1 -and -.Fa bio2 -with write buffer sizes -.Fa writebuf1 -and -.Fa writebuf2 . -If either size is zero, then the default size is used. -.Fn BIO_new_bio_pair -does not check whether -.Fa bio1 -or -.Fa bio2 -point to some other BIO; the values are overwritten and -.Xr BIO_free 3 -is not called. -.Pp -.Fn BIO_get_write_guarantee -and -.Fn BIO_ctrl_get_write_guarantee -return the maximum length of data -that can be currently written to the BIO. -Writes larger than this value will return a value from -.Xr BIO_write 3 -less than the amount requested or if the buffer is full request a retry. -.Fn BIO_ctrl_get_write_guarantee -is a function whereas -.Fn BIO_get_write_guarantee -is a macro. -.Pp -.Fn BIO_get_read_request -and -.Fn BIO_ctrl_get_read_request -return the amount of data requested, or the buffer size if it is less, -if the last read attempt at the other half of the BIO pair failed -due to an empty buffer. -This can be used to determine how much data should be -written to the BIO so the next read will succeed: -this is most useful in TLS/SSL applications where the amount of -data read is usually meaningful rather than just a buffer size. -After a successful read this call will return zero. -It also will return zero once new data has been written -satisfying the read request or part of it. -Note that -.Fn BIO_get_read_request -never returns an amount larger than that returned by -.Fn BIO_get_write_guarantee . -.Pp -.Fn BIO_ctrl_reset_read_request -can also be used to reset the value returned by -.Fn BIO_get_read_request -to zero. -.Pp -Both halves of a BIO pair should be freed. -Even if one half is implicitly freed due to a -.Xr BIO_free_all 3 -or -.Xr SSL_free 3 -call, the other half still needs to be freed. -.Pp -When used in bidirectional applications (such as TLS/SSL), -care should be taken to flush any data in the write buffer. -This can be done by calling -.Xr BIO_pending 3 -on the other half of the pair and, if any data is pending, -reading it and sending it to the underlying transport. -This must be done before any normal processing (such as calling -.Xr select 2 ) -due to a request and -.Xr BIO_should_read 3 -being true. -.Pp -To see why this is important, -consider a case where a request is sent using -.Xr BIO_write 3 -and a response read with -.Xr BIO_read 3 , -this can occur during a TLS/SSL handshake for example. -.Xr BIO_write 3 -will succeed and place data in the write buffer. -.Xr BIO_read 3 -will initially fail and -.Xr BIO_should_read 3 -will be true. -If the application then waits for data to become available -on the underlying transport before flushing the write buffer, -it will never succeed because the request was never sent. -.Pp -.Xr BIO_eof 3 -is true if no data is in the peer BIO and the peer BIO has been shutdown. -.Pp -.Xr BIO_ctrl 3 -.Fa cmd -arguments correspond to macros as follows: -.Bl -column BIO_C_GET_WRITE_GUARANTEE BIO_ctrl_reset_read_request() -offset 3n -.It Fa cmd No constant Ta corresponding macro -.It Dv BIO_C_DESTROY_BIO_PAIR Ta Fn BIO_destroy_bio_pair -.It Dv BIO_C_GET_READ_REQUEST Ta Fn BIO_get_read_request -.It Dv BIO_C_GET_WRITE_BUF_SIZE Ta Fn BIO_get_write_buf_size -.It Dv BIO_C_GET_WRITE_GUARANTEE Ta Fn BIO_get_write_guarantee -.It Dv BIO_C_MAKE_BIO_PAIR Ta Fn BIO_make_bio_pair -.It Dv BIO_C_RESET_READ_REQUEST Ta Fn BIO_ctrl_reset_read_request -.It Dv BIO_C_SET_WRITE_BUF_SIZE Ta Fn BIO_set_write_buf_size -.It Dv BIO_C_SHUTDOWN_WR Ta Fn BIO_shutdown_wr -.It Dv BIO_CTRL_EOF Ta Xr BIO_eof 3 -.It Dv BIO_CTRL_GET_CLOSE Ta Xr BIO_get_close 3 -.It Dv BIO_CTRL_PENDING Ta Xr BIO_pending 3 -.It Dv BIO_CTRL_RESET Ta Xr BIO_reset 3 -.It Dv BIO_CTRL_SET_CLOSE Ta Xr BIO_set_close 3 -.It Dv BIO_CTRL_WPENDING Ta Xr BIO_wpending 3 -.El -.Sh RETURN VALUES -.Fn BIO_new_bio_pair -returns 1 on success, with the new BIOs available in -.Fa bio1 -and -.Fa bio2 , -or 0 on failure, with NULL pointers stored into the locations for -.Fa bio1 -and -.Fa bio2 . -Check the error stack for more information. -.Pp -When called on a BIO pair BIO object, -.Xr BIO_method_type 3 -returns the constant -.Dv BIO_TYPE_BIO -and -.Xr BIO_method_name 3 -returns a pointer to the static string -.Qq BIO pair . -.\" XXX More return values need to be added here. -.Sh EXAMPLES -The BIO pair can be used to have full control -over the network access of an application. -The application can call -.Xr select 2 -on the socket as required without having to go through the SSL interface. -.Bd -literal -offset 2n -BIO *internal_bio, *network_bio; -\&... -BIO_new_bio_pair(&internal_bio, 0, &network_bio, 0); -SSL_set_bio(ssl, internal_bio, internal_bio); -SSL_operations(); /* e.g. SSL_read() and SSL_write() */ -\&... - -application | TLS-engine - | | - +----------> SSL_operations() - | /\e || - | || \e/ - | BIO-pair (internal_bio) - | BIO-pair (network_bio) - | || /\e - | \e/ || - +-----------< BIO_operations() - | | - socket | - -\&... -SSL_free(ssl); /* implicitly frees internal_bio */ -BIO_free(network_bio); -\&... -.Ed -.Pp -As the BIO pair will only buffer the data and never directly access -the connection, it behaves non-blocking and will return as soon as -the write buffer is full or the read buffer is drained. -Then the application has to flush the write buffer -and/or fill the read buffer. -.Pp -Use -.Xr BIO_ctrl_pending 3 -to find out whether data is buffered in the BIO -and must be transferred to the network. -Use -.Fn BIO_ctrl_get_read_request -to find out how many bytes must be written into the buffer before the -SSL operations can successfully be continued. -.Sh SEE ALSO -.Xr BIO_new 3 , -.Xr BIO_read 3 , -.Xr BIO_should_retry 3 , -.Xr ssl 3 , -.Xr SSL_set_bio 3 -.Sh HISTORY -.Fn BIO_s_bio , -.Fn BIO_make_bio_pair , -.Fn BIO_destroy_bio_pair , -.Fn BIO_set_write_buf_size , -.Fn BIO_get_write_buf_size , -.Fn BIO_new_bio_pair , -.Fn BIO_get_write_guarantee , -.Fn BIO_ctrl_get_write_guarantee , -.Fn BIO_get_read_request , -and -.Fn BIO_ctrl_reset_read_request -first appeared in OpenSSL 0.9.4 and have been available since -.Ox 2.6 . -.Pp -.Fn BIO_ctrl_reset_read_request -first appeared in OpenSSL 0.9.5 and has been available since -.Ox 2.7 . -.Pp -.Fn BIO_shutdown_wr -first appeared in OpenSSL 0.9.6 and has been available since -.Ox 2.9 . -.Sh CAVEATS -As the data is buffered, SSL operations may return with an -.Dv ERROR_SSL_WANT_READ -condition, but there is still data in the write buffer. -An application must not rely on the error value of the SSL operation -but must assure that the write buffer is always flushed first. -Otherwise a deadlock may occur as the peer might be waiting -for the data before being able to continue. diff --git a/src/lib/libcrypto/man/BIO_s_connect.3 b/src/lib/libcrypto/man/BIO_s_connect.3 deleted file mode 100644 index bce68a26b9..0000000000 --- a/src/lib/libcrypto/man/BIO_s_connect.3 +++ /dev/null @@ -1,503 +0,0 @@ -.\" $OpenBSD: BIO_s_connect.3,v 1.19 2023/04/30 13:53:54 schwarze Exp $ -.\" full merge up to: OpenSSL 0e474b8b Nov 1 15:45:49 2015 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000, 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: April 30 2023 $ -.Dt BIO_S_CONNECT 3 -.Os -.Sh NAME -.Nm BIO_s_connect , -.Nm BIO_new_connect , -.Nm BIO_set_conn_hostname , -.Nm BIO_set_conn_port , -.Nm BIO_set_conn_ip , -.Nm BIO_set_conn_int_port , -.Nm BIO_get_conn_hostname , -.Nm BIO_get_conn_port , -.Nm BIO_get_conn_ip , -.Nm BIO_get_conn_int_port , -.Nm BIO_set_nbio , -.Nm BIO_do_connect -.Nd connect BIO -.Sh SYNOPSIS -.In openssl/bio.h -.Ft const BIO_METHOD * -.Fo BIO_s_connect -.Fa void -.Fc -.Ft BIO * -.Fo BIO_new_connect -.Fa "const char *name" -.Fc -.Ft long -.Fo BIO_set_conn_hostname -.Fa "BIO *b" -.Fa "char *name" -.Fc -.Ft long -.Fo BIO_set_conn_port -.Fa "BIO *b" -.Fa "char *port" -.Fc -.Ft long -.Fo BIO_set_conn_ip -.Fa "BIO *b" -.Fa "char *ip" -.Fc -.Ft long -.Fo BIO_set_conn_int_port -.Fa "BIO *b" -.Fa "char *port" -.Fc -.Ft char * -.Fo BIO_get_conn_hostname -.Fa "BIO *b" -.Fc -.Ft char * -.Fo BIO_get_conn_port -.Fa "BIO *b" -.Fc -.Ft char * -.Fo BIO_get_conn_ip -.Fa "BIO *b" -.Fc -.Ft long -.Fo BIO_get_conn_int_port -.Fa "BIO *b" -.Fc -.Ft long -.Fo BIO_set_nbio -.Fa "BIO *b" -.Fa "long n" -.Fc -.Ft long -.Fo BIO_do_connect -.Fa "BIO *b" -.Fc -.Sh DESCRIPTION -.Fn BIO_s_connect -returns the connect BIO method. -This is a wrapper around the platform's TCP/IP socket connection routines. -.Pp -Using connect BIOs, TCP/IP connections can be made and data -transferred using only BIO routines. -In this way any platform specific operations -are hidden by the BIO abstraction. -.Pp -Read and write operations on a connect BIO will perform I/O -on the underlying connection. -If no connection is established and the port and hostname (see below) -is set up properly, then a connection is established first. -.Pp -Connect BIOs support -.Xr BIO_puts 3 -but not -.Xr BIO_gets 3 . -.Pp -If the close flag is set on a connect BIO, then any active connection -is shutdown and the socket closed when the BIO is freed. -.Pp -Calling -.Xr BIO_reset 3 -on a connect BIO will close any active connection and reset the BIO -into a state where it can connect to the same host again. -.Pp -.Xr BIO_get_fd 3 -places the underlying socket in -.Fa c -if it is not -.Dv NULL -and also returns the socket. -If -.Fa c -is not -.Dv NULL , -it should be of type -.Vt "int *" . -.Pp -.Xr BIO_set_info_callback 3 -and -.Xr BIO_callback_ctrl 3 -with a -.Fa cmd -of -.Dv BIO_CTRL_SET_CALLBACK -save the pointer to the -.Fa cb -function internally in -.Fa b -and -.Xr BIO_get_info_callback 3 -retrieves this function pointer. -If such an info callback is installed, it is invoked whenever -a state change or error occurs in the connect BIO state machine. -The arguments of the callback include the new -.Fa state -in case of a state change or the old -.Fa state -in case of an error and the value -.Fa res -that the state machine would return to whatever operation invoked it -if no info callback had been installed. -If an info callback is installed, the state machine -returns the return value of the info callback instead. -Consequently, the info callback is supposed to usually return -.Fa res . -The precise effect of the return value depends on which operation -the state machine was invoked from. -Usually, \-1 is used to indicate failure and return values less than -or equal to zero abort the operation in question, whereas positive -values indicate success and allow the operation to proceed. -.Pp -The -.Fa state -constants passed to the callback are named according to -which operation needs to be performed next. -They are listed here in the order the states are passed through: -.Pp -.Bl -tag -width BIO_CONN_S_BLOCKED_CONNECT -offset 3n -compact -.It Dv BIO_CONN_S_BEFORE -The BIO is idle and no connection has been initiated yet. -.It Dv BIO_CONN_S_GET_IP -The hostname to connect to needs to be converted to an IP address. -.It Dv BIO_CONN_S_GET_PORT -The service name to connect to needs to be converted to a TCP port number. -.It Dv BIO_CONN_S_CREATE_SOCKET -The TCP socket needs to be created with the -.Xr socket 2 -system call. -.It Dv BIO_CONN_S_NBIO -Socket options may need to be set using -.Xr fcntl 2 -and -.Xr setsockopt 2 . -.It Dv BIO_CONN_S_CONNECT -The connection needs to be initiated with the -.Xr connect 2 -system call. -.It Dv BIO_CONN_S_BLOCKED_CONNECT -The -.Xr connect 2 -system call would have blocked and needs to be tried again. -.It Dv BIO_CONN_S_OK -The connection has been established and can now be used to transfer data. -.El -.Pp -.Fn BIO_set_conn_hostname -uses the string -.Fa name -to set the hostname. -The hostname can be an IP address. -The hostname can also include the port in the form -.Ar hostname : Ns Ar port . -It is also acceptable to use the forms -.Ar hostname Ns / Ns Pa any/other/path -or -.Ar hostname : Ns Ar port Ns / Ns Pa any/other/path . -.Pp -.Fn BIO_set_conn_port -sets the port to -.Fa port . -.Fa port -is looked up as a service using -.Xr getaddrinfo 3 . -.Pp -.Fn BIO_set_conn_ip -sets the IP address to -.Fa ip -using binary form i.e. four bytes specifying the IP address -in big-endian form. -.Pp -.Fn BIO_set_conn_int_port -sets the port using -.Fa port . -.Fa port -should -be of type -.Vt "int *" . -.Pp -.Fn BIO_get_conn_hostname -returns the hostname of the connect BIO or -.Dv NULL -if the BIO is initialized but no hostname is set. -This return value is an internal pointer which should not be modified. -.Pp -.Fn BIO_get_conn_port -returns the port as a string. -This return value is an internal pointer which should not be modified. -.Pp -.Fn BIO_get_conn_ip -returns the IP address in binary form. -.Pp -.Fn BIO_get_conn_int_port -returns the port as an -.Vt int . -.Pp -.Fn BIO_set_nbio -sets the non-blocking I/O flag to -.Fa n . -If -.Fa n -is zero then blocking I/O is set. -If -.Fa n -is 1 then non-blocking I/O is set. -Blocking I/O is the default. -The call to -.Fn BIO_set_nbio -should be made before the connection is established -because non-blocking I/O is set during the connect process. -.Pp -.Fn BIO_new_connect -combines -.Xr BIO_new 3 -and -.Fn BIO_set_conn_hostname -into a single call. -It creates a new connect BIO with -.Fa name . -.Pp -.Fn BIO_do_connect -attempts to connect the supplied BIO. -It returns 1 if the connection was established successfully. -A zero or negative value is returned if the connection -could not be established. -The call -.Xr BIO_should_retry 3 -should be used for non-blocking connect BIOs -to determine if the call should be retried. -.Pp -If blocking I/O is set then a non-positive return value from any -I/O call is caused by an error condition, although a zero return -will normally mean that the connection was closed. -.Pp -If the port name is supplied as part of the host name then this will -override any value set with -.Fn BIO_set_conn_port . -This may be undesirable if the application does not wish to allow -connection to arbitrary ports. -This can be avoided by checking for the presence of the -.Sq \&: -character in the passed hostname and either indicating an error -or truncating the string at that point. -.Pp -The values returned by -.Fn BIO_get_conn_hostname , -.Fn BIO_get_conn_port , -.Fn BIO_get_conn_ip , -and -.Fn BIO_get_conn_int_port -are updated when a connection attempt is made. -Before any connection attempt the values returned -are those set by the application itself. -.Pp -Applications do not have to call -.Fn BIO_do_connect -but may wish to do so to separate the connection process -from other I/O processing. -.Pp -If non-blocking I/O is set, -then retries will be requested as appropriate. -.Pp -In addition to -.Xr BIO_should_read 3 -and -.Xr BIO_should_write 3 -it is also possible for -.Xr BIO_should_io_special 3 -to be true during the initial connection process with the reason -.Dv BIO_RR_CONNECT . -If this is returned, it is an indication -that a connection attempt would block. -The application should then take appropriate action to wait -until the underlying socket has connected and retry the call. -.Pp -When a chain containing a connect BIO is copied with -.Xr BIO_dup_chain 3 , -.Fn BIO_set_conn_hostname , -.Fn BIO_set_conn_port , -.Fn BIO_set_nbio , -and -.Xr BIO_set_info_callback 3 -are called internally to automatically copy the hostname, port, -non-blocking I/O flag, and info callback from the original BIO object -to the new one. -.Pp -.Xr BIO_ctrl 3 -.Fa cmd -and -.Fa larg -arguments correspond to macros as follows: -.Bl -column BIO_C_DO_STATE_MACHINE larg BIO_get_conn_hostname(3) -offset 3n -.It Fa cmd No constant Ta Fa larg Ta corresponding macro -.It Dv BIO_C_DO_STATE_MACHINE Ta 0 Ta Fn BIO_do_connect -.It Dv BIO_C_GET_CONNECT Ta 0 Ta Fn BIO_get_conn_hostname -.It Ta 1 Ta Fn BIO_get_conn_port -.It Ta 2 Ta Fn BIO_get_conn_ip -.It Ta 3 Ta Fn BIO_get_conn_int_port -.It Dv BIO_C_GET_FD Ta 0 Ta Xr BIO_get_fd 3 -.It Dv BIO_C_SET_CONNECT Ta 0 Ta Fn BIO_set_conn_hostname -.It Ta 1 Ta Fn BIO_set_conn_port -.It Ta 2 Ta Fn BIO_set_conn_ip -.It Ta 3 Ta Fn BIO_set_conn_int_port -.It Dv BIO_C_SET_NBIO Ta Fa n Ta Fn BIO_set_nbio -.It Dv BIO_CTRL_GET_CLOSE Ta 0 Ta Xr BIO_get_close 3 -.It Dv BIO_CTRL_RESET Ta 0 Ta Xr BIO_reset 3 -.It Dv BIO_CTRL_SET_CLOSE Ta Fa flag Ta Xr BIO_set_close 3 -.El -.Sh RETURN VALUES -.Fn BIO_s_connect -returns the connect BIO method. -.Pp -When called on a connect BIO object, -.Xr BIO_method_type 3 -returns the constant -.Dv BIO_TYPE_CONNECT -and -.Xr BIO_method_name 3 -returns a pointer to the static string -.Qq socket connect . -.Pp -.Xr BIO_get_fd 3 -returns the socket or -1 if the BIO has not been initialized. -.Pp -.Fn BIO_set_conn_hostname , -.Fn BIO_set_conn_port , -.Fn BIO_set_conn_ip , -and -.Fn BIO_set_conn_int_port -always return 1. -.Pp -.Fn BIO_get_conn_hostname -returns the connected hostname or -.Dv NULL -if none is set. -.Pp -.Fn BIO_get_conn_port -returns a string representing the connected port or -.Dv NULL -if not set. -.Pp -.Fn BIO_get_conn_ip -returns a pointer to the connected IP address in binary form -or all zeros if not set. -.Pp -.Fn BIO_get_conn_int_port -returns the connected port or 0 if none was set. -.Pp -.Fn BIO_set_nbio -always returns 1. -.Pp -.Fn BIO_do_connect -returns 1 if the connection was successfully -established and 0 or -1 if the connection failed. -.Sh EXAMPLES -This example connects to a webserver on the local host and attempts -to retrieve a page and copy the result to standard output. -.Bd -literal -offset 2n -BIO *cbio, *out; -int len; -char tmpbuf[1024]; - -ERR_load_crypto_strings(); -cbio = BIO_new_connect("localhost:http"); -out = BIO_new_fp(stdout, BIO_NOCLOSE); -if (BIO_do_connect(cbio) <= 0) { - fprintf(stderr, "Error connecting to server\en"); - ERR_print_errors_fp(stderr); - /* whatever ... */ -} -BIO_puts(cbio, "GET / HTTP/1.0\en\en"); -for(;;) { - len = BIO_read(cbio, tmpbuf, 1024); - if (len <= 0) - break; - BIO_write(out, tmpbuf, len); -} -BIO_free(cbio); -BIO_free(out); -.Ed -.Sh SEE ALSO -.Xr BIO_new 3 -.Sh HISTORY -.Fn BIO_s_connect , -.Fn BIO_new_connect , -.Fn BIO_set_nbio , -and -.Fn BIO_do_connect -first appeared in SSLeay 0.8.0. -.Fn BIO_set_conn_hostname , -.Fn BIO_set_conn_port , -.Fn BIO_set_conn_ip , -.Fn BIO_set_conn_int_port , -.Fn BIO_get_conn_hostname , -.Fn BIO_get_conn_port , -.Fn BIO_get_conn_ip , -and -.Fn BIO_get_conn_int_port -first appeared in SSLeay 0.9.0. -All these functions have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/BIO_s_datagram.3 b/src/lib/libcrypto/man/BIO_s_datagram.3 deleted file mode 100644 index 104823e7a7..0000000000 --- a/src/lib/libcrypto/man/BIO_s_datagram.3 +++ /dev/null @@ -1,573 +0,0 @@ -.\" $OpenBSD: BIO_s_datagram.3,v 1.3 2023/04/28 16:49:00 schwarze Exp $ -.\" -.\" Copyright (c) 2022 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: April 28 2023 $ -.Dt BIO_S_DATAGRAM 3 -.Os -.Sh NAME -.Nm BIO_s_datagram , -.Nm BIO_new_dgram , -.Nm BIO_dgram_set_peer , -.Nm BIO_ctrl_dgram_connect , -.Nm BIO_dgram_get_peer , -.Nm BIO_ctrl_set_connected , -.Nm BIO_dgram_recv_timedout , -.Nm BIO_dgram_send_timedout , -.Nm BIO_dgram_non_fatal_error -.\" .Nm BIO_CTRL_DGRAM_QUERY_MTU and -.\" .Nm BIO_CTRL_DGRAM_MTU_DISCOVER are intentionally undocumented. -.\" They are almost unused, and OpenBSD does not appear to support them. -.Nd datagram socket BIO -.Sh SYNOPSIS -.In openssl/bio.h -.Ft const BIO_METHOD * -.Fn BIO_s_datagram void -.Ft BIO * -.Fo BIO_new_dgram -.Fa "int fd" -.Fa "int close_flag" -.Fc -.Ft int -.Fo BIO_dgram_set_peer -.Fa "BIO *b" -.Fa "struct sockaddr *sa" -.Fc -.Ft int -.Fo BIO_ctrl_dgram_connect -.Fa "BIO *b" -.Fa "struct sockaddr *sa" -.Fc -.Ft int -.Fo BIO_dgram_get_peer -.Fa "BIO *b" -.Fa "struct sockaddr *sa" -.Fc -.Ft int -.Fo BIO_ctrl_set_connected -.Fa "BIO *b" -.Fa "long argl" -.Fa "struct sockaddr *sa" -.Fc -.Ft int -.Fn BIO_dgram_recv_timedout "BIO *b" -.Ft int -.Fn BIO_dgram_send_timedout "BIO *b" -.Ft int -.Fn BIO_dgram_non_fatal_error "int errnum" -.Sh DESCRIPTION -.Fn BIO_s_datagram -returns the datagram socket BIO method. -The usual application is to transmit data using the IPv4 or IPv6 -.Xr udp 4 -protocol. -.Pp -When called on a datagram socket BIO object, -.Xr BIO_method_type 3 -returns the constant -.Dv BIO_TYPE_DGRAM -and -.Xr BIO_method_name 3 -returns a pointer to the static string -.Qq datagram socket . -.Ss Constructors and destructors -.Xr BIO_new 3 -allocates a new datagram socket BIO object and initializes all its data -to zero, including the datagram socket file descriptor, the peer address, -the init flag that can be retrieved with -.Xr BIO_get_init 3 , -the connected flag, the MTU, and all timeout and error information. -The reference count and the close flag are set to 1. -.Pp -.Fn BIO_new_dgram -allocates and initializes a new datagram socket BIO object with -.Xr BIO_new 3 , -sets the datagram socket file descriptor and the close flag -according to its arguments, and sets the init flag to 1. -.Pp -If the reference count reaches 0 in -.Xr BIO_free 3 -and the close and init flags are set, -.Xr shutdown 2 -and -.Xr close 2 -are called on the datagram socket file descriptor before freeing the -storage used by the BIO object. -.Pp -When a chain containing a datagram socket BIO is copied with -.Xr BIO_dup_chain 3 , -the datagram socket file descriptor, the init flag, the close flag, -the flags accessible with -.Xr BIO_test_flags 3 , -and any data that was set with -.Xr BIO_set_ex_data 3 -are automatically copied from the original BIO object to the new one, -but the peer address, the connected flag, the MTU and all timeout and -error information are not copied but instead initialized to zero. -.Ss Initialization and configuration -If the close flag is set in -.Fa b , -.Xr BIO_set_fd 3 -clears all flags that are set in -.Fa b -and if the init flag was set, it calls -.Xr shutdown 2 -and -.Xr close 2 -on the previously assigned file descriptor. -In any case, -.Xr BIO_set_fd 3 -then sets the new file descriptor and the new close flag according to -its arguments and sets the init flag to 1. -.Pp -If the init flag is set in -.Fa b , -.Xr BIO_get_fd 3 -returns its datagram socket file descriptor, and unless the -.Fa c -argument is a -.Dv NULL -pointer, it also stores the file descriptor in -.Pf * Fa c . -If the init flag is not set, -.Xr BIO_get_fd 3 -fails and returns \-1. -.Pp -.Xr BIO_set_close 3 -sets the close flag in -.Fa b -to the -.Fa flag -argument. -.Xr BIO_get_close 3 -returns the value of the close flag from -.Fa b . -.Pp -For datagram socket BIO objects, -the shutdown flag is the same flag as the close flag. -Consequently, -.Xr BIO_set_shutdown 3 -has the same effect as -.Xr BIO_set_close 3 -and -.Xr BIO_get_shutdown 3 -has the same effect as -.Xr BIO_get_close 3 . -.Pp -.Fn BIO_dgram_set_peer -copies -.Fa sa -as the peer address into -.Fa b . -.Pp -.Fn BIO_ctrl_dgram_connect -does exactly the same as -.Fn BIO_dgram_set_peer . -Its name is even more misleading than the name of -.Fn BIO_ctrl_set_connected . -In addition to what is said there, -.Fn BIO_ctrl_dgram_connect -does not even set the connected flag in -.Fa b . -.Pp -.Fn BIO_dgram_get_peer -copies the peer address from -.Fa b -to -.Pf * Fa sa . -Before calling this function, the caller has to make sure -that the peer address is indeed set in -.Fa b -and that sufficient memory is available starting at -.Fa sa -to copy a complete -.Vt struct sockaddr , -.Vt struct sockaddr_in , -or -.Vt struct sockaddr_in6 -to that place, depending on which address family -.Fa b -is currently used for. -.Pp -Unless -.Fa sa -is -.Dv NULL , -.Fn BIO_ctrl_set_connected -sets the connected flag in -.Fa b -and copies -.Fa sa -as the peer address into -.Fa b . -If -.Fa sa -is -.Dv NULL , -.Fn BIO_ctrl_set_connected -clears the connected flag and the peer address in -.Fa b . -Considering that communication using a datagram protocol is connectionless, -the name of this function is misleading. -It is neither establishing or terminating a connection nor changing -anything with respect to the state of the datagram socket, but merely -modifying some purely informational data in the wrapping BIO object. -The additional -.Fa argl -argument is passed through to the callbacks documented in -.Xr BIO_set_callback 3 -if any such callbacks are installed, but it is otherwise ignored. -.Pp -.Xr BIO_ctrl 3 -with a -.Fa cmd -of -.Dv BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT -interprets the -.Fa parg -argument as a pointer to a -.Vt struct timeval -and sets the read timeout to the specified absolute UTC time. -.Pp -.Xr BIO_ctrl 3 -with a -.Fa cmd -of -.Dv BIO_CTRL_DGRAM_SET_RECV_TIMEOUT , -.Dv BIO_CTRL_DGRAM_GET_RECV_TIMEOUT , -.Dv BIO_CTRL_DGRAM_SET_SEND_TIMEOUT , -or -.Dv BIO_CTRL_DGRAM_GET_SEND_TIMEOUT -interprets the -.Fa parg -argument as a pointer to a -.Vt struct timeval -and calls -.Xr setsockopt 2 -or -.Xr getsockopt 2 -on the datagram socket file descriptor of -.Fa b -with an argument of -.Dv SO_RCVTIMEO -or -.Dv SO_SNDTIMEO , -respectively. -.Dv BIO_CTRL_DGRAM_SET_RECV_TIMEOUT -and -.Dv BIO_CTRL_DGRAM_SET_SEND_TIMEOUT -return 1 on success, -.Dv BIO_CTRL_DGRAM_GET_RECV_TIMEOUT -and -.Dv BIO_CTRL_DGRAM_GET_SEND_TIMEOUT -the number of bytes written to -.Pf * Fa parg . -All four return \-1 on failure. -Remember that -.Xr BIO_read 3 -may actually use a shorter timeout when -.Dv BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT -is in effect. -.Pp -.Xr BIO_ctrl 3 -with a -.Fa cmd -of -.Dv BIO_CTRL_DGRAM_GET_FALLBACK_MTU -returns 1232 if the peer address is an IPv6 address that is not IPv4 mapped -or 548 otherwise. -Making sure that a peer address is set before issuing this command -is the responsibility of the caller. -.Pp -.Xr BIO_ctrl 3 -with a -.Fa cmd -of -.Dv BIO_CTRL_DGRAM_SET_MTU -sets the MTU attribute of -.Fa b -to the value of the -.Fa larg -argument and also returns that argument. -.Xr BIO_ctrl 3 -with a -.Fa cmd -of -.Dv BIO_CTRL_DGRAM_GET_MTU -returns the MTU attribute of -.Fa b -or 0 if it was not set. -.Pp -.Xr BIO_ctrl 3 -with a -.Fa cmd -of -.Dv BIO_CTRL_DGRAM_MTU_EXCEEDED -returns 1 if the most recent non-fatal failure of -.Xr BIO_read 3 -or -.Xr BIO_write 3 -was caused by -.Er EMSGSIZE -or 0 otherwise. -This command also clears the -.Xr errno 2 -value that was saved internally for this particular purpose, so that -issuing the same command again will return 0 until the next -.Er EMSGSIZE -failure occurs. -.Pp -.Fn BIO_dgram_recv_timedout -and -.Fn BIO_dgram_send_timedout -check whether the most recent non-fatal failure of -.Xr BIO_read 3 -or -.Xr BIO_write 3 -was caused by -.Er EAGAIN . -Despite having different names, both functions do exactly the same, -and both inspect the most recent non-fatal I/O failure, no matter -whether it occurred during a receive or send operation. -Both functions also clear the -.Xr errno 2 -value that was saved internally for this particular purpose, -so that calling these functions again will return 0 until the next -.Er EAGAIN -failure occurs. -.Pp -Datagram socket BIOs do not support -.Xr BIO_eof 3 , -.Xr BIO_get_mem_data 3 , -.Xr BIO_pending 3 , -.Xr BIO_reset 3 , -.Xr BIO_seek 3 , -.Xr BIO_tell 3 , -and -.Xr BIO_wpending 3 , -and attempting any such operation results in failure -and returns a value of 0. -.Pp -Control commands correspond to accessor functions as follows: -.Pp -.Bl -tag -width BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP -compact -.It Dv BIO_C_GET_FD -.Xr BIO_get_fd 3 -.It Dv BIO_C_SET_FD -.Xr BIO_set_fd 3 -.It Dv BIO_CTRL_DGRAM_CONNECT -.Fn BIO_ctrl_dgram_connect Pq deprecated -.It Dv BIO_CTRL_DGRAM_GET_PEER -.Fn BIO_dgram_get_peer -.It BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP -.Fn BIO_dgram_recv_timedout -.It BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP -.Fn BIO_dgram_send_timedout -.It Dv BIO_CTRL_DGRAM_SET_CONNECTED -.Fn BIO_ctrl_set_connected -.It Dv BIO_CTRL_DGRAM_SET_PEER -.Fn BIO_dgram_set_peer -.It Dv BIO_CTRL_GET_CLOSE -.Xr BIO_get_close 3 -.It Dv BIO_CTRL_SET_CLOSE -.Xr BIO_set_close 3 -.El -.Ss Input and output operations -.Xr BIO_read 3 -attempts to read up to -.Fa len -bytes into -.Fa buf -from the datagram socket file descriptor using -.Xr recvfrom 2 . -If a read timeout is set, -.Xr setsockopt 2 -is used with an argument of -.Dv SO_RCVTIMEO -to temporarily shorten the timeout on the datagram socket during the -.Xr recvfrom 2 -call such that it returns before the read timeout expires. -.Pp -If -.Xr recvfrom 2 -succeeds and the connected flag is not yet set, -.Xr BIO_read 3 -also copies the peer address received from -.Xr recvfrom 2 -into -.Fa b . -.Pp -If -.Xr recvfrom 2 -is attempted, -.Xr BIO_read 3 -clears the flags -.Dv BIO_FLAGS_WRITE -and -.Dv BIO_FLAGS_IO_SPECIAL -in -.Fa b -and clears or sets the flags -.Dv BIO_FLAGS_READ -and -.Dv BIO_FLAGS_SHOULD_RETRY -as appropriate. -.Pp -If the connected flag is set in -.Fa b , -.Xr BIO_write 3 -attempts to -.Xr write 2 -.Fa len -bytes from -.Fa buf -to the datagram socket file descriptor. -If the connected flag is not set, it attempts to transmit -.Fa len -bytes from -.Fa buf -to the peer using -.Xr sendto 2 . -.Pp -If -.Xr write 2 -or -.Xr sendto 2 -is attempted, -.Xr BIO_write 3 -clears the flags -.Dv BIO_FLAGS_READ -and -.Dv BIO_FLAGS_IO_SPECIAL -in -.Fa b -and clears or sets the flags -.Dv BIO_FLAGS_WRITE -and -.Dv BIO_FLAGS_SHOULD_RETRY -as appropriate. -.Pp -The effect of -.Xr BIO_puts 3 -is similar to the effect of -.Xr BIO_write 3 -with a -.Fa len -argument of -.Fn strlen string . -.Pp -Datagram socket BIOs do not support -.Xr BIO_gets 3 . -Calling this function fails and returns \-2. -.Pp -.Xr BIO_flush 3 -has no effect on a datagram socket BIO. -It always succeeds and returns 1. -.Sh RETURN VALUES -.Fn BIO_s_datagram -returns the datagram socket BIO method. -.Pp -.Fn BIO_new_dgram -returns a newly allocated datagram socket BIO object or -.Dv NULL -on failure. -.Pp -.Fn BIO_dgram_set_peer , -.Fn BIO_ctrl_dgram_connect , -and -.Fn BIO_ctrl_set_connected -return 1 on success or a value less than or equal to zero on failure. -They can only fail if -.Fa b -is not a datagram socket BIO object. -.Pp -.Fn BIO_dgram_get_peer -returns the number of bytes copied to -.Fa sa -or a value less than or equal to zero on failure. -It can only fail if -.Fa b -is not a datagram socket BIO object. -.Pp -.Fn BIO_dgram_recv_timedout -and -.Fn BIO_dgram_send_timedout -return 1 if the most recent non-fatal I/O error was caused by -.Er EAGAIN -or 0 otherwise. -.Pp -.Fn BIO_dgram_non_fatal_error -returns 1 if -.Fa errnum -is -.Er EAGAIN , -.Er EALREADY , -.Er EINPROGRESS , -or -.Er EINTR -or 0 otherwise, even if -.Fa errnum -is 0. -.Sh SEE ALSO -.Xr close 2 , -.Xr getsockopt 2 , -.Xr recvfrom 2 , -.Xr sendto 2 , -.Xr shutdown 2 , -.Xr BIO_ctrl 3 , -.Xr BIO_get_init 3 , -.Xr BIO_new 3 , -.Xr BIO_read 3 , -.Xr BIO_s_connect 3 , -.Xr BIO_set_fd 3 , -.Xr BIO_should_retry 3 , -.Xr udp 4 -.Sh HISTORY -.Fn BIO_s_datagram , -.Fn BIO_new_dgram , -.Fn BIO_dgram_set_peer , -.Fn BIO_ctrl_dgram_connect , -.Fn BIO_ctrl_set_connected , -.Fn BIO_dgram_recv_timedout , -.Fn BIO_dgram_send_timedout , -and -.Fn BIO_dgram_non_fatal_error -first appeared in OpenSSL 0.9.8 and have been available since -.Ox 4.5 . -.Pp -.Fn BIO_dgram_get_peer -first appeared in OpenSSL 0.9.8m and has been available since -.Ox 4.9 . -.Sh BUGS -If -.Xr getsockopt 2 -or -.Xr setsockopt 2 -fails during -.Xr BIO_read 3 , -the library prints an error message to standard error output -but otherwise ignores the problem, thus possibly using unintended -timeout values. -.Pp -.Xr BIO_read 3 -and -.Xr BIO_write 3 -may clear the global variable -.Xr errno 2 -before attempting the -.Xr recvfrom 2 -or -.Xr sendto 2 -system call but may not clear it if they fail before reaching this point. diff --git a/src/lib/libcrypto/man/BIO_s_fd.3 b/src/lib/libcrypto/man/BIO_s_fd.3 deleted file mode 100644 index 852a06756a..0000000000 --- a/src/lib/libcrypto/man/BIO_s_fd.3 +++ /dev/null @@ -1,290 +0,0 @@ -.\" $OpenBSD: BIO_s_fd.3,v 1.13 2023/11/16 20:19:23 schwarze Exp $ -.\" full merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2022 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 16 2023 $ -.Dt BIO_S_FD 3 -.Os -.Sh NAME -.Nm BIO_s_fd , -.Nm BIO_set_fd , -.Nm BIO_get_fd , -.Nm BIO_new_fd , -.Nm BIO_fd_non_fatal_error , -.Nm BIO_fd_should_retry -.Nd file descriptor BIO -.Sh SYNOPSIS -.In openssl/bio.h -.Ft const BIO_METHOD * -.Fo BIO_s_fd -.Fa "void" -.Fc -.Ft long -.Fo BIO_set_fd -.Fa "BIO *b" -.Fa "int fd" -.Fa "long close_flag" -.Fc -.Ft long -.Fo BIO_get_fd -.Fa "BIO *b" -.Fa "int *c" -.Fc -.Ft BIO * -.Fo BIO_new_fd -.Fa "int fd" -.Fa "int close_flag" -.Fc -.Ft int -.Fn BIO_fd_non_fatal_error "int errnum" -.Ft int -.Fn BIO_fd_should_retry "int retval" -.Sh DESCRIPTION -.Fn BIO_s_fd -returns the file descriptor BIO method. -This is a wrapper around the platform's file descriptor routines such as -.Xr read 2 -and -.Xr write 2 . -.Pp -.Xr BIO_read 3 -and -.Xr BIO_write 3 -read or write the underlying descriptor. -.Xr BIO_puts 3 -is supported but -.Xr BIO_gets 3 -is not. -.Pp -If the close flag is set, -.Xr close 2 -is called on the underlying file descriptor when the -.Vt BIO -is freed. -.Pp -.Xr BIO_reset 3 -attempts to set the file pointer to the start of the file using -.Fn lseek fd 0 0 . -.Pp -.Xr BIO_seek 3 -sets the file pointer to position -.Fa ofs -from start of file using -.Fn lseek fd ofs 0 . -.Pp -.Xr BIO_tell 3 -returns the current file position by calling -.Fn lseek fd 0 1 . -.Pp -.Fn BIO_set_fd -sets the file descriptor of -.Vt BIO -.Fa b -to -.Fa fd -and the close flag to -.Fa close_flag . -.Pp -.Fn BIO_get_fd -places the file descriptor in -.Fa c -if it is not -.Dv NULL -and also returns the file descriptor. -.Pp -.Fn BIO_new_fd -returns a file descriptor BIO using -.Fa fd -and -.Fa close_flag . -.Pp -.Fn BIO_fd_non_fatal_error -determines whether the error status code -.Fa errnum -represents a recoverable error. -.Fn BIO_fd_should_retry -determines whether a recoverable error occurred by inspecting both -.Xr errno 2 -and -.Fa retval , -which is supposed to usually be -the return value of a previously called function like -.Xr BIO_read 3 -or -.Xr BIO_write 3 . -These two functions are mostly used internally; in application code, -it is usually easier and more robust to use -.Xr BIO_should_retry 3 , -which works for any BIO type. -.Pp -The behaviour of -.Xr BIO_read 3 -and -.Xr BIO_write 3 -depends on the behavior of the platform's -.Xr read 2 -and -.Xr write 2 -calls on the descriptor. -If the underlying file descriptor is in a non-blocking mode, -then the BIO will behave in the manner described in the -.Xr BIO_read 3 -and -.Xr BIO_should_retry 3 -manual pages. -.Pp -File descriptor BIOs should not be used for socket I/O. -Use socket BIOs instead. -.Pp -.Xr BIO_ctrl 3 -.Fa cmd -arguments correspond to macros as follows: -.Bl -column BIO_CTRL_GET_CLOSE BIO_get_close(3) -offset 3n -.It Fa cmd No constant Ta corresponding macro -.It Dv BIO_C_FILE_SEEK Ta Xr BIO_seek 3 -.It Dv BIO_C_FILE_TELL Ta Xr BIO_tell 3 -.It Dv BIO_C_GET_FD Ta Fn BIO_get_fd -.It Dv BIO_C_SET_FD Ta Fn BIO_set_fd -.It Dv BIO_CTRL_GET_CLOSE Ta Xr BIO_get_close 3 -.It Dv BIO_CTRL_RESET Ta Xr BIO_reset 3 -.It Dv BIO_CTRL_SET_CLOSE Ta Xr BIO_set_close 3 -.El -.Sh RETURN VALUES -.Fn BIO_s_fd -returns the file descriptor BIO method. -.Pp -When called on a file descriptor BIO object, -.Xr BIO_method_type 3 -returns the constant -.Dv BIO_TYPE_FD -and -.Xr BIO_method_name 3 -returns a pointer to the static string -.Qq file descriptor . -.Pp -.Fn BIO_set_fd -always returns 1. -.Pp -.Fn BIO_get_fd -returns the file descriptor or -1 if the -.Vt BIO -has not been initialized. -.Pp -.Fn BIO_new_fd -returns the newly allocated -.Vt BIO -or -.Dv NULL -if an error occurred. -.Pp -.Fn BIO_fd_non_fatal_error -returns 1 if -.Fa errnum -is -.Dv EAGAIN , -.Dv EALREADY , -.Dv EINPROGRESS , -.Dv EINTR , -or -.Dv ENOTCONN -and 0 otherwise, even if -.Fa errnum -is 0. -.Pp -.Fn BIO_fd_should_retry -returns 1 if -.Fn BIO_fd_non_fatal_error errno -is 1 and -.Fa retval -is either 0 or \-1, or 0 otherwise. -.Sh EXAMPLES -This is a file descriptor BIO version of "Hello World": -.Bd -literal -offset indent -BIO *out; -out = BIO_new_fd(fileno(stdout), BIO_NOCLOSE); -BIO_printf(out, "Hello World\en"); -BIO_free(out); -.Ed -.Sh SEE ALSO -.Xr BIO_new 3 , -.Xr BIO_read 3 , -.Xr BIO_s_socket 3 , -.Xr BIO_seek 3 , -.Xr BIO_should_retry 3 -.Sh HISTORY -.Fn BIO_s_fd , -.Fn BIO_set_fd , -and -.Fn BIO_get_fd -first appeared in SSLeay 0.6.0, -.Fn BIO_fd_should_retry -in SSLeay 0.6.5, and -.Fn BIO_new_fd -and -.Fn BIO_fd_non_fatal_error -in SSLeay 0.8.0. -All these functions have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/BIO_s_file.3 b/src/lib/libcrypto/man/BIO_s_file.3 deleted file mode 100644 index 14950cad13..0000000000 --- a/src/lib/libcrypto/man/BIO_s_file.3 +++ /dev/null @@ -1,377 +0,0 @@ -.\" $OpenBSD: BIO_s_file.3,v 1.17 2023/11/16 20:19:23 schwarze Exp $ -.\" full merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" selective merge up to: OpenSSL 1212818e Sep 11 13:22:14 2018 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000, 2010 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 16 2023 $ -.Dt BIO_S_FILE 3 -.Os -.Sh NAME -.Nm BIO_s_file , -.Nm BIO_new_file , -.Nm BIO_new_fp , -.Nm BIO_set_fp , -.Nm BIO_get_fp , -.Nm BIO_read_filename , -.Nm BIO_write_filename , -.Nm BIO_append_filename , -.Nm BIO_rw_filename -.\" Nm BIO_CTRL_SET_FILENAME is unused and intentionally undocumented. -.Nd FILE BIO -.Sh SYNOPSIS -.In openssl/bio.h -.Ft const BIO_METHOD * -.Fo BIO_s_file -.Fa void -.Fc -.Ft BIO * -.Fo BIO_new_file -.Fa "const char *filename" -.Fa "const char *mode" -.Fc -.Ft BIO * -.Fo BIO_new_fp -.Fa "FILE *stream" -.Fa "int flags" -.Fc -.Ft long -.Fo BIO_set_fp -.Fa "BIO *b" -.Fa "FILE *fp" -.Fa "int flags" -.Fc -.Ft long -.Fo BIO_get_fp -.Fa "BIO *b" -.Fa "FILE **fpp" -.Fc -.Ft long -.Fo BIO_read_filename -.Fa "BIO *b" -.Fa "char *name" -.Fc -.Ft long -.Fo BIO_write_filename -.Fa "BIO *b" -.Fa "char *name" -.Fc -.Ft long -.Fo BIO_append_filename -.Fa "BIO *b" -.Fa "char *name" -.Fc -.Ft long -.Fo BIO_rw_filename -.Fa "BIO *b" -.Fa "char *name" -.Fc -.Sh DESCRIPTION -.Fn BIO_s_file -returns the BIO file method. -As its name implies, it is a wrapper around the stdio -.Vt FILE -structure and it is a source/sink BIO. -.Pp -Calls to -.Xr BIO_read 3 -and -.Xr BIO_write 3 -read and write data to the underlying stream. -.Xr BIO_gets 3 -and -.Xr BIO_puts 3 -are supported on file BIOs. -.Pp -.Xr BIO_flush 3 -on a file BIO calls the -.Xr fflush 3 -function on the wrapped stream. -.Pp -.Xr BIO_reset 3 -attempts to change the file pointer to the start of file using -.Fn fseek stream 0 0 . -.Pp -.Xr BIO_seek 3 -sets the file pointer to position -.Fa ofs -from the start of the file using -.Fn fseek stream ofs 0 . -.Pp -.Xr BIO_eof 3 -calls -.Xr feof 3 . -.Pp -Setting the -.Dv BIO_CLOSE -flag calls -.Xr fclose 3 -on the stream when the BIO is freed. -.Pp -.Fn BIO_new_file -creates a new file BIO with mode -.Fa mode . -The meaning of -.Fa mode -is the same as for the stdio function -.Xr fopen 3 . -The -.Dv BIO_CLOSE -flag is set on the returned BIO. -.Pp -.Fn BIO_new_fp -creates a file BIO wrapping -.Fa stream . -Flags can be: -.Dv BIO_CLOSE , BIO_NOCLOSE Pq the close flag , -.Dv BIO_FP_TEXT -(sets the underlying stream to text mode, default is binary: -this only has any effect under Win32). -.Pp -.Fn BIO_set_fp -sets the file pointer of a file BIO to -.Fa fp . -.Fa flags -has the same meaning as in -.Fn BIO_new_fp . -.Pp -.Fn BIO_get_fp -retrieves the file pointer of a file BIO. -.Pp -.Xr BIO_seek 3 -sets the position pointer to -.Fa offset -bytes from the start of file. -.Pp -.Xr BIO_tell 3 -returns the value of the position pointer. -.Pp -.Fn BIO_read_filename , -.Fn BIO_write_filename , -.Fn BIO_append_filename , -and -.Fn BIO_rw_filename -set the file BIO -.Fa b -to use file -.Fa name -for reading, writing, append or read write respectively. -.Pp -When wrapping stdout, stdin, or stderr, the underlying stream -should not normally be closed, so the -.Dv BIO_NOCLOSE -flag should be set. -.Pp -Because the file BIO calls the underlying stdio functions, any quirks -in stdio behaviour will be mirrored by the corresponding BIO. -.Pp -On Windows, -.Fn BIO_new_files -reserves for the filename argument to be UTF-8 encoded. -In other words, if you have to make it work in a multi-lingual -environment, encode file names in UTF-8. -.Pp -The following -.Xr BIO_ctrl 3 -.Fa cmd -constants correspond to macros: -.Bl -column BIO_C_GET_FILE_PTR "corresponding macro" -offset 3n -.It Fa cmd No constant Ta corresponding macro -.It Dv BIO_C_FILE_SEEK Ta Xr BIO_seek 3 -.It Dv BIO_C_FILE_TELL Ta Xr BIO_tell 3 -.It Dv BIO_C_GET_FILE_PTR Ta Fn BIO_get_fp -.It Dv BIO_C_SET_FILE_PTR Ta Fn BIO_set_fp -.It Dv BIO_C_SET_FILENAME Ta various, see below -.It Dv BIO_CTRL_EOF Ta Xr BIO_eof 3 -.It Dv BIO_CTRL_FLUSH Ta Xr BIO_flush 3 -.It Dv BIO_CTRL_GET_CLOSE Ta Xr BIO_get_close 3 -.It Dv BIO_CTRL_RESET Ta Xr BIO_reset 3 -.It Dv BIO_CTRL_SET_CLOSE Ta Xr BIO_set_close 3 -.El -.Pp -The meaning of -.Dv BIO_C_SET_FILENAME -depends on the flags passed in the -.Xr BIO_ctrl 3 -.Fa larg -argument: -.Bl -column "BIO_CLOSE | BIO_FP_READ | BIO_FP_WRITE" "BIO_append_filename()"\ - -offset 3n -.It Fa larg No argument Ta corresponding macro -.It Dv BIO_CLOSE | BIO_FP_READ Ta Fn BIO_read_filename -.It Dv BIO_CLOSE | BIO_FP_WRITE Ta Fn BIO_write_filename -.It Dv BIO_CLOSE | BIO_FP_APPEND Ta Fn BIO_append_filename -.It Dv BIO_CLOSE | BIO_FP_READ | BIO_FP_WRITE Ta Fn BIO_rw_filename -.El -.Sh RETURN VALUES -.Fn BIO_s_file -returns the file BIO method. -.Pp -.Fn BIO_new_file -and -.Fn BIO_new_fp -return a file BIO or -.Dv NULL -if an error occurred. -.Pp -When called on a file BIO object, -.Xr BIO_method_type 3 -returns the constant -.Dv BIO_TYPE_FILE -and -.Xr BIO_method_name 3 -returns a pointer to the static string -.Qq FILE pointer . -.Pp -.Fn BIO_set_fp -and -.Fn BIO_get_fp -return 1 for success or 0 for failure (although the current -implementation never returns 0). -.Pp -.Xr BIO_seek 3 -returns the same value as the underlying -.Xr fseek 3 -function: 0 for success or -1 for failure. -.Pp -.Xr BIO_tell 3 -returns the current file position. -.Pp -.Fn BIO_read_filename , -.Fn BIO_write_filename , -.Fn BIO_append_filename , -and -.Fn BIO_rw_filename -return 1 for success or 0 for failure. -.Sh EXAMPLES -File BIO "hello world": -.Bd -literal -offset indent -BIO *bio_out; -bio_out = BIO_new_fp(stdout, BIO_NOCLOSE); -BIO_printf(bio_out, "Hello World\en"); -.Ed -.Pp -Alternative technique: -.Bd -literal -offset indent -BIO *bio_out; -bio_out = BIO_new(BIO_s_file()); -if(bio_out == NULL) /* Error ... */ -if(!BIO_set_fp(bio_out, stdout, BIO_NOCLOSE)) /* Error ... */ -BIO_printf(bio_out, "Hello World\en"); -.Ed -.Pp -Write to a file: -.Bd -literal -offset indent -BIO *out; -out = BIO_new_file("filename.txt", "w"); -if(!out) /* Error occurred */ -BIO_printf(out, "Hello World\en"); -BIO_free(out); -.Ed -.Pp -Alternative technique: -.Bd -literal -offset indent -BIO *out; -out = BIO_new(BIO_s_file()); -if(out == NULL) /* Error ... */ -if(!BIO_write_filename(out, "filename.txt")) /* Error ... */ -BIO_printf(out, "Hello World\en"); -BIO_free(out); -.Ed -.Sh SEE ALSO -.Xr BIO_new 3 , -.Xr BIO_read 3 , -.Xr BIO_seek 3 -.Sh HISTORY -.Fn BIO_s_file , -.Fn BIO_set_fp , -.Fn BIO_get_fp , -.Fn BIO_read_filename , -.Fn BIO_write_filename , -and -.Fn BIO_append_filename -first appeared in SSLeay 0.6.0. -.Fn BIO_new_file -and -.Fn BIO_new_fp -first appeared in SSLeay 0.8.0. -All these functions have been available since -.Ox 2.4 . -.Pp -.Fn BIO_rw_filename -first appeared in SSLeay 0.9.1 and has been available since -.Ox 2.6 . -.Sh BUGS -.Xr BIO_reset 3 -and -.Xr BIO_seek 3 -are implemented using -.Xr fseek 3 -on the underlying stream. -The return value for -.Xr fseek 3 -is 0 for success or -1 if an error occurred. -This differs from other types of BIO which will typically return -1 for success and a non-positive value if an error occurred. diff --git a/src/lib/libcrypto/man/BIO_s_mem.3 b/src/lib/libcrypto/man/BIO_s_mem.3 deleted file mode 100644 index d7bbf6af43..0000000000 --- a/src/lib/libcrypto/man/BIO_s_mem.3 +++ /dev/null @@ -1,306 +0,0 @@ -.\" $OpenBSD: BIO_s_mem.3,v 1.19 2023/11/16 20:19:23 schwarze Exp $ -.\" full merge up to: OpenSSL 8711efb4 Mon Apr 20 11:33:12 2009 +0000 -.\" selective merge up to: OpenSSL 36359cec Mar 7 14:37:23 2018 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 16 2023 $ -.Dt BIO_S_MEM 3 -.Os -.Sh NAME -.Nm BIO_s_mem , -.Nm BIO_set_mem_eof_return , -.Nm BIO_get_mem_data , -.Nm BIO_set_mem_buf , -.Nm BIO_get_mem_ptr , -.Nm BIO_new_mem_buf -.Nd memory BIO -.Sh SYNOPSIS -.In openssl/bio.h -.Ft const BIO_METHOD * -.Fo BIO_s_mem -.Fa "void" -.Fc -.Ft long -.Fo BIO_set_mem_eof_return -.Fa "BIO *b" -.Fa "int v" -.Fc -.Ft long -.Fo BIO_get_mem_data -.Fa "BIO *b" -.Fa "char **pp" -.Fc -.Ft long -.Fo BIO_set_mem_buf -.Fa "BIO *b" -.Fa "BUF_MEM *bm" -.Fa "int c" -.Fc -.Ft long -.Fo BIO_get_mem_ptr -.Fa "BIO *b" -.Fa "BUF_MEM **pp" -.Fc -.Ft BIO * -.Fo BIO_new_mem_buf -.Fa "const void *buf" -.Fa "int len" -.Fc -.Sh DESCRIPTION -.Fn BIO_s_mem -returns the memory BIO method function. -.Pp -A memory BIO is a source/sink BIO which uses memory for its I/O. -Data written to a memory BIO is stored in a -.Vt BUF_MEM -structure which is extended as appropriate to accommodate the stored data. -.Pp -Any data written to a memory BIO can be recalled by reading from it. -Unless the memory BIO is read only, -any data read from it is deleted from the BIO. -To find out whether a memory BIO is read only, -.Xr BIO_test_flags 3 -can be called with an argument of -.Dv BIO_FLAGS_MEM_RDONLY . -.Pp -Memory BIOs support -.Xr BIO_gets 3 -and -.Xr BIO_puts 3 . -.Pp -If the -.Dv BIO_CLOSE -flag is set when a memory BIO is freed, the underlying -.Dv BUF_MEM -structure is also freed. -.Pp -Calling -.Xr BIO_reset 3 -on a read/write memory BIO clears any data in it. -On a read only BIO it restores the BIO to its original state -and the read only data can be read again. -.Pp -.Xr BIO_eof 3 -is true if no data is in the BIO. -.Pp -.Xr BIO_ctrl_pending 3 -returns the number of bytes currently stored. -.Pp -.Fn BIO_set_mem_eof_return -sets the behaviour of memory BIO -.Fa b -when it is empty. -If -.Fa v -is zero, then an empty memory BIO will return EOF: -it will return zero and -.Fn BIO_should_retry -will be false. -If -.Fa v -is non-zero then it will return -.Fa v -when it is empty and it will set the read retry flag: -.Fn BIO_read_retry -is true. -To avoid ambiguity with a normal positive return value -.Fa v -should be set to a negative value, typically -1. -.Pp -.Fn BIO_get_mem_data -sets -.Pf * Fa pp -to a pointer to the start of the memory BIO's data -and returns the total amount of data available. -.Pp -.Fn BIO_set_mem_buf -sets the internal BUF_MEM structure to -.Fa bm -and sets the close flag to -.Fa c . -That is, -.Fa c -should be either -.Dv BIO_CLOSE -or -.Dv BIO_NOCLOSE . -.Pp -.Fn BIO_get_mem_ptr -places the underlying -.Vt BUF_MEM -structure in -.Pf * Fa pp . -.Pp -.Fn BIO_new_mem_buf -creates a memory BIO using -.Fa len -bytes of data at -.Fa buf . -If -.Fa len -is -1, then -.Fa buf -is assumed to be NUL terminated and its length is determined by -.Xr strlen 3 . -The BIO is set to a read only state and as a result cannot be written to. -This is useful when some data needs to be made available -from a static area of memory in the form of a BIO. -The supplied data is read directly from the supplied buffer: -it is -.Em not -copied first, so the supplied area of memory must be unchanged -until the BIO is freed. -.Pp -Writes to memory BIOs will always succeed if memory is available: -their size can grow indefinitely. -.Pp -.Xr BIO_ctrl 3 -.Fa cmd -arguments correspond to macros as follows: -.Bl -column BIO_C_SET_BUF_MEM_EOF_RETURN BIO_set_mem_eof_return() -offset 3n -.It Fa cmd No constant Ta corresponding macro -.It Dv BIO_C_GET_BUF_MEM_PTR Ta Fn BIO_get_mem_ptr -.It Dv BIO_C_SET_BUF_MEM Ta Fn BIO_set_mem_buf -.It Dv BIO_C_SET_BUF_MEM_EOF_RETURN Ta Fn BIO_set_mem_eof_return -.It Dv BIO_CTRL_EOF Ta Xr BIO_eof 3 -.It Dv BIO_CTRL_GET_CLOSE Ta Xr BIO_get_close 3 -.It Dv BIO_CTRL_INFO Ta Fn BIO_get_mem_data -.It Dv BIO_CTRL_PENDING Ta Xr BIO_pending 3 -.It Dv BIO_CTRL_RESET Ta Xr BIO_reset 3 -.It Dv BIO_CTRL_SET_CLOSE Ta Xr BIO_set_close 3 -.It Dv BIO_CTRL_WPENDING Ta Xr BIO_wpending 3 -.El -.Sh RETURN VALUES -.Fn BIO_s_mem -returns a pointer to a static object. -.Pp -When called on a memory BIO object, -.Xr BIO_method_type 3 -returns the constant -.Dv BIO_TYPE_MEM -and -.Xr BIO_method_name 3 -returns a pointer to the static string -.Qq memory buffer . -.Pp -.Fn BIO_set_mem_eof_return , -.Fn BIO_get_mem_data , -.Fn BIO_set_mem_buf , -and -.Fn BIO_get_mem_ptr -return 1 on success or a value less than or equal to 0 if an error occurred. -.Pp -.Fn BIO_new_mem_buf -returns a newly allocated -.Vt BIO -object on success or -.Dv NULL -on error. -.Sh EXAMPLES -Create a memory BIO and write some data to it: -.Bd -literal -offset indent -BIO *mem = BIO_new(BIO_s_mem()); -BIO_puts(mem, "Hello World\en"); -.Ed -.Pp -Create a read only memory BIO: -.Bd -literal -offset indent -char data[] = "Hello World"; -BIO *mem; -mem = BIO_new_mem_buf(data, -1); -.Ed -.Pp -Extract the -.Vt BUF_MEM -structure from a memory BIO and then free up the BIO: -.Bd -literal -offset indent -BUF_MEM *bptr; -BIO_get_mem_ptr(mem, &bptr); -/* Make sure BIO_free() leaves BUF_MEM alone. */ -BIO_set_close(mem, BIO_NOCLOSE); -BIO_free(mem); -.Ed -.Sh SEE ALSO -.Xr BIO_new 3 , -.Xr BUF_MEM_new 3 -.Sh HISTORY -.Fn BIO_s_mem -first appeared in SSLeay 0.6.0. -.Fn BIO_set_mem_buf -and -.Fn BIO_get_mem_ptr -first appeared in SSLeay 0.6.5. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn BIO_set_mem_eof_return -and -.Fn BIO_get_mem_data -first appeared in SSLeay 0.9.1 and have been available since -.Ox 2.6 . -.Pp -.Fn BIO_new_mem_buf -first appeared in OpenSSL 0.9.5 and has been available since -.Ox 2.7 . -.Sh CAVEATS -Do not manually switch a writable memory BIO to read-only mode: calling -.Xr BIO_set_flags 3 -with an argument of -.Dv BIO_FLAGS_MEM_RDONLY -will ultimately result in a memory leak when the BIO object is -finally handed to -.Xr BIO_free 3 . -It might also cause security issues because it prevents -.Xr BIO_reset 3 -from clearing the data. -.Sh BUGS -There should be an option to set the maximum size of a memory BIO. -.Pp -There should be a way to "rewind" a read/write BIO without destroying -its contents. diff --git a/src/lib/libcrypto/man/BIO_s_null.3 b/src/lib/libcrypto/man/BIO_s_null.3 deleted file mode 100644 index 6e7cad6d37..0000000000 --- a/src/lib/libcrypto/man/BIO_s_null.3 +++ /dev/null @@ -1,101 +0,0 @@ -.\" $OpenBSD: BIO_s_null.3,v 1.10 2023/04/11 16:58:43 schwarze Exp $ -.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: April 11 2023 $ -.Dt BIO_S_NULL 3 -.Os -.Sh NAME -.Nm BIO_s_null -.\" .Nm BIO_s_log is intentionally undocumented because it is unused -.Nd null data sink -.Sh SYNOPSIS -.In openssl/bio.h -.Ft const BIO_METHOD * -.Fo BIO_s_null -.Fa void -.Fc -.Sh DESCRIPTION -.Fn BIO_s_null -returns the null sink BIO method. -Data written to the null sink is discarded, reads return EOF. -.Pp -A null sink BIO behaves in a similar manner to the -.Xr null 4 -device. -.Pp -A null BIO can be placed on the end of a chain to discard any data -passed through it. -.Pp -A null sink is useful if, for example, an application wishes -to digest some data by writing through a digest bio -but not send the digested data anywhere. -Since a BIO chain must normally include a source/sink BIO, -this can be achieved by adding a null sink BIO to the end of the chain. -.Sh RETURN VALUES -.Fn BIO_s_null -returns the null sink BIO method. -.Pp -When called on a null sink BIO object, -.Xr BIO_method_type 3 -returns the constant -.Dv BIO_TYPE_NULL -and -.Xr BIO_method_name 3 -returns a pointer to the static string -.Qq NULL , -not to be confused with a NUL string nor with a -.Dv NULL -pointer. -.Sh SEE ALSO -.Xr BIO_new 3 -.Sh HISTORY -.Fn BIO_s_null -first appeared in SSLeay 0.6.0 and has been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/BIO_s_socket.3 b/src/lib/libcrypto/man/BIO_s_socket.3 deleted file mode 100644 index 402622b3bd..0000000000 --- a/src/lib/libcrypto/man/BIO_s_socket.3 +++ /dev/null @@ -1,125 +0,0 @@ -.\" $OpenBSD: BIO_s_socket.3,v 1.10 2023/04/11 16:58:43 schwarze Exp $ -.\" OpenSSL bbdc9c98 Oct 19 22:02:21 2000 +0000 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: April 11 2023 $ -.Dt BIO_S_SOCKET 3 -.Os -.Sh NAME -.Nm BIO_s_socket , -.Nm BIO_new_socket -.Nd socket BIO -.Sh SYNOPSIS -.In openssl/bio.h -.Ft const BIO_METHOD * -.Fo BIO_s_socket -.Fa void -.Fc -.Ft BIO * -.Fo BIO_new_socket -.Fa "int sock" -.Fa "int close_flag" -.Fc -.Sh DESCRIPTION -.Fn BIO_s_socket -returns the socket BIO method. -This is a wrapper around the platform's socket routines. -.Pp -.Xr BIO_read 3 -and -.Xr BIO_write 3 -read or write the underlying socket. -.Xr BIO_puts 3 -is supported but -.Xr BIO_gets 3 -is not. -.Pp -If the close flag is set, then the socket is shut down and closed -when the BIO is freed. -.Pp -.Fn BIO_new_socket -returns a socket BIO using -.Fa sock -and -.Fa close_flag . -.Pp -Socket BIOs also support any relevant functionality of file descriptor BIOs. -.Pp -The reason for having separate file descriptor and socket BIOs -is that on some platforms, sockets are not file descriptors -and use distinct I/O routines. -Windows is one such platform. -Any code mixing the two will not work on all platforms. -.Sh RETURN VALUES -.Fn BIO_s_socket -returns the socket BIO method. -.Pp -.Fn BIO_new_socket -returns the newly allocated BIO or -.Dv NULL -if an error occurred. -.Pp -When called on a socket BIO object, -.Xr BIO_method_type 3 -returns the constant -.Dv BIO_TYPE_SOCKET -and -.Xr BIO_method_name 3 -returns a pointer to the static string -.Qq socket . -.Sh SEE ALSO -.Xr BIO_get_fd 3 , -.Xr BIO_new 3 -.Sh HISTORY -.Fn BIO_s_socket -first appeared in SSLeay 0.6.0. -.Fn BIO_new_socket -first appeared in SSLeay 0.8.0. -Both functions have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/BIO_set_callback.3 b/src/lib/libcrypto/man/BIO_set_callback.3 deleted file mode 100644 index 56a0102be6..0000000000 --- a/src/lib/libcrypto/man/BIO_set_callback.3 +++ /dev/null @@ -1,396 +0,0 @@ -.\" $OpenBSD: BIO_set_callback.3,v 1.12 2023/04/30 13:57:29 schwarze Exp $ -.\" full merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2018, 2022 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000, 2016, 2017 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: April 30 2023 $ -.Dt BIO_SET_CALLBACK 3 -.Os -.Sh NAME -.Nm BIO_callback_fn_ex , -.Nm BIO_set_callback_ex , -.Nm BIO_get_callback_ex , -.Nm BIO_callback_fn , -.Nm BIO_set_callback , -.Nm BIO_get_callback , -.Nm BIO_set_callback_arg , -.Nm BIO_get_callback_arg , -.Nm BIO_debug_callback -.\" The following three macros are intentionally undocumented because -.\" they are unused and would only cause obfuscation if they were used. -.\" .Nm BIO_CB_return -.\" .Nm BIO_cb_pre -.\" .Nm BIO_cb_post -.Nd BIO callback functions -.Sh SYNOPSIS -.In openssl/bio.h -.Ft typedef long -.Fo (*BIO_callback_fn_ex) -.Fa "BIO *b" -.Fa "int oper" -.Fa "const char *argp" -.Fa "size_t len" -.Fa "int argi" -.Fa "long argl" -.Fa "int ret" -.Fa "size_t *processed" -.Fc -.Ft void -.Fo BIO_set_callback_ex -.Fa "BIO *b" -.Fa "BIO_callback_fn_ex cb_ex" -.Fc -.Ft BIO_callback_fn_ex -.Fo BIO_get_callback_ex -.Fa "const BIO *b" -.Fc -.Ft typedef long -.Fo (*BIO_callback_fn) -.Fa "BIO *b" -.Fa "int oper" -.Fa "const char *argp" -.Fa "int argi" -.Fa "long argl" -.Fa "long ret" -.Fc -.Ft void -.Fo BIO_set_callback -.Fa "BIO *b" -.Fa "BIO_callback_fn cb" -.Fc -.Ft BIO_callback_fn -.Fo BIO_get_callback -.Fa "BIO *b" -.Fc -.Ft void -.Fo BIO_set_callback_arg -.Fa "BIO *b" -.Fa "char *pointer" -.Fc -.Ft char * -.Fo BIO_get_callback_arg -.Fa "const BIO *b" -.Fc -.Ft long -.Fo BIO_debug_callback -.Fa "BIO *bio" -.Fa "int oper" -.Fa "const char *argp" -.Fa "int argi" -.Fa "long argl" -.Fa "long ret" -.Fc -.Sh DESCRIPTION -.Fn BIO_set_callback_ex -and -.Fn BIO_get_callback_ex -set and retrieve the BIO callback. -The callback is called during most high-level BIO operations. -It can be used for debugging purposes to trace operations on a BIO -or to modify its operation. -.Pp -.Fn BIO_set_callback -and -.Fn BIO_get_callback -are deprecated functions that set and retrieve the old-style BIO callback, -which is only used if no new-style callback is set with -.Fn BIO_set_callback_ex . -.Pp -.Fn BIO_set_callback_arg -stores the -.Fa pointer -internally in -.Fa b -and -.Fn BIO_get_callback_arg -retrieves it from -.Fa b . -The name of these two functions is badly misleading: the -.Fa pointer -is never passed as an argument to any callback function. -But of course, callback functions can call -.Fn BIO_get_callback_arg -and access the pointer, just like any other code can. -.Pp -.Fn BIO_debug_callback -is a standard debugging callback which prints -out information related to each BIO operation. -If -.Fn BIO_set_callback_arg -was called with a -.Pf non- Dv NULL -argument, information is sent to the BIO pointed to by the -.Fa pointer ; -otherwise, standard error output is used. -.Pp -The arguments of the callback functions are as follows: -.Bl -tag -width Ds -.It Fa b -The BIO the callback is attached to. -.It Fa oper -The operation being performed, which is one of -.Dv BIO_CB_CTRL , -.Dv BIO_CB_FREE , -.Dv BIO_CB_GETS , -.Dv BIO_CB_PUTS , -.Dv BIO_CB_READ , -or -.Dv BIO_CB_WRITE . -For some operations, the callback is called twice, -once before and once after the actual operation. -The latter case has -.Fa oper -OR'ed with -.Dv BIO_CB_RETURN . -.It Fa argp , argi , argl -The meaning of these three arguments depends on the value of -.Fa oper , -that is on the operation being performed. -.It Fa len -The length of the data requested to be read or written. -This is only useful if -.Fa oper -is -.Dv BIO_CB_READ , -.Dv BIO_CB_WRITE , -or -.Dv BIO_CB_GETS . -.It Fa ret -When -.Fa oper -does not include -.Dv BIO_CB_RETURN , -i.e. when the callback is invoked before an operation, -the value passed into the callback via -.Fa ret -is always 1. -In this case, if the callback returns a negative value, the library -aborts the requested operation and instead returns the negative -return value from the callback to the application. -If the callback returns a non-negative value, that return value is -ignored by the library, and the operation is performed normally. -.Pp -When -.Fa oper -includes -.Dv BIO_CB_RETURN , -i.e. when the callback is invoked after an operation, -the value passed into the callback via -.Fa ret -is the return value that the operation would return to the application -if no callback were present. -When a callback is present, the operation only passes this value -to the callback and instead of it returns the return value of the -callback to the application. -.It Fa processed -The location pointed to is updated with the number of bytes -actually read or written. -Only used for -.Dv BIO_CB_READ , -.Dv BIO_CB_WRITE , -.Dv BIO_CB_GETS , -and -.Dv BIO_CB_PUTS . -.El -.Pp -The callback should normally simply return -.Fa ret -when it has finished processing, unless it specifically wishes to -abort the operation or to modify the value returned to the application. -.Pp -The callbacks are called as follows: -.Bl -tag -width 1n -.It \&In Fn BIO_free "BIO *b" : -.Bd -literal -before the free operation: -cb_ex(b, BIO_CB_FREE, NULL, 0, 0, 0, 1, NULL) -or cb(b, BIO_CB_FREE, NULL, 0, 0, 1) -.Ed -.It \&In Fn BIO_read "BIO *b" "void *out" "int outl" : -.Bd -literal -before the read operation: -cb_ex(b, BIO_CB_READ, out, outl, 0, 0, 1, NULL) -or cb(b, BIO_CB_READ, out, outl, 0, 1) - -after the read operation: -cb_ex(b, BIO_CB_READ|BIO_CB_RETURN, out, outl, 0, 0, ret, &bytes) -or cb(b, BIO_CB_READ|BIO_CB_RETURN, out, outl, 0, ret) -.Ed -.It \&In Fn BIO_write "BIO *b" "const void *in" "int inl" : -.Bd -literal -before the write operation: -cb_ex(b, BIO_CB_WRITE, in, inl, 0, 0, 1, NULL) -or cb(b, BIO_CB_WRITE, in, inl, 0, 1) - -after the write operation: -cb_ex(b, BIO_CB_WRITE|BIO_CB_RETURN, in, inl, 0, 0, ret, &bytes) -or cb(b, BIO_CB_WRITE|BIO_CB_RETURN, in, inl, 0, ret) -.Ed -.It \&In Fn BIO_gets "BIO *b" "char *out" "int outl" : -.Bd -literal -before the read operation: -cb_ex(b, BIO_CB_GETS, out, outl, 0, 0, 1, NULL) -or cb(b, BIO_CB_GETS, out, outl, 0, 1) - -after the read operation: -cb_ex(b, BIO_CB_GETS|BIO_CB_RETURN, out, outl, 0, 0, ret, &bytes) -or cb(b, BIO_CB_GETS|BIO_CB_RETURN, out, outl, 0, ret) -.Ed -.It \&In Fn BIO_puts "BIO *b" "const char *in" : -.Bd -literal -before the write operation: -cb_ex(b, BIO_CB_PUTS, in, 0, 0, 0, 1, NULL) -or cb(b, BIO_CB_PUTS, in, 0, 0, 1) - -after the write operation: -cb_ex(b, BIO_CB_PUTS|BIO_CB_RETURN, in, 0, 0, 0, ret, &bytes) -or cb(b, BIO_CB_PUTS|BIO_CB_RETURN, in, 0, 0, ret) -.Ed -.It \&In Fn BIO_ctrl "BIO *b" "int cmd" "long larg" "void *parg" : -.Bd -literal -before the control operation: -cb_ex(b, BIO_CB_CTRL, parg, 0, cmd, larg, 1, NULL) -or cb(b, BIO_CB_CTRL, parg, cmd, larg, 1) - -after the control operation: -cb_ex(b, BIO_CB_CTRL|BIO_CB_RETURN, parg, 0, cmd, larg, ret, NULL) -or cb(b, BIO_CB_CTRL|BIO_CB_RETURN, parg, cmd, larg, ret) -.Ed -.It \&In Fn BIO_callback_ctrl "BIO *b" "int cmd" "BIO_info_cb *fp" : -.Bd -literal -before the control operation: -cb_ex(b, BIO_CB_CTRL, fp, 0, cmd, 0, 1, NULL) -or cb(b, BIO_CB_CTRL, fp, cmd, 0, 1) - -after the control operation: -cb_ex(b, BIO_CB_CTRL|BIO_CB_RETURN, fp, 0, cmd, 0, ret, NULL) -or cb(b, BIO_CB_CTRL|BIO_CB_RETURN, fp, cmd, 0, ret) -.Ed -.El -.Sh RETURN VALUES -.Fn BIO_get_callback_ex -returns a pointer to the function -.Fa cb_ex -previously installed with -.Fn BIO_set_callback_cb , -or -.Dv NULL -if no such callback was installed. -.Pp -.Fn BIO_get_callback -returns a pointer to the function -.Fa cb -previously installed with -.Fn BIO_set_callback , -or -.Dv NULL -if no such callback was installed. -.Pp -.Fn BIO_get_callback_arg -returns the -.Fa pointer -previously set with -.Fn BIO_set_callback_arg , -or -.Dv NULL -if no such pointer was set. -.Pp -.Fn BIO_debug_callback -returns -.Fa ret -if the bit -.Dv BIO_CB_RETURN -is set in -.Fa cmd , -or 1 otherwise. -.Sh EXAMPLES -The -.Fn BIO_debug_callback -function is a good example. -Its source is in the file -.Pa crypto/bio/bio_cb.c . -.Sh SEE ALSO -.Xr BIO_new 3 -.Sh HISTORY -.Fn BIO_set_callback , -.Fn BIO_get_callback , -.Fn BIO_set_callback_arg , -and -.Fn BIO_debug_callback -first appeared in SSLeay 0.6.0. -.Fn BIO_get_callback_arg -first appeared in SSLeay 0.8.0. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn BIO_callback_fn -first appeared in OpenSSL 1.1.0. -.Fn BIO_callback_fn_ex , -.Fn BIO_set_callback_ex , -and -.Fn BIO_get_callback_ex -first appeared in OpenSSL 1.1.1. -These functions have been available since -.Ox 7.1 . diff --git a/src/lib/libcrypto/man/BIO_should_retry.3 b/src/lib/libcrypto/man/BIO_should_retry.3 deleted file mode 100644 index 9b93743516..0000000000 --- a/src/lib/libcrypto/man/BIO_should_retry.3 +++ /dev/null @@ -1,301 +0,0 @@ -.\" $OpenBSD: BIO_should_retry.3,v 1.11 2023/04/30 14:03:47 schwarze Exp $ -.\" full merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" selective merge up to: OpenSSL 57fd5170 May 13 11:24:11 2018 +0200 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000, 2010, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: April 30 2023 $ -.Dt BIO_SHOULD_RETRY 3 -.Os -.Sh NAME -.Nm BIO_should_read , -.Nm BIO_should_write , -.Nm BIO_should_io_special , -.Nm BIO_retry_type , -.Nm BIO_should_retry , -.Nm BIO_get_retry_BIO , -.Nm BIO_get_retry_reason , -.Nm BIO_set_retry_reason -.Nd BIO retry functions -.Sh SYNOPSIS -.In openssl/bio.h -.Ft int -.Fo BIO_should_read -.Fa "BIO *b" -.Fc -.Ft int -.Fo BIO_should_write -.Fa "BIO *b" -.Fc -.Ft int -.Fo BIO_should_io_special -.Fa "BIO *b" -.Fc -.Ft int -.Fo BIO_retry_type -.Fa "BIO *b" -.Fc -.Ft int -.Fo BIO_should_retry -.Fa "BIO *b" -.Fc -.Fd #define BIO_FLAGS_READ 0x01 -.Fd #define BIO_FLAGS_WRITE 0x02 -.Fd #define BIO_FLAGS_IO_SPECIAL 0x04 -.Fd #define BIO_FLAGS_RWS \e -.Fd \& (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL) -.Fd #define BIO_FLAGS_SHOULD_RETRY 0x08 -.Ft BIO * -.Fo BIO_get_retry_BIO -.Fa "BIO *bio" -.Fa "int *reason" -.Fc -.Ft int -.Fo BIO_get_retry_reason -.Fa "BIO *bio" -.Fc -.Ft void -.Fo BIO_set_retry_reason -.Fa "BIO *bio" -.Fa "int reason" -.Fc -.Sh DESCRIPTION -These functions determine why a BIO is not able to read or write data. -They will typically be called after a failed -.Xr BIO_read 3 -or -.Xr BIO_write 3 -call. -.Pp -.Fn BIO_should_retry -returns 1 if the call that produced this condition should be retried -at a later time, or 0 if an error occurred. -.Pp -.Fn BIO_should_read -returns 1 if the cause of the retry condition is that a BIO needs -to read data, or 0 otherwise. -.Pp -.Fn BIO_should_write -returns 1 if the cause of the retry condition is that a BIO needs -to write data, or 0 otherwise. -.Pp -.Fn BIO_should_io_special -returns 1 if some special condition (i.e. a reason other than reading -or writing) is the cause of the retry condition, or 0 otherwise. -.Pp -.Fn BIO_retry_type -returns the bitwise OR of one or more of the flags -.Dv BIO_FLAGS_READ , -.Dv BIO_FLAGS_WRITE , -and -.Dv BIO_FLAGS_IO_SPECIAL -representing the cause of the current retry condition, -or 0 if there is no retry condition. -Current BIO types only set one of the flags at a time. -.Pp -.Fn BIO_get_retry_BIO -determines the precise reason for the special condition. -It walks the BIO chain starting at -.Fa bio -and returns the BIO that caused this condition. -If there is no special condition, -.Fa bio -itself is returned. -If -.Fa reason -is not a -.Dv NULL -pointer, -.Pf * Fa reason -is set to one of the following reason codes: -.Bl -tag -width 1n -offset 3n -.It 0 -There is no special condition. -.It Dv BIO_RR_ACCEPT -.Xr accept 2 -would have blocked. -This can occur for BIOs created from -.Xr BIO_s_accept 3 -or -.Xr BIO_f_ssl 3 . -.It Dv BIO_RR_CONNECT -.Xr connect 2 -would have blocked. -This can occur for BIOs created from -.Xr BIO_s_connect 3 -or -.Xr BIO_f_ssl 3 . -.It Dv BIO_RR_SSL_X509_LOOKUP -An application callback set by -.Xr SSL_CTX_set_client_cert_cb 3 -has asked to be called again. -This can occur for BIOs created from -.Xr BIO_f_ssl 3 . -.El -.Pp -.Fn BIO_get_retry_reason -returns one of the above reason codes for a special condition that occurred in -.Fa bio . -It does not walk the chain and returns 0 if no special condition occurred in -.Fa bio -itself. -.Pp -.Fn BIO_set_retry_reason -sets the retry reason for a special condition for the given -.Fa bio . -It is intended to be called by functions implementing a BIO type -rather than by functions merely using BIOs. -.Pp -.Fn BIO_should_retry , -.Fn BIO_should_read , -.Fn BIO_should_write , -.Fn BIO_should_io_special , -and -.Fn BIO_retry_type -are implemented as macros. -.Pp -If -.Fn BIO_should_retry -returns false, then the precise "error condition" depends on -the BIO type that caused it and the return code of the BIO operation. -For example if a call to -.Xr BIO_read 3 -on a socket BIO returns 0 and -.Fn BIO_should_retry -is false, then the cause will be that the connection closed. -A similar condition on a file BIO will mean that it has reached EOF. -Some BIO types may place additional information on the error queue. -For more details see the individual BIO type manual pages. -.Pp -If the underlying I/O structure is in a blocking mode, -almost all current BIO types will not request a retry, -because the underlying I/O calls will not. -If the application knows that the BIO type will never -signal a retry then it need not call -.Fn BIO_should_retry -after a failed BIO I/O call. -This is typically done with file BIOs. -.Pp -SSL BIOs are the only current exception to this rule: -they can request a retry even if the underlying I/O structure -is blocking, if a handshake occurs during a call to -.Xr BIO_read 3 . -An application can retry the failed call immediately -or avoid this situation by setting -.Dv SSL_MODE_AUTO_RETRY -on the underlying SSL structure. -.Pp -While an application may retry a failed non-blocking call immediately, -this is likely to be very inefficient because the call will fail -repeatedly until data can be processed or is available. -An application will normally wait until the necessary condition -is satisfied. -How this is done depends on the underlying I/O structure. -.Pp -For example if the cause is ultimately a socket and -.Fn BIO_should_read -is true then a call to -.Xr select 2 -may be made to wait until data is available -and then retry the BIO operation. -By combining the retry conditions of several non-blocking BIOs in a single -.Xr select 2 -call it is possible to service several BIOs in a single thread, -though the performance may be poor if SSL BIOs are present because -long delays can occur during the initial handshake process. -.Pp -It is possible for a BIO to block indefinitely if the underlying I/O -structure cannot process or return any data. -This depends on the behaviour of the platforms I/O functions. -This is often not desirable: one solution is to use non-blocking I/O -and use a timeout on the -.Xr select 2 -(or equivalent) call. -.Sh SEE ALSO -.Xr BIO_new 3 , -.Xr BIO_read 3 -.Sh HISTORY -.Fn BIO_should_read , -.Fn BIO_should_write , -.Fn BIO_retry_type , -and -.Fn BIO_should_retry -first appeared in SSLeay 0.6.0. -.Fn BIO_should_io_special , -.Fn BIO_get_retry_BIO , -and -.Fn BIO_get_retry_reason -first appeared in SSLeay 0.8.0. -All these functions have been available since -.Ox 2.4 . -.Pp -.Fn BIO_set_retry_reason -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 7.1 . -.Sh BUGS -The OpenSSL ASN.1 functions cannot gracefully deal with non-blocking I/O: -they cannot retry after a partial read or write. -This is usually worked around by only passing the relevant data to ASN.1 -functions when the entire structure can be read or written. diff --git a/src/lib/libcrypto/man/BN_CTX_new.3 b/src/lib/libcrypto/man/BN_CTX_new.3 deleted file mode 100644 index 336b918896..0000000000 --- a/src/lib/libcrypto/man/BN_CTX_new.3 +++ /dev/null @@ -1,123 +0,0 @@ -.\" $OpenBSD: BN_CTX_new.3,v 1.10 2023/04/25 17:21:51 tb Exp $ -.\" OpenSSL aafbe1cc Jun 12 23:42:08 2013 +0100 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000, 2013 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: April 25 2023 $ -.Dt BN_CTX_NEW 3 -.Os -.Sh NAME -.Nm BN_CTX_new , -.Nm BN_CTX_free -.Nd allocate and free BN_CTX structures -.Sh SYNOPSIS -.In openssl/bn.h -.Ft BN_CTX * -.Fo BN_CTX_new -.Fa void -.Fc -.Ft void -.Fo BN_CTX_free -.Fa "BN_CTX *c" -.Fc -.Sh DESCRIPTION -A -.Vt BN_CTX -is a structure that holds -.Vt BIGNUM -temporary variables used by library functions. -Since dynamic memory allocation to create -.Vt BIGNUM Ns s -is rather expensive when used in conjunction with repeated subroutine -calls, the -.Vt BN_CTX -structure is used. -.Pp -.Fn BN_CTX_new -allocates and initializes a -.Vt BN_CTX -structure. -.Pp -.Fn BN_CTX_free -frees the components of the -.Vt BN_CTX -and, if it was created by -.Fn BN_CTX_new , -also the structure itself. -If -.Xr BN_CTX_start 3 -has been used on the -.Vt BN_CTX , -.Xr BN_CTX_end 3 -must be called before the -.Vt BN_CTX -may be freed by -.Fn BN_CTX_free . -If -.Fa c -is a -.Dv NULL -pointer, no action occurs. -.Sh RETURN VALUES -.Fn BN_CTX_new -returns a pointer to the -.Vt BN_CTX . -If the allocation fails, it returns -.Dv NULL -and sets an error code that can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr BN_add 3 , -.Xr BN_CTX_start 3 , -.Xr BN_new 3 -.Sh HISTORY -.Fn BN_CTX_new -and -.Fn BN_CTX_free -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/BN_CTX_start.3 b/src/lib/libcrypto/man/BN_CTX_start.3 deleted file mode 100644 index a2b62eff5c..0000000000 --- a/src/lib/libcrypto/man/BN_CTX_start.3 +++ /dev/null @@ -1,137 +0,0 @@ -.\" $OpenBSD: BN_CTX_start.3,v 1.8 2019/08/20 10:59:09 schwarze Exp $ -.\" full merge up to: OpenSSL 35fd9953 May 28 14:49:38 2019 +0200 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: August 20 2019 $ -.Dt BN_CTX_START 3 -.Os -.Sh NAME -.Nm BN_CTX_start , -.Nm BN_CTX_get , -.Nm BN_CTX_end -.Nd use temporary BIGNUM variables -.Sh SYNOPSIS -.In openssl/bn.h -.Ft void -.Fo BN_CTX_start -.Fa "BN_CTX *ctx" -.Fc -.Ft BIGNUM * -.Fo BN_CTX_get -.Fa "BN_CTX *ctx" -.Fc -.Ft void -.Fo BN_CTX_end -.Fa "BN_CTX *ctx" -.Fc -.Sh DESCRIPTION -These functions are used to obtain temporary -.Vt BIGNUM -variables from a -.Vt BN_CTX -(which can be created using -.Xr BN_CTX_new 3 ) -in order to save the overhead of repeatedly creating and freeing -.Vt BIGNUM Ns s -in functions that are called from inside a loop. -.Pp -A function must call -.Fn BN_CTX_start -first. -Then, -.Fn BN_CTX_get -may be called repeatedly to obtain temporary -.Vt BIGNUM Ns s . -All -.Fn BN_CTX_get -calls must be made before calling any other functions that use the -.Fa ctx -as an argument. -.Pp -Finally, -.Fn BN_CTX_end -must be called before returning from the function. -When -.Fn BN_CTX_end -is called, the -.Vt BIGNUM -pointers obtained from -.Fn BN_CTX_get -become invalid. -If -.Fa ctx -is -.Dv NULL , -no action occurs. -.Sh RETURN VALUES -.Fn BN_CTX_get -returns a pointer to the -.Vt BIGNUM , -or -.Dv NULL -on error. -Once -.Fn BN_CTX_get -has failed, the subsequent calls will return -.Dv NULL -as well, so it is sufficient to check the return value of the last -.Fn BN_CTX_get -call. -In case of an error, an error code is set which can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr BN_CTX_new 3 , -.Xr BN_new 3 -.Sh HISTORY -.Fn BN_CTX_start , -.Fn BN_CTX_get , -and -.Fn BN_CTX_end -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . diff --git a/src/lib/libcrypto/man/BN_add.3 b/src/lib/libcrypto/man/BN_add.3 deleted file mode 100644 index e7de441b7a..0000000000 --- a/src/lib/libcrypto/man/BN_add.3 +++ /dev/null @@ -1,646 +0,0 @@ -.\" $OpenBSD: BN_add.3,v 1.20 2023/04/27 09:47:03 tb Exp $ -.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Ulf Moeller -.\" and Bodo Moeller . -.\" Copyright (c) 2000, 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: April 27 2023 $ -.Dt BN_ADD 3 -.Os -.Sh NAME -.Nm BN_add , -.Nm BN_uadd , -.Nm BN_sub , -.Nm BN_usub , -.Nm BN_mul , -.Nm BN_sqr , -.Nm BN_div , -.Nm BN_mod , -.Nm BN_nnmod , -.Nm BN_mod_add , -.Nm BN_mod_add_quick , -.Nm BN_mod_sub , -.Nm BN_mod_sub_quick , -.Nm BN_mod_mul , -.Nm BN_mod_sqr , -.Nm BN_mod_lshift , -.Nm BN_mod_lshift_quick , -.Nm BN_mod_lshift1 , -.Nm BN_mod_lshift1_quick , -.Nm BN_exp , -.Nm BN_mod_exp , -.\" The following are public, but intentionally undocumented for now: -.\" .Nm BN_mod_exp_mont , r \(== a ^ p (mod m) -.\" .Nm BN_mod_exp_mont_consttime , -.\" .Nm BN_mod_exp_mont_word , -.\" .Nm BN_mod_exp_simple , -.\" .Nm BN_mod_exp2_mont r \(== (a1 ^ p1) * (a2 ^ p2) (mod m) -.\" Maybe they should be deleted from . -.Nm BN_gcd -.Nd arithmetic operations on BIGNUMs -.Sh SYNOPSIS -.In openssl/bn.h -.Ft int -.Fo BN_add -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *b" -.Fc -.Ft int -.Fo BN_uadd -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *b" -.Fc -.Ft int -.Fo BN_sub -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *b" -.Fc -.Ft int -.Fo BN_usub -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *b" -.Fc -.Ft int -.Fo BN_mul -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *b" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo BN_sqr -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo BN_div -.Fa "BIGNUM *dv" -.Fa "BIGNUM *rem" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *d" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo BN_mod -.Fa "BIGNUM *rem" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *m" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo BN_nnmod -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *m" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo BN_mod_add -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *b" -.Fa "const BIGNUM *m" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo BN_mod_add_quick -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *b" -.Fa "const BIGNUM *m" -.Fc -.Ft int -.Fo BN_mod_sub -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *b" -.Fa "const BIGNUM *m" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo BN_mod_sub_quick -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *b" -.Fa "const BIGNUM *m" -.Fc -.Ft int -.Fo BN_mod_mul -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *b" -.Fa "const BIGNUM *m" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo BN_mod_sqr -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *m" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo BN_mod_lshift -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "int n" -.Fa "const BIGNUM *m" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo BN_mod_lshift_quick -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "int n" -.Fa "const BIGNUM *m" -.Fc -.Ft int -.Fo BN_mod_lshift1 -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *m" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo BN_mod_lshift1_quick -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *m" -.Fc -.Ft int -.Fo BN_exp -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *p" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo BN_mod_exp -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *p" -.Fa "const BIGNUM *m" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo BN_gcd -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *b" -.Fa "BN_CTX *ctx" -.Fc -.Sh DESCRIPTION -.Fn BN_add -adds -.Fa a -and -.Fa b -and places the result in -.Fa r -.Pq Li r=a+b . -.Fa r -may be the same -.Vt BIGNUM -as -.Fa a -or -.Fa b . -.Pp -.Fn BN_uadd -adds the absolute values of -.Fa a -and -.Fa b -and places the result in -.Fa r -.Pq Li r=|a|+|b|\& . -.Fa r -may be the same -.Vt BIGNUM -as -.Fa a -or -.Fa b . -.Pp -.Fn BN_sub -subtracts -.Fa b -from -.Fa a -and places the result in -.Fa r -.Pq Li r=a-b . -.Fa r -may be the same -.Vt BIGNUM -as -.Fa a -or -.Fa b . -.Pp -.Fn BN_usub -subtracts the absolute value of -.Fa b -from the absolute value of -.Fa a -and places the result in -.Fa r -.Pq Li r=|a|-|b|\& . -It requires the absolute value of -.Fa a -to be greater than the absolute value of -.Fa b ; -otherwise it will fail. -.Fa r -may be the same -.Vt BIGNUM -as -.Fa a -or -.Fa b . -.Pp -.Fn BN_mul -multiplies -.Fa a -and -.Fa b -and places the result in -.Fa r -.Pq Li r=a*b . -.Fa r -may be the same -.Vt BIGNUM -as -.Fa a -or -.Fa b . -For multiplication by powers of 2, use -.Xr BN_lshift 3 . -.Pp -.Fn BN_sqr -takes the square of -.Fa a -and places the result in -.Fa r -.Pq Li r=a^2 . -.Fa r -and -.Fa a -may be the same -.Vt BIGNUM . -This function is faster than -.Fn BN_mul r a a . -.Pp -.Fn BN_div -divides -.Fa a -by -.Fa d -and places the result in -.Fa dv -and the remainder in -.Fa rem -.Pq Li dv=a/d , rem=a%d . -If the flag -.Dv BN_FLG_CONSTTIME -is set on -.Fa a -or -.Fa d , -it operates in constant time. -Either of -.Fa dv -and -.Fa rem -may be -.Dv NULL , -in which case the respective value is not returned. -The result is rounded towards zero; thus if -.Fa a -is negative, the remainder will be zero or negative. -For division by powers of 2, use -.Fn BN_rshift 3 . -.Pp -.Fn BN_mod -corresponds to -.Fn BN_div -with -.Fa dv -set to -.Dv NULL . -It is implemented as a macro. -.Pp -.Fn BN_nnmod -reduces -.Fa a -modulo -.Fa m -and places the non-negative remainder in -.Fa r . -.Pp -.Fn BN_mod_add -adds -.Fa a -to -.Fa b -modulo -.Fa m -and places the non-negative result in -.Fa r . -.Pp -.Fn BN_mod_add_quick -is a variant of -.Fn BN_mod_add -that requires -.Fa a -and -.Fa b -to both be non-negative and smaller than -.Fa m . -If any of these constraints are violated, -it silently produces wrong results. -.Pp -.Fn BN_mod_sub -subtracts -.Fa b -from -.Fa a -modulo -.Fa m -and places the non-negative result in -.Fa r . -.Pp -.Fn BN_mod_sub_quick -is a variant of -.Fn BN_mod_sub -that requires -.Fa a -and -.Fa b -to both be non-negative and smaller than -.Fa m . -If any of these constraints are violated, -it silently produces wrong results. -.Pp -.Fn BN_mod_mul -multiplies -.Fa a -by -.Fa b -and finds the non-negative remainder respective to modulus -.Fa m -.Pq Li r=(a*b)%m . -.Fa r -may be the same -.Vt BIGNUM -as -.Fa a -or -.Fa b . -For a more efficient algorithm for repeated computations using the same -modulus, see -.Xr BN_mod_mul_montgomery 3 . -.Pp -.Fn BN_mod_sqr -takes the square of -.Fa a -modulo -.Fa m -and places the result in -.Fa r . -.Pp -.Fn BN_mod_lshift -shifts -.Fa a -left by -.Fa n -bits, reduces the result modulo -.Fa m , -and places the non-negative remainder in -.Fa r -.Pq Li r=a*2^n mod m . -.Pp -.Fn BN_mod_lshift1 -shifts -.Fa a -left by one bit, reduces the result modulo -.Fa m , -and places the non-negative remainder in -.Fa r -.Pq Li r=a*2 mod m . -.Pp -.Fn BN_mod_lshift_quick -and -.Fn BN_mod_lshift1_quick -are variants of -.Fn BN_mod_lshift -and -.Fn BN_mod_lshift1 , -respectively, that require -.Fa a -to be non-negative and less than -.Fa m . -If either of these constraints is violated, they sometimes fail -and sometimes silently produce wrong results. -.Pp -.Fn BN_exp -raises -.Fa a -to the -.Fa p Ns -th -power and places the result in -.Fa r -.Pq Li r=a^p . -This function is faster than repeated applications of -.Fn BN_mul . -.Pp -.Fn BN_mod_exp -computes -.Fa a -to the -.Fa p Ns -th -power modulo -.Fa m -.Pq Li r=(a^p)%m . -If the flag -.Dv BN_FLG_CONSTTIME -is set on -.Fa p , -it operates in constant time. -This function uses less time and space than -.Fn BN_exp . -.Pp -.Fn BN_gcd -computes the greatest common divisor of -.Fa a -and -.Fa b -and places the result in -.Fa r . -.Fa r -may be the same -.Vt BIGNUM -as -.Fa a -or -.Fa b . -.Pp -For all functions, -.Fa ctx -is a previously allocated -.Vt BN_CTX -used for temporary variables; see -.Xr BN_CTX_new 3 . -.Pp -Unless noted otherwise, the result -.Vt BIGNUM -must be different from the arguments. -.Sh RETURN VALUES -For all functions, 1 is returned for success, 0 on error. -The return value should always be checked, for example: -.Pp -.Dl if (!BN_add(r,a,b)) goto err; -.Pp -The error codes can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr BN_add_word 3 , -.Xr BN_CTX_new 3 , -.Xr BN_new 3 , -.Xr BN_set_bit 3 , -.Xr BN_set_flags 3 , -.Xr BN_set_negative 3 -.Sh HISTORY -.Fn BN_add , -.Fn BN_sub , -.Fn BN_mul , -.Fn BN_sqr , -.Fn BN_div , -.Fn BN_mod , -.Fn BN_mod_mul , -.Fn BN_mod_exp , -and -.Fn BN_gcd -first appeared in SSLeay 0.5.1. -.Fn BN_exp -first appeared in SSLeay 0.9.0. -All these functions have been available since -.Ox 2.4 . -.Pp -.Fn BN_uadd , -.Fn BN_usub , -and the -.Fa ctx -argument to -.Fn BN_mul -first appeared in SSLeay 0.9.1 and have been available since -.Ox 2.6 . -.Pp -.Fn BN_nnmod , -.Fn BN_mod_add , -.Fn BN_mod_add_quick , -.Fn BN_mod_sub , -.Fn BN_mod_sub_quick , -.Fn BN_mod_sqr , -.Fn BN_mod_lshift , -.Fn BN_mod_lshift_quick , -.Fn BN_mod_lshift1 , -and -.Fn BN_mod_lshift1_quick -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Sh BUGS -Even if the -.Dv BN_FLG_CONSTTIME -flag is set on -.Fa a -or -.Fa b , -.Fn BN_gcd -neither fails nor operates in constant time, potentially allowing -timing side-channel attacks. -.Pp -Even if the -.Dv BN_FLG_CONSTTIME -flag is set on -.Fa p , -if the modulus -.Fa m -is even, -.Fn BN_mod_exp -does not operate in constant time, potentially allowing -timing side-channel attacks. -.Pp -If -.Dv BN_FLG_CONSTTIME -is set on -.Fa p , -.Fn BN_exp -fails instead of operating in constant time. diff --git a/src/lib/libcrypto/man/BN_add_word.3 b/src/lib/libcrypto/man/BN_add_word.3 deleted file mode 100644 index 161029c302..0000000000 --- a/src/lib/libcrypto/man/BN_add_word.3 +++ /dev/null @@ -1,182 +0,0 @@ -.\" $OpenBSD: BN_add_word.3,v 1.10 2022/11/22 19:02:07 schwarze Exp $ -.\" full merge up to: OpenSSL 9e183d22 Mar 11 08:56:44 2017 -0500 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000, 2005 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 22 2022 $ -.Dt BN_ADD_WORD 3 -.Os -.Sh NAME -.Nm BN_add_word , -.Nm BN_sub_word , -.Nm BN_mul_word , -.Nm BN_div_word , -.Nm BN_mod_word -.Nd arithmetic functions on BIGNUMs with integers -.Sh SYNOPSIS -.In openssl/bn.h -.Ft int -.Fo BN_add_word -.Fa "BIGNUM *a" -.Fa "BN_ULONG w" -.Fc -.Ft int -.Fo BN_sub_word -.Fa "BIGNUM *a" -.Fa "BN_ULONG w" -.Fc -.Ft int -.Fo BN_mul_word -.Fa "BIGNUM *a" -.Fa "BN_ULONG w" -.Fc -.Ft BN_ULONG -.Fo BN_div_word -.Fa "BIGNUM *a" -.Fa "BN_ULONG w" -.Fc -.Ft BN_ULONG -.Fo BN_mod_word -.Fa "const BIGNUM *a" -.Fa "BN_ULONG w" -.Fc -.Sh DESCRIPTION -These functions perform arithmetic operations on BIGNUMs with unsigned -integers. -They are much more efficient than the normal BIGNUM arithmetic -operations. -.Pp -.Vt BN_ULONG -is a macro that expands to -.Vt unsigned long Pq = Vt uint64_t -on -.Dv _LP64 -platforms and -.Vt unsigned int Pq = Vt uint32_t -elsewhere. -.Pp -.Fn BN_add_word -adds -.Fa w -to -.Fa a -.Pq Li a+=w . -.Pp -.Fn BN_sub_word -subtracts -.Fa w -from -.Fa a -.Pq Li a-=w . -.Pp -.Fn BN_mul_word -multiplies -.Fa a -and -.Fa w -.Pq Li a*=w . -.Pp -.Fn BN_div_word -divides -.Fa a -by -.Fa w -.Pq Li a/=w -and returns the remainder. -.Pp -.Fn BN_mod_word -returns the remainder of -.Fa a -divided by -.Fa w -.Pq Li a%w . -.Pp -For -.Fn BN_div_word -and -.Fn BN_mod_word , -.Fa w -must not be 0. -.Sh RETURN VALUES -.Fn BN_add_word , -.Fn BN_sub_word , -and -.Fn BN_mul_word -return 1 for success or 0 on error. -The error codes can be obtained by -.Xr ERR_get_error 3 . -.Pp -.Fn BN_mod_word -and -.Fn BN_div_word -return -.Fa a Ns % Ns Fa w -on success and -.Po Vt BN_ULONG Pc Ns -1 -if an error occurred. -.Sh SEE ALSO -.Xr BN_add 3 , -.Xr BN_new 3 -.Sh HISTORY -.Fn BN_add_word , -.Fn BN_div_word , -and -.Fn BN_mod_word -first appeared in SSLeay 0.5.1. -.Fn BN_sub_word -and -.Fn BN_mul_word -first appeared in SSLeay 0.9.0. -All these functions have been available since -.Ox 2.4 . -.Pp -Before 0.9.8a, the return value for -.Fn BN_div_word -and -.Fn BN_mod_word -in case of an error was 0. diff --git a/src/lib/libcrypto/man/BN_bn2bin.3 b/src/lib/libcrypto/man/BN_bn2bin.3 deleted file mode 100644 index 0fe9a90738..0000000000 --- a/src/lib/libcrypto/man/BN_bn2bin.3 +++ /dev/null @@ -1,388 +0,0 @@ -.\" $OpenBSD: BN_bn2bin.3,v 1.16 2023/07/09 06:45:03 tb Exp $ -.\" full merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100 -.\" -.\" This file was written by Ulf Moeller -.\" and Dr. Stephen Henson . -.\" Copyright (c) 2000, 2002, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 9 2023 $ -.Dt BN_BN2BIN 3 -.Os -.Sh NAME -.Nm BN_bn2bin , -.Nm BN_bn2binpad , -.Nm BN_bin2bn , -.Nm BN_bn2lebinpad , -.Nm BN_lebin2bn , -.Nm BN_bn2hex , -.Nm BN_bn2dec , -.Nm BN_hex2bn , -.Nm BN_dec2bn , -.Nm BN_asc2bn , -.Nm BN_print , -.Nm BN_print_fp , -.Nm BN_bn2mpi , -.Nm BN_mpi2bn -.Nd format conversions -.Sh SYNOPSIS -.In openssl/bn.h -.Ft int -.Fo BN_bn2bin -.Fa "const BIGNUM *a" -.Fa "unsigned char *to" -.Fc -.Ft int -.Fo BN_bn2binpad -.Fa "const BIGNUM *a" -.Fa "unsigned char *to" -.Fa "int tolen" -.Fc -.Ft BIGNUM * -.Fo BN_bin2bn -.Fa "const unsigned char *s" -.Fa "int len" -.Fa "BIGNUM *ret" -.Fc -.Ft int -.Fo BN_bn2lebinpad -.Fa "const BIGNUM *a" -.Fa "unsigned char *to" -.Fa "int tolen" -.Fc -.Ft BIGNUM * -.Fo BN_lebin2bn -.Fa "const unsigned char *s" -.Fa "int len" -.Fa "BIGNUM *ret" -.Fc -.Ft char * -.Fo BN_bn2hex -.Fa "const BIGNUM *a" -.Fc -.Ft char * -.Fo BN_bn2dec -.Fa "const BIGNUM *a" -.Fc -.Ft int -.Fo BN_hex2bn -.Fa "BIGNUM **ap" -.Fa "const char *str" -.Fc -.Ft int -.Fo BN_dec2bn -.Fa "BIGNUM **ap" -.Fa "const char *str" -.Fc -.Ft int -.Fo BN_asc2bn -.Fa "BIGNUM **ap" -.Fa "const char *str" -.Fc -.Ft int -.Fo BN_print -.Fa "BIO *fp" -.Fa "const BIGNUM *a" -.Fc -.Ft int -.Fo BN_print_fp -.Fa "FILE *fp" -.Fa "const BIGNUM *a" -.Fc -.Ft int -.Fo BN_bn2mpi -.Fa "const BIGNUM *a" -.Fa "unsigned char *to" -.Fc -.Ft BIGNUM * -.Fo BN_mpi2bn -.Fa "unsigned char *s" -.Fa "int len" -.Fa "BIGNUM *ret" -.Fc -.Sh DESCRIPTION -.Fn BN_bn2bin -converts the absolute value of -.Fa a -into big-endian form and stores it at -.Fa to . -.Fa to -must point to -.Fn BN_num_bytes a -bytes of memory. -.Pp -.Fn BN_bn2binpad -also converts the absolute value of -.Fa a -into big-endian form and stores it at -.Fa to . -.Fa tolen -indicates the length of the output buffer -.Pf * Fa to . -The result is padded with zeros if necessary. -If -.Fa tolen -is less than -.Fn BN_num_bytes a , -an error is returned. -.Pp -.Fn BN_bin2bn -converts the positive integer in big-endian form of length -.Fa len -at -.Fa s -into a -.Vt BIGNUM -and places it in -.Fa ret . -If -.Fa ret -is -.Dv NULL , -a new -.Vt BIGNUM -is created. -.Pp -.Fn BN_bn2lebinpad -and -.Fn BN_lebin2bn -are identical to -.Fn BN_bn2binpad -and -.Fn BN_bin2bn -except the buffer -.Pf * Fa to -is in little-endian format. -.Pp -.Fn BN_bn2hex -and -.Fn BN_bn2dec -return printable strings containing the hexadecimal and decimal encoding of -.Fa a -respectively. -For negative numbers, the string is prefaced with a leading minus sign. -The string must be freed later using -.Xr free 3 . -.Pp -.Fn BN_hex2bn -interprets -.Fa str -as a hexadecimal number. -The string may start with a minus sign -.Pq Sq - . -Conversion stops at the first byte that is not a hexadecimal digit. -The number is converted to a -.Vt BIGNUM -and stored in -.Pf ** Fa ap . -If -.Pf * Fa ap -is -.Dv NULL , -a new -.Vt BIGNUM -is created. -If -.Fa ap -is -.Dv NULL , -it only computes the number's length in hexadecimal digits, -also counting the leading minus sign if there is one. -A "negative zero" is converted to zero. -.Fn BN_dec2bn -is the same using the decimal system. -.Fn BN_asc2bn -infers the number base from an optional prefix. -If -.Fa str -starts with -.Qq 0x -or -.Qq 0X , -it calls -.Fn BN_hex2bn , -otherwise -.Fn BN_dec2bn . -If the number is negative, the minus sign can be given before or -after the prefix. -.Pp -.Fn BN_print -and -.Fn BN_print_fp -write the hexadecimal encoding of -.Fa a , -with a leading minus sign for negative numbers, to the -.Vt BIO -or -.Vt FILE -.Fa fp . -.Pp -.Fn BN_bn2mpi -and -.Fn BN_mpi2bn -convert -.Vt BIGNUM Ns s -from and to a format that consists of the number's length in bytes -represented as a 4-byte big-endian number, and the number itself in -big-endian format, where the most significant bit signals a negative -number (the representation of numbers with the MSB set is prefixed with -a NUL byte). -.Pp -.Fn BN_bn2mpi -stores the representation of -.Fa a -at -.Fa to , -where -.Pf * Fa to -must be large enough to hold the result. -The size can be determined by calling -.Fn BN_bn2mpi a NULL . -.Pp -.Fn BN_mpi2bn -converts the -.Fa len -bytes long representation at -.Fa s -to a -.Vt BIGNUM -and stores it at -.Fa ret , -or in a newly allocated -.Vt BIGNUM -if -.Fa ret -is -.Dv NULL . -.Sh RETURN VALUES -.Fn BN_bn2bin -returns the length of the big-endian number placed at -.Fa to . -.Pp -.Fn BN_bn2binpad -and -.Fn BN_bn2lebinpad -return the number of bytes written -or \-1 if the supplied buffer is too small. -.Pp -.Fn BN_bin2bn -and -.Fn BN_lebin2bn -return the -.Vt BIGNUM , -or -.Dv NULL -on error. -.Pp -.Fn BN_bn2hex -and -.Fn BN_bn2dec -return a NUL-terminated string, or -.Dv NULL -on error. -.Fn BN_hex2bn -and -.Fn BN_dec2bn -return the number's length in hexadecimal or decimal digits, -also counting the leading minus sign if there is one, -or 0 on error, in which case no new -.Vt BIGNUM -is created. -.Fn BN_asc2bn -returns 1 on success or 0 on error, in which case no new -.Vt BIGNUM -is created. -.Pp -.Fn BN_print_fp -and -.Fn BN_print -return 1 on success, 0 on write errors. -.Pp -.Fn BN_bn2mpi -returns the length of the representation. -.Fn BN_mpi2bn -returns the -.Vt BIGNUM , -or -.Dv NULL -on error. -.Pp -The error codes can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr ASN1_INTEGER_to_BN 3 , -.Xr BN_new 3 , -.Xr BN_num_bytes 3 , -.Xr BN_zero 3 -.Sh HISTORY -.Fn BN_bn2bin , -.Fn BN_bin2bn , -and -.Fn BN_print -first appeared in SSLeay 0.5.1. -.Fn BN_print_fp -first appeared in SSLeay 0.6.0. -.Fn BN_bn2hex , -.Fn BN_bn2dec , -.Fn BN_hex2bn , -.Fn BN_dec2bn , -.Fn BN_bn2mpi , -and -.Fn BN_mpi2bn -first appeared in SSLeay 0.9.0. -All these functions have been available since -.Ox 2.4 . -.Pp -.Fn BN_asc2bin -first appeared in OpenSSL 1.0.0 and has been available since -.Ox 4.9 . -.Pp -.Fn BN_bn2binpad , -.Fn BN_bn2lebinpad , -and -.Fn BN_lebin2bn -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 7.0 . diff --git a/src/lib/libcrypto/man/BN_cmp.3 b/src/lib/libcrypto/man/BN_cmp.3 deleted file mode 100644 index ba973313f0..0000000000 --- a/src/lib/libcrypto/man/BN_cmp.3 +++ /dev/null @@ -1,169 +0,0 @@ -.\" $OpenBSD: BN_cmp.3,v 1.10 2022/11/22 19:02:07 schwarze Exp $ -.\" full merge up to: OpenSSL 5b31b9df Aug 4 10:45:52 2021 +0300 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 22 2022 $ -.Dt BN_CMP 3 -.Os -.Sh NAME -.Nm BN_cmp , -.Nm BN_ucmp , -.Nm BN_is_zero , -.Nm BN_is_one , -.Nm BN_is_word , -.Nm BN_abs_is_word , -.Nm BN_is_odd -.Nd BIGNUM comparison and test functions -.Sh SYNOPSIS -.In openssl/bn.h -.Ft int -.Fo BN_cmp -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *b" -.Fc -.Ft int -.Fo BN_ucmp -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *b" -.Fc -.Ft int -.Fo BN_is_zero -.Fa "const BIGNUM *a" -.Fc -.Ft int -.Fo BN_is_one -.Fa "const BIGNUM *a" -.Fc -.Ft int -.Fo BN_is_word -.Fa "const BIGNUM *a" -.Fa "const BN_ULONG w" -.Fc -.Ft int -.Fo BN_abs_is_word -.Fa "const BIGNUM *a" -.Fa "const BN_ULONG w" -.Fc -.Ft int -.Fo BN_is_odd -.Fa "const BIGNUM *a" -.Fc -.Sh DESCRIPTION -.Fn BN_cmp -compares the numbers -.Fa a -and -.Fa b . -.Fn BN_ucmp -compares their absolute values. -.Pp -.Fn BN_is_zero , -.Fn BN_is_one -and -.Fn BN_is_word -test if -.Fa a -equals 0, 1, or -.Fa w -respectively. -.Fn BN_abs_is_word -tests if the absolute value of -.Fa a -equals -.Fa w . -.Fn BN_is_odd -tests if a is odd. -.Pp -.Vt BN_ULONG -is a macro that expands to -.Vt unsigned long Pq = Vt uint64_t -on -.Dv _LP64 -platforms and -.Vt unsigned int Pq = Vt uint32_t -elsewhere. -.Sh RETURN VALUES -.Fn BN_cmp -returns -1 if -.Fa a Ns < Ns Fa b , -0 if -.Fa a Ns == Ns Fa b , -and 1 if -.Fa a Ns > Ns Fa b . -.Fn BN_ucmp -is the same using the absolute values of -.Fa a -and -.Fa b . -.Pp -.Fn BN_is_zero , -.Fn BN_is_one , -.Fn BN_is_word , -.Fn BN_abs_is_word , -and -.Fn BN_is_odd -return 1 if the condition is true, 0 otherwise. -.Sh SEE ALSO -.Xr BN_new 3 -.Sh HISTORY -.Fn BN_cmp , -.Fn BN_ucmp , -.Fn BN_is_zero , -.Fn BN_is_one , -and -.Fn BN_is_word -first appeared in SSLeay 0.5.1. -.Fn BN_is_odd -first appeared in SSLeay 0.8.0. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn BN_abs_is_word -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/BN_copy.3 b/src/lib/libcrypto/man/BN_copy.3 deleted file mode 100644 index 383255e382..0000000000 --- a/src/lib/libcrypto/man/BN_copy.3 +++ /dev/null @@ -1,165 +0,0 @@ -.\" $OpenBSD: BN_copy.3,v 1.10 2021/12/06 19:45:27 schwarze Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Ulf Moeller -.\" and Matt Caswell . -.\" Copyright (c) 2000, 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 6 2021 $ -.Dt BN_COPY 3 -.Os -.Sh NAME -.Nm BN_copy , -.Nm BN_dup , -.Nm BN_with_flags -.Nd copy BIGNUMs -.Sh SYNOPSIS -.In openssl/bn.h -.Ft BIGNUM * -.Fo BN_copy -.Fa "BIGNUM *to" -.Fa "const BIGNUM *from" -.Fc -.Ft BIGNUM * -.Fo BN_dup -.Fa "const BIGNUM *from" -.Fc -.Ft void -.Fo BN_with_flags -.Fa "BIGNUM *dest" -.Fa "const BIGNUM *b" -.Fa "int flags" -.Fc -.Sh DESCRIPTION -.Fn BN_copy -copies -.Fa from -to -.Fa to . -.Pp -.Fn BN_dup -creates a new -.Vt BIGNUM -containing the value -.Fa from . -.Pp -.Fn BN_with_flags -creates a -.Em temporary -shallow copy of -.Fa b -in -.Fa dest . -It places significant restrictions on the copied data. -Applications that do not adhere to these restrictions -may encounter unexpected side effects or crashes. -For that reason, use of this function is discouraged. -.Pp -Any flags provided in -.Fa flags -will be set in -.Fa dest -in addition to any flags already set in -.Fa b . -For example, this can be used to create a temporary copy of a -.Vt BIGNUM -with the -.Dv BN_FLG_CONSTTIME -flag set for constant time operations. -.Pp -The temporary copy in -.Fa dest -will share some internal state with -.Fa b . -For this reason, the following restrictions apply to the use of -.Fa dest : -.Bl -bullet -.It -.Fa dest -should be a newly allocated -.Vt BIGNUM -obtained via a call to -.Xr BN_new 3 . -It should not have been used for other purposes or initialised in any way. -.It -.Fa dest -must only be used in "read-only" operations, i.e. typically those -functions where the relevant parameter is declared "const". -.It -.Fa dest -must be used and freed before any further subsequent use of -.Fa b . -.El -.Sh RETURN VALUES -.Fn BN_copy -returns -.Fa to -on success or -.Dv NULL -on error. -.Fn BN_dup -returns the new -.Vt BIGNUM -or -.Dv NULL -on error. -The error codes can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr BN_new 3 , -.Xr BN_set_flags 3 -.Sh HISTORY -.Fn BN_copy -and -.Fn BN_dup -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . -.Pp -.Fn BN_with_flags -first appeared in OpenSSL 0.9.7h and 0.9.8a -and has been available since -.Ox 4.0 . diff --git a/src/lib/libcrypto/man/BN_generate_prime.3 b/src/lib/libcrypto/man/BN_generate_prime.3 deleted file mode 100644 index d9144155c6..0000000000 --- a/src/lib/libcrypto/man/BN_generate_prime.3 +++ /dev/null @@ -1,375 +0,0 @@ -.\" $OpenBSD: BN_generate_prime.3,v 1.25 2023/12/29 19:12:46 tb Exp $ -.\" full merge up to: OpenSSL f987a4dd Jun 27 10:12:08 2019 +0200 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2022 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Ulf Moeller -.\" Bodo Moeller , and Matt Caswell . -.\" Copyright (c) 2000, 2003, 2013, 2014, 2018 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 29 2023 $ -.Dt BN_GENERATE_PRIME 3 -.Os -.Sh NAME -.Nm BN_is_prime_ex , -.Nm BN_is_prime_fasttest_ex , -.Nm BN_generate_prime_ex , -.Nm BN_GENCB_call , -.Nm BN_GENCB_new , -.Nm BN_GENCB_free , -.Nm BN_GENCB_set , -.Nm BN_GENCB_get_arg , -.Nm BN_GENCB_set_old -.\" Nm BN_prime_checks_for_size is intentionally undocumented -.\" because it should not be used outside of libcrypto. -.Nd generate primes and test for primality -.Sh SYNOPSIS -.In openssl/bn.h -.Ft int -.Fo BN_is_prime_ex -.Fa "const BIGNUM *a" -.Fa "int nchecks" -.Fa "BN_CTX *ctx" -.Fa "BN_GENCB *cb" -.Fc -.Ft int -.Fo BN_is_prime_fasttest_ex -.Fa "const BIGNUM *a" -.Fa "int nchecks" -.Fa "BN_CTX *ctx" -.Fa "int do_trial_division" -.Fa "BN_GENCB *cb" -.Fc -.Ft int -.Fo BN_generate_prime_ex -.Fa "BIGNUM *ret" -.Fa "int bits" -.Fa "int safe" -.Fa "const BIGNUM *modulus" -.Fa "const BIGNUM *remainder" -.Fa "BN_GENCB *cb" -.Fc -.Ft int -.Fo BN_GENCB_call -.Fa "BN_GENCB *cb" -.Fa "int state_code" -.Fa "int serial_number" -.Fc -.Ft BN_GENCB * -.Fn BN_GENCB_new void -.Ft void -.Fo BN_GENCB_free -.Fa "BN_GENCB *cb" -.Fc -.Ft void -.Fo BN_GENCB_set -.Fa "BN_GENCB *cb" -.Fa "int (*cb_fp)(int, int, BN_GENCB *)" -.Fa "void *cb_arg" -.Fc -.Ft void * -.Fo BN_GENCB_get_arg -.Fa "BN_GENCB *cb" -.Fc -.Pp -Deprecated: -.Pp -.Ft void -.Fo BN_GENCB_set_old -.Fa "BN_GENCB *cb" -.Fa "void (*cb_fp)(int, int, void *)" -.Fa "void *cb_arg" -.Fc -.Sh DESCRIPTION -.Fn BN_is_prime_ex -and -.Fn BN_is_prime_fasttest_ex -test whether the number -.Fa a -is prime. -In LibreSSL, both functions behave identically -and use the Baillie-Pomerance-Selfridge-Wagstaff algorithm -combined with -.Fa checks -Miller-Rabin rounds. -The -.Fa do_trial_division -argument is ignored. -.Pp -It is unknown whether any composite number exists that the -Baillie-PSW algorithm misclassifies as a prime. -Some suspect that there may be infinitely many such numbers, -but not a single one is currently known. -It is known that no such number exists below 2\(ha64. -.Pp -In order to reduce the likelihood of a composite number -passing the primality tests -.Fn BN_is_prime_fasttest_ex -and -.Fn BN_is_prime_ex , -a number of rounds of the probabilistic Miller-Rabin test is performed. -If -.Fa checks -is positive, it is used as the number of rounds; -if it is zero or the special value -.Dv BN_prime_checks , -a suitable number of rounds is calculated from the bit length of -.Fa a . -.Pp -If -.Dv NULL -is passed for the -.Fa ctx -argument, these function allocate a -.Vt BN_CTX -object internally when they need one and free it before returning. -Alternatively, to save the overhead of allocating and freeing -that object for each call, the caller can pre-allocate a -.Vt BN_CTX -object and pass it in the -.Fa ctx -argument. -.Pp -.Fn BN_generate_prime_ex -generates a pseudo-random prime number of at least bit length -.Fa bits -and places it in -.Fa ret . -Primality of -.Fa ret -is tested internally using -.Fn BN_is_prime_ex . -Consequently, for -.Fa bits -larger than 64, it is theoretically possible -that this function might place a composite number into -.Fa ret ; -the probability of such an event is unknown but very small. -.Pp -The prime may have to fulfill additional requirements for use in -Diffie-Hellman key exchange: -.Bl -bullet -.It -If -.Fa modulus -is not -.Dv NULL , -a prime is generated that fulfills the condition -.Fa ret No % Fa modulus No = Fa remainder . -If the -.Fa remainder -argument is -.Dv NULL , -1 is used as the desired remainder. -.It -If the -.Fa safe -argument is non-zero, a safe prime is generated, that is, -.Po Fa ret No \- 1 Pc Ns /2 -is also prime. -.El -.Pp -If -.Fa cb -is not -.Dv NULL , -it is used as follows: -.Bl -bullet -.It -.Fn BN_GENCB_call cb 0 serial_number -is called after generating a potential prime number. -.It -The -.Fa state_code -of 1 is reserved for callbacks during primality testing, -but LibreSSL performs no such callbacks. -.It -When -.Fa safe -is non-zero and a safe prime has been found, -.Fn BN_GENCB_call cb 2 serial_number -is called. -.It -The callers of -.Fn BN_generate_prime_ex -may call -.Fn BN_GENCB_call -with other values as described in their respective manual pages; see -.Sx SEE ALSO . -.El -.Pp -In all cases, the -.Fa serial_number -is the number of candidates that have already been discarded -for not being prime; that is, -.Fa serial_number -is 0 for the first candidate -and then incremented whenever a new candidate is generated. -.Pp -.Fn BN_GENCB_call -calls the callback function held in -.Fa cb -and passes the -.Fa state_code -and the -.Fa serial_number -as arguments. -If -.Fa cb -is -.Dv NULL -or does not contain a callback function, no action occurs. -.Pp -.Fn BN_GENCB_new -allocates a new -.Vt BN_GENCB -object. -.Pp -.Fn BN_GENCB_free -frees -.Fa cb . -If -.Fa cb -is -.Dv NULL , -no action occurs. -.Pp -.Fn BN_GENCB_set -initialises -.Fa cb -to use the callback function pointer -.Fa cb_fp -and the additional callback argument -.Fa cb_arg . -.Pp -The deprecated function -.Fn BN_GENCB_set_old -initialises -.Fa cb -to use the old-style callback function pointer -.Fa cb_fp -and the additional callback argument -.Fa cb_arg . -.Sh RETURN VALUES -.Fn BN_is_prime_ex -and -.Fn BN_is_prime_fasttest_ex -return 0 if the number is composite, 1 if it is prime with a very small -error probability, or \-1 on error. -.Pp -.Fn BN_generate_prime_ex -returns 1 on success or 0 on error. -.Pp -.Fn BN_GENCB_call -returns 1 on success, including when -.Fa cb -is -.Dv NULL -or does not contain a callback function, -or 0 on error. -.Pp -.Fn BN_GENCB_new -returns a pointer to the newly allocated -.Vt BN_GENCB -object or -.Dv NULL -if memory allocation fails. -.Pp -The callback functions pointed to by the -.Fa cb_fp -arguments are supposed to return 1 on success or 0 on error. -.Pp -.Fn BN_GENCB_get_arg -returns the -.Fa cb_arg -pointer that was previously stored in -.Fa cb -using -.Fn BN_GENCB_set -or -.Fn BN_GENCB_set_old . -.Pp -In some cases, error codes can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr BN_new 3 , -.Xr DH_generate_parameters 3 , -.Xr DSA_generate_parameters_ex 3 , -.Xr RSA_generate_key 3 -.Sh HISTORY -.Fn BN_generate_prime_ex , -.Fn BN_is_prime_ex , -.Fn BN_is_prime_fasttest_ex , -.Fn BN_GENCB_call , -.Fn BN_GENCB_set_old , -and -.Fn BN_GENCB_set -first appeared in OpenSSL 0.9.8 and have been available since -.Ox 4.5 . -.Pp -.Fn BN_GENCB_new , -.Fn BN_GENCB_free , -and -.Fn BN_GENCB_get_arg -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 6.3 . diff --git a/src/lib/libcrypto/man/BN_get_rfc3526_prime_8192.3 b/src/lib/libcrypto/man/BN_get_rfc3526_prime_8192.3 deleted file mode 100644 index abaf80ef20..0000000000 --- a/src/lib/libcrypto/man/BN_get_rfc3526_prime_8192.3 +++ /dev/null @@ -1,153 +0,0 @@ -.\" $OpenBSD: BN_get_rfc3526_prime_8192.3,v 1.1 2023/07/20 16:26:40 tb Exp $ -.\" checked up to: OpenSSL DH_get_1024_160 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" Copyright (c) 2017 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: July 20 2023 $ -.Dt BN_GET_RFC3526_PRIME_8192 3 -.Os -.Sh NAME -.Nm BN_get_rfc2409_prime_768 , -.Nm BN_get_rfc2409_prime_1024 , -.Nm BN_get_rfc3526_prime_1536 , -.Nm BN_get_rfc3526_prime_2048 , -.Nm BN_get_rfc3526_prime_3072 , -.Nm BN_get_rfc3526_prime_4096 , -.Nm BN_get_rfc3526_prime_6144 , -.Nm BN_get_rfc3526_prime_8192 -.Nd standard moduli for Diffie-Hellman key exchange -.Sh SYNOPSIS -.In openssl/bn.h -.Ft BIGNUM * -.Fn BN_get_rfc2409_prime_768 "BIGNUM *bn" -.Ft BIGNUM * -.Fn BN_get_rfc2409_prime_1024 "BIGNUM *bn" -.Ft BIGNUM * -.Fn BN_get_rfc3526_prime_1536 "BIGNUM *bn" -.Ft BIGNUM * -.Fn BN_get_rfc3526_prime_2048 "BIGNUM *bn" -.Ft BIGNUM * -.Fn BN_get_rfc3526_prime_3072 "BIGNUM *bn" -.Ft BIGNUM * -.Fn BN_get_rfc3526_prime_4096 "BIGNUM *bn" -.Ft BIGNUM * -.Fn BN_get_rfc3526_prime_6144 "BIGNUM *bn" -.Ft BIGNUM * -.Fn BN_get_rfc3526_prime_8192 "BIGNUM *bn" -.Sh DESCRIPTION -Each of these functions returns one specific constant Sophie Germain -prime number -.Fa p . -.Pp -If -.Fa bn -is -.Dv NULL , -a new -.Vt BIGNUM -object is created and returned. -Otherwise, the number is stored in -.Pf * Fa bn -and -.Fa bn -is returned. -.Pp -All these numbers are of the form -.Pp -.EQ -p = 2 sup s - 2 sup left ( s - 64 right ) - 1 + 2 sup 64 * -left { left [ 2 sup left ( s - 130 right ) pi right ] + offset right } -delim $$ -.EN -.Pp -where -.Ar s -is the size of the binary representation of the number in bits -and appears at the end of the function names. -As long as the offset is sufficiently small, the above form assures -that the top and bottom 64 bits of each number are all 1. -.Pp -The offsets are defined in the standards as follows: -.Bl -column "8192 = 2 * 2^12" "4743158" -offset indent -.It size Ar s Ta Ar offset -.It Ta -.It \ 768 = 3 * 2^8 Ta 149686 -.It 1024 = 2 * 2^9 Ta 129093 -.It 1536 = 3 * 2^9 Ta 741804 -.It 2048 = 2 * 2^10 Ta 124476 -.It 3072 = 3 * 2^10 Ta 1690314 -.It 4096 = 2 * 2^11 Ta 240904 -.It 6144 = 3 * 2^11 Ta 929484 -.It 8192 = 2 * 2^12 Ta 4743158 -.El -.Pp -For each of these prime numbers, the finite group of natural numbers -smaller than -.Fa p , -where the group operation is defined as multiplication modulo -.Fa p , -is used for Diffie-Hellman key exchange. -The first two of these groups are called the First Oakley Group and -the Second Oakley Group. -Obviously, all these groups are cyclic groups of order -.Fa p , -respectively, and the numbers returned by these functions are not -secrets. -.Sh RETURN VALUES -If memory allocation fails, these functions return -.Dv NULL . -That can happen even if -.Fa bn -is not -.Dv NULL . -.Sh SEE ALSO -.Xr BN_mod_exp 3 , -.Xr BN_new 3 , -.Xr BN_set_flags 3 , -.Xr DH_new 3 -.Sh STANDARDS -RFC 2409, "The Internet Key Exchange (IKE)", defines the Oakley Groups. -.Pp -RFC 2412, "The OAKLEY Key Determination Protocol", contains additional -information about these numbers. -.Pp -RFC 3526, "More Modular Exponential (MODP) Diffie-Hellman groups -for Internet Key Exchange (IKE)", defines the other six numbers. -.Sh HISTORY -.Fn BN_get_rfc2409_prime_768 , -.Fn BN_get_rfc2409_prime_1024 , -.Fn BN_get_rfc3526_prime_1536 , -.Fn BN_get_rfc3526_prime_2048 , -.Fn BN_get_rfc3526_prime_3072 , -.Fn BN_get_rfc3526_prime_4096 , -.Fn BN_get_rfc3526_prime_6144 , -and -.Fn BN_get_rfc3526_prime_8192 -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 6.3 . -The same functions without -.Sy BN_ -prefix first appeared in OpenSSL 0.9.8a and -.Ox 4.5 ; -they were removed in -.Ox 7.4 . -.Sh CAVEATS -As all the memory needed for storing the numbers is dynamically -allocated, the -.Dv BN_FLG_STATIC_DATA -flag is not set on the returned -.Vt BIGNUM -objects. -So be careful to not change the returned numbers. diff --git a/src/lib/libcrypto/man/BN_kronecker.3 b/src/lib/libcrypto/man/BN_kronecker.3 deleted file mode 100644 index 90b7f43230..0000000000 --- a/src/lib/libcrypto/man/BN_kronecker.3 +++ /dev/null @@ -1,57 +0,0 @@ -.\" $OpenBSD: BN_kronecker.3,v 1.2 2022/11/15 17:55:00 schwarze Exp $ -.\" -.\" Copyright (c) 2022 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: November 15 2022 $ -.Dt BN_KRONECKER 3 -.Os -.Sh NAME -.Nm BN_kronecker -.Nd Kronecker symbol -.Sh SYNOPSIS -.In openssl/bn.h -.Ft int -.Fo BN_kronecker -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *b" -.Fa "BN_CTX *ctx" -.Fc -.Sh DESCRIPTION -.Fn BN_kronecker -computes the Kronecker symbol -.Pq a | b , -which generalizes the Legendre and Jacobi symbols -for arbitrary integer numbers -.Fa b . -.Sh RETURN VALUES -.Fn BN_kronecker -returns \-1, 0, or 1 in case of success or \-2 on error. -.Sh SEE ALSO -.Xr BN_CTX_new 3 , -.Xr BN_gcd 3 , -.Xr BN_mod_sqrt 3 , -.Xr BN_new 3 -.Rs -.%A Henri Cohen -.%B A Course in Computational Algebraic Number Theory -.%I Springer -.%C Berlin -.%D 1993 -.%O Algorithm 1.4.10 -.Re -.Sh HISTORY -.Fn BN_kronecker -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/BN_mod_inverse.3 b/src/lib/libcrypto/man/BN_mod_inverse.3 deleted file mode 100644 index d0a4b458f4..0000000000 --- a/src/lib/libcrypto/man/BN_mod_inverse.3 +++ /dev/null @@ -1,126 +0,0 @@ -.\" $OpenBSD: BN_mod_inverse.3,v 1.13 2023/10/21 13:53:43 schwarze Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: October 21 2023 $ -.Dt BN_MOD_INVERSE 3 -.Os -.Sh NAME -.Nm BN_mod_inverse -.Nd compute inverse modulo m -.Sh SYNOPSIS -.In openssl/bn.h -.Ft BIGNUM * -.Fo BN_mod_inverse -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *m" -.Fa "BN_CTX *ctx" -.Fc -.Sh DESCRIPTION -.Fn BN_mod_inverse -computes the inverse of -.Fa a -modulo -.Fa m -and places the result in -.Fa r , -so that -.Fa r -satisfies -.Li a * r == 1 (mod m) . -If -.Fa r -is -.Dv NULL , -a new -.Vt BIGNUM -is allocated. -.Pp -If the flag -.Dv BN_FLG_CONSTTIME -is set on -.Fa a -or -.Fa m , -it operates in constant time. -.Pp -.Fa ctx -is a previously allocated -.Vt BN_CTX -used for temporary variables. -.Fa r -may be the same -.Vt BIGNUM -as -.Fa a -or -.Fa m . -.Sh RETURN VALUES -.Fn BN_mod_inverse -returns the -.Vt BIGNUM -containing the inverse, or -.Dv NULL -on error. -The error codes can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr BN_add 3 , -.Xr BN_new 3 , -.Xr BN_set_flags 3 -.Sh HISTORY -.Fn BN_mod_inverse -first appeared in SSLeay 0.5.1 and has been available since -.Ox 2.4 . -.Pp -The -.Fa r -argument was added in SSLeay 0.9.1 and -.Ox 2.6 . diff --git a/src/lib/libcrypto/man/BN_mod_mul_montgomery.3 b/src/lib/libcrypto/man/BN_mod_mul_montgomery.3 deleted file mode 100644 index ed004c2549..0000000000 --- a/src/lib/libcrypto/man/BN_mod_mul_montgomery.3 +++ /dev/null @@ -1,271 +0,0 @@ -.\" $OpenBSD: BN_mod_mul_montgomery.3,v 1.16 2025/03/09 15:24:25 tb Exp $ -.\" full merge up to: OpenSSL 6859cf74 Sep 25 13:33:28 2002 +0000 -.\" selective merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Ulf Moeller . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 9 2025 $ -.Dt BN_MOD_MUL_MONTGOMERY 3 -.Os -.Sh NAME -.Nm BN_MONT_CTX_new , -.Nm BN_MONT_CTX_free , -.Nm BN_MONT_CTX_set , -.Nm BN_MONT_CTX_set_locked , -.Nm BN_MONT_CTX_copy , -.Nm BN_mod_mul_montgomery , -.Nm BN_from_montgomery , -.Nm BN_to_montgomery -.Nd Montgomery multiplication -.Sh SYNOPSIS -.In openssl/bn.h -.Ft BN_MONT_CTX * -.Fo BN_MONT_CTX_new -.Fa void -.Fc -.Ft void -.Fo BN_MONT_CTX_free -.Fa "BN_MONT_CTX *mont" -.Fc -.Ft int -.Fo BN_MONT_CTX_set -.Fa "BN_MONT_CTX *mont" -.Fa "const BIGNUM *m" -.Fa "BN_CTX *ctx" -.Fc -.Ft BN_MONT_CTX * -.Fo BN_MONT_CTX_set_locked -.Fa "BN_MONT_CTX **pmont" -.Fa "int lock" -.Fa "const BIGNUM *m" -.Fa "BN_CTX *ctx" -.Fc -.Ft BN_MONT_CTX * -.Fo BN_MONT_CTX_copy -.Fa "BN_MONT_CTX *to" -.Fa "const BN_MONT_CTX *from" -.Fc -.Ft int -.Fo BN_mod_mul_montgomery -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *b" -.Fa "BN_MONT_CTX *mont" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo BN_from_montgomery -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "BN_MONT_CTX *mont" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo BN_to_montgomery -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "BN_MONT_CTX *mont" -.Fa "BN_CTX *ctx" -.Fc -.Sh DESCRIPTION -These functions implement Montgomery multiplication. -They are used automatically when -.Xr BN_mod_exp 3 -is called with suitable input, but they may be useful when several -operations are to be performed using the same modulus. -.Pp -.Fn BN_MONT_CTX_new -allocates and initializes a -.Vt BN_MONT_CTX -structure. -.Pp -.Fn BN_MONT_CTX_set -sets up the -.Fa mont -structure from the modulus -.Fa m -by precomputing its inverse and a value R. -.Pp -.Fn BN_MONT_CTX_set_locked -is a wrapper around -.Fn BN_MONT_CTX_new -and -.Fn BN_MONT_CTX_set -that is useful if more than one thread intends to use the same -.Vt BN_MONT_CTX -and none of these threads is exclusively responsible for creating -and initializing the context. -.Fn BN_MONT_CTX_set_locked -first acquires the specified -.Fa lock -using -.Xr CRYPTO_lock 3 . -If -.Pf * Fa pmont -already differs from -.Dv NULL , -no action occurs. -Otherwise, a new -.Vt BN_MONT_CTX -is allocated with -.Fn BN_MONT_CTX_new , -set up with -.Fn BN_MONT_CTX_set , -and a pointer to it is stored in -.Pf * Fa pmont . -Finally, the -.Fa lock -is released. -.Pp -.Fn BN_MONT_CTX_copy -copies the -.Vt BN_MONT_CTX -.Fa from -to -.Fa to . -.Pp -.Fn BN_MONT_CTX_free -frees the components of the -.Vt BN_MONT_CTX , -and, if it was created by -.Fn BN_MONT_CTX_new , -also the structure itself. -If -.Fa mont -is a -.Dv NULL -pointer, no action occurs. -.Pp -.Fn BN_mod_mul_montgomery -computes -.Pp -.D1 Mont Ns Po Fa a , Fa b Pc := Fa a No * Fa b No * R^-1 -.Pp -and places the result in -.Fa r . -.Pp -.Fn BN_from_montgomery -performs the Montgomery reduction -.Pp -.D1 Fa r No = Fa a No * R^-1 -.Pp -.Fn BN_to_montgomery -computes -.Pp -.D1 Mont Ns Po Fa a , No R^2 Pc = Fa a No * R -.Pp -Note that -.Fa a -must be non-negative and smaller than the modulus. -.Pp -For all functions, -.Fa ctx -is a previously allocated -.Vt BN_CTX -used for temporary variables. -.Pp -.Sy Warning : -The inputs must be reduced modulo -.Fa m , -otherwise the result will be outside the expected range. -.Sh RETURN VALUES -.Fn BN_MONT_CTX_new -returns the newly allocated -.Vt BN_MONT_CTX -or -.Dv NULL -on error. -.Pp -.Fn BN_MONT_CTX_set_locked -returns a pointer to the existing or newly created context or -.Dv NULL -on error. -.Pp -For the other functions, 1 is returned for success or 0 on error. -The error codes can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr BN_add 3 , -.Xr BN_CTX_new 3 , -.Xr BN_new 3 , -.Xr CRYPTO_lock 3 -.Sh HISTORY -.Fn BN_MONT_CTX_new , -.Fn BN_MONT_CTX_free , -.Fn BN_MONT_CTX_set , -.Fn BN_mod_mul_montgomery , -.Fn BN_from_montgomery , -and -.Fn BN_to_montgomery -first appeared in SSLeay 0.6.1 and have been available since -.Ox 2.4 . -.Pp -.Fn BN_MONT_CTX_copy -first appeared in SSLeay 0.9.1 and has been available since -.Ox 2.6 . -.Pp -.Fn BN_MONT_CTX_set_locked -first appeared in OpenSSL 0.9.8 and has been available since -.Ox 4.0 . diff --git a/src/lib/libcrypto/man/BN_mod_sqrt.3 b/src/lib/libcrypto/man/BN_mod_sqrt.3 deleted file mode 100644 index 7247d907a0..0000000000 --- a/src/lib/libcrypto/man/BN_mod_sqrt.3 +++ /dev/null @@ -1,111 +0,0 @@ -.\" $OpenBSD: BN_mod_sqrt.3,v 1.2 2022/12/06 22:22:42 tb Exp $ -.\" -.\" Copyright (c) 2022 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: December 6 2022 $ -.Dt BN_MOD_SQRT 3 -.Os -.Sh NAME -.Nm BN_mod_sqrt -.Nd square root in a prime field -.Sh SYNOPSIS -.In openssl/bn.h -.Ft BIGNUM * -.Fo BN_mod_sqrt -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *p" -.Fa "BN_CTX *ctx" -.Fc -.Sh DESCRIPTION -.Fn BN_mod_sqrt -solves -.Bd -unfilled -offset indent -.EQ -r sup 2 == a ( roman mod p ) -.EN -.Ed -.Pp -for -.Fa r -in the prime field of characteristic -.Fa p -using the Tonelli-Shanks algorithm if needed -and places one of the two solutions into -.Fa r . -The other solution is -.Fa p -\- -.Fa r . -.Pp -The argument -.Fa p -is expected to be a prime number. -.Sh RETURN VALUES -In case of success, -.Fn BN_mod_sqrt -returns -.Fa r , -or a newly allocated -.Vt BIGNUM -object if the -.Fa r -argument is -.Dv NULL . -.Pp -In case of failure, -.Dv NULL -is returned. -This for example happens if -.Fa a -is not a quadratic residue or if memory allocation fails. -.Sh SEE ALSO -.Xr BN_CTX_new 3 , -.Xr BN_kronecker 3 , -.Xr BN_mod_sqr 3 , -.Xr BN_new 3 -.Rs -.%A Henri Cohen -.%B A Course in Computational Algebraic Number Theory -.%I Springer -.%C Berlin -.%D 1993 -.%O Algorithm 1.5.1 -.Re -.Sh HISTORY -.Fn BN_mod_sqrt -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.2 . -.Sh CAVEATS -If -.Fa p -is not prime, -.Fn BN_mod_sqrt -may succeed or fail. -If it succeeds, the square of the returned value is congruent to -.Fa a -modulo -.Fa p . -If it fails, the reason reported by -.Xr ERR_get_error 3 -is often misleading. -In particular, even if -.Fa a -is a perfect square, -.Fn BN_mod_sqrt -often reports -.Dq not a square -instead of -.Dq p is not prime . diff --git a/src/lib/libcrypto/man/BN_new.3 b/src/lib/libcrypto/man/BN_new.3 deleted file mode 100644 index 088048c622..0000000000 --- a/src/lib/libcrypto/man/BN_new.3 +++ /dev/null @@ -1,165 +0,0 @@ -.\" $OpenBSD: BN_new.3,v 1.31 2023/07/26 20:08:59 tb Exp $ -.\" full merge up to: OpenSSL man3/BN_new 2457c19d Mar 6 08:43:36 2004 +0000 -.\" selective merge up to: man3/BN_new 681acb31 Sep 29 13:10:34 2017 +0200 -.\" full merge up to: OpenSSL man7/bn 05ea606a May 20 20:52:46 2016 -0400 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000, 2004 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 26 2023 $ -.Dt BN_NEW 3 -.Os -.Sh NAME -.Nm BN_new , -.Nm BN_clear , -.Nm BN_free , -.Nm BN_clear_free -.Nd allocate and free BIGNUMs -.Sh SYNOPSIS -.In openssl/bn.h -.Ft BIGNUM * -.Fo BN_new -.Fa void -.Fc -.Ft void -.Fo BN_clear -.Fa "BIGNUM *a" -.Fc -.Ft void -.Fo BN_free -.Fa "BIGNUM *a" -.Fc -.Ft void -.Fo BN_clear_free -.Fa "BIGNUM *a" -.Fc -.Sh DESCRIPTION -The BN library performs arithmetic operations on integers of arbitrary -size. -It was written for use in public key cryptography, such as RSA and -Diffie-Hellman. -.Pp -It uses dynamic memory allocation for storing its data structures. -That means that there is no limit on the size of the numbers manipulated -by these functions, but return values must always be checked in case a -memory allocation error has occurred. -.Pp -The basic object in this library is a -.Vt BIGNUM . -It is used to hold a single large integer. -This type should be considered opaque and fields should not be modified -or accessed directly. -.Pp -.Fn BN_new -allocates and initializes a -.Vt BIGNUM -structure, in particular setting the value to zero and the flags to -.Dv BN_FLG_MALLOCED . -The security-relevant flag -.Dv BN_FLG_CONSTTIME -is not set by default. -.Pp -.Fn BN_clear -is used to destroy sensitive data such as keys when they are no longer -needed. -It erases the memory used by -.Fa a -and sets it to the value 0. -.Pp -.Fn BN_free -frees the components of the -.Vt BIGNUM -and, if it was created by -.Fn BN_new , -also the structure itself. -.Fn BN_clear_free -additionally overwrites the data before the memory is returned to the -system. -If -.Fa a -is a -.Dv NULL -pointer, no action occurs. -.Sh RETURN VALUES -.Fn BN_new -returns a pointer to the -.Vt BIGNUM . -If the allocation fails, it returns -.Dv NULL -and sets an error code that can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr BN_add 3 , -.Xr BN_add_word 3 , -.Xr BN_bn2bin 3 , -.Xr BN_cmp 3 , -.Xr BN_copy 3 , -.Xr BN_CTX_new 3 , -.Xr BN_CTX_start 3 , -.Xr BN_generate_prime 3 , -.Xr BN_get_rfc3526_prime_8192 3 , -.Xr BN_kronecker 3 , -.Xr BN_mod_inverse 3 , -.Xr BN_mod_mul_montgomery 3 , -.Xr BN_mod_sqrt 3 , -.Xr BN_num_bytes 3 , -.Xr BN_rand 3 , -.Xr BN_security_bits 3 , -.Xr BN_set_bit 3 , -.Xr BN_set_flags 3 , -.Xr BN_set_negative 3 , -.Xr BN_swap 3 , -.Xr BN_zero 3 , -.Xr crypto 3 -.Sh HISTORY -.Fn BN_new , -.Fn BN_clear , -.Fn BN_free , -and -.Fn BN_clear_free -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/BN_num_bytes.3 b/src/lib/libcrypto/man/BN_num_bytes.3 deleted file mode 100644 index 785f43e2f0..0000000000 --- a/src/lib/libcrypto/man/BN_num_bytes.3 +++ /dev/null @@ -1,175 +0,0 @@ -.\" $OpenBSD: BN_num_bytes.3,v 1.9 2022/11/22 18:55:04 schwarze Exp $ -.\" full merge up to: OpenSSL 9e183d22 Mar 11 08:56:44 2017 -0500 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2022 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Ulf Moeller -.\" and Richard Levitte . -.\" Copyright (c) 2000, 2004 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 22 2022 $ -.Dt BN_NUM_BYTES 3 -.Os -.Sh NAME -.Nm BN_num_bits_word , -.Nm BN_num_bits , -.Nm BN_num_bytes -.Nd get BIGNUM size -.Sh SYNOPSIS -.In openssl/bn.h -.Ft int -.Fo BN_num_bits_word -.Fa "BN_ULONG w" -.Fc -.Ft int -.Fo BN_num_bits -.Fa "const BIGNUM *a" -.Fc -.Ft int -.Fo BN_num_bytes -.Fa "const BIGNUM *a" -.Fc -.Sh DESCRIPTION -.Fn BN_num_bits_word -returns the number of significant bits in -.Fa w , -that is, the minimum number of digits needed to write -.Fa w -as a binary number. -Except for an argument of 0, this is -.Pp -.D1 floor(log2( Ns Fa w ) ) No + 1 . -.Pp -.Vt BN_ULONG -is a macro that expands to -.Vt unsigned long Pq = Vt uint64_t -on -.Dv _LP64 -platforms and -.Vt unsigned int Pq = Vt uint32_t -elsewhere. -.Pp -.Fn BN_num_bits -returns the number of significant bits in the value of the -.Fa "BIGNUM *a" , -following the same principle as -.Fn BN_num_bits_word . -.Pp -.Fn BN_num_bytes -is a macro that returns the number of significant bytes in -.Fa a , -i.e. the minimum number of bytes needed to store the value of -.Fa a , -that is, -.Fn BN_num_bits a -divided by eight and rounded up to the next integer number. -.Sh RETURN VALUES -.Fn BN_num_bits_word -returns the number of significant bits in -.Fa w -or 0 if -.Fa w -is 0. -The maximum return value that can occur is -.Dv BN_BITS2 , -which is 64 on -.Dv _LP64 -platforms and 32 elsewhere. -.Pp -.Fn BN_num_bits -returns the number of significant bits and -.Fn BN_num_bytes -the number of significant bytes in -.Fa a , -or 0 if the value of -.Fa a -is 0. -.Sh SEE ALSO -.Xr BN_new 3 , -.Xr BN_security_bits 3 , -.Xr DH_size 3 , -.Xr DSA_size 3 , -.Xr RSA_size 3 -.Sh HISTORY -.Fn BN_num_bytes -and -.Fn BN_num_bits -first appeared in SSLeay 0.5.1. -.Fn BN_num_bits_word -first appeared in SSLeay 0.5.2. -These functions have been available since -.Ox 2.4 . -.Sh CAVEATS -Some have tried using -.Fn BN_num_bits -on individual numbers in RSA keys, DH keys and DSA keys, and found that -they don't always come up with the number of bits they expected -(something like 512, 1024, 2048, ...). -This is because generating a number with some specific number of bits -doesn't always set the highest bits, thereby making the number of -.Em significant -bits a little smaller. -If you want to know the "key size" of such a key, use functions like -.Xr RSA_size 3 , -.Xr DH_size 3 , -and -.Xr DSA_size 3 . diff --git a/src/lib/libcrypto/man/BN_rand.3 b/src/lib/libcrypto/man/BN_rand.3 deleted file mode 100644 index 3d4401a429..0000000000 --- a/src/lib/libcrypto/man/BN_rand.3 +++ /dev/null @@ -1,146 +0,0 @@ -.\" $OpenBSD: BN_rand.3,v 1.18 2021/11/30 18:34:35 tb Exp $ -.\" full merge up to: OpenSSL 05ea606a May 20 20:52:46 2016 -0400 -.\" selective merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000, 2001, 2002, 2013, 2015 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 30 2021 $ -.Dt BN_RAND 3 -.Os -.Sh NAME -.Nm BN_rand , -.Nm BN_rand_range , -.Nm BN_pseudo_rand , -.Nm BN_pseudo_rand_range -.Nd generate pseudo-random number -.Sh SYNOPSIS -.In openssl/bn.h -.Ft int -.Fo BN_rand -.Fa "BIGNUM *rnd" -.Fa "int bits" -.Fa "int top" -.Fa "int bottom" -.Fc -.Ft int -.Fo BN_rand_range -.Fa "BIGNUM *rnd" -.Fa "const BIGNUM *range" -.Fc -.Sh DESCRIPTION -.Fn BN_rand -generates a cryptographically strong pseudo-random number of -.Fa bits -in length and stores it in -.Fa rnd . -If -.Fa top -is -.Dv BN_RAND_TOP_ANY , -the most significant bit of the random number can be zero. -If -.Fa top -is -.Dv BN_RAND_TOP_ONE , -the most significant bit is set to 1, and if -.Fa top -is -.Dv BN_RAND_TOP_TWO , -the two most significant bits of the number will be set to 1, so -that the product of two such random numbers will always have -.Pf 2* Fa bits -length. -If -.Fa bottom -is -.Dv BN_RAND_BOTTOM_ODD , -the number will be odd; -if it is -.Dv BN_RAND_BOTTOM_ANY , -it can be odd or even. -The value of -.Fa bits -must be zero or greater. -If -.Fa bits -is +1 then -.Fa top -cannot be -.Dv BN_RAND_TOP_TWO . -.Pp -.Fn BN_rand_range -generates a cryptographically strong pseudo-random number -.Fa rnd -in the range 0 <= -.Fa rnd No < Fa range . -.Pp -.Fn BN_pseudo_rand -is a deprecated alias for -.Fn BN_rand , -and -.Fn BN_pseudo_rand_range -for -.Fn BN_rand_range . -.Sh RETURN VALUES -The functions return 1 on success, 0 on error. -The error codes can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr BN_new 3 -.Sh HISTORY -.Fn BN_rand -first appeared in SSLeay 0.5.1 and has been available since -.Ox 2.4 . -.Pp -The -.Fa top -== -1 case and the function -.Fn BN_rand_range -first appeared in OpenSSL 0.9.6a and have been available since -.Ox 3.0 . diff --git a/src/lib/libcrypto/man/BN_set_bit.3 b/src/lib/libcrypto/man/BN_set_bit.3 deleted file mode 100644 index 2c53066777..0000000000 --- a/src/lib/libcrypto/man/BN_set_bit.3 +++ /dev/null @@ -1,216 +0,0 @@ -.\" $OpenBSD: BN_set_bit.3,v 1.8 2021/11/30 18:34:35 tb Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000, 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 30 2021 $ -.Dt BN_SET_BIT 3 -.Os -.Sh NAME -.Nm BN_set_bit , -.Nm BN_clear_bit , -.Nm BN_is_bit_set , -.Nm BN_mask_bits , -.Nm BN_lshift , -.Nm BN_lshift1 , -.Nm BN_rshift , -.Nm BN_rshift1 -.Nd bit operations on BIGNUMs -.Sh SYNOPSIS -.In openssl/bn.h -.Ft int -.Fo BN_set_bit -.Fa "BIGNUM *a" -.Fa "int n" -.Fc -.Ft int -.Fo BN_clear_bit -.Fa "BIGNUM *a" -.Fa "int n" -.Fc -.Ft int -.Fo BN_is_bit_set -.Fa "const BIGNUM *a" -.Fa "int n" -.Fc -.Ft int -.Fo BN_mask_bits -.Fa "BIGNUM *a" -.Fa "int n" -.Fc -.Ft int -.Fo BN_lshift -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "int n" -.Fc -.Ft int -.Fo BN_lshift1 -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fc -.Ft int -.Fo BN_rshift -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "int n" -.Fc -.Ft int -.Fo BN_rshift1 -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fc -.Sh DESCRIPTION -.Fn BN_set_bit -sets bit -.Fa n -in -.Fa a -to 1 -.Pq Li a|=(1<>n) . -An error occurs if -.Fa a -already is shorter than -.Fa n -bits. -.Pp -.Fn BN_lshift -shifts -.Fa a -left by -.Fa n -bits and places the result in -.Fa r -.Pq Li r=a*2^n . -Note that -.Fa n -must be non-negative. -.Fn BN_lshift1 -shifts -.Fa a -left by one and places the result in -.Fa r -.Pq Li r=2*a . -.Pp -.Fn BN_rshift -shifts -.Fa a -right by -.Fa n -bits and places the result in -.Fa r -.Pq Li r=a/2^n . -Note that -.Fa n -must be non-negative. -.Fn BN_rshift1 -shifts -.Fa a -right by one and places the result in -.Fa r -.Pq Li r=a/2 . -.Pp -For the shift functions, -.Fa r -and -.Fa a -may be the same variable. -.Sh RETURN VALUES -.Fn BN_is_bit_set -returns 1 if the bit is set, 0 otherwise. -.Pp -All other functions return 1 for success, 0 on error. -The error codes can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr BN_add 3 , -.Xr BN_new 3 , -.Xr BN_num_bytes 3 , -.Xr BN_set_negative 3 , -.Xr BN_zero 3 -.Sh HISTORY -.Fn BN_set_bit , -.Fn BN_clear_bit , -.Fn BN_is_bit_set , -.Fn BN_mask_bits , -.Fn BN_lshift , -.Fn BN_lshift1 , -.Fn BN_rshift , -and -.Fn BN_rshift1 -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/BN_set_flags.3 b/src/lib/libcrypto/man/BN_set_flags.3 deleted file mode 100644 index 1285ae2b28..0000000000 --- a/src/lib/libcrypto/man/BN_set_flags.3 +++ /dev/null @@ -1,160 +0,0 @@ -.\" $OpenBSD: BN_set_flags.3,v 1.6 2023/04/27 07:22:22 tb Exp $ -.\" -.\" Copyright (c) 2017 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: April 27 2023 $ -.Dt BN_SET_FLAGS 3 -.Os -.Sh NAME -.Nm BN_set_flags , -.Nm BN_get_flags -.Nd enable and inspect flags on BIGNUM objects -.Sh SYNOPSIS -.In openssl/bn.h -.Ft void -.Fo BN_set_flags -.Fa "BIGNUM *b" -.Fa "int flags" -.Fc -.Ft int -.Fo BN_get_flags -.Fa "const BIGNUM *b" -.Fa "int flags" -.Fc -.Sh DESCRIPTION -.Fn BN_set_flags -enables the given -.Fa flags -on -.Fa b . -The -.Fa flags -argument can contain zero or more of the following constants OR'ed -together: -.Bl -tag -width Ds -.It Dv BN_FLG_CONSTTIME -If this flag is set on the divident -.Fa a -or the divisor -.Fa d -in -.Xr BN_div 3 , -on the exponent -.Fa p -in -.Xr BN_mod_exp 3 , -or on the divisor -.Fa a -or the modulus -.Fa n -in -.Xr BN_mod_inverse 3 , -these functions select algorithms with an execution time independent -of the respective numbers, to avoid exposing sensitive information -to timing side-channel attacks. -.Pp -This flag is off by default for -.Vt BIGNUM -objects created with -.Xr BN_new 3 . -.It Dv BN_FLG_MALLOCED -If this flag is set, -.Xr BN_free 3 -and -.Xr BN_clear_free 3 -will not only clear and free the components of -.Fa b , -but also -.Fa b -itself. -This flag is set internally by -.Xr BN_new 3 . -Setting it manually on an existing -.Vt BIGNUM -object is usually a bad idea and can cause calls to -.Xr free 3 -with bogus arguments. -.It Dv BN_FLG_STATIC_DATA -If this flag is set, -.Xr BN_clear_free 3 -will neither clear nor free the memory used for storing the number. -Consequently, setting it manually on an existing -.Vt BIGNUM -object is usually a terrible idea that can cause both disclosure -of secret data and memory leaks. -This flag is automatically set on the constant -.Vt BIGNUM -object returned by -.Xr BN_value_one 3 . -.El -.Pp -.Fn BN_get_flags -interprets -.Fa flags -as a bitmask and returns those of the given flags that are set in -.Fa b , -OR'ed together, or 0 if none of the given -.Fa flags -is set. -The -.Fa flags -argument has the same syntax as for -.Fn BN_set_flags . -.Sh RETURN VALUES -.Fn BN_get_flags -returns zero or more of the above constants, OR'ed together. -.Sh SEE ALSO -.Xr BN_mod_exp 3 , -.Xr BN_mod_inverse 3 , -.Xr BN_new 3 , -.Xr BN_with_flags 3 -.Sh HISTORY -.Fn BN_set_flags -and -.Fn BN_get_flags -first appeared in SSLeay 0.9.1 and have been available since -.Ox 2.6 . -.Sh CAVEATS -No public interface exists to clear a flag once it is set. -So think twice before using -.Fn BN_set_flags . -.Sh BUGS -Even if the -.Dv BN_FLG_CONSTTIME -flag is set on -.Fa a -or -.Fa b , -.Fn BN_gcd -neither fails nor operates in constant time, potentially allowing -timing side-channel attacks. -.Pp -Even if the -.Dv BN_FLG_CONSTTIME -flag is set on -.Fa p , -if the modulus -.Fa m -is even, -.Xr BN_mod_exp 3 -does not operate in constant time, potentially allowing -timing side-channel attacks. -.Pp -If -.Dv BN_FLG_CONSTTIME -is set on -.Fa p , -.Fn BN_exp -fails instead of operating in constant time. diff --git a/src/lib/libcrypto/man/BN_set_negative.3 b/src/lib/libcrypto/man/BN_set_negative.3 deleted file mode 100644 index 6cdff5c974..0000000000 --- a/src/lib/libcrypto/man/BN_set_negative.3 +++ /dev/null @@ -1,63 +0,0 @@ -.\" $OpenBSD: BN_set_negative.3,v 1.6 2021/12/06 19:45:27 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: December 6 2021 $ -.Dt BN_SET_NEGATIVE 3 -.Os -.Sh NAME -.Nm BN_set_negative , -.Nm BN_is_negative -.Nd change and inspect the sign of a BIGNUM -.Sh SYNOPSIS -.In openssl/bn.h -.Ft void -.Fo BN_set_negative -.Fa "BIGNUM *b" -.Fa "int n" -.Fc -.Ft int -.Fo BN_is_negative -.Fa "const BIGNUM *b" -.Fc -.Sh DESCRIPTION -.Fn BN_set_negative -sets -.Fa b -to negative if both -.Fa b -and -.Fa n -are non-zero, otherwise it sets it to positive. -.Pp -.Fn BN_is_negative -tests the sign of -.Fa b . -.Sh RETURN VALUES -.Fn BN_is_negative -returns 1 if -.Fa b -is negative or 0 otherwise. -.Sh SEE ALSO -.Xr BN_add 3 , -.Xr BN_new 3 , -.Xr BN_set_bit 3 , -.Xr BN_zero 3 -.Sh HISTORY -.Fn BN_set_negative -and -.Fn BN_is_negative -first appeared in OpenSSL 0.9.8 and have been available since -.Ox 4.5 . diff --git a/src/lib/libcrypto/man/BN_swap.3 b/src/lib/libcrypto/man/BN_swap.3 deleted file mode 100644 index 218ca1cf02..0000000000 --- a/src/lib/libcrypto/man/BN_swap.3 +++ /dev/null @@ -1,148 +0,0 @@ -.\" $OpenBSD: BN_swap.3,v 1.6 2021/12/19 22:06:35 schwarze Exp $ -.\" full merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Bodo Moeller . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 19 2021 $ -.Dt BN_SWAP 3 -.Os -.Sh NAME -.Nm BN_swap , -.Nm BN_consttime_swap -.Nd exchange BIGNUMs -.Sh SYNOPSIS -.In openssl/bn.h -.Ft void -.Fo BN_swap -.Fa "BIGNUM *a" -.Fa "BIGNUM *b" -.Fc -.Ft void -.Fo BN_consttime_swap -.Fa "BN_ULONG condition" -.Fa "BIGNUM *a" -.Fa "BIGNUM *b" -.Fa "int nwords" -.Fc -.Sh DESCRIPTION -.Fn BN_swap -and -.Fn BN_consttime_swap -exchange the values of -.Fa a -and -.Fa b . -.Pp -.Fn BN_swap -implements this by exchanging the pointers to the data buffers of -.Fa a -and -.Fa b -and also exchanging the values of the -.Dv BN_FLG_STATIC_DATA -bits. -Consequently, the operation is fast and execution time does not depend -on any properties of the two numbers. -However, execution time obviously differs between swapping (by calling -this function) and not swapping (by not calling this function). -.Pp -.Fn BN_consttime_swap -only performs the exchange if the -.Fa condition -is non-zero; otherwise, it has no effect. -It implements the exchange by exchanging the contents of the data -buffers rather than the pointers to the data buffers. -This is slower, but implemented in such a way that the execution time -is not only independent of the properties of the two numbers, but also -independent of the -.Fa condition -argument, i.e. the same for swapping or not swapping. -Execution time does however grow in an approximately linear manner with the -.Fa nwords -argument. -.Pp -.Fn BN_consttime_swap -calls -.Xr abort 3 -if at least one of -.Fa a -or -.Fa b -has fewer than -.Fa nwords -data words allocated or more than -.Fa nwords -data words are currently in use in at least one of them. -.Sh SEE ALSO -.Xr BN_new 3 , -.Xr BN_set_flags 3 -.Sh HISTORY -.Fn BN_swap -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.2 . -.Pp -.Fn BN_consttime_swap -first appeared in OpenSSL 1.0.1g and has been available since -.Ox 5.6 . diff --git a/src/lib/libcrypto/man/BN_zero.3 b/src/lib/libcrypto/man/BN_zero.3 deleted file mode 100644 index 0b677b246f..0000000000 --- a/src/lib/libcrypto/man/BN_zero.3 +++ /dev/null @@ -1,174 +0,0 @@ -.\" $OpenBSD: BN_zero.3,v 1.13 2023/04/30 19:23:54 tb Exp $ -.\" full merge up to: OpenSSL a528d4f0 Oct 27 13:40:11 2015 -0400 -.\" selective merge up to: OpenSSL b713c4ff Jan 22 14:41:09 2018 -0500 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2021, 2022 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Ulf Moeller . -.\" Copyright (c) 2000, 2001, 2018 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: April 30 2023 $ -.Dt BN_ZERO 3 -.Os -.Sh NAME -.Nm BN_zero , -.Nm BN_one , -.Nm BN_value_one , -.Nm BN_set_word , -.Nm BN_get_word -.Nd BIGNUM assignment operations -.Sh SYNOPSIS -.In openssl/bn.h -.Ft int -.Fo BN_zero -.Fa "BIGNUM *a" -.Fc -.Ft int -.Fo BN_one -.Fa "BIGNUM *a" -.Fc -.Ft const BIGNUM * -.Fo BN_value_one -.Fa void -.Fc -.Ft int -.Fo BN_set_word -.Fa "BIGNUM *a" -.Fa "BN_ULONG w" -.Fc -.Ft BN_ULONG -.Fo BN_get_word -.Fa "const BIGNUM *a" -.Fc -.Sh DESCRIPTION -.Vt BN_ULONG -is a macro that expands to an unsigned integral type optimized -for the most efficient implementation on the local platform. -It is -.Vt unsigned long Pq = Vt uint64_t -on -.Dv _LP64 -platforms and -.Vt unsigned int Pq = Vt uint32_t -elsewhere. -.Pp -.Fn BN_zero , -.Fn BN_one , -and -.Fn BN_set_word -set -.Fa a -to the values 0, 1 and -.Fa w -respectively. -.Pp -.Fn BN_value_one -returns a -.Vt BIGNUM -constant of value 1. -This constant is useful for comparisons and assignments. -.Sh RETURN VALUES -.Fn BN_get_word -returns the value -.Fa a , -or a number with all bits set if -.Fa a -cannot be represented as a -.Vt BN_ULONG . -.Pp -.Fn BN_zero , -.Fn BN_one , -and -.Fn BN_set_word -return 1 on success, 0 otherwise. -.Fn BN_value_one -returns the constant. -.Sh SEE ALSO -.Xr BN_bn2bin 3 , -.Xr BN_new 3 , -.Xr BN_set_bit 3 , -.Xr BN_set_negative 3 -.Sh HISTORY -.Fn BN_zero , -.Fn BN_one , -.Fn BN_value_one , -and -.Fn BN_set_word -first appeared in SSLeay 0.5.1. -.Fn BN_get_word -first appeared in SSLeay 0.6.0. -These functions have been available since -.Ox 2.4 . -.Sh BUGS -Someone might change the constant. -.Pp -If the value of a -.Vt BIGNUM -is equal to a -.Vt BN_ULONG -with all bits set, the return value of -.Fn BN_get_word -collides with return value used to indicate errors. -.Pp -.Vt BN_ULONG -should probably be a typedef rather than a macro. diff --git a/src/lib/libcrypto/man/BUF_MEM_new.3 b/src/lib/libcrypto/man/BUF_MEM_new.3 deleted file mode 100644 index 8c72091abe..0000000000 --- a/src/lib/libcrypto/man/BUF_MEM_new.3 +++ /dev/null @@ -1,153 +0,0 @@ -.\" $OpenBSD: BUF_MEM_new.3,v 1.19 2024/07/24 08:57:58 tb Exp $ -.\" OpenSSL doc/crypto/buffer.pod 18edda0f Sep 20 03:28:54 2000 +0000 -.\" not merged: 74924dcb, 58e3457a, 21b0fa91, 7644a9ae -.\" OpenSSL doc/crypto/BUF_MEM_new.pod 53934822 Jun 9 16:39:19 2016 -0400 -.\" not merged: c952780c, 91da5e77 -.\" OpenSSL doc/man3/BUF_MEM_new.pod 498180de Dec 12 15:35:09 2016 +0300 -.\" -.\" This file was written by Ralf S. Engelschall . -.\" Copyright (c) 1999, 2000, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 24 2024 $ -.Dt BUF_MEM_NEW 3 -.Os -.Sh NAME -.Nm BUF_MEM_new , -.Nm BUF_MEM_free , -.Nm BUF_MEM_grow , -.Nm BUF_MEM_grow_clean -.Nd simple character arrays structure -.Sh SYNOPSIS -.In openssl/buffer.h -.Ft BUF_MEM * -.Fo BUF_MEM_new -.Fa void -.Fc -.Ft void -.Fo BUF_MEM_free -.Fa "BUF_MEM *a" -.Fc -.Ft int -.Fo BUF_MEM_grow -.Fa "BUF_MEM *str" -.Fa "size_t len" -.Fc -.Ft int -.Fo BUF_MEM_grow_clean -.Fa "BUF_MEM *str" -.Fa "size_t len" -.Fc -.Sh DESCRIPTION -The buffer library handles simple character arrays. -Buffers are used for various purposes in the library, most notably -memory BIOs. -.Pp -The library uses the -.Vt BUF_MEM -structure defined in buffer.h: -.Bd -literal -typedef struct buf_mem_st { - size_t length; /* current number of bytes */ - char *data; - size_t max; /* size of buffer */ -} BUF_MEM; -.Ed -.Pp -.Fa length -is the current size of the buffer in bytes; -.Fa max -is the amount of memory allocated to the buffer. -There are three functions which handle these and one miscellaneous function. -.Pp -.Fn BUF_MEM_new -allocates a new buffer of zero size. -.Pp -.Fn BUF_MEM_free -frees up an already existing buffer. -The data is zeroed before freeing up in case the buffer contains -sensitive data. -If -.Fa a -is a -.Dv NULL -pointer, no action occurs. -.Pp -.Fn BUF_MEM_grow -changes the size of an already existing buffer to -.Fa len . -Any data already in the buffer is preserved if it increases in size. -.Pp -.Fn BUF_MEM_grow_clean -is similar to -.Fn BUF_MEM_grow , -but it sets any freed or additionally allocated memory to zero. -.Sh RETURN VALUES -.Fn BUF_MEM_new -returns the buffer or -.Dv NULL -on error. -.Pp -.Fn BUF_MEM_grow -and -.Fn BUF_MEM_grow_clean -return zero on error or the new size (i.e.\& -.Fa len ) . -.Sh SEE ALSO -.Xr BIO_new 3 , -.Xr BIO_s_mem 3 -.Sh HISTORY -.Fn BUF_MEM_new , -.Fn BUF_MEM_free , -and -.Fn BUF_MEM_grow -first appeared in SSLeay 0.6.0. -All these functions have been available since -.Ox 2.4 . -.Pp -.Fn BUF_MEM_grow_clean -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/CMAC_Init.3 b/src/lib/libcrypto/man/CMAC_Init.3 deleted file mode 100644 index fd32ca085a..0000000000 --- a/src/lib/libcrypto/man/CMAC_Init.3 +++ /dev/null @@ -1,273 +0,0 @@ -.\" $OpenBSD: CMAC_Init.3,v 1.9 2024/11/12 00:42:28 schwarze Exp $ -.\" -.\" Copyright (c) 2020 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: November 12 2024 $ -.Dt CMAC_INIT 3 -.Os -.Sh NAME -.Nm CMAC_CTX_new , -.Nm CMAC_Init , -.Nm CMAC_Update , -.Nm CMAC_Final , -.Nm CMAC_CTX_copy , -.Nm CMAC_CTX_get0_cipher_ctx , -.Nm CMAC_CTX_cleanup , -.Nm CMAC_CTX_free -.Nd Cipher-based message authentication code -.Sh SYNOPSIS -.In openssl/cmac.h -.Ft CMAC_CTX * -.Fn CMAC_CTX_new void -.Ft int -.Fo CMAC_Init -.Fa "CMAC_CTX *ctx" -.Fa "const void *key" -.Fa "size_t key_len" -.Fa "const EVP_CIPHER *cipher" -.Fa "ENGINE *engine" -.Fc -.Ft int -.Fo CMAC_Update -.Fa "CMAC_CTX *ctx" -.Fa "const void *in_data" -.Fa "size_t in_len" -.Fc -.Ft int -.Fo CMAC_Final -.Fa "CMAC_CTX *ctx" -.Fa "unsigned char *out_mac" -.Fa "size_t *out_len" -.Fc -.Ft int -.Fo CMAC_CTX_copy -.Fa "CMAC_CTX *out_ctx" -.Fa "CMAC_CTX *in_ctx" -.Fc -.Ft EVP_CIPHER_CTX * -.Fn CMAC_CTX_get0_cipher_ctx "CMAC_CTX *ctx" -.Ft void -.Fn CMAC_CTX_cleanup "CMAC_CTX *ctx" -.Ft void -.Fn CMAC_CTX_free "CMAC_CTX *ctx" -.Sh DESCRIPTION -CMAC is a message authentication code algorithm that can employ an -arbitrary block cipher using a symmetric key. -.Pp -The present manual page describes low-level functions implementing CMAC. -Instead of using these functions directly, -application programs normally call -.Xr EVP_PKEY_new_CMAC_key 3 -and then pass the resulting -.Vt EVP_PKEY -object to -.Xr EVP_DigestSignInit 3 . -.Pp -The CMAC API is object-oriented. -Calculating a message authentication code requires a -.Vt CMAC_CTX -object. -Usually, the functions -.Fn CMAC_CTX_new , -.Fn CMAC_Init , -.Fn CMAC_Update , -.Fn CMAC_Final , -and -.Fn CMAC_CTX_free -need to be called in this order. -.Pp -.Fn CMAC_CTX_new -allocates a new -.Vt CMAC_CTX -object, initializes the embedded -.Vt EVP_CIPHER_CTX -object, and marks the object itself as uninitialized. -.Pp -.Fn CMAC_Init -selects the given block -.Fa cipher -for use by -.Fa ctx . -Functions to obtain suitable -.Vt EVP_CIPHER -objects are listed in the CIPHER LISTING section of the -.Xr EVP_EncryptInit 3 -manual page. -Unless -.Fa key -is -.Dv NULL , -.Fn CMAC_Init -also initializes -.Fa ctx -for use with the given symmetric -.Fa key -that is -.Fa key_len -bytes long. -In particular, it calculates and internally stores the two subkeys -and initializes -.Fa ctx -for subsequently feeding in data with -.Fn CMAC_Update . -The -.Fa engine -argument is ignored; passing -.Dv NULL -is recommended. -.Pp -If -.Fa ctx -is already initialized, -.Fn CMAC_Init -can be called again with -.Fa key -and -.Fa cipher -both set to -.Dv NULL -and -.Fa key_len -set to 0. -In that case, any data already processed is discarded and -.Fa ctx -is re-initialized to start reading data anew. -.Pp -.Fn CMAC_Update -processes -.Fa in_len -bytes of input data pointed to by -.Fa in_data . -Depending on the number of input bytes already cached in -.Fa ctx , -on -.Fa in_len , -and on the block size, this may encrypt zero or more blocks. -Unless -.Fa in_len -is zero, this function leaves at least one byte and at most one -block of input cached but unprocessed inside the -.Fa ctx -object. -.Fn CMAC_Update -can be called multiple times -to concatenate several chunks of input data of varying sizes. -.Pp -.Fn CMAC_Final -stores the length of the message authentication code in bytes, -which equals the cipher block size, into -.Pf * Fa out_len . -Unless -.Fa out_mac -is -.Dv NULL , -it encrypts the last block, padding it if required, and copies the -resulting message authentication code to -.Fa out_mac . -The caller is responsible for providing a buffer of sufficient size. -.Pp -.Fn CMAC_CTX_copy -performs a deep copy of the already initialized -.Fa in_ctx -into -.Fa out_ctx . -.Pp -.Fn CMAC_CTX_cleanup -zeros out both subkeys and all temporary data in -.Fa ctx -and in the embedded -.Vt EVP_CIPHER_CTX -object, frees all allocated memory associated with it, -except for -.Fa ctx -itself, and marks it as uninitialized, -such that it can be reused for subsequent -.Fn CMAC_Init . -.Pp -.Fn CMAC_CTX_free -calls -.Fn CMAC_CTX_cleanup , -then frees -.Fa ctx -itself. -If -.Fa ctx -is -.Dv NULL , -no action occurs. -.Sh RETURN VALUES -.Fn CMAC_CTX_new -returns the new context object or -.Dv NULL -in case of failure. -It succeeds unless memory is exhausted. -.Pp -.Fn CMAC_Init , -.Fn CMAC_Update , -.Fn CMAC_Final , -and -.Fn CMAC_CTX_copy -return 1 on success or 0 on failure. -.Fn CMAC_Init -fails if initializing the embedded -.Vt EVP_CIPHER_CTX -object fails. -The others fail if -.Fa in_ctx -is uninitialized. -.Fn CMAC_Update -and -.Fn CMAC_Final -also fail if encrypting a block fails, and -.Fn CMAC_CTX_copy -if copying the embedded -.Vt EVP_CIPHER_CTX -object fails, which can for example happen when memory is exhausted. -.Pp -.Fn CMAC_CTX_get0_cipher_ctx -returns an internal pointer to the -.Vt EVP_CIPHER_CTX -object that is embedded in -.Fa ctx . -.Sh ERRORS -The CMAC code itself does not use the -.In openssl/err.h -framework, so in general, the reasons for failure cannot be found out with -.Xr ERR_get_error 3 . -However, since the -.Xr EVP_EncryptInit 3 -functions are used internally, entries may still get pushed onto -the error stack in some cases of failure. -.Sh SEE ALSO -.Xr EVP_aes_128_cbc 3 , -.Xr EVP_DigestSignInit 3 , -.Xr EVP_EncryptInit 3 , -.Xr EVP_PKEY_new_CMAC_key 3 , -.Xr HMAC 3 -.Sh STANDARDS -.Rs -.%A Morris Dworkin -.%T "Recommendation for Block Cipher Modes of Operation:\ - The CMAC Mode for Authentication" -.%I National Institute of Standards and Technology -.%R NIST Special Publication 800-38B -.%U https://doi.org/10.6028/NIST.SP.800-38B -.%C Gaithersburg, Maryland -.%D May 2005, updated October 6, 2016 -.Re -.Sh HISTORY -These functions first appeared in OpenSSL 1.0.1 -and have been available since -.Ox 5.3 . diff --git a/src/lib/libcrypto/man/CMS_ContentInfo_new.3 b/src/lib/libcrypto/man/CMS_ContentInfo_new.3 deleted file mode 100644 index d5117fa4ae..0000000000 --- a/src/lib/libcrypto/man/CMS_ContentInfo_new.3 +++ /dev/null @@ -1,135 +0,0 @@ -.\" $OpenBSD: CMS_ContentInfo_new.3,v 1.4 2024/01/22 14:00:13 tb Exp $ -.\" Copyright (c) 2019 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: January 22 2024 $ -.Dt CMS_CONTENTINFO_NEW 3 -.Os -.Sh NAME -.Nm CMS_ContentInfo_new , -.Nm CMS_ContentInfo_free , -.Nm CMS_ContentInfo_print_ctx , -.Nm CMS_ReceiptRequest_new , -.Nm CMS_ReceiptRequest_free -.Nd Cryptographic Message Syntax data structures -.Sh SYNOPSIS -.In openssl/cms.h -.Ft CMS_ContentInfo * -.Fn CMS_ContentInfo_new void -.Ft void -.Fn CMS_ContentInfo_free "CMS_ContentInfo *cms" -.Ft int -.Fo CMS_ContentInfo_print_ctx -.Fa "BIO *out" -.Fa "CMS_ContentInfo *cms" -.Fa "int indent" -.Fa "const ASN1_PCTX *pctx" -.Fc -.Ft CMS_ReceiptRequest * -.Fn CMS_ReceiptRequest_new void -.Ft void -.Fn CMS_ReceiptRequest_free "CMS_ReceiptRequest *rr" -.Sh DESCRIPTION -.Fn CMS_ContentInfo_new -allocates and initializes an empty -.Vt CMS_ContentInfo -object, representing an ASN.1 -.Vt ContentInfo -structure defined in RFC 5652 section 3. -It can hold a pointer to an ASN.1 OBJECT IDENTIFIER -and a pointer to either a -.Vt SignedData , -.Vt EnvelopedData , -.Vt DigestedData , -.Vt EncryptedData , -.Vt AuthenticatedData , -or -.Vt CompressedData -object or to an arbitrary ASN.1 object. -.Fn CMS_ContentInfo_free -frees -.Fa cms . -.Pp -.Fn CMS_ContentInfo_print_ctx -prints a human readable representation of -.Fa cms -to -.Fa out . -.Pp -.Fn CMS_ReceiptRequest_new -allocates and initializes an empty -.Vt CMS_ReceiptRequest -object, representing an ASN.1 -.Vt ReceiptRequest -structure defined in RFC 2634 section 2.7. -It can contain a content identifier, a list of recipients requested -to return a signed receipt, and a list of users to send the receipt to. -.Fn CMS_ReceiptRequest_free -frees -.Fa rr . -.Sh RETURN VALUES -.Fn CMS_ContentInfo_new -and -.Fn CMS_ReceiptRequest_new -return the new -.Vt CMS_ContentInfo -or -.Vt CMS_ReceiptRequest -object, respectively, or -.Dv NULL -if an error occurs. -.Sh SEE ALSO -.Xr BIO_new_CMS 3 , -.Xr CMS_add0_cert 3 , -.Xr CMS_add1_recipient_cert 3 , -.Xr CMS_add1_signer 3 , -.Xr CMS_compress 3 , -.Xr CMS_decrypt 3 , -.Xr CMS_encrypt 3 , -.Xr CMS_final 3 , -.Xr CMS_get0_RecipientInfos 3 , -.Xr CMS_get0_SignerInfos 3 , -.Xr CMS_get0_type 3 , -.Xr CMS_get1_ReceiptRequest 3 , -.Xr CMS_sign 3 , -.Xr CMS_sign_receipt 3 , -.Xr CMS_signed_add1_attr 3 , -.Xr CMS_uncompress 3 , -.Xr CMS_verify 3 , -.Xr CMS_verify_receipt 3 , -.Xr crypto 3 , -.Xr d2i_CMS_ContentInfo 3 , -.Xr i2d_CMS_bio_stream 3 , -.Xr PEM_read_bio_PrivateKey 3 , -.Xr PEM_write_bio_CMS_stream 3 , -.Xr SMIME_read_CMS 3 , -.Xr SMIME_write_CMS 3 -.Sh STANDARDS -RFC 5652: Cryptographic Message Syntax, section 3: General Syntax -.Pp -RFC 3274: Compressed Data Content Type for Cryptographic Message Syntax (CMS) -.Pp -RFC 2634: Enhanced Security Services for S/MIME, -section 2.7: Receipt Request Syntax -.Sh HISTORY -.Fn CMS_ContentInfo_new , -.Fn CMS_ContentInfo_free , -.Fn CMS_ReceiptRequest_new , -and -.Fn CMS_ReceiptRequest_free -first appeared in OpenSSL 0.9.8h and -.Fn CMS_ContentInfo_print_ctx -in OpenSSL 1.0.0. -This functions have been available since -.Ox 6.7 . diff --git a/src/lib/libcrypto/man/CMS_add0_cert.3 b/src/lib/libcrypto/man/CMS_add0_cert.3 deleted file mode 100644 index be9357cc9a..0000000000 --- a/src/lib/libcrypto/man/CMS_add0_cert.3 +++ /dev/null @@ -1,222 +0,0 @@ -.\" $OpenBSD: CMS_add0_cert.3,v 1.10 2024/11/30 21:21:40 tb Exp $ -.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2019 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2008 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 30 2024 $ -.Dt CMS_ADD0_CERT 3 -.Os -.Sh NAME -.Nm CMS_add0_cert , -.Nm CMS_add1_cert , -.Nm CMS_get1_certs , -.Nm CMS_add0_crl , -.Nm CMS_add1_crl , -.Nm CMS_get1_crls -.Nd CMS certificate and CRL utility functions -.Sh SYNOPSIS -.In openssl/cms.h -.Ft int -.Fo CMS_add0_cert -.Fa "CMS_ContentInfo *cms" -.Fa "X509 *certificate" -.Fc -.Ft int -.Fo CMS_add1_cert -.Fa "CMS_ContentInfo *cms" -.Fa "X509 *certificate" -.Fc -.Ft STACK_OF(X509) * -.Fo CMS_get1_certs -.Fa "CMS_ContentInfo *cms" -.Fc -.Ft int -.Fo CMS_add0_crl -.Fa "CMS_ContentInfo *cms" -.Fa "X509_CRL *crl" -.Fc -.Ft int -.Fo CMS_add1_crl -.Fa "CMS_ContentInfo *cms" -.Fa "X509_CRL *crl" -.Fc -.Ft STACK_OF(X509_CRL) * -.Fo CMS_get1_crls -.Fa "CMS_ContentInfo *cms" -.Fc -.Sh DESCRIPTION -.Fn CMS_add0_cert -adds the -.Fa certificate -to the -.Fa certificates -field of -.Fa cms -if it is of the type -.Vt SignedData -or to the -.Fa originatorInfo.certs -field if it is of the type -.Vt EnvelopedData . -.Fn CMS_add1_cert -does the same and also increments the reference count of the -.Fa certificate -with -.Xr X509_up_ref 3 -in case of success. -.Pp -.Fn CMS_get1_certs -returns all certificates in -.Fa cms . -.Pp -.Fn CMS_add0_crl -adds the -.Fa crl -to the -.Fa crls -field of -.Fa cms -if it is of the type -.Vt SignedData -or to the -.Fa originatorInfo.crls -field if it is of the type -.Vt EnvelopedData . -.Fn CMS_add1_crl -does the same and also increments the reference count of the -.Fa crl -with -.Xr X509_CRL_up_ref 3 -in case of success. -.Pp -.Fn CMS_get1_crls -returns any CRLs in -.Fa cms . -.Pp -An error occurs if -.Fa cms -is of any type other than -.Vt SignedData -or -.Vt EnvelopedData . -.Pp -The same -.Fa certificate -or -.Fa crl -must not be added to the same -.Fa cms -structure more than once. -.Sh RETURN VALUES -.Fn CMS_add0_cert , -.Fn CMS_add1_cert , -.Fn CMS_add0_crl , -and -.Fn CMS_add1_crl -return 1 for success or 0 for failure. -.Pp -.Fn CMS_get1_certs -and -.Fn CMS_get1_crls -return the STACK of certificates or CRLs or -.Dv NULL -if there are none or an error occurs. -Possible errors are that the -.Fa cms -type is invalid or memory allocation failure. -Not all errors result in an error on the error stack. -The returned stack must be freed using the appropriate -macro wrapper of -.Xr sk_pop_free 3 , -namely -.Dv sk_X509_pop_free() -or -.Dv sk_X509_CRL_pop_free() . -.Sh SEE ALSO -.Xr CMS_ContentInfo_new 3 , -.Xr CMS_encrypt 3 , -.Xr CMS_final 3 , -.Xr CMS_sign 3 , -.Xr ERR_get_error 3 -.Sh STANDARDS -RFC 5652: Cryptographic Message Syntax -.Bl -dash -compact -offset indent -.It -section 5.1: SignedData Type -.It -section 6.1: EnvelopedData Type -.El -.Sh HISTORY -.Fn CMS_add0_cert , -.Fn CMS_add1_cert , -.Fn CMS_get1_certs , -.Fn CMS_add0_crl , -and -.Fn CMS_get1_crls -first appeared in OpenSSL 0.9.8h and -.Fn CMS_add1_crl -in OpenSSL 1.0.0. -These functions have been available since -.Ox 6.7 . diff --git a/src/lib/libcrypto/man/CMS_add1_recipient_cert.3 b/src/lib/libcrypto/man/CMS_add1_recipient_cert.3 deleted file mode 100644 index 465119397d..0000000000 --- a/src/lib/libcrypto/man/CMS_add1_recipient_cert.3 +++ /dev/null @@ -1,200 +0,0 @@ -.\" $OpenBSD: CMS_add1_recipient_cert.3,v 1.7 2019/11/02 15:39:46 schwarze Exp $ -.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2019 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2008 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 2 2019 $ -.Dt CMS_ADD1_RECIPIENT_CERT 3 -.Os -.Sh NAME -.Nm CMS_add1_recipient_cert , -.Nm CMS_add0_recipient_key -.Nd add recipients to a CMS EnvelopedData structure -.Sh SYNOPSIS -.In openssl/cms.h -.Ft CMS_RecipientInfo * -.Fo CMS_add1_recipient_cert -.Fa "CMS_ContentInfo *cms" -.Fa "X509 *certificate" -.Fa "unsigned int flags" -.Fc -.Ft CMS_RecipientInfo * -.Fo CMS_add0_recipient_key -.Fa "CMS_ContentInfo *cms" -.Fa "int nid" -.Fa "unsigned char *key" -.Fa "size_t keylen" -.Fa "unsigned char *id" -.Fa "size_t idlen" -.Fa "ASN1_GENERALIZEDTIME *date" -.Fa "ASN1_OBJECT *otherTypeId" -.Fa "ASN1_TYPE *otherType" -.Fc -.Sh DESCRIPTION -These functions add a new -.Vt RecipientInfo -structure to the -.Fa recipientInfos -field of the -.Vt EnvelopedData -structure -.Fa cms , -which should have been obtained from an initial call to -.Xr CMS_encrypt 3 -with the flag -.Dv CMS_PARTIAL -set. -.Pp -.Fn CMS_add1_recipient_cert -adds the recipient -.Fa certificate -as a -.Vt KeyTransRecipientInfo -structure. -.Pp -.Fn CMS_add0_recipient_key -adds the symmetric -.Fa key -of length -.Fa keylen -using the wrapping algorithm -.Fa nid , -the identifier -.Fa id -of length -.Fa idlen , -and the optional values -.Fa date , -.Fa otherTypeId -and -.Fa otherType -as a -.Vt KEKRecipientInfo -structure. -.Pp -The main purpose of these functions is to provide finer control over a CMS -.Vt EnvelopedData -structure where the simpler -.Xr CMS_encrypt 3 -function defaults are not appropriate, -for example if one or more -.Vt KEKRecipientInfo -structures need to be added. -New attributes can also be added using the returned -.Vt CMS_RecipientInfo -structure and the CMS attribute utility functions. -.Pp -By default, recipient certificates are identified using issuer -name and serial number. -If the flag -.Dv CMS_USE_KEYID -is set, the subject key identifier value is used instead. -An error occurs if all recipient certificates do not have a subject key -identifier extension. -.Pp -Currently only AES based key wrapping algorithms are supported for -.Fa nid , -specifically -.Dv NID_id_aes128_wrap , -.Dv NID_id_aes192_wrap , -and -.Dv NID_id_aes256_wrap . -If -.Fa nid -is set to -.Dv NID_undef , -then an AES wrap algorithm will be used consistent with -.Fa keylen . -.Sh RETURN VALUES -.Fn CMS_add1_recipient_cert -and -.Fn CMS_add0_recipient_key -return an internal pointer to the -.Vt CMS_RecipientInfo -structure just added or -.Dv NULL -if an error occurs. -.Sh SEE ALSO -.Xr CMS_ContentInfo_new 3 , -.Xr CMS_encrypt 3 , -.Xr CMS_final 3 , -.Xr ERR_get_error 3 -.Sh STANDARDS -RFC 5652: Cryptographic Message Syntax -.Bl -dash -compact -offset indent -.It -section 6.1: EnvelopedData Type -.It -section 6.2.1: KeyTransRecipientInfo Type -.It -section 6.2.3: KEKRecipientInfo Type -.El -.Sh HISTORY -.Fn CMS_add1_recipient_cert -and -.Fn CMS_add0_recipient_key -first appeared in OpenSSL 0.9.8h -and have been available since -.Ox 6.7 . diff --git a/src/lib/libcrypto/man/CMS_add1_signer.3 b/src/lib/libcrypto/man/CMS_add1_signer.3 deleted file mode 100644 index 316d63c5ad..0000000000 --- a/src/lib/libcrypto/man/CMS_add1_signer.3 +++ /dev/null @@ -1,249 +0,0 @@ -.\" $OpenBSD: CMS_add1_signer.3,v 1.10 2024/04/18 16:50:22 tb Exp $ -.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2019 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2008 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: April 18 2024 $ -.Dt CMS_ADD1_SIGNER 3 -.Os -.Sh NAME -.Nm CMS_add1_signer , -.Nm CMS_SignerInfo_sign -.Nd add a signer to a CMS SignedData structure -.Sh SYNOPSIS -.In openssl/cms.h -.Ft CMS_SignerInfo * -.Fo CMS_add1_signer -.Fa "CMS_ContentInfo *cms" -.Fa "X509 *signcert" -.Fa "EVP_PKEY *pkey" -.Fa "const EVP_MD *md" -.Fa "unsigned int flags" -.Fc -.Ft int -.Fo CMS_SignerInfo_sign -.Fa "CMS_SignerInfo *si" -.Fc -.Sh DESCRIPTION -.Fn CMS_add1_signer -adds a signer with certificate -.Fa signcert -and private key -.Fa pkey -using message digest -.Fa md -to the -.Fa signerInfos -field of the -.Vt SignedData -structure -.Fa cms , -which should have been obtained from an initial call to -.Xr CMS_sign 3 -with the flag -.Dv CMS_PARTIAL -set, or which can be a valid -.Vt SignedData -structure in the case of re-signing. -.Pp -If -.Fa md -is -.Dv NULL , -the default digest for the public key algorithm of -.Fa pkey -is used. -.Pp -Unless the -.Dv CMS_REUSE_DIGEST -flag is set, the -.Fa cms -structure remains incomplete and must be finalized either by streaming -(if applicable) or by a call to -.Xr CMS_final 3 . -.Pp -The main purpose of -.Fn CMS_add1_signer -is to provide finer control over a CMS -.Vt SignedData -structure where the simpler -.Xr CMS_sign 3 -function defaults are not appropriate, for example if multiple signers -or non default digest algorithms are needed. -New attributes can also be added using the returned -.Vt CMS_SignerInfo -structure and the CMS attribute utility functions or the CMS signed -receipt request functions. -.Pp -Any of the following flags (OR'ed together) can be passed in the -.Fa flags -parameter: -.Bl -tag -width Ds -.It Dv CMS_REUSE_DIGEST -Attempt to copy the content digest value from one of the existing -.Vt CMS_SignerInfo -structures in -.Fa cms -while adding another signer. -An error occurs if a matching digest value cannot be found to copy. -The -.Fa cms -structure will be valid and finalized when this flag is set. -.It Dv CMS_PARTIAL -If this flag is set in addition to -.Dv CMS_REUSE_DIGEST , -the returned -.Vt CMS_SignerInfo -structure will not be finalized so additional attributes can be added. -In this case an explicit call to -.Fn CMS_SignerInfo_sign -is needed to finalize it. -.It Dv CMS_NOCERTS -Do not add the signer's certificate to the -.Fa certificates -field of -.Fa cms . -The signer's certificate must still be supplied in the -.Fa signcert -parameter though. -This flag can reduce the size of the signature if the signer's certificate can -be obtained by other means, for example from a previously signed message. -.It Dv CMS_NOATTR -Leave the -.Fa signedAttrs -field of the returned -.Vt CMS_SignedData -structure empty. -By default, several CMS -.Vt SignedAttributes -are added, including the signing time, the CMS content type, -and the supported list of ciphers in an -.Vt SMIMECapabilities -attribute. -.It Dv CMS_NOSMIMECAP -Omit just the -.Vt SMIMECapabilities -attribute. -.It Dv CMS_USE_KEYID -Use the subject key identifier value to identify signing certificates. -An error occurs if the signing certificate does not have a subject key -identifier extension. -By default, issuer name and serial number are used instead. -.El -.Pp -If present, the -.Vt SMIMECapabilities -attribute indicates support for the -following algorithms in preference order: 256-bit AES, -192-bit AES, 128-bit AES, triple DES, 128-bit RC2, 64-bit -RC2, DES and 40-bit RC2. -If any of these algorithms is not available then it will not be -included. -.Pp -The -.Fn CMS_SignerInfo_sign -function explicitly signs -.Fa si . -Its main use is when the -.Dv CMS_REUSE_DIGEST -and -.Dv CMS_PARTIAL -flags were both set in the call to -.Fn CMS_add1_signer -that created -.Fa si . -.Sh RETURN VALUES -.Fn CMS_add1_signer -returns an internal pointer to the new -.Vt CMS_SignerInfo -structure just added or -.Dv NULL -if an error occurs. -.Sh SEE ALSO -.Xr CMS_ContentInfo_new 3 , -.Xr CMS_final 3 , -.Xr CMS_sign 3 , -.Xr ERR_get_error 3 -.Sh STANDARDS -RFC 5652: Cryptographic Message Syntax, section 5.1: SignedData Type -.Pp -RFC 8419: Use of Edwards-Curve Digital Signature Algorithm (EdDSA) Signatures -in the Cryptographic Message Syntax (CMS) -.Pp -RFC 8551: Secure/Multipurpose Internet Mail Extensions (S/MIME) -Version\ 4.0 Message Specification -.Bl -dash -compact -offset indent -.It -section 2.5: Attributes and the SignerInfo Type -.It -section 2.5.2: SMIMECapabilities Attribute -.El -.Sh HISTORY -.Fn CMS_add1_signer -and -.Fn CMS_SignerInfo_sign -first appeared in OpenSSL 0.9.8h -and have been available since -.Ox 6.7 . diff --git a/src/lib/libcrypto/man/CMS_compress.3 b/src/lib/libcrypto/man/CMS_compress.3 deleted file mode 100644 index 242e4e96cb..0000000000 --- a/src/lib/libcrypto/man/CMS_compress.3 +++ /dev/null @@ -1,170 +0,0 @@ -.\" $OpenBSD: CMS_compress.3,v 1.7 2019/11/02 15:39:46 schwarze Exp $ -.\" full merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2019 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2008 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 2 2019 $ -.Dt CMS_COMPRESS 3 -.Os -.Sh NAME -.Nm CMS_compress -.Nd create a CMS CompressedData structure -.Sh SYNOPSIS -.In openssl/cms.h -.Ft CMS_ContentInfo * -.Fo CMS_compress -.Fa "BIO *in" -.Fa "int comp_nid" -.Fa "unsigned int flags" -.Fc -.Sh DESCRIPTION -.Fn CMS_compress -creates and returns a CMS -.Vt CompressedData -structure. -.Pp -.Fa comp_nid -is the compression algorithm to use or -.Dv NID_undef -to use the default algorithm. -Currently, the default algorithm -.Dv NID_zlib_compression -is the only supported algorithm. -If zlib support is not compiled in, -.Fn CMS_compress -always returns an error. -.Pp -.Fa in -provides the content to be compressed. -.Pp -Any of the following flags (OR'ed together) can be passed in the -.Fa flags -parameter: -.Bl -tag -width Ds -.It Dv CMS_TEXT -Prepend MIME headers for type text/plain to the data. -.It Dv CMS_BINARY -Do not translate the supplied content into MIME canonical format, -even though that is required by the S/MIME specifications. -This option should be used if the supplied data is in binary format. -Otherwise, the translation will corrupt it. -If -.Dv CMS_BINARY -is set, -.Dv CMS_TEXT -is ignored. -.It Dv CMS_STREAM -Return a partial -.Vt CMS_ContentInfo -structure suitable for streaming I/O: no data is read from -.Fa in . -Several functions including -.Xr SMIME_write_CMS 3 , -.Xr i2d_CMS_bio_stream 3 , -or -.Xr PEM_write_bio_CMS_stream 3 -can be used to finalize the structure. -Alternatively, finalization can be performed by obtaining the streaming -ASN1 -.Vt BIO -directly using -.Xr BIO_new_CMS 3 . -Outputting the contents of the -.Vt CMS_ContentInfo -structure via a function that does not -properly finalize it will give unpredictable results. -.It Dv CMS_DETACHED -Do not include the compressed data in the -.Vt CMS_ContentInfo -structure. -This is rarely used in practice and is not supported by -.Xr SMIME_write_CMS 3 . -.El -.Pp -Additional compression parameters such as the zlib compression level -cannot currently be set. -.Sh RETURN VALUES -.Fn CMS_compress -returns either a -.Vt CMS_ContentInfo -structure or -.Dv NULL -if an error occurred. -The error can be obtained from -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr CMS_ContentInfo_new 3 , -.Xr CMS_uncompress 3 -.Sh STANDARDS -RFC 3274: Compressed Data Content Type for Cryptographic Message Syntax (CMS) -.Sh HISTORY -.Fn CMS_compress -first appeared in OpenSSL 0.9.8h -and has been available since -.Ox 6.7 . -.Pp -The -.Dv CMS_STREAM -flag first appeared in OpenSSL 1.0.0. diff --git a/src/lib/libcrypto/man/CMS_decrypt.3 b/src/lib/libcrypto/man/CMS_decrypt.3 deleted file mode 100644 index 243ab2f30e..0000000000 --- a/src/lib/libcrypto/man/CMS_decrypt.3 +++ /dev/null @@ -1,226 +0,0 @@ -.\" $OpenBSD: CMS_decrypt.3,v 1.8 2019/11/02 15:39:46 schwarze Exp $ -.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2019 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2008, 2014 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 2 2019 $ -.Dt CMS_DECRYPT 3 -.Os -.Sh NAME -.Nm CMS_decrypt , -.Nm CMS_decrypt_set1_pkey , -.Nm CMS_decrypt_set1_key -.Nd decrypt content from a CMS EnvelopedData structure -.Sh SYNOPSIS -.In openssl/cms.h -.Ft int -.Fo CMS_decrypt -.Fa "CMS_ContentInfo *cms" -.Fa "EVP_PKEY *private_key" -.Fa "X509 *certificate" -.Fa "BIO *dcont" -.Fa "BIO *out" -.Fa "unsigned int flags" -.Fc -.Ft int -.Fo CMS_decrypt_set1_pkey -.Fa "CMS_ContentInfo *cms" -.Fa "EVP_PKEY *private_key" -.Fa "X509 *certificate" -.Fc -.Ft int -.Fo CMS_decrypt_set1_key -.Fa "CMS_ContentInfo *cms" -.Fa "unsigned char *symmetric_key" -.Fa "size_t keylen" -.Fa "const unsigned char *id" -.Fa "size_t idlen" -.Fc -.Sh DESCRIPTION -.Fn CMS_decrypt -extracts and decrypts the content from the CMS -.Vt EnvelopedData -structure -.Fa cms -using the -.Fa private_key -and the -.Fa certificate -of the recipient. -It writes the decrypted content to -.Fa out . -.Pp -In the rare case where the compressed content is detached, pass it in via -.Fa dcont . -For normal use, set -.Fa dcont -to -.Dv NULL . -.Pp -Although the recipient's -.Fa certificate -is not needed to decrypt the data, it is needed to locate the -appropriate (of possibly several) recipients in the CMS structure. -.Pp -If the -.Fa certificate -is set to -.Dv NULL , -all possible recipients are tried. -This case however is problematic. -To thwart the MMA attack (Bleichenbacher's attack on PKCS #1 v1.5 RSA -padding), all recipients are tried whether they succeed or not. -If no recipient succeeds, a random symmetric key is used to decrypt -the content: this will typically output garbage and may (but is not -guaranteed to) ultimately return a padding error only. -If -.Fn CMS_decrypt -just returned an error when all recipient encrypted keys failed to -decrypt, an attacker could use this in a timing attack. -If the special flag -.Dv CMS_DEBUG_DECRYPT -is set, the above behaviour is modified and an error -.Em is -returned if no recipient encrypted key can be decrypted -.Em without -generating a random content encryption key. -Applications should use this flag with extreme caution -especially in automated gateways as it can leave them open to attack. -.Pp -It is possible to determine the correct recipient key by other means -(for example by looking them up in a database) and setting them in the -.Fa cms -structure in advance using the CMS utility functions such as -.Fn CMS_decrypt_set1_pkey . -In this case both -.Fa certificate -and -.Fa private_key -should be set to -.Dv NULL -when calling -.Fn CMS_decrypt -later on. -.Pp -To process -.Vt KEKRecipientInfo -types, -.Fn CMS_decrypt_set1_key -or -.Xr CMS_RecipientInfo_set0_key 3 -and -.Xr CMS_RecipientInfo_decrypt 3 -should be called before -.Fn CMS_decrypt -and -.Fa certificate -and -.Fa private_key -set to -.Dv NULL -when calling -.Fn CMS_decrypt -later on. -.Pp -If the -.Dv CMS_TEXT -bit is set in -.Fa flags , -MIME headers for type text/plain are deleted from the content. -If the content is not of type text/plain, an error occurs. -.Sh RETURN VALUES -.Fn CMS_decrypt , -.Fn CMS_decrypt_set1_pkey , -and -.Fn CMS_decrypt_set1_key -return 1 for success or 0 for failure. -The error can be obtained from -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr CMS_ContentInfo_new 3 , -.Xr CMS_encrypt 3 , -.Xr CMS_get0_RecipientInfos 3 -.Sh STANDARDS -RFC 5652: Cryptographic Message Syntax (CMS) -.Bl -dash -compact -offset indent -.It -section 6.1: EnvelopedData Type -.It -section 6.2.3: KEKRecipientInfo Type -.El -.Sh HISTORY -.Fn CMS_decrypt , -.Fn CMS_decrypt_set1_pkey , -and -.Fn CMS_decrypt_set1_key -first appeared in OpenSSL 0.9.8h -and have been available since -.Ox 6.7 . -.Sh BUGS -The lack of single pass processing and the need to hold all data in -memory as mentioned in -.Xr CMS_verify 3 -also applies to -.Fn CMS_decrypt . diff --git a/src/lib/libcrypto/man/CMS_encrypt.3 b/src/lib/libcrypto/man/CMS_encrypt.3 deleted file mode 100644 index 03d8b4edbb..0000000000 --- a/src/lib/libcrypto/man/CMS_encrypt.3 +++ /dev/null @@ -1,191 +0,0 @@ -.\" $OpenBSD: CMS_encrypt.3,v 1.7 2019/11/02 15:39:46 schwarze Exp $ -.\" full merge up to: OpenSSL 83cf7abf May 29 13:07:08 2018 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2008 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 2 2019 $ -.Dt CMS_ENCRYPT 3 -.Os -.Sh NAME -.Nm CMS_encrypt -.Nd create a CMS EnvelopedData structure -.Sh SYNOPSIS -.In openssl/cms.h -.Ft CMS_ContentInfo * -.Fo CMS_encrypt -.Fa "STACK_OF(X509) *certificates" -.Fa "BIO *in" -.Fa "const EVP_CIPHER *cipher" -.Fa "unsigned int flags" -.Fc -.Sh DESCRIPTION -.Fn CMS_encrypt -creates a CMS -.Vt EnvelopedData -structure, encrypting the content provided by -.Fa in . -.Pp -The recipient -.Fa certificates -are added as -.Vt KeyTransRecipientInfo -structures by calling the function -.Xr CMS_add1_recipient_cert 3 -internally. -Only certificates carrying RSA, Diffie-Hellman or EC keys are supported -by this function. -The -.Fa certificates -argument can be set to -.Dv NULL -if the -.Dv CMS_PARTIAL -flag is set and recipients are added later using -.Xr CMS_add1_recipient_cert 3 -or -.Xr CMS_add0_recipient_key 3 . -.Pp -.Fa cipher -is the symmetric cipher to use. -It must support ASN.1 encoding of its parameters. -.Xr EVP_des_ede3_cbc 3 -(triple DES) is the algorithm of choice for S/MIME use because most -clients support it. -.Pp -Many browsers implement a "sign and encrypt" option which is simply an -S/MIME -.Vt EnvelopedData -containing an S/MIME signed message. -This can be readily produced by storing the S/MIME signed message in a -memory BIO and passing it to -.Fn CMS_encrypt . -.Pp -The following flags can be passed in the -.Fa flags -parameter: -.Bl -tag -width Ds -.It Dv CMS_TEXT -MIME headers for type text/plain are prepended to the data. -.It Dv CMS_BINARY -Do not translate the supplied content into MIME canonical format -even though that is required by the S/MIME specifications. -This option should be used if the supplied data is in binary format. -Otherwise, the translation will corrupt it. -If -.Dv CMS_BINARY -is set, then -.Dv CMS_TEXT -is ignored. -.It Dv CMS_USE_KEYID -Use the subject key identifier value to identify recipient certificates. -An error occurs if all recipient certificates do not have a subject key -identifier extension. -By default, issuer name and serial number are used instead. -.It Dv CMS_STREAM -Return a partial -.Vt CMS_ContentInfo -structure suitable for streaming I/O: no data is read from the BIO -.Fa in . -Several functions including -.Xr SMIME_write_CMS 3 , -.Xr i2d_CMS_bio_stream 3 , -or -.Xr PEM_write_bio_CMS_stream 3 -can be used to finalize the structure. -Alternatively, finalization can be performed by obtaining the streaming -ASN1 -.Vt BIO -directly using -.Xr BIO_new_CMS 3 . -Outputting the content of the returned -.Vt CMS_ContentInfo -structure via a function that does not properly finalize it -will give unpredictable results. -.It Dv CMS_PARTIAL -Return a partial -.Vt CMS_ContentInfo -structure to which additional recipients and attributes can -be added before finalization. -.It Dv CMS_DETACHED -Omit the data being encrypted from the -.Vt CMS_ContentInfo -structure. -This is rarely used in practice and is not supported by -.Xr SMIME_write_CMS 3 . -.El -.Sh RETURN VALUES -.Fn CMS_encrypt -returns either a -.Vt CMS_ContentInfo -structure or -.Dv NULL -if an error occurred. -The error can be obtained from -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr CMS_add0_cert 3 , -.Xr CMS_add1_recipient_cert 3 , -.Xr CMS_ContentInfo_new 3 , -.Xr CMS_decrypt 3 -.Sh STANDARDS -RFC 5652: Cryptographic Message Syntax (CMS) -.Bl -dash -compact -offset indent -.It -section 6.1: EnvelopedData Type -.It -section 6.2.1: KeyTransRecipientInfo Type -.El -.Sh HISTORY -.Fn CMS_encrypt -first appeared in OpenSSL 0.9.8h -and has been available since -.Ox 6.7 . -.Pp -The -.Dv CMS_STREAM -flag first appeared in OpenSSL 1.0.0. diff --git a/src/lib/libcrypto/man/CMS_final.3 b/src/lib/libcrypto/man/CMS_final.3 deleted file mode 100644 index 4ca8945923..0000000000 --- a/src/lib/libcrypto/man/CMS_final.3 +++ /dev/null @@ -1,101 +0,0 @@ -.\" $OpenBSD: CMS_final.3,v 1.6 2019/11/02 15:39:46 schwarze Exp $ -.\" full merge up to: OpenSSL 25ccb589 Jul 1 02:02:06 2019 +0800 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2008 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 2 2019 $ -.Dt CMS_FINAL 3 -.Os -.Sh NAME -.Nm CMS_final -.Nd finalise a CMS_ContentInfo structure -.Sh SYNOPSIS -.In openssl/cms.h -.Ft int -.Fo CMS_final -.Fa "CMS_ContentInfo *cms" -.Fa "BIO *data" -.Fa "BIO *dcont" -.Fa "unsigned int flags" -.Fc -.Sh DESCRIPTION -.Fn CMS_final -finalises the structure -.Fa cms . -Its purpose is to perform any operations necessary on -.Fa cms -(digest computation for example) and set the appropriate fields. -The parameter -.Fa data -contains the content to be processed. -The -.Fa dcont -parameter contains a -.Vt BIO -to write content to after processing: this is -only used with detached data and will usually be set to -.Dv NULL . -.Pp -This function will normally be called when the -.Dv CMS_PARTIAL -flag is used. -It should only be used when streaming is not performed because the -streaming I/O functions perform finalisation operations internally. -.Sh RETURN VALUES -.Fn CMS_final -returns 1 for success or 0 for failure. -.Sh SEE ALSO -.Xr CMS_ContentInfo_new 3 , -.Xr CMS_encrypt 3 , -.Xr CMS_sign 3 , -.Xr ERR_get_error 3 -.Sh HISTORY -.Fn CMS_final -first appeared in OpenSSL 0.9.8h -and has been available since -.Ox 6.7 . diff --git a/src/lib/libcrypto/man/CMS_get0_RecipientInfos.3 b/src/lib/libcrypto/man/CMS_get0_RecipientInfos.3 deleted file mode 100644 index 094d6ec487..0000000000 --- a/src/lib/libcrypto/man/CMS_get0_RecipientInfos.3 +++ /dev/null @@ -1,328 +0,0 @@ -.\" $OpenBSD: CMS_get0_RecipientInfos.3,v 1.8 2022/03/31 17:27:16 naddy Exp $ -.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2008, 2013 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 31 2022 $ -.Dt CMS_GET0_RECIPIENTINFOS 3 -.Os -.Sh NAME -.Nm CMS_get0_RecipientInfos , -.Nm CMS_RecipientInfo_type , -.Nm CMS_RecipientInfo_ktri_get0_signer_id , -.Nm CMS_RecipientInfo_ktri_cert_cmp , -.Nm CMS_RecipientInfo_set0_pkey , -.Nm CMS_RecipientInfo_kekri_get0_id , -.Nm CMS_RecipientInfo_kekri_id_cmp , -.Nm CMS_RecipientInfo_set0_key , -.Nm CMS_RecipientInfo_decrypt , -.Nm CMS_RecipientInfo_encrypt -.Nd CMS EnvelopedData RecipientInfo routines -.Sh SYNOPSIS -.In openssl/cms.h -.Ft STACK_OF(CMS_RecipientInfo) * -.Fo CMS_get0_RecipientInfos -.Fa "CMS_ContentInfo *cms" -.Fc -.Ft int -.Fo CMS_RecipientInfo_type -.Fa "CMS_RecipientInfo *ri" -.Fc -.Ft int -.Fo CMS_RecipientInfo_ktri_get0_signer_id -.Fa "CMS_RecipientInfo *ri" -.Fa "ASN1_OCTET_STRING **keyid" -.Fa "X509_NAME **issuer" -.Fa "ASN1_INTEGER **sno" -.Fc -.Ft int -.Fo CMS_RecipientInfo_ktri_cert_cmp -.Fa "CMS_RecipientInfo *ri" -.Fa "X509 *certificate" -.Fc -.Ft int -.Fo CMS_RecipientInfo_set0_pkey -.Fa "CMS_RecipientInfo *ri" -.Fa "EVP_PKEY *pkey" -.Fc -.Ft int -.Fo CMS_RecipientInfo_kekri_get0_id -.Fa "CMS_RecipientInfo *ri" -.Fa "X509_ALGOR **palg" -.Fa "ASN1_OCTET_STRING **pid" -.Fa "ASN1_GENERALIZEDTIME **pdate" -.Fa "ASN1_OBJECT **potherid" -.Fa "ASN1_TYPE **pothertype" -.Fc -.Ft int -.Fo CMS_RecipientInfo_kekri_id_cmp -.Fa "CMS_RecipientInfo *ri" -.Fa "const unsigned char *id" -.Fa "size_t idlen" -.Fc -.Ft int -.Fo CMS_RecipientInfo_set0_key -.Fa "CMS_RecipientInfo *ri" -.Fa "unsigned char *key" -.Fa "size_t keylen" -.Fc -.Ft int -.Fo CMS_RecipientInfo_decrypt -.Fa "CMS_ContentInfo *cms" -.Fa "CMS_RecipientInfo *ri" -.Fc -.Ft int -.Fo CMS_RecipientInfo_encrypt -.Fa "CMS_ContentInfo *cms" -.Fa "CMS_RecipientInfo *ri" -.Fc -.Sh DESCRIPTION -.Fn CMS_get0_RecipientInfos -returns all the -.Vt RecipientInfo -structures associated with the -.Vt EnvelopedData -structure -.Fa cms . -.Pp -.Fn CMS_RecipientInfo_type -returns the type of -.Fa ri : -.Bl -column CMS_RECIPINFO_TRANS for -compact -.It Dv CMS_RECIPINFO_TRANS Ta for Ta Vt KeyTransRecipientInfo , -.It Dv CMS_RECIPINFO_AGREE Ta for Ta Vt KeyAgreeRecipientInfo , -.It Dv CMS_RECIPINFO_KEK Ta for Ta Vt KEKRecipientInfo , -.It Dv CMS_RECIPINFO_PASS Ta for Ta Vt PasswordRecipientinfo , No or -.It Dv CMS_RECIPINFO_OTHER Ta for Ta Vt OtherRecipientInfo . -.El -.Pp -.Fn CMS_RecipientInfo_ktri_get0_signer_id -retrieves the certificate -.Vt RecipientIdentifier -associated with the -.Vt KeyTransRecipientInfo -structure -.Fa ri . -Either the -.Vt SubjectKeyIdentifier -will be set in -.Fa keyid -or both issuer name and serial number in -.Fa issuer -and -.Fa sno . -.Pp -.Fn CMS_RecipientInfo_ktri_cert_cmp -compares the -.Fa certificate -against the -.Vt KeyTransRecipientInfo -structure -.Fa ri . -.Pp -.Fn CMS_RecipientInfo_set0_pkey -associates the private key -.Fa pkey -with the -.Vt KeyTransRecipientInfo -structure -.Fa ri . -.Pp -.Fn CMS_RecipientInfo_kekri_get0_id -retrieves the key information from the -.Vt KEKRecipientInfo -structure -.Fa ri . -Fields are copied out as follows: -.Bl -column keyEncryptionAlgorithm to -compact -.It Fa keyEncryptionAlgorithm Ta to Ta Pf * Fa palg , -.It Fa keyIdentifier Ta to Ta Pf * Fa pid , -.It Fa date Ta to Ta Pf * Fa pdate Pq optional , -.It Fa other.keyAttrId Ta to Ta Pf * Fa potherid Pq optional , -.It Fa other.keyAttr Ta to Ta Pf * Fa pothertype Pq optional . -.El -Where a field is optional and absent, -.Dv NULL -is written to the corresponding parameter. -Parameters the application is not interested in can be set to -.Dv NULL . -.Pp -.Fn CMS_RecipientInfo_kekri_id_cmp -compares the identifier in the -.Fa id -and -.Fa idlen -parameters against the -.Fa keyIdentifier -field of the -.Vt KEKRecipientInfo -structure -.Fa ri . -.Pp -.Fn CMS_RecipientInfo_set0_key -associates the symmetric -.Fa key -of length -.Fa keylen -with the -.Vt KEKRecipientInfo -structure -.Fa ri . -.Pp -.Fn CMS_RecipientInfo_decrypt -attempts to decrypt the -.Vt RecipientInfo -structure -.Fa ri -in -.Fa cms . -A key must have been associated with -.Fa ri -first. -.Pp -.Fn CMS_RecipientInfo_encrypt -attempts to encrypt the -.Vt RecipientInfo -structure -.Fa ri -in -.Fa cms . -A key must have been associated with -.Fa ri -first and the content encryption key must be available, -for example by a previous call to -.Fn CMS_RecipientInfo_decrypt . -.Pp -The main purpose of these functions is to enable an application to -lookup recipient keys using any appropriate technique when the simpler -method of -.Xr CMS_decrypt 3 -is not appropriate. -.Pp -In typical usage, an application retrieves all -.Vt CMS_RecipientInfo -structures using -.Fn CMS_get0_RecipientInfos -and checks the type of each using -.Fn CMS_RecipientInfo_type . -Depending on the type, the -.Vt CMS_RecipientInfo -structure can be ignored or its key identifier data retrieved using -an appropriate function. -If the corresponding secret or private key can be obtained by any -appropriate means, it can then be associated with the structure and -.Fn CMS_RecipientInfo_decrypt -called. -If successful, -.Xr CMS_decrypt 3 -can be called with a -.Dv NULL -key to decrypt the enveloped content. -.Pp -The function -.Fn CMS_RecipientInfo_encrypt -can be used to add a new recipient to an existing enveloped data -structure. -Typically an application will first decrypt an appropriate -.Vt CMS_RecipientInfo -structure to make the content encrypt key available. -It will then add a new recipient using a function such as -.Xr CMS_add1_recipient_cert 3 -and finally encrypt the content encryption key using -.Fn CMS_RecipientInfo_encrypt . -.Sh RETURN VALUES -.Fn CMS_get0_RecipientInfos -returns an internal pointer to all the -.Vt CMS_RecipientInfo -structures, or -.Dv NULL -if an error occurs. -.Pp -.Fn CMS_RecipientInfo_type -returns an integer constant. -.Pp -.Fn CMS_RecipientInfo_ktri_get0_signer_id , -.Fn CMS_RecipientInfo_set0_pkey , -.Fn CMS_RecipientInfo_kekri_get0_id , -.Fn CMS_RecipientInfo_set0_key , -.Fn CMS_RecipientInfo_decrypt , -and -.Fn CMS_RecipientInfo_encrypt -return 1 for success or 0 if an error occurs. -.Pp -.Fn CMS_RecipientInfo_ktri_cert_cmp -and -.Fn CMS_RecipientInfo_kekri_id_cmp -return 0 when -.Fa ri -matches or non-zero otherwise. -.Pp -Any error can be obtained from -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr CMS_ContentInfo_new 3 , -.Xr CMS_decrypt 3 -.Sh STANDARDS -RFC 5652 Cryptographic Message Syntax (CMS): -.Bl -dash -compact -offset indent -.It -section 6.1: EnvelopedData Type -.It -section 6.2: RecipientInfo Type -.It -section 6.2.1: KeyTransRecipientInfo Type -.It -section 6.2.3: KEKRecipientInfo Type -.El -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.8h, -except that -.Fn CMS_RecipientInfo_encrypt -first appeared in OpenSSL 1.0.2. -They have been available since -.Ox 6.7 . diff --git a/src/lib/libcrypto/man/CMS_get0_SignerInfos.3 b/src/lib/libcrypto/man/CMS_get0_SignerInfos.3 deleted file mode 100644 index 017fdd40f2..0000000000 --- a/src/lib/libcrypto/man/CMS_get0_SignerInfos.3 +++ /dev/null @@ -1,214 +0,0 @@ -.\" $OpenBSD: CMS_get0_SignerInfos.3,v 1.9 2024/01/22 14:00:13 tb Exp $ -.\" full merge up to: OpenSSL 83cf7abf May 29 13:07:08 2018 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2008, 2013 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: January 22 2024 $ -.Dt CMS_GET0_SIGNERINFOS 3 -.Os -.Sh NAME -.Nm CMS_get0_SignerInfos , -.Nm CMS_SignerInfo_get_version , -.Nm CMS_SignerInfo_get0_signer_id , -.Nm CMS_SignerInfo_get0_signature , -.Nm CMS_SignerInfo_cert_cmp , -.Nm CMS_SignerInfo_set1_signer_cert -.Nd CMS SignedData signer functions -.Sh SYNOPSIS -.In openssl/cms.h -.Ft STACK_OF(CMS_SignerInfo) * -.Fo CMS_get0_SignerInfos -.Fa "CMS_ContentInfo *cms" -.Fc -.Ft int -.Fo CMS_SignerInfo_get_version -.Fa "CMS_SignerInfo *si" -.Fa "long *version" -.Fc -.Ft int -.Fo CMS_SignerInfo_get0_signer_id -.Fa "CMS_SignerInfo *si" -.Fa "ASN1_OCTET_STRING **keyid" -.Fa "X509_NAME **issuer" -.Fa "ASN1_INTEGER **sno" -.Fc -.Ft ASN1_OCTET_STRING * -.Fo CMS_SignerInfo_get0_signature -.Fa "CMS_SignerInfo *si" -.Fc -.Ft int -.Fo CMS_SignerInfo_cert_cmp -.Fa "CMS_SignerInfo *si" -.Fa "X509 *certificate" -.Fc -.Ft void -.Fo CMS_SignerInfo_set1_signer_cert -.Fa "CMS_SignerInfo *si" -.Fa "X509 *signer" -.Fc -.Sh DESCRIPTION -.Fn CMS_get0_SignerInfos -returns all the -.Vt SignerInfo -structures associated with the -.Vt SignedData -structure -.Fa cms . -.Pp -.Fn CMS_SignerInfo_get_version -sets -.Pf * Fa version -to the syntax version number of the -.Vt SignerInfo -structure -.Fa si . -.Pp -.Fn CMS_SignerInfo_get0_signer_id -retrieves the certificate -.Vt SignerIdentifier -associated with the -.Vt SignerInfo -structure -.Fa si . -Either the -.Vt SubjectKeyIdentifier -will be set in -.Fa keyid -or both issuer name and serial number in -.Fa issuer -and -.Fa sno . -.Pp -.Fn CMS_SignerInfo_get0_signature -retrieves the -.Fa signature -field of -.Fa si . -The application program is allowed to modify the data pointed to. -.Pp -.Fn CMS_SignerInfo_cert_cmp -compares the -.Fa certificate -against the signer identifier of -.Fa si . -.Pp -.Fn CMS_SignerInfo_set1_signer_cert -sets the signer certificate of -.Fa si -to -.Fa signer . -.Pp -The main purpose of these functions is to enable an application to -look up signer certificates using any appropriate technique when the -simpler method of -.Xr CMS_verify 3 -is not appropriate. -.Pp -In typical usage, an application retrieves all -.Vt CMS_SignerInfo -structures using -.Fn CMS_get0_SignerInfos -and retrieves the identifier information using CMS. -It will then obtain the signer certificate by some unspecified means -(or return and error if it cannot be found) and set it using -.Fn CMS_SignerInfo_set1_signer_cert . -Once all signer certificates have been set, -.Xr CMS_verify 3 -can be used. -.Sh RETURN VALUES -.Fn CMS_get0_SignerInfos -returns an internal pointer to all the -.Vt CMS_SignerInfo -structures, or -.Dv NULL -if there are no signers or if -.Fa cms -is not of the type -.Vt SignedData . -.Pp -.Fn CMS_SignerInfo_get_version -always succeeds and returns 1. -.Pp -.Fn CMS_SignerInfo_get0_signer_id -returns 1 for success or 0 for failure. -.Pp -.Fn CMS_SignerInfo_get0_signature -returns an internal pointer to the signature. -.Pp -.Fn CMS_SignerInfo_cert_cmp -returns 0 for a match or non-zero otherwise. -.Pp -Any error can be obtained from -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr CMS_ContentInfo_new 3 , -.Xr CMS_signed_add1_attr 3 , -.Xr CMS_verify 3 -.Sh STANDARDS -RFC 5652: Cryptographic Message Syntax (CMS) -.Bl -dash -compact -offset indent -.It -section 5.1: SignedData Type -.It -section 5.3: SignerInfo Type -.El -.Sh HISTORY -.Fn CMS_get0_SignerInfos , -.Fn CMS_SignerInfo_get0_signer_id , -.Fn CMS_SignerInfo_cert_cmp , -and -.Fn CMS_SignerInfo_set1_signer_cert -first appeared in OpenSSL 0.9.8h and -.Fn CMS_SignerInfo_get0_signature -in OpenSSL 1.0.2. -These functions have been available since -.Ox 6.7 . -.Pp -.Fn CMS_SignerInfo_get_version -first appeared in -.Ox 7.4 . diff --git a/src/lib/libcrypto/man/CMS_get0_type.3 b/src/lib/libcrypto/man/CMS_get0_type.3 deleted file mode 100644 index 55adacd86d..0000000000 --- a/src/lib/libcrypto/man/CMS_get0_type.3 +++ /dev/null @@ -1,226 +0,0 @@ -.\" $OpenBSD: CMS_get0_type.3,v 1.9 2023/07/27 05:31:28 tb Exp $ -.\" full merge up to: OpenSSL 72a7a702 Feb 26 14:05:09 2019 +0000 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2019 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2008, 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 27 2023 $ -.Dt CMS_GET0_TYPE 3 -.Os -.Sh NAME -.Nm CMS_get0_type , -.Nm CMS_get_version , -.Nm CMS_set1_eContentType , -.Nm CMS_get0_eContentType , -.Nm CMS_get0_content -.Nd get and set CMS content types and content -.Sh SYNOPSIS -.In openssl/cms.h -.Ft const ASN1_OBJECT * -.Fo CMS_get0_type -.Fa "const CMS_ContentInfo *cms" -.Fc -.Ft int -.Fo CMS_get_version -.Fa "const CMS_ContentInfo *cms" -.Fa "long *version" -.Fc -.Ft int -.Fo CMS_set1_eContentType -.Fa "CMS_ContentInfo *cms" -.Fa "const ASN1_OBJECT *oid" -.Fc -.Ft const ASN1_OBJECT * -.Fo CMS_get0_eContentType -.Fa "CMS_ContentInfo *cms" -.Fc -.Ft ASN1_OCTET_STRING ** -.Fo CMS_get0_content -.Fa "CMS_ContentInfo *cms" -.Fc -.Sh DESCRIPTION -.Fn CMS_get0_type -returns the content type of the -.Vt ContentInfo -structure -.Fa cms . -The -.Vt ASN1_OBJECT -value returned can be converted to an integer NID value using -.Xr OBJ_obj2nid 3 . -The following content types are identified by the following NIDs: -.Pp -.Bl -column AuthenticatedData NID_id_smime_ct_compressedData -compact -.It Vt SignedData Ta Dv NID_pkcs7_signed -.It Vt EnvelopedData Ta Dv NID_pkcs7_enveloped -.It Vt DigestedData Ta Dv NID_pkcs7_digest -.It Vt EncryptedData Ta Dv NID_pkcs7_encrypted -.It Vt AuthenticatedData Ta Dv NID_id_smime_ct_authData -.It Vt CompressedData Ta Dv NID_id_smime_ct_compressedData -.It arbitrary data Ta Dv NID_pkcs7_data -.El -.Pp -The -.Vt SignedData , -.Vt DigestedData , -.Vt AuthenticatedData , -and -.Vt CompressedData -types contain a field -.Fa encapContentInfo -to allow embedding content, and -.Vt EnvelopedData -and -.Vt EncryptedData -contain a field -.Fa encryptedContentInfo -for that purpose. -The type of the embedded content to be stored in that field can be -set with the function -.Fn CMS_set1_eContentType , -to be called on -.Fa cms -structures returned from functions such as -.Xr CMS_sign 3 -or -.Xr CMS_encrypt 3 -with the -.Dv CMS_PARTIAL -flag set and -.Em before -the structure is finalised; otherwise the results are undefined. -.Fn CMS_set1_eContentType -copies the supplied -.Fa oid , -so it should be freed up after use. -.Pp -.Fn CMS_get_version -sets -.Pf * Fa version -to the syntax version number of the -.Vt ContentInfo -structure -.Fa cms . -The version is a number between 0 and 5 and is defined for all the -above content types except for arbitrary data. -For arbitrary data and unsupported content types -.Fn CMS_get_version -fails and the content of -.Pf * Fa version -is unspecified. -.Pp -.Fn CMS_get0_eContentType -returns the type of the embedded content. -.Pp -.Fn CMS_get0_content -returns a pointer to the storage location where the pointer to the -embedded content is stored. -That means that for example after -.Pp -.Dl ASN1_OCTET_STRING **pconf = CMS_get0_content(cms); -.Pp -.Pf * Va pconf -could be -.Dv NULL -if there is no embedded content. -Applications can access, modify or create the embedded content in a -.Vt CMS_ContentInfo -structure using this function. -Applications usually will not need to modify the embedded content as it -is normally set by higher level functions. -.Sh RETURN VALUES -.Fn CMS_get0_type -and -.Fn CMS_get0_eContentType -return internal pointers to -.Vt OBJECT IDENTIFIER -structures. -.Pp -.Fn CMS_get_version -returns 1 on success and 0 on failure. -.Pp -.Fn CMS_get0_content -returns an internal pointer to the storage location where the pointer -to the embedded content is stored. -.Pp -.Fn CMS_set1_eContentType -returns 1 for success or 0 if an error occurred. -The error can be obtained from -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr CMS_ContentInfo_new 3 , -.Xr d2i_CMS_ContentInfo 3 , -.Xr SMIME_read_CMS 3 -.Sh STANDARDS -RFC 5652: Cryptographic Message Syntax -.Pp -RFC 3274: Compressed Data Content Type for Cryptographic Message Syntax (CMS) -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.8h -and have been available since -.Ox 6.7 . -.Pp -.Fn CMS_get_version -first appeared in -.Ox 7.4 . diff --git a/src/lib/libcrypto/man/CMS_get1_ReceiptRequest.3 b/src/lib/libcrypto/man/CMS_get1_ReceiptRequest.3 deleted file mode 100644 index 9feedd13a2..0000000000 --- a/src/lib/libcrypto/man/CMS_get1_ReceiptRequest.3 +++ /dev/null @@ -1,198 +0,0 @@ -.\" $OpenBSD: CMS_get1_ReceiptRequest.3,v 1.7 2019/11/02 15:39:46 schwarze Exp $ -.\" full merge up to: OpenSSL 83cf7abf May 29 13:07:08 2018 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2008 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 2 2019 $ -.Dt CMS_GET1_RECEIPTREQUEST 3 -.Os -.Sh NAME -.Nm CMS_ReceiptRequest_create0 , -.Nm CMS_add1_ReceiptRequest , -.Nm CMS_get1_ReceiptRequest , -.Nm CMS_ReceiptRequest_get0_values -.Nd CMS signed receipt request functions -.Sh SYNOPSIS -.In openssl/cms.h -.Ft CMS_ReceiptRequest * -.Fo CMS_ReceiptRequest_create0 -.Fa "unsigned char *id" -.Fa "int idlen" -.Fa "int allorfirst" -.Fa "STACK_OF(GENERAL_NAMES) *receiptList" -.Fa "STACK_OF(GENERAL_NAMES) *receiptsTo" -.Fc -.Ft int -.Fo CMS_add1_ReceiptRequest -.Fa "CMS_SignerInfo *si" -.Fa "CMS_ReceiptRequest *rr" -.Fc -.Ft int -.Fo CMS_get1_ReceiptRequest -.Fa "CMS_SignerInfo *si" -.Fa "CMS_ReceiptRequest **prr" -.Fc -.Ft void -.Fo CMS_ReceiptRequest_get0_values -.Fa "CMS_ReceiptRequest *rr" -.Fa "ASN1_STRING **pcid" -.Fa "int *pallorfirst" -.Fa "STACK_OF(GENERAL_NAMES) **plist" -.Fa "STACK_OF(GENERAL_NAMES) **prto" -.Fc -.Sh DESCRIPTION -.Fn CMS_ReceiptRequest_create0 -creates a new -.Vt ReceiptRequest -structure. -The -.Fa signedContentIdentifier -field is set using -.Fa id -and -.Fa idlen , -or it is set to 32 bytes of pseudo random data if -.Fa id -is -.Dv NULL . -If -.Fa receiptList -is -.Dv NULL , -the -.Fa allOrFirstTier -option in the -.Fa receiptsFrom -field is set to the value of the -.Fa allorfirst -argument. -If -.Fa receiptList -is not -.Dv NULL , -the -.Fa receiptList -option in the -.Fa receiptsFrom -field is used. -The -.Fa receiptsTo -argument specifies the value of the -.Fa receiptsTo -field. -.Pp -.Fn CMS_add1_ReceiptRequest -adds a BER-encoded copy of -.Fa rr -to -.Fa si . -.Pp -.Fn CMS_get1_ReceiptRequest -looks for a signed receipt request in -.Fa si . -If any is found, it is decoded and written to -.Fa prr . -.Pp -.Fn CMS_ReceiptRequest_get0_values -retrieves the values of a receipt request. -The -.Fa signedContentIdentifier -is copied to -.Fa pcid . -If the -.Fa allOrFirstTier -option is used in the -.Fa receiptsFrom -field, its value is copied to -.Fa pallorfirst ; -otherwise the -.Fa receiptList -field is copied to -.Fa plist . -The -.Fa receiptsTo -field is copied to -.Fa prto . -.Pp -The contents of a signed receipt should only be considered meaningful if -the corresponding -.Vt CMS_ContentInfo -structure can be successfully verified using -.Xr CMS_verify 3 . -.Sh RETURN VALUES -.Fn CMS_ReceiptRequest_create0 -returns the new signed receipt request structure or -.Dv NULL -if an error occurred. -.Pp -.Fn CMS_add1_ReceiptRequest -returns 1 for success or 0 if an error occurred. -.Pp -.Fn CMS_get1_ReceiptRequest -returns 1 is a signed receipt request is found and decoded. -It returns 0 if a signed receipt request is not present or -1 if it is -present but malformed. -.Sh SEE ALSO -.Xr CMS_ContentInfo_new 3 , -.Xr CMS_sign 3 , -.Xr CMS_sign_receipt 3 , -.Xr CMS_verify 3 , -.Xr CMS_verify_receipt 3 , -.Xr ERR_get_error 3 -.Sh STANDARDS -RFC 2634: Enhanced Security Services for S/MIME, -section 2.7: Receipt Request Syntax -.Sh HISTORY -.Fn CMS_ReceiptRequest_create0 , -.Fn CMS_add1_ReceiptRequest , -.Fn CMS_get1_ReceiptRequest , -and -.Fn CMS_ReceiptRequest_get0_values -first appeared in OpenSSL 0.9.8h -and have been available since -.Ox 6.7 . diff --git a/src/lib/libcrypto/man/CMS_sign.3 b/src/lib/libcrypto/man/CMS_sign.3 deleted file mode 100644 index 5261c190a6..0000000000 --- a/src/lib/libcrypto/man/CMS_sign.3 +++ /dev/null @@ -1,246 +0,0 @@ -.\" $OpenBSD: CMS_sign.3,v 1.11 2024/04/18 16:50:22 tb Exp $ -.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2008 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: April 18 2024 $ -.Dt CMS_SIGN 3 -.Os -.Sh NAME -.Nm CMS_sign -.Nd create a CMS SignedData structure -.Sh SYNOPSIS -.In openssl/cms.h -.Ft CMS_ContentInfo * -.Fo CMS_sign -.Fa "X509 *signcert" -.Fa "EVP_PKEY *pkey" -.Fa "STACK_OF(X509) *certs" -.Fa "BIO *data" -.Fa "unsigned int flags" -.Fc -.Sh DESCRIPTION -.Fn CMS_sign -creates and returns a CMS -.Vt SignedData -structure. -.Fa signcert -is the certificate to sign with, -.Fa pkey -is the corresponding private key. -.Fa certs -is an optional additional set of certificates to include in the CMS -structure (for example any intermediate CAs in the chain). -Any or all of these parameters can be -.Dv NULL . -.Pp -The data to be signed is read from -.Fa data . -.Pp -Any of the following flags (OR'ed together) can be passed in the -.Fa flags -argument: -.Bl -tag -width Ds -.It Dv CMS_TEXT -Prepend MIME headers for the type text/plain to the data. -Many S/MIME clients expect the signed content to include valid MIME -headers. -.It Dv CMS_NOCERTS -Do not include the signer's certificate in the -.Vt CMS_ContentInfo -structure. -The signer's certificate must still be supplied in the -.Fa signcert -parameter though. -This can reduce the size of the signature if the signer's certificate can -be obtained by other means, for example from a previously signed message. -.It Dv CMS_DETACHED -Omit the data being signed from the -.Vt CMS_ContentInfo -structure. -This is used for -.Vt CMS_ContentInfo -detached signatures which are used in S/MIME plaintext signed messages -for example. -.It Dv CMS_BINARY -Do not translate the supplied content into MIME canonical format -even though that is required by the S/MIME specifications. -This option should be used if the supplied data is in binary format. -Otherwise the translation will corrupt it. -.It Dv CMS_NOATTR -Do not add any -.Vt SignedAttributes . -By default, the -.Fa signerInfos -field includes several CMS -.Vt SignedAttributes -including the signing time, the CMS content type, -and the supported list of ciphers in an -.Vt SMIMECapabilities -attribute. -.It Dv CMS_NOSMIMECAP -Omit just the -.Vt SMIMECapabilities . -If present, the SMIMECapabilities attribute indicates support for the -following algorithms in preference order: 256-bit AES, -192-bit AES, 128-bit AES, triple DES, 128-bit RC2, 64-bit -RC2, DES and 40-bit RC2. -If any of these algorithms is not available, then it will not be -included. -.It Dv CMS_USE_KEYID -Use the subject key identifier value to identify signing certificates. -An error occurs if the signing certificate does not have a subject key -identifier extension. -By default, issuer name and serial number are used instead. -.It Dv CMS_STREAM -Only initialize the returned -.Vt CMS_ContentInfo -structure to prepare it for performing the signing operation. -The signing is however -.Em not -performed and the data to be signed is not read from the -.Fa data -parameter. -Signing is deferred until after the data has been written. -In this way, data can be signed in a single pass. -The returned -.Vt CMS_ContentInfo -structure is -.Em not -complete and outputting its contents via a function that does not -properly finalize the -.Vt CMS_ContentInfo -structure will give unpredictable results. -Several functions including -.Xr SMIME_write_CMS 3 , -.Xr i2d_CMS_bio_stream 3 , -or -.Xr PEM_write_bio_CMS_stream 3 -finalize the structure. -Alternatively, finalization can be performed by obtaining the streaming -ASN1 -.Vt BIO -directly using -.Xr BIO_new_CMS 3 . -.It Dv CMS_PARTIAL -Output a partial -.Vt CMS_ContentInfo -structure to which additional signers and capabilities can be -added before finalization. -.El -.Pp -If a signer is specified, it will use the default digest for the signing -algorithm. -This is SHA1 for both RSA and DSA keys. -.Pp -If -.Fa signcert -and -.Fa pkey -are -.Dv NULL , -then a certificates only CMS structure is output. -.Pp -The function -.Fn CMS_sign -is a basic CMS signing function whose output will be suitable for many -purposes. -For finer control of the output format the -.Fa certs , -.Fa signcert -and -.Fa pkey -parameters can all be -.Dv NULL -and the -.Dv CMS_PARTIAL -flag set. -Then one or more signers can be added using the function -.Xr CMS_add1_signer 3 , -non default digests can be used and custom attributes added. -.Xr CMS_final 3 -must then be called to finalize the structure if streaming is not -enabled. -.Sh RETURN VALUES -.Fn CMS_sign -returns either a valid -.Vt CMS_ContentInfo -structure or -.Dv NULL -if an error occurred. -The error can be obtained from -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr CMS_add0_cert 3 , -.Xr CMS_add1_signer 3 , -.Xr CMS_ContentInfo_new 3 , -.Xr CMS_final 3 , -.Xr CMS_sign_receipt 3 , -.Xr CMS_verify 3 -.Sh STANDARDS -RFC 5652: Cryptographic Message Syntax (CMS) -.Bl -dash -compact -offset indent -.It -section 5.1: SignedData Type -.It -section 5.3: SignerInfo Type -.El -.Pp -RFC 8419: Use of Edwards-Curve Digital Signature Algorithm (EdDSA) Signatures -in the Cryptographic Message Syntax (CMS) -.Pp -RFC 8551: Secure/Multipurpose Internet Mail Extensions (S/MIME) -Version\ 4.0 Message Specification, -section 2.5.2: SMIMECapabilities Attribute -.Sh HISTORY -.Fn CMS_sign -first appeared in OpenSSL 0.9.8h -and has been available since -.Ox 6.7 . -.Sh BUGS -Some attributes such as counter signatures are not supported. diff --git a/src/lib/libcrypto/man/CMS_sign_receipt.3 b/src/lib/libcrypto/man/CMS_sign_receipt.3 deleted file mode 100644 index 6394957846..0000000000 --- a/src/lib/libcrypto/man/CMS_sign_receipt.3 +++ /dev/null @@ -1,119 +0,0 @@ -.\" $OpenBSD: CMS_sign_receipt.3,v 1.7 2019/11/02 15:39:46 schwarze Exp $ -.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2008 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 2 2019 $ -.Dt CMS_SIGN_RECEIPT 3 -.Os -.Sh NAME -.Nm CMS_sign_receipt -.Nd create a CMS signed receipt -.Sh SYNOPSIS -.In openssl/cms.h -.Ft CMS_ContentInfo * -.Fo CMS_sign_receipt -.Fa "CMS_SignerInfo *si" -.Fa "X509 *signcert" -.Fa "EVP_PKEY *pkey" -.Fa "STACK_OF(X509) *certs" -.Fa "unsigned int flags" -.Fc -.Sh DESCRIPTION -.Fn CMS_sign_receipt -creates a new CMS -.Vt SignedData -structure containing a signed -.Vt Receipt -as its embedded content. -.Fa si -is the -.Vt SignerInfo -structure containing the signed receipt request. -.Fa signcert -is the certificate to sign with, -.Fa pkey -is the corresponding private key. -.Fa certs -is an optional additional set of certificates to include in the CMS -structure (for example any intermediate CAs in the chain). -.Pp -This functions behaves in a similar way to -.Xr CMS_sign 3 -except that the -.Fa flags -values -.Dv CMS_DETACHED , -.Dv CMS_BINARY , -.Dv CMS_NOATTR , -.Dv CMS_TEXT , -and -.Dv CMS_STREAM -are not supported since they do not make sense in the context of -signed receipts. -.Sh RETURN VALUES -.Fn CMS_sign_receipt -returns either a valid -.Vt CMS_ContentInfo -structure or -.Dv NULL -if an error occurred. -The error can be obtained from -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr CMS_ContentInfo_new 3 , -.Xr CMS_get1_ReceiptRequest 3 , -.Xr CMS_sign 3 , -.Xr CMS_verify_receipt 3 -.Sh STANDARDS -RFC 2634: Enhanced Security Services for S/MIME, section 2.8: Receipt Syntax -.Sh HISTORY -.Fn CMS_sign_receipt -first appeared in OpenSSL 0.9.8h -and has been available since -.Ox 6.7 . diff --git a/src/lib/libcrypto/man/CMS_signed_add1_attr.3 b/src/lib/libcrypto/man/CMS_signed_add1_attr.3 deleted file mode 100644 index 1a50c0b9d1..0000000000 --- a/src/lib/libcrypto/man/CMS_signed_add1_attr.3 +++ /dev/null @@ -1,360 +0,0 @@ -.\" $OpenBSD: CMS_signed_add1_attr.3,v 1.5 2024/09/02 07:54:21 tb Exp $ -.\" -.\" Copyright (c) 2024 Job Snijders -.\" Copyright (c) 2024 Theo Buehler -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: September 2 2024 $ -.Dt CMS_SIGNED_ADD1_ATTR 3 -.Os -.Sh NAME -.Nm CMS_signed_add1_attr , -.Nm CMS_signed_add1_attr_by_NID , -.Nm CMS_signed_add1_attr_by_OBJ , -.Nm CMS_signed_add1_attr_by_txt , -.Nm CMS_signed_delete_attr , -.Nm CMS_signed_get0_data_by_OBJ , -.Nm CMS_signed_get_attr , -.Nm CMS_signed_get_attr_by_NID , -.Nm CMS_signed_get_attr_by_OBJ , -.Nm CMS_signed_get_attr_count , -.Nm CMS_unsigned_add1_attr , -.Nm CMS_unsigned_add1_attr_by_NID , -.Nm CMS_unsigned_add1_attr_by_OBJ , -.Nm CMS_unsigned_add1_attr_by_txt , -.Nm CMS_unsigned_delete_attr , -.Nm CMS_unsigned_get0_data_by_OBJ , -.Nm CMS_unsigned_get_attr , -.Nm CMS_unsigned_get_attr_by_NID , -.Nm CMS_unsigned_get_attr_by_OBJ , -.Nm CMS_unsigned_get_attr_count -.Nd change signed and unsigned attributes of a CMS SignerInfo object -.Sh SYNOPSIS -.In openssl/cms.h -.Ft int -.Fo CMS_signed_add1_attr -.Fa "CMS_SignerInfo *si" -.Fa "X509_ATTRIBUTE *attr" -.Fc -.Ft int -.Fo CMS_signed_add1_attr_by_NID -.Fa "CMS_SignerInfo *si" -.Fa "int nid" -.Fa "int type" -.Fa "const void *bytes" -.Fa "int len" -.Fc -.Ft int -.Fo CMS_signed_add1_attr_by_OBJ -.Fa "CMS_SignerInfo *si" -.Fa "const ASN1_OBJECT *obj" -.Fa "int type" -.Fa "const void *bytes" -.Fa "int len" -.Fc -.Ft int -.Fo CMS_signed_add1_attr_by_txt -.Fa "CMS_SignerInfo *si" -.Fa "const char *attrname" -.Fa "int type" -.Fa "const void *bytes" -.Fa "int len" -.Fc -.Ft "X509_ATTRIBUTE *" -.Fo CMS_signed_delete_attr -.Fa "CMS_SignerInfo *si" -.Fa "int loc" -.Fc -.Ft "void *" -.Fo CMS_signed_get0_data_by_OBJ -.Fa "CMS_SignerInfo *si" -.Fa "const ASN1_OBJECT *oid" -.Fa "int start_after" -.Fa "int type" -.Fc -.Ft "X509_ATTRIBUTE *" -.Fo CMS_signed_get_attr -.Fa "const CMS_SignerInfo *si" -.Fa "int loc" -.Fc -.Ft int -.Fo CMS_signed_get_attr_by_NID -.Fa "const CMS_SignerInfo *si" -.Fa "int nid" -.Fa "int start_after" -.Fc -.Ft int -.Fo CMS_signed_get_attr_by_OBJ -.Fa "const CMS_SignerInfo *si" -.Fa "const ASN1_OBJECT *obj" -.Fa "int start_after" -.Fc -.Ft int -.Fo CMS_signed_get_attr_count -.Fa "const CMS_SignerInfo *si" -.Fc -.Ft int -.Fo CMS_unsigned_add1_attr -.Fa "CMS_SignerInfo *si" -.Fa "X509_ATTRIBUTE *attr" -.Fc -.Ft int -.Fo CMS_unsigned_add1_attr_by_NID -.Fa "CMS_SignerInfo *si" -.Fa "int nid" -.Fa "int type" -.Fa "const void *bytes" -.Fa "int len" -.Fc -.Ft int -.Fo CMS_unsigned_add1_attr_by_OBJ -.Fa "CMS_SignerInfo *si" -.Fa "const ASN1_OBJECT *obj" -.Fa "int type" -.Fa "const void *bytes" -.Fa "int len" -.Fc -.Ft int -.Fo CMS_unsigned_add1_attr_by_txt -.Fa "CMS_SignerInfo *si" -.Fa "const char *attrname" -.Fa "int type" -.Fa "const void *bytes" -.Fa "int len" -.Fc -.Ft "X509_ATTRIBUTE *" -.Fo CMS_unsigned_delete_attr -.Fa "CMS_SignerInfo *si" -.Fa "int loc" -.Fc -.Ft "void *" -.Fo CMS_unsigned_get0_data_by_OBJ -.Fa "CMS_SignerInfo *si" -.Fa "ASN1_OBJECT *oid" -.Fa "int start_after" -.Fa "int type" -.Fc -.Ft "X509_ATTRIBUTE *" -.Fo CMS_unsigned_get_attr -.Fa "const CMS_SignerInfo *si" -.Fa "int loc" -.Fc -.Ft int -.Fo CMS_unsigned_get_attr_by_NID -.Fa "const CMS_SignerInfo *si" -.Fa "int nid" -.Fa "int start_after" -.Fc -.Ft int -.Fo CMS_unsigned_get_attr_by_OBJ -.Fa "const CMS_SignerInfo *si" -.Fa "const ASN1_OBJECT *obj" -.Fa "int start_after" -.Fc -.Ft int -.Fo CMS_unsigned_get_attr_count -.Fa "const CMS_SignerInfo *si" -.Fc -.Sh DESCRIPTION -A -.Em CMS_SignerInfo -object has two optional sets of X.501 attributes: -a set of signed attributes in the -.Fa signedAttrs -array and a set of unsigned attributes in the -.Fa unsignedAttrs -array. -The -.Fn CMS_signed_* -and -.Fn CMS_unsigned_* -functions are similar, except -.Fn CMS_signed_* -modifies the -.Vt CMS_SignerInfo -object's set of signed attributes and -.Fn CMS_unsigned_* -modifies the -.Vt CMS_SignerInfo -object's set of unsigned attributes. -For brevity only the -.Fn CMS_signed_* -functions are described below. -.Pp -.Fn CMS_signed_add1_attr -appends a deep copy of -.Fa attr -to the -.Fa signedAttrs -array of -.Fa si , -allocating a new array if necessary. -.Pp -.Fn CMS_signed_add1_attr_by_NID , -.Fn CMS_signed_add1_attr_by_OBJ , -and -.Fn CMS_signed_add1_attr_by_txt -create a new X.501 Attribute object using -.Xr X509_ATTRIBUTE_create_by_NID 3 , -.Xr X509_ATTRIBUTE_create_by_OBJ 3 , -or -.Xr X509_ATTRIBUTE_create_by_txt 3 , -respectively, -and append it to the -.Fa signedAttrs -array of -.Fa si . -.Pp -.Fn CMS_signed_delete_attr -deletes the element with the zero-based -.Fa loc -in -.Fa signedAttrs -of -.Fa si . -.Pp -.Fn CMS_signed_get0_data_by_OBJ , -.Fn CMS_signed_get_attr_by_NID , -and -.Fn CMS_signed_get_attr_by_OBJ -search the array starting after the index -.Fa start_after . -They fail if no matching object is found. -.Fn CMS_signed_get0_data_by_OBJ -also fails if the data is not of the requested -.Fa type . -.Pp -Additionally, the -.Fa start_after -argument of -.Fn CMS_signed_get0_data_by_OBJ -is interpreted in a special way. -If -.Fa start_after -is \-2 or smaller, the function also fails if the -.Fa signedAttrs -array of -.Fa si , -contains more than one matching object. -If -.Fa start_after -is \-3 or smaller, it also fails unless the matching object contains exactly -one value. -.Pp -.Fn CMS_signed_get_attr -returns the array element at the zero-based -.Fa loc . -It fails if the -.Fa loc -argument is negative or greater than or equal to the number of objects in the -array. -.Pp -.Fn CMS_signed_get_attr_count -returns the number of objects currently stored in the -.Fa signedAttrs -array of -.Fa si . -.Sh RETURN VALUES -.Fn CMS_signed_add1_attr , -.Fn CMS_signed_add1_attr_by_NID , -.Fn CMS_signed_add1_attr_by_OBJ , -.Fn CMS_signed_add1_attr_by_txt , -.Fn CMS_unsigned_add1_attr , -.Fn CMS_unsigned_add1_attr_by_NID , -.Fn CMS_unsigned_add1_attr_by_OBJ , -and -.Fn CMS_unsigned_add1_attr_by_txt -return 1 for success or 0 if an error occurs. -.Pp -.Fn CMS_signed_delete_attr -returns the deleted element or -.Dv NULL -if the -.Fa signedAttrs -array is -.Dv NULL , -or if the requested -.Fa loc -argument is negative, or greater than or equal to the number of objects in it. -.Pp -.Fn CMS_unsigned_delete_attr -returns the deleted element or -.Dv NULL -if the -.Fa unsignedAttrs -array is -.Dv NULL , -or if the requested -.Fa loc -argument is negative, or greater than or equal to the number of objects in it. -.Pp -.Fn CMS_signed_get0_data_by_OBJ -and -.Fn CMS_unsigned_get0_data_by_OBJ -return an internal pointer to the data contained in the value of the first -object that has an index greater than -.Fa start_after -and a type matching -.Fa type , -or NULL on failure. -.Pp -.Fn CMS_signed_get_attr -and -.Fn CMS_unsigned_get_attr -return an internal pointer or NULL on failure. -.Pp -.Fn CMS_signed_get_attr_by_NID , -.Fn CMS_signed_get_attr_by_OBJ , -.Fn CMS_unsigned_get_attr_by_NID , -and -.Fn CMS_unsigned_get_attr_by_OBJ -return the index of the first object in the array that has an index greater than -.Fa start_after -and a type matching -.Fa nid -or -.Fa oid , -respectively, or \-1 on failure. -In addition, -.Fn CMS_signed_get_attr_by_OBJ -and -.Fn CMS_unsigned_get_attr_by_OBJ -return \-2 if -.Xr OBJ_nid2obj 3 -fails on the requested -.Fa nid . -.Pp -.Fn CMS_signed_get_attr_count -and -.Fn CMS_unsigned_get_attr_count -return the number of array elements or \-1 on failure. -.Sh SEE ALSO -.Xr CMS_add1_signer 3 , -.Xr CMS_ContentInfo_new 3 , -.Xr CMS_get0_SignerInfos 3 , -.Xr OBJ_nid2obj 3 , -.Xr X509_ATTRIBUTE_create_by_OBJ 3 , -.Xr X509_ATTRIBUTE_new 3 -.Sh STANDARDS -RFC 5652: Cryptographic Message Syntax (CMS) -.Bl -dash -compact -offset indent -.It -section 5.3: SignerInfo Type -.It -section 11: Useful Attributes -.El -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.9 and have been available since -.Ox 6.6 . diff --git a/src/lib/libcrypto/man/CMS_uncompress.3 b/src/lib/libcrypto/man/CMS_uncompress.3 deleted file mode 100644 index ed2172521e..0000000000 --- a/src/lib/libcrypto/man/CMS_uncompress.3 +++ /dev/null @@ -1,115 +0,0 @@ -.\" $OpenBSD: CMS_uncompress.3,v 1.7 2019/11/02 15:39:46 schwarze Exp $ -.\" full merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2008 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 2 2019 $ -.Dt CMS_UNCOMPRESS 3 -.Os -.Sh NAME -.Nm CMS_uncompress -.Nd uncompress a CMS CompressedData structure -.Sh SYNOPSIS -.In openssl/cms.h -.Ft int -.Fo CMS_uncompress -.Fa "CMS_ContentInfo *cms" -.Fa "BIO *dcont" -.Fa "BIO *out" -.Fa "unsigned int flags" -.Fc -.Sh DESCRIPTION -.Fn CMS_uncompress -extracts and uncompresses the content of a CMS -.Vt CompressedData -structure -.Fa cms -and writes it to -.Fa out . -.Pp -In the rare case where the compressed content is detached, -pass it in via -.Fa dcont . -For normal use, set -.Fa dcont -to -.Dv NULL . -.Pp -The only currently supported compression algorithm is zlib: if the -structure indicates the use of any other algorithm, an error is returned. -If zlib support is not compiled in, -.Fn CMS_uncompress -always returns an error. -.Pp -If the -.Dv CMS_TEXT -bit is set in -.Fa flags , -MIME headers for type text/plain are deleted from the content. -If the content is not of type text/plain, an error is returned. -.Sh RETURN VALUES -.Fn CMS_uncompress -returns 1 for success or 0 for failure. -The error can be obtained from -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr CMS_compress 3 , -.Xr CMS_ContentInfo_new 3 -.Sh STANDARDS -RFC 3274: Compressed Data Content Type for Cryptographic Message Syntax (CMS) -.Sh HISTORY -.Fn CMS_uncompress -first appeared in OpenSSL 0.9.8h -and has been available since -.Ox 6.7 . -.Sh BUGS -The lack of single pass processing and the need to hold all data in -memory as mentioned in -.Xr CMS_verify 3 -also applies to -.Fn CMS_uncompress . diff --git a/src/lib/libcrypto/man/CMS_verify.3 b/src/lib/libcrypto/man/CMS_verify.3 deleted file mode 100644 index 63f1b8bb18..0000000000 --- a/src/lib/libcrypto/man/CMS_verify.3 +++ /dev/null @@ -1,230 +0,0 @@ -.\" $OpenBSD: CMS_verify.3,v 1.10 2024/03/29 06:43:12 tb Exp $ -.\" full merge up to: OpenSSL 35fd9953 May 28 14:49:38 2019 +0200 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2008 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 29 2024 $ -.Dt CMS_VERIFY 3 -.Os -.Sh NAME -.Nm CMS_verify , -.Nm CMS_get0_signers -.Nd verify a CMS SignedData structure -.Sh SYNOPSIS -.In openssl/cms.h -.Ft int -.Fo CMS_verify -.Fa "CMS_ContentInfo *cms" -.Fa "STACK_OF(X509) *certs" -.Fa "X509_STORE *store" -.Fa "BIO *indata" -.Fa "BIO *out" -.Fa "unsigned int flags" -.Fc -.Ft STACK_OF(X509) * -.Fo CMS_get0_signers -.Fa "CMS_ContentInfo *cms" -.Fc -.Sh DESCRIPTION -.Fn CMS_verify -verifies the CMS -.Vt SignedData -structure -.Fa cms . -.Fa certs -is a set of certificates in which to search for the signing -certificate(s). -.Fa store -is a trusted certificate store used for chain verification. -.Fa indata -is the detached content if the content is not present in -.Fa cms . -The content is written to -.Fa out -if it is not -.Dv NULL . -.Pp -.Fn CMS_get0_signers -retrieves the signing certificate(s) from -.Fa cms . -It may only be called after a successful -.Fn CMS_verify -operation. -The signers must be freed with -.Fn sk_X509_free . -.Pp -Normally the verify process proceeds as follows. -.Pp -Initially some sanity checks are performed on -.Fa cms . -There must be at least one signature on the data. -If the content is detached, -.Fa indata -cannot be -.Dv NULL . -.Pp -An attempt is made to locate all the signing certificate(s), first -looking in the -.Fa certs -parameter (if it is not -.Dv NULL ) -and then looking in any certificates contained in the -.Fa cms -structure itself. -If any signing certificate cannot be located, the operation fails. -.Pp -Each signing certificate is chain verified using the -.Sy smimesign -purpose and the supplied trusted certificate -.Fa store . -Any internal certificates in the message are used as untrusted CAs. -If CRL checking is enabled in -.Fa store , -any internal CRLs are used in addition to attempting to look them up in -.Fa store . -If any chain verify fails, an error code is returned. -.Pp -Finally the signed content is read (and written to -.Fa out -if it is not -.Dv NULL ) -and the signature is checked. -.Pp -If all signatures verify correctly, then the function is successful. -.Pp -Any of the following -.Fa flags -(OR'ed together) can be passed to change the default verify behaviour: -.Bl -tag -width Ds -.It Dv CMS_NOINTERN -Do not use the certificates in the message itself when -locating the signing certificate(s). -This means that all the signing certificates must be in the -.Fa certs -parameter. -.It Dv CMS_NOCRL -If CRL checking is enabled in -.Fa store , -then any CRLs in the message itself are ignored. -.It Dv CMS_TEXT -MIME headers for type text/plain are deleted from the content. -If the content is not of type text/plain, an error is returned. -.It Dv CMS_NO_SIGNER_CERT_VERIFY -Do not verify signing certificates. -.It Dv CMS_NO_ATTR_VERIFY -Do not check the signed attributes signature. -.It Dv CMS_NO_CONTENT_VERIFY -Do not check the content digest. -.El -.Pp -One application of -.Dv CMS_NOINTERN -is to only accept messages signed by a small number of certificates. -The acceptable certificates would be passed in the -.Fa certs -parameter. -In this case, if the signer is not one of the certificates supplied in -.Fa certs , -then the verify will fail because the signer cannot be found. -.Pp -In some cases the standard techniques for looking up and validating -certificates are not appropriate: for example an application may wish to -lookup certificates in a database or perform customised verification. -This can be achieved by setting and verifying the signers certificates -manually using the signed data utility functions. -.Pp -Care should be taken when modifying the default verify behaviour, for -example setting -.Dv CMS_NO_CONTENT_VERIFY -will totally disable all content verification and any modified content -will be considered valid. -This combination is however useful if one merely wishes to write the -content to -.Fa out -and its validity is not considered important. -.Pp -Chain verification should arguably be performed using the signing time -rather than the current time. -However since the signing time is supplied by the signer it cannot be -trusted without additional evidence (such as a trusted timestamp). -.Sh RETURN VALUES -.Fn CMS_verify -returns 1 for a successful verification or 0 if an error occurred. -.Pp -.Fn CMS_get0_signers -returns all signers or -.Dv NULL -if an error occurred. -The signers must be freed with -.Fn sk_X509_free . -.Pp -The error can be obtained from -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr CMS_ContentInfo_new 3 , -.Xr CMS_get0_SignerInfos 3 , -.Xr CMS_sign 3 , -.Xr CMS_verify_receipt 3 -.Sh STANDARDS -RFC 5652: Cryptographic Message Syntax (CMS), -section 5.1: SignedData Type -.Pp -RFC 8419: Use of Edwards-Curve Digital Signature Algorithm (EdDSA) Signatures -in the Cryptographic Message Syntax (CMS) -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.8h -and have been available since -.Ox 6.7 . -.Sh BUGS -The trusted certificate store is not searched for the signing certificate. -This is primarily due to the inadequacies of the current -.Vt X509_STORE -functionality. -.Pp -The lack of single pass processing means that the signed content must -all be held in memory if it is not detached. diff --git a/src/lib/libcrypto/man/CMS_verify_receipt.3 b/src/lib/libcrypto/man/CMS_verify_receipt.3 deleted file mode 100644 index ac50087a4c..0000000000 --- a/src/lib/libcrypto/man/CMS_verify_receipt.3 +++ /dev/null @@ -1,110 +0,0 @@ -.\" $OpenBSD: CMS_verify_receipt.3,v 1.7 2019/11/02 15:39:46 schwarze Exp $ -.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2008 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 2 2019 $ -.Dt CMS_VERIFY_RECEIPT 3 -.Os -.Sh NAME -.Nm CMS_verify_receipt -.Nd verify a CMS signed receipt -.Sh SYNOPSIS -.In openssl/cms.h -.Ft int -.Fo CMS_verify_receipt -.Fa "CMS_ContentInfo *rcms" -.Fa "CMS_ContentInfo *ocms" -.Fa "STACK_OF(X509) *certs" -.Fa "X509_STORE *store" -.Fa "unsigned int flags" -.Fc -.Sh DESCRIPTION -.Fn CMS_verify_receipt -verifies a CMS signed receipt. -.Fa rcms -is the signed receipt to verify. -.Fa ocms -is the original -.Vt SignedData -structure containing the receipt request. -.Fa certs -is a set of certificates in which to search for the signing certificate. -.Fa store -is a trusted certificate store (used for chain verification). -.Pp -This functions behaves in a similar way to -.Xr CMS_verify 3 -except that the -.Fa flags -values -.Dv CMS_DETACHED , -.Dv CMS_BINARY , -.Dv CMS_TEXT , -and -.Dv CMS_STREAM -are not supported since they do not make sense in the context of signed -receipts. -.Sh RETURN VALUES -.Fn CMS_verify_receipt -returns 1 for a successful verification or 0 if an error occurred. -.Pp -The error can be obtained from -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr CMS_ContentInfo_new 3 , -.Xr CMS_get1_ReceiptRequest 3 , -.Xr CMS_sign_receipt 3 , -.Xr CMS_verify 3 -.Sh STANDARDS -RFC 2634: Enhanced Security Services for S/MIME, section 2.8: Receipt Syntax -.Sh HISTORY -.Fn CMS_verify_receipt -first appeared in OpenSSL 0.9.8h -and has been available since -.Ox 6.7 . diff --git a/src/lib/libcrypto/man/CONF_modules_free.3 b/src/lib/libcrypto/man/CONF_modules_free.3 deleted file mode 100644 index c5fb840942..0000000000 --- a/src/lib/libcrypto/man/CONF_modules_free.3 +++ /dev/null @@ -1,100 +0,0 @@ -.\" $OpenBSD: CONF_modules_free.3,v 1.6 2023/07/21 10:46:54 tb Exp $ -.\" OpenSSL a528d4f0 Oct 27 13:40:11 2015 -0400 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2004, 2006 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 21 2023 $ -.Dt CONF_MODULES_FREE 3 -.Os -.Sh NAME -.Nm CONF_modules_free , -.Nm CONF_modules_finish , -.Nm CONF_modules_unload -.Nd OpenSSL configuration cleanup functions -.Sh SYNOPSIS -.In openssl/conf.h -.Ft void -.Fo CONF_modules_free -.Fa void -.Fc -.Ft void -.Fo CONF_modules_finish -.Fa void -.Fc -.Ft void -.Fo CONF_modules_unload -.Fa "int all" -.Fc -.Sh DESCRIPTION -.Fn CONF_modules_free -closes down and frees up all memory allocated by all configuration -modules. -Normally applications will only call this function -at application exit to tidy up any configuration performed. -.Pp -.Fn CONF_modules_finish -calls the configuration -.Sy finish -handler of each configuration module to free up any configuration -that module may have performed. -.Pp -.Fn CONF_modules_unload -finishes and unloads configuration modules. -If -.Fa all -is set to 1, the builtin modules will be unloaded as well. -.Sh SEE ALSO -.Xr CONF_modules_load_file 3 , -.Xr OPENSSL_config 3 -.Sh HISTORY -.Fn CONF_modules_free , -.Fn CONF_modules_finish , -and -.Fn CONF_modules_unload -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/CONF_modules_load_file.3 b/src/lib/libcrypto/man/CONF_modules_load_file.3 deleted file mode 100644 index d1bcd49a38..0000000000 --- a/src/lib/libcrypto/man/CONF_modules_load_file.3 +++ /dev/null @@ -1,282 +0,0 @@ -.\" $OpenBSD: CONF_modules_load_file.3,v 1.14 2023/11/19 20:58:07 tb Exp $ -.\" full merge up to: e9b77246 Jan 20 19:58:49 2017 +0100 -.\" selective merge up to: d090fc00 Feb 26 13:11:10 2019 +0800 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000, 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 19 2023 $ -.Dt CONF_MODULES_LOAD_FILE 3 -.Os -.Sh NAME -.Nm CONF_modules_load_file , -.Nm CONF_modules_load , -.Nm X509_get_default_cert_area -.Nd OpenSSL configuration functions -.Sh SYNOPSIS -.In openssl/conf.h -.Ft int -.Fo CONF_modules_load_file -.Fa "const char *filename" -.Fa "const char *appname" -.Fa "unsigned long flags" -.Fc -.Ft int -.Fo CONF_modules_load -.Fa "const CONF *cnf" -.Fa "const char *appname" -.Fa "unsigned long flags" -.Fc -.In openssl/x509.h -.Ft const char * -.Fn X509_get_default_cert_area void -.Sh DESCRIPTION -The function -.Fn CONF_modules_load_file -configures OpenSSL using the file -.Fa filename -in -.Xr openssl.cnf 5 -format and the application name -.Fa appname . -If -.Fa filename -is -.Dv NULL , -the standard OpenSSL configuration file -.Pa /etc/ssl/openssl.cnf -is used. -If -.Fa appname -is -.Dv NULL , -the standard OpenSSL application name -.Qq openssl_conf -is used. -The behaviour can be customized using -.Fa flags . -.Pp -See the -.Sx EXAMPLES -section for additional functions that may need to be called. -Calling configuration functions in the right order for the intended -effect can be tricky because many configuration functions internally -call each other. -.Pp -.Fn CONF_modules_load -is identical to -.Fn CONF_modules_load_file -except it reads configuration information from -.Fa cnf . -.Pp -The following -.Fa flags -are currently recognized: -.Bl -tag -width Ds -.It Dv CONF_MFLAGS_IGNORE_ERRORS -Ignore errors returned by individual configuration modules. -By default, the first module error is considered fatal and no further -modules are loaded. -.It Dv CONF_MFLAGS_SILENT -Do not add any error information. -By default, all module errors add error information to the error queue. -.It Dv CONF_MFLAGS_NO_DSO -Disable loading of configuration modules from DSOs. -This flag is provided for compatibility and has no effect. -.It Dv CONF_MFLAGS_IGNORE_MISSING_FILE -Let -.Fn CONF_modules_load_file -ignore missing configuration files. -By default, a missing configuration file returns an error. -.It CONF_MFLAGS_DEFAULT_SECTION -If -.Fa appname -is not -.Dv NULL -but does not exist, fall back to the default section -.Qq openssl_conf . -.El -.Pp -By using -.Fn CONF_modules_load_file -with appropriate flags, an application can customise application -configuration to best suit its needs. -In some cases the use of a configuration file is optional and its -absence is not an error: in this case -.Dv CONF_MFLAGS_IGNORE_MISSING_FILE -would be set. -.Pp -Errors during configuration may also be handled differently by -different applications. -For example in some cases an error may simply print out a warning -message and the application may continue. -In other cases an application might consider a configuration file -error fatal and exit immediately. -.Pp -Applications can use the -.Fn CONF_modules_load -function if they wish to load a configuration file themselves and -have finer control over how errors are treated. -.Sh RETURN VALUES -.Fn CONF_modules_load_file -and -.Fn CONF_modules_load -return 1 for success and zero or a negative value for failure. -If module errors are not ignored, the return code will reflect the return -value of the failing module (this will always be zero or negative). -.Pp -.Fn X509_get_default_cert_area -returns a pointer to the constant string -.Qq "/etc/ssl" . -.Sh FILES -.Bl -tag -width /etc/ssl/openssl.cnf -compact -.It Pa /etc/ssl -standard configuration directory -.It Pa /etc/ssl/openssl.cnf -standard configuration file -.El -.Sh EXAMPLES -Load a configuration file and print out any errors and exit (missing -file considered fatal): -.Bd -literal -if (CONF_modules_load_file(NULL, NULL, 0) <= 0) { - fprintf(stderr, "FATAL: error loading configuration file\en"); - ERR_print_errors_fp(stderr); - exit(1); -} -.Ed -.Pp -Load default configuration file using the section indicated -by "myapp", tolerate missing files, but exit on other errors: -.Bd -literal -if (CONF_modules_load_file(NULL, "myapp", - CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) { - fprintf(stderr, "FATAL: error loading configuration file\en"); - ERR_print_errors_fp(stderr); - exit(1); -} -.Ed -.Pp -Load custom configuration file and section instead of the standard one, -only print warnings on error, missing configuration file ignored: -.Bd -literal -OPENSSL_no_config(); -OPENSSL_load_builtin_modules(); -if (CONF_modules_load_file("/something/app.cnf", "myapp", - CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) { - fprintf(stderr, "WARNING: error loading configuration file\en"); - ERR_print_errors_fp(stderr); -} -.Ed -.Pp -In the previous example, the call to -.Xr OPENSSL_no_config 3 -is required first to suppress automatic loading -of the standard configuration file, and the call to -.Xr OPENSSL_load_builtin_modules 3 -is needed so that the configuration of builtin modules -is loaded in addition to the configuration of -.Qq myapp . -.Pp -Load and parse configuration file manually, custom error handling: -.Bd -literal -FILE *fp; -CONF *cnf = NULL; -long eline; - -fp = fopen("/somepath/app.cnf", "r"); -if (fp == NULL) { - fprintf(stderr, "Error opening configuration file\en"); - /* Other missing configuration file behaviour */ -} else { - cnf = NCONF_new(NULL); - if (NCONF_load_fp(cnf, fp, &eline) == 0) { - fprintf(stderr, "Error on line %ld of configuration file\en", - eline); - ERR_print_errors_fp(stderr); - /* Other malformed configuration file behaviour */ - } else if (CONF_modules_load(cnf, "appname", 0) <= 0) { - fprintf(stderr, "Error configuring application\en"); - ERR_print_errors_fp(stderr); - /* Other configuration error behaviour */ - } - fclose(fp); - NCONF_free(cnf); -} -.Ed -.Sh SEE ALSO -.Xr CONF_modules_free 3 , -.Xr ERR 3 , -.Xr OPENSSL_config 3 , -.Xr OPENSSL_load_builtin_modules 3 -.Sh HISTORY -.Fn X509_get_default_cert_area -first appeared in SSLeay 0.4.1 and has been available since -.Ox 2.4 . -.Pp -.Fn CONF_modules_load_file -and -.Fn CONF_modules_load -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/CRYPTO_lock.3 b/src/lib/libcrypto/man/CRYPTO_lock.3 deleted file mode 100644 index afc5eb54c5..0000000000 --- a/src/lib/libcrypto/man/CRYPTO_lock.3 +++ /dev/null @@ -1,121 +0,0 @@ -.\" $OpenBSD: CRYPTO_lock.3,v 1.3 2024/03/14 22:09:40 tb Exp $ -.\" OpenSSL doc/crypto/threads.pod fb552ac6 Sep 30 23:43:01 2009 +0000 -.\" -.\" Copyright (c) 2019 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 14 2024 $ -.Dt CRYPTO_LOCK 3 -.Os -.Sh NAME -.Nm CRYPTO_lock , -.Nm CRYPTO_w_lock , -.Nm CRYPTO_w_unlock , -.Nm CRYPTO_r_lock , -.Nm CRYPTO_r_unlock , -.Nm CRYPTO_add -.Nd thread support -.Sh SYNOPSIS -.In openssl/crypto.h -.Ft void -.Fo CRYPTO_lock -.Fa "int mode" -.Fa "int type" -.Fa "const char *file" -.Fa "int line" -.Fc -.Ft int -.Fo CRYPTO_add -.Fa "int *p" -.Fa "int amount" -.Fa "int type" -.Fc -.Bd -literal -#define CRYPTO_w_lock(type) \e - CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE, type, __FILE__, __LINE__) -#define CRYPTO_w_unlock(type) \e - CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE, type, __FILE__, __LINE__) -#define CRYPTO_r_lock(type) \e - CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ, type, __FILE__, __LINE__) -#define CRYPTO_r_unlock(type) \e - CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ, type, __FILE__, __LINE__) -.Ed -.Sh DESCRIPTION -These functions are obsolete. -.Pp -.Fn CRYPTO_lock -locks or unlocks a mutex lock. -.Pp -.Fa mode -is a bitfield describing what should be done with the lock. -For each call, either -.Dv CRYPTO_LOCK -or -.Dv CRYPTO_UNLOCK -must be included. -In the LibreSSL implementation, -.Dv CRYPTO_READ -and -.Dv CRYPTO_WRITE -are ignored. -.Pp -.Fa type -is a number in the range 0 <= -.Fa type No < Dv CRYPTO_NUM_LOCKS -identifying a particular lock. -Currently, the value of -.Dv CRYPTO_NUM_LOCKS -is 41. -.Pp -The -.Ar file -and -.Ar line -arguments are ignored. -.Pp -In the LibreSSL implementation, -.Fn CRYPTO_lock -is a wrapper around -.Xr pthread_mutex_lock 3 -and -.Xr pthread_mutex_unlock 3 . -.Pp -.Fn CRYPTO_add -locks the lock number -.Fa type , -adds -.Fa amount -to -.Pf * Fa p , -and unlocks the lock number -.Fa type -again. -.Sh RETURN VALUES -.Fn CRYPTO_add -returns the new value of -.Pf * Fa p . -.Sh SEE ALSO -.Xr crypto 3 -.Sh HISTORY -.Fn CRYPTO_lock , -.Fn CRYPTO_w_lock , -.Fn CRYPTO_w_unlock , -.Fn CRYPTO_r_lock , -and -.Fn CRYPTO_r_unlock -first appeared in SSLeay 0.6.0. -.Fn CRYPTO_add -first appeared in SSLeay 0.6.2. -These functions have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/CRYPTO_memcmp.3 b/src/lib/libcrypto/man/CRYPTO_memcmp.3 deleted file mode 100644 index cbc0030c55..0000000000 --- a/src/lib/libcrypto/man/CRYPTO_memcmp.3 +++ /dev/null @@ -1,95 +0,0 @@ -.\" $OpenBSD: CRYPTO_memcmp.3,v 1.1 2019/08/25 06:20:22 schwarze Exp $ -.\" full merge up to: OpenSSL 1075139c Jun 24 09:18:48 2019 +1000 -.\" -.\" This file was written by Pauli . -.\" Copyright (c) 2019 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: August 25 2019 $ -.Dt CRYPTO_MEMCMP 3 -.Os -.Sh NAME -.Nm CRYPTO_memcmp -.Nd constant time memory comparison -.Sh SYNOPSIS -.In openssl/crypto.h -.Ft int -.Fo CRYPTO_memcmp -.Fa "const void *a" -.Fa "const void *b" -.Fa "size_t len" -.Fc -.Sh DESCRIPTION -.Fn CRYPTO_memcmp -compares the -.Fa len -bytes pointed to by -.Fa a -and -.Fa b -for equality. -It takes an amount of time dependent on -.Fa len , -but independent of the contents of the memory regions pointed to by -.Fa a -and -.Fa b . -.Sh RETURN VALUES -.Fn CRYPTO_memcmp -returns 0 if the content of the memory regions is equal -or non-zero otherwise. -.Sh HISTORY -.Fn CRYPTO_memcmp -first appeared in OpenSSL 1.0.1d and has been available since -.Ox 5.6 . -.Sh BUGS -Unlike -.Xr memcmp 3 -and -.Xr timingsafe_memcmp 3 , -this function cannot be used to order the two memory regions. -In the current implementation, the return value is always greater -than or equal to 0. diff --git a/src/lib/libcrypto/man/CRYPTO_set_ex_data.3 b/src/lib/libcrypto/man/CRYPTO_set_ex_data.3 deleted file mode 100644 index c22fb22352..0000000000 --- a/src/lib/libcrypto/man/CRYPTO_set_ex_data.3 +++ /dev/null @@ -1,564 +0,0 @@ -.\" $OpenBSD: CRYPTO_set_ex_data.3,v 1.15 2023/09/18 14:49:43 schwarze Exp $ -.\" -.\" Copyright (c) 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: September 18 2023 $ -.Dt CRYPTO_SET_EX_DATA 3 -.Os -.Sh NAME -.Nm CRYPTO_get_ex_new_index , -.Nm CRYPTO_EX_new , -.Nm CRYPTO_EX_free , -.Nm CRYPTO_EX_dup , -.Nm CRYPTO_new_ex_data , -.Nm CRYPTO_set_ex_data , -.Nm CRYPTO_get_ex_data , -.Nm CRYPTO_free_ex_data -.Nd low-level functions for application specific data -.Sh SYNOPSIS -.In openssl/crypto.h -.Ft int -.Fo CRYPTO_get_ex_new_index -.Fa "int class_index" -.Fa "long argl" -.Fa "void *argp" -.Fa "CRYPTO_EX_new *new_func" -.Fa "CRYPTO_EX_dup *dup_func" -.Fa "CRYPTO_EX_free *free_func" -.Fc -.Ft typedef int -.Fo CRYPTO_EX_new -.Fa "void *parent" -.Fa "void *data" -.Fa "CRYPTO_EX_DATA *ad" -.Fa "int idx" -.Fa "long argl" -.Fa "void *argp" -.Fc -.Ft typedef void -.Fo CRYPTO_EX_free -.Fa "void *parent" -.Fa "void *data" -.Fa "CRYPTO_EX_DATA *ad" -.Fa "int idx" -.Fa "long argl" -.Fa "void *argp" -.Fc -.Ft typedef int -.Fo CRYPTO_EX_dup -.Fa "CRYPTO_EX_DATA *to" -.Fa "const CRYPTO_EX_DATA *from" -.Fa "void *datap" -.Fa "int idx" -.Fa "long argl" -.Fa "void *argp" -.Fc -.Ft int -.Fo CRYPTO_new_ex_data -.Fa "int class_index" -.Fa "void *parent" -.Fa "CRYPTO_EX_DATA *ad" -.Fc -.Ft int -.Fo CRYPTO_set_ex_data -.Fa "CRYPTO_EX_DATA *ad" -.Fa "int idx" -.Fa "void *data" -.Fc -.Ft void * -.Fo CRYPTO_get_ex_data -.Fa "CRYPTO_EX_DATA *ad" -.Fa "int idx" -.Fc -.Ft void -.Fo CRYPTO_free_ex_data -.Fa "int class_index" -.Fa "void *parent" -.Fa "CRYPTO_EX_DATA *ad" -.Fc -.Sh DESCRIPTION -The library implements the functions documented in the -.Xr RSA_get_ex_new_index 3 -manual page and similar functions for other parent object types -using the functions documented in the present manual page. -Application programs almost never need -to call the functions documented here directly. -.Pp -.Fn CRYPTO_get_ex_new_index -behaves in the same way as -.Xr RSA_get_ex_new_index 3 -except that the parent object type that the new -.Fa idx -is reserved for is not part of the function name -but instead specified by the additional -.Fa class_index -argument receiving one of the -.Dv CRYPTO_EX_INDEX_* -constants defined in -.In openssl/crypto.h . -The recommendation given in -.Xr RSA_get_ex_new_index 3 -to set the -.Fa argl -argument to 0 and the last four arguments all to -.Dv NULL -applies. -The library passes the -.Fa argl -and -.Fa argp -arguments through to the callback functions for the respective -.Fa idx , -but ignores them otherwise. -.Pp -If a function pointer is passed for the -.Fa new_func -argument, that function is called for the returned -.Fa idx -whenever a new parent object is allocated with -.Xr RSA_new 3 -or a similar function. -.Pp -If a function pointer is passed for the -.Fa free_func -argument, that function is called for the returned -.Fa idx -when a parent object is freed with -.Xr RSA_free 3 -or a similar function. -.Pp -The arguments of -.Fa new_func -and -.Fa free_func -are as follows: -.Pp -.Bl -tag -width Ds -compact -.It Fa parent -the parent object that contains the -.Fa data -.It Fa data -the -.Fa data -previously set by -.Fn CRYPTO_set_ex_data -at -.Fa idx -in -.Fa parent -.It Fa ad -the -.Vt CRYPTO_EX_DATA -subobject of the -.Fa parent -object -.It Fa idx -return value of -.Fn CRYPTO_get_ex_new_index -that set this callback -.It Fa argl -the -.Fa argl -passed to -.Fn CRYPTO_get_ex_new_index -for this -.Fa idx -.It Fa argp -the -.Fa argp -passed to -.Fn CRYPTO_get_ex_new_index -for this -.Fa idx -.El -.Pp -If a function pointer is passed for the -.Fa dup_func , -that function is supposed to be called for the returned -.Fa idx -whenever a parent object of the respective type is copied. -Actually, the only functions doing that are -.Xr BIO_dup_chain 3 , -.Xr EC_KEY_copy 3 , -and -.Xr SSL_dup 3 , -and the TLS 1.3 network stack does it internally when duplicating a -.Vt SSL_SESSION -object after receiving a new session ticket message. -Most other object types supporting ex_data do not support -copying in the first place, whereas -.Xr DSA_dup_DH 3 -and -.Xr X509_dup 3 -simply ignore -.Fa dup_func . -.Pp -The arguments of -.Fa dup_func -are as follows: -.Pp -.Bl -tag -width Ds -compact -.It Fa to -the -.Vt CRYPTO_EX_DATA -subobject of the new parent object -.It Fa from -the -.Vt CRYPTO_EX_DATA -subobject of the original parent object -.It Fa datap -a pointer to a copy of the pointer to the original ex_data -.It Fa idx -return value of -.Fn CRYPTO_get_ex_new_index -that set this callback -.It Fa argl -the -.Fa argl -passed to -.Fn CRYPTO_get_ex_new_index -for this -.Fa idx -.It Fa argp -the -.Fa argp -passed to -.Fn CRYPTO_get_ex_new_index -for this -.Fa idx -.El -.Pp -Inside -.Fa dup_func , -the -.Fa data -pointer contained in the original parent object being copied -can be accessed by casting and dereferencing -.Fa datap , -for example: -.Pp -.Dl char *orig_data = *(char **)datap; -.Pp -If the original data is copied, for example in a manner similar to -.Bd -literal -offset indent -char *new_data; -if ((new_data = strdup(orig_data)) == NULL) - return 0; -.Ed -.Pp -then the pointer to the newly allocated memory needs to be passed -back to the caller in the -.Fa datap -argument, for example: -.Bd -literal -offset indent -*(char **)datap = new_data; -return 1; -.Ed -.Pp -Calling -.Fn CRYPTO_set_ex_data to idx new_data -from inside -.Fa dup_func -has no effect because the code calling -.Fa dup_func -unconditionally calls -.Fn CRYPTO_set_ex_data to idx *datap -after -.Fa dup_func -returns successfully. -Consequently, if -.Fa dup_func -does not change -.Pf * Fa datap , -the new parent object ends up containing a pointer to the same memory -as the original parent object and any memory allocated in -.Fa dup_func -is leaked. -.Pp -When multiple callback functions are called, -they are called in increasing order of their -.Fa idx -value. -.Pp -.Fn CRYPTO_new_ex_data -is an internal function that initializes the -.Fa ad -subobject of the -.Fa parent -object, with the type of the parent object specified by the -.Fa class_index -argument. -Initialization includes calling the respective -.Fa new_func -callbacks for all reserved -.Fa idx -values that have such callbacks configured. -Despite its name, -.Fn CRYPTO_new_ex_data -does not create a new object but requires that -.Fa ad -points to an already allocated but still uninitialized object. -.Pp -.Fn CRYPTO_set_ex_data -and -.Fn CRYPTO_get_ex_data -behave in the same way as -.Xr RSA_set_ex_data 3 -and -.Xr RSA_get_ex_data 3 , -respectively, except that they do not accept a pointer -to the parent object but instead require a pointer to the -.Vt CRYPTO_EX_DATA -subobject of that parent object. -.Pp -.Fn CRYPTO_free_ex_data -is an internal function that frees any memory used inside the -.Fa ad -subobject of the -.Fa parent -object, with the type of the parent object specified by the -.Fa class_index -argument. -This includes calling the respective -.Fa free_func -callbacks for all reserved -.Fa idx -values that have such callbacks configured. -Despite its name, -.Fn CRYPTO_free_ex_data -does not free -.Fa ad -itself. -.Sh RETURN VALUES -.Fn CRYPTO_get_ex_new_index -returns a new index equal to or greater than 1 -or \-1 if memory allocation fails. -.Pp -.Fn CRYPTO_EX_new -and -.Fn CRYPTO_EX_dup -functions are supposed to return 1 on success or 0 on failure. -.Pp -.Fn CRYPTO_new_ex_data -and -.Fn CRYPTO_set_ex_data -return 1 on success or 0 if memory allocation fails. -.Pp -.Fn CRYPTO_get_ex_data -returns the application specific data or -.Dv NULL -if the parent object that contains -.Fa ad -does not contain application specific data at the given -.Fa idx . -.Sh ERRORS -After failure of -.Fn CRYPTO_get_ex_new_index , -.Fn CRYPTO_new_ex_data , -or -.Fn CRYPTO_set_ex_data , -the following diagnostic can be retrieved with -.Xr ERR_get_error 3 , -.Xr ERR_GET_REASON 3 , -and -.Xr ERR_reason_error_string 3 : -.Bl -tag -width Ds -.It Dv ERR_R_MALLOC_FAILURE Qq "malloc failure" -Memory allocation failed. -.El -.Pp -In a few unusual failure cases, -.Xr ERR_get_error 3 -may report different errors caused by -.Xr OPENSSL_init_crypto 3 -or even none at all. -.Pp -Even though it cannot indicate failure, -.Fn CRYPTO_free_ex_data -may occasionally also set an error code that can be retrieved with -.Xr ERR_get_error 3 . -.Pp -.Fn CRYPTO_get_ex_data -does not distinguish success from failure. -Consequently, after -.Fn CRYPTO_get_ex_data -returns -.Dv NULL , -.Xr ERR_get_error 3 -returns 0 unless there is still an earlier error in the queue. -.Sh SEE ALSO -.Xr BIO_get_ex_new_index 3 , -.Xr DH_get_ex_new_index 3 , -.Xr DSA_get_ex_new_index 3 , -.Xr RSA_get_ex_new_index 3 , -.Xr SSL_CTX_get_ex_new_index 3 , -.Xr SSL_get_ex_new_index 3 , -.Xr SSL_SESSION_get_ex_new_index 3 , -.Xr X509_STORE_CTX_get_ex_new_index 3 , -.Xr X509_STORE_get_ex_new_index 3 -.Sh HISTORY -.Fn CRYPTO_get_ex_new_index , -.Fn CRYPTO_new_ex_data , -.Fn CRYPTO_set_ex_data , -.Fn CRYPTO_get_ex_data , -and -.Fn CRYPTO_free_ex_data -first appeared in SSLeay 0.9.0 and have been available since -.Ox 2.4 . -.Pp -.Fn CRYPTO_EX_new , -.Fn CRYPTO_EX_free , -and -.Fn CRYPTO_EX_dup -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . -.Sh CAVEATS -If an program installs callback functions, the last call to -.Fn CRYPTO_get_ex_new_index -installing a function of a certain type for a certain -.Fa class_index -needs to be complete before the first object of that -.Fa class_index -can be created, freed, or copied, respectively. -Otherwise, incomplete initialization or cleanup will result. -.Pp -At the time -.Fa new_func -is called, the -.Fa parent -object is only partially initialized, -so trying to access any data in it is strongly discouraged. -The -.Fa data -argument is typically -.Dv NULL -in -.Fa new_func . -.Pp -At the time -.Fa free_func -is called, the -.Fa parent -object is already mostly deconstructed -and part of its content may have been cleared and freed. -Consequently, trying to access any data in -.Fa parent -is strongly discouraged. -According to the OpenSSL API documentation, the library code calling -.Fa free_func -would even be permitted to pass a -.Dv NULL -pointer for the -.Fa parent -argument. -.Pp -.Fn CRYPTO_set_ex_data -and -.Fn CRYPTO_get_ex_data -cannot reasonably be used outside the callback functions -because no API function provides access to any pointers of the type -.Vt CRYPTO_EX_DATA * . -.Pp -Inside -.Fa new_func , -calling -.Fn CRYPTO_get_ex_data -makes no sense because it always returns -.Dv NULL , -and calling -.Fn CRYPTO_set_ex_data -makes no sense because -.Fa new_func -does not have access to any meaningful -.Fa data -it could store, and the absence of application specific data at any given -.Fa idx -is already sufficiently indicated by the default return value -.Dv NULL -of -.Fn CRYPTO_get_ex_data , -.Xr RSA_get_ex_data 3 , -and similar functions. -.Pp -Inside -.Fa free_func , -calling -.Fn CRYPTO_get_ex_data -makes no sense because the return value is already available in -.Fa data , -and calling -.Fn CRYPTO_set_ex_data -makes no sense because the parent object, including any ex_data -contained in it, is already being deconstructed and will no longer -exist by the time application code regains control. -.Pp -Inside -.Fa dup_func , -calling -.Fn CRYPTO_get_ex_data -makes no sense because the return value for -.Fa from -is already available as -.Pf * Fa datap , -and the return value for -.Fa to -is -.Dv NULL . -Calling -.Fn CRYPTO_set_ex_data -makes no sense because changing -.Fa from -would cause an undesirable side effect in this context -and trying to change -.Fa to -is ineffective as explained above. -.Pp -Consequently, application code can never use -.Fn CRYPTO_set_ex_data -or -.Fn CRYPTO_get_ex_data -in a meaningful way. -.Pp -The fact that the functions documented in the present manual page -are part of the public API might create the impression -that application programs could add ex_data support -to additional object types not offering it by default. -However, for built-in object types not offering ex_support, this -is not possible because such objects do not contain the required -.Vt CRYPTO_EX_DATA -subobject. -.Pp -It is theoretically possible to add ex_data support to an -application-defined object type by adding a -.Vt CRYPTO_EX_DATA -field to the struct declaration, a call to -.Fn CRYPTO_new_ex_data -to the object constructor, and a call to -.Fn CRYPTO_free_ex_data -to the object destructor. -The OpenSSL documentation mentions that the constant -.Dv CRYPTO_EX_INDEX_APP -is reserved for this very purpose. -However, doing this would hardly be useful. -It is much more straightforward to just add -all the required data fields to the struct declaration itself. -.Sh BUGS -If -.Fa new_func -or -.Fa dup_func -fails, the failure is silently ignored by the library, potentially -resulting in an incompletely initialized object. -The application program cannot detect this kind of failure. diff --git a/src/lib/libcrypto/man/CRYPTO_set_mem_functions.3 b/src/lib/libcrypto/man/CRYPTO_set_mem_functions.3 deleted file mode 100644 index d020d10ff6..0000000000 --- a/src/lib/libcrypto/man/CRYPTO_set_mem_functions.3 +++ /dev/null @@ -1,96 +0,0 @@ -.\" $OpenBSD: CRYPTO_set_mem_functions.3,v 1.2 2025/03/08 17:17:09 tb Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 8 2025 $ -.Dt CRYPTO_SET_MEM_FUNCTIONS 3 -.Os -.Sh NAME -.Nm CRYPTO_set_mem_functions , -.Nm CRYPTO_mem_ctrl , -.Nm CRYPTO_mem_leaks , -.Nm CRYPTO_mem_leaks_fp , -.Nm CRYPTO_mem_leaks_cb -.Nd legacy OpenSSL memory allocation control -.Sh SYNOPSIS -.In openssl/crypto.h -.Ft int -.Fo CRYPTO_set_mem_functions -.Fa "void *(*m)(size_t, const char *, int)" -.Fa "void *(*r)(void *, size_t, const char *, int)" -.Fa "void (*f)(void *, const char *, int)" -.Fc -.Ft int -.Fo CRYPTO_mem_ctrl -.Fa "int mode" -.Fc -.Ft int -.Fo CRYPTO_mem_leaks -.Fa "BIO *b" -.Fc -.Ft int -.Fo CRYPTO_mem_leaks_fp -.Fa "FILE *fp" -.Fc -.Ft typedef int * -.Fo CRYPTO_MEM_LEAK_CB -.Fa "unsigned long" -.Fa "const char *" -.Fa int -.Fa int -.Fa "void *" -.Fc -.Ft int -.Fo CRYPTO_mem_leaks_cb -.Fa "CRYPTO_MEM_LEAK_CB *cb" -.Fc -.Sh DESCRIPTION -Do not use any of the interfaces documented here. -They are provided purely for compatibility with legacy application code. -.Pp -.Fn CRYPTO_set_mem_functions , -.Fn CRYPTO_mem_ctrl , -.Fn CRYPTO_mem_leaks , -.Fn CRYPTO_mem_leaks_fp , -and -.Fn CRYPTO_mem_leaks_cb -have no effect. -.Sh RETURN VALUES -.Fn CRYPTO_set_mem_functions -always returns 0. -.Pp -.Fn CRYPTO_mem_ctrl -always returns -.Dv CRYPTO_MEM_CHECK_OFF . -.Pp -.Fn CRYPTO_mem_leaks , -.Fn CRYPTO_mem_leaks_fp , -and -.Fn CRYPTO_mem_leaks_cb -always return -1. -.Sh SEE ALSO -.Xr crypto 3 -.Sh HISTORY -.Fn CRYPTO_mem_ctrl , -.Fn CRYPTO_mem_leaks , -and -.Fn CRYPTO_mem_leaks_fp -first appeared in SSLeay 0.6.4. -.Fn CRYPTO_set_mem_functions -first appeared in SSLeay 0.6.5. -.Fn CRYPTO_mem_leaks_cb -first appeared in SSLeay 0.6.6. -All these functions have all been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/ChaCha.3 b/src/lib/libcrypto/man/ChaCha.3 deleted file mode 100644 index 9aae6d70cf..0000000000 --- a/src/lib/libcrypto/man/ChaCha.3 +++ /dev/null @@ -1,253 +0,0 @@ -.\" $OpenBSD: ChaCha.3,v 1.3 2022/02/18 10:24:32 jsg Exp $ -.\" -.\" Copyright (c) 2020 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: February 18 2022 $ -.Dt CHACHA 3 -.Os -.Sh NAME -.Nm ChaCha_set_key , -.Nm ChaCha_set_iv , -.Nm ChaCha , -.Nm CRYPTO_chacha_20 , -.Nm CRYPTO_hchacha_20 , -.Nm CRYPTO_xchacha_20 -.Nd ChaCha20 stream cipher -.Sh SYNOPSIS -.In openssl/chacha.h -.Ft void -.Fo ChaCha_set_key -.Fa "ChaCha_ctx *ctx" -.Fa "const unsigned char *key" -.Fa "unsigned int keybits" -.Fc -.Ft void -.Fo ChaCha_set_iv -.Fa "ChaCha_ctx *ctx" -.Fa "const unsigned char *iv" -.Fa "const unsigned char *counter" -.Fc -.Ft void -.Fo ChaCha -.Fa "ChaCha_ctx *ctx" -.Fa "unsigned char *out" -.Fa "const unsigned char *in" -.Fa "size_t len" -.Fc -.Ft void -.Fo CRYPTO_chacha_20 -.Fa "unsigned char *out" -.Fa "const unsigned char *in" -.Fa "size_t len" -.Fa "const unsigned char key[32]" -.Fa "const unsigned char iv[8]" -.Fa "uint64_t counter" -.Fc -.Ft void -.Fo CRYPTO_hchacha_20 -.Fa "unsigned char out[32]" -.Fa "const unsigned char key[32]" -.Fa "const unsigned char iv[16]" -.Fc -.Ft void -.Fo CRYPTO_xchacha_20 -.Fa "unsigned char *out" -.Fa "const unsigned char *in" -.Fa "size_t len" -.Fa "const unsigned char key[32]" -.Fa "const unsigned char iv[24]" -.Fc -.Sh DESCRIPTION -These functions provide a low-level implementation -of the ChaCha stream cipher with 256 and 128-bit keys. -The number of rounds is hardcoded to 20; -variants with 8 or 12 rounds are not supported. -.Pp -Instead of using these functions directly, -application programs normally use the more portable -.Xr EVP_chacha20 3 -high-level interface. -.Pp -The ChaCha state is contained in the -.Vt ChaCha_ctx -structure and consists of sixteen 32-bit unsigned integers. -.Pp -For the recommended value of 256 -.Fa keybits , -.Fn ChaCha_set_key -copies 32 bytes (256 bits) from -.Fa key -to the middle eight integers of the ChaCha state, -using little endian order for each integer. -For the alternative value of 128 -.Fa keybits , -only 16 bytes (128 bits) are copied from -.Fa key -to the ChaCha state, but they are copied twice, -once to the second quarter and once to the third quarter. -The first quarter of the ChaCha state is set to four constant integers; -these constants differ depending on whether -.Fa keybits -is 128 or 256. -The last quarter of the ChaCha state remains unchanged. -.Pp -.Fn ChaCha_set_iv -copies eight bytes (64 bits) from -.Fa counter -and eight bytes (64 bits) from -.Fa iv -to the last quarter of the ChaCha state, the counter to the first -two integers and the initialization vector to the last two integers, -again in little endian order. -If -.Fa counter -is -.Dv NULL , -the two respective integers are set to 0 instead. -The first three quarters of the ChaCha state remain unchanged. -.Pp -.Fn ChaCha -encrypts -.Fa len -bytes of data from -.Fa in -to -.Fa out -using the -.Fa ctx -that was previously set up with -.Fn ChaCha_set_key -and -.Fn ChaCha_set_iv . -Providing an -.Fa out -buffer of at least -.Fa len -bytes is the responsibility of the caller. -This function can be called multiple times in a row with varying -.Fa len -arguments. -The -.Fa len -does not need to be a multiple of 64. -.Pp -.Fn CRYPTO_chacha_20 -encrypts -.Fa len -bytes of data from -.Fa in -to -.Fa out -in a one-shot operation, using the given -.Fa key -and -.Fa iv -as described for -.Fn ChaCha_set_key -and -.Fn ChaCha_set_iv -and copying the less significant half of -.Fa counter -to the first counter integer in the initial ChaCha state -and the more significant half to the second integer. -Providing an -.Fa out -buffer of at least -.Fa len -bytes is again the responsibility of the caller. -The maximum supported value for -.Fa len -is 2^32 \- 1. -.Pp -XChaCha is a variant of ChaCha designed to support longer nonces, -just like XSalsa20 is a variant of Salsa20 supporting longer nonces. -.Pp -.Fn CRYPTO_xchacha_20 -encrypts -.Fa len -bytes of data from -.Fa in -to -.Fa out -in a one-shot operation with the XChaCha algorithm, using the given -.Fa key -and -.Fa iv . -It is equivalent to -.Fn CRYPTO_chacha_20 -with the last third of -.Fa iv , -a -.Fa counter -of 0, and a key generated with -.Fn CRYPTO_hchacha_20 -from the first two thirds of -.Fa iv . -.Sh SEE ALSO -.Xr crypto 3 , -.Xr EVP_chacha20 3 -.Rs -.%A Daniel J. Bernstein -.%T ChaCha, a variant of Salsa20 -.%U https://cr.yp.to/chacha/chacha-20080128.pdf -.%C Chicago -.%D January 28, 2008 -.Re -.Rs -.%A Daniel J. Bernstein -.%T Extending the Salsa20 nonce -.%U https://cr.yp.to/snuffle/xsalsa-20110204.pdf -.%C Chicago -.%D August 22, 2017 -.Re -.Sh STANDARDS -RFC 8439: ChaCha20 and Poly1305 for IETF Protocols -.Pp -Note that the standard specifies -a 32-bit counter and a 96-bit initialization vector whereas -this implementation follows Bernstein's original specification -and uses a 64-bit counter and a 64-bit initialization vector. -.Pp -These functions are specific to LibreSSL and not provided by OpenSSL. -BoringSSL does provide -.Fn CRYPTO_chacha_20 , -but with an incompatible interface, taking a 96-bit -.Fa iv -and a 32-bit -.Fa counter . -.Sh HISTORY -.Fn ChaCha_set_key , -.Fn ChaCha_set_iv , -.Fn ChaCha , -and -.Fn CRYPTO_chacha_20 -first appeared in -.Ox 5.6 . -.\" Committed on May 1, 2014. -.\" BoringSSL added CRYPTO_chacha_20 on June 20, 2014. -.Pp -.Fn CRYPTO_hchacha_20 -and -.Fn CRYPTO_xchacha_20 -first appeared in -.Ox 6.5 . -.Sh AUTHORS -.An -nosplit -This implementation was written by -.An Daniel J. Bernstein Aq Mt djb@cr.yp.to . -The API layer was added by -.An Joel Sing Aq Mt jsing@openbsd.org -for ChaCha, and for XChaCha by -.An David Gwynne Aq Mt dlg@openbsd.org . diff --git a/src/lib/libcrypto/man/DES_set_key.3 b/src/lib/libcrypto/man/DES_set_key.3 deleted file mode 100644 index fd09d77730..0000000000 --- a/src/lib/libcrypto/man/DES_set_key.3 +++ /dev/null @@ -1,787 +0,0 @@ -.\" $OpenBSD: DES_set_key.3,v 1.17 2024/05/24 19:18:07 tb Exp $ -.\" full merge up to: -.\" OpenSSL man3/DES_random_key 521738e9 Oct 5 14:58:30 2018 -0400 -.\" -.\" -------------------------------------------------------------------------- -.\" Major patches to this file were contributed by -.\" Ulf Moeller , Ben Laurie , -.\" and Richard Levitte . -.\" -------------------------------------------------------------------------- -.\" Copyright (c) 2000, 2001, 2017 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.\" -------------------------------------------------------------------------- -.\" Parts of this file are derived from SSLeay documentation, -.\" which is covered by the following Copyright and license: -.\" -------------------------------------------------------------------------- -.\" -.\" Copyright (C) 1995-1998 Tim Hudson (tjh@cryptsoft.com) -.\" All rights reserved. -.\" -.\" This package is an SSL implementation written -.\" by Eric Young (eay@cryptsoft.com). -.\" The implementation was written so as to conform with Netscapes SSL. -.\" -.\" This library is free for commercial and non-commercial use as long as -.\" the following conditions are aheared to. The following conditions -.\" apply to all code found in this distribution, be it the RC4, RSA, -.\" lhash, DES, etc., code; not just the SSL code. The SSL documentation -.\" included with this distribution is covered by the same copyright terms -.\" except that the holder is Tim Hudson (tjh@cryptsoft.com). -.\" -.\" Copyright remains Eric Young's, and as such any Copyright notices in -.\" the code are not to be removed. -.\" If this package is used in a product, Eric Young should be given -.\" attribution as the author of the parts of the library used. -.\" This can be in the form of a textual message at program startup or -.\" in documentation (online or textual) provided with the package. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" "This product includes cryptographic software written by -.\" Eric Young (eay@cryptsoft.com)" -.\" The word 'cryptographic' can be left out if the rouines from the -.\" library being used are not cryptographic related :-). -.\" 4. If you include any Windows specific code (or a derivative thereof) -.\" from the apps directory (application code) you must include an -.\" acknowledgement: "This product includes software written by -.\" Tim Hudson (tjh@cryptsoft.com)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" The licence and distribution terms for any publically available version or -.\" derivative of this code cannot be changed. i.e. this code cannot simply be -.\" copied and put under another distribution licence -.\" [including the GNU Public Licence.] -.\" -.Dd $Mdocdate: May 24 2024 $ -.Dt DES_SET_KEY 3 -.Os -.Sh NAME -.Nm DES_random_key , -.Nm DES_set_key , -.Nm DES_key_sched , -.Nm DES_set_key_checked , -.Nm DES_set_key_unchecked , -.Nm DES_set_odd_parity , -.Nm DES_is_weak_key , -.Nm DES_ecb_encrypt , -.Nm DES_ecb2_encrypt , -.Nm DES_ecb3_encrypt , -.Nm DES_ncbc_encrypt , -.Nm DES_cfb_encrypt , -.Nm DES_ofb_encrypt , -.Nm DES_pcbc_encrypt , -.Nm DES_cfb64_encrypt , -.Nm DES_ofb64_encrypt , -.Nm DES_xcbc_encrypt , -.Nm DES_ede2_cbc_encrypt , -.Nm DES_ede2_cfb64_encrypt , -.Nm DES_ede2_ofb64_encrypt , -.Nm DES_ede3_cbc_encrypt , -.Nm DES_ede3_cbcm_encrypt , -.Nm DES_ede3_cfb64_encrypt , -.Nm DES_ede3_ofb64_encrypt , -.Nm DES_cbc_cksum , -.Nm DES_quad_cksum , -.Nm DES_string_to_key , -.Nm DES_string_to_2keys , -.Nm DES_fcrypt , -.Nm DES_crypt -.Nd DES encryption -.Sh SYNOPSIS -.In openssl/des.h -.Ft void -.Fo DES_random_key -.Fa "DES_cblock *ret" -.Fc -.Ft int -.Fo DES_set_key -.Fa "const_DES_cblock *key" -.Fa "DES_key_schedule *schedule" -.Fc -.Ft int -.Fo DES_key_sched -.Fa "const_DES_cblock *key" -.Fa "DES_key_schedule *schedule" -.Fc -.Ft int -.Fo DES_set_key_checked -.Fa "const_DES_cblock *key" -.Fa "DES_key_schedule *schedule" -.Fc -.Ft void -.Fo DES_set_key_unchecked -.Fa "const_DES_cblock *key" -.Fa "DES_key_schedule *schedule" -.Fc -.Ft void -.Fo DES_set_odd_parity -.Fa "DES_cblock *key" -.Fc -.Ft int -.Fo DES_is_weak_key -.Fa "const_DES_cblock *key" -.Fc -.Ft void -.Fo DES_ecb_encrypt -.Fa "const_DES_cblock *input" -.Fa "DES_cblock *output" -.Fa "DES_key_schedule *ks" -.Fa "int enc" -.Fc -.Ft void -.Fo DES_ecb2_encrypt -.Fa "const_DES_cblock *input" -.Fa "DES_cblock *output" -.Fa "DES_key_schedule *ks1" -.Fa "DES_key_schedule *ks2" -.Fa "int enc" -.Fc -.Ft void -.Fo DES_ecb3_encrypt -.Fa "const_DES_cblock *input" -.Fa "DES_cblock *output" -.Fa "DES_key_schedule *ks1" -.Fa "DES_key_schedule *ks2" -.Fa "DES_key_schedule *ks3" -.Fa "int enc" -.Fc -.Ft void -.Fo DES_ncbc_encrypt -.Fa "const unsigned char *input" -.Fa "unsigned char *output" -.Fa "long length" -.Fa "DES_key_schedule *schedule" -.Fa "DES_cblock *ivec" -.Fa "int enc" -.Fc -.Ft void -.Fo DES_cfb_encrypt -.Fa "const unsigned char *in" -.Fa "unsigned char *out" -.Fa "int numbits" -.Fa "long length" -.Fa "DES_key_schedule *schedule" -.Fa "DES_cblock *ivec" -.Fa "int enc" -.Fc -.Ft void -.Fo DES_ofb_encrypt -.Fa "const unsigned char *in" -.Fa "unsigned char *out" -.Fa "int numbits" -.Fa "long length" -.Fa "DES_key_schedule *schedule" -.Fa "DES_cblock *ivec" -.Fc -.Ft void -.Fo DES_pcbc_encrypt -.Fa "const unsigned char *input" -.Fa "unsigned char *output" -.Fa "long length" -.Fa "DES_key_schedule *schedule" -.Fa "DES_cblock *ivec" -.Fa "int enc" -.Fc -.Ft void -.Fo DES_cfb64_encrypt -.Fa "const unsigned char *in" -.Fa "unsigned char *out" -.Fa "long length" -.Fa "DES_key_schedule *schedule" -.Fa "DES_cblock *ivec" -.Fa "int *num" -.Fa "int enc" -.Fc -.Ft void -.Fo DES_ofb64_encrypt -.Fa "const unsigned char *in" -.Fa "unsigned char *out" -.Fa "long length" -.Fa "DES_key_schedule *schedule" -.Fa "DES_cblock *ivec" -.Fa "int *num" -.Fc -.Ft void -.Fo DES_xcbc_encrypt -.Fa "const unsigned char *input" -.Fa "unsigned char *output" -.Fa "long length" -.Fa "DES_key_schedule *schedule" -.Fa "DES_cblock *ivec" -.Fa "const_DES_cblock *inw" -.Fa "const_DES_cblock *outw" -.Fa "int enc" -.Fc -.Ft void -.Fo DES_ede2_cbc_encrypt -.Fa "const unsigned char *input" -.Fa "unsigned char *output" -.Fa "long length" -.Fa "DES_key_schedule *ks1" -.Fa "DES_key_schedule *ks2" -.Fa "DES_cblock *ivec" -.Fa "int enc" -.Fc -.Ft void -.Fo DES_ede2_cfb64_encrypt -.Fa "const unsigned char *in" -.Fa "unsigned char *out" -.Fa "long length" -.Fa "DES_key_schedule *ks1" -.Fa "DES_key_schedule *ks2" -.Fa "DES_cblock *ivec" -.Fa "int *num" -.Fa "int enc" -.Fc -.Ft void -.Fo DES_ede2_ofb64_encrypt -.Fa "const unsigned char *in" -.Fa "unsigned char *out" -.Fa "long length" -.Fa "DES_key_schedule *ks1" -.Fa "DES_key_schedule *ks2" -.Fa "DES_cblock *ivec" -.Fa "int *num" -.Fc -.Ft void -.Fo DES_ede3_cbc_encrypt -.Fa "const unsigned char *input" -.Fa "unsigned char *output" -.Fa "long length" -.Fa "DES_key_schedule *ks1" -.Fa "DES_key_schedule *ks2" -.Fa "DES_key_schedule *ks3" -.Fa "DES_cblock *ivec" -.Fa "int enc" -.Fc -.Ft void -.Fo DES_ede3_cbcm_encrypt -.Fa "const unsigned char *in" -.Fa "unsigned char *out" -.Fa "long length" -.Fa "DES_key_schedule *ks1" -.Fa "DES_key_schedule *ks2" -.Fa "DES_key_schedule *ks3" -.Fa "DES_cblock *ivec1" -.Fa "DES_cblock *ivec2" -.Fa "int enc" -.Fc -.Ft void -.Fo DES_ede3_cfb64_encrypt -.Fa "const unsigned char *in" -.Fa "unsigned char *out" -.Fa "long length" -.Fa "DES_key_schedule *ks1" -.Fa "DES_key_schedule *ks2" -.Fa "DES_key_schedule *ks3" -.Fa "DES_cblock *ivec" -.Fa "int *num" -.Fa "int enc" -.Fc -.Ft void -.Fo DES_ede3_ofb64_encrypt -.Fa "const unsigned char *in" -.Fa "unsigned char *out" -.Fa "long length" -.Fa "DES_key_schedule *ks1" -.Fa "DES_key_schedule *ks2" -.Fa "DES_key_schedule *ks3" -.Fa "DES_cblock *ivec" -.Fa "int *num" -.Fc -.Ft DES_LONG -.Fo DES_cbc_cksum -.Fa "const unsigned char *input" -.Fa "DES_cblock *output" -.Fa "long length" -.Fa "DES_key_schedule *schedule" -.Fa "const_DES_cblock *ivec" -.Fc -.Ft DES_LONG -.Fo DES_quad_cksum -.Fa "const unsigned char *input" -.Fa "DES_cblock output[]" -.Fa "long length" -.Fa "int out_count" -.Fa "DES_cblock *seed" -.Fc -.Ft void -.Fo DES_string_to_key -.Fa "const char *str" -.Fa "DES_cblock *key" -.Fc -.Ft void -.Fo DES_string_to_2keys -.Fa "const char *str" -.Fa "DES_cblock *key1" -.Fa "DES_cblock *key2" -.Fc -.Ft char * -.Fo DES_fcrypt -.Fa "const char *buf" -.Fa "const char *salt" -.Fa "char *ret" -.Fc -.Ft char * -.Fo DES_crypt -.Fa "const char *buf" -.Fa "const char *salt" -.Fc -.Sh DESCRIPTION -This library contains a fast implementation of the DES encryption -algorithm. -.Pp -There are two phases to the use of DES encryption. -The first is the generation of a -.Vt DES_key_schedule -from a key, and the second is the actual encryption. -A DES key is of type -.Vt DES_cblock . -This type consists of 8 bytes with odd parity. -The least significant bit in each byte is the parity bit. -The key schedule is an expanded form of the key; it is used to speed the -encryption process. -.Pp -.Fn DES_random_key -generates a random key in odd parity. -.Pp -Before a DES key can be used, it must be converted into the architecture -dependent -.Vt DES_key_schedule -via the -.Fn DES_set_key_checked -or -.Fn DES_set_key_unchecked -function. -.Pp -.Fn DES_set_key_checked -will check that the key passed is of odd parity and is not a weak or -semi-weak key. -If the parity is wrong, then -1 is returned. -If the key is a weak key, then -2 is returned. -If an error is returned, the key schedule is not generated. -.Pp -.Fn DES_set_key -works like -.Fn DES_set_key_checked -if the -.Em DES_check_key -flag is non-zero, otherwise like -.Fn DES_set_key_unchecked . -These functions are available for compatibility; it is recommended to -use a function that does not depend on a global variable. -.Pp -.Fn DES_set_odd_parity -sets the parity of the passed -.Fa key -to odd. -.Pp -The following routines mostly operate on an input and output stream of -.Vt DES_cblock Ns s . -.Pp -.Fn DES_ecb_encrypt -is the basic DES encryption routine that encrypts or decrypts a single -8-byte -.Vt DES_cblock -in electronic code book (ECB) mode. -It always transforms the input data, pointed to by -.Fa input , -into the output data, pointed to by the -.Fa output -argument. -If the -.Fa enc -argument is non-zero -.Pq Dv DES_ENCRYPT , -the -.Fa input -(cleartext) is encrypted into the -.Fa output -(ciphertext) using the key_schedule specified by the -.Fa schedule -argument, previously set via -.Fn DES_set_key . -If -.Fa enc -is zero -.Pq Dv DES_DECRYPT , -the -.Fa input -(now ciphertext) is decrypted into the -.Fa output -(now cleartext). -Input and output may overlap. -.Fn DES_ecb_encrypt -does not return a value. -.Pp -.Fn DES_ecb3_encrypt -encrypts/decrypts the -.Fa input -block by using three-key Triple-DES encryption in ECB mode. -This involves encrypting the input with -.Fa ks1 , -decrypting with the key schedule -.Fa ks2 , -and then encrypting with -.Fa ks3 . -This routine greatly reduces the chances of brute force breaking of DES -and has the advantage of if -.Fa ks1 , -.Fa ks2 , -and -.Fa ks3 -are the same, it is equivalent to just encryption using ECB mode and -.Fa ks1 -as the key. -.Pp -The macro -.Fn DES_ecb2_encrypt -is provided to perform two-key Triple-DES encryption by using -.Fa ks1 -for the final encryption. -.Pp -.Fn DES_ncbc_encrypt -encrypts/decrypts using the cipher-block-chaining (CBC) mode of DES. -If the -.Fa enc -argument is non-zero, the routine cipher-block-chain encrypts the -cleartext data pointed to by the -.Fa input -argument into the ciphertext pointed to by the -.Fa output -argument, using the key schedule provided by the -.Fa schedule -argument, and initialization vector provided by the -.Fa ivec -argument. -If the -.Fa length -argument is not an integral multiple of eight bytes, the last block is -copied to a temporary area and zero filled. -The output is always an integral multiple of eight bytes. -.Pp -.Fn DES_xcbc_encrypt -is RSA's DESX mode of DES. -It uses -.Fa inw -and -.Fa outw -to "whiten" the encryption. -.Fa inw -and -.Fa outw -are secret (unlike the iv) and are as such, part of the key. -So the key is sort of 24 bytes. -This is much better than CBC DES. -.Pp -.Fn DES_ede3_cbc_encrypt -implements outer triple CBC DES encryption with three keys. -This means that each DES operation inside the CBC mode is -.Qq Li C=E(ks3,D(ks2,E(ks1,M))) . -This mode is used by SSL. -.Pp -The -.Fn DES_ede2_cbc_encrypt -macro implements two-key Triple-DES by reusing -.Fa ks1 -for the final encryption. -.Qq Li C=E(ks1,D(ks2,E(ks1,M))) . -This form of Triple-DES is used by the RSAREF library. -.Pp -.Fn DES_pcbc_encrypt -encrypts/decrypts using the propagating cipher block chaining mode used -by Kerberos v4. -Its parameters are the same as -.Fn DES_ncbc_encrypt . -.Pp -.Fn DES_cfb_encrypt -encrypts/decrypts using cipher feedback mode. -This method takes an array of characters as input and outputs an array -of characters. -It does not require any padding to 8 character groups. -Note: the -.Fa ivec -variable is changed and the new changed value needs to be passed to the -next call to this function. -Since this function runs a complete DES ECB encryption per -.Fa numbits , -this function is only suggested for use when sending a small number of -characters. -.Pp -.Fn DES_cfb64_encrypt -implements CFB mode of DES with 64-bit feedback. -Why is this useful you ask? -Because this routine will allow you to encrypt an arbitrary number of -bytes, without 8 byte padding. -Each call to this routine will encrypt the input bytes to output and -then update ivec and num. -num contains "how far" we are though ivec. -If this does not make much sense, read more about CFB mode of DES. -.Pp -The -.Fn DES_ede3_cfb64_encrypt -function and the -.Fn DES_ede2_cfb64_encrypt -macro are the same as -.Fn DES_cfb64_encrypt -except that Triple-DES is used. -.Pp -.Fn DES_ofb_encrypt -encrypts using output feedback mode. -This method takes an array of characters as input and outputs an array -of characters. -It does not require any padding to 8 character groups. -Note: the -.Fa ivec -variable is changed and the new changed value needs to be passed to the -next call to this function. -Since this function runs a complete DES ECB encryption per -.Fa numbits , -this function is only suggested for use when sending a small number -of characters. -.Pp -.Fn DES_ofb64_encrypt -is the same as -.Fn DES_cfb64_encrypt -using Output Feed Back mode. -.Pp -The -.Fn DES_ede3_ofb64_encrypt -function and the -.Fn DES_ede2_ofb64_encrypt -macro are the same as -.Fn DES_ofb64_encrypt , -using Triple-DES. -.Pp -The following functions are included in the DES library for -compatibility with the MIT Kerberos library. -.Pp -.Fn DES_cbc_cksum -produces an 8-byte checksum based on the input stream (via CBC -encryption). -The last 4 bytes of the checksum are returned and the complete 8 bytes -are placed in -.Fa output . -This function is used by Kerberos v4. -Other applications should use -.Xr EVP_DigestInit 3 -etc. instead. -.Pp -.Fn DES_quad_cksum -is a Kerberos v4 function. -It returns a 4-byte checksum from the input bytes. -The algorithm can be iterated over the input, depending on -.Fa out_count , -1, 2, 3 or 4 times. -If -.Fa output -is -.Pf non- Dv NULL , -the 8 bytes generated by each pass are written into -.Fa output . -.Pp -The following are DES-based transformations: -.Pp -.Fn DES_fcrypt -is a fast version of the Unix -.Xr crypt 3 -function. -The -.Fa salt -must be two ASCII characters. -This version is different from the normal crypt in that the third -parameter is the buffer that the return value is written into. -It needs to be at least 14 bytes long. -The fourteenth byte is set to NUL. -This version takes only a small amount of space relative to other -fast crypt implementations. -It is thread safe, unlike the normal crypt. -.Pp -.Fn DES_crypt -is a faster replacement for the normal system -.Xr crypt 3 . -This function calls -.Fn DES_fcrypt -with a static array passed as the third parameter. -This emulates the normal non-thread safe semantics of -.Xr crypt 3 . -.Sh RETURN VALUES -.Fn DES_set_key , -.Fn DES_key_sched , -and -.Fn DES_set_key_checked -return 0 on success or a negative value on error. -.Pp -.Fn DES_is_weak_key -returns 1 if the passed key is a weak key or 0 if it is ok. -.Pp -.Fn DES_cbc_cksum -and -.Fn DES_quad_cksum -return a 4-byte integer representing the last 4 bytes of the checksum -of the input. -.Pp -.Fn DES_fcrypt -returns a pointer to the caller-provided buffer -.Fa ret , -and -.Fn DES_crypt -returns a pointer to a static buffer. -Both are allowed to return -.Dv NULL -to indicate failure, but currently, they cannot fail. -.Sh SEE ALSO -.Xr crypt 3 , -.Xr EVP_des_cbc 3 , -.Xr EVP_EncryptInit 3 -.Sh STANDARDS -ANSI X3.106 -.Pp -The DES library was initially written to be source code compatible -with the MIT Kerberos library. -.Sh HISTORY -.Fn DES_random_key , -.Fn DES_set_key , -.Fn DES_key_sched , -.Fn DES_set_odd_parity , -.Fn DES_is_weak_key , -.Fn DES_ecb_encrypt , -.Fn DES_cfb_encrypt , -.Fn DES_ofb_encrypt , -.Fn DES_pcbc_encrypt , -.Fn DES_cfb64_encrypt , -.Fn DES_ofb64_encrypt , -.Fn DES_ede3_cbc_encrypt , -.Fn DES_cbc_cksum , -.Fn DES_quad_cksum , -.Fn DES_string_to_key , -.Fn DES_string_to_2keys , -and -.Fn DES_crypt -appeared in SSLeay 0.4 or earlier. -.Fn DES_ncbc_encrypt -first appeared in SSLeay 0.4.2. -.Fn DES_ede2_cbc_encrypt -first appeared in SSLeay 0.4.4. -.Fn DES_ecb2_encrypt , -.Fn DES_ecb3_encrypt , -.Fn DES_ede2_cfb64_encrypt , -.Fn DES_ede2_ofb64_encrypt , -.Fn DES_ede3_cfb64_encrypt , -and -.Fn DES_ede3_ofb64_encrypt -first appeared in SSLeay 0.5.1. -.Fn DES_xcbc_encrypt -first appeared in SSLeay 0.6.2. -.Fn DES_fcrypt -first appeared in SSLeay 0.6.5. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn DES_set_key_checked -and -.Fn DES_set_key_unchecked -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . -.Pp -In OpenSSL 0.9.7 and -.Ox 3.2 , -all -.Sy des_ -functions were renamed to -.Sy DES_ -to avoid clashes with older versions of libdes. -.Sh AUTHORS -.An Eric Young Aq Mt eay@cryptsoft.com -.Sh CAVEATS -Single-key DES is insecure due to its short key size. -ECB mode is not suitable for most applications. -.Sh BUGS -DES_cbc_encrypt does not modify -.Fa ivec ; -use -.Fn DES_ncbc_encrypt -instead. -.Pp -.Fn DES_cfb_encrypt -and -.Fn DES_ofb_encrypt -operates on input of 8 bits. -What this means is that if you set numbits to 12, and length to 2, the -first 12 bits will come from the 1st input byte and the low half of the -second input byte. -The second 12 bits will have the low 8 bits taken from the 3rd input -byte and the top 4 bits taken from the 4th input byte. -The same holds for output. -This function has been implemented this way because most people will be -using a multiple of 8 and because once you get into pulling input -bytes apart things get ugly! -.Pp -.Fn DES_string_to_key -is available for backward compatibility with the MIT library. -New applications should use a cryptographic hash function. -The same applies for -.Fn DES_string_to_2key . diff --git a/src/lib/libcrypto/man/DH_generate_key.3 b/src/lib/libcrypto/man/DH_generate_key.3 deleted file mode 100644 index 076b49f7a1..0000000000 --- a/src/lib/libcrypto/man/DH_generate_key.3 +++ /dev/null @@ -1,122 +0,0 @@ -.\" $OpenBSD: DH_generate_key.3,v 1.12 2019/08/19 13:08:26 schwarze Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: August 19 2019 $ -.Dt DH_GENERATE_KEY 3 -.Os -.Sh NAME -.Nm DH_generate_key , -.Nm DH_compute_key -.Nd perform Diffie-Hellman key exchange -.Sh SYNOPSIS -.In openssl/dh.h -.Ft int -.Fo DH_generate_key -.Fa "DH *dh" -.Fc -.Ft int -.Fo DH_compute_key -.Fa "unsigned char *key" -.Fa "BIGNUM *pub_key" -.Fa "DH *dh" -.Fc -.Sh DESCRIPTION -.Fn DH_generate_key -performs the first step of a Diffie-Hellman key exchange by generating -private and public DH values. -By calling -.Fn DH_compute_key , -these are combined with the other party's public value to compute the -shared key. -.Pp -.Fn DH_generate_key -expects -.Fa dh -to contain the shared parameters -.Sy dh->p -and -.Sy dh->g . -It generates a random private DH value unless -.Sy dh->priv_key -is already set, and computes the corresponding public value -.Sy dh->pub_key , -which can then be published. -.Pp -.Fn DH_compute_key -computes the shared secret from the private DH value in -.Fa dh -and the other party's public value in -.Fa pub_key -and stores it in -.Fa key . -.Fa key -must point to -.Fn DH_size dh -bytes of memory. -.Sh RETURN VALUES -.Fn DH_generate_key -returns 1 on success, or 0 otherwise. -.Pp -.Fn DH_compute_key -returns the size of the shared secret on success, or -1 on error. -.Pp -The error codes can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr DH_get0_key 3 , -.Xr DH_new 3 , -.Xr DH_size 3 , -.Xr ECDH_compute_key 3 -.Sh HISTORY -.Fn DH_generate_key -and -.Fn DH_compute_key -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/DH_generate_parameters.3 b/src/lib/libcrypto/man/DH_generate_parameters.3 deleted file mode 100644 index ac29521ec4..0000000000 --- a/src/lib/libcrypto/man/DH_generate_parameters.3 +++ /dev/null @@ -1,241 +0,0 @@ -.\" $OpenBSD: DH_generate_parameters.3,v 1.14 2022/07/13 13:47:59 schwarze Exp $ -.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" selective merge up to: OpenSSL b0edda11 Mar 20 13:00:17 2018 +0000 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2022 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Ulf Moeller -.\" and Matt Caswell . -.\" Copyright (c) 2000, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 13 2022 $ -.Dt DH_GENERATE_PARAMETERS 3 -.Os -.Sh NAME -.Nm DH_generate_parameters_ex , -.Nm DH_check , -.Nm DH_check_pub_key , -.Nm DH_generate_parameters -.Nd generate and check Diffie-Hellman parameters -.Sh SYNOPSIS -.In openssl/dh.h -.Ft int -.Fo DH_generate_parameters_ex -.Fa "DH *dh" -.Fa "int prime_len" -.Fa "int generator" -.Fa "BN_GENCB *cb" -.Fc -.Ft int -.Fo DH_check -.Fa "DH *dh" -.Fa "int *codes" -.Fc -.Ft int -.Fo DH_check_pub_key -.Fa "const DH *dh" -.Fa "const BIGNUM *pub_key" -.Fa "int *codes" -.Fc -.Pp -Deprecated: -.Pp -.Ft DH * -.Fo DH_generate_parameters -.Fa "int prime_len" -.Fa "int generator" -.Fa "void (*callback)(int, int, void *)" -.Fa "void *cb_arg" -.Fc -.Sh DESCRIPTION -.Fn DH_generate_parameters_ex -generates Diffie-Hellman parameters that can be shared among a group of -users, and stores them in the provided -.Vt DH -structure. -.Pp -.Fa prime_len -is the length in bits of the safe prime to be generated. -.Fa generator -is a small number > 1, typically 2 or 5. -.Pp -A callback function may be used to provide feedback about the progress -of the key generation. -If -.Fa cb -is not -.Dv NULL , -it will be called as described in -.Xr BN_generate_prime 3 -while a random prime number is generated, and when a prime has been -found, -.Fn BN_GENCB_call cb 3 0 -is called; see -.Xr BN_GENCB_call 3 . -.Pp -.Fn DH_check -validates Diffie-Hellman parameters. -If no problems are found, -.Pf * Ar codes -is set to zero. -Otherwise, one or more of the following bits are set: -.Bl -tag -width Ds -.It Dv DH_CHECK_P_NOT_PRIME -The parameter -.Fa dh->p -is not prime. -.It Dv DH_CHECK_P_NOT_SAFE_PRIME -The parameter -.Fa dh->p -is not a safe prime. -.It Dv DH_UNABLE_TO_CHECK_GENERATOR -The generator -.Fa dh->g -cannot be checked for suitability: it is neither 2 nor 5. -.It Dv DH_NOT_SUITABLE_GENERATOR -The generator -.Fa dh->g -is not suitable. -.El -.Pp -.Fn DH_check_pub_key -checks whether -.Fa pub_key -is a valid public key when using the domain parameters contained in -.Fa dh . -If no problems are found, -.Pf * Ar codes -is set to zero. -Otherwise, one or more of the following bits are set: -.Bl -tag -width Ds -.It Dv DH_CHECK_PUBKEY_TOO_SMALL -.Fa pub_key -is less than or equal to 1. -.It Dv DH_CHECK_PUBKEY_TOO_LARGE -.Fa pub_key -is greater than or equal to -.Fa dh->p No \- 1 . -.It DH_CHECK_PUBKEY_INVALID -.Fa dh->q -is set but -.Fa pub_key -to the power of -.Fa dh->q -is not 1 modulo -.Fa dh->p . -.El -.Sh RETURN VALUES -.Fn DH_generate_parameters_ex , -.Fn DH_check , -and -.Fn DH_check_pub_key -return 1 if the check could be performed or 0 otherwise. -.Pp -.Fn DH_generate_parameters -(deprecated) returns a pointer to the -.Vt DH -structure, or -.Dv NULL -if the parameter generation fails. -.Pp -The error codes can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr DH_get0_pqg 3 , -.Xr DH_new 3 -.Sh HISTORY -.Fn DH_check -and -.Fn DH_generate_parameters -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . -.Pp -The -.Fa cb_arg -argument to -.Fn DH_generate_parameters -was added in SSLeay 0.9.0. -.Pp -.Fn DH_check_pub_key -first appeared in OpenSSL 0.9.8a and has been available since -.Ox 4.0 . -.Pp -.Fn DH_generate_parameters_ex -first appeared in OpenSSL 0.9.8 and has been available since -.Ox 4.5 . -.Sh CAVEATS -.Fn DH_generate_parameters_ex -and -.Fn DH_generate_parameters -may run for several hours before finding a suitable prime. -.Pp -The parameters generated by -.Fn DH_generate_parameters_ex -and -.Fn DH_generate_parameters -are not to be used in signature schemes. -.Sh BUGS -If -.Fa generator -is not 2 or 5, -.Fa dh->g Ns = Ns Fa generator -is not a usable generator. diff --git a/src/lib/libcrypto/man/DH_get0_pqg.3 b/src/lib/libcrypto/man/DH_get0_pqg.3 deleted file mode 100644 index eb012980f9..0000000000 --- a/src/lib/libcrypto/man/DH_get0_pqg.3 +++ /dev/null @@ -1,342 +0,0 @@ -.\" $OpenBSD: DH_get0_pqg.3,v 1.8 2024/07/21 08:36:43 tb Exp $ -.\" selective merge up to: OpenSSL 83cf7abf May 29 13:07:08 2018 +0100 -.\" -.\" This file was written by Matt Caswell . -.\" Copyright (c) 2016, 2018 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 21 2024 $ -.Dt DH_GET0_PQG 3 -.Os -.Sh NAME -.Nm DH_get0_pqg , -.Nm DH_get0_p , -.Nm DH_get0_q , -.Nm DH_get0_g , -.Nm DH_set0_pqg , -.Nm DH_get0_key , -.Nm DH_get0_pub_key , -.Nm DH_get0_priv_key , -.Nm DH_set0_key , -.Nm DH_clear_flags , -.Nm DH_test_flags , -.Nm DH_set_flags , -.Nm DH_get0_engine , -.Nm DH_set_length -.Nd get data from and set data in a DH object -.Sh SYNOPSIS -.In openssl/dh.h -.Ft void -.Fo DH_get0_pqg -.Fa "const DH *dh" -.Fa "const BIGNUM **p" -.Fa "const BIGNUM **q" -.Fa "const BIGNUM **g" -.Fc -.Ft "const BIGNUM *" -.Fo DH_get0_p -.Fa "const DH *dh" -.Fc -.Ft "const BIGNUM *" -.Fo DH_get0_q -.Fa "const DH *dh" -.Fc -.Ft "const BIGNUM *" -.Fo DH_get0_g -.Fa "const DH *dh" -.Fc -.Ft int -.Fo DH_set0_pqg -.Fa "DH *dh" -.Fa "BIGNUM *p" -.Fa "BIGNUM *q" -.Fa "BIGNUM *g" -.Fc -.Ft void -.Fo DH_get0_key -.Fa "const DH *dh" -.Fa "const BIGNUM **pub_key" -.Fa "const BIGNUM **priv_key" -.Fc -.Ft "const BIGNUM *" -.Fo DH_get0_pub_key -.Fa "const DH *dh" -.Fc -.Ft "const BIGNUM *" -.Fo DH_get0_priv_key -.Fa "const DH *dh" -.Fc -.Ft int -.Fo DH_set0_key -.Fa "DH *dh" -.Fa "BIGNUM *pub_key" -.Fa "BIGNUM *priv_key" -.Fc -.Ft void -.Fo DH_clear_flags -.Fa "DH *dh" -.Fa "int flags" -.Fc -.Ft int -.Fo DH_test_flags -.Fa "const DH *dh" -.Fa "int flags" -.Fc -.Ft void -.Fo DH_set_flags -.Fa "DH *dh" -.Fa "int flags" -.Fc -.Ft ENGINE * -.Fo DH_get0_engine -.Fa "DH *d" -.Fc -.Ft int -.Fo DH_set_length -.Fa "DH *dh" -.Fa "long length" -.Fc -.Sh DESCRIPTION -A -.Vt DH -object contains the parameters -.Fa p , -.Fa g , -and optionally -.Fa q . -It also contains a public key -.Fa pub_key -and an optional private key -.Fa priv_key . -.Pp -The -.Fa p , -.Fa q , -and -.Fa g -parameters can be obtained by calling -.Fn DH_get0_pqg . -If the parameters have not yet been set, then -.Pf * Fa p , -.Pf * Fa q , -and -.Pf * Fa g -are set to -.Dv NULL . -Otherwise, they are set to pointers to the internal representations -of the values that should not be freed by the application. -Any of the out parameters -.Fa p , -.Fa q , -and -.Fa g -can be -.Dv NULL , -in which case no value is returned for that parameter. -.Pp -The -.Fa p , -.Fa q , -and -.Fa g -values can be set by calling -.Fn DH_set0_pqg . -Calling this function transfers the memory management of the values to -.Fa dh , -and therefore they should not be freed by the caller. -The -.Fa q -argument may be -.Dv NULL . -.Pp -The -.Fn DH_get0_key -function stores pointers to the internal representations -of the public key in -.Pf * Fa pub_key -and to the private key in -.Pf * Fa priv_key . -Either may be -.Dv NULL -if it has not yet been set. -If the private key has been set, then the public key must be. -Any of the out parameters -.Fa pub_key -and -.Fa priv_key -can be -.Dv NULL , -in which case no value is returned for that parameter. -.Pp -The public and private key values can be set using -.Fn DH_set0_key . -Either parameter may be -.Dv NULL , -which means the corresponding -.Vt DH -field is left untouched. -This function transfers the memory management of the key values to -.Fa dh , -and therefore they should not be freed by the caller. -.Pp -Values retrieved with -.Fn DH_get0_pqg -and -.Fn DH_get0_key -are owned by the -.Vt DH -object and may therefore not be passed to -.Fn DH_set0_pqg -or -.Fn DH_set0_key . -If needed, duplicate the received values using -.Xr BN_dup 3 -and pass the duplicates. -.Pp -Any of the values -.Fa p , -.Fa q , -.Fa g , -.Fa pub_key , -and -.Fa priv_key -can also be retrieved separately by the corresponding functions -.Fn DH_get0_p , -.Fn DH_get0_q , -.Fn DH_get0_g , -.Fn DH_get0_pub_key , -and -.Fn DH_get0_priv_key , -respectively. -The pointers are owned by the -.Vt DH -object. -.Pp -.Fn DH_clear_flags -clears the specified -.Fa flags -in -.Fa dh . -.Fn DH_test_flags -tests the -.Fa flags -in -.Fa dh . -.Fn DH_set_flags -sets the -.Fa flags -in -.Fa dh ; -any flags already set remain set. -For all three functions, multiple flags can be passed in one call, -OR'ed together bitwise. -.Pp -.Fn DH_set_length -sets the optional length attribute of -.Fa dh , -indicating the length of the secret exponent (private key) in bits. -If the length attribute is non-zero, it is used, otherwise it is ignored. -.Sh RETURN VALUES -+.Fn DH_get0_p , -+.Fn DH_get0_q , -+.Fn DH_get0_g , -+.Fn DH_get0_pub_key , -+and -+.Fn DH_get0_priv_key , -+return a pointer owned by the -+.Vt DH -+object if the corresponding value has been set, -+otherwise they return -+.Dv NULL . -.Fn DH_set0_pqg , -.Fn DH_set0_key , -and -.Fn DH_set_length -return 1 on success or 0 on failure. -.Pp -.Fn DH_test_flags -return those of the given -.Fa flags -currently set in -.Fa dh -or 0 if none of the given -.Fa flags -are set. -.Pp -.Fn DH_get0_engine -always returns -.Dv NULL . -.Sh SEE ALSO -.Xr DH_generate_key 3 , -.Xr DH_generate_parameters 3 , -.Xr DH_new 3 , -.Xr DH_security_bits 3 , -.Xr DH_size 3 , -.Xr DHparams_print 3 -.Sh HISTORY -.Fn DH_get0_pqg , -.Fn DH_set0_pqg , -.Fn DH_get0_key , -.Fn DH_set0_key , -.Fn DH_clear_flags , -.Fn DH_test_flags , -.Fn DH_set_flags , -.Fn DH_get0_engine , -and -.Fn DH_set_length -first appeared in OpenSSL 1.1.0 -and have been available since -.Ox 6.3 . -.Pp -.Fn DH_get0_p , -.Fn DH_get0_q , -.Fn DH_get0_g , -.Fn DH_get0_pub_key , -and -.Fn DH_get0_priv_key -first appeared in OpenSSL 1.1.1 -and have been available since -.Ox 7.1 . diff --git a/src/lib/libcrypto/man/DH_get_ex_new_index.3 b/src/lib/libcrypto/man/DH_get_ex_new_index.3 deleted file mode 100644 index 81a0aff8ec..0000000000 --- a/src/lib/libcrypto/man/DH_get_ex_new_index.3 +++ /dev/null @@ -1,99 +0,0 @@ -.\" $OpenBSD: DH_get_ex_new_index.3,v 1.5 2018/03/23 23:18:17 schwarze Exp $ -.\" OpenSSL a528d4f0 Oct 27 13:40:11 2015 -0400 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 23 2018 $ -.Dt DH_GET_EX_NEW_INDEX 3 -.Os -.Sh NAME -.Nm DH_get_ex_new_index , -.Nm DH_set_ex_data , -.Nm DH_get_ex_data -.Nd add application specific data to DH structures -.Sh SYNOPSIS -.In openssl/dh.h -.Ft int -.Fo DH_get_ex_new_index -.Fa "long argl" -.Fa "void *argp" -.Fa "CRYPTO_EX_new *new_func" -.Fa "CRYPTO_EX_dup *dup_func" -.Fa "CRYPTO_EX_free *free_func" -.Fc -.Ft int -.Fo DH_set_ex_data -.Fa "DH *d" -.Fa "int idx" -.Fa "void *arg" -.Fc -.Ft char * -.Fo DH_get_ex_data -.Fa "DH *d" -.Fa "int idx" -.Fc -.Sh DESCRIPTION -These functions handle application specific data in -.Vt DH -structures. -Their usage is identical to that of -.Xr RSA_get_ex_new_index 3 , -.Xr RSA_set_ex_data 3 , -and -.Xr RSA_get_ex_data 3 . -.Sh SEE ALSO -.Xr DH_new 3 , -.Xr RSA_get_ex_new_index 3 -.Sh HISTORY -.Fn DH_get_ex_new_index , -.Fn DH_set_ex_data , -and -.Fn DH_get_ex_data -first appeared in OpenSSL 0.9.5 -and have been available since -.Ox 2.7 . diff --git a/src/lib/libcrypto/man/DH_new.3 b/src/lib/libcrypto/man/DH_new.3 deleted file mode 100644 index 4993456897..0000000000 --- a/src/lib/libcrypto/man/DH_new.3 +++ /dev/null @@ -1,133 +0,0 @@ -.\" $OpenBSD: DH_new.3,v 1.12 2022/07/13 21:51:35 schwarze Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 13 2022 $ -.Dt DH_NEW 3 -.Os -.Sh NAME -.Nm DH_new , -.Nm DH_up_ref , -.Nm DH_free -.Nd allocate and free DH objects -.Sh SYNOPSIS -.In openssl/dh.h -.Ft DH* -.Fn DH_new void -.Ft int -.Fo DH_up_ref -.Fa "DH *dh" -.Fc -.Ft void -.Fo DH_free -.Fa "DH *dh" -.Fc -.Sh DESCRIPTION -The DH functions implement the Diffie-Hellman key agreement protocol. -.Pp -.Fn DH_new -allocates and initializes a -.Vt DH -structure, setting the reference count to 1. -It is equivalent to -.Xr DH_new_method 3 -with a -.Dv NULL -argument. -.Pp -.Fn DH_up_ref -increments the reference count by 1. -.Pp -.Fn DH_free -decrements the reference count by 1. -If it reaches 0, it frees the -.Vt DH -structure and its components. -The values are erased before the memory is returned to the system. -If -.Fa dh -is a -.Dv NULL -pointer, no action occurs. -.Sh RETURN VALUES -If the allocation fails, -.Fn DH_new -returns -.Dv NULL -and sets an error code that can be obtained by -.Xr ERR_get_error 3 . -Otherwise it returns a pointer to the newly allocated structure. -.Pp -.Fn DH_up_ref -returns 1 for success or 0 for failure. -.Sh SEE ALSO -.Xr BN_new 3 , -.Xr crypto 3 , -.Xr d2i_DHparams 3 , -.Xr DH_generate_key 3 , -.Xr DH_generate_parameters 3 , -.Xr DH_get0_pqg 3 , -.Xr DH_get_ex_new_index 3 , -.Xr DH_security_bits 3 , -.Xr DH_set_method 3 , -.Xr DH_size 3 , -.Xr DHparams_print 3 , -.Xr DSA_dup_DH 3 , -.Xr EVP_PKEY_CTX_set_dh_paramgen_prime_len 3 , -.Xr EVP_PKEY_set1_DH 3 -.Sh HISTORY -.Fn DH_new -and -.Fn DH_free -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . -.Pp -.Fn DH_up_ref -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/DH_set_method.3 b/src/lib/libcrypto/man/DH_set_method.3 deleted file mode 100644 index 70cf367c9d..0000000000 --- a/src/lib/libcrypto/man/DH_set_method.3 +++ /dev/null @@ -1,195 +0,0 @@ -.\" $OpenBSD: DH_set_method.3,v 1.9 2023/11/19 10:34:26 tb Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000, 2002, 2007 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 19 2023 $ -.Dt DH_SET_METHOD 3 -.Os -.Sh NAME -.Nm DH_set_default_method , -.Nm DH_get_default_method , -.Nm DH_set_method , -.Nm DH_new_method , -.Nm DH_OpenSSL -.Nd select DH method -.Sh SYNOPSIS -.In openssl/dh.h -.Ft void -.Fo DH_set_default_method -.Fa "const DH_METHOD *meth" -.Fc -.Ft const DH_METHOD * -.Fo DH_get_default_method -.Fa void -.Fc -.Ft int -.Fo DH_set_method -.Fa "DH *dh" -.Fa "const DH_METHOD *meth" -.Fc -.Ft DH * -.Fo DH_new_method -.Fa "ENGINE *engine" -.Fc -.Ft const DH_METHOD * -.Fo DH_OpenSSL -.Fa void -.Fc -.Sh DESCRIPTION -A -.Vt DH_METHOD -object contains pointers to the functions -used for Diffie-Hellman operations. -By default, the internal implementation returned by -.Fn DH_OpenSSL -is used. -By selecting another method, alternative implementations -such as hardware accelerators may be used. -.Pp -.Fn DH_set_default_method -selects -.Fa meth -as the default method for all -.Vt DH -structures created later. -.Pp -.Fn DH_get_default_method -returns a pointer to the current default method. -.Pp -.Fn DH_set_method -selects -.Fa meth -to perform all operations using the key -.Fa dh . -This replaces the -.Vt DH_METHOD -used by the -.Fa dh -key. -It is possible to have -.Vt DH -keys that only work with certain -.Vt DH_METHOD -implementations, -and in such cases attempting to change the -.Vt DH_METHOD -for the key can have unexpected results. -.Pp -.Fn DH_new_method -allocates and initializes a -.Vt DH -structure. -The -.Fa engine -argument is ignored and -the default method controlled by -.Fn DH_set_default_method -is used. -.Pp -The -.Vt DH_METHOD -structure is defined as follows: -.Bd -literal -typedef struct dh_meth_st -{ - /* name of the implementation */ - const char *name; - - /* generate private and public DH values for key agreement */ - int (*generate_key)(DH *dh); - - /* compute shared secret */ - int (*compute_key)(unsigned char *key, BIGNUM *pub_key, DH *dh); - - /* compute r = a ^ p mod m (May be NULL for some implementations) */ - int (*bn_mod_exp)(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); - - /* called at DH_new */ - int (*init)(DH *dh); - - /* called at DH_free */ - int (*finish)(DH *dh); - - int flags; - - char *app_data; /* ?? */ - -} DH_METHOD; -.Ed -.Sh RETURN VALUES -.Fn DH_OpenSSL -and -.Fn DH_get_default_method -return pointers to the respective -.Vt DH_METHOD . -.Pp -.Fn DH_set_method -returns 1 on success or 0 on failure. -Currently, it cannot fail. -.Pp -.Fn DH_new_method -returns -.Dv NULL -and sets an error code that can be obtained by -.Xr ERR_get_error 3 -if the allocation fails. -Otherwise it returns a pointer to the newly allocated structure. -.Sh SEE ALSO -.Xr DH_new 3 -.Sh HISTORY -.Fn DH_set_default_method , -.Fn DH_get_default_method , -.Fn DH_set_method , -.Fn DH_new_method -and -.Fn DH_OpenSSL -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . diff --git a/src/lib/libcrypto/man/DH_size.3 b/src/lib/libcrypto/man/DH_size.3 deleted file mode 100644 index 4e6dbc0cba..0000000000 --- a/src/lib/libcrypto/man/DH_size.3 +++ /dev/null @@ -1,97 +0,0 @@ -.\" $OpenBSD: DH_size.3,v 1.10 2022/07/13 21:51:35 schwarze Exp $ -.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Ulf Moeller -.\" and Kurt Roeckx . -.\" Copyright (c) 2000, 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 13 2022 $ -.Dt DH_SIZE 3 -.Os -.Sh NAME -.Nm DH_size , -.Nm DH_bits -.Nd get Diffie-Hellman prime size -.Sh SYNOPSIS -.In openssl/dh.h -.Ft int -.Fo DH_size -.Fa "const DH *dh" -.Fc -.Ft int -.Fo DH_bits -.Fa "const DH *dh" -.Fc -.Sh DESCRIPTION -.Fn DH_size -returns the Diffie-Hellman prime size in bytes. -It can be used to determine how much memory must be allocated for the -shared secret computed by -.Xr DH_compute_key 3 . -.Pp -.Fn DH_bits -returns the number of significant bits in the key. -.Pp -.Fa dh -and -.Fa dh->p -must not be -.Dv NULL . -.Sh SEE ALSO -.Xr BN_num_bytes 3 , -.Xr DH_generate_key 3 , -.Xr DH_get0_key 3 , -.Xr DH_new 3 , -.Xr DH_security_bits 3 -.Sh HISTORY -.Fn DH_size -first appeared in SSLeay 0.5.1 and has been available since -.Ox 2.4 . -.Pp -.Fn DH_bits -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 6.3 . diff --git a/src/lib/libcrypto/man/DIST_POINT_new.3 b/src/lib/libcrypto/man/DIST_POINT_new.3 deleted file mode 100644 index 6a5cc40468..0000000000 --- a/src/lib/libcrypto/man/DIST_POINT_new.3 +++ /dev/null @@ -1,154 +0,0 @@ -.\" $OpenBSD: DIST_POINT_new.3,v 1.5 2019/06/06 01:06:58 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: June 6 2019 $ -.Dt DIST_POINT_NEW 3 -.Os -.Sh NAME -.Nm DIST_POINT_new , -.Nm DIST_POINT_free , -.Nm CRL_DIST_POINTS_new , -.Nm CRL_DIST_POINTS_free , -.Nm DIST_POINT_NAME_new , -.Nm DIST_POINT_NAME_free , -.Nm ISSUING_DIST_POINT_new , -.Nm ISSUING_DIST_POINT_free -.Nd X.509 CRL distribution point extensions -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft DIST_POINT * -.Fn DIST_POINT_new void -.Ft void -.Fn DIST_POINT_free "DIST_POINT *dp" -.Ft CRL_DIST_POINTS * -.Fn CRL_DIST_POINTS_new void -.Ft void -.Fn CRL_DIST_POINTS_free "CRL_DIST_POINTS *dps" -.Ft DIST_POINT_NAME * -.Fn DIST_POINT_NAME_new void -.Ft void -.Fn DIST_POINT_NAME_free "DIST_POINT_NAME *name" -.Ft ISSUING_DIST_POINT * -.Fn ISSUING_DIST_POINT_new void -.Ft void -.Fn ISSUING_DIST_POINT_free "ISSUING_DIST_POINT *dp" -.Sh DESCRIPTION -Using the CRL distribution point extension, a certificate can specify -where to obtain certificate revocation lists that might later revoke it. -.Pp -.Fn DIST_POINT_new -allocates and initializes an empty -.Vt DIST_POINT -object, representing an ASN.1 -.Vt DistributionPoint -structure defined in RFC 5280 section 4.2.1.13. -It can hold issuer names, distribution point names, and reason flags. -.Fn DIST_POINT_free -frees -.Fa dp . -.Pp -.Fn CRL_DIST_POINTS_new -allocates and initializes an empty -.Vt CRL_DIST_POINTS -object, which is a -.Vt STACK_OF(DIST_POINT) -and represents the ASN.1 -.Vt CRLDistributionPoints -structure defined in RFC 5280 section 4.2.1.13. -It can be used as an extension in -.Vt X509 -and in -.Vt X509_CRL -objects. -.Fn CRL_DIST_POINTS_free -frees -.Fa dps . -.Pp -.Fn DIST_POINT_NAME_new -allocates and initializes an empty -.Vt DIST_POINT_NAME -object, representing an ASN.1 -.Vt DistributionPointName -structure defined in RFC 5280 section 4.2.1.13. -It is used by the -.Vt DIST_POINT -and -.Vt ISSUING_DIST_POINT -objects and can hold multiple names, each representing a different -way to obtain the same CRL. -.Fn DIST_POINT_NAME_free -frees -.Fa name . -.Pp -.Fn ISSUING_DIST_POINT_new -allocates and initializes an empty -.Vt ISSUING_DIST_POINT -object, representing an ASN.1 -.Vt IssuingDistributionPoint -structure defined in RFC 5280 section 5.2.5. -Using this extension, a CRL can specify which distribution point -it was issued from and which kinds of certificates and revocation -reasons it covers. -.Fn ISSUING_DIST_POINT_free -frees -.Fa dp . -.Sh RETURN VALUES -.Fn DIST_POINT_new , -.Fn CRL_DIST_POINTS_new , -.Fn DIST_POINT_NAME_new , -and -.Fn ISSUING_DIST_POINT_new -return the new -.Vt DIST_POINT , -.Vt CRL_DIST_POINTS , -.Vt DIST_POINT_NAME , -or -.Vt ISSUING_DIST_POINT -object, respectively, or -.Dv NULL -if an error occurs. -.Sh SEE ALSO -.Xr d2i_DIST_POINT 3 , -.Xr GENERAL_NAMES_new 3 , -.Xr X509_CRL_new 3 , -.Xr X509_EXTENSION_new 3 , -.Xr X509_NAME_new 3 , -.Xr X509_new 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile: -.Bl -dash -compact -.It -section 4.2.1.13: CRL Distribution Points -.It -section 5.2.5: Issuing Distribution Point -.El -.Sh HISTORY -.Fn DIST_POINT_new , -.Fn DIST_POINT_free , -.Fn CRL_DIST_POINTS_new , -.Fn CRL_DIST_POINTS_free , -.Fn DIST_POINT_NAME_new , -and -.Fn DIST_POINT_NAME_free -first appeared in OpenSSL 0.9.3 and have been available since -.Ox 2.6 . -.Pp -.Fn ISSUING_DIST_POINT_new -and -.Fn ISSUING_DIST_POINT_free -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/DSA_SIG_new.3 b/src/lib/libcrypto/man/DSA_SIG_new.3 deleted file mode 100644 index 160b453939..0000000000 --- a/src/lib/libcrypto/man/DSA_SIG_new.3 +++ /dev/null @@ -1,141 +0,0 @@ -.\" $OpenBSD: DSA_SIG_new.3,v 1.8 2019/06/10 14:58:48 schwarze Exp $ -.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Ulf Moeller , -.\" Dr. Stephen Henson , and -.\" TJ Saunders . -.\" Copyright (c) 2000, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: June 10 2019 $ -.Dt DSA_SIG_NEW 3 -.Os -.Sh NAME -.Nm DSA_SIG_new , -.Nm DSA_SIG_free , -.Nm DSA_SIG_get0 , -.Nm DSA_SIG_set0 -.Nd manipulate DSA signature objects -.Sh SYNOPSIS -.In openssl/dsa.h -.Ft DSA_SIG * -.Fn DSA_SIG_new void -.Ft void -.Fo DSA_SIG_free -.Fa "DSA_SIG *sig" -.Fc -.Ft void -.Fo DSA_SIG_get0 -.Fa "const DSA_SIG *sig" -.Fa "const BIGNUM **r" -.Fa "const BIGNUM **s" -.Fc -.Ft int -.Fo DSA_SIG_set0 -.Fa "DSA_SIG *sig" -.Fa "BIGNUM *r" -.Fa "BIGNUM *s" -.Fc -.Sh DESCRIPTION -.Fn DSA_SIG_new -allocates an empty -.Vt DSA_SIG -structure. -.Pp -.Fn DSA_SIG_free -frees the -.Vt DSA_SIG -structure and its components. -The values are erased before the memory is returned to the system. -If -.Fa sig -is a -.Dv NULL -pointer, no action occurs. -.Pp -.Fn DSA_SIG_get0 -retrieves internal pointers to the -.Fa r -and -.Fa s -values contained in -.Fa sig . -.Pp -The -.Fa r -and -.Fa s -values can be set by calling -.Fn DSA_SIG_set0 . -Calling this function transfers the memory management of the values to -.Fa sig , -and therefore they should not be freed by the caller. -.Sh RETURN VALUES -If the allocation fails, -.Fn DSA_SIG_new -returns -.Dv NULL -and sets an error code that can be obtained by -.Xr ERR_get_error 3 . -Otherwise it returns a pointer to the newly allocated structure. -.Pp -.Fn DSA_SIG_set0 -returns 1 on success or 0 on failure. -.Sh SEE ALSO -.Xr DSA_do_sign 3 , -.Xr DSA_new 3 -.Sh HISTORY -.Fn DSA_SIG_new -and -.Fn DSA_SIG_free -first appeared in OpenSSL 0.9.3 and have been available since -.Ox 2.6 . -.Pp -.Fn DSA_SIG_get0 -and -.Fn DSA_SIG_set0 -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 6.3 . diff --git a/src/lib/libcrypto/man/DSA_do_sign.3 b/src/lib/libcrypto/man/DSA_do_sign.3 deleted file mode 100644 index 4602bed872..0000000000 --- a/src/lib/libcrypto/man/DSA_do_sign.3 +++ /dev/null @@ -1,119 +0,0 @@ -.\" $OpenBSD: DSA_do_sign.3,v 1.10 2019/06/10 14:58:48 schwarze Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: June 10 2019 $ -.Dt DSA_DO_SIGN 3 -.Os -.Sh NAME -.Nm DSA_do_sign , -.Nm DSA_do_verify -.Nd raw DSA signature operations -.Sh SYNOPSIS -.In openssl/dsa.h -.Ft DSA_SIG * -.Fo DSA_do_sign -.Fa "const unsigned char *dgst" -.Fa "int dlen" -.Fa "DSA *dsa" -.Fc -.Ft int -.Fo DSA_do_verify -.Fa "const unsigned char *dgst" -.Fa "int dgst_len" -.Fa "DSA_SIG *sig" -.Fa "DSA *dsa" -.Fc -.Sh DESCRIPTION -.Fn DSA_do_sign -computes a digital signature on the -.Fa dlen -byte message digest -.Fa dgst -using the private key -.Fa dsa -and returns it in a newly allocated -.Vt DSA_SIG -structure. -.Pp -.Xr DSA_sign_setup 3 -may be used to precompute part of the signing operation in case -signature generation is time-critical. -.Pp -.Fn DSA_do_verify -verifies that the signature -.Fa sig -matches a given message digest -.Fa dgst -of size -.Fa dgst_len . -.Fa dsa -is the signer's public key. -.Sh RETURN VALUES -.Fn DSA_do_sign -returns the signature or -.Dv NULL -on error. -.Fn DSA_do_verify -returns 1 for a valid signature, 0 for an incorrect signature, -and -1 on error. -The error codes can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr DSA_get0_key 3 , -.Xr DSA_meth_set_sign 3 , -.Xr DSA_new 3 , -.Xr DSA_SIG_new 3 , -.Xr DSA_sign 3 -.Sh HISTORY -.Fn DSA_do_sign -and -.Fn DSA_do_verify -first appeared in OpenSSL 0.9.3 and have been available since -.Ox 2.6 . diff --git a/src/lib/libcrypto/man/DSA_dup_DH.3 b/src/lib/libcrypto/man/DSA_dup_DH.3 deleted file mode 100644 index d6163fd3c3..0000000000 --- a/src/lib/libcrypto/man/DSA_dup_DH.3 +++ /dev/null @@ -1,88 +0,0 @@ -.\" $OpenBSD: DSA_dup_DH.3,v 1.9 2023/08/12 08:26:38 tb Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000, 2002 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: August 12 2023 $ -.Dt DSA_DUP_DH 3 -.Os -.Sh NAME -.Nm DSA_dup_DH -.Nd create a DH structure out of DSA structure -.Sh SYNOPSIS -.In openssl/dsa.h -.Ft DH * -.Fo DSA_dup_DH -.Fa "const DSA *r" -.Fc -.Sh DESCRIPTION -.Fn DSA_dup_DH -duplicates -.Vt DSA -parameters/keys as -.Vt DH -parameters/keys. -.Sh RETURN VALUES -.Fn DSA_dup_DH -returns the new -.Vt DH -structure or -.Dv NULL -on error. -The error codes can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr DH_new 3 , -.Xr DSA_get0_pqg 3 , -.Xr DSA_new 3 -.Sh HISTORY -.Fn DSA_dup_DH -first appeared in OpenSSL 0.9.4 and has been available since -.Ox 2.6 . -.Sh CAVEATS -Be careful to avoid small subgroup attacks when using this. diff --git a/src/lib/libcrypto/man/DSA_generate_key.3 b/src/lib/libcrypto/man/DSA_generate_key.3 deleted file mode 100644 index 37d8ec1c0f..0000000000 --- a/src/lib/libcrypto/man/DSA_generate_key.3 +++ /dev/null @@ -1,84 +0,0 @@ -.\" $OpenBSD: DSA_generate_key.3,v 1.11 2023/12/29 19:12:47 tb Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 29 2023 $ -.Dt DSA_GENERATE_KEY 3 -.Os -.Sh NAME -.Nm DSA_generate_key -.Nd generate DSA key pair -.Sh SYNOPSIS -.In openssl/dsa.h -.Ft int -.Fo DSA_generate_key -.Fa "DSA *a" -.Fc -.Sh DESCRIPTION -.Fn DSA_generate_key -expects -.Fa a -to contain DSA parameters. -It generates a new key pair and stores it in -.Fa a->pub_key -and -.Fa a->priv_key . -.Sh RETURN VALUES -.Fn DSA_generate_key -returns 1 on success or 0 otherwise. -The error codes can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr DSA_generate_parameters_ex 3 , -.Xr DSA_get0_key 3 , -.Xr DSA_new 3 -.Sh HISTORY -.Fn DSA_generate_key -first appeared in SSLeay 0.6.0 and has been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/DSA_generate_parameters_ex.3 b/src/lib/libcrypto/man/DSA_generate_parameters_ex.3 deleted file mode 100644 index a318bf8298..0000000000 --- a/src/lib/libcrypto/man/DSA_generate_parameters_ex.3 +++ /dev/null @@ -1,174 +0,0 @@ -.\" $OpenBSD: DSA_generate_parameters_ex.3,v 1.1 2023/12/29 19:15:15 tb Exp $ -.\" OpenSSL 9b86974e Aug 7 22:14:47 2015 -0400 -.\" -.\" This file was written by Ulf Moeller , -.\" Bodo Moeller , and Matt Caswell . -.\" Copyright (c) 2000, 2013 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 29 2023 $ -.Dt DSA_GENERATE_PARAMETERS_EX 3 -.Os -.Sh NAME -.\" .Nm DSA_generate_parameters is intentionally undocumented -.\" because it will be removed in the next major bump -.Nm DSA_generate_parameters_ex -.Nd generate DSA parameters -.Sh SYNOPSIS -.In openssl/dsa.h -.Ft int -.Fo DSA_generate_parameters_ex -.Fa "DSA *dsa" -.Fa "int bits" -.Fa "const unsigned char *seed" -.Fa "int seed_len" -.Fa "int *counter_ret" -.Fa "unsigned long *h_ret" -.Fa "BN_GENCB *cb" -.Fc -.Sh DESCRIPTION -.Fn DSA_generate_parameters_ex -generates primes p and q and a generator g for use in the DSA and stores -the result in -.Fa dsa . -.Pp -.Fa bits -is the length of the prime to be generated; the DSS allows a maximum of -1024 bits. -.Pp -If -.Fa seed -is -.Dv NULL -or -.Fa seed_len -< 20, the primes will be generated at random. -Otherwise, the seed is used to generate them. -If the given seed does not yield a prime q, a new random seed is chosen -and placed at -.Fa seed . -.Pp -.Fn DSA_generate_parameters_ex -places the iteration count in -.Pf * Fa counter_ret -and a counter used for finding a generator in -.Pf * Fa h_ret , -unless these are -.Dv NULL . -.Pp -A callback function may be used to provide feedback about the progress -of the key generation. -If -.Fa cb -is not -.Dv NULL , -it will be called as shown below. -For information on the -.Vt BN_GENCB -structure, refer to -.Xr BN_GENCB_call 3 . -.Bl -bullet -.It -When a candidate for q is generated, -.Fn BN_GENCB_call cb 0 m++ -is called -.Pf ( Fa m -is 0 for the first candidate). -.It -When a candidate for q has passed a test by trial division, -.Fn BN_GENCB_call cb 1 -1 -is called. -While a candidate for q is tested by Miller-Rabin primality tests, -.Fn BN_GENCB_call cb 1 i -is called in the outer loop (once for each witness that confirms that -the candidate may be prime); -.Fa i -is the loop counter (starting at 0). -.It -When a prime q has been found, -.Fn BN_GENCB_call cb 2 0 -and -.Fn BN_GENCB_call cb 3 0 -are called. -.It -Before a candidate for p (other than the first) is generated and tested, -.Fn BN_GENCB_call cb 0 counter -is called. -.It -When a candidate for p has passed the test by trial division, -.Fn BN_GENCB_call cb 1 -1 -is called. -While it is tested by the Miller-Rabin primality test, -.Fn BN_GENCB_call cb 1 i -is called in the outer loop (once for each witness that confirms that -the candidate may be prime). -.Fa i -is the loop counter (starting at 0). -.It -When p has been found, -.Fn BN_GENCB_call cb 2 1 -is called. -.It -When the generator has been found, -.Fn BN_GENCB_call cb 3 1 -is called. -.El -.Sh RETURN VALUES -.Fn DSA_generate_parameters_ex -returns a 1 on success, or 0 otherwise. -.Pp -The error codes can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr BN_generate_prime 3 , -.Xr DSA_get0_pqg 3 , -.Xr DSA_new 3 -.Sh HISTORY -.Fn DSA_generate_parameters_ex -first appeared in OpenSSL 0.9.8 and has been available since -.Ox 4.5 . -.Sh BUGS -Seed lengths > 20 are not supported. diff --git a/src/lib/libcrypto/man/DSA_get0_pqg.3 b/src/lib/libcrypto/man/DSA_get0_pqg.3 deleted file mode 100644 index b82affba66..0000000000 --- a/src/lib/libcrypto/man/DSA_get0_pqg.3 +++ /dev/null @@ -1,320 +0,0 @@ -.\" $OpenBSD: DSA_get0_pqg.3,v 1.11 2024/07/21 08:36:43 tb Exp $ -.\" full merge up to: OpenSSL e90fc053 Jul 15 09:39:45 2017 -0400 -.\" -.\" This file was written by Matt Caswell . -.\" Copyright (c) 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 21 2024 $ -.Dt DSA_GET0_PQG 3 -.Os -.Sh NAME -.Nm DSA_get0_pqg , -.Nm DSA_get0_p , -.Nm DSA_get0_q , -.Nm DSA_get0_g , -.Nm DSA_set0_pqg , -.Nm DSA_get0_key , -.Nm DSA_get0_pub_key , -.Nm DSA_get0_priv_key , -.Nm DSA_set0_key , -.Nm DSA_clear_flags , -.Nm DSA_test_flags , -.Nm DSA_set_flags , -.Nm DSA_get0_engine -.Nd get data from and set data in a DSA object -.Sh SYNOPSIS -.In openssl/dsa.h -.Ft void -.Fo DSA_get0_pqg -.Fa "const DSA *d" -.Fa "const BIGNUM **p" -.Fa "const BIGNUM **q" -.Fa "const BIGNUM **g" -.Fc -.Ft "const BIGNUM *" -.Fo DSA_get0_p -.Fa "const DSA *d" -.Fc -.Ft "const BIGNUM *" -.Fo DSA_get0_q -.Fa "const DSA *d" -.Fc -.Ft "const BIGNUM *" -.Fo DSA_get0_g -.Fa "const DSA *d" -.Fc -.Ft int -.Fo DSA_set0_pqg -.Fa "DSA *d" -.Fa "BIGNUM *p" -.Fa "BIGNUM *q" -.Fa "BIGNUM *g" -.Fc -.Ft void -.Fo DSA_get0_key -.Fa "const DSA *d" -.Fa "const BIGNUM **pub_key" -.Fa "const BIGNUM **priv_key" -.Fc -.Ft "const BIGNUM *" -.Fo DSA_get0_pub_key -.Fa "const DSA *d" -.Fc -.Ft "const BIGNUM *" -.Fo DSA_get0_priv_key -.Fa "const DSA *d" -.Fc -.Ft int -.Fo DSA_set0_key -.Fa "DSA *d" -.Fa "BIGNUM *pub_key" -.Fa "BIGNUM *priv_key" -.Fc -.Ft void -.Fo DSA_clear_flags -.Fa "DSA *d" -.Fa "int flags" -.Fc -.Ft int -.Fo DSA_test_flags -.Fa "const DSA *d" -.Fa "int flags" -.Fc -.Ft void -.Fo DSA_set_flags -.Fa "DSA *d" -.Fa "int flags" -.Fc -.Ft ENGINE * -.Fo DSA_get0_engine -.Fa "DSA *d" -.Fc -.Sh DESCRIPTION -A -.Vt DSA -object contains the parameters -.Fa p , -.Fa q , -and -.Fa g . -It also contains a public key -.Fa pub_key -and an optional private key -.Fa priv_key . -.Pp -The -.Fa p , -.Fa q , -and -.Fa g -parameters can be obtained by calling -.Fn DSA_get0_pqg . -If the parameters have not yet been set, then -.Pf * Fa p , -.Pf * Fa q , -and -.Pf * Fa g -are set to -.Dv NULL . -Otherwise, they are set to pointers to the internal representations -of the values that should not be freed by the application. -.Pp -The -.Fa p , -.Fa q , -and -.Fa g -values can be set by calling -.Fn DSA_set0_pqg . -Calling this function transfers the memory management of the values to -.Fa d , -and therefore they should not be freed by the caller. -.Pp -The -.Fn DSA_get0_key -function stores pointers to the internal representations -of the public key in -.Pf * Fa pub_key -and to the private key in -.Pf * Fa priv_key . -Either may be -.Dv NULL -if it has not yet been set. -If the private key has been set, then the public key must be. -.Pp -The public and private key values can be set using -.Fn DSA_set0_key . -The public key must be -.Pf non- Dv NULL -the first time this function is called on a given -.Vt DSA -object. -The private key may be -.Dv NULL . -On subsequent calls, either may be -.Dv NULL , -which means the corresponding -.Vt DSA -field is left untouched. -.Fn DSA_set0_key -transfers the memory management of the key values to -.Fa d , -and therefore they should not be freed by the caller. -.Pp -Values retrieved with -.Fn DSA_get0_pqg -and -.Fn DSA_get0_key -are owned by the -.Vt DSA -object and may therefore not be passed to -.Fn DSA_set0_pqg -or -.Fn DSA_set0_key . -If needed, duplicate the received values using -.Xr BN_dup 3 -and pass the duplicates. -.Pp -Any of the values -.Fa p , -.Fa q , -.Fa g , -.Fa pub_key , -and -.Fa priv_key -can also be retrieved separately by the corresponding functions -.Fn DSA_get0_p , -.Fn DSA_get0_q , -.Fn DSA_get0_g , -.Fn DSA_get0_pub_key , -and -.Fn DSA_get0_priv_key , -respectively. -The pointers are owned by the -.Vt DSA -object. -.Pp -.Fn DSA_clear_flags -clears the specified -.Fa flags -in -.Fa d . -.Fn DSA_test_flags -tests the -.Fa flags -in -.Fa d . -.Fn DSA_set_flags -sets the -.Fa flags -in -.Fa d ; -any flags already set remain set. -For all three functions, multiple flags can be passed in one call, -OR'ed together bitwise. -.Sh RETURN VALUES -.Fn DSA_get0_p , -.Fn DSA_get0_q , -.Fn DSA_get0_g , -.Fn DSA_get0_pub_key , -and -.Fn DSA_get0_priv_key -return a pointer owned by the -.Vt DSA -object if the corresponding value has been set, -otherwise they return -.Dv NULL . -.Fn DSA_set0_pqg -and -.Fn DSA_set0_key -return 1 on success or 0 on failure. -.Pp -.Fn DSA_test_flags -returns those of the given -.Fa flags -currently set in -.Fa d -or 0 if none of the given -.Fa flags -are set. -.Pp -.Fn DSA_get0_engine -always returns -.Dv NULL . -.Sh SEE ALSO -.Xr DSA_do_sign 3 , -.Xr DSA_dup_DH 3 , -.Xr DSA_generate_key 3 , -.Xr DSA_generate_parameters_ex 3 , -.Xr DSA_new 3 , -.Xr DSA_print 3 , -.Xr DSA_security_bits 3 , -.Xr DSA_sign 3 , -.Xr DSA_size 3 -.Sh HISTORY -.Fn DSA_get0_pqg , -.Fn DSA_set0_pqg , -.Fn DSA_get0_key , -.Fn DSA_set0_key , -.Fn DSA_clear_flags , -.Fn DSA_test_flags , -.Fn DSA_set_flags , -and -.Fn DSA_get0_engine -first appeared in OpenSSL 1.1.0 -and have been available since -.Ox 6.3 . -.Pp -.Fn DSA_get0_p , -.Fn DSA_get0_q , -.Fn DSA_get0_g , -.Fn DSA_get0_pub_key , -and -.Fn DSA_get0_priv_key -first appeared in OpenSSL 1.1.1 -and have been available since -.Ox 7.1 . diff --git a/src/lib/libcrypto/man/DSA_get_ex_new_index.3 b/src/lib/libcrypto/man/DSA_get_ex_new_index.3 deleted file mode 100644 index 8fe055f337..0000000000 --- a/src/lib/libcrypto/man/DSA_get_ex_new_index.3 +++ /dev/null @@ -1,98 +0,0 @@ -.\" $OpenBSD: DSA_get_ex_new_index.3,v 1.5 2018/03/22 16:06:33 schwarze Exp $ -.\" OpenSSL a528d4f0 Oct 27 13:40:11 2015 -0400 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000, 2009 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 22 2018 $ -.Dt DSA_GET_EX_NEW_INDEX 3 -.Os -.Sh NAME -.Nm DSA_get_ex_new_index , -.Nm DSA_set_ex_data , -.Nm DSA_get_ex_data -.Nd add application specific data to DSA structures -.Sh SYNOPSIS -.In openssl/dsa.h -.Ft int -.Fo DSA_get_ex_new_index -.Fa "long argl" -.Fa "void *argp" -.Fa "CRYPTO_EX_new *new_func" -.Fa "CRYPTO_EX_dup *dup_func" -.Fa "CRYPTO_EX_free *free_func" -.Fc -.Ft int -.Fo DSA_set_ex_data -.Fa "DSA *d" -.Fa "int idx" -.Fa "void *arg" -.Fc -.Ft char * -.Fo DSA_get_ex_data -.Fa "DSA *d" -.Fa "int idx" -.Fc -.Sh DESCRIPTION -These functions handle application specific data in -.Vt DSA -structures. -Their usage is identical to that of -.Xr RSA_get_ex_new_index 3 , -.Xr RSA_set_ex_data 3 , -and -.Xr RSA_get_ex_data 3 . -.Sh SEE ALSO -.Xr DSA_new 3 , -.Xr RSA_get_ex_new_index 3 -.Sh HISTORY -.Fn DSA_get_ex_new_index , -.Fn DSA_set_ex_data , -and -.Fn DSA_get_ex_data -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . diff --git a/src/lib/libcrypto/man/DSA_meth_new.3 b/src/lib/libcrypto/man/DSA_meth_new.3 deleted file mode 100644 index d89cd397b0..0000000000 --- a/src/lib/libcrypto/man/DSA_meth_new.3 +++ /dev/null @@ -1,230 +0,0 @@ -.\" $OpenBSD: DSA_meth_new.3,v 1.3 2022/07/10 13:41:59 schwarze Exp $ -.\" selective merge up to: OpenSSL c4d3c19b Apr 3 13:57:12 2018 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2018, 2022 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Matt Caswell . -.\" Copyright (c) 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 10 2022 $ -.Dt DSA_METH_NEW 3 -.Os -.Sh NAME -.Nm DSA_meth_new , -.Nm DSA_meth_free , -.Nm DSA_meth_dup , -.Nm DSA_meth_get0_name , -.Nm DSA_meth_set1_name , -.Nm DSA_meth_set_sign , -.Nm DSA_meth_set_finish -.Nd build up DSA methods -.Sh SYNOPSIS -.In openssl/dsa.h -.Ft DSA_METHOD * -.Fo DSA_meth_new -.Fa "const char *name" -.Fa "int flags" -.Fc -.Ft void -.Fo DSA_meth_free -.Fa "DSA_METHOD *meth" -.Fc -.Ft DSA_METHOD * -.Fo DSA_meth_dup -.Fa "const DSA_METHOD *meth" -.Fc -.Ft const char * -.Fo DSA_meth_get0_name -.Fa "const DSA_METHOD *meth" -.Fc -.Ft int -.Fo DSA_meth_set1_name -.Fa "DSA_METHOD *meth" -.Fa "const char *name" -.Fc -.Ft int -.Fo DSA_meth_set_sign -.Fa "DSA_METHOD *meth" -.Fa "DSA_SIG *(*sign)(const unsigned char *, int, DSA *)" -.Fc -.Ft int -.Fo DSA_meth_set_finish -.Fa "DSA_METHOD *meth" -.Fa "int (*finish)(DSA *)" -.Fc -.Sh DESCRIPTION -The -.Vt DSA_METHOD -structure holds function pointers for custom DSA implementations. -.Pp -.Fn DSA_meth_new -creates a new -.Vt DSA_METHOD -structure. -A copy of the NUL-terminated -.Fa name -is stored in the new -.Vt DSA_METHOD -object. -Any new -.Vt DSA -object constructed from this -.Vt DSA_METHOD -will have the given -.Fa flags -set by default. -.Pp -.Fn DSA_meth_dup -creates a deep copy of -.Fa meth . -This might be useful for creating a new -.Vt DSA_METHOD -based on an existing one, but with some differences. -.Pp -.Fn DSA_meth_free -destroys -.Fa meth -and frees any memory associated with it. -.Pp -.Fn DSA_meth_get0_name -returns an internal pointer to the name of -.Fa meth . -.Fn DSA_meth_set1_name -stores a copy of the NUL-terminated -.Fa name -in -.Fa meth -after freeing the previously stored name. -Method names are ignored by the default DSA implementation but can be -used by alternative implementations and by the application program. -.Pp -.Fn DSA_meth_set_sign -sets the function used for creating a DSA signature. -This function will be called from -.Xr DSA_do_sign 3 -and indirectly from -.Xr DSA_sign 3 . -The parameters of -.Fa sign -have the same meaning as for -.Xr DSA_do_sign 3 . -.Pp -.Fn DSA_meth_set_finish -sets an optional function for destroying a -.Vt DSA -object. -Unless -.Fa finish -is -.Dv NULL , -it will be called from -.Xr DSA_free 3 . -It takes the same argument -and is intended to do DSA implementation specific cleanup. -The memory used by the -.Vt DSA -object itself should not be freed by the -.Fa finish -function. -.Sh RETURN VALUES -.Fn DSA_meth_new -and -.Fn DSA_meth_dup -return the newly allocated -.Vt DSA_METHOD -object or -.Dv NULL -on failure. -.Pp -.Fn DSA_meth_get0_name -returns an internal pointer which must not be freed by the caller. -.Pp -.Fn DSA_meth_set1_name -and all -.Fn DSA_meth_set_* -functions return 1 on success or 0 on failure. -In the current implementation, only -.Fn DSA_meth_set1_name -can actually fail. -.Sh SEE ALSO -.Xr DSA_do_sign 3 , -.Xr DSA_new 3 , -.Xr DSA_set_method 3 , -.Xr DSA_SIG_new 3 , -.Xr DSA_sign 3 -.Sh HISTORY -These functions first appeared in OpenSSL 1.1.0. -.Pp -.Fn DSA_meth_new , -.Fn DSA_meth_free , -.Fn DSA_meth_dup , -.Fn DSA_meth_set_sign , -and -.Fn DSA_meth_set_finish -have been available since -.Ox 6.3 . -.Pp -.Fn DSA_meth_get0_name -and -.Fn DSA_meth_set1_name -have been available since -.Ox 7.2 . diff --git a/src/lib/libcrypto/man/DSA_new.3 b/src/lib/libcrypto/man/DSA_new.3 deleted file mode 100644 index 5a958b58c4..0000000000 --- a/src/lib/libcrypto/man/DSA_new.3 +++ /dev/null @@ -1,141 +0,0 @@ -.\" $OpenBSD: DSA_new.3,v 1.14 2023/12/29 19:12:47 tb Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000, 2002 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 29 2023 $ -.Dt DSA_NEW 3 -.Os -.Sh NAME -.Nm DSA_new , -.Nm DSA_up_ref , -.Nm DSA_free -.Nd allocate and free DSA objects -.Sh SYNOPSIS -.In openssl/dsa.h -.Ft DSA* -.Fn DSA_new void -.Ft int -.Fo DSA_up_ref -.Fa "DSA *dsa" -.Fc -.Ft void -.Fo DSA_free -.Fa "DSA *dsa" -.Fc -.Sh DESCRIPTION -The DSA functions implement the Digital Signature Algorithm. -.Pp -.Fn DSA_new -allocates and initializes a -.Vt DSA -structure, setting the reference count to 1. -It is equivalent to calling -.Xr DSA_new_method 3 -with a -.Dv NULL -argument. -.Pp -.Fn DSA_up_ref -increments the reference count by 1. -.Pp -.Fn DSA_free -decrements the reference count by 1. -If it reaches 0, it frees the -.Vt DSA -structure and its components. -The values are erased before the memory is returned to the system. -If -.Fa dsa -is a -.Dv NULL -pointer, no action occurs. -.Sh RETURN VALUES -If the allocation fails, -.Fn DSA_new -returns -.Dv NULL -and sets an error code that can be obtained by -.Xr ERR_get_error 3 . -Otherwise it returns a pointer to the newly allocated structure. -.Pp -.Fn DSA_up_ref -returns 1 for success or 0 for failure. -.Sh SEE ALSO -.Xr BN_new 3 , -.Xr crypto 3 , -.Xr d2i_DSAPublicKey 3 , -.Xr DH_new 3 , -.Xr DSA_do_sign 3 , -.Xr DSA_dup_DH 3 , -.Xr DSA_generate_key 3 , -.Xr DSA_generate_parameters_ex 3 , -.Xr DSA_get0_pqg 3 , -.Xr DSA_get_ex_new_index 3 , -.Xr DSA_meth_new 3 , -.Xr DSA_print 3 , -.Xr DSA_security_bits 3 , -.Xr DSA_set_method 3 , -.Xr DSA_SIG_new 3 , -.Xr DSA_sign 3 , -.Xr DSA_size 3 , -.Xr EVP_PKEY_set1_DSA 3 , -.Xr RSA_new 3 -.Sh STANDARDS -US Federal Information Processing Standard FIPS 186 (Digital Signature -Standard, DSS), ANSI X9.30 -.Sh HISTORY -.Fn DSA_new -and -.Fn DSA_free -first appeared in SSLeay 0.6.0 and have been available since -.Ox 2.4 . -.Pp -.Fn DSA_up_ref -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/DSA_set_method.3 b/src/lib/libcrypto/man/DSA_set_method.3 deleted file mode 100644 index c60a3e29c3..0000000000 --- a/src/lib/libcrypto/man/DSA_set_method.3 +++ /dev/null @@ -1,178 +0,0 @@ -.\" $OpenBSD: DSA_set_method.3,v 1.12 2024/05/11 06:53:19 tb Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000, 2002, 2007 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: May 11 2024 $ -.Dt DSA_SET_METHOD 3 -.Os -.Sh NAME -.Nm DSA_set_default_method , -.Nm DSA_get_default_method , -.Nm DSA_set_method , -.Nm DSA_new_method , -.Nm DSA_OpenSSL -.Nd select DSA method -.Sh SYNOPSIS -.In openssl/dsa.h -.Ft void -.Fo DSA_set_default_method -.Fa "const DSA_METHOD *meth" -.Fc -.Ft const DSA_METHOD * -.Fn DSA_get_default_method void -.Ft int -.Fo DSA_set_method -.Fa "DSA *dsa" -.Fa "const DSA_METHOD *meth" -.Fc -.Ft DSA * -.Fo DSA_new_method -.Fa "ENGINE *engine" -.Fc -.Ft DSA_METHOD * -.Fn DSA_OpenSSL void -.Sh DESCRIPTION -A -.Vt DSA_METHOD -object contains pointers to the functions used for DSA operations. -By default, the internal implementation returned by -.Fn DSA_OpenSSL -is used. -By selecting another method, alternative implementations -such as hardware accelerators may be used. -.Pp -.Fn DSA_set_default_method -selects -.Fa meth -as the default method for all -.Vt DSA -structures created later. -.Pp -.Fn DSA_get_default_method -returns a pointer to the current default method. -.Pp -.Fn DSA_set_method -selects -.Fa meth -to perform all operations using the key -.Fa dsa . -This replaces the -.Vt DSA_METHOD -used by the DSA key. -It is possible to have DSA keys that only work with certain -.Vt DSA_METHOD -implementations, -and in such cases attempting to change the -.Vt DSA_METHOD -for the key can have unexpected results. -.Pp -.Fn DSA_new_method -allocates and initializes a -.Vt DSA -structure. -The -.Fa engine -argument is ignored and -the default method controlled by -.Fn DSA_set_default_method -is used. -.Pp -The -.Vt DSA_METHOD -structure is defined as follows: -.Bd -literal -struct { - /* name of the implementation */ - const char *name; - /* sign */ - DSA_SIG *(*dsa_do_sign)(const unsigned char *dgst, int dlen, - DSA *dsa); - /* pre-compute k^-1 and r */ - int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, - BIGNUM **rp); - /* verify */ - int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa); - /* called at DSA_new */ - int (*init)(DSA *DSA); - /* called at DSA_free */ - int (*finish)(DSA *DSA); - int flags; -} DSA_METHOD; -.Ed -.Sh RETURN VALUES -.Fn DSA_OpenSSL -and -.Fn DSA_get_default_method -return pointers to the respective -.Vt DSA_METHOD . -.Pp -.Fn DSA_set_method -returns 1 on success or 0 on failure. -Currently, it cannot fail. -.Pp -.Fn DSA_new_method -returns -.Dv NULL -and sets an error code that can be obtained by -.Xr ERR_get_error 3 -if the allocation fails. -Otherwise it returns a pointer to the newly allocated structure. -.Sh SEE ALSO -.Xr DSA_meth_new 3 , -.Xr DSA_new 3 -.Sh HISTORY -.Fn DSA_set_default_method , -.Fn DSA_get_default_method , -.Fn DSA_set_method , -.Fn DSA_new_method , -and -.Fn DSA_OpenSSL -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . diff --git a/src/lib/libcrypto/man/DSA_sign.3 b/src/lib/libcrypto/man/DSA_sign.3 deleted file mode 100644 index 59f9042ba6..0000000000 --- a/src/lib/libcrypto/man/DSA_sign.3 +++ /dev/null @@ -1,173 +0,0 @@ -.\" $OpenBSD: DSA_sign.3,v 1.10 2019/06/10 14:58:48 schwarze Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: June 10 2019 $ -.Dt DSA_SIGN 3 -.Os -.Sh NAME -.Nm DSA_sign , -.Nm DSA_sign_setup , -.Nm DSA_verify -.Nd DSA signatures -.Sh SYNOPSIS -.In openssl/dsa.h -.Ft int -.Fo DSA_sign -.Fa "int type" -.Fa "const unsigned char *dgst" -.Fa "int len" -.Fa "unsigned char *sigret" -.Fa "unsigned int *siglen" -.Fa "DSA *dsa" -.Fc -.Ft int -.Fo DSA_sign_setup -.Fa "DSA *dsa" -.Fa "BN_CTX *ctx" -.Fa "BIGNUM **kinvp" -.Fa "BIGNUM **rp" -.Fc -.Ft int -.Fo DSA_verify -.Fa "int type" -.Fa "const unsigned char *dgst" -.Fa "int len" -.Fa "unsigned char *sigbuf" -.Fa "int siglen" -.Fa "DSA *dsa" -.Fc -.Sh DESCRIPTION -.Fn DSA_sign -computes a digital signature on the -.Fa len -byte message digest -.Fa dgst -using the private key -.Fa dsa -and places its ASN.1 DER encoding at -.Fa sigret . -The length of the signature is placed in -.Pf * Fa siglen . -.Fa sigret -must point to -.Fn DSA_size dsa -bytes of memory. -.Pp -.Fn DSA_sign_setup -may be used to precompute part of the signing operation in case -signature generation is time-critical. -It expects -.Fa dsa -to contain DSA parameters. -It places the precomputed values in newly allocated -.Vt BIGNUM Ns s -at -.Pf * Fa kinvp -and -.Pf * Fa rp , -after freeing the old ones unless -.Fa kinvp -and -.Fa rp -are -.Dv NULL . -These values may be passed to -.Fn DSA_sign -in -.Fa dsa->kinv -and -.Sy dsa->r . -.Fa ctx -is a pre-allocated -.Vt BN_CTX -or -.Dv NULL . -.Pp -.Fn DSA_verify -verifies that the signature -.Fa sigbuf -of size -.Fa siglen -matches a given message digest -.Fa dgst -of size -.Fa len . -.Fa dsa -is the signer's public key. -.Pp -The -.Fa type -parameter is ignored. -.Sh RETURN VALUES -.Fn DSA_sign -and -.Fn DSA_sign_setup -return 1 on success or 0 on error. -.Fn DSA_verify -returns 1 for a valid signature, 0 for an incorrect signature, -and -1 on error. -The error codes can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr DSA_do_sign 3 , -.Xr DSA_get0_key 3 , -.Xr DSA_new 3 -.Sh STANDARDS -US Federal Information Processing Standard FIPS 186 (Digital Signature -Standard, DSS), ANSI X9.30 -.Sh HISTORY -.Fn DSA_sign -and -.Fn DSA_verify -first appeared in SSLeay 0.6.0. -.Fn DSA_sign_setup -first appeared in SSLeay 0.8.0. -All these functions have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/DSA_size.3 b/src/lib/libcrypto/man/DSA_size.3 deleted file mode 100644 index 4786acc7e9..0000000000 --- a/src/lib/libcrypto/man/DSA_size.3 +++ /dev/null @@ -1,122 +0,0 @@ -.\" $OpenBSD: DSA_size.3,v 1.8 2022/07/13 21:44:23 schwarze Exp $ -.\" full merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2022 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Ulf Moeller -.\" and Dr. Stephen Henson . -.\" Copyright (c) 2000, 2002, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 13 2022 $ -.Dt DSA_SIZE 3 -.Os -.Sh NAME -.Nm DSA_size , -.Nm DSA_bits -.Nd get DSA signature or key size -.Sh SYNOPSIS -.In openssl/dsa.h -.Ft int -.Fo DSA_size -.Fa "const DSA *dsa" -.Fc -.Ft int -.Fo DSA_bits -.Fa "const DSA *dsa" -.Fc -.Sh DESCRIPTION -.Fn DSA_size -returns the maximum size of an ASN.1 encoded DSA signature for the key -.Fa dsa -in bytes. -It can be used to determine how much memory must be allocated for a DSA -signature. -.Pp -.Fa dsa->q -must not be -.Dv NULL . -.Pp -.Fn DSA_bits -returns the number of significant bits in the public domain parameter -.Fa p -contained in -.Fa dsa . -This is also the number of bits in the public key. -.Sh RETURN VALUES -.Fn DSA_size -returns the size of the signature in bytes. -.Pp -.Fn DSA_bits -returns the size of the public key in bits. -.Sh SEE ALSO -.Xr DSA_get0_pqg 3 , -.Xr DSA_new 3 , -.Xr DSA_security_bits 3 , -.Xr DSA_sign 3 -.Sh HISTORY -.Fn DSA_size -first appeared in SSLeay 0.6.0 and has been available since -.Ox 2.4 . -.Pp -.Fn DSA_bits -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 7.1 . diff --git a/src/lib/libcrypto/man/ECDH_compute_key.3 b/src/lib/libcrypto/man/ECDH_compute_key.3 deleted file mode 100644 index c49988e141..0000000000 --- a/src/lib/libcrypto/man/ECDH_compute_key.3 +++ /dev/null @@ -1,88 +0,0 @@ -.\" $OpenBSD: ECDH_compute_key.3,v 1.3 2023/08/29 10:07:42 tb Exp $ -.\" Copyright (c) 2019 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: August 29 2023 $ -.Dt ECDH_COMPUTE_KEY 3 -.Os -.Sh NAME -.Nm ECDH_compute_key , -.Nm ECDH_size -.Nd Elliptic Curve Diffie-Hellman key exchange -.Sh SYNOPSIS -.In openssl/ec.h -.Ft int -.Fo ECDH_compute_key -.Fa "void *out" -.Fa "size_t outlen" -.Fa "const EC_POINT *public_key" -.Fa "EC_KEY *ecdh" -.Fa "void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)" -.Fc -.Ft int -.Fo ECDH_size -.Fa "const EC_KEY *ecdh" -.Fc -.Sh DESCRIPTION -.Fn ECDH_compute_key -performs Elliptic Curve Diffie-Hellman key agreement. -It combines the private key contained in -.Fa ecdh -with the other party's -.Fa public_key , -takes the -.Fa x -component of the affine coordinates, -and optionally applies the key derivation function -.Fa KDF . -It stores the resulting symmetric key in the buffer -.Fa out , -which is -.Fa outlen -bytes long. -If -.Fa KDF -is -.Dv NULL , -.Fa outlen -must be at least -.Fn ECDH_size ecdh . -.Pp -.Fn ECDH_size -returns the number of bytes needed to store an affine coordinate of a -point on the elliptic curve used by -.Fa ecdh , -which is one eighth of the degree of the finite field underlying -that elliptic curve, rounded up to the next integer number. -.Sh RETURN VALUES -.Fn ECDH_compute_key -returns the length of the computed key in bytes or -1 if an error occurs. -.Pp -.Fn ECDH_size -returns the number of bytes needed to store an affine coordinate. -.Sh SEE ALSO -.Xr DH_generate_key 3 , -.Xr DH_size 3 , -.Xr EC_GROUP_new 3 , -.Xr EC_KEY_new 3 , -.Xr EC_POINT_new 3 , -.Xr X25519 3 -.Sh HISTORY -.Fn ECDH_compute_key -first appeared in OpenSSL 0.9.8 and has been available since -.Ox 4.5 . -.Pp -.Fn ECDH_size -first appeared in -.Ox 6.1 . diff --git a/src/lib/libcrypto/man/ECDSA_SIG_new.3 b/src/lib/libcrypto/man/ECDSA_SIG_new.3 deleted file mode 100644 index 2b72e6f1b9..0000000000 --- a/src/lib/libcrypto/man/ECDSA_SIG_new.3 +++ /dev/null @@ -1,452 +0,0 @@ -.\" $OpenBSD: ECDSA_SIG_new.3,v 1.21 2024/11/15 20:14:58 tb Exp $ -.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100 -.\" selective merge up to: OpenSSL da4ea0cf Aug 5 16:13:24 2019 +0100 -.\" -.\" This file was written by Nils Larsch . -.\" Copyright (c) 2004, 2005, 2013, 2016 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 15 2024 $ -.Dt ECDSA_SIG_NEW 3 -.Os -.Sh NAME -.Nm ECDSA_SIG_new , -.Nm ECDSA_SIG_free , -.Nm ECDSA_SIG_get0 , -.Nm ECDSA_SIG_get0_r , -.Nm ECDSA_SIG_get0_s , -.Nm ECDSA_SIG_set0 , -.Nm i2d_ECDSA_SIG , -.Nm d2i_ECDSA_SIG , -.Nm ECDSA_size , -.Nm ECDSA_sign , -.Nm ECDSA_verify , -.Nm ECDSA_do_sign , -.Nm ECDSA_do_verify -.Nd Elliptic Curve Digital Signature Algorithm -.Sh SYNOPSIS -.In openssl/ec.h -.Ft ECDSA_SIG* -.Fo ECDSA_SIG_new -.Fa void -.Fc -.Ft void -.Fo ECDSA_SIG_free -.Fa "ECDSA_SIG *sig" -.Fc -.Ft void -.Fo ECDSA_SIG_get0 -.Fa "const ECDSA_SIG *sig" -.Fa "const BIGNUM **r" -.Fa "const BIGNUM **s" -.Fc -.Ft "const BIGNUM *" -.Fo ECDSA_SIG_get0_r -.Fa "const ECDSA_SIG *sig" -.Fc -.Ft "const BIGNUM *" -.Fo ECDSA_SIG_get0_s -.Fa "const ECDSA_SIG *sig" -.Fc -.Ft int -.Fo ECDSA_SIG_set0 -.Fa "ECDSA_SIG *sig" -.Fa "BIGNUM *r" -.Fa "BIGNUM *s" -.Fc -.Ft int -.Fo i2d_ECDSA_SIG -.Fa "const ECDSA_SIG *sig_in" -.Fa "unsigned char **der_out" -.Fc -.Ft ECDSA_SIG* -.Fo d2i_ECDSA_SIG -.Fa "ECDSA_SIG **sig_out" -.Fa "const unsigned char **der_in" -.Fa "long len" -.Fc -.Ft int -.Fo ECDSA_size -.Fa "const EC_KEY *eckey" -.Fc -.Ft int -.Fo ECDSA_sign -.Fa "int type" -.Fa "const unsigned char *dgst" -.Fa "int dgstlen" -.Fa "unsigned char *sig" -.Fa "unsigned int *siglen" -.Fa "EC_KEY *eckey" -.Fc -.Ft int -.Fo ECDSA_verify -.Fa "int type" -.Fa "const unsigned char *dgst" -.Fa "int dgstlen" -.Fa "const unsigned char *sig" -.Fa "int siglen" -.Fa "EC_KEY *eckey" -.Fc -.Ft ECDSA_SIG* -.Fo ECDSA_do_sign -.Fa "const unsigned char *dgst" -.Fa "int dgst_len" -.Fa "EC_KEY *eckey" -.Fc -.Ft int -.Fo ECDSA_do_verify -.Fa "const unsigned char *dgst" -.Fa "int dgst_len" -.Fa "const ECDSA_SIG *sig" -.Fa "EC_KEY* eckey" -.Fc -.Sh DESCRIPTION -These functions provide a low level interface to ECDSA. -Most applications should use the higher level EVP interface such as -.Xr EVP_DigestSignInit 3 -or -.Xr EVP_DigestVerifyInit 3 -instead. -Creation of the required -.Vt EC_KEY -objects is described in -.Xr EC_KEY_new 3 . -.Pp -The -.Vt ECDSA_SIG -structure consists of two -.Vt BIGNUM Ns s -for the -.Fa r -and -.Fa s -value of an ECDSA signature (see X9.62 or FIPS 186-2). -.Bd -literal -offset indent -struct { - BIGNUM *r; - BIGNUM *s; -} ECDSA_SIG; -.Ed -.Pp -.Fn ECDSA_SIG_new -allocates a new -.Vt ECDSA_SIG -structure (note: this function also allocates the -.Vt BIGNUM Ns s ) -and initializes it. -.Pp -.Fn ECDSA_SIG_free -frees the -.Vt ECDSA_SIG -structure -.Fa sig . -.Pp -.Fn ECDSA_SIG_get0 -retrieves internal pointers the -.Fa r -and -.Fa s -values contained in -.Fa sig . -The values -.Fa r -and -.Fa s -can also be retrieved separately by the corresponding function -.Fn ECDSA_SIG_get0_r -and -.Fn ECDSA_SIG_get0_s , -respectively. -.Pp -.Fn ECDSA_SIG_set0 -sets the -.Fa r -and -.Fa s -values in -.Fa sig . -Calling this function transfers the memory management of the values to -.Fa sig . -Therefore, the values that have been passed in -should not be freed by the caller. -.Pp -.Fn i2d_ECDSA_SIG -creates the DER encoding of the ECDSA signature -.Fa sig_in -and writes the encoded signature to -.Pf * Fa der_out . -.Fn d2i_ECDSA_SIG -decodes the DER-encoded signature stored in the buffer -.Pf * Fa der_in -which is -.Fa len -bytes long into -.Pf * Fa sig_out . -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -.Fn ECDSA_size -returns the maximum length of a DER-encoded ECDSA signature created with -the private EC key -.Fa eckey . -.Pp -.Fn ECDSA_sign -computes a digital signature of the -.Fa dgstlen -bytes hash value -.Fa dgst -using the private EC key -.Fa eckey . -The DER-encoded signature is stored in -.Fa sig -and its length is returned in -.Fa siglen . -Note: -.Fa sig -must point to -.Fn ECDSA_size -bytes of memory. -The parameter -.Fa type -is ignored. -.Pp -.Fn ECDSA_verify -verifies that the signature in -.Fa sig -of size -.Fa siglen -is a valid ECDSA signature of the hash value -.Fa dgst -of size -.Fa dgstlen -using the public key -.Fa eckey . -The parameter -.Fa type -is ignored. -.Pp -.Fn ECDSA_do_sign -computes a digital signature of the -.Fa dgst_len -bytes hash value -.Fa dgst -using the private key -.Fa eckey . -The signature is returned in a newly allocated -.Vt ECDSA_SIG -structure (or -.Dv NULL -on error). -.Pp -.Fn ECDSA_do_verify -verifies that the signature -.Fa sig -is a valid ECDSA signature of the hash value -.Fa dgst -of size -.Fa dgst_len -using the public key -.Fa eckey . -.Sh RETURN VALUES -.Fn ECDSA_SIG_new -returns the new -.Vt ECDSA_SIG -object or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_ECDSA_SIG -returns the number of bytes successfully encoded -or a negative value if an error occurs. -.Pp -.Fn d2i_ECDSA_SIG -returns a pointer to the decoded -.Vt ECDSA_SIG -structure or -.Dv NULL -if an error occurs. -.Pp -.Fn ECDSA_size -returns the maximum length signature or 0 on error. -.Pp -.Fn ECDSA_SIG_get0_r -and -.Fn ECDSA_SIG_get0_s -return a pointer owned by the -.Vt ECDSA_SIG -object if it has been set or -.Dv NULL -otherwise. -.Pp -.Fn ECDSA_SIG_set0 -and -.Fn ECDSA_sign -return 1 if successful or 0 on error. -.Pp -.Fn ECDSA_do_sign -returns a pointer to an allocated -.Vt ECDSA_SIG -structure or -.Dv NULL -on error. -.Pp -.Fn ECDSA_verify -and -.Fn ECDSA_do_verify -return 1 for a valid signature, 0 for an invalid signature and -1 on -error. -The error codes can be obtained by -.Xr ERR_get_error 3 . -.Sh EXAMPLES -Creating an ECDSA signature of given SHA-384 hash value using the named -curve secp384r1. -.Pp -First step: create an -.Vt EC_KEY -object. -This part is -.Em not -ECDSA specific. -.Bd -literal -offset indent -int ret; -ECDSA_SIG *sig; -EC_KEY *eckey; - -eckey = EC_KEY_new_by_curve_name(NID_secp384r1); -if (eckey == NULL) { - /* error */ -} -if (!EC_KEY_generate_key(eckey)) { - /* error */ -} -.Ed -.Pp -Second step: compute the ECDSA signature of a SHA-384 hash value using -.Fn ECDSA_do_sign -.Bd -literal -offset indent -sig = ECDSA_do_sign(digest, SHA384_DIGEST_LENGTH, eckey); -if (sig == NULL) { - /* error */ -} -.Ed -.Pp -or using -.Fn ECDSA_sign -.Bd -literal -offset indent -unsigned char *buffer, *pp; -int buf_len; - -buf_len = ECDSA_size(eckey); -buffer = malloc(buf_len); -pp = buffer; -if (!ECDSA_sign(0, dgst, dgstlen, pp, &buf_len, eckey) { - /* error */ -} -.Ed -.Pp -Third step: verify the created ECDSA signature using -.Fn ECDSA_do_verify -.Pp -.Dl ret = ECDSA_do_verify(digest, SHA384_DIGEST_LENGTH, sig, eckey); -.Pp -or using -.Fn ECDSA_verify -.Pp -.Dl ret = ECDSA_verify(0, digest, SHA384_DIGEST_LENGTH, buffer, buf_len, eckey); -.Pp -and finally evaluate the return value: -.Bd -literal -offset indent -if (ret == -1) { - /* error */ -} else if (ret == 0) { - /* incorrect signature */ -} else { - /* ret == 1 */ - /* signature ok */ -} -.Ed -.Sh SEE ALSO -.Xr crypto 3 , -.Xr d2i_ECPKParameters 3 , -.Xr DSA_new 3 , -.Xr EC_GROUP_new 3 , -.Xr EC_KEY_METHOD_new 3 , -.Xr EC_KEY_new 3 , -.Xr EC_KEY_set_ex_data 3 , -.Xr EVP_DigestSignInit 3 , -.Xr EVP_DigestVerifyInit 3 , -.Xr RSA_new 3 -.Sh STANDARDS -ANSI X9.62, US Federal Information Processing Standard FIPS 186-5 -(Digital Signature Standard, DSS) -.Sh HISTORY -.Fn ECDSA_SIG_new , -.Fn ECDSA_SIG_free , -.Fn i2d_ECDSA_SIG , -.Fn d2i_ECDSA_SIG , -.Fn ECDSA_size , -.Fn ECDSA_sign , -.Fn ECDSA_verify , -.Fn ECDSA_do_sign , -and -.Fn ECDSA_do_verify -first appeared in OpenSSL 0.9.8 and have been available since -.Ox 4.5 . -.Pp -.Fn ECDSA_SIG_get0 -and -.Fn ECDSA_SIG_set0 -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 6.3 . -.Fn ECDSA_SIG_get0_r -and -.Fn ECDSA_SIG_get0_s -first appeared in OpenSSL 1.1.1 and have been available since -.Ox 7.1 . -.Sh AUTHORS -.An Nils Larsch -for the OpenSSL project. diff --git a/src/lib/libcrypto/man/EC_GROUP_copy.3 b/src/lib/libcrypto/man/EC_GROUP_copy.3 deleted file mode 100644 index 2e5e798236..0000000000 --- a/src/lib/libcrypto/man/EC_GROUP_copy.3 +++ /dev/null @@ -1,492 +0,0 @@ -.\" $OpenBSD: EC_GROUP_copy.3,v 1.16 2025/03/08 16:40:59 tb Exp $ -.\" full merge up to: OpenSSL d900a015 Oct 8 14:40:42 2015 +0200 -.\" selective merge up to: OpenSSL 24c23e1f Aug 22 10:51:25 2019 +0530 -.\" -.\" This file was written by Matt Caswell , -.\" Dr. Stephen Henson , -.\" and Jayaram X Matta . -.\" Copyright (c) 2013, 2015, 2019 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 8 2025 $ -.Dt EC_GROUP_COPY 3 -.Os -.Sh NAME -.Nm EC_GROUP_copy , -.Nm EC_GROUP_dup , -.Nm EC_GROUP_set_generator , -.Nm EC_GROUP_get0_generator , -.Nm EC_GROUP_get_order , -.Nm EC_GROUP_order_bits , -.Nm EC_GROUP_get_cofactor , -.Nm EC_GROUP_set_curve_name , -.Nm EC_GROUP_get_curve_name , -.Nm EC_GROUP_set_asn1_flag , -.Nm EC_GROUP_get_asn1_flag , -.Nm EC_GROUP_set_point_conversion_form , -.Nm EC_GROUP_get_point_conversion_form , -.Nm EC_GROUP_get0_seed , -.Nm EC_GROUP_get_seed_len , -.Nm EC_GROUP_set_seed , -.Nm EC_GROUP_get_degree , -.Nm EC_GROUP_check , -.Nm EC_GROUP_check_discriminant , -.Nm EC_GROUP_cmp , -.Nm EC_GROUP_get_basis_type -.Nd manipulate EC_GROUP objects -.Sh SYNOPSIS -.In openssl/ec.h -.In openssl/bn.h -.Ft int -.Fo EC_GROUP_copy -.Fa "EC_GROUP *dst" -.Fa "const EC_GROUP *src" -.Fc -.Ft EC_GROUP * -.Fo EC_GROUP_dup -.Fa "const EC_GROUP *src" -.Fc -.Ft int -.Fo EC_GROUP_set_generator -.Fa "EC_GROUP *group" -.Fa "const EC_POINT *generator" -.Fa "const BIGNUM *order" -.Fa "const BIGNUM *cofactor" -.Fc -.Ft const EC_POINT * -.Fo EC_GROUP_get0_generator -.Fa "const EC_GROUP *group" -.Fc -.Ft int -.Fo EC_GROUP_get_order -.Fa "const EC_GROUP *group" -.Fa "BIGNUM *order" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo EC_GROUP_order_bits -.Fa "const EC_GROUP *group" -.Fc -.Ft int -.Fo EC_GROUP_get_cofactor -.Fa "const EC_GROUP *group" -.Fa "BIGNUM *cofactor" -.Fa "BN_CTX *ctx" -.Fc -.Ft void -.Fo EC_GROUP_set_curve_name -.Fa "EC_GROUP *group" -.Fa "int nid" -.Fc -.Ft int -.Fo EC_GROUP_get_curve_name -.Fa "const EC_GROUP *group" -.Fc -.Ft void -.Fo EC_GROUP_set_asn1_flag -.Fa "EC_GROUP *group" -.Fa "int flag" -.Fc -.Ft int -.Fo EC_GROUP_get_asn1_flag -.Fa "const EC_GROUP *group" -.Fc -.Ft void -.Fo EC_GROUP_set_point_conversion_form -.Fa "EC_GROUP *group" -.Fa "point_conversion_form_t form" -.Fc -.Ft point_conversion_form_t -.Fo EC_GROUP_get_point_conversion_form -.Fa "const EC_GROUP *" -.Fc -.Ft unsigned char * -.Fo EC_GROUP_get0_seed -.Fa "const EC_GROUP *x" -.Fc -.Ft size_t -.Fo EC_GROUP_get_seed_len -.Fa "const EC_GROUP *" -.Fc -.Ft size_t -.Fo EC_GROUP_set_seed -.Fa "EC_GROUP *" -.Fa "const unsigned char *" -.Fa "size_t len" -.Fc -.Ft int -.Fo EC_GROUP_get_degree -.Fa "const EC_GROUP *group" -.Fc -.Ft int -.Fo EC_GROUP_check -.Fa "const EC_GROUP *group" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo EC_GROUP_check_discriminant -.Fa "const EC_GROUP *group" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo EC_GROUP_cmp -.Fa "const EC_GROUP *a" -.Fa "const EC_GROUP *b" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo EC_GROUP_get_basis_type -.Fa "const EC_GROUP *" -.Fc -.Sh DESCRIPTION -These functions operate on -.Vt EC_GROUP -objects created by the functions described in -.Xr EC_GROUP_new 3 . -.Pp -.Fn EC_GROUP_copy -copies the curve -.Fa src -into -.Fa dst . -Both -.Fa src -and -.Fa dst -must use the same -.Vt EC_METHOD . -.Pp -.Fn EC_GROUP_dup -creates a new -.Vt EC_GROUP -object and copies the content from -.Fa src -to the newly created -.Vt EC_GROUP -object. -.Pp -.Fn EC_GROUP_set_generator -sets curve parameters that must be agreed by all participants using -the curve. -These parameters include the -.Fa generator , -the -.Fa order -and the -.Fa cofactor . -The -.Fa generator -is a well defined point on the curve chosen for cryptographic -operations. -Integers used for point multiplications will be between 0 and -.Fa order No - 1 . -The -.Fa order -multiplied by the -.Fa cofactor -gives the number of points on the curve. -.Pp -.Fn EC_GROUP_get0_generator -returns the generator for the identified -.Fa group . -.Pp -.Fn EC_GROUP_get_order -retrieves the order of the -.Fa group -and copies its value into -.Fa order . -It fails if the order of the -.Fa group -is not set or set to zero. -.Pp -.Fn EC_GROUP_get_cofactor -retrieves the cofactor of the -.Fa group -and copies its value into -.Fa cofactor . -It fails if the cofactor of the -.Fa group -is not set or set to zero. -.Pp -The functions -.Fn EC_GROUP_set_curve_name -and -.Fn EC_GROUP_get_curve_name -set and get the NID for the curve, respectively (see -.Xr EC_GROUP_new 3 ) . -If a curve does not have a NID associated with it, then -.Fn EC_GROUP_get_curve_name -will return -.Dv NID_undef . -.Pp -The asn1_flag value is used to determine whether the curve encoding -uses explicit parameters or a named curve using an ASN.1 OID: -many applications only support the latter form. -If asn1_flag is the default value -.Dv OPENSSL_EC_NAMED_CURVE , -then the named curve form is used and the parameters must have a -corresponding named curve NID set. -If asn1_flags is -.Dv OPENSSL_EC_EXPLICIT_CURVE , -the parameters are explicitly encoded. -The functions -.Fn EC_GROUP_get_asn1_flag -and -.Fn EC_GROUP_set_asn1_flag -get and set the status of the asn1_flag for the curve. -.Pp -The point_conversion_form for a curve controls how -.Vt EC_POINT -data is encoded as ASN.1 as defined in X9.62 (ECDSA). -.Vt point_conversion_form_t -is an enum defined as follows: -.Bd -literal -typedef enum { - /** the point is encoded as z||x, where the octet z specifies - * which solution of the quadratic equation y is */ - POINT_CONVERSION_COMPRESSED = 2, - /** the point is encoded as z||x||y, where z is the octet 0x04 */ - POINT_CONVERSION_UNCOMPRESSED = 4, - /** the point is encoded as z||x||y, where the octet z specifies - * which solution of the quadratic equation y is */ - POINT_CONVERSION_HYBRID = 6 -} point_conversion_form_t; -.Ed -.Pp -For -.Dv POINT_CONVERSION_UNCOMPRESSED -the point is encoded as an octet signifying the UNCOMPRESSED form -has been used followed by the octets for x, followed by the octets -for y. -.Pp -For any given x coordinate for a point on a curve it is possible to -derive two possible y values. -For -.Dv POINT_CONVERSION_COMPRESSED -the point is encoded as an octet signifying that the COMPRESSED -form has been used AND which of the two possible solutions for y -has been used, followed by the octets for x. -.Pp -For -.Dv POINT_CONVERSION_HYBRID -the point is encoded as an octet signifying the HYBRID form has -been used AND which of the two possible solutions for y has been -used, followed by the octets for x, followed by the octets for y. -.Pp -The functions -.Fn EC_GROUP_set_point_conversion_form -and -.Fn EC_GROUP_get_point_conversion_form -set and get the point_conversion_form for the curve, respectively. -.Pp -ANSI X9.62 (ECDSA standard) defines a method of generating the curve -parameter b from a random number. -This provides advantages in that a parameter obtained in this way is -highly unlikely to be susceptible to special purpose attacks, or have -any trapdoors in it. -If the seed is present for a curve then the b parameter was generated in -a verifiable fashion using that seed. -The OpenSSL EC library does not use this seed value but does enable you -to inspect it using -.Fn EC_GROUP_get0_seed . -This returns a pointer to a memory block containing the seed that was -used. -The length of the memory block can be obtained using -.Fn EC_GROUP_get_seed_len . -A number of the builtin curves within the library provide seed values -that can be obtained. -It is also possible to set a custom seed using -.Fn EC_GROUP_set_seed -and passing a pointer to a memory block, along with the length of -the seed. -Again, the EC library will not use this seed value, although it will be -preserved in any ASN.1 based communications. -.Pp -.Fn EC_GROUP_get_degree -gets the degree of the field. -For Fp fields this will be the number of bits in p. -For F2^m fields this will be the value m. -.Pp -The function -.Fn EC_GROUP_check_discriminant -calculates the discriminant for the curve and verifies that it is -valid. -For a curve defined over Fp the discriminant is given by the formula -4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is simply b. -In either case for the curve to be valid the discriminant must be -non-zero. -.Pp -The function -.Fn EC_GROUP_check -performs a number of checks on a curve to verify that it is valid. -Checks performed include verifying that the discriminant is non-zero; -that a generator has been defined; that the generator is on the curve -and has the correct order. -.Pp -.Fn EC_GROUP_cmp -compares -.Fa a -and -.Fa b -to determine whether they represent the same curve or not. -.Pp -.Fn EC_GROUP_get_basis_type -always returns 0 and is only provided for compatibility. -.Sh RETURN VALUES -The following functions return 1 on success or 0 on error: -.Fn EC_GROUP_copy , -.Fn EC_GROUP_set_generator , -.Fn EC_GROUP_check , -and -.Fn EC_GROUP_check_discriminant . -.Pp -.Fn EC_GROUP_dup -returns a pointer to the duplicated curve or -.Dv NULL -on error. -.Pp -.Fn EC_GROUP_get0_generator -returns the generator for the given curve or -.Dv NULL -on error. -.Pp -.Fn EC_GROUP_get_order -returns 0 if the order is not set or set to zero for the -.Fa group -or if copying into -.Fa order -fails, or 1 otherwise. -.Pp -.Fn EC_GROUP_order_bits -returns the number of bits in the group order. -.Pp -.Fn EC_GROUP_get_cofactor -returns 0 if the cofactor is not set or set to zero for the -.Fa group -or if copying into -.Fa cofactor -fails, or 1 otherwise. -.Pp -.Fn EC_GROUP_get_curve_name -returns the curve name (NID) for the -.Fa group -or -.Dv NID_undef -if no curve name is associated. -.Pp -.Fn EC_GROUP_get_asn1_flag -returns the ASN.1 flag for the specified -.Fa group . -.Pp -.Fn EC_GROUP_get_point_conversion_form -returns the point_conversion_form for the -.Fa group . -.Pp -.Fn EC_GROUP_get_degree -returns the degree for the -.Fa group -or 0 if the operation is not supported -by the underlying group implementation. -.Pp -.Fn EC_GROUP_get0_seed -returns a pointer to the seed that was used to generate the parameter -b, or -.Dv NULL -if the seed is not specified. -.Fn EC_GROUP_get_seed_len -returns the length of the seed or 0 if the seed is not specified. -.Pp -.Fn EC_GROUP_set_seed -returns the length of the seed that has been set. -If the supplied seed is -.Dv NULL -or the supplied seed length is 0, the return value will be 1. -On error 0 is returned. -.Pp -.Fn EC_GROUP_cmp -returns 0 if the curves are equal, 1 if they are not equal, -or -1 on error. -.Pp -.Fn EC_GROUP_get_basis_type -always returns 0. -.Sh SEE ALSO -.Xr d2i_ECPKParameters 3 , -.Xr EC_GROUP_new 3 , -.Xr EC_KEY_new 3 , -.Xr EC_POINT_add 3 , -.Xr EC_POINT_new 3 -.Sh HISTORY -.Fn EC_GROUP_copy , -.Fn EC_GROUP_set_generator , -.Fn EC_GROUP_get0_generator , -.Fn EC_GROUP_get_order , -and -.Fn EC_GROUP_get_cofactor -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Pp -.Fn EC_GROUP_dup , -.Fn EC_GROUP_set_curve_name , -.Fn EC_GROUP_get_curve_name , -.Fn EC_GROUP_set_asn1_flag , -.Fn EC_GROUP_get_asn1_flag , -.Fn EC_GROUP_set_point_conversion_form , -.Fn EC_GROUP_get_point_conversion_form , -.Fn EC_GROUP_get0_seed , -.Fn EC_GROUP_get_seed_len , -.Fn EC_GROUP_set_seed , -.Fn EC_GROUP_get_degree , -.Fn EC_GROUP_check , -.Fn EC_GROUP_check_discriminant , -.Fn EC_GROUP_cmp , -and -.Fn EC_GROUP_get_basis_type -first appeared in OpenSSL 0.9.8 and have been available since -.Ox 4.5 . -.Pp -.Fn EC_GROUP_order_bits -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 7.0 . diff --git a/src/lib/libcrypto/man/EC_GROUP_new.3 b/src/lib/libcrypto/man/EC_GROUP_new.3 deleted file mode 100644 index 83e3e4c870..0000000000 --- a/src/lib/libcrypto/man/EC_GROUP_new.3 +++ /dev/null @@ -1,353 +0,0 @@ -.\" $OpenBSD: EC_GROUP_new.3,v 1.18 2025/03/08 16:38:13 tb Exp $ -.\" OpenSSL 6328d367 Sat Jul 4 21:58:30 2020 +0200 -.\" -.\" This file was written by Matt Caswell . -.\" Copyright (c) 2013 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 8 2025 $ -.Dt EC_GROUP_NEW 3 -.Os -.Sh NAME -.Nm EC_GROUP_new , -.Nm EC_GROUP_free , -.Nm EC_GROUP_clear_free , -.Nm EC_GROUP_new_curve_GFp , -.Nm EC_GROUP_new_by_curve_name , -.Nm EC_GROUP_set_curve , -.Nm EC_GROUP_get_curve , -.Nm EC_GROUP_set_curve_GFp , -.Nm EC_GROUP_get_curve_GFp , -.Nm EC_get_builtin_curves , -.Nm EC_curve_nid2nist , -.Nm EC_curve_nist2nid -.Nd create and destroy EC_GROUP objects -.Sh SYNOPSIS -.In openssl/ec.h -.In openssl/bn.h -.Ft EC_GROUP * -.Fo EC_GROUP_new -.Fa "const EC_METHOD *meth" -.Fc -.Ft void -.Fo EC_GROUP_free -.Fa "EC_GROUP *group" -.Fc -.Ft void -.Fo EC_GROUP_clear_free -.Fa "EC_GROUP *group" -.Fc -.Ft EC_GROUP * -.Fo EC_GROUP_new_curve_GFp -.Fa "const BIGNUM *p" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *b" -.Fa "BN_CTX *ctx" -.Fc -.Ft EC_GROUP * -.Fo EC_GROUP_new_by_curve_name -.Fa "int nid" -.Fc -.Ft int -.Fo EC_GROUP_set_curve -.Fa "EC_GROUP *group" -.Fa "const BIGNUM *p" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *b" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo EC_GROUP_get_curve -.Fa "const EC_GROUP *group" -.Fa "BIGNUM *p" -.Fa "BIGNUM *a" -.Fa "BIGNUM *b" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo EC_GROUP_set_curve_GFp -.Fa "EC_GROUP *group" -.Fa "const BIGNUM *p" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *b" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo EC_GROUP_get_curve_GFp -.Fa "const EC_GROUP *group" -.Fa "BIGNUM *p" -.Fa "BIGNUM *a" -.Fa "BIGNUM *b" -.Fa "BN_CTX *ctx" -.Fc -.Ft size_t -.Fo EC_get_builtin_curves -.Fa "EC_builtin_curve *r" -.Fa "size_t nitems" -.Fc -.Ft "const char *" -.Fo EC_curve_nid2nist -.Fa "int nid" -.Fc -.Ft int -.Fo EC_curve_nist2nid -.Fa "const char *name" -.Fc -.Sh DESCRIPTION -The EC library provides functions for performing operations on -elliptic curves in Weierstrass form. -Such curves are defined over the prime field of order -.Fa p -and satisfy the Weierstrass equation with coefficients -.Fa a -and -.Fa b -.Pp -.Dl y^2 = x^3 + ax + b -.Pp -An -.Vt EC_GROUP -structure is used to represent the definition of an elliptic curve. -A new curve can be constructed by calling -.Fn EC_GROUP_new , -using the implementation provided by -.Fa meth . -It is then necessary to call -.Fn EC_GROUP_set_curve -to set the curve parameters. -.Pp -.Fn EC_GROUP_set_curve -sets the curve parameters -.Fa p , -.Fa a , -and -.Fa b , -where -.Fa a -and -.Fa b -represent the coefficients of the curve equation. -.Pp -.Fn EC_GROUP_set_curve_GFp -is a deprecated synonym for -.Fn EC_GROUP_set_curve . -.Pp -.Fn EC_GROUP_get_curve -obtains the previously set curve parameters. -.Pp -.Fn EC_GROUP_get_curve_GFp -is a deprecated synonym for -.Fn EC_GROUP_get_curve . -.Pp -The function -.Fn EC_GROUP_new_curve_GFp -is a shortcut for calling -.Fn EC_GROUP_new -and -.Fn EC_GROUP_set_curve . -An appropriate default implementation method will be used. -.Pp -Whilst the library can be used to create any curve using the functions -described above, there are also a number of predefined curves that are -available. -In order to obtain a list of all of the predefined curves, call the -function -.Fn EC_get_builtin_curves . -The parameter -.Fa r -should be an array of -.Vt EC_builtin_cure -structures of size -.Fa nitems . -The function will populate the -.Fa r -array with information about the builtin curves. -If -.Fa nitems -is less than the total number of curves available, then the first -.Fa nitems -curves will be returned. -Otherwise the total number of curves will be provided. -The return value is the total number of curves available (whether that -number has been populated in -.Fa r -or not). -Passing a -.Dv NULL -.Fa r , -or setting -.Fa nitems -to 0, will do nothing other than return the total number of curves -available. -The -.Vt EC_builtin_curve -structure is defined as follows: -.Bd -literal -typedef struct { - int nid; - const char *comment; -} EC_builtin_curve; -.Ed -.Pp -Each -.Vt EC_builtin_curve -item has a unique integer ID -.Pq Fa nid -and a human readable comment string describing the curve. -.Pp -In order to construct a builtin curve, use the function -.Fn EC_GROUP_new_by_curve_name -and provide the -.Fa nid -of the curve to be constructed. -.Pp -.Fn EC_GROUP_free -frees the memory associated with the -.Vt EC_GROUP . -If -.Fa group -is a -.Dv NULL -pointer, no action occurs. -.Pp -.Fn EC_GROUP_clear_free -destroys any sensitive data held within the -.Vt EC_GROUP -and then frees its memory. -If -.Fa group -is a -.Dv NULL -pointer, no action occurs. -.Pp -Some builtin curves can be identified by their NIST name -in addition to a numerical identifier (NID). -.Fn EC_curve_nid2nist -and -.Fn EC_curve_nist2nid -translate between the two. -The five built-in prime curves are: -.Pp -.Bl -column "NIST name" NID_X9_62_prime256v1 "deprecated in SP800-186" -compact -.It No NIST Fa name Ta Em ASN.1 NID Ta Em notes -.It Qq P-192 Ta Dv NID_X9_62_prime192v1 Ta No deprecated in SP800-186 -.It Qq P-224 Ta Dv NID_secp224r1 Ta -.It Qq P-256 Ta Dv NID_X9_62_prime256v1 Ta -.It Qq P-384 Ta Dv NID_secp384r1 Ta -.It Qq P-521 Ta Dv NID_secp521r1 Ta -.El -.Pp -.Fn EC_curve_nid2nist -and -.Fn EC_curve_nist2nid -also accept the ten binary curves defined in FIPS\& 186-4 -and deprecated in SP800-186, -although they no longer correspond to builtin curves in LibreSSL. -.Sh RETURN VALUES -All -.Fn EC_GROUP_new* -functions return a pointer to the newly constructed group or -.Dv NULL -on error. -.Pp -.Fn EC_get_builtin_curves -returns the number of builtin curves that are available. -.Pp -.Fn EC_curve_nid2nist -returns a string constant containing the NIST name if -.Fa nid -identifies a NIST curve or -.Dv NULL -otherwise. -.Pp -.Fn EC_curve_nist2nid -returns the NID corresponding to the NIST curve -.Fa name , -or -.Dv NID_undef . -.Pp -.Fn EC_GROUP_set_curve , -.Fn EC_GROUP_get_curve , -.Fn EC_GROUP_set_curve_GFp , -and -.Fn EC_GROUP_get_curve_GFp -return 1 on success or 0 on error. -.Sh SEE ALSO -.Xr crypto 3 , -.Xr d2i_ECPKParameters 3 , -.Xr EC_GROUP_copy 3 , -.Xr EC_KEY_new 3 , -.Xr EC_POINT_add 3 , -.Xr EC_POINT_new 3 , -.Xr ECDH_compute_key 3 , -.Xr ECDSA_SIG_new 3 -.Sh HISTORY -.Fn EC_GROUP_new , -.Fn EC_GROUP_free , -.Fn EC_GROUP_clear_free , -.Fn EC_GROUP_new_curve_GFp , -.Fn EC_GROUP_set_curve_GFp , -and -.Fn EC_GROUP_get_curve_GFp -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Pp -.Fn EC_GROUP_new_by_curve_name -and -.Fn EC_get_builtin_curves -first appeared in OpenSSL 0.9.8 and have been available since -.Ox 4.5 . -.Fn EC_curve_nid2nist , -and -.Fn EC_curve_nist2nid -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 5.8 . -.Pp -.Fn EC_GROUP_set_curve -and -.Fn EC_GROUP_get_curve -first appeared in OpenSSL 1.1.1 and have been available since -.Ox 7.0 . diff --git a/src/lib/libcrypto/man/EC_KEY_METHOD_new.3 b/src/lib/libcrypto/man/EC_KEY_METHOD_new.3 deleted file mode 100644 index 79c16ef014..0000000000 --- a/src/lib/libcrypto/man/EC_KEY_METHOD_new.3 +++ /dev/null @@ -1,320 +0,0 @@ -.\" $OpenBSD: EC_KEY_METHOD_new.3,v 1.4 2024/07/21 08:36:43 tb Exp $ -.\" Copyright (c) 2019 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: July 21 2024 $ -.Dt EC_KEY_METHOD_NEW 3 -.Os -.Sh NAME -.Nm EC_KEY_METHOD_new , -.Nm EC_KEY_METHOD_free , -.Nm EC_KEY_METHOD_set_init , -.Nm EC_KEY_METHOD_get_init , -.Nm EC_KEY_METHOD_set_sign , -.Nm EC_KEY_METHOD_get_sign , -.Nm EC_KEY_METHOD_set_verify , -.Nm EC_KEY_METHOD_get_verify , -.Nm EC_KEY_METHOD_set_keygen , -.Nm EC_KEY_METHOD_get_keygen , -.Nm EC_KEY_METHOD_set_compute_key , -.Nm EC_KEY_METHOD_get_compute_key , -.Nm EC_KEY_OpenSSL , -.Nm EC_KEY_set_default_method , -.Nm EC_KEY_get_default_method , -.Nm EC_KEY_new_method , -.Nm EC_KEY_set_method , -.Nm EC_KEY_get_method -.Nd custom EC_KEY implementations -.Sh SYNOPSIS -.In openssl/ec.h -.Ft EC_KEY_METHOD * -.Fo EC_KEY_METHOD_new -.Fa "const EC_KEY_METHOD *meth" -.Fc -.Ft void -.Fo EC_KEY_METHOD_free -.Fa "EC_KEY_METHOD *meth" -.Fc -.Ft void -.Fo EC_KEY_METHOD_set_init -.Fa "EC_KEY_METHOD *meth" -.Fa "int (*init)(EC_KEY *key)" -.Fa "void (*finish)(EC_KEY *key)" -.Fa "int (*copy)(EC_KEY *dest, const EC_KEY *src)" -.Fa "int (*set_group)(EC_KEY *key, const EC_GROUP *grp)" -.Fa "int (*set_private)(EC_KEY *key, const BIGNUM *priv_key)" -.Fa "int (*set_public)(EC_KEY *key, const EC_POINT *pub_key)" -.Fc -.Ft void -.Fo EC_KEY_METHOD_get_init -.Fa "const EC_KEY_METHOD *meth" -.Fa "int (**pinit)(EC_KEY *key)" -.Fa "void (**pfinish)(EC_KEY *key)" -.Fa "int (**pcopy)(EC_KEY *dest, const EC_KEY *src)" -.Fa "int (**pset_group)(EC_KEY *key, const EC_GROUP *grp)" -.Fa "int (**pset_private)(EC_KEY *key, const BIGNUM *priv_key)" -.Fa "int (**pset_public)(EC_KEY *key, const EC_POINT *pub_key)" -.Fc -.Ft void -.Fo EC_KEY_METHOD_set_sign -.Fa "EC_KEY_METHOD *meth" -.Fa "int (*sign)(int type, const unsigned char *dgst, int dgstlen,\ - unsigned char *sig, unsigned int *siglen,\ - const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey)" -.Fa "int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx,\ - BIGNUM **kinv, BIGNUM **rp)" -.Fa "ECDSA_SIG *(*sign_sig)(const unsigned char *dgst, int dgstlen,\ - const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey)" -.Fc -.Ft void -.Fo EC_KEY_METHOD_get_sign -.Fa "const EC_KEY_METHOD *meth" -.Fa "int (**psign)(int type, const unsigned char *dgst, int dgstlen,\ - unsigned char *sig, unsigned int *siglen,\ - const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey)" -.Fa "int (**psign_setup)(EC_KEY *eckey, BN_CTX *ctx,\ - BIGNUM **kinv, BIGNUM **rp)" -.Fa "ECDSA_SIG *(**psign_sig)(const unsigned char *dgst, int dgstlen,\ - const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey)" -.Fc -.Ft void -.Fo EC_KEY_METHOD_set_verify -.Fa "EC_KEY_METHOD *meth" -.Fa "int (*verify)(int type, const unsigned char *dgst, int dgst_len,\ - const unsigned char *sigbuf, int sig_len, EC_KEY *eckey)" -.Fa "int (*verify_sig)(const unsigned char *dgst, int dgst_len,\ - const ECDSA_SIG *sig, EC_KEY *eckey)" -.Fc -.Ft void -.Fo EC_KEY_METHOD_get_verify -.Fa "const EC_KEY_METHOD *meth" -.Fa "int (**pverify)(int type, const unsigned char *dgst, int dgst_len,\ - const unsigned char *sigbuf, int sig_len, EC_KEY *eckey)" -.Fa "int (**pverify_sig)(const unsigned char *dgst, int dgst_len,\ - const ECDSA_SIG *sig, EC_KEY *eckey)" -.Fc -.Ft void -.Fo EC_KEY_METHOD_set_keygen -.Fa "EC_KEY_METHOD *meth" -.Fa "int (*keygen)(EC_KEY *key)" -.Fc -.Ft void -.Fo EC_KEY_METHOD_get_keygen -.Fa "const EC_KEY_METHOD *meth" -.Fa "int (**pkeygen)(EC_KEY *key)" -.Fc -.Ft void -.Fo EC_KEY_METHOD_set_compute_key -.Fa "EC_KEY_METHOD *meth" -.Fa "int (*ckey)(void *out, size_t outlen,\ - const EC_POINT *pub_key, EC_KEY *ecdh,\ - void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen))" -.Fc -.Ft void -.Fo EC_KEY_METHOD_get_compute_key -.Fa "const EC_KEY_METHOD *meth" -.Fa "int (**pck)(void *out, size_t outlen,\ - const EC_POINT *pub_key, EC_KEY *ecdh,\ - void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen))" -.Fc -.Ft const EC_KEY_METHOD * -.Fn EC_KEY_OpenSSL void -.Ft void -.Fo EC_KEY_set_default_method -.Fa "const EC_KEY_METHOD *meth" -.Fc -.Ft const EC_KEY_METHOD * -.Fn EC_KEY_get_default_method void -.Ft EC_KEY * -.Fo EC_KEY_new_method -.Fa "ENGINE *engine" -.Fc -.Ft int -.Fo EC_KEY_set_method -.Fa "EC_KEY *key" -.Fa "const EC_KEY_METHOD *meth" -.Fc -.Ft const EC_KEY_METHOD * -.Fo EC_KEY_get_method -.Fa "const EC_KEY *key" -.Fc -.Sh DESCRIPTION -An -.Vt EC_KEY_METHOD -object holds function pointers used for -.Vt EC_KEY -operations. -.Pp -.Fn EC_KEY_METHOD_new -creates a shallow copy of -.Fa meth , -or an empty -.Vt EC_KEY_METHOD -object if -.Fa meth -is -.Dv NULL . -.Pp -.Fn EC_KEY_METHOD_free -frees -.Fa meth . -If -.Fa meth -is -.Dv NULL -or the return value of -.Fn EC_KEY_OpenSSL , -no action occurs. -.Pp -.Fn EC_KEY_METHOD_set_init -and -.Fn EC_KEY_METHOD_get_init -set and retrieve optional callback functions called at the following places: -.Pp -.Bl -tag -width set_private -compact -.It Fa init -at the end of -.Fn EC_KEY_new_method -and -.Fn EC_KEY_set_method -.It Fa finish -at the beginning of -.Xr EC_KEY_free 3 , -.Xr EC_KEY_copy 3 , -and -.Fn EC_KEY_set_method -.It Fa copy -at the end of -.Xr EC_KEY_copy 3 -.It Fa set_group -at the end of -.Xr EC_KEY_set_group 3 -and -.Xr EC_KEY_new_by_curve_name 3 -.It Fa set_private -at the beginning of -.Xr EC_KEY_set_private_key 3 -.It Fa set_public -at the beginning of -.Xr EC_KEY_set_public_key 3 -.El -.Pp -If any of these callbacks returns 0, the calling function fails. -By default, all these callbacks are -.Dv NULL . -Arguments of -.Fn EC_KEY_METHOD_get_init -can be set to -.Dv NULL -to selectively retrieve callback function pointers. -.Pp -.Fn EC_KEY_METHOD_set_sign -and -.Fn EC_KEY_METHOD_get_sign -set and retrieve the functions implementing -.Xr ECDSA_sign 3 -and -.Xr ECDSA_do_sign 3 . -.Pp -.Fn EC_KEY_METHOD_set_verify -and -.Fn EC_KEY_METHOD_get_verify -set and retrieve the functions implementing -.Xr ECDSA_verify 3 -and -.Xr ECDSA_do_verify 3 . -.Pp -.Fn EC_KEY_METHOD_set_keygen -and -.Fn EC_KEY_METHOD_get_keygen -set and retrieve the function implementing -.Xr EC_KEY_generate_key 3 . -.Pp -.Fn EC_KEY_METHOD_set_compute_key -and -.Fn EC_KEY_METHOD_get_compute_key -set and retrieve the function implementing -.Xr ECDH_compute_key 3 . -.Pp -.Fn EC_KEY_set_default_method -chooses the -.Fa meth -to be used for the creation of new -.Vt EC_KEY -objects by future invocations of -.Fn EC_KEY_new_method , -or reverts to the default implementation if -.Fa meth -is -.Dv NULL . -.Pp -.Fn EC_KEY_new_method -creates and initializes a new -.Vt EC_KEY -object using the -.Vt EC_KEY_METHOD -set with -.Fn EC_KEY_set_default_method . -The -.Fa ENGINE *engine -argument is always ignored and passing -.Dv NULL -is recommended. -.Pp -.Fn EC_KEY_set_method -dissociates the -.Fa key -from the -.Vt ENGINE -it is using, if any, and causes it to use -.Fa meth -in the future. -.Sh RETURN VALUES -.Fn EC_KEY_METHOD_new -returns the newly allocated -.Vt EC_KEY_METHOD -object or -.Dv NULL -if an error occurs. -.Pp -.Fn EC_KEY_OpenSSL -returns a static object representing the default EC_KEY implementation. -.Pp -.Fn EC_KEY_get_default_method -returns the -.Vt EC_KEY_METHOD -that -.Fn EC_KEY_new_method -will use for the creation of new -.Vt EC_KEY -objects in the future. -.Pp -.Fn EC_KEY_new_method -returns the newly allocated -.Vt EC_KEY -object or NULL if an error occurs. -.Pp -.Fn EC_KEY_set_method -returns 1 for success or 0 for failure. -.Pp -.Fn EC_KEY_get_method -returns the EC_KEY implementation used by the given -.Fa key . -.Sh SEE ALSO -.Xr EC_KEY_new 3 , -.Xr ECDSA_sign 3 -.Sh HISTORY -These functions first appeared in OpenSSL 1.1.0 -and have been available since -.Ox 6.5 . diff --git a/src/lib/libcrypto/man/EC_KEY_new.3 b/src/lib/libcrypto/man/EC_KEY_new.3 deleted file mode 100644 index c24cb080ef..0000000000 --- a/src/lib/libcrypto/man/EC_KEY_new.3 +++ /dev/null @@ -1,532 +0,0 @@ -.\" $OpenBSD: EC_KEY_new.3,v 1.21 2025/03/08 16:38:13 tb Exp $ -.\" full merge up to: OpenSSL 3aef36ff Jan 5 13:06:03 2016 -0500 -.\" partial merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100 -.\" -.\" This file was written by Matt Caswell . -.\" Copyright (c) 2013, 2014 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 8 2025 $ -.Dt EC_KEY_NEW 3 -.Os -.Sh NAME -.Nm EC_KEY_new , -.Nm EC_KEY_get_flags , -.Nm EC_KEY_set_flags , -.Nm EC_KEY_clear_flags , -.Nm EC_KEY_new_by_curve_name , -.Nm EC_KEY_free , -.Nm EC_KEY_copy , -.Nm EC_KEY_dup , -.Nm EC_KEY_up_ref , -.Nm EC_KEY_get0_group , -.Nm EC_KEY_set_group , -.Nm EC_KEY_get0_private_key , -.Nm EC_KEY_set_private_key , -.Nm EC_KEY_get0_public_key , -.Nm EC_KEY_set_public_key , -.Nm EC_KEY_get_enc_flags , -.Nm EC_KEY_set_enc_flags , -.Nm EC_KEY_get_conv_form , -.Nm EC_KEY_set_conv_form , -.Nm EC_KEY_set_asn1_flag , -.Nm EC_KEY_precompute_mult , -.Nm EC_KEY_generate_key , -.Nm EC_KEY_check_key , -.Nm EC_KEY_set_public_key_affine_coordinates , -.Nm EC_KEY_print , -.Nm EC_KEY_print_fp -.Nd create, destroy and manipulate EC_KEY objects -.Sh SYNOPSIS -.In openssl/ec.h -.In openssl/bn.h -.Ft EC_KEY * -.Fn EC_KEY_new void -.Ft int -.Fo EC_KEY_get_flags -.Fa "const EC_KEY *key" -.Fc -.Ft void -.Fo EC_KEY_set_flags -.Fa "EC_KEY *key" -.Fa "int flags" -.Fc -.Ft void -.Fo EC_KEY_clear_flags -.Fa "EC_KEY *key" -.Fa "int flags" -.Fc -.Ft EC_KEY * -.Fo EC_KEY_new_by_curve_name -.Fa "int nid" -.Fc -.Ft void -.Fo EC_KEY_free -.Fa "EC_KEY *key" -.Fc -.Ft EC_KEY * -.Fo EC_KEY_copy -.Fa "EC_KEY *dst" -.Fa "const EC_KEY *src" -.Fc -.Ft EC_KEY * -.Fo EC_KEY_dup -.Fa "const EC_KEY *src" -.Fc -.Ft int -.Fo EC_KEY_up_ref -.Fa "EC_KEY *key" -.Fc -.Ft const EC_GROUP * -.Fo EC_KEY_get0_group -.Fa "const EC_KEY *key" -.Fc -.Ft int -.Fo EC_KEY_set_group -.Fa "EC_KEY *key" -.Fa "const EC_GROUP *group" -.Fc -.Ft const BIGNUM * -.Fo EC_KEY_get0_private_key -.Fa "const EC_KEY *key" -.Fc -.Ft int -.Fo EC_KEY_set_private_key -.Fa "EC_KEY *key" -.Fa "const BIGNUM *prv" -.Fc -.Ft const EC_POINT * -.Fo EC_KEY_get0_public_key -.Fa "const EC_KEY *key" -.Fc -.Ft int -.Fo EC_KEY_set_public_key -.Fa "EC_KEY *key" -.Fa "const EC_POINT *pub" -.Fc -.Ft unsigned int -.Fo EC_KEY_get_enc_flags -.Fa "const EC_KEY *key" -.Fc -.Ft void -.Fo EC_KEY_set_enc_flags -.Fa "EC_KEY *key" -.Fa "unsigned int flags" -.Fc -.Ft point_conversion_form_t -.Fo EC_KEY_get_conv_form -.Fa "const EC_KEY *key" -.Fc -.Ft void -.Fo EC_KEY_set_conv_form -.Fa "EC_KEY *key" -.Fa "point_conversion_form_t cform" -.Fc -.Ft void -.Fo EC_KEY_set_asn1_flag -.Fa "EC_KEY *key" -.Fa "int asn1_flag" -.Fc -.Ft int -.Fo EC_KEY_precompute_mult -.Fa "EC_KEY *key" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo EC_KEY_generate_key -.Fa "EC_KEY *key" -.Fc -.Ft int -.Fo EC_KEY_check_key -.Fa "const EC_KEY *key" -.Fc -.Ft int -.Fo EC_KEY_set_public_key_affine_coordinates -.Fa "EC_KEY *key" -.Fa "BIGNUM *x" -.Fa "BIGNUM *y" -.Fc -.Ft int -.Fo EC_KEY_print -.Fa "BIO *bp" -.Fa "const EC_KEY *key" -.Fa "int off" -.Fc -.Ft int -.Fo EC_KEY_print_fp -.Fa "FILE *fp" -.Fa "const EC_KEY *key" -.Fa "int off" -.Fc -.Sh DESCRIPTION -An -.Vt EC_KEY -represents a public key and (optionally) an associated private key. -The public key is a point on a curve represented by an -.Vt EC_POINT , -see -.Xr EC_POINT_new 3 . -The private key is simply a -.Vt BIGNUM , -see -.Xr BN_new 3 . -.Pp -A new -.Vt EC_KEY -(with no associated curve) can be constructed by calling -.Fn EC_KEY_new . -The reference count for the newly created -.Vt EC_KEY -is initially set to 1. -A curve can be associated with the -.Vt EC_KEY -by calling -.Fn EC_KEY_set_group . -.Pp -Alternatively a new -.Vt EC_KEY -can be constructed by calling -.Fn EC_KEY_new_by_curve_name -and supplying the -.Fa nid -of the associated curve. -Refer to -.Xr EC_GROUP_new 3 -for a description of curve names. -This function simply wraps calls to -.Fn EC_KEY_new -and -.Fn EC_GROUP_new_by_curve_name . -.Pp -Calling -.Fn EC_KEY_free -decrements the reference count for the -.Vt EC_KEY -object and, if it has dropped to zero, then frees the memory associated -with it. -If -.Fa key -is a -.Dv NULL -pointer, no action occurs. -.Pp -.Fn EC_KEY_copy -copies the contents of the -.Vt EC_KEY -in -.Fa src -into -.Fa dst . -.Pp -.Fn EC_KEY_dup -creates a new -.Vt EC_KEY -object and copies -.Fa src -into it. -.Pp -.Fn EC_KEY_up_ref -increments the reference count associated with the -.Vt EC_KEY -object. -.Pp -.Fn EC_KEY_generate_key -generates a new public and private key for the supplied -.Fa key -object. -.Fa key -must have an -.Vt EC_GROUP -object associated with it before calling this function. -The private key is a random integer (0 < priv_key < order, where order -is the order of the -.Vt EC_GROUP -object). -The public key is an -.Vt EC_POINT -on the curve calculated by multiplying the generator for the curve -by the private key. -.Pp -.Fn EC_KEY_check_key -performs various sanity checks on the -.Vt EC_KEY -object to confirm that it is valid. -.Pp -.Fn EC_KEY_set_public_key_affine_coordinates -sets the public key for -.Fa key -based on its affine coordinates, i.e. it constructs an -.Vt EC_POINT -object based on the supplied -.Fa x -and -.Fa y -values and sets the public key to be this -.Vt EC_POINT . -It also performs certain sanity checks on the key to confirm that -it is valid. -.Pp -The functions -.Fn EC_KEY_get0_group , -.Fn EC_KEY_set_group , -.Fn EC_KEY_get0_private_key , -.Fn EC_KEY_set_private_key , -.Fn EC_KEY_get0_public_key , -and -.Fn EC_KEY_set_public_key -get and set the -.Vt EC_GROUP -object, the private key and the -.Vt EC_POINT -public key for the -.Fa key , -respectively. -The setters copy the group and key objects without sanity checks -and it is the caller's responsibility to ensure that -the resulting key is valid, for example using -.Fn EC_KEY_check_key . -.Pp -The functions -.Fn EC_KEY_get_enc_flags -and -.Fn EC_KEY_set_enc_flags -get and set the value of the encoding flags for the -.Fa key . -There are two encoding flags currently defined: -.Dv EC_PKEY_NO_PARAMETERS -and -.Dv EC_PKEY_NO_PUBKEY . -These flags define the behaviour of how the -.Fa key -is converted into ASN.1 in a call to -.Fn i2d_ECPrivateKey . -If -.Dv EC_PKEY_NO_PARAMETERS -is set then the public parameters for the curve -are not encoded along with the private key. -If -.Dv EC_PKEY_NO_PUBKEY -is set then the public key is not encoded along with the private -key. -.Pp -The format of the external representation of the public key written by -.Xr i2d_ECPrivateKey 3 , -such as whether it is stored in a compressed form or not, -is described by the point_conversion_form. -See -.Xr EC_GROUP_copy 3 -for a description of point_conversion_form. -.Pp -When reading a private key encoded without an associated public key, -for example if -.Dv EC_PKEY_NO_PUBKEY -was used, -.Xr d2i_ECPrivateKey 3 -generates the missing public key automatically. -Private keys encoded without parameters, for example if -.Dv EC_PKEY_NO_PARAMETERS -was used, cannot be loaded using -.Xr d2i_ECPrivateKey 3 . -.Pp -The functions -.Fn EC_KEY_get_conv_form -and -.Fn EC_KEY_set_conv_form -get and set the point_conversion_form for the -.Fa key . -For a description of point_conversion_form refer to -.Xr EC_GROUP_copy 3 . -.Pp -.Fn EC_KEY_set_flags -sets the flags in the -.Fa flags -parameter on the -.Vt EC_KEY -object. -Any flags that are already set are left set. -The currently defined standard flags are -.Dv EC_FLAG_NON_FIPS_ALLOW -and -.Dv EC_FLAG_FIPS_CHECKED . -In addition there is the ECDH-specific flag -.Dv EC_FLAG_COFACTOR_ECDH . -.Fn EC_KEY_get_flags -returns the current flags that are set for this -.Vt EC_KEY . -.Fn EC_KEY_clear_flags -clears the flags indicated by the -.Fa flags -parameter. -All other flags are left in their existing state. -.Pp -.Fn EC_KEY_set_asn1_flag -sets the asn1_flag on the underlying -.Vt EC_GROUP -object (if set). -Refer to -.Xr EC_GROUP_copy 3 -for further information on the asn1_flag. -.Pp -.Fn EC_KEY_precompute_mult -stores multiples of the underlying -.Vt EC_GROUP -generator for faster point multiplication. -See also -.Xr EC_POINT_add 3 . -.Pp -.Fn EC_KEY_print -and -.Fn EC_KEY_print_fp -print out the content of -.Fa key -to the -.Vt BIO -.Fa bp -or to the -.Vt FILE -pointer -.Fa fp , -respectively. -Each line is indented by -.Fa indent -spaces. -.Sh RETURN VALUES -.Fn EC_KEY_new , -.Fn EC_KEY_new_by_curve_name , -and -.Fn EC_KEY_dup -return a pointer to the newly created -.Vt EC_KEY object -or -.Dv NULL -on error. -.Pp -.Fn EC_KEY_get_flags -returns the flags associated with the -.Vt EC_KEY object . -.Pp -.Fn EC_KEY_copy -returns a pointer to the destination key or -.Dv NULL -on error. -In the latter case, part of the content may already have been copied. -.Pp -.Fn EC_KEY_up_ref , -.Fn EC_KEY_set_group , -.Fn EC_KEY_set_private_key , -.Fn EC_KEY_set_public_key , -.Fn EC_KEY_precompute_mult , -.Fn EC_KEY_generate_key , -.Fn EC_KEY_check_key , -.Fn EC_KEY_set_public_key_affine_coordinates , -.Fn EC_KEY_print , -and -.Fn EC_KEY_print_fp -return 1 on success or 0 on error. -.Pp -.Fn EC_KEY_get0_group -returns the -.Vt EC_GROUP -associated with the -.Vt EC_KEY . -.Pp -.Fn EC_KEY_get0_private_key -and -.Fn EC_KEY_get0_public_key -return the private or public keys, respectively, associated with the -.Vt EC_KEY . -.Pp -.Fn EC_KEY_get_enc_flags -returns the value of the current encoding flags for the -.Vt EC_KEY . -.Pp -.Fn EC_KEY_get_conv_form -returns the point_conversion_form for the -.Vt EC_KEY . -.Sh SEE ALSO -.Xr d2i_ECPKParameters 3 , -.Xr EC_GROUP_copy 3 , -.Xr EC_GROUP_new 3 , -.Xr EC_KEY_METHOD_new 3 , -.Xr EC_POINT_add 3 , -.Xr EC_POINT_new 3 , -.Xr ECDH_compute_key 3 , -.Xr ECDSA_SIG_new 3 , -.Xr EVP_PKEY_set1_EC_KEY 3 -.Sh HISTORY -.Fn EC_KEY_new , -.Fn EC_KEY_new_by_curve_name , -.Fn EC_KEY_free , -.Fn EC_KEY_copy , -.Fn EC_KEY_dup , -.Fn EC_KEY_up_ref , -.Fn EC_KEY_get0_group , -.Fn EC_KEY_set_group , -.Fn EC_KEY_get0_private_key , -.Fn EC_KEY_set_private_key , -.Fn EC_KEY_get0_public_key , -.Fn EC_KEY_set_public_key , -.Fn EC_KEY_get_enc_flags , -.Fn EC_KEY_set_enc_flags , -.Fn EC_KEY_get_conv_form , -.Fn EC_KEY_set_conv_form , -.Fn EC_KEY_set_asn1_flag , -.Fn EC_KEY_precompute_mult , -.Fn EC_KEY_generate_key , -.Fn EC_KEY_check_key , -.Fn EC_KEY_print , -and -.Fn EC_KEY_print_fp -first appeared in OpenSSL 0.9.8 and have been available since -.Ox 4.5 . -.Pp -.Fn EC_KEY_get_flags , -.Fn EC_KEY_set_flags , -.Fn EC_KEY_clear_flags , -and -.Fn EC_KEY_set_public_key_affine_coordinates -first appeared in OpenSSL 1.0.1 and have been available since -.Ox 5.3 . diff --git a/src/lib/libcrypto/man/EC_POINT_add.3 b/src/lib/libcrypto/man/EC_POINT_add.3 deleted file mode 100644 index cc35499c0e..0000000000 --- a/src/lib/libcrypto/man/EC_POINT_add.3 +++ /dev/null @@ -1,216 +0,0 @@ -.\" $OpenBSD: EC_POINT_add.3,v 1.15 2025/03/08 16:48:22 tb Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Matt Caswell . -.\" Copyright (c) 2013 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 8 2025 $ -.Dt EC_POINT_ADD 3 -.Os -.Sh NAME -.Nm EC_POINT_add , -.Nm EC_POINT_dbl , -.Nm EC_POINT_invert , -.Nm EC_POINT_is_at_infinity , -.Nm EC_POINT_is_on_curve , -.Nm EC_POINT_cmp , -.Nm EC_POINT_make_affine , -.Nm EC_POINT_mul -.Nd perform mathematical operations and tests on EC_POINT objects -.Sh SYNOPSIS -.In openssl/ec.h -.In openssl/bn.h -.Ft int -.Fo EC_POINT_add -.Fa "const EC_GROUP *group" -.Fa "EC_POINT *r" -.Fa "const EC_POINT *a" -.Fa "const EC_POINT *b" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo EC_POINT_dbl -.Fa "const EC_GROUP *group" -.Fa "EC_POINT *r" -.Fa "const EC_POINT *a" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo EC_POINT_invert -.Fa "const EC_GROUP *group" -.Fa "EC_POINT *a" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo EC_POINT_is_at_infinity -.Fa "const EC_GROUP *group" -.Fa "const EC_POINT *p" -.Fc -.Ft int -.Fo EC_POINT_is_on_curve -.Fa "const EC_GROUP *group" -.Fa "const EC_POINT *point" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo EC_POINT_cmp -.Fa "const EC_GROUP *group" -.Fa "const EC_POINT *a" -.Fa "const EC_POINT *b" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo EC_POINT_make_affine -.Fa "const EC_GROUP *group" -.Fa "EC_POINT *point" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo EC_POINT_mul -.Fa "const EC_GROUP *group" -.Fa "EC_POINT *r" -.Fa "const BIGNUM *n" -.Fa "const EC_POINT *q" -.Fa "const BIGNUM *m" -.Fa "BN_CTX *ctx" -.Fc -.Sh DESCRIPTION -These functions operate on -.Vt EC_POINT -objects created by -.Xr EC_POINT_new 3 . -.Pp -.Fn EC_POINT_add -adds the two points -.Fa a -and -.Fa b -and places the result in -.Fa r . -Similarly -.Fn EC_POINT_dbl -doubles the point -.Fa a -and places the result in -.Fa r . -In both cases it is valid for -.Fa r -to be one of -.Fa a -or -.Fa b . -.Pp -.Fn EC_POINT_invert -calculates the inverse of the supplied point -.Fa a . -The result is placed back in -.Fa a . -.Pp -The function -.Fn EC_POINT_is_at_infinity -tests whether the supplied point is at infinity or not. -.Pp -.Fn EC_POINT_is_on_curve -tests whether the supplied point is on the curve or not. -.Pp -.Fn EC_POINT_cmp -compares the two supplied points and tests whether or not they are -equal. -.Pp -.Fn EC_POINT_mul -calculates the value -.Pp -.D1 generator * n + q * m -.Pp -and stores the result in -.Fa r . -The value -.Fa n -may be -.Dv NULL , -in which case the result is just -.Pp -.Dl q * m. -.Pp -See -.Xr EC_GROUP_copy 3 -for information about the generator. -.Sh RETURN VALUES -The following functions return 1 on success or 0 on error: -.Fn EC_POINT_add , -.Fn EC_POINT_dbl , -.Fn EC_POINT_invert , -.Fn EC_POINT_make_affine , -and -.Fn EC_POINT_mul -.Pp -.Fn EC_POINT_is_at_infinity -returns 1 if the point is at infinity or 0 otherwise. -.Pp -.Fn EC_POINT_is_on_curve -returns 1 if the point is on the curve, 0 if not, or -1 on error. -.Pp -.Fn EC_POINT_cmp -returns 1 if the points are not equal, 0 if they are, or -1 on error. -.Sh SEE ALSO -.Xr d2i_ECPKParameters 3 , -.Xr EC_GROUP_copy 3 , -.Xr EC_GROUP_new 3 , -.Xr EC_KEY_new 3 , -.Xr EC_POINT_new 3 -.Sh HISTORY -.Fn EC_POINT_add , -.Fn EC_POINT_dbl , -.Fn EC_POINT_invert , -.Fn EC_POINT_is_at_infinity , -.Fn EC_POINT_is_on_curve , -.Fn EC_POINT_cmp , -.Fn EC_POINT_make_affine , -and -.Fn EC_POINT_mul -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/EC_POINT_new.3 b/src/lib/libcrypto/man/EC_POINT_new.3 deleted file mode 100644 index db6280fce7..0000000000 --- a/src/lib/libcrypto/man/EC_POINT_new.3 +++ /dev/null @@ -1,455 +0,0 @@ -.\" $OpenBSD: EC_POINT_new.3,v 1.17 2025/03/08 17:04:07 tb Exp $ -.\" full merge up to: OpenSSL 50db8163 Jul 30 16:56:41 2018 +0100 -.\" -.\" This file was written by Matt Caswell . -.\" Copyright (c) 2013, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 8 2025 $ -.Dt EC_POINT_NEW 3 -.Os -.Sh NAME -.Nm EC_POINT_new , -.Nm EC_POINT_free , -.Nm EC_POINT_clear_free , -.Nm EC_POINT_copy , -.Nm EC_POINT_dup , -.Nm EC_POINT_set_to_infinity , -.Nm EC_POINT_set_affine_coordinates , -.Nm EC_POINT_set_affine_coordinates_GFp , -.Nm EC_POINT_get_affine_coordinates , -.Nm EC_POINT_get_affine_coordinates_GFp , -.Nm EC_POINT_set_compressed_coordinates , -.Nm EC_POINT_set_compressed_coordinates_GFp , -.Nm EC_POINT_point2oct , -.Nm EC_POINT_oct2point , -.Nm EC_POINT_point2bn , -.Nm EC_POINT_bn2point , -.Nm EC_POINT_point2hex , -.Nm EC_POINT_hex2point -.Nd create, destroy, and manipulate EC_POINT objects -.Sh SYNOPSIS -.In openssl/ec.h -.In openssl/bn.h -.Ft EC_POINT * -.Fo EC_POINT_new -.Fa "const EC_GROUP *group" -.Fc -.Ft void -.Fo EC_POINT_free -.Fa "EC_POINT *point" -.Fc -.Ft void -.Fo EC_POINT_clear_free -.Fa "EC_POINT *point" -.Fc -.Ft int -.Fo EC_POINT_copy -.Fa "EC_POINT *dst" -.Fa "const EC_POINT *src" -.Fc -.Ft EC_POINT * -.Fo EC_POINT_dup -.Fa "const EC_POINT *src" -.Fa "const EC_GROUP *group" -.Fc -.Ft int -.Fo EC_POINT_set_to_infinity -.Fa "const EC_GROUP *group" -.Fa "EC_POINT *point" -.Fc -.Ft int -.Fo EC_POINT_set_affine_coordinates -.Fa "const EC_GROUP *group" -.Fa "EC_POINT *p" -.Fa "const BIGNUM *x" -.Fa "const BIGNUM *y" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo EC_POINT_set_affine_coordinates_GFp -.Fa "const EC_GROUP *group" -.Fa "EC_POINT *p" -.Fa "const BIGNUM *x" -.Fa "const BIGNUM *y" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo EC_POINT_get_affine_coordinates -.Fa "const EC_GROUP *group" -.Fa "const EC_POINT *p" -.Fa "BIGNUM *x" -.Fa "BIGNUM *y" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo EC_POINT_get_affine_coordinates_GFp -.Fa "const EC_GROUP *group" -.Fa "const EC_POINT *p" -.Fa "BIGNUM *x" -.Fa "BIGNUM *y" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo EC_POINT_set_compressed_coordinates -.Fa "const EC_GROUP *group" -.Fa "EC_POINT *p" -.Fa "const BIGNUM *x" -.Fa "int y_bit" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo EC_POINT_set_compressed_coordinates_GFp -.Fa "const EC_GROUP *group" -.Fa "EC_POINT *p" -.Fa "const BIGNUM *x" -.Fa "int y_bit" -.Fa "BN_CTX *ctx" -.Fc -.Ft size_t -.Fo EC_POINT_point2oct -.Fa "const EC_GROUP *group" -.Fa "const EC_POINT *p" -.Fa "point_conversion_form_t form" -.Fa "unsigned char *buf" -.Fa "size_t len" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo EC_POINT_oct2point -.Fa "const EC_GROUP *group" -.Fa "EC_POINT *p" -.Fa "const unsigned char *buf" -.Fa "size_t len" -.Fa "BN_CTX *ctx" -.Fc -.Ft BIGNUM * -.Fo EC_POINT_point2bn -.Fa "const EC_GROUP *" -.Fa "const EC_POINT *" -.Fa "point_conversion_form_t form" -.Fa "BIGNUM *" -.Fa "BN_CTX *" -.Fc -.Ft EC_POINT * -.Fo EC_POINT_bn2point -.Fa "const EC_GROUP *" -.Fa "const BIGNUM *" -.Fa "EC_POINT *" -.Fa "BN_CTX *" -.Fc -.Ft char * -.Fo EC_POINT_point2hex -.Fa "const EC_GROUP *" -.Fa "const EC_POINT *" -.Fa "point_conversion_form_t form" -.Fa "BN_CTX *" -.Fc -.Ft EC_POINT * -.Fo EC_POINT_hex2point -.Fa "const EC_GROUP *" -.Fa "const char *" -.Fa "EC_POINT *" -.Fa "BN_CTX *" -.Fc -.Sh DESCRIPTION -An -.Vt EC_POINT -represents a point on a curve. -A curve is represented by an -.Vt EC_GROUP -object created by the functions described in -.Xr EC_GROUP_new 3 . -.Pp -A new point is constructed by calling the function -.Fn EC_POINT_new -and providing the -.Fa group -object that the point relates to. -.Pp -.Fn EC_POINT_free -frees the memory associated with the -.Vt EC_POINT . -If -.Fa point -is a -.Dv NULL -pointer, no action occurs. -.Pp -.Fn EC_POINT_clear_free -destroys any sensitive data held within the -.Vt EC_POINT -and then frees its memory. -If -.Fa point -is a -.Dv NULL -pointer, no action occurs. -.Pp -.Fn EC_POINT_copy -copies the point -.Fa src -into -.Fa dst . -Both -.Fa src -and -.Fa dst -must use the same -.Vt EC_METHOD . -.Pp -.Fn EC_POINT_dup -creates a new -.Vt EC_POINT -object and copies the content from -.Fa src -to the newly created -.Vt EC_POINT -object. -.Pp -A valid point on a curve is the special point at infinity. -A point is set to be at infinity by calling -.Fn EC_POINT_set_to_infinity . -.Pp -The affine coordinates for a point describe a point in terms of its -.Fa x -and -.Fa y -position. -The function -.Fn EC_POINT_set_affine_coordinates -sets the -.Fa x -and -.Fa y -coordinates for the point -.Fa p -defined over the curve given in -.Fa group . -The function -.Fn EC_POINT_get_affine_coordinates -sets -.Fa x -and -.Fa y , -either of which may be -.Dv NULL , -to the corresponding coordinates of -.Fa p . -.Pp -The functions -.Fn EC_POINT_set_affine_coordinates_GFp -is a deprecated synonym for -.Fn EC_POINT_set_affine_coordinates -and the function -.Fn EC_POINT_get_affine_coordinates_GFp -is a deprecated synonym for -.Fn EC_POINT_get_affine_coordinates . -.Pp -Points can also be described in terms of their compressed coordinates. -For a point -.Pq Fa x , y , -for any given value for -.Fa x -such that the point is on the curve, there will only ever be two -possible values for -.Fa y . -Therefore, a point can be set using the -.Fn EC_POINT_set_compressed_coordinates -function where -.Fa x -is the x coordinate and -.Fa y_bit -is a value 0 or 1 to identify which of the two possible values for y -should be used. -.Pp -The functions -.Fn EC_POINT_set_compressed_coordinates_GFp -is a deprecated synonym for -.Fn EC_POINT_set_compressed_coordinates . -.Pp -In addition -.Vt EC_POINT Ns s -can be converted to and from various external representations. -Supported representations are octet strings, -.Vt BIGNUM Ns s , -and hexadecimal. -The format of the external representation is described by the -point_conversion_form. -See -.Xr EC_GROUP_copy 3 -for a description of point_conversion_form. -Octet strings are stored in a buffer along with an associated buffer -length. -A point held in a -.Vt BIGNUM -is calculated by converting the point to an octet string and then -converting that octet string into a -.Vt BIGNUM -integer. -Points in hexadecimal format are stored in a NUL terminated character -string where each character is one of the printable values 0-9 or A-F -(or a-f). -.Pp -The functions -.Fn EC_POINT_point2oct , -.Fn EC_POINT_oct2point , -.Fn EC_POINT_point2bn , -.Fn EC_POINT_bn2point , -.Fn EC_POINT_point2hex , -and -.Fn EC_POINT_hex2point -convert from and to -.Vt EC_POINT Ns s -for the formats octet string, -.Vt BIGNUM , -and hexadecimal, respectively. -.Pp -The function -.Fn EC_POINT_point2oct -must be supplied with a -.Fa buf -long enough to store the octet string. -The return value provides the number of octets stored. -Calling the function with a -.Dv NULL -.Fa buf -will not perform the conversion but will still return the required -buffer length. -.Pp -The function -.Fn EC_POINT_point2hex -will allocate sufficient memory to store the hexadecimal string. -It is the caller's responsibility to free this memory with a subsequent -call to -.Xr free 3 . -.Sh RETURN VALUES -.Fn EC_POINT_new -and -.Fn EC_POINT_dup -return the newly allocated -.Vt EC_POINT -or -.Dv NULL -on error. -.Pp -The following functions return 1 on success or 0 on error: -.Fn EC_POINT_copy , -.Fn EC_POINT_set_to_infinity , -.Fn EC_POINT_set_affine_coordinates , -.Fn EC_POINT_set_affine_coordinates_GFp , -.Fn EC_POINT_get_affine_coordinates , -.Fn EC_POINT_get_affine_coordinates_GFp , -.Fn EC_POINT_set_compressed_coordinates , -.Fn EC_POINT_set_compressed_coordinates_GFp , -and -.Fn EC_POINT_oct2point . -.Pp -.Fn EC_POINT_point2oct -returns the length of the required buffer, or 0 on error. -.Pp -.Fn EC_POINT_point2bn -returns the pointer to the -.Vt BIGNUM -supplied or -.Dv NULL -on error. -.Pp -.Fn EC_POINT_bn2point -returns the pointer to the -.Vt EC_POINT -supplied or -.Dv NULL -on error. -.Pp -.Fn EC_POINT_point2hex -returns a pointer to the hex string or -.Dv NULL -on error. -.Pp -.Fn EC_POINT_hex2point -returns the pointer to the -.Vt EC_POINT -supplied or -.Dv NULL -on error. -.Sh SEE ALSO -.Xr d2i_ECPKParameters 3 , -.Xr EC_GROUP_copy 3 , -.Xr EC_GROUP_new 3 , -.Xr EC_KEY_new 3 , -.Xr EC_POINT_add 3 , -.Xr ECDH_compute_key 3 -.Sh HISTORY -.Fn EC_POINT_new , -.Fn EC_POINT_free , -.Fn EC_POINT_clear_free , -.Fn EC_POINT_copy , -.Fn EC_POINT_set_to_infinity , -.Fn EC_POINT_set_affine_coordinates_GFp , -.Fn EC_POINT_get_affine_coordinates_GFp , -.Fn EC_POINT_set_compressed_coordinates_GFp , -.Fn EC_POINT_point2oct , -and -.Fn EC_POINT_oct2point -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Pp -.Fn EC_POINT_dup , -.Fn EC_POINT_point2bn , -.Fn EC_POINT_bn2point , -.Fn EC_POINT_point2hex , -and -.Fn EC_POINT_hex2point -first appeared in OpenSSL 0.9.8 and have been available since -.Ox 4.5 . -.Pp -.Fn EC_POINT_set_affine_coordinates , -.Fn EC_POINT_get_affine_coordinates , -and -.Fn EC_POINT_set_compressed_coordinates -first appeared in OpenSSL 1.1.1 and have been available since -.Ox 7.0 . diff --git a/src/lib/libcrypto/man/ENGINE_new.3 b/src/lib/libcrypto/man/ENGINE_new.3 deleted file mode 100644 index 55ed963563..0000000000 --- a/src/lib/libcrypto/man/ENGINE_new.3 +++ /dev/null @@ -1,174 +0,0 @@ -.\" $OpenBSD: ENGINE_new.3,v 1.10 2023/11/19 21:13:47 tb Exp $ -.\" -.\" Copyright (c) 2023 Theo Buehler -.\" Copyright (c) 2018 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: November 19 2023 $ -.Dt ENGINE_NEW 3 -.Os -.Sh NAME -.Nm ENGINE_new , -.Nm ENGINE_free , -.Nm ENGINE_init , -.Nm ENGINE_finish , -.Nm ENGINE_ctrl_cmd , -.Nm ENGINE_ctrl_cmd_string , -.Nm ENGINE_by_id , -.Nm ENGINE_get_id , -.Nm ENGINE_get_name , -.Nm ENGINE_set_default , -.Nm ENGINE_get_default_RSA , -.Nm ENGINE_set_default_RSA , -.Nm ENGINE_load_private_key , -.Nm ENGINE_load_public_key , -.Nm ENGINE_load_builtin_engines , -.Nm ENGINE_load_dynamic , -.Nm ENGINE_load_openssl , -.Nm ENGINE_register_all_complete , -.Nm ENGINE_cleanup -.Nd ENGINE stub functions -.Sh SYNOPSIS -.In openssl/engine.h -.Ft ENGINE * -.Fn ENGINE_new void -.Ft int -.Fo ENGINE_free -.Fa "ENGINE *engine" -.Fc -.Ft int -.Fn ENGINE_init "ENGINE *engine" -.Ft int -.Fn ENGINE_finish "ENGINE *engine" -.Ft int -.Fo ENGINE_ctrl_cmd -.Fa "ENGINE *engine" -.Fa "const char *cmd_name" -.Fa "long i" -.Fa "void *p" -.Fa "void (*f)(void)" -.Fa "int cmd_optional" -.Fc -.Ft int -.Fo ENGINE_ctrl_cmd_string -.Fa "ENGINE *engine" -.Fa "const char *cmd_name" -.Fa "const char *arg" -.Fa "int cmd_optional" -.Fc -.Ft ENGINE * -.Fn ENGINE_by_id "const char *id" -.Ft const char * -.Fn ENGINE_get_id "const ENGINE *engine" -.Ft const char * -.Fn ENGINE_get_name "const ENGINE *engine" -.Ft int -.Fn ENGINE_set_default "ENGINE *engine" "unsigned int flags" -.Ft ENGINE * -.Fn ENGINE_get_default_RSA "ENGINE *engine" -.Ft int -.Fn ENGINE_set_default_RSA "ENGINE *engine" -.Ft EVP_PKEY * -.Fo ENGINE_load_private_key -.Fa "ENGINE *engine" -.Fa "const char *key_id" -.Fa "UI_METHOD *ui_method" -.Fa "void *callback_data" -.Fc -.Ft EVP_PKEY * -.Fo ENGINE_load_public_key -.Fa "ENGINE *engine" -.Fa "const char *key_id" -.Fa "UI_METHOD *ui_method" -.Fa "void *callback_data" -.Fc -.Ft void -.Fn ENGINE_load_builtin_engines "void" -.Ft void -.Fn ENGINE_load_dynamic "void" -.Ft void -.Fn ENGINE_load_openssl "void" -.Ft int -.Fn ENGINE_register_all_complete "void" -.Ft void -.Fn ENGINE_cleanup "void" -.Sh DESCRIPTION -.Vt ENGINE -objects used to provide alternative implementations of -cryptographic algorithms, for example using specialized hardware. -LibreSSL no longer supports this feature. -.Pp -All functions in this manual ignore all their arguments and -do nothing except return failure if possible. -They are provided only to avoid patching software that expects -.Vt ENGINE -support to be available. -.Sh RETURN VALUES -.Fn ENGINE_new , -.Fn ENGINE_by_id , -.Fn ENGINE_get_default_RSA , -.Fn ENGINE_load_private_key , -and -.Fn ENGINE_load_public_key -always return -.Dv NULL . -.Pp -.Fn ENGINE_free , -.Fn ENGINE_init , -.Fn ENGINE_finish , -.Fn ENGINE_ctrl_cmd , -.Fn ENGINE_ctrl_cmd_string , -.Fn ENGINE_set_default , -.Fn ENGINE_set_default_RSA , -and -.Fn ENGINE_register_all_complete -always return 0. -.Pp -.Fn ENGINE_get_id -and -.Fn ENGINE_get_name -always return the constant empty string. -.Sh SEE ALSO -.Xr crypto 3 -.Sh HISTORY -.Fn ENGINE_new , -.Fn ENGINE_free , -.Fn ENGINE_init , -.Fn ENGINE_finish , -.Fn ENGINE_by_id , -.Fn ENGINE_get_id , -.Fn ENGINE_get_name , -.Fn ENGINE_set_default , -.Fn ENGINE_get_default_RSA , -.Fn ENGINE_set_default_RSA , -.Fn ENGINE_load_private_key , -and -.Fn ENGINE_load_public_key -first appeared in OpenSSL 0.9.7 -and have been available since -.Ox 2.9 . -.Pp -.Fn ENGINE_ctrl_cmd , -.Fn ENGINE_ctrl_cmd_string , -.Fn ENGINE_load_builtin_engines , -.Fn ENGINE_load_openssl , -.Fn ENGINE_register_all_complete , -and -.Fn ENGINE_cleanup -first appeared in OpenSSL 0.9.7 -and have been available since -.Ox 3.4 . -.Pp -All these functions were turned into stubs in -.Ox 7.4 . diff --git a/src/lib/libcrypto/man/ERR.3 b/src/lib/libcrypto/man/ERR.3 deleted file mode 100644 index 8f17e7a329..0000000000 --- a/src/lib/libcrypto/man/ERR.3 +++ /dev/null @@ -1,152 +0,0 @@ -.\" $OpenBSD: ERR.3,v 1.11 2023/07/26 20:15:51 tb Exp $ -.\" OpenSSL 186bb907 Apr 13 11:05:13 2015 -0700 -.\" -.\" This file was written by Ulf Moeller and -.\" Dr. Stephen Henson . -.\" Copyright (c) 2000, 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 26 2023 $ -.Dt ERR 3 -.Os -.Sh NAME -.Nm ERR -.Nd OpenSSL error codes -.Sh SYNOPSIS -.In openssl/err.h -.Sh DESCRIPTION -When a call to the OpenSSL library fails, this is usually signaled by -the return value, and an error code is stored in an error queue -associated with the current thread. -The -.Nm -library provides functions to obtain these error codes and textual error -messages. -The -.Xr ERR_get_error 3 -manpage describes how to access error codes. -.Pp -Error codes contain information about where the error occurred, and what -went wrong. -.Xr ERR_GET_LIB 3 -describes how to extract this information. -A method to obtain human-readable error messages is described in -.Xr ERR_error_string 3 . -.Pp -.Xr ERR_clear_error 3 -can be used to clear the error queue. -.Pp -Note that -.Xr ERR_remove_state 3 -should be used to avoid memory leaks when threads are terminated. -.Sh ADDING NEW ERROR CODES TO OPENSSL -See -.Xr ERR_put_error 3 -if you want to record error codes in the OpenSSL error system from -within your application. -.Pp -The remainder of this section is of interest only if you want to add new -error codes to OpenSSL or add error codes from external libraries. -.Pp -When you are using new function or reason codes, run -.Sy make errors . -The necessary -.Sy #define Ns s -will then automatically be added to the sub-library's header file. -.Ss Adding new libraries -When adding a new sub-library to OpenSSL, assign it a library number -.Dv ERR_LIB_XXX , -define a macro -.Fn XXXerr -(both in -.In openssl/err.h ) , -add its name to -.Va ERR_str_libraries[] -(in -.Pa /usr/src/lib/libcrypto/err/err.c ) , -and add -.Fn ERR_load_XXX_strings -to the -.Fn ERR_load_crypto_strings -function (in -.Sy /usr/src/lib/libcrypto/err/err_all.c ) . -Finally, add -.Pa xxx_err.c -to the -.Pa Makefile . -.Sh USING ERROR CODES IN EXTERNAL LIBRARIES -It is also possible to use OpenSSL's error code scheme in external -libraries. -.Sh INTERNALS -The error queues are stored in a hash table with one -.Vt ERR_STATE -entry for each PID. -.Fn ERR_get_state -returns the current thread's -.Vt ERR_STATE . -An -.Vt ERR_STATE -can hold up to -.Dv ERR_NUM_ERRORS -error codes. -When more error codes are added, the old ones are overwritten, on the -assumption that the most recent errors are most important. -.Pp -Error strings are also stored in a hash table. -.Sh SEE ALSO -.Xr crypto 3 , -.Xr ERR_asprintf_error_data 3 , -.Xr ERR_clear_error 3 , -.Xr ERR_error_string 3 , -.Xr ERR_get_error 3 , -.Xr ERR_GET_LIB 3 , -.Xr ERR_load_crypto_strings 3 , -.Xr ERR_load_strings 3 , -.Xr ERR_print_errors 3 , -.Xr ERR_put_error 3 , -.Xr ERR_remove_state 3 , -.Xr ERR_set_mark 3 , -.Xr SSL_get_error 3 diff --git a/src/lib/libcrypto/man/ERR_GET_LIB.3 b/src/lib/libcrypto/man/ERR_GET_LIB.3 deleted file mode 100644 index bc14f0e2ac..0000000000 --- a/src/lib/libcrypto/man/ERR_GET_LIB.3 +++ /dev/null @@ -1,126 +0,0 @@ -.\" $OpenBSD: ERR_GET_LIB.3,v 1.7 2018/03/27 17:35:50 schwarze Exp $ -.\" OpenSSL doc/man3/ERR_GET_LIB.pod 3dfda1a6 Dec 12 11:14:40 2016 -0500 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 27 2018 $ -.Dt ERR_GET_LIB 3 -.Os -.Sh NAME -.Nm ERR_GET_LIB , -.Nm ERR_GET_FUNC , -.Nm ERR_GET_REASON , -.Nm ERR_FATAL_ERROR -.Nd get library, function and reason codes for OpenSSL errors -.Sh SYNOPSIS -.In openssl/err.h -.Ft int -.Fo ERR_GET_LIB -.Fa "unsigned long e" -.Fc -.Ft int -.Fo ERR_GET_FUNC -.Fa "unsigned long e" -.Fc -.Ft int -.Fo ERR_GET_REASON -.Fa "unsigned long e" -.Fc -.Ft int -.Fo ERR_FATAL_ERROR -.Fa "unsigned long e" -.Fc -.Sh DESCRIPTION -The error code returned by -.Xr ERR_get_error 3 -consists of a library number, function code, and reason code. -.Fn ERR_GET_LIB , -.Fn ERR_GET_FUNC , -and -.Fn ERR_GET_REASON -can be used to extract these. -.Pp -The library number and function code describe where the error occurred, -whereas the reason code is the information about what went wrong. -.Pp -Each sub-library of OpenSSL has a unique library number; function and -reason codes are unique within each sub-library. -Note that different libraries may use the same value to signal different -functions and reasons. -.Pp -.Dv ERR_R_* -reason codes such as -.Dv ERR_R_MALLOC_FAILURE -are globally unique. -However, when checking for sub-library specific reason codes, be sure to -also compare the library number. -.Pp -.Fn ERR_FATAL_ERROR -indicates whether a given error code is a fatal error. -.Pp -These functions are implemented as macros. -.Sh RETURN VALUES -.Fn ERR_GET_LIB , -.Fn ERR_GET_FUNC , -and -.Fn ERR_GET_REASON -return the library number, function code, and reason code, respectively. -.Pp -.Fn ERR_FATAL_ERROR -returns non-zero if the error is fatal or 0 otherwise. -.Sh SEE ALSO -.Xr ERR 3 , -.Xr ERR_get_error 3 -.Sh HISTORY -.Fn ERR_GET_LIB , -.Fn ERR_GET_FUNC , -.Fn ERR_GET_REASON , -and -.Fn ERR_FATAL_ERROR -first appeared in SSLeay 0.4.4 and have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/ERR_asprintf_error_data.3 b/src/lib/libcrypto/man/ERR_asprintf_error_data.3 deleted file mode 100644 index 4291dea23e..0000000000 --- a/src/lib/libcrypto/man/ERR_asprintf_error_data.3 +++ /dev/null @@ -1,55 +0,0 @@ -.\" $OpenBSD: ERR_asprintf_error_data.3,v 1.3 2024/08/29 20:23:21 tb Exp $ -.\" -.\" Copyright (c) 2017 Bob Beck -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.Dd $Mdocdate: August 29 2024 $ -.Dt ERR_ASPRINTF_ERROR_DATA 3 -.Os -.Sh NAME -.Nm ERR_asprintf_error_data -.Nd record a LibreSSL error using a formatted string -.Sh SYNOPSIS -.In openssl/err.h -.Ft void -.Fo ERR_asprintf_error_data -.Fa "char * format" -.Fa ... -.Fc -.Sh DESCRIPTION -.Nm -builds a string using -.Xr asprintf 3 -called with the provided -.Ar format -and arguments. -The resulting string is then associated with the error code that was most -recently added. -If -.Xr asprintf 3 -fails, the string "malloc failed" is associated instead. -.Pp -.Nm -is intended to be used instead of the OpenSSL functions -.Fn ERR_add_error_data -and -.Fn ERR_add_error_vdata . -.Sh SEE ALSO -.Xr ERR 3 , -.Xr ERR_put_error 3 , -.Xr printf 3 -.Sh HISTORY -.Nm -appeared in -.Ox 5.6 -and is available in all versions of LibreSSL. diff --git a/src/lib/libcrypto/man/ERR_clear_error.3 b/src/lib/libcrypto/man/ERR_clear_error.3 deleted file mode 100644 index 54f563e166..0000000000 --- a/src/lib/libcrypto/man/ERR_clear_error.3 +++ /dev/null @@ -1,70 +0,0 @@ -.\" $OpenBSD: ERR_clear_error.3,v 1.5 2018/03/27 17:35:50 schwarze Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 27 2018 $ -.Dt ERR_CLEAR_ERROR 3 -.Os -.Sh NAME -.Nm ERR_clear_error -.Nd clear the OpenSSL error queue -.Sh SYNOPSIS -.In openssl/err.h -.Ft void -.Fn ERR_clear_error void -.Sh DESCRIPTION -.Fn ERR_clear_error -empties the current thread's error queue. -.Sh SEE ALSO -.Xr ERR 3 , -.Xr ERR_get_error 3 -.Sh HISTORY -.Fn ERR_clear_error -first appeared in SSLeay 0.4.4 and has been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/ERR_error_string.3 b/src/lib/libcrypto/man/ERR_error_string.3 deleted file mode 100644 index 60f9132859..0000000000 --- a/src/lib/libcrypto/man/ERR_error_string.3 +++ /dev/null @@ -1,176 +0,0 @@ -.\" $OpenBSD: ERR_error_string.3,v 1.7 2018/03/27 17:35:50 schwarze Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000, 2004 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 27 2018 $ -.Dt ERR_ERROR_STRING 3 -.Os -.Sh NAME -.Nm ERR_error_string , -.Nm ERR_error_string_n , -.Nm ERR_lib_error_string , -.Nm ERR_func_error_string , -.Nm ERR_reason_error_string -.Nd obtain human-readable OpenSSL error messages -.Sh SYNOPSIS -.In openssl/err.h -.Ft char * -.Fo ERR_error_string -.Fa "unsigned long e" -.Fa "char *buf" -.Fc -.Ft void -.Fo ERR_error_string_n -.Fa "unsigned long e" -.Fa "char *buf" -.Fa "size_t len" -.Fc -.Ft const char * -.Fo ERR_lib_error_string -.Fa "unsigned long e" -.Fc -.Ft const char * -.Fo ERR_func_error_string -.Fa "unsigned long e" -.Fc -.Ft const char * -.Fo ERR_reason_error_string -.Fa "unsigned long e" -.Fc -.Sh DESCRIPTION -.Fn ERR_error_string -generates a human-readable string representing the error code -.Fa e -and places it in -.Fa buf . -.Fa buf -must be at least 256 bytes long. -If -.Fa buf -is -.Dv NULL , -the error string is placed in a static buffer. -Note that this function is not thread-safe and does no checks on -the size of the buffer; use -.Fn ERR_error_string_n -instead. -.Pp -.Fn ERR_error_string_n -is a variant of -.Fn ERR_error_string -that writes at most -.Fa len -characters (including the terminating NUL) and truncates the string -if necessary. -For -.Fn ERR_error_string_n , -.Fa buf -may not be -.Dv NULL . -.Pp -The string will have the following format: -.Pp -.Dl error:[error code]:[library name]:[function name]:[reason string] -.Pp -The error code is an 8-digit hexadecimal number. -The library name, the function name, and the reason string are ASCII -text. -.Pp -.Fn ERR_lib_error_string , -.Fn ERR_func_error_string , -and -.Fn ERR_reason_error_string -return the library name, the function name, and the reason string, -respectively. -.Pp -The OpenSSL error strings should be loaded by calling -.Xr ERR_load_crypto_strings 3 -or, for SSL applications, -.Xr SSL_load_error_strings 3 -first. -If there is no text string registered for the given error code, the -error string will contain the numeric code. -.Pp -.Xr ERR_print_errors 3 -can be used to print all error codes currently in the queue. -.Sh RETURN VALUES -.Fn ERR_error_string -returns a pointer to a static buffer containing the string if -.Fa buf -is -.Dv NULL , -or -.Fa buf -otherwise. -.Pp -.Fn ERR_lib_error_string , -.Fn ERR_func_error_string , -and -.Fn ERR_reason_error_string -return the strings, or -.Dv NULL -if none is registered for the error code. -.Sh SEE ALSO -.Xr ERR 3 , -.Xr ERR_get_error 3 , -.Xr ERR_load_crypto_strings 3 , -.Xr ERR_print_errors 3 , -.Xr SSL_load_error_strings 3 -.Sh HISTORY -.Fn ERR_error_string , -.Fn ERR_lib_error_string , -.Fn ERR_func_error_string , -and -.Fn ERR_reason_error_string -first appeared in SSLeay 0.4.4 and have been available since -.Ox 2.4 . -.Pp -.Fn ERR_error_string_n -first appeared in OpenSSL 0.9.6 and has been available since -.Ox 2.9 . diff --git a/src/lib/libcrypto/man/ERR_get_error.3 b/src/lib/libcrypto/man/ERR_get_error.3 deleted file mode 100644 index f3bcc09cbc..0000000000 --- a/src/lib/libcrypto/man/ERR_get_error.3 +++ /dev/null @@ -1,191 +0,0 @@ -.\" $OpenBSD: ERR_get_error.3,v 1.8 2018/03/27 17:35:50 schwarze Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000, 2002, 2014 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 27 2018 $ -.Dt ERR_GET_ERROR 3 -.Os -.Sh NAME -.Nm ERR_get_error , -.Nm ERR_peek_error , -.Nm ERR_peek_last_error , -.Nm ERR_get_error_line , -.Nm ERR_peek_error_line , -.Nm ERR_peek_last_error_line , -.Nm ERR_get_error_line_data , -.Nm ERR_peek_error_line_data , -.Nm ERR_peek_last_error_line_data -.Nd obtain OpenSSL error code and data -.Sh SYNOPSIS -.In openssl/err.h -.Ft unsigned long -.Fn ERR_get_error void -.Ft unsigned long -.Fn ERR_peek_error void -.Ft unsigned long -.Fn ERR_peek_last_error void -.Ft unsigned long -.Fo ERR_get_error_line -.Fa "const char **file" -.Fa "int *line" -.Fc -.Ft unsigned long -.Fo ERR_peek_error_line -.Fa "const char **file" -.Fa "int *line" -.Fc -.Ft unsigned long -.Fo ERR_peek_last_error_line -.Fa "const char **file" -.Fa "int *line" -.Fc -.Ft unsigned long -.Fo ERR_get_error_line_data -.Fa "const char **file" -.Fa "int *line" -.Fa "const char **data" -.Fa "int *flags" -.Fc -.Ft unsigned long -.Fo ERR_peek_error_line_data -.Fa "const char **file" -.Fa "int *line" -.Fa "const char **data" -.Fa "int *flags" -.Fc -.Ft unsigned long -.Fo ERR_peek_last_error_line_data -.Fa "const char **file" -.Fa "int *line" -.Fa "const char **data" -.Fa "int *flags" -.Fc -.Sh DESCRIPTION -.Fn ERR_get_error -returns the earliest error code from the thread's error queue and -removes the entry. -This function can be called repeatedly until there are no more error -codes to return. -.Pp -.Fn ERR_peek_error -returns the earliest error code from the thread's error queue without -modifying it. -.Pp -.Fn ERR_peek_last_error -returns the latest error code from the thread's error queue without -modifying it. -.Pp -See -.Xr ERR_GET_LIB 3 -for obtaining information about the location and reason for the error, and -.Xr ERR_error_string 3 -for human-readable error messages. -.Pp -.Fn ERR_get_error_line , -.Fn ERR_peek_error_line , -and -.Fn ERR_peek_last_error_line -are the same as the above, but they additionally store the file name and -line number where the error occurred in -.Pf * Fa file -and -.Pf * Fa line , -unless these are -.Dv NULL . -.Pp -.Fn ERR_get_error_line_data , -.Fn ERR_peek_error_line_data , -and -.Fn ERR_peek_last_error_line_data -store additional data and flags associated with the error code in -.Pf * Fa data -and -.Pf * Fa flags , -unless these are -.Dv NULL . -.Pf * Fa data -contains a string if -.Pf * Fa flags Ns & Ns Dv ERR_TXT_STRING -is true. -.Pp -An application -.Sy MUST NOT -free the -.Pf * Fa data -pointer (or any other pointers returned by these functions) with -.Xr free 3 -as freeing is handled automatically by the error library. -.Sh RETURN VALUES -The error code, or 0 if there is no error in the queue. -.Sh SEE ALSO -.Xr ERR 3 , -.Xr ERR_error_string 3 , -.Xr ERR_GET_LIB 3 -.Sh HISTORY -.Fn ERR_get_error -and -.Fn ERR_peek_error -first appeared in SSLeay 0.4.4. -.Fn ERR_get_error_line -and -.Fn ERR_peek_error_line -first appeared in SSLeay 0.6.0. -.Fn ERR_get_error_line_data -and -.Fn ERR_peek_error_line_data -first appeared in SSLeay 0.9.0. -All these functions have been available since -.Ox 2.4 . -.Pp -.Fn ERR_peek_last_error , -.Fn ERR_peek_last_error_line , -and -.Fn ERR_peek_last_error_line_data -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/ERR_load_crypto_strings.3 b/src/lib/libcrypto/man/ERR_load_crypto_strings.3 deleted file mode 100644 index 2bca8af60f..0000000000 --- a/src/lib/libcrypto/man/ERR_load_crypto_strings.3 +++ /dev/null @@ -1,150 +0,0 @@ -.\" $OpenBSD: ERR_load_crypto_strings.3,v 1.12 2024/03/05 19:21:31 tb Exp $ -.\" full merge up to: OpenSSL f672aee4 Feb 9 11:52:40 2016 -0500 -.\" selective merge up to: OpenSSL b3696a55 Sep 2 09:35:50 2017 -0400 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2017 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Ulf Moeller . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 5 2024 $ -.Dt ERR_LOAD_CRYPTO_STRINGS 3 -.Os -.Sh NAME -.Nm ERR_load_crypto_strings , -.Nm ERR_free_strings , -.Nm SSL_load_error_strings -.Nd load and free OpenSSL error strings -.\" The following functions are intentionally undocumented -.\" because they are merely subroutines of ERR_load_crypto_strings(3) -.\" and should not have been made a part of the API: -.\" ERR_load_ASN1_strings() -.\" ERR_load_BIO_strings() -.\" ERR_load_BN_strings() -.\" ERR_load_BUF_strings() -.\" ERR_load_CMS_strings() -.\" ERR_load_CONF_strings() -.\" ERR_load_CRYPTO_strings() -.\" ERR_load_DH_strings() -.\" ERR_load_DSA_strings() -.\" ERR_load_EC_strings() -.\" ERR_load_ERR_strings() -.\" ERR_load_EVP_strings() -.\" ERR_load_OBJ_strings() -.\" ERR_load_OCSP_strings() -.\" ERR_load_PEM_strings() -.\" ERR_load_PKCS12_strings() -.\" ERR_load_PKCS7_strings() -.\" ERR_load_RAND_strings() -.\" ERR_load_RSA_strings() -.\" ERR_load_TS_strings() -.\" ERR_load_UI_strings() -.\" ERR_load_X509_strings() -.\" ERR_load_X509V3_strings() -.Sh SYNOPSIS -.In openssl/err.h -.Ft void -.Fn ERR_load_crypto_strings void -.Ft void -.Fn ERR_free_strings void -.In openssl/ssl.h -.Ft void -.Fn SSL_load_error_strings void -.Sh DESCRIPTION -These functions are deprecated. -It is never useful for any application program to call any of them explicitly. -The library automatically calls them internally whenever needed. -.Pp -.Fn ERR_load_crypto_strings -registers the error strings for all -.Xr crypto 3 -functions. -.Fn SSL_load_error_strings -does the same, but also registers the -.Xr ssl 3 -error strings. -.Pp -If the error strings were already loaded before, no action occurs. -.Pp -.Fn ERR_free_strings -frees all previously loaded error strings. -.Sh SEE ALSO -.Xr ERR 3 , -.Xr ERR_error_string 3 , -.Xr OPENSSL_config 3 -.Sh HISTORY -.Fn ERR_load_crypto_strings -and -.Fn SSL_load_error_strings -first appeared in SSLeay 0.4.4. -.Fn ERR_free_strings -first appeared in SSLeay 0.5.1. -These functions been available since -.Ox 2.4 . -.Sh BUGS -Even though the error strings are already compiled into the object -code of the library as static strings, these functions store them -again using dynamically allocated memory on the heap. -That may fail if insufficient memory is available, -but these functions do not report such errors. -Instead, they fail silently, possibly having registered none or only -a part of the strings requested. diff --git a/src/lib/libcrypto/man/ERR_load_strings.3 b/src/lib/libcrypto/man/ERR_load_strings.3 deleted file mode 100644 index 1020743954..0000000000 --- a/src/lib/libcrypto/man/ERR_load_strings.3 +++ /dev/null @@ -1,116 +0,0 @@ -.\" $OpenBSD: ERR_load_strings.3,v 1.8 2024/07/26 03:40:43 tb Exp $ -.\" OpenSSL 05ea606a May 20 20:52:46 2016 -0400 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 26 2024 $ -.Dt ERR_LOAD_STRINGS 3 -.Os -.Sh NAME -.Nm ERR_load_strings , -.Nm ERR_PACK , -.Nm ERR_get_next_error_library -.Nd load arbitrary OpenSSL error strings -.Sh SYNOPSIS -.In openssl/err.h -.Ft void -.Fo ERR_load_strings -.Fa "int lib" -.Fa "ERR_STRING_DATA str[]" -.Fc -.Ft unsigned long -.Fo ERR_PACK -.Fa "int lib" -.Fa "int func" -.Fa "int reason" -.Fc -.Ft int -.Fn ERR_get_next_error_library void -.Sh DESCRIPTION -.Fn ERR_load_strings -registers error strings for library number -.Fa lib . -.Pp -.Fa str -is an array of error string data: -.Bd -literal -offset indent -typedef struct ERR_string_data_st { - unsigned long error; - char *string; -} ERR_STRING_DATA; -.Ed -.Pp -The error code is generated from the library number and a function and -reason code: -.Pp -.Dl error = ERR_PACK(lib, func, reason) -.Pp -.Fn ERR_PACK -is a macro. -.Pp -The last entry in the array is -.Brq 0 , Dv NULL . -.Pp -.Fn ERR_get_next_error_library -can be used to assign library numbers to user libraries at runtime. -.Sh RETURN VALUES -.Fn ERR_PACK -returns the error code. -.Fn ERR_get_next_error_library -returns a new library number. -.Sh SEE ALSO -.Xr ERR 3 -.Sh HISTORY -.Fn ERR_load_strings -and -.Fn ERR_PACK -first appeared in SSLeay 0.4.4. -.Fn ERR_get_next_error_library -first appeared in SSLeay 0.9.0. -These functions have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/ERR_print_errors.3 b/src/lib/libcrypto/man/ERR_print_errors.3 deleted file mode 100644 index a5c7c03287..0000000000 --- a/src/lib/libcrypto/man/ERR_print_errors.3 +++ /dev/null @@ -1,122 +0,0 @@ -.\" $OpenBSD: ERR_print_errors.3,v 1.8 2020/03/28 22:40:58 schwarze Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Ulf Moeller , -.\" with additions by Rich Salz . -.\" Copyright (c) 2000, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 28 2020 $ -.Dt ERR_PRINT_ERRORS 3 -.Os -.Sh NAME -.Nm ERR_print_errors , -.Nm ERR_print_errors_fp , -.Nm ERR_print_errors_cb -.Nd print OpenSSL error messages -.Sh SYNOPSIS -.In openssl/err.h -.Ft void -.Fo ERR_print_errors -.Fa "BIO *bp" -.Fc -.Ft void -.Fo ERR_print_errors_fp -.Fa "FILE *fp" -.Fc -.Ft void -.Fo ERR_print_errors_cb -.Fa "int (*cb)(const char *str, size_t len, void *u)" -.Fa "void *u" -.Fc -.Sh DESCRIPTION -.Fn ERR_print_errors -is a convenience function that prints the error strings for all errors -that OpenSSL has recorded to -.Fa bp , -thus emptying the error queue. -.Pp -.Fn ERR_print_errors_fp -is the same, except that the output goes to a -.Vt FILE . -.Pp -.Fn ERR_print_errors_cb -is the same, except that the callback function, -.Fa cb , -is called for each error line with the string, length, and userdata -.Fa u -as the callback parameters. -.Pp -The error strings have the following format: -.Bd -literal -[pid]:error:[error code]:[library name]:[function name]:[reason string]: -[file name]:[line]:[optional text message] -.Ed -.Pp -The error code is an 8-digit hexadecimal number. -The library name, the function name, and the reason string are ASCII -text, as is the optional text message if one was set for the -respective error code. -.Pp -If there is no text string registered for the given error code, the -error string will contain the numeric code. -.Sh SEE ALSO -.Xr ERR 3 , -.Xr ERR_error_string 3 , -.Xr ERR_get_error 3 , -.Xr ERR_load_crypto_strings 3 , -.Xr SSL_load_error_strings 3 -.Sh HISTORY -.Fn ERR_print_errors -first appeared in SSLeay 0.4.5. -.Fn ERR_print_errors_fp -first appeared in SSLeay 0.6.0. -Both functions have been available since -.Ox 2.4 . -.Pp -.Fn ERR_print_errors_cb -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/ERR_put_error.3 b/src/lib/libcrypto/man/ERR_put_error.3 deleted file mode 100644 index 37e1b4d1ab..0000000000 --- a/src/lib/libcrypto/man/ERR_put_error.3 +++ /dev/null @@ -1,125 +0,0 @@ -.\" $OpenBSD: ERR_put_error.3,v 1.11 2024/08/29 20:23:21 tb Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: August 29 2024 $ -.Dt ERR_PUT_ERROR 3 -.Os -.Sh NAME -.Nm ERR_put_error -.Nd record an OpenSSL error -.Sh SYNOPSIS -.In openssl/err.h -.Ft void -.Fo ERR_put_error -.Fa "int lib" -.Fa "int func" -.Fa "int reason" -.Fa "const char *file" -.Fa "int line" -.Fc -.Sh DESCRIPTION -.Fn ERR_put_error -adds an error code to the thread's error queue. -It signals that the error of reason code -.Fa reason -occurred in function -.Fa func -of library -.Fa lib , -in line number -.Fa line -of -.Fa file . -This function is usually called by a macro. -.Pp -.Xr ERR_load_strings 3 -can be used to register error strings so that the application can -generate human-readable error messages for the error code. -.Pp -Each sub-library has a specific macro -.Fn XXXerr f r -that is used to report errors. -Its first argument is a function code -.Dv XXX_F_* ; -the second argument is a reason code -.Dv XXX_R_* . -Function codes are derived from the function names -whereas reason codes consist of textual error descriptions. -For example, the function -.Fn ssl23_read -reports a "handshake failure" as follows: -.Pp -.Dl SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE); -.Pp -Function and reason codes should consist of upper case characters, -numbers and underscores only. -The error file generation script translates function codes into function -names by looking in the header files for an appropriate function name. -If none is found, it just uses the capitalized form such as "SSL23_READ" -in the above example. -.Pp -The trailing section of a reason code (after the "_R_") is translated -into lower case and underscores changed to spaces. -.Pp -Although a library will normally report errors using its own specific -.Fn XXXerr -macro, another library's macro can be used. -This is normally only done when a library wants to include ASN.1 code -which must use the -.Fn ASN1err -macro. -.Sh SEE ALSO -.Xr ERR 3 , -.Xr ERR_asprintf_error_data 3 , -.Xr ERR_load_strings 3 -.Sh HISTORY -.Fn ERR_put_error -first appeared in SSLeay 0.4.4 and has been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/ERR_remove_state.3 b/src/lib/libcrypto/man/ERR_remove_state.3 deleted file mode 100644 index bc28f15dea..0000000000 --- a/src/lib/libcrypto/man/ERR_remove_state.3 +++ /dev/null @@ -1,108 +0,0 @@ -.\" $OpenBSD: ERR_remove_state.3,v 1.7 2020/03/28 22:40:58 schwarze Exp $ -.\" OpenSSL 9b86974e Aug 17 15:21:33 2015 -0400 -.\" -.\" This file was written by Ulf Moeller and -.\" Matt Caswell . -.\" Copyright (c) 2000, 2013 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 28 2020 $ -.Dt ERR_REMOVE_STATE 3 -.Os -.Sh NAME -.Nm ERR_remove_thread_state , -.Nm ERR_remove_state -.Nd free a thread's OpenSSL error queue -.Sh SYNOPSIS -.In openssl/err.h -.Ft void -.Fo ERR_remove_thread_state -.Fa "const CRYPTO_THREADID *tid" -.Fc -.Pp -Deprecated: -.Pp -.Ft void -.Fo ERR_remove_state -.Fa "unsigned long pid" -.Fc -.Sh DESCRIPTION -.Fn ERR_remove_thread_state -frees the error queue associated with thread -.Fa tid . -If -.Fa tid -is -.Dv NULL , -the current thread will have its error queue removed. -.Pp -Since error queue data structures are allocated automatically for new -threads, they must be freed when threads are terminated in order to -avoid memory leaks. -.Pp -.Fn ERR_remove_state -is deprecated and has been replaced by -.Fn ERR_remove_thread_state . -Since threads in OpenSSL are no longer identified by unsigned long -values, any argument to this function is ignored. -Calling -.Fn ERR_remove_state -is equivalent to -.Fn ERR_remove_thread_state NULL . -.Sh SEE ALSO -.Xr ERR 3 -.Sh HISTORY -.Fn ERR_remove_state -first appeared in SSLeay 0.6.1 and has been available since -.Ox 2.4 . -.Pp -It was deprecated in OpenSSL 1.0.0 and -.Ox 4.9 -when -.Fn ERR_remove_thread_state -was introduced and thread IDs were introduced to identify threads -instead of -.Vt unsigned long . diff --git a/src/lib/libcrypto/man/ERR_set_mark.3 b/src/lib/libcrypto/man/ERR_set_mark.3 deleted file mode 100644 index 2f3486d8c0..0000000000 --- a/src/lib/libcrypto/man/ERR_set_mark.3 +++ /dev/null @@ -1,86 +0,0 @@ -.\" $OpenBSD: ERR_set_mark.3,v 1.4 2018/03/23 00:09:11 schwarze Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Richard Levitte . -.\" Copyright (c) 2003 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 23 2018 $ -.Dt ERR_SET_MARK 3 -.Os -.Sh NAME -.Nm ERR_set_mark , -.Nm ERR_pop_to_mark -.Nd set marks and pop OpenSSL errors until mark -.Sh SYNOPSIS -.In openssl/err.h -.Ft int -.Fn ERR_set_mark void -.Ft int -.Fn ERR_pop_to_mark void -.Sh DESCRIPTION -.Fn ERR_set_mark -sets a mark on the current topmost error record if there is one. -.Pp -.Fn ERR_pop_to_mark -will pop the top of the error stack until a mark is found. -The mark is then removed. -If there is no mark, the whole stack is removed. -.Sh RETURN VALUES -.Fn ERR_set_mark -returns 0 if the error stack is empty, otherwise 1. -.Pp -.Fn ERR_pop_to_mark -returns 0 if there was no mark in the error stack, which implies that -the stack became empty, otherwise 1. -.Sh SEE ALSO -.Xr ERR 3 -.Sh HISTORY -.Fn ERR_set_mark -and -.Fn ERR_pop_to_mark -first appeared in OpenSSL 0.9.8 and have been available since -.Ox 4.5 . diff --git a/src/lib/libcrypto/man/ESS_SIGNING_CERT_new.3 b/src/lib/libcrypto/man/ESS_SIGNING_CERT_new.3 deleted file mode 100644 index 4baabbcd99..0000000000 --- a/src/lib/libcrypto/man/ESS_SIGNING_CERT_new.3 +++ /dev/null @@ -1,117 +0,0 @@ -.\" $OpenBSD: ESS_SIGNING_CERT_new.3,v 1.5 2019/06/06 01:06:58 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: June 6 2019 $ -.Dt ESS_SIGNING_CERT_NEW 3 -.Os -.Sh NAME -.Nm ESS_SIGNING_CERT_new , -.Nm ESS_SIGNING_CERT_free , -.Nm ESS_CERT_ID_new , -.Nm ESS_CERT_ID_free , -.Nm ESS_ISSUER_SERIAL_new , -.Nm ESS_ISSUER_SERIAL_free -.Nd signing certificates for S/MIME -.Sh SYNOPSIS -.In openssl/ts.h -.Ft ESS_SIGNING_CERT * -.Fn ESS_SIGNING_CERT_new void -.Ft void -.Fn ESS_SIGNING_CERT_free "ESS_SIGNING_CERT *signing_cert" -.Ft ESS_CERT_ID * -.Fn ESS_CERT_ID_new void -.Ft void -.Fn ESS_CERT_ID_free "ESS_CERT_ID *cert_id" -.Ft ESS_ISSUER_SERIAL * -.Fn ESS_ISSUER_SERIAL_new void -.Ft void -.Fn ESS_ISSUER_SERIAL_free "ESS_ISSUER_SERIAL *issuer_serial" -.Sh DESCRIPTION -The signing certificate may be included in the signedAttributes -field of a -.Vt SignerInfo -structure to mitigate simple substitution and re-issue attacks. -.Pp -.Fn ESS_SIGNING_CERT_new -allocates and initializes an empty -.Vt ESS_SIGNING_CERT -object, representing an ASN.1 -.Vt SigningCertificate -structure defined in RFC 2634 section 5.4. -It can hold the certificate used for signing the data, -additional authorization certificates that can be used during -validation, and policies applying to the certificate. -.Fn ESS_SIGNING_CERT_free -frees -.Fa signing_cert . -.Pp -.Fn ESS_CERT_ID_new -allocates and initializes an empty -.Vt ESS_CERT_ID -object, representing an ASN.1 -.Vt ESSCertID -structure defined in RFC 2634 section 5.4.1. -Such objects can be used inside -.Vt ESS_SIGNING_CERT -objects, and each one can hold a SHA1 hash of one certificate. -.Fn ESS_CERT_ID_free -frees -.Fa cert_id . -.Pp -.Fn ESS_ISSUER_SERIAL_new -allocates and initializes an empty -.Vt ESS_ISSUER_SERIAL -object, representing an ASN.1 -.Vt IssuerSerial -structure defined in RFC 2634 section 5.4.1. -It can hold an issuer name and a serial number and can be included in an -.Vt ESS_CERT_ID -object, which is useful for additional authorization certificates, -but redundant for the signing certificate itself. -.Fn ESS_ISSUER_SERIAL_free -frees -.Fa issuer_serial . -.Sh RETURN VALUES -.Fn ESS_SIGNING_CERT_new , -.Fn ESS_CERT_ID_new , -and -.Fn ESS_ISSUER_SERIAL_new -return the new -.Vt ESS_SIGNING_CERT , -.Vt ESS_CERT_ID , -or -.Vt ESS_ISSUER_SERIAL -object, respectively, or -.Dv NULL -if an error occurred. -.Sh SEE ALSO -.Xr d2i_ESS_SIGNING_CERT 3 -.Sh STANDARDS -RFC 2634: Enhanced Security Services for S/MIME, -section 5: Signing Certificate Attribute -.Pp -Note that RFC 2634 has been updated by RFC 5035: -Enhanced Security Services (ESS) Update: -Adding CertID Algorithm Agility. -But the current implementation only supports the -Signing Certificate Attribute Definition Version 1 -according to RFC 2634, not the -Signing Certificate Attribute Definition Version 2 -according to RFC 5035. -.Sh HISTORY -These functions first appeared in OpenSSL 1.0.0 -and have been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/EVP_AEAD_CTX_init.3 b/src/lib/libcrypto/man/EVP_AEAD_CTX_init.3 deleted file mode 100644 index 8b3b8adb0f..0000000000 --- a/src/lib/libcrypto/man/EVP_AEAD_CTX_init.3 +++ /dev/null @@ -1,411 +0,0 @@ -.\" $OpenBSD: EVP_AEAD_CTX_init.3,v 1.16 2024/07/21 08:36:43 tb Exp $ -.\" -.\" Copyright (c) 2014, Google Inc. -.\" Parts of the text were written by Adam Langley and David Benjamin. -.\" Copyright (c) 2015 Reyk Floeter -.\" Copyright (c) 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and/or distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: July 21 2024 $ -.Dt EVP_AEAD_CTX_INIT 3 -.Os -.Sh NAME -.Nm EVP_AEAD_CTX_new , -.Nm EVP_AEAD_CTX_free , -.Nm EVP_AEAD_CTX_init , -.Nm EVP_AEAD_CTX_cleanup , -.Nm EVP_AEAD_CTX_open , -.Nm EVP_AEAD_CTX_seal , -.Nm EVP_AEAD_key_length , -.Nm EVP_AEAD_max_overhead , -.Nm EVP_AEAD_max_tag_len , -.Nm EVP_AEAD_nonce_length , -.Nm EVP_aead_aes_128_gcm , -.Nm EVP_aead_aes_256_gcm , -.Nm EVP_aead_chacha20_poly1305 , -.Nm EVP_aead_xchacha20_poly1305 -.Nd authenticated encryption with additional data -.Sh SYNOPSIS -.In openssl/evp.h -.Ft EVP_AEAD_CTX * -.Fn EVP_AEAD_CTX_new void -.Ft void -.Fo EVP_AEAD_CTX_free -.Fa "EVP_AEAD_CTX *ctx" -.Fc -.Ft int -.Fo EVP_AEAD_CTX_init -.Fa "EVP_AEAD_CTX *ctx" -.Fa "const EVP_AEAD *aead" -.Fa "const unsigned char *key" -.Fa "size_t key_len" -.Fa "size_t tag_len" -.Fa "ENGINE *engine" -.Fc -.Ft void -.Fo EVP_AEAD_CTX_cleanup -.Fa "EVP_AEAD_CTX *ctx" -.Fc -.Ft int -.Fo EVP_AEAD_CTX_open -.Fa "const EVP_AEAD_CTX *ctx" -.Fa "unsigned char *out" -.Fa "size_t *out_len" -.Fa "size_t max_out_len" -.Fa "const unsigned char *nonce" -.Fa "size_t nonce_len" -.Fa "const unsigned char *in" -.Fa "size_t in_len" -.Fa "const unsigned char *ad" -.Fa "size_t ad_len" -.Fc -.Ft int -.Fo EVP_AEAD_CTX_seal -.Fa "const EVP_AEAD_CTX *ctx" -.Fa "unsigned char *out" -.Fa "size_t *out_len" -.Fa "size_t max_out_len" -.Fa "const unsigned char *nonce" -.Fa "size_t nonce_len" -.Fa "const unsigned char *in" -.Fa "size_t in_len" -.Fa "const unsigned char *ad" -.Fa "size_t ad_len" -.Fc -.Ft size_t -.Fo EVP_AEAD_key_length -.Fa "const EVP_AEAD *aead" -.Fc -.Ft size_t -.Fo EVP_AEAD_max_overhead -.Fa "const EVP_AEAD *aead" -.Fc -.Ft size_t -.Fo EVP_AEAD_max_tag_len -.Fa "const EVP_AEAD *aead" -.Fc -.Ft size_t -.Fo EVP_AEAD_nonce_length -.Fa "const EVP_AEAD *aead" -.Fc -.Ft const EVP_AEAD * -.Fo EVP_aead_aes_128_gcm -.Fa void -.Fc -.Ft const EVP_AEAD * -.Fo EVP_aead_aes_256_gcm -.Fa void -.Fc -.Ft const EVP_AEAD * -.Fo EVP_aead_chacha20_poly1305 -.Fa void -.Fc -.Ft const EVP_AEAD * -.Fo EVP_aead_xchacha20_poly1305 -.Fa void -.Fc -.Sh DESCRIPTION -AEAD (Authenticated Encryption with Additional Data) couples -confidentiality and integrity in a single primitive. -AEAD algorithms take a key and can then seal and open individual -messages. -Each message has a unique, per-message nonce and, optionally, additional -data which is authenticated but not included in the output. -.Pp -.Fn EVP_AEAD_CTX_new -allocates a new context for use with -.Fn EVP_AEAD_CTX_init . -It can be cleaned up for reuse with -.Fn EVP_AEAD_CTX_cleanup -and must be freed with -.Fn EVP_AEAD_CTX_free . -.Pp -.Fn EVP_AEAD_CTX_free -cleans up -.Fa ctx -and frees the space allocated to it. -.Pp -.Fn EVP_AEAD_CTX_init -initializes the context -.Fa ctx -for the given AEAD algorithm -.Fa aead . -The -.Fa engine -argument must be -.Dv NULL -for the default implementation; -other values are not supported. -Authentication tags may be truncated by passing a tag length. -A -.Fa tag_len -argument of -.Dv EVP_AEAD_DEFAULT_TAG_LENGTH , -which has the value 0, causes the default tag length to be used. -.Pp -.Fn EVP_AEAD_CTX_cleanup -frees any data allocated for the context -.Fa ctx . -After -.Fn EVP_AEAD_CTX_cleanup , -.Fa ctx -is in the same state as after -.Fn EVP_AEAD_CTX_new . -.Pp -.Fn EVP_AEAD_CTX_open -authenticates the input -.Fa in -and optional additional data -.Fa ad , -decrypting the input and writing it as output -.Fa out . -This function may be called (with the same -.Vt EVP_AEAD_CTX ) -concurrently with itself or with -.Fn EVP_AEAD_CTX_seal . -At most the number of input bytes are written as output. -In order to ensure success, -.Fa max_out_len -should be at least the same as the input length -.Fa in_len . -On successful return -.Fa out_len -is set to the actual number of bytes written. -The length of the -.Fa nonce -specified with -.Fa nonce_len -must be equal to the result of EVP_AEAD_nonce_length for this AEAD. -.Fn EVP_AEAD_CTX_open -never results in partial output. -If -.Fa max_out_len -is insufficient, zero will be returned and -.Fa out_len -will be set to zero. -If the input and output are aliased then -.Fa out -must be <= -.Fa in . -.Pp -.Fn EVP_AEAD_CTX_seal -encrypts and authenticates the input and authenticates any additional -data provided in -.Fa ad , -the encrypted input and authentication tag being written as output -.Fa out . -This function may be called (with the same -.Vt EVP_AEAD_CTX ) -concurrently with itself or with -.Fn EVP_AEAD_CTX_open . -At most -.Fa max_out_len -bytes are written as output and, in order to ensure success, this value -should be the -.Fa in_len -plus the result of -.Fn EVP_AEAD_max_overhead . -On successful return, -.Fa out_len -is set to the actual number of bytes written. -The length of the -.Fa nonce -specified with -.Fa nonce_len -must be equal to the result of -.Fn EVP_AEAD_nonce_length -for this AEAD. -.Fn EVP_AEAD_CTX_seal -never results in a partial output. -If -.Fa max_out_len -is insufficient, zero will be returned and -.Fa out_len -will be set to zero. -If the input and output are aliased then -.Fa out -must be <= -.Fa in . -.Pp -.Fn EVP_AEAD_key_length , -.Fn EVP_AEAD_max_overhead , -.Fn EVP_AEAD_max_tag_len , -and -.Fn EVP_AEAD_nonce_length -provide information about the AEAD algorithm -.Fa aead . -.Pp -.Fn EVP_AEAD_max_tag_len -returns the maximum tag length that can be used with the given -.Fa aead . -This is the largest value that can be passed as the -.Fa tag_len -argument to -.Fn EVP_AEAD_CTX_init . -No built-in -.Vt EVP_AEAD -object has a maximum tag length larger than the constant -.Dv EVP_AEAD_MAX_TAG_LENGTH . -.Pp -All cipher algorithms have a fixed key length unless otherwise stated. -The following ciphers are available: -.Bl -tag -width Ds -offset indent -.It Fn EVP_aead_aes_128_gcm -AES-128 in Galois Counter Mode, using a -.Fa key_len -of 16 bytes and a -.Fa nonce_len -of 12 bytes. -.It Fn EVP_aead_aes_256_gcm -AES-256 in Galois Counter Mode, using a -.Fa key_len -of 32 bytes and a -.Fa nonce_len -of 12 bytes. -.It Fn EVP_aead_chacha20_poly1305 -ChaCha20 with a Poly1305 authenticator, using a -.Fa key_len -of 32 bytes and a -.Fa nonce_len -of 12 bytes. -The constant -.Dv EVP_CHACHAPOLY_TLS_TAG_LEN -specifies the length of the authentication tag in bytes and has a value of 16. -.It Fn EVP_aead_xchacha20_poly1305 -XChaCha20 with a Poly1305 authenticator, using a -.Fa key_len -of 32 bytes and a -.Fa nonce_len -of 24 bytes. -.El -.Pp -Unless compatibility with other implementations -like OpenSSL or BoringSSL is required, using the -.Sy EVP_AEAD -interface to AEAD ciphers is recommended -in preference to the functions documented in the -.Xr EVP_EncryptInit 3 , -.Xr EVP_aes_256_gcm 3 , -and -.Xr EVP_chacha20_poly1305 3 -manual pages. -The code then becomes transparent to the AEAD cipher used -and much more flexible. -It is also safer to use as it prevents common mistakes with the EVP APIs. -.Sh RETURN VALUES -.Fn EVP_AEAD_CTX_new -returns the new -.Vt EVP_AEAD_CTX -object on success; -otherwise -.Dv NULL -is returned and -.Va errno -is set to -.Er ENOMEM . -.Pp -.Fn EVP_AEAD_CTX_init , -.Fn EVP_AEAD_CTX_open , -and -.Fn EVP_AEAD_CTX_seal -return 1 for success or zero for failure. -.Pp -.Fn EVP_AEAD_key_length -returns the length of the key used for this AEAD. -.Pp -.Fn EVP_AEAD_max_overhead -returns the maximum number of additional bytes added by the act of -sealing data with the AEAD. -.Pp -.Fn EVP_AEAD_max_tag_len -returns the maximum tag length when using this AEAD. -.Pp -.Fn EVP_AEAD_nonce_length -returns the length of the per-message nonce. -.Sh EXAMPLES -Encrypt a string using ChaCha20-Poly1305: -.Bd -literal -offset indent -const EVP_AEAD *aead = EVP_aead_chacha20_poly1305(); -static const unsigned char nonce[32] = {0}; -size_t buf_len, nonce_len; -EVP_AEAD_CTX *ctx; - -ctx = EVP_AEAD_CTX_new(); -EVP_AEAD_CTX_init(ctx, aead, key32, EVP_AEAD_key_length(aead), - EVP_AEAD_DEFAULT_TAG_LENGTH, NULL); -nonce_len = EVP_AEAD_nonce_length(aead); - -EVP_AEAD_CTX_seal(ctx, out, &out_len, BUFSIZE, nonce, - nonce_len, in, in_len, NULL, 0); - -EVP_AEAD_CTX_free(ctx); -.Ed -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_EncryptInit 3 -.Sh STANDARDS -.Rs -.%A A. Langley -.%A W. Chang -.%A N. Mavrogiannopoulos -.%A J. Strombergson -.%A S. Josefsson -.%D June 2016 -.%R RFC 7905 -.%T ChaCha20-Poly1305 Cipher Suites for Transport Layer Security (TLS) -.Re -.Pp -.Rs -.%A S. Arciszewski -.%D October 2018 -.%R draft-arciszewski-xchacha-02 -.%T XChaCha: eXtended-nonce ChaCha and AEAD_XChaCha20_Poly1305 -.Re -.Sh HISTORY -AEAD is based on the implementation by -.An Adam Langley -.\" OpenSSL commit 9a8646510b Sep 9 12:13:24 2013 -0400 -for Chromium/BoringSSL and first appeared in -.Ox 5.6 . -.Pp -.Fn EVP_AEAD_CTX_new -and -.Fn EVP_AEAD_CTX_free -first appeared in -.Ox 7.1 . -.Sh CAVEATS -The original publications and code by -.An Adam Langley -used a modified AEAD construction that is incompatible with the common -style used by AEAD in TLS and incompatible with RFC 7905: -.Pp -.Rs -.%A A. Langley -.%A W. Chang -.%D November 2013 -.%R draft-agl-tls-chacha20poly1305-04 -.%T ChaCha20 and Poly1305 based Cipher Suites for TLS -.Re -.Pp -.Rs -.%A Y. Nir -.%A A. Langley -.%D June 2018 -.%R RFC 8439 -.%T ChaCha20 and Poly1305 for IETF Protocols -.Re -.Pp -In particular, the original version used a -.Fa nonce_len -of 8 bytes. diff --git a/src/lib/libcrypto/man/EVP_BytesToKey.3 b/src/lib/libcrypto/man/EVP_BytesToKey.3 deleted file mode 100644 index 1f78b4de06..0000000000 --- a/src/lib/libcrypto/man/EVP_BytesToKey.3 +++ /dev/null @@ -1,145 +0,0 @@ -.\" $OpenBSD: EVP_BytesToKey.3,v 1.9 2024/12/05 15:12:37 schwarze Exp $ -.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2001, 2011, 2013, 2014, 2015 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 5 2024 $ -.Dt EVP_BYTESTOKEY 3 -.Os -.Sh NAME -.Nm EVP_BytesToKey -.Nd password based encryption routine -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_BytesToKey -.Fa "const EVP_CIPHER *type" -.Fa "const EVP_MD *md" -.Fa "const unsigned char *salt" -.Fa "const unsigned char *data" -.Fa "int datal" -.Fa "int count" -.Fa "unsigned char *key" -.Fa "unsigned char *iv" -.Fc -.Sh DESCRIPTION -.Fn EVP_BytesToKey -derives a key and IV from various parameters. -.Fa type -is the cipher to derive the key and IV for. -.Fa md -is the message digest to use. -The -.Fa salt -parameter is used as a salt in the derivation: -it should point to a buffer containing -.Dv PKCS5_SALT_LEN No = 8 -bytes or -.Dv NULL -if no salt is used. -.Fa data -is a buffer containing -.Fa datal -bytes which is used to derive the keying data. -.Fa count -is the iteration count to use. -The derived key and IV will be written to -.Fa key -and -.Fa iv , -respectively. -.Pp -A typical application of this function is to derive keying material for -an encryption algorithm from a password in the -.Fa data -parameter. -.Pp -Increasing the -.Fa count -parameter slows down the algorithm, which makes it harder for an attacker -to perform a brute force attack using a large number of candidate -passwords. -.Pp -If the total key and IV length is less than the digest length and MD5 -is used, then the derivation algorithm is compatible with PKCS#5 v1.5. -Otherwise, a non-standard extension is used to derive the extra data. -.Pp -Newer applications should use more standard algorithms such as PBKDF2 as -defined in PKCS#5v2.1 for key derivation. -.Sh KEY DERIVATION ALGORITHM -The key and IV is derived by concatenating D_1, D_2, etc. until enough -data is available for the key and IV. -D_i is defined recursively as: -.Pp -.Dl D_i = HASH^count(D_(i-1) || data || salt) -.Pp -where || denotes concatenation, D_0 is empty, HASH is the digest -algorithm in use, HASH^1(data) is simply HASH(data), HASH^2(data) is -HASH(HASH(data)) and so on. -.Pp -The initial bytes are used for the key and the subsequent bytes for the -IV. -.Sh RETURN VALUES -If -.Fa data -is -.Dv NULL , -.Fn EVP_BytesToKey -returns the number of bytes needed to store the derived key. -Otherwise, -.Fn EVP_BytesToKey -returns the size of the derived key in bytes or 0 on error. -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_EncryptInit 3 , -.Xr PKCS5_PBKDF2_HMAC 3 -.Sh HISTORY -.Fn EVP_BytesToKey -first appeared in SSLeay 0.5.1 and has been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/EVP_CIPHER_CTX_ctrl.3 b/src/lib/libcrypto/man/EVP_CIPHER_CTX_ctrl.3 deleted file mode 100644 index d7ab36e711..0000000000 --- a/src/lib/libcrypto/man/EVP_CIPHER_CTX_ctrl.3 +++ /dev/null @@ -1,261 +0,0 @@ -.\" $OpenBSD: EVP_CIPHER_CTX_ctrl.3,v 1.4 2025/03/25 11:54:34 tb Exp $ -.\" full merge up to: OpenSSL 5211e094 Nov 11 14:39:11 2014 -0800 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2018, 2023 Ingo Schwarze -.\" Copyright (c) 2018 Damien Miller -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000, 2001, 2016 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 25 2025 $ -.Dt EVP_CIPHER_CTX_CTRL 3 -.Os -.Sh NAME -.Nm EVP_CIPHER_CTX_ctrl , -.Nm EVP_CIPHER_CTX_set_padding , -.Nm EVP_CIPHER_CTX_set_key_length , -.Nm EVP_CIPHER_CTX_key_length , -.Nm EVP_CIPHER_key_length , -.Nm EVP_CIPHER_CTX_iv_length , -.Nm EVP_CIPHER_iv_length , -.Nm EVP_CIPHER_CTX_set_iv , -.Nm EVP_CIPHER_CTX_get_iv -.Nd configure EVP cipher contexts -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_CIPHER_CTX_ctrl -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "int type" -.Fa "int arg" -.Fa "void *ptr" -.Fc -.Ft int -.Fo EVP_CIPHER_CTX_set_padding -.Fa "EVP_CIPHER_CTX *x" -.Fa "int padding" -.Fc -.Ft int -.Fo EVP_CIPHER_CTX_set_key_length -.Fa "EVP_CIPHER_CTX *x" -.Fa "int keylen" -.Fc -.Ft int -.Fo EVP_CIPHER_CTX_key_length -.Fa "const EVP_CIPHER_CTX *ctx" -.Fc -.Ft int -.Fo EVP_CIPHER_key_length -.Fa "const EVP_CIPHER *e" -.Fc -.Ft int -.Fo EVP_CIPHER_CTX_iv_length -.Fa "const EVP_CIPHER_CTX *ctx" -.Fc -.Ft int -.Fo EVP_CIPHER_iv_length -.Fa "const EVP_CIPHER *e" -.Fc -.Ft int -.Fo EVP_CIPHER_CTX_set_iv -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "const unsigned char *iv" -.Fa "size_t len" -.Fc -.Ft int -.Fo EVP_CIPHER_CTX_get_iv -.Fa "const EVP_CIPHER_CTX *ctx" -.Fa "unsigned char *iv" -.Fa "size_t len" -.Fc -.Sh DESCRIPTION -.Fn EVP_CIPHER_CTX_ctrl -allows various cipher specific parameters to be determined and set. -Currently only the RC2 effective key length can be set; see -.Xr EVP_rc2_cbc 3 -for details. -.Pp -.Fn EVP_CIPHER_CTX_set_padding -enables or disables padding. -This function should be called after the context is set up for -encryption or decryption with -.Xr EVP_EncryptInit_ex 3 , -.Xr EVP_DecryptInit_ex 3 , -or -.Xr EVP_CipherInit_ex 3 . -By default encryption operations are padded using standard block padding -and the padding is checked and removed when decrypting. -If the -.Fa padding -parameter is zero, then no padding is performed, the total amount of data -encrypted or decrypted must then be a multiple of the block size or an -error will occur. -.Pp -.Fn EVP_CIPHER_CTX_set_key_length -sets the key length of the cipher ctx. -If the cipher is a fixed length cipher, then attempting to set the key -length to any value other than the fixed value is an error. -.Pp -.Fn EVP_CIPHER_CTX_key_length -and -.Fn EVP_CIPHER_key_length -return the key length of a cipher when passed an -.Vt EVP_CIPHER_CTX -or -.Vt EVP_CIPHER -structure. -The constant -.Dv EVP_MAX_KEY_LENGTH -is the maximum key length for all ciphers. -Note: although -.Fn EVP_CIPHER_key_length -is fixed for a given cipher, the value of -.Fn EVP_CIPHER_CTX_key_length -may be different for variable key length ciphers. -.Pp -.Fn EVP_CIPHER_CTX_iv_length -and -.Fn EVP_CIPHER_iv_length -return the IV length of a cipher when passed an -.Vt EVP_CIPHER_CTX -or -.Vt EVP_CIPHER . -They will return zero if the cipher does not use an IV. -.Fn EVP_CIPHER_CTX_iv_length -can fail and return \-1. -The constant -.Dv EVP_MAX_IV_LENGTH -is the maximum IV length for all ciphers. -.Pp -.Fn EVP_CIPHER_CTX_set_iv -and -.Fn EVP_CIPHER_CTX_get_iv -set and retrieve the IV for an -.Vt EVP_CIPHER_CTX , -respectively. -In both cases, the specified IV length must exactly equal the expected -IV length for the context as returned by -.Fn EVP_CIPHER_CTX_iv_length . -.Sh RETURN VALUES -.Fn EVP_CIPHER_CTX_ctrl -returns 1 for success or 0 for failure. -Some implementations may return negative values for some errors. -.Pp -.Fn EVP_CIPHER_CTX_set_padding -always returns 1. -.Pp -.Fn EVP_CIPHER_CTX_set_key_length , -.Fn EVP_CIPHER_CTX_set_iv , -and -.Fn EVP_CIPHER_CTX_get_iv -return 1 for success or 0 for failure. -.Pp -.Fn EVP_CIPHER_CTX_key_length -and -.Fn EVP_CIPHER_key_length -return the key length. -.Pp -.Fn EVP_CIPHER_CTX_iv_length -and -.Fn EVP_CIPHER_iv_length -return the IV length or zero if the cipher does not use an IV. -.Fn EVP_CIPHER_CTX_iv_length -can fail and return \-1. -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_CIPHER_nid 3 , -.Xr EVP_EncryptInit 3 -.Sh HISTORY -.Fn EVP_CIPHER_CTX_key_length , -.Fn EVP_CIPHER_key_length , -.Fn EVP_CIPHER_CTX_iv_length , -and -.Fn EVP_CIPHER_iv_length -first appeared in SSLeay 0.6.5 and have been available since -.Ox 2.4 . -.Pp -.Fn EVP_CIPHER_CTX_ctrl -and -.Fn EVP_CIPHER_CTX_set_key_length -first appeared in OpenSSL 0.9.6 and have been available since -.Ox 2.9 . -.Pp -.Fn EVP_CIPHER_CTX_set_padding -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.2 . -.Pp -.Fn EVP_CIPHER_CTX_set_iv -and -.Fn EVP_CIPHER_CTX_get_iv -first appeared in LibreSSL 2.8.1 and have been available since -.Ox 6.4 . -.Sh BUGS -.Dv EVP_MAX_KEY_LENGTH -and -.Dv EVP_MAX_IV_LENGTH -only refer to the internal ciphers with default key lengths. -If custom ciphers exceed these values, the results are unpredictable. -This is because it has become standard practice to define a generic key -as a fixed unsigned char array containing -.Dv EVP_MAX_KEY_LENGTH -bytes. diff --git a/src/lib/libcrypto/man/EVP_CIPHER_CTX_get_cipher_data.3 b/src/lib/libcrypto/man/EVP_CIPHER_CTX_get_cipher_data.3 deleted file mode 100644 index 4f75c8b008..0000000000 --- a/src/lib/libcrypto/man/EVP_CIPHER_CTX_get_cipher_data.3 +++ /dev/null @@ -1,146 +0,0 @@ -.\" $OpenBSD: EVP_CIPHER_CTX_get_cipher_data.3,v 1.3 2023/08/26 15:12:04 schwarze Exp $ -.\" full merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Matt Caswell . -.\" Copyright (c) 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: August 26 2023 $ -.Dt EVP_CIPHER_CTX_GET_CIPHER_DATA 3 -.Os -.Sh NAME -.Nm EVP_CIPHER_CTX_get_cipher_data , -.Nm EVP_CIPHER_CTX_set_cipher_data , -.Nm EVP_CIPHER_CTX_buf_noconst -.Nd inspect and modify EVP_CIPHER_CTX objects -.Sh SYNOPSIS -.In openssl/evp.h -.Ft void * -.Fo EVP_CIPHER_CTX_get_cipher_data -.Fa "const EVP_CIPHER_CTX *ctx" -.Fc -.Ft void * -.Fo EVP_CIPHER_CTX_set_cipher_data -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "void *cipher_data" -.Fc -.Ft unsigned char * -.Fo EVP_CIPHER_CTX_buf_noconst -.Fa "EVP_CIPHER_CTX *ctx" -.Fc -.Sh DESCRIPTION -.Fn EVP_CIPHER_CTX_get_cipher_data -returns a pointer to the cipher data of -.Fa ctx . -The format and content of this data is specific to the algorithm -and to the particular implementation of the cipher. -For example, this data can be used by engines -to store engine specific information. -The data is automatically allocated and freed by OpenSSL, so -applications and engines should not normally free this directly (but see -below). -.Pp -.Fn EVP_CIPHER_CTX_set_cipher_data -allows an application or engine to replace the existing cipher data -with new data, transferring ownership of -.Fa cipher_data -to the -.Fa ctx -object. -A pointer to any existing cipher data is returned from this function. -If the old data is no longer required, -it should be freed through a call to -.Xr free 3 . -.Pp -.Fn EVP_CIPHER_CTX_buf_noconst -provides engines and custom cipher implementations -with access to the internal buffer that -.Xr EVP_EncryptUpdate 3 -copies input data into before encrypting it. -This function can for example be used -inside callback functions installed with -.Xr EVP_CIPHER_meth_set_do_cipher 3 . -.Sh RETURN VALUES -.Fn EVP_CIPHER_CTX_get_cipher_data -returns an internal pointer owned by -.Fa ctx . -.Pp -.Fn EVP_CIPHER_CTX_set_cipher_data -returns a pointer to the old cipher data of -.Fa ctx -and transfers ownership to the caller. -.Pp -.Fn EVP_CIPHER_CTX_buf_noconst -returns a pointer to an internal buffer owned by -.Fa ctx . -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_CIPHER_meth_new 3 , -.Xr EVP_EncryptInit 3 -.Sh HISTORY -.Fn EVP_CIPHER_CTX_get_cipher_data , -.Fn EVP_CIPHER_CTX_set_cipher_data , -and -.Fn EVP_CIPHER_CTX_buf_noconst -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 7.1 . diff --git a/src/lib/libcrypto/man/EVP_CIPHER_CTX_init.3 b/src/lib/libcrypto/man/EVP_CIPHER_CTX_init.3 deleted file mode 100644 index 79a8e540af..0000000000 --- a/src/lib/libcrypto/man/EVP_CIPHER_CTX_init.3 +++ /dev/null @@ -1,209 +0,0 @@ -.\" $OpenBSD: EVP_CIPHER_CTX_init.3,v 1.4 2024/12/06 15:01:01 schwarze Exp $ -.\" full merge up to: -.\" OpenSSL EVP_EncryptInit.pod 0874d7f2 Oct 11 13:13:47 2022 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2018, 2019, 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson -.\" and Richard Levitte . -.\" Copyright (c) 2000-2001, 2015 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 6 2024 $ -.Dt EVP_CIPHER_CTX_INIT 3 -.Os -.Sh NAME -.Nm EVP_CIPHER_CTX_init , -.Nm EVP_CIPHER_CTX_cleanup , -.Nm EVP_Cipher -.Nd obsolete EVP cipher functions -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_CIPHER_CTX_init -.Fa "EVP_CIPHER_CTX *ctx" -.Fc -.Ft int -.Fo EVP_CIPHER_CTX_cleanup -.Fa "EVP_CIPHER_CTX *ctx" -.Fc -.Ft int -.Fo EVP_Cipher -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "unsigned char *out" -.Fa "const unsigned char *in" -.Fa "unsigned int in_len" -.Fc -.Sh DESCRIPTION -.Fn EVP_CIPHER_CTX_init -is a deprecated function that could be used to clear a cipher context -on the stack before -.Vt EVP_CIPHER_CTX -was made opaque. -Calling it on a cipher context just returned from -.Xr EVP_CIPHER_CTX_new 3 -has no effect. -Calling it on a cipher context that was already used may leak memory -with older versions of the library. -Instead, use -.Xr EVP_CIPHER_CTX_reset 3 -or -.Xr EVP_CIPHER_CTX_free 3 . -.Pp -.Fn EVP_CIPHER_CTX_cleanup -is a deprecated alias for -.Xr EVP_CIPHER_CTX_reset 3 . -It clears all information from -.Fa ctx -and frees all allocated memory associated with it, except the -.Fa ctx -object itself. -.Pp -.Fn EVP_Cipher -exposes implementation details of the functions -.Xr EVP_CipherUpdate 3 -and -.Xr EVP_CipherFinal 3 -that should never have become part of the public API. -.Pp -If the flag -.Dv EVP_CIPH_FLAG_CUSTOM_CIPHER -is set for the cipher used by -.Fa ctx , -behaviour depends on -.Fa in . -If that argument is -.Dv NULL -and -.Fa in_len -is 0, behaviour is similar to -.Xr EVP_CipherFinal 3 ; -if -.Fa in_len -is not 0, behaviour is undefined. -If -.Fa in -is not -.Dv NULL , -behaviour is similar to -.Xr EVP_CipherUpdate 3 . -In both cases, the exceptions to the similarity are that arguments -and return values differ. -.Pp -If the flag -.Dv EVP_CIPH_FLAG_CUSTOM_CIPHER -is not set for the cipher used by -.Fa ctx , -it encrypts or decrypts aligned blocks of data -whose lengths match the cipher block size. -It requires that the previous encryption or decryption operation -using the same -.Fa ctx , -if there was any, ended exactly on a block boundary and that -.Fa in_len -is an integer multiple of the cipher block size. -If either of these conditions is violated, -.Fn EVP_Cipher -silently produces incorrect results. -For that reason, using the function -.Xr EVP_CipherUpdate 3 -instead is strongly recommended. -The latter can safely handle partial blocks, and even if -.Fa in_len -actually is a multiple of the cipher block size for all calls, -the overhead incurred by using -.Xr EVP_CipherUpdate 3 -is minimal. -.Sh RETURN VALUES -.Fn EVP_CIPHER_CTX_init -always returns 1. -.Pp -.Fn EVP_CIPHER_CTX_cleanup -returns 1 for success or 0 for failure. -.Pp -With -.Dv EVP_CIPH_FLAG_CUSTOM_CIPHER , -.Fn EVP_Cipher -returns the number of bytes written to -.Fa out -for success or \-1 for failure. -Without -.Dv EVP_CIPH_FLAG_CUSTOM_CIPHER , -it returns 1 for success or 0 for failure. -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_EncryptInit 3 -.Sh HISTORY -.Fn EVP_Cipher -first appeared in SSLeay 0.6.5. -.Fn EVP_CIPHER_CTX_cleanup -first appeared in SSLeay 0.8.0. -.Fn EVP_CIPHER_CTX_init -first appeared in SSLeay 0.9.0. -All these functions have been available since -.Ox 2.4 . -.Sh CAVEATS -Checking the return value of -.Fn EVP_Cipher -requires unusual caution: zero signals success if -.Dv EVP_CIPH_FLAG_CUSTOM_CIPHER -is set or failure otherwise. diff --git a/src/lib/libcrypto/man/EVP_CIPHER_CTX_set_flags.3 b/src/lib/libcrypto/man/EVP_CIPHER_CTX_set_flags.3 deleted file mode 100644 index 67ef8679bc..0000000000 --- a/src/lib/libcrypto/man/EVP_CIPHER_CTX_set_flags.3 +++ /dev/null @@ -1,233 +0,0 @@ -.\" $OpenBSD: EVP_CIPHER_CTX_set_flags.3,v 1.2 2023/09/06 16:26:49 schwarze Exp $ -.\" full merge up to: OpenSSL 5211e094 Nov 11 14:39:11 2014 -0800 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2019 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson -.\" and Patrick Steuer . -.\" Copyright (c) 2000, 2017 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: September 6 2023 $ -.Dt EVP_CIPHER_CTX_SET_FLAGS 3 -.Os -.Sh NAME -.Nm EVP_CIPHER_CTX_set_flags , -.Nm EVP_CIPHER_CTX_clear_flags , -.Nm EVP_CIPHER_CTX_test_flags , -.Nm EVP_CIPHER_CTX_rand_key , -.Nm EVP_CIPHER_param_to_asn1 , -.Nm EVP_CIPHER_asn1_to_param , -.\" .Nm EVP_CIPHER_set_asn1_iv and -.\" .Nm EVP_CIPHER_get_asn1_iv are intentionally undocumented -.\" because they are unused according to codesearch.debian.net -.\" and should probably not be public: they seem hardly useful -.\" even for implementing custom EVP_CIPHER algorithms. -.Nm EVP_CIPHER_CTX_get_app_data , -.Nm EVP_CIPHER_CTX_set_app_data -.Nd unusual EVP cipher context configuration -.Sh SYNOPSIS -.In openssl/evp.h -.Ft void -.Fo EVP_CIPHER_CTX_set_flags -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "int flags" -.Fc -.Ft void -.Fo EVP_CIPHER_CTX_clear_flags -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "int flags" -.Fc -.Ft int -.Fo EVP_CIPHER_CTX_test_flags -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "int flags" -.Fc -.Ft int -.Fo EVP_CIPHER_CTX_rand_key -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "unsigned char *key" -.Fc -.Ft int -.Fo EVP_CIPHER_param_to_asn1 -.Fa "EVP_CIPHER_CTX *c" -.Fa "ASN1_TYPE *type" -.Fc -.Ft int -.Fo EVP_CIPHER_asn1_to_param -.Fa "EVP_CIPHER_CTX *c" -.Fa "ASN1_TYPE *type" -.Fc -.Ft void * -.Fo EVP_CIPHER_CTX_get_app_data -.Fa "const EVP_CIPHER_CTX *ctx" -.Fc -.Ft void -.Fo EVP_CIPHER_CTX_set_app_data -.Fa "const EVP_CIPHER_CTX *ctx" -.Fa "void *data" -.Fc -.Sh DESCRIPTION -.Fn EVP_CIPHER_CTX_set_flags -enables the given -.Fa flags -in -.Fa ctx . -.Fn EVP_CIPHER_CTX_clear_flags -disables the given -.Fa flags -in -.Fa ctx . -.Fn EVP_CIPHER_CTX_test_flags -checks whether any of the given -.Fa flags -are currently set in -.Fa ctx , -returning the subset of the -.Fa flags -that are set, or 0 if none of them are set. -Currently, the only supported cipher context flag is -.Dv EVP_CIPHER_CTX_FLAG_WRAP_ALLOW ; -see -.Xr EVP_aes_128_wrap 3 -for details. -.Pp -.Fn EVP_CIPHER_CTX_rand_key -generates a random key of the appropriate length based on the cipher -context. -The -.Vt EVP_CIPHER -can provide its own random key generation routine to support keys -of a specific form. -The -.Fa key -argument must point to a buffer at least as big as the value returned by -.Xr EVP_CIPHER_CTX_key_length 3 . -.Pp -.Fn EVP_CIPHER_param_to_asn1 -sets the ASN.1 -.Vt AlgorithmIdentifier -parameter based on the passed cipher. -This will typically include any parameters and an IV. -The cipher IV (if any) must be set when this call is made. -This call should be made before the cipher is actually "used" (before any -.Xr EVP_EncryptUpdate 3 -or -.Xr EVP_DecryptUpdate 3 -calls, for example). -This function may fail if the cipher does not have any ASN.1 support. -.Pp -.Fn EVP_CIPHER_asn1_to_param -sets the cipher parameters based on an ASN.1 -.Vt AlgorithmIdentifier -parameter. -The precise effect depends on the cipher. -In the case of RC2, for example, it will set the IV and effective -key length. -This function should be called after the base cipher type is set but -before the key is set. -For example -.Xr EVP_CipherInit 3 -will be called with the IV and key set to -.Dv NULL , -.Fn EVP_CIPHER_asn1_to_param -will be called and finally -.Xr EVP_CipherInit 3 -again with all parameters except the key set to -.Dv NULL . -It is possible for this function to fail if the cipher does not -have any ASN.1 support or the parameters cannot be set (for example -the RC2 effective key length is not supported). -.Sh RETURN VALUES -.Fn EVP_CIPHER_CTX_rand_key -return 1 for success or 0 for failure. -.Pp -.Fn EVP_CIPHER_param_to_asn1 -and -.Fn EVP_CIPHER_asn1_to_param -return greater than zero for success and zero or a negative number -for failure. -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_CIPHER_CTX_ctrl 3 , -.Xr EVP_CIPHER_CTX_get_cipher_data 3 , -.Xr EVP_CIPHER_nid 3 , -.Xr EVP_EncryptInit 3 -.Sh HISTORY -.Fn EVP_CIPHER_CTX_set_app_data -and -.Fn EVP_CIPHER_CTX_get_app_data -first appeared in SSLeay 0.8.0. -.Fn EVP_CIPHER_param_to_asn1 -and -.Fn EVP_CIPHER_asn1_to_param -first appeared in SSLeay 0.9.0. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn EVP_CIPHER_CTX_rand_key -first appeared in OpenSSL 0.9.8 and has been available since -.Ox 4.5 . -.Sh BUGS -The ASN.1 code is incomplete (and sometimes inaccurate). -It has only been tested for certain common S/MIME ciphers -(RC2, DES, triple DES) in CBC mode. diff --git a/src/lib/libcrypto/man/EVP_CIPHER_do_all.3 b/src/lib/libcrypto/man/EVP_CIPHER_do_all.3 deleted file mode 100644 index e912044978..0000000000 --- a/src/lib/libcrypto/man/EVP_CIPHER_do_all.3 +++ /dev/null @@ -1,211 +0,0 @@ -.\" $OpenBSD: EVP_CIPHER_do_all.3,v 1.3 2024/03/14 23:54:55 tb Exp $ -.\" -.\" Copyright (c) 2023,2024 Theo Buehler -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 14 2024 $ -.Dt EVP_CIPHER_DO_ALL 3 -.Os -.Sh NAME -.Nm EVP_CIPHER_do_all , -.Nm EVP_CIPHER_do_all_sorted , -.Nm EVP_MD_do_all , -.Nm EVP_MD_do_all_sorted , -.Nm OBJ_NAME_do_all , -.Nm OBJ_NAME_do_all_sorted -.Nd iterate over lookup tables for ciphers and digests -.Sh SYNOPSIS -.In openssl/evp.h -.Ft void -.Fo EVP_CIPHER_do_all -.Fa "void (*fn)(const EVP_CIPHER *cipher, const char *from,\ - const char *to, void *arg)" -.Fa "void *arg" -.Fc -.Ft void -.Fo EVP_CIPHER_do_all_sorted -.Fa "void (*fn)(const EVP_CIPHER *cipher, const char *from,\ - const char *to, void *arg)" -.Fa "void *arg" -.Fc -.Ft void -.Fo EVP_MD_do_all -.Fa "void (*fn)(const EVP_MD *md, const char *from,\ - const char *to, void *arg)" -.Fa "void *arg" -.Fc -.Ft void -.Fo EVP_MD_do_all_sorted -.Fa "void (*fn)(const EVP_MD *md, const char *from,\ - const char *to, void *arg)" -.Fa "void *arg" -.Fc -.Bd -literal -typedef struct { - int type; - int alias; - const char *name; - const char *data; -} OBJ_NAME; -.Ed -.Pp -.Ft void -.Fo OBJ_NAME_do_all -.Fa "int type" -.Fa "void (*fn)(const OBJ_NAME *obj_name, void *arg)" -.Fa "void *arg" -.Fc -.Ft void -.Fo OBJ_NAME_do_all_sorted -.Fa "int type" -.Fa "void (*fn)(const OBJ_NAME *obj_name, void *arg)" -.Fa "void *arg" -.Fc -.Sh DESCRIPTION -.Fn EVP_CIPHER_do_all -calls -.Fa fn -on every entry of the global table of cipher names and aliases. -For a cipher name entry, -.Fa fn -is called with a non-NULL -.Fa cipher , -its non-NULL cipher name -.Fa from , -a NULL -.Fa to , -and the -.Fa arg -pointer. -For an alias entry, -.Fa fn -is called with a NULL -.Fa cipher , -its alias -.Fa from , -the cipher name that alias points -.Fa to , -and the -.Fa arg -pointer. -.Pp -.Fn EVP_CIPHER_do_all_sorted -is similar, except that it processes the cipher names and aliases -in lexicographic order of their -.Fa from -names as determined by -.Xr strcmp 3 . -.Pp -.Fn EVP_MD_do_all -calls -.Fa fn -on every entry of the global table of digest names and aliases. -For a digest name entry, -.Fa fn -is called with a non-NULL -.Fa md , -its non-NULL digest name -.Fa from , -a NULL -.Fa to , -and the -.Fa arg -pointer. -For an alias entry, -.Fa fn -is called with a NULL -.Fa md , -its alias -.Fa from , -the digest name that alias points -.Fa to , -and the -.Fa arg -pointer. -.Pp -.Fn EVP_MD_do_all_sorted -is similar, except that it processes the digest names and aliases -in lexicographic order of their -.Fa from -names as determined by -.Xr strcmp 3 . -.Pp -.Vt OBJ_NAME -is an abstraction of the types underlying the lookup tables -for ciphers and their aliases, and digests and their aliases, respectively. -For a cipher, -.Fa type -is -.Dv OBJ_NAME_TYPE_CIPHER_METH , -.Fa alias -is 0, -.Fa name -is its lookup name and -.Fa data -is the -.Vt EVP_CIPHER -object it represents, cast to -.Vt const char * . -For a cipher alias, -.Fa type -is -.Dv OBJ_NAME_TYPE_CIPHER_METH , -.Fa alias -is -.Dv OBJ_NAME_ALIAS , -.Fa name -is its lookup name and -.Fa data -is the name it aliases. -Digests representing an -.Vt EVP_MD -object and their aliases are represented similarly, except that their type is -.Dv OBJ_NAME_TYPE_MD_METH . -.Pp -.Fn OBJ_NAME_do_all -calls -.Fa fn -on every -.Fa obj_name -in the table that has the given -.Fa type -(either -.Dv OBJ_NAME_TYPE_CIPHER_METH -or -.Dv OBJ_NAME_TYPE_MD_METH ) , -also passing the -.Fa arg -pointer. -.Fn OBJ_NAME_do_all_sorted -is similar except that it processes the -.Fa obj_name -in lexicographic order of their names as determined by -.Xr strcmp 3 . -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_get_cipherbyname 3 , -.Xr EVP_get_digestbyname 3 -.Sh HISTORY -These functions first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . -.Sh CAVEATS -.Fn EVP_CIPHER_do_all_sorted , -.Fn EVP_MD_do_all_sorted , -and -.Fn OBJ_NAME_do_all_sorted -cannot report errors. -In some implementations they need to allocate internally and -if memory allocation fails they do nothing at all, -without telling the caller about the problem. diff --git a/src/lib/libcrypto/man/EVP_CIPHER_meth_new.3 b/src/lib/libcrypto/man/EVP_CIPHER_meth_new.3 deleted file mode 100644 index 187dab6d8a..0000000000 --- a/src/lib/libcrypto/man/EVP_CIPHER_meth_new.3 +++ /dev/null @@ -1,388 +0,0 @@ -.\" $OpenBSD: EVP_CIPHER_meth_new.3,v 1.6 2024/03/04 09:49:07 tb Exp $ -.\" selective merge up to: OpenSSL b0edda11 Mar 20 13:00:17 2018 +0000 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Richard Levitte -.\" Copyright (c) 2015 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 4 2024 $ -.Dt EVP_CIPHER_METH_NEW 3 -.Os -.Sh NAME -.Nm EVP_CIPHER_meth_new , -.Nm EVP_CIPHER_meth_dup , -.Nm EVP_CIPHER_meth_free , -.Nm EVP_CIPHER_meth_set_iv_length , -.Nm EVP_CIPHER_meth_set_flags , -.Nm EVP_CIPHER_meth_set_impl_ctx_size , -.Nm EVP_CIPHER_meth_set_init , -.Nm EVP_CIPHER_meth_set_do_cipher , -.Nm EVP_CIPHER_meth_set_cleanup , -.Nm EVP_CIPHER_meth_set_set_asn1_params , -.Nm EVP_CIPHER_meth_set_get_asn1_params , -.Nm EVP_CIPHER_meth_set_ctrl -.Nd Routines to build up EVP_CIPHER methods -.Sh SYNOPSIS -.In openssl/evp.h -.Ft EVP_CIPHER * -.Fo EVP_CIPHER_meth_new -.Fa "int cipher_type" -.Fa "int block_size" -.Fa "int key_len" -.Fc -.Ft EVP_CIPHER * -.Fo EVP_CIPHER_meth_dup -.Fa "const EVP_CIPHER *cipher" -.Fc -.Ft void -.Fo EVP_CIPHER_meth_free -.Fa "EVP_CIPHER *cipher" -.Fc -.Ft int -.Fo EVP_CIPHER_meth_set_iv_length -.Fa "EVP_CIPHER *cipher" -.Fa "int iv_len" -.Fc -.Ft int -.Fo EVP_CIPHER_meth_set_flags -.Fa "EVP_CIPHER *cipher" -.Fa "unsigned long flags" -.Fc -.Ft int -.Fo EVP_CIPHER_meth_set_impl_ctx_size -.Fa "EVP_CIPHER *cipher" -.Fa "int ctx_size" -.Fc -.Ft int -.Fo EVP_CIPHER_meth_set_init -.Fa "EVP_CIPHER *cipher" -.Fa "int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key,\ - const unsigned char *iv, int enc)" -.Fc -.Ft int -.Fo EVP_CIPHER_meth_set_do_cipher -.Fa "EVP_CIPHER *cipher" -.Fa "int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,\ - const unsigned char *in, size_t inl)" -.Fc -.Ft int -.Fo EVP_CIPHER_meth_set_cleanup -.Fa "EVP_CIPHER *cipher" -.Fa "int (*cleanup)(EVP_CIPHER_CTX *)" -.Fc -.Ft int -.Fo EVP_CIPHER_meth_set_set_asn1_params -.Fa "EVP_CIPHER *cipher" -.Fa "int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *)" -.Fc -.Ft int -.Fo EVP_CIPHER_meth_set_get_asn1_params -.Fa "EVP_CIPHER *cipher" -.Fa "int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *)" -.Fc -.Ft int -.Fo EVP_CIPHER_meth_set_ctrl -.Fa "EVP_CIPHER *cipher" -.Fa "int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr)" -.Fc -.Sh DESCRIPTION -The -.Vt EVP_CIPHER -type is a structure holding function pointers for -a symmetric cipher implementation. -.Pp -.Fn EVP_CIPHER_meth_new -allocates a new -.Vt EVP_CIPHER -structure. -The cipher's NID (see -.Xr EVP_CIPHER_nid 3 ) -is set to -.Fa cipher_type , -the block size and key length are set to -.Fa block_size -and -.Fa key_len , -respectively. -.Pp -.Fn EVP_CIPHER_meth_dup -creates a copy of -.Fa cipher . -.Pp -.Fn EVP_CIPHER_meth_free -frees an -.Vt EVP_CIPHER -structure. -.Pp -.Fn EVP_CIPHER_meth_set_iv_length -sets the length of the initialization vector. -This is only needed when the implemented cipher mode requires it. -.Pp -.Fn EVP_CIPHER_meth_set_flags -overwrites the flags to describe optional behaviours in -.Fa cipher -with -.Fa flags . -At most one of the following cipher modes can be set: -.Dv EVP_CIPH_STREAM_CIPHER , -.Dv EVP_CIPH_ECB_MODE , -.Dv EVP_CIPH_CBC_MODE , -.Dv EVP_CIPH_CFB_MODE , -.Dv EVP_CIPH_OFB_MODE , -.Dv EVP_CIPH_CTR_MODE , -.Dv EVP_CIPH_GCM_MODE , -.Dv EVP_CIPH_CCM_MODE , -.Dv EVP_CIPH_XTS_MODE , -and -.Dv EVP_CIPH_WRAP_MODE . -.Pp -Zero or more of the following flags can be OR'ed into the -.Fa flags -argument: -.Bl -tag -width Ds -.It Dv EVP_CIPH_VARIABLE_LENGTH -This cipher has a variable key length, and the function -.Xr EVP_CIPHER_CTX_set_key_length 3 -can be used with it. -.It Dv EVP_CIPH_CUSTOM_IV -Instruct -.Xr EVP_CipherInit_ex 3 -and similar initialization functions to leave storing and initialising -the IV entirely to the implementation. -If this flag is set, -the implementation is typically expected to do that in its -.Fa init -function. -.It Dv EVP_CIPH_ALWAYS_CALL_INIT -Instruct -.Xr EVP_CipherInit_ex 3 -and similar initialization functions to call the implementation's -.Fa init -function even if the -.Fa key -argument is -.Dv NULL . -.It Dv EVP_CIPH_CTRL_INIT -Instruct -.Xr EVP_CipherInit_ex 3 -and similar initialization functions to call the implementation's -.Fa ctrl -function with a command -.Fa type -of -.Dv EVP_CTRL_INIT -early during the setup. -.It Dv EVP_CIPH_NO_PADDING -Instruct -.Xr EVP_CipherFinal_ex 3 -and similar finalization functions to not use standard block padding -but instead report an error if the total amount of data -to be encrypted or decrypted is not a multiple of the block size. -.It Dv EVP_CIPH_RAND_KEY -Instruct -.Xr EVP_CIPHER_CTX_rand_key 3 -to not generate a random key using -.Xr arc4random_buf 3 -but instead leave that to the implementation by calling the -.Fa ctrl -function with a command -.Fa type -of -.Dv EVP_CTRL_RAND_KEY -and the pointer to the key memory storage in -.Fa ptr . -.It Dv EVP_CIPH_CUSTOM_COPY -Instruct -.Xr EVP_CIPHER_CTX_copy 3 -to call the implementation's -.Fa ctrl -function with a command -.Fa type -of -.Dv EVP_CTRL_COPY -and the destination -.Fa "EVP_CIPHER_CTX *out" -in the -.Fa ptr -argument immediately before returning successfully. -The intended use is for further things to deal with after the -implementation specific data block has been copied. -The implementation-specific data block is reached with -.Xr EVP_CIPHER_CTX_get_cipher_data 3 . -.It Dv EVP_CIPH_FLAG_DEFAULT_ASN1 -Instruct -.Xr EVP_CIPHER_param_to_asn1 3 -to use -.Xr ASN1_TYPE_set_octetstring 3 -if no -.Fa set_asn1_parameters -function is installed, and instruct -.Xr EVP_CIPHER_asn1_to_param 3 -to use -.Xr ASN1_TYPE_get_octetstring 3 -if no -.Fa get_asn1_parameters -function is installed. -.It Dv EVP_CIPH_FLAG_LENGTH_BITS -Signals that the length of the input buffer for encryption / decryption -is to be understood as the number of bits instead of bytes for this -implementation. -This is only useful for CFB1 ciphers. -.It Dv EVP_CIPH_FLAG_CUSTOM_CIPHER -Instruct -.Xr EVP_CipherUpdate 3 , -.Xr EVP_CipherFinal_ex 3 , -and similar encryption, decryption, and finalization functions -that the implementation's -.Fa do_cipher -function takes care of everything, -including padding, buffering and finalization. -.It Dv EVP_CIPH_FLAG_AEAD_CIPHER -This indicates that this is an AEAD cipher implementation. -.El -.Pp -.Fn EVP_CIPHER_meth_set_impl_ctx_size -sets the size of the EVP_CIPHER's implementation context so that it can -be automatically allocated. -.Pp -.Fn EVP_CIPHER_meth_set_init -sets the -.Fa init -function for -.Fa cipher . -The cipher init function is called by -.Xr EVP_CipherInit 3 , -.Xr EVP_CipherInit_ex 3 , -.Xr EVP_EncryptInit 3 , -.Xr EVP_EncryptInit_ex 3 , -.Xr EVP_DecryptInit 3 , -and -.Xr EVP_DecryptInit_ex 3 . -.Pp -.Fn EVP_CIPHER_meth_set_do_cipher -sets the cipher function for -.Fa cipher . -The cipher function is called by -.Xr EVP_CipherUpdate 3 , -.Xr EVP_EncryptUpdate 3 , -.Xr EVP_DecryptUpdate 3 , -.Xr EVP_CipherFinal 3 , -.Xr EVP_EncryptFinal 3 , -.Xr EVP_EncryptFinal_ex 3 , -.Xr EVP_DecryptFinal 3 -and -.Xr EVP_DecryptFinal_ex 3 . -.Pp -.Fn EVP_CIPHER_meth_set_cleanup -sets the function for -.Fa cipher -to do extra cleanup before the method's private data structure is -cleaned out and freed. -Note that the cleanup function is passed a -.Sy EVP_CIPHER_CTX * , -the private data structure is then available with -.Xr EVP_CIPHER_CTX_get_cipher_data 3 . -This cleanup function is called by -.Xr EVP_CIPHER_CTX_reset 3 -and -.Xr EVP_CIPHER_CTX_free 3 . -.Pp -.Fn EVP_CIPHER_meth_set_set_asn1_params -sets the function for -.Fa cipher -to set the AlgorithmIdentifier "parameter" based on the passed cipher. -This function is called by -.Xr EVP_CIPHER_param_to_asn1 3 . -.Fn EVP_CIPHER_meth_set_get_asn1_params -sets the function for -.Fa cipher -that sets the cipher parameters based on an ASN.1 AlgorithmIdentifier -"parameter". -Both these functions are needed when there is a need for custom data -(more or other than the cipher IV). They are called by -.Xr EVP_CIPHER_param_to_asn1 3 -and -.Xr EVP_CIPHER_asn1_to_param 3 -respectively if defined. -.Pp -.Fn EVP_CIPHER_meth_set_ctrl -sets the control function for -.Fa cipher . -.Sh RETURN VALUES -.Fn EVP_CIPHER_meth_new -and -.Fn EVP_CIPHER_meth_dup -return a pointer to a newly created -.Vt EVP_CIPHER , -or NULL on failure. -.Pp -All -.Fn EVP_CIPHER_meth_set_* -functions return 1. -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_EncryptInit 3 -.Sh HISTORY -These functions first appeared in OpenSSL 1.1.0 and have been available since -.Ox 7.3 . diff --git a/src/lib/libcrypto/man/EVP_CIPHER_nid.3 b/src/lib/libcrypto/man/EVP_CIPHER_nid.3 deleted file mode 100644 index 1feff4f34e..0000000000 --- a/src/lib/libcrypto/man/EVP_CIPHER_nid.3 +++ /dev/null @@ -1,306 +0,0 @@ -.\" $OpenBSD: EVP_CIPHER_nid.3,v 1.3 2023/09/05 14:54:21 schwarze Exp $ -.\" full merge up to: OpenSSL man3/EVP_EncryptInit.pod -.\" 0874d7f2 Oct 11 13:13:47 2022 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2018, 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: September 5 2023 $ -.Dt EVP_CIPHER_NID 3 -.Os -.Sh NAME -.Nm EVP_CIPHER_nid , -.Nm EVP_CIPHER_CTX_nid , -.Nm EVP_CIPHER_name , -.Nm EVP_CIPHER_type , -.Nm EVP_CIPHER_CTX_type , -.Nm EVP_CIPHER_block_size , -.Nm EVP_CIPHER_CTX_block_size , -.Nm EVP_CIPHER_flags , -.Nm EVP_CIPHER_CTX_flags , -.Nm EVP_CIPHER_mode , -.Nm EVP_CIPHER_CTX_mode -.Nd inspect EVP_CIPHER objects -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_CIPHER_nid -.Fa "const EVP_CIPHER *cipher" -.Fc -.Ft int -.Fo EVP_CIPHER_CTX_nid -.Fa "const EVP_CIPHER_CTX *ctx" -.Fc -.Ft const char * -.Fo EVP_CIPHER_name -.Fa "const EVP_CIPHER *cipher" -.Fc -.Ft int -.Fo EVP_CIPHER_type -.Fa "const EVP_CIPHER *ctx" -.Fc -.Ft int -.Fo EVP_CIPHER_CTX_type -.Fa "const EVP_CIPHER_CTX *ctx" -.Fc -.Ft int -.Fo EVP_CIPHER_block_size -.Fa "const EVP_CIPHER *cipher" -.Fc -.Ft int -.Fo EVP_CIPHER_CTX_block_size -.Fa "const EVP_CIPHER_CTX *ctx" -.Fc -.Ft unsigned long -.Fo EVP_CIPHER_flags -.Fa "const EVP_CIPHER *cipher" -.Fc -.Ft unsigned long -.Fo EVP_CIPHER_CTX_flags -.Fa "const EVP_CIPHER_CTX *ctx" -.Fc -.Ft unsigned long -.Fo EVP_CIPHER_mode -.Fa "const EVP_CIPHER *cipher" -.Fc -.Ft unsigned long -.Fo EVP_CIPHER_CTX_mode -.Fa "const EVP_CIPHER_CTX *ctx" -.Fc -.Sh DESCRIPTION -.Fn EVP_CIPHER_nid -returns the numerical identifier (NID) of the -.Fa cipher . -The NID is an internal value which may or may not have a corresponding -ASN.1 OBJECT IDENTIFIER; see -.Xr OBJ_nid2obj 3 -for details. -.Pp -.Fn EVP_CIPHER_CTX_nid -returns the NID of the cipher that -.Fa ctx -is configured to use. -.Pp -.Fn EVP_CIPHER_name -converts the NID of the -.Fa cipher -to its short name with -.Xr OBJ_nid2sn 3 . -.Pp -.Fn EVP_CIPHER_type -returns the NID associated with the ASN.1 OBJECT IDENTIFIER of the -.Fa cipher , -ignoring the cipher parameters. -For example, -.Xr EVP_aes_256_cfb1 3 , -.Xr EVP_aes_256_cfb8 3 , -and -.Xr EVP_aes_256_cfb128 3 -all return the same NID, -.Dv NID_aes_256_cfb128 . -.Pp -.Fn EVP_CIPHER_CTX_type -returns the NID associated with the ASN.1 OBJECT IDENTIFIER of the cipher that -.Fa ctx -is configured to use. -.Pp -.Fn EVP_CIPHER_block_size -returns the block size of the -.Fa cipher -in bytes. -.Fn EVP_CIPHER_CTX_block_size -returns the block size of the cipher that -.Fa ctx -is configured to use. -Block sizes are guaranteed to be less than or equal to the constant -.Dv EVP_MAX_BLOCK_LENGTH . -Currently, -.Xr EVP_CipherInit_ex 3 -and the other functions documented in the same manual page -only support block sizes of 1, 8, and 16 bytes. -.Pp -.Fn EVP_CIPHER_flags -returns the cipher flags used by the -.Fa cipher . -The meaning of the flags is described in the -.Xr EVP_CIPHER_meth_set_flags 3 -manual page. -.Pp -.Fn EVP_CIPHER_CTX_flags -returns the cipher flags of the cipher that -.Fa ctx -is configured to use. -Be careful to not confuse these with the unrelated cipher context flags -that can be inspected with -.Xr EVP_CIPHER_CTX_test_flags 3 . -.Pp -.Fn EVP_CIPHER_mode -returns the -.Fa cipher -mode, which is the logical AND of the constant -.Dv EVP_CIPH_MODE -and the return value of -.Fn EVP_CIPHER_flags . -.Pp -.Fn EVP_CIPHER_CTX_mode -returns the cipher mode of the cipher that -.Fa ctx -is configured to use. -.Pp -.Fn EVP_CIPHER_name , -.Fn EVP_CIPHER_CTX_type , -.Fn EVP_CIPHER_mode , -and -.Fn EVP_CIPHER_CTX_mode -are implemented as macros. -.Sh RETURN VALUES -.Fn EVP_CIPHER_nid -and -.Fn EVP_CIPHER_CTX_nid -return an NID. -.Pp -.Fn EVP_CIPHER_name -returns a pointer to a string that is owned by an internal library object or -.Dv NULL -if the NID is neither built into the library nor added to the global -object table by one of the functions documented in the manual page -.Xr OBJ_create 3 , -of if the object does not contain a short name. -.Pp -.Fn EVP_CIPHER_type -and -.Fn EVP_CIPHER_CTX_type -return the NID of the cipher's OBJECT IDENTIFIER or -.Dv NID_undef -if it is not associated with an OBJECT IDENTIFIER. -.Pp -.Fn EVP_CIPHER_block_size -and -.Fn EVP_CIPHER_CTX_block_size -return the block size in bytes. -.Pp -.Fn EVP_CIPHER_flags -and -.Fn EVP_CIPHER_CTX_flags -return one or more -.Dv EVP_CIPH_* -flag bits OR'ed together. -.Pp -.Fn EVP_CIPHER_mode -and -.Fn EVP_CIPHER_CTX_mode -return one of the constants -.Dv EVP_CIPH_ECB_MODE , -.Dv EVP_CIPH_CBC_MODE , -.Dv EVP_CIPH_CFB_MODE , -.Dv EVP_CIPH_OFB_MODE , -.Dv EVP_CIPH_CTR_MODE , -.Dv EVP_CIPH_GCM_MODE , -.Dv EVP_CIPH_CCM_MODE , -.Dv EVP_CIPH_XTS_MODE , -or -.Dv EVP_CIPH_WRAP_MODE -to indicate a block cipher or -.Dv EVP_CIPH_STREAM_CIPHER -to indicate a stream cipher. -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_CIPHER_CTX_ctrl 3 , -.Xr EVP_EncryptInit 3 , -.Xr OBJ_nid2obj 3 -.Sh HISTORY -.Fn EVP_CIPHER_type , -.Fn EVP_CIPHER_CTX_type , -.Fn EVP_CIPHER_block_size , -and -.Fn EVP_CIPHER_CTX_block_size -first appeared in SSLeay 0.6.5. -.Fn EVP_CIPHER_nid -and -.Fn EVP_CIPHER_CTX_nid -first appeared in SSLeay 0.8.0. -All these functions have been available since -.Ox 2.4 . -.Pp -.Fn EVP_CIPHER_flags , -.Fn EVP_CIPHER_CTX_flags , -.Fn EVP_CIPHER_mode , -and -.Fn EVP_CIPHER_CTX_mode -first appeared in OpenSSL 0.9.6 and have been available since -.Ox 2.9 . -.Pp -.Fn EVP_CIPHER_name -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.2 . -.Sh CAVEATS -The behaviour of the functions taking an -.Vt EVP_CIPHER_CTX -argument is undefined if they are called on a -.Fa ctx -that has no cipher configured yet, for example one freshly returned from -.Xr EVP_CIPHER_CTX_new 3 . -In that case, the program may for example be terminated by a -.Dv NULL -pointer access. diff --git a/src/lib/libcrypto/man/EVP_DigestInit.3 b/src/lib/libcrypto/man/EVP_DigestInit.3 deleted file mode 100644 index 668c189bc1..0000000000 --- a/src/lib/libcrypto/man/EVP_DigestInit.3 +++ /dev/null @@ -1,606 +0,0 @@ -.\" $OpenBSD: EVP_DigestInit.3,v 1.37 2024/12/06 15:01:01 schwarze Exp $ -.\" full merge up to: OpenSSL 7f572e95 Dec 2 13:57:04 2015 +0000 -.\" selective merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2019, 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson , -.\" Richard Levitte , -.\" Paul Yang , and -.\" Antoine Salon . -.\" Copyright (c) 2000-2004, 2009, 2012-2016, 2018, 2019 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 6 2024 $ -.Dt EVP_DIGESTINIT 3 -.Os -.Sh NAME -.Nm EVP_MD_CTX_new , -.Nm EVP_MD_CTX_reset , -.Nm EVP_MD_CTX_free , -.Nm EVP_MD_CTX_init , -.Nm EVP_MD_CTX_create , -.Nm EVP_MD_CTX_cleanup , -.Nm EVP_MD_CTX_destroy , -.Nm EVP_DigestInit_ex , -.Nm EVP_DigestUpdate , -.Nm EVP_DigestFinal_ex , -.Nm EVP_Digest , -.Nm EVP_MD_CTX_copy_ex , -.Nm EVP_DigestInit , -.Nm EVP_DigestFinal , -.Nm EVP_MD_CTX_copy , -.Nm EVP_MD_CTX_md , -.Nm EVP_md_null , -.Nm EVP_sha224 , -.Nm EVP_sha256 , -.Nm EVP_sha384 , -.Nm EVP_sha512 , -.Nm EVP_sha512_224 , -.Nm EVP_sha512_256 , -.Nm EVP_ripemd160 , -.Nm EVP_get_digestbyname , -.Nm EVP_get_digestbynid , -.Nm EVP_get_digestbyobj -.Nd EVP digest routines -.Sh SYNOPSIS -.In openssl/evp.h -.Ft EVP_MD_CTX * -.Fn EVP_MD_CTX_new void -.Ft int -.Fo EVP_MD_CTX_reset -.Fa "EVP_MD_CTX *ctx" -.Fc -.Ft void -.Fo EVP_MD_CTX_free -.Fa "EVP_MD_CTX *ctx" -.Fc -.Ft int -.Fo EVP_MD_CTX_init -.Fa "EVP_MD_CTX *ctx" -.Fc -.Ft EVP_MD_CTX * -.Fn EVP_MD_CTX_create void -.Ft int -.Fo EVP_MD_CTX_cleanup -.Fa "EVP_MD_CTX *ctx" -.Fc -.Ft void -.Fo EVP_MD_CTX_destroy -.Fa "EVP_MD_CTX *ctx" -.Fc -.Ft int -.Fo EVP_DigestInit_ex -.Fa "EVP_MD_CTX *ctx" -.Fa "const EVP_MD *type" -.Fa "ENGINE *engine" -.Fc -.Ft int -.Fo EVP_DigestUpdate -.Fa "EVP_MD_CTX *ctx" -.Fa "const void *d" -.Fa "size_t cnt" -.Fc -.Ft int -.Fo EVP_DigestFinal_ex -.Fa "EVP_MD_CTX *ctx" -.Fa "unsigned char *md" -.Fa "unsigned int *s" -.Fc -.Ft int -.Fo EVP_Digest -.Fa "const void *d" -.Fa "size_t cnt" -.Fa "unsigned char *md" -.Fa "unsigned int *s" -.Fa "const EVP_MD *type" -.Fa "ENGINE *engine" -.Fc -.Ft int -.Fo EVP_MD_CTX_copy_ex -.Fa "EVP_MD_CTX *out" -.Fa "const EVP_MD_CTX *in" -.Fc -.Ft int -.Fo EVP_DigestInit -.Fa "EVP_MD_CTX *ctx" -.Fa "const EVP_MD *type" -.Fc -.Ft int -.Fo EVP_DigestFinal -.Fa "EVP_MD_CTX *ctx" -.Fa "unsigned char *md" -.Fa "unsigned int *s" -.Fc -.Ft int -.Fo EVP_MD_CTX_copy -.Fa "EVP_MD_CTX *out" -.Fa "EVP_MD_CTX *in" -.Fc -.Ft const EVP_MD * -.Fo EVP_MD_CTX_md -.Fa "const EVP_MD_CTX *ctx" -.Fc -.Ft const EVP_MD * -.Fn EVP_md_null void -.Ft const EVP_MD * -.Fn EVP_sha224 void -.Ft const EVP_MD * -.Fn EVP_sha256 void -.Ft const EVP_MD * -.Fn EVP_sha384 void -.Ft const EVP_MD * -.Fn EVP_sha512 void -.Ft const EVP_MD * -.Fn EVP_sha512_224 void -.Ft const EVP_MD * -.Fn EVP_sha512_256 void -.Ft const EVP_MD * -.Fn EVP_ripemd160 void -.Ft const EVP_MD * -.Fo EVP_get_digestbyname -.Fa "const char *name" -.Fc -.Ft const EVP_MD * -.Fo EVP_get_digestbynid -.Fa "int type" -.Fc -.Ft const EVP_MD * -.Fo EVP_get_digestbyobj -.Fa "const ASN1_OBJECT *o" -.Fc -.Sh DESCRIPTION -The EVP digest routines are a high-level interface to message digests -and should be used instead of the cipher-specific functions. -.Pp -.Fn EVP_MD_CTX_new -allocates a new, empty digest context. -.Pp -.Fn EVP_MD_CTX_reset -cleans up -.Fa ctx -and resets it to the state it had after -.Fn EVP_MD_CTX_new , -such that it can be reused. -.Pp -.Fn EVP_MD_CTX_free -cleans up -.Fa ctx -and frees the space allocated to it. -.Pp -.Fn EVP_MD_CTX_init -is a deprecated function to clear a digest context on the stack -before use. -Do not use it on a digest context returned from -.Fn EVP_MD_CTX_new -or one that was already used. -.Pp -.Fn EVP_MD_CTX_create , -.Fn EVP_MD_CTX_cleanup , -and -.Fn EVP_MD_CTX_destroy -are deprecated aliases for -.Fn EVP_MD_CTX_new , -.Fn EVP_MD_CTX_reset , -and -.Fn EVP_MD_CTX_free , -respectively. -.Pp -.Fn EVP_DigestInit_ex -sets up the digest context -.Fa ctx -to use a digest -.Fa type . -The -.Fa type -will typically be supplied by a function such as -.Fn EVP_sha512 . -The -.Fa ENGINE *engine -argument is always ignored and passing -.Dv NULL -is recommended. -.Pp -.Fn EVP_DigestUpdate -hashes -.Fa cnt -bytes of data at -.Fa d -into the digest context -.Fa ctx . -This function can be called several times on the same -.Fa ctx -to hash additional data. -.Pp -.Fn EVP_DigestFinal_ex -retrieves the digest value from -.Fa ctx -and places it in -.Fa md . -If the -.Fa s -parameter is not -.Dv NULL , -then the number of bytes of data written (i.e. the length of the -digest) will be written to the integer at -.Fa s ; -at most -.Dv EVP_MAX_MD_SIZE -bytes will be written. -After calling -.Fn EVP_DigestFinal_ex , -no additional calls to -.Fn EVP_DigestUpdate -can be made, but -.Fn EVP_DigestInit_ex -can be called to initialize a new digest operation. -.Pp -.Fn EVP_Digest -is a simple wrapper function to hash -.Fa cnt -bytes of data at -.Fa d -using the digest -.Fa type -in a one-shot operation and place the digest value into -.Fa md , -and, unless -.Fa s -is -.Dv NULL , -the length of the digest in bytes into -.Pf * Fa s . -This wrapper uses a temporary digest context and passes its arguments to -.Fn EVP_DigestInit_ex , -.Fn EVP_DigestUpdate , -and -.Fn EVP_DigestFinal_ex -internally. -The -.Fa ENGINE *engine -argument is always ignored and passing -.Dv NULL -is recommended. -.Pp -.Fn EVP_MD_CTX_copy_ex -can be used to copy the message digest state from -.Fa in -to -.Fa out . -This is useful if large amounts of data are to be hashed which only -differ in the last few bytes. -.Pp -.Fn EVP_DigestInit -is a deprecated function behaving like -.Fn EVP_DigestInit_ex -except that it requires -.Fn EVP_MD_CTX_reset -before it can be used on a context that was already used. -.Pp -.Fn EVP_DigestFinal -is a deprecated function behaving like -.Fn EVP_DigestFinal_ex -except that the digest context -.Fa ctx -is automatically cleaned up after use by calling -.Fn EVP_MD_CTX_reset -internally. -.Pp -.Fn EVP_MD_CTX_copy -is a deprecated function behaving like -.Fn EVP_MD_CTX_copy_ex -except that it requires -.Fn EVP_MD_CTX_reset -before a context that was already used can be passed as -.Fa out . -.Pp -.Fn EVP_sha224 , -.Fn EVP_sha256 , -.Fn EVP_sha384 , -.Fn EVP_sha512 , -and -.Fn EVP_ripemd160 -return -.Vt EVP_MD -structures for the SHA224, SHA256, SHA384, SHA512 and -RIPEMD160 digest algorithms respectively. -.Pp -.Fn EVP_sha512_224 -and -.Fn EVP_sha512_256 -return an -.Vt EVP_MD -structure that provides the truncated SHA512 variants SHA512/224 and SHA512/256, -respectively. -.Pp -.Fn EVP_md_null -is a "null" message digest that does nothing: -i.e. the hash it returns is of zero length. -.Pp -.Fn EVP_get_digestbyname , -.Fn EVP_get_digestbynid , -and -.Fn EVP_get_digestbyobj -return an -.Vt EVP_MD -structure when passed a digest name, a digest NID, or an ASN1_OBJECT -structure respectively. -.Pp -.Fn EVP_get_digestbynid -and -.Fn EVP_get_digestbyobj -are implemented as macros. -.Pp -The EVP interface to message digests should almost always be used -in preference to the low-level interfaces. -This is because the code then becomes transparent to the digest used and -much more flexible. -.Pp -The -.Fa ENGINE *engine -argument is always ignored and passing -.Dv NULL -is recommended. -.Pp -The functions -.Fn EVP_DigestInit , -.Fn EVP_DigestFinal , -and -.Fn EVP_MD_CTX_copy -are obsolete but are retained to maintain compatibility with existing -code. -New applications should use -.Fn EVP_DigestInit_ex , -.Fn EVP_DigestFinal_ex , -and -.Fn EVP_MD_CTX_copy_ex -because they can efficiently reuse a digest context instead of -initializing and cleaning it up on each call. -.Pp -If digest contexts are not cleaned up after use, memory leaks will occur. -.Sh RETURN VALUES -.Fn EVP_MD_CTX_new -and -.Fn EVP_MD_CTX_create -return the new -.Vt EVP_MD_CTX -object or -.Dv NULL -for failure. -.Pp -.Fn EVP_MD_CTX_reset , -.Fn EVP_MD_CTX_init , -and -.Fn EVP_MD_CTX_cleanup -always return 1. -.Pp -.Fn EVP_DigestInit_ex , -.Fn EVP_DigestUpdate , -.Fn EVP_DigestFinal_ex , -.Fn EVP_Digest , -.Fn EVP_MD_CTX_copy_ex , -.Fn EVP_DigestInit , -.Fn EVP_DigestFinal , -and -.Fn EVP_MD_CTX_copy -return 1 for success or 0 for failure. -.Pp -.Fn EVP_MD_CTX_md -returns the -.Vt EVP_MD -object used by -.Fa ctx , -or -.Dv NULL -if -.Fa ctx -is -.Dv NULL -or does not have any message digest algorithm assigned yet. -.Pp -.Fn EVP_md_null , -.Fn EVP_sha224 , -.Fn EVP_sha256 , -.Fn EVP_sha384 , -.Fn EVP_sha512 , -.Fn EVP_sha512_224 , -.Fn EVP_sha512_256 , -and -.Fn EVP_ripemd160 -return pointers to constant static objects owned by the library. -.Pp -.Fn EVP_get_digestbyname , -.Fn EVP_get_digestbynid , -and -.Fn EVP_get_digestbyobj -return either an -.Vt EVP_MD -structure or -.Dv NULL -if an error occurs. -.Sh EXAMPLES -This example digests the data "Test Message\en" and "Hello World\en", -using the digest name passed on the command line. -.Bd -literal -offset indent -#include -#include -#include - -int -main(int argc, char *argv[]) -{ - EVP_MD_CTX *mdctx; - const EVP_MD *md; - const char mess1[] = "Test Message\en"; - const char mess2[] = "Hello World\en"; - unsigned char md_value[EVP_MAX_MD_SIZE]; - unsigned int md_len, i; - - if (argc <= 1) { - printf("Usage: mdtest digestname\en"); - exit(1); - } - - md = EVP_get_digestbyname(argv[1]); - if (md == NULL) { - printf("Unknown message digest %s\en", argv[1]); - exit(1); - } - - mdctx = EVP_MD_CTX_new(); - EVP_DigestInit_ex(mdctx, md, NULL); - EVP_DigestUpdate(mdctx, mess1, strlen(mess1)); - EVP_DigestUpdate(mdctx, mess2, strlen(mess2)); - EVP_DigestFinal_ex(mdctx, md_value, &md_len); - EVP_MD_CTX_free(mdctx); - - printf("Digest is: "); - for(i = 0; i < md_len; i++) - printf("%02x", md_value[i]); - printf("\en"); - - return 0; -} -.Ed -.Sh SEE ALSO -.Xr BIO_f_md 3 , -.Xr CMAC_Init 3 , -.Xr evp 3 , -.Xr EVP_BytesToKey 3 , -.Xr EVP_DigestSignInit 3 , -.Xr EVP_DigestVerifyInit 3 , -.Xr EVP_MD_CTX_ctrl 3 , -.Xr EVP_MD_nid 3 , -.Xr EVP_PKEY_CTX_set_signature_md 3 , -.Xr EVP_sha1 3 , -.Xr EVP_sha3_224 3 , -.Xr EVP_SignInit 3 , -.Xr EVP_sm3 3 , -.Xr EVP_VerifyInit 3 , -.Xr HMAC 3 , -.Xr OCSP_basic_sign 3 , -.Xr OCSP_request_sign 3 , -.Xr PKCS5_PBKDF2_HMAC 3 , -.Xr PKCS7_sign_add_signer 3 , -.Xr X509_ALGOR_set0 3 , -.Xr X509_digest 3 , -.Xr X509_sign 3 -.Sh HISTORY -.Fn EVP_DigestInit , -.Fn EVP_DigestUpdate , -and -.Fn EVP_DigestFinal -first appeared in SSLeay 0.5.1. -.Fn EVP_md_null -and -.Fn EVP_get_digestbyname -first appeared in SSLeay 0.8.0. -.Fn EVP_get_digestbynid -and -.Fn EVP_get_digestbyobj -first appeared in SSLeay 0.8.1. -.Fn EVP_ripemd160 -first appeared in SSLeay 0.9.0. -All these functions have been available since -.Ox 2.4 . -.Pp -.Fn EVP_MD_CTX_copy -first appeared in OpenSSL 0.9.2b and has been available since -.Ox 2.6 . -.Pp -.Fn EVP_MD_CTX_md -first appeared in OpenSSL 0.9.5 and has been available since -.Ox 2.7 . -.Pp -.Fn EVP_MD_CTX_init , -.Fn EVP_MD_CTX_create , -.Fn EVP_MD_CTX_cleanup , -.Fn EVP_MD_CTX_destroy , -.Fn EVP_DigestInit_ex , -.Fn EVP_DigestFinal_ex , -.Fn EVP_Digest , -and -.Fn EVP_MD_CTX_copy_ex -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Pp -.Fn EVP_sha224 , -.Fn EVP_sha256 , -.Fn EVP_sha384 , -and -.Fn EVP_sha512 -first appeared in OpenSSL 0.9.7h and 0.9.8a -and have been available since -.Ox 4.0 . -.Pp -.Fn EVP_MD_CTX_new , -.Fn EVP_MD_CTX_reset , -and -.Fn EVP_MD_CTX_free -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 6.3 . -.Pp -.Fn EVP_sha512_224 -and -.Fn EVP_sha512_256 -first appeared in OpenSSL 1.1.1 and have been available since -.Ox 7.4 . diff --git a/src/lib/libcrypto/man/EVP_DigestSignInit.3 b/src/lib/libcrypto/man/EVP_DigestSignInit.3 deleted file mode 100644 index caf519e28c..0000000000 --- a/src/lib/libcrypto/man/EVP_DigestSignInit.3 +++ /dev/null @@ -1,243 +0,0 @@ -.\" $OpenBSD: EVP_DigestSignInit.3,v 1.15 2024/12/06 14:27:49 schwarze Exp $ -.\" full merge up to: OpenSSL 28428130 Apr 17 15:18:40 2018 +0200 -.\" selective merge up to: OpenSSL 6328d367 Jul 4 21:58:30 2020 +0200 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2006, 2009, 2015, 2016, 2017 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 6 2024 $ -.Dt EVP_DIGESTSIGNINIT 3 -.Os -.Sh NAME -.Nm EVP_DigestSignInit , -.Nm EVP_DigestSignUpdate , -.Nm EVP_DigestSignFinal , -.Nm EVP_DigestSign -.Nd EVP signing functions -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_DigestSignInit -.Fa "EVP_MD_CTX *ctx" -.Fa "EVP_PKEY_CTX **pctx" -.Fa "const EVP_MD *type" -.Fa "ENGINE *engine" -.Fa "EVP_PKEY *pkey" -.Fc -.Ft int -.Fo EVP_DigestSignUpdate -.Fa "EVP_MD_CTX *ctx" -.Fa "const void *d" -.Fa "size_t cnt" -.Fc -.Ft int -.Fo EVP_DigestSignFinal -.Fa "EVP_MD_CTX *ctx" -.Fa "unsigned char *sig" -.Fa "size_t *siglen" -.Fc -.Ft int -.Fo EVP_DigestSign -.Fa "EVP_MD_CTX *ctx" -.Fa "unsigned char *sigret" -.Fa "size_t *siglen" -.Fa "const unsigned char *tbs" -.Fa "size_t tbslen" -.Fc -.Sh DESCRIPTION -The EVP signature routines are a high-level interface to digital -signatures. -.Pp -.Fn EVP_DigestSignInit -sets up the signing context -.Fa ctx -to use the digest -.Fa type -and the private key -.Fa pkey . -Before calling this function, obtain -.Fa ctx -from -.Xr EVP_MD_CTX_new 3 -or call -.Xr EVP_MD_CTX_reset 3 -on it. -The -.Fa engine -argument is always ignored and passing -.Dv NULL -is recommended. -.Pp -If -.Fa pctx -is not -.Dv NULL , -any pointer passed in as -.Pf * Fa pctx -is ignored and overwritten by an internal pointer to the -.Vt EVP_PKEY_CTX -used by the signing operation: -this can be used to set alternative signing options. -The returned -.Vt EVP_PKEY_CTX -must not be freed by the application. -It is freed automatically when the -.Vt EVP_MD_CTX -is freed. -.Pp -.Fn EVP_DigestSignUpdate -hashes -.Fa cnt -bytes of data at -.Fa d -into the signature context -.Fa ctx . -This function can be called several times on the same -.Fa ctx -to include additional data. -This function is currently implemented using a macro. -.Pp -.Fn EVP_DigestSignFinal -signs the data in -.Fa ctx -and places the signature in -.Fa sig . -If -.Fa sig -is -.Dv NULL , -then the maximum size of the output buffer is written to -.Pf * Fa siglen . -If -.Fa sig -is not -.Dv NULL , -then before the call -.Fa siglen -should contain the length of the -.Fa sig -buffer. -If the call is successful, the signature is written to -.Fa sig -and the amount of data written to -.Fa siglen . -.Pp -.Fn EVP_DigestSign -signs -.Fa tbslen -bytes of data at -.Fa tbs -and places the signature in -.Fa sigret -and its length in -.Fa siglen -in a similar way to -.Fn EVP_DigestSignFinal . -.Fn EVP_DigestSign -is a one shot operation which signs a single block of data -with one function call. -For algorithms that support streaming it is equivalent to calling -.Fn EVP_DigestSignUpdate -and -.Fn EVP_DigestSignFinal . -.\" For algorithms which do not support streaming -.\" (e.g. PureEdDSA) -.\" it is the only way to sign data. -.Pp -The EVP interface to digital signatures should almost always be -used in preference to the low-level interfaces. -This is because the code then becomes transparent to the algorithm used -and much more flexible. -.Pp -The call to -.Fn EVP_DigestSignFinal -internally finalizes a copy of the digest context. -This means that -.Fn EVP_DigestSignUpdate -and -.Fn EVP_DigestSignFinal -can be called later to digest and sign additional data. -.Pp -Since only a copy of the digest context is ever finalized, the context -must be cleaned up after use by calling -.Xr EVP_MD_CTX_free 3 , -or a memory leak will occur. -.Pp -The use of -.Xr EVP_PKEY_size 3 -with these functions is discouraged because some signature operations -may have a signature length which depends on the parameters set. -As a result, -.Xr EVP_PKEY_size 3 -would have to return a value which indicates the maximum possible -signature for any set of parameters. -.Sh RETURN VALUES -.Fn EVP_DigestSignInit , -.Fn EVP_DigestSignUpdate , -.Fn EVP_DigestSignFinal , -and -.Fn EVP_DigestSign -return 1 for success and 0 for failure. -.Pp -The error codes can be obtained from -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_DigestInit 3 , -.Xr EVP_DigestVerifyInit 3 -.Sh HISTORY -.Fn EVP_DigestSignInit , -.Fn EVP_DigestSignUpdate , -and -.Fn EVP_DigestSignFinal -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . -.Pp -.Fn EVP_DigestSign -first appeared in OpenSSL 1.1.1 and has been available since -.Ox 7.0 . diff --git a/src/lib/libcrypto/man/EVP_DigestVerifyInit.3 b/src/lib/libcrypto/man/EVP_DigestVerifyInit.3 deleted file mode 100644 index fa62f5a0a5..0000000000 --- a/src/lib/libcrypto/man/EVP_DigestVerifyInit.3 +++ /dev/null @@ -1,223 +0,0 @@ -.\" $OpenBSD: EVP_DigestVerifyInit.3,v 1.17 2024/12/06 14:27:49 schwarze Exp $ -.\" full merge up to OpenSSL f097e875 Aug 23 11:37:22 2018 +0100 -.\" selective merge up to 24a535ea Sep 22 13:14:20 2020 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2006, 2009, 2014, 2015, 2016, 2017 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 6 2024 $ -.Dt EVP_DIGESTVERIFYINIT 3 -.Os -.Sh NAME -.Nm EVP_DigestVerifyInit , -.Nm EVP_DigestVerifyUpdate , -.Nm EVP_DigestVerifyFinal , -.Nm EVP_DigestVerify -.Nd EVP signature verification functions -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_DigestVerifyInit -.Fa "EVP_MD_CTX *ctx" -.Fa "EVP_PKEY_CTX **pctx" -.Fa "const EVP_MD *type" -.Fa "ENGINE *engine" -.Fa "EVP_PKEY *pkey" -.Fc -.Ft int -.Fo EVP_DigestVerifyUpdate -.Fa "EVP_MD_CTX *ctx" -.Fa "const void *d" -.Fa "size_t cnt" -.Fc -.Ft int -.Fo EVP_DigestVerifyFinal -.Fa "EVP_MD_CTX *ctx" -.Fa "const unsigned char *sig" -.Fa "size_t siglen" -.Fc -.Ft int -.Fo EVP_DigestVerify -.Fa "EVP_MD_CTX *ctx" -.Fa "const unsigned char *sig" -.Fa "size_t siglen" -.Fa "const unsigned char *tbs" -.Fa "size_t *tbslen" -.Fc -.Sh DESCRIPTION -The EVP signature routines are a high-level interface to digital -signatures. -.Pp -.Fn EVP_DigestVerifyInit -sets up the verification context -.Fa ctx -to use the digest -.Fa type -and the public key -.Fa pkey . -Before calling this function, obtain -.Fa ctx -from -.Xr EVP_MD_CTX_new 3 -or call -.Xr EVP_MD_CTX_reset 3 -on it. -The -.Fa engine -argument is always ignored and passing -.Dv NULL -is recommended. -.Pp -If -.Fa pctx -is not -.Dv NULL , -any pointer passed in as -.Pf * Fa pctx -is ignored and overwritten by an internal pointer to the -.Vt EVP_PKEY_CTX -used by the verification operation: -this can be used to set alternative signing options. -The returned -.Vt EVP_PKEY_CTX -must not be freed by the application. -It is freed automatically when the -.Vt EVP_MD_CTX -is freed. -.Pp -.Fn EVP_DigestVerifyUpdate -hashes -.Fa cnt -bytes of data at -.Fa d -into the verification context -.Fa ctx . -This function can be called several times on the same -.Fa ctx -to include additional data. -This function is currently implemented using a macro. -.Pp -.Fn EVP_DigestVerifyFinal -verifies the data in -.Fa ctx -against the signature in -.Fa sig -of length -.Fa siglen . -.Pp -.Fn EVP_DigestVerify -verifies -.Fa tbslen -bytes at -.Fa tbs -against the signature in -.Fa sig -of length -.Fa siglen . -.Fn EVP_DigestVerify -is a one shot operation which verifies a single block of data -in one function call. -For algorithms that support streaming it is equivalent to calling -.Fn EVP_DigestVerifyUpdate -and -.Fn EVP_DigestVerifyFinal . -.\" For algorithms which do not support streaming -.\" (e.g. PureEdDSA) -.\" it is the only way to verify data. -.Pp -The EVP interface to digital signatures should almost always be -used in preference to the low-level interfaces. -This is because the code then becomes transparent to the algorithm used -and much more flexible. -.Pp -The call to -.Fn EVP_DigestVerifyFinal -internally finalizes a copy of the digest context. -This means that -.Xr EVP_VerifyUpdate 3 -and -.Xr EVP_VerifyFinal 3 -can be called later to digest and verify additional data. -.Pp -Since only a copy of the digest context is ever finalized, the context -must be cleaned up after use by calling -.Xr EVP_MD_CTX_free 3 -or a memory leak will occur. -.Sh RETURN VALUES -.Fn EVP_DigestVerifyInit -and -.Fn EVP_DigestVerifyUpdate -return 1 for success and 0 for failure. -.Pp -.Fn EVP_DigestVerifyFinal -and -.Fn EVP_DigestVerify -return 1 for success; any other value indicates failure. -A return value of 0 indicates that the signature did not verify -successfully (that is, the signature did not match the original -data or the signature had an invalid form), while other values -indicate a more serious error (and sometimes also indicate an invalid -signature form). -.Pp -The error codes can be obtained from -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_DigestInit 3 , -.Xr EVP_DigestSignInit 3 -.Sh HISTORY -.Fn EVP_DigestVerifyInit , -.Fn EVP_DigestVerifyUpdate , -and -.Fn EVP_DigestVerifyFinal -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . -.Pp -.Fn EVP_DigestVerify -first appeared in OpenSSL 1.1.1 and has been available since -.Ox 7.0 . diff --git a/src/lib/libcrypto/man/EVP_EncodeInit.3 b/src/lib/libcrypto/man/EVP_EncodeInit.3 deleted file mode 100644 index da79af84cf..0000000000 --- a/src/lib/libcrypto/man/EVP_EncodeInit.3 +++ /dev/null @@ -1,334 +0,0 @@ -.\" $OpenBSD: EVP_EncodeInit.3,v 1.7 2019/06/06 01:06:58 schwarze Exp $ -.\" full merge up to: OpenSSL f430ba31 Jun 19 19:39:01 2016 +0200 -.\" selective merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100 -.\" -.\" This file was written by Matt Caswell . -.\" Copyright (c) 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: June 6 2019 $ -.Dt EVP_ENCODEINIT 3 -.Os -.Sh NAME -.Nm EVP_ENCODE_CTX_new , -.Nm EVP_ENCODE_CTX_free , -.Nm EVP_EncodeInit , -.Nm EVP_EncodeUpdate , -.Nm EVP_EncodeFinal , -.Nm EVP_EncodeBlock , -.Nm EVP_DecodeInit , -.Nm EVP_DecodeUpdate , -.Nm EVP_DecodeFinal , -.Nm EVP_DecodeBlock -.Nd EVP base64 encode/decode routines -.Sh SYNOPSIS -.In openssl/evp.h -.Ft EVP_ENCODE_CTX * -.Fn EVP_ENCODE_CTX_new void -.Ft void -.Fo EVP_ENCODE_CTX_free -.Fa "EVP_ENCODE_CTX *ctx" -.Fc -.Ft void -.Fo EVP_EncodeInit -.Fa "EVP_ENCODE_CTX *ctx" -.Fc -.Ft int -.Fo EVP_EncodeUpdate -.Fa "EVP_ENCODE_CTX *ctx" -.Fa "unsigned char *out" -.Fa "int *outl" -.Fa "const unsigned char *in" -.Fa "int inl" -.Fc -.Ft void -.Fo EVP_EncodeFinal -.Fa "EVP_ENCODE_CTX *ctx" -.Fa "unsigned char *out" -.Fa "int *outl" -.Fc -.Ft int -.Fo EVP_EncodeBlock -.Fa "unsigned char *t" -.Fa "const unsigned char *f" -.Fa "int n" -.Fc -.Ft void -.Fo EVP_DecodeInit -.Fa "EVP_ENCODE_CTX *ctx" -.Fc -.Ft int -.Fo EVP_DecodeUpdate -.Fa "EVP_ENCODE_CTX *ctx" -.Fa "unsigned char *out" -.Fa "int *outl" -.Fa "const unsigned char *in" -.Fa "int inl" -.Fc -.Ft int -.Fo EVP_DecodeFinal -.Fa "EVP_ENCODE_CTX *ctx" -.Fa "unsigned char *out" -.Fa "int *outl" -.Fc -.Ft int -.Fo EVP_DecodeBlock -.Fa "unsigned char *t" -.Fa "const unsigned char *f" -.Fa "int n" -.Fc -.Sh DESCRIPTION -The EVP encode routines provide a high level interface to base64 -encoding and decoding. -Base64 encoding converts binary data into a printable form that uses -the characters A-Z, a-z, 0-9, "+" and "/" to represent the data. -For every 3 bytes of binary data provided, 4 bytes of base64-encoded -data will be produced, plus some occasional newlines. -If the input data length is not a multiple of 3, then the output data -will be padded at the end using the "=" character. -.Pp -.Fn EVP_ENCODE_CTX_new -allocates, initializes and returns a context to be used for the encode -and decode functions. -.Pp -.Fn EVP_ENCODE_CTX_free -frees -.Fa ctx . -.Pp -Encoding of binary data is performed in blocks of 48 input bytes (or -less for the final block). -For each 48-byte input block encoded, 64 bytes of base64 data is output, -plus an additional newline character, i.e. 65 bytes in total. -The final block, which may be less than 48 bytes, will output 4 bytes -for every 3 bytes of input. -If the data length is not divisible by 3, then a full 4 bytes is still -output for the final 1 or 2 bytes of input. -Similarly a newline character will also be output. -.Pp -.Fn EVP_EncodeInit -initialises -.Fa ctx -for the start of a new encoding operation. -.Pp -.Fn EVP_EncodeUpdate -encodes -.Fa inl -bytes of data found in the buffer pointed to by -.Fa in . -The output is stored in the buffer -.Fa out -and the number of bytes output is stored in -.Pf * Fa outl . -It is the caller's responsibility to ensure that the buffer at -.Fa out -is sufficiently large to accommodate the output data. -Only full blocks of data (48 bytes) will be immediately processed and -output by this function. -Any remainder is held in the -.Fa ctx -object and will be processed by a subsequent call to -.Fn EVP_EncodeUpdate -or -.Fn EVP_EncodeFinal . -To calculate the required size of the output buffer, add together the -value of -.Fa inl -with the amount of unprocessed data held in -.Fa ctx -and divide the result by 48 (ignore any remainder). -This gives the number of blocks of data that will be processed. -Ensure the output buffer contains 65 bytes of storage for each block, -plus an additional byte for a NUL terminator. -.Fn EVP_EncodeUpdate -may be called repeatedly to process large amounts of input data. -In the event of an error , -.Fn EVP_EncodeUpdate -will set -.Pf * Fa outl -to 0 and return 0. -On success 1 will be returned. -.Pp -.Fn EVP_EncodeFinal -must be called at the end of an encoding operation. -It will process any partial block of data remaining in the -.Fa ctx -object. -The output data will be stored in -.Fa out -and the length of the data written will be stored in -.Pf * Fa outl . -It is the caller's responsibility to ensure that -.Fa out -is sufficiently large to accommodate the output data, which will -never be more than 65 bytes plus an additional NUL terminator, i.e. -66 bytes in total. -.Pp -.Fn EVP_EncodeBlock -encodes a full block of input data in -.Fa f -and of length -.Fa n -and stores it in -.Fa t . -For every 3 bytes of input provided, 4 bytes of output data will be -produced. -If -.Sy n -is not divisible by 3, then the block is encoded as a final block -of data and the output is padded such that it is always divisible -by 4. -Additionally a NUL terminator character will be added. -For example, if 16 bytes of input data are provided, then 24 bytes -of encoded data is created plus 1 byte for a NUL terminator, -i.e. 25 bytes in total. -The length of the data generated -.Em without -the NUL terminator is returned from the function. -.Pp -.Fn EVP_DecodeInit -initialises -.Fa ctx -for the start of a new decoding operation. -.Pp -.Fn EVP_DecodeUpdate -decodes -.Fa inl -characters of data found in the buffer pointed to by -.Fa in . -The output is stored in the buffer -.Fa out -and the number of bytes output is stored in -.Pf * Fa outl . -It is the caller's responsibility to ensure that the buffer at -.Fa out -is sufficiently large to accommodate the output data. -This function will attempt to decode as much data as possible in 4-byte -chunks. -Any whitespace, newline or carriage return characters are ignored. -Any partial chunk of unprocessed data (1, 2 or 3 bytes) that remains at -the end will be held in the -.Fa ctx -object and processed by a subsequent call to -.Fn EVP_DecodeUpdate . -If any illegal base64 characters are encountered or if the base64 -padding character "=" is encountered in the middle of the data, -then the function returns -1 to indicate an error. -A return value of 0 or 1 indicates successful processing of the data. -A return value of 0 additionally indicates that the last input data -characters processed included the base64 padding character "=" and -therefore no more non-padding character data is expected to be -processed. -For every 4 valid base64 bytes processed \(em ignoring whitespace, -carriage returns and line feeds \(em 3 bytes of binary output data -will be produced, or less at the end of the data where the padding -character "=" has been used. -.Pp -.Fn EVP_DecodeFinal -must be called at the end of a decoding operation. -If there is any unprocessed data still in -.Fa ctx , -then the input data must not have been a multiple of 4 and therefore an -error has occurred. -The function will return -1 in this case. -Otherwise the function returns 1 on success. -.Pp -.Fn EVP_DecodeBlock -will decode the block of -.Fa n -characters of base64 data contained in -.Fa f -and store the result in -.Fa t . -Any leading whitespace will be trimmed as will any trailing whitespace, -newlines, carriage returns or EOF characters. -After such trimming the length of the data in -.Fa f -must be divisible by 4. -For every 4 input bytes, exactly 3 output bytes will be produced. -The output will be padded with 0 bits if necessary to ensure that the -output is always 3 bytes for every 4 input bytes. -This function will return the length of the data decoded or -1 on error. -.Sh RETURN VALUES -.Fn EVP_ENCODE_CTX_new -returns a pointer to the newly allocated -.Vt EVP_ENCODE_CTX -object or -.Dv NULL -on error. -.Pp -.Fn EVP_EncodeUpdate -returns 0 on error or 1 on success. -.Pp -.Fn EVP_EncodeBlock -returns the number of bytes encoded excluding the NUL terminator. -.Pp -.Fn EVP_DecodeUpdate -returns -1 on error and 0 or 1 on success. -If 0 is returned, then no more non-padding base64 characters are -expected. -.Pp -.Fn EVP_DecodeFinal -returns -1 on error or 1 on success. -.Pp -.Fn EVP_DecodeBlock -returns the length of the data decoded or -1 on error. -.Sh SEE ALSO -.Xr BIO_f_base64 3 , -.Xr evp 3 -.Sh HISTORY -The -.Fn EVP_Encode* -and -.Fn EVP_Decode* -functions first appeared in SSLeay 0.5.1 -and have been available since -.Ox 2.4 . -.Pp -.Fn EVP_ENCODE_CTX_new -and -.Fn EVP_ENCODE_CTX_free -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 6.5 . diff --git a/src/lib/libcrypto/man/EVP_EncryptInit.3 b/src/lib/libcrypto/man/EVP_EncryptInit.3 deleted file mode 100644 index 7765be2ca6..0000000000 --- a/src/lib/libcrypto/man/EVP_EncryptInit.3 +++ /dev/null @@ -1,813 +0,0 @@ -.\" $OpenBSD: EVP_EncryptInit.3,v 1.56 2024/12/20 01:54:03 schwarze Exp $ -.\" full merge up to: OpenSSL 5211e094 Nov 11 14:39:11 2014 -0800 -.\" EVP_bf_cbc.pod EVP_cast5_cbc.pod EVP_idea_cbc.pod EVP_rc2_cbc.pod -.\" 7c6d372a Nov 20 13:20:01 2018 +0000 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2019, 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson -.\" and Richard Levitte . -.\" Copyright (c) 2000-2002, 2005, 2012-2016 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 20 2024 $ -.Dt EVP_ENCRYPTINIT 3 -.Os -.Sh NAME -.Nm EVP_CIPHER_CTX_new , -.Nm EVP_CIPHER_CTX_reset , -.Nm EVP_CIPHER_CTX_free , -.Nm EVP_CIPHER_CTX_copy , -.Nm EVP_EncryptInit_ex , -.Nm EVP_EncryptUpdate , -.Nm EVP_EncryptFinal_ex , -.Nm EVP_DecryptInit_ex , -.Nm EVP_DecryptUpdate , -.Nm EVP_DecryptFinal_ex , -.Nm EVP_CipherInit_ex , -.Nm EVP_CipherUpdate , -.Nm EVP_CipherFinal_ex , -.Nm EVP_EncryptInit , -.Nm EVP_EncryptFinal , -.Nm EVP_DecryptInit , -.Nm EVP_DecryptFinal , -.Nm EVP_CipherInit , -.Nm EVP_CipherFinal , -.Nm EVP_CIPHER_CTX_encrypting , -.Nm EVP_get_cipherbyname , -.Nm EVP_get_cipherbynid , -.Nm EVP_get_cipherbyobj , -.Nm EVP_CIPHER_CTX_cipher , -.Nm EVP_enc_null , -.Nm EVP_idea_cbc , -.Nm EVP_idea_ecb , -.Nm EVP_idea_cfb64 , -.Nm EVP_idea_cfb , -.Nm EVP_idea_ofb , -.Nm EVP_bf_cbc , -.Nm EVP_bf_ecb , -.Nm EVP_bf_cfb64 , -.Nm EVP_bf_cfb , -.Nm EVP_bf_ofb , -.Nm EVP_cast5_cbc , -.Nm EVP_cast5_ecb , -.Nm EVP_cast5_cfb64 , -.Nm EVP_cast5_cfb , -.Nm EVP_cast5_ofb -.Nd EVP cipher routines -.Sh SYNOPSIS -.In openssl/evp.h -.Ft EVP_CIPHER_CTX * -.Fn EVP_CIPHER_CTX_new void -.Ft int -.Fo EVP_CIPHER_CTX_reset -.Fa "EVP_CIPHER_CTX *ctx" -.Fc -.Ft void -.Fo EVP_CIPHER_CTX_free -.Fa "EVP_CIPHER_CTX *ctx" -.Fc -.Ft int -.Fo EVP_CIPHER_CTX_copy -.Fa "EVP_CIPHER_CTX *out" -.Fa "const EVP_CIPHER_CTX *in" -.Fc -.Ft int -.Fo EVP_EncryptInit_ex -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "const EVP_CIPHER *type" -.Fa "ENGINE *engine" -.Fa "const unsigned char *key" -.Fa "const unsigned char *iv" -.Fc -.Ft int -.Fo EVP_EncryptUpdate -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "unsigned char *out" -.Fa "int *out_len" -.Fa "const unsigned char *in" -.Fa "int in_len" -.Fc -.Ft int -.Fo EVP_EncryptFinal_ex -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "unsigned char *out" -.Fa "int *out_len" -.Fc -.Ft int -.Fo EVP_DecryptInit_ex -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "const EVP_CIPHER *type" -.Fa "ENGINE *engine" -.Fa "const unsigned char *key" -.Fa "const unsigned char *iv" -.Fc -.Ft int -.Fo EVP_DecryptUpdate -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "unsigned char *out" -.Fa "int *out_len" -.Fa "const unsigned char *in" -.Fa "int in_len" -.Fc -.Ft int -.Fo EVP_DecryptFinal_ex -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "unsigned char *out" -.Fa "int *out_len" -.Fc -.Ft int -.Fo EVP_CipherInit_ex -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "const EVP_CIPHER *type" -.Fa "ENGINE *engine" -.Fa "const unsigned char *key" -.Fa "const unsigned char *iv" -.Fa "int enc" -.Fc -.Ft int -.Fo EVP_CipherUpdate -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "unsigned char *out" -.Fa "int *out_len" -.Fa "const unsigned char *in" -.Fa "int in_len" -.Fc -.Ft int -.Fo EVP_CipherFinal_ex -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "unsigned char *out" -.Fa "int *out_len" -.Fc -.Ft int -.Fo EVP_EncryptInit -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "const EVP_CIPHER *type" -.Fa "const unsigned char *key" -.Fa "const unsigned char *iv" -.Fc -.Ft int -.Fo EVP_EncryptFinal -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "unsigned char *out" -.Fa "int *out_len" -.Fc -.Ft int -.Fo EVP_DecryptInit -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "const EVP_CIPHER *type" -.Fa "const unsigned char *key" -.Fa "const unsigned char *iv" -.Fc -.Ft int -.Fo EVP_DecryptFinal -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "unsigned char *out" -.Fa "int *out_len" -.Fc -.Ft int -.Fo EVP_CipherInit -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "const EVP_CIPHER *type" -.Fa "const unsigned char *key" -.Fa "const unsigned char *iv" -.Fa "int enc" -.Fc -.Ft int -.Fo EVP_CipherFinal -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "unsigned char *out" -.Fa "int *out_len" -.Fc -.Ft int -.Fo EVP_CIPHER_CTX_encrypting -.Fa "const EVP_CIPHER_CTX *ctx" -.Fc -.Ft const EVP_CIPHER * -.Fo EVP_get_cipherbyname -.Fa "const char *name" -.Fc -.Ft const EVP_CIPHER * -.Fo EVP_get_cipherbynid -.Fa "int nid" -.Fc -.Ft const EVP_CIPHER * -.Fo EVP_get_cipherbyobj -.Fa "const ASN1_OBJECT *a" -.Fc -.Ft const EVP_CIPHER * -.Fo EVP_CIPHER_CTX_cipher -.Fa "const EVP_CIPHER_CTX *ctx" -.Fc -.Sh DESCRIPTION -The EVP cipher routines are a high level interface to certain symmetric -ciphers. -.Pp -.Fn EVP_CIPHER_CTX_new -creates a new, empty cipher context. -.Pp -.Fn EVP_CIPHER_CTX_reset -clears all information from -.Fa ctx -and frees all allocated memory associated with it, except the -.Fa ctx -object itself, such that it can be reused for another series of calls to -.Fn EVP_CipherInit , -.Fn EVP_CipherUpdate , -and -.Fn EVP_CipherFinal . -.Pp -.Fn EVP_CIPHER_CTX_free -clears all information from -.Fa ctx -and frees all allocated memory associated with it, including -.Fa ctx -itself. -This function should be called after all operations using a cipher -are complete, so sensitive information does not remain in memory. -If -.Fa ctx -is a -.Dv NULL -pointer, no action occurs. -.Pp -.Fn EVP_CIPHER_CTX_copy -calls -.Fn EVP_CIPHER_CTX_reset -on -.Fa out -and copies all the data from -.Fa in -to -.Fa out , -except that the -.Vt EVP_CIPHER -object used by -.Fa in -and any application specific data set with -.Xr EVP_CIPHER_CTX_set_app_data 3 -are not copied and -.Fa out -will point to the same two objects. -The algorithm- and implementation-specific cipher data described in -.Xr EVP_CIPHER_CTX_get_cipher_data 3 -is copied with -.Xr malloc 3 -and -.Xr memcpy 3 , -i.e. assuming that it does not contain pointers to any sub-objects. -If the bit -.Dv EVP_CIPH_CUSTOM_COPY -has been set with -.Xr EVP_CIPHER_meth_set_flags 3 , -.Xr EVP_CIPHER_CTX_ctrl 3 -is called at the end with arguments -.Fa in , -.Dv EVP_CTRL_COPY , -.No 0 , -and -.Fa out -such that the cipher implementation can perform further algorithm- -and implementation-specific initializations after the algorithm- -and implementation-specific cipher data has been copied. -Among the cipher algorithms built into the library, -.Dv EVP_CIPH_CUSTOM_COPY -and -.Dv EVP_CTRL_COPY -are used by some of the ciphers documented in the -.Xr EVP_aes_256_gcm 3 -manual page. -.Pp -.Fn EVP_EncryptInit -and -.Fn EVP_EncryptInit_ex -set up the cipher context -.Fa ctx -for encryption with cipher -.Fa type . -.Fa type -is normally supplied by a function such as -.Xr EVP_aes_256_cbc 3 . -.Fa key -is the symmetric key to use and -.Fa iv -is the IV to use (if necessary). -The actual number of bytes used for the -key and IV depends on the cipher. -The -.Fa ENGINE *engine -argument is always ignored and passing -.Dv NULL -is recommended. -It is possible to set all parameters to -.Dv NULL -except -.Fa type -in an initial call and supply the remaining parameters in subsequent -calls, all of which have -.Fa type -set to -.Dv NULL . -This is done when the default cipher parameters are not appropriate. -.Pp -.Fn EVP_EncryptUpdate -encrypts -.Fa in_len -bytes from the buffer -.Fa in -and writes the encrypted version to -.Fa out . -This function can be called multiple times to encrypt successive blocks -of data. -The amount of data written depends on the block alignment of the -encrypted data: as a result the amount of data written may be anything -from zero bytes to -.Pq Fa in_len No + cipher_block_size - 1 -so -.Fa out -should contain sufficient room. -The actual number of bytes written is placed in -.Pf * Fa out_len . -.Pp -If padding is enabled (the default) then -.Fn EVP_EncryptFinal -and -.Fn EVP_EncryptFinal_ex , -which behave identically, -encrypt the "final" data, that is any data that remains in a partial -block. -It uses NOTES (aka PKCS padding). -The encrypted final data is written to -.Fa out -which should have sufficient space for one cipher block. -The number of bytes written is placed in -.Pf * Fa out_len . -After this function is called, the encryption operation is finished and -no further calls to -.Fn EVP_EncryptUpdate -should be made. -.Pp -If padding is disabled then -.Fn EVP_EncryptFinal -and -.Fn EVP_EncryptFinal_ex -do not encrypt any more data and return an error if any data -remains in a partial block: that is if the total data length is not a -multiple of the block size. -.Pp -.Fn EVP_DecryptInit , -.Fn EVP_DecryptInit_ex , -.Fn EVP_DecryptUpdate , -.Fn EVP_DecryptFinal , -and -.Fn EVP_DecryptFinal_ex -are the corresponding decryption operations. -.Fn EVP_DecryptFinal -and -.Fn EVP_DecryptFinal_ex -return an error code if padding is enabled and the final block is -not correctly formatted. -The parameters and restrictions are identical to the encryption -operations except that if padding is enabled the decrypted data buffer -.Fa out -passed to -.Fn EVP_DecryptUpdate -should have sufficient room for -.Pq Fa in_len No + cipher_block_size -bytes unless the cipher block size is 1 in which case -.Fa in_len -bytes is sufficient. -.Pp -.Fn EVP_CipherInit , -.Fn EVP_CipherInit_ex , -.Fn EVP_CipherUpdate , -.Fn EVP_CipherFinal , -and -.Fn EVP_CipherFinal_ex -are functions that can be used for decryption or encryption. -The operation performed depends on the value of the -.Fa enc -parameter. -It should be set to 1 for encryption, 0 for decryption and -1 to leave -the value unchanged (the actual value of -.Fa enc -being supplied in a previous call). -.Pp -.Fn EVP_get_cipherbyname , -.Fn EVP_get_cipherbynid , -and -.Fn EVP_get_cipherbyobj -return an -.Vt EVP_CIPHER -structure when passed a cipher name, a NID or an -.Vt ASN1_OBJECT -structure. -.Pp -.Fn EVP_CIPHER_CTX_cipher -returns the -.Vt EVP_CIPHER -structure when passed an -.Vt EVP_CIPHER_CTX -structure. -.Pp -Where possible the EVP interface to symmetric ciphers should be -used in preference to the low level interfaces. -This is because the code then becomes transparent to the cipher used and -much more flexible. -.Pp -PKCS padding works by adding n padding bytes of value n to make the -total length of the encrypted data a multiple of the block size. -Padding is always added so if the data is already a multiple of the -block size n will equal the block size. -For example if the block size is 8 and 11 bytes are to be encrypted then -5 padding bytes of value 5 will be added. -.Pp -When decrypting, the final block is checked to see if it has the correct -form. -.Pp -Although the decryption operation can produce an error if padding is -enabled, it is not a strong test that the input data or key is correct. -A random block has better than 1 in 256 chance of being of the correct -format and problems with the input data earlier on will not produce a -final decrypt error. -.Pp -If padding is disabled then the decryption operation will always succeed -if the total amount of data decrypted is a multiple of the block size. -.Pp -.Fn EVP_get_cipherbynid -and -.Fn EVP_get_cipherbyobj -are implemented as macros. -.Sh RETURN VALUES -.Fn EVP_CIPHER_CTX_new -returns a pointer to a newly created -.Vt EVP_CIPHER_CTX -for success or -.Dv NULL -for failure. -.Pp -.Fn EVP_CIPHER_CTX_reset , -.Fn EVP_CIPHER_CTX_copy , -.Fn EVP_EncryptInit_ex , -.Fn EVP_EncryptUpdate , -.Fn EVP_EncryptFinal_ex , -.Fn EVP_DecryptInit_ex , -.Fn EVP_DecryptUpdate , -.Fn EVP_DecryptFinal_ex , -.Fn EVP_CipherInit_ex , -.Fn EVP_CipherUpdate , -.Fn EVP_CipherFinal_ex , -.Fn EVP_EncryptInit , -.Fn EVP_EncryptFinal , -.Fn EVP_DecryptInit , -.Fn EVP_DecryptFinal , -.Fn EVP_CipherInit , -and -.Fn EVP_CipherFinal -return 1 for success or 0 for failure. -.Pp -.Fn EVP_CIPHER_CTX_encrypting -returns 1 if -.Fa ctx -is initialized for encryption or 0 otherwise, in which case -it may be uninitialized or initialized for decryption. -.Pp -.Fn EVP_get_cipherbyname , -.Fn EVP_get_cipherbynid , -and -.Fn EVP_get_cipherbyobj -return an -.Vt EVP_CIPHER -structure or -.Dv NULL -on error. -.Pp -.Fn EVP_CIPHER_CTX_cipher -returns an -.Vt EVP_CIPHER -structure. -.Sh CIPHER LISTING -.Bl -tag -width Ds -.It Fn EVP_enc_null -Null cipher: does nothing. -.It Xo -.Fn EVP_idea_cbc , -.Fn EVP_idea_ecb , -.Fn EVP_idea_cfb64 , -.Fn EVP_idea_ofb -.Xc -IDEA encryption algorithm in CBC, ECB, CFB and OFB modes respectively. -IDEA is a block cipher operating on 64 bit blocks using a 128 bit -.Fa key . -.Fn EVP_idea_cfb -is an alias for -.Fn EVP_idea_cfb64 , -implemented as a macro. -.It Xo -.Fn EVP_bf_cbc , -.Fn EVP_bf_ecb , -.Fn EVP_bf_cfb64 , -.Fn EVP_bf_ofb -.Xc -Blowfish encryption algorithm in CBC, ECB, CFB and OFB modes -respectively. -Blowfish is a block cipher operating on 64 bit blocks using a variable -.Fa key -length. -The default key length is 128 bits. -.Fn EVP_bf_cfb -is an alias for -.Fn EVP_bf_cfb64 , -implemented as a macro. -.It Xo -.Fn EVP_cast5_cbc , -.Fn EVP_cast5_ecb , -.Fn EVP_cast5_cfb64 , -.Fn EVP_cast5_ofb -.Xc -CAST-128 encryption algorithm in CBC, ECB, CFB and OFB modes respectively. -CAST-128 is a block cipher operating on 64 bit blocks using a variable -.Fa key -length. -The default and maximum key length is 128 bits. -.Fn EVP_cast5_cfb -is an alias for -.Fn EVP_cast5_cfb64 , -implemented as a macro. -.El -.Pp -Some algorithms are documented in separate manual pages: -.Pp -.Bl -column "EVP_camellia_128_cbc(3)" "block size" -compact -.It manual page Ta block size Ta Fa key No size Pq in bits -.It Xr EVP_aes_128_cbc 3 Ta 128 Ta 128, 192, 256 -.It Xr EVP_aes_128_ccm 3 Ta 128 Ta 128, 192, 256 -.It Xr EVP_aes_128_gcm 3 Ta 128 Ta 128, 192, 256 -.It Xr EVP_camellia_128_cbc 3 Ta 128 Ta 128, 192, 256 -.It Xr EVP_chacha20 3 Ta stream Ta 256 -.It Xr EVP_des_cbc 3 Ta 64 Ta 64 -.It Xr EVP_rc2_cbc 3 Ta 64 Ta variable, default 128 -.It Xr EVP_rc4 3 Ta stream Ta variable, default 128 -.It Xr EVP_sm4_cbc 3 Ta 128 Ta 128 -.El -.Sh EXAMPLES -Encrypt a string using blowfish: -.Bd -literal -offset 3n -int -do_crypt(char *out_filename) -{ - unsigned char out_buf[1024]; - int out_len, tmp_len; - /* - * Bogus key and IV: we'd normally set these from - * another source. - */ - unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15}; - unsigned char iv[] = {1,2,3,4,5,6,7,8}; - const char in_text[] = "Some Crypto Text"; - EVP_CIPHER_CTX *ctx; - FILE *out_fileptr; - - ctx = EVP_CIPHER_CTX_new(); - EVP_EncryptInit_ex(ctx, EVP_bf_cbc(), NULL, key, iv); - - if (!EVP_EncryptUpdate(ctx, out_buf, &out_len, in_text, - strlen(in_text))) { - /* Error */ - EVP_CIPHER_CTX_free(ctx); - return 0; - } - /* - * Buffer passed to EVP_EncryptFinal() must be after data just - * encrypted to avoid overwriting it. - */ - if (!EVP_EncryptFinal_ex(ctx, out_buf + out_len, &tmp_len)) { - /* Error */ - EVP_CIPHER_CTX_free(ctx); - return 0; - } - out_len += tmp_len; - EVP_CIPHER_CTX_free(ctx); - /* - * Need binary mode for fopen because encrypted data is - * binary data. Also cannot use strlen() on it because - * it won't be NUL terminated and may contain embedded - * NULs. - */ - out_fileptr = fopen(out_filename, "wb"); - if (out_fileptr == NULL) { - /* Error */ - return 0; - } - fwrite(out_buf, 1, out_len, out_fileptr); - fclose(out_fileptr); - return 1; -} -.Ed -.Pp -The ciphertext from the above example can be decrypted using the -.Xr openssl 1 -utility with the command line: -.Bd -literal -offset indent -openssl bf -in cipher.bin -K 000102030405060708090A0B0C0D0E0F \e - -iv 0102030405060708 -d -.Ed -.Pp -General encryption, decryption function example using FILE I/O and AES128 -with a 128-bit key: -.Bd -literal -int -do_crypt(FILE *in_fileptr, FILE *out_fileptr, int do_encrypt) -{ - /* Allow enough space in output buffer for additional block */ - unsigned char in_buf[1024], out_buf[1024 + EVP_MAX_BLOCK_LENGTH]; - int in_len, out_len; - EVP_CIPHER_CTX *ctx; - - /* - * Bogus key and IV: we'd normally set these from - * another source. - */ - unsigned char key[] = "0123456789abcdeF"; - unsigned char iv[] = "1234567887654321"; - - ctx = EVP_CIPHER_CTX_new(); - EVP_CipherInit_ex(ctx, EVP_aes_128_cbc(), NULL, NULL, NULL, - do_encrypt); - EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt); - - for (;;) { - in_len = fread(in_buf, 1, 1024, in_fileptr); - if (in_len <= 0) - break; - if (!EVP_CipherUpdate(ctx, out_buf, &out_len, in_buf, - in_len)) { - /* Error */ - EVP_CIPHER_CTX_free(ctx); - return 0; - } - fwrite(out_buf, 1, out_len, out_fileptr); - } - if (!EVP_CipherFinal_ex(ctx, out_buf, &out_len)) { - /* Error */ - EVP_CIPHER_CTX_free(ctx); - return 0; - } - fwrite(out_buf, 1, out_len, out_fileptr); - - EVP_CIPHER_CTX_free(ctx); - return 1; -} -.Ed -.Sh SEE ALSO -.Xr BIO_f_cipher 3 , -.Xr evp 3 , -.Xr EVP_AEAD_CTX_init 3 , -.Xr EVP_aes_128_cbc 3 , -.Xr EVP_aes_128_ccm 3 , -.Xr EVP_aes_128_gcm 3 , -.Xr EVP_camellia_128_cbc 3 , -.Xr EVP_chacha20 3 , -.Xr EVP_CIPHER_CTX_ctrl 3 , -.Xr EVP_CIPHER_CTX_get_cipher_data 3 , -.Xr EVP_CIPHER_CTX_init 3 , -.Xr EVP_CIPHER_CTX_set_flags 3 , -.Xr EVP_CIPHER_nid 3 , -.Xr EVP_des_cbc 3 , -.Xr EVP_OpenInit 3 , -.Xr EVP_rc2_cbc 3 , -.Xr EVP_rc4 3 , -.Xr EVP_SealInit 3 , -.Xr EVP_sm4_cbc 3 -.Sh HISTORY -.Fn EVP_EncryptInit , -.Fn EVP_EncryptUpdate , -.Fn EVP_EncryptFinal , -.Fn EVP_DecryptInit , -.Fn EVP_DecryptUpdate , -.Fn EVP_DecryptFinal , -.Fn EVP_CipherInit , -.Fn EVP_CipherUpdate , -.Fn EVP_CipherFinal , -.Fn EVP_get_cipherbyname , -.Fn EVP_idea_cbc , -.Fn EVP_idea_ecb , -.Fn EVP_idea_cfb , -and -.Fn EVP_idea_ofb -first appeared in SSLeay 0.5.1. -.Fn EVP_bf_cbc , -.Fn EVP_bf_ecb , -.Fn EVP_bf_cfb , -and -.Fn EVP_bf_ofb -first appeared in SSLeay 0.6.6. -.Fn EVP_get_cipherbyobj , -.Fn EVP_CIPHER_CTX_cipher , -and -.Fn EVP_enc_null -first appeared in SSLeay 0.8.0. -.Fn EVP_get_cipherbynid -first appeared in SSLeay 0.8.1. -All these functions have been available since -.Ox 2.4 . -.Pp -.Fn EVP_EncryptInit_ex , -.Fn EVP_EncryptFinal_ex , -.Fn EVP_DecryptInit_ex , -.Fn EVP_DecryptFinal_ex , -.Fn EVP_CipherInit_ex , -and -.Fn EVP_CipherFinal_ex -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Pp -.Fn EVP_bf_cfb64 , -.Fn EVP_cast5_cfb64 , -and -.Fn EVP_idea_cfb64 -first appeared in OpenSSL 0.9.7e and have been available since -.Ox 3.8 . -.Pp -.Fn EVP_CIPHER_CTX_new -and -.Fn EVP_CIPHER_CTX_free -first appeared in OpenSSL 0.9.8b and have been available since -.Ox 4.5 . -.Pp -.Fn EVP_CIPHER_CTX_copy -first appeared in OpenSSL 1.0.0 -and has been available since -.Ox 4.9 . -.Pp -.Fn EVP_CIPHER_CTX_reset -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 6.3 . -.Pp -.Fn EVP_CIPHER_CTX_encrypting -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 6.4 . -.Sh BUGS -.Fn EVP_CIPHER_CTX_copy -may already have cleared the data in -.Fa out -and copied some new data into it even if it fails and returns 0. diff --git a/src/lib/libcrypto/man/EVP_MD_CTX_ctrl.3 b/src/lib/libcrypto/man/EVP_MD_CTX_ctrl.3 deleted file mode 100644 index c8c148faf0..0000000000 --- a/src/lib/libcrypto/man/EVP_MD_CTX_ctrl.3 +++ /dev/null @@ -1,279 +0,0 @@ -.\" $OpenBSD: EVP_MD_CTX_ctrl.3,v 1.3 2024/03/05 17:21:40 tb Exp $ -.\" full merge up to: OpenSSL man3/EVP_DigestInit.pod -.\" 24a535ea Sep 22 13:14:20 2020 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Richard Levitte , -.\" Todd Short , Paul Yang , -.\" and Antoine Salon . -.\" Copyright (c) 2015, 2016, 2018, 2019 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 5 2024 $ -.Dt EVP_MD_CTX_CTRL 3 -.Os -.Sh NAME -.Nm EVP_MD_CTX_ctrl , -.Nm EVP_MD_CTX_set_flags , -.Nm EVP_MD_CTX_clear_flags , -.Nm EVP_MD_CTX_test_flags , -.Nm EVP_MD_CTX_pkey_ctx , -.Nm EVP_MD_CTX_set_pkey_ctx , -.Nm EVP_MD_CTX_md_data -.Nd configure EVP message digest contexts -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_MD_CTX_ctrl -.Fa "EVP_MD_CTX *ctx" -.Fa "int command" -.Fa "int p1" -.Fa "void* p2" -.Fc -.Ft void -.Fo EVP_MD_CTX_set_flags -.Fa "EVP_MD_CTX *ctx" -.Fa "int flags" -.Fc -.Ft void -.Fo EVP_MD_CTX_clear_flags -.Fa "EVP_MD_CTX *ctx" -.Fa "int flags" -.Fc -.Ft int -.Fo EVP_MD_CTX_test_flags -.Fa "const EVP_MD_CTX *ctx" -.Fa "int flags" -.Fc -.Ft EVP_PKEY_CTX * -.Fo EVP_MD_CTX_pkey_ctx -.Fa "const EVP_MD_CTX *ctx" -.Fc -.Ft void -.Fo EVP_MD_CTX_set_pkey_ctx -.Fa "EVP_MD_CTX *ctx" -.Fa "EVP_PKEY_CTX *pctx" -.Fc -.Ft void * -.Fo EVP_MD_CTX_md_data -.Fa "const EVP_MD_CTX *ctx" -.Fc -.Sh DESCRIPTION -.Fn EVP_MD_CTX_ctrl -performs the digest-specific control -.Fa command -with the command-specific arguments -.Fa p1 -and -.Fa p2 -on -.Fa ctx , -which needs to already be set up with -.Xr EVP_DigestInit_ex 3 -before calling this function. -Other restrictions may apply depending on the control -.Fa command -and digest implementation. -.Pp -If the -.Fa command -is -.Dv EVP_MD_CTRL_MICALG , -.Fa p1 -is ignored and -.Fa p2 -is an output argument of the type -.Fa "char **p2" . -A string specifying the digest Message Integrity Check algorithm -is allocated and a pointer to this string is returned in -.Pf * Fa p2 . -It is the responsibility of the caller to -.Xr free 3 -.Pf * Fa p2 -when it is no longer needed. -This -.Fa command -is used by -.Xr SMIME_write_ASN1 3 -when creating S/MIME multipart/signed messages as specified in RFC 3851. -.Pp -.Fn EVP_MD_CTX_set_flags -sets and -.Fn EVP_MD_CTX_clear_flags -clears all the flag bits in -.Fa ctx -that are set in the -.Fa flags -argument. -.Fn EVP_MD_CTX_test_flags -tests which of the flag bits that are set in the -.Fa flags -argument are also set in -.Fa ctx . -Possible flag bits are: -.Bl -tag -width Ds -offset 2n -.It Dv EVP_MD_CTX_FLAG_NO_INIT -Instruct -.Xr EVP_DigestInit_ex 3 -and functions calling it not to initialise the internal data -that is specific to the digest method and its implementation. -.It Dv EVP_MD_CTX_FLAG_ONESHOT -Instruct the digest to optimize for one update only, if possible. -For digest algorithms built into the library, this flag usually -has no effect. -.El -.Pp -.Fn EVP_MD_CTX_pkey_ctx -returns the -.Vt EVP_PKEY_CTX -assigned to -.Fa ctx . -The returned pointer should not be freed by the caller. -.Pp -.Fn EVP_MD_CTX_set_pkey_ctx -assigns -.Fa pctx -to -.Fa ctx . -This is normally used to provide a customized -.Vt EVP_PKEY_CTX -to -.Xr EVP_DigestSignInit 3 -or -.Xr EVP_DigestVerifyInit 3 . -The caller retains ownership of the -.Fa pctx -passed to this function and is responsible for freeing it -when it is no longer needed. -.Pp -If the -.Fa ctx -already contains a -.Vt EVP_PKEY_CTX -when this function is called, that old -.Vt EVP_PKEY_CTX -is freed if it was created internally, but if it was also installed with -.Fn EVP_MD_CTX_set_pkey_ctx , -the pointer to the old -.Vt EVP_PKEY_CTX -is merely replaced by the new pointer and ownership of the old -.Vt EVP_PKEY_CTX -remains with the previous caller. -.Pp -Passing a -.Dv NULL -pointer for the -.Fa pctx -argument is also allowed. -In that case, any -.Vt EVP_PKEY_CTX -already assigned to -.Fa ctx -is dissociated from it as described above, but no new -.Vt EVP_PKEY_CTX -is assigned. -.Pp -.Fn EVP_MD_CTX_md_data -returns the digest method private data of -.Fa ctx . -The space is allocated with a size determined at compile time. -The size is not exposed by an API. -.Sh RETURN VALUES -.Fn EVP_MD_CTX_ctrl -returns 1 for success or 0 for failure. -.Pp -.Fn EVP_MD_CTX_test_flags -returns the bitwise OR of the -.Fa flags -argument and the flags set in -.Fa ctx . -.Pp -.Fn EVP_MD_CTX_pkey_ctx -and -.Fn EVP_MD_CTX_md_data -return pointers to storage owned by -.Fa ctx . -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_DigestInit 3 , -.Xr EVP_MD_nid 3 -.Sh HISTORY -.Fn EVP_MD_CTX_set_flags , -.Fn EVP_MD_CTX_clear_flags , -and -.Fn EVP_MD_CTX_test_flags , -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Pp -.Fn EVP_MD_CTX_ctrl -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 5.7 . -.Pp -.Fn EVP_MD_CTX_pkey_ctx -and -.Fn EVP_MD_CTX_md_data -first appeared in OpenSSL 1.1.0 and -.Fn EVP_MD_CTX_set_pkey_ctx -in OpenSSL 1.1.1. -These functions have been available since -.Ox 7.1 . diff --git a/src/lib/libcrypto/man/EVP_MD_nid.3 b/src/lib/libcrypto/man/EVP_MD_nid.3 deleted file mode 100644 index 15806091de..0000000000 --- a/src/lib/libcrypto/man/EVP_MD_nid.3 +++ /dev/null @@ -1,315 +0,0 @@ -.\" $OpenBSD: EVP_MD_nid.3,v 1.4 2024/03/05 17:21:40 tb Exp $ -.\" full merge up to: OpenSSL man3/EVP_DigestInit.pod -.\" 24a535ea Sep 22 13:14:20 2020 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson -.\" and Antoine Salon . -.\" Copyright (c) 2000, 2012, 2019 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 5 2024 $ -.Dt EVP_MD_NID 3 -.Os -.Sh NAME -.Nm EVP_MD_nid , -.Nm EVP_MD_type , -.Nm EVP_MD_CTX_type , -.Nm EVP_MD_name , -.Nm EVP_MD_size , -.Nm EVP_MD_CTX_size , -.Nm EVP_MD_block_size , -.Nm EVP_MD_CTX_block_size , -.Nm EVP_MD_flags , -.Nm EVP_MD_pkey_type -.Nd inspect EVP_MD objects -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_MD_nid -.Fa "const EVP_MD *md" -.Fc -.Ft int -.Fo EVP_MD_type -.Fa "const EVP_MD *md" -.Fc -.Ft int -.Fo EVP_MD_CTX_type -.Fa "const EVP_MD_CTX *ctx" -.Fc -.Ft const char * -.Fo EVP_MD_name -.Fa "const EVP_MD *md" -.Fc -.Ft int -.Fo EVP_MD_size -.Fa "const EVP_MD *md" -.Fc -.Ft int -.Fo EVP_MD_CTX_size -.Fa "const EVP_MD_CTX *ctx" -.Fc -.Ft int -.Fo EVP_MD_block_size -.Fa "const EVP_MD *md" -.Fc -.Ft int -.Fo EVP_MD_CTX_block_size -.Fa "const EVP_MD_CTX *ctx" -.Fc -.Ft unsigned long -.Fo EVP_MD_flags -.Fa "const EVP_MD *md" -.Fc -.Ft int -.Fo EVP_MD_pkey_type -.Fa "const EVP_MD *md" -.Fc -.Sh DESCRIPTION -.Fn EVP_MD_nid -and -.Fn EVP_MD_type -are identical and return the numerical identifier (NID) of -.Fa md . -The NID is an internal value which may or may not have -a corresponding ASN.1 OBJECT IDENTIFIER; see -.Xr OBJ_nid2obj 3 -for details. -For example , -.Fn EVP_MD_type EVP_sha512() -returns -.Dv NID_sha512 . -.Fn EVP_MD_CTX_type -returns the NID of the message digest algorithm that -.Fa ctx -is configured to use. -These functions are normally used when setting ASN.1 OIDs. -.Pp -.Fn EVP_MD_name -converts the NID of -.Fa md -to its short name with -.Xr OBJ_nid2sn 3 . -.Pp -.Fn EVP_MD_size -returns the size in bytes of the message digests (hashes) produced by -.Fa md . -.Fn EVP_MD_CTX_size -return the size of the hashes produced by the message digest algorithm that -.Fa ctx -is configured to use. -.Pp -.Fn EVP_MD_block_size -returns the block size in bytes of -.Fa md . -.Fn EVP_MD_CTX_block_size -returns the block size of the message digest algorithm that -.Fa ctx -is configured to use. -.Pp -.Fn EVP_MD_flags -returns the message digest flags used by -.Fa md . -Be careful to not confuse these flags with the unrelated -message digest context flags that can be inspected with -.Xr EVP_MD_CTX_test_flags 3 . -The available flags are: -.Bl -tag -width Ds -.It Dv EVP_MD_FLAG_DIGALGID_NULL -The parameters in a -.Vt DigestAlgorithmIdentifier -are encoded using an explicit ASN.1 -.Dv NULL -rather than omitting them. -This is the default, which means that it takes effect for -.Vt EVP_MD -objects that do not have -.Dv EVP_MD_FLAG_DIGALGID_ABSENT -set. -.It Dv EVP_MD_FLAG_DIGALGID_ABSENT -The parameters in a -.Vt DigestAlgorithmIdentifier -are omitted from the ASN.1 encoding. -This is used by the -.Vt EVP_MD -objects documented in the manual page -.Xr EVP_sha3_224 3 -and by the objects returned from -.Xr EVP_sha512 3 , -.Xr EVP_sha512_256 3 , -.Xr EVP_sha512_224 3 , -.Xr EVP_sha384 3 , -.Xr EVP_sha256 3 , -.Xr EVP_sha224 3 , -.Xr EVP_sha1 3 , -and -.Xr EVP_sm3 3 . -.It Dv EVP_MD_FLAG_DIGALGID_CUSTOM -This flag is reserved for user-defined -.Vt EVP_MD -objects supporting custom -.Vt DigestAlgorithmIdentifier -handling via -.Xr EVP_MD_CTX_ctrl 3 , -but actually, it is ignored by both LibreSSL and OpenSSL -and such user-defined behaviour is not supported by the libraries. -.It Dv EVP_MD_FLAG_FIPS -Mark the digest method as suitable for FIPS mode. -This flag is ignored by both LibreSSL and OpenSSL. -.It Dv EVP_MD_FLAG_ONESHOT -Intended to indicate that the digest method can only handle one block -of input, but actually, this flag is ignored by both LibreSSL and OpenSSL. -.El -.Pp -.Fn EVP_MD_pkey_type -returns the NID of the public key signing algorithm associated with this -digest. -For example, -.Xr EVP_sha512 3 -is associated with RSA, so this returns -.Dv NID_sha512WithRSAEncryption . -Since digests and signature algorithms are no longer linked, this -function is only retained for compatibility reasons. -.Pp -.Fn EVP_MD_nid , -.Fn EVP_MD_CTX_type , -.Fn EVP_MD_name , -.Fn EVP_MD_CTX_size , -and -.Fn EVP_MD_CTX_block_size -are implemented as macros. -.Sh RETURN VALUES -.Fn EVP_MD_nid , -.Fn EVP_MD_type , -.Fn EVP_MD_CTX_type , -and -.Fn EVP_MD_pkey_type -return the NID of the corresponding OBJECT IDENTIFIER or -.Dv NID_undef -if none exists. -.Pp -.Fn EVP_MD_name -returns a pointer to a string -that is owned by an internal library object or -.Dv NULL -if the NID is neither built into the library nor added to the global -object table by one of the functions documented in the manual page -.Xr OBJ_create 3 , -or if the object does not contain a short name. -.Pp -.Fn EVP_MD_size , -.Fn EVP_MD_CTX_size , -.Fn EVP_MD_block_size , -and -.Fn EVP_MD_CTX_block_size -return the digest or block size in bytes. -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_DigestInit 3 , -.Xr EVP_MD_CTX_ctrl 3 , -.Xr OBJ_nid2obj 3 -.Sh STANDARDS -RFC 5754: Using SHA2 Algorithms with Cryptographic Message Syntax -.Bl -dash -compact -offset indent -.It -section 2: Message Digest Algorithms -.El -.Sh HISTORY -.Fn EVP_MD_size -first appeared in SSLeay 0.6.6, -.Fn EVP_MD_CTX_size -and -.Fn EVP_MD_CTX_type -in SSLeay 0.8.0, -.Fn EVP_MD_type -and -.Fn EVP_MD_pkey_type -in SSLeay 0.8.1, and -.Fn EVP_MD_block_size -and -.Fn EVP_MD_CTX_block_size -in SSLeay 0.9.0. -All these functions have been available since -.Ox 2.4 . -.Pp -.Fn EVP_MD_nid -and -.Fn EVP_MD_name -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Pp -.Fn EVP_MD_flags -first appeared in OpenSSL 1.0.0 -and has been available since -.Ox 4.9 . -.Sh CAVEATS -The behaviour of the functions taking an -.Vt EVP_MD_CTX -argument is undefined if they are called on a -.Fa ctx -that has no message digest configured yet, -for example one freshly returned from -.Xr EVP_MD_CTX_new 3 . -In that case, the program may for example be terminated by a -.Dv NULL -pointer access. diff --git a/src/lib/libcrypto/man/EVP_OpenInit.3 b/src/lib/libcrypto/man/EVP_OpenInit.3 deleted file mode 100644 index fbd0e75571..0000000000 --- a/src/lib/libcrypto/man/EVP_OpenInit.3 +++ /dev/null @@ -1,157 +0,0 @@ -.\" $OpenBSD: EVP_OpenInit.3,v 1.9 2023/11/16 20:27:43 schwarze Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 16 2023 $ -.Dt EVP_OPENINIT 3 -.Os -.Sh NAME -.Nm EVP_OpenInit , -.Nm EVP_OpenUpdate , -.Nm EVP_OpenFinal -.Nd EVP envelope decryption -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_OpenInit -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "EVP_CIPHER *type" -.Fa "unsigned char *ek" -.Fa "int ekl" -.Fa "unsigned char *iv" -.Fa "EVP_PKEY *priv" -.Fc -.Ft int -.Fo EVP_OpenUpdate -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "unsigned char *out" -.Fa "int *outl" -.Fa "unsigned char *in" -.Fa "int inl" -.Fc -.Ft int -.Fo EVP_OpenFinal -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "unsigned char *out" -.Fa "int *outl" -.Fc -.Sh DESCRIPTION -The EVP envelope routines are a high level interface to envelope -decryption. -They decrypt a public key encrypted symmetric key and then decrypt data -using it. -.Pp -.Fn EVP_OpenInit -initializes a cipher context -.Fa ctx -for decryption with cipher -.Fa type . -It decrypts the encrypted symmetric key of length -.Fa ekl -bytes passed in the -.Fa ek -parameter using the private key -.Fa priv . -The IV is supplied in the -.Fa iv -parameter. -.Pp -.Fn EVP_OpenUpdate -and -.Fn EVP_OpenFinal -have exactly the same properties as the -.Xr EVP_DecryptUpdate 3 -and -.Xr EVP_DecryptFinal 3 -routines. -.Pp -It is possible to call -.Fn EVP_OpenInit -twice in the same way as -.Xr EVP_DecryptInit 3 . -The first call should have -.Fa priv -set to -.Dv NULL -and (after setting any cipher parameters) it should be -called again with -.Fa type -set to -.Dv NULL . -.Pp -If the cipher passed in the -.Fa type -parameter is a variable length cipher then the key length will be set to -the value of the recovered key length. -If the cipher is a fixed length cipher then the recovered key length -must match the fixed cipher length. -.Pp -.Fn EVP_OpenUpdate -is implemented as a macro. -.Sh RETURN VALUES -.Fn EVP_OpenInit -returns 0 on error or a non-zero integer (actually the recovered secret -key size) if successful. -.Pp -.Fn EVP_OpenUpdate -returns 1 for success or 0 for failure. -.Pp -.Fn EVP_OpenFinal -returns 0 if the decrypt failed or 1 for success. -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_EncryptInit 3 , -.Xr EVP_SealInit 3 -.Sh HISTORY -.Fn EVP_OpenInit , -.Fn EVP_OpenUpdate , -and -.Fn EVP_OpenFinal -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/EVP_PKCS82PKEY.3 b/src/lib/libcrypto/man/EVP_PKCS82PKEY.3 deleted file mode 100644 index 30a43b8dca..0000000000 --- a/src/lib/libcrypto/man/EVP_PKCS82PKEY.3 +++ /dev/null @@ -1,60 +0,0 @@ -.\" $OpenBSD: EVP_PKCS82PKEY.3,v 1.3 2024/03/05 19:21:31 tb Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 5 2024 $ -.Dt EVP_PKCS82PKEY 3 -.Os -.Sh NAME -.Nm EVP_PKCS82PKEY , -.Nm EVP_PKEY2PKCS8 -.Nd convert between EVP_PKEY and PKCS#8 PrivateKeyInfo -.Sh SYNOPSIS -.In openssl/x509.h -.Ft EVP_PKEY * -.Fn EVP_PKCS82PKEY "const PKCS8_PRIV_KEY_INFO *keyinfo" -.Ft PKCS8_PRIV_KEY_INFO * -.Fn EVP_PKEY2PKCS8 "EVP_PKEY *pkey" -.Sh DESCRIPTION -.Fn EVP_PKCS82PKEY -extracts the private key from a PKCS#8 -.Vt PrivateKeyInfo -structure. -.Pp -.Fn EVP_PKEY2PKCS8 -creates a PKCS#8 -.Vt PrivateKeyInfo -structure representing the private key contained in -.Fa pkey . -.Pp -Supported algorithms include DH, DSA, EC, and RSA. -.Sh RETURN VALUES -These functions return a newly allocated object or -.Dv NULL -if the algorithm indicated in -.Fa keyinfo -or -.Fa pkey -is unsupported or if memory allocation, decoding, or encoding fails. -.Sh SEE ALSO -.Xr EVP_PKEY_base_id 3 , -.Xr EVP_PKEY_new 3 , -.Xr PKCS8_pkey_set0 3 , -.Xr PKCS8_PRIV_KEY_INFO_new 3 , -.Xr X509_ALGOR_get0 3 -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.3 -and have been available since -.Ox 2.6 . diff --git a/src/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3 b/src/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3 deleted file mode 100644 index 137e576c46..0000000000 --- a/src/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3 +++ /dev/null @@ -1,582 +0,0 @@ -.\" $OpenBSD: EVP_PKEY_CTX_ctrl.3,v 1.28 2024/12/10 14:54:20 schwarze Exp $ -.\" full merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" selective merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100 -.\" Parts were split out into RSA_pkey_ctx_ctrl(3). -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2019, 2023, 2024 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson -.\" and Antoine Salon . -.\" Copyright (c) 2006, 2009, 2013, 2014, 2015, 2018 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 10 2024 $ -.Dt EVP_PKEY_CTX_CTRL 3 -.Os -.Sh NAME -.Nm EVP_PKEY_CTX_ctrl , -.Nm EVP_PKEY_CTX_ctrl_str , -.Nm EVP_PKEY_CTX_set_signature_md , -.Nm EVP_PKEY_CTX_get_signature_md , -.Nm EVP_PKEY_CTX_set_dsa_paramgen_bits , -.Nm EVP_PKEY_CTX_set_dh_paramgen_prime_len , -.Nm EVP_PKEY_CTX_set_dh_paramgen_generator , -.Nm EVP_PKEY_CTX_set_ec_paramgen_curve_nid , -.Nm EVP_PKEY_CTX_set_ec_param_enc , -.Nm EVP_PKEY_CTX_set_ecdh_cofactor_mode , -.Nm EVP_PKEY_CTX_get_ecdh_cofactor_mode , -.Nm EVP_PKEY_CTX_set_ecdh_kdf_type , -.Nm EVP_PKEY_CTX_get_ecdh_kdf_type , -.Nm EVP_PKEY_CTX_set_ecdh_kdf_md , -.Nm EVP_PKEY_CTX_get_ecdh_kdf_md , -.Nm EVP_PKEY_CTX_set_ecdh_kdf_outlen , -.Nm EVP_PKEY_CTX_get_ecdh_kdf_outlen , -.Nm EVP_PKEY_CTX_set0_ecdh_kdf_ukm , -.Nm EVP_PKEY_CTX_get0_ecdh_kdf_ukm , -.Nm EVP_PKEY_CTX_set1_id , -.Nm EVP_PKEY_CTX_get1_id , -.Nm EVP_PKEY_CTX_get1_id_len -.Nd algorithm specific control operations -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_PKEY_CTX_ctrl -.Fa "EVP_PKEY_CTX *ctx" -.Fa "int keytype" -.Fa "int optype" -.Fa "int cmd" -.Fa "int p1" -.Fa "void *p2" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_ctrl_str -.Fa "EVP_PKEY_CTX *ctx" -.Fa "const char *type" -.Fa "const char *value" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_set_signature_md -.Fa "EVP_PKEY_CTX *ctx" -.Fa "const EVP_MD *md" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_get_signature_md -.Fa "EVP_PKEY_CTX *ctx" -.Fa "const EVP_MD **pmd" -.Fc -.In openssl/dsa.h -.Ft int -.Fo EVP_PKEY_CTX_set_dsa_paramgen_bits -.Fa "EVP_PKEY_CTX *ctx" -.Fa "int nbits" -.Fc -.In openssl/dh.h -.Ft int -.Fo EVP_PKEY_CTX_set_dh_paramgen_prime_len -.Fa "EVP_PKEY_CTX *ctx" -.Fa "int len" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_set_dh_paramgen_generator -.Fa "EVP_PKEY_CTX *ctx" -.Fa "int gen" -.Fc -.In openssl/ec.h -.Ft int -.Fo EVP_PKEY_CTX_set_ec_paramgen_curve_nid -.Fa "EVP_PKEY_CTX *ctx" -.Fa "int nid" -.Fc -.Fa int -.Fo EVP_PKEY_CTX_set_ec_param_enc -.Fa "EVP_PKEY_CTX *ctx" -.Fa "int param_enc" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_set_ecdh_cofactor_mode -.Fa "EVP_PKEY_CTX *ctx" -.Fa "int cofactor_mode" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_get_ecdh_cofactor_mode -.Fa "EVP_PKEY_CTX *ctx" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_set_ecdh_kdf_type -.Fa "EVP_PKEY_CTX *ctx" -.Fa "int kdf" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_get_ecdh_kdf_type -.Fa "EVP_PKEY_CTX *ctx" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_set_ecdh_kdf_md -.Fa "EVP_PKEY_CTX *ctx" -.Fa "const EVP_MD *md" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_get_ecdh_kdf_md -.Fa "EVP_PKEY_CTX *ctx" -.Fa "const EVP_MD **pmd" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_set_ecdh_kdf_outlen -.Fa "EVP_PKEY_CTX *ctx" -.Fa "int len" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_get_ecdh_kdf_outlen -.Fa "EVP_PKEY_CTX *ctx" -.Fa "int *plen" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_set0_ecdh_kdf_ukm -.Fa "EVP_PKEY_CTX *ctx" -.Fa "unsigned char *ukm" -.Fa "int len" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_get0_ecdh_kdf_ukm -.Fa "EVP_PKEY_CTX *ctx" -.Fa "unsigned char **pukm" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_set1_id -.Fa "EVP_PKEY_CTX *ctx" -.Fa "void *id" -.Fa "size_t id_len" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_get1_id -.Fa "EVP_PKEY_CTX *ctx" -.Fa "void *id" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_get1_id_len -.Fa "EVP_PKEY_CTX *ctx" -.Fa "size_t *pid_len" -.Fc -.Sh DESCRIPTION -The function -.Fn EVP_PKEY_CTX_ctrl -sends a control operation to the context -.Fa ctx . -The key type used must match -.Fa keytype -if it is not -1. -The parameter -.Fa optype -is a mask indicating which operations the control can be applied to. -The control command is indicated in -.Fa cmd -and any additional arguments in -.Fa p1 -and -.Fa p2 . -.Pp -Applications will not normally call -.Fn EVP_PKEY_CTX_ctrl -directly but will instead call one of the algorithm specific macros -described below and in -.Xr RSA_pkey_ctx_ctrl 3 . -.Pp -The function -.Fn EVP_PKEY_CTX_ctrl_str -allows an application to send an algorithm specific control operation to -a context -.Fa ctx -in string form. -This is intended to be used for options specified on the command line or -in text files. -The commands supported are documented in the -.Xr openssl 1 -utility command line pages for the option -.Fl pkeyopt -which is supported by the -.Cm pkeyutl , -.Cm genpkey , -and -.Cm req -commands. -.Pp -All the remaining "functions" are implemented as macros. -.Pp -The -.Fn EVP_PKEY_CTX_set_signature_md -and -.Fn EVP_PKEY_CTX_get_signature_md -macros set and get the message digest type used in a signature. -They can be used with the RSA, DSA, and ECDSA algorithms. -If the key is of the type -.Dv EVP_PKEY_RSA_PSS -and has usage restrictions, an error occurs if an attempt is made -to set the digest to anything other than the restricted value. -.Pp -These two macros expand to -.Fn EVP_PKEY_CTX_ctrl -with an -.Fa optype -of -.Dv EVP_PKEY_OP_TYPE_SIG -and the following command arguments: -.Pp -.Bl -column -compact EVP_PKEY_CTRL_GET_MD EVP_PKEY_CTX_get_signature_md() -.It Fa cmd No constant Ta corresponding macro -.It Dv EVP_PKEY_CTRL_MD Ta Fn EVP_PKEY_CTX_set_signature_md -.It Dv EVP_PKEY_CTRL_GET_MD Ta Fn EVP_PKEY_CTX_get_signature_md -.El -.Ss DSA parameters -The macro -.Fn EVP_PKEY_CTX_set_dsa_paramgen_bits -sets the number of bits used for DSA parameter generation to -.Fa nbits . -If not specified, 1024 is used. -.Ss DH parameters -The macro -.Fn EVP_PKEY_CTX_set_dh_paramgen_prime_len -sets the length of the DH prime parameter -.Fa len -for DH parameter generation. -It only accepts lengths greater than or equal to 256. -If this macro is not called, then 1024 is used. -.Pp -The -.Fn EVP_PKEY_CTX_set_dh_paramgen_generator -macro sets DH generator to -.Fa gen -for DH parameter generation. -If not specified, 2 is used. -.Ss EC parameters -The -.Fn EVP_PKEY_CTX_set_ec_paramgen_curve_nid -macro sets the EC curve for EC parameter generation to -.Fa nid . -For EC parameter generation, this macro must be called or an error occurs -because there is no default curve. -.Pp -The -.Fn EVP_PKEY_CTX_set_ec_param_enc -macro sets the EC parameter encoding to -.Fa param_enc -when generating EC parameters or an EC key. -The encoding can be set to 0 for explicit parameters or to -.Dv OPENSSL_EC_NAMED_CURVE -to use named curve form. -.Ss ECDH parameters -The -.Fn EVP_PKEY_CTX_set_ecdh_cofactor_mode -macro sets the cofactor mode to -.Fa cofactor_mode -for ECDH key derivation. -Possible values are 1 to enable cofactor key derivation, 0 to disable -it, or -1 to clear the stored cofactor mode and fall back to the -private key cofactor mode. -.Pp -The -.Fn EVP_PKEY_CTX_get_ecdh_cofactor_mode -macro returns the cofactor mode for -.Fa ctx -used for ECDH key derivation. -Possible return values are 1 when cofactor key derivation is enabled -or 0 otherwise. -.Ss ECDH key derivation function parameters -The -.Fn EVP_PKEY_CTX_set_ecdh_kdf_type -macro sets the key derivation function type to -.Fa kdf -for ECDH key derivation. -Possible values are -.Dv EVP_PKEY_ECDH_KDF_NONE -or -.Dv EVP_PKEY_ECDH_KDF_X9_63 -which uses the key derivation specified in X9.63. -When using key derivation, the -.Fa kdf_md -and -.Fa kdf_outlen -parameters must also be specified. -.Pp -The -.Fn EVP_PKEY_CTX_get_ecdh_kdf_type -macro returns the key derivation function type for -.Fa ctx -used for ECDH key derivation. -Possible return values are -.Dv EVP_PKEY_ECDH_KDF_NONE -or -.Dv EVP_PKEY_ECDH_KDF_X9_63 . -.Pp -The -.Fn EVP_PKEY_CTX_set_ecdh_kdf_md -macro sets the key derivation function message digest to -.Fa md -for ECDH key derivation. -Note that X9.63 specifies that this digest should be SHA1, -but OpenSSL tolerates other digests. -.Pp -The -.Fn EVP_PKEY_CTX_get_ecdh_kdf_md -macro gets the key derivation function message digest for -.Fa ctx -used for ECDH key derivation. -.Pp -The -.Fn EVP_PKEY_CTX_set_ecdh_kdf_outlen -macro sets the key derivation function output length to -.Fa len -for ECDH key derivation. -.Pp -The -.Fn EVP_PKEY_CTX_get_ecdh_kdf_outlen -macro gets the key derivation function output length for -.Fa ctx -used for ECDH key derivation. -.Pp -The -.Fn EVP_PKEY_CTX_set0_ecdh_kdf_ukm -macro sets the user key material to -.Fa ukm -for ECDH key derivation. -This parameter is optional and corresponds to the shared info -in X9.63 terms. -The library takes ownership of the user key material, so the caller -should not free the original memory pointed to by -.Fa ukm . -.Pp -The -.Fn EVP_PKEY_CTX_get0_ecdh_kdf_ukm -macro gets the user key material for -.Fa ctx . -The return value is the user key material length. -The resulting pointer is owned by the library and should not be -freed by the caller. -.Ss CMAC parameters -Application programs normally implement CMAC as described in -.Xr EVP_PKEY_new_CMAC_key 3 -and do not need the control commands documented here. -.Pp -Alternatively, the call to -.Xr EVP_PKEY_new_CMAC_key 3 -can be replaced as follows, -leaving the rest of the example code given there unchanged: -.Pp -.Bl -enum -width 2n -compact -.It -Create an empty -.Vt EVP_PKEY_CTX -object by passing the -.Dv EVP_PKEY_CMAC -constant to -.Xr EVP_PKEY_CTX_new_id 3 . -.It -Initialize it with -.Xr EVP_PKEY_keygen_init 3 . -.It -Select the block cipher by calling -.Fn EVP_PKEY_CTX_ctrl -with an -.Fa optype -of -.Dv EVP_PKEY_OP_KEYGEN , -a -.Fa cmd -of -.Dv EVP_PKEY_CTRL_CIPHER , -and -.Fa p2 -pointing to an -.Vt EVP_CIPHER -object, which can be obtained from the functions in the CIPHER LISTING in -.Xr EVP_EncryptInit 3 . -The -.Fa p1 -argument is ignored; passing 0 is recommended. -.It -Call -.Fn EVP_PKEY_CTX_ctrl -again with an -.Fa optype -of -.Dv EVP_PKEY_OP_KEYGEN , -a -.Fa cmd -of -.Dv EVP_PKEY_CTRL_SET_MAC_KEY , -.Fa p2 -pointing to the symmetric key, and -.Fa p1 -specifying the length of the symmetric key in bytes. -.It -Extract the desired -.Vt EVP_PKEY -object using -.Xr EVP_PKEY_keygen 3 , -making sure the -.Fa ppkey -argument points to a storage location containing a -.Dv NULL -pointer. -.It -Proceed with -.Xr EVP_MD_CTX_new 3 , -.Xr EVP_DigestSignInit 3 , -and -.Xr EVP_DigestSign 3 -as usual. -.El -.Ss HMAC parameters -Application programs normally implement HMAC as described in -.Xr EVP_PKEY_new_raw_private_key 3 . -While it is possible to instead use -.Dv EVP_PKEY_CTRL_SET_MAC_KEY -directly, similar to the above description for CMAC, -that is strongly discouraged. -It's essentially what the deprecated function -.Xr EVP_PKEY_new_mac_key 3 -does internally, and compared to the direct approach with -.Xr EVP_PKEY_new_raw_private_key 3 , -it requires a lot of cumbersome and unnecessary work. -.Ss Other parameters -The -.Fn EVP_PKEY_CTX_set1_id , -.Fn EVP_PKEY_CTX_get1_id , -and -.Fn EVP_PKEY_CTX_get1_id_len -macros manipulate a special identifier field used for some specific -signature algorithms such as SM2. -The -.Fn EVP_PKEY_set1_id -macro sets the ID to a copy of -.Fa id -with the length -.Fa id_len . -The caller can safely free the original memory pointed to by -.Fa id . -The -.Fn EVP_PKEY_CTX_get1_id_len -macro returns the length of the ID set via a previous call to -.Fn EVP_PKEY_set1_id . -That length is typically used to allocate memory for a subsequent call to -.Fn EVP_PKEY_CTX_get1_id , -which copies the previously set ID into -.Pf * Fa id . -The caller is responsible for allocating sufficient memory for -.Fa id -before calling -.Fn EVP_PKEY_CTX_get1_id . -.Sh RETURN VALUES -.Fn EVP_PKEY_CTX_ctrl -and its macros return a positive value for success and 0 or a negative -value for failure. -In particular, a return value of -2 indicates the operation is not -supported by the public key algorithm. -.Sh SEE ALSO -.Xr DH_new 3 , -.Xr EVP_DigestInit 3 , -.Xr EVP_PKEY_CTX_new 3 , -.Xr EVP_PKEY_decrypt 3 , -.Xr EVP_PKEY_derive 3 , -.Xr EVP_PKEY_encrypt 3 , -.Xr EVP_PKEY_get_default_digest_nid 3 , -.Xr EVP_PKEY_keygen 3 , -.Xr EVP_PKEY_sign 3 , -.Xr EVP_PKEY_verify 3 , -.Xr EVP_PKEY_verify_recover 3 , -.Xr RSA_pkey_ctx_ctrl 3 -.Sh HISTORY -The functions -.Fn EVP_PKEY_CTX_ctrl , -.Fn EVP_PKEY_CTX_ctrl_str , -.Fn EVP_PKEY_CTX_set_signature_md , -.Fn EVP_PKEY_CTX_set_dsa_paramgen_bits , -.Fn EVP_PKEY_CTX_set_dh_paramgen_prime_len , -.Fn EVP_PKEY_CTX_set_dh_paramgen_generator , -and -.Fn EVP_PKEY_CTX_set_ec_paramgen_curve_nid -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . -.Pp -The functions -.Fn EVP_PKEY_CTX_get_signature_md , -.Fn EVP_PKEY_CTX_set_ec_param_enc , -.Fn EVP_PKEY_CTX_set_ecdh_cofactor_mode , -.Fn EVP_PKEY_CTX_get_ecdh_cofactor_mode , -.Fn EVP_PKEY_CTX_set_ecdh_kdf_type , -.Fn EVP_PKEY_CTX_get_ecdh_kdf_type , -.Fn EVP_PKEY_CTX_set_ecdh_kdf_md , -.Fn EVP_PKEY_CTX_get_ecdh_kdf_md , -.Fn EVP_PKEY_CTX_set_ecdh_kdf_outlen , -.Fn EVP_PKEY_CTX_get_ecdh_kdf_outlen , -.Fn EVP_PKEY_CTX_set0_ecdh_kdf_ukm , -and -.Fn EVP_PKEY_CTX_get0_ecdh_kdf_ukm -first appeared in OpenSSL 1.0.2 and have been available since -.Ox 6.6 . -.Pp -The functions -.Fn EVP_PKEY_CTX_set1_id , -.Fn EVP_PKEY_CTX_get1_id , -and -.Fn EVP_PKEY_CTX_get1_id_len -first appeared in OpenSSL 1.1.1 and have been available since -.Ox 6.6 . diff --git a/src/lib/libcrypto/man/EVP_PKEY_CTX_get_operation.3 b/src/lib/libcrypto/man/EVP_PKEY_CTX_get_operation.3 deleted file mode 100644 index 2482c746d4..0000000000 --- a/src/lib/libcrypto/man/EVP_PKEY_CTX_get_operation.3 +++ /dev/null @@ -1,137 +0,0 @@ -.\" $OpenBSD: EVP_PKEY_CTX_get_operation.3,v 1.3 2023/09/12 16:15:23 schwarze Exp $ -.\" -.\" Copyright (c) 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: September 12 2023 $ -.Dt EVP_PKEY_CTX_GET_OPERATION 3 -.Os -.Sh NAME -.Nm EVP_PKEY_CTX_get_operation , -.Nm EVP_PKEY_CTX_get0_pkey -.Nd inspect EVP_PKEY_CTX objects -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_PKEY_CTX_get_operation -.Fa "EVP_PKEY_CTX *ctx" -.Fc -.Ft EVP_PKEY * -.Fo EVP_PKEY_CTX_get0_pkey -.Fa "EVP_PKEY_CTX *ctx" -.Fc -.Sh DESCRIPTION -.Fn EVP_PKEY_CTX_get_operation -finds out which initialization function has been called on -.Fa ctx , -if any: -.Bl -column EVP_PKEY_OP_VERIFYRECO EVP_PKEY_verify_recover_init -.It return value Ta initialized with Ta e.g. for -.It Dv EVP_PKEY_OP_DECRYPT Ta Xr EVP_PKEY_decrypt_init 3 Ta RSA, SM2 -.It Dv EVP_PKEY_OP_DERIVE Ta Xr EVP_PKEY_derive_init 3 Ta HKDF -.It Dv EVP_PKEY_OP_ENCRYPT Ta Xr EVP_PKEY_encrypt_init 3 Ta RSA, SM2 -.It Dv EVP_PKEY_OP_KEYGEN Ta Xr EVP_PKEY_keygen_init 3 Ta almost all -.It Dv EVP_PKEY_OP_PARAMGEN Ta Xr EVP_PKEY_paramgen_init 3 Ta DH, DSA, EC -.It Dv EVP_PKEY_OP_SIGN Ta Xr EVP_PKEY_sign_init 3 Ta DSA,EC,RSA,SM2 -.It Dv EVP_PKEY_OP_SIGN Ta Xr EVP_DigestSignInit 3 Ta ED25519 -.It Dv EVP_PKEY_OP_SIGNCTX Ta Xr EVP_DigestSignInit 3 Ta CMAC, HMAC -.It Dv EVP_PKEY_OP_UNDEFINED Ta not initialized Ta NONE -.It Dv EVP_PKEY_OP_VERIFY Ta Xr EVP_PKEY_verify_init 3 Ta DSA,EC,RSA,SM2 -.It Dv EVP_PKEY_OP_VERIFY Ta Xr EVP_DigestVerifyInit 3 Ta ED25519 -.It Dv EVP_PKEY_OP_VERIFYCTX Ta Xr EVP_DigestVerifyInit 3 Ta no built-in -.It Dv EVP_PKEY_OP_VERIFYRECOVER Ta Xr EVP_PKEY_verify_recover_init 3 Ta RSA -.El -.Pp -The rightmost column of the above table shows examples of algorithms -the return values can occur for. -For example, if -.Xr EVP_PKEY_base_id 3 -returns -.Dv EVP_PKEY_HKDF , -then calling -.Fn EVP_PKEY_CTX_get_operation -on a -.Vt EVP_PKEY_CTX -using that key may return -.Dv EVP_PKEY_OP_DERIVE . -.Pp -If the return value is -.Dv EVP_PKEY_OP_SIGNCTX -or -.Dv EVP_PKEY_OP_VERIFYCTX , -the -.Fa ctx -supports -.Xr EVP_DigestSignUpdate 3 -or -.Xr EVP_DigestVerifyUpdate 3 , -respectively. -If the return value is -.Dv EVP_PKEY_OP_SIGN -or -.Dv EVP_PKEY_OP_VERIFY , -if does not, and only one-shot signing or verification is supported. -.Pp -The return value -.Dv EVP_PKEY_OP_UNDEFINED -can for example occur if the -.Fa ctx -was freshly returned from -.Xr EVP_PKEY_CTX_new 3 -or -.Xr EVP_PKEY_CTX_new_id 3 -and not yet initialized. -.Pp -The following masks are defined as the logical OR of two or more of the above -.Dv EVP_PKEY_OP_* -bits: -.Pp -.Bl -tag -width EVP_PKEY_OP_TYPE_NOGEN -compact -.It Dv EVP_PKEY_OP_TYPE_CRYPT -DECRYPT | ENCRYPT -.It Dv EVP_PKEY_OP_TYPE_GEN -KEYGEN | PARAMGEN -.It Dv EVP_PKEY_OP_TYPE_NOGEN -CRYPT | DERIVE | SIG -.It Dv EVP_PKEY_OP_TYPE_SIG -SIGN | SIGNCTX | VERIFY | VERIFYCTX | VERIFYRECOVER -.El -.Sh RETURN VALUES -.Fn EVP_PKEY_CTX_get_operation -returns one of the single-bit -.Dv EVP_PKEY_OP_* -constants or -.Dv EVP_PKEY_OP_UNDEFINED -if -.Fa ctx -is not initialized. -.Pp -.Fn EVP_PKEY_CTX_get0_pkey -returns an internal pointer to the -.Vt EVP_PKEY -object used by -.Fa ctx , -without incrementing its reference count. -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_PKEY_base_id 3 , -.Xr EVP_PKEY_CTX_ctrl 3 , -.Xr EVP_PKEY_CTX_new 3 , -.Xr EVP_PKEY_new 3 -.Sh HISTORY -.Fn EVP_PKEY_CTX_get_operation -and -.Fn EVP_PKEY_CTX_get0_pkey -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/EVP_PKEY_CTX_new.3 b/src/lib/libcrypto/man/EVP_PKEY_CTX_new.3 deleted file mode 100644 index e74bce9dfb..0000000000 --- a/src/lib/libcrypto/man/EVP_PKEY_CTX_new.3 +++ /dev/null @@ -1,183 +0,0 @@ -.\" $OpenBSD: EVP_PKEY_CTX_new.3,v 1.16 2024/12/06 14:27:49 schwarze Exp $ -.\" full merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2019, 2020 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2006, 2009, 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 6 2024 $ -.Dt EVP_PKEY_CTX_NEW 3 -.Os -.Sh NAME -.Nm EVP_PKEY_CTX_new , -.Nm EVP_PKEY_CTX_new_id , -.Nm EVP_PKEY_CTX_dup , -.Nm EVP_PKEY_CTX_free -.Nd public key algorithm context functions -.Sh SYNOPSIS -.In openssl/evp.h -.Ft EVP_PKEY_CTX * -.Fo EVP_PKEY_CTX_new -.Fa "EVP_PKEY *pkey" -.Fa "ENGINE *engine" -.Fc -.Ft EVP_PKEY_CTX * -.Fo EVP_PKEY_CTX_new_id -.Fa "int id" -.Fa "ENGINE *engine" -.Fc -.Ft EVP_PKEY_CTX * -.Fo EVP_PKEY_CTX_dup -.Fa "EVP_PKEY_CTX *ctx" -.Fc -.Ft void -.Fo EVP_PKEY_CTX_free -.Fa "EVP_PKEY_CTX *ctx" -.Fc -.Sh DESCRIPTION -The -.Fn EVP_PKEY_CTX_new -function allocates a public key algorithm context using the algorithm -specified in -.Fa pkey . -The -.Fa ENGINE *engine -argument is always ignored and passing -.Dv NULL -is recommended. -.Pp -The -.Fn EVP_PKEY_CTX_new_id -function allocates a public key algorithm context using the algorithm -specified by -.Fa id . -The -.Fa ENGINE *engine -argument is always ignored and passing -.Dv NULL -is recommended. -It is normally used when no -.Vt EVP_PKEY -structure is associated with the operations, for example during -parameter generation of key generation for some algorithms. -The -.Fa id -argument can be any of the constants that -.Xr EVP_PKEY_base_id 3 -and -.Xr EVP_PKEY_id 3 -may return. -.Pp -.Fn EVP_PKEY_CTX_dup -duplicates the context -.Fa ctx . -.Pp -.Fn EVP_PKEY_CTX_free -frees up the context -.Fa ctx . -If -.Fa ctx -is a -.Dv NULL -pointer, no action occurs. -.Sh RETURN VALUES -.Fn EVP_PKEY_CTX_new , -.Fn EVP_PKEY_CTX_new_id , -and -.Fn EVP_PKEY_CTX_dup -return either the newly allocated -.Vt EVP_PKEY_CTX -structure or -.Dv NULL -if an error occurred. -.Sh SEE ALSO -.Xr EVP_DigestSignInit 3 , -.Xr EVP_DigestVerifyInit 3 , -.Xr EVP_PKEY_base_id 3 , -.Xr EVP_PKEY_CTX_ctrl 3 , -.Xr EVP_PKEY_CTX_get_operation 3 , -.Xr EVP_PKEY_CTX_hkdf_mode 3 , -.Xr EVP_PKEY_decrypt 3 , -.Xr EVP_PKEY_derive 3 , -.Xr EVP_PKEY_encrypt 3 , -.Xr EVP_PKEY_keygen 3 , -.Xr EVP_PKEY_new 3 , -.Xr EVP_PKEY_sign 3 , -.Xr EVP_PKEY_verify 3 , -.Xr EVP_PKEY_verify_recover 3 , -.Xr RSA_pkey_ctx_ctrl 3 , -.Xr X25519 3 -.Sh HISTORY -These functions first appeared in OpenSSL 1.0.0 -and have been available since -.Ox 4.9 . -.Sh CAVEATS -The -.Vt EVP_PKEY_CTX -structure is an opaque public key algorithm context used by the OpenSSL -high level public key API. -Contexts -.Sy MUST NOT -be shared between threads. -It is not permissible to use the same context simultaneously in two -threads. diff --git a/src/lib/libcrypto/man/EVP_PKEY_CTX_set_hkdf_md.3 b/src/lib/libcrypto/man/EVP_PKEY_CTX_set_hkdf_md.3 deleted file mode 100644 index 973ae95974..0000000000 --- a/src/lib/libcrypto/man/EVP_PKEY_CTX_set_hkdf_md.3 +++ /dev/null @@ -1,258 +0,0 @@ -.\" $OpenBSD: EVP_PKEY_CTX_set_hkdf_md.3,v 1.4 2024/07/10 07:57:37 tb Exp $ -.\" full merge up to: OpenSSL 1cb7eff4 Sep 10 13:56:40 2019 +0100 -.\" -.\" This file was written by Alessandro Ghedini , -.\" Matt Caswell , and Viktor Dukhovni . -.\" Copyright (c) 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 10 2024 $ -.Dt EVP_PKEY_CTX_SET_HKDF_MD 3 -.Os -.Sh NAME -.Nm EVP_PKEY_CTX_set_hkdf_md , -.Nm EVP_PKEY_CTX_set1_hkdf_salt , -.Nm EVP_PKEY_CTX_set1_hkdf_key , -.Nm EVP_PKEY_CTX_add1_hkdf_info , -.Nm EVP_PKEY_CTX_hkdf_mode -.Nd HMAC-based Extract-and-Expand key derivation algorithm -.Sh SYNOPSIS -.In openssl/evp.h -.In openssl/kdf.h -.Ft int -.Fo EVP_PKEY_CTX_hkdf_mode -.Fa "EVP_PKEY_CTX *pctx" -.Fa "int mode" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_set_hkdf_md -.Fa "EVP_PKEY_CTX *pctx" -.Fa "const EVP_MD *md" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_set1_hkdf_salt -.Fa "EVP_PKEY_CTX *pctx" -.Fa "unsigned char *salt" -.Fa "int saltlen" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_set1_hkdf_key -.Fa "EVP_PKEY_CTX *pctx" -.Fa "unsigned char *key" -.Fa "int keylen" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_add1_hkdf_info -.Fa "EVP_PKEY_CTX *pctx" -.Fa "unsigned char *info" -.Fa "int infolen" -.Fc -.Sh DESCRIPTION -The -.Dv EVP_PKEY_HKDF -algorithm implements the HKDF key derivation function. -HKDF follows the "extract-then-expand" paradigm, where the KDF logically -consists of two modules. -The first stage takes the input keying material and "extracts" from it a -fixed-length pseudorandom key K. -The second stage "expands" the key K -into several additional pseudorandom keys (the output of the KDF). -.Pp -.Fn EVP_PKEY_CTX_hkdf_mode -sets the mode for the HKDF operation. -There are three modes that are currently defined: -.Bl -tag -width Ds -.It Dv EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND -This is the default mode. -Calling -.Xr EVP_PKEY_derive 3 -on an -.Vt EVP_PKEY_CTX -set up for HKDF will perform an extract followed by -an expand operation in one go. -The derived key returned will be the result after the expand operation. -The intermediate fixed-length pseudorandom key K is not returned. -.Pp -In this mode the digest, key, salt and info values must be set before a -key is derived or an error occurs. -.It Dv EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY -In this mode calling -.Xr EVP_PKEY_derive 3 -will just perform the extract operation. -The value returned will be the intermediate fixed-length pseudorandom -key K. -.Pp -The digest, key and salt values must be set before a key is derived or -an error occurs. -.It Dv EVP_PKEY_HKDEF_MODE_EXPAND_ONLY -In this mode calling -.Xr EVP_PKEY_derive 3 -will just perform the expand operation. -The input key should be set to the intermediate fixed-length -pseudorandom key K returned from a previous extract operation. -.Pp -The digest, key and info values must be set before a key is derived or -an error occurs. -.El -.Pp -.Fn EVP_PKEY_CTX_set_hkdf_md -sets the message digest associated with the HKDF. -.Pp -.Fn EVP_PKEY_CTX_set1_hkdf_salt -sets the salt to -.Fa saltlen -bytes of the buffer -.Fa salt . -Any existing value is replaced. -.Pp -.Fn EVP_PKEY_CTX_set1_hkdf_key -sets the key to -.Fa keylen -bytes of the buffer -.Fa key . -Any existing value is replaced. -.Pp -.Fn EVP_PKEY_CTX_add1_hkdf_info -sets the info value to -.Fa infolen -bytes of the buffer -.Fa info . -If a value is already set, it is appended to the existing value. -.Sh STRING CTRLS -HKDF also supports string based control operations via -.Xr EVP_PKEY_CTX_ctrl_str 3 . -The -.Fa type -parameter "md" uses the supplied -.Fa value -as the name of the digest algorithm to use. -The -.Fa type -parameter "mode" accepts "EXTRACT_AND_EXPAND", "EXTRACT_ONLY" -and "EXPAND_ONLY" as -.Fa value -to determine the mode to use. -The -.Fa type -parameters "salt", "key" and "info" use the supplied -.Fa value -parameter as a -seed, key, or info. -The names "hexsalt", "hexkey" and "hexinfo" are similar except they take -a hex string which is converted to binary. -.Sh NOTES -All these functions are implemented as macros. -.Pp -A context for HKDF can be obtained by calling: -.Bd -literal - EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); -.Ed -.Pp -The total length of the info buffer cannot exceed 1024 bytes in length: -this should be more than enough for any normal use of HKDF. -.Pp -The output length of an HKDF expand operation is specified via the -length parameter to the -.Xr EVP_PKEY_derive 3 -function. -Since the HKDF output length is variable, passing a -.Dv NULL -buffer as a means to obtain the requisite length is not meaningful with -HKDF in any mode that performs an expand operation. -Instead, the caller must allocate a buffer of the desired length, and -pass that buffer to -.Xr EVP_PKEY_derive 3 -along with (a pointer initialized to) the desired length. -Passing a -.Dv NULL -buffer to obtain the length is allowed when using -.Dv EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY . -.Sh RETURN VALUES -All these functions return 1 for success and 0 or a negative value for -failure. -In particular a return value of -2 indicates the operation is not -supported by the public key algorithm. -.Sh EXAMPLES -This example derives 10 bytes using SHA-256 with the secret key -"secret", salt value "salt" and info value "label": -.Bd -literal -EVP_PKEY_CTX *pctx; -unsigned char out[10]; -size_t outlen = sizeof(out); - -if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)) == NULL) - /* Error */ - -if (EVP_PKEY_derive_init(pctx) <= 0) - /* Error */ -if (EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()) <= 0) - /* Error */ -if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, "salt", 4) <= 0) - /* Error */ -if (EVP_PKEY_CTX_set1_hkdf_key(pctx, "secret", 6) <= 0) - /* Error */ -if (EVP_PKEY_CTX_add1_hkdf_info(pctx, "label", 5) <= 0) - /* Error */ -if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) - /* Error */ -.Ed -.Sh SEE ALSO -.Xr EVP_PKEY_CTX_ctrl_str 3 , -.Xr EVP_PKEY_CTX_new 3 , -.Xr EVP_PKEY_derive 3 -.Sh STANDARDS -RFC 5869: HMAC-based Extract-and-Expand Key Derivation Function (HKDF) -.Sh HISTORY -.Fn EVP_PKEY_CTX_set_hkdf_md , -.Fn EVP_PKEY_CTX_set1_hkdf_salt , -.Fn EVP_PKEY_CTX_set1_hkdf_key , -and -.Fn EVP_PKEY_CTX_add1_hkdf_info -first appeared in OpenSSL 1.1.0 and -.Fn EVP_PKEY_CTX_hkdf_mode -in OpenSSL 1.1.1. -These functions have been available since -.Ox 7.2 . diff --git a/src/lib/libcrypto/man/EVP_PKEY_CTX_set_tls1_prf_md.3 b/src/lib/libcrypto/man/EVP_PKEY_CTX_set_tls1_prf_md.3 deleted file mode 100644 index 1b95bbaa98..0000000000 --- a/src/lib/libcrypto/man/EVP_PKEY_CTX_set_tls1_prf_md.3 +++ /dev/null @@ -1,171 +0,0 @@ -.\" $OpenBSD: EVP_PKEY_CTX_set_tls1_prf_md.3,v 1.2 2024/07/10 10:22:03 tb Exp $ -.\" full merge up to: OpenSSL 1cb7eff4 Sep 10 13:56:40 2019 +0100 -.\" -.\" This file was written by Dr Stephen Henson , -.\" Copyright (c) 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 10 2024 $ -.Dt EVP_PKEY_CTX_SET_TLS1_PRF_MD 3 -.Os -.Sh NAME -.Nm EVP_PKEY_CTX_set_tls1_prf_md , -.Nm EVP_PKEY_CTX_set1_tls1_prf_secret , -.Nm EVP_PKEY_CTX_add1_tls1_prf_seed -.Nd TLS PRF key derivation algorithm -.Sh SYNOPSIS -.In openssl/evp.h -.In openssl/kdf.h -.Ft int -.Fo EVP_PKEY_CTX_set_tls1_prf_md -.Fa "EVP_PKEY_CTX *pctx" -.Fa "const EVP_MD *md" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_set1_tls1_prf_secret -.Fa "EVP_PKEY_CTX *pctx" -.Fa "unsigned char *sec" -.Fa "int seclen" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_add1_tls1_prf_seed -.Fa "EVP_PKEY_CTX *pctx" -.Fa "unsigned char *seed" -.Fa "int seedlen" -.Fc -.Sh DESCRIPTION -The -.Dv EVP_PKEY_TLS1_PRF -algorithm implements the PRF key derivation function for TLS. -It has no associated private key and only implements key derivation using -.Xr EVP_PKEY_derive 3 . -.Pp -.Fn EVP_PKEY_set_tls1_prf_md -sets the message digest associated with the TLS PRF. -.Xr EVP_md5_sha1 3 -is treated as a special case which uses the PRF algorithm using both -MD5 and SHA1 as used in TLS 1.0 and 1.1. -.Pp -.Fn EVP_PKEY_CTX_set_tls1_prf_secret -sets the secret value of the TLS PRF to -.Fa seclen -bytes of the buffer -.Fa sec . -Any existing secret value is replaced and any seed is reset. -.Pp -.Fn EVP_PKEY_CTX_add1_tls1_prf_seed -sets the seed to -.Fa seedlen -bytes of -.Fa seed . -If a seed is already set it is appended to the existing value. -.Sh STRING CTRLS -The TLS PRF also supports string based control operations using -.Xr EVP_PKEY_CTX_ctrl_str 3 . -The -.Fa type -parameter "md" uses the supplied -.Fa value -as the name of the digest algorithm to use. -The -.Fa type -parameters "secret" and "seed" use the supplied -.Fa value -parameter as a secret or seed value. -The names "hexsecret" and "hexseed" are similar except they take a hex -string which is converted to binary. -.Sh NOTES -All these functions are implemented as macros. -.Pp -A context for the TLS PRF can be obtained by calling: -.Bd -literal - EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL); -.Ed -.Pp -The digest, secret value and seed must be set before a key is derived or -an error occurs. -.Pp -The total length of all seeds cannot exceed 1024 bytes in length: this -should be more than enough for any normal use of the TLS PRF. -.Pp -The output length of the PRF is specified by the length parameter in the -.Xr EVP_PKEY_derive 3 -function. -Since the output length is variable, setting the buffer to -.Dv NULL -is not meaningful for the TLS PRF. -.Sh RETURN VALUES -All these functions return 1 for success and 0 or a negative value for -failure. -In particular a return value of -2 indicates the operation is not -supported by the public key algorithm. -.Sh EXAMPLES -This example derives 10 bytes using SHA-256 with the secret key "secret" -and seed value "seed": -.Bd -literal - EVP_PKEY_CTX *pctx; - unsigned char out[10]; - size_t outlen = sizeof(out); - - pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL); - if (EVP_PKEY_derive_init(pctx) <= 0) - /* Error */ - if (EVP_PKEY_CTX_set_tls1_prf_md(pctx, EVP_sha256()) <= 0) - /* Error */ - if (EVP_PKEY_CTX_set1_tls1_prf_secret(pctx, "secret", 6) <= 0) - /* Error */ - if (EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, "seed", 4) <= 0) - /* Error */ - if (EVP_PKEY_derive(pctx, out, &outlen) <= 0) - /* Error */ -.Ed -.Sh SEE ALSO -.Xr EVP_PKEY_CTX_ctrl_str 3 , -.Xr EVP_PKEY_CTX_new 3 , -.Xr EVP_PKEY_derive 3 -.Sh HISTORY -These functions first appeared in OpenSSL 1.1.0 and have been available since -.Ox 7.6 . diff --git a/src/lib/libcrypto/man/EVP_PKEY_asn1_get_count.3 b/src/lib/libcrypto/man/EVP_PKEY_asn1_get_count.3 deleted file mode 100644 index f7810789b6..0000000000 --- a/src/lib/libcrypto/man/EVP_PKEY_asn1_get_count.3 +++ /dev/null @@ -1,242 +0,0 @@ -.\" $OpenBSD: EVP_PKEY_asn1_get_count.3,v 1.10 2024/12/06 12:51:13 schwarze Exp $ -.\" full merge up to: OpenSSL 72a7a702 Feb 26 14:05:09 2019 +0000 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2020, 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Richard Levitte . -.\" Copyright (c) 2017 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 6 2024 $ -.Dt EVP_PKEY_ASN1_GET_COUNT 3 -.Os -.Sh NAME -.Nm EVP_PKEY_asn1_get_count , -.Nm EVP_PKEY_asn1_get0 , -.Nm EVP_PKEY_get0_asn1 , -.Nm EVP_PKEY_asn1_find , -.Nm EVP_PKEY_asn1_find_str , -.Nm EVP_PKEY_asn1_get0_info -.Nd enumerate public key ASN.1 methods -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fn EVP_PKEY_asn1_get_count void -.Ft const EVP_PKEY_ASN1_METHOD * -.Fo EVP_PKEY_asn1_get0 -.Fa "int idx" -.Fc -.Ft const EVP_PKEY_ASN1_METHOD * -.Fo EVP_PKEY_get0_asn1 -.Fa "const EVP_PKEY *pkey" -.Fc -.Ft const EVP_PKEY_ASN1_METHOD * -.Fo EVP_PKEY_asn1_find -.Fa "ENGINE **engine" -.Fa "int type" -.Fc -.Ft const EVP_PKEY_ASN1_METHOD * -.Fo EVP_PKEY_asn1_find_str -.Fa "ENGINE **engine" -.Fa "const char *str" -.Fa "int len" -.Fc -.Ft int -.Fo EVP_PKEY_asn1_get0_info -.Fa "int *ppkey_id" -.Fa "int *pkey_base_id" -.Fa "int *ppkey_flags" -.Fa "const char **pinfo" -.Fa "const char **ppem_str" -.Fa "const EVP_PKEY_ASN1_METHOD *ameth" -.Fc -.Sh DESCRIPTION -.Fn EVP_PKEY_asn1_get_count -returns the number of public key ASN.1 methods available. -.Pp -.Fn EVP_PKEY_asn1_get0 -returns the public key ASN.1 method -.Fa idx . -The value of -.Fa idx -must be in the range from zero to -.Fn EVP_PKEY_asn1_get_count -\- 1. -.Pp -.Fn EVP_PKEY_asn1_find -looks up the method with NID -.Fa type , -which can be any of the values that -.Xr EVP_PKEY_base_id 3 -and -.Xr EVP_PKEY_id 3 -may return. -If -.Fa engine -is not -.Dv NULL , -.Pf * Fa engine -is set to -.Dv NULL . -.Pp -.Fn EVP_PKEY_asn1_find_str -looks up the method with the PEM type string given by the first -.Fa len -bytes of -.Fa str . -If -.Fa len -is \-1, the -.Xr strlen 3 -of -.Fa str -is used instead. -The PEM type strings supported by default are listed in the -.Xr EVP_PKEY_base_id 3 -manual page. -Just like -.Fn EVP_PKEY_asn1_find , -if -.Fa engine -is not -.Dv NULL , -.Pf * Fa engine -is set to -.Dv NULL . -.Pp -.Fn EVP_PKEY_asn1_get0_info -retrieves the public key ID as returned by -.Xr EVP_PKEY_id 3 , -the base public key ID as returned by -.Xr EVP_PKEY_base_id 3 -.Pq both NIDs , -any flags, and internal pointers owned by -.Fa ameth -pointing to its method description string and its PEM type string. -.Pp -The following flags bits can occur, OR'ed together in -.Pf * Fa ppkey_flags : -.Bl -tag -width Ds -.It Dv ASN1_PKEY_ALIAS -This -.Fa ameth -object serves as an alias for another -.Vt EVP_PKEY_ASN1_METHOD -object and will never be returned from -.Fn EVP_PKEY_asn1_find -or -.Fn EVP_PKEY_asn1_find_str . -.It Dv ASN1_PKEY_DYNAMIC -This flag is unused. -It could formerly be used to mark an -.Fa ameth -object as dynamically allocated. -.It Dv ASN1_PKEY_SIGPARAM_NULL -If the signing -.Fa ctx -uses an -.Vt EVP_PKEY -private key associated with this -.Fa ameth , -instruct -.Xr ASN1_item_sign_ctx 3 -to use a parameter type of -.Dv V_ASN1_NULL -instead of the default -.Dv V_ASN1_UNDEF -when encoding the ASN.1 -.Vt AlgorithmIdentifier -objects with -.Xr X509_ALGOR_set0 3 . -In particular, this is used for -.Dv EVP_PKEY_RSA . -.El -.Sh RETURN VALUES -.Fn EVP_PKEY_asn1_get_count -returns the number of available public key methods. -.Pp -.Fn EVP_PKEY_asn1_get0 -returns a public key method or -.Dv NULL -if -.Fa idx -is out of range. -.Pp -.Fn EVP_PKEY_get0_asn1 -returns the public key method used by -.Fa pkey . -.Pp -.Fn EVP_PKEY_asn1_find -and -.Fn EVP_PKEY_asn1_find_str -return a matching public key method or -.Dv NULL -if no match is found. -.Pp -.Fn EVP_PKEY_asn1_get0_info -returns 1 on success or 0 on failure. -.Sh SEE ALSO -.Xr EVP_PKEY_base_id 3 , -.Xr EVP_PKEY_new 3 -.Sh HISTORY -These functions first appeared in OpenSSL 1.0.0 -and have been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/EVP_PKEY_cmp.3 b/src/lib/libcrypto/man/EVP_PKEY_cmp.3 deleted file mode 100644 index c12843854d..0000000000 --- a/src/lib/libcrypto/man/EVP_PKEY_cmp.3 +++ /dev/null @@ -1,179 +0,0 @@ -.\" $OpenBSD: EVP_PKEY_cmp.3,v 1.15 2024/12/06 12:51:13 schwarze Exp $ -.\" full merge up to: OpenSSL 05ea606a May 20 20:52:46 2016 -0400 -.\" selective merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2006, 2013, 2014, 2016 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 6 2024 $ -.Dt EVP_PKEY_CMP 3 -.Os -.Sh NAME -.Nm EVP_PKEY_missing_parameters , -.Nm EVP_PKEY_copy_parameters , -.Nm EVP_PKEY_cmp_parameters , -.Nm EVP_PKEY_cmp -.\" .Nm EVP_PKEY_save_parameters is intentionally undocumented -.\" because nothing uses it according to codesearch.debian.net -.\" and it only affects X509_PUBKEY_set(3) for DSA, -.\" resulting in incomplete output without the public key parameters. -.Nd public key parameter and comparison functions -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_PKEY_missing_parameters -.Fa "const EVP_PKEY *pkey" -.Fc -.Ft int -.Fo EVP_PKEY_copy_parameters -.Fa "EVP_PKEY *destination" -.Fa "const EVP_PKEY *source" -.Fc -.Ft int -.Fo EVP_PKEY_cmp_parameters -.Fa "const EVP_PKEY *a" -.Fa "const EVP_PKEY *b" -.Fc -.Ft int -.Fo EVP_PKEY_cmp -.Fa "const EVP_PKEY *a" -.Fa "const EVP_PKEY *b" -.Fc -.Sh DESCRIPTION -.Fn EVP_PKEY_missing_parameters -checks whether any public key parameters are missing from -.Fa pkey . -.Pp -.Fn EVP_PKEY_copy_parameters -copies all public key parameters from the -.Fa source -to the -.Fa destination . -If the algorithm does not use parameters, no action occurs. -.Pp -.Fn EVP_PKEY_cmp_parameters -compares the public key parameters of -.Fa a -and -.Fa b . -This is only supported for algorithms that use parameters. -.Pp -.Fn EVP_PKEY_cmp -compares the public key components of -.Fa a -and -.Fa b . -If the algorithm uses public key parameters, -it also compares the parameters. -.Pp -The main purpose of the functions -.Fn EVP_PKEY_missing_parameters -and -.Fn EVP_PKEY_copy_parameters -is to handle public keys in certificates where the parameters are -sometimes omitted from a public key if they are inherited from the CA -that signed it. -.Pp -Since OpenSSL private keys contain public key components too, the -function -.Fn EVP_PKEY_cmp -can also be used to determine if a private key matches a public key. -.Sh RETURN VALUES -.Fn EVP_PKEY_missing_parameters -returns 1 if the public key parameters of -.Fa pkey -are missing or incomplete or 0 if they are present and complete -or if the algorithm doesn't use parameters. -.Pp -.Fn EVP_PKEY_copy_parameters -returns 1 for success or 0 for failure. -In particular, it fails if the key types mismatch or if the public -key parameters in the -.Fa source -are missing or incomplete. -.Pp -.Fn EVP_PKEY_cmp_parameters -and -.Fn EVP_PKEY_cmp -return 1 if the keys match, 0 if they don't match, -1 if the key types -are different and -2 if the operation is not supported. -.Sh SEE ALSO -.Xr EVP_PKEY_CTX_new 3 , -.Xr EVP_PKEY_keygen 3 , -.Xr EVP_PKEY_new 3 , -.Xr X509_get_pubkey_parameters 3 -.Sh HISTORY -.Fn EVP_PKEY_missing_parameters -and -.Fn EVP_PKEY_copy_parameters -first appeared in SSLeay 0.8.0. -.Fn EVP_PKEY_cmp_parameters -first appeared in SSLeay 0.9.0. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn EVP_PKEY_cmp -first appeared in OpenSSL 0.9.8 and has been available since -.Ox 4.5 . diff --git a/src/lib/libcrypto/man/EVP_PKEY_decrypt.3 b/src/lib/libcrypto/man/EVP_PKEY_decrypt.3 deleted file mode 100644 index c063847b10..0000000000 --- a/src/lib/libcrypto/man/EVP_PKEY_decrypt.3 +++ /dev/null @@ -1,175 +0,0 @@ -.\" $OpenBSD: EVP_PKEY_decrypt.3,v 1.10 2024/12/06 14:27:49 schwarze Exp $ -.\" full merge up to: OpenSSL 48e5119a Jan 19 10:49:22 2018 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2006, 2009, 2013, 2018 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 6 2024 $ -.Dt EVP_PKEY_DECRYPT 3 -.Os -.Sh NAME -.Nm EVP_PKEY_decrypt_init , -.Nm EVP_PKEY_decrypt -.Nd decrypt using a public key algorithm -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_PKEY_decrypt_init -.Fa "EVP_PKEY_CTX *ctx" -.Fc -.Ft int -.Fo EVP_PKEY_decrypt -.Fa "EVP_PKEY_CTX *ctx" -.Fa "unsigned char *out" -.Fa "size_t *outlen" -.Fa "const unsigned char *in" -.Fa "size_t inlen" -.Fc -.Sh DESCRIPTION -The -.Fn EVP_PKEY_decrypt_init -function initializes a public key algorithm context using key -.Fa ctx->pkey -for a decryption operation. -.Pp -The -.Fn EVP_PKEY_decrypt -function performs a public key decryption operation using -.Fa ctx . -The data to be decrypted is specified using the -.Fa in -and -.Fa inlen -parameters. -If -.Fa out -is -.Dv NULL -then the maximum size of the output buffer is written to the -.Fa outlen -parameter. -If -.Fa out -is not -.Dv NULL -then before the call the -.Fa outlen -parameter should contain the length of the -.Fa out -buffer. -If the call is successful, the decrypted data is written to -.Fa out -and the amount of data written to -.Fa outlen . -.Pp -After the call to -.Fn EVP_PKEY_decrypt_init , -algorithm specific control operations can be performed to set any -appropriate parameters for the operation. -.Pp -The function -.Fn EVP_PKEY_decrypt -can be called more than once on the same context if several operations -are performed using the same parameters. -.Sh RETURN VALUES -.Fn EVP_PKEY_decrypt_init -and -.Fn EVP_PKEY_decrypt -return 1 for success and 0 or a negative value for failure. -In particular, a return value of -2 indicates the operation is not -supported by the public key algorithm. -.Sh EXAMPLES -Decrypt data using OAEP (for RSA keys): -.Bd -literal -offset indent -#include -#include - -EVP_PKEY_CTX *ctx; -unsigned char *out, *in; -size_t outlen, inlen; -EVP_PKEY *key; - -/* - * Assumes that key, in, and inlen are already set up - * and that key is an RSA private key. - */ -ctx = EVP_PKEY_CTX_new(key, NULL); -if (!ctx) - /* Error occurred */ -if (EVP_PKEY_decrypt_init(ctx) <= 0) - /* Error */ -if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING) <= 0) - /* Error */ - -/* Determine buffer length */ -if (EVP_PKEY_decrypt(ctx, NULL, &outlen, in, inlen) <= 0) - /* Error */ - -out = malloc(outlen); - -if (!out) - /* malloc failure */ - -if (EVP_PKEY_decrypt(ctx, out, &outlen, in, inlen) <= 0) - /* Error */ - -/* Decrypted data is outlen bytes written to buffer out */ -.Ed -.Sh SEE ALSO -.Xr EVP_PKEY_CTX_new 3 , -.Xr EVP_PKEY_derive 3 , -.Xr EVP_PKEY_encrypt 3 , -.Xr EVP_PKEY_sign 3 , -.Xr EVP_PKEY_verify 3 , -.Xr EVP_PKEY_verify_recover 3 -.Sh HISTORY -.Fn EVP_PKEY_decrypt_init -and -.Fn EVP_PKEY_decrypt -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/EVP_PKEY_derive.3 b/src/lib/libcrypto/man/EVP_PKEY_derive.3 deleted file mode 100644 index 47f467fea1..0000000000 --- a/src/lib/libcrypto/man/EVP_PKEY_derive.3 +++ /dev/null @@ -1,254 +0,0 @@ -.\" $OpenBSD: EVP_PKEY_derive.3,v 1.12 2024/12/06 14:27:49 schwarze Exp $ -.\" full merge up to: OpenSSL 48e5119a Jan 19 10:49:22 2018 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2006, 2009, 2013, 2018 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 6 2024 $ -.Dt EVP_PKEY_DERIVE 3 -.Os -.Sh NAME -.Nm EVP_PKEY_derive_init , -.Nm EVP_PKEY_derive_set_peer , -.Nm EVP_PKEY_CTX_get0_peerkey , -.Nm EVP_PKEY_derive -.Nd derive public key algorithm shared secret -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_PKEY_derive_init -.Fa "EVP_PKEY_CTX *ctx" -.Fc -.Ft int -.Fo EVP_PKEY_derive_set_peer -.Fa "EVP_PKEY_CTX *ctx" -.Fa "EVP_PKEY *peerkey" -.Fc -.Ft EVP_PKEY * -.Fo EVP_PKEY_CTX_get0_peerkey -.Fa "EVP_PKEY_CTX *ctx" -.Fc -.Ft int -.Fo EVP_PKEY_derive -.Fa "EVP_PKEY_CTX *ctx" -.Fa "unsigned char *key" -.Fa "size_t *keylen" -.Fc -.Sh DESCRIPTION -.Fn EVP_PKEY_derive_init -initializes the public key algorithm context -.Fa ctx -for shared secret derivation using the -.Vt EVP_PKEY -object already stored in -.Fa ctx . -The library provides built-in support for keys with an -.Xr EVP_PKEY_base_id 3 -of -.Dv EVP_PKEY_DH , -.Dv EVP_PKEY_EC , -.Dv EVP_PKEY_HKDF , -and -.Dv EVP_PKEY_X25519 . -.Pp -After the call to -.Fn EVP_PKEY_derive_init , -algorithm specific control operations can optionally be performed -to set any appropriate parameters for the operation. -.Pp -.Fn EVP_PKEY_derive_set_peer -configures the -.Fa ctx , -which already needs to be initialized with -.Fn EVP_PKEY_derive_init , -.Xr EVP_PKEY_encrypt_init 3 , -or -.Xr EVP_PKEY_decrypt_init 3 , -to use the -.Fa peerkey , -which is normally a public key. -In case of success, the reference count of the -.Fa peerkey -is incremented by one. -Consequently, the caller needs to call -.Xr EVP_PKEY_free 3 -on the -.Fa peerkey -when the caller no longer needs it, even if it is still in use by -.Fa ctx . -.Pp -.Fn EVP_PKEY_derive -derives a shared secret using -.Fa ctx . -If -.Fa key -is -.Dv NULL , -then the maximum size of the output buffer is written to the -.Fa keylen -parameter. -If -.Fa key -is not -.Dv NULL -then before the call the -.Fa keylen -parameter should contain the length of the -.Fa key -buffer. -If the call is successful, the shared secret is written to -.Fa key -and the amount of data written to -.Fa keylen . -.Pp -The function -.Fn EVP_PKEY_derive -can be called more than once on the same context if several operations -are performed using the same parameters. -.Sh RETURN VALUES -.Fn EVP_PKEY_derive_init , -.Fn EVP_PKEY_derive_set_peer , -and -.Fn EVP_PKEY_derive -return 1 for success and 0 or a negative value for failure. -In particular, a return value of \-2 indicates the operation is not -supported by the public key algorithm. -.Pp -For -.Fn EVP_PKEY_derive_set_peer , -a return value of \-1 can for example occur if -.Fa ctx -is not properly initialized, does not contain an -.Vt EVP_PKEY -that can be retrieved with -.Xr EVP_PKEY_CTX_get0_pkey 3 , -the -.Xr EVP_PKEY_id 3 -of both keys mismatch, or -.Xr EVP_PKEY_cmp_parameters 3 -reports mismatching key parameters. -.Pp -.Fn EVP_PKEY_derive -fails with a return value of \-1 for example if -.Fa ctx -has not been successfully initialized with -.Fn EVP_PKEY_derive_init . -.Pp -.Fn EVP_PKEY_CTX_get0_peerkey -returns an internal pointer to the -.Fa peerkey -used by -.Fa ctx -without incrementing its reference count. -.Sh EXAMPLES -Derive shared secret (for example DH or EC keys): -.Bd -literal -offset indent -#include -#include - -EVP_PKEY_CTX *ctx; -unsigned char *skey; -size_t skeylen; -EVP_PKEY *pkey, *peerkey; - -/* Assumes that pkey and peerkey have already been set up. */ -ctx = EVP_PKEY_CTX_new(pkey, NULL); -if (!ctx) - /* Error occurred */ -if (EVP_PKEY_derive_init(ctx) <= 0) - /* Error */ -if (EVP_PKEY_derive_set_peer(ctx, peerkey) <= 0) - /* Error */ - -/* Determine buffer length */ -if (EVP_PKEY_derive(ctx, NULL, &skeylen) <= 0) - /* Error */ - -skey = malloc(skeylen); - -if (!skey) - /* malloc failure */ - -if (EVP_PKEY_derive(ctx, skey, &skeylen) <= 0) - /* Error */ - -/* Shared secret is skey bytes written to buffer skey */ -.Ed -.Sh SEE ALSO -.Xr EVP_PKEY_CTX_new 3 , -.Xr EVP_PKEY_decrypt 3 , -.Xr EVP_PKEY_encrypt 3 , -.Xr EVP_PKEY_sign 3 , -.Xr EVP_PKEY_verify 3 , -.Xr EVP_PKEY_verify_recover 3 , -.Xr X25519 3 -.Sh HISTORY -.Fn EVP_PKEY_derive_init , -.Fn EVP_PKEY_derive_set_peer , -.Fn EVP_PKEY_CTX_get0_peerkey , -and -.Fn EVP_PKEY_derive -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/EVP_PKEY_encrypt.3 b/src/lib/libcrypto/man/EVP_PKEY_encrypt.3 deleted file mode 100644 index c2e70cb31f..0000000000 --- a/src/lib/libcrypto/man/EVP_PKEY_encrypt.3 +++ /dev/null @@ -1,183 +0,0 @@ -.\" $OpenBSD: EVP_PKEY_encrypt.3,v 1.10 2024/12/06 14:27:49 schwarze Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2006, 2009, 2013, 2014, 2016 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 6 2024 $ -.Dt EVP_PKEY_ENCRYPT 3 -.Os -.Sh NAME -.Nm EVP_PKEY_encrypt_init , -.Nm EVP_PKEY_encrypt -.Nd encrypt using a public key algorithm -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_PKEY_encrypt_init -.Fa "EVP_PKEY_CTX *ctx" -.Fc -.Ft int -.Fo EVP_PKEY_encrypt -.Fa "EVP_PKEY_CTX *ctx" -.Fa "unsigned char *out" -.Fa "size_t *outlen" -.Fa "const unsigned char *in" -.Fa "size_t inlen" -.Fc -.Sh DESCRIPTION -The -.Fn EVP_PKEY_encrypt_init -function initializes a public key algorithm context using key -.Fa ctx->pkey -for an encryption operation. -.Pp -The -.Fn EVP_PKEY_encrypt -function performs a public key encryption operation using -.Fa ctx . -The data to be encrypted is specified using the -.Fa in -and -.Fa inlen -parameters. -If -.Fa out -is -.Dv NULL , -then the maximum size of the output buffer is written to the -.Fa outlen -parameter. -If -.Fa out -is not -.Dv NULL , -then before the call the -.Fa outlen -parameter should contain the length of the -.Fa out -buffer. -If the call is successful, the encrypted data is written to -.Fa out -and the amount of data written to -.Fa outlen . -.Pp -After the call to -.Fn EVP_PKEY_encrypt_init , -algorithm specific control operations can be performed to set any -appropriate parameters for the operation. -.Pp -The function -.Fn EVP_PKEY_encrypt -can be called more than once on the same context if several operations -are performed using the same parameters. -.Sh RETURN VALUES -.Fn EVP_PKEY_encrypt_init -and -.Fn EVP_PKEY_encrypt -return 1 for success and 0 or a negative value for failure. -In particular, a return value of -2 indicates the operation is not -supported by the public key algorithm. -.Sh EXAMPLES -Encrypt data using OAEP (for RSA keys). -See also -.Xr PEM_read_PUBKEY 3 -and -.Xr d2i_X509 3 -for means to load a public key. -You may also simply set -.Dq eng -to -.Dv NULL -to start with the default OpenSSL RSA implementation: -.Bd -literal -offset indent -#include -#include - -EVP_PKEY_CTX *ctx; -unsigned char *out, *in; -size_t outlen, inlen; -EVP_PKEY *key; -/* NB: assumes that key, in, inlen are already set up - * and that key is an RSA public key - */ -ctx = EVP_PKEY_CTX_new(key, NULL); -if (!ctx) - /* Error occurred */ -if (EVP_PKEY_encrypt_init(ctx) <= 0) - /* Error */ -if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING) <= 0) - /* Error */ - -/* Determine buffer length */ -if (EVP_PKEY_encrypt(ctx, NULL, &outlen, in, inlen) <= 0) - /* Error */ - -out = malloc(outlen); - -if (!out) - /* malloc failure */ - -if (EVP_PKEY_encrypt(ctx, out, &outlen, in, inlen) <= 0) - /* Error */ - -/* Encrypted data is outlen bytes written to buffer out */ -.Ed -.Sh SEE ALSO -.Xr EVP_PKEY_CTX_new 3 , -.Xr EVP_PKEY_decrypt 3 , -.Xr EVP_PKEY_derive 3 , -.Xr EVP_PKEY_sign 3 , -.Xr EVP_PKEY_verify 3 , -.Xr EVP_PKEY_verify_recover 3 -.Sh HISTORY -.Fn EVP_PKEY_encrypt_init -and -.Fn EVP_PKEY_encrypt -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/EVP_PKEY_get_default_digest_nid.3 b/src/lib/libcrypto/man/EVP_PKEY_get_default_digest_nid.3 deleted file mode 100644 index e9ff7c4609..0000000000 --- a/src/lib/libcrypto/man/EVP_PKEY_get_default_digest_nid.3 +++ /dev/null @@ -1,128 +0,0 @@ -.\" $OpenBSD: EVP_PKEY_get_default_digest_nid.3,v 1.10 2024/12/06 12:51:13 schwarze Exp $ -.\" full merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2006, 2009, 2013, 2018 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 6 2024 $ -.Dt EVP_PKEY_GET_DEFAULT_DIGEST_NID 3 -.Os -.Sh NAME -.Nm EVP_PKEY_get_default_digest_nid -.Nd get default signature digest -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_PKEY_get_default_digest_nid -.Fa "EVP_PKEY *pkey" -.Fa "int *pnid" -.Fc -.Sh DESCRIPTION -The -.Fn EVP_PKEY_get_default_digest_nid -function sets -.Pf * Fa pnid -to the default message digest NID for the public key signature -operations associated with -.Fa pkey . -.Pp -Some signature algorithms, for example -.Dv EVP_PKEY_ED25519 , -do not use a digest during signing. -In this case, -.Pf * Fa pnid -is set to -.Dv NID_undef . -.Pp -Support for the following public key algorithms is built into the library: -.Pp -.Bl -column -compact EVP_PKEY_base_id(3) NID_sha256 mandatory -.It Xr EVP_PKEY_base_id 3 Ta Pf * Fa pnid Ta return value -.It Dv EVP_PKEY_DSA Ta Dv NID_sha1 Ta mandatory -.It Dv EVP_PKEY_EC Ta Dv NID_sha1 Ta mandatory -.It Dv EVP_PKEY_ED25519 Ta Dv NID_undef Ta mandatory -.It Dv EVP_PKEY_HMAC Ta Dv NID_sha1 Ta advisory -.It Dv EVP_PKEY_RSA Ta Dv NID_sha256 Ta advisory -.El -.Sh RETURN VALUES -The -.Fn EVP_PKEY_get_default_digest_nid -function returns 1 if the message digest is advisory (that is other -digests can be used) and 2 if it is mandatory (other digests cannot be -used). -It returns 0 or a negative value for failure. -In particular, a return value of -2 indicates the operation is not -supported by the public key algorithm. -.Sh SEE ALSO -.Xr EVP_PKEY_CTX_ctrl 3 , -.Xr EVP_PKEY_CTX_new 3 , -.Xr EVP_PKEY_new 3 , -.Xr EVP_PKEY_sign 3 , -.Xr EVP_PKEY_verify 3 , -.Xr EVP_PKEY_verify_recover 3 -.Sh HISTORY -.Fn EVP_PKEY_get_default_digest_nid -first appeared in OpenSSL 1.0.0 and has been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/EVP_PKEY_keygen.3 b/src/lib/libcrypto/man/EVP_PKEY_keygen.3 deleted file mode 100644 index e75859b486..0000000000 --- a/src/lib/libcrypto/man/EVP_PKEY_keygen.3 +++ /dev/null @@ -1,369 +0,0 @@ -.\" $OpenBSD: EVP_PKEY_keygen.3,v 1.15 2024/12/06 14:27:49 schwarze Exp $ -.\" full merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2023, 2024 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2006, 2009, 2013, 2015, 2016, 2018 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 6 2024 $ -.Dt EVP_PKEY_KEYGEN 3 -.Os -.Sh NAME -.Nm EVP_PKEY_keygen_init , -.Nm EVP_PKEY_keygen , -.Nm EVP_PKEY_paramgen_init , -.Nm EVP_PKEY_paramgen , -.Nm EVP_PKEY_gen_cb , -.Nm EVP_PKEY_CTX_set_cb , -.Nm EVP_PKEY_CTX_get_cb , -.Nm EVP_PKEY_CTX_set0_keygen_info , -.Nm EVP_PKEY_CTX_get_keygen_info , -.Nm EVP_PKEY_CTX_set_app_data , -.Nm EVP_PKEY_CTX_get_app_data , -.Nm EVP_PKEY_CTX_set_data , -.Nm EVP_PKEY_CTX_get_data -.Nd key and parameter generation functions -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_PKEY_keygen_init -.Fa "EVP_PKEY_CTX *ctx" -.Fc -.Ft int -.Fo EVP_PKEY_keygen -.Fa "EVP_PKEY_CTX *ctx" -.Fa "EVP_PKEY **ppkey" -.Fc -.Ft int -.Fo EVP_PKEY_paramgen_init -.Fa "EVP_PKEY_CTX *ctx" -.Fc -.Ft int -.Fo EVP_PKEY_paramgen -.Fa "EVP_PKEY_CTX *ctx" -.Fa "EVP_PKEY **ppkey" -.Fc -.Ft typedef int -.Fo EVP_PKEY_gen_cb -.Fa "EVP_PKEY_CTX *ctx" -.Fc -.Ft void -.Fo EVP_PKEY_CTX_set_cb -.Fa "EVP_PKEY_CTX *ctx" -.Fa "EVP_PKEY_gen_cb *cb" -.Fc -.Ft EVP_PKEY_gen_cb * -.Fo EVP_PKEY_CTX_get_cb -.Fa "EVP_PKEY_CTX *ctx" -.Fc -.Ft void -.Fo EVP_PKEY_CTX_set0_keygen_info -.Fa "EVP_PKEY_CTX *ctx" -.Fa "int *dat" -.Fa "int datlen" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_get_keygen_info -.Fa "EVP_PKEY_CTX *ctx" -.Fa "int idx" -.Fc -.Ft void -.Fo EVP_PKEY_CTX_set_app_data -.Fa "EVP_PKEY_CTX *ctx" -.Fa "void *app_data" -.Fc -.Ft void * -.Fo EVP_PKEY_CTX_get_app_data -.Fa "EVP_PKEY_CTX *ctx" -.Fc -.Ft void -.Fo EVP_PKEY_CTX_set_data -.Fa "EVP_PKEY_CTX *ctx" -.Fa "void *data" -.Fc -.Ft void * -.Fo EVP_PKEY_CTX_get_data -.Fa "EVP_PKEY_CTX *ctx" -.Fc -.Sh DESCRIPTION -The -.Fn EVP_PKEY_keygen_init -function initializes a public key algorithm context using key -.Fa ctx->pkey -for a key generation operation. -.Pp -The -.Fn EVP_PKEY_keygen -function performs a key generation operation. -The generated key is written to -.Fa ppkey . -.Pp -The functions -.Fn EVP_PKEY_paramgen_init -and -.Fn EVP_PKEY_paramgen -are similar except parameters are generated. -.Pp -The functions -.Fn EVP_PKEY_CTX_set_cb -and -.Fn EVP_PKEY_CTX_get_cb -set and retrieve the key or parameter generation callback, respectively. -.Pp -The function -.Fn EVP_PKEY_CTX_set0_keygen_info -sets the parameters associated with the generation operation to the array -.Fa dat -containing -.Ft datlen -integer parameters. -The caller retains ownership of the -.Fa dat -array; it will never be freed by the library. -.Pp -The function -.Fn EVP_PKEY_CTX_get_keygen_info -returns parameters associated with the generation operation. -If -.Fa idx -is -1, the total number of parameters available is returned. -Any non-negative value returns the value of that parameter. -.Fn EVP_PKEY_CTX_get_keygen_info -with a non-negative value for -.Fa idx -should only be called within the generation callback. -.Pp -If the callback returns 0, then the key generation operation is aborted -and an error occurs. -This might occur during a time consuming operation where a user clicks -on a "cancel" button. -.Pp -The functions -.Fn EVP_PKEY_CTX_set_app_data -and -.Fn EVP_PKEY_CTX_get_app_data -set and retrieve an opaque pointer. -This can be used to set some application defined value which can be -retrieved in the callback: for example a handle which is used to update -a "progress dialog". -.Pp -The deprecated functions -.Fn EVP_PKEY_CTX_set_data -and -.Fn EVP_PKEY_CTX_get_data -set and retrieve a -.Em different -opaque pointer that is ignored by the library. -.Pp -After the call to -.Fn EVP_PKEY_keygen_init -or -.Fn EVP_PKEY_paramgen_init , -algorithm specific control operations can be performed to set any -appropriate parameters for the operation. -.Pp -The functions -.Fn EVP_PKEY_keygen -and -.Fn EVP_PKEY_paramgen -can be called more than once on the same context if several operations -are performed using the same parameters. -.Pp -The meaning of the parameters passed to the callback will depend on the -algorithm and the specific implementation of the algorithm. -Some might not give any useful information at all during key or -parameter generation. -Others might not even call the callback. -.Pp -The operation performed by key or parameter generation depends on the -algorithm used. -In some cases (e.g. EC with a supplied named curve) the "generation" -option merely sets the appropriate fields in an -.Vt EVP_PKEY -structure. -.Pp -In OpenSSL, an -.Vt EVP_PKEY -structure containing a private key also contains the public key -components and parameters (if any). -An OpenSSL private key is equivalent to what some libraries call a "key -pair". -A private key can be used in functions which require the use of a public -key or parameters. -.Sh RETURN VALUES -.Fn EVP_PKEY_keygen_init , -.Fn EVP_PKEY_paramgen_init , -.Fn EVP_PKEY_keygen , -and -.Fn EVP_PKEY_paramgen -return 1 for success and 0 or a negative value for failure. -In particular, a return value of -2 indicates the operation is not -supported by the public key algorithm. -.Pp -Callback functions of the type -.Fn EVP_PKEY_gen_cb -are supposed to return 1 on success or 0 on error. -.Pp -.Fn EVP_PKEY_CTX_get_cb -returns a function pointer to the currently installed callback function or -.Dv NULL -if no callback function is installed. -.Pp -.Fn EVP_PKEY_CTX_get_keygen_info -returns the number of available parameters if -.Fa idx -is \-1, one of these parameters if -.Fa idx -is greater than or equal to zero but less than the number -of available parameters, or 0 otherwise. -.Pp -.Fn EVP_PKEY_CTX_get_app_data -and -.Fn EVP_PKEY_CTX_get_data -return the pointer that was last passed to the corresponding set function, or -.Dv NULL -if the corresponding set function was never called on -.Fa ctx . -.Sh EXAMPLES -Generate a 2048-bit RSA key: -.Bd -literal -offset indent -#include -#include - -EVP_PKEY_CTX *ctx; -EVP_PKEY *pkey = NULL; - -ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL); -if (!ctx) - /* Error occurred */ -if (EVP_PKEY_keygen_init(ctx) <= 0) - /* Error */ -if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048) <= 0) - /* Error */ - -/* Generate key */ -if (EVP_PKEY_keygen(ctx, &pkey) <= 0) - /* Error */ -.Ed -.Pp -Generate a key from a set of parameters: -.Bd -literal -offset indent -#include -#include - -EVP_PKEY_CTX *ctx; -EVP_PKEY *pkey = NULL, *param; - -/* Assumes that param is already set up. */ -ctx = EVP_PKEY_CTX_new(param, NULL); -if (!ctx) - /* Error occurred */ -if (EVP_PKEY_keygen_init(ctx) <= 0) - /* Error */ - -/* Generate key */ -if (EVP_PKEY_keygen(ctx, &pkey) <= 0) - /* Error */ -.Ed -.Pp -Example of generation callback for OpenSSL public key implementations: -.Bd -literal -offset indent -/* Application data is a BIO to output status to */ - -EVP_PKEY_CTX_set_app_data(ctx, status_bio); - -static int -genpkey_cb(EVP_PKEY_CTX *ctx) -{ - char c = '*'; - BIO *b = EVP_PKEY_CTX_get_app_data(ctx); - int p; - - p = EVP_PKEY_CTX_get_keygen_info(ctx, 0); - if (p == 0) - c = '.'; - if (p == 1) - c = '+'; - if (p == 2) - c = '*'; - if (p == 3) - c = '\en'; - BIO_write(b, &c, 1); - (void)BIO_flush(b); - return 1; -} -.Ed -.Sh SEE ALSO -.Xr EVP_PKEY_CTX_new 3 , -.Xr EVP_PKEY_decrypt 3 , -.Xr EVP_PKEY_derive 3 , -.Xr EVP_PKEY_encrypt 3 , -.Xr EVP_PKEY_sign 3 , -.Xr EVP_PKEY_verify 3 , -.Xr EVP_PKEY_verify_recover 3 , -.Xr X25519 3 -.Sh HISTORY -These functions first appeared in OpenSSL 1.0.0 -and have been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/EVP_PKEY_new.3 b/src/lib/libcrypto/man/EVP_PKEY_new.3 deleted file mode 100644 index 3b1ef029c3..0000000000 --- a/src/lib/libcrypto/man/EVP_PKEY_new.3 +++ /dev/null @@ -1,347 +0,0 @@ -.\" $OpenBSD: EVP_PKEY_new.3,v 1.26 2024/12/10 15:10:26 schwarze Exp $ -.\" full merge up to: OpenSSL 4dcfdfce May 27 11:50:05 2020 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2022, 2024 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson -.\" and Matt Caswell . -.\" Copyright (c) 2002, 2018, 2020 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 10 2024 $ -.Dt EVP_PKEY_NEW 3 -.Os -.Sh NAME -.Nm EVP_PKEY_new , -.Nm EVP_PKEY_up_ref , -.Nm EVP_PKEY_free , -.Nm EVP_PKEY_new_raw_private_key , -.Nm EVP_PKEY_new_raw_public_key , -.Nm EVP_PKEY_new_mac_key , -.Nm EVP_PKEY_get_raw_private_key , -.Nm EVP_PKEY_get_raw_public_key -.Nd public and private key allocation and raw key handling functions -.Sh SYNOPSIS -.In openssl/evp.h -.Ft EVP_PKEY * -.Fn EVP_PKEY_new void -.Ft int -.Fo EVP_PKEY_up_ref -.Fa "EVP_PKEY *pkey" -.Fc -.Ft void -.Fo EVP_PKEY_free -.Fa "EVP_PKEY *pkey" -.Fc -.Ft EVP_PKEY * -.Fo EVP_PKEY_new_raw_private_key -.Fa "int type" -.Fa "ENGINE *engine" -.Fa "const unsigned char *rawpriv" -.Fa "size_t rawlen" -.Fc -.Ft EVP_PKEY * -.Fo EVP_PKEY_new_raw_public_key -.Fa "int type" -.Fa "ENGINE *engine" -.Fa "const unsigned char *rawpub" -.Fa "size_t rawlen" -.Fc -.Ft EVP_PKEY * -.Fo EVP_PKEY_new_mac_key -.Fa "int type" -.Fa "ENGINE *engine" -.Fa "const unsigned char *rawpriv" -.Fa "int rawlen" -.Fc -.Ft int -.Fo EVP_PKEY_get_raw_private_key -.Fa "const EVP_PKEY *pkey" -.Fa "unsigned char *rawpriv" -.Fa "size_t *rawlen" -.Fc -.Ft int -.Fo EVP_PKEY_get_raw_public_key -.Fa "const EVP_PKEY *pkey" -.Fa "unsigned char *rawpub" -.Fa "size_t *rawlen" -.Fc -.Sh DESCRIPTION -The -.Vt EVP_PKEY -structure is used by various OpenSSL functions which require a general -private or public key without reference to any particular algorithm. -.Pp -The -.Fn EVP_PKEY_new -function allocates an empty -.Vt EVP_PKEY -structure. -The reference count is set to 1. -To add a private or public key to it, use the functions described in -.Xr EVP_PKEY_set1_RSA 3 . -.Pp -.Fn EVP_PKEY_up_ref -increments the reference count of -.Fa pkey -by 1. -.Pp -.Fn EVP_PKEY_free -decrements the reference count of -.Fa pkey -by 1, and if the reference count reaches zero, frees it up. -If -.Fa pkey -is a -.Dv NULL -pointer, no action occurs. -.Pp -.Fn EVP_PKEY_new_raw_private_key -allocates a new -.Vt EVP_PKEY . -The NID of a public key algorithm that supports raw private keys, i.e.\& -.Dv EVP_PKEY_HMAC , -.Dv EVP_PKEY_X25519 , -or -.Dv EVP_PKEY_ED25519 , -is provided in the -.Fa type -argument and -.Fa rawlen -bytes of raw private key data of that type in -.Fa rawpriv . -The public key data is automatically derived from the given private -key data, if appropriate for the algorithm type. -The -.Fa ENGINE *engine -argument is always ignored and passing -.Dv NULL -is recommended. -.Pp -.Fn EVP_PKEY_new_raw_public_key -works in the same way as -.Fn EVP_PKEY_new_raw_private_key -except that -.Fa rawpub -points to the raw public key data. -The -.Vt EVP_PKEY -structure is initialised without any private key information. -Algorithm types that support raw public keys are -.Dv EVP_PKEY_X25519 -and -.Dv EVP_PKEY_ED25519 . -.Pp -.Fn EVP_PKEY_new_mac_key -is a deprecated function that achieves the same effect as -.Fn EVP_PKEY_new_raw_private_key -in a more complicated way and only works with a -.Fa type -of -.Dv EVP_PKEY_HMAC . -.Pp -.Fn EVP_PKEY_get_raw_private_key -writes up to -.Pf * Fa rawlen -bytes of raw private key data to the buffer starting at -.Fa rawpriv -and stores the number of bytes written in -.Pf * Fa rawlen . -The calling application is responsible for ensuring that the buffer -is large enough to receive the private key data. -If the -.Fa rawpriv -argument is -.Dv NULL , -the number of bytes required to hold the key is stored in -.Pf * Fa rawlen . -This function only works for algorithms that support raw private keys. -Currently these are -.Dv EVP_PKEY_HMAC , -.Dv EVP_PKEY_X25519 , -and -.Dv EVP_PKEY_ED25519 . -.Pp -.Fn EVP_PKEY_get_raw_public_key -is similar to -.Fn EVP_PKEY_get_raw_private_key -except that it writes raw public key data. -This function only works for algorithms that support raw public keys. -Currently these are -.Dv EVP_PKEY_X25519 -and -.Dv EVP_PKEY_ED25519 . -.Sh RETURN VALUES -.Fn EVP_PKEY_new , -.Fn EVP_PKEY_new_raw_private_key , -.Fn EVP_PKEY_new_raw_public_key , -and -.Fn EVP_PKEY_new_mac_key -return either the newly allocated -.Vt EVP_PKEY -structure or -.Dv NULL -if an error occurred. -.Pp -.Fn EVP_PKEY_up_ref , -.Fn EVP_PKEY_get_raw_private_key , -and -.Fn EVP_PKEY_get_raw_public_key -return 1 for success or 0 for failure. -.Sh EXAMPLES -The following code digests a message with HMAC-SHA256: -.Bd -literal -offset indent -/* Bogus key: would normally be set from another source */ -const unsigned char *key = "key"; -const size_t key_len = strlen(key); - -const char *msg = "The quick brown fox jumps over the lazy dog"; -const size_t msg_len = strlen(msg); - -unsigned char *out_mac; -size_t out_len, i; - -EVP_PKEY *pkey; -EVP_MD_CTX *md_ctx; - -pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL, - key, key_len); -if (pkey == NULL) - err(1, "EVP_PKEY_new_raw_private_key"); - -md_ctx = EVP_MD_CTX_new(); -if (md_ctx == NULL) - err(1, "EVP_MD_CTX_new"); - -if (EVP_DigestSignInit(md_ctx, NULL, EVP_sha256(), NULL, pkey) == 0) - err(1, "EVP_DigestSignInit"); -if (EVP_DigestSign(md_ctx, NULL, &out_len, msg, msg_len) == 0) - err(1, "EVP_DigestSign(NULL)"); -if ((out_mac = calloc(1, out_len)) == NULL) - err(1, "calloc"); -if (EVP_DigestSign(md_ctx, out_mac, &out_len, msg, msg_len) == 0) - err(1, "EVP_DigestSign(MAC)"); - -EVP_MD_CTX_free(md_ctx); -EVP_PKEY_free(pkey); - -printf(" MAC = "); -for (i = 0; i < out_len; i++) - printf("%02x", out_mac[i]); -printf("\en"); -free(out_mac); -.Ed -.Pp -Even though the type name -.Vt EVP_PKEY -was originally intended to stand for -.Dq private key -and the -.Xr EVP_DigestSignInit 3 -API was designed for digital signatures in the context of public key -cryptography, both are also used here because a MAC also requires a key, -even though that is a symmetric key. -.Pp -The same code can be used for signing with Ed25519 by making the key -.Dv ED25519_PRIVATE_KEY_LENGTH No = 32 -bytes long, replacing -.Dv EVP_PKEY_HMAC -with -.Dv EVP_PKEY_ED25519 , -and replacing the call to -.Xr EVP_sha256 3 -with -.Dv NULL . -.Sh SEE ALSO -.Xr CMAC_Init 3 , -.Xr d2i_PrivateKey 3 , -.Xr evp 3 , -.Xr EVP_PKCS82PKEY 3 , -.Xr EVP_PKEY_cmp 3 , -.Xr EVP_PKEY_CTX_new 3 , -.Xr EVP_PKEY_get_default_digest_nid 3 , -.Xr EVP_PKEY_new_CMAC_key 3 , -.Xr EVP_PKEY_print_private 3 , -.Xr EVP_PKEY_set1_RSA 3 , -.Xr EVP_PKEY_size 3 , -.Xr X509_get_pubkey_parameters 3 -.Sh HISTORY -.Fn EVP_PKEY_new -and -.Fn EVP_PKEY_free -first appeared in SSLeay 0.6.0 and have been available since -.Ox 2.4 . -.Pp -.Fn EVP_PKEY_new_mac_key -first appeared in OpenSSL 1.0.0 and has been available since -.Ox 4.9 . -.Pp -.Fn EVP_PKEY_up_ref -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 6.3 . -.Pp -.Fn EVP_PKEY_new_raw_private_key , -.Fn EVP_PKEY_new_raw_public_key , -.Fn EVP_PKEY_get_raw_private_key , -and -.Fn EVP_PKEY_get_raw_public_key -first appeared in OpenSSL 1.1.1 and have been available since -.Ox 7.3 . diff --git a/src/lib/libcrypto/man/EVP_PKEY_new_CMAC_key.3 b/src/lib/libcrypto/man/EVP_PKEY_new_CMAC_key.3 deleted file mode 100644 index d09af3a012..0000000000 --- a/src/lib/libcrypto/man/EVP_PKEY_new_CMAC_key.3 +++ /dev/null @@ -1,159 +0,0 @@ -.\" $OpenBSD: EVP_PKEY_new_CMAC_key.3,v 1.1 2024/11/12 20:00:36 schwarze Exp $ -.\" -.\" Copyright (c) 2024 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: November 12 2024 $ -.Dt EVP_PKEY_NEW_CMAC_KEY 3 -.Os -.Sh NAME -.Nm EVP_PKEY_new_CMAC_key -.Nd CMAC in the EVP framework -.Sh SYNOPSIS -.In openssl/evp.h -.Ft EVP_PKEY * -.Fo EVP_PKEY_new_CMAC_key -.Fa "ENGINE *engine" -.Fa "const unsigned char *key" -.Fa "size_t key_len" -.Fa "const EVP_CIPHER *cipher" -.Fc -.Sh DESCRIPTION -.Fn EVP_PKEY_new_CMAC_key -allocates a new -.Vt EVP_PKEY -object, sets its type to -.Dv EVP_PKEY_CMAC , -and configures it as a wrapper around the low-level functions documented in -.Xr CMAC_Init 3 -using the block -.Fa cipher -with the symmetric -.Fa key -that is -.Fa key_len -bytes long. -.Pp -Functions to obtain suitable -.Vt EVP_CIPHER -objects are listed in the CIPHER LISTING section of the -.Xr EVP_EncryptInit 3 -manual page. -Always use an object that implements the CBC mode of operation. -As in -.Xr CMAC_Init 3 , -only ciphers with a block size of either 64 or 128 bits -are supported by this implementation. -.Pp -The -.Fa engine -argument is ignored; passing -.Dv NULL -is recommended. -.Sh RETURN VALUES -.Fn EVP_PKEY_new_CMAC_key -returns the newly allocated -.Vt EVP_PKEY -structure or -.Dv NULL -if an error occurred. -.Sh EXAMPLES -The following code digests a message with AES-CMAC -using the key length of 128 bits specified in RFC 4493. -.Bd -literal -offset indent -/* Bogus key: would normally be set from another source. */ -const unsigned char key[] = "symmetric secret"; -const size_t key_len = strlen(key); /* 16 = 128/8 */ - -const char *msg = "Hello World!"; -const size_t msg_len = strlen(msg); - -unsigned char out_mac[16]; -size_t out_len = sizeof(out_mac); -size_t i; - -EVP_PKEY *pkey; -EVP_MD_CTX *md_ctx; - -pkey = EVP_PKEY_new_CMAC_key(NULL, key, key_len, EVP_aes_128_cbc()); -if (pkey == NULL) - err(1, "EVP_PKEY_new_CMAC_key"); -md_ctx = EVP_MD_CTX_new(); -if (md_ctx == NULL) - err(1, "EVP_MD_CTX_new"); - -if (EVP_DigestSignInit(md_ctx, NULL, NULL, NULL, pkey) == 0) - err(1, "EVP_DigestSignInit"); -if (EVP_DigestSign(md_ctx, out_mac, &out_len, msg, msg_len) == 0) - err(1, "EVP_DigestSign"); -EVP_MD_CTX_free(md_ctx); -EVP_PKEY_free(pkey); - -printf(" MAC = "); -for (i = 0; i < out_len; i++) - printf("%02x:", out_mac[i]); -printf("\en"); -.Ed -.Pp -Consider the following details: -.Bl -bullet -width 1n -.It -Even though the type name -.Vt EVP_PKEY -was originally intended to stand for -.Dq private key -and the -.Xr EVP_DigestSignInit 3 -API was designed for digital signatures in the context -of public key cryptography, both are also used here because a MAC -also requires a key, even though that is a symmetric key. -.It -In contrast to digital signing which requires both a digest algorithm -and a private key, the CMAC algorithm only requires a block cipher -and a shared key, both of which are stored in the somewhat abused -.Vt EVP_PKEY -object. -Consequently, the -.Vt "EVP_MD *type" -argument of -.Xr EVP_DigestSignInit 3 -has to be set to -.Dv NULL . -.It -The size of the resulting message digest equals the block size -of the used cipher. -.It -The function -.Xr EVP_DigestSignInit 3 -does not transfer ownership of the -.Fa pkey -object to -.Ft md_ctx -but merely increments the reference count. -Consequently, the caller is responsible for freeing the -.Vt EVP_PKEY -object when it is no longer needed. -.El -.Sh SEE ALSO -.Xr CMAC_Init 3 , -.Xr evp 3 , -.Xr EVP_DigestSignInit 3 , -.Xr EVP_EncryptInit 3 , -.Xr EVP_PKEY_new 3 -.Sh STANDARDS -RFC 4493: The AES-CMAC Algorithm -.Sh HISTORY -.Fn EVP_PKEY_new_CMAC_key -first appeared in OpenSSL 1.1.1 and has been available since -.Ox 6.9 . diff --git a/src/lib/libcrypto/man/EVP_PKEY_print_private.3 b/src/lib/libcrypto/man/EVP_PKEY_print_private.3 deleted file mode 100644 index a4b51a4bbb..0000000000 --- a/src/lib/libcrypto/man/EVP_PKEY_print_private.3 +++ /dev/null @@ -1,129 +0,0 @@ -.\" $OpenBSD: EVP_PKEY_print_private.3,v 1.8 2024/12/06 12:51:13 schwarze Exp $ -.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2006, 2009 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 6 2024 $ -.Dt EVP_PKEY_PRINT_PRIVATE 3 -.Os -.Sh NAME -.Nm EVP_PKEY_print_public , -.Nm EVP_PKEY_print_private , -.Nm EVP_PKEY_print_params -.Nd public key algorithm printing routines -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_PKEY_print_public -.Fa "BIO *out" -.Fa "const EVP_PKEY *pkey" -.Fa "int indent" -.Fa "ASN1_PCTX *pctx" -.Fc -.Ft int -.Fo EVP_PKEY_print_private -.Fa "BIO *out" -.Fa "const EVP_PKEY *pkey" -.Fa "int indent" -.Fa "ASN1_PCTX *pctx" -.Fc -.Ft int -.Fo EVP_PKEY_print_params -.Fa "BIO *out" -.Fa "const EVP_PKEY *pkey" -.Fa "int indent" -.Fa "ASN1_PCTX *pctx" -.Fc -.Sh DESCRIPTION -The functions -.Fn EVP_PKEY_print_public , -.Fn EVP_PKEY_print_private , -and -.Fn EVP_PKEY_print_params -print out the public, private or parameter components of key -.Fa pkey , -respectively. -The key is sent to -.Vt BIO -.Fa out -in human readable form. -The parameter -.Fa indent -indicates how far the printout should be indented. -.Pp -The -.Fa pctx -parameter allows the print output to be finely tuned by using ASN.1 -printing options. -If -.Fa pctx -is set to -.Dv NULL , -then default values will be used. -Currently, no public key algorithms include any options in the -.Fa pctx -parameter. -.Pp -If the key does not include all the components indicated by the function, -then only those contained in the key will be printed. -For example, passing a public key to -.Fn EVP_PKEY_print_private -will only print the public components. -.Sh RETURN VALUES -These functions all return 1 for success and 0 or a negative value for -failure. -In particular, a return value of -2 indicates the operation is not -supported by the public key algorithm. -.Sh SEE ALSO -.Xr EVP_PKEY_CTX_new 3 , -.Xr EVP_PKEY_keygen 3 , -.Xr EVP_PKEY_new 3 -.Sh HISTORY -These functions first appeared in OpenSSL 1.0.0 -and have been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/EVP_PKEY_set1_RSA.3 b/src/lib/libcrypto/man/EVP_PKEY_set1_RSA.3 deleted file mode 100644 index 39404f5286..0000000000 --- a/src/lib/libcrypto/man/EVP_PKEY_set1_RSA.3 +++ /dev/null @@ -1,498 +0,0 @@ -.\" $OpenBSD: EVP_PKEY_set1_RSA.3,v 1.24 2024/12/09 11:25:25 schwarze Exp $ -.\" full merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2019, 2020, 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2002, 2015, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 9 2024 $ -.Dt EVP_PKEY_SET1_RSA 3 -.Os -.Sh NAME -.Nm EVP_PKEY_set1_RSA , -.Nm EVP_PKEY_set1_DSA , -.Nm EVP_PKEY_set1_DH , -.Nm EVP_PKEY_set1_EC_KEY , -.Nm EVP_PKEY_get1_RSA , -.Nm EVP_PKEY_get1_DSA , -.Nm EVP_PKEY_get1_DH , -.Nm EVP_PKEY_get1_EC_KEY , -.Nm EVP_PKEY_get0_RSA , -.Nm EVP_PKEY_get0_DSA , -.Nm EVP_PKEY_get0_DH , -.Nm EVP_PKEY_get0_EC_KEY , -.Nm EVP_PKEY_get0_hmac , -.Nm EVP_PKEY_get0 , -.Nm EVP_PKEY_assign_RSA , -.Nm EVP_PKEY_assign_DSA , -.Nm EVP_PKEY_assign_DH , -.Nm EVP_PKEY_assign_EC_KEY , -.Nm EVP_PKEY_assign , -.Nm EVP_PKEY_base_id , -.Nm EVP_PKEY_id , -.Nm EVP_PKEY_type , -.Nm EVP_PKEY_set_type , -.Nm EVP_PKEY_set_type_str -.\" The function X509_certificate_type(3) is intentionally undocumented -.\" and scheduled for deletion from the library. BoringSSL already -.\" deleted it and OpenSSL deprecates it in version 3.0. -.\" The following constants are also intentionally undocumented -.\" because they are only used by that function: -.\" EVP_PK_DH EVP_PK_DSA EVP_PK_EC EVP_PK_RSA -.\" EVP_PKS_DSA EVP_PKS_EC EVP_PKS_RSA -.\" EVP_PKT_ENC EVP_PKT_EXCH EVP_PKT_EXP EVP_PKT_SIGN -.Nd EVP_PKEY assignment functions -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_PKEY_set1_RSA -.Fa "EVP_PKEY *pkey" -.Fa "RSA *key" -.Fc -.Ft int -.Fo EVP_PKEY_set1_DSA -.Fa "EVP_PKEY *pkey" -.Fa "DSA *key" -.Fc -.Ft int -.Fo EVP_PKEY_set1_DH -.Fa "EVP_PKEY *pkey" -.Fa "DH *key" -.Fc -.Ft int -.Fo EVP_PKEY_set1_EC_KEY -.Fa "EVP_PKEY *pkey" -.Fa "EC_KEY *key" -.Fc -.Ft RSA * -.Fo EVP_PKEY_get1_RSA -.Fa "EVP_PKEY *pkey" -.Fc -.Ft DSA * -.Fo EVP_PKEY_get1_DSA -.Fa "EVP_PKEY *pkey" -.Fc -.Ft DH * -.Fo EVP_PKEY_get1_DH -.Fa "EVP_PKEY *pkey" -.Fc -.Ft EC_KEY * -.Fo EVP_PKEY_get1_EC_KEY -.Fa "EVP_PKEY *pkey" -.Fc -.Ft RSA * -.Fo EVP_PKEY_get0_RSA -.Fa "EVP_PKEY *pkey" -.Fc -.Ft DSA * -.Fo EVP_PKEY_get0_DSA -.Fa "EVP_PKEY *pkey" -.Fc -.Ft DH * -.Fo EVP_PKEY_get0_DH -.Fa "EVP_PKEY *pkey" -.Fc -.Ft EC_KEY * -.Fo EVP_PKEY_get0_EC_KEY -.Fa "EVP_PKEY *pkey" -.Fc -.Ft const unsigned char * -.Fo EVP_PKEY_get0_hmac -.Fa "const EVP_PKEY *pkey" -.Fa "size_t *len" -.Fc -.Ft void * -.Fo EVP_PKEY_get0 -.Fa "const EVP_PKEY *pkey" -.Fc -.Ft int -.Fo EVP_PKEY_assign_RSA -.Fa "EVP_PKEY *pkey" -.Fa "RSA *key" -.Fc -.Ft int -.Fo EVP_PKEY_assign_DSA -.Fa "EVP_PKEY *pkey" -.Fa "DSA *key" -.Fc -.Ft int -.Fo EVP_PKEY_assign_DH -.Fa "EVP_PKEY *pkey" -.Fa "DH *key" -.Fc -.Ft int -.Fo EVP_PKEY_assign_EC_KEY -.Fa "EVP_PKEY *pkey" -.Fa "EC_KEY *key" -.Fc -.Ft int -.Fo EVP_PKEY_assign -.Fa "EVP_PKEY *pkey" -.Fa "int type" -.Fa "void *key" -.Fc -.Ft int -.Fo EVP_PKEY_base_id -.Fa "EVP_PKEY *pkey" -.Fc -.Ft int -.Fo EVP_PKEY_id -.Fa "EVP_PKEY *pkey" -.Fc -.Ft int -.Fo EVP_PKEY_type -.Fa "int type" -.Fc -.Ft int -.Fo EVP_PKEY_set_type -.Fa "EVP_PKEY *pkey" -.Fa "int type" -.Fc -.Ft int -.Fo EVP_PKEY_set_type_str -.Fa "EVP_PKEY *pkey" -.Fa "const char *str" -.Fa "int len" -.Fc -.Sh DESCRIPTION -.Fn EVP_PKEY_set1_RSA , -.Fn EVP_PKEY_set1_DSA , -.Fn EVP_PKEY_set1_DH , -and -.Fn EVP_PKEY_set1_EC_KEY -set the key referenced by -.Fa pkey -to -.Fa key -and increment the reference count of -.Fa key -by 1 in case of success. -.Pp -.Fn EVP_PKEY_get1_RSA , -.Fn EVP_PKEY_get1_DSA , -.Fn EVP_PKEY_get1_DH , -and -.Fn EVP_PKEY_get1_EC_KEY -return the key referenced in -.Fa pkey , -incrementing its reference count by 1, or -.Dv NULL -if the key is not of the correct type. -.Pp -.Fn EVP_PKEY_get0_RSA , -.Fn EVP_PKEY_get0_DSA , -.Fn EVP_PKEY_get0_DH , -.Fn EVP_PKEY_get0_EC_KEY , -and -.Fn EVP_PKEY_get0 -are identical except that they do not increment the reference count. -Consequently, the returned key must not be freed by the caller. -.Pp -.Fn EVP_PKEY_get0_hmac -returns an internal pointer to the key referenced in -.Fa pkey -and sets -.Pf * Fa len -to its length in bytes. -The returned pointer must not be freed by the caller. -If -.Fa pkey -is not of the correct type, -.Dv NULL -is returned and the content of -.Pf * Fa len -becomes unspecified. -.Pp -.Fn EVP_PKEY_assign_RSA , -.Fn EVP_PKEY_assign_DSA , -.Fn EVP_PKEY_assign_DH , -.Fn EVP_PKEY_assign_EC_KEY , -and -.Fn EVP_PKEY_assign -also set the referenced key to -.Fa key ; -however these use the supplied -.Fa key -internally without incrementing its reference count, such that -.Fa key -will be freed when the parent -.Fa pkey -is freed. -If the -.Fa key -is of the wrong type, these functions report success even though -.Fa pkey -ends up in a corrupted state. -Even the functions explicitly containing the type in their name are -.Em not -type safe because they are implemented as macros. -The following types are supported: -.Dv EVP_PKEY_RSA , -.Dv EVP_PKEY_DSA , -.Dv EVP_PKEY_DH , -and -.Dv EVP_PKEY_EC . -.Pp -.Fn EVP_PKEY_base_id -returns the type of -.Fa pkey -according to the following table: -.Pp -.Bl -column -compact -offset 2n EVP_PKEY_RSA_PSS NID_X9_62_id_ecPublicKey -.It Sy return value Ta Ta Sy PEM type string -.It Dv EVP_PKEY_CMAC Ta = Dv NID_cmac Ta CMAC -.It Dv EVP_PKEY_DH Ta = Dv NID_dhKeyAgreement Ta DH -.It Dv EVP_PKEY_DSA Ta = Dv NID_dsa Ta DSA -.It Dv EVP_PKEY_EC Ta = Dv NID_X9_62_id_ecPublicKey Ta EC -.It Dv EVP_PKEY_HMAC Ta = Dv NID_hmac Ta HMAC -.It Dv EVP_PKEY_RSA Ta = Dv NID_rsaEncryption Ta RSA -.It Dv EVP_PKEY_RSA_PSS Ta = Dv NID_rsassaPss Ta RSA-PSS -.El -.Pp -.Fn EVP_PKEY_id -returns the actual OID associated with -.Fa pkey . -Historically keys using the same algorithm could use different OIDs. -The following deprecated aliases are still supported: -.Pp -.Bl -column -compact -offset 2n EVP_PKEY_DSA4 NID_dsaWithSHA1_2 -.It Sy return value Ta Ta Sy alias for -.It Dv EVP_PKEY_DSA1 Ta = Dv NID_dsa_2 Ta DSA -.It Dv EVP_PKEY_DSA2 Ta = Dv NID_dsaWithSHA Ta DSA -.It Dv EVP_PKEY_DSA3 Ta = Dv NID_dsaWithSHA1 Ta DSA -.It Dv EVP_PKEY_DSA4 Ta = Dv NID_dsaWithSHA1_2 Ta DSA -.It Dv EVP_PKEY_RSA2 Ta = Dv NID_rsa Ta RSA -.El -.Pp -Most applications wishing to know a key type will simply call -.Fn EVP_PKEY_base_id -and will not care about the actual type, -which will be identical in almost all cases. -.Pp -.Fn EVP_PKEY_type -returns the underlying type of the NID -.Fa type . -For example, -.Fn EVP_PKEY_type EVP_PKEY_RSA2 -will return -.Dv EVP_PKEY_RSA . -.Pp -.Fn EVP_PKEY_set_type -frees the key referenced in -.Fa pkey , -if any, and sets the key type of -.Fa pkey -to -.Fa type -without referencing a new key from -.Fa pkey -yet. -For -.Fa type , -any of the possible return values of -.Fn EVP_PKEY_base_id -and -.Fn EVP_PKEY_id -can be passed. -.Pp -.Fn EVP_PKEY_set_type_str -frees the key referenced in -.Fa pkey , -if any, and sets the key type of -.Fa pkey -according to the PEM type string given by the first -.Fa len -bytes of -.Fa str . -If -.Fa len -is \-1, the -.Xr strlen 3 -of -.Fa str -is used instead. -The PEM type strings supported by default are listed in the table above. -This function does not reference a new key from -.Fa pkey . -.Pp -If -.Fa pkey -is a -.Dv NULL -pointer, -.Fn EVP_PKEY_set_type -and -.Fn EVP_PKEY_set_type_str -check that a matching key type exists but do not change any object. -.Pp -In accordance with the OpenSSL naming convention, the key obtained from -or assigned to -.Fa pkey -using the -.Sy 1 -functions must be freed as well as -.Fa pkey . -.Sh RETURN VALUES -.Fn EVP_PKEY_set1_RSA , -.Fn EVP_PKEY_set1_DSA , -.Fn EVP_PKEY_set1_DH , -.Fn EVP_PKEY_set1_EC_KEY , -.Fn EVP_PKEY_assign_RSA , -.Fn EVP_PKEY_assign_DSA , -.Fn EVP_PKEY_assign_DH , -.Fn EVP_PKEY_assign_EC_KEY , -.Fn EVP_PKEY_assign , -.Fn EVP_PKEY_set_type , -and -.Fn EVP_PKEY_set_type_str -return 1 for success or 0 for failure. -.Pp -.Fn EVP_PKEY_get1_RSA , -.Fn EVP_PKEY_get1_DSA , -.Fn EVP_PKEY_get1_DH , -.Fn EVP_PKEY_get1_EC_KEY , -.Fn EVP_PKEY_get0_RSA , -.Fn EVP_PKEY_get0_DSA , -.Fn EVP_PKEY_get0_DH , -.Fn EVP_PKEY_get0_EC_KEY , -.Fn EVP_PKEY_get0_hmac , -and -.Fn EVP_PKEY_get0 -return the referenced key or -.Dv NULL -if an error occurred. -For -.Fn EVP_PKEY_get0 , -the return value points to an -.Vt RSA , -.Vt DSA , -.Vt DH , -.Vt EC_KEY , -or -.Vt ASN1_OCTET_STRING -object depending on the type of -.Fa pkey . -.Pp -.Fn EVP_PKEY_base_id , -.Fn EVP_PKEY_id , -and -.Fn EVP_PKEY_type -return a key type or -.Dv NID_undef -(equivalently -.Dv EVP_PKEY_NONE ) -on error. -.Sh SEE ALSO -.Xr DH_new 3 , -.Xr DSA_new 3 , -.Xr EC_KEY_new 3 , -.Xr EVP_PKEY_get0_asn1 3 , -.Xr EVP_PKEY_new 3 , -.Xr RSA_new 3 -.Sh HISTORY -.Fn EVP_PKEY_assign_RSA , -.Fn EVP_PKEY_assign_DSA , -.Fn EVP_PKEY_assign_DH , -.Fn EVP_PKEY_assign , -and -.Fn EVP_PKEY_type -first appeared in SSLeay 0.8.0 and have been available since -.Ox 2.4 . -.Pp -.Fn EVP_PKEY_set1_RSA , -.Fn EVP_PKEY_set1_DSA , -.Fn EVP_PKEY_set1_DH , -.Fn EVP_PKEY_get1_RSA , -.Fn EVP_PKEY_get1_DSA , -and -.Fn EVP_PKEY_get1_DH -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . -.Pp -.Fn EVP_PKEY_set1_EC_KEY , -.Fn EVP_PKEY_get1_EC_KEY , -and -.Fn EVP_PKEY_assign_EC_KEY -first appeared in OpenSSL 0.9.8 and have been available since -.Ox 4.5 . -.Pp -.Fn EVP_PKEY_get0 , -.Fn EVP_PKEY_base_id , -.Fn EVP_PKEY_id , -.Fn EVP_PKEY_set_type , -and -.Fn EVP_PKEY_set_type_str -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . -.Pp -.Fn EVP_PKEY_get0_RSA , -.Fn EVP_PKEY_get0_DSA , -.Fn EVP_PKEY_get0_DH , -and -.Fn EVP_PKEY_get0_EC_KEY -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 6.3 . -.Pp -.Fn EVP_PKEY_get0_hmac -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 6.5 . diff --git a/src/lib/libcrypto/man/EVP_PKEY_sign.3 b/src/lib/libcrypto/man/EVP_PKEY_sign.3 deleted file mode 100644 index d73b0abb7b..0000000000 --- a/src/lib/libcrypto/man/EVP_PKEY_sign.3 +++ /dev/null @@ -1,190 +0,0 @@ -.\" $OpenBSD: EVP_PKEY_sign.3,v 1.9 2024/12/06 14:27:49 schwarze Exp $ -.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2006, 2009, 2013, 2014 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 6 2024 $ -.Dt EVP_PKEY_SIGN 3 -.Os -.Sh NAME -.Nm EVP_PKEY_sign_init , -.Nm EVP_PKEY_sign -.Nd sign using a public key algorithm -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_PKEY_sign_init -.Fa "EVP_PKEY_CTX *ctx" -.Fc -.Ft int -.Fo EVP_PKEY_sign -.Fa "EVP_PKEY_CTX *ctx" -.Fa "unsigned char *sig" -.Fa "size_t *siglen" -.Fa "const unsigned char *tbs" -.Fa "size_t tbslen" -.Fc -.Sh DESCRIPTION -The -.Fn EVP_PKEY_sign_init -function initializes a public key algorithm context using the key -.Fa ctx->pkey -for a signing operation. -.Pp -The -.Fn EVP_PKEY_sign -function performs a public key signing operation using -.Fa ctx . -The data to be signed is specified using the -.Fa tbs -and -.Fa tbslen -parameters. -If -.Fa sig -is -.Dv NULL , -then the maximum size of the output buffer is written to the -.Fa siglen -parameter. -If -.Fa sig -is not -.Dv NULL , -then before the call the -.Fa siglen -parameter should contain the length of the -.Fa sig -buffer. -If the call is successful, the signature is written to -.Fa sig -and the amount of data written to -.Fa siglen . -.Pp -.Fn EVP_PKEY_sign -does not hash the data to be signed, and therefore is normally used -to sign digests. -For signing arbitrary messages, see the -.Xr EVP_DigestSignInit 3 -and -.Xr EVP_SignInit 3 -signing interfaces instead. -.Pp -After the call to -.Fn EVP_PKEY_sign_init , -algorithm specific control operations can be performed to set any -appropriate parameters for the operation; see -.Xr EVP_PKEY_CTX_ctrl 3 . -.Pp -The function -.Fn EVP_PKEY_sign -can be called more than once on the same context if several operations -are performed using the same parameters. -.Sh RETURN VALUES -.Fn EVP_PKEY_sign_init -and -.Fn EVP_PKEY_sign -return 1 for success and 0 or a negative value for failure. -In particular, a return value of -2 indicates the operation is not -supported by the public key algorithm. -.Sh EXAMPLES -Sign data using RSA with PKCS#1 padding and SHA256 digest: -.Bd -literal -offset indent -#include -#include - -EVP_PKEY_CTX *ctx; -/* md is a SHA-256 digest in this example. */ -unsigned char *md, *sig; -size_t mdlen = 32, siglen; -EVP_PKEY *signing_key; - -/* - * NB: assumes signing_key and md are set up before the next - * step. signing_key must be an RSA private key and md must - * point to the SHA-256 digest to be signed. - */ -ctx = EVP_PKEY_CTX_new(signing_key, NULL /* no engine */); -if (!ctx) - /* Error occurred */ -if (EVP_PKEY_sign_init(ctx) <= 0) - /* Error */ -if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0) - /* Error */ -if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0) - /* Error */ - -/* Determine buffer length */ -if (EVP_PKEY_sign(ctx, NULL, &siglen, md, mdlen) <= 0) - /* Error */ - -sig = malloc(siglen); - -if (!sig) - /* malloc failure */ - -if (EVP_PKEY_sign(ctx, sig, &siglen, md, mdlen) <= 0) - /* Error */ - -/* Signature is siglen bytes written to buffer sig */ -.Ed -.Sh SEE ALSO -.Xr EVP_PKEY_CTX_ctrl 3 , -.Xr EVP_PKEY_CTX_new 3 , -.Xr EVP_PKEY_decrypt 3 , -.Xr EVP_PKEY_derive 3 , -.Xr EVP_PKEY_encrypt 3 , -.Xr EVP_PKEY_verify 3 , -.Xr EVP_PKEY_verify_recover 3 -.Sh HISTORY -.Fn EVP_PKEY_sign_init -and -.Fn EVP_PKEY_sign -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/EVP_PKEY_size.3 b/src/lib/libcrypto/man/EVP_PKEY_size.3 deleted file mode 100644 index cd25eec9c2..0000000000 --- a/src/lib/libcrypto/man/EVP_PKEY_size.3 +++ /dev/null @@ -1,224 +0,0 @@ -.\" $OpenBSD: EVP_PKEY_size.3,v 1.4 2024/12/06 12:51:13 schwarze Exp $ -.\" full merge up to: OpenSSL eed9d03b Jan 8 11:04:15 2020 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2022, 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Richard Levitte . -.\" Copyright (c) 2020 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 6 2024 $ -.Dt EVP_PKEY_SIZE 3 -.Os -.Sh NAME -.Nm EVP_PKEY_size , -.Nm EVP_PKEY_bits , -.Nm EVP_PKEY_security_bits -.Nd EVP_PKEY information functions -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_PKEY_size -.Fa "const EVP_PKEY *pkey" -.Fc -.Ft int -.Fo EVP_PKEY_bits -.Fa "const EVP_PKEY *pkey" -.Fc -.Ft int -.Fo EVP_PKEY_security_bits -.Fa "const EVP_PKEY *pkey" -.Fc -.Sh DESCRIPTION -.Fn EVP_PKEY_size -returns the maximum size in bytes needed for the output buffer -for almost any operation that can be done with -.Fa pkey . -The primary use is with -.Xr EVP_SignFinal 3 -and -.Xr EVP_SealInit 3 . -The returned size is also large enough for the output buffer of -.Xr EVP_PKEY_sign 3 , -.Xr EVP_PKEY_encrypt 3 , -.Xr EVP_PKEY_decrypt 3 , -and -.Xr EVP_PKEY_derive 3 . -.Pp -Unless the documentation for the operation says otherwise, -the size returned by -.Fn EVP_PKEY_size -is only an upper limit and the final content of the target -buffer may be smaller. -It is therefore crucial to take note of the size given back by the -function that performs the operation. -For example, -.Xr EVP_PKEY_sign 3 -returns that length in the -.Pf * Fa siglen -argument. -.Pp -Using -.Fn EVP_PKEY_size -is discouraged with -.Xr EVP_DigestSignFinal 3 . -.Pp -Most functions using an output buffer support passing -.Dv NULL -for the buffer and a pointer to an integer -to get the exact size that this function call delivers -in the context that it is called in. -This allows those functions to be called twice, once to find out the -exact buffer size, then allocate the buffer in between, and call that -function again to actually output the data. -For those functions, it isn't strictly necessary to call -.Fn EVP_PKEY_size -to find out the buffer size, but it may still be useful in cases -where it's desirable to know the upper limit in advance. -.Pp -.Fn EVP_PKEY_size -is supported for the following algorithms: -.Bl -column ED25519 "EVP_MAX_BLOCK_LENGTH = 32" -.It Ta same result as from: -.It CMAC Ta Dv EVP_MAX_BLOCK_LENGTH No = 32 -.It DH Ta Xr DH_size 3 -.It DSA Ta Xr DSA_size 3 -.It EC Ta Xr ECDSA_size 3 -.It ED25519 Ta 64, but see below -.It HMAC Ta Dv EVP_MAX_MD_SIZE No = 64 -.It RSA Ta Xr RSA_size 3 -.It X25519 Ta Dv X25519_KEYLEN No = 32 -.El -.Pp -For -.Dv EVP_PKEY_ED25519 , -the situation is special: while the key size is -.Dv ED25519_KEYLEN No = 32 bytes , -.Fn EVP_PKEY_size -returns 64 because the signature is longer than the keys. -.Pp -.Fn EVP_PKEY_bits -returns the cryptographic length of the cryptosystem to which the key in -.Fa pkey -belongs, in bits. -The definition of cryptographic length is specific to the key cryptosystem. -The following algorithms are supported: -.Bl -column ED25519 "the public domain parameter p" DSA_bits(3) -.It Ta cryptographic length = Ta same result as from: -.It Ta significant bits in ... Ta -.It DH Ta the public domain parameter Fa p Ta Xr DH_bits 3 -.It DSA Ta the public domain parameter Fa p Ta Xr DSA_bits 3 -.It EC Ta the order of the group Ta Xr EC_GROUP_order_bits 3 -.It ED25519 Ta 253 Ta \(em -.It RSA Ta the public modulus Ta Xr RSA_bits 3 -.It X25519 Ta 253 Ta \(em -.El -.Pp -.Fn EVP_PKEY_security_bits -returns the security strength measured in bits of the given -.Fa pkey -as defined in NIST SP800-57. -The following algorithms are supported: -.Bl -column ED25519 DSA_security_bits(3) -.It Ta same result as from: -.It DH Ta Xr DH_security_bits 3 -.It DSA Ta Xr DSA_security_bits 3 -.It EC Ta Xr EC_GROUP_order_bits 3 divided by 2 -.It ED25519 Ta 128 -.It RSA Ta Xr RSA_security_bits 3 -.It X25519 Ta 128 -.El -.Pp -For EC keys, if the result is greater than 80, it is rounded down -to 256, 192, 128, 112, or 80. -.Sh RETURN VALUES -.Fn EVP_PKEY_size -and -.Fn EVP_PKEY_bits -return a positive number or 0 if this size isn't available. -.Pp -.Fn EVP_PKEY_security_bits -returns a number in the range from 0 to 256 inclusive -or \-2 if this function is unsupported for the algorithm used by -.Fa pkey . -It returns 0 if -.Fa pkey -is -.Dv NULL . -.Sh SEE ALSO -.Xr EVP_PKEY_decrypt 3 , -.Xr EVP_PKEY_derive 3 , -.Xr EVP_PKEY_encrypt 3 , -.Xr EVP_PKEY_new 3 , -.Xr EVP_PKEY_sign 3 , -.Xr EVP_SealInit 3 , -.Xr EVP_SignFinal 3 -.Sh HISTORY -.Fn EVP_PKEY_size -first appeared in SSLeay 0.6.0 and -.Fn EVP_PKEY_bits -in SSLeay 0.9.0. -Both functions have been available since -.Ox 2.4 . -.Pp -.Fn EVP_PKEY_security_bits -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 7.2 . diff --git a/src/lib/libcrypto/man/EVP_PKEY_verify.3 b/src/lib/libcrypto/man/EVP_PKEY_verify.3 deleted file mode 100644 index d096a3a7be..0000000000 --- a/src/lib/libcrypto/man/EVP_PKEY_verify.3 +++ /dev/null @@ -1,167 +0,0 @@ -.\" $OpenBSD: EVP_PKEY_verify.3,v 1.8 2024/12/06 14:27:49 schwarze Exp $ -.\" full merge up to: OpenSSL 48e5119a Jan 19 10:49:22 2018 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2006, 2009, 2010, 2013, 2018 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 6 2024 $ -.Dt EVP_PKEY_VERIFY 3 -.Os -.Sh NAME -.Nm EVP_PKEY_verify_init , -.Nm EVP_PKEY_verify -.Nd signature verification using a public key algorithm -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_PKEY_verify_init -.Fa "EVP_PKEY_CTX *ctx" -.Fc -.Ft int -.Fo EVP_PKEY_verify -.Fa "EVP_PKEY_CTX *ctx" -.Fa "const unsigned char *sig" -.Fa "size_t siglen" -.Fa "const unsigned char *tbs" -.Fa "size_t tbslen" -.Fc -.Sh DESCRIPTION -The -.Fn EVP_PKEY_verify_init -function initializes a public key algorithm context using key -.Fa ctx->pkey -for a signature verification operation. -.Pp -The -.Fn EVP_PKEY_verify -function performs a public key verification operation using -.Fa ctx . -The signature is specified using the -.Fa sig -and -.Fa siglen -parameters. -The verified data (i.e. the data believed originally signed) is -specified using the -.Fa tbs -and -.Fa tbslen -parameters. -.Pp -After the call to -.Fn EVP_PKEY_verify_init , -algorithm specific control operations can be performed to set any -appropriate parameters for the operation. -.Pp -The function -.Fn EVP_PKEY_verify -can be called more than once on the same context if several operations -are performed using the same parameters. -.Sh RETURN VALUES -.Fn EVP_PKEY_verify_init -and -.Fn EVP_PKEY_verify -return 1 if the verification was successful and 0 if it failed. -Unlike other functions the return value 0 from -.Fn EVP_PKEY_verify -only indicates that the signature did not verify successfully. -That is, -.Fa tbs -did not match the original data or the signature was of invalid form. -It is not an indication of a more serious error. -.Pp -A negative value indicates an error other that signature verification -failure. -In particular, a return value of -2 indicates the operation is not -supported by the public key algorithm. -.Sh EXAMPLES -Verify signature using PKCS#1 and SHA256 digest: -.Bd -literal -offset 3n -#include -#include - -EVP_PKEY_CTX *ctx; -unsigned char *md, *sig; -size_t mdlen, siglen; -EVP_PKEY *verify_key; - -/* - * Assumes that verify_key, sig, siglen, md, and mdlen are already set up - * and that verify_key is an RSA public key. - */ -ctx = EVP_PKEY_CTX_new(verify_key, NULL); -if (!ctx) - /* Error occurred */ -if (EVP_PKEY_verify_init(ctx) <= 0) - /* Error */ -if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0) - /* Error */ -if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0) - /* Error */ - -/* Perform operation */ -ret = EVP_PKEY_verify(ctx, sig, siglen, md, mdlen); - -/* - * ret == 1 indicates success, 0 verify failure, - * and < 0 some other error. - */ -.Ed -.Sh SEE ALSO -.Xr EVP_PKEY_CTX_new 3 , -.Xr EVP_PKEY_decrypt 3 , -.Xr EVP_PKEY_derive 3 , -.Xr EVP_PKEY_encrypt 3 , -.Xr EVP_PKEY_sign 3 , -.Xr EVP_PKEY_verify_recover 3 -.Sh HISTORY -.Fn EVP_PKEY_verify_init -and -.Fn EVP_PKEY_verify -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/EVP_PKEY_verify_recover.3 b/src/lib/libcrypto/man/EVP_PKEY_verify_recover.3 deleted file mode 100644 index 30c034cdb5..0000000000 --- a/src/lib/libcrypto/man/EVP_PKEY_verify_recover.3 +++ /dev/null @@ -1,188 +0,0 @@ -.\" $OpenBSD: EVP_PKEY_verify_recover.3,v 1.10 2024/12/06 14:27:49 schwarze Exp $ -.\" full merge up to: OpenSSL 48e5119a Jan 19 10:49:22 2018 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2006, 2009, 2010, 2013, 2018 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 6 2024 $ -.Dt EVP_PKEY_VERIFY_RECOVER 3 -.Os -.Sh NAME -.Nm EVP_PKEY_verify_recover_init , -.Nm EVP_PKEY_verify_recover -.Nd recover signature using a public key algorithm -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_PKEY_verify_recover_init -.Fa "EVP_PKEY_CTX *ctx" -.Fc -.Ft int -.Fo EVP_PKEY_verify_recover -.Fa "EVP_PKEY_CTX *ctx" -.Fa "unsigned char *rout" -.Fa "size_t *routlen" -.Fa "const unsigned char *sig" -.Fa "size_t siglen" -.Fc -.Sh DESCRIPTION -The -.Fn EVP_PKEY_verify_recover_init -function initializes a public key algorithm context using key -.Fa ctx->pkey -for a verify recover operation. -.Pp -The -.Fn EVP_PKEY_verify_recover -function recovers signed data using -.Fa ctx . -The signature is specified using the -.Fa sig -and -.Fa siglen -parameters. -If -.Fa rout -is -.Dv NULL , -then the maximum size of the output buffer is written to the -.Fa routlen -parameter. -If -.Fa rout -is not -.Dv NULL , -then before the call the -.Fa routlen -parameter should contain the length of the -.Fa rout -buffer. -If the call is successful, recovered data is written to -.Fa rout -and the amount of data written to -.Fa routlen . -.Pp -Normally an application is only interested in whether a signature -verification operation is successful. -In those cases, the -.Xr EVP_PKEY_verify 3 -function should be used. -.Pp -Sometimes however it is useful to obtain the data originally signed -using a signing operation. -Only certain public key algorithms can recover a signature in this way -(for example RSA in PKCS padding mode). -.Pp -After the call to -.Fn EVP_PKEY_verify_recover_init , -algorithm specific control operations can be performed to set any -appropriate parameters for the operation. -.Pp -The function -.Fn EVP_PKEY_verify_recover -can be called more than once on the same context if several operations -are performed using the same parameters. -.Sh RETURN VALUES -.Fn EVP_PKEY_verify_recover_init -and -.Fn EVP_PKEY_verify_recover -return 1 for success and 0 or a negative value for failure. -In particular, a return value of -2 indicates the operation is not -supported by the public key algorithm. -.Sh EXAMPLES -Recover digest originally signed using PKCS#1 and SHA256 digest: -.Bd -literal -offset indent -#include -#include - -EVP_PKEY_CTX *ctx; -unsigned char *rout, *sig; -size_t routlen, siglen; -EVP_PKEY *verify_key; - -/* - * Assumes that verify_key, sig, and siglen are already set up - * and that verify_key is an RSA public key. - */ -ctx = EVP_PKEY_CTX_new(verify_key, NULL); -if (!ctx) - /* Error occurred */ -if (EVP_PKEY_verify_recover_init(ctx) <= 0) - /* Error */ -if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0) - /* Error */ -if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0) - /* Error */ - -/* Determine buffer length */ -if (EVP_PKEY_verify_recover(ctx, NULL, &routlen, sig, siglen) <= 0) - /* Error */ - -rout = malloc(routlen); - -if (!rout) - /* malloc failure */ - -if (EVP_PKEY_verify_recover(ctx, rout, &routlen, sig, siglen) <= 0) - /* Error */ - -/* Recovered data is routlen bytes written to buffer rout */ -.Ed -.Sh SEE ALSO -.Xr EVP_PKEY_CTX_new 3 , -.Xr EVP_PKEY_decrypt 3 , -.Xr EVP_PKEY_derive 3 , -.Xr EVP_PKEY_encrypt 3 , -.Xr EVP_PKEY_sign 3 , -.Xr EVP_PKEY_verify 3 -.Sh HISTORY -.Fn EVP_PKEY_verify_recover_init -and -.Fn EVP_PKEY_verify_recover -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/EVP_SealInit.3 b/src/lib/libcrypto/man/EVP_SealInit.3 deleted file mode 100644 index da53535274..0000000000 --- a/src/lib/libcrypto/man/EVP_SealInit.3 +++ /dev/null @@ -1,191 +0,0 @@ -.\" $OpenBSD: EVP_SealInit.3,v 1.9 2023/11/16 20:27:43 schwarze Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000, 2002, 2003, 2005, 2015 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 16 2023 $ -.Dt EVP_SEALINIT 3 -.Os -.Sh NAME -.Nm EVP_SealInit , -.Nm EVP_SealUpdate , -.Nm EVP_SealFinal -.Nd EVP envelope encryption -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_SealInit -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "const EVP_CIPHER *type" -.Fa "unsigned char **ek" -.Fa "int *ekl" -.Fa "unsigned char *iv" -.Fa "EVP_PKEY **pubk" -.Fa "int npubk" -.Fc -.Ft int -.Fo EVP_SealUpdate -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "unsigned char *out" -.Fa "int *outl" -.Fa "unsigned char *in" -.Fa "int inl" -.Fc -.Ft int -.Fo EVP_SealFinal -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "unsigned char *out" -.Fa "int *outl" -.Fc -.Sh DESCRIPTION -The EVP envelope routines are a high level interface to envelope -encryption. -They generate a random key and IV (if required) then "envelope" it by -using public key encryption. -Data can then be encrypted using this key. -.Pp -.Fn EVP_SealInit -initializes a cipher context -.Fa ctx -for encryption with cipher -.Fa type -using a random secret key and IV. -.Fa type -is normally supplied by a function such as -.Xr EVP_aes_256_cbc 3 ; -see -.Xr EVP_EncryptInit 3 -for details. -The secret key is encrypted using one or more public keys. -This allows the same encrypted data to be decrypted using any of -the corresponding private keys. -.Fa ek -is an array of buffers where the public key encrypted secret key will be -written. -Each buffer must contain enough room for the corresponding encrypted -key: that is -.Fa ek[i] -must have room for -.Fn EVP_PKEY_size pubk[i] -bytes. -The actual size of each encrypted secret key is written to the array -.Fa ekl . -.Fa pubk -is an array of -.Fa npubk -public keys. -.Pp -The -.Fa iv -parameter is a buffer where the generated IV is written to. -It must contain enough room for the corresponding cipher's IV, as -determined by (for example) -.Fn EVP_CIPHER_iv_length type . -.Pp -If the cipher does not require an IV then the -.Fa iv -parameter is ignored and can be -.Dv NULL . -.Pp -.Fn EVP_SealUpdate -and -.Fn EVP_SealFinal -have exactly the same properties as the -.Xr EVP_EncryptUpdate 3 -and -.Xr EVP_EncryptFinal 3 -routines. -.Pp -The public key must be RSA because it is the only OpenSSL public key -algorithm that supports key transport. -.Pp -Envelope encryption is the usual method of using public key encryption -on large amounts of data. -This is because public key encryption is slow but symmetric encryption -is fast. -So symmetric encryption is used for bulk encryption and the small random -symmetric key used is transferred using public key encryption. -.Pp -It is possible to call -.Fn EVP_SealInit -twice in the same way as -.Xr EVP_EncryptInit 3 . -The first call should have -.Fa npubk -set to 0 and (after setting any cipher parameters) it should be called -again with -.Fa type -set to NULL. -.Pp -.Fn EVP_SealUpdate -is implemented as a macro. -.Sh RETURN VALUES -.Fn EVP_SealInit -returns 0 on error or -.Fa npubk -if successful. -.Pp -.Fn EVP_SealUpdate -and -.Fn EVP_SealFinal -return 1 for success and 0 for failure. -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_EncryptInit 3 , -.Xr EVP_OpenInit 3 -.Sh HISTORY -.Fn EVP_SealInit , -.Fn EVP_SealUpdate , -and -.Fn EVP_SealFinal -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . -.Pp -.Fn EVP_SealFinal -did not return a value before OpenSSL 0.9.7. diff --git a/src/lib/libcrypto/man/EVP_SignInit.3 b/src/lib/libcrypto/man/EVP_SignInit.3 deleted file mode 100644 index 8158b21dbf..0000000000 --- a/src/lib/libcrypto/man/EVP_SignInit.3 +++ /dev/null @@ -1,211 +0,0 @@ -.\" $OpenBSD: EVP_SignInit.3,v 1.21 2024/12/06 12:51:13 schwarze Exp $ -.\" full merge up to: OpenSSL 6328d367 Jul 4 21:58:30 2020 +0200 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000-2002, 2005, 2006, 2014-2016 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 6 2024 $ -.Dt EVP_SIGNINIT 3 -.Os -.Sh NAME -.Nm EVP_SignInit_ex , -.Nm EVP_SignUpdate , -.Nm EVP_SignFinal , -.Nm EVP_SignInit -.Nd EVP signing functions -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_SignInit_ex -.Fa "EVP_MD_CTX *ctx" -.Fa "const EVP_MD *type" -.Fa "ENGINE *engine" -.Fc -.Ft int -.Fo EVP_SignUpdate -.Fa "EVP_MD_CTX *ctx" -.Fa "const void *d" -.Fa "unsigned int cnt" -.Fc -.Ft int -.Fo EVP_SignFinal -.Fa "EVP_MD_CTX *ctx" -.Fa "unsigned char *sig" -.Fa "unsigned int *s" -.Fa "EVP_PKEY *pkey" -.Fc -.Ft void -.Fo EVP_SignInit -.Fa "EVP_MD_CTX *ctx" -.Fa "const EVP_MD *type" -.Fc -.Sh DESCRIPTION -The EVP signature routines are a high-level interface to digital -signatures. -.Pp -.Fn EVP_SignInit_ex -sets up the signing context -.Fa ctx -to use the digest -.Fa type . -Before calling this function, obtain -.Fa ctx -from -.Xr EVP_MD_CTX_new 3 -or call -.Xr EVP_MD_CTX_reset 3 -on it. -The -.Fa engine -argument is always ignored and passing -.Dv NULL -is recommended. -.Pp -.Fn EVP_SignUpdate -hashes -.Fa cnt -bytes of data at -.Fa d -into the signature context -.Fa ctx . -This function can be called several times on the same -.Fa ctx -to include additional data. -.Pp -.Fn EVP_SignFinal -signs the data in -.Fa ctx -using the private key -.Fa pkey -and places the signature in -.Fa sig . -.Fa sig -must be at least -.Xr EVP_PKEY_size 3 -bytes in size. -.Fa s -is an OUT parameter, and not used as an IN parameter. -The number of bytes of data written (i.e.\& -the length of the signature) will be written to the integer at -.Fa s . -At most -.Xr EVP_PKEY_size 3 -bytes will be written. -.Pp -.Fn EVP_SignInit -initializes a signing context -.Fa ctx -to use the default implementation of digest -.Fa type . -.Pp -The EVP interface to digital signatures should almost always be -used in preference to the low-level interfaces. -This is because the code then becomes transparent to the algorithm used -and much more flexible. -.Pp -The call to -.Fn EVP_SignFinal -internally finalizes a copy of the digest context. -This means that calls to -.Fn EVP_SignUpdate -and -.Fn EVP_SignFinal -can be called later to digest and sign additional data. -.Pp -Since only a copy of the digest context is ever finalized, the context -must be cleaned up after use by calling -.Xr EVP_MD_CTX_free 3 -or a memory leak will occur. -.Pp -.Fn EVP_SignInit_ex , -.Fn EVP_SignUpdate , -and -.Fn EVP_SignInit -are implemented as macros. -.Sh RETURN VALUES -.Fn EVP_SignInit_ex , -.Fn EVP_SignUpdate , -and -.Fn EVP_SignFinal -return 1 for success and 0 for failure. -.Pp -The error codes can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_DigestInit 3 , -.Xr EVP_PKEY_size 3 , -.Xr EVP_VerifyInit 3 -.Sh HISTORY -.Fn EVP_SignInit , -.Fn EVP_SignUpdate , -and -.Fn EVP_SignFinal -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . -.Pp -.Fn EVP_SignInit_ex -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.2 . -.Sh BUGS -Older versions of this documentation wrongly stated that calls to -.Fn EVP_SignUpdate -could not be made after calling -.Fn EVP_SignFinal . -.Pp -Since the private key is passed in the call to -.Fn EVP_SignFinal , -any error relating to the private key (for example an unsuitable key and -digest combination) will not be indicated until after potentially large -amounts of data have been passed through -.Fn EVP_SignUpdate . -.Pp -It is not possible to change the signing parameters using these -function. -.Pp -The previous two bugs are fixed in the newer EVP_DigestSign* function. diff --git a/src/lib/libcrypto/man/EVP_VerifyInit.3 b/src/lib/libcrypto/man/EVP_VerifyInit.3 deleted file mode 100644 index 0baadfb9fb..0000000000 --- a/src/lib/libcrypto/man/EVP_VerifyInit.3 +++ /dev/null @@ -1,205 +0,0 @@ -.\" $OpenBSD: EVP_VerifyInit.3,v 1.13 2024/11/08 22:23:35 schwarze Exp $ -.\" full merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000, 2001, 2006, 2016 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 8 2024 $ -.Dt EVP_VERIFYINIT 3 -.Os -.Sh NAME -.Nm EVP_VerifyInit_ex , -.Nm EVP_VerifyUpdate , -.Nm EVP_VerifyFinal , -.Nm EVP_VerifyInit -.Nd EVP signature verification functions -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_VerifyInit_ex -.Fa "EVP_MD_CTX *ctx" -.Fa "const EVP_MD *type" -.Fa "ENGINE *engine" -.Fc -.Ft int -.Fo EVP_VerifyUpdate -.Fa "EVP_MD_CTX *ctx" -.Fa "const void *d" -.Fa "unsigned int cnt" -.Fc -.Ft int -.Fo EVP_VerifyFinal -.Fa "EVP_MD_CTX *ctx" -.Fa "unsigned char *sigbuf" -.Fa "unsigned int siglen" -.Fa "EVP_PKEY *pkey" -.Fc -.Ft int -.Fo EVP_VerifyInit -.Fa "EVP_MD_CTX *ctx" -.Fa "const EVP_MD *type" -.Fc -.Sh DESCRIPTION -The EVP signature verification routines are a high-level interface to -digital signatures. -.Pp -.Fn EVP_VerifyInit_ex -sets up the verification context -.Fa ctx -to use the digest -.Fa type . -Before calling this function, obtain -.Fa ctx -from -.Xr EVP_MD_CTX_new 3 -or call -.Xr EVP_MD_CTX_reset 3 -on it. -The -.Fa engine -argument is always ignored and passing -.Dv NULL -is recommended. -.Pp -.Fn EVP_VerifyUpdate -hashes -.Fa cnt -bytes of data at -.Fa d -into the verification context -.Fa ctx . -This function can be called several times on the same -.Fa ctx -to include additional data. -.Pp -.Fn EVP_VerifyFinal -verifies the data in -.Fa ctx -using the public key -.Fa pkey -and against the -.Fa siglen -bytes at -.Fa sigbuf . -.Pp -.Fn EVP_VerifyInit -initializes a verification context -.Fa ctx -to use the default implementation of digest -.Fa type . -.Pp -The EVP interface to digital signatures should almost always be -used in preference to the low-level interfaces. -This is because the code then becomes transparent to the algorithm used -and much more flexible. -.Pp -The call to -.Fn EVP_VerifyFinal -internally finalizes a copy of the digest context. -This means that calls to -.Fn EVP_VerifyUpdate -and -.Fn EVP_VerifyFinal -can be called later to digest and verify additional data. -.Pp -Since only a copy of the digest context is ever finalized, the context -must be cleaned up after use by calling -.Xr EVP_MD_CTX_free 3 , -or a memory leak will occur. -.Pp -.Fn EVP_VerifyInit_ex , -.Fn EVP_VerifyUpdate , -and -.Fn EVP_VerifyInit -are implemented as macros. -.Sh RETURN VALUES -.Fn EVP_VerifyInit_ex -and -.Fn EVP_VerifyUpdate -return 1 for success and 0 for failure. -.Pp -.Fn EVP_VerifyFinal -returns 1 for a correct signature, 0 for failure, and -1 if some other -error occurred. -.Pp -The error codes can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_DigestInit 3 , -.Xr EVP_SignInit 3 -.Sh HISTORY -.Fn EVP_VerifyInit , -.Fn EVP_VerifyUpdate , -and -.Fn EVP_VerifyFinal -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . -.Pp -.Fn EVP_VerifyInit_ex -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.2 . -.Sh BUGS -Older versions of this documentation wrongly stated that calls to -.Fn EVP_VerifyUpdate -could not be made after calling -.Fn EVP_VerifyFinal . -.Pp -Since the public key is passed in the call to -.Xr EVP_SignFinal 3 , -any error relating to the private key (for example an unsuitable key and -digest combination) will not be indicated until after potentially large -amounts of data have been passed through -.Xr EVP_SignUpdate 3 . -.Pp -It is not possible to change the signing parameters using these -functions. -.Pp -The previous two bugs are fixed in the newer functions of the -.Xr EVP_DigestVerifyInit 3 -family. diff --git a/src/lib/libcrypto/man/EVP_aes_128_cbc.3 b/src/lib/libcrypto/man/EVP_aes_128_cbc.3 deleted file mode 100644 index 46e3ef0bdc..0000000000 --- a/src/lib/libcrypto/man/EVP_aes_128_cbc.3 +++ /dev/null @@ -1,304 +0,0 @@ -.\" $OpenBSD: EVP_aes_128_cbc.3,v 1.8 2024/12/20 01:54:03 schwarze Exp $ -.\" selective merge up to: OpenSSL 7c6d372a Nov 20 13:20:01 2018 +0000 -.\" -.\" This file was written by Ronald Tse -.\" Copyright (c) 2017 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 20 2024 $ -.Dt EVP_AES_128_CBC 3 -.Os -.Sh NAME -.Nm EVP_aes_128_cbc , -.Nm EVP_aes_192_cbc , -.Nm EVP_aes_256_cbc , -.Nm EVP_aes_128_cfb1 , -.Nm EVP_aes_192_cfb1 , -.Nm EVP_aes_256_cfb1 , -.Nm EVP_aes_128_cfb8 , -.Nm EVP_aes_192_cfb8 , -.Nm EVP_aes_256_cfb8 , -.Nm EVP_aes_128_cfb128 , -.Nm EVP_aes_192_cfb128 , -.Nm EVP_aes_256_cfb128 , -.Nm EVP_aes_128_cfb , -.Nm EVP_aes_192_cfb , -.Nm EVP_aes_256_cfb , -.Nm EVP_aes_128_ctr , -.Nm EVP_aes_192_ctr , -.Nm EVP_aes_256_ctr , -.Nm EVP_aes_128_ecb , -.Nm EVP_aes_192_ecb , -.Nm EVP_aes_256_ecb , -.Nm EVP_aes_128_ofb , -.Nm EVP_aes_192_ofb , -.Nm EVP_aes_256_ofb , -.Nm EVP_aes_128_cbc_hmac_sha1 , -.Nm EVP_aes_256_cbc_hmac_sha1 , -.Nm EVP_aes_128_wrap , -.Nm EVP_aes_192_wrap , -.Nm EVP_aes_256_wrap , -.Nm EVP_aes_128_xts , -.Nm EVP_aes_256_xts -.Nd EVP AES cipher -.Sh SYNOPSIS -.In openssl/evp.h -.Ft const EVP_CIPHER * -.Fn EVP_aes_128_cbc void -.Ft const EVP_CIPHER * -.Fn EVP_aes_192_cbc void -.Ft const EVP_CIPHER * -.Fn EVP_aes_256_cbc void -.Ft const EVP_CIPHER * -.Fn EVP_aes_128_cfb1 void -.Ft const EVP_CIPHER * -.Fn EVP_aes_192_cfb1 void -.Ft const EVP_CIPHER * -.Fn EVP_aes_256_cfb1 void -.Ft const EVP_CIPHER * -.Fn EVP_aes_128_cfb8 void -.Ft const EVP_CIPHER * -.Fn EVP_aes_192_cfb8 void -.Ft const EVP_CIPHER * -.Fn EVP_aes_256_cfb8 void -.Ft const EVP_CIPHER * -.Fn EVP_aes_128_cfb128 void -.Ft const EVP_CIPHER * -.Fn EVP_aes_192_cfb128 void -.Ft const EVP_CIPHER * -.Fn EVP_aes_256_cfb128 void -.Ft const EVP_CIPHER * -.Fn EVP_aes_128_cfb void -.Ft const EVP_CIPHER * -.Fn EVP_aes_192_cfb void -.Ft const EVP_CIPHER * -.Fn EVP_aes_256_cfb void -.Ft const EVP_CIPHER * -.Fn EVP_aes_128_ctr void -.Ft const EVP_CIPHER * -.Fn EVP_aes_192_ctr void -.Ft const EVP_CIPHER * -.Fn EVP_aes_256_ctr void -.Ft const EVP_CIPHER * -.Fn EVP_aes_128_ecb void -.Ft const EVP_CIPHER * -.Fn EVP_aes_192_ecb void -.Ft const EVP_CIPHER * -.Fn EVP_aes_256_ecb void -.Ft const EVP_CIPHER * -.Fn EVP_aes_128_ofb void -.Ft const EVP_CIPHER * -.Fn EVP_aes_192_ofb void -.Ft const EVP_CIPHER * -.Fn EVP_aes_256_ofb void -.Ft const EVP_CIPHER * -.Fn EVP_aes_128_cbc_hmac_sha1 void -.Ft const EVP_CIPHER * -.Fn EVP_aes_256_cbc_hmac_sha1 void -.Ft const EVP_CIPHER * -.Fn EVP_aes_128_wrap void -.Ft const EVP_CIPHER * -.Fn EVP_aes_192_wrap void -.Ft const EVP_CIPHER * -.Fn EVP_aes_256_wrap void -.Ft const EVP_CIPHER * -.Fn EVP_aes_128_xts void -.Ft const EVP_CIPHER * -.Fn EVP_aes_256_xts void -.Sh DESCRIPTION -These functions provide the AES encryption algorithm in the -.Xr evp 3 -framework. -AES is a family of block ciphers operating on 128 bit blocks -using key lengths of 128, 192, and 256 bits. -.Pp -.Fn EVP_aes_128_cbc , -.Fn EVP_aes_192_cbc , -.Fn EVP_aes_256_cbc , -.Fn EVP_aes_128_cfb1 , -.Fn EVP_aes_192_cfb1 , -.Fn EVP_aes_256_cfb1 , -.Fn EVP_aes_128_cfb8 , -.Fn EVP_aes_192_cfb8 , -.Fn EVP_aes_256_cfb8 , -.Fn EVP_aes_128_cfb128 , -.Fn EVP_aes_192_cfb128 , -.Fn EVP_aes_256_cfb128 , -.Fn EVP_aes_128_ctr , -.Fn EVP_aes_192_ctr , -.Fn EVP_aes_256_ctr , -.Fn EVP_aes_128_ecb , -.Fn EVP_aes_192_ecb , -.Fn EVP_aes_256_ecb , -.Fn EVP_aes_128_ofb , -.Fn EVP_aes_192_ofb , -and -.Fn EVP_aes_256_ofb -provide AES for 128, 192, and 256-bit keys in the following modes: -CBC, CFB with 1-bit shift, CFB with 8-bit shift, CFB with 128-bit shift, -CTR, ECB, and OFB. -.Pp -.Fn EVP_aes_128_cfb , -.Fn EVP_aes_192_cfb , -and -.Fn EVP_aes_256_cfb -are aliases for -.Fn EVP_aes_128_cfb128 , -.Fn EVP_aes_192_cfb128 , -and -.Fn EVP_aes_256_cfb128 , -implemented as macros. -.Pp -.Fn EVP_aes_128_cbc_hmac_sha1 -and -.Fn EVP_aes_256_cbc_hmac_sha1 -provide authenticated encryption with AES in CBC mode using SHA-1 as HMAC, -with keys of 128 and 256-bit length respectively. -The authentication tag is 160 bits long. -This is not intended for usage outside of TLS and requires -calling of some undocumented control functions. -These ciphers do not conform to the EVP AEAD interface. -.Pp -.Fn EVP_aes_128_wrap , -.Fn EVP_aes_192_wrap , -and -.Fn EVP_aes_256_wrap -provide AES key wrap with 128, 192 and 256-bit keys -according to RFC 3394 section 2.2.1 ("wrap"). -When the returned -.Vt EVP_CIPHER -object is later passed to -.Xr EVP_CipherInit_ex 3 , -.Xr EVP_EncryptInit_ex 3 , -or -.Xr EVP_DecryptInit_ex 3 -together with an -.Vt EVP_CIPHER_CTX -object, the flag -.Dv EVP_CIPHER_CTX_FLAG_WRAP_ALLOW -must have been set in the -.Vt EVP_CIPHER_CTX -using -.Xr EVP_CIPHER_CTX_set_flags 3 . -Otherwise, or when passing the returned -.Vt EVP_CIPHER -object to -.Xr EVP_CipherInit 3 , -.Xr EVP_EncryptInit 3 , -or -.Xr EVP_DecryptInit 3 , -initialization fails with a -.Dq wrap not allowed -error. -.Pp -.Fn EVP_aes_128_xts -and -.Fn EVP_aes_256_xts -provide XEX-based tweaked-codebook mode with ciphertext stealing (XTS-AES) -as specified in IEEE Std. 1619-2007 and described in NIST SP 800-38E. -It was designed for encrypting data on a storage device, -provides confidentiality but not authentication of data, -and requires a key of double length for protection of a certain key size. -In particular, XTS-AES-128 takes input of a 256-bit key to achieve -AES 128-bit security, and XTS-AES-256 takes input of a 512-bit key -to achieve AES 256-bit security. -.Sh RETURN VALUES -These functions return an -.Vt EVP_CIPHER -structure that provides the implementation of the symmetric cipher. -.Sh SEE ALSO -.Xr AES_encrypt 3 , -.Xr evp 3 , -.Xr EVP_aes_128_ccm 3 , -.Xr EVP_aes_128_gcm 3 , -.Xr EVP_EncryptInit 3 -.Sh HISTORY -.Fn EVP_aes_128_cbc , -.Fn EVP_aes_192_cbc , -.Fn EVP_aes_256_cbc , -.Fn EVP_aes_128_cfb , -.Fn EVP_aes_192_cfb , -.Fn EVP_aes_256_cfb , -.Fn EVP_aes_128_ebc , -.Fn EVP_aes_192_ebc , -.Fn EVP_aes_256_ebc , -.Fn EVP_aes_128_ofb , -.Fn EVP_aes_192_ofb , -and -.Fn EVP_aes_256_ofb -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Pp -.Fn EVP_aes_128_cfb1 , -.Fn EVP_aes_192_cfb1 , -.Fn EVP_aes_256_cfb1 , -.Fn EVP_aes_128_cfb8 , -.Fn EVP_aes_192_cfb8 , -.Fn EVP_aes_256_cfb8 , -.Fn EVP_aes_128_cfb128 , -.Fn EVP_aes_192_cfb128 , -and -.Fn EVP_aes_256_cfb128 -first appeared in OpenSSL 0.9.7e and have been available since -.Ox 3.8 . -.Pp -.Fn EVP_aes_128_ctr , -.Fn EVP_aes_192_ctr , -.Fn EVP_aes_256_ctr , -.Fn EVP_aes_128_cbc_hmac_sha1 , -.Fn EVP_aes_256_cbc_hmac_sha1 , -.Fn EVP_aes_128_xts , -and -.Fn EVP_aes_256_xts -first appeared in OpenSSL 1.0.1 and have been available since -.Ox 5.3 . -.Pp -.Fn EVP_aes_128_wrap , -.Fn EVP_aes_192_wrap , -and -.Fn EVP_aes_256_wrap -first appeared in OpenSSL 1.0.2 and have been available since -.Ox 6.5 . diff --git a/src/lib/libcrypto/man/EVP_aes_128_ccm.3 b/src/lib/libcrypto/man/EVP_aes_128_ccm.3 deleted file mode 100644 index e9023a5b67..0000000000 --- a/src/lib/libcrypto/man/EVP_aes_128_ccm.3 +++ /dev/null @@ -1,573 +0,0 @@ -.\" $OpenBSD: EVP_aes_128_ccm.3,v 1.5 2024/12/29 12:27:28 schwarze Exp $ -.\" full merge up to: -.\" OpenSSL EVP_EncryptInit.pod 0874d7f2 Oct 11 13:13:47 2022 +0100 -.\" OpenSSL EVP_aes.pod a1ec85c1 Apr 21 10:49:12 2020 +0100 -.\" -.\" Copyright (c) 2024 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" This file is a derived work containing a few sentences -.\" written by Dr. Stephen Henson -.\" covered by the following license: -.\" -.\" Copyright (c) 2012 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 29 2024 $ -.Dt EVP_AES_128_CCM 3 -.Os -.Sh NAME -.Nm EVP_aes_128_ccm , -.Nm EVP_aes_192_ccm , -.Nm EVP_aes_256_ccm -.Nd EVP AES cipher in Counter with CBC-MAC mode -.Sh SYNOPSIS -.In openssl/evp.h -.Ft const EVP_CIPHER * -.Fn EVP_aes_128_ccm void -.Ft const EVP_CIPHER * -.Fn EVP_aes_192_ccm void -.Ft const EVP_CIPHER * -.Fn EVP_aes_256_ccm void -.\" The following #define'd constants are intentionally undocumented: -.\" Completely unused by anything: -.\" EVP_CTRL_CCM_SET_MSGLEN, EVP_CCM_TLS_FIXED_IV_LEN, EVP_CCM_TLS_IV_LEN -.\" Very rarely used and unused in LibreSSL: -.\" EVP_CCM_TLS_EXPLICIT_IV_LEN, EVP_CCM_TLS_TAG_LEN, EVP_CCM8_TLS_TAG_LEN -.Sh DESCRIPTION -.Fn EVP_aes_128_ccm , -.Fn EVP_aes_192_ccm , -and -.Fn EVP_aes_256_ccm -provide the Advanced Encryption Standard algorithm for 128, 192 and 256-bit -keys in Counter with CBC-MAC (CCM) mode in the -.Xr evp 3 -framework. -This mode supports Authenticated Encryption with Additional Data (AEAD) -and can be used in a number of communication protocols. -Longer keys make precomputation attacks harder at a cost in performance. -.Pp -For CCM mode ciphers, the behaviour of the EVP interface is subtly -altered and several additional -.Xr EVP_CIPHER_CTX_ctrl 3 -operations are required to function correctly. -Some of the -.Dv EVP_CTRL_CCM_* -control commands are older aliases for corresponding -.Dv EVP_CTRL_AEAD_* -constants as indicated below. -.Pp -The less cumbersome and less error-prone -.Xr EVP_AEAD_CTX_new 3 -API does not provide CCM modes. -Some communication protocols support alternatives to CCM, which may -sometimes allow choosing the better API by avoiding CCM. -.Ss Configuration controls -The following two control commands can be issued as soon as -.Xr EVP_EncryptInit 3 -has been called with a CCM -.Fa type -and -.Dv NULL -pointers for -.Fa key -and -.Fa iv . -Both commands are optional and override each other. -If issued when a nonce is already set, they silently cause data corruption. -The -.Fa ptr -argument is ignored by both; passing -.Dv NULL -is recommended. -.Bl -tag -width Ds -.It Dv EVP_CTRL_CCM_SET_L -Set the size -.Ms L -of the length field to -.Fa arg -bytes and the size of the nonce to -.No 15 \- Fa arg -bytes. -By default, 8 bytes are used for the length field and 7 for the nonce. -Selecting a smaller size -.Ms L -for the length field reduces des maximum size of messages that can be sent, -but in return allows transmitting more messages with the same key. -It is an error to pass less than 2 or more than the default value of 8 for -.Fa arg . -.It Dv EVP_CTRL_AEAD_SET_IVLEN Pq == Dv EVP_CTRL_CCM_SET_IVLEN -Set the size of the nonce to -.Fa arg -bytes and the size -.Ms L -of the length field to -.No 15 \- Fa arg -bytes. -By default, 7 bytes are used for the nonce and 8 for the length field. -Selecting a larger size of the nonce allows transmitting more messages with -the same key at the expense of reducing the maximum size for each message. -It is an error to pass more than 13 or less than the default value of 7 for -.Fa arg . -.El -.Pp -After optionally issuing one of the above control commands, -.Xr EVP_EncryptInit 3 -can be called a second time, this time passing -.Dv NULL -for the -.Fa type -argument, with the other two arguments pointing to the desired AES key -and to the desired nonce. -.Ss Encryption controls -.Bl -tag -width Ds -.It Dv EVP_CTRL_AEAD_SET_TAG Pq == Dv EVP_CTRL_CCM_SET_TAG -If the -.Fa ptr -argument is -.Dv NULL , -set the tag length -.Ms M -to -.Fa arg -bytes. -The default value is 12. -Selecting a larger value makes tampering harder for an attacker, -at a small expense of making the messages slightly longer. -Selecting a smaller value is not recommended. -It is an error to pass an odd number for -.Fa arg , -or a number that is less than 4 or greater than 16, or to pass -.Dv NULL -to -.Fa ptr -when -.Fa ctx -is not configured for encrypting. -Issuing this control command when an encryption key is already configured -silently causes data corruption. -.It Dv EVP_CTRL_AEAD_GET_TAG Pq == Dv EVP_CTRL_CCM_GET_TAG -Store the -.Fa arg -bytes of the tag in the memory provided by the caller starting at -.Fa ptr . -It is an error to issue this control command when -.Fa ctx -is not configured for encrypting, when no data was encrypted yet, with an -.Fa arg -that does not match the configured tag length -.Ms M , -or when the tag has already been retrieved earlier. -.El -.Pp -Before passing any plaintext data to -.Xr EVP_EncryptUpdate 3 , -call -.Xr EVP_EncryptUpdate 3 -with both -.Fa in -and -.Fa out -set to -.Dv NULL , -passing the total plaintext length in bytes as -.Fa in_len . -This constructs the first block to be digested with CBC-MAC -and copies the text length to -.Pf * Fa out_len . -It does not check whether -.Fa in_len -exceeds the limit of -.Pf 256\(ha Ms L ; -the most significant bytes of excessive values are silently discarded. -.Pp -It is an error if the -.Fa in_len -argument of the -.Xr EVP_EncryptUpdate 3 -call passing the plaintext data does not match the total length -specified earlier. -Splitting the text into more than one chunks to be passed in multiple calls of -.Xr EVP_EncryptUpdate 3 -is not supported for CCM. -.Pp -To specify any additional authenticated data (AAD), call -.Xr EVP_EncryptUpdate 3 -with the -.Fa out -argument set to -.Dv NULL . -.Ss Decryption controls -.Bl -tag -width Ds -.It Dv EVP_CTRL_AEAD_SET_TAG Pq == Dv EVP_CTRL_CCM_SET_TAG -If the -.Fa ptr -argument is not -.Dv NULL , -copy -.Fa arg -bytes starting at -.Fa ptr -to the expected CCM tag value. -It is an error to pass an odd number for -.Fa arg , -or a number that is less than 4 or greater than 16. -Passing a number that does not correspond to the tag length -.Ms M -that was used for encryption does not raise an error right away, -but results in undefined behaviour -and typically causes subsequent authentication failure. -It is also an error to pass a -.Pf non- Dv NULL -.Fa ptr -when -.Fa ctx -is configured for encryption. -.El -.Pp -Before passing any ciphertext data to -.Xr EVP_DecryptUpdate 3 , -call -.Xr EVP_DecryptUpdate 3 -with both -.Fa in -and -.Fa out -set to -.Dv NULL , -passing the total ciphertext length in bytes as -.Fa in_len . -This constructs the first block to be digested with CBC-MAC -and copies the text length to -.Pf * Fa out_len . -It does not check whether -.Fa in_len -exceeds the limit of -.Pf 256\(ha Ms L ; -the most significant bytes of excessive values are silently discarded. -.Pp -It is an error if the -.Fa in_len -argument of the -.Xr EVP_DecryptUpdate 3 -call passing the ciphertext data does not match the total length -specified earlier. -Splitting the text into more than one chunks to be passed in multiple calls of -.Xr EVP_DecryptUpdate 3 -is not supported for CCM. -.Pp -To specify any additional authenticated data (AAD), call -.Xr EVP_DecryptUpdate 3 -with the -.Fa out -argument set to -.Dv NULL . -.Pp -If the return value of -.Xr EVP_DecryptUpdate 3 -does not indicate success, the authentication operation may have failed. -In that case, regard any output data as corrupted. -.Pp -Do not call -.Xr EVP_DecryptFinal 3 -when using CCM. -Such a call would not do anything useful, and it would fail -because the tag that was set with -.Dv EVP_CTRL_CCM_SET_TAG -was already consumed by -.Xr EVP_DecryptUpdate 3 . -.Sh RETURN VALUES -These functions return a static constant -.Vt EVP_CIPHER -structure that provides the implementation of the respective AEAD cipher mode. -.Sh EXAMPLES -The following code encrypts and digests some secret text -and some additional, public data with AES-CCM. -Specifically, it implements the Test Vector #1 -given in section 8 of RFC 3610. -.Bd -literal -offset indent -/* input data */ -const unsigned char key[] = { - 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, - 0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF -}; -const unsigned char nonce[] = { - 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xA0, - 0xA1, 0xA2, 0xA3, 0xA4, 0xA5 -}; -const int nonce_len = sizeof(nonce); -const int size_len = 15 - nonce_len; - -const unsigned char aad[] = { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 -}; -const int aad_len = sizeof(aad); - -const unsigned char plaintext[] = { - 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, - 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, - 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E -}; -const int text_len = sizeof(plaintext); - -/* expected output data */ -const unsigned char ciphertext[] = { - 0x58, 0x8C, 0x97, 0x9A, 0x61, 0xC6, 0x63, 0xD2, - 0xF0, 0x66, 0xD0, 0xC2, 0xC0, 0xF9, 0x89, 0x80, - 0x6D, 0x5F, 0x6B, 0x61, 0xDA, 0xC3, 0x84 -}; - -const unsigned char wanted_tag[] = { - 0x17, 0xE8, 0xD1, 0x2C, 0xFD, 0xF9, 0x26, 0xE0 -}; -const int tag_len = sizeof(wanted_tag); - -const int out_len = aad_len + text_len + tag_len; -unsigned char out_buf[out_len]; -unsigned char *out_p = out_buf; -unsigned char *out_end = out_buf + out_len; - -/* auxiliary variables */ -EVP_CIPHER_CTX *ctx; -int irv, i; - -/* configuration */ -ctx = EVP_CIPHER_CTX_new(); -if (ctx == NULL) - err(1, "EVP_CIPHER_CTX_new"); - -if (EVP_EncryptInit(ctx, EVP_aes_128_ccm(), NULL, NULL) != 1) - err(1, "EVP_EncryptInit(NULL)"); - -if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, - size_len, NULL) <= 0) - err(1, "EVP_CTRL_CCM_SET_L(%d)", size_len); - -if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, - tag_len, NULL) <= 0) - err(1, "EVP_CTRL_CCM_SET_TAG(%d)", tag_len); - -/* process input data */ -if (EVP_EncryptInit(ctx, NULL, key, nonce) != 1) - err(1, "EVP_EncryptInit(key, nonce)"); - -if (EVP_EncryptUpdate(ctx, NULL, &irv, NULL, text_len) != 1) - err(1, "EVP_EncryptUpdate(len = %d)", text_len); -if (irv != text_len) - errx(1, "text length: want %d, got %d", text_len, irv); - -irv = -1; -if (EVP_EncryptUpdate(ctx, NULL, &irv, aad, aad_len) != 1) - err(1, "EVP_EncryptUpdate(AAD)"); -memcpy(out_p, aad, aad_len); -out_p += aad_len; - -irv = -1; -if (EVP_EncryptUpdate(ctx, out_p, &irv, plaintext, text_len) != 1) - err(1, "EVP_EncryptUpdate(plaintext)"); -if (irv != text_len) - errx(1, "text_len: want %d, got %d", text_len, irv); -out_p += irv; - -/* - * EVP_EncryptFinal(3) doesn't really do anything for CCM. - * Call it anyway to stay closer to normal EVP_Encrypt*(3) idioms, - * to match what the OpenSSL Wiki suggests since 2013, and to ease - * later migration of the code to a different AEAD algorithm. - */ -irv = -1; -if (EVP_EncryptFinal(ctx, out_p, &irv) != 1) - err(1, "EVP_EncryptFinal"); -if (irv != 0) - errx(1, "final_len: want 0, got %d", irv); - -/* check output data */ -if (memcmp(out_buf + aad_len, ciphertext, text_len) != 0) - errx(1, "ciphertext mismatch"); - -if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_GET_TAG, - tag_len, out_p) <= 0) - err(1, "EVP_CTRL_CCM_GET_TAG"); -if (memcmp(out_p, wanted_tag, tag_len) != 0) - errx(1, "tag mismatch"); -out_p += tag_len; -if (out_p != out_end) - errx(1, "end of output: want %p, got %p", out_end, out_p); - -printf("Total packet length = %d.", out_len); -printf(" [Authenticated and Encrypted Output]"); -for (i = 0; i < out_len; i++) { - if (i % 16 == 0) - printf("\en "); - if (i % 4 == 0) - putchar(' '); - printf(" %02X", out_buf[i]); -} -putchar('\en'); - -EVP_CIPHER_CTX_free(ctx); -.Ed -.Pp -The reverse operation for the same test vector, -i.e. decrypting and comparing the digest, -is implemented by the following code. -.Pp -The variable declarations and definitions up to the call of -.Xr EVP_CIPHER_CTX_new 3 -are the same as above. -The chief differences are: -.Bl -dash -width 1n -compact -.It -The tag is not part of the output, -so the total output length is shorter. -.It -No -.Xr memcmp 3 -of the tag takes place. -Instead, the control command -.Dv EVP_CTRL_CCM_SET_TAG -requires the tag that is going to be verified as an additional argument. -.It -While -.Xr EVP_EncryptFinal 3 -is an optional no-op, -.Xr EVP_DecryptFinal 3 -is not called and would fail. -.El -.Bd -literal -offset indent -const int out_len = aad_len + text_len; - -/* configuration */ -ctx = EVP_CIPHER_CTX_new(); -if (ctx == NULL) - err(1, "EVP_CIPHER_CTX_new"); - -if (EVP_DecryptInit(ctx, EVP_aes_128_ccm(), NULL, NULL) != 1) - err(1, "EVP_DecryptInit(NULL)"); - -if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, size_len, NULL) <= 0) - err(1, "EVP_CTRL_CCM_SET_L(%d)", size_len); - -if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, - tag_len, (void *)wanted_tag) <= 0) - err(1, "EVP_CTRL_CCM_SET_TAG(%d)", tag_len); - -/* process input data */ -if (EVP_DecryptInit(ctx, NULL, key, nonce) != 1) - err(1, "EVP_DecryptInit(key, nonce)"); - -if (EVP_DecryptUpdate(ctx, NULL, &irv, NULL, text_len) != 1) - err(1, "EVP_DecryptUpdate(len = %d)", text_len); -if (irv != text_len) - errx(1, "text length: want %d, got %d", text_len, irv); - -irv = -1; -if (EVP_DecryptUpdate(ctx, NULL, &irv, aad, aad_len) != 1) - err(1, "EVP_DecryptUpdate(AAD)"); -memcpy(out_p, aad, aad_len); -out_p += aad_len; - -irv = -1; -if (EVP_DecryptUpdate(ctx, out_p, &irv, ciphertext, text_len) != 1) - err(1, "EVP_DecryptUpdate(ciphertext)"); -if (irv != text_len) - errx(1, "text_len: want %d, got %d", text_len, irv); -out_p += irv; - -/* Do not call EVP_DecryptFinal(3); it would fail and do nothing. */ - -/* check output data */ -if (memcmp(out_buf + aad_len, plaintext, text_len) != 0) - errx(1, "plaintext mismatch"); -if (out_p != out_end) - errx(1, "end of output: want %p, got %p", out_end, out_p); - -printf("Total packet length = %d.", out_len); -printf(" [Decrypted and Authenticated Input]"); -for (i = 0; i < out_len; i++) { - if (i % 16 == 0) - printf("\n "); - if (i % 4 == 0) - putchar(' '); - printf(" %02X", out_buf[i]); -} -putchar('\n'); - -EVP_CIPHER_CTX_free(ctx); -.Ed -.Sh SEE ALSO -.Xr AES_encrypt 3 , -.Xr evp 3 , -.Xr EVP_aes_128_cbc 3 , -.Xr EVP_aes_128_gcm 3 , -.Xr EVP_EncryptInit 3 -.Sh STANDARDS -.Rs -.%A Doug Whiting -.%A Russ Housley -.%A Niels Ferguson -.%T Counter with CBC-MAC (CCM) -.%R RFC 3610 -.%D September 2003 -.Re -.Sh HISTORY -.Fn EVP_aes_128_ccm , -.Fn EVP_aes_192_ccm , -and -.Fn EVP_aes_256_ccm -first appeared in OpenSSL 1.0.1 and have been available since -.Ox 5.3 . diff --git a/src/lib/libcrypto/man/EVP_aes_128_gcm.3 b/src/lib/libcrypto/man/EVP_aes_128_gcm.3 deleted file mode 100644 index 53c41ea162..0000000000 --- a/src/lib/libcrypto/man/EVP_aes_128_gcm.3 +++ /dev/null @@ -1,254 +0,0 @@ -.\" $OpenBSD: EVP_aes_128_gcm.3,v 1.2 2024/12/29 12:27:28 schwarze Exp $ -.\" full merge up to: -.\" OpenSSL EVP_EncryptInit.pod 0874d7f2 Oct 11 13:13:47 2022 +0100 -.\" OpenSSL EVP_aes.pod a1ec85c1 Apr 21 10:49:12 2020 +0100 -.\" -.\" Copyright (c) 2024 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" This file is a derived work containing a few sentences -.\" written by Dr. Stephen Henson -.\" covered by the following license: -.\" -.\" Copyright (c) 2012 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 29 2024 $ -.Dt EVP_AES_128_GCM 3 -.Os -.Sh NAME -.Nm EVP_aes_128_gcm , -.Nm EVP_aes_192_gcm , -.Nm EVP_aes_256_gcm -.Nd EVP AES cipher in Galois Counter Mode -.Sh SYNOPSIS -.In openssl/evp.h -.Ft const EVP_CIPHER * -.Fn EVP_aes_128_gcm void -.Ft const EVP_CIPHER * -.Fn EVP_aes_192_gcm void -.Ft const EVP_CIPHER * -.Fn EVP_aes_256_gcm void -.Sh DESCRIPTION -.Fn EVP_aes_128_gcm , -.Fn EVP_aes_192_gcm , -and -.Fn EVP_aes_256_gcm -provide the Advanced Encryption Standard algorithm for 128, 192 and 256-bit -keys in and Galois Counter Mode in the -.Xr evp 3 -framework. -.Pp -For GCM mode ciphers, the behaviour of the EVP interface is subtly -altered and several additional -.Xr EVP_CIPHER_CTX_ctrl 3 -operations are required to function correctly. -Some of the -.Dv EVP_CTRL_GCM_* -control commands are older aliases for corresponding -.Dv EVP_CTRL_AEAD_* -constants as indicated below. -.Pp -To avoid using the cumbersome and error-prone API documented -in the present manual page, consider using the functions documented in -.Xr EVP_AEAD_CTX_init 3 -instead. -.Ss Configuration controls -.\" The following constants are intentionally undocumented -.\" because they are very rarely used in application programs: -.\" EVP_GCM_TLS_FIXED_IV_LEN (unused in the library) -.\" EVP_GCM_TLS_EXPLICIT_IV_LEN and EVP_GCM_TLS_TAG_LEN (used internally -.\" only in aes_gcm_tls_cipher(), which is unused) -.Bl -tag -width Ds -.It Dv EVP_CTRL_AEAD_SET_IVLEN Pq == Dv EVP_CTRL_GCM_SET_IVLEN -Set the length of the initialization vector to -.Fa arg -bytes; the -.Fa ptr -argument is ignored and passing -.Dv NULL -is recommended. -This call can only be made before specifying an initialization vector. -If not called, the default IV length of 12 bytes is used. -.Pp -Using this control command is discouraged because section 5.2.1.1 of the -specification explicitly recommends that implementations of GCM restrict -support to the default IV length of 12 bytes for interoperability, -efficiency, and simplicity of design. -.It Dv EVP_CTRL_AEAD_SET_IV_FIXED Pq == Dv EVP_CTRL_GCM_SET_IV_FIXED -Usually, \-1 is passed for -.Fa arg . -In that case, the complete initialization vector is copied from -.Fa ptr . -.Pp -Otherwise, set the fixed field at the beginning of the initialization -vector to the -.Fa arg -bytes pointed to by -.Fa ptr . -When encrypting, also generate the remaining bytes -of the initialization vector at random. -It is an error to specify an -.Fa arg -that is less than 4 or so large that less than 8 bytes remain. -.El -.Ss Encryption controls -.Bl -tag -width Ds -.It Dv EVP_CTRL_GCM_IV_GEN -Generate the precounter block from the initialization vector, -copy the last -.Fa arg -bytes of the initialization vector to the location pointed to by -.Fa ptr , -or all of it if -.Fa arg -is less than 1 or greater than the length of the initialization vector, -and increment the initialization vector by 1. -Incrementing ignores the IV length and the fixed field length -that may have been configured earlier and always operates on the -last eight bytes of the initialization vector. -It is an error to issue this command -when no key or no initialization vector is set. -.It Dv EVP_CTRL_AEAD_GET_TAG Pq == Dv EVP_CTRL_GCM_GET_TAG -Write -.Fa arg -bytes of the tag value to the location pointed to by -.Fa ptr . -This control command only makes sense after all data has been processed, -e.g. after calling -.Xr EVP_EncryptFinal 3 . -It is an error to issue this command while decrypting, -before any data has been processed, or to specify an -.Fa arg -that is less than 1 or greater than 16. -.El -.Pp -To specify any additional authenticated data (AAD), call -.Xr EVP_EncryptUpdate 3 -with the -.Fa out -argument set to -.Dv NULL . -.Ss Decryption controls -.Bl -tag -width Ds -.It Dv EVP_CTRL_GCM_SET_IV_INV -Copy -.Fa arg -bytes from -.Fa ptr -to the last bytes of the initialization vector -and generate the precounter block from the initialization vector. -The library does not check whether the arguments are consistent -with the configured initialization vector and fixed field lengths. -When default lengths are in use, pass 8 for -.Fa arg . -In that case, this control command sets the invocation field. -It is an error to issue this command -when no key or no initialization vector is set, or when encrypting. -.It Dv EVP_CTRL_AEAD_SET_TAG Pq == Dv EVP_CTRL_GCM_SET_TAG -Set the expected tag to the -.Fa arg -bytes located at -.Fa ptr . -This control command is mandatory before any data is processed, -e.g. before calling -.Xr EVP_DecryptUpdate 3 . -It is an error to issue this command while encrypting or to specify an -.Fa arg -that is less than 1 or greater than 16. -.El -.Pp -To specify any additional authenticated data (AAD), call -.Xr EVP_DecryptUpdate 3 -with the -.Fa out -argument set to -.Dv NULL . -.Pp -If the return value of -.Xr EVP_DecryptFinal 3 , -.Xr EVP_DecryptFinal_ex 3 , -.Xr EVP_CipherFinal 3 , -or -.Xr EVP_CipherFinal_ex 3 -does not indicate success when decrypting, -the authentication operation failed. -In that case, regard any output data as corrupted. -.Sh SEE ALSO -.Xr AES_encrypt 3 , -.Xr evp 3 , -.Xr EVP_AEAD_CTX_init 3 , -.Xr EVP_aes_128_cbc 3 , -.Xr EVP_CIPHER_CTX_ctrl 3 , -.Xr EVP_EncryptInit 3 -.Sh STANDARDS -.Rs -.%A Morris Dworkin -.%I National Institute of Standards and Technology -.%R Recommendation for Block Cipher Modes of Operation:\ - Galois/Counter Mode (GCM) and GMAC -.%N NIST Special Publication 800-38D -.%C Gaithersburg, Maryland -.%D November 2007 -.Re -.Sh HISTORY -.Fn EVP_aes_128_gcm , -.Fn EVP_aes_192_gcm , -and -.Fn EVP_aes_256_gcm -first appeared in OpenSSL 1.0.1 and have been available since -.Ox 5.3 . diff --git a/src/lib/libcrypto/man/EVP_camellia_128_cbc.3 b/src/lib/libcrypto/man/EVP_camellia_128_cbc.3 deleted file mode 100644 index 6f15a85f7f..0000000000 --- a/src/lib/libcrypto/man/EVP_camellia_128_cbc.3 +++ /dev/null @@ -1,151 +0,0 @@ -.\" $OpenBSD: EVP_camellia_128_cbc.3,v 1.3 2024/11/09 22:03:49 schwarze Exp $ -.\" selective merge up to: OpenSSL 7c6d372a Nov 20 13:20:01 2018 +0000 -.\" -.\" This file was written by Ronald Tse -.\" Copyright (c) 2017 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 9 2024 $ -.Dt EVP_CAMELLIA_128_CBC 3 -.Os -.Sh NAME -.Nm EVP_camellia_128_cbc , -.Nm EVP_camellia_192_cbc , -.Nm EVP_camellia_256_cbc , -.Nm EVP_camellia_128_cfb , -.Nm EVP_camellia_192_cfb , -.Nm EVP_camellia_256_cfb , -.Nm EVP_camellia_128_cfb1 , -.Nm EVP_camellia_192_cfb1 , -.Nm EVP_camellia_256_cfb1 , -.Nm EVP_camellia_128_cfb8 , -.Nm EVP_camellia_192_cfb8 , -.Nm EVP_camellia_256_cfb8 , -.Nm EVP_camellia_128_cfb128 , -.Nm EVP_camellia_192_cfb128 , -.Nm EVP_camellia_256_cfb128 , -.Nm EVP_camellia_128_ecb , -.Nm EVP_camellia_192_ecb , -.Nm EVP_camellia_256_ecb , -.Nm EVP_camellia_128_ofb , -.Nm EVP_camellia_192_ofb , -.Nm EVP_camellia_256_ofb -.Nd EVP Camellia cipher -.Sh SYNOPSIS -.In openssl/evp.h -.Ft const EVP_CIPHER * -.Fn EVP_camellia_128_cbc void -.Ft const EVP_CIPHER * -.Fn EVP_camellia_192_cbc void -.Ft const EVP_CIPHER * -.Fn EVP_camellia_256_cbc void -.Ft const EVP_CIPHER * -.Fn EVP_camellia_128_cfb void -.Ft const EVP_CIPHER * -.Fn EVP_camellia_192_cfb void -.Ft const EVP_CIPHER * -.Fn EVP_camellia_256_cfb void -.Ft const EVP_CIPHER * -.Fn EVP_camellia_128_cfb1 void -.Ft const EVP_CIPHER * -.Fn EVP_camellia_192_cfb1 void -.Ft const EVP_CIPHER * -.Fn EVP_camellia_256_cfb1 void -.Ft const EVP_CIPHER * -.Fn EVP_camellia_128_cfb8 void -.Ft const EVP_CIPHER * -.Fn EVP_camellia_192_cfb8 void -.Ft const EVP_CIPHER * -.Fn EVP_camellia_256_cfb8 void -.Ft const EVP_CIPHER * -.Fn EVP_camellia_128_cfb128 void -.Ft const EVP_CIPHER * -.Fn EVP_camellia_192_cfb128 void -.Ft const EVP_CIPHER * -.Fn EVP_camellia_256_cfb128 void -.Ft const EVP_CIPHER * -.Fn EVP_camellia_128_ecb void -.Ft const EVP_CIPHER * -.Fn EVP_camellia_192_ecb void -.Ft const EVP_CIPHER * -.Fn EVP_camellia_256_ecb void -.Ft const EVP_CIPHER * -.Fn EVP_camellia_128_ofb void -.Ft const EVP_CIPHER * -.Fn EVP_camellia_192_ofb void -.Ft const EVP_CIPHER * -.Fn EVP_camellia_256_ofb void -.Sh DESCRIPTION -These functions provide the Camellia encryption algorithm in the -.Xr evp 3 -framework. -Camellia is a block cipher operating on 128 bit blocks. -These functions use 128, 192, and 256-bit keys -in the following modes, respectively: -CBC, CFB with 1-bit shift, CFB with 8-bit shift, CFB with 128-bit shift, -ECB, and OFB. -.Pp -.Fn EVP_camellia_128_cfb , -.Fn EVP_camellia_192_cfb , -and -.Fn EVP_camellia_256_cfb -are aliases for -.Fn EVP_camellia_128_cfb128 , -.Fn EVP_camellia_192_cfb128 , -and -.Fn EVP_camellia_256_cfb128 , -implemented as macros. -.Sh RETURN VALUES -These functions return an -.Vt EVP_CIPHER -structure that provides the implementation of the symmetric cipher. -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_EncryptInit 3 -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.8c -and have been available since -.Ox 4.5 . diff --git a/src/lib/libcrypto/man/EVP_chacha20.3 b/src/lib/libcrypto/man/EVP_chacha20.3 deleted file mode 100644 index 8fc79dbf2b..0000000000 --- a/src/lib/libcrypto/man/EVP_chacha20.3 +++ /dev/null @@ -1,292 +0,0 @@ -.\" $OpenBSD: EVP_chacha20.3,v 1.8 2024/12/09 11:55:52 schwarze Exp $ -.\" full merge up to: OpenSSL 35fd9953 May 28 14:49:38 2019 +0200 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Ronald Tse . -.\" Copyright (c) 2017 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 9 2024 $ -.Dt EVP_CHACHA20 3 -.Os -.Sh NAME -.Nm EVP_chacha20 , -.Nm EVP_chacha20_poly1305 -.Nd ChaCha20 stream cipher for EVP -.Sh SYNOPSIS -.In openssl/evp.h -.Ft const EVP_CIPHER * -.Fn EVP_chacha20 void -.Ft const EVP_CIPHER * -.Fn EVP_chacha20_poly1305 void -.Sh DESCRIPTION -.Fn EVP_chacha20 -provides the ChaCha20 stream cipher in the EVP framework. -.Xr EVP_EncryptInit_ex 3 , -.Xr EVP_DecryptInit_ex 3 , -and -.Xr EVP_CipherInit_ex 3 -take a -.Fa key -argument of 32 bytes = 256 bits and an -.Fa iv -argument of 16 bytes = 128 bits, internally using -.Xr ChaCha_set_key 3 -and -.Xr ChaCha_set_iv 3 . -The lower 8 bytes = 64 bits of -.Fa iv -are used as counter and the remaining 8 bytes are used as -the initialization vector of -.Xr ChaCha_set_iv 3 . -.Xr EVP_EncryptUpdate 3 , -.Xr EVP_EncryptFinal_ex 3 , -.Xr EVP_DecryptUpdate 3 , -and -.Xr EVP_DecryptFinal_ex 3 -internally use -.Xr ChaCha 3 -to perform encryption and decryption. -.Xr EVP_CIPHER_CTX_ctrl 3 -always fails for -.Fa ctx -objects created from -.Fn EVP_chacha20 . -.Pp -.Fn EVP_chacha20_poly1305 -provides authenticated encryption with ChaCha20-Poly1305. -Unless compatibility with other implementations -like OpenSSL or BoringSSL is required, using -.Xr EVP_AEAD_CTX_init 3 -with -.Xr EVP_aead_chacha20_poly1305 3 -is recommended instead because the code then becomes transparent -to the AEAD cipher used, more flexible, and less error prone. -.Pp -With -.Fn EVP_chacha20_poly1305 , -.Xr EVP_EncryptInit_ex 3 , -.Xr EVP_DecryptInit_ex 3 , -and -.Xr EVP_CipherInit_ex 3 -take a -.Fa key -argument of 32 bytes = 256 bits and an -.Fa iv -argument of 12 bytes = 96 bits. -This supports additional authenticated data (AAD) and produces a 128-bit -authentication tag. -The constant -.Dv EVP_CHACHAPOLY_TLS_TAG_LEN -specifies the length of the authentication tag in bytes and has a value of 16. -.Pp -The following -.Fa type -arguments are supported for -.Xr EVP_CIPHER_CTX_ctrl 3 : -.Bl -tag -width Ds -.It Dv EVP_CTRL_AEAD_GET_TAG -Copy the number of bytes indicated by the -.Fa arg -argument from the tag to the location indicated by the -.Fa ptr -argument; -to be called after -.Xr EVP_EncryptFinal_ex 3 . -This control operation fails if the -.Fa ctx -is not configured for encryption or if -.Fa arg -is less than 1 or greater than 16. -.It Dv EVP_CTRL_AEAD_SET_TAG -Copy the number of bytes indicated by the -.Fa arg -argument from the location indicated by the -.Fa ptr -argument and designate them as the expected tag length and tag, -causing subsequent -.Xr EVP_DecryptFinal_ex 3 -to fail if the tag calculated during decryption does not match. -It is strongly recommended to specify -.Fa arg -as exactly 16. -Otherwise, only the initial part of the tag may be compared -and mismatches near the end of the tag may get silently ignored. -This control operation fails if the -.Fa ctx -is configured for encryption or if -.Fa arg -is less than 1 or greater than 16. -If the -.Fa ptr -argument is a -.Dv NULL -pointer, this control operation succeeds without having any effect. -.It Dv EVP_CTRL_AEAD_SET_IV_FIXED -Set the initialization vector by reading the 12 bytes pointed to by the -.Fa ptr -argument, independently of -.Xr EVP_EncryptInit_ex 3 , -.Xr EVP_DecryptInit_ex 3 , -and -.Xr EVP_CipherInit_ex 3 . -This control operation fails if the -.Fa arg -argument is not exactly 12. -.It Dv EVP_CTRL_AEAD_SET_IVLEN -Instruct subsequent -.Xr EVP_EncryptInit_ex 3 , -.Xr EVP_DecryptInit_ex 3 , -or -.Xr EVP_CipherInit_ex 3 -to expect an -.Fa iv -argument shorter than the default of 12 bytes; the -.Fa arg -argument specifies the number of bytes to be used. -The initialization functions will only read -the specified smaller number of bytes from -.Fa iv -and internally zero-pad them on the left. -Using this is not recommended because it is likely more fragile -and less often tested than the equivalent method of simply providing -a full-sized -.Fa iv . -This control operation fails if -.Fa arg -is less than 1 or greater than 16. -.It Dv EVP_CTRL_INIT -Set the length of the initialization vector to the default value -of 12 bytes and clear the Poly1305 internal state. -The application program usually does not need to invoke this control -operation manually because it is automatically called internally by -.Xr EVP_EncryptInit_ex 3 , -.Xr EVP_DecryptInit_ex 3 , -and -.Xr EVP_CipherInit_ex 3 . -.El -.Sh RETURN VALUES -.Fn EVP_chacha20 -and -.Fn EVP_chacha20_poly1305 -return pointers to static -.Vt EVP_CIPHER -objects that contain the implementations of the symmetric cipher. -.Pp -If -.Fa ctx -was created from -.Fn EVP_chacha20 -or -.Fn EVP_chacha20_poly1305 , -.Xr EVP_CIPHER_CTX_ctrl 3 -returns 1 for success or 0 for failure. -.Sh SEE ALSO -.Xr ChaCha 3 , -.Xr evp 3 , -.Xr EVP_aead_chacha20_poly1305 3 , -.Xr EVP_CIPHER_meth_new 3 , -.Xr EVP_EncryptInit 3 -.Sh STANDARDS -.Rs -.%A A. Langley -.%A W. Chang -.%A N. Mavrogiannopoulos -.%A J. Strombergson -.%A S. Josefsson -.%D June 2016 -.%R RFC 7905 -.%T ChaCha20-Poly1305 Cipher Suites for Transport Layer Security (TLS) -.Re -.Sh HISTORY -.Fn EVP_chacha20 -first appeared in -.Ox 5.6 . -.Pp -.Fn EVP_chacha20_poly1305 -first appeared in OpenSSL 1.1.0 -.\" OpenSSL commit bd989745 Dec 9 21:30:56 2015 +0100 Andy Polyakov -and has been available since -.Ox 7.2 . -.Sh CAVEATS -The original publications and code by -.An Adam Langley -used a modified AEAD construction that is incompatible with the common -style used by AEAD in TLS and incompatible with RFC 7905: -.Pp -.Rs -.%A A. Langley -.%A W. Chang -.%D November 2013 -.%R draft-agl-tls-chacha20poly1305-04 -.%T ChaCha20 and Poly1305 based Cipher Suites for TLS -.Re -.Pp -.Rs -.%A Y. Nir -.%A A. Langley -.%D May 2018 -.%R RFC 8439 -.%T ChaCha20 and Poly1305 for IETF Protocols -.Re -.Pp -In particular, the original version used a nonce of 8 instead of 12 bytes. diff --git a/src/lib/libcrypto/man/EVP_des_cbc.3 b/src/lib/libcrypto/man/EVP_des_cbc.3 deleted file mode 100644 index 7c8a08c7db..0000000000 --- a/src/lib/libcrypto/man/EVP_des_cbc.3 +++ /dev/null @@ -1,230 +0,0 @@ -.\" $OpenBSD: EVP_des_cbc.3,v 1.2 2024/11/09 22:03:49 schwarze Exp $ -.\" full merge up to: -.\" OpenSSL EVP_desx_cbc.pod 8fa4d95e Oct 21 11:59:09 2017 +0900 -.\" selective merge up to: -.\" OpenSSL EVP_des.pod 7c6d372a Nov 20 13:20:01 2018 +0000 -.\" -.\" This file was written by Ronald Tse -.\" Copyright (c) 2017 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 9 2024 $ -.Dt EVP_DES_CBC 3 -.Os -.Sh NAME -.Nm EVP_des_cbc , -.Nm EVP_des_cfb , -.Nm EVP_des_cfb1 , -.Nm EVP_des_cfb8 , -.Nm EVP_des_cfb64 , -.Nm EVP_des_ecb , -.Nm EVP_des_ofb , -.Nm EVP_des_ede , -.Nm EVP_des_ede_cbc , -.Nm EVP_des_ede_cfb , -.Nm EVP_des_ede_cfb64 , -.Nm EVP_des_ede_ecb , -.Nm EVP_des_ede_ofb , -.Nm EVP_des_ede3 , -.Nm EVP_des_ede3_cbc , -.Nm EVP_des_ede3_cfb , -.Nm EVP_des_ede3_cfb1 , -.Nm EVP_des_ede3_cfb8 , -.Nm EVP_des_ede3_cfb64 , -.Nm EVP_des_ede3_ecb , -.Nm EVP_des_ede3_ofb , -.Nm EVP_desx_cbc -.Nd EVP DES cipher -.Sh SYNOPSIS -.In openssl/evp.h -.Ft const EVP_CIPHER * -.Fn EVP_des_cbc void -.Ft const EVP_CIPHER * -.Fn EVP_des_cfb void -.Ft const EVP_CIPHER * -.Fn EVP_des_cfb1 void -.Ft const EVP_CIPHER * -.Fn EVP_des_cfb8 void -.Ft const EVP_CIPHER * -.Fn EVP_des_cfb64 void -.Ft const EVP_CIPHER * -.Fn EVP_des_ecb void -.Ft const EVP_CIPHER * -.Fn EVP_des_ofb void -.Ft const EVP_CIPHER * -.Fn EVP_des_ede void -.Ft const EVP_CIPHER * -.Fn EVP_des_ede_cbc void -.Ft const EVP_CIPHER * -.Fn EVP_des_ede_cfb void -.Ft const EVP_CIPHER * -.Fn EVP_des_ede_cfb64 void -.Ft const EVP_CIPHER * -.Fn EVP_des_ede_ecb void -.Ft const EVP_CIPHER * -.Fn EVP_des_ede_ofb void -.Ft const EVP_CIPHER * -.Fn EVP_des_ede3 void -.Ft const EVP_CIPHER * -.Fn EVP_des_ede3_cbc void -.Ft const EVP_CIPHER * -.Fn EVP_des_ede3_cfb void -.Ft const EVP_CIPHER * -.Fn EVP_des_ede3_cfb1 void -.Ft const EVP_CIPHER * -.Fn EVP_des_ede3_cfb8 void -.Ft const EVP_CIPHER * -.Fn EVP_des_ede3_cfb64 void -.Ft const EVP_CIPHER * -.Fn EVP_des_ede3_ecb void -.Ft const EVP_CIPHER * -.Fn EVP_des_ede3_ofb void -.Ft const EVP_CIPHER * -.Fn EVP_desx_cbc void -.Sh DESCRIPTION -These functions provide the DES encryption algorithm in the -.Xr evp 3 -framework. -DES is a block cipher operating on 64 bit blocks. -The key length to be used for -.Xr EVP_EncryptInit 3 -is 64 bits. -However, only 56 of these bits are used in the encryption algorithm. -The least significant bit in each of the eight bytes is only used -for checking parity. -Using this algorithm is discouraged because the short key length -makes it vulnerable to brute force attacks. -.Pp -.Fn EVP_des_cbc , -.Fn EVP_des_cfb1 , -.Fn EVP_des_cfb8 , -.Fn EVP_des_cfb64 , -.Fn EVP_des_ecb , -and -.Fn EVP_des_ofb -provide DES in CBC, CFB with 1-bit shift, CFB with 8-bit shift, -CFB with 64-bit shift, ECB, and OFB modes. -.Fn EVP_des_cfb -is an alias for -.Fn EVP_des_cfb64 , -implemented as a macro. -.Pp -.Fn EVP_des_ede_cbc , -.Fn EVP_des_ede_cfb64 , -.Fn EVP_des_ede_ecb , -and -.Fn EVP_des_ede_ofb -provide two key triple DES in CBC, CFB with 64-bit shift, ECB, and OFB modes. -.Fn EVP_des_ede_cfb -is an alias for -.Fn EVP_des_ede_cfb64 , -implemented as a macro. -.Fn EVP_des_ede -is an alias for -.Fn EVP_des_ede_ecb . -.Pp -.Fn EVP_des_ede3_cbc , -.Fn EVP_des_ede3_cfb1 , -.Fn EVP_des_ede3_cfb8 , -.Fn EVP_des_ede3_cfb64 , -.Fn EVP_des_ede3_ecb , -.Fn EVP_des_ede3_ofb -provide three key triple DES in CBC, CFB with 1-bit shift, CFB with 8-bit -shift, CFB with 64-bit shift, ECB, and OFB modes. -.Fn EVP_des_ede3_cfb -is an alias for -.Fn EVP_des_ede3_cfb64 , -implemented as a macro. -.Fn EVP_des_ede3 -is an alias for -.Fn EVP_des_ede3_ecb . -.Pp -.Fn EVP_desx_cbc -provides the DES-X encryption algorithm in CBC mode. -It uses a key length of 128 bits and acts on blocks of 128 bits. -.Sh RETURN VALUES -These functions return an -.Vt EVP_CIPHER -structure that provides the implementation of the symmetric cipher. -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_EncryptInit 3 -.Sh HISTORY -.Fn EVP_des_cbc , -.Fn EVP_des_cfb , -.Fn EVP_des_ecb , -.Fn EVP_des_ofb , -.Fn EVP_des_ede , -.Fn EVP_des_ede_cbc , -.Fn EVP_des_ede_cfb , -.Fn EVP_des_ede_ofb , -.Fn EVP_des_ede3 , -.Fn EVP_des_ede3_cbc , -.Fn EVP_des_ede3_cfb , -and -.Fn EVP_des_ede3_ofb -first appeared in SSLeay 0.5.1. -.Fn EVP_desx_cbc -first appeared in SSLeay 0.6.2. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn EVP_des_ede_ecb -and -.Fn EVP_des_ede3_ecb -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Pp -.Fn EVP_des_cfb1 , -.Fn EVP_des_cfb8 , -.Fn EVP_des_cfb64 , -.Fn EVP_des_ede_cfb64 , -.Fn EVP_des_ede3_cfb1 , -.Fn EVP_des_ede3_cfb8 , -and -.Fn EVP_des_ede3_cfb64 -first appeared in OpenSSL 0.9.7e and have been available since -.Ox 3.8 . diff --git a/src/lib/libcrypto/man/EVP_rc2_cbc.3 b/src/lib/libcrypto/man/EVP_rc2_cbc.3 deleted file mode 100644 index 38c8184260..0000000000 --- a/src/lib/libcrypto/man/EVP_rc2_cbc.3 +++ /dev/null @@ -1,201 +0,0 @@ -.\" $OpenBSD: EVP_rc2_cbc.3,v 1.1 2024/12/08 17:41:23 schwarze Exp $ -.\" -.\" Copyright (c) 2024 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: December 8 2024 $ -.Dt EVP_RC2_CBC 3 -.Os -.Sh NAME -.Nm EVP_rc2_cbc , -.Nm EVP_rc2_ecb , -.Nm EVP_rc2_cfb64 , -.Nm EVP_rc2_cfb , -.Nm EVP_rc2_ofb , -.Nm EVP_rc2_40_cbc , -.Nm EVP_rc2_64_cbc -.Nd Rivest Cipher 2 in the EVP framework -.Sh SYNOPSIS -.In openssl/evp.h -.Ft const EVP_CIPHER * -.Fn EVP_rc2_cbc void -.Ft const EVP_CIPHER * -.Fn EVP_rc2_ecb void -.Ft const EVP_CIPHER * -.Fn EVP_rc2_cfb64 void -.Ft const EVP_CIPHER * -.Fn EVP_rc2_cfb void -.Ft const EVP_CIPHER * -.Fn EVP_rc2_ofb void -.Ft const EVP_CIPHER * -.Fn EVP_rc2_40_cbc void -.Ft const EVP_CIPHER * -.Fn EVP_rc2_64_cbc void -.In openssl/rc2.h -.Fd #define RC2_BLOCK 8 -.Fd #define RC2_KEY_LENGTH 16 -.Sh DESCRIPTION -RC2 is a block cipher operating on blocks of -.Dv RC2_BLOCK No = 8 -bytes, equivalent to 64 bits, using a variable -.Fa key -length with an additional parameter called -.Dq effective key bits -or -.Dq effective key length . -.Pp -.Fn EVP_rc2_cbc , -.Fn EVP_rc2_ecb , -.Fn EVP_rc2_cfb64 , -and -.Fn EVP_rc2_ofb -provide the RC2 encryption algorithm in CBC, ECB, CFB and OFB mode, -respectively. -.Fn EVP_rc2_cfb -is an alias for -.Fn EVP_rc2_cfb64 , -implemented as a macro. -.Pp -By default, these functions set both the key length -and the effective key length to -.Dv RC2_KEY_LENGTH No = 16 -bytes, which is not a very useful value because it is quite short. -.Pp -Configuring normally requires a multi-step process: -.Bl -enum -width 2n -.It -Create a new, empty -.Vt EVP_CIPHER_CTX -object with -.Xr EVP_CIPHER_CTX_new 3 . -.It -Select the operation mode by calling -.Xr EVP_EncryptInit 3 -with the desired -.Fa type -argument, passing -.Dv NULL -pointers for the -.Fa key -and -.Fa iv -arguments. -.It -Select the -.Fa key -length by passing the desired number of bytes to -.Xr EVP_CIPHER_CTX_set_key_length 3 . -Doing so overrides the default key length of -.Dv RC2_KEY_LENGTH No = 16 . -Valid values for -.Fa keylen -are positive and less than or equal to 128. -.It -Select the effective key length by calling -.Xr EVP_CIPHER_CTX_ctrl 3 -with a -.Fa type -argument of -.Dv EVP_CTRL_SET_RC2_KEY_BITS , -passing the desired number of bits in -.Fa arg . -Doing so overrides the default effective key length of 128 bits. -Valid values for -.Fa arg -are positive and less than or equal to 1024. -The -.Fa ptr -argument is ignored; passing -.Dv NULL -is recommended. -.It -Call -.Xr EVP_EncryptInit 3 -a second time, this time passing -.Dv NULL -for the type argument. -The -.Fa key -argument points to an array containing the number of bytes that was passed to -.Xr EVP_CIPHER_CTX_set_key_length 3 , -and the -.Fa iv -argument points to an array of eight bytes. -.It -Finally, -.Xr EVP_EncryptUpdate 3 -and -.Xr EVP_EncryptFinal 3 -can be used in the normal way. -.El -.Pp -Once a -.Fa ctx -object is fully configured, calling -.Xr EVP_CIPHER_CTX_ctrl 3 -with a -.Fa type -argument of -.Dv EVP_CTRL_GET_RC2_KEY_BITS -interprets -.Fa ptr -as a pointer to -.Vt int -and stores the effective key length in bits at that location. -In this case, -.Fa arg -is ignored and passing 0 is recommended. -.Pp -In the CFB and OFB modes, the minimum required total length in bytes -of the output buffer is equal to the total number of input bytes to -be encoded. -In the CBC and ECB modes, the minimum required total length -of the output buffer has to be rounded up to the next multiple -of the block size of eight bytes. -.Pp -.Fn EVP_rc2_40_cbc -and -.Fn EVP_rc2_64_cbc -are obsolete functions that provide the RC2 algorithm in CBC mode -with a key length and an effective key length of 40 and 64 bits, -respectively. -.Sh RETURN VALUES -With the -.Vt EVP_CIPHER -objects documented in the present manual page, -.Fn EVP_CIPHER_CTX_ctrl -returns 1 for success or 0 if an error occurs. -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_CIPHER_CTX_set_key_length 3 , -.Xr EVP_EncryptInit 3 , -.Xr RC2_encrypt 3 -.Sh HISTORY -.Fn EVP_rc2_cbc , -.Fn EVP_rc2_ecb , -.Fn EVP_rc2_cfb , -and -.Fn EVP_rc2_ofb -first appeared in SSLeay 0.5.2 and have been available since -.Ox 2.4 . -.Pp -.Fn EVP_rc2_40_cbc -and -.Fn EVP_rc2_64_cbc -first appeared in SSLeay 0.9.1 and have been available since -.Ox 2.6 . -.Pp -.Fn EVP_rc2_cfb64 -first appeared in OpenSSL 0.9.7e and has been available since -.Ox 3.8 . diff --git a/src/lib/libcrypto/man/EVP_rc4.3 b/src/lib/libcrypto/man/EVP_rc4.3 deleted file mode 100644 index fda041113c..0000000000 --- a/src/lib/libcrypto/man/EVP_rc4.3 +++ /dev/null @@ -1,109 +0,0 @@ -.\" $OpenBSD: EVP_rc4.3,v 1.1 2019/03/21 13:37:25 schwarze Exp $ -.\" full merge up to: OpenSSL 8fa4d95e Oct 21 11:59:09 2017 +0900 -.\" -.\" This file was written by Ronald Tse -.\" Copyright (c) 2017 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 21 2019 $ -.Dt EVP_RC4 3 -.Os -.Sh NAME -.Nm EVP_rc4 , -.Nm EVP_rc4_40 , -.Nm EVP_rc4_hmac_md5 -.Nd EVP RC4 stream cipher -.Sh SYNOPSIS -.In openssl/evp.h -.Ft const EVP_CIPHER * -.Fn EVP_rc4 void -.Ft const EVP_CIPHER * -.Fn EVP_rc4_40 void -.Ft const EVP_CIPHER * -.Fn EVP_rc4_hmac_md5 void -.Sh DESCRIPTION -These functions provide the RC4 stream cipher in the -.Xr evp 3 -framework. -It is a variable key length cipher. -.Pp -.Fn EVP_rc4 -uses a default key length of 128 bits. -.Pp -.Fn EVP_rc4_40 -uses a key length of 40 bits instead. -This function is deprecated. -Use -.Fn EVP_rc4 -and -.Xr EVP_CIPHER_CTX_set_key_length 3 -instead. -.Pp -.Fn EVP_rc4_hmac_md5 -provides authenticated encryption with the RC4 stream cipher -with MD5 as HMAC. -This function is not intended for usage outside of TLS -and requires calling of some undocumented control functions. -It does not conform to the EVP AEAD interface. -.Sh RETURN VALUES -These functions return an -.Vt EVP_CIPHER -structure that provides the implementation of the symmetric cipher. -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_EncryptInit 3 -.Sh HISTORY -.Fn EVP_rc4 -first appeared in SSLeay 0.5.1 -and -.Fn EVP_rc4_40 -in OpenSSL 0.9.1. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn EVP_rc4_hmac_md5 -first appeared in OpenSSL 1.0.1 and has been available since -.Ox 5.3 . diff --git a/src/lib/libcrypto/man/EVP_sha1.3 b/src/lib/libcrypto/man/EVP_sha1.3 deleted file mode 100644 index b28c9f54c3..0000000000 --- a/src/lib/libcrypto/man/EVP_sha1.3 +++ /dev/null @@ -1,120 +0,0 @@ -.\" $OpenBSD: EVP_sha1.3,v 1.2 2024/03/05 17:21:40 tb Exp $ -.\" -.\" Copyright (c) 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 5 2024 $ -.Dt EVP_SHA1 3 -.Os -.Sh NAME -.Nm EVP_sha1 , -.Nm EVP_md5 , -.Nm EVP_md5_sha1 , -.Nm EVP_md4 -.Nd legacy message digest algorithms -.Sh SYNOPSIS -.In openssl/evp.h -.Ft const EVP_MD * -.Fn EVP_sha1 void -.Ft const EVP_MD * -.Fn EVP_md5 void -.Ft const EVP_MD * -.Fn EVP_md5_sha1 void -.Ft const EVP_MD * -.Fn EVP_md4 void -.Sh DESCRIPTION -The following message digest algorithms are cryptographically broken. -None of them should be used in new code unless there is no way around it. -.Pp -.Fn EVP_sha1 -implements the SHA-1 algorithm and produces 160 bits of output -from a given input. -Examples of protocols and software still requiring it -include OCSP, DNS, and the -.Sy git -version control system. -.Pp -.Fn EVP_md5 -implements the MD5 algorithm and produces 128 bits of output -from a given input. -It is still occasionally used when no security is required -but a fast hash algorithm is beneficial. -.Pp -.Fn EVP_md5_sha1 -produces concatenated MD5 and SHA-1 message digests. -Do not use this except where it is required for the historic SSLv3 protocol. -.Pp -.Fn EVP_md4 -implements the MD4 algorithm and produces 128 bits of output -from a given input. -It has been marked as -.Dq historic -by the Internet Engineering Task Force since 2011. -.Sh RETURN VALUES -These functions return pointers to static -.Vt EVP_MD -objects implementing the hash functions. -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_DigestInit 3 -.Sh STANDARDS -.Rs -.%A T. Polk -.%A L. Chen -.%A S. Turner -.%A P. Hoffman -.%T Security Considerations for the SHA-0 and SHA-1 Message-Digest Algorithms -.%R RFC 6194 -.%D March 2011 -.Re -.Pp -.Rs -.%A S. Turner -.%A L. Chen -.%T Updated Security Considerations for the MD5 Message-Digest\ - and the HMAC-MD5 Algorithms -.%R RFC 6151 -.%D March 2011 -.Re -.Pp -.Rs -.%A S. Turner -.%A L. Chen -.%T MD4 to Historic Status -.%R RFC 6150 -.%D March 2011 -.Re -.Pp -.Rs -.%A P. Kocher -.%A P. Karlton -.%A A. Freier -.%T The Secure Sockets Layer (SSL) Protocol Version 3.0 -.%R RFC 6101 -.%D August 2011 -.Re -.Sh HISTORY -.Fn EVP_sha1 -and -.Fn EVP_md5 -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . -.Pp -.Fn EVP_md4 -first appeared in OpenSSL 0.9.6 and has been available since -.Ox 2.9 . -.Pp -.Fn EVP_md5_sha1 -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 6.3 . diff --git a/src/lib/libcrypto/man/EVP_sha3_224.3 b/src/lib/libcrypto/man/EVP_sha3_224.3 deleted file mode 100644 index 3c21ae1a09..0000000000 --- a/src/lib/libcrypto/man/EVP_sha3_224.3 +++ /dev/null @@ -1,91 +0,0 @@ -.\" $OpenBSD: EVP_sha3_224.3,v 1.3 2024/03/05 17:21:40 tb Exp $ -.\" selective merge up to: OpenSSL bbda8ce9 Oct 31 15:43:01 2017 +0800 -.\" -.\" This file was written by Ronald Tse . -.\" Copyright (c) 2017 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 5 2024 $ -.Dt EVP_SHA3_224 3 -.Os -.Sh NAME -.Nm EVP_sha3_224 , -.Nm EVP_sha3_256 , -.Nm EVP_sha3_384 , -.Nm EVP_sha3_512 -.Nd Secure Hash Algorithm 3 for EVP -.Sh SYNOPSIS -.In openssl/evp.h -.Ft const EVP_MD * -.Fn EVP_sha3_224 void -.Ft const EVP_MD * -.Fn EVP_sha3_256 void -.Ft const EVP_MD * -.Fn EVP_sha3_384 void -.Ft const EVP_MD * -.Fn EVP_sha3_512 void -.Sh DESCRIPTION -SHA-3 (Secure Hash Algorithm 3) is a family of cryptographic hash -functions standardized in NIST FIPS 202, first published in 2015. -It is based on the Keccak algorithm. -.Pp -.Fn EVP_sha3_224 , -.Fn EVP_sha3_256 , -.Fn EVP_sha3_384 , -and -.Fn EVP_sha3_512 -implement the SHA3-224, SHA3-256, SHA3-384, and SHA3-512 algorithms -and produce 224, 256, 384 and 512 bits of output from a given input, -respectively. -.Sh RETURN VALUES -These functions return pointers to static -.Vt EVP_MD -objects implementing the hash functions. -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_DigestInit 3 -.Sh STANDARDS -NIST FIPS 202 diff --git a/src/lib/libcrypto/man/EVP_sm3.3 b/src/lib/libcrypto/man/EVP_sm3.3 deleted file mode 100644 index aa6789f249..0000000000 --- a/src/lib/libcrypto/man/EVP_sm3.3 +++ /dev/null @@ -1,82 +0,0 @@ -.\" $OpenBSD: EVP_sm3.3,v 1.1 2019/08/25 17:08:20 schwarze Exp $ -.\" full merge up to: OpenSSL 21ebd2fc Aug 24 20:38:04 2018 +0800 -.\" -.\" This file was written by Jack Lloyd -.\" and Ronald Tse . -.\" Copyright (c) 2017 The OpenSSL Project. All rights reserved. -.\" Copyright (c) 2017 Ribose Inc. All Rights Reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: August 25 2019 $ -.Dt EVP_SM3 3 -.Os -.Sh NAME -.Nm EVP_sm3 -.Nd SM3 hash function for EVP -.Sh SYNOPSIS -.In openssl/evp.h -.Ft const EVP_MD * -.Fn EVP_sm3 void -.Sh DESCRIPTION -SM3 is a cryptographic hash function with a 256-bit output. -It is part of the Chinese -.Dq Commercial Cryptography -suite of algorithms which is required -for certain commercial applications in China. -.Sh RETURN VALUES -.Fn EVP_sm3 -returns a pointer to a static -.Vt EVP_MD -object implementing the SM3 hash function. -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_DigestInit 3 -.Sh STANDARDS -GB/T 32905-2016 and GM/T 0004-2012 -.Sh HISTORY -.Fn EVP_sm3 -first appeared in OpenSSL 1.1.1 and has been available since -.Ox 6.5 . diff --git a/src/lib/libcrypto/man/EVP_sm4_cbc.3 b/src/lib/libcrypto/man/EVP_sm4_cbc.3 deleted file mode 100644 index 0605a52faa..0000000000 --- a/src/lib/libcrypto/man/EVP_sm4_cbc.3 +++ /dev/null @@ -1,82 +0,0 @@ -.\" $OpenBSD: EVP_sm4_cbc.3,v 1.2 2023/11/16 20:27:43 schwarze Exp $ -.\" full merge up to: OpenSSL 87103969 Oct 1 14:11:57 2018 -0700 -.\" -.\" Copyright (c) 2017 Ribose Inc -.\" Copyright (c) 2019 Ingo Schwarze -.\" The original version of this file -.\" was written by Ronald Tse . -.\" -.\" Permission to use, copy, modify, and/or distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: November 16 2023 $ -.Dt EVP_SM4_CBC 3 -.Os -.Sh NAME -.Nm EVP_sm4_cbc , -.Nm EVP_sm4_ecb , -.Nm EVP_sm4_cfb , -.Nm EVP_sm4_cfb128 , -.Nm EVP_sm4_ofb , -.Nm EVP_sm4_ctr -.Nd EVP SM4 cipher -.Sh SYNOPSIS -.In openssl/evp.h -.Ft const EVP_CIPHER * -.Fn EVP_sm4_cbc void -.Ft const EVP_CIPHER * -.Fn EVP_sm4_ecb void -.Ft const EVP_CIPHER * -.Fn EVP_sm4_cfb void -.Ft const EVP_CIPHER * -.Fn EVP_sm4_cfb128 void -.Ft const EVP_CIPHER * -.Fn EVP_sm4_ofb void -.Ft const EVP_CIPHER * -.Fn EVP_sm4_ctr void -.Sh DESCRIPTION -These functions provide the SM4 blockcipher in the -.Xr evp 3 -framework. -.Pp -All modes use a key length of 128 bits and act on blocks of 128 -bits. -.Pp -.Fn EVP_sm4_cfb -is an alias for -.Fn EVP_sm4_cfb128 , -implemented as a macro. -.Pp -With an argument of -.Qq sm4 -or -.Qq SM4 , -.Xr EVP_get_cipherbyname 3 -returns -.Fn EVP_sm4_cbc . -.Sh RETURN VALUES -These functions return an -.Vt EVP_CIPHER -structure that provides the implementation of the symmetric cipher. -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_EncryptInit 3 -.Sh STANDARDS -.Rs -.%T Information security technology - SM4 block cipher algorithm -.%I National Standards of People's Republic of China -.%N GB/T 32907-2016 -.%D August 29, 2016 -.Re -.Sh HISTORY -These functions appeared in OpenSSL 1.1.1 and have been available since -.Ox 6.5 . diff --git a/src/lib/libcrypto/man/EXTENDED_KEY_USAGE_new.3 b/src/lib/libcrypto/man/EXTENDED_KEY_USAGE_new.3 deleted file mode 100644 index 3d1ed17ff3..0000000000 --- a/src/lib/libcrypto/man/EXTENDED_KEY_USAGE_new.3 +++ /dev/null @@ -1,84 +0,0 @@ -.\" $OpenBSD: EXTENDED_KEY_USAGE_new.3,v 1.6 2021/10/27 11:24:47 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: October 27 2021 $ -.Dt EXTENDED_KEY_USAGE_NEW 3 -.Os -.Sh NAME -.Nm EXTENDED_KEY_USAGE_new , -.Nm EXTENDED_KEY_USAGE_free -.Nd X.509 key usage restrictions -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft EXTENDED_KEY_USAGE -.Fn EXTENDED_KEY_USAGE_new void -.Ft void -.Fn EXTENDED_KEY_USAGE_free "EXTENDED_KEY_USAGE *eku" -.Sh DESCRIPTION -By using the key usage extension, the extended key usage extension, -or both of them, -.Vt X509 -end entity certificates may indicate that the key contained in them -is only intended to be used for the specified purposes. -If both extensions are present, only uses compatible with both -extensions are intended. -.Pp -.Fn EXTENDED_KEY_USAGE_new -allocates and initializes an empty -.Vt EXTENDED_KEY_USAGE -object, which is a -.Vt STACK_OF(ASN1_OBJECT) -and represents an ASN.1 -.Vt ExtKeyUsageSyntax -structure defined in RFC 5280 section 4.2.1.12. -It can hold key purpose identifiers. -.Pp -.Fn EXTENDED_KEY_USAGE_free -frees -.Fa eku . -.Pp -The key usage extension uses the ASN.1 BIT STRING data type -and doesn't require any dedicated object. -.Sh RETURN VALUES -.Fn EXTENDED_KEY_USAGE_new -returns the new -.Vt EXTENDED_KEY_USAGE -object or -.Dv NULL -if an error occurs. -.Sh SEE ALSO -.Xr BASIC_CONSTRAINTS_new 3 , -.Xr d2i_EXTENDED_KEY_USAGE 3 , -.Xr POLICYINFO_new 3 , -.Xr X509_check_purpose 3 , -.Xr X509_EXTENSION_new 3 , -.Xr X509_get_extension_flags 3 , -.Xr X509_new 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile: -.Bl -dash -compact -.It -section 4.2.1.3: Key Usage -.It -section 4.2.1.12: Extended Key Usage -.El -.Sh HISTORY -.Fn EXTENDED_KEY_USAGE_new -and -.Fn EXTENDED_KEY_USAGE_free -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/GENERAL_NAME_new.3 b/src/lib/libcrypto/man/GENERAL_NAME_new.3 deleted file mode 100644 index a6b7ee56da..0000000000 --- a/src/lib/libcrypto/man/GENERAL_NAME_new.3 +++ /dev/null @@ -1,165 +0,0 @@ -.\" $OpenBSD: GENERAL_NAME_new.3,v 1.6 2019/06/06 01:06:58 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: June 6 2019 $ -.Dt GENERAL_NAME_NEW 3 -.Os -.Sh NAME -.Nm GENERAL_NAME_new , -.Nm GENERAL_NAME_free , -.Nm GENERAL_NAMES_new , -.Nm GENERAL_NAMES_free , -.Nm EDIPARTYNAME_new , -.Nm EDIPARTYNAME_free , -.Nm OTHERNAME_new , -.Nm OTHERNAME_free -.Nd names for use in X.509 extensions -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft GENERAL_NAME * -.Fn GENERAL_NAME_new void -.Ft void -.Fn GENERAL_NAME_free "GENERAL_NAME *name" -.Ft GENERAL_NAMES * -.Fn GENERAL_NAMES_new void -.Ft void -.Fn GENERAL_NAMES_free "GENERAL_NAMES *names" -.Ft EDIPARTYNAME * -.Fn EDIPARTYNAME_new void -.Ft void -.Fn EDIPARTYNAME_free "EDIPARTYNAME *name" -.Ft OTHERNAME * -.Fn OTHERNAME_new void -.Ft void -.Fn OTHERNAME_free "OTHERNAME *name" -.Sh DESCRIPTION -Even though the X.501 -.Vt Name -documented in -.Xr X509_NAME_new 3 -is a complicated multi-layered structure, it is very rigid and not -flexible enough to represent various entities that many people want -to use as names in certificates. -For that reason, X.509 extensions use the X.509 -.Vt GeneralName -wrapper structure rather than using the X.501 -.Vt Name -structure directly, at the expense of adding one or two additional -layers of indirection. -.Pp -.Fn GENERAL_NAME_new -allocates and initializes an empty -.Vt GENERAL_NAME -object, representing the ASN.1 -.Vt GeneralName -structure defined in RFC 5280 section 4.2.1.6. -It can for example hold an -.Vt X509_name -object, an IP address, a DNS host name, a uniform resource identifier, -an email address, or an -.Vt EDIPARTYNAME -or -.Vt OTHERNAME -object described below. -.Fn GENERAL_NAME_free -frees -.Fa name . -.Pp -.Fn GENERAL_NAMES_new -allocates and initializes an empty -.Vt GENERAL_NAMES -object, which is a -.Vt STACK_OF(GENERAL_NAME) -and represents the ASN.1 -.Vt GeneralNames -structure defined in RFC 5280 section 4.2.1.6. -It is used by extension structures that can contain multiple names, -for example key identifier, alternative name, and distribution point -extensions. -.Fn GENERAL_NAMES_free -frees -.Fa names . -.Pp -.Fn EDIPARTYNAME_new -allocates and initializes an empty -.Vt EDIPARTYNAME -object, representing the ASN.1 -.Vt EDIPartyName -structure defined in RFC 5280 section 4.2.1.6, where -.Dq EDI -stands for -.Dq electronic data identifier . -It can hold two strings, the name itself and the name of the authority -that assigned that name. -.Fn EDIPARTYNAME_free -frees -.Fa name . -.Pp -.Fn OTHERNAME_new -allocates and initializes an empty -.Vt OTHERNAME -object, representing the ASN.1 -.Vt OtherName -structure defined in RFC 5280 section 4.2.1.6. -It can hold data of any -.Vt ASN1_TYPE -together with a type identifier. -.Fn OTHERNAME_free -frees -.Fa name . -.Sh RETURN VALUES -.Fn GENERAL_NAME_new , -.Fn GENERAL_NAMES_new , -.Fn EDIPARTYNAME_new , -and -.Fn OTHERNAME_new -return a new -.Vt GENERAL_NAME , -.Vt GENERAL_NAMES , -.Vt EDIPARTYNAME , -or -.Vt OTHERNAME -object or -.Dv NULL -if an error occurs. -.Sh SEE ALSO -.Xr d2i_GENERAL_NAME 3 , -.Xr X509_EXTENSION_new 3 , -.Xr X509_NAME_new 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile, -section 4.2: Certificate Extensions -.Sh HISTORY -.Fn GENERAL_NAME_new , -.Fn GENERAL_NAME_free , -.Fn GENERAL_NAMES_new , -and -.Fn GENERAL_NAMES_free -first appeared in OpenSSL 0.9.2b and have been available since -.Ox 2.6 . -.Pp -.Fn OTHERNAME_new -and -.Fn OTHERNAME_free -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . -.Pp -.Fn EDIPARTYNAME_new -and -.Fn EDIPARTYNAME_free -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/HMAC.3 b/src/lib/libcrypto/man/HMAC.3 deleted file mode 100644 index a515014fca..0000000000 --- a/src/lib/libcrypto/man/HMAC.3 +++ /dev/null @@ -1,324 +0,0 @@ -.\" $OpenBSD: HMAC.3,v 1.23 2024/08/29 20:21:53 tb Exp $ -.\" full merge up to: OpenSSL crypto/hmac a528d4f0 Oct 27 13:40:11 2015 -0400 -.\" selective merge up to: OpenSSL man3/HMAC b3696a55 Sep 2 09:35:50 2017 -0400 -.\" -.\" This file was written by Ulf Moeller , -.\" Richard Levitte , and -.\" Matt Caswell . -.\" Copyright (c) 2000-2002, 2006, 2008, 2009, 2013, 2015, 2016 -.\" The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: August 29 2024 $ -.Dt HMAC 3 -.Os -.Sh NAME -.Nm HMAC , -.Nm HMAC_CTX_new , -.Nm HMAC_CTX_reset , -.Nm HMAC_CTX_free , -.Nm HMAC_Init_ex , -.Nm HMAC_Update , -.Nm HMAC_Final , -.Nm HMAC_CTX_copy , -.Nm HMAC_CTX_set_flags , -.Nm HMAC_CTX_get_md , -.Nm HMAC_size -.Nd HMAC message authentication code -.Sh SYNOPSIS -.In openssl/hmac.h -.Ft unsigned char * -.Fo HMAC -.Fa "const EVP_MD *evp_md" -.Fa "const void *key" -.Fa "int key_len" -.Fa "const unsigned char *d" -.Fa "size_t n" -.Fa "unsigned char *md" -.Fa "unsigned int *md_len" -.Fc -.Ft HMAC_CTX * -.Fn HMAC_CTX_new void -.Ft int -.Fo HMAC_CTX_reset -.Fa "HMAC_CTX *ctx" -.Fc -.Ft void -.Fo HMAC_CTX_free -.Fa "HMAC_CTX *ctx" -.Fc -.Ft int -.Fo HMAC_Init_ex -.Fa "HMAC_CTX *ctx" -.Fa "const void *key" -.Fa "int key_len" -.Fa "const EVP_MD *md" -.Fa "ENGINE *engine" -.Fc -.Ft int -.Fo HMAC_Update -.Fa "HMAC_CTX *ctx" -.Fa "const unsigned char *data" -.Fa "size_t len" -.Fc -.Ft int -.Fo HMAC_Final -.Fa "HMAC_CTX *ctx" -.Fa "unsigned char *md" -.Fa "unsigned int *len" -.Fc -.Ft int -.Fo HMAC_CTX_copy -.Fa "HMAC_CTX *dctx" -.Fa "HMAC_CTX *sctx" -.Fc -.Ft void -.Fo HMAC_CTX_set_flags -.Fa "HMAC_CTX *ctx" -.Fa "unsigned long flags" -.Fc -.Ft const EVP_MD * -.Fo HMAC_CTX_get_md -.Fa "const HMAC_CTX *ctx" -.Fc -.Ft size_t -.Fo HMAC_size -.Fa "const HMAC_CTX *e" -.Fc -.Sh DESCRIPTION -HMAC is a MAC (message authentication code), i.e. a keyed hash -function used for message authentication, which is based on a hash -function. -.Pp -.Fn HMAC -computes the message authentication code of the -.Fa n -bytes at -.Fa d -using the hash function -.Fa evp_md -and the key -.Fa key -which is -.Fa key_len -bytes long. -.Pp -It places the result in -.Fa md , -which must have space for the output of the hash function, which is no -more than -.Dv EVP_MAX_MD_SIZE -bytes. -The size of the output is placed in -.Fa md_len , -unless it is -.Dv NULL . -.Pp -.Fa evp_md -can be -.Xr EVP_sha1 3 , -.Xr EVP_ripemd160 3 , -etc. -.Pp -.Fn HMAC_CTX_new -allocates and initializes a new -.Vt HMAC_CTX -object. -.Pp -.Fn HMAC_CTX_reset -zeroes and re-initializes -.Fa ctx -and associated resources, making it suitable for new computations -as if it was deleted with -.Fn HMAC_CTX_free -and newly created with -.Fn HMAC_CTX_new . -.Pp -.Fn HMAC_CTX_free -erases the key and other data from -.Fa ctx , -releases any associated resources, and finally frees -.Fa ctx -itself. -.Pp -The following functions may be used if the message is not completely -stored in memory: -.Pp -.Fn HMAC_Init_ex -sets up or reuses -.Fa ctx -to use the hash function -.Fa evp_md -and the key -.Fa key . -Either can be -.Dv NULL , -in which case the existing one is reused. -The -.Fa ctx -must have been created with -.Fn HMAC_CTX_new -before the first use in this function. -If -.Fn HMAC_Init_ex -is called with a -.Dv NULL -.Fa key -but -.Fa evp_md -is neither -.Dv NULL -nor the same as the previous digest used by -.Fa ctx , -then an error is returned because reuse of an existing key with a -different digest is not supported. -The -.Fa ENGINE *engine -argument is always ignored and passing -.Dv NULL -is recommended. -.Pp -.Fn HMAC_Update -can be called repeatedly with chunks of the message to be authenticated -.Pq Fa len No bytes at Fa data . -.Pp -.Fn HMAC_Final -places the message authentication code in -.Fa md , -which must have space for the hash function output. -.Pp -.Fn HMAC_CTX_copy -copies all of the internal state from -.Fa sctx -into -.Fa dctx . -.Pp -.Fn HMAC_CTX_set_flags -applies the specified flags to the internal -.Vt EVP_MD_CTX -objects. -Possible flag values -.Dv EVP_MD_CTX_FLAG_* -are defined in -.In openssl/evp.h . -.Pp -.Fn HMAC_size -returns the length in bytes of the underlying hash function output. -It is implemented as a macro. -.Sh RETURN VALUES -.Fn HMAC -returns a pointer to the message authentication code or -.Dv NULL -if an error occurred. -.Pp -.Fn HMAC_CTX_new -returns a pointer to the new -.Vt HMAC_CTX -object or -.Dv NULL -if an error occurred. -.Pp -.Fn HMAC_CTX_reset , -.Fn HMAC_Init_ex , -.Fn HMAC_Update , -.Fn HMAC_Final , -and -.Fn HMAC_CTX_copy -return 1 for success or 0 if an error occurred. -.Pp -.Fn HMAC_CTX_get_md -returns the message digest that was previously set for -.Fa ctx -with -.Fn HMAC_Init_ex , -or -.Dv NULL -if none was set. -.Pp -.Fn HMAC_size -returns the length in bytes of the underlying hash function output -or 0 on error. -.Sh SEE ALSO -.Xr CMAC_Init 3 , -.Xr EVP_DigestInit 3 -.Sh STANDARDS -RFC 2104 -.Sh HISTORY -.Fn HMAC , -.Fn HMAC_Update , -.Fn HMAC_Final , -and -.Fn HMAC_size -first appeared in SSLeay 0.9.0 and have been available since -.Ox 2.4 . -.Pp -.Fn HMAC_Init_ex -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Pp -.Fn HMAC_CTX_set_flags -first appeared in OpenSSL 0.9.7f and have been available since -.Ox 3.8 . -.Pp -.Fn HMAC_CTX_copy -first appeared in OpenSSL 1.0.0 and has been available since -.Ox 4.9 . -.Pp -.Fn HMAC_CTX_new , -.Fn HMAC_CTX_reset , -.Fn HMAC_CTX_free , -and -.Fn HMAC_CTX_get_md -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 6.3 . -.Sh CAVEATS -Other implementations allow -.Fa md -in -.Fn HMAC -to be -.Dv NULL -and return a static array, which is not thread safe. diff --git a/src/lib/libcrypto/man/IPAddressRange_new.3 b/src/lib/libcrypto/man/IPAddressRange_new.3 deleted file mode 100644 index a812107cdf..0000000000 --- a/src/lib/libcrypto/man/IPAddressRange_new.3 +++ /dev/null @@ -1,525 +0,0 @@ -.\" $OpenBSD: IPAddressRange_new.3,v 1.9 2023/10/03 09:58:06 tb Exp $ -.\" -.\" Copyright (c) 2023 Theo Buehler -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: October 3 2023 $ -.Dt IPADDRESSRANGE_NEW 3 -.Os -.Sh NAME -.Nm IPAddressRange_new , -.Nm IPAddressRange_free , -.Nm d2i_IPAddressRange , -.Nm i2d_IPAddressRange , -.Nm IPAddressOrRange_new , -.Nm IPAddressOrRange_free , -.Nm d2i_IPAddressOrRange , -.Nm i2d_IPAddressOrRange , -.Nm IPAddressChoice_new , -.Nm IPAddressChoice_free , -.Nm d2i_IPAddressChoice , -.Nm i2d_IPAddressChoice , -.Nm IPAddressFamily_new , -.Nm IPAddressFamily_free , -.Nm d2i_IPAddressFamily , -.Nm i2d_IPAddressFamily -.Nd RFC 3779 IP address prefixes and ranges -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft "IPAddressRange *" -.Fn IPAddressRange_new void -.Ft void -.Fn IPAddressRange_free "IPAddressRange *range" -.Ft IPAddressRange * -.Fo d2i_IPAddressRange -.Fa "IPAddressRange **range" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_IPAddressRange -.Fa "IPAddressRange *range" -.Fa "unsigned char **der_out" -.Fc -.Ft "IPAddressOrRange *" -.Fn IPAddressOrRange_new void -.Ft void -.Fn IPAddressOrRange_free "IPAddressOrRange *aor" -.Ft IPAddressOrRange * -.Fo d2i_IPAddressOrRange -.Fa "IPAddressOrRange **aor" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_IPAddressOrRange -.Fa "IPAddressOrRange *aor" -.Fa "unsigned char **der_out" -.Fc -.Ft "IPAddressChoice *" -.Fn IPAddressChoice_new void -.Ft void -.Fn IPAddressChoice_free "IPAddressChoice *ac" -.Ft IPAddressChoice * -.Fo d2i_IPAddressChoice -.Fa "IPAddressChoice **ac" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_IPAddressChoice -.Fa "IPAddressChoice *ac" -.Fa "unsigned char **der_out" -.Fc -.Ft "IPAddressFamily *" -.Fn IPAddressFamily_new void -.Ft void -.Fn IPAddressFamily_free "IPAddressFamily *af" -.Ft IPAddressFamily * -.Fo d2i_IPAddressFamily -.Fa "IPAddressFamily **af" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_IPAddressFamily -.Fa "IPAddressFamily *af" -.Fa "unsigned char **der_out" -.Fc -.Sh DESCRIPTION -.Vt IPAddressRange , -.Vt IPAddressOrRange , -.Vt IPAddressChoice , -and -.Vt IPAddressFamily -are building blocks of the -.Vt IPAddrBlocks -type representing the RFC 3779 IP address delegation extension. -.Pp -Per RFC 3779, section 2.1.1, -an IPv4 or an IPv6 address is encoded in network byte order in an -ASN.1 BIT STRING of bit size 32 or 128 bits, respectively. -The bit size of a prefix is its prefix length; -all insignificant zero bits are omitted -from the encoding. -Per section 2.1.2, -an address range is expressed as a pair of BIT STRINGs -where all the least significant zero bits of the lower bound -and all the least significant one bits of the upper bound are omitted. -.Pp -The library provides no API for directly converting an IP address or -prefix (in any form) to and from an -.Vt ASN1_BIT_STRING . -It also provides no API for directly handling ranges. -The -.Vt ASN1_BIT_STRING -internals are subtle and directly manipulating them in the -context of the RFC 3779 API is discouraged. -The bit size of an -.Vt ASN1_BIT_STRING -representing an IP address prefix or range is eight times its -.Fa length -member minus the lowest three bits of its -.Fa flags , -provided the -.Dv ASN1_STRING_FLAG_BITS_LEFT -flag is set. -.Pp -The -.Vt IPAddressRange -type defined in RFC 3779 section 2.2.3.9 is implemented as -.Bd -literal -offset indent -typedef struct IPAddressRange_st { - ASN1_BIT_STRING *min; - ASN1_BIT_STRING *max; -} IPAddressRange; -.Ed -.Pp -It represents the closed range [min,max] of IP addresses between -.Fa min -and -.Fa max , -where -.Fa min -should be strictly smaller than -.Fa max -and the range should not be expressible as a prefix. -.Pp -.Fn IPAddressRange_new -allocates a new -.Vt IPAddressRange -object with allocated, empty -.Fa min -and -.Fa max , -thus representing the entire address space invalidly as a non-prefix. -.Pp -.Fn IPAddressRange_free -frees -.Fa range -including any data contained in it. -If -.Fa range -is -.Dv NULL , -no action occurs. -.Pp -There is no dedicated type representing the -.Vt IPAddress -type defined in RFC 3779 section 2.2.3.8. -The API uses -.Vt ASN1_BIT_STRING -for this. -.Pp -The -.Vt IPAddressOrRange -type defined in RFC 3779 section 2.2.3.7 is implemented as -.Bd -literal -offset indent -typedef struct IPAddressOrRange_st { - int type; - union { - ASN1_BIT_STRING *addressPrefix; - IPAddressRange *addressRange; - } u; -} IPAddressOrRange; -.Ed -.Pp -representing an individual address prefix or an address range. -The -.Fa type -member should be set to -.Dv IPAddressOrRange_addressPrefix -or -.Dv IPAddressOrRange_addressRange -to indicate which member of the union -.Fa u -is valid. -.Pp -.Fn IPAddressOrRange_new -returns a new -.Vt IPAddressOrRange -object with invalid type and -.Dv NULL -members of the union -.Fa u . -.Pp -.Fn IPAddressOrRange_free -frees -.Fa aor -including any data contained in it, -provided -.Fa type -is set correctly. -If -.Fa aor -is -.Dv NULL , -no action occurs. -.Pp -In order to express a list of address prefixes and address ranges, -RFC 3779 section 2.2.3.6 -uses an ASN.1 SEQUENCE, -which is implemented via a -.Xr STACK_OF 3 -construction over -.Vt IPAddressOrRange : -.Bd -literal -offset indent -typedef STACK_OF(IPAddressOrRange) IPAddressOrRanges; -.Ed -.Pp -Since an -.Vt IPAddressOrRanges -object should be sorted in a specific way (see -.Xr X509v3_addr_canonize 3 ) , -a comparison function is needed for a correct instantiation -with -.Xr sk_new 3 . -The -.Fn v4IPAddressOrRange_cmp -and -.Fn v6IPAddressOrRange_cmp -functions are not directly exposed and not easily accessible -from outside the library, -and they are non-trivial to implement. -It is therefore discouraged to use -.Vt IPAddressOrRanges -objects that are not part of an -.Vt IPAddrBlocks -object. -.Pp -The -.Dq inherit -marker from RFC 3779 section 2.2.3.5 is implemented as -.Vt ASN1_NULL . -It has no dedicated type or API and can be instantiated with -.Xr ASN1_NULL_new 3 . -.Pp -The -.Vt IPAddressChoice -type defined in RFC 3779 section 2.2.3.4 is implemented as -.Bd -literal -offset indent -typedef struct IPAddressChoice_st { - int type; - union { - ASN1_NULL *inherit; - IPAddressOrRanges *addressesOrRanges; - } u; -} IPAddressChoice; -.Ed -.Pp -where the -.Fa type -member should be set to -.Dv IPAddressChoice_inherit -or -.Dv IPAddressChoice_addressesOrRanges -to indicate whether a given -.Vt IPAddressChoice -object represents an inherited list or an explicit list. -.Pp -.Fn IPAddressChoice_new -returns a new -.Vt IPAddressChoice -object with invalid type and -.Dv NULL -members of the union -.Fa u . -.Pp -.Fn IPAddressChoice_free -frees -.Fa ac -including any data contained in it, -provided -.Fa type -is set correctly. -.Pp -The -.Fa addressFamily -element defined in RFC 3779 section 2.2.3.3 is implemented as an -.Vt ASN1_OCTET_STRING -and it contains two or three octets. -The first two octets are always present and represent the -address family identifier (AFI) -in network byte order. -The optional subsequent address family identifier (SAFI) -occupies the third octet. -For IPv4 and IPv6, -.Dv IANA_AFI_IPV4 -and -.Dv IANA_AFI_IPV6 -are predefined. -Other AFIs are not supported by this implementation. -.Pp -The -.Vt IPAddressFamily -type defined in RFC 3779 section 2.2.3.2 is implemented as -.Bd -literal -offset indent -typedef struct IPAddressFamily_st { - ASN1_OCTET_STRING *addressFamily; - IPAddressChoice *ipAddressChoice; -} IPAddressFamily; -.Ed -.Pp -The -.Fa addressFamily -member indicates the address family the -.Fa ipAddressChoice -represents. -.Pp -.Fn IPAddressFamily_new -returns a new -.Vt IPAddressFamily -object with empty -.Fa addressFamily -and invalid -.Fa ipAddressChoice -members. -.Pp -.Fn IPAddressFamily_free -frees -.Fa af -including any data contained in it. -If -.Fa af -is -.Dv NULL , -no action occurs. -.Pp -The -.Vt IPAddrBlocks -type defined in RFC 3779 section 2.2.3.1 -uses an ASN.1 SEQUENCE, -which is implemented via a -.Xr STACK_OF 3 -construction over -.Vt IPAddressFamily : -.Bd -literal -offset indent -typedef STACK_OF(IPAddressFamily) IPAddrBlocks; -.Ed -.Pp -It can be instantiated with -.Fn sk_IPAddressFamily_new_null -and the correct sorting function can be installed with -.Xr X509v3_addr_canonize 3 . -To populate it, use -.Xr X509v3_addr_add_prefix 3 -and related functions. -.Pp -.Fn d2i_IPAddressRange , -.Fn i2d_IPAddressRange , -.Fn d2i_IPAddressOrRange , -.Fn i2d_IPAddressOrRange , -.Fn d2i_IPAddressChoice , -.Fn i2d_IPAddressChoice , -.Fn d2i_IPAddressFamily , -and -.Fn i2d_IPAddressFamily -decode and encode ASN.1 -.Vt IPAddressRange , -.Vt IPAddressOrRange , -.Vt IPAddressChoice , -and -.Vt IPAddressFamily -objects. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -There is no easy way of ensuring that the encodings generated by -these functions are correct, unless they are applied to objects -that are part of a canonical -.Vt IPAddrBlocks -structure, see -.Xr X509v3_addr_is_canonical 3 . -.Sh RETURN VALUES -.Fn IPAddressRange_new -returns a new -.Vt IPAddressRange -object with allocated, empty members, or -.Dv NULL -if an error occurs. -.Pp -.Fn IPAddressOrRange_new -returns a new, empty -.Vt IPAddressOrRange -object or -.Dv NULL -if an error occurs. -.Pp -.Fn IPAddressChoice_new -returns a new, empty -.Vt IPAddressChoice -object or -.Dv NULL -if an error occurs. -.Pp -.Fn IPAddressFamily_new -returns a new -.Vt IPAddressFamily -object with allocated, empty members, or -.Dv NULL -if an error occurs. -.Pp -The decoding functions -.Fn d2i_IPAddressRange , -.Fn d2i_IPAddressOrRange , -.Fn d2i_IPAddressChoice , -and -.Fn d2i_IPAddressFamily -return an -.Vt IPAddressRange , -an -.Vt IPAddressOrRange , -an -.Vt IPAddressChoice , -or an -.Vt IPAddressFamily -object, respectively, -or -.Dv NULL -if an error occurs. -.Pp -The encoding functions -.Fn i2d_IPAddressRange , -.Fn i2d_IPAddressOrRange , -.Fn i2d_IPAddressChoice , -and -.Fn i2d_IPAddressFamily -return the number of bytes successfully encoded -or a value <= 0 if an error occurs. -.Sh SEE ALSO -.Xr ASIdentifiers_new 3 , -.Xr ASN1_BIT_STRING_new 3 , -.Xr ASN1_OCTET_STRING_new 3 , -.Xr ASN1_OCTET_STRING_set 3 , -.Xr crypto 3 , -.Xr X509_new 3 , -.Xr X509v3_addr_add_inherit 3 , -.Xr X509v3_addr_inherits 3 , -.Xr X509v3_addr_subset 3 -.Sh STANDARDS -RFC 3779: X.509 Extensions for IP Addresses and AS Identifiers: -.Bl -dash -compact -.It -section 2.1.1: Encoding of an IP Address or Prefix -.It -section 2.1.2: Encoding of a Range of IP Addresses -.It -section 2.2.3: Syntax -.It -section 2.2.3.1: Type IPAddrBlocks -.It -section 2.2.3.2: Type IPAddressFamily -.It -section 2.2.3.3: Element addressFamily -.It -section 2.2.3.4: Element ipAddressChoice and Type IPAddressChoice -.It -section 2.2.3.5: Element inherit -.It -section 2.2.3.6: Element addressesOrRanges -.It -section 2.2.3.7: Type IPAddressOrRange -.It -section 2.2.3.8: Element addressPrefix and Type IPAddress -.It -section 2.2.3.9: Element addressRange and Type IPAddressRange -.El -.Pp -ITU-T Recommendation X.690, also known as ISO/IEC 8825-1: -Information technology - ASN.1 encoding rules: -Specification of Basic Encoding Rules (BER), Canonical Encoding -Rules (CER) and Distinguished Encoding Rules (DER), -section 8.6: Encoding of a bitstring value -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.8e -and have been available since -.Ox 7.1 . -.Sh BUGS -.\" The internals do not seem to consistently apply and check -.\" .Dv ASN1_STRING_FLAG_BITS_LEFT -.\" which may lead to incorrect encoding and misinterpretation -As it stands, the API is barely usable -due to missing convenience accessors, constructors and destructors -and due to the complete absence of API that checks that the -individual building blocks are correct. -Extracting information from a given object can be done relatively -safely. -However, constructing objects is very error prone, be it -by hand or using the bug-ridden -.Xr X509v3_addr_add_inherit 3 -API. -.Pp -RFC 3779 has element -.Dq addressesOrRanges . -Its type in this API is -.Vt IPAddressOrRanges . diff --git a/src/lib/libcrypto/man/MD5.3 b/src/lib/libcrypto/man/MD5.3 deleted file mode 100644 index 01e715f406..0000000000 --- a/src/lib/libcrypto/man/MD5.3 +++ /dev/null @@ -1,201 +0,0 @@ -.\" $OpenBSD: MD5.3,v 1.9 2024/05/26 09:54:16 tb Exp $ -.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file was written by Ulf Moeller and -.\" Richard Levitte . -.\" Copyright (c) 2000, 2006 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: May 26 2024 $ -.Dt MD5 3 -.Os -.Sh NAME -.Nm MD4 , -.Nm MD5 , -.Nm MD4_Init , -.Nm MD4_Update , -.Nm MD4_Final , -.Nm MD5_Init , -.Nm MD5_Update , -.Nm MD5_Final -.Nd MD4 and MD5 hash functions -.Sh SYNOPSIS -.In openssl/md4.h -.Ft unsigned char * -.Fo MD4 -.Fa "const unsigned char *d" -.Fa "unsigned long n" -.Fa "unsigned char *md" -.Fc -.Ft int -.Fo MD4_Init -.Fa "MD4_CTX *c" -.Fc -.Ft int -.Fo MD4_Update -.Fa "MD4_CTX *c" -.Fa "const void *data" -.Fa "unsigned long len" -.Fc -.Ft int -.Fo MD4_Final -.Fa "unsigned char *md" -.Fa "MD4_CTX *c" -.Fc -.In openssl/md5.h -.Ft unsigned char * -.Fo MD5 -.Fa "const unsigned char *d" -.Fa "unsigned long n" -.Fa "unsigned char *md" -.Fc -.Ft int -.Fo MD5_Init -.Fa "MD5_CTX *c" -.Fc -.Ft int -.Fo MD5_Update -.Fa "MD5_CTX *c" -.Fa "const void *data" -.Fa "unsigned long len" -.Fc -.Ft int -.Fo MD5_Final -.Fa "unsigned char *md" -.Fa "MD5_CTX *c" -.Fc -.Sh DESCRIPTION -MD4 and MD5 are cryptographic hash functions with a 128-bit -output. -.Pp -.Fn MD4 -and -.Fn MD5 -compute the MD4 and MD5 message digest of the -.Fa n -bytes at -.Fa d -and place it in -.Fa md , -which must have space for -.Dv MD4_DIGEST_LENGTH No == Dv MD5_DIGEST_LENGTH No == 16 -bytes of output. -.Pp -The following functions may be used if the message is not completely -stored in memory: -.Pp -.Fn MD5_Init -initializes a -.Vt MD5_CTX -structure. -.Pp -.Fn MD5_Update -can be called repeatedly with chunks of the message to be hashed -.Pq Fa len No bytes at Fa data . -.Pp -.Fn MD5_Final -places the message digest in -.Fa md , -which must have space for -.Dv MD5_DIGEST_LENGTH No == 16 -bytes of output, and erases the -.Vt MD5_CTX . -.Pp -.Fn MD4_Init , -.Fn MD4_Update , -and -.Fn MD4_Final -are analogous using an -.Vt MD4_CTX -structure. -.Pp -Applications should use the higher level functions -.Xr EVP_DigestInit 3 -etc. instead of calling these hash functions directly. -.Sh RETURN VALUES -.Fn MD4 -and -.Fn MD5 -return pointers to the hash value. -.Pp -.Fn MD4_Init , -.Fn MD4_Update , -.Fn MD4_Final , -.Fn MD5_Init , -.Fn MD5_Update , -and -.Fn MD5_Final -return 1 for success or 0 otherwise. -.Sh SEE ALSO -.Xr EVP_DigestInit 3 -.Sh STANDARDS -RFC 1320, RFC 1321 -.Sh HISTORY -.Fn MD5 , -.Fn MD5_Init , -.Fn MD5_Update , -and -.Fn MD5_Final -appeared in SSLeay 0.4 or earlier and have been available since -.Ox 2.4 . -.Pp -.Fn MD4 , -.Fn MD4_Init , -.Fn MD4_Update , -and -.Fn MD4_Final -first appeared in OpenSSL 0.9.6 and have been available since -.Ox 2.9 . -.Sh CAVEATS -Other implementations allow -.Fa md -in -.Fn MD4 -and -.Fn MD5 -to be -.Dv NULL -and return a static array, which is not thread safe. diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile deleted file mode 100644 index 9f3d448432..0000000000 --- a/src/lib/libcrypto/man/Makefile +++ /dev/null @@ -1,436 +0,0 @@ -# $OpenBSD: Makefile,v 1.307 2025/03/08 17:12:55 tb Exp $ - -.include - -MAN= \ - ACCESS_DESCRIPTION_new.3 \ - AES_encrypt.3 \ - ASIdentifiers_new.3 \ - ASN1_BIT_STRING_set.3 \ - ASN1_INTEGER_get.3 \ - ASN1_NULL_new.3 \ - ASN1_OBJECT_new.3 \ - ASN1_PRINTABLE_type.3 \ - ASN1_STRING_TABLE_get.3 \ - ASN1_STRING_length.3 \ - ASN1_STRING_new.3 \ - ASN1_STRING_print_ex.3 \ - ASN1_TIME_set.3 \ - ASN1_TYPE_get.3 \ - ASN1_UNIVERSALSTRING_to_string.3 \ - ASN1_generate_nconf.3 \ - ASN1_get_object.3 \ - ASN1_item_d2i.3 \ - ASN1_item_digest.3 \ - ASN1_item_new.3 \ - ASN1_item_pack.3 \ - ASN1_item_sign.3 \ - ASN1_item_verify.3 \ - ASN1_mbstring_copy.3 \ - ASN1_parse_dump.3 \ - ASN1_put_object.3 \ - ASRange_new.3 \ - AUTHORITY_KEYID_new.3 \ - BASIC_CONSTRAINTS_new.3 \ - BF_set_key.3 \ - BIO_accept.3 \ - BIO_ctrl.3 \ - BIO_dump.3 \ - BIO_dup_chain.3 \ - BIO_f_base64.3 \ - BIO_f_buffer.3 \ - BIO_f_cipher.3 \ - BIO_f_md.3 \ - BIO_f_null.3 \ - BIO_find_type.3 \ - BIO_get_data.3 \ - BIO_get_ex_new_index.3 \ - BIO_meth_new.3 \ - BIO_new.3 \ - BIO_new_CMS.3 \ - BIO_printf.3 \ - BIO_push.3 \ - BIO_read.3 \ - BIO_s_accept.3 \ - BIO_s_bio.3 \ - BIO_s_connect.3 \ - BIO_s_datagram.3 \ - BIO_s_fd.3 \ - BIO_s_file.3 \ - BIO_s_mem.3 \ - BIO_s_null.3 \ - BIO_s_socket.3 \ - BIO_set_callback.3 \ - BIO_should_retry.3 \ - BN_CTX_new.3 \ - BN_CTX_start.3 \ - BN_add.3 \ - BN_add_word.3 \ - BN_bn2bin.3 \ - BN_cmp.3 \ - BN_copy.3 \ - BN_generate_prime.3 \ - BN_get_rfc3526_prime_8192.3 \ - BN_kronecker.3 \ - BN_mod_inverse.3 \ - BN_mod_mul_montgomery.3 \ - BN_mod_sqrt.3 \ - BN_new.3 \ - BN_num_bytes.3 \ - BN_rand.3 \ - BN_set_bit.3 \ - BN_set_flags.3 \ - BN_set_negative.3 \ - BN_swap.3 \ - BN_zero.3 \ - BUF_MEM_new.3 \ - CMAC_Init.3 \ - CMS_ContentInfo_new.3 \ - CMS_add0_cert.3 \ - CMS_add1_recipient_cert.3 \ - CMS_add1_signer.3 \ - CMS_compress.3 \ - CMS_decrypt.3 \ - CMS_encrypt.3 \ - CMS_final.3 \ - CMS_get0_RecipientInfos.3 \ - CMS_get0_SignerInfos.3 \ - CMS_get0_type.3 \ - CMS_get1_ReceiptRequest.3 \ - CMS_sign.3 \ - CMS_sign_receipt.3 \ - CMS_signed_add1_attr.3 \ - CMS_uncompress.3 \ - CMS_verify.3 \ - CMS_verify_receipt.3 \ - CONF_modules_free.3 \ - CONF_modules_load_file.3 \ - CRYPTO_lock.3 \ - CRYPTO_memcmp.3 \ - CRYPTO_set_ex_data.3 \ - CRYPTO_set_mem_functions.3 \ - ChaCha.3 \ - DES_set_key.3 \ - DH_generate_key.3 \ - DH_generate_parameters.3 \ - DH_get0_pqg.3 \ - DH_get_ex_new_index.3 \ - DH_new.3 \ - DH_set_method.3 \ - DH_size.3 \ - DIST_POINT_new.3 \ - DSA_SIG_new.3 \ - DSA_do_sign.3 \ - DSA_dup_DH.3 \ - DSA_generate_key.3 \ - DSA_generate_parameters_ex.3 \ - DSA_get0_pqg.3 \ - DSA_get_ex_new_index.3 \ - DSA_meth_new.3 \ - DSA_new.3 \ - DSA_set_method.3 \ - DSA_sign.3 \ - DSA_size.3 \ - ECDH_compute_key.3 \ - ECDSA_SIG_new.3 \ - EC_GROUP_copy.3 \ - EC_GROUP_new.3 \ - EC_KEY_METHOD_new.3 \ - EC_KEY_new.3 \ - EC_POINT_add.3 \ - EC_POINT_new.3 \ - ENGINE_new.3 \ - ERR.3 \ - ERR_GET_LIB.3 \ - ERR_asprintf_error_data.3 \ - ERR_clear_error.3 \ - ERR_error_string.3 \ - ERR_get_error.3 \ - ERR_load_crypto_strings.3 \ - ERR_load_strings.3 \ - ERR_print_errors.3 \ - ERR_put_error.3 \ - ERR_remove_state.3 \ - ERR_set_mark.3 \ - ESS_SIGNING_CERT_new.3 \ - EVP_AEAD_CTX_init.3 \ - EVP_BytesToKey.3 \ - EVP_CIPHER_CTX_ctrl.3 \ - EVP_CIPHER_CTX_get_cipher_data.3 \ - EVP_CIPHER_CTX_init.3 \ - EVP_CIPHER_CTX_set_flags.3 \ - EVP_CIPHER_do_all.3 \ - EVP_CIPHER_meth_new.3 \ - EVP_CIPHER_nid.3 \ - EVP_DigestInit.3 \ - EVP_DigestSignInit.3 \ - EVP_DigestVerifyInit.3 \ - EVP_EncodeInit.3 \ - EVP_EncryptInit.3 \ - EVP_MD_CTX_ctrl.3 \ - EVP_MD_nid.3 \ - EVP_OpenInit.3 \ - EVP_PKCS82PKEY.3 \ - EVP_PKEY_CTX_ctrl.3 \ - EVP_PKEY_CTX_get_operation.3 \ - EVP_PKEY_CTX_new.3 \ - EVP_PKEY_CTX_set_hkdf_md.3 \ - EVP_PKEY_CTX_set_tls1_prf_md.3 \ - EVP_PKEY_asn1_get_count.3 \ - EVP_PKEY_cmp.3 \ - EVP_PKEY_decrypt.3 \ - EVP_PKEY_derive.3 \ - EVP_PKEY_encrypt.3 \ - EVP_PKEY_get_default_digest_nid.3 \ - EVP_PKEY_keygen.3 \ - EVP_PKEY_new.3 \ - EVP_PKEY_new_CMAC_key.3 \ - EVP_PKEY_print_private.3 \ - EVP_PKEY_set1_RSA.3 \ - EVP_PKEY_sign.3 \ - EVP_PKEY_size.3 \ - EVP_PKEY_verify.3 \ - EVP_PKEY_verify_recover.3 \ - EVP_SealInit.3 \ - EVP_SignInit.3 \ - EVP_VerifyInit.3 \ - EVP_aes_128_cbc.3 \ - EVP_aes_128_ccm.3 \ - EVP_aes_128_gcm.3 \ - EVP_camellia_128_cbc.3 \ - EVP_chacha20.3 \ - EVP_des_cbc.3 \ - EVP_rc2_cbc.3 \ - EVP_rc4.3 \ - EVP_sha1.3 \ - EVP_sha3_224.3 \ - EVP_sm3.3 \ - EVP_sm4_cbc.3 \ - EXTENDED_KEY_USAGE_new.3 \ - GENERAL_NAME_new.3 \ - HMAC.3 \ - IPAddressRange_new.3 \ - MD5.3 \ - NAME_CONSTRAINTS_new.3 \ - OBJ_NAME_add.3 \ - OBJ_create.3 \ - OBJ_find_sigid_algs.3 \ - OBJ_nid2obj.3 \ - OCSP_CRLID_new.3 \ - OCSP_REQUEST_new.3 \ - OCSP_SERVICELOC_new.3 \ - OCSP_cert_to_id.3 \ - OCSP_request_add1_nonce.3 \ - OCSP_resp_find_status.3 \ - OCSP_response_status.3 \ - OCSP_sendreq_new.3 \ - OPENSSL_VERSION_NUMBER.3 \ - OPENSSL_cleanse.3 \ - OPENSSL_config.3 \ - OPENSSL_init_crypto.3 \ - OPENSSL_load_builtin_modules.3 \ - OPENSSL_malloc.3 \ - OPENSSL_sk_new.3 \ - OpenSSL_add_all_algorithms.3 \ - PEM_ASN1_read.3 \ - PEM_X509_INFO_read.3 \ - PEM_bytes_read_bio.3 \ - PEM_read.3 \ - PEM_read_bio_PrivateKey.3 \ - PEM_write_bio_CMS_stream.3 \ - PEM_write_bio_PKCS7_stream.3 \ - PKCS12_SAFEBAG_new.3 \ - PKCS12_create.3 \ - PKCS12_new.3 \ - PKCS12_newpass.3 \ - PKCS12_parse.3 \ - PKCS5_PBKDF2_HMAC.3 \ - PKCS7_add_attribute.3 \ - PKCS7_dataFinal.3 \ - PKCS7_dataInit.3 \ - PKCS7_decrypt.3 \ - PKCS7_encrypt.3 \ - PKCS7_final.3 \ - PKCS7_get_signer_info.3 \ - PKCS7_new.3 \ - PKCS7_set_content.3 \ - PKCS7_set_type.3 \ - PKCS7_sign.3 \ - PKCS7_sign_add_signer.3 \ - PKCS7_verify.3 \ - PKCS8_PRIV_KEY_INFO_new.3 \ - PKCS8_pkey_set0.3 \ - PKEY_USAGE_PERIOD_new.3 \ - POLICYINFO_new.3 \ - RAND_add.3 \ - RAND_bytes.3 \ - RAND_load_file.3 \ - RAND_set_rand_method.3 \ - RC2_encrypt.3 \ - RC4.3 \ - RIPEMD160.3 \ - RSA_PSS_PARAMS_new.3 \ - RSA_blinding_on.3 \ - RSA_check_key.3 \ - RSA_generate_key.3 \ - RSA_get0_key.3 \ - RSA_get_ex_new_index.3 \ - RSA_meth_new.3 \ - RSA_new.3 \ - RSA_padding_add_PKCS1_type_1.3 \ - RSA_pkey_ctx_ctrl.3 \ - RSA_print.3 \ - RSA_private_encrypt.3 \ - RSA_public_encrypt.3 \ - RSA_security_bits.3 \ - RSA_set_method.3 \ - RSA_sign.3 \ - RSA_sign_ASN1_OCTET_STRING.3 \ - RSA_size.3 \ - SHA1.3 \ - SMIME_crlf_copy.3 \ - SMIME_read_ASN1.3 \ - SMIME_read_CMS.3 \ - SMIME_read_PKCS7.3 \ - SMIME_text.3 \ - SMIME_write_ASN1.3 \ - SMIME_write_CMS.3 \ - SMIME_write_PKCS7.3 \ - STACK_OF.3 \ - TS_REQ_new.3 \ - UI_create_method.3 \ - UI_get_string_type.3 \ - UI_new.3 \ - X25519.3 \ - X509V3_EXT_get_nid.3 \ - X509V3_EXT_print.3 \ - X509V3_extensions_print.3 \ - X509V3_get_d2i.3 \ - X509V3_parse_list.3 \ - X509_ALGOR_dup.3 \ - X509_ATTRIBUTE_get0_object.3 \ - X509_ATTRIBUTE_new.3 \ - X509_ATTRIBUTE_set1_object.3 \ - X509_CINF_new.3 \ - X509_CRL_get0_by_serial.3 \ - X509_CRL_new.3 \ - X509_CRL_print.3 \ - X509_EXTENSION_set_object.3 \ - X509_INFO_new.3 \ - X509_LOOKUP_hash_dir.3 \ - X509_LOOKUP_new.3 \ - X509_NAME_ENTRY_get_object.3 \ - X509_NAME_add_entry_by_txt.3 \ - X509_NAME_get_index_by_NID.3 \ - X509_NAME_hash.3 \ - X509_NAME_new.3 \ - X509_NAME_print_ex.3 \ - X509_OBJECT_get0_X509.3 \ - X509_PKEY_new.3 \ - X509_PUBKEY_new.3 \ - X509_PURPOSE_set.3 \ - X509_REQ_add1_attr.3 \ - X509_REQ_add_extensions.3 \ - X509_REQ_new.3 \ - X509_REQ_print_ex.3 \ - X509_REVOKED_new.3 \ - X509_SIG_get0.3 \ - X509_SIG_new.3 \ - X509_STORE_CTX_get_error.3 \ - X509_STORE_CTX_get_ex_new_index.3 \ - X509_STORE_CTX_new.3 \ - X509_STORE_CTX_set_flags.3 \ - X509_STORE_CTX_set_verify.3 \ - X509_STORE_CTX_set_verify_cb.3 \ - X509_STORE_get_by_subject.3 \ - X509_STORE_load_locations.3 \ - X509_STORE_new.3 \ - X509_STORE_set1_param.3 \ - X509_STORE_set_verify_cb_func.3 \ - X509_VERIFY_PARAM_new.3 \ - X509_VERIFY_PARAM_set_flags.3 \ - X509_add1_trust_object.3 \ - X509_check_ca.3 \ - X509_check_host.3 \ - X509_check_issued.3 \ - X509_check_private_key.3 \ - X509_check_purpose.3 \ - X509_cmp.3 \ - X509_cmp_time.3 \ - X509_digest.3 \ - X509_find_by_subject.3 \ - X509_get0_notBefore.3 \ - X509_get0_signature.3 \ - X509_get1_email.3 \ - X509_get_extension_flags.3 \ - X509_get_pubkey.3 \ - X509_get_pubkey_parameters.3 \ - X509_get_serialNumber.3 \ - X509_get_subject_name.3 \ - X509_get_version.3 \ - X509_keyid_set1.3 \ - X509_load_cert_file.3 \ - X509_new.3 \ - X509_ocspid_print.3 \ - X509_print_ex.3 \ - X509_sign.3 \ - X509_signature_dump.3 \ - X509_verify_cert.3 \ - X509v3_addr_add_inherit.3 \ - X509v3_addr_get_range.3 \ - X509v3_addr_inherits.3 \ - X509v3_addr_subset.3 \ - X509v3_addr_validate_path.3 \ - X509v3_asid_add_id_or_range.3 \ - X509v3_get_ext_by_NID.3 \ - a2d_ASN1_OBJECT.3 \ - a2i_ipadd.3 \ - crypto.3 \ - d2i_ASN1_NULL.3 \ - d2i_ASN1_OBJECT.3 \ - d2i_ASN1_OCTET_STRING.3 \ - d2i_ASN1_SEQUENCE_ANY.3 \ - d2i_AUTHORITY_KEYID.3 \ - d2i_BASIC_CONSTRAINTS.3 \ - d2i_CMS_ContentInfo.3 \ - d2i_DHparams.3 \ - d2i_DIST_POINT.3 \ - d2i_DSAPublicKey.3 \ - d2i_ECPKParameters.3 \ - d2i_ESS_SIGNING_CERT.3 \ - d2i_GENERAL_NAME.3 \ - d2i_OCSP_REQUEST.3 \ - d2i_OCSP_RESPONSE.3 \ - d2i_PKCS12.3 \ - d2i_PKCS7.3 \ - d2i_PKCS8PrivateKey_bio.3 \ - d2i_PKCS8_PRIV_KEY_INFO.3 \ - d2i_PKEY_USAGE_PERIOD.3 \ - d2i_POLICYINFO.3 \ - d2i_PrivateKey.3 \ - d2i_RSAPublicKey.3 \ - d2i_TS_REQ.3 \ - d2i_X509.3 \ - d2i_X509_ALGOR.3 \ - d2i_X509_ATTRIBUTE.3 \ - d2i_X509_CRL.3 \ - d2i_X509_EXTENSION.3 \ - d2i_X509_NAME.3 \ - d2i_X509_REQ.3 \ - d2i_X509_SIG.3 \ - des_read_pw.3 \ - evp.3 \ - i2a_ASN1_STRING.3 \ - i2d_CMS_bio_stream.3 \ - i2d_PKCS7_bio_stream.3 \ - lh_new.3 \ - openssl.cnf.5 \ - s2i_ASN1_INTEGER.3 \ - v2i_ASN1_BIT_STRING.3 \ - x509v3.cnf.5 - -all clean cleandir depend includes obj tags: - -install: maninstall - -.include diff --git a/src/lib/libcrypto/man/NAME_CONSTRAINTS_new.3 b/src/lib/libcrypto/man/NAME_CONSTRAINTS_new.3 deleted file mode 100644 index fec3aba7f7..0000000000 --- a/src/lib/libcrypto/man/NAME_CONSTRAINTS_new.3 +++ /dev/null @@ -1,100 +0,0 @@ -.\" $OpenBSD: NAME_CONSTRAINTS_new.3,v 1.4 2020/09/17 08:50:05 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: September 17 2020 $ -.Dt NAME_CONSTRAINTS_NEW 3 -.Os -.Sh NAME -.Nm NAME_CONSTRAINTS_new , -.Nm NAME_CONSTRAINTS_free , -.Nm GENERAL_SUBTREE_new , -.Nm GENERAL_SUBTREE_free -.\" .Nm NAME_CONSTRAINTS_check is intentionally undocumented. -.\" beck@ said in the x509/x509_ncons.c rev. 1.4 commit message: -.\" We probably need to deprecate it thoughtfully. -.Nd X.509 CA name constraints extension -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft NAME_CONSTRAINTS * -.Fn NAME_CONSTRAINTS_new void -.Ft void -.Fn NAME_CONSTRAINTS_free "NAME_CONSTRAINTS *names" -.Ft GENERAL_SUBTREE * -.Fn GENERAL_SUBTREE_new void -.Ft void -.Fn GENERAL_SUBTREE_free "GENERAL_SUBTREE *name" -.Sh DESCRIPTION -X.509 CA certificates can use the name constraints extension -to restrict the subject names of subsequent certificates in a -certification path. -.Pp -.Fn NAME_CONSTRAINTS_new -allocates and initializes an empty -.Vt NAME_CONSTRAINTS -object, representing an ASN.1 -.Vt NameConstraints -structure defined in RFC 5280 section 4.2.1.10. -It consists of two -.Vt STACK_OF(GENERAL_SUBTREE) -objects, one specifying permitted names, the other excluded names. -.Fn NAME_CONSTRAINTS_free -frees -.Fa names . -.Pp -.Fn GENERAL_SUBTREE_new -allocates and initializes an empty -.Vt GENERAL_SUBTREE -object, representing an ASN.1 -.Vt GeneralSubtree -structure defined in RFC 5280 section 4.2.1.10. -It is a trivial wrapper around the -.Vt GENERAL_NAME -object documented in -.Xr GENERAL_NAME_new 3 . -The standard requires the other fields of -.Vt GENERAL_SUBTREE -to be ignored. -.Fn GENERAL_SUBTREE_free -frees -.Fa name . -.Sh RETURN VALUES -.Fn NAME_CONSTRAINTS_new -and -.Fn GENERAL_SUBTREE_new -return the new -.Vt NAME_CONSTRAINTS -or -.Vt GENERAL_SUBTREE -object, respectively, or -.Dv NULL -if an error occurs. -.Sh SEE ALSO -.Xr BASIC_CONSTRAINTS_new 3 , -.Xr GENERAL_NAMES_new 3 , -.Xr X509_EXTENSION_new 3 , -.Xr X509_new 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile, -section 4.2.1.10: Name Constraints -.Sh HISTORY -.Fn NAME_CONSTRAINTS_new , -.Fn NAME_CONSTRAINTS_free , -.Fn GENERAL_SUBTREE_new , -and -.Fn GENERAL_SUBTREE_free -first appeared in OpenSSL 0.9.8 and have been available since -.Ox 4.5 . diff --git a/src/lib/libcrypto/man/OBJ_NAME_add.3 b/src/lib/libcrypto/man/OBJ_NAME_add.3 deleted file mode 100644 index 0b46010c49..0000000000 --- a/src/lib/libcrypto/man/OBJ_NAME_add.3 +++ /dev/null @@ -1,307 +0,0 @@ -.\" $OpenBSD: OBJ_NAME_add.3,v 1.6 2024/01/31 08:02:53 tb Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: January 31 2024 $ -.Dt OBJ_NAME_ADD 3 -.Os -.Sh NAME -.Nm OBJ_NAME_add , -.Nm OBJ_NAME_remove , -.Nm OBJ_NAME_get , -.Nm OBJ_NAME_new_index , -.Nm OBJ_NAME_init , -.Nm OBJ_NAME_cleanup -.Nd global associative array -.Sh SYNOPSIS -.In openssl/objects.h -.Ft int -.Fo OBJ_NAME_add -.Fa "const char *name" -.Fa "int type" -.Fa "const char *value" -.Fc -.Ft int -.Fo OBJ_NAME_remove -.Fa "const char *name" -.Fa "int type" -.Fc -.Ft const char * -.Fo OBJ_NAME_get -.Fa "const char *name" -.Fa "int type" -.Fc -.Ft int -.Fo OBJ_NAME_new_index -.Fa "unsigned long (*hash_func)(const char *name)" -.Fa "int (*cmp_func)(const char *name1, const char *name2)" -.Fa "void (*free_func)(const char *name, int type, const char *value)" -.Fc -.Ft int -.Fn OBJ_NAME_init void -.Ft void -.Fn OBJ_NAME_cleanup "int type" -.Bd -literal -typedef struct { - int type; - int alias; - const char *name; - const char *data; -} OBJ_NAME; -.Ed -.Sh DESCRIPTION -These functions implement a single, static associative array -with the following properties: -.Bl -bullet -.It -The keys are ordered pairs consisting of a NUL-terminated string -.Pq called the Fa name -and an -.Vt int -number -.Pq called the Fa type . -Two types are predefined and used internally by the library: -.Dv OBJ_NAME_TYPE_MD_METH -and -.Dv OBJ_NAME_TYPE_CIPHER_METH . -Two additional types are predefined but not used internally: -.Dv OBJ_NAME_TYPE_PKEY_METH -and -.Dv OBJ_NAME_TYPE_COMP_METH . -All predefined types are greater than -.Dv OBJ_NAME_TYPE_UNDEF -and smaller than -.Dv OBJ_NAME_TYPE_NUM . -.It -The values are pointers. -Formally, they are of the type -.Vt const char * , -but in practice, pointers of other types, for example -.Vt EVP_CIPHER * -or -.Vt EVP_MD * , -are often stored as values -and cast back to the correct type on retrieval. -.It -The array supports type-specific aliases for names. -.El -.Pp -.Fn OBJ_NAME_add -removes the key-value pair or alias with the key -.Pq Fa name , type -in the same way as -.Fn OBJ_NAME_remove -and inserts a key-value pair with the specified -.Fa name , -.Fa type , -and -.Fa value . -If the bit -.Dv OBJ_NAME_ALIAS -is set in the -.Fa type -argument, that bit is cleared before using the -.Fa type -and the key -.Pq Fa name , type -becomes an alias for the key -.Pq Fa value , type -instead of setting a value. -It is not checked whether the key -.Pq Fa value , type -already exists. -Consequently, it is possible to define an alias -before setting the associated value. -.Pp -.Fn OBJ_NAME_remove -removes the key-value pair or alias with the key -.Pq Fa name , type -from the array, if it exists. -Otherwise, it has no effect. -If the bit -.Dv OBJ_NAME_ALIAS -is set in the -.Fa type -argument, it is ignored and cleared before using the -.Fa type . -If the -.Fa type -is an application-defined type added with -.Fn OBJ_NAME_new_index -and the -.Fa free_func -associated with the -.Fa type -is not a -.Dv NULL -pointer, it is called with the -.Fa name , -.Fa type , -and -.Fa value -of the key-value pair being removed or with the -.Fa name , -.Fa type , -and alias target name of the alias being removed. -In typical usage, this function might free the -.Fa name , -and it might free the -.Fa value -in a type-specific way. -.Pp -.Fn OBJ_NAME_get -looks up the key -.Pq Fa name , type , -recursively resolving up to ten aliases if needed. -If the bit -.Dv OBJ_NAME_ALIAS -is set in the -.Fa type -argument, it is cleared before using the -.Fa type , -processing of aliases is disabled, and if -.Pq Fa name , type -is an alias, the target name of the alias is returned instead of a value. -.Pp -.Fn OBJ_NAME_new_index -assigns the smallest unassigned positive integer number -to represent a new, application-defined -.Fa type . -The three function pointers will be used, respectively, -to hash a name for this type, to compare two names for this type, -and to free the contents of a key-value pair holding the given -.Fa name , -.Fa type , -and -.Fa value . -If the -.Fa hash_func -argument is a -.Dv NULL -pointer, -.Xr lh_strhash 3 -is used instead. -If the -.Fa cmp_func -argument is a -.Dv NULL -pointer, -.Xr strcmp 3 -is used instead. -If the -.Fa free_func -argument is a -.Dv NULL -pointer, the -.Fa name -and -.Fa value -pointers contained in the key-value pair are not freed, -only the structure representing the pair itself is. -This default behaviour is also used for the built-in types. -.Pp -.Fn OBJ_NAME_init -initializes the array. -After initialization, the array is empty. -Calling -.Fn OBJ_NAME_init -when the array is already initialized has no effect. -Application programs do not need to call this function because -.Fn OBJ_NAME_add -and -.Fn OBJ_NAME_get -automatically call it whenever needed. -.Pp -.Fn OBJ_NAME_cleanup -removes all key-value pairs and aliases of the given -.Fa type -from the array by calling -.Fn OBJ_NAME_remove -on every such pair and alias. -If the -.Fa type -argument is negative, it removes all key-value pairs and aliases -of any type and also reverses all effects of -.Fn OBJ_NAME_new_index -and -.Fn OBJ_NAME_init , -in particular resetting the list of types to the predefined types -and releasing all memory reserved by these functions. -.Pp -The -.Vt OBJ_NAME -structure represents one key-value pair or one alias with the key -.Pq Fa name , type . -If the -.Fa alias -field is 0, the -.Fa data -field contains the value; otherwise, it contains the alias target name. -.Sh RETURN VALUES -.Fn OBJ_NAME_add -and -.Fn OBJ_NAME_init -return 1 on success or 0 if memory allocation fails. -.Pp -.Fn OBJ_NAME_remove -returns 1 if one key-value pair or alias was removed or 0 otherwise. -.Pp -.Fn OBJ_NAME_get -returns the -.Fa value -associated with the key -.Pq Fa name , type -or -.Dv NULL -if -.Fa name -is -.Dv NULL , -if the array does not contain a value for this key, -or if more than ten aliases are encountered before finding a value. -.Pp -.Fn OBJ_NAME_new_index -returns a positive integer greater than or equal to -.Dv OBJ_NAME_TYPE_NUM -representing the new type or 0 if memory allocation fails. -.Sh SEE ALSO -.Xr EVP_cleanup 3 , -.Xr EVP_get_cipherbyname 3 , -.Xr EVP_get_digestbyname 3 , -.Xr lh_new 3 , -.Xr OBJ_create 3 , -.Xr OBJ_nid2obj 3 -.Sh BUGS -Calling -.Fn OBJ_NAME_get -with the bit -.Dv OBJ_NAME_ALIAS -is not very useful because there is no way to tell -whether the returned pointer points to a value or to a name, -short of calling the function again without setting the bit -and comparing the two returned pointers. -.Pp -The -.Fa free_func -has no way to tell whether its -.Fa value -argument is indeed of the given -.Fa type -or whether it is merely the target name of an alias. -Consequently, to use values of a type -that requires more cleanup than merely calling -.Xr free 3 -on it, instances of the type need to begin with a magic number or string -that cannot occur at the beginning of a name. diff --git a/src/lib/libcrypto/man/OBJ_create.3 b/src/lib/libcrypto/man/OBJ_create.3 deleted file mode 100644 index fa5bde3dd3..0000000000 --- a/src/lib/libcrypto/man/OBJ_create.3 +++ /dev/null @@ -1,249 +0,0 @@ -.\" $OpenBSD: OBJ_create.3,v 1.10 2024/01/31 08:02:53 tb Exp $ -.\" full merge up to: -.\" OpenSSL OBJ_nid2obj.pod 9b86974e Aug 17 15:21:33 2015 -0400 -.\" selective merge up to: -.\" OpenSSL OBJ_nid2obj.pod 0c5bc96f Mar 15 13:57:22 2022 +0000 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2017, 2021, 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2002, 2006 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: January 31 2024 $ -.Dt OBJ_CREATE 3 -.Os -.Sh NAME -.Nm OBJ_new_nid , -.Nm OBJ_add_object , -.Nm OBJ_create , -.\" OBJ_create_and_add_object is a deprecated, unused alias for OBJ_create(3). -.Nm OBJ_create_objects , -.Nm OBJ_cleanup -.Nd modify the table of ASN.1 object identifiers -.Sh SYNOPSIS -.In openssl/objects.h -.Ft int -.Fn OBJ_new_nid "int increment" -.Ft int -.Fn OBJ_add_object "const ASN1_OBJECT *object" -.Ft int -.Fo OBJ_create -.Fa "const char *oid" -.Fa "const char *sn" -.Fa "const char *ln" -.Fc -.Ft int -.Fn OBJ_create_objects "BIO *in_bio" -.Ft void -.Fn OBJ_cleanup void -.Sh DESCRIPTION -.Fn OBJ_new_nid -returns the smallest currently unassigned ASN.1 numeric -object identifier (NID) and reserves -.Fa increment -consecutive NIDs starting with it. -Passing an argument of 1 is usually recommended. -The return value can be assigned to a new object by passing it as the -.Fa nid -argument to -.Xr ASN1_OBJECT_create 3 -and by passing the resulting object to -.Fn OBJ_add_object . -.Pp -.Fn OBJ_add_object -adds a copy of the -.Fa object -to the internal table of ASN.1 object identifiers for use by -.Xr OBJ_nid2obj 3 -and related functions. -.Pp -.Fn OBJ_create -provides a simpler way to add a new object to the internal table. -.Fa oid -is the numerical form of the object, -.Fa sn -the short name and -.Fa ln -the long name. -A new NID is automatically assigned using -.Fn OBJ_new_nid . -.Pp -.Fn OBJ_create_objects -reads text lines of the form -.Pp -.D1 Fa oid sn ln -.Pp -from -.Fa in_bio -and calls -.Fn OBJ_create oid sn ln -for every line read. -The three fields of the input lines -are separated by one or more whitespace characters. -.Pp -For all three functions, the objects added to the internal table and -all the data contained in them is marked as not dynamically allocated. -Consequently, retrieving them with -.Xr OBJ_nid2obj 3 -or a similar function and then calling -.Xr ASN1_OBJECT_free 3 -on the returned pointer will have no effect. -.Pp -.Fn OBJ_cleanup -resets the internal object table to its default state, -removing and freeing all objects that were added with -.Fn OBJ_add_object , -.Fn OBJ_create , -or -.Fn OBJ_create_objects . -.Sh RETURN VALUES -.Fn OBJ_new_nid -returns the new NID. -.Pp -.Fn OBJ_add_object -returns the NID of the added -.Fa object -or -.Dv NID_undef -if no object was added because the -.Fa object -argument was -.Dv NULL , -did not contain an NID, or memory allocation failed. -.Pp -.Fn OBJ_create -returns the new NID or -.Dv NID_undef -if -.Fa oid -is not a valid representation of an object identifier -or if memory allocation fails. -.Pp -.Fn OBJ_create_objects -returns the number of objects added. -.Pp -In some cases of failure of -.Fn OBJ_add_object , -.Fn OBJ_create , -and -.Fn OBJ_create_objects , -the reason can be determined with -.Xr ERR_get_error 3 . -.Sh EXAMPLES -Create a new NID and initialize an object from it: -.Bd -literal -offset indent -int new_nid; -ASN1_OBJECT *obj; - -new_nid = OBJ_create("1.2.3.4", "NewOID", "New Object Identifier"); -obj = OBJ_nid2obj(new_nid); -.Ed -.Sh SEE ALSO -.Xr ASN1_OBJECT_new 3 , -.Xr OBJ_nid2obj 3 -.Sh HISTORY -.Fn OBJ_new_nid , -.Fn OBJ_add_object , -and -.Fn OBJ_cleanup -first appeared in SSLeay 0.8.0 and -.Fn OBJ_create -in SSLeay 0.9.0. -These functions have been available since -.Ox 2.4 . -.Sh CAVEATS -.Fn OBJ_add_object -indicates success even after adding an incomplete object that was created with -.Xr ASN1_OBJECT_create 3 -but lacks a short name, a long name, or an OID. -.Pp -Even -.Fn OBJ_create -tolerates -.Dv NULL -pointers being passed for the -.Fa sn -and/or -.Fa ln -arguments, in which case -.Xr OBJ_nid2sn 3 -and -.Xr OBJ_sn2nid 3 -or -.Xr OBJ_nid2ln 3 -and -.Xr OBJ_ln2nid 3 -will not work on the added object, respectively. -.Sh BUGS -.Fn OBJ_new_nid -does not reserve any return value to indicate an error. -Consequently, to avoid conflicting NID assignments and integer overflows, -care must be taken to not pass negative, zero, or large arguments to -.Fn OBJ_new_nid . -.Pp -.Fn OBJ_create_objects -does not distinguish between end of file, I/O errors, temporary -unavailability of data on a non-blocking BIO, invalid input syntax, -and memory allocation failure. -In all these cases, reading is aborted and the number of objects -that were already added is returned. diff --git a/src/lib/libcrypto/man/OBJ_find_sigid_algs.3 b/src/lib/libcrypto/man/OBJ_find_sigid_algs.3 deleted file mode 100644 index 1d7a2b649b..0000000000 --- a/src/lib/libcrypto/man/OBJ_find_sigid_algs.3 +++ /dev/null @@ -1,89 +0,0 @@ -.\" $OpenBSD: OBJ_find_sigid_algs.3,v 1.2 2024/01/31 08:02:53 tb Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: January 31 2024 $ -.Dt OBJ_FIND_SIGID_ALGS 3 -.Os -.Sh NAME -.Nm OBJ_find_sigid_algs , -.Nm OBJ_find_sigid_by_algs -.Nd signature algorithm mappings -.Sh SYNOPSIS -.In openssl/objects.h -.Ft int -.Fo OBJ_find_sigid_algs -.Fa "int signature" -.Fa "int *pdigest" -.Fa "int *pencryption" -.Fc -.Ft int -.Fo OBJ_find_sigid_by_algs -.Fa "int *psignature" -.Fa "int digest" -.Fa "int encryption" -.Fc -.Sh DESCRIPTION -.Fn OBJ_find_sigid_algs -looks up the -.Fa signature -algorithm. -If it is found, the associated digest algorithm is stored in -.Pf * Fa pdigest -unless -.Fa pdigest -is a -.Dv NULL -pointer, and the associated encryption algorithm is stored in -.Pf * Fa pencryption -unless -.Fa pencryption -is a -.Dv NULL -pointer. -.Pp -.Fn OBJ_find_sigid_by_algs -looks up the pair -.Pq Fa digest , encryption . -If it is found, the associated signature algorithm is stored in -.Pf * Fa psignature -unless -.Fa psignature -is a -.Dv NULL -pointer. -.Sh RETURN VALUES -.Fn OBJ_find_sigid_algs -returns 1 if a definition of the -.Fa signature -algorithm is found or 0 if a definition of the -.Fa signature -algorithm is not built into the library. -.Pp -.Fn OBJ_find_sigid_by_algs -returns 1 if a signature algorithm using the specified -.Fa digest -and -.Fa encryption -algorithms is defined or 0 if the definition of such an algorithm -is not built into the library. -.Sh SEE ALSO -.Xr EVP_cleanup 3 , -.Xr OBJ_create 3 , -.Xr OBJ_nid2obj 3 -.Sh HISTORY -These functions first appeared in OpenSSL 1.0.0 -and have been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/OBJ_nid2obj.3 b/src/lib/libcrypto/man/OBJ_nid2obj.3 deleted file mode 100644 index ccab1ed30c..0000000000 --- a/src/lib/libcrypto/man/OBJ_nid2obj.3 +++ /dev/null @@ -1,521 +0,0 @@ -.\" $OpenBSD: OBJ_nid2obj.3,v 1.22 2024/01/31 08:02:53 tb Exp $ -.\" full merge up to: OpenSSL c264592d May 14 11:28:00 2006 +0000 -.\" selective merge up to: OpenSSL 35fd9953 May 28 14:49:38 2019 +0200 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2017, 2021, 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2002, 2006, 2016 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: January 31 2024 $ -.Dt OBJ_NID2OBJ 3 -.Os -.Sh NAME -.Nm OBJ_nid2obj , -.Nm OBJ_nid2ln , -.Nm OBJ_nid2sn , -.Nm OBJ_obj2nid , -.Nm OBJ_ln2nid , -.Nm OBJ_sn2nid , -.Nm OBJ_txt2nid , -.Nm OBJ_txt2obj , -.Nm OBJ_obj2txt , -.Nm OBJ_cmp , -.Nm OBJ_dup , -.Nm i2t_ASN1_OBJECT , -.Nm i2a_ASN1_OBJECT -.Nd inspect and create ASN.1 object identifiers -.Sh SYNOPSIS -.In openssl/objects.h -.Ft ASN1_OBJECT * -.Fo OBJ_nid2obj -.Fa "int nid" -.Fc -.Ft const char * -.Fo OBJ_nid2ln -.Fa "int nid" -.Fc -.Ft const char * -.Fo OBJ_nid2sn -.Fa "int nid" -.Fc -.Ft int -.Fo OBJ_obj2nid -.Fa "const ASN1_OBJECT *object" -.Fc -.Ft int -.Fo OBJ_ln2nid -.Fa "const char *ln" -.Fc -.Ft int -.Fo OBJ_sn2nid -.Fa "const char *sn" -.Fc -.Ft int -.Fo OBJ_txt2nid -.Fa "const char *s" -.Fc -.Ft ASN1_OBJECT * -.Fo OBJ_txt2obj -.Fa "const char *s" -.Fa "int no_name" -.Fc -.Ft int -.Fo OBJ_obj2txt -.Fa "char *buf" -.Fa "int buf_len" -.Fa "const ASN1_OBJECT *object" -.Fa "int no_name" -.Fc -.Ft int -.Fo OBJ_cmp -.Fa "const ASN1_OBJECT *a" -.Fa "const ASN1_OBJECT *b" -.Fc -.Ft ASN1_OBJECT * -.Fo OBJ_dup -.Fa "const ASN1_OBJECT *object" -.Fc -.In openssl/asn1.h -.Ft int -.Fo i2t_ASN1_OBJECT -.Fa "char *buf" -.Fa "int buf_len" -.Fa "const ASN1_OBJECT *object" -.Fc -.Ft int -.Fo i2a_ASN1_OBJECT -.Fa "BIO *out_bio" -.Fa "const ASN1_OBJECT *object" -.Fc -.Sh DESCRIPTION -The ASN.1 object utility functions process -.Vt ASN1_OBJECT -structures, in the following called -.Dq objects . -An object represents an ASN.1 -.Vt OBJECT IDENTIFIER -.Pq OID . -The library maintains an internal global table of objects. -Many of these objects are built into the library -and contained in the global table by default. -The application program can add additional objects to the global table -by using functions documented in the -.Xr OBJ_create 3 -manual page. -Consequently, there are three classes of objects: -built-in table objects, user-defined table objects, and non-table objects. -.Pp -In addition to the OID, each object can hold -a long name, a short name, and a numerical identifier (NID). -Even though the concept of NIDs is specific to the library -and not standardized, using the NID is often the most convenient way -for source code to refer to a specific OID. -The NIDs of the built-in objects are available as defined constants. -.Pp -Built-in table objects have certain advantages -over objects that are not in the global table: -for example, their NIDs can be used in C language switch statements. -They are also shared: -there is only a single static constant structure for each built-on OID. -.Pp -Some functions operate on table objects only: -.Pp -.Fn OBJ_nid2obj -retrieves the table object associated with the -.Fa nid . -.Fn OBJ_nid2ln -and -.Fn OBJ_nid2sn -retrieve its long and short name, respectively. -.Pp -.Fn OBJ_obj2nid -retrieves the NID associated with the given -.Fa object , -which is either the NID stored in the -.Fa object -itself, if any, or otherwise the NID stored in a table object -containing the same OID. -.Pp -.Fn OBJ_ln2nid -and -.Fn OBJ_sn2nid -retrieve the NID from the table object with the long name -.Fa ln -or the short name -.Fa sn , -respectively. -.Pp -.Fn OBJ_txt2nid -retrieves the NID from the table object described by the text string -.Fa s , -which can be a long name, a short name, -or the numerical representation of an OID. -.Pp -The remaining functions can be used both on table objects -and on objects that are not in the global table: -.Pp -.Fn OBJ_txt2obj -retrieves or creates an object matching the text string -.Fa s . -If -.Fa no_name -is 1, only the numerical representation of an OID is accepted. -If -.Fa no_name -is 0, long names and short names are accepted as well. -.Pp -.Fn OBJ_obj2txt -writes a NUL terminated textual representation -of the OID contained in the given -.Fa object -into -.Fa buf . -At most -.Fa buf_len -bytes are written, truncating the result if necessary. -The total amount of space required is returned. -If -.Fa no_name -is 0 and the table object containing the same OID -contains a long name, the long name is written. -Otherwise, if -.Fa no_name -is 0 and the table object containing the same OID -contains a short name, the short name is written. -Otherwise, the numerical representation of the OID is written. -.Pp -.Fn i2t_ASN1_OBJECT -is the same as -.Fn OBJ_obj2txt -with -.Fa no_name -set to 0. -.Pp -.Fn i2a_ASN1_OBJECT -writes a textual representation of the OID contained in the given -.Fa object -to -.Fa out_bio -using -.Xr BIO_write 3 . -It does not write a terminating NUL byte. -If the -.Fa object -argument is -.Dv NULL -or contains no OID, it writes the 4-byte string -.Qq NULL . -If -.Fn i2t_ASN1_OBJECT -fails, -.Fn i2a_ASN1_OBJECT -writes the 9-byte string -.Qq . -Otherwise, it writes the string constructed with -.Fn i2t_ASN1_OBJECT . -.Pp -.Fn OBJ_cmp -tests whether -.Fa a -and -.Fa b -represent the same ASN.1 -.Vt OBJECT IDENTIFIER . -Any names and NIDs contained in the two objects are ignored, -even if they differ between both objects. -.Pp -.Fn OBJ_dup -returns a deep copy of the given -.Fa object -if it is marked as dynamically allocated. -The new object and all data contained in it are marked as dynamically -allocated. -If the given -.Fa object -is not marked as dynamically allocated, -.Fn OBJ_dup -just returns a pointer to the -.Fa object -itself. -.Sh RETURN VALUES -Application code should treat all returned values \(em -objects, names, and NIDs \(em as constants. -.Pp -.Fn OBJ_nid2obj -returns a pointer to a table object owned by the library or -.Dv NULL -if no matching table object is found. -.Pp -.Fn OBJ_nid2ln -and -.Fn OBJ_nid2sn -return a pointer to a string owned by a table object or -.Dv NULL -if no matching table object is found. -For -.Dv NID_undef , -they return the constant static strings -.Qq undefined -and -.Qq UNDEF , -respectively. -.Pp -.Fn OBJ_obj2nid -returns an NID on success, or -.Dv NID_undef -if -.Fa object -is -.Dv NULL , -does not contain an OID, -if no table object matching the OID is found, -or if the matching object does not contain an NID. -.Pp -.Fn OBJ_ln2nid -and -.Fn OBJ_sn2nid -return an NID on success or -.Dv NID_undef -if no matching table object is found -or if the matching object does not contain an NID. -.Pp -.Fn OBJ_txt2nid -returns an NID on success or -.Dv NID_undef -if parsing of -.Fa s -or memory allocation fails, if no matching table object is found, -or if the matching object does not contain an NID. -.Pp -.Fn OBJ_txt2obj -returns a pointer to a table object owned by the library if lookup of -.Fa s -as a long or short name succeeds. -Otherwise, it returns a newly created object, -transferring ownership to the caller, or -.Dv NULL -if parsing of -.Fa s -or memory allocation fails. -.Pp -.Fn OBJ_obj2txt -and -.Fn i2t_ASN1_OBJECT -return the amount of space required in bytes, -including the terminating NUL byte, -or zero if an error occurs before the required space can be calculated, -in particular if -.Fa buf_len -is negative, -.Fa object -is -.Dv NULL -or does not contain an OID, -or if memory allocation fails. -.Pp -.Fn OBJ_cmp -returns 0 if both objects refer to the same OID -or neither of them are associated with any OID, -or a non-zero value if at least one of them refers to an OID -but the other one does not refer to the same OID. -.Pp -.Fn OBJ_dup -returns the pointer to the original -.Fa object -if it is not marked as dynamically allocated. -Otherwise, it returns a newly created object, -transferring ownership to the caller, or -.Dv NULL -if -.Fa object -is -.Dv NULL -or memory allocation fails. -.Pp -.Fn i2a_ASN1_OBJECT -returns the number of bytes written, even if the given -.Fa object -is invalid or contains invalid data, -but a negative value if memory allocation or a write operation fails. -.Pp -In some cases of failure of -.Fn OBJ_nid2obj , -.Fn OBJ_nid2ln , -.Fn OBJ_nid2sn , -.Fn OBJ_txt2nid , -.Fn OBJ_txt2obj , -.Fn OBJ_obj2txt , -.Fn OBJ_dup , -.Fn i2t_ASN1_OBJECT , -and -.Fn i2a_ASN1_OBJECT , -the reason can be determined with -.Xr ERR_get_error 3 . -.Sh EXAMPLES -Retrieve the object for -.Sy commonName : -.Bd -literal -offset indent -ASN1_OBJECT *object; -object = OBJ_nid2obj(NID_commonName); -.Ed -.Pp -Check whether an object contains the OID for -.Sy commonName : -.Bd -literal -offset indent -if (OBJ_obj2nid(object) == NID_commonName) - /* Do something */ -.Ed -.Pp -Create a new object directly: -.Bd -literal -offset indent -object = OBJ_txt2obj("1.2.3.4", 1); -.Ed -.Sh SEE ALSO -.Xr ASN1_OBJECT_new 3 , -.Xr BIO_new 3 , -.Xr d2i_ASN1_OBJECT 3 , -.Xr OBJ_create 3 -.Sh HISTORY -.Fn OBJ_nid2obj , -.Fn OBJ_nid2ln , -.Fn OBJ_nid2sn , -.Fn OBJ_obj2nid , -.Fn OBJ_ln2nid , -.Fn OBJ_sn2nid , -.Fn OBJ_txt2nid , -.Fn OBJ_cmp , -and -.Fn OBJ_dup -first appeared in SSLeay 0.5.1. -.Fn i2a_ASN1_OBJECT -first appeared in SSLeay 0.6.0, and -.Fn i2t_ASN1_OBJECT -in SSLeay 0.9.0. -All these functions have been available since -.Ox 2.4 . -.Pp -.Fn OBJ_txt2obj -first appeared in OpenSSL 0.9.2b. -.Fn OBJ_obj2txt -first appeared in OpenSSL 0.9.4. -Both functions have been available since -.Ox 2.6 . -.Sh CAVEATS -The API contract of -.Fn OBJ_txt2obj -when called with a -.Fa no_name -argument of 0 and of -.Fn OBJ_dup -is scary in so far as the caller cannot find out from the returned -object whether it is owned by the library or whether ownership was -transferred to the caller. -Consequently, it is best practice to assume that ownership of the object -may have been transferred and call -.Xr ASN1_OBJECT_free 3 -on the returned object when the caller no longer needs it. -In case the library retained ownership of the returned object, -.Xr ASN1_OBJECT_free 3 -has no effect and is harmless. -.Pp -Objects returned from -.Fn OBJ_txt2obj -with a -.Fa no_name -argument of 1 always require -.Xr ASN1_OBJECT_free 3 -to prevent memory leaks. -.Pp -Objects returned from -.Fn OBJ_nid2obj -never require -.Xr ASN1_OBJECT_free 3 , -but calling it anyway has no effect and is harmless. -.Sh BUGS -Usually, an object is expected to contain an NID other than -.Dv NID_undef -if and only if it is a table object. -However, this is not an invariant guaranteed by the API. -In particular, -.Xr ASN1_OBJECT_create 3 -allows the creation of non-table objects containing bogus NIDs. -.Fn OBJ_obj2nid -returns such bogus NIDs even though -.Fn OBJ_nid2obj -cannot use them for retrieval. -On top of that, the global table contains one built-in object with an NID of -.Dv NID_undef . -.Pp -.Fn OBJ_obj2txt -is awkward and messy to use: it doesn't follow the convention of other -OpenSSL functions where the buffer can be set to -.Dv NULL -to determine the amount of data that should be written. -Instead -.Fa buf -must point to a valid buffer and -.Fa buf_len -should be set to a positive value. -A buffer length of 80 should be more than enough to handle any OID -encountered in practice. diff --git a/src/lib/libcrypto/man/OCSP_CRLID_new.3 b/src/lib/libcrypto/man/OCSP_CRLID_new.3 deleted file mode 100644 index 6feb608654..0000000000 --- a/src/lib/libcrypto/man/OCSP_CRLID_new.3 +++ /dev/null @@ -1,113 +0,0 @@ -.\" $OpenBSD: OCSP_CRLID_new.3,v 1.8 2022/01/15 23:38:50 jsg Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: January 15 2022 $ -.Dt OCSP_CRLID_NEW 3 -.Os -.Sh NAME -.Nm OCSP_CRLID_new , -.Nm OCSP_CRLID_free , -.Nm OCSP_crlID_new -.Nd OCSP CRL extension -.Sh SYNOPSIS -.In openssl/ocsp.h -.Ft OCSP_CRLID * -.Fn OCSP_CRLID_new void -.Ft void -.Fn OCSP_CRLID_free "OCSP_CRLID *crlid" -.Ft X509_EXTENSION * -.Fo OCSP_crlID_new -.Fa "const char *url" -.Fa "long *number" -.Fa "char *time" -.Fc -.Sh DESCRIPTION -If a client asks about the validity of a certificate and it turns -out to be invalid, the responder may optionally communicate which -certificate revocation list the certificate was found on. -The required data is stored as an ASN.1 -.Vt CrlID -structure in the singleExtensions field of the -.Vt SingleResponse -structure. -The -.Vt CrlID -is represented by an -.Vt OCSP_CRLID -object, which will be stored inside the -.Vt OCSP_SINGLERESP -object documented in -.Xr OCSP_SINGLERESP_new 3 . -.Pp -.Fn OCSP_CRLID_new -allocates and initializes an empty -.Vt OCSP_CRLID -object. -.Fn OCSP_CRLID_free -frees -.Fa crlid . -.Pp -.Fn OCSP_crlID_new -accepts the -.Fa url -at which the CRL is available, the CRL -.Fa number , -and/or the -.Fa time -at which the CRL was created. -Each argument can be -.Dv NULL , -in which case the respective field is omitted. -The resulting -.Vt CrlID -structure is encoded in ASN.1 using -.Xr X509V3_EXT_i2d 3 -with criticality 0. -.Sh RETURN VALUES -.Fn OCSP_CRLID_new -returns a new -.Vt OCSP_CRLID -object or -.Dv NULL -if an error occurred. -.Pp -.Fn OCSP_crlID_new -returns a new -.Vt X509_EXTENSION -object or -.Dv NULL -if an error occurred. -.Sh SEE ALSO -.Xr OCSP_REQUEST_new 3 , -.Xr OCSP_resp_find_status 3 , -.Xr OCSP_response_status 3 , -.Xr X509_EXTENSION_new 3 -.Sh STANDARDS -RFC 6960: X.509 Internet Public Key Infrastructure Online Certificate -Status Protocol, section 4.4.2: CRL References -.Sh HISTORY -.Fn OCSP_CRLID_new , -.Fn OCSP_CRLID_free , -and -.Fn OCSP_crlID_new -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Sh CAVEATS -The function names -.Fn OCSP_CRLID_new -and -.Fn OCSP_crlID_new -only differ in case. diff --git a/src/lib/libcrypto/man/OCSP_REQUEST_new.3 b/src/lib/libcrypto/man/OCSP_REQUEST_new.3 deleted file mode 100644 index a304f60160..0000000000 --- a/src/lib/libcrypto/man/OCSP_REQUEST_new.3 +++ /dev/null @@ -1,329 +0,0 @@ -.\" $OpenBSD: OCSP_REQUEST_new.3,v 1.12 2022/02/19 13:09:36 jsg Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2014, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: February 19 2022 $ -.Dt OCSP_REQUEST_NEW 3 -.Os -.Sh NAME -.Nm OCSP_REQUEST_new , -.Nm OCSP_REQUEST_free , -.Nm OCSP_SIGNATURE_new , -.Nm OCSP_SIGNATURE_free , -.Nm OCSP_REQINFO_new , -.Nm OCSP_REQINFO_free , -.Nm OCSP_ONEREQ_new , -.Nm OCSP_ONEREQ_free , -.Nm OCSP_request_add0_id , -.Nm OCSP_request_sign , -.Nm OCSP_request_add1_cert , -.Nm OCSP_request_onereq_count , -.Nm OCSP_request_onereq_get0 -.Nd OCSP request functions -.Sh SYNOPSIS -.In openssl/ocsp.h -.Ft OCSP_REQUEST * -.Fn OCSP_REQUEST_new void -.Ft void -.Fn OCSP_REQUEST_free "OCSP_REQUEST *req" -.Ft OCSP_SIGNATURE * -.Fn OCSP_SIGNATURE_new void -.Ft void -.Fn OCSP_SIGNATURE_free "OCSP_SIGNATURE *signature" -.Ft OCSP_REQINFO * -.Fn OCSP_REQINFO_new void -.Ft void -.Fn OCSP_REQINFO_free "OCSP_REQINFO *reqinfo" -.Ft OCSP_ONEREQ * -.Fn OCSP_ONEREQ_new void -.Ft void -.Fn OCSP_ONEREQ_free "OCSP_ONEREQ *onereq" -.Ft OCSP_ONEREQ * -.Fo OCSP_request_add0_id -.Fa "OCSP_REQUEST *req" -.Fa "OCSP_CERTID *cid" -.Fc -.Ft int -.Fo OCSP_request_sign -.Fa "OCSP_REQUEST *req" -.Fa "X509 *signer" -.Fa "EVP_PKEY *key" -.Fa "const EVP_MD *dgst" -.Fa "STACK_OF(X509) *certs" -.Fa "unsigned long flags" -.Fc -.Ft int -.Fo OCSP_request_add1_cert -.Fa "OCSP_REQUEST *req" -.Fa "X509 *cert" -.Fc -.Ft int -.Fo OCSP_request_onereq_count -.Fa "OCSP_REQUEST *req" -.Fc -.Ft OCSP_ONEREQ * -.Fo OCSP_request_onereq_get0 -.Fa "OCSP_REQUEST *req" -.Fa "int i" -.Fc -.Sh DESCRIPTION -.Fn OCSP_REQUEST_new -allocates and initializes an empty -.Vt OCSP_REQUEST -object, representing an ASN.1 -.Vt OCSPRequest -structure defined in RFC 6960. -.Fn OCSP_REQUEST_free -frees -.Fa req . -.Pp -.Fn OCSP_SIGNATURE_new -allocates and initializes an empty -.Vt OCSP_SIGNATURE -object, representing an ASN.1 -.Vt Signature -structure defined in RFC 6960. -Such an object is used inside -.Vt OCSP_REQUEST . -.Fn OCSP_SIGNATURE_free -frees -.Fa signature . -.Pp -.Fn OCSP_REQINFO_new -allocates and initializes an empty -.Vt OCSP_REQINFO -object, representing an ASN.1 -.Vt TBSRequest -structure defined in RFC 6960. -Such an object is used inside -.Vt OCSP_REQUEST . -It asks about the validity of one or more certificates. -.Fn OCSP_REQINFO_free -frees -.Fa reqinfo . -.Pp -.Fn OCSP_ONEREQ_new -allocates and initializes an empty -.Vt OCSP_ONEREQ -object, representing an ASN.1 -.Vt Request -structure defined in RFC 6960. -Such objects are used inside -.Vt OCSP_REQINFO . -Each one asks about the validity of one certificate. -.Fn OCSP_ONEREQ_free -frees -.Fa onereq . -.Pp -.Fn OCSP_request_add0_id -adds certificate ID -.Fa cid -to -.Fa req . -It returns the -.Vt OCSP_ONEREQ -object added so an application can add additional extensions to the -request. -The -.Fa cid -parameter must not be freed up after the operation. -.Pp -.Fn OCSP_request_sign -signs OCSP request -.Fa req -using certificate -.Fa signer , -private key -.Fa key , -digest -.Fa dgst , -and additional certificates -.Fa certs . -If the -.Fa flags -option -.Dv OCSP_NOCERTS -is set, then no certificates will be included in the request. -.Pp -.Fn OCSP_request_add1_cert -adds certificate -.Fa cert -to request -.Fa req . -The application is responsible for freeing up -.Fa cert -after use. -.Pp -.Fn OCSP_request_onereq_count -returns the total number of -.Vt OCSP_ONEREQ -objects in -.Fa req . -.Pp -.Fn OCSP_request_onereq_get0 -returns an internal pointer to the -.Vt OCSP_ONEREQ -contained in -.Fa req -of index -.Fa i . -The index value -.Fa i -runs from 0 to -.Fn OCSP_request_onereq_count req No - 1 . -.Pp -.Fn OCSP_request_onereq_count -and -.Fn OCSP_request_onereq_get0 -are mainly used by OCSP responders. -.Sh RETURN VALUES -.Fn OCSP_REQUEST_new , -.Fn OCSP_SIGNATURE_new , -.Fn OCSP_REQINFO_new , -and -.Fn OCSP_ONEREQ_new -return an empty -.Vt OCSP_REQUEST , -.Vt OCSP_SIGNATURE , -.Vt OCSP_REQINFO , -or -.Vt OCSP_ONEREQ -object, respectively, or -.Dv NULL -if an error occurred. -.Pp -.Fn OCSP_request_add0_id -returns the -.Vt OCSP_ONEREQ -object containing -.Fa cid -or -.Dv NULL -if an error occurred. -.Pp -.Fn OCSP_request_sign -and -.Fn OCSP_request_add1_cert -return 1 for success or 0 for failure. -.Pp -.Fn OCSP_request_onereq_count -returns the total number of -.Vt OCSP_ONEREQ -objects in -.Fa req . -.Pp -.Fn OCSP_request_onereq_get0 -returns a pointer to an -.Vt OCSP_ONEREQ -object or -.Dv NULL -if the index value is out of range. -.Sh EXAMPLES -Create an -.Vt OCSP_REQUEST -object for certificate -.Fa cert -with issuer -.Fa issuer : -.Bd -literal -offset indent -OCSP_REQUEST *req; -OCSP_ID *cid; - -req = OCSP_REQUEST_new(); -if (req == NULL) - /* error */ -cid = OCSP_cert_to_id(EVP_sha1(), cert, issuer); -if (cid == NULL) - /* error */ - -if (OCSP_REQUEST_add0_id(req, cid) == NULL) - /* error */ - - /* Do something with req, e.g. query responder */ - -OCSP_REQUEST_free(req); -.Ed -.Sh SEE ALSO -.Xr ACCESS_DESCRIPTION_new 3 , -.Xr crypto 3 , -.Xr d2i_OCSP_REQUEST 3 , -.Xr d2i_OCSP_RESPONSE 3 , -.Xr EVP_DigestInit 3 , -.Xr OCSP_cert_to_id 3 , -.Xr OCSP_CRLID_new 3 , -.Xr OCSP_request_add1_nonce 3 , -.Xr OCSP_resp_find_status 3 , -.Xr OCSP_response_status 3 , -.Xr OCSP_sendreq_new 3 , -.Xr OCSP_SERVICELOC_new 3 , -.Xr X509_ocspid_print 3 -.Sh STANDARDS -RFC 6960: X.509 Internet Public Key Infrastructure Online Certificate -Status Protocol, section 4.1: Request Syntax -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.7 -and have been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/OCSP_SERVICELOC_new.3 b/src/lib/libcrypto/man/OCSP_SERVICELOC_new.3 deleted file mode 100644 index 62eb8c320f..0000000000 --- a/src/lib/libcrypto/man/OCSP_SERVICELOC_new.3 +++ /dev/null @@ -1,109 +0,0 @@ -.\" $OpenBSD: OCSP_SERVICELOC_new.3,v 1.8 2019/08/23 12:23:39 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: August 23 2019 $ -.Dt OCSP_SERVICELOC_NEW 3 -.Os -.Sh NAME -.Nm OCSP_SERVICELOC_new , -.Nm OCSP_SERVICELOC_free , -.Nm OCSP_url_svcloc_new -.Nd OCSP service locator extension -.Sh SYNOPSIS -.In openssl/ocsp.h -.Ft OCSP_SERVICELOC * -.Fn OCSP_SERVICELOC_new void -.Ft void -.Fn OCSP_SERVICELOC_free "OCSP_SERVICELOC *sloc" -.Ft X509_EXTENSION * -.Fo OCSP_url_svcloc_new -.Fa "X509_NAME *issuer" -.Fa "const char **urls" -.Fc -.Sh DESCRIPTION -Due to restrictions of network routing, a client may be unable to -directly contact the authoritative OCSP server for a certificate -that needs to be checked. -In that case, the request can be sent via a proxy server. -An ASN.1 -.Vt ServiceLocator -structure is included in the singleRequestExtensions field of the -.Vt Request -structure to indicate where to forward the request. -The -.Vt ServiceLocator -is represented by a -.Vt OCSP_SERVICELOC -object, which will be stored inside the -.Vt OCSP_ONEREQ -object documented in -.Xr OCSP_ONEREQ_new 3 . -.Pp -.Fn OCSP_SERVICELOC_new -allocates and initializes an empty -.Vt OCSP_SERVICELOC -object. -.Fn OCSP_SERVICELOC_free -frees -.Fa sloc . -.Pp -.Fn OCSP_url_svcloc_new -requires an -.Fa issuer -name and optionally accepts an array of -.Fa urls . -If -.Fa urls -or its first element is -.Dv NULL , -the locator field is omitted from the -.Vt ServiceLocator -structure and only the issuer is included. -The resulting -.Vt ServiceLocator -structure is encoded in ASN.1 using -.Xr X509V3_EXT_i2d 3 -with criticality 0. -.Sh RETURN VALUES -.Fn OCSP_SERVICELOC_new -returns a new -.Vt OCSP_SERVICELOC -object or -.Dv NULL -if an error occurred. -.Pp -.Fn OCSP_url_svcloc_new -returns a new -.Vt X509_EXTENSION -object or -.Dv NULL -if an error occurred. -.Sh SEE ALSO -.Xr OCSP_REQUEST_new 3 , -.Xr X509_EXTENSION_new 3 , -.Xr X509_get1_ocsp 3 , -.Xr X509_get_issuer_name 3 , -.Xr X509_NAME_new 3 -.Sh STANDARDS -RFC 6960: X.509 Internet Public Key Infrastructure Online Certificate -Status Protocol, section 4.4.6: Service Locator -.Sh HISTORY -.Fn OCSP_SERVICELOC_new , -.Fn OCSP_SERVICELOC_free , -and -.Fn OCSP_url_svcloc_new -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/OCSP_cert_to_id.3 b/src/lib/libcrypto/man/OCSP_cert_to_id.3 deleted file mode 100644 index e014a1d262..0000000000 --- a/src/lib/libcrypto/man/OCSP_cert_to_id.3 +++ /dev/null @@ -1,239 +0,0 @@ -.\" $OpenBSD: OCSP_cert_to_id.3,v 1.13 2024/08/24 19:31:09 tb Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2014, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: August 24 2024 $ -.Dt OCSP_CERT_TO_ID 3 -.Os -.Sh NAME -.Nm OCSP_CERTID_new , -.Nm OCSP_CERTID_free , -.Nm OCSP_cert_to_id , -.Nm OCSP_cert_id_new , -.Nm OCSP_id_issuer_cmp , -.Nm OCSP_id_cmp , -.Nm OCSP_id_get0_info -.Nd OCSP certificate ID utility functions -.Sh SYNOPSIS -.In openssl/ocsp.h -.Ft OCSP_CERTID * -.Fn OCSP_CERTID_new void -.Ft void -.Fn OCSP_CERTID_free "OCSP_CERTID *id" -.Ft OCSP_CERTID * -.Fo OCSP_cert_to_id -.Fa "const EVP_MD *dgst" -.Fa "const X509 *subject" -.Fa "const X509 *issuer" -.Fc -.Ft OCSP_CERTID * -.Fo OCSP_cert_id_new -.Fa "const EVP_MD *dgst" -.Fa "const X509_NAME *issuerName" -.Fa "const ASN1_BIT_STRING *issuerKey" -.Fa "const ASN1_INTEGER *serialNumber" -.Fc -.Ft int -.Fo OCSP_id_issuer_cmp -.Fa "OCSP_CERTID *a" -.Fa "OCSP_CERTID *b" -.Fc -.Ft int -.Fo OCSP_id_cmp -.Fa "OCSP_CERTID *a" -.Fa "OCSP_CERTID *b" -.Fc -.Ft int -.Fo OCSP_id_get0_info -.Fa "ASN1_OCTET_STRING **piNameHash" -.Fa "ASN1_OBJECT **pmd" -.Fa "ASN1_OCTET_STRING **pikeyHash" -.Fa "ASN1_INTEGER **pserial" -.Fa "OCSP_CERTID *cid" -.Fc -.Sh DESCRIPTION -.Fn OCSP_CERTID_new -allocates and initializes an empty -.Vt OCSP_CERTID -object, representing an ASN.1 -.Vt CertID -structure defined in RFC 6960. -It can store hashes of an issuer's distinguished name and public -key together with a serial number of a certificate. -It is used by the -.Vt OCSP_ONEREQ -object described in -.Xr OCSP_ONEREQ_new 3 -and by the -.Vt OCSP_SINGLERESP -object described in -.Xr OCSP_SINGLERESP_new 3 . -.Fn OCSP_CERTID_free -frees -.Fa id . -.Pp -.Fn OCSP_cert_to_id -creates and returns a new -.Vt OCSP_CERTID -object using message digest -.Fa dgst -for certificate -.Fa subject -with issuer -.Fa issuer . -If -.Fa dgst -is -.Dv NULL -then SHA1 is used. -.Pp -.Fn OCSP_cert_id_new -creates and returns a new -.Vt OCSP_CERTID -using -.Fa dgst -and issuer name -.Fa issuerName , -issuer key hash -.Fa issuerKey -and serial number -.Fa serialNumber . -.Pp -.Fn OCSP_id_issuer_cmp -compares the hash algorithms, -the hashed issuer distinguished names and -the hashed public keys of -.Vt OCSP_CERTID -.Fa a -and -.Fa b . -.Pp -.Fn OCSP_id_cmp -compares -.Vt OCSP_CERTID -.Fa a -and -.Fa b -using -.Fn OCSP_id_issuer_cmp -followed by a comparison of the certificate serial numbers with -.Xr ASN1_INTEGER_cmp 3 . -.Pp -.Fn OCSP_id_get0_info -returns the issuer name hash, hash OID, issuer key hash and serial -number contained in -.Fa cid . -If any of the values are not required, the corresponding parameter can be -set to -.Dv NULL . -The values returned by -.Fn OCSP_id_get0_info -are internal pointers and must not be freed up by an application: -they will be freed when the corresponding -.Vt OCSP_CERTID -object is freed. -.Pp -OCSP clients will typically only use -.Fn OCSP_cert_to_id -or -.Fn OCSP_cert_id_new : -the other functions are used by responder applications. -.Sh RETURN VALUES -.Fn OCSP_CERTID_new , -.Fn OCSP_cert_to_id , -and -.Fn OCSP_cert_id_new -return either a pointer to a valid -.Vt OCSP_CERTID -object or -.Dv NULL -if an error occurred. -.Pp -.Fn OCSP_id_cmp -and -.Fn OCSP_id_issuer_cmp -return 0 for a match or non-zero otherwise. -.Pp -.Fn OCSP_id_get0_info -returns 1 for success or 0 for failure. -.Sh SEE ALSO -.Xr ASN1_INTEGER_cmp 3 , -.Xr EVP_DigestInit 3 , -.Xr OCSP_request_add1_nonce 3 , -.Xr OCSP_REQUEST_new 3 , -.Xr OCSP_resp_find_status 3 , -.Xr OCSP_response_status 3 , -.Xr OCSP_sendreq_new 3 , -.Xr X509_get_issuer_name 3 , -.Xr X509_NAME_new 3 , -.Xr X509_ocspid_print 3 -.Sh STANDARDS -RFC 6960: X.509 Internet Public Key Infrastructure Online Certificate -Status Protocol, section 4: Details of the Protocol -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.7 -and have been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/OCSP_request_add1_nonce.3 b/src/lib/libcrypto/man/OCSP_request_add1_nonce.3 deleted file mode 100644 index 036c937c61..0000000000 --- a/src/lib/libcrypto/man/OCSP_request_add1_nonce.3 +++ /dev/null @@ -1,163 +0,0 @@ -.\" $OpenBSD: OCSP_request_add1_nonce.3,v 1.4 2018/03/22 21:08:22 schwarze Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2014, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 22 2018 $ -.Dt OCSP_REQUEST_ADD1_NONCE 3 -.Os -.Sh NAME -.Nm OCSP_request_add1_nonce , -.Nm OCSP_basic_add1_nonce , -.Nm OCSP_check_nonce , -.Nm OCSP_copy_nonce -.Nd OCSP nonce functions -.Sh SYNOPSIS -.In openssl/ocsp.h -.Ft int -.Fo OCSP_request_add1_nonce -.Fa "OCSP_REQUEST *req" -.Fa "unsigned char *val" -.Fa "int len" -.Fc -.Ft int -.Fo OCSP_basic_add1_nonce -.Fa "OCSP_BASICRESP *resp" -.Fa "unsigned char *val" -.Fa "int len" -.Fc -.Ft int -.Fo OCSP_check_nonce -.Fa "OCSP_REQUEST *req" -.Fa "OCSP_BASICRESP *resp" -.Fc -.Ft int -.Fo OCSP_copy_nonce -.Fa "OCSP_BASICRESP *resp" -.Fa "OCSP_REQUEST *req" -.Fc -.Sh DESCRIPTION -An OCSP nonce is typically added to an OCSP request to thwart replay -attacks by checking the same nonce value appears in the response. -.Pp -.Fn OCSP_request_add1_nonce -adds a nonce of value -.Fa val -and length -.Fa len -to OCSP request -.Fa req . -If -.Fa val -is -.Dv NULL , -a random nonce is used. -If -.Fa len -is zero or negative, a default length will be used (currently 16 bytes). -For most purposes the nonce value in a request is set to a random value -so the -.Fa val -parameter in -.Fn OCSP_request_add1_nonce -is usually NULL. -.Pp -.Fn OCSP_basic_add1_nonce -is identical to -.Fn OCSP_request_add1_nonce -except it adds a nonce to OCSP basic response -.Fa resp . -.Pp -.Fn OCSP_check_nonce -compares the nonce value in -.Fa req -and -.Fa resp . -.Pp -.Fn OCSP_copy_nonce -copies any nonce value present in -.Fa req -to -.Fa resp . -.Pp -Some responders may include a nonce in all responses even if one is not -supplied. -.Pp -Some responders cache OCSP responses and do not sign each response for -performance reasons. -As a result they do not support nonces. -.Sh RETURN VALUES -.Fn OCSP_request_add1_nonce -and -.Fn OCSP_basic_add1_nonce -return 1 for success or 0 for failure. -.Pp -.Fn OCSP_copy_nonce -returns 1 if a nonce was successfully copied, 2 if no nonce was -present in -.Fa req , -or 0 if an error occurred. -.Pp -.Fn OCSP_check_nonce -returns positive values for success: 1 if nonces are present and -equal, 2 if both nonces are absent, or 3 if a nonce is present in -the response only. -A zero return value indicates that both nonces are present but -mismatch: this should be treated as an error condition. -A return value of -1 indicates that a nonce is present in the request -only: this will happen if the responder doesn't support nonces. -.Sh SEE ALSO -.Xr OCSP_cert_to_id 3 , -.Xr OCSP_REQUEST_new 3 , -.Xr OCSP_resp_find_status 3 , -.Xr OCSP_response_status 3 , -.Xr OCSP_sendreq_new 3 -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.7 -and have been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/OCSP_resp_find_status.3 b/src/lib/libcrypto/man/OCSP_resp_find_status.3 deleted file mode 100644 index 06d0354bd6..0000000000 --- a/src/lib/libcrypto/man/OCSP_resp_find_status.3 +++ /dev/null @@ -1,494 +0,0 @@ -.\" $OpenBSD: OCSP_resp_find_status.3,v 1.11 2022/03/31 17:27:17 naddy Exp $ -.\" full merge up to: OpenSSL c952780c Jun 21 07:03:34 2016 -0400 -.\" selective merge up to: OpenSSL 1212818e Sep 11 13:22:14 2018 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2016, 2018, 2019 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson -.\" and David von Oheimb . -.\" Copyright (c) 2014, 2018 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 31 2022 $ -.Dt OCSP_RESP_FIND_STATUS 3 -.Os -.Sh NAME -.Nm OCSP_SINGLERESP_new , -.Nm OCSP_SINGLERESP_free , -.Nm OCSP_CERTSTATUS_new , -.Nm OCSP_CERTSTATUS_free , -.Nm OCSP_REVOKEDINFO_new , -.Nm OCSP_REVOKEDINFO_free , -.Nm OCSP_resp_find_status , -.Nm OCSP_cert_status_str , -.Nm OCSP_resp_count , -.Nm OCSP_resp_get0 , -.Nm OCSP_resp_find , -.Nm OCSP_SINGLERESP_get0_id , -.Nm OCSP_single_get0_status , -.Nm OCSP_check_validity , -.Nm OCSP_basic_verify -.Nd OCSP response utility functions -.Sh SYNOPSIS -.In openssl/ocsp.h -.Ft OCSP_SINGLERESP * -.Fn OCSP_SINGLERESP_new void -.Ft void -.Fn OCSP_SINGLERESP_free "OCSP_SINGLERESP *single" -.Ft OCSP_CERTSTATUS * -.Fn OCSP_CERTSTATUS_new void -.Ft void -.Fn OCSP_CERTSTATUS_free "OCSP_CERTSTATUS *certstatus" -.Ft OCSP_REVOKEDINFO * -.Fn OCSP_REVOKEDINFO_new void -.Ft void -.Fn OCSP_REVOKEDINFO_free "OCSP_REVOKEDINFO *revokedinfo" -.Ft int -.Fo OCSP_resp_find_status -.Fa "OCSP_BASICRESP *bs" -.Fa "OCSP_CERTID *id" -.Fa "int *status" -.Fa "int *reason" -.Fa "ASN1_GENERALIZEDTIME **revtime" -.Fa "ASN1_GENERALIZEDTIME **thisupd" -.Fa "ASN1_GENERALIZEDTIME **nextupd" -.Fc -.Ft const char * -.Fo OCSP_cert_status_str -.Fa "long status" -.Fc -.Ft int -.Fo OCSP_resp_count -.Fa "OCSP_BASICRESP *bs" -.Fc -.Ft OCSP_SINGLERESP * -.Fo OCSP_resp_get0 -.Fa "OCSP_BASICRESP *bs" -.Fa "int idx" -.Fc -.Ft int -.Fo OCSP_resp_find -.Fa "OCSP_BASICRESP *bs" -.Fa "OCSP_CERTID *id" -.Fa "int last" -.Fc -.Ft const OCSP_CERTID * -.Fo OCSP_SINGLERESP_get0_id -.Fa "const OCSP_SINGLERESP *single" -.Fc -.Ft int -.Fo OCSP_single_get0_status -.Fa "OCSP_SINGLERESP *single" -.Fa "int *reason" -.Fa "ASN1_GENERALIZEDTIME **revtime" -.Fa "ASN1_GENERALIZEDTIME **thisupd" -.Fa "ASN1_GENERALIZEDTIME **nextupd" -.Fc -.Ft int -.Fo OCSP_check_validity -.Fa "ASN1_GENERALIZEDTIME *thisupd" -.Fa "ASN1_GENERALIZEDTIME *nextupd" -.Fa "long sec" -.Fa "long maxsec" -.Fc -.Ft int -.Fo OCSP_basic_verify -.Fa "OCSP_BASICRESP *bs" -.Fa "STACK_OF(X509) *certs" -.Fa "X509_STORE *st" -.Fa "unsigned long flags" -.Fc -.Sh DESCRIPTION -.Fn OCSP_SINGLERESP_new -allocates and initializes an empty -.Vt OCSP_SINGLERESP -object, representing an ASN.1 -.Vt SingleResponse -structure defined in RFC 6960. -Each such object can store the server's answer regarding the validity -of one individual certificate. -Such objects are used inside the -.Vt OCSP_RESPDATA -of -.Vt OCSP_BASICRESP -objects, which are described in -.Xr OCSP_BASICRESP_new 3 . -.Fn OCSP_SINGLERESP_free -frees -.Fa single . -.Pp -.Fn OCSP_CERTSTATUS_new -allocates and initializes an empty -.Vt OCSP_CERTSTATUS -object, representing an ASN.1 -.Vt CertStatus -structure defined in RFC 6960. -Such an object is used inside -.Vt OCSP_SINGLERESP . -.Fn OCSP_CERTSTATUS_free -frees -.Fa certstatus . -.Pp -.Fn OCSP_REVOKEDINFO_new -allocates and initializes an empty -.Vt OCSP_REVOKEDINFO -object, representing an ASN.1 -.Vt RevokedInfo -structure defined in RFC 6960. -Such an object is used inside -.Vt OCSP_CERTSTATUS . -.Fn OCSP_REVOKEDINFO_free -frees -.Fa revokedinfo . -.Pp -.Fn OCSP_resp_find_status -searches -.Fa bs -for an OCSP response for -.Fa id . -If it is successful, the fields of the response are returned in -.Pf * Fa status , -.Pf * Fa reason , -.Pf * Fa revtime , -.Pf * Fa thisupd -and -.Pf * Fa nextupd . -The -.Pf * Fa status -value will be one of -.Dv V_OCSP_CERTSTATUS_GOOD , -.Dv V_OCSP_CERTSTATUS_REVOKED , -or -.Dv V_OCSP_CERTSTATUS_UNKNOWN . -The -.Pf * Fa reason -and -.Pf * Fa revtime -fields are only set if the status is -.Dv V_OCSP_CERTSTATUS_REVOKED . -If set, the -.Pf * Fa reason -field will be set to the revocation reason which will be one of -.Dv OCSP_REVOKED_STATUS_NOSTATUS , -.Dv OCSP_REVOKED_STATUS_UNSPECIFIED , -.Dv OCSP_REVOKED_STATUS_KEYCOMPROMISE , -.Dv OCSP_REVOKED_STATUS_CACOMPROMISE , -.Dv OCSP_REVOKED_STATUS_AFFILIATIONCHANGED , -.Dv OCSP_REVOKED_STATUS_SUPERSEDED , -.Dv OCSP_REVOKED_STATUS_CESSATIONOFOPERATION , -.Dv OCSP_REVOKED_STATUS_CERTIFICATEHOLD -or -.Dv OCSP_REVOKED_STATUS_REMOVEFROMCRL . -.Pp -.Fn OCSP_cert_status_str -converts one of the -.Fa status -codes retrieved by -.Fn OCSP_resp_find_status -to a string consisting of one word. -.Pp -.Fn OCSP_resp_count -returns the number of -.Vt OCSP_SINGLERESP -structures in -.Fa bs . -.Pp -.Fn OCSP_resp_get0 -returns the -.Vt OCSP_SINGLERESP -structure in -.Fa bs -corresponding to index -.Fa idx , -where -.Fa idx -runs from 0 to -.Fn OCSP_resp_count bs No - 1 . -.Pp -.Fn OCSP_resp_find -searches -.Fa bs -for -.Fa id -and returns the index of the first matching entry after -.Fa last -or starting from the beginning if -.Fa last -is -1. -.Pp -.Fn OCSP_single_get0_status -extracts the fields of -.Fa single -in -.Pf * Fa reason , -.Pf * Fa revtime , -.Pf * Fa thisupd , -and -.Pf * Fa nextupd . -.Pp -.Fn OCSP_check_validity -checks the validity of -.Fa thisupd -and -.Fa nextupd -values which will be typically obtained from -.Fn OCSP_resp_find_status -or -.Fn OCSP_single_get0_status . -If -.Fa sec -is non-zero, it indicates how many seconds leeway should be allowed in -the check. -If -.Fa maxsec -is positive, it indicates the maximum age of -.Fa thisupd -in seconds. -.Pp -Applications will typically call -.Fn OCSP_resp_find_status -using the certificate ID of interest and then check its validity using -.Fn OCSP_check_validity . -They can then take appropriate action based on the status of the -certificate. -.Pp -An OCSP response for a certificate contains -.Sy thisUpdate -and -.Sy nextUpdate -fields. -Normally the current time should be between these two values. -To account for clock skew, the -.Fa maxsec -field can be set to non-zero in -.Fn OCSP_check_validity . -Some responders do not set the -.Sy nextUpdate -field. -This would otherwise mean an ancient response would be considered -valid: the -.Fa maxsec -parameter to -.Fn OCSP_check_validity -can be used to limit the permitted age of responses. -.Pp -The values written to -.Pf * Fa revtime , -.Pf * Fa thisupd , -and -.Pf * Fa nextupd -by -.Fn OCSP_resp_find_status -and -.Fn OCSP_single_get0_status -are internal pointers which must not be freed up by the calling -application. -Any or all of these parameters can be set to -.Dv NULL -if their value is not required. -.Pp -.Fn OCSP_basic_verify -checks that the basic response message -.Fa bs -is correctly signed and that the signer certificate can be validated. -It takes -.Fa st -as the trusted store and -.Fa certs -as a set of untrusted intermediate certificates. -The function first tries to find the signer certificate of the response in -.Fa certs . -It also searches the certificates the responder may have included in -.Fa bs -unless the -.Fa flags -contain -.Dv OCSP_NOINTERN . -It fails if the signer certificate cannot be found. -Next, the function checks the signature of -.Fa bs -and fails on error unless the -.Fa flags -contain -.Dv OCSP_NOSIGS . -Then the function already returns -success if the -.Fa flags -contain -.Dv OCSP_NOVERIFY -or if the signer certificate was found in -.Fa certs -and the -.Fa flags -contain -.Dv OCSP_TRUSTOTHER . -Otherwise the function continues by validating the signer certificate. -To this end, all certificates in -.Fa certs -and in -.Fa bs -are considered as untrusted certificates for the construction of -the validation path for the signer certificate unless the -.Dv OCSP_NOCHAIN -flag is set. -After successful path -validation, the function returns success if the -.Dv OCSP_NOCHECKS -flag is set. -Otherwise it verifies that the signer certificate meets the OCSP issuer -criteria including potential delegation. -If this does not succeed and the -.Fa flags -do not contain -.Dv OCSP_NOEXPLICIT , -the function checks for explicit trust for OCSP signing -in the root CA certificate. -.Sh RETURN VALUES -.Fn OCSP_SINGLERESP_new , -.Fn OCSP_CERTSTATUS_new , -and -.Fn OCSP_REVOKEDINFO_new -return a pointer to an empty -.Vt OCSP_SINGLERESP , -.Vt OCSP_CERTSTATUS , -or -.Vt OCSP_REVOKEDINFO -object, respectively, or -.Dv NULL -if an error occurred. -.Pp -.Fn OCSP_resp_find_status -returns 1 if -.Fa id -is found in -.Fa bs -or 0 otherwise. -.Pp -.Fn OCSP_cert_status_str -returns a pointer to a static string. -.Pp -.Fn OCSP_resp_count -returns the total number of -.Vt OCSP_SINGLERESP -fields in -.Fa bs . -.Pp -.Fn OCSP_resp_get0 -returns a pointer to an -.Vt OCSP_SINGLERESP -structure or -.Dv NULL -if -.Fa idx -is out of range. -.Pp -.Fn OCSP_resp_find -returns the index of -.Fa id -in -.Fa bs -(which may be 0) or -1 if -.Fa id -was not found. -.Pp -.Fn OCSP_SINGLERESP_get0_id -returns an internal pointer to the certificate ID object used by -.Fa single ; -the returned pointer should not be freed by the caller. -.Pp -.Fn OCSP_single_get0_status -returns the status of -.Fa single -or -1 if an error occurred. -.Pp -.Fn OCSP_basic_verify -returns 1 on success, 0 on error, or -1 on fatal error such as malloc failure. -.Sh SEE ALSO -.Xr OCSP_cert_to_id 3 , -.Xr OCSP_CRLID_new 3 , -.Xr OCSP_request_add1_nonce 3 , -.Xr OCSP_REQUEST_new 3 , -.Xr OCSP_response_status 3 , -.Xr OCSP_sendreq_new 3 -.Sh STANDARDS -RFC 6960: X.509 Internet Public Key Infrastructure Online Certificate -Status Protocol, section 4.2: Response Syntax -.Sh HISTORY -.Fn OCSP_SINGLERESP_new , -.Fn OCSP_SINGLERESP_free , -.Fn OCSP_CERTSTATUS_new , -.Fn OCSP_CERTSTATUS_free , -.Fn OCSP_REVOKEDINFO_new , -.Fn OCSP_REVOKEDINFO_free , -.Fn OCSP_resp_find_status , -.Fn OCSP_cert_status_str , -.Fn OCSP_resp_count , -.Fn OCSP_resp_get0 , -.Fn OCSP_resp_find , -.Fn OCSP_single_get0_status , -and -.Fn OCSP_check_validity -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Pp -.Fn OCSP_SINGLERESP_get0_id -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 6.3 . diff --git a/src/lib/libcrypto/man/OCSP_response_status.3 b/src/lib/libcrypto/man/OCSP_response_status.3 deleted file mode 100644 index 4e85384fb0..0000000000 --- a/src/lib/libcrypto/man/OCSP_response_status.3 +++ /dev/null @@ -1,308 +0,0 @@ -.\" $OpenBSD: OCSP_response_status.3,v 1.8 2019/08/27 09:40:29 schwarze Exp $ -.\" full merge up to: OpenSSL bb9ad09e Jun 6 00:43:05 2016 -0400 -.\" selective merge up to: OpenSSL 6738bf14 Feb 13 12:51:29 2018 +0000 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2016, 2019 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2014, 2016, 2018 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: August 27 2019 $ -.Dt OCSP_RESPONSE_STATUS 3 -.Os -.Sh NAME -.Nm OCSP_RESPONSE_new , -.Nm OCSP_RESPONSE_free , -.Nm OCSP_RESPBYTES_new , -.Nm OCSP_RESPBYTES_free , -.Nm OCSP_BASICRESP_new , -.Nm OCSP_BASICRESP_free , -.Nm OCSP_RESPDATA_new , -.Nm OCSP_RESPDATA_free , -.Nm OCSP_RESPID_new , -.Nm OCSP_RESPID_free , -.Nm OCSP_response_create , -.Nm OCSP_response_status , -.Nm OCSP_response_status_str , -.Nm OCSP_response_get1_basic , -.Nm OCSP_basic_sign -.Nd OCSP response functions -.Sh SYNOPSIS -.In openssl/ocsp.h -.Ft OCSP_RESPONSE * -.Fn OCSP_RESPONSE_new void -.Ft void -.Fn OCSP_RESPONSE_free "OCSP_RESPONSE *resp" -.Ft OCSP_RESPBYTES * -.Fn OCSP_RESPBYTES_new void -.Ft void -.Fn OCSP_RESPBYTES_free "OCSP_RESPBYTES *respbytes" -.Ft OCSP_BASICRESP * -.Fn OCSP_BASICRESP_new void -.Ft void -.Fn OCSP_BASICRESP_free "OCSP_BASICRESP *bs" -.Ft OCSP_RESPDATA * -.Fn OCSP_RESPDATA_new void -.Ft void -.Fn OCSP_RESPDATA_free "OCSP_RESPDATA *respdata" -.Ft OCSP_RESPID * -.Fn OCSP_RESPID_new void -.Ft void -.Fn OCSP_RESPID_free "OCSP_RESPID *respid" -.Ft OCSP_RESPONSE * -.Fo OCSP_response_create -.Fa "int status" -.Fa "OCSP_BASICRESP *bs" -.Fc -.Ft int -.Fo OCSP_response_status -.Fa "OCSP_RESPONSE *resp" -.Fc -.Ft const char * -.Fo OCSP_response_status_str -.Fa "long code" -.Fc -.Ft OCSP_BASICRESP * -.Fo OCSP_response_get1_basic -.Fa "OCSP_RESPONSE *resp" -.Fc -.Ft int -.Fo OCSP_basic_sign -.Fa "OCSP_BASICRESP *bs" -.Fa "X509 *signer" -.Fa "EVP_PKEY *key" -.Fa "const EVP_MD *dgst" -.Fa "STACK_OF(X509) *certs" -.Fa "unsigned long flags" -.Fc -.Sh DESCRIPTION -.Fn OCSP_RESPONSE_new -allocates and initializes an empty -.Vt OCSP_RESPONSE -object, representing an ASN.1 -.Vt OCSPResponse -structure defined in RFC 6960. -.Fn OCSP_RESPONSE_free -frees -.Fa resp . -.Pp -.Fn OCSP_RESPBYTES_new -allocates and initializes an empty -.Vt OCSP_RESPBYTES -object, representing an ASN.1 -.Vt ResponseBytes -structure defined in RFC 6960. -Such an object is used inside -.Vt OCSP_RESPONSE . -.Fn OCSP_RESPBYTES_free -frees -.Fa respbytes . -.Pp -.Fn OCSP_BASICRESP_new -allocates and initializes an empty -.Vt OCSP_BASICRESP -object, representing an ASN.1 -.Vt BasicOCSPResponse -structure defined in RFC 6960. -.Vt OCSP_RESPBYTES -contains the DER-encoded form of an -.Vt OCSP_BASICRESP -object. -.Fn OCSP_BASICRESP_free -frees -.Fa bs . -.Pp -.Fn OCSP_RESPDATA_new -allocates and initializes an empty -.Vt OCSP_RESPDATA -object, representing an ASN.1 -.Vt ResponseData -structure defined in RFC 6960. -Such an object is used inside -.Vt OCSP_BASICRESP . -.Fn OCSP_RESPDATA_free -frees -.Fa respdata . -.Pp -.Fn OCSP_RESPID_new -allocates and initializes an empty -.Vt OCSP_RESPID -object, representing an ASN.1 -.Vt ResponderID -structure defined in RFC 6960. -Such an object is used inside -.Vt OCSP_RESPDATA . -.Fn OCSP_RESPID_free -frees -.Fa respid . -.Pp -.Fn OCSP_response_create -creates an -.Vt OCSP_RESPONSE -object for -.Fa status -and optionally including the basic response -.Fa bs . -.Pp -.Fn OCSP_response_status -returns the OCSP response status of -.Fa resp . -It returns one of the values -.Dv OCSP_RESPONSE_STATUS_SUCCESSFUL , -.Dv OCSP_RESPONSE_STATUS_MALFORMEDREQUEST , -.Dv OCSP_RESPONSE_STATUS_INTERNALERROR , -.Dv OCSP_RESPONSE_STATUS_TRYLATER , -.Dv OCSP_RESPONSE_STATUS_SIGREQUIRED , -or -.Dv OCSP_RESPONSE_STATUS_UNAUTHORIZED . -.Pp -.Fn OCSP_response_status_str -converts one of the -.Fa status -codes returned by -.Fn OCSP_response_status -to a string consisting of one word. -.Pp -.Fn OCSP_response_get1_basic -decodes and returns the -.Vt OCSP_BASICRESP -object contained in -.Fa resp . -It is only called if the status of a response is -.Dv OCSP_RESPONSE_STATUS_SUCCESSFUL . -.Pp -.Fn OCSP_basic_sign -signs the OCSP response -.Fa bs -using the certificate -.Fa signer , -the private key -.Fa key , -the digest -.Fa dgst , -and the additional certificates -.Fa certs . -If the -.Fa flags -option -.Dv OCSP_NOCERTS -is set, then no certificates will be included in the request. -If the -.Fa flags -option -.Dv OCSP_RESPID_KEY -is set, then the responder is identified by key ID -rather than by name. -.Sh RETURN VALUES -.Fn OCSP_RESPONSE_new -and -.Fn OCSP_response_create -return a pointer to an -.Vt OCSP_RESPONSE -object or -.Dv NULL -if an error occurred. -.Pp -.Fn OCSP_BASICRESP_new -and -.Fn OCSP_response_get1_basic -return a pointer to an -.Vt OCSP_BASICRESP -object or -.Dv NULL -if an error occurred. -.Pp -.Fn OCSP_RESPBYTES_new , -.Fn OCSP_RESPDATA_new , -and -.Fn OCSP_RESPID_new -return a pointer to an empty -.Vt OCSP_RESPBYTES , -.Vt OCSP_RESPDATA , -or -.Vt OCSP_RESPID -object, respectively, or -.Dv NULL -if an error occurred. -.Pp -.Fn OCSP_response_status -returns a status value. -.Pp -.Fn OCSP_response_status_str -returns a pointer to a static string. -.Pp -.Fn OCSP_basic_sign -return 1 on success or 0 on failure. -.Sh SEE ALSO -.Xr EVP_DigestInit 3 , -.Xr OCSP_cert_to_id 3 , -.Xr OCSP_request_add1_nonce 3 , -.Xr OCSP_REQUEST_new 3 , -.Xr OCSP_resp_find_status 3 , -.Xr OCSP_sendreq_new 3 -.Sh STANDARDS -RFC 6960: X.509 Internet Public Key Infrastructure Online Certificate -Status Protocol, section 4.2: Response Syntax -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.7 -and have been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/OCSP_sendreq_new.3 b/src/lib/libcrypto/man/OCSP_sendreq_new.3 deleted file mode 100644 index 300f719525..0000000000 --- a/src/lib/libcrypto/man/OCSP_sendreq_new.3 +++ /dev/null @@ -1,323 +0,0 @@ -.\" $OpenBSD: OCSP_sendreq_new.3,v 1.10 2022/03/31 17:27:17 naddy Exp $ -.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2018, 2019 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2014, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 31 2022 $ -.Dt OCSP_SENDREQ_NEW 3 -.Os -.Sh NAME -.Nm OCSP_sendreq_new , -.Nm OCSP_sendreq_nbio , -.Nm OCSP_REQ_CTX_free , -.Nm OCSP_REQ_CTX_add1_header , -.Nm OCSP_REQ_CTX_set1_req , -.Nm OCSP_parse_url , -.Nm OCSP_sendreq_bio -.Nd OCSP responder query functions -.Sh SYNOPSIS -.In openssl/ocsp.h -.Ft OCSP_REQ_CTX * -.Fo OCSP_sendreq_new -.Fa "BIO *io" -.Fa "const char *path" -.Fa "OCSP_REQUEST *req" -.Fa "int maxline" -.Fc -.Ft int -.Fo OCSP_sendreq_nbio -.Fa "OCSP_RESPONSE **presp" -.Fa "OCSP_REQ_CTX *rctx" -.Fc -.Ft void -.Fo OCSP_REQ_CTX_free -.Fa "OCSP_REQ_CTX *rctx" -.Fc -.Ft int -.Fo OCSP_REQ_CTX_add1_header -.Fa "OCSP_REQ_CTX *rctx" -.Fa "const char *name" -.Fa "const char *value" -.Fc -.Ft int -.Fo OCSP_REQ_CTX_set1_req -.Fa "OCSP_REQ_CTX *rctx" -.Fa "OCSP_REQUEST *req" -.Fc -.Ft int -.Fo OCSP_parse_url -.Fa "const char *url" -.Fa "char **phost" -.Fa "char **pport" -.Fa "char **ppath" -.Fa "int *pssl" -.Fc -.Ft OCSP_RESPONSE * -.Fo OCSP_sendreq_bio -.Fa "BIO *io" -.Fa "const char *path" -.Fa "OCSP_REQUEST *req" -.Fc -.Sh DESCRIPTION -The function -.Fn OCSP_sendreq_new -returns an -.Vt OCSP_REQ_CTX -structure using the responder -.Fa io , -the URI path -.Fa path , -the OCSP request -.Fa req -and with a response header maximum line length of -.Fa maxline . -If -.Fa maxline -is zero, a default value of 4k is used. -The OCSP request -.Fa req -may be set to -.Dv NULL -and provided later if required. -.Pp -The arguments to -.Fn OCSP_sendreq_new -correspond to the components of the URI. -For example, if the responder URI is -.Pa http://ocsp.com/ocspreq , -the BIO -.Fa io -should be connected to host -.Pa ocsp.com -on port 80 and -.Fa path -should be set to -.Qq /ocspreq . -.Pp -.Fn OCSP_sendreq_nbio -performs non-blocking I/O on the OCSP request context -.Fa rctx . -When the operation is complete, it returns the response in -.Pf * Fa presp . -If -.Fn OCSP_sendreq_nbio -indicates an operation should be retried, the corresponding BIO can -be examined to determine which operation (read or write) should be -retried and appropriate action can be taken, for example a -.Xr select 2 -call on the underlying socket. -.Pp -.Fn OCSP_REQ_CTX_free -frees up the OCSP context -.Fa rctx . -.Pp -.Fn OCSP_REQ_CTX_add1_header -adds header -.Fa name -with value -.Fa value -to the context -.Fa rctx . -The added headers are of the form -.Qq Fa name : value -or just -.Qq Fa name -if -.Fa value -is -.Dv NULL . -.Fn OCSP_REQ_CTX_add1_header -can be called more than once to add multiple headers. -It must be called before any calls to -.Fn OCSP_sendreq_nbio . -The -.Fa req -parameter in the initial to -.Fn OCSP_sendreq_new -call must be set to -.Dv NULL -if additional headers are set. -.Pp -.Fn OCSP_REQ_CTX_set1_req -sets the OCSP request in -.Fa rctx -to -.Fa req . -This function should be called after any calls to -.Fn OCSP_REQ_CTX_add1_header . -.Pp -.Fn OCSP_parse_url -is a utility function to parse a -.Fa url -of the form -.Sm off -.Sy http Op Sy s -.Pf :// Ar host -.Op : Ar port -.Op / Ar path -.Sm on -and store pointers to newly allocated copies of the strings -.Ar host , -.Ar port , -and -.Ar path -in -.Pf * phost , -.Pf * pport , -and -.Pf * ppath , -respectively. -By default, -.Pf * ppath -is set to -.Qq / -and -.Pf * pport -to -.Qq 443 -for -.Sy https -or -.Qq 80 -for -.Sy http . -For -.Sy https , -.Pf * Fa pssl -is set to 1; otherwise, to 0. -.Pp -.Fn OCSP_sendreq_bio -performs an OCSP request using the responder -.Fa io , -the URI path -.Fa path , -the OCSP request -.Fa req . -It does not support retries and so cannot handle non-blocking I/O -efficiently. -It is retained for compatibility and its use in new applications -is not recommended. -.Sh RETURN VALUES -.Fn OCSP_sendreq_new -returns a valid -.Vt OCSP_REQ_CTX -structure or -.Dv NULL -if an error occurred. -.Pp -.Fn OCSP_sendreq_nbio -returns 1 if the operation was completed successfully, --1 if the operation should be retried, -or 0 if an error occurred. -.Pp -.Fn OCSP_REQ_CTX_add1_header , -.Fn OCSP_REQ_CTX_set1_req , -and -.Fn OCSP_parse_url -return 1 for success or 0 for failure. -.Pp -.Fn OCSP_sendreq_bio -returns the -.Vt OCSP_RESPONSE -structure sent by the responder or -.Dv NULL -if an error occurred. -.Sh EXAMPLES -Add a Host header for -.Pa ocsp.com : -.Pp -.Dl OCSP_REQ_CTX_add1_header(ctx, "Host", "ocsp.com"); -.Sh SEE ALSO -.Xr OCSP_cert_to_id 3 , -.Xr OCSP_request_add1_nonce 3 , -.Xr OCSP_REQUEST_new 3 , -.Xr OCSP_resp_find_status 3 , -.Xr OCSP_response_status 3 , -.Xr X509_get1_ocsp 3 -.Sh HISTORY -.Fn OCSP_parse_url -and -.Fn OCSP_sendreq_bio -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Pp -.Fn OCSP_sendreq_new , -.Fn OCSP_sendreq_nbio , -and -.Fn OCSP_REQ_CTX_free -first appeared in OpenSSL 0.9.8h and have been available since -.Ox 4.5 . -.Pp -.Fn OCSP_REQ_CTX_add1_header -and -.Fn OCSP_REQ_CTX_set1_req -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . -.Sh CAVEATS -These functions only perform a minimal HTTP query to a responder. -If an application wishes to support more advanced features, it -should use an alternative, more complete, HTTP library. -.Pp -Currently only HTTP POST queries to responders are supported. diff --git a/src/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3 b/src/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3 deleted file mode 100644 index 76427a864b..0000000000 --- a/src/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3 +++ /dev/null @@ -1,281 +0,0 @@ -.\" $OpenBSD: OPENSSL_VERSION_NUMBER.3,v 1.13 2023/11/16 20:17:04 schwarze Exp $ -.\" full merge up to: OpenSSL 1f13ad31 Dec 25 17:50:39 2017 +0800 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2017, 2018 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Ulf Moeller , -.\" Richard Levitte , and -.\" Bodo Moeller . -.\" Copyright (c) 2000, 2002, 2015, 2016, 2017 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 16 2023 $ -.Dt OPENSSL_VERSION_NUMBER 3 -.Os -.Sh NAME -.Nm OPENSSL_VERSION_NUMBER , -.Nm LIBRESSL_VERSION_NUMBER , -.Nm LIBRESSL_VERSION_TEXT , -.Nm OPENSSL_VERSION_TEXT , -.Nm OpenSSL_version_num , -.Nm OpenSSL_version , -.Nm SSLeay , -.Nm SSLeay_version -.Nd get OpenSSL version number -.Sh SYNOPSIS -.In openssl/opensslv.h -.Fd #define OPENSSL_VERSION_NUMBER 0x020000000L -.Fd #define LIBRESSL_VERSION_NUMBER 0x02nnnn00fL -.Fd #define LIBRESSL_VERSION_TEXT \(dqLibreSSL 2.n.n\(dq -.Fd #define OPENSSL_VERSION_TEXT LIBRESSL_VERSION_TEXT -.In openssl/crypto.h -.Ft unsigned long -.Fn OpenSSL_version_num void -.Ft const char * -.Fo OpenSSL_version -.Fa "int t" -.Fc -.Ft long -.Fn SSLeay void -.Ft const char * -.Fo SSLeay_version -.Fa "int t" -.Fc -.Sh DESCRIPTION -.Dv OPENSSL_VERSION_NUMBER -and -.Dv LIBRESSL_VERSION_NUMBER -are numeric release version identifiers. -The first two digits contain the major release number, -the third and fourth digits the minor release number, -and the fifth and sixth digits the fix release number. -For OpenSSL, the seventh and eight digits contain the patch release number -and the final digit is 0 for development, 1 to e for betas 1 to 14, or f -for release. -For LibreSSL, -.Dv OPENSSL_VERSION_NUMBER -is always 0x020000000, -and -.Dv LIBRESSL_VERSION_NUMBER -always ends with 00f. -.Pp -For example: -.Bd -literal -offset indent -OPENSSL_VERSION_NUMBER: -0x000906000 == 0.9.6 dev -0x000906023 == 0.9.6b beta 3 -0x00090605f == 0.9.6e release -0x020000000 == 2.0.0 for any version of LibreSSL - -LIBRESSL_VERSION_NUMBER: -0x02070000f == LibreSSL 2.7.0 -.Ed -.Pp -OpenSSL versions prior to 0.9.3 had identifiers < 0x0930. -For versions between 0.9.3 and 0.9.5, -the seventh digit was 1 for release and 0 otherwise, -and the eighth and ninth digits were the patch release number. -.Pp -For example: -.Bd -literal -0x000904100 == 0.9.4 release -0x000905000 == 0.9.5 dev -.Ed -.Pp -OpenSSL version 0.9.5a had an interim interpretation that is like the current -one, except the patch level got the highest bit set, to keep continuity. -The number was therefore 0x0090581f. -.Pp -.Fn OpenSSL_version_num -returns -.Dv OPENSSL_VERSION_NUMBER . -.Pp -.Fn OpenSSL_version -returns different strings depending on -.Fa t : -.Bl -tag -width Ds -.It Dv OPENSSL_VERSION -The text variant of the version number, -.Dv OPENSSL_VERSION_TEXT . -For OpenSSL, it includes the release date, for example -.Qq OpenSSL 0.9.5a 1 Apr 2000 . -For LibreSSL, -.Dv LIBRESSL_VERSION_TEXT -is returned. -.It Dv OPENSSL_CFLAGS -The compiler flags set for the compilation process in the form -.Qq compiler: ... -if available or -.Qq compiler: information not available -otherwise. -LibreSSL never provides compiler information. -.It Dv OPENSSL_BUILT_ON -The date of the build process in the form -.Qq built on: ... -if available or -.Qq built on: date not available -otherwise. -LibreSSL never provides information on the build date. -.It Dv OPENSSL_PLATFORM -The Configure target of the library build in the form -.Qq platform: ... -if available or -.Qq platform: information not available -otherwise. -LibreSSL never provides platform information. -.It Dv OPENSSL_DIR -The -.Dv OPENSSLDIR -setting of the library build in the form -.Qq OPENSSLDIR: Qq ... -if available or -.Qq OPENSSLDIR: N/A -otherwise. -For LibreSSL, the default is -.Qq OPENSSLDIR: Qq /etc/ssl . -.It Dv OPENSSL_ENGINES_DIR -The -.Dv ENGINESDIR -setting of the library build in the form -.Qq ENGINESDIR: Qq ... -if available or -.Qq ENGINESDIR: N/A -otherwise. -LibreSSL never provides or uses an -.Dv ENGINESDIR . -.El -.Pp -For an unknown -.Fa t , -the text -.Qq not available -is returned. -.Pp -For backward compatibility, -.Dv SSLEAY_VERSION_NUMBER -is an alias for -.Dv OPENSSL_VERSION_NUMBER -and -.Fn SSLeay -for -.Fn OpenSSL_version_num . -The legacy function -.Fn SSLeay_version -is similar to -.Fn OpenSSL_version -except that it takes arguments -.Dv SSLEAY_VERSION , -.Dv SSLEAY_CFLAGS , -.Dv SSLEAY_BUILT_ON , -.Dv SSLEAY_PLATFORM , -and -.Dv SSLEAY_DIR -which expand to -.Em other -numerical values than the corresponding -.Dv OPENSSL_* -macros. -.Sh RETURN VALUES -.Fn OpenSSL_version_num -and -.Fn SSLeay -return a constant version number. -.Pp -.Fn OpenSSL_version -and -.Fn SSLeay_version -return pointers to static strings. -.Sh SEE ALSO -.Xr crypto 3 , -.Xr OPENSSL_config 3 -.Sh HISTORY -.Fn SSLeay , -.Fn SSLeay_version , -and -.Dv SSLEAY_VERSION_NUMBER -first appeared in SSLeay 0.6.0 and have been available since -.Ox 2.4 . -.Pp -.Dv OPENSSL_VERSION_NUMBER -first appeared in the first OpenSSL release, OpenSSL 0.9.1c, -and has been available since -.Ox 2.6 . -.Pp -.Dv SSLEAY_DIR -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Pp -.Dv LIBRESSL_VERSION_NUMBER -first appeared in LibreSSL 2.0.0 and -.Ox 5.6 -and got its final format in LibreSSL 2.3.2 and -.Ox 5.9 . -.Dv LIBRESSL_VERSION_TEXT -first appeared in LibreSSL 2.2.2 and -.Ox 5.8 . -.Pp -.Fn OpenSSL_version_num -and -.Fn OpenSSL_version -first appeared in OpenSSL 1.1.0 -and have been available since LibreSSL 2.7.1 and -.Ox 6.3 . diff --git a/src/lib/libcrypto/man/OPENSSL_cleanse.3 b/src/lib/libcrypto/man/OPENSSL_cleanse.3 deleted file mode 100644 index 95fe6b86fd..0000000000 --- a/src/lib/libcrypto/man/OPENSSL_cleanse.3 +++ /dev/null @@ -1,42 +0,0 @@ -.\" $OpenBSD: OPENSSL_cleanse.3,v 1.4 2019/06/10 09:49:48 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: June 10 2019 $ -.Dt OPENSSL_CLEANSE 3 -.Os -.Sh NAME -.Nm OPENSSL_cleanse -.Nd OpenSSL memory cleaning operation -.Sh SYNOPSIS -.In openssl/crypto.h -.Ft void -.Fo OPENSSL_cleanse -.Fa "void *ptr" -.Fa "size_t len" -.Fc -.Sh DESCRIPTION -Do not use the interface documented here. -It is provided purely for compatibility with legacy application code. -.Pp -.Fn OPENSSL_cleanse -has the same semantics as, and is a wrapper around, -.Xr explicit_bzero 3 . -.Sh SEE ALSO -.Xr crypto 3 -.Sh HISTORY -.Fn OPENSSL_cleanse -first appeared in OpenSSL 0.9.6h and has been available since -.Ox 3.4 . diff --git a/src/lib/libcrypto/man/OPENSSL_config.3 b/src/lib/libcrypto/man/OPENSSL_config.3 deleted file mode 100644 index f5f31571a1..0000000000 --- a/src/lib/libcrypto/man/OPENSSL_config.3 +++ /dev/null @@ -1,152 +0,0 @@ -.\" $OpenBSD: OPENSSL_config.3,v 1.16 2023/11/19 21:01:27 tb Exp $ -.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2018 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2004 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 19 2023 $ -.Dt OPENSSL_CONFIG 3 -.Os -.Sh NAME -.Nm OPENSSL_config , -.Nm OPENSSL_no_config -.Nd simple crypto and ssl library configuration -.Sh SYNOPSIS -.In openssl/conf.h -.Ft void -.Fo OPENSSL_config -.Fa "const char *appname" -.Fc -.Ft void -.Fn OPENSSL_no_config void -.Sh DESCRIPTION -.Fn OPENSSL_config -initializes the crypto library and calls -.Xr CONF_modules_load_file 3 -with the standard configuration file and the given -.Fa appname . -If -.Fa appname -is -.Dv NULL , -then the default name -.Sy openssl_conf -is used. -Any errors are ignored. -Further calls to -.Fn OPENSSL_config -have no effect. -.Pp -.Fn OPENSSL_no_config -suppresses the loading of the standard configuration file, so that any -future calls to -.Fn OPENSSL_config -or to -.Xr OPENSSL_init_crypto 3 -will ensure the library is initialized but no configuration -file will be loaded. -.Pp -Calling these functions is optional. -All required initialization of the crypto libraries happens -automatically when needed. -.Pp -To use a non-standard configuration file, refer to -.Xr CONF_modules_load_file 3 . -.Pp -Internally, -.Fn OPENSSL_config -calls -.Xr OPENSSL_init_crypto 3 -and -.Xr OPENSSL_load_builtin_modules 3 . -.Pp -If an application is compiled with the preprocessor symbol -.Dv OPENSSL_LOAD_CONF -#define'd, -.Xr OpenSSL_add_all_algorithms 3 -automatically calls -.Fn OPENSSL_config . -.Pp -Applications should free up configuration at application closedown by -calling -.Xr CONF_modules_free 3 . -.Sh FILES -.Bl -tag -width /etc/ssl/openssl.cnf -compact -.It Pa /etc/ssl/openssl.cnf -standard configuration file -.El -.Sh SEE ALSO -.Xr CONF_modules_free 3 , -.Xr CONF_modules_load_file 3 , -.Xr crypto 3 , -.Xr OPENSSL_load_builtin_modules 3 , -.Xr OPENSSL_VERSION_NUMBER 3 , -.Xr openssl.cnf 5 , -.Xr x509v3.cnf 5 -.Sh HISTORY -.Fn OPENSSL_config -and -.Fn OPENSSL_no_config -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/OPENSSL_init_crypto.3 b/src/lib/libcrypto/man/OPENSSL_init_crypto.3 deleted file mode 100644 index 6f38c7bda2..0000000000 --- a/src/lib/libcrypto/man/OPENSSL_init_crypto.3 +++ /dev/null @@ -1,115 +0,0 @@ -.\" $OpenBSD: OPENSSL_init_crypto.3,v 1.5 2020/05/24 12:21:31 schwarze Exp $ -.\" Copyright (c) 2018, 2020 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: May 24 2020 $ -.Dt OPENSSL_INIT_CRYPTO 3 -.Os -.Sh NAME -.Nm OPENSSL_init_crypto , -.Nm OPENSSL_init -.Nd initialise the crypto library -.Sh SYNOPSIS -.In openssl/crypto.h -.Ft int -.Fo OPENSSL_init_crypto -.Fa "uint64_t options" -.Fa "const void *dummy" -.Fc -.Ft void -.Fn OPENSSL_init void -.Sh DESCRIPTION -These functions are deprecated. -It is never useful for an application program -to call either of them explicitly. -.Pp -The library automatically calls -.Fn OPENSSL_init_crypto -internally with an -.Fa options -argument of 0 whenever needed. -It is safest to assume that any function may do so. -.Pp -To enable or disable the standard configuration file, instead use -.Xr OPENSSL_config 3 -or -.Xr OPENSSL_no_config 3 , -respectively. -To load a non-standard configuration file, refer to -.Xr CONF_modules_load_file 3 . -.Pp -If -.Fn OPENSSL_init_crypto -is called before any other crypto or ssl functions, the crypto -library is initialised by allocating various internal resources, -in particular calling -.Xr ERR_load_crypto_strings 3 , -.Xr OpenSSL_add_all_ciphers 3 , -and -.Xr OpenSSL_add_all_digests 3 . -.Pp -The following -.Fa options -are supported: -.Bl -tag -width Ds -.It Dv OPENSSL_INIT_LOAD_CONFIG -At the end of the initialization, call -.Xr OPENSSL_config 3 -with a -.Dv NULL -argument, loading the default configuration file. -.It Dv OPENSSL_INIT_NO_LOAD_CONFIG -Ignore any later calls to -.Xr OPENSSL_config 3 . -.El -.Pp -The other -.Fa options -flags defined by OpenSSL are all ignored by LibreSSL. -The -.Fa dummy -argument has no effect. -.Pp -If this function is called more than once, none of the calls except -the first one have any effect. -.Pp -.Fn OPENSSL_init -has no effect at all. -.Sh RETURN VALUES -.Fn OPENSSL_init_crypto -is intended to return 1 on success or 0 on error. -.Sh SEE ALSO -.Xr CONF_modules_load_file 3 , -.Xr OPENSSL_config 3 , -.Xr OPENSSL_load_builtin_modules 3 , -.Xr openssl.cnf 5 -.Sh HISTORY -.Fn OPENSSL_init -first appeared in OpenSSL 1.0.0e and has been available since -.Ox 5.3 . -It stopped having any effect in OpenSSL 1.1.1 and in -.Ox 5.6 . -.Pp -.Fn OPENSSL_init_crypto -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 6.3 . -.Sh BUGS -.Fn OPENSSL_init_crypto -silently ignores almost all kinds of errors. -In particular, if memory allocation fails, initialisation is likely -to remain incomplete, the library may be in an inconsistent internal -state, but the return value will usually indicate success anyway. -There is no way for the application program to find out whether -library initialisation is actually complete, nor to get back to a -consistent state if it isn't. diff --git a/src/lib/libcrypto/man/OPENSSL_load_builtin_modules.3 b/src/lib/libcrypto/man/OPENSSL_load_builtin_modules.3 deleted file mode 100644 index 2b20efaf0e..0000000000 --- a/src/lib/libcrypto/man/OPENSSL_load_builtin_modules.3 +++ /dev/null @@ -1,101 +0,0 @@ -.\" $OpenBSD: OPENSSL_load_builtin_modules.3,v 1.8 2023/12/05 02:41:13 jsg Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2004, 2013 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 5 2023 $ -.Dt OPENSSL_LOAD_BUILTIN_MODULES 3 -.Os -.Sh NAME -.Nm OPENSSL_load_builtin_modules , -.Nm ASN1_add_oid_module -.Nd add standard configuration modules -.Sh SYNOPSIS -.In openssl/conf.h -.Ft void -.Fn OPENSSL_load_builtin_modules void -.Ft void -.Fn ASN1_add_oid_module void -.Sh DESCRIPTION -The function -.Fn OPENSSL_load_builtin_modules -adds all the standard OpenSSL configuration modules to the internal -list. -They can then be used by the OpenSSL configuration code. -.Pp -.Fn ASN1_add_oid_module -adds just the ASN.1 OBJECT module. -.Pp -If the simple configuration function -.Xr OPENSSL_config 3 -is called then -.Fn OPENSSL_load_builtin_modules -is called automatically. -.Pp -Applications which use configuration functions like -.Xr CONF_modules_load_file 3 -directly need to call -.Fn OPENSSL_load_builtin_modules -themselves -.Em before -any other configuration code. -.Pp -Applications should call -.Xr OPENSSL_config 3 -or -.Fn OPENSSL_load_builtin_modules -to load all configuration modules instead of adding modules selectively: -otherwise functionality may be missing from the application when -new modules are added. -.Sh SEE ALSO -.Xr CONF_modules_load_file 3 , -.Xr OPENSSL_config 3 -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.7 -and have been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/OPENSSL_malloc.3 b/src/lib/libcrypto/man/OPENSSL_malloc.3 deleted file mode 100644 index a43dc56923..0000000000 --- a/src/lib/libcrypto/man/OPENSSL_malloc.3 +++ /dev/null @@ -1,101 +0,0 @@ -.\" $OpenBSD: OPENSSL_malloc.3,v 1.13 2024/04/04 09:30:43 tb Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: April 4 2024 $ -.Dt OPENSSL_MALLOC 3 -.Os -.Sh NAME -.Nm OPENSSL_malloc , -.Nm OPENSSL_free , -.Nm OPENSSL_strdup , -.Nm CRYPTO_malloc , -.Nm CRYPTO_free , -.Nm CRYPTO_strdup -.Nd legacy OpenSSL memory allocation wrappers -.Sh SYNOPSIS -.In openssl/crypto.h -.Ft void * -.Fo OPENSSL_malloc -.Fa "size_t num" -.Fc -.Ft void -.Fo OPENSSL_free -.Fa "void *addr" -.Fc -.Ft char * -.Fo OPENSSL_strdup -.Fa "const char *str" -.Fc -.Ft void * -.Fo CRYPTO_malloc -.Fa "size_t num" -.Fa "const char *file" -.Fa "int line" -.Fc -.Ft void -.Fo CRYPTO_free -.Fa "void *str" -.Fa "const char *" -.Fa int -.Fc -.Ft char * -.Fo CRYPTO_strdup -.Fa "const char *p" -.Fa "const char *file" -.Fa "int line" -.Fc -.Sh DESCRIPTION -Do not use any of the interfaces documented here in new code. -They are provided purely for compatibility with legacy application code. -.Pp -These functions are wrappers around the corresponding -standard -.Xr malloc 3 , -.Xr free 3 , -and -.Xr strdup 3 -functions. -.Pp -The -.Fn OPENSSL_* -functions are implemented as macros. -.Sh RETURN VALUES -These functions return the same type and value as the corresponding -standard functions. -.Sh SEE ALSO -.Xr crypto 3 -.Sh HISTORY -.Fn CRYPTO_malloc -and -.Fn CRYPTO_free -first appeared in SSLeay 0.6.4 and have been available since -.Ox 2.4 . -.Pp -.Fn OPENSSL_malloc -and -.Fn OPENSSL_free -first appeared in OpenSSL 0.9.6 and have been available since -.Ox 2.9 . -.Pp -.Fn CRYPTO_strdup -and -.Fn OPENSSL_strdup -first appeared in OpenSSL 0.9.8j and have been available since -.Ox 4.5 . -.Sh CAVEATS -If interoperability with other implementations is required, -memory returned by the library as bare pointers must be freed with -.Fn OPENSSL_free . diff --git a/src/lib/libcrypto/man/OPENSSL_sk_new.3 b/src/lib/libcrypto/man/OPENSSL_sk_new.3 deleted file mode 100644 index 8f06bb4212..0000000000 --- a/src/lib/libcrypto/man/OPENSSL_sk_new.3 +++ /dev/null @@ -1,553 +0,0 @@ -.\" $OpenBSD: OPENSSL_sk_new.3,v 1.13 2024/03/04 09:47:34 tb Exp $ -.\" -.\" Copyright (c) 2018 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 4 2024 $ -.Dt OPENSSL_SK_NEW 3 -.Os -.Sh NAME -.Nm sk_new_null , -.Nm sk_new , -.Nm sk_set_cmp_func , -.Nm sk_dup , -.Nm sk_free , -.Nm sk_pop_free , -.Nm sk_num , -.Nm sk_value , -.Nm sk_find , -.Nm sk_sort , -.Nm sk_is_sorted , -.Nm sk_push , -.Nm sk_unshift , -.Nm sk_insert , -.Nm sk_set , -.Nm sk_pop , -.Nm sk_shift , -.Nm sk_delete , -.Nm sk_delete_ptr , -.Nm sk_zero -.Nd variable-sized arrays of void pointers, called OpenSSL stacks -.Sh SYNOPSIS -.In openssl/stack.h -.Ft _STACK * -.Fn sk_new_null void -.Ft _STACK * -.Fo sk_new -.Fa "int (*compfunc)(const void *, const void *)" -.Fc -.Ft old_function_pointer -.Fo sk_set_cmp_func -.Fa "_STACK *stack" -.Fa "int (*compfunc)(const void *, const void *)" -.Fc -.Ft _STACK * -.Fo sk_dup -.Fa "_STACK *stack" -.Fc -.Ft void -.Fo sk_free -.Fa "_STACK *stack" -.Fc -.Ft void -.Fo sk_pop_free -.Fa "_STACK *stack" -.Fa "void (*freefunc)(void *)" -.Fc -.Ft int -.Fo sk_num -.Fa "const _STACK *stack" -.Fc -.Ft void * -.Fo sk_value -.Fa "const _STACK *stack" -.Fa "int index" -.Fc -.Ft int -.Fo sk_find -.Fa "_STACK *stack" -.Fa "void *wanted" -.Fc -.Ft void -.Fo sk_sort -.Fa "_STACK *stack" -.Fc -.Ft int -.Fo sk_is_sorted -.Fa "const _STACK *stack" -.Fc -.Ft int -.Fo sk_push -.Fa "_STACK *stack" -.Fa "void *new_item" -.Fc -.Ft int -.Fo sk_unshift -.Fa "_STACK *stack" -.Fa "void *new_item" -.Fc -.Ft int -.Fo sk_insert -.Fa "_STACK *stack" -.Fa "void *new_item" -.Fa "int index" -.Fc -.Ft void * -.Fo sk_set -.Fa "_STACK *stack" -.Fa "int index" -.Fa "void *new_item" -.Fc -.Ft void * -.Fo sk_pop -.Fa "_STACK *stack" -.Fc -.Ft void * -.Fo sk_shift -.Fa "_STACK *stack" -.Fc -.Ft void * -.Fo sk_delete -.Fa "_STACK *stack" -.Fa "int index" -.Fc -.Ft void * -.Fo sk_delete_ptr -.Fa "_STACK *stack" -.Fa "void *wanted" -.Fc -.Ft void -.Fo sk_zero -.Fa "_STACK *stack" -.Fc -.Sh DESCRIPTION -OpenSSL introduced an idiosyncratic concept of variable sized arrays -of pointers and somewhat misleadingly called such an array a -.Dq stack . -Intrinsically, and as documented in this manual page, OpenSSL stacks -are not type safe but only handle -.Vt void * -function arguments and return values. -.Pp -OpenSSL also provides a fragile, unusually complicated system of -macro-generated wrappers that offers superficial type safety at the -expense of extensive obfuscation, implemented using large amounts -of autogenerated code involving exceedingly ugly, nested -.Xr cpp 1 -macros; see the -.Xr STACK_OF 3 -manual page for details. -.Pp -The fundamental data type is the -.Vt _STACK -structure. -It stores a variable number of void pointers -and remembers the number of pointers currently stored. -It can optionally hold a pointer to a comparison function. -As long as no comparison function is installed, the order of pointers -is meaningful; as soon as a comparison function is installed, it -becomes ill-defined. -.Pp -.Fn sk_new_null -allocates and initializes a new, empty stack. -.Fn sk_new -is identical except that it also installs -.Fa compfunc -as the comparison function for the new stack object. -.Fn sk_set_cmp_func -installs -.Fa compfunc -for the existing -.Fa stack . -The -.Fa compfunc -is allowed to be -.Dv NULL , -but the -.Fa stack -is not. -.Pp -.Fn sk_dup -creates a shallow copy of the given -.Fa stack , -which must not be a -.Dv NULL -pointer. -It neither copies the objects pointed to from the stack nor -increases their reference counts, but merely copies the pointers. -Extreme care must be taken in order to avoid freeing the memory twice, -for example by calling -.Fn sk_free -on one copy and only calling -.Fn sk_pop_free -on the other. -.Pp -.Fn sk_free -frees the given -.Fa stack . -It does not free any of the pointers stored on the stack. -Unless these pointers are merely copies of pointers owned by -other objects, they must be freed before calling -.Fn sk_free , -in order to avoid leaking memory. -If -.Fa stack -is a -.Dv NULL -pointer, no action occurs. -.Pp -.Fn sk_pop_free -is severely misnamed. -It does not at all do what one would expect from a function called -.Dq pop . -Instead, it does the same as -.Fn sk_free , -except that it also calls the function -.Fa freefunc -on each of the pointers contained in the -.Fa stack . -If the calls to -.Fa freefunc -are intended to free the memory in use by the objects on the stack, -ensure that no other pointers to the same objects remain elsewhere. -.Pp -.Fn sk_find -searches the -.Fa stack -for the -.Fa wanted -pointer. -If the -.Fa stack -contains more than one copy of the -.Fa wanted -pointer, only the first match is found. -If a comparison function is installed for the stack, the stack is -first sorted with -.Fn sk_sort , -and instead of comparing pointers, two pointers are considered to match -if the comparison function returns 0. -.Pp -.Fn sk_sort -sorts the -.Fa stack -using -.Xr qsort 3 -and the installed comparison function. -If -.Fa stack -is a -.Dv NULL -pointer or already considered sorted, no action occurs. -This function can only be called if a comparison function is installed. -.Pp -.Fn sk_is_sorted -reports whether the -.Fa stack -is considered sorted. -Calling -.Fn sk_new_null -or -.Fn sk_new , -successfully calling -.Fn sk_push , -.Fn sk_unshift , -.Fn sk_insert , -or -.Fn sk_set , -or changing the comparison function sets the state to unsorted. -If a comparison function is installed, calling -.Fn sk_sort , -or -.Fn sk_find -sets the state to sorted. -.Pp -.Fn sk_push -pushes -.Fa new_item -onto the end of the -.Fa stack , -increasing the number of pointers by 1. -If -.Fa stack -is a -.Dv NULL -pointer, no action occurs. -.Pp -.Fn sk_unshift -inserts -.Fa new_item -at the beginning of the -.Fa stack , -such that it gets the index 0. -The number of pointers increases by 1. -If -.Fa stack -is a -.Dv NULL -pointer, no action occurs. -.Pp -.Fn sk_insert -inserts the -.Fa new_item -into the -.Fa stack -such that it gets the given -.Fa index . -If -.Fa index -is less than 0 or greater than or equal to -.Fn sk_num stack , -the effect is the same as for -.Fn sk_push . -If -.Fa stack -is a -.Dv NULL -pointer, no action occurs. -.Pp -.Fn sk_set -replaces the pointer with the given -.Fa index -on the -.Fa stack -with the -.Fa new_item . -The old pointer is not freed, -which may leak memory if no copy of it exists elsewhere. -If -.Fa stack -is a -.Dv NULL -pointer or if -.Fa index -is less than 0 or greater than or equal to -.Fn sk_num stack , -no action occurs. -.Pp -.Fn sk_pop -and -.Fn sk_shift -remove the pointer with the highest or lowest index from the -.Fa stack , -respectively, reducing the number of pointers by 1. -If -.Fa stack -is a -.Dv NULL -pointer or if it is empty, no action occurs. -.Pp -.Fn sk_delete -removes the pointer with the given -.Fa index -from the -.Fa stack , -reducing the number of pointers by 1. -If -.Fa stack -is a -.Dv NULL -pointer or the -.Fa index -is less than 0 or greater than or equal to -.Fn sk_num stack , -no action occurs. -.Pp -.Fn sk_delete_ptr -removes the -.Fa wanted -pointer from the -.Fa stack , -reducing the number of pointers by 1 if it is found. -It never uses a comparison function -but only compares pointers themselves. -The -.Fa stack -pointer must not be -.Dv NULL . -.Pp -.Fn sk_zero -removes all pointers from the -.Fa stack . -It does not free any of the pointers. -Unless these pointers are merely copies of pointers owned by other -objects, they must be freed before calling -.Fn sk_zero , -in order to avoid leaking memory. -If -.Fa stack -is a -.Dv NULL -pointer, no action occurs. -.Sh RETURN VALUES -.Fn sk_new_null , -.Fn sk_new , -and -.Fn sk_dup -return a pointer to the newly allocated stack object or -.Dv NULL -if insufficient memory is available. -.Pp -.Fn sk_set_cmp_func -returns a pointer to the comparison function -that was previously installed for the -.Fa stack -or -.Dv NULL -if none was installed. -.Pp -.Fn sk_num -returns the number of pointers currently stored on the -.Fa stack , -or \-1 if -.Fa stack -is a -.Dv NULL -pointer. -.Pp -.Fn sk_value -returns the pointer with the given -.Fa index -from the -.Fa stack , -or -.Dv NULL -if -.Fa stack -is a -.Dv NULL -pointer or if the -.Fa index -is less than 0 or greater than or equal to -.Fn sk_num stack . -.Pp -.Fn sk_find -returns the lowest index considered to match or \-1 if -.Fa stack -is a -.Dv NULL -pointer or if no match is found. -.Pp -.Fn sk_is_sorted -returns 1 if the -.Fa stack -is considered sorted or if it is a -.Dv NULL -pointer, or 0 otherwise. -.Pp -.Fn sk_push , -.Fn sk_unshift , -and -.Fn sk_insert -return the new number of pointers on the -.Fa stack -or 0 if -.Fa stack -is a -.Dv NULL -pointer or if memory allocation fails. -.Pp -.Fn sk_set -returns -.Fa new_item -or -.Dv NULL -if -.Fa stack -is a -.Dv NULL -pointer or if the -.Fa index -is less than 0 or greater than or equal to -.Fn sk_num stack . -.Pp -.Fn sk_pop -and -.Fn sk_shift -return the deleted pointer or -.Dv NULL -if -.Fa stack -is a -.Dv NULL -pointer or if it is empty. -.Pp -.Fn sk_delete -returns the deleted pointer or -.Dv NULL -if -.Fa stack -is a -.Dv NULL -pointer or if the -.Fa index -is less than 0 or greater than or equal to -.Fn sk_num stack . -.Pp -.Fn sk_delete_ptr -returns -.Fa wanted -or -.Dv NULL -if it is not found. -.Sh SEE ALSO -.Xr STACK_OF 3 -.Sh HISTORY -.Fn sk_new_null , -.Fn sk_new , -.Fn sk_free , -.Fn sk_pop_free , -.Fn sk_num , -.Fn sk_value , -.Fn sk_find , -.Fn sk_push , -.Fn sk_unshift , -.Fn sk_insert , -.Fn sk_pop , -.Fn sk_shift , -.Fn sk_delete , -and -.Fn sk_delete_ptr -first appeared in SSLeay 0.5.1. -.Fn sk_set_cmp_func , -.Fn sk_dup , -and -.Fn sk_zero -first appeared in SSLeay 0.8.0. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn sk_set -first appeared in OpenSSL 0.9.3. -.Fn sk_sort -first appeared in OpenSSL 0.9.4. -Both functions have been available since -.Ox 2.6 . -.Pp -.Fn sk_is_sorted -first appeared in OpenSSL 0.9.7e and has been available since -.Ox 3.8 . -.Sh BUGS -Even if a comparison function is installed, empty stacks and -stacks containing a single pointer are sometimes considered -sorted and sometimes considered unsorted. -.Pp -If a comparison function is installed, the concept of -.Dq first match -in -.Fn sk_find -is ill-defined because -.Xr qsort 3 -is not a stable sorting function. -It is probably best to only assume that they return an arbitrary match. diff --git a/src/lib/libcrypto/man/OpenSSL_add_all_algorithms.3 b/src/lib/libcrypto/man/OpenSSL_add_all_algorithms.3 deleted file mode 100644 index 88ecef9768..0000000000 --- a/src/lib/libcrypto/man/OpenSSL_add_all_algorithms.3 +++ /dev/null @@ -1,152 +0,0 @@ -.\" $OpenBSD: OpenSSL_add_all_algorithms.3,v 1.16 2024/03/04 19:04:47 tb Exp $ -.\" full merge up to: OpenSSL b3696a55 Sep 2 09:35:50 2017 -0400 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000, 2003, 2013 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 4 2024 $ -.Dt OPENSSL_ADD_ALL_ALGORITHMS 3 -.Os -.Sh NAME -.Nm OpenSSL_add_all_algorithms , -.Nm OpenSSL_add_all_ciphers , -.Nm OpenSSL_add_all_digests , -.Nm EVP_cleanup , -.Nm SSLeay_add_all_algorithms -.\" .Nm OPENSSL_add_all_algorithms_conf , -.\" .Nm OPENSSL_add_all_algorithms_noconf , -.\" .Nm SSLeay_add_all_ciphers , and -.\" .Nm SSLeay_add_all_digests are intentionally undocumented -.\" because they are unused aliases. -.Nd add algorithms to internal table -.Sh SYNOPSIS -.In openssl/evp.h -.Ft void -.Fn OpenSSL_add_all_algorithms void -.Ft void -.Fn OpenSSL_add_all_ciphers void -.Ft void -.Fn OpenSSL_add_all_digests void -.Ft void -.Fn EVP_cleanup void -.Ft void -.Fn SSLeay_add_all_algorithms void -.Sh DESCRIPTION -These functions are deprecated. -It is never useful for any application program -to call any of them explicitly. -The library automatically calls them internally whenever needed. -.Pp -OpenSSL keeps an internal table of digest algorithms and ciphers. -It uses this table to look up ciphers via functions such as -.Xr EVP_get_cipherbyname 3 . -.Pp -.Fn OpenSSL_add_all_algorithms -adds all algorithms to the table (digests and ciphers). -If an application is compiled with the preprocessor symbol -.Dv OPENSSL_LOAD_CONF -#define'd, it also calls -.Xr OPENSSL_config 3 -with a -.Dv NULL -argument, loading the default configuration file. -.Pp -.Fn OpenSSL_add_all_digests -adds all digest algorithms to the table. -.Pp -.Fn OpenSSL_add_all_ciphers -adds all encryption algorithms to the table including password based -encryption algorithms. -.Pp -If any of the above functions is called more than once, -only the first call has an effect. -.Pp -.Fn EVP_cleanup -removes all ciphers and digests from the table and also calls -.Xr OBJ_NAME_cleanup 3 -with an argument of \-1 , -thus resetting the global associative array of names -and all signature algorithm definitions to their default states, -removing all application-defined types, key-value pairs, and aliases, -including any that are unrelated to the EVP library. -.Pp -.Fn SSLeay_add_all_algorithms -is a deprecated alias for -.Fn OpenSSL_add_all_algorithms . -.Pp -.Fn OpenSSL_add_all_algorithms -and -.Fn SSLeay_add_all_algorithms -are implemented as macros. -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_DigestInit 3 , -.Xr EVP_EncryptInit 3 , -.Xr OBJ_cleanup 3 , -.Xr OBJ_NAME_add 3 , -.Xr OPENSSL_config 3 -.Sh HISTORY -.Fn EVP_cleanup , -.Fn SSLeay_add_all_algorithms , -and precursor functions -.Fn SSLeay_add_all_ciphers -and -.Fn SSLeay_add_all_digests -first appeared in SSLeay 0.8.0 and have been available since -.Ox 2.4 . -.Pp -.Fn OpenSSL_add_all_algorithms , -.Fn OpenSSL_add_all_ciphers , -and -.Fn OpenSSL_add_all_digests -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . -.Sh BUGS -Although the functions do not return error codes, it is possible for them -to fail. -This will only happen as a result of a memory allocation failure so this -is not too much of a problem in practice. diff --git a/src/lib/libcrypto/man/PEM_ASN1_read.3 b/src/lib/libcrypto/man/PEM_ASN1_read.3 deleted file mode 100644 index 53ebe5ada4..0000000000 --- a/src/lib/libcrypto/man/PEM_ASN1_read.3 +++ /dev/null @@ -1,172 +0,0 @@ -.\" $OpenBSD: PEM_ASN1_read.3,v 1.2 2020/07/23 17:34:53 schwarze Exp $ -.\" -.\" Copyright (c) 2020 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: July 23 2020 $ -.Dt PEM_ASN1_READ 3 -.Os -.Sh NAME -.Nm d2i_of_void , -.Nm PEM_ASN1_read , -.Nm PEM_ASN1_read_bio -.Nd PEM and DER decode an arbitrary ASN.1 value -.Sh SYNOPSIS -.In openssl/pem.h -.Ft typedef void * -.Fo d2i_of_void -.Fa "void **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft void * -.Fo PEM_ASN1_read -.Fa "d2i_of_void *d2i" -.Fa "const char *name" -.Fa "FILE *in_fp" -.Fa "void **val_out" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft void * -.Fo PEM_ASN1_read_bio -.Fa "d2i_of_void *d2i" -.Fa "const char *name" -.Fa "BIO *in_bp" -.Fa "void **val_out" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Sh DESCRIPTION -These functions read one object from -.Fa in_fp -or -.Fa in_bp -and perform both PEM and DER decoding. -They are needed when more specific decoding functions -like those documented in -.Xr PEM_read_bio_PrivateKey 3 -and -.Xr PEM_read_SSL_SESSION 3 -are inadequate for the type -.Fa name . -.Pp -For PEM decoding, -.Xr PEM_bytes_read_bio 3 -is called internally. -Consequently, the first object of type -.Fa name -is returned and preceding objects of other types are discarded. -If necessary, data is decrypted, using -.Fa cb -and/or -.Fa u -if they are not -.Dv NULL , -as described in the -.Xr pem_password_cb 3 -manual page. -.Pp -For subsequent DER decoding, pass a -.Fa d2i -callback function that is adequate for the type -.Fa name , -typically returning a pointer of a type more specific than -.Ft void * . -For example, -.Xr d2i_ASN1_TYPE 3 -can always be used and its manual page describes the required -behaviour of the callback function to be passed. -Normally, passing a more specific function is more useful; -candidate functions can be found with -.Ql man -k Nm~^d2i_ . -.Pp -For the -.Fa name -argument, the -.Dv PEM_STRING_* -string constants defined in -.In openssl/pem.h -can be used. -.Pp -The -.Fa val_out -argument is useless and its many dangers are described in detail in the -.Xr d2i_ASN1_TYPE 3 -manual page. -To reduce the risk of bugs, always passing -.Dv NULL -is recommended. -.Sh RETURN VALUES -These functions return a pointer to the decoded object or -.Dv NULL -if an error occurs. -They fail if -.Xr PEM_bytes_read_bio 3 -fails, for example because of invalid syntax in the input, an unknown -encryption, or an invalid passphrase entered by the user. -They also fail if -.Fa d2i -returns -.Dv NULL , -for example due to DER decoding errors. -.Pp -.Fn PEM_ASN1_read -may also fail if memory is exhausted. -.Sh EXAMPLES -Typical usage of -.Fn PEM_ASN1_read -is demonstrated by the implementation of the more specific function -to PEM and DER decode an X.509 certificate: -.Bd -literal -offset 2n -X509 * -PEM_read_X509(FILE *fp, X509 **val_out, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read((d2i_of_void *)d2i_X509, PEM_STRING_X509, - fp, (void **)val_out, cb, u); -} -.Ed -.Sh ERRORS -Diagnostics that can be retrieved with -.Xr ERR_get_error 3 , -.Xr ERR_GET_REASON 3 , -and -.Xr ERR_reason_error_string 3 -include: -.Bl -tag -width Ds -.It Dv ERR_R_BUF_LIB Qq "BUF lib" -.Fn PEM_ASN1_read -failed to set up a temporary BIO, -for example because memory was exhausted. -.It Dv ERR_R_ASN1_LIB Qq "ASN1 lib" -.Fa d2i -returned -.Dv NULL , -for example due to a DER syntax error. -.El -.Pp -Additional types of errors can result from -.Xr PEM_bytes_read_bio 3 . -.Sh SEE ALSO -.Xr BIO_new 3 , -.Xr d2i_ASN1_TYPE 3 , -.Xr PEM_bytes_read_bio 3 , -.Xr PEM_read 3 , -.Xr PEM_read_bio_PrivateKey 3 , -.Xr PEM_read_SSL_SESSION 3 , -.Xr PEM_X509_INFO_read 3 -.Sh HISTORY -These functions first appeared in SSLeay 0.5.1 -and have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/PEM_X509_INFO_read.3 b/src/lib/libcrypto/man/PEM_X509_INFO_read.3 deleted file mode 100644 index b3216a89b6..0000000000 --- a/src/lib/libcrypto/man/PEM_X509_INFO_read.3 +++ /dev/null @@ -1,189 +0,0 @@ -.\" $OpenBSD: PEM_X509_INFO_read.3,v 1.4 2021/10/19 10:39:33 schwarze Exp $ -.\" -.\" Copyright (c) 2020 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: October 19 2021 $ -.Dt PEM_X509_INFO_READ 3 -.Os -.Sh NAME -.Nm PEM_X509_INFO_read , -.Nm PEM_X509_INFO_read_bio -.Nd PEM and DER decode X.509 certificates, private keys, and revocation lists -.Sh SYNOPSIS -.In openssl/pem.h -.Ft STACK_OF(X509_INFO) * -.Fo PEM_X509_INFO_read -.Fa "FILE *in_fp" -.Fa "STACK_OF(X509_INFO) *sk" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft STACK_OF(X509_INFO) * -.Fo PEM_X509_INFO_read_bio -.Fa "BIO *in_bp" -.Fa "STACK_OF(X509_INFO) *sk" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Sh DESCRIPTION -These functions read zero or more objects -related to X.509 certificates from -.Fa in_fp -or -.Fa in_bp , -perform both PEM and DER decoding, -and wrap the resulting objects in newly allocated -.Vt X509_INFO -containers. -.Pp -Setting -.Fa sk -to -.Dv NULL -is recommended, in which case -a new stack is allocated, populated, and returned. -If an existing -.Fa sk -is passed in, the created -.Vt X509_INFO -objects are pushed onto that stack. -.Pp -For PEM decoding, -.Xr PEM_read_bio 3 -is used internally, implying that any non-PEM data -before, between, and after the objects is silently discarded. -.Pp -For subsequent DER decoding, -the decoding function and the field of the -.Vt X509_INFO -structure to store the new object in -are selected according to the PEM type name: -.Bl -column "TRUSTED CERTIFICATE" "d2i_PrivateKey()" "revocation list" -.It PEM type name Ta decoder Ta Vt X509_INFO No field -.It CERTIFICATE Ta Xr d2i_X509 3 Ta certificate -.It X509 CERTIFICATE Ta Xr d2i_X509 3 Ta certificate -.It TRUSTED CERTIFICATE Ta Xr d2i_X509_AUX 3 Ta certificate -.It X509 CRL Ta Xr d2i_X509_CRL 3 Ta revocation list -.It RSA PRIVATE KEY Ta Xr d2i_PrivateKey 3 Ta private key -.It DSA PRIVATE KEY Ta Xr d2i_PrivateKey 3 Ta private key -.It EC PRIVATE KEY Ta Xr d2i_PrivateKey 3 Ta private key -.El -.Pp -Whenever the selected field is already occupied, another new -.Vt X509_INFO -container is allocated and pushed onto the stack. -Depending on the sequence of objects in the input, this can result -in several partially populated -.Vt X509_INFO -containers being pushed onto the stack. -.Pp -PEM objects of types not listed in the above table are silently skipped. -.Pp -Encrypted certificates and revocation lists are decrypted by calling -.Xr PEM_do_header 3 -internally, passing through the optional arguments -.Fa cb -and -.Fa u . -Encrypted private keys are not decrypted. -Instead, the encrypted form is stored as read. -All the same, -.Xr PEM_get_EVP_CIPHER_INFO 3 -is called internally to check that PEM headers, if there are any, -are valid and specify an encryption the library is prepared to handle. -.Pp -If any error occurs, objects that had already been read -during the same call are deleted again and -.Fa sk -is left unchanged. -.Sh RETURN VALUES -These functions return a pointer to the stack -the objects read were pushed onto or -.Dv NULL -if an error occurs. -They fail if -.Xr PEM_read_bio 3 , -.Xr PEM_get_EVP_CIPHER_INFO 3 , -.Xr PEM_do_header 3 , -or DER decoding fails or if memory is exhausted. -.Sh ERRORS -Diagnostics that can be retrieved with -.Xr ERR_get_error 3 , -.Xr ERR_GET_REASON 3 , -and -.Xr ERR_reason_error_string 3 -include: -.Bl -tag -width Ds -.It Dv ERR_R_ASN1_LIB Qq "ASN1 lib" -DER decoding of a PEM object failed. -.It Dv ERR_R_BUF_LIB Qq BUF lib -.Fn PEM_X509_INFO_read -failed to set up a temporary BIO, for example because memory was exhausted. -.It Dv ERR_R_MALLOC_FAILURE Qq "malloc failure" -.Fn PEM_X509_INFO_read_bio -failed to allocate a new -.Vt X509_INFO , -.Vt STACK_OF(X509_INFO) , -or -.Vt X509_PKEY -object. -.El -.Pp -Additional types of errors can result from -.Xr PEM_read_bio 3 , -.Xr PEM_get_EVP_CIPHER_INFO 3 , -and -.Xr PEM_do_header 3 . -.Pp -After these functions failed due to memory exhaustion, -.Xr ERR_get_error 3 -may sometimes return 0 anyway. -.Sh SEE ALSO -.Xr BIO_new 3 , -.Xr d2i_PrivateKey 3 , -.Xr d2i_X509 3 , -.Xr d2i_X509_CRL 3 , -.Xr EVP_PKEY_new 3 , -.Xr PEM_read 3 , -.Xr PEM_read_bio_PrivateKey 3 , -.Xr STACK_OF 3 , -.Xr X509_CRL_new 3 , -.Xr X509_INFO_new 3 , -.Xr X509_LOOKUP_new 3 , -.Xr X509_new 3 , -.Xr X509_PKEY_new 3 -.Sh HISTORY -.Fn PEM_X509_INFO_read -first appeared in SSLeay 0.5.1 and -.Fn PEM_X509_INFO_read_bio -in SSLeay 0.6.0. -Both functions have been available since -.Ox 2.4 . -.Sh CAVEATS -It is not an error -if the input does not contain any objects of the desired types. -In that case, nothing is added to -.Fa sk , -or if -.Fa sk -is -.Dv NULL , -a newly allocated, empty stack is returned. -The only way to detect this situation is by comparing -the number of objects on the stack before and after the call. -.Sh BUGS -When reaching the end of the input, these functions call -.Xr ERR_clear_error 3 , -which may hide errors that occurred before calling these functions. diff --git a/src/lib/libcrypto/man/PEM_bytes_read_bio.3 b/src/lib/libcrypto/man/PEM_bytes_read_bio.3 deleted file mode 100644 index 20ad6b8a4d..0000000000 --- a/src/lib/libcrypto/man/PEM_bytes_read_bio.3 +++ /dev/null @@ -1,184 +0,0 @@ -.\" $OpenBSD: PEM_bytes_read_bio.3,v 1.6 2020/07/23 17:34:53 schwarze Exp $ -.\" selective merge up to: -.\" OpenSSL PEM_bytes_read_bio.pod 7671342e Feb 29 15:47:12 2016 -0600 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" Copyright (c) 2020 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Benjamin Kaduk . -.\" Copyright (c) 2017 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 23 2020 $ -.Dt PEM_BYTES_READ_BIO 3 -.Os -.Sh NAME -.Nm PEM_bytes_read_bio -.Nd read a PEM-encoded data structure from a BIO -.Sh SYNOPSIS -.In openssl/pem.h -.Ft int -.Fo PEM_bytes_read_bio -.Fa "unsigned char **pdata" -.Fa "long *plen" -.Fa "char **pnm" -.Fa "const char *name" -.Fa "BIO *in_bp" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Sh DESCRIPTION -.Fn PEM_bytes_read_bio -reads and PEM decodes the first object of type -.Fa name -.Pq e.g. RSA PRIVATE KEY, CERTIFICATE, etc.\& -from -.Fa in_bp . -If multiple PEM-encoded data structures are present in the same stream, -it skips non-matching data types and continues reading. -Before reading each PEM object, lines not starting with -.Qq "-----BEGIN " -are also skipped; see -.Xr PEM_read_bio 3 -for details of PEM parsing. -.Pp -The PEM header may indicate that the following data is encrypted; if so, -the data is decrypted, optionally using -.Fa cb -and -.Fa u , -as described in -.Xr pem_password_cb 3 . -.Pp -Some data types have compatibility aliases, such as a file containing -X509 CERTIFICATE matching a request for the deprecated type CERTIFICATE. -The actual type indicated by the file is returned in -.Em *pnm -if -.Fa pnm -is -.Pf non- Dv NULL . -The caller must free the storage pointed to by -.Em *pnm . -.Pp -The returned data is the DER-encoded form of the requested type, in -.Em *pdata -with length -.Em *plen . -The caller must free the storage pointed to by -.Em *pdata . -.Sh RETURN VALUES -.Fn PEM_bytes_read_bio -returns 1 for success or 0 for failure. -.Sh ERRORS -Diagnostics that can be retrieved with -.Xr ERR_get_error 3 , -.Xr ERR_GET_REASON 3 , -and -.Xr ERR_reason_error_string 3 -include: -.Bl -tag -width Ds -.It Dv PEM_R_NO_START_LINE Qq no start line -No more PEM objects were found in the input. -This can happen when the input contains no PEM objects at all, -or only objects that do not match the type -.Fa name . -.It Dv PEM_R_NOT_PROC_TYPE Qq not proc type -The first PEM header does not start with -.Qq "Proc-Type: " . -.It Dv PEM_R_NOT_ENCRYPTED Qq not encrypted -The Proc-Type header differs from -.Qq 4,ENCRYPTED . -.It Dv PEM_R_SHORT_HEADER Qq short header -The Proc-Type header is the last header line. -.It Dv PEM_R_NOT_DEK_INFO Qq not dek info -The second PEM header does not start with -.Qq "DEK-Info: " . -.It Dv PEM_R_UNSUPPORTED_ENCRYPTION Qq unsupported encryption -The cipher name given in the DEK-Info header is unknown to -.Xr EVP_get_cipherbyname 3 . -.It Dv PEM_R_BAD_IV_CHARS Qq "bad iv chars" -The word following the cipher name in the DEK-Info header -contains bytes that are not hexadecimal digits. -This also happens when the initialization vector is missing or too short. -.It Dv PEM_R_BAD_PASSWORD_READ Qq bad password read -.Fa cb -reported failure. -This may for example happen when the user mistypes the password. -.It Dv PEM_R_BAD_DECRYPT Qq bad decrypt -.Xr EVP_DecryptInit_ex 3 , -.Xr EVP_DecryptUpdate 3 , -or -.Xr EVP_DecryptFinal_ex 3 -failed. -.El -.Pp -Additional types of errors can result from -.Xr PEM_read_bio 3 . -.Sh SEE ALSO -.Xr PEM_ASN1_read 3 , -.Xr PEM_read 3 , -.Xr PEM_read_bio_PrivateKey 3 , -.Xr PEM_X509_INFO_read 3 -.Sh STANDARDS -RFC 1421: Privacy Enhancement for Internet Electronic Mail (PEM), Part I -.Sh HISTORY -.Fn PEM_bytes_read_bio -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/PEM_read.3 b/src/lib/libcrypto/man/PEM_read.3 deleted file mode 100644 index 1493d54fc4..0000000000 --- a/src/lib/libcrypto/man/PEM_read.3 +++ /dev/null @@ -1,416 +0,0 @@ -.\" $OpenBSD: PEM_read.3,v 1.15 2023/09/18 15:26:46 schwarze Exp $ -.\" full merge up to: OpenSSL 83cf7abf May 29 13:07:08 2018 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2020 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Viktor Dukhovni -.\" and by Rich Salz . -.\" Copyright (c) 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: September 18 2023 $ -.Dt PEM_READ 3 -.Os -.Sh NAME -.Nm PEM_write , -.Nm PEM_write_bio , -.Nm PEM_read , -.Nm PEM_read_bio , -.Nm PEM_get_EVP_CIPHER_INFO , -.Nm PEM_do_header , -.Nm PEM_def_callback , -.Nm pem_password_cb -.Nd PEM encoding routines -.Sh SYNOPSIS -.In openssl/pem.h -.Ft int -.Fo PEM_write -.Fa "FILE *fp" -.Fa "const char *name" -.Fa "const char *header" -.Fa "const unsigned char *data" -.Fa "long len" -.Fc -.Ft int -.Fo PEM_write_bio -.Fa "BIO *bp" -.Fa "const char *name" -.Fa "const char *header" -.Fa "const unsigned char *data" -.Fa "long len" -.Fc -.Ft int -.Fo PEM_read -.Fa "FILE *fp" -.Fa "char **name" -.Fa "char **header" -.Fa "unsigned char **data" -.Fa "long *len" -.Fc -.Ft int -.Fo PEM_read_bio -.Fa "BIO *bp" -.Fa "char **name" -.Fa "char **header" -.Fa "unsigned char **data" -.Fa "long *len" -.Fc -.Ft int -.Fo PEM_get_EVP_CIPHER_INFO -.Fa "char *header" -.Fa "EVP_CIPHER_INFO *cinfo" -.Fc -.Ft int -.Fo PEM_do_header -.Fa "EVP_CIPHER_INFO *cinfo" -.Fa "unsigned char *data" -.Fa "long *len" -.Fa "pem_password_cb *cb" -.Fa "void *userdata" -.Fc -.Ft int -.Fo PEM_def_callback -.Fa "char *password" -.Fa "int size" -.Fa "int verify" -.Fa "void *userdata" -.Fc -.Ft typedef int -.Fo pem_password_cb -.Fa "char *password" -.Fa "int size" -.Fa "int verify" -.Fa "void *userdata" -.Fc -.Sh DESCRIPTION -These functions read and write PEM-encoded objects, using the PEM type -.Fa name , -any additional -.Fa header -information, and the raw -.Fa data -of length -.Fa len . -.Pp -PEM is the binary content encoding first defined in IETF RFC 1421. -The content is a series of base64-encoded lines, surrounded by -begin/end markers each on their own line. -For example: -.Bd -literal -offset indent ------BEGIN PRIVATE KEY----- -MIICdg.... -\&... bhTQ== ------END PRIVATE KEY----- -.Ed -.Pp -Optional header line(s) may appear after the begin line, and their -existence depends on the type of object being written or read. -.Pp -.Fn PEM_write -writes to the file -.Fa fp , -while -.Fn PEM_write_bio -writes to the BIO -.Fa bp . -The -.Fa name -is the name to use in the marker, the -.Fa header -is the header value or -.Dv NULL , -and -.Fa data -and -.Fa len -specify the data and its length. -.Pp -The final -.Fa data -buffer is typically an ASN.1 object which can be decoded with the -.Fn d2i_* -function appropriate to the type -.Fa name ; -see -.Xr d2i_X509 3 -for examples. -.Pp -.Fn PEM_read -reads from the file -.Fa fp , -while -.Fn PEM_read_bio -reads from the BIO -.Fa bp . -Both skip any non-PEM data that precedes the start of the next PEM -object. -When an object is successfully retrieved, the type name from the -"----BEGIN -----" is returned via the -.Fa name -argument, any encapsulation headers are returned in -.Fa header , -and the base64-decoded content and its length are returned via -.Fa data -and -.Fa len , -respectively. -The -.Fa name , -.Fa header , -and -.Fa data -pointers should be freed by the caller when no longer needed. -.Pp -The remaining functions are deprecated because the underlying PEM -encryption format is obsolete and should be avoided. -It uses an encryption format with an OpenSSL-specific key-derivation -function, which employs MD5 with an iteration count of 1. -Instead, private keys should be stored in PKCS#8 form, with a strong -PKCS#5 v2.0 PBE; see -.Xr PEM_write_PrivateKey 3 -and -.Xr d2i_PKCS8PrivateKey_bio 3 . -.Pp -.Fn PEM_get_EVP_CIPHER_INFO -can be used to determine the -.Fa data -returned by -.Fn PEM_read -or -.Fn PEM_read_bio -is encrypted and to retrieve the associated cipher and IV. -The caller passes a pointer to a structure of type -.Vt EVP_CIPHER_INFO -via the -.Fa cinfo -argument and the -.Fa header -returned via -.Fn PEM_read -or -.Fn PEM_read_bio . -If the call is successful, 1 is returned and the cipher and IV are -stored at the address pointed to by -.Fa cinfo . -When the header is malformed or not supported or when the cipher is -unknown or some internal error happens, 0 is returned. -.Pp -.Fn PEM_do_header -can then be used to decrypt the data if the header indicates encryption. -The -.Fa cinfo -argument is a pointer to the structure initialized by a preceding call -to -.Fn PEM_get_EVP_CIPHER_INFO . -If that structure indicates the absence of encryption, -.Fn PEM_do_header -returns successfully without taking any action. -The -.Fa data -and -.Fa len -arguments are used both to pass in the encrypted data that was -returned in the same arguments from the preceding call to -.Fn PEM_read -or -.Fn PEM_read_bio -and to pass out the decrypted data. -.Pp -The callback function -.Fa cb -is used to obtain the encryption -.Fa password ; -if -.Fa cb -is -.Dv NULL , -.Fn PEM_def_callback -is used instead. -The -.Fa password -buffer needs to be at least -.Fa size -bytes long. -Unless -.Fa userdata -is -.Dv NULL , -.Fn PEM_def_callback -ignores the -.Fa verify -argument and copies the NUL-terminated byte string -.Fa userdata -to -.Fa password -without a terminating NUL byte, silently truncating the copy to at most -.Fa size -bytes. -If -.Fa userdata -is -.Dv NULL , -.Fn PEM_def_callback -instead prompts the user for the password with echoing turned off -by calling -.Xr EVP_read_pw_string_min 3 -internally. -In this case, the -.Fa size -is silently reduced to at most -.Dv BUFSIZ -and at most -.Fa size No \- 1 -bytes are accepted from the user and copied into the byte string buffer -.Fa password . -A callback function -.Fa cb -supplied by the application may use -.Fa userdata -for a different purpose than -.Fn PEM_def_callback -does, e.g., as auxiliary data to use while acquiring the password. -For example, a GUI application might pass a window handle. -If the -.Fa verify -flag is non-zero, the user is prompted twice for the password to -make typos less likely and it is checked that both inputs agree. -This flag is not set by -.Fn PEM_do_header -nor by other read functions, but it is typically set by write functions. -.Pp -If the data is a priori known to not be encrypted, then neither -.Fn PEM_get_EVP_CIPHER_INFO -nor -.Fn PEM_do_header -need to be called. -.Sh RETURN VALUES -.Fn PEM_read -and -.Fn PEM_read_bio -return 1 on success or 0 on failure. -The latter includes the case when no more PEM objects remain in the -input file. -To distinguish end of file from more serious errors, the caller -must peek at the error stack and check for -.Dv PEM_R_NO_START_LINE , -which indicates that no more PEM objects were found. -See -.Xr ERR_peek_last_error 3 -and -.Xr ERR_GET_REASON 3 . -.Pp -.Fn PEM_get_EVP_CIPHER_INFO -and -.Fn PEM_do_header -return 1 on success or 0 on failure. -The -.Fa data -is likely meaningless if these functions fail. -.Pp -.Fn PEM_def_callback -returns the number of bytes stored into -.Fa buf -or a negative value on failure, and -.Fa cb -is expected to behave in the same way. -If -.Fa userdata -is -.Dv NULL , -.Fn PEM_def_callback -fails if -.Fa num -is less than 5 -or if an error occurs trying to prompt the user for the password. -Otherwise, it fails when -.Fa num -is negative. -The details of the circumstances that cause -.Fa cb -to fail may differ. -.Sh SEE ALSO -.Xr crypto 3 , -.Xr d2i_PKCS8PrivateKey_bio 3 , -.Xr PEM_ASN1_read 3 , -.Xr PEM_bytes_read_bio 3 , -.Xr PEM_read_bio_PrivateKey 3 , -.Xr PEM_read_SSL_SESSION 3 , -.Xr PEM_write_bio_CMS_stream 3 , -.Xr PEM_write_bio_PKCS7_stream 3 , -.Xr PEM_X509_INFO_read 3 -.Sh HISTORY -.Fn PEM_write , -.Fn PEM_read , -and -.Fn PEM_do_header -appeared in SSLeay 0.4 or earlier. -.Fn PEM_get_EVP_CIPHER_INFO -first appeared in SSLeay 0.5.1. -.Fn PEM_write_bio -and -.Fn PEM_read_bio -first appeared in SSLeay 0.6.0. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn PEM_def_callback -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/PEM_read_bio_PrivateKey.3 b/src/lib/libcrypto/man/PEM_read_bio_PrivateKey.3 deleted file mode 100644 index 9f45261725..0000000000 --- a/src/lib/libcrypto/man/PEM_read_bio_PrivateKey.3 +++ /dev/null @@ -1,1335 +0,0 @@ -.\" $OpenBSD: PEM_read_bio_PrivateKey.3,v 1.23 2024/09/02 08:04:32 tb Exp $ -.\" full merge up to: -.\" OpenSSL man3/PEM_read_bio_PrivateKey.pod 18bad535 Apr 9 15:13:55 2019 +0100 -.\" OpenSSL man3/PEM_read_CMS.pod 83cf7abf May 29 13:07:08 2018 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2001-2004, 2009, 2013-2016 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: September 2 2024 $ -.Dt PEM_READ_BIO_PRIVATEKEY 3 -.Os -.Sh NAME -.Nm PEM_read_bio_PrivateKey , -.Nm PEM_read_PrivateKey , -.Nm PEM_write_bio_PrivateKey , -.Nm PEM_write_PrivateKey , -.Nm PEM_write_bio_PKCS8PrivateKey , -.Nm PEM_write_PKCS8PrivateKey , -.Nm PEM_write_bio_PKCS8PrivateKey_nid , -.Nm PEM_write_PKCS8PrivateKey_nid , -.Nm PEM_read_bio_PKCS8 , -.Nm PEM_read_PKCS8 , -.Nm PEM_write_bio_PKCS8 , -.Nm PEM_write_PKCS8 , -.Nm PEM_read_bio_PKCS8_PRIV_KEY_INFO , -.Nm PEM_read_PKCS8_PRIV_KEY_INFO , -.Nm PEM_write_bio_PKCS8_PRIV_KEY_INFO , -.Nm PEM_write_PKCS8_PRIV_KEY_INFO , -.Nm PEM_read_bio_PUBKEY , -.Nm PEM_read_PUBKEY , -.Nm PEM_write_bio_PUBKEY , -.Nm PEM_write_PUBKEY , -.Nm PEM_read_bio_RSAPrivateKey , -.Nm PEM_read_RSAPrivateKey , -.Nm PEM_write_bio_RSAPrivateKey , -.Nm PEM_write_RSAPrivateKey , -.Nm PEM_read_bio_RSAPublicKey , -.Nm PEM_read_RSAPublicKey , -.Nm PEM_write_bio_RSAPublicKey , -.Nm PEM_write_RSAPublicKey , -.Nm PEM_read_bio_RSA_PUBKEY , -.Nm PEM_read_RSA_PUBKEY , -.Nm PEM_write_bio_RSA_PUBKEY , -.Nm PEM_write_RSA_PUBKEY , -.Nm PEM_read_bio_DSAPrivateKey , -.Nm PEM_read_DSAPrivateKey , -.Nm PEM_write_bio_DSAPrivateKey , -.Nm PEM_write_DSAPrivateKey , -.Nm PEM_read_bio_DSA_PUBKEY , -.Nm PEM_read_DSA_PUBKEY , -.Nm PEM_write_bio_DSA_PUBKEY , -.Nm PEM_write_DSA_PUBKEY , -.Nm PEM_read_bio_DSAparams , -.Nm PEM_read_DSAparams , -.Nm PEM_write_bio_DSAparams , -.Nm PEM_write_DSAparams , -.Nm PEM_read_bio_DHparams , -.Nm PEM_read_DHparams , -.Nm PEM_write_bio_DHparams , -.Nm PEM_write_DHparams , -.Nm PEM_read_bio_ECPKParameters , -.Nm PEM_read_ECPKParameters , -.Nm PEM_write_bio_ECPKParameters , -.Nm PEM_write_ECPKParameters , -.Nm PEM_read_bio_ECPrivateKey , -.Nm PEM_read_ECPrivateKey , -.Nm PEM_write_bio_ECPrivateKey , -.Nm PEM_write_ECPrivateKey , -.Nm PEM_read_bio_EC_PUBKEY , -.Nm PEM_read_EC_PUBKEY , -.Nm PEM_write_bio_EC_PUBKEY , -.Nm PEM_write_EC_PUBKEY , -.Nm PEM_read_bio_X509 , -.Nm PEM_read_X509 , -.Nm PEM_write_bio_X509 , -.Nm PEM_write_X509 , -.Nm PEM_read_bio_X509_AUX , -.Nm PEM_read_X509_AUX , -.Nm PEM_write_bio_X509_AUX , -.Nm PEM_write_X509_AUX , -.Nm PEM_read_bio_X509_REQ , -.Nm PEM_read_X509_REQ , -.Nm PEM_write_bio_X509_REQ , -.Nm PEM_write_X509_REQ , -.Nm PEM_write_bio_X509_REQ_NEW , -.Nm PEM_write_X509_REQ_NEW , -.Nm PEM_read_bio_X509_CRL , -.Nm PEM_read_X509_CRL , -.Nm PEM_write_bio_X509_CRL , -.Nm PEM_write_X509_CRL , -.Nm PEM_read_bio_PKCS7 , -.Nm PEM_read_PKCS7 , -.Nm PEM_write_bio_PKCS7 , -.Nm PEM_write_PKCS7 , -.Nm PEM_read_CMS , -.Nm PEM_read_bio_CMS , -.Nm PEM_write_CMS , -.Nm PEM_write_bio_CMS -.Nd PEM routines -.Sh SYNOPSIS -.In openssl/pem.h -.Ft EVP_PKEY * -.Fo PEM_read_bio_PrivateKey -.Fa "BIO *bp" -.Fa "EVP_PKEY **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft EVP_PKEY * -.Fo PEM_read_PrivateKey -.Fa "FILE *fp" -.Fa "EVP_PKEY **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_bio_PrivateKey -.Fa "BIO *bp" -.Fa "EVP_PKEY *x" -.Fa "const EVP_CIPHER *enc" -.Fa "unsigned char *kstr" -.Fa "int klen" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_PrivateKey -.Fa "FILE *fp" -.Fa "EVP_PKEY *x" -.Fa "const EVP_CIPHER *enc" -.Fa "unsigned char *kstr" -.Fa "int klen" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_bio_PKCS8PrivateKey -.Fa "BIO *bp" -.Fa "EVP_PKEY *x" -.Fa "const EVP_CIPHER *enc" -.Fa "char *kstr" -.Fa "int klen" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_PKCS8PrivateKey -.Fa "FILE *fp" -.Fa "EVP_PKEY *x" -.Fa "const EVP_CIPHER *enc" -.Fa "char *kstr" -.Fa "int klen" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_bio_PKCS8PrivateKey_nid -.Fa "BIO *bp" -.Fa "EVP_PKEY *x" -.Fa "int nid" -.Fa "char *kstr" -.Fa "int klen" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_PKCS8PrivateKey_nid -.Fa "FILE *fp" -.Fa "EVP_PKEY *x" -.Fa "int nid" -.Fa "char *kstr" -.Fa "int klen" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft X509_SIG * -.Fo PEM_read_bio_PKCS8 -.Fa "BIO *bp" -.Fa "X509_SIG **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft X509_SIG * -.Fo PEM_read_PKCS8 -.Fa "FILE *fp" -.Fa "X509_SIG **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_bio_PKCS8 -.Fa "BIO *bp" -.Fa "X509_SIG *x" -.Fc -.Ft int -.Fo PEM_write_PKCS8 -.Fa "FILE *fp" -.Fa "X509_SIG *x" -.Fc -.Ft PKCS8_PRIV_KEY_INFO * -.Fo PEM_read_bio_PKCS8_PRIV_KEY_INFO -.Fa "BIO *bp" -.Fa "PKCS8_PRIV_KEY_INFO **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft PKCS8_PRIV_KEY_INFO * -.Fo PEM_read_PKCS8_PRIV_KEY_INFO -.Fa "FILE *fp" -.Fa "PKCS8_PRIV_KEY_INFO **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_bio_PKCS8_PRIV_KEY_INFO -.Fa "BIO *bp" -.Fa "PKCS8_PRIV_KEY_INFO *x" -.Fc -.Ft int -.Fo PEM_write_PKCS8_PRIV_KEY_INFO -.Fa "FILE *fp" -.Fa "PKCS8_PRIV_KEY_INFO *x" -.Fc -.Ft EVP_PKEY * -.Fo PEM_read_bio_PUBKEY -.Fa "BIO *bp" -.Fa "EVP_PKEY **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft EVP_PKEY * -.Fo PEM_read_PUBKEY -.Fa "FILE *fp" -.Fa "EVP_PKEY **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_bio_PUBKEY -.Fa "BIO *bp" -.Fa "EVP_PKEY *x" -.Fc -.Ft int -.Fo PEM_write_PUBKEY -.Fa "FILE *fp" -.Fa "EVP_PKEY *x" -.Fc -.Ft RSA * -.Fo PEM_read_bio_RSAPrivateKey -.Fa "BIO *bp" -.Fa "RSA **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft RSA * -.Fo PEM_read_RSAPrivateKey -.Fa "FILE *fp" -.Fa "RSA **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_bio_RSAPrivateKey -.Fa "BIO *bp" -.Fa "RSA *x" -.Fa "const EVP_CIPHER *enc" -.Fa "unsigned char *kstr" -.Fa "int klen" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_RSAPrivateKey -.Fa "FILE *fp" -.Fa "RSA *x" -.Fa "const EVP_CIPHER *enc" -.Fa "unsigned char *kstr" -.Fa "int klen" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft RSA * -.Fo PEM_read_bio_RSAPublicKey -.Fa "BIO *bp" -.Fa "RSA **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft RSA * -.Fo PEM_read_RSAPublicKey -.Fa "FILE *fp" -.Fa "RSA **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_bio_RSAPublicKey -.Fa "BIO *bp" -.Fa "RSA *x" -.Fc -.Ft int -.Fo PEM_write_RSAPublicKey -.Fa "FILE *fp" -.Fa "RSA *x" -.Fc -.Ft RSA * -.Fo PEM_read_bio_RSA_PUBKEY -.Fa "BIO *bp" -.Fa "RSA **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft RSA * -.Fo PEM_read_RSA_PUBKEY -.Fa "FILE *fp" -.Fa "RSA **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_bio_RSA_PUBKEY -.Fa "BIO *bp" -.Fa "RSA *x" -.Fc -.Ft int -.Fo PEM_write_RSA_PUBKEY -.Fa "FILE *fp" -.Fa "RSA *x" -.Fc -.Ft DSA * -.Fo PEM_read_bio_DSAPrivateKey -.Fa "BIO *bp" -.Fa "DSA **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft DSA * -.Fo PEM_read_DSAPrivateKey -.Fa "FILE *fp" -.Fa "DSA **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_bio_DSAPrivateKey -.Fa "BIO *bp" -.Fa "DSA *x" -.Fa "const EVP_CIPHER *enc" -.Fa "unsigned char *kstr" -.Fa "int klen" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_DSAPrivateKey -.Fa "FILE *fp" -.Fa "DSA *x" -.Fa "const EVP_CIPHER *enc" -.Fa "unsigned char *kstr" -.Fa "int klen" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft DSA * -.Fo PEM_read_bio_DSA_PUBKEY -.Fa "BIO *bp" -.Fa "DSA **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft DSA * -.Fo PEM_read_DSA_PUBKEY -.Fa "FILE *fp" -.Fa "DSA **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_bio_DSA_PUBKEY -.Fa "BIO *bp" -.Fa "DSA *x" -.Fc -.Ft int -.Fo PEM_write_DSA_PUBKEY -.Fa "FILE *fp" -.Fa "DSA *x" -.Fc -.Ft DSA * -.Fo PEM_read_bio_DSAparams -.Fa "BIO *bp" -.Fa "DSA **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft DSA * -.Fo PEM_read_DSAparams -.Fa "FILE *fp" -.Fa "DSA **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_bio_DSAparams -.Fa "BIO *bp" -.Fa "DSA *x" -.Fc -.Ft int -.Fo PEM_write_DSAparams -.Fa "FILE *fp" -.Fa "DSA *x" -.Fc -.Ft DH * -.Fo PEM_read_bio_DHparams -.Fa "BIO *bp" -.Fa "DH **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft DH * -.Fo PEM_read_DHparams -.Fa "FILE *fp" -.Fa "DH **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_bio_DHparams -.Fa "BIO *bp" -.Fa "DH *x" -.Fc -.Ft int -.Fo PEM_write_DHparams -.Fa "FILE *fp" -.Fa "DH *x" -.Fc -.Ft EC_GROUP * -.Fo PEM_read_bio_ECPKParameters -.Fa "BIO *bp" -.Fa "EC_GROUP **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft EC_GROUP * -.Fo PEM_read_ECPKParameters -.Fa "FILE *fp" -.Fa "EC_GROUP **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_bio_ECPKParameters -.Fa "BIO *bp" -.Fa "const EC_GROUP *x" -.Fc -.Ft int -.Fo PEM_write_ECPKParameters -.Fa "FILE *fp" -.Fa "const EC_GROUP *x" -.Fc -.Ft EC_KEY * -.Fo PEM_read_bio_ECPrivateKey -.Fa "BIO *bp" -.Fa "EC_KEY **key" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft EC_KEY * -.Fo PEM_read_ECPrivateKey -.Fa "FILE *fp" -.Fa "EC_KEY **eckey" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_bio_ECPrivateKey -.Fa "BIO *bp" -.Fa "EC_KEY *x" -.Fa "const EVP_CIPHER *enc" -.Fa "unsigned char *kstr" -.Fa "int klen" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_ECPrivateKey -.Fa "FILE *fp" -.Fa "EC_KEY *x" -.Fa "const EVP_CIPHER *enc" -.Fa "unsigned char *kstr" -.Fa "int klen" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft EC_KEY * -.Fo PEM_read_bio_EC_PUBKEY -.Fa "BIO *bp" -.Fa "EC_KEY **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft EC_KEY * -.Fo PEM_read_EC_PUBKEY -.Fa "FILE *fp" -.Fa "EC_KEY **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_bio_EC_PUBKEY -.Fa "BIO *bp" -.Fa "EC_KEY *x" -.Fc -.Ft int -.Fo PEM_write_EC_PUBKEY -.Fa "FILE *fp" -.Fa "EC_KEY *x" -.Fc -.Ft X509 * -.Fo PEM_read_bio_X509 -.Fa "BIO *bp" -.Fa "X509 **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft X509 * -.Fo PEM_read_X509 -.Fa "FILE *fp" -.Fa "X509 **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_bio_X509 -.Fa "BIO *bp" -.Fa "X509 *x" -.Fc -.Ft int -.Fo PEM_write_X509 -.Fa "FILE *fp" -.Fa "X509 *x" -.Fc -.Ft X509 * -.Fo PEM_read_bio_X509_AUX -.Fa "BIO *bp" -.Fa "X509 **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft X509 * -.Fo PEM_read_X509_AUX -.Fa "FILE *fp" -.Fa "X509 **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_bio_X509_AUX -.Fa "BIO *bp" -.Fa "X509 *x" -.Fc -.Ft int -.Fo PEM_write_X509_AUX -.Fa "FILE *fp" -.Fa "X509 *x" -.Fc -.Ft X509_REQ * -.Fo PEM_read_bio_X509_REQ -.Fa "BIO *bp" -.Fa "X509_REQ **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft X509_REQ * -.Fo PEM_read_X509_REQ -.Fa "FILE *fp" -.Fa "X509_REQ **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_bio_X509_REQ -.Fa "BIO *bp" -.Fa "X509_REQ *x" -.Fc -.Ft int -.Fo PEM_write_X509_REQ -.Fa "FILE *fp" -.Fa "X509_REQ *x" -.Fc -.Ft int -.Fo PEM_write_bio_X509_REQ_NEW -.Fa "BIO *bp" -.Fa "X509_REQ *x" -.Fc -.Ft int -.Fo PEM_write_X509_REQ_NEW -.Fa "FILE *fp" -.Fa "X509_REQ *x" -.Fc -.Ft X509_CRL * -.Fo PEM_read_bio_X509_CRL -.Fa "BIO *bp" -.Fa "X509_CRL **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft X509_CRL * -.Fo PEM_read_X509_CRL -.Fa "FILE *fp" -.Fa "X509_CRL **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_bio_X509_CRL -.Fa "BIO *bp" -.Fa "X509_CRL *x" -.Fc -.Ft int -.Fo PEM_write_X509_CRL -.Fa "FILE *fp" -.Fa "X509_CRL *x" -.Fc -.Ft PKCS7 * -.Fo PEM_read_bio_PKCS7 -.Fa "BIO *bp" -.Fa "PKCS7 **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft PKCS7 * -.Fo PEM_read_PKCS7 -.Fa "FILE *fp" -.Fa "PKCS7 **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_bio_PKCS7 -.Fa "BIO *bp" -.Fa "PKCS7 *x" -.Fc -.Ft int -.Fo PEM_write_PKCS7 -.Fa "FILE *fp" -.Fa "PKCS7 *x" -.Fc -.In openssl/cms.h -.Ft CMS_ContentInfo * -.Fo PEM_read_CMS -.Fa "FILE *fp" -.Fa "CMS_ContentInfo **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft CMS_ContentInfo * -.Fo PEM_read_bio_CMS -.Fa "BIO *bp" -.Fa "CMS_ContentInfo **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo PEM_write_CMS -.Fa "FILE *fp" -.Fa "const CMS_ContentInfo *x" -.Fc -.Ft int -.Fo PEM_write_bio_CMS -.Fa "BIO *bp" -.Fa "const CMS_ContentInfo *x" -.Fc -.Sh DESCRIPTION -The PEM functions read or write structures in PEM format. -In this sense PEM format is simply base64-encoded data surrounded by -header lines; see -.Xr PEM_read 3 -for more details. -.Pp -For more details about the meaning of arguments see the -.Sx PEM function arguments -section. -.Pp -Each operation has four functions associated with it. -For brevity the term -.Dq Ar TYPE No functions -will be used to collectively refer to the -.Fn PEM_read_bio_TYPE , -.Fn PEM_read_TYPE , -.Fn PEM_write_bio_TYPE , -and -.Fn PEM_write_TYPE -functions. -If no set of specific functions exists for a given type, -.Xr PEM_ASN1_read 3 -can be used instead. -.Pp -The -.Sy PrivateKey -functions read or write a private key in PEM format using an -.Vt EVP_PKEY -structure. -The write routines use "traditional" private key format and can handle -both RSA and DSA private keys. -The read functions can additionally transparently handle PKCS#8 format -encrypted and unencrypted keys too. -.Pp -.Fn PEM_write_bio_PKCS8PrivateKey -and -.Fn PEM_write_PKCS8PrivateKey -write a private key in an -.Vt EVP_PKEY -structure in PKCS#8 -.Vt EncryptedPrivateKeyInfo -format using PKCS#5 v2.0 password based encryption algorithms. -The -.Fa enc -argument specifies the encryption algorithm to use: unlike all other PEM -routines, the encryption is applied at the PKCS#8 level and not in the -PEM headers. -If -.Fa enc -is -.Dv NULL , -then no encryption is used and a PKCS#8 -.Vt PrivateKeyInfo -structure is used instead. -.Pp -.Fn PEM_write_bio_PKCS8PrivateKey_nid -and -.Fn PEM_write_PKCS8PrivateKey_nid -also write out a private key as a PKCS#8 -.Vt EncryptedPrivateKeyInfo . -However they use PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. -The algorithm to use is specified in the -.Fa nid -parameter and should be the NID of the corresponding OBJECT IDENTIFIER. -.Pp -The -.Sy PKCS8 -functions process an encrypted private key using an -.Vt X509_SIG -structure and the -.Xr d2i_X509_SIG 3 -function. -.Pp -The -.Sy PKCS8_PRIV_KEY_INFO -functions process a private key using a -.Vt PKCS8_PRIV_KEY_INFO -structure. -.Pp -The -.Sy PUBKEY -functions process a public key using an -.Vt EVP_PKEY -structure. -The public key is encoded as an ASN.1 -.Vt SubjectPublicKeyInfo -structure. -.Pp -The -.Sy RSAPrivateKey -functions process an RSA private key using an -.Vt RSA -structure. -They handle the same formats as the -.Sy PrivateKey -functions, but an error occurs if the private key is not RSA. -.Pp -The -.Sy RSAPublicKey -functions process an RSA public key using an -.Vt RSA -structure. -The public key is encoded using a PKCS#1 -.Vt RSAPublicKey -structure. -.Pp -The -.Sy RSA_PUBKEY -functions also process an RSA public key using an -.Vt RSA -structure. -However the public key is encoded using an ASN.1 -.Vt SubjectPublicKeyInfo -structure and an error occurs if the public key is not RSA. -.Pp -The -.Sy DSAPrivateKey -functions process a DSA private key using a -.Vt DSA -structure. -They handle the same formats as the -.Sy PrivateKey -functions but an error occurs if the private key is not DSA. -.Pp -The -.Sy DSA_PUBKEY -functions process a DSA public key using a -.Vt DSA -structure. -The public key is encoded using an ASN.1 -.Vt SubjectPublicKeyInfo -structure and an error occurs if the public key is not DSA. -.Pp -The -.Sy DSAparams -functions process DSA parameters using a -.Vt DSA -structure. -The parameters are encoded using a Dss-Parms structure as defined in RFC 2459. -.Pp -The -.Sy DHparams -functions process DH parameters using a -.Vt DH -structure. -The parameters are encoded using a PKCS#3 DHparameter structure. -.Pp -The -.Sy ECPKParameters -functions process EC parameters using an -.Vt EC_GROUP -structure and the -.Xr d2i_ECPKParameters 3 -function. -.Pp -The -.Sy ECPrivateKey -functions process an EC private key using an -.Vt EC_KEY -structure. -.Pp -The -.Sy EC_PUBKEY -functions process an EC public key using an -.Vt EC_KEY -structure. -.Pp -The -.Sy X509 -functions process an X509 certificate using an -.Vt X509 -structure. -They will also process a trusted X509 certificate but any trust settings -are discarded. -.Pp -The -.Sy X509_AUX -functions process a trusted X509 certificate using an -.Vt X509 -structure. -.Pp -The -.Sy X509_REQ -and -.Sy X509_REQ_NEW -functions process a PKCS#10 certificate request using an -.Vt X509_REQ -structure. -The -.Sy X509_REQ -write functions use CERTIFICATE REQUEST in the header whereas the -.Sy X509_REQ_NEW -functions use NEW CERTIFICATE REQUEST (as required by some CAs). -The -.Sy X509_REQ -read functions will handle either form so there are no -.Sy X509_REQ_NEW -read functions. -.Pp -The -.Sy X509_CRL -functions process an X509 CRL using an -.Vt X509_CRL -structure. -.Pp -The -.Sy PKCS7 -functions process a PKCS#7 -.Vt ContentInfo -using a -.Vt PKCS7 -structure. -.Pp -The -.Sy CMS -functions process a -.Vt CMS_ContentInfo -structure. -.Pp -The old -.Sy PrivateKey -write routines are retained for compatibility. -New applications should write private keys using the -.Fn PEM_write_bio_PKCS8PrivateKey -or -.Fn PEM_write_PKCS8PrivateKey -routines because they are more secure (they use an iteration count of -2048 whereas the traditional routines use a count of 1) unless -compatibility with older versions of OpenSSL is important. -.Pp -The -.Sy PrivateKey -read routines can be used in all applications because they handle all -formats transparently. -.Ss PEM function arguments -The PEM functions have many common arguments. -.Pp -The -.Fa bp -parameter specifies the -.Vt BIO -to read from or write to. -.Pp -The -.Fa fp -parameter specifies the -.Vt FILE -pointer to read from or write to. -.Pp -The PEM read functions all take a pointer to pointer argument -.Fa x -and return a pointer of the same type. -If -.Fa x -is -.Dv NULL , -then the parameter is ignored. -If -.Fa x -is not -.Dv NULL -but -.Pf * Fa x -is -.Dv NULL , -then the structure returned will be written to -.Pf * Fa x . -If neither -.Fa x -nor -.Pf * Fa x -are -.Dv NULL , -then an attempt is made to reuse the structure at -.Pf * Fa x , -but see the -.Sx BUGS -and -.Sx EXAMPLES -sections. -Irrespective of the value of -.Fa x , -a pointer to the structure is always returned, or -.Dv NULL -if an error occurred. -.Pp -The PEM functions which write private keys take an -.Fa enc -parameter, which specifies the encryption algorithm to use. -Encryption is done at the PEM level. -If this parameter is set to -.Dv NULL , -then the private key is written in unencrypted form. -.Pp -The optional arguments -.Fa u -and -.Fa cb -are a passphrase used for encrypting a PEM structure -or a callback to obtain the passphrase; see -.Xr pem_password_cb 3 -for details. -.Pp -For the PEM write routines, if the -.Fa kstr -parameter is not -.Dv NULL , -then -.Fa klen -bytes at -.Fa kstr -are used as the passphrase and -.Fa cb -is ignored. -.Ss PEM encryption format -These old -.Sy PrivateKey -routines use a non-standard technique for encryption. -.Pp -The private key (or other data) takes the following form: -.Bd -literal -offset indent ------BEGIN RSA PRIVATE KEY----- -Proc-Type: 4,ENCRYPTED -DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89 - -\&...base64 encoded data... ------END RSA PRIVATE KEY----- -.Ed -.Pp -The line beginning with -.Dq DEK-Info -contains two comma separated pieces of information: -the encryption algorithm name as used by -.Xr EVP_get_cipherbyname 3 -and an 8-byte salt encoded as a set of hexadecimal digits. -.Pp -After this is the base64-encoded encrypted data. -.Pp -The encryption key is determined using -.Xr EVP_BytesToKey 3 , -using the salt and an iteration count of 1. -The IV used is the value of the salt and *not* the IV returned by -.Xr EVP_BytesToKey 3 . -.Sh RETURN VALUES -The read routines return either a pointer to the structure read or -.Dv NULL -if an error occurred. -.Pp -The write routines return 1 for success or 0 for failure. -.Sh EXAMPLES -Although the PEM routines take several arguments, in almost all -applications most of them are set to 0 or -.Dv NULL . -.Pp -Read a certificate in PEM format from a -.Vt BIO : -.Bd -literal -offset indent -X509 *x; -x = PEM_read_bio_X509(bp, NULL, 0, NULL); -if (x == NULL) { - /* Error */ -} -.Ed -.Pp -Alternative method: -.Bd -literal -offset indent -X509 *x = NULL; -if (!PEM_read_bio_X509(bp, &x, 0, NULL)) { - /* Error */ -} -.Ed -.Pp -Write a certificate to a -.Vt BIO : -.Bd -literal -offset indent -if (!PEM_write_bio_X509(bp, x)) { - /* Error */ -} -.Ed -.Pp -Write an unencrypted private key to a -.Vt FILE : -.Bd -literal -offset indent -if (!PEM_write_PrivateKey(fp, key, NULL, NULL, 0, 0, NULL)) { - /* Error */ -} -.Ed -.Pp -Write a private key (using traditional format) to a -.Vt BIO -using triple DES encryption; the pass phrase is prompted for: -.Bd -literal -offset indent -if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), - NULL, 0, 0, NULL)) { - /* Error */ -} -.Ed -.Pp -Write a private key (using PKCS#8 format) to a -.Vt BIO -using triple DES encryption, using the pass phrase "hello": -.Bd -literal -offset indent -if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(), - NULL, 0, 0, "hello")) { - /* Error */ -} -.Ed -.Pp -Read a private key from a -.Vt BIO -using the pass phrase "hello": -.Bd -literal -offset indent -key = PEM_read_bio_PrivateKey(bp, NULL, 0, "hello"); -if (key == NULL) { - /* Error */ -} -.Ed -.Pp -Read a private key from a -.Vt BIO -using a pass phrase callback: -.Bd -literal -offset indent -key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, "My Private Key"); -if (key == NULL) { - /* Error */ -} -.Ed -.Pp -Skeleton pass phrase callback: -.Bd -literal -offset indent -int -pass_cb(char *buf, int size, int rwflag, void *u) -{ - char *tmp; - size_t len; - - /* We'd probably do something else if 'rwflag' is 1 */ - printf("Enter pass phrase for \e"%s\e"\en", u); - - /* - * Instead of the following line, get the passphrase - * from the user in some way. - */ - tmp = "hello"; - if (tmp == NULL) /* An error occurred. */ - return -1; - - len = strlen(tmp); - if (len == 0) /* Treat an empty passphrase as an error, too. */ - return -1; - - /* if too long, truncate */ - if (len > size) - len = size; - memcpy(buf, tmp, len); - return len; -} -.Ed -.Sh SEE ALSO -.Xr BIO_new 3 , -.Xr DSA_new 3 , -.Xr PEM_ASN1_read 3 , -.Xr PEM_bytes_read_bio 3 , -.Xr PEM_read 3 , -.Xr PEM_read_SSL_SESSION 3 , -.Xr PEM_write_bio_CMS_stream 3 , -.Xr PEM_write_bio_PKCS7_stream 3 , -.Xr PEM_X509_INFO_read 3 , -.Xr RSA_new 3 , -.Xr X509_CRL_new 3 , -.Xr X509_REQ_new 3 , -.Xr X509_SIG_new 3 -.Sh HISTORY -.Fn PEM_read_X509 -and -.Fn PEM_write_X509 -appeared in SSLeay 0.4 or earlier. -.Fn PEM_read_X509_REQ , -.Fn PEM_write_X509_REQ , -.Fn PEM_read_X509_CRL , -and -.Fn PEM_write_X509_CRL -first appeared in SSLeay 0.4.4. -.Fn PEM_read_RSAPrivateKey , -.Fn PEM_write_RSAPrivateKey , -.Fn PEM_read_DHparams , -.Fn PEM_write_DHparams , -.Fn PEM_read_PKCS7 , -and -.Fn PEM_write_PKCS7 -first appeared in SSLeay 0.5.1. -.Fn PEM_read_bio_PrivateKey , -.Fn PEM_read_PrivateKey , -.Fn PEM_read_bio_RSAPrivateKey , -.Fn PEM_write_bio_RSAPrivateKey , -.Fn PEM_read_bio_DSAPrivateKey , -.Fn PEM_read_DSAPrivateKey , -.Fn PEM_write_bio_DSAPrivateKey , -.Fn PEM_write_DSAPrivateKey , -.Fn PEM_read_bio_DHparams , -.Fn PEM_write_bio_DHparams , -.Fn PEM_read_bio_X509 , -.Fn PEM_write_bio_X509 , -.Fn PEM_read_bio_X509_REQ , -.Fn PEM_write_bio_X509_REQ , -.Fn PEM_read_bio_X509_CRL , -.Fn PEM_write_bio_X509_CRL , -.Fn PEM_read_bio_PKCS7 , -and -.Fn PEM_write_bio_PKCS7 -first appeared in SSLeay 0.6.0. -.Fn PEM_write_bio_PrivateKey , -.Fn PEM_write_PrivateKey , -.Fn PEM_read_bio_DSAparams , -.Fn PEM_read_DSAparams , -.Fn PEM_write_bio_DSAparams , -and -.Fn PEM_write_DSAparams -first appeared in SSLeay 0.8.0. -.Fn PEM_read_bio_RSAPublicKey , -.Fn PEM_read_RSAPublicKey , -.Fn PEM_write_bio_RSAPublicKey , -and -.Fn PEM_write_RSAPublicKey -first appeared in SSLeay 0.8.1. -All these functions have been available since -.Ox 2.4 . -.Pp -.Fn PEM_write_bio_PKCS8PrivateKey , -.Fn PEM_write_PKCS8PrivateKey , -.Fn PEM_read_bio_PKCS8 , -.Fn PEM_read_PKCS8 , -.Fn PEM_write_bio_PKCS8 , -.Fn PEM_write_PKCS8 , -.Fn PEM_read_bio_PKCS8_PRIV_KEY_INFO , -.Fn PEM_read_PKCS8_PRIV_KEY_INFO , -.Fn PEM_write_bio_PKCS8_PRIV_KEY_INFO , -.Fn PEM_write_PKCS8_PRIV_KEY_INFO , -.Pp -.Fn PEM_write_bio_PKCS8PrivateKey_nid , -.Fn PEM_write_PKCS8PrivateKey_nid , -.Fn PEM_read_bio_PUBKEY , -.Fn PEM_read_PUBKEY , -.Fn PEM_write_bio_PUBKEY , -.Fn PEM_write_PUBKEY , -.Fn PEM_read_bio_RSA_PUBKEY , -.Fn PEM_read_RSA_PUBKEY , -.Fn PEM_write_bio_RSA_PUBKEY , -.Fn PEM_write_RSA_PUBKEY , -.Fn PEM_read_bio_DSA_PUBKEY , -.Fn PEM_read_DSA_PUBKEY , -.Fn PEM_write_bio_DSA_PUBKEY , -.Fn PEM_write_DSA_PUBKEY , -.Fn PEM_write_bio_X509_REQ_NEW , -.Fn PEM_write_X509_REQ_NEW , -.Fn PEM_read_bio_X509_AUX , -.Fn PEM_read_X509_AUX , -.Fn PEM_write_bio_X509_AUX , -and -.Fn PEM_write_X509_AUX -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . -.Pp -.Fn PEM_read_bio_ECPKParameters , -.Fn PEM_read_ECPKParameters , -.Fn PEM_write_bio_ECPKParameters , -.Fn PEM_write_ECPKParameters , -.Fn PEM_read_bio_ECPrivateKey , -.Fn PEM_read_ECPrivateKey , -.Fn PEM_write_bio_ECPrivateKey , -.Fn PEM_write_ECPrivateKey , -.Fn PEM_read_bio_EC_PUBKEY , -.Fn PEM_read_EC_PUBKEY , -.Fn PEM_write_bio_EC_PUBKEY , -and -.Fn PEM_write_EC_PUBKEY -first appeared in OpenSSL 0.9.8 and have been available since -.Ox 4.5 . -.Pp -.Fn PEM_read_CMS , -.Fn PEM_read_bio_CMS , -.Fn PEM_write_CMS , -and -.Fn PEM_write_bio_CMS -first appeared in OpenSSL 0.9.8h and have been available since -.Ox 6.7 . -.Sh CAVEATS -A frequent cause of problems is attempting to use the PEM routines like -this: -.Bd -literal -offset indent -X509 *x; -PEM_read_bio_X509(bp, &x, 0, NULL); -.Ed -.Pp -This is a bug because an attempt will be made to reuse the data at -.Fa x , -which is an uninitialised pointer. -.Pp -These functions make no assumption regarding the pass phrase received -from the password callback. -It will simply be treated as a byte sequence. -.Sh BUGS -The PEM read routines in some versions of OpenSSL will not correctly -reuse an existing structure. -Therefore -.Pp -.Dl PEM_read_bio_X509(bp, &x, 0, NULL); -.Pp -where -.Fa x -already contains a valid certificate may not work, whereas -.Bd -literal -offset indent -X509_free(x); -x = PEM_read_bio_X509(bp, NULL, 0, NULL); -.Ed -.Pp -is guaranteed to work. diff --git a/src/lib/libcrypto/man/PEM_write_bio_CMS_stream.3 b/src/lib/libcrypto/man/PEM_write_bio_CMS_stream.3 deleted file mode 100644 index 88adbba74f..0000000000 --- a/src/lib/libcrypto/man/PEM_write_bio_CMS_stream.3 +++ /dev/null @@ -1,95 +0,0 @@ -.\" $OpenBSD: PEM_write_bio_CMS_stream.3,v 1.6 2023/05/01 07:28:11 tb Exp $ -.\" full merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2008 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: May 1 2023 $ -.Dt PEM_WRITE_BIO_CMS_STREAM 3 -.Os -.Sh NAME -.Nm PEM_write_bio_CMS_stream -.Nd output CMS_ContentInfo structure in PEM format -.Sh SYNOPSIS -.In openssl/cms.h -.Ft int -.Fo PEM_write_bio_CMS_stream -.Fa "BIO *out" -.Fa "CMS_ContentInfo *cms" -.Fa "BIO *data" -.Fa "int flags" -.Fc -.Sh DESCRIPTION -.Fn PEM_write_bio_CMS_stream -outputs a -.Vt CMS_ContentInfo -structure in PEM format. -.Pp -It is otherwise identical to the function -.Xr SMIME_write_CMS 3 . -.Pp -This function is effectively a version of -.Xr PEM_write_bio_CMS 3 -supporting streaming. -.Sh RETURN VALUES -.Fn PEM_write_bio_CMS_stream -returns 1 for success or 0 for failure. -.Sh SEE ALSO -.Xr CMS_ContentInfo_new 3 , -.Xr CMS_decrypt 3 , -.Xr CMS_encrypt 3 , -.Xr CMS_sign 3 , -.Xr CMS_verify 3 , -.Xr ERR_get_error 3 , -.Xr i2d_CMS_bio_stream 3 , -.Xr PEM_write 3 , -.Xr SMIME_write_CMS 3 -.Sh HISTORY -.Fn PEM_write_bio_CMS_stream -first appeared in OpenSSL 1.0.0 -and has been available since -.Ox 6.7 . diff --git a/src/lib/libcrypto/man/PEM_write_bio_PKCS7_stream.3 b/src/lib/libcrypto/man/PEM_write_bio_PKCS7_stream.3 deleted file mode 100644 index 9050b8562f..0000000000 --- a/src/lib/libcrypto/man/PEM_write_bio_PKCS7_stream.3 +++ /dev/null @@ -1,90 +0,0 @@ -.\" $OpenBSD: PEM_write_bio_PKCS7_stream.3,v 1.12 2023/05/01 07:28:11 tb Exp $ -.\" full merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2007, 2009, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: May 1 2023 $ -.Dt PEM_WRITE_BIO_PKCS7_STREAM 3 -.Os -.Sh NAME -.Nm PEM_write_bio_PKCS7_stream -.Nd output PKCS7 structure in PEM format -.Sh SYNOPSIS -.In openssl/pkcs7.h -.Ft int -.Fo PEM_write_bio_PKCS7_stream -.Fa "BIO *out" -.Fa "PKCS7 *p7" -.Fa "BIO *data" -.Fa "int flags" -.Fc -.Sh DESCRIPTION -.Fn PEM_write_bio_PKCS7_stream -outputs a PKCS7 structure in PEM format. -.Pp -It is otherwise identical to the function -.Xr SMIME_write_PKCS7 3 . -.Pp -This function is effectively a version of -.Xr PEM_write_bio_PKCS7 3 -supporting streaming. -.Sh RETURN VALUES -Upon successful completion, 1 is returned; -otherwise 0 is returned and an error code can be retrieved with -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr BIO_new 3 , -.Xr i2d_PKCS7_bio_stream 3 , -.Xr PEM_write_PKCS7 3 , -.Xr PKCS7_final 3 , -.Xr PKCS7_new 3 , -.Xr SMIME_write_PKCS7 3 -.Sh HISTORY -.Fn PEM_write_bio_PKCS7_stream -first appeared in OpenSSL 1.0.0 and has been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/PKCS12_SAFEBAG_new.3 b/src/lib/libcrypto/man/PKCS12_SAFEBAG_new.3 deleted file mode 100644 index e7d20ea7f6..0000000000 --- a/src/lib/libcrypto/man/PKCS12_SAFEBAG_new.3 +++ /dev/null @@ -1,104 +0,0 @@ -.\" $OpenBSD: PKCS12_SAFEBAG_new.3,v 1.4 2019/06/06 01:06:58 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: June 6 2019 $ -.Dt PKCS12_SAFEBAG_NEW 3 -.Os -.Sh NAME -.Nm PKCS12_SAFEBAG_new , -.Nm PKCS12_SAFEBAG_free , -.Nm PKCS12_BAGS_new , -.Nm PKCS12_BAGS_free -.Nd PKCS#12 container for one piece of information -.Sh SYNOPSIS -.In openssl/pkcs12.h -.Ft PKCS12_SAFEBAG * -.Fn PKCS12_SAFEBAG_new void -.Ft void -.Fn PKCS12_SAFEBAG_free "PKCS12_SAFEBAG *safebag" -.Ft PKCS12_BAGS * -.Fn PKCS12_BAGS_new void -.Ft void -.Fn PKCS12_BAGS_free "PKCS12_BAGS *bag" -.Sh DESCRIPTION -.Fn PKCS12_SAFEBAG_new -allocates and initializes an empty -.Vt PKCS12_SAFEBAG -object, representing an ASN.1 -.Vt SafeBag -structure defined in RFC 7292 section 4.2. -It can hold a pointer to a -.Vt PKCS12_BAGS -object together with a type identifier and optional attributes. -.Fn PKCS12_SAFEBAG_free -frees -.Fa safebag . -.Pp -.Fn PKCS12_BAGS_new -allocates and initializes an empty -.Vt PKCS12_BAGS -object, representing the bagValue field of an ASN.1 -.Vt SafeBag -structure. -It is used in -.Vt PKCS12_SAFEBAG -and can hold a DER-encoded X.509 certificate, -a base64-encoded SDSI certificate, -a DER-encoded X.509 CRL, -or other user-defined information. -.Pp -If an instance of -.Vt PKCS12_SAFEBAG -contains -.Vt PKCS8_PRIV_KEY_INFO , -.Vt X509_SIG , -or nested -.Vt PKCS12_SAFEBAG -objects, the respective pointers are stored directly in the -.Vt PKCS12_SAFEBAG -object rather than in the contained -.Vt PKCS12_BAGS -object as required by RFC 7292. -.Sh RETURN VALUES -.Fn PKCS12_SAFEBAG_new -and -.Fn PKCS12_BAGS_new -return the new -.Vt PKCS12_SAFEBAG -or -.Vt PKCS12_BAGS -object, respectively, or -.Dv NULL -if an error occurs. -.Sh SEE ALSO -.Xr PKCS12_create 3 , -.Xr PKCS12_new 3 , -.Xr PKCS8_PRIV_KEY_INFO_new 3 , -.Xr X509_ATTRIBUTE_new 3 , -.Xr X509_CRL_new 3 , -.Xr X509_new 3 , -.Xr X509_SIG_new 3 -.Sh STANDARDS -RFC 7292: PKCS #12: Personal Information Exchange Syntax, -section 4.2: The SafeBag Type -.Sh HISTORY -.Fn PKCS12_SAFEBAG_new , -.Fn PKCS12_SAFEBAG_free , -.Fn PKCS12_BAGS_new , -and -.Fn PKCS12_BAGS_free -first appeared in OpenSSL 0.9.3 and have been available since -.Ox 2.6 . diff --git a/src/lib/libcrypto/man/PKCS12_create.3 b/src/lib/libcrypto/man/PKCS12_create.3 deleted file mode 100644 index 904166da73..0000000000 --- a/src/lib/libcrypto/man/PKCS12_create.3 +++ /dev/null @@ -1,188 +0,0 @@ -.\" $OpenBSD: PKCS12_create.3,v 1.13 2024/08/22 12:26:01 tb Exp $ -.\" full merge up to: OpenSSL 05ea606a May 20 20:52:46 2016 -0400 -.\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2002, 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: August 22 2024 $ -.Dt PKCS12_CREATE 3 -.Os -.Sh NAME -.Nm PKCS12_create -.Nd create a PKCS#12 structure -.Sh SYNOPSIS -.In openssl/pkcs12.h -.Ft PKCS12 * -.Fo PKCS12_create -.Fa "const char *pass" -.Fa "const char *name" -.Fa "EVP_PKEY *pkey" -.Fa "X509 *cert" -.Fa "STACK_OF(X509) *ca" -.Fa "int nid_key" -.Fa "int nid_cert" -.Fa "int iter" -.Fa "int mac_iter" -.Fa "int keytype" -.Fc -.Sh DESCRIPTION -.Fn PKCS12_create -creates a PKCS#12 structure. -.Pp -.Fa pass -is the passphrase to use. -.Fa name -is the -.Sy friendlyName -to use for the supplied certificate and key. -.Fa pkey -is the private key to include in the structure and -.Fa cert -its corresponding certificates. -.Fa ca -is an optional set of certificates to also include in the structure. -.Fa pkey , -.Fa cert , -or both can be -.Dv NULL -to indicate that no key or certificate is required. -.Pp -.Fa nid_key -and -.Fa nid_cert -are the encryption algorithms that should be used for the key and -certificate, respectively. -If either -.Fa nid_key -or -.Fa nid_cert -is set to -1, no encryption will be used. -.Pp -.Fa iter -is the encryption algorithm iteration count to use and -.Fa mac_iter -is the MAC iteration count to use. -If -.Fa mac_iter -is set to -1, the MAC will be omitted entirely. -.Pp -.Fa keytype -is the type of key. -.Pp -The parameters -.Fa nid_key , -.Fa nid_cert , -.Fa iter , -.Fa mac_iter , -and -.Fa keytype -can all be set to zero and sensible defaults will be used. -.Pp -These defaults are: 40-bit RC2 encryption for certificates, triple DES -encryption for private keys, a key iteration count of -PKCS12_DEFAULT_ITER (currently 2048) and a MAC iteration count of 1. -.Pp -The default MAC iteration count is 1 in order to retain compatibility -with old software which did not interpret MAC iteration counts. -If such compatibility is not required then -.Fa mac_iter -should be set to PKCS12_DEFAULT_ITER. -.Pp -.Fa keytype -adds a flag to the store private key. -This is a non-standard extension that is only currently interpreted by -MSIE. -If set to zero, the flag is omitted; if set to -.Dv KEY_SIG , -the key can be used for signing only; and if set to -.Dv KEY_EX , -it can be used for signing and encryption. -This option was useful for old export grade software which could use -signing only keys of arbitrary size but had restrictions on the -permissible sizes of keys which could be used for encryption. -.Pp -If a certificate contains an -.Sy alias -or -.Sy keyid -then this will be used for the corresponding -.Sy friendlyName -or -.Sy localKeyID -in the PKCS12 structure. -.Sh RETURN VALUES -.Fn PKCS12_create -returns a valid -.Vt PKCS12 -structure or -.Dv NULL -if an error occurred. -.Sh SEE ALSO -.Xr crypto 3 , -.Xr d2i_PKCS12 3 , -.Xr PKCS12_new 3 , -.Xr PKCS12_newpass 3 , -.Xr PKCS12_parse 3 , -.Xr PKCS12_SAFEBAG_new 3 , -.Xr X509_keyid_set1 3 -.Sh HISTORY -.Fn PKCS12_create -first appeared in OpenSSL 0.9.3 and has been available since -.Ox 2.6 . -.Pp -Before OpenSSL 0.9.8, neither -.Fa pkey -nor -.Fa cert -were allowed to be -.Dv NULL , -and a value of -1 was not allowed for -.Fa nid_key , -.Fa nid_cert , -and -.Fa mac_iter . diff --git a/src/lib/libcrypto/man/PKCS12_new.3 b/src/lib/libcrypto/man/PKCS12_new.3 deleted file mode 100644 index c7ccdb4911..0000000000 --- a/src/lib/libcrypto/man/PKCS12_new.3 +++ /dev/null @@ -1,99 +0,0 @@ -.\" $OpenBSD: PKCS12_new.3,v 1.4 2019/06/06 01:06:58 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: June 6 2019 $ -.Dt PKCS12_NEW 3 -.Os -.Sh NAME -.Nm PKCS12_new , -.Nm PKCS12_free , -.Nm PKCS12_MAC_DATA_new , -.Nm PKCS12_MAC_DATA_free -.Nd PKCS#12 personal information exchange (PFX) -.Sh SYNOPSIS -.In openssl/pkcs12.h -.Ft PKCS12 * -.Fn PKCS12_new void -.Ft void -.Fn PKCS12_free "PKCS12 *pfx" -.Ft PKCS12_MAC_DATA * -.Fn PKCS12_MAC_DATA_new void -.Ft void -.Fn PKCS12_MAC_DATA_free "PKCS12_MAC_DATA *mac_data" -.Sh DESCRIPTION -.Fn PKCS12_new -allocates and initializes an empty -.Vt PKCS12 -object, representing an ASN.1 -.Vt PFX -.Pq personal information exchange -structure defined in RFC 7292 section 4. -It can hold a pointer to a -.Vt PKCS7 -object described in -.Xr PKCS7_new 3 -and optionally an instance of -.Vt PKCS12_MAC_DATA -described below. -.Fn PKCS12_free -frees -.Fa pfx . -.Pp -.Fn PKCS12_MAC_DATA_new -allocates and initializes an empty -.Vt PKCS12_MAC_DATA -object, representing an ASN.1 -.Vt MacData -structure defined in RFC 7292 section 4. -It is used inside -.Vt PKCS12 -and can hold a pointer to an -.Vt X509_SIG -object described in -.Xr X509_SIG_new 3 -together with a salt value and an iteration count. -.Fn PKCS12_MAC_DATA_free -frees -.Fa mac_data . -.Sh RETURN VALUES -.Fn PKCS12_new -and -.Fn PKCS12_MAC_DATA_new -return the new -.Vt PKCS12 -or -.Vt PKCS12_MAC_DATA -object, respectively, or -.Dv NULL -if an error occurs. -.Sh SEE ALSO -.Xr d2i_PKCS12 3 , -.Xr PKCS12_create 3 , -.Xr PKCS12_newpass 3 , -.Xr PKCS12_parse 3 , -.Xr PKCS12_SAFEBAG_new 3 , -.Xr PKCS7_new 3 , -.Xr X509_SIG_new 3 -.Sh STANDARDS -RFC 7292: PKCS #12: Personal Information Exchange Syntax -.Sh HISTORY -.Fn PKCS12_new , -.Fn PKCS12_free , -.Fn PKCS12_MAC_DATA_new , -and -.Fn PKCS12_MAC_DATA_free -first appeared in OpenSSL 0.9.3 and have been available since -.Ox 2.6 . diff --git a/src/lib/libcrypto/man/PKCS12_newpass.3 b/src/lib/libcrypto/man/PKCS12_newpass.3 deleted file mode 100644 index b5642c96ea..0000000000 --- a/src/lib/libcrypto/man/PKCS12_newpass.3 +++ /dev/null @@ -1,155 +0,0 @@ -.\" $OpenBSD: PKCS12_newpass.3,v 1.4 2019/06/14 13:59:32 schwarze Exp $ -.\" OpenSSL c95a8b4e May 5 14:26:26 2016 +0100 -.\" -.\" This file was written by Jeffrey Walton . -.\" Copyright (c) 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: June 14 2019 $ -.Dt PKCS12_NEWPASS 3 -.Os -.Sh NAME -.Nm PKCS12_newpass -.Nd change the password of a PKCS#12 structure -.Sh SYNOPSIS -.In openssl/pkcs12.h -.Ft int -.Fo PKCS12_newpass -.Fa "PKCS12 *p12" -.Fa "const char *oldpass" -.Fa "const char *newpass" -.Fc -.Sh DESCRIPTION -.Fn PKCS12_newpass -changes the password of a PKCS#12 structure. -.Pp -.Fa p12 -is a pointer to a PKCS#12 structure. -.Fa oldpass -is the existing password and -.Fa newpass -is the new password. -.Pp -If the PKCS#12 structure does not have a password, use the empty -string -.Qq \& -for -.Fa oldpass . -Passing -.Dv NULL -for -.Fa oldpass -results in a -.Fn PKCS12_newpass -failure. -.Pp -If the wrong password is used for -.Fa oldpass , -the function will fail with a MAC verification error. -In rare cases, the PKCS#12 structure does not contain a MAC: -in this case it will usually fail with a decryption padding error. -.Sh RETURN VALUES -Upon successful completion, 1 is returned; -otherwise 0 is returned and an error code can be retrieved with -.Xr ERR_get_error 3 . -.Sh EXAMPLES -This example loads a PKCS#12 file, changes its password, -and writes out the result to a new file. -.Bd -literal -#include -#include -#include -#include -#include - -int main(int argc, char **argv) -{ - FILE *fp; - PKCS12 *p12; - if (argc != 5) { - fprintf(stderr, - "Usage: pkread p12file password newpass opfile\en"); - return 1; - } - if ((fp = fopen(argv[1], "rb")) == NULL) { - fprintf(stderr, "Error opening file %s\en", argv[1]); - return 1; - } - p12 = d2i_PKCS12_fp(fp, NULL); - fclose(fp); - if (p12 == NULL) { - fprintf(stderr, "Error reading PKCS#12 file\en"); - ERR_print_errors_fp(stderr); - return 1; - } - if (PKCS12_newpass(p12, argv[2], argv[3]) == 0) { - fprintf(stderr, "Error changing password\en"); - ERR_print_errors_fp(stderr); - PKCS12_free(p12); - return 1; - } - if ((fp = fopen(argv[4], "wb")) == NULL) { - fprintf(stderr, "Error opening file %s\en", argv[4]); - PKCS12_free(p12); - return 1; - } - i2d_PKCS12_fp(fp, p12); - PKCS12_free(p12); - fclose(fp); - return 0; -} -.Ed -.Sh SEE ALSO -.Xr PKCS12_create 3 , -.Xr PKCS12_new 3 -.Sh HISTORY -.Fn PKCS12_newpass -first appeared in OpenSSL 0.9.5 and has been available since -.Ox 2.7 . -.Sh BUGS -The password format is a NUL terminated ASCII string which is -converted to Unicode form internally. -As a result, some passwords cannot be supplied to this function. diff --git a/src/lib/libcrypto/man/PKCS12_parse.3 b/src/lib/libcrypto/man/PKCS12_parse.3 deleted file mode 100644 index 4e92d303c7..0000000000 --- a/src/lib/libcrypto/man/PKCS12_parse.3 +++ /dev/null @@ -1,145 +0,0 @@ -.\" $OpenBSD: PKCS12_parse.3,v 1.7 2021/07/09 12:07:27 schwarze Exp $ -.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2002, 2009 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 9 2021 $ -.Dt PKCS12_PARSE 3 -.Os -.Sh NAME -.Nm PKCS12_parse -.Nd parse a PKCS#12 structure -.Sh SYNOPSIS -.In openssl/pkcs12.h -.Ft int -.Fo PKCS12_parse -.Fa "PKCS12 *p12" -.Fa "const char *pass" -.Fa "EVP_PKEY **pkey" -.Fa "X509 **cert" -.Fa "STACK_OF(X509) **ca" -.Fc -.Sh DESCRIPTION -.Fn PKCS12_parse -parses a PKCS12 structure. -.Pp -.Fa p12 -is the -.Vt PKCS12 -structure to parse. -.Fa pass -is the passphrase to use. -If successful, the private key will be written to -.Pf * Fa pkey , -the corresponding certificate to -.Pf * Fa cert , -and any additional certificates to -.Pf * Fa ca . -.Pp -The parameters -.Fa pkey -and -.Fa cert -cannot be -.Dv NULL . -.Fa ca -can be -.Dv NULL , -in which case additional certificates will be discarded. -.Pf * Fa ca -can also be a valid STACK, in which case additional certificates are -appended to -.Pf * Fa ca . -If -.Pf * Fa ca -is -.Dv NULL , -a new STACK will be allocated. -.Pp -The -.Sy friendlyName -and -.Sy localKeyID -attributes (if present) of each certificate will be stored in the -.Fa alias -and -.Fa keyid -attributes of the -.Vt X509 -structure. -.Sh RETURN VALUES -.Fn PKCS12_parse -returns 1 for success and 0 if an error occurred. -.Pp -The error can be obtained from -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr d2i_PKCS12 3 , -.Xr PKCS12_create 3 , -.Xr PKCS12_new 3 , -.Xr X509_keyid_set1 3 -.Sh HISTORY -.Fn PKCS12_parse -first appeared in OpenSSL 0.9.3 and has been available since -.Ox 2.6 . -.Sh BUGS -Only a single private key and corresponding certificate is returned by -this function. -More complex PKCS#12 files with multiple private keys will only return -the first match. -.Pp -Only -.Sy friendlyName -and -.Sy localKeyID -attributes are currently stored in certificates. -Other attributes are discarded. -.Pp -Attributes currently cannot be stored in the private key -.Vt EVP_PKEY -structure. diff --git a/src/lib/libcrypto/man/PKCS5_PBKDF2_HMAC.3 b/src/lib/libcrypto/man/PKCS5_PBKDF2_HMAC.3 deleted file mode 100644 index 3a448b92a7..0000000000 --- a/src/lib/libcrypto/man/PKCS5_PBKDF2_HMAC.3 +++ /dev/null @@ -1,163 +0,0 @@ -.\" $OpenBSD: PKCS5_PBKDF2_HMAC.3,v 1.9 2019/06/07 20:46:25 schwarze Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Jeffrey Walton . -.\" Copyright (c) 2014, 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: June 7 2019 $ -.Dt PKCS5_PBKDF2_HMAC 3 -.Os -.Sh NAME -.Nm PKCS5_PBKDF2_HMAC , -.Nm PKCS5_PBKDF2_HMAC_SHA1 -.Nd password based derivation routines with salt and iteration count -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo PKCS5_PBKDF2_HMAC -.Fa "const char *pass" -.Fa "int passlen" -.Fa "const unsigned char *salt" -.Fa "int saltlen" -.Fa "int iter" -.Fa "const EVP_MD *digest" -.Fa "int keylen" -.Fa "unsigned char *out" -.Fc -.Ft int -.Fo PKCS5_PBKDF2_HMAC_SHA1 -.Fa "const char *pass" -.Fa "int passlen" -.Fa "const unsigned char *salt" -.Fa "int saltlen" -.Fa "int iter" -.Fa "int keylen" -.Fa "unsigned char *out" -.Fc -.Sh DESCRIPTION -.Fn PKCS5_PBKDF2_HMAC -derives a key from a password using a salt and iteration count as -specified in RFC 2898. -.Pp -.Fa pass -is the password used in the derivation of length -.Fa passlen . -.Fa pass -is an optional parameter and can be -.Dv NULL . -If -.Fa passlen -is -1, then the function will calculate the length of -.Fa pass -using -.Xr strlen 3 . -.Pp -.Fa salt -is the salt used in the derivation of length -.Fa saltlen . -If the -.Fa salt -is -.Dv NULL , -then -.Fa saltlen -must be 0. -The function will not attempt to calculate the length of the -.Fa salt -because it is not assumed to be NUL terminated. -.Pp -.Fa iter -is the iteration count and its value should be greater than or equal to 1. -RFC 2898 suggests an iteration count of at least 1000. -Any -.Fa iter -less than 1 is treated as a single iteration. -.Pp -.Fa digest -is the message digest function used in the derivation. -Values include any of the EVP_* message digests. -.Fn PKCS5_PBKDF2_HMAC_SHA1 -calls -.Fn PKCS5_PBKDF2_HMAC -with -.Xr EVP_sha1 3 . -.Pp -The derived key will be written to -.Fa out . -The size of the -.Fa out -buffer is specified via -.Fa keylen . -.Pp -A typical application of this function is to derive keying material for -an encryption algorithm from a password in the -.Fa pass , -a salt in -.Fa salt , -and an iteration count. -.Pp -Increasing the -.Fa iter -parameter slows down the algorithm which makes it harder for an attacker -to perform a brute force attack using a large number of candidate -passwords. -.Sh RETURN VALUES -.Fn PKCS5_PBKDF2_HMAC -and -.Fn PBKCS5_PBKDF2_HMAC_SHA1 -return 1 on success or 0 on error. -.Sh SEE ALSO -.Xr EVP_BytesToKey 3 , -.Xr EVP_DigestInit 3 -.Sh HISTORY -.Fn PKCS5_PBKDF2_HMAC_SHA1 -first appeared in OpenSSL 0.9.4 and has been available since -.Ox 2.6 . -.Pp -.Fn PKCS5_PBKDF2_HMAC -first appeared in OpenSSL 1.0.0 and has been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/PKCS7_add_attribute.3 b/src/lib/libcrypto/man/PKCS7_add_attribute.3 deleted file mode 100644 index 4a1c350f98..0000000000 --- a/src/lib/libcrypto/man/PKCS7_add_attribute.3 +++ /dev/null @@ -1,365 +0,0 @@ -.\" $OpenBSD: PKCS7_add_attribute.3,v 1.3 2020/06/10 11:39:12 schwarze Exp $ -.\" -.\" Copyright (c) 2020 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: June 10 2020 $ -.Dt PKCS7_ADD_ATTRIBUTE 3 -.Os -.Sh NAME -.Nm PKCS7_add_attribute , -.Nm PKCS7_set_attributes , -.Nm PKCS7_get_attribute , -.Nm PKCS7_add_signed_attribute , -.Nm PKCS7_set_signed_attributes , -.Nm PKCS7_get_signed_attribute , -.Nm PKCS7_add_attrib_content_type , -.Nm PKCS7_add1_attrib_digest , -.Nm PKCS7_add0_attrib_signing_time , -.Nm PKCS7_add_attrib_smimecap -.Nd attributes of SignerInfo objects -.Sh SYNOPSIS -.In openssl/pkcs7.h -.Ft int -.Fo PKCS7_add_attribute -.Fa "PKCS7_SIGNER_INFO *si" -.Fa "int nid" -.Fa "int attrtype" -.Fa "void *value" -.Fc -.Ft int -.Fo PKCS7_set_attributes -.Fa "PKCS7_SIGNER_INFO *si" -.Fa "STACK_OF(X509_ATTRIBUTE) *sk" -.Fc -.Ft ASN1_TYPE * -.Fo PKCS7_get_attribute -.Fa "PKCS7_SIGNER_INFO *si" -.Fa "int nid" -.Fc -.Ft int -.Fo PKCS7_add_signed_attribute -.Fa "PKCS7_SIGNER_INFO *si" -.Fa "int nid" -.Fa "int attrtype" -.Fa "void *value" -.Fc -.Ft int -.Fo PKCS7_set_signed_attributes -.Fa "PKCS7_SIGNER_INFO *si" -.Fa "STACK_OF(X509_ATTRIBUTE) *sk" -.Fc -.Ft ASN1_TYPE * -.Fo PKCS7_get_signed_attribute -.Fa "PKCS7_SIGNER_INFO *si" -.Fa "int nid" -.Fc -.Ft int -.Fo PKCS7_add_attrib_content_type -.Fa "PKCS7_SIGNER_INFO *si" -.Fa "ASN1_OBJECT *coid" -.Fc -.Ft int -.Fo PKCS7_add1_attrib_digest -.Fa "PKCS7_SIGNER_INFO *si" -.Fa "const unsigned char *md" -.Fa "int mdlen" -.Fc -.Ft int -.Fo PKCS7_add0_attrib_signing_time -.Fa "PKCS7_SIGNER_INFO *si" -.Fa "ASN1_TIME *t" -.Fc -.Ft int -.Fo PKCS7_add_attrib_smimecap -.Fa "PKCS7_SIGNER_INFO *si" -.Fa "STACK_OF(X509_ALGOR) *cap" -.Fc -.Sh DESCRIPTION -.Fn PKCS7_add_attribute -appends a new attribute of type -.Fa nid -to the -.Fa unauthenticatedAttributes -list of -.Fa si , -and it adds a new ASN.1 ANY object of type -.Fa attrtype -with the given -.Fa value -to the new attribute. -Ownership of the -.Fa value -is transferred into the new attribute object, so the calling code -must not -.Xr free 3 -the -.Fa value . -If the list already contains an unauthenticated attribute of type -.Fa nid -before the call, the new attribute replaces the old one -instead of being appended to the end of the list. -.Pp -.Fn PKCS7_set_attributes -frees the -.Fa unauthenticatedAttributes -list of -.Fa si -and all the attributes contained in it and replaces it with a deep copy of -.Fa sk . -.Pp -.Fn PKCS7_get_attribute -retrieves the first ASN.1 ANY member of the attribute of type -.Fa nid -from the -.Fa unauthenticatedAttributes -list of -.Fa si . -.Pp -The behaviour of -.Fn PKCS7_add_signed_attribute , -.Fn PKCS7_set_signed_attributes , -and -.Fn PKCS7_get_signed_attribute -is identical except that they operate on the list of -.Fa authenticatedAttributes . -.Pp -The normal way to use -.Fn PKCS7_add_signed_attribute -is to first create a -.Vt SignedInfo -object with -.Xr PKCS7_sign 3 -using the -.Dv PKCS7_PARTIAL -or -.Dv PKCS7_STREAM -flag, retrieve the -.Vt PKCS7_SIGNER_INFO -object with -.Xr PKCS7_get_signer_info 3 -or add an additional one with -.Xr PKCS7_sign_add_signer 3 , -call -.Fn PKCS7_add_signed_attribute -for each desired additional attribute, then do the signing with -.Xr PKCS7_final 3 -or with another finalizing function. -.Pp -The four remaining functions are wrappers around -.Fn PKCS7_add_signed_attribute . -.Pp -.Fn PKCS7_add_attrib_content_type -sets the -.Dv NID_pkcs9_contentType -attribute to -.Fa coid , -which specifies the content type of the -.Vt ContentInfo -value to be signed. -This attribute is mandatory and automatically added by -.Xr PKCS7_sign 3 -and -.Xr PKCS7_sign_add_signer 3 -unless the -.Dv PKCS7_NOATTR -flag is present. -Objects suitable as -.Fa coid -arguments can for example be obtained with -.Xr OBJ_nid2obj 3 . -If -.Fa coid -is -.Dv NULL , -the content type defaults to -.Dv NID_pkcs7_data . -.Pp -.Fn PKCS7_add1_attrib_digest -sets or replaces the -.Dv NID_pkcs9_messageDigest -attribute, which is the message digest of the contents octets -of the DER-encoding of the content field of the -.Vt ContentInfo -value being signed, to a copy of -.Fa md , -which is assumed to be -.Fa mdlen -bytes long. -If -.Fa mdlen -is -1, then -.Fn strlen md -is used instead of -.Fa mdlen . -This attribute is mandatory and automatically added by -.Xr PKCS7_dataFinal 3 -and -.Xr PKCS7_final 3 . -.Pp -.Fn PKCS7_add0_attrib_signing_time -sets or replaces the optional -.Dv NID_pkcs9_signingTime -attribute to -.Fa t , -specifying the time at which the signer performed the signing process. -Ownership of -.Fa t -is transferred into the new attribute object, so the calling code -must not -.Xr free 3 -.Fa t . -If -.Fa t -is -.Dv NULL , -a new -.Vt ASN1_TIME -structure is allocated. -This attribute is automatically added by -.Xr PKCS7_dataFinal 3 -and -.Xr PKCS7_final 3 . -.Pp -.Fn PKCS7_add_attrib_smimecap -sets or replaces the optional -.Dv NID_SMIMECapabilities -attribute, indicating algorithms the sender is prepared to handle. -The -.Fa cap -pointer is not stored in the new attribute object and can be passed to -.Fn sk_X509_ALGOR_pop_free -after the call. -This attribute is automatically added by -.Xr PKCS7_sign 3 -and -.Xr PKCS7_sign_add_signer 3 -unless the -.Dv PKCS7_NOATTR -or -.Dv PKCS7_NOSMIMECAP -flag is present. -.Sh RETURN VALUES -.Fn PKCS7_add_attribute , -.Fn PKCS7_set_attributes , -.Fn PKCS7_add_signed_attribute , -.Fn PKCS7_set_signed_attributes , -.Fn PKCS7_add_attrib_content_type , -.Fn PKCS7_add1_attrib_digest , -.Fn PKCS7_add0_attrib_signing_time , -and -.Fn PKCS7_add_attrib_smimecap -return 1 on success or 0 on failure. -The most common reason for failure is lack of memory. -.Fn PKCS7_add_attribute -and -.Fn PKCS7_add_signed_attribute -also fail if -.Fa nid -is invalid, and -.Fn PKCS7_add_attrib_content_type -if -.Fa si -already contains an authenticated attribute of type -.Dv NID_pkcs9_contentType . -.Pp -.Fn PKCS7_get_attribute -and -.Fn PKCS7_get_signed_attribute -return an internal pointer to an ASN.1 ANY object or -.Dv NULL -on failure. -They fail if -.Fa nid -is invalid, if the respective list in -.Fa si -contains no attribute of the requested type, or if an invalid element -is found in the list before finding the attribute of the requested type. -.Sh SEE ALSO -.Xr ASN1_TIME_new 3 , -.Xr ASN1_TYPE_new 3 , -.Xr OBJ_nid2obj 3 , -.Xr PKCS7_final 3 , -.Xr PKCS7_get_signer_info 3 , -.Xr PKCS7_new 3 , -.Xr PKCS7_sign 3 , -.Xr PKCS7_sign_add_signer 3 , -.Xr STACK_OF 3 , -.Xr X509_ALGOR_new 3 , -.Xr X509_ATTRIBUTE_new 3 -.Sh STANDARDS -RFC 2315: PKCS #7: Cryptographic Message Syntax Version 1.5, -section 9.2: SignerInfo type -.Pp -RFC 2985: PKCS #9: Selected Object Classes and Attribute Types Version 2.0, -section 5.3: Attribute types for use in PKCS #7 data -and section 5.6: Attributes defined in S/MIME -.Pp -RFC 8551: Secure/Multipurpose Internet Mail Extensions (S/MIME) -Version 4.0 Message Specification, -section 2.5.2: SMIMECapabilities Attribute -.Sh HISTORY -.Fn PKCS7_add_attribute , -.Fn PKCS7_set_attributes , -.Fn PKCS7_get_attribute , -.Fn PKCS7_add_signed_attribute , -.Fn PKCS7_set_signed_attributes , -and -.Fn PKCS7_get_signed_attribute -first appeared in OpenSSL 0.9.1 and have been available since -.Ox 2.6 . -.Pp -.Fn PKCS7_add_attrib_smimecap -first appeared in OpenSSL 0.9.5 and has been available since -.Ox 2.7 . -.Pp -.Fn PKCS7_add_attrib_content_type , -.Fn PKCS7_add1_attrib_digest , -and -.Fn PKCS7_add0_attrib_signing_time -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . -.Sh CAVEATS -.Fn PKCS7_set_signed_attributes -does not validate that -.Fa sk -contains the PKCS #9 content type and message digest attributes -required by RFC 2315. -It succeeds even when -.Fa sk -is empty, leaving -.Fa si -in a state that violates the standard. -.Pp -.Fn PKCS7_add0_attrib_signing_time -does not validate -.Fa t -in any way. -In particular, it may set the signing time to the future -or to the remote past. -.Sh BUGS -A function to remove individual attributes from these lists -does not appear to exist. -A program desiring to do that might have to manually iterate the fields -.Fa auth_attr -and -.Fa unauth_attr -of -.Fa si , -which are both of type -.Vt STACK_OF(X509_ATTRIBUTE) , -using the facilities described in -.Xr STACK_OF 3 -and -.Xr OPENSSL_sk_new 3 . diff --git a/src/lib/libcrypto/man/PKCS7_dataFinal.3 b/src/lib/libcrypto/man/PKCS7_dataFinal.3 deleted file mode 100644 index 1a01b2ff61..0000000000 --- a/src/lib/libcrypto/man/PKCS7_dataFinal.3 +++ /dev/null @@ -1,158 +0,0 @@ -.\" $OpenBSD: PKCS7_dataFinal.3,v 1.3 2022/12/26 07:18:52 jmc Exp $ -.\" -.\" Copyright (c) 2020 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: December 26 2022 $ -.Dt PKCS7_DATAFINAL 3 -.Os -.Sh NAME -.Nm PKCS7_dataFinal -.Nd move data from a BIO chain to a ContentInfo object -.Sh SYNOPSIS -.In openssl/pkcs7.h -.Ft int -.Fo PKCS7_dataFinal -.Fa "PKCS7 *p7" -.Fa "BIO *chain" -.Fc -.Sh DESCRIPTION -.Fn PKCS7_dataFinal -transfers the data from the memory BIO at the end of the given -.Fa chain -into the appropriate content field of -.Fa p7 -itself or of its appropriate substructure. -It is typically used as the final step of populating -.Fa p7 , -after creating the -.Fa chain -with -.Xr PKCS7_dataInit 3 -and after writing the data into it. -.Pp -After calling -.Fn PKCS7_dataFinal , -the program can call -.Xr BIO_free_all 3 -on the -.Fa chain -because such chains are not designed for reuse. -.Pp -Depending on the -.Fa contentType -of -.Fa p7 , -.Fn PKCS7_dataFinal -sets the following fields: -.Bl -tag -width Ds -.It for Vt SignedData No or Vt DigestedData : -in substructures of the -.Fa content -field of -.Fa p7 : -the -.Fa content -field in the -.Vt ContentInfo -structure (unless -.Fa p7 -is configured to store a detached signature) and the -.Fa encryptedDigest -fields in all the -.Vt SignerInfo -structures -.It for Vt EnvelopedData No or Vt SignedAndEnvelopedData : -the -.Fa encryptedContent -field in the -.Vt EncryptedContentInfo -structure contained in the -.Fa content -field of -.Fa p7 -.It for arbitrary data : -the -.Fa content -field of -.Fa p7 -itself -.El -.Sh RETURN VALUES -.Fn PKCS7_dataFinal -returns 1 on success or 0 on failure. -.Pp -Possible reasons for failure include: -.Pp -.Bl -dash -compact -offset 2n -width 1n -.It -.Fa p7 -is -.Dv NULL . -.It -The -.Fa content -field of -.Fa p7 -is empty. -.It -The -.Fa contentType -of -.Fa p7 -is unsupported. -.It -The -.Fa chain -does not contain the expected memory BIO. -.It -Signing or digesting is requested and -.Fa p7 -is not configured to store a detached signature, -but does not contain the required field to store the content either. -.It -At least one signer lacks a usable digest algorithm. -.It -Signing or digesting fails. -.It -Memory allocation fails. -.El -.Pp -Signers lacking private keys do not cause failure -but are silently skipped. -.Sh SEE ALSO -.Xr BIO_new 3 , -.Xr PKCS7_dataInit 3 , -.Xr PKCS7_final 3 , -.Xr PKCS7_new 3 , -.Xr PKCS7_sign 3 -.Sh HISTORY -.Fn PKCS7_dataFinal -first appeared in SSLeay 0.9.1 and has been available since -.Ox 2.6 . -.Sh CAVEATS -This function does not support -.Vt EncryptedData . -.Pp -Even though this function is typically used after -.Xr PKCS7_dataInit 3 -and even though -.Xr PKCS7_dataInit 3 -also supports reading from -.Vt ContentInfo -structures that are already fully populated, do not use -.Fn PKCS7_dataFinal -on fully populated structures. -It is only intended for putting data into new structures -and it is neither needed nor suitable for reading. diff --git a/src/lib/libcrypto/man/PKCS7_dataInit.3 b/src/lib/libcrypto/man/PKCS7_dataInit.3 deleted file mode 100644 index cb54d3f95c..0000000000 --- a/src/lib/libcrypto/man/PKCS7_dataInit.3 +++ /dev/null @@ -1,226 +0,0 @@ -.\" $OpenBSD: PKCS7_dataInit.3,v 1.2 2020/06/03 13:41:27 schwarze Exp $ -.\" -.\" Copyright (c) 2020 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: June 3 2020 $ -.Dt PKCS7_DATAINIT 3 -.Os -.Sh NAME -.Nm PKCS7_dataInit -.Nd construct a BIO chain for adding or retrieving content -.Sh SYNOPSIS -.In openssl/pkcs7.h -.Ft BIO * -.Fo PKCS7_dataInit -.Fa "PKCS7 *p7" -.Fa "BIO *indata" -.Fc -.Sh DESCRIPTION -.Fn PKCS7_dataInit -constructs a BIO chain in preparation for putting data into -or retrieving data out of -.Fa p7 . -Depending on the -.Fa contentType -of -.Fa p7 , -the created chain starts with: -.Bl -tag -width Ds -.It for Vt SignedData : -one or more -.Xr BIO_f_md 3 -message digest filters -.It for Vt EnvelopedData : -one -.Xr BIO_f_cipher 3 -encryption filter -.It for Vt SignedAndEnvelopedData : -one or more -.Xr BIO_f_md 3 -message digest filters followed by one -.Xr BIO_f_cipher 3 -encryption filter -.It for Vt DigestedData : -one -.Xr BIO_f_md 3 -message digest filter -.It for arbitrary data : -no filter BIO -.El -.Pp -One additional BIO is appended to the end of the chain, -depending on the first condition that holds in the following list: -.Bl -tag -width Ds -.It Fa indata -if the -.Fa indata -argument is not -.Dv NULL . -This only makes sense while verifying a detached signature, in which case -.Fa indata -is expected to supply the content associated with the detached signature. -.It Xr BIO_s_null 3 -if the -.Fa contentType -of -.Fa p7 -is -.Vt SignedData -and it is configured to contain a detached signature. -This only makes sense while creating the detached signature. -.It Xr BIO_new_mem_buf 3 -when reading from a -.Vt SignedData -or -.Vt DigestedData -object. -.Fn PKCS7_dataInit -attaches the end of the chain to the nested content of -.Fa p7 . -.It Xr BIO_s_mem 3 -otherwise. -This is the most common case while writing data to -.Fa p7 . -.Xr PKCS7_dataFinal 3 -can later be used to transfer the data from the memory BIO into -.Fa p7 . -.El -.Ss Adding content -Before calling -.Fn PKCS7_dataInit -in order to add content, -.Xr PKCS7_new 3 , -.Xr PKCS7_set_type 3 , -and -.Xr PKCS7_content_new 3 -are typically required to create -.Fa p7 , -to choose its desired type, and to allocate the nested -.Vt ContentInfo -structure. -Alternatively, for -.Vt SignedData , -.Xr PKCS7_sign 3 -can be used with the -.Dv PKCS7_PARTIAL -or -.Dv PKCS7_STREAM -.Fa flags -or for -.Vt EnvelopedData , -.Xr PKCS7_encrypt 3 -with the -.Dv PKCS7_STREAM -flag. -.Pp -After calling -.Fn PKCS7_dataInit , -the desired data can be written into the returned -.Vt BIO , -.Xr BIO_flush 3 -can be called on it, -.Xr PKCS7_dataFinal 3 -can be used to transfer the processed data -from the returned memory BIO to the -.Fa p7 -structure, and the chain can finally be destroyed with -.Xr BIO_free_all 3 . -.Pp -While -.Fn PKCS7_dataInit -does support the -.Vt EnvelopedData -and -.Vt SignedAndEnvelopedData -types, using it for these types is awkward and error prone -except when using -.Xr PKCS7_encrypt 3 -for the setup because -.Xr PKCS7_content_new 3 -does not support these two types. -So in addition to creating -.Fa p7 -itself and setting its type, the nested -.Fa ContentInfo -structure also needs to be constructed with -.Xr PKCS7_new 3 -and -.Xr PKCS7_set_type 3 -and manually inserted into the correct field -of the respective sub-structure of -.Fa p7 . -.Ss Retrieving content -.Fn PKCS7_dataInit -can also be called on a fully populated object of type -.Vt SignedData -or -.Vt DigestedData . -After that, -.Xr BIO_read 3 -can be used to retrieve data from it. -In this use case, do not call -.Xr PKCS7_dataFinal 3 ; -simply proceed directly to -.Xr BIO_free_all 3 -after reading the data. -.Sh RETURN VALUES -.Fn PKCS7_dataInit -returns a BIO chain on success or -.Dv NULL -on failure. -It fails if -.Fa p7 -is -.Dv NULL , -if the -.Fa content -field of -.Fa p7 -is empty, if the -.Fa contentType -of -.Fa p7 -is unsupported, if a cipher is required but none is configured, or -if any required operation fails, for example due to lack of memory -or for various other reasons. -.Sh SEE ALSO -.Xr BIO_new 3 , -.Xr BIO_read 3 , -.Xr PKCS7_content_new 3 , -.Xr PKCS7_dataFinal 3 , -.Xr PKCS7_encrypt 3 , -.Xr PKCS7_final 3 , -.Xr PKCS7_new 3 , -.Xr PKCS7_set_type 3 , -.Xr PKCS7_sign 3 -.Sh HISTORY -.Fn PKCS7_dataInit -first appeared in SSLeay 0.8.1 and has been available since -.Ox 2.4 . -.Sh CAVEATS -This function does not support -.Vt EncryptedData . -.Sh BUGS -If -.Fa p7 -is a fully populated structure containing -.Vt EnvelopedData , -.Vt SignedAndEnvelopedData , -or arbitrary data, -.Fn PKCS7_dataInit -returns a BIO chain that ultimately reads from an empty memory BIO, -so reading from it will instantly return an end-of-file indication -rather than reading the actual data contained in -.Fa p7 . diff --git a/src/lib/libcrypto/man/PKCS7_decrypt.3 b/src/lib/libcrypto/man/PKCS7_decrypt.3 deleted file mode 100644 index 8d00499b57..0000000000 --- a/src/lib/libcrypto/man/PKCS7_decrypt.3 +++ /dev/null @@ -1,118 +0,0 @@ -.\" $OpenBSD: PKCS7_decrypt.3,v 1.10 2019/06/10 14:58:48 schwarze Exp $ -.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2002, 2006 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: June 10 2019 $ -.Dt PKCS7_DECRYPT 3 -.Os -.Sh NAME -.Nm PKCS7_decrypt -.Nd decrypt content from a PKCS#7 envelopedData structure -.Sh SYNOPSIS -.In openssl/pkcs7.h -.Ft int -.Fo PKCS7_decrypt -.Fa "PKCS7 *p7" -.Fa "EVP_PKEY *pkey" -.Fa "X509 *cert" -.Fa "BIO *data" -.Fa "int flags" -.Fc -.Sh DESCRIPTION -.Fn PKCS7_decrypt -extracts and decrypts the content from a PKCS#7 envelopedData structure. -.Fa pkey -is the private key of the recipient, -.Fa cert -is the recipient's certificate, -.Fa data -is a -.Vt BIO -to write the content to and -.Fa flags -is an optional set of flags. -.Pp -Although the recipient's certificate is not needed to decrypt the data, -it is needed to locate the appropriate recipients -in the PKCS#7 structure. -.Pp -If the -.Dv PKCS7_TEXT -.Fa flag -is set, MIME headers for type -.Sy text/plain -are deleted from the content. -If the content is not of type -.Sy text/plain , -an error is returned. -.Sh RETURN VALUES -.Fn PKCS7_decrypt -returns 1 for success or 0 for failure. -.Pp -The error can be obtained from -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr PKCS7_encrypt 3 , -.Xr PKCS7_new 3 , -.Xr PKCS7_verify 3 -.Sh HISTORY -.Fn PKCS7_decrypt -first appeared in OpenSSL 0.9.5 and has been available since -.Ox 2.7 . -.Sh BUGS -.Fn PKCS7_decrypt -must be passed the correct recipient key and certificate. -It would be better if it could look up the correct key and certificate -from a database. -.Pp -The lack of single pass processing and need to hold all data in memory -as mentioned in -.Xr PKCS7_sign 3 -also applies to -.Fn PKCS7_decrypt . diff --git a/src/lib/libcrypto/man/PKCS7_encrypt.3 b/src/lib/libcrypto/man/PKCS7_encrypt.3 deleted file mode 100644 index 700498a1de..0000000000 --- a/src/lib/libcrypto/man/PKCS7_encrypt.3 +++ /dev/null @@ -1,169 +0,0 @@ -.\" $OpenBSD: PKCS7_encrypt.3,v 1.11 2020/06/03 13:41:27 schwarze Exp $ -.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2002, 2006, 2007, 2008, 2009 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: June 3 2020 $ -.Dt PKCS7_ENCRYPT 3 -.Os -.Sh NAME -.Nm PKCS7_encrypt -.Nd create a PKCS#7 envelopedData structure -.Sh SYNOPSIS -.In openssl/pkcs7.h -.Ft PKCS7 * -.Fo PKCS7_encrypt -.Fa "STACK_OF(X509) *certs" -.Fa "BIO *in" -.Fa "const EVP_CIPHER *cipher" -.Fa "int flags" -.Fc -.Sh DESCRIPTION -.Fn PKCS7_encrypt -creates and returns a PKCS#7 envelopedData structure. -.Fa certs -is a list of recipient certificates. -.Fa in -is the content to be encrypted. -.Fa cipher -is the symmetric cipher to use. -.Fa flags -is an optional set of flags. -.Pp -Only RSA keys are supported in PKCS#7 and envelopedData so the recipient -certificates supplied to this function must all contain RSA public keys, -though they do not have to be signed using the RSA algorithm. -.Pp -The algorithm passed in the -.Fa cipher -parameter must support ASN.1 encoding of its parameters. -.Pp -Many browsers implement a "sign and encrypt" option which is simply an -S/MIME envelopedData containing an S/MIME signed message. -This can be readily produced by storing the S/MIME signed message in a -memory -.Vt BIO -and passing it to -.Fn PKCS7_encrypt . -.Pp -The following flags can be passed in the -.Fa flags -parameter. -.Pp -If the -.Dv PKCS7_TEXT -flag is set, MIME headers for type -.Sy text/plain -are prepended to the data. -.Pp -Normally the supplied content is translated into MIME canonical format -(as required by the S/MIME specifications). -If -.Dv PKCS7_BINARY -is set, no translation occurs. -This option should be used if the supplied data is in binary format; -otherwise, the translation will corrupt it. -If -.Dv PKCS7_BINARY -is set, then -.Dv PKCS7_TEXT -is ignored. -.Pp -If the -.Dv PKCS7_STREAM -flag is set, a partial -.Vt PKCS7 -structure is output suitable for streaming I/O: no data is read from -.Fa in . -.Pp -If the flag -.Dv PKCS7_STREAM -is set, the returned -.Vt PKCS7 -structure is -.Sy not -complete and outputting its contents via a function that does not -properly finalize the -.Vt PKCS7 -structure will give unpredictable results. -.Pp -Several functions including -.Xr PKCS7_final 3 , -.Xr SMIME_write_PKCS7 3 , -.Xr PEM_write_bio_PKCS7_stream 3 , -and -.Xr i2d_PKCS7_bio_stream 3 -finalize the structure. -Alternatively finalization can be performed by obtaining the streaming -ASN.1 -.Vt BIO -directly using -.Fn BIO_new_PKCS7 . -.Sh RETURN VALUES -.Fn PKCS7_encrypt -returns either a -.Vt PKCS7 -structure or -.Dv NULL -if an error occurred. -The error can be obtained from -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr PKCS7_decrypt 3 , -.Xr PKCS7_final 3 , -.Xr PKCS7_new 3 , -.Xr PKCS7_sign 3 -.Sh HISTORY -.Fn PKCS7_encrypt -first appeared in OpenSSL 0.9.5 and has been available since -.Ox 2.7 . -.Pp -The -.Dv PKCS7_STREAM -flag was first supported in OpenSSL 1.0.0. diff --git a/src/lib/libcrypto/man/PKCS7_final.3 b/src/lib/libcrypto/man/PKCS7_final.3 deleted file mode 100644 index 775b84d984..0000000000 --- a/src/lib/libcrypto/man/PKCS7_final.3 +++ /dev/null @@ -1,202 +0,0 @@ -.\" $OpenBSD: PKCS7_final.3,v 1.3 2022/12/26 07:18:52 jmc Exp $ -.\" -.\" Copyright (c) 2020 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: December 26 2022 $ -.Dt PKCS7_FINAL 3 -.Os -.Sh NAME -.Nm PKCS7_final -.Nd read data from a BIO into a ContentInfo object -.Sh SYNOPSIS -.In openssl/pkcs7.h -.Ft int -.Fo PKCS7_final -.Fa "PKCS7 *p7" -.Fa "BIO *data" -.Fa "int flags" -.Fc -.Sh DESCRIPTION -.Fn PKCS7_final -reads -.Fa data -and puts it into the appropriate content field of -.Fa p7 -itself or of its appropriate substructure, which can be of type -.Vt SignedData , -.Vt EnvelopedData , -.Vt SignedAndEnvelopedData , -.Vt DigestedData , -or arbitrary data. -The -.Xr PKCS7_dataFinal 3 -manual explains which field exactly the data is put into. -.Pp -The following -.Fa flags -are recognized: -.Bl -tag -width PKCS7_BINARY -.It Dv PKCS7_BINARY -Copy the data verbatim without changing any bytes. -By default, line endings are replaced with two-byte -.Qq \er\en -sequences (ASCII CR+LF). -If this flag is set, -.Dv PKCS7_TEXT -is ignored. -.It Dv PKCS7_TEXT -Prepend -.Qq Content-Type: text/plain -followed by a blank line to the data. -This flag is ignored if -.Dv PKCS7_BINARY -is also set. -.El -.Pp -If any other bits are set in -.Fa flags , -for example -.Dv PKCS7_STREAM -or -.Dv PKCS7_PARTIAL , -they are ignored, allowing to pass the same -.Fa flags -argument that was already passed to -.Xr PKCS7_sign 3 -or -.Xr PKCS7_encrypt 3 . -.Pp -.Fn PKCS7_final -is most commonly used to finalize a -.Fa p7 -object returned from a call to -.Xr PKCS7_sign 3 -that used -.Fa flags -including -.Dv PKCS7_PARTIAL -or -.Dv PKCS7_STREAM . -With these flags, -.Xr PKCS7_sign 3 -ignores its -.Fa data -argument. -The partial -.Fa p7 -object returned can then be customized, for example setting up -multiple signers or non-default digest algorithms with -.Xr PKCS7_sign_add_signer 3 , -before calling -.Fn PKCS7_final . -.Pp -Similarly, -.Fn PKCS7_final -can be used to finalize a -.Fa p7 -object returned from a call to -.Xr PKCS7_encrypt 3 -that used -.Fa flags -including -.Dv PKCS7_STREAM . -.Pp -Since -.Fn PKCS7_final -starts by calling -.Xr PKCS7_dataInit 3 -internally, using it to finalize a -.Fa p7 -object containing -.Vt SignedAndEnvelopedData , -.Vt DigestedData , -or arbitrary data requires the setup described in the -.Xr PKCS7_dataInit 3 -manual. -For -.Vt SignedData -and -.Vt EnvelopedData , -such manual setup is also feasible, but it is more easily performed with -.Xr PKCS7_sign 3 -or -.Xr PKCS7_encrypt 3 , -respectively. -.Pp -.Fn PKCS7_final -is only one among several functions that can be used to finalize -.Fa p7 ; -alternatives include -.Xr SMIME_write_PKCS7 3 , -.Xr PEM_write_bio_PKCS7_stream 3 , -and -.Xr i2d_PKCS7_bio_stream 3 . -.Sh RETURN VALUES -.Fn PKCS7_final -returns 1 on success or 0 on failure. -.Pp -Possible reasons for failure include: -.Pp -.Bl -dash -compact -offset 2n -width 1n -.It -.Fa p7 -is -.Dv NULL . -.It -The -.Fa content -field of -.Fa p7 -is empty. -.It -The -.Fa contentType -of -.Fa p7 -is unsupported. -.It -Signing or digesting is requested and -.Fa p7 -is not configured to store a detached signature, but does not contain -the required field to store the content either. -.It -At least one signer lacks a usable digest algorithm. -.It -A cipher is required but none is configured. -.It -Any required operation fails, for example signing or digesting. -.It -Memory allocation fails. -.El -.Pp -Signers lacking private keys do not cause failure but are silently skipped. -.Sh SEE ALSO -.Xr BIO_new 3 , -.Xr i2d_PKCS7_bio_stream 3 , -.Xr PEM_write_bio_PKCS7_stream 3 , -.Xr PKCS7_add_attribute 3 , -.Xr PKCS7_dataFinal 3 , -.Xr PKCS7_dataInit 3 , -.Xr PKCS7_encrypt 3 , -.Xr PKCS7_new 3 , -.Xr PKCS7_sign 3 , -.Xr SMIME_write_PKCS7 3 -.Sh HISTORY -.Fn PKCS7_final -first appeared in OpenSSL 1.0.0 and has been available since -.Ox 4.9 . -.Sh CAVEATS -This function does not support -.Vt EncryptedData . diff --git a/src/lib/libcrypto/man/PKCS7_get_signer_info.3 b/src/lib/libcrypto/man/PKCS7_get_signer_info.3 deleted file mode 100644 index 280f373ead..0000000000 --- a/src/lib/libcrypto/man/PKCS7_get_signer_info.3 +++ /dev/null @@ -1,62 +0,0 @@ -.\" $OpenBSD: PKCS7_get_signer_info.3,v 1.1 2020/06/10 11:43:08 schwarze Exp $ -.\" -.\" Copyright (c) 2020 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: June 10 2020 $ -.Dt PKCS7_GET_SIGNER_INFO 3 -.Os -.Sh NAME -.Nm PKCS7_get_signer_info -.Nd retrieve signerInfos from a SignedData object -.Sh SYNOPSIS -.In openssl/pkcs7.h -.Ft STACK_OF(PKCS7_SIGNER_INFO) * -.Fn PKCS7_get_signer_info "PKCS7 *p7" -.Sh DESCRIPTION -This function retrieves the set of -.Vt SignerInfo -structures from the -.Fa signerInfos -field of -.Fa p7 . -.Pp -These can subsequently be manipulated with the functions documented in -.Xr PKCS7_add_attribute 3 . -.Sh RETURN VALUES -.Fn PKCS7_get_signer_info -returns an internal pointer to a -.Vt STACK_OF(PKCS7_SIGNER_INFO) -object or -.Dv NULL -on failure. -It fails if -.Fa p7 -is -.Dv NULL , -if it has no content, -or if it is of a type other than -.Vt SignedData -or -.Vt SignedAndEnvelopedData . -.Sh SEE ALSO -.Xr PKCS7_add_attribute 3 , -.Xr PKCS7_final 3 , -.Xr PKCS7_new 3 , -.Xr PKCS7_sign 3 , -.Xr PKCS7_sign_add_signer 3 -.Sh HISTORY -.Fn PKCS7_get_signer_info -first appeared in SSLeay 0.8.1 and has been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/PKCS7_new.3 b/src/lib/libcrypto/man/PKCS7_new.3 deleted file mode 100644 index 151261a312..0000000000 --- a/src/lib/libcrypto/man/PKCS7_new.3 +++ /dev/null @@ -1,269 +0,0 @@ -.\" $OpenBSD: PKCS7_new.3,v 1.12 2020/06/10 11:43:08 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: June 10 2020 $ -.Dt PKCS7_NEW 3 -.Os -.Sh NAME -.Nm PKCS7_new , -.Nm PKCS7_free , -.Nm PKCS7_SIGNED_new , -.Nm PKCS7_SIGNED_free , -.Nm PKCS7_ENVELOPE_new , -.Nm PKCS7_ENVELOPE_free , -.Nm PKCS7_SIGN_ENVELOPE_new , -.Nm PKCS7_SIGN_ENVELOPE_free , -.Nm PKCS7_DIGEST_new , -.Nm PKCS7_DIGEST_free , -.Nm PKCS7_ENCRYPT_new , -.Nm PKCS7_ENCRYPT_free , -.Nm PKCS7_ENC_CONTENT_new , -.Nm PKCS7_ENC_CONTENT_free , -.Nm PKCS7_SIGNER_INFO_new , -.Nm PKCS7_SIGNER_INFO_free , -.Nm PKCS7_RECIP_INFO_new , -.Nm PKCS7_RECIP_INFO_free , -.Nm PKCS7_ISSUER_AND_SERIAL_new , -.Nm PKCS7_ISSUER_AND_SERIAL_free -.Nd PKCS#7 data structures -.Sh SYNOPSIS -.In openssl/pkcs7.h -.Ft PKCS7 * -.Fn PKCS7_new void -.Ft void -.Fn PKCS7_free "PKCS7 *p7" -.Ft PKCS7_SIGNED * -.Fn PKCS7_SIGNED_new void -.Ft void -.Fn PKCS7_SIGNED_free "PKCS7_SIGNED *signed" -.Ft PKCS7_ENVELOPE * -.Fn PKCS7_ENVELOPE_new void -.Ft void -.Fn PKCS7_ENVELOPE_free "PKCS7_ENVELOPE *envelope" -.Ft PKCS7_SIGN_ENVELOPE * -.Fn PKCS7_SIGN_ENVELOPE_new void -.Ft void -.Fn PKCS7_SIGN_ENVELOPE_free "PKCS7_SIGN_ENVELOPE *signed_envelope" -.Ft PKCS7_DIGEST * -.Fn PKCS7_DIGEST_new void -.Ft void -.Fn PKCS7_DIGEST_free "PKCS7_DIGEST *digested" -.Ft PKCS7_ENCRYPT * -.Fn PKCS7_ENCRYPT_new void -.Ft void -.Fn PKCS7_ENCRYPT_free "PKCS7_ENCRYPT *encrypted" -.Ft PKCS7_ENC_CONTENT * -.Fn PKCS7_ENC_CONTENT_new void -.Ft void -.Fn PKCS7_ENC_CONTENT_free "PKCS7_ENC_CONTENT *content" -.Ft PKCS7_SIGNER_INFO * -.Fn PKCS7_SIGNER_INFO_new void -.Ft void -.Fn PKCS7_SIGNER_INFO_free "PKCS7_SIGNER_INFO *signer" -.Ft PKCS7_RECIP_INFO * -.Fn PKCS7_RECIP_INFO_new void -.Ft void -.Fn PKCS7_RECIP_INFO_free "PKCS7_RECIP_INFO *recip" -.Ft PKCS7_ISSUER_AND_SERIAL * -.Fn PKCS7_ISSUER_AND_SERIAL_new void -.Ft void -.Fn PKCS7_ISSUER_AND_SERIAL_free "PKCS7_ISSUER_AND_SERIAL *cert" -.Sh DESCRIPTION -PKCS#7 is an ASN.1-based format for transmitting data that has -cryptography applied to it, in particular signed and encrypted data. -.Pp -.Fn PKCS7_new -allocates and initializes an empty -.Vt PKCS7 -object, representing an ASN.1 -.Vt ContentInfo -structure defined in RFC 2315 section 7. -It is the top-level data structure able to hold any kind of content -that can be transmitted using PKCS#7. -It can be used recursively in -.Vt PKCS7_SIGNED -and -.Vt PKCS7_DIGEST -objects. -.Fn PKCS7_free -frees -.Fa p7 . -.Pp -.Fn PKCS7_SIGNED_new -allocates and initializes an empty -.Vt PKCS7_SIGNED -object, representing an ASN.1 -.Vt SignedData -structure defined in RFC 2315 section 9. -It can be used inside -.Vt PKCS7 -objects and holds any kind of content together with signatures by -zero or more signers and information about the signing algorithm -and certificates used. -.Fn PKCS7_SIGNED_free -frees -.Fa signed . -.Pp -.Fn PKCS7_ENVELOPE_new -allocates and initializes an empty -.Vt PKCS7_ENVELOPE -object, representing an ASN.1 -.Vt EnvelopedData -structure defined in RFC 2315 section 10. -It can be used inside -.Vt PKCS7 -objects and holds any kind of encrypted content together with -content-encryption keys for one or more recipients. -.Fn PKCS7_ENVELOPE_free -frees -.Fa envelope . -.Pp -.Fn PKCS7_SIGN_ENVELOPE_new -allocates and initializes an empty -.Vt PKCS7_SIGN_ENVELOPE -object, representing an ASN.1 -.Vt SignedAndEnvelopedData -structure defined in RFC 2315 section 11. -It can be used inside -.Vt PKCS7 -objects and holds any kind of encrypted content together with -signatures by one or more signers, information about the signing -algorithm and certificates used, and content-encryption keys for -one or more recipients. -.Fn PKCS7_SIGN_ENVELOPE_free -frees -.Fa signed_envelope . -.Pp -.Fn PKCS7_DIGEST_new -allocates and initializes an empty -.Vt PKCS7_DIGEST -object, representing an ASN.1 -.Vt DigestedData -structure defined in RFC 2315 section 12. -It can be used inside -.Vt PKCS7 -objects and holds any kind of content together with a message digest -for checking its integrity and information about the algorithm used. -.Fn PKCS7_DIGEST_free -frees -.Fa digested . -.Pp -.Fn PKCS7_ENCRYPT_new -allocates and initializes an empty -.Vt PKCS7_ENCRYPT -object, representing an ASN.1 -.Vt EncryptedData -structure defined in RFC 2315 section 13. -It can be used inside -.Vt PKCS7 -objects and holds any kind of encrypted content. -Keys are not included and need to be communicated separately. -.Fn PKCS7_ENCRYPT_free -frees -.Fa encrypted . -.Pp -.Fn PKCS7_ENC_CONTENT_new -allocates and initializes an empty -.Vt PKCS7_ENC_CONTENT -object, representing an ASN.1 -.Vt EncryptedContentInfo -structure defined in RFC 2315 section 10.1. -It can be used inside -.Vt PKCS7_ENVELOPE , -.Vt PKCS7_SIGN_ENVELOPE , -and -.Vt PKCS7_ENCRYPT -objects and holds encrypted content together with information about -the encryption algorithm used. -.Fn PKCS7_ENC_CONTENT_free -frees -.Fa content . -.Pp -.Fn PKCS7_SIGNER_INFO_new -allocates and initializes an empty -.Vt PKCS7_SIGNER_INFO -object, representing an ASN.1 -.Vt SignerInfo -structure defined in RFC 2315 section 9.2. -It can be used inside -.Vt PKCS7_SIGNED -and -.Vt PKCS7_SIGN_ENVELOPE -objects and holds a signature together with information about the -signer and the algorithms used. -.Fn PKCS7_SIGNER_INFO_free -frees -.Fa signer . -.Pp -.Fn PKCS7_RECIP_INFO_new -allocates and initializes an empty -.Vt PKCS7_RECIP_INFO -object, representing an ASN.1 -.Vt RecipientInfo -structure defined in RFC 2315 section 10.2. -It can be used inside -.Vt PKCS7_ENVELOPE -and -.Vt PKCS7_SIGN_ENVELOPE -objects and holds a content-encryption key together with information -about the intended recipient and the key encryption algorithm used. -.Fn PKCS7_RECIP_INFO_free -frees -.Fa recip . -.Pp -.Fn PKCS7_ISSUER_AND_SERIAL_new -allocates and initializes an empty -.Vt PKCS7_ISSUER_AND_SERIAL -object, representing an ASN.1 -.Vt IssuerAndSerialNumber -structure defined in RFC 2315 section 6.7. -It can be used inside -.Vt PKCS7_SIGNER_INFO -and -.Vt PKCS7_RECIP_INFO -objects and identifies a certificate by holding the distinguished -name of the certificate issuer and an issuer-specific certificate -serial number. -.Fn PKCS7_ISSUER_AND_SERIAL_free -frees -.Fa cert . -.Sh SEE ALSO -.Xr crypto 3 , -.Xr d2i_PKCS7 3 , -.Xr i2d_PKCS7_bio_stream 3 , -.Xr PEM_read_PKCS7 3 , -.Xr PEM_write_bio_PKCS7_stream 3 , -.Xr PKCS7_add_attribute 3 , -.Xr PKCS7_dataFinal 3 , -.Xr PKCS7_dataInit 3 , -.Xr PKCS7_decrypt 3 , -.Xr PKCS7_encrypt 3 , -.Xr PKCS7_final 3 , -.Xr PKCS7_get_signer_info 3 , -.Xr PKCS7_ISSUER_AND_SERIAL_digest 3 , -.Xr PKCS7_set_content 3 , -.Xr PKCS7_set_type 3 , -.Xr PKCS7_sign 3 , -.Xr PKCS7_sign_add_signer 3 , -.Xr PKCS7_verify 3 , -.Xr SMIME_read_PKCS7 3 , -.Xr SMIME_write_PKCS7 3 -.Sh STANDARDS -RFC 2315: PKCS #7: Cryptographic Message Syntax Version 1.5 -.Sh HISTORY -These functions first appeared in SSLeay 0.5.1 -and have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/PKCS7_set_content.3 b/src/lib/libcrypto/man/PKCS7_set_content.3 deleted file mode 100644 index fa057341d5..0000000000 --- a/src/lib/libcrypto/man/PKCS7_set_content.3 +++ /dev/null @@ -1,120 +0,0 @@ -.\" $OpenBSD: PKCS7_set_content.3,v 1.2 2020/05/24 12:37:30 schwarze Exp $ -.\" -.\" Copyright (c) 2020 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: May 24 2020 $ -.Dt PKCS7_SET_CONTENT 3 -.Os -.Sh NAME -.Nm PKCS7_set_content , -.Nm PKCS7_content_new -.Nd set the nested contentInfo in a PKCS#7 structure -.Sh SYNOPSIS -.In openssl/pkcs7.h -.Ft int -.Fo PKCS7_set_content -.Fa "PKCS7 *outer" -.Fa "PKCS7 *inner" -.Fc -.Ft int -.Fo PKCS7_content_new -.Fa "PKCS7 *outer" -.Fa "int inner_type" -.Fc -.Sh DESCRIPTION -If the -.Fa contentType -of the -.Fa outer -PKCS7 structure is -.Vt SignedData -or -.Vt DigestedData , -.Fn PKCS7_set_content -sets the -.Fa contentInfo -field of the -.Fa content -field of -.Fa outer -to -.Fa inner , -without copying -.Fa inner . -If there was previous -.Fa contentInfo , -it is freed rather than overwritten. -The rest of the internal state of -.Fa outer -and of its -.Fa content -remains unchanged. -.Pp -.Fn PKCS7_content_new -is similar except that it first allocates and initializes a new, empty -.Fa inner -object of the given -.Fa inner_type -using -.Xr PKCS7_new 3 -and -.Xr PKCS7_set_type 3 . -The -.Fa inner_type -can be any of the NIDs listed in the -.Xr PKCS7_set_type 3 -manual. -.Sh RETURN VALUES -These functions return 1 on success or 0 on failure. -They fail if the -.Fa contentType -of -.Fa outer -is unsupported. -.Fn PKCS7_content_new -can also fail when memory is exhausted. -In case of failure, -.Fa outer -remains unchanged. -.Sh SEE ALSO -.Xr PKCS7_dataInit 3 , -.Xr PKCS7_new 3 , -.Xr PKCS7_set_type 3 , -.Xr PKCS7_sign 3 -.Sh STANDARDS -RFC 2315: PKCS #7: Cryptographic Message Syntax Version 1.5 -.Bl -bullet -compact -offset 1n -width 1n -.It -Section 7. General syntax -.It -Section 9. Signed-data content type -.It -Section 12.\& Digested-data content type -.El -.Sh HISTORY -These functions first appeared in SSLeay 0.8.1 -and have been available since -.Ox 2.4 . -.Sh CAVEATS -Despite the function names, these functions do not set the -.Fa content -field of -.Fa outer , -but only the -.Fa contentInfo -field inside it. -The rest of the -.Fa content -remains unchanged. diff --git a/src/lib/libcrypto/man/PKCS7_set_type.3 b/src/lib/libcrypto/man/PKCS7_set_type.3 deleted file mode 100644 index f414b128a2..0000000000 --- a/src/lib/libcrypto/man/PKCS7_set_type.3 +++ /dev/null @@ -1,119 +0,0 @@ -.\" $OpenBSD: PKCS7_set_type.3,v 1.2 2020/05/20 11:40:26 schwarze Exp $ -.\" -.\" Copyright (c) 2020 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: May 20 2020 $ -.Dt PKCS7_SET_TYPE 3 -.Os -.Sh NAME -.Nm PKCS7_set_type , -.Nm PKCS7_set0_type_other -.Nd initialize type of PKCS#7 ContentInfo -.Sh SYNOPSIS -.In openssl/pkcs7.h -.Ft int -.Fo PKCS7_set_type -.Fa "PKCS7 *p7" -.Fa "int type" -.Fc -.Ft int -.Fo PKCS7_set0_type_other -.Fa "PKCS7 *p7" -.Fa "int type" -.Fa "ASN1_TYPE *content" -.Fc -.Sh DESCRIPTION -These functions set the -.Fa type -of an unused -.Vt ContentInfo -structure -.Fa p7 . -.Pp -The function -.Fn PKCS7_set_type -also allocates and initializes an empty child object in -.Fa p7 . -The -.Fa type -argument can be any of these NIDs, -creating a child object of the indicated data type: -.Pp -.Bl -column NID_pkcs7_signedAndEnveloped PKCS7_SIGN_ENVELOPE n.a. -compact -.It Fa type No argument Ta data type of child Ta version -.It Dv NID_pkcs7_data Ta Vt ASN1_OCTET_STRING Ta n.a. -.It Dv NID_pkcs7_digest Ta Vt PKCS7_DIGEST Ta 0 -.It Dv NID_pkcs7_encrypted Ta Vt PKCS7_ENCRYPT Ta 0 -.It Dv NID_pkcs7_enveloped Ta Vt PKCS7_ENVELOPE Ta 0 -.It Dv NID_pkcs7_signed Ta Vt PKCS7_SIGNED Ta 1 -.It Dv NID_pkcs7_signedAndEnveloped Ta Vt PKCS7_SIGN_ENVELOPE Ta 1 -.El -.Pp -If the provided -.Fa type -is invalid, -.Fa p7 -remains unchanged and -.Fn PKCS7_set_type -fails. -.Pp -If memory allocation fails, -.Fn PKCS7_set_type -fails and -.Fa p7 -may remain in an inconsistent state. -.Pp -The function -.Fn PKCS7_set0_type_other -accepts an arbitrary NID as the -.Fa type -and also sets the -.Fa content , -neither checking it in any way nor copying it. -.Pp -For both functions, the rest of the internal state of -.Fa p7 -remains unchanged. -.Sh RETURN VALUES -The function -.Fn PKCS7_set_type -returns 1 on success or 0 on failure. -.Pp -The function -.Fn PKCS7_set0_type_other -does no error handling at all and always returns 1. -.Sh SEE ALSO -.Xr ASN1_OCTET_STRING_new 3 , -.Xr ASN1_TYPE_new 3 , -.Xr PKCS7_encrypt 3 , -.Xr PKCS7_new 3 , -.Xr PKCS7_set_content 3 , -.Xr PKCS7_sign 3 -.Sh HISTORY -The function -.Fn PKCS7_set_type -first appeared in SSLeay 0.8.1 and -.Fn PKCS7_set0_type_other -in OpenSSL 0.9.8. -Both have been available since -.Ox 2.4 . -.Sh CAVEATS -If -.Fa p7 -has already been in use before being passed to one of these functions, -it will report success even though it leaks memory. -Later on, if other functions try to use -.Fa p7 -in its former role, they are likely to misbehave. diff --git a/src/lib/libcrypto/man/PKCS7_sign.3 b/src/lib/libcrypto/man/PKCS7_sign.3 deleted file mode 100644 index 37257e60fd..0000000000 --- a/src/lib/libcrypto/man/PKCS7_sign.3 +++ /dev/null @@ -1,251 +0,0 @@ -.\" $OpenBSD: PKCS7_sign.3,v 1.13 2020/06/10 11:43:08 schwarze Exp $ -.\" full merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2002, 2003, 2006-2009, 2015 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: June 10 2020 $ -.Dt PKCS7_SIGN 3 -.Os -.Sh NAME -.Nm PKCS7_sign -.Nd create a PKCS#7 signedData structure -.Sh SYNOPSIS -.In openssl/pkcs7.h -.Ft PKCS7 * -.Fo PKCS7_sign -.Fa "X509 *signcert" -.Fa "EVP_PKEY *pkey" -.Fa "STACK_OF(X509) *certs" -.Fa "BIO *data" -.Fa "int flags" -.Fc -.Sh DESCRIPTION -.Fn PKCS7_sign -creates and returns a PKCS#7 signedData structure. -.Fa signcert -is the certificate to sign with, -.Fa pkey -is the corresponding private key. -.Fa certs -is an optional additional set of certificates to include in the PKCS#7 -structure (for example any intermediate CAs in the chain). -.Pp -The data to be signed is read from -.Vt BIO -.Fa data . -.Pp -.Fa flags -is an optional set of flags. -.Pp -Any of the following flags (OR'ed together) can be passed in the -.Fa flags -parameter. -.Pp -Many S/MIME clients expect the signed content to include valid MIME -headers. -If the -.Dv PKCS7_TEXT -flag is set, MIME headers for type -.Sy text/plain -are prepended to the data. -.Pp -If -.Dv PKCS7_NOCERTS -is set, the signer's certificate will not be included in the PKCS7 -structure, though the signer's certificate must still be supplied in the -.Fa signcert -parameter. -This can reduce the size of the signature if the signer's certificate can -be obtained by other means: for example a previously signed message. -.Pp -The data being signed is included in the -.Vt PKCS7 -structure, unless -.Dv PKCS7_DETACHED -is set, in which case it is omitted. -This is used for PKCS7 detached signatures which are used in S/MIME -plaintext signed messages for example. -.Pp -Normally the supplied content is translated into MIME canonical format -(as required by the S/MIME specifications). -If -.Dv PKCS7_BINARY -is set, no translation occurs. -This option should be used if the supplied data is in binary format; -otherwise, the translation will corrupt it. -.Pp -The signedData structure includes several PKCS#7 authenticatedAttributes -including the signing time, the PKCS#7 content type and the supported -list of ciphers in an SMIMECapabilities attribute. -If -.Dv PKCS7_NOATTR -is set, then no authenticatedAttributes will be used. -If -.Dv PKCS7_NOSMIMECAP -is set, then just the SMIMECapabilities are omitted. -.Pp -If present, the SMIMECapabilities attribute indicates support for the -following algorithms: triple DES, 128-bit RC2, 64-bit RC2, DES -and 40-bit RC2. -If any of these algorithms is disabled then it will not be included. -.Pp -If the flags -.Dv PKCS7_STREAM -is set, then the returned -.Vt PKCS7 -structure is just initialized ready to perform the signing operation. -The signing is however -.Sy not -performed and the data to be signed is not read from the -.Fa data -parameter. -Signing is deferred until after the data has been written. -In this way data can be signed in a single pass. -.Pp -If the -.Dv PKCS7_PARTIAL -flag is set, a partial -.Vt PKCS7 -structure is output to which additional signers and capabilities can be -added before finalization. -.Pp -If the flag -.Dv PKCS7_STREAM -is set, the returned -.Vt PKCS7 -structure is -.Sy not -complete and outputting its contents via a function that does not -properly finalize the -.Vt PKCS7 -structure will give unpredictable results. -.Pp -Several functions including -.Xr PKCS7_final 3 , -.Xr SMIME_write_PKCS7 3 , -.Xr PEM_write_bio_PKCS7_stream 3 , -and -.Xr i2d_PKCS7_bio_stream 3 -finalize the structure. -Alternatively finalization can be performed by obtaining the streaming -ASN.1 -.Vt BIO -directly using -.Fn BIO_new_PKCS7 . -.Pp -If a signer is specified, it will use the default digest for the -signing algorithm. -This is -.Sy SHA1 -for both RSA and DSA keys. -.Pp -In OpenSSL 1.0.0, the -.Fa certs , -.Fa signcert , -and -.Fa pkey -parameters can all be -.Dv NULL -if the -.Dv PKCS7_PARTIAL -flag is set. -One or more signers can be added using the function -.Xr PKCS7_sign_add_signer 3 -and attributes can be added using the functions described in -.Xr PKCS7_add_attribute 3 . -.Xr PKCS7_final 3 -must also be called to finalize the structure if streaming is not -enabled. -Alternative signing digests can also be specified using this method. -.Pp -In OpenSSL 1.0.0, if -.Fa signcert -and -.Fa pkey -are -.Dv NULL , -then a certificate-only PKCS#7 structure is output. -.Pp -In versions of OpenSSL before 1.0.0 the -.Fa signcert -and -.Fa pkey -parameters must -.Sy NOT -be -.Dv NULL . -.Sh RETURN VALUES -.Fn PKCS7_sign -returns either a valid -.Vt PKCS7 -structure or -.Dv NULL -if an error occurred. -The error can be obtained from -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr PKCS7_add_attribute 3 , -.Xr PKCS7_encrypt 3 , -.Xr PKCS7_final 3 , -.Xr PKCS7_get_signer_info 3 , -.Xr PKCS7_new 3 , -.Xr PKCS7_sign_add_signer 3 , -.Xr PKCS7_verify 3 -.Sh HISTORY -.Fn PKCS7_sign -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . -.Pp -The -.Dv PKCS7_PARTIAL -and -.Dv PKCS7_STREAM -flags were added in OpenSSL 1.0.0. -.Sh BUGS -Some advanced attributes such as counter signatures are not supported. diff --git a/src/lib/libcrypto/man/PKCS7_sign_add_signer.3 b/src/lib/libcrypto/man/PKCS7_sign_add_signer.3 deleted file mode 100644 index 195d6388c9..0000000000 --- a/src/lib/libcrypto/man/PKCS7_sign_add_signer.3 +++ /dev/null @@ -1,187 +0,0 @@ -.\" $OpenBSD: PKCS7_sign_add_signer.3,v 1.13 2020/06/10 11:43:08 schwarze Exp $ -.\" full merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2007, 2008, 2009, 2015 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: June 10 2020 $ -.Dt PKCS7_SIGN_ADD_SIGNER 3 -.Os -.Sh NAME -.Nm PKCS7_sign_add_signer -.Nd add a signer to a SignedData structure -.Sh SYNOPSIS -.In openssl/pkcs7.h -.Ft PKCS7_SIGNER_INFO * -.Fo PKCS7_sign_add_signer -.Fa "PKCS7 *p7" -.Fa "X509 *signcert" -.Fa "EVP_PKEY *pkey" -.Fa "const EVP_MD *md" -.Fa "int flags" -.Fc -.Sh DESCRIPTION -.Fn PKCS7_sign_add_signer -adds a signer with certificate -.Fa signcert -and private key -.Fa pkey -using message digest -.Fa md -to a -.Vt PKCS7 -signed data structure -.Fa p7 . -.Pp -The -.Vt PKCS7 -structure should be obtained from an initial call to -.Xr PKCS7_sign 3 -with the flag -.Dv PKCS7_PARTIAL -set or, in the case or re-signing, a valid -.Vt PKCS7 -signed data structure. -.Pp -If the -.Fa md -parameter is -.Dv NULL , -then the default digest for the public key algorithm will be used. -.Pp -Unless the -.Dv PKCS7_REUSE_DIGEST -flag is set, the returned -.Dv PKCS7 -structure is not complete and must be -finalized either by streaming (if applicable) or by a call to -.Xr PKCS7_final 3 . -.Pp -The main purpose of this function is to provide finer control over a -PKCS#7 signed data structure where the simpler -.Xr PKCS7_sign 3 -function defaults are not appropriate, for example if multiple -signers or non default digest algorithms are needed. -.Pp -Any of the following flags (OR'ed together) can be passed in the -.Fa flags -parameter. -.Pp -If -.Dv PKCS7_REUSE_DIGEST -is set, then an attempt is made to copy the content digest value from the -.Vt PKCS7 -structure: to add a signer to an existing structure. -An error occurs if a matching digest value cannot be found to copy. -The returned -.Vt PKCS7 -structure will be valid and finalized when this flag is set. -.Pp -If -.Dv PKCS7_PARTIAL -is set in addition to -.Dv PKCS7_REUSE_DIGEST , -then the -.Dv PKCS7_SIGNER_INO -structure will not be finalized, so additional attributes can be added. -In this case an explicit call to -.Fn PKCS7_SIGNER_INFO_sign -is needed to finalize it. -.Pp -If -.Dv PKCS7_NOCERTS -is set, the signer's certificate will not be included in the -.Vt PKCS7 -structure, though the signer's certificate must still be supplied in the -.Fa signcert -parameter. -This can reduce the size of the signature if the signers certificate can -be obtained by other means: for example a previously signed message. -.Pp -The signedData structure includes several PKCS#7 authenticatedAttributes -including the signing time, the PKCS#7 content type and the supported -list of ciphers in an SMIMECapabilities attribute. -If -.Dv PKCS7_NOATTR -is set, then no authenticatedAttributes will be used. -If -.Dv PKCS7_NOSMIMECAP -is set, then just the SMIMECapabilities are omitted. -.Pp -If present, the SMIMECapabilities attribute indicates support for the -following algorithms: triple DES, 128-bit RC2, 64-bit RC2, DES -and 40-bit RC2. -If any of these algorithms is disabled, then it will not be included. -.Pp -.Fn PKCS7_sign_add_signer -returns an internal pointer to the -.Vt PKCS7_SIGNER_INFO -structure just added, which can be used to set additional attributes -with the functions described in -.Xr PKCS7_add_attribute 3 -before it is finalized. -.Sh RETURN VALUES -.Fn PKCS7_sign_add_signer -returns an internal pointer to the -.Vt PKCS7_SIGNER_INFO -structure just added or -.Dv NULL -if an error occurs. -In some cases of failure, the reason can be determined with -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr EVP_DigestInit 3 , -.Xr PKCS7_add_attribute 3 , -.Xr PKCS7_final 3 , -.Xr PKCS7_get_signer_info 3 , -.Xr PKCS7_new 3 , -.Xr PKCS7_sign 3 -.Sh HISTORY -.Fn PKCS7_sign_add_signer -first appeared in OpenSSL 1.0.0 and has been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/PKCS7_verify.3 b/src/lib/libcrypto/man/PKCS7_verify.3 deleted file mode 100644 index d091c03dfd..0000000000 --- a/src/lib/libcrypto/man/PKCS7_verify.3 +++ /dev/null @@ -1,252 +0,0 @@ -.\" $OpenBSD: PKCS7_verify.3,v 1.11 2022/03/31 17:27:17 naddy Exp $ -.\" OpenSSL a528d4f0 Oct 27 13:40:11 2015 -0400 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2002, 2006, 2013, 2014, 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 31 2022 $ -.Dt PKCS7_VERIFY 3 -.Os -.Sh NAME -.Nm PKCS7_verify , -.Nm PKCS7_get0_signers -.Nd verify a PKCS#7 signedData structure -.Sh SYNOPSIS -.In openssl/pkcs7.h -.Ft int -.Fo PKCS7_verify -.Fa "PKCS7 *p7" -.Fa "STACK_OF(X509) *certs" -.Fa "X509_STORE *store" -.Fa "BIO *indata" -.Fa "BIO *out" -.Fa "int flags" -.Fc -.Ft STACK_OF(X509) * -.Fo PKCS7_get0_signers -.Fa "PKCS7 *p7" -.Fa "STACK_OF(X509) *certs" -.Fa "int flags" -.Fc -.Sh DESCRIPTION -.Fn PKCS7_verify -verifies a PKCS#7 signedData structure. -.Fa p7 -is the -.Vt PKCS7 -structure to verify. -.Fa certs -is a set of certificates in which to search for the signer's -certificate. -.Fa store -is a trusted certificate store (used for chain verification). -.Fa indata -is the signed data if the content is not present in -.Fa p7 , -that is if it is detached. -The content is written to -.Fa out -if it is not -.Dv NULL . -.Pp -.Fa flags -is an optional set of flags, which can be used to modify the verify -operation. -.Pp -.Fn PKCS7_get0_signers -retrieves the signer's certificates from -.Fa p7 . -The signers must be freed with -.Fn sk_X509_free . -It does -.Sy not -check their validity or whether any signatures are valid. -The -.Fa certs -and -.Fa flags -parameters have the same meanings as in -.Fn PKCS7_verify . -.Pp -Normally the verify process proceeds as follows. -.Pp -Initially some sanity checks are performed on -.Fa p7 . -The type of -.Fa p7 -must be signedData. -There must be at least one signature on the data and if the content -is detached, -.Fa indata -cannot be -.Dv NULL . -.Pp -An attempt is made to locate all the signer's certificates, first -looking in the -.Fa certs -parameter (if it is not -.Dv NULL ) -and then looking in any certificates contained in the -.Fa p7 -structure itself. -If any signer's certificates cannot be located, the operation fails. -.Pp -Each signer's certificate is chain verified using the -.Sy smimesign -purpose and the supplied trusted certificate store. -Any internal certificates in the message are used as untrusted CAs. -If any chain verify fails, an error code is returned. -.Pp -Finally, the signed content is read (and written to -.Fa out -if it is not -.Dv NULL ) -and the signature's checked. -.Pp -If all signature's verify correctly then the function is successful. -.Pp -Any of the following flags (OR'ed together) can be passed in the -.Fa flags -parameter to change the default verify behaviour. -Only the flag -.Dv PKCS7_NOINTERN -is meaningful to -.Fn PKCS7_get0_signers . -.Pp -If -.Dv PKCS7_NOINTERN -is set, the certificates in the message itself are not searched when -locating the signer's certificate. -This means that all the signer's certificates must be in the -.Fa certs -parameter. -.Pp -If the -.Dv PKCS7_TEXT -flag is set, MIME headers for type -.Sy text/plain -are deleted from the content. -If the content is not of type -.Sy text/plain , -then an error is returned. -.Pp -If -.Dv PKCS7_NOVERIFY -is set, the signer's certificates are not chain verified. -.Pp -If -.Dv PKCS7_NOCHAIN -is set, then the certificates contained in the message are not used as -untrusted CAs. -This means that the whole verify chain (apart from the signer's -certificate) must be contained in the trusted store. -.Pp -If -.Dv PKCS7_NOSIGS -is set, then the signatures on the data are not checked. -.Pp -One application of -.Dv PKCS7_NOINTERN -is to only accept messages signed by a small number of certificates. -The acceptable certificates would be passed in the -.Fa certs -parameter. -In this case, if the signer is not one of the certificates supplied in -.Fa certs , -then the verify will fail because the signer cannot be found. -.Pp -Care should be taken when modifying the default verify behaviour, for -example setting -.Dv PKCS7_NOVERIFY | PKCS7_NOSIGS -will totally disable all verification and any signed message will be -considered valid. -This combination is however useful if one merely wishes to write the -content to -.Fa out -and its validity is not considered important. -.Pp -Chain verification should arguably be performed using the signing time -rather than the current time. -However since the signing time is supplied by the signer, it cannot be -trusted without additional evidence (such as a trusted timestamp). -.Sh RETURN VALUES -.Fn PKCS7_verify -returns 1 for a successful verification and 0 or a negative value if -an error occurs. -.Pp -.Fn PKCS7_get0_signers -returns all signers or -.Dv NULL -if an error occurred. -The signers must be freed with -.Fn sk_X509_free . -.Pp -The error can be obtained from -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr PKCS7_decrypt 3 , -.Xr PKCS7_new 3 , -.Xr PKCS7_sign 3 , -.Xr X509_STORE_new 3 -.Sh HISTORY -.Fn PKCS7_verify -and -.Fn PKCS7_get0_signers -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . -.Sh BUGS -The trusted certificate store is not searched for the signer's -certificate. -This is primarily due to the inadequacies of the current -.Vt X509_STORE -functionality. -.Pp -The lack of single pass processing and the need to hold all data -in memory as mentioned in -.Xr PKCS7_sign 3 -also applies to -.Fn PKCS7_verify . diff --git a/src/lib/libcrypto/man/PKCS8_PRIV_KEY_INFO_new.3 b/src/lib/libcrypto/man/PKCS8_PRIV_KEY_INFO_new.3 deleted file mode 100644 index 822968f58d..0000000000 --- a/src/lib/libcrypto/man/PKCS8_PRIV_KEY_INFO_new.3 +++ /dev/null @@ -1,65 +0,0 @@ -.\" $OpenBSD: PKCS8_PRIV_KEY_INFO_new.3,v 1.7 2024/12/06 12:51:13 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: December 6 2024 $ -.Dt PKCS8_PRIV_KEY_INFO_NEW 3 -.Os -.Sh NAME -.Nm PKCS8_PRIV_KEY_INFO_new , -.Nm PKCS8_PRIV_KEY_INFO_free -.Nd PKCS#8 private key information -.Sh SYNOPSIS -.In openssl/x509.h -.Ft PKCS8_PRIV_KEY_INFO * -.Fn PKCS8_PRIV_KEY_INFO_new void -.Ft void -.Fn PKCS8_PRIV_KEY_INFO_free "PKCS8_PRIV_KEY_INFO *key" -.Sh DESCRIPTION -.Fn PKCS8_PRIV_KEY_INFO_new -allocates and initializes an empty -.Vt PKCS8_PRIV_KEY_INFO -object, representing an ASN.1 -.Vt PrivateKeyInfo -structure defined in RFC 5208 section 5. -It can hold a private key together with information about the -algorithm to be used with it and optional attributes. -.Pp -.Fn PKCS8_PRIV_KEY_INFO_free -frees -.Fa key . -.Sh RETURN VALUES -.Fn PKCS8_PRIV_KEY_INFO_new -returns the new -.Vt PKCS8_PRIV_KEY_INFO -object or -.Dv NULL -if an error occurs. -.Sh SEE ALSO -.Xr d2i_PKCS8_PRIV_KEY_INFO 3 , -.Xr d2i_PKCS8PrivateKey_bio 3 , -.Xr EVP_PKCS82PKEY 3 , -.Xr PEM_read_PKCS8_PRIV_KEY_INFO 3 , -.Xr PKCS12_parse 3 , -.Xr PKCS8_pkey_set0 3 , -.Xr X509_ATTRIBUTE_new 3 -.Sh STANDARDS -RFC 5208: PKCS#8: Private-Key Information Syntax Specification -.Sh HISTORY -.Fn PKCS8_PRIV_KEY_INFO_new -and -.Fn PKCS8_PRIV_KEY_INFO_free -first appeared in OpenSSL 0.9.3 and have been available since -.Ox 2.6 . diff --git a/src/lib/libcrypto/man/PKCS8_pkey_set0.3 b/src/lib/libcrypto/man/PKCS8_pkey_set0.3 deleted file mode 100644 index f3d5a294c3..0000000000 --- a/src/lib/libcrypto/man/PKCS8_pkey_set0.3 +++ /dev/null @@ -1,159 +0,0 @@ -.\" $OpenBSD: PKCS8_pkey_set0.3,v 1.3 2024/09/02 07:45:09 tb Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: September 2 2024 $ -.Dt PKCS8_PKEY_SET0 3 -.Os -.Sh NAME -.Nm PKCS8_pkey_set0 , -.Nm PKCS8_pkey_get0 , -.Nm PKCS8_pkey_add1_attr_by_NID , -.Nm PKCS8_pkey_get0_attrs -.Nd change and inspect PKCS#8 PrivateKeyInfo objects -.Sh SYNOPSIS -.In openssl/x509.h -.Ft int -.Fo PKCS8_pkey_set0 -.Fa "PKCS8_PRIV_KEY_INFO *keyinfo" -.Fa "ASN1_OBJECT *aobj" -.Fa "int version" -.Fa "int ptype" -.Fa "void *pval" -.Fa "unsigned char *data" -.Fa "int len" -.Fc -.Ft int -.Fo PKCS8_pkey_get0 -.Fa "const ASN1_OBJECT **paobj" -.Fa "const unsigned char **pdata" -.Fa "int *plen" -.Fa "const X509_ALGOR **palgor" -.Fa "const PKCS8_PRIV_KEY_INFO *keyinfo" -.Fc -.Ft int -.Fo PKCS8_pkey_add1_attr_by_NID -.Fa "PKCS8_PRIV_KEY_INFO *keyinfo" -.Fa "int nid" -.Fa "int type" -.Fa "const unsigned char *data" -.Fa "int len" -.Fc -.Ft const STACK_OF(X509_ATTRIBUTE) * -.Fo PKCS8_pkey_get0_attrs -.Fa "const PKCS8_PRIV_KEY_INFO *keyinfo" -.Fc -.Sh DESCRIPTION -.Fn PKCS8_pkey_set0 -initializes the -.Fa keyinfo -object. -The algorithm is set to -.Fa aobj -with the associated parameter type -.Fa ptype -and parameter value -.Fa pval -using -.Xr X509_ALGOR_set0 3 , -replacing any previous information about the algorithm. -Unless -.Fa data -is -.Dv NULL , -the encoded private key is set to the -.Fa len -bytes starting at -.Fa data -using -.Xr ASN1_STRING_set0 3 , -not performing any validation. -If -.Fa data -is -.Dv NULL , -the key data remains unchanged. -If the -.Fa version -argument is greater than or equal to 0, it replaces any existing version; -otherwise, the version remains unchanged. -If -.Fa keyinfo -contains any attributes, they remain unchanged. -.Pp -.Fn PKCS8_pkey_get0 -retrieves some information from the -.Fa keyinfo -object. -Internal pointers to the algorithm OID, the -.Vt AlgorithmIdentifier , -and the encoded private key are stored in -.Pf * Fa paobj , -.Pf * Fa palgor , -and -.Pf * Fa pdata , -respectively. -.Dv NULL -pointers can be passed for any of these three arguments if the respective -information is not needed. -Unless -.Fa pdata -is -.Dv NULL , -.Pf * Fa plen -is set to the number of bytes in -.Pf * Fa pdata . -.Pp -.Fn PKCS8_pkey_add1_attr_by_NID -creates a new X.501 Attribute object using -.Xr X509_ATTRIBUTE_create_by_NID 3 -and appends it to the attributes of -.Fa keyinfo . -.Sh RETURN VALUES -.Fn PKCS8_pkey_set0 -and -.Fn PKCS8_pkey_add1_attr_by_NID -return 1 for success or 0 for failure. -.Pp -.Fn PKCS8_pkey_get0 -always returns 1. -.Pp -.Fn PKCS8_pkey_get0_attrs -returns an internal pointer to the array of attributes associated with -.Fa keyinfo -or -.Dv NULL -if no attributes are set. -.Sh SEE ALSO -.Xr ASN1_STRING_set0 3 , -.Xr EVP_PKCS82PKEY 3 , -.Xr OBJ_nid2obj 3 , -.Xr PKCS8_PRIV_KEY_INFO_new 3 , -.Xr STACK_OF 3 , -.Xr X509_ALGOR_new 3 , -.Xr X509_ATTRIBUTE_create_by_NID 3 , -.Xr X509_ATTRIBUTE_new 3 -.Sh HISTORY -.Fn PKCS8_pkey_set0 -and -.Fn PKCS8_pkey_get0 -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . -.Pp -.Fn PKCS8_pkey_add1_attr_by_NID -and -.Fn PKCS8_pkey_get0_attrs -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 6.4 . diff --git a/src/lib/libcrypto/man/PKEY_USAGE_PERIOD_new.3 b/src/lib/libcrypto/man/PKEY_USAGE_PERIOD_new.3 deleted file mode 100644 index 40735c6f86..0000000000 --- a/src/lib/libcrypto/man/PKEY_USAGE_PERIOD_new.3 +++ /dev/null @@ -1,74 +0,0 @@ -.\" $OpenBSD: PKEY_USAGE_PERIOD_new.3,v 1.5 2019/06/06 01:06:59 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: June 6 2019 $ -.Dt PKEY_USAGE_PERIOD_NEW 3 -.Os -.Sh NAME -.Nm PKEY_USAGE_PERIOD_new , -.Nm PKEY_USAGE_PERIOD_free -.Nd X.509 certificate private key usage period extension -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft PKEY_USAGE_PERIOD * -.Fn PKEY_USAGE_PERIOD_new void -.Ft void -.Fn PKEY_USAGE_PERIOD_free "PKEY_USAGE_PERIOD *period" -.Sh DESCRIPTION -.Fn PKEY_USAGE_PERIOD_new -allocates and initializes an empty -.Vt PKEY_USAGE_PERIOD -object, representing an ASN.1 -.Vt PrivateKeyUsagePeriod -structure defined in RFC 3280 section 4.2.1.4. -It could be used in -.Vt X509 -certificates to specify a validity period for the private key -that differed from the validity period of the certificate. -.Pp -.Fn PKEY_USAGE_PERIOD_free -frees -.Fa period . -.Sh RETURN VALUES -.Fn PKEY_USAGE_PERIOD_new -returns the new -.Vt PKEY_USAGE_PERIOD -object or -.Dv NULL -if an error occurs. -.Sh SEE ALSO -.Xr d2i_PKEY_USAGE_PERIOD 3 , -.Xr EXTENDED_KEY_USAGE_new 3 , -.Xr X509_CINF_new 3 , -.Xr X509_EXTENSION_new 3 , -.Xr X509_new 3 -.Sh STANDARDS -RFC 3280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile, -section 4.2.1.4: Private Key Usage Period -.Pp -RFC 3280 was obsoleted by RFC 5280, which says: "Section 4.2.1.4 -in RFC 3280, which specified the -.Vt PrivateKeyUsagePeriod -certificate extension but deprecated its use, was removed. -Use of this ISO standard extension is neither deprecated -nor recommended for use in the Internet PKI." -.Sh HISTORY -.Fn PKEY_USAGE_PERIOD_new -and -.Fn PKEY_USAGE_PERIOD_free -first appeared in OpenSSL 0.9.2b and have been available since -.Ox 2.6 . diff --git a/src/lib/libcrypto/man/POLICYINFO_new.3 b/src/lib/libcrypto/man/POLICYINFO_new.3 deleted file mode 100644 index 52c004414e..0000000000 --- a/src/lib/libcrypto/man/POLICYINFO_new.3 +++ /dev/null @@ -1,218 +0,0 @@ -.\" $OpenBSD: POLICYINFO_new.3,v 1.11 2023/05/14 08:03:57 tb Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: May 14 2023 $ -.Dt POLICYINFO_NEW 3 -.Os -.Sh NAME -.Nm POLICYINFO_new , -.Nm POLICYINFO_free , -.Nm CERTIFICATEPOLICIES_new , -.Nm CERTIFICATEPOLICIES_free , -.Nm POLICYQUALINFO_new , -.Nm POLICYQUALINFO_free , -.Nm USERNOTICE_new , -.Nm USERNOTICE_free , -.Nm NOTICEREF_new , -.Nm NOTICEREF_free , -.Nm POLICY_MAPPING_new , -.Nm POLICY_MAPPING_free , -.Nm POLICY_CONSTRAINTS_new , -.Nm POLICY_CONSTRAINTS_free -.Nd X.509 certificate policies -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft POLICYINFO * -.Fn POLICYINFO_new void -.Ft void -.Fn POLICYINFO_free "POLICYINFO *pi" -.Ft CERTIFICATEPOLICIES * -.Fn CERTIFICATEPOLICIES_new void -.Ft void -.Fn CERTIFICATEPOLICIES_free "CERTIFICATEPOLICIES *pis" -.Ft POLICYQUALINFO * -.Fn POLICYQUALINFO_new void -.Ft void -.Fn POLICYQUALINFO_free "POLICYQUALINFO *pqi" -.Ft USERNOTICE * -.Fn USERNOTICE_new void -.Ft void -.Fn USERNOTICE_free "USERNOTICE *usernotice" -.Ft NOTICEREF * -.Fn NOTICEREF_new void -.Ft void -.Fn NOTICEREF_free "NOTICEREF *noticeref" -.Ft POLICY_MAPPING * -.Fn POLICY_MAPPING_new void -.Ft void -.Fn POLICY_MAPPING_free "POLICY_MAPPING *pm" -.Ft POLICY_CONSTRAINTS * -.Fn POLICY_CONSTRAINTS_new void -.Ft void -.Fn POLICY_CONSTRAINTS_free "POLICY_CONSTRAINTS *pc" -.Sh DESCRIPTION -X.509 CA and end entity certificates can optionally indicate -restrictions on their intended use. -.Pp -.Fn POLICYINFO_new -allocates and initializes an empty -.Vt POLICYINFO -object, representing an ASN.1 -.Vt PolicyInformation -structure defined in RFC 5280 section 4.2.1.4. -It can hold a policy identifier and optional advisory qualifiers. -.Fn POLICYINFO_free -frees -.Fa pi . -.Pp -.Fn CERTIFICATEPOLICIES_new -allocates and initializes an empty -.Vt CERTIFICATEPOLICIES -object, which is a -.Vt STACK_OF(POLICYINFO) -and represents an ASN.1 -.Vt CertificatePolicies -structure defined in RFC 5280 section 4.2.1.4. -It can be used by -.Vt X509 -objects, both by CA certificates and end entity certificates. -.Fn CERTIFICATEPOLICIES_free -frees -.Fa pis . -.Pp -.Fn POLICYQUALINFO_new -allocates and initializes an empty -.Vt POLICYQUALINFO -object, representing an ASN.1 -.Vt PolicyQualifierInfo -structure defined in RFC 5280 section 4.2.1.4. -It can be used in -.Vt POLICYINFO -and it can hold either a uniform resource identifier of a certification -practice statement published by the CA, or a pointer to a -.Vt USERNOTICE -object, or arbitrary other information. -.Fn POLICYQUALINFO_free -frees -.Fa pqi . -.Pp -.Fn USERNOTICE_new -allocates and initializes an empty -.Vt USERNOTICE -object, representing an ASN.1 -.Vt UserNotice -structure defined in RFC 5280 section 4.2.1.4. -It can be used in -.Vt POLICYQUALINFO -and it can hold either an -.Vt ASN1_STRING -intended for display to the user or a pointer to a -.Vt NOTICEREF -object. -.Fn NOTICEREF_free -frees -.Fa usernotice . -.Pp -.Fn NOTICEREF_new -allocates and initializes an empty -.Vt NOTICEREF -object, representing an ASN.1 -.Vt NoticeReference -structure defined in RFC 5280 section 4.2.1.4. -It can be used in -.Vt USERNOTICE -and can hold an organization name and a stack of notice numbers. -.Fn NOTICEREF_free -frees -.Fa noticeref . -.Pp -.Fn POLICY_MAPPING_new -allocates and initializes an empty -.Vt POLICY_MAPPING -object, representing an ASN.1 -.Vt PolicyMappings -structure defined in RFC 5280 section 4.2.1.5. -It can be used in -.Vt X509 -CA certificates and can hold a list of pairs of policy identifiers, -declaring one of the policies in each pair as equivalent to the -other. -.Fn POLICY_MAPPING_free -frees -.Fa pm . -.Pp -.Fn POLICY_CONSTRAINTS_new -allocates and initializes an empty -.Vt POLICY_CONSTRAINTS -object, representing an ASN.1 -.Vt PolicyConstraints -structure defined in RFC 5280 section 4.2.1.11. -It can be used in -.Vt X509 -CA certificates to restrict policy mapping and/or to require explicit -certificate policies in subsequent intermediate certificates in the -certification path. -.Fn POLICY_CONSTRAINTS_free -frees -.Fa pc . -.Sh RETURN VALUES -The constructor functions return a new object of the respective -type or -.Dv NULL -if an error occurs. -.Sh SEE ALSO -.Xr BASIC_CONSTRAINTS_new 3 , -.Xr d2i_POLICYINFO 3 , -.Xr NAME_CONSTRAINTS_new 3 , -.Xr X509_EXTENSION_new 3 , -.Xr X509_get_extension_flags 3 , -.Xr X509_new 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile: -.Bl -dash -compact -.It -section 4.2.1.4: Certificate Policies -.It -section 4.2.1.5: Policy Mappings -.It -section 4.2.1.11: Policy Constraints -.El -.Sh HISTORY -.Fn POLICYINFO_new , -.Fn POLICYINFO_free , -.Fn CERTIFICATEPOLICIES_new , -.Fn CERTIFICATEPOLICIES_free , -.Fn POLICYQUALINFO_new , -.Fn POLICYQUALINFO_free , -.Fn USERNOTICE_new , -.Fn USERNOTICE_free , -.Fn NOTICEREF_new , -and -.Fn NOTICEREF_free -first appeared in OpenSSL 0.9.3 and have been available since -.Ox 2.6 . -.Pp -.Fn POLICY_MAPPING_new , -.Fn POLICY_MAPPING_free , -.Fn POLICY_CONSTRAINTS_new , -and -.Fn POLICY_CONSTRAINTS_free -first appeared in OpenSSL 0.9.8 and have been available since -.Ox 4.5 . -.Sh BUGS -This is a lot of nested data structures, but most of them are -designed to have almost no effect. diff --git a/src/lib/libcrypto/man/RAND_add.3 b/src/lib/libcrypto/man/RAND_add.3 deleted file mode 100644 index 5404f696a3..0000000000 --- a/src/lib/libcrypto/man/RAND_add.3 +++ /dev/null @@ -1,73 +0,0 @@ -.\" $OpenBSD: RAND_add.3,v 1.10 2018/03/27 17:35:50 schwarze Exp $ -.\" content checked up to: OpenSSL c16de9d8 Aug 31 23:16:22 2017 +0200 -.\" -.\" Copyright (c) 2014 Miod Vallat -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 27 2018 $ -.Dt RAND_ADD 3 -.Os -.Sh NAME -.Nm RAND_add , -.Nm RAND_cleanup , -.Nm RAND_poll , -.Nm RAND_seed , -.Nm RAND_status -.Nd manipulate the PRNG state -.Sh SYNOPSIS -.In openssl/rand.h -.Ft void -.Fo RAND_add -.Fa "const void *buf" -.Fa "int num" -.Fa "double entropy" -.Fc -.Ft void -.Fn RAND_cleanup void -.Ft int -.Fn RAND_poll void -.Ft void -.Fo RAND_seed -.Fa "const void *buf" -.Fa "int num" -.Fc -.Ft int -.Fn RAND_status void -.Sh DESCRIPTION -These functions used to allow for the state of the random number -generator to be controlled by external sources. -.Pp -They are kept for ABI compatibility but are no longer functional, and -should not be used in new programs. -.Sh RETURN VALUES -.Fn RAND_poll -and -.Fn RAND_status -always return 1. -.Sh HISTORY -.Fn RAND_cleanup -and -.Fn RAND_seed -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . -.Pp -.Fn RAND_add -and -.Fn RAND_status -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . -.Pp -.Fn RAND_poll -first appeared in OpenSSL 0.9.6 and has been available since -.Ox 2.9 . diff --git a/src/lib/libcrypto/man/RAND_bytes.3 b/src/lib/libcrypto/man/RAND_bytes.3 deleted file mode 100644 index 19427a82df..0000000000 --- a/src/lib/libcrypto/man/RAND_bytes.3 +++ /dev/null @@ -1,108 +0,0 @@ -.\" $OpenBSD: RAND_bytes.3,v 1.6 2018/03/27 17:35:50 schwarze Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 27 2018 $ -.Dt RAND_BYTES 3 -.Os -.Sh NAME -.Nm RAND_bytes , -.Nm RAND_pseudo_bytes -.Nd generate random data -.Sh SYNOPSIS -.In openssl/rand.h -.Ft int -.Fo RAND_bytes -.Fa "unsigned char *buf" -.Fa "int num" -.Fc -.Ft int -.Fo RAND_pseudo_bytes -.Fa "unsigned char *buf" -.Fa "int num" -.Fc -.Sh DESCRIPTION -These functions are deprecated and only retained for compatibility -with legacy application programs. -Use -.Xr arc4random_buf 3 -instead. -.Pp -.Fn RAND_bytes -puts -.Fa num -cryptographically strong pseudo-random bytes into -.Fa buf . -.Pp -.Fn RAND_pseudo_bytes -puts -.Fa num -pseudo-random bytes into -.Fa buf . -Pseudo-random byte sequences generated by -.Fn RAND_pseudo_bytes -will be unique if they are of sufficient length, but are not necessarily -unpredictable. -They can be used for non-cryptographic purposes and for certain purposes -in cryptographic protocols, but usually not for key generation etc. -.Sh RETURN VALUES -.Fn RAND_bytes -returns 1. -.Fn RAND_pseudo_bytes -returns 1. -.Sh HISTORY -.Fn RAND_bytes -first appeared in SSLeay 0.5.1 and has been available since -.Ox 2.4 . -It has a return value since OpenSSL 0.9.5 and -.Ox 2.7 . -.Pp -.Fn RAND_pseudo_bytes -first appeared in OpenSSL 0.9.5 and has been available since -.Ox 2.7 . diff --git a/src/lib/libcrypto/man/RAND_load_file.3 b/src/lib/libcrypto/man/RAND_load_file.3 deleted file mode 100644 index 9227e2721b..0000000000 --- a/src/lib/libcrypto/man/RAND_load_file.3 +++ /dev/null @@ -1,119 +0,0 @@ -.\" $OpenBSD: RAND_load_file.3,v 1.6 2018/03/27 17:35:50 schwarze Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000, 2001 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 27 2018 $ -.Dt RAND_LOAD_FILE 3 -.Os -.Sh NAME -.Nm RAND_file_name , -.Nm RAND_load_file , -.Nm RAND_write_file -.Nd PRNG seed file -.Sh SYNOPSIS -.In openssl/rand.h -.Ft const char * -.Fo RAND_file_name -.Fa "char *buf" -.Fa "size_t num" -.Fc -.Ft int -.Fo RAND_load_file -.Fa "const char *filename" -.Fa "long max_bytes" -.Fc -.Ft int -.Fo RAND_write_file -.Fa "const char *filename" -.Fc -.Sh DESCRIPTION -.Fn RAND_file_name -returns a default path for the random seed file. -.Fa buf -points to a buffer of size -.Fa num -in which to store the filename. -If -.Fa num -is too small for the path name, an error occurs. -.Pp -.Fn RAND_load_file -used to allow for the state of the random number generator to be -controlled by external sources. -It is kept for ABI compatibility but is no longer functional, and should -not be used in new programs. -.Pp -.Fn RAND_write_file -writes a number of random bytes (currently 1024) to file -.Fa filename . -.Sh RETURN VALUES -.Fn RAND_load_file -returns -.Fa max_bytes , -or a bogus positive value if -.Fa max_bytes -is -1. -.Pp -.Fn RAND_write_file -returns the number of bytes written, or a number less than or equal -to 1 if an error occurs. -.Pp -.Fn RAND_file_name -returns a pointer to -.Fa buf -on success or -.Dv NULL -on error. -.Sh HISTORY -.Fn RAND_load_file , -.Fn RAND_write_file , -and -.Fn RAND_file_name -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/RAND_set_rand_method.3 b/src/lib/libcrypto/man/RAND_set_rand_method.3 deleted file mode 100644 index d94d794daf..0000000000 --- a/src/lib/libcrypto/man/RAND_set_rand_method.3 +++ /dev/null @@ -1,55 +0,0 @@ -.\" $OpenBSD: RAND_set_rand_method.3,v 1.4 2018/03/21 09:03:49 schwarze Exp $ -.\" -.\" Copyright (c) 2014 Miod Vallat -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 21 2018 $ -.Dt RAND_SET_RAND_METHOD 3 -.Os -.Sh NAME -.Nm RAND_set_rand_method , -.Nm RAND_get_rand_method , -.Nm RAND_SSLeay -.Nd select RAND method -.Sh SYNOPSIS -.In openssl/rand.h -.Ft int -.Fo RAND_set_rand_method -.Fa "const RAND_METHOD *meth" -.Fc -.Ft const RAND_METHOD * -.Fn RAND_get_rand_method void -.Ft RAND_METHOD * -.Fn RAND_SSLeay void -.Sh DESCRIPTION -These functions used to allow for the random number generator functions -to be replaced by arbitrary code. -.Pp -They are kept for ABI compatibility but are no longer functional, and -should not be used in new programs. -.Sh RETURN VALUES -.Fn RAND_set_rand_method -always returns 1. -.Fn RAND_get_rand_method -and -.Fn RAND_SSLeay -always return -.Dv NULL . -.Sh HISTORY -.Fn RAND_set_rand_method , -.Fn RAND_get_rand_method , -and -.Fn RAND_SSLeay -first appeared in SSLeay 0.9.1 and have been available since -.Ox 2.6 . diff --git a/src/lib/libcrypto/man/RC2_encrypt.3 b/src/lib/libcrypto/man/RC2_encrypt.3 deleted file mode 100644 index a90e0f574b..0000000000 --- a/src/lib/libcrypto/man/RC2_encrypt.3 +++ /dev/null @@ -1,195 +0,0 @@ -.\" $OpenBSD: RC2_encrypt.3,v 1.2 2024/12/18 04:15:48 jsg Exp $ -.\" -.\" Copyright (c) 2024 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: December 18 2024 $ -.Dt RC2_ENCRYPT 3 -.Os -.Sh NAME -.Nm RC2_set_key , -.Nm RC2_encrypt , -.Nm RC2_decrypt , -.Nm RC2_cbc_encrypt , -.Nm RC2_ecb_encrypt , -.Nm RC2_cfb64_encrypt , -.Nm RC2_ofb64_encrypt -.Nd low-level functions for Rivest Cipher 2 -.Sh SYNOPSIS -.In openssl/rc2.h -.Ft void -.Fo RC2_set_key -.Fa "RC2_KEY *expanded_key" -.Fa "int len" -.Fa "const unsigned char *user_key" -.Fa "int effective_bits" -.Fc -.Ft void -.Fo RC2_encrypt -.Fa "unsigned long *data" -.Fa "RC2_KEY *expanded_key" -.Fc -.Ft void -.Fo RC2_decrypt -.Fa "unsigned long *data" -.Fa "RC2_KEY *expanded_key" -.Fc -.Ft void -.Fo RC2_cbc_encrypt -.Fa "const unsigned char *in" -.Fa "unsigned char *out" -.Fa "long length" -.Fa "RC2_KEY *expanded_key" -.Fa "unsigned char *iv" -.Fa "int encrypt" -.Fc -.Ft void -.Fo RC2_ecb_encrypt -.Fa "const unsigned char *in" -.Fa "unsigned char *out" -.Fa "RC2_KEY *expanded_key" -.Fa "int encrypt" -.Fc -.Ft void -.Fo RC2_cfb64_encrypt -.Fa "const unsigned char *in" -.Fa "unsigned char *out" -.Fa "long length" -.Fa "RC2_KEY *expanded_key" -.Fa "unsigned char *iv" -.Fa "int *num" -.Fa "int encrypt" -.Fc -.Ft void -.Fo RC2_ofb64_encrypt -.Fa "const unsigned char *in" -.Fa "unsigned char *out" -.Fa "long length" -.Fa "RC2_KEY *expanded_key" -.Fa "unsigned char *iv" -.Fa "int *num" -.Fc -.Sh DESCRIPTION -RC2 is a block cipher operating on blocks of -.Dv RC2_BLOCK No = 8 -bytes, equivalent to 64 bits, using a variable key length -with an additional parameter called -.Dq effective key bits -or -.Dq effective key length . -The maximum effective key length is 1024 bits. -.Pp -If using RC2 cannot be avoided, it is recommended that application -programs use the -.Xr EVP_rc2_cbc 3 -family of functions instead of the functions documented in the present -manual page, to ease later migration to less outdated encryption algorithms. -.Pp -.Fn RC2_set_key -expands the first -.Fa len -bytes of -.Fa user_key -into the -.Vt RC2_KEY -structure -.Pf * Fa expanded_key . -The storage for the expanded key has to be provided by the calling code. -If the -.Fa len -argument exceeds 128, only the first 128 bytes are used. -.Pp -Optionally, if the -.Fa effective_bits -argument is positive and less than 1024, the effective key length of -.Pf * Fa expanded_key -is reduced to -.Fa effective_bits . -Reducing the effective key length is not cryptographically useful. -This option was originally designed to conform to US export regulations -valid at the time, which were designed to allow the US government -to spy on foreign encrypted communications. -Unless interoperability requires otherwise, setting -.Fa effective_bits -to 1024 is recommended. -.Pp -.Fn RC2_encrypt -and -.Fn RC2_decrypt -interpret -.Fa data -as an array of two 32 bit integers and encrypt or decrypt -that single block in place, respectively, using the -.Fa expanded_key . -.Pp -The remaining functions encode or decode -.Fa length -bytes starting at -.Fa in -to -.Fa length -bytes starting at -.Fa out -in various modes of operation using the -.Fa expanded_key . -Both arrays need to be long enough to hold -.Fa length -bytes rounded up to the next multiple of 8. -The -.Fa iv -argument points to an array of 8 bytes used as the initialization vector. -If the -.Fa encrypt -argument is -.Dv RC2_ENCRYPT -or another non-zero value, encryption is performed; -if it is -.Dv RC2_DECRYPT No = 0 , -decryption is performed. -.Pp -.Fn RC2_cbc_encrypt -operates in cipher block chaining mode. -.Pp -.Fn RC2_ecb_encrypt -encodes or decodes eight bytes at -.Fa in -to -eight bytes at -.Fa out -in electronic codebook mode. -.Pp -.Fn RC2_cfb64_encrypt -and -.Fn RC2_ofb64_encrypt -operate in cipher feedback mode and output feedback mode, respectively, -with 64 bit blocks. -The number of bytes used from the last 8 byte block is kept track of in -.Pf * Fa num . -.Sh SEE ALSO -.Xr crypto 3 , -.Xr EVP_EncryptInit 3 , -.Xr EVP_rc2_cbc 3 -.Sh HISTORY -.Fn RC2_set_key , -.Fn RC2_encrypt , -.Fn RC2_cbc_encrypt , -.Fn RC2_ecb_encrypt , -.Fn RC2_cfb64_encrypt , -and -.Fn RC2_ofb64_encrypt -first appeared in SSLeay 0.5.2. -.Fn RC2_decrypt -first appeared in SSLeay 0.9.0. -All these functions have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/RC4.3 b/src/lib/libcrypto/man/RC4.3 deleted file mode 100644 index 8b20a434b7..0000000000 --- a/src/lib/libcrypto/man/RC4.3 +++ /dev/null @@ -1,126 +0,0 @@ -.\" $OpenBSD: RC4.3,v 1.8 2020/03/29 17:05:02 schwarze Exp $ -.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 29 2020 $ -.Dt RC4 3 -.Os -.Sh NAME -.Nm RC4_set_key , -.Nm RC4 -.Nd RC4 encryption -.Sh SYNOPSIS -.In openssl/rc4.h -.Ft void -.Fo RC4_set_key -.Fa "RC4_KEY *key" -.Fa "int len" -.Fa "const unsigned char *data" -.Fc -.Ft void -.Fo RC4 -.Fa "RC4_KEY *key" -.Fa "unsigned long len" -.Fa "const unsigned char *indata" -.Fa "unsigned char *outdata" -.Fc -.Sh DESCRIPTION -This library implements the alleged RC4 cipher, which is described for -example in -.Qq Applied Cryptography . -It is believed to be compatible with RC4[TM], a proprietary cipher of -RSA Security Inc. -.Pp -RC4 is a stream cipher with variable key length. -Typically, 128-bit (16-byte) keys are used for strong encryption, but -shorter insecure key sizes have been widely used due to export -restrictions. -.Pp -RC4 consists of a key setup phase and the actual encryption or -decryption phase. -.Pp -.Fn RC4_set_key -sets up the -.Vt RC4_KEY -.Fa key -using the -.Fa len -bytes long key at -.Fa data . -.Pp -.Fn RC4 -encrypts or decrypts the -.Fa len -bytes of data at -.Fa indata -using -.Fa key -and places the result at -.Fa outdata . -Repeated -.Fn RC4 -calls with the same -.Fa key -yield a continuous key stream. -.Pp -Since RC4 is a stream cipher (the input is XOR'ed with a pseudo-random -key stream to produce the output), decryption uses the same function -calls as encryption. -.Sh SEE ALSO -.Xr blowfish 3 , -.Xr EVP_EncryptInit 3 , -.Xr EVP_rc4 3 -.Sh HISTORY -.Fn RC4_set_key -and -.Fn RC4 -appeared in SSLeay 0.4 or earlier and have been available since -.Ox 2.4 . -.Sh BUGS -This cipher is broken and should no longer be used. diff --git a/src/lib/libcrypto/man/RIPEMD160.3 b/src/lib/libcrypto/man/RIPEMD160.3 deleted file mode 100644 index 43c6694036..0000000000 --- a/src/lib/libcrypto/man/RIPEMD160.3 +++ /dev/null @@ -1,154 +0,0 @@ -.\" $OpenBSD: RIPEMD160.3,v 1.8 2024/05/26 09:54:16 tb Exp $ -.\" full merge up to: OpenSSL 72a7a702 Feb 26 14:05:09 2019 +0000 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000, 2006, 2014 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: May 26 2024 $ -.Dt RIPEMD160 3 -.Os -.Sh NAME -.Nm RIPEMD160 , -.Nm RIPEMD160_Init , -.Nm RIPEMD160_Update , -.Nm RIPEMD160_Final -.Nd RIPEMD-160 hash function -.Sh SYNOPSIS -.In openssl/ripemd.h -.Ft unsigned char * -.Fo RIPEMD160 -.Fa "const unsigned char *d" -.Fa "unsigned long n" -.Fa "unsigned char *md" -.Fc -.Ft int -.Fo RIPEMD160_Init -.Fa "RIPEMD160_CTX *c" -.Fc -.Ft int -.Fo RIPEMD160_Update -.Fa "RIPEMD160_CTX *c" -.Fa "const void *data" -.Fa "unsigned long len" -.Fc -.Ft int -.Fo RIPEMD160_Final -.Fa "unsigned char *md" -.Fa "RIPEMD160_CTX *c" -.Fc -.Sh DESCRIPTION -RIPEMD-160 is a cryptographic hash function with a 160-bit output. -.Pp -.Fn RIPEMD160 -computes the RIPEMD-160 message digest of the -.Fa n -bytes at -.Fa d -and places it in -.Fa md , -which must have space for -.Dv RIPEMD160_DIGEST_LENGTH -== 20 bytes of output. -.Pp -The following functions may be used if the message is not completely -stored in memory: -.Pp -.Fn RIPEMD160_Init -initializes a -.Vt RIPEMD160_CTX -structure. -.Pp -.Fn RIPEMD160_Update -can be called repeatedly with chunks of the message to be hashed -.Pq Fa len No bytes at Fa data . -.Pp -.Fn RIPEMD160_Final -places the message digest in -.Fa md , -which must have space for -.Dv RIPEMD160_DIGEST_LENGTH -== 20 bytes of output, -and erases the -.Vt RIPEMD160_CTX . -.Pp -Applications should use the higher level functions -.Xr EVP_DigestInit 3 -etc. instead of calling the hash functions directly. -.Sh RETURN VALUES -.Fn RIPEMD160 -returns a pointer to the hash value. -.Pp -.Fn RIPEMD160_Init , -.Fn RIPEMD160_Update , -and -.Fn RIPEMD160_Final -return 1 for success or 0 otherwise. -.Sh SEE ALSO -.Xr EVP_DigestInit 3 , -.Xr HMAC 3 -.Sh STANDARDS -.Bd -unfilled -ISO/IEC 10118-3:2004/Cor 1:2011 -Hash-functions \(em Part 3: Dedicated hash-functions -Clause 7: RIPEMD-160 -.Ed -.Sh HISTORY -.Fn RIPEMD160 , -.Fn RIPEMD160_Init , -.Fn RIPEMD160_Update , -and -.Fn RIPEMD160_Final -first appeared in SSLeay 0.9.0 and have been available since -.Ox 2.4 . -.Sh CAVEATS -Other implementations allow -.Fa md -in -.Fn RIPEMD160 -to be -.Dv NULL -and return a static array, which is not thread safe. diff --git a/src/lib/libcrypto/man/RSA_PSS_PARAMS_new.3 b/src/lib/libcrypto/man/RSA_PSS_PARAMS_new.3 deleted file mode 100644 index f69f33dbe5..0000000000 --- a/src/lib/libcrypto/man/RSA_PSS_PARAMS_new.3 +++ /dev/null @@ -1,60 +0,0 @@ -.\" $OpenBSD: RSA_PSS_PARAMS_new.3,v 1.4 2019/06/06 01:06:59 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: June 6 2019 $ -.Dt RSA_PSS_PARAMS_NEW 3 -.Os -.Sh NAME -.Nm RSA_PSS_PARAMS_new , -.Nm RSA_PSS_PARAMS_free -.Nd probabilistic signature scheme with RSA hashing -.Sh SYNOPSIS -.In openssl/rsa.h -.Ft RSA_PSS_PARAMS * -.Fn RSA_PSS_PARAMS_new void -.Ft void -.Fn RSA_PSS_PARAMS_free "RSA_PSS_PARAMS *params" -.Sh DESCRIPTION -.Fn RSA_PSS_PARAMS_new -allocates and initializes an empty -.Vt RSA_PSS_PARAMS -object, representing an ASN.1 -.Vt RSASSA-PSS-params -structure defined in RFC 8017 appendix A.2.3. -It references the hash function and the mask generation function -and stores the length of the salt and the trailer field number. -.Fn RSA_PSS_PARAMS_free -frees -.Fa params . -.Sh RETURN VALUES -.Fn RSA_PSS_PARAMS_new -returns the new -.Vt RSA_PSS_PARAMS -object or -.Dv NULL -if an error occurs. -.Sh SEE ALSO -.Xr RSA_new 3 , -.Xr RSA_padding_add_PKCS1_type_1 3 , -.Xr X509_sign 3 -.Sh STANDARDS -RFC 8017: PKCS#1: RSA Cryptography Specifications Version 2.2 -.Sh HISTORY -.Fn RSA_PSS_PARAMS_new -and -.Fn RSA_PSS_PARAMS_free -first appeared in OpenSSL 1.0.1 and have been available since -.Ox 5.3 . diff --git a/src/lib/libcrypto/man/RSA_blinding_on.3 b/src/lib/libcrypto/man/RSA_blinding_on.3 deleted file mode 100644 index bd2a301377..0000000000 --- a/src/lib/libcrypto/man/RSA_blinding_on.3 +++ /dev/null @@ -1,97 +0,0 @@ -.\" $OpenBSD: RSA_blinding_on.3,v 1.7 2023/07/26 20:08:59 tb Exp $ -.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 26 2023 $ -.Dt RSA_BLINDING_ON 3 -.Os -.Sh NAME -.Nm RSA_blinding_on , -.Nm RSA_blinding_off -.Nd protect the RSA operation from timing attacks -.Sh SYNOPSIS -.In openssl/rsa.h -.Ft int -.Fo RSA_blinding_on -.Fa "RSA *rsa" -.Fa "BN_CTX *ctx" -.Fc -.Ft void -.Fo RSA_blinding_off -.Fa "RSA *rsa" -.Fc -.Sh DESCRIPTION -RSA is vulnerable to timing attacks. -In a setup where attackers can measure the time of RSA decryption or -signature operations, blinding must be used to protect the RSA operation -from that attack. -.Pp -.Fn RSA_blinding_on -turns blinding on for key -.Fa rsa -and generates a random blinding factor. -.Fa ctx -is -.Dv NULL -or a pre-allocated and initialized -.Vt BN_CTX . -.Pp -.Fn RSA_blinding_off -turns blinding off and frees the memory used for the blinding factor. -.Sh RETURN VALUES -.Fn RSA_blinding_on -returns 1 on success, and 0 if an error occurred. -.Sh SEE ALSO -.Xr RSA_new 3 -.Sh HISTORY -.Fn RSA_blinding_on -and -.Fn RSA_blinding_off -first appeared in SSLeay 0.9.0 and have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/RSA_check_key.3 b/src/lib/libcrypto/man/RSA_check_key.3 deleted file mode 100644 index 36b613b3a5..0000000000 --- a/src/lib/libcrypto/man/RSA_check_key.3 +++ /dev/null @@ -1,130 +0,0 @@ -.\" $OpenBSD: RSA_check_key.3,v 1.10 2023/11/19 21:06:15 tb Exp $ -.\" OpenSSL 6859cf74 Sep 25 13:33:28 2002 +0000 -.\" -.\" This file was written by Ulf Moeller and -.\" Geoff Thorpe . -.\" Copyright (c) 2000, 2002 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 19 2023 $ -.Dt RSA_CHECK_KEY 3 -.Os -.Sh NAME -.Nm RSA_check_key -.Nd validate private RSA keys -.Sh SYNOPSIS -.In openssl/rsa.h -.Ft int -.Fo RSA_check_key -.Fa "RSA *rsa" -.Fc -.Sh DESCRIPTION -This function validates RSA keys. -It checks that -.Fa rsa->p -and -.Fa rsa->q -are in fact prime, and that -.Fa rsa->n -satisfies n = p*q. -.Pp -It also checks that -.Fa rsa->d -and -.Fa rsa->e -satisfy d*e = 1 mod ((p-1)*(q-1)), -and that -.Fa rsa->dmp1 , -.Fa rsa->dmq1 , -and -.Fa resa->iqmp -are set correctly or are -.Dv NULL . -.Pp -This function does not work on RSA public keys that have only the -modulus and public exponent elements populated. -It performs integrity checks on all the RSA key material, so the -.Vt RSA -key structure must contain all the private key data too. -Therefore, it cannot be used with any arbitrary -.Vt RSA -key object, even if it is otherwise fit for regular RSA operation. -.Sh RETURN VALUES -.Fn RSA_check_key -returns 1 if -.Fa rsa -is a valid RSA key, and 0 otherwise. --1 is returned if an error occurs while checking the key. -.Pp -If the key is invalid or an error occurred, the reason code can be -obtained using -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr BN_is_prime_ex 3 , -.Xr RSA_get0_key 3 , -.Xr RSA_new 3 -.Sh HISTORY -.Fn RSA_check_key -first appeared in OpenSSL 0.9.4 and has been available since -.Ox 2.6 . -.Sh BUGS -A method of verifying the RSA key using opaque RSA API functions might -need to be considered. -Right now -.Fn RSA_check_key -simply uses the -.Vt RSA -structure elements directly, bypassing the -.Vt RSA_METHOD -table altogether (and completely violating encapsulation and -object-orientation in the process). -The best fix will probably be to introduce a -.Fn check_key -handler -to the -.Vt RSA_METHOD -function table so that alternative implementations can also provide -their own verifiers. diff --git a/src/lib/libcrypto/man/RSA_generate_key.3 b/src/lib/libcrypto/man/RSA_generate_key.3 deleted file mode 100644 index 83703b1eaa..0000000000 --- a/src/lib/libcrypto/man/RSA_generate_key.3 +++ /dev/null @@ -1,164 +0,0 @@ -.\" $OpenBSD: RSA_generate_key.3,v 1.13 2019/06/10 14:58:48 schwarze Exp $ -.\" OpenSSL RSA_generate_key.pod bb6c5e7f Feb 5 10:29:22 2017 -0500 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000, 2002, 2013 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: June 10 2019 $ -.Dt RSA_GENERATE_KEY 3 -.Os -.Sh NAME -.Nm RSA_generate_key_ex , -.Nm RSA_generate_key -.Nd generate RSA key pair -.Sh SYNOPSIS -.In openssl/rsa.h -.Ft int -.Fo RSA_generate_key_ex -.Fa "RSA *rsa" -.Fa "int bits" -.Fa "BIGNUM *e" -.Fa "BN_GENCB *cb" -.Fc -.Pp -Deprecated: -.Pp -.Ft RSA * -.Fo RSA_generate_key -.Fa "int num" -.Fa "unsigned long e" -.Fa "void (*callback)(int, int, void *)" -.Fa "void *cb_arg" -.Fc -.Sh DESCRIPTION -.Fn RSA_generate_key_ex -generates a key pair and stores it in -.Fa rsa . -.Pp -The modulus size will be of length -.Fa bits , -and the public exponent will be -.Fa e . -Key sizes with -.Fa num -< 1024 should be considered insecure. -The exponent is an odd number, typically 3, 17 or 65537. -.Pp -A callback function may be used to provide feedback about the progress -of the key generation. -If -.Fa cb -is not -.Dv NULL , -it will be called as follows using the -.Xr BN_GENCB_call 3 -function: -.Bl -bullet -.It -While a random prime number is generated, it is called as described in -.Xr BN_generate_prime 3 . -.It -When the -.Fa n Ns -th -randomly generated prime is rejected as not suitable for -the key, -.Fn BN_GENCB_call cb 2 n -is called. -.It -When a random p has been found with p-1 relatively prime to -.Fa e , -it is called as -.Fn BN_GENCB_call cb 3 0 . -.El -.Pp -The process is then repeated for prime q with -.Fn BN_GENCB_call cb 3 1 . -.Pp -.Fn RSA_generate_key -is deprecated. -New applications should use -.Fn RSA_generate_key_ex -instead. -.Fn RSA_generate_key -works in the same way as -.Fn RSA_generate_key_ex -except it uses "old style" call backs. -See -.Xr BN_generate_prime 3 -for further details. -.Sh RETURN VALUES -.Fn RSA_generate_key_ex -returns 1 on success or 0 on error. -.Fn RSA_generate_key -returns the key on success or -.Dv NULL -on error. -.Pp -The error codes can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr BN_generate_prime 3 , -.Xr RSA_get0_key 3 , -.Xr RSA_meth_set_keygen 3 , -.Xr RSA_new 3 -.Sh HISTORY -.Fn RSA_generate_key -appeared in SSLeay 0.4 or earlier and had its -.Fa cb_arg -argument added in SSLeay 0.9.0. -It has been available since -.Ox 2.4 . -.Pp -.Fn RSA_generate_key_ex -first appeared in OpenSSL 0.9.8 and has been available since -.Ox 4.5 . -.Sh BUGS -.Fn BN_GENCB_call cb 2 x -is used with two different meanings. -.Pp -.Fn RSA_generate_key -goes into an infinite loop for illegal input values. diff --git a/src/lib/libcrypto/man/RSA_get0_key.3 b/src/lib/libcrypto/man/RSA_get0_key.3 deleted file mode 100644 index f09fb00d2b..0000000000 --- a/src/lib/libcrypto/man/RSA_get0_key.3 +++ /dev/null @@ -1,460 +0,0 @@ -.\" $OpenBSD: RSA_get0_key.3,v 1.8 2025/01/05 15:40:42 tb Exp $ -.\" selective merge up to: OpenSSL 665d899f Aug 2 02:19:43 2017 +0800 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2019 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Richard Levitte -.\" Copyright (c) 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: January 5 2025 $ -.Dt RSA_GET0_KEY 3 -.Os -.Sh NAME -.Nm RSA_get0_key , -.Nm RSA_get0_n , -.Nm RSA_get0_e , -.Nm RSA_get0_d , -.Nm RSA_set0_key , -.Nm RSA_get0_factors , -.Nm RSA_get0_p , -.Nm RSA_get0_q , -.Nm RSA_set0_factors , -.Nm RSA_get0_crt_params , -.Nm RSA_get0_dmp1 , -.Nm RSA_get0_dmq1 , -.Nm RSA_get0_iqmp , -.Nm RSA_set0_crt_params , -.Nm RSA_clear_flags , -.Nm RSA_test_flags , -.Nm RSA_set_flags -.Nd get and set data in an RSA object -.Sh SYNOPSIS -.In openssl/rsa.h -.Ft void -.Fo RSA_get0_key -.Fa "const RSA *r" -.Fa "const BIGNUM **n" -.Fa "const BIGNUM **e" -.Fa "const BIGNUM **d" -.Fc -.Ft "const BIGNUM *" -.Fo RSA_get0_n -.Fa "const RSA *r" -.Fc -.Ft "const BIGNUM *" -.Fo RSA_get0_e -.Fa "const RSA *r" -.Fc -.Ft "const BIGNUM *" -.Fo RSA_get0_d -.Fa "const RSA *r" -.Fc -.Ft int -.Fo RSA_set0_key -.Fa "RSA *r" -.Fa "BIGNUM *n" -.Fa "BIGNUM *e" -.Fa "BIGNUM *d" -.Fc -.Ft void -.Fo RSA_get0_factors -.Fa "const RSA *r" -.Fa "const BIGNUM **p" -.Fa "const BIGNUM **q" -.Fc -.Ft "const BIGNUM *" -.Fo RSA_get0_p -.Fa "const RSA *r" -.Fc -.Ft "const BIGNUM *" -.Fo RSA_get0_q -.Fa "const RSA *r" -.Fc -.Ft int -.Fo RSA_set0_factors -.Fa "RSA *r" -.Fa "BIGNUM *p" -.Fa "BIGNUM *q" -.Fc -.Ft void -.Fo RSA_get0_crt_params -.Fa "const RSA *r" -.Fa "const BIGNUM **dmp1" -.Fa "const BIGNUM **dmq1" -.Fa "const BIGNUM **iqmp" -.Fc -.Ft "const BIGNUM *" -.Fo RSA_get0_dmp1 -.Fa "const RSA *r" -.Fc -.Ft "const BIGNUM *" -.Fo RSA_get0_dmq1 -.Fa "const RSA *r" -.Fc -.Ft "const BIGNUM *" -.Fo RSA_get0_iqmp -.Fa "const RSA *r" -.Fc -.Ft int -.Fo RSA_set0_crt_params -.Fa "RSA *r" -.Fa "BIGNUM *dmp1" -.Fa "BIGNUM *dmq1" -.Fa "BIGNUM *iqmp" -.Fc -.Ft void -.Fo RSA_clear_flags -.Fa "RSA *r" -.Fa "int flags" -.Fc -.Ft int -.Fo RSA_test_flags -.Fa "const RSA *r" -.Fa "int flags" -.Fc -.Ft void -.Fo RSA_set_flags -.Fa "RSA *r" -.Fa "int flags" -.Fc -.Sh DESCRIPTION -An -.Vt RSA -object contains the components for the public and private key. -.Fa n -is the modulus common to both public and private key, -.Fa e -is the public exponent and -.Fa d -is the private exponent. -.Fa p , -.Fa q , -.Fa dmp1 , -.Fa dmq1 , -and -.Fa iqmp -are the factors for the second representation of a private key -(see PKCS#1 section 3 Key Types), where -.Fa p -and -.Fa q -are the first and second factor of -.Fa n . -.Fa dmp1 , -.Fa dmq1 , -and -.Fa iqmp -are the exponents and coefficient -for Chinese Remainder Theorem (CRT) calculations. -.Pp -The -.Fa n , -.Fa e , -and -.Fa d -parameters can be obtained by calling -.Fn RSA_get0_key . -If they have not been set yet, then -.Pf * Fa n , -.Pf * Fa e , -and -.Pf * Fa d -are set to -.Dv NULL . -Otherwise, they are set to pointers to the internal representations -of the values that should not be freed by the caller. -.Pp -The -.Fa n , -.Fa e , -and -.Fa d -parameter values can be set by calling -.Fn RSA_set0_key . -The values -.Fa n -and -.Fa e -must be -.Pf non- Dv NULL -the first time this function is called on a given -.Vt RSA -object. -The value -.Fa d -may be -.Dv NULL . -On subsequent calls, any of these values may be -.Dv NULL , -which means that the corresponding field is left untouched. -Calling this function transfers the memory management of the values to -the RSA object. -Therefore, the values that have been passed in -should not be freed by the caller. -.Pp -In a similar fashion, the -.Fa p -and -.Fa q -parameters can be obtained and set with -.Fn RSA_get0_factors -and -.Fn RSA_set0_factors , -and the -.Fa dmp1 , -.Fa dmq1 , -and -.Fa iqmp -parameters can be obtained and set with -.Fn RSA_get0_crt_params -and -.Fn RSA_set0_crt_params . -.Pp -For -.Fn RSA_get0_key , -.Fn RSA_get0_factors , -and -.Fn RSA_get0_crt_params , -.Dv NULL -value -.Vt BIGNUM ** -output arguments are permitted. -The functions -ignore -.Dv NULL -arguments but return values for other, -.Pf non- Dv NULL , -arguments. -.Pp -Values retrieved with -.Fn RSA_get0_key , -.Fn RSA_get0_factors , -and -.Fn RSA_get0_crt_params -are owned by the -.Vt RSA -object used in the call and may therefore -.Em not -be passed to -.Fn RSA_set0_key , -.Fn RSA_set0_factors , -or -.Fn RSA_set0_crt_params . -If needed, duplicate the received value using -.Xr BN_dup 3 -and pass the duplicate. -.Pp -Any of the values -.Fa n , -.Fa e , -.Fa d , -.Fa p , -.Fa q , -.Fa dmp1 , -.Fa dmq1 , -and -.Fa iqmp -can also be retrieved separately by the corresponding functions -.Fn RSA_get0_n , -.Fn RSA_get0_e , -.Fn RSA_get0_d , -.Fn RSA_get0_p , -.Fn RSA_get0_q , -.Fn RSA_get0_dmp1 , -.Fn RSA_get0_dmq1 , -and -.Fn RSA_get0_iqmp , -respectively. -The pointers are owned by the -.Vt RSA -object. -.Pp -.Fn RSA_clear_flags -clears the specified -.Fa flags -in -.Fa r . -.Fn RSA_test_flags -tests the -.Fa flags -in -.Fa r . -.Fn RSA_set_flags -sets the -.Fa flags -in -.Fa r ; -any flags already set remain set. -For all three functions, multiple flags can be passed in one call, -OR'ed together bitwise. -.Pp -The following flags are supported: -.Bl -tag -width Ds -.It Dv RSA_FLAG_CACHE_PRIVATE No and Dv RSA_FLAG_CACHE_PUBLIC -Precompute information needed for Montgomery multiplication -from the private and public key, respectively, and cache it in -.Fa r -for repeated use. -These two flags are set by default for the default RSA implementation, -.Xr RSA_PKCS1_SSLeay 3 . -.It Dv RSA_FLAG_EXT_PKEY -The function set with -.Xr RSA_meth_set_mod_exp 3 -is used for private key operations even if -.Fa p , -.Fa q , -.Fa dmp1 , -.Fa dmq1 , -and -.Fa iqmp -are all -.Dv NULL . -This flag may be useful with RSA implementations that do not use the -private key components stored in the standard fields, for example -because they store the private key in external hardware. -If this flag is unset, the function set with -.Xr RSA_meth_set_bn_mod_exp 3 -is used with -.Fa n -and -.Fa d -instead. -.It Dv RSA_FLAG_NO_BLINDING -Turn off blinding during private key encryption and decryption. -This flag is set by -.Xr RSA_blinding_off 3 . -.It Dv RSA_FLAG_SIGN_VER -This flag has no effect. -It is provided only for backward compatibility with legacy applications. -.El -.Pp -The flags -.Dv RSA_FLAG_BLINDING , -.Dv RSA_FLAG_CHECKED , -.Dv RSA_FLAG_FIPS_METHOD , -.Dv RSA_FLAG_NON_FIPS_ALLOW , -and -.Dv RSA_FLAG_THREAD_SAFE -are defined for compatibility with existing code but have no effect. -.Sh RETURN VALUES -.Fn RSA_get0_n , -.Fn RSA_get0_e , -.Fn RSA_get0_d , -.Fn RSA_get0_p , -.Fn RSA_get0_q , -.Fn RSA_get0_dmp1 , -.Fn RSA_get0_dmq1 , -and -.Fn RSA_get0_iqmp -return a pointer owned by the -.Vt RSA -object if the corresponding value has been set, -otherwise they return -.Dv NULL . -.Pp -.Fn RSA_set0_key , -.Fn RSA_set0_factors , -and -.Fn RSA_set0_crt_params -return 1 on success or 0 on failure. -.Pp -.Fn RSA_test_flags -returns those of the given -.Fa flags -currently set in -.Fa r -or 0 if none of the given -.Fa flags -are set. -.Sh SEE ALSO -.Xr RSA_check_key 3 , -.Xr RSA_generate_key 3 , -.Xr RSA_new 3 , -.Xr RSA_print 3 , -.Xr RSA_size 3 -.Sh HISTORY -.Fn RSA_get0_key , -.Fn RSA_set0_key , -.Fn RSA_get0_factors , -.Fn RSA_set0_factors , -.Fn RSA_get0_crt_params , -.Fn RSA_set0_crt_params , -.Fn RSA_clear_flags , -.Fn RSA_test_flags , -and -.Fn RSA_set_flags -first appeared in OpenSSL 1.1.0 -and have been available since -.Ox 6.3 . -.Pp -.Fn RSA_get0_n , -.Fn RSA_get0_e , -.Fn RSA_get0_d , -.Fn RSA_get0_p , -.Fn RSA_get0_q , -.Fn RSA_get0_dmp1 , -.Fn RSA_get0_dmq1 , -and -.Fn RSA_get0_iqmp -first appeared in OpenSSL 1.1.1 -and have been available since -.Ox 7.1 . diff --git a/src/lib/libcrypto/man/RSA_get_ex_new_index.3 b/src/lib/libcrypto/man/RSA_get_ex_new_index.3 deleted file mode 100644 index 5f1fb4335f..0000000000 --- a/src/lib/libcrypto/man/RSA_get_ex_new_index.3 +++ /dev/null @@ -1,382 +0,0 @@ -.\" $OpenBSD: RSA_get_ex_new_index.3,v 1.13 2023/11/19 21:08:04 tb Exp $ -.\" -.\" Copyright (c) 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: November 19 2023 $ -.Dt RSA_GET_EX_NEW_INDEX 3 -.Os -.Sh NAME -.Nm RSA_get_ex_new_index , -.Nm RSA_set_ex_data , -.Nm RSA_get_ex_data -.Nd add application specific data to RSA objects -.Sh SYNOPSIS -.In openssl/rsa.h -.Ft int -.Fo RSA_get_ex_new_index -.Fa "long argl" -.Fa "void *argp" -.Fa "CRYPTO_EX_new *new_func" -.Fa "CRYPTO_EX_dup *dup_func" -.Fa "CRYPTO_EX_free *free_func" -.Fc -.Ft int -.Fo RSA_set_ex_data -.Fa "RSA *rsa" -.Fa "int idx" -.Fa "void *data" -.Fc -.Ft void * -.Fo RSA_get_ex_data -.Fa "RSA *rsa" -.Fa "int idx" -.Fc -.Sh DESCRIPTION -The following parent objects can have application specific data called -.Dq ex_data -attached to them: -.Vt BIO , DH , DSA , EC_KEY , RSA , -.Vt SSL , SSL_CTX , SSL_SESSION , UI , X509 , X509_STORE , -and -.Vt X509_STORE_CTX . -.\" CRYPTO_EX_INDEX_APP and CRYPTO_EX_INDEX_UI_METHOD are unused. -The present manual page documents the related API functions taking the -.Vt RSA -object type as an example. -The functions for the other object types work in exactly the same way: -just replace the string -.Qq RSA -with the name of the respective object type -throughout the rest of this manual page. -.Pp -By default, each individual -.Vt RSA -object can store one -.Vt void * -pointing to application specific data. -That specific pointer is identified by an -.Fa idx -argument of 0. -.Pp -.Fn RSA_get_ex_new_index -reserves the next consecutive -.Fa idx -argument, enabling storage of one additional -.Vt void * -per -.Vt RSA -object. -It is typically called at program startup. -It can be called more than once if some -.Vt RSA -objects need to store more than two application specific pointers. -Reserving an additional index for one parent object type, for example for -.Vt RSA , -does not change the numbers of indices that can be used -with any other parent object type. -.Pp -It is strongly recommended to always pass three -.Dv NULL -pointers for the arguments -.Fa new_func , -.Fa dup_func , -and -.Fa free_func . -When following this recommendation, the arguments -.Fa argl -and -.Fa argp -are ignored; conventionally, passing 0 and -.Dv NULL -is recommended. -Because using them is discouraged, the three function callback types -are only documented in the low-level -.Xr CRYPTO_EX_new 3 -manual page. -.Pp -.Fn RSA_set_ex_data -stores the -.Fa data -pointer as application specific data at the given -.Fa idx -in the given -.Fa rsa -object. -The meaning of the data pointed to is up to the application. -The caller retains ownership of the -.Fa data -and is responsible for freeing it when neither the caller nor the -.Fa rsa -object need it any longer. -Any other pointer that was previously stored at the same -.Fa idx -in the same -.Fa rsa -object is silently overwritten. -Passing a -.Dv NULL -pointer for the -.Fa data -argument is valid and indicates that no application specific data -currently needs to be stored at the given -.Fa idx . -.Pp -.Fn RSA_get_ex_data -retrieves the last pointer that was stored using -.Fn RSA_set_ex_data -at the given -.Fa idx -in the given -.Fa rsa -object. -.Sh RETURN VALUES -.Fn RSA_get_ex_new_index -returns a new index equal to or greater than 1 -or \-1 if memory allocation fails. -.Pp -.Fn RSA_set_ex_data -returns 1 on success or 0 if memory allocation fails. -.Pp -.Fn RSA_get_ex_data -returns the application specific data or -.Dv NULL -if -.Fa rsa -does not contain application specific data at the given -.Fa idx . -.Sh ERRORS -After failure of -.Fn RSA_get_ex_new_index -or -.Fn RSA_set_ex_data , -the following diagnostic can be retrieved with -.Xr ERR_get_error 3 , -.Xr ERR_GET_REASON 3 , -and -.Xr ERR_reason_error_string 3 : -.Bl -tag -width Ds -.It Dv ERR_R_MALLOC_FAILURE Qq "malloc failure" -Memory allocation failed. -.El -.Pp -In a few unusual failure cases, -.Xr ERR_get_error 3 -may report different errors caused by -.Xr OPENSSL_init_crypto 3 -or even none at all. -.Pp -.Fn RSA_get_ex_data -does not distinguish success from failure. -Consequently, after -.Fn RSA_get_ex_data -returns -.Dv NULL , -.Xr ERR_get_error 3 -returns 0 unless there is still an earlier error in the queue. -.Sh SEE ALSO -.Xr BIO_set_ex_data 3 , -.Xr CRYPTO_set_ex_data 3 , -.Xr DH_set_ex_data 3 , -.Xr DSA_set_ex_data 3 , -.Xr RSA_new 3 , -.Xr SSL_CTX_set_ex_data 3 , -.Xr SSL_SESSION_set_ex_data 3 , -.Xr SSL_set_ex_data 3 , -.Xr X509_STORE_CTX_set_ex_data 3 , -.Xr X509_STORE_set_ex_data 3 -.Sh HISTORY -These functions first appeared in SSLeay 0.9.0 -and have been available since -.Ox 2.4 . -.Sh CAVEATS -A relatively small minority of application programs -attempt to change the API contract such that -.Fn RSA_set_ex_data -transfers ownership of the -.Fa data -to the -.Fa rsa -object. -They do this by providing a -.Fa free_func -that calls -.Xr free 3 -or higher-level -.Fn *_free -functions on the -.Fa data -and sometimes also attempt additional cleanup work as a side effect. -.Pp -This practice is discouraged for several reasons: -.Bl -enum -.It -Due to a massive design mistake in the low-level API function -.Xr CRYPTO_free_ex_data 3 , -this practice creates a possibility that -.Xr RSA_free 3 -may fail due to memory allocation failure, consequently leaking the -memory containing the application specific data and silently skipping -any additional cleanup work the -.Fa free_func -was supposed to do, leaving the application in an undetectably -inconsistent state. -Arguably, leaking additional memory while trying to free some -is most unfortunate especially when the program -is already starved for memory. -.It -This practice introduces a risk of use-after-free and double-free -bugs in case the -.Fa rsa -object gets destructed while a caller of -.Fn RSA_set_ex_data -or -.Fn RSA_get_ex_data -still holds a -.Fa data -pointer. -No such risk exists when no -.Fa free_func -is installed. -.It -Attempting additional cleanup work in -.Fa free_func -is an even worse idea because -.Fa free_func -is unable to report any issues it might detect while doing that work. -Instead, if any additional cleanup work is needed, it is recommended -that the calling code takes care of that before calling -.Xr RSA_free 3 . -.El -.Pp -Even fewer application programs install a -.Fa new_func -that allocates memory and stores a pointer to it in the -.Fa rsa -object by calling -.Xr CRYPTO_set_ex_data 3 . -That is useless because -.Fa new_func -does not have access to any useful information it could store in such memory -and because the default return value of -.Dv NULL -from -.Fn RSA_get_ex_data -is sufficient to indicate -that no application specific data has been stored yet. -In addition, allocating memory in -.Fa new_func -is also inadvisable because it introduces an additional responsibility -for callers of -.Fn RSA_set_ex_data -to always call -.Fn RSA_get_ex_data -first, even when it is the first time the application wants to set -application specific data in a particular -.Fa rsa -object, and to either modify whatever -.Fn RSA_get_ex_data -returns or to free it before calling -.Fn RSA_set_ex_data . -If that is forgotten, a memory leak results. -.Pp -Consequently, allocating any required memory -is better left to the application code that calls -.Fn RSA_set_ex_data . -.Pp -Installing a -.Fa dup_func -is often seen in combination with installing a -.Fa free_func , -for obvious reasons. -It is rarely useful because for most parent object types -that support ex_data, including for -.Vt RSA , -the library does not provide a copying API function in the first place, and -even where copying functions exist, they tend to be fragile and error-prone. -When a new object is needed, it is usually advisable to construct it from -scratch whenever possible, rather than attempting a copy operation. -.Pp -On top of that, if -.Fa dup_func -fails, for example because of a memory allocation failure, the -failure is neither reported nor detectable in any way, leaving the -new parent object with incomplete data and potentially in an -inconsistent state. -.Sh BUGS -If -.Fn RSA_set_ex_data -fails, recovery is very difficult. -In particular, calling -.Xr RSA_free 3 -on the parent -.Fa rsa -object right afterwards is likely to also hit a memory allocation -failure, leaking all memory internally allocated by all earlier calls of -.Fn RSA_set_ex_data -on -.Fa rsa -rather than freeing that memory. -In order to recover, the application program -would have to free a sufficient amount of -.Em other -memory before calling -.Xr RSA_free 3 , -which will rarely be feasible. -Consequently, after a failure of -.Fn RSA_set_ex_data , -terminating the program is likely the only reasonable option. -.Pp -If -.Fn RSA_set_ex_data -is called with an -.Fa idx -argument greater than the last one previously returned from -.Fn RSA_get_ex_new_index , -it may still succeed, and though that is not guaranteed by the API, -retrieving the -.Fa data -from such a bogus -.Fa idx -may even be possible with -.Fn RSA_get_ex_data , -hiding the bug in the application program that caused passing the bogus -.Fa idx -to -.Fn RSA_set_ex_data -in the first place. -.Pp -If the bogus -.Fa idx -argument is large, -.Fn RSA_set_ex_data -may uselessly allocate a large amount of memory. -Calling -.Xr RSA_free 3 -on the parent -.Fa rsa -object is the only way to recover that memory. -.Pp -If the bogus -.Fa idx -argument is very large, -.Fn RSA_set_ex_data -is likely to cause a significant delay before eventually failing -due to memory exhaustion. -It is likely to return without releasing the memory already -allocated, causing any subsequent attempt to allocate memory -for other purposes to fail, too. -In this situation, what was said above about failure of -.Fn RSA_set_ex_data -applies, so terminating the program is likely the only reasonable option. diff --git a/src/lib/libcrypto/man/RSA_meth_new.3 b/src/lib/libcrypto/man/RSA_meth_new.3 deleted file mode 100644 index a3a5c549e5..0000000000 --- a/src/lib/libcrypto/man/RSA_meth_new.3 +++ /dev/null @@ -1,606 +0,0 @@ -.\" $OpenBSD: RSA_meth_new.3,v 1.6 2025/01/05 15:40:42 tb Exp $ -.\" full merge up to: OpenSSL a970b14f Jul 31 18:58:40 2017 -0400 -.\" selective merge up to: OpenSSL 24907560 Sep 17 07:47:42 2018 +1000 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2018, 2019 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Richard Levitte . -.\" Copyright (c) 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: January 5 2025 $ -.Dt RSA_METH_NEW 3 -.Os -.Sh NAME -.Nm RSA_meth_new , -.Nm RSA_meth_dup , -.Nm RSA_meth_free , -.Nm RSA_meth_get0_name , -.Nm RSA_meth_set1_name , -.Nm RSA_meth_get_flags , -.Nm RSA_meth_set_flags , -.Nm RSA_meth_get0_app_data , -.Nm RSA_meth_set0_app_data , -.Nm RSA_meth_get_init , -.Nm RSA_meth_set_init , -.Nm RSA_meth_get_finish , -.Nm RSA_meth_set_finish , -.Nm RSA_meth_get_pub_enc , -.Nm RSA_meth_set_pub_enc , -.Nm RSA_meth_get_pub_dec , -.Nm RSA_meth_set_pub_dec , -.Nm RSA_meth_get_priv_enc , -.Nm RSA_meth_set_priv_enc , -.Nm RSA_meth_get_priv_dec , -.Nm RSA_meth_set_priv_dec , -.Nm RSA_meth_get_sign , -.Nm RSA_meth_set_sign , -.Nm RSA_meth_get_verify , -.Nm RSA_meth_set_verify , -.Nm RSA_meth_get_mod_exp , -.Nm RSA_meth_set_mod_exp , -.Nm RSA_meth_get_bn_mod_exp , -.Nm RSA_meth_set_bn_mod_exp , -.Nm RSA_meth_get_keygen , -.Nm RSA_meth_set_keygen -.Nd build up RSA methods -.Sh SYNOPSIS -.In openssl/rsa.h -.Ft RSA_METHOD * -.Fo RSA_meth_new -.Fa "const char *name" -.Fa "int flags" -.Fc -.Ft RSA_METHOD * -.Fo RSA_meth_dup -.Fa "const RSA_METHOD *meth" -.Fc -.Ft void -.Fo RSA_meth_free -.Fa "RSA_METHOD *meth" -.Fc -.Ft const char * -.Fo RSA_meth_get0_name -.Fa "const RSA_METHOD *meth" -.Fc -.Ft int -.Fo RSA_meth_set1_name -.Fa "RSA_METHOD *meth" -.Fa "const char *name" -.Fc -.Ft int -.Fo RSA_meth_get_flags -.Fa "const RSA_METHOD *meth" -.Fc -.Ft int -.Fo RSA_meth_set_flags -.Fa "RSA_METHOD *meth" -.Fa "int flags" -.Fc -.Ft void * -.Fo RSA_meth_get0_app_data -.Fa "const RSA_METHOD *meth" -.Fc -.Ft int -.Fo RSA_meth_set0_app_data -.Fa "RSA_METHOD *meth" -.Fa "void *app_data" -.Fc -.Ft int -.Fo "(*RSA_meth_get_init(const RSA_METHOD *meth))" -.Fa "RSA *rsa" -.Fc -.Ft int -.Fo "RSA_meth_set_init" -.Fa "RSA_METHOD *meth" -.Fa "int (*init)(RSA *rsa)" -.Fc -.Ft int -.Fo "(*RSA_meth_get_finish(const RSA_METHOD *meth))" -.Fa "RSA *rsa" -.Fc -.Ft int -.Fo RSA_meth_set_finish -.Fa "RSA_METHOD *meth" -.Fa "int (*finish)(RSA *rsa)" -.Fc -.Ft int -.Fo "(*RSA_meth_get_pub_enc(const RSA_METHOD *meth))" -.Fa "int flen" -.Fa "const unsigned char *from" -.Fa "unsigned char *to" -.Fa "RSA *rsa" -.Fa "int padding" -.Fc -.Ft int -.Fo RSA_meth_set_pub_enc -.Fa "RSA_METHOD *meth" -.Fa "int (*pub_enc)(int flen, const unsigned char *from,\ - unsigned char *to, RSA *rsa, int padding)" -.Fc -.Ft int -.Fo "(*RSA_meth_get_pub_dec(const RSA_METHOD *meth))" -.Fa "int flen" -.Fa "const unsigned char *from" -.Fa "unsigned char *to" -.Fa "RSA *rsa" -.Fa "int padding" -.Fc -.Ft int -.Fo RSA_meth_set_pub_dec -.Fa "RSA_METHOD *meth" -.Fa "int (*pub_dec)(int flen, const unsigned char *from,\ - unsigned char *to, RSA *rsa, int padding)" -.Fc -.Ft int -.Fo "(*RSA_meth_get_priv_enc(const RSA_METHOD *meth))" -.Fa "int flen" -.Fa "const unsigned char *from" -.Fa "unsigned char *to" -.Fa "RSA *rsa" -.Fa "int padding" -.Fc -.Ft int -.Fo RSA_meth_set_priv_enc -.Fa "RSA_METHOD *meth" -.Fa "int (*priv_enc)(int flen, const unsigned char *from,\ - unsigned char *to, RSA *rsa, int padding)" -.Fc -.Ft int -.Fo "(*RSA_meth_get_priv_dec(const RSA_METHOD *meth))" -.Fa "int flen" -.Fa "const unsigned char *from" -.Fa "unsigned char *to" -.Fa "RSA *rsa" -.Fa "int padding" -.Fc -.Ft int -.Fo RSA_meth_set_priv_dec -.Fa "RSA_METHOD *meth" -.Fa "int (*priv_dec)(int flen, const unsigned char *from,\ - unsigned char *to, RSA *rsa, int padding)" -.Fc -.Ft int -.Fo "(*RSA_meth_get_sign(const RSA_METHOD *meth))" -.Fa "int type" -.Fa "const unsigned char *m" -.Fa "unsigned int m_length" -.Fa "unsigned char *sigret" -.Fa "unsigned int *siglen" -.Fa "const RSA *rsa" -.Fc -.Ft int -.Fo RSA_meth_set_sign -.Fa "RSA_METHOD *rsa" -.Fa "int (*sign)(int type, const unsigned char *m, unsigned int m_length,\ - unsigned char *sigret, unsigned int *siglen, const RSA *rsa)" -.Fc -.Ft int -.Fo "(*RSA_meth_get_verify(const RSA_METHOD *meth))" -.Fa "int dtype" -.Fa "const unsigned char *m" -.Fa "unsigned int m_length" -.Fa "const unsigned char *sigbuf" -.Fa "unsigned int siglen" -.Fa "const RSA *rsa" -.Fc -.Ft int -.Fo RSA_meth_set_verify -.Fa "RSA_METHOD *rsa" -.Fa "int (*verify)(int dtype, const unsigned char *m,\ - unsigned int m_length, const unsigned char *sigbuf,\ - unsigned int siglen, const RSA *rsa)" -.Fc -.Ft int -.Fo "(*RSA_meth_get_mod_exp(const RSA_METHOD *meth))" -.Fa "BIGNUM *r0" -.Fa "const BIGNUM *i" -.Fa "RSA *rsa" -.Fa "BN_CTX *ctx" -.Fc -.Ft int -.Fo RSA_meth_set_mod_exp -.Fa "RSA_METHOD *meth" -.Fa "int (*mod_exp)(BIGNUM *r0, const BIGNUM *i, RSA *rsa, BN_CTX *ctx)" -.Fc -.Ft int -.Fo "(*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))" -.Fa "BIGNUM *r" -.Fa "const BIGNUM *a" -.Fa "const BIGNUM *p" -.Fa "const BIGNUM *m" -.Fa "BN_CTX *ctx" -.Fa "BN_MONT_CTX *m_ctx" -.Fc -.Ft int -.Fo RSA_meth_set_bn_mod_exp -.Fa "RSA_METHOD *meth" -.Fa "int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,\ - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)" -.Fc -.Ft int -.Fo "(*RSA_meth_get_keygen(const RSA_METHOD *meth))" -.Fa "RSA *rsa" -.Fa "int bits" -.Fa "BIGNUM *e" -.Fa "BN_GENCB *cb" -.Fc -.Ft int -.Fo RSA_meth_set_keygen -.Fa "RSA_METHOD *meth" -.Fa "int (*keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb)" -.Fc -.Sh DESCRIPTION -The -.Vt RSA_METHOD -structure holds function pointers for custom RSA implementations. -.Pp -.Fn RSA_meth_new -creates a new -.Vt RSA_METHOD -structure. -A copy of the NUL-terminated -.Fa name -is stored in the new -.Vt RSA_METHOD -object. -Any new -.Vt RSA -object constructed from this -.Vt RSA_METHOD -will have the given -.Fa flags -set by default, as if they were set with -.Xr RSA_set_flags 3 . -.Pp -.Fn RSA_meth_dup -creates a deep copy of -.Fa meth , -except that a pointer stored into it with -.Fn RSA_meth_set0_app_data -is copied as a pointer without creating a copy of its content. -This might be useful for creating a new -.Vt RSA_METHOD -based on an existing one, but with some differences. -.Pp -.Fn RSA_meth_free -destroys -.Fa meth -and frees any memory associated with it, -except that memory pointed to by a pointer set with -.Fn RSA_meth_set0_app_data -is not freed. -If -.Fa meth -is -.Dv NULL , -no action occurs. -.Pp -.Fn RSA_meth_get0_name -returns an internal pointer to the name of -.Fa meth . -.Fn RSA_meth_set1_name -stores a copy of the NUL-terminated -.Fa name -in the -.Vt RSA_METHOD -object after freeing the previously stored name. -Method names are ignored by the default RSA implementation -but can be used by alternative implementations -and by the application program. -.Pp -.Fn RSA_meth_get_flags -retrieves the flags from -.Fa meth . -Flags are documented in -.Xr RSA_test_flags 3 . -.Fn RSA_meth_set_flags -overwrites all flags in -.Fa meth . -Unlike -.Xr RSA_set_flags 3 , -it does not preserve any flags that were set before the call. -.Pp -.Fn RSA_meth_get0_app_data -and -.Fn RSA_meth_set0_app_data -get and set a pointer to implementation-specific data. -The function -.Fn RSA_meth_free -does not -.Xr free 3 -the memory pointed to by -.Fa app_data . -The default RSA implementation does not use -.Fa app_data . -.Pp -.Fn RSA_meth_get_init -and -.Fn RSA_meth_set_init -get and set an optional function used when creating a new -.Vt RSA -object. -Unless -.Fa init -is -.Dv NULL , -it will be called at the end of -.Xr RSA_new 3 , -.Xr RSA_new_method 3 , -and -.Xr RSA_set_method 3 , -passing a pointer to the newly allocated or reset -.Vt RSA -object as an argument. -The default RSA implementation, -.Xr RSA_PKCS1_SSLeay 3 , -contains an -.Fa init -function equivalent to calling -.Xr RSA_set_flags 3 -with an argument of -.Dv RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE . -.Pp -.Fn RSA_meth_get_finish -and -.Fn RSA_meth_set_finish -get and set an optional function for destroying an -.Vt RSA -object. -Unless -.Fa finish -is -.Dv NULL , -it will be called from -.Xr RSA_set_method 3 -and from -.Xr RSA_free 3 . -It takes the same argument as -.Xr RSA_free 3 -and is intended to do RSA implementation specific cleanup. -The memory used by the -.Vt RSA -object itself should not be freed by the -.Fa finish -function. -The default RSA implementation contains a -.Fa finish -function freeing the memory used by the -.Dv RSA_FLAG_CACHE_PUBLIC -and -.Dv RSA_FLAG_CACHE_PRIVATE -caches. -.Pp -.Fn RSA_meth_get_pub_enc , -.Fn RSA_meth_set_pub_enc , -.Fn RSA_meth_get_pub_dec , -.Fn RSA_meth_set_pub_dec , -.Fn RSA_meth_get_priv_enc , -.Fn RSA_meth_set_priv_enc , -.Fn RSA_meth_get_priv_dec , -and -.Fn RSA_meth_set_priv_dec -get and set the mandatory functions -used for public and private key encryption and decryption. -These functions will be called from -.Xr RSA_public_encrypt 3 , -.Xr RSA_public_decrypt 3 , -.Xr RSA_private_encrypt 3 , -and -.Xr RSA_private_decrypt 3 , -respectively, and take the same parameters as those. -.Pp -.Fn RSA_meth_get_sign , -.Fn RSA_meth_set_sign , -.Fn RSA_meth_get_verify , -and -.Fn RSA_meth_set_verify -get and set the optional functions -used for creating and verifying an RSA signature. -.Pp -.Fn RSA_meth_get_mod_exp -and -.Fn RSA_meth_set_mod_exp -get and set the function -used for Chinese Remainder Theorem (CRT) computations involving the -.Fa p , -.Fa q , -.Fa dmp1 , -.Fa dmq1 , -and -.Fa iqmp -fields of an -.Vt RSA -object. -It is used by the default RSA implementation during -.Xr RSA_private_encrypt 3 -and -.Xr RSA_private_decrypt 3 -when the required components of the private key are available -or when the -.Dv RSA_FLAG_EXT_PKEY -flag is set. -.Pp -.Fn RSA_meth_get_bn_mod_exp -and -.Fn RSA_meth_set_bn_mod_exp -get and set the function used for CRT computations, -specifically the value r = -.Fa a -\(ha -.Fa p -mod -.Fa m . -It is used by the default RSA implementation during -.Xr RSA_public_encrypt 3 -and -.Xr RSA_public_decrypt 3 -and as a fallback during -.Xr RSA_private_encrypt 3 -and -.Xr RSA_private_decrypt 3 . -.Pp -.Fn RSA_meth_get_keygen -and -.Fn RSA_meth_set_keygen -get and set the optional function used for generating a new RSA key pair. -Unless -.Fa keygen -is -.Dv NULL , -it will be called from -.Xr RSA_generate_key_ex 3 -and takes the same parameters. -Otherwise, a builtin default implementation is used. -.Sh RETURN VALUES -.Fn RSA_meth_new -and -.Fn RSA_meth_dup -return the newly allocated -.Vt RSA_METHOD -object or -.Dv NULL -on failure. -.Pp -.Fn RSA_meth_get0_name -returns an internal pointer which must not be freed by the caller. -.Pp -.Fn RSA_meth_get_flags -returns zero or more -.Dv RSA_FLAG_* -constants OR'ed together, or 0 if no flags are set in -.Fa meth . -.Pp -.Fn RSA_meth_get0_app_data -returns the pointer that was earlier passed to -.Fn RSA_meth_set0_app_data -or -.Dv NULL -otherwise. -.Pp -All other -.Fn RSA_meth_get_* -functions return the appropriate function pointer that has been set -with the corresponding -.Fn RSA_meth_set_* -function, or -.Dv NULL -if no such pointer has been set in -.Fa meth . -.Pp -All -.Fn RSA_meth_set* -functions return 1 on success or 0 on failure. -In the current implementation, only -.Fn RSA_meth_set1_name -can actually fail. -.Sh SEE ALSO -.Xr RSA_generate_key_ex 3 , -.Xr RSA_new 3 , -.Xr RSA_private_encrypt 3 , -.Xr RSA_public_encrypt 3 , -.Xr RSA_set_flags 3 , -.Xr RSA_set_method 3 , -.Xr RSA_sign 3 -.Sh HISTORY -These functions first appeared in OpenSSL 1.1.0. -.Fn RSA_meth_new , -.Fn RSA_meth_dup , -.Fn RSA_meth_free , -.Fn RSA_meth_set_finish , -.Fn RSA_meth_set_priv_enc , -and -.Fn RSA_meth_set_priv_dec -have been available since -.Ox 6.3 , -.Fn RSA_meth_set1_name -and -.Fn RSA_meth_get_finish -since -.Ox 6.4 , -and -.Fn RSA_meth_get0_name , -.Fn RSA_meth_get_flags , -.Fn RSA_meth_set_flags , -.Fn RSA_meth_get0_app_data , -.Fn RSA_meth_set0_app_data , -.Fn RSA_meth_get_init , -.Fn RSA_meth_set_init , -.Fn RSA_meth_set_finish , -.Fn RSA_meth_get_pub_enc , -.Fn RSA_meth_set_pub_enc , -.Fn RSA_meth_get_pub_dec , -.Fn RSA_meth_set_pub_dec , -.Fn RSA_meth_get_priv_enc , -.Fn RSA_meth_get_priv_dec , -.Fn RSA_meth_get_sign , -.Fn RSA_meth_set_sign , -.Fn RSA_meth_get_verify , -.Fn RSA_meth_set_verify , -.Fn RSA_meth_get_mod_exp , -.Fn RSA_meth_set_mod_exp , -.Fn RSA_meth_get_bn_mod_exp , -.Fn RSA_meth_set_bn_mod_exp , -.Fn RSA_meth_get_keygen , -and -.Fn RSA_meth_set_keygen -since -.Ox 6.6 . diff --git a/src/lib/libcrypto/man/RSA_new.3 b/src/lib/libcrypto/man/RSA_new.3 deleted file mode 100644 index f5c7929e77..0000000000 --- a/src/lib/libcrypto/man/RSA_new.3 +++ /dev/null @@ -1,248 +0,0 @@ -.\" $OpenBSD: RSA_new.3,v 1.18 2023/11/19 21:03:22 tb Exp $ -.\" full merge up to: -.\" OpenSSL doc/man3/RSA_new.pod e9b77246 Jan 20 19:58:49 2017 +0100 -.\" OpenSSL doc/crypto/rsa.pod 35d2e327 Jun 3 16:19:49 2016 -0400 (final) -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2018, 2019 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Ulf Moeller . -.\" Copyright (c) 2000, 2002, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 19 2023 $ -.Dt RSA_NEW 3 -.Os -.Sh NAME -.Nm RSA_new , -.Nm RSAPrivateKey_dup , -.Nm RSAPublicKey_dup , -.Nm RSA_up_ref , -.Nm RSA_free -.Nd allocate and free RSA objects -.Sh SYNOPSIS -.In openssl/rsa.h -.Ft RSA * -.Fn RSA_new void -.Ft RSA * -.Fo RSAPrivateKey_dup -.Fa "RSA *rsa" -.Fc -.Ft RSA * -.Fo RSAPublicKey_dup -.Fa "RSA *rsa" -.Fc -.Ft int -.Fo RSA_up_ref -.Fa "RSA *rsa" -.Fc -.Ft void -.Fo RSA_free -.Fa "RSA *rsa" -.Fc -.Sh DESCRIPTION -The RSA functions implement RSA public key encryption and signatures -as defined in PKCS #1 v2.0 (RFC 2437). -.Pp -.Fn RSA_new -allocates and initializes an -.Vt RSA -structure, setting the reference count to 1. -It is equivalent to calling -.Xr RSA_new_method 3 -with a -.Dv NULL -argument. -.Pp -.Fn RSAPrivateKey_dup -calls -.Fn RSA_new -and copies the public and private key components from -.Fa rsa -into the new structure. -.Fn RSAPublicKey_dup -does the same except that it copies the public key components only. -.Pp -.Fn RSA_up_ref -increments the reference count by 1. -.Pp -.Fn RSA_free -decrements the reference count by 1. -If it reaches 0, it calls the optional -.Fa finish -function set up with -.Xr RSA_meth_set_finish 3 -and frees the -.Vt RSA -structure and its components. -The key is erased before the memory is returned to the system. -If -.Fa rsa -is a -.Dv NULL -pointer, no action occurs. -.Pp -The -.Vt RSA -structure consists of several -.Vt BIGNUM -components. -It can contain public as well as private RSA keys: -.Bd -literal -typedef struct { - BIGNUM *n; // public modulus - BIGNUM *e; // public exponent - BIGNUM *d; // private exponent - BIGNUM *p; // secret prime factor - BIGNUM *q; // secret prime factor - BIGNUM *dmp1; // d mod (p-1) - BIGNUM *dmq1; // d mod (q-1) - BIGNUM *iqmp; // q^-1 mod p - // ... -} RSA; -.Ed -.Pp -In public keys, the private exponent -.Fa d -and the related secret values -.Fa p , q , dmp1 , dmp2 , -and -.Fa iqmp -are -.Dv NULL . -.Pp -.Fa p , -.Fa q , -.Fa dmp1 , -.Fa dmq1 , -and -.Fa iqmp -may be -.Dv NULL -in private keys, but the RSA operations are much faster when these -values are available. -.Pp -Note that RSA keys may use non-standard -.Vt RSA_METHOD -implementations. -In some cases, these -.Vt BIGNUM -values will not be used by the implementation or may be used for -alternative data storage. -For this reason, applications should generally avoid using -.Vt RSA -structure elements directly and instead use API functions to query -or modify keys. -.Sh RETURN VALUES -.Fn RSA_new , -.Fn RSAPrivateKey_dup , -and -.Fn RSAPublicKey_dup -return a pointer to the newly allocated structure, or -.Dv NULL -if an error occurs. -An error code can be obtained by -.Xr ERR_get_error 3 . -.Pp -.Fn RSA_up_ref -returns 1 for success or 0 for failure. -.Sh SEE ALSO -.Xr BN_new 3 , -.Xr crypto 3 , -.Xr d2i_RSAPublicKey 3 , -.Xr DH_new 3 , -.Xr DSA_new 3 , -.Xr EVP_PKEY_set1_RSA 3 , -.Xr RSA_blinding_on 3 , -.Xr RSA_check_key 3 , -.Xr RSA_generate_key 3 , -.Xr RSA_get0_key 3 , -.Xr RSA_get_ex_new_index 3 , -.Xr RSA_meth_new 3 , -.Xr RSA_padding_add_PKCS1_type_1 3 , -.Xr RSA_pkey_ctx_ctrl 3 , -.Xr RSA_print 3 , -.Xr RSA_private_encrypt 3 , -.Xr RSA_PSS_PARAMS_new 3 , -.Xr RSA_public_encrypt 3 , -.Xr RSA_security_bits 3 , -.Xr RSA_set_method 3 , -.Xr RSA_sign 3 , -.Xr RSA_sign_ASN1_OCTET_STRING 3 , -.Xr RSA_size 3 -.Sh STANDARDS -SSL, PKCS #1 v2.0 -.Pp -RSA was covered by a US patent which expired in September 2000. -.Sh HISTORY -.Fn RSA_new -and -.Fn RSA_free -appeared in SSLeay 0.4 or earlier. -.Fn RSAPrivateKey_dup -first appeared in SSLeay 0.5.1 and -.Fn RSAPublicKey_dup -in SSLeay 0.5.2. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn RSA_up_ref -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3 b/src/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3 deleted file mode 100644 index e7c3a2a624..0000000000 --- a/src/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3 +++ /dev/null @@ -1,236 +0,0 @@ -.\" $OpenBSD: RSA_padding_add_PKCS1_type_1.3,v 1.8 2018/03/21 16:09:51 schwarze Exp $ -.\" OpenSSL 1e3f62a3 Jul 17 16:47:13 2017 +0200 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 21 2018 $ -.Dt RSA_PADDING_ADD_PKCS1_TYPE_1 3 -.Os -.Sh NAME -.Nm RSA_padding_add_PKCS1_type_1 , -.Nm RSA_padding_check_PKCS1_type_1 , -.Nm RSA_padding_add_PKCS1_type_2 , -.Nm RSA_padding_check_PKCS1_type_2 , -.Nm RSA_padding_add_PKCS1_OAEP , -.Nm RSA_padding_check_PKCS1_OAEP , -.Nm RSA_padding_add_none , -.Nm RSA_padding_check_none -.Nd asymmetric encryption padding -.Sh SYNOPSIS -.In openssl/rsa.h -.Ft int -.Fo RSA_padding_add_PKCS1_type_1 -.Fa "unsigned char *to" -.Fa "int tlen" -.Fa "unsigned char *f" -.Fa "int fl" -.Fc -.Ft int -.Fo RSA_padding_check_PKCS1_type_1 -.Fa "unsigned char *to" -.Fa "int tlen" -.Fa "unsigned char *f" -.Fa "int fl" -.Fa "int rsa_len" -.Fc -.Ft int -.Fo RSA_padding_add_PKCS1_type_2 -.Fa "unsigned char *to" -.Fa "int tlen" -.Fa "unsigned char *f" -.Fa "int fl" -.Fc -.Ft int -.Fo RSA_padding_check_PKCS1_type_2 -.Fa "unsigned char *to" -.Fa "int tlen" -.Fa "unsigned char *f" -.Fa "int fl" -.Fa "int rsa_len" -.Fc -.Ft int -.Fo RSA_padding_add_PKCS1_OAEP -.Fa "unsigned char *to" -.Fa "int tlen" -.Fa "unsigned char *f" -.Fa "int fl" -.Fa "unsigned char *p" -.Fa "int pl" -.Fc -.Ft int -.Fo RSA_padding_check_PKCS1_OAEP -.Fa "unsigned char *to" -.Fa "int tlen" -.Fa "unsigned char *f" -.Fa "int fl" -.Fa "int rsa_len" -.Fa "unsigned char *p" -.Fa "int pl" -.Fc -.Ft int -.Fo RSA_padding_add_none -.Fa "unsigned char *to" -.Fa "int tlen" -.Fa "unsigned char *f" -.Fa "int fl" -.Fc -.Ft int -.Fo RSA_padding_check_none -.Fa "unsigned char *to" -.Fa "int tlen" -.Fa "unsigned char *f" -.Fa "int fl" -.Fa "int rsa_len" -.Fc -.Sh DESCRIPTION -These functions are called from the RSA encrypt, decrypt, sign, and -verify functions. -Normally they should not be called from application programs. -.Pp -However, they can also be called directly to implement padding for other -asymmetric ciphers. -.Fn RSA_padding_add_PKCS1_OAEP -and -.Fn RSA_padding_check_PKCS1_OAEP -may be used in an application combined with -.Dv RSA_NO_PADDING -in order to implement OAEP with an encoding parameter. -.Pp -.Fn RSA_padding_add_* -encodes -.Fa fl -bytes from -.Fa f -so as to fit into -.Fa tlen -bytes and stores the result at -.Fa to . -An error occurs if -.Fa fl -does not meet the size requirements of the encoding method. -.Pp -The following encoding methods are implemented: -.Pp -.Bl -tag -width PKCS1_type_2 -compact -.It PKCS1_type_1 -PKCS #1 v2.0 EMSA-PKCS1-v1_5 (PKCS #1 v1.5 block type 1); -used for signatures -.It PKCS1_type_2 -PKCS #1 v2.0 EME-PKCS1-v1_5 (PKCS #1 v1.5 block type 2) -.It PKCS1_OAEP -PKCS #1 v2.0 EME-OAEP -.It none -simply copy the data -.El -.Pp -.Fn RSA_padding_check_* -verifies that the -.Fa fl -bytes at -.Fa f -contain a valid encoding for a -.Fa rsa_len -byte RSA key in the respective encoding method and stores the recovered -data of at most -.Fa tlen -bytes (for -.Dv RSA_NO_PADDING : -of size -.Fa tlen ) -at -.Fa to . -.Pp -For -.Fn RSA_padding_*_OAEP , -.Fa p -points to the encoding parameter of length -.Fa pl . -.Fa p -may be -.Dv NULL -if -.Fa pl -is 0. -.Sh RETURN VALUES -The -.Fn RSA_padding_add_* -functions return 1 on success or 0 on error. -The -.Fn RSA_padding_check_* -functions return the length of the recovered data or -1 on error. -Error codes can be obtained by calling -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr RSA_new 3 , -.Xr RSA_private_decrypt 3 , -.Xr RSA_public_encrypt 3 , -.Xr RSA_sign 3 , -.Xr RSA_verify 3 -.Sh HISTORY -.Fn RSA_padding_add_PKCS1_type_1 , -.Fn RSA_padding_check_PKCS1_type_1 , -.Fn RSA_padding_add_PKCS1_type_2 , -.Fn RSA_padding_check_PKCS1_type_2 , -.Fn RSA_padding_add_none , -and -.Fn RSA_padding_check_none -first appeared in SSLeay 0.9.0 and have been available since -.Ox 2.4 . -.Pp -.Fn RSA_padding_add_PKCS1_OAEP -and -.Fn RSA_padding_check_PKCS1_OAEP -first appeared in OpenSSL 0.9.2b and have been available since -.Ox 2.6 . -.Sh BUGS -The -.Fn RSA_padding_check_PKCS1_type_2 -padding check leaks timing information which can potentially be -used to mount a Bleichenbacher padding oracle attack. -This is an inherent weakness in the PKCS #1 v1.5 padding design. -Prefer PKCS1_OAEP padding. diff --git a/src/lib/libcrypto/man/RSA_pkey_ctx_ctrl.3 b/src/lib/libcrypto/man/RSA_pkey_ctx_ctrl.3 deleted file mode 100644 index 3d4e79cc47..0000000000 --- a/src/lib/libcrypto/man/RSA_pkey_ctx_ctrl.3 +++ /dev/null @@ -1,402 +0,0 @@ -.\" $OpenBSD: RSA_pkey_ctx_ctrl.3,v 1.8 2024/12/06 14:27:49 schwarze Exp $ -.\" full merge up to: -.\" OpenSSL man3/EVP_PKEY_CTX_ctrl.pod 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" OpenSSL man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.pod -.\" 87103969 Oct 1 14:11:57 2018 -0700 -.\" selective merge up to: -.\" OpenSSL man3/EVP_PKEY_CTX_ctrl.pod df75c2b f Dec 9 01:02:36 2018 +0100 -.\" -.\" This file was written by Dr. Stephen Henson -.\" and Antoine Salon . -.\" Copyright (c) 2006, 2009, 2013, 2014, 2015, 2017, 2018 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 6 2024 $ -.Dt RSA_PKEY_CTX_CTRL 3 -.Os -.Sh NAME -.Nm RSA_pkey_ctx_ctrl , -.Nm EVP_PKEY_CTX_set_rsa_padding , -.Nm EVP_PKEY_CTX_get_rsa_padding , -.Nm EVP_PKEY_CTX_set_rsa_keygen_bits , -.Nm EVP_PKEY_CTX_set_rsa_keygen_pubexp , -.Nm EVP_PKEY_CTX_set_rsa_mgf1_md , -.Nm EVP_PKEY_CTX_get_rsa_mgf1_md , -.Nm EVP_PKEY_CTX_set_rsa_oaep_md , -.Nm EVP_PKEY_CTX_get_rsa_oaep_md , -.Nm EVP_PKEY_CTX_set0_rsa_oaep_label , -.Nm EVP_PKEY_CTX_get0_rsa_oaep_label , -.Nm EVP_PKEY_CTX_set_rsa_pss_saltlen , -.Nm EVP_PKEY_CTX_get_rsa_pss_saltlen , -.Nm EVP_PKEY_CTX_set_rsa_pss_keygen_md , -.Nm EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md , -.Nm EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen -.Nd RSA private key control operations -.Sh SYNOPSIS -.In openssl/rsa.h -.Ft int -.Fo RSA_pkey_ctx_ctrl -.Fa "EVP_PKEY_CTX *ctx" -.Fa "int optype" -.Fa "int cmd" -.Fa "int p1" -.Fa "void *p2" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_set_rsa_padding -.Fa "EVP_PKEY_CTX *ctx" -.Fa "int pad" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_get_rsa_padding -.Fa "EVP_PKEY_CTX *ctx" -.Fa "int *ppad" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_set_rsa_keygen_bits -.Fa "EVP_PKEY_CTX *ctx" -.Fa "int mbits" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_set_rsa_keygen_pubexp -.Fa "EVP_PKEY_CTX *ctx" -.Fa "BIGNUM *pubexp" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_set_rsa_mgf1_md -.Fa "EVP_PKEY_CTX *ctx" -.Fa "const EVP_MD *md" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_get_rsa_mgf1_md -.Fa "EVP_PKEY_CTX *ctx" -.Fa "const EVP_MD **pmd" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_set_rsa_oaep_md -.Fa "EVP_PKEY_CTX *ctx" -.Fa "const EVP_MD *md" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_get_rsa_oaep_md -.Fa "EVP_PKEY_CTX *ctx" -.Fa "const EVP_MD **pmd" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_set0_rsa_oaep_label -.Fa "EVP_PKEY_CTX *ctx" -.Fa "unsigned char *label" -.Fa "int len" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_get0_rsa_oaep_label -.Fa "EVP_PKEY_CTX *ctx" -.Fa "unsigned char **plabel" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_set_rsa_pss_saltlen -.Fa "EVP_PKEY_CTX *ctx" -.Fa "int len" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_get_rsa_pss_saltlen -.Fa "EVP_PKEY_CTX *ctx" -.Fa "int *plen" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_set_rsa_pss_keygen_md -.Fa "EVP_PKEY_CTX *pctx" -.Fa "const EVP_MD *md" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md -.Fa "EVP_PKEY_CTX *pctx" -.Fa "const EVP_MD *md" -.Fc -.Ft int -.Fo EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen -.Fa "EVP_PKEY_CTX *pctx" -.Fa "int saltlen" -.Fc -.Sh DESCRIPTION -The function -.Fn RSA_pkey_ctx_ctrl -is a shallow wrapper around -.Xr EVP_PKEY_CTX_ctrl 3 -which only succeeds if -.Fa ctx -matches either -.Dv EVP_PKEY_RSA -or -.Dv EVP_PKEY_RSA_PSS . -.Pp -All the remaining "functions" are implemented as macros. -.Pp -The -.Fn EVP_PKEY_CTX_set_rsa_padding -macro sets the RSA padding mode for -.Fa ctx . -The -.Fa pad -parameter can take the value -.Dv RSA_PKCS1_PADDING -for PKCS#1 padding, -.Dv RSA_NO_PADDING -for no padding, -.Dv RSA_PKCS1_OAEP_PADDING -for OAEP padding (encrypt and decrypt only), -.Dv RSA_X931_PADDING -for X9.31 padding (signature operations only) and -.Dv RSA_PKCS1_PSS_PADDING -(sign and verify only). -Only the last one can be used with keys of the type -.Dv EVP_PKEY_RSA_PSS . -.Pp -Two RSA padding modes behave differently if -.Xr EVP_PKEY_CTX_set_signature_md 3 -is used. -If this macro is called for PKCS#1 padding, the plaintext buffer is an -actual digest value and is encapsulated in a -.Vt DigestInfo -structure according to PKCS#1 when signing and this structure is -expected (and stripped off) when verifying. -If this control is not used with RSA and PKCS#1 padding then the -supplied data is used directly and not encapsulated. -In the case of X9.31 padding for RSA the algorithm identifier byte is -added or checked and removed if this control is called. -If it is not called then the first byte of the plaintext buffer is -expected to be the algorithm identifier byte. -.Pp -The -.Fn EVP_PKEY_CTX_get_rsa_padding -macro retrieves the RSA padding mode for -.Fa ctx . -.Pp -The -.Fn EVP_PKEY_CTX_set_rsa_keygen_bits -macro sets the RSA key length for RSA or RSA-PSS key generation to -.Fa mbits . -The smallest supported value is 512 bits. -If not specified, 1024 bits is used. -.Pp -The -.Fn EVP_PKEY_CTX_set_rsa_keygen_pubexp -macro sets the public exponent value for RSA or RSA-PSS key generation to -.Fa pubexp . -Currently, it should be an odd integer. -The -.Fa pubexp -pointer is used internally by this function, so it should not be modified -or freed after the call. -If this macro is not called, then 65537 is used. -.Pp -The -.Fn EVP_PKEY_CTX_set_rsa_mgf1_md -macro sets the MGF1 digest for RSA padding schemes to -.Fa md . -Unless explicitly specified, the signing digest is used. -The padding mode must have been set to -.Dv RSA_PKCS1_OAEP_PADDING -or -.Dv RSA_PKCS1_PSS_PADDING . -If the key is of the type -.Dv EVP_PKEY_RSA_PSS -and has usage restrictions, an error occurs if an attempt is made -to set the digest to anything other than the restricted value. -.Pp -The -.Fn EVP_PKEY_CTX_get_rsa_mgf1_md -macro retrieves the MGF1 digest for -.Fa ctx . -Unless explicitly specified, the signing digest is used. -The padding mode must have been set to -.Dv RSA_PKCS1_OAEP_PADDING -or -.Dv RSA_PKCS1_PSS_PADDING . -.Ss Optimal asymmetric encryption padding -The following macros require that the padding mode was set to -.Dv RSA_PKCS1_OAEP_PADDING . -.Pp -The -.Fn EVP_PKEY_CTX_set_rsa_oaep_md -macro sets the message digest type used in RSA OAEP to -.Fa md . -.Pp -The -.Fn EVP_PKEY_CTX_get_rsa_oaep_md -macro gets the message digest type used in RSA OAEP to -.Pf * Fa pmd . -.Pp -The -.Fn EVP_PKEY_CTX_set0_rsa_oaep_label -macro sets the RSA OAEP label to -.Fa label -and its length to -.Fa len . -If -.Fa label -is -.Dv NULL -or -.Fa len -is 0, the label is cleared. -The library takes ownership of the label so the caller should not -free the original memory pointed to by -.Fa label . -.Pp -The -.Fn EVP_PKEY_CTX_get0_rsa_oaep_label -macro gets the RSA OAEP label to -.Pf * Fa plabel . -The return value is the label length. -The resulting pointer is owned by the library and should not be -freed by the caller. -.Ss Probabilistic signature scheme -The following macros require that the padding mode was set to -.Dv RSA_PKCS1_PSS_PADDING . -.Pp -The -.Fn EVP_PKEY_CTX_set_rsa_pss_saltlen -macro sets the RSA PSS salt length to -.Fa len . -Three special values are supported: -.Dv RSA_PSS_SALTLEN_DIGEST -sets the salt length to the digest length. -.Dv RSA_PSS_SALTLEN_MAX -sets the salt length to the maximum permissible value. -When signing, -.Dv RSA_PSS_SALTLEN_AUTO -sets the salt length to the maximum permissible value. -When verifying, -.Dv RSA_PSS_SALTLEN_AUTO -causes the salt length to be automatically determined based on the -PSS block structure. -If this macro is not called, a salt length value of -.Dv RSA_PSS_SALTLEN_AUTO -is used by default. -.Pp -If the key has usage restrictions and an attempt is made to set the -salt length below the minimum value, an error occurs. -Also, if the key has usage restrictions, -.Dv RSA_PSS_SALTLEN_AUTO -is not supported for verification. -.Pp -The -.Fn EVP_PKEY_CTX_get_rsa_pss_saltlen -macro retrieves the RSA PSS salt length for -.Fa ctx . -.Pp -Optional parameter restrictions can be specified when generating a PSS -key. -If any restrictions are set using the macros described below, -then all parameters are restricted. -For example, setting a minimum salt length also restricts the digest and -MGF1 algorithms. -If any restrictions are in place, then they are reflected in the -corresponding parameters of the public key when (for example) a -certificate request is signed. -.Pp -.Fn EVP_PKEY_CTX_set_rsa_pss_keygen_md -restricts the digest algorithm the generated key can use to -.Fa md . -.Pp -.Fn EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md -restricts the MGF1 algorithm the generated key can use to -.Fa md . -.Pp -.Fn EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen -restricts the minimum salt length to -.Fa saltlen . -.Sh RETURN VALUES -These functions return a positive value for success or 0 or a negative -value for failure. -In particular, a return value of -2 indicates the operation is not -supported by the public key algorithm. -.Sh SEE ALSO -.Xr EVP_DigestInit 3 , -.Xr EVP_PKEY_CTX_ctrl 3 , -.Xr EVP_PKEY_CTX_new 3 , -.Xr EVP_PKEY_decrypt 3 , -.Xr EVP_PKEY_derive 3 , -.Xr EVP_PKEY_encrypt 3 , -.Xr EVP_PKEY_get_default_digest_nid 3 , -.Xr EVP_PKEY_keygen 3 , -.Xr EVP_PKEY_sign 3 , -.Xr EVP_PKEY_verify 3 , -.Xr EVP_PKEY_verify_recover 3 -.Sh HISTORY -The functions -.Fn EVP_PKEY_CTX_set_rsa_padding , -.Fn EVP_PKEY_CTX_set_rsa_keygen_bits , -.Fn EVP_PKEY_CTX_set_rsa_keygen_pubexp , -and -.Fn EVP_PKEY_CTX_set_rsa_pss_saltlen -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . -.Pp -The functions -.Fn EVP_PKEY_CTX_get_rsa_padding , -.Fn EVP_PKEY_CTX_set_rsa_mgf1_md , -.Fn EVP_PKEY_CTX_get_rsa_mgf1_md , -and -.Fn EVP_PKEY_CTX_get_rsa_pss_saltlen -first appeared in OpenSSL 1.0.1 and have been available since -.Ox 5.3 . -.Pp -The functions -.Fn EVP_PKEY_CTX_set_rsa_oaep_md , -.Fn EVP_PKEY_CTX_get_rsa_oaep_md , -.Fn EVP_PKEY_CTX_set0_rsa_oaep_label , -and -.Fn EVP_PKEY_CTX_get0_rsa_oaep_label -first appeared in OpenSSL 1.0.2 and have been available since -.Ox 6.7 . -.Pp -The function -.Fn RSA_pkey_ctx_ctrl -first appeared in OpenSSL 1.1.1 and has been available since -.Ox 6.7 . diff --git a/src/lib/libcrypto/man/RSA_print.3 b/src/lib/libcrypto/man/RSA_print.3 deleted file mode 100644 index 767241ce1c..0000000000 --- a/src/lib/libcrypto/man/RSA_print.3 +++ /dev/null @@ -1,144 +0,0 @@ -.\" $OpenBSD: RSA_print.3,v 1.9 2019/06/06 01:06:59 schwarze Exp $ -.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000, 2002, 2003 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: June 6 2019 $ -.Dt RSA_PRINT 3 -.Os -.Sh NAME -.Nm RSA_print , -.Nm RSA_print_fp , -.Nm DSAparams_print , -.Nm DSAparams_print_fp , -.Nm DSA_print , -.Nm DSA_print_fp , -.Nm DHparams_print , -.Nm DHparams_print_fp -.Nd print cryptographic parameters -.Sh SYNOPSIS -.In openssl/rsa.h -.Ft int -.Fo RSA_print -.Fa "BIO *bp" -.Fa "RSA *x" -.Fa "int offset" -.Fc -.Ft int -.Fo RSA_print_fp -.Fa "FILE *fp" -.Fa "RSA *x" -.Fa "int offset" -.Fc -.In openssl/dsa.h -.Ft int -.Fo DSAparams_print -.Fa "BIO *bp" -.Fa "DSA *x" -.Fc -.Ft int -.Fo DSAparams_print_fp -.Fa "FILE *fp" -.Fa "DSA *x" -.Fc -.Ft int -.Fo DSA_print -.Fa "BIO *bp" -.Fa "DSA *x" -.Fa "int offset" -.Fc -.Ft int -.Fo DSA_print_fp -.Fa "FILE *fp" -.Fa "DSA *x" -.Fa "int offset" -.Fc -.In openssl/dh.h -.Ft int -.Fo DHparams_print -.Fa "BIO *bp" -.Fa "DH *x" -.Fc -.Ft int -.Fo DHparams_print_fp -.Fa "FILE *fp" -.Fa "DH *x" -.Fc -.Sh DESCRIPTION -A human-readable hexadecimal output of the components of the RSA key, -DSA parameters or key or DH parameters is printed to -.Fa bp -or -.Fa fp . -.Pp -The output lines are indented by -.Fa offset -spaces. -.Sh RETURN VALUES -These functions return 1 on success or 0 on error. -.Sh SEE ALSO -.Xr BN_bn2bin 3 , -.Xr DH_get0_pqg 3 , -.Xr DH_new 3 , -.Xr DSA_get0_pqg 3 , -.Xr RSA_get0_key 3 , -.Xr RSA_new 3 -.Sh HISTORY -.Fn RSA_print -and -.Fn DHparams_print -first appeared in SSLeay 0.5.1. -.Fn RSA_print_fp , -.Fn DSA_print , -and -.Fn DHparams_print_fp -first appeared in SSLeay 0.6.0. -.Fn DSA_print_fp -first appeared in SSLeay 0.8.0. -All these functions have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/RSA_private_encrypt.3 b/src/lib/libcrypto/man/RSA_private_encrypt.3 deleted file mode 100644 index 2bf6c57dba..0000000000 --- a/src/lib/libcrypto/man/RSA_private_encrypt.3 +++ /dev/null @@ -1,150 +0,0 @@ -.\" $OpenBSD: RSA_private_encrypt.3,v 1.10 2019/06/10 14:58:48 schwarze Exp $ -.\" OpenSSL RSA_private_encrypt.pod b41f6b64 Mar 10 15:49:04 2017 +0000 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: June 10 2019 $ -.Dt RSA_PRIVATE_ENCRYPT 3 -.Os -.Sh NAME -.Nm RSA_private_encrypt , -.Nm RSA_public_decrypt -.Nd low level signature operations -.Sh SYNOPSIS -.In openssl/rsa.h -.Ft int -.Fo RSA_private_encrypt -.Fa "int flen" -.Fa "const unsigned char *from" -.Fa "unsigned char *to" -.Fa "RSA *rsa" -.Fa "int padding" -.Fc -.Ft int -.Fo RSA_public_decrypt -.Fa "int flen" -.Fa "const unsigned char *from" -.Fa "unsigned char *to" -.Fa "RSA *rsa" -.Fa "int padding" -.Fc -.Sh DESCRIPTION -These functions handle RSA signatures at a low level. -.Pp -.Fn RSA_private_encrypt -signs the -.Fa flen -bytes at -.Fa from -(usually a message digest with an algorithm identifier) using the -private key -.Fa rsa -and stores the signature in -.Fa to . -.Fa to -must point to -.Fn RSA_size rsa -bytes of memory. -.Pp -.Fa padding -denotes one of the following modes: -.Bl -tag -width Ds -.It Dv RSA_PKCS1_PADDING -PKCS #1 v1.5 padding. -This function does not handle the -.Sy algorithmIdentifier -specified in PKCS #1. -When generating or verifying PKCS #1 signatures, -.Xr RSA_sign 3 -and -.Xr RSA_verify 3 -should be used. -.It Dv RSA_NO_PADDING -Raw RSA signature. -This mode should only be used to implement cryptographically sound -padding modes in the application code. -Signing user data directly with RSA is insecure. -.El -.Pp -.Fn RSA_public_decrypt -recovers the message digest from the -.Fa flen -bytes long signature at -.Fa from -using the signer's public key -.Fa rsa . -.Fa to -must point to a memory section large enough to hold the message digest -(which is smaller than -.Fn RSA_size rsa -- 11). -.Fa padding -is the padding mode that was used to sign the data. -.Sh RETURN VALUES -.Fn RSA_private_encrypt -returns the size of the signature (i.e.\& -.Fn RSA_size rsa ) . -.Fn RSA_public_decrypt -returns the size of the recovered message digest. -.Pp -On error, -1 is returned; the error codes can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr RSA_meth_set_priv_enc 3 , -.Xr RSA_new 3 , -.Xr RSA_sign 3 , -.Xr RSA_verify 3 -.Sh HISTORY -.Fn RSA_private_encrypt -and -.Fn RSA_public_decrypt -appeared in SSLeay 0.4 or earlier and have been available since -.Ox 2.4 . -.Pp -.Dv RSA_NO_PADDING -is available since SSLeay 0.9.0. diff --git a/src/lib/libcrypto/man/RSA_public_encrypt.3 b/src/lib/libcrypto/man/RSA_public_encrypt.3 deleted file mode 100644 index be3afdf402..0000000000 --- a/src/lib/libcrypto/man/RSA_public_encrypt.3 +++ /dev/null @@ -1,247 +0,0 @@ -.\" $OpenBSD: RSA_public_encrypt.3,v 1.13 2023/09/10 16:04:15 schwarze Exp $ -.\" OpenSSL RSA_public_encrypt.pod 1e3f62a3 Jul 17 16:47:13 2017 +0200 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Ulf Moeller . -.\" Copyright (c) 2000, 2004 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: September 10 2023 $ -.Dt RSA_PUBLIC_ENCRYPT 3 -.Os -.Sh NAME -.Nm RSA_public_encrypt , -.Nm RSA_private_decrypt , -.Nm EVP_PKEY_encrypt_old , -.Nm EVP_PKEY_decrypt_old -.Nd RSA public key cryptography -.Sh SYNOPSIS -.In openssl/rsa.h -.Ft int -.Fo RSA_public_encrypt -.Fa "int flen" -.Fa "const unsigned char *from" -.Fa "unsigned char *to" -.Fa "RSA *rsa" -.Fa "int padding" -.Fc -.Ft int -.Fo RSA_private_decrypt -.Fa "int flen" -.Fa "const unsigned char *from" -.Fa "unsigned char *to" -.Fa "RSA *rsa" -.Fa "int padding" -.Fc -.In openssl/evp.h -.Ft int -.Fo EVP_PKEY_encrypt_old -.Fa "unsigned char *to" -.Fa "const unsigned char *from" -.Fa "int flen" -.Fa "EVP_PKEY *pkey" -.Fc -.Ft int -.Fo EVP_PKEY_decrypt_old -.Fa "unsigned char *to" -.Fa "const unsigned char *from" -.Fa "int flen" -.Fa "EVP_PKEY *pkey" -.Fc -.Sh DESCRIPTION -.Fn RSA_public_encrypt -encrypts the -.Fa flen -bytes at -.Fa from -(usually a session key) using the public key -.Fa rsa -and stores the ciphertext in -.Fa to . -.Fa to -must point to -.Fn RSA_size rsa -bytes of memory. -.Pp -.Fa padding -denotes one of the following modes: -.Bl -tag -width Ds -.It Dv RSA_PKCS1_PADDING -PKCS #1 v1.5 padding. -This currently is the most widely used mode. -.It Dv RSA_PKCS1_OAEP_PADDING -EME-OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty -encoding parameter. -This mode is recommended for all new applications. -.It Dv RSA_NO_PADDING -Raw RSA encryption. -This mode should only be used to implement cryptographically sound -padding modes in the application code. -Encrypting user data directly with RSA is insecure. -.El -.Pp -.Fa flen -must be less than -.Fn RSA_size rsa -- 11 for the PKCS #1 v1.5 based padding modes, less than -.Fn RSA_size rsa -- 41 for -.Dv RSA_PKCS1_OAEP_PADDING -and exactly -.Fn RSA_size rsa -for -.Dv RSA_NO_PADDING . -.Pp -.Fn RSA_private_decrypt -decrypts the -.Fa flen -bytes at -.Fa from -using the private key -.Fa rsa -and stores the plaintext in -.Fa to . -.Fa to -must point to a memory section large enough to hold the decrypted data -(which is smaller than -.Fn RSA_size rsa ) . -.Fa padding -is the padding mode that was used to encrypt the data. -.Pp -.Fn EVP_PKEY_encrypt_old -is a deprecated wrapper around -.Fn RSA_public_encrypt -that uses the -.Vt RSA -public key stored in -.Fa pkey -and -.Dv RSA_PKCS1_PADDING . -.Pp -.Fn EVP_PKEY_decrypt_old -is a deprecated wrapper around -.Fn RSA_private_decrypt -that uses the -.Vt RSA -private key stored in -.Fa pkey -and -.Dv RSA_PKCS1_PADDING . -.Sh RETURN VALUES -.Fn RSA_public_encrypt -and -.Fn EVP_PKEY_encrypt_old -return the size of the encrypted data (i.e.\& -.Fn RSA_size rsa ) . -.Fn RSA_private_decrypt -and -.Fn EVP_PKEY_decrypt_old -returns the size of the recovered plaintext. -On error, \-1 is returned; the error codes can be obtained by -.Xr ERR_get_error 3 . -.Pp -In addition to the return values documented above, -.Fn EVP_PKEY_encrypt_old -may return 0 if the -.Xr EVP_PKEY_id 3 -of -.Fa pkey -is not -.Dv EVP_PKEY_RSA . -.Sh SEE ALSO -.Xr EVP_PKEY_decrypt 3 , -.Xr EVP_PKEY_encrypt 3 , -.Xr RSA_meth_set_priv_dec 3 , -.Xr RSA_new 3 , -.Xr RSA_size 3 -.Sh STANDARDS -SSL, PKCS #1 v2.0 -.Sh HISTORY -.Fn RSA_public_encrypt -and -.Fn RSA_private_decrypt -appeared in SSLeay 0.4 or earlier and have been available since -.Ox 2.4 . -.Pp -.Fn EVP_PKEY_encrypt -and -.Fn EVP_PKEY_decrypt -first appeared in SSLeay 0.9.0 and have been available since -.Ox 2.4 . -There were renamed to -.Fn EVP_PKEY_encrypt_old -and -.Fn EVP_PKEY_decrypt_old -in OpenSSL 1.0.0 and -.Ox 4.9 . -.Pp -.Dv RSA_NO_PADDING -is available since SSLeay 0.9.0. -OAEP was added in OpenSSL 0.9.2b. -.Sh BUGS -Decryption failures in the -.Dv RSA_PKCS1_PADDING -mode leak information which can potentially be used to mount a -Bleichenbacher padding oracle attack. -This is an inherent weakness in the PKCS #1 v1.5 padding design. -Prefer -.Dv RSA_PKCS1_OAEP_PADDING . diff --git a/src/lib/libcrypto/man/RSA_security_bits.3 b/src/lib/libcrypto/man/RSA_security_bits.3 deleted file mode 100644 index f7024a7956..0000000000 --- a/src/lib/libcrypto/man/RSA_security_bits.3 +++ /dev/null @@ -1,137 +0,0 @@ -.\" $OpenBSD: RSA_security_bits.3,v 1.1 2022/07/13 17:32:16 schwarze Exp $ -.\" -.\" Copyright (c) 2022 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: July 13 2022 $ -.Dt RSA_SECURITY_BITS 3 -.Os -.Sh NAME -.Nm RSA_security_bits , -.Nm DSA_security_bits , -.Nm DH_security_bits , -.Nm BN_security_bits -.Nd get security strength -.Sh SYNOPSIS -.In openssl/rsa.h -.Ft int -.Fn RSA_security_bits "const RSA *rsa" -.In openssl/dsa.h -.Ft int -.Fn DSA_security_bits "const DSA *dsa" -.In openssl/dh.h -.Ft int -.Fn DH_security_bits "const DH *dh" -.In openssl/bn.h -.Ft int -.Fo BN_security_bits -.Fa "int pubbits" -.Fa "int privbits" -.Fc -.Sh DESCRIPTION -These functions return the security strength of some specific types of -cryptographic keys, measured in bits. -It is approximately the binary logarithm of the number of operations -an attacker has to perform in order to break the key. -.Pp -.Fn RSA_security_bits -uses only the number of significant bits in the public modulus of -.Fa rsa -as returned by -.Xr RSA_bits 3 . -It returns -.Bl -column 256 for 15360 last_column -offset indent -.It 256 Ta for Ta 15360 Ta or more significant bits -.It 192 Ta Ta 7680 Ta -.It 128 Ta Ta 3072 Ta -.It 112 Ta Ta 2048 Ta -.It 80 Ta Ta 1024 Ta -.El -.Pp -or 0 otherwise. -.Pp -.Fn DSA_security_bits -uses the number of significant bits in the public domain parameter -.Fa p -contained in the -.Fa dsa -object, which is equal to the size of the public key, in the same way as -.Fn RSA_security_bits . -In addition, the public domain parameter -.Fa q -contained in the -.Fa dsa -object, which is equal to the size of the private key, is inspected. -The return value is either the security strength according to the above table -or half the size of the private key, whichever is smaller. -If the return value would be smaller than 80, 0 is returned instead. -.Pp -.Fn DH_security_bits -uses the number of significant bits in the shared secret contained in the -.Fa dh -object as returned by -.Xr DH_bits 3 -in the same way as -.Fn RSA_security_bits . -If -.Fa dh -contains the domain parameter -.Fa q , -its number of significant bits is used in the same way as for -.Fn DSA_security_bits -to limit the return value. -Otherwise, if -.Fa dh -contains the length of the secret exponent in bits, -that number is used. -If neither is available, only the above table is used -without calculating a minimum. -.Pp -.Fn BN_security_bits -is a combined function. -If \-1 is passed for the -.Fa privbits -argument, it behaves like -.Fn RSA_security_bits . -Otherwise, it behaves like -.Fn DSA_security_bits . -.Sh RETURN VALUES -All these functions return numbers in the range from 0 to 256 inclusive. -.Pp -.Fn DSA_security_bits -fails and returns \-1 unless both of the -.Fa p -and -.Fa q -domain parameters are present. -.Sh SEE ALSO -.Xr BN_num_bits 3 , -.Xr DH_bits 3 , -.Xr DH_get0_pqg 3 , -.Xr DSA_get0_pqg 3 , -.Xr RSA_bits 3 , -.Xr SSL_CTX_set_security_level 3 -.Rs -.%A Elaine Barker -.%T Recommendation for Key Management -.%I U.S. National Institute of Standards and Technology -.%R NIST Special Publication 800-57 Part 1 Revision 5 -.%U https://doi.org/10.6028/NIST.SP.800-57pt1r5 -.%C Gaithersburg, MD -.%D May 2020 -.Re -.Sh HISTORY -These functions first appeared in OpenSSL 1.1.0 -and have been available since -.Ox 7.2 . diff --git a/src/lib/libcrypto/man/RSA_set_method.3 b/src/lib/libcrypto/man/RSA_set_method.3 deleted file mode 100644 index ffe22c116f..0000000000 --- a/src/lib/libcrypto/man/RSA_set_method.3 +++ /dev/null @@ -1,252 +0,0 @@ -.\" $OpenBSD: RSA_set_method.3,v 1.18 2023/11/19 10:34:26 tb Exp $ -.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file was written by Ulf Moeller -.\" and Geoff Thorpe . -.\" Copyright (c) 2000, 2002, 2007, 2014 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 19 2023 $ -.Dt RSA_SET_METHOD 3 -.Os -.Sh NAME -.Nm RSA_set_default_method , -.Nm RSA_get_default_method , -.Nm RSA_set_method , -.Nm RSA_get_method , -.Nm RSA_PKCS1_SSLeay , -.Nm RSA_flags , -.Nm RSA_new_method -.Nd select RSA method -.Sh SYNOPSIS -.In openssl/rsa.h -.Ft void -.Fo RSA_set_default_method -.Fa "const RSA_METHOD *meth" -.Fc -.Ft const RSA_METHOD * -.Fn RSA_get_default_method void -.Ft int -.Fo RSA_set_method -.Fa "RSA *rsa" -.Fa "const RSA_METHOD *meth" -.Fc -.Ft const RSA_METHOD * -.Fo RSA_get_method -.Fa "const RSA *rsa" -.Fc -.Ft const RSA_METHOD * -.Fn RSA_PKCS1_SSLeay void -.Ft int -.Fo RSA_flags -.Fa "const RSA *rsa" -.Fc -.Ft RSA * -.Fo RSA_new_method -.Fa "ENGINE *engine" -.Fc -.Sh DESCRIPTION -An -.Vt RSA_METHOD -object contains pointers to the functions used for RSA operations. -By default, the internal implementation returned by -.Fn RSA_PKCS1_SSLeay -is used. -By selecting another method, alternative implementations -such as hardware accelerators may be used. -.Pp -.Fn RSA_set_default_method -selects -.Fa meth -as the default method for all -.Vt RSA -structures created later. -.Pp -.Fn RSA_get_default_method -returns a pointer to the current default method. -.Pp -.Fn RSA_set_method -selects -.Fa meth -to perform all operations using the key -.Fa rsa . -This replaces the previous -.Vt RSA_METHOD -used by the RSA key, calling the -.Fa finish -function set up with -.Xr RSA_meth_set_finish 3 -if any. -If -.Fa meth -contains an -.Fa init -function set up with -.Xr RSA_meth_set_init 3 , -that function is called just before returning from -.Fn RSA_set_method . -.Pp -It is possible to have RSA keys that only work with certain -.Vt RSA_METHOD -implementations, -and in such cases attempting to change the -.Vt RSA_METHOD -for the key can have unexpected results. -.Pp -.Fn RSA_get_method -returns a pointer to the -.Vt RSA_METHOD -being used by -.Fa rsa . -.Pp -The misleadingly named function -.Fn RSA_flags -returns the flags that are set for the current -.Vt RSA_METHOD -of -.Fa rsa . -The flags used by -.Fa rsa -itself can instead be tested with -.Xr RSA_test_flags 3 . -See the -.Sx BUGS -section for more details. -.Pp -.Fn RSA_new_method -allocates and initializes an -.Vt RSA -structure. -The -.Fa engine -argument is ignored and -the default method controlled by -.Fn RSA_set_default_method -is used. -.Pp -The initial -.Fa flags -are copied from the -.Vt RSA_METHOD -object used and will not be affected by later changes to that object, -but may be modified by the optional -.Fa init -function which may have been set up with -.Xr RSA_meth_set_init 3 -and which is called just before returning from -.Fn RSA_new_method . -.Sh RETURN VALUES -.Fn RSA_PKCS1_SSLeay , -.Fn RSA_get_default_method , -and -.Fn RSA_get_method -return pointers to the respective -.Vt RSA_METHOD . -.Pp -.Fn RSA_set_method -returns 1 on success or 0 on failure. -Currently, it cannot fail. -.Pp -.Fn RSA_new_method -returns -.Dv NULL -and sets an error code that can be obtained by -.Xr ERR_get_error 3 -if the allocation fails. -Otherwise it returns a pointer to the newly allocated structure. -.Sh SEE ALSO -.Xr RSA_meth_new 3 , -.Xr RSA_new 3 -.Sh HISTORY -.Fn RSA_set_default_method , -.Fn RSA_PKCS1_SSLeay , -and -.Fn RSA_new_method -first appeared in SSLeay 0.8.0. -.Fn RSA_flags -first appeared in SSLeay 0.9.0. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn RSA_get_default_method , -.Fn RSA_set_method , -and -.Fn RSA_get_method -as well as the -.Fa rsa_sign -and -.Fa rsa_verify -components of -.Vt RSA_METHOD -first appeared in OpenSSL 0.9.4 and have been available since -.Ox 2.6 . -.Sh BUGS -The behaviour of -.Fn RSA_flags -is a misfeature that is left as-is for now to avoid creating -compatibility problems. -RSA functionality, such as the encryption functions, are controlled by -the -.Fa flags -value in the -.Vt RSA -key itself, not by the -.Fa flags -value in the -.Vt RSA_METHOD -attached to the RSA key (which is what this function returns). -If the flags element of an -.Vt RSA -key is changed, the changes will be honoured by RSA functionality -but will not be reflected in the return value of the -.Fn RSA_flags -function - in effect -.Fn RSA_flags -behaves more like an -.Fn RSA_default_flags -function, which does not -currently exist. diff --git a/src/lib/libcrypto/man/RSA_sign.3 b/src/lib/libcrypto/man/RSA_sign.3 deleted file mode 100644 index 65e9dc99b8..0000000000 --- a/src/lib/libcrypto/man/RSA_sign.3 +++ /dev/null @@ -1,147 +0,0 @@ -.\" $OpenBSD: RSA_sign.3,v 1.8 2019/06/10 14:58:48 schwarze Exp $ -.\" OpenSSL aa90ca11 Aug 20 15:48:56 2016 -0400 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000, 2005, 2014, 2015, 2016 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: June 10 2019 $ -.Dt RSA_SIGN 3 -.Os -.Sh NAME -.Nm RSA_sign , -.Nm RSA_verify -.Nd RSA signatures -.Sh SYNOPSIS -.In openssl/rsa.h -.Ft int -.Fo RSA_sign -.Fa "int type" -.Fa "const unsigned char *m" -.Fa "unsigned int m_len" -.Fa "unsigned char *sigret" -.Fa "unsigned int *siglen" -.Fa "RSA *rsa" -.Fc -.Ft int -.Fo RSA_verify -.Fa "int type" -.Fa "const unsigned char *m" -.Fa "unsigned int m_len" -.Fa "unsigned char *sigbuf" -.Fa "unsigned int siglen" -.Fa "RSA *rsa" -.Fc -.Sh DESCRIPTION -.Fn RSA_sign -signs the message digest -.Fa m -of size -.Fa m_len -using the private key -.Fa rsa -using RSASSA-PKCS1-v1_5 as specified in RFC 3447. -It stores the signature in -.Fa sigret -and the signature size in -.Fa siglen . -.Fa sigret -must point to -.Fn RSA_size rsa -bytes of memory. -Note that PKCS #1 adds meta-data, placing limits on the size of the key -that can be used. -See -.Xr RSA_private_encrypt 3 -for lower-level operations. -.Pp -.Fa type -denotes the message digest algorithm that was used to generate -.Fa m . -If -.Fa type -is -.Sy NID_md5_sha1 , -an SSL signature (MD5 and SHA1 message digests with PKCS #1 padding and -no algorithm identifier) is created. -.Pp -.Fn RSA_verify -verifies that the signature -.Fa sigbuf -of size -.Fa siglen -matches a given message digest -.Fa m -of size -.Fa m_len . -.Fa type -denotes the message digest algorithm that was used to generate the -signature. -.Fa rsa -is the signer's public key. -.Sh RETURN VALUES -.Fn RSA_sign -returns 1 on success. -.Fn RSA_verify -returns 1 on successful verification. -.Pp -The error codes can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr RSA_meth_set_sign 3 , -.Xr RSA_new 3 , -.Xr RSA_private_encrypt 3 , -.Xr RSA_public_decrypt 3 -.Sh STANDARDS -SSL, PKCS #1 v2.0 -.Sh HISTORY -.Fn RSA_sign -first appeared in SSLeay 0.4.4. -.Fn RSA_verify -first appeared in SSLeay 0.6.0. -Both functions have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/RSA_sign_ASN1_OCTET_STRING.3 b/src/lib/libcrypto/man/RSA_sign_ASN1_OCTET_STRING.3 deleted file mode 100644 index 34aef42c48..0000000000 --- a/src/lib/libcrypto/man/RSA_sign_ASN1_OCTET_STRING.3 +++ /dev/null @@ -1,131 +0,0 @@ -.\" $OpenBSD: RSA_sign_ASN1_OCTET_STRING.3,v 1.7 2019/06/10 14:58:48 schwarze Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: June 10 2019 $ -.Dt RSA_SIGN_ASN1_OCTET_STRING 3 -.Os -.Sh NAME -.Nm RSA_sign_ASN1_OCTET_STRING , -.Nm RSA_verify_ASN1_OCTET_STRING -.Nd RSA signatures -.Sh SYNOPSIS -.In openssl/rsa.h -.Ft int -.Fo RSA_sign_ASN1_OCTET_STRING -.Fa "int dummy" -.Fa "unsigned char *m" -.Fa "unsigned int m_len" -.Fa "unsigned char *sigret" -.Fa "unsigned int *siglen" -.Fa "RSA *rsa" -.Fc -.Ft int -.Fo RSA_verify_ASN1_OCTET_STRING -.Fa "int dummy" -.Fa "unsigned char *m" -.Fa "unsigned int m_len" -.Fa "unsigned char *sigbuf" -.Fa "unsigned int siglen" -.Fa "RSA *rsa" -.Fc -.Sh DESCRIPTION -.Fn RSA_sign_ASN1_OCTET_STRING -signs the octet string -.Fa m -of size -.Fa m_len -using the private key -.Fa rsa -represented in DER using PKCS #1 padding. -It stores the signature in -.Fa sigret -and the signature size in -.Fa siglen . -.Fa sigret -must point to -.Fn RSA_size rsa -bytes of memory. -.Pp -.Fa dummy -is ignored. -.Pp -.Fn RSA_verify_ASN1_OCTET_STRING -verifies that the signature -.Fa sigbuf -of size -.Fa siglen -is the DER representation of a given octet string -.Fa m -of size -.Fa m_len . -.Fa dummy -is ignored. -.Fa rsa -is the signer's public key. -.Sh RETURN VALUES -.Fn RSA_sign_ASN1_OCTET_STRING -returns 1 on success or 0 otherwise. -.Fn RSA_verify_ASN1_OCTET_STRING -returns 1 on successful verification or 0 otherwise. -.Pp -The error codes can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr RSA_new 3 , -.Xr RSA_sign 3 , -.Xr RSA_verify 3 -.Sh HISTORY -.Fn RSA_sign_ASN1_OCTET_STRING -and -.Fn RSA_verify_ASN1_OCTET_STRING -first appeared in SSLeay 0.8.0 and have been available since -.Ox 2.4 . -.Sh BUGS -These functions serve no recognizable purpose. diff --git a/src/lib/libcrypto/man/RSA_size.3 b/src/lib/libcrypto/man/RSA_size.3 deleted file mode 100644 index 8a552b4e67..0000000000 --- a/src/lib/libcrypto/man/RSA_size.3 +++ /dev/null @@ -1,97 +0,0 @@ -.\" $OpenBSD: RSA_size.3,v 1.10 2022/07/13 21:51:35 schwarze Exp $ -.\" full merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file was written by Ulf Moeller and -.\" Kurt Roeckx . -.\" Copyright (c) 2000, 2002, 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 13 2022 $ -.Dt RSA_SIZE 3 -.Os -.Sh NAME -.Nm RSA_size , -.Nm RSA_bits -.Nd get the RSA modulus size -.Sh SYNOPSIS -.In openssl/rsa.h -.Ft int -.Fo RSA_size -.Fa "const RSA *rsa" -.Fc -.Ft int -.Fo RSA_bits -.Fa "const RSA *rsa" -.Fc -.Sh DESCRIPTION -.Fn RSA_size -returns the RSA modulus size in bytes. -It can be used to determine how much memory must be allocated for -an RSA encrypted value. -.Pp -.Fn RSA_bits -returns the number of significant bits. -.Pp -.Fa rsa -and -.Fa rsa->n -must not be -.Dv NULL . -.Sh RETURN VALUES -The size. -.Sh SEE ALSO -.Xr BN_num_bits 3 , -.Xr RSA_get0_key 3 , -.Xr RSA_new 3 , -.Xr RSA_security_bits 3 -.Sh HISTORY -.Fn RSA_size -first appeared in SSLeay 0.4.4 and has been available since -.Ox 2.4 . -.Pp -.Fn RSA_bits -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 6.3 . diff --git a/src/lib/libcrypto/man/SHA1.3 b/src/lib/libcrypto/man/SHA1.3 deleted file mode 100644 index 4ccb08157c..0000000000 --- a/src/lib/libcrypto/man/SHA1.3 +++ /dev/null @@ -1,285 +0,0 @@ -.\" $OpenBSD: SHA1.3,v 1.9 2024/06/01 12:35:23 tb Exp $ -.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file was written by Ulf Moeller and -.\" Matt Caswell . -.\" Copyright (c) 2000, 2006, 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: June 1 2024 $ -.Dt SHA1 3 -.Os -.Sh NAME -.Nm SHA1 , -.Nm SHA1_Init , -.Nm SHA1_Update , -.Nm SHA1_Final , -.Nm SHA224 , -.Nm SHA224_Init , -.Nm SHA224_Update , -.Nm SHA224_Final , -.Nm SHA256 , -.Nm SHA256_Init , -.Nm SHA256_Update , -.Nm SHA256_Final , -.Nm SHA384 , -.Nm SHA384_Init , -.Nm SHA384_Update , -.Nm SHA384_Final , -.Nm SHA512 , -.Nm SHA512_Init , -.Nm SHA512_Update , -.Nm SHA512_Final -.Nd Secure Hash Algorithm -.Sh SYNOPSIS -.In openssl/sha.h -.Ft unsigned char * -.Fo SHA1 -.Fa "const unsigned char *d" -.Fa "size_t n" -.Fa "unsigned char *md" -.Fc -.Ft int -.Fo SHA1_Init -.Fa "SHA_CTX *c" -.Fc -.Ft int -.Fo SHA1_Update -.Fa "SHA_CTX *c" -.Fa "const void *data" -.Fa "size_t len" -.Fc -.Ft int -.Fo SHA1_Final -.Fa "unsigned char *md" -.Fa "SHA_CTX *c" -.Fc -.Ft unsigned char * -.Fo SHA224 -.Fa "const unsigned char *d" -.Fa "size_t n" -.Fa "unsigned char *md" -.Fc -.Ft int -.Fo SHA224_Init -.Fa "SHA256_CTX *c" -.Fc -.Ft int -.Fo SHA224_Update -.Fa "SHA256_CTX *c" -.Fa "const void *data" -.Fa "size_t len" -.Fc -.Ft int -.Fo SHA224_Final -.Fa "unsigned char *md" -.Fa "SHA256_CTX *c" -.Fc -.Ft unsigned char * -.Fo SHA256 -.Fa "const unsigned char *d" -.Fa "size_t n" -.Fa "unsigned char *md" -.Fc -.Ft int -.Fo SHA256_Init -.Fa "SHA256_CTX *c" -.Fc -.Ft int -.Fo SHA256_Update -.Fa "SHA256_CTX *c" -.Fa "const void *data" -.Fa "size_t len" -.Fc -.Ft int -.Fo SHA256_Final -.Fa "unsigned char *md" -.Fa "SHA256_CTX *c" -.Fc -.Ft unsigned char * -.Fo SHA384 -.Fa "const unsigned char *d" -.Fa "size_t n" -.Fa "unsigned char *md" -.Fc -.Ft int -.Fo SHA384_Init -.Fa "SHA512_CTX *c" -.Fc -.Ft int -.Fo SHA384_Update -.Fa "SHA512_CTX *c" -.Fa "const void *data" -.Fa "size_t len" -.Fc -.Ft int -.Fo SHA384_Final -.Fa "unsigned char *md" -.Fa "SHA512_CTX *c" -.Fc -.Ft unsigned char * -.Fo SHA512 -.Fa "const unsigned char *d" -.Fa "size_t n" -.Fa "unsigned char *md" -.Fc -.Ft int -.Fo SHA512_Init -.Fa "SHA512_CTX *c" -.Fc -.Ft int -.Fo SHA512_Update -.Fa "SHA512_CTX *c" -.Fa "const void *data" -.Fa "size_t len" -.Fc -.Ft int -.Fo SHA512_Final -.Fa "unsigned char *md" -.Fa "SHA512_CTX *c" -.Fc -.Sh DESCRIPTION -SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a -160-bit output. -.Pp -.Fn SHA1 -computes the SHA-1 message digest of the -.Fa n -bytes at -.Fa d -and places it in -.Fa md , -which must have space for -.Dv SHA_DIGEST_LENGTH -== 20 bytes of output. -.Pp -The following functions may be used if the message is not completely -stored in memory: -.Pp -.Fn SHA1_Init -initializes a -.Vt SHA_CTX -structure. -.Pp -.Fn SHA1_Update -can be called repeatedly with chunks of the message to be hashed -.Pq Fa len No bytes at Fa data . -.Pp -.Fn SHA1_Final -places the message digest in -.Fa md , -which must have space for -.Dv SHA_DIGEST_LENGTH -== 20 bytes of output, and erases the -.Vt SHA_CTX . -.Pp -The SHA224, SHA256, SHA384, and SHA512 families of functions operate -in the same way as the SHA1 functions. -Note that SHA224 and SHA256 use a -.Vt SHA256_CTX -object instead of -.Vt SHA_CTX , -and SHA384 and SHA512 use -.Vt SHA512_CTX . -The buffer -.Fa md -must have space for the output from the SHA variant being used: -.Dv SHA224_DIGEST_LENGTH , -.Dv SHA256_DIGEST_LENGTH , -.Dv SHA384_DIGEST_LENGTH , -or -.Dv SHA512_DIGEST_LENGTH -bytes. -.Pp -Applications should use the higher level functions -.Xr EVP_DigestInit 3 -etc. instead of calling the hash functions directly. -.Sh RETURN VALUES -.Fn SHA1 , -.Fn SHA224 , -.Fn SHA256 , -.Fn SHA384 , -and -.Fn SHA512 -return a pointer to the hash value. -The other functions return 1 for success or 0 otherwise. -.Sh SEE ALSO -.Xr EVP_DigestInit 3 , -.Xr HMAC 3 , -.Xr RIPEMD160 3 -.Sh STANDARDS -.Rs -.%T Secure Hash Standard (SHS) -.%R NIST FIPS Publication -.%N 180-4 -.%U https://doi.org/10.6028/NIST.FIPS.180-4 -.%D 2015 -.Re -.Sh HISTORY -.Fn SHA1 , -.Fn SHA1_Init , -.Fn SHA1_Update , -and -.Fn SHA1_Final -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . -.Pp -The other functions first appeared in OpenSSL 0.9.8 -and have been available since -.Ox 4.5 . -.Sh CAVEATS -Other implementations allow -.Fa md -in -.Fn SHA1 , -.Fn SHA224 , -.Fn SHA256 , -.Fn SHA384 , -and -.Fn SHA512 -to be -.Dv NULL -and return a static array, which is not thread safe. diff --git a/src/lib/libcrypto/man/SMIME_crlf_copy.3 b/src/lib/libcrypto/man/SMIME_crlf_copy.3 deleted file mode 100644 index 3b46138473..0000000000 --- a/src/lib/libcrypto/man/SMIME_crlf_copy.3 +++ /dev/null @@ -1,96 +0,0 @@ -.\" $OpenBSD: SMIME_crlf_copy.3,v 1.3 2023/05/01 07:28:11 tb Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: May 1 2023 $ -.Dt SMIME_CRLF_COPY 3 -.Os -.Sh NAME -.Nm SMIME_crlf_copy -.Nd buffered copy between BIOs -.Sh SYNOPSIS -.Ft int -.Fo SMIME_crlf_copy -.Fa "BIO *in_bio" -.Fa "BIO *out_bio" -.Fa "int flags" -.Fc -.Sh DESCRIPTION -.Fn SMIME_crlf_copy -copies data from -.Fa in_bio -to -.Fa out_bio . -To avoid many small write operations on -.Fa out_bio , -a buffering BIO created with -.Xr BIO_f_buffer 3 -is temporarily prepended to it. -.Pp -If the bit -.Dv SMIME_BINARY -is set in the -.Fa flags -argument, all the data is copied verbatim using -.Xr BIO_read 3 -and -.Xr BIO_write 3 . -.Pp -Otherwise, the data is read as text. -All trailing carriage return and newline characters are discarded -from every input line and a single pair of carriage return and -newline characters is appended to mark the end of every output line, -except that the last output line will end without such a pair if -the last input line does not have a newline character at the end. -.Pp -If the bit -.Dv SMIME_TEXT -is set in the -.Fa flags -argument and the bit -.Dv SMIME_BINARY -is not set, the line -.Qq Content-Type: text/plain -is prepended to the output -with two pairs of carriage return and newline characters after it. -.Pp -In any case, -.Xr BIO_flush 3 -is called on the output at the end of the function. -.Sh RETURN VALUES -.Fn SMIME_crlf_copy -is intended to return 1 on success or 0 on failure. -.Sh SEE ALSO -.Xr BIO_f_buffer 3 , -.Xr BIO_flush 3 , -.Xr BIO_new 3 , -.Xr BIO_push 3 , -.Xr BIO_read 3 , -.Xr SMIME_text 3 , -.Xr SMIME_write_ASN1 3 -.Sh HISTORY -.Fn SMIME_crlf_copy -first appeared in OpenSSL 1.0.0 and has been available since -.Ox 4.9 . -.Sh BUGS -.Fn SMIME_crlf_copy -silently ignores most errors and may return 1 -even if it lost part or all of the data in transit. -.Pp -Only blocking BIOs are supported. -If any of the -.Vt BIO -arguments is non-blocking, part or all of the data is likely -to be silently lost in transit. diff --git a/src/lib/libcrypto/man/SMIME_read_ASN1.3 b/src/lib/libcrypto/man/SMIME_read_ASN1.3 deleted file mode 100644 index 320064567c..0000000000 --- a/src/lib/libcrypto/man/SMIME_read_ASN1.3 +++ /dev/null @@ -1,124 +0,0 @@ -.\" $OpenBSD: SMIME_read_ASN1.3,v 1.2 2021/12/14 15:22:49 schwarze Exp $ -.\" full merge up to: -.\" OpenSSL SMIME_read_PKCS7.pod 83cf7abf May 29 13:07:08 2018 +0100 -.\" OpenSSL SMIME_read_CMS.pod b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2002, 2006, 2008 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 14 2021 $ -.Dt SMIME_READ_ASN1 3 -.Os -.Sh NAME -.Nm SMIME_read_ASN1 -.Nd generic S/MIME message parser -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft ASN1_VALUE * -.Fo SMIME_read_ASN1 -.Fa "BIO *in_bio" -.Fa "BIO **out_bio" -.Fa "const ASN1_ITEM *it" -.Fc -.Sh DESCRIPTION -.Fn SMIME_read_ASN1 -reads a message in S/MIME format from -.Fa in_bio . -.Pp -If the message uses cleartext signing, the content is saved in a memory -.Vt BIO -which is written to -.Pf * Fa out_bio . -Otherwise, -.Pf * Fa out_bio -is set to -.Dv NULL . -.Pp -To support future functionality, if -.Fa out_bio -is not -.Dv NULL , -.Pf * Fa out_bio -should be initialized to -.Dv NULL -before calling -.Fn SMIME_read_ASN1 . -.Sh RETURN VALUES -.Fn SMIME_read_ASN1 -returns a newly allocated object of type -.Fa it -or -.Dv NULL -if an error occurred. -The error can be obtained from -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr ASN1_item_d2i_bio 3 , -.Xr BIO_f_base64 3 , -.Xr BIO_new 3 , -.Xr SMIME_read_CMS 3 , -.Xr SMIME_read_PKCS7 3 , -.Xr SMIME_text 3 -.Sh HISTORY -.Fn SMIME_read_ASN1 -first appeared in OpenSSL 0.9.8h and has been available since -.Ox 4.5 . -.Sh BUGS -The MIME parser used by -.Fn SMIME_read_ASN1 -is somewhat primitive. -While it will handle most S/MIME messages, more complex compound -formats may not work. -.Pp -The parser assumes that the -structure is always base64 encoded, and it will not handle the case -where it is in binary format or uses quoted printable format. -.Pp -The use of a memory -to hold the signed content limits the size of the message which can -be processed due to memory restraints: a streaming single pass -option should be available. diff --git a/src/lib/libcrypto/man/SMIME_read_CMS.3 b/src/lib/libcrypto/man/SMIME_read_CMS.3 deleted file mode 100644 index e1b1d07499..0000000000 --- a/src/lib/libcrypto/man/SMIME_read_CMS.3 +++ /dev/null @@ -1,132 +0,0 @@ -.\" $OpenBSD: SMIME_read_CMS.3,v 1.7 2021/12/14 14:30:50 schwarze Exp $ -.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2008 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 14 2021 $ -.Dt SMIME_READ_CMS 3 -.Os -.Sh NAME -.Nm SMIME_read_CMS -.Nd extract CMS ContentInfo from an S/MIME message -.Sh SYNOPSIS -.In openssl/cms.h -.Ft CMS_ContentInfo * -.Fo SMIME_read_CMS -.Fa "BIO *in" -.Fa "BIO **bcont" -.Fc -.Sh DESCRIPTION -.Fn SMIME_read_CMS -parses a message in S/MIME format from -.Fa in . -.Pp -If the message uses cleartext signing, the content is saved in a memory BIO -which is written to -.Pf * Fa bcont -and which can then be passed to -.Xr CMS_verify 3 -with the -.Dv CMS_DETACHED -flag set. -Otherwise, -.Pf * Fa bcont -is set to -.Dv NULL -and the type of the returned structure can be determined using -.Xr CMS_get0_type 3 . -.Pp -To support future functionality if -.Fa bcont -is not -.Dv NULL , -.Pf * Fa bcont -should be initialized to -.Dv NULL , -for example: -.Bd -literal -offset indent -BIO *cont = NULL; -CMS_ContentInfo *cms = SMIME_read_CMS(in, &cont); -.Ed -.Sh RETURN VALUES -.Fn SMIME_read_CMS -returns a valid -.Vt CMS_ContentInfo -structure or -.Dv NULL -if an error occurred. -The error can be obtained from -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr CMS_ContentInfo_new 3 , -.Xr CMS_decrypt 3 , -.Xr CMS_get0_type 3 , -.Xr CMS_verify 3 , -.Xr d2i_CMS_ContentInfo 3 , -.Xr SMIME_read_ASN1 3 , -.Xr SMIME_write_CMS 3 -.Sh HISTORY -.Fn SMIME_read_CMS -first appeared in OpenSSL 0.9.8h -and has been available since -.Ox 6.7 . -.Sh BUGS -The MIME parser used by -.Fn SMIME_read_CMS -is somewhat primitive. -While it will handle most S/MIME messages, more complex compound formats -may not work. -.Pp -The parser assumes that the -.Vt CMS_ContentInfo -structure is always base64 encoded and will not handle the case -where it is in binary format or uses quoted printable format. -.Pp -The use of a memory BIO to hold the signed content limits the size of -the message which can be processed due to memory restraints: a streaming -single pass option should be available. diff --git a/src/lib/libcrypto/man/SMIME_read_PKCS7.3 b/src/lib/libcrypto/man/SMIME_read_PKCS7.3 deleted file mode 100644 index dbe2765b8b..0000000000 --- a/src/lib/libcrypto/man/SMIME_read_PKCS7.3 +++ /dev/null @@ -1,150 +0,0 @@ -.\" $OpenBSD: SMIME_read_PKCS7.3,v 1.8 2021/12/14 14:30:50 schwarze Exp $ -.\" full merge up to: OpenSSL 83cf7abf May 29 13:07:08 2018 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2002, 2006 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 14 2021 $ -.Dt SMIME_READ_PKCS7 3 -.Os -.Sh NAME -.Nm SMIME_read_PKCS7 -.Nd extract a PKCS#7 object from an S/MIME message -.Sh SYNOPSIS -.In openssl/pkcs7.h -.Ft PKCS7 * -.Fo SMIME_read_PKCS7 -.Fa "BIO *in" -.Fa "BIO **bcont" -.Fc -.Sh DESCRIPTION -.Fn SMIME_read_PKCS7 -parses a message in S/MIME format. -.Pp -.Fa in -is a -.Vt BIO -to read the message from. -.Pp -If cleartext signing is used, then the content is saved in a memory -.Vt BIO -which is written to -.Pf * Fa bcont , -otherwise -.Pf * Fa bcont -is set to -.Dv NULL . -.Pp -The parsed PKCS#7 structure is returned, or -.Dv NULL -if an error occurred. -.Pp -If -.Pf * Fa bcont -is not -.Dv NULL , -then the message is clear text signed. -.Pf * Fa bcont -can then be passed to -.Xr PKCS7_verify 3 -with the -.Dv PKCS7_DETACHED -flag set. -.Pp -Otherwise the type of the returned structure can be determined using the -.Fn PKCS7_type_is_* -macros defined in -.In openssl/pkcs7.h . -.Pp -To support future functionality, if -.Fa bcont -is not -.Dv NULL , -.Pf * Fa bcont -should be initialized to -.Dv NULL . -For example: -.Bd -literal -offset indent -BIO *cont = NULL; -PKCS7 *p7; - -p7 = SMIME_read_PKCS7(in, &cont); -.Ed -.Sh RETURN VALUES -.Fn SMIME_read_PKCS7 -returns a valid -.Vt PKCS7 -structure or -.Dv NULL -if an error occurred. -The error can be obtained from -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr PKCS7_new 3 , -.Xr SMIME_read_ASN1 3 , -.Xr SMIME_write_PKCS7 3 -.Sh HISTORY -.Fn SMIME_read_PKCS7 -first appeared in OpenSSL 0.9.5 and has been available since -.Ox 2.7 . -.Sh BUGS -The MIME parser used by -.Fn SMIME_read_PKCS7 -is somewhat primitive. -While it will handle most S/MIME messages, more complex compound -formats may not work. -.Pp -The parser assumes that the -.Vt PKCS7 -structure is always base64 encoded, and it will not handle the case -where it is in binary format or uses quoted printable format. -.Pp -The use of a memory -.Vt BIO -to hold the signed content limits the size of the message which can -be processed due to memory restraints: a streaming single pass -option should be available. diff --git a/src/lib/libcrypto/man/SMIME_text.3 b/src/lib/libcrypto/man/SMIME_text.3 deleted file mode 100644 index a4c9689925..0000000000 --- a/src/lib/libcrypto/man/SMIME_text.3 +++ /dev/null @@ -1,57 +0,0 @@ -.\" $OpenBSD: SMIME_text.3,v 1.1 2021/12/14 15:22:49 schwarze Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: December 14 2021 $ -.Dt SMIME_TEXT 3 -.Os -.Sh NAME -.Nm SMIME_text -.Nd remove text/plain MIME headers -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft int -.Fo SMIME_text -.Fa "BIO *in_bio" -.Fa "BIO *out_bio" -.Fc -.Sh DESCRIPTION -.Fn SMIME_text -reads MIME headers from -.Fa in_bio , -checks that the content type is -.Dq text/plain , -discards the MIME headers, -and copies the text that follows the headers from -.Fa in_bio -to -.Fa out_bio . -.Sh RETURN VALUES -.Fn SMIME_text -returns 1 on success or 0 if memory allocation, reading the input, -or parsing the MIME headers fails, if there is no -.Dq content-type -header, or if the content type is not -.Dq text/plain . -.Sh SEE ALSO -.Xr SMIME_crlf_copy 3 , -.Xr SMIME_read_ASN1 3 -.Sh HISTORY -.Fn SMIME_text -first appeared in OpenSSL 1.0.0 and has been available since -.Ox 4.9 . -.Sh CAVEATS -.Fn SMIME_text -does not support non-blocking BIOs. diff --git a/src/lib/libcrypto/man/SMIME_write_ASN1.3 b/src/lib/libcrypto/man/SMIME_write_ASN1.3 deleted file mode 100644 index a02fa58570..0000000000 --- a/src/lib/libcrypto/man/SMIME_write_ASN1.3 +++ /dev/null @@ -1,163 +0,0 @@ -.\" $OpenBSD: SMIME_write_ASN1.3,v 1.2 2023/05/01 07:28:11 tb Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: May 1 2023 $ -.Dt SMIME_WRITE_ASN1 3 -.Os -.Sh NAME -.Nm SMIME_write_ASN1 -.Nd generate an S/MIME message -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft int -.Fo SMIME_write_ASN1 -.Fa "BIO *out_bio" -.Fa "ASN1_VALUE *val_in" -.Fa "BIO *in_bio" -.Fa "int flags" -.Fa "int ctype_nid" -.Fa "int econt_nid" -.Fa "STACK_OF(X509_ALGOR) *micalg" -.Fa "const ASN1_ITEM *it" -.Fc -.Sh DESCRIPTION -.Fn SMIME_write_ASN1 -generates an S/MIME message on -.Fa out_bio -by writing MIME 1.0 headers -followed by a BER- and base64-encoded serialization of -.Fa val_in , -which can be of the type -.Vt CMS_ContentInfo -or -.Vt PKCS7 -and has to match the -.Fa it -argument. -.Pp -The -.Fa flags -can be the logical OR of zero or more of the following bits: -.Bl -tag -width Ds -.It Dv PKCS7_REUSE_DIGEST -Skip the calls to -.Xr PKCS7_dataInit 3 -and -.Xr PKCS7_dataFinal 3 . -This flag has no effect unless -.Dv SMIME_DETACHED -is also set. -It is normally used if -.Fa out_bio -is already set up to calculate and finalize the digest when written through. -.It Dv SMIME_BINARY -If specified, this flag is passed through to -.Xr SMIME_crlf_copy 3 . -.It Dv SMIME_CRLFEOL -End MIME header lines with pairs of carriage return and newline characters. -By default, no carriage return characters are written -and header lines are ended with newline characters only. -.It Dv SMIME_DETACHED -Use cleartext signing. -Generate a -.Qq multipart/signed -S/MIME message using the -.Fa micalg -argument and ignoring the -.Fa ctype_nid -and -.Fa econt_nid -arguments. -The content is read from -.Fa in_bio . -If -.Fa in_bio -is a -.Dv NULL -pointer, this flag is ignored. -.Pp -If this flag is ignored or not specified, -the smime-type is chosen according to -.Fa ctype_nid -instead: -.Bl -tag -width Ds -.It Dv NID_pkcs7_enveloped -.Qq enveloped-data -.It Dv NID_pkcs7_signed -.Qq signed-receipt -if -.Fa econt_nid -is -.Dv NID_id_smime_ct_receipt -.br -.Qq signed-data -if -.Fa micalg -is not empty -.br -.Qq certs-only -if -.Fa micalg -is empty -.It Dv NID_id_smime_ct_compressedData -.Qq compressed-data -.El -.It Dv SMIME_OLDMIME -In Content-Type headers, use -.Qq application/x-pkcs7-mime -or -.Qq application/x-pkcs7-signature . -By default, -.Qq application/pkcs7-mime -or -.Qq application/pkcs7-signature -are used instead. -.It Dv SMIME_STREAM -Perform streaming by reading the content from -.Fa in_bio . -This only works if -.Dv SMIME_DETACHED -is not specified. -.It SMIME_TEXT -Prepend the line -.Qq Content-Type: text/plain -to the content. -This only makes sense if -.Dv SMIME_DETACHED -is also set. -It is ignored if the flag -.Dv SMIME_BINARY -is also set. -.El -.Sh RETURN VALUES -.Fn SMIME_write_ASN1 -is intended to return 1 on success or 0 on failure. -.Sh SEE ALSO -.Xr ASN1_item_i2d_bio 3 , -.Xr BIO_f_base64 3 , -.Xr BIO_new 3 , -.Xr SMIME_crlf_copy 3 , -.Xr SMIME_write_CMS 3 , -.Xr SMIME_write_PKCS7 3 , -.Xr X509_ALGOR_new 3 -.Sh HISTORY -.Fn SMIME_write_ASN1 -first appeared in OpenSSL 1.0.0 and has been available since -.Ox 4.9 . -.Sh BUGS -.Fn SMIME_write_ASN1 -ignores most errors and is likely to return 1 -even after producing corrupt or incomplete output. diff --git a/src/lib/libcrypto/man/SMIME_write_CMS.3 b/src/lib/libcrypto/man/SMIME_write_CMS.3 deleted file mode 100644 index c2c6b77e53..0000000000 --- a/src/lib/libcrypto/man/SMIME_write_CMS.3 +++ /dev/null @@ -1,133 +0,0 @@ -.\" $OpenBSD: SMIME_write_CMS.3,v 1.6 2021/12/13 17:24:39 schwarze Exp $ -.\" full merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2008 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 13 2021 $ -.Dt SMIME_WRITE_CMS 3 -.Os -.Sh NAME -.Nm SMIME_write_CMS -.Nd convert CMS structure to S/MIME format -.Sh SYNOPSIS -.In openssl/cms.h -.Ft int -.Fo SMIME_write_CMS -.Fa "BIO *out" -.Fa "CMS_ContentInfo *cms" -.Fa "BIO *data" -.Fa "int flags" -.Fc -.Sh DESCRIPTION -.Fn SMIME_write_CMS -adds the appropriate MIME headers to the -.Fa cms -structure to produce an S/MIME message and writes it to -.Fa out . -If streaming is enabled, the content must be supplied in the -.Fa data -argument. -.Pp -The following -.Fa flags -can be passed: -.Bl -tag -width Ds -.It Dv CMS_DETACHED -Use cleartext signing. -This option only makes sense if -.Fa cms -is of the type -.Vt SignedData -and -.Dv CMS_DETACHED -was also set when it was created with -.Xr CMS_sign 3 . -.Pp -If -.Dv CMS_STREAM -is not set, the data must be read twice: -once to compute the signature in -.Xr CMS_sign 3 -and once to output the S/MIME message. -.It Dv CMS_TEXT -Add MIME headers for type text/plain to the content. -This only makes sense if -.Dv CMS_DETACHED -is also set. -.It Dv CMS_STREAM -Perform streaming. -This flag should only be set if -.Dv CMS_STREAM -was also passed to the function that created -.Fa cms . -.Pp -The content is output in BER format using indefinite length -constructed encoding except in the case of -.Vt SignedData -with detached content where the content is absent and DER format is -used. -.El -.Sh RETURN VALUES -.Fn SMIME_write_CMS -returns 1 for success or 0 for failure. -.Sh SEE ALSO -.Xr CMS_ContentInfo_new 3 , -.Xr CMS_encrypt 3 , -.Xr CMS_sign 3 , -.Xr d2i_CMS_ContentInfo 3 , -.Xr ERR_get_error 3 , -.Xr SMIME_write_ASN1 3 -.Sh HISTORY -.Fn SMIME_write_CMS -first appeared in OpenSSL 0.9.8h -and has been available since -.Ox 6.7 . -.Sh BUGS -.Fn SMIME_write_CMS -always base64 encodes CMS structures. -There should be an option to disable this. diff --git a/src/lib/libcrypto/man/SMIME_write_PKCS7.3 b/src/lib/libcrypto/man/SMIME_write_PKCS7.3 deleted file mode 100644 index c1a9f051d0..0000000000 --- a/src/lib/libcrypto/man/SMIME_write_PKCS7.3 +++ /dev/null @@ -1,184 +0,0 @@ -.\" $OpenBSD: SMIME_write_PKCS7.3,v 1.9 2021/12/14 15:46:48 schwarze Exp $ -.\" full merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2002, 2003, 2006, 2007, 2015 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 14 2021 $ -.Dt SMIME_WRITE_PKCS7 3 -.Os -.Sh NAME -.Nm SMIME_write_PKCS7 -.Nd convert PKCS#7 structure to S/MIME format -.Sh SYNOPSIS -.In openssl/pkcs7.h -.Ft int -.Fo SMIME_write_PKCS7 -.Fa "BIO *out" -.Fa "PKCS7 *p7" -.Fa "BIO *data" -.Fa "int flags" -.Fc -.Sh DESCRIPTION -.Fn SMIME_write_PKCS7 -adds the appropriate MIME headers to a PKCS#7 structure to produce an -S/MIME message. -.Pp -.Fa out -is the -.Vt BIO -to write the data to. -.Fa p7 -is the appropriate -.Vt PKCS7 -structure. -If streaming is enabled, then the content must be supplied in the -.Fa data -argument. -.Fa flags -is an optional set of flags. -.Pp -The following flags can be passed in the -.Fa flags -parameter. -.Pp -If -.Dv PKCS7_DETACHED -is set, then cleartext signing will be used. -This option only makes sense for signedData where -.Dv PKCS7_DETACHED -is also set when -.Xr PKCS7_sign 3 -is also called. -.Pp -If the -.Dv PKCS7_TEXT -flag is set, MIME headers for type -.Sy text/plain -are added to the content. -This only makes sense if -.Dv PKCS7_DETACHED -is also set. -.Pp -If the -.Dv PKCS7_STREAM -flag is set, streaming is performed. -This flag should only be set if -.Dv PKCS7_STREAM -was also set in the previous call to -.Xr PKCS7_sign 3 -or -.Xr PKCS7_encrypt 3 . -.Pp -The bit -.Dv SMIME_OLDMIME -is inverted before passing on the -.Fa flags -to -.Xr SMIME_write_ASN1 3 . -Consequently, if this bit is set in the -.Fa flags -argument, -.Qq application/pkcs7-mime -or -.Qq application/pkcs7-signature -is used in Content-Type headers. -Otherwise, -.Qq application/x-pkcs7-mime -or -.Qq application/x-pkcs7-signature -is used. -.Pp -If cleartext signing is being used and -.Dv PKCS7_STREAM -is not set, then the data must be read twice: once to compute the -signature in -.Xr PKCS7_sign 3 -and once to output the S/MIME message. -.Pp -If streaming is performed, the content is output in BER format using -indefinite length constructed encoding except in the case of signed -data with detached content where the content is absent and DER -format is used. -.Sh RETURN VALUES -Upon successful completion, 1 is returned; -otherwise 0 is returned and an error code can be retrieved with -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr i2d_PKCS7_bio_stream 3 , -.Xr PEM_write_bio_PKCS7_stream 3 , -.Xr PEM_write_PKCS7 3 , -.Xr PKCS7_final 3 , -.Xr PKCS7_new 3 , -.Xr SMIME_read_PKCS7 3 , -.Xr SMIME_write_ASN1 3 -.Sh HISTORY -.Fn SMIME_write_PKCS7 -first appeared in OpenSSL 0.9.5 and has been available since -.Ox 2.7 . -.Sh BUGS -.Fn SMIME_write_PKCS7 -always base64 encodes PKCS#7 structures. -There should be an option to disable this. diff --git a/src/lib/libcrypto/man/STACK_OF.3 b/src/lib/libcrypto/man/STACK_OF.3 deleted file mode 100644 index 4c627eed9b..0000000000 --- a/src/lib/libcrypto/man/STACK_OF.3 +++ /dev/null @@ -1,207 +0,0 @@ -.\" $OpenBSD: STACK_OF.3,v 1.5 2021/10/24 13:10:46 schwarze Exp $ -.\" -.\" Copyright (c) 2018 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: October 24 2021 $ -.Dt STACK_OF 3 -.Os -.Sh NAME -.Nm STACK_OF -.Nd variable-sized arrays of pointers, called OpenSSL stacks -.Sh SYNOPSIS -.In openssl/safestack.h -.Fn STACK_OF type -.Sh DESCRIPTION -The -.In openssl/safestack.h -header provides a fragile, unusually complicated system of -macro-generated wrappers around the functions described in the -.Xr OPENSSL_sk_new 3 -manual page. -It is intended to implement superficially type-safe variable-sized -arrays of pointers, somewhat misleadingly called -.Dq stacks -by OpenSSL. -Due to the excessive number of API functions, it is impossible to -properly document this system. -In particular, calling -.Xr man 1 -for any of the functions operating on stacks cannot yield any result. -.Pp -Unfortunately, application programs can hardly avoid using the concept -because several important OpenSSL APIs rely on it; see the -.Sx SEE ALSO -section for examples. -Even though both pages are more complicated than any manual page -ought to be, using the concept safely requires a complete understanding -of all the details in both this manual page and in -.Xr OPENSSL_sk_new 3 . -.Pp -The -.Fn STACK_OF -macro takes a -.Fa type -name as its argument, typically the name of a type -that has been defined as an alias for a specific -.Vt struct -type using a -.Sy typedef -declaration. -It expands to an incomplete -.Vt struct -type which is intended to represent a -.Dq stack -of objects of the given -.Fa type . -That type does not actually exist, so it is not possible to define, -for example, an automatic variable -.Ql STACK_OF(X509) my_certificates ; -it is only possible to define pointers to stacks, for example -.Ql STACK_OF(X509) *my_certificates . -The only way such pointers can ever be used is by wrapper functions -casting them to the type -.Vt _STACK * -described in -.Xr OPENSSL_sk_new 3 . -.Pp -For a considerable number of types, OpenSSL provides one wrapper -function for each function described in -.Xr OPENSSL_sk_new 3 . -The names of these wrapper functions are usually constructed by -inserting the name of the type and an underscore after the -.Sq sk_ -prefix of the function name. -Usually, where the real functions take -.Vt void * -arguments, the wrappers take pointers to the -.Fa type -in questions, and where the real functions take -.Vt _STACK * -arguments, the wrappers take pointers to -.Fn STACK_OF type . -The same applies to return values. -Various exceptions to all this exist, but the above applies to -all the types listed below. -.Pp -Using the above may make sense for the following types because -public API functions exist that take stacks of these types as -arguments or return them: -.Vt ASN1_INTEGER , -.Vt ASN1_OBJECT , -.Vt ASN1_UTF8STRING , -.Vt CMS_RecipientInfo , -.Vt CMS_SignerInfo , -.Vt CONF_VALUE , -.Vt GENERAL_NAMES , -.Vt GENERAL_SUBTREE , -.Vt OPENSSL_STRING Pq which is just Vt char * , -.Vt PKCS12_SAFEBAG , -.Vt PKCS7 , -.Vt PKCS7_RECIP_INFO , -.Vt PKCS7_SIGNER_INFO , -.Vt POLICYQUALINFO , -.Vt SRTP_PROTECTION_PROFILE , -.Vt SSL_CIPHER , -.Vt SSL_COMP , -.Vt X509 , -.Vt X509_ALGOR , -.Vt X509_ATTRIBUTE , -.Vt X509_CRL , -.Vt X509_EXTENSION , -.Vt X509_INFO , -.Vt X509_NAME , -.Vt X509_OBJECT , -.Vt X509_POLICY_NODE , -.Vt X509_REVOKED . -.Pp -Additionally, some public API functions use the following types -which are declared with -.Sy typedef : -.Bl -column STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS -.It Vt STACK_OF(ACCESS_DESCRIPTION) Ta Vt AUTHORITY_INFO_ACCESS -.It Vt STACK_OF(ASN1_OBJECT) Ta Vt EXTENDED_KEY_USAGE -.It Vt STACK_OF(ASN1_TYPE) Ta Vt ASN1_SEQUENCE_ANY -.It Vt STACK_OF(DIST_POINT) Ta Vt CRL_DIST_POINTS -.It Vt STACK_OF(GENERAL_NAME) Ta Vt GENERAL_NAMES -.It Vt STACK_OF(IPAddressFamily) Ta Vt IPAddrBlocks -.It Vt STACK_OF(POLICY_MAPPING) Ta Vt POLICY_MAPPINGS -.It Vt STACK_OF(POLICYINFO) Ta Vt CERTIFICATEPOLICIES -.It Vt STACK_OF(X509_ALGOR) Ta Vt X509_ALGORS -.It Vt STACK_OF(X509_EXTENSION) Ta Vt X509_EXTENSIONS -.El -.Pp -Even though the OpenSSL headers declare wrapper functions for many -more types and even though the OpenSSL documentation says that users -can declare their own stack types, using -.Fn STACK_OF -with any type not listed here is strongly discouraged. -For other types, there may be subtle, undocumented differences -in syntax and semantics, and attempting to declare custom stack -types is very error prone; using plain C arrays of pointers to -the desired type is much simpler and less dangerous. -.Sh EXAMPLES -The following program creates a certificate object, puts two -pointers to it on a stack, and uses -.Xr X509_free 3 -to clean up properly: -.Bd -literal -#include -#include -#include - -int -main(void) -{ - STACK_OF(X509) *stack; - X509 *x; - - if ((stack = sk_X509_new_null()) == NULL) - err(1, NULL); - if ((x = X509_new()) == NULL) - err(1, NULL); - if (sk_X509_push(stack, x) == 0) - err(1, NULL); - if (X509_up_ref(x) == 0) - errx(1, "X509_up_ref failed"); - if (sk_X509_push(stack, x) == 0) - err(1, NULL); - printf("%d pointers: %p, %p\en", sk_X509_num(stack), - sk_X509_value(stack, 0), sk_X509_value(stack, 1)); - sk_X509_pop_free(stack, X509_free); - - return 0; -} -.Ed -.Pp -The output looks similar to: -.Pp -.Dl 2 pointers: 0x4693ff24c00, 0x4693ff24c00 -.Sh SEE ALSO -.Xr crypto 3 , -.Xr OCSP_request_sign 3 , -.Xr OPENSSL_sk_new 3 , -.Xr PKCS12_parse 3 , -.Xr PKCS7_encrypt 3 , -.Xr SSL_CTX_set_client_CA_list 3 , -.Xr SSL_get_ciphers 3 , -.Xr SSL_get_peer_cert_chain 3 , -.Xr SSL_load_client_CA_file 3 , -.Xr X509_CRL_get_REVOKED 3 , -.Xr X509_STORE_CTX_get0_chain 3 -.Sh HISTORY -The -.Fn STACK_OF -macro first appeared in OpenSSL 0.9.3 and has been available since -.Ox 2.6 . diff --git a/src/lib/libcrypto/man/TS_REQ_new.3 b/src/lib/libcrypto/man/TS_REQ_new.3 deleted file mode 100644 index 8dbd15ea7e..0000000000 --- a/src/lib/libcrypto/man/TS_REQ_new.3 +++ /dev/null @@ -1,182 +0,0 @@ -.\" $OpenBSD: TS_REQ_new.3,v 1.6 2019/06/06 01:06:59 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: June 6 2019 $ -.Dt TS_REQ_NEW 3 -.Os -.Sh NAME -.Nm TS_REQ_new , -.Nm TS_REQ_free , -.Nm TS_RESP_new , -.Nm TS_RESP_free , -.Nm TS_STATUS_INFO_new , -.Nm TS_STATUS_INFO_free , -.Nm TS_TST_INFO_new , -.Nm TS_TST_INFO_free , -.Nm TS_ACCURACY_new , -.Nm TS_ACCURACY_free , -.Nm TS_MSG_IMPRINT_new , -.Nm TS_MSG_IMPRINT_free -.Nd X.509 time-stamp protocol -.Sh SYNOPSIS -.In openssl/ts.h -.Ft TS_REQ * -.Fn TS_REQ_new void -.Ft void -.Fn TS_REQ_free "TS_REQ *req" -.Ft TS_RESP * -.Fn TS_RESP_new void -.Ft void -.Fn TS_RESP_free "TS_RESP *resp" -.Ft TS_STATUS_INFO * -.Fn TS_STATUS_INFO_new void -.Ft void -.Fn TS_STATUS_INFO_free "TS_STATUS_INFO *status" -.Ft TS_TST_INFO * -.Fn TS_TST_INFO_new void -.Ft void -.Fn TS_TST_INFO_free "TS_TST_INFO *token" -.Ft TS_ACCURACY * -.Fn TS_ACCURACY_new void -.Ft void -.Fn TS_ACCURACY_free "TS_ACCURACY *accuracy" -.Ft TS_MSG_IMPRINT * -.Fn TS_MSG_IMPRINT_new void -.Ft void -.Fn TS_MSG_IMPRINT_free "TS_MSG_IMPRINT *imprint" -.Sh DESCRIPTION -A time-stamping authority is a trusted third party which allows its -clients to prove that specific data existed at a particular point -in time. -Clients send time-stamping requests to the time-stamping server, -which returns time-stamp tokens to the clients. -.Pp -.Fn TS_REQ_new -allocates and initializes an empty -.Vt TS_REQ -object, representing an ASN.1 -.Vt TimeStampReq -structure defined in RFC 3161 section 2.4.1. -It can hold a hash of the datum to be time-stamped and some -auxiliary, optional information. -.Fn TS_REQ_free -frees -.Fa req . -.Pp -.Fn TS_RESP_new -allocates and initializes an empty -.Vt TS_RESP -object, representing an ASN.1 -.Vt TimeStampResp -structure defined in RFC 3161 section 2.4.2. -It can hold status information and a time-stamp token. -.Fn TS_RESP_free -frees -.Fa resp . -.Pp -.Fn TS_STATUS_INFO_new -allocates and initializes an empty -.Vt TS_STATUS_INFO -object, representing an ASN.1 -.Vt PKIStatusInfo -structure defined in RFC 3161 section 2.4.2. -It is used inside -.Vt TS_RESP -and describes the outcome of one time-stamp request. -.Fn TS_STATUS_INFO_free -frees -.Fa status . -.Pp -.Fn TS_TST_INFO_new -allocates and initializes an empty -.Vt TS_TST_INFO -object, representing an ASN.1 -.Vt TSTInfo -structure defined in RFC 3161 section 2.4.2. -It is the time-stamp token included in a -.Vt TS_RESP -object in case of success, and it can hold the hash of the datum -copied from a request, the time of generation, and some auxiliary -information. -.Fn TS_TST_INFO_free -frees -.Fa token . -.Pp -.Fn TS_ACCURACY_new -allocates and initializes an empty -.Vt TS_ACCURACY -object, representing an ASN.1 -.Vt Accuracy -structure defined in RFC 3161 section 2.4.2. -It can be used inside a -.Vt TS_TST_INFO -object and indicates the maximum error of the time stated in the token. -.Fn TS_ACCURACY_free -frees -.Fa accuracy . -.Pp -.Fn TS_MSG_IMPRINT_new -allocates and initializes an empty -.Vt TS_MSG_IMPRINT -object, representing an ASN.1 -.Vt MessageImprint -structure defined in RFC 3161 section 2.4.1. -It is used inside -.Vt TS_REQ -and -.Vt TS_RESP -objects. -It specifies a hash algorithm and stores the hash value of the datum. -.Fn TS_MSG_IMPRINT_free -frees -.Fa imprint . -.Sh RETURN VALUES -.Fn TS_REQ_new , -.Fn TS_RESP_new , -.Fn TS_STATUS_INFO_new , -.Fn TS_TST_INFO_new , -.Fn TS_ACCURACY_new , -and -.Fn TS_MSG_IMPRINT_new -return the new -.Vt TS_REQ , -.Vt TS_RESP , -.Vt TS_STATUS_INFO , -.Vt TS_TST_INFO , -.Vt TS_ACCURACY , -or -.Vt TS_MSG_IMPRINT -object, respectively, or -.Dv NULL -if an error occurred. -.Sh SEE ALSO -.Xr ACCESS_DESCRIPTION_new 3 , -.Xr ESS_SIGNING_CERT_new 3 , -.Xr X509_EXTENSION_new 3 -.Sh STANDARDS -RFC 3161: Internet X.509 Public Key Infrastructure Time-Stamp Protocol -.Pp -Note that RFC 3161 has been updated -by RFC 5816: ESSCertIDv2 Update for RFC 3161. -That update allows using the Signing Certificate Attribute Definition -Version 2 according to RFC 5035, but the current implementation -only supports the Signing Certificate Attribute Definition Version -1 according to RFC 2634, and hence only supports RFC 3161, but not -RFC 5816 functionality. -.Sh HISTORY -These functions first appeared in OpenSSL 1.0.0 -and have been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/UI_create_method.3 b/src/lib/libcrypto/man/UI_create_method.3 deleted file mode 100644 index ffd6b98157..0000000000 --- a/src/lib/libcrypto/man/UI_create_method.3 +++ /dev/null @@ -1,284 +0,0 @@ -.\" $OpenBSD: UI_create_method.3,v 1.6 2023/05/22 19:38:04 tb Exp $ -.\" OpenSSL UI_create_method.pod 8e3d46e5 Mar 11 10:51:04 2017 +0100 -.\" -.\" This file was written by Richard Levitte . -.\" Copyright (c) 2017 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: May 22 2023 $ -.Dt UI_CREATE_METHOD 3 -.Os -.Sh NAME -.Nm UI_create_method , -.Nm UI_destroy_method , -.Nm UI_method_set_opener , -.Nm UI_method_set_writer , -.Nm UI_method_set_flusher , -.Nm UI_method_set_reader , -.Nm UI_method_set_closer , -.Nm UI_method_set_prompt_constructor , -.Nm UI_method_get_opener , -.Nm UI_method_get_writer , -.Nm UI_method_get_flusher , -.Nm UI_method_get_reader , -.Nm UI_method_get_closer , -.Nm UI_method_get_prompt_constructor -.Nd user interface method creation and destruction -.Sh SYNOPSIS -.In openssl/ui.h -.Ft UI_METHOD * -.Fo UI_create_method -.Fa "const char *name" -.Fc -.Ft void -.Fo UI_destroy_method -.Fa "UI_METHOD *ui_method" -.Fc -.Ft int -.Fo UI_method_set_opener -.Fa "UI_METHOD *method" -.Fa "int (*opener)(UI *ui)" -.Fc -.Ft int -.Fo UI_method_set_writer -.Fa "UI_METHOD *method" -.Fa "int (*writer)(UI *ui, UI_STRING *uis)" -.Fc -.Ft int -.Fo UI_method_set_flusher -.Fa "UI_METHOD *method" -.Fa "int (*flusher)(UI *ui)" -.Fc -.Ft int -.Fo UI_method_set_reader -.Fa "UI_METHOD *method" -.Fa "int (*reader)(UI *ui, UI_STRING *uis)" -.Fc -.Ft int -.Fo UI_method_set_closer -.Fa "UI_METHOD *method" -.Fa "int (*closer)(UI *ui)" -.Fc -.Ft int -.Fo UI_method_set_prompt_constructor -.Fa "UI_METHOD *method" -.Fa "char *(*prompt_constructor)(UI *ui, const char *object_desc,\ - const char *object_name)" -.Fc -.Ft int -.Fo "(*UI_method_get_opener(const UI_METHOD *method))" -.Fa "UI *" -.Fc -.Ft int -.Fo "(*UI_method_get_writer(const UI_METHOD *method))" -.Fa "UI *" -.Fa "UI_STRING *" -.Fc -.Ft int -.Fo "(*UI_method_get_flusher(const UI_METHOD *method))" -.Fa "UI *" -.Fc -.Ft int -.Fo "(*UI_method_get_reader(const UI_METHOD *method))" -.Fa "UI *" -.Fa "UI_STRING *" -.Fc -.Ft int -.Fo "(*UI_method_get_closer(const UI_METHOD *method))" -.Fa "UI *" -.Fc -.Ft char * -.Fo "(*UI_method_get_prompt_constructor(UI_METHOD *method))" -.Fa "UI *" -.Fa "const char *" -.Fa "const char *" -.Fc -.Sh DESCRIPTION -A method contains a few functions that implement the low level of the -User Interface. -These functions are: -.Bl -tag -width Ds -.It an opener -This function takes a reference to a UI and starts a session, for -example by opening a channel to a tty, or by creating a dialog box. -.It a writer -This function takes a reference to a UI and a UI String, and writes the -string where appropriate, maybe to the tty, maybe added as a field label -in a dialog box. -Note that this gets fed all strings associated with a UI, one after the -other, so care must be taken which ones it actually uses. -.It a flusher -This function takes a reference to a UI, and flushes everything that has -been output so far. -For example, if the method builds up a dialog box, this can be used to -actually display it and accepting input ended with a pressed button. -.It a reader -This function takes a reference to a UI and a UI string and reads off -the given prompt, maybe from the tty, maybe from a field in a dialog -box. -Note that this gets fed all strings associated with a UI, one after the -other, so care must be taken which ones it actually uses. -.It a closer -This function takes a reference to a UI, and closes the session, maybe -by closing the channel to the tty, maybe by destroying a dialog box. -.El -.Pp -All of these functions are expected to return 0 on error, 1 on success, -or -1 on out-off-band events, for example if some prompting has been -cancelled (by pressing Ctrl-C, for example). -Only the flusher or the reader are expected to return -1. -If returned by another of the functions, it's treated as if 0 was returned. -.Pp -Regarding the writer and the reader, don't assume the former should only -write and don't assume the latter should only read. -This depends on the needs of the method. -.Pp -For example, a typical tty reader wouldn't write the prompts in the -write, but would rather do so in the reader, because of the sequential -nature of prompting on a tty. -This is how the -.Xr UI_OpenSSL 3 -method does it. -.Pp -In contrast, a method that builds up a dialog box would add all prompt -text in the writer, have all input read in the flusher and store the -results in some temporary buffer, and finally have the reader just fetch -those results. -.Pp -The central function that uses these method functions is -.Xr UI_process 3 , -and it does it in five steps: -.Bl -enum -.It -Open the session using the opener function if that one is defined. -If an error occurs, jump to 5. -.It -For every UI String associated with the UI, call the writer function if -that one is defined. -If an error occurs, jump to 5. -.It -Flush everything using the flusher function if that one is defined. -If an error occurs, jump to 5. -.It -For every UI String associated with the UI, call the reader function if -that one is defined. -If an error occurs, jump to 5. -.It -Close the session using the closer function if that one is defined. -.El -.Pp -.Fn UI_create_method -creates a new UI method with a given -.Fa name . -.Pp -.Fn UI_destroy_method -destroys the given -.Fa ui_method . -.Pp -.Fn UI_method_set_opener , -.Fn UI_method_set_writer , -.Fn UI_method_set_flusher , -.Fn UI_method_set_reader -and -.Fn UI_method_set_closer -set one of the five main methods to the given function pointer. -.Pp -.Fn UI_method_set_prompt_constructor -sets the prompt constructor, see -.Xr UI_construct_prompt 3 . -.Sh RETURN VALUES -.Fn UI_create_method -returns a -.Vt UI_METHOD -pointer on success or -.Dv NULL -on error. -.Pp -.Fn UI_method_set_opener , -.Fn UI_method_set_writer , -.Fn UI_method_set_flusher , -.Fn UI_method_set_reader , -.Fn UI_method_set_closer , -and -.Fn UI_method_set_prompt_constructor -return 0 on success or -1 if the given method is -.Dv NULL . -.Pp -.Fn UI_method_get_opener , -.Fn UI_method_get_writer , -.Fn UI_method_get_flusher , -.Fn UI_method_get_reader , -.Fn UI_method_get_closer , -and -.Fn UI_method_get_prompt_constructor -return the requested function pointer if it is set in the method, -or otherwise -.Dv NULL . -.Sh SEE ALSO -.Xr UI_get_string_type 3 , -.Xr UI_new 3 -.Sh HISTORY -.Fn UI_create_method , -.Fn UI_destroy_method , -.Fn UI_method_set_opener , -.Fn UI_method_set_writer , -.Fn UI_method_set_flusher , -.Fn UI_method_set_reader , -.Fn UI_method_set_closer , -.Fn UI_method_get_opener , -.Fn UI_method_get_writer , -.Fn UI_method_get_flusher , -.Fn UI_method_get_reader , -and -.Fn UI_method_get_closer -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Pp -.Fn UI_method_set_prompt_constructor -and -.Fn UI_method_get_prompt_constructor -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/UI_get_string_type.3 b/src/lib/libcrypto/man/UI_get_string_type.3 deleted file mode 100644 index bc0449a90e..0000000000 --- a/src/lib/libcrypto/man/UI_get_string_type.3 +++ /dev/null @@ -1,281 +0,0 @@ -.\" $OpenBSD: UI_get_string_type.3,v 1.4 2018/03/22 21:08:22 schwarze Exp $ -.\" OpenSSL UI_STRING.pod e9c9971b Jul 1 18:28:50 2017 +0200 -.\" -.\" This file was written by Richard Levitte -.\" Copyright (c) 2017 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 22 2018 $ -.Dt UI_GET_STRING_TYPE 3 -.Os -.Sh NAME -.Nm UI_get_string_type , -.Nm UI_get_input_flags , -.Nm UI_get0_output_string , -.Nm UI_get0_action_string , -.Nm UI_get0_result_string , -.Nm UI_get0_test_string , -.Nm UI_get_result_minsize , -.Nm UI_get_result_maxsize , -.Nm UI_set_result -.Nd OpenSSL user interface string parsing -.Sh SYNOPSIS -.In openssl/ui.h -.Bd -literal -enum UI_string_types { - UIT_NONE = 0, - UIT_PROMPT, /* Prompt for a string */ - UIT_VERIFY, /* Prompt for a string and verify */ - UIT_BOOLEAN, /* Prompt for a yes/no response */ - UIT_INFO, /* Send info to the user */ - UIT_ERROR /* Send an error message to the user */ -}; -.Ed -.Pp -.Ft enum UI_string_types -.Fo UI_get_string_type -.Fa "UI_STRING *uis" -.Fc -.Ft int -.Fo UI_get_input_flags -.Fa "UI_STRING *uis" -.Fc -.Ft const char * -.Fo UI_get0_output_string -.Fa "UI_STRING *uis" -.Fc -.Ft const char * -.Fo UI_get0_action_string -.Fa "UI_STRING *uis" -.Fc -.Ft const char * -.Fo UI_get0_result_string -.Fa "UI_STRING *uis" -.Fc -.Ft const char * -.Fo UI_get0_test_string -.Fa "UI_STRING *uis" -.Fc -.Ft int -.Fo UI_get_result_minsize -.Fa "UI_STRING *uis" -.Fc -.Ft int -.Fo UI_get_result_maxsize -.Fa "UI_STRING *uis" -.Fc -.Ft int -.Fo UI_set_result -.Fa "UI *ui" -.Fa "UI_STRING *uis" -.Fa "const char *result" -.Fc -.Sh DESCRIPTION -A -.Vt UI_STRING -gets created internally and added to a -.Vt UI -object whenever one of the functions -.Xr UI_add_input_string 3 , -.Xr UI_dup_input_string 3 , -.Xr UI_add_verify_string 3 , -.Xr UI_dup_verify_string 3 , -.Xr UI_add_input_boolean 3 , -.Xr UI_dup_input_boolean 3 , -.Xr UI_add_info_string 3 , -.Xr UI_dup_info_string 3 , -.Xr UI_add_error_string 3 -or -.Xr UI_dup_error_string 3 -is called. -For a -.Vt UI_METHOD -user, there's no need to know more. -For a -.Vt UI_METHOD -creator, it is of interest to fetch text from these -.Vt UI_STRING -objects as well as adding results to some of them. -.Pp -.Fn UI_get_string_type -is used to retrieve the type of the given -.Vt UI_STRING . -.Pp -.Fn UI_get_input_flags -is used to retrieve the flags associated with the given -.Vt UI_STRING . -.Pp -.Fn UI_get0_output_string -is used to retrieve the actual string to output (prompt, info, error, ...). -.Pp -.Fn UI_get0_action_string -is used to retrieve the action description associated with a -.Dv UIT_BOOLEAN -type -.Vt UI_STRING . -See -.Xr UI_add_input_boolean 3 . -.Pp -.Fn UI_get0_result_string -is used to retrieve the result of a prompt. -This is only useful for -.Dv UIT_PROMPT -and -.Dv UIT_VERIFY -type strings. -.Pp -.Fn UI_get0_test_string -is used to retrieve the string to compare the prompt result with. -This is only useful for -.Dv UIT_VERIFY -type strings. -.Pp -.Fn UI_get_result_minsize -and -.Fn UI_get_result_maxsize -are used to retrieve the minimum and maximum required size of the -result. -This is only useful for -.Dv UIT_PROMPT -and -.Dv UIT_VERIFY -type strings. -.Pp -.Fn UI_set_result -is used to set the result value of a prompt. -For -.Sy UIT_PROMPT -and -.Sy UIT_VERIFY -type UI strings, this sets the result retrievable with -.Fn UI_get0_result_string -by copying the contents of -.Fa result -if its length fits the minimum and maximum size requirements. -For -.Dv UIT_BOOLEAN -type UI strings, this sets the first character of the result retrievable -with -.Fn UI_get0_result_string -to the first of the -.Fa ok_chars -given with -.Xr UI_add_input_boolean 3 -or -.Xr UI_dup_input_boolean 3 -if the -.Fa result -matched any of them, or the first of the -.Fa cancel_chars -if the -.Fa result -matched any of them, otherwise it's set to the NUL char. -See -.Xr UI_add_input_boolean 3 -for more information on -.Fa ok_chars -and -.Fa cancel_chars . -.Sh RETURN VALUES -.Fn UI_get_string_type -returns the UI string type. -.Pp -.Fn UI_get_input_flags -returns the UI string flags. -.Pp -.Fn UI_get0_output_string -returns the UI string output string. -.Pp -.Fn UI_get0_action_string -returns the UI string action description string for -.Dv UIT_BOOLEAN -type UI strings, or -.Dv NULL -for any other type. -.Pp -.Fn UI_get0_result_string -returns the UI string result buffer for -.Dv UIT_PROMPT -and -.Dv UIT_VERIFY -type UI strings, or -.Dv NULL -for any other type. -.Pp -.Fn UI_get0_test_string -returns the UI string action description string for -.Dv UIT_VERIFY -type UI strings, or -.Dv NULL -for any other type. -.Pp -.Fn UI_get_result_minsize -returns the minimum allowed result size for the UI string for -.Dv UIT_PROMPT -and -.Dv UIT_VERIFY -type strings, or -1 for any other type. -.Pp -.Fn UI_get_result_maxsize -returns the minimum allowed result size for the UI string for -.Dv UIT_PROMPT -and -.Dv UIT_VERIFY -type strings, or -1 for any other type. -.Pp -.Fn UI_set_result -returns 0 on success or when the UI string is of any type other than -.Dv UIT_PROMPT , -.Dv UIT_VERIFY , -or -.Dv UIT_BOOLEAN , -or -1 on error. -.Sh SEE ALSO -.Xr UI_new 3 -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.7 -and have been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/UI_new.3 b/src/lib/libcrypto/man/UI_new.3 deleted file mode 100644 index e55477f31e..0000000000 --- a/src/lib/libcrypto/man/UI_new.3 +++ /dev/null @@ -1,529 +0,0 @@ -.\" $OpenBSD: UI_new.3,v 1.13 2025/03/09 15:25:14 tb Exp $ -.\" full merge up to: OpenSSL 78b19e90 Jan 11 00:12:01 2017 +0100 -.\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800 -.\" -.\" This file was written by Richard Levitte . -.\" Copyright (c) 2001, 2016, 2017 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 9 2025 $ -.Dt UI_NEW 3 -.Os -.Sh NAME -.Nm UI_new , -.Nm UI_new_method , -.Nm UI_free , -.Nm UI_add_input_string , -.Nm UI_dup_input_string , -.Nm UI_add_verify_string , -.Nm UI_dup_verify_string , -.Nm UI_add_input_boolean , -.Nm UI_dup_input_boolean , -.Nm UI_add_info_string , -.Nm UI_dup_info_string , -.Nm UI_add_error_string , -.Nm UI_dup_error_string , -.Nm UI_construct_prompt , -.Nm UI_add_user_data , -.Nm UI_get0_user_data , -.Nm UI_get0_result , -.Nm UI_process , -.Nm UI_ctrl , -.Nm UI_set_default_method , -.Nm UI_get_default_method , -.Nm UI_get_method , -.Nm UI_set_method , -.Nm UI_OpenSSL , -.Nm UI_null -.Nd New User Interface -.Sh SYNOPSIS -.In openssl/ui.h -.Ft UI * -.Fn UI_new void -.Ft UI * -.Fo UI_new_method -.Fa "const UI_METHOD *method" -.Fc -.Ft void -.Fo UI_free -.Fa "UI *ui" -.Fc -.Ft int -.Fo UI_add_input_string -.Fa "UI *ui" -.Fa "const char *prompt" -.Fa "int flags" -.Fa "char *result_buf" -.Fa "int minsize" -.Fa "int maxsize" -.Fc -.Ft int -.Fo UI_dup_input_string -.Fa "UI *ui" -.Fa "const char *prompt" -.Fa "int flags" -.Fa "char *result_buf" -.Fa "int minsize" -.Fa "int maxsize" -.Fc -.Ft int -.Fo UI_add_verify_string -.Fa "UI *ui" -.Fa "const char *prompt" -.Fa "int flags" -.Fa "char *result_buf" -.Fa "int minsize" -.Fa "int maxsize" -.Fa "const char *test_buf" -.Fc -.Ft int -.Fo UI_dup_verify_string -.Fa "UI *ui" -.Fa "const char *prompt" -.Fa "int flags" -.Fa "char *result_buf" -.Fa "int minsize" -.Fa "int maxsize" -.Fa "const char *test_buf" -.Fc -.Ft int -.Fo UI_add_input_boolean -.Fa "UI *ui" -.Fa "const char *prompt" -.Fa "const char *action_desc" -.Fa "const char *ok_chars" -.Fa "const char *cancel_chars" -.Fa "int flags" -.Fa "char *result_buf" -.Fc -.Ft int -.Fo UI_dup_input_boolean -.Fa "UI *ui" -.Fa "const char *prompt" -.Fa "const char *action_desc" -.Fa "const char *ok_chars" -.Fa "const char *cancel_chars" -.Fa "int flags" -.Fa "char *result_buf" -.Fc -.Ft int -.Fo UI_add_info_string -.Fa "UI *ui" -.Fa "const char *text" -.Fc -.Ft int -.Fo UI_dup_info_string -.Fa "UI *ui" -.Fa "const char *text" -.Fc -.Ft int -.Fo UI_add_error_string -.Fa "UI *ui" -.Fa "const char *text" -.Fc -.Ft int -.Fo UI_dup_error_string -.Fa "UI *ui" -.Fa "const char *text" -.Fc -.Fd /* These are the possible flags. They can be OR'ed together. */ -.Fd #define UI_INPUT_FLAG_ECHO 0x01 -.Fd #define UI_INPUT_FLAG_DEFAULT_PWD 0x02 -.Ft char * -.Fo UI_construct_prompt -.Fa "UI *ui_method" -.Fa "const char *object_desc" -.Fa "const char *object_name" -.Fc -.Ft void * -.Fo UI_add_user_data -.Fa "UI *ui" -.Fa "void *user_data" -.Fc -.Ft void * -.Fo UI_get0_user_data -.Fa "UI *ui" -.Fc -.Ft const char * -.Fo UI_get0_result -.Fa "UI *ui" -.Fa "int i" -.Fc -.Ft int -.Fo UI_process -.Fa "UI *ui" -.Fc -.Ft int -.Fo UI_ctrl -.Fa "UI *ui" -.Fa "int cmd" -.Fa "long i" -.Fa "void *p" -.Fa "void (*f)()" -.Fc -.Fd #define UI_CTRL_PRINT_ERRORS 1 -.Fd #define UI_CTRL_IS_REDOABLE 2 -.Ft void -.Fo UI_set_default_method -.Fa "const UI_METHOD *meth" -.Fc -.Ft const UI_METHOD * -.Fo UI_get_default_method -.Fa void -.Fc -.Ft const UI_METHOD * -.Fo UI_get_method -.Fa "UI *ui" -.Fc -.Ft const UI_METHOD * -.Fo UI_set_method -.Fa "UI *ui" -.Fa "const UI_METHOD *meth" -.Fc -.Ft const UI_METHOD * -.Fo UI_OpenSSL -.Fa void -.Fc -.Ft const UI_METHOD * -.Fo UI_null -.Fa void -.Fc -.Sh DESCRIPTION -UI stands for User Interface, and is a general purpose set of routines -to prompt the user for text-based information. -Through user-written methods (see -.Xr UI_create_method 3 ) , -prompting can be done in any way imaginable, be it plain text prompting, -through dialog boxes or from a cell phone. -.Pp -All the functions work through a context of the type -.Vt UI . -This context contains all the information needed to prompt correctly -as well as a reference to a -.Vt UI_METHOD , -which is an ordered vector of functions that carry out the actual -prompting. -.Pp -The first thing to do is to create a -.Vt UI -with -.Fn UI_new -or -.Fn UI_new_method , -then add information to it with the -.Fn UI_add_* -or -.Fn UI_dup_* -functions. -Also, user-defined random data can be passed down to the underlying -method through calls to -.Fn UI_add_user_data . -The default UI method doesn't care about these data, but other methods -might. -Finally, use -.Fn UI_process -to actually perform the prompting and -.Fn UI_get0_result -to find the result to the prompt. -.Pp -A -.Vt UI -can contain more than one prompt, which are performed in the given -sequence. -Each prompt gets an index number which is returned by the -.Fn UI_add_* -and -.Fn UI_dup_* -functions, and has to be used to get the corresponding result with -.Fn UI_get0_result . -.Pp -The functions are as follows: -.Pp -.Fn UI_new -creates a new -.Vt UI -using the default UI method. -When done with this UI, it should be freed using -.Fn UI_free . -.Pp -.Fn UI_new_method -creates a new -.Vt UI -using the given UI method. -When done with this UI, it should be freed using -.Fn UI_free . -.Pp -.Fn UI_OpenSSL -returns the built-in UI method (note: not necessarily the default one, -since the default can be changed. -See further on). -This method is the most machine/OS dependent part of OpenSSL and -normally generates the most problems when porting. -.Pp -.Fn UI_null -returns a UI method that does nothing. -Its use is to avoid getting internal defaults for passed -.Vt UI_METHOD -pointers. -.Pp -.Fn UI_free -removes -.Fa ui -from memory, along with all other pieces of memory that are connected -to it, like duplicated input strings, results and others. -If -.Fa ui -is a -.Dv NULL -pointer, no action occurs. -.Pp -.Fn UI_add_input_string -and -.Fn UI_add_verify_string -add a prompt to -.Fa ui , -as well as flags and a result buffer and the desired minimum and -maximum sizes of the result, not counting the final NUL character. -The given information is used to prompt for information, for example -a password, and to verify a password (i.e. having the user enter -it twice and check that the same string was entered twice). -.Fn UI_add_verify_string -takes an extra argument that should be a pointer to the result buffer -of the input string that it's supposed to verify, or verification will -fail. -.Pp -.Fn UI_add_input_boolean -adds a prompt to -.Fa ui -that's supposed to be answered in a boolean way, with a single -character for yes and a different character for no. -A set of characters that can be used to cancel the prompt is given as -well. -The prompt itself is really divided in two, one part being the -descriptive text (given through the -.Fa prompt -argument) and one describing the possible answers (given through the -.Fa action_desc -argument). -.Pp -.Fn UI_add_info_string -and -.Fn UI_add_error_string -add strings that are shown at the same time as the prompt for extra -information or to show an error string. -The difference between the two is only conceptual. -With the builtin method, there's no technical difference between them. -Other methods may make a difference between them, however. -.Pp -The flags currently supported are -.Dv UI_INPUT_FLAG_ECHO , -which is relevant for -.Fn UI_add_input_string -and will have the users response be echoed (when prompting for a -password, this flag should obviously not be used), and -.Dv UI_INPUT_FLAG_DEFAULT_PWD , -which means that a default password of some sort will be used -(completely depending on the application and the UI method). -.Pp -.Fn UI_dup_input_string , -.Fn UI_dup_verify_string , -.Fn UI_dup_input_boolean , -.Fn UI_dup_info_string , -and -.Fn UI_dup_error_string -are basically the same as their -.Fn UI_add_* -counterparts, except that they make their own copies of all strings. -.Pp -.Fn UI_construct_prompt -is a helper function that can be used to create a prompt from two pieces -of information: a description and a name. -The default constructor (if there is none provided by the method used) -creates a string "Enter -.Em description -for -.Em name Ns :". -With the description "pass phrase" and the file name "foo.key", that -becomes "Enter pass phrase for foo.key:". Other methods may create -whatever string and may include encodings that will be processed by the -other method functions. -.Pp -.Fn UI_add_user_data -adds a user data pointer for the method to use at any time. -The builtin UI method doesn't care about this info. -Note that several calls to this function doesn't add data - -the previous blob is replaced with the one given as argument. -.Pp -.Fn UI_get0_user_data -retrieves the data that has last been given to the -.Fa ui -with -.Fn UI_add_user_data . -.Pp -.Fn UI_get0_result -returns a pointer to the result buffer associated with the information -indexed by -.Fa i . -.Pp -.Fn UI_process -goes through the information given so far, does all the printing and -prompting and returns the final status, which is -2 on out-of-band -events (Interrupt, Cancel, ...), -1 on error, or 0 on success. -.Pp -.Fn UI_ctrl -adds extra control for the application author. -For now, it understands two commands: -.Dv UI_CTRL_PRINT_ERRORS , -which makes -.Fn UI_process -print the OpenSSL error stack as part of processing the -.Fa ui , -and -.Dv UI_CTRL_IS_REDOABLE , -which returns a flag saying if the used -.Fa ui -can be used again or not. -.Pp -.Fn UI_set_default_method -changes the default UI method to the one given. -This function is not thread-safe and should not be called at the -same time as other OpenSSL functions. -.Pp -.Fn UI_get_default_method -returns a pointer to the current default UI method. -.Pp -.Fn UI_get_method -returns the UI method associated with a given -.Fa ui . -.Pp -.Fn UI_set_method -changes the UI method associated with a given -.Fa ui . -.Sh RETURN VALUES -.Fn UI_new -and -.Fn UI_new_method -return a valid -.Vt UI -structure or -.Dv NULL -if an error occurred. -.Pp -.Fn UI_add_input_string , -.Fn UI_dup_input_string , -.Fn UI_add_verify_string , -.Fn UI_dup_verify_string , -.Fn UI_add_input_boolean , -.Fn UI_dup_input_boolean , -.Fn UI_add_info_string , -.Fn UI_dup_info_string , -.Fn UI_add_error_string , -and -.Fn UI_dup_error_string -return a positive number on success or a number -less than or equal to zero otherwise. -.Pp -.Fn UI_construct_prompt -and -.Fn UI_get0_result -return a string or -.Dv NULL -if an error occurred. -.Pp -.Fn UI_add_user_data -and -.Fn UI_get0_user_data -return a pointer to the user data that was contained in -.Fa ui -before the call. -In particular, -.Dv NULL -is a valid return value. -.Pp -.Fn UI_process -returns 0 on success or a negative value on error. -.Pp -.Fn UI_ctrl -returns a mask on success or \-1 on error. -.Pp -.Fn UI_get_default_method , -.Fn UI_OpenSSL -and -.Fn UI_null -always return a pointer to a valid -.Vt UI_METHOD -structure. -.Pp -.Fn UI_get_method -and -.Fn UI_set_method -return a pointer to the -.Vt UI_METHOD -structure that is installed in -.Fa ui -after the call. -The OpenSSL documentation says that they can fail and return -.Dv NULL , -but currently, this can only happen when and after -.Fn UI_set_method -is called with an explicit -.Dv NULL -argument. -.Sh SEE ALSO -.Xr crypto 3 , -.Xr UI_create_method 3 , -.Xr UI_get_string_type 3 -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.7 -and have been available since -.Ox 3.2 . -.Pp -.Fn UI_null -first appeared in OpenSSL 1.1.1 and has been available since -.Ox 7.3 . -.Sh AUTHORS -.An Richard Levitte Aq Mt richard@levitte.org -for the OpenSSL project. diff --git a/src/lib/libcrypto/man/X25519.3 b/src/lib/libcrypto/man/X25519.3 deleted file mode 100644 index a327f8c7b2..0000000000 --- a/src/lib/libcrypto/man/X25519.3 +++ /dev/null @@ -1,211 +0,0 @@ -.\" $OpenBSD: X25519.3,v 1.7 2022/12/15 17:20:48 schwarze Exp $ -.\" contains some text from: BoringSSL curve25519.h, curve25519.c -.\" content also checked up to: OpenSSL f929439f Mar 15 12:19:16 2018 +0000 -.\" -.\" Copyright (c) 2015 Google Inc. -.\" Copyright (c) 2018, 2022 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and/or distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" According to the BoringSSL git history, those parts of the text in -.\" the present manual page that are Copyrighted by Google were probably -.\" written by Adam Langley in 2015. -.\" I fail to see any such text in the public domain files written -.\" by Daniel J. Bernstein and others that are included in SUPERCOP -.\" and that Adam Langley's BoringSSL implementation is based on. -.\" -.Dd $Mdocdate: December 15 2022 $ -.Dt X25519 3 -.Os -.Sh NAME -.Nm X25519 , -.Nm X25519_keypair , -.Nm ED25519_keypair , -.Nm ED25519_sign , -.Nm ED25519_verify -.Nd Elliptic Curve Diffie-Hellman and signature primitives based on Curve25519 -.Sh SYNOPSIS -.In openssl/curve25519.h -.Ft int -.Fo X25519 -.Fa "uint8_t out_shared_key[X25519_KEY_LENGTH]" -.Fa "const uint8_t private_key[X25519_KEY_LENGTH]" -.Fa "const uint8_t peer_public_value[X25519_KEY_LENGTH]" -.Fc -.Ft void -.Fo X25519_keypair -.Fa "uint8_t out_public_value[X25519_KEY_LENGTH]" -.Fa "uint8_t out_private_key[X25519_KEY_LENGTH]" -.Fc -.Ft void -.Fo ED25519_keypair -.Fa "uint8_t out_public_key[ED25519_PUBLIC_KEY_LENGTH]" -.Fa "uint8_t out_private_key[ED25519_PRIVATE_KEY_LENGTH]" -.Fc -.Ft int -.Fo ED25519_sign -.Fa "uint8_t *out_sig" -.Fa "const uint8_t *message" -.Fa "size_t message_len" -.Fa "const uint8_t public_key[ED25519_PUBLIC_KEY_LENGTH]" -.Fa "const uint8_t private_key_seed[ED25519_PRIVATE_KEY_LENGTH]" -.Fc -.Ft int -.Fo ED25519_verify -.Fa "const uint8_t *message" -.Fa "size_t message_len" -.Fa "const uint8_t signature[ED25519_SIGNATURE_LENGTH]" -.Fa "const uint8_t public_key[ED25519_PUBLIC_KEY_LENGTH]" -.Fc -.Sh DESCRIPTION -Curve25519 is an elliptic curve over a prime field -specified in RFC 7748 section 4.1. -The prime field is defined by the prime number 2^255 - 19. -.Pp -X25519 -is the Diffie-Hellman primitive built from Curve25519 as described -in RFC 7748 section 5. -Section 6.1 describes the intended use in an Elliptic Curve Diffie-Hellman -(ECDH) protocol. -.Pp -.Fn X25519 -writes a shared key to -.Fa out_shared_key -that is calculated from the given -.Fa private_key -and the -.Fa peer_public_value -by scalar multiplication. -Do not use the shared key directly, rather use a key derivation -function and also include the two public values as inputs. -.Pp -.Fn X25519_keypair -sets -.Fa out_public_value -and -.Fa out_private_key -to a freshly generated public/private key pair. -First, the -.Fa out_private_key -is generated with -.Xr arc4random_buf 3 . -Then, the opposite of the masking described in RFC 7748 section 5 -is applied to it to make sure that the generated private key is never -correctly masked. -The purpose is to cause incorrect implementations on the peer side -to consistently fail. -Correct implementations will decode the key correctly even when it is -not correctly masked. -Finally, the -.Fa out_public_value -is calculated from the -.Fa out_private_key -by multiplying it with the Montgomery base point -.Vt uint8_t u[32] No = Brq 9 . -.Pp -The size of a public and private key is -.Dv X25519_KEY_LENGTH No = 32 -bytes each. -.Pp -Ed25519 is a signature scheme using a twisted Edwards curve -that is birationally equivalent to Curve25519. -.Pp -.Fn ED25519_keypair -sets -.Fa out_public_key -and -.Fa out_private_key -to a freshly generated public/private key pair. -First, the -.Fa out_private_key -is generated with -.Xr arc4random_buf 3 . -Then, the -.Fa out_public_key -is calculated from the private key. -.Pp -.Fn ED25519_sign -signs the -.Fa message -of -.Fa message_len -bytes using the -.Fa public_key -and the -.Fa private_key -and writes the signature to -.Fa out_sig . -.Pp -.Fn ED25519_verify -checks that signing the -.Fa message -of -.Fa message_len -bytes using the -.Fa public_key -would indeed result in the given -.Fa signature . -.Pp -The sizes of a public and private keys are -.Dv ED25519_PUBLIC_KEY_LENGTH -and -.Dv ED25519_PRIVATE_KEY_LENGTH , -which are both 32 bytes, and the size of a signature is -.Dv ED25519_SIGNATURE_LENGTH No = 64 -bytes. -.Sh RETURN VALUES -.Fn X25519 -and -.Fn ED25519_sign -return 1 on success or 0 on error. -.Fn X25519 -can fail if the input is a point of small order. -.Fn ED25519_sign -always succeeds in LibreSSL, but the API reserves the return value 0 -for memory allocation failure. -.Pp -.Fn ED25519_verify -returns 1 if the -.Fa signature -is valid or 0 otherwise. -.Sh SEE ALSO -.Xr ECDH_compute_key 3 , -.Xr EVP_DigestSign 3 , -.Xr EVP_DigestVerify 3 , -.Xr EVP_PKEY_derive 3 , -.Xr EVP_PKEY_keygen 3 -.Rs -.%A Daniel J. Bernstein -.%R A state-of-the-art Diffie-Hellman function:\ - How do I use Curve25519 in my own software? -.%U https://cr.yp.to/ecdh.html -.Re -.Rs -.%A Daniel J. Bernstein -.%A Niels Duif -.%A Tanja Lange -.%A Peter Schwabe -.%A Bo-Yin Yang -.%T High-Speed High-Security Signatures -.%B Cryptographic Hardware and Embedded Systems \(em CHES 2011 -.%I Springer -.%J Lecture Notes in Computer Science -.%V vol 6917 -.%U https://doi.org/10.1007/978-3-642-23951-9_9 -.%C Nara, Japan -.%D September 29, 2011 -.Re -.Sh STANDARDS -RFC 7748: Elliptic Curves for Security -.Pp -RFC 8032: Edwards-Curve Digital Signature Algorithm (EdDSA) diff --git a/src/lib/libcrypto/man/X509V3_EXT_get_nid.3 b/src/lib/libcrypto/man/X509V3_EXT_get_nid.3 deleted file mode 100644 index ad153c36d0..0000000000 --- a/src/lib/libcrypto/man/X509V3_EXT_get_nid.3 +++ /dev/null @@ -1,94 +0,0 @@ -.\" $OpenBSD: X509V3_EXT_get_nid.3,v 1.8 2024/12/24 09:48:56 schwarze Exp $ -.\" -.\" Copyright (c) 2024 Theo Buehler -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: December 24 2024 $ -.Dt X509V3_EXT_GET_NID 3 -.Os -.Sh NAME -.Nm X509V3_EXT_get_nid , -.Nm X509V3_EXT_get -.Nd retrieve X.509v3 certificate extension methods -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft const X509V3_EXT_METHOD * -.Fo X509V3_EXT_get_nid -.Fa "int nid" -.Fc -.Ft const X509V3_EXT_METHOD * -.Fo X509V3_EXT_get -.Fa "X509_EXTENSION *ext" -.Fc -.Sh DESCRIPTION -An X.509v3 certificate extension contains an Object Identifier (OID), -a boolean criticality indicator, and an opaque extension value -.Po -an -.Vt ASN1_OCTET_STRING -.Pc -whose meaning is determined by the OID. -The library's -.Vt X509V3_EXT_METHOD -type, -which is not yet documented in detail, -contains a numeric identifier (NID) to represent the OID and various -handlers for encoding, decoding, printing, and configuring the -extension's value. -Criticality is handled separately, for example as an argument to -.Xr X509V3_add1_i2d 3 . -.Sh RETURN VALUES -.Fn X509V3_EXT_get_nid -returns the -.Vt X509V3_EXT_METHOD -corresponding to the numeric identifier -.Fa nid , -or -.Dv NULL -if there is none. -.Pp -.Fn X509V3_EXT_get -returns the -.Vt X509V3_EXT_METHOD -associated with the extension type of -.Fa ext , -or -.Dv NULL -if there is none. -.Sh SEE ALSO -.Xr i2s_ASN1_ENUMERATED_TABLE 3 , -.Xr OBJ_create 3 , -.Xr v2i_ASN1_BIT_STRING 3 , -.Xr X509_EXTENSION_get_object 3 , -.Xr X509V3_get_d2i 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile -.Bl -dash -compact -.It -section 4.2: Certificate Extensions -.El -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.2b and -have been available since -.Ox 2.6 . -.Sh CAVEATS -In LibreSSL, these functions only support built-in -.Fa nid -values corresponding to static built-in objects. -Other implementations have incomplete support for custom extension methods, -whose API is not threadsafe, does not affect the behavior of -.Xr X509_verify_cert 3 , -and has various other surprising quirks. -Both functions prefer built-in methods over custom methods with the same OID. diff --git a/src/lib/libcrypto/man/X509V3_EXT_print.3 b/src/lib/libcrypto/man/X509V3_EXT_print.3 deleted file mode 100644 index edb97d3a36..0000000000 --- a/src/lib/libcrypto/man/X509V3_EXT_print.3 +++ /dev/null @@ -1,195 +0,0 @@ -.\" $OpenBSD: X509V3_EXT_print.3,v 1.3 2024/12/28 10:19:45 schwarze Exp $ -.\" -.\" Copyright (c) 2021, 2024 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: December 28 2024 $ -.Dt X509V3_EXT_PRINT 3 -.Os -.Sh NAME -.Nm X509V3_EXT_print , -.Nm X509V3_EXT_print_fp -.Nd pretty-print an X.509 extension -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft int -.Fo X509V3_EXT_print -.Fa "BIO *bio" -.Fa "X509_EXTENSION *ext" -.Fa "unsigned long flags" -.Fa "int indent" -.Fc -.Ft int -.Fo X509V3_EXT_print_fp -.Fa "FILE *file" -.Fa "X509_EXTENSION *ext" -.Fa "int flags" -.Fa "int indent" -.Fc -.Sh DESCRIPTION -.Fn X509V3_EXT_print -and -.Fn X509V3_EXT_print_fp -decode -.Fa ext -and print the data contained in it to the -.Fa bio -or -.Fa file , -respectively, in a human-readable format with a left margin of -.Fa indent -space characters. -The details of both the decoding and the printing depend on the type of -.Fa ext . -.Pp -For most extension types, the decoding is done in the same way -as it would be done by the appropriate public API function, for example: -.Pp -.Bl -tag -width NID_authority_key_identifier -compact -.It Sy extension type -.Sy decoding function -.It Dv NID_authority_key_identifier -.Xr d2i_AUTHORITY_KEYID 3 -.It Dv NID_certificate_policies -.Xr d2i_CERTIFICATEPOLICIES 3 -.It Dv NID_crl_number -.Xr d2i_ASN1_INTEGER 3 -.It Dv NID_crl_reason -.Xr d2i_ASN1_ENUMERATED 3 -.It Dv NID_hold_instruction_code -.Xr d2i_ASN1_OBJECT 3 -.It Dv NID_id_pkix_OCSP_CrlID -.Xr d2i_OCSP_CRLID 3 -.It Dv NID_id_pkix_OCSP_noCheck -.Xr d2i_ASN1_NULL 3 -.It Dv NID_id_pkix_OCSP_Nonce -non-public function built into the library -.It Dv NID_invalidity_date -.Xr d2i_ASN1_GENERALIZEDTIME 3 -.It Dv NID_key_usage -.Xr d2i_ASN1_BIT_STRING 3 -.It Dv NID_subject_alt_name -.Xr d2i_GENERAL_NAMES 3 -.It Dv NID_subject_key_identifier -.Xr d2i_ASN1_OCTET_STRING 3 -.El -.Pp -For some types, the printing is performed -by a dedicated non-public function built into the library. -For some other types, the printing function is a public API function, -for example: -.Pp -.Bl -tag -width NID_id_pkix_OCSP_archiveCutoff -compact -.It Sy extension type -.Sy printing function -.It Dv NID_crl_number -.Xr i2s_ASN1_INTEGER 3 -.It Dv NID_crl_reason -.Xr i2s_ASN1_ENUMERATED_TABLE 3 -.It Dv NID_delta_crl -.Xr i2s_ASN1_INTEGER 3 -.It Dv NID_hold_instruction_code -.Xr i2a_ASN1_OBJECT 3 -.It Dv NID_id_pkix_OCSP_archiveCutoff -.Xr ASN1_GENERALIZEDTIME_print 3 -.It Dv NID_id_pkix_OCSP_Nonce -.Xr i2a_ASN1_STRING 3 -.It Dv NID_inhibit_any_policy -.Xr i2s_ASN1_INTEGER 3 -.It Dv NID_invalidity_date -.Xr ASN1_GENERALIZEDTIME_print 3 -.It Dv NID_key_usage -.Xr i2v_ASN1_BIT_STRING 3 -.It Dv NID_subject_key_identifier -.Xr i2s_ASN1_OCTET_STRING 3 -.El -.Pp -Some of the public printing functions are not documented yet. -.Pp -If -.Fa ext -is of an unknown extension type or if decoding fails -while using the decoding function for the relevant type, -the action taken depends on the -.Fa flags -argument: -.Bl -bullet -.It -If the bit -.Dv X509V3_EXT_PARSE_UNKNOWN -is set, -.Xr ASN1_parse_dump 3 -is called on the BER-encoded data of the extension, passing \-1 for the -.Fa dump -argument. -Thus, some information about the encoding of the extension gets printed -and some about its decoded content, falling back to -.Xr BIO_dump_indent 3 -for the decoded content unless a dedicated printing method is known -for the respective data type(s). -Note that even if an extension type is unknown, the data type used -by the unknown extension, or, if that data type is constructed, of -the values contained in it, may still be known, which may allow -printing the content of even an unknown extension in a structured -or partially structured form. -.It -If the bit -.Dv X509V3_EXT_DUMP_UNKNOWN -is set, -.Xr BIO_dump_indent 3 -is called on the BER-encoded data of the extension without decoding -it first, which is usually less readable than the above but poses -a smaller risk of omitting or misrepresenting parts of the information. -.It -If the bit -.Dv X509V3_EXT_ERROR_UNKNOWN -is set, only the fixed string -.Qq "" -is printed for an unknown type or only the fixed string -.Qq "" -if the parsing functions fails, -but printing is considered as successful anyway. -.It -If more than one of these three bits is set, or if a bit in -.Dv X509V3_EXT_UNKNOWN_MASK -is set that is not listed above, nothing is printed, but printing -is considered as successful anyway. -.It -If none of the bits in -.Dv X509V3_EXT_UNKNOWN_MASK -are set, nothing is printed and printing is considered as failed. -.El -.Sh RETURN VALUES -.Fn X509V3_EXT_print -and -.Fn X509V3_EXT_print_fp -return 0 if failure was both detected and considered relevant. -Otherwise, 1 is returned, and in general the user cannot tell whether -failure simply went undetected, whether the function detected failure -but regarded it as irrelevant, or whether printing did indeed -succeed. -.Sh SEE ALSO -.Xr BIO_new 3 , -.Xr X509_EXTENSION_new 3 , -.Xr X509_get0_extensions 3 , -.Xr X509_get_ext 3 , -.Xr X509V3_extensions_print 3 -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.2 and have been available since -.Ox 2.6 . -.Sh BUGS -These functions lack error handling throughout. -When a write operation fails, they will usually ignore the fact that -information was omitted from the output and report success to the -caller anyway. diff --git a/src/lib/libcrypto/man/X509V3_extensions_print.3 b/src/lib/libcrypto/man/X509V3_extensions_print.3 deleted file mode 100644 index 8c43fe9b01..0000000000 --- a/src/lib/libcrypto/man/X509V3_extensions_print.3 +++ /dev/null @@ -1,100 +0,0 @@ -.\" $OpenBSD: X509V3_extensions_print.3,v 1.2 2021/11/26 13:48:21 jsg Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: November 26 2021 $ -.Dt X509V3_EXTENSIONS_PRINT 3 -.Os -.Sh NAME -.Nm X509V3_extensions_print -.Nd pretty-print an array of X.509 extensions -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft int -.Fo X509V3_extensions_print -.Fa "BIO *bio" -.Fa "char *title" -.Fa "const STACK_OF(X509_EXTENSION) *sk" -.Fa "unsigned long flags" -.Fa "int indent" -.Fc -.Sh DESCRIPTION -For each member of the variable sized array -.Fa sk , -.Fn X509V3_extensions_print -prints the following information to -.Fa bio -in the following order: -.Bl -bullet -.It -The extension type as printed by -.Xr i2a_ASN1_OBJECT 3 . -.It -If the extension is critical, the fixed string -.Qq "critical" . -.It -A human-readable representation of the data contained in the extension -as printed by -.Xr X509V3_EXT_print 3 , -passing through the -.Fa flags . -If that function indicates failure, -the BER-encoded data of the extension is dumped with -.Xr ASN1_STRING_print 3 -without decoding it first. -In both cases, an -.Fa indent -incremented by 4 space characters is used. -.El -.Pp -If -.Fa sk -is a -.Dv NULL -pointer or empty, -.Fn X509V3_extensions_print -prints nothing and indicates success. -.Pp -Unless -.Fa title -is -.Dv NULL , -it is printed on its own output line before the rest of the output, and -.Fa indent -is increased by 4 space characters. -This additional global indentation is cumulative -to the one applied to individual extensions mentioned above. -.Sh RETURN VALUES -.Fn X509V3_extensions_print -is intended to return 1 on success or 0 if an error occurs. -.Sh SEE ALSO -.Xr BIO_new 3 , -.Xr STACK_OF 3 , -.Xr X509_EXTENSION_get_critical 3 , -.Xr X509_get0_extensions 3 , -.Xr X509_get_ext 3 , -.Xr X509V3_EXT_print 3 -.Sh HISTORY -.Fn X509V3_extensions_print -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.2 . -.Sh BUGS -Many parsing and printing errors are silently ignored, -and the function may return indicating success even though -.Fa sk -contains invalid data. -Even if all the data is valid, success may be indicated even when the -information printed is incomplete for various reasons, for example -due to memory allocation failures or I/O errors. diff --git a/src/lib/libcrypto/man/X509V3_get_d2i.3 b/src/lib/libcrypto/man/X509V3_get_d2i.3 deleted file mode 100644 index bf442dc846..0000000000 --- a/src/lib/libcrypto/man/X509V3_get_d2i.3 +++ /dev/null @@ -1,507 +0,0 @@ -.\" $OpenBSD: X509V3_get_d2i.3,v 1.25 2024/12/31 20:17:00 tb Exp $ -.\" full merge up to: OpenSSL ff7fbfd5 Nov 2 11:52:01 2015 +0000 -.\" selective merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2023, 2024 Theo Buehler -.\" Copyright (c) 2024 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2014, 2015, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 31 2024 $ -.Dt X509V3_GET_D2I 3 -.Os -.Sh NAME -.Nm X509V3_get_d2i , -.Nm X509V3_add1_i2d , -.Nm X509V3_EXT_d2i , -.Nm X509V3_EXT_i2d , -.Nm X509_get_ext_d2i , -.Nm X509_add1_ext_i2d , -.Nm X509_CRL_get_ext_d2i , -.Nm X509_CRL_add1_ext_i2d , -.Nm X509_REVOKED_get_ext_d2i , -.Nm X509_REVOKED_add1_ext_i2d , -.Nm X509_get0_extensions , -.Nm X509_CRL_get0_extensions , -.Nm X509_REVOKED_get0_extensions , -.Nm X509_get0_uids -.Nd X509 extension decode and encode functions -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft void * -.Fo X509V3_get_d2i -.Fa "const STACK_OF(X509_EXTENSION) *x" -.Fa "int nid" -.Fa "int *crit" -.Fa "int *idx" -.Fc -.Ft int -.Fo X509V3_add1_i2d -.Fa "STACK_OF(X509_EXTENSION) **x" -.Fa "int nid" -.Fa "void *value" -.Fa "int crit" -.Fa "unsigned long flags" -.Fc -.Ft void * -.Fo X509V3_EXT_d2i -.Fa "X509_EXTENSION *ext" -.Fc -.Ft X509_EXTENSION * -.Fo X509V3_EXT_i2d -.Fa "int ext_nid" -.Fa "int crit" -.Fa "void *ext" -.Fc -.Ft void * -.Fo X509_get_ext_d2i -.Fa "const X509 *x" -.Fa "int nid" -.Fa "int *crit" -.Fa "int *idx" -.Fc -.Ft int -.Fo X509_add1_ext_i2d -.Fa "X509 *x" -.Fa "int nid" -.Fa "void *value" -.Fa "int crit" -.Fa "unsigned long flags" -.Fc -.Ft void * -.Fo X509_CRL_get_ext_d2i -.Fa "const X509_CRL *crl" -.Fa "int nid" -.Fa "int *crit" -.Fa "int *idx" -.Fc -.Ft int -.Fo X509_CRL_add1_ext_i2d -.Fa "X509_CRL *crl" -.Fa "int nid" -.Fa "void *value" -.Fa "int crit" -.Fa "unsigned long flags" -.Fc -.Ft void * -.Fo X509_REVOKED_get_ext_d2i -.Fa "const X509_REVOKED *r" -.Fa "int nid" -.Fa "int *crit" -.Fa "int *idx" -.Fc -.Ft int -.Fo X509_REVOKED_add1_ext_i2d -.Fa "X509_REVOKED *r" -.Fa "int nid" -.Fa "void *value" -.Fa "int crit" -.Fa "unsigned long flags" -.Fc -.Ft const STACK_OF(X509_EXTENSION) * -.Fo X509_get0_extensions -.Fa "const X509 *x" -.Fc -.Ft const STACK_OF(X509_EXTENSION) * -.Fo X509_CRL_get0_extensions -.Fa "const X509_CRL *crl" -.Fc -.Ft const STACK_OF(X509_EXTENSION) * -.Fo X509_REVOKED_get0_extensions -.Fa "const X509_REVOKED *r" -.Fc -.Ft void -.Fo X509_get0_uids -.Fa "const X509 *x" -.Fa "const ASN1_BIT_STRING **issuerUID" -.Fa "const ASN1_BIT_STRING **subjectUID" -.Fc -.Sh DESCRIPTION -.Fn X509V3_get_d2i -looks for an extension with OID -.Fa nid -in the extensions -.Fa x -and, if found, decodes it. -If -.Fa idx -is -.Dv NULL , -then only one occurrence of an extension is permissible. -Otherwise the first extension after index -.Pf * Fa idx -is returned and -.Pf * Fa idx -is updated to the location of the extension. -If -.Fa crit -is not -.Dv NULL , -then -.Pf * Fa crit -is set to a status value: -2 if the extension occurs multiple times -(this is only returned if -.Fa idx -is -.Dv NULL ) , --1 if the extension could not be found, 0 if the extension is found -and is not critical, and 1 if it is critical. -A pointer to an extension specific structure or -.Dv NULL -is returned. -.Pp -.Fn X509V3_add1_i2d -adds extension -.Fa value -to STACK -.Pf * Fa x -(allocating a new STACK if necessary) using OID -.Fa nid -and criticality -.Fa crit -according to -.Fa flags . -.Pp -.Fn X509V3_EXT_d2i -attempts to decode the ASN.1 data contained in extension -.Fa ext -and returns a pointer to an extension specific structure or -.Dv NULL -if the extension could not be decoded (invalid syntax or not supported). -.Pp -.Fn X509V3_EXT_i2d -encodes the extension specific structure -.Fa ext -with OID -.Fa ext_nid -and criticality -.Fa crit . -.Pp -.Fn X509_get_ext_d2i -and -.Fn X509_add1_ext_i2d -operate on the extensions of certificate -.Fa x , -and are otherwise identical to -.Fn X509V3_get_d2i -and -.Fn X509V3_add1_i2d . -.Pp -.Fn X509_CRL_get_ext_d2i -and -.Fn X509_CRL_add1_ext_i2d -operate on the extensions of CRL -.Fa crl , -and are otherwise identical to -.Fn X509V3_get_d2i -and -.Fn X509V3_add1_i2d . -.Pp -.Fn X509_REVOKED_get_ext_d2i -and -.Fn X509_REVOKED_add1_ext_i2d -operate on the extensions of the -.Vt X509_REVOKED -structure -.Fa r -(i.e. for CRL entry extensions), and are otherwise identical to -.Fn X509V3_get_d2i -and -.Fn X509V3_add1_i2d . -.Pp -.Fn X509_get0_extensions , -.Fn X509_CRL_get0_extensions , -and -.Fn X509_REVOKED_get0_extensions -return a stack of all the extensions of a certificate, a CRL, -or a CRL entry, respectively. -.Pp -In almost all cases an extension can occur at most once and multiple -occurrences is an error. -Therefore the -.Fa idx -parameter is usually -.Dv NULL . -.Pp -The -.Fa flags -argument consists of two parts OR'ed together: -the operation mode and the optional silent flag. -The operation mode is the bitwise OR of the -.Fa flags -and the bitmask -.Dv X509V3_ADD_OP_MASK . -The following operation modes are recognized: -.Pp -.Dv X509V3_ADD_DEFAULT -appends a new extension only if the extension does not already exist. -An error is returned if the extension does already exist. -.Pp -.Dv X509V3_ADD_APPEND -appends a new extension, ignoring whether the extension already exists. -This is a misfeature and should not be used because certificates must -not include the same extension more than once. -.Pp -.Dv X509V3_ADD_REPLACE -replaces an extension if it exists otherwise appends a new extension. -.Pp -.Dv X509V3_ADD_REPLACE_EXISTING -replaces an existing extension if it exists otherwise returns an error. -.Pp -.Dv X509V3_ADD_KEEP_EXISTING -appends a new extension only if the extension does not already exist. -An error -.Sy is not -returned if the extension does already exist. -.Pp -.Dv X509V3_ADD_DELETE -deletes extension -.Fa nid -if it exists and errors otherwise. -No new extension is added. -.Pp -Any other operation mode results in an error. -.Pp -If -.Dv X509V3_ADD_SILENT -is OR'd into the -.Fa flags , -any error returned will not be added to the error queue. -.Pp -The function -.Fn X509V3_get_d2i -will return -.Dv NULL -if the extension is not found, occurs multiple times or cannot be -decoded. -It is possible to determine the precise reason by checking the value of -.Pf * Fa crit . -.Pp -.Fn X509_get0_uids -returns the issuer and subject unique identifiers of the certificate -.Fa x -in -.Pf * Fa issuerUID -and -.Pf * Fa subjectUID . -If a unique identifier field is not present in -.Fa x , -.Dv NULL -is returned. -Either one of -.Fa issuerUID -and -.Fa subjectUID -can be -.Dv NULL . -.Sh SUPPORTED EXTENSIONS -The following sections contain a list of all supported extensions -including their name and NID. -.Ss PKIX Certificate Extensions -The following certificate extensions are defined in PKIX standards such -as RFC 5280. -.Bl -column 30n 30n -.It Basic Constraints Ta Dv NID_basic_constraints -.It Key Usage Ta Dv NID_key_usage -.It Extended Key Usage Ta Dv NID_ext_key_usage -.It Subject Key Identifier Ta Dv NID_subject_key_identifier -.It Authority Key Identifier Ta Dv NID_authority_key_identifier -.It Private Key Usage Period Ta Dv NID_private_key_usage_period -.It Subject Alternative Name Ta Dv NID_subject_alt_name -.It Issuer Alternative Name Ta Dv NID_issuer_alt_name -.It Authority Information Access Ta Dv NID_info_access -.It Subject Information Access Ta Dv NID_sinfo_access -.It Name Constraints Ta Dv NID_name_constraints -.It Certificate Policies Ta Dv NID_certificate_policies -.It Policy Mappings Ta Dv NID_policy_mappings -.It Policy Constraints Ta Dv NID_policy_constraints -.It Inhibit Any Policy Ta Dv NID_inhibit_any_policy -.It IP Address Delegation Ta Dv NID_sbgp_ipAddrBlock -.It Autonomous System Identifier Delegation\ - Ta Dv NID_sbgp_autonomousSysNum -.El -.Ss Netscape Certificate Extensions -The following are (largely obsolete) Netscape certificate extensions. -.Bl -column 30n 30n -.It Netscape Cert Type Ta Dv NID_netscape_cert_type -.It Netscape Base Url Ta Dv NID_netscape_base_url -.It Netscape Revocation Url Ta Dv NID_netscape_revocation_url -.It Netscape CA Revocation Url Ta Dv NID_netscape_ca_revocation_url -.It Netscape Renewal Url Ta Dv NID_netscape_renewal_url -.It Netscape CA Policy Url Ta Dv NID_netscape_ca_policy_url -.It Netscape SSL Server Name Ta Dv NID_netscape_ssl_server_name -.It Netscape Comment Ta Dv NID_netscape_comment -.El -.Ss PKIX CRL Extensions -The following are CRL extensions from PKIX standards such as RFC 5280. -.Bl -column 30n 30n -.It CRL Number Ta Dv NID_crl_number -.It CRL Distribution Points Ta Dv NID_crl_distribution_points -.It Delta CRL Indicator Ta Dv NID_delta_crl -.It Freshest CRL Ta Dv NID_freshest_crl -.It Invalidity Date Ta Dv NID_invalidity_date -.It Issuing Distribution Point Ta Dv NID_issuing_distribution_point -.El -.Pp -The following are CRL entry extensions from PKIX standards such as -RFC 5280. -.Bl -column 30n 30n -.It CRL Reason Code Ta Dv NID_crl_reason -.It Certificate Issuer Ta Dv NID_certificate_issuer -.El -.Ss OCSP Extensions -.Bl -column 30n 30n -.It OCSP Nonce Ta Dv NID_id_pkix_OCSP_Nonce -.It OCSP CRL ID Ta Dv NID_id_pkix_OCSP_CrlID -.It Acceptable OCSP Responses Ta Dv NID_id_pkix_OCSP_acceptableResponses -.It OCSP No Check Ta Dv NID_id_pkix_OCSP_noCheck -.It OCSP Archive Cutoff Ta Dv NID_id_pkix_OCSP_archiveCutoff -.It OCSP Service Locator Ta Dv NID_id_pkix_OCSP_serviceLocator -.It Hold Instruction Code Ta Dv NID_hold_instruction_code -.El -.Sh RETURN VALUES -.Fn X509V3_get_d2i , -.Fn X509V3_EXT_d2i , -.Fn X509_get_ext_d2i , -.Fn X509_CRL_get_ext_d2i , -and -.Fn X509_REVOKED_get_ext_d2i -return a pointer to an extension specific structure or -.Dv NULL -if an error occurs. -.Pp -.Fn X509V3_add1_i2d , -.Fn X509_add1_ext_i2d , -.Fn X509_CRL_add1_ext_i2d , -and -.Fn X509_REVOKED_add1_ext_i2d -return 1 if the operation is successful, 0 if it fails due to a -non-fatal error (extension not found, already exists, cannot be encoded), -or -1 due to a fatal error such as a memory allocation failure. -In some cases of failure, the reason can be determined with -.Xr ERR_get_error 3 . -.Pp -The -.Fn X509V3_EXT_i2d -function returns a pointer to an -.Vt X509_EXTENSION -structure if successful; otherwise -.Dv NULL -is returned and an error code can be retrieved with -.Xr ERR_get_error 3 . -.Pp -.Fn X509_get0_extensions , -.Fn X509_CRL_get0_extensions , -and -.Fn X509_REVOKED_get0_extensions -return a stack of extensions, or -.Dv NULL -if no extensions are present. -.Sh SEE ALSO -.Xr d2i_X509 3 , -.Xr d2i_X509_EXTENSION 3 , -.Xr X509_check_purpose 3 , -.Xr X509_CRL_get0_by_serial 3 , -.Xr X509_CRL_new 3 , -.Xr X509_EXTENSION_new 3 , -.Xr X509_get_pubkey 3 , -.Xr X509_get_subject_name 3 , -.Xr X509_get_version 3 , -.Xr X509_new 3 , -.Xr X509_REVOKED_new 3 , -.Xr X509V3_EXT_print 3 , -.Xr X509V3_extensions_print 3 -.Sh HISTORY -.Fn X509V3_EXT_d2i -first appeared in OpenSSL 0.9.2b. -.Fn X509V3_EXT_i2d -first appeared in OpenSSL 0.9.3. -Both functions have been available since -.Ox 2.6 . -.Pp -.Fn X509V3_get_d2i , -.Fn X509_get_ext_d2i , -.Fn X509_CRL_get_ext_d2i , -and -.Fn X509_REVOKED_get_ext_d2i -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . -.Pp -.Fn X509V3_add1_i2d , -.Fn X509_add1_ext_i2d , -.Fn X509_CRL_add1_ext_i2d , -and -.Fn X509_REVOKED_add1_ext_i2d -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Pp -.Fn X509_get0_extensions , -.Fn X509_CRL_get0_extensions , -and -.Fn X509_REVOKED_get0_extensions -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 6.3 . -.Pp -.Fn X509_get0_uids -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 7.3 . diff --git a/src/lib/libcrypto/man/X509V3_parse_list.3 b/src/lib/libcrypto/man/X509V3_parse_list.3 deleted file mode 100644 index 447f1a5e94..0000000000 --- a/src/lib/libcrypto/man/X509V3_parse_list.3 +++ /dev/null @@ -1,101 +0,0 @@ -.\" $OpenBSD: X509V3_parse_list.3,v 1.2 2024/12/24 09:48:56 schwarze Exp $ -.\" -.\" Copyright (c) 2024 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: December 24 2024 $ -.Dt X509V3_PARSE_LIST 3 -.Os -.Sh NAME -.Nm X509V3_parse_list , -.Nm X509V3_conf_free -.Nd create and destroy CONF_VALUE objects -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft STACK_OF(CONF_VALUE) * -.Fn X509V3_parse_list "const char *string" -.Ft void -.Fn X509V3_conf_free "CONF_VALUE *conf" -.Sh DESCRIPTION -.Fn X509V3_parse_list -parses the -.Fa string -and allocates an array of -.Vt CONF_VALUE -objects according to the following rules. -.Bl -enum -width 2n -.It -The string is split into fields at comma -.Pq Sq \&, -characters. -.It -If a field contains a colon -.Pq Sq \&: -character, the part before the colon is regarded as a name -and the part after the first colon as the associated value. -Otherwise, the whole field is regarded as the name and -.Dv NULL -is used as the associated value. -.It -For each name and each value, leading and trailing whitespace as defined by -.Xr isspace 3 -is ignored. -.It -Parsing ends when a NUL, carriage return, or newline character -is encountered. -.El -.Pp -A new, empty -.Vt STACK_OF(CONF_VALUE) -is allocated and for each parsed name, one -.Vt CONF_VALUE -structure containing the optional value is pushed onto it. -.Pp -.Fn X509V3_conf_free -releases all memory used by -.Fa conf . -If -.Fa conf -is -.Dv NULL , -no action occurs. -.Pp -The typical way to release the memory returned from -.Fn X509V3_parse_list -is by calling -.Fn sk_CONF_VALUE_pop_free -on it, passing a pointer to the function -.Fn X509V3_conf_free -as the second argument. -.Sh RETURN VALUES -.Fn X509V3_parse_list -returns the new -.Vt STACK_OF(CONF_VALUE) -object or -.Dv NULL -if an error occurs, in particular if there isn't any name, -if the name before a colon or after a comma is empty, -if the value after a colon is empty, -or if memory allocation fails. -.Sh SEE ALSO -.Xr isspace 3 , -.Xr sk_pop_free 3 , -.Xr STACK_OF 3 , -.Xr v2i_ASN1_BIT_STRING 3 -.Sh HISTORY -.Fn X509V3_parse_list -and -.Fn X509V3_conf_free -first appeared in OpenSSL 0.9.2 and have been available since -.Ox 2.6 . diff --git a/src/lib/libcrypto/man/X509_ALGOR_dup.3 b/src/lib/libcrypto/man/X509_ALGOR_dup.3 deleted file mode 100644 index ef7ca75863..0000000000 --- a/src/lib/libcrypto/man/X509_ALGOR_dup.3 +++ /dev/null @@ -1,297 +0,0 @@ -.\" $OpenBSD: X509_ALGOR_dup.3,v 1.23 2024/03/19 17:34:05 tb Exp $ -.\" OpenSSL 4692340e Jun 7 15:49:08 2016 -0400 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2023 Theo Buehler -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2002, 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 19 2024 $ -.Dt X509_ALGOR_DUP 3 -.Os -.Sh NAME -.Nm X509_ALGOR_new , -.Nm X509_ALGOR_free , -.Nm X509_ALGOR_dup , -.Nm X509_ALGOR_set0 , -.Nm X509_ALGOR_get0 , -.Nm X509_ALGOR_cmp -.Nd create, change, and inspect algorithm identifiers -.Sh SYNOPSIS -.In openssl/x509.h -.Ft X509_ALGOR * -.Fn X509_ALGOR_new void -.Ft void -.Fn X509_ALGOR_free "X509_ALGOR *alg" -.Ft X509_ALGOR * -.Fo X509_ALGOR_dup -.Fa "X509_ALGOR *alg" -.Fc -.Ft int -.Fo X509_ALGOR_set0 -.Fa "X509_ALGOR *alg" -.Fa "ASN1_OBJECT *aobj" -.Fa "int ptype" -.Fa "void *pval" -.Fc -.Ft void -.Fo X509_ALGOR_get0 -.Fa "const ASN1_OBJECT **paobj" -.Fa "int *pptype" -.Fa "const void **ppval" -.Fa "const X509_ALGOR *alg" -.Fc -.Ft int -.Fo X509_ALGOR_cmp -.Fa "const X509_ALGOR *a" -.Fa "const X509_ALGOR *b" -.Fc -.Sh DESCRIPTION -An -.Vt X509_ALGOR -object represents an ASN.1 -.Vt AlgorithmIdentifier -structure defined in RFC 5280 section 4.1.1.2. -It specifies a cryptographic -.Fa algorithm -by an ASN.1 object identifier (OID) that can be obtained from -.Xr OBJ_nid2obj 3 , -together with optional algorithm-specific -.Fa parameters -of the type -.Vt ASN1_TYPE , -see -.Xr ASN1_TYPE_set 3 . -.Vt X509_ALGOR -objects are used by many other objects, for example certificates, -certificate revocation lists, and certificate requests. -.Pp -.Fn X509_ALGOR_new -allocates a new -.Vt X509_ALGOR -object containing the object that -.Xr OBJ_nid2obj 3 -returns for -.Dv NID_undef -as the -.Fa algorithm -and a -.Dv NULL -pointer as the -.Fa parameters . -.Pp -.Fn X509_ALGOR_free -frees -.Fa alg -and any data contained in it. -If -.Fa alg -is -.Dv NULL , -no action occurs. -.Pp -.Fn X509_ALGOR_dup -creates a deep copy of -.Fa alg . -It is implemented by calling -.Xr ASN1_item_dup 3 -with arguments of -.Dv X509_ALGOR_it -and -.Fa alg , -which is equivalent to calling -.Xr i2d_X509_ALGOR 3 -and -.Xr d2i_X509_ALGOR 3 . -.Pp -.Fn X509_ALGOR_set0 -sets the algorithm OID of -.Fa alg -to -.Fa aobj -and the associated parameter type to -.Fa ptype -with value -.Fa pval . -If -.Fa ptype -is -.Dv V_ASN1_UNDEF , -the parameter is omitted and -.Fa pval -is ignored. -If -.Fa ptype -is zero, -.Fa pval -is ignored and the existing parameter is left unchanged, or if -.Fa alg -does not contain a parameter, a new, empty parameter of type -.Dv V_ASN1_UNDEF -is added. -Otherwise -.Fa ptype -and -.Fa pval -have the same meaning as the -.Fa type -and -.Fa value -parameters to -.Xr ASN1_TYPE_set 3 . -Ownership of -.Fa aobj -and, unless it is ignored, of -.Fa pval -is transferred to -.Fa alg -on success. -.Pp -.Fn X509_ALGOR_get0 -returns -.Fa alg Ns 's -algorithm OID in -.Pf * Fa paobj , -its parameter type in -.Pf * Fa pptype , -and its parameter value in -.Pf * Fa ppval . -Any of -.Fa paobj , -.Fa pptype , -and -.Fa ppval -can be -.Dv NULL . -If -.Fa pptype is -.Dv NULL -or if -.Pf * Fa pptype -is -.Dv V_ASN1_UNDEF -then -.Pf * Fa ppval Ns 's -value is undefined. -.Pp -.Fn X509_ALGOR_cmp -compares -.Fa a -and -.Fa b . -.Sh RETURN VALUES -.Fn X509_ALGOR_new -and -.Fn X509_ALGOR_dup -return a new -.Vt X509_ALGOR -object or -.Dv NULL -if an error occurs. -.Pp -.Fn X509_ALGOR_set0 -returns 1 for success or 0 if -.Fa alg -is -.Dv NULL -or memory allocation fails. -.Pp -.Fn X509_ALGOR_cmp -returns 0 if -.Fa a -and -.Fa b -have identical encodings or non-zero otherwise. -.Sh SEE ALSO -.Xr ASN1_TYPE_set 3 , -.Xr d2i_X509_ALGOR 3 , -.Xr EVP_DigestInit 3 , -.Xr OBJ_nid2obj 3 , -.Xr X509_get0_signature 3 , -.Xr X509_new 3 , -.Xr X509_PUBKEY_get0_param 3 , -.Xr X509_signature_dump 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile -.Sh HISTORY -.Fn X509_ALGOR_new -and -.Fn X509_ALGOR_free -appeared in SSLeay 0.4 or earlier and have been available since -.Ox 2.4 . -.Pp -.Fn X509_ALGOR_dup -first appeared in SSLeay 0.9.1 and has been available since -.Ox 2.6 . -.Pp -.Fn X509_ALGOR_set0 -and -.Fn X509_ALGOR_get0 -first appeared in OpenSSL 0.9.8h and have been available since -.Ox 4.5 . -.Pp -.Fn X509_ALGOR_cmp -first appeared in OpenSSL 0.9.8zd, 1.0.0p, and 1.0.1k -and has been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/X509_ATTRIBUTE_get0_object.3 b/src/lib/libcrypto/man/X509_ATTRIBUTE_get0_object.3 deleted file mode 100644 index 4212e27d7e..0000000000 --- a/src/lib/libcrypto/man/X509_ATTRIBUTE_get0_object.3 +++ /dev/null @@ -1,136 +0,0 @@ -.\" $OpenBSD: X509_ATTRIBUTE_get0_object.3,v 1.2 2021/10/21 16:26:34 schwarze Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: October 21 2021 $ -.Dt X509_ATTRIBUTE_GET0_OBJECT 3 -.Os -.Sh NAME -.Nm X509_ATTRIBUTE_get0_object , -.Nm X509_ATTRIBUTE_count , -.Nm X509_ATTRIBUTE_get0_type , -.Nm X509_ATTRIBUTE_get0_data -.\" In the following line, "X.501" and "Attribute" are not typos. -.\" The "Attribute" type is defined in X.501, not in X.509. -.\" The type is called "Attribute" with capital "A", not "attribute". -.Nd X.501 Attribute read accessors -.Sh SYNOPSIS -.In openssl/x509.h -.Ft ASN1_OBJECT * -.Fo X509_ATTRIBUTE_get0_object -.Fa "X509_ATTRIBUTE *attr" -.Fc -.Ft int -.Fo X509_ATTRIBUTE_count -.Fa "const X509_ATTRIBUTE *attr" -.Fc -.Ft ASN1_TYPE * -.Fo X509_ATTRIBUTE_get0_type -.Fa "X509_ATTRIBUTE *attr" -.Fa "int index" -.Fc -.Ft void * -.Fo X509_ATTRIBUTE_get0_data -.Fa "X509_ATTRIBUTE *attr" -.Fa "int index" -.Fa "int type" -.Fa "void *data" -.Fc -.Sh DESCRIPTION -These functions provide read access to the X.501 Attribute object -.Fa attr . -.Pp -For -.Fn X509_ATTRIBUTE_get0_data , -the -.Fa type -argument usually is one of the -.Dv V_ASN1_* -constants defined in -.In openssl/asn1.h . -For example, if a return value of the type -.Vt ASN1_OCTET_STRING -is expected, pass -.Dv V_ASN1_OCTET_STRING -as the -.Fa type -argument. -The -.Fa data -argument is ignored; passing -.Dv NULL -is recommended. -.Sh RETURN VALUES -.Fn X509_ATTRIBUTE_get0_object -returns an internal pointer to the type of -.Fa attr -or -.Dv NULL -if -.Fa attr -is -.Dv NULL -or if its type is not set. -.Pp -.Fn X509_ATTRIBUTE_count -returns the number of values stored in -.Fa attr -or 0 if no value or values are set. -.Pp -.Fn X509_ATTRIBUTE_get0_type -returns an internal pointer to the ASN.1 ANY object -representing the value with the given zero-based -.Fa index -or -.Dv NULL -if -.Fa attr -is -.Dv NULL , -if the -.Fa index -is larger than or equal to the number of values stored in -.Fa attr , -or if no value or values are set. -.Pp -.Fn X509_ATTRIBUTE_get0_data -returns an internal pointer to the data -contained in the value with the given zero-based -.Fa index -or -.Dv NULL -if -.Fa attr -is -.Dv NULL , -if the -.Fa index -is larger than or equal to the number of values stored in -.Fa attr , -if no value or values are set, -or if the ASN.1 ANY object representing the value with the given -.Fa index -is not of the requested -.Fa type . -.Sh SEE ALSO -.Xr ASN1_OBJECT_new 3 , -.Xr ASN1_TYPE_new 3 , -.Xr OPENSSL_sk_new 3 , -.Xr X509_ATTRIBUTE_new 3 , -.Xr X509_ATTRIBUTE_set1_object 3 -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.5 -and have been available since -.Ox 2.7 . diff --git a/src/lib/libcrypto/man/X509_ATTRIBUTE_new.3 b/src/lib/libcrypto/man/X509_ATTRIBUTE_new.3 deleted file mode 100644 index cc2b27d4c0..0000000000 --- a/src/lib/libcrypto/man/X509_ATTRIBUTE_new.3 +++ /dev/null @@ -1,180 +0,0 @@ -.\" $OpenBSD: X509_ATTRIBUTE_new.3,v 1.18 2024/09/02 07:57:27 tb Exp $ -.\" -.\" Copyright (c) 2016, 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: September 2 2024 $ -.Dt X509_ATTRIBUTE_NEW 3 -.Os -.Sh NAME -.Nm X509_ATTRIBUTE_new , -.Nm X509_ATTRIBUTE_create , -.Nm X509_ATTRIBUTE_dup , -.Nm X509_ATTRIBUTE_free -.\" In the following line, "X.501" and "Attribute" are not typos. -.\" The "Attribute" type is defined in X.501, not in X.509. -.\" The type is called "Attribute" with capital "A", not "attribute". -.Nd generic X.501 Attribute -.Sh SYNOPSIS -.In openssl/x509.h -.Ft X509_ATTRIBUTE * -.Fn X509_ATTRIBUTE_new void -.Ft X509_ATTRIBUTE * -.Fn X509_ATTRIBUTE_create "int nid" "int type" "void *value" -.Ft X509_ATTRIBUTE * -.Fn X509_ATTRIBUTE_dup "X509_ATTRIBUTE *attr" -.Ft void -.Fn X509_ATTRIBUTE_free "X509_ATTRIBUTE *attr" -.Sh DESCRIPTION -In the X.501 standard, an -.Vt Attribute -is the fundamental ASN.1 data type used to represent any kind of -property of any kind of directory entry. -In OpenSSL, very few objects use it directly, most notably the -.Vt X509_REQ_INFO -object used for PKCS#10 certification requests described in -.Xr X509_REQ_new 3 , -the -.Vt PKCS8_PRIV_KEY_INFO -object used for PKCS#8 private key information described in -.Xr PKCS8_PRIV_KEY_INFO_new 3 , -and the -.Vt PKCS12_SAFEBAG -container object described in -.Xr PKCS12_SAFEBAG_new 3 . -.Pp -.Fn X509_ATTRIBUTE_new -allocates and initializes an empty -.Vt X509_ATTRIBUTE -object. -.Pp -.Fn X509_ATTRIBUTE_create -allocates a new multi-valued -.Vt X509_ATTRIBUTE -object of the type -.Fa nid -and initializes its set of values -to contain one new ASN.1 ANY object with the given -.Fa value -and -.Fa type . -The -.Fa type -usually is one of the -.Dv V_ASN1_* -constants defined in -.In openssl/asn1.h ; -it is stored without validating it. -If the function succeeds, ownership of the -.Fa value -is transferred to the new -.Vt X509_ATTRIBUTE -object. -.Pp -Be careful to not confuse the type of the attribute -and the type of the value. -.Pp -.Fn X509_ATTRIBUTE_dup -creates a deep copy of -.Fa attr . -.Pp -.Fn X509_ATTRIBUTE_free -frees -.Fa attr . -.Sh RETURN VALUES -.Fn X509_ATTRIBUTE_new , -.Fn X509_ATTRIBUTE_create , -and -.Fn X509_ATTRIBUTE_dup -return the new -.Vt X509_ATTRIBUTE -object or -.Dv NULL -if an error occurs. -.Pp -In particular, these functions fail if memory allocation fails. -.Fn X509_ATTRIBUTE_create -also fails if -.Xr OBJ_nid2obj 3 -fails on -.Fa nid . -.Sh SEE ALSO -.Xr d2i_X509_ATTRIBUTE 3 , -.Xr OBJ_nid2obj 3 , -.Xr PKCS12_SAFEBAG_new 3 , -.Xr PKCS7_add_attribute 3 , -.Xr PKCS8_pkey_get0_attrs 3 , -.Xr PKCS8_PRIV_KEY_INFO_new 3 , -.Xr X509_ATTRIBUTE_get0_object 3 , -.Xr X509_ATTRIBUTE_set1_object 3 , -.Xr X509_EXTENSION_new 3 , -.Xr X509_new 3 , -.Xr X509_REQ_add1_attr 3 , -.Xr X509_REQ_new 3 -.Sh STANDARDS -.Bl -ohang -.It Xo -For the general definition of the -.Vt Attribute -data type: -.Xc -ITU-T Recommendation X.501, also known as ISO/IEC 9594-2: -Information Technology \(en Open Systems Interconnection \(en -The Directory: Models, section 8.2: Overall structure -.It For the specific definition in the context of certification requests: -RFC 2986: PKCS #10: Certification Request Syntax Specification, -section 4.1: CertificationRequestInfo -.It For the specific use in the context of private key information: -RFC 5208: Public-Key Cryptography Standards (PKCS) #8: -Private-Key Information Syntax Specification -.It For the specific definition in the context of PFX: -RFC 7292: PKCS #12: Personal Information Exchange Syntax, -section 4.2: The SafeBag Type -.El -.Sh HISTORY -.Fn X509_ATTRIBUTE_new -and -.Fn X509_ATTRIBUTE_free -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . -.Pp -.Fn X509_ATTRIBUTE_create -and -.Fn X509_ATTRIBUTE_dup -first appeared in SSLeay 0.9.1 and have been available since -.Ox 2.6 . -.Sh BUGS -A data type designed to hold arbitrary data is an oxymoron. -.Pp -While it may occasionally be useful for abstract syntax specification -or for generic container objects, using it for the representation -of specific data in a specific data structure feels like dubious -design. -.Pp -Having two distinct data types to hold arbitrary data \(en -in this case, -.Vt X509_ATTRIBUTE -on the X.501 language level and -.Vt X509_EXTENSION -as described in -.Xr X509_EXTENSION_new 3 -on the X.509 language level \(en feels even more questionable, -in particular considering that Attributes in certification requests -can be used to ask for Extensions in certificates. -.Pp -At the very least, the direct use of the low-level generic -.Vt X509_ATTRIBUTE -type in specific data types like certification requests or private -key information looks like a layering violation and appears to put -type safety into jeopardy. diff --git a/src/lib/libcrypto/man/X509_ATTRIBUTE_set1_object.3 b/src/lib/libcrypto/man/X509_ATTRIBUTE_set1_object.3 deleted file mode 100644 index 3555d4b169..0000000000 --- a/src/lib/libcrypto/man/X509_ATTRIBUTE_set1_object.3 +++ /dev/null @@ -1,267 +0,0 @@ -.\" $OpenBSD: X509_ATTRIBUTE_set1_object.3,v 1.3 2021/11/26 13:48:21 jsg Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: November 26 2021 $ -.Dt X509_ATTRIBUTE_SET1_OBJECT 3 -.Os -.Sh NAME -.Nm X509_ATTRIBUTE_set1_object , -.Nm X509_ATTRIBUTE_set1_data , -.Nm X509_ATTRIBUTE_create_by_OBJ , -.Nm X509_ATTRIBUTE_create_by_NID , -.Nm X509_ATTRIBUTE_create_by_txt -.\" In the following line, "X.501" and "Attribute" are not typos. -.\" The "Attribute" type is defined in X.501, not in X.509. -.\" The type is called "Attribute" with capital "A", not "attribute". -.Nd modify an X.501 Attribute -.Sh SYNOPSIS -.In openssl/x509.h -.Ft int -.Fo X509_ATTRIBUTE_set1_object -.Fa "X509_ATTRIBUTE *attr" -.Fa "const ASN1_OBJECT *obj" -.Fc -.Ft int -.Fo X509_ATTRIBUTE_set1_data -.Fa "X509_ATTRIBUTE *attr" -.Fa "int type" -.Fa "const void *data" -.Fa "int len" -.Fc -.Ft X509_ATTRIBUTE * -.Fo X509_ATTRIBUTE_create_by_OBJ -.Fa "X509_ATTRIBUTE **pattr" -.Fa "const ASN1_OBJECT *obj" -.Fa "int type" -.Fa "const void *data" -.Fa "int len" -.Fc -.Ft X509_ATTRIBUTE * -.Fo X509_ATTRIBUTE_create_by_NID -.Fa "X509_ATTRIBUTE **pattr" -.Fa "int nid" -.Fa "int type" -.Fa "const void *data" -.Fa "int len" -.Fc -.Ft X509_ATTRIBUTE * -.Fo X509_ATTRIBUTE_create_by_txt -.Fa "X509_ATTRIBUTE **pattr" -.Fa "const char *name" -.Fa "int type" -.Fa "const unsigned char *data" -.Fa "int len" -.Fc -.Sh DESCRIPTION -.Fn X509_ATTRIBUTE_set1_object -sets the type of -.Fa attr -to -.Fa obj . -If -.Fa obj -is dynamically allocated, a deep copy is created. -If the type of -.Fa attr -was already set, the old type is freed -as far as it was dynamically allocated. -After calling this function, -.Fa attr -may be in an inconsistent state -because its values may not agree with the new attribute type. -.Pp -.Fn X509_ATTRIBUTE_set1_data -sets -.Fa attr -to be multi-valued and initializes its set of values -to contain a single new ASN.1 ANY object representing the -.Fa data . -.Pp -The interpretation of the -.Fa data -depends on the values of the -.Fa type -and -.Fa len -arguments; there are four different cases. -.Pp -If the -.Fa type -argument has the bit -.Dv MBSTRING_FLAG -set, -.Fa data -is expected to point to a multibyte character string that is -.Fa len -bytes long and uses the encoding specified by the -.Fa type -argument, and it is expected that an attribute type was already assigned to -.Fa attr , -for example by calling -.Fn X509_ATTRIBUTE_set1_object -before calling -.Fn X509_ATTRIBUTE_set1_data . -In this case, an appropriate ASN.1 multibyte string type is chosen and -a new object of that type is allocated and populated to represent the -.Fa data -by calling -.Xr ASN1_STRING_set_by_NID 3 . -The type of that new ASN.1 string object is subsequently used instead of the -.Fa type -argument. -.Pp -If the -.Fa type -argument does not have the bit -.Dv MBSTRING_FLAG -set and the -.Fa len argument -is not \-1, the -.Fa type -argument is expected to be one of the types documented in -.Xr ASN1_STRING_new 3 -and -.Fa data -is expected to point to a buffer of -.Fa len -bytes. -In this case, a new object is allocated with -.Xr ASN1_STRING_type_new 3 -and populated with -.Xr ASN1_STRING_set 3 . -.Pp -If the -.Fa type -argument does not have the bit -.Dv MBSTRING_FLAG -set and the -.Fa len argument -is \-1, -.Fa data -is expected to point to an object of the given -.Fa type -rather than to a buffer. -In this case, a deep copy of the existing object -into the new ASN.1 ANY object is performed with -.Xr ASN1_TYPE_set1 3 . -.Pp -If the -.Fa type -argument is 0, the -.Fa data -and -.Fa len -arguments are ignored and the set of values is left empty -instead of adding a single ASN.1 ANY object to it. -This violates section 8.2 of the X.501 standard, which requires -every attribute to contain at least one value, but some attribute -types used by the library use empty sets of values anyway. -.Pp -.Fn X509_ATTRIBUTE_create_by_OBJ -sets the type of -.Pf ** Fa attr -to -.Fa obj -using -.Fn X509_ATTRIBUTE_set1_object -and copies the -.Fa data -into it using -.Fn X509_ATTRIBUTE_set1_data . -If -.Fa attr -or -.Pf * Fa attr -is -.Dv NULL , -a new -.Vt X509_ATTRIBUTE -object is allocated, populated, and returned. -.Pp -.Fn X509_ATTRIBUTE_create_by_NID -is a wrapper around -.Fn X509_ATTRIBUTE_create_by_OBJ -that obtains the required -.Fa obj -argument by calling -.Xr OBJ_nid2obj 3 -on the -.Fa nid -argument. -.Pp -.Fn X509_ATTRIBUTE_create_by_txt -is a similar wrapper that obtains -.Fa obj -by calling -.Xr OBJ_txt2obj 3 -with the arguments -.Fa name -and 0, which means that long names, short names, and numerical OID -strings are all acceptable. -.Sh RETURN VALUES -.Fn X509_ATTRIBUTE_set1_object -returns 1 if successful or 0 if -.Fa attr -or -.Fa obj -is -.Dv NULL -or if memory allocation fails. -.Pp -.Fn X509_ATTRIBUTE_set1_data -returns 1 if successful or 0 if -.Fa attr -is -.Dv NULL -or if -.Xr ASN1_STRING_set_by_NID 3 , -.Xr ASN1_STRING_set 3 , -.Xr ASN1_TYPE_set1 3 , -or memory allocation fails. -.Pp -.Fn X509_ATTRIBUTE_create_by_OBJ , -.Fn X509_ATTRIBUTE_create_by_NID , -and -.Fn X509_ATTRIBUTE_create_by_txt -return a pointer to the changed or new object or -.Dv NULL -if obtaining -.Fa obj , -allocating memory, or copying fails. -.Sh SEE ALSO -.Xr ASN1_OBJECT_new 3 , -.Xr ASN1_STRING_new 3 , -.Xr ASN1_STRING_set 3 , -.Xr ASN1_STRING_set_by_NID 3 , -.Xr ASN1_TYPE_new 3 , -.Xr OBJ_nid2obj 3 , -.Xr X509_ATTRIBUTE_get0_object 3 , -.Xr X509_ATTRIBUTE_new 3 -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.5 -and have been available since -.Ox 2.7 . -.Sh BUGS -If -.Fa attr -already contains one or more values, -.Fn X509_ATTRIBUTE_set1_data , -.Fn X509_ATTRIBUTE_create_by_OBJ , -.Fn X509_ATTRIBUTE_create_by_NID , -and -.Fn X509_ATTRIBUTE_create_by_txt -silently overwrite the pointers to the old values -and leak the memory used for them. diff --git a/src/lib/libcrypto/man/X509_CINF_new.3 b/src/lib/libcrypto/man/X509_CINF_new.3 deleted file mode 100644 index 6c09c58545..0000000000 --- a/src/lib/libcrypto/man/X509_CINF_new.3 +++ /dev/null @@ -1,117 +0,0 @@ -.\" $OpenBSD: X509_CINF_new.3,v 1.11 2024/09/02 08:04:32 tb Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: September 2 2024 $ -.Dt X509_CINF_NEW 3 -.Os -.Sh NAME -.Nm X509_CINF_new , -.Nm X509_CINF_free , -.Nm X509_VAL_new , -.Nm X509_VAL_free , -.Nm X509_CERT_AUX_new , -.Nm X509_CERT_AUX_free -.Nd X.509 certificate information objects -.Sh SYNOPSIS -.In openssl/x509.h -.Ft X509_CINF * -.Fn X509_CINF_new void -.Ft void -.Fn X509_CINF_free "X509_CINF *inf" -.Ft X509_VAL * -.Fn X509_VAL_new void -.Ft void -.Fn X509_VAL_free "X509_VAL *val" -.Ft X509_CERT_AUX * -.Fn X509_CERT_AUX_new void -.Ft void -.Fn X509_CERT_AUX_free "X509_CERT_AUX *aux" -.Sh DESCRIPTION -.Fn X509_CINF_new -allocates and initializes an empty -.Vt X509_CINF -object, representing an ASN.1 -.Vt TBSCertificate -structure defined in RFC 5280 section 4.1. -It is used inside the -.Vt X509 -object and holds the main information contained in the X.509 -certificate including subject, public key, issuer, serial number, -validity period, and extensions. -.Fn X509_CINF_free -frees -.Fa inf . -.Pp -.Fn X509_VAL_new -allocates and initializes an empty -.Vt X509_VAL -object, representing an ASN.1 -.Vt Validity -structure defined in RFC 5280 section 4.1. -It is used inside the -.Vt X509_CINF -object and holds the validity period of the certificate. -.Fn X509_VAL_free -frees -.Fa val . -.Pp -.Fn X509_CERT_AUX_new -allocates and initializes an empty -.Vt X509_CERT_AUX -structure. -It can be used inside an -.Vt X509 -object to hold optional non-standard auxiliary data appended to a -certificate, for example friendly alias names and trust data. -.Fn X509_CERT_AUX_free -frees -.Fa aux . -.Sh RETURN VALUES -.Fn X509_CINF_new , -.Fn X509_VAL_new , -and -.Fn X509_CERT_AUX_new -return the new -.Vt X509_CINF , -.Vt X509_VAL , -or -.Vt X509_CERT_AUX -object, respectively, or -.Dv NULL -if an error occurs. -.Sh SEE ALSO -.Xr d2i_X509_CINF 3 , -.Xr X509_add1_trust_object 3 , -.Xr X509_CERT_AUX_print 3 , -.Xr X509_keyid_set1 3 , -.Xr X509_new 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile -.Sh HISTORY -.Fn X509_CINF_new , -.Fn X509_CINF_free , -.Fn X509_VAL_new , -and -.Fn X509_VAL_free -appeared in SSLeay 0.4 or earlier and have been available since -.Ox 2.4 . -.Pp -.Fn X509_CERT_AUX_new -and -.Fn X509_CERT_AUX_free -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . diff --git a/src/lib/libcrypto/man/X509_CRL_get0_by_serial.3 b/src/lib/libcrypto/man/X509_CRL_get0_by_serial.3 deleted file mode 100644 index f5edee6085..0000000000 --- a/src/lib/libcrypto/man/X509_CRL_get0_by_serial.3 +++ /dev/null @@ -1,179 +0,0 @@ -.\" $OpenBSD: X509_CRL_get0_by_serial.3,v 1.13 2024/03/06 02:34:14 tb Exp $ -.\" full merge up to: OpenSSL cdd6c8c5 Mar 20 12:29:37 2017 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2015, 2017 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 6 2024 $ -.Dt X509_CRL_GET0_BY_SERIAL 3 -.Os -.Sh NAME -.Nm X509_CRL_get0_by_serial , -.Nm X509_CRL_get0_by_cert , -.Nm X509_CRL_get_REVOKED , -.Nm X509_CRL_add0_revoked , -.Nm X509_CRL_sort -.Nd add, sort, and retrieve CRL entries -.Sh SYNOPSIS -.In openssl/x509.h -.Ft int -.Fo X509_CRL_get0_by_serial -.Fa "X509_CRL *crl" -.Fa "X509_REVOKED **ret" -.Fa "ASN1_INTEGER *serial" -.Fc -.Ft int -.Fo X509_CRL_get0_by_cert -.Fa "X509_CRL *crl" -.Fa "X509_REVOKED **ret" -.Fa "X509 *x" -.Fc -.Ft STACK_OF(X509_REVOKED) * -.Fo X509_CRL_get_REVOKED -.Fa "X509_CRL *crl" -.Fc -.Ft int -.Fo X509_CRL_add0_revoked -.Fa "X509_CRL *crl" -.Fa "X509_REVOKED *rev" -.Fc -.Ft int -.Fo X509_CRL_sort -.Fa "X509_CRL *crl" -.Fc -.Sh DESCRIPTION -.Fn X509_CRL_get0_by_serial -attempts to find a revoked entry in -.Fa crl -for serial number -.Fa serial . -If it is successful, it sets -.Pf * Fa ret -to the internal pointer of the matching entry. -Consequently, -.Pf * Fa ret -must not be freed up after the call. -.Pp -.Fn X509_CRL_get0_by_cert -is similar to -.Fn X509_CRL_get0_by_serial -except that it looks for a revoked entry using the serial number -of certificate -.Fa x . -.Pp -.Fn X509_CRL_get_REVOKED -returns an internal pointer to a stack of all revoked entries for -.Fa crl . -.Pp -.Fn X509_CRL_add0_revoked -appends revoked entry -.Fa rev -to CRL -.Fa crl . -The pointer -.Fa rev -is used internally so it must not be freed up after the call: it is -freed when the parent CRL is freed. -.Pp -.Fn X509_CRL_sort -sorts the revoked entries of -.Fa crl -into ascending serial number order. -.Pp -Applications can determine the number of revoked entries returned by -.Fn X509_CRL_get_revoked -using -.Fn sk_X509_REVOKED_num -and examine each one in turn using -.Fn sk_X509_REVOKED_value , -both defined in -.In openssl/safestack.h . -.Sh RETURN VALUES -.Fn X509_CRL_get0_by_serial -and -.Fn X509_CRL_get0_by_cert -return 0 for failure or 1 for success, except if the revoked entry -has the reason -.Qq removeFromCRL , -in which case 2 is returned. -.Pp -The -.Fn X509_CRL_add0_revoked -function returns 1 if successful; -otherwise 0 is returned and an error code can be retrieved with -.Xr ERR_get_error 3 . -.Pp -.Fn X509_CRL_sort -returns 1 for success or 0 for failure. -The current implementation cannot fail. -.Pp -.Fn X509_CRL_get_REVOKED -returns a STACK of revoked entries. -.Sh SEE ALSO -.Xr d2i_X509_CRL 3 , -.Xr X509_CRL_get_ext 3 , -.Xr X509_CRL_get_issuer 3 , -.Xr X509_CRL_get_version 3 , -.Xr X509_CRL_new 3 , -.Xr X509_REVOKED_new 3 , -.Xr X509V3_get_d2i 3 -.Sh HISTORY -.Fn X509_CRL_get_REVOKED -first appeared in OpenSSL 0.9.2b and has been available since -.Ox 2.6 . -.Pp -.Fn X509_CRL_add0_revoked -and -.Fn X509_CRL_sort -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Pp -.Fn X509_CRL_get0_by_serial -and -.Fn X509_CRL_get0_by_cert -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/X509_CRL_new.3 b/src/lib/libcrypto/man/X509_CRL_new.3 deleted file mode 100644 index f9355fcfd3..0000000000 --- a/src/lib/libcrypto/man/X509_CRL_new.3 +++ /dev/null @@ -1,143 +0,0 @@ -.\" $OpenBSD: X509_CRL_new.3,v 1.14 2024/03/06 02:34:14 tb Exp $ -.\" -.\" Copyright (c) 2016, 2018, 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 6 2024 $ -.Dt X509_CRL_NEW 3 -.Os -.Sh NAME -.Nm X509_CRL_new , -.Nm X509_CRL_dup , -.Nm X509_CRL_up_ref , -.Nm X509_CRL_free , -.Nm X509_CRL_INFO_new , -.Nm X509_CRL_INFO_free -.Nd X.509 certificate revocation lists -.Sh SYNOPSIS -.In openssl/x509.h -.Ft X509_CRL * -.Fn X509_CRL_new void -.Ft X509_CRL * -.Fn X509_CRL_dup "X509_CRL *crl" -.Ft int -.Fn X509_CRL_up_ref "X509_CRL *crl" -.Ft void -.Fn X509_CRL_free "X509_CRL *crl" -.Ft X509_CRL_INFO * -.Fn X509_CRL_INFO_new void -.Ft void -.Fn X509_CRL_INFO_free "X509_CRL_INFO *crl_info" -.Sh DESCRIPTION -.Fn X509_CRL_new -allocates and initializes an empty -.Vt X509_CRL -object, representing an ASN.1 -.Vt CertificateList -structure defined in RFC 5280 section 5.1. -It can hold a pointer to an -.Vt X509_CRL_INFO -object discussed below together with a cryptographic signature -and information about the signature algorithm used. -The reference count is set to 1. -.Pp -.Fn X509_CRL_dup -creates a deep copy of -.Fa crl . -.Pp -.Fn X509_CRL_up_ref -increments the reference count of -.Fa crl -by 1. -.Pp -.Fn X509_CRL_free -decrements the reference count of -.Fa crl -by 1. -If the reference count reaches 0, it frees -.Fa crl . -.Pp -.Fn X509_CRL_INFO_new -allocates and initializes an empty -.Vt X509_CRL_INFO -object, representing an ASN.1 -.Vt TBSCertList -structure defined in RFC 5280 section 5.1. -It is used inside the -.Vt X509_CRL -object and can hold a list of revoked certificates, an issuer name, -the time the list was issued, the time when the next update of the -list is due, and optional extensions. -.Fn X509_CRL_INFO_free -frees -.Fa crl_info . -.Sh RETURN VALUES -.Fn X509_CRL_new , -.Fn X509_CRL_dup , -and -.Fn X509_CRL_INFO_new -return the new -.Vt X509_CRL -or -.Vt X509_CRL_INFO -object, respectively, or -.Dv NULL -if an error occurs. -.Pp -.Fn X509_CRL_up_ref -returns 1 on success or 0 on error. -.Sh SEE ALSO -.Xr ACCESS_DESCRIPTION_new 3 , -.Xr AUTHORITY_KEYID_new 3 , -.Xr d2i_X509_CRL 3 , -.Xr DIST_POINT_new 3 , -.Xr PEM_read_X509_CRL 3 , -.Xr X509_CRL_digest 3 , -.Xr X509_CRL_get0_by_serial 3 , -.Xr X509_CRL_get0_lastUpdate 3 , -.Xr X509_CRL_get0_signature 3 , -.Xr X509_CRL_get_ext 3 , -.Xr X509_CRL_get_ext_d2i 3 , -.Xr X509_CRL_get_issuer 3 , -.Xr X509_CRL_get_version 3 , -.Xr X509_CRL_match 3 , -.Xr X509_CRL_print 3 , -.Xr X509_CRL_sign 3 , -.Xr X509_EXTENSION_new 3 , -.Xr X509_INFO_new 3 , -.Xr X509_load_crl_file 3 , -.Xr X509_new 3 , -.Xr X509_OBJECT_get0_X509_CRL 3 , -.Xr X509_REVOKED_new 3 , -.Xr X509_STORE_CTX_set0_crls 3 , -.Xr X509_STORE_get1_crls 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile, section 5: CRL and CRL -Extensions Profile -.Sh HISTORY -.Fn X509_CRL_new , -.Fn X509_CRL_free , -.Fn X509_CRL_INFO_new , -and -.Fn X509_CRL_INFO_free -first appeared in SSLeay 0.4.4. -.Fn X509_CRL_dup -first appeared in SSLeay 0.5.1. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn X509_CRL_up_ref -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 6.3 . diff --git a/src/lib/libcrypto/man/X509_CRL_print.3 b/src/lib/libcrypto/man/X509_CRL_print.3 deleted file mode 100644 index 2f4832f0e7..0000000000 --- a/src/lib/libcrypto/man/X509_CRL_print.3 +++ /dev/null @@ -1,113 +0,0 @@ -.\" $OpenBSD: X509_CRL_print.3,v 1.1 2021/07/19 13:16:43 schwarze Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: July 19 2021 $ -.Dt X509_CRL_PRINT 3 -.Os -.Sh NAME -.Nm X509_CRL_print , -.Nm X509_CRL_print_fp -.Nd pretty-print a certificate revocation list -.Sh SYNOPSIS -.In openssl/x509.h -.Ft int -.Fo X509_CRL_print -.Fa "BIO *bio" -.Fa "X509_CRL *crl" -.Fc -.Ft int -.Fo X509_CRL_print_fp -.Fa "FILE *fp" -.Fa "X509_CRL *crl" -.Fc -.Sh DESCRIPTION -.Fn X509_CRL_print -prints information contained in -.Fa crl -to -.Fa bio -in human-readable form, in the following order: -.Bl -bullet -.It -The certificate revocation list version number as defined by -the standard, followed in parentheses by the value contained -in the version field in hexadecimal notation. -See -.Xr X509_CRL_get_version 3 -for details. -.It -The name of the signature algorithm is printed with -.Xr X509_signature_print 3 . -.It -The issuer name as returned by -.Xr X509_CRL_get_issuer 3 . -.It -The times of the last and next updates as returned by -.Xr X509_CRL_get0_lastUpdate 3 -and -.Xr X509_CRL_get0_nextUpdate 3 -are printed with -.Xr ASN1_TIME_print 3 . -.It -All X.509 extensions directly contained -in the certificate revocation list object -.Fa crl -are printed with -.Xr X509V3_extensions_print 3 . -.It -Information about revoked certificates is retrieved with -.Xr X509_CRL_get_REVOKED 3 , -and for each revoked certificate, the following is printed: -.Bl -bullet -.It -The serial number of the certificate is printed with -.Xr i2a_ASN1_INTEGER 3 . -.It -The revocation date is printed with -.Xr ASN1_TIME_print 3 . -.It -All X.509 extensions contained in the revocation entry are printed with -.Xr X509V3_extensions_print 3 . -.El -.It -The signature of -.Fa crl -is printed with -.Xr X509_signature_print 3 . -.El -.Pp -.Fn X509_CRL_print_fp -is similar to -.Fn X509_CRL_print -except that it prints to -.Fa fp . -.Sh RETURN VALUES -These functions are intended to return 1 for success and 0 for error. -.Sh SEE ALSO -.Xr BIO_new 3 , -.Xr X509_CRL_new 3 , -.Xr X509_print_ex 3 , -.Xr X509_REVOKED_new 3 -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.2 and have been available since -.Ox 2.6 . -.Sh BUGS -Most I/O errors are silently ignored. -Even if the information printed is incomplete, these functions may -return 1 anyway. -.Pp -If the version number is invalid, no information from the CRL is printed -and the functions fail. diff --git a/src/lib/libcrypto/man/X509_EXTENSION_set_object.3 b/src/lib/libcrypto/man/X509_EXTENSION_set_object.3 deleted file mode 100644 index 45cf0dbaa5..0000000000 --- a/src/lib/libcrypto/man/X509_EXTENSION_set_object.3 +++ /dev/null @@ -1,348 +0,0 @@ -.\" $OpenBSD: X509_EXTENSION_set_object.3,v 1.19 2024/12/28 11:04:09 schwarze Exp $ -.\" full merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2016, 2021, 2024 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 28 2024 $ -.Dt X509_EXTENSION_SET_OBJECT 3 -.Os -.Sh NAME -.Nm X509_EXTENSION_new , -.Nm X509_EXTENSION_dup , -.Nm X509_EXTENSION_free , -.Nm X509_EXTENSION_create_by_NID , -.Nm X509_EXTENSION_create_by_OBJ , -.Nm X509_EXTENSION_set_object , -.Nm X509_EXTENSION_set_critical , -.Nm X509_EXTENSION_set_data , -.Nm X509_EXTENSION_get_object , -.Nm X509_EXTENSION_get_critical , -.Nm X509_EXTENSION_get_data , -.Nm X509_supported_extension -.\" In the next line, the capital "E" is not a typo. -.\" The ASN.1 structure is called "Extension", not "extension". -.Nd create, change, and inspect X.509 Extension objects -.Sh SYNOPSIS -.In openssl/x509.h -.Ft X509_EXTENSION * -.Fn X509_EXTENSION_new void -.Ft X509_EXTENSION * -.Fn X509_EXTENSION_dup "X509_EXTENSION *ex" -.Ft void -.Fn X509_EXTENSION_free "X509_EXTENSION *ex" -.Ft X509_EXTENSION * -.Fo X509_EXTENSION_create_by_NID -.Fa "X509_EXTENSION **ex" -.Fa "int nid" -.Fa "int crit" -.Fa "ASN1_OCTET_STRING *data" -.Fc -.Ft X509_EXTENSION * -.Fo X509_EXTENSION_create_by_OBJ -.Fa "X509_EXTENSION **ex" -.Fa "const ASN1_OBJECT *obj" -.Fa "int crit" -.Fa "ASN1_OCTET_STRING *data" -.Fc -.Ft int -.Fo X509_EXTENSION_set_object -.Fa "X509_EXTENSION *ex" -.Fa "const ASN1_OBJECT *obj" -.Fc -.Ft int -.Fo X509_EXTENSION_set_critical -.Fa "X509_EXTENSION *ex" -.Fa "int crit" -.Fc -.Ft int -.Fo X509_EXTENSION_set_data -.Fa "X509_EXTENSION *ex" -.Fa "ASN1_OCTET_STRING *data" -.Fc -.Ft ASN1_OBJECT * -.Fo X509_EXTENSION_get_object -.Fa "X509_EXTENSION *ex" -.Fc -.Ft int -.Fo X509_EXTENSION_get_critical -.Fa "const X509_EXTENSION *ex" -.Fc -.Ft ASN1_OCTET_STRING * -.Fo X509_EXTENSION_get_data -.Fa "X509_EXTENSION *ex" -.Fc -.Ft int -.Fo X509_supported_extension -.Fa "X509_EXTENSION *ex" -.Fc -.Sh DESCRIPTION -.Fn X509_EXTENSION_new -allocates and initializes an empty -.Vt X509_EXTENSION -object, representing an ASN.1 -.Vt Extension -structure defined in RFC 5280 section 4.1. -It is a wrapper object around specific extension objects of different -types and stores an extension type identifier and a criticality -flag in addition to the DER-encoded form of the wrapped object. -.Vt X509_EXTENSION -objects can be used for X.509 v3 certificates inside -.Vt X509_CINF -objects and for X.509 v2 certificate revocation lists inside -.Vt X509_CRL_INFO -and -.Vt X509_REVOKED -objects. -.Pp -.Fn X509_EXTENSION_dup -creates a deep copy of -.Fa ex -using -.Xr ASN1_item_dup 3 . -.Pp -.Fn X509_EXTENSION_free -frees -.Fa ex -and all objects it is using. -.Pp -.Fn X509_EXTENSION_create_by_NID -creates an extension of type -.Fa nid -and criticality -.Fa crit -using data -.Fa data . -The created extension is returned and written to -.Pf * Fa ex -reusing or allocating a new extension if necessary, so -.Pf * Fa ex -should either be -.Dv NULL -or a valid -.Vt X509_EXTENSION -structure. -It must not be an uninitialised pointer. -.Pp -.Fn X509_EXTENSION_create_by_OBJ -is identical to -.Fn X509_EXTENSION_create_by_NID -except that it creates an extension using -.Fa obj -instead of a NID. -.Pp -.Fn X509_EXTENSION_set_object -sets the extension type of -.Fa ex -to -.Fa obj . -The -.Fa obj -pointer is duplicated internally so -.Fa obj -should be freed up after use. -.Pp -.Fn X509_EXTENSION_set_critical -sets the criticality of -.Fa ex -to -.Fa crit . -If -.Fa crit -is zero, the extension in non-critical, otherwise it is critical. -.Pp -.Fn X509_EXTENSION_set_data -sets the data in extension -.Fa ex -to -.Fa data . -The -.Fa data -pointer is duplicated internally. -.Pp -.Fn X509_EXTENSION_get_object -returns the extension type of -.Fa ex -as an -.Vt ASN1_OBJECT -pointer. -The returned pointer is an internal value which must not be freed up. -.Pp -.Fn X509_EXTENSION_get_critical -tests whether -.Fa ex -is critical. -.Pp -.Fn X509_EXTENSION_get_data -returns the data of extension -.Fa ex . -The returned pointer is an internal value which must not be freed up. -.Pp -.Fn X509_supported_extension -checks whether -.Fa ex -is of a type supported by the verifier. -The list of supported extension types is hardcoded into the library. -If an extension is critical but unsupported, -the certificate will normally be rejected. -.Pp -These functions manipulate the contents of an extension directly. -Most applications will want to parse or encode and add an extension: -they should use the extension encode and decode functions instead -such as -.Xr X509_add1_ext_i2d 3 -and -.Xr X509_get_ext_d2i 3 . -.Pp -The -.Fa data -associated with an extension is the extension encoding in an -.Vt ASN1_OCTET_STRING -structure. -.Sh RETURN VALUES -.Fn X509_EXTENSION_new , -.Fn X509_EXTENSION_dup , -.Fn X509_EXTENSION_create_by_NID , -and -.Fn X509_EXTENSION_create_by_OBJ -return an -.Vt X509_EXTENSION -pointer or -.Dv NULL -if an error occurs. -.Pp -.Fn X509_EXTENSION_set_object , -.Fn X509_EXTENSION_set_critical , -and -.Fn X509_EXTENSION_set_data -return 1 for success or 0 for failure. -.Pp -.Fn X509_EXTENSION_get_object -returns an -.Vt ASN1_OBJECT -pointer. -.Pp -.Fn X509_EXTENSION_get_critical -returns 0 for non-critical or 1 for critical. -.Pp -.Fn X509_EXTENSION_get_data -returns an -.Vt ASN1_OCTET_STRING -pointer. -.Pp -.Fn X509_supported_extension -returns 1 if the type of -.Fa ex -is supported by the verifier or 0 otherwise. -.Sh SEE ALSO -.Xr ACCESS_DESCRIPTION_new 3 , -.Xr AUTHORITY_KEYID_new 3 , -.Xr BASIC_CONSTRAINTS_new 3 , -.Xr d2i_X509_EXTENSION 3 , -.Xr DIST_POINT_new 3 , -.Xr ESS_SIGNING_CERT_new 3 , -.Xr EXTENDED_KEY_USAGE_new 3 , -.Xr GENERAL_NAME_new 3 , -.Xr NAME_CONSTRAINTS_new 3 , -.Xr OCSP_CRLID_new 3 , -.Xr OCSP_SERVICELOC_new 3 , -.Xr PKEY_USAGE_PERIOD_new 3 , -.Xr POLICYINFO_new 3 , -.Xr TS_REQ_new 3 , -.Xr X509_check_ca 3 , -.Xr X509_check_host 3 , -.Xr X509_check_issued 3 , -.Xr X509_get_extension_flags 3 , -.Xr X509_REQ_add_extensions 3 , -.Xr X509V3_EXT_get_nid 3 , -.Xr X509V3_EXT_print 3 , -.Xr X509V3_extensions_print 3 , -.Xr X509V3_get_d2i 3 , -.Xr X509v3_get_ext_by_NID 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile -.Sh HISTORY -.Fn X509_EXTENSION_new -and -.Fn X509_EXTENSION_free -first appeared in SSLeay 0.6.2, -.Fn X509_EXTENSION_dup -in SSLeay 0.6.5, and -.Fn X509_EXTENSION_create_by_NID , -.Fn X509_EXTENSION_create_by_OBJ , -.Fn X509_EXTENSION_set_object , -.Fn X509_EXTENSION_set_critical , -.Fn X509_EXTENSION_set_data , -.Fn X509_EXTENSION_get_object , -.Fn X509_EXTENSION_get_critical , -and -.Fn X509_EXTENSION_get_data -in SSLeay 0.8.0. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn X509_supported_extension -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/X509_INFO_new.3 b/src/lib/libcrypto/man/X509_INFO_new.3 deleted file mode 100644 index 1e9bb832f3..0000000000 --- a/src/lib/libcrypto/man/X509_INFO_new.3 +++ /dev/null @@ -1,72 +0,0 @@ -.\" $OpenBSD: X509_INFO_new.3,v 1.3 2021/10/19 10:39:33 schwarze Exp $ -.\" Copyright (c) 2019 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: October 19 2021 $ -.Dt X509_INFO_NEW 3 -.Os -.Sh NAME -.Nm X509_INFO_new , -.Nm X509_INFO_free -.Nd X.509 certificate wrapper object -.Sh SYNOPSIS -.In openssl/x509.h -.Ft X509_INFO * -.Fn X509_INFO_new void -.Ft void -.Fn X509_INFO_free "X509_INFO *info" -.Sh DESCRIPTION -.Vt X509_INFO -is a reference-counted wrapper object storing a pointer to an X.509 -certificate together with pointers to the associated private key -and to an associated certificate revocation list. -It is for example used internally by -.Xr X509_load_cert_crl_file 3 . -.Pp -.Fn X509_INFO_new -allocates and initializes an empty -.Vt X509_INFO -object and sets its reference count to 1. -.Pp -.Fn X509_INFO_free -decrements the reference count of -.Fa info -by 1. -If the reference count reaches 0, it frees all referenced objects -as well as the storage needed for -.Fa info -itself. -If -.Fa info -is a -.Dv NULL -pointer, no action occurs. -.Sh RETURN VALUES -.Fn X509_INFO_new -returns the newly allocated -.Vt X509_INFO -object or -.Dv NULL -if an error occurs. -.Sh SEE ALSO -.Xr PEM_X509_INFO_read 3 , -.Xr X509_CRL_new 3 , -.Xr X509_new 3 , -.Xr X509_PKEY_new 3 -.Sh HISTORY -.Fn X509_INFO_new -and -.Fn X509_INFO_free -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/X509_LOOKUP_hash_dir.3 b/src/lib/libcrypto/man/X509_LOOKUP_hash_dir.3 deleted file mode 100644 index 5980f8f80d..0000000000 --- a/src/lib/libcrypto/man/X509_LOOKUP_hash_dir.3 +++ /dev/null @@ -1,188 +0,0 @@ -.\" $OpenBSD: X509_LOOKUP_hash_dir.3,v 1.13 2024/09/02 07:20:21 tb Exp $ -.\" full merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800 -.\" selective merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Victor B. Wagner -.\" and Claus Assmann. -.\" Copyright (c) 2015, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: September 2 2024 $ -.Dt X509_LOOKUP_HASH_DIR 3 -.Os -.Sh NAME -.Nm X509_LOOKUP_hash_dir , -.Nm X509_LOOKUP_file , -.Nm X509_LOOKUP_mem -.Nd certificate lookup methods -.Sh SYNOPSIS -.In openssl/x509_vfy.h -.Ft const X509_LOOKUP_METHOD * -.Fn X509_LOOKUP_hash_dir void -.Ft const X509_LOOKUP_METHOD * -.Fn X509_LOOKUP_file void -.Ft const X509_LOOKUP_METHOD * -.Fn X509_LOOKUP_mem void -.Sh DESCRIPTION -.Fn X509_LOOKUP_hash_dir , -.Fn X509_LOOKUP_file , -and -.Fn X509_LOOKUP_mem -return pointers to static certificate lookup method objects -built into the library, for use with -.Vt X509_STORE . -.Pp -Users of the library typically do not need -to retrieve pointers to these method objects manually. -They are automatically used by the -.Xr X509_STORE_load_locations 3 -or -.Xr SSL_CTX_load_verify_locations 3 -functions. -.Ss File Method -The -.Fn X509_LOOKUP_file -method loads all the certificates or CRLs present in a file into memory -at the time the file is added as a lookup source. -.Pp -The file format is ASCII text which contains concatenated PEM -certificates and CRLs. -.Pp -This method should be used by applications which work with a small set -of CAs. -.Ss Hashed Directory Method -.Fa X509_LOOKUP_hash_dir -is a more advanced method which loads certificates and CRLs on demand, -and caches them in memory once they are loaded. -As of OpenSSL 1.0.0, it also checks for newer CRLs upon each lookup, so -that newer CRLs are used as soon as they appear in the directory. -.Pp -The directory should contain one certificate or CRL per file in PEM -format, with a filename of the form -.Ar hash . Ns Ar N -for a certificate, or -.Ar hash . Ns Sy r Ns Ar N -for a CRL. -The -.Ar hash -is the value returned by the -.Xr X509_NAME_hash 3 -function applied to the subject name for certificates or issuer -name for CRLs. -The hash can also be obtained via the -.Fl hash -option of the -.Xr openssl 1 -.Cm x509 -or -.Cm crl -commands. -.Pp -The -.Ar N -suffix is a sequence number that starts at zero and is incremented -consecutively for each certificate or CRL with the same -.Ar hash -value. -Gaps in the sequence numbers are not supported. -It is assumed that there are no more objects with the same hash -beyond the first missing number in the sequence. -.Pp -Sequence numbers make it possible for the directory to contain multiple -certificates with the same subject name hash value. -For example, it is possible to have in the store several certificates -with the same subject or several CRLs with the same issuer (and, for -example, a different validity period). -.Pp -When checking for new CRLs, once one CRL for a given hash value is -loaded, hash_dir lookup method checks only for certificates with -sequence number greater than that of the already cached CRL. -.Pp -Note that the hash algorithm used for subject name hashing changed in -OpenSSL 1.0.0, and all certificate stores have to be rehashed when -moving from OpenSSL 0.9.8 to 1.0.0. -.Ss Memory Method -The -.Fn X509_LOOKUP_mem -method supports loading PEM-encoded certificates and revocation lists -that are already stored in memory, using the function -.Xr X509_LOOKUP_add_mem 3 . -This is particularly useful in processes using -.Xr chroot 2 . -.Sh RETURN VALUES -These functions always return a pointer to a static object. -.Sh SEE ALSO -.Xr SSL_CTX_load_verify_locations 3 , -.Xr X509_LOOKUP_new 3 , -.Xr X509_STORE_load_locations 3 , -.Xr X509_STORE_new 3 -.Sh HISTORY -.Fn X509_LOOKUP_hash_dir -and -.Fn X509_LOOKUP_file -first appeared in SSLeay 0.8.0 and have been available since -.Ox 2.4 . -.Pp -.Fn X509_LOOKUP_mem -first appeared in -.Ox 5.7 . diff --git a/src/lib/libcrypto/man/X509_LOOKUP_new.3 b/src/lib/libcrypto/man/X509_LOOKUP_new.3 deleted file mode 100644 index 559dbbb594..0000000000 --- a/src/lib/libcrypto/man/X509_LOOKUP_new.3 +++ /dev/null @@ -1,460 +0,0 @@ -.\" $OpenBSD: X509_LOOKUP_new.3,v 1.12 2024/09/06 07:48:20 tb Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: September 6 2024 $ -.Dt X509_LOOKUP_NEW 3 -.Os -.Sh NAME -.Nm X509_LOOKUP_free , -.Nm X509_LOOKUP_ctrl , -.Nm X509_LOOKUP_add_dir , -.Nm X509_LOOKUP_load_file , -.Nm X509_LOOKUP_add_mem , -.Nm X509_get_default_cert_dir , -.Nm X509_get_default_cert_file , -.Nm X509_get_default_cert_dir_env , -.Nm X509_get_default_cert_file_env -.\" X509_get_default_private_dir is intentionally undocumented -.\" because it appears to be unused by any real-world software -.\" and because it doesn't do much in the first place. -.Nd certificate lookup object -.Sh SYNOPSIS -.In openssl/x509_vfy.h -.Ft void -.Fn X509_LOOKUP_free "X509_LOOKUP *lookup" -.Ft int -.Fo X509_LOOKUP_ctrl -.Fa "X509_LOOKUP *lookup" -.Fa "int command" -.Fa "const char *source" -.Fa "long type" -.Fa "char **ret" -.Fc -.Ft int -.Fo X509_LOOKUP_add_dir -.Fa "X509_LOOKUP *lookup" -.Fa "const char *source" -.Fa "long type" -.Fc -.Ft int -.Fo X509_LOOKUP_load_file -.Fa "X509_LOOKUP *lookup" -.Fa "const char *source" -.Fa "long type" -.Fc -.Ft int -.Fo X509_LOOKUP_add_mem -.Fa "X509_LOOKUP *lookup" -.Fa "const struct iovec *source" -.Fa "long type" -.Fc -.In openssl/x509.h -.Ft const char * -.Fn X509_get_default_cert_dir void -.Ft const char * -.Fn X509_get_default_cert_file void -.Ft const char * -.Fn X509_get_default_cert_dir_env void -.Ft const char * -.Fn X509_get_default_cert_file_env void -.Sh DESCRIPTION -.Fn X509_LOOKUP_free -is a deprecated function that -releases the memory used by -.Fa lookup . -It is provided for compatibility only. -If -.Fa lookup -is a -.Dv NULL -pointer, no action occurs. -.Pp -The operation of -.Fn X509_LOOKUP_ctrl -depends on the -.Vt X509_LOOKUP_METHOD -used by -.Fa lookup : -.Bl -tag -width 4n -.It Xr X509_LOOKUP_hash_dir 3 -The -.Fa command -is required to be -.Dv X509_L_ADD_DIR -and the -.Fa source -argument is interpreted -as a colon-separated, NUL-terminated list of directory names. -These directories are added to an internal list of directories to search -for certificate files of the given -.Fa type . -.Pp -If -.Fa type -is -.Dv X509_FILETYPE_DEFAULT , -the -.Fa source -argument is ignored and -.Pa /etc/ssl/certs -and a type of -.Dv X509_FILETYPE_PEM -are used instead. -.Pp -.Fn X509_LOOKUP_add_dir -is a macro that calls -.Fn X509_LOOKUP_ctrl -with a -.Fa command -of -.Dv X509_L_ADD_DIR -and -.Fa ret -set to -.Dv NULL . -.Pp -This lookup method is peculiar in so far as calling -.Fn X509_LOOKUP_ctrl -on a lookup object using it does not yet add any certificates to the associated -.Vt X509_STORE -object. -.It Xr X509_LOOKUP_file 3 -The -.Fa command -is required to be -.Dv X509_L_FILE_LOAD -and the -.Fa source -argument is interpreted as a NUL-terminated file name. -If the -.Fa type -is -.Dv X509_FILETYPE_PEM , -the file is read with -.Xr BIO_new_file 3 -and -.Xr PEM_X509_INFO_read_bio 3 -and the certificates and revocation lists found are added to the -.Vt X509_STORE -object associated with -.Fa lookup -using -.Xr X509_STORE_add_cert 3 -and -.Xr X509_STORE_add_crl 3 . -If -.Fa type -is -.Dv X509_FILETYPE_DEFAULT , -the -.Fa source -argument is ignored and -.Pa /etc/ssl/certs.pem -and a type of -.Dv X509_FILETYPE_PEM -are used instead. -If -.Fa type -is -.Dv X509_FILETYPE_ASN1 , -the file is read with -.Xr d2i_X509_bio 3 -and the single certificate is added to the -.Vt X509_STORE -object associated with -.Fa lookup -using -.Xr X509_STORE_add_cert 3 . -.Pp -.Fn X509_LOOKUP_load_file -is a macro calling -.Fn X509_LOOKUP_ctrl -with a -.Fa command -of -.Dv X509_L_FILE_LOAD -and -.Fa ret -set to -.Dv NULL . -.It Xr X509_LOOKUP_mem 3 -The -.Fa command -and -.Fa type -are required to be -.Dv X509_L_MEM -and -.Dv X509_FILETYPE_PEM , -respectively. -The -.Fa source -argument is interpreted as a pointer to an -.Vt iovec -structure defined in -.In sys/uio.h . -The memory area described by that structure is read with -.Xr BIO_new_mem_buf 3 -and -.Xr PEM_X509_INFO_read_bio 3 -and the certificates and revocation lists found are added to the -.Vt X509_STORE -object associated with -.Fa lookup -using -.Xr X509_STORE_add_cert 3 -and -.Xr X509_STORE_add_crl 3 . -.Pp -.Fn X509_LOOKUP_add_mem -is a macro calling -.Fn X509_LOOKUP_ctrl -with a command of -.Dv X509_L_MEM -and -.Fa ret -set to -.Dv NULL . -.El -.Pp -With LibreSSL, -.Fn X509_LOOKUP_ctrl -always ignores the -.Fa ret -argument. -.Pp -If the -.Fa type -is -.Dv X509_LU_X509 , -it searches the configured directories for files having that name, -with a file name extension that is a small, non-negative decimal integer -starting at -.Qq ".0" . -These files are read with -.Xr X509_load_cert_file 3 . -In each directory, the search is ended once a file with the expected name -and extension does not exists. -.Pp -If the -.Fa type -is -.Dv X509_LU_CRL , -the file name extensions are expected to have a prefix of -.Qq "r" , -i.e. they start with -.Qq ".r0" , -and the files are read with -.Xr X509_load_crl_file 3 . -.Pp -In case of success, the first match is returned in the -.Pf * Fa object -provided by the caller, overwriting any previous content. -.Sh RETURN VALUES -.Fn X509_LOOKUP_ctrl -returns 1 for success or 0 for failure. -With library implementations other than LibreSSL, -it might also return \-1 for internal errors. -.Pp -.Fn X509_get_default_cert_dir -returns a pointer to the constant string -.Qq /etc/ssl/certs , -.Fn X509_get_default_cert_file -to -.Qq /etc/ssl/certs.pem , -.Fn X509_get_default_cert_dir_env -to -.Qq SSL_CERT_DIR , -and -.Fn X509_get_default_cert_file_env -to -.Qq SSL_CERT_FILE . -.Sh ENVIRONMENT -For reasons of security and simplicity, -LibreSSL ignores the environment variables -.Ev SSL_CERT_DIR -and -.Ev SSL_CERT_FILE , -but other library implementations may use their contents instead -of the standard locations for trusted certificates, and a few -third-party application programs also inspect these variables -directly and may pass their values to -.Fn X509_LOOKUP_add_dir -and -.Fn X509_LOOKUP_load_file . -.Sh FILES -.Bl -tag -width /etc/ssl/certs.pem -compact -.It Pa /etc/ssl/certs/ -default directory for storing trusted certificates -.It Pa /etc/ssl/certs.pem -default file for storing trusted certificates -.El -.Sh ERRORS -The following diagnostics can be retrieved with -.Xr ERR_get_error 3 , -.Xr ERR_GET_REASON 3 , -and -.Xr ERR_reason_error_string 3 : -.Bl -tag -width Ds -.It Dv ERR_R_ASN1_LIB Qq "ASN1 lib" -.Xr d2i_X509_bio 3 -failed in -.Fn X509_LOOKUP_ctrl . -.It Dv X509_R_BAD_X509_FILETYPE Qq "bad x509 filetype" -.Fn X509_LOOKUP_ctrl -was called with an invalid -.Fa type . -.It Dv ERR_R_BUF_LIB Qq "BUF lib" -Memory allocation failed. -.It Dv X509_R_INVALID_DIRECTORY Qq "invalid directory" -The -.Fa source -argument of -.Fn X509_LOOKUP_ctrl -with -.Dv X509_L_ADD_DIR -or -.Fn X509_LOOKUP_add_dir -was -.Dv NULL -or an empty string. -.It Dv X509_R_LOADING_CERT_DIR Qq "loading cert dir" -.Fn X509_LOOKUP_ctrl -with -.Dv X509_L_ADD_DIR -or -.Fn X509_LOOKUP_add_dir -was called with -.Dv X509_FILETYPE_DEFAULT -and adding the default directories failed. -This error is added after and in addition to a more specific diagnostic. -.It Dv X509_R_LOADING_DEFAULTS Qq "loading defaults" -.Fn X509_LOOKUP_ctrl -with -.Dv X509_L_FILE_LOAD -or -.Fn X509_LOOKUP_load_file -was called with -.Dv X509_FILETYPE_DEFAULT -and adding the certificates and revocation lists failed. -This error is added after and in addition to a more specific diagnostic. -.It Dv ERR_R_MALLOC_FAILURE Qq "malloc failure" -Memory allocation failed. -.It Dv ERR_R_PEM_LIB Qq "PEM lib" -.Xr PEM_X509_INFO_read_bio 3 , -.Xr PEM_read_bio_X509_AUX 3 , -or -.Xr PEM_read_bio_X509_CRL 3 -failed in -.Fn X509_LOOKUP_ctrl . -.It Dv ERR_R_SYS_LIB Qq "system lib" -.Xr BIO_new 3 , -.Xr BIO_new_file 3 , -or -.Xr BIO_read_filename 3 -failed in -.Fn X509_LOOKUP_ctrl . -.It Dv X509_R_WRONG_LOOKUP_TYPE Qq "wrong lookup type" -.Xr X509_STORE_CTX_get_by_subject 3 -was called with an invalid -.Fa type . -.El -.Pp -Passing an invalid -.Fa command -to -.Fn X509_LOOKUP_ctrl -causes failure but provides no diagnostics. -.Sh SEE ALSO -.Xr d2i_X509_bio 3 , -.Xr PEM_read_bio_X509_AUX 3 , -.Xr PEM_X509_INFO_read_bio 3 , -.Xr X509_load_cert_file 3 , -.Xr X509_LOOKUP_hash_dir 3 , -.Xr X509_NAME_hash 3 , -.Xr X509_NAME_new 3 , -.Xr X509_new 3 , -.Xr X509_OBJECT_get_type 3 , -.Xr X509_STORE_add_cert 3 , -.Xr X509_STORE_get_by_subject 3 -.Sh HISTORY -.Fn X509_get_default_cert_dir , -.Fn X509_get_default_cert_file , -.Fn X509_get_default_cert_dir_env , -and -.Fn X509_get_default_cert_file_env -first appeared in SSLeay 0.4.1 and have been available since -.Ox 2.4 . -.Pp -.Fn X509_LOOKUP_add_mem -first appeared in -.Ox 5.7 . -.Pp -The other functions first appeared in SSLeay 0.8.0 -and have been available since -.Ox 2.4 . -.Sh BUGS -If the -.Fa type -is -.Dv X509_FILETYPE_DEFAULT -or -.Dv X509_FILETYPE_PEM , -.Fn X509_LOOKUP_ctrl -with -.Dv X509_L_FILE_LOAD -and -.Fn X509_LOOKUP_load_file -silently ignore failure of -.Xr X509_STORE_add_cert 3 -and -.Xr X509_STORE_add_crl 3 -and indicate success anyway. -.Pp -Handling of a -.Dv NULL -.Fa source -is inconsistent for -.Fn X509_LOOKUP_ctrl -with -.Dv X509_L_FILE_LOAD -and for -.Fn X509_LOOKUP_load_file . -With -.Dv X509_FILETYPE_PEM , -it causes failure, but with -.Dv X509_FILETYPE_ASN1 , -no action occurs and success is indicated. -.Pp -When called on a -.Fa lookup -object using -.Xr X509_LOOKUP_mem 3 , -.Fn X509_LOOKUP_ctrl -raises -.Dv ERR_R_PEM_LIB -when called with an invalid -.Fa command -or -.Fa type , -when -.Xr BIO_new_mem_buf 3 -fails, when -.Fa source -contains zero objects, or when -.Xr X509_STORE_add_cert 3 -fails on the first object encountered, which is all inconsistent -with the behaviour of the other lookup methods. diff --git a/src/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3 b/src/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3 deleted file mode 100644 index 2eadec7b4d..0000000000 --- a/src/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3 +++ /dev/null @@ -1,391 +0,0 @@ -.\" $OpenBSD: X509_NAME_ENTRY_get_object.3,v 1.16 2021/12/10 16:58:20 schwarze Exp $ -.\" full merge up to: OpenSSL aebb9aac Jul 19 09:27:53 2016 -0400 -.\" selective merge up to: OpenSSL ca34e08d Dec 12 07:38:07 2018 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2016, 2018, 2019, 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2002, 2005, 2006, 2017 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 10 2021 $ -.Dt X509_NAME_ENTRY_GET_OBJECT 3 -.Os -.Sh NAME -.Nm X509_NAME_ENTRY_new , -.Nm X509_NAME_ENTRY_free , -.Nm X509_NAME_ENTRY_get_object , -.Nm X509_NAME_ENTRY_get_data , -.Nm X509_NAME_ENTRY_set , -.Nm X509_NAME_ENTRY_set_object , -.Nm X509_NAME_ENTRY_set_data , -.Nm X509_NAME_ENTRY_create_by_txt , -.Nm X509_NAME_ENTRY_create_by_NID , -.Nm X509_NAME_ENTRY_create_by_OBJ -.\" In the following line, "X.501" is not a typo. -.\" This object defined in X.501, not in X.509. -.Nd X.501 relative distinguished name -.Sh SYNOPSIS -.In openssl/x509.h -.Ft X509_NAME_ENTRY * -.Fn X509_NAME_ENTRY_new void -.Ft void -.Fo X509_NAME_ENTRY_free -.Fa "X509_NAME_ENTRY* ne" -.Fc -.Ft ASN1_OBJECT * -.Fo X509_NAME_ENTRY_get_object -.Fa "const X509_NAME_ENTRY *ne" -.Fc -.Ft ASN1_STRING * -.Fo X509_NAME_ENTRY_get_data -.Fa "const X509_NAME_ENTRY *ne" -.Fc -.Ft int -.Fo X509_NAME_ENTRY_set -.Fa "const X509_NAME_ENTRY *ne" -.Fc -.Ft int -.Fo X509_NAME_ENTRY_set_object -.Fa "X509_NAME_ENTRY *ne" -.Fa "const ASN1_OBJECT *obj" -.Fc -.Ft int -.Fo X509_NAME_ENTRY_set_data -.Fa "X509_NAME_ENTRY *ne" -.Fa "int type" -.Fa "const unsigned char *bytes" -.Fa "int len" -.Fc -.Ft X509_NAME_ENTRY * -.Fo X509_NAME_ENTRY_create_by_txt -.Fa "X509_NAME_ENTRY **ne" -.Fa "const char *field" -.Fa "int type" -.Fa "const unsigned char *bytes" -.Fa "int len" -.Fc -.Ft X509_NAME_ENTRY * -.Fo X509_NAME_ENTRY_create_by_NID -.Fa "X509_NAME_ENTRY **ne" -.Fa "int nid" -.Fa "int type" -.Fa "const unsigned char *bytes" -.Fa "int len" -.Fc -.Ft X509_NAME_ENTRY * -.Fo X509_NAME_ENTRY_create_by_OBJ -.Fa "X509_NAME_ENTRY **ne" -.Fa "const ASN1_OBJECT *obj" -.Fa "int type" -.Fa "const unsigned char *bytes" -.Fa "int len" -.Fc -.Sh DESCRIPTION -An X.501 -.Vt RelativeDistinguishedName -is an ordered set of field type and value pairs. -It is the building block for constructing X.501 -.Vt Name -objects. -The -.Vt X509_NAME_ENTRY -object stores one such pair, containing one field type and one value. -.Pp -.Vt X509_NAME_ENTRY -objects are intended for use by the -.Vt X509_NAME -objects documented in -.Xr X509_NAME_new 3 . -Since part of the information about how several -.Vt X509_NAME_ENTRY -objects combine to form an X.501 -.Vt Name -is stored in the individual -.Vt X509_NAME_ENTRY -objects rather than in the -.Vt X509_NAME -object, any given -.Vt X509_NAME_ENTRY -object can only be used by one -.Vt X509_NAME -object at a time. -.Pp -.Fn X509_NAME_ENTRY_new -allocates and initializes an empty -.Vt X509_NAME_ENTRY -object, representing an ASN.1 -.Vt RelativeDistinguishedName -structure defined in RFC 5280 section 4.1.2.4, but containing not more -than one type-value-pair. -.Pp -.Fn X509_NAME_ENTRY_free -frees -.Fa ne -and the type and value contained in it. -.Pp -.Fn X509_NAME_ENTRY_get_object -retrieves the field type of -.Fa ne -in an -.Vt ASN1_OBJECT -structure. -.Fn X509_NAME_ENTRY_get_data -retrieves the field value of -.Fa ne -in an -.Vt ASN1_STRING -structure. -These two functions can be used to examine an -.Vt X509_NAME_ENTRY -object as returned by -.Xr X509_NAME_get_entry 3 . -.Pp -.Fn X509_NAME_ENTRY_set -retrieves the index of the X.501 -.Vt RelativeDistinguishedName Pq RDN -that -.Fa ne -is part of in the X.501 -.Vt Name -object using it. -The first RDN has index 0. -If an RDN consists of more than one -.Vt X509_NAME_ENTRY -object, they all share the same index. -In practice, RDNs containing more than one type-value-pair are rarely -used, so if an -.Va X509_NAME *name -object uses -.Fa ne , -then -.Fn X509_NAME_ENTRY_set ne -usually agrees with -.Fn sk_X509_NAME_ENTRY_find name->entries ne , -but when multi-pair RDNs are used, it may be smaller. -.Pp -.Fn X509_NAME_ENTRY_set_object -sets the field type of -.Fa ne -to -.Fa obj . -.Pp -.Fn X509_NAME_ENTRY_set_data -sets the field value of -.Fa ne -to the given string -.Fa type -and the value determined by -.Fa bytes -and -.Fa len . -If the -.Fa type -argument is positive and includes the -.Fa MBSTRING_FLAG -bit, -.Xr ASN1_STRING_set_by_NID 3 -is used for setting the value, passing the -.Fa type -as the -.Fa inform -argument and using the -.Fa nid -corresponding to -.Fa ne . -Otherwise, if the -.Fa type -argument is -.Dv V_ASN1_APP_CHOOSE , -the type of -.Fa ne -is set to the return value of -.Xr ASN1_PRINTABLE_type 3 . -.Pp -.Fn X509_NAME_ENTRY_create_by_txt , -.Fn X509_NAME_ENTRY_create_by_NID , -and -.Fn X509_NAME_ENTRY_create_by_OBJ -create and return an -.Vt X509_NAME_ENTRY -structure. -.Pp -Except for -.Fn X509_NAME_ENTRY_get_object -and -.Fn X509_NAME_ENTRY_get_data , -these functions are rarely used because -.Vt X509_NAME_ENTRY -structures are almost always part of -.Vt X509_NAME -structures and the functions described in -.Xr X509_NAME_add_entry_by_txt 3 -are typically used to create and add new entries in a single operation. -.Pp -The arguments of these functions support similar options to the -similarly named ones described in -.Xr X509_NAME_add_entry_by_txt 3 . -So for example -.Fa type -can be set to -.Dv MBSTRING_ASC , -but in the case of -.Fn X509_NAME_ENTRY_set_data -the field type must be set first so the relevant field information -can be looked up internally. -.Sh RETURN VALUES -The -.Fn X509_NAME_ENTRY_new -function returns a valid -.Vt X509_NAME_ENTRY -structure if successful; otherwise -.Dv NULL -is returned and an error code can be retrieved with -.Xr ERR_get_error 3 . -.Pp -.Fn X509_NAME_ENTRY_get_object -returns a valid -.Vt ASN1_OBJECT -structure if it is set or -.Dv NULL -if an error occurred. -.Pp -.Fn X509_NAME_ENTRY_get_data -returns a valid -.Vt ASN1_STRING -structure if it is set or -.Dv NULL -if an error occurred. -.Pp -.Fn X509_NAME_ENTRY_set -returns the zero-based index of the RDN -.Fa ne -is used in, or 0 if -.Fa ne -is not yet used by any -.Vt X509_NAME -object. -.Pp -The -.Fn X509_NAME_ENTRY_set_object -function returns 1 if successful; -otherwise 0 is returned and an error code can be retrieved with -.Xr ERR_get_error 3 . -.Pp -.Fn X509_NAME_ENTRY_set_data -returns 1 on success or 0 on error. -In some cases of failure, the reason can be determined with -.Xr ERR_get_error 3 . -.Pp -.Fn X509_NAME_ENTRY_create_by_txt , -.Fn X509_NAME_ENTRY_create_by_NID , -and -.Fn X509_NAME_ENTRY_create_by_OBJ -return a valid -.Vt X509_NAME_ENTRY -structure on success or -.Dv NULL -if an error occurred. -In some cases of failure, the reason can be determined with -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr OBJ_nid2obj 3 , -.Xr X509_NAME_add_entry 3 , -.Xr X509_NAME_get_entry 3 , -.Xr X509_NAME_new 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile -.Pp -ITU-T Recommendation X.501, also known as ISO/IEC 9594-2: Information -Technology Open Systems Interconnection The Directory: Models, -section 9.3: Relative distinguished name -.Sh HISTORY -.Fn X509_NAME_ENTRY_new -and -.Fn X509_NAME_ENTRY_free -first appeared in SSLeay 0.5.1. -.Fn X509_NAME_ENTRY_get_object , -.Fn X509_NAME_ENTRY_get_data , -.Fn X509_NAME_ENTRY_set_object , -.Fn X509_NAME_ENTRY_set_data , -.Fn X509_NAME_ENTRY_create_by_NID , -and -.Fn X509_NAME_ENTRY_create_by_OBJ -first appeared in SSLeay 0.8.0. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn X509_NAME_ENTRY_create_by_txt -first appeared in OpenSSL 0.9.5 and has been available since -.Ox 2.7 . -.Pp -.Fn X509_NAME_ENTRY_set -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 6.3 . -.Sh CAVEATS -Despite its name, -.Fn X509_NAME_ENTRY_set -does not set anything. -Something like -.Dq X509_NAME_ENTRY_get_set -would have been a better name. diff --git a/src/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3 b/src/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3 deleted file mode 100644 index 3c1237d20e..0000000000 --- a/src/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3 +++ /dev/null @@ -1,283 +0,0 @@ -.\" $OpenBSD: X509_NAME_add_entry_by_txt.3,v 1.16 2022/03/31 17:27:17 naddy Exp $ -.\" OpenSSL aebb9aac Jul 19 09:27:53 2016 -0400 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2002, 2005, 2006, 2013, 2014 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 31 2022 $ -.Dt X509_NAME_ADD_ENTRY_BY_TXT 3 -.Os -.Sh NAME -.Nm X509_NAME_add_entry_by_txt , -.Nm X509_NAME_add_entry_by_OBJ , -.Nm X509_NAME_add_entry_by_NID , -.Nm X509_NAME_add_entry , -.Nm X509_NAME_delete_entry -.Nd X509_NAME modification functions -.Sh SYNOPSIS -.In openssl/x509.h -.Ft int -.Fo X509_NAME_add_entry_by_txt -.Fa "X509_NAME *name" -.Fa "const char *field" -.Fa "int type" -.Fa "const unsigned char *bytes" -.Fa "int len" -.Fa "int loc" -.Fa "int set" -.Fc -.Ft int -.Fo X509_NAME_add_entry_by_OBJ -.Fa "X509_NAME *name" -.Fa "const ASN1_OBJECT *obj" -.Fa "int type" -.Fa "const unsigned char *bytes" -.Fa "int len" -.Fa "int loc" -.Fa "int set" -.Fc -.Ft int -.Fo X509_NAME_add_entry_by_NID -.Fa "X509_NAME *name" -.Fa "int nid" -.Fa "int type" -.Fa "const unsigned char *bytes" -.Fa "int len" -.Fa "int loc" -.Fa "int set" -.Fc -.Ft int -.Fo X509_NAME_add_entry -.Fa "X509_NAME *name" -.Fa "const X509_NAME_ENTRY *ne" -.Fa "int loc" -.Fa "int set" -.Fc -.Ft X509_NAME_ENTRY * -.Fo X509_NAME_delete_entry -.Fa "X509_NAME *name" -.Fa "int loc" -.Fc -.Sh DESCRIPTION -.Fn X509_NAME_add_entry_by_txt , -.Fn X509_NAME_add_entry_by_OBJ , -and -.Fn X509_NAME_add_entry_by_NID -add a field whose name is defined by a string -.Fa field , -an object -.Fa obj -or a NID -.Fa nid , -respectively. -The field value to be added is in -.Fa bytes -of length -.Fa len . -If -.Fa len -is -1 then the field length is calculated internally using -.Fn strlen bytes . -.Pp -The type of field is determined by -.Fa type -which can either be a definition of the type of -.Fa bytes -(such as -.Dv MBSTRING_ASC ) -or a standard ASN.1 type (such as -.Dv V_ASN1_IA5STRING ) . -The new entry is added to a position determined by -.Fa loc -and -.Fa set . -.Pp -.Fn X509_NAME_add_entry -adds a copy of an -.Vt X509_NAME_ENTRY -structure -.Fa ne -to -.Fa name . -The new entry is added to a position determined by -.Fa loc -and -.Fa set . -Since a copy of -.Fa ne -is added, -.Fa ne -must be freed up after the call. -.Pp -.Fn X509_NAME_delete_entry -deletes an entry from -.Fa name -at position -.Fa loc . -The deleted entry is returned and must be freed up. -.Pp -The use of string types such as -.Dv MBSTRING_ASC -or -.Dv MBSTRING_UTF8 -is strongly recommended for the -.Fa type -parameter. -This allows the internal code to correctly determine the type of the -field and to apply length checks according to the relevant standards. -.Pp -If instead an ASN.1 type is used, no checks are performed and the supplied -data in -.Fa bytes -is used directly. -.Pp -In -.Fn X509_NAME_add_entry_by_txt -the -.Fa field -string represents the field name using -.Fn OBJ_txt2obj field 0 . -.Pp -The -.Fa loc -and -.Fa set -parameters determine where a new entry should be added. -For almost all applications, -.Fa loc -can be set to -1 and -.Fa set -to 0. -This adds a new entry to the end of -.Fa name -as a single valued -.Vt RelativeDistinguishedName -(RDN). -.Pp -.Fa loc -actually determines the index where the new entry is inserted: -if it is -1 it is appended. -.Pp -.Fa set -determines how the new type is added. -If it is zero, a new RDN is created. -.Pp -If -.Fa set -is -1 or 1, it is added to the previous or next RDN structure -respectively. -This will then be a multivalued RDN: since multivalue RDNs are very -seldom used, -.Fa set -is almost always set to zero. -.Sh RETURN VALUES -.Fn X509_NAME_add_entry_by_txt , -.Fn X509_NAME_add_entry_by_OBJ , -.Fn X509_NAME_add_entry_by_NID , -and -.Fn X509_NAME_add_entry -return 1 for success or 0 if an error occurred. -.Pp -.Fn X509_NAME_delete_entry -returns either the deleted -.Vt X509_NAME_ENTRY -structure or -.Dv NULL -if an error occurred. -.Pp -In some cases of failure, the reason can be determined with -.Xr ERR_get_error 3 . -.Sh EXAMPLES -Create an -.Vt X509_NAME -structure: -.Bd -literal -offset indent -C=UK, O=Disorganized Organization, CN=Joe Bloggs - -X509_NAME *nm; -nm = X509_NAME_new(); -if (nm == NULL) - /* Some error */ -if (!X509_NAME_add_entry_by_txt(nm, "C", MBSTRING_ASC, - "UK", -1, -1, 0)) - /* Error */ -if (!X509_NAME_add_entry_by_txt(nm, "O", MBSTRING_ASC, - "Disorganized Organization", -1, -1, 0)) - /* Error */ -if (!X509_NAME_add_entry_by_txt(nm, "CN", MBSTRING_ASC, - "Joe Bloggs", -1, -1, 0)) - /* Error */ -.Ed -.Sh SEE ALSO -.Xr d2i_X509_NAME 3 , -.Xr X509_NAME_ENTRY_get_object 3 , -.Xr X509_NAME_get_index_by_NID 3 , -.Xr X509_NAME_new 3 -.Sh HISTORY -.Fn X509_NAME_add_entry -and -.Fn X509_NAME_delete_entry -first appeared in SSLeay 0.8.0 and have been available since -.Ox 2.4 . -.Pp -.Fn X509_NAME_add_entry_by_txt , -.Fn X509_NAME_add_entry_by_OBJ , -and -.Fn X509_NAME_add_entry_by_NID -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . -.Sh BUGS -.Fa type -can still be set to -.Dv V_ASN1_APP_CHOOSE -to use -.Xr ASN1_PRINTABLE_type 3 -to determine field types. -Since this form does not understand multicharacter types, performs -no length checks, and can result in invalid field types, its use -is strongly discouraged. diff --git a/src/lib/libcrypto/man/X509_NAME_get_index_by_NID.3 b/src/lib/libcrypto/man/X509_NAME_get_index_by_NID.3 deleted file mode 100644 index a2ceb10eb5..0000000000 --- a/src/lib/libcrypto/man/X509_NAME_get_index_by_NID.3 +++ /dev/null @@ -1,265 +0,0 @@ -.\" $OpenBSD: X509_NAME_get_index_by_NID.3,v 1.16 2023/05/29 11:54:50 beck Exp $ -.\" OpenSSL aebb9aac Jul 19 09:27:53 2016 -0400 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2002, 2006, 2014, 2015, 2016 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: May 29 2023 $ -.Dt X509_NAME_GET_INDEX_BY_NID 3 -.Os -.Sh NAME -.Nm X509_NAME_get_index_by_NID , -.Nm X509_NAME_get_index_by_OBJ , -.Nm X509_NAME_entry_count , -.Nm X509_NAME_get_entry , -.Nm X509_NAME_get_text_by_NID , -.Nm X509_NAME_get_text_by_OBJ -.Nd X509_NAME lookup and enumeration functions -.Sh SYNOPSIS -.In openssl/x509.h -.Ft int -.Fo X509_NAME_get_index_by_NID -.Fa "const X509_NAME *name" -.Fa "int nid" -.Fa "int lastpos" -.Fc -.Ft int -.Fo X509_NAME_get_index_by_OBJ -.Fa "const X509_NAME *name" -.Fa "const ASN1_OBJECT *obj" -.Fa "int lastpos" -.Fc -.Ft int -.Fo X509_NAME_entry_count -.Fa "const X509_NAME *name" -.Fc -.Ft X509_NAME_ENTRY * -.Fo X509_NAME_get_entry -.Fa "const X509_NAME *name" -.Fa "int loc" -.Fc -.Ft int -.Fo X509_NAME_get_text_by_NID -.Fa "X509_NAME *name" -.Fa "int nid" -.Fa "char *buf" -.Fa "int len" -.Fc -.Ft int -.Fo X509_NAME_get_text_by_OBJ -.Fa "X509_NAME *name" -.Fa "const ASN1_OBJECT *obj" -.Fa "char *buf" -.Fa "int len" -.Fc -.Sh DESCRIPTION -These functions allow an -.Vt X509_NAME -structure to be examined. -The -.Vt X509_NAME -structure is the same as the ASN.1 -.Vt Name -type defined in RFC 2459 (and elsewhere) and used, for example, -in certificate subject and issuer names. -.Pp -.Fn X509_NAME_get_index_by_NID -and -.Fn X509_NAME_get_index_by_OBJ -retrieve the next index matching -.Fa nid -or -.Fa obj -after -.Fa lastpos . -.Fa lastpos -should initially be set to -1. -.Pp -.Fn X509_NAME_get_entry -retrieves the -.Vt X509_NAME_ENTRY -from -.Fa name -corresponding to index -.Fa loc . -Acceptable values for -.Fa loc -run from 0 to -.Fn X509_NAME_entry_count name -- 1. -.Pp -.Fn X509_NAME_get_text_by_NID -and -.Fn X509_NAME_get_text_by_OBJ -retrieve the bytes encoded as UTF-8 from the first entry in -.Fa name -which matches -.Fa nid -or -.Fa obj . -If -.Fa buf -is -.Dv NULL , -nothing is written, but the return value is calculated as usual. -If -.Fa buf -is not -.Dv NULL , -no more than -.Fa len -bytes will be written and the text written to -.Fa buf -will be NUL terminated. -.Pp -If -.Fa len -is not large enough to hold the NUL byte terminated UTF-8 encoding of -the text, or if the UTF-8 encoding of the text would contains a NUL -byte, no data will be written and the call will return failure. -.Pp -All relevant -.Dv NID_* -and -.Dv OBJ_* -codes can be found in the -.In openssl/objects.h -header file. -.Pp -Applications which could pass invalid NIDs to -.Fn X509_NAME_get_index_by_NID -should check for the return value of -2. -Alternatively the NID validity can be determined first by checking that -.Fn OBJ_nid2obj nid -is not -.Dv NULL . -.Sh RETURN VALUES -.Fn X509_NAME_get_index_by_NID -returns the index of the next matching entry, -1 if not found, or -2 if the -.Fa nid -does not correspond to a valid OID. -.Pp -.Fn X509_NAME_get_index_by_OBJ -returns the index of the next matching entry or -1 if not found. -.Pp -.Fn X509_NAME_entry_count -returns the total number of entries in -.Fa name . -.Pp -.Fn X509_NAME_get_entry -returns an internal pointer which must not be freed by the caller or -.Dv NULL -if the index is invalid. -.Pp -.Fn X509_NAME_get_text_by_NID -and -.Fn X509_NAME_get_text_by_OBJ -return the length of the output UTF-8 string written, not counting the -terminating NUL, or -1 in the case of an error or no match being found. -.Pp -In some cases of failure of -.Fn X509_NAME_get_index_by_NID -and -.Fn X509_NAME_get_text_by_NID , -the reason can be determined with -.Xr ERR_get_error 3 . -.Sh EXAMPLES -Process all entries: -.Bd -literal -int i; -X509_NAME_ENTRY *e; - -for (i = 0; i < X509_NAME_entry_count(nm); i++) { - e = X509_NAME_get_entry(nm, i); - /* Do something with e */ -} -.Ed -.Pp -Process all commonName entries: -.Bd -literal -int lastpos = -1; -X509_NAME_ENTRY *e; - -for (;;) { - lastpos = X509_NAME_get_index_by_NID(nm, NID_commonName, lastpos); - if (lastpos == -1) - break; - e = X509_NAME_get_entry(nm, lastpos); - /* Do something with e */ -} -.Ed -.Sh SEE ALSO -.Xr d2i_X509_NAME 3 , -.Xr X509_NAME_ENTRY_get_object 3 , -.Xr X509_NAME_new 3 -.Sh HISTORY -These functions first appeared in SSLeay 0.8.0 -and have been available since -.Ox 2.4 . -.Sh CAVEATS -.Fn X509_NAME_get_text_by_NID -and -.Fn X509_NAME_get_text_by_OBJ -are legacy functions which have various limitations which make them of -minimal use in practice. -They can only find the first matching entry and will copy the contents -of the field verbatim: this can be highly confusing if the target is a -multicharacter string type like a -.Vt BMPString -or a -.Vt UTF8String . -.Pp -For a more general solution, -.Fn X509_NAME_get_index_by_NID -or -.Fn X509_NAME_get_index_by_OBJ -should be used, followed by -.Fn X509_NAME_get_entry -on any matching indices and then the various -.Vt X509_NAME_ENTRY -utility functions on the result. diff --git a/src/lib/libcrypto/man/X509_NAME_hash.3 b/src/lib/libcrypto/man/X509_NAME_hash.3 deleted file mode 100644 index 8766109525..0000000000 --- a/src/lib/libcrypto/man/X509_NAME_hash.3 +++ /dev/null @@ -1,97 +0,0 @@ -.\" $OpenBSD: X509_NAME_hash.3,v 1.3 2021/07/31 14:54:33 schwarze Exp $ -.\" -.\" Copyright (c) 2017, 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: July 31 2021 $ -.Dt X509_NAME_HASH 3 -.Os -.Sh NAME -.Nm X509_NAME_hash , -.Nm X509_issuer_name_hash , -.Nm X509_subject_name_hash , -.\" X509_issuer_and_serial_hash() is intentionally undocumented -.\" because it uses MD5 only and is unused in real-world code. -.Nm X509_NAME_hash_old , -.Nm X509_issuer_name_hash_old , -.Nm X509_subject_name_hash_old -.\" In the following line, "X.501" and "Name" are not typos. -.\" The "Name" type is defined in X.501, not in X.509. -.\" The type is called "Name" with capital "N", not "name". -.Nd calculate SHA-1 or MD5 hashes of X.501 Name objects -.Sh SYNOPSIS -.In openssl/x509.h -.Ft unsigned long -.Fn X509_NAME_hash "X509_NAME *name" -.Ft unsigned long -.Fn X509_issuer_name_hash "X509 *x" -.Ft unsigned long -.Fn X509_subject_name_hash "X509 *x" -.Ft unsigned long -.Fn X509_NAME_hash_old "X509_NAME *name" -.Ft unsigned long -.Fn X509_issuer_name_hash_old "X509 *x" -.Ft unsigned long -.Fn X509_subject_name_hash_old "X509 *x" -.Sh DESCRIPTION -.Fn X509_NAME_hash -calculates an -.Xr SHA1 3 -hash of the DER-encoded form of -.Fa name . -It is for example used by -.Xr X509_LOOKUP_hash_dir 3 -to locate certificate files in the file system. -.Pp -.Fn X509_issuer_name_hash -and -.Fn X509_subject_name_hash -are wrappers to calculate this hash of the issuer or subject name of -.Fa x , -respectively. -.Pp -.Fn X509_NAME_hash_old , -.Fn X509_issuer_name_hash_old , -and -.Fn X509_subject_name_hash_old -are variants that use MD5 instead of SHA-1. -.Sh RETURN VALUES -These functions return the hash value or 0 if an error occurs. -.Sh SEE ALSO -.Xr i2d_X509_NAME 3 , -.Xr X509_get_subject_name 3 , -.Xr X509_LOOKUP_new 3 , -.Xr X509_NAME_digest 3 , -.Xr X509_NAME_new 3 -.Sh HISTORY -.Fn X509_subject_name_hash -first appeared in SSLeay 0.4.0, -.Fn X509_issuer_name_hash -in SSLeay 0.5.1, and -.Fn X509_NAME_hash -in SSLeay 0.8.0. -They were switched to hashing the DER representation of the name -rather than an ASCII rendering in SSLeay 0.9.0 and have all been -available since -.Ox 2.4 . -.Pp -They were switched to using SHA1 instead of MD5 in OpenSSL 1.0.0 and in -.Ox 4.9 . -.Pp -.Fn X509_NAME_hash_old , -.Fn X509_issuer_name_hash_old , -and -.Fn X509_subject_name_hash_old -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/X509_NAME_new.3 b/src/lib/libcrypto/man/X509_NAME_new.3 deleted file mode 100644 index 3a4786a9ae..0000000000 --- a/src/lib/libcrypto/man/X509_NAME_new.3 +++ /dev/null @@ -1,103 +0,0 @@ -.\" $OpenBSD: X509_NAME_new.3,v 1.9 2021/07/20 17:31:32 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: July 20 2021 $ -.Dt X509_NAME_NEW 3 -.Os -.Sh NAME -.Nm X509_NAME_new , -.Nm X509_NAME_free -.\" In the following line, "X.501" and "Name" are not typos. -.\" The "Name" type is defined in X.501, not in X.509. -.\" The type in called "Name" with capital "N", not "name". -.Nd X.501 Name object -.Sh SYNOPSIS -.In openssl/x509.h -.Ft X509_NAME * -.Fn X509_NAME_new void -.Ft void -.Fn X509_NAME_free "X509_NAME *name" -.Sh DESCRIPTION -An X.501 -.Vt Name -is an ordered sequence of relative distinguished names. -A relative distinguished name is a set of key-value pairs; see -.Xr X509_NAME_ENTRY_new 3 -for details. -.Pp -Various X.509 structures contain X.501 -.Vt Name -substructures. -They are for example used for the issuers of certificates and -certificate revocation lists and for the subjects of certificates -and certificate requests. -.Pp -.Fn X509_NAME_new -allocates and initializes an empty -.Vt X509_NAME -object, representing an ASN.1 -.Vt Name -structure defined in RFC 5280 section 4.1.2.4. -Data can be added to such objects with the functions described in -.Xr X509_NAME_add_entry_by_txt 3 , -and they can be inspected with the functions described in -.Xr X509_NAME_get_index_by_NID 3 . -.Pp -.Fn X509_NAME_free -frees -.Fa name -and all the -.Vt X509_NAME_ENTRY -objects contained in it. -If -.Fa name -is a -.Dv NULL -pointer, no action occurs. -.Sh RETURN VALUES -.Fn X509_NAME_new -returns a new -.Vt X509_NAME -object or -.Dv NULL -if an error occurred. -.Sh SEE ALSO -.Xr d2i_X509_NAME 3 , -.Xr GENERAL_NAME_new 3 , -.Xr NAME_CONSTRAINTS_new 3 , -.Xr SSL_load_client_CA_file 3 , -.Xr X509_get_subject_name 3 , -.Xr X509_NAME_add_entry_by_txt 3 , -.Xr X509_NAME_cmp 3 , -.Xr X509_NAME_digest 3 , -.Xr X509_NAME_ENTRY_new 3 , -.Xr X509_NAME_get_index_by_NID 3 , -.Xr X509_NAME_hash 3 , -.Xr X509_NAME_print_ex 3 , -.Xr X509_new 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile -.Pp -ITU-T Recommendation X.501, also known as ISO/IEC 9594-2: -Information Technology \(en Open Systems Interconnection \(en -The Directory: Models, section 9: Names -.Sh HISTORY -.Fn X509_NAME_new -and -.Fn X509_NAME_free -appeared in SSLeay 0.4 or earlier and have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/X509_NAME_print_ex.3 b/src/lib/libcrypto/man/X509_NAME_print_ex.3 deleted file mode 100644 index fc06a717cc..0000000000 --- a/src/lib/libcrypto/man/X509_NAME_print_ex.3 +++ /dev/null @@ -1,260 +0,0 @@ -.\" $OpenBSD: X509_NAME_print_ex.3,v 1.17 2025/03/09 16:45:31 tb Exp $ -.\" full merge up to: OpenSSL aebb9aac Jul 19 09:27:53 2016 -0400 -.\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2002, 2004, 2007, 2016, 2017 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 9 2025 $ -.Dt X509_NAME_PRINT_EX 3 -.Os -.Sh NAME -.Nm X509_NAME_print_ex , -.Nm X509_NAME_print_ex_fp , -.Nm X509_NAME_oneline -.Nd X509_NAME printing routines -.Sh SYNOPSIS -.In openssl/x509.h -.Ft int -.Fo X509_NAME_print_ex -.Fa "BIO *out" -.Fa "const X509_NAME *nm" -.Fa "int indent" -.Fa "unsigned long flags" -.Fc -.Ft int -.Fo X509_NAME_print_ex_fp -.Fa "FILE *fp" -.Fa "const X509_NAME *nm" -.Fa "int indent" -.Fa "unsigned long flags" -.Fc -.Ft char * -.Fo X509_NAME_oneline -.Fa "const X509_NAME *a" -.Fa "char *buf" -.Fa "int size" -.Fc -.Sh DESCRIPTION -.Fn X509_NAME_print_ex -prints a human readable version of -.Fa nm -to -.Vt BIO -.Fa out . -Each line (for multiline formats) is indented by -.Fa indent -spaces. -The output format can be extensively customised by use of the -.Fa flags -parameter. -.Pp -.Fn X509_NAME_print_ex_fp -is identical to -.Fn X509_NAME_print_ex -except the output is written to the -.Vt FILE -pointer -.Fa fp . -.Pp -.Fn X509_NAME_oneline -prints an ASCII version of -.Fa a -to -.Fa buf . -If -.Fa buf -is -.Dv NULL , -then a buffer is dynamically allocated and returned, and -.Fa size -is ignored. -Otherwise, at most -.Fa size -bytes will be written, including the ending NUL, and -.Fa buf -is returned. -.Pp -.Fn X509_NAME_oneline -is a legacy function which produces a non-standard output form. -It doesn't handle multi-character fields and has various quirks -and inconsistencies. -Its use is strongly discouraged in new applications. -.Pp -Although there are a large number of possible flags, for most purposes -.Dv XN_FLAG_ONELINE , -.Dv XN_FLAG_MULTILINE , -or -.Dv XN_FLAG_RFC2253 -will suffice. -As noted on the -.Xr ASN1_STRING_print_ex 3 -manual page, for UTF-8 terminals the -.Dv ASN1_STRFLGS_ESC_MSB -should be unset: so for example -.Dv XN_FLAG_ONELINE No & Pf ~ Dv ASN1_STRFLGS_ESC_MSB -would be used. -.Pp -The complete set of the flags supported by -.Dv X509_NAME_print_ex -is listed below. -.Pp -Several options can be OR'ed together. -.Pp -The options -.Dv XN_FLAG_SEP_COMMA_PLUS , -.Dv XN_FLAG_SEP_CPLUS_SPC , -.Dv XN_FLAG_SEP_SPLUS_SPC , -and -.Dv XN_FLAG_SEP_MULTILINE -determine the field separators to use. -Two distinct separators are used between distinct -.Vt RelativeDistinguishedName -components and separate values in the same RDN for a multi-valued RDN. -Multi-valued RDNs are currently very rare so the second separator -will hardly ever be used. -.Pp -.Dv XN_FLAG_SEP_COMMA_PLUS -uses comma and plus as separators. -.Dv XN_FLAG_SEP_CPLUS_SPC -uses comma and plus with spaces: -this is more readable that plain comma and plus. -.Dv XN_FLAG_SEP_SPLUS_SPC -uses spaced semicolon and plus. -.Dv XN_FLAG_SEP_MULTILINE -uses spaced newline and plus respectively. -.Dv XN_FLAG_SEP_MASK -contains the bits used to represent these four options. -.Pp -If -.Dv XN_FLAG_DN_REV -is set, the whole DN is printed in reversed order. -.Pp -The fields -.Dv XN_FLAG_FN_SN , -.Dv XN_FLAG_FN_LN , -.Dv XN_FLAG_FN_OID , -and -.Dv XN_FLAG_FN_NONE -determine how a field name is displayed. -It will use the short name (e.g. CN), the long name (e.g. commonName), -always use OID numerical form (normally OIDs are only used if the -field name is not recognised) and no field name, respectively. -.Dv XN_FLAG_FN_MASK -contains the bits used to represent these four options. -.Pp -If -.Dv XN_FLAG_SPC_EQ -is set, then spaces will be placed around the -.Ql = -character separating field names and values. -.Pp -If -.Dv XN_FLAG_DUMP_UNKNOWN_FIELDS -is set, then the encoding of unknown fields is printed instead of the -values. -.Pp -If -.Dv XN_FLAG_FN_ALIGN -is set, then field names are padded to 20 characters: -this is only of use for multiline format. -.Pp -Additionally, all the options supported by -.Xr ASN1_STRING_print_ex 3 -can be used to control how each field value is displayed. -.Pp -In addition a number of options can be set for commonly used formats. -.Pp -.Dv XN_FLAG_RFC2253 -sets options which produce an output compatible with RFC 2253. -It is equivalent to -.Dv ASN1_STRFLGS_RFC2253 | XN_FLAG_SEP_COMMA_PLUS | XN_FLAG_DN_REV | -.Dv XN_FLAG_FN_SN | XN_FLAG_DUMP_UNKNOWN_FIELDS . -.Pp -.Dv XN_FLAG_ONELINE -is a more readable one line format which is the same as: -.Dv ASN1_STRFLGS_RFC2253 | ASN1_STRFLGS_ESC_QUOTE | XN_FLAG_SEP_CPLUS_SPC | -.Dv XN_FLAG_SPC_EQ | XN_FLAG_FN_SN . -.Pp -.Dv XN_FLAG_MULTILINE -is a multiline format which is the same as: -.Dv ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | XN_FLAG_SEP_MULTILINE | -.Dv XN_FLAG_SPC_EQ | XN_FLAG_FN_LN | XN_FLAG_FN_ALIGN . -.Pp -.Dv XN_FLAG_COMPAT -uses the traditional non-standard SSLeay format. -.Sh RETURN VALUES -.Fn X509_NAME_print_ex -and -.Fn X509_NAME_print_ex_fp -return 1 on success or 0 on error if -.Dv XN_FLAG_COMPAT -is set in -.Fa flags . -Otherwise, they return the number of printed bytes including the -indentation or \-1 on error. -.Pp -.Fn X509_NAME_oneline -returns a valid string on success or -.Dv NULL -on error. -.Sh SEE ALSO -.Xr ASN1_STRING_print_ex 3 , -.Xr d2i_X509_NAME 3 , -.Xr X509_NAME_get_index_by_NID 3 , -.Xr X509_NAME_new 3 -.Sh HISTORY -.Fn X509_NAME_oneline -first appeared in SSLeay 0.5.1 and has been available since -.Ox 2.4 . -.Pp -.Fn X509_NAME_print_ex -and -.Fn X509_NAME_print_ex_fp -first appeared in OpenSSL 0.9.6 and have been available since -.Ox 2.9 . diff --git a/src/lib/libcrypto/man/X509_OBJECT_get0_X509.3 b/src/lib/libcrypto/man/X509_OBJECT_get0_X509.3 deleted file mode 100644 index 56b3926a8b..0000000000 --- a/src/lib/libcrypto/man/X509_OBJECT_get0_X509.3 +++ /dev/null @@ -1,252 +0,0 @@ -.\" $OpenBSD: X509_OBJECT_get0_X509.3,v 1.16 2025/03/08 17:02:59 tb Exp $ -.\" -.\" Copyright (c) 2018, 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 8 2025 $ -.Dt X509_OBJECT_GET0_X509 3 -.Os -.Sh NAME -.Nm X509_OBJECT_get_type , -.Nm X509_OBJECT_new , -.Nm X509_OBJECT_free , -.Nm X509_OBJECT_get0_X509 , -.Nm X509_OBJECT_get0_X509_CRL , -.Nm X509_OBJECT_idx_by_subject , -.Nm X509_OBJECT_retrieve_by_subject , -.Nm X509_OBJECT_retrieve_match -.Nd certificate, CRL, private key, and string wrapper for certificate stores -.Sh SYNOPSIS -.In openssl/x509_vfy.h -.Ft X509_LOOKUP_TYPE -.Fo X509_OBJECT_get_type -.Fa "const X509_OBJECT *obj" -.Fc -.Ft X509_OBJECT * -.Fo X509_OBJECT_new -.Fa void -.Fc -.Ft void -.Fo X509_OBJECT_free -.Fa "X509_OBJECT *obj" -.Fc -.Ft X509 * -.Fo X509_OBJECT_get0_X509 -.Fa "const X509_OBJECT *obj" -.Fc -.Ft X509_CRL * -.Fo X509_OBJECT_get0_X509_CRL -.Fa "X509_OBJECT *obj" -.Fc -.Ft int -.Fo X509_OBJECT_idx_by_subject -.Fa "STACK_OF(X509_OBJECT) *stack" -.Fa "X509_LOOKUP_TYPE type" -.Fa "X509_NAME *name" -.Fc -.Ft X509_OBJECT * -.Fo X509_OBJECT_retrieve_by_subject -.Fa "STACK_OF(X509_OBJECT) *stack" -.Fa "X509_LOOKUP_TYPE type" -.Fa "X509_NAME *name" -.Fc -.Ft X509_OBJECT * -.Fo X509_OBJECT_retrieve_match -.Fa "STACK_OF(X509_OBJECT) *stack" -.Fa "X509_OBJECT *obj" -.Fc -.Sh DESCRIPTION -The -.Vt X509_OBJECT -structure is a shallow wrapper around one -.Vt X509 -certificate object or one -.Vt X509_CRL -certificate revocation list object. -The type of object stored at any given time can be inspected with -.Fn X509_OBJECT_get_type . -.Pp -Each -.Vt X509_STORE -object uses one stack of -.Vt X509_OBJECT -structures as its main storage area. -.Pp -.Fn X509_OBJECT_new -allocates a new -.Vt X509_OBJECT -structure. -It sets the object type to -.Dv X509_LU_NONE -and the pointer to the certificate or CRL to -.Dv NULL . -.Pp -If -.Fa obj -contains an -.Vt X509 -certificate, -.Fn X509_OBJECT_free -calls -.Xr X509_free 3 -on that inner object. -If -.Fa obj -contains an -.Vt X509_CRL -certificate revocation list, it calls -.Xr X509_CRL_free 3 -on that inner list. -.Fn X509_OBJECT_free -then frees the storage used for the -.Fa obj -itself. -.Pp -If -.Fa type -is -.Dv X509_LU_X509 , -.Fn X509_OBJECT_idx_by_subject -and -.Fn X509_OBJECT_retrieve_by_subject -search the given -.Fa stack -for a certificate with the subject -.Fa name . -If -.Fa type -is -.Dv X509_LU_CRL , -they search for a certificate revocation list with the issuer -.Fa name -instead. -.Pp -If -.Fa obj -contains a certificate, -.Fn X509_OBJECT_retrieve_match -searches the given -.Fa stack -for a certificate with a matching subject name; -if it contains a certificate revocation list, it searches for a -certificate revocation list with a matching issuer name instead; -otherwise, it searches for an -.Vt X509_OBJECT -with a matching type. -.Sh RETURN VALUES -.Fn X509_OBJECT_get_type -returns -.Dv X509_LU_X509 -if -.Fa obj -contains a certificate, -.Dv X509_LU_CRL -if it contains a certificate revocation list, or -.Dv X509_LU_NONE -if it contains neither. -.Pp -.Fn X509_OBJECT_new -returns the new object or -.Dv NULL -if memory allocation fails. -.Pp -.Fn X509_OBJECT_get0_X509 -returns an internal pointer to the certificate contained in -.Fa obj -or -.Dv NULL -if -.Fa obj -is -.Dv NULL -or contains no certificate. -.Pp -.Fn X509_OBJECT_get0_X509_CRL -returns an internal pointer to the certificate revocation list contained in -.Fa obj -or -.Dv NULL -if -.Fa obj -is -.Dv NULL -or contains no certificate revocation list. -.Pp -.Fn X509_OBJECT_idx_by_subject -returns the zero-based index of the first matching certificate -or revocation list in the -.Fa stack -or \-1 if -.Fa type -is neither -.Dv X509_LU_X509 -nor -.Dv X509_LU_CRL -or if no match is found. -.Pp -.Fn X509_OBJECT_retrieve_by_subject -returns the first matching certificate or revocation list in the -.Fa stack -or -.Dv NULL -if -.Fa type -is neither -.Dv X509_LU_X509 -nor -.Dv X509_LU_CRL -or if no match is found. -.Pp -.Fn X509_OBJECT_retrieve_match -returns the first matching -.Vt X509_OBJECT -or -.Dv NULL -if -.Fa stack -or -.Fa obj -is -.Dv NULL -or no match is found. -.Sh SEE ALSO -.Xr STACK_OF 3 , -.Xr X509_CRL_new 3 , -.Xr X509_LOOKUP_new 3 , -.Xr X509_NAME_new 3 , -.Xr X509_new 3 , -.Xr X509_STORE_get0_objects 3 , -.Xr X509_STORE_get_by_subject 3 , -.Xr X509_STORE_load_locations 3 , -.Xr X509_STORE_new 3 -.Sh HISTORY -.Fn X509_OBJECT_idx_by_subject , -.Fn X509_OBJECT_retrieve_by_subject , -and -.Fn X509_OBJECT_retrieve_match -first appeared in OpenSSL 0.9.6 and have been available since -.Ox 2.9 . -.Pp -.Fn X509_OBJECT_get_type , -.Fn X509_OBJECT_get0_X509 , -and -.Fn X509_OBJECT_get0_X509_CRL -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 6.3 . -.Pp -.Fn X509_OBJECT_new -and -.Fn X509_OBJECT_free -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 7.1 . diff --git a/src/lib/libcrypto/man/X509_PKEY_new.3 b/src/lib/libcrypto/man/X509_PKEY_new.3 deleted file mode 100644 index 253b0f6db5..0000000000 --- a/src/lib/libcrypto/man/X509_PKEY_new.3 +++ /dev/null @@ -1,92 +0,0 @@ -.\" $OpenBSD: X509_PKEY_new.3,v 1.1 2021/10/19 10:39:33 schwarze Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: October 19 2021 $ -.Dt X509_PKEY_NEW 3 -.Os -.Sh NAME -.Nm X509_PKEY_new , -.Nm X509_PKEY_free -.Nd X.509 private key wrapper object -.Sh SYNOPSIS -.In openssl/x509.h -.Ft X509_PKEY * -.Fn X509_PKEY_new void -.Ft void -.Fn X509_PKEY_free "X509_PKEY *wrapper" -.Sh DESCRIPTION -.Vt X509_PKEY -is a reference-counted wrapper object that can store -.Bl -bullet -width 1n -.It -a pointer to an encrypted and ASN.1-encoded private key -.It -a pointer to an -.Vt EVP_PKEY -object representing the same key in decrypted form -.It -a pointer to an -.Vt X509_ALGOR -object identifying the algorithm used by the key -.El -.Pp -The object may contain only the encrypted key or only the decrypted -key or both. -.Pp -.Vt X509_PKEY -is used as a sub-object of the -.Vt X509_INFO -object created by -.Xr PEM_X509_INFO_read_bio 3 -if the PEM file contains any RSA, DSA, or EC PRIVATE KEY object. -.Pp -.Fn X509_PKEY_new -allocates and initializes an empty -.Vt X509_PKEY -object and sets its reference count to 1. -.Pp -.Fn X509_PKEY_free -decrements the reference count of the -.Fa wrapper -object by 1. -If the reference count reaches 0, -it frees all internal objects allocated by the -.Fa wrapper -as well as the storage needed for the -.Fa wrapper -object itself. -If -.Fa wrapper -is a -.Dv NULL -pointer, no action occurs. -.Sh RETURN VALUES -.Fn X509_PKEY_new -returns a pointer to the new -.Vt X509_PKEY -object or -.Dv NULL -if memory allocation fails. -.Sh SEE ALSO -.Xr EVP_PKEY_new 3 , -.Xr PEM_X509_INFO_read 3 , -.Xr X509_INFO_new 3 -.Sh HISTORY -.Fn X509_PKEY_new -and -.Fn X509_PKEY_free -first appeared in SSLeay 0.6.0 and have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/X509_PUBKEY_new.3 b/src/lib/libcrypto/man/X509_PUBKEY_new.3 deleted file mode 100644 index df1c50bda2..0000000000 --- a/src/lib/libcrypto/man/X509_PUBKEY_new.3 +++ /dev/null @@ -1,401 +0,0 @@ -.\" $OpenBSD: X509_PUBKEY_new.3,v 1.18 2024/12/06 12:51:13 schwarze Exp $ -.\" full merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2020, 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 6 2024 $ -.Dt X509_PUBKEY_NEW 3 -.Os -.Sh NAME -.Nm X509_PUBKEY_new , -.Nm X509_PUBKEY_free , -.Nm X509_PUBKEY_set , -.Nm X509_PUBKEY_get0 , -.Nm X509_PUBKEY_get , -.Nm d2i_X509_PUBKEY , -.Nm i2d_X509_PUBKEY , -.Nm d2i_PUBKEY , -.Nm i2d_PUBKEY , -.Nm d2i_PUBKEY_bio , -.Nm d2i_PUBKEY_fp , -.Nm i2d_PUBKEY_fp , -.Nm i2d_PUBKEY_bio , -.Nm X509_PUBKEY_set0_param , -.Nm X509_PUBKEY_get0_param -.Nd X.509 SubjectPublicKeyInfo structure -.Sh SYNOPSIS -.In openssl/x509.h -.Ft X509_PUBKEY * -.Fn X509_PUBKEY_new void -.Ft void -.Fo X509_PUBKEY_free -.Fa "X509_PUBKEY *a" -.Fc -.Ft int -.Fo X509_PUBKEY_set -.Fa "X509_PUBKEY **x" -.Fa "EVP_PKEY *pkey" -.Fc -.Ft EVP_PKEY * -.Fo X509_PUBKEY_get0 -.Fa "X509_PUBKEY *key" -.Fc -.Ft EVP_PKEY * -.Fo X509_PUBKEY_get -.Fa "X509_PUBKEY *key" -.Fc -.Ft X509_PUBKEY * -.Fo d2i_X509_PUBKEY -.Fa "X509_PUBKEY **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_X509_PUBKEY -.Fa "X509_PUBKEY *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft EVP_PKEY * -.Fo d2i_PUBKEY -.Fa "EVP_PKEY **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_PUBKEY -.Fa "EVP_PKEY *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft EVP_PKEY * -.Fo d2i_PUBKEY_bio -.Fa "BIO *bp" -.Fa "EVP_PKEY **val_out" -.Fc -.Ft EVP_PKEY * -.Fo d2i_PUBKEY_fp -.Fa "FILE *fp" -.Fa "EVP_PKEY **val_out" -.Fc -.Ft int -.Fo i2d_PUBKEY_fp -.Fa "FILE *fp" -.Fa "EVP_PKEY *val_in" -.Fc -.Ft int -.Fo i2d_PUBKEY_bio -.Fa "BIO *bp" -.Fa "EVP_PKEY *val_in" -.Fc -.Ft int -.Fo X509_PUBKEY_set0_param -.Fa "X509_PUBKEY *pub" -.Fa "ASN1_OBJECT *aobj" -.Fa "int ptype" -.Fa "void *pval" -.Fa "unsigned char *penc" -.Fa "int penclen" -.Fc -.Ft int -.Fo X509_PUBKEY_get0_param -.Fa "ASN1_OBJECT **ppkalg" -.Fa "const unsigned char **pk" -.Fa "int *ppklen" -.Fa "X509_ALGOR **pa" -.Fa "X509_PUBKEY *pub" -.Fc -.Sh DESCRIPTION -The -.Vt X509_PUBKEY -structure represents the ASN.1 -.Vt SubjectPublicKeyInfo -structure defined in RFC 5280 section 4.1 and used in certificates -and certificate requests. -.Pp -.Fn X509_PUBKEY_new -allocates and initializes an -.Vt X509_PUBKEY -structure. -.Pp -.Fn X509_PUBKEY_free -frees up the -.Vt X509_PUBKEY -structure -.Fa a . -If -.Fa a -is a -.Dv NULL -pointer, no action occurs. -.Pp -.Fn X509_PUBKEY_set -sets the public key in -.Pf * Fa x -to the public key contained in the -.Vt EVP_PKEY -structure -.Fa pkey . -If -.Pf * Fa x -is not -.Dv NULL , -any existing public key structure will be freed. -.Pp -.Fn X509_PUBKEY_get0 -returns the public key contained in -.Fa key . -The returned value is an internal pointer which must not be freed after use. -.Pp -.Fn X509_PUBKEY_get -is similar to -.Fn X509_PUBKEY_get0 -except that the reference -count on the returned key is incremented so it must be freed using -.Xr EVP_PKEY_free 3 -after use. -.Pp -.Fn d2i_X509_PUBKEY , -.Fn i2d_X509_PUBKEY , -.Fn d2i_PUBKEY , -and -.Fn i2d_PUBKEY -decode and encode an ASN.1 -.Vt SubjectPublicKeyInfo -structure using either the -.Vt X509_PUBKEY -or the -.Vt EVP_PKEY -object type, respectively. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Fn d2i_PUBKEY_bio , -.Fn d2i_PUBKEY_fp , -.Fn i2d_PUBKEY_bio -and -.Fn i2d_PUBKEY_fp -are similar to -.Fn d2i_PUBKEY -and -.Fn i2d_PUBKEY -except they decode or encode using a -.Vt BIO -or -.Vt FILE -pointer. -.Pp -.Fn X509_PUBKEY_set0_param -sets the public key parameters of -.Fa pub . -The OID associated with the algorithm is set to -.Fa aobj . -The type of the algorithm parameters is set to -.Fa ptype -using the structure -.Fa pval . -The encoding of the public key itself is set to the -.Fa penclen -bytes contained in buffer -.Fa penc . -On success ownership of all the supplied parameters is passed to -.Fa pub -so they must not be freed after the call. -.Pp -.Fn X509_PUBKEY_get0_param -retrieves the public key parameters from -.Fa pub , -.Pf * Fa ppkalg -is set to the associated OID and the encoding consists of -.Pf * Fa ppklen -bytes at -.Pf * Fa pk , -and -.Pf * Fa pa -is set to the associated -.Vt AlgorithmIdentifier -for the public key. -If the value of any of these parameters is not required, -it can be set to -.Dv NULL . -All of the retrieved pointers are internal and must not be freed after -the call. -.Sh RETURN VALUES -If the allocation fails, -.Fn X509_PUBKEY_new -returns -.Dv NULL -and sets an error code that can be obtained by -.Xr ERR_get_error 3 . -Otherwise it returns a pointer to the newly allocated structure. -.Pp -.Fn X509_PUBKEY_get0 -returns an internal pointer or -.Dv NULL -if an error occurs. -.Pp -.Fn X509_PUBKEY_get -returns a pointer to an object that had its reference count incremented or -.Dv NULL -if an error occurs. -.Pp -.Fn d2i_X509_PUBKEY , -.Fn d2i_PUBKEY , -.Fn d2i_PUBKEY_bio , -and -.Fn d2i_PUBKEY_fp -return a pointer to a valid object or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_X509_PUBKEY -and -.Fn i2d_PUBKEY -return the number of bytes successfully encoded or a negative value -if an error occurs. -.Pp -.Fn X509_PUBKEY_set , -.Fn X509_PUBKEY_set0_param , -.Fn X509_PUBKEY_get0_param , -.Fn i2d_PUBKEY_fp , -and -.Fn i2d_PUBKEY_bio -return 1 for success and 0 if an error occurred. -.Sh ERRORS -After failure of -.Fn X509_PUBKEY_get0 -or -.Fn X509_PUBKEY_get , -one of the following diagnostics can be retrieved with -.Xr ERR_get_error 3 , -.Xr ERR_GET_REASON 3 , -and -.Xr ERR_reason_error_string 3 : -.Bl -tag -width Ds -.It Dv X509_R_UNSUPPORTED_ALGORITHM Qq "unsupported algorithm" -The public key uses an algorithm unsupported by -.Xr EVP_PKEY_set_type 3 . -.It X509_R_METHOD_NOT_SUPPORTED Qq "method not supported" -While the algorithm is known to -.Xr EVP_PKEY_set_type 3 , -using it for decoding is not supported. -.It X509_R_PUBLIC_KEY_DECODE_ERROR Qq "public key decode error" -Decoding the public key failed. -.It Dv ERR_R_MALLOC_FAILURE Qq "malloc failure" -Memory was exhausted when trying to allocate the new -.Vt EVP_PKEY -object. -.El -.Pp -If -.Fa key -is -.Dv NULL -or does not contain a public key, -these functions fail but no error is pushed onto the stack. -.Sh SEE ALSO -.Xr d2i_X509 3 , -.Xr X509_ALGOR_new 3 , -.Xr X509_get_pubkey 3 , -.Xr X509_new 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile -.Sh HISTORY -.Fn X509_PUBKEY_new -and -.Fn X509_PUBKEY_free -appeared in SSLeay 0.4 or earlier. -.Fn d2i_X509_PUBKEY -and -.Fn i2d_X509_PUBKEY -first appeared in SSLeay 0.5.1. -.Fn X509_PUBKEY_set -and -.Fn X509_PUBKEY_get -first appeared in SSLeay 0.8.0. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn d2i_PUBKEY -and -.Fn i2d_PUBKEY -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . -.Pp -.Fn d2i_PUBKEY_bio , -.Fn d2i_PUBKEY_fp , -.Fn i2d_PUBKEY_fp , -and -.Fn i2d_PUBKEY_bio -first appeared in OpenSSL 0.9.6 and have been available since -.Ox 2.9 . -.Pp -.Fn X509_PUBKEY_set0_param -and -.Fn X509_PUBKEY_get0_param -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . -.Pp -.Fn X509_PUBKEY_get0 -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 6.3 . diff --git a/src/lib/libcrypto/man/X509_PURPOSE_set.3 b/src/lib/libcrypto/man/X509_PURPOSE_set.3 deleted file mode 100644 index 1f723e9b9f..0000000000 --- a/src/lib/libcrypto/man/X509_PURPOSE_set.3 +++ /dev/null @@ -1,295 +0,0 @@ -.\" $OpenBSD: X509_PURPOSE_set.3,v 1.1 2021/07/23 14:27:32 schwarze Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: July 23 2021 $ -.Dt X509_PURPOSE_SET 3 -.Os -.Sh NAME -.Nm X509_PURPOSE_set , -.Nm X509_PURPOSE_get_by_id , -.Nm X509_PURPOSE_add , -.Nm X509_PURPOSE_get_count , -.Nm X509_PURPOSE_cleanup , -.Nm X509_PURPOSE_get0 , -.Nm X509_PURPOSE_get_by_sname , -.Nm X509_PURPOSE_get_id , -.Nm X509_PURPOSE_get0_name , -.Nm X509_PURPOSE_get0_sname , -.Nm X509_PURPOSE_get_trust -.Nd purpose objects, indices, and identifiers -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft int -.Fo X509_PURPOSE_set -.Fa "int *id_out" -.Fa "int id_in" -.Fc -.Ft int -.Fn X509_PURPOSE_get_by_id "int identifier" -.Ft int -.Fo X509_PURPOSE_add -.Fa "int identifier" -.Fa "int trust" -.Fa "int flags" -.Fa "int (*check_purpose)(const X509_PURPOSE *, const X509 *, int)" -.Fa "const char *name" -.Fa "const char *sname" -.Fa "void *usr_data" -.Fc -.Ft int -.Fn X509_PURPOSE_get_count void -.Ft void -.Fn X509_PURPOSE_cleanup void -.Ft X509_PURPOSE * -.Fn X509_PURPOSE_get0 "int index" -.Ft int -.Fn X509_PURPOSE_get_by_sname "const char *sname" -.Ft int -.Fn X509_PURPOSE_get_id "const X509_PURPOSE *object" -.Ft char * -.Fn X509_PURPOSE_get0_name "const X509_PURPOSE *object" -.Ft char * -.Fn X509_PURPOSE_get0_sname "const X509_PURPOSE *object" -.Ft int -.Fn X509_PURPOSE_get_trust "const X509_PURPOSE *object" -.Sh DESCRIPTION -The purposes that an X.509 certificate is intended to be used for -can be identified in three equivalent ways: -.Bl -enum -.It -By purpose identifiers, which are positive integer constants. -Standard purpose identifiers lie in the range from -.Dv X509_PURPOSE_MIN -to -.Dv X509_PURPOSE_MAX , -inclusive, and are listed in the -.Xr X509_check_purpose 3 -manual page. -User defined purpose identifiers are larger than -.Dv X509_PURPOSE_MAX . -.It -By purpose indices, which are non-negative integer constants -but differ from the purpose identifiers for the same purpose. -Standard purpose indices are smaller than -.Dv X509_PURPOSE_MAX . -User defined purpose indices are larger than or equal to -.Dv X509_PURPOSE_MAX . -.It -By purpose objects of the type -.Vt X509_PURPOSE . -Standard purpose objects are available in static storage. -User defined purpose objects can be created with -.Fn X509_PURPOSE_add . -.El -.Pp -Application programmers cannot choose the way to identify purposes -that they like best; depending on the circumstances, all three ways -are needed. -Be warned that the naming of most functions is misleading. -.Pp -Most API functions documented outside the present manual page -use purpose identifiers rather than purpose indices. -.Ss Using purpose identifiers -.Fn X509_PURPOSE_set -validates the purpose identifier -.Fa id_in . -If it is valid, it is copied to -.Pf * Fa id_out . -Otherwise, -.Pf * Fa id_out -remains unchanged. -.Pp -.Fn X509_PURPOSE_get_by_id -converts the purpose -.Fa identifier -to the corresponding purpose index. -To find the corresponding purpose object, pass the result to -.Fn X509_PURPOSE_get0 . -.Pp -.Fn X509_PURPOSE_add -defines a purpose with the given -.Fa identifier -or modifies its properties if it already exists. -The purpose -.Fa identifier , -the -.Fa trust -identifier, the -.Fa flags , -the -.Fa check_purpose -function, the -.Fa name , -the short name -.Fa sname , -and the -.Fa usr_data -pointer are copied into the -.Vt X509_PURPOSE -object. -When modifying an existing purpose object, previous values of fields are -overwritten and previous -.Fa name -and -.Fa sname -strings are freed if they were dynamically allocated. -When creating a new purpose object, -it is added to the global array of user-defined purpose objects. -.Pp -.Dv X509_PURPOSE_DYNAMIC -and -.Dv X509_PURPOSE_DYNAMIC_NAME -are always ignored in the -.Fa flags -argument. -.Dv X509_PURPOSE_DYNAMIC -is automatically set if the object was created by the user. -It is never set for standard objects, not even if they were -modified by the user. -.Dv X509_PURPOSE_DYNAMIC_NAME -is automatically set if the object was created or modified by the user. -It is only unset for unmodified standard objects. -The library does not appear to define any other flags, so the -.Fa flags -argument is probably useless unless users define their own flags -and use them in the -.Fa check_purpose -function. -.Pp -The third and final argument of the -.Fa check_purpose -function is the -.Fa ca -argument documented in -.Xr X509_check_purpose 3 . -.Pp -.Fn X509_PURPOSE_get_count -returns the total number of purposes currently defined, -including both standard and user-defined purposes. -If no user-defined purposes exist, the returned value is -.Dv X509_PURPOSE_MAX . -.Pp -.Fn X509_PURPOSE_cleanup -deletes all user-defined purpose objects -and invalidates their purpose identifiers and purpose indices. -If any of the standard purpose objects were modified by the user, -those changes are -.Em not -reverted. -.Ss Using purpose indices -.Fn X509_PURPOSE_get0 -converts the purpose -.Fa index -to a pointer to the corresponding purpose object. -To find the corresponding purpose identifier, pass the result to -.Fn X509_PURPOSE_get_id . -.Pp -.Fn X509_PURPOSE_get_by_sname -returns the lowest index of a purpose with the given short name. -.Ss Using purpose objects -.Fn X509_PURPOSE_get_id -converts a pointer to a purpose -.Fa object -to the corresponding purpose identifier. -To find the corresponding purpose index, pass the result to -.Fn X509_PURPOSE_get_by_id . -.Pp -.Fn X509_PURPOSE_get0_name , -.Fn X509_PURPOSE_get0_sname , -and -.Fn X509_PURPOSE_get_trust -retrieve the name, short name, and trust identifier from the -.Fa object , -respectively. -.Sh RETURN VALUES -.Fn X509_PURPOSE_set -returns 1 if -.Fa id_in -is valid or 0 otherwise. -.Pp -.Fn X509_PURPOSE_get_by_id -and -.Fn X509_PURPOSE_get_by_sname -return the corresponding purpose index -or \-1 if no matching purpose is found. -.Pp -.Fn X509_PURPOSE_add -returns 1 for success or 0 for failure. -.Pp -.Fn X509_PURPOSE_get_count -returns the total number of purposes currently defined. -.Pp -.Fn X509_PURPOSE_get0 -returns a standard or user-defined purpose object or -.Dv NULL -if the -.Fa index -is invalid. -.Pp -.Fn X509_PURPOSE_get_id -always returns a valid purpose identifier. -.Pp -.Fn X509_PURPOSE_get0_name -and -.Fn X509_PURPOSE_get0_sname -return pointers to storage owned by the -.Fa object . -.Pp -.Fn X509_PURPOSE_get_trust -returns the trust identifier associated with the -.Fa object . -.Sh ERRORS -The following diagnostics can be retrieved with -.Xr ERR_get_error 3 , -.Xr ERR_GET_REASON 3 , -and -.Xr ERR_reason_error_string 3 : -.Bl -tag -width Ds -.It Dv X509V3_R_INVALID_PURPOSE Qq "invalid purpose" -.Fn X509_PURPOSE_set -was called with an invalid -.Fa id_in -argument. -.It Dv X509V3_R_INVALID_NULL_ARGUMENT Qq "invalid null argument" -.Fn X509_PURPOSE_add -was called with a -.Fa name -or -.Fa sname -argument of -.Dv NULL . -.It Dv ERR_R_MALLOC_FAILURE Qq "malloc failure" -.Fn X509_PURPOSE_add -failed to allocate memory. -.El -.Pp -The other functions provide no diagnostics. -.Sh SEE ALSO -.Xr X509_check_purpose 3 , -.Xr X509_new 3 , -.Xr X509_STORE_set_purpose 3 , -.Xr X509_VERIFY_PARAM_set_purpose 3 -.Sh HISTORY -.Fn X509_PURPOSE_set -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.2 . -.Pp -The other functions first appeared in OpenSSL 0.9.5 -and have been available since -.Ox 2.7 . -.Sh CAVEATS -The difference between purpose identifiers and purpose indices provides -an ideal breeding ground for off-by-one bugs. diff --git a/src/lib/libcrypto/man/X509_REQ_add1_attr.3 b/src/lib/libcrypto/man/X509_REQ_add1_attr.3 deleted file mode 100644 index f9b602dbef..0000000000 --- a/src/lib/libcrypto/man/X509_REQ_add1_attr.3 +++ /dev/null @@ -1,172 +0,0 @@ -.\" $OpenBSD: X509_REQ_add1_attr.3,v 1.4 2024/09/02 07:56:28 tb Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: September 2 2024 $ -.Dt X509_REQ_ADD1_ATTR 3 -.Os -.Sh NAME -.Nm X509_REQ_add1_attr , -.Nm X509_REQ_add1_attr_by_OBJ , -.Nm X509_REQ_add1_attr_by_NID , -.Nm X509_REQ_add1_attr_by_txt , -.Nm X509_REQ_delete_attr , -.Nm X509_REQ_get_attr , -.Nm X509_REQ_get_attr_count , -.Nm X509_REQ_get_attr_by_OBJ , -.Nm X509_REQ_get_attr_by_NID -.Nd X.501 Attributes of PKCS#10 certification requests -.Sh SYNOPSIS -.In openssl/x509.h -.Ft int -.Fo X509_REQ_add1_attr -.Fa "X509_REQ *req" -.Fa "X509_ATTRIBUTE *attr" -.Fc -.Ft int -.Fo X509_REQ_add1_attr_by_OBJ -.Fa "X509_REQ *req" -.Fa "const ASN1_OBJECT *obj" -.Fa "int type" -.Fa "const unsigned char *data" -.Fa "int len" -.Fc -.Ft int -.Fo X509_REQ_add1_attr_by_NID -.Fa "X509_REQ *req" -.Fa "int nid" -.Fa "int type" -.Fa "const unsigned char *data" -.Fa "int len" -.Fc -.Ft int -.Fo X509_REQ_add1_attr_by_txt -.Fa "X509_REQ *req" -.Fa "const char *name" -.Fa "int type" -.Fa "const unsigned char *data" -.Fa "int len" -.Fc -.Ft X509_ATTRIBUTE * -.Fo X509_REQ_delete_attr -.Fa "X509_REQ *req" -.Fa "int index" -.Fc -.Ft X509_ATTRIBUTE * -.Fo X509_REQ_get_attr -.Fa "const X509_REQ *req" -.Fa "int index" -.Fc -.Ft int -.Fo X509_REQ_get_attr_count -.Fa "const X509_REQ *req" -.Fc -.Ft int -.Fo X509_REQ_get_attr_by_OBJ -.Fa "const X509_REQ *req" -.Fa "const ASN1_OBJECT *obj" -.Fa "int start_after" -.Fc -.Ft int -.Fo X509_REQ_get_attr_by_NID -.Fa "const X509_REQ *req" -.Fa "int nid" -.Fa "int start_after" -.Fc -.Sh DESCRIPTION -These functions support associating an array of X.501 Attributes -with a PKCS#10 certification request. -.Pp -.Fn X509_REQ_add1_attr -appends a deep copy of the -.Fa attr , -allocating a new array if necessary. -.Pp -.Fn X509_REQ_add1_attr_by_OBJ , -.Fn X509_REQ_add1_attr_by_NID , -and -.Fn X509_REQ_add1_attr_by_txt -create a new X.501 Attribute object using -.Xr X509_ATTRIBUTE_create_by_OBJ 3 , -.Xr X509_ATTRIBUTE_create_by_NID 3 , -or -.Xr X509_ATTRIBUTE_create_by_txt 3 , -respectively, -allocating a new array if necessary. -.Pp -.Fn X509_REQ_delete_attr -deletes the attribute with the zero-based -.Fa index . -.Pp -.Fn X509_REQ_get_attr -returns the attribute with the zero-based -.Fa index . -.Pp -.Fn X509_REQ_get_attr_count -returns the number of attributes currently associated with -.Fa req . -.Pp -.Fn X509_REQ_get_attr_by_OBJ -and -.Fn X509_REQ_get_attr_by_NID -search for an attribute of the type -.Fa obj -or -.Fa nid . -.Sh RETURN VALUES -.Fn X509_REQ_add1_attr , -.Fn X509_REQ_add1_attr_by_OBJ , -.Fn X509_REQ_add1_attr_by_NID , -and -.Fn X509_REQ_add1_attr_by_txt -return 1 for success or 0 for failure. -.Pp -.Fn X509_REQ_delete_attr -and -.Fn X509_REQ_get_attr -return the deleted or requested attribute or -.Dv NULL -if the requested index is negative or greater than or equal to -the current number of attributes associated with -.Fa req . -.Pp -.Fn X509_REQ_get_attr_count -returns the current number of attributes. -.Pp -.Fn X509_REQ_get_attr_by_OBJ -and -.Fn X509_REQ_get_attr_by_NID -return the index of the first attribute that has an index greater than -.Fa start_after -and a type matching -.Fa obj -or -.Fa nid , -respectively, or \-1 on failure. -In addition, -.Fn X509_REQ_get_attr_by_NID -returns \-2 if -.Xr OBJ_nid2obj 3 -fails on the requested -.Fa nid . -.Sh SEE ALSO -.Xr OBJ_nid2obj 3 , -.Xr X509_ATTRIBUTE_create_by_OBJ 3 , -.Xr X509_ATTRIBUTE_new 3 , -.Xr X509_REQ_new 3 -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.5 -and have been available since -.Ox 2.7 . diff --git a/src/lib/libcrypto/man/X509_REQ_add_extensions.3 b/src/lib/libcrypto/man/X509_REQ_add_extensions.3 deleted file mode 100644 index ff33edf474..0000000000 --- a/src/lib/libcrypto/man/X509_REQ_add_extensions.3 +++ /dev/null @@ -1,113 +0,0 @@ -.\" $OpenBSD: X509_REQ_add_extensions.3,v 1.2 2024/08/18 11:04:55 tb Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: August 18 2024 $ -.Dt X509_REQ_ADD_EXTENSIONS 3 -.Os -.Sh NAME -.Nm X509_REQ_add_extensions , -.Nm X509_REQ_add_extensions_nid , -.Nm X509_REQ_get_extensions , -.Nm X509_REQ_extension_nid -.Nd extensions in certification requests -.Sh SYNOPSIS -.In openssl/x509.h -.Ft int -.Fo X509_REQ_add_extensions -.Fa "X509_REQ *req" -.Fa "STACK_OF(X509_EXTENSION) *extensions" -.Fc -.Ft int -.Fo X509_REQ_add_extensions_nid -.Fa "X509_REQ *req" -.Fa "STACK_OF(X509_EXTENSION) *extensions" -.Fa "int nid" -.Fc -.Ft STACK_OF(X509_EXTENSION) * -.Fn X509_REQ_get_extensions "X509_REQ *req" -.Ft int -.Fn X509_REQ_extension_nid "int nid" -.Sh DESCRIPTION -.Fn X509_REQ_add_extensions -encodes the array of -.Fa extensions -using -.Xr i2d_X509_EXTENSIONS 3 -and adds a new X.501 Attribute object of the type -.Dv NID_ext_req -to -.Fa req -using the equivalent of -.Xr X509_ATTRIBUTE_create_by_NID 3 -with a -.Fa type -of -.Dv V_ASN1_SEQUENCE . -.Pp -.Fn X509_REQ_add_extensions_nid -is identical except that the specified -.Fa nid -is used as the X.501 Attribute type instead of -.Dv NID_ext_req . -.Pp -.Fn X509_REQ_get_extensions -retrieves the first value of the first X.501 Attribute of appropriate type. -By default, the attribute types -.Dv NID_ext_req -and -.Dv NID_ms_ext_req -are considered appropriate. -.Pp -.Fn X509_REQ_extension_nid -checks whether -.Fn X509_REQ_get_extensions -regards the -.Fa nid -argument as a type appropriate for storing extensions. -.Sh RETURN VALUES -.Fn X509_REQ_add_extensions -and -.Fn X509_REQ_add_extensions_nid -returns 1 for success or 0 for failure. -.Pp -.Fn X509_REQ_get_extensions -returns a newly allocated array of ASN.1 -.Vt Extension -objects or -.Dv NULL -if -.Fa req -is -.Dv NULL , -does not contain -.Vt CertificationRequestInfo , -contains no attribute of an appropriate type, -or if decoding or memory allocation fails. -.Pp -.Fn X509_REQ_extension_nid -returns 1 if -.Fa nid -is considered appropriate or 0 otherwise. -.Sh SEE ALSO -.Xr d2i_X509_EXTENSION 3 , -.Xr STACK_OF 3 , -.Xr X509_EXTENSION_new 3 , -.Xr X509_REQ_new 3 , -.Xr X509V3_extensions_print 3 -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.5 -and have been available since -.Ox 2.7 . diff --git a/src/lib/libcrypto/man/X509_REQ_new.3 b/src/lib/libcrypto/man/X509_REQ_new.3 deleted file mode 100644 index 0a5828d5d4..0000000000 --- a/src/lib/libcrypto/man/X509_REQ_new.3 +++ /dev/null @@ -1,145 +0,0 @@ -.\" $OpenBSD: X509_REQ_new.3,v 1.11 2021/10/29 09:42:07 schwarze Exp $ -.\" -.\" Copyright (c) 2016, 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: October 29 2021 $ -.Dt X509_REQ_NEW 3 -.Os -.Sh NAME -.Nm X509_REQ_new , -.Nm X509_REQ_dup , -.Nm X509_to_X509_REQ , -.Nm X509_REQ_free , -.Nm X509_REQ_INFO_new , -.Nm X509_REQ_INFO_free -.Nd PKCS#10 certification requests -.Sh SYNOPSIS -.In openssl/x509.h -.Ft X509_REQ * -.Fn X509_REQ_new void -.Ft X509_REQ * -.Fn X509_REQ_dup "X509_REQ *req" -.Ft X509_REQ * -.Fn X509_to_X509_REQ "X509 *x" "EVP_PKEY *pkey" "const EVP_MD *md" -.Ft void -.Fn X509_REQ_free "X509_REQ *req" -.Ft X509_REQ_INFO * -.Fn X509_REQ_INFO_new void -.Ft void -.Fn X509_REQ_INFO_free "X509_REQ_INFO *req_info" -.Sh DESCRIPTION -.Fn X509_REQ_new -allocates and initializes an empty -.Vt X509_REQ -object, representing an ASN.1 -.Vt CertificationRequest -structure defined in RFC 2986 section 4.2. -It can hold a pointer to an -.Vt X509_REQ_INFO -object discussed below together with a cryptographic signature and -information about the signature algorithm used. -.Pp -.Fn X509_REQ_dup -creates a deep copy of -.Fa req -using -.Xr ASN1_item_dup 3 , -setting the reference count of the copy to 1. -.Pp -.Fn X509_to_X509_REQ -allocates a new certification request object, copies -the subject name and the public key into it from the certificate -.Fa x , -and sets the version to zero. -Unless -.Fa pkey -is -.Dv NULL , -it also signs the request with -.Xr X509_REQ_sign 3 -using -.Fa pkey -and -.Fa md . -.Pp -.Fn X509_REQ_free -frees -.Fa req . -If -.Fa req -is a -.Dv NULL -pointer, no action occurs. -.Pp -.Fn X509_REQ_INFO_new -allocates and initializes an empty -.Vt X509_REQ_INFO -object, representing an ASN.1 -.Vt CertificationRequestInfo -structure defined in RFC 2986 section 4.1. -It is used inside the -.Vt X509_REQ -object and can hold the subject and the public key of the requested -certificate and additional attributes. -.Fn X509_REQ_INFO_free -frees -.Fa req_info . -If -.Fa req_info -is a -.Dv NULL -pointer, no action occurs. -.Sh RETURN VALUES -.Fn X509_REQ_new , -.Fn X509_REQ_dup , -.Fn X509_to_X509_REQ , -and -.Fn X509_REQ_INFO_new -return the new -.Vt X509_REQ -or -.Vt X509_REQ_INFO -object, respectively, or -.Dv NULL -if an error occurs. -.Sh SEE ALSO -.Xr d2i_X509_REQ 3 , -.Xr PEM_read_X509_REQ 3 , -.Xr X509_new 3 , -.Xr X509_REQ_add1_attr 3 , -.Xr X509_REQ_add_extensions 3 , -.Xr X509_REQ_check_private_key 3 , -.Xr X509_REQ_digest 3 , -.Xr X509_REQ_get0_signature 3 , -.Xr X509_REQ_get_pubkey 3 , -.Xr X509_REQ_get_subject_name 3 , -.Xr X509_REQ_get_version 3 , -.Xr X509_REQ_print_ex 3 , -.Xr X509_REQ_sign 3 -.Sh STANDARDS -RFC 2986: PKCS #10: Certification Request Syntax Specification -.Sh HISTORY -.Fn X509_REQ_new , -.Fn X509_REQ_free , -.Fn X509_REQ_INFO_new , -and -.Fn X509_REQ_INFO_free -first appeared in SSLeay 0.4.4, -.Fn X509_REQ_dup -in SSLeay 0.5.1, and -.Fn X509_to_X509_REQ -in SSLeay 0.6.0. -These functions have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/X509_REQ_print_ex.3 b/src/lib/libcrypto/man/X509_REQ_print_ex.3 deleted file mode 100644 index eee06abb21..0000000000 --- a/src/lib/libcrypto/man/X509_REQ_print_ex.3 +++ /dev/null @@ -1,173 +0,0 @@ -.\" $OpenBSD: X509_REQ_print_ex.3,v 1.3 2025/03/09 14:02:46 tb Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 9 2025 $ -.Dt X509_REQ_PRINT_EX 3 -.Os -.Sh NAME -.Nm X509_REQ_print_ex , -.Nm X509_REQ_print , -.Nm X509_REQ_print_fp -.Nd pretty-print a PKCS#10 certification request -.Sh SYNOPSIS -.Ft int -.Fo X509_REQ_print_ex -.Fa "BIO *bio" -.Fa "X509_REQ *req" -.Fa "unsigned long nameflags" -.Fa "unsigned long skipflags" -.Fc -.Ft int -.Fo X509_REQ_print -.Fa "BIO *bio" -.Fa "X509_REQ *req" -.Fc -.Ft int -.Fo X509_REQ_print_fp -.Fa "FILE *fp" -.Fa "X509_REQ *req" -.Fc -.Sh DESCRIPTION -.Fn X509_REQ_print_ex -prints information contained in -.Fa req -to -.Fa bio -in human-readable form. -Printing is aborted as soon as any operation fails, with the exception -that failures while attempting to decode or print the public key -are not considered as errors. -.Pp -By default, the following blocks of information -are printed in the following order. -Each block can be skipped by setting the corresponding bit in -.Fa skipflags , -provided in parentheses after each block description. -.Bl -bullet -.It -A pair of lines reading -.Qq Certificate Request:\& -and -.Qq Data:\& -containing no information. -.Pq Dv X509_FLAG_NO_HEADER -.It -The value contained in the version field -in decimal and hexadecimal notation. -.Pq Dv X509_FLAG_NO_VERSION -.It -The subject name is printed with -.Xr X509_NAME_print_ex 3 . -.Pq Dv X509_FLAG_NO_SUBJECT -.It -The public key algorithm is printed with -.Xr i2a_ASN1_OBJECT 3 , -and the public key returned from -.Xr X509_REQ_get_pubkey 3 -with -.Xr EVP_PKEY_print_public 3 . -.Pq Dv X509_FLAG_NO_PUBKEY -.It -For each X.501 attribute that is not a requested extension according to -.Xr X509_REQ_extension_nid 3 , -the object identifier is printed with -.Xr i2a_ASN1_OBJECT 3 , -and all values of the types -.Dv V_ASN1_PRINTABLESTRING , -.Dv V_ASN1_T61STRING , -and -.Dv V_ASN1_IA5STRING -are printed with -.Xr BIO_write 3 . -.Pq Dv X509_FLAG_NO_ATTRIBUTES -.It -The requested extensions are retrieved with -.Xr X509_REQ_get_extensions 3 -and their types and values are printed with -.Xr i2a_ASN1_OBJECT 3 -and -.Xr X509V3_EXT_print 3 , -or, if the latter fails, with -.Xr ASN1_STRING_print 3 . -.Pq Dv X509_FLAG_NO_EXTENSIONS -.It -The signature is printed with -.Xr X509_signature_print 3 . -.Pq Dv X509_FLAG_NO_SIGDUMP -.El -.Pp -The -.Fa nameflags -argument modifies the format for printing X.501 -.Vt Name -objects contained in -.Fa req . -It is passed through to -.Xr X509_NAME_print_ex 3 . -If -.Fa nameflags -is -.Dv X509_FLAG_COMPAT , -the -.Fa indent -argument of -.Xr X509_NAME_print_ex 3 -is set to 16 spaces and the traditional SSLeay format is used. -Otherwise, if the only bit set in -.Dv XN_FLAG_SEP_MASK -is -.Dv XN_FLAG_SEP_MULTILINE , -.Fa indent -is set to 12 spaces. -Otherwise, indent is set to zero. -.Pp -.Fn X509_REQ_print -is a wrapper function setting the -.Fa nameflags -to -.Dv XN_FLAG_COMPAT -and the -.Fa skipflags -to -.Dv X509_FLAG_COMPAT . -.Pp -.Fn X509_REQ_print_fp -is similar to -.Fn X509_REQ_print -except that it prints to -.Fa fp . -.Sh RETURN VALUES -These functions return 1 if all requested information was successfully -printed, even if failures occurred while attempting to decode or -print the public key, or 0 if any operation fails. -.Sh SEE ALSO -.Xr BIO_new 3 , -.Xr X509_print_ex 3 , -.Xr X509_REQ_new 3 -.Sh HISTORY -.Fn X509_REQ_print -first appeared in SSLeay 0.4.4 and -.Fn X509_REQ_print_fp -in SSLeay 0.6.0. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn X509_REQ_print_ex -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.2 . -.Sh BUGS -Some printing failures are silently ignored while printing extensions, -which may result in incomplete data being printed. diff --git a/src/lib/libcrypto/man/X509_REVOKED_new.3 b/src/lib/libcrypto/man/X509_REVOKED_new.3 deleted file mode 100644 index c1a50d1c9a..0000000000 --- a/src/lib/libcrypto/man/X509_REVOKED_new.3 +++ /dev/null @@ -1,213 +0,0 @@ -.\" $OpenBSD: X509_REVOKED_new.3,v 1.12 2021/07/19 13:16:43 schwarze Exp $ -.\" full merge up to: -.\" OpenSSL man3/X509_CRL_get0_by_serial cdd6c8c5 Mar 20 12:29:37 2017 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 19 2021 $ -.Dt X509_REVOKED_NEW 3 -.Os -.Sh NAME -.Nm X509_REVOKED_new , -.Nm X509_REVOKED_dup , -.Nm X509_REVOKED_free , -.Nm X509_REVOKED_get0_serialNumber , -.Nm X509_REVOKED_get0_revocationDate , -.Nm X509_REVOKED_set_serialNumber , -.Nm X509_REVOKED_set_revocationDate -.Nd create, change, and inspect an X.509 CRL revoked entry -.Sh SYNOPSIS -.In openssl/x509.h -.Ft X509_REVOKED * -.Fn X509_REVOKED_new void -.Ft X509_REVOKED * -.Fo X509_REVOKED_dup -.Fa "X509_REVOKED *r" -.Fc -.Ft void -.Fn X509_REVOKED_free "X509_REVOKED *r" -.Ft const ASN1_INTEGER * -.Fo X509_REVOKED_get0_serialNumber -.Fa "const X509_REVOKED *r" -.Fc -.Ft const ASN1_TIME * -.Fo X509_REVOKED_get0_revocationDate -.Fa "const X509_REVOKED *r" -.Fc -.Ft int -.Fo X509_REVOKED_set_serialNumber -.Fa "X509_REVOKED *r" -.Fa "ASN1_INTEGER *serial" -.Fc -.Ft int -.Fo X509_REVOKED_set_revocationDate -.Fa "X509_REVOKED *r" -.Fa "ASN1_TIME *tm" -.Fc -.Sh DESCRIPTION -.Fn X509_REVOKED_new -allocates and initializes an empty -.Vt X509_REVOKED -object, representing one of the elements of -the revokedCertificates field of the ASN.1 -.Vt TBSCertList -structure defined in RFC 5280 section 5.1. -It is used by -.Vt X509_CRL -objects and can hold information about one revoked certificate -including issuer names, serial number, revocation date, and revocation -reason. -.Pp -.Fn X509_REVOKED_dup -creates a deep copy of -.Fa r . -.Pp -.Fn X509_REVOKED_free -frees -.Fa r . -.Pp -.Fn X509_REVOKED_set_serialNumber -sets the serial number of -.Fa r -to -.Fa serial . -The supplied -.Fa serial -pointer is not used internally so it should be freed up after use. -.Pp -.Fn X509_REVOKED_set_revocationDate -sets the revocation date of -.Fa r -to -.Fa tm . -The supplied -.Fa tm -pointer is not used internally so it should be freed up after use. -.Sh RETURN VALUES -The -.Fn X509_REVOKED_new -function returns the new -.Vt X509_REVOKED -object if successful; otherwise -.Dv NULL -is returned and an error code can be retrieved with -.Xr ERR_get_error 3 . -.Pp -.Fn X509_REVOKED_dup -return the new -.Vt X509_REVOKED -object or -.Dv NULL -if an error occurs. -In some cases of failure, the reason can be determined with -.Xr ERR_get_error 3 . -.Pp -.Fn X509_REVOKED_get0_serialNumber -returns an internal pointer to the serial number of -.Fa r . -.Pp -.Fn X509_REVOKED_get0_revocationDate -returns an internal pointer to the revocation date of -.Fa r . -.Pp -.Fn X509_REVOKED_set_serialNumber -and -.Fn X509_REVOKED_set_revocationDate -return 1 for success or 0 for failure. -In some cases of failure, the reason can be determined with -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr d2i_X509_CRL 3 , -.Xr PEM_read_X509_CRL 3 , -.Xr X509_CRL_get0_by_serial 3 , -.Xr X509_CRL_new 3 , -.Xr X509_CRL_print 3 , -.Xr X509_EXTENSION_new 3 , -.Xr X509_REVOKED_get_ext 3 , -.Xr X509_REVOKED_get_ext_d2i 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile, section 5.1: CRL Fields -.Sh HISTORY -.Fn X509_REVOKED_new -and -.Fn X509_REVOKED_free -first appeared in SSLeay 0.4.4 and have been available since -.Ox 2.4 . -.Pp -.Fn X509_REVOKED_set_serialNumber -and -.Fn X509_REVOKED_set_revocationDate -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Pp -.Fn X509_REVOKED_dup -first appeared in OpenSSL 1.0.2. -.Fn X509_REVOKED_get0_serialNumber -and -.Fn X509_REVOKED_get0_revocationDate -first appeared in OpenSSL 1.1.0. -These functions have been available since -.Ox 6.3 . diff --git a/src/lib/libcrypto/man/X509_SIG_get0.3 b/src/lib/libcrypto/man/X509_SIG_get0.3 deleted file mode 100644 index 456261ca3f..0000000000 --- a/src/lib/libcrypto/man/X509_SIG_get0.3 +++ /dev/null @@ -1,90 +0,0 @@ -.\" $OpenBSD: X509_SIG_get0.3,v 1.1 2021/10/23 15:39:06 tb Exp $ -.\" full merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2016 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: October 23 2021 $ -.Dt X509_SIG_GET0 3 -.Os -.Sh NAME -.Nm X509_SIG_get0 , -.Nm X509_SIG_getm -.Nd DigestInfo functions -.Sh SYNOPSIS -.In openssl/x509.h -.Ft void -.Fo X509_SIG_get0 -.Fa "const X509_SIG *sig" -.Fa "const X509_ALGOR **palg" -.Fa "const ASN1_OCTET_STRING **pdigest" -.Fc -.Ft void -.Fo X509_SIG_getm -.Fa "X509_SIG *sig" -.Fa "X509_ALGOR **palg" -.Fa "ASN1_OCTET_STRING **pdigest" -.Fc -.Sh DESCRIPTION -.Fn X509_SIG_get0 -returns pointers to the algorithm identifier and digest value in -.Fa sig . -.Fn X509_SIG_getm -is identical to -.Fn X509_SIG_get0 , -except the pointers returned are not constant and can be modified, -for example to initialise them. -.Sh SEE ALSO -.Xr d2i_X509 3 , -.Xr X509_SIG_new 3 -.Sh HISTORY -.Fn X509_SIG_get0 -and -.Fn X509_SIG_getm -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 7.1 . diff --git a/src/lib/libcrypto/man/X509_SIG_new.3 b/src/lib/libcrypto/man/X509_SIG_new.3 deleted file mode 100644 index 8e6b29dea5..0000000000 --- a/src/lib/libcrypto/man/X509_SIG_new.3 +++ /dev/null @@ -1,68 +0,0 @@ -.\" $OpenBSD: X509_SIG_new.3,v 1.5 2021/10/27 11:24:47 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: October 27 2021 $ -.Dt X509_SIG_NEW 3 -.Os -.Sh NAME -.Nm X509_SIG_new , -.Nm X509_SIG_free -.Nd PKCS#7 digest information -.Sh SYNOPSIS -.In openssl/x509.h -.Ft X509_SIG * -.Fn X509_SIG_new void -.Ft void -.Fn X509_SIG_free "X509_SIG *sig" -.Sh DESCRIPTION -.Fn X509_SIG_new -allocates and initializes an empty -.Vt X509_SIG -object, representing an ASN.1 -.Vt DigestInfo -structure defined in RFC 2315 section 9.4 -and equivalently in RFC 8017 section 9.2. -It can hold a message digest together with information about -the algorithm used. -.Pp -.Fn X509_SIG_free -frees -.Fa sig . -.Sh RETURN VALUES -.Fn X509_SIG_new -returns the new -.Vt X509_SIG -object or -.Dv NULL -if an error occurs. -.Sh SEE ALSO -.Xr d2i_X509_SIG 3 , -.Xr PEM_read_PKCS8 3 , -.Xr RSA_sign 3 , -.Xr X509_new 3 , -.Xr X509_SIG_get0 3 -.Sh STANDARDS -RFC 2315: PKCS #7: Cryptographic Message Syntax, -section 9: Signed-data content type -.Pp -RFC 8017: PKCS #1: RSA Cryptography Specifications, -section 9: Encoding Methods for Signatures -.Sh HISTORY -.Fn X509_SIG_new -and -.Fn X509_SIG_free -appeared in SSLeay 0.4 or earlier and have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/X509_STORE_CTX_get_error.3 b/src/lib/libcrypto/man/X509_STORE_CTX_get_error.3 deleted file mode 100644 index 1f221563cb..0000000000 --- a/src/lib/libcrypto/man/X509_STORE_CTX_get_error.3 +++ /dev/null @@ -1,591 +0,0 @@ -.\" $OpenBSD: X509_STORE_CTX_get_error.3,v 1.28 2023/06/06 16:20:13 schwarze Exp $ -.\" full merge up to: -.\" OpenSSL man3/X509_STORE_CTX_get_error 24a535ea Sep 22 13:14:20 2020 +0100 -.\" OpenSSL man3/X509_STORE_CTX_new 24a535ea Sep 22 13:14:20 2020 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson -.\" and Rich Salz . -.\" Copyright (c) 2009, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: June 6 2023 $ -.Dt X509_STORE_CTX_GET_ERROR 3 -.Os -.Sh NAME -.Nm X509_STORE_CTX_get_error , -.Nm X509_STORE_CTX_set_error , -.Nm X509_STORE_CTX_get_error_depth , -.Nm X509_STORE_CTX_set_error_depth , -.Nm X509_STORE_CTX_get_current_cert , -.Nm X509_STORE_CTX_set_current_cert , -.Nm X509_STORE_CTX_get0_current_issuer , -.Nm X509_STORE_CTX_get0_current_crl , -.Nm X509_STORE_CTX_get0_parent_ctx , -.Nm X509_STORE_CTX_get_num_untrusted , -.Nm X509_STORE_CTX_get0_chain , -.Nm X509_STORE_CTX_get_chain , -.Nm X509_STORE_CTX_get1_chain , -.Nm X509_STORE_CTX_set0_verified_chain , -.Nm X509_verify_cert_error_string -.Nd get or set certificate verification status information -.Sh SYNOPSIS -.In openssl/x509_vfy.h -.Ft int -.Fo X509_STORE_CTX_get_error -.Fa "X509_STORE_CTX *ctx" -.Fc -.Ft void -.Fo X509_STORE_CTX_set_error -.Fa "X509_STORE_CTX *ctx" -.Fa "int s" -.Fc -.Ft int -.Fo X509_STORE_CTX_get_error_depth -.Fa "X509_STORE_CTX *ctx" -.Fc -.Ft void -.Fo X509_STORE_CTX_set_error_depth -.Fa "X509_STORE_CTX *ctx" -.Fa "int depth" -.Fc -.Ft X509 * -.Fo X509_STORE_CTX_get_current_cert -.Fa "X509_STORE_CTX *ctx" -.Fc -.Ft void -.Fo X509_STORE_CTX_set_current_cert -.Fa "X509_STORE_CTX *ctx" -.Fa "X509 *cert" -.Fc -.Ft X509 * -.Fo X509_STORE_CTX_get0_current_issuer -.Fa "X509_STORE_CTX *ctx" -.Fc -.Ft X509_CRL * -.Fo X509_STORE_CTX_get0_current_crl -.Fa "X509_STORE_CTX *ctx" -.Fc -.Ft X509_STORE_CTX * -.Fo X509_STORE_CTX_get0_parent_ctx -.Fa "X509_STORE_CTX *ctx" -.Fc -.Ft int -.Fo X509_STORE_CTX_get_num_untrusted -.Fa "X509_STORE_CTX *ctx" -.Fc -.Ft STACK_OF(X509) * -.Fo X509_STORE_CTX_get0_chain -.Fa "X509_STORE_CTX *ctx" -.Fc -.Ft STACK_OF(X509) * -.Fo X509_STORE_CTX_get_chain -.Fa "X509_STORE_CTX *ctx" -.Fc -.Ft STACK_OF(X509) * -.Fo X509_STORE_CTX_get1_chain -.Fa "X509_STORE_CTX *ctx" -.Fc -.Ft void -.Fo X509_STORE_CTX_set0_verified_chain -.Fa "X509_STORE_CTX *ctx" -.Fa "STACK_OF(X509) *chain" -.Fc -.In openssl/x509.h -.Ft const char * -.Fo X509_verify_cert_error_string -.Fa "long n" -.Fc -.Sh DESCRIPTION -Most of these functions are typically called after -.Xr X509_verify_cert 3 -to inspect status information related to certificate verification. -Some may also be called in a verification callback to determine the -nature of an error. -.Pp -.Fn X509_STORE_CTX_get_error -returns the error code of -.Fa ctx . -See the -.Sy ERROR CODES -section for a full description of all error codes. -.Pp -.Fn X509_STORE_CTX_set_error -sets the error code of -.Fa ctx -to -.Fa s . -For example it might be used in a verification callback to set an error -based on additional checks. -.Pp -.Fn X509_STORE_CTX_get_error_depth -returns the depth of the error. -This is a non-negative integer representing where in the certificate -chain the error occurred. -If it is zero, it occurred in the end entity certificate, one if it is -the certificate which signed the end entity certificate, and so on. -.Pp -.Fn X509_STORE_CTX_set_error_depth -sets the error depth. -This can be used in combination with -.Fn X509_STORE_CTX_set_error -to set the depth at which an error condition was detected. -.Pp -.Fn X509_STORE_CTX_get_current_cert -returns the certificate in -.Fa ctx -which caused the error or -.Dv NULL -if no certificate is relevant. -.Pp -.Fn X509_STORE_CTX_set_current_cert -sets the certificate which caused the error in -.Fa ctx -to the given -.Fa cert . -This value is not intended to remain valid for very long, -and remains owned by the caller. -It may be examined by a verification callback invoked to handle -each error encountered during chain verification and is no longer -required after such a callback. -If a callback wishes the save the certificate for use after it returns, -it needs to increment its reference count via -.Xr X509_up_ref 3 . -Once such a saved certificate is no longer needed, it can be freed with -.Xr X509_free 3 . -.Pp -.Fn X509_STORE_CTX_get0_current_issuer -returns the certificate that caused issuer validation to fail or -.Dv NULL -if no CA certificate is relevant. -.Pp -.Fn X509_STORE_CTX_get0_current_crl -returns the certificate revocation list that caused CRL checking to fail or -.Dv NULL -if no CRL is relevant. -.Pp -When, during certification path validation, the need arises to check -the validity of the certification path of a CRL issuer certificate, -the library creates a new, temporary -.Vt X509_STORE_CTX -object. -If -.Fn X509_STORE_CTX_get0_parent_ctx -is called on that temporary object, a pointer to the original -certification path validation context is returned. -This may be useful in callback functions called from -.Xr X509_verify_cert 3 -or from its subroutines to find out whether the callback is called -from the path validation of the target certificate or from the path -validation of a related CRL issuer certificate, and if the latter, -what the target certificate is. -.Pp -.Fn X509_STORE_CTX_get0_chain -returns an internal pointer to a complete validate chain -if a previous call to -.Xr X509_verify_cert 3 -was successful. -If the call to -.Xr X509_verify_cert 3 -was not successful, the returned chain may be incomplete or invalid. -.Fn X509_STORE_CTX_get_chain -is a deprecated alias of -.Fn X509_STORE_CTX_get0_chain . -.Fn X509_STORE_CTX_get1_chain -returns a deep copy of the same chain which persists even after the -.Fa ctx -structure is freed. -When it is no longer needed, it should be freed using -.Fn sk_X509_pop_free chain X509_free . -.Pp -.Fn X509_STORE_CTX_set0_verified_chain -frees the validate chain generated by if a previous call to -.Xr X509_verify_cert 3 , -if any, and replaces it with the given -.Fa chain . -Ownership of the -.Fa chain -is transferred to the -.Fa ctx , -so it should not be freed by the caller. -.Pp -.Fn X509_verify_cert_error_string -returns a human readable error string for verification error -.Fa n . -.Pp -The above functions should be used instead of directly referencing the -fields in the -.Sy X509_VERIFY_CTX -structure. -.Pp -In versions of OpenSSL before 1.0, the current certificate returned by -.Fn X509_STORE_CTX_get_current_cert -was never -.Dv NULL . -Applications should check the return value before printing out any -debugging information relating to the current certificate. -.Pp -If an unrecognised error code is passed to -.Fn X509_verify_cert_error_string , -"Unknown certificate verification error" -is returned. -This should never happen unless an invalid code is passed. -.Sh RETURN VALUES -.Fn X509_STORE_CTX_get_error -returns -.Dv X509_V_OK -or an error code. -.Pp -.Fn X509_STORE_CTX_get_error_depth -returns a non-negative error depth. -.Pp -.Fn X509_STORE_CTX_get_current_cert , -.Fn X509_STORE_CTX_get0_current_issuer , -and -.Fn X509_STORE_CTX_get0_current_crl -return the object which caused the error or -.Dv NULL -if no object of the requested kind is relevant to the error. -.Pp -.Fn X509_STORE_CTX_get0_parent_ctx -returns the parent context or -.Dv NULL -if -.Fa ctx -is not a temporary child context -used for path validation of a CRL issuer certificate. -.Pp -.Fn X509_STORE_CTX_get_num_untrusted -returns the number of untrusted certificates -that were used in building the chain during a call to -.Xr X509_verify_cert 3 . -.Pp -.Fn X509_STORE_CTX_get0_chain , -.Fn X509_STORE_CTX_get_chain , -and -.Fn X509_STORE_CTX_get1_chain -return a pointer to a stack of certificates or -.Dv NULL -if an error occurs. -.Pp -.Fn X509_verify_cert_error_string -returns a human readable error string for verification error -.Fa n . -.Sh ERROR CODES -A list of error codes and messages is shown below. -Some of the error codes are defined but currently never returned: -these are described as "unused". -.Bl -tag -width Ds -.It Dv X509_V_OK : No ok -The operation was successful. -.It Dv X509_V_ERR_UNSPECIFIED : \ - No Unspecified certificate verification error -An error was encountered during certificate verification and -the internal routines failed to set a more specific error. -.It Dv X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT : \ - No unable to get issuer certificate -The issuer certificate of a locally looked up certificate could not be found. -This normally means the list of trusted certificates is not complete. -.It Dv X509_V_ERR_UNABLE_TO_GET_CRL : No unable to get certificate CRL -The CRL of a certificate could not be found. -.It Dv X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE : \ - No unable to decrypt certificate's signature -The certificate signature could not be decrypted. -This means that the actual signature value could not be determined -rather than it not matching the expected value. -This is only meaningful for RSA keys. -.It Dv X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE : \ - No unable to decrypt CRL's signature -The CRL signature could not be decrypted: this means that the actual -signature value could not be determined rather than it not matching the -expected value. -Unused. -.It Dv X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY : \ - No unable to decode issuer public key -The public key in the certificate -.Vt SubjectPublicKeyInfo -could not be read. -.It Dv X509_V_ERR_CERT_SIGNATURE_FAILURE : No certificate signature failure -The signature of the certificate is invalid. -.It Dv X509_V_ERR_CRL_SIGNATURE_FAILURE : No CRL signature failure -The signature of the CRL is invalid. -.It Dv X509_V_ERR_CERT_NOT_YET_VALID : No certificate is not yet valid -The certificate is not yet valid: the notBefore date is after the -current time. -.It Dv X509_V_ERR_CERT_HAS_EXPIRED : No certificate has expired -The certificate has expired: that is the notAfter date is before the -current time. -.It Dv X509_V_ERR_CRL_NOT_YET_VALID : No CRL is not yet valid -The CRL is not yet valid. -.It Dv X509_V_ERR_CRL_HAS_EXPIRED : No CRL has expired -The CRL has expired. -.It Dv X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD : \ - No format error in certificate's notBefore field -The certificate notBefore field contains an invalid time. -.It Dv X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD : \ - No format error in certificate's notAfter field -The certificate notAfter field contains an invalid time. -.It Dv X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD : \ - No format error in CRL's lastUpdate field -The CRL thisUpdate field (sic!) contains an invalid time. -Both the name of the error constant and the text of the error message -give a wrong name for the field that contains the problem. -.It Dv X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD : \ - No format error in CRL's nextUpdate field -The CRL nextUpdate field contains an invalid time. -.It Dv X509_V_ERR_OUT_OF_MEM : No out of memory -An error occurred trying to allocate memory. -This should never happen. -.It Dv X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT : No self signed certificate -The passed certificate is self signed and the same certificate cannot be -found in the list of trusted certificates. -.It Dv X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN : \ - No self signed certificate in certificate chain -The certificate chain could be built up using the untrusted certificates -but the root could not be found locally. -.It Dv X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY : \ - No unable to get local issuer certificate -The issuer certificate could not be found: this occurs if the issuer -certificate of an untrusted certificate cannot be found. -.It Dv X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE : \ - No unable to verify the first certificate -No signatures could be verified because the chain contains only one -certificate and it is not self signed. -.It Dv X509_V_ERR_CERT_CHAIN_TOO_LONG : No certificate chain too long -The certificate chain length is greater than the supplied maximum depth. -.It Dv X509_V_ERR_CERT_REVOKED : No certificate revoked -The certificate has been revoked. -.It Dv X509_V_ERR_INVALID_CA : No invalid CA certificate -A CA certificate is invalid. -Either it is not a CA or its extensions are not consistent with the -supplied purpose. -.It Dv X509_V_ERR_PATH_LENGTH_EXCEEDED : No path length constraint exceeded -The basicConstraints path-length parameter has been exceeded. -.It Dv X509_V_ERR_INVALID_PURPOSE : No unsupported certificate purpose -The supplied certificate cannot be used for the specified purpose. -.It Dv X509_V_ERR_CERT_UNTRUSTED : No certificate not trusted -The root CA is not marked as trusted for the specified purpose. -.It Dv X509_V_ERR_CERT_REJECTED : No certificate rejected -The root CA is marked to reject the specified purpose. -.It Dv X509_V_ERR_SUBJECT_ISSUER_MISMATCH : No subject issuer mismatch -The current candidate issuer certificate was rejected because its -subject name did not match the issuer name of the current certificate. -This is only set if issuer check debugging is enabled; it is used for -status notification and is -.Sy not -in itself an error. -.It Dv X509_V_ERR_AKID_SKID_MISMATCH : \ - No authority and subject key identifier mismatch -The current candidate issuer certificate was rejected because its -subject key identifier was present and did not match the authority key -identifier current certificate. -This is only set if issuer check debugging is enabled; it is used for -status notification and is -.Sy not -in itself an error. -.It Dv X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH : \ - No authority and issuer serial number mismatch -The current candidate issuer certificate was rejected because its issuer -name and serial number was present and did not match the authority key -identifier of the current certificate. -This is only set if issuer check debugging is enabled; it is used for -status notification and is -.Sy not -in itself an error. -.It Dv X509_V_ERR_KEYUSAGE_NO_CERTSIGN : \ - No key usage does not include certificate signing -The current candidate issuer certificate was rejected because its -keyUsage extension does not permit certificate signing. -This is only set if issuer check debugging is enabled it is used for -status notification and is -.Sy not -in itself an error. -.It Dv X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER : \ - No unable to get CRL issuer certificate -The CRL's issuer could not be found: -there is no alternative CRL issuer set on -.Ar ctx -and the last certificate in the chain is not self signed. -.It Dv X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION : \ - No unhandled critical extension -The certificate contains a critical extension that is unsupported -by the library. -.It Dv X509_V_ERR_KEYUSAGE_NO_CRL_SIGN : \ - No key usage does not include CRL signing -The CRL issuer has a key usage extension with unset cRLSign bit. -.It Dv X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION : \ - No unhandled critical CRL extension -The CRL contains a critical extension that is unsupported -by the library. -.\" XXX - The following are unreachable (X509_V_ERR_INVALID_NON_CA) or unused. -.\" .It Dv X509_V_ERR_INVALID_NON_CA : \ -.\" No invalid non-CA certificate (has CA markings) -.\" .It Dv X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED : \ -.\" No proxy path length constraint exceeded -.\" .It Dv X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE : \ -.\" No key usage does not include digital signature -.\" .It Dv X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED : \ -.\" No proxy certificates not allowed, please set the appropriate flag -.It Dv X509_V_ERR_INVALID_EXTENSION : \ - No invalid or inconsistent certificate extension -A certificate extension had an invalid value (for example an incorrect -encoding) or some value inconsistent with other extensions. -.It Dv X509_V_ERR_INVALID_POLICY_EXTENSION : \ - No invalid or inconsistent certificate policy extension -A certificate policies extension had an invalid value (for example an -incorrect encoding) or some value inconsistent with other extensions. -This error only occurs if policy processing is enabled. -.It Dv X509_V_ERR_NO_EXPLICIT_POLICY : No no explicit policy -The verification flags were set to require an explicit policy but none -was present. -.It Dv X509_V_ERR_DIFFERENT_CRL_SCOPE : No different CRL scope -The only CRLs that could be found did not match the scope of the -certificate. -.It Dv X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE : \ - No unsupported extension feature -Some feature of a certificate extension is not supported. -Unused. -.It Dv X509_V_ERR_UNNESTED_RESOURCE : \ - No RFC 3779 resource not subset of parent's resources -When walking up a certificate chain, all resources specified in -RFC 3779 extensions must be contained in the resources delegated in -the issuer's RFC 3779 extensions. -The error indicates that this is not the case or that the trust anchor -has inheritance. -.It Dv X509_V_ERR_PERMITTED_VIOLATION : No permitted subtree violation -A name constraint violation occurred in the permitted subtrees. -.It Dv X509_V_ERR_EXCLUDED_VIOLATION : No excluded subtree violation -A name constraint violation occurred in the excluded subtrees. -.It Dv X509_V_ERR_SUBTREE_MINMAX : \ - No name constraints minimum and maximum not supported -A certificate name constraints extension included a minimum or maximum -field: this is not supported. -.It Dv X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE : \ - No unsupported name constraint type -An unsupported name constraint type was encountered. -OpenSSL currently only supports directory name, DNS name, email and URI -types. -.It Dv X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX : \ - No unsupported or invalid name constraint syntax -The format of the name constraint is not recognised: for example an -email address format of a form not mentioned in RFC 3280. -This could be caused by a garbage extension or some new feature not -currently supported. -.\" X509_V_ERR_UNSUPPORTED_NAME_SYNTAX : No unsupported or invalid name syntax -.It Dv X509_V_ERR_CRL_PATH_VALIDATION_ERROR : No CRL path validation error -An error occurred when attempting to verify the CRL path. -This error can only happen if extended CRL checking is enabled. -.It Dv X509_V_ERR_APPLICATION_VERIFICATION : \ - No application verification failure -An application specific error. -This will never be returned unless explicitly set by an application. -.\" .It Dv X509_V_ERR_HOSTNAME_MISMATCH : No Hostname mismatch -.\" .It Dv X509_V_ERR_EMAIL_MISMATCH : No Email address mismatch -.\" .It Dv X509_V_ERR_IP_ADDRESS_MISMATCH : No IP address mismatch -.\" .It Dv X509_V_ERR_INVALID_CALL : \ -.\" No Invalid certificate verification context -.\" .It Dv X509_V_ERR_STORE_LOOKUP : No Issuer certificate lookup error -.\" .It Dv X509_V_ERR_EE_KEY_TOO_SMALL : No EE certificate key too weak -.\" .It Dv X509_V_ERR_CA_KEY_TOO_SMALL : No CA certificate key too weak -.\" .It Dv X509_V_ERR_CA_MD_TOO_WEAK : \ -.\" No CA signature digest algorithm too weak -.El -.Sh SEE ALSO -.Xr X509_STORE_CTX_new 3 , -.Xr X509_STORE_CTX_set_verify 3 , -.Xr X509_STORE_CTX_set_verify_cb 3 , -.Xr X509_STORE_set_verify_cb 3 , -.Xr X509_up_ref 3 , -.Xr X509_verify_cert 3 -.Sh HISTORY -.Fn X509_STORE_CTX_get_error , -.Fn X509_STORE_CTX_set_error , -.Fn X509_STORE_CTX_get_error_depth , -.Fn X509_STORE_CTX_get_current_cert , -.Fn X509_STORE_CTX_get_chain , -and -.Fn X509_verify_cert_error_string -first appeared in SSLeay 0.8.0 and have been available since -.Ox 2.4 . -.Pp -.Fn X509_STORE_CTX_get1_chain -first appeared in OpenSSL 0.9.5 and has been available since -.Ox 2.7 . -.Pp -.Fn X509_STORE_CTX_get0_current_issuer , -.Fn X509_STORE_CTX_get0_current_crl , -and -.Fn X509_STORE_CTX_get0_parent_ctx -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . -.Pp -.Fn X509_STORE_CTX_get0_chain -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 6.3 . -.Pp -.Fn X509_STORE_CTX_set_error_depth , -.Fn X509_STORE_CTX_set_current_cert , -.Fn X509_STORE_CTX_get_num_untrusted , -and -.Fn X509_STORE_CTX_set0_verified_chain -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 7.1 . diff --git a/src/lib/libcrypto/man/X509_STORE_CTX_get_ex_new_index.3 b/src/lib/libcrypto/man/X509_STORE_CTX_get_ex_new_index.3 deleted file mode 100644 index bfec65a123..0000000000 --- a/src/lib/libcrypto/man/X509_STORE_CTX_get_ex_new_index.3 +++ /dev/null @@ -1,153 +0,0 @@ -.\" $OpenBSD: X509_STORE_CTX_get_ex_new_index.3,v 1.6 2021/07/29 08:32:13 schwarze Exp $ -.\" OpenSSL a528d4f0 Oct 27 13:40:11 2015 -0400 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2009, 2014 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 29 2021 $ -.Dt X509_STORE_CTX_GET_EX_NEW_INDEX 3 -.Os -.Sh NAME -.Nm X509_STORE_CTX_get_ex_new_index , -.Nm X509_STORE_CTX_set_ex_data , -.Nm X509_STORE_CTX_get_ex_data , -.Nm X509_STORE_CTX_set_app_data , -.Nm X509_STORE_CTX_get_app_data -.Nd add application specific data to X509_STORE_CTX structures -.Sh SYNOPSIS -.In openssl/x509_vfy.h -.Ft int -.Fo X509_STORE_CTX_get_ex_new_index -.Fa "long argl" -.Fa "void *argp" -.Fa "CRYPTO_EX_new *new_func" -.Fa "CRYPTO_EX_dup *dup_func" -.Fa "CRYPTO_EX_free *free_func" -.Fc -.Ft int -.Fo X509_STORE_CTX_set_ex_data -.Fa "X509_STORE_CTX *d" -.Fa "int idx" -.Fa "void *arg" -.Fc -.Ft void * -.Fo X509_STORE_CTX_get_ex_data -.Fa "X509_STORE_CTX *d" -.Fa "int idx" -.Fc -.Ft int -.Fo X509_STORE_CTX_set_app_data -.Fa "X509_STORE_CTX *d" -.Fa "void *arg" -.Fc -.Ft void * -.Fo X509_STORE_CTX_get_app_data -.Fa "X509_STORE_CTX *d" -.Fc -.Sh DESCRIPTION -These functions handle application specific data in -.Vt X509_STORE_CTX -structures. -Their usage is identical to that of -.Xr RSA_get_ex_new_index 3 , -.Xr RSA_set_ex_data 3 , -and -.Xr RSA_get_ex_data 3 . -.Pp -This mechanism is used internally by the -.Xr ssl 3 -library to store the -.Vt SSL -structure associated with a verification operation in an -.Vt X509_STORE_CTX -structure. -.Pp -.Fn X509_STORE_CTX_set_app_data -and -.Fn X509_STORE_CTX_get_app_data -are macros calling -.Fn X509_STORE_CTX_set_ex_data -and -.Fn X509_STORE_CTX_get_ex_data , -respectively, with an -.Fa idx -of 0. -.Sh RETURN VALUES -.Fn X509_STORE_CTX_get_ex_new_index -returns a new index or \-1 on failure. -.Pp -.Fn X509_STORE_CTX_set_ex_data -and -.Fn X509_STORE_CTX_set_app_data -return 1 on success or 0 on failure. -.Pp -.Fn X509_STORE_CTX_get_ex_data -and -.Fn X509_STORE_CTX_get_app_data -return the application data or -.Dv NULL -on failure. -.Dv NULL -may also be valid application data, but currently these functions -can only fail if given an invalid -.Fa idx -argument. -.Sh SEE ALSO -.Xr RSA_get_ex_new_index 3 , -.Xr X509_STORE_CTX_new 3 -.Sh HISTORY -.Fn X509_STORE_CTX_set_app_data -and -.Fn X509_STORE_CTX_get_app_data -first appeared in SSLeay 0.8.0 and -.Fn X509_STORE_CTX_get_ex_new_index , -.Fn X509_STORE_CTX_set_ex_data , -and -.Fn X509_STORE_CTX_get_ex_data -in SSLeay 0.9.0. -All these functions have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/X509_STORE_CTX_new.3 b/src/lib/libcrypto/man/X509_STORE_CTX_new.3 deleted file mode 100644 index 96af7a8afb..0000000000 --- a/src/lib/libcrypto/man/X509_STORE_CTX_new.3 +++ /dev/null @@ -1,365 +0,0 @@ -.\" $OpenBSD: X509_STORE_CTX_new.3,v 1.27 2022/11/16 14:55:40 schwarze Exp $ -.\" full merge up to: OpenSSL aae41f8c Jun 25 09:47:15 2015 +0100 -.\" selective merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson -.\" and Rich Salz . -.\" Copyright (c) 2009, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 16 2022 $ -.Dt X509_STORE_CTX_NEW 3 -.Os -.Sh NAME -.Nm X509_STORE_CTX_new , -.Nm X509_STORE_CTX_init , -.Nm X509_STORE_CTX_cleanup , -.Nm X509_STORE_CTX_free , -.Nm X509_STORE_CTX_get0_store , -.Nm X509_STORE_CTX_set0_trusted_stack , -.Nm X509_STORE_CTX_trusted_stack , -.Nm X509_STORE_CTX_set_cert , -.Nm X509_STORE_CTX_get0_cert , -.\" X509_STORE_CTX_get0_chain moved to X509_STORE_CTX_get_error(3) -.Nm X509_STORE_CTX_set_chain , -.Nm X509_STORE_CTX_set0_untrusted , -.Nm X509_STORE_CTX_get0_untrusted , -.Nm X509_STORE_CTX_set0_crls -.\" X509_STORE_CTX_verify_fn moved to X509_STORE_CTX_set_verify(3) -.\" X509_STORE_CTX_set_verify moved to X509_STORE_CTX_set_verify(3) -.Nd X509_STORE_CTX initialisation -.Sh SYNOPSIS -.In openssl/x509_vfy.h -.Ft X509_STORE_CTX * -.Fn X509_STORE_CTX_new void -.Ft int -.Fo X509_STORE_CTX_init -.Fa "X509_STORE_CTX *ctx" -.Fa "X509_STORE *store" -.Fa "X509 *x" -.Fa "STACK_OF(X509) *untrusted" -.Fc -.Ft void -.Fo X509_STORE_CTX_cleanup -.Fa "X509_STORE_CTX *ctx" -.Fc -.Ft void -.Fo X509_STORE_CTX_free -.Fa "X509_STORE_CTX *ctx" -.Fc -.Ft X509_STORE * -.Fo X509_STORE_CTX_get0_store -.Fa "X509_STORE_CTX *ctx" -.Fc -.Ft void -.Fo X509_STORE_CTX_set0_trusted_stack -.Fa "X509_STORE_CTX *ctx" -.Fa "STACK_OF(X509) *trusted" -.Fc -.Ft void -.Fo X509_STORE_CTX_trusted_stack -.Fa "X509_STORE_CTX *ctx" -.Fa "STACK_OF(X509) *trusted" -.Fc -.Ft void -.Fo X509_STORE_CTX_set_cert -.Fa "X509_STORE_CTX *ctx" -.Fa "X509 *x" -.Fc -.Ft X509 * -.Fo X509_STORE_CTX_get0_cert -.Fa "X509_STORE_CTX *ctx" -.Fc -.Ft void -.Fo X509_STORE_CTX_set_chain -.Fa "X509_STORE_CTX *ctx" -.Fa "STACK_OF(X509) *untrusted" -.Fc -.Ft void -.Fo X509_STORE_CTX_set0_untrusted -.Fa "X509_STORE_CTX *ctx" -.Fa "STACK_OF(X509) *untrusted" -.Fc -.Ft STACK_OF(X509) * -.Fo X509_STORE_CTX_get0_untrusted -.Fa "X509_STORE_CTX *ctx" -.Fc -.Ft void -.Fo X509_STORE_CTX_set0_crls -.Fa "X509_STORE_CTX *ctx" -.Fa "STACK_OF(X509_CRL) *crls" -.Fc -.Sh DESCRIPTION -These functions set up an -.Vt X509_STORE_CTX -object for subsequent use by -.Xr X509_verify_cert 3 . -.Pp -.Fn X509_STORE_CTX_new -allocates an empty -.Vt X509_STORE_CTX -object not yet containing the subobjects required for normal operation. -.Pp -.Fn X509_STORE_CTX_init -needs to be called on each new -.Fa ctx -before any of the other functions become useful. -It prepares -.Fa ctx -for one single verification operation using -.Xr X509_verify_cert 3 . -The trusted certificate -.Fa store -to be used, the end entity certificate -.Fa x -to be verified, and a set of additional -.Fa untrusted -certificates, to be used for building the chain, -can be supplied, or any or all of them can be set to -.Dv NULL . -The three pointers passed in are stored internally, the three objects -pointed to are not copied, their reference count is not incremented, -and the caller remains responsible for managing their storage and for -not freeing them before -.Fn X509_STORE_CTX_free -is called on -.Fa ctx . -If a -.Fa store -is provided, the verification parameters contained in it are copied using -.Xr X509_VERIFY_PARAM_inherit 3 . -.Pp -.Fn X509_STORE_CTX_cleanup -internally cleans up -.Fa ctx , -returning it to an empty state similar to the one after -.Fn X509_STORE_CTX_new . -It can then be reused with a new call to -.Fn X509_STORE_CTX_init . -.Pp -.Fn X509_STORE_CTX_free -calls -.Fn X509_STORE_CTX_cleanup -and frees the storage pointed to by -.Fa ctx . -If -.Fa ctx -is a -.Dv NULL -pointer, no action occurs. -.Pp -.Fn X509_STORE_CTX_get0_store -returns the internal pointer to the trusted certificate -.Fa store -that was set with -.Fn X509_STORE_CTX_init . -.Pp -.Fn X509_STORE_CTX_set0_trusted_stack -sets the set of -.Fa trusted -certificates used by -.Fa ctx . -This is an alternative way of specifying trusted certificates instead of -using the -.Fa store . -.Fn X509_STORE_CTX_trusted_stack -is a deprecated alias for -.Fn X509_STORE_CTX_set0_trusted_stack . -.Pp -.Fn X509_STORE_CTX_set_cert -sets the certificate to be verified in -.Fa ctx -to -.Fa x , -overriding the certificate that was set with -.Fn X509_STORE_CTX_init . -Again, the certificate is not copied -and its reference count is not incremented. -.Pp -.Fn X509_STORE_CTX_get0_cert -retrieves the internal pointer to the certificate being verified by -.Fa ctx , -i.e. the last one set using either -.Fn X509_STORE_CTX_init -or -.Fn X509_STORE_CTX_set_cert . -.Pp -.Fn X509_STORE_CTX_set_chain -and -.Fn X509_STORE_CTX_set0_untrusted -are identical and set the additional, -.Fa untrusted -certificates used by -.Fa ctx , -overriding the set of additional, untrusted certificates that was set with -.Fn X509_STORE_CTX_init . -Again, the set and the certificates contained in it are not copied -and their reference counts are not incremented. -.Pp -.Fn X509_STORE_CTX_get0_untrusted -retrieves the internal pointer -to the set of additional, untrusted certificates associated with -.Fa ctx , -i.e. the last one set using either -.Fn X509_STORE_CTX_init , -.Fn X509_STORE_CTX_set_chain , -or -.Fn X509_STORE_CTX_set0_untrusted . -.Pp -.Fn X509_STORE_CTX_set0_crls -sets a set of -.Fa crls -to use during certificate verification. -These CRLs will only be used if CRL verification is enabled in the -associated -.Vt X509_VERIFY_PARAM -structure. -This might be used where additional "useful" CRLs are supplied as part -of a protocol, for example in a PKCS#7 structure. -.Pp -Legacy applications might implicitly use an -.Vt X509_STORE_CTX -like this: -.Bd -literal -offset indent -X509_STORE_CTX ctx; -X509_STORE_CTX_init(&ctx, store, cert, chain); -.Ed -.Pp -This is -.Sy not -recommended in new applications. -They should instead do: -.Bd -literal -offset indent -X509_STORE_CTX *ctx; -ctx = X509_STORE_CTX_new(); -if (ctx == NULL) - /* Bad error */ -X509_STORE_CTX_init(ctx, store, cert, chain); -.Ed -.Sh RETURN VALUES -.Fn X509_STORE_CTX_new -returns a newly allocated context or -.Dv NULL -if an error occurred. -.Pp -.Fn X509_STORE_CTX_init -returns 1 for success or 0 if an error occurred. -.Pp -.Fn X509_STORE_CTX_get0_store -returns the internal pointer to the trusted certificate store or -.Dv NULL -if none was set. -.Pp -.Fn X509_STORE_CTX_get0_cert -returns the internal pointer to the certificate to be verified or -.Dv NULL -if no such certificate was set. -.Pp -.Fn X509_STORE_CTX_get0_untrusted -returns the internal pointer -to the set of additional, untrusted certificates or -.Dv NULL -if no set of additional certificates was provided. -.Sh SEE ALSO -.Xr X509_CRL_new 3 , -.Xr X509_STORE_CTX_get_error 3 , -.Xr X509_STORE_CTX_get_ex_new_index 3 , -.Xr X509_STORE_CTX_set_flags 3 , -.Xr X509_STORE_CTX_set_verify 3 , -.Xr X509_STORE_CTX_set_verify_cb 3 , -.Xr X509_STORE_get_by_subject 3 , -.Xr X509_STORE_new 3 , -.Xr X509_STORE_set1_param 3 , -.Xr X509_STORE_set_verify_cb 3 , -.Xr X509_verify_cert 3 , -.Xr X509_VERIFY_PARAM_inherit 3 , -.Xr X509_VERIFY_PARAM_set_flags 3 -.Sh HISTORY -.Fn X509_STORE_CTX_init , -.Fn X509_STORE_CTX_cleanup , -.Fn X509_STORE_CTX_set_cert , -and -.Fn X509_STORE_CTX_set_chain -first appeared in SSLeay 0.8.0 and have been available since -.Ox 2.4 . -.Pp -.Fn X509_STORE_CTX_new -and -.Fn X509_STORE_CTX_free -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . -.Pp -.Fn X509_STORE_CTX_trusted_stack -first appeared in OpenSSL 0.9.6 and has been available since -.Ox 2.9 . -.Pp -.Fn X509_STORE_CTX_get0_store -first appeared in OpenSSL 1.0.2. -.Fn X509_STORE_CTX_set0_trusted_stack , -.Fn X509_STORE_CTX_get0_cert , -.Fn X509_STORE_CTX_set0_untrusted , -and -.Fn X509_STORE_CTX_get0_untrusted -first appeared in OpenSSL 1.1.0. -These functions have been available since -.Ox 6.3 . diff --git a/src/lib/libcrypto/man/X509_STORE_CTX_set_flags.3 b/src/lib/libcrypto/man/X509_STORE_CTX_set_flags.3 deleted file mode 100644 index 04bb202bac..0000000000 --- a/src/lib/libcrypto/man/X509_STORE_CTX_set_flags.3 +++ /dev/null @@ -1,326 +0,0 @@ -.\" $OpenBSD: X509_STORE_CTX_set_flags.3,v 1.8 2024/08/29 20:21:10 tb Exp $ -.\" full merge up to: OpenSSL aae41f8c Jun 25 09:47:15 2015 +0100 -.\" selective merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2019 Claudio Jeker -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2009 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: August 29 2024 $ -.Dt X509_STORE_CTX_SET_FLAGS 3 -.Os -.Sh NAME -.Nm X509_STORE_CTX_set_flags , -.Nm X509_STORE_CTX_set_time , -.Nm X509_STORE_CTX_set_depth , -.Nm X509_STORE_CTX_set_trust , -.Nm X509_STORE_CTX_set_purpose , -.\" .Nm X509_STORE_CTX_purpose_inherit is intentionally undocumented -.\" because it will be removed in the next major bump. -.Nm X509_STORE_CTX_get0_param , -.Nm X509_STORE_CTX_set0_param , -.Nm X509_STORE_CTX_set_default -.Nd X509_STORE_CTX parameter initialisation -.Sh SYNOPSIS -.In openssl/x509_vfy.h -.Ft void -.Fo X509_STORE_CTX_set_flags -.Fa "X509_STORE_CTX *ctx" -.Fa "unsigned long flags" -.Fc -.Ft void -.Fo X509_STORE_CTX_set_time -.Fa "X509_STORE_CTX *ctx" -.Fa "unsigned long dummy" -.Fa "time_t time" -.Fc -.Ft void -.Fo X509_STORE_CTX_set_depth -.Fa "X509_STORE_CTX *ctx" -.Fa "int depth" -.Fc -.Ft int -.Fo X509_STORE_CTX_set_trust -.Fa "X509_STORE_CTX *ctx" -.Fa "int trust" -.Fc -.Ft int -.Fo X509_STORE_CTX_set_purpose -.Fa "X509_STORE_CTX *ctx" -.Fa "int purpose" -.Fc -.Ft X509_VERIFY_PARAM * -.Fo X509_STORE_CTX_get0_param -.Fa "X509_STORE_CTX *ctx" -.Fc -.Ft void -.Fo X509_STORE_CTX_set0_param -.Fa "X509_STORE_CTX *ctx" -.Fa "X509_VERIFY_PARAM *param" -.Fc -.Ft int -.Fo X509_STORE_CTX_set_default -.Fa "X509_STORE_CTX *ctx" -.Fa "const char *name" -.Fc -.Sh DESCRIPTION -These functions operate on the -.Vt X509_VERIFY_PARAM -object used by -.Fa ctx . -Usually, -.Xr X509_STORE_CTX_init 3 -is called on -.Fa ctx -before these functions, and -.Xr X509_verify_cert 3 -afterwards. -.Pp -.Fn X509_STORE_CTX_set_flags -sets the internal verification parameter flags to -.Fa flags . -See -.Xr X509_VERIFY_PARAM_set_flags 3 -for a description of the verification flags. -.Pp -.Fn X509_STORE_CTX_set_time -sets the verification -.Fa time -using -.Xr X509_VERIFY_PARAM_set_time 3 . -The -.Fa dummy -argument is ignored. -.Pp -.Fn X509_STORE_CTX_set_depth -sets the maximum verification -.Fa depth -using -.Xr X509_VERIFY_PARAM_set_depth 3 . -That is the maximum number of untrusted CA certificates -that can appear in a chain. -.Pp -.Fn X509_STORE_CTX_set_trust -sets the -.Fa trust -identifier that can also be set using -.Xr X509_VERIFY_PARAM_set_trust 3 . -If the -.Fa trust -argument is 0 or invalid -or the trust identifier is already set to a non-zero value in the -.Vt X509_VERIFY_PARAM -object, no action occurs. -.Pp -.Fn X509_STORE_CTX_set_purpose -sets the -.Fa purpose -identifier that can also be set using -.Xr X509_VERIFY_PARAM_set_purpose 3 . -If the -.Fa purpose -argument is 0 or any failure occurs, nothing is changed. -.Pp -In the following, the trust identifier contained in the -.Vt X509_PURPOSE -object associated with -.Fa purpose -is called the -.Dq associated trust . -.Pp -The function fails if the -.Fa purpose -argument or the associated trust is invalid but not 0; otherwise, -.Fn X509_STORE_CTX_set_purpose -also does the equivalent of calling -.Fn X509_STORE_CTX_set_trust -with the associated trust. -.Pp -If the purpose identifier is already set to a non-zero value in the -.Vt X509_VERIFY_PARAM -object, it is not changed, even if the -.Fa purpose -argument is valid, too. -.Pp -.Fn X509_STORE_CTX_get0_param -retrieves an internal pointer to the verification parameters associated -with -.Fa ctx . -.Pp -.Fn X509_STORE_CTX_set0_param -sets the internal verification parameter pointer to -.Fa param . -After this call -.Fa param -should not be used. -.Pp -.Fn X509_STORE_CTX_set_default -looks up and sets the default verification method to -.Fa name . -This uses the function -.Xr X509_VERIFY_PARAM_lookup 3 -to find an appropriate set of parameters from -.Fa name -and copies them using -.Xr X509_VERIFY_PARAM_inherit 3 . -.Sh RETURN VALUES -.Fn X509_STORE_CTX_set_trust -returns 1 if the -.Fa trust -argument is 0 or valid or 0 if it is invalid but not 0. -A return value of 1 does -.Em not -imply that the trust identifier stored in the -.Vt X509_VERIFY_PARAM -object was changed. -.Pp -.Fn X509_STORE_CTX_set_purpose -returns 1 if both the -.Fa purpose -argument and the associated trust are 0 or valid. -It returns 0 if either the -.Fa purpose -argument or the associated trust is invalid but not 0. -A return value of 1 does not imply that any data was changed. -.Pp -.Fn X509_STORE_CTX_get0_param -returns a pointer to an -.Vt X509_VERIFY_PARAM -structure or -.Dv NULL -if an error occurred. -.Pp -.Fn X509_STORE_CTX_set_default -returns 1 for success or 0 if an error occurred. -.Sh ERRORS -The following diagnostics can be retrieved with -.Xr ERR_get_error 3 , -.Xr ERR_GET_REASON 3 , -and -.Xr ERR_reason_error_string 3 : -.Bl -tag -width Ds -.It Dv X509_R_UNKNOWN_TRUST_ID Qq "unknown trust id" -.Fn X509_STORE_CTX_set_trust -was called with a -.Fa trust -argument that is invalid but not 0. -Other implementations may also return this when -.Fn X509_STORE_CTX_set_purpose -is called with a -.Fa purpose -argument with invalid associated trust. -.It Dv X509_R_UNKNOWN_PURPOSE_ID Qq "unknown purpose id" -The -.Fa purpose -argument is invalid but not 0. -.El -.Pp -The other functions provide no diagnostics. -.Sh SEE ALSO -.Xr X509_STORE_CTX_get_error 3 , -.Xr X509_STORE_CTX_new 3 , -.Xr X509_STORE_CTX_set_verify 3 , -.Xr X509_STORE_CTX_set_verify_cb 3 , -.Xr X509_STORE_new 3 , -.Xr X509_STORE_set1_param 3 , -.Xr X509_STORE_set_verify_cb 3 , -.Xr X509_verify_cert 3 , -.Xr X509_VERIFY_PARAM_new 3 , -.Xr X509_VERIFY_PARAM_set_flags 3 -.Sh HISTORY -.Fn X509_STORE_CTX_set_depth -first appeared in OpenSSL 0.9.3 and has been available since -.Ox 2.4 . -.Pp -.Fn X509_STORE_CTX_set_trust -and -.Fn X509_STORE_CTX_set_purpose -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . -.Pp -.Fn X509_STORE_CTX_set_flags -and -.Fn X509_STORE_CTX_set_time -first appeared in OpenSSL 0.9.6 and have been available since -.Ox 2.9 . -.Pp -.Fn X509_STORE_CTX_get0_param , -.Fn X509_STORE_CTX_set0_param , -and -.Fn X509_STORE_CTX_set_default -first appeared in OpenSSL 0.9.8 and have been available since -.Ox 4.5 . -.Sh CAVEATS -The precise effect of a successful call to -.Fn X509_STORE_CTX_set_trust -and -.Fn X509_STORE_CTX_set_purpose -is unclear unless only one of these functions is used immediately after -.Xr X509_STORE_CTX_init 3 . -It is therefore recommended to use -.Fn X509_STORE_CTX_get0_param , -.Xr X509_VERIFY_PARAM_set_trust 3 , -and -.Xr X509_VERIFY_PARAM_set_purpose 3 -instead. diff --git a/src/lib/libcrypto/man/X509_STORE_CTX_set_verify.3 b/src/lib/libcrypto/man/X509_STORE_CTX_set_verify.3 deleted file mode 100644 index 8c27deea5d..0000000000 --- a/src/lib/libcrypto/man/X509_STORE_CTX_set_verify.3 +++ /dev/null @@ -1,256 +0,0 @@ -.\" $OpenBSD: X509_STORE_CTX_set_verify.3,v 1.8 2024/06/07 05:51:39 tb Exp $ -.\" -.\" Copyright (c) 2021, 2022 Ingo Schwarze -.\" Copyright (c) 2023 Job Snijders -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: June 7 2024 $ -.Dt X509_STORE_CTX_SET_VERIFY 3 -.Os -.Sh NAME -.Nm X509_STORE_CTX_verify_fn , -.Nm X509_STORE_CTX_set_verify , -.Nm X509_STORE_CTX_get_verify , -.Nm X509_STORE_set_verify , -.Nm X509_STORE_set_verify_func , -.Nm X509_STORE_get_verify , -.Nm X509_STORE_CTX_check_issued_fn , -.Nm X509_STORE_set_check_issued , -.Nm X509_STORE_get_check_issued , -.Nm X509_STORE_CTX_get_check_issued -.Nd user-defined certificate chain verification function -.Sh SYNOPSIS -.In openssl/x509_vfy.h -.Ft typedef int -.Fo (*X509_STORE_CTX_verify_fn) -.Fa "X509_STORE_CTX *ctx" -.Fc -.Ft void -.Fo X509_STORE_CTX_set_verify -.Fa "X509_STORE_CTX *ctx" -.Fa "X509_STORE_CTX_verify_fn verify" -.Fc -.Ft X509_STORE_CTX_verify_fn -.Fo X509_STORE_CTX_get_verify -.Fa "X509_STORE_CTX *ctx" -.Fc -.Ft void -.Fo X509_STORE_set_verify -.Fa "X509_STORE *store" -.Fa "X509_STORE_CTX_verify_fn verify" -.Fc -.Ft void -.Fo X509_STORE_set_verify_func -.Fa "X509_STORE *store" -.Fa "X509_STORE_CTX_verify_fn verify" -.Fc -.Ft X509_STORE_CTX_verify_fn -.Fo X509_STORE_get_verify -.Fa "X509_STORE_CTX *ctx" -.Fc -.Ft typedef int -.Fo (*X509_STORE_CTX_check_issued_fn) -.Fa "X509_STORE_CTX *ctx" -.Fa "X509 *subject" -.Fa "X509 *issuer" -.Fc -.Ft void -.Fo X509_STORE_set_check_issued -.Fa "X509_STORE *store" -.Fa "X509_STORE_CTX_check_issued_fn check_issued" -.Fc -.Ft X509_STORE_CTX_check_issued_fn -.Fo X509_STORE_get_check_issued -.Fa "X509_STORE *store" -.Fc -.Ft X509_STORE_CTX_check_issued_fn -.Fo X509_STORE_CTX_get_check_issued -.Fa "X509_STORE_CTX *ctx" -.Fc -.Sh DESCRIPTION -.Fn X509_STORE_CTX_set_verify -configures -.Fa ctx -to use the -.Fa verify -argument as the X.509 certificate chain verification function instead -of the default verification function built into the library when -.Xr X509_verify_cert 3 -is called. -.Pp -The -.Fa verify -function provided by the user is only called if the -.Dv X509_V_FLAG_LEGACY_VERIFY -or -.Dv X509_V_FLAG_NO_ALT_CHAINS -flag was set on -.Fa ctx -using -.Xr X509_STORE_CTX_set_flags 3 -or -.Xr X509_VERIFY_PARAM_set_flags 3 . -Otherwise, it is ignored and a different algorithm is used that does -not support replacing the verification function. -.Pp -.Fn X509_STORE_set_verify -saves the function pointer -.Fa verify -in the given -.Fa store -object. -That pointer will be copied to an -.Vt X509_STORE_CTX -object when -.Fa store -is later passed as an argument to -.Xr X509_STORE_CTX_init 3 . -.Pp -.Fn X509_STORE_set_verify_func -is an alias for -.Fn X509_STORE_set_verify -implemented as a macro. -.Pp -.Fn X509_STORE_set_check_issued -saves the function pointer -.Fa check_issued -in the given -.Fa store -object. -That pointer will be copied to an -.Vt X509_STORE_CTX -object when -.Fa store -is later passed as an argument to -.Fn X509_STORE_CTX_init 3 . -.Pp -The -.Fa check_issued -function provided by the user should check whether a given certificate -.Fa subject -was issued using the CA certificate -.Fa issuer , -and must return 0 on failure and 1 on success. -The default implementation ignores the -.Fa ctx -argument and returns success if and only if -.Xr X509_check_issued 3 -returns -.Dv X509_V_OK . -It is important to pay close attention to the order of the -.Fa issuer -and -.Fa subject -arguments. -In -.Xr X509_check_issued 3 -the -.Fa issuer -precedes the -.Fa subject -while in -.Fn check_issued -the -.Fa subject -comes first. -.Sh RETURN VALUES -.Fn X509_STORE_CTX_verify_fn -is supposed to return 1 to indicate that the chain is valid -or 0 if it is not or if an error occurred. -.Pp -.Fn X509_STORE_CTX_get_verify -returns a function pointer previously set with -.Fn X509_STORE_CTX_set_verify -or -.Xr X509_STORE_CTX_init 3 , -or -.Dv NULL -if -.Fa ctx -is uninitialized. -.Pp -.Fn X509_STORE_get_verify -returns the function pointer previously set with -.Fn X509_STORE_set_verify , -or -.Dv NULL -if that function was not called on the -.Fa store . -.Pp -.Fn X509_STORE_get_check_issued -returns the function pointer previously set with -.Fn X509_STORE_set_check_issued , -or -.Dv NULL -if that function was not called on the -.Fa store . -.Pp -.Fn X509_STORE_CTX_get_check_issued -returns the -.Fn check_issued -function pointer set on the -.Vt X509_STORE_CTX . -This is either the -.Fn check_issued -function inherited from the -.Fa store -used in -.Xr X509_STORE_CTX_init 3 -or the library's default implementation. -.Sh SEE ALSO -.Xr X509_check_issued 3 , -.Xr X509_STORE_CTX_init 3 , -.Xr X509_STORE_CTX_set_error 3 , -.Xr X509_STORE_CTX_set_flags 3 , -.Xr X509_STORE_CTX_set_verify_cb 3 , -.Xr X509_STORE_new 3 , -.Xr X509_STORE_set_flags 3 , -.Xr X509_STORE_set_verify_cb 3 , -.Xr X509_verify_cert 3 , -.Xr X509_VERIFY_PARAM_set_flags 3 -.Sh HISTORY -.Fn X509_STORE_set_verify_func -first appeared in SSLeay 0.8.0 and has been available since -.Ox 2.4 . -.Pp -.Fn X509_STORE_CTX_set_verify -and -.Fn X509_STORE_CTX_get_verify -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 7.1 . -.Pp -.Fn X509_STORE_CTX_verify_fn , -.Fn X509_STORE_set_verify , -and -.Fn X509_STORE_get_verify -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 7.2 . -.Pp -.Fn X509_STORE_set_check_issued , -.Fn X509_STORE_get_check_issued , -and -.Fn X509_STORE_CTX_get_check_issued -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 7.3 . -.Sh BUGS -The reversal of order of -.Fa subject -and -.Fa issuer -between -.Fn check_issued -and -.Xr X509_check_issued 3 -is very confusing. -It has led to bugs and will cause many more. diff --git a/src/lib/libcrypto/man/X509_STORE_CTX_set_verify_cb.3 b/src/lib/libcrypto/man/X509_STORE_CTX_set_verify_cb.3 deleted file mode 100644 index 0fe086b721..0000000000 --- a/src/lib/libcrypto/man/X509_STORE_CTX_set_verify_cb.3 +++ /dev/null @@ -1,309 +0,0 @@ -.\" $OpenBSD: X509_STORE_CTX_set_verify_cb.3,v 1.12 2023/05/30 07:37:34 op Exp $ -.\" full merge up to: OpenSSL aebb9aac Jul 19 09:27:53 2016 -0400 -.\" selective merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2009 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: May 30 2023 $ -.Dt X509_STORE_CTX_SET_VERIFY_CB 3 -.Os -.Sh NAME -.Nm X509_STORE_CTX_verify_cb , -.Nm X509_STORE_CTX_set_verify_cb , -.Nm X509_STORE_CTX_get_verify_cb -.Nd set and retrieve verification callback -.Sh SYNOPSIS -.In openssl/x509_vfy.h -.Ft typedef int -.Fo (*X509_STORE_CTX_verify_cb) -.Fa "int ok" -.Fa "X509_STORE_CTX *ctx" -.Fc -.Ft void -.Fo X509_STORE_CTX_set_verify_cb -.Fa "X509_STORE_CTX *ctx" -.Fa "X509_STORE_CTX_verify_cb verify_cb" -.Fc -.Ft X509_STORE_CTX_verify_cb -.Fo X509_STORE_CTX_get_verify_cb -.Fa "X509_STORE_CTX *ctx" -.Fc -.Sh DESCRIPTION -.Fn X509_STORE_CTX_set_verify_cb -sets the verification callback of -.Fa ctx -to -.Fa verify_cb -overwriting any existing callback. -.Pp -The verification callback can be used to modify the operation of -certificate verification, either by overriding error conditions or -logging errors for debugging purposes. -The use of a verification callback is not essential, and should not -be used in security sensitive programs. -.Pp -Do not use this function. -It is extremely fragile and unpredictable. -This callback exposes implementation details of certificate verification, -which change as the library evolves. -Attempting to use it for security checks can introduce vulnerabilities if -making incorrect assumptions about when the callback is called. -Additionally, overriding -.Fa ok -may leave -.Fa ctx -in an inconsistent state and break invariants. -.Pp -Instead, customize certificate verification by configuring options on the -.Vt X509_STORE_CTX -before verification, or applying additional checks after -.Xr X509_verify_cert 3 -completes successfully. -.Pp -The -.Fa ok -parameter to the callback indicates the value the callback should return -to retain the default behaviour. -If it is zero then an error condition is indicated. -If it is 1 then no error occurred. -As the default behaviour is internal to the verifier, and possibly unknown -to the caller, changing this parameter is inherently dangerous and should not -normally be done except for debugging purposes, and should not be expected to -be consistent if the verifier changes. -If the flag -.Dv X509_V_FLAG_NOTIFY_POLICY -is set, then -.Fa ok -is set to 2 to indicate the policy checking is complete. -.Pp -The -.Fa ctx -parameter to the callback is the -.Vt X509_STORE_CTX -structure that is performing the verification operation. -A callback can examine this structure and receive additional information -about the error, for example by calling -.Xr X509_STORE_CTX_get_current_cert 3 . -Additional application data can be passed to the callback via the -.Sy ex_data -mechanism. -.Pp -The verification callback can be set and inherited from the parent -structure performing the operation. -In some cases (such as S/MIME verification) the -.Vt X509_STORE_CTX -structure is created and destroyed internally and the only way to set a -custom verification callback is by inheriting it from the associated -.Vt X509_STORE . -.Sh RETURN VALUES -.Fn X509_STORE_CTX_get_verify_cb -returns a pointer to the current callback function -used by the specified -.Fa ctx . -If no callback was set using -.Fn X509_STORE_CTX_set_verify_cb , -that is a pointer to a built-in static function -which does nothing except returning the -.Fa ok -argument passed to it. -.Sh EXAMPLES -Default callback operation: -.Bd -literal -int -verify_callback(int ok, X509_STORE_CTX *ctx) -{ - return ok; -} -.Ed -.Pp -This is likely the only safe callback to use. -.Pp -Simple and terrible example that should not be used. -Suppose a certificate in the chain is expired and we -wish to continue after this error: -.Bd -literal -int -verify_callback(int ok, X509_STORE_CTX *ctx) -{ - /* Tolerate certificate expiration */ - if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_CERT_HAS_EXPIRED) - return 1; - /* Otherwise don't override */ - return ok; -} -.Ed -.Pp -While this example is presented for historical purposes, -this is not the correct way to accomplish this. -The verification flag -.Dv X509_V_FLAG_NO_CHECK_TIME -should be set on the -.Vt STORE_CTX -using -.Xr X509_VERIFY_PARAM_set_flags 3 -instead. -.Pp -Full featured debugging logging callback - note that the output and -order that things happen from this can change over time and should not -be parsed or expected to be consistent. -In this case the -.Fa bio_err -is assumed to be a global logging -.Vt BIO , -an alternative would to store a -.Vt BIO -in -.Fa ctx -using -.Sy ex_data . -.Bd -literal -int -verify_callback(int ok, X509_STORE_CTX *ctx) -{ - X509 *err_cert; - int err,depth; - - err_cert = X509_STORE_CTX_get_current_cert(ctx); - err = X509_STORE_CTX_get_error(ctx); - depth = X509_STORE_CTX_get_error_depth(ctx); - - BIO_printf(bio_err,"depth=%d ",depth); - if (err_cert) { - X509_NAME_print_ex(bio_err, - X509_get_subject_name(err_cert), 0, - XN_FLAG_ONELINE); - BIO_puts(bio_err, "\en"); - } else - BIO_puts(bio_err, "\en"); - if (!ok) - BIO_printf(bio_err, "verify error:num=%d:%s\en", - err, X509_verify_cert_error_string(err)); - switch (err) { - case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: - BIO_puts(bio_err, "issuer= "); - X509_NAME_print_ex(bio_err, - X509_get_issuer_name(err_cert), 0, - XN_FLAG_ONELINE); - BIO_puts(bio_err, "\en"); - break; - case X509_V_ERR_CERT_NOT_YET_VALID: - case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: - BIO_printf(bio_err, "notBefore="); - ASN1_TIME_print(bio_err, - X509_get_notBefore(err_cert)); - BIO_printf(bio_err, "\en"); - break; - case X509_V_ERR_CERT_HAS_EXPIRED: - case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: - BIO_printf(bio_err, "notAfter="); - ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert)); - BIO_printf(bio_err, "\en"); - break; - case X509_V_ERR_NO_EXPLICIT_POLICY: - policies_print(bio_err, ctx); - break; - } - if (err == X509_V_OK && ok == 2) - /* print out policies */ - - BIO_printf(bio_err,"verify return:%d\en",ok); - return(ok); -} -.Ed -.Sh SEE ALSO -.Xr X509_STORE_CTX_get_error 3 , -.Xr X509_STORE_CTX_get_ex_new_index 3 , -.Xr X509_STORE_CTX_new 3 , -.Xr X509_STORE_CTX_set_error 3 , -.Xr X509_STORE_CTX_set_flags 3 , -.Xr X509_STORE_CTX_set_verify 3 , -.Xr X509_STORE_set_verify_cb 3 , -.Xr X509_verify_cert 3 , -.Xr X509_VERIFY_PARAM_set_flags 3 -.Sh HISTORY -.Fn X509_STORE_CTX_set_verify_cb -first appeared in OpenSSL 0.9.6c and has been available since -.Ox 3.2 . -.Pp -.Fn X509_STORE_CTX_get_verify_cb -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 7.1 . -.Pp -.Fn X509_STORE_CTX_verify_cb -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 7.2 . -.Sh CAVEATS -In general a verification callback should -.Sy NOT -return a changed value of -.Fa ok -because this can allow the verification to appear to succeed -in an unpredictable way. -This can effectively remove all security from the application because -untrusted or invalid certificates may be accepted. -Doing this can possibly make -.Xr X509_verify_cert 3 -return what appears to be a validated chain of certificates that has not -been validated or even had the signatures checked. diff --git a/src/lib/libcrypto/man/X509_STORE_get_by_subject.3 b/src/lib/libcrypto/man/X509_STORE_get_by_subject.3 deleted file mode 100644 index 0f6fbd8410..0000000000 --- a/src/lib/libcrypto/man/X509_STORE_get_by_subject.3 +++ /dev/null @@ -1,246 +0,0 @@ -.\" $OpenBSD: X509_STORE_get_by_subject.3,v 1.6 2024/05/12 05:08:59 tb Exp $ -.\" -.\" Copyright (c) 2021, 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: May 12 2024 $ -.Dt X509_STORE_GET_BY_SUBJECT 3 -.Os -.Sh NAME -.Nm X509_STORE_CTX_get_by_subject , -.Nm X509_STORE_CTX_get_obj_by_subject , -.Nm X509_STORE_CTX_get1_certs , -.Nm X509_STORE_CTX_get1_crls , -.Nm X509_STORE_CTX_get1_issuer , -.Nm X509_STORE_get_by_subject , -.Nm X509_STORE_get1_certs , -.Nm X509_STORE_get1_crls -.Nd retrieve objects from a certificate store -.Sh SYNOPSIS -.In openssl/x509_vfy.h -.Ft int -.Fo X509_STORE_CTX_get_by_subject -.Fa "X509_STORE_CTX *ctx" -.Fa "X509_LOOKUP_TYPE type" -.Fa "X509_NAME *name" -.Fa "X509_OBJECT *object" -.Fc -.Ft X509_OBJECT * -.Fo X509_STORE_CTX_get_obj_by_subject -.Fa "X509_STORE_CTX *ctx" -.Fa "X509_LOOKUP_TYPE type" -.Fa "X509_NAME *name" -.Fc -.Ft STACK_OF(X509) * -.Fo X509_STORE_CTX_get1_certs -.Fa "X509_STORE_CTX *ctx" -.Fa "X509_NAME *name" -.Fc -.Ft STACK_OF(X509_CRL) * -.Fo X509_STORE_CTX_get1_crls -.Fa "X509_STORE_CTX *ctx" -.Fa "X509_NAME *name" -.Fc -.Ft int -.Fo X509_STORE_CTX_get1_issuer -.Fa "X509 **issuer" -.Fa "X509_STORE_CTX *ctx" -.Fa "X509 *certificate" -.Fc -.Ft int -.Fo X509_STORE_get_by_subject -.Fa "X509_STORE_CTX *ctx" -.Fa "X509_LOOKUP_TYPE type" -.Fa "X509_NAME *name" -.Fa "X509_OBJECT *object" -.Fc -.Ft STACK_OF(X509) * -.Fo X509_STORE_get1_certs -.Fa "X509_STORE_CTX *ctx" -.Fa "X509_NAME *name" -.Fc -.Ft STACK_OF(X509_CRL) * -.Fo X509_STORE_get1_crls -.Fa "X509_STORE_CTX *ctx" -.Fa "X509_NAME *name" -.Fc -.Sh DESCRIPTION -.Fn X509_STORE_CTX_get_by_subject -retrieves the first object having a matching -.Fa type -and -.Fa name -from the -.Vt X509_STORE -associated with the -.Fa ctx . -The -.Fa type -can be -.Dv X509_LU_X509 -to retrieve a certificate or -.Dv X509_LU_CRL -to retrieve a revocation list. -.Pp -If the store does not yet contain a matching object or if the type is -.Dv X509_LU_CRL , -a lookup by subject is performed on -.Vt X509_LOOKUP -objects associated with the store until a match is found, -which may add zero or more objects to the store. -.Pp -In case of success, the content of the -.Fa object -provided by the caller is overwritten with a pointer to the first -match, and the reference count of that certificate or revocation -list is incremented by 1. -Avoiding a memory leak by making sure the provided -.Fa object -is empty is the responsibility of the caller. -.Pp -.Fn X509_STORE_CTX_get_obj_by_subject -is similar except that a new object is allocated and returned. -.Pp -.Fn X509_STORE_CTX_get1_certs -retrieves all certificates matching the subject -.Vt name -from the -.Vt X509_STORE -associated with -.Fa ctx . -If there are none yet, -.Fn X509_STORE_CTX_get_by_subject -is called to try and add some. -In case of success, the reference counts of all certificates -added to the returned array are incremented by 1. -.Pp -.Fn X509_STORE_CTX_get1_crls -is similar except that it operates on certificate revocation lists -rather than on certificates and that it always calls -.Fn X509_STORE_CTX_get_by_subject , -even if the -.Vt X509_STORE -already contains a matching revocation list. -.Pp -.Fn X509_STORE_CTX_get1_issuer -retrieves the -.Fa issuer -CA certificate for the given -.Fa certificate -from the -.Vt X509_STORE -associated with -.Fa ctx . -Internally, the issuer name is retrieved with -.Xr X509_get_issuer_name 3 -and the candidate issuer CA certificate with -.Fn X509_STORE_X509_get_by_subject -using that issuer name. -.Xr X509_check_issued 3 -or a user-supplied replacement function is used to check whether the -.Fa certificate -was indeed issued using the -.Fa issuer -CA certificate before returning it. -If verification parameters associated with -.Fa ctx -encourage checking of validity times, CAs with a valid time are -preferred, but if no matching CA has a valid time, one with an -invalid time is accepted anyway. -.Pp -The following are deprecated aliases implemented as macros: -.Bl -column X509_STORE_get_by_subject F X509_STORE_CTX_get_by_subject -.It Fn X509_STORE_get_by_subject Ta for Ta Fn X509_STORE_CTX_get_by_subject -.It Fn X509_STORE_get1_certs Ta for Ta Fn X509_STORE_CTX_get1_certs -.It Fn X509_STORE_get1_crls Ta for Ta Fn X509_STORE_CTX_get1_crls -.El -.Sh RETURN VALUES -.Fn X509_STORE_CTX_get_by_subject -and -.Fn X509_STORE_get_by_subject -return 1 if a match is found or 0 on failure. -In addition to simply not finding a match, -they may also fail due to memory allocation failure. -With library implementations other than LibreSSL, -they might also return negative values for internal errors. -.Pp -.Fn X509_STORE_CTX_get_obj_by_subject -returns the new object or -.Dv NULL -on failure, in particular if no match is found or memory allocation fails. -.Pp -.Fn X509_STORE_CTX_get1_certs -and -.Fn X509_STORE_get1_certs -return a newly allocated and populated array of certificates or -.Dv NULL -on failure. -They fail if no match is found, if -.Fn X509_STORE_CTX_get_by_subject -fails, or if memory allocation fails. -.Pp -.Fn X509_STORE_CTX_get1_crls -and -.Fn X509_STORE_get1_crls -return a newly allocated and populated array of CRLs or -.Dv NULL -on failure. -They fail if -.Fn X509_STORE_CTX_get_by_subject -finds no new match, even if the associated -.Vt X509_STORE -already contains matching CRLs, or if memory allocation fails. -.Pp -.Fn X509_STORE_CTX_get1_issuer -returns 1 if a matching -.Fa issuer -CA certificate is found or 0 otherwise. -With library implementations other than LibreSSL, -it might also return negative values for internal errors. -.Sh SEE ALSO -.Xr STACK_OF 3 , -.Xr X509_check_issued 3 , -.Xr X509_CRL_new 3 , -.Xr X509_get_issuer_name 3 , -.Xr X509_NAME_new 3 , -.Xr X509_new 3 , -.Xr X509_OBJECT_retrieve_by_subject 3 , -.Xr X509_STORE_CTX_new 3 , -.Xr X509_VERIFY_PARAM_set_flags 3 -.Sh HISTORY -.Fn X509_STORE_get_by_subject -first appeared in SSLeay 0.8.0 and has been available since -.Ox 2.4 . -.Pp -.Fn X509_STORE_CTX_get1_issuer -first appeared in OpenSSL 0.9.6 and has been available since -.Ox 2.9 . -.Pp -.Fn X509_STORE_get1_certs -and -.Fn X509_STORE_get1_crls -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . -.Pp -.Fn X509_STORE_CTX_get_by_subject -and -.Fn X509_STORE_CTX_get_obj_by_subject -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 7.1 . -.Pp -.Fn X509_STORE_CTX_get1_certs -and -.Fn X509_STORE_CTX_get1_crls -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 7.4 . diff --git a/src/lib/libcrypto/man/X509_STORE_load_locations.3 b/src/lib/libcrypto/man/X509_STORE_load_locations.3 deleted file mode 100644 index a8177b0fd4..0000000000 --- a/src/lib/libcrypto/man/X509_STORE_load_locations.3 +++ /dev/null @@ -1,188 +0,0 @@ -.\" $OpenBSD: X509_STORE_load_locations.3,v 1.12 2024/09/02 07:20:21 tb Exp $ -.\" full merge up to: -.\" OpenSSL X509_STORE_add_cert b0edda11 Mar 20 13:00:17 2018 +0000 -.\" -.\" Copyright (c) 2017, 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: September 2 2024 $ -.Dt X509_STORE_LOAD_LOCATIONS 3 -.Os -.Sh NAME -.Nm X509_STORE_load_locations , -.Nm X509_STORE_set_default_paths , -.Nm X509_STORE_load_mem , -.Nm X509_STORE_add_lookup -.Nd configure files and directories used by a certificate store -.Sh SYNOPSIS -.In openssl/x509_vfy.h -.Ft int -.Fo X509_STORE_load_locations -.Fa "X509_STORE *store" -.Fa "const char *file" -.Fa "const char *dirs" -.Fc -.Ft int -.Fo X509_STORE_set_default_paths -.Fa "X509_STORE *store" -.Fc -.Ft int -.Fo X509_STORE_load_mem -.Fa "X509_STORE *store" -.Fa "void *buffer" -.Fa "int length" -.Fc -.Ft X509_LOOKUP * -.Fo X509_STORE_add_lookup -.Fa "X509_STORE *store" -.Fa "const X509_LOOKUP_METHOD *method" -.Fc -.Sh DESCRIPTION -.Fn X509_STORE_load_locations -instructs the -.Fa store -to use the PEM -.Fa file -and all the PEM files in the directories -contained in the colon-separated list -.Fa dirs -for looking up certificates, in addition to files and directories -that are already configured. -The certificates in the directories must be in hashed form, as documented in -.Xr X509_LOOKUP_hash_dir 3 . -Directories already in use are not added again. -If -.Dv NULL -is passed for -.Fa file -or -.Fa dirs , -no new file or no new directories are added, respectively. -.Pp -.Fn X509_STORE_load_locations -is identical to -.Xr SSL_CTX_load_verify_locations 3 -except that it operates directly on an -.Vt X509_STORE -object, rather than on the store used by an SSL context. -See that manual page for more information. -.Pp -.Fn X509_STORE_set_default_paths -is similar except that it instructs the -.Fa store -to use the default PEM file and directory -(as documented in -.Sx FILES ) -in addition to what is already configured. -It ignores errors that occur while trying to load the file or to -add the directory, but it may still fail for other reasons, for -example when out of memory while trying to allocate the required -.Vt X509_LOOKUP -objects. -.Pp -.Fn X509_STORE_set_default_paths -is identical to -.Xr SSL_CTX_set_default_verify_paths 3 -except that it operates directly on an -.Vt X509_STORE -object, rather than on the store used by an SSL context. -See that manual page for more information. -.Pp -The above functions are wrappers around -.Xr X509_LOOKUP_load_file 3 -and -.Xr X509_LOOKUP_add_dir 3 . -.Pp -.Fn X509_STORE_load_mem -instructs the -.Fa store -to use the certificates contained in the memory -.Fa buffer -of the given -.Fa length -for certificate lookup. -It is a wrapper around -.Xr X509_LOOKUP_add_mem 3 . -.Pp -.Fn X509_STORE_add_lookup -checks whether the -.Fa store -already contains an -.Vt X509_LOOKUP -object using the given -.Fa method ; -if it does, the existing object is returned and no other action occurs. -Otherwise, a new -.Vt X509_LOOKUP -object is allocated, added, and returned. -This function is used internally by all the functions listed above. -.Sh RETURN VALUES -.Fn X509_STORE_load_locations -returns 1 if all files and directories specified were successfully -added. -It returns 0 for failure. -That can happen if adding the file failed, if adding any of the -directories failed, or if both arguments were -.Dv NULL . -.Pp -.Fn X509_STORE_set_default_paths -returns 0 for some error conditions and 1 otherwise, not just for -success, but also for various cases of failure. -.Pp -.Fn X509_STORE_load_mem -returns 1 for success or 0 for failure. -In particular, parse errors or lack of memory can cause failure. -.Pp -.Fn X509_STORE_add_lookup -returns the existing or new lookup object or -.Dv NULL -on failure. -This is an internal pointer that must not be freed. -With LibreSSL, the only reason for failure is lack of memory. -.Sh FILES -.Bl -tag -width Ds -.It Pa /etc/ssl/cert.pem -default PEM file for -.Fn X509_STORE_set_default_paths -.It Pa /etc/ssl/certs/ -default directory for -.Fn X509_STORE_set_default_paths -.El -.Sh SEE ALSO -.Xr SSL_CTX_load_verify_locations 3 , -.Xr X509_load_cert_file 3 , -.Xr X509_LOOKUP_hash_dir 3 , -.Xr X509_LOOKUP_new 3 , -.Xr X509_STORE_new 3 , -.Xr X509_STORE_set1_param 3 , -.Xr X509_STORE_set_verify_cb 3 -.Sh HISTORY -.Fn X509_STORE_load_locations , -.Fn X509_STORE_set_default_paths , -and -.Fn X509_STORE_add_lookup -first appeared in SSLeay 0.8.0 and have been available since -.Ox 2.4 . -.Pp -.Fn X509_STORE_load_mem -first appeared in -.Ox 5.7 . -.Sh BUGS -By the time that adding a directory is found to have failed, -the file and some other directories may already have been successfully loaded, -so these functions may change the state of the store even when they fail. -.Pp -.Fn X509_STORE_set_default_paths -clears the error queue, deleting even error information that was -already present when it was called. diff --git a/src/lib/libcrypto/man/X509_STORE_new.3 b/src/lib/libcrypto/man/X509_STORE_new.3 deleted file mode 100644 index a17da03a41..0000000000 --- a/src/lib/libcrypto/man/X509_STORE_new.3 +++ /dev/null @@ -1,145 +0,0 @@ -.\" $OpenBSD: X509_STORE_new.3,v 1.7 2021/11/17 16:08:32 schwarze Exp $ -.\" full merge up to: OpenSSL 05ea606a May 20 20:52:46 2016 -0400 -.\" selective merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2018 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by -.\" Alessandro Ghedini . -.\" Copyright (c) 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 17 2021 $ -.Dt X509_STORE_NEW 3 -.Os -.Sh NAME -.Nm X509_STORE_new , -.Nm X509_STORE_up_ref , -.Nm X509_STORE_free -.Nd allocate and free X.509 certificate stores -.Sh SYNOPSIS -.In openssl/x509_vfy.h -.Ft X509_STORE * -.Fn X509_STORE_new void -.Ft int -.Fo X509_STORE_up_ref -.Fa "X509_STORE *store" -.Fc -.Ft void -.Fo X509_STORE_free -.Fa "X509_STORE *store" -.Fc -.Sh DESCRIPTION -.Fn X509_STORE_new -allocates and initializes an empty X.509 certificate store -and sets its reference count to 1. -.Pp -.Fn X509_STORE_up_ref -increments the reference count of -.Fa store -by 1. -.Pp -.Fn X509_STORE_free -decrements the reference count of -.Fa store -by 1. -If the reference count reaches 0, -all resources used by the store, including all certificates -contained in it, are released and -.Fa store -itself is freed. -If -.Fa store -is a -.Dv NULL -pointer, no action occurs. -.Sh RETURN VALUES -.Fn X509_STORE_new -returns a newly created -.Vt X509_STORE -object or -.Dv NULL -if an error occurs. -.Pp -.Fn X509_STORE_up_ref -returns 1 for success and 0 for failure. -.Sh SEE ALSO -.Xr PKCS7_verify 3 , -.Xr SSL_CTX_set_cert_store 3 , -.Xr X509_load_cert_file 3 , -.Xr X509_LOOKUP_hash_dir 3 , -.Xr X509_OBJECT_get0_X509 3 , -.Xr X509_STORE_CTX_new 3 , -.Xr X509_STORE_get_ex_new_index 3 , -.Xr X509_STORE_load_locations 3 , -.Xr X509_STORE_set1_param 3 , -.Xr X509_STORE_set_verify_cb 3 , -.Xr X509_verify_cert 3 -.Sh HISTORY -.Fn X509_STORE_new -and -.Fn X509_STORE_free -first appeared in SSLeay 0.8.0 and have been available since -.Ox 2.4 . -.Pp -.Fn X509_STORE_up_ref -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 6.3 . diff --git a/src/lib/libcrypto/man/X509_STORE_set1_param.3 b/src/lib/libcrypto/man/X509_STORE_set1_param.3 deleted file mode 100644 index 527fe652e5..0000000000 --- a/src/lib/libcrypto/man/X509_STORE_set1_param.3 +++ /dev/null @@ -1,268 +0,0 @@ -.\" $OpenBSD: X509_STORE_set1_param.3,v 1.22 2024/03/14 22:19:12 tb Exp $ -.\" content checked up to: -.\" OpenSSL man3/X509_STORE_add_cert b0edda11 Mar 20 13:00:17 2018 +0000 -.\" OpenSSL man3/X509_STORE_get0_param e90fc053 Jul 15 09:39:45 2017 -0400 -.\" -.\" Copyright (c) 2018 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 14 2024 $ -.Dt X509_STORE_SET1_PARAM 3 -.Os -.Sh NAME -.Nm X509_STORE_set1_param , -.Nm X509_STORE_set_flags , -.Nm X509_STORE_set_purpose , -.Nm X509_STORE_set_trust , -.Nm X509_STORE_set_depth , -.Nm X509_STORE_add_cert , -.Nm X509_STORE_add_crl , -.Nm X509_STORE_get0_param , -.Nm X509_STORE_get1_objects , -.Nm X509_STORE_get0_objects , -.Nm X509_STORE_get_ex_new_index , -.Nm X509_STORE_set_ex_data , -.Nm X509_STORE_get_ex_data -.Nd get and set X509_STORE data -.Sh SYNOPSIS -.In openssl/x509_vfy.h -.Ft int -.Fo X509_STORE_set1_param -.Fa "X509_STORE *store" -.Fa "X509_VERIFY_PARAM *pm" -.Fc -.Ft int -.Fo X509_STORE_set_flags -.Fa "X509_STORE *store" -.Fa "unsigned long flags" -.Fc -.Ft int -.Fo X509_STORE_set_purpose -.Fa "X509_STORE *store" -.Fa "int purpose" -.Fc -.Ft int -.Fo X509_STORE_set_trust -.Fa "X509_STORE *store" -.Fa "int trust" -.Fc -.Ft int -.Fo X509_STORE_set_depth -.Fa "X509_STORE *store" -.Fa "int depth" -.Fc -.Ft int -.Fo X509_STORE_add_cert -.Fa "X509_STORE *store" -.Fa "X509 *x" -.Fc -.Ft int -.Fo X509_STORE_add_crl -.Fa "X509_STORE *store" -.Fa "X509_CRL *crl" -.Fc -.Ft X509_VERIFY_PARAM * -.Fo X509_STORE_get0_param -.Fa "X509_STORE *store" -.Fc -.Ft STACK_OF(X509_OBJECT) * -.Fo X509_STORE_get1_objects -.Fa "X509_STORE *store" -.Fc -.Ft STACK_OF(X509_OBJECT) * -.Fo X509_STORE_get0_objects -.Fa "X509_STORE *store" -.Fc -.Ft int -.Fo X509_STORE_get_ex_new_index -.Fa "long argl" -.Fa "void *argp" -.Fa "CRYPTO_EX_new *new_func" -.Fa "CRYPTO_EX_dup *dup_func" -.Fa "CRYPTO_EX_free *free_func" -.Fc -.Ft int -.Fo X509_STORE_set_ex_data -.Fa "X509_STORE *store" -.Fa "int idx" -.Fa "void *arg" -.Fc -.Ft void * -.Fo X509_STORE_get_ex_data -.Fa "X509_STORE *store" -.Fa "int idx" -.Fc -.Sh DESCRIPTION -.Fn X509_STORE_set1_param -copies the verification parameters from -.Fa pm -using -.Xr X509_VERIFY_PARAM_set1 3 -into the verification parameter object contained in the -.Fa store . -.Pp -.Fn X509_VERIFY_PARAM_set_flags , -.Fn X509_STORE_set_purpose , -.Fn X509_STORE_set_trust , -and -.Fn X509_STORE_set_depth -call -.Fn X509_VERIFY_PARAM_set_flags , -.Fn X509_VERIFY_PARAM_set_purpose , -.Fn X509_VERIFY_PARAM_set_trust , -and -.Fn X509_VERIFY_PARAM_set_depth -on the verification parameter object contained in the -.Fa store . -.Pp -.Fn X509_STORE_add_cert -and -.Fn X509_STORE_add_crl -add the certificate -.Fa x -or the certificate revocation list -.Fa crl -to the -.Fa store , -increasing its reference count by 1 in case of success. -Untrusted objects should not be added in this way. -.Pp -.Fn X509_STORE_get_ex_new_index , -.Fn X509_STORE_set_ex_data , -and -.Fn X509_STORE_get_ex_data -handle application specific data in -.Vt X509_STORE -objects. -Their usage is identical to that of -.Xr RSA_get_ex_new_index 3 , -.Xr RSA_set_ex_data 3 , -and -.Xr RSA_get_ex_data 3 . -.Fn X509_STORE_get_ex_new_index -is implemented as a macro. -.Sh RETURN VALUES -.Fn X509_STORE_set1_param , -.Fn X509_STORE_set_purpose , -.Fn X509_STORE_set_trust , -and -.Fn X509_STORE_set_ex_data -return 1 for success or 0 for failure. -.Pp -.Fn X509_STORE_set_flags -and -.Fn X509_STORE_set_depth -always return 1, indicating success. -.Pp -.Fn X509_STORE_add_cert -and -.Fn X509_STORE_add_crl -return 1 for success or 0 for failure. -For example, they fail if -.Fa x -or -.Fa crl -is a -.Dv NULL -pointer, if a certificate with the same subject name as -.Fa x -or a revocation list with the same issuer name as -.Fa crl -are already contained in the -.Fa store , -or if memory allocation fails. -.Pp -.Fn X509_STORE_get0_param -returns an internal pointer to the verification parameter object -contained in the -.Fa store . -The returned pointer must not be freed by the calling application. -.Pp -.Fn X509_STORE_get1_objects -returns a newly allocated stack containing -the certificates, revocation lists, and private keys in -.Fa store , -as well as cached objects added by -.Xr X509_LOOKUP_hash_dir 3 . -The caller must release the result with -.Xr sk_pop_free 3 -and -.Xr X509_OBJECT_free 3 -when done. -.Pp -.Fn X509_STORE_get0_objects -is a deprecated function returning an internal pointer to -the stack of certificates, revocation lists, and private keys contained in -.Fa store . -The returned pointer must not be modified or freed by the calling application. -This function is not thread-safe. -If -.Fa store -is shared across multiple threads, callers cannot safely inspect the result of -this function, because another thread may have concurrently added to it. -In particular, -.Xr X509_LOOKUP_hash_dir 3 -treats this list as a cache and may add to it in the course of certificate -verification. -.Pp -.Fn X509_STORE_get_ex_new_index -returns a new index or \-1 on failure. -.Pp -.Fn X509_STORE_get_ex_data -returns the application data or -.Dv NULL -on failure. -.Sh SEE ALSO -.Xr RSA_get_ex_new_index 3 , -.Xr SSL_set1_param 3 , -.Xr X509_LOOKUP_new 3 , -.Xr X509_OBJECT_get0_X509 3 , -.Xr X509_STORE_CTX_set0_param 3 , -.Xr X509_STORE_load_locations 3 , -.Xr X509_STORE_new 3 , -.Xr X509_VERIFY_PARAM_new 3 , -.Xr X509_VERIFY_PARAM_set_flags 3 -.Sh HISTORY -.Fn X509_STORE_add_cert -first appeared in SSLeay 0.8.0. -.Fn X509_STORE_add_crl -first appeared in SSLeay 0.9.0. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn X509_STORE_set_flags , -.Fn X509_STORE_set_purpose , -and -.Fn X509_STORE_set_trust -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Pp -.Fn X509_STORE_set1_param -and -.Fn X509_STORE_set_depth -first appeared in OpenSSL 0.9.8 and have been available since -.Ox 4.5 . -.Pp -.Fn X509_STORE_get0_param , -.Fn X509_STORE_get0_objects , -.Fn X509_STORE_get_ex_new_index , -.Fn X509_STORE_set_ex_data , -and -.Fn X509_STORE_get_ex_data -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 6.3 . -.Pp -.Fn X509_STORE_get1_objects -first appeared in BoringSSL and has been available since -.Ox 7.5 . diff --git a/src/lib/libcrypto/man/X509_STORE_set_verify_cb_func.3 b/src/lib/libcrypto/man/X509_STORE_set_verify_cb_func.3 deleted file mode 100644 index bdd5ea5044..0000000000 --- a/src/lib/libcrypto/man/X509_STORE_set_verify_cb_func.3 +++ /dev/null @@ -1,121 +0,0 @@ -.\" $OpenBSD: X509_STORE_set_verify_cb_func.3,v 1.12 2022/11/16 14:51:08 schwarze Exp $ -.\" full merge up to: OpenSSL 05ea606a May 20 20:52:46 2016 -0400 -.\" selective merge up to: OpenSSL 315c47e0 Dec 1 14:22:16 2020 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2009 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 16 2022 $ -.Dt X509_STORE_SET_VERIFY_CB_FUNC 3 -.Os -.Sh NAME -.Nm X509_STORE_set_verify_cb , -.Nm X509_STORE_set_verify_cb_func , -.Nm X509_STORE_get_verify_cb -.Nd set verification callback -.Sh SYNOPSIS -.In openssl/x509_vfy.h -.Ft void -.Fo X509_STORE_set_verify_cb -.Fa "X509_STORE *st" -.Fa "X509_STORE_CTX_verify_cb verify_cb" -.Fc -.Ft void -.Fo X509_STORE_set_verify_cb_func -.Fa "X509_STORE *st" -.Fa "X509_STORE_CTX_verify_cb verify_cb" -.Fc -.Ft X509_STORE_CTX_verify_cb -.Fo X509_STORE_get_verify_cb -.Fa "X509_STORE *st" -.Fc -.Sh DESCRIPTION -.Fn X509_STORE_set_verify_cb -sets the verification callback of -.Sy ctx -to -.Sy verify_cb , -overwriting any existing callback. -.Pp -.Fn X509_STORE_set_verify_cb_func -also sets the verification callback but it is implemented as a macro. -.Pp -The verification callback from an -.Vt X509_STORE -is inherited by the corresponding -.Vt X509_STORE_CTX -structure when it is initialized. -This can be used to set the verification callback when the -.Vt X509_STORE_CTX -is otherwise inaccessible (for example during S/MIME verification). -.Sh RETURN VALUES -.Fn X509_STORE_get_verify_cb -returns the function pointer set with -.Fn X509_STORE_set_verify_cb , -or -.Dv NULL -if that function was not called on -.Fa st . -.Sh SEE ALSO -.Xr X509_STORE_CTX_new 3 , -.Xr X509_STORE_CTX_set_verify 3 , -.Xr X509_STORE_CTX_set_verify_cb 3 , -.Xr X509_STORE_new 3 , -.Xr X509_STORE_set_flags 3 , -.Xr X509_verify_cert 3 -.Sh HISTORY -.Fn X509_STORE_set_verify_cb_func -first appeared in SSLeay 0.8.0 and has been available since -.Ox 2.4 . -.Pp -.Fn X509_STORE_set_verify_cb -first appeared in OpenSSL 1.0.0 and has been available since -.Ox 4.9 . -.Pp -.Fn X509_STORE_get_verify_cb -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 7.2 . diff --git a/src/lib/libcrypto/man/X509_VERIFY_PARAM_new.3 b/src/lib/libcrypto/man/X509_VERIFY_PARAM_new.3 deleted file mode 100644 index a22d2b1b4b..0000000000 --- a/src/lib/libcrypto/man/X509_VERIFY_PARAM_new.3 +++ /dev/null @@ -1,306 +0,0 @@ -.\" $OpenBSD: X509_VERIFY_PARAM_new.3,v 1.5 2023/05/24 09:57:50 tb Exp $ -.\" -.\" Copyright (c) 2018, 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: May 24 2023 $ -.Dt X509_VERIFY_PARAM_NEW 3 -.Os -.Sh NAME -.Nm X509_VERIFY_PARAM_new , -.Nm X509_VERIFY_PARAM_inherit , -.Nm X509_VERIFY_PARAM_set1 , -.Nm X509_VERIFY_PARAM_free , -.Nm X509_VERIFY_PARAM_add0_table , -.Nm X509_VERIFY_PARAM_lookup , -.Nm X509_VERIFY_PARAM_get_count , -.Nm X509_VERIFY_PARAM_get0 , -.Nm X509_VERIFY_PARAM_table_cleanup -.\" The following constants defined in the public header -.\" are intentionally undocumented because X509_VERIFY_PARAM is an opaque -.\" struct and LibreSSL provides neither X509_VERIFY_PARAM_set_inh_flags(3) -.\" nor X509_VERIFY_PARAM_get_inh_flags(3): -.\" X509_VP_FLAG_DEFAULT -.\" X509_VP_FLAG_OVERWRITE -.\" X509_VP_FLAG_RESET_FLAGS -.\" X509_VP_FLAG_LOCKED -.\" X509_VP_FLAG_ONCE -.Nd X509 verification parameter objects -.Sh SYNOPSIS -.In openssl/x509_vfy.h -.Ft X509_VERIFY_PARAM * -.Fo X509_VERIFY_PARAM_new -.Fa void -.Fc -.Ft int -.Fo X509_VERIFY_PARAM_inherit -.Fa "X509_VERIFY_PARAM *destination" -.Fa "const X509_VERIFY_PARAM *source" -.Fc -.Ft int -.Fo X509_VERIFY_PARAM_set1 -.Fa "X509_VERIFY_PARAM *destination" -.Fa "const X509_VERIFY_PARAM *source" -.Fc -.Ft void -.Fo X509_VERIFY_PARAM_free -.Fa "X509_VERIFY_PARAM *param" -.Fc -.Ft int -.Fo X509_VERIFY_PARAM_add0_table -.Fa "X509_VERIFY_PARAM *param" -.Fc -.Ft const X509_VERIFY_PARAM * -.Fo X509_VERIFY_PARAM_lookup -.Fa "const char *name" -.Fc -.Ft int -.Fo X509_VERIFY_PARAM_get_count -.Fa void -.Fc -.Ft const X509_VERIFY_PARAM * -.Fo X509_VERIFY_PARAM_get0 -.Fa "int id" -.Fc -.Ft void -.Fo X509_VERIFY_PARAM_table_cleanup -.Fa void -.Fc -.Sh DESCRIPTION -.Fn X509_VERIFY_PARAM_new -allocates and initializes an empty -.Vt X509_VERIFY_PARAM -object. -.Pp -.Fn X509_VERIFY_PARAM_inherit -copies some data from the -.Fa source -object to the -.Fa destination -object. -.Pp -The verification flags set with -.Xr X509_VERIFY_PARAM_set_flags 3 -in the -.Fa source -object are always OR'ed into the verification flags of the -.Fa destination -object. -.Pp -Fields having their default value in the -.Fa source -object are not copied. -.Pp -By default, fields in the -.Fa destination -object already having a non-default value are not overwritten. -However, if at least one of the -.Fa source -or -.Fa destination -objects was created during a call to -.Xr X509_STORE_CTX_init 3 -that did not have a -.Fa store -argument, and if that object was not previously used as the -.Fa destination -in an earlier call to -.Fn X509_VERIFY_PARAM_inherit , -this restriction is waived and even non-default fields in the -.Fa destination -object get overwritten. -If fields overwritten in this way contain pointers to allocated memory, -that memory is freed. -.Pp -As far as permitted by the above rules, the following fields are copied: -.Bl -bullet -width 1n -.It -the verification purpose identifier set with -.Xr X509_VERIFY_PARAM_set_purpose 3 -.It -the trust setting set with -.Xr X509_VERIFY_PARAM_set_trust 3 -.It -the verification time set with -.Xr X509_VERIFY_PARAM_set_time 3 ; -in this case, the only condition is that -.Dv X509_V_FLAG_USE_CHECK_TIME -is not set in the -.Fa destination -object, whereas the time value in the -.Fa destination -object is not inspected before overwriting it -.It -the acceptable policy set with -.Xr X509_VERIFY_PARAM_set1_policies 3 -.It -the maximum verification depth set with -.Xr X509_VERIFY_PARAM_set_depth 3 -.It -flags that were set with -.Xr X509_VERIFY_PARAM_set_hostflags 3 -.It -the list of expected DNS hostnames built with -.Xr X509_VERIFY_PARAM_set1_host 3 -and -.Xr X509_VERIFY_PARAM_add1_host 3 -.It -the expected RFC 822 email address set with -.Xr X509_VERIFY_PARAM_set1_email 3 -.It -the expected IP address set with -.Xr X509_VERIFY_PARAM_set1_ip 3 -or -.Xr X509_VERIFY_PARAM_set1_ip_asc 3 -.El -.Pp -Some data that may be contained in the -.Fa source -object is never copied, for example the subject name of the peer -certificate that can be retrieved with -.Xr X509_VERIFY_PARAM_get0_peername 3 . -.Pp -If -.Fa source -is a -.Dv NULL -pointer, the function has no effect but returns successfully. -.Pp -.Fn X509_VERIFY_PARAM_set1 -is identical to -.Fn X509_VERIFY_PARAM_inherit -except that fields in the -.Fa destination -object are overwritten even if they do not match their default values. -Still, fields having their default value in the -.Fa source -object are not copied. -.Pp -If -.Fn X509_VERIFY_PARAM_inherit -or -.Fn X509_VERIFY_PARAM_set1 -fail, partial copying may have occurred, so all data in the -.Fa destination -object should be regarded as invalid. -.Pp -.Fn X509_VERIFY_PARAM_inherit -is used internally by -.Xr X509_STORE_CTX_init 3 -and by -.Xr X509_STORE_CTX_set_default 3 , -and -.Fn X509_VERIFY_PARAM_set1 -is used internally by -.Xr X509_STORE_set1_param 3 . -.Pp -.Fn X509_VERIFY_PARAM_free -clears all data contained in -.Fa param -and releases all memory used by it. -If -.Fa param -is a -.Dv NULL -pointer, no action occurs. -.Pp -.Fn X509_VERIFY_PARAM_add0_table -adds -.Fa param -to a static list of -.Vt X509_VERIFY_PARAM -objects maintained by the library. -This function is extremely dangerous because contrary to the name -of the function, if the list already contains an object that happens -to have the same name, that old object is not only silently removed -from the list, but also silently freed, which may silently invalidate -various pointers existing elsewhere in the program. -.Pp -.Fn X509_VERIFY_PARAM_lookup -searches this list for an object of the given -.Fa name . -If no match is found, the predefined objects built-in to the library -are also inspected. -.Pp -.Fn X509_VERIFY_PARAM_get_count -returns the sum of the number of objects on this list and the number -of predefined objects built-in to the library. -Note that this is not necessarily the total number of -.Vt X509_VERIFY_PARAM -objects existing in the program because there may be additional such -objects that were never added to the list. -.Pp -.Fn X509_VERIFY_PARAM_get0 -accesses predefined and user-defined objects using -.Fa id -as an index, useful for looping over objects without knowing their names. -An argument less than the number of predefined objects selects -one of the predefined objects; a higher argument selects an object -from the list. -.Pp -.Fn X509_VERIFY_PARAM_table_cleanup -deletes all objects from this list. -It is extremely dangerous because it also invalidates all data that -was contained in all objects that were on the list and because it -frees all these objects, which may invalidate various pointers -existing elsewhere in the program. -.Sh RETURN VALUES -.Fn X509_VERIFY_PARAM_new -returns a pointer to the new object, or -.Dv NULL -on allocation failure. -.Pp -.Fn X509_VERIFY_PARAM_inherit , -.Fn X509_VERIFY_PARAM_set1 , -and -.Fn X509_VERIFY_PARAM_add0_table -return 1 for success or 0 for failure. -.Pp -.Fn X509_VERIFY_PARAM_lookup -and -.Fn X509_VERIFY_PARAM_get0 -return a pointer to an existing built-in or user-defined object, or -.Dv NULL -if no object with the given -.Fa name -is found, or if -.Fa id -is at least -.Fn X509_VERIFY_PARAM_get_count . -.Pp -.Fn X509_VERIFY_PARAM_get_count -returns a number of objects. -.Sh SEE ALSO -.Xr SSL_set1_param 3 , -.Xr X509_STORE_CTX_set0_param 3 , -.Xr X509_STORE_set1_param 3 , -.Xr X509_verify_cert 3 , -.Xr X509_VERIFY_PARAM_set_flags 3 -.Sh HISTORY -.Fn X509_VERIFY_PARAM_new , -.Fn X509_VERIFY_PARAM_inherit , -.Fn X509_VERIFY_PARAM_set1 , -.Fn X509_VERIFY_PARAM_free , -.Fn X509_VERIFY_PARAM_add0_table , -.Fn X509_VERIFY_PARAM_lookup , -and -.Fn X509_VERIFY_PARAM_table_cleanup -first appeared in OpenSSL 0.9.8 and have been available since -.Ox 4.5 . -.Pp -.Fn X509_VERIFY_PARAM_get_count -and -.Fn X509_VERIFY_PARAM_get0 -first appeared in OpenSSL 1.0.2 and have been available since -.Ox 6.3 . diff --git a/src/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3 b/src/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3 deleted file mode 100644 index a0ae839f9a..0000000000 --- a/src/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3 +++ /dev/null @@ -1,736 +0,0 @@ -.\" $OpenBSD: X509_VERIFY_PARAM_set_flags.3,v 1.29 2023/04/30 19:40:23 tb Exp $ -.\" full merge up to: OpenSSL d33def66 Feb 9 14:17:13 2016 -0500 -.\" selective merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2018, 2021, 2022 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson -.\" and Viktor Dukhovni . -.\" Copyright (c) 2009, 2013, 2014, 2015, 2016, 2017 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: April 30 2023 $ -.Dt X509_VERIFY_PARAM_SET_FLAGS 3 -.Os -.Sh NAME -.Nm X509_VERIFY_PARAM_get0_name , -.Nm X509_VERIFY_PARAM_set1_name , -.Nm X509_VERIFY_PARAM_set_flags , -.Nm X509_VERIFY_PARAM_clear_flags , -.Nm X509_VERIFY_PARAM_get_flags , -.Nm X509_VERIFY_PARAM_set_purpose , -.Nm X509_VERIFY_PARAM_set_trust , -.Nm X509_VERIFY_PARAM_set_time , -.Nm X509_VERIFY_PARAM_get_time , -.Nm X509_VERIFY_PARAM_add0_policy , -.Nm X509_VERIFY_PARAM_set1_policies , -.Nm X509_VERIFY_PARAM_set_depth , -.Nm X509_VERIFY_PARAM_get_depth , -.Nm X509_VERIFY_PARAM_set_auth_level , -.Nm X509_VERIFY_PARAM_set1_host , -.Nm X509_VERIFY_PARAM_add1_host , -.Nm X509_VERIFY_PARAM_set_hostflags , -.Nm X509_VERIFY_PARAM_get0_peername , -.Nm X509_VERIFY_PARAM_set1_email , -.Nm X509_VERIFY_PARAM_set1_ip , -.Nm X509_VERIFY_PARAM_set1_ip_asc -.Nd X509 verification parameters -.Sh SYNOPSIS -.In openssl/x509_vfy.h -.Ft const char * -.Fo X509_VERIFY_PARAM_get0_name -.Fa "const X509_VERIFY_PARAM *param" -.Fc -.Ft int -.Fo X509_VERIFY_PARAM_set1_name -.Fa "X509_VERIFY_PARAM *param" -.Fa "const char *name" -.Fc -.Ft int -.Fo X509_VERIFY_PARAM_set_flags -.Fa "X509_VERIFY_PARAM *param" -.Fa "unsigned long flags" -.Fc -.Ft int -.Fo X509_VERIFY_PARAM_clear_flags -.Fa "X509_VERIFY_PARAM *param" -.Fa "unsigned long flags" -.Fc -.Ft unsigned long -.Fo X509_VERIFY_PARAM_get_flags -.Fa "X509_VERIFY_PARAM *param" -.Fc -.Ft int -.Fo X509_VERIFY_PARAM_set_purpose -.Fa "X509_VERIFY_PARAM *param" -.Fa "int purpose" -.Fc -.Ft int -.Fo X509_VERIFY_PARAM_set_trust -.Fa "X509_VERIFY_PARAM *param" -.Fa "int trust" -.Fc -.Ft void -.Fo X509_VERIFY_PARAM_set_time -.Fa "X509_VERIFY_PARAM *param" -.Fa "time_t t" -.Fc -.Ft time_t -.Fo X509_VERIFY_PARAM_get_time -.Fa const X509_VERIFY_PARAM *param" -.Fc -.Ft int -.Fo X509_VERIFY_PARAM_add0_policy -.Fa "X509_VERIFY_PARAM *param" -.Fa "ASN1_OBJECT *policy" -.Fc -.Ft int -.Fo X509_VERIFY_PARAM_set1_policies -.Fa "X509_VERIFY_PARAM *param" -.Fa "STACK_OF(ASN1_OBJECT) *policies" -.Fc -.Ft void -.Fo X509_VERIFY_PARAM_set_depth -.Fa "X509_VERIFY_PARAM *param" -.Fa "int depth" -.Fc -.Ft int -.Fo X509_VERIFY_PARAM_get_depth -.Fa "const X509_VERIFY_PARAM *param" -.Fc -.Ft void -.Fo X509_VERIFY_PARAM_set_auth_level -.Fa "X509_VERIFY_PARAM *param" -.Fa "int auth_level" -.Fc -.Ft int -.Fo X509_VERIFY_PARAM_set1_host -.Fa "X509_VERIFY_PARAM *param" -.Fa "const char *name" -.Fa "size_t namelen" -.Fc -.Ft int -.Fo X509_VERIFY_PARAM_add1_host -.Fa "X509_VERIFY_PARAM *param" -.Fa "const char *name" -.Fa "size_t namelen" -.Fc -.Ft void -.Fo X509_VERIFY_PARAM_set_hostflags -.Fa "X509_VERIFY_PARAM *param" -.Fa "unsigned int flags" -.Fc -.Ft char * -.Fo X509_VERIFY_PARAM_get0_peername -.Fa "X509_VERIFY_PARAM *param" -.Fc -.Ft int -.Fo X509_VERIFY_PARAM_set1_email -.Fa "X509_VERIFY_PARAM *param" -.Fa "const char *email" -.Fa "size_t emaillen" -.Fc -.Ft int -.Fo X509_VERIFY_PARAM_set1_ip -.Fa "X509_VERIFY_PARAM *param" -.Fa "const unsigned char *ip" -.Fa "size_t iplen" -.Fc -.Ft int -.Fo X509_VERIFY_PARAM_set1_ip_asc -.Fa "X509_VERIFY_PARAM *param" -.Fa "const char *ipasc" -.Fc -.Sh DESCRIPTION -These functions manipulate an -.Vt X509_VERIFY_PARAM -object associated with a certificate verification operation. -.Pp -.Fn X509_VERIFY_PARAM_get0_name -returns the name of the given -.Fa param -object, usually describing its purpose, for example -.Qq default , -.Qq pkcs7 , -.Qq smime_sign , -.Qq ssl_client , -or -.Qq ssl_server . -For user-defined objects, the returned pointer may be -.Dv NULL -even if the object is otherwise valid. -.Pp -.Fn X509_VERIFY_PARAM_set1_name -sets the name of -.Fa param -to a copy of -.Fa name , -or to -.Dv NULL -if -.Fa name -is -.Dv NULL . -.Pp -.Fn X509_VERIFY_PARAM_set_flags -sets the flags in -.Fa param -by OR'ing it with -.Fa flags . -See the -.Sx VERIFICATION FLAGS -section for a complete description of values the -.Fa flags -parameter can take. -.Pp -If the -.Fa flags -argument includes any of the flags contained in -.Dv X509_V_FLAG_POLICY_MASK , -that is, any of -.Dv X509_V_FLAG_POLICY_CHECK , -.Dv X509_V_FLAG_EXPLICIT_POLICY , -.Dv X509_V_FLAG_INHIBIT_ANY , -and -.Dv X509_V_FLAG_INHIBIT_MAP , -then -.Dv X509_V_FLAG_POLICY_CHECK -is set in addition to the flags contained in the -.Fa flags -argument. -.Pp -.Fn X509_VERIFY_PARAM_get_flags -returns the flags in -.Fa param . -.Pp -.Fn X509_VERIFY_PARAM_clear_flags -clears the specified -.Fa flags -in -.Fa param . -.Pp -Calling this function can result in unusual internal states of the -.Fa param -object, for example having a verification time configured but having -.Dv X509_V_FLAG_USE_CHECK_TIME -unset, or having -.Dv X509_V_FLAG_EXPLICIT_POLICY -set but -.Dv X509_V_FLAG_POLICY_CHECK -unset, which may have surprising effects. -.Pp -.Fn X509_VERIFY_PARAM_set_purpose -sets the verification -.Fa purpose -identifier in -.Fa param . -This determines the acceptable purpose of the certificate chain, for example -.Dv X509_PURPOSE_SSL_CLIENT -or -.Dv X509_PURPOSE_SSL_SERVER . -Standard purposes are listed in -.Xr X509_check_purpose 3 , -and additional purposes can be defined with -.Xr X509_PURPOSE_add 3 . -.Pp -.Fn X509_VERIFY_PARAM_set_trust -sets the trust setting in -.Fa param -to -.Fa trust . -.Pp -.Fn X509_VERIFY_PARAM_set_time -sets the flag -.Dv X509_V_FLAG_USE_CHECK_TIME -in -.Fa param -in addition to the flags already set and sets the verification time to -.Fa t . -If this function is not called, the current time is used instead, -or the UNIX Epoch (January 1, 1970) if -.Dv X509_V_FLAG_USE_CHECK_TIME -is manually set using -.Fn X509_VERIFY_PARAM_set_flags . -.Pp -.Fn X509_VERIFY_PARAM_add0_policy -enables policy checking (it is disabled by default) and adds -.Fa policy -to the acceptable policy set. -.Pp -.Fn X509_VERIFY_PARAM_set1_policies -enables policy checking (it is disabled by default) and sets the -acceptable policy set to -.Fa policies . -Any existing policy set is cleared. -The -.Fa policies -parameter can be -.Dv NULL -to clear an existing policy set. -.Pp -.Fn X509_VERIFY_PARAM_set_depth -sets the maximum verification depth to -.Fa depth . -That is the maximum number of untrusted CA certificates that can appear -in a chain. -.Pp -.Fn X509_VERIFY_PARAM_set_auth_level -sets the security level as defined in -.Xr SSL_CTX_set_security_level 3 -for certificate chain validation. -For a certificate chain to validate, the public keys of all the -certificates must meet the specified security level. -The signature algorithm security level is not enforced for the -chain's trust anchor certificate, which is either directly trusted -or validated by means other than its signature. -.Pp -From the point of view of the X.509 library, -the default security level is 0. -However, the SSL library -uses a different default security level of 1 and calls -.Fn X509_VERIFY_PARAM_set_auth_level -with its own level before validating a certificate chain. -.Pp -.Fn X509_VERIFY_PARAM_set1_host -sets the expected DNS hostname to -.Fa name -clearing any previously specified hostname or names. -If -.Fa name -is -.Dv NULL -or empty, the list of hostnames is cleared, and name checks are not -performed on the peer certificate. -.Fa namelen -should be set to the length of -.Fa name . -For historical compatibility, if -.Fa name -is NUL-terminated, -.Fa namelen -may be specified as zero. -When a hostname is specified, certificate verification automatically -invokes -.Xr X509_check_host 3 -with flags equal to the -.Fa flags -argument given to -.Fn X509_VERIFY_PARAM_set_hostflags -(default zero). -.Fn X509_VERIFY_PARAM_set1_host -will fail if -.Fa name -contains any embedded 0 bytes. -.Pp -.Fn X509_VERIFY_PARAM_add1_host -adds -.Fa name -as an additional reference identifier that can match the peer's -certificate. -Any previous names set via -.Fn X509_VERIFY_PARAM_set1_host -and -.Fn X509_VERIFY_PARAM_add1_host -are retained. -No change is made if -.Fa name -is -.Dv NULL -or empty. -.Fa namelen -should be set to the length of -.Fa name . -For historical compatibility, if -.Fa name -is NUL-terminated, -.Fa namelen -may be specified as zero. -.Fn X509_VERIFY_PARAM_add1_host -will fail if -.Fa name -contains any embedded 0 bytes. -When multiple names are configured, the peer is considered verified when -any name matches. -.Pp -.Fn X509_VERIFY_PARAM_get0_peername -returns the DNS hostname or subject CommonName from the peer certificate -that matched one of the reference identifiers. -When wildcard matching is not disabled, or when a reference identifier -specifies a parent domain (starts with ".") rather than a hostname, the -peer name may be a wildcard name or a sub-domain of the reference -identifier respectively. -.Pp -.Fn X509_VERIFY_PARAM_set1_email -sets the expected RFC 822 email address to -.Fa email . -.Fa emaillen -should be set to the length of -.Fa email . -For historical compatibility, if -.Fa email -is NUL-terminated, -.Fa emaillen -may be specified as zero, -.Fn X509_VERIFY_PARAM_set1_email -will fail if -.Fa email -is NULL, an empty string, or contains embedded 0 bytes. -When an email address is specified, certificate verification -automatically invokes -.Xr X509_check_email 3 . -.Pp -.Fn X509_VERIFY_PARAM_set1_ip -sets the expected IP address to -.Fa ip . -The -.Fa ip -argument is in binary format, in network byte-order, and -.Fa iplen -must be set to 4 for IPv4 and 16 for IPv6. -.Fn X509_VERIFY_PARAM_set1_ip -will fail if -.Fa ip -is NULL or if -.Fa iplen -is not 4 or 16. -When an IP address is specified, -certificate verification automatically invokes -.Xr X509_check_ip 3 . -.Pp -.Fn X509_VERIFY_PARAM_set1_ip_asc -sets the expected IP address to -.Fa ipasc . -The -.Fa ipasc -argument is a NUL-terminal ASCII string: -dotted decimal quad for IPv4 and colon-separated hexadecimal for IPv6. -The condensed "::" notation is supported for IPv6 addresses. -.Fn X509_VERIFY_PARAM_set1_ip_asc -will fail if -.Fa ipasc -is unparsable. -.Sh RETURN VALUES -.Fn X509_VERIFY_PARAM_set1_name , -.Fn X509_VERIFY_PARAM_set_flags , -.Fn X509_VERIFY_PARAM_clear_flags , -.Fn X509_VERIFY_PARAM_set_purpose , -.Fn X509_VERIFY_PARAM_set_trust , -.Fn X509_VERIFY_PARAM_add0_policy , -and -.Fn X509_VERIFY_PARAM_set1_policies -return 1 for success or 0 for failure. -.Pp -.Fn X509_VERIFY_PARAM_set1_host , -.Fn X509_VERIFY_PARAM_add1_host , -.Fn X509_VERIFY_PARAM_set1_email , -.Fn X509_VERIFY_PARAM_set1_ip , -and -.Fn X509_VERIFY_PARAM_set1_ip_asc -return 1 for success or 0 for failure. -A failure from these routines will poison -the -.Vt X509_VERIFY_PARAM -object so that future calls to -.Xr X509_verify_cert 3 -using the poisoned object will fail. -.Pp -.Fn X509_VERIFY_PARAM_get_flags -returns the current verification flags. -.Pp -.Fn X509_VERIFY_PARAM_get_time -always returns the configured verification time. -It does so even if the returned time will not be used because the flag -.Dv X509_V_FLAG_USE_CHECK_TIME -is unset. -.Pp -.Fn X509_VERIFY_PARAM_get_depth -returns the current verification depth. -.Pp -.Fn X509_VERIFY_PARAM_get0_name -and -.Fn X509_VERIFY_PARAM_get0_peername -return pointers to strings that are only valid -during the lifetime of the given -.Fa param -object and that must not be freed by the application program. -.Sh VERIFICATION FLAGS -The verification flags consists of zero or more of the following -flags OR'ed together. -.Pp -.Dv X509_V_FLAG_CRL_CHECK -enables CRL checking for the certificate chain leaf certificate. -An error occurs if a suitable CRL cannot be found. -.Pp -.Dv X509_V_FLAG_CRL_CHECK_ALL -enables CRL checking for the entire certificate chain. -.Pp -.Dv X509_V_FLAG_IGNORE_CRITICAL -disables critical extension checking. -By default any unhandled critical extensions in certificates or (if -checked) CRLs results in a fatal error. -If this flag is set, unhandled critical extensions are ignored. -.Sy WARNING : -setting this option for anything other than debugging purposes can be a -security risk. -Finer control over which extensions are supported can be performed in -the verification callback. -.Pp -The -.Dv X509_V_FLAG_X509_STRICT -flag disables workarounds for some broken certificates and makes the -verification strictly apply X509 rules. -.Pp -.Dv X509_V_FLAG_ALLOW_PROXY_CERTS -deprecated flag that used to -enable proxy certificate verification. -In LibreSSL, this flag has no effect. -.Pp -.Dv X509_V_FLAG_POLICY_CHECK -enables certificate policy checking; by default no policy checking is -performed. -Additional information is sent to the verification callback relating to -policy checking. -.Pp -.Dv X509_V_FLAG_EXPLICIT_POLICY , -.Dv X509_V_FLAG_INHIBIT_ANY , -and -.Dv X509_V_FLAG_INHIBIT_MAP -set the -.Dq require explicit policy , -.Dq inhibit any policy , -and -.Dq inhibit policy mapping -flags, respectively, as defined in RFC 3280. -These three flags are ignored unless -.Dv X509_V_FLAG_POLICY_CHECK -is also set. -.Pp -If -.Dv X509_V_FLAG_NOTIFY_POLICY -is set and policy checking is successful, a special status code is -sent to the verification callback. -.Pp -By default some additional features such as indirect CRLs and CRLs -signed by different keys are disabled. -If -.Dv X509_V_FLAG_EXTENDED_CRL_SUPPORT -is set, they are enabled. -.Pp -If -.Dv X509_V_FLAG_USE_DELTAS -is set, delta CRLs (if present) are used to determine certificate -status. -If not set, deltas are ignored. -.Pp -.Dv X509_V_FLAG_CHECK_SS_SIGNATURE -enables checking of the root CA self signed certificate signature. -By default this check is disabled because it doesn't add any additional -security but in some cases applications might want to check the -signature anyway. -A side effect of not checking the root CA signature is that disabled or -unsupported message digests on the root CA are not treated as fatal -errors. -.Pp -The deprecated -.Dv X509_V_FLAG_CB_ISSUER_CHECK -flag used to enable debugging of certificate issuer checks. -It is provided for binary backwards compatibility and has no effect. -.Pp -When -.Dv X509_V_FLAG_TRUSTED_FIRST -is set, construction of the certificate chain in -.Xr X509_verify_cert 3 -will search the trust store for issuer certificates before searching the -provided untrusted certificates. -Local issuer certificates are often more likely to satisfy local -security requirements and lead to a locally trusted root. -This is especially important when some certificates in the trust store -have explicit trust settings; see the trust settings options of the -.Cm x509 -command in -.Xr openssl 1 . -.Pp -The -.Dv X509_V_FLAG_NO_ALT_CHAINS -flag suppresses checking for alternative chains. -By default, unless -.Dv X509_V_FLAG_TRUSTED_FIRST -is set, when building a certificate chain, if the first certificate -chain found is not trusted, then OpenSSL will attempt to replace -untrusted certificates supplied by the peer with certificates from the -trust store to see if an alternative chain can be found that is trusted. -.Pp -The -.Dv X509_V_FLAG_PARTIAL_CHAIN -flag causes intermediate certificates in the trust store to be treated -as trust-anchors, in the same way as the self-signed root CA -certificates. -This makes it possible to trust certificates issued by an intermediate -CA without having to trust its ancestor root CA. -.Pp -If -.Dv X509_V_FLAG_USE_CHECK_TIME -is set, the validity period of certificates and CRLs is checked. -In this case, -.Dv X509_V_FLAG_NO_CHECK_TIME -is ignored. -If the validation time was set with -.Fn X509_VERIFY_PARAM_set_time , -that time is used. -If -.Fn X509_VERIFY_PARAM_set_time -was not called, the UNIX Epoch (January 1, 1970) is used. -.Pp -If neither -.Dv X509_V_FLAG_USE_CHECK_TIME -nor -.Dv X509_V_FLAG_NO_CHECK_TIME -is set, the validity period of certificates and CRLs is checked -using the current time. -This is the default behaviour. -In this case, if a validation time was set with -.Fn X509_VERIFY_PARAM_set_time -but -.Dv X509_V_FLAG_USE_CHECK_TIME -was later cleared with -.Fn X509_VERIFY_PARAM_clear_flags , -the configured validation time is ignored -and the current time is used anyway. -.Pp -If -.Dv X509_V_FLAG_USE_CHECK_TIME -is not set but -.Dv X509_V_FLAG_NO_CHECK_TIME -is set, the validity period of certificates and CRLs is not checked -at all, and like in the previous case, any configured validation -time is ignored. -.Sh EXAMPLES -Enable CRL checking when performing certificate verification during -SSL connections associated with an -.Vt SSL_CTX -structure -.Fa ctx : -.Bd -literal -offset indent -X509_VERIFY_PARAM *param; - -param = X509_VERIFY_PARAM_new(); -X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK); -SSL_CTX_set1_param(ctx, param); -X509_VERIFY_PARAM_free(param); -.Ed -.Sh SEE ALSO -.Xr SSL_set1_host 3 , -.Xr SSL_set1_param 3 , -.Xr X509_check_host 3 , -.Xr X509_STORE_CTX_new 3 , -.Xr X509_STORE_new 3 , -.Xr X509_verify_cert 3 , -.Xr X509_VERIFY_PARAM_new 3 -.Sh HISTORY -.Fn X509_VERIFY_PARAM_set1_name , -.Fn X509_VERIFY_PARAM_set_flags , -.Fn X509_VERIFY_PARAM_set_purpose , -.Fn X509_VERIFY_PARAM_set_trust , -.Fn X509_VERIFY_PARAM_set_time , -.Fn X509_VERIFY_PARAM_add0_policy , -.Fn X509_VERIFY_PARAM_set1_policies , -.Fn X509_VERIFY_PARAM_set_depth , -and -.Fn X509_VERIFY_PARAM_get_depth -first appeared in OpenSSL 0.9.8. -.Fn X509_VERIFY_PARAM_clear_flags -and -.Fn X509_VERIFY_PARAM_get_flags -first appeared in OpenSSL 0.9.8a. -All these functions have been available since -.Ox 4.5 . -.Pp -.Fn X509_VERIFY_PARAM_get0_name , -.Fn X509_VERIFY_PARAM_set1_host , -.Fn X509_VERIFY_PARAM_add1_host , -.Fn X509_VERIFY_PARAM_set_hostflags , -.Fn X509_VERIFY_PARAM_get0_peername , -.Fn X509_VERIFY_PARAM_set1_email , -.Fn X509_VERIFY_PARAM_set1_ip , -and -.Fn X509_VERIFY_PARAM_set1_ip_asc -first appeared in OpenSSL 1.0.2 and have been available since -.Ox 6.3 . -.Pp -.Fn X509_VERIFY_PARAM_set_auth_level -first appeared in OpenSSL 1.1.0 and -.Fn X509_VERIFY_PARAM_get_time -in OpenSSL 1.1.0d. -Both functions have been available since -.Ox 7.2 . -.Sh BUGS -Delta CRL checking is currently primitive. -Only a single delta can be used and (partly due to limitations of -.Vt X509_STORE ) -constructed CRLs are not maintained. -.Pp -If CRLs checking is enabled, CRLs are expected to be available in -the corresponding -.Vt X509_STORE -structure. -No attempt is made to download CRLs from the CRL distribution points -extension. diff --git a/src/lib/libcrypto/man/X509_add1_trust_object.3 b/src/lib/libcrypto/man/X509_add1_trust_object.3 deleted file mode 100644 index 067bf64464..0000000000 --- a/src/lib/libcrypto/man/X509_add1_trust_object.3 +++ /dev/null @@ -1,99 +0,0 @@ -.\" $OpenBSD: X509_add1_trust_object.3,v 1.4 2024/09/02 08:04:32 tb Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: September 2 2024 $ -.Dt X509_ADD1_TRUST_OBJECT 3 -.Os -.Sh NAME -.Nm X509_add1_trust_object , -.Nm X509_trust_clear , -.Nm X509_add1_reject_object , -.Nm X509_reject_clear -.Nd mark an X.509 certificate as intended for a specific purpose -.Sh SYNOPSIS -.In openssl/x509.h -.Ft int -.Fo X509_add1_trust_object -.Fa "X509 *x" -.Fa "const ASN1_OBJECT *purpose" -.Fc -.Ft void -.Fo X509_trust_clear -.Fa "X509 *x" -.Fc -.Ft int -.Fo X509_add1_reject_object -.Fa "X509 *x" -.Fa "const ASN1_OBJECT *purpose" -.Fc -.Ft void -.Fo X509_reject_clear -.Fa "X509 *x" -.Fc -.Sh DESCRIPTION -.Fn X509_add1_trust_object -appends a deep copy of the -.Fa purpose -object to the set of intended purposes that -.Fa x -contains as non-standard auxiliary data. -The function -.Xr OBJ_nid2obj 3 -can be used to create appropriate purpose objects from the -.Dv NID_* -constants mentioned in -.Xr X509_check_purpose 3 , -even though the -.Dv X509_PURPOSE_* -constants listed in that manual page are not intended for use with -.Fn X509_add1_trust_object . -.Pp -.Fn X509_trust_clear -frees and removes all purpose objects from the set of intended -purposes in the non-standard auxiliary data of -.Fa x . -.Pp -.Fn X509_add1_reject_object -and -.Fn X509_reject_clear -are similar except that they operate on a set of unintended purposes. -.Pp -As an alternative to using the functions documented in the present -manual page, X.509 certificate extensions can be used. -At the price of higher complexity, those allow storing the purpose -inside the certificate itself in a standard-conforming way rather than -merely in non-standard auxiliary data associated with the certificate. -See -.Xr EXTENDED_KEY_USAGE_new 3 -for details. -.Sh RETURN VALUES -.Fn X509_add1_trust_object -and -.Fn X509_add1_reject_object -return the new number of purposes in the respective set -or 0 if an error occurs, in particular if memory -allocation fails or if -.Fa x -does not contain a sub-object that can hold non-standard auxiliary data. -.Sh SEE ALSO -.Xr ASN1_OBJECT_new 3 , -.Xr EXTENDED_KEY_USAGE_new 3 , -.Xr OBJ_nid2obj 3 , -.Xr X509_CERT_AUX_new 3 , -.Xr X509_new 3 -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.4 and have been available since -.Ox 2.7 . diff --git a/src/lib/libcrypto/man/X509_check_ca.3 b/src/lib/libcrypto/man/X509_check_ca.3 deleted file mode 100644 index 114bac69e7..0000000000 --- a/src/lib/libcrypto/man/X509_check_ca.3 +++ /dev/null @@ -1,117 +0,0 @@ -.\" $OpenBSD: X509_check_ca.3,v 1.7 2022/05/10 19:44:29 tb Exp $ -.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file was written by Victor B. Wagner . -.\" Copyright (c) 2015, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: May 10 2022 $ -.Dt X509_CHECK_CA 3 -.Os -.Sh NAME -.Nm X509_check_ca -.Nd check whether a certificate is a CA certificate -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft int -.Fo X509_check_ca -.Fa "X509 *cert" -.Fc -.Sh DESCRIPTION -The -.Fn X509_check_ca -function checks whether the given certificate is a CA certificate, -that is, whether it can be used to sign other certificates. -.Sh RETURN VALUES -If -.Fa cert -is a CA certificate, a non-zero value is returned; 0 otherwise. -.Pp -The following return values identify specific kinds of CA certificates: -.Bl -tag -width 2n -.It 1 -an X.509 v3 CA certificate with -.Sy basicConstraints -extension CA:TRUE -.It 3 -a self-signed X.509 v1 certificate -.It 4 -a certificate with -.Sy keyUsage -extension with bit -.Sy keyCertSign -set, but without -.Sy basicConstraints -.It 5 -a certificate with an outdated Netscape Certificate Type extension telling -that it is a CA certificate -.El -.Sh SEE ALSO -.Xr BASIC_CONSTRAINTS_new 3 , -.Xr EXTENDED_KEY_USAGE_new 3 , -.Xr X509_check_issued 3 , -.Xr X509_check_purpose 3 , -.Xr X509_EXTENSION_new 3 , -.Xr X509_new 3 , -.Xr X509_verify_cert 3 -.Sh HISTORY -.Fn X509_check_ca -first appeared in OpenSSL 0.9.7f and has been available since -.Ox 3.8 . -.Sh BUGS -If -.Fn X509_check_ca -fails to cache X509v3 extension values, the return value may -be incorrect. -An application should -call -.Xr X509_check_purpose 3 -with a -.Fa purpose -argument of \-1, -ensuring that the X509v3 extensions are cached, -before calling -.Fn X509_check_ca . diff --git a/src/lib/libcrypto/man/X509_check_host.3 b/src/lib/libcrypto/man/X509_check_host.3 deleted file mode 100644 index dbc56c0d21..0000000000 --- a/src/lib/libcrypto/man/X509_check_host.3 +++ /dev/null @@ -1,246 +0,0 @@ -.\" $OpenBSD: X509_check_host.3,v 1.6 2020/09/17 08:04:22 schwarze Exp $ -.\" full merge up to: OpenSSL a09e4d24 Jun 12 01:56:31 2014 -0400 -.\" selective merge up to: OpenSSL 6328d367 Jul 4 21:58:30 2020 +0200 -.\" -.\" This file was written by Florian Weimer and -.\" Viktor Dukhovni . -.\" Copyright (c) 2012, 2014, 2015, 2016 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: September 17 2020 $ -.Dt X509_CHECK_HOST 3 -.Os -.Sh NAME -.Nm X509_check_host , -.Nm X509_check_email , -.Nm X509_check_ip , -.Nm X509_check_ip_asc -.Nd X.509 certificate matching -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft int -.Fo X509_check_host -.Fa "X509 *x" -.Fa "const char *name" -.Fa "size_t namelen" -.Fa "unsigned int flags" -.Fa "char **peername" -.Fc -.Ft int -.Fo X509_check_email -.Fa "X509 *x" -.Fa "const char *address" -.Fa "size_t addresslen" -.Fa "unsigned int flags" -.Fc -.Ft int -.Fo X509_check_ip -.Fa "X509 *x" -.Fa "const unsigned char *address" -.Fa "size_t addresslen" -.Fa "unsigned int flags" -.Fc -.Ft int -.Fo X509_check_ip_asc -.Fa "X509 *x" -.Fa "const char *address" -.Fa "unsigned int flags" -.Fc -.Sh DESCRIPTION -The certificate matching functions are used to check whether a -certificate matches a given hostname, email address, or IP address. -The validity of the certificate and its trust level has to be checked by -other means. -.Pp -.Fn X509_check_host -checks if the certificate Subject Alternative Name (SAN) or Subject -CommonName (CN) matches the specified hostname, which must be encoded -in the preferred name syntax described in section 3.5 of RFC 1034. -By default, wildcards are supported and they match only in the -left-most label; they may match part of that label with an -explicit prefix or suffix. -For example, by default, the host -.Fa name -.Qq www.example.com -would match a certificate with a SAN or CN value of -.Qq *.example.com , -.Qq w*.example.com -or -.Qq *w.example.com . -.Pp -Per section 6.4.2 of RFC 6125, -.Fa name -values representing international domain names must be given in A-label -form. -The -.Fa namelen -argument must be the number of characters in the name string or zero, in -which case the length is calculated with -.Fn strlen name . -When -.Fa name -starts with a dot (e.g.\& -.Qq .example.com ) , -it will be matched by a certificate valid for any sub-domain of -.Fa name ; -see also -.Fa X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS -below. -.Pp -When the certificate is matched and -.Fa peername -is not -.Dv NULL , -a pointer to a copy of the matching SAN or CN from the peer -certificate is stored at the address passed in -.Fa peername . -The application is responsible for freeing the peername via -.Xr free 3 -when it is no longer needed. -.Pp -.Fn X509_check_email -checks if the certificate matches the specified email -.Fa address . -Only the mailbox syntax of RFC 822 is supported. -Comments are not allowed, -and no attempt is made to normalize quoted characters. -The -.Fa addresslen -argument must be the number of characters in the address string or zero, -in which case the length is calculated with -.Fn strlen address . -.Pp -.Fn X509_check_ip -checks if the certificate matches a specified IPv4 or IPv6 address. -The -.Fa address -array is in binary format, in network byte order. -The length is either 4 (IPv4) or 16 (IPv6). -Only explicitly marked addresses in the certificates are considered; -IP addresses stored in DNS names and Common Names are ignored. -.Pp -.Fn X509_check_ip_asc -is similar, except that the NUL-terminated string -.Fa address -is first converted to the internal representation. -.Pp -The -.Fa flags -argument is usually 0, but it can be the bitwise OR of the following -flags. -.Pp -The -.Dv X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT -flag causes the function to consider the subject DN even if the -certificate contains at least one subject alternative name of the right -type (DNS name or email address as appropriate); the default is to -ignore the subject DN when at least one corresponding subject -alternative names is present. -.Pp -The remaining flags are only meaningful for -.Fn X509_check_host . -.Pp -The -.Dv X509_CHECK_FLAG_NO_WILDCARDS -flag disables wildcard expansion. -.Pp -The -.Dv X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS -flag suppresses support for -.Qq * -as a wildcard pattern in labels that have a -prefix or suffix, such as -.Qq www* -or -.Qq *www . -.Pp -The -.Dv X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS -flag allows a -.Qq * -that constitutes the complete label of a DNS name (e.g.\& -.Qq *.example.com ) -to match more than one label in -.Fa name . -.Pp -The -.Dv X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS -flag restricts -.Fa name -values which start with -.Qq \&. , -that would otherwise match any sub-domain in the peer certificate, -to only match direct child sub-domains. -Thus, for instance, with this flag set a -.Fa name -of -.Qq .example.com -would match a peer certificate with a DNS name of -.Qq www.example.com , -but would not match a peer certificate with a DNS name of -.Qq www.sub.example.com . -.Sh RETURN VALUES -The functions return 1 for a successful match, 0 for a failed match and --1 for an internal error: typically a memory allocation failure or an -ASN.1 decoding error. -.Pp -All functions can also return -2 if the input is malformed. -For example, -.Fn X509_check_host -returns -2 if the provided -.Fa name -contains embedded NUL bytes. -.Sh SEE ALSO -.Xr SSL_set1_host 3 , -.Xr X509_EXTENSION_new 3 , -.Xr X509_get1_email 3 , -.Xr X509_new 3 , -.Xr X509_VERIFY_PARAM_set1_host 3 -.Sh HISTORY -These functions first appeared in OpenSSL 1.0.2 -and have been available since -.Ox 6.1 . diff --git a/src/lib/libcrypto/man/X509_check_issued.3 b/src/lib/libcrypto/man/X509_check_issued.3 deleted file mode 100644 index f8c2a5297a..0000000000 --- a/src/lib/libcrypto/man/X509_check_issued.3 +++ /dev/null @@ -1,109 +0,0 @@ -.\" $OpenBSD: X509_check_issued.3,v 1.4 2019/06/06 01:06:59 schwarze Exp $ -.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file was written by Victor B. Wagner . -.\" Copyright (c) 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: June 6 2019 $ -.Dt X509_CHECK_ISSUED 3 -.Os -.Sh NAME -.Nm X509_check_issued -.Nd check whether a certificate was issued using a given CA certificate -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft int -.Fo X509_check_issued -.Fa "X509 *issuer" -.Fa "X509 *subject" -.Fc -.Sh DESCRIPTION -This function checks whether the certificate -.Fa subject -was issued using the CA certificate -.Fa issuer . -It does the following checks: -.Bl -bullet -.It -match the issuer field of -.Fa subject -against the subject field of -.Fa issuer -.It -if -.Sy authorityKeyIdentifier -is present in the -.Fa subject -certificate, -compare it to the -.Sy subjectKeyIdentifier -of -.Fa issuer -.It -check the -.Sy keyUsage -field of -.Fa issuer . -.El -.Sh RETURN VALUES -This function returns -.Dv X509_V_OK -if the certificate -.Fa subject -is issued by -.Fa issuer , -or some -.Dv X509_V_ERR* -constant to indicate an error. -.Sh SEE ALSO -.Xr X509_check_ca 3 , -.Xr X509_new 3 , -.Xr X509_verify_cert 3 -.Sh HISTORY -.Fn X509_check_issued -first appeared in OpenSSL 0.9.6 and has been available since -.Ox 2.9 . diff --git a/src/lib/libcrypto/man/X509_check_private_key.3 b/src/lib/libcrypto/man/X509_check_private_key.3 deleted file mode 100644 index 31df2126cc..0000000000 --- a/src/lib/libcrypto/man/X509_check_private_key.3 +++ /dev/null @@ -1,73 +0,0 @@ -.\" $OpenBSD: X509_check_private_key.3,v 1.6 2019/06/06 01:06:59 schwarze Exp $ -.\" OpenSSL X509_check_private_key.pod 09ddb878 Jun 5 03:56:07 2017 +0800 -.\" -.\" Copyright (c) 2017 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: June 6 2019 $ -.Dt X509_CHECK_PRIVATE_KEY 3 -.Os -.Sh NAME -.Nm X509_check_private_key , -.Nm X509_REQ_check_private_key -.Nd compare public key components -.Sh SYNOPSIS -.In openssl/x509.h -.Ft int -.Fo X509_check_private_key -.Fa "const X509 *x" -.Fa "const EVP_PKEY *k" -.Fc -.Ft int -.Fo X509_REQ_check_private_key -.Fa "X509_REQ *x" -.Fa "EVP_PKEY *k" -.Fc -.Sh DESCRIPTION -These functions are seriously misnamed. -.Fn X509_check_private_key -compares the -.Em public -key components (e.g. exponent and modulus of an RSA key) -and parameters (e.g. EC params of an EC key) of -.Fa k -with the corresponding properties of -.Fa x . -Despite the name, it neither checks whether -.Fa k -contains private key components at all, nor, if any are present, -whether they are consistent with the public key components. -.Pp -.Fn X509_REQ_check_private_key -is equivalent to -.Fn X509_check_private_key -except that it compares to the public key -contained in a certificate request. -.Sh RETURN VALUES -These functions return 1 if the public key components and parameters -match, or 0 if they do not or if an error occurs. -On error or mismatch, a reason code can be obtained using -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr SSL_check_private_key 3 , -.Xr X509_new 3 , -.Xr X509_REQ_new 3 -.Sh HISTORY -.Fn X509_check_private_key -first appeared in SSLeay 0.6.5 and has been available since -.Ox 2.4 . -.Pp -.Fn X509_REQ_check_private_key -first appeared in OpenSSL 0.9.8 and has been available since -.Ox 4.5 . diff --git a/src/lib/libcrypto/man/X509_check_purpose.3 b/src/lib/libcrypto/man/X509_check_purpose.3 deleted file mode 100644 index 8fea6679fc..0000000000 --- a/src/lib/libcrypto/man/X509_check_purpose.3 +++ /dev/null @@ -1,431 +0,0 @@ -.\" $OpenBSD: X509_check_purpose.3,v 1.12 2024/09/02 08:04:32 tb Exp $ -.\" -.\" Copyright (c) 2019, 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: September 2 2024 $ -.Dt X509_CHECK_PURPOSE 3 -.Os -.Sh NAME -.Nm X509_check_purpose -.Nd check intended usage of a public key -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft int -.Fo X509_check_purpose -.Fa "X509 *certificate" -.Fa "int purpose" -.Fa "int ca" -.Fc -.Sh DESCRIPTION -If the -.Fa purpose -argument is \-1, -.Fn X509_check_purpose -ignores the -.Fa ca -argument and checks that all the extensions of the -.Fa certificate -can be parsed and pass minimal sanity checks, ensuring that -no extension occurs more than once. -It also makes sure that all extensions are cached in the -.Vt X509 -object. -.Pp -If the -.Fa purpose -argument is not \-1 and the -.Fa ca -flag is 0, -.Fn X509_check_purpose -also checks whether the public key contained in the -.Fa certificate -is intended to be used for the given -.Fa purpose , -which can be one of the following integer constants. -The check succeeds if none of the conditions given in the list below -are violated. -It always fails if parsing fails for any extension contained in the -.Fa certificate . -.Bl -tag -width 1n -.It Dv X509_PURPOSE_SSL_CLIENT -.Bl -dash -width 1n -compact -.It -If the -.Fa certificate -contains an Extended Key Usage extension, it contains the RFC 5280 -.Dq TLS WWW client authentication -purpose -.Pq Dv NID_client_auth . -.It -If the -.Fa certificate -contains a Key Usage extension, the -.Dv digitalSignature -bit is set. -.It -If the -.Fa certificate -contains a Netscape Cert Type extension, the -.Dq SSL client certificate -bit is set -.Pq Dv NS_SSL_CLIENT . -.El -.It Dv X509_PURPOSE_SSL_SERVER -.Bl -dash -width 1n -compact -.It -If the -.Fa certificate -contains an Extended Key Usage extension, it contains the RFC 5280 -.Dq TLS WWW server authentication -purpose -.Pq Dv NID_server_auth -or the private -.Dq Netscape Server Gated Crypto -.Pq Dv NID_ns_sgc -or -.Dq Microsoft Server Gated Crypto -.Pq Dv NID_ms_sgc -purpose. -.It -If the -.Fa certificate -contains a Key Usage extension, at least one of the -.Dv digitalSignature -and -.Dv keyEncipherment -bits is set. -.It -If the -.Fa certificate -contains a Netscape Cert Type extension, the -.Dq SSL server certificate -bit is set -.Pq Dv NS_SSL_SERVER -.El -.It Dv X509_PURPOSE_NS_SSL_SERVER -.\" check_purpose_ns_ssl_server, "Netscape SSL server" -This does the same checks as -.Dv X509_PURPOSE_SSL_SERVER -and additionally requires that a Key Usage extension, if present, -has the -.Dv keyEncipherment -bit set. -.It Dv X509_PURPOSE_SMIME_SIGN -.\" check_purpose_smime_sign, "S/MIME signing" -.Bl -dash -width 1n -compact -.It -If the -.Fa certificate -contains an Extended Key Usage extension, it contains the RFC 5280 -.Dq Email protection -purpose -.Pq Dv NID_email_protect . -.It -If the -.Fa certificate -contains a Key Usage extension, at least one of the -.Dv digitalSignature -and -.Dv nonRepudiation -bits is set. -.It -If the -.Fa certificate -contains a Netscape Cert Type extension, it has the -.Dq S/MIME certificate -bit set. -If the -.Dq SSL client certificate -bit is set but the -.Dq S/MIME certificate -bit is not, no decision is made. -.El -.It Dv X509_PURPOSE_SMIME_ENCRYPT -.\" check_purpose_smime_encrypt, "S/MIME encryption" -.Bl -dash -width 1n -compact -.It -If the -.Fa certificate -contains an Extended Key Usage extension, it contains the RFC 5280 -.Dq Email protection -purpose -.Pq Dv NID_email_protect . -.It -If the -.Fa certificate -contains a Key Usage extension, the -.Dv keyEncipherment -bit is set. -.It -If the -.Fa certificate -contains a Netscape Cert Type extension, it has the -.Dq S/MIME certificate -bit set. -If the -.Dq SSL client certificate -bit is set but the -.Dq S/MIME certificate -bit is not, no decision is made. -.El -.It Dv X509_PURPOSE_CRL_SIGN -.\" check_purpose_crl_sign, "CRL signing" -.Bl -dash -width 1n -compact -.It -If the -.Fa certificate -contains a Key Usage extension, the -.Dv cRLSign -bit is set. -.El -.It Dv X509_PURPOSE_ANY -Nothing is required except that, if any extensions are present, -parsing them needs to succeed. -.It Dv X509_PURPOSE_OCSP_HELPER -.\" ocsp_helper, "OCSP helper" -Nothing is required except that, if any extensions are present, -parsing them needs to succeed. -The application program is expected -to do the actual checking by other means. -.It Dv X509_PURPOSE_TIMESTAMP_SIGN -.\" check_purpose_timestamp_sign, "Time Stamp signing" -.Bl -dash -width 1n -compact -.It -The -.Fa certificate -contains an Extended Key Usage extension containing the RFC 5280 -.Dq Time Stamping -purpose and no other purpose. -This extension is marked as critical. -.It -If the -.Fa certificate -contains a Key Usage extension, at least one of the -.Dv digitalSignature -and -.Dv nonRepudiation -bits is set, and no other bits are set. -.El -.El -.Pp -If the -.Fa purpose -argument is not \-1 and the -.Fa ca -flag is non-zero, -.Fn X509_check_purpose -instead checks, in addition to the minimal sanity checks, whether the -.Fa certificate -can be used as a certificate authority certificate -in the context of the given -.Fa purpose . -To succeed, the check always requires that none of the following -conditions are violated: -.Pp -.Bl -dash -width 1n -compact -.It -If the -.Fa certificate -contains any extensions, parsing them succeeds. -.It -If the -.Fa certificate -contains a Key Usage extension, the -.Dv keyCertSign -bit is set. -.It -If the -.Fa certificate -contains a Basic Constraints extension, the -.Fa cA -field is set. -.It -If the -.Fa certificate -is a version 1 certificate, the subject name matches the issuer name -and the certificate is self signed. -.El -.Pp -The check succeeds if none of the additional conditions given in -the list below are violated. -.Bl -tag -width 1n -.It Dv X509_PURPOSE_SSL_CLIENT -.Bl -dash -width 1n -compact -.It -If the -.Fa certificate -contains an Extended Key Usage extension, it contains the RFC 5280 -.Dq TLS WWW client authentication -purpose -.Pq Dv NID_client_auth . -.It -If the -.Fa certificate -is not a version 1 certificate and does not contain a Basic Constraints -extension, it contains a Key Usage extension with the -.Dv keyCertSign -bit set or a Netscape Cert Type extension with the -.Dq SSL CA certificate -bit set. -.El -.It Dv X509_PURPOSE_SSL_SERVER No or Dv X509_PURPOSE_NS_SSL_SERVER -.Bl -dash -width 1n -compact -.It -If the -.Fa certificate -contains an Extended Key Usage extension, it contains the RFC 5280 -.Dq TLS WWW server authentication -purpose -.Pq Dv NID_server_auth -or the private -.Dq Netscape Server Gated Crypto -.Pq Dv NID_ns_sgc -or -.Dq Microsoft Server Gated Crypto -.Pq Dv NID_ms_sgc -purpose. -.It -If the -.Fa certificate -is not a version 1 certificate and does not contain a Basic Constraints -extension, it contains a Key Usage extension with the -.Dv keyCertSign -bit set or a Netscape Cert Type extension with the -.Dq SSL CA certificate -bit set. -.El -.It Dv X509_PURPOSE_SMIME_SIGN No or Dv X509_PURPOSE_SMIME_ENCRYPT -.Bl -dash -width 1n -compact -.It -If the -.Fa certificate -contains an Extended Key Usage extension, it contains the RFC 5280 -.Dq Email protection -purpose -.Pq Dv NID_email_protect . -.It -If the -.Fa certificate -is not a version 1 certificate and does not contain a Basic Constraints -extension, it contains a Key Usage extension with the -.Dv keyCertSign -bit set or a Netscape Cert Type extension with the -.Dq S/MIME CA certificate -bit set. -.El -.It Xo -.Dv X509_PURPOSE_CRL_SIGN , -.Dv X509_PURPOSE_OCSP_HELPER , -or -.Dv X509_PURPOSE_TIMESTAMP_SIGN -.Xc -.Bl -dash -width 1n -compact -.It -If the -.Fa certificate -is not a version 1 certificate and does not contain a Basic Constraints -extension, it contains a Key Usage extension with the -.Dv keyCertSign -bit set or a Netscape Cert Type extension with at least one of the -.Dq SSL CA certificate , -.Dq S/MIME CA certificate , -or -.Dq Object-signing CA certificate -bits set. -.El -.It Dv X509_PURPOSE_ANY -Nothing is required except that, if any extensions are present, -parsing them needs to succeed. -The check even succeeds if the three other common conditions -cited above this list are violated. -.El -.Pp -If the function -.Xr X509_PURPOSE_add 3 -was called before -.Fn X509_check_purpose , -it may have installed different, user-supplied checking functions -for some of the standard purposes listed above, or it may have -installed additional, user-supplied checking functions for user-defined -.Fa purpose -identifiers not listed above. -.Sh RETURN VALUES -If the parsing of certificate extensions fails, sanity checks fail or the -.Fa purpose -is invalid, -.Fn X509_check_purpose -returns \-1 to indicate the error. -.Pp -If the -.Fa purpose -argument is \-1 and parsing and minimal sanity checks succeed, -.Fn X509_check_purpose -returns 1 to indicate success. -.Pp -Otherwise, it returns the following values: -.Pp -If -.Fa ca -is 0: -.Bl -column -1 Failure -compact -.It 0 Ta Failure Ta The -.Fa certificate -cannot be used for the -.Fa purpose . -.It 1 Ta Success Ta The -.Fa certificate -can be used for the -.Fa purpose . -.It 2 Ta Unknown Ta \&No decision can be made. -.El -.Pp -If -.Fa ca -is non-zero: -.Bl -column -1 Failure -compact -.It 0 Ta Failure Ta The -.Fa certificate -cannot be used as a CA for the -.Fa purpose . -.It 1 Ta Success Ta The -.Fa certificate -can be used as a CA for the -.Fa purpose . -.It 3 Ta Success Ta The Fa certificate No is a version 1 CA . -.It 4 Ta Success Ta The Key Usage allows Dv keyCertSign . -.It 5 Ta Success Ta A Netscape Cert Type allows usage as a CA. -.El -.Sh SEE ALSO -.Xr BASIC_CONSTRAINTS_new 3 , -.Xr EXTENDED_KEY_USAGE_new 3 , -.Xr X509_new 3 , -.Xr X509_PURPOSE_set 3 , -.Xr X509V3_get_d2i 3 , -.Xr x509v3.cnf 5 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile -.Bl -dash -offset indent -compact -.It -section 4.2.1.3: Key Usage -.It -section 4.2.1.9: Basic Constraints -.It -section 4.2.1.12: Extended Key Usage -.El -.Sh HISTORY -.Fn X509_check_purpose -first appeared in OpenSSL 0.9.5 and has been available since -.Ox 2.7 . diff --git a/src/lib/libcrypto/man/X509_cmp.3 b/src/lib/libcrypto/man/X509_cmp.3 deleted file mode 100644 index b1cdec1773..0000000000 --- a/src/lib/libcrypto/man/X509_cmp.3 +++ /dev/null @@ -1,235 +0,0 @@ -.\" $OpenBSD: X509_cmp.3,v 1.4 2024/06/07 14:00:09 job Exp $ -.\" full merge up to: OpenSSL ea5d4b89 Jun 6 11:42:02 2019 +0800 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2019 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Paul Yang . -.\" Copyright (c) 2019 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: June 7 2024 $ -.Dt X509_CMP 3 -.Os -.Sh NAME -.Nm X509_cmp , -.Nm X509_NAME_cmp , -.\" The alias X509_name_cmp(3) is intentionally undocumented -.\" because it is almost unused in real-world code. -.Nm X509_issuer_and_serial_cmp , -.Nm X509_issuer_name_cmp , -.Nm X509_subject_name_cmp , -.Nm X509_CRL_cmp , -.Nm X509_CRL_match -.Nd compare X.509 certificates and related values -.\" The function name_cmp() is intentionally undocumented. -.\" It was a mistake to make it public in the first place, -.\" and it is no longer part of the public API in OpenSSL 1.1. -.Sh SYNOPSIS -.In openssl/x509.h -.Ft int -.Fo X509_cmp -.Fa "const X509 *a" -.Fa "const X509 *b" -.Fc -.Ft int -.Fo X509_NAME_cmp -.Fa "const X509_NAME *a" -.Fa "const X509_NAME *b" -.Fc -.Ft int -.Fo X509_issuer_and_serial_cmp -.Fa "const X509 *a" -.Fa "const X509 *b" -.Fc -.Ft int -.Fo X509_issuer_name_cmp -.Fa "const X509 *a" -.Fa "const X509 *b" -.Fc -.Ft int -.Fo X509_subject_name_cmp -.Fa "const X509 *a" -.Fa "const X509 *b" -.Fc -.Ft int -.Fo X509_CRL_cmp -.Fa "const X509_CRL *a" -.Fa "const X509_CRL *b" -.Fc -.Ft int -.Fo X509_CRL_match -.Fa "const X509_CRL *a" -.Fa "const X509_CRL *b" -.Fc -.Sh DESCRIPTION -.Fn X509_cmp -compares two X.509 certificates using -.Xr memcmp 3 -on the hashes of their canonical (DER) representations as generated with -.Xr X509_digest 3 . -The digest function is implementation-specific: LibreSSL uses SHA-512, other -implementations use SHA-1. -.Pp -.Fn X509_NAME_cmp -compares two X.501 -.Vt Name -objects using their canonical (DER) representations generated with -.Xr i2d_X509_NAME 3 . -.Pp -.Fn X509_issuer_and_serial_cmp -compares the -.Fa issuer -and -.Fa serialNumber -fields of two -.Vt TBSCertificate -structures, using -.Fn X509_NAME_cmp -for the -.Fa issuer -fields. -.Pp -.Fn X509_issuer_name_cmp -compares the -.Fa issuer -fields of two -.Vt TBSCertificate -structures using -.Fn X509_NAME_cmp . -.Pp -.Fn X509_subject_name_cmp -compares the -.Fa subject -fields of two -.Vt TBSCertificate -structures using -.Fn X509_NAME_cmp . -.Pp -.Fn X509_CRL_cmp -is misnamed; it only compares the -.Fa issuer -fields of two -.Vt TBSCertList -structures using -.Fn X509_NAME_cmp . -.Pp -.Fn X509_CRL_match -compares two certificate revocation lists using -.Xr memcmp 3 -on the hashes of their canonical (DER) representations as generated with -.Xr X509_CRL_digest 3 . -The digest function is implementation-specific: LibreSSL uses SHA-512, other -implementations use SHA-1. -.Sh RETURN VALUES -All these functions return 0 to indicate a match or a non-zero value -to indicate a mismatch. -.Pp -.Fn X509_NAME_cmp , -.Fn X509_issuer_and_serial_cmp , -.Fn X509_issuer_name_cmp , -.Fn X509_subject_name_cmp -and -.Fn X509_CRL_cmp -may return -2 to indicate an error. -.Sh SEE ALSO -.Xr i2d_X509_NAME 3 , -.Xr X509_CRL_new 3 , -.Xr X509_digest 3 , -.Xr X509_NAME_new 3 , -.Xr X509_new 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate -and Certificate Revocation List (CRL) Profile -.Bl -dash -compact -offset indent -.It -section 4.1: Basic Certificate Fields -.It -section 5.1: CRL Fields -.El -.Sh HISTORY -.Fn X509_issuer_and_serial_cmp , -.Fn X509_issuer_name_cmp , -and -.Fn X509_subject_name_cmp -first appeared in SSLeay 0.5.1 and -.Fn X509_NAME_cmp -and -.Fn X509_CRL_cmp -in SSLeay 0.8.0. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn X509_cmp -first appeared in OpenSSL 0.9.5 and has been available since -.Ox 2.7 . -.Pp -.Fn X509_CRL_match -first appeared in OpenSSL 1.0.0 and has been available since -.Ox 4.9 . -.Sh BUGS -For -.Fn X509_NAME_cmp , -.Fn X509_issuer_and_serial_cmp , -.Fn X509_issuer_name_cmp , -.Fn X509_subject_name_cmp -and -.Fn X509_CRL_cmp , -the return value -2 sometimes indicates a mismatch and sometimes an error. diff --git a/src/lib/libcrypto/man/X509_cmp_time.3 b/src/lib/libcrypto/man/X509_cmp_time.3 deleted file mode 100644 index bb430dfbb7..0000000000 --- a/src/lib/libcrypto/man/X509_cmp_time.3 +++ /dev/null @@ -1,200 +0,0 @@ -.\" $OpenBSD: X509_cmp_time.3,v 1.12 2024/03/05 18:30:40 tb Exp $ -.\" full merge up to: OpenSSL 83cf7abf May 29 13:07:08 2018 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2017, 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Emilia Kasper -.\" Copyright (c) 2017 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 5 2024 $ -.Dt X509_CMP_TIME 3 -.Os -.Sh NAME -.Nm X509_cmp_time , -.Nm X509_cmp_current_time , -.Nm X509_time_adj_ex , -.Nm X509_time_adj , -.Nm X509_gmtime_adj -.Nd ASN.1 Time utilities -.Sh SYNOPSIS -.In openssl/x509.h -.Ft int -.Fo X509_cmp_time -.Fa "const ASN1_TIME *asn1_time" -.Fa "time_t *cmp_time" -.Fc -.Ft int -.Fo X509_cmp_current_time -.Fa "const ASN1_TIME *asn1_time" -.Fc -.Ft ASN1_TIME * -.Fo X509_time_adj_ex -.Fa "ASN1_TIME *out_time" -.Fa "int offset_day" -.Fa "long offset_sec" -.Fa "time_t *in_time" -.Fc -.Ft ASN1_TIME * -.Fo X509_time_adj -.Fa "ASN1_TIME *out_time" -.Fa "long offset_sec" -.Fa "time_t *in_time" -.Fc -.Ft ASN1_TIME * -.Fo X509_gmtime_adj -.Fa "ASN1_TIME *out_time" -.Fa "long offset_sec" -.Fc -.Sh DESCRIPTION -.Fn X509_cmp_time -parses -.Fa asn1_time -and compares it to -.Fa cmp_time , -or to the current time if -.Fa cmp_time -is -.Dv NULL . -.Fn X509_cmp_current_time -compares it to the current time. -.Pp -.Fn X509_time_adj_ex -sets -.Fa out_time -to a time -.Fa offset_day -and -.Fa offset_sec -later than -.Fa in_time . -The values of -.Fa offset_day -and -.Fa offset_sec -can be negative to set a time before -.Fa in_time . -The -.Fa offset_sec -value can also exceed the number of seconds in a day. -If -.Fa in_time -is -.Dv NULL , -the current time is used instead. -If -.Fa out_time -is -.Dv NULL , -a new -.Vt ASN1_TIME -structure is allocated and returned. -.Pp -.Fn X509_time_adj -does the same with a 0 day offset. -.Pp -.Fn X509_gmtime_adj -does the same using the current time instead of -.Fa in_time , -that is, it sets -.Fa out_time -to a time -.Fa offset_sec -seconds later than the current time. -.Sh RETURN VALUES -.Fn X509_cmp_time -and -.Fn X509_cmp_current_time -return -1 if -.Fa asn1_time -is earlier than or equal to -.Fa cmp_time , -1 if it is later, or 0 on error. -.Pp -.Fn X509_time_adj_ex , -.Fn X509_time_adj , -and -.Fn X509_gmtime_adj -return a pointer to the updated or newly allocated -.Vt ASN1_TIME -structure or -.Dv NULL -on error. -.Sh SEE ALSO -.Xr ASN1_TIME_new 3 , -.Xr ASN1_TIME_set 3 , -.Xr time 3 -.Sh HISTORY -.Fn X509_cmp_current_time -and -.Fn X509_gmtime_adj -first appeared in SSLeay 0.6.0 and have been available since -.Ox 2.4 . -.Pp -.Fn X509_cmp_time -and -.Fn X509_time_adj -first appeared in OpenSSL 0.9.6 and have been available since -.Ox 2.9 . -.Pp -.Fn X509_time_adj_ex -first appeared in OpenSSL 1.0.0 and has been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/X509_digest.3 b/src/lib/libcrypto/man/X509_digest.3 deleted file mode 100644 index 7627e07731..0000000000 --- a/src/lib/libcrypto/man/X509_digest.3 +++ /dev/null @@ -1,155 +0,0 @@ -.\" $OpenBSD: X509_digest.3,v 1.8 2019/08/20 13:27:19 schwarze Exp $ -.\" full merge up to: OpenSSL 1212818e Sep 11 13:22:14 2018 +0100 -.\" -.\" This file was written by Rich Salz -.\" Copyright (c) 2017 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: August 20 2019 $ -.Dt X509_DIGEST 3 -.Os -.Sh NAME -.Nm X509_digest , -.Nm X509_CRL_digest , -.Nm X509_pubkey_digest , -.Nm X509_NAME_digest , -.Nm X509_REQ_digest , -.Nm PKCS7_ISSUER_AND_SERIAL_digest -.Nd get digests of various objects -.Sh SYNOPSIS -.In openssl/x509.h -.Ft int -.Fo X509_digest -.Fa "const X509 *data" -.Fa "const EVP_MD *type" -.Fa "unsigned char *md" -.Fa "unsigned int *len" -.Fc -.Ft int -.Fo X509_CRL_digest -.Fa "const X509_CRL *data" -.Fa "const EVP_MD *type" -.Fa "unsigned char *md" -.Fa "unsigned int *len" -.Fc -.Ft int -.Fo X509_pubkey_digest -.Fa "const X509 *data" -.Fa "const EVP_MD *type" -.Fa "unsigned char *md" -.Fa "unsigned int *len" -.Fc -.Ft int -.Fo X509_REQ_digest -.Fa "const X509_REQ *data" -.Fa "const EVP_MD *type" -.Fa "unsigned char *md" -.Fa "unsigned int *len" -.Fc -.Ft int -.Fo X509_NAME_digest -.Fa "const X509_NAME *data" -.Fa "const EVP_MD *type" -.Fa "unsigned char *md" -.Fa "unsigned int *len" -.Fc -.In openssl/pkcs7.h -.Ft int -.Fo PKCS7_ISSUER_AND_SERIAL_digest -.Fa "PKCS7_ISSUER_AND_SERIAL *data" -.Fa "const EVP_MD *type" -.Fa "unsigned char *md" -.Fa "unsigned int *len" -.Fc -.Sh DESCRIPTION -.Fn X509_pubkey_digest -returns a digest of the DER representation of the public key contained in -.Fa data . -All other functions described here return a digest of the DER -representation of their entire -.Fa data -object. -.Pp -The -.Fa type -parameter specifies the digest to be used, such as -.Xr EVP_sha1 3 . -.Fa md -is a pointer to the buffer where the digest will be copied and is -assumed to be large enough; a size of at least -.Dv EVP_MAX_MD_SIZE -bytes is suggested. -The -.Fa len -parameter, if not -.Dv NULL , -points to a place where the digest size will be stored. -.Sh RETURN VALUES -These functions return 1 for success or 0 for failure. -.Sh SEE ALSO -.Xr EVP_get_digestbyname 3 , -.Xr X509_cmp 3 , -.Xr X509_CRL_new 3 , -.Xr X509_NAME_new 3 , -.Xr X509_new 3 , -.Xr X509_REQ_new 3 -.Sh HISTORY -.Fn X509_digest , -.Fn X509_NAME_digest , -and -.Fn PKCS7_ISSUER_AND_SERIAL_digest -first appeared in SSLeay 0.6.5 and have been available since -.Ox 2.4 . -.Pp -.Fn X509_CRL_digest -and -.Fn X509_REQ_digest -first appeared in OpenSSL 0.9.6 and have been available since -.Ox 2.9 . -.Pp -.Fn X509_pubkey_digest -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/X509_find_by_subject.3 b/src/lib/libcrypto/man/X509_find_by_subject.3 deleted file mode 100644 index 98a76a1fca..0000000000 --- a/src/lib/libcrypto/man/X509_find_by_subject.3 +++ /dev/null @@ -1,69 +0,0 @@ -.\" $OpenBSD: X509_find_by_subject.3,v 1.1 2021/07/04 12:56:27 schwarze Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: July 4 2021 $ -.Dt X509_FIND_BY_SUBJECT 3 -.Os -.Sh NAME -.Nm X509_find_by_subject , -.Nm X509_find_by_issuer_and_serial -.Nd search an array of X.509 certificates -.Sh SYNOPSIS -.In openssl/x509.h -.Ft X509 * -.Fo X509_find_by_subject -.Fa "STACK_OF(X509) *sk" -.Fa "X509_NAME *subject" -.Fc -.Ft X509 * -.Fo X509_find_by_issuer_and_serial -.Fa "STACK_OF(X509) *sk" -.Fa "X509_NAME *issuer" -.Fa "ASN1_INTEGER *serial" -.Fc -.Sh DESCRIPTION -.Fn X509_find_by_subject -searches the variable-sized array -.Fa sk -for a certificate with a matching -.Fa subject -name. -.Pp -.Fn X509_find_by_issuer_and_serial -searches the array for a certificate where both the -.Fa issuer -name and the -.Fa serial -number match the arguments. -.Sh RETURN VALUES -These functions return a pointer to the first matching certificate or -.Dv NULL -if -.Fa sk -is -.Dv NULL -or does not contain a matching certificate. -.Sh SEE ALSO -.Xr ASN1_INTEGER_new 3 , -.Xr STACK_OF 3 , -.Xr X509_cmp 3 , -.Xr X509_get_serialNumber 3 , -.Xr X509_get_subject_name 3 , -.Xr X509_NAME_new 3 , -.Xr X509_new 3 -.Sh HISTORY -These functions first appeared in SSLeay 0.8.1 and have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/X509_get0_notBefore.3 b/src/lib/libcrypto/man/X509_get0_notBefore.3 deleted file mode 100644 index 5e5c08b79a..0000000000 --- a/src/lib/libcrypto/man/X509_get0_notBefore.3 +++ /dev/null @@ -1,264 +0,0 @@ -.\" $OpenBSD: X509_get0_notBefore.3,v 1.7 2024/03/05 18:30:40 tb Exp $ -.\" content checked up to: OpenSSL 27b138e9 May 19 00:16:38 2017 +0000 -.\" -.\" Copyright (c) 2018, 2020 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 5 2024 $ -.Dt X509_GET0_NOTBEFORE 3 -.Os -.Sh NAME -.Nm X509_get0_notBefore , -.Nm X509_get0_notAfter , -.Nm X509_getm_notBefore , -.Nm X509_getm_notAfter , -.Nm X509_get_notBefore , -.Nm X509_get_notAfter , -.Nm X509_CRL_get0_lastUpdate , -.Nm X509_CRL_get0_nextUpdate , -.Nm X509_CRL_get_lastUpdate , -.Nm X509_CRL_get_nextUpdate , -.Nm X509_set1_notBefore , -.Nm X509_set1_notAfter , -.Nm X509_set_notBefore , -.Nm X509_set_notAfter , -.Nm X509_CRL_set1_lastUpdate , -.Nm X509_CRL_set1_nextUpdate , -.Nm X509_CRL_set_lastUpdate , -.Nm X509_CRL_set_nextUpdate -.Nd get and set certificate and CRL validity dates -.Sh SYNOPSIS -.In openssl/x509.h -.Ft const ASN1_TIME * -.Fo X509_get0_notBefore -.Fa "const X509 *x" -.Fc -.Ft const ASN1_TIME * -.Fo X509_get0_notAfter -.Fa "const X509 *x" -.Fc -.Ft ASN1_TIME * -.Fo X509_getm_notBefore -.Fa "const X509 *x" -.Fc -.Ft ASN1_TIME * -.Fo X509_getm_notAfter -.Fa "const X509 *x" -.Fc -.Ft ASN1_TIME * -.Fo X509_get_notBefore -.Fa "const X509 *x" -.Fc -.Ft ASN1_TIME * -.Fo X509_get_notAfter -.Fa "const X509 *x" -.Fc -.Ft const ASN1_TIME * -.Fo X509_CRL_get0_lastUpdate -.Fa "const X509_CRL *crl" -.Fc -.Ft const ASN1_TIME * -.Fo X509_CRL_get0_nextUpdate -.Fa "const X509_CRL *crl" -.Fc -.Ft ASN1_TIME * -.Fo X509_CRL_get_lastUpdate -.Fa "X509_CRL *crl" -.Fc -.Ft ASN1_TIME * -.Fo X509_CRL_get_nextUpdate -.Fa "X509_CRL *crl" -.Fc -.Ft int -.Fo X509_set1_notBefore -.Fa "X509 *x" -.Fa "const ASN1_TIME *tm" -.Fc -.Ft int -.Fo X509_set1_notAfter -.Fa "X509 *x" -.Fa "const ASN1_TIME *tm" -.Fc -.Ft int -.Fo X509_set_notBefore -.Fa "X509 *x" -.Fa "const ASN1_TIME *tm" -.Fc -.Ft int -.Fo X509_set_notAfter -.Fa "X509 *x" -.Fa "const ASN1_TIME *tm" -.Fc -.Ft int -.Fo X509_CRL_set1_lastUpdate -.Fa "X509_CRL *crl" -.Fa "const ASN1_TIME *tm" -.Fc -.Ft int -.Fo X509_CRL_set1_nextUpdate -.Fa "X509_CRL *crl" -.Fa "const ASN1_TIME *tm" -.Fc -.Ft int -.Fo X509_CRL_set_lastUpdate -.Fa "X509_CRL *crl" -.Fa "const ASN1_TIME *tm" -.Fc -.Ft int -.Fo X509_CRL_set_nextUpdate -.Fa "X509_CRL *crl" -.Fa "const ASN1_TIME *tm" -.Fc -.Sh DESCRIPTION -.Fn X509_getm_notBefore -and -.Fn X509_getm_notAfter -return pointers to the -.Fa notBefore -and -.Fa notAfter -fields of the validity period of the certificate -.Fa x , -respectively. -.Fn X509_get_notBefore -and -.Fn X509_get_notAfter -are deprecated aliases implemented as macros. -.Pp -.Fn X509_get0_notBefore -and -.Fn X509_get0_notAfter -are identical except for the const qualifier on the return type. -.Pp -.Fn X509_CRL_get0_lastUpdate -is misnamed in a confusing way: it returns a pointer to the -.Fa thisUpdate -field of the -.Fa crl , -indicating the time when this -.Fa crl -was issued. -.Pp -.Fn X509_CRL_get0_nextUpdate -returns a pointer to the -.Fa nextUpdate -field of the -.Fa crl , -indicating the time when issuing the subsequent CRL will be due. -.Pp -.Fn X509_CRL_get_lastUpdate -and -.Fn X509_CRL_get_nextUpdate -are deprecated and identical except for the const qualifier -on the argument and on the return type. -.Pp -.Fn X509_set1_notBefore , -.Fn X509_set1_notAfter , -.Fn X509_CRL_set1_lastUpdate , -and -.Fn X509_CRL_set1_nextUpdate -set the -.Fa notBefore , -.Fa notAfter , -.Fa thisUpdate Pq sic!\& , -or -.Fa nextUpdate -field of -.Fa x -or -.Fa crl , -respectively, to a deep copy of -.Fa tm -and free the -.Vt ASN1_TIME -value that they replace. -.Pp -.Fn X509_set_notBefore , -.Fn X509_set_notAfter , -.Fn X509_CRL_set_lastUpdate , -and -.Fn X509_CRL_set_nextUpdate -are deprecated aliases. -.Sh RETURN VALUES -The -.Sy get -functions return internal pointers -which must not be freed by the application, or -.Dv NULL -if the requested field is not available. -They may crash with a -.Dv NULL -pointer access if -.Fa x -or -.Fa crl -is -.Dv NULL . -.Pp -The -.Sy set -functions return 1 on success or 0 on failure. -They fail if -.Fa x -is -.Dv NULL -or does not contain a -.Fa validity -substructure, if -.Fa crl -is -.Dv NULL , -or if -.Xr ASN1_STRING_dup 3 -fails. -.Pp -Except for some cases of -.Xr ASN1_STRING_dup 3 -failure, these functions do not support -determining reasons for failure with -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr ASN1_TIME_set 3 , -.Xr X509_cmp_time 3 , -.Xr X509_CRL_get0_by_serial 3 , -.Xr X509_CRL_new 3 , -.Xr X509_get_subject_name 3 , -.Xr X509_new 3 , -.Xr X509_sign 3 , -.Xr X509_VAL_new 3 , -.Xr X509_verify_cert 3 -.Sh HISTORY -.Fn X509_get_notBefore , -.Fn X509_get_notAfter , -.Fn X509_set_notBefore , -and -.Fn X509_set_notAfter -first appeared in SSLeay 0.6.5 and have been available since -.Ox 2.4 . -.Pp -.Fn X509_CRL_get_lastUpdate -and -.Fn X509_CRL_get_nextUpdate -first appeared in OpenSSL 0.9.2 and have been available since -.Ox 2.6 . -.Pp -.Fn X509_CRL_set_lastUpdate -and -.Fn X509_CRL_set_nextUpdate -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Pp -The remaining functions first appeared in OpenSSL 1.1.0 -and have been available since -.Ox 6.3 . diff --git a/src/lib/libcrypto/man/X509_get0_signature.3 b/src/lib/libcrypto/man/X509_get0_signature.3 deleted file mode 100644 index dc3be2c70a..0000000000 --- a/src/lib/libcrypto/man/X509_get0_signature.3 +++ /dev/null @@ -1,280 +0,0 @@ -.\" $OpenBSD: X509_get0_signature.3,v 1.9 2024/08/28 07:18:55 tb Exp $ -.\" selective merge up to: -.\" OpenSSL man3/X509_get0_signature 2f7a2520 Apr 25 17:28:08 2017 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2020 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: August 28 2024 $ -.Dt X509_GET0_SIGNATURE 3 -.Os -.Sh NAME -.Nm X509_get0_signature , -.Nm X509_REQ_get0_signature , -.Nm X509_CRL_get0_signature , -.Nm X509_get0_tbs_sigalg , -.Nm X509_CRL_get0_tbs_sigalg , -.Nm X509_get_signature_type , -.Nm X509_get_signature_nid , -.Nm X509_REQ_get_signature_nid , -.Nm X509_CRL_get_signature_nid , -.Nm X509_get_signature_info -.Nd signature information -.Sh SYNOPSIS -.In openssl/x509.h -.Ft void -.Fo X509_get0_signature -.Fa "const ASN1_BIT_STRING **psig" -.Fa "const X509_ALGOR **palg" -.Fa "const X509 *x" -.Fc -.Ft void -.Fo X509_REQ_get0_signature -.Fa "const X509_REQ *req" -.Fa "const ASN1_BIT_STRING **psig" -.Fa "const X509_ALGOR **palg" -.Fc -.Ft void -.Fo X509_CRL_get0_signature -.Fa "const X509_CRL *crl" -.Fa "const ASN1_BIT_STRING **psig" -.Fa "const X509_ALGOR **palg" -.Fc -.Ft const X509_ALGOR * -.Fo X509_get0_tbs_sigalg -.Fa "const X509 *x" -.Fc -.Ft const X509_ALGOR * -.Fo X509_CRL_get0_tbs_sigalg -.Fa "const X509_CRL *crl" -.Fc -.Ft int -.Fo X509_get_signature_type -.Fa "const X509 *x" -.Fc -.Ft int -.Fo X509_get_signature_nid -.Fa "const X509 *x" -.Fc -.Ft int -.Fo X509_REQ_get_signature_nid -.Fa "const X509_REQ *req" -.Fc -.Ft int -.Fo X509_CRL_get_signature_nid -.Fa "const X509_CRL *crl" -.Fc -.Ft int -.Fo X509_get_signature_info -.Fa "X509 *x" -.Fa "int *md_nid" -.Fa "int *pkey_nid" -.Fa "int *security_bits" -.Fa "uint32_t *flags" -.Fc -.Sh DESCRIPTION -.Fn X509_get0_signature , -.Fn X509_REQ_get0_signature , -and -.Fn X509_CRL_get0_signature -set -.Pf * Fa psig -to the signature and -.Pf * Fa palg -to the signature algorithm of -.Fa x , -.Fa req , -or -.Fa crl , -respectively. -.Fn X509_get0_tbs_sigalg -and -.Fn X509_CRL_get0_tbs_sigalg -return the signature algorithm in the signed portion of -.Fa x -or -.Fa crl , -respectively. -The values returned are internal pointers -that must not be freed by the caller. -.Pp -.Fn X509_get_signature_type -returns the base NID corresponding to the signature algorithm of -.Fa x -just like -.Xr EVP_PKEY_base_id 3 -does. -.Pp -.Fn X509_get_signature_nid , -.Fn X509_REQ_get_signature_nid , -and -.Fn X509_CRL_get_signature_nid -return the NID corresponding to the signature algorithm of -.Fa x , -.Fa req , -or -.Fa crl , -respectively, just like -.Xr EVP_PKEY_id 3 -does. -.Pp -.Fn X509_get_signature_info -retrieves information about the signature of certificate -.Fa x . -The NID of the digest algorithm is written to -.Pf * Fa md_nid , -the public key algorithm to -.Pf * Fa pkey_nid , -the effective security bits to -.Pf * Fa security_bits , -and flag details to -.Pf * Fa flags . -Any of the output parameters can be set to -.Dv NULL -if the information is not required. -If -.Fa flags -is not a -.Dv NULL -pointer, -.Pf * Fa flags -is set to the bitwise OR of: -.Bl -tag -width 1n -offset 3n -.It Dv X509_SIG_INFO_VALID -No error occurred. -This flag is set if -.Fn X509_get_signature_info -returns 1. -.It Dv X509_SIG_INFO_TLS -The signature algorithm is appropriate for use in TLS. -For a supported EdDSA algorithm (in LibreSSL this is Ed25519) -this flag is always set. -For an RSASSA-PSS PSS algorithm this flag is set if -the parameters are DER encoded, -the digest algorithm is one of SHA256, SHA384, or SHA512, -the same digest algorithm is used in the mask generation function, -and the salt length is equal to the digest algorithm's output length. -For all other signature algorithms this flag is set if the digest -algorithm is one of SHA1, SHA256, SHA384, or SHA512. -.El -.Pp -.Fn X509_get_signature_info -returns 1 on success and 0 on failure. -Failure conditions include unsupported signature algorithms, -certificate parsing errors and memory allocation failure. -.Pp -These functions provide lower level access to the signature -for cases where an application wishes to analyse or generate a -signature in a form where -.Xr X509_sign 3 -is not appropriate, for example in a non-standard or unsupported format. -.Sh SEE ALSO -.Xr EVP_PKEY_base_id 3 , -.Xr OBJ_obj2nid 3 , -.Xr X509_ALGOR_new 3 , -.Xr X509_CRL_get0_by_serial 3 , -.Xr X509_CRL_new 3 , -.Xr X509_get_pubkey 3 , -.Xr X509_get_subject_name 3 , -.Xr X509_get_version 3 , -.Xr X509_new 3 , -.Xr X509_REQ_new 3 , -.Xr X509_sign 3 , -.Xr X509_signature_dump 3 , -.Xr X509_verify_cert 3 -.Sh HISTORY -.Fn X509_get_signature_type -first appeared in SSLeay 0.8.0 and has been available since -.Ox 2.4 . -.Pp -.Fn X509_get0_signature -and -.Fn X509_get_signature_nid -first appeared in OpenSSL 1.0.2. -.Fn X509_REQ_get0_signature , -.Fn X509_CRL_get0_signature , -.Fn X509_get0_tbs_sigalg , -.Fn X509_REQ_get_signature_nid , -and -.Fn X509_CRL_get_signature_nid -first appeared in OpenSSL 1.1.0. -All these functions have been available since -.Ox 6.3 . -.Pp -.Fn X509_CRL_get0_tbs_sigalg -first appeared in LibreSSL 3.7.1 and has been available since -.Ox 7.3 . -.Pp -.Fn X509_get_signature_info -first appeared in OpenSSL 1.1.1 and has been available since -.Ox 7.6 . -.Sh CAVEATS -The security bits returned by -.Fn X509_get_signature_info -refer to the information available from the certificate signature -(such as the signing digest). -In some cases the actual security of the signature is smaller -because the signing key is less secure. -For example in a certificate signed using SHA512 -and a 1024-bit RSA key. diff --git a/src/lib/libcrypto/man/X509_get1_email.3 b/src/lib/libcrypto/man/X509_get1_email.3 deleted file mode 100644 index c38a604899..0000000000 --- a/src/lib/libcrypto/man/X509_get1_email.3 +++ /dev/null @@ -1,123 +0,0 @@ -.\" $OpenBSD: X509_get1_email.3,v 1.1 2019/08/23 12:23:39 schwarze Exp $ -.\" -.\" Copyright (c) 2019 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: August 23 2019 $ -.Dt X509_GET1_EMAIL 3 -.Os -.Sh NAME -.Nm X509_get1_email , -.Nm X509_get1_ocsp , -.Nm X509_email_free -.Nd utilities for stacks of strings -.Sh SYNOPSIS -.In openssl/x509v3.h -.Vt typedef char *OPENSSL_STRING ; -.Ft STACK_OF(OPENSSL_STRING) * -.Fo X509_get1_email -.Fa "X509 *certificate" -.Fc -.Ft STACK_OF(OPENSSL_STRING) * -.Fo X509_get1_ocsp -.Fa "X509 *certificate" -.Fc -.Ft void -.Fo X509_email_free -.Fa "STACK_OF(OPENSSL_STRING) *stack" -.Fc -.Sh DESCRIPTION -.Fn X509_get1_email -retrieves all email addresses from the -.Fa subject -field and from any -Subject Alternative Name extension of the -.Fa certificate . -.Pp -.Fn X509_get1_ocsp -retrieves all uniform resource identifiers -from all -.Vt AccessDescription -objects having an -.Fa accessMethod -of OCSP which are contained in the Authority Information Access extension -of the -.Fa certificate . -.Pp -.Fn X509_email_free -frees all strings stored in the -.Fa stack -as well as the stack itself. -If -.Fa stack -is a -.Dv NULL -pointer, no action occurs. -.Sh RETURN VALUES -.Fn X509_REQ_get1_email -and -.Fn X509_get1_ocsp -return newly allocated stacks of -.Vt char * -containing copies of the addresses in question, or -.Dv NULL -if there are no addresses or if an error occurs. -.Sh SEE ALSO -.Xr OCSP_sendreq_new 3 , -.Xr OCSP_SERVICELOC_new 3 , -.Xr OPENSSL_sk_new 3 , -.Xr STACK_OF 3 , -.Xr X509_check_email 3 , -.Xr X509_get_ext_d2i 3 , -.Xr X509_get_subject_name 3 , -.Xr X509_new 3 , -.Xr x509v3.cnf 5 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile -.Bl -dash -offset indent -compact -.It -section 4.1: Basic Certificate Fields -.It -section 4.1.2.6: Subject -.It -section 4.2.1.6: Subject Alternative Name -.It -section 4.2.2.1: Authority Information Access -.El -.Pp -RFC 2985: PKCS #9: Selected Object Classes and Attribute Types -.Bl -dash -offset indent -compact -.It -section 5.2.1: Electronic-mail address -.It -appendix B.3.5: emailAddress -.El -.Sh HISTORY -.Fn X509_get1_email -and -.Fn X509_email_free -first appeared in OpenSSL 0.9.6 and have been available since -.Ox 2.9 . -.Pp -.Fn X509_get1_ocsp -first appeared in OpenSSL 0.9.8h and has been available since -.Ox 4.5 . -.Sh BUGS -.Fn X509_email_free -is utterly misnamed. -It does not operate on any -.Vt X509 -object, nor is it in any way restricted to email addresses; -instead, it simply frees a stack of strings. diff --git a/src/lib/libcrypto/man/X509_get_extension_flags.3 b/src/lib/libcrypto/man/X509_get_extension_flags.3 deleted file mode 100644 index 1d7f29c687..0000000000 --- a/src/lib/libcrypto/man/X509_get_extension_flags.3 +++ /dev/null @@ -1,234 +0,0 @@ -.\" $OpenBSD: X509_get_extension_flags.3,v 1.4 2023/04/30 19:40:23 tb Exp $ -.\" full merge up to: OpenSSL 361136f4 Sep 1 18:56:58 2015 +0100 -.\" selective merge up to: OpenSSL 2b2e3106f Feb 16 15:04:45 2021 +0000 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: April 30 2023 $ -.Dt X509_GET_EXTENSION_FLAGS 3 -.Os -.Sh NAME -.Nm X509_get_extension_flags , -.Nm X509_get_key_usage , -.Nm X509_get_extended_key_usage -.Nd retrieve certificate extension data -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft uint32_t -.Fo X509_get_extension_flags -.Fa "X509 *x" -.Fc -.Ft uint32_t -.Fo X509_get_key_usage -.Fa "X509 *x" -.Fc -.Ft uint32_t -.Fo X509_get_extended_key_usage -.Fa "X509 *x" -.Fc -.Sh DESCRIPTION -These functions retrieve information related to commonly used -certificate extensions. -.Pp -.Fn X509_get_extension_flags -retrieves general information about a certificate. -It returns one or more of the following flags OR'ed together. -.Bl -tag -width Ds -.It Dv EXFLAG_V1 -The certificate is an obsolete version 1 certificate. -.It Dv EXFLAG_BCONS -The certificate contains a basic constraints extension. -.It Dv EXFLAG_CA -The certificate contains basic constraints and asserts the CA flag. -.It Dv EXFLAG_PROXY -The certificate is a valid proxy certificate. -In LibreSSL this flag is never set. -.It Dv EXFLAG_SI -The certificate is self issued (that is subject and issuer names match). -.It Dv EXFLAG_SS -The subject and issuer names match and extension values imply it is self -signed. -.It Dv EXFLAG_FRESHEST -The freshest CRL extension is present in the certificate. -.It Dv EXFLAG_CRITICAL -The certificate contains an unhandled critical extension. -.It Dv EXFLAG_INVALID -Some certificate extension values are invalid or inconsistent. -The certificate should be rejected. -This bit may also be raised after an out-of-memory error while -processing the X509 object, so it may not be related to the processed -ASN1 object itself. -.\" EXFLAG_NO_FINGERPRINT is not available in LibreSSL. Do we need -.\" https://github.com/openssl/openssl/issues/13698 and the fix it fixes? -.\".It Dv EXFLAG_NO_FINGERPRINT -.\" Failed to compute the internal SHA1 hash value of the certificate. -.\" This may be due to malloc failure or because no SHA1 implementation was -.\" found. -.It Dv EXFLAG_INVALID_POLICY -The -.Dv NID_certificate_policies -certificate extension is invalid or inconsistent. -The certificate should be rejected. -This bit may also be raised after an out-of-memory error while -processing the X509 object, so it may not be related to the processed -ASN1 object itself. -.It Dv EXFLAG_KUSAGE -The certificate contains a key usage extension. -The value can be retrieved using -.Fn X509_get_key_usage . -.It Dv EXFLAG_XKUSAGE -The certificate contains an extended key usage extension. -The value can be retrieved using -.Fn X509_get_extended_key_usage . -.El -.Pp -.Fn X509_get_key_usage -returns the value of the key usage extension. -If key usage is present, it returns zero or more of these flags: -.Dv KU_DIGITAL_SIGNATURE , -.Dv KU_NON_REPUDIATION , -.Dv KU_KEY_ENCIPHERMENT , -.Dv KU_DATA_ENCIPHERMENT , -.Dv KU_KEY_AGREEMENT , -.Dv KU_KEY_CERT_SIGN , -.Dv KU_CRL_SIGN , -.Dv KU_ENCIPHER_ONLY , -or -.Dv KU_DECIPHER_ONLY , -corresponding to individual key usage bits. -If key usage is absent, -.Dv UINT32_MAX -is returned. -.Pp -The following aliases for these flags are defined in -.In openssl/x509.h : -.Dv X509v3_KU_DIGITAL_SIGNATURE , -.Dv X509v3_KU_NON_REPUDIATION , -.Dv X509v3_KU_KEY_ENCIPHERMENT , -.Dv X509v3_KU_DATA_ENCIPHERMENT , -.Dv X509v3_KU_KEY_AGREEMENT , -.Dv X509v3_KU_KEY_CERT_SIGN , -.Dv X509v3_KU_CRL_SIGN , -.Dv X509v3_KU_ENCIPHER_ONLY , -and -.Dv X509v3_KU_DECIPHER_ONLY . -.\" X509v3_KU_UNDEF is intentionally undocumented because nothing uses it. -.Pp -.Fn X509_get_extended_key_usage -returns the value of the extended key usage extension. -If extended key usage is present, it returns zero or more of these -flags: -.Dv XKU_SSL_SERVER , -.Dv XKU_SSL_CLIENT , -.Dv XKU_SMIME , -.Dv XKU_CODE_SIGN -.Dv XKU_OCSP_SIGN , -.Dv XKU_TIMESTAMP , -.Dv XKU_DVCS , -or -.Dv XKU_ANYEKU . -These correspond to the OIDs -.Qq id-kp-serverAuth , -.Qq id-kp-clientAuth , -.Qq id-kp-emailProtection , -.Qq id-kp-codeSigning , -.Qq id-kp-OCSPSigning , -.Qq id-kp-timeStamping , -.Qq id-kp-dvcs , -and -.Qq anyExtendedKeyUsage , -respectively. -Additionally, -.Dv XKU_SGC -is set if either Netscape or Microsoft SGC OIDs are present. -.Pp -The value of the flags correspond to extension values which are cached -in the -.Vt X509 -structure. -If the flags returned do not provide sufficient information, -an application should examine extension values directly, -for example using -.Xr X509_get_ext_d2i 3 . -.Pp -If the key usage or extended key usage extension is absent then -typically usage is unrestricted. -For this reason -.Fn X509_get_key_usage -and -.Fn X509_get_extended_key_usage -return -.Dv UINT32_MAX -when the corresponding extension is absent. -Applications can additionally check the return value of -.Fn X509_get_extension_flags -and take appropriate action if an extension is absent. -.Sh RETURN VALUES -.Fn X509_get_extension_flags , -.Fn X509_get_key_usage -and -.Fn X509_get_extended_key_usage -return sets of flags corresponding to the certificate extension values. -.Sh SEE ALSO -.Xr BASIC_CONSTRAINTS_new 3 , -.Xr EXTENDED_KEY_USAGE_new 3 , -.Xr POLICYINFO_new 3 , -.Xr X509_check_ca 3 , -.Xr X509_check_purpose 3 , -.Xr X509_EXTENSION_new 3 , -.Xr X509_get_ext_d2i 3 , -.Xr X509_get_subject_name 3 , -.Xr X509_get_version 3 , -.Xr X509_new 3 -.Sh HISTORY -.Nm X509_get_extension_flags , -.Nm X509_get_key_usage , -and -.Nm X509_get_extended_key_usage -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 7.1 . diff --git a/src/lib/libcrypto/man/X509_get_pubkey.3 b/src/lib/libcrypto/man/X509_get_pubkey.3 deleted file mode 100644 index 0829397982..0000000000 --- a/src/lib/libcrypto/man/X509_get_pubkey.3 +++ /dev/null @@ -1,296 +0,0 @@ -.\" $OpenBSD: X509_get_pubkey.3,v 1.13 2022/03/31 17:27:17 naddy Exp $ -.\" selective merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2020, 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 31 2022 $ -.Dt X509_GET_PUBKEY 3 -.Os -.Sh NAME -.Nm X509_get_pubkey , -.Nm X509_get0_pubkey , -.Nm X509_set_pubkey , -.Nm X509_get_X509_PUBKEY , -.Nm X509_get0_pubkey_bitstr , -.Nm X509_REQ_get_pubkey , -.Nm X509_REQ_get0_pubkey , -.Nm X509_REQ_set_pubkey , -.Nm X509_extract_key , -.Nm X509_REQ_extract_key -.Nd get or set certificate or certificate request public key -.Sh SYNOPSIS -.In openssl/x509.h -.Ft EVP_PKEY * -.Fo X509_get_pubkey -.Fa "X509 *x" -.Fc -.Ft EVP_PKEY * -.Fo X509_get0_pubkey -.Fa "const X509 *x" -.Fc -.Ft int -.Fo X509_set_pubkey -.Fa "X509 *x" -.Fa "EVP_PKEY *pkey" -.Fc -.Ft X509_PUBKEY * -.Fo X509_get_X509_PUBKEY -.Fa "const X509 *x" -.Fc -.Ft ASN1_BIT_STRING * -.Fo X509_get0_pubkey_bitstr -.Fa "const X509 *x" -.Fc -.Ft EVP_PKEY * -.Fo X509_REQ_get_pubkey -.Fa "X509_REQ *req" -.Fc -.Ft EVP_PKEY * -.Fo X509_REQ_get0_pubkey -.Fa "X509_REQ *req" -.Fc -.Ft int -.Fo X509_REQ_set_pubkey -.Fa "X509_REQ *x" -.Fa "EVP_PKEY *pkey" -.Fc -.Ft EVP_PKEY * -.Fo X509_extract_key -.Fa "X509 *x" -.Fc -.Ft EVP_PKEY * -.Fo X509_REQ_extract_key -.Fa "X509_REQ *req" -.Fc -.Sh DESCRIPTION -.Fn X509_get_pubkey -attempts to decode the public key for certificate -.Fa x . -If successful, it returns the public key as an -.Vt EVP_PKEY -pointer with its reference count incremented: this means the returned -key must be freed up after use. -.Fn X509_get0_pubkey -is similar except that it does not increment the reference count -of the returned -.Vt EVP_PKEY , -so it must not be freed up after use. -.Pp -.Fn X509_get_X509_PUBKEY -returns an internal pointer to the -.Vt SubjectPublicKeyInfo -structure contained in -.Fa x . -The returned value must not be freed up after use. -.Pp -.Fn X509_get0_pubkey_bitstr -returns an internal pointer to just the public key contained in this -.Vt SubjectPublicKeyInfo -structure, without the information about the algorithm used. -.Pp -.Fn X509_set_pubkey -attempts to set the public key for certificate -.Fa x -to -.Fa pkey . -The key -.Fa pkey -should be freed up after use. -.Pp -.Fn X509_REQ_get_pubkey , -.Fn X509_REQ_get0_pubkey , -and -.Fn X509_REQ_set_pubkey -are similar but operate on certificate request -.Fa req . -.Pp -The first time a public key is decoded, the -.Vt EVP_PKEY -structure is cached in the certificate or certificate request itself. -Subsequent calls return the cached structure with its reference count -incremented to improve performance. -.Pp -.Fn X509_extract_key -and -.Fn X509_REQ_extract_key -are deprecated aliases for -.Fn X509_get_pubkey -and -.Fn X509_REQ_get_pubkey , -respectively, implemented as macros. -.Sh RETURN VALUES -.Fn X509_get_pubkey , -.Fn X509_get0_pubkey , -.Fn X509_get_X509_PUBKEY , -.Fn X509_get0_pubkey_bitstr , -.Fn X509_REQ_get_pubkey , -.Fn X509_REQ_get0_pubkey , -.Fn X509_extract_key , -and -.Fn X509_REQ_extract_key -return a public key or -.Dv NULL -if an error occurred. -.Pp -.Fn X509_set_pubkey -and -.Fn X509_REQ_set_pubkey -return 1 for success or 0 for failure. -.Pp -In some cases of failure of -.Fn X509_get0_pubkey , -.Fn X509_set_pubkey , -.Fn X509_REQ_get_pubkey , -.Fn X509_REQ_get0_pubkey , -and -.Fn X509_REQ_set_pubkey , -the reason can be determined with -.Xr ERR_get_error 3 . -.Sh ERRORS -.Fn X509_get_pubkey , -.Fn X509_get0_pubkey , -.Fn X509_REQ_get_pubkey , -.Fn X509_extract_key , -and -.Fn X509_REQ_extract_key -provide diagnostics as documented for -.Xr X509_PUBKEY_get 3 . -If -.Fa x -or -.Fa req -is -.Dv NULL -or contains no certificate information, -they fail without pushing an error onto the stack. -.Pp -.Fn X509_get_X509_PUBKEY -provides no diagnostics and crashes by accessing a -.Dv NULL -pointer if -.Fa x -is -.Dv NULL -or contains no certificate information, -.Pp -.Fn X509_get0_pubkey_bitstr -provides no diagnostics -and fails without pushing an error onto the stack if -.Fa x -is -.Dv NULL , -but it crashes by accessing a -.Dv NULL -pointer if -.Fa x -contains no certificate information. -.Sh SEE ALSO -.Xr d2i_X509 3 , -.Xr X509_CRL_get0_by_serial 3 , -.Xr X509_NAME_add_entry_by_txt 3 , -.Xr X509_NAME_ENTRY_get_object 3 , -.Xr X509_NAME_get_index_by_NID 3 , -.Xr X509_NAME_print_ex 3 , -.Xr X509_new 3 , -.Xr X509_PUBKEY_new 3 , -.Xr X509_REQ_new 3 , -.Xr X509_sign 3 , -.Xr X509_verify_cert 3 , -.Xr X509V3_get_d2i 3 -.Sh STANDARDS -RFC 5280, Internet X.509 Public Key Infrastructure Certificate -and Certificate Revocation List (CRL) Profile, -section 4.1 Basic Certificate Fields -.Pp -RFC 2986: PKCS #10: Certification Request Syntax Specification, -section 4.1 CertificationRequestInfo -.Sh HISTORY -.Fn X509_extract_key -and -.Fn X509_REQ_extract_key -first appeared in SSLeay 0.5.1 but returned a pointer to an -.Vt RSA -object before SSLeay 0.6.0. -.Fn X509_get_pubkey , -.Fn X509_set_pubkey , -.Fn X509_REQ_get_pubkey , -and -.Fn X509_REQ_set_pubkey -first appeared in SSLeay 0.6.5. -.Fn X509_get_X509_PUBKEY -first appeared in SSLeay 0.8.0. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn X509_get0_pubkey_bitstr -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.4 . -.Pp -.Fn X509_get0_pubkey -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 6.3 . -.Fn X509_REQ_get0_pubkey -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 7.1 . diff --git a/src/lib/libcrypto/man/X509_get_pubkey_parameters.3 b/src/lib/libcrypto/man/X509_get_pubkey_parameters.3 deleted file mode 100644 index 181361477e..0000000000 --- a/src/lib/libcrypto/man/X509_get_pubkey_parameters.3 +++ /dev/null @@ -1,99 +0,0 @@ -.\" $OpenBSD: X509_get_pubkey_parameters.3,v 1.2 2021/11/26 13:35:10 schwarze Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: November 26 2021 $ -.Dt X509_GET_PUBKEY_PARAMETERS 3 -.Os -.Sh NAME -.Nm X509_get_pubkey_parameters -.Nd copy public key parameters from a chain -.Sh SYNOPSIS -.In openssl/x509.h -.Ft int -.Fo X509_get_pubkey_parameters -.Fa "EVP_PKEY *pkey" -.Fa "STACK_OF(X509) *chain" -.Fc -.Sh DESCRIPTION -.Fn X509_get_pubkey_parameters -copies public key parameters from the first appropriate certificate in the -.Fa chain . -.Pp -If -.Fa pkey -is not -.Dv NULL -and already contains complete public key parameters or uses an -algorithm that does not use any parameters, no action occurs and -the function indicates success without inspecting the existing -parameters, without inspecting the -.Fa chain , -and without comparing any parameters. -.Pp -Otherwise, all public key parameters are copied -from the first certificate in the -.Fa chain -that contains complete public key parameters -to each certificate preceding it in the -.Fa chain . -Unless -.Fa pkey -is a -.Dv NULL -pointer, the same parameters are also copied to -.Fa pkey . -.Sh RETURN VALUES -.Fn X509_get_pubkey_parameters -returns 1 for success or 0 for failure. -.Sh ERRORS -The following diagnostics can be retrieved with -.Xr ERR_get_error 3 , -.Xr ERR_GET_REASON 3 , -and -.Xr ERR_reason_error_string 3 : -.Bl -tag -width Ds -.It Dv X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY Qq unable to get certs public key -Retrieving the public key from a certificate in the -.Fa chain -failed before a certificate containing complete public key parameters -could be found. -.It Xo -.Dv X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN -.Qq unable to find parameters in chain -.Xc -None of the certificates in the chain -contain complete public key parameters. -.El -.Sh SEE ALSO -.Xr EVP_PKEY_copy_parameters 3 , -.Xr EVP_PKEY_new 3 , -.Xr X509_get_pubkey 3 , -.Xr X509_new 3 -.Sh HISTORY -.Fn X509_get_pubkey_parameters -first appeared in SSLeay 0.8.0 and has been available since -.Ox 2.4 . -.Sh CAVEATS -If -.Fn X509_get_pubkey_parameters -fails and returns 0, a part of the parameters may or may not have -been copied before the failure was detected, whereas other parts of -.Fa pkey -and -.Fa chain -may remain unchanged. -So in case of failure, the state of the arguments may change -and possibly become inconsistent. diff --git a/src/lib/libcrypto/man/X509_get_serialNumber.3 b/src/lib/libcrypto/man/X509_get_serialNumber.3 deleted file mode 100644 index 7d757c7a71..0000000000 --- a/src/lib/libcrypto/man/X509_get_serialNumber.3 +++ /dev/null @@ -1,129 +0,0 @@ -.\" $OpenBSD: X509_get_serialNumber.3,v 1.5 2020/06/19 12:01:20 schwarze Exp $ -.\" full merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: June 19 2020 $ -.Dt X509_GET_SERIALNUMBER 3 -.Os -.Sh NAME -.Nm X509_get_serialNumber , -.Nm X509_get0_serialNumber , -.Nm X509_set_serialNumber -.Nd get or set certificate serial number -.Sh SYNOPSIS -.In openssl/x509.h -.Ft ASN1_INTEGER * -.Fo X509_get_serialNumber -.Fa "X509 *x" -.Fc -.Ft const ASN1_INTEGER * -.Fo X509_get0_serialNumber -.Fa "const X509 *x" -.Fc -.Ft int -.Fo X509_set_serialNumber -.Fa "X509 *x" -.Fa "ASN1_INTEGER *serial" -.Fc -.Sh DESCRIPTION -.Fn X509_get_serialNumber -returns the serial number of certificate -.Fa x -as an -.Vt ASN1_INTEGER -structure which can be examined or initialised. -The value returned is an internal pointer which must not be freed -up after the call. -.Pp -.Fn X509_get0_serialNumber -does the same except that it accepts a constant argument -and returns a constant result. -.Pp -.Fn X509_set_serialNumber -sets the serial number of certificate -.Fa x -to -.Fa serial . -A copy of the serial number is used internally so -.Fa serial -should be freed up after use. -.Sh RETURN VALUES -.Fn X509_get_serialNumber -and -.Fn X509_get0_serialNumber -return a pointer to an -.Vt ASN1_INTEGER -structure. -.Pp -.Fn X509_set_serialNumber -returns 1 for success or 0 for failure. -In some cases of failure, the reason can be determined with -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr d2i_X509 3 , -.Xr X509_CRL_get0_by_serial 3 , -.Xr X509_get_pubkey 3 , -.Xr X509_NAME_add_entry_by_txt 3 , -.Xr X509_NAME_ENTRY_get_object 3 , -.Xr X509_NAME_get_index_by_NID 3 , -.Xr X509_NAME_print_ex 3 , -.Xr X509_new 3 , -.Xr X509_sign 3 , -.Xr X509_verify_cert 3 , -.Xr X509V3_get_d2i 3 -.Sh HISTORY -.Fn X509_get_serialNumber -and -.Fn X509_set_serialNumber -first appeared in SSLeay 0.6.5 and have been available since -.Ox 2.4 . -.Pp -.Fn X509_get0_serialNumber -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 6.4 . diff --git a/src/lib/libcrypto/man/X509_get_subject_name.3 b/src/lib/libcrypto/man/X509_get_subject_name.3 deleted file mode 100644 index fb9611f645..0000000000 --- a/src/lib/libcrypto/man/X509_get_subject_name.3 +++ /dev/null @@ -1,189 +0,0 @@ -.\" $OpenBSD: X509_get_subject_name.3,v 1.10 2020/10/21 17:17:44 tb Exp $ -.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: October 21 2020 $ -.Dt X509_GET_SUBJECT_NAME 3 -.Os -.Sh NAME -.Nm X509_get_subject_name , -.Nm X509_set_subject_name , -.Nm X509_get_issuer_name , -.Nm X509_set_issuer_name , -.Nm X509_REQ_get_subject_name , -.Nm X509_REQ_set_subject_name , -.Nm X509_CRL_get_issuer , -.Nm X509_CRL_set_issuer_name -.Nd get and set issuer or subject names -.Sh SYNOPSIS -.In openssl/x509.h -.Ft X509_NAME * -.Fo X509_get_subject_name -.Fa "const X509 *x" -.Fc -.Ft int -.Fo X509_set_subject_name -.Fa "X509 *x" -.Fa "X509_NAME *name" -.Fc -.Ft X509_NAME * -.Fo X509_get_issuer_name -.Fa "const X509 *x" -.Fc -.Ft int -.Fo X509_set_issuer_name -.Fa "X509 *x" -.Fa "X509_NAME *name" -.Fc -.Ft X509_NAME * -.Fo X509_REQ_get_subject_name -.Fa "const X509_REQ *req" -.Fc -.Ft int -.Fo X509_REQ_set_subject_name -.Fa "X509_REQ *req" -.Fa "X509_NAME *name" -.Fc -.Ft X509_NAME * -.Fo X509_CRL_get_issuer -.Fa "const X509_CRL *crl" -.Fc -.Ft int -.Fo X509_CRL_set_issuer_name -.Fa "X509_CRL *x" -.Fa "X509_NAME *name" -.Fc -.Sh DESCRIPTION -.Fn X509_get_subject_name -returns the subject name of certificate -.Fa x . -The returned value is an internal pointer which must not be freed. -.Pp -.Fn X509_set_subject_name -sets the issuer name of certificate -.Fa x -to -.Fa name . -The -.Fa name -parameter is copied internally and should be freed up when it is no -longer needed. -.Pp -.Fn X509_get_issuer_name -and -.Fn X509_set_issuer_name -are identical to -.Fn X509_get_subject_name -and -.Fn X509_set_subject_name -except that they get and set the issuer name of -.Fa x . -.Pp -Similarly -.Fn X509_REQ_get_subject_name , -.Fn X509_REQ_set_subject_name , -.Fn X509_CRL_get_issuer , -and -.Fn X509_CRL_set_issuer_name -get or set the subject or issuer names of certificate requests -of CRLs, respectively. -.Sh RETURN VALUES -.Fn X509_get_subject_name , -.Fn X509_get_issuer_name , -.Fn X509_REQ_get_subject_name , -and -.Fn X509_CRL_get_issuer -return a pointer to an -.Vt X509_NAME -object. -.Pp -.Fn X509_set_subject_name , -.Fn X509_set_issuer_name , -.Fn X509_REQ_set_subject_name , -and -.Fn X509_CRL_set_issuer_name -return 1 for success or 0 for failure. -In some cases of failure, the reason can be determined with -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr d2i_X509_NAME 3 , -.Xr X509_CRL_get0_by_serial 3 , -.Xr X509_CRL_new 3 , -.Xr X509_get_pubkey 3 , -.Xr X509_NAME_add_entry_by_txt 3 , -.Xr X509_NAME_ENTRY_get_object 3 , -.Xr X509_NAME_get_index_by_NID 3 , -.Xr X509_NAME_new 3 , -.Xr X509_NAME_print_ex 3 , -.Xr X509_new 3 , -.Xr X509_REQ_new 3 , -.Xr X509_sign 3 , -.Xr X509_verify_cert 3 , -.Xr X509V3_get_d2i 3 -.Sh HISTORY -.Fn X509_get_subject_name -and -.Fn X509_get_issuer_name -appeared in SSLeay 0.4 or earlier. -.Fn X509_set_subject_name , -.Fn X509_set_issuer_name , -.Fn X509_REQ_get_subject_name , -and -.Fn X509_REQ_set_subject_name -first appeared in SSLeay 0.6.5. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn X509_CRL_get_issuer -first appeared in OpenSSL 0.9.2b and has been available since -.Ox 2.6 . -.Pp -.Fn X509_CRL_set_issuer_name -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/X509_get_version.3 b/src/lib/libcrypto/man/X509_get_version.3 deleted file mode 100644 index ee46ff7c8c..0000000000 --- a/src/lib/libcrypto/man/X509_get_version.3 +++ /dev/null @@ -1,162 +0,0 @@ -.\" $OpenBSD: X509_get_version.3,v 1.8 2020/10/21 17:17:44 tb Exp $ -.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2015, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: October 21 2020 $ -.Dt X509_GET_VERSION 3 -.Os -.Sh NAME -.Nm X509_get_version , -.Nm X509_set_version , -.Nm X509_REQ_get_version , -.Nm X509_REQ_set_version , -.Nm X509_CRL_get_version , -.Nm X509_CRL_set_version -.Nd get or set certificate, certificate request, or CRL version -.Sh SYNOPSIS -.In openssl/x509.h -.Ft long -.Fo X509_get_version -.Fa "const X509 *x" -.Fc -.Ft int -.Fo X509_set_version -.Fa "X509 *x" -.Fa "long version" -.Fc -.Ft long -.Fo X509_REQ_get_version -.Fa "const X509_REQ *req" -.Fc -.Ft int -.Fo X509_REQ_set_version -.Fa "X509_REQ *x" -.Fa "long version" -.Fc -.Ft long -.Fo X509_CRL_get_version -.Fa "const X509_CRL *crl" -.Fc -.Ft int -.Fo X509_CRL_set_version -.Fa "X509_CRL *x" -.Fa "long version" -.Fc -.Sh DESCRIPTION -.Fn X509_get_version -returns the numerical value of the version field of certificate -.Fa x . -Note: this is defined by standards (X.509 et al.) to be one less -than the certificate version. -So a version 3 certificate will return 2 and a version 1 certificate -will return 0. -.Pp -.Fn X509_set_version -sets the numerical value of the version field of certificate -.Fa x -to -.Fa version . -.Pp -Similarly -.Fn X509_REQ_get_version , -.Fn X509_REQ_set_version , -.Fn X509_CRL_get_version , -and -.Fn X509_CRL_set_version -get and set the version number of certificate requests and CRLs. -.Pp -The version field of certificates, certificate requests, and CRLs -has a DEFAULT value of v1(0) meaning the field should be omitted -for version 1. -This is handled transparently by these functions. -.Sh RETURN VALUES -.Fn X509_get_version , -.Fn X509_REQ_get_version , -and -.Fn X509_CRL_get_version -return the numerical value of the version field. -.Pp -.Fn X509_set_version , -.Fn X509_REQ_set_version , -and -.Fn X509_CRL_set_version -return 1 for success or 0 for failure. -In some cases of failure, the reason can be determined with -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr d2i_X509 3 , -.Xr X509_CRL_get0_by_serial 3 , -.Xr X509_CRL_new 3 , -.Xr X509_get_pubkey 3 , -.Xr X509_get_subject_name 3 , -.Xr X509_NAME_add_entry_by_txt 3 , -.Xr X509_NAME_ENTRY_get_object 3 , -.Xr X509_NAME_get_index_by_NID 3 , -.Xr X509_NAME_print_ex 3 , -.Xr X509_new 3 , -.Xr X509_REQ_new 3 , -.Xr X509_sign 3 , -.Xr X509_verify_cert 3 , -.Xr X509V3_get_d2i 3 -.Sh HISTORY -.Fn X509_get_version , -.Fn X509_set_version , -.Fn X509_REQ_get_version , -and -.Fn X509_REQ_set_version -first appeared in SSLeay 0.6.5 and have been available since -.Ox 2.4 . -.Pp -.Fn X509_CRL_get_version -first appeared in OpenSSL 0.9.2b and has been available since -.Ox 2.6 . -.Pp -.Fn X509_CRL_set_version -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/X509_keyid_set1.3 b/src/lib/libcrypto/man/X509_keyid_set1.3 deleted file mode 100644 index c529fc742b..0000000000 --- a/src/lib/libcrypto/man/X509_keyid_set1.3 +++ /dev/null @@ -1,171 +0,0 @@ -.\" $OpenBSD: X509_keyid_set1.3,v 1.2 2021/07/09 14:41:14 tb Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: July 9 2021 $ -.Dt X509_KEYID_SET1 3 -.Os -.Sh NAME -.Nm X509_keyid_set1 , -.Nm X509_keyid_get0 , -.Nm X509_alias_set1 , -.Nm X509_alias_get0 -.Nd auxiliary certificate data for PKCS#12 -.Sh SYNOPSIS -.In openssl/x509.h -.Ft int -.Fo X509_keyid_set1 -.Fa "X509 *x" -.Fa "const unsigned char *data" -.Fa "int len" -.Fc -.Ft unsigned char * -.Fo X509_keyid_get0 -.Fa "X509 *x" -.Fa "int *plen" -.Fc -.Ft int -.Fo X509_alias_set1 -.Fa "X509 *x" -.Fa "const unsigned char *data" -.Fa "int len" -.Fc -.Ft unsigned char * -.Fo X509_alias_get0 -.Fa "X509 *x" -.Fa "int *plen" -.Fc -.Sh DESCRIPTION -These functions store non-standard auxiliary data in -.Fa x -and retrieve it. -.Pp -The -.Fa len -bytes of -.Fa data -stored using -.Fn X509_keyid_set1 -will be written to the -.Sy localKeyID -attribute of the PKCS#12 structure if -.Xr PKCS12_create 3 -is later called on -.Fa x , -and the -.Fa data -stored using -.Fn X509_alias_set1 -will be written to the -.Sy friendlyName -attribute. -If -.Fa data -points to a NUL-terminated string, \-1 can be passed as the -.Fa len -argument to let -.Fa len -be calculated internally using -.Xr strlen 3 . -If a -.Dv NULL -pointer is passed as the -.Fa data -argument, the respective auxiliary data stored in -.Fa x , -if any, is removed from -.Fa x -and freed. -.Pp -Conversely, -.Xr PKCS12_parse 3 -retrieves these attributes from a PKCS#12 structure such that they can -subsequently be accessed with -.Fn X509_keyid_get0 -and -.Fn X509_alias_get0 . -Unless -.Dv NULL -is passed for the -.Fa plen -argument, these functions store the size of the returned buffer in bytes in -.Pf * Fa plen . -After the call, the returned buffer is not necessarily NUL-terminated, -but it may contain internal NUL bytes. -.Pp -API design is very incomplete; given the complexity of PKCS#12, -that's probably an asset rather than a defect. -The PKCS#12 standard defines many attributes that cannot be stored in -.Vt X509 -objects. -.Pp -To associate certificates with alternative names and key identifiers, -X.509 certificate extensions are more commonly used than PKCS#12 -attributes, for example using -.Xr X509_EXTENSION_create_by_NID 3 -with -.Dv NID_subject_alt_name -or -.Dv NID_subject_key_identifier . -.Sh RETURN VALUES -.Fn X509_keyid_set1 -and -.Fn X509_alias_set1 -return 1 if -.Fa data -is -.Dv NULL -or if the input -.Fa data -was successfully copied into -.Fa x , -or 0 if -.Fa data -is not -.Dv NULL -but could not be copied because -.Fa x -is -.Dv NULL -or memory allocation failed. -.Pp -.Fn X509_keyid_get0 -and -.Fn X509_alias_get0 -return an internal pointer to an array of bytes or -.Dv NULL -if -.Fa x -does not contain auxiliary data of the requested kind. -.Sh SEE ALSO -.Xr ASN1_STRING_set 3 , -.Xr X509_CERT_AUX_new 3 , -.Xr X509_EXTENSION_new 3 , -.Xr X509_new 3 , -.Xr X509V3_get_d2i 3 -.Sh HISTORY -.Fn X509_alias_set1 -and -.Fn X509_alias_get0 -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . -.Pp -.Fn X509_keyid_set1 -first appeared in OpenSSL 0.9.6 and has been available since -.Ox 2.9 . -.Pp -.Fn X509_keyid_get0 -first appeared in OpenSSL 0.9.8 and has been available since -.Ox 4.5 . diff --git a/src/lib/libcrypto/man/X509_load_cert_file.3 b/src/lib/libcrypto/man/X509_load_cert_file.3 deleted file mode 100644 index 95a83dd00e..0000000000 --- a/src/lib/libcrypto/man/X509_load_cert_file.3 +++ /dev/null @@ -1,133 +0,0 @@ -.\" $OpenBSD: X509_load_cert_file.3,v 1.1 2021/11/09 16:23:04 schwarze Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: November 9 2021 $ -.Dt X509_LOAD_CERT_FILE 3 -.Os -.Sh NAME -.Nm X509_load_cert_file , -.Nm X509_load_crl_file , -.Nm X509_load_cert_crl_file -.Nd read, decode, and cache certificates and CRLs -.Sh SYNOPSIS -.In openssl/x509_vfy.h -.Ft int -.Fo X509_load_cert_file -.Fa "X509_LOOKUP *ctx" -.Fa "const char *file" -.Fa "int type" -.Fc -.Ft int -.Fo X509_load_crl_file -.Fa "X509_LOOKUP *ctx" -.Fa "const char *file" -.Fa "int type" -.Fc -.Ft int -.Fo X509_load_cert_crl_file -.Fa "X509_LOOKUP *ctx" -.Fa "const char *file" -.Fa "int type" -.Fc -.Sh DESCRIPTION -.Fn X509_load_cert_file -with a -.Fa type -of -.Dv X509_FILETYPE_PEM -reads one or more certificates in PEM format from the given -.Fa file -using -.Xr PEM_read_bio_X509_AUX 3 ; -with a type of -.Dv X509_FILETYPE_ASN1 , -if reads one certificate in DER format using -.Xr d2i_X509_bio 3 . -The certificates read are added to the -.Vt X509_STORE -memory cache object associated with the given -.Fa ctx -using -.Xr X509_STORE_add_cert 3 . -.Pp -.Fn X509_load_crl_file -with a -.Fa type -of -.Dv X509_FILETYPE_PEM -reads one or more certificate revocation lists in PEM format from the given -.Fa file -using -.Xr PEM_read_bio_X509_CRL 3 ; -with a type of -.Dv X509_FILETYPE_ASN1 , -if reads one certificate revocation lists in DER format using -.Xr d2i_X509_CRL_bio 3 . -The certificate revocation lists read are added to the -.Vt X509_STORE -memory cache object associated with the given -.Fa ctx -using -.Xr X509_STORE_add_crl 3 . -.Pp -.Fn X509_load_cert_crl_file -with a -.Fa type -of -.Dv X509_FILETYPE_PEM -read one or more certificates and/or certificate revocation lists -in PEM format from the given -.Fa file -using -.Xr PEM_X509_INFO_read_bio 3 -and adds them to the -.Vt X509_STORE -memory cache object associated with the given -.Fa ctx -using -.Xr X509_STORE_add_cert 3 -and -.Xr X509_STORE_add_crl 3 , -respectively. -.Pp -.Fn X509_load_cert_crl_file -with a -.Fa type -of -.Dv X509_FILETYPE_ASN1 -is equivalent to -.Fn X509_load_cert_file -and cannot be used to read a certificate revocation list. -.Sh RETURN VALUES -These functions return the number of objects loaded or 0 on error. -.Sh SEE ALSO -.Xr d2i_X509_bio 3 , -.Xr PEM_read_PrivateKey 3 , -.Xr X509_LOOKUP_new 3 , -.Xr X509_OBJECT_get0_X509 3 , -.Xr X509_STORE_load_locations 3 , -.Xr X509_STORE_new 3 -.Sh HISTORY -.Fn X509_load_cert_file -first appeared in SSLeay 0.8.0 and -.Fn X509_load_crl_file -in SSLeay 0.9.0. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn X509_load_cert_crl_file -first appeared in OpenSSL 0.9.5 and has been available since -.Ox 2.7 . diff --git a/src/lib/libcrypto/man/X509_new.3 b/src/lib/libcrypto/man/X509_new.3 deleted file mode 100644 index 7b62363d4d..0000000000 --- a/src/lib/libcrypto/man/X509_new.3 +++ /dev/null @@ -1,279 +0,0 @@ -.\" $OpenBSD: X509_new.3,v 1.45 2024/09/02 08:04:32 tb Exp $ -.\" full merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2016, 2018, 2019, 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2002, 2006, 2015, 2016 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: September 2 2024 $ -.Dt X509_NEW 3 -.Os -.Sh NAME -.Nm X509_new , -.Nm X509_dup , -.Nm X509_REQ_to_X509 , -.Nm X509_free , -.Nm X509_up_ref , -.Nm X509_chain_up_ref -.Nd X.509 certificate object -.Sh SYNOPSIS -.In openssl/x509.h -.Ft X509 * -.Fn X509_new void -.Ft X509 * -.Fo X509_dup -.Fa "X509 *a" -.Fc -.Ft X509 * -.Fo X509_REQ_to_X509 -.Fa "X509_REQ *req" -.Fa "int days" -.Fa "EVP_PKEY *pkey" -.Fc -.Ft void -.Fo X509_free -.Fa "X509 *a" -.Fc -.Ft int -.Fo X509_up_ref -.Fa "X509 *a" -.Fc -.Ft STACK_OF(X509) * -.Fo X509_chain_up_ref -.Fa "STACK_OF(X509) *chain" -.Fc -.Sh DESCRIPTION -.Fn X509_new -allocates and initializes an empty -.Vt X509 -object with reference count 1. -It represents an ASN.1 -.Vt Certificate -structure defined in RFC 5280 section 4.1. -It can hold a public key together with information about the person, -organization, device, or function the associated private key belongs to. -.Pp -.Fn X509_dup -creates a deep copy of -.Fa a -using -.Xr ASN1_item_dup 3 , -setting the reference count of the copy to 1. -.Pp -.Fn X509_REQ_to_X509 -allocates a new certificate object, copies the public key from -.Fa req -into it, copies the subject name of -.Fa req -to both the subject and issuer names of the new certificate, sets the -.Fa notBefore -field to the current time and the -.Fa notAfter -field to the given number of -.Fa days -in the future, and signs the new certificate with -.Xr X509_sign 3 -using -.Fa pkey -and the MD5 algorithm. -If -.Fa req -contains at least one attribute, -the version of the new certificate is set to 2. -.Pp -.Fn X509_free -decrements the reference count of the -.Vt X509 -structure -.Fa a -and frees it up if the reference count reaches 0. -If -.Fa a -is a -.Dv NULL -pointer, no action occurs. -.Pp -.Fn X509_up_ref -increments the reference count of -.Fa a -by 1. -This function is useful if a certificate structure is being used -by several different operations each of which will free it up after -use: this avoids the need to duplicate the entire certificate -structure. -.Pp -.Fn X509_chain_up_ref -performs a shallow copy of the given -.Fa chain -using -.Fn sk_X509_dup -and increments the reference count of each contained certificate -by 1. -Its purpose is similar to -.Fn X509_up_ref : -The returned chain persists after the original is freed. -.Sh RETURN VALUES -.Fn X509_new , -.Fn X509_dup , -and -.Fn X509_REQ_to_X509 -return a pointer to the newly allocated object or -.Dv NULL -if an error occurs; an error code can be obtained by -.Xr ERR_get_error 3 . -.Pp -.Fn X509_up_ref -returns 1 for success or 0 for failure. -.Pp -.Fn X509_chain_up_ref -returns the copy of the -.Fa chain -or -.Dv NULL -if an error occurs. -.Sh SEE ALSO -.Xr ASIdentifiers_new 3 , -.Xr ASRange_new 3 , -.Xr AUTHORITY_KEYID_new 3 , -.Xr BASIC_CONSTRAINTS_new 3 , -.Xr crypto 3 , -.Xr d2i_X509 3 , -.Xr IPAddressRange_new 3 , -.Xr PKCS8_PRIV_KEY_INFO_new 3 , -.Xr X509_ALGOR_new 3 , -.Xr X509_ATTRIBUTE_new 3 , -.Xr X509_check_ca 3 , -.Xr X509_check_host 3 , -.Xr X509_check_issued 3 , -.Xr X509_check_private_key 3 , -.Xr X509_check_purpose 3 , -.Xr X509_CINF_new 3 , -.Xr X509_cmp 3 , -.Xr X509_CRL_new 3 , -.Xr X509_digest 3 , -.Xr X509_EXTENSION_new 3 , -.Xr X509_find_by_subject 3 , -.Xr X509_get0_notBefore 3 , -.Xr X509_get0_signature 3 , -.Xr X509_get1_email 3 , -.Xr X509_get_ex_new_index 3 , -.Xr X509_get_extension_flags 3 , -.Xr X509_get_pubkey 3 , -.Xr X509_get_pubkey_parameters 3 , -.Xr X509_get_serialNumber 3 , -.Xr X509_get_subject_name 3 , -.Xr X509_get_version 3 , -.Xr X509_INFO_new 3 , -.Xr X509_load_cert_file 3 , -.Xr X509_LOOKUP_hash_dir 3 , -.Xr X509_LOOKUP_new 3 , -.Xr X509_NAME_new 3 , -.Xr X509_OBJECT_new 3 , -.Xr X509_PKEY_new 3 , -.Xr X509_print_ex 3 , -.Xr X509_PUBKEY_new 3 , -.Xr X509_PURPOSE_set 3 , -.Xr X509_REQ_new 3 , -.Xr X509_SIG_new 3 , -.Xr X509_sign 3 , -.Xr X509_STORE_CTX_new 3 , -.Xr X509_STORE_get_by_subject 3 , -.Xr X509_STORE_new 3 , -.Xr X509v3_addr_add_inherit 3 , -.Xr X509v3_addr_get_range 3 , -.Xr X509v3_addr_inherits 3 , -.Xr X509v3_addr_subset 3 , -.Xr X509v3_addr_validate_path 3 , -.Xr X509v3_asid_add_id_or_range 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile -.Sh HISTORY -.Fn X509_new -and -.Fn X509_free -appeared in SSLeay 0.4 or earlier, -.Fn X509_dup -in SSLeay 0.4.4, and -.Fn X509_REQ_to_X509 -in SSLeay 0.6.0 . -These functions have been available since -.Ox 2.4 . -.Pp -.Fn X509_up_ref -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 6.1 . -.Pp -.Fn X509_chain_up_ref -first appeared in OpenSSL 1.0.2 and has been available since -.Ox 6.3 . -.Sh BUGS -The X.509 public key infrastructure and its data types contain too -many design bugs to list them. -For lots of examples, see the classic -.Lk https://www.cs.auckland.ac.nz/~pgut001/pubs/x509guide.txt\ - "X.509 Style Guide" -that -.An Peter Gutmann -published in 2000. diff --git a/src/lib/libcrypto/man/X509_ocspid_print.3 b/src/lib/libcrypto/man/X509_ocspid_print.3 deleted file mode 100644 index b9b6c92fbb..0000000000 --- a/src/lib/libcrypto/man/X509_ocspid_print.3 +++ /dev/null @@ -1,58 +0,0 @@ -.\" $OpenBSD: X509_ocspid_print.3,v 1.1 2021/08/06 21:45:55 schwarze Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: August 6 2021 $ -.Dt X509_OCSPID_PRINT 3 -.Os -.Sh NAME -.Nm X509_ocspid_print -.Nd pretty-print hashes of subject name and public key -.Sh SYNOPSIS -.In openssl/x509.h -.Ft int -.Fo X509_ocspid_print -.Fa "BIO *bio" -.Fa "X509 *issuer" -.Fc -.Sh DESCRIPTION -.Fn X509_ocspid_print -produces human-readable output to -.Fa bio -containing hexadecimal representations of SHA-1 hashes of the -DER-encoded forms of the subject name and the public key of the -.Fa issuer -certificate, as these hashes appear in OCSP requests. -.Sh RETURN VALUES -.Fn X509_ocspid_print -returns 1 for success or 0 for failure. -.Sh EXAMPLES -This function is used by the -.Fl ocspid -flag of the -.Xr openssl 1 -.Cm x509 -command. -.Sh SEE ALSO -.Xr EVP_sha1 3 , -.Xr i2d_X509_NAME 3 , -.Xr OCSP_cert_to_id 3 , -.Xr OCSP_REQUEST_new 3 , -.Xr X509_get_pubkey 3 , -.Xr X509_get_subject_name 3 -.Sh HISTORY -.Fn X509_ocspid_print -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/X509_print_ex.3 b/src/lib/libcrypto/man/X509_print_ex.3 deleted file mode 100644 index c769e77c32..0000000000 --- a/src/lib/libcrypto/man/X509_print_ex.3 +++ /dev/null @@ -1,279 +0,0 @@ -.\" $OpenBSD: X509_print_ex.3,v 1.5 2025/03/09 14:02:46 tb Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 9 2025 $ -.Dt X509_PRINT_EX 3 -.Os -.Sh NAME -.Nm X509_print_ex , -.Nm X509_CERT_AUX_print , -.Nm X509_print_ex_fp , -.Nm X509_print , -.Nm X509_print_fp -.Nd pretty-print an X.509 certificate -.Sh SYNOPSIS -.In openssl/x509.h -.Ft int -.Fo X509_print_ex -.Fa "BIO *bio" -.Fa "X509 *x" -.Fa "unsigned long nameflags" -.Fa "unsigned long skipflags" -.Fc -.Ft int -.Fo X509_CERT_AUX_print -.Fa "BIO *bio" -.Fa "X509_CERT_AUX *aux" -.Fa "int indent" -.Fc -.Ft int -.Fo X509_print_ex_fp -.Fa "FILE *fp" -.Fa "X509 *x" -.Fa "unsigned long nameflags" -.Fa "unsigned long skipflags" -.Fc -.Ft int -.Fo X509_print -.Fa "BIO *bio" -.Fa "X509 *x" -.Fc -.Ft int -.Fo X509_print_fp -.Fa "FILE *fp" -.Fa "X509 *x" -.Fc -.Sh DESCRIPTION -.Fn X509_print_ex -prints information contained in -.Fa x -to -.Fa bio -in human-readable form. -Printing is aborted as soon as any operation fails, with the exception -that failures while attempting to decode or print the public key, -the X.509 version 3 extensions, or non-standard auxiliary data are -not considered as errors. -.Pp -By default, the following blocks of information are printed -in the following order. -Each block can be skipped by setting the corresponding bit in -.Fa skipflags , -provided in parentheses after each block description. -.Bl -bullet -.It -A pair of lines reading -.Qq Certificate:\& -and -.Qq Data:\& -containing no information. -.Pq Dv X509_FLAG_NO_HEADER -.It -The certificate version number as defined by the standard, -followed in parentheses by the value contained in the version field -in hexadecimal notation. -See -.Xr X509_get_version 3 -for details. -.Pq Dv X509_FLAG_NO_VERSION -.It -The serial number of the certificate as returned by -.Xr X509_get_serialNumber 3 . -If it is not \-1 and converting it to -.Vt long -succeeds, it is printed in both decimal and hexadecimal format. -If it is \-1, too wide to fit in -.Vt long , -or conversion fails, it is printed byte-by-byte in hexadecimal notation. -.Pq Dv X509_FLAG_NO_SERIAL -.It -The name of the signature algorithm is printed with -.Xr X509_signature_print 3 . -.Pq Dv X509_FLAG_NO_SIGNAME -.It -The issuer name returned by -.Xr X509_get_issuer_name 3 -is printed with -.Xr X509_NAME_print_ex 3 . -.Pq Dv X509_FLAG_NO_ISSUER -.It -The validity period from -.Xr X509_get_notBefore 3 -to -.Xr X509_get_notAfter 3 -is printed using -.Xr ASN1_TIME_print 3 . -.Pq Dv X509_FLAG_NO_VALIDITY -.It -The subject name returned from -.Xr X509_get_subject_name 3 -is printed with -.Xr X509_NAME_print_ex 3 . -.Pq Dv X509_FLAG_NO_SUBJECT -.It -The public key algorithm is printed with -.Xr i2a_ASN1_OBJECT 3 , -and the public key returned from -.Xr X509_get_pubkey 3 -with -.Xr EVP_PKEY_print_public 3 . -.Pq Dv X509_FLAG_NO_PUBKEY -.It -All X.509 extensions contained in the certificate are printed with -.Xr X509V3_extensions_print 3 . -.Pq Dv X509_FLAG_NO_EXTENSIONS -.It -The signature is printed with -.Xr X509_signature_print 3 . -.Pq Dv X509_FLAG_NO_SIGDUMP -.It -Non-standard auxiliary data associated with the certificate is printed -using the function -.Fn X509_CERT_AUX_print -documented below. -.Pq Dv X509_FLAG_NO_AUX -.El -.Pp -The -.Fa nameflags -argument modifies the format for printing X.501 -.Vt Name -objects contained in -.Fa x . -It is passed through to -.Xr X509_NAME_print_ex 3 . -If -.Fa nameflags -is -.Dv X509_FLAG_COMPAT , -the -.Fa indent -argument of -.Xr X509_NAME_print_ex 3 -is set to 16 spaces and the traditional SSLeay format is used. -Otherwise, if the only bit set in -.Dv XN_FLAG_SEP_MASK -is -.Dv XN_FLAG_SEP_MULTILINE , -.Fa indent -is set to 12 spaces. -Otherwise, -.Fa indent -is set to zero. -.Pp -.Fn X509_CERT_AUX_print -prints information contained in -.Fa aux -to -.Fa bio -in human-readable form with a left margin of -.Fa indent -spaces. -If -.Fa aux -is -.Dv NULL , -it prints nothing. -.Pp -Information is printed in the following order: -.Bl -bullet -.It -Purposes the certificate is intended to be used for as set with -.Xr X509_add1_trust_object 3 , -each printed with -.Xr OBJ_obj2txt 3 . -.It -Purposes the certificate is explicitly -.Em not -intended to be used for as set with -.Xr X509_add1_reject_object 3 , -again each printed with -.Xr OBJ_obj2txt 3 . -.It -If -.Fa aux -contains data set with -.Xr X509_alias_set1 3 , -the raw bytes are printed in unencoded form. -.It -If -.Fa aux -contains data set with -.Xr X509_keyid_set1 3 , -the bytes are printed in hexadecimal notation with colons in between. -.El -.Pp -.Fn X509_print_ex_fp -is similar to -.Fn X509_print_ex -except that it prints to -.Fa fp . -.Pp -.Fn X509_print -and -.Fn X509_print_fp -are wrapper functions setting the -.Fa nameflags -to -.Dv XN_FLAG_COMPAT -and the -.Fa skipflags -to -.Dv X509_FLAG_COMPAT . -.Sh RETURN VALUES -.Fn X509_print_ex , -.Fn X509_print_ex_fp , -.Fn X509_print , -and -.Fn X509_print_fp -return 1 if all requested information was successfully printed, -even if failures occurred while attempting to decode or print the -public key or X.509 version 3 extensions, or 0 if any other operation -failed. -.Pp -.Fn X509_CERT_AUX_print -always returns 1 and silently ignores write errors. -.Sh SEE ALSO -.Xr BIO_new 3 , -.Xr X509_CERT_AUX_new 3 , -.Xr X509_CRL_print 3 , -.Xr X509_new 3 , -.Xr X509_REQ_print_ex 3 -.Sh HISTORY -.Fn X509_print -first appeared in SSLeay 0.5.1 and was changed to print to a -.Vt BIO -in SSLeay 0.6.0. -.Fn X509_print_fp -first appeared in SSLeay 0.6.0. -Both functions have been available since -.Ox 2.4 . -.Pp -.Fn X509_CERT_AUX_print -first appeared in OpenSSL 0.9.5 and has been available since -.Ox 2.7 . -.Pp -.Fn X509_print_ex -and -.Fn X509_print_ex_fp -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Sh BUGS -If arbitrary data was stored into -.Fa x -using -.Xr X509_alias_set1 3 , -these functions may print binary data and even NUL bytes. diff --git a/src/lib/libcrypto/man/X509_sign.3 b/src/lib/libcrypto/man/X509_sign.3 deleted file mode 100644 index 059d92bac5..0000000000 --- a/src/lib/libcrypto/man/X509_sign.3 +++ /dev/null @@ -1,209 +0,0 @@ -.\" $OpenBSD: X509_sign.3,v 1.11 2024/03/06 02:34:14 tb Exp $ -.\" full merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2015, 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 6 2024 $ -.Dt X509_SIGN 3 -.Os -.Sh NAME -.Nm X509_sign , -.Nm X509_sign_ctx , -.Nm X509_verify , -.Nm X509_REQ_sign , -.Nm X509_REQ_sign_ctx , -.Nm X509_REQ_verify , -.Nm X509_CRL_sign , -.Nm X509_CRL_sign_ctx , -.Nm X509_CRL_verify -.Nd sign or verify certificate, certificate request, or CRL signature -.Sh SYNOPSIS -.In openssl/x509.h -.Ft int -.Fo X509_sign -.Fa "X509 *x" -.Fa "EVP_PKEY *pkey" -.Fa "const EVP_MD *md" -.Fc -.Ft int -.Fo X509_sign_ctx -.Fa "X509 *x" -.Fa "EVP_MD_CTX *ctx" -.Fc -.Ft int -.Fo X509_verify -.Fa "X509 *a" -.Fa "EVP_PKEY *r" -.Fc -.Ft int -.Fo X509_REQ_sign -.Fa "X509_REQ *x" -.Fa "EVP_PKEY *pkey" -.Fa "const EVP_MD *md" -.Fc -.Ft int -.Fo X509_REQ_sign_ctx -.Fa "X509_REQ *x" -.Fa "EVP_MD_CTX *ctx" -.Fc -.Ft int -.Fo X509_REQ_verify -.Fa "X509_REQ *a" -.Fa "EVP_PKEY *r" -.Fc -.Ft int -.Fo X509_CRL_sign -.Fa "X509_CRL *x" -.Fa "EVP_PKEY *pkey" -.Fa "const EVP_MD *md" -.Fc -.Ft int -.Fo X509_CRL_sign_ctx -.Fa "X509_CRL *x" -.Fa "EVP_MD_CTX *ctx" -.Fc -.Ft int -.Fo X509_CRL_verify -.Fa "X509_CRL *a" -.Fa "EVP_PKEY *r" -.Fc -.Sh DESCRIPTION -.Fn X509_sign -signs the certificate -.Fa x -using the private key -.Fa pkey -and the message digest -.Fa md -and sets the signature in -.Fa x . -.Fn X509_sign_ctx -also signs the certificate -.Fa x -but uses the parameters contained in digest context -.Fa ctx . -.Pp -.Fn X509_verify -verifies the signature of certificate -.Fa x -using the public key -.Fa pkey . -Only the signature is checked: no other checks (such as certificate -chain validity) are performed. -.Pp -.Fn X509_REQ_sign , -.Fn X509_REQ_sign_ctx , -.Fn X509_REQ_verify , -.Fn X509_CRL_sign , -.Fn X509_CRL_sign_ctx , -and -.Fn X509_CRL_verify -sign and verify certificate requests and CRLs, respectively. -.Pp -.Fn X509_sign_ctx -is used where the default parameters for the corresponding public key -and digest are not suitable. -It can be used to sign keys using RSA-PSS for example. -.Sh RETURN VALUES -.Fn X509_sign , -.Fn X509_sign_ctx , -.Fn X509_REQ_sign , -.Fn X509_REQ_sign_ctx , -.Fn X509_CRL_sign , -and -.Fn X509_CRL_sign_ctx -return the size of the signature in bytes for success or 0 for failure. -.Pp -.Fn X509_verify , -.Fn X509_REQ_verify , -and -.Fn X509_CRL_verify -return 1 if the signature is valid or 0 if the signature check fails. -If the signature could not be checked at all because it was invalid or -some other error occurred, then -1 is returned. -.Pp -In some cases of failure, the reason can be determined with -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr d2i_X509 3 , -.Xr EVP_DigestInit 3 , -.Xr X509_CRL_get0_by_serial 3 , -.Xr X509_CRL_new 3 , -.Xr X509_get_pubkey 3 , -.Xr X509_get_subject_name 3 , -.Xr X509_get_version 3 , -.Xr X509_NAME_add_entry_by_txt 3 , -.Xr X509_NAME_ENTRY_get_object 3 , -.Xr X509_NAME_get_index_by_NID 3 , -.Xr X509_NAME_print_ex 3 , -.Xr X509_new 3 , -.Xr X509_REQ_new 3 , -.Xr X509_verify_cert 3 , -.Xr X509V3_get_d2i 3 -.Sh HISTORY -.Fn X509_verify -appeared in SSLeay 0.4 or earlier. -.Fn X509_sign -and -.Fn X509_REQ_sign -first appeared in SSLeay 0.4.4. -.Fn X509_REQ_verify -and -.Fn X509_CRL_verify -first appeared in SSLeay 0.4.5b. -.Fn X509_CRL_sign -first appeared in SSLeay 0.5.1. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn X509_sign_ctx , -.Fn X509_REQ_sign_ctx , -and -.Fn X509_CRL_sign_ctx -first appeared in OpenSSL 1.0.1 and have been available since -.Ox 5.3 . diff --git a/src/lib/libcrypto/man/X509_signature_dump.3 b/src/lib/libcrypto/man/X509_signature_dump.3 deleted file mode 100644 index 3333a615bf..0000000000 --- a/src/lib/libcrypto/man/X509_signature_dump.3 +++ /dev/null @@ -1,85 +0,0 @@ -.\" $OpenBSD: X509_signature_dump.3,v 1.3 2024/12/06 12:51:13 schwarze Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: December 6 2024 $ -.Dt X509_SIGNATURE_DUMP 3 -.Os -.Sh NAME -.Nm X509_signature_dump , -.Nm X509_signature_print -.Nd pretty-print ASN.1 strings -.Sh SYNOPSIS -.In openssl/x509.h -.Ft int -.Fo X509_signature_dump -.Fa "BIO *bio" -.Fa "const ASN1_STRING *signature" -.Fa "int indent" -.Fc -.Ft int -.Fo X509_signature_print -.Fa "BIO *bio" -.Fa "const X509_ALGOR *algorithm" -.Fa "const ASN1_STRING *signature" -.Fc -.Sh DESCRIPTION -.Fn X509_signature_dump -writes the data bytes contained in the -.Fa signature -to -.Fa bio -in hexadecimal format with colons between bytes, -18 bytes per output line, each line indented with -.Fa indent -space characters. -.Pp -.Fn X509_signature_print -writes the name of the signature -.Fa algorithm , -or, if no name for it is known, its object identifier (OID) to -.Fa bio -using -.Xr i2a_ASN1_OBJECT 3 . -After that, if a method object for the algorithm can be retrieved with -.Xr EVP_PKEY_asn1_find 3 -and if that object defines a printing method, that printing method is -used to print the -.Fa signature . -Otherwise, unless the -.Fa signature -is -.Dv NULL , -it is printed using -.Fn X509_signature_dump . -.Sh RETURN VALUES -These functions return 1 on success or 0 on failure. -They fail and return as soon as any write operation fails. -.Sh SEE ALSO -.Xr ASN1_STRING_new 3 , -.Xr ASN1_STRING_print_ex 3 , -.Xr BIO_new 3 , -.Xr EVP_PKEY_asn1_find 3 , -.Xr OBJ_find_sigid_algs 3 , -.Xr X509_ALGOR_new 3 , -.Xr X509_get0_signature 3 -.Sh HISTORY -.Fn X509_signature_print -first appeared in OpenSSL 0.9.7 and has been available since -.Ox 3.2 . -.Pp -.Fn X509_signature_dump -first appeared in OpenSSL 1.0.1 and has been available since -.Ox 5.3 . diff --git a/src/lib/libcrypto/man/X509_verify_cert.3 b/src/lib/libcrypto/man/X509_verify_cert.3 deleted file mode 100644 index 9c085d7780..0000000000 --- a/src/lib/libcrypto/man/X509_verify_cert.3 +++ /dev/null @@ -1,93 +0,0 @@ -.\" $OpenBSD: X509_verify_cert.3,v 1.8 2019/06/06 01:06:59 schwarze Exp $ -.\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2009, 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: June 6 2019 $ -.Dt X509_VERIFY_CERT 3 -.Os -.Sh NAME -.Nm X509_verify_cert -.Nd discover and verify X509 certificate chain -.Sh SYNOPSIS -.In openssl/x509.h -.Ft int -.Fo X509_verify_cert -.Fa "X509_STORE_CTX *ctx" -.Fc -.Sh DESCRIPTION -The -.Fn X509_verify_cert -function attempts to discover and validate a certificate chain based on -parameters in -.Fa ctx . -.Pp -Applications rarely call this function directly, but it is used by -OpenSSL internally for certificate validation, in both the S/MIME and -SSL/TLS code. -.Sh RETURN VALUES -If a complete chain can be built and validated this function returns 1, -otherwise it returns a value <= 0 indicating failure. -.Pp -Additional error information can be obtained by examining -.Fa ctx , -using -.Xr X509_STORE_CTX_get_error 3 . -.Sh SEE ALSO -.Xr openssl 1 , -.Xr X509_STORE_CTX_get_error 3 , -.Xr X509_STORE_CTX_new 3 -.Sh HISTORY -.Fn X509_verify_cert -first appeared in SSLeay 0.8.0 and has been available since -.Ox 2.4 . -.Sh BUGS -This function uses the header -.In openssl/x509.h -as opposed to most chain verification functions which use -.In openssl/x509_vfy.h . diff --git a/src/lib/libcrypto/man/X509v3_addr_add_inherit.3 b/src/lib/libcrypto/man/X509v3_addr_add_inherit.3 deleted file mode 100644 index 4b2d150c86..0000000000 --- a/src/lib/libcrypto/man/X509v3_addr_add_inherit.3 +++ /dev/null @@ -1,475 +0,0 @@ -.\" $OpenBSD: X509v3_addr_add_inherit.3,v 1.11 2023/10/01 22:46:21 tb Exp $ -.\" -.\" Copyright (c) 2023 Theo Buehler -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: October 1 2023 $ -.Dt X509V3_ADDR_ADD_INHERIT 3 -.Os -.Sh NAME -.Nm X509v3_addr_add_inherit , -.Nm X509v3_addr_add_prefix , -.Nm X509v3_addr_add_range , -.Nm X509v3_addr_canonize , -.Nm X509v3_addr_is_canonical -.Nd RFC 3779 IP address delegation extensions -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft int -.Fo X509v3_addr_add_inherit -.Fa "IPAddrBlocks *addrblocks" -.Fa "const unsigned afi" -.Fa "const unsigned *safi" -.Fc -.Ft int -.Fo X509v3_addr_add_prefix -.Fa "IPAddrBlocks *addrblocks" -.Fa "const unsigned afi" -.Fa "const unsigned *safi" -.Fa "unsigned char *prefix" -.Fa "const int prefixlen" -.Fc -.Ft int -.Fo X509v3_addr_add_range -.Fa "IPAddrBlocks *addrblocks" -.Fa "const unsigned afi" -.Fa "const unsigned *safi" -.Fa "unsigned char *min" -.Fa "unsigned char *max" -.Fc -.Ft int -.Fo X509v3_addr_canonize -.Fa "IPAddrBlocks *addrblocks" -.Fc -.Ft int -.Fo X509v3_addr_is_canonical -.Fa "IPAddrBlocks *addrblocks" -.Fc -.Sh DESCRIPTION -An -.Vt IPAddrBlocks -object represents the content of -an IP address delegation extension -as defined in RFC 3779, section 2.2.3.1. -It holds lists of IP address prefixes and IP address ranges -delegated from the issuer to the subject of the certificate. -It can be instantiated as explained in the EXAMPLES section -and its internals are documented in -.Xr IPAddressRange_new 3 . -.Pp -Each list in a well-formed -.Vt IPAddrBlocks -object is uniquely identified by -an address family identifier (AFI) and -an optional subsequent address family identifier (SAFI). -Lists can be absent or can contain an -.Dq inherit -marker to indicate that the resources are to be inherited -from the corresponding list of the issuer certificate. -.Pp -Per specification, an AFI is an unsigned 16-bit integer and -a SAFI is an unsigned 8-bit integer. -For IPv4 and IPv6 there are the predefined constants -.Dv IANA_AFI_IPV4 -and -.Dv IANA_AFI_IPV6 , -which should be the only values used for -.Fa afi -in this API. -In practice, -.Fa safi -is always NULL. -.Fa afi -is generally silently truncated to its lowest 16 bits and, if -.Fa safi -is non-NULL, -only the lowest 8 bits of the value pointed at are used. -.Pp -.Fn X509v3_addr_add_inherit -adds a list with an -.Dq inherit -marker to -.Fa addrblocks . -If a list corresponding to -.Fa afi -and -.Fa safi -already exists, no action occurs if it is marked -.Dq inherit , -otherwise the call fails. -.Pp -.Fn X509v3_addr_add_prefix -adds a newly allocated internal representation of the -.Fa prefix -of length -.Fa prefixlen -to the list corresponding to -.Fa afi -and the optional -.Fa safi -in -.Fa addrblocks . -If no such list exists, it is created first. -If the list exists and is marked -.Dq inherit , -the call fails. -.Fa prefix -is expected to be a byte array in network byte order. -It should point at enough memory to accommodate -.Fa prefixlen -bits and it is recommended that all the bits not covered by the -.Fa prefixlen -be set to 0. -It is the caller's responsibility to ensure that the -.Fa prefix -has no address in common with any of -the prefixes or ranges already in the list. -If -.Fa afi -is -.Dv IANA_AFI_IPV4 , -.Fa prefixlen -should be between 0 and 32 (inclusive) and if -.Fa afi -is -.Dv IANA_AFI_IPV6 , -.Fa prefixlen -should be between 0 and 128 (inclusive). -.Pp -.Fn X509v3_addr_add_range -is similar to -.Fn X509v3_addr_add_prefix -for the closed interval of IP addresses between -.Fa min -and -.Fa max -in network presentation. -If -.Fa afi -is -.Dv IANA_AFI_IPV4 , -.Fa min -and -.Fa max -should point at 4 bytes of memory -and if -.Fa afi -is -.Dv IANA_AFI_IPV6 , -.Fa min -and -.Fa max -should point at 16 bytes of memory. -In case the range of IP addresses between -.Fa min -and -.Fa max -is a prefix, a prefix will be added instead of a range. -It is the caller's responsibility to ensure that -.Fa min -is less than or equal to -.Fa max -and that it does not contain any address already present -in the list. -Failure to do so will result in a subsequent failure of -.Fn X509v3_addr_canonize . -.Pp -.Fn X509v3_addr_canonize -attempts to bring the -.Pf non- Dv NULL -.Fa addrblocks -into canonical form. -An -.Vt IPAddrBlocks -object is said to be in canonical form if it conforms -to the ordering specified in RFC 3779: -section 2.2.3.3 requires that -the list of lists be sorted first by increasing -.Fa afi -and then by increasing -.Fa safi , -where NULL is the minimal SAFI; -section 2.2.3.6 requires that each list be in minimal form and sorted. -The minimality requirement is that all adjacent prefixes -and ranges must be merged into a single range and that each -range must be expressed as a prefix, if possible. -In particular, any given address can be in at most one list entry. -The order is by increasing minimal IP address in network byte order. -.Pp -.Fn X509v3_addr_is_canonical -indicates whether -.Fa addrblocks -is in canonical form. -.Sh RETURN VALUES -All these functions return 1 on success and 0 on failure. -Memory allocation failure is one possible reason for all of them. -Sometimes an error code can be obtained by -.Xr ERR_get_error 3 . -.Pp -.Fn X509v3_addr_add_inherit -fails if the list corresponding to -.Fa afi -and the optional -.Fa safi -already exists and is not marked -.Dq inherit . -.Pp -.Fn X509v3_addr_add_prefix -and -.Fn X509v3_addr_add_range -fail if a list corresponding to -.Fa afi -and the optional -.Fa safi -already exists and is marked -.Dq inherit , -or if -.Fa prefixlen -is outside the interval [0,32] for IPv4 addresses -or [0,128] for IPv6 addresses. -.Pp -.Fn X509v3_addr_canonize -fails if one of the lists in -.Fa addrblocks -is malformed, -in particular if it contains corrupt, overlapping, -or duplicate entries. -Corruption includes ranges where -.Fa max -is strictly smaller than -.Fa min . -The error conditions are generally indistinguishable. -.Pp -.Fn X509v3_addr_is_canonical -returns 1 if -.Fa addrblocks -is in canonical form. -A return value of 0 can indicate non-canonical form or a corrupted list. -.Sh EXAMPLES -Construct the first extension from RFC 3779, Appendix B. -.Bd -literal -#include -#include - -#include -#include -#include - -#include -#include -#include -#include - -const char *prefixes[] = { - "10.0.32/20", "10.0.64/24", "10.1/16", - "10.2.48/20", "10.2.64/24", "10.3/16", -}; -#define N_PREFIXES (sizeof(prefixes) / sizeof(prefixes[0])) - -static void -hexdump(const unsigned char *buf, size_t len) -{ - size_t i; - - for (i = 1; i <= len; i++) - printf(" 0x%02x,%s", buf[i \- 1], i % 8 ? "" : "\en"); - if (len % 8) - printf("\en"); -} - -int -main(void) -{ - IPAddrBlocks *addrblocks; - X509_EXTENSION *ext; - unsigned char *der; - int der_len; - size_t i; - - if (pledge("stdio", NULL) == \-1) - err(1, "pledge"); - - /* - * Somebody forgot to implement IPAddrBlocks_new(). IPAddrBlocks - * is the same as STACK_OF(IPAddressFamily). As such, it should - * have IPAddressFamily_cmp() as its comparison function. It is - * not possible to call sk_new(3) because IPAddressFamily_cmp() - * is not part of the public API. The correct comparison function - * can be installed as a side-effect of X509v3_addr_canonize(3). - */ - if ((addrblocks = sk_IPAddressFamily_new_null()) == NULL) - err(1, "sk_IPAddressFamily_new_null"); - if (!X509v3_addr_canonize(addrblocks)) - errx(1, "X509v3_addr_canonize"); - - /* Add the prefixes as IPv4 unicast. */ - for (i = 0; i < N_PREFIXES; i++) { - unsigned char addr[16] = {0}; - int len; - int unicast = 1; /* SAFI for unicast forwarding. */ - - len = inet_net_pton(AF_INET, prefixes[i], addr, - sizeof(addr)); - if (len == \-1) - errx(1, "inet_net_pton(%s)", prefixes[i]); - if (!X509v3_addr_add_prefix(addrblocks, IANA_AFI_IPV4, - &unicast, addr, len)) - errx(1, "X509v3_addr_add_prefix(%s)", prefixes[i]); - } - if (!X509v3_addr_add_inherit(addrblocks, IANA_AFI_IPV6, NULL)) - errx(1, "X509v3_addr_add_inherit"); - - /* - * Ensure the extension is in canonical form. Otherwise the two - * adjacent prefixes 10.2.48/20 and 10.2.64/24 are not merged into - * the range 10.2.48.0--10.2.64.255. This results in invalid DER - * encoding from X509V3_EXT_i2d(3) and i2d_X509_EXTENSION(3). - */ - if (!X509v3_addr_canonize(addrblocks)) - errx(1, "X509v3_addr_canonize"); - - /* Create the extension with the correct OID; mark it critical. */ - ext = X509V3_EXT_i2d(NID_sbgp_ipAddrBlock, 1, addrblocks); - if (ext == NULL) - errx(1, "X509V3_EXT_i2d"); - - der = NULL; - if ((der_len = i2d_X509_EXTENSION(ext, &der)) <= 0) - errx(1, "i2d_X509_EXTENSION"); - - hexdump(der, der_len); - - /* One way of implementing IPAddrBlocks_free(). */ - sk_IPAddressFamily_pop_free(addrblocks, IPAddressFamily_free); - X509_EXTENSION_free(ext); - free(der); - - return 0; -} -.Ed -.Pp -Implement the missing public API -.Fn d2i_IPAddrBlocks -and -.Fn i2d_IPAddrBlocks -using -.Xr ASN1_item_d2i 3 : -.Bd -literal -IPAddrBlocks * -d2i_IPAddrBlocks(IPAddrBlocks **addrblocks, const unsigned char **in, - long len) -{ - const X509V3_EXT_METHOD *v3_addr; - - if ((v3_addr = X509V3_EXT_get_nid(NID_sbgp_ipAddrBlock)) == NULL) - return NULL; - return (IPAddrBlocks *)ASN1_item_d2i((ASN1_VALUE **)addrblocks, - in, len, ASN1_ITEM_ptr(v3_addr\->it)); -} - -int -i2d_IPAddrBlocks(IPAddrBlocks *addrblocks, unsigned char **out) -{ - const X509V3_EXT_METHOD *v3_addr; - - if ((v3_addr = X509V3_EXT_get_nid(NID_sbgp_ipAddrBlock)) == NULL) - return \-1; - return ASN1_item_i2d((ASN1_VALUE *)addrblocks, out, - ASN1_ITEM_ptr(v3_addr\->it)); -} -.Ed -.Pp -The use of the undocumented macro -.Dv ASN1_ITEM_ptr() -is necessary if compatibility with modern versions of other implementations -is desired. -.Sh SEE ALSO -.Xr ASIdentifiers_new 3 , -.Xr crypto 3 , -.Xr inet_net_ntop 3 , -.Xr inet_ntop 3 , -.Xr IPAddressRange_new 3 , -.Xr X509_new 3 , -.Xr X509v3_addr_get_range 3 , -.Xr X509v3_addr_validate_path 3 , -.Xr X509v3_asid_add_id_or_range 3 -.Sh STANDARDS -RFC 3779: X.509 Extensions for IP Addresses and AS Identifiers: -.Bl -dash -compact -.It -section 2: IP Address delegation extension -.El -.Pp -RFC 7020: The Internet Numbers Registry System -.Pp -RFC 7249: Internet Number Registries -.Pp -.Rs -.%T Address Family Numbers -.%U https://www.iana.org/assignments/address\-family\-numbers -.Re -.Pp -.Rs -.%T Subsequent Address Family Identifiers (SAFI) Parameters -.%U https://www.iana.org/assignments/safi\-namespace -.Re -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.8e -and have been available since -.Ox 7.1 . -.Sh BUGS -.Fn IPAddrBlocks_new , -.Fn IPAddrBlocks_free , -.Fn d2i_IPAddrBlocks , -and -.Fn i2d_IPAddrBlocks -do not exist and -.Fa IPAddrBlocks_it -is not public. -The above examples show how to implement the four missing functions -with public API. -.Pp -.Fn X509v3_addr_add_range -should check for inverted range bounds and overlaps -on insertion and fail instead of creating a nonsensical -.Fa addrblocks -that fails to be canonized by -.Fn X509v3_addr_canonize . -.Pp -If -.Dv NULL -is passed to -.Xr X509v3_asid_canonize 3 , -it succeeds. -.Fn X509v3_addr_is_canonical -considers -.Dv NULL -to be a canonical -.Vt IPAddrBlocks . -In contrast, -.Fn X509v3_addr_canonize -crashes with a -.Dv NULL -dereference. -.Pp -The code only supports the IPv4 and IPv6 AFIs. -This is not consistently enforced across implementations. -.Pp -.Fn X509v3_addr_add_range -fails to clear the unused bits set to 1 in the last octet of -the -.Vt ASN1_BIT_STRING -representation of -.Fa max . -This confuses some software. diff --git a/src/lib/libcrypto/man/X509v3_addr_get_range.3 b/src/lib/libcrypto/man/X509v3_addr_get_range.3 deleted file mode 100644 index e0d83b1162..0000000000 --- a/src/lib/libcrypto/man/X509v3_addr_get_range.3 +++ /dev/null @@ -1,132 +0,0 @@ -.\" $OpenBSD: X509v3_addr_get_range.3,v 1.2 2023/09/30 14:12:40 schwarze Exp $ -.\" -.\" Copyright (c) 2023 Theo Buehler -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: September 30 2023 $ -.Dt X509V3_ADDR_GET_RANGE 3 -.Os -.Sh NAME -.Nm X509v3_addr_get_afi , -.Nm X509v3_addr_get_range -.Nd parse helpers for the IP address delegation extension -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft unsigned -.Fn X509v3_addr_get_afi "const IPAddressFamily *af" -.Ft int -.Fo X509v3_addr_get_range -.Fa "IPAddressOrRange *aor" -.Fa "const unsigned afi" -.Fa "unsigned char *min" -.Fa "unsigned char *max" -.Fa "const int length" -.Fc -.Sh DESCRIPTION -.Fn X509v3_addr_get_afi -returns the address family identifier (AFI) of -.Fa af . -.Pp -.Fn X509v3_addr_get_range -converts the minimum and maximum addresses in -the address prefix or range -.Fa aor -from internal encoding to IP addresses in network byte order -and places copies in the arrays -.Fa min -and -.Fa max , -of size -.Fa length . -The -.Fa length -must be large enough to accommodate an address for -.Fa afi , -which is at least 4 for -.Dv IANA_AFI_IPV4 -and at least 16 for -.Dv IANA_AFI_IPV6 . -.Sh RETURN VALUES -.Fn X509v3_addr_get_afi -returns the AFI encoded in -.Fa af -or 0 if -.Fa af -does not contain a valid AFI, or if the AFI is not IPv4 or IPv6. -.Pp -.Fn X509v3_addr_get_range -returns the number of bytes copied into -.Fa min -and -.Fa max -or 0 on error. -An error occurs if -.Fa aor -is malformed, if -.Fa afi -is not -.Dv IANA_AFI_IPV4 -or -.Dv IANA_AFI_IPV6 , -if either -.Fa min -or -.Fa max -is -.Dv NULL , -or if -.Fa length -is smaller than 4 or 16, respectively. -.Sh SEE ALSO -.Xr crypto 3 , -.Xr inet_ntop 3 , -.Xr IPAddressRange_new 3 , -.Xr X509_new 3 , -.Xr X509v3_addr_add_inherit 3 -.Sh STANDARDS -RFC 3779: X.509 Extensions for IP Addresses and AS Identifiers: -.Bl -dash -compact -.It -section 2: IP Address delegation extension -.It -section 2.2.3.3: Element addressFamily -.It -section 2.2.3.7: Type IPAddressOrRange -.It -section 2.2.3.8: Element addressPrefix and Type IPAddress -.El -.Pp -.Rs -.%T Address Family Numbers -.%U https://www.iana.org/assignments/address-family-numbers -.Re -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.8e -and have been available since -.Ox 7.1 . -.Sh BUGS -There is no accessor for the SAFI of -.Fa af . -.Pp -An error from -.Fn X509v3_addr_get_afi -is indistinguishable from the reserved AFI 0 being set on -.Fa af . -.Pp -It is not entirely clear how a caller is supposed to obtain an -.Vt IPAddressFamily -object or an -.Vt IPAddressOrRange -object without reaching into various structs documented in -.Xr IPAddressRange_new 3 . diff --git a/src/lib/libcrypto/man/X509v3_addr_inherits.3 b/src/lib/libcrypto/man/X509v3_addr_inherits.3 deleted file mode 100644 index 8e3cecf7ae..0000000000 --- a/src/lib/libcrypto/man/X509v3_addr_inherits.3 +++ /dev/null @@ -1,104 +0,0 @@ -.\" $OpenBSD: X509v3_addr_inherits.3,v 1.3 2023/09/30 14:21:57 schwarze Exp $ -.\" -.\" Copyright (c) 2023 Theo Buehler -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: September 30 2023 $ -.Dt X509V3_ADDR_INHERITS 3 -.Os -.Sh NAME -.Nm X509v3_addr_inherits , -.Nm X509v3_asid_inherits -.Nd RFC 3779 inheritance -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft int -.Fn X509v3_addr_inherits "IPAddrBlocks *addrblocks" -.Ft int -.Fn X509v3_asid_inherits "ASIdentifiers *asids" -.Sh DESCRIPTION -.Fn X509v3_addr_inherits -determines if there is at least one address family in -.Fa addrblocks -that uses inheritance. -.Pp -.Fn X509v3_asid_inherits -is intended to determine if at least one of -the list of autonomous system numbers or -the list of routing domain identifiers -uses inheritance. -.Sh RETURN VALUES -.Fn X509v3_addr_inherits -returns 1 if and only if -.Fa addrblocks -contains at least one -.Fa IPAddressFamily -object that is correctly marked -.Dq inherit : -its -.Fa IPAddressChoice -is of -.Fa type -.Dv IPAddressChoice_inherit -and its -.Fa inherit -element is present. -Otherwise it returns 0. -.Pp -.Fn X509v3_asid_inherits -returns 1 if and only if -at least one of the -.Fa asnum -or the -.Fa rdi -lists has -.Fa type -.Dv ASIdentifierChoice_inherit . -Otherwise it returns 0. -.Sh SEE ALSO -.Xr ASIdentifiers_new 3 , -.Xr ASRange_new 3 , -.Xr crypto 3 , -.Xr IPAddressRange_new 3 , -.Xr X509_new 3 , -.Xr X509v3_addr_add_inherit 3 , -.Xr X509v3_asid_add_inherit 3 -.Sh STANDARDS -RFC 3779: X.509 Extensions for IP Addresses and AS Identifiers: -.Bl -dash -compact -.It -section 2: IP Address delegation extension -.It -section 2.2.3.5: Element inherit -.It -section 3: AS identifiers delegation extension -.It -section 3.2.3.3: Element inherit -.El -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.8e -and have been available since -.Ox 7.1 . -.Sh BUGS -.Fn X509v3_asid_inherits -ignores whether the -.Fa inherit -element is present or absent in the list that is considered to use inheritance. -.Pp -There is no API that determines whether all lists contained in an -.Vt ASIdentifiers -or an -.Vt IPAddrBlocks -object inherit. -See RFC 9287, 5.1.2 for an example where this is relevant. diff --git a/src/lib/libcrypto/man/X509v3_addr_subset.3 b/src/lib/libcrypto/man/X509v3_addr_subset.3 deleted file mode 100644 index 93714a26fa..0000000000 --- a/src/lib/libcrypto/man/X509v3_addr_subset.3 +++ /dev/null @@ -1,176 +0,0 @@ -.\" $OpenBSD: X509v3_addr_subset.3,v 1.2 2023/09/30 14:24:00 schwarze Exp $ -.\" -.\" Copyright (c) 2023 Theo Buehler -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: September 30 2023 $ -.Dt X509V3_ADDR_SUBSET 3 -.Os -.Sh NAME -.Nm X509v3_addr_subset , -.Nm X509v3_asid_subset -.Nd RFC 3779 subset relationship -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft int -.Fn X509v3_addr_subset "IPAddrBlocks *child" "IPAddrBlocks *parent" -.Ft int -.Fn X509v3_asid_subset "ASIdentifiers *child" "ASIdentifiers *parent" -.Sh DESCRIPTION -.Fn X509v3_addr_subset -determines if all IP address resources present in -.Fa child -are contained in the corresponding resources in -.Fa parent . -.Pp -The implementation assumes but does not ensure that both -.Fa child -and -.Fa parent -are in canonical form as described in -.Xr X509v3_addr_is_canonical 3 . -In particular, both -.Fa child -and -.Fa parent -are sorted appropriately and they contain at most one -.Vt IPAddressFamily -object per address family identifier (AFI) and optional -subsequent address family identifier (SAFI). -.Pp -The checks are, in order: -.Bl -enum -.It -If -.Fa child -is -.Dv NULL -or identical to -.Fa parent -then -.Fa child -is a subset of -.Fa parent . -In particular, a -.Dv NULL -.Fa parent -is allowed for a -.Dv NULL -.Fa child . -.It -If -.Fa parent -is -.Dv NULL -then -.Fa child -is not a subset of -.Fa parent . -.It -If -.Xr X509v3_addr_inherits 3 -determines that -.Fa child -inherits or that -.Fa parent -inherits -then -.Fa child -is not a subset of -.Fa parent . -.It -Each address prefix or range in -.Fa child -must be a subset of an address prefix or range in the -.Fa parent , -taking AFI and optional SAFI into account: -.Bl -bullet -compact -.It -For each -.Vt IPAddressFamily -of -.Fa child -there must be an -.Vt IPAddressFamily -of -.Fa parent -with the same AFI and optional SAFI. -.It -Since the address prefixes and ranges in corresponding -.Vt IPAddressFamily -objects in -.Fa child -and -.Fa parent -are sorted in ascending order, -and do not overlap, -they can be traversed simultaneously in linear time. -For each prefix or range in -.Fa child -there must be a prefix or range in -.Fa parent -whose minimal address is smaller -and whose maximal address is larger. -.El -If any of these steps fails, -.Fa child -is not a subset of -.Fa parent . -.El -.Pp -.Fn X509v3_asid_subset -determines if all AS identifier resources in -.Fa child -are contained in the corresponding resources in -.Fa parent . -.Pp -The description for -.Fn X509v3_addr_subset -applies mutatis mutandis. -In particular, -.Fa child -and -.Fa parent -must be in canonical form per -.Xr X509v3_asid_is_canonical 3 , -but this is not enforced. -.Sh RETURN VALUES -.Fn X509v3_addr_subset -and -.Fn X509v3_asid_subset -return 1 if and only if -.Fa child -is a subset of -.Fa parent , -otherwise they return 0. -If both -.Fa child -and -.Fa parent -are in canonical form, -these functions cannot fail. -.Sh SEE ALSO -.Xr ASIdentifiers_new 3 , -.Xr ASRange_new 3 , -.Xr crypto 3 , -.Xr IPAddressRange_new 3 , -.Xr X509_new 3 , -.Xr X509v3_addr_add_inherit 3 , -.Xr X509v3_asid_add_inherit 3 -.Sh STANDARDS -RFC 3779: X.509 Extensions for IP Addresses and AS Identifiers. -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.8e -and have been available since -.Ox 7.1 . diff --git a/src/lib/libcrypto/man/X509v3_addr_validate_path.3 b/src/lib/libcrypto/man/X509v3_addr_validate_path.3 deleted file mode 100644 index fe6065d599..0000000000 --- a/src/lib/libcrypto/man/X509v3_addr_validate_path.3 +++ /dev/null @@ -1,203 +0,0 @@ -.\" $OpenBSD: X509v3_addr_validate_path.3,v 1.5 2023/09/30 19:07:38 tb Exp $ -.\" -.\" Copyright (c) 2023 Theo Buehler -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: September 30 2023 $ -.Dt X509V3_ADDR_VALIDATE_PATH 3 -.Os -.Sh NAME -.Nm X509v3_addr_validate_path , -.Nm X509v3_addr_validate_resource_set , -.Nm X509v3_asid_validate_path , -.Nm X509v3_asid_validate_resource_set -.Nd RFC 3779 path validation for IP address and AS number delegation -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft int -.Fn X509v3_addr_validate_path "X509_STORE_CTX *ctx" -.Ft int -.Fo X509v3_addr_validate_resource_set -.Fa "STACK_OF(X509) *chain" -.Fa "IPAddrBlocks *addrblocks" -.Fa "int allow_inherit" -.Fc -.Ft int -.Fn X509v3_asid_validate_path "X509_STORE_CTX *ctx" -.Ft int -.Fo X509v3_asid_validate_resource_set -.Fa "STACK_OF(X509) *chain" -.Fa "ASIdentifiers *asid" -.Fa "int allow_inherit" -.Fc -.Sh DESCRIPTION -Both RFC 3779 extensions require additional checking in the certification -path validation. -.Bl -enum -.It -The initial set of allowed IP address and AS number resources is defined in -the trust anchor, where inheritance is not allowed. -.It -An issuer may only delegate subsets of resources present in its -RFC 3779 extensions or subsets of resources inherited from its issuer. -.It -If an RFC 3779 extension is present in a certificate, -the same type of extension must also be present in its issuer. -.It -All RFC 3779 extensions -appearing in the validation path must be in canonical form -according to -.Xr X509v3_addr_is_canonical 3 -and -.Xr X509v3_asid_is_canonical 3 . -.El -.Pp -.Fn X509v3_addr_validate_path -and -.Fn X509v3_asid_validate_path -are called from -.Xr X509_verify_cert 3 -as part of the verification chain building. -On encountering an error or a violation of the above rules, -.Fa error , -.Fa error_depth , -and -.Fa current_cert -are set on -.Fa ctx -and the verify callback is called with -.Fa ok -set to 0. -.Dv X509_V_ERR_INVALID_EXTENSION -indicates a non-canonical resource, -.Dv X509_V_ERR_UNNESTED_RESOURCE -indicates a violation of the other rules above. -In rare circumstances, the error can be -.Dv X509_V_ERR_UNSPECIFIED -and for IP address resources -.Dv X509_V_ERR_OUT_OF_MEM -is also possible. -.Pp -.Fn X509v3_addr_validate_resource_set -validates the resources in -.Fa addrblocks -against a specific certificate -.Fa chain . -After checking that -.Fa addrblocks -is canonical, its IP addresses are checked to be covered in -the certificate at depth 0, -then the chain is walked all the way to the trust anchor -until an error or a violation of the above rules is encountered. -.Fa addrblocks -is allowed to use inheritance according to -.Xr X509v3_addr_inherits 3 -if and only if -.Fa allow_inherit -is non-zero. -.Pp -.Fn X509v3_asid_validate_resource_set -performs similar checks as -.Fn X509v3_addr_validate_resource_set -for -.Fa asid . -.Sh RETURN VALUES -All these functions return 1 on successful validation and 0 otherwise. -.Pp -For -.Fn X509v3_addr_validate_path -and -.Fn X509v3_asid_validate_path -a non-empty -.Fa chain -and a -.Fa verify_cb -must be present on -.Fa ctx , -otherwise they fail and set the -.Fa error -on -.Fa ctx -to -.Dv X509_V_ERR_UNSPECIFIED . -The -.Fa verify_cb -is called with the error codes described above -on most errors encountered during validation. -Some malformed extensions can lead to an error -that cannot be intercepted by the callback. -With the exception of an allocation error, -no error codes are set on the error stack. -.Pp -.Fn X509v3_addr_validate_resource_set -accepts a -.Dv NULL -.Fa addrblocks -and -.Fn X509v3_asid_validate_resource_set -accepts a -.Dv NULL -.Fa asid -as valid. -They fail if -.Fa chain -is -.Dv NULL -or empty. -If -.Fa allow_inherit -is 0, -.Fa addrblocks -or -.Fa asid -is checked for inheritance with -.Xr X509v3_addr_inherits 3 -or -.Xr X509v3_asid_inherits 3 . -The remaining failure cases are the same as for -.Fn X509v3_addr_validate_path -and -.Fn X509v3_asid_validate_path . -They cannot and do not attempt to communicate -the cause of the error to the caller. -.Sh SEE ALSO -.Xr ASIdentifiers_new 3 , -.Xr crypto 3 , -.Xr IPAddressRange_new 3 , -.Xr X509_new 3 , -.Xr X509_STORE_CTX_get_error 3 , -.Xr X509_verify_cert 3 , -.Xr X509v3_addr_add_inherit 3 , -.Xr X509v3_addr_inherits 3 , -.Xr X509v3_asid_add_id_or_range 3 -.Sh STANDARDS -RFC 3779: X.509 Extensions for IP Addresses and AS Identifiers: -.Bl -dash -compact -.It -section 2.3: IP Address Delegation Extension Certification Path Validation -.It -section 3.3: Autonomous System Identifier Delegation Extension Certification -Path Validation -.El -.Pp -RFC 5280: Internet X.509 Public Key Infrastructure Certificate -and Certificate Revocation List (CRL) Profile -.Bl -dash -compact -.It -section 6: Certification Path Validation -.El -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.8e -and have been available since -.Ox 7.1 . diff --git a/src/lib/libcrypto/man/X509v3_asid_add_id_or_range.3 b/src/lib/libcrypto/man/X509v3_asid_add_id_or_range.3 deleted file mode 100644 index 81221ca9bc..0000000000 --- a/src/lib/libcrypto/man/X509v3_asid_add_id_or_range.3 +++ /dev/null @@ -1,327 +0,0 @@ -.\" $OpenBSD: X509v3_asid_add_id_or_range.3,v 1.9 2023/09/30 18:16:44 tb Exp $ -.\" -.\" Copyright (c) 2023 Theo Buehler -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: September 30 2023 $ -.Dt X509V3_ASID_ADD_ID_OR_RANGE 3 -.Os -.Sh NAME -.Nm X509v3_asid_add_id_or_range , -.Nm X509v3_asid_add_inherit , -.Nm X509v3_asid_canonize , -.Nm X509v3_asid_is_canonical -.Nd RFC 3779 autonomous system identifier delegation extension -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft int -.Fo X509v3_asid_add_id_or_range -.Fa "ASIdentifiers *asid" -.Fa "int type" -.Fa "ASN1_INTEGER *min" -.Fa "ASN1_INTEGER *max" -.Fc -.Ft int -.Fo X509v3_asid_add_inherit -.Fa "ASIdentifiers *asid" -.Fa "int type" -.Fc -.Ft int -.Fo X509v3_asid_canonize -.Fa "ASIdentifiers *asid" -.Fc -.Ft int -.Fo X509v3_asid_is_canonical -.Fa "ASIdentifiers *asid" -.Fc -.Sh DESCRIPTION -An -.Vt ASIdentifiers -object represents the content of the certificate extension -defined in RFC 3779, section 3.2.3.1. -It can be instantiated with -.Xr ASIdentifiers_new 3 -and its internals are documented in -.Xr ASRange_new 3 . -.Pp -An autonomous system is identified by an unsigned 32-bit integer, -called an AS identifier or AS number. -An -.Vt ASIdentifiers -object can hold two lists: -a list of -.Fa type -.Dv V3_ASID_ASNUM -containing individual AS identifiers and ranges of AS identifiers, -and an obsolete list of -.Fa type -.Dv V3_ASID_RDI -containing routing domain identifiers (RDIs). -Either of these lists may be absent, or it may contain nothing -but a special -.Dq inherit -marker that indicates that the list is inherited from the issuer -of the certificate. -.Pp -.Fn X509v3_asid_add_id_or_range -adds an individual identifier or a range of identifiers to the list of -.Fa type -(either -.Dv V3_ASID_ASNUM -or -.Dv V3_ASID_RDI ) -in -.Fa asid . -If no such list exists, it is created first. -If a list of -.Fa type -already exists and contains the -.Dq inherit -marker, the call fails. -.Fa min -must be a -.Pf non- Dv NULL -.Vt ASN1_INTEGER . -If -.Fa max -is -.Dv NULL , -.Fa min -is added as an individual identifier. -Ownership of -.Fa min -and -.Fa max -is transferred to -.Fa asid -on success. -It is the responsibility of the caller to ensure that -the resulting -.Fa asid -does not contain lists with overlapping ranges and that -.Fa min -is strictly less than -.Fa max -if both are -.Pf non- Dv NULL . -The caller should also ensure that the AS identifiers are -32-bit integers. -Failure to do so may result in an -.Fa asid -that cannot be brought into canonical form by -.Fn X509v3_asid_canonize . -.Pp -.Fn X509v3_asid_add_inherit -adds the list of -.Fa type -(either -.Dv V3_ASID_ASNUM -or -.Dv V3_ASID_RDI ) -in -.Fa asid -if necessary and marks it -.Dq inherit . -This fails if -.Fa asid -already contains a list of -.Fa type -that is not marked -.Dq inherit . -.Pp -.Fn X509v3_asid_canonize -attempts to bring both lists in -.Fa asid -into canonical form. -If -.Fa asid -is -.Dv NULL -the call succeeds and no action occurs. -A list is in canonical form if it is either one of -.Bl -dash -compact -.It -absent, -.It -marked -.Dq inherit , -.It -non-empty and all identifiers and ranges are listed in increasing order. -Ranges must not overlap, -.\" the following is not currently specified and leads to ambiguity: -.\" contain at least two elements, -and adjacent ranges must be fully merged. -.El -.Pp -.Fn X509v3_asid_canonize -merges adjacent ranges -but refuses to merge overlapping ranges or to discard duplicates. -For example, the adjacent ranges [a,b] and [b+1,c] are merged -into the single range [a,c], but if both [a,b] and [b,c] appear in a list, -this results in an error since they are considered overlapping. -Likewise, the identifier a is absorbed into the adjacent -range [a+1,b] to yield [a,b]. -.Fn X509v3_asid_canonize -errors if the minimum of any range is larger than the maximum. -In contrast, minimum and maximum of a range may be equal. -.Pp -.Fn X509v3_asid_is_canonical -checks whether -.Fa asid -is in canonical form. -Once -.Fn X509v3_asid_canonize -is called successfully on -.Fa asid , -all subsequent calls to -.Fn X509v3_asid_is_canonical -succeed on an unmodified -.Fa asid -unless memory allocation fails. -.Sh RETURN VALUES -All these functions return 1 on success and 0 on failure. -.Pp -.Fn X509v3_asid_add_id_or_range -and -.Fn X509v3_asid_add_inherit -fail if -.Fa asid -is -.Dv NULL -or if -.Fa type -is distinct from -.Dv V3_ASID_ASNUM -and -.Dv V3_ASID_RDI , -or on memory allocation failure. -In addition, -.Fn X509v3_asid_add_id_or_range -fails if -.Fa asid -contains a list of -.Fa type -that is marked -.Dq inherit , -and -.Fn X509v3_asid_add_inherit -fails if -.Fa asid -contains a list of -.Fa type -that is not marked -.Dq inherit . -.Pp -.Fn X509v3_asid_canonize -fails if either list is empty and not marked -.Dq inherit , -or if it is malformed, or if memory allocation fails. -Malformed lists include lists containing duplicate, overlapping, -or malformed elements, for example AS ranges where the minimum is -larger than the maximum. -Some of these failure modes result in an error being pushed onto the -error stack. -.Pp -.Fn X509v3_asid_is_canonical -returns 1 if -.Fa asid -is canonical and 0 if it is not canonical or on memory allocation -failure. -.Sh SEE ALSO -.Xr ASIdentifiers_new 3 , -.Xr crypto 3 , -.Xr s2i_ASN1_INTEGER 3 , -.Xr X509_new 3 , -.Xr X509v3_addr_add_inherit 3 , -.Xr X509v3_addr_validate_path 3 -.Sh STANDARDS -RFC 3779: X.509 Extensions for IP Addresses and AS Identifiers, -.Bl -dash -compact -.It -section 3: Autonomous System Delegation Extension -.El -.Pp -.Rs -.%T Autonomous System (AS) Numbers -.%U https://www.iana.org/assignments/as-numbers -.Re -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.8e -and have been available since -.Ox 7.1 . -.Sh BUGS -.Fn X509v3_asid_add_id_or_range -does not check for inverted range bounds and overlaps -on insertion. -It is very easy to create an -.Fa asid -that fails to be canonized by -.Fn X509v3_asid_canonize -and it is very hard to diagnose why. -.Pp -Both -.Fn X509v3_asid_add_id_or_range -and -.Fn X509v3_asid_add_inherit -can leave -.Fa asid -in a corrupted state if memory allocation fails during their execution. -In addition, -.Fn X509v3_asid_add_id_or_range -may already have freed the -.Fa min -and -.Fa max -arguments on failure. -.Pp -RFC 3779 does not explicitly disallow ranges where the minimum -is equal to the maximum. -The isolated AS identifier -.Fa min -and the AS range -.Bq Fa min , Ns Fa min -where the minimum and the maximum are equal to -.Fa min -have the same semantics. -.Fn X509v3_asid_is_canonical -accepts both representations as valid and -.Fn X509v3_asid_canonize -does not prefer either representation over the other. -The encodings of the two representations produced by -.Xr i2d_ASIdentifiers 3 -are distinct. -.Pp -.Fn X509v3_asid_is_canonical -does not fully check inheriting lists to be well formed. -It only checks the -.Fa type -to be -.Dv ASIdentifierChoice_inherit -and ignores the presence or absence of the -.Fa inherit -element. -.Fn X509v3_asid_canonize -does not fix that up. -This can lead to incorrect or unexpected DER encoding of -.Dq canonical -.Vt ASIdentifiers -objects. -In particular, it is possible to construct an -.Vt ASIdentifiers -object for which both -.Fn X509v3_asid_is_canonical -and -.Xr X509v3_asid_inherits 3 -return 1, and after a round trip through DER the latter -returns 0. diff --git a/src/lib/libcrypto/man/X509v3_get_ext_by_NID.3 b/src/lib/libcrypto/man/X509v3_get_ext_by_NID.3 deleted file mode 100644 index 8c7c159f80..0000000000 --- a/src/lib/libcrypto/man/X509v3_get_ext_by_NID.3 +++ /dev/null @@ -1,408 +0,0 @@ -.\" $OpenBSD: X509v3_get_ext_by_NID.3,v 1.15 2024/05/22 09:44:10 tb Exp $ -.\" full merge up to: OpenSSL fd38836b Jun 20 15:25:43 2018 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: May 22 2024 $ -.Dt X509V3_GET_EXT_BY_NID 3 -.Os -.Sh NAME -.Nm X509v3_get_ext_count , -.Nm X509v3_get_ext , -.Nm X509v3_get_ext_by_NID , -.Nm X509v3_get_ext_by_OBJ , -.Nm X509v3_get_ext_by_critical , -.Nm X509v3_delete_ext , -.Nm X509v3_add_ext , -.Nm X509_get_ext_count , -.Nm X509_get_ext , -.Nm X509_get_ext_by_NID , -.Nm X509_get_ext_by_OBJ , -.Nm X509_get_ext_by_critical , -.Nm X509_delete_ext , -.Nm X509_add_ext , -.Nm X509_CRL_get_ext_count , -.Nm X509_CRL_get_ext , -.Nm X509_CRL_get_ext_by_NID , -.Nm X509_CRL_get_ext_by_OBJ , -.Nm X509_CRL_get_ext_by_critical , -.Nm X509_CRL_delete_ext , -.Nm X509_CRL_add_ext , -.Nm X509_REVOKED_get_ext_count , -.Nm X509_REVOKED_get_ext , -.Nm X509_REVOKED_get_ext_by_NID , -.Nm X509_REVOKED_get_ext_by_OBJ , -.Nm X509_REVOKED_get_ext_by_critical , -.Nm X509_REVOKED_delete_ext , -.Nm X509_REVOKED_add_ext -.Nd extension stack utility functions -.Sh SYNOPSIS -.In openssl/x509.h -.Ft int -.Fo X509v3_get_ext_count -.Fa "const STACK_OF(X509_EXTENSION) *x" -.Fc -.Ft X509_EXTENSION * -.Fo X509v3_get_ext -.Fa "const STACK_OF(X509_EXTENSION) *x" -.Fa "int loc" -.Fc -.Ft int -.Fo X509v3_get_ext_by_NID -.Fa "const STACK_OF(X509_EXTENSION) *x" -.Fa "int nid" -.Fa "int lastpos" -.Fc -.Ft int -.Fo X509v3_get_ext_by_OBJ -.Fa "const STACK_OF(X509_EXTENSION) *x" -.Fa "const ASN1_OBJECT *obj" -.Fa "int lastpos" -.Fc -.Ft int -.Fo X509v3_get_ext_by_critical -.Fa "const STACK_OF(X509_EXTENSION) *x" -.Fa "int crit" -.Fa "int lastpos" -.Fc -.Ft X509_EXTENSION * -.Fo X509v3_delete_ext -.Fa "STACK_OF(X509_EXTENSION) *x" -.Fa "int loc" -.Fc -.Ft STACK_OF(X509_EXTENSION) * -.Fo X509v3_add_ext -.Fa "STACK_OF(X509_EXTENSION) **x" -.Fa "X509_EXTENSION *ex" -.Fa "int loc" -.Fc -.Ft int -.Fo X509_get_ext_count -.Fa "const X509 *x" -.Fc -.Ft X509_EXTENSION * -.Fo X509_get_ext -.Fa "const X509 *x" -.Fa "int loc" -.Fc -.Ft int -.Fo X509_get_ext_by_NID -.Fa "const X509 *x" -.Fa "int nid" -.Fa "int lastpos" -.Fc -.Ft int -.Fo X509_get_ext_by_OBJ -.Fa "const X509 *x" -.Fa "const ASN1_OBJECT *obj" -.Fa "int lastpos" -.Fc -.Ft int -.Fo X509_get_ext_by_critical -.Fa "const X509 *x" -.Fa "int crit" -.Fa "int lastpos" -.Fc -.Ft X509_EXTENSION * -.Fo X509_delete_ext -.Fa "X509 *x" -.Fa "int loc" -.Fc -.Ft int -.Fo X509_add_ext -.Fa "X509 *x" -.Fa "X509_EXTENSION *ex" -.Fa "int loc" -.Fc -.Ft int -.Fo X509_CRL_get_ext_count -.Fa "const X509_CRL *x" -.Fc -.Ft X509_EXTENSION * -.Fo X509_CRL_get_ext -.Fa "const X509_CRL *x" -.Fa "int loc" -.Fc -.Ft int -.Fo X509_CRL_get_ext_by_NID -.Fa "const X509_CRL *x" -.Fa "int nid" -.Fa "int lastpos" -.Fc -.Ft int -.Fo X509_CRL_get_ext_by_OBJ -.Fa "const X509_CRL *x" -.Fa "const ASN1_OBJECT *obj" -.Fa "int lastpos" -.Fc -.Ft int -.Fo X509_CRL_get_ext_by_critical -.Fa "const X509_CRL *x" -.Fa "int crit" -.Fa "int lastpos" -.Fc -.Ft X509_EXTENSION * -.Fo X509_CRL_delete_ext -.Fa "X509_CRL *x" -.Fa "int loc" -.Fc -.Ft int -.Fo X509_CRL_add_ext -.Fa "X509_CRL *x" -.Fa "X509_EXTENSION *ex" -.Fa "int loc" -.Fc -.Ft int -.Fo X509_REVOKED_get_ext_count -.Fa "const X509_REVOKED *x" -.Fc -.Ft X509_EXTENSION * -.Fo X509_REVOKED_get_ext -.Fa "const X509_REVOKED *x" -.Fa "int loc" -.Fc -.Ft int -.Fo X509_REVOKED_get_ext_by_NID -.Fa "const X509_REVOKED *x" -.Fa "int nid" -.Fa "int lastpos" -.Fc -.Ft int -.Fo X509_REVOKED_get_ext_by_OBJ -.Fa "const X509_REVOKED *x" -.Fa "const ASN1_OBJECT *obj" -.Fa "int lastpos" -.Fc -.Ft int -.Fo X509_REVOKED_get_ext_by_critical -.Fa "const X509_REVOKED *x" -.Fa "int crit" -.Fa "int lastpos" -.Fc -.Ft X509_EXTENSION * -.Fo X509_REVOKED_delete_ext -.Fa "X509_REVOKED *x" -.Fa "int loc" -.Fc -.Ft int -.Fo X509_REVOKED_add_ext -.Fa "X509_REVOKED *x" -.Fa "X509_EXTENSION *ex" -.Fa "int loc" -.Fc -.Sh DESCRIPTION -.Fn X509v3_get_ext_count -retrieves the number of extensions in -.Fa x . -.Pp -.Fn X509v3_get_ext -retrieves extension -.Fa loc -from -.Fa x . -The index -.Fa loc -can take any value from 0 to -.Fn X509_get_ext_count x No \- 1 . -The returned extension is an internal pointer which must not be -freed up by the application. -.Pp -.Fn X509v3_get_ext_by_NID -and -.Fn X509v3_get_ext_by_OBJ -look for an extension with -.Fa nid -or -.Fa obj -from extension stack -.Fa x . -The search starts from the extension after -.Fa lastpos -or from the beginning if -.Fa lastpos -is \-1. -If the extension is found, its index is returned; otherwise, a negative -value is returned. -.Pp -.Fn X509v3_get_ext_by_critical -is similar to -.Fn X509v3_get_ext_by_NID -except that it looks for an extension of criticality -.Fa crit . -A zero value for -.Fa crit -looks for a non-critical extension; a non-zero value looks for a -critical extension. -.Pp -.Fn X509v3_delete_ext -deletes the extension with index -.Fa loc -from -.Fa x . -The deleted extension is returned and must be freed by the caller. -If -.Fa loc -is an invalid index value, -.Dv NULL -is returned. -.Pp -.Fn X509v3_add_ext -adds the extension -.Fa ex -to the stack -.Pf * Fa x -at position -.Fa loc . -If -.Fa loc -is \-1, the new extension is added to the end. -If -.Pf * Fa x -is -.Dv NULL , -a new stack will be allocated. -The passed extension -.Fa ex -is duplicated internally so it must be freed after use. -.Pp -.Fn X509_get_ext_count , -.Fn X509_get_ext , -.Fn X509_get_ext_by_NID , -.Fn X509_get_ext_by_OBJ , -.Fn X509_get_ext_by_critical , -.Fn X509_delete_ext , -and -.Fn X509_add_ext -operate on the extensions of certificate -.Fa x . -They are otherwise identical to the X509v3 functions. -.Pp -.Fn X509_CRL_get_ext_count , -.Fn X509_CRL_get_ext , -.Fn X509_CRL_get_ext_by_NID , -.Fn X509_CRL_get_ext_by_OBJ , -.Fn X509_CRL_get_ext_by_critical , -.Fn X509_CRL_delete_ext , -and -.Fn X509_CRL_add_ext -operate on the extensions of the CRL -.Fa x . -They are otherwise identical to the X509v3 functions. -.Pp -.Fn X509_REVOKED_get_ext_count , -.Fn X509_REVOKED_get_ext , -.Fn X509_REVOKED_get_ext_by_NID , -.Fn X509_REVOKED_get_ext_by_OBJ , -.Fn X509_REVOKED_get_ext_by_critical , -.Fn X509_REVOKED_delete_ext , -and -.Fn X509_REVOKED_add_ext -operate on the extensions of the CRL entry -.Fa x . -They are otherwise identical to the X509v3 functions. -.Pp -These functions are used to examine stacks of extensions directly. -Many applications will want to parse or encode and add an extension: -they should use the extension encode and decode functions instead -such as -.Xr X509_get_ext_d2i 3 . -.Pp -Extension indices start from zero, so a zero index return value is -not an error. -These search functions start from the extension -.Em after -the -.Fa lastpos -parameter, so it should initially be set to \-1. -If it is set to 0, the initial extension will not be checked. -.Sh RETURN VALUES -.Fn X509v3_get_ext_count -returns the extension count. -.Pp -.Fn X509v3_get_ext , -.Fn X509v3_delete_ext , -and -.Fn X509_delete_ext -return an -.Vt X509_EXTENSION -pointer or -.Dv NULL -if an error occurs. -.Pp -.Fn X509v3_get_ext_by_NID , -.Fn X509v3_get_ext_by_OBJ , -and -.Fn X509v3_get_ext_by_critical -return the extension index or \-1 if an error occurs. -In addition, -.Fn X509v3_get_ext_by_NID -returns \-2 if -.Xr OBJ_nid2obj 3 -fails on the requested -.Fa nid . -.Pp -.Fn X509v3_add_ext -returns a stack of extensions or -.Dv NULL -on error. -.Pp -.Fn X509_add_ext -returns 1 on success or 0 on error. -.Sh SEE ALSO -.Xr OBJ_nid2obj 3 , -.Xr X509_CRL_new 3 , -.Xr X509_EXTENSION_new 3 , -.Xr X509_new 3 , -.Xr X509_REVOKED_new 3 , -.Xr X509V3_EXT_print 3 , -.Xr X509V3_extensions_print 3 , -.Xr X509V3_get_d2i 3 -.Sh HISTORY -These functions first appeared in SSLeay 0.8.0 -and have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/a2d_ASN1_OBJECT.3 b/src/lib/libcrypto/man/a2d_ASN1_OBJECT.3 deleted file mode 100644 index 7d36a54be2..0000000000 --- a/src/lib/libcrypto/man/a2d_ASN1_OBJECT.3 +++ /dev/null @@ -1,84 +0,0 @@ -.\" $OpenBSD: a2d_ASN1_OBJECT.3,v 1.3 2023/08/09 17:34:39 schwarze Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: August 9 2023 $ -.Dt A2D_ASN1_OBJECT 3 -.Os -.Sh NAME -.Nm a2d_ASN1_OBJECT -.Nd DER content octets of an ASN.1 object identifier -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft int -.Fo a2d_ASN1_OBJECT -.Fa "unsigned char *der_out" -.Fa "int olen" -.Fa "const char *val_in" -.Fa "int ilen" -.Fc -.Sh DESCRIPTION -.Fn a2d_ASN1_OBJECT -accepts an ASCII string -.Fa val_in -of -.Fa ilen -bytes and interprets it as the numerical form of an ASN.1 object identifier. -It writes the content octets of the DER encoding of the object identifier -to the buffer -.Fa der_out -which is -.Fa olen -bytes long. -The identifier and length octets of the DER encoding are not written. -.Pp -If -.Fa ilen -is \-1, the -.Xr strlen 3 -of -.Fa val_in -is used instead. -.Pp -If -.Fa der_out -is a -.Dv NULL -pointer, writing the content octets is skipped -and only the return value is calculated. -.Sh RETURN VALUES -.Fn a2d_ASN1_OBJECT -returns the number of content octets that were or would be written or 0 if -.Fa ilen -is 0, if -.Fa val_in -is not a valid representation of an object identifier, -if memory allocation fails, or if the number of content octets -would be larger than -.Fa olen . -.Sh SEE ALSO -.Xr ASN1_OBJECT_new 3 , -.Xr i2d_ASN1_OBJECT 3 , -.Xr OBJ_create 3 -.Sh STANDARDS -ITU-T Recommendation X.690, also known as ISO/IEC 8825-1: -Information technology - ASN.1 encoding rules: -Specification of Basic Encoding Rules (BER), Canonical Encoding -Rules (CER) and Distinguished Encoding Rules (DER), -section 8.19: Encoding of an object identifier value -.Sh HISTORY -.Fn a2d_ASN1_OBJECT -first appeared in SSLeay 0.8.0 and has been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/a2i_ipadd.3 b/src/lib/libcrypto/man/a2i_ipadd.3 deleted file mode 100644 index 1372b2acfd..0000000000 --- a/src/lib/libcrypto/man/a2i_ipadd.3 +++ /dev/null @@ -1,136 +0,0 @@ -.\" $OpenBSD: a2i_ipadd.3,v 1.1 2024/12/27 15:30:17 schwarze Exp $ -.\" -.\" Copyright (c) 2024 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: December 27 2024 $ -.Dt A2I_IPADD 3 -.Os -.Sh NAME -.Nm a2i_ipadd , -.Nm a2i_IPADDRESS , -.Nm a2i_IPADDRESS_NC -.Nd parse Internet Protocol addresses into ASN.1 OCTET STRINGs for X.509 -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft int -.Fo a2i_ipadd -.Fa "unsigned char *ipout" -.Fa "const char *ipasc" -.Fc -.Ft ASN1_OCTET_STRING * -.Fo a2i_IPADDRESS -.Fa "const char *ipasc" -.Fc -.Ft ASN1_OCTET_STRING * -.Fo a2i_IPADDRESS_NC -.Fa "const char *ipasc" -.Fc -.Sh DESCRIPTION -.Fn a2i_ipadd -and -.Fn a2i_IPADDRESS -parse the string -.Fa ipasc -containing an IPv4 or IPv6 address -in one of the following formats: -.Bd -literal -offset indent -d.d.d.d -x:x:x:x:x:x:x:x (exactly 8 words) -(x:)*x::x(:x)* (less than 8 words) -(x:)*x:: (less than 8 words) -::x(:x)* (less than 8 words) -:: -(x:)*d.d.d.d (up to 6 hexadecimal words, :: can be used) -.Ed -.Pp -where each -.Ar d -represents a non-negative decimal number less than 256 -with one, two or three digits and each -.Ar x -represents a non-negative hexadecimal number -with one, two, three, or four digits. -Both the lower case letters a-f and the upper case letters A-F can be used. -.Pp -.Fn a2i_ipadd -stores the bytes of the address in network byte order (big endian) starting at -.Fa ipout . -The caller is responsible for providing sufficient space; -always providing a buffer of at least 16 bytes is recommended, -even if an IPv4 address is expected, to avoid buffer overruns in case -.Fa ipasc -is malformed. -.Pp -.Fn a2i_IPADDRESS -stores the address in a newly allocated ASN.1 -.Vt OCTET STRING . -.Pp -.Fn a2i_IPADDRESS_NC -expects -.Fa ipasc -to contain two addresses of the same address family in the above form, -separated by a slash -.Pq Sq / -character, and stores the concatenation of both addresses -in a newly allocated ASN.1 -.Vt OCTET STRING , -which is typically used for address/mask pairs -in name constraint extensions of CA certificates. -.Sh RETURN VALUES -.Fn a2i_ipadd -returns the number of bytes written to -.Fa ipout -in case of success, i.e. 4 for an IPv4 or 16 for an IPv6 address, -or 0 if parsing failed. -.Pp -.Fn a2i_IPADDRESS -and -.Fn a2i_IPADDRESS_NC -return the new object or -.Dv NULL -if parsing or memory allocation failed. -.Sh SEE ALSO -.Xr a2i_ASN1_STRING 3 , -.Xr ASN1_OCTET_STRING_new 3 , -.Xr ASN1_OCTET_STRING_set 3 , -.Xr GENERAL_NAME_new 3 , -.Xr IPAddressRange_new 3 , -.Xr NAME_CONSTRAINTS_new 3 , -.Xr s2i_ASN1_OCTET_STRING 3 , -.Xr X509_EXTENSION_new 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile -.Bl -dash -width 1n -compact -.It -section 4.2.1.6: Subject Alternative Name -.It -section 4.2.1.10: Name Constraints -.El -.Sh HISTORY -.Fn a2i_IPADDRESS -and -.Fn a2i_IPADDRESS_NC -first appeared in OpenSSL 0.9.8 and -.Fn a2i_ipadd -in OpenSSL 0.9.8e. -They have been available since -.Ox 4.5 . -.Sh CAVEATS -While some syntax errors are caught, only minimal validation takes place, -and these functions often return objects that make no sense, in particular -in the context of IPv6. -For example, the trailing :d.d.d.d syntax can be appended -to a hexadecimal part that results in twelve arbitrary bytes. diff --git a/src/lib/libcrypto/man/bn_dump.3 b/src/lib/libcrypto/man/bn_dump.3 deleted file mode 100644 index b4272441e5..0000000000 --- a/src/lib/libcrypto/man/bn_dump.3 +++ /dev/null @@ -1,415 +0,0 @@ -.\" $OpenBSD: bn_dump.3,v 1.9 2023/11/16 18:10:19 schwarze Exp $ -.\" full merge up to: -.\" OpenSSL crypto/bn/README.pod aebb9aac Jul 19 09:27:53 2016 -0400 -.\" -.\" This file was written by Ulf Moeller . -.\" Copyright (c) 2000, 2003, 2006, 2009 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 16 2023 $ -.Dt BN_DUMP 3 -.Os -.Sh NAME -.Nm bn_mul_words , -.Nm bn_mul_add_words , -.Nm bn_sqr_words , -.Nm bn_div_words , -.Nm bn_add_words , -.Nm bn_sub_words , -.Nm bn_mul_comba4 , -.Nm bn_mul_comba8 , -.Nm bn_sqr_comba4 , -.Nm bn_sqr_comba8 , -.Nm bn_mul_normal , -.Nm bn_expand , -.Nm bn_wexpand -.Nd BIGNUM library internal functions -.Sh SYNOPSIS -.Fd #include "bn_local.h" -.Ft BN_ULONG -.Fo bn_mul_words -.Fa "BN_ULONG *rp" -.Fa "BN_ULONG *ap" -.Fa "int num" -.Fa "BN_ULONG w" -.Fc -.Ft BN_ULONG -.Fo bn_mul_add_words -.Fa "BN_ULONG *rp" -.Fa "BN_ULONG *ap" -.Fa "int num" -.Fa "BN_ULONG w" -.Fc -.Ft void -.Fo bn_sqr_words -.Fa "BN_ULONG *rp" -.Fa "BN_ULONG *ap" -.Fa "int num" -.Fc -.Ft BN_ULONG -.Fo bn_div_words -.Fa "BN_ULONG h" -.Fa "BN_ULONG l" -.Fa "BN_ULONG d" -.Fc -.Ft BN_ULONG -.Fo bn_add_words -.Fa "BN_ULONG *rp" -.Fa "BN_ULONG *ap" -.Fa "BN_ULONG *bp" -.Fa "int num" -.Fc -.Ft BN_ULONG -.Fo bn_sub_words -.Fa "BN_ULONG *rp" -.Fa "BN_ULONG *ap" -.Fa "BN_ULONG *bp" -.Fa "int num" -.Fc -.Ft void -.Fo bn_mul_comba4 -.Fa "BN_ULONG *r" -.Fa "BN_ULONG *a" -.Fa "BN_ULONG *b" -.Fc -.Ft void -.Fo bn_mul_comba8 -.Fa "BN_ULONG *r" -.Fa "BN_ULONG *a" -.Fa "BN_ULONG *b" -.Fc -.Ft void -.Fo bn_sqr_comba4 -.Fa "BN_ULONG *r" -.Fa "BN_ULONG *a" -.Fc -.Ft void -.Fo bn_sqr_comba8 -.Fa "BN_ULONG *r" -.Fa "BN_ULONG *a" -.Fc -.Ft void -.Fo bn_mul_normal -.Fa "BN_ULONG *r" -.Fa "BN_ULONG *a" -.Fa "int na" -.Fa "BN_ULONG *b" -.Fa "int nb" -.Fc -.Ft BIGNUM * -.Fo bn_expand -.Fa "BIGNUM *a" -.Fa "int bits" -.Fc -.Ft BIGNUM * -.Fo bn_wexpand -.Fa "BIGNUM *a" -.Fa "int n" -.Fc -.Sh DESCRIPTION -This page documents some internal functions used by the -.Vt BIGNUM -implementation. -They are described here to facilitate debugging and extending the -library. -They are -.Em not -to be used by applications. -.Ss The BIGNUM structure -.Bd -literal -typedef struct bignum_st BIGNUM; - -struct bignum_st { - BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */ - int top; /* Index of last used d +1. */ - /* The next are internal book keeping for bn_expand. */ - int dmax; /* Size of the d array. */ - int neg; /* one if the number is negative */ - int flags; -}; -.Ed -.Pp -The integer value is stored in -.Fa d , -a -.Xr malloc 3 Ap ed -array of words -.Pq Vt BN_ULONG , -least significant word first. -.Vt BN_ULONG -is a macro that expands to -.Vt unsigned long Pq = Vt uint64_t -on -.Dv _LP64 -platforms and -.Vt unsigned int Pq = Vt uint32_t -elsewhere. -.Pp -.Fa dmax -is the size of the -.Fa d -array that has been allocated. -.Fa top -is the number of words being used, so for a value of 4, bn.d[0]=4 and -bn.top=1. -.Fa neg -is 1 if the number is negative. -When a -.Vt BIGNUM -is 0, the -.Fa d -field can be -.Dv NULL -and -.Fa top -== 0. -.Pp -.Fa flags -is a bit field of flags which are defined in -.In openssl/bn.h . -The flags begin with -.Dv BN_FLG_ . -The functions -.Xr BN_set_flags 3 -and -.Xr BN_get_flags 3 -enable or inspect -.Fa flags . -.Pp -Various routines in this library require the use of temporary -.Vt BIGNUM -variables during their execution. -Since dynamic memory allocation to create -.Vt BIGNUM Ns s -is rather expensive when used in conjunction with repeated subroutine -calls, the -.Vt BN_CTX -structure is used. -This structure contains BN_CTX_NUM -.Vt BIGNUM Ns s ; -see -.Xr BN_CTX_start 3 . -.Ss Low level arithmetic operations -These functions are implemented in C and for several platforms in -assembly language: -.Pp -.Fn bn_mul_words rp ap num w -operates on the -.Fa num -word arrays -.Fa rp -and -.Fa ap . -It computes -.Fa ap -* -.Fa w , -places the result in -.Fa rp , -and returns the high word (carry). -.Pp -.Fn bn_mul_add_words rp ap num w -operates on the -.Fa num -word arrays -.Fa rp -and -.Fa ap . -It computes -.Fa ap -* -.Fa w -+ -.Fa rp , -places the result in -.Fa rp , -and returns the high word (carry). -.Pp -.Fn bn_sqr_words rp ap num -operates on the -.Fa num -word array -.Fa ap -and the -.Pf 2* Fa num -word array -.Fa ap . -It computes -.Fa ap -* -.Fa ap -word-wise, and places the low and high bytes of the result in -.Fa rp . -.Pp -.Fn bn_div_words h l d -divides the two word number -.Pq Fa h , Fa l -by -.Fa d -and returns the result. -.Pp -.Fn bn_add_words rp ap bp num -operates on the -.Fa num -word arrays -.Fa ap , -.Fa bp -and -.Fa rp . -It computes -.Fa ap -+ -.Fa bp , -places the result in -.Fa rp , -and returns the high word (carry). -.Pp -.Fn bn_sub_words rp ap bp num -operates on the -.Fa num -word arrays -.Fa ap , -.Fa bp -and -.Fa rp . -It computes -.Fa ap -- -.Fa bp , -places the result in -.Fa rp , -and returns the carry (1 if -.Fa bp -\(ra -.Fa ap , -0 otherwise). -.Pp -.Fn bn_mul_comba4 r a b -operates on the 4 word arrays -.Fa a -and -.Fa b -and the 8-word array -.Fa r . -It computes -.Fa a Ns * Ns Fa b -and places the result in -.Fa r . -.Pp -.Fn bn_mul_comba8 r a b -operates on the 8-word arrays -.Fa a -and -.Fa b -and the 16-word array -.Fa r . -It computes -.Fa a Ns * Ns Fa b -and places the result in -.Fa r . -.Pp -.Fn bn_sqr_comba4 r a b -operates on the 4-word arrays -.Fa a -and -.Fa b -and the 8-word array -.Fa r . -.Pp -.Fn bn_sqr_comba8 r a b -operates on the 8-word arrays -.Fa a -and -.Fa b -and the 16 word array -.Fa r . -.Pp -The following functions are implemented in C: -.Pp -.Fn bn_mul_normal r a na b nb -operates on the -.Fa na -word array -.Fa a , -the -.Fa nb -word array -.Fa b -and the -.Fa na Ns + Ns Fa nb -word array -.Fa r . -It computes -.Fa a Ns * Ns Fa b -and places the result in -.Fa r . -.Pp -.Xr BN_mul 3 -calls -.Fn bn_mul_comba4 -if both factors are 4 words long, -.Fn bn_mul_comba8 -if both factors are 8 words long, -or -.Fn bn_mul_normal -otherwise. -.Ss Size changes -.Fn bn_expand -ensures that -.Fa b -has enough space for a -.Fa bits -bit number. -.Fn bn_wexpand -ensures that -.Fa b -has enough space for an -.Fa n -word number. -They return 0 on error or 1 otherwise. -.Sh SEE ALSO -.Xr BN_new 3 diff --git a/src/lib/libcrypto/man/crypto.3 b/src/lib/libcrypto/man/crypto.3 deleted file mode 100644 index f1367e9e62..0000000000 --- a/src/lib/libcrypto/man/crypto.3 +++ /dev/null @@ -1,419 +0,0 @@ -.\" $OpenBSD: crypto.3,v 1.30 2024/12/07 19:22:15 schwarze Exp $ -.\" OpenSSL a9c85cea Nov 11 09:33:55 2016 +0100 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Ulf Moeller and -.\" Dr. Stephen Henson . -.\" Copyright (c) 2000, 2002 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 7 2024 $ -.Dt CRYPTO 3 -.Os -.Sh NAME -.Nm crypto -.Nd OpenSSL cryptographic library -.Sh DESCRIPTION -The OpenSSL crypto library implements a wide range of cryptographic -algorithms used in various Internet standards. -The services provided by this library are used by the OpenSSL -implementations of TLS and S/MIME, and they have also been used to -implement SSH, OpenPGP, and other cryptographic standards. -.Pp -.Sy Symmetric ciphers -including AES, Blowfish, CAST, ChaCha20, IDEA, DES, RC2, and RC4 -are provided by the generic interface -.Xr EVP_EncryptInit 3 . -Low-level stand-alone interfaces include -.Xr AES_encrypt 3 , -.Xr BF_set_key 3 , -.Xr ChaCha 3 , -.Xr DES_set_key 3 , -.Xr RC2_encrypt 3 , -and -.Xr RC4 3 . -.Pp -.Sy Public key cryptography and key agreement -are provided by -.Xr DH_new 3 , -.Xr ECDH_compute_key 3 , -.Xr X25519 3 , -.Xr DSA_new 3 , -.Xr ECDSA_SIG_new 3 , -.Xr RSA_new 3 , -and -.Xr EVP_PKEY_new 3 . -.Pp -.Sy Certificates -are handled by -.Xr X509_new 3 -and -.Xr X509v3_add_ext 3 . -.Pp -.Sy Authentication codes and hash functions -offered include -.Xr EVP_DigestInit 3 , -.Xr CMAC_Init 3 , -.Xr HMAC 3 , -.Xr MD4 3 , -.Xr MD5 3 , -.Xr RIPEMD160 3 , -.Xr SHA1 3 , -and -.Xr SHA256 3 . -.Pp -.Sy Input, output, and data encoding -facilities include -.Xr ASN1_TYPE_get 3 , -.Xr BIO_new 3 , -.Xr CMS_ContentInfo_new 3 , -.Xr evp 3 , -.Xr EVP_EncodeInit 3 , -.Xr PEM_read 3 , -.Xr PKCS7_encrypt 3 , -.Xr PKCS7_sign 3 , -.Xr PKCS12_create 3 , -and -.Xr SMIME_write_PKCS7 3 . -.Pp -.Sy Auxiliary features include: -.Bl -dash -compact -.It -configuration file handling: see -.Xr OPENSSL_config 3 -.It -error reporting: see -.Xr ERR 3 -.It -.Xr OCSP_REQUEST_new 3 -.It -.Xr UI_new 3 -.El -.Pp -.Sy Internal utilities -include -.Xr BIO_f_buffer 3 , -.Xr BN_new 3 , -.Xr EC_GROUP_new 3 , -.Xr lh_new 3 , -and -.Xr STACK_OF 3 . -.Sh NAMING CONVENTIONS -Elements used in the names of API functions include the following: -.Bl -tag -width Ds -.It add0 -See -.Dq set0 -below. -.It add1 -See -.Dq set1 -below. -.It BIO -basic input and/or output abstraction: -The function manipulates objects of the idiosyncratic OpenSSL -.Vt BIO -object type. -See -.Xr BIO_new 3 . -.It bio -The function uses a -.Vt BIO -object for input or output. -In many cases, simpler variants of the function are available -that operate directly on -.In stdio.h -.Vt FILE -objects or directly in RAM, usually using byte arrays. -.It BIO_f_ -filter BIO: -The function returns a pointer to a static built-in object that, -when passed to -.Xr BIO_new 3 , -results in the creation of a BIO object that can write data to -and/or read data from another -.Vt BIO -object. -.It BIO_s_ -source and/or sink BIO: -The function returns a pointer to a static built-in object that, -when passed to -.Xr BIO_new 3 , -results in the creation of a BIO object -that can write data to an external destination -and/or read data from an external source, -for example a file descriptor or object, a memory buffer, or the network. -.It BN -big number: -The function operates on -.Vt BIGNUM -objects representing integer numbers of variable, almost unlimited size. -See -.Xr BN_new 3 . -.It cb -callback: -The function takes or returns a function pointer -that is called by API functions from inside the library. -The function pointed to may be defined by the application program. -In some cases, API functions with -.Dq cb -in their name may return function pointers to internal functions -defined inside the library that are not API functions. -The element -.Dq cb -is also used in the names of some function pointer datatypes -declared with -.Sy typedef . -In a small number of cases, the all caps form -.Dq CB -is used with the same meaning. -.It CTX -context: -The function operates on a wrapper object around another object. -The purposes and properties of such -.Dq CTX -wrapper objects vary wildly depending on the objects in question. -A few function names use the lower case form -.Dq ctx -in the same sense. -.It d2i -DER to internal: -The function decodes input conforming to ASN.1 basic encoding rules (BER) -and either stores the result in an existing object -or in a newly allocated object. -The latter is usually preferable because -creating a new object is more robust and less error prone. -In spite of the name, the input usually does not need to conform to ASN.1 -distinguished encoding rules (DER), which are more restrictive than BER. -.It EVP -digital EnVeloPe library: -See -.Xr evp 3 . -.It ex -This name element is used for two completely unrelated purposes. -.Pp -extended version: -The function is similar to an older function without the -.Dq ex -in its name, but takes one or more additional arguments -in order to make it more versatile. -In several cases, the older version is now deprecated. -.Pp -extra data: -Some object types support storing additional, application-specific data -inside objects in addition to the data the object is designed to hold. -The function sets, retrieves, or prepares for using such extra data. -Related function names usually contain -.Dq ex_data -or -.Dq ex_new_index . -See -.Xr CRYPTO_set_ex_data 3 . -.It fp -file pointer: -The function takes a -.Vt FILE * -argument. -Usually, the function is a variant of another function taking a -.Vt BIO * -argument instead. -.It i2d -internal to DER: -The function encodes an object passed as an argument -according to ASN.1 distinguished encoding rules (DER). -There are a few rare exceptions of functions that have -.Dq i2d -in their name but produce output anyway -that only conforms to ASN.1 basic encoding rules (BER) and not to DER. -.It get0 -The function returns an internal pointer -owned by the object passed as an argument. -The returned pointer must not be freed by the calling code. -It will be freed automatically -when the object owning the pointer will be freed. -.It get1 -The function returns a copy of a sub-object -of an object passed as an argument. -The caller is responsible for freeing the returned object -when it is no longer needed. -.Pp -If the object type is reference counted, usually the reference count -is incremented instead of copying the object. -Consequently, modifying the returned object may still impact all -objects containing references to it. -The caller is responsible for freeing the returned object -when it is no longer needed; for reference-counted objects still -referenced elsewhere, this will merely decrement the reference count. -.It get -Functions containing -.Dq get -in their name without a following digit may behave in -.Dq get0 -or, more rarely, in -.Dq get1 -style. -To find out which is the case, refer to the individual manual pages. -.It lh -linear hash: -The function manipulates a dynamic hash table. -See -.Xr lh_new 3 . -.It md -message digest. -Some function names use the all caps form -.Dq MD -in the same sense. -.It meth -The function manipulates an object holding a function table. -Usually, such function tables allow the application program -to implement additional cryptographic or I/O algorithms -and to use them with the same high-level API functions as the -algorithms provided by the library itself, or to replace the -implementations of algorithms provided by the library with -custom implementations provided by the application program. -Some API functions use the name elements -.Dq method -or -.Dq METHOD -in the same sense. -See also the -.Dq cb -entry in the present list. -.It nid -numerical identifier: -A non-standard, LibreSSL-specific -.Vt int -number associated with an ASN.1 object identifier. -In several cases, the all caps form -.Dq NID -is used in the same sense. -See -.Xr OBJ_nid2obj 3 . -.It obj -This name element and its all caps form -.Dq OBJ -usually refer to ASN.1 object identifiers represented by the -.Vt ASN1_OBJECT -data type. -See -.Xr ASN1_OBJECT_new 3 . -.It PKEY -In most cases, this name element and its lower case form -.Dq pkey -mean -.Dq private key , -but for both forms, there are some cases where they mean -.Dq public key -instead. -.It set0 -The function transfers ownership of a pointer passed as an argument -to an object passed as another argument, -by storing the pointer inside the object. -The transferred pointer must not be freed by the calling code. -It will be freed automatically -when the object now owning the pointer will be freed. -.It set1 -The function copies the content of one object passed as an argument -into another object also passed as an argument. -When the calling code no longer needs the copied object, -it can free that object. -.Pp -In some cases, if the object to be copied is reference counted, -the function does not actually copy the object but merely increments -its reference count and stores the pointer to it in the other object. -When the calling code no longer needs its original pointer to -the now inner object, it can free the original pointer, thus -decrementing the reference count of the inner object -and transferring ownership of the inner object to the outer object. -The inner object will then be freed automatically -when the outer object is freed later on. -.It set -Functions containing -.Dq set -in their name without a following digit may behave in -.Dq set0 -or, more rarely, in -.Dq set1 -style. -To find out which is the case, refer to the individual manual pages. -.It sk -stack: -The function manipulates a variable-sized array of pointers -in the idiosyncratic style described in -.Xr OPENSSL_sk_new 3 . -.It TS -X.509 time-stamp protocol: -See -.Xr TS_REQ_new 3 . -.It up_ref -The function increments the reference count of the argument by one. -Only a minority of object types support reference counting. -For those that do, if the reference count is greater than one, -the corresponding -.Dq free -function reverses the effect of one call to the -.Dq up_ref -function rather than freeing the object. -.El -.Sh SEE ALSO -.Xr openssl 1 , -.Xr ssl 3 diff --git a/src/lib/libcrypto/man/d2i_ASN1_NULL.3 b/src/lib/libcrypto/man/d2i_ASN1_NULL.3 deleted file mode 100644 index 037c9c93e1..0000000000 --- a/src/lib/libcrypto/man/d2i_ASN1_NULL.3 +++ /dev/null @@ -1,92 +0,0 @@ -.\" $OpenBSD: d2i_ASN1_NULL.3,v 1.5 2023/09/26 09:36:22 tb Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: September 26 2023 $ -.Dt D2I_ASN1_NULL 3 -.Os -.Sh NAME -.Nm d2i_ASN1_NULL , -.Nm i2d_ASN1_NULL -.Nd decode and encode an ASN.1 NULL type -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft ASN1_NULL * -.Fo d2i_ASN1_NULL -.Fa "ASN1_NULL **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ASN1_NULL -.Fa "ASN1_NULL *val_in" -.Fa "unsigned char **der_out" -.Fc -.Sh DESCRIPTION -These functions decode and encode the ASN.1 value NULL of type NULL. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -.Fn d2i_ASN1_NULL -verifies that the BER-encoded value at -.Pf * Fa der_in -is NULL and of type NULL. -It fails if -.Fa length -is less than 2 or if the first two bytes of -.Pf * Fa der_in -differ from 0x05 and 0x00. -In case of success, -.Pf * Fa der_in -is advanced by two bytes and -.Pf * Fa val_out -is set to a specific invalid pointer representing the unique -.Vt ASN1_NULL -object. -.Pp -.Fn i2d_ASN1_NULL -ignores -.Fa val_in -and encodes the ASN.1 value NULL of type NULL using DER. -Specifically, it writes the identifier octet for the type NULL, -0x05, followed by the length octet 0x00, and no content or -end-of-content octets. -.Sh RETURN VALUES -.Fn d2i_ASN1_NULL -returns a specific invalid pointer representing the unique -.Vt ASN1_NULL -object or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_ASN1_NULL -returns 2 if successful or 0 if an error occurs. -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr ASN1_item_new 3 , -.Xr ASN1_NULL_new 3 , -.Xr ASN1_TYPE_get 3 -.Sh STANDARDS -ITU-T Recommendation X.690, also known as ISO/IEC 8825-1: -Information technology - ASN.1 encoding rules: -Specification of Basic Encoding Rules (BER), Canonical Encoding -Rules (CER) and Distinguished Encoding Rules (DER), -section 8.8: Encoding of a null value -.Sh HISTORY -.Fn d2i_ASN1_NULL -and -.Fn i2d_ASN1_NULL -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . diff --git a/src/lib/libcrypto/man/d2i_ASN1_OBJECT.3 b/src/lib/libcrypto/man/d2i_ASN1_OBJECT.3 deleted file mode 100644 index bbb70ad8c6..0000000000 --- a/src/lib/libcrypto/man/d2i_ASN1_OBJECT.3 +++ /dev/null @@ -1,164 +0,0 @@ -.\" $OpenBSD: d2i_ASN1_OBJECT.3,v 1.15 2025/03/14 21:32:15 tb Exp $ -.\" -.\" Copyright (c) 2017, 2022, 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 14 2025 $ -.Dt D2I_ASN1_OBJECT 3 -.Os -.Sh NAME -.Nm d2i_ASN1_OBJECT , -.Nm i2d_ASN1_OBJECT , -.Nm OBJ_get0_data , -.Nm OBJ_length -.Nd decode and encode ASN.1 object identifiers -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft ASN1_OBJECT * -.Fo d2i_ASN1_OBJECT -.Fa "ASN1_OBJECT **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ASN1_OBJECT -.Fa "const ASN1_OBJECT *val_in" -.Fa "unsigned char **der_out" -.Fc -.In openssl/objects.h -.Ft const unsigned char * -.Fn OBJ_get0_data "const ASN1_OBJECT *val_in" -.Ft size_t -.Fn OBJ_length "const ASN1_OBJECT *val_in" -.Sh DESCRIPTION -These functions decode and encode ASN.1 object identifiers. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -The LibreSSL implementation of -.Fn d2i_ASN1_OBJECT -always calls -.Xr ASN1_OBJECT_free 3 -if an existing object is passed in via -.Fa val_out -and it always creates a new object from scratch. -Other implementations may attempt to reuse an existing object, -which is fragile and prone to bugs. -Consequently, always passing -.Dv NULL -for the -.Fa val_out -argument is recommended. -.Pp -The objects returned from -.Fn d2i_ASN1_OBJECT -and the data contained in them are always marked as dynamically -allocated, so when they are no longer needed, -.Xr ASN1_OBJECT_free 3 -can be called on them. -.Pp -.Fn i2d_ASN1_OBJECT -encodes the object identifier pointed to by -.Fa val_in -into DER format. -.Fn OBJ_get0_data -and -.Fn OBJ_length -only deal with the content octets of that DER encoding, -without taking the identifier and length octets into account. -.Sh RETURN VALUES -.Fn d2i_ASN1_OBJECT -returns a pointer to the new -.Vt ASN1_OBJECT -object or -.Dv NULL -if an error occurs. -With other implementations, it might return a pointer to the reused -.Vt ASN1_OBJECT . -.Pp -.Fn i2d_ASN1_OBJECT -returns the number of octets successfully encoded -or a value <= 0 if an error occurs. -.Pp -.Fn OBJ_get0_data -returns an internal pointer to the first content octet of the DER -encoding of -.Fa val_in . -The other content octets follow the returned pointer contiguously. -.Fn OBJ_length -returns the number of content octets contained in the DER encoding of -.Fa val_in . -This number is always smaller than the total length of the encoding -returned by -.Xr ASN1_object_size 3 . -.Pp -If -.Fa val_in -is a -.Dv NULL -pointer or points to an empty object, for example one freshly created with -.Xr ASN1_OBJECT_new 3 , -.Fn OBJ_get0_data -returns -.Dv NULL -and -.Fn OBJ_length -returns zero. -.Sh SEE ALSO -.Xr a2d_ASN1_OBJECT 3 , -.Xr ASN1_item_d2i 3 , -.Xr ASN1_OBJECT_new 3 , -.Xr ASN1_put_object 3 , -.Xr OBJ_nid2obj 3 -.Sh STANDARDS -ITU-T Recommendation X.690, also known as ISO/IEC 8825-1: -Information technology - ASN.1 encoding rules: -Specification of Basic Encoding Rules (BER), Canonical Encoding -Rules (CER) and Distinguished Encoding Rules (DER), -section 8.19: Encoding of an object identifier value -.Sh HISTORY -.Fn d2i_ASN1_OBJECT -and -.Fn i2d_ASN1_OBJECT -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . -.Pp -.Fn OBJ_get0_data -and -.Fn OBJ_length -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 7.1 . -.Sh CAVEATS -.Fn d2i_ASN1_OBJECT -never sets the long and short names of the object, not even if the -object identifier matches one that is built into the library. -To find the names of an object identifier parsed from DER or BER -input, call -.Xr OBJ_obj2nid 3 -on the returned object, and then -.Xr OBJ_nid2sn 3 -and -.Xr OBJ_nid2ln 3 -on the result. -.Pp -Calling -.Fn OBJ_get0_data -and then accessing memory in front of the returned pointer -results in undefined behaviour. -In particular, it is not possible to find the identifier or -length octets in that way; use -.Xr ASN1_put_object 3 -or -.Fn i2d_ASN1_OBJECT -instead. diff --git a/src/lib/libcrypto/man/d2i_ASN1_OCTET_STRING.3 b/src/lib/libcrypto/man/d2i_ASN1_OCTET_STRING.3 deleted file mode 100644 index d544af0fe4..0000000000 --- a/src/lib/libcrypto/man/d2i_ASN1_OCTET_STRING.3 +++ /dev/null @@ -1,461 +0,0 @@ -.\" $OpenBSD: d2i_ASN1_OCTET_STRING.3,v 1.20 2024/02/13 12:38:43 job Exp $ -.\" -.\" Copyright (c) 2017 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: February 13 2024 $ -.Dt D2I_ASN1_OCTET_STRING 3 -.Os -.Sh NAME -.Nm d2i_ASN1_OCTET_STRING , -.Nm i2d_ASN1_OCTET_STRING , -.Nm d2i_ASN1_BIT_STRING , -.Nm i2d_ASN1_BIT_STRING , -.Nm d2i_ASN1_INTEGER , -.Nm i2d_ASN1_INTEGER , -.Nm d2i_ASN1_UINTEGER , -.Nm d2i_ASN1_ENUMERATED , -.Nm i2d_ASN1_ENUMERATED , -.Nm d2i_ASN1_UTF8STRING , -.Nm i2d_ASN1_UTF8STRING , -.Nm d2i_ASN1_IA5STRING , -.Nm i2d_ASN1_IA5STRING , -.Nm d2i_ASN1_UNIVERSALSTRING , -.Nm i2d_ASN1_UNIVERSALSTRING , -.Nm d2i_ASN1_BMPSTRING , -.Nm i2d_ASN1_BMPSTRING , -.Nm d2i_ASN1_GENERALSTRING , -.Nm i2d_ASN1_GENERALSTRING , -.Nm d2i_ASN1_T61STRING , -.Nm i2d_ASN1_T61STRING , -.Nm d2i_ASN1_VISIBLESTRING , -.Nm i2d_ASN1_VISIBLESTRING , -.Nm d2i_ASN1_PRINTABLESTRING , -.Nm i2d_ASN1_PRINTABLESTRING , -.Nm d2i_ASN1_PRINTABLE , -.Nm i2d_ASN1_PRINTABLE , -.Nm d2i_DIRECTORYSTRING , -.Nm i2d_DIRECTORYSTRING , -.Nm d2i_DISPLAYTEXT , -.Nm i2d_DISPLAYTEXT , -.Nm d2i_ASN1_GENERALIZEDTIME , -.Nm i2d_ASN1_GENERALIZEDTIME , -.Nm d2i_ASN1_UTCTIME , -.Nm i2d_ASN1_UTCTIME , -.Nm d2i_ASN1_TIME , -.Nm i2d_ASN1_TIME -.Nd decode and encode ASN1_STRING objects -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft ASN1_OCTET_STRING * -.Fo d2i_ASN1_OCTET_STRING -.Fa "ASN1_OCTET_STRING **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ASN1_OCTET_STRING -.Fa "ASN1_OCTET_STRING *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft ASN1_BIT_STRING * -.Fo d2i_ASN1_BIT_STRING -.Fa "ASN1_BIT_STRING **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ASN1_BIT_STRING -.Fa "ASN1_BIT_STRING *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft ASN1_INTEGER * -.Fo d2i_ASN1_INTEGER -.Fa "ASN1_INTEGER **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ASN1_INTEGER -.Fa "ASN1_INTEGER *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft ASN1_INTEGER * -.Fo d2i_ASN1_UINTEGER -.Fa "ASN1_INTEGER **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft ASN1_ENUMERATED * -.Fo d2i_ASN1_ENUMERATED -.Fa "ASN1_ENUMERATED **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ASN1_ENUMERATED -.Fa "ASN1_ENUMERATED *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft ASN1_UTF8STRING * -.Fo d2i_ASN1_UTF8STRING -.Fa "ASN1_UTF8STRING **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ASN1_UTF8STRING -.Fa "ASN1_UTF8STRING *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft ASN1_IA5STRING * -.Fo d2i_ASN1_IA5STRING -.Fa "ASN1_IA5STRING **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ASN1_IA5STRING -.Fa "ASN1_IA5STRING *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft ASN1_UNIVERSALSTRING * -.Fo d2i_ASN1_UNIVERSALSTRING -.Fa "ASN1_UNIVERSALSTRING **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ASN1_UNIVERSALSTRING -.Fa "ASN1_UNIVERSALSTRING *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft ASN1_BMPSTRING * -.Fo d2i_ASN1_BMPSTRING -.Fa "ASN1_BMPSTRING **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ASN1_BMPSTRING -.Fa "ASN1_BMPSTRING *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft ASN1_GENERALSTRING * -.Fo d2i_ASN1_GENERALSTRING -.Fa "ASN1_GENERALSTRING **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ASN1_GENERALSTRING -.Fa "ASN1_GENERALSTRING *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft ASN1_T61STRING * -.Fo d2i_ASN1_T61STRING -.Fa "ASN1_T61STRING **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ASN1_T61STRING -.Fa "ASN1_T61STRING *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft ASN1_VISIBLESTRING * -.Fo d2i_ASN1_VISIBLESTRING -.Fa "ASN1_VISIBLESTRING **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ASN1_VISIBLESTRING -.Fa "ASN1_VISIBLESTRING *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft ASN1_PRINTABLESTRING * -.Fo d2i_ASN1_PRINTABLESTRING -.Fa "ASN1_PRINTABLESTRING **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ASN1_PRINTABLESTRING -.Fa "ASN1_PRINTABLESTRING *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft ASN1_STRING * -.Fo d2i_ASN1_PRINTABLE -.Fa "ASN1_STRING **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ASN1_PRINTABLE -.Fa "ASN1_STRING *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft ASN1_STRING * -.Fo d2i_DIRECTORYSTRING -.Fa "ASN1_STRING **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_DIRECTORYSTRING -.Fa "ASN1_STRING *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft ASN1_STRING * -.Fo d2i_DISPLAYTEXT -.Fa "ASN1_STRING **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_DISPLAYTEXT -.Fa "ASN1_STRING *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft ASN1_GENERALIZEDTIME * -.Fo d2i_ASN1_GENERALIZEDTIME -.Fa "ASN1_GENERALIZEDTIME **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ASN1_GENERALIZEDTIME -.Fa "ASN1_GENERALIZEDTIME *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft ASN1_UTCTIME * -.Fo d2i_ASN1_UTCTIME -.Fa "ASN1_UTCTIME **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ASN1_UTCTIME -.Fa "ASN1_UTCTIME *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft ASN1_TIME * -.Fo d2i_ASN1_TIME -.Fa "ASN1_TIME **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ASN1_TIME -.Fa "ASN1_TIME *val_in" -.Fa "unsigned char **der_out" -.Fc -.Sh DESCRIPTION -These functions decode and encode various ASN.1 built-in types -that can be represented by -.Vt ASN1_STRING -objects. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -The format consists of one identifier byte, one or more length bytes, -and one or more content bytes. -The identifier bytes and corresponding ASN.1 types are as follows: -.Bl -column ASN1_GENERALIZEDTIME identifier -.It Em OpenSSL type Ta Em identifier Ta Em ASN.1 type -.It Ta -.It Vt ASN1_OCTET_STRING Ta 0x04 Ta OCTET STRING -.It Vt ASN1_BIT_STRING Ta 0x03 Ta BIT STRING -.It Vt ASN1_INTEGER Ta 0x02 Ta INTEGER -.It Vt ASN1_ENUMERATED Ta 0x0a Ta ENUMERATED -.It Vt ASN1_UTF8STRING Ta 0x0c Ta UTF8String -.It Vt ASN1_IA5STRING Ta 0x16 Ta IA5String -.It Vt ASN1_UNIVERSALSTRING Ta 0x1c Ta UniversalString -.It Vt ASN1_BMPSTRING Ta 0x1e Ta BMPString -.It Vt ASN1_GENERALSTRING Ta 0x1b Ta GeneralString -.It Vt ASN1_T61STRING Ta 0x14 Ta T61String -.It Vt ASN1_VISIBLESTRING Ta 0x1a Ta VisibleString -.It Vt ASN1_PRINTABLESTRING Ta 0x13 Ta PrintableString -.It Vt ASN1_GENERALIZEDTIME Ta 0x18 Ta GeneralizedTime -.It Vt ASN1_UTCTIME Ta 0x17 Ta UTCTime -.El -.Pp -.Fn d2i_DIRECTORYSTRING -and -.Fn i2d_DIRECTORYSTRING -decode and encode an ASN.1 -.Vt DirectoryString -structure defined in RFC 5280 section 4.1.2.4 -and used for ASN.1 -.Vt EDIPartyName -structures; see -.Xr EDIPARTYNAME_new 3 . -When decoding, it accepts any of the types UTF8String, UniversalString, -BMPString, T61String, or PrintableString. -When encoding, -it writes out the character string type that is actually passed in. -.Pp -.Fn d2i_ASN1_PRINTABLE -and -.Fn i2d_ASN1_PRINTABLE -are non-standard variants of -.Fn d2i_DIRECTORYSTRING -and -.Fn i2d_DIRECTORYSTRING -that also accept IA5String, NumericString, BIT STRING, and SEQUENCE -ASN.1 values as well as ASN.1 values with unknown identifier -bytes (0x07, 0x08, 0x09, 0x0b, 0x0d, 0x0e, 0x0f, 0x1d, and 0x1f). -Even though the standard requires the use of -.Vt DirectoryString -in the relative distinguished names described in -.Xr X509_NAME_ENTRY_new 3 , -the library accepts this wider range of choices. -.Pp -.Fn d2i_DISPLAYTEXT -and -.Fn i2d_DISPLAYTEXT -decode and encode an ASN.1 -.Vt DisplayText -structure defined in RFC 5280 section 4.2.1.4 -and used for ASN.1 -.Vt UserNotice -structures in certificate policies; see -.Xr USERNOTICE_new 3 . -When decoding, it accepts any of the types UTF8String, IA5String, -BMPString, or VisibleString. -When encoding, -it writes out the character string type that is actually passed in. -.Pp -.Fn d2i_ASN1_TIME -and -.Fn i2d_ASN1_TIME -decode and encode an ASN.1 -.Vt Time -structure defined in RFC 5280 section 4.1 -and used for ASN.1 -.Vt Validity -structures in certificates; see -.Xr X509_VAL_new 3 . -They are also used for certificate revocation lists; see -.Xr X509_CRL_INFO_new 3 . -When decoding, it accepts either GeneralizedTime or UTCTime. -When encoding, it writes out the time type that is actually passed in. -.Pp -The following constants describe the ASN.1 tags that are valid -when decoding with the above functions. -See -.Xr ASN1_tag2bit 3 -for more details about the -.Dv B_ASN1_* -constants. -.Bl -column d2i_DIRECTORYSTRING() B_ASN1_DIRECTORYSTRING -offset indent -.It decoding function Ta mask constant -.It Fn d2i_DIRECTORYSTRING Ta Dv B_ASN1_DIRECTORYSTRING -.It Fn d2i_ASN1_PRINTABLE Ta Dv B_ASN1_PRINTABLE -.It Fn d2i_DISPLAYTEXT Ta Dv B_ASN1_DISPLAYTEXT -.It Fn d2i_ASN1_TIME Ta Dv B_ASN1_TIME -.El -.Pp -.Fn d2i_ASN1_UINTEGER -is similar to -.Fn d2i_ASN1_INTEGER -except that it ignores the sign bit in the BER encoding and treats -all integers as positive. -It helps to process BER input produced by broken software -that neglects adding a leading NUL content byte where required. -.Sh RETURN VALUES -The -.Fn d2i_* -decoding functions return an -.Vt ASN1_STRING -object or -.Dv NULL -if an error occurs. -.Pp -The -.Fn i2d_* -encoding functions return the number of bytes successfully encoded -or a negative value if an error occurs. -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr ASN1_STRING_new 3 -.Sh STANDARDS -ITU-T Recommendation X.680, also known as ISO/IEC 8824-1: -Information technology - Abstract Syntax Notation One (ASN.1): -Specification of basic notation -.Pp -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile -.Sh HISTORY -.Fn d2i_ASN1_OCTET_STRING , -.Fn i2d_ASN1_OCTET_STRING , -.Fn d2i_ASN1_BIT_STRING , -.Fn i2d_ASN1_BIT_STRING , -.Fn d2i_ASN1_INTEGER , -.Fn i2d_ASN1_INTEGER , -.Fn d2i_ASN1_IA5STRING , -.Fn i2d_ASN1_IA5STRING , -.Fn d2i_ASN1_T61STRING , -.Fn i2d_ASN1_T61STRING , -.Fn d2i_ASN1_PRINTABLESTRING , -.Fn i2d_ASN1_PRINTABLESTRING , -.Fn d2i_ASN1_PRINTABLE , -.Fn i2d_ASN1_PRINTABLE , -.Fn d2i_ASN1_UTCTIME , -and -.Fn i2d_ASN1_UTCTIME -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . -.Pp -.Fn d2i_ASN1_BMPSTRING -and -.Fn i2d_ASN1_BMPSTRING -first appeared in SSLeay 0.9.1. -.Fn d2i_ASN1_ENUMERATED , -.Fn i2d_ASN1_ENUMERATED , -.Fn d2i_ASN1_GENERALIZEDTIME , -.Fn i2d_ASN1_GENERALIZEDTIME , -.Fn d2i_ASN1_TIME , -and -.Fn i2d_ASN1_TIME -first appeared in OpenSSL 0.9.2b. -.Fn d2i_ASN1_UINTEGER , -.Fn d2i_ASN1_UTF8STRING , -.Fn i2d_ASN1_UTF8STRING , -.Fn d2i_ASN1_VISIBLESTRING , -.Fn i2d_ASN1_VISIBLESTRING , -.Fn d2i_DIRECTORYSTRING , -.Fn i2d_DIRECTORYSTRING , -.Fn d2i_DISPLAYTEXT -and -.Fn i2d_DISPLAYTEXT -first appeared in OpenSSL 0.9.3. -These functions have been available since -.Ox 2.6 . -.Pp -.Fn d2i_ASN1_UNIVERSALSTRING , -.Fn i2d_ASN1_UNIVERSALSTRING , -.Fn d2i_ASN1_GENERALSTRING , -and -.Fn i2d_ASN1_GENERALSTRING -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . -.Sh CAVEATS -Other implementations may accept or emit invalid DER encodings of -GeneralizedTime and UTCTime. -Portable applications should use -.Fn ASN1_STRING_length -to double check whether a given GeneralizedTime or UTCTime object is at least -15 or 13 bytes, respectively. diff --git a/src/lib/libcrypto/man/d2i_ASN1_SEQUENCE_ANY.3 b/src/lib/libcrypto/man/d2i_ASN1_SEQUENCE_ANY.3 deleted file mode 100644 index 654f0b1e6b..0000000000 --- a/src/lib/libcrypto/man/d2i_ASN1_SEQUENCE_ANY.3 +++ /dev/null @@ -1,98 +0,0 @@ -.\" $OpenBSD: d2i_ASN1_SEQUENCE_ANY.3,v 1.3 2021/12/09 19:05:09 schwarze Exp $ -.\" -.\" Copyright (c) 2017, 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: December 9 2021 $ -.Dt D2I_ASN1_SEQUENCE_ANY 3 -.Os -.Sh NAME -.Nm d2i_ASN1_SEQUENCE_ANY , -.Nm i2d_ASN1_SEQUENCE_ANY , -.Nm d2i_ASN1_SET_ANY , -.Nm i2d_ASN1_SET_ANY -.Nd decode and encode ASN.1 sequences and sets -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft ASN1_SEQUENCE_ANY * -.Fo d2i_ASN1_SEQUENCE_ANY -.Fa "ASN1_SEQUENCE_ANY **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ASN1_SEQUENCE_ANY -.Fa "const ASN1_SEQUENCE_ANY *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft ASN1_SEQUENCE_ANY * -.Fo d2i_ASN1_SET_ANY -.Fa "ASN1_SEQUENCE_ANY **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ASN1_SET_ANY -.Fa "const ASN1_SEQUENCE_ANY *val_in" -.Fa "unsigned char **der_out" -.Fc -.Sh DESCRIPTION -These functions decode and encode ASN.1 sequences and sets, -which are also represented by the -.Dv V_ASN1_SEQUENCE -and -.Dv V_ASN1_SET -type identifier constants, respectively. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -The type -.Vt ASN1_SEQUENCE_ANY -is defined as -.Vt STACK_OF(ASN1_TYPE) . -Whether such an object represents a sequence or a set is not stored -in the object itself but needs to be remembered separately. -.Pp -Like for -.Xr d2i_ASN1_TYPE 3 -and -.Xr i2d_ASN1_TYPE 3 , -the type of the individual values contained in the sequence or set -is not specified when calling the functions. -It might vary among the members, and it is stored together with -each value in each -.Vt ASN1_TYPE -object contained in the sequence or set. -.Sh RETURN VALUES -.Fn d2i_ASN1_SEQUENCE_ANY -returns an -.Vt ASN1_SEQUENCE_ANY -object or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_ASN1_SEQUENCE_ANY -returns the number of bytes written or a negative value if an error -occurs. -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr ASN1_TYPE_new 3 -.Sh HISTORY -.Fn d2i_ASN1_SEQUENCE_ANY , -.Fn i2d_ASN1_SEQUENCE_ANY , -.Fn d2i_ASN1_SET_ANY , -and -.Fn i2d_ASN1_SET_ANY -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/d2i_AUTHORITY_KEYID.3 b/src/lib/libcrypto/man/d2i_AUTHORITY_KEYID.3 deleted file mode 100644 index 413f41e179..0000000000 --- a/src/lib/libcrypto/man/d2i_AUTHORITY_KEYID.3 +++ /dev/null @@ -1,75 +0,0 @@ -.\" $OpenBSD: d2i_AUTHORITY_KEYID.3,v 1.2 2018/03/21 16:09:51 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 21 2018 $ -.Dt D2I_AUTHORITY_KEYID 3 -.Os -.Sh NAME -.Nm d2i_AUTHORITY_KEYID , -.Nm i2d_AUTHORITY_KEYID -.Nd decode and encode X.509 authority key identifiers -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft AUTHORITY_KEYID * -.Fo d2i_AUTHORITY_KEYID -.Fa "AUTHORITY_KEYID **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_AUTHORITY_KEYID -.Fa "AUTHORITY_KEYID *val_in" -.Fa "unsigned char **der_out" -.Fc -.Sh DESCRIPTION -.Fn d2i_AUTHORITY_KEYID -and -.Fn i2d_AUTHORITY_KEYID -decode and encode an ASN.1 -.Vt AuthorityKeyIdentifier -structure defined in RFC 5280 section 4.2.1.1. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Sh RETURN VALUES -.Fn d2i_AUTHORITY_KEYID -returns an -.Vt AUTHORITY_KEYID -object or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_AUTHORITY_KEYID -returns the number of bytes successfully encoded or a negative value -if an error occurs. -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr AUTHORITY_KEYID_new 3 , -.Xr X509_EXTENSION_new 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile: -.Bl -dash -compact -.It -section 4.2.1.1: Certificate Extensions: Authority Key Identifier -.It -section 5.2.1: CRL Extensions: Authority Key Identifier -.El -.Sh HISTORY -.Fn d2i_AUTHORITY_KEYID -and -.Fn i2d_AUTHORITY_KEYID -first appeared in OpenSSL 0.9.2b and have been available since -.Ox 2.6 . diff --git a/src/lib/libcrypto/man/d2i_BASIC_CONSTRAINTS.3 b/src/lib/libcrypto/man/d2i_BASIC_CONSTRAINTS.3 deleted file mode 100644 index 2964a1f90e..0000000000 --- a/src/lib/libcrypto/man/d2i_BASIC_CONSTRAINTS.3 +++ /dev/null @@ -1,106 +0,0 @@ -.\" $OpenBSD: d2i_BASIC_CONSTRAINTS.3,v 1.3 2018/03/22 21:08:22 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 22 2018 $ -.Dt D2I_BASIC_CONSTRAINTS 3 -.Os -.Sh NAME -.Nm d2i_BASIC_CONSTRAINTS , -.Nm i2d_BASIC_CONSTRAINTS , -.Nm d2i_EXTENDED_KEY_USAGE , -.Nm i2d_EXTENDED_KEY_USAGE -.Nd decode and encode X.509 key usage purposes -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft BASIC_CONSTRAINTS * -.Fo d2i_BASIC_CONSTRAINTS -.Fa "BASIC_CONSTRAINTS **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_BASIC_CONSTRAINTS -.Fa "BASIC_CONSTRAINTS *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft EXTENDED_KEY_USAGE * -.Fo d2i_EXTENDED_KEY_USAGE -.Fa "EXTENDED_KEY_USAGE **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_EXTENDED_KEY_USAGE -.Fa "EXTENDED_KEY_USAGE *val_in" -.Fa "unsigned char **der_out" -.Fc -.Sh DESCRIPTION -These functions decode and encode data structures describing the -intended purposes that the key contained in an X.509 certificate -is to be used for. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -.Fn d2i_BASIC_CONSTRAINTS -and -.Fn i2d_BASIC_CONSTRAINTS -decode and encode an ASN.1 -.Vt BasicConstraints -structure defined in RFC 5280 section 4.2.1.9. -.Pp -.Fn d2i_EXTENDED_KEY_USAGE -and -.Fn i2d_EXTENDED_KEY_USAGE -decode and encode an ASN.1 -.Vt ExtKeyUsageSyntax -structure defined in RFC 5280 section 4.2.1.12. -.Sh RETURN VALUES -.Fn d2i_BASIC_CONSTRAINTS -and -.Fn d2i_EXTENDED_KEY_USAGE -return a -.Vt BASIC_CONSTRAINTS -or -.Vt EXTENDED_KEY_USAGE -object, respectively, or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_BASIC_CONSTRAINTS -and -.Fn i2d_EXTENDED_KEY_USAGE -return the number of bytes successfully encoded or a negative value -if an error occurs. -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr BASIC_CONSTRAINTS_new 3 , -.Xr EXTENDED_KEY_USAGE_new 3 , -.Xr X509_EXTENSION_new 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile -.Sh HISTORY -.Fn d2i_BASIC_CONSTRAINTS -and -.Fn i2d_BASIC_CONSTRAINTS -first appeared in OpenSSL 0.9.2b and have been available since -.Ox 2.6 . -.Pp -.Fn d2i_EXTENDED_KEY_USAGE -and -.Fn i2d_EXTENDED_KEY_USAGE -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/d2i_CMS_ContentInfo.3 b/src/lib/libcrypto/man/d2i_CMS_ContentInfo.3 deleted file mode 100644 index 0c61047c42..0000000000 --- a/src/lib/libcrypto/man/d2i_CMS_ContentInfo.3 +++ /dev/null @@ -1,128 +0,0 @@ -.\" $OpenBSD: d2i_CMS_ContentInfo.3,v 1.3 2019/11/02 15:39:46 schwarze Exp $ -.\" Copyright (c) 2019 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: November 2 2019 $ -.Dt D2I_CMS_CONTENTINFO 3 -.Os -.Sh NAME -.Nm d2i_CMS_ContentInfo , -.Nm i2d_CMS_ContentInfo , -.Nm d2i_CMS_bio , -.Nm i2d_CMS_bio , -.Nm d2i_CMS_ReceiptRequest , -.Nm i2d_CMS_ReceiptRequest -.Nd decode and encode Cryptographic Message Syntax data -.Sh SYNOPSIS -.In openssl/cms.h -.Ft CMS_ContentInfo * -.Fo d2i_CMS_ContentInfo -.Fa "CMS_ContentInfo **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_CMS_ContentInfo -.Fa "CMS_ContentInfo *val_in" -.Fa "unsigned char **out" -.Fc -.Ft CMS_ContentInfo * -.Fo d2i_CMS_bio -.Fa "BIO *in_bio" -.Fa "CMS_ContentInfo **val_out" -.Fc -.Ft int -.Fo i2d_CMS_bio -.Fa "BIO *out_bio" -.Fa "CMS_ContentInfo *val_in" -.Fc -.Ft CMS_ReceiptRequest * -.Fo d2i_CMS_ReceiptRequest -.Fa "CMS_ReceiptRequest **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_CMS_ReceiptRequest -.Fa "CMS_ReceiptRequest *val_in" -.Fa "unsigned char **out" -.Fc -.Sh DESCRIPTION -These functions decode and encode Cryptographic Message Syntax -data structures. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -.Fn d2i_CMS_ContentInfo -and -.Fn i2d_CMS_ContentInfo -decode and encode a -.Vt CMS_ContentInfo -structure defined in RFC 5652 section 3. -.Fn d2i_CMS_bio -and -.Fn i2d_CMS_bio -are similar except that they decode or encode using a -.Vt BIO -pointer. -.Pp -.Fn d2i_CMS_ReceiptRequest -and -.Fn i2d_CMS_ReceiptRequest -decode and encode a -.Vt CMS_ReceiptRequest -structure defined in RFC 2634 section 2.7. -.Sh RETURN VALUES -.Fn d2i_CMS_ContentInfo -and -.Fn d2i_CMS_bio -return a valid -.Vt CMS_ContentInfo -structure or -.Dv NULL -if an error occurs. -.Pp -.Fn d2i_CMS_ReceiptRequest -returns a valid -.Vt CMS_ReceiptRequest -structure or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_CMS_ContentInfo -and -.Fn i2d_CMS_ReceiptRequest -return the number of bytes successfully encoded -or a negative value if an error occurs. -.Pp -.Fn i2d_CMS_bio -returns 1 for success or 0 if an error occurs. -.Pp -For all functions, the error code can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr CMS_ContentInfo_new 3 , -.Xr CMS_get0_type 3 , -.Xr CMS_ReceiptRequest_create0 3 , -.Xr i2d_CMS_bio_stream 3 -.Sh STANDARDS -RFC 5652: Cryptographic Message Syntax, section 3: General Syntax -.Pp -RFC 2634: Enhanced Security Services for S/MIME, -section 2.7: Receipt Request Syntax -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.8h -and have been available since -.Ox 6.7 . diff --git a/src/lib/libcrypto/man/d2i_DHparams.3 b/src/lib/libcrypto/man/d2i_DHparams.3 deleted file mode 100644 index 7fd9878dc0..0000000000 --- a/src/lib/libcrypto/man/d2i_DHparams.3 +++ /dev/null @@ -1,99 +0,0 @@ -.\" $OpenBSD: d2i_DHparams.3,v 1.8 2018/03/27 17:35:50 schwarze Exp $ -.\" full merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800 -.\" -.\" This file was written by Ulf Moeller and -.\" Dr. Stephen Henson . -.\" Copyright (c) 2000, 2002, 2015, 2017 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 27 2018 $ -.Dt D2I_DHPARAMS 3 -.Os -.Sh NAME -.Nm d2i_DHparams , -.Nm i2d_DHparams -.Nd PKCS#3 DH parameter functions -.Sh SYNOPSIS -.In openssl/dh.h -.Ft DH * -.Fo d2i_DHparams -.Fa "DH **a" -.Fa "unsigned char **pp" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_DHparams -.Fa "DH *a" -.Fa "unsigned char **pp" -.Fc -.Sh DESCRIPTION -These functions decode and encode PKCS#3 DH parameters using the -DHparameter structure described in PKCS#3. -They otherwise behave in a way similar to -.Xr d2i_X509 3 -and -.Xr i2d_X509 3 . -.Sh RETURN VALUES -.Fn d2i_DHparams -returns a -.Vt DH -object or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_DHparams -returns the number of bytes successfully encoded or a value <= 0 -if an error occurs. -.Sh SEE ALSO -.Xr d2i_X509 3 , -.Xr DH_new 3 -.Sh HISTORY -.Fn d2i_DHparams -and -.Fn i2d_DHparams -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/d2i_DIST_POINT.3 b/src/lib/libcrypto/man/d2i_DIST_POINT.3 deleted file mode 100644 index 34bdb26fb4..0000000000 --- a/src/lib/libcrypto/man/d2i_DIST_POINT.3 +++ /dev/null @@ -1,201 +0,0 @@ -.\" $OpenBSD: d2i_DIST_POINT.3,v 1.4 2018/03/23 04:34:23 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 23 2018 $ -.Dt D2I_DIST_POINT 3 -.Os -.Sh NAME -.Nm d2i_DIST_POINT , -.Nm i2d_DIST_POINT , -.Nm d2i_CRL_DIST_POINTS , -.Nm i2d_CRL_DIST_POINTS , -.Nm d2i_DIST_POINT_NAME , -.Nm i2d_DIST_POINT_NAME , -.Nm d2i_ISSUING_DIST_POINT , -.Nm i2d_ISSUING_DIST_POINT , -.Nm d2i_ACCESS_DESCRIPTION , -.Nm i2d_ACCESS_DESCRIPTION , -.Nm d2i_AUTHORITY_INFO_ACCESS , -.Nm i2d_AUTHORITY_INFO_ACCESS -.Nd decode and encode X.509 data access extensions -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft DIST_POINT * -.Fo d2i_DIST_POINT -.Fa "DIST_POINT_NAME **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_DIST_POINT -.Fa "DIST_POINT *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft CRL_DIST_POINTS * -.Fo d2i_CRL_DIST_POINTS -.Fa "CRL_DIST_POINTS_NAME **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_CRL_DIST_POINTS -.Fa "CRL_DIST_POINTS *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft DIST_POINT_NAME * -.Fo d2i_DIST_POINT_NAME -.Fa "DIST_POINT_NAME_NAME **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_DIST_POINT_NAME -.Fa "DIST_POINT_NAME *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft ISSUING_DIST_POINT * -.Fo d2i_ISSUING_DIST_POINT -.Fa "ISSUING_DIST_POINT_NAME **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ISSUING_DIST_POINT -.Fa "ISSUING_DIST_POINT *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft ACCESS_DESCRIPTION * -.Fo d2i_ACCESS_DESCRIPTION -.Fa "ACCESS_DESCRIPTION_NAME **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ACCESS_DESCRIPTION -.Fa "ACCESS_DESCRIPTION *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft AUTHORITY_INFO_ACCESS * -.Fo d2i_AUTHORITY_INFO_ACCESS -.Fa "AUTHORITY_INFO_ACCESS_NAME **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_AUTHORITY_INFO_ACCESS -.Fa "AUTHORITY_INFO_ACCESS *val_in" -.Fa "unsigned char **der_out" -.Fc -.Sh DESCRIPTION -These functions decode and encode X.509 extensions that communicate -where to retrieve additional information online. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -.Fn d2i_DIST_POINT -and -.Fn i2d_DIST_POINT -decode and encode an ASN.1 -.Vt DistributionPoint -structure defined in RFC 5280 section 4.2.1.13. -.Pp -.Fn d2i_CRL_DIST_POINTS -and -.Fn i2d_CRL_DIST_POINTS -decode and encode an ASN.1 -.Vt CRLDistributionPoints -structure defined in RFC 5280 section 4.2.1.13. -.Pp -.Fn d2i_DIST_POINT_NAME -and -.Fn i2d_DIST_POINT_NAME -decode and encode an ASN.1 -.Vt DistributionPointName -structure defined in RFC 5280 section 4.2.1.13. -.Pp -.Fn d2i_ISSUING_DIST_POINT -and -.Fn i2d_ISSUING_DIST_POINT -decode and encode an ASN.1 -.Vt IssuingDistributionPoint -structure defined in RFC 5280 section 5.2.5. -.Pp -.Fn d2i_ACCESS_DESCRIPTION -and -.Fn i2d_ACCESS_DESCRIPTION -decode and encode an ASN.1 -.Vt AccessDescription -structure defined in RFC 5280 section 4.2.2.1. -.Pp -.Fn d2i_AUTHORITY_INFO_ACCESS -and -.Fn i2d_AUTHORITY_INFO_ACCESS -decode and encode an ASN.1 -.Vt AuthorityInfoAccessSyntax -structure defined in RFC 5280 section 4.2.2.1. -.Sh RETURN VALUES -.Fn d2i_DIST_POINT , -.Fn d2i_CRL_DIST_POINTS , -.Fn d2i_DIST_POINT_NAME , -.Fn d2i_ISSUING_DIST_POINT , -.Fn d2i_ACCESS_DESCRIPTION , -and -.Fn d2i_AUTHORITY_INFO_ACCESS -return an object of the respective type or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_DIST_POINT , -.Fn i2d_CRL_DIST_POINTS , -.Fn i2d_DIST_POINT_NAME , -.Fn i2d_ISSUING_DIST_POINT , -.Fn i2d_ACCESS_DESCRIPTION , -and -.Fn i2d_AUTHORITY_INFO_ACCESS -return the number of bytes successfully encoded or a negative value -if an error occurs. -.Sh SEE ALSO -.Xr ACCESS_DESCRIPTION_new 3 , -.Xr ASN1_item_d2i 3 , -.Xr DIST_POINT_new 3 , -.Xr X509_EXTENSION_new 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile -.Sh HISTORY -.Fn d2i_DIST_POINT , -.Fn i2d_DIST_POINT , -.Fn d2i_CRL_DIST_POINTS , -.Fn i2d_CRL_DIST_POINTS , -.Fn d2i_DIST_POINT_NAME , -and -.Fn i2d_DIST_POINT_NAME -first appeared in OpenSSL 0.9.3 and have been available since -.Ox 2.6 . -.Pp -.Fn d2i_ACCESS_DESCRIPTION , -.Fn i2d_ACCESS_DESCRIPTION , -.Fn d2i_AUTHORITY_INFO_ACCESS , -and -.Fn i2d_AUTHORITY_INFO_ACCESS -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . -.Pp -.Fn d2i_ISSUING_DIST_POINT -and -.Fn i2d_ISSUING_DIST_POINT -first appeared in OpenSSL 1.0.0 and have been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/d2i_DSAPublicKey.3 b/src/lib/libcrypto/man/d2i_DSAPublicKey.3 deleted file mode 100644 index 37ef22e1b9..0000000000 --- a/src/lib/libcrypto/man/d2i_DSAPublicKey.3 +++ /dev/null @@ -1,412 +0,0 @@ -.\" $OpenBSD: d2i_DSAPublicKey.3,v 1.14 2018/08/26 17:03:32 tb Exp $ -.\" OpenSSL bb9ad09e Jun 6 00:43:05 2016 -0400 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2002, 2003, 2013, 2015, 2016 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: August 26 2018 $ -.Dt D2I_DSAPUBLICKEY 3 -.Os -.Sh NAME -.Nm d2i_DSAPublicKey , -.Nm i2d_DSAPublicKey , -.Nm d2i_DSA_PUBKEY , -.Nm i2d_DSA_PUBKEY , -.Nm d2i_DSA_PUBKEY_bio , -.Nm d2i_DSA_PUBKEY_fp , -.Nm i2d_DSA_PUBKEY_bio , -.Nm i2d_DSA_PUBKEY_fp , -.Nm d2i_DSAPrivateKey , -.Nm i2d_DSAPrivateKey , -.Nm d2i_DSAPrivateKey_bio , -.Nm d2i_DSAPrivateKey_fp , -.Nm i2d_DSAPrivateKey_bio , -.Nm i2d_DSAPrivateKey_fp , -.Nm d2i_DSAparams , -.Nm i2d_DSAparams , -.Nm d2i_DSAparams_bio , -.Nm i2d_DSAparams_bio , -.Nm d2i_DSAparams_fp , -.Nm i2d_DSAparams_fp , -.Nm DSAparams_dup , -.Nm d2i_DSA_SIG , -.Nm i2d_DSA_SIG -.Nd decode and encode DSA keys -.Sh SYNOPSIS -.In openssl/dsa.h -.Ft DSA * -.Fo d2i_DSAPublicKey -.Fa "DSA **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_DSAPublicKey -.Fa "const DSA *val_in" -.Fa "unsigned char **der_out" -.Fc -.In openssl/x509.h -.Ft DSA * -.Fo d2i_DSA_PUBKEY -.Fa "DSA **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_DSA_PUBKEY -.Fa "const DSA *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft DSA * -.Fo d2i_DSA_PUBKEY_bio -.Fa "BIO *in_bio" -.Fa "DSA **val_out" -.Fc -.Ft DSA * -.Fo d2i_DSA_PUBKEY_fp -.Fa "FILE *in_fp" -.Fa "DSA **val_out" -.Fc -.Ft int -.Fo i2d_DSA_PUBKEY_bio -.Fa "BIO *out_bio" -.Fa "DSA *val_in" -.Fc -.Ft int -.Fo i2d_DSA_PUBKEY_fp -.Fa "FILE *out_fp" -.Fa "DSA *val_in" -.Fc -.In openssl/dsa.h -.Ft DSA * -.Fo d2i_DSAPrivateKey -.Fa "DSA **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_DSAPrivateKey -.Fa "const DSA *val_in" -.Fa "unsigned char **der_out" -.Fc -.In openssl/x509.h -.Ft DSA * -.Fo d2i_DSAPrivateKey_bio -.Fa "BIO *in_bio" -.Fa "DSA **val_out" -.Fc -.Ft DSA * -.Fo d2i_DSAPrivateKey_fp -.Fa "FILE *in_fp" -.Fa "DSA **val_out" -.Fc -.Ft int -.Fo i2d_DSAPrivateKey_bio -.Fa "BIO *out_bio" -.Fa "DSA *val_in" -.Fc -.Ft int -.Fo i2d_DSAPrivateKey_fp -.Fa "FILE *out_fp" -.Fa "DSA *val_in" -.Fc -.In openssl/dsa.h -.Ft DSA * -.Fo d2i_DSAparams -.Fa "DSA **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_DSAparams -.Fa "const DSA *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft DSA * -.Fo d2i_DSAparams_bio -.Fa "BIO *in_bio" -.Fa "DSA **val_out" -.Fc -.Ft int -.Fo i2d_DSAparams_bio -.Fa "BIO *out_bio" -.Fa "DSA *val_in" -.Fc -.Ft DSA * -.Fo d2i_DSAparams_fp -.Fa "FILE *in_fp" -.Fa "DSA **val_out" -.Fc -.Ft int -.Fo i2d_DSAparams_fp -.Fa FILE *out_fp -.Fa "DSA *val_in" -.Fc -.Ft DSA * -.Fo DSAparams_dup -.Fa "DSA *val_in" -.Fc -.Ft DSA_SIG * -.Fo d2i_DSA_SIG -.Fa "DSA_SIG **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_DSA_SIG -.Fa "const DSA_SIG *val_in" -.Fa "unsigned char **der_out" -.Fc -.Sh DESCRIPTION -These functions decode and encode DSA keys and parameters. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -.Fn d2i_DSAPublicKey -and -.Fn i2d_DSAPublicKey -decode and encode the DSA public key components using a non-standard -format, so consider using -.Fn d2i_DSA_PUBKEY -and -.Fn i2d_DSA_PUBKEY -instead. -The actual data encoded depends on the value of -.Fa val_in->write_params . -If -.Fa val_in->write_params -is zero, only the -.Fa val_in->pub_key -field is encoded as an ASN.1 INTEGER. -If -.Fa val_in->write_params -is 1, then a SEQUENCE consisting of the -.Fa val_in->p , -.Fa val_in->q , -.Fa val_in->g , -and -.Fa val_in->pub_key -fields is encoded. -.Pp -.Fn d2i_DSA_PUBKEY -and -.Fn i2d_DSA_PUBKEY -decode and encode a DSA public key using an ASN.1 -.Vt SubjectPublicKeyInfo -structure defined in RFC 5280 section 4.1 -and documented in -.Xr X509_PUBKEY_new 3 . -.Fn d2i_DSA_PUBKEY_bio , -.Fn d2i_DSA_PUBKEY_fp , -.Fn i2d_DSA_PUBKEY_bio , -and -.Fn i2d_DSA_PUBKEY_fp -are similar except that they decode or encode using a -.Vt BIO -or -.Vt FILE -pointer. -.Pp -.Fn d2i_DSAPrivateKey -and -.Fn i2d_DSAPrivateKey -decode and encode the DSA private key components. -The -.Vt DSA -object passed to the private key encoding functions should have all -the private key components present. -These functions use a non-standard structure consisting of a -SEQUENCE containing the -.Fa val_in->p , -.Fa val_in->q , -.Fa val_in->g , -.Fa val_in->pub_key , -and -.Fa val_in->priv_key -fields. -This data format is unencrypted. -For private key security when writing private keys to files, -consider using -.Xr PEM_write_DSAPrivateKey 3 -instead. -.Fn d2i_DSAPrivateKey_bio , -.Fn d2i_DSAPrivateKey_fp , -.Fn i2d_DSAPrivateKey_bio , -and -.Fn i2d_DSAPrivateKey_fp -are similar except that they decode or encode using a -.Vt BIO -or -.Vt FILE -pointer. -.Pp -.Fn d2i_DSAparams -and -.Fn i2d_DSAparams -decode and encode the DSA parameters using an ASN.1 -.Vt Dss-Parms -structure defined in RFC 3279 section 2.3.2 -and used for the parameters field of the ASN.1 -.Vt AlgorithmIdentifier -structure defined in RFC 5280 section 4.1.1.2. -.Fn d2i_DSAparams_bio , -.Fn i2d_DSAparams_bio , -.Fn d2i_DSAparams_fp , -.Fn i2d_DSAparams_fp -are similar except that they decode or encode using a -.Vt BIO -or -.Vt FILE -pointer. -.Pp -.Fn DSAparams_dup -allocates and initializes an empty -.Vt DSA -object and copies the DSA parameters from -.Fa val_in -to it by calling -.Fn i2d_DSAparams -and -.Fn d2i_DSAparams . -If a private or public key are present in -.Fa val_in , -they are not copied. -.Pp -.Fn d2i_DSA_SIG -and -.Fn i2d_DSA_SIG -decode and encode a DSA signature using an ASN.1 -.Vt Dss-Sig-Value -structure as defined in RFC 3279 section 2.2.2 -and used for the signatureValue field of the ASN.1 -.Vt Certificate -structure described in RFC 5280 sections 4.1.1.3 and 5.1.1.3. -.Sh RETURN VALUES -.Fn d2i_DSAPublicKey , -.Fn d2i_DSA_PUBKEY , -.Fn d2i_DSA_PUBKEY_bio , -.Fn d2i_DSA_PUBKEY_fp , -.Fn d2i_DSAPrivateKey , -.Fn d2i_DSAPrivateKey_bio , -.Fn d2i_DSAPrivateKey_fp , -.Fn d2i_DSAparams , -.Fn d2i_DSAparams_bio , -.Fn d2i_DSAparams_fp , -and -.Fn DSAparams_dup -return a valid -.Vt DSA -object or -.Dv NULL -if an error occurs. -.Pp -.Fn d2i_DSA_SIG -returns a valid -.Vt DSA_SIG -object or -.Dv NULL -if an error occurs. -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr DSA_new 3 , -.Xr DSA_SIG_new 3 , -.Xr EVP_PKEY_set1_DSA 3 , -.Xr PEM_write_DSAPrivateKey 3 , -.Xr X509_PUBKEY_new 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile, -section 4.1: Basic Certificate Fields -.Pp -RFC 3279: Algorithms and Identifiers for the Internet X.509 Public -Key Infrastructure Certificate and Certificate Revocation List (CRL) -Profile: -.Bl -dash -compact -.It -section 2.2.2: DSA Signature Algorithm -.It -section 2.3.2: DSA Signature Keys -.El -.Sh HISTORY -.Fn d2i_DSAPublicKey , -.Fn i2d_DSAPublicKey , -.Fn d2i_DSAPrivateKey , -and -.Fn i2d_DSAPrivateKey -first appeared in SSLeay 0.6.0. -.Fn d2i_DSAPrivateKey_bio , -.Fn d2i_DSAPrivateKey_fp , -.Fn i2d_DSAPrivateKey_bio , -.Fn i2d_DSAPrivateKey_fp , -.Fn d2i_DSAparams , -.Fn i2d_DSAparams , -.Fn d2i_DSAparams_bio , -.Fn i2d_DSAparams_bio , -.Fn d2i_DSAparams_fp , -.Fn i2d_DSAparams_fp , -and -.Fn DSAparams_dup -first appeared in SSLeay 0.8.0. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn d2i_DSA_SIG -and -.Fn i2d_DSA_SIG -first appeared in OpenSSL 0.9.3 and have been available since -.Ox 2.6 . -.Pp -.Fn d2i_DSA_PUBKEY , -.Fn i2d_DSA_PUBKEY , -.Fn d2i_DSA_PUBKEY_bio , -.Fn d2i_DSA_PUBKEY_fp , -.Fn i2d_DSA_PUBKEY_bio , -and -.Fn i2d_DSA_PUBKEY_fp -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . diff --git a/src/lib/libcrypto/man/d2i_ECPKParameters.3 b/src/lib/libcrypto/man/d2i_ECPKParameters.3 deleted file mode 100644 index c4ede82f3b..0000000000 --- a/src/lib/libcrypto/man/d2i_ECPKParameters.3 +++ /dev/null @@ -1,467 +0,0 @@ -.\" $OpenBSD: d2i_ECPKParameters.3,v 1.13 2024/10/24 21:42:10 tb Exp $ -.\" OpenSSL 05ea606a May 20 20:52:46 2016 -0400 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Matt Caswell . -.\" Copyright (c) 2013, 2015 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: October 24 2024 $ -.Dt D2I_ECPKPARAMETERS 3 -.Os -.Sh NAME -.Nm d2i_ECPKParameters , -.Nm i2d_ECPKParameters , -.Nm d2i_ECPKParameters_bio , -.Nm i2d_ECPKParameters_bio , -.Nm d2i_ECPKParameters_fp , -.Nm i2d_ECPKParameters_fp , -.Nm d2i_ECParameters , -.Nm i2d_ECParameters , -.Nm ECParameters_dup , -.Nm d2i_ECPrivateKey , -.Nm i2d_ECPrivateKey , -.Nm d2i_ECPrivateKey_bio , -.Nm i2d_ECPrivateKey_bio , -.Nm d2i_ECPrivateKey_fp , -.Nm i2d_ECPrivateKey_fp , -.Nm o2i_ECPublicKey , -.Nm i2o_ECPublicKey , -.Nm ECPKParameters_print , -.Nm ECPKParameters_print_fp , -.Nm ECParameters_print , -.Nm ECParameters_print_fp , -.Nm d2i_EC_PUBKEY , -.Nm i2d_EC_PUBKEY , -.Nm d2i_EC_PUBKEY_bio , -.Nm i2d_EC_PUBKEY_bio , -.Nm d2i_EC_PUBKEY_fp , -.Nm i2d_EC_PUBKEY_fp -.Nd decode and encode ASN.1 representations of elliptic curve entities -.Sh SYNOPSIS -.In openssl/ec.h -.Ft EC_GROUP * -.Fo d2i_ECPKParameters -.Fa "EC_GROUP **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ECPKParameters -.Fa "const EC_GROUP *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft EC_GROUP * -.Fo d2i_ECPKParameters_bio -.Fa "BIO *in_bio" -.Fa "EC_GROUP **val_out" -.Fc -.Ft int -.Fo i2d_ECPKParameters_bio -.Fa "BIO *out_bio" -.Fa "EC_GROUP *val_in" -.Fc -.Ft EC_GROUP * -.Fo d2i_ECPKParameters_fp -.Fa "FILE *in_fp" -.Fa "EC_GROUP **val_out" -.Fc -.Ft int -.Fo i2d_ECPKParameters_fp -.Fa "FILE *out_fp" -.Fa "EC_GROUP *val_in" -.Fc -.Ft EC_KEY * -.Fo d2i_ECParameters -.Fa "EC_KEY **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ECParameters -.Fa "EC_KEY *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft EC_KEY * -.Fo ECParameters_dup -.Fa "EC_KEY *val_in" -.Fc -.Ft EC_KEY * -.Fo d2i_ECPrivateKey -.Fa "EC_KEY **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ECPrivateKey -.Fa "EC_KEY *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft EC_KEY * -.Fo d2i_ECPrivateKey_bio -.Fa "BIO *in_bio" -.Fa "EC_KEY **val_out" -.Fc -.Ft int -.Fo i2d_ECPrivateKey_bio -.Fa "BIO *out_bio" -.Fa "EC_KEY *val_in" -.Fc -.Ft EC_KEY * -.Fo d2i_ECPrivateKey_fp -.Fa "FILE *in_fp" -.Fa "EC_KEY **val_out" -.Fc -.Ft int -.Fo i2d_ECPrivateKey_fp -.Fa "FILE *out_fp" -.Fa "EC_KEY *val_in" -.Fc -.Ft EC_KEY * -.Fo o2i_ECPublicKey -.Fa "EC_KEY **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2o_ECPublicKey -.Fa "const EC_KEY *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft int -.Fo ECPKParameters_print -.Fa "BIO *out_bio" -.Fa "const EC_GROUP *val_in" -.Fa "int indent" -.Fc -.Ft int -.Fo ECPKParameters_print_fp -.Fa "FILE *out_fp" -.Fa "const EC_GROUP *val_in" -.Fa "int indent" -.Fc -.Ft int -.Fo ECParameters_print -.Fa "BIO *out_bio" -.Fa "const EC_KEY *val_in" -.Fc -.Ft int -.Fo ECParameters_print_fp -.Fa "FILE *out_fp" -.Fa "const EC_KEY *val_in" -.Fc -.In openssl/x509.h -.Ft EC_KEY * -.Fo d2i_EC_PUBKEY -.Fa "EC_KEY **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_EC_PUBKEY -.Fa "EC_KEY *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft EC_KEY * -.Fo d2i_EC_PUBKEY_bio -.Fa "BIO *in_bio" -.Fa "EC_KEY **val_out" -.Fc -.Ft int -.Fo i2d_EC_PUBKEY_bio -.Fa "BIO *out_bio" -.Fa "EC_KEY *val_in" -.Fc -.Ft EC_KEY * -.Fo d2i_EC_PUBKEY_fp -.Fa "FILE *in_fp" -.Fa "EC_KEY **val_out" -.Fc -.Ft int -.Fo i2d_EC_PUBKEY_fp -.Fa "FILE *out_fp" -.Fa "EC_KEY *val_in" -.Fc -.Sh DESCRIPTION -These functions decode and encode elliptic curve keys and parameters. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -.Fn d2i_ECPKParameters -and -.Fn i2d_ECPKParameters -decode and encode the parameters of an elliptic curve. -.Fn d2i_ECPKParameters_bio , -.Fn i2d_ECPKParameters_bio , -.Fn d2i_ECPKParameters_fp , -and -.Fn i2d_ECPKParameters_fp -are similar except that they decode or encode using a -.Vt BIO -or -.Vt FILE -pointer. -These four functions are currently implemented as macros. -.Pp -.Fn d2i_ECParameters -does the same parsing as -.Fn d2i_ECPKParameters -but saves the result in the -.Fa group -field of an -.Vt EC_KEY -structure. -.Pp -.Fn i2d_ECParameters -produces the same output as -.Fn i2d_ECPKParameters -but uses -.Fa val_in->group -for input instead of -.Fa val_in . -.Pp -.Fn ECParameters_dup -allocates and initializes an empty -.Vt EC_KEY -object and copies the EC parameters from -.Fa val_in -to it by calling -.Fn i2d_ECParameters -and -.Fn d2i_ECParameters . -If a private or public key or any flags are present in -.Fa val_in , -they are not copied. -.Pp -.Fn d2i_ECPrivateKey -and -.Fn i2d_ECPrivateKey -decode and encode an EC private key using an ASN.1 -.Vt ECPrivateKey -structure defined in RFC 5915 section 3 and used for the privateKey -field of the ASN.1 -.Vt PrivateKeyInfo -structure defined in RFC 5208 section 5, see -.Xr PKCS8_PRIV_KEY_INFO_new 3 . -.Fn d2i_ECPrivateKey_bio , -.Fn i2d_ECPrivateKey_bio , -.Fn d2i_ECPrivateKey_fp , -and -.Fn i2d_ECPrivateKey_fp -are similar except that they decode or encode using a -.Vt BIO -or -.Vt FILE -pointer. -.Pp -.Fn o2i_ECPublicKey -and -.Fn i2o_ECPublicKey -decode and encode an EC public key. -In contrast to -.Xr ASN1_item_d2i 3 , -.Fn o2i_ECPublicKey -requires -.Fa val_out , -.Pf * Fa val_out , -and -.Po Pf * Fa val_out Pc Ns -> Ns Fa group -to be -.Pf non- Dv NULL . -.Pp -.Fn ECPKParameters_print -and -.Fn ECPKParameters_print_fp -print human-readable output of the public parameters of the -.Vt EC_GROUP -to -.Fa out_bio -or -.Fa out_fp . -The output lines are indented by -.Fa indent -spaces. -.Pp -.Fn ECParameters_print -and -.Fn ECParameters_print_fp -print the parameter components of -.Fa val_in -to -.Fa out_bio -or -.Fa out_fp . -.Pp -.Fn d2i_EC_PUBKEY -and -.Fn i2d_EC_PUBKEY -decode and encode an EC public key using an ASN.1 -.Vt SubjectPublicKeyInfo -structure defined in RFC 5280 section 4.1 and documented in -.Xr X509_PUBKEY_new 3 . -.Fn d2i_EC_PUBKEY_bio , -.Fn i2d_EC_PUBKEY_bio , -.Fn d2i_EC_PUBKEY_fp , -and -.Fn i2d_EC_PUBKEY_fp -are similar except that they decode or encode using a -.Vt BIO -or -.Vt FILE -pointer. -.Sh RETURN VALUES -.Fn d2i_ECPKParameters , -.Fn d2i_ECPKParameters_bio , -and -.Fn d2i_ECPKParameters_fp -return a valid -.Vt EC_GROUP -structure or -.Dv NULL -if an error occurs. -.Pp -.Fn d2i_ECParameters , -.Fn ECParameters_dup , -.Fn d2i_ECPrivateKey , -.Fn d2i_ECPrivateKey_bio , -.Fn d2i_ECPrivateKey_fp , -.Fn o2i_ECPublicKey , -.Fn d2i_EC_PUBKEY , -.Fn d2i_EC_PUBKEY_bio , -and -.Fn d2i_EC_PUBKEY_fp -return a valid -.Vt EC_KEY -structure or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_ECPKParameters , -.Fn i2d_ECParameters , -.Fn i2d_ECPrivateKey , -.Fn i2o_ECPublicKey , -and -.Fn i2d_EC_PUBKEY -return the number of bytes successfully encoded or a negative value if -an error occurs. -.Pp -.Fn i2d_ECPKParameters_bio , -.Fn i2d_ECPKParameters_fp , -.Fn i2d_ECPrivateKey_bio , -.Fn i2d_ECPrivateKey_fp , -.Fn ECPKParameters_print , -.Fn ECPKParameters_print_fp , -.Fn ECParameters_print , -.Fn ECParameters_print_fp , -.Fn i2d_EC_PUBKEY_bio , -and -.Fn i2d_EC_PUBKEY_fp -return 1 for success or 0 if an error occurs. -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr EC_GROUP_copy 3 , -.Xr EC_GROUP_new 3 , -.Xr EC_KEY_new 3 , -.Xr EVP_PKEY_set1_EC_KEY 3 , -.Xr PEM_write_ECPrivateKey 3 , -.Xr PKCS8_PRIV_KEY_INFO_new 3 , -.Xr X509_PUBKEY_new 3 -.Sh STANDARDS -RFC 5915: Elliptic Curve Private Key Structure -.Pp -RFC 5208: Public-Key Cryptography Standards (PKCS) #8: -Private-Key Information Syntax Specification -.Pp -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile, -section 4.1: Basic Certificate Fields -.Sh HISTORY -.Fn d2i_ECPKParameters , -.Fn i2d_ECPKParameters , -.Fn d2i_ECPKParameters_bio , -.Fn i2d_ECPKParameters_bio , -.Fn d2i_ECPKParameters_fP , -.Fn i2d_ECPKParameters_fp , -.Fn d2i_ECParameters , -.Fn i2d_ECParameters , -.Fn ECParameters_dup , -.Fn d2i_ECPrivateKey , -.Fn i2d_ECPrivateKey , -.Fn d2i_ECPrivateKey_bio , -.Fn i2d_ECPrivateKey_bio , -.Fn d2i_ECPrivateKey_fp , -.Fn i2d_ECPrivateKey_fp , -.Fn o2i_ECPublicKey , -.Fn i2o_ECPublicKey , -.Fn ECPKParameters_print , -.Fn ECPKParameters_print_fp , -.Fn ECParameters_print , -.Fn ECParameters_print_fp , -.Fn d2i_EC_PUBKEY , -.Fn i2d_EC_PUBKEY , -.Fn d2i_EC_PUBKEY_bio , -.Fn i2d_EC_PUBKEY_bio , -.Fn d2i_EC_PUBKEY_fp , -and -.Fn i2d_EC_PUBKEY_fp -first appeared in OpenSSL 0.9.8 and have been available since -.Ox 4.5 . diff --git a/src/lib/libcrypto/man/d2i_ESS_SIGNING_CERT.3 b/src/lib/libcrypto/man/d2i_ESS_SIGNING_CERT.3 deleted file mode 100644 index c1d61d3b5e..0000000000 --- a/src/lib/libcrypto/man/d2i_ESS_SIGNING_CERT.3 +++ /dev/null @@ -1,118 +0,0 @@ -.\" $OpenBSD: d2i_ESS_SIGNING_CERT.3,v 1.2 2018/03/23 04:34:23 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 23 2018 $ -.Dt D2I_ESS_SIGNING_CERT 3 -.Os -.Sh NAME -.Nm d2i_ESS_SIGNING_CERT , -.Nm i2d_ESS_SIGNING_CERT , -.Nm d2i_ESS_CERT_ID , -.Nm i2d_ESS_CERT_ID , -.Nm d2i_ESS_ISSUER_SERIAL , -.Nm i2d_ESS_ISSUER_SERIAL -.Nd decode and encode signing certificates for S/MIME -.Sh SYNOPSIS -.In openssl/ts.h -.Ft ESS_SIGNING_CERT * -.Fo d2i_ESS_SIGNING_CERT -.Fa "ESS_SIGNING_CERT **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ESS_SIGNING_CERT -.Fa "const ESS_SIGNING_CERT *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft ESS_CERT_ID * -.Fo d2i_ESS_CERT_ID -.Fa "ESS_CERT_ID **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ESS_CERT_ID -.Fa "const ESS_CERT_ID *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft ESS_ISSUER_SERIAL * -.Fo d2i_ESS_ISSUER_SERIAL -.Fa "ESS_ISSUER_SERIAL **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_ESS_ISSUER_SERIAL -.Fa "const ESS_ISSUER_SERIAL *val_in" -.Fa "unsigned char **der_out" -.Fc -.Sh DESCRIPTION -These functions decode and encode signing certificate attribute -structures. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -.Fn d2i_ESS_SIGNING_CERT -and -.Fn i2d_ESS_SIGNING_CERT -decode and encode an ASN.1 -.Vt SigningCertificate -structure defined in RFC 2634 section 5.4. -.Pp -.Fn d2i_ESS_CERT_ID -and -.Fn i2d_ESS_CERT_ID -decode and encode an ASN.1 -.Vt ESSCertID -structure defined in RFC 2634 section 5.4.1. -.Pp -.Fn d2i_ESS_ISSUER_SERIAL -and -.Fn i2d_ESS_ISSUER_SERIAL -decode and encode an ASN.1 -.Vt IssuerSerial -structure defined in RFC 2634 section 5.4.1. -.Sh RETURN VALUES -.Fn d2i_ESS_SIGNING_CERT , -.Fn d2i_ESS_CERT_ID , -and -.Fn d2i_ESS_ISSUER_SERIAL -return an -.Vt ESS_SIGNING_CERT , -.Vt ESS_CERT_ID , -or -.Vt ESS_ISSUER_SERIAL -object, respectively, or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_ESS_SIGNING_CERT , -.Fn i2d_ESS_CERT_ID , -and -.Fn i2d_ESS_ISSUER_SERIAL -return the number of bytes successfully encoded or a negative value -if an error occurs. -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr ESS_SIGNING_CERT_new 3 -.Sh STANDARDS -RFC 2634: Enhanced Security Services for S/MIME, -section 5: Signing Certificate Attribute -.Sh HISTORY -These functions first appeared in OpenSSL 1.0.0 -and have been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/d2i_GENERAL_NAME.3 b/src/lib/libcrypto/man/d2i_GENERAL_NAME.3 deleted file mode 100644 index bfdcc6c67c..0000000000 --- a/src/lib/libcrypto/man/d2i_GENERAL_NAME.3 +++ /dev/null @@ -1,160 +0,0 @@ -.\" $OpenBSD: d2i_GENERAL_NAME.3,v 1.4 2018/03/22 21:08:22 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 22 2018 $ -.Dt D2I_GENERAL_NAME 3 -.Os -.Sh NAME -.Nm d2i_GENERAL_NAME , -.Nm i2d_GENERAL_NAME , -.Nm d2i_GENERAL_NAMES , -.Nm i2d_GENERAL_NAMES , -.Nm d2i_EDIPARTYNAME , -.Nm i2d_EDIPARTYNAME , -.Nm d2i_OTHERNAME , -.Nm i2d_OTHERNAME -.Nd decode and encode names for use in X.509 extensions -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft GENERAL_NAME * -.Fo d2i_GENERAL_NAME -.Fa "GENERAL_NAME **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_GENERAL_NAME -.Fa "GENERAL_NAME *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft GENERAL_NAMES * -.Fo d2i_GENERAL_NAMES -.Fa "GENERAL_NAMES **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_GENERAL_NAMES -.Fa "GENERAL_NAMES *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft EDIPARTYNAME * -.Fo d2i_EDIPARTYNAME -.Fa "EDIPARTYNAME **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_EDIPARTYNAME -.Fa "EDIPARTYNAME *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft OTHERNAME * -.Fo d2i_OTHERNAME -.Fa "OTHERNAME **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_OTHERNAME -.Fa "OTHERNAME *val_in" -.Fa "unsigned char **der_out" -.Fc -.Sh DESCRIPTION -These functions decode and encode names that can be used in X.509 -extensions. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -.Fn d2i_GENERAL_NAME -and -.Fn i2d_GENERAL_NAME -decode and encode an ASN.1 -.Vt GeneralName -structure defined in RFC 5280 section 4.2.1.6. -.Pp -.Fn d2i_GENERAL_NAMES -and -.Fn i2d_GENERAL_NAMES -decode and encode an ASN.1 -.Vt GeneralNames -structure defined in RFC 5280 section 4.2.1.6. -.Pp -.Fn d2i_EDIPARTYNAME -and -.Fn i2d_EDIPARTYNAME -decode and encode an ASN.1 -.Vt EDIPartyName -structure defined in RFC 5280 section 4.2.1.6. -.Pp -.Fn d2i_OTHERNAME -and -.Fn i2d_OTHERNAME -decode and encode an ASN.1 -.Vt OtherName -structure defined in RFC 5280 section 4.2.1.6. -.Sh RETURN VALUES -.Fn d2i_GENERAL_NAME , -.Fn d2i_GENERAL_NAMES , -.Fn d2i_EDIPARTYNAME , -and -.Fn d2i_OTHERNAME -return a -.Vt GENERAL_NAME , -.Vt GENERAL_NAMES , -.Vt EDIPARTYNAME , -or -.Vt OTHERNAME -object, respectively, or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_GENERAL_NAME , -.Fn i2d_GENERAL_NAMES , -.Fn i2d_EDIPARTYNAME , -and -.Fn i2d_OTHERNAME -return the number of bytes successfully encoded or a negative value -if an error occurs. -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr d2i_X509_NAME 3 , -.Xr GENERAL_NAME_new 3 , -.Xr X509_EXTENSION_new 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile, -section 4.2: Certificate Extensions -.Sh HISTORY -.Fn d2i_GENERAL_NAME , -.Fn i2d_GENERAL_NAME , -.Fn d2i_GENERAL_NAMES , -and -.Fn i2d_GENERAL_NAMES -first appeared in OpenSSL 0.9.2b and have been available since -.Ox 2.6 . -.Pp -.Fn d2i_OTHERNAME -and -.Fn i2d_OTHERNAME -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . -.Pp -.Fn d2i_EDIPARTYNAME -and -.Fn i2d_EDIPARTYNAME -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/d2i_OCSP_REQUEST.3 b/src/lib/libcrypto/man/d2i_OCSP_REQUEST.3 deleted file mode 100644 index 07a990556d..0000000000 --- a/src/lib/libcrypto/man/d2i_OCSP_REQUEST.3 +++ /dev/null @@ -1,181 +0,0 @@ -.\" $OpenBSD: d2i_OCSP_REQUEST.3,v 1.3 2021/03/12 05:18:00 jsg Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 12 2021 $ -.Dt D2I_OCSP_REQUEST 3 -.Os -.Sh NAME -.Nm d2i_OCSP_REQUEST , -.Nm i2d_OCSP_REQUEST , -.Nm d2i_OCSP_SIGNATURE , -.Nm i2d_OCSP_SIGNATURE , -.Nm d2i_OCSP_REQINFO , -.Nm i2d_OCSP_REQINFO , -.Nm d2i_OCSP_ONEREQ , -.Nm i2d_OCSP_ONEREQ , -.Nm d2i_OCSP_CERTID , -.Nm i2d_OCSP_CERTID , -.Nm d2i_OCSP_SERVICELOC , -.Nm i2d_OCSP_SERVICELOC -.Nd decode and encode OCSP requests -.Sh SYNOPSIS -.In openssl/ocsp.h -.Ft OCSP_REQUEST * -.Fo d2i_OCSP_REQUEST -.Fa "OCSP_REQUEST **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_OCSP_REQUEST -.Fa "OCSP_REQUEST *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft OCSP_SIGNATURE * -.Fo d2i_OCSP_SIGNATURE -.Fa "OCSP_SIGNATURE **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_OCSP_SIGNATURE -.Fa "OCSP_SIGNATURE *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft OCSP_REQINFO * -.Fo d2i_OCSP_REQINFO -.Fa "OCSP_REQINFO **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_OCSP_REQINFO -.Fa "OCSP_REQINFO *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft OCSP_ONEREQ * -.Fo d2i_OCSP_ONEREQ -.Fa "OCSP_ONEREQ **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_OCSP_ONEREQ -.Fa "OCSP_ONEREQ *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft OCSP_CERTID * -.Fo d2i_OCSP_CERTID -.Fa "OCSP_CERTID **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_OCSP_CERTID -.Fa "OCSP_CERTID *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft OCSP_SERVICELOC * -.Fo d2i_OCSP_SERVICELOC -.Fa "OCSP_SERVICELOC **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_OCSP_SERVICELOC -.Fa "OCSP_SERVICELOC *val_in" -.Fa "unsigned char **der_out" -.Fc -.Sh DESCRIPTION -These functions decode and encode ASN.1 structures used for OCSP -requests. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -.Fn d2i_OCSP_REQUEST -and -.Fn i2d_OCSP_REQUEST -decode and encode an ASN.1 -.Vt OCSPRequest -structure defined in RFC 6960 section 4.1.1. -.Pp -.Fn d2i_OCSP_SIGNATURE -and -.Fn i2d_OCSP_SIGNATURE -decode and encode an ASN.1 -.Vt Signature -structure defined in RFC 6960 section 4.1.1. -.Pp -.Fn d2i_OCSP_REQINFO -and -.Fn i2d_OCSP_REQINFO -decode and encode an ASN.1 -.Vt TBSRequest -structure defined in RFC 6960 section 4.1.1. -.Pp -.Fn d2i_OCSP_ONEREQ -and -.Fn i2d_OCSP_ONEREQ -decode and encode an ASN.1 -.Vt Request -structure defined in RFC 6960 section 4.1.1. -.Pp -.Fn d2i_OCSP_CERTID -and -.Fn i2d_OCSP_CERTID -decode and encode an ASN.1 -.Vt CertID -structure defined in RFC 6960 section 4.1.1. -.Pp -.Fn d2i_OCSP_SERVICELOC -and -.Fn i2d_OCSP_SERVICELOC -decode and encode an ASN.1 -.Vt ServiceLocator -structure defined in RFC 6960 section 4.4.6. -.Sh RETURN VALUES -.Fn d2i_OCSP_REQUEST , -.Fn d2i_OCSP_SIGNATURE , -.Fn d2i_OCSP_REQINFO , -.Fn d2i_OCSP_ONEREQ , -.Fn d2i_OCSP_CERTID , -and -.Fn d2i_OCSP_SERVICELOC -return an object of the respective type or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_OCSP_REQUEST , -.Fn i2d_OCSP_SIGNATURE , -.Fn i2d_OCSP_REQINFO , -.Fn i2d_OCSP_ONEREQ , -.Fn i2d_OCSP_CERTID , -and -.Fn i2d_OCSP_SERVICELOC -return the number of bytes successfully encoded or a negative value -if an error occurs. -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr OCSP_CERTID_new 3 , -.Xr OCSP_REQUEST_new 3 , -.Xr OCSP_SERVICELOC_new 3 -.Sh STANDARDS -RFC 6960: X.509 Internet Public Key Infrastructure Online Certificate -Status Protocol, section 4.1: Request Syntax -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.7 -and have been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/d2i_OCSP_RESPONSE.3 b/src/lib/libcrypto/man/d2i_OCSP_RESPONSE.3 deleted file mode 100644 index 716e85dc6e..0000000000 --- a/src/lib/libcrypto/man/d2i_OCSP_RESPONSE.3 +++ /dev/null @@ -1,248 +0,0 @@ -.\" $OpenBSD: d2i_OCSP_RESPONSE.3,v 1.4 2021/03/12 05:18:00 jsg Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 12 2021 $ -.Dt D2I_OCSP_RESPONSE 3 -.Os -.Sh NAME -.Nm d2i_OCSP_RESPONSE , -.Nm i2d_OCSP_RESPONSE , -.Nm d2i_OCSP_RESPBYTES , -.Nm i2d_OCSP_RESPBYTES , -.Nm d2i_OCSP_BASICRESP , -.Nm i2d_OCSP_BASICRESP , -.Nm d2i_OCSP_RESPDATA , -.Nm i2d_OCSP_RESPDATA , -.Nm d2i_OCSP_RESPID , -.Nm i2d_OCSP_RESPID , -.Nm d2i_OCSP_SINGLERESP , -.Nm i2d_OCSP_SINGLERESP , -.Nm d2i_OCSP_CERTSTATUS , -.Nm i2d_OCSP_CERTSTATUS , -.Nm d2i_OCSP_REVOKEDINFO , -.Nm i2d_OCSP_REVOKEDINFO , -.Nm d2i_OCSP_CRLID , -.Nm i2d_OCSP_CRLID -.Nd decode and encode OCSP responses -.Sh SYNOPSIS -.In openssl/ocsp.h -.Ft OCSP_RESPONSE * -.Fo d2i_OCSP_RESPONSE -.Fa "OCSP_RESPONSE **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_OCSP_RESPONSE -.Fa "OCSP_RESPONSE *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft OCSP_RESPBYTES * -.Fo d2i_OCSP_RESPBYTES -.Fa "OCSP_RESPBYTES **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_OCSP_RESPBYTES -.Fa "OCSP_RESPBYTES *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft OCSP_BASICRESP * -.Fo d2i_OCSP_BASICRESP -.Fa "OCSP_BASICRESP **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_OCSP_BASICRESP -.Fa "OCSP_BASICRESP *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft OCSP_RESPDATA * -.Fo d2i_OCSP_RESPDATA -.Fa "OCSP_RESPDATA **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_OCSP_RESPDATA -.Fa "OCSP_RESPDATA *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft OCSP_RESPID * -.Fo d2i_OCSP_RESPID -.Fa "OCSP_RESPID **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_OCSP_RESPID -.Fa "OCSP_RESPID *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft OCSP_SINGLERESP * -.Fo d2i_OCSP_SINGLERESP -.Fa "OCSP_SINGLERESP **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_OCSP_SINGLERESP -.Fa "OCSP_SINGLERESP *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft OCSP_CERTSTATUS * -.Fo d2i_OCSP_CERTSTATUS -.Fa "OCSP_CERTSTATUS **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_OCSP_CERTSTATUS -.Fa "OCSP_CERTSTATUS *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft OCSP_REVOKEDINFO * -.Fo d2i_OCSP_REVOKEDINFO -.Fa "OCSP_REVOKEDINFO **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_OCSP_REVOKEDINFO -.Fa "OCSP_REVOKEDINFO *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft OCSP_CRLID * -.Fo d2i_OCSP_CRLID -.Fa "OCSP_CRLID **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_OCSP_CRLID -.Fa "OCSP_CRLID *val_in" -.Fa "unsigned char **der_out" -.Fc -.Sh DESCRIPTION -These functions decode and encode ASN.1 structures used for OCSP -responses. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -.Fn d2i_OCSP_RESPONSE -and -.Fn i2d_OCSP_RESPONSE -decode and encode an ASN.1 -.Vt OCSPResponse -structure defined in RFC 6960 section 4.2.1. -.Pp -.Fn d2i_OCSP_RESPBYTES -and -.Fn i2d_OCSP_RESPBYTES -decode and encode an ASN.1 -.Vt ResponseBytes -structure defined in RFC 6960 section 4.2.1. -.Pp -.Fn d2i_OCSP_BASICRESP -and -.Fn i2d_OCSP_BASICRESP -decode and encode an ASN.1 -.Vt BasicOCSPResponse -structure defined in RFC 6960 section 4.2.1. -.Pp -.Fn d2i_OCSP_RESPDATA -and -.Fn i2d_OCSP_RESPDATA -decode and encode an ASN.1 -.Vt ResponseData -structure defined in RFC 6960 section 4.2.1. -.Pp -.Fn d2i_OCSP_RESPID -and -.Fn i2d_OCSP_RESPID -decode and encode an ASN.1 -.Vt ResponderID -structure defined in RFC 6960 section 4.2.1. -.Pp -.Fn d2i_OCSP_SINGLERESP -and -.Fn i2d_OCSP_SINGLERESP -decode and encode an ASN.1 -.Vt SingleResponse -structure defined in RFC 6960 section 4.2.1. -.Pp -.Fn d2i_OCSP_CERTSTATUS -and -.Fn i2d_OCSP_CERTSTATUS -decode and encode an ASN.1 -.Vt CertStatus -structure defined in RFC 6960 section 4.2.1. -.Pp -.Fn d2i_OCSP_REVOKEDINFO -and -.Fn i2d_OCSP_REVOKEDINFO -decode and encode an ASN.1 -.Vt RevokedInfo -structure defined in RFC 6960 section 4.2.1. -.Pp -.Fn d2i_OCSP_CRLID -and -.Fn i2d_OCSP_CRLID -decode and encode an ASN.1 -.Vt CrlID -structure defined in RFC 6960 section 4.4.2. -.Sh RETURN VALUES -.Fn d2i_OCSP_RESPONSE , -.Fn d2i_OCSP_RESPBYTES , -.Fn d2i_OCSP_BASICRESP , -.Fn d2i_OCSP_RESPDATA , -.Fn d2i_OCSP_RESPID , -.Fn d2i_OCSP_SINGLERESP , -.Fn d2i_OCSP_CERTSTATUS , -.Fn d2i_OCSP_REVOKEDINFO , -and -.Fn d2i_OCSP_CRLID -return an object of the respective type or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_OCSP_RESPONSE , -.Fn i2d_OCSP_RESPBYTES , -.Fn i2d_OCSP_BASICRESP , -.Fn i2d_OCSP_RESPDATA , -.Fn i2d_OCSP_RESPID , -.Fn i2d_OCSP_SINGLERESP , -.Fn i2d_OCSP_CERTSTATUS , -.Fn i2d_OCSP_REVOKEDINFO , -and -.Fn i2d_OCSP_CRLID -return the number of bytes successfully encoded or a negative value -if an error occurs. -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr OCSP_CRLID_new 3 , -.Xr OCSP_REQUEST_new 3 , -.Xr OCSP_RESPONSE_new 3 , -.Xr OCSP_SINGLERESP_new 3 -.Sh STANDARDS -RFC 6960: X.509 Internet Public Key Infrastructure Online Certificate -Status Protocol, section 4.2: Response Syntax -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.7 -and have been available since -.Ox 3.2 . diff --git a/src/lib/libcrypto/man/d2i_PKCS12.3 b/src/lib/libcrypto/man/d2i_PKCS12.3 deleted file mode 100644 index 55272d1f36..0000000000 --- a/src/lib/libcrypto/man/d2i_PKCS12.3 +++ /dev/null @@ -1,202 +0,0 @@ -.\" $OpenBSD: d2i_PKCS12.3,v 1.2 2018/03/21 17:57:48 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 21 2018 $ -.Dt D2I_PKCS12 3 -.Os -.Sh NAME -.Nm d2i_PKCS12 , -.Nm i2d_PKCS12 , -.Nm d2i_PKCS12_bio , -.Nm i2d_PKCS12_bio , -.Nm d2i_PKCS12_fp , -.Nm i2d_PKCS12_fp , -.Nm d2i_PKCS12_MAC_DATA , -.Nm i2d_PKCS12_MAC_DATA , -.Nm d2i_PKCS12_SAFEBAG , -.Nm i2d_PKCS12_SAFEBAG , -.Nm d2i_PKCS12_BAGS , -.Nm i2d_PKCS12_BAGS -.Nd decode and encode PKCS#12 structures -.Sh SYNOPSIS -.In openssl/pkcs12.h -.Ft PKCS12 * -.Fo d2i_PKCS12 -.Fa "PKCS12 **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_PKCS12 -.Fa "PKCS12 *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft PKCS12 * -.Fo d2i_PKCS12_bio -.Fa "BIO *in_bio" -.Fa "PKCS12 **val_out" -.Fc -.Ft int -.Fo i2d_PKCS12_bio -.Fa "BIO *out_bio" -.Fa "PKCS12 *val_in" -.Fc -.Ft PKCS12 * -.Fo d2i_PKCS12_fp -.Fa "FILE *in_fp" -.Fa "PKCS12 **val_out" -.Fc -.Ft int -.Fo i2d_PKCS12_fp -.Fa "FILE *out_fp" -.Fa "PKCS12 *val_in" -.Fc -.Ft PKCS12_MAC_DATA * -.Fo d2i_PKCS12_MAC_DATA -.Fa "PKCS12_MAC_DATA **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_PKCS12_MAC_DATA -.Fa "PKCS12_MAC_DATA *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft PKCS12_SAFEBAG * -.Fo d2i_PKCS12_SAFEBAG -.Fa "PKCS12_SAFEBAG **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_PKCS12_SAFEBAG -.Fa "PKCS12_SAFEBAG *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft PKCS12_BAGS * -.Fo d2i_PKCS12_BAGS -.Fa "PKCS12_BAGS **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_PKCS12_BAGS -.Fa "PKCS12_BAGS *val_in" -.Fa "unsigned char **der_out" -.Fc -.Sh DESCRIPTION -These functions decode and encode PKCS#12 structures. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -.Fn d2i_PKCS12 -and -.Fn i2d_PKCS12 -decode and encode an ASN.1 -.Vt PFX -.Pq personal information exchange -structure defined in RFC 7292 section 4. -.Fn d2i_PKCS12_bio , -.Fn i2d_PKCS12_bio , -.Fn d2i_PKCS12_fp , -and -.Fn i2d_PKCS12_fp -are similar except that they decode or encode using a -.Vt BIO -or -.Vt FILE -pointer. -.Pp -.Fn d2i_PKCS12_MAC_DATA -and -.Fn i2d_PKCS12_MAC_DATA -decode and encode an ASN.1 -.Vt MacData -structure defined in RFC 7292 section 4. -.Pp -.Fn d2i_PKCS12_SAFEBAG -and -.Fn i2d_PKCS12_SAFEBAG -decode and encode an ASN.1 -.Vt SafeBag -structure defined in RFC 7292 section 4.2. -.Pp -.Fn d2i_PKCS12_BAGS -and -.Fn i2d_PKCS12_BAGS -decode and encode the bagValue field of an ASN.1 -.Vt SafeBag -structure. -.Sh RETURN VALUES -.Fn d2i_PKCS12 , -.Fn d2i_PKCS12_bio , -and -.Fn d2i_PKCS12_fp -return a -.Vt PKCS12 -object or -.Dv NULL -if an error occurs. -.Pp -.Fn d2i_PKCS12_MAC_DATA , -.Fn d2i_PKCS12_SAFEBAG , -and -.Fn d2i_PKCS12_BAGS -return a -.Vt PKCS12_MAC_DATA , -.Vt PKCS12_SAFEBAG , -or -.Vt PKCS12_BAGS -object, respectively, or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_PKCS12 , -.Fn i2d_PKCS12_MAC_DATA , -.Fn i2d_PKCS12_SAFEBAG , -and -.Fn i2d_PKCS12_BAGS -return the number of bytes successfully encoded or a negative value -if an error occurs. -.Pp -.Fn i2d_PKCS12_bio -and -.Fn i2d_PKCS12_fp -return 1 for success or 0 if an error occurs. -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr PKCS12_create 3 , -.Xr PKCS12_new 3 , -.Xr PKCS12_parse 3 , -.Xr PKCS12_SAFEBAG_new 3 -.Sh STANDARDS -RFC 7292: PKCS #12: Personal Information Exchange Syntax -.Sh HISTORY -.Fn d2i_PKCS12 , -.Fn i2d_PKCS12 , -.Fn d2i_PKCS12_bio , -.Fn i2d_PKCS12_bio , -.Fn d2i_PKCS12_fp , -.Fn i2d_PKCS12_fp , -.Fn d2i_PKCS12_MAC_DATA , -.Fn i2d_PKCS12_MAC_DATA , -.Fn d2i_PKCS12_SAFEBAG , -.Fn i2d_PKCS12_SAFEBAG , -.Fn d2i_PKCS12_BAGS , -and -.Fn i2d_PKCS12_BAGS -first appeared in OpenSSL 0.9.3 and have been available since -.Ox 2.6 . diff --git a/src/lib/libcrypto/man/d2i_PKCS7.3 b/src/lib/libcrypto/man/d2i_PKCS7.3 deleted file mode 100644 index e587787465..0000000000 --- a/src/lib/libcrypto/man/d2i_PKCS7.3 +++ /dev/null @@ -1,341 +0,0 @@ -.\" $OpenBSD: d2i_PKCS7.3,v 1.7 2023/04/25 18:05:07 tb Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: April 25 2023 $ -.Dt D2I_PKCS7 3 -.Os -.Sh NAME -.Nm d2i_PKCS7 , -.Nm i2d_PKCS7 , -.Nm d2i_PKCS7_bio , -.Nm i2d_PKCS7_bio , -.Nm d2i_PKCS7_fp , -.Nm i2d_PKCS7_fp , -.Nm d2i_PKCS7_DIGEST , -.Nm i2d_PKCS7_DIGEST , -.Nm d2i_PKCS7_ENCRYPT , -.Nm i2d_PKCS7_ENCRYPT , -.Nm d2i_PKCS7_ENC_CONTENT , -.Nm i2d_PKCS7_ENC_CONTENT , -.Nm d2i_PKCS7_ENVELOPE , -.Nm i2d_PKCS7_ENVELOPE , -.Nm d2i_PKCS7_ISSUER_AND_SERIAL , -.Nm i2d_PKCS7_ISSUER_AND_SERIAL , -.Nm d2i_PKCS7_RECIP_INFO , -.Nm i2d_PKCS7_RECIP_INFO , -.Nm d2i_PKCS7_SIGNED , -.Nm i2d_PKCS7_SIGNED , -.Nm d2i_PKCS7_SIGNER_INFO , -.Nm i2d_PKCS7_SIGNER_INFO , -.Nm d2i_PKCS7_SIGN_ENVELOPE , -.Nm i2d_PKCS7_SIGN_ENVELOPE -.Nd decode and encode PKCS#7 data structures -.Sh SYNOPSIS -.In openssl/pkcs7.h -.Ft PKCS7 * -.Fo d2i_PKCS7 -.Fa "PKCS7 **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_PKCS7 -.Fa "PKCS7 *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft PKCS7 * -.Fo d2i_PKCS7_bio -.Fa "BIO *in_bio" -.Fa "PKCS7 **val_out" -.Fc -.Ft int -.Fo i2d_PKCS7_bio -.Fa "BIO *out_bio" -.Fa "PKCS7 *val_in" -.Fc -.Ft PKCS7 * -.Fo d2i_PKCS7_fp -.Fa "FILE *in_fp" -.Fa "PKCS7 **val_out" -.Fc -.Ft int -.Fo i2d_PKCS7_fp -.Fa "FILE *out_fp" -.Fa "PKCS7 *val_in" -.Fc -.Ft PKCS7_DIGEST * -.Fo d2i_PKCS7_DIGEST -.Fa "PKCS7_DIGEST **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_PKCS7_DIGEST -.Fa "PKCS7_DIGEST *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft PKCS7_ENCRYPT * -.Fo d2i_PKCS7_ENCRYPT -.Fa "PKCS7_ENCRYPT **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_PKCS7_ENCRYPT -.Fa "PKCS7_ENCRYPT *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft PKCS7_ENC_CONTENT * -.Fo d2i_PKCS7_ENC_CONTENT -.Fa "PKCS7_ENC_CONTENT **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_PKCS7_ENC_CONTENT -.Fa "PKCS7_ENC_CONTENT *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft PKCS7_ENVELOPE * -.Fo d2i_PKCS7_ENVELOPE -.Fa "PKCS7_ENVELOPE **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_PKCS7_ENVELOPE -.Fa "PKCS7_ENVELOPE *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft PKCS7_ISSUER_AND_SERIAL * -.Fo d2i_PKCS7_ISSUER_AND_SERIAL -.Fa "PKCS7_ISSUER_AND_SERIAL **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_PKCS7_ISSUER_AND_SERIAL -.Fa "PKCS7_ISSUER_AND_SERIAL *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft PKCS7_RECIP_INFO * -.Fo d2i_PKCS7_RECIP_INFO -.Fa "PKCS7_RECIP_INFO **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_PKCS7_RECIP_INFO -.Fa "PKCS7_RECIP_INFO *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft PKCS7_SIGNED * -.Fo d2i_PKCS7_SIGNED -.Fa "PKCS7_SIGNED **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_PKCS7_SIGNED -.Fa "PKCS7_SIGNED *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft PKCS7_SIGNER_INFO * -.Fo d2i_PKCS7_SIGNER_INFO -.Fa "PKCS7_SIGNER_INFO **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_PKCS7_SIGNER_INFO -.Fa "PKCS7_SIGNER_INFO *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft PKCS7_SIGN_ENVELOPE * -.Fo d2i_PKCS7_SIGN_ENVELOPE -.Fa "PKCS7_SIGN_ENVELOPE **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_PKCS7_SIGN_ENVELOPE -.Fa "PKCS7_SIGN_ENVELOPE *val_in" -.Fa "unsigned char **der_out" -.Fc -.Sh DESCRIPTION -These functions decode and encode PKCS#7 data structures. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -.Fn d2i_PKCS7 -and -.Fn i2d_PKCS7 -decode and encode an ASN.1 -.Vt ContentInfo -structure defined in RFC 2315 section 7. -.Fn d2i_PKCS7_bio , -.Fn i2d_PKCS7_bio , -.Fn d2i_PKCS7_fp , -and -.Fn i2d_PKCS7_fp -are similar except that they decode or encode using a -.Vt BIO -or -.Vt FILE -pointer. -.Pp -.Fn d2i_PKCS7_DIGEST -and -.Fn i2d_PKCS7_DIGEST -decode and encode an ASN.1 -.Vt DigestedData -structure defined in RFC 2315 section 12. -.Pp -.Fn d2i_PKCS7_ENCRYPT -and -.Fn i2d_PKCS7_ENCRYPT -decode and encode an ASN.1 -.Vt EncryptedData -structure defined in RFC 2315 section 13. -.Pp -.Fn d2i_PKCS7_ENC_CONTENT -and -.Fn i2d_PKCS7_ENC_CONTENT -decode and encode an ASN.1 -.Vt EncryptedContentInfo -structure defined in RFC 2315 section 10.1. -.Pp -.Fn d2i_PKCS7_ENVELOPE -and -.Fn i2d_PKCS7_ENVELOPE -decode and encode an ASN.1 -.Vt EnvelopedData -structure defined in RFC 2315 section 10. -.Pp -.Fn d2i_PKCS7_ISSUER_AND_SERIAL -and -.Fn i2d_PKCS7_ISSUER_AND_SERIAL -decode and encode an ASN.1 -.Vt IssuerAndSerialNumber -structure defined in RFC 2315 section 6.7. -.Pp -.Fn d2i_PKCS7_RECIP_INFO -and -.Fn i2d_PKCS7_RECIP_INFO -decode and encode an ASN.1 -.Vt RecipientInfo -structure defined in RFC 2315 section 10.2. -.Pp -.Fn d2i_PKCS7_SIGNED -and -.Fn i2d_PKCS7_SIGNED -decode and encode an ASN.1 -.Vt SignedData -structure defined in RFC 2315 section 9. -.Pp -.Fn d2i_PKCS7_SIGNER_INFO -and -.Fn i2d_PKCS7_SIGNER_INFO -decode and encode an ASN.1 -.Vt SignerInfo -structure defined in RFC 2315 section 9.2. -.Pp -.Fn d2i_PKCS7_SIGN_ENVELOPE -and -.Fn i2d_PKCS7_SIGN_ENVELOPE -decode and encode an ASN.1 -.Vt SignedAndEnvelopedData -structure defined in RFC 2315 section 11. -.Sh RETURN VALUES -.Fn d2i_PKCS7 , -.Fn d2i_PKCS7_bio , -and -.Fn d2i_PKCS7_fp -return a -.Vt PKCS7 -object or -.Dv NULL -if an error occurs. -.Pp -.Fn d2i_PKCS7_DIGEST , -.Fn d2i_PKCS7_ENCRYPT , -.Fn d2i_PKCS7_ENC_CONTENT , -.Fn d2i_PKCS7_ENVELOPE , -.Fn d2i_PKCS7_ISSUER_AND_SERIAL , -.Fn d2i_PKCS7_RECIP_INFO , -.Fn d2i_PKCS7_SIGNED , -.Fn d2i_PKCS7_SIGNER_INFO , -and -.Fn d2i_PKCS7_SIGN_ENVELOPE -return an object of the respective type or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_PKCS7 , -.Fn i2d_PKCS7_DIGEST , -.Fn i2d_PKCS7_ENCRYPT , -.Fn i2d_PKCS7_ENC_CONTENT , -.Fn i2d_PKCS7_ENVELOPE , -.Fn i2d_PKCS7_ISSUER_AND_SERIAL , -.Fn i2d_PKCS7_RECIP_INFO , -.Fn i2d_PKCS7_SIGNED , -.Fn i2d_PKCS7_SIGNER_INFO , -and -.Fn i2d_PKCS7_SIGN_ENVELOPE -return the number of bytes successfully encoded or a negative value -if an error occurs. -.Pp -.Fn i2d_PKCS7_bio -and -.Fn i2d_PKCS7_fp -return 1 for success or 0 if an error occurs. -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr i2d_PKCS7_bio_stream 3 , -.Xr PEM_write_bio_PKCS7_stream 3 , -.Xr PEM_write_PKCS7 3 , -.Xr PKCS7_new 3 , -.Xr SMIME_write_PKCS7 3 -.Sh STANDARDS -RFC 2315: PKCS #7: Cryptographic Message Syntax Version 1.5 -.Sh HISTORY -.Fn d2i_PKCS7 , -.Fn i2d_PKCS7 , -.Fn d2i_PKCS7_bio , -.Fn i2d_PKCS7_bio , -.Fn d2i_PKCS7_fp , -.Fn i2d_PKCS7_fp , -.Fn d2i_PKCS7_DIGEST , -.Fn i2d_PKCS7_DIGEST , -.Fn d2i_PKCS7_ENCRYPT , -.Fn i2d_PKCS7_ENCRYPT , -.Fn d2i_PKCS7_ENC_CONTENT , -.Fn i2d_PKCS7_ENC_CONTENT , -.Fn d2i_PKCS7_ENVELOPE , -.Fn i2d_PKCS7_ENVELOPE , -.Fn d2i_PKCS7_ISSUER_AND_SERIAL , -.Fn i2d_PKCS7_ISSUER_AND_SERIAL , -.Fn d2i_PKCS7_RECIP_INFO , -.Fn i2d_PKCS7_RECIP_INFO , -.Fn d2i_PKCS7_SIGNED , -.Fn i2d_PKCS7_SIGNED , -.Fn d2i_PKCS7_SIGNER_INFO , -.Fn i2d_PKCS7_SIGNER_INFO , -.Fn d2i_PKCS7_SIGN_ENVELOPE , -and -.Fn i2d_PKCS7_SIGN_ENVELOPE -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/d2i_PKCS8PrivateKey_bio.3 b/src/lib/libcrypto/man/d2i_PKCS8PrivateKey_bio.3 deleted file mode 100644 index 58dd989fae..0000000000 --- a/src/lib/libcrypto/man/d2i_PKCS8PrivateKey_bio.3 +++ /dev/null @@ -1,172 +0,0 @@ -.\" $OpenBSD: d2i_PKCS8PrivateKey_bio.3,v 1.11 2019/06/07 19:28:52 schwarze Exp $ -.\" full merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2002, 2016, 2017 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: June 7 2019 $ -.Dt D2I_PKCS8PRIVATEKEY_BIO 3 -.Os -.Sh NAME -.Nm d2i_PKCS8PrivateKey_bio , -.Nm d2i_PKCS8PrivateKey_fp , -.Nm i2d_PKCS8PrivateKey_bio , -.Nm i2d_PKCS8PrivateKey_fp , -.Nm i2d_PKCS8PrivateKey_nid_bio , -.Nm i2d_PKCS8PrivateKey_nid_fp -.Nd PKCS#8 format private key functions -.Sh SYNOPSIS -.In openssl/evp.h -.Ft EVP_PKEY * -.Fo d2i_PKCS8PrivateKey_bio -.Fa "BIO *bp" -.Fa "EVP_PKEY **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft EVP_PKEY * -.Fo d2i_PKCS8PrivateKey_fp -.Fa "FILE *fp" -.Fa "EVP_PKEY **x" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo i2d_PKCS8PrivateKey_bio -.Fa "BIO *bp" -.Fa "EVP_PKEY *x" -.Fa "const EVP_CIPHER *enc" -.Fa "char *kstr" -.Fa "int klen" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo i2d_PKCS8PrivateKey_fp -.Fa "FILE *fp" -.Fa "EVP_PKEY *x" -.Fa "const EVP_CIPHER *enc" -.Fa "char *kstr" -.Fa "int klen" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo i2d_PKCS8PrivateKey_nid_bio -.Fa "BIO *bp" -.Fa "EVP_PKEY *x" -.Fa "int nid" -.Fa "char *kstr" -.Fa "int klen" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Ft int -.Fo i2d_PKCS8PrivateKey_nid_fp -.Fa "FILE *fp" -.Fa "EVP_PKEY *x" -.Fa "int nid" -.Fa "char *kstr" -.Fa "int klen" -.Fa "pem_password_cb *cb" -.Fa "void *u" -.Fc -.Sh DESCRIPTION -The PKCS#8 functions encode and decode private keys in PKCS#8 format -using both PKCS#5 v1.5 and PKCS#5 v2.0 password based encryption -algorithms. -.Pp -Other than the use of DER as opposed to PEM these functions are -identical to the corresponding functions described in -.Xr PEM_read_PrivateKey 3 . -.Pp -These functions are currently the only way to store encrypted private -keys using DER format. -.Pp -Currently all the functions use -.Vt BIO -or -.Vt FILE -pointers. -There are no functions which work directly on memory, -though this can be readily worked around -by converting the buffers to memory BIOs; -see -.Xr BIO_s_mem 3 -for details. -.Sh RETURN VALUES -.Fn d2i_PKCS8PrivateKey_bio -and -.Fn d2i_PKCS8PrivateKey_fp -return a -.Vt EVP_PKEY -object or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_PKCS8PrivateKey_bio , -.Fn i2d_PKCS8PrivateKey_fp , -.Fn i2d_PKCS8PrivateKey_nid_bio , -and -.Fn i2d_PKCS8PrivateKey_nid_fp -return 1 on success or 0 on error. -.Sh SEE ALSO -.Xr d2i_X509_SIG 3 , -.Xr PEM_write_PKCS8PrivateKey 3 , -.Xr PKCS8_PRIV_KEY_INFO_new 3 -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.5 -and have been available since -.Ox 2.7 . -.Sh CAVEATS -Do not confuse these functions with -.Xr i2d_PKCS8PrivateKeyInfo_bio 3 -and -.Xr i2d_PKCS8PrivateKeyInfo_fp 3 , -which write out private keys in -.Sy unencrypted -DER format. diff --git a/src/lib/libcrypto/man/d2i_PKCS8_PRIV_KEY_INFO.3 b/src/lib/libcrypto/man/d2i_PKCS8_PRIV_KEY_INFO.3 deleted file mode 100644 index 1ac0f2c308..0000000000 --- a/src/lib/libcrypto/man/d2i_PKCS8_PRIV_KEY_INFO.3 +++ /dev/null @@ -1,127 +0,0 @@ -.\" $OpenBSD: d2i_PKCS8_PRIV_KEY_INFO.3,v 1.3 2018/03/21 21:18:08 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 21 2018 $ -.Dt D2I_PKCS8_PRIV_KEY_INFO 3 -.Os -.Sh NAME -.Nm d2i_PKCS8_PRIV_KEY_INFO , -.Nm i2d_PKCS8_PRIV_KEY_INFO , -.Nm d2i_PKCS8_PRIV_KEY_INFO_bio , -.Nm i2d_PKCS8_PRIV_KEY_INFO_bio , -.Nm d2i_PKCS8_PRIV_KEY_INFO_fp , -.Nm i2d_PKCS8_PRIV_KEY_INFO_fp -.Nd decode and encode PKCS#8 private key -.Sh SYNOPSIS -.In openssl/x509.h -.Ft PKCS8_PRIV_KEY_INFO * -.Fo d2i_PKCS8_PRIV_KEY_INFO -.Fa "PKCS8_PRIV_KEY_INFO **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_PKCS8_PRIV_KEY_INFO -.Fa "PKCS8_PRIV_KEY_INFO *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft PKCS8_PRIV_KEY_INFO * -.Fo d2i_PKCS8_PRIV_KEY_INFO_bio -.Fa "BIO *in_bio" -.Fa "PKCS8_PRIV_KEY_INFO **val_out" -.Fc -.Ft int -.Fo i2d_PKCS8_PRIV_KEY_INFO_bio -.Fa "BIO *out_bio" -.Fa "PKCS8_PRIV_KEY_INFO *val_in" -.Fc -.Ft PKCS8_PRIV_KEY_INFO * -.Fo d2i_PKCS8_PRIV_KEY_INFO_fp -.Fa "FILE *in_fp" -.Fa "PKCS8_PRIV_KEY_INFO **val_out" -.Fc -.Ft int -.Fo i2d_PKCS8_PRIV_KEY_INFO_fp -.Fa "BIO *out_fp" -.Fa "PKCS8_PRIV_KEY_INFO *val_in" -.Fc -.Sh DESCRIPTION -.Fn d2i_PKCS8_PRIV_KEY_INFO -and -.Fn i2d_PKCS8_PRIV_KEY_INFO -decode and encode an ASN.1 -.Vt PrivateKeyInfo -structure defined in RFC 5208 section 5. -.Pp -.Fn d2i_PKCS8_PRIV_KEY_INFO_bio , -.Fn i2d_PKCS8_PRIV_KEY_INFO_bio , -.Fn d2i_PKCS8_PRIV_KEY_INFO_fp , -and -.Fn i2d_PKCS8_PRIV_KEY_INFO_fp -are similar except that they decode or encode using a -.Vt BIO -or -.Vt FILE -pointer. -.Pp -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -These functions all use unencrypted DER format. -To store private keys in encrypted form, consider -.Xr d2i_PKCS8PrivateKey_bio 3 -or -.Xr PEM_write_PKCS8PrivateKey 3 . -.Sh RETURN VALUES -.Fn d2i_PKCS8_PRIV_KEY_INFO , -.Fn d2i_PKCS8_PRIV_KEY_INFO_bio , -and -.Fn d2i_PKCS8_PRIV_KEY_INFO_fp -return a -.Vt PKCS8_PRIV_KEY_INFO -object or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_PKCS8_PRIV_KEY_INFO -returns the number of bytes successfully encoded or a negative value -if an error occurs. -.Pp -.Fn i2d_PKCS8_PRIV_KEY_INFO_bio -and -.Fn i2d_PKCS8_PRIV_KEY_INFO_fp -return 1 for success or 0 if an error occurs. -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr d2i_PKCS8PrivateKey_bio 3 , -.Xr d2i_PrivateKey 3 , -.Xr PEM_write_PKCS8_PRIV_KEY_INFO 3 , -.Xr PKCS8_PRIV_KEY_INFO_new 3 -.Sh STANDARDS -RFC 5208: PKCS#8: Private-Key Information Syntax Specification -.Sh HISTORY -.Fn d2i_PKCS8_PRIV_KEY_INFO -and -.Fn i2d_PKCS8_PRIV_KEY_INFO -first appeared in OpenSSL 0.9.3. -.Fn d2i_PKCS8_PRIV_KEY_INFO_bio , -.Fn i2d_PKCS8_PRIV_KEY_INFO_bio , -.Fn d2i_PKCS8_PRIV_KEY_INFO_fp , -and -.Fn i2d_PKCS8_PRIV_KEY_INFO_fp -first appeared in OpenSSL 0.9.4. -All these functions have been available since -.Ox 2.6 . diff --git a/src/lib/libcrypto/man/d2i_PKEY_USAGE_PERIOD.3 b/src/lib/libcrypto/man/d2i_PKEY_USAGE_PERIOD.3 deleted file mode 100644 index df8639264c..0000000000 --- a/src/lib/libcrypto/man/d2i_PKEY_USAGE_PERIOD.3 +++ /dev/null @@ -1,74 +0,0 @@ -.\" $OpenBSD: d2i_PKEY_USAGE_PERIOD.3,v 1.2 2018/03/21 16:09:51 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 21 2018 $ -.Dt D2I_PKEY_USAGE_PERIOD 3 -.Os -.Sh NAME -.Nm d2i_PKEY_USAGE_PERIOD , -.Nm i2d_PKEY_USAGE_PERIOD -.Nd decode and encode X.509 key usage period extensions -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft PKEY_USAGE_PERIOD * -.Fo d2i_PKEY_USAGE_PERIOD -.Fa "PKEY_USAGE_PERIOD **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_PKEY_USAGE_PERIOD -.Fa "PKEY_USAGE_PERIOD *val_in" -.Fa "unsigned char **der_out" -.Fc -.Sh DESCRIPTION -.Fn d2i_PKEY_USAGE_PERIOD -and -.Fn i2d_PKEY_USAGE_PERIOD -decode and encode an ASN.1 -.Vt PrivateKeyUsagePeriod -structure defined in RFC 3280 section 4.2.1.4. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Sh RETURN VALUES -.Fn d2i_PKEY_USAGE_PERIOD -returns a -.Vt PKEY_USAGE_PERIOD -object or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_PKEY_USAGE_PERIOD -returns the number of bytes successfully encoded or a negative value -if an error occurs. -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr PKEY_USAGE_PERIOD_new 3 , -.Xr X509_EXTENSION_new 3 -.Sh STANDARDS -RFC 3280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile, -section 4.2.1.4: Private Key Usage Period -.Pp -RFC 3280 was obsoleted by RFC 5280; see -.Xr PKEY_USAGE_PERIOD_new 3 -for details. -.Sh HISTORY -.Fn d2i_PKEY_USAGE_PERIOD -and -.Fn i2d_PKEY_USAGE_PERIOD -first appeared in OpenSSL 0.9.2b and have been available since -.Ox 2.6 . diff --git a/src/lib/libcrypto/man/d2i_POLICYINFO.3 b/src/lib/libcrypto/man/d2i_POLICYINFO.3 deleted file mode 100644 index bae78b17c7..0000000000 --- a/src/lib/libcrypto/man/d2i_POLICYINFO.3 +++ /dev/null @@ -1,165 +0,0 @@ -.\" $OpenBSD: d2i_POLICYINFO.3,v 1.2 2018/03/21 17:57:48 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 21 2018 $ -.Dt D2I_POLICYINFO 3 -.Os -.Sh NAME -.Nm d2i_POLICYINFO , -.Nm i2d_POLICYINFO , -.Nm d2i_CERTIFICATEPOLICIES , -.Nm i2d_CERTIFICATEPOLICIES , -.Nm d2i_POLICYQUALINFO , -.Nm i2d_POLICYQUALINFO , -.Nm d2i_USERNOTICE , -.Nm i2d_USERNOTICE , -.Nm d2i_NOTICEREF , -.Nm i2d_NOTICEREF -.Nd decode and encode X.509 certificate policies -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft POLICYINFO * -.Fo d2i_POLICYINFO -.Fa "POLICYINFO **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_POLICYINFO -.Fa "POLICYINFO *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft CERTIFICATEPOLICIES * -.Fo d2i_CERTIFICATEPOLICIES -.Fa "CERTIFICATEPOLICIES **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_CERTIFICATEPOLICIES -.Fa "CERTIFICATEPOLICIES *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft POLICYQUALINFO * -.Fo d2i_POLICYQUALINFO -.Fa "POLICYQUALINFO **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_POLICYQUALINFO -.Fa "POLICYQUALINFO *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft USERNOTICE * -.Fo d2i_USERNOTICE -.Fa "USERNOTICE **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_USERNOTICE -.Fa "USERNOTICE *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft NOTICEREF * -.Fo d2i_NOTICEREF -.Fa "NOTICEREF **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_NOTICEREF -.Fa "NOTICEREF *val_in" -.Fa "unsigned char **der_out" -.Fc -.Sh DESCRIPTION -These functions decode and encode X.509 certificate policies. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -.Fn d2i_POLICYINFO -and -.Fn i2d_POLICYINFO -decode and encode an ASN.1 -.Vt PolicyInformation -structure defined in RFC 5280 section 4.2.1.4. -.Pp -.Fn d2i_CERTIFICATEPOLICIES -and -.Fn i2d_CERTIFICATEPOLICIES -decode and encode an ASN.1 -.Vt CertificatePolicies -structure defined in RFC 5280 section 4.2.1.4. -.Pp -.Fn d2i_POLICYQUALINFO -and -.Fn i2d_POLICYQUALINFO -decode and encode an ASN.1 -.Vt PolicyQualifierInfo -structure defined in RFC 5280 section 4.2.1.4. -.Pp -.Fn d2i_USERNOTICE -and -.Fn i2d_USERNOTICE -decode and encode an ASN.1 -.Vt UserNotice -structure defined in RFC 5280 section 4.2.1.4. -.Pp -.Fn d2i_NOTICEREF -and -.Fn i2d_NOTICEREF -decode and encode an ASN.1 -.Vt NoticeReference -structure defined in RFC 5280 section 4.2.1.4. -.Sh RETURN VALUES -.Fn d2i_POLICYINFO , -.Fn d2i_CERTIFICATEPOLICIES , -.Fn d2i_POLICYQUALINFO , -.Fn d2i_USERNOTICE , -and -.Fn d2i_NOTICEREF -return a -.Vt POLICYINFO , -.Vt CERTIFICATEPOLICIES , -.Vt POLICYQUALINFO , -.Vt USERNOTICE , -or -.Vt NOTICEREF -object, respectively, or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_POLICYINFO , -.Fn i2d_CERTIFICATEPOLICIES , -.Fn i2d_POLICYQUALINFO , -.Fn i2d_USERNOTICE , -and -.Fn i2d_NOTICEREF -return the number of bytes successfully encoded or a negative value -if an error occurs. -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr POLICYINFO_new 3 , -.Xr X509_EXTENSION_new 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile, -section 4.2.1.4: Certificate Policies -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.3 -and have been available since -.Ox 2.6 . diff --git a/src/lib/libcrypto/man/d2i_PrivateKey.3 b/src/lib/libcrypto/man/d2i_PrivateKey.3 deleted file mode 100644 index b544ea0e9a..0000000000 --- a/src/lib/libcrypto/man/d2i_PrivateKey.3 +++ /dev/null @@ -1,312 +0,0 @@ -.\" $OpenBSD: d2i_PrivateKey.3,v 1.11 2024/10/24 21:42:10 tb Exp $ -.\" full merge up to: OpenSSL b0edda11 Mar 20 13:00:17 2018 +0000 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2016, 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Dr. Stephen Henson . -.\" Copyright (c) 2016 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: October 24 2024 $ -.Dt D2I_PRIVATEKEY 3 -.Os -.Sh NAME -.Nm d2i_PrivateKey , -.Nm d2i_AutoPrivateKey , -.Nm d2i_PrivateKey_bio , -.Nm d2i_PrivateKey_fp , -.Nm i2d_PrivateKey , -.Nm i2d_PrivateKey_bio , -.Nm i2d_PrivateKey_fp , -.Nm i2d_PKCS8PrivateKeyInfo_bio , -.Nm i2d_PKCS8PrivateKeyInfo_fp , -.Nm d2i_PublicKey , -.Nm i2d_PublicKey -.Nd decode and encode EVP_PKEY objects -.Sh SYNOPSIS -.In openssl/evp.h -.Ft EVP_PKEY * -.Fo d2i_PrivateKey -.Fa "int type" -.Fa "EVP_PKEY **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft EVP_PKEY * -.Fo d2i_AutoPrivateKey -.Fa "EVP_PKEY **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft EVP_PKEY * -.Fo d2i_PrivateKey_bio -.Fa "BIO *in_bio" -.Fa "EVP_PKEY **val_out" -.Fc -.Ft EVP_PKEY * -.Fo d2i_PrivateKey_fp -.Fa "FILE *in_fp" -.Fa "EVP_PKEY **val_out" -.Fc -.Ft int -.Fo i2d_PrivateKey -.Fa "EVP_PKEY *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft int -.Fo i2d_PrivateKey_bio -.Fa "BIO *out_bio" -.Fa "EVP_PKEY *val_in" -.Fc -.Ft int -.Fo i2d_PrivateKey_fp -.Fa "FILE *out_fp" -.Fa "EVP_PKEY *val_in" -.Fc -.Ft int -.Fo i2d_PKCS8PrivateKeyInfo_bio -.Fa "BIO *out_bio" -.Fa "EVP_PKEY *val_in" -.Fc -.Ft int -.Fo i2d_PKCS8PrivateKeyInfo_fp -.Fa "FILE *out_fp" -.Fa "EVP_PKEY *val_in" -.Fc -.Ft EVP_PKEY * -.Fo d2i_PublicKey -.Fa "int type" -.Fa "EVP_PKEY **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_PublicKey -.Fa "EVP_PKEY *val_in" -.Fa "unsigned char **der_out" -.Fc -.Sh DESCRIPTION -These are algorithm-independent interfaces to decode and encode -private and public keys. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -.Fn d2i_PrivateKey -decodes a private key using algorithm -.Fa type . -It attempts to use any algorithm specific format or the PKCS#8 unencrypted -.Vt PrivateKeyInfo -format defined in RFC 5208 section 5. -The -.Fa type -parameter should be a public key algorithm constant such as -.Dv EVP_PKEY_RSA . -An error occurs if the decoded key does not match -.Fa type . -.Pp -.Fn d2i_AutoPrivateKey -is similar to -.Fn d2i_PrivateKey -except that it attempts to automatically detect the algorithm. -.Pp -.Fn d2i_PrivateKey_bio -and -.Fn d2i_PrivateKey_fp -are similar to -.Fn d2i_PrivateKey -except that they read from a -.Vt BIO -or -.Vt FILE -pointer. -.Pp -.Fn i2d_PrivateKey -encodes -.Fa val_in . -It uses an algorithm specific format or, if none is defined for -that key type, the PKCS#8 unencrypted -.Vt PrivateKeyInfo -format. -.Pp -.Fn i2d_PrivateKey_bio -and -.Fn i2d_PrivateKey_fp -are similar to -.Fn i2d_PrivateKey -except that they write to a -.Vt BIO -or -.Vt FILE -pointer and use a different convention for their return values. -.Pp -.Fn i2d_PKCS8PrivateKeyInfo_bio -and -.Fn i2d_PKCS8PrivateKeyInfo_fp -encode -.Fa val_in -in PKCS#8 unencrypted -.Vt PrivateKeyInfo -format. -They are similar to -.Fn i2d_PrivateKey -except that they don't use any algorithm-specific formats -and that they write to a -.Vt BIO -or -.Vt FILE -pointer rather than to a buffer. -.Pp -All these functions use DER format and unencrypted keys. -Applications wishing to encrypt or decrypt private keys should use other -functions such as -.Xr d2i_PKCS8PrivateKey_bio 3 -instead. -.Pp -If -.Pf * Fa val_out -is not -.Dv NULL -when calling -.Fn d2i_PrivateKey -or -.Fn d2i_AutoPrivateKey -(i.e. an existing structure is being reused) and the key format is -PKCS#8, then -.Pf * Fa val_out -will be freed and replaced on a successful call. -.Pp -.Fn d2i_PublicKey -calls -.Xr d2i_DSAPublicKey 3 , -.Xr o2i_ECPublicKey 3 , -or -.Xr d2i_RSAPublicKey 3 -depending on -.Fa type -and stores the result in the returned -.Vt EVP_PKEY -object. -.Pp -.Fn i2d_PublicKey -calls -.Xr i2d_DSAPublicKey 3 , -.Xr i2o_ECPublicKey 3 , -or -.Xr i2d_RSAPublicKey 3 -depending on the algorithm used by -.Fa val_in . -.Sh RETURN VALUES -.Fn d2i_PrivateKey , -.Fn d2i_AutoPrivateKey , -.Fn d2i_PrivateKey_bio , -.Fn d2i_PrivateKey_fp , -and -.Fn d2i_PublicKey -return a valid -.Vt EVP_PKEY -structure or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_PrivateKey -and -.Fn i2d_PublicKey -return the number of bytes successfully encoded or a negative value if -an error occurs. -.Pp -.Fn i2d_PrivateKey_bio , -.Fn i2d_PrivateKey_fp , -.Fn i2d_PKCS8PrivateKeyInfo_bio , -and -.Fn i2d_PKCS8PrivateKeyInfo_fp -return 1 for success or 0 if an error occurs. -.Pp -For all functions, the error code can be obtained by calling -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr d2i_PKCS8_PRIV_KEY_INFO 3 , -.Xr d2i_PKCS8PrivateKey_bio 3 , -.Xr EVP_PKEY_new 3 , -.Xr EVP_PKEY_type 3 , -.Xr PEM_write_PrivateKey 3 , -.Xr PKCS8_PRIV_KEY_INFO_new 3 -.Sh STANDARDS -RFC 5208: Public-Key Cryptography Standards (PKCS) #8: Private-Key -Information Syntax Specification -.Sh HISTORY -.Fn d2i_PrivateKey , -.Fn i2d_PrivateKey , -.Fn d2i_PublicKey , -and -.Fn i2d_PublicKey -first appeared in SSLeay 0.6.0 and have been available since -.Ox 2.4 . -.Pp -.Fn d2i_AutoPrivateKey , -.Fn d2i_PrivateKey_bio , -.Fn d2i_PrivateKey_fp , -.Fn i2d_PrivateKey_bio , -.Fn i2d_PrivateKey_fp , -.Fn i2d_PKCS8PrivateKeyInfo_bio , -and -.Fn i2d_PKCS8PrivateKeyInfo_fp -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . diff --git a/src/lib/libcrypto/man/d2i_RSAPublicKey.3 b/src/lib/libcrypto/man/d2i_RSAPublicKey.3 deleted file mode 100644 index d6c376d84b..0000000000 --- a/src/lib/libcrypto/man/d2i_RSAPublicKey.3 +++ /dev/null @@ -1,389 +0,0 @@ -.\" $OpenBSD: d2i_RSAPublicKey.3,v 1.13 2018/03/27 17:35:50 schwarze Exp $ -.\" OpenSSL bb9ad09e Jun 6 00:43:05 2016 -0400 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Ulf Moeller and -.\" Dr. Stephen Henson . -.\" Copyright (c) 2000, 2002, 2003, 2009, 2016 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 27 2018 $ -.Dt D2I_RSAPUBLICKEY 3 -.Os -.Sh NAME -.Nm d2i_RSAPublicKey , -.Nm i2d_RSAPublicKey , -.Nm d2i_RSAPrivateKey , -.Nm i2d_RSAPrivateKey , -.Nm d2i_Netscape_RSA , -.Nm i2d_Netscape_RSA , -.Nm d2i_RSA_PSS_PARAMS , -.Nm i2d_RSA_PSS_PARAMS , -.Nm d2i_RSAPublicKey_bio , -.Nm d2i_RSAPublicKey_fp , -.Nm i2d_RSAPublicKey_bio , -.Nm i2d_RSAPublicKey_fp , -.Nm d2i_RSAPrivateKey_bio , -.Nm d2i_RSAPrivateKey_fp , -.Nm i2d_RSAPrivateKey_bio , -.Nm i2d_RSAPrivateKey_fp , -.Nm d2i_RSA_PUBKEY , -.Nm i2d_RSA_PUBKEY , -.Nm d2i_RSA_PUBKEY_bio , -.Nm d2i_RSA_PUBKEY_fp , -.Nm i2d_RSA_PUBKEY_bio , -.Nm i2d_RSA_PUBKEY_fp -.Nd decode and encode RSA keys and parameters -.Sh SYNOPSIS -.In openssl/rsa.h -.Ft RSA * -.Fo d2i_RSAPublicKey -.Fa "RSA **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_RSAPublicKey -.Fa "RSA *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft RSA * -.Fo d2i_RSAPrivateKey -.Fa "RSA **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_RSAPrivateKey -.Fa "RSA *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft RSA * -.Fo d2i_Netscape_RSA -.Fa "RSA **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fa "int (*cb)()" -.Fc -.Ft int -.Fo i2d_Netscape_RSA -.Fa "RSA *val_in" -.Fa "unsigned char **der_out" -.Fa "int (*cb)()" -.Fc -.Ft RSA_PSS_PARAMS * -.Fo d2i_RSA_PSS_PARAMS -.Fa "RSA_PSS_PARAMS **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_RSA_PSS_PARAMS -.Fa "RSA_PSS_PARAMS *val_in" -.Fa "unsigned char **der_out" -.Fc -.In openssl/x509.h -.Ft RSA * -.Fo d2i_RSAPublicKey_bio -.Fa "BIO *in_bio" -.Fa "RSA **val_out" -.Fc -.Ft RSA * -.Fo d2i_RSAPublicKey_fp -.Fa "FILE *in_fp" -.Fa "RSA **val_out" -.Fc -.Ft int -.Fo i2d_RSAPublicKey_bio -.Fa "BIO *out_bio" -.Fa "RSA *val_in" -.Fc -.Ft int -.Fo i2d_RSAPublicKey_fp -.Fa "FILE *out_fp" -.Fa "RSA *val_in" -.Fc -.Ft RSA * -.Fo d2i_RSAPrivateKey_bio -.Fa "BIO *in_bio" -.Fa "RSA **val_out" -.Fc -.Ft RSA * -.Fo d2i_RSAPrivateKey_fp -.Fa "FILE *in_fp" -.Fa "RSA **val_out" -.Fc -.Ft int -.Fo i2d_RSAPrivateKey_bio -.Fa "BIO *out_bio" -.Fa "RSA *val_in" -.Fc -.Ft int -.Fo i2d_RSAPrivateKey_fp -.Fa "FILE *out_fp" -.Fa "RSA *val_in" -.Fc -.Ft RSA * -.Fo d2i_RSA_PUBKEY -.Fa "RSA **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_RSA_PUBKEY -.Fa "RSA *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft RSA * -.Fo d2i_RSA_PUBKEY_bio -.Fa "BIO *in_bio" -.Fa "RSA **val_out" -.Fc -.Ft RSA * -.Fo d2i_RSA_PUBKEY_fp -.Fa "FILE *in_fp" -.Fa "RSA **val_out" -.Fc -.Ft int -.Fo i2d_RSA_PUBKEY_bio -.Fa "BIO *out_bio" -.Fa "RSA *val_in" -.Fc -.Ft int -.Fo i2d_RSA_PUBKEY_fp -.Fa "FILE *out_fp" -.Fa "RSA *val_in" -.Fc -.Sh DESCRIPTION -These functions decode and encode RSA private and public keys. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -.Fn d2i_RSAPublicKey -and -.Fn i2d_RSAPublicKey -decode and encode a PKCS#1 -.Vt RSAPublicKey -structure defined in RFC 8017 appendix A.1.1. -.Fn d2i_RSAPublicKey_bio , -.Fn d2i_RSAPublicKey_fp , -.Fn i2d_RSAPublicKey_bio , -and -.Fn i2d_RSAPublicKey_fp -are similar except that they decode or encode using a -.Vt BIO -or -.Vt FILE -pointer. -.Pp -.Fn d2i_RSAPrivateKey -and -.Fn i2d_RSAPrivateKey -decode and encode a PKCS#1 -.Vt RSAPrivateKey -structure defined in RFC 8017 appendix A.1.2. -The -.Vt RSA -structure passed to the private key encoding functions should have -all the PKCS#1 private key components present. -The data encoded by the private key functions is unencrypted and -therefore offers no private key security. -.Fn d2i_RSAPrivateKey_bio , -.Fn d2i_RSAPrivateKey_fp , -.Fn i2d_RSAPrivateKey_bio , -and -.Fn i2d_RSAPrivateKey_fp -are similar except that they decode or encode using a -.Vt BIO -or -.Vt FILE -pointer. -.Pp -.Fn d2i_Netscape_RSA -and -.Fn i2d_Netscape_RSA -decode and encode an RSA private key in NET format. -These functions are present to provide compatibility with -certain very old software. -The NET format has some severe security weaknesses and should be -avoided if possible. -.Pp -.Fn d2i_RSA_PSS_PARAMS -and -.Fn i2d_RSA_PSS_PARAMS -decode and encode a PKCS#1 -.Vt RSASSA-PSS-params -structure defined in RFC 8017 appendix A.2.3 and documented in -.Xr RSA_PSS_PARAMS_new 3 . -.Pp -.Fn d2i_RSA_PUBKEY -and -.Fn i2d_RSA_PUBKEY -decode and encode an RSA public key using an ASN.1 -.Vt SubjectPublicKeyInfo -structure defined in RFC 5280 section 4.1 and documented in -.Xr X509_PUBKEY_new 3 . -.Fn d2i_RSA_PUBKEY_bio , -.Fn d2i_RSA_PUBKEY_fp , -.Fn i2d_RSA_PUBKEY_bio , -and -.Fn i2d_RSA_PUBKEY_fp -are similar except that they decode or encode using a -.Vt BIO -or -.Vt FILE -pointer. -.Sh RETURN VALUES -.Fn d2i_RSAPublicKey , -.Fn d2i_RSAPublicKey_bio , -.Fn d2i_RSAPublicKey_fp , -.Fn d2i_RSAPrivateKey , -.Fn d2i_RSAPrivateKey_bio , -.Fn d2i_RSAPrivateKey_fp , -.Fn d2i_Netscape_RSA , -.Fn d2i_RSA_PUBKEY , -.Fn d2i_RSA_PUBKEY_bio , -and -.Fn d2i_RSA_PUBKEY_fp -return a valid -.Vt RSA -object or -.Dv NULL -if an error occurs. -.Pp -.Fn d2i_RSA_PSS_PARAMS -returns a valid -.Vt RSA_PSS_PARAMS -object or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_RSAPublicKey , -.Fn i2d_RSAPrivateKey , -.Fn i2d_Netscape_RSA , -.Fn i2d_RSA_PSS_PARAMS , -and -.Fn i2d_RSA_PUBKEY -return the number of bytes successfully encoded or a negative value -if an error occurs. -.Pp -.Fn i2d_RSAPublicKey_bio , -.Fn i2d_RSAPublicKey_fp , -.Fn i2d_RSAPrivateKey_bio , -.Fn i2d_RSAPrivateKey_fp , -.Fn i2d_RSA_PUBKEY_bio , -and -.Fn i2d_RSA_PUBKEY_fp -return 1 for success or 0 if an error occurs. -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr EVP_PKEY_set1_RSA 3 , -.Xr PEM_write_RSAPrivateKey 3 , -.Xr RSA_new 3 , -.Xr RSA_PSS_PARAMS_new 3 , -.Xr X509_PUBKEY_new 3 -.Sh STANDARDS -RFC 8017: PKCS #1: RSA Cryptography Specifications -.Pp -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile, -section 4.1: Basic Certificate Fields -.Sh HISTORY -.Fn d2i_RSAPublicKey , -.Fn i2d_RSAPublicKey , -.Fn d2i_RSAPrivateKey , -.Fn i2d_RSAPrivateKey , -.Fn d2i_RSAPrivateKey_fp , -.Fn i2d_RSAPrivateKey_fp , -.Fn d2i_Netscape_RSA , -and -.Fn i2d_Netscape_RSA -first appeared in SSLeay 0.5.1. -.Fn d2i_RSAPrivateKey_bio -and -.Fn i2d_RSAPrivateKey_bio -first appeared in SSLeay 0.6.0. -.Fn d2i_RSAPublicKey_bio , -.Fn d2i_RSAPublicKey_fp , -.Fn i2d_RSAPublicKey_bio , -and -.Fn i2d_RSAPublicKey_fp -first appeared in SSLeay 0.8.1. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn d2i_RSA_PUBKEY , -.Fn i2d_RSA_PUBKEY , -.Fn d2i_RSA_PUBKEY_bio , -.Fn d2i_RSA_PUBKEY_fp , -.Fn i2d_RSA_PUBKEY_bio , -and -.Fn i2d_RSA_PUBKEY_fp -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . -.Pp -.Fn d2i_RSA_PSS_PARAMS -and -.Fn i2d_RSA_PSS_PARAMS -first appeared in OpenSSL 1.0.1 and have been available since -.Ox 5.3 . diff --git a/src/lib/libcrypto/man/d2i_TS_REQ.3 b/src/lib/libcrypto/man/d2i_TS_REQ.3 deleted file mode 100644 index 9f7c860fa1..0000000000 --- a/src/lib/libcrypto/man/d2i_TS_REQ.3 +++ /dev/null @@ -1,333 +0,0 @@ -.\" $OpenBSD: d2i_TS_REQ.3,v 1.2 2018/03/23 04:34:23 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 23 2018 $ -.Dt D2I_TS_REQ 3 -.Os -.Sh NAME -.Nm d2i_TS_REQ , -.Nm i2d_TS_REQ , -.Nm d2i_TS_REQ_bio , -.Nm i2d_TS_REQ_bio , -.Nm d2i_TS_REQ_fp , -.Nm i2d_TS_REQ_fp , -.Nm d2i_TS_RESP , -.Nm i2d_TS_RESP , -.Nm d2i_TS_RESP_bio , -.Nm i2d_TS_RESP_bio , -.Nm d2i_TS_RESP_fp , -.Nm i2d_TS_RESP_fp , -.Nm d2i_TS_STATUS_INFO , -.Nm i2d_TS_STATUS_INFO , -.Nm d2i_TS_TST_INFO , -.Nm i2d_TS_TST_INFO , -.Nm d2i_TS_TST_INFO_bio , -.Nm i2d_TS_TST_INFO_bio , -.Nm d2i_TS_TST_INFO_fp , -.Nm i2d_TS_TST_INFO_fp , -.Nm d2i_TS_ACCURACY , -.Nm i2d_TS_ACCURACY , -.Nm d2i_TS_MSG_IMPRINT , -.Nm i2d_TS_MSG_IMPRINT , -.Nm d2i_TS_MSG_IMPRINT_bio , -.Nm i2d_TS_MSG_IMPRINT_bio , -.Nm d2i_TS_MSG_IMPRINT_fp , -.Nm i2d_TS_MSG_IMPRINT_fp -.Nd decode and encode X.509 time-stamp protocol structures -.Sh SYNOPSIS -.In openssl/ts.h -.Ft TS_REQ * -.Fo d2i_TS_REQ -.Fa "TS_REQ **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_TS_REQ -.Fa "const TS_REQ *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft TS_REQ * -.Fo d2i_TS_REQ_bio -.Fa "BIO *in_bio" -.Fa "TS_REQ **val_out" -.Fc -.Ft int -.Fo i2d_TS_REQ_bio -.Fa "BIO *out_bio" -.Fa "TS_REQ *val_in" -.Fc -.Ft TS_REQ * -.Fo d2i_TS_REQ_fp -.Fa "FILE *in_fp" -.Fa "TS_REQ **val_out" -.Fc -.Ft int -.Fo i2d_TS_REQ_fp -.Fa "FILE *out_fp" -.Fa "TS_REQ *val_in" -.Fc -.Ft TS_RESP * -.Fo d2i_TS_RESP -.Fa "TS_RESP **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_TS_RESP -.Fa "const TS_RESP *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft TS_RESP * -.Fo d2i_TS_RESP_bio -.Fa "BIO *in_bio" -.Fa "TS_RESP **val_out" -.Fc -.Ft int -.Fo i2d_TS_RESP_bio -.Fa "BIO *out_bio" -.Fa "TS_RESP *val_in" -.Fc -.Ft TS_RESP * -.Fo d2i_TS_RESP_fp -.Fa "FILE *in_fp" -.Fa "TS_RESP **val_out" -.Fc -.Ft int -.Fo i2d_TS_RESP_fp -.Fa "FILE *out_fp" -.Fa "TS_RESP *val_in" -.Fc -.Ft TS_STATUS_INFO * -.Fo d2i_TS_STATUS_INFO -.Fa "TS_STATUS_INFO **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_TS_STATUS_INFO -.Fa "const TS_STATUS_INFO *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft TS_TST_INFO * -.Fo d2i_TS_TST_INFO -.Fa "TS_TST_INFO **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_TS_TST_INFO -.Fa "const TS_TST_INFO *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft TS_TST_INFO * -.Fo d2i_TS_TST_INFO_bio -.Fa "BIO *in_bio" -.Fa "TS_TST_INFO **val_out" -.Fc -.Ft int -.Fo i2d_TS_TST_INFO_bio -.Fa "BIO *out_bio" -.Fa "TS_TST_INFO *val_in" -.Fc -.Ft TS_TST_INFO * -.Fo d2i_TS_TST_INFO_fp -.Fa "FILE *in_fp" -.Fa "TS_TST_INFO **val_out" -.Fc -.Ft int -.Fo i2d_TS_TST_INFO_fp -.Fa "FILE *out_fp" -.Fa "TS_TST_INFO *val_in" -.Fc -.Ft TS_ACCURACY * -.Fo d2i_TS_ACCURACY -.Fa "TS_ACCURACY **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_TS_ACCURACY -.Fa "const TS_ACCURACY *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft TS_MSG_IMPRINT * -.Fo d2i_TS_MSG_IMPRINT -.Fa "TS_MSG_IMPRINT **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_TS_MSG_IMPRINT -.Fa "const TS_MSG_IMPRINT *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft TS_MSG_IMPRINT * -.Fo d2i_TS_MSG_IMPRINT_bio -.Fa "BIO *in_bio" -.Fa "TS_MSG_IMPRINT **val_out" -.Fc -.Ft int -.Fo i2d_TS_MSG_IMPRINT_bio -.Fa "BIO *out_bio" -.Fa "TS_MSG_IMPRINT *val_in" -.Fc -.Ft TS_MSG_IMPRINT * -.Fo d2i_TS_MSG_IMPRINT_fp -.Fa "FILE *in_fp" -.Fa "TS_MSG_IMPRINT **val_out" -.Fc -.Ft int -.Fo i2d_TS_MSG_IMPRINT_fp -.Fa "FILE *out_fp" -.Fa "TS_MSG_IMPRINT *val_in" -.Fc -.Sh DESCRIPTION -These functions decode and encode X.509 structures used for the -time-stamp protocol. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -.Fn d2i_TS_REQ -and -.Fn i2d_TS_REQ -decode and encode an ASN.1 -.Vt TimeStampReq -structure defined in RFC 3161 section 2.4.1. -.Fn d2i_TS_REQ_bio , -.Fn i2d_TS_REQ_bio , -.Fn d2i_TS_REQ_fp , -and -.Fn i2d_TS_REQ_fp -are similar except that they decode or encode using a -.Vt BIO -or -.Vt FILE -pointer. -.Pp -.Fn d2i_TS_RESP -and -.Fn i2d_TS_RESP -decode and encode an ASN.1 -.Vt TimeStampResp -structure defined in RFC 3161 section 2.4.2. -.Fn d2i_TS_RESP_bio , -.Fn i2d_TS_RESP_bio , -.Fn d2i_TS_RESP_fp , -and -.Fn i2d_TS_RESP_fp -are similar except that they decode or encode using a -.Vt BIO -or -.Vt FILE -pointer. -.Pp -.Fn d2i_TS_STATUS_INFO -and -.Fn i2d_TS_STATUS_INFO -decode and encode an ASN.1 -.Vt PKIStatusInfo -structure defined in RFC 3161 section 2.4.2. -.Pp -.Fn d2i_TS_TST_INFO -and -.Fn i2d_TS_TST_INFO -decode and encode an ASN.1 -.Vt TSTInfo -structure defined in RFC 3161 section 2.4.2. -.Fn d2i_TS_TST_INFO_bio , -.Fn i2d_TS_TST_INFO_bio , -.Fn d2i_TS_TST_INFO_fp , -and -.Fn i2d_TS_TST_INFO_fp -are similar except that they decode or encode using a -.Vt BIO -or -.Vt FILE -pointer. -.Pp -.Fn d2i_TS_ACCURACY -and -.Fn i2d_TS_ACCURACY -decode and encode an ASN.1 -.Vt Accuracy -structure defined in RFC 3161 section 2.4.2. -.Pp -.Fn d2i_TS_MSG_IMPRINT -and -.Fn i2d_TS_MSG_IMPRINT -decode and encode an ASN.1 -.Vt MessageImprint -structure defined in RFC 3161 section 2.4.1. -.Fn d2i_TS_MSG_IMPRINT_bio , -.Fn i2d_TS_MSG_IMPRINT_bio , -.Fn d2i_TS_MSG_IMPRINT_fp , -and -.Fn i2d_TS_MSG_IMPRINT_fp -are similar except that they decode or encode using a -.Vt BIO -or -.Vt FILE -pointer. -.Sh RETURN VALUES -.Fn d2i_TS_REQ , -.Fn d2i_TS_REQ_bio , -.Fn d2i_TS_REQ_fp , -.Fn d2i_TS_RESP , -.Fn d2i_TS_RESP_bio , -.Fn d2i_TS_RESP_fp , -.Fn d2i_TS_STATUS_INFO , -.Fn d2i_TS_TST_INFO , -.Fn d2i_TS_TST_INFO_bio , -.Fn d2i_TS_TST_INFO_fp , -.Fn d2i_TS_ACCURACY , -.Fn d2i_TS_MSG_IMPRINT , -.Fn d2i_TS_MSG_IMPRINT_bio , -and -.Fn d2i_TS_MSG_IMPRINT_fp -return an object of the respective type or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_TS_REQ , -.Fn i2d_TS_RESP , -.Fn i2d_TS_STATUS_INFO , -.Fn i2d_TS_TST_INFO , -.Fn i2d_TS_ACCURACY , -and -.Fn i2d_TS_MSG_IMPRINT -return the number of bytes successfully encoded or a negative value -if an error occurs. -.Pp -.Fn i2d_TS_REQ_bio , -.Fn i2d_TS_REQ_fp , -.Fn i2d_TS_RESP_bio , -.Fn i2d_TS_RESP_fp , -.Fn i2d_TS_TST_INFO_bio , -.Fn i2d_TS_TST_INFO_fp , -.Fn i2d_TS_MSG_IMPRINT_bio , -and -.Fn i2d_TS_MSG_IMPRINT_fp -return 1 for success or 0 if an error occurs. -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr TS_REQ_new 3 -.Sh STANDARDS -RFC 3161: Internet X.509 Public Key Infrastructure Time-Stamp Protocol -.Sh HISTORY -These functions first appeared in OpenSSL 1.0.0 -and have been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/d2i_X509.3 b/src/lib/libcrypto/man/d2i_X509.3 deleted file mode 100644 index 6102e49e0e..0000000000 --- a/src/lib/libcrypto/man/d2i_X509.3 +++ /dev/null @@ -1,362 +0,0 @@ -.\" $OpenBSD: d2i_X509.3,v 1.11 2021/10/27 10:35:43 schwarze Exp $ -.\" OpenSSL d2i_X509.pod checked up to: -.\" 256989ce4 Jun 19 15:00:32 2020 +0200 -.\" OpenSSL i2d_re_X509_tbs.pod checked up to: -.\" 61f805c1 Jan 16 01:01:46 2018 +0800 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original files were written by Dr. Stephen Henson , -.\" Emilia Kasper , Viktor Dukhovni , -.\" and Rich Salz . -.\" Copyright (c) 2002, 2014, 2016 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: October 27 2021 $ -.Dt D2I_X509 3 -.Os -.Sh NAME -.Nm d2i_X509 , -.Nm i2d_X509 , -.Nm d2i_X509_bio , -.Nm d2i_X509_fp , -.Nm i2d_X509_bio , -.Nm i2d_X509_fp , -.Nm d2i_X509_AUX , -.Nm i2d_X509_AUX , -.Nm d2i_X509_CERT_AUX , -.Nm i2d_X509_CERT_AUX , -.Nm d2i_X509_CINF , -.Nm i2d_X509_CINF , -.Nm d2i_X509_VAL , -.Nm i2d_X509_VAL , -.Nm i2d_re_X509_tbs , -.Nm i2d_re_X509_CRL_tbs , -.Nm i2d_re_X509_REQ_tbs -.Nd decode and encode X.509 certificates -.Sh SYNOPSIS -.In openssl/x509.h -.Ft X509 * -.Fo d2i_X509 -.Fa "X509 **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_X509 -.Fa "X509 *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft X509 * -.Fo d2i_X509_bio -.Fa "BIO *in_bio" -.Fa "X509 **val_out" -.Fc -.Ft X509 * -.Fo d2i_X509_fp -.Fa "FILE *in_fp" -.Fa "X509 **val_out" -.Fc -.Ft int -.Fo i2d_X509_bio -.Fa "BIO *out_bio" -.Fa "X509 *val_in" -.Fc -.Ft int -.Fo i2d_X509_fp -.Fa "FILE *out_fp" -.Fa "X509 *val_in" -.Fc -.Ft X509 * -.Fo d2i_X509_AUX -.Fa "X509 **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_X509_AUX -.Fa "X509 *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft X509_CERT_AUX * -.Fo d2i_X509_CERT_AUX -.Fa "X509_CERT_AUX **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_X509_CERT_AUX -.Fa "X509_CERT_AUX *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft X509_CINF * -.Fo d2i_X509_CINF -.Fa "X509_CINF **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_X509_CINF -.Fa "X509_CINF *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft X509_VAL * -.Fo d2i_X509_VAL -.Fa "X509_VAL **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_X509_VAL -.Fa "X509_VAL *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft int -.Fo i2d_re_X509_tbs -.Fa "X509 *x" -.Fa "unsigned char **out" -.Fc -.Ft int -.Fo i2d_re_X509_CRL_tbs -.Fa "X509_CRL *crl" -.Fa "unsigned char **pp" -.Fc -.Ft int -.Fo i2d_re_X509_REQ_tbs -.Fa "X509_REQ *req" -.Fa "unsigned char **pp" -.Fc -.Sh DESCRIPTION -These functions decode and encode X.509 certificates -and some of their substructures. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -.Fn d2i_X509 -and -.Fn i2d_X509 -decode and encode an ASN.1 -.Vt Certificate -structure defined in RFC 5280 section 4.1. -.Pp -.Fn d2i_X509_bio , -.Fn d2i_X509_fp , -.Fn i2d_X509_bio , -and -.Fn i2d_X509_fp -are similar except that they decode or encode using a -.Vt BIO -or -.Vt FILE -pointer. -.Pp -.Fn d2i_X509_AUX -is similar to -.Fn d2i_X509 , -but the input is expected to consist of an X.509 certificate followed -by auxiliary trust information. -This is used by the PEM routines to read TRUSTED CERTIFICATE objects. -This function should not be called on untrusted input. -.Pp -.Fn i2d_X509_AUX -is similar to -.Fn i2d_X509 , -but the encoded output contains both the certificate and any auxiliary -trust information. -This is used by the PEM routines to write TRUSTED CERTIFICATE objects. -Note that this is a non-standard OpenSSL-specific data format. -.Pp -.Fn d2i_X509_CERT_AUX -and -.Fn i2d_X509_CERT_AUX -decode and encode optional non-standard auxiliary data appended to -a certificate, for example friendly alias names and trust data. -.Pp -.Fn d2i_X509_CINF -and -.Fn i2d_X509_CINF -decode and encode an ASN.1 -.Vt TBSCertificate -structure defined in RFC 5280 section 4.1. -.Pp -.Fn d2i_X509_VAL -and -.Fn i2d_X509_VAL -decode and encode an ASN.1 -.Vt Validity -structure defined in RFC 5280 section 4.1. -.Pp -.Fn i2d_re_X509_tbs -is similar to -.Fn i2d_X509 , -except it encodes only the TBSCertificate portion of the certificate. -.Fn i2d_re_X509_CRL_tbs -and -.Fn i2d_re_X509_REQ_tbs -are analogous for CRL and certificate request, respectively. -The "re" in -.Fn i2d_re_X509_tbs -stands for "re-encode", and ensures that a fresh encoding is generated -in case the object has been modified after creation. -.Pp -The encoding of the TBSCertificate portion of a certificate is cached in -the -.Vt X509 -structure internally to improve encoding performance and to ensure -certificate signatures are verified correctly in some certificates with -broken (non-DER) encodings. -.Pp -If, after modification, the -.Vt X509 -object is re-signed with -.Xr X509_sign 3 , -the encoding is automatically renewed. -Otherwise, the encoding of the TBSCertificate portion of the -.Vt X509 -can be manually renewed by calling -.Fn i2d_re_X509_tbs . -.Sh RETURN VALUES -.Fn d2i_X509 , -.Fn d2i_X509_bio , -.Fn d2i_X509_fp , -and -.Fn d2i_X509_AUX -return a valid -.Vt X509 -structure or -.Dv NULL -if an error occurs. -.Pp -.Fn d2i_X509_CERT_AUX , -.Fn d2i_X509_CINF , -and -.Fn d2i_X509_VAL -return an -.Vt X509_CERT_AUX , -.Vt X509_CINF , -or -.Vt X509_VAL -object, respectively, or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_X509 , -.Fn i2d_X509_AUX , -.Fn i2d_X509_CERT_AUX , -.Fn i2d_X509_CINF , -and -.Fn i2d_X509_VAL -return the number of bytes successfully encoded or a negative value -if an error occurs. -.Pp -.Fn i2d_X509_bio -and -.Fn i2d_X509_fp -return 1 for success or 0 if an error occurs. -.Pp -.Fn i2d_re_X509_tbs , -.Fn i2d_re_X509_CRL_tbs , -and -.Fn i2d_re_X509_REQ_tbs -return the number of bytes successfully encoded or 0 if an error occurs. -.Pp -For all functions, the error code can be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr X509_CINF_new 3 , -.Xr X509_new 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile -.Sh HISTORY -.Fn d2i_X509 , -.Fn i2d_X509 , -.Fn d2i_X509_fp , -.Fn i2d_X509_fp , -.Fn d2i_X509_CINF , -.Fn i2d_X509_CINF , -.Fn d2i_X509_VAL , -and -.Fn i2d_X509_VAL -first appeared in SSLeay 0.5.1. -.Fn d2i_X509_bio -and -.Fn i2d_X509_bio -first appeared in SSLeay 0.6.0. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn d2i_X509_AUX , -.Fn i2d_X509_AUX , -.Fn d2i_X509_CERT_AUX , -and -.Fn i2d_X509_CERT_AUX -first appeared in OpenSSL 0.9.5 and have been available since -.Ox 2.7 . -.Pp -.Fn i2d_re_X509_tbs , -.Fn i2d_re_X509_CRL_tbs , -and -.Fn i2d_re_X509_REQ_tbs -first appeared in OpenSSL 1.1.0 and have been available since -.Ox 7.1 . diff --git a/src/lib/libcrypto/man/d2i_X509_ALGOR.3 b/src/lib/libcrypto/man/d2i_X509_ALGOR.3 deleted file mode 100644 index 252f3fc344..0000000000 --- a/src/lib/libcrypto/man/d2i_X509_ALGOR.3 +++ /dev/null @@ -1,89 +0,0 @@ -.\" $OpenBSD: d2i_X509_ALGOR.3,v 1.11 2025/03/14 21:32:15 tb Exp $ -.\" -.\" Copyright (c) 2016, 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 14 2025 $ -.Dt D2I_X509_ALGOR 3 -.Os -.Sh NAME -.Nm d2i_X509_ALGOR , -.Nm i2d_X509_ALGOR , -.Nm d2i_X509_ALGORS , -.Nm i2d_X509_ALGORS -.Nd decode and encode algorithm identifiers -.Sh SYNOPSIS -.In openssl/x509.h -.Ft X509_ALGOR * -.Fo d2i_X509_ALGOR -.Fa "X509_ALGOR **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_X509_ALGOR -.Fa "X509_ALGOR *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft X509_ALGORS * -.Fo d2i_X509_ALGORS -.Fa "X509_ALGORS **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_X509_ALGORS -.Fa "X509_ALGORS *val_in" -.Fa "unsigned char **der_out" -.Fc -.Sh DESCRIPTION -.Fn d2i_X509_ALGOR -and -.Fn i2d_X509_ALGOR -decode and encode an ASN.1 -.Vt AlgorithmIdentifier -structure defined in RFC 5280 section 4.1.1.2. -.Pp -.Fn d2i_X509_ALGORS -and -.Fn i2d_X509_ALGORS -decode and encode an ASN.1 sequence of -.Vt AlgorithmIdentifier -structures. -The data type -.Vt X509_ALGORS -is defined as -.Vt STACK_OF(X509_ALGOR) . -.Pp -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr STACK_OF 3 , -.Xr X509_ALGOR_new 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile -.Sh HISTORY -.Fn d2i_X509_ALGOR -and -.Fn i2d_X509_ALGOR -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . -.Pp -.Fn d2i_X509_ALGORS -and -.Fn i2d_X509_ALGORS -first appeared in OpenSSL 0.9.8h and have been available since -.Ox 4.5 . diff --git a/src/lib/libcrypto/man/d2i_X509_ATTRIBUTE.3 b/src/lib/libcrypto/man/d2i_X509_ATTRIBUTE.3 deleted file mode 100644 index 6b070e5e51..0000000000 --- a/src/lib/libcrypto/man/d2i_X509_ATTRIBUTE.3 +++ /dev/null @@ -1,76 +0,0 @@ -.\" $OpenBSD: d2i_X509_ATTRIBUTE.3,v 1.3 2018/03/27 17:35:50 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 27 2018 $ -.Dt D2I_X509_ATTRIBUTE 3 -.Os -.Sh NAME -.Nm d2i_X509_ATTRIBUTE , -.Nm i2d_X509_ATTRIBUTE -.\" In the following line, "X.501" and "Attribute" are not typos. -.\" The "Attribute" type is defined in X.501, not in X.509. -.\" The type in called "Attribute" with capital "A", not "attribute". -.Nd decode and encode generic X.501 Attribute -.Sh SYNOPSIS -.In openssl/x509.h -.Ft X509_ATTRIBUTE * -.Fo d2i_X509_ATTRIBUTE -.Fa "X509_ATTRIBUTE **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_X509_ATTRIBUTE -.Fa "X509_ATTRIBUTE *val_in" -.Fa "unsigned char **der_out" -.Fc -.Sh DESCRIPTION -.Fn d2i_X509_ATTRIBUTE -and -.Fn i2d_X509_ATTRIBUTE -decode and encode a generic ASN.1 -.Vt Attribute -structure defined in X.501 section 8.2. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Sh RETURN VALUES -.Fn d2i_X509_ATTRIBUTE -returns an -.Vt X509_ATTRIBUTE -object or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_X509_ATTRIBUTE -returns the number of bytes successfully encoded or a negative value -if an error occurs. -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr d2i_PKCS12 3 , -.Xr d2i_PKCS8_PRIV_KEY_INFO 3 , -.Xr d2i_X509_EXTENSION 3 , -.Xr d2i_X509_REQ 3 , -.Xr X509_ATTRIBUTE_new 3 -.Sh STANDARDS -ITU-T Recommendation X.501, also known as ISO/IEC 9594-2: Information -Technology Open Systems Interconnection The Directory: Models, -section 8.2: Overall structure -.Sh HISTORY -.Fn d2i_X509_ATTRIBUTE -and -.Fn i2d_X509_ATTRIBUTE -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/d2i_X509_CRL.3 b/src/lib/libcrypto/man/d2i_X509_CRL.3 deleted file mode 100644 index 79c1ed9f8c..0000000000 --- a/src/lib/libcrypto/man/d2i_X509_CRL.3 +++ /dev/null @@ -1,148 +0,0 @@ -.\" $OpenBSD: d2i_X509_CRL.3,v 1.10 2025/03/15 15:17:41 tb Exp $ -.\" -.\" Copyright (c) 2016, 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 15 2025 $ -.Dt D2I_X509_CRL 3 -.Os -.Sh NAME -.Nm d2i_X509_CRL , -.Nm i2d_X509_CRL , -.Nm d2i_X509_CRL_bio , -.Nm d2i_X509_CRL_fp , -.Nm i2d_X509_CRL_bio , -.Nm i2d_X509_CRL_fp , -.Nm d2i_X509_CRL_INFO , -.Nm i2d_X509_CRL_INFO , -.Nm d2i_X509_REVOKED , -.Nm i2d_X509_REVOKED -.Nd decode and encode X.509 certificate revocation lists -.Sh SYNOPSIS -.In openssl/x509.h -.Ft X509_CRL * -.Fo d2i_X509_CRL -.Fa "X509_CRL **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_X509_CRL -.Fa "X509_CRL *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft X509_CRL * -.Fo d2i_X509_CRL_bio -.Fa "BIO *in_bio" -.Fa "X509_CRL **val_out" -.Fc -.Ft X509_CRL * -.Fo d2i_X509_CRL_fp -.Fa "FILE *in_fp" -.Fa "X509_CRL **val_out" -.Fc -.Ft int -.Fo i2d_X509_CRL_bio -.Fa "BIO *out_bio" -.Fa "X509_CRL *val_in" -.Fc -.Ft int -.Fo i2d_X509_CRL_fp -.Fa "FILE *out_fp" -.Fa "X509_CRL *val_in" -.Fc -.Ft X509_CRL_INFO * -.Fo d2i_X509_CRL_INFO -.Fa "X509_CRL_INFO **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_X509_CRL_INFO -.Fa "X509_CRL_INFO *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft X509_REVOKED * -.Fo d2i_X509_REVOKED -.Fa "X509_REVOKED **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_X509_REVOKED -.Fa "X509_REVOKED *val_in" -.Fa "unsigned char **der_out" -.Fc -.Sh DESCRIPTION -These functions decode and encode X.509 certificate revocation lists. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -.Fn d2i_X509_CRL -and -.Fn i2d_X509_CRL -decode and encode an ASN.1 -.Vt CertificateList -structure defined in RFC 5280 section 5.1. -.Pp -.Fn d2i_X509_CRL_bio , -.Fn d2i_X509_CRL_fp , -.Fn i2d_X509_CRL_bio , -and -.Fn i2d_X509_CRL_fp -are similar except that they decode or encode using a -.Vt BIO -or -.Vt FILE -pointer. -.Pp -.Fn d2i_X509_CRL_INFO -and -.Fn i2d_X509_CRL_INFO -decode and encode an ASN.1 -.Vt TBSCertList -structure defined in RFC 5280 section 5.1. -.Pp -.Fn d2i_X509_REVOKED -and -.Fn i2d_X509_REVOKED -decode and encode an ASN.1 structure representing one element of -the revokedCertificates field of the ASN.1 -.Vt TBSCertList -structure. -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr X509_CRL_new 3 , -.Xr X509_REVOKED_new 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile, -section 5: CRL and CRL Extensions Profile -.Sh HISTORY -.Fn d2i_X509_CRL , -.Fn i2d_X509_CRL , -.Fn d2i_X509_CRL_fp , -.Fn i2d_X509_CRL_fp , -.Fn d2i_X509_CRL_INFO , -.Fn i2d_X509_CRL_INFO , -.Fn d2i_X509_REVOKED , -and -.Fn i2d_X509_REVOKED -first appeared in SSLeay 0.5.1. -.Fn d2i_X509_CRL_bio -and -.Fn i2d_X509_CRL_bio -first appeared in SSLeay 0.6.0. -These functions have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/d2i_X509_EXTENSION.3 b/src/lib/libcrypto/man/d2i_X509_EXTENSION.3 deleted file mode 100644 index 46a680c1ba..0000000000 --- a/src/lib/libcrypto/man/d2i_X509_EXTENSION.3 +++ /dev/null @@ -1,104 +0,0 @@ -.\" $OpenBSD: d2i_X509_EXTENSION.3,v 1.4 2018/03/27 17:35:50 schwarze Exp $ -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 27 2018 $ -.Dt D2I_X509_EXTENSION 3 -.Os -.Sh NAME -.Nm d2i_X509_EXTENSION , -.Nm i2d_X509_EXTENSION , -.Nm d2i_X509_EXTENSIONS , -.Nm i2d_X509_EXTENSIONS -.\" In the next line, the capital "E" is not a typo. -.\" The ASN.1 structure is called "Extensions", not "extensions". -.Nd decode and encode X.509 Extensions -.Sh SYNOPSIS -.In openssl/x509.h -.Ft X509_EXTENSION * -.Fo d2i_X509_EXTENSION -.Fa "X509_EXTENSION **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_X509_EXTENSION -.Fa "X509_EXTENSION *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft X509_EXTENSIONS * -.Fo d2i_X509_EXTENSIONS -.Fa "X509_EXTENSIONS **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_X509_EXTENSIONS -.Fa "X509_EXTENSIONS *val_in" -.Fa "unsigned char **der_out" -.Fc -.Sh DESCRIPTION -.Fn d2i_X509_EXTENSION -and -.Fn i2d_X509_EXTENSION -decode and encode an ASN.1 -.Vt Extension -structure defined in RFC 5280 section 4.1. -.Pp -.Fn d2i_X509_EXTENSIONS -and -.Fn i2d_X509_EXTENSIONS -decode and encode an ASN.1 -.Vt Extensions -structure defined in RFC 5280 section 4.1, -which is a SEQUENCE OF -.Vt Extension . -.Sh RETURN VALUES -.Fn d2i_X509_EXTENSION -and -.Fn d2i_X509_EXTENSIONS -return an -.Vt X509_EXTENSION -or -.Vt X509_EXTENSIONS -object, respectively, or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_X509_EXTENSION -and -.Fn i2d_X509_EXTENSIONS -return the number of bytes successfully encoded or a negative value -if an error occurs. -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr X509_EXTENSION_new 3 , -.Xr X509V3_get_d2i 3 , -.Xr X509v3_get_ext_by_NID 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile -.Sh HISTORY -.Fn d2i_X509_EXTENSION -and -.Fn i2d_X509_EXTENSION -first appeared in SSLeay 0.6.2 and have been available since -.Ox 2.4 . -.Pp -.Fn d2i_X509_EXTENSIONS -and -.Fn i2d_X509_EXTENSIONS -first appeared in OpenSSL 0.9.8h and have been available since -.Ox 4.5 . diff --git a/src/lib/libcrypto/man/d2i_X509_NAME.3 b/src/lib/libcrypto/man/d2i_X509_NAME.3 deleted file mode 100644 index f5cafaee97..0000000000 --- a/src/lib/libcrypto/man/d2i_X509_NAME.3 +++ /dev/null @@ -1,213 +0,0 @@ -.\" $OpenBSD: d2i_X509_NAME.3,v 1.18 2025/03/14 21:32:15 tb Exp $ -.\" checked up to: -.\" OpenSSL crypto/d2i_X509_NAME 4692340e Jun 7 15:49:08 2016 -0400 and -.\" OpenSSL man3/X509_NAME_get0_der 99d63d46 Oct 26 13:56:48 2016 -0400 -.\" -.\" Copyright (c) 2016, 2018 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 14 2025 $ -.Dt D2I_X509_NAME 3 -.Os -.Sh NAME -.Nm d2i_X509_NAME , -.Nm i2d_X509_NAME , -.Nm X509_NAME_get0_der , -.Nm X509_NAME_dup , -.Nm X509_NAME_set , -.Nm d2i_X509_NAME_ENTRY , -.Nm i2d_X509_NAME_ENTRY , -.Nm X509_NAME_ENTRY_dup -.\" In the following line, "X.501" and "Name" are not typos. -.\" The "Name" type is defined in X.501, not in X.509. -.\" The type is called "Name" with capital "N", not "name". -.Nd decode and encode X.501 Name objects -.Sh SYNOPSIS -.In openssl/x509.h -.Ft X509_NAME * -.Fo d2i_X509_NAME -.Fa "X509_NAME **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_X509_NAME -.Fa "X509_NAME *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft int -.Fo X509_NAME_get0_der -.Fa "X509_NAME *val_in" -.Fa "const unsigned char **der_out" -.Fa "size_t *out_len" -.Fc -.Ft X509_NAME * -.Fo X509_NAME_dup -.Fa "X509_NAME *val_in" -.Fc -.Ft int -.Fo X509_NAME_set -.Fa "X509_NAME **val_out" -.Fa "X509_NAME *val_in" -.Fc -.Ft X509_NAME_ENTRY * -.Fo d2i_X509_NAME_ENTRY -.Fa "X509_NAME_ENTRY **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_X509_NAME_ENTRY -.Fa "X509_NAME_ENTRY *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft X509_NAME_ENTRY * -.Fo X509_NAME_ENTRY_dup -.Fa "X509_NAME_ENTRY *val_in" -.Fc -.Sh DESCRIPTION -These functions decode and encode X.501 -.Vt Name -objects using DER format. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -.Fn d2i_X509_NAME -and -.Fn i2d_X509_NAME -decode and encode an ASN.1 -.Vt Name -structure defined in RFC 5280 section 4.1.2.4. -.Pp -.Fn X509_NAME_get0_der -is a variant of -.Fn i2d_X509_NAME -that does not copy the encoded output but instead returns a pointer -to the internally cached DER-encoded version of the name. -Also, it does not return the length of the output in bytes, -but instead stores it in -.Fa out_len . -If the cached encoded form happens to be out of date, both functions -update it before copying it or returning a pointer to it. -.Pp -.Fn X509_NAME_dup -copies -.Fa val_in -by calling -.Fn i2d_X509_NAME -and -.Fn d2i_X509_NAME . -.Pp -.Fn X509_NAME_set -makes sure that -.Pf * Fa val_out -contains the same data as -.Fa val_in -after the call, except that it fails if -.Fa val_in -is -.Dv NULL . -If -.Pf * Fa val_out -is the same pointer as -.Fa val_in , -the function succeeds without changing anything. -Otherwise, it copies -.Fa val_in -using -.Fn X509_NAME_dup , -and in case of success, it frees -.Pf * Fa val_out -and sets it to a pointer to the new object. -When the function fails, it never changes anything. -In any case, -.Fa val_in -remains valid and may or may not be the same pointer as -.Pf * Fa val_out -after the call. -.Pp -.Fn d2i_X509_NAME_ENTRY -and -.Fn i2d_X509_NAME_ENTRY -decode and encode an ASN.1 -.Vt RelativeDistinguishedName -structure defined in RFC 5280 section 4.1.2.4. -.Pp -.Fn X509_NAME_ENTRY_dup -copies -.Fa val_in -by calling -.Fn i2d_X509_NAME_ENTRY -and -.Fn d2i_X509_NAME_ENTRY . -.Sh RETURN VALUES -.Fn d2i_X509_NAME -and -.Fn X509_NAME_dup -return the new -.Vt X509_NAME -object or -.Dv NULL -if an error occurs. -.Pp -.Fn X509_NAME_set -and -.Fn X509_NAME_get0_der -return 1 on success or 0 if an error occurs. -.Pp -.Fn d2i_X509_NAME_ENTRY -and -.Fn X509_NAME_ENTRY_dup -return the new -.Vt X509_NAME_ENTRY -object or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_X509_NAME -and -.Fn i2d_X509_NAME_ENTRY -return the number of bytes successfully encoded or a negative value -if an error occurs. -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr X509_NAME_ENTRY_new 3 , -.Xr X509_NAME_new 3 , -.Xr X509_NAME_print_ex 3 -.Sh STANDARDS -RFC 5280: Internet X.509 Public Key Infrastructure Certificate and -Certificate Revocation List (CRL) Profile -.Pp -ITU-T Recommendation X.690, also known as ISO/IEC 8825-1: -Information technology - ASN.1 encoding rules: -Specification of Basic Encoding Rules (BER), Canonical Encoding -Rules (CER) and Distinguished Encoding Rules (DER). -.Sh HISTORY -.Fn X509_NAME_dup -first appeared in SSLeay 0.4.4. -.Fn d2i_X509_NAME , -.Fn i2d_X509_NAME , -.Fn d2i_X509_NAME_ENTRY , -.Fn i2d_X509_NAME_ENTRY , -and -.Fn X509_NAME_ENTRY_dup -first appeared in SSLeay 0.5.1. -.Fn X509_NAME_set -first appeared in SSLeay 0.8.0. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn X509_NAME_get0_der -first appeared in OpenSSL 1.1.0 and has been available since -.Ox 6.3 . diff --git a/src/lib/libcrypto/man/d2i_X509_REQ.3 b/src/lib/libcrypto/man/d2i_X509_REQ.3 deleted file mode 100644 index 95785a2d25..0000000000 --- a/src/lib/libcrypto/man/d2i_X509_REQ.3 +++ /dev/null @@ -1,151 +0,0 @@ -.\" $OpenBSD: d2i_X509_REQ.3,v 1.7 2018/03/27 17:35:50 schwarze Exp $ -.\" OpenSSL bb9ad09e Jun 6 00:43:05 2016 -0400 -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 27 2018 $ -.Dt D2I_X509_REQ 3 -.Os -.Sh NAME -.Nm d2i_X509_REQ , -.Nm i2d_X509_REQ , -.Nm d2i_X509_REQ_bio , -.Nm d2i_X509_REQ_fp , -.Nm i2d_X509_REQ_bio , -.Nm i2d_X509_REQ_fp , -.Nm d2i_X509_REQ_INFO , -.Nm i2d_X509_REQ_INFO -.Nd decode and encode PKCS#10 certification requests -.Sh SYNOPSIS -.In openssl/x509.h -.Ft X509_REQ * -.Fo d2i_X509_REQ -.Fa "X509_REQ **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_X509_REQ -.Fa "X509_REQ *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft X509_REQ * -.Fo d2i_X509_REQ_bio -.Fa "BIO *in_bio" -.Fa "X509_REQ **val_out" -.Fc -.Ft X509_REQ * -.Fo d2i_X509_REQ_fp -.Fa "FILE *in_fp" -.Fa "X509_REQ **val_out" -.Fc -.Ft int -.Fo i2d_X509_REQ_bio -.Fa "BIO *out_bio" -.Fa "X509_REQ *val_in" -.Fc -.Ft int -.Fo i2d_X509_REQ_fp -.Fa "FILE *out_fp" -.Fa "X509_REQ *val_in" -.Fc -.Ft X509_REQ_INFO * -.Fo d2i_X509_REQ_INFO -.Fa "X509_REQ_INFO **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_X509_REQ_INFO -.Fa "X509_REQ_INFO *val_in" -.Fa "unsigned char **der_out" -.Fc -.Sh DESCRIPTION -These functions decode and encode PKCS#10 certification requests. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -.Fn d2i_X509_REQ -and -.Fn i2d_X509_REQ -decode and encode an ASN.1 -.Vt CertificationRequest -structure defined in RFC 2986 section 4.2. -.Fn d2i_X509_REQ_bio , -.Fn d2i_X509_REQ_fp , -.Fn i2d_X509_REQ_bio , -and -.Fn i2d_X509_REQ_fp -are similar except that they decode or encode using a -.Vt BIO -or -.Vt FILE -pointer. -.Pp -.Fn d2i_X509_REQ_INFO -and -.Fn i2d_X509_REQ_INFO -decode and encode an ASN.1 -.Vt CertificationRequestInfo -structure defined in RFC 2986 section 4.1. -.Sh RETURN VALUES -.Fn d2i_X509_REQ , -.Fn d2i_X509_REQ_bio , -and -.Fn d2i_X509_REQ_fp -return an -.Vt X509_REQ -object or -.Dv NULL -if an error occurs. -.Pp -.Fn d2i_X509_REQ_INFO -returns an -.Vt X509_REQ_INFO -object or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_X509_REQ -and -.Fn i2d_X509_REQ_INFO -return the number of bytes successfully encoded or a negative value -if an error occurs. -.Pp -.Fn i2d_X509_REQ_bio -and -.Fn i2d_X509_REQ_fp -return 1 for success or 0 if an error occurs. -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr PEM_read_X509_REQ 3 , -.Xr X509_REQ_new 3 -.Sh STANDARDS -RFC 2986: PKCS #10: Certification Request Syntax Specification -.Sh HISTORY -.Fn d2i_X509_REQ , -.Fn i2d_X509_REQ , -.Fn d2i_X509_REQ_fp , -.Fn i2d_X509_REQ_fp , -.Fn d2i_X509_REQ_INFO , -and -.Fn i2d_X509_REQ_INFO -first appeared in SSLeay 0.5.1. -.Fn d2i_X509_REQ_bio -and -.Fn i2d_X509_REQ_bio -first appeared in SSLeay 0.6.0. -These functions have been available since -.Ox 2.4 . diff --git a/src/lib/libcrypto/man/d2i_X509_SIG.3 b/src/lib/libcrypto/man/d2i_X509_SIG.3 deleted file mode 100644 index c9fbf86633..0000000000 --- a/src/lib/libcrypto/man/d2i_X509_SIG.3 +++ /dev/null @@ -1,159 +0,0 @@ -.\" $OpenBSD: d2i_X509_SIG.3,v 1.10 2025/03/14 21:32:15 tb Exp $ -.\" OpenSSL 9b86974e Aug 17 15:21:33 2015 -0400 -.\" -.\" Copyright (c) 2016 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: March 14 2025 $ -.Dt D2I_X509_SIG 3 -.Os -.Sh NAME -.Nm d2i_X509_SIG , -.Nm i2d_X509_SIG , -.Nm d2i_PKCS8_bio , -.Nm i2d_PKCS8_bio , -.Nm d2i_PKCS8_fp , -.Nm i2d_PKCS8_fp -.\" In the next line, the number "7" is not a typo. -.\" These functions are misnamed. -.Nd decode and encode PKCS#7 digest information -.Sh SYNOPSIS -.In openssl/x509.h -.Ft X509_SIG * -.Fo d2i_X509_SIG -.Fa "X509_SIG **val_out" -.Fa "const unsigned char **der_in" -.Fa "long length" -.Fc -.Ft int -.Fo i2d_X509_SIG -.Fa "X509_SIG *val_in" -.Fa "unsigned char **der_out" -.Fc -.Ft X509_SIG * -.Fo d2i_PKCS8_bio -.Fa "BIO *in_bio" -.Fa "X509_SIG **val_out" -.Fc -.Ft int -.Fo i2d_PKCS8_bio -.Fa "BIO *out_bio" -.Fa "X509_SIG *val_in" -.Fc -.Ft X509_SIG * -.Fo d2i_PKCS8_fp -.Fa "FILE *in_fp" -.Fa "X509_SIG **val_out" -.Fc -.Ft int -.Fo i2d_PKCS8_fp -.Fa "FILE *out_fp" -.Fa "X509_SIG *val_in" -.Fc -.Sh DESCRIPTION -.Fn d2i_X509_SIG -and -.Fn i2d_X509_SIG -decode and encode an ASN.1 -.Vt DigestInfo -structure defined in RFC 2315 section 9.4 -and equivalently in RFC 8017 section 9.2. -For details about the semantics, examples, caveats, and bugs, see -.Xr ASN1_item_d2i 3 . -.Pp -.Fn d2i_PKCS8_bio -and -.Fn d2i_PKCS8_fp -are similar to -.Fn d2i_X509_SIG -except that they read from a -.Vt BIO -or -.Vt FILE -pointer. -.Pp -.Fn i2d_PKCS8_bio -and -.Fn i2d_PKCS8_fp -are similar to -.Fn i2d_X509_SIG -except that they write to a -.Vt BIO -or -.Vt FILE -pointer. -.Sh RETURN VALUES -.Fn d2i_X509_SIG , -.Fn d2i_PKCS8_bio , -and -.Fn d2i_PKCS8_fp -return a -.Vt X509_SIG -object or -.Dv NULL -if an error occurs. -.Pp -.Fn i2d_X509_SIG -returns the number of bytes successfully encoded or a negative value -if an error occurs. -.Pp -.Fn i2d_PKCS8_bio -and -.Fn i2d_PKCS8_fp -return 1 for success or 0 if an error occurs. -.Sh SEE ALSO -.Xr ASN1_item_d2i 3 , -.Xr PKCS7_new 3 , -.Xr RSA_sign 3 , -.Xr X509_SIG_new 3 -.Sh STANDARDS -RFC 2315: PKCS #7: Cryptographic Message Syntax, -section 9: Signed-data content type -.Pp -RFC 8017: PKCS #1: RSA Cryptography Specifications, -section 9: Encoding Methods for Signatures -.Sh HISTORY -.Fn d2i_X509_SIG -and -.Fn i2d_X509_SIG -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . -.Pp -.Fn d2i_PKCS8_bio , -.Fn i2d_PKCS8_bio , -.Fn d2i_PKCS8_fp , -and -.Fn i2d_PKCS8_fp -first appeared in OpenSSL 0.9.4 and have been available since -.Ox 2.6 . -.Sh BUGS -.Fn d2i_PKCS8_bio , -.Fn i2d_PKCS8_bio , -.Fn d2i_PKCS8_fp , -and -.Fn i2d_PKCS8_fp -are severely misnamed and should have been called -.Dq d2i_X509_SIG_bio -and so on. -.Pp -Or arguably, the -.Vt X509_SIG -object is misnamed itself, considering that it represents -.Vt DigestInfo -from PKCS#7 and PKCS#1. -Then again, calling it -.Dq PKCS8 -instead clearly isn't an improvement. -.Pp -Either way, these names just don't fit. diff --git a/src/lib/libcrypto/man/des_read_pw.3 b/src/lib/libcrypto/man/des_read_pw.3 deleted file mode 100644 index 7cb35b47f8..0000000000 --- a/src/lib/libcrypto/man/des_read_pw.3 +++ /dev/null @@ -1,197 +0,0 @@ -.\" $OpenBSD: des_read_pw.3,v 1.12 2024/08/24 07:48:37 tb Exp $ -.\" full merge up to: OpenSSL doc/crypto/des.pod -.\" 53934822 Jun 9 16:39:19 2016 -0400 -.\" -.\" This file is a derived work. -.\" The changes are covered by the following Copyright and license: -.\" -.\" Copyright (c) 2023 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" The original file was written by Ulf Moeller . -.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: August 24 2024 $ -.Dt DES_READ_PW 3 -.Os -.Sh NAME -.Nm EVP_read_pw_string , -.Nm EVP_read_pw_string_min , -.Nm EVP_set_pw_prompt , -.Nm EVP_get_pw_prompt -.Nd compatibility user interface functions -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_read_pw_string -.Fa "char *buf" -.Fa "int length" -.Fa "const char *prompt" -.Fa "int verify" -.Fc -.Ft int -.Fo EVP_read_pw_string_min -.Fa "char *buf" -.Fa "int min_length" -.Fa "int length" -.Fa "const char *prompt" -.Fa "int verify" -.Fc -.Ft void -.Fo EVP_set_pw_prompt -.Fa "const char *default_prompt" -.Fc -.Ft char * -.Fn EVP_get_pw_prompt void -.Sh DESCRIPTION -.Fn EVP_read_pw_string -writes the -.Fa prompt -to -.Pa /dev/tty , -or, if that could not be opened, to standard output, turns echo off, -and reads an input string from -.Pa /dev/tty , -or, if that could not be opened, from standard input. -The string is returned in -.Fa buf , -which must have space for at least -.Fa length -bytes. -If the -.Fa length -argument exceeds -.Dv BUFSIZ , -.Dv BUFSIZ -is used instead. -If -.Fa verify -is set, the user is asked for the password twice and unless the two -copies match, an error is returned. -.Pp -.Fn EVP_read_pw_string_min -additionally checks that the password is at least -.Fa min_length -bytes long. -.Pp -.Fn EVP_set_pw_prompt -sets a default prompt to a copy of -.Fa default_prompt , -or clears the default prompt if the -.Fa default_prompt -argument is -.Dv NULL -or an empty string. -If the -.Fa default_prompt -argument is longer than 79 bytes, -the copy is silently truncated to a string length of 79 bytes. -.Pp -As long as a default prompt is set, -.Fn EVP_read_pw_string -and -.Fn EVP_read_pw_string_min -can be called with a -.Fa prompt -argument of -.Dv NULL , -in which case the default prompt is used instead. -.Sh RETURN VALUES -.Fn EVP_read_pw_string -and -.Fn EVP_read_pw_string_min -return 0 on success or a negative value on failure. -.Pp -They return \-1 if -.Fa length -is less than or equal to zero or on memory allocation failure. -They return \-1 or \-2 if the internal call to -.Xr UI_process 3 -fails. -.Pp -In addition, -.Fa EVP_read_pw_string_min -returns \-1 if -.Fa min_length -is negative, if -.Fa length -is less than or equal to -.Fa min_length , -or if the user entered a password shorter than -.Fa min_length . -.Pp -.Fn EVP_get_pw_prompt -returns an internal pointer to static memory containing the default prompt, or -.Dv NULL -if no default prompt is set. -.Sh SEE ALSO -.Xr UI_new 3 -.Sh HISTORY -.Fn EVP_read_pw_string -first appeared in SSLeay 0.5.1 and -.Fn EVP_set_pw_prompt -and -.Fn EVP_get_pw_prompt -in SSLeay 0.6.0. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn EVP_read_pw_string_min -first appeared in OpenSSL 1.0.0 -and has been available since -.Ox 4.9 . diff --git a/src/lib/libcrypto/man/evp.3 b/src/lib/libcrypto/man/evp.3 deleted file mode 100644 index 2c54c0f981..0000000000 --- a/src/lib/libcrypto/man/evp.3 +++ /dev/null @@ -1,249 +0,0 @@ -.\" $OpenBSD: evp.3,v 1.36 2024/12/06 14:27:49 schwarze Exp $ -.\" full merge up to: OpenSSL man7/evp 24a535ea Sep 22 13:14:20 2020 +0100 -.\" -.\" This file was written by Ulf Moeller , -.\" Matt Caswell , Geoff Thorpe , -.\" and Dr. Stephen Henson . -.\" Copyright (c) 2000, 2002, 2006, 2013, 2016 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: December 6 2024 $ -.Dt EVP 3 -.Os -.Sh NAME -.Nm evp -.Nd high-level cryptographic functions -.Sh SYNOPSIS -.In openssl/evp.h -.Sh DESCRIPTION -The EVP library provides a high-level interface to cryptographic -functions. -The abbreviation -.Dq EVP -is intended to mean -.Dq EnVeloPe -in the sense of -.Dq wrapper library . -It is not related to the technical meaning of the term -.Dq envelope -in contexts like -.Xr CMS_encrypt 3 , -.Xr EVP_SealInit 3 , -.Xr PKCS7_encrypt 3 , -or -.Xr SMIME_write_ASN1 3 . -.Pp -.Xr EVP_SealInit 3 -and -.Xr EVP_OpenInit 3 -provide public key encryption and decryption to implement digital -"envelopes". -.Pp -The -.Xr EVP_DigestSignInit 3 -and -.Xr EVP_DigestVerifyInit 3 -functions implement digital signatures and Message Authentication Codes -(MACs). -Also see the older -.Xr EVP_SignInit 3 -and -.Xr EVP_VerifyInit 3 -functions. -.Pp -Symmetric encryption is available with the -.Xr EVP_EncryptInit 3 -functions. -The -.Xr EVP_DigestInit 3 -functions provide message digests. -.Pp -Authenticated encryption with additional data (AEAD) is available with -the -.Xr EVP_AEAD_CTX_init 3 -functions. -.Pp -The -.Fn EVP_PKEY_* -functions provide a high-level interface to asymmetric algorithms. -To create a new -.Vt EVP_PKEY , -see -.Xr EVP_PKEY_new 3 . -.Vt EVP_PKEY Ns s -can be associated with a private key of a particular algorithm -by using the functions described in the -.Xr EVP_PKEY_set1_RSA 3 -page, or new keys can be generated using -.Xr EVP_PKEY_keygen 3 . -.Vt EVP_PKEY Ns s -can be compared using -.Xr EVP_PKEY_cmp 3 -or printed using -.Xr EVP_PKEY_print_private 3 . -.Pp -The -.Fn EVP_PKEY_* -functions support the full range of asymmetric algorithm operations: -.Bl -bullet -.It -For key agreement, see -.Xr EVP_PKEY_derive 3 . -.It -For signing and verifying, see -.Xr EVP_PKEY_sign 3 , -.Xr EVP_PKEY_verify 3 , -and -.Xr EVP_PKEY_verify_recover 3 . -However, note that these functions do not perform a digest of the -data to be signed. -Therefore, normally you would use the -.Xr EVP_DigestSignInit 3 -functions for this purpose. -.It -For encryption and decryption see -.Xr EVP_PKEY_encrypt 3 -and -.Xr EVP_PKEY_decrypt 3 , -respectively. -However, note that these functions perform encryption and decryption only. -As public key encryption is an expensive operation, normally you -would wrap an encrypted message in a digital envelope using the -.Xr EVP_SealInit 3 -and -.Xr EVP_OpenInit 3 -functions. -.El -.Pp -The -.Xr EVP_BytesToKey 3 -function provides some limited support for password based encryption. -Careful selection of the parameters will provide a PKCS#5 PBKDF1 -compatible implementation. -However, new applications should typically not use this (preferring, for -example, PBKDF2 from PCKS#5). -.Pp -The -.Xr EVP_EncodeInit 3 -family of functions provides base64 encoding and decoding. -.Sh SEE ALSO -.Xr ASN1_item_digest 3 , -.Xr ASN1_item_sign 3 , -.Xr BIO_f_cipher 3 , -.Xr BIO_f_md 3 , -.Xr CMAC_Init 3 , -.Xr CMS_encrypt 3 , -.Xr CMS_sign 3 , -.Xr crypto 3 , -.Xr d2i_PKCS8PrivateKey_bio 3 , -.Xr d2i_PrivateKey 3 , -.Xr EVP_AEAD_CTX_init 3 , -.Xr EVP_aes_128_cbc 3 , -.Xr EVP_BytesToKey 3 , -.Xr EVP_camellia_128_cbc 3 , -.Xr EVP_chacha20 3 , -.Xr EVP_CIPHER_CTX_ctrl 3 , -.Xr EVP_CIPHER_CTX_get_cipher_data 3 , -.Xr EVP_CIPHER_CTX_init 3 , -.Xr EVP_CIPHER_CTX_set_flags 3 , -.Xr EVP_CIPHER_do_all 3 , -.Xr EVP_CIPHER_meth_new 3 , -.Xr EVP_CIPHER_nid 3 , -.Xr EVP_des_cbc 3 , -.Xr EVP_DigestInit 3 , -.Xr EVP_DigestSignInit 3 , -.Xr EVP_DigestVerifyInit 3 , -.Xr EVP_EncodeInit 3 , -.Xr EVP_EncryptInit 3 , -.Xr EVP_MD_CTX_ctrl 3 , -.Xr EVP_MD_nid 3 , -.Xr EVP_OpenInit 3 , -.Xr EVP_PKCS82PKEY 3 , -.Xr EVP_PKEY_asn1_get_count 3 , -.Xr EVP_PKEY_cmp 3 , -.Xr EVP_PKEY_CTX_ctrl 3 , -.Xr EVP_PKEY_CTX_get_operation 3 , -.Xr EVP_PKEY_CTX_new 3 , -.Xr EVP_PKEY_CTX_set_hkdf_md 3 , -.Xr EVP_PKEY_decrypt 3 , -.Xr EVP_PKEY_derive 3 , -.Xr EVP_PKEY_encrypt 3 , -.Xr EVP_PKEY_get_default_digest_nid 3 , -.Xr EVP_PKEY_keygen 3 , -.Xr EVP_PKEY_new 3 , -.Xr EVP_PKEY_print_private 3 , -.Xr EVP_PKEY_set1_RSA 3 , -.Xr EVP_PKEY_sign 3 , -.Xr EVP_PKEY_size 3 , -.Xr EVP_PKEY_verify 3 , -.Xr EVP_PKEY_verify_recover 3 , -.Xr EVP_rc4 3 , -.Xr EVP_SealInit 3 , -.Xr EVP_sha1 3 , -.Xr EVP_sha3_224 3 , -.Xr EVP_SignInit 3 , -.Xr EVP_sm3 3 , -.Xr EVP_sm4_cbc 3 , -.Xr EVP_VerifyInit 3 , -.Xr HMAC 3 , -.Xr OCSP_basic_sign 3 , -.Xr OCSP_request_sign 3 , -.Xr PEM_get_EVP_CIPHER_INFO 3 , -.Xr PEM_read_bio_PrivateKey 3 , -.Xr PKCS12_create 3 , -.Xr PKCS5_PBKDF2_HMAC 3 , -.Xr PKCS7_encrypt 3 , -.Xr PKCS7_sign 3 , -.Xr RSA_pkey_ctx_ctrl 3 , -.Xr SSL_CTX_set_tlsext_ticket_key_cb 3 , -.Xr X509_ALGOR_set0 3 , -.Xr X509_check_private_key 3 , -.Xr X509_digest 3 , -.Xr X509_get_pubkey 3 , -.Xr X509_PUBKEY_set 3 , -.Xr X509_sign 3 , -.Xr X509_to_X509_REQ 3 diff --git a/src/lib/libcrypto/man/i2a_ASN1_STRING.3 b/src/lib/libcrypto/man/i2a_ASN1_STRING.3 deleted file mode 100644 index 7d46474775..0000000000 --- a/src/lib/libcrypto/man/i2a_ASN1_STRING.3 +++ /dev/null @@ -1,255 +0,0 @@ -.\" $OpenBSD: i2a_ASN1_STRING.3,v 1.5 2024/12/27 15:30:17 schwarze Exp $ -.\" -.\" Copyright (c) 2019, 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: December 27 2024 $ -.Dt I2A_ASN1_STRING 3 -.Os -.Sh NAME -.Nm i2a_ASN1_STRING , -.Nm i2a_ASN1_INTEGER , -.Nm i2a_ASN1_ENUMERATED , -.Nm a2i_ASN1_STRING , -.Nm a2i_ASN1_INTEGER , -.Nm a2i_ASN1_ENUMERATED -.Nd hexadecimal dump of an ASN.1 string -.Sh SYNOPSIS -.In openssl/asn1.h -.Ft int -.Fo i2a_ASN1_STRING -.Fa "BIO *out_bio" -.Fa "const ASN1_STRING *a" -.Fa "int type" -.Fc -.Ft int -.Fo i2a_ASN1_INTEGER -.Fa "BIO *out_bio" -.Fa "const ASN1_INTEGER *a" -.Fc -.Ft int -.Fo i2a_ASN1_ENUMERATED -.Fa "BIO *out_bio" -.Fa "const i2a_ASN1_ENUMERATED *a" -.Fc -.Ft int -.Fo a2i_ASN1_STRING -.Fa "BIO *in_bio" -.Fa "ASN1_STRING *out_string" -.Fa "char *buffer" -.Fa "int size" -.Fc -.Ft int -.Fo a2i_ASN1_INTEGER -.Fa "BIO *in_bio" -.Fa "ASN1_INTEGER *out_string" -.Fa "char *buffer" -.Fa "int size" -.Fc -.Ft int -.Fo a2i_ASN1_ENUMERATED -.Fa "BIO *in_bio" -.Fa "ASN1_ENUMERATED *out_string" -.Fa "char *buffer" -.Fa "int size" -.Fc -.Sh DESCRIPTION -The functions -.Fn i2a_ASN1_STRING , -.Fn i2a_ASN1_INTEGER , -and -.Fn i2a_ASN1_ENUMERATED -write a hexadecimal representation of -.Fa a -to -.Fa out_bio . -The -.Fa type -argument is ignored. -.Pp -Each byte of -.Xr ASN1_STRING_get0_data 3 -is written as a number consisting of two upper-case hexadecimal digits. -After each group of 70 digits, a backslash and a linefeed -are inserted before the next digit. -.Pp -If the -.Xr ASN1_STRING_length 3 -of -.Fa a -is 0, instead a pair of zero digits -.Pq Qq 00 -is written by -.Fn i2a_ASN1_INTEGER -and -.Fn i2a_ASN1_ENUMERATED -and a single zero digit -.Pq Qq 0 -by -.Fn i2a_ASN1_STRING . -If -.Fa a -is a -.Dv NULL -pointer, nothing is written. -.Pp -If -.Fa a -represents a negative integer, -.Fn i2a_ASN1_INTEGER -prepends a minus sign to the output. -.Pp -The functions -.Fn a2i_ASN1_STRING , -.Fn a2i_ASN1_INTEGER , -and -.Fn a2i_ASN1_ENUMERATED -parse a hexadecimal representation of an ASN.1 string into -.Fa out_string . -Both lower-case and upper-case hexadecimal digits are accepted. -Every pair of input digits is converted into one output byte. -.Pp -On every input line, the trailing newline character and an optional -carriage return character preceding it are ignored. -The trailing newline need not be present on the last line. -If there is a backslash character before the newline character, -parsing is continued on the next input line. -.Pp -At least one pair of input digits is required by -.Fn a2i_ASN1_INTEGER -and -.Fn a2i_ASN1_ENUMERATED , -whereas -.Fn a2i_ASN1_STRING -converts empty input to an empty string. -.Pp -These functions are able to parse the output of -.Fn i2a_ASN1_ENUMERATED . -They can parse the output of -.Fn i2a_ASN1_INTEGER -unless -.Fa a -was negative, and they can parse the output of -.Fn i2a_ASN1_STRING -unless the -.Xr ASN1_STRING_length 3 -of -.Fa a -was 0. -.Pp -Parsing fails if an input line contains an odd number of input -digits or if memory allocation fails. -.Pp -These functions use the -.Fa buffer -provided by the caller and assume it is at least -.Fa size -bytes long. -It is unspecified what the buffer contains after the functions return. -.Sh RETURN VALUES -The functions -.Fn i2a_ASN1_STRING , -.Fn i2a_ASN1_INTEGER , -and -.Fn i2a_ASN1_ENUMERATED -return the number of bytes written or \-1 if -.Xr BIO_write 3 -fails. -In particular, they all return 0 when -.Fa a -is a -.Dv NULL -pointer. -.Fn i2a_ASN1_STRING -returns 1 for an empty string or an even number greater than 1 -for a string that is not empty. -.Fn i2a_ASN1_INTEGER -returns an even number greater than 1 for positive input -or an odd number greater than 2 for negative input. -.Fn i2a_ASN1_ENUMERATED -always returns a non-negative even number when successful. -.Pp -The functions -.Fn a2i_ASN1_STRING , -.Fn a2i_ASN1_INTEGER , -and -.Fn a2i_ASN1_ENUMERATED -are intended to return 1 for success or 0 for failure, but see the -.Sx BUGS -section for a number of traps. -.Sh SEE ALSO -.Xr a2i_ipadd 3 , -.Xr ASN1_STRING_length 3 , -.Xr ASN1_STRING_new 3 , -.Xr ASN1_STRING_print_ex 3 , -.Xr i2a_ASN1_OBJECT 3 , -.Xr i2s_ASN1_INTEGER 3 -.Sh HISTORY -.Fn i2a_ASN1_INTEGER -and -.Fn a2i_ASN1_INTEGER -first appeared in SSLeay 0.6.0. -.Fn i2a_ASN1_STRING -and -.Fn a2i_ASN1_STRING -first appeared in SSLeay 0.6.5. -.Fn a2i_ASN1_STRING -has been part of the public API since SSLeay 0.6.5 and -.Fn i2a_ASN1_STRING -since SSLeay 0.8.0. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn i2a_ASN1_ENUMERATED -and -.Fn a2i_ASN1_ENUMERATED -first appeared in OpenSSL 0.9.2 and have been available since -.Ox 2.6 . -.Sh BUGS -If the first call to -.Xr BIO_gets 3 -does not return any data, even if that is caused by a fatal I/O error, -if the BIO type does not support the -.Dq gets -operation, or if it is caused by the BIO being non-blocking, -.Fn a2i_ASN1_STRING -immediately succeeds and returns an empty -.Fa out_string . -.Pp -If -.Fn BIO_gets 3 -returns a partial line, for example because the given -.Fa size -is insufficient to contain one of the input lines -or for reasons specific to the BIO type, -.Fn a2i_ASN1_STRING , -.Fn a2i_ASN1_INTEGER , -and -.Fn a2i_ASN1_ENUMERATED -may fail or silently return a truncated result. -The caller is responsible for providing a -.Fa buffer -of sufficient size to contain the longest possible input line -and for choosing a BIO of a type that only returns complete -input lines and does not perform partial reads. -.Pp -The functions -.Fn a2i_ASN1_STRING , -.Fn a2i_ASN1_INTEGER , -and -.Fn a2i_ASN1_ENUMERATED -do not support non-blocking BIOs. -Reading is terminated as soon as -.Xr BIO_gets 3 -returns a value less than 1. diff --git a/src/lib/libcrypto/man/i2d_CMS_bio_stream.3 b/src/lib/libcrypto/man/i2d_CMS_bio_stream.3 deleted file mode 100644 index b60468464c..0000000000 --- a/src/lib/libcrypto/man/i2d_CMS_bio_stream.3 +++ /dev/null @@ -1,95 +0,0 @@ -.\" $OpenBSD: i2d_CMS_bio_stream.3,v 1.6 2023/05/01 07:28:11 tb Exp $ -.\" full merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2008 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: May 1 2023 $ -.Dt I2D_CMS_BIO_STREAM 3 -.Os -.Sh NAME -.Nm i2d_CMS_bio_stream -.Nd output CMS_ContentInfo structure in BER format -.Sh SYNOPSIS -.In openssl/cms.h -.Ft int -.Fo i2d_CMS_bio_stream -.Fa "BIO *out" -.Fa "CMS_ContentInfo *cms" -.Fa "BIO *data" -.Fa "int flags" -.Fc -.Sh DESCRIPTION -.Fn i2d_CMS_bio_stream -outputs a -.Vt CMS_ContentInfo -structure in BER format. -.Pp -It is otherwise identical to the function -.Xr SMIME_write_CMS 3 . -.Pp -This function is effectively a version of -.Xr i2d_CMS_bio 3 -supporting streaming. -.Sh RETURN VALUES -.Fn i2d_CMS_bio_stream -returns 1 for success or 0 for failure. -.Sh SEE ALSO -.Xr CMS_ContentInfo_new 3 , -.Xr CMS_encrypt 3 , -.Xr CMS_sign 3 , -.Xr ERR_get_error 3 , -.Xr PEM_write_bio_CMS_stream 3 , -.Xr SMIME_write_CMS 3 -.Sh HISTORY -.Fn i2d_CMS_bio_stream -first appeared in OpenSSL 1.0.0 -and has been available since -.Ox 6.7 . -.Sh BUGS -The prefix "i2d" is arguably wrong because the function outputs BER -format. diff --git a/src/lib/libcrypto/man/i2d_PKCS7_bio_stream.3 b/src/lib/libcrypto/man/i2d_PKCS7_bio_stream.3 deleted file mode 100644 index 7a47ba3026..0000000000 --- a/src/lib/libcrypto/man/i2d_PKCS7_bio_stream.3 +++ /dev/null @@ -1,94 +0,0 @@ -.\" $OpenBSD: i2d_PKCS7_bio_stream.3,v 1.11 2023/05/01 07:28:11 tb Exp $ -.\" OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2007, 2008, 2009, 2013 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: May 1 2023 $ -.Dt I2D_PKCS7_BIO_STREAM 3 -.Os -.Sh NAME -.Nm i2d_PKCS7_bio_stream -.Nd output PKCS7 structure in BER format -.Sh SYNOPSIS -.In openssl/pkcs7.h -.Ft int -.Fo i2d_PKCS7_bio_stream -.Fa "BIO *out" -.Fa "PKCS7 *p7" -.Fa "BIO *data" -.Fa "int flags" -.Fc -.Sh DESCRIPTION -.Fn i2d_PKCS7_bio_stream -outputs a -.Vt PKCS7 -structure in BER format. -It is otherwise identical to the function -.Xr SMIME_write_PKCS7 3 . -This function is effectively a version of -.Xr i2d_PKCS7_bio 3 -supporting streaming. -.Sh RETURN VALUES -.Fn i2d_PKCS7_bio_stream -returns 1 for success or 0 for failure. -.Sh SEE ALSO -.Xr BIO_new 3 , -.Xr ERR_get_error 3 , -.Xr PEM_write_bio_PKCS7_stream 3 , -.Xr PEM_write_PKCS7 3 , -.Xr PKCS7_final 3 , -.Xr PKCS7_new 3 , -.Xr SMIME_write_PKCS7 3 -.Sh HISTORY -.Fn i2d_PKCS7_bio_stream -first appeared in OpenSSL 1.0.0 and has been available since -.Ox 4.9 . -.Sh BUGS -The prefix "i2d" is arguably wrong because the function outputs BER -format. diff --git a/src/lib/libcrypto/man/lh_new.3 b/src/lib/libcrypto/man/lh_new.3 deleted file mode 100644 index 2550a7d2e7..0000000000 --- a/src/lib/libcrypto/man/lh_new.3 +++ /dev/null @@ -1,554 +0,0 @@ -.\" $OpenBSD: lh_new.3,v 1.13 2024/03/05 22:15:29 tb Exp $ -.\" full merge up to: -.\" OpenSSL doc/crypto/lhash.pod 1bc74519 May 20 08:11:46 2016 -0400 -.\" selective merge up to: -.\" OpenSSL doc/man3/OPENSSL_LH_COMPFUNC.pod 24a535ea Sep 22 13:14:20 2020 +0100 -.\" -.\" -------------------------------------------------------------------------- -.\" Major patches to this file were contributed by -.\" Ulf Moeller , Geoff Thorpe , -.\" and Ben Laurie . -.\" -------------------------------------------------------------------------- -.\" Copyright (c) 2000, 2001, 2002, 2008, 2009 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.\" -------------------------------------------------------------------------- -.\" Parts of this file are derived from SSLeay documentation, -.\" which is covered by the following Copyright and license: -.\" -------------------------------------------------------------------------- -.\" -.\" Copyright (C) 1995-1998 Tim Hudson (tjh@cryptsoft.com) -.\" All rights reserved. -.\" -.\" This package is an SSL implementation written -.\" by Eric Young (eay@cryptsoft.com). -.\" The implementation was written so as to conform with Netscapes SSL. -.\" -.\" This library is free for commercial and non-commercial use as long as -.\" the following conditions are aheared to. The following conditions -.\" apply to all code found in this distribution, be it the RC4, RSA, -.\" lhash, DES, etc., code; not just the SSL code. The SSL documentation -.\" included with this distribution is covered by the same copyright terms -.\" except that the holder is Tim Hudson (tjh@cryptsoft.com). -.\" -.\" Copyright remains Eric Young's, and as such any Copyright notices in -.\" the code are not to be removed. -.\" If this package is used in a product, Eric Young should be given -.\" attribution as the author of the parts of the library used. -.\" This can be in the form of a textual message at program startup or -.\" in documentation (online or textual) provided with the package. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" "This product includes cryptographic software written by -.\" Eric Young (eay@cryptsoft.com)" -.\" The word 'cryptographic' can be left out if the rouines from the -.\" library being used are not cryptographic related :-). -.\" 4. If you include any Windows specific code (or a derivative thereof) -.\" from the apps directory (application code) you must include an -.\" acknowledgement: "This product includes software written by -.\" Tim Hudson (tjh@cryptsoft.com)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" The licence and distribution terms for any publically available version or -.\" derivative of this code cannot be changed. i.e. this code cannot simply be -.\" copied and put under another distribution licence -.\" [including the GNU Public Licence.] -.\" -.Dd $Mdocdate: March 5 2024 $ -.Dt LH_NEW 3 -.Os -.Sh NAME -.Nm lh_new , -.Nm lh_free , -.Nm lh_insert , -.Nm lh_delete , -.Nm lh_retrieve , -.Nm lh_doall , -.Nm lh_doall_arg , -.Nm lh_error , -.Nm LHASH_COMP_FN_TYPE , -.Nm LHASH_HASH_FN_TYPE , -.Nm LHASH_DOALL_FN_TYPE , -.Nm LHASH_DOALL_ARG_FN_TYPE , -.Nm lh_strhash -.Nd dynamic hash table -.Sh SYNOPSIS -.In openssl/lhash.h -.Fn DECLARE_LHASH_OF -.Ft LHASH * -.Fn lh__new void -.Ft void -.Fo lh__free -.Fa "LHASH_OF() *table" -.Fc -.Ft * -.Fo lh__insert -.Fa "LHASH_OF() *table" -.Fa " *data" -.Fc -.Ft * -.Fo lh__delete -.Fa "LHASH_OF() *table" -.Fa " *data" -.Fc -.Ft * -.Fo lh__retrieve -.Fa "LHASH_OF() *table" -.Fa " *data" -.Fc -.Ft void -.Fo lh__doall -.Fa "LHASH_OF() *table" -.Fa "LHASH_DOALL_FN_TYPE func" -.Fc -.Ft void -.Fo lh__doall_arg -.Fa "LHASH_OF() *table" -.Fa "LHASH_DOALL_ARG_FN_TYPE func" -.Fa "" -.Fa " *arg" -.Fc -.Ft int -.Fo lh__error -.Fa "LHASH_OF() *table" -.Fc -.Ft typedef int -.Fo (*LHASH_COMP_FN_TYPE) -.Fa "const void *" -.Fa "const void *" -.Fc -.Ft typedef unsigned long -.Fo (*LHASH_HASH_FN_TYPE) -.Fa "const void *" -.Fc -.Ft typedef void -.Fo (*LHASH_DOALL_FN_TYPE) -.Fa "const void *" -.Fc -.Ft typedef void -.Fo (*LHASH_DOALL_ARG_FN_TYPE) -.Fa "const void *" -.Fa "const void *" -.Fc -.Ft unsigned long -.Fo lh_strhash -.Fa "const char *c" -.Fc -.Sh DESCRIPTION -This library implements type-checked dynamic hash tables. -The hash table entries can be arbitrary structures. -Usually they consist of key and value fields. -.Pp -.Fn lh__new -creates a new -.Vt LHASH_OF() -structure to store arbitrary data entries, and provides the hash and -compare callbacks to be used in organising the table's entries. -The hash callback takes a pointer to a table entry as its argument -and returns an unsigned long hash value for its key field. -The hash value is normally truncated to a power of 2, so make sure that -your hash function returns well mixed low order bits. -The compare callback takes two arguments (pointers to two hash table -entries), and returns 0 if their keys are equal, non-zero otherwise. -If your hash table will contain items of some particular type and the -hash and compare callbacks hash and compare these types, then the -.Fn DECLARE_LHASH_HASH_FN -and -.Fn IMPLEMENT_LHASH_COMP_FN -macros can be used to create callback wrappers of the prototypes -required by -.Fn lh__new . -These provide per-variable casts before calling the type-specific -callbacks written by the application author. -These macros, as well as those used for the doall callbacks, are -defined as; -.Bd -literal -offset 2n -#define DECLARE_LHASH_HASH_FN(name, o_type) \e - unsigned long name##_LHASH_HASH(const void *); -#define IMPLEMENT_LHASH_HASH_FN(name, o_type) \e - unsigned long name##_LHASH_HASH(const void *arg) { \e - const o_type *a = arg; \e - return name##_hash(a); } -#define LHASH_HASH_FN(name) name##_LHASH_HASH - -#define DECLARE_LHASH_COMP_FN(name, o_type) \e - int name##_LHASH_COMP(const void *, const void *); -#define IMPLEMENT_LHASH_COMP_FN(name, o_type) \e - int name##_LHASH_COMP(const void *arg1, const void *arg2) { \e - const o_type *a = arg1; \e - const o_type *b = arg2; \e - return name##_cmp(a,b); } -#define LHASH_COMP_FN(name) name##_LHASH_COMP - -#define DECLARE_LHASH_DOALL_FN(name, o_type) \e - void name##_LHASH_DOALL(void *); -#define IMPLEMENT_LHASH_DOALL_FN(name, o_type) \e - void name##_LHASH_DOALL(void *arg) { \e - o_type *a = arg; \e - name##_doall(a); } -#define LHASH_DOALL_FN(name) name##_LHASH_DOALL - -#define DECLARE_LHASH_DOALL_ARG_FN(name, o_type, a_type) \e - void name##_LHASH_DOALL_ARG(void *, void *); -#define IMPLEMENT_LHASH_DOALL_ARG_FN(name, o_type, a_type) \e - void name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \e - o_type *a = arg1; \e - a_type *b = arg2; \e - name##_doall_arg(a, b); } -#define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG -.Ed -.Pp -An example of a hash table storing (pointers to) structures of type -\&'STUFF' could be defined as follows; -.Bd -literal -offset 2n -/* Calculate the hash value of 'tohash' (implemented elsewhere) */ -unsigned long STUFF_hash(const STUFF *tohash); -/* Order 'arg1' and 'arg2' (implemented elsewhere) */ -int stuff_cmp(const STUFF *arg1, const STUFF *arg2); -/* Create type-safe wrapper functions for use in the LHASH internals */ -static IMPLEMENT_LHASH_HASH_FN(stuff, STUFF); -static IMPLEMENT_LHASH_COMP_FN(stuff, STUFF); -/* ... */ -int main(int argc, char *argv[]) { - /* Create the new hash table using the hash/compare wrappers */ - LHASH_OF(STUFF) *hashtable = - lh_STUFF_new(LHASH_HASH_FN(STUFF_hash), - LHASH_COMP_FN(STUFF_cmp)); - /* ... */ -} -.Ed -.Pp -.Fn lh__free -frees the -.Vt LHASH_OF() -structure -.Fa table . -Allocated hash table entries will not be freed; consider using -.Fn lh__doall -to deallocate any remaining entries in the hash table (see below). -.Pp -.Fn lh__insert -inserts the structure pointed to by -.Fa data -into -.Fa table . -If there already is an entry with the same key, the old value is -replaced. -Note that -.Fn lh__insert -stores pointers, the data are not copied. -.Pp -.Fn lh__delete -deletes an entry from -.Fa table . -.Pp -.Fn lh__retrieve -looks up an entry in -.Fa table . -Normally, -.Fa data -is a structure with the key field(s) set; the function will return a -pointer to a fully populated structure. -.Pp -.Fn lh__doall -will, for every entry in the hash table, call -.Fa func -with the data item as its parameter. -For -.Fn lh__doall -and -.Fn lh__doall_arg , -function pointer casting should be avoided in the callbacks (see -.Sx NOTES ) -\(em instead use the declare/implement macros to create type-checked -wrappers that cast variables prior to calling your type-specific -callbacks. -An example of this is illustrated here where the callback is used to -cleanup resources for items in the hash table prior to the hashtable -itself being deallocated: -.Bd -literal -offset 2n -/* Clean up resources belonging to 'a' (this is implemented elsewhere) */ -void STUFF_cleanup_doall(STUFF *a); -/* Implement a prototype-compatible wrapper for "STUFF_cleanup" */ -IMPLEMENT_LHASH_DOALL_FN(STUFF_cleanup, STUFF) - /* ... then later in the code ... */ -/* So to run "STUFF_cleanup" against all items in a hash table ... */ -lh_STUFF_doall(hashtable, LHASH_DOALL_FN(STUFF_cleanup)); -/* Then the hash table itself can be deallocated */ -lh_STUFF_free(hashtable); -.Ed -.Pp -A callback may delete entries from the hash table, however, it is -not safe to insert new entries. -.Pp -.Fn lh__doall_arg -is the same as -.Fn lh__doall -except that -.Fa func -will be called with -.Fa arg -as the second argument and -.Fa func -should be of type -.Vt LHASH_DOALL_ARG_FN_TYPE -(a callback prototype that is passed both the table entry and an extra -argument). -As with -.Fn lh__doall , -you can instead choose to declare your callback with a prototype -matching the types you are dealing with and use the declare/implement -macros to create compatible wrappers that cast variables before calling -your type-specific callbacks. -An example of this is demonstrated here (printing all hash table entries -to a BIO that is provided by the caller): -.Bd -literal -offset 2n -/* Print item 'a' to 'output_bio' (this is implemented elsewhere) */ -void STUFF_print_doall_arg(const STUFF *a, BIO *output_bio); -/* Implement a prototype-compatible wrapper for "STUFF_print" */ -static IMPLEMENT_LHASH_DOALL_ARG_FN(STUFF, const STUFF, BIO) - /* ... then later in the code ... */ -/* Print out the entire hashtable to a particular BIO */ -lh_STUFF_doall_arg(hashtable, LHASH_DOALL_ARG_FN(STUFF_print), BIO, - logging_bio); -.Ed -.Pp -.Fn lh__error -can be used to determine if an error occurred in the last operation. -.Sh RETURN VALUES -.Fn lh__new -returns -.Dv NULL -on error, otherwise a pointer to the new -.Vt LHASH -structure. -.Pp -When a hash table entry is replaced, -.Fn lh__insert -returns the value being replaced. -.Dv NULL -is returned on normal operation and on error. -.Pp -.Fn lh__delete -returns the entry being deleted. -.Dv NULL -is returned if there is no such value in the hash table. -.Pp -.Fn lh__retrieve -returns the hash table entry if it has been found, or -.Dv NULL -otherwise. -.Pp -.Fn lh__error -returns 1 if an error occurred in the last operation, or 0 otherwise. -.Sh NOTES -The various LHASH macros and callback types exist to make it possible to -write type-checked code without resorting to function-prototype casting -\(em an evil that makes application code much harder to audit/verify and -also opens the window of opportunity for stack corruption and other -hard-to-find bugs. -It also, apparently, violates ANSI-C. -.Pp -The LHASH code regards table entries as constant data. -As such, it internally represents -.Fn lh__insert Ap ed -items with a -.Vt const void * -pointer type. -This is why callbacks such as those used by -.Fn lh__doall -and -.Fn lh__doall_arg -declare their prototypes with "const", even for the parameters that pass -back the table items' data pointers \(em for consistency, user-provided -data is "const" at all times as far as the LHASH code is concerned. -However, as callers are themselves providing these pointers, they can -choose whether they too should be treating all such parameters as -constant. -.Pp -As an example, a hash table may be maintained by code that, for -reasons of encapsulation, has only "const" access to the data being -indexed in the hash table (i.e. it is returned as "const" from -elsewhere in their code) \(em in this case the LHASH prototypes are -appropriate as-is. -Conversely, if the caller is responsible for the life-time of the data -in question, then they may well wish to make modifications to table item -passed back in the -.Fn lh__doall -or -.Fn lh__doall_arg -callbacks (see the "STUFF_cleanup" example above). -If so, the caller can either cast the "const" away (if they're providing -the raw callbacks themselves) or use the macros to declare/implement the -wrapper functions without "const" types. -.Pp -Callers that only have "const" access to data they are indexing in a -table, yet declare callbacks without constant types (or cast the "const" -away themselves), are therefore creating their own risks/bugs without -being encouraged to do so by the API. -On a related note, those auditing code should pay special attention -to any instances of DECLARE/IMPLEMENT_LHASH_DOALL_[ARG_]_FN macros -that provide types without any "const" qualifiers. -.Sh INTERNALS -The following description is based on the SSLeay documentation: -.Pp -The lhash library implements a hash table described in the -.Em Communications of the ACM -in 1991. -What makes this hash table different is that as the table fills, -the hash table is increased (or decreased) in size via -.Xr reallocarray 3 . -When a 'resize' is done, instead of all hashes being redistributed over -twice as many 'buckets', one bucket is split. -So when an 'expand' is done, there is only a minimal cost to -redistribute some values. -Subsequent inserts will cause more single 'bucket' redistributions but -there will never be a sudden large cost due to redistributing all the -\&'buckets'. -.Pp -The state for a particular hash table is kept in the -.Vt LHASH -structure. -The decision to increase or decrease the hash table size is made -depending on the 'load' of the hash table. -The load is the number of items in the hash table divided by the size of -the hash table. -The default values are as follows. -If (hash->up_load < load) => expand. -If (hash->down_load > load) => contract. -The -.Fa up_load -has a default value of 1 and -.Fa down_load -has a default value of 2. -These numbers can be modified by the application by just playing -with the -.Fa up_load -and -.Fa down_load -variables. -The 'load' is kept in a form which is multiplied by 256. -So hash->up_load=8*256 will cause a load of 8 to be set. -.Pp -If you are interested in performance, the field to watch is -.Fa num_comp_calls . -The hash library keeps track of the 'hash' value for each item so when a -lookup is done, the 'hashes' are compared, if there is a match, then a -full compare is done, and hash->num_comp_calls is incremented. -If num_comp_calls is not equal to num_delete plus num_retrieve, it means -that your hash function is generating hashes that are the same for -different values. -It is probably worth changing your hash function if this is the case -because even if your hash table has 10 items in a 'bucket', it can be -searched with 10 -.Vt unsigned long -compares and 10 linked list traverses. -This will be much less expensive that 10 calls to your compare function. -.Pp -.Fn lh_strhash -is a demo string hashing function. -Since the LHASH routines would normally be passed structures, this -routine would not normally be passed to -.Fn lh__new , -rather it would be used in the function passed to -.Fn lh__new . -.Sh SEE ALSO -.Xr crypto 3 -.Sh HISTORY -.Fn lh_new , -.Fn lh_free , -.Fn lh_insert , -.Fn lh_delete , -.Fn lh_retrieve , -.Fn lh_doall , -and -.Fn lh_strhash -appeared in SSLeay 0.4 or earlier. -.Fn lh_doall_arg -first appeared in SSLeay 0.5.1. -These functions have been available since -.Ox 2.4 . -.Pp -.Fn lh__error -was added in SSLeay 0.9.1b. -.Pp -In OpenSSL 0.9.7, all lhash functions that were passed function pointers -were changed for better type safety, and the function types -.Vt LHASH_COMP_FN_TYPE , -.Vt LHASH_HASH_FN_TYPE , -.Vt LHASH_DOALL_FN_TYPE , -and -.Vt LHASH_DOALL_ARG_FN_TYPE -became available. -.Pp -In OpenSSL 1.0.0, the lhash interface was revamped for even better type -checking. -.Sh BUGS -.Fn lh__insert -returns -.Dv NULL -both for success and error. diff --git a/src/lib/libcrypto/man/openssl.cnf.5 b/src/lib/libcrypto/man/openssl.cnf.5 deleted file mode 100644 index 4047eb059a..0000000000 --- a/src/lib/libcrypto/man/openssl.cnf.5 +++ /dev/null @@ -1,361 +0,0 @@ -.\" $OpenBSD: openssl.cnf.5,v 1.11 2024/07/08 15:02:28 jmc Exp $ -.\" full merge up to: OpenSSL man5/config b53338cb Feb 28 12:30:28 2017 +0100 -.\" selective merge up to: OpenSSL a8c5ed81 Jul 18 13:57:25 2017 -0400 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 1999, 2000, 2004, 2013, 2015, 2016, 2017 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: July 8 2024 $ -.Dt OPENSSL.CNF 5 -.Os -.Sh NAME -.Nm openssl.cnf -.Nd OpenSSL configuration files -.Sh DESCRIPTION -The OpenSSL CONF library can be used to read configuration files; see -.Xr CONF_modules_load_file 3 . -It is used for the OpenSSL master configuration file -.Pa /etc/ssl/openssl.cnf -and in a few other places such as certificate extension files for the -.Xr openssl 1 -.Cm x509 -utility. -OpenSSL applications can also use the CONF library for their own -purposes. -.Pp -A configuration file is divided into a number of sections. -Each section starts with a line -.Bq Ar section_name -and ends when a new section is started or the end of the file is reached. -A section name can consist of alphanumeric characters and underscores. -.Pp -The first section of a configuration file is special and is referred to -as the -.Dq default section . -It is usually unnamed and extends from the start of file to the -first named section. -When a name is being looked up, it is first looked up in a named -section (if any) and then in the default section. -.Pp -The environment is mapped onto a section called -.Ic ENV . -.Pp -Comments can be included by preceding them with the -.Ql # -character. -.Pp -Each section in a configuration file consists of a number of name and -value pairs of the form -.Ar name Ns = Ns Ar value . -.Pp -The -.Ar name -string can contain any alphanumeric characters as well as a few -punctuation symbols such as -.Ql \&. -.Ql \&, -.Ql \&; -and -.Ql _ . -.Pp -The -.Ar value -string consists of the string following the -.Ql = -character until the end of the line with any leading and trailing -whitespace removed. -.Pp -The value string undergoes variable expansion. -This can be done by including substrings of the form -.Pf $ Ar name -or -.Pf $ Brq Ar name : -this will substitute the value of the named variable in the current -section. -It is also possible to substitute a value from another section using the -syntax -.Pf $ Ar section Ns :: Ns Ar name -or -.Pf $ Brq Ar section Ns :: Ns Ar name . -By using the form -.Pf $ Ic ENV Ns :: Ns Ar name , -environment variables can be substituted. -It is also possible to assign values to environment variables by using -the name -.Ic ENV Ns :: Ns Ar name . -This will work if the program looks up environment variables using -the CONF library instead of calling -.Xr getenv 3 -directly. -The value string must not exceed 64k in length after variable expansion or an -error will occur. -.Pp -It is possible to escape certain characters by using any kind of quote -or the -.Ql \e -character. -By making the last character of a line a -.Ql \e , -a -.Ar value -string can be spread across multiple lines. -In addition the sequences -.Ql \en , -.Ql \er , -.Ql \eb , -and -.Ql \et -are recognized. -.Sh OPENSSL LIBRARY CONFIGURATION -Applications can automatically configure certain aspects of OpenSSL -using the master OpenSSL configuration file, or optionally an -alternative configuration file. -The -.Xr openssl 1 -utility includes this functionality: any sub command uses the master -OpenSSL configuration file unless an option is used in the sub command -to use an alternative configuration file. -.Pp -To enable library configuration, the default section needs to contain -an appropriate line which points to the main configuration section. -The default name is -.Ic openssl_conf , -which is used by the -.Xr openssl 1 -utility. -Other applications may use an alternative name such as -.Sy myapplication_conf . -All library configuration lines appear in the default section -at the start of the configuration file. -.Pp -The configuration section should consist of a set of name value pairs -which contain specific module configuration information. -The -.Ar name -represents the name of the configuration module. -The meaning of the -.Ar value -is module specific: it may, for example, represent a further -configuration section containing configuration module specific -information. -For example: -.Bd -literal -offset indent -# The following line must be in the default section. -openssl_conf = openssl_init - -[openssl_init] -oid_section = new_oids - -[new_oids] -\&... new oids here ... -.Ed -.Pp -The features of each configuration module are described below. -.Ss ASN1 Object Configuration Module -This module has the name -.Ic oid_section . -The value of this variable points to a section containing name value -pairs of OIDs: the name is the OID short and long name, and the value is the -numerical form of the OID. -Although some of the -.Xr openssl 1 -utility subcommands already have their own ASN1 OBJECT section -functionality, not all do. -By using the ASN1 OBJECT configuration module, all the -.Xr openssl 1 -utility subcommands can see the new objects as well as any compliant -applications. -For example: -.Bd -literal -offset indent -[new_oids] -some_new_oid = 1.2.3.4 -some_other_oid = 1.2.3.5 -.Ed -.Pp -It is also possible to set the value to the long name followed by a -comma and the numerical OID form. -For example: -.Pp -.Dl shortName = some object long name, 1.2.3.4 -.Sh FILES -.Bl -tag -width /etc/ssl/openssl.cnf -compact -.It Pa /etc/ssl/openssl.cnf -standard configuration file -.El -.Sh EXAMPLES -Here is a sample configuration file using some of the features -mentioned above: -.Bd -literal -offset indent -# This is the default section. -HOME=/temp -RANDFILE= ${ENV::HOME}/.rnd -configdir=$ENV::HOME/config - -[ section_one ] -# We are now in section one. - -# Quotes permit leading and trailing whitespace -any = " any variable name " - -other = A string that can \e -cover several lines \e -by including \e\e characters - -message = Hello World\en - -[ section_two ] -greeting = $section_one::message -.Ed -.Pp -This next example shows how to expand environment variables safely. -.Pp -Suppose you want a variable called -.Sy tmpfile -to refer to a temporary filename. -The directory it is placed in can determined by the -.Ev TEMP -or -.Ev TMP -environment variables but they may not be set to any value at all. -If you just include the environment variable names and the variable -doesn't exist then this will cause an error when an attempt is made to -load the configuration file. -By making use of the default section both values can be looked up with -.Ev TEMP -taking priority and -.Pa /tmp -used if neither is defined: -.Bd -literal -offset indent -TMP=/tmp -# The above value is used if TMP isn't in the environment -TEMP=$ENV::TMP -# The above value is used if TEMP isn't in the environment -tmpfile=${ENV::TEMP}/tmp.filename -.Ed -.Pp -More complex OpenSSL library configuration. -Add OID: -.Bd -literal -offset indent -# Default appname: should match "appname" parameter (if any) -# supplied to CONF_modules_load_file et al. -openssl_conf = openssl_conf_section - -[openssl_conf_section] -# Configuration module list -oid_section = new_oids - -[new_oids] -# New OID, just short name -newoid1 = 1.2.3.4.1 -# New OID shortname and long name -newoid2 = New OID 2 long name, 1.2.3.4.2 -.Ed -.Pp -The above examples can be used with any application supporting library -configuration if "openssl_conf" is modified to match the appropriate -"appname". -.Pp -For example if the second sample file above is saved to "example.cnf" -then the command line: -.Pp -.Dl OPENSSL_CONF=example.cnf openssl asn1parse -genstr OID:1.2.3.4.1 -.Pp -will output: -.Dl 0:d=0 hl=2 l= 4 prim: OBJECT :newoid1 -.Pp -showing that the OID "newoid1" has been added as "1.2.3.4.1". -.Sh SEE ALSO -.Xr openssl 1 , -.Xr CONF_modules_load_file 3 , -.Xr OPENSSL_config 3 , -.Xr x509v3.cnf 5 -.Sh CAVEATS -If a configuration file attempts to expand a variable that doesn't -exist, then an error is flagged and the file will not load. -This can also happen if an attempt is made to expand an environment -variable that doesn't exist. -For example, in a previous version of OpenSSL the default OpenSSL -master configuration file used the value of -.Ev HOME -which may not be defined on non Unix systems and would cause an error. -.Pp -This can be worked around by including a default section to provide -a default value: then if the environment lookup fails, the default -value will be used instead. -For this to work properly, the default value must be defined earlier -in the configuration file than the expansion. -See the -.Sx EXAMPLES -section for an example of how to do this. -.Pp -If the same variable is defined more than once in the same section, -then all but the last value will be silently ignored. -In certain circumstances such as with DNs, the same field may occur -multiple times. -This is usually worked around by ignoring any characters before an -initial -.Ql \&. , -for example: -.Bd -literal -offset indent -1.OU="My first OU" -2.OU="My Second OU" -.Ed -.Sh BUGS -Currently there is no way to include characters using the octal -.Pf \e Ar nnn -form. -Strings are all NUL terminated, so NUL bytes cannot form part of -the value. -.Pp -The escaping isn't quite right: if you want to use sequences like -.Ql \en , -you can't use any quote escaping on the same line. -.Pp -Files are loaded in a single pass. -This means that a variable expansion will only work if the variables -referenced are defined earlier in the file. diff --git a/src/lib/libcrypto/man/s2i_ASN1_INTEGER.3 b/src/lib/libcrypto/man/s2i_ASN1_INTEGER.3 deleted file mode 100644 index a2105bc4bc..0000000000 --- a/src/lib/libcrypto/man/s2i_ASN1_INTEGER.3 +++ /dev/null @@ -1,215 +0,0 @@ -.\" $OpenBSD: s2i_ASN1_INTEGER.3,v 1.9 2024/12/27 15:30:17 schwarze Exp $ -.\" -.\" Copyright (c) 2023 Theo Buehler -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: December 27 2024 $ -.Dt S2I_ASN1_INTEGER 3 -.Os -.Sh NAME -.Nm i2s_ASN1_ENUMERATED , -.Nm i2s_ASN1_ENUMERATED_TABLE , -.Nm i2s_ASN1_INTEGER , -.Nm s2i_ASN1_INTEGER , -.Nm i2s_ASN1_OCTET_STRING , -.Nm s2i_ASN1_OCTET_STRING -.Nd ASN.1 data type conversion utilities for certificate extensions -.Sh SYNOPSIS -.In openssl/asn1.h -.In openssl/x509v3.h -.Ft "char *" -.Fo i2s_ASN1_ENUMERATED -.Fa "X509V3_EXT_METHOD *method" -.Fa "const ASN1_ENUMERATED *a" -.Fc -.Ft "char *" -.Fo i2s_ASN1_INTEGER -.Fa "X509V3_EXT_METHOD *method" -.Fa "const ASN1_INTEGER *a" -.Fc -.Ft "ASN1_INTEGER *" -.Fo s2i_ASN1_INTEGER -.Fa "X509V3_EXT_METHOD *method" -.Fa "const char *value" -.Fc -.Ft "char *" -.Fo i2s_ASN1_OCTET_STRING -.Fa "X509V3_EXT_METHOD *method" -.Fa "const ASN1_OCTET_STRING *aos" -.Fc -.Ft "ASN1_OCTET_STRING *" -.Fo s2i_ASN1_OCTET_STRING -.Fa "X509V3_EXT_METHOD *method" -.Fa "X509V3_CTX *ctx" -.Fa "const char *value" -.Fc -.Ft "char *" -.Fo i2s_ASN1_ENUMERATED_TABLE -.Fa "X509V3_EXT_METHOD *method" -.Fa "const ASN1_ENUMERATED *a" -.Fc -.Sh DESCRIPTION -These functions convert to and from -.Vt ASN1_ENUMERATED , -.Vt ASN1_INTEGER , -and -.Vt ASN1_OCTET_STRING -objects. -They are primarily used internally for parsing configuration files and -displaying X.509v3 certificate extensions. -With the exception of -.Fn i2s_ASN1_ENUMERATED_TABLE , -these functions ignore the -.Fa method -argument. -Any object or string returned by these functions must be freed by the caller. -.Pp -.Fn i2s_ASN1_ENUMERATED -and -.Fn i2s_ASN1_INTEGER -first convert -.Fa a -into a -.Vt BIGNUM -object with -.Xr ASN1_ENUMERATED_to_BN 3 -or -.Xr ASN1_INTEGER_to_BN 3 -and then derive a string representation using -.Xr BN_bn2dec 3 -or -.Xr BN_bn2hex 3 . -Decimal representation is used if the number has less than 128 bits, -otherwise hexadecimal representation is used to avoid excessive conversion cost. -.Pp -.Fn s2i_ASN1_INTEGER -converts the NUL-terminated decimal or hexadecimal string representation of -an integer in -.Fa value -into an -.Vt ASN1_INTEGER -object. -A sign prefix of -.Sq - -indicates a negative number and the base prefixes -.Sq 0x -and -.Sq 0X -indicate hexadecimal representation, -otherwise decimal representation is assumed. -After skipping the sign and base prefixes, an intermediate conversion into a -.Vt BIGNUM -is performed using -.Xr BN_dec2bn 3 -or -.Xr BN_hex2bn 3 -and the -.Vt ASN1_INTEGER -is then obtained with -.Xr BN_to_ASN1_INTEGER 3 . -.Pp -.Fn i2s_ASN1_OCTET_STRING -converts the octets in -.Fa aos -into a string where the octets are colon-separated and -represented as pairs of uppercase hexadecimal digits. -.Pp -.Fn s2i_ASN1_OCTET_STRING -converts the NUL-terminated string -.Fa str -into an -.Vt ASN1_OCTET_STRING . -The -.Fa method -and -.Fa ctx -arguments are ignored. -Every pair of hexadecimal digits is converted into an octet. -Colons are ignored if they are at the start, the end or -if they separate two pairs of digits. -.Pp -.Fn i2s_ASN1_ENUMERATED_TABLE -looks up the value of -.Fa a -in the -.Fa usr_data -field of the -.Pf non- Dv NULL -.Fa method -and returns a copy of the associated long name. -If no match is found, -.Fa a -is passed to -.Fn i2s_ASN1_ENUMERATED . -The -.Fa method -argument can be provided by application programs or it can be a -default method obtained from -.Xr X509V3_EXT_get_nid 3 . -The default -.Fa methods -corresponding to the following -.Fa nid -arguments have strings configured in their usr_data field: -.Pp -.Bl -column NID_netscape_cert_type "Netscape certificate type (obsolete)" -compact -.It Dv NID_crl_reason Ta reason codes, RFC 5280, 5.3.1 -.It Dv NID_key_usage Ta key usage, RFC 5280, 4.2.1.3 -.It Dv NID_netscape_cert_type Ta Netscape certificate type (obsolete) -.El -.Sh RETURN VALUES -.Fn i2s_ASN1_ENUMERATED , -.Fn i2s_ASN1_ENUMERATED_TABLE , -.Fn i2s_ASN1_INTEGER , -and -.Fn i2s_ASN1_OCTET_STRING -return a NUL-terminated string, or NULL on memory allocation failure. -.Pp -.Fn s2i_ASN1_INTEGER -returns an -.Vt ASN1_INTEGER , -or NULL on error. -Error conditions are memory allocation failure or if -.Fa value -is not a valid decimal or hexadecimal encoding of an integer. -.Pp -.Fn s2i_ASN1_OCTET_STRING -returns an -.Vt ASN1_OCTET_STRING , -or NULL on error. -Error conditions are memory allocation failure or if -.Fa value -contains an odd number of hexadecimal digits or anything except -colons at the start, the end or between pairs of hexadecimal digits. -.Pp -Error codes can sometimes be obtained by -.Xr ERR_get_error 3 . -.Sh SEE ALSO -.Xr a2i_ASN1_INTEGER 3 , -.Xr a2i_ipadd 3 , -.Xr ASN1_INTEGER_new 3 , -.Xr ASN1_INTEGER_to_BN 3 , -.Xr ASN1_OCTET_STRING_new 3 , -.Xr crypto 3 , -.Xr v2i_ASN1_BIT_STRING 3 , -.Xr X509V3_get_d2i 3 -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.4 and -have been available since -.Ox 2.6 . -.Sh BUGS -Of these functions at least -.Fn i2s_ASN1_ENUMERATED_TABLE -can succeed while setting an error and fail without setting an error -on the error stack. diff --git a/src/lib/libcrypto/man/v2i_ASN1_BIT_STRING.3 b/src/lib/libcrypto/man/v2i_ASN1_BIT_STRING.3 deleted file mode 100644 index 36d9f7496b..0000000000 --- a/src/lib/libcrypto/man/v2i_ASN1_BIT_STRING.3 +++ /dev/null @@ -1,125 +0,0 @@ -.\" $OpenBSD: v2i_ASN1_BIT_STRING.3,v 1.1 2024/12/24 09:48:56 schwarze Exp $ -.\" -.\" Copyright (c) 2024 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: December 24 2024 $ -.Dt V2I_ASN1_BIT_STRING 3 -.Os -.Sh NAME -.Nm v2i_ASN1_BIT_STRING , -.Nm i2v_ASN1_BIT_STRING -.Nd ASN.1 BIT STRING utility functions for certificate extensions -.Sh SYNOPSIS -.In openssl/x509v3.h -.Ft ASN1_BIT_STRING * -.Fo v2i_ASN1_BIT_STRING -.Fa "X509V3_EXT_METHOD *method" -.Fa "X509V3_CTX *ctx" -.Fa "STACK_OF(CONF_VALUE) *nval" -.Fc -.Ft STACK_OF(CONF_VALUE) * -.Fo i2v_ASN1_BIT_STRING -.Fa "X509V3_EXT_METHOD *method" -.Fa "ASN1_BIT_STRING *bit_string" -.Fa "STACK_OF(CONF_VALUE) *nval" -.Fc -.Sh DESCRIPTION -.Fn v2i_ASN1_BIT_STRING -allocates a new ASN.1 -.Vt BIT STRING -object and initializes it from a list of bit names. -The -.Fa nval -argument is essentially used as the list of the names of the bits to set. -Both long names and short names can be used. -One name is taken from each element of -.Fa nval . -The -.Fa ctx -argument and any section names or values contained in the elements of -.Fa nval -are ignored. -To convert a C string containing a comma-separated list of names -to the input format of this function, -.Xr X509V3_parse_list 3 -can be used. -.Pp -.Fn i2v_ASN1_BIT_STRING -translates the numbers of the bits that are set in the -.Fa bit_string -to long names. -For each bit that is set, -one element containing the corresponding long name is added to -.Fa nval . -If a -.Dv NULL -pointer is passed for the -.Fa nval -argument, a new -.Vt STACK_OF(CONF_VALUE) -is allocated. -.Pp -For both functions, the -.Fa method -argument is only used for the translation of bit names to bit numbers -and vice versa. -Any names and bit numbers that do not occur in the -.Fa usr_data -translation table in the -.Fa method -are silently ignored. -.Pp -For the following arguments, -.Xr X509V3_EXT_get_nid 3 -returns static constant -.Fa method -objects supporting these functions: -.Pp -.Bl -tag -width NID_netscape_cert_type -compact -.It Dv NID_crl_reason -reason codes, RFC 5280 section 5.3.1 -.It Dv NID_key_usage -key usage purposes, RFC 5280 section 4.2.1.3 -.It Dv NID_netscape_cert_type -Netscape certificate types (obsolete) -.El -.Pp -While an application program could theoretically provide its own -.Fa method -object containing a custom translation table, that is unlikely to be -useful for any practical purpose. -.Sh RETURN VALUES -.Fn v2i_ASN1_BIT_STRING -returns the new -.Vt BIT STRING -object and -.Fn i2v_ASN1_BIT_STRING -the modified or new list of bit names. -Both functions return -.Dv NULL -if an error occurs, in particular if memory allocation fails. -.Sh SEE ALSO -.Xr ASN1_BIT_STRING_new 3 , -.Xr ASN1_BIT_STRING_set 3 , -.Xr i2s_ASN1_ENUMERATED_TABLE 3 , -.Xr STACK_OF 3 , -.Xr tls_peer_ocsp_crl_reason 3 , -.Xr X509_get_key_usage 3 , -.Xr X509V3_EXT_get_nid 3 , -.Xr X509V3_get_d2i 3 , -.Xr X509V3_parse_list 3 -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.8 and have been available since -.Ox 4.5 . diff --git a/src/lib/libcrypto/man/x509_verify.3 b/src/lib/libcrypto/man/x509_verify.3 deleted file mode 100644 index b9fe13a54f..0000000000 --- a/src/lib/libcrypto/man/x509_verify.3 +++ /dev/null @@ -1,221 +0,0 @@ -.\" $OpenBSD: x509_verify.3,v 1.2 2020/09/14 14:21:46 schwarze Exp $ -.\" -.\" Copyright (c) 2020 Bob Beck -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: September 14 2020 $ -.Dt X509_VERIFY 3 -.Os -.Sh NAME -.Nm x509_verify , -.Nm x509_verify_ctx_new , -.Nm x509_verify_ctx_free , -.Nm x509_verify_ctx_set_max_depth , -.Nm x509_verify_ctx_set_max_signatures , -.Nm x509_verify_ctx_set_max_chains , -.Nm x509_verify_ctx_set_purpose , -.Nm x509_verify_ctx_set_intermediates , -.Nm x509_verify_ctx_error_string , -.Nm x509_verify_ctx_error_depth , -.Nm x509_verify_ctx_chain -.Nd discover and verify X.509 certificate chains -.Sh SYNOPSIS -.In openssl/x509_verify.h -.Ft size_t -.Fo x509_verify -.Fa "X509_VERIFY_CTX *ctx" -.Fa "X509 *leaf" -.Fa "char *name" -.Fc -.Ft X509_VERIFY_CTX * -.Fo x509_verify_ctx_new -.Fa "STACK_OF(X509) *roots" -.Fc -.Ft void -.Fo x509_verify_ctx_free -.Fa "X509_VERIFY_CTX *ctx" -.Fc -.Ft int -.Fo x509_verify_ctx_set_max_depth -.Fa "X509_VERIFY_CTX *ctx" -.Fa "size_t max" -.Fc -.Ft int -.Fo x509_verify_ctx_set_max_signatures -.Fa "X509_VERIFY_CTX *ctx" -.Fa "size_t max" -.Fc -.Ft int -.Fo x509_verify_ctx_set_max_chains -.Fa "X509_VERIFY_CTX *ctx" -.Fa "size_t max" -.Fc -.Ft int -.Fo x509_verify_ctx_set_purpose -.Fa "X509_VERIFY_CTX *ctx" -.Fa "int purpose_id" -.Fc -.Ft int -.Fo x509_verify_ctx_set_intermediates -.Fa "X509_VERIFY_CTX *ctx" -.Fa "STACK_OF(X509) *intermediates" -.Fc -.Ft const char * -.Fo x509_verify_ctx_error_string -.Fa "X509_VERIFY_CTX *ctx" -.Fc -.Ft size_t -.Fo x509_verify_ctx_error_depth -.Fa "X509_VERIFY_CTX *ctx" -.Fc -.Ft STACK_OF(X509) * -.Fo x509_verify_ctx_chain -.Fa "X509_VERIFY_CTX *ctx" -.Fa "size_t index" -.Fc -.Sh DESCRIPTION -The -.Fn x509_verify -function attempts to discover and validate all certificate chains -for the -.Fa name -from the -.Fa leaf -certificate based on the parameters in -.Fa ctx . -Multiple chains may be built and validated. -Revocation checking is not done by this function, and should be -performed by the caller on any returned chains if so desired. -.Pp -.Fn x509_verify_ctx_new -allocates a new context using the trusted -.Fa roots . -In case of success, it increments the reference count of -.Fa roots . -.Pp -.Fn x509_verify_ctx_free -frees -.Fa ctx -and decrements the reference count of the -.Fa roots -and -.Fa intermediates -associated with it. -If -.Fa ctx -is -.Dv NULL , -no action occurs. -.Pp -.Fn x509_verify_ctx_set_max_depth -sets the maximum depth of certificate chains that will be constructed to -.Fa max , -which can be in the range from 1 to the default of 32. -.Pp -.Fn x509_verify_ctx_set_max_signatures -sets the maximum number of public key signature operations that will be -used when verifying certificate chains to -.Fa max , -which can be in the range from 1 to 100000. -The default is 256. -.Pp -.Fn x509_verify_ctx_set_max_chains -sets the maximum number of chains which may be returned to -.Fa max , -which can be in the range from 1 to the default of 8. -.Pp -.Fn x509_verify_ctx_set_purpose -sets the certificate purpose for validation to -.Fa purpose_id . -The -.Dv X509_PURPOSE_* -constants listed in -.Xr X509_check_purpose 3 -can be used. -.Pp -.Fn x509_verify_ctx_set_intermediates -provides some intermediate certificates, typically received from -the peer, to be used for building chains. -In case of success, this function increases the reference count of -.Fa intermediates . -.Pp -.Fn x509_verify_ctx_error_string -extracts a description of the last error encountered by a previous -call to -.Fn x509_verify -from -.Fa ctx . -.Pp -.Fn x509_verify_ctx_error_depth -extracts the depth of the last error encountered by a previous -call to -.Fn x509_verify -from -.Fa ctx . -.Pp -.Fn x509_verify_ctx_chain -extracts the validated chain with the given -.Fa index -from -.Fa ctx -after a previous call to -.Fn x509_verify . -The -.Fa index -starts at 0, and it is an error to pass a number -greater than or equal to the return value of -.Fn x509_verify . -The returned chain is neither copied, -nor is its reference count increased. -.Sh RETURN VALUES -.Fn x509_verify -returns the number of chains successfully built and validated -or 0 on failure. -.Pp -.Fn x509_verify_ctx_new -returns a newly allocated context or -.Dv NULL -on failure. -.Pp -.Fn x509_verify_ctx_set_max_depth , -.Fn x509_verify_ctx_set_max_signatures , -.Fn x509_verify_ctx_set_max_chains , -.Fn x509_verify_ctx_set_purpose , -and -.Fn x509_verify_ctx_set_intermediates -return 1 on success or 0 on failure. -.Pp -.Fn x509_verify_ctx_error_string -returns a pointer to a human readable error string. -If no error occurred, -.Qq ok -is returned. -.Pp -.Fn x509_verify_ctx_chain -returns an internal pointer to a validated chain or -.Dv NULL -if -.Fa index -is greater than or equal to the number of chains -that were successfully built and validated. -The returned pointer becomes invalid when -.Fa ctx -is destroyed. -.Sh SEE ALSO -.Xr X509_verify_cert 3 -.Sh HISTORY -These functions first appeared in -.Ox 6.8 . -.Sh AUTHORS -.An Bob Beck Aq Mt beck@openbsd.org diff --git a/src/lib/libcrypto/man/x509v3.cnf.5 b/src/lib/libcrypto/man/x509v3.cnf.5 deleted file mode 100644 index 89f52d6a01..0000000000 --- a/src/lib/libcrypto/man/x509v3.cnf.5 +++ /dev/null @@ -1,738 +0,0 @@ -.\" $OpenBSD: x509v3.cnf.5,v 1.8 2022/03/31 17:27:17 naddy Exp $ -.\" full merge up to: -.\" OpenSSL man5/x509v3_config a41815f0 Mar 17 18:43:53 2017 -0700 -.\" selective merge up to: OpenSSL 36cf10cf Oct 4 02:11:08 2017 -0400 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2004, 2006, 2013, 2014, 2015, 2016 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 31 2022 $ -.Dt X509V3.CNF 5 -.Os -.Sh NAME -.Nm x509v3.cnf -.Nd X.509 V3 certificate extension configuration format -.Sh DESCRIPTION -Several of the OpenSSL utilities can add extensions to a certificate or -certificate request based on the contents of a configuration file. -The file format is based on the -.Xr openssl.cnf 5 -format. -.Pp -Typically the application will contain an option to point to an -extension section. -Each line of the extension section takes the form: -.Pp -.D1 Ar extension_name Ns = Ns Oo Cm critical , Oc Ar extension_options -.Pp -If -.Cm critical -is present, then the extension will be critical. -.Pp -The format of -.Ar extension_options -depends on the value of -.Ar extension_name . -.Pp -There are four main types of extension: string extensions, multi-valued -extensions, raw extensions, and arbitrary extensions. -.Pp -String extensions simply have a string which contains either the value -itself or how it is obtained. -For example: -.Pp -.Dl nsComment="This is a Comment" -.Pp -Multi-valued extensions have a short form and a long form. -The short form is a list of names and values: -.Pp -.Dl basicConstraints=critical,CA:true,pathlen:1 -.Pp -The long form allows the values to be placed in a separate section: -.Bd -literal -offset indent -basicConstraints=critical,@bs_section - -[bs_section] -CA=true -pathlen=1 -.Ed -.Pp -Both forms are equivalent. -.Pp -The syntax of raw extensions is governed by the extension code: -it can for example contain data in multiple sections. -The correct syntax to use is defined by the extension code itself: -check out the certificate policies extension for an example. -.Pp -If an extension type is unsupported, then the arbitrary extension -syntax must be used; see the -.Sx ARBITRARY EXTENSIONS -section for more details. -.Sh STANDARD EXTENSIONS -The following sections describe each supported extension in detail. -.Ss Basic constraints -This is a multi-valued extension which indicates whether a certificate -is a CA certificate. -The first (mandatory) name is -.Ic CA -followed by -.Cm TRUE -or -.Cm FALSE . -If -.Ic CA -is -.Cm TRUE , -then an optional -.Ic pathlen -name followed by a non-negative value can be included. -For example: -.Bd -literal -offset indent -basicConstraints=CA:TRUE -basicConstraints=CA:FALSE -basicConstraints=critical,CA:TRUE, pathlen:0 -.Ed -.Pp -A CA certificate must include the -.Ic basicConstraints -value with the -.Ic CA -field set to -.Cm TRUE . -An end user certificate must either set -.Ic CA -to -.Cm FALSE -or exclude the extension entirely. -Some software may require the inclusion of -.Ic basicConstraints -with -.Ic CA -set to -.Cm FALSE -for end entity certificates. -.Pp -The -.Ic pathlen -parameter indicates the maximum number of CAs that can appear below -this one in a chain. -So if you have a CA with a -.Ic pathlen -of zero, it can only be used to sign end user certificates and not -further CAs. -.Ss Key usage -Key usage is a multi-valued extension consisting of a list of names of -the permitted key usages. -.Pp -The supported names are: -.Ic digitalSignature , -.Ic nonRepudiation , -.Ic keyEncipherment , -.Ic dataEncipherment , -.Ic keyAgreement , -.Ic keyCertSign , -.Ic cRLSign , -.Ic encipherOnly , -and -.Ic decipherOnly . -Examples: -.Bd -literal -offset indent -keyUsage=digitalSignature, nonRepudiation -keyUsage=critical, keyCertSign -.Ed -.Ss Extended key usage -This extension consists of a list of purposes for -which the certificate public key can be used. -.Pp -These can either be object short names or the dotted numerical form of OIDs. -While any OID can be used, only certain values make sense. -In particular the following PKIX, NS and MS values are meaningful: -.Bl -column emailProtection -.It Em value Ta Em meaning -.It Ic serverAuth Ta TLS server authentication -.It Ic clientAuth Ta TLS client authentication -.It Ic codeSigning Ta code signing -.It Ic emailProtection Ta E-mail protection (S/MIME) -.It Ic timeStamping Ta trusted timestamping -.It Ic OCSPSigning Ta OCSP signing -.It Ic ipsecIKE Ta IPsec internet key exchange -.It Ic msCodeInd Ta Microsoft individual code signing (authenticode) -.It Ic msCodeCom Ta Microsoft commercial code signing (authenticode) -.It Ic msCTLSign Ta Microsoft trust list signing -.It Ic msEFS Ta Microsoft encrypted file system -.El -.Pp -Examples: -.Bd -literal -offset indent -extendedKeyUsage=critical,codeSigning,1.2.3.4 -extendedKeyUsage=serverAuth,clientAuth -.Ed -.Ss Subject key identifier -This is really a string extension and can take two possible values. -Either the word -.Cm hash -which will automatically follow the guidelines in RFC 3280 -or a hex string giving the extension value to include. -The use of the hex string is strongly discouraged. -Example: -.Pp -.Dl subjectKeyIdentifier=hash -.Ss Authority key identifier -The authority key identifier extension permits two options, -.Cm keyid -and -.Cm issuer : -both can take the optional value -.Cm always . -.Pp -If the -.Cm keyid -option is present, an attempt is made to copy the subject -key identifier from the parent certificate. -If the value -.Cm always -is present, then an error is returned if the option fails. -.Pp -The -.Cm issuer -option copies the issuer and serial number from the issuer certificate. -This will only be done if the -.Cm keyid -option fails or is not included unless the -.Cm always -flag will always include the value. -Example: -.Pp -.Dl authorityKeyIdentifier=keyid,issuer -.Ss Subject alternative name -The subject alternative name extension allows various literal values to -be included in the configuration file. -These include -.Ic email -(an email address), -.Ic URI -(a uniform resource indicator), -.Ic DNS -(a DNS domain name), -.Ic RID -(a registered ID: OBJECT IDENTIFIER), -.Ic IP -(an IP address), -.Ic dirName -(a distinguished name), and -.Ic otherName . -.Pp -The -.Ic email -option can include a special -.Cm copy -value. -This will automatically include any email addresses contained in the -certificate subject name in the extension. -.Pp -The IP address used in the -.Ic IP -options can be in either IPv4 or IPv6 format. -.Pp -The value of -.Ic dirName -should point to a section containing the distinguished name to use as a -set of name value pairs. -Multi values AVAs can be formed by prefacing the name with a -.Ql + -character. -.Pp -.Ic otherName -can include arbitrary data associated with an OID: the value should -be the OID followed by a semicolon and the content in standard -.Xr ASN1_generate_nconf 3 -format. -Examples: -.Bd -literal -offset 2n -subjectAltName=email:copy,email:my@other.address,URI:http://my.url.here/ -subjectAltName=IP:192.168.7.1 -subjectAltName=IP:13::17 -subjectAltName=email:my@other.address,RID:1.2.3.4 -subjectAltName=otherName:1.2.3.4;UTF8:some other identifier - -subjectAltName=dirName:dir_sect - -[dir_sect] -C=UK -O=My Organization -OU=My Unit -CN=My Name -.Ed -.Ss Issuer alternative name -The issuer alternative name option supports all the literal options of -subject alternative name. -It does not support the -.Ic email : Ns Cm copy -option because that would not make sense. -It does support an additional -.Ic issuer : Ns Cm copy -option that will copy all the subject alternative name values from -the issuer certificate (if possible). -Example: -.Pp -.Dl issuerAltName = issuer:copy -.Ss Authority info access -The authority information access extension gives details about how to -access certain information relating to the CA. -Its syntax is -.Ar accessOID ; location -where -.Ar location -has the same syntax as subject alternative name (except that -.Ic email : Ns Cm copy -is not supported). -.Ar accessOID -can be any valid OID but only certain values are meaningful, -for example -.Cm OCSP -and -.Cm caIssuers . -Example: -.Bd -literal -offset indent -authorityInfoAccess = OCSP;URI:http://ocsp.my.host/ -authorityInfoAccess = caIssuers;URI:http://my.ca/ca.html -.Ed -.Ss CRL distribution points -This is a multi-valued extension whose options can be either in -.Ar name : Ns Ar value -pair form using the same form as subject alternative name or a -single value representing a section name containing all the -distribution point fields. -.Pp -For a -.Ar name : Ns Ar value -pair a new DistributionPoint with the fullName field set to the -given value, both the cRLissuer and reasons fields are omitted in -this case. -.Pp -In the single option case, the section indicated contains values -for each field. -In this section: -.Pp -If the name is -.Ic fullname , -the value field should contain the full name of the distribution -point in the same format as subject alternative name. -.Pp -If the name is -.Ic relativename , -then the value field should contain a section name whose contents -represent a DN fragment to be placed in this field. -.Pp -The name -.Ic CRLIssuer , -if present, should contain a value for this field in subject -alternative name format. -.Pp -If the name is -.Ic reasons , -the value field should consist of a comma separated field containing -the reasons. -Valid reasons are: -.Cm keyCompromise , -.Cm CACompromise , -.Cm affiliationChanged , -.Cm superseded , -.Cm cessationOfOperation , -.Cm certificateHold , -.Cm privilegeWithdrawn , -and -.Cm AACompromise . -.Pp -Simple examples: -.Bd -literal -offset indent -crlDistributionPoints=URI:http://myhost.com/myca.crl -crlDistributionPoints=URI:http://my.com/my.crl,URI:http://oth.com/my.crl -.Ed -.Pp -Full distribution point example: -.Bd -literal -offset indent -crlDistributionPoints=crldp1_section - -[crldp1_section] -fullname=URI:http://myhost.com/myca.crl -CRLissuer=dirName:issuer_sect -reasons=keyCompromise, CACompromise - -[issuer_sect] -C=UK -O=Organisation -CN=Some Name -.Ed -.Ss Issuing distribution point -This extension should only appear in CRLs. -It is a multi-valued extension whose syntax is similar to the "section" -pointed to by the CRL distribution points extension with a few -differences. -.Pp -The names -.Ic reasons -and -.Ic CRLissuer -are not recognized. -.Pp -The name -.Ic onlysomereasons -is accepted, which sets this field. -The value is in the same format as the CRL distribution point -.Ic reasons -field. -.Pp -The names -.Ic onlyuser , -.Ic onlyCA , -.Ic onlyAA , -and -.Ic indirectCRL -are also accepted. -The values should be a boolean values -.Cm ( TRUE -or -.Cm FALSE ) -to indicate the value of the corresponding field. -Example: -.Bd -literal -offset indent -issuingDistributionPoint=critical, @idp_section - -[idp_section] -fullname=URI:http://myhost.com/myca.crl -indirectCRL=TRUE -onlysomereasons=keyCompromise, CACompromise - -[issuer_sect] -C=UK -O=Organisation -CN=Some Name -.Ed -.Ss Certificate policies -This is a raw extension. -All the fields of this extension can be set by using the appropriate -syntax. -.Pp -If you follow the PKIX recommendations and just use one OID, then you -just include the value of that OID. -Multiple OIDs can be set separated by commas, for example: -.Pp -.Dl certificatePolicies= 1.2.4.5, 1.1.3.4 -.Pp -If you wish to include qualifiers, then the policy OID and qualifiers -need to be specified in a separate section: this is done by using the -.Pf @ Ar section -syntax instead of a literal OID value. -.Pp -The section referred to must include the policy OID using the name -.Ic policyIdentifier . -.Ic CPSuri -qualifiers can be included using the syntax: -.Pp -.D1 Ic CPS . Ns Ar nnn Ns = Ns Ar value -.Pp -.Ic userNotice -qualifiers can be set using the syntax: -.Pp -.D1 Ic userNotice . Ns Ar nnn Ns =@ Ns Ar notice -.Pp -The value of the -.Ic userNotice -qualifier is specified in the relevant section. -This section can include -.Ic explicitText , -.Ic organization , -and -.Ic noticeNumbers -options. -.Ic explicitText -and -.Ic organization -are text strings, -and -.Ic noticeNumbers -is a comma separated list of numbers. -The -.Ic organization -and -.Ic noticeNumbers -options (if included) must -.Em both -be present. -If you use the -.Ic userNotice -option with IE5 then you need the -.Ic ia5org -option at the top level to modify the encoding: otherwise it will -not be interpreted properly. -Example: -.Bd -literal -offset indent -certificatePolicies=ia5org,1.2.3.4,1.5.6.7.8,@polsect - -[polsect] -policyIdentifier = 1.3.5.8 -CPS.1="http://my.host.name/" -CPS.2="http://my.your.name/" -userNotice.1=@notice - -[notice] -explicitText="Explicit Text Here" -organization="Organisation Name" -noticeNumbers=1,2,3,4 -.Ed -.Pp -The -.Ic ia5org -option changes the type of the -.Ic organization -field. -In RFC 2459, it can only be of type -.Vt DisplayText . -In RFC 3280, -.Vt IA5String -is also permissible. -Some software (for example some versions of MSIE) may require -.Ic ia5org . -.Ss Policy constraints -This is a multi-valued extension which consists of the names -.Ic requireExplicitPolicy -or -.Ic inhibitPolicyMapping -and a non-negative integer value. -At least one component must be present. -Example: -.Pp -.Dl policyConstraints = requireExplicitPolicy:3 -.Ss Inhibit any policy -This is a string extension whose value must be a non-negative integer. -Example: -.Pp -.Dl inhibitAnyPolicy = 2 -.Ss Name constraints -The name constraints extension is a multi-valued extension. -The name should begin with the word -.Cm permitted -or -.Cm excluded , -followed by a semicolon. -The rest of the name and the value follows the syntax of subjectAltName -except -.Ic email : Ns Cm copy -is not supported and the -.Ic IP -form should consist of an IP addresses and subnet mask separated -by a slash. -Examples: -.Bd -literal -offset indent -nameConstraints=permitted;IP:192.168.0.0/255.255.0.0 -nameConstraints=permitted;email:.somedomain.com -nameConstraints=excluded;email:.com -.Ed -.Ss OCSP no check -The OCSP no check extension is a string extension, -but its value is ignored. -Example: -.Pp -.Dl noCheck = ignored -.Ss TLS Feature (aka must staple) -This is a multi-valued extension consisting of a list of TLS extension -identifiers. -Each identifier may be a number in the range from 0 to 65535 or a -supported name. -When a TLS client sends a listed extension, the TLS server is expected -to include that extension in its reply. -.Pp -The supported names are: -.Cm status_request -and -.Cm status_request_v2 . -Example: -.Pp -.Dl tlsfeature = status_request -.Sh DEPRECATED EXTENSIONS -The following extensions are non-standard, Netscape specific and largely -obsolete. -Their use in new applications is discouraged. -.Ss Netscape string extensions -Netscape comment -.Ic ( nsComment ) -is a string extension containing a comment which will be displayed when -the certificate is viewed in some browsers. -Example: -.Pp -.Dl nsComment = "Some Random Comment" -.Pp -Other supported extensions in this category are: -.Ic nsBaseUrl , -.Ic nsRevocationUrl , -.Ic nsCaRevocationUrl , -.Ic nsRenewalUrl , -.Ic nsCaPolicyUrl , -and -.Ic nsSslServerName . -.Ss Netscape certificate type -This is a multi-valued extensions which consists of a list of flags to -be included. -It was used to indicate the purposes for which a certificate could be -used. -The -.Ic basicConstraints , -.Ic keyUsage , -and extended key usage extensions are now used instead. -.Pp -Acceptable values for -.Ic nsCertType -are: -.Cm client , -.Cm server , -.Cm email , -.Cm objsign , -.Cm reserved , -.Cm sslCA , -.Cm emailCA , -.Cm objCA . -.Sh ARBITRARY EXTENSIONS -If an extension is not supported by the OpenSSL code, then it must -be encoded using the arbitrary extension format. -It is also possible to use the arbitrary format for supported -extensions. -Extreme care should be taken to ensure that the data is formatted -correctly for the given extension type. -.Pp -There are two ways to encode arbitrary extensions. -.Pp -The first way is to use the word -.Cm ASN1 -followed by the extension content using the same syntax as -.Xr ASN1_generate_nconf 3 . -For example: -.Bd -literal -offset indent -1.2.3.4=critical,ASN1:UTF8String:Some random data -1.2.3.4=ASN1:SEQUENCE:seq_sect - -[seq_sect] -field1 = UTF8:field1 -field2 = UTF8:field2 -.Ed -.Pp -It is also possible to use the word -.Cm DER -to include the raw encoded data in any extension. -.Bd -literal -offset indent -1.2.3.4=critical,DER:01:02:03:04 -1.2.3.4=DER:01020304 -.Ed -.Pp -The value following -.Cm DER -is a hex dump of the DER encoding of the extension. -Any extension can be placed in this form to override the default behaviour. -For example: -.Pp -.Dl basicConstraints=critical,DER:00:01:02:03 -.Sh FILES -.Bl -tag -width /etc/ssl/x509v3.cnf -compact -.It Pa /etc/ssl/x509v3.cnf -standard configuration file -.El -.Sh SEE ALSO -.Xr openssl 1 , -.Xr ASN1_generate_nconf 3 , -.Xr OPENSSL_config 3 , -.Xr openssl.cnf 5 -.Sh HISTORY -X509v3 extension code was first added to OpenSSL 0.9.2. -.Sh CAVEATS -There is no guarantee that a specific implementation will process a -given extension. -It may therefore sometimes be possible to use certificates for purposes -prohibited by their extensions because a specific application does not -recognize or honour the values of the relevant extensions. -.Pp -The -.Cm DER -and -.Cm ASN1 -options should be used with caution. -It is possible to create totally invalid extensions if they are not used -carefully. -.Pp -If an extension is multi-value and a field value must contain a comma, -the long form must be used. -Otherwise the comma would be misinterpreted as a field separator. -For example, -.Pp -.Dl subjectAltName=URI:ldap://somehost.com/CN=foo,OU=bar -.Pp -will produce an error, but the following form is valid: -.Bd -literal -offset indent -subjectAltName=@subject_alt_section - -[subject_alt_section] -subjectAltName=URI:ldap://somehost.com/CN=foo,OU=bar -.Ed -.Pp -Due to the behaviour of the OpenSSL CONF library, the same field -name can only occur once in a section. -That means that -.Bd -literal -offset indent -subjectAltName=@alt_section - -[alt_section] -email=steve@here -email=steve@there -.Ed -.Pp -will only use the last value. -This can be worked around by using the form: -.Bd -literal -offset indent -[alt_section] -email.1=steve@here -email.2=steve@there -.Ed diff --git a/src/lib/libcrypto/md4/md4.c b/src/lib/libcrypto/md4/md4.c deleted file mode 100644 index 9cf1ff9532..0000000000 --- a/src/lib/libcrypto/md4/md4.c +++ /dev/null @@ -1,347 +0,0 @@ -/* $OpenBSD: md4.c,v 1.18 2024/06/01 07:36:16 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include - -#include - -#include - -#include "crypto_internal.h" - -/* Ensure that MD4_LONG and uint32_t are equivalent size. */ -CTASSERT(sizeof(MD4_LONG) == sizeof(uint32_t)); - -static inline uint32_t -md4_f(uint32_t x, uint32_t y, uint32_t z) -{ - return (x & y) | (~x & z); -} - -static inline uint32_t -md4_g(uint32_t x, uint32_t y, uint32_t z) -{ - return (x & y) | (x & z) | (y & z); -} - -static inline uint32_t -md4_h(uint32_t x, uint32_t y, uint32_t z) -{ - return x ^ y ^ z; -} - -static inline void -md4_round1(uint32_t *a, uint32_t b, uint32_t c, uint32_t d, uint32_t x, - uint32_t s) -{ - *a = crypto_rol_u32(*a + md4_f(b, c, d) + x, s); -} - -static inline void -md4_round2(uint32_t *a, uint32_t b, uint32_t c, uint32_t d, uint32_t x, - uint32_t s) -{ - *a = crypto_rol_u32(*a + md4_g(b, c, d) + x + 0x5a827999UL, s); -} - -static inline void -md4_round3(uint32_t *a, uint32_t b, uint32_t c, uint32_t d, uint32_t x, - uint32_t s) -{ - *a = crypto_rol_u32(*a + md4_h(b, c, d) + x + 0x6ed9eba1UL, s); -} - -static void -md4_block_data_order(MD4_CTX *c, const void *_in, size_t num) -{ - const uint8_t *in = _in; - const MD4_LONG *in32; - unsigned int A, B, C, D; - unsigned int X0, X1, X2, X3, X4, X5, X6, X7, - X8, X9, X10, X11, X12, X13, X14, X15; - - while (num-- > 0) { - A = c->A; - B = c->B; - C = c->C; - D = c->D; - - if ((uintptr_t)in % 4 == 0) { - /* Input is 32 bit aligned. */ - in32 = (const MD4_LONG *)in; - X0 = le32toh(in32[0]); - X1 = le32toh(in32[1]); - X2 = le32toh(in32[2]); - X3 = le32toh(in32[3]); - X4 = le32toh(in32[4]); - X5 = le32toh(in32[5]); - X6 = le32toh(in32[6]); - X7 = le32toh(in32[7]); - X8 = le32toh(in32[8]); - X9 = le32toh(in32[9]); - X10 = le32toh(in32[10]); - X11 = le32toh(in32[11]); - X12 = le32toh(in32[12]); - X13 = le32toh(in32[13]); - X14 = le32toh(in32[14]); - X15 = le32toh(in32[15]); - } else { - /* Input is not 32 bit aligned. */ - X0 = crypto_load_le32toh(&in[0 * 4]); - X1 = crypto_load_le32toh(&in[1 * 4]); - X2 = crypto_load_le32toh(&in[2 * 4]); - X3 = crypto_load_le32toh(&in[3 * 4]); - X4 = crypto_load_le32toh(&in[4 * 4]); - X5 = crypto_load_le32toh(&in[5 * 4]); - X6 = crypto_load_le32toh(&in[6 * 4]); - X7 = crypto_load_le32toh(&in[7 * 4]); - X8 = crypto_load_le32toh(&in[8 * 4]); - X9 = crypto_load_le32toh(&in[9 * 4]); - X10 = crypto_load_le32toh(&in[10 * 4]); - X11 = crypto_load_le32toh(&in[11 * 4]); - X12 = crypto_load_le32toh(&in[12 * 4]); - X13 = crypto_load_le32toh(&in[13 * 4]); - X14 = crypto_load_le32toh(&in[14 * 4]); - X15 = crypto_load_le32toh(&in[15 * 4]); - } - in += MD4_CBLOCK; - - md4_round1(&A, B, C, D, X0, 3); - md4_round1(&D, A, B, C, X1, 7); - md4_round1(&C, D, A, B, X2, 11); - md4_round1(&B, C, D, A, X3, 19); - md4_round1(&A, B, C, D, X4, 3); - md4_round1(&D, A, B, C, X5, 7); - md4_round1(&C, D, A, B, X6, 11); - md4_round1(&B, C, D, A, X7, 19); - md4_round1(&A, B, C, D, X8, 3); - md4_round1(&D, A, B, C, X9, 7); - md4_round1(&C, D, A, B, X10, 11); - md4_round1(&B, C, D, A, X11, 19); - md4_round1(&A, B, C, D, X12, 3); - md4_round1(&D, A, B, C, X13, 7); - md4_round1(&C, D, A, B, X14, 11); - md4_round1(&B, C, D, A, X15, 19); - - /* Round 1 */ - md4_round2(&A, B, C, D, X0, 3); - md4_round2(&D, A, B, C, X4, 5); - md4_round2(&C, D, A, B, X8, 9); - md4_round2(&B, C, D, A, X12, 13); - md4_round2(&A, B, C, D, X1, 3); - md4_round2(&D, A, B, C, X5, 5); - md4_round2(&C, D, A, B, X9, 9); - md4_round2(&B, C, D, A, X13, 13); - md4_round2(&A, B, C, D, X2, 3); - md4_round2(&D, A, B, C, X6, 5); - md4_round2(&C, D, A, B, X10, 9); - md4_round2(&B, C, D, A, X14, 13); - md4_round2(&A, B, C, D, X3, 3); - md4_round2(&D, A, B, C, X7, 5); - md4_round2(&C, D, A, B, X11, 9); - md4_round2(&B, C, D, A, X15, 13); - - /* Round 2 */ - md4_round3(&A, B, C, D, X0, 3); - md4_round3(&D, A, B, C, X8, 9); - md4_round3(&C, D, A, B, X4, 11); - md4_round3(&B, C, D, A, X12, 15); - md4_round3(&A, B, C, D, X2, 3); - md4_round3(&D, A, B, C, X10, 9); - md4_round3(&C, D, A, B, X6, 11); - md4_round3(&B, C, D, A, X14, 15); - md4_round3(&A, B, C, D, X1, 3); - md4_round3(&D, A, B, C, X9, 9); - md4_round3(&C, D, A, B, X5, 11); - md4_round3(&B, C, D, A, X13, 15); - md4_round3(&A, B, C, D, X3, 3); - md4_round3(&D, A, B, C, X11, 9); - md4_round3(&C, D, A, B, X7, 11); - md4_round3(&B, C, D, A, X15, 15); - - c->A += A; - c->B += B; - c->C += C; - c->D += D; - } -} - -int -MD4_Init(MD4_CTX *c) -{ - memset(c, 0, sizeof(*c)); - - c->A = 0x67452301UL; - c->B = 0xefcdab89UL; - c->C = 0x98badcfeUL; - c->D = 0x10325476UL; - - return 1; -} -LCRYPTO_ALIAS(MD4_Init); - -int -MD4_Update(MD4_CTX *c, const void *data_, size_t len) -{ - const unsigned char *data = data_; - unsigned char *p; - MD4_LONG l; - size_t n; - - if (len == 0) - return 1; - - l = (c->Nl + (((MD4_LONG)len) << 3))&0xffffffffUL; - /* 95-05-24 eay Fixed a bug with the overflow handling, thanks to - * Wei Dai for pointing it out. */ - if (l < c->Nl) /* overflow */ - c->Nh++; - c->Nh+=(MD4_LONG)(len>>29); /* might cause compiler warning on 16-bit */ - c->Nl = l; - - n = c->num; - if (n != 0) { - p = (unsigned char *)c->data; - - if (len >= MD4_CBLOCK || len + n >= MD4_CBLOCK) { - memcpy (p + n, data, MD4_CBLOCK - n); - md4_block_data_order (c, p, 1); - n = MD4_CBLOCK - n; - data += n; - len -= n; - c->num = 0; - memset(p, 0, MD4_CBLOCK); /* keep it zeroed */ - } else { - memcpy(p + n, data, len); - c->num += (unsigned int)len; - return 1; - } - } - - n = len / MD4_CBLOCK; - if (n > 0) { - md4_block_data_order(c, data, n); - n *= MD4_CBLOCK; - data += n; - len -= n; - } - - if (len != 0) { - p = (unsigned char *)c->data; - c->num = (unsigned int)len; - memcpy(p, data, len); - } - return 1; -} -LCRYPTO_ALIAS(MD4_Update); - -void -MD4_Transform(MD4_CTX *c, const unsigned char *data) -{ - md4_block_data_order(c, data, 1); -} -LCRYPTO_ALIAS(MD4_Transform); - -int -MD4_Final(unsigned char *md, MD4_CTX *c) -{ - unsigned char *p = (unsigned char *)c->data; - size_t n = c->num; - - p[n] = 0x80; /* there is always room for one */ - n++; - - if (n > (MD4_CBLOCK - 8)) { - memset(p + n, 0, MD4_CBLOCK - n); - n = 0; - md4_block_data_order(c, p, 1); - } - - memset(p + n, 0, MD4_CBLOCK - 8 - n); - c->data[MD4_LBLOCK - 2] = htole32(c->Nl); - c->data[MD4_LBLOCK - 1] = htole32(c->Nh); - - md4_block_data_order(c, p, 1); - c->num = 0; - memset(p, 0, MD4_CBLOCK); - - crypto_store_htole32(&md[0 * 4], c->A); - crypto_store_htole32(&md[1 * 4], c->B); - crypto_store_htole32(&md[2 * 4], c->C); - crypto_store_htole32(&md[3 * 4], c->D); - - return 1; -} -LCRYPTO_ALIAS(MD4_Final); - -unsigned char * -MD4(const unsigned char *d, size_t n, unsigned char *md) -{ - MD4_CTX c; - - if (!MD4_Init(&c)) - return NULL; - MD4_Update(&c, d, n); - MD4_Final(md, &c); - explicit_bzero(&c, sizeof(c)); - return (md); -} -LCRYPTO_ALIAS(MD4); diff --git a/src/lib/libcrypto/md4/md4.h b/src/lib/libcrypto/md4/md4.h deleted file mode 100644 index d2a107a19a..0000000000 --- a/src/lib/libcrypto/md4/md4.h +++ /dev/null @@ -1,105 +0,0 @@ -/* $OpenBSD: md4.h,v 1.22 2025/01/25 17:59:44 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#ifndef HEADER_MD4_H -#define HEADER_MD4_H - -#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__OpenBSD__) -#define __bounded__(x, y, z) -#endif - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - * ! MD4_LONG has to be at least 32 bits wide. ! - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - */ - -#define MD4_LONG unsigned int - -#define MD4_CBLOCK 64 -#define MD4_LBLOCK (MD4_CBLOCK/4) -#define MD4_DIGEST_LENGTH 16 - -typedef struct MD4state_st { - MD4_LONG A, B,C, D; - MD4_LONG Nl, Nh; - MD4_LONG data[MD4_LBLOCK]; - unsigned int num; -} MD4_CTX; - -int MD4_Init(MD4_CTX *c); -int MD4_Update(MD4_CTX *c, const void *data, size_t len) - __attribute__ ((__bounded__(__buffer__, 2, 3))); -int MD4_Final(unsigned char *md, MD4_CTX *c); -unsigned char *MD4(const unsigned char *d, size_t n, unsigned char *md) - __attribute__ ((__bounded__(__buffer__, 1, 2))) - __attribute__ ((__nonnull__(3))); -void MD4_Transform(MD4_CTX *c, const unsigned char *b); -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/md5/asm/md5-586.pl b/src/lib/libcrypto/md5/asm/md5-586.pl deleted file mode 100644 index a039efd899..0000000000 --- a/src/lib/libcrypto/md5/asm/md5-586.pl +++ /dev/null @@ -1,307 +0,0 @@ -#!/usr/local/bin/perl - -# Normal is the -# md5_block_x86(MD5_CTX *c, ULONG *X); -# version, non-normal is the -# md5_block_x86(MD5_CTX *c, ULONG *X,int blocks); - -$normal=0; - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -push(@INC,"${dir}","${dir}../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],$0); - -$A="eax"; -$B="ebx"; -$C="ecx"; -$D="edx"; -$tmp1="edi"; -$tmp2="ebp"; -$X="esi"; - -# What we need to load into $tmp for the next round -%Ltmp1=("R0",&Np($C), "R1",&Np($C), "R2",&Np($C), "R3",&Np($D)); -@xo=( - 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, # R0 - 1, 6, 11, 0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, # R1 - 5, 8, 11, 14, 1, 4, 7, 10, 13, 0, 3, 6, 9, 12, 15, 2, # R2 - 0, 7, 14, 5, 12, 3, 10, 1, 8, 15, 6, 13, 4, 11, 2, 9, # R3 - ); - -&md5_block("md5_block_data_order"); -&asm_finish(); - -sub Np - { - local($p)=@_; - local(%n)=($A,$D,$B,$A,$C,$B,$D,$C); - return($n{$p}); - } - -sub R0 - { - local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_; - - &mov($tmp1,$C) if $pos < 0; - &mov($tmp2,&DWP($xo[$ki]*4,$K,"",0)) if $pos < 0; # very first one - - # body proper - - &comment("R0 $ki"); - &xor($tmp1,$d); # F function - part 2 - - &and($tmp1,$b); # F function - part 3 - &lea($a,&DWP($t,$a,$tmp2,1)); - - &xor($tmp1,$d); # F function - part 4 - - &add($a,$tmp1); - &mov($tmp1,&Np($c)) if $pos < 1; # next tmp1 for R0 - &mov($tmp1,&Np($c)) if $pos == 1; # next tmp1 for R1 - - &rotl($a,$s); - - &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2); - - &add($a,$b); - } - -sub R1 - { - local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_; - - &comment("R1 $ki"); - - &lea($a,&DWP($t,$a,$tmp2,1)); - - &xor($tmp1,$b); # G function - part 2 - &and($tmp1,$d); # G function - part 3 - - &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2); - &xor($tmp1,$c); # G function - part 4 - - &add($a,$tmp1); - &mov($tmp1,&Np($c)) if $pos < 1; # G function - part 1 - &mov($tmp1,&Np($c)) if $pos == 1; # G function - part 1 - - &rotl($a,$s); - - &add($a,$b); - } - -sub R2 - { - local($n,$pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_; - # This one is different, only 3 logical operations - -if (($n & 1) == 0) - { - &comment("R2 $ki"); - # make sure to do 'D' first, not 'B', else we clash with - # the last add from the previous round. - - &xor($tmp1,$d); # H function - part 2 - - &xor($tmp1,$b); # H function - part 3 - &lea($a,&DWP($t,$a,$tmp2,1)); - - &add($a,$tmp1); - - &rotl($a,$s); - - &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)); - &mov($tmp1,&Np($c)); - } -else - { - &comment("R2 $ki"); - # make sure to do 'D' first, not 'B', else we clash with - # the last add from the previous round. - - &lea($a,&DWP($t,$a,$tmp2,1)); - - &add($b,$c); # MOVED FORWARD - &xor($tmp1,$d); # H function - part 2 - - &xor($tmp1,$b); # H function - part 3 - &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2); - - &add($a,$tmp1); - &mov($tmp1,&Np($c)) if $pos < 1; # H function - part 1 - &mov($tmp1,-1) if $pos == 1; # I function - part 1 - - &rotl($a,$s); - - &add($a,$b); - } - } - -sub R3 - { - local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_; - - &comment("R3 $ki"); - - # ¬($tmp1) - &xor($tmp1,$d) if $pos < 0; # I function - part 2 - - &or($tmp1,$b); # I function - part 3 - &lea($a,&DWP($t,$a,$tmp2,1)); - - &xor($tmp1,$c); # I function - part 4 - &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if $pos != 2; # load X/k value - &mov($tmp2,&wparam(0)) if $pos == 2; - - &add($a,$tmp1); - &mov($tmp1,-1) if $pos < 1; # H function - part 1 - &add($K,64) if $pos >=1 && !$normal; - - &rotl($a,$s); - - &xor($tmp1,&Np($d)) if $pos <= 0; # I function - part = first time - &mov($tmp1,&DWP( 0,$tmp2,"",0)) if $pos > 0; - &add($a,$b); - } - - -sub md5_block - { - local($name)=@_; - - &function_begin_B($name,"",3); - - # parameter 1 is the MD5_CTX structure. - # A 0 - # B 4 - # C 8 - # D 12 - - &push("esi"); - &push("edi"); - &mov($tmp1, &wparam(0)); # edi - &mov($X, &wparam(1)); # esi - &mov($C, &wparam(2)); - &push("ebp"); - &shl($C, 6); - &push("ebx"); - &add($C, $X); # offset we end at - &sub($C, 64); - &mov($A, &DWP( 0,$tmp1,"",0)); - &push($C); # Put on the TOS - &mov($B, &DWP( 4,$tmp1,"",0)); - &mov($C, &DWP( 8,$tmp1,"",0)); - &mov($D, &DWP(12,$tmp1,"",0)); - - &set_label("start") unless $normal; - &comment(""); - &comment("R0 section"); - - &R0(-2,$A,$B,$C,$D,$X, 0, 7,0xd76aa478); - &R0( 0,$D,$A,$B,$C,$X, 1,12,0xe8c7b756); - &R0( 0,$C,$D,$A,$B,$X, 2,17,0x242070db); - &R0( 0,$B,$C,$D,$A,$X, 3,22,0xc1bdceee); - &R0( 0,$A,$B,$C,$D,$X, 4, 7,0xf57c0faf); - &R0( 0,$D,$A,$B,$C,$X, 5,12,0x4787c62a); - &R0( 0,$C,$D,$A,$B,$X, 6,17,0xa8304613); - &R0( 0,$B,$C,$D,$A,$X, 7,22,0xfd469501); - &R0( 0,$A,$B,$C,$D,$X, 8, 7,0x698098d8); - &R0( 0,$D,$A,$B,$C,$X, 9,12,0x8b44f7af); - &R0( 0,$C,$D,$A,$B,$X,10,17,0xffff5bb1); - &R0( 0,$B,$C,$D,$A,$X,11,22,0x895cd7be); - &R0( 0,$A,$B,$C,$D,$X,12, 7,0x6b901122); - &R0( 0,$D,$A,$B,$C,$X,13,12,0xfd987193); - &R0( 0,$C,$D,$A,$B,$X,14,17,0xa679438e); - &R0( 1,$B,$C,$D,$A,$X,15,22,0x49b40821); - - &comment(""); - &comment("R1 section"); - &R1(-1,$A,$B,$C,$D,$X,16, 5,0xf61e2562); - &R1( 0,$D,$A,$B,$C,$X,17, 9,0xc040b340); - &R1( 0,$C,$D,$A,$B,$X,18,14,0x265e5a51); - &R1( 0,$B,$C,$D,$A,$X,19,20,0xe9b6c7aa); - &R1( 0,$A,$B,$C,$D,$X,20, 5,0xd62f105d); - &R1( 0,$D,$A,$B,$C,$X,21, 9,0x02441453); - &R1( 0,$C,$D,$A,$B,$X,22,14,0xd8a1e681); - &R1( 0,$B,$C,$D,$A,$X,23,20,0xe7d3fbc8); - &R1( 0,$A,$B,$C,$D,$X,24, 5,0x21e1cde6); - &R1( 0,$D,$A,$B,$C,$X,25, 9,0xc33707d6); - &R1( 0,$C,$D,$A,$B,$X,26,14,0xf4d50d87); - &R1( 0,$B,$C,$D,$A,$X,27,20,0x455a14ed); - &R1( 0,$A,$B,$C,$D,$X,28, 5,0xa9e3e905); - &R1( 0,$D,$A,$B,$C,$X,29, 9,0xfcefa3f8); - &R1( 0,$C,$D,$A,$B,$X,30,14,0x676f02d9); - &R1( 1,$B,$C,$D,$A,$X,31,20,0x8d2a4c8a); - - &comment(""); - &comment("R2 section"); - &R2( 0,-1,$A,$B,$C,$D,$X,32, 4,0xfffa3942); - &R2( 1, 0,$D,$A,$B,$C,$X,33,11,0x8771f681); - &R2( 2, 0,$C,$D,$A,$B,$X,34,16,0x6d9d6122); - &R2( 3, 0,$B,$C,$D,$A,$X,35,23,0xfde5380c); - &R2( 4, 0,$A,$B,$C,$D,$X,36, 4,0xa4beea44); - &R2( 5, 0,$D,$A,$B,$C,$X,37,11,0x4bdecfa9); - &R2( 6, 0,$C,$D,$A,$B,$X,38,16,0xf6bb4b60); - &R2( 7, 0,$B,$C,$D,$A,$X,39,23,0xbebfbc70); - &R2( 8, 0,$A,$B,$C,$D,$X,40, 4,0x289b7ec6); - &R2( 9, 0,$D,$A,$B,$C,$X,41,11,0xeaa127fa); - &R2(10, 0,$C,$D,$A,$B,$X,42,16,0xd4ef3085); - &R2(11, 0,$B,$C,$D,$A,$X,43,23,0x04881d05); - &R2(12, 0,$A,$B,$C,$D,$X,44, 4,0xd9d4d039); - &R2(13, 0,$D,$A,$B,$C,$X,45,11,0xe6db99e5); - &R2(14, 0,$C,$D,$A,$B,$X,46,16,0x1fa27cf8); - &R2(15, 1,$B,$C,$D,$A,$X,47,23,0xc4ac5665); - - &comment(""); - &comment("R3 section"); - &R3(-1,$A,$B,$C,$D,$X,48, 6,0xf4292244); - &R3( 0,$D,$A,$B,$C,$X,49,10,0x432aff97); - &R3( 0,$C,$D,$A,$B,$X,50,15,0xab9423a7); - &R3( 0,$B,$C,$D,$A,$X,51,21,0xfc93a039); - &R3( 0,$A,$B,$C,$D,$X,52, 6,0x655b59c3); - &R3( 0,$D,$A,$B,$C,$X,53,10,0x8f0ccc92); - &R3( 0,$C,$D,$A,$B,$X,54,15,0xffeff47d); - &R3( 0,$B,$C,$D,$A,$X,55,21,0x85845dd1); - &R3( 0,$A,$B,$C,$D,$X,56, 6,0x6fa87e4f); - &R3( 0,$D,$A,$B,$C,$X,57,10,0xfe2ce6e0); - &R3( 0,$C,$D,$A,$B,$X,58,15,0xa3014314); - &R3( 0,$B,$C,$D,$A,$X,59,21,0x4e0811a1); - &R3( 0,$A,$B,$C,$D,$X,60, 6,0xf7537e82); - &R3( 0,$D,$A,$B,$C,$X,61,10,0xbd3af235); - &R3( 0,$C,$D,$A,$B,$X,62,15,0x2ad7d2bb); - &R3( 2,$B,$C,$D,$A,$X,63,21,0xeb86d391); - - # &mov($tmp2,&wparam(0)); # done in the last R3 - # &mov($tmp1, &DWP( 0,$tmp2,"",0)); # done is the last R3 - - &add($A,$tmp1); - &mov($tmp1, &DWP( 4,$tmp2,"",0)); - - &add($B,$tmp1); - &mov($tmp1, &DWP( 8,$tmp2,"",0)); - - &add($C,$tmp1); - &mov($tmp1, &DWP(12,$tmp2,"",0)); - - &add($D,$tmp1); - &mov(&DWP( 0,$tmp2,"",0),$A); - - &mov(&DWP( 4,$tmp2,"",0),$B); - &mov($tmp1,&swtmp(0)) unless $normal; - - &mov(&DWP( 8,$tmp2,"",0),$C); - &mov(&DWP(12,$tmp2,"",0),$D); - - &cmp($tmp1,$X) unless $normal; # check count - &jae(&label("start")) unless $normal; - - &pop("eax"); # pop the temp variable off the stack - &pop("ebx"); - &pop("ebp"); - &pop("edi"); - &pop("esi"); - &ret(); - &function_end_B($name); - } - diff --git a/src/lib/libcrypto/md5/md5.c b/src/lib/libcrypto/md5/md5.c deleted file mode 100644 index f1c9223d86..0000000000 --- a/src/lib/libcrypto/md5/md5.c +++ /dev/null @@ -1,375 +0,0 @@ -/* $OpenBSD: md5.c,v 1.25 2025/01/24 13:35:04 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include - -#include - -#include - -#include "crypto_internal.h" - -/* Ensure that MD5_LONG and uint32_t are equivalent size. */ -CTASSERT(sizeof(MD5_LONG) == sizeof(uint32_t)); - -#ifdef MD5_ASM -void md5_block_data_order(MD5_CTX *c, const void *p, size_t num); -#endif - -#ifndef MD5_ASM -static inline uint32_t -md5_F(uint32_t x, uint32_t y, uint32_t z) -{ - return (x & y) | (~x & z); -} - -static inline uint32_t -md5_G(uint32_t x, uint32_t y, uint32_t z) -{ - return (x & z) | (y & ~z); -} - -static inline uint32_t -md5_H(uint32_t x, uint32_t y, uint32_t z) -{ - return x ^ y ^ z; -} - -static inline uint32_t -md5_I(uint32_t x, uint32_t y, uint32_t z) -{ - return y ^ (x | ~z); -} - -static inline void -md5_round1(uint32_t *a, uint32_t b, uint32_t c, uint32_t d, uint32_t x, - uint32_t t, uint32_t s) -{ - *a = b + crypto_rol_u32(*a + md5_F(b, c, d) + x + t, s); -} - -static inline void -md5_round2(uint32_t *a, uint32_t b, uint32_t c, uint32_t d, uint32_t x, - uint32_t t, uint32_t s) -{ - *a = b + crypto_rol_u32(*a + md5_G(b, c, d) + x + t, s); -} - -static inline void -md5_round3(uint32_t *a, uint32_t b, uint32_t c, uint32_t d, uint32_t x, - uint32_t t, uint32_t s) -{ - *a = b + crypto_rol_u32(*a + md5_H(b, c, d) + x + t, s); -} - -static inline void -md5_round4(uint32_t *a, uint32_t b, uint32_t c, uint32_t d, uint32_t x, - uint32_t t, uint32_t s) -{ - *a = b + crypto_rol_u32(*a + md5_I(b, c, d) + x + t, s); -} - -static void -md5_block_data_order(MD5_CTX *c, const void *_in, size_t num) -{ - const uint8_t *in = _in; - const MD5_LONG *in32; - MD5_LONG A, B, C, D; - MD5_LONG X0, X1, X2, X3, X4, X5, X6, X7, - X8, X9, X10, X11, X12, X13, X14, X15; - - while (num-- > 0) { - A = c->A; - B = c->B; - C = c->C; - D = c->D; - - if ((uintptr_t)in % 4 == 0) { - /* Input is 32 bit aligned. */ - in32 = (const MD5_LONG *)in; - X0 = le32toh(in32[0]); - X1 = le32toh(in32[1]); - X2 = le32toh(in32[2]); - X3 = le32toh(in32[3]); - X4 = le32toh(in32[4]); - X5 = le32toh(in32[5]); - X6 = le32toh(in32[6]); - X7 = le32toh(in32[7]); - X8 = le32toh(in32[8]); - X9 = le32toh(in32[9]); - X10 = le32toh(in32[10]); - X11 = le32toh(in32[11]); - X12 = le32toh(in32[12]); - X13 = le32toh(in32[13]); - X14 = le32toh(in32[14]); - X15 = le32toh(in32[15]); - } else { - /* Input is not 32 bit aligned. */ - X0 = crypto_load_le32toh(&in[0 * 4]); - X1 = crypto_load_le32toh(&in[1 * 4]); - X2 = crypto_load_le32toh(&in[2 * 4]); - X3 = crypto_load_le32toh(&in[3 * 4]); - X4 = crypto_load_le32toh(&in[4 * 4]); - X5 = crypto_load_le32toh(&in[5 * 4]); - X6 = crypto_load_le32toh(&in[6 * 4]); - X7 = crypto_load_le32toh(&in[7 * 4]); - X8 = crypto_load_le32toh(&in[8 * 4]); - X9 = crypto_load_le32toh(&in[9 * 4]); - X10 = crypto_load_le32toh(&in[10 * 4]); - X11 = crypto_load_le32toh(&in[11 * 4]); - X12 = crypto_load_le32toh(&in[12 * 4]); - X13 = crypto_load_le32toh(&in[13 * 4]); - X14 = crypto_load_le32toh(&in[14 * 4]); - X15 = crypto_load_le32toh(&in[15 * 4]); - } - in += MD5_CBLOCK; - - md5_round1(&A, B, C, D, X0, 0xd76aa478L, 7); - md5_round1(&D, A, B, C, X1, 0xe8c7b756L, 12); - md5_round1(&C, D, A, B, X2, 0x242070dbL, 17); - md5_round1(&B, C, D, A, X3, 0xc1bdceeeL, 22); - md5_round1(&A, B, C, D, X4, 0xf57c0fafL, 7); - md5_round1(&D, A, B, C, X5, 0x4787c62aL, 12); - md5_round1(&C, D, A, B, X6, 0xa8304613L, 17); - md5_round1(&B, C, D, A, X7, 0xfd469501L, 22); - md5_round1(&A, B, C, D, X8, 0x698098d8L, 7); - md5_round1(&D, A, B, C, X9, 0x8b44f7afL, 12); - md5_round1(&C, D, A, B, X10, 0xffff5bb1L, 17); - md5_round1(&B, C, D, A, X11, 0x895cd7beL, 22); - md5_round1(&A, B, C, D, X12, 0x6b901122L, 7); - md5_round1(&D, A, B, C, X13, 0xfd987193L, 12); - md5_round1(&C, D, A, B, X14, 0xa679438eL, 17); - md5_round1(&B, C, D, A, X15, 0x49b40821L, 22); - - md5_round2(&A, B, C, D, X1, 0xf61e2562L, 5); - md5_round2(&D, A, B, C, X6, 0xc040b340L, 9); - md5_round2(&C, D, A, B, X11, 0x265e5a51L, 14); - md5_round2(&B, C, D, A, X0, 0xe9b6c7aaL, 20); - md5_round2(&A, B, C, D, X5, 0xd62f105dL, 5); - md5_round2(&D, A, B, C, X10, 0x02441453L, 9); - md5_round2(&C, D, A, B, X15, 0xd8a1e681L, 14); - md5_round2(&B, C, D, A, X4, 0xe7d3fbc8L, 20); - md5_round2(&A, B, C, D, X9, 0x21e1cde6L, 5); - md5_round2(&D, A, B, C, X14, 0xc33707d6L, 9); - md5_round2(&C, D, A, B, X3, 0xf4d50d87L, 14); - md5_round2(&B, C, D, A, X8, 0x455a14edL, 20); - md5_round2(&A, B, C, D, X13, 0xa9e3e905L, 5); - md5_round2(&D, A, B, C, X2, 0xfcefa3f8L, 9); - md5_round2(&C, D, A, B, X7, 0x676f02d9L, 14); - md5_round2(&B, C, D, A, X12, 0x8d2a4c8aL, 20); - - md5_round3(&A, B, C, D, X5, 0xfffa3942L, 4); - md5_round3(&D, A, B, C, X8, 0x8771f681L, 11); - md5_round3(&C, D, A, B, X11, 0x6d9d6122L, 16); - md5_round3(&B, C, D, A, X14, 0xfde5380cL, 23); - md5_round3(&A, B, C, D, X1, 0xa4beea44L, 4); - md5_round3(&D, A, B, C, X4, 0x4bdecfa9L, 11); - md5_round3(&C, D, A, B, X7, 0xf6bb4b60L, 16); - md5_round3(&B, C, D, A, X10, 0xbebfbc70L, 23); - md5_round3(&A, B, C, D, X13, 0x289b7ec6L, 4); - md5_round3(&D, A, B, C, X0, 0xeaa127faL, 11); - md5_round3(&C, D, A, B, X3, 0xd4ef3085L, 16); - md5_round3(&B, C, D, A, X6, 0x04881d05L, 23); - md5_round3(&A, B, C, D, X9, 0xd9d4d039L, 4); - md5_round3(&D, A, B, C, X12, 0xe6db99e5L, 11); - md5_round3(&C, D, A, B, X15, 0x1fa27cf8L, 16); - md5_round3(&B, C, D, A, X2, 0xc4ac5665L, 23); - - md5_round4(&A, B, C, D, X0, 0xf4292244L, 6); - md5_round4(&D, A, B, C, X7, 0x432aff97L, 10); - md5_round4(&C, D, A, B, X14, 0xab9423a7L, 15); - md5_round4(&B, C, D, A, X5, 0xfc93a039L, 21); - md5_round4(&A, B, C, D, X12, 0x655b59c3L, 6); - md5_round4(&D, A, B, C, X3, 0x8f0ccc92L, 10); - md5_round4(&C, D, A, B, X10, 0xffeff47dL, 15); - md5_round4(&B, C, D, A, X1, 0x85845dd1L, 21); - md5_round4(&A, B, C, D, X8, 0x6fa87e4fL, 6); - md5_round4(&D, A, B, C, X15, 0xfe2ce6e0L, 10); - md5_round4(&C, D, A, B, X6, 0xa3014314L, 15); - md5_round4(&B, C, D, A, X13, 0x4e0811a1L, 21); - md5_round4(&A, B, C, D, X4, 0xf7537e82L, 6); - md5_round4(&D, A, B, C, X11, 0xbd3af235L, 10); - md5_round4(&C, D, A, B, X2, 0x2ad7d2bbL, 15); - md5_round4(&B, C, D, A, X9, 0xeb86d391L, 21); - - c->A += A; - c->B += B; - c->C += C; - c->D += D; - } -} -#endif - -int -MD5_Init(MD5_CTX *c) -{ - memset(c, 0, sizeof(*c)); - - c->A = 0x67452301UL; - c->B = 0xefcdab89UL; - c->C = 0x98badcfeUL; - c->D = 0x10325476UL; - - return 1; -} -LCRYPTO_ALIAS(MD5_Init); - -int -MD5_Update(MD5_CTX *c, const void *data_, size_t len) -{ - const unsigned char *data = data_; - unsigned char *p; - size_t n; - - if (len == 0) - return 1; - - /* Update message bit counter. */ - crypto_add_u32dw_u64(&c->Nh, &c->Nl, (uint64_t)len << 3); - - n = c->num; - if (n != 0) { - p = (unsigned char *)c->data; - - if (len >= MD5_CBLOCK || len + n >= MD5_CBLOCK) { - memcpy(p + n, data, MD5_CBLOCK - n); - md5_block_data_order(c, p, 1); - n = MD5_CBLOCK - n; - data += n; - len -= n; - c->num = 0; - memset(p, 0, MD5_CBLOCK); /* keep it zeroed */ - } else { - memcpy(p + n, data, len); - c->num += (unsigned int)len; - return 1; - } - } - - n = len/MD5_CBLOCK; - if (n > 0) { - md5_block_data_order(c, data, n); - n *= MD5_CBLOCK; - data += n; - len -= n; - } - - if (len != 0) { - p = (unsigned char *)c->data; - c->num = (unsigned int)len; - memcpy(p, data, len); - } - return 1; -} -LCRYPTO_ALIAS(MD5_Update); - -void -MD5_Transform(MD5_CTX *c, const unsigned char *data) -{ - md5_block_data_order(c, data, 1); -} -LCRYPTO_ALIAS(MD5_Transform); - -int -MD5_Final(unsigned char *md, MD5_CTX *c) -{ - unsigned char *p = (unsigned char *)c->data; - size_t n = c->num; - - p[n] = 0x80; /* there is always room for one */ - n++; - - if (n > (MD5_CBLOCK - 8)) { - memset(p + n, 0, MD5_CBLOCK - n); - n = 0; - md5_block_data_order(c, p, 1); - } - - memset(p + n, 0, MD5_CBLOCK - 8 - n); - c->data[MD5_LBLOCK - 2] = htole32(c->Nl); - c->data[MD5_LBLOCK - 1] = htole32(c->Nh); - - md5_block_data_order(c, p, 1); - c->num = 0; - memset(p, 0, MD5_CBLOCK); - - crypto_store_htole32(&md[0 * 4], c->A); - crypto_store_htole32(&md[1 * 4], c->B); - crypto_store_htole32(&md[2 * 4], c->C); - crypto_store_htole32(&md[3 * 4], c->D); - - return 1; -} -LCRYPTO_ALIAS(MD5_Final); - -unsigned char * -MD5(const unsigned char *d, size_t n, unsigned char *md) -{ - MD5_CTX c; - - if (!MD5_Init(&c)) - return NULL; - MD5_Update(&c, d, n); - MD5_Final(md, &c); - explicit_bzero(&c, sizeof(c)); - return (md); -} -LCRYPTO_ALIAS(MD5); diff --git a/src/lib/libcrypto/md5/md5.h b/src/lib/libcrypto/md5/md5.h deleted file mode 100644 index 4d94c84ba6..0000000000 --- a/src/lib/libcrypto/md5/md5.h +++ /dev/null @@ -1,99 +0,0 @@ -/* $OpenBSD: md5.h,v 1.25 2025/01/25 17:59:44 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#ifndef HEADER_MD5_H -#define HEADER_MD5_H - -#include - -#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__OpenBSD__) -#define __bounded__(x, y, z) -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -#define MD5_LONG unsigned int - -#define MD5_CBLOCK 64 -#define MD5_LBLOCK (MD5_CBLOCK/4) -#define MD5_DIGEST_LENGTH 16 - -typedef struct MD5state_st { - MD5_LONG A, B,C, D; - MD5_LONG Nl, Nh; - MD5_LONG data[MD5_LBLOCK]; - unsigned int num; -} MD5_CTX; - -int MD5_Init(MD5_CTX *c); -int MD5_Update(MD5_CTX *c, const void *data, size_t len) - __attribute__ ((__bounded__(__buffer__, 2, 3))); -int MD5_Final(unsigned char *md, MD5_CTX *c); -unsigned char *MD5(const unsigned char *d, size_t n, unsigned char *md) - __attribute__ ((__bounded__(__buffer__, 1, 2))) - __attribute__ ((__nonnull__(3))); -void MD5_Transform(MD5_CTX *c, const unsigned char *b); -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/md5/md5_amd64_generic.S b/src/lib/libcrypto/md5/md5_amd64_generic.S deleted file mode 100644 index e282d56ad8..0000000000 --- a/src/lib/libcrypto/md5/md5_amd64_generic.S +++ /dev/null @@ -1,237 +0,0 @@ -/* $OpenBSD: md5_amd64_generic.S,v 1.1 2025/01/24 13:35:04 jsing Exp $ */ -/* - * Copyright (c) 2025 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifdef __CET__ -#include -#else -#define _CET_ENDBR -#endif - -#define ctx %rdi -#define in %rsi -#define num %rdx - -#define end %rbp - -#define A %eax -#define B %ebx -#define C %ecx -#define D %edx - -#define AA %r8d -#define BB %r9d -#define CC %r10d -#define DD %r11d - -#define tmp0 %r12d -#define tmp1 %r13d - -/* - * Compute MD5 round 1 as: - * - * a = b + rol(a + F(b, c, d) + x + t, s) - * F(x, y, z) = (x & y) | (~x & z) - * = ((y ^ z) & x) ^ z - */ -#define md5_round1(a, b, c, d, x, t, s) \ - addl (x*4)(in), a; \ - movl c, tmp0; \ - xorl d, tmp0; \ - andl b, tmp0; \ - xorl d, tmp0; \ - leal t(tmp0, a), a; \ - roll $s, a; \ - addl b, a; - -/* - * Compute MD5 round 2 as: - * - * a = b + rol(a + G(b, c, d) + x + t, s) - * G(x, y, z) = (x & z) | (y & ~z) - */ -#define md5_round2(a, b, c, d, x, t, s) \ - addl (x*4)(in), a; \ - movl d, tmp0; \ - xorl $-1, tmp0; \ - andl c, tmp0; \ - addl tmp0, a; \ - movl d, tmp1; \ - andl b, tmp1; \ - leal t(tmp1, a), a; \ - roll $s, a; \ - addl b, a; - -/* - * Compute MD5 round 3 as: - * - * a = b + rol(a + H(b, c, d) + x + t, s) - * H(x, y, z) = x ^ y ^ z; - */ -#define md5_round3(a, b, c, d, x, t, s) \ - addl (x*4)(in), a; \ - movl d, tmp0; \ - xorl c, tmp0; \ - xorl b, tmp0; \ - leal t(tmp0, a), a; \ - roll $s, a; \ - addl b, a; - -/* - * Compute MD5 round 4 as: - * - * a = b + rol(a + I(b, c, d) + x + t, s) - * I(x, y, z) = y ^ (x | ~z) - */ -#define md5_round4(a, b, c, d, x, t, s) \ - addl (x*4)(in), a; \ - movl d, tmp0; \ - xorl $-1, tmp0; \ - orl b, tmp0; \ - xorl c, tmp0; \ - leal t(tmp0, a), a; \ - roll $s, a; \ - addl b, a; - -.text - -/* - * void md5_block_data_order(MD5_CTX *ctx, const void *in, size_t num); - * - * Standard x86-64 ABI: rdi = ctx, rsi = in, rdx = num - */ -.align 16 -.globl md5_block_data_order -.type md5_block_data_order,@function -md5_block_data_order: - _CET_ENDBR - - /* Save callee save registers. */ - pushq %rbx - pushq %rbp - pushq %r12 - pushq %r13 - - /* Compute end of message. */ - shlq $6, num - leaq (in, num, 1), end - - /* Load current hash state from context. */ - movl (0*4)(ctx), AA - movl (1*4)(ctx), BB - movl (2*4)(ctx), CC - movl (3*4)(ctx), DD - - jmp .Lblock_loop - -.align 16 -.Lblock_loop: - movl AA, A - movl BB, B - movl CC, C - movl DD, D - - md5_round1(A, B, C, D, 0, 0xd76aa478L, 7); - md5_round1(D, A, B, C, 1, 0xe8c7b756L, 12); - md5_round1(C, D, A, B, 2, 0x242070dbL, 17); - md5_round1(B, C, D, A, 3, 0xc1bdceeeL, 22); - md5_round1(A, B, C, D, 4, 0xf57c0fafL, 7); - md5_round1(D, A, B, C, 5, 0x4787c62aL, 12); - md5_round1(C, D, A, B, 6, 0xa8304613L, 17); - md5_round1(B, C, D, A, 7, 0xfd469501L, 22); - md5_round1(A, B, C, D, 8, 0x698098d8L, 7); - md5_round1(D, A, B, C, 9, 0x8b44f7afL, 12); - md5_round1(C, D, A, B, 10, 0xffff5bb1L, 17); - md5_round1(B, C, D, A, 11, 0x895cd7beL, 22); - md5_round1(A, B, C, D, 12, 0x6b901122L, 7); - md5_round1(D, A, B, C, 13, 0xfd987193L, 12); - md5_round1(C, D, A, B, 14, 0xa679438eL, 17); - md5_round1(B, C, D, A, 15, 0x49b40821L, 22); - - md5_round2(A, B, C, D, 1, 0xf61e2562L, 5); - md5_round2(D, A, B, C, 6, 0xc040b340L, 9); - md5_round2(C, D, A, B, 11, 0x265e5a51L, 14); - md5_round2(B, C, D, A, 0, 0xe9b6c7aaL, 20); - md5_round2(A, B, C, D, 5, 0xd62f105dL, 5); - md5_round2(D, A, B, C, 10, 0x02441453L, 9); - md5_round2(C, D, A, B, 15, 0xd8a1e681L, 14); - md5_round2(B, C, D, A, 4, 0xe7d3fbc8L, 20); - md5_round2(A, B, C, D, 9, 0x21e1cde6L, 5); - md5_round2(D, A, B, C, 14, 0xc33707d6L, 9); - md5_round2(C, D, A, B, 3, 0xf4d50d87L, 14); - md5_round2(B, C, D, A, 8, 0x455a14edL, 20); - md5_round2(A, B, C, D, 13, 0xa9e3e905L, 5); - md5_round2(D, A, B, C, 2, 0xfcefa3f8L, 9); - md5_round2(C, D, A, B, 7, 0x676f02d9L, 14); - md5_round2(B, C, D, A, 12, 0x8d2a4c8aL, 20); - - md5_round3(A, B, C, D, 5, 0xfffa3942L, 4); - md5_round3(D, A, B, C, 8, 0x8771f681L, 11); - md5_round3(C, D, A, B, 11, 0x6d9d6122L, 16); - md5_round3(B, C, D, A, 14, 0xfde5380cL, 23); - md5_round3(A, B, C, D, 1, 0xa4beea44L, 4); - md5_round3(D, A, B, C, 4, 0x4bdecfa9L, 11); - md5_round3(C, D, A, B, 7, 0xf6bb4b60L, 16); - md5_round3(B, C, D, A, 10, 0xbebfbc70L, 23); - md5_round3(A, B, C, D, 13, 0x289b7ec6L, 4); - md5_round3(D, A, B, C, 0, 0xeaa127faL, 11); - md5_round3(C, D, A, B, 3, 0xd4ef3085L, 16); - md5_round3(B, C, D, A, 6, 0x04881d05L, 23); - md5_round3(A, B, C, D, 9, 0xd9d4d039L, 4); - md5_round3(D, A, B, C, 12, 0xe6db99e5L, 11); - md5_round3(C, D, A, B, 15, 0x1fa27cf8L, 16); - md5_round3(B, C, D, A, 2, 0xc4ac5665L, 23); - - md5_round4(A, B, C, D, 0, 0xf4292244L, 6); - md5_round4(D, A, B, C, 7, 0x432aff97L, 10); - md5_round4(C, D, A, B, 14, 0xab9423a7L, 15); - md5_round4(B, C, D, A, 5, 0xfc93a039L, 21); - md5_round4(A, B, C, D, 12, 0x655b59c3L, 6); - md5_round4(D, A, B, C, 3, 0x8f0ccc92L, 10); - md5_round4(C, D, A, B, 10, 0xffeff47dL, 15); - md5_round4(B, C, D, A, 1, 0x85845dd1L, 21); - md5_round4(A, B, C, D, 8, 0x6fa87e4fL, 6); - md5_round4(D, A, B, C, 15, 0xfe2ce6e0L, 10); - md5_round4(C, D, A, B, 6, 0xa3014314L, 15); - md5_round4(B, C, D, A, 13, 0x4e0811a1L, 21); - md5_round4(A, B, C, D, 4, 0xf7537e82L, 6); - md5_round4(D, A, B, C, 11, 0xbd3af235L, 10); - md5_round4(C, D, A, B, 2, 0x2ad7d2bbL, 15); - md5_round4(B, C, D, A, 9, 0xeb86d391L, 21); - - /* Add intermediate state to hash state. */ - addl A, AA - addl B, BB - addl C, CC - addl D, DD - - addq $64, in - cmpq end, in - jb .Lblock_loop - - /* Store new hash state to context. */ - movl AA, (0*4)(ctx) - movl BB, (1*4)(ctx) - movl CC, (2*4)(ctx) - movl DD, (3*4)(ctx) - - /* Restore callee save registers. */ - popq %r13 - popq %r12 - popq %rbp - popq %rbx - - ret diff --git a/src/lib/libcrypto/mlkem/mlkem.h b/src/lib/libcrypto/mlkem/mlkem.h deleted file mode 100644 index 055d92290e..0000000000 --- a/src/lib/libcrypto/mlkem/mlkem.h +++ /dev/null @@ -1,285 +0,0 @@ -/* $OpenBSD: mlkem.h,v 1.5 2025/03/28 12:17:16 tb Exp $ */ -/* - * Copyright (c) 2024, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef OPENSSL_HEADER_MLKEM_H -#define OPENSSL_HEADER_MLKEM_H - -#include -#include - -#if defined(__cplusplus) -extern "C" { -#endif - -/* Hack for now */ -struct cbs_st; -struct cbb_st; - -/* - * ML-KEM-768 - * - * This implements the Module-Lattice-Based Key-Encapsulation Mechanism from - * https://csrc.nist.gov/pubs/fips/204/final - */ - -/* - * MLKEM768_public_key contains a ML-KEM-768 public key. The contents of this - * object should never leave the address space since the format is unstable. - */ -struct MLKEM768_public_key { - union { - uint8_t bytes[512 * (3 + 9) + 32 + 32]; - uint16_t alignment; - } opaque; -}; - -/* - * MLKEM768_private_key contains a ML-KEM-768 private key. The contents of this - * object should never leave the address space since the format is unstable. - */ -struct MLKEM768_private_key { - union { - uint8_t bytes[512 * (3 + 3 + 9) + 32 + 32 + 32]; - uint16_t alignment; - } opaque; -}; - -/* - * MLKEM768_PUBLIC_KEY_BYTES is the number of bytes in an encoded ML-KEM768 public - * key. - */ -#define MLKEM768_PUBLIC_KEY_BYTES 1184 - -/* MLKEM_SEED_BYTES is the number of bytes in an ML-KEM seed. */ -#define MLKEM_SEED_BYTES 64 - -/* - * MLKEM_SHARED_SECRET_BYTES is the number of bytes in the ML-KEM768 shared - * secret. Although the round-3 specification has a variable-length output, the - * final ML-KEM construction is expected to use a fixed 32-byte output. To - * simplify the future transition, we apply the same restriction. - */ -#define MLKEM_SHARED_SECRET_BYTES 32 - -/* - * MLKEM_generate_key generates a random public/private key pair, writes the - * encoded public key to |out_encoded_public_key| and sets |out_private_key| to - * the private key. If |optional_out_seed| is not NULL then the seed used to - * generate the private key is written to it. - */ -void MLKEM768_generate_key( - uint8_t out_encoded_public_key[MLKEM768_PUBLIC_KEY_BYTES], - uint8_t optional_out_seed[MLKEM_SEED_BYTES], - struct MLKEM768_private_key *out_private_key); - -/* - * MLKEM768_private_key_from_seed derives a private key from a seed that was - * generated by |MLKEM768_generate_key|. It fails and returns 0 if |seed_len| is - * incorrect, otherwise it writes |*out_private_key| and returns 1. - */ -int MLKEM768_private_key_from_seed(struct MLKEM768_private_key *out_private_key, - const uint8_t *seed, size_t seed_len); - -/* - * MLKEM_public_from_private sets |*out_public_key| to the public key that - * corresponds to |private_key|. (This is faster than parsing the output of - * |MLKEM_generate_key| if, for some reason, you need to encapsulate to a key - * that was just generated.) - */ -void MLKEM768_public_from_private(struct MLKEM768_public_key *out_public_key, - const struct MLKEM768_private_key *private_key); - -/* MLKEM768_CIPHERTEXT_BYTES is number of bytes in the ML-KEM768 ciphertext. */ -#define MLKEM768_CIPHERTEXT_BYTES 1088 - -/* - * MLKEM768_encap encrypts a random shared secret for |public_key|, writes the - * ciphertext to |out_ciphertext|, and writes the random shared secret to - * |out_shared_secret|. - */ -void MLKEM768_encap(uint8_t out_ciphertext[MLKEM768_CIPHERTEXT_BYTES], - uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], - const struct MLKEM768_public_key *public_key); - -/* - * MLKEM768_decap decrypts a shared secret from |ciphertext| using |private_key| - * and writes it to |out_shared_secret|. If |ciphertext_len| is incorrect it - * returns 0, otherwise it rreturns 1. If |ciphertext| is invalid, - * |out_shared_secret| is filled with a key that will always be the same for the - * same |ciphertext| and |private_key|, but which appears to be random unless - * one has access to |private_key|. These alternatives occur in constant time. - * Any subsequent symmetric encryption using |out_shared_secret| must use an - * authenticated encryption scheme in order to discover the decapsulation - * failure. - */ -int MLKEM768_decap(uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], - const uint8_t *ciphertext, size_t ciphertext_len, - const struct MLKEM768_private_key *private_key); - -/* Serialisation of keys. */ - -/* - * MLKEM768_marshal_public_key serializes |public_key| to |out| in the standard - * format for ML-KEM public keys. It returns one on success or zero on allocation - * error. - */ -int MLKEM768_marshal_public_key(struct cbb_st *out, - const struct MLKEM768_public_key *public_key); - -/* - * MLKEM768_parse_public_key parses a public key, in the format generated by - * |MLKEM_marshal_public_key|, from |in| and writes the result to - * |out_public_key|. It returns one on success or zero on parse error or if - * there are trailing bytes in |in|. - */ -int MLKEM768_parse_public_key(struct MLKEM768_public_key *out_public_key, - struct cbs_st *in); - -/* - * MLKEM_parse_private_key parses a private key, in the format generated by - * |MLKEM_marshal_private_key|, from |in| and writes the result to - * |out_private_key|. It returns one on success or zero on parse error or if - * there are trailing bytes in |in|. This formate is verbose and should be avoided. - * Private keys should be stored as seeds and parsed using |MLKEM768_private_key_from_seed|. - */ -int MLKEM768_parse_private_key(struct MLKEM768_private_key *out_private_key, - struct cbs_st *in); - -/* - * ML-KEM-1024 - * - * ML-KEM-1024 also exists. You should prefer ML-KEM-768 where possible. - */ - -/* - * MLKEM1024_public_key contains an ML-KEM-1024 public key. The contents of this - * object should never leave the address space since the format is unstable. - */ -struct MLKEM1024_public_key { - union { - uint8_t bytes[512 * (4 + 16) + 32 + 32]; - uint16_t alignment; - } opaque; -}; - -/* - * MLKEM1024_private_key contains a ML-KEM-1024 private key. The contents of - * this object should never leave the address space since the format is - * unstable. - */ -struct MLKEM1024_private_key { - union { - uint8_t bytes[512 * (4 + 4 + 16) + 32 + 32 + 32]; - uint16_t alignment; - } opaque; -}; - -/* - * MLKEM1024_PUBLIC_KEY_BYTES is the number of bytes in an encoded ML-KEM-1024 - * public key. - */ -#define MLKEM1024_PUBLIC_KEY_BYTES 1568 - -/* - * MLKEM1024_generate_key generates a random public/private key pair, writes the - * encoded public key to |out_encoded_public_key| and sets |out_private_key| to - * the private key. If |optional_out_seed| is not NULL then the seed used to - * generate the private key is written to it. - */ -void MLKEM1024_generate_key( - uint8_t out_encoded_public_key[MLKEM1024_PUBLIC_KEY_BYTES], - uint8_t optional_out_seed[MLKEM_SEED_BYTES], - struct MLKEM1024_private_key *out_private_key); - -/* - * MLKEM1024_private_key_from_seed derives a private key from a seed that was - * generated by |MLKEM1024_generate_key|. It fails and returns 0 if |seed_len| - * is incorrect, otherwise it writes |*out_private_key| and returns 1. - */ -int MLKEM1024_private_key_from_seed( - struct MLKEM1024_private_key *out_private_key, const uint8_t *seed, - size_t seed_len); - -/* - * MLKEM1024_public_from_private sets |*out_public_key| to the public key that - * corresponds to |private_key|. (This is faster than parsing the output of - * |MLKEM1024_generate_key| if, for some reason, you need to encapsulate to a - * key that was just generated.) - */ -void MLKEM1024_public_from_private(struct MLKEM1024_public_key *out_public_key, - const struct MLKEM1024_private_key *private_key); - -/* MLKEM1024_CIPHERTEXT_BYTES is number of bytes in the ML-KEM-1024 ciphertext. */ -#define MLKEM1024_CIPHERTEXT_BYTES 1568 - -/* - * MLKEM1024_encap encrypts a random shared secret for |public_key|, writes the - * ciphertext to |out_ciphertext|, and writes the random shared secret to - * |out_shared_secret|. - */ -void MLKEM1024_encap(uint8_t out_ciphertext[MLKEM1024_CIPHERTEXT_BYTES], - uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], - const struct MLKEM1024_public_key *public_key); - -/* - * MLKEM1024_decap decrypts a shared secret from |ciphertext| using - * |private_key| and writes it to |out_shared_secret|. If |ciphertext_len| is - * incorrect it returns 0, otherwise it returns 1. If |ciphertext| is invalid - * (but of the correct length), |out_shared_secret| is filled with a key that - * will always be the same for the same |ciphertext| and |private_key|, but - * which appears to be random unless one has access to |private_key|. These - * alternatives occur in constant time. Any subsequent symmetric encryption - * using |out_shared_secret| must use an authenticated encryption scheme in - * order to discover the decapsulation failure. - */ -int MLKEM1024_decap(uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], - const uint8_t *ciphertext, size_t ciphertext_len, - const struct MLKEM1024_private_key *private_key); - -/* - * Serialisation of ML-KEM-1024 keys. - * MLKEM1024_marshal_public_key serializes |public_key| to |out| in the standard - * format for ML-KEM-1024 public keys. It returns one on success or zero on - * allocation error. - */ -int MLKEM1024_marshal_public_key(struct cbb_st *out, - const struct MLKEM1024_public_key *public_key); - -/* - * MLKEM1024_parse_public_key parses a public key, in the format generated by - * |MLKEM1024_marshal_public_key|, from |in| and writes the result to - * |out_public_key|. It returns one on success or zero on parse error or if - * there are trailing bytes in |in|. - */ -int MLKEM1024_parse_public_key(struct MLKEM1024_public_key *out_public_key, - struct cbs_st *in); - -/* - * MLKEM1024_parse_private_key parses a private key, in NIST's format for - * private keys, from |in| and writes the result to |out_private_key|. It - * returns one on success or zero on parse error or if there are trailing bytes - * in |in|. This format is verbose and should be avoided. Private keys should be - * stored as seeds and parsed using |MLKEM1024_private_key_from_seed|. - */ -int MLKEM1024_parse_private_key(struct MLKEM1024_private_key *out_private_key, - struct cbs_st *in); - -#if defined(__cplusplus) -} -#endif - -#endif /* OPENSSL_HEADER_MLKEM_H */ diff --git a/src/lib/libcrypto/mlkem/mlkem1024.c b/src/lib/libcrypto/mlkem/mlkem1024.c deleted file mode 100644 index f6fccdf6a8..0000000000 --- a/src/lib/libcrypto/mlkem/mlkem1024.c +++ /dev/null @@ -1,1139 +0,0 @@ -/* $OpenBSD: mlkem1024.c,v 1.6 2025/01/03 08:19:24 tb Exp $ */ -/* - * Copyright (c) 2024, Google Inc. - * Copyright (c) 2024, Bob Beck - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include -#include - -#include "bytestring.h" -#include "mlkem.h" - -#include "sha3_internal.h" -#include "mlkem_internal.h" -#include "constant_time.h" -#include "crypto_internal.h" - -/* Remove later */ -#undef LCRYPTO_ALIAS -#define LCRYPTO_ALIAS(A) - -/* - * See - * https://csrc.nist.gov/pubs/fips/203/final - */ - -static void -prf(uint8_t *out, size_t out_len, const uint8_t in[33]) -{ - sha3_ctx ctx; - shake256_init(&ctx); - shake_update(&ctx, in, 33); - shake_xof(&ctx); - shake_out(&ctx, out, out_len); -} - -/* Section 4.1 */ -static void -hash_h(uint8_t out[32], const uint8_t *in, size_t len) -{ - sha3_ctx ctx; - sha3_init(&ctx, 32); - sha3_update(&ctx, in, len); - sha3_final(out, &ctx); -} - -static void -hash_g(uint8_t out[64], const uint8_t *in, size_t len) -{ - sha3_ctx ctx; - sha3_init(&ctx, 64); - sha3_update(&ctx, in, len); - sha3_final(out, &ctx); -} - -/* this is called 'J' in the spec */ -static void -kdf(uint8_t out[MLKEM_SHARED_SECRET_BYTES], const uint8_t failure_secret[32], - const uint8_t *in, size_t len) -{ - sha3_ctx ctx; - shake256_init(&ctx); - shake_update(&ctx, failure_secret, 32); - shake_update(&ctx, in, len); - shake_xof(&ctx); - shake_out(&ctx, out, MLKEM_SHARED_SECRET_BYTES); -} - -#define DEGREE 256 -#define RANK1024 4 - -static const size_t kBarrettMultiplier = 5039; -static const unsigned kBarrettShift = 24; -static const uint16_t kPrime = 3329; -static const int kLog2Prime = 12; -static const uint16_t kHalfPrime = (/*kPrime=*/3329 - 1) / 2; -static const int kDU1024 = 11; -static const int kDV1024 = 5; - -/* - * kInverseDegree is 128^-1 mod 3329; 128 because kPrime does not have a 512th - * root of unity. - */ -static const uint16_t kInverseDegree = 3303; -static const size_t kEncodedVectorSize = - (/*kLog2Prime=*/12 * DEGREE / 8) * RANK1024; -static const size_t kCompressedVectorSize = /*kDU1024=*/ 11 * RANK1024 * DEGREE / - 8; - -typedef struct scalar { - /* On every function entry and exit, 0 <= c < kPrime. */ - uint16_t c[DEGREE]; -} scalar; - -typedef struct vector { - scalar v[RANK1024]; -} vector; - -typedef struct matrix { - scalar v[RANK1024][RANK1024]; -} matrix; - -/* - * This bit of Python will be referenced in some of the following comments: - * - * p = 3329 - * - * def bitreverse(i): - * ret = 0 - * for n in range(7): - * bit = i & 1 - * ret <<= 1 - * ret |= bit - * i >>= 1 - * return ret - */ - -/* kNTTRoots = [pow(17, bitreverse(i), p) for i in range(128)] */ -static const uint16_t kNTTRoots[128] = { - 1, 1729, 2580, 3289, 2642, 630, 1897, 848, 1062, 1919, 193, 797, - 2786, 3260, 569, 1746, 296, 2447, 1339, 1476, 3046, 56, 2240, 1333, - 1426, 2094, 535, 2882, 2393, 2879, 1974, 821, 289, 331, 3253, 1756, - 1197, 2304, 2277, 2055, 650, 1977, 2513, 632, 2865, 33, 1320, 1915, - 2319, 1435, 807, 452, 1438, 2868, 1534, 2402, 2647, 2617, 1481, 648, - 2474, 3110, 1227, 910, 17, 2761, 583, 2649, 1637, 723, 2288, 1100, - 1409, 2662, 3281, 233, 756, 2156, 3015, 3050, 1703, 1651, 2789, 1789, - 1847, 952, 1461, 2687, 939, 2308, 2437, 2388, 733, 2337, 268, 641, - 1584, 2298, 2037, 3220, 375, 2549, 2090, 1645, 1063, 319, 2773, 757, - 2099, 561, 2466, 2594, 2804, 1092, 403, 1026, 1143, 2150, 2775, 886, - 1722, 1212, 1874, 1029, 2110, 2935, 885, 2154, -}; - -/* kInverseNTTRoots = [pow(17, -bitreverse(i), p) for i in range(128)] */ -static const uint16_t kInverseNTTRoots[128] = { - 1, 1600, 40, 749, 2481, 1432, 2699, 687, 1583, 2760, 69, 543, - 2532, 3136, 1410, 2267, 2508, 1355, 450, 936, 447, 2794, 1235, 1903, - 1996, 1089, 3273, 283, 1853, 1990, 882, 3033, 2419, 2102, 219, 855, - 2681, 1848, 712, 682, 927, 1795, 461, 1891, 2877, 2522, 1894, 1010, - 1414, 2009, 3296, 464, 2697, 816, 1352, 2679, 1274, 1052, 1025, 2132, - 1573, 76, 2998, 3040, 1175, 2444, 394, 1219, 2300, 1455, 2117, 1607, - 2443, 554, 1179, 2186, 2303, 2926, 2237, 525, 735, 863, 2768, 1230, - 2572, 556, 3010, 2266, 1684, 1239, 780, 2954, 109, 1292, 1031, 1745, - 2688, 3061, 992, 2596, 941, 892, 1021, 2390, 642, 1868, 2377, 1482, - 1540, 540, 1678, 1626, 279, 314, 1173, 2573, 3096, 48, 667, 1920, - 2229, 1041, 2606, 1692, 680, 2746, 568, 3312, -}; - -/* kModRoots = [pow(17, 2*bitreverse(i) + 1, p) for i in range(128)] */ -static const uint16_t kModRoots[128] = { - 17, 3312, 2761, 568, 583, 2746, 2649, 680, 1637, 1692, 723, 2606, - 2288, 1041, 1100, 2229, 1409, 1920, 2662, 667, 3281, 48, 233, 3096, - 756, 2573, 2156, 1173, 3015, 314, 3050, 279, 1703, 1626, 1651, 1678, - 2789, 540, 1789, 1540, 1847, 1482, 952, 2377, 1461, 1868, 2687, 642, - 939, 2390, 2308, 1021, 2437, 892, 2388, 941, 733, 2596, 2337, 992, - 268, 3061, 641, 2688, 1584, 1745, 2298, 1031, 2037, 1292, 3220, 109, - 375, 2954, 2549, 780, 2090, 1239, 1645, 1684, 1063, 2266, 319, 3010, - 2773, 556, 757, 2572, 2099, 1230, 561, 2768, 2466, 863, 2594, 735, - 2804, 525, 1092, 2237, 403, 2926, 1026, 2303, 1143, 2186, 2150, 1179, - 2775, 554, 886, 2443, 1722, 1607, 1212, 2117, 1874, 1455, 1029, 2300, - 2110, 1219, 2935, 394, 885, 2444, 2154, 1175, -}; - -/* reduce_once reduces 0 <= x < 2*kPrime, mod kPrime. */ -static uint16_t -reduce_once(uint16_t x) -{ - assert(x < 2 * kPrime); - const uint16_t subtracted = x - kPrime; - uint16_t mask = 0u - (subtracted >> 15); - - /* - * Although this is a constant-time select, we omit a value barrier here. - * Value barriers impede auto-vectorization (likely because it forces the - * value to transit through a general-purpose register). On AArch64, this - * is a difference of 2x. - * - * We usually add value barriers to selects because Clang turns - * consecutive selects with the same condition into a branch instead of - * CMOV/CSEL. This condition does not occur in ML-KEM, so omitting it - * seems to be safe so far but see - * |scalar_centered_binomial_distribution_eta_2_with_prf|. - */ - return (mask & x) | (~mask & subtracted); -} - -/* - * constant time reduce x mod kPrime using Barrett reduction. x must be less - * than kPrime + 2×kPrime². - */ -static uint16_t -reduce(uint32_t x) -{ - uint64_t product = (uint64_t)x * kBarrettMultiplier; - uint32_t quotient = (uint32_t)(product >> kBarrettShift); - uint32_t remainder = x - quotient * kPrime; - - assert(x < kPrime + 2u * kPrime * kPrime); - return reduce_once(remainder); -} - -static void -scalar_zero(scalar *out) -{ - memset(out, 0, sizeof(*out)); -} - -static void -vector_zero(vector *out) -{ - memset(out, 0, sizeof(*out)); -} - -/* - * In place number theoretic transform of a given scalar. - * Note that MLKEM's kPrime 3329 does not have a 512th root of unity, so this - * transform leaves off the last iteration of the usual FFT code, with the 128 - * relevant roots of unity being stored in |kNTTRoots|. This means the output - * should be seen as 128 elements in GF(3329^2), with the coefficients of the - * elements being consecutive entries in |s->c|. - */ -static void -scalar_ntt(scalar *s) -{ - int offset = DEGREE; - int step; - /* - * `int` is used here because using `size_t` throughout caused a ~5% slowdown - * with Clang 14 on Aarch64. - */ - for (step = 1; step < DEGREE / 2; step <<= 1) { - int i, j, k = 0; - - offset >>= 1; - for (i = 0; i < step; i++) { - const uint32_t step_root = kNTTRoots[i + step]; - - for (j = k; j < k + offset; j++) { - uint16_t odd, even; - - odd = reduce(step_root * s->c[j + offset]); - even = s->c[j]; - s->c[j] = reduce_once(odd + even); - s->c[j + offset] = reduce_once(even - odd + - kPrime); - } - k += 2 * offset; - } - } -} - -static void -vector_ntt(vector *a) -{ - int i; - - for (i = 0; i < RANK1024; i++) { - scalar_ntt(&a->v[i]); - } -} - -/* - * In place inverse number theoretic transform of a given scalar, with pairs of - * entries of s->v being interpreted as elements of GF(3329^2). Just as with the - * number theoretic transform, this leaves off the first step of the normal iFFT - * to account for the fact that 3329 does not have a 512th root of unity, using - * the precomputed 128 roots of unity stored in |kInverseNTTRoots|. - */ -static void -scalar_inverse_ntt(scalar *s) -{ - int i, j, k, offset, step = DEGREE / 2; - - /* - * `int` is used here because using `size_t` throughout caused a ~5% slowdown - * with Clang 14 on Aarch64. - */ - for (offset = 2; offset < DEGREE; offset <<= 1) { - step >>= 1; - k = 0; - for (i = 0; i < step; i++) { - uint32_t step_root = kInverseNTTRoots[i + step]; - for (j = k; j < k + offset; j++) { - uint16_t odd, even; - odd = s->c[j + offset]; - even = s->c[j]; - s->c[j] = reduce_once(odd + even); - s->c[j + offset] = reduce(step_root * - (even - odd + kPrime)); - } - k += 2 * offset; - } - } - for (i = 0; i < DEGREE; i++) { - s->c[i] = reduce(s->c[i] * kInverseDegree); - } -} - -static void -vector_inverse_ntt(vector *a) -{ - int i; - - for (i = 0; i < RANK1024; i++) { - scalar_inverse_ntt(&a->v[i]); - } -} - -static void -scalar_add(scalar *lhs, const scalar *rhs) -{ - int i; - - for (i = 0; i < DEGREE; i++) { - lhs->c[i] = reduce_once(lhs->c[i] + rhs->c[i]); - } -} - -static void -scalar_sub(scalar *lhs, const scalar *rhs) -{ - int i; - - for (i = 0; i < DEGREE; i++) { - lhs->c[i] = reduce_once(lhs->c[i] - rhs->c[i] + kPrime); - } -} - -/* - * Multiplying two scalars in the number theoretically transformed state. - * Since 3329 does not have a 512th root of unity, this means we have to - * interpret the 2*ith and (2*i+1)th entries of the scalar as elements of - * GF(3329)[X]/(X^2 - 17^(2*bitreverse(i)+1)). - * The value of 17^(2*bitreverse(i)+1) mod 3329 is stored in the precomputed - * |kModRoots| table. Our Barrett transform only allows us to multiply two - * reduced numbers together, so we need some intermediate reduction steps, - * even if an uint64_t could hold 3 multiplied numbers. - */ -static void -scalar_mult(scalar *out, const scalar *lhs, const scalar *rhs) -{ - int i; - - for (i = 0; i < DEGREE / 2; i++) { - uint32_t real_real = (uint32_t)lhs->c[2 * i] * rhs->c[2 * i]; - uint32_t img_img = (uint32_t)lhs->c[2 * i + 1] * - rhs->c[2 * i + 1]; - uint32_t real_img = (uint32_t)lhs->c[2 * i] * rhs->c[2 * i + 1]; - uint32_t img_real = (uint32_t)lhs->c[2 * i + 1] * rhs->c[2 * i]; - - out->c[2 * i] = - reduce(real_real + - (uint32_t)reduce(img_img) * kModRoots[i]); - out->c[2 * i + 1] = reduce(img_real + real_img); - } -} - -static void -vector_add(vector *lhs, const vector *rhs) -{ - int i; - - for (i = 0; i < RANK1024; i++) { - scalar_add(&lhs->v[i], &rhs->v[i]); - } -} - -static void -matrix_mult(vector *out, const matrix *m, const vector *a) -{ - int i, j; - - vector_zero(out); - for (i = 0; i < RANK1024; i++) { - for (j = 0; j < RANK1024; j++) { - scalar product; - - scalar_mult(&product, &m->v[i][j], &a->v[j]); - scalar_add(&out->v[i], &product); - } - } -} - -static void -matrix_mult_transpose(vector *out, const matrix *m, - const vector *a) -{ - int i, j; - - vector_zero(out); - for (i = 0; i < RANK1024; i++) { - for (j = 0; j < RANK1024; j++) { - scalar product; - - scalar_mult(&product, &m->v[j][i], &a->v[j]); - scalar_add(&out->v[i], &product); - } - } -} - -static void -scalar_inner_product(scalar *out, const vector *lhs, - const vector *rhs) -{ - int i; - scalar_zero(out); - for (i = 0; i < RANK1024; i++) { - scalar product; - - scalar_mult(&product, &lhs->v[i], &rhs->v[i]); - scalar_add(out, &product); - } -} - -/* - * Algorithm 6 of spec. Rejection samples a Keccak stream to get uniformly - * distributed elements. This is used for matrix expansion and only operates on - * public inputs. - */ -static void -scalar_from_keccak_vartime(scalar *out, sha3_ctx *keccak_ctx) -{ - int i, done = 0; - - while (done < DEGREE) { - uint8_t block[168]; - - shake_out(keccak_ctx, block, sizeof(block)); - for (i = 0; i < sizeof(block) && done < DEGREE; i += 3) { - uint16_t d1 = block[i] + 256 * (block[i + 1] % 16); - uint16_t d2 = block[i + 1] / 16 + 16 * block[i + 2]; - - if (d1 < kPrime) { - out->c[done++] = d1; - } - if (d2 < kPrime && done < DEGREE) { - out->c[done++] = d2; - } - } - } -} - -/* - * Algorithm 7 of the spec, with eta fixed to two and the PRF call - * included. Creates binominally distributed elements by sampling 2*|eta| bits, - * and setting the coefficient to the count of the first bits minus the count of - * the second bits, resulting in a centered binomial distribution. Since eta is - * two this gives -2/2 with a probability of 1/16, -1/1 with probability 1/4, - * and 0 with probability 3/8. - */ -static void -scalar_centered_binomial_distribution_eta_2_with_prf(scalar *out, - const uint8_t input[33]) -{ - uint8_t entropy[128]; - int i; - - CTASSERT(sizeof(entropy) == 2 * /*kEta=*/ 2 * DEGREE / 8); - prf(entropy, sizeof(entropy), input); - - for (i = 0; i < DEGREE; i += 2) { - uint8_t byte = entropy[i / 2]; - uint16_t mask; - uint16_t value = (byte & 1) + ((byte >> 1) & 1); - - value -= ((byte >> 2) & 1) + ((byte >> 3) & 1); - - /* - * Add |kPrime| if |value| underflowed. See |reduce_once| for a - * discussion on why the value barrier is omitted. While this - * could have been written reduce_once(value + kPrime), this is - * one extra addition and small range of |value| tempts some - * versions of Clang to emit a branch. - */ - mask = 0u - (value >> 15); - out->c[i] = ((value + kPrime) & mask) | (value & ~mask); - - byte >>= 4; - value = (byte & 1) + ((byte >> 1) & 1); - value -= ((byte >> 2) & 1) + ((byte >> 3) & 1); - /* See above. */ - mask = 0u - (value >> 15); - out->c[i + 1] = ((value + kPrime) & mask) | (value & ~mask); - } -} - -/* - * Generates a secret vector by using - * |scalar_centered_binomial_distribution_eta_2_with_prf|, using the given seed - * appending and incrementing |counter| for entry of the vector. - */ -static void -vector_generate_secret_eta_2(vector *out, uint8_t *counter, - const uint8_t seed[32]) -{ - uint8_t input[33]; - int i; - - memcpy(input, seed, 32); - for (i = 0; i < RANK1024; i++) { - input[32] = (*counter)++; - scalar_centered_binomial_distribution_eta_2_with_prf(&out->v[i], - input); - } -} - -/* Expands the matrix of a seed for key generation and for encaps-CPA. */ -static void -matrix_expand(matrix *out, const uint8_t rho[32]) -{ - uint8_t input[34]; - int i, j; - - memcpy(input, rho, 32); - for (i = 0; i < RANK1024; i++) { - for (j = 0; j < RANK1024; j++) { - sha3_ctx keccak_ctx; - - input[32] = i; - input[33] = j; - shake128_init(&keccak_ctx); - shake_update(&keccak_ctx, input, sizeof(input)); - shake_xof(&keccak_ctx); - scalar_from_keccak_vartime(&out->v[i][j], &keccak_ctx); - } - } -} - -static const uint8_t kMasks[8] = {0x01, 0x03, 0x07, 0x0f, - 0x1f, 0x3f, 0x7f, 0xff}; - -static void -scalar_encode(uint8_t *out, const scalar *s, int bits) -{ - uint8_t out_byte = 0; - int i, out_byte_bits = 0; - - assert(bits <= (int)sizeof(*s->c) * 8 && bits != 1); - for (i = 0; i < DEGREE; i++) { - uint16_t element = s->c[i]; - int element_bits_done = 0; - - while (element_bits_done < bits) { - int chunk_bits = bits - element_bits_done; - int out_bits_remaining = 8 - out_byte_bits; - - if (chunk_bits >= out_bits_remaining) { - chunk_bits = out_bits_remaining; - out_byte |= (element & - kMasks[chunk_bits - 1]) << out_byte_bits; - *out = out_byte; - out++; - out_byte_bits = 0; - out_byte = 0; - } else { - out_byte |= (element & - kMasks[chunk_bits - 1]) << out_byte_bits; - out_byte_bits += chunk_bits; - } - - element_bits_done += chunk_bits; - element >>= chunk_bits; - } - } - - if (out_byte_bits > 0) { - *out = out_byte; - } -} - -/* scalar_encode_1 is |scalar_encode| specialised for |bits| == 1. */ -static void -scalar_encode_1(uint8_t out[32], const scalar *s) -{ - int i, j; - - for (i = 0; i < DEGREE; i += 8) { - uint8_t out_byte = 0; - - for (j = 0; j < 8; j++) { - out_byte |= (s->c[i + j] & 1) << j; - } - *out = out_byte; - out++; - } -} - -/* - * Encodes an entire vector into 32*|RANK1024|*|bits| bytes. Note that since 256 - * (DEGREE) is divisible by 8, the individual vector entries will always fill a - * whole number of bytes, so we do not need to worry about bit packing here. - */ -static void -vector_encode(uint8_t *out, const vector *a, int bits) -{ - int i; - - for (i = 0; i < RANK1024; i++) { - scalar_encode(out + i * bits * DEGREE / 8, &a->v[i], bits); - } -} - -/* - * scalar_decode parses |DEGREE * bits| bits from |in| into |DEGREE| values in - * |out|. It returns one on success and zero if any parsed value is >= - * |kPrime|. - */ -static int -scalar_decode(scalar *out, const uint8_t *in, int bits) -{ - uint8_t in_byte = 0; - int i, in_byte_bits_left = 0; - - assert(bits <= (int)sizeof(*out->c) * 8 && bits != 1); - - for (i = 0; i < DEGREE; i++) { - uint16_t element = 0; - int element_bits_done = 0; - - while (element_bits_done < bits) { - int chunk_bits = bits - element_bits_done; - - if (in_byte_bits_left == 0) { - in_byte = *in; - in++; - in_byte_bits_left = 8; - } - - if (chunk_bits > in_byte_bits_left) { - chunk_bits = in_byte_bits_left; - } - - element |= (in_byte & kMasks[chunk_bits - 1]) << - element_bits_done; - in_byte_bits_left -= chunk_bits; - in_byte >>= chunk_bits; - - element_bits_done += chunk_bits; - } - - if (element >= kPrime) { - return 0; - } - out->c[i] = element; - } - - return 1; -} - -/* scalar_decode_1 is |scalar_decode| specialised for |bits| == 1. */ -static void -scalar_decode_1(scalar *out, const uint8_t in[32]) -{ - int i, j; - - for (i = 0; i < DEGREE; i += 8) { - uint8_t in_byte = *in; - - in++; - for (j = 0; j < 8; j++) { - out->c[i + j] = in_byte & 1; - in_byte >>= 1; - } - } -} - -/* - * Decodes 32*|RANK1024|*|bits| bytes from |in| into |out|. It returns one on - * success or zero if any parsed value is >= |kPrime|. - */ -static int -vector_decode(vector *out, const uint8_t *in, int bits) -{ - int i; - - for (i = 0; i < RANK1024; i++) { - if (!scalar_decode(&out->v[i], in + i * bits * DEGREE / 8, - bits)) { - return 0; - } - } - return 1; -} - -/* - * Compresses (lossily) an input |x| mod 3329 into |bits| many bits by grouping - * numbers close to each other together. The formula used is - * round(2^|bits|/kPrime*x) mod 2^|bits|. - * Uses Barrett reduction to achieve constant time. Since we need both the - * remainder (for rounding) and the quotient (as the result), we cannot use - * |reduce| here, but need to do the Barrett reduction directly. - */ -static uint16_t -compress(uint16_t x, int bits) -{ - uint32_t shifted = (uint32_t)x << bits; - uint64_t product = (uint64_t)shifted * kBarrettMultiplier; - uint32_t quotient = (uint32_t)(product >> kBarrettShift); - uint32_t remainder = shifted - quotient * kPrime; - - /* - * Adjust the quotient to round correctly: - * 0 <= remainder <= kHalfPrime round to 0 - * kHalfPrime < remainder <= kPrime + kHalfPrime round to 1 - * kPrime + kHalfPrime < remainder < 2 * kPrime round to 2 - */ - assert(remainder < 2u * kPrime); - quotient += 1 & constant_time_lt(kHalfPrime, remainder); - quotient += 1 & constant_time_lt(kPrime + kHalfPrime, remainder); - return quotient & ((1 << bits) - 1); -} - -/* - * Decompresses |x| by using an equi-distant representative. The formula is - * round(kPrime/2^|bits|*x). Note that 2^|bits| being the divisor allows us to - * implement this logic using only bit operations. - */ -static uint16_t -decompress(uint16_t x, int bits) -{ - uint32_t product = (uint32_t)x * kPrime; - uint32_t power = 1 << bits; - /* This is |product| % power, since |power| is a power of 2. */ - uint32_t remainder = product & (power - 1); - /* This is |product| / power, since |power| is a power of 2. */ - uint32_t lower = product >> bits; - - /* - * The rounding logic works since the first half of numbers mod |power| have a - * 0 as first bit, and the second half has a 1 as first bit, since |power| is - * a power of 2. As a 12 bit number, |remainder| is always positive, so we - * will shift in 0s for a right shift. - */ - return lower + (remainder >> (bits - 1)); -} - -static void -scalar_compress(scalar *s, int bits) -{ - int i; - - for (i = 0; i < DEGREE; i++) { - s->c[i] = compress(s->c[i], bits); - } -} - -static void -scalar_decompress(scalar *s, int bits) -{ - int i; - - for (i = 0; i < DEGREE; i++) { - s->c[i] = decompress(s->c[i], bits); - } -} - -static void -vector_compress(vector *a, int bits) -{ - int i; - - for (i = 0; i < RANK1024; i++) { - scalar_compress(&a->v[i], bits); - } -} - -static void -vector_decompress(vector *a, int bits) -{ - int i; - - for (i = 0; i < RANK1024; i++) { - scalar_decompress(&a->v[i], bits); - } -} - -struct public_key { - vector t; - uint8_t rho[32]; - uint8_t public_key_hash[32]; - matrix m; -}; - -static struct public_key * -public_key_1024_from_external(const struct MLKEM1024_public_key *external) -{ - return (struct public_key *)external; -} - -struct private_key { - struct public_key pub; - vector s; - uint8_t fo_failure_secret[32]; -}; - -static struct private_key * -private_key_1024_from_external(const struct MLKEM1024_private_key *external) -{ - return (struct private_key *)external; -} - -/* - * Calls |MLKEM1024_generate_key_external_entropy| with random bytes from - * |RAND_bytes|. - */ -void -MLKEM1024_generate_key(uint8_t out_encoded_public_key[MLKEM1024_PUBLIC_KEY_BYTES], - uint8_t optional_out_seed[MLKEM_SEED_BYTES], - struct MLKEM1024_private_key *out_private_key) -{ - uint8_t entropy_buf[MLKEM_SEED_BYTES]; - uint8_t *entropy = optional_out_seed != NULL ? optional_out_seed : - entropy_buf; - - arc4random_buf(entropy, MLKEM_SEED_BYTES); - MLKEM1024_generate_key_external_entropy(out_encoded_public_key, - out_private_key, entropy); -} -LCRYPTO_ALIAS(MLKEM1024_generate_key); - -int -MLKEM1024_private_key_from_seed(struct MLKEM1024_private_key *out_private_key, - const uint8_t *seed, size_t seed_len) -{ - uint8_t public_key_bytes[MLKEM1024_PUBLIC_KEY_BYTES]; - - if (seed_len != MLKEM_SEED_BYTES) { - return 0; - } - MLKEM1024_generate_key_external_entropy(public_key_bytes, - out_private_key, seed); - - return 1; -} -LCRYPTO_ALIAS(MLKEM1024_private_key_from_seed); - -static int -mlkem_marshal_public_key(CBB *out, const struct public_key *pub) -{ - uint8_t *vector_output; - - if (!CBB_add_space(out, &vector_output, kEncodedVectorSize)) { - return 0; - } - vector_encode(vector_output, &pub->t, kLog2Prime); - if (!CBB_add_bytes(out, pub->rho, sizeof(pub->rho))) { - return 0; - } - return 1; -} - -void -MLKEM1024_generate_key_external_entropy( - uint8_t out_encoded_public_key[MLKEM1024_PUBLIC_KEY_BYTES], - struct MLKEM1024_private_key *out_private_key, - const uint8_t entropy[MLKEM_SEED_BYTES]) -{ - struct private_key *priv = private_key_1024_from_external( - out_private_key); - uint8_t augmented_seed[33]; - uint8_t *rho, *sigma; - uint8_t counter = 0; - uint8_t hashed[64]; - vector error; - CBB cbb; - - memcpy(augmented_seed, entropy, 32); - augmented_seed[32] = RANK1024; - hash_g(hashed, augmented_seed, 33); - rho = hashed; - sigma = hashed + 32; - memcpy(priv->pub.rho, hashed, sizeof(priv->pub.rho)); - matrix_expand(&priv->pub.m, rho); - vector_generate_secret_eta_2(&priv->s, &counter, sigma); - vector_ntt(&priv->s); - vector_generate_secret_eta_2(&error, &counter, sigma); - vector_ntt(&error); - matrix_mult_transpose(&priv->pub.t, &priv->pub.m, &priv->s); - vector_add(&priv->pub.t, &error); - - /* XXX - error checking. */ - CBB_init_fixed(&cbb, out_encoded_public_key, MLKEM1024_PUBLIC_KEY_BYTES); - if (!mlkem_marshal_public_key(&cbb, &priv->pub)) { - abort(); - } - CBB_cleanup(&cbb); - - hash_h(priv->pub.public_key_hash, out_encoded_public_key, - MLKEM1024_PUBLIC_KEY_BYTES); - memcpy(priv->fo_failure_secret, entropy + 32, 32); -} - -void -MLKEM1024_public_from_private(struct MLKEM1024_public_key *out_public_key, - const struct MLKEM1024_private_key *private_key) -{ - struct public_key *const pub = public_key_1024_from_external( - out_public_key); - const struct private_key *const priv = private_key_1024_from_external( - private_key); - - *pub = priv->pub; -} -LCRYPTO_ALIAS(MLKEM1024_public_from_private); - -/* - * Encrypts a message with given randomness to the ciphertext in |out|. Without - * applying the Fujisaki-Okamoto transform this would not result in a CCA secure - * scheme, since lattice schemes are vulnerable to decryption failure oracles. - */ -static void -encrypt_cpa(uint8_t out[MLKEM1024_CIPHERTEXT_BYTES], - const struct public_key *pub, const uint8_t message[32], - const uint8_t randomness[32]) -{ - scalar expanded_message, scalar_error; - vector secret, error, u; - uint8_t counter = 0; - uint8_t input[33]; - scalar v; - - vector_generate_secret_eta_2(&secret, &counter, randomness); - vector_ntt(&secret); - vector_generate_secret_eta_2(&error, &counter, randomness); - memcpy(input, randomness, 32); - input[32] = counter; - scalar_centered_binomial_distribution_eta_2_with_prf(&scalar_error, - input); - matrix_mult(&u, &pub->m, &secret); - vector_inverse_ntt(&u); - vector_add(&u, &error); - scalar_inner_product(&v, &pub->t, &secret); - scalar_inverse_ntt(&v); - scalar_add(&v, &scalar_error); - scalar_decode_1(&expanded_message, message); - scalar_decompress(&expanded_message, 1); - scalar_add(&v, &expanded_message); - vector_compress(&u, kDU1024); - vector_encode(out, &u, kDU1024); - scalar_compress(&v, kDV1024); - scalar_encode(out + kCompressedVectorSize, &v, kDV1024); -} - -/* Calls MLKEM1024_encap_external_entropy| with random bytes */ -void -MLKEM1024_encap(uint8_t out_ciphertext[MLKEM1024_CIPHERTEXT_BYTES], - uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], - const struct MLKEM1024_public_key *public_key) -{ - uint8_t entropy[MLKEM_ENCAP_ENTROPY]; - - arc4random_buf(entropy, MLKEM_ENCAP_ENTROPY); - MLKEM1024_encap_external_entropy(out_ciphertext, out_shared_secret, - public_key, entropy); -} -LCRYPTO_ALIAS(MLKEM1024_encap); - -/* See section 6.2 of the spec. */ -void -MLKEM1024_encap_external_entropy( - uint8_t out_ciphertext[MLKEM1024_CIPHERTEXT_BYTES], - uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], - const struct MLKEM1024_public_key *public_key, - const uint8_t entropy[MLKEM_ENCAP_ENTROPY]) -{ - const struct public_key *pub = public_key_1024_from_external(public_key); - uint8_t key_and_randomness[64]; - uint8_t input[64]; - - memcpy(input, entropy, MLKEM_ENCAP_ENTROPY); - memcpy(input + MLKEM_ENCAP_ENTROPY, pub->public_key_hash, - sizeof(input) - MLKEM_ENCAP_ENTROPY); - hash_g(key_and_randomness, input, sizeof(input)); - encrypt_cpa(out_ciphertext, pub, entropy, key_and_randomness + 32); - memcpy(out_shared_secret, key_and_randomness, 32); -} - -static void -decrypt_cpa(uint8_t out[32], const struct private_key *priv, - const uint8_t ciphertext[MLKEM1024_CIPHERTEXT_BYTES]) -{ - scalar mask, v; - vector u; - - vector_decode(&u, ciphertext, kDU1024); - vector_decompress(&u, kDU1024); - vector_ntt(&u); - scalar_decode(&v, ciphertext + kCompressedVectorSize, kDV1024); - scalar_decompress(&v, kDV1024); - scalar_inner_product(&mask, &priv->s, &u); - scalar_inverse_ntt(&mask); - scalar_sub(&v, &mask); - scalar_compress(&v, 1); - scalar_encode_1(out, &v); -} - -/* See section 6.3 */ -int -MLKEM1024_decap(uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], - const uint8_t *ciphertext, size_t ciphertext_len, - const struct MLKEM1024_private_key *private_key) -{ - const struct private_key *priv = private_key_1024_from_external( - private_key); - uint8_t expected_ciphertext[MLKEM1024_CIPHERTEXT_BYTES]; - uint8_t key_and_randomness[64]; - uint8_t failure_key[32]; - uint8_t decrypted[64]; - uint8_t mask; - int i; - - if (ciphertext_len != MLKEM1024_CIPHERTEXT_BYTES) { - arc4random_buf(out_shared_secret, MLKEM_SHARED_SECRET_BYTES); - return 0; - } - - decrypt_cpa(decrypted, priv, ciphertext); - memcpy(decrypted + 32, priv->pub.public_key_hash, - sizeof(decrypted) - 32); - hash_g(key_and_randomness, decrypted, sizeof(decrypted)); - encrypt_cpa(expected_ciphertext, &priv->pub, decrypted, - key_and_randomness + 32); - kdf(failure_key, priv->fo_failure_secret, ciphertext, ciphertext_len); - mask = constant_time_eq_int_8(memcmp(ciphertext, expected_ciphertext, - sizeof(expected_ciphertext)), 0); - for (i = 0; i < MLKEM_SHARED_SECRET_BYTES; i++) { - out_shared_secret[i] = constant_time_select_8(mask, - key_and_randomness[i], failure_key[i]); - } - - return 1; -} -LCRYPTO_ALIAS(MLKEM1024_decap); - -int -MLKEM1024_marshal_public_key(CBB *out, - const struct MLKEM1024_public_key *public_key) -{ - return mlkem_marshal_public_key(out, - public_key_1024_from_external(public_key)); -} -LCRYPTO_ALIAS(MLKEM1024_marshal_public_key); - -/* - * mlkem_parse_public_key_no_hash parses |in| into |pub| but doesn't calculate - * the value of |pub->public_key_hash|. - */ -static int -mlkem_parse_public_key_no_hash(struct public_key *pub, CBS *in) -{ - CBS t_bytes; - - if (!CBS_get_bytes(in, &t_bytes, kEncodedVectorSize) || - !vector_decode(&pub->t, CBS_data(&t_bytes), kLog2Prime)) { - return 0; - } - memcpy(pub->rho, CBS_data(in), sizeof(pub->rho)); - if (!CBS_skip(in, sizeof(pub->rho))) - return 0; - matrix_expand(&pub->m, pub->rho); - return 1; -} - -int -MLKEM1024_parse_public_key(struct MLKEM1024_public_key *public_key, CBS *in) -{ - struct public_key *pub = public_key_1024_from_external(public_key); - CBS orig_in = *in; - - if (!mlkem_parse_public_key_no_hash(pub, in) || - CBS_len(in) != 0) { - return 0; - } - hash_h(pub->public_key_hash, CBS_data(&orig_in), CBS_len(&orig_in)); - return 1; -} -LCRYPTO_ALIAS(MLKEM1024_parse_public_key); - -int -MLKEM1024_marshal_private_key(CBB *out, - const struct MLKEM1024_private_key *private_key) -{ - const struct private_key *const priv = private_key_1024_from_external( - private_key); - uint8_t *s_output; - - if (!CBB_add_space(out, &s_output, kEncodedVectorSize)) { - return 0; - } - vector_encode(s_output, &priv->s, kLog2Prime); - if (!mlkem_marshal_public_key(out, &priv->pub) || - !CBB_add_bytes(out, priv->pub.public_key_hash, - sizeof(priv->pub.public_key_hash)) || - !CBB_add_bytes(out, priv->fo_failure_secret, - sizeof(priv->fo_failure_secret))) { - return 0; - } - return 1; -} - -int -MLKEM1024_parse_private_key(struct MLKEM1024_private_key *out_private_key, - CBS *in) -{ - struct private_key *const priv = private_key_1024_from_external( - out_private_key); - CBS s_bytes; - - if (!CBS_get_bytes(in, &s_bytes, kEncodedVectorSize) || - !vector_decode(&priv->s, CBS_data(&s_bytes), kLog2Prime) || - !mlkem_parse_public_key_no_hash(&priv->pub, in)) { - return 0; - } - memcpy(priv->pub.public_key_hash, CBS_data(in), - sizeof(priv->pub.public_key_hash)); - if (!CBS_skip(in, sizeof(priv->pub.public_key_hash))) - return 0; - memcpy(priv->fo_failure_secret, CBS_data(in), - sizeof(priv->fo_failure_secret)); - if (!CBS_skip(in, sizeof(priv->fo_failure_secret))) - return 0; - if (CBS_len(in) != 0) - return 0; - - return 1; -} -LCRYPTO_ALIAS(MLKEM1024_parse_private_key); diff --git a/src/lib/libcrypto/mlkem/mlkem768.c b/src/lib/libcrypto/mlkem/mlkem768.c deleted file mode 100644 index bacde0c0b7..0000000000 --- a/src/lib/libcrypto/mlkem/mlkem768.c +++ /dev/null @@ -1,1138 +0,0 @@ -/* $OpenBSD: mlkem768.c,v 1.7 2025/01/03 08:19:24 tb Exp $ */ -/* - * Copyright (c) 2024, Google Inc. - * Copyright (c) 2024, Bob Beck - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include -#include - -#include "bytestring.h" -#include "mlkem.h" - -#include "sha3_internal.h" -#include "mlkem_internal.h" -#include "constant_time.h" -#include "crypto_internal.h" - -/* Remove later */ -#undef LCRYPTO_ALIAS -#define LCRYPTO_ALIAS(A) - -/* - * See - * https://csrc.nist.gov/pubs/fips/203/final - */ - -static void -prf(uint8_t *out, size_t out_len, const uint8_t in[33]) -{ - sha3_ctx ctx; - shake256_init(&ctx); - shake_update(&ctx, in, 33); - shake_xof(&ctx); - shake_out(&ctx, out, out_len); -} - -/* Section 4.1 */ -static void -hash_h(uint8_t out[32], const uint8_t *in, size_t len) -{ - sha3_ctx ctx; - sha3_init(&ctx, 32); - sha3_update(&ctx, in, len); - sha3_final(out, &ctx); -} - -static void -hash_g(uint8_t out[64], const uint8_t *in, size_t len) -{ - sha3_ctx ctx; - sha3_init(&ctx, 64); - sha3_update(&ctx, in, len); - sha3_final(out, &ctx); -} - -/* this is called 'J' in the spec */ -static void -kdf(uint8_t out[MLKEM_SHARED_SECRET_BYTES], const uint8_t failure_secret[32], - const uint8_t *in, size_t len) -{ - sha3_ctx ctx; - shake256_init(&ctx); - shake_update(&ctx, failure_secret, 32); - shake_update(&ctx, in, len); - shake_xof(&ctx); - shake_out(&ctx, out, MLKEM_SHARED_SECRET_BYTES); -} - -#define DEGREE 256 -#define RANK768 3 - -static const size_t kBarrettMultiplier = 5039; -static const unsigned kBarrettShift = 24; -static const uint16_t kPrime = 3329; -static const int kLog2Prime = 12; -static const uint16_t kHalfPrime = (/*kPrime=*/3329 - 1) / 2; -static const int kDU768 = 10; -static const int kDV768 = 4; -/* - * kInverseDegree is 128^-1 mod 3329; 128 because kPrime does not have a 512th - * root of unity. - */ -static const uint16_t kInverseDegree = 3303; -static const size_t kEncodedVectorSize = - (/*kLog2Prime=*/12 * DEGREE / 8) * RANK768; -static const size_t kCompressedVectorSize = /*kDU768=*/ 10 * RANK768 * DEGREE / - 8; - -typedef struct scalar { - /* On every function entry and exit, 0 <= c < kPrime. */ - uint16_t c[DEGREE]; -} scalar; - -typedef struct vector { - scalar v[RANK768]; -} vector; - -typedef struct matrix { - scalar v[RANK768][RANK768]; -} matrix; - -/* - * This bit of Python will be referenced in some of the following comments: - * - * p = 3329 - * - * def bitreverse(i): - * ret = 0 - * for n in range(7): - * bit = i & 1 - * ret <<= 1 - * ret |= bit - * i >>= 1 - * return ret - */ - -/* kNTTRoots = [pow(17, bitreverse(i), p) for i in range(128)] */ -static const uint16_t kNTTRoots[128] = { - 1, 1729, 2580, 3289, 2642, 630, 1897, 848, 1062, 1919, 193, 797, - 2786, 3260, 569, 1746, 296, 2447, 1339, 1476, 3046, 56, 2240, 1333, - 1426, 2094, 535, 2882, 2393, 2879, 1974, 821, 289, 331, 3253, 1756, - 1197, 2304, 2277, 2055, 650, 1977, 2513, 632, 2865, 33, 1320, 1915, - 2319, 1435, 807, 452, 1438, 2868, 1534, 2402, 2647, 2617, 1481, 648, - 2474, 3110, 1227, 910, 17, 2761, 583, 2649, 1637, 723, 2288, 1100, - 1409, 2662, 3281, 233, 756, 2156, 3015, 3050, 1703, 1651, 2789, 1789, - 1847, 952, 1461, 2687, 939, 2308, 2437, 2388, 733, 2337, 268, 641, - 1584, 2298, 2037, 3220, 375, 2549, 2090, 1645, 1063, 319, 2773, 757, - 2099, 561, 2466, 2594, 2804, 1092, 403, 1026, 1143, 2150, 2775, 886, - 1722, 1212, 1874, 1029, 2110, 2935, 885, 2154, -}; - -/* kInverseNTTRoots = [pow(17, -bitreverse(i), p) for i in range(128)] */ -static const uint16_t kInverseNTTRoots[128] = { - 1, 1600, 40, 749, 2481, 1432, 2699, 687, 1583, 2760, 69, 543, - 2532, 3136, 1410, 2267, 2508, 1355, 450, 936, 447, 2794, 1235, 1903, - 1996, 1089, 3273, 283, 1853, 1990, 882, 3033, 2419, 2102, 219, 855, - 2681, 1848, 712, 682, 927, 1795, 461, 1891, 2877, 2522, 1894, 1010, - 1414, 2009, 3296, 464, 2697, 816, 1352, 2679, 1274, 1052, 1025, 2132, - 1573, 76, 2998, 3040, 1175, 2444, 394, 1219, 2300, 1455, 2117, 1607, - 2443, 554, 1179, 2186, 2303, 2926, 2237, 525, 735, 863, 2768, 1230, - 2572, 556, 3010, 2266, 1684, 1239, 780, 2954, 109, 1292, 1031, 1745, - 2688, 3061, 992, 2596, 941, 892, 1021, 2390, 642, 1868, 2377, 1482, - 1540, 540, 1678, 1626, 279, 314, 1173, 2573, 3096, 48, 667, 1920, - 2229, 1041, 2606, 1692, 680, 2746, 568, 3312, -}; - -/* kModRoots = [pow(17, 2*bitreverse(i) + 1, p) for i in range(128)] */ -static const uint16_t kModRoots[128] = { - 17, 3312, 2761, 568, 583, 2746, 2649, 680, 1637, 1692, 723, 2606, - 2288, 1041, 1100, 2229, 1409, 1920, 2662, 667, 3281, 48, 233, 3096, - 756, 2573, 2156, 1173, 3015, 314, 3050, 279, 1703, 1626, 1651, 1678, - 2789, 540, 1789, 1540, 1847, 1482, 952, 2377, 1461, 1868, 2687, 642, - 939, 2390, 2308, 1021, 2437, 892, 2388, 941, 733, 2596, 2337, 992, - 268, 3061, 641, 2688, 1584, 1745, 2298, 1031, 2037, 1292, 3220, 109, - 375, 2954, 2549, 780, 2090, 1239, 1645, 1684, 1063, 2266, 319, 3010, - 2773, 556, 757, 2572, 2099, 1230, 561, 2768, 2466, 863, 2594, 735, - 2804, 525, 1092, 2237, 403, 2926, 1026, 2303, 1143, 2186, 2150, 1179, - 2775, 554, 886, 2443, 1722, 1607, 1212, 2117, 1874, 1455, 1029, 2300, - 2110, 1219, 2935, 394, 885, 2444, 2154, 1175, -}; - -/* reduce_once reduces 0 <= x < 2*kPrime, mod kPrime. */ -static uint16_t -reduce_once(uint16_t x) -{ - assert(x < 2 * kPrime); - const uint16_t subtracted = x - kPrime; - uint16_t mask = 0u - (subtracted >> 15); - - /* - * Although this is a constant-time select, we omit a value barrier here. - * Value barriers impede auto-vectorization (likely because it forces the - * value to transit through a general-purpose register). On AArch64, this - * is a difference of 2x. - * - * We usually add value barriers to selects because Clang turns - * consecutive selects with the same condition into a branch instead of - * CMOV/CSEL. This condition does not occur in ML-KEM, so omitting it - * seems to be safe so far but see - * |scalar_centered_binomial_distribution_eta_2_with_prf|. - */ - return (mask & x) | (~mask & subtracted); -} - -/* - * constant time reduce x mod kPrime using Barrett reduction. x must be less - * than kPrime + 2×kPrime². - */ -static uint16_t -reduce(uint32_t x) -{ - uint64_t product = (uint64_t)x * kBarrettMultiplier; - uint32_t quotient = (uint32_t)(product >> kBarrettShift); - uint32_t remainder = x - quotient * kPrime; - - assert(x < kPrime + 2u * kPrime * kPrime); - return reduce_once(remainder); -} - -static void -scalar_zero(scalar *out) -{ - memset(out, 0, sizeof(*out)); -} - -static void -vector_zero(vector *out) -{ - memset(out, 0, sizeof(*out)); -} - -/* - * In place number theoretic transform of a given scalar. - * Note that MLKEM's kPrime 3329 does not have a 512th root of unity, so this - * transform leaves off the last iteration of the usual FFT code, with the 128 - * relevant roots of unity being stored in |kNTTRoots|. This means the output - * should be seen as 128 elements in GF(3329^2), with the coefficients of the - * elements being consecutive entries in |s->c|. - */ -static void -scalar_ntt(scalar *s) -{ - int offset = DEGREE; - int step; - /* - * `int` is used here because using `size_t` throughout caused a ~5% slowdown - * with Clang 14 on Aarch64. - */ - for (step = 1; step < DEGREE / 2; step <<= 1) { - int i, j, k = 0; - - offset >>= 1; - for (i = 0; i < step; i++) { - const uint32_t step_root = kNTTRoots[i + step]; - - for (j = k; j < k + offset; j++) { - uint16_t odd, even; - - odd = reduce(step_root * s->c[j + offset]); - even = s->c[j]; - s->c[j] = reduce_once(odd + even); - s->c[j + offset] = reduce_once(even - odd + - kPrime); - } - k += 2 * offset; - } - } -} - -static void -vector_ntt(vector *a) -{ - int i; - - for (i = 0; i < RANK768; i++) { - scalar_ntt(&a->v[i]); - } -} - -/* - * In place inverse number theoretic transform of a given scalar, with pairs of - * entries of s->v being interpreted as elements of GF(3329^2). Just as with the - * number theoretic transform, this leaves off the first step of the normal iFFT - * to account for the fact that 3329 does not have a 512th root of unity, using - * the precomputed 128 roots of unity stored in |kInverseNTTRoots|. - */ -static void -scalar_inverse_ntt(scalar *s) -{ - int i, j, k, offset, step = DEGREE / 2; - - /* - * `int` is used here because using `size_t` throughout caused a ~5% slowdown - * with Clang 14 on Aarch64. - */ - for (offset = 2; offset < DEGREE; offset <<= 1) { - step >>= 1; - k = 0; - for (i = 0; i < step; i++) { - uint32_t step_root = kInverseNTTRoots[i + step]; - for (j = k; j < k + offset; j++) { - uint16_t odd, even; - odd = s->c[j + offset]; - even = s->c[j]; - s->c[j] = reduce_once(odd + even); - s->c[j + offset] = reduce(step_root * - (even - odd + kPrime)); - } - k += 2 * offset; - } - } - for (i = 0; i < DEGREE; i++) { - s->c[i] = reduce(s->c[i] * kInverseDegree); - } -} - -static void -vector_inverse_ntt(vector *a) -{ - int i; - - for (i = 0; i < RANK768; i++) { - scalar_inverse_ntt(&a->v[i]); - } -} - -static void -scalar_add(scalar *lhs, const scalar *rhs) -{ - int i; - - for (i = 0; i < DEGREE; i++) { - lhs->c[i] = reduce_once(lhs->c[i] + rhs->c[i]); - } -} - -static void -scalar_sub(scalar *lhs, const scalar *rhs) -{ - int i; - - for (i = 0; i < DEGREE; i++) { - lhs->c[i] = reduce_once(lhs->c[i] - rhs->c[i] + kPrime); - } -} - -/* - * Multiplying two scalars in the number theoretically transformed state. - * Since 3329 does not have a 512th root of unity, this means we have to - * interpret the 2*ith and (2*i+1)th entries of the scalar as elements of - * GF(3329)[X]/(X^2 - 17^(2*bitreverse(i)+1)). - * The value of 17^(2*bitreverse(i)+1) mod 3329 is stored in the precomputed - * |kModRoots| table. Our Barrett transform only allows us to multiply two - * reduced numbers together, so we need some intermediate reduction steps, - * even if an uint64_t could hold 3 multiplied numbers. - */ -static void -scalar_mult(scalar *out, const scalar *lhs, const scalar *rhs) -{ - int i; - - for (i = 0; i < DEGREE / 2; i++) { - uint32_t real_real = (uint32_t)lhs->c[2 * i] * rhs->c[2 * i]; - uint32_t img_img = (uint32_t)lhs->c[2 * i + 1] * - rhs->c[2 * i + 1]; - uint32_t real_img = (uint32_t)lhs->c[2 * i] * rhs->c[2 * i + 1]; - uint32_t img_real = (uint32_t)lhs->c[2 * i + 1] * rhs->c[2 * i]; - - out->c[2 * i] = - reduce(real_real + - (uint32_t)reduce(img_img) * kModRoots[i]); - out->c[2 * i + 1] = reduce(img_real + real_img); - } -} - -static void -vector_add(vector *lhs, const vector *rhs) -{ - int i; - - for (i = 0; i < RANK768; i++) { - scalar_add(&lhs->v[i], &rhs->v[i]); - } -} - -static void -matrix_mult(vector *out, const matrix *m, const vector *a) -{ - int i, j; - - vector_zero(out); - for (i = 0; i < RANK768; i++) { - for (j = 0; j < RANK768; j++) { - scalar product; - - scalar_mult(&product, &m->v[i][j], &a->v[j]); - scalar_add(&out->v[i], &product); - } - } -} - -static void -matrix_mult_transpose(vector *out, const matrix *m, - const vector *a) -{ - int i, j; - - vector_zero(out); - for (i = 0; i < RANK768; i++) { - for (j = 0; j < RANK768; j++) { - scalar product; - - scalar_mult(&product, &m->v[j][i], &a->v[j]); - scalar_add(&out->v[i], &product); - } - } -} - -static void -scalar_inner_product(scalar *out, const vector *lhs, - const vector *rhs) -{ - int i; - scalar_zero(out); - for (i = 0; i < RANK768; i++) { - scalar product; - - scalar_mult(&product, &lhs->v[i], &rhs->v[i]); - scalar_add(out, &product); - } -} - -/* - * Algorithm 6 of spec. Rejection samples a Keccak stream to get uniformly - * distributed elements. This is used for matrix expansion and only operates on - * public inputs. - */ -static void -scalar_from_keccak_vartime(scalar *out, sha3_ctx *keccak_ctx) -{ - int i, done = 0; - - while (done < DEGREE) { - uint8_t block[168]; - - shake_out(keccak_ctx, block, sizeof(block)); - for (i = 0; i < sizeof(block) && done < DEGREE; i += 3) { - uint16_t d1 = block[i] + 256 * (block[i + 1] % 16); - uint16_t d2 = block[i + 1] / 16 + 16 * block[i + 2]; - - if (d1 < kPrime) { - out->c[done++] = d1; - } - if (d2 < kPrime && done < DEGREE) { - out->c[done++] = d2; - } - } - } -} - -/* - * Algorithm 7 of the spec, with eta fixed to two and the PRF call - * included. Creates binominally distributed elements by sampling 2*|eta| bits, - * and setting the coefficient to the count of the first bits minus the count of - * the second bits, resulting in a centered binomial distribution. Since eta is - * two this gives -2/2 with a probability of 1/16, -1/1 with probability 1/4, - * and 0 with probability 3/8. - */ -static void -scalar_centered_binomial_distribution_eta_2_with_prf(scalar *out, - const uint8_t input[33]) -{ - uint8_t entropy[128]; - int i; - - CTASSERT(sizeof(entropy) == 2 * /*kEta=*/ 2 * DEGREE / 8); - prf(entropy, sizeof(entropy), input); - - for (i = 0; i < DEGREE; i += 2) { - uint8_t byte = entropy[i / 2]; - uint16_t mask; - uint16_t value = (byte & 1) + ((byte >> 1) & 1); - - value -= ((byte >> 2) & 1) + ((byte >> 3) & 1); - - /* - * Add |kPrime| if |value| underflowed. See |reduce_once| for a - * discussion on why the value barrier is omitted. While this - * could have been written reduce_once(value + kPrime), this is - * one extra addition and small range of |value| tempts some - * versions of Clang to emit a branch. - */ - mask = 0u - (value >> 15); - out->c[i] = ((value + kPrime) & mask) | (value & ~mask); - - byte >>= 4; - value = (byte & 1) + ((byte >> 1) & 1); - value -= ((byte >> 2) & 1) + ((byte >> 3) & 1); - /* See above. */ - mask = 0u - (value >> 15); - out->c[i + 1] = ((value + kPrime) & mask) | (value & ~mask); - } -} - -/* - * Generates a secret vector by using - * |scalar_centered_binomial_distribution_eta_2_with_prf|, using the given seed - * appending and incrementing |counter| for entry of the vector. - */ -static void -vector_generate_secret_eta_2(vector *out, uint8_t *counter, - const uint8_t seed[32]) -{ - uint8_t input[33]; - int i; - - memcpy(input, seed, 32); - for (i = 0; i < RANK768; i++) { - input[32] = (*counter)++; - scalar_centered_binomial_distribution_eta_2_with_prf(&out->v[i], - input); - } -} - -/* Expands the matrix of a seed for key generation and for encaps-CPA. */ -static void -matrix_expand(matrix *out, const uint8_t rho[32]) -{ - uint8_t input[34]; - int i, j; - - memcpy(input, rho, 32); - for (i = 0; i < RANK768; i++) { - for (j = 0; j < RANK768; j++) { - sha3_ctx keccak_ctx; - - input[32] = i; - input[33] = j; - shake128_init(&keccak_ctx); - shake_update(&keccak_ctx, input, sizeof(input)); - shake_xof(&keccak_ctx); - scalar_from_keccak_vartime(&out->v[i][j], &keccak_ctx); - } - } -} - -static const uint8_t kMasks[8] = {0x01, 0x03, 0x07, 0x0f, - 0x1f, 0x3f, 0x7f, 0xff}; - -static void -scalar_encode(uint8_t *out, const scalar *s, int bits) -{ - uint8_t out_byte = 0; - int i, out_byte_bits = 0; - - assert(bits <= (int)sizeof(*s->c) * 8 && bits != 1); - for (i = 0; i < DEGREE; i++) { - uint16_t element = s->c[i]; - int element_bits_done = 0; - - while (element_bits_done < bits) { - int chunk_bits = bits - element_bits_done; - int out_bits_remaining = 8 - out_byte_bits; - - if (chunk_bits >= out_bits_remaining) { - chunk_bits = out_bits_remaining; - out_byte |= (element & - kMasks[chunk_bits - 1]) << out_byte_bits; - *out = out_byte; - out++; - out_byte_bits = 0; - out_byte = 0; - } else { - out_byte |= (element & - kMasks[chunk_bits - 1]) << out_byte_bits; - out_byte_bits += chunk_bits; - } - - element_bits_done += chunk_bits; - element >>= chunk_bits; - } - } - - if (out_byte_bits > 0) { - *out = out_byte; - } -} - -/* scalar_encode_1 is |scalar_encode| specialised for |bits| == 1. */ -static void -scalar_encode_1(uint8_t out[32], const scalar *s) -{ - int i, j; - - for (i = 0; i < DEGREE; i += 8) { - uint8_t out_byte = 0; - - for (j = 0; j < 8; j++) { - out_byte |= (s->c[i + j] & 1) << j; - } - *out = out_byte; - out++; - } -} - -/* - * Encodes an entire vector into 32*|RANK768|*|bits| bytes. Note that since 256 - * (DEGREE) is divisible by 8, the individual vector entries will always fill a - * whole number of bytes, so we do not need to worry about bit packing here. - */ -static void -vector_encode(uint8_t *out, const vector *a, int bits) -{ - int i; - - for (i = 0; i < RANK768; i++) { - scalar_encode(out + i * bits * DEGREE / 8, &a->v[i], bits); - } -} - -/* - * scalar_decode parses |DEGREE * bits| bits from |in| into |DEGREE| values in - * |out|. It returns one on success and zero if any parsed value is >= - * |kPrime|. - */ -static int -scalar_decode(scalar *out, const uint8_t *in, int bits) -{ - uint8_t in_byte = 0; - int i, in_byte_bits_left = 0; - - assert(bits <= (int)sizeof(*out->c) * 8 && bits != 1); - - for (i = 0; i < DEGREE; i++) { - uint16_t element = 0; - int element_bits_done = 0; - - while (element_bits_done < bits) { - int chunk_bits = bits - element_bits_done; - - if (in_byte_bits_left == 0) { - in_byte = *in; - in++; - in_byte_bits_left = 8; - } - - if (chunk_bits > in_byte_bits_left) { - chunk_bits = in_byte_bits_left; - } - - element |= (in_byte & kMasks[chunk_bits - 1]) << - element_bits_done; - in_byte_bits_left -= chunk_bits; - in_byte >>= chunk_bits; - - element_bits_done += chunk_bits; - } - - if (element >= kPrime) { - return 0; - } - out->c[i] = element; - } - - return 1; -} - -/* scalar_decode_1 is |scalar_decode| specialised for |bits| == 1. */ -static void -scalar_decode_1(scalar *out, const uint8_t in[32]) -{ - int i, j; - - for (i = 0; i < DEGREE; i += 8) { - uint8_t in_byte = *in; - - in++; - for (j = 0; j < 8; j++) { - out->c[i + j] = in_byte & 1; - in_byte >>= 1; - } - } -} - -/* - * Decodes 32*|RANK768|*|bits| bytes from |in| into |out|. It returns one on - * success or zero if any parsed value is >= |kPrime|. - */ -static int -vector_decode(vector *out, const uint8_t *in, int bits) -{ - int i; - - for (i = 0; i < RANK768; i++) { - if (!scalar_decode(&out->v[i], in + i * bits * DEGREE / 8, - bits)) { - return 0; - } - } - return 1; -} - -/* - * Compresses (lossily) an input |x| mod 3329 into |bits| many bits by grouping - * numbers close to each other together. The formula used is - * round(2^|bits|/kPrime*x) mod 2^|bits|. - * Uses Barrett reduction to achieve constant time. Since we need both the - * remainder (for rounding) and the quotient (as the result), we cannot use - * |reduce| here, but need to do the Barrett reduction directly. - */ -static uint16_t -compress(uint16_t x, int bits) -{ - uint32_t shifted = (uint32_t)x << bits; - uint64_t product = (uint64_t)shifted * kBarrettMultiplier; - uint32_t quotient = (uint32_t)(product >> kBarrettShift); - uint32_t remainder = shifted - quotient * kPrime; - - /* - * Adjust the quotient to round correctly: - * 0 <= remainder <= kHalfPrime round to 0 - * kHalfPrime < remainder <= kPrime + kHalfPrime round to 1 - * kPrime + kHalfPrime < remainder < 2 * kPrime round to 2 - */ - assert(remainder < 2u * kPrime); - quotient += 1 & constant_time_lt(kHalfPrime, remainder); - quotient += 1 & constant_time_lt(kPrime + kHalfPrime, remainder); - return quotient & ((1 << bits) - 1); -} - -/* - * Decompresses |x| by using an equi-distant representative. The formula is - * round(kPrime/2^|bits|*x). Note that 2^|bits| being the divisor allows us to - * implement this logic using only bit operations. - */ -static uint16_t -decompress(uint16_t x, int bits) -{ - uint32_t product = (uint32_t)x * kPrime; - uint32_t power = 1 << bits; - /* This is |product| % power, since |power| is a power of 2. */ - uint32_t remainder = product & (power - 1); - /* This is |product| / power, since |power| is a power of 2. */ - uint32_t lower = product >> bits; - - /* - * The rounding logic works since the first half of numbers mod |power| have a - * 0 as first bit, and the second half has a 1 as first bit, since |power| is - * a power of 2. As a 12 bit number, |remainder| is always positive, so we - * will shift in 0s for a right shift. - */ - return lower + (remainder >> (bits - 1)); -} - -static void -scalar_compress(scalar *s, int bits) -{ - int i; - - for (i = 0; i < DEGREE; i++) { - s->c[i] = compress(s->c[i], bits); - } -} - -static void -scalar_decompress(scalar *s, int bits) -{ - int i; - - for (i = 0; i < DEGREE; i++) { - s->c[i] = decompress(s->c[i], bits); - } -} - -static void -vector_compress(vector *a, int bits) -{ - int i; - - for (i = 0; i < RANK768; i++) { - scalar_compress(&a->v[i], bits); - } -} - -static void -vector_decompress(vector *a, int bits) -{ - int i; - - for (i = 0; i < RANK768; i++) { - scalar_decompress(&a->v[i], bits); - } -} - -struct public_key { - vector t; - uint8_t rho[32]; - uint8_t public_key_hash[32]; - matrix m; -}; - -static struct public_key * -public_key_768_from_external(const struct MLKEM768_public_key *external) -{ - return (struct public_key *)external; -} - -struct private_key { - struct public_key pub; - vector s; - uint8_t fo_failure_secret[32]; -}; - -static struct private_key * -private_key_768_from_external(const struct MLKEM768_private_key *external) -{ - return (struct private_key *)external; -} - -/* - * Calls |MLKEM768_generate_key_external_entropy| with random bytes from - * |RAND_bytes|. - */ -void -MLKEM768_generate_key(uint8_t out_encoded_public_key[MLKEM768_PUBLIC_KEY_BYTES], - uint8_t optional_out_seed[MLKEM_SEED_BYTES], - struct MLKEM768_private_key *out_private_key) -{ - uint8_t entropy_buf[MLKEM_SEED_BYTES]; - uint8_t *entropy = optional_out_seed != NULL ? optional_out_seed : - entropy_buf; - - arc4random_buf(entropy, MLKEM_SEED_BYTES); - MLKEM768_generate_key_external_entropy(out_encoded_public_key, - out_private_key, entropy); -} -LCRYPTO_ALIAS(MLKEM768_generate_key); - -int -MLKEM768_private_key_from_seed(struct MLKEM768_private_key *out_private_key, - const uint8_t *seed, size_t seed_len) -{ - uint8_t public_key_bytes[MLKEM768_PUBLIC_KEY_BYTES]; - - if (seed_len != MLKEM_SEED_BYTES) { - return 0; - } - MLKEM768_generate_key_external_entropy(public_key_bytes, - out_private_key, seed); - - return 1; -} -LCRYPTO_ALIAS(MLKEM768_private_key_from_seed); - -static int -mlkem_marshal_public_key(CBB *out, const struct public_key *pub) -{ - uint8_t *vector_output; - - if (!CBB_add_space(out, &vector_output, kEncodedVectorSize)) { - return 0; - } - vector_encode(vector_output, &pub->t, kLog2Prime); - if (!CBB_add_bytes(out, pub->rho, sizeof(pub->rho))) { - return 0; - } - return 1; -} - -void -MLKEM768_generate_key_external_entropy( - uint8_t out_encoded_public_key[MLKEM768_PUBLIC_KEY_BYTES], - struct MLKEM768_private_key *out_private_key, - const uint8_t entropy[MLKEM_SEED_BYTES]) -{ - struct private_key *priv = private_key_768_from_external( - out_private_key); - uint8_t augmented_seed[33]; - uint8_t *rho, *sigma; - uint8_t counter = 0; - uint8_t hashed[64]; - vector error; - CBB cbb; - - memcpy(augmented_seed, entropy, 32); - augmented_seed[32] = RANK768; - hash_g(hashed, augmented_seed, 33); - rho = hashed; - sigma = hashed + 32; - memcpy(priv->pub.rho, hashed, sizeof(priv->pub.rho)); - matrix_expand(&priv->pub.m, rho); - vector_generate_secret_eta_2(&priv->s, &counter, sigma); - vector_ntt(&priv->s); - vector_generate_secret_eta_2(&error, &counter, sigma); - vector_ntt(&error); - matrix_mult_transpose(&priv->pub.t, &priv->pub.m, &priv->s); - vector_add(&priv->pub.t, &error); - - /* XXX - error checking */ - CBB_init_fixed(&cbb, out_encoded_public_key, MLKEM768_PUBLIC_KEY_BYTES); - if (!mlkem_marshal_public_key(&cbb, &priv->pub)) { - abort(); - } - CBB_cleanup(&cbb); - - hash_h(priv->pub.public_key_hash, out_encoded_public_key, - MLKEM768_PUBLIC_KEY_BYTES); - memcpy(priv->fo_failure_secret, entropy + 32, 32); -} - -void -MLKEM768_public_from_private(struct MLKEM768_public_key *out_public_key, - const struct MLKEM768_private_key *private_key) -{ - struct public_key *const pub = public_key_768_from_external( - out_public_key); - const struct private_key *const priv = private_key_768_from_external( - private_key); - - *pub = priv->pub; -} -LCRYPTO_ALIAS(MLKEM768_public_from_private); - -/* - * Encrypts a message with given randomness to the ciphertext in |out|. Without - * applying the Fujisaki-Okamoto transform this would not result in a CCA secure - * scheme, since lattice schemes are vulnerable to decryption failure oracles. - */ -static void -encrypt_cpa(uint8_t out[MLKEM768_CIPHERTEXT_BYTES], - const struct public_key *pub, const uint8_t message[32], - const uint8_t randomness[32]) -{ - scalar expanded_message, scalar_error; - vector secret, error, u; - uint8_t counter = 0; - uint8_t input[33]; - scalar v; - - vector_generate_secret_eta_2(&secret, &counter, randomness); - vector_ntt(&secret); - vector_generate_secret_eta_2(&error, &counter, randomness); - memcpy(input, randomness, 32); - input[32] = counter; - scalar_centered_binomial_distribution_eta_2_with_prf(&scalar_error, - input); - matrix_mult(&u, &pub->m, &secret); - vector_inverse_ntt(&u); - vector_add(&u, &error); - scalar_inner_product(&v, &pub->t, &secret); - scalar_inverse_ntt(&v); - scalar_add(&v, &scalar_error); - scalar_decode_1(&expanded_message, message); - scalar_decompress(&expanded_message, 1); - scalar_add(&v, &expanded_message); - vector_compress(&u, kDU768); - vector_encode(out, &u, kDU768); - scalar_compress(&v, kDV768); - scalar_encode(out + kCompressedVectorSize, &v, kDV768); -} - -/* Calls MLKEM768_encap_external_entropy| with random bytes */ -void -MLKEM768_encap(uint8_t out_ciphertext[MLKEM768_CIPHERTEXT_BYTES], - uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], - const struct MLKEM768_public_key *public_key) -{ - uint8_t entropy[MLKEM_ENCAP_ENTROPY]; - - arc4random_buf(entropy, MLKEM_ENCAP_ENTROPY); - MLKEM768_encap_external_entropy(out_ciphertext, out_shared_secret, - public_key, entropy); -} -LCRYPTO_ALIAS(MLKEM768_encap); - -/* See section 6.2 of the spec. */ -void -MLKEM768_encap_external_entropy( - uint8_t out_ciphertext[MLKEM768_CIPHERTEXT_BYTES], - uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], - const struct MLKEM768_public_key *public_key, - const uint8_t entropy[MLKEM_ENCAP_ENTROPY]) -{ - const struct public_key *pub = public_key_768_from_external(public_key); - uint8_t key_and_randomness[64]; - uint8_t input[64]; - - memcpy(input, entropy, MLKEM_ENCAP_ENTROPY); - memcpy(input + MLKEM_ENCAP_ENTROPY, pub->public_key_hash, - sizeof(input) - MLKEM_ENCAP_ENTROPY); - hash_g(key_and_randomness, input, sizeof(input)); - encrypt_cpa(out_ciphertext, pub, entropy, key_and_randomness + 32); - memcpy(out_shared_secret, key_and_randomness, 32); -} - -static void -decrypt_cpa(uint8_t out[32], const struct private_key *priv, - const uint8_t ciphertext[MLKEM768_CIPHERTEXT_BYTES]) -{ - scalar mask, v; - vector u; - - vector_decode(&u, ciphertext, kDU768); - vector_decompress(&u, kDU768); - vector_ntt(&u); - scalar_decode(&v, ciphertext + kCompressedVectorSize, kDV768); - scalar_decompress(&v, kDV768); - scalar_inner_product(&mask, &priv->s, &u); - scalar_inverse_ntt(&mask); - scalar_sub(&v, &mask); - scalar_compress(&v, 1); - scalar_encode_1(out, &v); -} - -/* See section 6.3 */ -int -MLKEM768_decap(uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], - const uint8_t *ciphertext, size_t ciphertext_len, - const struct MLKEM768_private_key *private_key) -{ - const struct private_key *priv = private_key_768_from_external( - private_key); - uint8_t expected_ciphertext[MLKEM768_CIPHERTEXT_BYTES]; - uint8_t key_and_randomness[64]; - uint8_t failure_key[32]; - uint8_t decrypted[64]; - uint8_t mask; - int i; - - if (ciphertext_len != MLKEM768_CIPHERTEXT_BYTES) { - arc4random_buf(out_shared_secret, MLKEM_SHARED_SECRET_BYTES); - return 0; - } - - decrypt_cpa(decrypted, priv, ciphertext); - memcpy(decrypted + 32, priv->pub.public_key_hash, - sizeof(decrypted) - 32); - hash_g(key_and_randomness, decrypted, sizeof(decrypted)); - encrypt_cpa(expected_ciphertext, &priv->pub, decrypted, - key_and_randomness + 32); - kdf(failure_key, priv->fo_failure_secret, ciphertext, ciphertext_len); - mask = constant_time_eq_int_8(memcmp(ciphertext, expected_ciphertext, - sizeof(expected_ciphertext)), 0); - for (i = 0; i < MLKEM_SHARED_SECRET_BYTES; i++) { - out_shared_secret[i] = constant_time_select_8(mask, - key_and_randomness[i], failure_key[i]); - } - - return 1; -} -LCRYPTO_ALIAS(MLKEM768_decap); - -int -MLKEM768_marshal_public_key(CBB *out, - const struct MLKEM768_public_key *public_key) -{ - return mlkem_marshal_public_key(out, - public_key_768_from_external(public_key)); -} -LCRYPTO_ALIAS(MLKEM768_marshal_public_key); - -/* - * mlkem_parse_public_key_no_hash parses |in| into |pub| but doesn't calculate - * the value of |pub->public_key_hash|. - */ -static int -mlkem_parse_public_key_no_hash(struct public_key *pub, CBS *in) -{ - CBS t_bytes; - - if (!CBS_get_bytes(in, &t_bytes, kEncodedVectorSize) || - !vector_decode(&pub->t, CBS_data(&t_bytes), kLog2Prime)) { - return 0; - } - memcpy(pub->rho, CBS_data(in), sizeof(pub->rho)); - if (!CBS_skip(in, sizeof(pub->rho))) - return 0; - matrix_expand(&pub->m, pub->rho); - return 1; -} - -int -MLKEM768_parse_public_key(struct MLKEM768_public_key *public_key, CBS *in) -{ - struct public_key *pub = public_key_768_from_external(public_key); - CBS orig_in = *in; - - if (!mlkem_parse_public_key_no_hash(pub, in) || - CBS_len(in) != 0) { - return 0; - } - hash_h(pub->public_key_hash, CBS_data(&orig_in), CBS_len(&orig_in)); - return 1; -} -LCRYPTO_ALIAS(MLKEM768_parse_public_key); - -int -MLKEM768_marshal_private_key(CBB *out, - const struct MLKEM768_private_key *private_key) -{ - const struct private_key *const priv = private_key_768_from_external( - private_key); - uint8_t *s_output; - - if (!CBB_add_space(out, &s_output, kEncodedVectorSize)) { - return 0; - } - vector_encode(s_output, &priv->s, kLog2Prime); - if (!mlkem_marshal_public_key(out, &priv->pub) || - !CBB_add_bytes(out, priv->pub.public_key_hash, - sizeof(priv->pub.public_key_hash)) || - !CBB_add_bytes(out, priv->fo_failure_secret, - sizeof(priv->fo_failure_secret))) { - return 0; - } - return 1; -} - -int -MLKEM768_parse_private_key(struct MLKEM768_private_key *out_private_key, - CBS *in) -{ - struct private_key *const priv = private_key_768_from_external( - out_private_key); - CBS s_bytes; - - if (!CBS_get_bytes(in, &s_bytes, kEncodedVectorSize) || - !vector_decode(&priv->s, CBS_data(&s_bytes), kLog2Prime) || - !mlkem_parse_public_key_no_hash(&priv->pub, in)) { - return 0; - } - memcpy(priv->pub.public_key_hash, CBS_data(in), - sizeof(priv->pub.public_key_hash)); - if (!CBS_skip(in, sizeof(priv->pub.public_key_hash))) - return 0; - memcpy(priv->fo_failure_secret, CBS_data(in), - sizeof(priv->fo_failure_secret)); - if (!CBS_skip(in, sizeof(priv->fo_failure_secret))) - return 0; - if (CBS_len(in) != 0) - return 0; - - return 1; -} -LCRYPTO_ALIAS(MLKEM768_parse_private_key); diff --git a/src/lib/libcrypto/mlkem/mlkem_internal.h b/src/lib/libcrypto/mlkem/mlkem_internal.h deleted file mode 100644 index d3f325932f..0000000000 --- a/src/lib/libcrypto/mlkem/mlkem_internal.h +++ /dev/null @@ -1,121 +0,0 @@ -/* $OpenBSD: mlkem_internal.h,v 1.4 2024/12/19 23:52:26 tb Exp $ */ -/* - * Copyright (c) 2023, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef OPENSSL_HEADER_CRYPTO_MLKEM_INTERNAL_H -#define OPENSSL_HEADER_CRYPTO_MLKEM_INTERNAL_H - -#include "bytestring.h" -#include "mlkem.h" - -#if defined(__cplusplus) -extern "C" { -#endif - -__BEGIN_HIDDEN_DECLS - -/* - * MLKEM_ENCAP_ENTROPY is the number of bytes of uniformly random entropy - * necessary to encapsulate a secret. The entropy will be leaked to the - * decapsulating party. - */ -#define MLKEM_ENCAP_ENTROPY 32 - -/* - * MLKEM768_generate_key_external_entropy is a deterministic function to create a - * pair of ML-KEM 768 keys, using the supplied entropy. The entropy needs to be - * uniformly random generated. This function is should only be used for tests, - * regular callers should use the non-deterministic |MLKEM_generate_key| - * directly. - */ -void MLKEM768_generate_key_external_entropy( - uint8_t out_encoded_public_key[MLKEM768_PUBLIC_KEY_BYTES], - struct MLKEM768_private_key *out_private_key, - const uint8_t entropy[MLKEM_SEED_BYTES]); - -/* - * MLKEM768_PRIVATE_KEY_BYTES is the length of the data produced by - * |MLKEM768_marshal_private_key|. - */ -#define MLKEM768_PRIVATE_KEY_BYTES 2400 - -/* - * MLKEM768_marshal_private_key serializes |private_key| to |out| in the standard - * format for ML-KEM private keys. It returns one on success or zero on - * allocation error. - */ -int MLKEM768_marshal_private_key(CBB *out, - const struct MLKEM768_private_key *private_key); - -/* - * MLKEM_encap_external_entropy behaves like |MLKEM_encap|, but uses - * |MLKEM_ENCAP_ENTROPY| bytes of |entropy| for randomization. The decapsulating - * side will be able to recover |entropy| in full. This function should only be - * used for tests, regular callers should use the non-deterministic - * |MLKEM_encap| directly. - */ -void MLKEM768_encap_external_entropy( - uint8_t out_ciphertext[MLKEM768_CIPHERTEXT_BYTES], - uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], - const struct MLKEM768_public_key *public_key, - const uint8_t entropy[MLKEM_ENCAP_ENTROPY]); - -/* - * MLKEM1024_generate_key_external_entropy is a deterministic function to create a - * pair of ML-KEM 1024 keys, using the supplied entropy. The entropy needs to be - * uniformly random generated. This function is should only be used for tests, - * regular callers should use the non-deterministic |MLKEM_generate_key| - * directly. - */ -void MLKEM1024_generate_key_external_entropy( - uint8_t out_encoded_public_key[MLKEM1024_PUBLIC_KEY_BYTES], - struct MLKEM1024_private_key *out_private_key, - const uint8_t entropy[MLKEM_SEED_BYTES]); - -/* - * MLKEM1024_PRIVATE_KEY_BYTES is the length of the data produced by - * |MLKEM1024_marshal_private_key|. - */ -#define MLKEM1024_PRIVATE_KEY_BYTES 3168 - -/* - * MLKEM1024_marshal_private_key serializes |private_key| to |out| in the - * standard format for ML-KEM private keys. It returns one on success or zero on - * allocation error. - */ -int MLKEM1024_marshal_private_key(CBB *out, - const struct MLKEM1024_private_key *private_key); - -/* - * MLKEM_encap_external_entropy behaves like |MLKEM_encap|, but uses - * |MLKEM_ENCAP_ENTROPY| bytes of |entropy| for randomization. The decapsulating - * side will be able to recover |entropy| in full. This function should only be - * used for tests, regular callers should use the non-deterministic - * |MLKEM_encap| directly. - */ -void MLKEM1024_encap_external_entropy( - uint8_t out_ciphertext[MLKEM1024_CIPHERTEXT_BYTES], - uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], - const struct MLKEM1024_public_key *public_key, - const uint8_t entropy[MLKEM_ENCAP_ENTROPY]); - -__END_HIDDEN_DECLS - -#if defined(__cplusplus) -} -#endif - -#endif /* OPENSSL_HEADER_CRYPTO_MLKEM_INTERNAL_H */ diff --git a/src/lib/libcrypto/modes/asm/ghash-alpha.pl b/src/lib/libcrypto/modes/asm/ghash-alpha.pl deleted file mode 100644 index 9d847006c4..0000000000 --- a/src/lib/libcrypto/modes/asm/ghash-alpha.pl +++ /dev/null @@ -1,444 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== -# -# March 2010 -# -# The module implements "4-bit" GCM GHASH function and underlying -# single multiplication operation in GF(2^128). "4-bit" means that it -# uses 256 bytes per-key table [+128 bytes shared table]. Even though -# loops are aggressively modulo-scheduled in respect to references to -# Htbl and Z.hi updates for 8 cycles per byte, measured performance is -# ~12 cycles per processed byte on 21264 CPU. It seems to be a dynamic -# scheduling "glitch," because uprofile(1) indicates uniform sample -# distribution, as if all instruction bundles execute in 1.5 cycles. -# Meaning that it could have been even faster, yet 12 cycles is ~60% -# better than gcc-generated code and ~80% than code generated by vendor -# compiler. - -$cnt="v0"; # $0 -$t0="t0"; -$t1="t1"; -$t2="t2"; -$Thi0="t3"; # $4 -$Tlo0="t4"; -$Thi1="t5"; -$Tlo1="t6"; -$rem="t7"; # $8 -################# -$Xi="a0"; # $16, input argument block -$Htbl="a1"; -$inp="a2"; -$len="a3"; -$nlo="a4"; # $20 -$nhi="a5"; -$Zhi="t8"; -$Zlo="t9"; -$Xhi="t10"; # $24 -$Xlo="t11"; -$remp="t12"; -$rem_4bit="AT"; # $28 - -{ my $N; - sub loop() { - - $N++; -$code.=<<___; -.align 4 - extbl $Xlo,7,$nlo - and $nlo,0xf0,$nhi - sll $nlo,4,$nlo - and $nlo,0xf0,$nlo - - addq $nlo,$Htbl,$nlo - ldq $Zlo,8($nlo) - addq $nhi,$Htbl,$nhi - ldq $Zhi,0($nlo) - - and $Zlo,0x0f,$remp - sll $Zhi,60,$t0 - lda $cnt,6(zero) - extbl $Xlo,6,$nlo - - ldq $Tlo1,8($nhi) - s8addq $remp,$rem_4bit,$remp - ldq $Thi1,0($nhi) - srl $Zlo,4,$Zlo - - ldq $rem,0($remp) - srl $Zhi,4,$Zhi - xor $t0,$Zlo,$Zlo - and $nlo,0xf0,$nhi - - xor $Tlo1,$Zlo,$Zlo - sll $nlo,4,$nlo - xor $Thi1,$Zhi,$Zhi - and $nlo,0xf0,$nlo - - addq $nlo,$Htbl,$nlo - ldq $Tlo0,8($nlo) - addq $nhi,$Htbl,$nhi - ldq $Thi0,0($nlo) - -.Looplo$N: - and $Zlo,0x0f,$remp - sll $Zhi,60,$t0 - subq $cnt,1,$cnt - srl $Zlo,4,$Zlo - - ldq $Tlo1,8($nhi) - xor $rem,$Zhi,$Zhi - ldq $Thi1,0($nhi) - s8addq $remp,$rem_4bit,$remp - - ldq $rem,0($remp) - srl $Zhi,4,$Zhi - xor $t0,$Zlo,$Zlo - extbl $Xlo,$cnt,$nlo - - and $nlo,0xf0,$nhi - xor $Thi0,$Zhi,$Zhi - xor $Tlo0,$Zlo,$Zlo - sll $nlo,4,$nlo - - - and $Zlo,0x0f,$remp - sll $Zhi,60,$t0 - and $nlo,0xf0,$nlo - srl $Zlo,4,$Zlo - - s8addq $remp,$rem_4bit,$remp - xor $rem,$Zhi,$Zhi - addq $nlo,$Htbl,$nlo - addq $nhi,$Htbl,$nhi - - ldq $rem,0($remp) - srl $Zhi,4,$Zhi - ldq $Tlo0,8($nlo) - xor $t0,$Zlo,$Zlo - - xor $Tlo1,$Zlo,$Zlo - xor $Thi1,$Zhi,$Zhi - ldq $Thi0,0($nlo) - bne $cnt,.Looplo$N - - - and $Zlo,0x0f,$remp - sll $Zhi,60,$t0 - lda $cnt,7(zero) - srl $Zlo,4,$Zlo - - ldq $Tlo1,8($nhi) - xor $rem,$Zhi,$Zhi - ldq $Thi1,0($nhi) - s8addq $remp,$rem_4bit,$remp - - ldq $rem,0($remp) - srl $Zhi,4,$Zhi - xor $t0,$Zlo,$Zlo - extbl $Xhi,$cnt,$nlo - - and $nlo,0xf0,$nhi - xor $Thi0,$Zhi,$Zhi - xor $Tlo0,$Zlo,$Zlo - sll $nlo,4,$nlo - - and $Zlo,0x0f,$remp - sll $Zhi,60,$t0 - and $nlo,0xf0,$nlo - srl $Zlo,4,$Zlo - - s8addq $remp,$rem_4bit,$remp - xor $rem,$Zhi,$Zhi - addq $nlo,$Htbl,$nlo - addq $nhi,$Htbl,$nhi - - ldq $rem,0($remp) - srl $Zhi,4,$Zhi - ldq $Tlo0,8($nlo) - xor $t0,$Zlo,$Zlo - - xor $Tlo1,$Zlo,$Zlo - xor $Thi1,$Zhi,$Zhi - ldq $Thi0,0($nlo) - unop - - -.Loophi$N: - and $Zlo,0x0f,$remp - sll $Zhi,60,$t0 - subq $cnt,1,$cnt - srl $Zlo,4,$Zlo - - ldq $Tlo1,8($nhi) - xor $rem,$Zhi,$Zhi - ldq $Thi1,0($nhi) - s8addq $remp,$rem_4bit,$remp - - ldq $rem,0($remp) - srl $Zhi,4,$Zhi - xor $t0,$Zlo,$Zlo - extbl $Xhi,$cnt,$nlo - - and $nlo,0xf0,$nhi - xor $Thi0,$Zhi,$Zhi - xor $Tlo0,$Zlo,$Zlo - sll $nlo,4,$nlo - - - and $Zlo,0x0f,$remp - sll $Zhi,60,$t0 - and $nlo,0xf0,$nlo - srl $Zlo,4,$Zlo - - s8addq $remp,$rem_4bit,$remp - xor $rem,$Zhi,$Zhi - addq $nlo,$Htbl,$nlo - addq $nhi,$Htbl,$nhi - - ldq $rem,0($remp) - srl $Zhi,4,$Zhi - ldq $Tlo0,8($nlo) - xor $t0,$Zlo,$Zlo - - xor $Tlo1,$Zlo,$Zlo - xor $Thi1,$Zhi,$Zhi - ldq $Thi0,0($nlo) - bne $cnt,.Loophi$N - - - and $Zlo,0x0f,$remp - sll $Zhi,60,$t0 - srl $Zlo,4,$Zlo - - ldq $Tlo1,8($nhi) - xor $rem,$Zhi,$Zhi - ldq $Thi1,0($nhi) - s8addq $remp,$rem_4bit,$remp - - ldq $rem,0($remp) - srl $Zhi,4,$Zhi - xor $t0,$Zlo,$Zlo - - xor $Tlo0,$Zlo,$Zlo - xor $Thi0,$Zhi,$Zhi - - and $Zlo,0x0f,$remp - sll $Zhi,60,$t0 - srl $Zlo,4,$Zlo - - s8addq $remp,$rem_4bit,$remp - xor $rem,$Zhi,$Zhi - - ldq $rem,0($remp) - srl $Zhi,4,$Zhi - xor $Tlo1,$Zlo,$Zlo - xor $Thi1,$Zhi,$Zhi - xor $t0,$Zlo,$Zlo - xor $rem,$Zhi,$Zhi -___ -}} - -$code=<<___; -#include - -.text - -.set noat -.set noreorder -.globl gcm_gmult_4bit -.align 4 -.ent gcm_gmult_4bit -gcm_gmult_4bit: - .frame sp,0,ra - .prologue 0 - - ldq $Xlo,8($Xi) - ldq $Xhi,0($Xi) - - lda $rem_4bit,rem_4bit -___ - - &loop(); - -$code.=<<___; - srl $Zlo,24,$t0 # byte swap - srl $Zlo,8,$t1 - - sll $Zlo,8,$t2 - sll $Zlo,24,$Zlo - zapnot $t0,0x11,$t0 - zapnot $t1,0x22,$t1 - - zapnot $Zlo,0x88,$Zlo - or $t0,$t1,$t0 - zapnot $t2,0x44,$t2 - - or $Zlo,$t0,$Zlo - srl $Zhi,24,$t0 - srl $Zhi,8,$t1 - - or $Zlo,$t2,$Zlo - sll $Zhi,8,$t2 - sll $Zhi,24,$Zhi - - srl $Zlo,32,$Xlo - sll $Zlo,32,$Zlo - - zapnot $t0,0x11,$t0 - zapnot $t1,0x22,$t1 - or $Zlo,$Xlo,$Xlo - - zapnot $Zhi,0x88,$Zhi - or $t0,$t1,$t0 - zapnot $t2,0x44,$t2 - - or $Zhi,$t0,$Zhi - or $Zhi,$t2,$Zhi - - srl $Zhi,32,$Xhi - sll $Zhi,32,$Zhi - - or $Zhi,$Xhi,$Xhi - stq $Xlo,8($Xi) - stq $Xhi,0($Xi) - - ret (ra) -.end gcm_gmult_4bit -___ - -$inhi="s0"; -$inlo="s1"; - -$code.=<<___; -.globl gcm_ghash_4bit -.align 4 -.ent gcm_ghash_4bit -gcm_ghash_4bit: - lda sp,-32(sp) - stq ra,0(sp) - stq s0,8(sp) - stq s1,16(sp) - .mask 0x04000600,-32 - .frame sp,32,ra - .prologue 0 - - ldq_u $inhi,0($inp) - ldq_u $Thi0,7($inp) - ldq_u $inlo,8($inp) - ldq_u $Tlo0,15($inp) - ldq $Xhi,0($Xi) - ldq $Xlo,8($Xi) - - lda $rem_4bit,rem_4bit - -.Louter: - extql $inhi,$inp,$inhi - extqh $Thi0,$inp,$Thi0 - or $inhi,$Thi0,$inhi - lda $inp,16($inp) - - extql $inlo,$inp,$inlo - extqh $Tlo0,$inp,$Tlo0 - or $inlo,$Tlo0,$inlo - subq $len,16,$len - - xor $Xlo,$inlo,$Xlo - xor $Xhi,$inhi,$Xhi -___ - - &loop(); - -$code.=<<___; - srl $Zlo,24,$t0 # byte swap - srl $Zlo,8,$t1 - - sll $Zlo,8,$t2 - sll $Zlo,24,$Zlo - zapnot $t0,0x11,$t0 - zapnot $t1,0x22,$t1 - - zapnot $Zlo,0x88,$Zlo - or $t0,$t1,$t0 - zapnot $t2,0x44,$t2 - - or $Zlo,$t0,$Zlo - srl $Zhi,24,$t0 - srl $Zhi,8,$t1 - - or $Zlo,$t2,$Zlo - sll $Zhi,8,$t2 - sll $Zhi,24,$Zhi - - srl $Zlo,32,$Xlo - sll $Zlo,32,$Zlo - beq $len,.Ldone - - zapnot $t0,0x11,$t0 - zapnot $t1,0x22,$t1 - or $Zlo,$Xlo,$Xlo - ldq_u $inhi,0($inp) - - zapnot $Zhi,0x88,$Zhi - or $t0,$t1,$t0 - zapnot $t2,0x44,$t2 - ldq_u $Thi0,7($inp) - - or $Zhi,$t0,$Zhi - or $Zhi,$t2,$Zhi - ldq_u $inlo,8($inp) - ldq_u $Tlo0,15($inp) - - srl $Zhi,32,$Xhi - sll $Zhi,32,$Zhi - - or $Zhi,$Xhi,$Xhi - br zero,.Louter - -.Ldone: - zapnot $t0,0x11,$t0 - zapnot $t1,0x22,$t1 - or $Zlo,$Xlo,$Xlo - - zapnot $Zhi,0x88,$Zhi - or $t0,$t1,$t0 - zapnot $t2,0x44,$t2 - - or $Zhi,$t0,$Zhi - or $Zhi,$t2,$Zhi - - srl $Zhi,32,$Xhi - sll $Zhi,32,$Zhi - - or $Zhi,$Xhi,$Xhi - - stq $Xlo,8($Xi) - stq $Xhi,0($Xi) - - .set noreorder - /*ldq ra,0(sp)*/ - ldq s0,8(sp) - ldq s1,16(sp) - lda sp,32(sp) - ret (ra) -.end gcm_ghash_4bit - - .section .rodata - .align 4 -rem_4bit: - .long 0,0x0000<<16, 0,0x1C20<<16, 0,0x3840<<16, 0,0x2460<<16 - .long 0,0x7080<<16, 0,0x6CA0<<16, 0,0x48C0<<16, 0,0x54E0<<16 - .long 0,0xE100<<16, 0,0xFD20<<16, 0,0xD940<<16, 0,0xC560<<16 - .long 0,0x9180<<16, 0,0x8DA0<<16, 0,0xA9C0<<16, 0,0xB5E0<<16 - .previous - -___ -$output=shift and open STDOUT,">$output"; -print $code; -close STDOUT; - diff --git a/src/lib/libcrypto/modes/asm/ghash-armv4.pl b/src/lib/libcrypto/modes/asm/ghash-armv4.pl deleted file mode 100644 index 2d57806b46..0000000000 --- a/src/lib/libcrypto/modes/asm/ghash-armv4.pl +++ /dev/null @@ -1,430 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== -# -# April 2010 -# -# The module implements "4-bit" GCM GHASH function and underlying -# single multiplication operation in GF(2^128). "4-bit" means that it -# uses 256 bytes per-key table [+32 bytes shared table]. There is no -# experimental performance data available yet. The only approximation -# that can be made at this point is based on code size. Inner loop is -# 32 instructions long and on single-issue core should execute in <40 -# cycles. Having verified that gcc 3.4 didn't unroll corresponding -# loop, this assembler loop body was found to be ~3x smaller than -# compiler-generated one... -# -# July 2010 -# -# Rescheduling for dual-issue pipeline resulted in 8.5% improvement on -# Cortex A8 core and ~25 cycles per processed byte (which was observed -# to be ~3 times faster than gcc-generated code:-) -# -# February 2011 -# -# Profiler-assisted and platform-specific optimization resulted in 7% -# improvement on Cortex A8 core and ~23.5 cycles per byte. -# -# March 2011 -# -# Add NEON implementation featuring polynomial multiplication, i.e. no -# lookup tables involved. On Cortex A8 it was measured to process one -# byte in 15 cycles or 55% faster than integer-only code. - -# ==================================================================== -# Note about "528B" variant. In ARM case it makes lesser sense to -# implement it for following reasons: -# -# - performance improvement won't be anywhere near 50%, because 128- -# bit shift operation is neatly fused with 128-bit xor here, and -# "538B" variant would eliminate only 4-5 instructions out of 32 -# in the inner loop (meaning that estimated improvement is ~15%); -# - ARM-based systems are often embedded ones and extra memory -# consumption might be unappreciated (for so little improvement); -# -# Byte order [in]dependence. ========================================= -# -# Caller is expected to maintain specific *dword* order in Htable, -# namely with *least* significant dword of 128-bit value at *lower* -# address. This differs completely from C code and has everything to -# do with ldm instruction and order in which dwords are "consumed" by -# algorithm. *Byte* order within these dwords in turn is whatever -# *native* byte order on current platform. See gcm128.c for working -# example... - -while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {} -open STDOUT,">$output"; - -$Xi="r0"; # argument block -$Htbl="r1"; -$inp="r2"; -$len="r3"; - -$Zll="r4"; # variables -$Zlh="r5"; -$Zhl="r6"; -$Zhh="r7"; -$Tll="r8"; -$Tlh="r9"; -$Thl="r10"; -$Thh="r11"; -$nlo="r12"; -################# r13 is stack pointer -$nhi="r14"; -################# r15 is program counter - -$rem_4bit=$inp; # used in gcm_gmult_4bit -$cnt=$len; - -sub Zsmash() { - my $i=12; - my @args=@_; - for ($Zll,$Zlh,$Zhl,$Zhh) { - $code.=<<___; -#if __ARM_ARCH__>=7 && defined(__ARMEL__) - rev $_,$_ - str $_,[$Xi,#$i] -#elif defined(__ARMEB__) - str $_,[$Xi,#$i] -#else - mov $Tlh,$_,lsr#8 - strb $_,[$Xi,#$i+3] - mov $Thl,$_,lsr#16 - strb $Tlh,[$Xi,#$i+2] - mov $Thh,$_,lsr#24 - strb $Thl,[$Xi,#$i+1] - strb $Thh,[$Xi,#$i] -#endif -___ - $code.="\t".shift(@args)."\n"; - $i-=4; - } -} - -$code=<<___; -#include "arm_arch.h" - -.text -.syntax unified -.code 32 - -.type rem_4bit,%object -.align 5 -rem_4bit: -.short 0x0000,0x1C20,0x3840,0x2460 -.short 0x7080,0x6CA0,0x48C0,0x54E0 -.short 0xE100,0xFD20,0xD940,0xC560 -.short 0x9180,0x8DA0,0xA9C0,0xB5E0 -.size rem_4bit,.-rem_4bit - -.type rem_4bit_get,%function -rem_4bit_get: - sub $rem_4bit,pc,#8 - sub $rem_4bit,$rem_4bit,#32 @ &rem_4bit - b .Lrem_4bit_got - nop -.size rem_4bit_get,.-rem_4bit_get - -.global gcm_ghash_4bit -.type gcm_ghash_4bit,%function -gcm_ghash_4bit: - sub r12,pc,#8 - add $len,$inp,$len @ $len to point at the end - stmdb sp!,{r3-r11,lr} @ save $len/end too - sub r12,r12,#48 @ &rem_4bit - - ldmia r12,{r4-r11} @ copy rem_4bit ... - stmdb sp!,{r4-r11} @ ... to stack - - ldrb $nlo,[$inp,#15] - ldrb $nhi,[$Xi,#15] -.Louter: - eor $nlo,$nlo,$nhi - and $nhi,$nlo,#0xf0 - and $nlo,$nlo,#0x0f - mov $cnt,#14 - - add $Zhh,$Htbl,$nlo,lsl#4 - ldmia $Zhh,{$Zll-$Zhh} @ load Htbl[nlo] - add $Thh,$Htbl,$nhi - ldrb $nlo,[$inp,#14] - - and $nhi,$Zll,#0xf @ rem - ldmia $Thh,{$Tll-$Thh} @ load Htbl[nhi] - add $nhi,$nhi,$nhi - eor $Zll,$Tll,$Zll,lsr#4 - ldrh $Tll,[sp,$nhi] @ rem_4bit[rem] - eor $Zll,$Zll,$Zlh,lsl#28 - ldrb $nhi,[$Xi,#14] - eor $Zlh,$Tlh,$Zlh,lsr#4 - eor $Zlh,$Zlh,$Zhl,lsl#28 - eor $Zhl,$Thl,$Zhl,lsr#4 - eor $Zhl,$Zhl,$Zhh,lsl#28 - eor $Zhh,$Thh,$Zhh,lsr#4 - eor $nlo,$nlo,$nhi - and $nhi,$nlo,#0xf0 - and $nlo,$nlo,#0x0f - eor $Zhh,$Zhh,$Tll,lsl#16 - -.Linner: - add $Thh,$Htbl,$nlo,lsl#4 - and $nlo,$Zll,#0xf @ rem - subs $cnt,$cnt,#1 - add $nlo,$nlo,$nlo - ldmia $Thh,{$Tll-$Thh} @ load Htbl[nlo] - eor $Zll,$Tll,$Zll,lsr#4 - eor $Zll,$Zll,$Zlh,lsl#28 - eor $Zlh,$Tlh,$Zlh,lsr#4 - eor $Zlh,$Zlh,$Zhl,lsl#28 - ldrh $Tll,[sp,$nlo] @ rem_4bit[rem] - eor $Zhl,$Thl,$Zhl,lsr#4 - ldrbpl $nlo,[$inp,$cnt] - eor $Zhl,$Zhl,$Zhh,lsl#28 - eor $Zhh,$Thh,$Zhh,lsr#4 - - add $Thh,$Htbl,$nhi - and $nhi,$Zll,#0xf @ rem - eor $Zhh,$Zhh,$Tll,lsl#16 @ ^= rem_4bit[rem] - add $nhi,$nhi,$nhi - ldmia $Thh,{$Tll-$Thh} @ load Htbl[nhi] - eor $Zll,$Tll,$Zll,lsr#4 - ldrbpl $Tll,[$Xi,$cnt] - eor $Zll,$Zll,$Zlh,lsl#28 - eor $Zlh,$Tlh,$Zlh,lsr#4 - ldrh $Tlh,[sp,$nhi] - eor $Zlh,$Zlh,$Zhl,lsl#28 - eor $Zhl,$Thl,$Zhl,lsr#4 - eor $Zhl,$Zhl,$Zhh,lsl#28 - eorpl $nlo,$nlo,$Tll - eor $Zhh,$Thh,$Zhh,lsr#4 - andpl $nhi,$nlo,#0xf0 - andpl $nlo,$nlo,#0x0f - eor $Zhh,$Zhh,$Tlh,lsl#16 @ ^= rem_4bit[rem] - bpl .Linner - - ldr $len,[sp,#32] @ re-load $len/end - add $inp,$inp,#16 - mov $nhi,$Zll -___ - &Zsmash("cmp\t$inp,$len","ldrbne\t$nlo,[$inp,#15]"); -$code.=<<___; - bne .Louter - - add sp,sp,#36 -#if __ARM_ARCH__>=5 - ldmia sp!,{r4-r11,pc} -#else - ldmia sp!,{r4-r11,lr} - tst lr,#1 - moveq pc,lr @ be binary compatible with V4, yet - bx lr @ interoperable with Thumb ISA:-) -#endif -.size gcm_ghash_4bit,.-gcm_ghash_4bit - -.global gcm_gmult_4bit -.type gcm_gmult_4bit,%function -gcm_gmult_4bit: - stmdb sp!,{r4-r11,lr} - ldrb $nlo,[$Xi,#15] - b rem_4bit_get -.Lrem_4bit_got: - and $nhi,$nlo,#0xf0 - and $nlo,$nlo,#0x0f - mov $cnt,#14 - - add $Zhh,$Htbl,$nlo,lsl#4 - ldmia $Zhh,{$Zll-$Zhh} @ load Htbl[nlo] - ldrb $nlo,[$Xi,#14] - - add $Thh,$Htbl,$nhi - and $nhi,$Zll,#0xf @ rem - ldmia $Thh,{$Tll-$Thh} @ load Htbl[nhi] - add $nhi,$nhi,$nhi - eor $Zll,$Tll,$Zll,lsr#4 - ldrh $Tll,[$rem_4bit,$nhi] @ rem_4bit[rem] - eor $Zll,$Zll,$Zlh,lsl#28 - eor $Zlh,$Tlh,$Zlh,lsr#4 - eor $Zlh,$Zlh,$Zhl,lsl#28 - eor $Zhl,$Thl,$Zhl,lsr#4 - eor $Zhl,$Zhl,$Zhh,lsl#28 - eor $Zhh,$Thh,$Zhh,lsr#4 - and $nhi,$nlo,#0xf0 - eor $Zhh,$Zhh,$Tll,lsl#16 - and $nlo,$nlo,#0x0f - -.Loop: - add $Thh,$Htbl,$nlo,lsl#4 - and $nlo,$Zll,#0xf @ rem - subs $cnt,$cnt,#1 - add $nlo,$nlo,$nlo - ldmia $Thh,{$Tll-$Thh} @ load Htbl[nlo] - eor $Zll,$Tll,$Zll,lsr#4 - eor $Zll,$Zll,$Zlh,lsl#28 - eor $Zlh,$Tlh,$Zlh,lsr#4 - eor $Zlh,$Zlh,$Zhl,lsl#28 - ldrh $Tll,[$rem_4bit,$nlo] @ rem_4bit[rem] - eor $Zhl,$Thl,$Zhl,lsr#4 - ldrbpl $nlo,[$Xi,$cnt] - eor $Zhl,$Zhl,$Zhh,lsl#28 - eor $Zhh,$Thh,$Zhh,lsr#4 - - add $Thh,$Htbl,$nhi - and $nhi,$Zll,#0xf @ rem - eor $Zhh,$Zhh,$Tll,lsl#16 @ ^= rem_4bit[rem] - add $nhi,$nhi,$nhi - ldmia $Thh,{$Tll-$Thh} @ load Htbl[nhi] - eor $Zll,$Tll,$Zll,lsr#4 - eor $Zll,$Zll,$Zlh,lsl#28 - eor $Zlh,$Tlh,$Zlh,lsr#4 - ldrh $Tll,[$rem_4bit,$nhi] @ rem_4bit[rem] - eor $Zlh,$Zlh,$Zhl,lsl#28 - eor $Zhl,$Thl,$Zhl,lsr#4 - eor $Zhl,$Zhl,$Zhh,lsl#28 - eor $Zhh,$Thh,$Zhh,lsr#4 - andpl $nhi,$nlo,#0xf0 - andpl $nlo,$nlo,#0x0f - eor $Zhh,$Zhh,$Tll,lsl#16 @ ^= rem_4bit[rem] - bpl .Loop -___ - &Zsmash(); -$code.=<<___; -#if __ARM_ARCH__>=5 - ldmia sp!,{r4-r11,pc} -#else - ldmia sp!,{r4-r11,lr} - tst lr,#1 - moveq pc,lr @ be binary compatible with V4, yet - bx lr @ interoperable with Thumb ISA:-) -#endif -.size gcm_gmult_4bit,.-gcm_gmult_4bit -___ -{ -my $cnt=$Htbl; # $Htbl is used once in the very beginning - -my ($Hhi, $Hlo, $Zo, $T, $xi, $mod) = map("d$_",(0..7)); -my ($Qhi, $Qlo, $Z, $R, $zero, $Qpost, $IN) = map("q$_",(8..15)); - -# Z:Zo keeps 128-bit result shifted by 1 to the right, with bottom bit -# in Zo. Or should I say "top bit", because GHASH is specified in -# reverse bit order? Otherwise straightforward 128-bt H by one input -# byte multiplication and modulo-reduction, times 16. - -sub Dlo() { shift=~m|q([1]?[0-9])|?"d".($1*2):""; } -sub Dhi() { shift=~m|q([1]?[0-9])|?"d".($1*2+1):""; } -sub Q() { shift=~m|d([1-3]?[02468])|?"q".($1/2):""; } - -$code.=<<___; -#if __ARM_ARCH__>=7 && !defined(__STRICT_ALIGNMENT) -.fpu neon - -.global gcm_gmult_neon -.type gcm_gmult_neon,%function -.align 4 -gcm_gmult_neon: - sub $Htbl,#16 @ point at H in GCM128_CTX - vld1.64 `&Dhi("$IN")`,[$Xi,:64]!@ load Xi - vmov.i32 $mod,#0xe1 @ our irreducible polynomial - vld1.64 `&Dlo("$IN")`,[$Xi,:64]! - vshr.u64 $mod,#32 - vldmia $Htbl,{$Hhi-$Hlo} @ load H - veor $zero,$zero -#ifdef __ARMEL__ - vrev64.8 $IN,$IN -#endif - veor $Qpost,$Qpost - veor $R,$R - mov $cnt,#16 - veor $Z,$Z - mov $len,#16 - veor $Zo,$Zo - vdup.8 $xi,`&Dlo("$IN")`[0] @ broadcast lowest byte - b .Linner_neon -.size gcm_gmult_neon,.-gcm_gmult_neon - -.global gcm_ghash_neon -.type gcm_ghash_neon,%function -.align 4 -gcm_ghash_neon: - vld1.64 `&Dhi("$Z")`,[$Xi,:64]! @ load Xi - vmov.i32 $mod,#0xe1 @ our irreducible polynomial - vld1.64 `&Dlo("$Z")`,[$Xi,:64]! - vshr.u64 $mod,#32 - vldmia $Xi,{$Hhi-$Hlo} @ load H - veor $zero,$zero - nop -#ifdef __ARMEL__ - vrev64.8 $Z,$Z -#endif -.Louter_neon: - vld1.64 `&Dhi($IN)`,[$inp]! @ load inp - veor $Qpost,$Qpost - vld1.64 `&Dlo($IN)`,[$inp]! - veor $R,$R - mov $cnt,#16 -#ifdef __ARMEL__ - vrev64.8 $IN,$IN -#endif - veor $Zo,$Zo - veor $IN,$Z @ inp^=Xi - veor $Z,$Z - vdup.8 $xi,`&Dlo("$IN")`[0] @ broadcast lowest byte -.Linner_neon: - subs $cnt,$cnt,#1 - vmull.p8 $Qlo,$Hlo,$xi @ H.lo·Xi[i] - vmull.p8 $Qhi,$Hhi,$xi @ H.hi·Xi[i] - vext.8 $IN,$zero,#1 @ IN>>=8 - - veor $Z,$Qpost @ modulo-scheduled part - vshl.i64 `&Dlo("$R")`,#48 - vdup.8 $xi,`&Dlo("$IN")`[0] @ broadcast lowest byte - veor $T,`&Dlo("$Qlo")`,`&Dlo("$Z")` - - veor `&Dhi("$Z")`,`&Dlo("$R")` - vuzp.8 $Qlo,$Qhi - vsli.8 $Zo,$T,#1 @ compose the "carry" byte - vext.8 $Z,$zero,#1 @ Z>>=8 - - vmull.p8 $R,$Zo,$mod @ "carry"·0xe1 - vshr.u8 $Zo,$T,#7 @ save Z's bottom bit - vext.8 $Qpost,$Qlo,$zero,#1 @ Qlo>>=8 - veor $Z,$Qhi - bne .Linner_neon - - veor $Z,$Qpost @ modulo-scheduled artefact - vshl.i64 `&Dlo("$R")`,#48 - veor `&Dhi("$Z")`,`&Dlo("$R")` - - @ finalization, normalize Z:Zo - vand $Zo,$mod @ suffices to mask the bit - vshr.u64 `&Dhi(&Q("$Zo"))`,`&Dlo("$Z")`,#63 - vshl.i64 $Z,#1 - subs $len,#16 - vorr $Z,`&Q("$Zo")` @ Z=Z:Zo<<1 - bne .Louter_neon - -#ifdef __ARMEL__ - vrev64.8 $Z,$Z -#endif - sub $Xi,#16 - vst1.64 `&Dhi("$Z")`,[$Xi,:64]! @ write out Xi - vst1.64 `&Dlo("$Z")`,[$Xi,:64] - - bx lr -.size gcm_ghash_neon,.-gcm_ghash_neon -#endif -___ -} -$code.=<<___; -.asciz "GHASH for ARMv4/NEON, CRYPTOGAMS by " -.align 2 -___ - -$code =~ s/\`([^\`]*)\`/eval $1/gem; -$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm; # make it possible to compile with -march=armv4 -print $code; -close STDOUT; # enforce flush diff --git a/src/lib/libcrypto/modes/asm/ghash-parisc.pl b/src/lib/libcrypto/modes/asm/ghash-parisc.pl deleted file mode 100644 index 3f98513105..0000000000 --- a/src/lib/libcrypto/modes/asm/ghash-parisc.pl +++ /dev/null @@ -1,740 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== -# -# April 2010 -# -# The module implements "4-bit" GCM GHASH function and underlying -# single multiplication operation in GF(2^128). "4-bit" means that it -# uses 256 bytes per-key table [+128 bytes shared table]. On PA-7100LC -# it processes one byte in 19.6 cycles, which is more than twice as -# fast as code generated by gcc 3.2. PA-RISC 2.0 loop is scheduled for -# 8 cycles, but measured performance on PA-8600 system is ~9 cycles per -# processed byte. This is ~2.2x faster than 64-bit code generated by -# vendor compiler (which used to be very hard to beat:-). -# -# Special thanks to polarhome.com for providing HP-UX account. - -$flavour = shift; -$output = shift; -open STDOUT,">$output"; - -if ($flavour =~ /64/) { - $LEVEL ="2.0W"; - $SIZE_T =8; - $FRAME_MARKER =80; - $SAVED_RP =16; - $PUSH ="std"; - $PUSHMA ="std,ma"; - $POP ="ldd"; - $POPMB ="ldd,mb"; - $NREGS =6; -} else { - $LEVEL ="1.0"; #"\n\t.ALLOW\t2.0"; - $SIZE_T =4; - $FRAME_MARKER =48; - $SAVED_RP =20; - $PUSH ="stw"; - $PUSHMA ="stwm"; - $POP ="ldw"; - $POPMB ="ldwm"; - $NREGS =11; -} - -$FRAME=10*$SIZE_T+$FRAME_MARKER;# NREGS saved regs + frame marker - # [+ argument transfer] - -################# volatile registers -$Xi="%r26"; # argument block -$Htbl="%r25"; -$inp="%r24"; -$len="%r23"; -$Hhh=$Htbl; # variables -$Hll="%r22"; -$Zhh="%r21"; -$Zll="%r20"; -$cnt="%r19"; -$rem_4bit="%r28"; -$rem="%r29"; -$mask0xf0="%r31"; - -################# preserved registers -$Thh="%r1"; -$Tll="%r2"; -$nlo="%r3"; -$nhi="%r4"; -$byte="%r5"; -if ($SIZE_T==4) { - $Zhl="%r6"; - $Zlh="%r7"; - $Hhl="%r8"; - $Hlh="%r9"; - $Thl="%r10"; - $Tlh="%r11"; -} -$rem2="%r6"; # used in PA-RISC 2.0 code - -$code.=<<___; - .LEVEL $LEVEL - .text - - .EXPORT gcm_gmult_4bit,ENTRY,ARGW0=GR,ARGW1=GR - .ALIGN 64 -gcm_gmult_4bit - .PROC - .CALLINFO FRAME=`$FRAME-10*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=$NREGS - .ENTRY - $PUSH %r2,-$SAVED_RP(%sp) ; standard prologue - $PUSHMA %r3,$FRAME(%sp) - $PUSH %r4,`-$FRAME+1*$SIZE_T`(%sp) - $PUSH %r5,`-$FRAME+2*$SIZE_T`(%sp) - $PUSH %r6,`-$FRAME+3*$SIZE_T`(%sp) -___ -$code.=<<___ if ($SIZE_T==4); - $PUSH %r7,`-$FRAME+4*$SIZE_T`(%sp) - $PUSH %r8,`-$FRAME+5*$SIZE_T`(%sp) - $PUSH %r9,`-$FRAME+6*$SIZE_T`(%sp) - $PUSH %r10,`-$FRAME+7*$SIZE_T`(%sp) - $PUSH %r11,`-$FRAME+8*$SIZE_T`(%sp) -___ -$code.=<<___; - addl $inp,$len,$len -#ifdef __PIC__ - addil LT'L\$rem_4bit, %r19 - ldw RT'L\$rem_4bit(%r1), $rem_4bit -#else - ldil L'L\$rem_4bit, %t1 - ldo R'L\$rem_4bit(%t1), $rem_4bit -#endif - ldi 0xf0,$mask0xf0 -___ -$code.=<<___ if ($SIZE_T==4); -#ifndef __OpenBSD__ - ldi 31,$rem - mtctl $rem,%cr11 - extrd,u,*= $rem,%sar,1,$rem ; executes on PA-RISC 1.0 - b L\$parisc1_gmult - nop -___ - -$code.=<<___; - ldb 15($Xi),$nlo - ldo 8($Htbl),$Hll - - and $mask0xf0,$nlo,$nhi - depd,z $nlo,59,4,$nlo - - ldd $nlo($Hll),$Zll - ldd $nlo($Hhh),$Zhh - - depd,z $Zll,60,4,$rem - shrpd $Zhh,$Zll,4,$Zll - extrd,u $Zhh,59,60,$Zhh - ldb 14($Xi),$nlo - - ldd $nhi($Hll),$Tll - ldd $nhi($Hhh),$Thh - and $mask0xf0,$nlo,$nhi - depd,z $nlo,59,4,$nlo - - xor $Tll,$Zll,$Zll - xor $Thh,$Zhh,$Zhh - ldd $rem($rem_4bit),$rem - b L\$oop_gmult_pa2 - ldi 13,$cnt - - .ALIGN 8 -L\$oop_gmult_pa2 - xor $rem,$Zhh,$Zhh ; moved here to work around gas bug - depd,z $Zll,60,4,$rem - - shrpd $Zhh,$Zll,4,$Zll - extrd,u $Zhh,59,60,$Zhh - ldd $nlo($Hll),$Tll - ldd $nlo($Hhh),$Thh - - xor $Tll,$Zll,$Zll - xor $Thh,$Zhh,$Zhh - ldd $rem($rem_4bit),$rem - - xor $rem,$Zhh,$Zhh - depd,z $Zll,60,4,$rem - ldbx $cnt($Xi),$nlo - - shrpd $Zhh,$Zll,4,$Zll - extrd,u $Zhh,59,60,$Zhh - ldd $nhi($Hll),$Tll - ldd $nhi($Hhh),$Thh - - and $mask0xf0,$nlo,$nhi - depd,z $nlo,59,4,$nlo - ldd $rem($rem_4bit),$rem - - xor $Tll,$Zll,$Zll - addib,uv -1,$cnt,L\$oop_gmult_pa2 - xor $Thh,$Zhh,$Zhh - - xor $rem,$Zhh,$Zhh - depd,z $Zll,60,4,$rem - - shrpd $Zhh,$Zll,4,$Zll - extrd,u $Zhh,59,60,$Zhh - ldd $nlo($Hll),$Tll - ldd $nlo($Hhh),$Thh - - xor $Tll,$Zll,$Zll - xor $Thh,$Zhh,$Zhh - ldd $rem($rem_4bit),$rem - - xor $rem,$Zhh,$Zhh - depd,z $Zll,60,4,$rem - - shrpd $Zhh,$Zll,4,$Zll - extrd,u $Zhh,59,60,$Zhh - ldd $nhi($Hll),$Tll - ldd $nhi($Hhh),$Thh - - xor $Tll,$Zll,$Zll - xor $Thh,$Zhh,$Zhh - ldd $rem($rem_4bit),$rem - - xor $rem,$Zhh,$Zhh - std $Zll,8($Xi) - std $Zhh,0($Xi) -___ - -$code.=<<___ if ($SIZE_T==4); - b L\$done_gmult - nop - -L\$parisc1_gmult -#endif - ldb 15($Xi),$nlo - ldo 12($Htbl),$Hll - ldo 8($Htbl),$Hlh - ldo 4($Htbl),$Hhl - - and $mask0xf0,$nlo,$nhi - zdep $nlo,27,4,$nlo - - ldwx $nlo($Hll),$Zll - ldwx $nlo($Hlh),$Zlh - ldwx $nlo($Hhl),$Zhl - ldwx $nlo($Hhh),$Zhh - zdep $Zll,28,4,$rem - ldb 14($Xi),$nlo - ldwx $rem($rem_4bit),$rem - shrpw $Zlh,$Zll,4,$Zll - ldwx $nhi($Hll),$Tll - shrpw $Zhl,$Zlh,4,$Zlh - ldwx $nhi($Hlh),$Tlh - shrpw $Zhh,$Zhl,4,$Zhl - ldwx $nhi($Hhl),$Thl - extru $Zhh,27,28,$Zhh - ldwx $nhi($Hhh),$Thh - xor $rem,$Zhh,$Zhh - and $mask0xf0,$nlo,$nhi - zdep $nlo,27,4,$nlo - - xor $Tll,$Zll,$Zll - ldwx $nlo($Hll),$Tll - xor $Tlh,$Zlh,$Zlh - ldwx $nlo($Hlh),$Tlh - xor $Thl,$Zhl,$Zhl - b L\$oop_gmult_pa1 - ldi 13,$cnt - - .ALIGN 8 -L\$oop_gmult_pa1 - zdep $Zll,28,4,$rem - ldwx $nlo($Hhl),$Thl - xor $Thh,$Zhh,$Zhh - ldwx $rem($rem_4bit),$rem - shrpw $Zlh,$Zll,4,$Zll - ldwx $nlo($Hhh),$Thh - shrpw $Zhl,$Zlh,4,$Zlh - ldbx $cnt($Xi),$nlo - xor $Tll,$Zll,$Zll - ldwx $nhi($Hll),$Tll - shrpw $Zhh,$Zhl,4,$Zhl - xor $Tlh,$Zlh,$Zlh - ldwx $nhi($Hlh),$Tlh - extru $Zhh,27,28,$Zhh - xor $Thl,$Zhl,$Zhl - ldwx $nhi($Hhl),$Thl - xor $rem,$Zhh,$Zhh - zdep $Zll,28,4,$rem - xor $Thh,$Zhh,$Zhh - ldwx $nhi($Hhh),$Thh - shrpw $Zlh,$Zll,4,$Zll - ldwx $rem($rem_4bit),$rem - shrpw $Zhl,$Zlh,4,$Zlh - shrpw $Zhh,$Zhl,4,$Zhl - and $mask0xf0,$nlo,$nhi - extru $Zhh,27,28,$Zhh - zdep $nlo,27,4,$nlo - xor $Tll,$Zll,$Zll - ldwx $nlo($Hll),$Tll - xor $Tlh,$Zlh,$Zlh - ldwx $nlo($Hlh),$Tlh - xor $rem,$Zhh,$Zhh - addib,uv -1,$cnt,L\$oop_gmult_pa1 - xor $Thl,$Zhl,$Zhl - - zdep $Zll,28,4,$rem - ldwx $nlo($Hhl),$Thl - xor $Thh,$Zhh,$Zhh - ldwx $rem($rem_4bit),$rem - shrpw $Zlh,$Zll,4,$Zll - ldwx $nlo($Hhh),$Thh - shrpw $Zhl,$Zlh,4,$Zlh - xor $Tll,$Zll,$Zll - ldwx $nhi($Hll),$Tll - shrpw $Zhh,$Zhl,4,$Zhl - xor $Tlh,$Zlh,$Zlh - ldwx $nhi($Hlh),$Tlh - extru $Zhh,27,28,$Zhh - xor $rem,$Zhh,$Zhh - xor $Thl,$Zhl,$Zhl - ldwx $nhi($Hhl),$Thl - xor $Thh,$Zhh,$Zhh - ldwx $nhi($Hhh),$Thh - zdep $Zll,28,4,$rem - ldwx $rem($rem_4bit),$rem - shrpw $Zlh,$Zll,4,$Zll - shrpw $Zhl,$Zlh,4,$Zlh - shrpw $Zhh,$Zhl,4,$Zhl - extru $Zhh,27,28,$Zhh - xor $Tll,$Zll,$Zll - xor $Tlh,$Zlh,$Zlh - xor $rem,$Zhh,$Zhh - stw $Zll,12($Xi) - xor $Thl,$Zhl,$Zhl - stw $Zlh,8($Xi) - xor $Thh,$Zhh,$Zhh - stw $Zhl,4($Xi) - stw $Zhh,0($Xi) -___ -$code.=<<___; -L\$done_gmult - $POP `-$FRAME-$SAVED_RP`(%sp),%r2 ; standard epilogue - $POP `-$FRAME+1*$SIZE_T`(%sp),%r4 - $POP `-$FRAME+2*$SIZE_T`(%sp),%r5 - $POP `-$FRAME+3*$SIZE_T`(%sp),%r6 -___ -$code.=<<___ if ($SIZE_T==4); - $POP `-$FRAME+4*$SIZE_T`(%sp),%r7 - $POP `-$FRAME+5*$SIZE_T`(%sp),%r8 - $POP `-$FRAME+6*$SIZE_T`(%sp),%r9 - $POP `-$FRAME+7*$SIZE_T`(%sp),%r10 - $POP `-$FRAME+8*$SIZE_T`(%sp),%r11 -___ -$code.=<<___; - bv (%r2) - .EXIT - $POPMB -$FRAME(%sp),%r3 - .PROCEND - - .EXPORT gcm_ghash_4bit,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR - .ALIGN 64 -gcm_ghash_4bit - .PROC - .CALLINFO FRAME=`$FRAME-10*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=11 - .ENTRY - $PUSH %r2,-$SAVED_RP(%sp) ; standard prologue - $PUSHMA %r3,$FRAME(%sp) - $PUSH %r4,`-$FRAME+1*$SIZE_T`(%sp) - $PUSH %r5,`-$FRAME+2*$SIZE_T`(%sp) - $PUSH %r6,`-$FRAME+3*$SIZE_T`(%sp) -___ -$code.=<<___ if ($SIZE_T==4); - $PUSH %r7,`-$FRAME+4*$SIZE_T`(%sp) - $PUSH %r8,`-$FRAME+5*$SIZE_T`(%sp) - $PUSH %r9,`-$FRAME+6*$SIZE_T`(%sp) - $PUSH %r10,`-$FRAME+7*$SIZE_T`(%sp) - $PUSH %r11,`-$FRAME+8*$SIZE_T`(%sp) -___ -$code.=<<___; - addl $inp,$len,$len -#ifdef __PIC__ - addil LT'L\$rem_4bit, %r19 - ldw RT'L\$rem_4bit(%r1), $rem_4bit -#else - ldil L'L\$rem_4bit, %t1 - ldo R'L\$rem_4bit(%t1), $rem_4bit -#endif - ldi 0xf0,$mask0xf0 -___ -$code.=<<___ if ($SIZE_T==4); -#ifndef __OpenBSD__ - ldi 31,$rem - mtctl $rem,%cr11 - extrd,u,*= $rem,%sar,1,$rem ; executes on PA-RISC 1.0 - b L\$parisc1_ghash - nop -___ - -$code.=<<___; - ldb 15($Xi),$nlo - ldo 8($Htbl),$Hll - -L\$outer_ghash_pa2 - ldb 15($inp),$nhi - xor $nhi,$nlo,$nlo - and $mask0xf0,$nlo,$nhi - depd,z $nlo,59,4,$nlo - - ldd $nlo($Hll),$Zll - ldd $nlo($Hhh),$Zhh - - depd,z $Zll,60,4,$rem - shrpd $Zhh,$Zll,4,$Zll - extrd,u $Zhh,59,60,$Zhh - ldb 14($Xi),$nlo - ldb 14($inp),$byte - - ldd $nhi($Hll),$Tll - ldd $nhi($Hhh),$Thh - xor $byte,$nlo,$nlo - and $mask0xf0,$nlo,$nhi - depd,z $nlo,59,4,$nlo - - xor $Tll,$Zll,$Zll - xor $Thh,$Zhh,$Zhh - ldd $rem($rem_4bit),$rem - b L\$oop_ghash_pa2 - ldi 13,$cnt - - .ALIGN 8 -L\$oop_ghash_pa2 - xor $rem,$Zhh,$Zhh ; moved here to work around gas bug - depd,z $Zll,60,4,$rem2 - - shrpd $Zhh,$Zll,4,$Zll - extrd,u $Zhh,59,60,$Zhh - ldd $nlo($Hll),$Tll - ldd $nlo($Hhh),$Thh - - xor $Tll,$Zll,$Zll - xor $Thh,$Zhh,$Zhh - ldbx $cnt($Xi),$nlo - ldbx $cnt($inp),$byte - - depd,z $Zll,60,4,$rem - shrpd $Zhh,$Zll,4,$Zll - ldd $rem2($rem_4bit),$rem2 - - xor $rem2,$Zhh,$Zhh - xor $byte,$nlo,$nlo - ldd $nhi($Hll),$Tll - ldd $nhi($Hhh),$Thh - - and $mask0xf0,$nlo,$nhi - depd,z $nlo,59,4,$nlo - - extrd,u $Zhh,59,60,$Zhh - xor $Tll,$Zll,$Zll - - ldd $rem($rem_4bit),$rem - addib,uv -1,$cnt,L\$oop_ghash_pa2 - xor $Thh,$Zhh,$Zhh - - xor $rem,$Zhh,$Zhh - depd,z $Zll,60,4,$rem2 - - shrpd $Zhh,$Zll,4,$Zll - extrd,u $Zhh,59,60,$Zhh - ldd $nlo($Hll),$Tll - ldd $nlo($Hhh),$Thh - - xor $Tll,$Zll,$Zll - xor $Thh,$Zhh,$Zhh - - depd,z $Zll,60,4,$rem - shrpd $Zhh,$Zll,4,$Zll - ldd $rem2($rem_4bit),$rem2 - - xor $rem2,$Zhh,$Zhh - ldd $nhi($Hll),$Tll - ldd $nhi($Hhh),$Thh - - extrd,u $Zhh,59,60,$Zhh - xor $Tll,$Zll,$Zll - xor $Thh,$Zhh,$Zhh - ldd $rem($rem_4bit),$rem - - xor $rem,$Zhh,$Zhh - std $Zll,8($Xi) - ldo 16($inp),$inp - std $Zhh,0($Xi) - cmpb,*<> $inp,$len,L\$outer_ghash_pa2 - copy $Zll,$nlo -___ - -$code.=<<___ if ($SIZE_T==4); - b L\$done_ghash - nop - -L\$parisc1_ghash -#endif - ldb 15($Xi),$nlo - ldo 12($Htbl),$Hll - ldo 8($Htbl),$Hlh - ldo 4($Htbl),$Hhl - -L\$outer_ghash_pa1 - ldb 15($inp),$byte - xor $byte,$nlo,$nlo - and $mask0xf0,$nlo,$nhi - zdep $nlo,27,4,$nlo - - ldwx $nlo($Hll),$Zll - ldwx $nlo($Hlh),$Zlh - ldwx $nlo($Hhl),$Zhl - ldwx $nlo($Hhh),$Zhh - zdep $Zll,28,4,$rem - ldb 14($Xi),$nlo - ldb 14($inp),$byte - ldwx $rem($rem_4bit),$rem - shrpw $Zlh,$Zll,4,$Zll - ldwx $nhi($Hll),$Tll - shrpw $Zhl,$Zlh,4,$Zlh - ldwx $nhi($Hlh),$Tlh - shrpw $Zhh,$Zhl,4,$Zhl - ldwx $nhi($Hhl),$Thl - extru $Zhh,27,28,$Zhh - ldwx $nhi($Hhh),$Thh - xor $byte,$nlo,$nlo - xor $rem,$Zhh,$Zhh - and $mask0xf0,$nlo,$nhi - zdep $nlo,27,4,$nlo - - xor $Tll,$Zll,$Zll - ldwx $nlo($Hll),$Tll - xor $Tlh,$Zlh,$Zlh - ldwx $nlo($Hlh),$Tlh - xor $Thl,$Zhl,$Zhl - b L\$oop_ghash_pa1 - ldi 13,$cnt - - .ALIGN 8 -L\$oop_ghash_pa1 - zdep $Zll,28,4,$rem - ldwx $nlo($Hhl),$Thl - xor $Thh,$Zhh,$Zhh - ldwx $rem($rem_4bit),$rem - shrpw $Zlh,$Zll,4,$Zll - ldwx $nlo($Hhh),$Thh - shrpw $Zhl,$Zlh,4,$Zlh - ldbx $cnt($Xi),$nlo - xor $Tll,$Zll,$Zll - ldwx $nhi($Hll),$Tll - shrpw $Zhh,$Zhl,4,$Zhl - ldbx $cnt($inp),$byte - xor $Tlh,$Zlh,$Zlh - ldwx $nhi($Hlh),$Tlh - extru $Zhh,27,28,$Zhh - xor $Thl,$Zhl,$Zhl - ldwx $nhi($Hhl),$Thl - xor $rem,$Zhh,$Zhh - zdep $Zll,28,4,$rem - xor $Thh,$Zhh,$Zhh - ldwx $nhi($Hhh),$Thh - shrpw $Zlh,$Zll,4,$Zll - ldwx $rem($rem_4bit),$rem - shrpw $Zhl,$Zlh,4,$Zlh - xor $byte,$nlo,$nlo - shrpw $Zhh,$Zhl,4,$Zhl - and $mask0xf0,$nlo,$nhi - extru $Zhh,27,28,$Zhh - zdep $nlo,27,4,$nlo - xor $Tll,$Zll,$Zll - ldwx $nlo($Hll),$Tll - xor $Tlh,$Zlh,$Zlh - ldwx $nlo($Hlh),$Tlh - xor $rem,$Zhh,$Zhh - addib,uv -1,$cnt,L\$oop_ghash_pa1 - xor $Thl,$Zhl,$Zhl - - zdep $Zll,28,4,$rem - ldwx $nlo($Hhl),$Thl - xor $Thh,$Zhh,$Zhh - ldwx $rem($rem_4bit),$rem - shrpw $Zlh,$Zll,4,$Zll - ldwx $nlo($Hhh),$Thh - shrpw $Zhl,$Zlh,4,$Zlh - xor $Tll,$Zll,$Zll - ldwx $nhi($Hll),$Tll - shrpw $Zhh,$Zhl,4,$Zhl - xor $Tlh,$Zlh,$Zlh - ldwx $nhi($Hlh),$Tlh - extru $Zhh,27,28,$Zhh - xor $rem,$Zhh,$Zhh - xor $Thl,$Zhl,$Zhl - ldwx $nhi($Hhl),$Thl - xor $Thh,$Zhh,$Zhh - ldwx $nhi($Hhh),$Thh - zdep $Zll,28,4,$rem - ldwx $rem($rem_4bit),$rem - shrpw $Zlh,$Zll,4,$Zll - shrpw $Zhl,$Zlh,4,$Zlh - shrpw $Zhh,$Zhl,4,$Zhl - extru $Zhh,27,28,$Zhh - xor $Tll,$Zll,$Zll - xor $Tlh,$Zlh,$Zlh - xor $rem,$Zhh,$Zhh - stw $Zll,12($Xi) - xor $Thl,$Zhl,$Zhl - stw $Zlh,8($Xi) - xor $Thh,$Zhh,$Zhh - stw $Zhl,4($Xi) - ldo 16($inp),$inp - stw $Zhh,0($Xi) - comb,<> $inp,$len,L\$outer_ghash_pa1 - copy $Zll,$nlo -___ -$code.=<<___; -L\$done_ghash - $POP `-$FRAME-$SAVED_RP`(%sp),%r2 ; standard epilogue - $POP `-$FRAME+1*$SIZE_T`(%sp),%r4 - $POP `-$FRAME+2*$SIZE_T`(%sp),%r5 - $POP `-$FRAME+3*$SIZE_T`(%sp),%r6 -___ -$code.=<<___ if ($SIZE_T==4); - $POP `-$FRAME+4*$SIZE_T`(%sp),%r7 - $POP `-$FRAME+5*$SIZE_T`(%sp),%r8 - $POP `-$FRAME+6*$SIZE_T`(%sp),%r9 - $POP `-$FRAME+7*$SIZE_T`(%sp),%r10 - $POP `-$FRAME+8*$SIZE_T`(%sp),%r11 -___ -$code.=<<___; - bv (%r2) - .EXIT - $POPMB -$FRAME(%sp),%r3 - .PROCEND - - .section .rodata - .ALIGN 64 -L\$rem_4bit - .WORD `0x0000<<16`,0,`0x1C20<<16`,0,`0x3840<<16`,0,`0x2460<<16`,0 - .WORD `0x7080<<16`,0,`0x6CA0<<16`,0,`0x48C0<<16`,0,`0x54E0<<16`,0 - .WORD `0xE100<<16`,0,`0xFD20<<16`,0,`0xD940<<16`,0,`0xC560<<16`,0 - .WORD `0x9180<<16`,0,`0x8DA0<<16`,0,`0xA9C0<<16`,0,`0xB5E0<<16`,0 - .previous - - .ALIGN 64 -___ - -# Explicitly encode PA-RISC 2.0 instructions used in this module, so -# that it can be compiled with .LEVEL 1.0. It should be noted that I -# wouldn't have to do this, if GNU assembler understood .ALLOW 2.0 -# directive... - -my $ldd = sub { - my ($mod,$args) = @_; - my $orig = "ldd$mod\t$args"; - - if ($args =~ /%r([0-9]+)\(%r([0-9]+)\),%r([0-9]+)/) # format 4 - { my $opcode=(0x03<<26)|($2<<21)|($1<<16)|(3<<6)|$3; - sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig; - } - elsif ($args =~ /(\-?[0-9]+)\(%r([0-9]+)\),%r([0-9]+)/) # format 5 - { my $opcode=(0x03<<26)|($2<<21)|(1<<12)|(3<<6)|$3; - $opcode|=(($1&0xF)<<17)|(($1&0x10)<<12); # encode offset - $opcode|=(1<<5) if ($mod =~ /^,m/); - $opcode|=(1<<13) if ($mod =~ /^,mb/); - sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig; - } - else { "\t".$orig; } -}; - -my $std = sub { - my ($mod,$args) = @_; - my $orig = "std$mod\t$args"; - - if ($args =~ /%r([0-9]+),(\-?[0-9]+)\(%r([0-9]+)\)/) # format 3 suffices - { my $opcode=(0x1c<<26)|($3<<21)|($1<<16)|(($2&0x1FF8)<<1)|(($2>>13)&1); - sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig; - } - else { "\t".$orig; } -}; - -my $extrd = sub { - my ($mod,$args) = @_; - my $orig = "extrd$mod\t$args"; - - # I only have ",u" completer, it's implicitly encoded... - if ($args =~ /%r([0-9]+),([0-9]+),([0-9]+),%r([0-9]+)/) # format 15 - { my $opcode=(0x36<<26)|($1<<21)|($4<<16); - my $len=32-$3; - $opcode |= (($2&0x20)<<6)|(($2&0x1f)<<5); # encode pos - $opcode |= (($len&0x20)<<7)|($len&0x1f); # encode len - sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig; - } - elsif ($args =~ /%r([0-9]+),%sar,([0-9]+),%r([0-9]+)/) # format 12 - { my $opcode=(0x34<<26)|($1<<21)|($3<<16)|(2<<11)|(1<<9); - my $len=32-$2; - $opcode |= (($len&0x20)<<3)|($len&0x1f); # encode len - $opcode |= (1<<13) if ($mod =~ /,\**=/); - sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig; - } - else { "\t".$orig; } -}; - -my $shrpd = sub { - my ($mod,$args) = @_; - my $orig = "shrpd$mod\t$args"; - - if ($args =~ /%r([0-9]+),%r([0-9]+),([0-9]+),%r([0-9]+)/) # format 14 - { my $opcode=(0x34<<26)|($2<<21)|($1<<16)|(1<<10)|$4; - my $cpos=63-$3; - $opcode |= (($cpos&0x20)<<6)|(($cpos&0x1f)<<5); # encode sa - sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig; - } - elsif ($args =~ /%r([0-9]+),%r([0-9]+),%sar,%r([0-9]+)/) # format 11 - { sprintf "\t.WORD\t0x%08x\t; %s", - (0x34<<26)|($2<<21)|($1<<16)|(1<<9)|$3,$orig; - } - else { "\t".$orig; } -}; - -my $depd = sub { - my ($mod,$args) = @_; - my $orig = "depd$mod\t$args"; - - # I only have ",z" completer, it's implicitly encoded... - if ($args =~ /%r([0-9]+),([0-9]+),([0-9]+),%r([0-9]+)/) # format 16 - { my $opcode=(0x3c<<26)|($4<<21)|($1<<16); - my $cpos=63-$2; - my $len=32-$3; - $opcode |= (($cpos&0x20)<<6)|(($cpos&0x1f)<<5); # encode pos - $opcode |= (($len&0x20)<<7)|($len&0x1f); # encode len - sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig; - } - else { "\t".$orig; } -}; - -sub assemble { - my ($mnemonic,$mod,$args)=@_; - my $opcode = eval("\$$mnemonic"); - - ref($opcode) eq 'CODE' ? &$opcode($mod,$args) : "\t$mnemonic$mod\t$args"; -} - -foreach (split("\n",$code)) { - s/\`([^\`]*)\`/eval $1/ge; - if ($SIZE_T==4) { - s/^\s+([a-z]+)([\S]*)\s+([\S]*)/&assemble($1,$2,$3)/e; - s/cmpb,\*/comb,/; - s/,\*/,/; - } - s/\bbv\b/bve/ if ($SIZE_T==8); - print $_,"\n"; -} - -close STDOUT; diff --git a/src/lib/libcrypto/modes/asm/ghash-sparcv9.pl b/src/lib/libcrypto/modes/asm/ghash-sparcv9.pl deleted file mode 100644 index ce75045f09..0000000000 --- a/src/lib/libcrypto/modes/asm/ghash-sparcv9.pl +++ /dev/null @@ -1,351 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# March 2010 -# -# The module implements "4-bit" GCM GHASH function and underlying -# single multiplication operation in GF(2^128). "4-bit" means that it -# uses 256 bytes per-key table [+128 bytes shared table]. Performance -# results are for streamed GHASH subroutine on UltraSPARC pre-Tx CPU -# and are expressed in cycles per processed byte, less is better: -# -# gcc 3.3.x cc 5.2 this assembler -# -# 32-bit build 81.4 43.3 12.6 (+546%/+244%) -# 64-bit build 20.2 21.2 12.6 (+60%/+68%) -# -# Here is data collected on UltraSPARC T1 system running Linux: -# -# gcc 4.4.1 this assembler -# -# 32-bit build 566 50 (+1000%) -# 64-bit build 56 50 (+12%) -# -# I don't quite understand why difference between 32-bit and 64-bit -# compiler-generated code is so big. Compilers *were* instructed to -# generate code for UltraSPARC and should have used 64-bit registers -# for Z vector (see C code) even in 32-bit build... Oh well, it only -# means more impressive improvement coefficients for this assembler -# module;-) Loops are aggressively modulo-scheduled in respect to -# references to input data and Z.hi updates to achieve 12 cycles -# timing. To anchor to something else, sha1-sparcv9.pl spends 11.6 -# cycles to process one byte on UltraSPARC pre-Tx CPU and ~24 on T1. - -$bits=32; -for (@ARGV) { $bits=64 if (/\-m64/ || /\-xarch\=v9/); } -if ($bits==64) { $bias=2047; $frame=192; } -else { $bias=0; $frame=112; } - -$output=shift; -open STDOUT,">$output"; - -$Zhi="%o0"; # 64-bit values -$Zlo="%o1"; -$Thi="%o2"; -$Tlo="%o3"; -$rem="%o4"; -$tmp="%o5"; - -$nhi="%l0"; # small values and pointers -$nlo="%l1"; -$xi0="%l2"; -$xi1="%l3"; -$rem_4bit="%l4"; -$remi="%l5"; -$Htblo="%l6"; -$cnt="%l7"; - -$Xi="%i0"; # input argument block -$Htbl="%i1"; -$inp="%i2"; -$len="%i3"; - -$code.=<<___; -.section ".rodata",#alloc - -.align 64 -rem_4bit: - .long `0x0000<<16`,0,`0x1C20<<16`,0,`0x3840<<16`,0,`0x2460<<16`,0 - .long `0x7080<<16`,0,`0x6CA0<<16`,0,`0x48C0<<16`,0,`0x54E0<<16`,0 - .long `0xE100<<16`,0,`0xFD20<<16`,0,`0xD940<<16`,0,`0xC560<<16`,0 - .long `0x9180<<16`,0,`0x8DA0<<16`,0,`0xA9C0<<16`,0,`0xB5E0<<16`,0 -.type rem_4bit,#object -.size rem_4bit,(.-rem_4bit) - -.section ".text",#alloc,#execinstr -.globl gcm_ghash_4bit -.align 32 -gcm_ghash_4bit: - save %sp,-$frame,%sp -#ifdef __PIC__ - sethi %hi(_GLOBAL_OFFSET_TABLE_-4), $tmp - rd %pc, $rem - or $tmp, %lo(_GLOBAL_OFFSET_TABLE_+4), $tmp - add $tmp, $rem, $tmp -#endif - - ldub [$inp+15],$nlo - ldub [$Xi+15],$xi0 - ldub [$Xi+14],$xi1 - add $len,$inp,$len - add $Htbl,8,$Htblo - -#ifdef __PIC__ - set rem_4bit, $rem_4bit - ldx [$rem_4bit+$tmp], $rem_4bit -#else - set rem_4bit, $rem_4bit -#endif - -.Louter: - xor $xi0,$nlo,$nlo - and $nlo,0xf0,$nhi - and $nlo,0x0f,$nlo - sll $nlo,4,$nlo - ldx [$Htblo+$nlo],$Zlo - ldx [$Htbl+$nlo],$Zhi - - ldub [$inp+14],$nlo - - ldx [$Htblo+$nhi],$Tlo - and $Zlo,0xf,$remi - ldx [$Htbl+$nhi],$Thi - sll $remi,3,$remi - ldx [$rem_4bit+$remi],$rem - srlx $Zlo,4,$Zlo - mov 13,$cnt - sllx $Zhi,60,$tmp - xor $Tlo,$Zlo,$Zlo - srlx $Zhi,4,$Zhi - xor $Zlo,$tmp,$Zlo - - xor $xi1,$nlo,$nlo - and $Zlo,0xf,$remi - and $nlo,0xf0,$nhi - and $nlo,0x0f,$nlo - ba .Lghash_inner - sll $nlo,4,$nlo -.align 32 -.Lghash_inner: - ldx [$Htblo+$nlo],$Tlo - sll $remi,3,$remi - xor $Thi,$Zhi,$Zhi - ldx [$Htbl+$nlo],$Thi - srlx $Zlo,4,$Zlo - xor $rem,$Zhi,$Zhi - ldx [$rem_4bit+$remi],$rem - sllx $Zhi,60,$tmp - xor $Tlo,$Zlo,$Zlo - ldub [$inp+$cnt],$nlo - srlx $Zhi,4,$Zhi - xor $Zlo,$tmp,$Zlo - ldub [$Xi+$cnt],$xi1 - xor $Thi,$Zhi,$Zhi - and $Zlo,0xf,$remi - - ldx [$Htblo+$nhi],$Tlo - sll $remi,3,$remi - xor $rem,$Zhi,$Zhi - ldx [$Htbl+$nhi],$Thi - srlx $Zlo,4,$Zlo - ldx [$rem_4bit+$remi],$rem - sllx $Zhi,60,$tmp - xor $xi1,$nlo,$nlo - srlx $Zhi,4,$Zhi - and $nlo,0xf0,$nhi - addcc $cnt,-1,$cnt - xor $Zlo,$tmp,$Zlo - and $nlo,0x0f,$nlo - xor $Tlo,$Zlo,$Zlo - sll $nlo,4,$nlo - blu .Lghash_inner - and $Zlo,0xf,$remi - - ldx [$Htblo+$nlo],$Tlo - sll $remi,3,$remi - xor $Thi,$Zhi,$Zhi - ldx [$Htbl+$nlo],$Thi - srlx $Zlo,4,$Zlo - xor $rem,$Zhi,$Zhi - ldx [$rem_4bit+$remi],$rem - sllx $Zhi,60,$tmp - xor $Tlo,$Zlo,$Zlo - srlx $Zhi,4,$Zhi - xor $Zlo,$tmp,$Zlo - xor $Thi,$Zhi,$Zhi - - add $inp,16,$inp - cmp $inp,$len - be,pn `$bits==64?"%xcc":"%icc"`,.Ldone - and $Zlo,0xf,$remi - - ldx [$Htblo+$nhi],$Tlo - sll $remi,3,$remi - xor $rem,$Zhi,$Zhi - ldx [$Htbl+$nhi],$Thi - srlx $Zlo,4,$Zlo - ldx [$rem_4bit+$remi],$rem - sllx $Zhi,60,$tmp - xor $Tlo,$Zlo,$Zlo - ldub [$inp+15],$nlo - srlx $Zhi,4,$Zhi - xor $Zlo,$tmp,$Zlo - xor $Thi,$Zhi,$Zhi - stx $Zlo,[$Xi+8] - xor $rem,$Zhi,$Zhi - stx $Zhi,[$Xi] - srl $Zlo,8,$xi1 - and $Zlo,0xff,$xi0 - ba .Louter - and $xi1,0xff,$xi1 -.align 32 -.Ldone: - ldx [$Htblo+$nhi],$Tlo - sll $remi,3,$remi - xor $rem,$Zhi,$Zhi - ldx [$Htbl+$nhi],$Thi - srlx $Zlo,4,$Zlo - ldx [$rem_4bit+$remi],$rem - sllx $Zhi,60,$tmp - xor $Tlo,$Zlo,$Zlo - srlx $Zhi,4,$Zhi - xor $Zlo,$tmp,$Zlo - xor $Thi,$Zhi,$Zhi - stx $Zlo,[$Xi+8] - xor $rem,$Zhi,$Zhi - stx $Zhi,[$Xi] - - ret - restore -.type gcm_ghash_4bit,#function -.size gcm_ghash_4bit,(.-gcm_ghash_4bit) -___ - -undef $inp; -undef $len; - -$code.=<<___; -.globl gcm_gmult_4bit -.align 32 -gcm_gmult_4bit: - save %sp,-$frame,%sp -#ifdef __PIC__ - sethi %hi(_GLOBAL_OFFSET_TABLE_-4), $tmp - rd %pc, $rem - or $tmp, %lo(_GLOBAL_OFFSET_TABLE_+4), $tmp - add $tmp, $rem, $tmp -#endif - - ldub [$Xi+15],$nlo - add $Htbl,8,$Htblo - -#ifdef __PIC__ - set rem_4bit, $rem_4bit - ldx [$rem_4bit+$tmp], $rem_4bit -#else - set rem_4bit, $rem_4bit -#endif - - and $nlo,0xf0,$nhi - and $nlo,0x0f,$nlo - sll $nlo,4,$nlo - ldx [$Htblo+$nlo],$Zlo - ldx [$Htbl+$nlo],$Zhi - - ldub [$Xi+14],$nlo - - ldx [$Htblo+$nhi],$Tlo - and $Zlo,0xf,$remi - ldx [$Htbl+$nhi],$Thi - sll $remi,3,$remi - ldx [$rem_4bit+$remi],$rem - srlx $Zlo,4,$Zlo - mov 13,$cnt - sllx $Zhi,60,$tmp - xor $Tlo,$Zlo,$Zlo - srlx $Zhi,4,$Zhi - xor $Zlo,$tmp,$Zlo - - and $Zlo,0xf,$remi - and $nlo,0xf0,$nhi - and $nlo,0x0f,$nlo - ba .Lgmult_inner - sll $nlo,4,$nlo -.align 32 -.Lgmult_inner: - ldx [$Htblo+$nlo],$Tlo - sll $remi,3,$remi - xor $Thi,$Zhi,$Zhi - ldx [$Htbl+$nlo],$Thi - srlx $Zlo,4,$Zlo - xor $rem,$Zhi,$Zhi - ldx [$rem_4bit+$remi],$rem - sllx $Zhi,60,$tmp - xor $Tlo,$Zlo,$Zlo - ldub [$Xi+$cnt],$nlo - srlx $Zhi,4,$Zhi - xor $Zlo,$tmp,$Zlo - xor $Thi,$Zhi,$Zhi - and $Zlo,0xf,$remi - - ldx [$Htblo+$nhi],$Tlo - sll $remi,3,$remi - xor $rem,$Zhi,$Zhi - ldx [$Htbl+$nhi],$Thi - srlx $Zlo,4,$Zlo - ldx [$rem_4bit+$remi],$rem - sllx $Zhi,60,$tmp - srlx $Zhi,4,$Zhi - and $nlo,0xf0,$nhi - addcc $cnt,-1,$cnt - xor $Zlo,$tmp,$Zlo - and $nlo,0x0f,$nlo - xor $Tlo,$Zlo,$Zlo - sll $nlo,4,$nlo - blu .Lgmult_inner - and $Zlo,0xf,$remi - - ldx [$Htblo+$nlo],$Tlo - sll $remi,3,$remi - xor $Thi,$Zhi,$Zhi - ldx [$Htbl+$nlo],$Thi - srlx $Zlo,4,$Zlo - xor $rem,$Zhi,$Zhi - ldx [$rem_4bit+$remi],$rem - sllx $Zhi,60,$tmp - xor $Tlo,$Zlo,$Zlo - srlx $Zhi,4,$Zhi - xor $Zlo,$tmp,$Zlo - xor $Thi,$Zhi,$Zhi - and $Zlo,0xf,$remi - - ldx [$Htblo+$nhi],$Tlo - sll $remi,3,$remi - xor $rem,$Zhi,$Zhi - ldx [$Htbl+$nhi],$Thi - srlx $Zlo,4,$Zlo - ldx [$rem_4bit+$remi],$rem - sllx $Zhi,60,$tmp - xor $Tlo,$Zlo,$Zlo - srlx $Zhi,4,$Zhi - xor $Zlo,$tmp,$Zlo - xor $Thi,$Zhi,$Zhi - stx $Zlo,[$Xi+8] - xor $rem,$Zhi,$Zhi - stx $Zhi,[$Xi] - - ret - restore -.type gcm_gmult_4bit,#function -.size gcm_gmult_4bit,(.-gcm_gmult_4bit) -___ - -$code =~ s/\`([^\`]*)\`/eval $1/gem; -print $code; -close STDOUT; diff --git a/src/lib/libcrypto/modes/asm/ghash-x86.pl b/src/lib/libcrypto/modes/asm/ghash-x86.pl deleted file mode 100644 index 47833582b6..0000000000 --- a/src/lib/libcrypto/modes/asm/ghash-x86.pl +++ /dev/null @@ -1,1326 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== -# -# March, May, June 2010 -# -# The module implements "4-bit" GCM GHASH function and underlying -# single multiplication operation in GF(2^128). "4-bit" means that it -# uses 256 bytes per-key table [+64/128 bytes fixed table]. It has two -# code paths: vanilla x86 and vanilla MMX. Former will be executed on -# 486 and Pentium, latter on all others. MMX GHASH features so called -# "528B" variant of "4-bit" method utilizing additional 256+16 bytes -# of per-key storage [+512 bytes shared table]. Performance results -# are for streamed GHASH subroutine and are expressed in cycles per -# processed byte, less is better: -# -# gcc 2.95.3(*) MMX assembler x86 assembler -# -# Pentium 105/111(**) - 50 -# PIII 68 /75 12.2 24 -# P4 125/125 17.8 84(***) -# Opteron 66 /70 10.1 30 -# Core2 54 /67 8.4 18 -# -# (*) gcc 3.4.x was observed to generate few percent slower code, -# which is one of reasons why 2.95.3 results were chosen, -# another reason is lack of 3.4.x results for older CPUs; -# comparison with MMX results is not completely fair, because C -# results are for vanilla "256B" implementation, while -# assembler results are for "528B";-) -# (**) second number is result for code compiled with -fPIC flag, -# which is actually more relevant, because assembler code is -# position-independent; -# (***) see comment in non-MMX routine for further details; -# -# To summarize, it's >2-5 times faster than gcc-generated code. To -# anchor it to something else SHA1 assembler processes one byte in -# 11-13 cycles on contemporary x86 cores. As for choice of MMX in -# particular, see comment at the end of the file... - -# May 2010 -# -# Add PCLMULQDQ version performing at 2.10 cycles per processed byte. -# The question is how close is it to theoretical limit? The pclmulqdq -# instruction latency appears to be 14 cycles and there can't be more -# than 2 of them executing at any given time. This means that single -# Karatsuba multiplication would take 28 cycles *plus* few cycles for -# pre- and post-processing. Then multiplication has to be followed by -# modulo-reduction. Given that aggregated reduction method [see -# "Carry-less Multiplication and Its Usage for Computing the GCM Mode" -# white paper by Intel] allows you to perform reduction only once in -# a while we can assume that asymptotic performance can be estimated -# as (28+Tmod/Naggr)/16, where Tmod is time to perform reduction -# and Naggr is the aggregation factor. -# -# Before we proceed to this implementation let's have closer look at -# the best-performing code suggested by Intel in their white paper. -# By tracing inter-register dependencies Tmod is estimated as ~19 -# cycles and Naggr chosen by Intel is 4, resulting in 2.05 cycles per -# processed byte. As implied, this is quite optimistic estimate, -# because it does not account for Karatsuba pre- and post-processing, -# which for a single multiplication is ~5 cycles. Unfortunately Intel -# does not provide performance data for GHASH alone. But benchmarking -# AES_GCM_encrypt ripped out of Fig. 15 of the white paper with aadt -# alone resulted in 2.46 cycles per byte of out 16KB buffer. Note that -# the result accounts even for pre-computing of degrees of the hash -# key H, but its portion is negligible at 16KB buffer size. -# -# Moving on to the implementation in question. Tmod is estimated as -# ~13 cycles and Naggr is 2, giving asymptotic performance of ... -# 2.16. How is it possible that measured performance is better than -# optimistic theoretical estimate? There is one thing Intel failed -# to recognize. By serializing GHASH with CTR in same subroutine -# former's performance is really limited to above (Tmul + Tmod/Naggr) -# equation. But if GHASH procedure is detached, the modulo-reduction -# can be interleaved with Naggr-1 multiplications at instruction level -# and under ideal conditions even disappear from the equation. So that -# optimistic theoretical estimate for this implementation is ... -# 28/16=1.75, and not 2.16. Well, it's probably way too optimistic, -# at least for such small Naggr. I'd argue that (28+Tproc/Naggr), -# where Tproc is time required for Karatsuba pre- and post-processing, -# is more realistic estimate. In this case it gives ... 1.91 cycles. -# Or in other words, depending on how well we can interleave reduction -# and one of the two multiplications the performance should be between -# 1.91 and 2.16. As already mentioned, this implementation processes -# one byte out of 8KB buffer in 2.10 cycles, while x86_64 counterpart -# - in 2.02. x86_64 performance is better, because larger register -# bank allows to interleave reduction and multiplication better. -# -# Does it make sense to increase Naggr? To start with it's virtually -# impossible in 32-bit mode, because of limited register bank -# capacity. Otherwise improvement has to be weighed agiainst slower -# setup, as well as code size and complexity increase. As even -# optimistic estimate doesn't promise 30% performance improvement, -# there are currently no plans to increase Naggr. -# -# Special thanks to David Woodhouse for -# providing access to a Westmere-based system on behalf of Intel -# Open Source Technology Centre. - -# January 2010 -# -# Tweaked to optimize transitions between integer and FP operations -# on same XMM register, PCLMULQDQ subroutine was measured to process -# one byte in 2.07 cycles on Sandy Bridge, and in 2.12 - on Westmere. -# The minor regression on Westmere is outweighed by ~15% improvement -# on Sandy Bridge. Strangely enough attempt to modify 64-bit code in -# similar manner resulted in almost 20% degradation on Sandy Bridge, -# where original 64-bit code processes one byte in 1.95 cycles. - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -push(@INC,"${dir}","${dir}../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],"ghash-x86.pl",$x86only = $ARGV[$#ARGV] eq "386"); - -$sse2=0; -for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } - -($Zhh,$Zhl,$Zlh,$Zll) = ("ebp","edx","ecx","ebx"); -$inp = "edi"; -$Htbl = "esi"; - -$unroll = 0; # Affects x86 loop. Folded loop performs ~7% worse - # than unrolled, which has to be weighted against - # 2.5x x86-specific code size reduction. - -sub x86_loop { - my $off = shift; - my $rem = "eax"; - - &mov ($Zhh,&DWP(4,$Htbl,$Zll)); - &mov ($Zhl,&DWP(0,$Htbl,$Zll)); - &mov ($Zlh,&DWP(12,$Htbl,$Zll)); - &mov ($Zll,&DWP(8,$Htbl,$Zll)); - &xor ($rem,$rem); # avoid partial register stalls on PIII - - # shrd practically kills P4, 2.5x deterioration, but P4 has - # MMX code-path to execute. shrd runs tad faster [than twice - # the shifts, move's and or's] on pre-MMX Pentium (as well as - # PIII and Core2), *but* minimizes code size, spares register - # and thus allows to fold the loop... - if (!$unroll) { - my $cnt = $inp; - &mov ($cnt,15); - &jmp (&label("x86_loop")); - &set_label("x86_loop",16); - for($i=1;$i<=2;$i++) { - &mov (&LB($rem),&LB($Zll)); - &shrd ($Zll,$Zlh,4); - &and (&LB($rem),0xf); - &shrd ($Zlh,$Zhl,4); - &shrd ($Zhl,$Zhh,4); - &shr ($Zhh,4); - &xor ($Zhh,&DWP($off+16,"esp",$rem,4)); - - &mov (&LB($rem),&BP($off,"esp",$cnt)); - if ($i&1) { - &and (&LB($rem),0xf0); - } else { - &shl (&LB($rem),4); - } - - &xor ($Zll,&DWP(8,$Htbl,$rem)); - &xor ($Zlh,&DWP(12,$Htbl,$rem)); - &xor ($Zhl,&DWP(0,$Htbl,$rem)); - &xor ($Zhh,&DWP(4,$Htbl,$rem)); - - if ($i&1) { - &dec ($cnt); - &js (&label("x86_break")); - } else { - &jmp (&label("x86_loop")); - } - } - &set_label("x86_break",16); - } else { - for($i=1;$i<32;$i++) { - &comment($i); - &mov (&LB($rem),&LB($Zll)); - &shrd ($Zll,$Zlh,4); - &and (&LB($rem),0xf); - &shrd ($Zlh,$Zhl,4); - &shrd ($Zhl,$Zhh,4); - &shr ($Zhh,4); - &xor ($Zhh,&DWP($off+16,"esp",$rem,4)); - - if ($i&1) { - &mov (&LB($rem),&BP($off+15-($i>>1),"esp")); - &and (&LB($rem),0xf0); - } else { - &mov (&LB($rem),&BP($off+15-($i>>1),"esp")); - &shl (&LB($rem),4); - } - - &xor ($Zll,&DWP(8,$Htbl,$rem)); - &xor ($Zlh,&DWP(12,$Htbl,$rem)); - &xor ($Zhl,&DWP(0,$Htbl,$rem)); - &xor ($Zhh,&DWP(4,$Htbl,$rem)); - } - } - &bswap ($Zll); - &bswap ($Zlh); - &bswap ($Zhl); - if (!$x86only) { - &bswap ($Zhh); - } else { - &mov ("eax",$Zhh); - &bswap ("eax"); - &mov ($Zhh,"eax"); - } -} - -if ($unroll) { - &function_begin_B("_x86_gmult_4bit_inner"); - &x86_loop(4); - &ret (); - &function_end_B("_x86_gmult_4bit_inner"); -} - -sub deposit_rem_4bit { - my $bias = shift; - - &mov (&DWP($bias+0, "esp"),0x0000<<16); - &mov (&DWP($bias+4, "esp"),0x1C20<<16); - &mov (&DWP($bias+8, "esp"),0x3840<<16); - &mov (&DWP($bias+12,"esp"),0x2460<<16); - &mov (&DWP($bias+16,"esp"),0x7080<<16); - &mov (&DWP($bias+20,"esp"),0x6CA0<<16); - &mov (&DWP($bias+24,"esp"),0x48C0<<16); - &mov (&DWP($bias+28,"esp"),0x54E0<<16); - &mov (&DWP($bias+32,"esp"),0xE100<<16); - &mov (&DWP($bias+36,"esp"),0xFD20<<16); - &mov (&DWP($bias+40,"esp"),0xD940<<16); - &mov (&DWP($bias+44,"esp"),0xC560<<16); - &mov (&DWP($bias+48,"esp"),0x9180<<16); - &mov (&DWP($bias+52,"esp"),0x8DA0<<16); - &mov (&DWP($bias+56,"esp"),0xA9C0<<16); - &mov (&DWP($bias+60,"esp"),0xB5E0<<16); -} - -$suffix = $x86only ? "" : "_x86"; - -&function_begin("gcm_gmult_4bit".$suffix); - &stack_push(16+4+1); # +1 for stack alignment - &mov ($inp,&wparam(0)); # load Xi - &mov ($Htbl,&wparam(1)); # load Htable - - &mov ($Zhh,&DWP(0,$inp)); # load Xi[16] - &mov ($Zhl,&DWP(4,$inp)); - &mov ($Zlh,&DWP(8,$inp)); - &mov ($Zll,&DWP(12,$inp)); - - &deposit_rem_4bit(16); - - &mov (&DWP(0,"esp"),$Zhh); # copy Xi[16] on stack - &mov (&DWP(4,"esp"),$Zhl); - &mov (&DWP(8,"esp"),$Zlh); - &mov (&DWP(12,"esp"),$Zll); - &shr ($Zll,20); - &and ($Zll,0xf0); - - if ($unroll) { - &call ("_x86_gmult_4bit_inner"); - } else { - &x86_loop(0); - &mov ($inp,&wparam(0)); - } - - &mov (&DWP(12,$inp),$Zll); - &mov (&DWP(8,$inp),$Zlh); - &mov (&DWP(4,$inp),$Zhl); - &mov (&DWP(0,$inp),$Zhh); - &stack_pop(16+4+1); -&function_end("gcm_gmult_4bit".$suffix); - -&function_begin("gcm_ghash_4bit".$suffix); - &stack_push(16+4+1); # +1 for 64-bit alignment - &mov ($Zll,&wparam(0)); # load Xi - &mov ($Htbl,&wparam(1)); # load Htable - &mov ($inp,&wparam(2)); # load in - &mov ("ecx",&wparam(3)); # load len - &add ("ecx",$inp); - &mov (&wparam(3),"ecx"); - - &mov ($Zhh,&DWP(0,$Zll)); # load Xi[16] - &mov ($Zhl,&DWP(4,$Zll)); - &mov ($Zlh,&DWP(8,$Zll)); - &mov ($Zll,&DWP(12,$Zll)); - - &deposit_rem_4bit(16); - - &set_label("x86_outer_loop",16); - &xor ($Zll,&DWP(12,$inp)); # xor with input - &xor ($Zlh,&DWP(8,$inp)); - &xor ($Zhl,&DWP(4,$inp)); - &xor ($Zhh,&DWP(0,$inp)); - &mov (&DWP(12,"esp"),$Zll); # dump it on stack - &mov (&DWP(8,"esp"),$Zlh); - &mov (&DWP(4,"esp"),$Zhl); - &mov (&DWP(0,"esp"),$Zhh); - - &shr ($Zll,20); - &and ($Zll,0xf0); - - if ($unroll) { - &call ("_x86_gmult_4bit_inner"); - } else { - &x86_loop(0); - &mov ($inp,&wparam(2)); - } - &lea ($inp,&DWP(16,$inp)); - &cmp ($inp,&wparam(3)); - &mov (&wparam(2),$inp) if (!$unroll); - &jb (&label("x86_outer_loop")); - - &mov ($inp,&wparam(0)); # load Xi - &mov (&DWP(12,$inp),$Zll); - &mov (&DWP(8,$inp),$Zlh); - &mov (&DWP(4,$inp),$Zhl); - &mov (&DWP(0,$inp),$Zhh); - &stack_pop(16+4+1); -&function_end("gcm_ghash_4bit".$suffix); - -if (!$x86only) {{{ - -&static_label("rem_4bit"); - -if (!$sse2) {{ # pure-MMX "May" version... - -$S=12; # shift factor for rem_4bit - -&function_begin_B("_mmx_gmult_4bit_inner"); -# MMX version performs 3.5 times better on P4 (see comment in non-MMX -# routine for further details), 100% better on Opteron, ~70% better -# on Core2 and PIII... In other words effort is considered to be well -# spent... Since initial release the loop was unrolled in order to -# "liberate" register previously used as loop counter. Instead it's -# used to optimize critical path in 'Z.hi ^= rem_4bit[Z.lo&0xf]'. -# The path involves move of Z.lo from MMX to integer register, -# effective address calculation and finally merge of value to Z.hi. -# Reference to rem_4bit is scheduled so late that I had to >>4 -# rem_4bit elements. This resulted in 20-45% procent improvement -# on contemporary µ-archs. -{ - my $cnt; - my $rem_4bit = "eax"; - my @rem = ($Zhh,$Zll); - my $nhi = $Zhl; - my $nlo = $Zlh; - - my ($Zlo,$Zhi) = ("mm0","mm1"); - my $tmp = "mm2"; - - &xor ($nlo,$nlo); # avoid partial register stalls on PIII - &mov ($nhi,$Zll); - &mov (&LB($nlo),&LB($nhi)); - &shl (&LB($nlo),4); - &and ($nhi,0xf0); - &movq ($Zlo,&QWP(8,$Htbl,$nlo)); - &movq ($Zhi,&QWP(0,$Htbl,$nlo)); - &movd ($rem[0],$Zlo); - - for ($cnt=28;$cnt>=-2;$cnt--) { - my $odd = $cnt&1; - my $nix = $odd ? $nlo : $nhi; - - &shl (&LB($nlo),4) if ($odd); - &psrlq ($Zlo,4); - &movq ($tmp,$Zhi); - &psrlq ($Zhi,4); - &pxor ($Zlo,&QWP(8,$Htbl,$nix)); - &mov (&LB($nlo),&BP($cnt/2,$inp)) if (!$odd && $cnt>=0); - &psllq ($tmp,60); - &and ($nhi,0xf0) if ($odd); - &pxor ($Zhi,&QWP(0,$rem_4bit,$rem[1],8)) if ($cnt<28); - &and ($rem[0],0xf); - &pxor ($Zhi,&QWP(0,$Htbl,$nix)); - &mov ($nhi,$nlo) if (!$odd && $cnt>=0); - &movd ($rem[1],$Zlo); - &pxor ($Zlo,$tmp); - - push (@rem,shift(@rem)); # "rotate" registers - } - - &mov ($inp,&DWP(4,$rem_4bit,$rem[1],8)); # last rem_4bit[rem] - - &psrlq ($Zlo,32); # lower part of Zlo is already there - &movd ($Zhl,$Zhi); - &psrlq ($Zhi,32); - &movd ($Zlh,$Zlo); - &movd ($Zhh,$Zhi); - &shl ($inp,4); # compensate for rem_4bit[i] being >>4 - - &bswap ($Zll); - &bswap ($Zhl); - &bswap ($Zlh); - &xor ($Zhh,$inp); - &bswap ($Zhh); - - &ret (); -} -&function_end_B("_mmx_gmult_4bit_inner"); - -&function_begin("gcm_gmult_4bit_mmx"); - &mov ($inp,&wparam(0)); # load Xi - &mov ($Htbl,&wparam(1)); # load Htable - - &picsetup("eax"); - &picsymbol("eax", &label("rem_4bit"), "eax"); - - &movz ($Zll,&BP(15,$inp)); - - &call ("_mmx_gmult_4bit_inner"); - - &mov ($inp,&wparam(0)); # load Xi - &emms (); - &mov (&DWP(12,$inp),$Zll); - &mov (&DWP(4,$inp),$Zhl); - &mov (&DWP(8,$inp),$Zlh); - &mov (&DWP(0,$inp),$Zhh); -&function_end("gcm_gmult_4bit_mmx"); - -# Streamed version performs 20% better on P4, 7% on Opteron, -# 10% on Core2 and PIII... -&function_begin("gcm_ghash_4bit_mmx"); - &mov ($Zhh,&wparam(0)); # load Xi - &mov ($Htbl,&wparam(1)); # load Htable - &mov ($inp,&wparam(2)); # load in - &mov ($Zlh,&wparam(3)); # load len - - &picsetup("eax"); - &picsymbol("eax", &label("rem_4bit"), "eax"); - - &add ($Zlh,$inp); - &mov (&wparam(3),$Zlh); # len to point at the end of input - &stack_push(4+1); # +1 for stack alignment - - &mov ($Zll,&DWP(12,$Zhh)); # load Xi[16] - &mov ($Zhl,&DWP(4,$Zhh)); - &mov ($Zlh,&DWP(8,$Zhh)); - &mov ($Zhh,&DWP(0,$Zhh)); - &jmp (&label("mmx_outer_loop")); - - &set_label("mmx_outer_loop",16); - &xor ($Zll,&DWP(12,$inp)); - &xor ($Zhl,&DWP(4,$inp)); - &xor ($Zlh,&DWP(8,$inp)); - &xor ($Zhh,&DWP(0,$inp)); - &mov (&wparam(2),$inp); - &mov (&DWP(12,"esp"),$Zll); - &mov (&DWP(4,"esp"),$Zhl); - &mov (&DWP(8,"esp"),$Zlh); - &mov (&DWP(0,"esp"),$Zhh); - - &mov ($inp,"esp"); - &shr ($Zll,24); - - &call ("_mmx_gmult_4bit_inner"); - - &mov ($inp,&wparam(2)); - &lea ($inp,&DWP(16,$inp)); - &cmp ($inp,&wparam(3)); - &jb (&label("mmx_outer_loop")); - - &mov ($inp,&wparam(0)); # load Xi - &emms (); - &mov (&DWP(12,$inp),$Zll); - &mov (&DWP(4,$inp),$Zhl); - &mov (&DWP(8,$inp),$Zlh); - &mov (&DWP(0,$inp),$Zhh); - - &stack_pop(4+1); -&function_end("gcm_ghash_4bit_mmx"); - -}} else {{ # "June" MMX version... - # ... has slower "April" gcm_gmult_4bit_mmx with folded - # loop. This is done to conserve code size... -$S=16; # shift factor for rem_4bit - -sub mmx_loop() { -# MMX version performs 2.8 times better on P4 (see comment in non-MMX -# routine for further details), 40% better on Opteron and Core2, 50% -# better on PIII... In other words effort is considered to be well -# spent... - my $inp = shift; - my $rem_4bit = shift; - my $cnt = $Zhh; - my $nhi = $Zhl; - my $nlo = $Zlh; - my $rem = $Zll; - - my ($Zlo,$Zhi) = ("mm0","mm1"); - my $tmp = "mm2"; - - &xor ($nlo,$nlo); # avoid partial register stalls on PIII - &mov ($nhi,$Zll); - &mov (&LB($nlo),&LB($nhi)); - &mov ($cnt,14); - &shl (&LB($nlo),4); - &and ($nhi,0xf0); - &movq ($Zlo,&QWP(8,$Htbl,$nlo)); - &movq ($Zhi,&QWP(0,$Htbl,$nlo)); - &movd ($rem,$Zlo); - &jmp (&label("mmx_loop")); - - &set_label("mmx_loop",16); - &psrlq ($Zlo,4); - &and ($rem,0xf); - &movq ($tmp,$Zhi); - &psrlq ($Zhi,4); - &pxor ($Zlo,&QWP(8,$Htbl,$nhi)); - &mov (&LB($nlo),&BP(0,$inp,$cnt)); - &psllq ($tmp,60); - &pxor ($Zhi,&QWP(0,$rem_4bit,$rem,8)); - &dec ($cnt); - &movd ($rem,$Zlo); - &pxor ($Zhi,&QWP(0,$Htbl,$nhi)); - &mov ($nhi,$nlo); - &pxor ($Zlo,$tmp); - &js (&label("mmx_break")); - - &shl (&LB($nlo),4); - &and ($rem,0xf); - &psrlq ($Zlo,4); - &and ($nhi,0xf0); - &movq ($tmp,$Zhi); - &psrlq ($Zhi,4); - &pxor ($Zlo,&QWP(8,$Htbl,$nlo)); - &psllq ($tmp,60); - &pxor ($Zhi,&QWP(0,$rem_4bit,$rem,8)); - &movd ($rem,$Zlo); - &pxor ($Zhi,&QWP(0,$Htbl,$nlo)); - &pxor ($Zlo,$tmp); - &jmp (&label("mmx_loop")); - - &set_label("mmx_break",16); - &shl (&LB($nlo),4); - &and ($rem,0xf); - &psrlq ($Zlo,4); - &and ($nhi,0xf0); - &movq ($tmp,$Zhi); - &psrlq ($Zhi,4); - &pxor ($Zlo,&QWP(8,$Htbl,$nlo)); - &psllq ($tmp,60); - &pxor ($Zhi,&QWP(0,$rem_4bit,$rem,8)); - &movd ($rem,$Zlo); - &pxor ($Zhi,&QWP(0,$Htbl,$nlo)); - &pxor ($Zlo,$tmp); - - &psrlq ($Zlo,4); - &and ($rem,0xf); - &movq ($tmp,$Zhi); - &psrlq ($Zhi,4); - &pxor ($Zlo,&QWP(8,$Htbl,$nhi)); - &psllq ($tmp,60); - &pxor ($Zhi,&QWP(0,$rem_4bit,$rem,8)); - &movd ($rem,$Zlo); - &pxor ($Zhi,&QWP(0,$Htbl,$nhi)); - &pxor ($Zlo,$tmp); - - &psrlq ($Zlo,32); # lower part of Zlo is already there - &movd ($Zhl,$Zhi); - &psrlq ($Zhi,32); - &movd ($Zlh,$Zlo); - &movd ($Zhh,$Zhi); - - &bswap ($Zll); - &bswap ($Zhl); - &bswap ($Zlh); - &bswap ($Zhh); -} - -&function_begin("gcm_gmult_4bit_mmx"); - &mov ($inp,&wparam(0)); # load Xi - &mov ($Htbl,&wparam(1)); # load Htable - - &picsetup("eax"); - &picsymbol("eax", &label("rem_4bit"), "eax"); - - &movz ($Zll,&BP(15,$inp)); - - &mmx_loop($inp,"eax"); - - &emms (); - &mov (&DWP(12,$inp),$Zll); - &mov (&DWP(4,$inp),$Zhl); - &mov (&DWP(8,$inp),$Zlh); - &mov (&DWP(0,$inp),$Zhh); -&function_end("gcm_gmult_4bit_mmx"); - -###################################################################### -# Below subroutine is "528B" variant of "4-bit" GCM GHASH function -# (see gcm128.c for details). It provides further 20-40% performance -# improvement over above mentioned "May" version. - -&static_label("rem_8bit"); - -&function_begin("gcm_ghash_4bit_mmx"); -{ my ($Zlo,$Zhi) = ("mm7","mm6"); - my $rem_8bit = "esi"; - my $Htbl = "ebx"; - - # parameter block - &mov ("eax",&wparam(0)); # Xi - &mov ("ebx",&wparam(1)); # Htable - &mov ("ecx",&wparam(2)); # inp - &mov ("edx",&wparam(3)); # len - &mov ("ebp","esp"); # original %esp - - &picsetup($rem_8bit); - &picsymbol($rem_8bit, &label("rem_8bit"), $rem_8bit); - - &sub ("esp",512+16+16); # allocate stack frame... - &and ("esp",-64); # ...and align it - &sub ("esp",16); # place for (u8)(H[]<<4) - - &add ("edx","ecx"); # pointer to the end of input - &mov (&DWP(528+16+0,"esp"),"eax"); # save Xi - &mov (&DWP(528+16+8,"esp"),"edx"); # save inp+len - &mov (&DWP(528+16+12,"esp"),"ebp"); # save original %esp - - { my @lo = ("mm0","mm1","mm2"); - my @hi = ("mm3","mm4","mm5"); - my @tmp = ("mm6","mm7"); - my ($off1,$off2,$i) = (0,0,); - - &add ($Htbl,128); # optimize for size - &lea ("edi",&DWP(16+128,"esp")); - &lea ("ebp",&DWP(16+256+128,"esp")); - - # decompose Htable (low and high parts are kept separately), - # generate Htable[]>>4, (u8)(Htable[]<<4), save to stack... - for ($i=0;$i<18;$i++) { - - &mov ("edx",&DWP(16*$i+8-128,$Htbl)) if ($i<16); - &movq ($lo[0],&QWP(16*$i+8-128,$Htbl)) if ($i<16); - &psllq ($tmp[1],60) if ($i>1); - &movq ($hi[0],&QWP(16*$i+0-128,$Htbl)) if ($i<16); - &por ($lo[2],$tmp[1]) if ($i>1); - &movq (&QWP($off1-128,"edi"),$lo[1]) if ($i>0 && $i<17); - &psrlq ($lo[1],4) if ($i>0 && $i<17); - &movq (&QWP($off1,"edi"),$hi[1]) if ($i>0 && $i<17); - &movq ($tmp[0],$hi[1]) if ($i>0 && $i<17); - &movq (&QWP($off2-128,"ebp"),$lo[2]) if ($i>1); - &psrlq ($hi[1],4) if ($i>0 && $i<17); - &movq (&QWP($off2,"ebp"),$hi[2]) if ($i>1); - &shl ("edx",4) if ($i<16); - &mov (&BP($i,"esp"),&LB("edx")) if ($i<16); - - unshift (@lo,pop(@lo)); # "rotate" registers - unshift (@hi,pop(@hi)); - unshift (@tmp,pop(@tmp)); - $off1 += 8 if ($i>0); - $off2 += 8 if ($i>1); - } - } - - &movq ($Zhi,&QWP(0,"eax")); - &mov ("ebx",&DWP(8,"eax")); - &mov ("edx",&DWP(12,"eax")); # load Xi - -&set_label("outer",16); - { my $nlo = "eax"; - my $dat = "edx"; - my @nhi = ("edi","ebp"); - my @rem = ("ebx","ecx"); - my @red = ("mm0","mm1","mm2"); - my $tmp = "mm3"; - - &xor ($dat,&DWP(12,"ecx")); # merge input data - &xor ("ebx",&DWP(8,"ecx")); - &pxor ($Zhi,&QWP(0,"ecx")); - &lea ("ecx",&DWP(16,"ecx")); # inp+=16 - #&mov (&DWP(528+12,"esp"),$dat); # save inp^Xi - &mov (&DWP(528+8,"esp"),"ebx"); - &movq (&QWP(528+0,"esp"),$Zhi); - &mov (&DWP(528+16+4,"esp"),"ecx"); # save inp - - &xor ($nlo,$nlo); - &rol ($dat,8); - &mov (&LB($nlo),&LB($dat)); - &mov ($nhi[1],$nlo); - &and (&LB($nlo),0x0f); - &shr ($nhi[1],4); - &pxor ($red[0],$red[0]); - &rol ($dat,8); # next byte - &pxor ($red[1],$red[1]); - &pxor ($red[2],$red[2]); - - # Just like in "May" version modulo-schedule for critical path in - # 'Z.hi ^= rem_8bit[Z.lo&0xff^((u8)H[nhi]<<4)]<<48'. Final 'pxor' - # is scheduled so late that rem_8bit[] has to be shifted *right* - # by 16, which is why last argument to pinsrw is 2, which - # corresponds to <<32=<<48>>16... - for ($j=11,$i=0;$i<15;$i++) { - - if ($i>0) { - &pxor ($Zlo,&QWP(16,"esp",$nlo,8)); # Z^=H[nlo] - &rol ($dat,8); # next byte - &pxor ($Zhi,&QWP(16+128,"esp",$nlo,8)); - - &pxor ($Zlo,$tmp); - &pxor ($Zhi,&QWP(16+256+128,"esp",$nhi[0],8)); - &xor (&LB($rem[1]),&BP(0,"esp",$nhi[0])); # rem^(H[nhi]<<4) - } else { - &movq ($Zlo,&QWP(16,"esp",$nlo,8)); - &movq ($Zhi,&QWP(16+128,"esp",$nlo,8)); - } - - &mov (&LB($nlo),&LB($dat)); - &mov ($dat,&DWP(528+$j,"esp")) if (--$j%4==0 && $j>=0); - - &movd ($rem[0],$Zlo); - &movz ($rem[1],&LB($rem[1])) if ($i>0); - &psrlq ($Zlo,8); # Z>>=8 - - &movq ($tmp,$Zhi); - &mov ($nhi[0],$nlo); - &psrlq ($Zhi,8); - - &pxor ($Zlo,&QWP(16+256+0,"esp",$nhi[1],8)); # Z^=H[nhi]>>4 - &and (&LB($nlo),0x0f); - &psllq ($tmp,56); - - &pxor ($Zhi,$red[1]) if ($i>1); - &shr ($nhi[0],4); - &pinsrw ($red[0],&WP(0,$rem_8bit,$rem[1],2),2) if ($i>0); - - unshift (@red,pop(@red)); # "rotate" registers - unshift (@rem,pop(@rem)); - unshift (@nhi,pop(@nhi)); - } - - &pxor ($Zlo,&QWP(16,"esp",$nlo,8)); # Z^=H[nlo] - &pxor ($Zhi,&QWP(16+128,"esp",$nlo,8)); - &xor (&LB($rem[1]),&BP(0,"esp",$nhi[0])); # rem^(H[nhi]<<4) - - &pxor ($Zlo,$tmp); - &pxor ($Zhi,&QWP(16+256+128,"esp",$nhi[0],8)); - &movz ($rem[1],&LB($rem[1])); - - &pxor ($red[2],$red[2]); # clear 2nd word - &psllq ($red[1],4); - - &movd ($rem[0],$Zlo); - &psrlq ($Zlo,4); # Z>>=4 - - &movq ($tmp,$Zhi); - &psrlq ($Zhi,4); - &shl ($rem[0],4); # rem<<4 - - &pxor ($Zlo,&QWP(16,"esp",$nhi[1],8)); # Z^=H[nhi] - &psllq ($tmp,60); - &movz ($rem[0],&LB($rem[0])); - - &pxor ($Zlo,$tmp); - &pxor ($Zhi,&QWP(16+128,"esp",$nhi[1],8)); - - &pinsrw ($red[0],&WP(0,$rem_8bit,$rem[1],2),2); - &pxor ($Zhi,$red[1]); - - &movd ($dat,$Zlo); - &pinsrw ($red[2],&WP(0,$rem_8bit,$rem[0],2),3); # last is <<48 - - &psllq ($red[0],12); # correct by <<16>>4 - &pxor ($Zhi,$red[0]); - &psrlq ($Zlo,32); - &pxor ($Zhi,$red[2]); - - &mov ("ecx",&DWP(528+16+4,"esp")); # restore inp - &movd ("ebx",$Zlo); - &movq ($tmp,$Zhi); # 01234567 - &psllw ($Zhi,8); # 1.3.5.7. - &psrlw ($tmp,8); # .0.2.4.6 - &por ($Zhi,$tmp); # 10325476 - &bswap ($dat); - &pshufw ($Zhi,$Zhi,0b00011011); # 76543210 - &bswap ("ebx"); - - &cmp ("ecx",&DWP(528+16+8,"esp")); # are we done? - &jne (&label("outer")); - } - - &mov ("eax",&DWP(528+16+0,"esp")); # restore Xi - &mov (&DWP(12,"eax"),"edx"); - &mov (&DWP(8,"eax"),"ebx"); - &movq (&QWP(0,"eax"),$Zhi); - - &mov ("esp",&DWP(528+16+12,"esp")); # restore original %esp - &emms (); -} -&function_end("gcm_ghash_4bit_mmx"); -}} - -if ($sse2) {{ -###################################################################### -# PCLMULQDQ version. - -$Xip="eax"; -$Htbl="edx"; -$const="ecx"; -$inp="esi"; -$len="ebx"; - -($Xi,$Xhi)=("xmm0","xmm1"); $Hkey="xmm2"; -($T1,$T2,$T3)=("xmm3","xmm4","xmm5"); -($Xn,$Xhn)=("xmm6","xmm7"); - -&static_label("bswap"); - -sub clmul64x64_T2 { # minimal "register" pressure -my ($Xhi,$Xi,$Hkey)=@_; - - &movdqa ($Xhi,$Xi); # - &pshufd ($T1,$Xi,0b01001110); - &pshufd ($T2,$Hkey,0b01001110); - &pxor ($T1,$Xi); # - &pxor ($T2,$Hkey); - - &pclmulqdq ($Xi,$Hkey,0x00); ####### - &pclmulqdq ($Xhi,$Hkey,0x11); ####### - &pclmulqdq ($T1,$T2,0x00); ####### - &xorps ($T1,$Xi); # - &xorps ($T1,$Xhi); # - - &movdqa ($T2,$T1); # - &psrldq ($T1,8); - &pslldq ($T2,8); # - &pxor ($Xhi,$T1); - &pxor ($Xi,$T2); # -} - -sub clmul64x64_T3 { -# Even though this subroutine offers visually better ILP, it -# was empirically found to be a tad slower than above version. -# At least in gcm_ghash_clmul context. But it's just as well, -# because loop modulo-scheduling is possible only thanks to -# minimized "register" pressure... -my ($Xhi,$Xi,$Hkey)=@_; - - &movdqa ($T1,$Xi); # - &movdqa ($Xhi,$Xi); - &pclmulqdq ($Xi,$Hkey,0x00); ####### - &pclmulqdq ($Xhi,$Hkey,0x11); ####### - &pshufd ($T2,$T1,0b01001110); # - &pshufd ($T3,$Hkey,0b01001110); - &pxor ($T2,$T1); # - &pxor ($T3,$Hkey); - &pclmulqdq ($T2,$T3,0x00); ####### - &pxor ($T2,$Xi); # - &pxor ($T2,$Xhi); # - - &movdqa ($T3,$T2); # - &psrldq ($T2,8); - &pslldq ($T3,8); # - &pxor ($Xhi,$T2); - &pxor ($Xi,$T3); # -} - -if (1) { # Algorithm 9 with <<1 twist. - # Reduction is shorter and uses only two - # temporary registers, which makes it better - # candidate for interleaving with 64x64 - # multiplication. Pre-modulo-scheduled loop - # was found to be ~20% faster than Algorithm 5 - # below. Algorithm 9 was therefore chosen for - # further optimization... - -sub reduction_alg9 { # 17/13 times faster than Intel version -my ($Xhi,$Xi) = @_; - - # 1st phase - &movdqa ($T1,$Xi); # - &psllq ($Xi,1); - &pxor ($Xi,$T1); # - &psllq ($Xi,5); # - &pxor ($Xi,$T1); # - &psllq ($Xi,57); # - &movdqa ($T2,$Xi); # - &pslldq ($Xi,8); - &psrldq ($T2,8); # - &pxor ($Xi,$T1); - &pxor ($Xhi,$T2); # - - # 2nd phase - &movdqa ($T2,$Xi); - &psrlq ($Xi,5); - &pxor ($Xi,$T2); # - &psrlq ($Xi,1); # - &pxor ($Xi,$T2); # - &pxor ($T2,$Xhi); - &psrlq ($Xi,1); # - &pxor ($Xi,$T2); # -} - -&function_begin_B("gcm_init_clmul"); - &mov ($Htbl,&wparam(0)); - &mov ($Xip,&wparam(1)); - - &picsetup($const); - &picsymbol($const, &label("bswap"), $const); - - &movdqu ($Hkey,&QWP(0,$Xip)); - &pshufd ($Hkey,$Hkey,0b01001110);# dword swap - - # <<1 twist - &pshufd ($T2,$Hkey,0b11111111); # broadcast uppermost dword - &movdqa ($T1,$Hkey); - &psllq ($Hkey,1); - &pxor ($T3,$T3); # - &psrlq ($T1,63); - &pcmpgtd ($T3,$T2); # broadcast carry bit - &pslldq ($T1,8); - &por ($Hkey,$T1); # H<<=1 - - # magic reduction - &pand ($T3,&QWP(16,$const)); # 0x1c2_polynomial - &pxor ($Hkey,$T3); # if(carry) H^=0x1c2_polynomial - - # calculate H^2 - &movdqa ($Xi,$Hkey); - &clmul64x64_T2 ($Xhi,$Xi,$Hkey); - &reduction_alg9 ($Xhi,$Xi); - - &movdqu (&QWP(0,$Htbl),$Hkey); # save H - &movdqu (&QWP(16,$Htbl),$Xi); # save H^2 - - &ret (); -&function_end_B("gcm_init_clmul"); - -&function_begin_B("gcm_gmult_clmul"); - &mov ($Xip,&wparam(0)); - &mov ($Htbl,&wparam(1)); - - &picsetup($const); - &picsymbol($const, &label("bswap"), $const); - - &movdqu ($Xi,&QWP(0,$Xip)); - &movdqa ($T3,&QWP(0,$const)); - &movups ($Hkey,&QWP(0,$Htbl)); - &pshufb ($Xi,$T3); - - &clmul64x64_T2 ($Xhi,$Xi,$Hkey); - &reduction_alg9 ($Xhi,$Xi); - - &pshufb ($Xi,$T3); - &movdqu (&QWP(0,$Xip),$Xi); - - &ret (); -&function_end_B("gcm_gmult_clmul"); - -&function_begin("gcm_ghash_clmul"); - &mov ($Xip,&wparam(0)); - &mov ($Htbl,&wparam(1)); - &mov ($inp,&wparam(2)); - &mov ($len,&wparam(3)); - - &picsetup($const); - &picsymbol($const, &label("bswap"), $const); - - &movdqu ($Xi,&QWP(0,$Xip)); - &movdqa ($T3,&QWP(0,$const)); - &movdqu ($Hkey,&QWP(0,$Htbl)); - &pshufb ($Xi,$T3); - - &sub ($len,0x10); - &jz (&label("odd_tail")); - - ####### - # Xi+2 =[H*(Ii+1 + Xi+1)] mod P = - # [(H*Ii+1) + (H*Xi+1)] mod P = - # [(H*Ii+1) + H^2*(Ii+Xi)] mod P - # - &movdqu ($T1,&QWP(0,$inp)); # Ii - &movdqu ($Xn,&QWP(16,$inp)); # Ii+1 - &pshufb ($T1,$T3); - &pshufb ($Xn,$T3); - &pxor ($Xi,$T1); # Ii+Xi - - &clmul64x64_T2 ($Xhn,$Xn,$Hkey); # H*Ii+1 - &movups ($Hkey,&QWP(16,$Htbl)); # load H^2 - - &lea ($inp,&DWP(32,$inp)); # i+=2 - &sub ($len,0x20); - &jbe (&label("even_tail")); - -&set_label("mod_loop"); - &clmul64x64_T2 ($Xhi,$Xi,$Hkey); # H^2*(Ii+Xi) - &movdqu ($T1,&QWP(0,$inp)); # Ii - &movups ($Hkey,&QWP(0,$Htbl)); # load H - - &pxor ($Xi,$Xn); # (H*Ii+1) + H^2*(Ii+Xi) - &pxor ($Xhi,$Xhn); - - &movdqu ($Xn,&QWP(16,$inp)); # Ii+1 - &pshufb ($T1,$T3); - &pshufb ($Xn,$T3); - - &movdqa ($T3,$Xn); #&clmul64x64_TX ($Xhn,$Xn,$Hkey); H*Ii+1 - &movdqa ($Xhn,$Xn); - &pxor ($Xhi,$T1); # "Ii+Xi", consume early - - &movdqa ($T1,$Xi); #&reduction_alg9($Xhi,$Xi); 1st phase - &psllq ($Xi,1); - &pxor ($Xi,$T1); # - &psllq ($Xi,5); # - &pxor ($Xi,$T1); # - &pclmulqdq ($Xn,$Hkey,0x00); ####### - &psllq ($Xi,57); # - &movdqa ($T2,$Xi); # - &pslldq ($Xi,8); - &psrldq ($T2,8); # - &pxor ($Xi,$T1); - &pshufd ($T1,$T3,0b01001110); - &pxor ($Xhi,$T2); # - &pxor ($T1,$T3); - &pshufd ($T3,$Hkey,0b01001110); - &pxor ($T3,$Hkey); # - - &pclmulqdq ($Xhn,$Hkey,0x11); ####### - &movdqa ($T2,$Xi); # 2nd phase - &psrlq ($Xi,5); - &pxor ($Xi,$T2); # - &psrlq ($Xi,1); # - &pxor ($Xi,$T2); # - &pxor ($T2,$Xhi); - &psrlq ($Xi,1); # - &pxor ($Xi,$T2); # - - &pclmulqdq ($T1,$T3,0x00); ####### - &movups ($Hkey,&QWP(16,$Htbl)); # load H^2 - &xorps ($T1,$Xn); # - &xorps ($T1,$Xhn); # - - &movdqa ($T3,$T1); # - &psrldq ($T1,8); - &pslldq ($T3,8); # - &pxor ($Xhn,$T1); - &pxor ($Xn,$T3); # - &movdqa ($T3,&QWP(0,$const)); - - &lea ($inp,&DWP(32,$inp)); - &sub ($len,0x20); - &ja (&label("mod_loop")); - -&set_label("even_tail"); - &clmul64x64_T2 ($Xhi,$Xi,$Hkey); # H^2*(Ii+Xi) - - &pxor ($Xi,$Xn); # (H*Ii+1) + H^2*(Ii+Xi) - &pxor ($Xhi,$Xhn); - - &reduction_alg9 ($Xhi,$Xi); - - &test ($len,$len); - &jnz (&label("done")); - - &movups ($Hkey,&QWP(0,$Htbl)); # load H -&set_label("odd_tail"); - &movdqu ($T1,&QWP(0,$inp)); # Ii - &pshufb ($T1,$T3); - &pxor ($Xi,$T1); # Ii+Xi - - &clmul64x64_T2 ($Xhi,$Xi,$Hkey); # H*(Ii+Xi) - &reduction_alg9 ($Xhi,$Xi); - -&set_label("done"); - &pshufb ($Xi,$T3); - &movdqu (&QWP(0,$Xip),$Xi); -&function_end("gcm_ghash_clmul"); - -} else { # Algorithm 5. Kept for reference purposes. - -sub reduction_alg5 { # 19/16 times faster than Intel version -my ($Xhi,$Xi)=@_; - - # <<1 - &movdqa ($T1,$Xi); # - &movdqa ($T2,$Xhi); - &pslld ($Xi,1); - &pslld ($Xhi,1); # - &psrld ($T1,31); - &psrld ($T2,31); # - &movdqa ($T3,$T1); - &pslldq ($T1,4); - &psrldq ($T3,12); # - &pslldq ($T2,4); - &por ($Xhi,$T3); # - &por ($Xi,$T1); - &por ($Xhi,$T2); # - - # 1st phase - &movdqa ($T1,$Xi); - &movdqa ($T2,$Xi); - &movdqa ($T3,$Xi); # - &pslld ($T1,31); - &pslld ($T2,30); - &pslld ($Xi,25); # - &pxor ($T1,$T2); - &pxor ($T1,$Xi); # - &movdqa ($T2,$T1); # - &pslldq ($T1,12); - &psrldq ($T2,4); # - &pxor ($T3,$T1); - - # 2nd phase - &pxor ($Xhi,$T3); # - &movdqa ($Xi,$T3); - &movdqa ($T1,$T3); - &psrld ($Xi,1); # - &psrld ($T1,2); - &psrld ($T3,7); # - &pxor ($Xi,$T1); - &pxor ($Xhi,$T2); - &pxor ($Xi,$T3); # - &pxor ($Xi,$Xhi); # -} - -&function_begin_B("gcm_init_clmul"); - &mov ($Htbl,&wparam(0)); - &mov ($Xip,&wparam(1)); - - &picsetup($const); - &picsymbol($const, &label("bswap"), $const); - - &movdqu ($Hkey,&QWP(0,$Xip)); - &pshufd ($Hkey,$Hkey,0b01001110);# dword swap - - # calculate H^2 - &movdqa ($Xi,$Hkey); - &clmul64x64_T3 ($Xhi,$Xi,$Hkey); - &reduction_alg5 ($Xhi,$Xi); - - &movdqu (&QWP(0,$Htbl),$Hkey); # save H - &movdqu (&QWP(16,$Htbl),$Xi); # save H^2 - - &ret (); -&function_end_B("gcm_init_clmul"); - -&function_begin_B("gcm_gmult_clmul"); - &mov ($Xip,&wparam(0)); - &mov ($Htbl,&wparam(1)); - - &picsetup($const); - &picsymbol($const, &label("bswap"), $const); - - &movdqu ($Xi,&QWP(0,$Xip)); - &movdqa ($Xn,&QWP(0,$const)); - &movdqu ($Hkey,&QWP(0,$Htbl)); - &pshufb ($Xi,$Xn); - - &clmul64x64_T3 ($Xhi,$Xi,$Hkey); - &reduction_alg5 ($Xhi,$Xi); - - &pshufb ($Xi,$Xn); - &movdqu (&QWP(0,$Xip),$Xi); - - &ret (); -&function_end_B("gcm_gmult_clmul"); - -&function_begin("gcm_ghash_clmul"); - &mov ($Xip,&wparam(0)); - &mov ($Htbl,&wparam(1)); - &mov ($inp,&wparam(2)); - &mov ($len,&wparam(3)); - - &picsetup($const); - &picsymbol($const, &label("bswap"), $const); - - &movdqu ($Xi,&QWP(0,$Xip)); - &movdqa ($T3,&QWP(0,$const)); - &movdqu ($Hkey,&QWP(0,$Htbl)); - &pshufb ($Xi,$T3); - - &sub ($len,0x10); - &jz (&label("odd_tail")); - - ####### - # Xi+2 =[H*(Ii+1 + Xi+1)] mod P = - # [(H*Ii+1) + (H*Xi+1)] mod P = - # [(H*Ii+1) + H^2*(Ii+Xi)] mod P - # - &movdqu ($T1,&QWP(0,$inp)); # Ii - &movdqu ($Xn,&QWP(16,$inp)); # Ii+1 - &pshufb ($T1,$T3); - &pshufb ($Xn,$T3); - &pxor ($Xi,$T1); # Ii+Xi - - &clmul64x64_T3 ($Xhn,$Xn,$Hkey); # H*Ii+1 - &movdqu ($Hkey,&QWP(16,$Htbl)); # load H^2 - - &sub ($len,0x20); - &lea ($inp,&DWP(32,$inp)); # i+=2 - &jbe (&label("even_tail")); - -&set_label("mod_loop"); - &clmul64x64_T3 ($Xhi,$Xi,$Hkey); # H^2*(Ii+Xi) - &movdqu ($Hkey,&QWP(0,$Htbl)); # load H - - &pxor ($Xi,$Xn); # (H*Ii+1) + H^2*(Ii+Xi) - &pxor ($Xhi,$Xhn); - - &reduction_alg5 ($Xhi,$Xi); - - ####### - &movdqa ($T3,&QWP(0,$const)); - &movdqu ($T1,&QWP(0,$inp)); # Ii - &movdqu ($Xn,&QWP(16,$inp)); # Ii+1 - &pshufb ($T1,$T3); - &pshufb ($Xn,$T3); - &pxor ($Xi,$T1); # Ii+Xi - - &clmul64x64_T3 ($Xhn,$Xn,$Hkey); # H*Ii+1 - &movdqu ($Hkey,&QWP(16,$Htbl)); # load H^2 - - &sub ($len,0x20); - &lea ($inp,&DWP(32,$inp)); - &ja (&label("mod_loop")); - -&set_label("even_tail"); - &clmul64x64_T3 ($Xhi,$Xi,$Hkey); # H^2*(Ii+Xi) - - &pxor ($Xi,$Xn); # (H*Ii+1) + H^2*(Ii+Xi) - &pxor ($Xhi,$Xhn); - - &reduction_alg5 ($Xhi,$Xi); - - &movdqa ($T3,&QWP(0,$const)); - &test ($len,$len); - &jnz (&label("done")); - - &movdqu ($Hkey,&QWP(0,$Htbl)); # load H -&set_label("odd_tail"); - &movdqu ($T1,&QWP(0,$inp)); # Ii - &pshufb ($T1,$T3); - &pxor ($Xi,$T1); # Ii+Xi - - &clmul64x64_T3 ($Xhi,$Xi,$Hkey); # H*(Ii+Xi) - &reduction_alg5 ($Xhi,$Xi); - - &movdqa ($T3,&QWP(0,$const)); -&set_label("done"); - &pshufb ($Xi,$T3); - &movdqu (&QWP(0,$Xip),$Xi); -&function_end("gcm_ghash_clmul"); - -} - - &rodataseg(); -&set_label("bswap",64); - &data_byte(15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0); - &data_byte(1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xc2); # 0x1c2_polynomial - &previous(); -}} # $sse2 - - &rodataseg(); -&set_label("rem_4bit",64); - &data_word(0,0x0000<<$S,0,0x1C20<<$S,0,0x3840<<$S,0,0x2460<<$S); - &data_word(0,0x7080<<$S,0,0x6CA0<<$S,0,0x48C0<<$S,0,0x54E0<<$S); - &data_word(0,0xE100<<$S,0,0xFD20<<$S,0,0xD940<<$S,0,0xC560<<$S); - &data_word(0,0x9180<<$S,0,0x8DA0<<$S,0,0xA9C0<<$S,0,0xB5E0<<$S); -&set_label("rem_8bit",64); - &data_short(0x0000,0x01C2,0x0384,0x0246,0x0708,0x06CA,0x048C,0x054E); - &data_short(0x0E10,0x0FD2,0x0D94,0x0C56,0x0918,0x08DA,0x0A9C,0x0B5E); - &data_short(0x1C20,0x1DE2,0x1FA4,0x1E66,0x1B28,0x1AEA,0x18AC,0x196E); - &data_short(0x1230,0x13F2,0x11B4,0x1076,0x1538,0x14FA,0x16BC,0x177E); - &data_short(0x3840,0x3982,0x3BC4,0x3A06,0x3F48,0x3E8A,0x3CCC,0x3D0E); - &data_short(0x3650,0x3792,0x35D4,0x3416,0x3158,0x309A,0x32DC,0x331E); - &data_short(0x2460,0x25A2,0x27E4,0x2626,0x2368,0x22AA,0x20EC,0x212E); - &data_short(0x2A70,0x2BB2,0x29F4,0x2836,0x2D78,0x2CBA,0x2EFC,0x2F3E); - &data_short(0x7080,0x7142,0x7304,0x72C6,0x7788,0x764A,0x740C,0x75CE); - &data_short(0x7E90,0x7F52,0x7D14,0x7CD6,0x7998,0x785A,0x7A1C,0x7BDE); - &data_short(0x6CA0,0x6D62,0x6F24,0x6EE6,0x6BA8,0x6A6A,0x682C,0x69EE); - &data_short(0x62B0,0x6372,0x6134,0x60F6,0x65B8,0x647A,0x663C,0x67FE); - &data_short(0x48C0,0x4902,0x4B44,0x4A86,0x4FC8,0x4E0A,0x4C4C,0x4D8E); - &data_short(0x46D0,0x4712,0x4554,0x4496,0x41D8,0x401A,0x425C,0x439E); - &data_short(0x54E0,0x5522,0x5764,0x56A6,0x53E8,0x522A,0x506C,0x51AE); - &data_short(0x5AF0,0x5B32,0x5974,0x58B6,0x5DF8,0x5C3A,0x5E7C,0x5FBE); - &data_short(0xE100,0xE0C2,0xE284,0xE346,0xE608,0xE7CA,0xE58C,0xE44E); - &data_short(0xEF10,0xEED2,0xEC94,0xED56,0xE818,0xE9DA,0xEB9C,0xEA5E); - &data_short(0xFD20,0xFCE2,0xFEA4,0xFF66,0xFA28,0xFBEA,0xF9AC,0xF86E); - &data_short(0xF330,0xF2F2,0xF0B4,0xF176,0xF438,0xF5FA,0xF7BC,0xF67E); - &data_short(0xD940,0xD882,0xDAC4,0xDB06,0xDE48,0xDF8A,0xDDCC,0xDC0E); - &data_short(0xD750,0xD692,0xD4D4,0xD516,0xD058,0xD19A,0xD3DC,0xD21E); - &data_short(0xC560,0xC4A2,0xC6E4,0xC726,0xC268,0xC3AA,0xC1EC,0xC02E); - &data_short(0xCB70,0xCAB2,0xC8F4,0xC936,0xCC78,0xCDBA,0xCFFC,0xCE3E); - &data_short(0x9180,0x9042,0x9204,0x93C6,0x9688,0x974A,0x950C,0x94CE); - &data_short(0x9F90,0x9E52,0x9C14,0x9DD6,0x9898,0x995A,0x9B1C,0x9ADE); - &data_short(0x8DA0,0x8C62,0x8E24,0x8FE6,0x8AA8,0x8B6A,0x892C,0x88EE); - &data_short(0x83B0,0x8272,0x8034,0x81F6,0x84B8,0x857A,0x873C,0x86FE); - &data_short(0xA9C0,0xA802,0xAA44,0xAB86,0xAEC8,0xAF0A,0xAD4C,0xAC8E); - &data_short(0xA7D0,0xA612,0xA454,0xA596,0xA0D8,0xA11A,0xA35C,0xA29E); - &data_short(0xB5E0,0xB422,0xB664,0xB7A6,0xB2E8,0xB32A,0xB16C,0xB0AE); - &data_short(0xBBF0,0xBA32,0xB874,0xB9B6,0xBCF8,0xBD3A,0xBF7C,0xBEBE); - &previous(); -}}} # !$x86only - -&asm_finish(); - -# A question was risen about choice of vanilla MMX. Or rather why wasn't -# SSE2 chosen instead? In addition to the fact that MMX runs on legacy -# CPUs such as PIII, "4-bit" MMX version was observed to provide better -# performance than *corresponding* SSE2 one even on contemporary CPUs. -# SSE2 results were provided by Peter-Michael Hager. He maintains SSE2 -# implementation featuring full range of lookup-table sizes, but with -# per-invocation lookup table setup. Latter means that table size is -# chosen depending on how much data is to be hashed in every given call, -# more data - larger table. Best reported result for Core2 is ~4 cycles -# per processed byte out of 64KB block. This number accounts even for -# 64KB table setup overhead. As discussed in gcm128.c we choose to be -# more conservative in respect to lookup table sizes, but how do the -# results compare? Minimalistic "256B" MMX version delivers ~11 cycles -# on same platform. As also discussed in gcm128.c, next in line "8-bit -# Shoup's" or "4KB" method should deliver twice the performance of -# "256B" one, in other words not worse than ~6 cycles per byte. It -# should be also be noted that in SSE2 case improvement can be "super- -# linear," i.e. more than twice, mostly because >>8 maps to single -# instruction on SSE2 register. This is unlike "4-bit" case when >>4 -# maps to same amount of instructions in both MMX and SSE2 cases. -# Bottom line is that switch to SSE2 is considered to be justifiable -# only in case we choose to implement "8-bit" method... diff --git a/src/lib/libcrypto/modes/asm/ghash-x86_64.pl b/src/lib/libcrypto/modes/asm/ghash-x86_64.pl deleted file mode 100644 index bf547a041b..0000000000 --- a/src/lib/libcrypto/modes/asm/ghash-x86_64.pl +++ /dev/null @@ -1,812 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== -# -# March, June 2010 -# -# The module implements "4-bit" GCM GHASH function and underlying -# single multiplication operation in GF(2^128). "4-bit" means that -# it uses 256 bytes per-key table [+128 bytes shared table]. GHASH -# function features so called "528B" variant utilizing additional -# 256+16 bytes of per-key storage [+512 bytes shared table]. -# Performance results are for this streamed GHASH subroutine and are -# expressed in cycles per processed byte, less is better: -# -# gcc 3.4.x(*) assembler -# -# P4 28.6 14.0 +100% -# Opteron 19.3 7.7 +150% -# Core2 17.8 8.1(**) +120% -# -# (*) comparison is not completely fair, because C results are -# for vanilla "256B" implementation, while assembler results -# are for "528B";-) -# (**) it's mystery [to me] why Core2 result is not same as for -# Opteron; - -# May 2010 -# -# Add PCLMULQDQ version performing at 2.02 cycles per processed byte. -# See ghash-x86.pl for background information and details about coding -# techniques. -# -# Special thanks to David Woodhouse for -# providing access to a Westmere-based system on behalf of Intel -# Open Source Technology Centre. - -$flavour = shift; -$output = shift; -if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } - -$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/); - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or -( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or -die "can't locate x86_64-xlate.pl"; - -open OUT,"| \"$^X\" $xlate $flavour $output"; -*STDOUT=*OUT; - -# common register layout -$nlo="%rax"; -$nhi="%rbx"; -$Zlo="%r8"; -$Zhi="%r9"; -$tmp="%r10"; -$rem_4bit = "%r11"; - -$Xi="%rdi"; -$Htbl="%rsi"; - -# per-function register layout -$cnt="%rcx"; -$rem="%rdx"; - -sub LB() { my $r=shift; $r =~ s/%[er]([a-d])x/%\1l/ or - $r =~ s/%[er]([sd]i)/%\1l/ or - $r =~ s/%[er](bp)/%\1l/ or - $r =~ s/%(r[0-9]+)[d]?/%\1b/; $r; } - -sub AUTOLOAD() # thunk [simplified] 32-bit style perlasm -{ my $opcode = $AUTOLOAD; $opcode =~ s/.*:://; - my $arg = pop; - $arg = "\$$arg" if ($arg*1 eq $arg); - $code .= "\t$opcode\t".join(',',$arg,reverse @_)."\n"; -} - -{ my $N; - sub loop() { - my $inp = shift; - - $N++; -$code.=<<___; - xor $nlo,$nlo - xor $nhi,$nhi - mov `&LB("$Zlo")`,`&LB("$nlo")` - mov `&LB("$Zlo")`,`&LB("$nhi")` - shl \$4,`&LB("$nlo")` - mov \$14,$cnt - mov 8($Htbl,$nlo),$Zlo - mov ($Htbl,$nlo),$Zhi - and \$0xf0,`&LB("$nhi")` - mov $Zlo,$rem - jmp .Loop$N - -.align 16 -.Loop$N: - shr \$4,$Zlo - and \$0xf,$rem - mov $Zhi,$tmp - mov ($inp,$cnt),`&LB("$nlo")` - shr \$4,$Zhi - xor 8($Htbl,$nhi),$Zlo - shl \$60,$tmp - xor ($Htbl,$nhi),$Zhi - mov `&LB("$nlo")`,`&LB("$nhi")` - xor ($rem_4bit,$rem,8),$Zhi - mov $Zlo,$rem - shl \$4,`&LB("$nlo")` - xor $tmp,$Zlo - dec $cnt - js .Lbreak$N - - shr \$4,$Zlo - and \$0xf,$rem - mov $Zhi,$tmp - shr \$4,$Zhi - xor 8($Htbl,$nlo),$Zlo - shl \$60,$tmp - xor ($Htbl,$nlo),$Zhi - and \$0xf0,`&LB("$nhi")` - xor ($rem_4bit,$rem,8),$Zhi - mov $Zlo,$rem - xor $tmp,$Zlo - jmp .Loop$N - -.align 16 -.Lbreak$N: - shr \$4,$Zlo - and \$0xf,$rem - mov $Zhi,$tmp - shr \$4,$Zhi - xor 8($Htbl,$nlo),$Zlo - shl \$60,$tmp - xor ($Htbl,$nlo),$Zhi - and \$0xf0,`&LB("$nhi")` - xor ($rem_4bit,$rem,8),$Zhi - mov $Zlo,$rem - xor $tmp,$Zlo - - shr \$4,$Zlo - and \$0xf,$rem - mov $Zhi,$tmp - shr \$4,$Zhi - xor 8($Htbl,$nhi),$Zlo - shl \$60,$tmp - xor ($Htbl,$nhi),$Zhi - xor $tmp,$Zlo - xor ($rem_4bit,$rem,8),$Zhi - - bswap $Zlo - bswap $Zhi -___ -}} - -$code=<<___; -.text - -.globl gcm_gmult_4bit -.type gcm_gmult_4bit,\@function,2 -.align 16 -gcm_gmult_4bit: - _CET_ENDBR - push %rbx - push %rbp # %rbp and %r12 are pushed exclusively in - push %r12 # order to reuse Win64 exception handler... -.Lgmult_prologue: - - movzb 15($Xi),$Zlo - lea .Lrem_4bit(%rip),$rem_4bit -___ - &loop ($Xi); -$code.=<<___; - mov $Zlo,8($Xi) - mov $Zhi,($Xi) - - mov 16(%rsp),%rbx - lea 24(%rsp),%rsp -.Lgmult_epilogue: - ret -.size gcm_gmult_4bit,.-gcm_gmult_4bit -___ - -# per-function register layout -$inp="%rdx"; -$len="%rcx"; -$rem_8bit=$rem_4bit; - -$code.=<<___; -.globl gcm_ghash_4bit -.type gcm_ghash_4bit,\@function,4 -.align 16 -gcm_ghash_4bit: - _CET_ENDBR - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - sub \$280,%rsp -.Lghash_prologue: - mov $inp,%r14 # reassign couple of args - mov $len,%r15 -___ -{ my $inp="%r14"; - my $dat="%edx"; - my $len="%r15"; - my @nhi=("%ebx","%ecx"); - my @rem=("%r12","%r13"); - my $Hshr4="%rbp"; - - &sub ($Htbl,-128); # size optimization - &lea ($Hshr4,"16+128(%rsp)"); - { my @lo =($nlo,$nhi); - my @hi =($Zlo,$Zhi); - - &xor ($dat,$dat); - for ($i=0,$j=-2;$i<18;$i++,$j++) { - &mov ("$j(%rsp)",&LB($dat)) if ($i>1); - &or ($lo[0],$tmp) if ($i>1); - &mov (&LB($dat),&LB($lo[1])) if ($i>0 && $i<17); - &shr ($lo[1],4) if ($i>0 && $i<17); - &mov ($tmp,$hi[1]) if ($i>0 && $i<17); - &shr ($hi[1],4) if ($i>0 && $i<17); - &mov ("8*$j($Hshr4)",$hi[0]) if ($i>1); - &mov ($hi[0],"16*$i+0-128($Htbl)") if ($i<16); - &shl (&LB($dat),4) if ($i>0 && $i<17); - &mov ("8*$j-128($Hshr4)",$lo[0]) if ($i>1); - &mov ($lo[0],"16*$i+8-128($Htbl)") if ($i<16); - &shl ($tmp,60) if ($i>0 && $i<17); - - push (@lo,shift(@lo)); - push (@hi,shift(@hi)); - } - } - &add ($Htbl,-128); - &mov ($Zlo,"8($Xi)"); - &mov ($Zhi,"0($Xi)"); - &add ($len,$inp); # pointer to the end of data - &lea ($rem_8bit,".Lrem_8bit(%rip)"); - &jmp (".Louter_loop"); - -$code.=".align 16\n.Louter_loop:\n"; - &xor ($Zhi,"($inp)"); - &mov ("%rdx","8($inp)"); - &lea ($inp,"16($inp)"); - &xor ("%rdx",$Zlo); - &mov ("($Xi)",$Zhi); - &mov ("8($Xi)","%rdx"); - &shr ("%rdx",32); - - &xor ($nlo,$nlo); - &rol ($dat,8); - &mov (&LB($nlo),&LB($dat)); - &movz ($nhi[0],&LB($dat)); - &shl (&LB($nlo),4); - &shr ($nhi[0],4); - - for ($j=11,$i=0;$i<15;$i++) { - &rol ($dat,8); - &xor ($Zlo,"8($Htbl,$nlo)") if ($i>0); - &xor ($Zhi,"($Htbl,$nlo)") if ($i>0); - &mov ($Zlo,"8($Htbl,$nlo)") if ($i==0); - &mov ($Zhi,"($Htbl,$nlo)") if ($i==0); - - &mov (&LB($nlo),&LB($dat)); - &xor ($Zlo,$tmp) if ($i>0); - &movzw ($rem[1],"($rem_8bit,$rem[1],2)") if ($i>0); - - &movz ($nhi[1],&LB($dat)); - &shl (&LB($nlo),4); - &movzb ($rem[0],"(%rsp,$nhi[0])"); - - &shr ($nhi[1],4) if ($i<14); - &and ($nhi[1],0xf0) if ($i==14); - &shl ($rem[1],48) if ($i>0); - &xor ($rem[0],$Zlo); - - &mov ($tmp,$Zhi); - &xor ($Zhi,$rem[1]) if ($i>0); - &shr ($Zlo,8); - - &movz ($rem[0],&LB($rem[0])); - &mov ($dat,"$j($Xi)") if (--$j%4==0 && $j>=0); - &shr ($Zhi,8); - - &xor ($Zlo,"-128($Hshr4,$nhi[0],8)"); - &shl ($tmp,56); - &xor ($Zhi,"($Hshr4,$nhi[0],8)"); - - unshift (@nhi,pop(@nhi)); # "rotate" registers - unshift (@rem,pop(@rem)); - } - &movzw ($rem[1],"($rem_8bit,$rem[1],2)"); - &xor ($Zlo,"8($Htbl,$nlo)"); - &xor ($Zhi,"($Htbl,$nlo)"); - - &shl ($rem[1],48); - &xor ($Zlo,$tmp); - - &xor ($Zhi,$rem[1]); - &movz ($rem[0],&LB($Zlo)); - &shr ($Zlo,4); - - &mov ($tmp,$Zhi); - &shl (&LB($rem[0]),4); - &shr ($Zhi,4); - - &xor ($Zlo,"8($Htbl,$nhi[0])"); - &movzw ($rem[0],"($rem_8bit,$rem[0],2)"); - &shl ($tmp,60); - - &xor ($Zhi,"($Htbl,$nhi[0])"); - &xor ($Zlo,$tmp); - &shl ($rem[0],48); - - &bswap ($Zlo); - &xor ($Zhi,$rem[0]); - - &bswap ($Zhi); - &cmp ($inp,$len); - &jb (".Louter_loop"); -} -$code.=<<___; - mov $Zlo,8($Xi) - mov $Zhi,($Xi) - - lea 280(%rsp),%rsi - mov 0(%rsi),%r15 - mov 8(%rsi),%r14 - mov 16(%rsi),%r13 - mov 24(%rsi),%r12 - mov 32(%rsi),%rbp - mov 40(%rsi),%rbx - lea 48(%rsi),%rsp -.Lghash_epilogue: - ret -.size gcm_ghash_4bit,.-gcm_ghash_4bit -___ - -###################################################################### -# PCLMULQDQ version. - -@_4args=$win64? ("%rcx","%rdx","%r8", "%r9") : # Win64 order - ("%rdi","%rsi","%rdx","%rcx"); # Unix order - -($Xi,$Xhi)=("%xmm0","%xmm1"); $Hkey="%xmm2"; -($T1,$T2,$T3)=("%xmm3","%xmm4","%xmm5"); - -sub clmul64x64_T2 { # minimal register pressure -my ($Xhi,$Xi,$Hkey,$modulo)=@_; - -$code.=<<___ if (!defined($modulo)); - movdqa $Xi,$Xhi # - pshufd \$0b01001110,$Xi,$T1 - pshufd \$0b01001110,$Hkey,$T2 - pxor $Xi,$T1 # - pxor $Hkey,$T2 -___ -$code.=<<___; - pclmulqdq \$0x00,$Hkey,$Xi ####### - pclmulqdq \$0x11,$Hkey,$Xhi ####### - pclmulqdq \$0x00,$T2,$T1 ####### - pxor $Xi,$T1 # - pxor $Xhi,$T1 # - - movdqa $T1,$T2 # - psrldq \$8,$T1 - pslldq \$8,$T2 # - pxor $T1,$Xhi - pxor $T2,$Xi # -___ -} - -sub reduction_alg9 { # 17/13 times faster than Intel version -my ($Xhi,$Xi) = @_; - -$code.=<<___; - # 1st phase - movdqa $Xi,$T1 # - psllq \$1,$Xi - pxor $T1,$Xi # - psllq \$5,$Xi # - pxor $T1,$Xi # - psllq \$57,$Xi # - movdqa $Xi,$T2 # - pslldq \$8,$Xi - psrldq \$8,$T2 # - pxor $T1,$Xi - pxor $T2,$Xhi # - - # 2nd phase - movdqa $Xi,$T2 - psrlq \$5,$Xi - pxor $T2,$Xi # - psrlq \$1,$Xi # - pxor $T2,$Xi # - pxor $Xhi,$T2 - psrlq \$1,$Xi # - pxor $T2,$Xi # -___ -} - -{ my ($Htbl,$Xip)=@_4args; - -$code.=<<___; -.globl gcm_init_clmul -.type gcm_init_clmul,\@abi-omnipotent -.align 16 -gcm_init_clmul: - _CET_ENDBR - movdqu ($Xip),$Hkey - pshufd \$0b01001110,$Hkey,$Hkey # dword swap - - # <<1 twist - pshufd \$0b11111111,$Hkey,$T2 # broadcast uppermost dword - movdqa $Hkey,$T1 - psllq \$1,$Hkey - pxor $T3,$T3 # - psrlq \$63,$T1 - pcmpgtd $T2,$T3 # broadcast carry bit - pslldq \$8,$T1 - por $T1,$Hkey # H<<=1 - - # magic reduction - pand .L0x1c2_polynomial(%rip),$T3 - pxor $T3,$Hkey # if(carry) H^=0x1c2_polynomial - - # calculate H^2 - movdqa $Hkey,$Xi -___ - &clmul64x64_T2 ($Xhi,$Xi,$Hkey); - &reduction_alg9 ($Xhi,$Xi); -$code.=<<___; - movdqu $Hkey,($Htbl) # save H - movdqu $Xi,16($Htbl) # save H^2 - ret -.size gcm_init_clmul,.-gcm_init_clmul -___ -} - -{ my ($Xip,$Htbl)=@_4args; - -$code.=<<___; -.globl gcm_gmult_clmul -.type gcm_gmult_clmul,\@abi-omnipotent -.align 16 -gcm_gmult_clmul: - _CET_ENDBR - movdqu ($Xip),$Xi - movdqa .Lbswap_mask(%rip),$T3 - movdqu ($Htbl),$Hkey - pshufb $T3,$Xi -___ - &clmul64x64_T2 ($Xhi,$Xi,$Hkey); - &reduction_alg9 ($Xhi,$Xi); -$code.=<<___; - pshufb $T3,$Xi - movdqu $Xi,($Xip) - ret -.size gcm_gmult_clmul,.-gcm_gmult_clmul -___ -} - -{ my ($Xip,$Htbl,$inp,$len)=@_4args; - my $Xn="%xmm6"; - my $Xhn="%xmm7"; - my $Hkey2="%xmm8"; - my $T1n="%xmm9"; - my $T2n="%xmm10"; - -$code.=<<___; -.globl gcm_ghash_clmul -.type gcm_ghash_clmul,\@abi-omnipotent -.align 16 -gcm_ghash_clmul: - _CET_ENDBR -___ -$code.=<<___ if ($win64); -.LSEH_begin_gcm_ghash_clmul: - # I can't trust assembler to use specific encoding:-( - .byte 0x48,0x83,0xec,0x58 #sub \$0x58,%rsp - .byte 0x0f,0x29,0x34,0x24 #movaps %xmm6,(%rsp) - .byte 0x0f,0x29,0x7c,0x24,0x10 #movdqa %xmm7,0x10(%rsp) - .byte 0x44,0x0f,0x29,0x44,0x24,0x20 #movaps %xmm8,0x20(%rsp) - .byte 0x44,0x0f,0x29,0x4c,0x24,0x30 #movaps %xmm9,0x30(%rsp) - .byte 0x44,0x0f,0x29,0x54,0x24,0x40 #movaps %xmm10,0x40(%rsp) -___ -$code.=<<___; - movdqa .Lbswap_mask(%rip),$T3 - - movdqu ($Xip),$Xi - movdqu ($Htbl),$Hkey - pshufb $T3,$Xi - - sub \$0x10,$len - jz .Lodd_tail - - movdqu 16($Htbl),$Hkey2 - ####### - # Xi+2 =[H*(Ii+1 + Xi+1)] mod P = - # [(H*Ii+1) + (H*Xi+1)] mod P = - # [(H*Ii+1) + H^2*(Ii+Xi)] mod P - # - movdqu ($inp),$T1 # Ii - movdqu 16($inp),$Xn # Ii+1 - pshufb $T3,$T1 - pshufb $T3,$Xn - pxor $T1,$Xi # Ii+Xi -___ - &clmul64x64_T2 ($Xhn,$Xn,$Hkey); # H*Ii+1 -$code.=<<___; - movdqa $Xi,$Xhi # - pshufd \$0b01001110,$Xi,$T1 - pshufd \$0b01001110,$Hkey2,$T2 - pxor $Xi,$T1 # - pxor $Hkey2,$T2 - - lea 32($inp),$inp # i+=2 - sub \$0x20,$len - jbe .Leven_tail - -.Lmod_loop: -___ - &clmul64x64_T2 ($Xhi,$Xi,$Hkey2,1); # H^2*(Ii+Xi) -$code.=<<___; - movdqu ($inp),$T1 # Ii - pxor $Xn,$Xi # (H*Ii+1) + H^2*(Ii+Xi) - pxor $Xhn,$Xhi - - movdqu 16($inp),$Xn # Ii+1 - pshufb $T3,$T1 - pshufb $T3,$Xn - - movdqa $Xn,$Xhn # - pshufd \$0b01001110,$Xn,$T1n - pshufd \$0b01001110,$Hkey,$T2n - pxor $Xn,$T1n # - pxor $Hkey,$T2n - pxor $T1,$Xhi # "Ii+Xi", consume early - - movdqa $Xi,$T1 # 1st phase - psllq \$1,$Xi - pxor $T1,$Xi # - psllq \$5,$Xi # - pxor $T1,$Xi # - pclmulqdq \$0x00,$Hkey,$Xn ####### - psllq \$57,$Xi # - movdqa $Xi,$T2 # - pslldq \$8,$Xi - psrldq \$8,$T2 # - pxor $T1,$Xi - pxor $T2,$Xhi # - - pclmulqdq \$0x11,$Hkey,$Xhn ####### - movdqa $Xi,$T2 # 2nd phase - psrlq \$5,$Xi - pxor $T2,$Xi # - psrlq \$1,$Xi # - pxor $T2,$Xi # - pxor $Xhi,$T2 - psrlq \$1,$Xi # - pxor $T2,$Xi # - - pclmulqdq \$0x00,$T2n,$T1n ####### - movdqa $Xi,$Xhi # - pshufd \$0b01001110,$Xi,$T1 - pshufd \$0b01001110,$Hkey2,$T2 - pxor $Xi,$T1 # - pxor $Hkey2,$T2 - - pxor $Xn,$T1n # - pxor $Xhn,$T1n # - movdqa $T1n,$T2n # - psrldq \$8,$T1n - pslldq \$8,$T2n # - pxor $T1n,$Xhn - pxor $T2n,$Xn # - - lea 32($inp),$inp - sub \$0x20,$len - ja .Lmod_loop - -.Leven_tail: -___ - &clmul64x64_T2 ($Xhi,$Xi,$Hkey2,1); # H^2*(Ii+Xi) -$code.=<<___; - pxor $Xn,$Xi # (H*Ii+1) + H^2*(Ii+Xi) - pxor $Xhn,$Xhi -___ - &reduction_alg9 ($Xhi,$Xi); -$code.=<<___; - test $len,$len - jnz .Ldone - -.Lodd_tail: - movdqu ($inp),$T1 # Ii - pshufb $T3,$T1 - pxor $T1,$Xi # Ii+Xi -___ - &clmul64x64_T2 ($Xhi,$Xi,$Hkey); # H*(Ii+Xi) - &reduction_alg9 ($Xhi,$Xi); -$code.=<<___; -.Ldone: - pshufb $T3,$Xi - movdqu $Xi,($Xip) -___ -$code.=<<___ if ($win64); - movaps (%rsp),%xmm6 - movaps 0x10(%rsp),%xmm7 - movaps 0x20(%rsp),%xmm8 - movaps 0x30(%rsp),%xmm9 - movaps 0x40(%rsp),%xmm10 - add \$0x58,%rsp -___ -$code.=<<___; - ret -.LSEH_end_gcm_ghash_clmul: -.size gcm_ghash_clmul,.-gcm_ghash_clmul -___ -} - -$code.=<<___; -.section .rodata -.align 64 -.Lbswap_mask: - .byte 15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0 -.L0x1c2_polynomial: - .byte 1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xc2 -.align 64 -.type .Lrem_4bit,\@object -.Lrem_4bit: - .long 0,`0x0000<<16`,0,`0x1C20<<16`,0,`0x3840<<16`,0,`0x2460<<16` - .long 0,`0x7080<<16`,0,`0x6CA0<<16`,0,`0x48C0<<16`,0,`0x54E0<<16` - .long 0,`0xE100<<16`,0,`0xFD20<<16`,0,`0xD940<<16`,0,`0xC560<<16` - .long 0,`0x9180<<16`,0,`0x8DA0<<16`,0,`0xA9C0<<16`,0,`0xB5E0<<16` -.type .Lrem_8bit,\@object -.Lrem_8bit: - .value 0x0000,0x01C2,0x0384,0x0246,0x0708,0x06CA,0x048C,0x054E - .value 0x0E10,0x0FD2,0x0D94,0x0C56,0x0918,0x08DA,0x0A9C,0x0B5E - .value 0x1C20,0x1DE2,0x1FA4,0x1E66,0x1B28,0x1AEA,0x18AC,0x196E - .value 0x1230,0x13F2,0x11B4,0x1076,0x1538,0x14FA,0x16BC,0x177E - .value 0x3840,0x3982,0x3BC4,0x3A06,0x3F48,0x3E8A,0x3CCC,0x3D0E - .value 0x3650,0x3792,0x35D4,0x3416,0x3158,0x309A,0x32DC,0x331E - .value 0x2460,0x25A2,0x27E4,0x2626,0x2368,0x22AA,0x20EC,0x212E - .value 0x2A70,0x2BB2,0x29F4,0x2836,0x2D78,0x2CBA,0x2EFC,0x2F3E - .value 0x7080,0x7142,0x7304,0x72C6,0x7788,0x764A,0x740C,0x75CE - .value 0x7E90,0x7F52,0x7D14,0x7CD6,0x7998,0x785A,0x7A1C,0x7BDE - .value 0x6CA0,0x6D62,0x6F24,0x6EE6,0x6BA8,0x6A6A,0x682C,0x69EE - .value 0x62B0,0x6372,0x6134,0x60F6,0x65B8,0x647A,0x663C,0x67FE - .value 0x48C0,0x4902,0x4B44,0x4A86,0x4FC8,0x4E0A,0x4C4C,0x4D8E - .value 0x46D0,0x4712,0x4554,0x4496,0x41D8,0x401A,0x425C,0x439E - .value 0x54E0,0x5522,0x5764,0x56A6,0x53E8,0x522A,0x506C,0x51AE - .value 0x5AF0,0x5B32,0x5974,0x58B6,0x5DF8,0x5C3A,0x5E7C,0x5FBE - .value 0xE100,0xE0C2,0xE284,0xE346,0xE608,0xE7CA,0xE58C,0xE44E - .value 0xEF10,0xEED2,0xEC94,0xED56,0xE818,0xE9DA,0xEB9C,0xEA5E - .value 0xFD20,0xFCE2,0xFEA4,0xFF66,0xFA28,0xFBEA,0xF9AC,0xF86E - .value 0xF330,0xF2F2,0xF0B4,0xF176,0xF438,0xF5FA,0xF7BC,0xF67E - .value 0xD940,0xD882,0xDAC4,0xDB06,0xDE48,0xDF8A,0xDDCC,0xDC0E - .value 0xD750,0xD692,0xD4D4,0xD516,0xD058,0xD19A,0xD3DC,0xD21E - .value 0xC560,0xC4A2,0xC6E4,0xC726,0xC268,0xC3AA,0xC1EC,0xC02E - .value 0xCB70,0xCAB2,0xC8F4,0xC936,0xCC78,0xCDBA,0xCFFC,0xCE3E - .value 0x9180,0x9042,0x9204,0x93C6,0x9688,0x974A,0x950C,0x94CE - .value 0x9F90,0x9E52,0x9C14,0x9DD6,0x9898,0x995A,0x9B1C,0x9ADE - .value 0x8DA0,0x8C62,0x8E24,0x8FE6,0x8AA8,0x8B6A,0x892C,0x88EE - .value 0x83B0,0x8272,0x8034,0x81F6,0x84B8,0x857A,0x873C,0x86FE - .value 0xA9C0,0xA802,0xAA44,0xAB86,0xAEC8,0xAF0A,0xAD4C,0xAC8E - .value 0xA7D0,0xA612,0xA454,0xA596,0xA0D8,0xA11A,0xA35C,0xA29E - .value 0xB5E0,0xB422,0xB664,0xB7A6,0xB2E8,0xB32A,0xB16C,0xB0AE - .value 0xBBF0,0xBA32,0xB874,0xB9B6,0xBCF8,0xBD3A,0xBF7C,0xBEBE -.align 64 -.text -___ - -# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame, -# CONTEXT *context,DISPATCHER_CONTEXT *disp) -if ($win64) { -$rec="%rcx"; -$frame="%rdx"; -$context="%r8"; -$disp="%r9"; - -$code.=<<___; -.extern __imp_RtlVirtualUnwind -.type se_handler,\@abi-omnipotent -.align 16 -se_handler: - _CET_ENDBR - push %rsi - push %rdi - push %rbx - push %rbp - push %r12 - push %r13 - push %r14 - push %r15 - pushfq - sub \$64,%rsp - - mov 120($context),%rax # pull context->Rax - mov 248($context),%rbx # pull context->Rip - - mov 8($disp),%rsi # disp->ImageBase - mov 56($disp),%r11 # disp->HandlerData - - mov 0(%r11),%r10d # HandlerData[0] - lea (%rsi,%r10),%r10 # prologue label - cmp %r10,%rbx # context->RipRsp - - mov 4(%r11),%r10d # HandlerData[1] - lea (%rsi,%r10),%r10 # epilogue label - cmp %r10,%rbx # context->Rip>=epilogue label - jae .Lin_prologue - - lea 24(%rax),%rax # adjust "rsp" - - mov -8(%rax),%rbx - mov -16(%rax),%rbp - mov -24(%rax),%r12 - mov %rbx,144($context) # restore context->Rbx - mov %rbp,160($context) # restore context->Rbp - mov %r12,216($context) # restore context->R12 - -.Lin_prologue: - mov 8(%rax),%rdi - mov 16(%rax),%rsi - mov %rax,152($context) # restore context->Rsp - mov %rsi,168($context) # restore context->Rsi - mov %rdi,176($context) # restore context->Rdi - - mov 40($disp),%rdi # disp->ContextRecord - mov $context,%rsi # context - mov \$`1232/8`,%ecx # sizeof(CONTEXT) - .long 0xa548f3fc # cld; rep movsq - - mov $disp,%rsi - xor %rcx,%rcx # arg1, UNW_FLAG_NHANDLER - mov 8(%rsi),%rdx # arg2, disp->ImageBase - mov 0(%rsi),%r8 # arg3, disp->ControlPc - mov 16(%rsi),%r9 # arg4, disp->FunctionEntry - mov 40(%rsi),%r10 # disp->ContextRecord - lea 56(%rsi),%r11 # &disp->HandlerData - lea 24(%rsi),%r12 # &disp->EstablisherFrame - mov %r10,32(%rsp) # arg5 - mov %r11,40(%rsp) # arg6 - mov %r12,48(%rsp) # arg7 - mov %rcx,56(%rsp) # arg8, (NULL) - call *__imp_RtlVirtualUnwind(%rip) - - mov \$1,%eax # ExceptionContinueSearch - add \$64,%rsp - popfq - pop %r15 - pop %r14 - pop %r13 - pop %r12 - pop %rbp - pop %rbx - pop %rdi - pop %rsi - ret -.size se_handler,.-se_handler - -.section .pdata -.align 4 - .rva .LSEH_begin_gcm_gmult_4bit - .rva .LSEH_end_gcm_gmult_4bit - .rva .LSEH_info_gcm_gmult_4bit - - .rva .LSEH_begin_gcm_ghash_4bit - .rva .LSEH_end_gcm_ghash_4bit - .rva .LSEH_info_gcm_ghash_4bit - - .rva .LSEH_begin_gcm_ghash_clmul - .rva .LSEH_end_gcm_ghash_clmul - .rva .LSEH_info_gcm_ghash_clmul - -.section .xdata -.align 8 -.LSEH_info_gcm_gmult_4bit: - .byte 9,0,0,0 - .rva se_handler - .rva .Lgmult_prologue,.Lgmult_epilogue # HandlerData -.LSEH_info_gcm_ghash_4bit: - .byte 9,0,0,0 - .rva se_handler - .rva .Lghash_prologue,.Lghash_epilogue # HandlerData -.LSEH_info_gcm_ghash_clmul: - .byte 0x01,0x1f,0x0b,0x00 - .byte 0x1f,0xa8,0x04,0x00 #movaps 0x40(rsp),xmm10 - .byte 0x19,0x98,0x03,0x00 #movaps 0x30(rsp),xmm9 - .byte 0x13,0x88,0x02,0x00 #movaps 0x20(rsp),xmm8 - .byte 0x0d,0x78,0x01,0x00 #movaps 0x10(rsp),xmm7 - .byte 0x08,0x68,0x00,0x00 #movaps (rsp),xmm6 - .byte 0x04,0xa2,0x00,0x00 #sub rsp,0x58 -___ -} - -$code =~ s/\`([^\`]*)\`/eval($1)/gem; - -print $code; - -close STDOUT; diff --git a/src/lib/libcrypto/modes/cbc128.c b/src/lib/libcrypto/modes/cbc128.c deleted file mode 100644 index f8ebf79a87..0000000000 --- a/src/lib/libcrypto/modes/cbc128.c +++ /dev/null @@ -1,214 +0,0 @@ -/* $OpenBSD: cbc128.c,v 1.8 2023/07/08 14:56:54 beck Exp $ */ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - */ - -#include -#include "modes_local.h" -#include - -#ifndef MODES_DEBUG -# ifndef NDEBUG -# define NDEBUG -# endif -#endif - -#undef STRICT_ALIGNMENT -#ifdef __STRICT_ALIGNMENT -#define STRICT_ALIGNMENT 1 -#else -#define STRICT_ALIGNMENT 0 -#endif - -void -CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], block128_f block) -{ - size_t n; - const unsigned char *iv = ivec; - -#if !defined(OPENSSL_SMALL_FOOTPRINT) - if (STRICT_ALIGNMENT && - ((size_t)in|(size_t)out|(size_t)ivec) % sizeof(size_t) != 0) { - while (len >= 16) { - for (n = 0; n < 16; ++n) - out[n] = in[n] ^ iv[n]; - (*block)(out, out, key); - iv = out; - len -= 16; - in += 16; - out += 16; - } - } else { - while (len >= 16) { - for (n = 0; n < 16; n += sizeof(size_t)) - *(size_t *)(out + n) = - *(size_t *)(in + n) ^ *(size_t *)(iv + n); - (*block)(out, out, key); - iv = out; - len -= 16; - in += 16; - out += 16; - } - } -#endif - while (len) { - for (n = 0; n < 16 && n < len; ++n) - out[n] = in[n] ^ iv[n]; - for (; n < 16; ++n) - out[n] = iv[n]; - (*block)(out, out, key); - iv = out; - if (len <= 16) - break; - len -= 16; - in += 16; - out += 16; - } - memmove(ivec, iv, 16); -} -LCRYPTO_ALIAS(CRYPTO_cbc128_encrypt); - -void -CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], block128_f block) -{ - size_t n; - union { - size_t t[16/sizeof(size_t)]; - unsigned char c[16]; - } tmp; - -#if !defined(OPENSSL_SMALL_FOOTPRINT) - if (in != out) { - const unsigned char *iv = ivec; - - if (STRICT_ALIGNMENT && - ((size_t)in|(size_t)out|(size_t)ivec) % sizeof(size_t) != - 0) { - while (len >= 16) { - (*block)(in, out, key); - for (n = 0; n < 16; ++n) - out[n] ^= iv[n]; - iv = in; - len -= 16; - in += 16; - out += 16; - } - } else if (16 % sizeof(size_t) == 0) { /* always true */ - while (len >= 16) { - size_t *out_t = (size_t *)out, - *iv_t = (size_t *)iv; - - (*block)(in, out, key); - for (n = 0; n < 16/sizeof(size_t); n++) - out_t[n] ^= iv_t[n]; - iv = in; - len -= 16; - in += 16; - out += 16; - } - } - memmove(ivec, iv, 16); - } else { - if (STRICT_ALIGNMENT && - ((size_t)in|(size_t)out|(size_t)ivec) % sizeof(size_t) != - 0) { - unsigned char c; - while (len >= 16) { - (*block)(in, tmp.c, key); - for (n = 0; n < 16; ++n) { - c = in[n]; - out[n] = tmp.c[n] ^ ivec[n]; - ivec[n] = c; - } - len -= 16; - in += 16; - out += 16; - } - } else if (16 % sizeof(size_t) == 0) { /* always true */ - while (len >= 16) { - size_t c, *out_t = (size_t *)out, - *ivec_t = (size_t *)ivec; - const size_t *in_t = (const size_t *)in; - - (*block)(in, tmp.c, key); - for (n = 0; n < 16/sizeof(size_t); n++) { - c = in_t[n]; - out_t[n] = tmp.t[n] ^ ivec_t[n]; - ivec_t[n] = c; - } - len -= 16; - in += 16; - out += 16; - } - } - } -#endif - while (len) { - unsigned char c; - (*block)(in, tmp.c, key); - for (n = 0; n < 16 && n < len; ++n) { - c = in[n]; - out[n] = tmp.c[n] ^ ivec[n]; - ivec[n] = c; - } - if (len <= 16) { - for (; n < 16; ++n) - ivec[n] = in[n]; - break; - } - len -= 16; - in += 16; - out += 16; - } -} -LCRYPTO_ALIAS(CRYPTO_cbc128_decrypt); diff --git a/src/lib/libcrypto/modes/ccm128.c b/src/lib/libcrypto/modes/ccm128.c deleted file mode 100644 index 68c5cce5da..0000000000 --- a/src/lib/libcrypto/modes/ccm128.c +++ /dev/null @@ -1,498 +0,0 @@ -/* $OpenBSD: ccm128.c,v 1.8 2023/07/08 14:56:54 beck Exp $ */ -/* ==================================================================== - * Copyright (c) 2011 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include "modes_local.h" -#include - -#ifndef MODES_DEBUG -# ifndef NDEBUG -# define NDEBUG -# endif -#endif - -/* First you setup M and L parameters and pass the key schedule. - * This is called once per session setup... */ -void -CRYPTO_ccm128_init(CCM128_CONTEXT *ctx, - unsigned int M, unsigned int L, void *key, block128_f block) -{ - memset(ctx->nonce.c, 0, sizeof(ctx->nonce.c)); - ctx->nonce.c[0] = ((u8)(L - 1) & 7) | (u8)(((M - 2)/2) & 7) << 3; - ctx->blocks = 0; - ctx->block = block; - ctx->key = key; -} -LCRYPTO_ALIAS(CRYPTO_ccm128_init); - -/* !!! Following interfaces are to be called *once* per packet !!! */ - -/* Then you setup per-message nonce and pass the length of the message */ -int -CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx, - const unsigned char *nonce, size_t nlen, size_t mlen) -{ - unsigned int L = ctx->nonce.c[0] & 7; /* the L parameter */ - - if (nlen < (14 - L)) - return -1; /* nonce is too short */ - - if (sizeof(mlen) == 8 && L >= 3) { - ctx->nonce.c[8] = (u8)(mlen >> (56 % (sizeof(mlen)*8))); - ctx->nonce.c[9] = (u8)(mlen >> (48 % (sizeof(mlen)*8))); - ctx->nonce.c[10] = (u8)(mlen >> (40 % (sizeof(mlen)*8))); - ctx->nonce.c[11] = (u8)(mlen >> (32 % (sizeof(mlen)*8))); - } else - ctx->nonce.u[1] = 0; - - ctx->nonce.c[12] = (u8)(mlen >> 24); - ctx->nonce.c[13] = (u8)(mlen >> 16); - ctx->nonce.c[14] = (u8)(mlen >> 8); - ctx->nonce.c[15] = (u8)mlen; - - ctx->nonce.c[0] &= ~0x40; /* clear Adata flag */ - memcpy(&ctx->nonce.c[1], nonce, 14 - L); - - return 0; -} -LCRYPTO_ALIAS(CRYPTO_ccm128_setiv); - -/* Then you pass additional authentication data, this is optional */ -void -CRYPTO_ccm128_aad(CCM128_CONTEXT *ctx, - const unsigned char *aad, size_t alen) -{ - unsigned int i; - block128_f block = ctx->block; - - if (alen == 0) - return; - - ctx->nonce.c[0] |= 0x40; /* set Adata flag */ - (*block)(ctx->nonce.c, ctx->cmac.c, ctx->key), - ctx->blocks++; - - if (alen < (0x10000 - 0x100)) { - ctx->cmac.c[0] ^= (u8)(alen >> 8); - ctx->cmac.c[1] ^= (u8)alen; - i = 2; - } else if (sizeof(alen) == 8 && - alen >= (size_t)1 << (32 % (sizeof(alen)*8))) { - ctx->cmac.c[0] ^= 0xFF; - ctx->cmac.c[1] ^= 0xFF; - ctx->cmac.c[2] ^= (u8)(alen >> (56 % (sizeof(alen)*8))); - ctx->cmac.c[3] ^= (u8)(alen >> (48 % (sizeof(alen)*8))); - ctx->cmac.c[4] ^= (u8)(alen >> (40 % (sizeof(alen)*8))); - ctx->cmac.c[5] ^= (u8)(alen >> (32 % (sizeof(alen)*8))); - ctx->cmac.c[6] ^= (u8)(alen >> 24); - ctx->cmac.c[7] ^= (u8)(alen >> 16); - ctx->cmac.c[8] ^= (u8)(alen >> 8); - ctx->cmac.c[9] ^= (u8)alen; - i = 10; - } else { - ctx->cmac.c[0] ^= 0xFF; - ctx->cmac.c[1] ^= 0xFE; - ctx->cmac.c[2] ^= (u8)(alen >> 24); - ctx->cmac.c[3] ^= (u8)(alen >> 16); - ctx->cmac.c[4] ^= (u8)(alen >> 8); - ctx->cmac.c[5] ^= (u8)alen; - i = 6; - } - - do { - for (; i < 16 && alen; ++i, ++aad, --alen) - ctx->cmac.c[i] ^= *aad; - (*block)(ctx->cmac.c, ctx->cmac.c, ctx->key), - ctx->blocks++; - i = 0; - } while (alen); -} -LCRYPTO_ALIAS(CRYPTO_ccm128_aad); - -/* Finally you encrypt or decrypt the message */ - -/* counter part of nonce may not be larger than L*8 bits, - * L is not larger than 8, therefore 64-bit counter... */ -static void -ctr64_inc(unsigned char *counter) -{ - unsigned int n = 8; - u8 c; - - counter += 8; - do { - --n; - c = counter[n]; - ++c; - counter[n] = c; - if (c) - return; - } while (n); -} - -int -CRYPTO_ccm128_encrypt(CCM128_CONTEXT *ctx, - const unsigned char *inp, unsigned char *out, - size_t len) -{ - size_t n; - unsigned int i, L; - unsigned char flags0 = ctx->nonce.c[0]; - block128_f block = ctx->block; - void *key = ctx->key; - union { - u64 u[2]; - u8 c[16]; - } scratch; - - if (!(flags0 & 0x40)) - (*block)(ctx->nonce.c, ctx->cmac.c, key), - ctx->blocks++; - - ctx->nonce.c[0] = L = flags0 & 7; - for (n = 0, i = 15 - L; i < 15; ++i) { - n |= ctx->nonce.c[i]; - ctx->nonce.c[i] = 0; - n <<= 8; - } - n |= ctx->nonce.c[15]; /* reconstructed length */ - ctx->nonce.c[15] = 1; - - if (n != len) - return -1; /* length mismatch */ - - ctx->blocks += ((len + 15) >> 3)|1; - if (ctx->blocks > (U64(1) << 61)) - return -2; /* too much data */ - - while (len >= 16) { -#ifdef __STRICT_ALIGNMENT - union { - u64 u[2]; - u8 c[16]; - } temp; - - memcpy(temp.c, inp, 16); - ctx->cmac.u[0] ^= temp.u[0]; - ctx->cmac.u[1] ^= temp.u[1]; -#else - ctx->cmac.u[0] ^= ((u64 *)inp)[0]; - ctx->cmac.u[1] ^= ((u64 *)inp)[1]; -#endif - (*block)(ctx->cmac.c, ctx->cmac.c, key); - (*block)(ctx->nonce.c, scratch.c, key); - ctr64_inc(ctx->nonce.c); -#ifdef __STRICT_ALIGNMENT - temp.u[0] ^= scratch.u[0]; - temp.u[1] ^= scratch.u[1]; - memcpy(out, temp.c, 16); -#else - ((u64 *)out)[0] = scratch.u[0] ^ ((u64 *)inp)[0]; - ((u64 *)out)[1] = scratch.u[1] ^ ((u64 *)inp)[1]; -#endif - inp += 16; - out += 16; - len -= 16; - } - - if (len) { - for (i = 0; i < len; ++i) - ctx->cmac.c[i] ^= inp[i]; - (*block)(ctx->cmac.c, ctx->cmac.c, key); - (*block)(ctx->nonce.c, scratch.c, key); - for (i = 0; i < len; ++i) - out[i] = scratch.c[i] ^ inp[i]; - } - - for (i = 15 - L; i < 16; ++i) - ctx->nonce.c[i] = 0; - - (*block)(ctx->nonce.c, scratch.c, key); - ctx->cmac.u[0] ^= scratch.u[0]; - ctx->cmac.u[1] ^= scratch.u[1]; - - ctx->nonce.c[0] = flags0; - - return 0; -} -LCRYPTO_ALIAS(CRYPTO_ccm128_encrypt); - -int -CRYPTO_ccm128_decrypt(CCM128_CONTEXT *ctx, - const unsigned char *inp, unsigned char *out, - size_t len) -{ - size_t n; - unsigned int i, L; - unsigned char flags0 = ctx->nonce.c[0]; - block128_f block = ctx->block; - void *key = ctx->key; - union { - u64 u[2]; - u8 c[16]; - } scratch; - - if (!(flags0 & 0x40)) - (*block)(ctx->nonce.c, ctx->cmac.c, key); - - ctx->nonce.c[0] = L = flags0 & 7; - for (n = 0, i = 15 - L; i < 15; ++i) { - n |= ctx->nonce.c[i]; - ctx->nonce.c[i] = 0; - n <<= 8; - } - n |= ctx->nonce.c[15]; /* reconstructed length */ - ctx->nonce.c[15] = 1; - - if (n != len) - return -1; - - while (len >= 16) { -#ifdef __STRICT_ALIGNMENT - union { - u64 u[2]; - u8 c[16]; - } temp; -#endif - (*block)(ctx->nonce.c, scratch.c, key); - ctr64_inc(ctx->nonce.c); -#ifdef __STRICT_ALIGNMENT - memcpy(temp.c, inp, 16); - ctx->cmac.u[0] ^= (scratch.u[0] ^= temp.u[0]); - ctx->cmac.u[1] ^= (scratch.u[1] ^= temp.u[1]); - memcpy(out, scratch.c, 16); -#else - ctx->cmac.u[0] ^= (((u64 *)out)[0] = scratch.u[0] ^ - ((u64 *)inp)[0]); - ctx->cmac.u[1] ^= (((u64 *)out)[1] = scratch.u[1] ^ - ((u64 *)inp)[1]); -#endif - (*block)(ctx->cmac.c, ctx->cmac.c, key); - - inp += 16; - out += 16; - len -= 16; - } - - if (len) { - (*block)(ctx->nonce.c, scratch.c, key); - for (i = 0; i < len; ++i) - ctx->cmac.c[i] ^= (out[i] = scratch.c[i] ^ inp[i]); - (*block)(ctx->cmac.c, ctx->cmac.c, key); - } - - for (i = 15 - L; i < 16; ++i) - ctx->nonce.c[i] = 0; - - (*block)(ctx->nonce.c, scratch.c, key); - ctx->cmac.u[0] ^= scratch.u[0]; - ctx->cmac.u[1] ^= scratch.u[1]; - - ctx->nonce.c[0] = flags0; - - return 0; -} -LCRYPTO_ALIAS(CRYPTO_ccm128_decrypt); - -static void -ctr64_add(unsigned char *counter, size_t inc) -{ - size_t n = 8, val = 0; - - counter += 8; - do { - --n; - val += counter[n] + (inc & 0xff); - counter[n] = (unsigned char)val; - val >>= 8; /* carry bit */ - inc >>= 8; - } while (n && (inc || val)); -} - -int -CRYPTO_ccm128_encrypt_ccm64(CCM128_CONTEXT *ctx, - const unsigned char *inp, unsigned char *out, - size_t len, ccm128_f stream) -{ - size_t n; - unsigned int i, L; - unsigned char flags0 = ctx->nonce.c[0]; - block128_f block = ctx->block; - void *key = ctx->key; - union { - u64 u[2]; - u8 c[16]; - } scratch; - - if (!(flags0 & 0x40)) - (*block)(ctx->nonce.c, ctx->cmac.c, key), - ctx->blocks++; - - ctx->nonce.c[0] = L = flags0 & 7; - for (n = 0, i = 15 - L; i < 15; ++i) { - n |= ctx->nonce.c[i]; - ctx->nonce.c[i] = 0; - n <<= 8; - } - n |= ctx->nonce.c[15]; /* reconstructed length */ - ctx->nonce.c[15] = 1; - - if (n != len) - return -1; /* length mismatch */ - - ctx->blocks += ((len + 15) >> 3)|1; - if (ctx->blocks > (U64(1) << 61)) - return -2; /* too much data */ - - if ((n = len/16)) { - (*stream)(inp, out, n, key, ctx->nonce.c, ctx->cmac.c); - n *= 16; - inp += n; - out += n; - len -= n; - if (len) - ctr64_add(ctx->nonce.c, n/16); - } - - if (len) { - for (i = 0; i < len; ++i) - ctx->cmac.c[i] ^= inp[i]; - (*block)(ctx->cmac.c, ctx->cmac.c, key); - (*block)(ctx->nonce.c, scratch.c, key); - for (i = 0; i < len; ++i) - out[i] = scratch.c[i] ^ inp[i]; - } - - for (i = 15 - L; i < 16; ++i) - ctx->nonce.c[i] = 0; - - (*block)(ctx->nonce.c, scratch.c, key); - ctx->cmac.u[0] ^= scratch.u[0]; - ctx->cmac.u[1] ^= scratch.u[1]; - - ctx->nonce.c[0] = flags0; - - return 0; -} -LCRYPTO_ALIAS(CRYPTO_ccm128_encrypt_ccm64); - -int -CRYPTO_ccm128_decrypt_ccm64(CCM128_CONTEXT *ctx, - const unsigned char *inp, unsigned char *out, - size_t len, ccm128_f stream) -{ - size_t n; - unsigned int i, L; - unsigned char flags0 = ctx->nonce.c[0]; - block128_f block = ctx->block; - void *key = ctx->key; - union { - u64 u[2]; - u8 c[16]; - } scratch; - - if (!(flags0 & 0x40)) - (*block)(ctx->nonce.c, ctx->cmac.c, key); - - ctx->nonce.c[0] = L = flags0 & 7; - for (n = 0, i = 15 - L; i < 15; ++i) { - n |= ctx->nonce.c[i]; - ctx->nonce.c[i] = 0; - n <<= 8; - } - n |= ctx->nonce.c[15]; /* reconstructed length */ - ctx->nonce.c[15] = 1; - - if (n != len) - return -1; - - if ((n = len/16)) { - (*stream)(inp, out, n, key, ctx->nonce.c, ctx->cmac.c); - n *= 16; - inp += n; - out += n; - len -= n; - if (len) - ctr64_add(ctx->nonce.c, n/16); - } - - if (len) { - (*block)(ctx->nonce.c, scratch.c, key); - for (i = 0; i < len; ++i) - ctx->cmac.c[i] ^= (out[i] = scratch.c[i] ^ inp[i]); - (*block)(ctx->cmac.c, ctx->cmac.c, key); - } - - for (i = 15 - L; i < 16; ++i) - ctx->nonce.c[i] = 0; - - (*block)(ctx->nonce.c, scratch.c, key); - ctx->cmac.u[0] ^= scratch.u[0]; - ctx->cmac.u[1] ^= scratch.u[1]; - - ctx->nonce.c[0] = flags0; - - return 0; -} -LCRYPTO_ALIAS(CRYPTO_ccm128_decrypt_ccm64); - -size_t -CRYPTO_ccm128_tag(CCM128_CONTEXT *ctx, unsigned char *tag, size_t len) -{ - unsigned int M = (ctx->nonce.c[0] >> 3) & 7; /* the M parameter */ - - M *= 2; - M += 2; - if (len != M) - return 0; - memcpy(tag, ctx->cmac.c, M); - return M; -} -LCRYPTO_ALIAS(CRYPTO_ccm128_tag); diff --git a/src/lib/libcrypto/modes/cfb128.c b/src/lib/libcrypto/modes/cfb128.c deleted file mode 100644 index 931353a620..0000000000 --- a/src/lib/libcrypto/modes/cfb128.c +++ /dev/null @@ -1,251 +0,0 @@ -/* $OpenBSD: cfb128.c,v 1.7 2023/07/08 14:56:54 beck Exp $ */ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - */ - -#include -#include "modes_local.h" -#include - -#ifndef MODES_DEBUG -# ifndef NDEBUG -# define NDEBUG -# endif -#endif - -/* The input and output encrypted as though 128bit cfb mode is being - * used. The extra state information to record how much of the - * 128bit block we have used is contained in *num; - */ -void -CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], int *num, - int enc, block128_f block) -{ - unsigned int n; - size_t l = 0; - - n = *num; - - if (enc) { -#if !defined(OPENSSL_SMALL_FOOTPRINT) - if (16 % sizeof(size_t) == 0) - do { /* always true actually */ - while (n && len) { - *(out++) = ivec[n] ^= *(in++); - --len; - n = (n + 1) % 16; - } -#ifdef __STRICT_ALIGNMENT - if (((size_t)in|(size_t)out|(size_t)ivec) % - sizeof(size_t) != 0) - break; -#endif - while (len >= 16) { - (*block)(ivec, ivec, key); - for (; n < 16; n += sizeof(size_t)) { - *(size_t *)(out + n) = - *(size_t *)(ivec + n) ^= *(size_t *)(in + - n); - } - len -= 16; - out += 16; - in += 16; - n = 0; - } - if (len) { - (*block)(ivec, ivec, key); - while (len--) { - out[n] = ivec[n] ^= in[n]; - ++n; - } - } - *num = n; - return; - } while (0); - /* the rest would be commonly eliminated by x86* compiler */ -#endif - while (l < len) { - if (n == 0) { - (*block)(ivec, ivec, key); - } - out[l] = ivec[n] ^= in[l]; - ++l; - n = (n + 1) % 16; - } - *num = n; - } else { -#if !defined(OPENSSL_SMALL_FOOTPRINT) - if (16 % sizeof(size_t) == 0) - do { /* always true actually */ - while (n && len) { - unsigned char c; - *(out++) = ivec[n] ^ (c = *(in++)); - ivec[n] = c; - --len; - n = (n + 1) % 16; - } -#ifdef __STRICT_ALIGNMENT - if (((size_t)in|(size_t)out|(size_t)ivec) % - sizeof(size_t) != 0) - break; -#endif - while (len >= 16) { - (*block)(ivec, ivec, key); - for (; n < 16; n += sizeof(size_t)) { - size_t t = *(size_t *)(in + n); - *(size_t *)(out + n) = *(size_t *)(ivec + - n) ^ t; - *(size_t *)(ivec + n) = t; - } - len -= 16; - out += 16; - in += 16; - n = 0; - } - if (len) { - (*block)(ivec, ivec, key); - while (len--) { - unsigned char c; - out[n] = ivec[n] ^ (c = in[n]); - ivec[n] = c; - ++n; - } - } - *num = n; - return; - } while (0); - /* the rest would be commonly eliminated by x86* compiler */ -#endif - while (l < len) { - unsigned char c; - if (n == 0) { - (*block)(ivec, ivec, key); - } - out[l] = ivec[n] ^ (c = in[l]); - ivec[n] = c; - ++l; - n = (n + 1) % 16; - } - *num = n; - } -} -LCRYPTO_ALIAS(CRYPTO_cfb128_encrypt); - -/* This expects a single block of size nbits for both in and out. Note that - it corrupts any extra bits in the last byte of out */ -static void -cfbr_encrypt_block(const unsigned char *in, unsigned char *out, - int nbits, const void *key, - unsigned char ivec[16], int enc, - block128_f block) -{ - int n, rem, num; - unsigned char ovec[16*2 + 1]; /* +1 because we dererefence (but don't use) one byte off the end */ - - if (nbits <= 0 || nbits > 128) - return; - - /* fill in the first half of the new IV with the current IV */ - memcpy(ovec, ivec, 16); - /* construct the new IV */ - (*block)(ivec, ivec, key); - num = (nbits + 7)/8; - if (enc) /* encrypt the input */ - for (n = 0; n < num; ++n) - out[n] = (ovec[16 + n] = in[n] ^ ivec[n]); - else /* decrypt the input */ - for (n = 0; n < num; ++n) - out[n] = (ovec[16 + n] = in[n]) ^ ivec[n]; - /* shift ovec left... */ - rem = nbits % 8; - num = nbits/8; - if (rem == 0) - memcpy(ivec, ovec + num, 16); - else - for (n = 0; n < 16; ++n) - ivec[n] = ovec[n + num] << rem | - ovec[n + num + 1] >> (8 - rem); - - /* it is not necessary to cleanse ovec, since the IV is not secret */ -} - -/* N.B. This expects the input to be packed, MS bit first */ -void -CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out, - size_t bits, const void *key, - unsigned char ivec[16], int *num, - int enc, block128_f block) -{ - size_t n; - unsigned char c[1], d[1]; - - for (n = 0; n < bits; ++n) - { - c[0] = (in[n/8] & (1 << (7 - n % 8))) ? 0x80 : 0; - cfbr_encrypt_block(c, d, 1, key, ivec, enc, block); - out[n/8] = (out[n/8] & ~(1 << (unsigned int)(7 - n % 8))) | - ((d[0] & 0x80) >> (unsigned int)(n % 8)); - } -} -LCRYPTO_ALIAS(CRYPTO_cfb128_1_encrypt); - -void -CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const void *key, - unsigned char ivec[16], int *num, - int enc, block128_f block) -{ - size_t n; - - for (n = 0; n < length; ++n) - cfbr_encrypt_block(&in[n], &out[n], 8, key, ivec, enc, block); -} -LCRYPTO_ALIAS(CRYPTO_cfb128_8_encrypt); diff --git a/src/lib/libcrypto/modes/ctr128.c b/src/lib/libcrypto/modes/ctr128.c deleted file mode 100644 index 6d507dfc3a..0000000000 --- a/src/lib/libcrypto/modes/ctr128.c +++ /dev/null @@ -1,267 +0,0 @@ -/* $OpenBSD: ctr128.c,v 1.11 2023/07/08 14:56:54 beck Exp $ */ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - */ - -#include -#include "modes_local.h" -#include - -#ifndef MODES_DEBUG -# ifndef NDEBUG -# define NDEBUG -# endif -#endif -#include - -/* NOTE: the IV/counter CTR mode is big-endian. The code itself - * is endian-neutral. */ - -/* increment counter (128-bit int) by 1 */ -static void -ctr128_inc(unsigned char *counter) -{ - u32 n = 16; - u8 c; - - do { - --n; - c = counter[n]; - ++c; - counter[n] = c; - if (c) - return; - } while (n); -} - -#if !defined(OPENSSL_SMALL_FOOTPRINT) -static void -ctr128_inc_aligned(unsigned char *counter) -{ -#if BYTE_ORDER == LITTLE_ENDIAN - ctr128_inc(counter); -#else - size_t *data, c, n; - data = (size_t *)counter; - n = 16 / sizeof(size_t); - do { - --n; - c = data[n]; - ++c; - data[n] = c; - if (c) - return; - } while (n); -#endif -} -#endif - -/* The input encrypted as though 128bit counter mode is being - * used. The extra state information to record how much of the - * 128bit block we have used is contained in *num, and the - * encrypted counter is kept in ecount_buf. Both *num and - * ecount_buf must be initialised with zeros before the first - * call to CRYPTO_ctr128_encrypt(). - * - * This algorithm assumes that the counter is in the x lower bits - * of the IV (ivec), and that the application has full control over - * overflow and the rest of the IV. This implementation takes NO - * responsibility for checking that the counter doesn't overflow - * into the rest of the IV when incremented. - */ -void -CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], unsigned char ecount_buf[16], - unsigned int *num, block128_f block) -{ - unsigned int n; - size_t l = 0; - - assert(*num < 16); - - n = *num; - -#if !defined(OPENSSL_SMALL_FOOTPRINT) - if (16 % sizeof(size_t) == 0) - do { /* always true actually */ - while (n && len) { - *(out++) = *(in++) ^ ecount_buf[n]; - --len; - n = (n + 1) % 16; - } - -#ifdef __STRICT_ALIGNMENT - if (((size_t)in|(size_t)out|(size_t)ivec) % - sizeof(size_t) != 0) - break; -#endif - while (len >= 16) { - (*block)(ivec, ecount_buf, key); - ctr128_inc_aligned(ivec); - for (; n < 16; n += sizeof(size_t)) - *(size_t *)(out + n) = - *(size_t *)(in + n) ^ *(size_t *)(ecount_buf + - n); - len -= 16; - out += 16; - in += 16; - n = 0; - } - if (len) { - (*block)(ivec, ecount_buf, key); - ctr128_inc_aligned(ivec); - while (len--) { - out[n] = in[n] ^ ecount_buf[n]; - ++n; - } - } - *num = n; - return; - } while (0); - /* the rest would be commonly eliminated by x86* compiler */ -#endif - while (l < len) { - if (n == 0) { - (*block)(ivec, ecount_buf, key); - ctr128_inc(ivec); - } - out[l] = in[l] ^ ecount_buf[n]; - ++l; - n = (n + 1) % 16; - } - - *num = n; -} -LCRYPTO_ALIAS(CRYPTO_ctr128_encrypt); - -/* increment upper 96 bits of 128-bit counter by 1 */ -static void -ctr96_inc(unsigned char *counter) -{ - u32 n = 12; - u8 c; - - do { - --n; - c = counter[n]; - ++c; - counter[n] = c; - if (c) - return; - } while (n); -} - -void -CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], unsigned char ecount_buf[16], - unsigned int *num, ctr128_f func) -{ - unsigned int n, ctr32; - - assert(*num < 16); - - n = *num; - - while (n && len) { - *(out++) = *(in++) ^ ecount_buf[n]; - --len; - n = (n + 1) % 16; - } - - ctr32 = GETU32(ivec + 12); - while (len >= 16) { - size_t blocks = len/16; - /* - * 1<<28 is just a not-so-small yet not-so-large number... - * Below condition is practically never met, but it has to - * be checked for code correctness. - */ - if (sizeof(size_t) > sizeof(unsigned int) && - blocks > (1U << 28)) - blocks = (1U << 28); - /* - * As (*func) operates on 32-bit counter, caller - * has to handle overflow. 'if' below detects the - * overflow, which is then handled by limiting the - * amount of blocks to the exact overflow point... - */ - ctr32 += (u32)blocks; - if (ctr32 < blocks) { - blocks -= ctr32; - ctr32 = 0; - } - (*func)(in, out, blocks, key, ivec); - /* (*ctr) does not update ivec, caller does: */ - PUTU32(ivec + 12, ctr32); - /* ... overflow was detected, propagate carry. */ - if (ctr32 == 0) - ctr96_inc(ivec); - blocks *= 16; - len -= blocks; - out += blocks; - in += blocks; - } - if (len) { - memset(ecount_buf, 0, 16); - (*func)(ecount_buf, ecount_buf, 1, key, ivec); - ++ctr32; - PUTU32(ivec + 12, ctr32); - if (ctr32 == 0) - ctr96_inc(ivec); - while (len--) { - out[n] = in[n] ^ ecount_buf[n]; - ++n; - } - } - - *num = n; -} -LCRYPTO_ALIAS(CRYPTO_ctr128_encrypt_ctr32); diff --git a/src/lib/libcrypto/modes/gcm128.c b/src/lib/libcrypto/modes/gcm128.c deleted file mode 100644 index 6c89bd44b7..0000000000 --- a/src/lib/libcrypto/modes/gcm128.c +++ /dev/null @@ -1,1358 +0,0 @@ -/* $OpenBSD: gcm128.c,v 1.27 2024/09/06 09:57:32 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 2010 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#define OPENSSL_FIPSAPI - -#include - -#include - -#include "crypto_internal.h" -#include "modes_local.h" - -#ifndef MODES_DEBUG -# ifndef NDEBUG -# define NDEBUG -# endif -#endif - -#if defined(BSWAP4) && defined(__STRICT_ALIGNMENT) -/* redefine, because alignment is ensured */ -#undef GETU32 -#define GETU32(p) BSWAP4(*(const u32 *)(p)) -#endif - -#define PACK(s) ((size_t)(s)<<(sizeof(size_t)*8-16)) -#define REDUCE1BIT(V) \ - do { \ - if (sizeof(size_t)==8) { \ - u64 T = U64(0xe100000000000000) & (0-(V.lo&1)); \ - V.lo = (V.hi<<63)|(V.lo>>1); \ - V.hi = (V.hi>>1 )^T; \ - } else { \ - u32 T = 0xe1000000U & (0-(u32)(V.lo&1)); \ - V.lo = (V.hi<<63)|(V.lo>>1); \ - V.hi = (V.hi>>1 )^((u64)T<<32); \ - } \ - } while(0) - -/* - * Even though permitted values for TABLE_BITS are 8, 4 and 1, it should - * never be set to 8. 8 is effectively reserved for testing purposes. - * TABLE_BITS>1 are lookup-table-driven implementations referred to as - * "Shoup's" in GCM specification. In other words OpenSSL does not cover - * whole spectrum of possible table driven implementations. Why? In - * non-"Shoup's" case memory access pattern is segmented in such manner, - * that it's trivial to see that cache timing information can reveal - * fair portion of intermediate hash value. Given that ciphertext is - * always available to attacker, it's possible for him to attempt to - * deduce secret parameter H and if successful, tamper with messages - * [which is nothing but trivial in CTR mode]. In "Shoup's" case it's - * not as trivial, but there is no reason to believe that it's resistant - * to cache-timing attack. And the thing about "8-bit" implementation is - * that it consumes 16 (sixteen) times more memory, 4KB per individual - * key + 1KB shared. Well, on pros side it should be twice as fast as - * "4-bit" version. And for gcc-generated x86[_64] code, "8-bit" version - * was observed to run ~75% faster, closer to 100% for commercial - * compilers... Yet "4-bit" procedure is preferred, because it's - * believed to provide better security-performance balance and adequate - * all-round performance. "All-round" refers to things like: - * - * - shorter setup time effectively improves overall timing for - * handling short messages; - * - larger table allocation can become unbearable because of VM - * subsystem penalties (for example on Windows large enough free - * results in VM working set trimming, meaning that consequent - * malloc would immediately incur working set expansion); - * - larger table has larger cache footprint, which can affect - * performance of other code paths (not necessarily even from same - * thread in Hyper-Threading world); - * - * Value of 1 is not appropriate for performance reasons. - */ -#if TABLE_BITS==8 - -static void -gcm_init_8bit(u128 Htable[256], u64 H[2]) -{ - int i, j; - u128 V; - - Htable[0].hi = 0; - Htable[0].lo = 0; - V.hi = H[0]; - V.lo = H[1]; - - for (Htable[128] = V, i = 64; i > 0; i >>= 1) { - REDUCE1BIT(V); - Htable[i] = V; - } - - for (i = 2; i < 256; i <<= 1) { - u128 *Hi = Htable + i, H0 = *Hi; - for (j = 1; j < i; ++j) { - Hi[j].hi = H0.hi ^ Htable[j].hi; - Hi[j].lo = H0.lo ^ Htable[j].lo; - } - } -} - -static void -gcm_gmult_8bit(u64 Xi[2], const u128 Htable[256]) -{ - u128 Z = { 0, 0}; - const u8 *xi = (const u8 *)Xi + 15; - size_t rem, n = *xi; - static const size_t rem_8bit[256] = { - PACK(0x0000), PACK(0x01C2), PACK(0x0384), PACK(0x0246), - PACK(0x0708), PACK(0x06CA), PACK(0x048C), PACK(0x054E), - PACK(0x0E10), PACK(0x0FD2), PACK(0x0D94), PACK(0x0C56), - PACK(0x0918), PACK(0x08DA), PACK(0x0A9C), PACK(0x0B5E), - PACK(0x1C20), PACK(0x1DE2), PACK(0x1FA4), PACK(0x1E66), - PACK(0x1B28), PACK(0x1AEA), PACK(0x18AC), PACK(0x196E), - PACK(0x1230), PACK(0x13F2), PACK(0x11B4), PACK(0x1076), - PACK(0x1538), PACK(0x14FA), PACK(0x16BC), PACK(0x177E), - PACK(0x3840), PACK(0x3982), PACK(0x3BC4), PACK(0x3A06), - PACK(0x3F48), PACK(0x3E8A), PACK(0x3CCC), PACK(0x3D0E), - PACK(0x3650), PACK(0x3792), PACK(0x35D4), PACK(0x3416), - PACK(0x3158), PACK(0x309A), PACK(0x32DC), PACK(0x331E), - PACK(0x2460), PACK(0x25A2), PACK(0x27E4), PACK(0x2626), - PACK(0x2368), PACK(0x22AA), PACK(0x20EC), PACK(0x212E), - PACK(0x2A70), PACK(0x2BB2), PACK(0x29F4), PACK(0x2836), - PACK(0x2D78), PACK(0x2CBA), PACK(0x2EFC), PACK(0x2F3E), - PACK(0x7080), PACK(0x7142), PACK(0x7304), PACK(0x72C6), - PACK(0x7788), PACK(0x764A), PACK(0x740C), PACK(0x75CE), - PACK(0x7E90), PACK(0x7F52), PACK(0x7D14), PACK(0x7CD6), - PACK(0x7998), PACK(0x785A), PACK(0x7A1C), PACK(0x7BDE), - PACK(0x6CA0), PACK(0x6D62), PACK(0x6F24), PACK(0x6EE6), - PACK(0x6BA8), PACK(0x6A6A), PACK(0x682C), PACK(0x69EE), - PACK(0x62B0), PACK(0x6372), PACK(0x6134), PACK(0x60F6), - PACK(0x65B8), PACK(0x647A), PACK(0x663C), PACK(0x67FE), - PACK(0x48C0), PACK(0x4902), PACK(0x4B44), PACK(0x4A86), - PACK(0x4FC8), PACK(0x4E0A), PACK(0x4C4C), PACK(0x4D8E), - PACK(0x46D0), PACK(0x4712), PACK(0x4554), PACK(0x4496), - PACK(0x41D8), PACK(0x401A), PACK(0x425C), PACK(0x439E), - PACK(0x54E0), PACK(0x5522), PACK(0x5764), PACK(0x56A6), - PACK(0x53E8), PACK(0x522A), PACK(0x506C), PACK(0x51AE), - PACK(0x5AF0), PACK(0x5B32), PACK(0x5974), PACK(0x58B6), - PACK(0x5DF8), PACK(0x5C3A), PACK(0x5E7C), PACK(0x5FBE), - PACK(0xE100), PACK(0xE0C2), PACK(0xE284), PACK(0xE346), - PACK(0xE608), PACK(0xE7CA), PACK(0xE58C), PACK(0xE44E), - PACK(0xEF10), PACK(0xEED2), PACK(0xEC94), PACK(0xED56), - PACK(0xE818), PACK(0xE9DA), PACK(0xEB9C), PACK(0xEA5E), - PACK(0xFD20), PACK(0xFCE2), PACK(0xFEA4), PACK(0xFF66), - PACK(0xFA28), PACK(0xFBEA), PACK(0xF9AC), PACK(0xF86E), - PACK(0xF330), PACK(0xF2F2), PACK(0xF0B4), PACK(0xF176), - PACK(0xF438), PACK(0xF5FA), PACK(0xF7BC), PACK(0xF67E), - PACK(0xD940), PACK(0xD882), PACK(0xDAC4), PACK(0xDB06), - PACK(0xDE48), PACK(0xDF8A), PACK(0xDDCC), PACK(0xDC0E), - PACK(0xD750), PACK(0xD692), PACK(0xD4D4), PACK(0xD516), - PACK(0xD058), PACK(0xD19A), PACK(0xD3DC), PACK(0xD21E), - PACK(0xC560), PACK(0xC4A2), PACK(0xC6E4), PACK(0xC726), - PACK(0xC268), PACK(0xC3AA), PACK(0xC1EC), PACK(0xC02E), - PACK(0xCB70), PACK(0xCAB2), PACK(0xC8F4), PACK(0xC936), - PACK(0xCC78), PACK(0xCDBA), PACK(0xCFFC), PACK(0xCE3E), - PACK(0x9180), PACK(0x9042), PACK(0x9204), PACK(0x93C6), - PACK(0x9688), PACK(0x974A), PACK(0x950C), PACK(0x94CE), - PACK(0x9F90), PACK(0x9E52), PACK(0x9C14), PACK(0x9DD6), - PACK(0x9898), PACK(0x995A), PACK(0x9B1C), PACK(0x9ADE), - PACK(0x8DA0), PACK(0x8C62), PACK(0x8E24), PACK(0x8FE6), - PACK(0x8AA8), PACK(0x8B6A), PACK(0x892C), PACK(0x88EE), - PACK(0x83B0), PACK(0x8272), PACK(0x8034), PACK(0x81F6), - PACK(0x84B8), PACK(0x857A), PACK(0x873C), PACK(0x86FE), - PACK(0xA9C0), PACK(0xA802), PACK(0xAA44), PACK(0xAB86), - PACK(0xAEC8), PACK(0xAF0A), PACK(0xAD4C), PACK(0xAC8E), - PACK(0xA7D0), PACK(0xA612), PACK(0xA454), PACK(0xA596), - PACK(0xA0D8), PACK(0xA11A), PACK(0xA35C), PACK(0xA29E), - PACK(0xB5E0), PACK(0xB422), PACK(0xB664), PACK(0xB7A6), - PACK(0xB2E8), PACK(0xB32A), PACK(0xB16C), PACK(0xB0AE), - PACK(0xBBF0), PACK(0xBA32), PACK(0xB874), PACK(0xB9B6), - PACK(0xBCF8), PACK(0xBD3A), PACK(0xBF7C), PACK(0xBEBE) }; - - while (1) { - Z.hi ^= Htable[n].hi; - Z.lo ^= Htable[n].lo; - - if ((u8 *)Xi == xi) - break; - - n = *(--xi); - - rem = (size_t)Z.lo & 0xff; - Z.lo = (Z.hi << 56)|(Z.lo >> 8); - Z.hi = (Z.hi >> 8); -#if SIZE_MAX == 0xffffffffffffffff - Z.hi ^= rem_8bit[rem]; -#else - Z.hi ^= (u64)rem_8bit[rem] << 32; -#endif - } - - Xi[0] = htobe64(Z.hi); - Xi[1] = htobe64(Z.lo); -} -#define GCM_MUL(ctx,Xi) gcm_gmult_8bit(ctx->Xi.u,ctx->Htable) - -#elif TABLE_BITS==4 - -static void -gcm_init_4bit(u128 Htable[16], u64 H[2]) -{ - u128 V; -#if defined(OPENSSL_SMALL_FOOTPRINT) - int i; -#endif - - Htable[0].hi = 0; - Htable[0].lo = 0; - V.hi = H[0]; - V.lo = H[1]; - -#if defined(OPENSSL_SMALL_FOOTPRINT) - for (Htable[8] = V, i = 4; i > 0; i >>= 1) { - REDUCE1BIT(V); - Htable[i] = V; - } - - for (i = 2; i < 16; i <<= 1) { - u128 *Hi = Htable + i; - int j; - for (V = *Hi, j = 1; j < i; ++j) { - Hi[j].hi = V.hi ^ Htable[j].hi; - Hi[j].lo = V.lo ^ Htable[j].lo; - } - } -#else - Htable[8] = V; - REDUCE1BIT(V); - Htable[4] = V; - REDUCE1BIT(V); - Htable[2] = V; - REDUCE1BIT(V); - Htable[1] = V; - Htable[3].hi = V.hi ^ Htable[2].hi, Htable[3].lo = V.lo ^ Htable[2].lo; - V = Htable[4]; - Htable[5].hi = V.hi ^ Htable[1].hi, Htable[5].lo = V.lo ^ Htable[1].lo; - Htable[6].hi = V.hi ^ Htable[2].hi, Htable[6].lo = V.lo ^ Htable[2].lo; - Htable[7].hi = V.hi ^ Htable[3].hi, Htable[7].lo = V.lo ^ Htable[3].lo; - V = Htable[8]; - Htable[9].hi = V.hi ^ Htable[1].hi, Htable[9].lo = V.lo ^ Htable[1].lo; - Htable[10].hi = V.hi ^ Htable[2].hi, - Htable[10].lo = V.lo ^ Htable[2].lo; - Htable[11].hi = V.hi ^ Htable[3].hi, - Htable[11].lo = V.lo ^ Htable[3].lo; - Htable[12].hi = V.hi ^ Htable[4].hi, - Htable[12].lo = V.lo ^ Htable[4].lo; - Htable[13].hi = V.hi ^ Htable[5].hi, - Htable[13].lo = V.lo ^ Htable[5].lo; - Htable[14].hi = V.hi ^ Htable[6].hi, - Htable[14].lo = V.lo ^ Htable[6].lo; - Htable[15].hi = V.hi ^ Htable[7].hi, - Htable[15].lo = V.lo ^ Htable[7].lo; -#endif -#if defined(GHASH_ASM) && (defined(__arm__) || defined(__arm)) - /* - * ARM assembler expects specific dword order in Htable. - */ - { - int j; -#if BYTE_ORDER == LITTLE_ENDIAN - for (j = 0; j < 16; ++j) { - V = Htable[j]; - Htable[j].hi = V.lo; - Htable[j].lo = V.hi; - } -#else /* BIG_ENDIAN */ - for (j = 0; j < 16; ++j) { - V = Htable[j]; - Htable[j].hi = V.lo << 32|V.lo >> 32; - Htable[j].lo = V.hi << 32|V.hi >> 32; - } -#endif - } -#endif -} - -#ifndef GHASH_ASM -static const size_t rem_4bit[16] = { - PACK(0x0000), PACK(0x1C20), PACK(0x3840), PACK(0x2460), - PACK(0x7080), PACK(0x6CA0), PACK(0x48C0), PACK(0x54E0), - PACK(0xE100), PACK(0xFD20), PACK(0xD940), PACK(0xC560), - PACK(0x9180), PACK(0x8DA0), PACK(0xA9C0), PACK(0xB5E0) }; - -static void -gcm_gmult_4bit(u64 Xi[2], const u128 Htable[16]) -{ - u128 Z; - int cnt = 15; - size_t rem, nlo, nhi; - - nlo = ((const u8 *)Xi)[15]; - nhi = nlo >> 4; - nlo &= 0xf; - - Z.hi = Htable[nlo].hi; - Z.lo = Htable[nlo].lo; - - while (1) { - rem = (size_t)Z.lo & 0xf; - Z.lo = (Z.hi << 60)|(Z.lo >> 4); - Z.hi = (Z.hi >> 4); -#if SIZE_MAX == 0xffffffffffffffff - Z.hi ^= rem_4bit[rem]; -#else - Z.hi ^= (u64)rem_4bit[rem] << 32; -#endif - Z.hi ^= Htable[nhi].hi; - Z.lo ^= Htable[nhi].lo; - - if (--cnt < 0) - break; - - nlo = ((const u8 *)Xi)[cnt]; - nhi = nlo >> 4; - nlo &= 0xf; - - rem = (size_t)Z.lo & 0xf; - Z.lo = (Z.hi << 60)|(Z.lo >> 4); - Z.hi = (Z.hi >> 4); -#if SIZE_MAX == 0xffffffffffffffff - Z.hi ^= rem_4bit[rem]; -#else - Z.hi ^= (u64)rem_4bit[rem] << 32; -#endif - Z.hi ^= Htable[nlo].hi; - Z.lo ^= Htable[nlo].lo; - } - - Xi[0] = htobe64(Z.hi); - Xi[1] = htobe64(Z.lo); -} - -#if !defined(OPENSSL_SMALL_FOOTPRINT) -/* - * Streamed gcm_mult_4bit, see CRYPTO_gcm128_[en|de]crypt for - * details... Compiler-generated code doesn't seem to give any - * performance improvement, at least not on x86[_64]. It's here - * mostly as reference and a placeholder for possible future - * non-trivial optimization[s]... - */ -static void -gcm_ghash_4bit(u64 Xi[2], const u128 Htable[16], - const u8 *inp, size_t len) -{ - u128 Z; - int cnt; - size_t rem, nlo, nhi; - -#if 1 - do { - cnt = 15; - nlo = ((const u8 *)Xi)[15]; - nlo ^= inp[15]; - nhi = nlo >> 4; - nlo &= 0xf; - - Z.hi = Htable[nlo].hi; - Z.lo = Htable[nlo].lo; - - while (1) { - rem = (size_t)Z.lo & 0xf; - Z.lo = (Z.hi << 60)|(Z.lo >> 4); - Z.hi = (Z.hi >> 4); -#if SIZE_MAX == 0xffffffffffffffff - Z.hi ^= rem_4bit[rem]; -#else - Z.hi ^= (u64)rem_4bit[rem] << 32; -#endif - Z.hi ^= Htable[nhi].hi; - Z.lo ^= Htable[nhi].lo; - - if (--cnt < 0) - break; - - nlo = ((const u8 *)Xi)[cnt]; - nlo ^= inp[cnt]; - nhi = nlo >> 4; - nlo &= 0xf; - - rem = (size_t)Z.lo & 0xf; - Z.lo = (Z.hi << 60)|(Z.lo >> 4); - Z.hi = (Z.hi >> 4); -#if SIZE_MAX == 0xffffffffffffffff - Z.hi ^= rem_4bit[rem]; -#else - Z.hi ^= (u64)rem_4bit[rem] << 32; -#endif - Z.hi ^= Htable[nlo].hi; - Z.lo ^= Htable[nlo].lo; - } -#else - /* - * Extra 256+16 bytes per-key plus 512 bytes shared tables - * [should] give ~50% improvement... One could have PACK()-ed - * the rem_8bit even here, but the priority is to minimize - * cache footprint... - */ - u128 Hshr4[16]; /* Htable shifted right by 4 bits */ - u8 Hshl4[16]; /* Htable shifted left by 4 bits */ - static const unsigned short rem_8bit[256] = { - 0x0000, 0x01C2, 0x0384, 0x0246, 0x0708, 0x06CA, 0x048C, 0x054E, - 0x0E10, 0x0FD2, 0x0D94, 0x0C56, 0x0918, 0x08DA, 0x0A9C, 0x0B5E, - 0x1C20, 0x1DE2, 0x1FA4, 0x1E66, 0x1B28, 0x1AEA, 0x18AC, 0x196E, - 0x1230, 0x13F2, 0x11B4, 0x1076, 0x1538, 0x14FA, 0x16BC, 0x177E, - 0x3840, 0x3982, 0x3BC4, 0x3A06, 0x3F48, 0x3E8A, 0x3CCC, 0x3D0E, - 0x3650, 0x3792, 0x35D4, 0x3416, 0x3158, 0x309A, 0x32DC, 0x331E, - 0x2460, 0x25A2, 0x27E4, 0x2626, 0x2368, 0x22AA, 0x20EC, 0x212E, - 0x2A70, 0x2BB2, 0x29F4, 0x2836, 0x2D78, 0x2CBA, 0x2EFC, 0x2F3E, - 0x7080, 0x7142, 0x7304, 0x72C6, 0x7788, 0x764A, 0x740C, 0x75CE, - 0x7E90, 0x7F52, 0x7D14, 0x7CD6, 0x7998, 0x785A, 0x7A1C, 0x7BDE, - 0x6CA0, 0x6D62, 0x6F24, 0x6EE6, 0x6BA8, 0x6A6A, 0x682C, 0x69EE, - 0x62B0, 0x6372, 0x6134, 0x60F6, 0x65B8, 0x647A, 0x663C, 0x67FE, - 0x48C0, 0x4902, 0x4B44, 0x4A86, 0x4FC8, 0x4E0A, 0x4C4C, 0x4D8E, - 0x46D0, 0x4712, 0x4554, 0x4496, 0x41D8, 0x401A, 0x425C, 0x439E, - 0x54E0, 0x5522, 0x5764, 0x56A6, 0x53E8, 0x522A, 0x506C, 0x51AE, - 0x5AF0, 0x5B32, 0x5974, 0x58B6, 0x5DF8, 0x5C3A, 0x5E7C, 0x5FBE, - 0xE100, 0xE0C2, 0xE284, 0xE346, 0xE608, 0xE7CA, 0xE58C, 0xE44E, - 0xEF10, 0xEED2, 0xEC94, 0xED56, 0xE818, 0xE9DA, 0xEB9C, 0xEA5E, - 0xFD20, 0xFCE2, 0xFEA4, 0xFF66, 0xFA28, 0xFBEA, 0xF9AC, 0xF86E, - 0xF330, 0xF2F2, 0xF0B4, 0xF176, 0xF438, 0xF5FA, 0xF7BC, 0xF67E, - 0xD940, 0xD882, 0xDAC4, 0xDB06, 0xDE48, 0xDF8A, 0xDDCC, 0xDC0E, - 0xD750, 0xD692, 0xD4D4, 0xD516, 0xD058, 0xD19A, 0xD3DC, 0xD21E, - 0xC560, 0xC4A2, 0xC6E4, 0xC726, 0xC268, 0xC3AA, 0xC1EC, 0xC02E, - 0xCB70, 0xCAB2, 0xC8F4, 0xC936, 0xCC78, 0xCDBA, 0xCFFC, 0xCE3E, - 0x9180, 0x9042, 0x9204, 0x93C6, 0x9688, 0x974A, 0x950C, 0x94CE, - 0x9F90, 0x9E52, 0x9C14, 0x9DD6, 0x9898, 0x995A, 0x9B1C, 0x9ADE, - 0x8DA0, 0x8C62, 0x8E24, 0x8FE6, 0x8AA8, 0x8B6A, 0x892C, 0x88EE, - 0x83B0, 0x8272, 0x8034, 0x81F6, 0x84B8, 0x857A, 0x873C, 0x86FE, - 0xA9C0, 0xA802, 0xAA44, 0xAB86, 0xAEC8, 0xAF0A, 0xAD4C, 0xAC8E, - 0xA7D0, 0xA612, 0xA454, 0xA596, 0xA0D8, 0xA11A, 0xA35C, 0xA29E, - 0xB5E0, 0xB422, 0xB664, 0xB7A6, 0xB2E8, 0xB32A, 0xB16C, 0xB0AE, - 0xBBF0, 0xBA32, 0xB874, 0xB9B6, 0xBCF8, 0xBD3A, 0xBF7C, 0xBEBE }; - /* - * This pre-processing phase slows down procedure by approximately - * same time as it makes each loop spin faster. In other words - * single block performance is approximately same as straightforward - * "4-bit" implementation, and then it goes only faster... - */ - for (cnt = 0; cnt < 16; ++cnt) { - Z.hi = Htable[cnt].hi; - Z.lo = Htable[cnt].lo; - Hshr4[cnt].lo = (Z.hi << 60)|(Z.lo >> 4); - Hshr4[cnt].hi = (Z.hi >> 4); - Hshl4[cnt] = (u8)(Z.lo << 4); - } - - do { - for (Z.lo = 0, Z.hi = 0, cnt = 15; cnt; --cnt) { - nlo = ((const u8 *)Xi)[cnt]; - nlo ^= inp[cnt]; - nhi = nlo >> 4; - nlo &= 0xf; - - Z.hi ^= Htable[nlo].hi; - Z.lo ^= Htable[nlo].lo; - - rem = (size_t)Z.lo & 0xff; - - Z.lo = (Z.hi << 56)|(Z.lo >> 8); - Z.hi = (Z.hi >> 8); - - Z.hi ^= Hshr4[nhi].hi; - Z.lo ^= Hshr4[nhi].lo; - Z.hi ^= (u64)rem_8bit[rem ^ Hshl4[nhi]] << 48; - } - - nlo = ((const u8 *)Xi)[0]; - nlo ^= inp[0]; - nhi = nlo >> 4; - nlo &= 0xf; - - Z.hi ^= Htable[nlo].hi; - Z.lo ^= Htable[nlo].lo; - - rem = (size_t)Z.lo & 0xf; - - Z.lo = (Z.hi << 60)|(Z.lo >> 4); - Z.hi = (Z.hi >> 4); - - Z.hi ^= Htable[nhi].hi; - Z.lo ^= Htable[nhi].lo; - Z.hi ^= ((u64)rem_8bit[rem << 4]) << 48; -#endif - - Xi[0] = htobe64(Z.hi); - Xi[1] = htobe64(Z.lo); - } while (inp += 16, len -= 16); -} -#endif -#else -void gcm_gmult_4bit(u64 Xi[2], const u128 Htable[16]); -void gcm_ghash_4bit(u64 Xi[2], const u128 Htable[16], const u8 *inp, - size_t len); -#endif - -#define GCM_MUL(ctx,Xi) gcm_gmult_4bit(ctx->Xi.u,ctx->Htable) -#if defined(GHASH_ASM) || !defined(OPENSSL_SMALL_FOOTPRINT) -#define GHASH(ctx,in,len) gcm_ghash_4bit((ctx)->Xi.u,(ctx)->Htable,in,len) -/* GHASH_CHUNK is "stride parameter" missioned to mitigate cache - * trashing effect. In other words idea is to hash data while it's - * still in L1 cache after encryption pass... */ -#define GHASH_CHUNK (3*1024) -#endif - -#else /* TABLE_BITS */ - -static void -gcm_gmult_1bit(u64 Xi[2], const u64 H[2]) -{ - u128 V, Z = { 0,0 }; - long X; - int i, j; - const long *xi = (const long *)Xi; - - V.hi = H[0]; /* H is in host byte order, no byte swapping */ - V.lo = H[1]; - - for (j = 0; j < 16/sizeof(long); ++j) { -#if BYTE_ORDER == LITTLE_ENDIAN -#if SIZE_MAX == 0xffffffffffffffff -#ifdef BSWAP8 - X = (long)(BSWAP8(xi[j])); -#else - const u8 *p = (const u8 *)(xi + j); - X = (long)((u64)GETU32(p) << 32|GETU32(p + 4)); -#endif -#else - const u8 *p = (const u8 *)(xi + j); - X = (long)GETU32(p); -#endif -#else /* BIG_ENDIAN */ - X = xi[j]; -#endif - - for (i = 0; i < 8*sizeof(long); ++i, X <<= 1) { - u64 M = (u64)(X >> (8*sizeof(long) - 1)); - Z.hi ^= V.hi & M; - Z.lo ^= V.lo & M; - - REDUCE1BIT(V); - } - } - - Xi[0] = htobe64(Z.hi); - Xi[1] = htobe64(Z.lo); -} -#define GCM_MUL(ctx,Xi) gcm_gmult_1bit(ctx->Xi.u,ctx->H.u) - -#endif - -#if defined(GHASH_ASM) && \ - (defined(__i386) || defined(__i386__) || \ - defined(__x86_64) || defined(__x86_64__) || \ - defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64)) -#include "x86_arch.h" -#endif - -#if TABLE_BITS==4 && defined(GHASH_ASM) -# if (defined(__i386) || defined(__i386__) || \ - defined(__x86_64) || defined(__x86_64__) || \ - defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64)) -# define GHASH_ASM_X86_OR_64 -# define GCM_FUNCREF_4BIT - -void gcm_init_clmul(u128 Htable[16], const u64 Xi[2]); -void gcm_gmult_clmul(u64 Xi[2], const u128 Htable[16]); -void gcm_ghash_clmul(u64 Xi[2], const u128 Htable[16], const u8 *inp, - size_t len); - -# if defined(__i386) || defined(__i386__) || defined(_M_IX86) -# define GHASH_ASM_X86 -void gcm_gmult_4bit_mmx(u64 Xi[2], const u128 Htable[16]); -void gcm_ghash_4bit_mmx(u64 Xi[2], const u128 Htable[16], const u8 *inp, - size_t len); - -void gcm_gmult_4bit_x86(u64 Xi[2], const u128 Htable[16]); -void gcm_ghash_4bit_x86(u64 Xi[2], const u128 Htable[16], const u8 *inp, - size_t len); -# endif -# elif defined(__arm__) || defined(__arm) -# include "arm_arch.h" -# if __ARM_ARCH__>=7 && !defined(__STRICT_ALIGNMENT) -# define GHASH_ASM_ARM -# define GCM_FUNCREF_4BIT -void gcm_gmult_neon(u64 Xi[2], const u128 Htable[16]); -void gcm_ghash_neon(u64 Xi[2], const u128 Htable[16], const u8 *inp, - size_t len); -# endif -# endif -#endif - -#ifdef GCM_FUNCREF_4BIT -# undef GCM_MUL -# define GCM_MUL(ctx,Xi) (*gcm_gmult_p)(ctx->Xi.u,ctx->Htable) -# ifdef GHASH -# undef GHASH -# define GHASH(ctx,in,len) (*gcm_ghash_p)(ctx->Xi.u,ctx->Htable,in,len) -# endif -#endif - -void -CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block) -{ - memset(ctx, 0, sizeof(*ctx)); - ctx->block = block; - ctx->key = key; - - (*block)(ctx->H.c, ctx->H.c, key); - - /* H is stored in host byte order */ - ctx->H.u[0] = be64toh(ctx->H.u[0]); - ctx->H.u[1] = be64toh(ctx->H.u[1]); - -#if TABLE_BITS==8 - gcm_init_8bit(ctx->Htable, ctx->H.u); -#elif TABLE_BITS==4 -# if defined(GHASH_ASM_X86_OR_64) -# if !defined(GHASH_ASM_X86) || defined(OPENSSL_IA32_SSE2) - /* check FXSR and PCLMULQDQ bits */ - if ((crypto_cpu_caps_ia32() & (CPUCAP_MASK_FXSR | CPUCAP_MASK_PCLMUL)) == - (CPUCAP_MASK_FXSR | CPUCAP_MASK_PCLMUL)) { - gcm_init_clmul(ctx->Htable, ctx->H.u); - ctx->gmult = gcm_gmult_clmul; - ctx->ghash = gcm_ghash_clmul; - return; - } -# endif - gcm_init_4bit(ctx->Htable, ctx->H.u); -# if defined(GHASH_ASM_X86) /* x86 only */ -# if defined(OPENSSL_IA32_SSE2) - if (crypto_cpu_caps_ia32() & CPUCAP_MASK_SSE) { /* check SSE bit */ -# else - if (crypto_cpu_caps_ia32() & CPUCAP_MASK_MMX) { /* check MMX bit */ -# endif - ctx->gmult = gcm_gmult_4bit_mmx; - ctx->ghash = gcm_ghash_4bit_mmx; - } else { - ctx->gmult = gcm_gmult_4bit_x86; - ctx->ghash = gcm_ghash_4bit_x86; - } -# else - ctx->gmult = gcm_gmult_4bit; - ctx->ghash = gcm_ghash_4bit; -# endif -# elif defined(GHASH_ASM_ARM) - if (OPENSSL_armcap_P & ARMV7_NEON) { - ctx->gmult = gcm_gmult_neon; - ctx->ghash = gcm_ghash_neon; - } else { - gcm_init_4bit(ctx->Htable, ctx->H.u); - ctx->gmult = gcm_gmult_4bit; - ctx->ghash = gcm_ghash_4bit; - } -# else - gcm_init_4bit(ctx->Htable, ctx->H.u); -# endif -#endif -} -LCRYPTO_ALIAS(CRYPTO_gcm128_init); - -void -CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const unsigned char *iv, size_t len) -{ - unsigned int ctr; -#ifdef GCM_FUNCREF_4BIT - void (*gcm_gmult_p)(u64 Xi[2], const u128 Htable[16]) = ctx->gmult; -#endif - - ctx->Yi.u[0] = 0; - ctx->Yi.u[1] = 0; - ctx->Xi.u[0] = 0; - ctx->Xi.u[1] = 0; - ctx->len.u[0] = 0; /* AAD length */ - ctx->len.u[1] = 0; /* message length */ - ctx->ares = 0; - ctx->mres = 0; - - if (len == 12) { - memcpy(ctx->Yi.c, iv, 12); - ctx->Yi.c[15] = 1; - ctr = 1; - } else { - size_t i; - u64 len0 = len; - - while (len >= 16) { - for (i = 0; i < 16; ++i) - ctx->Yi.c[i] ^= iv[i]; - GCM_MUL(ctx, Yi); - iv += 16; - len -= 16; - } - if (len) { - for (i = 0; i < len; ++i) - ctx->Yi.c[i] ^= iv[i]; - GCM_MUL(ctx, Yi); - } - len0 <<= 3; - ctx->Yi.u[1] ^= htobe64(len0); - - GCM_MUL(ctx, Yi); - - ctr = be32toh(ctx->Yi.d[3]); - } - - (*ctx->block)(ctx->Yi.c, ctx->EK0.c, ctx->key); - ++ctr; - ctx->Yi.d[3] = htobe32(ctr); -} -LCRYPTO_ALIAS(CRYPTO_gcm128_setiv); - -int -CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const unsigned char *aad, size_t len) -{ - size_t i; - unsigned int n; - u64 alen = ctx->len.u[0]; -#ifdef GCM_FUNCREF_4BIT - void (*gcm_gmult_p)(u64 Xi[2], const u128 Htable[16]) = ctx->gmult; -# ifdef GHASH - void (*gcm_ghash_p)(u64 Xi[2], const u128 Htable[16], - const u8 *inp, size_t len) = ctx->ghash; -# endif -#endif - - if (ctx->len.u[1]) - return -2; - - alen += len; - if (alen > (U64(1) << 61) || (sizeof(len) == 8 && alen < len)) - return -1; - ctx->len.u[0] = alen; - - n = ctx->ares; - if (n) { - while (n && len) { - ctx->Xi.c[n] ^= *(aad++); - --len; - n = (n + 1) % 16; - } - if (n == 0) - GCM_MUL(ctx, Xi); - else { - ctx->ares = n; - return 0; - } - } - -#ifdef GHASH - if ((i = (len & (size_t)-16))) { - GHASH(ctx, aad, i); - aad += i; - len -= i; - } -#else - while (len >= 16) { - for (i = 0; i < 16; ++i) - ctx->Xi.c[i] ^= aad[i]; - GCM_MUL(ctx, Xi); - aad += 16; - len -= 16; - } -#endif - if (len) { - n = (unsigned int)len; - for (i = 0; i < len; ++i) - ctx->Xi.c[i] ^= aad[i]; - } - - ctx->ares = n; - return 0; -} -LCRYPTO_ALIAS(CRYPTO_gcm128_aad); - -int -CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, - const unsigned char *in, unsigned char *out, - size_t len) -{ - unsigned int n, ctr; - size_t i; - u64 mlen = ctx->len.u[1]; - block128_f block = ctx->block; - void *key = ctx->key; -#ifdef GCM_FUNCREF_4BIT - void (*gcm_gmult_p)(u64 Xi[2], const u128 Htable[16]) = ctx->gmult; -# ifdef GHASH - void (*gcm_ghash_p)(u64 Xi[2], const u128 Htable[16], - const u8 *inp, size_t len) = ctx->ghash; -# endif -#endif - - mlen += len; - if (mlen > ((U64(1) << 36) - 32) || (sizeof(len) == 8 && mlen < len)) - return -1; - ctx->len.u[1] = mlen; - - if (ctx->ares) { - /* First call to encrypt finalizes GHASH(AAD) */ - GCM_MUL(ctx, Xi); - ctx->ares = 0; - } - - ctr = be32toh(ctx->Yi.d[3]); - - n = ctx->mres; -#if !defined(OPENSSL_SMALL_FOOTPRINT) - if (16 % sizeof(size_t) == 0) - do { /* always true actually */ - if (n) { - while (n && len) { - ctx->Xi.c[n] ^= *(out++) = *(in++) ^ - ctx->EKi.c[n]; - --len; - n = (n + 1) % 16; - } - if (n == 0) - GCM_MUL(ctx, Xi); - else { - ctx->mres = n; - return 0; - } - } -#ifdef __STRICT_ALIGNMENT - if (((size_t)in|(size_t)out) % sizeof(size_t) != 0) - break; -#endif -#if defined(GHASH) && defined(GHASH_CHUNK) - while (len >= GHASH_CHUNK) { - size_t j = GHASH_CHUNK; - - while (j) { - size_t *out_t = (size_t *)out; - const size_t *in_t = (const size_t *)in; - - (*block)(ctx->Yi.c, ctx->EKi.c, key); - ++ctr; - ctx->Yi.d[3] = htobe32(ctr); - - for (i = 0; i < 16/sizeof(size_t); ++i) - out_t[i] = in_t[i] ^ - ctx->EKi.t[i]; - out += 16; - in += 16; - j -= 16; - } - GHASH(ctx, out - GHASH_CHUNK, GHASH_CHUNK); - len -= GHASH_CHUNK; - } - if ((i = (len & (size_t)-16))) { - size_t j = i; - - while (len >= 16) { - size_t *out_t = (size_t *)out; - const size_t *in_t = (const size_t *)in; - - (*block)(ctx->Yi.c, ctx->EKi.c, key); - ++ctr; - ctx->Yi.d[3] = htobe32(ctr); - - for (i = 0; i < 16/sizeof(size_t); ++i) - out_t[i] = in_t[i] ^ - ctx->EKi.t[i]; - out += 16; - in += 16; - len -= 16; - } - GHASH(ctx, out - j, j); - } -#else - while (len >= 16) { - size_t *out_t = (size_t *)out; - const size_t *in_t = (const size_t *)in; - - (*block)(ctx->Yi.c, ctx->EKi.c, key); - ++ctr; - ctx->Yi.d[3] = htobe32(ctr); - - for (i = 0; i < 16/sizeof(size_t); ++i) - ctx->Xi.t[i] ^= - out_t[i] = in_t[i] ^ ctx->EKi.t[i]; - GCM_MUL(ctx, Xi); - out += 16; - in += 16; - len -= 16; - } -#endif - if (len) { - (*block)(ctx->Yi.c, ctx->EKi.c, key); - ++ctr; - ctx->Yi.d[3] = htobe32(ctr); - - while (len--) { - ctx->Xi.c[n] ^= out[n] = in[n] ^ - ctx->EKi.c[n]; - ++n; - } - } - - ctx->mres = n; - return 0; - } while (0); -#endif - for (i = 0; i < len; ++i) { - if (n == 0) { - (*block)(ctx->Yi.c, ctx->EKi.c, key); - ++ctr; - ctx->Yi.d[3] = htobe32(ctr); - } - ctx->Xi.c[n] ^= out[i] = in[i] ^ ctx->EKi.c[n]; - n = (n + 1) % 16; - if (n == 0) - GCM_MUL(ctx, Xi); - } - - ctx->mres = n; - return 0; -} -LCRYPTO_ALIAS(CRYPTO_gcm128_encrypt); - -int -CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, - const unsigned char *in, unsigned char *out, - size_t len) -{ - unsigned int n, ctr; - size_t i; - u64 mlen = ctx->len.u[1]; - block128_f block = ctx->block; - void *key = ctx->key; -#ifdef GCM_FUNCREF_4BIT - void (*gcm_gmult_p)(u64 Xi[2], const u128 Htable[16]) = ctx->gmult; -# ifdef GHASH - void (*gcm_ghash_p)(u64 Xi[2], const u128 Htable[16], - const u8 *inp, size_t len) = ctx->ghash; -# endif -#endif - - mlen += len; - if (mlen > ((U64(1) << 36) - 32) || (sizeof(len) == 8 && mlen < len)) - return -1; - ctx->len.u[1] = mlen; - - if (ctx->ares) { - /* First call to decrypt finalizes GHASH(AAD) */ - GCM_MUL(ctx, Xi); - ctx->ares = 0; - } - - ctr = be32toh(ctx->Yi.d[3]); - - n = ctx->mres; -#if !defined(OPENSSL_SMALL_FOOTPRINT) - if (16 % sizeof(size_t) == 0) - do { /* always true actually */ - if (n) { - while (n && len) { - u8 c = *(in++); - *(out++) = c ^ ctx->EKi.c[n]; - ctx->Xi.c[n] ^= c; - --len; - n = (n + 1) % 16; - } - if (n == 0) - GCM_MUL(ctx, Xi); - else { - ctx->mres = n; - return 0; - } - } -#ifdef __STRICT_ALIGNMENT - if (((size_t)in|(size_t)out) % sizeof(size_t) != 0) - break; -#endif -#if defined(GHASH) && defined(GHASH_CHUNK) - while (len >= GHASH_CHUNK) { - size_t j = GHASH_CHUNK; - - GHASH(ctx, in, GHASH_CHUNK); - while (j) { - size_t *out_t = (size_t *)out; - const size_t *in_t = (const size_t *)in; - - (*block)(ctx->Yi.c, ctx->EKi.c, key); - ++ctr; - ctx->Yi.d[3] = htobe32(ctr); - - for (i = 0; i < 16/sizeof(size_t); ++i) - out_t[i] = in_t[i] ^ - ctx->EKi.t[i]; - out += 16; - in += 16; - j -= 16; - } - len -= GHASH_CHUNK; - } - if ((i = (len & (size_t)-16))) { - GHASH(ctx, in, i); - while (len >= 16) { - size_t *out_t = (size_t *)out; - const size_t *in_t = (const size_t *)in; - - (*block)(ctx->Yi.c, ctx->EKi.c, key); - ++ctr; - ctx->Yi.d[3] = htobe32(ctr); - - for (i = 0; i < 16/sizeof(size_t); ++i) - out_t[i] = in_t[i] ^ - ctx->EKi.t[i]; - out += 16; - in += 16; - len -= 16; - } - } -#else - while (len >= 16) { - size_t *out_t = (size_t *)out; - const size_t *in_t = (const size_t *)in; - - (*block)(ctx->Yi.c, ctx->EKi.c, key); - ++ctr; - ctx->Yi.d[3] = htobe32(ctr); - - for (i = 0; i < 16/sizeof(size_t); ++i) { - size_t c = in[i]; - out[i] = c ^ ctx->EKi.t[i]; - ctx->Xi.t[i] ^= c; - } - GCM_MUL(ctx, Xi); - out += 16; - in += 16; - len -= 16; - } -#endif - if (len) { - (*block)(ctx->Yi.c, ctx->EKi.c, key); - ++ctr; - ctx->Yi.d[3] = htobe32(ctr); - - while (len--) { - u8 c = in[n]; - ctx->Xi.c[n] ^= c; - out[n] = c ^ ctx->EKi.c[n]; - ++n; - } - } - - ctx->mres = n; - return 0; - } while (0); -#endif - for (i = 0; i < len; ++i) { - u8 c; - if (n == 0) { - (*block)(ctx->Yi.c, ctx->EKi.c, key); - ++ctr; - ctx->Yi.d[3] = htobe32(ctr); - } - c = in[i]; - out[i] = c ^ ctx->EKi.c[n]; - ctx->Xi.c[n] ^= c; - n = (n + 1) % 16; - if (n == 0) - GCM_MUL(ctx, Xi); - } - - ctx->mres = n; - return 0; -} -LCRYPTO_ALIAS(CRYPTO_gcm128_decrypt); - -int -CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx, - const unsigned char *in, unsigned char *out, - size_t len, ctr128_f stream) -{ - unsigned int n, ctr; - size_t i; - u64 mlen = ctx->len.u[1]; - void *key = ctx->key; -#ifdef GCM_FUNCREF_4BIT - void (*gcm_gmult_p)(u64 Xi[2], const u128 Htable[16]) = ctx->gmult; -# ifdef GHASH - void (*gcm_ghash_p)(u64 Xi[2], const u128 Htable[16], - const u8 *inp, size_t len) = ctx->ghash; -# endif -#endif - - mlen += len; - if (mlen > ((U64(1) << 36) - 32) || (sizeof(len) == 8 && mlen < len)) - return -1; - ctx->len.u[1] = mlen; - - if (ctx->ares) { - /* First call to encrypt finalizes GHASH(AAD) */ - GCM_MUL(ctx, Xi); - ctx->ares = 0; - } - - ctr = be32toh(ctx->Yi.d[3]); - - n = ctx->mres; - if (n) { - while (n && len) { - ctx->Xi.c[n] ^= *(out++) = *(in++) ^ ctx->EKi.c[n]; - --len; - n = (n + 1) % 16; - } - if (n == 0) - GCM_MUL(ctx, Xi); - else { - ctx->mres = n; - return 0; - } - } -#if defined(GHASH) && !defined(OPENSSL_SMALL_FOOTPRINT) - while (len >= GHASH_CHUNK) { - (*stream)(in, out, GHASH_CHUNK/16, key, ctx->Yi.c); - ctr += GHASH_CHUNK/16; - ctx->Yi.d[3] = htobe32(ctr); - GHASH(ctx, out, GHASH_CHUNK); - out += GHASH_CHUNK; - in += GHASH_CHUNK; - len -= GHASH_CHUNK; - } -#endif - if ((i = (len & (size_t)-16))) { - size_t j = i/16; - - (*stream)(in, out, j, key, ctx->Yi.c); - ctr += (unsigned int)j; - ctx->Yi.d[3] = htobe32(ctr); - in += i; - len -= i; -#if defined(GHASH) - GHASH(ctx, out, i); - out += i; -#else - while (j--) { - for (i = 0; i < 16; ++i) - ctx->Xi.c[i] ^= out[i]; - GCM_MUL(ctx, Xi); - out += 16; - } -#endif - } - if (len) { - (*ctx->block)(ctx->Yi.c, ctx->EKi.c, key); - ++ctr; - ctx->Yi.d[3] = htobe32(ctr); - while (len--) { - ctx->Xi.c[n] ^= out[n] = in[n] ^ ctx->EKi.c[n]; - ++n; - } - } - - ctx->mres = n; - return 0; -} -LCRYPTO_ALIAS(CRYPTO_gcm128_encrypt_ctr32); - -int -CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, - const unsigned char *in, unsigned char *out, - size_t len, ctr128_f stream) -{ - unsigned int n, ctr; - size_t i; - u64 mlen = ctx->len.u[1]; - void *key = ctx->key; -#ifdef GCM_FUNCREF_4BIT - void (*gcm_gmult_p)(u64 Xi[2], const u128 Htable[16]) = ctx->gmult; -# ifdef GHASH - void (*gcm_ghash_p)(u64 Xi[2], const u128 Htable[16], - const u8 *inp, size_t len) = ctx->ghash; -# endif -#endif - - mlen += len; - if (mlen > ((U64(1) << 36) - 32) || (sizeof(len) == 8 && mlen < len)) - return -1; - ctx->len.u[1] = mlen; - - if (ctx->ares) { - /* First call to decrypt finalizes GHASH(AAD) */ - GCM_MUL(ctx, Xi); - ctx->ares = 0; - } - - ctr = be32toh(ctx->Yi.d[3]); - - n = ctx->mres; - if (n) { - while (n && len) { - u8 c = *(in++); - *(out++) = c ^ ctx->EKi.c[n]; - ctx->Xi.c[n] ^= c; - --len; - n = (n + 1) % 16; - } - if (n == 0) - GCM_MUL(ctx, Xi); - else { - ctx->mres = n; - return 0; - } - } -#if defined(GHASH) && !defined(OPENSSL_SMALL_FOOTPRINT) - while (len >= GHASH_CHUNK) { - GHASH(ctx, in, GHASH_CHUNK); - (*stream)(in, out, GHASH_CHUNK/16, key, ctx->Yi.c); - ctr += GHASH_CHUNK/16; - ctx->Yi.d[3] = htobe32(ctr); - out += GHASH_CHUNK; - in += GHASH_CHUNK; - len -= GHASH_CHUNK; - } -#endif - if ((i = (len & (size_t)-16))) { - size_t j = i/16; - -#if defined(GHASH) - GHASH(ctx, in, i); -#else - while (j--) { - size_t k; - for (k = 0; k < 16; ++k) - ctx->Xi.c[k] ^= in[k]; - GCM_MUL(ctx, Xi); - in += 16; - } - j = i/16; - in -= i; -#endif - (*stream)(in, out, j, key, ctx->Yi.c); - ctr += (unsigned int)j; - ctx->Yi.d[3] = htobe32(ctr); - out += i; - in += i; - len -= i; - } - if (len) { - (*ctx->block)(ctx->Yi.c, ctx->EKi.c, key); - ++ctr; - ctx->Yi.d[3] = htobe32(ctr); - while (len--) { - u8 c = in[n]; - ctx->Xi.c[n] ^= c; - out[n] = c ^ ctx->EKi.c[n]; - ++n; - } - } - - ctx->mres = n; - return 0; -} -LCRYPTO_ALIAS(CRYPTO_gcm128_decrypt_ctr32); - -int -CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx, const unsigned char *tag, - size_t len) -{ - u64 alen = ctx->len.u[0] << 3; - u64 clen = ctx->len.u[1] << 3; -#ifdef GCM_FUNCREF_4BIT - void (*gcm_gmult_p)(u64 Xi[2], const u128 Htable[16]) = ctx->gmult; -#endif - - if (ctx->mres || ctx->ares) - GCM_MUL(ctx, Xi); - - ctx->Xi.u[0] ^= htobe64(alen); - ctx->Xi.u[1] ^= htobe64(clen); - GCM_MUL(ctx, Xi); - - ctx->Xi.u[0] ^= ctx->EK0.u[0]; - ctx->Xi.u[1] ^= ctx->EK0.u[1]; - - if (tag && len <= sizeof(ctx->Xi)) - return memcmp(ctx->Xi.c, tag, len); - else - return -1; -} -LCRYPTO_ALIAS(CRYPTO_gcm128_finish); - -void -CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, unsigned char *tag, size_t len) -{ - CRYPTO_gcm128_finish(ctx, NULL, 0); - memcpy(tag, ctx->Xi.c, - len <= sizeof(ctx->Xi.c) ? len : sizeof(ctx->Xi.c)); -} -LCRYPTO_ALIAS(CRYPTO_gcm128_tag); - -GCM128_CONTEXT * -CRYPTO_gcm128_new(void *key, block128_f block) -{ - GCM128_CONTEXT *ret; - - if ((ret = malloc(sizeof(GCM128_CONTEXT)))) - CRYPTO_gcm128_init(ret, key, block); - - return ret; -} -LCRYPTO_ALIAS(CRYPTO_gcm128_new); - -void -CRYPTO_gcm128_release(GCM128_CONTEXT *ctx) -{ - freezero(ctx, sizeof(*ctx)); -} -LCRYPTO_ALIAS(CRYPTO_gcm128_release); diff --git a/src/lib/libcrypto/modes/modes.h b/src/lib/libcrypto/modes/modes.h deleted file mode 100644 index 53fa9afb0d..0000000000 --- a/src/lib/libcrypto/modes/modes.h +++ /dev/null @@ -1,118 +0,0 @@ -/* $OpenBSD: modes.h,v 1.6 2023/07/08 14:55:36 beck Exp $ */ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Rights for redistribution and usage in source and binary - * forms are granted according to the OpenSSL license. - */ - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -typedef void (*block128_f)(const unsigned char in[16], - unsigned char out[16], - const void *key); - -typedef void (*cbc128_f)(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], int enc); - -typedef void (*ctr128_f)(const unsigned char *in, unsigned char *out, - size_t blocks, const void *key, - const unsigned char ivec[16]); - -typedef void (*ccm128_f)(const unsigned char *in, unsigned char *out, - size_t blocks, const void *key, - const unsigned char ivec[16], unsigned char cmac[16]); - -void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], block128_f block); -void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], block128_f block); - -void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], unsigned char ecount_buf[16], - unsigned int *num, block128_f block); - -void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], unsigned char ecount_buf[16], - unsigned int *num, ctr128_f ctr); - -void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], int *num, - block128_f block); - -void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], int *num, - int enc, block128_f block); -void CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out, - size_t length, const void *key, - unsigned char ivec[16], int *num, - int enc, block128_f block); -void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out, - size_t bits, const void *key, - unsigned char ivec[16], int *num, - int enc, block128_f block); - -typedef struct gcm128_context GCM128_CONTEXT; - -GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block); -void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block); -void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const unsigned char *iv, - size_t len); -int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const unsigned char *aad, - size_t len); -int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, - const unsigned char *in, unsigned char *out, - size_t len); -int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, - const unsigned char *in, unsigned char *out, - size_t len); -int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx, - const unsigned char *in, unsigned char *out, - size_t len, ctr128_f stream); -int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, - const unsigned char *in, unsigned char *out, - size_t len, ctr128_f stream); -int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx, const unsigned char *tag, - size_t len); -void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, unsigned char *tag, size_t len); -void CRYPTO_gcm128_release(GCM128_CONTEXT *ctx); - -typedef struct ccm128_context CCM128_CONTEXT; - -void CRYPTO_ccm128_init(CCM128_CONTEXT *ctx, - unsigned int M, unsigned int L, void *key, block128_f block); -int CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx, - const unsigned char *nonce, size_t nlen, size_t mlen); -void CRYPTO_ccm128_aad(CCM128_CONTEXT *ctx, - const unsigned char *aad, size_t alen); -int CRYPTO_ccm128_encrypt(CCM128_CONTEXT *ctx, - const unsigned char *inp, unsigned char *out, size_t len); -int CRYPTO_ccm128_decrypt(CCM128_CONTEXT *ctx, - const unsigned char *inp, unsigned char *out, size_t len); -int CRYPTO_ccm128_encrypt_ccm64(CCM128_CONTEXT *ctx, - const unsigned char *inp, unsigned char *out, size_t len, - ccm128_f stream); -int CRYPTO_ccm128_decrypt_ccm64(CCM128_CONTEXT *ctx, - const unsigned char *inp, unsigned char *out, size_t len, - ccm128_f stream); -size_t CRYPTO_ccm128_tag(CCM128_CONTEXT *ctx, unsigned char *tag, size_t len); - -typedef struct xts128_context XTS128_CONTEXT; - -int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx, const unsigned char iv[16], - const unsigned char *inp, unsigned char *out, size_t len, int enc); - -#ifdef __cplusplus -} -#endif diff --git a/src/lib/libcrypto/modes/modes_local.h b/src/lib/libcrypto/modes/modes_local.h deleted file mode 100644 index 511855f2e0..0000000000 --- a/src/lib/libcrypto/modes/modes_local.h +++ /dev/null @@ -1,121 +0,0 @@ -/* $OpenBSD: modes_local.h,v 1.2 2023/07/08 14:55:36 beck Exp $ */ -/* ==================================================================== - * Copyright (c) 2010 The OpenSSL Project. All rights reserved. - * - * Redistribution and use is governed by OpenSSL license. - * ==================================================================== - */ - -#include - -#include - -#include - -__BEGIN_HIDDEN_DECLS - -#if defined(_LP64) -typedef long i64; -typedef unsigned long u64; -#define U64(C) C##UL -#else -typedef long long i64; -typedef unsigned long long u64; -#define U64(C) C##ULL -#endif - -typedef unsigned int u32; -typedef unsigned char u8; - -#if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) -#if defined(__GNUC__) && __GNUC__>=2 -# if defined(__x86_64) || defined(__x86_64__) -# define BSWAP8(x) ({ u64 ret=(x); \ - asm ("bswapq %0" \ - : "+r"(ret)); ret; }) -# define BSWAP4(x) ({ u32 ret=(x); \ - asm ("bswapl %0" \ - : "+r"(ret)); ret; }) -# elif (defined(__i386) || defined(__i386__)) -# define BSWAP8(x) ({ u32 lo=(u64)(x)>>32,hi=(x); \ - asm ("bswapl %0; bswapl %1" \ - : "+r"(hi),"+r"(lo)); \ - (u64)hi<<32|lo; }) -# define BSWAP4(x) ({ u32 ret=(x); \ - asm ("bswapl %0" \ - : "+r"(ret)); ret; }) -# elif (defined(__arm__) || defined(__arm)) && !defined(__STRICT_ALIGNMENT) -# define BSWAP8(x) ({ u32 lo=(u64)(x)>>32,hi=(x); \ - asm ("rev %0,%0; rev %1,%1" \ - : "+r"(hi),"+r"(lo)); \ - (u64)hi<<32|lo; }) -# define BSWAP4(x) ({ u32 ret; \ - asm ("rev %0,%1" \ - : "=r"(ret) : "r"((u32)(x))); \ - ret; }) -# endif -#endif -#endif - -#if defined(BSWAP4) && !defined(__STRICT_ALIGNMENT) -#define GETU32(p) BSWAP4(*(const u32 *)(p)) -#define PUTU32(p,v) *(u32 *)(p) = BSWAP4(v) -#else -#define GETU32(p) ((u32)(p)[0]<<24|(u32)(p)[1]<<16|(u32)(p)[2]<<8|(u32)(p)[3]) -#define PUTU32(p,v) ((p)[0]=(u8)((v)>>24),(p)[1]=(u8)((v)>>16),(p)[2]=(u8)((v)>>8),(p)[3]=(u8)(v)) -#endif - -/* GCM definitions */ - -typedef struct { - u64 hi, lo; -} u128; - -#ifdef TABLE_BITS -#undef TABLE_BITS -#endif -/* - * Even though permitted values for TABLE_BITS are 8, 4 and 1, it should - * never be set to 8 [or 1]. For further information see gcm128.c. - */ -#define TABLE_BITS 4 - -struct gcm128_context { - /* Following 6 names follow names in GCM specification */ - union { - u64 u[2]; - u32 d[4]; - u8 c[16]; - size_t t[16/sizeof(size_t)]; - } Yi, EKi, EK0, len, Xi, H; - /* Relative position of Xi, H and pre-computed Htable is used - * in some assembler modules, i.e. don't change the order! */ -#if TABLE_BITS==8 - u128 Htable[256]; -#else - u128 Htable[16]; - void (*gmult)(u64 Xi[2], const u128 Htable[16]); - void (*ghash)(u64 Xi[2], const u128 Htable[16], const u8 *inp, - size_t len); -#endif - unsigned int mres, ares; - block128_f block; - void *key; -}; - -struct xts128_context { - void *key1, *key2; - block128_f block1, block2; -}; - -struct ccm128_context { - union { - u64 u[2]; - u8 c[16]; - } nonce, cmac; - u64 blocks; - block128_f block; - void *key; -}; - -__END_HIDDEN_DECLS diff --git a/src/lib/libcrypto/modes/ofb128.c b/src/lib/libcrypto/modes/ofb128.c deleted file mode 100644 index 42afd29d58..0000000000 --- a/src/lib/libcrypto/modes/ofb128.c +++ /dev/null @@ -1,124 +0,0 @@ -/* $OpenBSD: ofb128.c,v 1.7 2023/07/08 14:56:54 beck Exp $ */ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - */ - -#include -#include "modes_local.h" -#include - -#ifndef MODES_DEBUG -# ifndef NDEBUG -# define NDEBUG -# endif -#endif - -/* The input and output encrypted as though 128bit ofb mode is being - * used. The extra state information to record how much of the - * 128bit block we have used is contained in *num; - */ -void -CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], int *num, - block128_f block) -{ - unsigned int n; - size_t l = 0; - - n = *num; - -#if !defined(OPENSSL_SMALL_FOOTPRINT) - if (16 % sizeof(size_t) == 0) - do { /* always true actually */ - while (n && len) { - *(out++) = *(in++) ^ ivec[n]; - --len; - n = (n + 1) % 16; - } -#ifdef __STRICT_ALIGNMENT - if (((size_t)in|(size_t)out|(size_t)ivec) % - sizeof(size_t) != 0) - break; -#endif - while (len >= 16) { - (*block)(ivec, ivec, key); - for (; n < 16; n += sizeof(size_t)) - *(size_t *)(out + n) = - *(size_t *)(in + n) ^ *(size_t *)(ivec + - n); - len -= 16; - out += 16; - in += 16; - n = 0; - } - if (len) { - (*block)(ivec, ivec, key); - while (len--) { - out[n] = in[n] ^ ivec[n]; - ++n; - } - } - *num = n; - return; - } while (0); - /* the rest would be commonly eliminated by x86* compiler */ -#endif - while (l < len) { - if (n == 0) { - (*block)(ivec, ivec, key); - } - out[l] = in[l] ^ ivec[n]; - ++l; - n = (n + 1) % 16; - } - - *num = n; -} -LCRYPTO_ALIAS(CRYPTO_ofb128_encrypt); diff --git a/src/lib/libcrypto/modes/xts128.c b/src/lib/libcrypto/modes/xts128.c deleted file mode 100644 index 7516acf850..0000000000 --- a/src/lib/libcrypto/modes/xts128.c +++ /dev/null @@ -1,197 +0,0 @@ -/* $OpenBSD: xts128.c,v 1.12 2023/07/08 14:56:54 beck Exp $ */ -/* ==================================================================== - * Copyright (c) 2011 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include "modes_local.h" - -#include -#include - -#ifndef MODES_DEBUG -# ifndef NDEBUG -# define NDEBUG -# endif -#endif - -int -CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx, const unsigned char iv[16], - const unsigned char *inp, unsigned char *out, - size_t len, int enc) -{ - union { - u64 u[2]; - u32 d[4]; - u8 c[16]; - } tweak, scratch; - unsigned int i; - - if (len < 16) - return -1; - - memcpy(tweak.c, iv, 16); - - (*ctx->block2)(tweak.c, tweak.c, ctx->key2); - - if (!enc && (len % 16)) - len -= 16; - - while (len >= 16) { -#ifdef __STRICT_ALIGNMENT - memcpy(scratch.c, inp, 16); - scratch.u[0] ^= tweak.u[0]; - scratch.u[1] ^= tweak.u[1]; -#else - scratch.u[0] = ((u64 *)inp)[0] ^ tweak.u[0]; - scratch.u[1] = ((u64 *)inp)[1] ^ tweak.u[1]; -#endif - (*ctx->block1)(scratch.c, scratch.c, ctx->key1); -#ifdef __STRICT_ALIGNMENT - scratch.u[0] ^= tweak.u[0]; - scratch.u[1] ^= tweak.u[1]; - memcpy(out, scratch.c, 16); -#else - ((u64 *)out)[0] = scratch.u[0] ^= tweak.u[0]; - ((u64 *)out)[1] = scratch.u[1] ^= tweak.u[1]; -#endif - inp += 16; - out += 16; - len -= 16; - - if (len == 0) - return 0; - -#if BYTE_ORDER == LITTLE_ENDIAN - unsigned int carry, res; - - res = 0x87 & (((int)tweak.d[3]) >> 31); - carry = (unsigned int)(tweak.u[0] >> 63); - tweak.u[0] = (tweak.u[0] << 1) ^ res; - tweak.u[1] = (tweak.u[1] << 1)|carry; -#else /* BIG_ENDIAN */ - size_t c; - - for (c = 0, i = 0; i < 16; ++i) { - /*+ substitutes for |, because c is 1 bit */ - c += ((size_t)tweak.c[i]) << 1; - tweak.c[i] = (u8)c; - c = c >> 8; - } - tweak.c[0] ^= (u8)(0x87 & (0 - c)); -#endif - } - if (enc) { - for (i = 0; i < len; ++i) { - u8 ch = inp[i]; - out[i] = scratch.c[i]; - scratch.c[i] = ch; - } - scratch.u[0] ^= tweak.u[0]; - scratch.u[1] ^= tweak.u[1]; - (*ctx->block1)(scratch.c, scratch.c, ctx->key1); - scratch.u[0] ^= tweak.u[0]; - scratch.u[1] ^= tweak.u[1]; - memcpy(out - 16, scratch.c, 16); - } else { - union { - u64 u[2]; - u8 c[16]; - } tweak1; - -#if BYTE_ORDER == LITTLE_ENDIAN - unsigned int carry, res; - - res = 0x87 & (((int)tweak.d[3]) >> 31); - carry = (unsigned int)(tweak.u[0] >> 63); - tweak1.u[0] = (tweak.u[0] << 1) ^ res; - tweak1.u[1] = (tweak.u[1] << 1)|carry; -#else - size_t c; - - for (c = 0, i = 0; i < 16; ++i) { - /*+ substitutes for |, because c is 1 bit */ - c += ((size_t)tweak.c[i]) << 1; - tweak1.c[i] = (u8)c; - c = c >> 8; - } - tweak1.c[0] ^= (u8)(0x87 & (0 - c)); -#endif -#ifdef __STRICT_ALIGNMENT - memcpy(scratch.c, inp, 16); - scratch.u[0] ^= tweak1.u[0]; - scratch.u[1] ^= tweak1.u[1]; -#else - scratch.u[0] = ((u64 *)inp)[0] ^ tweak1.u[0]; - scratch.u[1] = ((u64 *)inp)[1] ^ tweak1.u[1]; -#endif - (*ctx->block1)(scratch.c, scratch.c, ctx->key1); - scratch.u[0] ^= tweak1.u[0]; - scratch.u[1] ^= tweak1.u[1]; - - for (i = 0; i < len; ++i) { - u8 ch = inp[16 + i]; - out[16 + i] = scratch.c[i]; - scratch.c[i] = ch; - } - scratch.u[0] ^= tweak.u[0]; - scratch.u[1] ^= tweak.u[1]; - (*ctx->block1)(scratch.c, scratch.c, ctx->key1); -#ifdef __STRICT_ALIGNMENT - scratch.u[0] ^= tweak.u[0]; - scratch.u[1] ^= tweak.u[1]; - memcpy(out, scratch.c, 16); -#else - ((u64 *)out)[0] = scratch.u[0] ^ tweak.u[0]; - ((u64 *)out)[1] = scratch.u[1] ^ tweak.u[1]; -#endif - } - - return 0; -} -LCRYPTO_ALIAS(CRYPTO_xts128_encrypt); diff --git a/src/lib/libcrypto/objects/obj_dat.c b/src/lib/libcrypto/objects/obj_dat.c deleted file mode 100644 index 2f4012fe15..0000000000 --- a/src/lib/libcrypto/objects/obj_dat.c +++ /dev/null @@ -1,584 +0,0 @@ -/* $OpenBSD: obj_dat.c,v 1.94 2025/02/26 10:48:25 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include -#include - -#include - -#include -#include -#include -#include -#include - -#include "asn1_local.h" - -/* obj_dat.h is generated from objects.h by obj_dat.pl */ -#include "obj_dat.h" - -#define ADDED_DATA 0 -#define ADDED_SNAME 1 -#define ADDED_LNAME 2 -#define ADDED_NID 3 - -typedef struct added_obj_st { - int type; - ASN1_OBJECT *obj; -} ADDED_OBJ; -DECLARE_LHASH_OF(ADDED_OBJ); - -static int new_nid = NUM_NID; -static LHASH_OF(ADDED_OBJ) *added = NULL; - -static unsigned long -added_obj_hash(const ADDED_OBJ *ca) -{ - const ASN1_OBJECT *a; - int i; - unsigned long ret = 0; - unsigned char *p; - - a = ca->obj; - switch (ca->type) { - case ADDED_DATA: - ret = (unsigned long)a->length << 20L; - p = (unsigned char *)a->data; - for (i = 0; i < a->length; i++) - ret ^= p[i] << ((i * 3) % 24); - break; - case ADDED_SNAME: - ret = lh_strhash(a->sn); - break; - case ADDED_LNAME: - ret = lh_strhash(a->ln); - break; - case ADDED_NID: - ret = a->nid; - break; - default: - return 0; - } - ret &= 0x3fffffffL; - ret |= (unsigned long)ca->type << 30L; - return ret; -} -static IMPLEMENT_LHASH_HASH_FN(added_obj, ADDED_OBJ) - -static int -added_obj_cmp(const ADDED_OBJ *ca, const ADDED_OBJ *cb) -{ - const ASN1_OBJECT *a, *b; - int cmp; - - if ((cmp = ca->type - cb->type) != 0) - return cmp; - - a = ca->obj; - b = cb->obj; - switch (ca->type) { - case ADDED_DATA: - return OBJ_cmp(a, b); - case ADDED_SNAME: - if (a->sn == NULL) - return -1; - if (b->sn == NULL) - return 1; - return strcmp(a->sn, b->sn); - case ADDED_LNAME: - if (a->ln == NULL) - return -1; - if (b->ln == NULL) - return 1; - return strcmp(a->ln, b->ln); - case ADDED_NID: - return a->nid - b->nid; - default: - return 0; - } -} -static IMPLEMENT_LHASH_COMP_FN(added_obj, ADDED_OBJ) - -static void -cleanup1_doall(ADDED_OBJ *a) -{ - a->obj->nid = 0; - a->obj->flags |= ASN1_OBJECT_FLAG_DYNAMIC | - ASN1_OBJECT_FLAG_DYNAMIC_STRINGS | - ASN1_OBJECT_FLAG_DYNAMIC_DATA; -} - -static void -cleanup2_doall(ADDED_OBJ *a) -{ - a->obj->nid++; -} - -static void -cleanup3_doall(ADDED_OBJ *a) -{ - if (--a->obj->nid == 0) - ASN1_OBJECT_free(a->obj); - free(a); -} - -static IMPLEMENT_LHASH_DOALL_FN(cleanup1, ADDED_OBJ) -static IMPLEMENT_LHASH_DOALL_FN(cleanup2, ADDED_OBJ) -static IMPLEMENT_LHASH_DOALL_FN(cleanup3, ADDED_OBJ) - -void -OBJ_cleanup(void) -{ - if (added == NULL) - return; - - lh_ADDED_OBJ_doall(added, LHASH_DOALL_FN(cleanup1)); /* zero counters */ - lh_ADDED_OBJ_doall(added, LHASH_DOALL_FN(cleanup2)); /* set counters */ - lh_ADDED_OBJ_doall(added, LHASH_DOALL_FN(cleanup3)); /* free objects */ - lh_ADDED_OBJ_free(added); - added = NULL; -} -LCRYPTO_ALIAS(OBJ_cleanup); - -int -OBJ_new_nid(int num) -{ - int i; - - i = new_nid; - new_nid += num; - return i; -} -LCRYPTO_ALIAS(OBJ_new_nid); - -static int -OBJ_add_object(const ASN1_OBJECT *obj) -{ - ASN1_OBJECT *o = NULL; - ADDED_OBJ *ao[4] = {NULL, NULL, NULL, NULL}, *aop; - int i; - - if (added == NULL) - added = lh_ADDED_OBJ_new(); - if (added == NULL) - goto err; - if (obj == NULL || obj->nid == NID_undef) - goto err; - if ((o = OBJ_dup(obj)) == NULL) - goto err; - if (!(ao[ADDED_NID] = malloc(sizeof(ADDED_OBJ)))) - goto err2; - if ((o->length != 0) && (obj->data != NULL)) - if (!(ao[ADDED_DATA] = malloc(sizeof(ADDED_OBJ)))) - goto err2; - if (o->sn != NULL) - if (!(ao[ADDED_SNAME] = malloc(sizeof(ADDED_OBJ)))) - goto err2; - if (o->ln != NULL) - if (!(ao[ADDED_LNAME] = malloc(sizeof(ADDED_OBJ)))) - goto err2; - - for (i = ADDED_DATA; i <= ADDED_NID; i++) { - if (ao[i] != NULL) { - ao[i]->type = i; - ao[i]->obj = o; - aop = lh_ADDED_OBJ_insert(added, ao[i]); - /* memory leak, but should not normally matter */ - free(aop); - } - } - o->flags &= ~(ASN1_OBJECT_FLAG_DYNAMIC | - ASN1_OBJECT_FLAG_DYNAMIC_STRINGS | - ASN1_OBJECT_FLAG_DYNAMIC_DATA); - - return o->nid; - - err2: - OBJerror(ERR_R_MALLOC_FAILURE); - err: - for (i = ADDED_DATA; i <= ADDED_NID; i++) - free(ao[i]); - ASN1_OBJECT_free(o); - return NID_undef; -} - -ASN1_OBJECT * -OBJ_nid2obj(int nid) -{ - if (nid >= 0 && nid < NUM_NID) { - if (nid == NID_undef || nid_objs[nid].nid != NID_undef) - return (ASN1_OBJECT *)&nid_objs[nid]; - - goto unknown; - } - - /* XXX - locking. */ - if (added != NULL) { - ASN1_OBJECT aobj = { - .nid = nid, - }; - ADDED_OBJ needle = { - .type = ADDED_NID, - .obj = &aobj, - }; - ADDED_OBJ *found; - - if ((found = lh_ADDED_OBJ_retrieve(added, &needle)) != NULL) - return found->obj; - } - - unknown: - OBJerror(OBJ_R_UNKNOWN_NID); - - return NULL; -} -LCRYPTO_ALIAS(OBJ_nid2obj); - -const char * -OBJ_nid2sn(int nid) -{ - ASN1_OBJECT *aobj; - - if ((aobj = OBJ_nid2obj(nid)) == NULL) - return NULL; - - return aobj->sn; -} -LCRYPTO_ALIAS(OBJ_nid2sn); - -const char * -OBJ_nid2ln(int nid) -{ - ASN1_OBJECT *aobj; - - if ((aobj = OBJ_nid2obj(nid)) == NULL) - return NULL; - - return aobj->ln; -} -LCRYPTO_ALIAS(OBJ_nid2ln); - -static int -obj_objs_cmp(const void *aobj, const void *b) -{ - const unsigned int *nid = b; - - OPENSSL_assert(*nid < NUM_NID); - - return OBJ_cmp(aobj, &nid_objs[*nid]); -} - -int -OBJ_obj2nid(const ASN1_OBJECT *aobj) -{ - const unsigned int *nid; - - if (aobj == NULL || aobj->length == 0) - return NID_undef; - - if (aobj->nid != NID_undef) - return aobj->nid; - - /* XXX - locking. OpenSSL 3 moved this after built-in object lookup. */ - if (added != NULL) { - ADDED_OBJ needle = { - .type = ADDED_DATA, - .obj = (ASN1_OBJECT *)aobj, - }; - ADDED_OBJ *found; - - if ((found = lh_ADDED_OBJ_retrieve(added, &needle)) != NULL) - return found->obj->nid; - } - - /* obj_objs holds built-in obj NIDs in ascending OBJ_cmp() order. */ - nid = bsearch(aobj, obj_objs, NUM_OBJ, sizeof(unsigned int), obj_objs_cmp); - if (nid != NULL) - return *nid; - - return NID_undef; -} -LCRYPTO_ALIAS(OBJ_obj2nid); - -static int -sn_objs_cmp(const void *sn, const void *b) -{ - const unsigned int *nid = b; - - OPENSSL_assert(*nid < NUM_NID); - - return strcmp(sn, nid_objs[*nid].sn); -} - -int -OBJ_sn2nid(const char *sn) -{ - const unsigned int *nid; - - /* XXX - locking. OpenSSL 3 moved this after built-in object lookup. */ - if (added != NULL) { - ASN1_OBJECT aobj = { - .sn = sn, - }; - ADDED_OBJ needle = { - .type = ADDED_SNAME, - .obj = &aobj, - }; - ADDED_OBJ *found; - - if ((found = lh_ADDED_OBJ_retrieve(added, &needle)) != NULL) - return found->obj->nid; - } - - /* sn_objs holds NIDs in ascending alphabetical order of SN. */ - nid = bsearch(sn, sn_objs, NUM_SN, sizeof(unsigned int), sn_objs_cmp); - if (nid != NULL) - return *nid; - - return NID_undef; -} -LCRYPTO_ALIAS(OBJ_sn2nid); - -static int -ln_objs_cmp(const void *ln, const void *b) -{ - const unsigned int *nid = b; - - OPENSSL_assert(*nid < NUM_NID); - - return strcmp(ln, nid_objs[*nid].ln); -} - -int -OBJ_ln2nid(const char *ln) -{ - const unsigned int *nid; - - /* XXX - locking. OpenSSL 3 moved this after built-in object lookup. */ - if (added != NULL) { - ASN1_OBJECT aobj = { - .ln = ln, - }; - ADDED_OBJ needle = { - .type = ADDED_LNAME, - .obj = &aobj, - }; - ADDED_OBJ *found; - - if ((found = lh_ADDED_OBJ_retrieve(added, &needle)) != NULL) - return found->obj->nid; - } - - /* ln_objs holds NIDs in ascending alphabetical order of LN. */ - nid = bsearch(ln, ln_objs, NUM_LN, sizeof(unsigned int), ln_objs_cmp); - if (nid != NULL) - return *nid; - - return NID_undef; -} -LCRYPTO_ALIAS(OBJ_ln2nid); - -/* Convert an object name into an ASN1_OBJECT - * if "noname" is not set then search for short and long names first. - * This will convert the "dotted" form into an object: unlike OBJ_txt2nid - * it can be used with any objects, not just registered ones. - */ - -ASN1_OBJECT * -OBJ_txt2obj(const char *s, int no_name) -{ - int nid; - - if (!no_name) { - if ((nid = OBJ_sn2nid(s)) != NID_undef || - (nid = OBJ_ln2nid(s)) != NID_undef) - return OBJ_nid2obj(nid); - } - - return t2i_ASN1_OBJECT_internal(s); -} -LCRYPTO_ALIAS(OBJ_txt2obj); - -int -OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *aobj, int no_name) -{ - return i2t_ASN1_OBJECT_internal(aobj, buf, buf_len, no_name); -} -LCRYPTO_ALIAS(OBJ_obj2txt); - -int -OBJ_txt2nid(const char *s) -{ - ASN1_OBJECT *obj; - int nid; - - obj = OBJ_txt2obj(s, 0); - nid = OBJ_obj2nid(obj); - ASN1_OBJECT_free(obj); - return nid; -} -LCRYPTO_ALIAS(OBJ_txt2nid); - -int -OBJ_create_objects(BIO *in) -{ - char buf[512]; - int i, num = 0; - char *o, *s, *l = NULL; - - for (;;) { - s = o = NULL; - i = BIO_gets(in, buf, 512); - if (i <= 0) - return num; - buf[i - 1] = '\0'; - if (!isalnum((unsigned char)buf[0])) - return num; - o = s=buf; - while (isdigit((unsigned char)*s) || (*s == '.')) - s++; - if (*s != '\0') { - *(s++) = '\0'; - while (isspace((unsigned char)*s)) - s++; - if (*s == '\0') - s = NULL; - else { - l = s; - while ((*l != '\0') && - !isspace((unsigned char)*l)) - l++; - if (*l != '\0') { - *(l++) = '\0'; - while (isspace((unsigned char)*l)) - l++; - if (*l == '\0') - l = NULL; - } else - l = NULL; - } - } else - s = NULL; - if ((o == NULL) || (*o == '\0')) - return num; - if (!OBJ_create(o, s, l)) - return num; - num++; - } - /* return(num); */ -} -LCRYPTO_ALIAS(OBJ_create_objects); - -int -OBJ_create(const char *oid, const char *sn, const char *ln) -{ - ASN1_OBJECT *aobj = NULL; - unsigned char *buf = NULL; - int len, nid; - int ret = 0; - - if ((len = a2d_ASN1_OBJECT(NULL, 0, oid, -1)) <= 0) - goto err; - - if ((buf = calloc(1, len)) == NULL) { - OBJerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - if ((len = a2d_ASN1_OBJECT(buf, len, oid, -1)) == 0) - goto err; - - nid = OBJ_new_nid(1); - if ((aobj = ASN1_OBJECT_create(nid, buf, len, sn, ln)) == NULL) - goto err; - - ret = OBJ_add_object(aobj); - - err: - ASN1_OBJECT_free(aobj); - free(buf); - - return ret; -} -LCRYPTO_ALIAS(OBJ_create); - -size_t -OBJ_length(const ASN1_OBJECT *obj) -{ - if (obj == NULL) - return 0; - - if (obj->length < 0) - return 0; - - return obj->length; -} -LCRYPTO_ALIAS(OBJ_length); - -const unsigned char * -OBJ_get0_data(const ASN1_OBJECT *obj) -{ - if (obj == NULL) - return NULL; - - return obj->data; -} -LCRYPTO_ALIAS(OBJ_get0_data); diff --git a/src/lib/libcrypto/objects/obj_dat.pl b/src/lib/libcrypto/objects/obj_dat.pl deleted file mode 100644 index 86bcefb97a..0000000000 --- a/src/lib/libcrypto/objects/obj_dat.pl +++ /dev/null @@ -1,307 +0,0 @@ -#!/usr/local/bin/perl - -# fixes bug in floating point emulation on sparc64 when -# this script produces off-by-one output on sparc64 -use integer; - -sub obj_cmp - { - local(@a,@b,$_,$r); - - $A=$obj_len{$obj{$nid{$a}}}; - $B=$obj_len{$obj{$nid{$b}}}; - - $r=($A-$B); - return($r) if $r != 0; - - $A=$obj_der{$obj{$nid{$a}}}; - $B=$obj_der{$obj{$nid{$b}}}; - - return($A cmp $B); - } - -sub expand_obj - { - local(*v)=@_; - local($k,$d); - local($i); - - do { - $i=0; - foreach $k (keys %v) - { - if (($v{$k} =~ s/(OBJ_[^,]+),/$v{$1},/)) - { $i++; } - } - } while($i); - foreach $k (keys %v) - { - @a=split(/,/,$v{$k}); - $objn{$k}=$#a+1; - } - return(%objn); - } - -open (IN,"$ARGV[0]") || die "Can't open input file $ARGV[0]"; -open (OUT,">$ARGV[1]") || die "Can't open output file $ARGV[1]"; - -while () - { - next unless /^\#define\s+(\S+)\s+(.*)$/; - $v=$1; - $d=$2; - $d =~ s/^\"//; - $d =~ s/\"$//; - if ($v =~ /^SN_(.*)$/) - { - if(defined $snames{$d}) - { - print "WARNING: Duplicate short name \"$d\"\n"; - } - else - { $snames{$d} = "X"; } - $sn{$1}=$d; - } - elsif ($v =~ /^LN_(.*)$/) - { - if(defined $lnames{$d}) - { - print "WARNING: Duplicate long name \"$d\"\n"; - } - else - { $lnames{$d} = "X"; } - $ln{$1}=$d; - } - elsif ($v =~ /^NID_(.*)$/) - { $nid{$d}=$1; } - elsif ($v =~ /^OBJ_(.*)$/) - { - $obj{$1}=$v; - $objd{$v}=$d; - } - } -close IN; - -%ob=&expand_obj(*objd); - -@a=sort { $a <=> $b } keys %nid; -$n=$a[$#a]+1; - -@lvalues=(); -$lvalues=0; - -for ($i=0; $i<$n; $i++) - { - if (!defined($nid{$i})) - { - push(@out,"{NULL,NULL,NID_undef,0,NULL,0},\n"); - } - else - { - $sn=defined($sn{$nid{$i}})?"$sn{$nid{$i}}":"NULL"; - $ln=defined($ln{$nid{$i}})?"$ln{$nid{$i}}":"NULL"; - - if ($sn eq "NULL") { - $sn=$ln; - $sn{$nid{$i}} = $ln; - } - - if ($ln eq "NULL") { - $ln=$sn; - $ln{$nid{$i}} = $sn; - } - - $out ="{"; - $out.="\"$sn\""; - $out.=","."\"$ln\""; - $out.=",NID_$nid{$i},"; - if (defined($obj{$nid{$i}}) && $objd{$obj{$nid{$i}}} =~ /,/) - { - $v=$objd{$obj{$nid{$i}}}; - $v =~ s/L//g; - $v =~ s/,/ /g; - $r=&der_it($v); - $z=""; - $length=0; - foreach (unpack("C*",$r)) - { - $z.=sprintf("0x%02X,",$_); - $length++; - } - $obj_der{$obj{$nid{$i}}}=$z; - $obj_len{$obj{$nid{$i}}}=$length; - - push(@lvalues,sprintf("%-45s/* [%3d] %s */\n", - $z,$lvalues,$obj{$nid{$i}})); - $out.="$length,&(lvalues[$lvalues]),0"; - $lvalues+=$length; - } - else - { - $out.="0,NULL,0"; - } - $out.="},\n"; - push(@out,$out); - } - } - -@a=grep(defined($sn{$nid{$_}}),0 .. $n); -foreach (sort { $sn{$nid{$a}} cmp $sn{$nid{$b}} } @a) - { - push(@sn,sprintf("%2d,\t/* \"$sn{$nid{$_}}\" */\n",$_)); - } - -@a=grep(defined($ln{$nid{$_}}),0 .. $n); -foreach (sort { $ln{$nid{$a}} cmp $ln{$nid{$b}} } @a) - { - push(@ln,sprintf("%2d,\t/* \"$ln{$nid{$_}}\" */\n",$_)); - } - -@a=grep(defined($obj{$nid{$_}}),0 .. $n); -foreach (sort obj_cmp @a) - { - $m=$obj{$nid{$_}}; - $v=$objd{$m}; - $v =~ s/L//g; - $v =~ s/,/ /g; - push(@ob,sprintf("%2d,\t/* %-32s %s */\n",$_,$m,$v)); - } - -print OUT <<'EOF'; -/* crypto/objects/obj_dat.h */ - -/* THIS FILE IS GENERATED FROM objects.h by obj_dat.pl via the - * following command: - * perl obj_dat.pl obj_mac.h obj_dat.h - */ - -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -EOF - -printf OUT "#define NUM_NID %d\n",$n; -printf OUT "#define NUM_SN %d\n",$#sn+1; -printf OUT "#define NUM_LN %d\n",$#ln+1; -printf OUT "#define NUM_OBJ %d\n\n",$#ob+1; - -printf OUT "static const unsigned char lvalues[%d]={\n",$lvalues+1; -print OUT @lvalues; -print OUT "};\n\n"; - -printf OUT "static const ASN1_OBJECT nid_objs[NUM_NID]={\n"; -foreach (@out) - { - if (length($_) > 75) - { - $out=""; - foreach (split(/,/)) - { - $t=$out.$_.","; - if (length($t) > 70) - { - print OUT "$out\n"; - $t="\t$_,"; - } - $out=$t; - } - chop $out; - print OUT "$out"; - } - else - { print OUT $_; } - } -print OUT "};\n\n"; - -printf OUT "static const unsigned int sn_objs[NUM_SN]={\n"; -print OUT @sn; -print OUT "};\n\n"; - -printf OUT "static const unsigned int ln_objs[NUM_LN]={\n"; -print OUT @ln; -print OUT "};\n\n"; - -printf OUT "static const unsigned int obj_objs[NUM_OBJ]={\n"; -print OUT @ob; -print OUT "};\n\n"; - -close OUT; - -sub der_it - { - local($v)=@_; - local(@a,$i,$ret,@r); - - @a=split(/\s+/,$v); - $ret.=pack("C*",$a[0]*40+$a[1]); - shift @a; - shift @a; - foreach (@a) - { - @r=(); - $t=0; - while ($_ >= 128) - { - $x=$_%128; - $_/=128; - push(@r,((($t++)?0x80:0)|$x)); - } - push(@r,((($t++)?0x80:0)|$_)); - $ret.=pack("C*",reverse(@r)); - } - return($ret); - } diff --git a/src/lib/libcrypto/objects/obj_err.c b/src/lib/libcrypto/objects/obj_err.c deleted file mode 100644 index 514fb0d4f0..0000000000 --- a/src/lib/libcrypto/objects/obj_err.c +++ /dev/null @@ -1,93 +0,0 @@ -/* $OpenBSD: obj_err.c,v 1.15 2024/06/24 06:43:22 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include - -#include "err_local.h" - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_OBJ,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_OBJ,0,reason) - -static const ERR_STRING_DATA OBJ_str_functs[] = { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static const ERR_STRING_DATA OBJ_str_reasons[] = { - {ERR_REASON(OBJ_R_MALLOC_FAILURE) , "malloc failure"}, - {ERR_REASON(OBJ_R_UNKNOWN_NID) , "unknown nid"}, - {0, NULL} -}; - -#endif - -void -ERR_load_OBJ_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(OBJ_str_functs[0].error) == NULL) { - ERR_load_const_strings(OBJ_str_functs); - ERR_load_const_strings(OBJ_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_OBJ_strings); diff --git a/src/lib/libcrypto/objects/obj_lib.c b/src/lib/libcrypto/objects/obj_lib.c deleted file mode 100644 index 45062dbd4c..0000000000 --- a/src/lib/libcrypto/objects/obj_lib.c +++ /dev/null @@ -1,135 +0,0 @@ -/* $OpenBSD: obj_lib.c,v 1.19 2023/08/17 09:13:01 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include -#include -#include -#include - -#include "asn1_local.h" - -ASN1_OBJECT * -OBJ_dup(const ASN1_OBJECT *o) -{ - ASN1_OBJECT *r; - char *ln = NULL, *sn = NULL; - unsigned char *data = NULL; - - if (o == NULL) - return (NULL); - if (!(o->flags & ASN1_OBJECT_FLAG_DYNAMIC)) - return((ASN1_OBJECT *)o); /* XXX: ugh! Why? What kind of - duplication is this??? */ - - r = ASN1_OBJECT_new(); - if (r == NULL) { - OBJerror(ERR_R_ASN1_LIB); - return (NULL); - } - data = malloc(o->length); - if (data == NULL) - goto err; - if (o->data != NULL) - memcpy(data, o->data, o->length); - /* once data attached to object it remains const */ - r->data = data; - r->length = o->length; - r->nid = o->nid; - r->ln = r->sn = NULL; - if (o->ln != NULL) { - ln = strdup(o->ln); - if (ln == NULL) - goto err; - r->ln = ln; - } - - if (o->sn != NULL) { - sn = strdup(o->sn); - if (sn == NULL) - goto err; - r->sn = sn; - } - r->flags = o->flags | (ASN1_OBJECT_FLAG_DYNAMIC | - ASN1_OBJECT_FLAG_DYNAMIC_STRINGS | ASN1_OBJECT_FLAG_DYNAMIC_DATA); - return (r); - - err: - OBJerror(ERR_R_MALLOC_FAILURE); - free(ln); - free(sn); - free(data); - free(r); - return (NULL); -} -LCRYPTO_ALIAS(OBJ_dup); - -int -OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b) -{ - int cmp; - - if ((cmp = a->length - b->length) != 0) - return cmp; - if (a->length == 0) - return 0; - return memcmp(a->data, b->data, a->length); -} -LCRYPTO_ALIAS(OBJ_cmp); diff --git a/src/lib/libcrypto/objects/obj_mac.num b/src/lib/libcrypto/objects/obj_mac.num deleted file mode 100644 index 728bf02400..0000000000 --- a/src/lib/libcrypto/objects/obj_mac.num +++ /dev/null @@ -1,1055 +0,0 @@ -undef 0 -rsadsi 1 -pkcs 2 -md2 3 -md5 4 -rc4 5 -rsaEncryption 6 -md2WithRSAEncryption 7 -md5WithRSAEncryption 8 -pbeWithMD2AndDES_CBC 9 -pbeWithMD5AndDES_CBC 10 -X500 11 -X509 12 -commonName 13 -countryName 14 -localityName 15 -stateOrProvinceName 16 -organizationName 17 -organizationalUnitName 18 -rsa 19 -pkcs7 20 -pkcs7_data 21 -pkcs7_signed 22 -pkcs7_enveloped 23 -pkcs7_signedAndEnveloped 24 -pkcs7_digest 25 -pkcs7_encrypted 26 -pkcs3 27 -dhKeyAgreement 28 -des_ecb 29 -des_cfb64 30 -des_cbc 31 -des_ede_ecb 32 -des_ede3_ecb 33 -idea_cbc 34 -idea_cfb64 35 -idea_ecb 36 -rc2_cbc 37 -rc2_ecb 38 -rc2_cfb64 39 -rc2_ofb64 40 -sha 41 -shaWithRSAEncryption 42 -des_ede_cbc 43 -des_ede3_cbc 44 -des_ofb64 45 -idea_ofb64 46 -pkcs9 47 -pkcs9_emailAddress 48 -pkcs9_unstructuredName 49 -pkcs9_contentType 50 -pkcs9_messageDigest 51 -pkcs9_signingTime 52 -pkcs9_countersignature 53 -pkcs9_challengePassword 54 -pkcs9_unstructuredAddress 55 -pkcs9_extCertAttributes 56 -netscape 57 -netscape_cert_extension 58 -netscape_data_type 59 -des_ede_cfb64 60 -des_ede3_cfb64 61 -des_ede_ofb64 62 -des_ede3_ofb64 63 -sha1 64 -sha1WithRSAEncryption 65 -dsaWithSHA 66 -dsa_2 67 -pbeWithSHA1AndRC2_CBC 68 -id_pbkdf2 69 -dsaWithSHA1_2 70 -netscape_cert_type 71 -netscape_base_url 72 -netscape_revocation_url 73 -netscape_ca_revocation_url 74 -netscape_renewal_url 75 -netscape_ca_policy_url 76 -netscape_ssl_server_name 77 -netscape_comment 78 -netscape_cert_sequence 79 -desx_cbc 80 -id_ce 81 -subject_key_identifier 82 -key_usage 83 -private_key_usage_period 84 -subject_alt_name 85 -issuer_alt_name 86 -basic_constraints 87 -crl_number 88 -certificate_policies 89 -authority_key_identifier 90 -bf_cbc 91 -bf_ecb 92 -bf_cfb64 93 -bf_ofb64 94 -mdc2 95 -mdc2WithRSA 96 -rc4_40 97 -rc2_40_cbc 98 -givenName 99 -surname 100 -initials 101 -uniqueIdentifier 102 -crl_distribution_points 103 -md5WithRSA 104 -serialNumber 105 -title 106 -description 107 -cast5_cbc 108 -cast5_ecb 109 -cast5_cfb64 110 -cast5_ofb64 111 -pbeWithMD5AndCast5_CBC 112 -dsaWithSHA1 113 -md5_sha1 114 -sha1WithRSA 115 -dsa 116 -ripemd160 117 -ripemd160WithRSA 119 -rc5_cbc 120 -rc5_ecb 121 -rc5_cfb64 122 -rc5_ofb64 123 -rle_compression 124 -zlib_compression 125 -ext_key_usage 126 -id_pkix 127 -id_kp 128 -server_auth 129 -client_auth 130 -code_sign 131 -email_protect 132 -time_stamp 133 -ms_code_ind 134 -ms_code_com 135 -ms_ctl_sign 136 -ms_sgc 137 -ms_efs 138 -ns_sgc 139 -delta_crl 140 -crl_reason 141 -invalidity_date 142 -sxnet 143 -pbe_WithSHA1And128BitRC4 144 -pbe_WithSHA1And40BitRC4 145 -pbe_WithSHA1And3_Key_TripleDES_CBC 146 -pbe_WithSHA1And2_Key_TripleDES_CBC 147 -pbe_WithSHA1And128BitRC2_CBC 148 -pbe_WithSHA1And40BitRC2_CBC 149 -keyBag 150 -pkcs8ShroudedKeyBag 151 -certBag 152 -crlBag 153 -secretBag 154 -safeContentsBag 155 -friendlyName 156 -localKeyID 157 -x509Certificate 158 -sdsiCertificate 159 -x509Crl 160 -pbes2 161 -pbmac1 162 -hmacWithSHA1 163 -id_qt_cps 164 -id_qt_unotice 165 -rc2_64_cbc 166 -SMIMECapabilities 167 -pbeWithMD2AndRC2_CBC 168 -pbeWithMD5AndRC2_CBC 169 -pbeWithSHA1AndDES_CBC 170 -ms_ext_req 171 -ext_req 172 -name 173 -dnQualifier 174 -id_pe 175 -id_ad 176 -info_access 177 -ad_OCSP 178 -ad_ca_issuers 179 -OCSP_sign 180 -iso 181 -member_body 182 -ISO_US 183 -X9_57 184 -X9cm 185 -pkcs1 186 -pkcs5 187 -SMIME 188 -id_smime_mod 189 -id_smime_ct 190 -id_smime_aa 191 -id_smime_alg 192 -id_smime_cd 193 -id_smime_spq 194 -id_smime_cti 195 -id_smime_mod_cms 196 -id_smime_mod_ess 197 -id_smime_mod_oid 198 -id_smime_mod_msg_v3 199 -id_smime_mod_ets_eSignature_88 200 -id_smime_mod_ets_eSignature_97 201 -id_smime_mod_ets_eSigPolicy_88 202 -id_smime_mod_ets_eSigPolicy_97 203 -id_smime_ct_receipt 204 -id_smime_ct_authData 205 -id_smime_ct_publishCert 206 -id_smime_ct_TSTInfo 207 -id_smime_ct_TDTInfo 208 -id_smime_ct_contentInfo 209 -id_smime_ct_DVCSRequestData 210 -id_smime_ct_DVCSResponseData 211 -id_smime_aa_receiptRequest 212 -id_smime_aa_securityLabel 213 -id_smime_aa_mlExpandHistory 214 -id_smime_aa_contentHint 215 -id_smime_aa_msgSigDigest 216 -id_smime_aa_encapContentType 217 -id_smime_aa_contentIdentifier 218 -id_smime_aa_macValue 219 -id_smime_aa_equivalentLabels 220 -id_smime_aa_contentReference 221 -id_smime_aa_encrypKeyPref 222 -id_smime_aa_signingCertificate 223 -id_smime_aa_smimeEncryptCerts 224 -id_smime_aa_timeStampToken 225 -id_smime_aa_ets_sigPolicyId 226 -id_smime_aa_ets_commitmentType 227 -id_smime_aa_ets_signerLocation 228 -id_smime_aa_ets_signerAttr 229 -id_smime_aa_ets_otherSigCert 230 -id_smime_aa_ets_contentTimestamp 231 -id_smime_aa_ets_CertificateRefs 232 -id_smime_aa_ets_RevocationRefs 233 -id_smime_aa_ets_certValues 234 -id_smime_aa_ets_revocationValues 235 -id_smime_aa_ets_escTimeStamp 236 -id_smime_aa_ets_certCRLTimestamp 237 -id_smime_aa_ets_archiveTimeStamp 238 -id_smime_aa_signatureType 239 -id_smime_aa_dvcs_dvc 240 -id_smime_alg_ESDHwith3DES 241 -id_smime_alg_ESDHwithRC2 242 -id_smime_alg_3DESwrap 243 -id_smime_alg_RC2wrap 244 -id_smime_alg_ESDH 245 -id_smime_alg_CMS3DESwrap 246 -id_smime_alg_CMSRC2wrap 247 -id_smime_cd_ldap 248 -id_smime_spq_ets_sqt_uri 249 -id_smime_spq_ets_sqt_unotice 250 -id_smime_cti_ets_proofOfOrigin 251 -id_smime_cti_ets_proofOfReceipt 252 -id_smime_cti_ets_proofOfDelivery 253 -id_smime_cti_ets_proofOfSender 254 -id_smime_cti_ets_proofOfApproval 255 -id_smime_cti_ets_proofOfCreation 256 -md4 257 -id_pkix_mod 258 -id_qt 259 -id_it 260 -id_pkip 261 -id_alg 262 -id_cmc 263 -id_on 264 -id_pda 265 -id_aca 266 -id_qcs 267 -id_cct 268 -id_pkix1_explicit_88 269 -id_pkix1_implicit_88 270 -id_pkix1_explicit_93 271 -id_pkix1_implicit_93 272 -id_mod_crmf 273 -id_mod_cmc 274 -id_mod_kea_profile_88 275 -id_mod_kea_profile_93 276 -id_mod_cmp 277 -id_mod_qualified_cert_88 278 -id_mod_qualified_cert_93 279 -id_mod_attribute_cert 280 -id_mod_timestamp_protocol 281 -id_mod_ocsp 282 -id_mod_dvcs 283 -id_mod_cmp2000 284 -biometricInfo 285 -qcStatements 286 -ac_auditEntity 287 -ac_targeting 288 -aaControls 289 -sbgp_ipAddrBlock 290 -sbgp_autonomousSysNum 291 -sbgp_routerIdentifier 292 -textNotice 293 -ipsecEndSystem 294 -ipsecTunnel 295 -ipsecUser 296 -dvcs 297 -id_it_caProtEncCert 298 -id_it_signKeyPairTypes 299 -id_it_encKeyPairTypes 300 -id_it_preferredSymmAlg 301 -id_it_caKeyUpdateInfo 302 -id_it_currentCRL 303 -id_it_unsupportedOIDs 304 -id_it_subscriptionRequest 305 -id_it_subscriptionResponse 306 -id_it_keyPairParamReq 307 -id_it_keyPairParamRep 308 -id_it_revPassphrase 309 -id_it_implicitConfirm 310 -id_it_confirmWaitTime 311 -id_it_origPKIMessage 312 -id_regCtrl 313 -id_regInfo 314 -id_regCtrl_regToken 315 -id_regCtrl_authenticator 316 -id_regCtrl_pkiPublicationInfo 317 -id_regCtrl_pkiArchiveOptions 318 -id_regCtrl_oldCertID 319 -id_regCtrl_protocolEncrKey 320 -id_regInfo_utf8Pairs 321 -id_regInfo_certReq 322 -id_alg_des40 323 -id_alg_noSignature 324 -id_alg_dh_sig_hmac_sha1 325 -id_alg_dh_pop 326 -id_cmc_statusInfo 327 -id_cmc_identification 328 -id_cmc_identityProof 329 -id_cmc_dataReturn 330 -id_cmc_transactionId 331 -id_cmc_senderNonce 332 -id_cmc_recipientNonce 333 -id_cmc_addExtensions 334 -id_cmc_encryptedPOP 335 -id_cmc_decryptedPOP 336 -id_cmc_lraPOPWitness 337 -id_cmc_getCert 338 -id_cmc_getCRL 339 -id_cmc_revokeRequest 340 -id_cmc_regInfo 341 -id_cmc_responseInfo 342 -id_cmc_queryPending 343 -id_cmc_popLinkRandom 344 -id_cmc_popLinkWitness 345 -id_cmc_confirmCertAcceptance 346 -id_on_personalData 347 -id_pda_dateOfBirth 348 -id_pda_placeOfBirth 349 -id_pda_pseudonym 350 -id_pda_gender 351 -id_pda_countryOfCitizenship 352 -id_pda_countryOfResidence 353 -id_aca_authenticationInfo 354 -id_aca_accessIdentity 355 -id_aca_chargingIdentity 356 -id_aca_group 357 -id_aca_role 358 -id_qcs_pkixQCSyntax_v1 359 -id_cct_crs 360 -id_cct_PKIData 361 -id_cct_PKIResponse 362 -ad_timeStamping 363 -ad_dvcs 364 -id_pkix_OCSP_basic 365 -id_pkix_OCSP_Nonce 366 -id_pkix_OCSP_CrlID 367 -id_pkix_OCSP_acceptableResponses 368 -id_pkix_OCSP_noCheck 369 -id_pkix_OCSP_archiveCutoff 370 -id_pkix_OCSP_serviceLocator 371 -id_pkix_OCSP_extendedStatus 372 -id_pkix_OCSP_valid 373 -id_pkix_OCSP_path 374 -id_pkix_OCSP_trustRoot 375 -algorithm 376 -rsaSignature 377 -X500algorithms 378 -org 379 -dod 380 -iana 381 -Directory 382 -Management 383 -Experimental 384 -Private 385 -Security 386 -SNMPv2 387 -Mail 388 -Enterprises 389 -dcObject 390 -domainComponent 391 -Domain 392 -joint_iso_ccitt 393 -selected_attribute_types 394 -clearance 395 -md4WithRSAEncryption 396 -ac_proxying 397 -sinfo_access 398 -id_aca_encAttrs 399 -role 400 -policy_constraints 401 -target_information 402 -no_rev_avail 403 -ccitt 404 -ansi_X9_62 405 -X9_62_prime_field 406 -X9_62_characteristic_two_field 407 -X9_62_id_ecPublicKey 408 -X9_62_prime192v1 409 -X9_62_prime192v2 410 -X9_62_prime192v3 411 -X9_62_prime239v1 412 -X9_62_prime239v2 413 -X9_62_prime239v3 414 -X9_62_prime256v1 415 -ecdsa_with_SHA1 416 -ms_csp_name 417 -aes_128_ecb 418 -aes_128_cbc 419 -aes_128_ofb128 420 -aes_128_cfb128 421 -aes_192_ecb 422 -aes_192_cbc 423 -aes_192_ofb128 424 -aes_192_cfb128 425 -aes_256_ecb 426 -aes_256_cbc 427 -aes_256_ofb128 428 -aes_256_cfb128 429 -hold_instruction_code 430 -hold_instruction_none 431 -hold_instruction_call_issuer 432 -hold_instruction_reject 433 -data 434 -pss 435 -ucl 436 -pilot 437 -pilotAttributeType 438 -pilotAttributeSyntax 439 -pilotObjectClass 440 -pilotGroups 441 -iA5StringSyntax 442 -caseIgnoreIA5StringSyntax 443 -pilotObject 444 -pilotPerson 445 -account 446 -document 447 -room 448 -documentSeries 449 -rFC822localPart 450 -dNSDomain 451 -domainRelatedObject 452 -friendlyCountry 453 -simpleSecurityObject 454 -pilotOrganization 455 -pilotDSA 456 -qualityLabelledData 457 -userId 458 -textEncodedORAddress 459 -rfc822Mailbox 460 -info 461 -favouriteDrink 462 -roomNumber 463 -photo 464 -userClass 465 -host 466 -manager 467 -documentIdentifier 468 -documentTitle 469 -documentVersion 470 -documentAuthor 471 -documentLocation 472 -homeTelephoneNumber 473 -secretary 474 -otherMailbox 475 -lastModifiedTime 476 -lastModifiedBy 477 -aRecord 478 -pilotAttributeType27 479 -mXRecord 480 -nSRecord 481 -sOARecord 482 -cNAMERecord 483 -associatedDomain 484 -associatedName 485 -homePostalAddress 486 -personalTitle 487 -mobileTelephoneNumber 488 -pagerTelephoneNumber 489 -friendlyCountryName 490 -organizationalStatus 491 -janetMailbox 492 -mailPreferenceOption 493 -buildingName 494 -dSAQuality 495 -singleLevelQuality 496 -subtreeMinimumQuality 497 -subtreeMaximumQuality 498 -personalSignature 499 -dITRedirect 500 -audio 501 -documentPublisher 502 -x500UniqueIdentifier 503 -mime_mhs 504 -mime_mhs_headings 505 -mime_mhs_bodies 506 -id_hex_partial_message 507 -id_hex_multipart_message 508 -generationQualifier 509 -pseudonym 510 -InternationalRA 511 -id_set 512 -set_ctype 513 -set_msgExt 514 -set_attr 515 -set_policy 516 -set_certExt 517 -set_brand 518 -setct_PANData 519 -setct_PANToken 520 -setct_PANOnly 521 -setct_OIData 522 -setct_PI 523 -setct_PIData 524 -setct_PIDataUnsigned 525 -setct_HODInput 526 -setct_AuthResBaggage 527 -setct_AuthRevReqBaggage 528 -setct_AuthRevResBaggage 529 -setct_CapTokenSeq 530 -setct_PInitResData 531 -setct_PI_TBS 532 -setct_PResData 533 -setct_AuthReqTBS 534 -setct_AuthResTBS 535 -setct_AuthResTBSX 536 -setct_AuthTokenTBS 537 -setct_CapTokenData 538 -setct_CapTokenTBS 539 -setct_AcqCardCodeMsg 540 -setct_AuthRevReqTBS 541 -setct_AuthRevResData 542 -setct_AuthRevResTBS 543 -setct_CapReqTBS 544 -setct_CapReqTBSX 545 -setct_CapResData 546 -setct_CapRevReqTBS 547 -setct_CapRevReqTBSX 548 -setct_CapRevResData 549 -setct_CredReqTBS 550 -setct_CredReqTBSX 551 -setct_CredResData 552 -setct_CredRevReqTBS 553 -setct_CredRevReqTBSX 554 -setct_CredRevResData 555 -setct_PCertReqData 556 -setct_PCertResTBS 557 -setct_BatchAdminReqData 558 -setct_BatchAdminResData 559 -setct_CardCInitResTBS 560 -setct_MeAqCInitResTBS 561 -setct_RegFormResTBS 562 -setct_CertReqData 563 -setct_CertReqTBS 564 -setct_CertResData 565 -setct_CertInqReqTBS 566 -setct_ErrorTBS 567 -setct_PIDualSignedTBE 568 -setct_PIUnsignedTBE 569 -setct_AuthReqTBE 570 -setct_AuthResTBE 571 -setct_AuthResTBEX 572 -setct_AuthTokenTBE 573 -setct_CapTokenTBE 574 -setct_CapTokenTBEX 575 -setct_AcqCardCodeMsgTBE 576 -setct_AuthRevReqTBE 577 -setct_AuthRevResTBE 578 -setct_AuthRevResTBEB 579 -setct_CapReqTBE 580 -setct_CapReqTBEX 581 -setct_CapResTBE 582 -setct_CapRevReqTBE 583 -setct_CapRevReqTBEX 584 -setct_CapRevResTBE 585 -setct_CredReqTBE 586 -setct_CredReqTBEX 587 -setct_CredResTBE 588 -setct_CredRevReqTBE 589 -setct_CredRevReqTBEX 590 -setct_CredRevResTBE 591 -setct_BatchAdminReqTBE 592 -setct_BatchAdminResTBE 593 -setct_RegFormReqTBE 594 -setct_CertReqTBE 595 -setct_CertReqTBEX 596 -setct_CertResTBE 597 -setct_CRLNotificationTBS 598 -setct_CRLNotificationResTBS 599 -setct_BCIDistributionTBS 600 -setext_genCrypt 601 -setext_miAuth 602 -setext_pinSecure 603 -setext_pinAny 604 -setext_track2 605 -setext_cv 606 -set_policy_root 607 -setCext_hashedRoot 608 -setCext_certType 609 -setCext_merchData 610 -setCext_cCertRequired 611 -setCext_tunneling 612 -setCext_setExt 613 -setCext_setQualf 614 -setCext_PGWYcapabilities 615 -setCext_TokenIdentifier 616 -setCext_Track2Data 617 -setCext_TokenType 618 -setCext_IssuerCapabilities 619 -setAttr_Cert 620 -setAttr_PGWYcap 621 -setAttr_TokenType 622 -setAttr_IssCap 623 -set_rootKeyThumb 624 -set_addPolicy 625 -setAttr_Token_EMV 626 -setAttr_Token_B0Prime 627 -setAttr_IssCap_CVM 628 -setAttr_IssCap_T2 629 -setAttr_IssCap_Sig 630 -setAttr_GenCryptgrm 631 -setAttr_T2Enc 632 -setAttr_T2cleartxt 633 -setAttr_TokICCsig 634 -setAttr_SecDevSig 635 -set_brand_IATA_ATA 636 -set_brand_Diners 637 -set_brand_AmericanExpress 638 -set_brand_JCB 639 -set_brand_Visa 640 -set_brand_MasterCard 641 -set_brand_Novus 642 -des_cdmf 643 -rsaOAEPEncryptionSET 644 -itu_t 645 -joint_iso_itu_t 646 -international_organizations 647 -ms_smartcard_login 648 -ms_upn 649 -aes_128_cfb1 650 -aes_192_cfb1 651 -aes_256_cfb1 652 -aes_128_cfb8 653 -aes_192_cfb8 654 -aes_256_cfb8 655 -des_cfb1 656 -des_cfb8 657 -des_ede3_cfb1 658 -des_ede3_cfb8 659 -streetAddress 660 -postalCode 661 -id_ppl 662 -proxyCertInfo 663 -id_ppl_anyLanguage 664 -id_ppl_inheritAll 665 -name_constraints 666 -Independent 667 -sha256WithRSAEncryption 668 -sha384WithRSAEncryption 669 -sha512WithRSAEncryption 670 -sha224WithRSAEncryption 671 -sha256 672 -sha384 673 -sha512 674 -sha224 675 -identified_organization 676 -certicom_arc 677 -wap 678 -wap_wsg 679 -X9_62_id_characteristic_two_basis 680 -X9_62_onBasis 681 -X9_62_tpBasis 682 -X9_62_ppBasis 683 -X9_62_c2pnb163v1 684 -X9_62_c2pnb163v2 685 -X9_62_c2pnb163v3 686 -X9_62_c2pnb176v1 687 -X9_62_c2tnb191v1 688 -X9_62_c2tnb191v2 689 -X9_62_c2tnb191v3 690 -X9_62_c2onb191v4 691 -X9_62_c2onb191v5 692 -X9_62_c2pnb208w1 693 -X9_62_c2tnb239v1 694 -X9_62_c2tnb239v2 695 -X9_62_c2tnb239v3 696 -X9_62_c2onb239v4 697 -X9_62_c2onb239v5 698 -X9_62_c2pnb272w1 699 -X9_62_c2pnb304w1 700 -X9_62_c2tnb359v1 701 -X9_62_c2pnb368w1 702 -X9_62_c2tnb431r1 703 -secp112r1 704 -secp112r2 705 -secp128r1 706 -secp128r2 707 -secp160k1 708 -secp160r1 709 -secp160r2 710 -secp192k1 711 -secp224k1 712 -secp224r1 713 -secp256k1 714 -secp384r1 715 -secp521r1 716 -sect113r1 717 -sect113r2 718 -sect131r1 719 -sect131r2 720 -sect163k1 721 -sect163r1 722 -sect163r2 723 -sect193r1 724 -sect193r2 725 -sect233k1 726 -sect233r1 727 -sect239k1 728 -sect283k1 729 -sect283r1 730 -sect409k1 731 -sect409r1 732 -sect571k1 733 -sect571r1 734 -wap_wsg_idm_ecid_wtls1 735 -wap_wsg_idm_ecid_wtls3 736 -wap_wsg_idm_ecid_wtls4 737 -wap_wsg_idm_ecid_wtls5 738 -wap_wsg_idm_ecid_wtls6 739 -wap_wsg_idm_ecid_wtls7 740 -wap_wsg_idm_ecid_wtls8 741 -wap_wsg_idm_ecid_wtls9 742 -wap_wsg_idm_ecid_wtls10 743 -wap_wsg_idm_ecid_wtls11 744 -wap_wsg_idm_ecid_wtls12 745 -any_policy 746 -policy_mappings 747 -inhibit_any_policy 748 -ipsec3 749 -ipsec4 750 -camellia_128_cbc 751 -camellia_192_cbc 752 -camellia_256_cbc 753 -camellia_128_ecb 754 -camellia_192_ecb 755 -camellia_256_ecb 756 -camellia_128_cfb128 757 -camellia_192_cfb128 758 -camellia_256_cfb128 759 -camellia_128_cfb1 760 -camellia_192_cfb1 761 -camellia_256_cfb1 762 -camellia_128_cfb8 763 -camellia_192_cfb8 764 -camellia_256_cfb8 765 -camellia_128_ofb128 766 -camellia_192_ofb128 767 -camellia_256_ofb128 768 -subject_directory_attributes 769 -issuing_distribution_point 770 -certificate_issuer 771 -korea 772 -kisa 773 -kftc 774 -npki_alg 775 -seed_ecb 776 -seed_cbc 777 -seed_ofb128 778 -seed_cfb128 779 -hmac_md5 780 -hmac_sha1 781 -id_PasswordBasedMAC 782 -id_DHBasedMac 783 -id_it_suppLangTags 784 -caRepository 785 -id_smime_ct_compressedData 786 -id_ct_asciiTextWithCRLF 787 -id_aes128_wrap 788 -id_aes192_wrap 789 -id_aes256_wrap 790 -ecdsa_with_Recommended 791 -ecdsa_with_Specified 792 -ecdsa_with_SHA224 793 -ecdsa_with_SHA256 794 -ecdsa_with_SHA384 795 -ecdsa_with_SHA512 796 -hmacWithMD5 797 -hmacWithSHA224 798 -hmacWithSHA256 799 -hmacWithSHA384 800 -hmacWithSHA512 801 -dsa_with_SHA224 802 -dsa_with_SHA256 803 -whirlpool 804 -cryptopro 805 -cryptocom 806 -id_GostR3411_94_with_GostR3410_2001 807 -id_GostR3411_94_with_GostR3410_94 808 -id_GostR3411_94 809 -id_HMACGostR3411_94 810 -id_GostR3410_2001 811 -id_GostR3410_94 812 -id_Gost28147_89 813 -gost89_cnt 814 -id_Gost28147_89_MAC 815 -id_GostR3411_94_prf 816 -id_GostR3410_2001DH 817 -id_GostR3410_94DH 818 -id_Gost28147_89_CryptoPro_KeyMeshing 819 -id_Gost28147_89_None_KeyMeshing 820 -id_GostR3411_94_TestParamSet 821 -id_GostR3411_94_CryptoProParamSet 822 -id_Gost28147_89_TestParamSet 823 -id_Gost28147_89_CryptoPro_A_ParamSet 824 -id_Gost28147_89_CryptoPro_B_ParamSet 825 -id_Gost28147_89_CryptoPro_C_ParamSet 826 -id_Gost28147_89_CryptoPro_D_ParamSet 827 -id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet 828 -id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet 829 -id_Gost28147_89_CryptoPro_RIC_1_ParamSet 830 -id_GostR3410_94_TestParamSet 831 -id_GostR3410_94_CryptoPro_A_ParamSet 832 -id_GostR3410_94_CryptoPro_B_ParamSet 833 -id_GostR3410_94_CryptoPro_C_ParamSet 834 -id_GostR3410_94_CryptoPro_D_ParamSet 835 -id_GostR3410_94_CryptoPro_XchA_ParamSet 836 -id_GostR3410_94_CryptoPro_XchB_ParamSet 837 -id_GostR3410_94_CryptoPro_XchC_ParamSet 838 -id_GostR3410_2001_TestParamSet 839 -id_GostR3410_2001_CryptoPro_A_ParamSet 840 -id_GostR3410_2001_CryptoPro_B_ParamSet 841 -id_GostR3410_2001_CryptoPro_C_ParamSet 842 -id_GostR3410_2001_CryptoPro_XchA_ParamSet 843 -id_GostR3410_2001_CryptoPro_XchB_ParamSet 844 -id_GostR3410_94_a 845 -id_GostR3410_94_aBis 846 -id_GostR3410_94_b 847 -id_GostR3410_94_bBis 848 -id_Gost28147_89_cc 849 -id_GostR3410_94_cc 850 -id_GostR3410_2001_cc 851 -id_GostR3411_94_with_GostR3410_94_cc 852 -id_GostR3411_94_with_GostR3410_2001_cc 853 -id_GostR3410_2001_ParamSet_cc 854 -hmac 855 -LocalKeySet 856 -freshest_crl 857 -id_on_permanentIdentifier 858 -searchGuide 859 -businessCategory 860 -postalAddress 861 -postOfficeBox 862 -physicalDeliveryOfficeName 863 -telephoneNumber 864 -telexNumber 865 -teletexTerminalIdentifier 866 -facsimileTelephoneNumber 867 -x121Address 868 -internationaliSDNNumber 869 -registeredAddress 870 -destinationIndicator 871 -preferredDeliveryMethod 872 -presentationAddress 873 -supportedApplicationContext 874 -member 875 -owner 876 -roleOccupant 877 -seeAlso 878 -userPassword 879 -userCertificate 880 -cACertificate 881 -authorityRevocationList 882 -certificateRevocationList 883 -crossCertificatePair 884 -enhancedSearchGuide 885 -protocolInformation 886 -distinguishedName 887 -uniqueMember 888 -houseIdentifier 889 -supportedAlgorithms 890 -deltaRevocationList 891 -dmdName 892 -id_alg_PWRI_KEK 893 -cmac 894 -aes_128_gcm 895 -aes_128_ccm 896 -id_aes128_wrap_pad 897 -aes_192_gcm 898 -aes_192_ccm 899 -id_aes192_wrap_pad 900 -aes_256_gcm 901 -aes_256_ccm 902 -id_aes256_wrap_pad 903 -aes_128_ctr 904 -aes_192_ctr 905 -aes_256_ctr 906 -id_camellia128_wrap 907 -id_camellia192_wrap 908 -id_camellia256_wrap 909 -anyExtendedKeyUsage 910 -mgf1 911 -rsassaPss 912 -aes_128_xts 913 -aes_256_xts 914 -rc4_hmac_md5 915 -aes_128_cbc_hmac_sha1 916 -aes_192_cbc_hmac_sha1 917 -aes_256_cbc_hmac_sha1 918 -rsaesOaep 919 -teletrust 920 -brainpool 921 -brainpoolP160r1 922 -brainpoolP160t1 923 -brainpoolP192r1 924 -brainpoolP192t1 925 -brainpoolP224r1 926 -brainpoolP224t1 927 -brainpoolP256r1 928 -brainpoolP256t1 929 -brainpoolP320r1 930 -brainpoolP320t1 931 -brainpoolP384r1 932 -brainpoolP384t1 933 -brainpoolP512r1 934 -brainpoolP512t1 935 -FRP256v1 936 -chacha20 937 -gost89_ecb 938 -gost89_cbc 939 -tc26 940 -id_tc26_gost3411_2012_256 941 -id_tc26_gost3411_2012_512 942 -id_tc26_gost_3410_12_512_paramSetA 943 -id_tc26_gost_3410_12_512_paramSetB 944 -id_tc26_gost_28147_param_Z 945 -id_tc26_gost3410_2012_256 946 -id_tc26_gost3410_2012_512 947 -id_tc26_signwithdigest_gost3410_2012_256 948 -id_tc26_signwithdigest_gost3410_2012_512 949 -X25519 950 -X448 951 -Ed25519 952 -Ed448 953 -Ed25519ph 954 -Ed448ph 955 -jurisdictionLocalityName 956 -jurisdictionStateOrProvinceName 957 -jurisdictionCountryName 958 -kx_rsa 959 -kx_ecdhe 960 -kx_dhe 961 -kx_gost 962 -auth_rsa 963 -auth_ecdsa 964 -auth_gost01 965 -auth_null 966 -chacha20_poly1305 967 -sm3 968 -sm3WithRSAEncryption 969 -ISO_CN 970 -oscca 971 -sm_scheme 972 -sm4_ecb 973 -sm4_cbc 974 -sm4_ofb128 975 -sm4_cfb128 976 -sm4_cfb1 977 -sm4_cfb8 978 -sm4_ctr 979 -dhSinglePass_stdDH_sha1kdf_scheme 980 -dhSinglePass_stdDH_sha224kdf_scheme 981 -dhSinglePass_stdDH_sha256kdf_scheme 982 -dhSinglePass_stdDH_sha384kdf_scheme 983 -dhSinglePass_stdDH_sha512kdf_scheme 984 -dhSinglePass_cofactorDH_sha1kdf_scheme 985 -dhSinglePass_cofactorDH_sha224kdf_scheme 986 -dhSinglePass_cofactorDH_sha256kdf_scheme 987 -dhSinglePass_cofactorDH_sha384kdf_scheme 988 -dhSinglePass_cofactorDH_sha512kdf_scheme 989 -dh_std_kdf 990 -dh_cofactor_kdf 991 -pSpecified 992 -id_tc26_gost_3410_12_256_paramSetA 993 -id_tc26_gost_3410_12_256_paramSetB 994 -id_tc26_gost_3410_12_256_paramSetC 995 -id_tc26_gost_3410_12_256_paramSetD 996 -id_tc26_gost_3410_12_512_paramSetTest 997 -id_tc26_gost_3410_12_512_paramSetC 998 -id_tc26_hmac_gost_3411_12_256 999 -id_tc26_hmac_gost_3411_12_512 1000 -id_ct_routeOriginAuthz 1001 -id_ct_rpkiManifest 1002 -id_ct_rpkiGhostbusters 1003 -id_ct_resourceTaggedAttest 1004 -id_cp 1005 -sbgp_ipAddrBlockv2 1006 -sbgp_autonomousSysNumv2 1007 -ipAddr_asNumber 1008 -ipAddr_asNumberv2 1009 -rpkiManifest 1010 -signedObject 1011 -rpkiNotify 1012 -id_ct_geofeedCSVwithCRLF 1013 -id_ct_signedChecklist 1014 -id_kp_bgpsec_router 1015 -tlsfeature 1016 -id_ct_ASPA 1017 -ct_precert_scts 1018 -ct_precert_poison 1019 -ct_precert_signer 1020 -ct_cert_scts 1021 -hkdf 1022 -id_smime_aa_signingCertificateV2 1023 -id_ct_signedTAL 1024 -sha512_224WithRSAEncryption 1025 -sha512_256WithRSAEncryption 1026 -hmacWithSHA512_224 1027 -hmacWithSHA512_256 1028 -sha512_224 1029 -sha512_256 1030 -sha3_224 1031 -sha3_256 1032 -sha3_384 1033 -sha3_512 1034 -hmac_sha3_224 1035 -hmac_sha3_256 1036 -hmac_sha3_384 1037 -hmac_sha3_512 1038 -dsa_with_SHA384 1039 -dsa_with_SHA512 1040 -dsa_with_SHA3_224 1041 -dsa_with_SHA3_256 1042 -dsa_with_SHA3_384 1043 -dsa_with_SHA3_512 1044 -ecdsa_with_SHA3_224 1045 -ecdsa_with_SHA3_256 1046 -ecdsa_with_SHA3_384 1047 -ecdsa_with_SHA3_512 1048 -RSA_SHA3_224 1049 -RSA_SHA3_256 1050 -RSA_SHA3_384 1051 -RSA_SHA3_512 1052 -acmeIdentifier 1053 -id_ct_rpkiSignedPrefixList 1054 -tls1_prf 1055 diff --git a/src/lib/libcrypto/objects/obj_xref.c b/src/lib/libcrypto/objects/obj_xref.c deleted file mode 100644 index 04611d68e3..0000000000 --- a/src/lib/libcrypto/objects/obj_xref.c +++ /dev/null @@ -1,332 +0,0 @@ -/* $OpenBSD: obj_xref.c,v 1.15 2024/08/28 06:53:24 tb Exp $ */ - -/* - * Copyright (c) 2023 Theo Buehler - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -/* - * Map between signature nids and pairs of (hash, pkey) nids. If the hash nid - * is NID_undef, this indicates to ASN1_item_{sign,verify}() that the pkey's - * ASN.1 method needs to handle algorithm identifiers and part of the message - * digest. - */ - -static const struct { - int sign_nid; - int hash_nid; - int pkey_nid; -} nid_triple[] = { - { - .sign_nid = NID_md2WithRSAEncryption, - .hash_nid = NID_md2, - .pkey_nid = NID_rsaEncryption, - }, - { - .sign_nid = NID_md5WithRSAEncryption, - .hash_nid = NID_md5, - .pkey_nid = NID_rsaEncryption, - }, - { - .sign_nid = NID_shaWithRSAEncryption, - .hash_nid = NID_sha, - .pkey_nid = NID_rsaEncryption, - }, - { - .sign_nid = NID_sha1WithRSAEncryption, - .hash_nid = NID_sha1, - .pkey_nid = NID_rsaEncryption, - }, - { - .sign_nid = NID_dsaWithSHA, - .hash_nid = NID_sha, - .pkey_nid = NID_dsa, - }, - { - .sign_nid = NID_dsaWithSHA1_2, - .hash_nid = NID_sha1, - .pkey_nid = NID_dsa_2, - }, - { - .sign_nid = NID_mdc2WithRSA, - .hash_nid = NID_mdc2, - .pkey_nid = NID_rsaEncryption, - }, - { - .sign_nid = NID_md5WithRSA, - .hash_nid = NID_md5, - .pkey_nid = NID_rsa, - }, - { - .sign_nid = NID_dsaWithSHA1, - .hash_nid = NID_sha1, - .pkey_nid = NID_dsa, - }, - { - .sign_nid = NID_sha1WithRSA, - .hash_nid = NID_sha1, - .pkey_nid = NID_rsa, - }, - { - .sign_nid = NID_ripemd160WithRSA, - .hash_nid = NID_ripemd160, - .pkey_nid = NID_rsaEncryption, - }, - { - .sign_nid = NID_md4WithRSAEncryption, - .hash_nid = NID_md4, - .pkey_nid = NID_rsaEncryption, - }, - { - .sign_nid = NID_ecdsa_with_SHA1, - .hash_nid = NID_sha1, - .pkey_nid = NID_X9_62_id_ecPublicKey, - }, - { - .sign_nid = NID_sha256WithRSAEncryption, - .hash_nid = NID_sha256, - .pkey_nid = NID_rsaEncryption, - }, - { - .sign_nid = NID_sha384WithRSAEncryption, - .hash_nid = NID_sha384, - .pkey_nid = NID_rsaEncryption, - }, - { - .sign_nid = NID_sha512WithRSAEncryption, - .hash_nid = NID_sha512, - .pkey_nid = NID_rsaEncryption, - }, - { - .sign_nid = NID_sha224WithRSAEncryption, - .hash_nid = NID_sha224, - .pkey_nid = NID_rsaEncryption, - }, - { - .sign_nid = NID_ecdsa_with_Recommended, - .hash_nid = NID_undef, - .pkey_nid = NID_X9_62_id_ecPublicKey, - }, - { - .sign_nid = NID_ecdsa_with_Specified, - .hash_nid = NID_undef, - .pkey_nid = NID_X9_62_id_ecPublicKey, - }, - { - .sign_nid = NID_ecdsa_with_SHA224, - .hash_nid = NID_sha224, - .pkey_nid = NID_X9_62_id_ecPublicKey, - }, - { - .sign_nid = NID_ecdsa_with_SHA256, - .hash_nid = NID_sha256, - .pkey_nid = NID_X9_62_id_ecPublicKey, - }, - { - .sign_nid = NID_ecdsa_with_SHA384, - .hash_nid = NID_sha384, - .pkey_nid = NID_X9_62_id_ecPublicKey, - }, - { - .sign_nid = NID_ecdsa_with_SHA512, - .hash_nid = NID_sha512, - .pkey_nid = NID_X9_62_id_ecPublicKey, - }, - { - .sign_nid = NID_dsa_with_SHA224, - .hash_nid = NID_sha224, - .pkey_nid = NID_dsa, - }, - { - .sign_nid = NID_dsa_with_SHA256, - .hash_nid = NID_sha256, - .pkey_nid = NID_dsa, - }, - { - .sign_nid = NID_id_GostR3411_94_with_GostR3410_2001, - .hash_nid = NID_id_GostR3411_94, - .pkey_nid = NID_id_GostR3410_2001, - }, - { - .sign_nid = NID_id_GostR3411_94_with_GostR3410_94, - .hash_nid = NID_id_GostR3411_94, - .pkey_nid = NID_id_GostR3410_94, - }, - { - .sign_nid = NID_id_GostR3411_94_with_GostR3410_94_cc, - .hash_nid = NID_id_GostR3411_94, - .pkey_nid = NID_id_GostR3410_94_cc, - }, - { - .sign_nid = NID_id_GostR3411_94_with_GostR3410_2001_cc, - .hash_nid = NID_id_GostR3411_94, - .pkey_nid = NID_id_GostR3410_2001_cc, - }, - { - .sign_nid = NID_rsassaPss, - .hash_nid = NID_undef, - .pkey_nid = NID_rsassaPss, - }, - { - .sign_nid = NID_id_tc26_signwithdigest_gost3410_2012_256, - .hash_nid = NID_id_tc26_gost3411_2012_256, - .pkey_nid = NID_id_GostR3410_2001, - }, - { - .sign_nid = NID_id_tc26_signwithdigest_gost3410_2012_512, - .hash_nid = NID_id_tc26_gost3411_2012_512, - .pkey_nid = NID_id_GostR3410_2001, - }, - { - .sign_nid = NID_Ed25519, - .hash_nid = NID_undef, - .pkey_nid = NID_Ed25519, - }, - { - .sign_nid = NID_dhSinglePass_stdDH_sha1kdf_scheme, - .hash_nid = NID_sha1, - .pkey_nid = NID_dh_std_kdf, - }, - { - .sign_nid = NID_dhSinglePass_stdDH_sha224kdf_scheme, - .hash_nid = NID_sha224, - .pkey_nid = NID_dh_std_kdf, - }, - { - .sign_nid = NID_dhSinglePass_stdDH_sha256kdf_scheme, - .hash_nid = NID_sha256, - .pkey_nid = NID_dh_std_kdf, - }, - { - .sign_nid = NID_dhSinglePass_stdDH_sha384kdf_scheme, - .hash_nid = NID_sha384, - .pkey_nid = NID_dh_std_kdf, - }, - { - .sign_nid = NID_dhSinglePass_stdDH_sha512kdf_scheme, - .hash_nid = NID_sha512, - .pkey_nid = NID_dh_std_kdf, - }, - { - .sign_nid = NID_dhSinglePass_cofactorDH_sha1kdf_scheme, - .hash_nid = NID_sha1, - .pkey_nid = NID_dh_cofactor_kdf, - }, - { - .sign_nid = NID_dhSinglePass_cofactorDH_sha224kdf_scheme, - .hash_nid = NID_sha224, - .pkey_nid = NID_dh_cofactor_kdf, - }, - { - .sign_nid = NID_dhSinglePass_cofactorDH_sha256kdf_scheme, - .hash_nid = NID_sha256, - .pkey_nid = NID_dh_cofactor_kdf, - }, - { - .sign_nid = NID_dhSinglePass_cofactorDH_sha384kdf_scheme, - .hash_nid = NID_sha384, - .pkey_nid = NID_dh_cofactor_kdf, - }, - { - .sign_nid = NID_dhSinglePass_cofactorDH_sha512kdf_scheme, - .hash_nid = NID_sha512, - .pkey_nid = NID_dh_cofactor_kdf, - }, - { - .sign_nid = NID_RSA_SHA3_224, - .hash_nid = NID_sha3_224, - .pkey_nid = NID_rsaEncryption, - }, - { - .sign_nid = NID_RSA_SHA3_256, - .hash_nid = NID_sha3_256, - .pkey_nid = NID_rsaEncryption, - }, - { - .sign_nid = NID_RSA_SHA3_384, - .hash_nid = NID_sha3_384, - .pkey_nid = NID_rsaEncryption, - }, - { - .sign_nid = NID_RSA_SHA3_512, - .hash_nid = NID_sha3_512, - .pkey_nid = NID_rsaEncryption, - }, - { - .sign_nid = NID_ecdsa_with_SHA3_224, - .hash_nid = NID_sha3_224, - .pkey_nid = NID_X9_62_id_ecPublicKey, - }, - { - .sign_nid = NID_ecdsa_with_SHA3_256, - .hash_nid = NID_sha3_256, - .pkey_nid = NID_X9_62_id_ecPublicKey, - }, - { - .sign_nid = NID_ecdsa_with_SHA3_384, - .hash_nid = NID_sha3_384, - .pkey_nid = NID_X9_62_id_ecPublicKey, - }, - { - .sign_nid = NID_ecdsa_with_SHA3_512, - .hash_nid = NID_sha3_512, - .pkey_nid = NID_X9_62_id_ecPublicKey, - }, -}; - -#define N_NID_TRIPLES (sizeof(nid_triple) / sizeof(nid_triple[0])) - -int -OBJ_find_sigid_algs(int sign_nid, int *hash_nid, int *pkey_nid) -{ - size_t i; - - for (i = 0; i < N_NID_TRIPLES; i++) { - if (sign_nid != nid_triple[i].sign_nid) - continue; - - if (hash_nid != NULL) - *hash_nid = nid_triple[i].hash_nid; - if (pkey_nid != NULL) - *pkey_nid = nid_triple[i].pkey_nid; - - return 1; - } - - return 0; -} -LCRYPTO_ALIAS(OBJ_find_sigid_algs); - -int -OBJ_find_sigid_by_algs(int *sign_nid, int hash_nid, int pkey_nid) -{ - size_t i; - - for (i = 0; i < N_NID_TRIPLES; i++) { - if (hash_nid != nid_triple[i].hash_nid) - continue; - if (pkey_nid != nid_triple[i].pkey_nid) - continue; - - if (sign_nid != NULL) - *sign_nid = nid_triple[i].sign_nid; - - return 1; - } - - return 0; -} -LCRYPTO_ALIAS(OBJ_find_sigid_by_algs); diff --git a/src/lib/libcrypto/objects/objects.README b/src/lib/libcrypto/objects/objects.README deleted file mode 100644 index c49e93d679..0000000000 --- a/src/lib/libcrypto/objects/objects.README +++ /dev/null @@ -1,44 +0,0 @@ -objects.txt syntax ------------------- - -To cover all the naming hacks that were previously in objects.h, we needed some -kind of hacks in objects.txt. - -The basic syntax for adding an object is as follows: - - 1 2 3 4 : shortName : Long Name - - If the long name doesn't contain spaces, or no short name - exists, the long name is used as basis for the base name - in C. Otherwise, the short name is used. - - The base name (let's call it 'base') will then be used to - create the C macros SN_base, LN_base, NID_base and OBJ_base. - - Note that if the base name contains spaces, dashes or periods, - those will be converted to underscore. - -Then there are some extra commands: - - !Alias foo 1 2 3 4 - - This just makes a name foo for an OID. The C macro - OBJ_foo will be created as a result. - - !Cname foo - - This makes sure that the name foo will be used as base name - in C. - - !module foo - 1 2 3 4 : shortName : Long Name - !global - - The !module command was meant to define a kind of modularity. - What it does is to make sure the module name is prepended - to the base name. !global turns this off. This construction - is not recursive. - -Lines starting with # are treated as comments, as well as any line starting -with ! and not matching the commands above. - diff --git a/src/lib/libcrypto/objects/objects.h b/src/lib/libcrypto/objects/objects.h deleted file mode 100644 index 1a8490bd1a..0000000000 --- a/src/lib/libcrypto/objects/objects.h +++ /dev/null @@ -1,137 +0,0 @@ -/* $OpenBSD: objects.h,v 1.29 2024/03/02 09:51:36 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_OBJECTS_H -#define HEADER_OBJECTS_H - -#include - -#define SN_ED25519 SN_Ed25519 -#define NID_ED25519 NID_Ed25519 -#define OBJ_ED25519 OBJ_Ed25519 - -#include -#include - -#define OBJ_NAME_TYPE_UNDEF 0x00 -#define OBJ_NAME_TYPE_MD_METH 0x01 -#define OBJ_NAME_TYPE_CIPHER_METH 0x02 -#define OBJ_NAME_TYPE_NUM 0x03 - -#define OBJ_NAME_ALIAS 0x8000 - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct obj_name_st { - int type; - int alias; - const char *name; - const void *data; -} OBJ_NAME; - -void OBJ_NAME_do_all(int type, void (*fn)(const OBJ_NAME *, void *arg), - void *arg); -void OBJ_NAME_do_all_sorted(int type, void (*fn)(const OBJ_NAME *, void *arg), - void *arg); - -ASN1_OBJECT * OBJ_dup(const ASN1_OBJECT *o); -ASN1_OBJECT * OBJ_nid2obj(int n); -const char * OBJ_nid2ln(int n); -const char * OBJ_nid2sn(int n); -int OBJ_obj2nid(const ASN1_OBJECT *o); -ASN1_OBJECT * OBJ_txt2obj(const char *s, int no_name); -int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name); -int OBJ_txt2nid(const char *s); -int OBJ_ln2nid(const char *s); -int OBJ_sn2nid(const char *s); -int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b); - -int OBJ_new_nid(int num); -int OBJ_create(const char *oid, const char *sn, const char *ln); -void OBJ_cleanup(void); -int OBJ_create_objects(BIO *in); - -size_t OBJ_length(const ASN1_OBJECT *obj); -const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj); - -int OBJ_find_sigid_algs(int signid, int *pdig_nid, int *ppkey_nid); -int OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid); - -void ERR_load_OBJ_strings(void); - -/* Error codes for the OBJ functions. */ - -/* Function codes. */ -#define OBJ_F_OBJ_ADD_OBJECT 105 -#define OBJ_F_OBJ_CREATE 100 -#define OBJ_F_OBJ_DUP 101 -#define OBJ_F_OBJ_NAME_NEW_INDEX 106 -#define OBJ_F_OBJ_NID2LN 102 -#define OBJ_F_OBJ_NID2OBJ 103 -#define OBJ_F_OBJ_NID2SN 104 - -/* Reason codes. */ -#define OBJ_R_MALLOC_FAILURE 100 -#define OBJ_R_UNKNOWN_NID 101 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/objects/objects.pl b/src/lib/libcrypto/objects/objects.pl deleted file mode 100644 index d2bf659d88..0000000000 --- a/src/lib/libcrypto/objects/objects.pl +++ /dev/null @@ -1,233 +0,0 @@ -#!/usr/local/bin/perl - -open (NUMIN,"$ARGV[1]") || die "Can't open number file $ARGV[1]"; -$max_nid=0; -$o=0; -while() - { - chop; - $o++; - s/#.*$//; - next if /^\s*$/; - $_ = 'X'.$_; - ($Cname,$mynum) = split; - $Cname =~ s/^X//; - if (defined($nidn{$mynum})) - { die "$ARGV[1]:$o:There's already an object with NID ",$mynum," on line ",$order{$mynum},"\n"; } - if (defined($nid{$Cname})) - { die "$ARGV[1]:$o:There's already an object with name ",$Cname," on line ",$order{$nid{$Cname}},"\n"; } - $nid{$Cname} = $mynum; - $nidn{$mynum} = $Cname; - $order{$mynum} = $o; - $max_nid = $mynum if $mynum > $max_nid; - } -close NUMIN; - -open (IN,"$ARGV[0]") || die "Can't open input file $ARGV[0]"; -$Cname=""; -$o=0; -while () - { - chop; - $o++; - if (/^!module\s+(.*)$/) - { - $module = $1."-"; - $module =~ s/\./_/g; - $module =~ s/-/_/g; - } - if (/^!global$/) - { $module = ""; } - if (/^!Cname\s+(.*)$/) - { $Cname = $1; } - if (/^!Alias\s+(.+?)\s+(.*)$/) - { - $Cname = $module.$1; - $myoid = $2; - $myoid = &process_oid($myoid); - $Cname =~ s/-/_/g; - $ordern{$o} = $Cname; - $order{$Cname} = $o; - $obj{$Cname} = $myoid; - $_ = ""; - $Cname = ""; - } - s/!.*$//; - s/#.*$//; - next if /^\s*$/; - ($myoid,$mysn,$myln) = split ':'; - $mysn =~ s/^\s*//; - $mysn =~ s/\s*$//; - $myln =~ s/^\s*//; - $myln =~ s/\s*$//; - $myoid =~ s/^\s*//; - $myoid =~ s/\s*$//; - if ($myoid ne "") - { - $myoid = &process_oid($myoid); - } - - if ($Cname eq "" && !($myln =~ / /)) - { - $Cname = $myln; - $Cname =~ s/\./_/g; - $Cname =~ s/-/_/g; - if ($Cname ne "" && defined($ln{$module.$Cname})) - { die "objects.txt:$o:There's already an object with long name ",$ln{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; } - } - if ($Cname eq "") - { - $Cname = $mysn; - $Cname =~ s/-/_/g; - if ($Cname ne "" && defined($sn{$module.$Cname})) - { die "objects.txt:$o:There's already an object with short name ",$sn{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; } - } - if ($Cname eq "") - { - $Cname = $myln; - $Cname =~ s/-/_/g; - $Cname =~ s/\./_/g; - $Cname =~ s/ /_/g; - if ($Cname ne "" && defined($ln{$module.$Cname})) - { die "objects.txt:$o:There's already an object with long name ",$ln{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; } - } - $Cname =~ s/\./_/g; - $Cname =~ s/-/_/g; - $Cname = $module.$Cname; - $ordern{$o} = $Cname; - $order{$Cname} = $o; - $sn{$Cname} = $mysn; - $ln{$Cname} = $myln; - $obj{$Cname} = $myoid; - if (!defined($nid{$Cname})) - { - $max_nid++; - $nid{$Cname} = $max_nid; - $nidn{$max_nid} = $Cname; -print STDERR "Added OID $Cname\n"; - } - $Cname=""; - } -close IN; - -#XXX don't modify input files -#open (NUMOUT,">$ARGV[1]") || die "Can't open output file $ARGV[1]"; -#foreach (sort { $a <=> $b } keys %nidn) -# { -# print NUMOUT $nidn{$_},"\t\t",$_,"\n"; -# } -#close NUMOUT; - -open (OUT,">$ARGV[2]") || die "Can't open output file $ARGV[2]"; -print OUT <<'EOF'; -/* crypto/objects/obj_mac.h */ - -/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the - * following command: - * perl objects.pl objects.txt obj_mac.num obj_mac.h - */ - -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#define SN_undef "UNDEF" -#define LN_undef "undefined" -#define NID_undef 0 -#define OBJ_undef 0L - -EOF - -foreach (sort { $a <=> $b } keys %ordern) - { - $Cname=$ordern{$_}; - print OUT "#define SN_",$Cname,"\t\t\"",$sn{$Cname},"\"\n" if $sn{$Cname} ne ""; - print OUT "#define LN_",$Cname,"\t\t\"",$ln{$Cname},"\"\n" if $ln{$Cname} ne ""; - print OUT "#define NID_",$Cname,"\t\t",$nid{$Cname},"\n" if $nid{$Cname} ne ""; - print OUT "#define OBJ_",$Cname,"\t\t",$obj{$Cname},"\n" if $obj{$Cname} ne ""; - print OUT "\n"; - } - -close OUT; - -sub process_oid - { - local($oid)=@_; - local(@a,$oid_pref); - - @a = split(/\s+/,$myoid); - $pref_oid = ""; - $pref_sep = ""; - if (!($a[0] =~ /^[0-9]+$/)) - { - $a[0] =~ s/-/_/g; - if (!defined($obj{$a[0]})) - { die "$ARGV[0]:$o:Undefined identifier ",$a[0],"\n"; } - $pref_oid = "OBJ_" . $a[0]; - $pref_sep = ","; - shift @a; - } - $oids = join('L,',@a) . "L"; - if ($oids ne "L") - { - $oids = $pref_oid . $pref_sep . $oids; - } - else - { - $oids = $pref_oid; - } - return($oids); - } diff --git a/src/lib/libcrypto/objects/objects.txt b/src/lib/libcrypto/objects/objects.txt deleted file mode 100644 index 4d5a52efcf..0000000000 --- a/src/lib/libcrypto/objects/objects.txt +++ /dev/null @@ -1,1479 +0,0 @@ -# CCITT was renamed to ITU-T quite some time ago -0 : ITU-T : itu-t -!Alias ccitt itu-t - -1 : ISO : iso - -2 : JOINT-ISO-ITU-T : joint-iso-itu-t -!Alias joint-iso-ccitt joint-iso-itu-t - -iso 2 : member-body : ISO Member Body - -iso 3 : identified-organization - -# HMAC OIDs -identified-organization 6 1 5 5 8 1 1 : HMAC-MD5 : hmac-md5 -identified-organization 6 1 5 5 8 1 2 : HMAC-SHA1 : hmac-sha1 - -identified-organization 132 : certicom-arc - -joint-iso-itu-t 23 : international-organizations : International Organizations - -international-organizations 43 : wap -wap 1 : wap-wsg - -joint-iso-itu-t 5 1 5 : selected-attribute-types : Selected Attribute Types - -selected-attribute-types 55 : clearance - -member-body 840 : ISO-US : ISO US Member Body -ISO-US 10040 : X9-57 : X9.57 -X9-57 4 : X9cm : X9.57 CM ? - -!Cname dsa -X9cm 1 : DSA : dsaEncryption -X9cm 3 : DSA-SHA1 : dsaWithSHA1 - - -ISO-US 10045 : ansi-X9-62 : ANSI X9.62 -!module X9-62 -!Alias id-fieldType ansi-X9-62 1 -X9-62_id-fieldType 1 : prime-field -X9-62_id-fieldType 2 : characteristic-two-field -X9-62_characteristic-two-field 3 : id-characteristic-two-basis -X9-62_id-characteristic-two-basis 1 : onBasis -X9-62_id-characteristic-two-basis 2 : tpBasis -X9-62_id-characteristic-two-basis 3 : ppBasis -!Alias id-publicKeyType ansi-X9-62 2 -X9-62_id-publicKeyType 1 : id-ecPublicKey -!Alias ellipticCurve ansi-X9-62 3 -!Alias c-TwoCurve X9-62_ellipticCurve 0 -X9-62_c-TwoCurve 1 : c2pnb163v1 -X9-62_c-TwoCurve 2 : c2pnb163v2 -X9-62_c-TwoCurve 3 : c2pnb163v3 -X9-62_c-TwoCurve 4 : c2pnb176v1 -X9-62_c-TwoCurve 5 : c2tnb191v1 -X9-62_c-TwoCurve 6 : c2tnb191v2 -X9-62_c-TwoCurve 7 : c2tnb191v3 -X9-62_c-TwoCurve 8 : c2onb191v4 -X9-62_c-TwoCurve 9 : c2onb191v5 -X9-62_c-TwoCurve 10 : c2pnb208w1 -X9-62_c-TwoCurve 11 : c2tnb239v1 -X9-62_c-TwoCurve 12 : c2tnb239v2 -X9-62_c-TwoCurve 13 : c2tnb239v3 -X9-62_c-TwoCurve 14 : c2onb239v4 -X9-62_c-TwoCurve 15 : c2onb239v5 -X9-62_c-TwoCurve 16 : c2pnb272w1 -X9-62_c-TwoCurve 17 : c2pnb304w1 -X9-62_c-TwoCurve 18 : c2tnb359v1 -X9-62_c-TwoCurve 19 : c2pnb368w1 -X9-62_c-TwoCurve 20 : c2tnb431r1 -!Alias primeCurve X9-62_ellipticCurve 1 -X9-62_primeCurve 1 : prime192v1 -X9-62_primeCurve 2 : prime192v2 -X9-62_primeCurve 3 : prime192v3 -X9-62_primeCurve 4 : prime239v1 -X9-62_primeCurve 5 : prime239v2 -X9-62_primeCurve 6 : prime239v3 -X9-62_primeCurve 7 : prime256v1 -!Alias id-ecSigType ansi-X9-62 4 -!global -X9-62_id-ecSigType 1 : ecdsa-with-SHA1 -X9-62_id-ecSigType 2 : ecdsa-with-Recommended -X9-62_id-ecSigType 3 : ecdsa-with-Specified -ecdsa-with-Specified 1 : ecdsa-with-SHA224 -ecdsa-with-Specified 2 : ecdsa-with-SHA256 -ecdsa-with-Specified 3 : ecdsa-with-SHA384 -ecdsa-with-Specified 4 : ecdsa-with-SHA512 - -# SECG curve OIDs from "SEC 2: Recommended Elliptic Curve Domain Parameters" -# (http://www.secg.org/) -!Alias secg_ellipticCurve certicom-arc 0 -# SECG prime curves OIDs -secg-ellipticCurve 6 : secp112r1 -secg-ellipticCurve 7 : secp112r2 -secg-ellipticCurve 28 : secp128r1 -secg-ellipticCurve 29 : secp128r2 -secg-ellipticCurve 9 : secp160k1 -secg-ellipticCurve 8 : secp160r1 -secg-ellipticCurve 30 : secp160r2 -secg-ellipticCurve 31 : secp192k1 -# NOTE: the curve secp192r1 is the same as prime192v1 defined above -# and is therefore omitted -secg-ellipticCurve 32 : secp224k1 -secg-ellipticCurve 33 : secp224r1 -secg-ellipticCurve 10 : secp256k1 -# NOTE: the curve secp256r1 is the same as prime256v1 defined above -# and is therefore omitted -secg-ellipticCurve 34 : secp384r1 -secg-ellipticCurve 35 : secp521r1 -# SECG characteristic two curves OIDs -secg-ellipticCurve 4 : sect113r1 -secg-ellipticCurve 5 : sect113r2 -secg-ellipticCurve 22 : sect131r1 -secg-ellipticCurve 23 : sect131r2 -secg-ellipticCurve 1 : sect163k1 -secg-ellipticCurve 2 : sect163r1 -secg-ellipticCurve 15 : sect163r2 -secg-ellipticCurve 24 : sect193r1 -secg-ellipticCurve 25 : sect193r2 -secg-ellipticCurve 26 : sect233k1 -secg-ellipticCurve 27 : sect233r1 -secg-ellipticCurve 3 : sect239k1 -secg-ellipticCurve 16 : sect283k1 -secg-ellipticCurve 17 : sect283r1 -secg-ellipticCurve 36 : sect409k1 -secg-ellipticCurve 37 : sect409r1 -secg-ellipticCurve 38 : sect571k1 -secg-ellipticCurve 39 : sect571r1 - -# WAP/TLS curve OIDs (http://www.wapforum.org/) -!Alias wap-wsg-idm-ecid wap-wsg 4 -wap-wsg-idm-ecid 1 : wap-wsg-idm-ecid-wtls1 -wap-wsg-idm-ecid 3 : wap-wsg-idm-ecid-wtls3 -wap-wsg-idm-ecid 4 : wap-wsg-idm-ecid-wtls4 -wap-wsg-idm-ecid 5 : wap-wsg-idm-ecid-wtls5 -wap-wsg-idm-ecid 6 : wap-wsg-idm-ecid-wtls6 -wap-wsg-idm-ecid 7 : wap-wsg-idm-ecid-wtls7 -wap-wsg-idm-ecid 8 : wap-wsg-idm-ecid-wtls8 -wap-wsg-idm-ecid 9 : wap-wsg-idm-ecid-wtls9 -wap-wsg-idm-ecid 10 : wap-wsg-idm-ecid-wtls10 -wap-wsg-idm-ecid 11 : wap-wsg-idm-ecid-wtls11 -wap-wsg-idm-ecid 12 : wap-wsg-idm-ecid-wtls12 - - -ISO-US 113533 7 66 10 : CAST5-CBC : cast5-cbc - : CAST5-ECB : cast5-ecb -!Cname cast5-cfb64 - : CAST5-CFB : cast5-cfb -!Cname cast5-ofb64 - : CAST5-OFB : cast5-ofb -!Cname pbeWithMD5AndCast5-CBC -ISO-US 113533 7 66 12 : : pbeWithMD5AndCast5CBC - -# Macs for CMP and CRMF -ISO-US 113533 7 66 13 : id-PasswordBasedMAC : password based MAC -ISO-US 113533 7 66 30 : id-DHBasedMac : Diffie-Hellman based MAC - -ISO-US 113549 : rsadsi : RSA Data Security, Inc. - -rsadsi 1 : pkcs : RSA Data Security, Inc. PKCS - -pkcs 1 : pkcs1 -pkcs1 1 : : rsaEncryption -pkcs1 2 : RSA-MD2 : md2WithRSAEncryption -pkcs1 3 : RSA-MD4 : md4WithRSAEncryption -pkcs1 4 : RSA-MD5 : md5WithRSAEncryption -pkcs1 5 : RSA-SHA1 : sha1WithRSAEncryption -# According to PKCS #1 version 2.1 -pkcs1 7 : RSAES-OAEP : rsaesOaep -pkcs1 8 : MGF1 : mgf1 -pkcs1 9 : PSPECIFIED : pSpecified -pkcs1 10 : RSASSA-PSS : rsassaPss - -pkcs1 11 : RSA-SHA256 : sha256WithRSAEncryption -pkcs1 12 : RSA-SHA384 : sha384WithRSAEncryption -pkcs1 13 : RSA-SHA512 : sha512WithRSAEncryption -pkcs1 14 : RSA-SHA224 : sha224WithRSAEncryption -pkcs1 15 : RSA-SHA512/224 : sha512-224WithRSAEncryption -pkcs1 16 : RSA-SHA512/256 : sha512-256WithRSAEncryption - -pkcs 3 : pkcs3 -pkcs3 1 : : dhKeyAgreement - -pkcs 5 : pkcs5 -pkcs5 1 : PBE-MD2-DES : pbeWithMD2AndDES-CBC -pkcs5 3 : PBE-MD5-DES : pbeWithMD5AndDES-CBC -pkcs5 4 : PBE-MD2-RC2-64 : pbeWithMD2AndRC2-CBC -pkcs5 6 : PBE-MD5-RC2-64 : pbeWithMD5AndRC2-CBC -pkcs5 10 : PBE-SHA1-DES : pbeWithSHA1AndDES-CBC -pkcs5 11 : PBE-SHA1-RC2-64 : pbeWithSHA1AndRC2-CBC -!Cname id_pbkdf2 -pkcs5 12 : : PBKDF2 -!Cname pbes2 -pkcs5 13 : : PBES2 -!Cname pbmac1 -pkcs5 14 : : PBMAC1 - -pkcs 7 : pkcs7 -pkcs7 1 : : pkcs7-data -!Cname pkcs7-signed -pkcs7 2 : : pkcs7-signedData -!Cname pkcs7-enveloped -pkcs7 3 : : pkcs7-envelopedData -!Cname pkcs7-signedAndEnveloped -pkcs7 4 : : pkcs7-signedAndEnvelopedData -!Cname pkcs7-digest -pkcs7 5 : : pkcs7-digestData -!Cname pkcs7-encrypted -pkcs7 6 : : pkcs7-encryptedData - -pkcs 9 : pkcs9 -!module pkcs9 -pkcs9 1 : : emailAddress -pkcs9 2 : : unstructuredName -pkcs9 3 : : contentType -pkcs9 4 : : messageDigest -pkcs9 5 : : signingTime -pkcs9 6 : : countersignature -pkcs9 7 : : challengePassword -pkcs9 8 : : unstructuredAddress -!Cname extCertAttributes -pkcs9 9 : : extendedCertificateAttributes -!global - -!Cname ext-req -pkcs9 14 : extReq : Extension Request - -!Cname SMIMECapabilities -pkcs9 15 : SMIME-CAPS : S/MIME Capabilities - -# S/MIME -!Cname SMIME -pkcs9 16 : SMIME : S/MIME -SMIME 0 : id-smime-mod -SMIME 1 : id-smime-ct -SMIME 2 : id-smime-aa -SMIME 3 : id-smime-alg -SMIME 4 : id-smime-cd -SMIME 5 : id-smime-spq -SMIME 6 : id-smime-cti - -# S/MIME Modules -id-smime-mod 1 : id-smime-mod-cms -id-smime-mod 2 : id-smime-mod-ess -id-smime-mod 3 : id-smime-mod-oid -id-smime-mod 4 : id-smime-mod-msg-v3 -id-smime-mod 5 : id-smime-mod-ets-eSignature-88 -id-smime-mod 6 : id-smime-mod-ets-eSignature-97 -id-smime-mod 7 : id-smime-mod-ets-eSigPolicy-88 -id-smime-mod 8 : id-smime-mod-ets-eSigPolicy-97 - -# S/MIME Content Types -id-smime-ct 1 : id-smime-ct-receipt -id-smime-ct 2 : id-smime-ct-authData -id-smime-ct 3 : id-smime-ct-publishCert -id-smime-ct 4 : id-smime-ct-TSTInfo -id-smime-ct 5 : id-smime-ct-TDTInfo -id-smime-ct 6 : id-smime-ct-contentInfo -id-smime-ct 7 : id-smime-ct-DVCSRequestData -id-smime-ct 8 : id-smime-ct-DVCSResponseData -id-smime-ct 9 : id-smime-ct-compressedData -id-smime-ct 24 : id-ct-routeOriginAuthz -id-smime-ct 26 : id-ct-rpkiManifest -id-smime-ct 27 : id-ct-asciiTextWithCRLF -id-smime-ct 35 : id-ct-rpkiGhostbusters -id-smime-ct 36 : id-ct-resourceTaggedAttest -id-smime-ct 47 : id-ct-geofeedCSVwithCRLF -id-smime-ct 48 : id-ct-signedChecklist -id-smime-ct 49 : id-ct-ASPA -id-smime-ct 50 : id-ct-signedTAL -id-smime-ct 51 : id-ct-rpkiSignedPrefixList - -# S/MIME Attributes -id-smime-aa 1 : id-smime-aa-receiptRequest -id-smime-aa 2 : id-smime-aa-securityLabel -id-smime-aa 3 : id-smime-aa-mlExpandHistory -id-smime-aa 4 : id-smime-aa-contentHint -id-smime-aa 5 : id-smime-aa-msgSigDigest -# obsolete -id-smime-aa 6 : id-smime-aa-encapContentType -id-smime-aa 7 : id-smime-aa-contentIdentifier -# obsolete -id-smime-aa 8 : id-smime-aa-macValue -id-smime-aa 9 : id-smime-aa-equivalentLabels -id-smime-aa 10 : id-smime-aa-contentReference -id-smime-aa 11 : id-smime-aa-encrypKeyPref -id-smime-aa 12 : id-smime-aa-signingCertificate -id-smime-aa 13 : id-smime-aa-smimeEncryptCerts -id-smime-aa 14 : id-smime-aa-timeStampToken -id-smime-aa 15 : id-smime-aa-ets-sigPolicyId -id-smime-aa 16 : id-smime-aa-ets-commitmentType -id-smime-aa 17 : id-smime-aa-ets-signerLocation -id-smime-aa 18 : id-smime-aa-ets-signerAttr -id-smime-aa 19 : id-smime-aa-ets-otherSigCert -id-smime-aa 20 : id-smime-aa-ets-contentTimestamp -id-smime-aa 21 : id-smime-aa-ets-CertificateRefs -id-smime-aa 22 : id-smime-aa-ets-RevocationRefs -id-smime-aa 23 : id-smime-aa-ets-certValues -id-smime-aa 24 : id-smime-aa-ets-revocationValues -id-smime-aa 25 : id-smime-aa-ets-escTimeStamp -id-smime-aa 26 : id-smime-aa-ets-certCRLTimestamp -id-smime-aa 27 : id-smime-aa-ets-archiveTimeStamp -id-smime-aa 28 : id-smime-aa-signatureType -id-smime-aa 29 : id-smime-aa-dvcs-dvc -id-smime-aa 47 : id-smime-aa-signingCertificateV2 - -# S/MIME Algorithm Identifiers -# obsolete -id-smime-alg 1 : id-smime-alg-ESDHwith3DES -# obsolete -id-smime-alg 2 : id-smime-alg-ESDHwithRC2 -# obsolete -id-smime-alg 3 : id-smime-alg-3DESwrap -# obsolete -id-smime-alg 4 : id-smime-alg-RC2wrap -id-smime-alg 5 : id-smime-alg-ESDH -id-smime-alg 6 : id-smime-alg-CMS3DESwrap -id-smime-alg 7 : id-smime-alg-CMSRC2wrap -id-smime-alg 9 : id-alg-PWRI-KEK - -# S/MIME Certificate Distribution -id-smime-cd 1 : id-smime-cd-ldap - -# S/MIME Signature Policy Qualifier -id-smime-spq 1 : id-smime-spq-ets-sqt-uri -id-smime-spq 2 : id-smime-spq-ets-sqt-unotice - -# S/MIME Commitment Type Identifier -id-smime-cti 1 : id-smime-cti-ets-proofOfOrigin -id-smime-cti 2 : id-smime-cti-ets-proofOfReceipt -id-smime-cti 3 : id-smime-cti-ets-proofOfDelivery -id-smime-cti 4 : id-smime-cti-ets-proofOfSender -id-smime-cti 5 : id-smime-cti-ets-proofOfApproval -id-smime-cti 6 : id-smime-cti-ets-proofOfCreation - -pkcs9 20 : : friendlyName -pkcs9 21 : : localKeyID -!Cname ms-csp-name -1 3 6 1 4 1 311 17 1 : CSPName : Microsoft CSP Name -1 3 6 1 4 1 311 17 2 : LocalKeySet : Microsoft Local Key set -!Alias certTypes pkcs9 22 -certTypes 1 : : x509Certificate -certTypes 2 : : sdsiCertificate -!Alias crlTypes pkcs9 23 -crlTypes 1 : : x509Crl - -!Alias pkcs12 pkcs 12 -!Alias pkcs12-pbeids pkcs12 1 - -!Cname pbe-WithSHA1And128BitRC4 -pkcs12-pbeids 1 : PBE-SHA1-RC4-128 : pbeWithSHA1And128BitRC4 -!Cname pbe-WithSHA1And40BitRC4 -pkcs12-pbeids 2 : PBE-SHA1-RC4-40 : pbeWithSHA1And40BitRC4 -!Cname pbe-WithSHA1And3_Key_TripleDES-CBC -pkcs12-pbeids 3 : PBE-SHA1-3DES : pbeWithSHA1And3-KeyTripleDES-CBC -!Cname pbe-WithSHA1And2_Key_TripleDES-CBC -pkcs12-pbeids 4 : PBE-SHA1-2DES : pbeWithSHA1And2-KeyTripleDES-CBC -!Cname pbe-WithSHA1And128BitRC2-CBC -pkcs12-pbeids 5 : PBE-SHA1-RC2-128 : pbeWithSHA1And128BitRC2-CBC -!Cname pbe-WithSHA1And40BitRC2-CBC -pkcs12-pbeids 6 : PBE-SHA1-RC2-40 : pbeWithSHA1And40BitRC2-CBC - -!Alias pkcs12-Version1 pkcs12 10 -!Alias pkcs12-BagIds pkcs12-Version1 1 -pkcs12-BagIds 1 : : keyBag -pkcs12-BagIds 2 : : pkcs8ShroudedKeyBag -pkcs12-BagIds 3 : : certBag -pkcs12-BagIds 4 : : crlBag -pkcs12-BagIds 5 : : secretBag -pkcs12-BagIds 6 : : safeContentsBag - -rsadsi 2 2 : MD2 : md2 -rsadsi 2 4 : MD4 : md4 -rsadsi 2 5 : MD5 : md5 - : MD5-SHA1 : md5-sha1 -rsadsi 2 6 : : hmacWithMD5 -rsadsi 2 7 : : hmacWithSHA1 - -# From RFC4231 -rsadsi 2 8 : : hmacWithSHA224 -rsadsi 2 9 : : hmacWithSHA256 -rsadsi 2 10 : : hmacWithSHA384 -rsadsi 2 11 : : hmacWithSHA512 - -rsadsi 2 12 : : hmacWithSHA512-224 -rsadsi 2 13 : : hmacWithSHA512-256 - -rsadsi 3 2 : RC2-CBC : rc2-cbc - : RC2-ECB : rc2-ecb -!Cname rc2-cfb64 - : RC2-CFB : rc2-cfb -!Cname rc2-ofb64 - : RC2-OFB : rc2-ofb - : RC2-40-CBC : rc2-40-cbc - : RC2-64-CBC : rc2-64-cbc -rsadsi 3 4 : RC4 : rc4 - : RC4-40 : rc4-40 -rsadsi 3 7 : DES-EDE3-CBC : des-ede3-cbc -rsadsi 3 8 : RC5-CBC : rc5-cbc - : RC5-ECB : rc5-ecb -!Cname rc5-cfb64 - : RC5-CFB : rc5-cfb -!Cname rc5-ofb64 - : RC5-OFB : rc5-ofb - -!Cname ms-ext-req -1 3 6 1 4 1 311 2 1 14 : msExtReq : Microsoft Extension Request -!Cname ms-code-ind -1 3 6 1 4 1 311 2 1 21 : msCodeInd : Microsoft Individual Code Signing -!Cname ms-code-com -1 3 6 1 4 1 311 2 1 22 : msCodeCom : Microsoft Commercial Code Signing -!Cname ms-ctl-sign -1 3 6 1 4 1 311 10 3 1 : msCTLSign : Microsoft Trust List Signing -!Cname ms-sgc -1 3 6 1 4 1 311 10 3 3 : msSGC : Microsoft Server Gated Crypto -!Cname ms-efs -1 3 6 1 4 1 311 10 3 4 : msEFS : Microsoft Encrypted File System -!Cname ms-smartcard-login -1 3 6 1 4 1 311 20 2 2 : msSmartcardLogin : Microsoft Smartcardlogin -!Cname ms-upn -1 3 6 1 4 1 311 20 2 3 : msUPN : Microsoft Universal Principal Name - -1 3 6 1 4 1 188 7 1 1 2 : IDEA-CBC : idea-cbc - : IDEA-ECB : idea-ecb -!Cname idea-cfb64 - : IDEA-CFB : idea-cfb -!Cname idea-ofb64 - : IDEA-OFB : idea-ofb - -1 3 6 1 4 1 3029 1 2 : BF-CBC : bf-cbc - : BF-ECB : bf-ecb -!Cname bf-cfb64 - : BF-CFB : bf-cfb -!Cname bf-ofb64 - : BF-OFB : bf-ofb - -!Cname id-pkix -1 3 6 1 5 5 7 : PKIX - -# PKIX Arcs -id-pkix 0 : id-pkix-mod -id-pkix 1 : id-pe -id-pkix 2 : id-qt -id-pkix 3 : id-kp -id-pkix 4 : id-it -id-pkix 5 : id-pkip -id-pkix 6 : id-alg -id-pkix 7 : id-cmc -id-pkix 8 : id-on -id-pkix 9 : id-pda -id-pkix 10 : id-aca -id-pkix 11 : id-qcs -id-pkix 12 : id-cct -id-pkix 14 : id-cp -id-pkix 21 : id-ppl -id-pkix 48 : id-ad - -# PKIX Modules -id-pkix-mod 1 : id-pkix1-explicit-88 -id-pkix-mod 2 : id-pkix1-implicit-88 -id-pkix-mod 3 : id-pkix1-explicit-93 -id-pkix-mod 4 : id-pkix1-implicit-93 -id-pkix-mod 5 : id-mod-crmf -id-pkix-mod 6 : id-mod-cmc -id-pkix-mod 7 : id-mod-kea-profile-88 -id-pkix-mod 8 : id-mod-kea-profile-93 -id-pkix-mod 9 : id-mod-cmp -id-pkix-mod 10 : id-mod-qualified-cert-88 -id-pkix-mod 11 : id-mod-qualified-cert-93 -id-pkix-mod 12 : id-mod-attribute-cert -id-pkix-mod 13 : id-mod-timestamp-protocol -id-pkix-mod 14 : id-mod-ocsp -id-pkix-mod 15 : id-mod-dvcs -id-pkix-mod 16 : id-mod-cmp2000 - -# PKIX Private Extensions -!Cname info-access -id-pe 1 : authorityInfoAccess : Authority Information Access -id-pe 2 : biometricInfo : Biometric Info -id-pe 3 : qcStatements -id-pe 4 : ac-auditEntity -id-pe 5 : ac-targeting -id-pe 6 : aaControls -id-pe 7 : sbgp-ipAddrBlock -id-pe 8 : sbgp-autonomousSysNum -id-pe 9 : sbgp-routerIdentifier -id-pe 10 : ac-proxying -!Cname sinfo-access -id-pe 11 : subjectInfoAccess : Subject Information Access -id-pe 14 : proxyCertInfo : Proxy Certificate Information -id-pe 24 : tlsfeature : TLS Feature -id-pe 28 : sbgp-ipAddrBlockv2 -id-pe 29 : sbgp-autonomousSysNumv2 -id-pe 31 : acmeIdentifier : ACME Identifier - -# PKIX policyQualifiers for Internet policy qualifiers -id-qt 1 : id-qt-cps : Policy Qualifier CPS -id-qt 2 : id-qt-unotice : Policy Qualifier User Notice -id-qt 3 : textNotice - -# PKIX key purpose identifiers -!Cname server-auth -id-kp 1 : serverAuth : TLS Web Server Authentication -!Cname client-auth -id-kp 2 : clientAuth : TLS Web Client Authentication -!Cname code-sign -id-kp 3 : codeSigning : Code Signing -!Cname email-protect -id-kp 4 : emailProtection : E-mail Protection -id-kp 5 : ipsecEndSystem : IPSec End System -id-kp 6 : ipsecTunnel : IPSec Tunnel -id-kp 7 : ipsecUser : IPSec User -!Cname time-stamp -id-kp 8 : timeStamping : Time Stamping -# From OCSP spec RFC2560 -!Cname OCSP-sign -id-kp 9 : OCSPSigning : OCSP Signing -id-kp 10 : DVCS : dvcs -id-kp 30 : id-kp-bgpsec-router : BGPsec Router - -# CMP information types -id-it 1 : id-it-caProtEncCert -id-it 2 : id-it-signKeyPairTypes -id-it 3 : id-it-encKeyPairTypes -id-it 4 : id-it-preferredSymmAlg -id-it 5 : id-it-caKeyUpdateInfo -id-it 6 : id-it-currentCRL -id-it 7 : id-it-unsupportedOIDs -# obsolete -id-it 8 : id-it-subscriptionRequest -# obsolete -id-it 9 : id-it-subscriptionResponse -id-it 10 : id-it-keyPairParamReq -id-it 11 : id-it-keyPairParamRep -id-it 12 : id-it-revPassphrase -id-it 13 : id-it-implicitConfirm -id-it 14 : id-it-confirmWaitTime -id-it 15 : id-it-origPKIMessage -id-it 16 : id-it-suppLangTags - -# CRMF registration -id-pkip 1 : id-regCtrl -id-pkip 2 : id-regInfo - -# CRMF registration controls -id-regCtrl 1 : id-regCtrl-regToken -id-regCtrl 2 : id-regCtrl-authenticator -id-regCtrl 3 : id-regCtrl-pkiPublicationInfo -id-regCtrl 4 : id-regCtrl-pkiArchiveOptions -id-regCtrl 5 : id-regCtrl-oldCertID -id-regCtrl 6 : id-regCtrl-protocolEncrKey - -# CRMF registration information -id-regInfo 1 : id-regInfo-utf8Pairs -id-regInfo 2 : id-regInfo-certReq - -# algorithms -id-alg 1 : id-alg-des40 -id-alg 2 : id-alg-noSignature -id-alg 3 : id-alg-dh-sig-hmac-sha1 -id-alg 4 : id-alg-dh-pop - -# CMC controls -id-cmc 1 : id-cmc-statusInfo -id-cmc 2 : id-cmc-identification -id-cmc 3 : id-cmc-identityProof -id-cmc 4 : id-cmc-dataReturn -id-cmc 5 : id-cmc-transactionId -id-cmc 6 : id-cmc-senderNonce -id-cmc 7 : id-cmc-recipientNonce -id-cmc 8 : id-cmc-addExtensions -id-cmc 9 : id-cmc-encryptedPOP -id-cmc 10 : id-cmc-decryptedPOP -id-cmc 11 : id-cmc-lraPOPWitness -id-cmc 15 : id-cmc-getCert -id-cmc 16 : id-cmc-getCRL -id-cmc 17 : id-cmc-revokeRequest -id-cmc 18 : id-cmc-regInfo -id-cmc 19 : id-cmc-responseInfo -id-cmc 21 : id-cmc-queryPending -id-cmc 22 : id-cmc-popLinkRandom -id-cmc 23 : id-cmc-popLinkWitness -id-cmc 24 : id-cmc-confirmCertAcceptance - -# other names -id-on 1 : id-on-personalData -id-on 3 : id-on-permanentIdentifier : Permanent Identifier - -# personal data attributes -id-pda 1 : id-pda-dateOfBirth -id-pda 2 : id-pda-placeOfBirth -id-pda 3 : id-pda-gender -id-pda 4 : id-pda-countryOfCitizenship -id-pda 5 : id-pda-countryOfResidence - -# attribute certificate attributes -id-aca 1 : id-aca-authenticationInfo -id-aca 2 : id-aca-accessIdentity -id-aca 3 : id-aca-chargingIdentity -id-aca 4 : id-aca-group -# attention : the following seems to be obsolete, replace by 'role' -id-aca 5 : id-aca-role -id-aca 6 : id-aca-encAttrs - -# qualified certificate statements -id-qcs 1 : id-qcs-pkixQCSyntax-v1 - -# CMC content types -id-cct 1 : id-cct-crs -id-cct 2 : id-cct-PKIData -id-cct 3 : id-cct-PKIResponse - -# PKIX Certificate Policies -id-cp 2 : ipAddr-asNumber -id-cp 3 : ipAddr-asNumberv2 - -# Predefined Proxy Certificate policy languages -id-ppl 0 : id-ppl-anyLanguage : Any language -id-ppl 1 : id-ppl-inheritAll : Inherit all -id-ppl 2 : id-ppl-independent : Independent - -# access descriptors for authority info access extension -!Cname ad-OCSP -id-ad 1 : OCSP : OCSP -!Cname ad-ca-issuers -id-ad 2 : caIssuers : CA Issuers -!Cname ad-timeStamping -id-ad 3 : ad_timestamping : AD Time Stamping -!Cname ad-dvcs -id-ad 4 : AD_DVCS : ad dvcs -id-ad 5 : caRepository : CA Repository -id-ad 10 : rpkiManifest : RPKI Manifest -id-ad 11 : signedObject : Signed Object -id-ad 13 : rpkiNotify : RPKI Notify - -!Alias id-pkix-OCSP ad-OCSP -!module id-pkix-OCSP -!Cname basic -id-pkix-OCSP 1 : basicOCSPResponse : Basic OCSP Response -id-pkix-OCSP 2 : Nonce : OCSP Nonce -id-pkix-OCSP 3 : CrlID : OCSP CRL ID -id-pkix-OCSP 4 : acceptableResponses : Acceptable OCSP Responses -id-pkix-OCSP 5 : noCheck : OCSP No Check -id-pkix-OCSP 6 : archiveCutoff : OCSP Archive Cutoff -id-pkix-OCSP 7 : serviceLocator : OCSP Service Locator -id-pkix-OCSP 8 : extendedStatus : Extended OCSP Status -id-pkix-OCSP 9 : valid -id-pkix-OCSP 10 : path -id-pkix-OCSP 11 : trustRoot : Trust Root -!global - -1 3 14 3 2 : algorithm : algorithm -algorithm 3 : RSA-NP-MD5 : md5WithRSA -algorithm 6 : DES-ECB : des-ecb -algorithm 7 : DES-CBC : des-cbc -!Cname des-ofb64 -algorithm 8 : DES-OFB : des-ofb -!Cname des-cfb64 -algorithm 9 : DES-CFB : des-cfb -algorithm 11 : rsaSignature -!Cname dsa-2 -algorithm 12 : DSA-old : dsaEncryption-old -algorithm 13 : DSA-SHA : dsaWithSHA -algorithm 15 : RSA-SHA : shaWithRSAEncryption -!Cname des-ede-ecb -algorithm 17 : DES-EDE : des-ede -!Cname des-ede3-ecb - : DES-EDE3 : des-ede3 - : DES-EDE-CBC : des-ede-cbc -!Cname des-ede-cfb64 - : DES-EDE-CFB : des-ede-cfb -!Cname des-ede3-cfb64 - : DES-EDE3-CFB : des-ede3-cfb -!Cname des-ede-ofb64 - : DES-EDE-OFB : des-ede-ofb -!Cname des-ede3-ofb64 - : DES-EDE3-OFB : des-ede3-ofb - : DESX-CBC : desx-cbc -algorithm 18 : SHA : sha -algorithm 26 : SHA1 : sha1 -!Cname dsaWithSHA1-2 -algorithm 27 : DSA-SHA1-old : dsaWithSHA1-old -algorithm 29 : RSA-SHA1-2 : sha1WithRSA - -1 3 36 3 2 1 : RIPEMD160 : ripemd160 -1 3 36 3 3 1 2 : RSA-RIPEMD160 : ripemd160WithRSA - -!Cname sxnet -1 3 101 1 4 1 : SXNetID : Strong Extranet ID - -2 5 : X500 : directory services (X.500) - -X500 4 : X509 -X509 3 : CN : commonName -X509 4 : SN : surname -X509 5 : : serialNumber -X509 6 : C : countryName -X509 7 : L : localityName -X509 8 : ST : stateOrProvinceName -X509 9 : street : streetAddress -X509 10 : O : organizationName -X509 11 : OU : organizationalUnitName -X509 12 : title : title -X509 13 : : description -X509 14 : : searchGuide -X509 15 : : businessCategory -X509 16 : : postalAddress -X509 17 : : postalCode -X509 18 : : postOfficeBox -X509 19 : : physicalDeliveryOfficeName -X509 20 : : telephoneNumber -X509 21 : : telexNumber -X509 22 : : teletexTerminalIdentifier -X509 23 : : facsimileTelephoneNumber -X509 24 : : x121Address -X509 25 : : internationaliSDNNumber -X509 26 : : registeredAddress -X509 27 : : destinationIndicator -X509 28 : : preferredDeliveryMethod -X509 29 : : presentationAddress -X509 30 : : supportedApplicationContext -X509 31 : member : -X509 32 : owner : -X509 33 : : roleOccupant -X509 34 : seeAlso : -X509 35 : : userPassword -X509 36 : : userCertificate -X509 37 : : cACertificate -X509 38 : : authorityRevocationList -X509 39 : : certificateRevocationList -X509 40 : : crossCertificatePair -X509 41 : name : name -X509 42 : GN : givenName -X509 43 : initials : initials -X509 44 : : generationQualifier -X509 45 : : x500UniqueIdentifier -X509 46 : dnQualifier : dnQualifier -X509 47 : : enhancedSearchGuide -X509 48 : : protocolInformation -X509 49 : : distinguishedName -X509 50 : : uniqueMember -X509 51 : : houseIdentifier -X509 52 : : supportedAlgorithms -X509 53 : : deltaRevocationList -X509 54 : dmdName : -X509 65 : : pseudonym -X509 72 : role : role - -X500 8 : X500algorithms : directory services - algorithms -X500algorithms 1 1 : RSA : rsa -X500algorithms 3 100 : RSA-MDC2 : mdc2WithRSA -X500algorithms 3 101 : MDC2 : mdc2 - -X500 29 : id-ce -!Cname subject-directory-attributes -id-ce 9 : subjectDirectoryAttributes : X509v3 Subject Directory Attributes -!Cname subject-key-identifier -id-ce 14 : subjectKeyIdentifier : X509v3 Subject Key Identifier -!Cname key-usage -id-ce 15 : keyUsage : X509v3 Key Usage -!Cname private-key-usage-period -id-ce 16 : privateKeyUsagePeriod : X509v3 Private Key Usage Period -!Cname subject-alt-name -id-ce 17 : subjectAltName : X509v3 Subject Alternative Name -!Cname issuer-alt-name -id-ce 18 : issuerAltName : X509v3 Issuer Alternative Name -!Cname basic-constraints -id-ce 19 : basicConstraints : X509v3 Basic Constraints -!Cname crl-number -id-ce 20 : crlNumber : X509v3 CRL Number -!Cname crl-reason -id-ce 21 : CRLReason : X509v3 CRL Reason Code -!Cname invalidity-date -id-ce 24 : invalidityDate : Invalidity Date -!Cname delta-crl -id-ce 27 : deltaCRL : X509v3 Delta CRL Indicator -!Cname issuing-distribution-point -id-ce 28 : issuingDistributionPoint : X509v3 Issuing Distribution Point -!Cname certificate-issuer -id-ce 29 : certificateIssuer : X509v3 Certificate Issuer -!Cname name-constraints -id-ce 30 : nameConstraints : X509v3 Name Constraints -!Cname crl-distribution-points -id-ce 31 : crlDistributionPoints : X509v3 CRL Distribution Points -!Cname certificate-policies -id-ce 32 : certificatePolicies : X509v3 Certificate Policies -!Cname any-policy -certificate-policies 0 : anyPolicy : X509v3 Any Policy -!Cname policy-mappings -id-ce 33 : policyMappings : X509v3 Policy Mappings -!Cname authority-key-identifier -id-ce 35 : authorityKeyIdentifier : X509v3 Authority Key Identifier -!Cname policy-constraints -id-ce 36 : policyConstraints : X509v3 Policy Constraints -!Cname ext-key-usage -id-ce 37 : extendedKeyUsage : X509v3 Extended Key Usage -!Cname freshest-crl -id-ce 46 : freshestCRL : X509v3 Freshest CRL -!Cname inhibit-any-policy -id-ce 54 : inhibitAnyPolicy : X509v3 Inhibit Any Policy -!Cname target-information -id-ce 55 : targetInformation : X509v3 AC Targeting -!Cname no-rev-avail -id-ce 56 : noRevAvail : X509v3 No Revocation Available - -# From RFC5280 -ext-key-usage 0 : anyExtendedKeyUsage : Any Extended Key Usage - - -!Cname netscape -2 16 840 1 113730 : Netscape : Netscape Communications Corp. -!Cname netscape-cert-extension -netscape 1 : nsCertExt : Netscape Certificate Extension -!Cname netscape-data-type -netscape 2 : nsDataType : Netscape Data Type -!Cname netscape-cert-type -netscape-cert-extension 1 : nsCertType : Netscape Cert Type -!Cname netscape-base-url -netscape-cert-extension 2 : nsBaseUrl : Netscape Base Url -!Cname netscape-revocation-url -netscape-cert-extension 3 : nsRevocationUrl : Netscape Revocation Url -!Cname netscape-ca-revocation-url -netscape-cert-extension 4 : nsCaRevocationUrl : Netscape CA Revocation Url -!Cname netscape-renewal-url -netscape-cert-extension 7 : nsRenewalUrl : Netscape Renewal Url -!Cname netscape-ca-policy-url -netscape-cert-extension 8 : nsCaPolicyUrl : Netscape CA Policy Url -!Cname netscape-ssl-server-name -netscape-cert-extension 12 : nsSslServerName : Netscape SSL Server Name -!Cname netscape-comment -netscape-cert-extension 13 : nsComment : Netscape Comment -!Cname netscape-cert-sequence -netscape-data-type 5 : nsCertSequence : Netscape Certificate Sequence -!Cname ns-sgc -netscape 4 1 : nsSGC : Netscape Server Gated Crypto - -# iso(1) -iso 3 : ORG : org -org 6 : DOD : dod -dod 1 : IANA : iana -!Alias internet iana - -internet 1 : directory : Directory -internet 2 : mgmt : Management -internet 3 : experimental : Experimental -internet 4 : private : Private -internet 5 : security : Security -internet 6 : snmpv2 : SNMPv2 -# Documents refer to "internet 7" as "mail". This however leads to ambiguities -# with RFC2798, Section 9.1.3, where "mail" is defined as the short name for -# rfc822Mailbox. The short name is therefore here left out for a reason. -# Subclasses of "mail", e.g. "MIME MHS" don't constitute a problem, as -# references are realized via long name "Mail" (with capital M). -internet 7 : : Mail - -Private 1 : enterprises : Enterprises - -# RFC 2247 -Enterprises 1466 344 : dcobject : dcObject - -# Extended Validation -!Alias extendedValidation Enterprises 311 60 -extendedValidation 2 1 1 : : jurisdictionLocalityName -extendedValidation 2 1 2 : : jurisdictionStateOrProvinceName -extendedValidation 2 1 3 : : jurisdictionCountryName - -# RFC 1495 -Mail 1 : mime-mhs : MIME MHS -mime-mhs 1 : mime-mhs-headings : mime-mhs-headings -mime-mhs 2 : mime-mhs-bodies : mime-mhs-bodies -mime-mhs-headings 1 : id-hex-partial-message : id-hex-partial-message -mime-mhs-headings 2 : id-hex-multipart-message : id-hex-multipart-message - -# What the hell are these OIDs, really? -!Cname rle-compression -1 1 1 1 666 1 : RLE : run length compression -!Cname zlib-compression -id-smime-alg 8 : ZLIB : zlib compression - -# -# NIST CSOR -# -# https://csrc.nisg.gov/projects/computer-security-objects/register/algorithm-registration -# - -!Alias csor 2 16 840 1 101 3 -!Alias nistAlgorithms csor 4 - -# AES aka Rijndael -!Alias aes nistAlgorithms 1 - -aes 1 : AES-128-ECB : aes-128-ecb -aes 2 : AES-128-CBC : aes-128-cbc -!Cname aes-128-ofb128 -aes 3 : AES-128-OFB : aes-128-ofb -!Cname aes-128-cfb128 -aes 4 : AES-128-CFB : aes-128-cfb -aes 5 : id-aes128-wrap -aes 6 : id-aes128-GCM : aes-128-gcm -aes 7 : id-aes128-CCM : aes-128-ccm -aes 8 : id-aes128-wrap-pad - -aes 21 : AES-192-ECB : aes-192-ecb -aes 22 : AES-192-CBC : aes-192-cbc -!Cname aes-192-ofb128 -aes 23 : AES-192-OFB : aes-192-ofb -!Cname aes-192-cfb128 -aes 24 : AES-192-CFB : aes-192-cfb -aes 25 : id-aes192-wrap -aes 26 : id-aes192-GCM : aes-192-gcm -aes 27 : id-aes192-CCM : aes-192-ccm -aes 28 : id-aes192-wrap-pad - -aes 41 : AES-256-ECB : aes-256-ecb -aes 42 : AES-256-CBC : aes-256-cbc -!Cname aes-256-ofb128 -aes 43 : AES-256-OFB : aes-256-ofb -!Cname aes-256-cfb128 -aes 44 : AES-256-CFB : aes-256-cfb -aes 45 : id-aes256-wrap -aes 46 : id-aes256-GCM : aes-256-gcm -aes 47 : id-aes256-CCM : aes-256-ccm -aes 48 : id-aes256-wrap-pad - -# There are no OIDs for these modes... - - : AES-128-CFB1 : aes-128-cfb1 - : AES-192-CFB1 : aes-192-cfb1 - : AES-256-CFB1 : aes-256-cfb1 - : AES-128-CFB8 : aes-128-cfb8 - : AES-192-CFB8 : aes-192-cfb8 - : AES-256-CFB8 : aes-256-cfb8 - : AES-128-CTR : aes-128-ctr - : AES-192-CTR : aes-192-ctr - : AES-256-CTR : aes-256-ctr - : AES-128-XTS : aes-128-xts - : AES-256-XTS : aes-256-xts - : DES-CFB1 : des-cfb1 - : DES-CFB8 : des-cfb8 - : DES-EDE3-CFB1 : des-ede3-cfb1 - : DES-EDE3-CFB8 : des-ede3-cfb8 - -# NIST CSOR Hash Algorithms (see also RFC 4231, RFC 8017, RFC 8702) -!Alias nist_hashalgs nistAlgorithms 2 -nist_hashalgs 1 : SHA256 : sha256 -nist_hashalgs 2 : SHA384 : sha384 -nist_hashalgs 3 : SHA512 : sha512 -nist_hashalgs 4 : SHA224 : sha224 -nist_hashalgs 5 : SHA512-224 : sha512-224 -nist_hashalgs 6 : SHA512-256 : sha512-256 -nist_hashalgs 7 : SHA3-224 : sha3-224 -nist_hashalgs 8 : SHA3-256 : sha3-256 -nist_hashalgs 9 : SHA3-384 : sha3-384 -nist_hashalgs 10 : SHA3-512 : sha3-512 -#nist_hashalgs 11 : SHAKE128 : shake128 -#nist_hashalgs 12 : SHAKE256 : shake256 -nist_hashalgs 13 : id-hmacWithSHA3-224 : hmac-sha3-224 -nist_hashalgs 14 : id-hmacWithSHA3-256 : hmac-sha3-256 -nist_hashalgs 15 : id-hmacWithSHA3-384 : hmac-sha3-384 -nist_hashalgs 16 : id-hmacWithSHA3-512 : hmac-sha3-512 - -# NIST CSOR Signature Algorithms -!Alias nist_sigalgs nistAlgorithms 3 -nist_sigalgs 1 : id-dsa-with-sha224 : dsa_with_SHA224 -nist_sigalgs 2 : id-dsa-with-sha256 : dsa_with_SHA256 -nist_sigalgs 3 : id-dsa-with-sha384 : dsa_with_SHA384 -nist_sigalgs 4 : id-dsa-with-sha512 : dsa_with_SHA512 -nist_sigalgs 5 : id-dsa-with-sha3-224 : dsa_with_SHA3-224 -nist_sigalgs 6 : id-dsa-with-sha3-256 : dsa_with_SHA3-256 -nist_sigalgs 7 : id-dsa-with-sha3-384 : dsa_with_SHA3-384 -nist_sigalgs 8 : id-dsa-with-sha3-512 : dsa_with_SHA3-512 -nist_sigalgs 9 : id-ecdsa-with-sha3-224 : ecdsa_with_SHA3-224 -nist_sigalgs 10 : id-ecdsa-with-sha3-256 : ecdsa_with_SHA3-256 -nist_sigalgs 11 : id-ecdsa-with-sha3-384 : ecdsa_with_SHA3-384 -nist_sigalgs 12 : id-ecdsa-with-sha3-512 : ecdsa_with_SHA3-512 -nist_sigalgs 13 : id-rsassa-pkcs1-v1_5-with-sha3-224 : RSA-SHA3-224 -nist_sigalgs 14 : id-rsassa-pkcs1-v1_5-with-sha3-256 : RSA-SHA3-256 -nist_sigalgs 15 : id-rsassa-pkcs1-v1_5-with-sha3-384 : RSA-SHA3-384 -nist_sigalgs 16 : id-rsassa-pkcs1-v1_5-with-sha3-512 : RSA-SHA3-512 - -# Hold instruction CRL entry extension -!Cname hold-instruction-code -id-ce 23 : holdInstructionCode : Hold Instruction Code -!Alias holdInstruction X9-57 2 -!Cname hold-instruction-none -holdInstruction 1 : holdInstructionNone : Hold Instruction None -!Cname hold-instruction-call-issuer -holdInstruction 2 : holdInstructionCallIssuer : Hold Instruction Call Issuer -!Cname hold-instruction-reject -holdInstruction 3 : holdInstructionReject : Hold Instruction Reject - -# OID's from ITU-T. Most of this is defined in RFC 1274. A couple of -# them are also mentioned in RFC 2247 -itu-t 9 : data -data 2342 : pss -pss 19200300 : ucl -ucl 100 : pilot -pilot 1 : : pilotAttributeType -pilot 3 : : pilotAttributeSyntax -pilot 4 : : pilotObjectClass -pilot 10 : : pilotGroups -pilotAttributeSyntax 4 : : iA5StringSyntax -pilotAttributeSyntax 5 : : caseIgnoreIA5StringSyntax -pilotObjectClass 3 : : pilotObject -pilotObjectClass 4 : : pilotPerson -pilotObjectClass 5 : account -pilotObjectClass 6 : document -pilotObjectClass 7 : room -pilotObjectClass 9 : : documentSeries -pilotObjectClass 13 : domain : Domain -pilotObjectClass 14 : : rFC822localPart -pilotObjectClass 15 : : dNSDomain -pilotObjectClass 17 : : domainRelatedObject -pilotObjectClass 18 : : friendlyCountry -pilotObjectClass 19 : : simpleSecurityObject -pilotObjectClass 20 : : pilotOrganization -pilotObjectClass 21 : : pilotDSA -pilotObjectClass 22 : : qualityLabelledData -pilotAttributeType 1 : UID : userId -pilotAttributeType 2 : : textEncodedORAddress -pilotAttributeType 3 : mail : rfc822Mailbox -pilotAttributeType 4 : info -pilotAttributeType 5 : : favouriteDrink -pilotAttributeType 6 : : roomNumber -pilotAttributeType 7 : photo -pilotAttributeType 8 : : userClass -pilotAttributeType 9 : host -pilotAttributeType 10 : manager -pilotAttributeType 11 : : documentIdentifier -pilotAttributeType 12 : : documentTitle -pilotAttributeType 13 : : documentVersion -pilotAttributeType 14 : : documentAuthor -pilotAttributeType 15 : : documentLocation -pilotAttributeType 20 : : homeTelephoneNumber -pilotAttributeType 21 : secretary -pilotAttributeType 22 : : otherMailbox -pilotAttributeType 23 : : lastModifiedTime -pilotAttributeType 24 : : lastModifiedBy -pilotAttributeType 25 : DC : domainComponent -pilotAttributeType 26 : : aRecord -pilotAttributeType 27 : : pilotAttributeType27 -pilotAttributeType 28 : : mXRecord -pilotAttributeType 29 : : nSRecord -pilotAttributeType 30 : : sOARecord -pilotAttributeType 31 : : cNAMERecord -pilotAttributeType 37 : : associatedDomain -pilotAttributeType 38 : : associatedName -pilotAttributeType 39 : : homePostalAddress -pilotAttributeType 40 : : personalTitle -pilotAttributeType 41 : : mobileTelephoneNumber -pilotAttributeType 42 : : pagerTelephoneNumber -pilotAttributeType 43 : : friendlyCountryName -# The following clashes with 2.5.4.45, so commented away -#pilotAttributeType 44 : uid : uniqueIdentifier -pilotAttributeType 45 : : organizationalStatus -pilotAttributeType 46 : : janetMailbox -pilotAttributeType 47 : : mailPreferenceOption -pilotAttributeType 48 : : buildingName -pilotAttributeType 49 : : dSAQuality -pilotAttributeType 50 : : singleLevelQuality -pilotAttributeType 51 : : subtreeMinimumQuality -pilotAttributeType 52 : : subtreeMaximumQuality -pilotAttributeType 53 : : personalSignature -pilotAttributeType 54 : : dITRedirect -pilotAttributeType 55 : audio -pilotAttributeType 56 : : documentPublisher - -international-organizations 42 : id-set : Secure Electronic Transactions - -id-set 0 : set-ctype : content types -id-set 1 : set-msgExt : message extensions -id-set 3 : set-attr -id-set 5 : set-policy -id-set 7 : set-certExt : certificate extensions -id-set 8 : set-brand - -set-ctype 0 : setct-PANData -set-ctype 1 : setct-PANToken -set-ctype 2 : setct-PANOnly -set-ctype 3 : setct-OIData -set-ctype 4 : setct-PI -set-ctype 5 : setct-PIData -set-ctype 6 : setct-PIDataUnsigned -set-ctype 7 : setct-HODInput -set-ctype 8 : setct-AuthResBaggage -set-ctype 9 : setct-AuthRevReqBaggage -set-ctype 10 : setct-AuthRevResBaggage -set-ctype 11 : setct-CapTokenSeq -set-ctype 12 : setct-PInitResData -set-ctype 13 : setct-PI-TBS -set-ctype 14 : setct-PResData -set-ctype 16 : setct-AuthReqTBS -set-ctype 17 : setct-AuthResTBS -set-ctype 18 : setct-AuthResTBSX -set-ctype 19 : setct-AuthTokenTBS -set-ctype 20 : setct-CapTokenData -set-ctype 21 : setct-CapTokenTBS -set-ctype 22 : setct-AcqCardCodeMsg -set-ctype 23 : setct-AuthRevReqTBS -set-ctype 24 : setct-AuthRevResData -set-ctype 25 : setct-AuthRevResTBS -set-ctype 26 : setct-CapReqTBS -set-ctype 27 : setct-CapReqTBSX -set-ctype 28 : setct-CapResData -set-ctype 29 : setct-CapRevReqTBS -set-ctype 30 : setct-CapRevReqTBSX -set-ctype 31 : setct-CapRevResData -set-ctype 32 : setct-CredReqTBS -set-ctype 33 : setct-CredReqTBSX -set-ctype 34 : setct-CredResData -set-ctype 35 : setct-CredRevReqTBS -set-ctype 36 : setct-CredRevReqTBSX -set-ctype 37 : setct-CredRevResData -set-ctype 38 : setct-PCertReqData -set-ctype 39 : setct-PCertResTBS -set-ctype 40 : setct-BatchAdminReqData -set-ctype 41 : setct-BatchAdminResData -set-ctype 42 : setct-CardCInitResTBS -set-ctype 43 : setct-MeAqCInitResTBS -set-ctype 44 : setct-RegFormResTBS -set-ctype 45 : setct-CertReqData -set-ctype 46 : setct-CertReqTBS -set-ctype 47 : setct-CertResData -set-ctype 48 : setct-CertInqReqTBS -set-ctype 49 : setct-ErrorTBS -set-ctype 50 : setct-PIDualSignedTBE -set-ctype 51 : setct-PIUnsignedTBE -set-ctype 52 : setct-AuthReqTBE -set-ctype 53 : setct-AuthResTBE -set-ctype 54 : setct-AuthResTBEX -set-ctype 55 : setct-AuthTokenTBE -set-ctype 56 : setct-CapTokenTBE -set-ctype 57 : setct-CapTokenTBEX -set-ctype 58 : setct-AcqCardCodeMsgTBE -set-ctype 59 : setct-AuthRevReqTBE -set-ctype 60 : setct-AuthRevResTBE -set-ctype 61 : setct-AuthRevResTBEB -set-ctype 62 : setct-CapReqTBE -set-ctype 63 : setct-CapReqTBEX -set-ctype 64 : setct-CapResTBE -set-ctype 65 : setct-CapRevReqTBE -set-ctype 66 : setct-CapRevReqTBEX -set-ctype 67 : setct-CapRevResTBE -set-ctype 68 : setct-CredReqTBE -set-ctype 69 : setct-CredReqTBEX -set-ctype 70 : setct-CredResTBE -set-ctype 71 : setct-CredRevReqTBE -set-ctype 72 : setct-CredRevReqTBEX -set-ctype 73 : setct-CredRevResTBE -set-ctype 74 : setct-BatchAdminReqTBE -set-ctype 75 : setct-BatchAdminResTBE -set-ctype 76 : setct-RegFormReqTBE -set-ctype 77 : setct-CertReqTBE -set-ctype 78 : setct-CertReqTBEX -set-ctype 79 : setct-CertResTBE -set-ctype 80 : setct-CRLNotificationTBS -set-ctype 81 : setct-CRLNotificationResTBS -set-ctype 82 : setct-BCIDistributionTBS - -set-msgExt 1 : setext-genCrypt : generic cryptogram -set-msgExt 3 : setext-miAuth : merchant initiated auth -set-msgExt 4 : setext-pinSecure -set-msgExt 5 : setext-pinAny -set-msgExt 7 : setext-track2 -set-msgExt 8 : setext-cv : additional verification - -set-policy 0 : set-policy-root - -set-certExt 0 : setCext-hashedRoot -set-certExt 1 : setCext-certType -set-certExt 2 : setCext-merchData -set-certExt 3 : setCext-cCertRequired -set-certExt 4 : setCext-tunneling -set-certExt 5 : setCext-setExt -set-certExt 6 : setCext-setQualf -set-certExt 7 : setCext-PGWYcapabilities -set-certExt 8 : setCext-TokenIdentifier -set-certExt 9 : setCext-Track2Data -set-certExt 10 : setCext-TokenType -set-certExt 11 : setCext-IssuerCapabilities - -set-attr 0 : setAttr-Cert -set-attr 1 : setAttr-PGWYcap : payment gateway capabilities -set-attr 2 : setAttr-TokenType -set-attr 3 : setAttr-IssCap : issuer capabilities - -setAttr-Cert 0 : set-rootKeyThumb -setAttr-Cert 1 : set-addPolicy - -setAttr-TokenType 1 : setAttr-Token-EMV -setAttr-TokenType 2 : setAttr-Token-B0Prime - -setAttr-IssCap 3 : setAttr-IssCap-CVM -setAttr-IssCap 4 : setAttr-IssCap-T2 -setAttr-IssCap 5 : setAttr-IssCap-Sig - -setAttr-IssCap-CVM 1 : setAttr-GenCryptgrm : generate cryptogram -setAttr-IssCap-T2 1 : setAttr-T2Enc : encrypted track 2 -setAttr-IssCap-T2 2 : setAttr-T2cleartxt : cleartext track 2 - -setAttr-IssCap-Sig 1 : setAttr-TokICCsig : ICC or token signature -setAttr-IssCap-Sig 2 : setAttr-SecDevSig : secure device signature - -set-brand 1 : set-brand-IATA-ATA -set-brand 30 : set-brand-Diners -set-brand 34 : set-brand-AmericanExpress -set-brand 35 : set-brand-JCB -set-brand 4 : set-brand-Visa -set-brand 5 : set-brand-MasterCard -set-brand 6011 : set-brand-Novus - -rsadsi 3 10 : DES-CDMF : des-cdmf -rsadsi 1 1 6 : rsaOAEPEncryptionSET - - : Oakley-EC2N-3 : ipsec3 - : Oakley-EC2N-4 : ipsec4 - -iso 0 10118 3 0 55 : whirlpool - -# GOST OIDs - -member-body 643 2 2 : cryptopro -member-body 643 2 9 : cryptocom - -cryptopro 3 : id-GostR3411-94-with-GostR3410-2001 : GOST R 34.11-94 with GOST R 34.10-2001 -cryptopro 4 : id-GostR3411-94-with-GostR3410-94 : GOST R 34.11-94 with GOST R 34.10-94 -!Cname id-GostR3411-94 -cryptopro 9 : md_gost94 : GOST R 34.11-94 -cryptopro 10 : id-HMACGostR3411-94 : HMAC GOST 34.11-94 -!Cname id-GostR3410-2001 -cryptopro 19 : gost2001 : GOST R 34.10-2001 -!Cname id-GostR3410-94 -cryptopro 20 : gost94 : GOST R 34.10-94 -!Cname id-Gost28147-89 -cryptopro 21 : gost89 : GOST 28147-89 - : gost89-cnt -!Cname id-Gost28147-89-MAC -cryptopro 22 : gost-mac : GOST 28147-89 MAC -!Cname id-GostR3411-94-prf -cryptopro 23 : prf-gostr3411-94 : GOST R 34.11-94 PRF -cryptopro 98 : id-GostR3410-2001DH : GOST R 34.10-2001 DH -cryptopro 99 : id-GostR3410-94DH : GOST R 34.10-94 DH - -cryptopro 14 1 : id-Gost28147-89-CryptoPro-KeyMeshing -cryptopro 14 0 : id-Gost28147-89-None-KeyMeshing - -# GOST parameter set OIDs - -cryptopro 30 0 : id-GostR3411-94-TestParamSet -cryptopro 30 1 : id-GostR3411-94-CryptoProParamSet - -cryptopro 31 0 : id-Gost28147-89-TestParamSet -cryptopro 31 1 : id-Gost28147-89-CryptoPro-A-ParamSet -cryptopro 31 2 : id-Gost28147-89-CryptoPro-B-ParamSet -cryptopro 31 3 : id-Gost28147-89-CryptoPro-C-ParamSet -cryptopro 31 4 : id-Gost28147-89-CryptoPro-D-ParamSet -cryptopro 31 5 : id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet -cryptopro 31 6 : id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet -cryptopro 31 7 : id-Gost28147-89-CryptoPro-RIC-1-ParamSet - -cryptopro 32 0 : id-GostR3410-94-TestParamSet -cryptopro 32 2 : id-GostR3410-94-CryptoPro-A-ParamSet -cryptopro 32 3 : id-GostR3410-94-CryptoPro-B-ParamSet -cryptopro 32 4 : id-GostR3410-94-CryptoPro-C-ParamSet -cryptopro 32 5 : id-GostR3410-94-CryptoPro-D-ParamSet - -cryptopro 33 1 : id-GostR3410-94-CryptoPro-XchA-ParamSet -cryptopro 33 2 : id-GostR3410-94-CryptoPro-XchB-ParamSet -cryptopro 33 3 : id-GostR3410-94-CryptoPro-XchC-ParamSet - -cryptopro 35 0 : id-GostR3410-2001-TestParamSet -cryptopro 35 1 : id-GostR3410-2001-CryptoPro-A-ParamSet -cryptopro 35 2 : id-GostR3410-2001-CryptoPro-B-ParamSet -cryptopro 35 3 : id-GostR3410-2001-CryptoPro-C-ParamSet - -cryptopro 36 0 : id-GostR3410-2001-CryptoPro-XchA-ParamSet -cryptopro 36 1 : id-GostR3410-2001-CryptoPro-XchB-ParamSet - -id-GostR3410-94 1 : id-GostR3410-94-a -id-GostR3410-94 2 : id-GostR3410-94-aBis -id-GostR3410-94 3 : id-GostR3410-94-b -id-GostR3410-94 4 : id-GostR3410-94-bBis - -# Cryptocom LTD GOST OIDs - -cryptocom 1 6 1 : id-Gost28147-89-cc : GOST 28147-89 Cryptocom ParamSet -!Cname id-GostR3410-94-cc -cryptocom 1 5 3 : gost94cc : GOST 34.10-94 Cryptocom -!Cname id-GostR3410-2001-cc -cryptocom 1 5 4 : gost2001cc : GOST 34.10-2001 Cryptocom - -cryptocom 1 3 3 : id-GostR3411-94-with-GostR3410-94-cc : GOST R 34.11-94 with GOST R 34.10-94 Cryptocom -cryptocom 1 3 4 : id-GostR3411-94-with-GostR3410-2001-cc : GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom - -cryptocom 1 8 1 : id-GostR3410-2001-ParamSet-cc : GOST R 3410-2001 Parameter Set Cryptocom - -# Definitions for SM3 - -1 2 156 10197 1 401 : SM3 : sm3 -1 2 156 10197 1 504 : RSA-SM3 : sm3WithRSAEncryption - -# Definitions for Camellia cipher - CBC MODE - -1 2 392 200011 61 1 1 1 2 : CAMELLIA-128-CBC : camellia-128-cbc -1 2 392 200011 61 1 1 1 3 : CAMELLIA-192-CBC : camellia-192-cbc -1 2 392 200011 61 1 1 1 4 : CAMELLIA-256-CBC : camellia-256-cbc -1 2 392 200011 61 1 1 3 2 : id-camellia128-wrap -1 2 392 200011 61 1 1 3 3 : id-camellia192-wrap -1 2 392 200011 61 1 1 3 4 : id-camellia256-wrap - -# Definitions for Camellia cipher - ECB, CFB, OFB MODE - -!Alias ntt-ds 0 3 4401 5 -!Alias camellia ntt-ds 3 1 9 - -camellia 1 : CAMELLIA-128-ECB : camellia-128-ecb -!Cname camellia-128-ofb128 -camellia 3 : CAMELLIA-128-OFB : camellia-128-ofb -!Cname camellia-128-cfb128 -camellia 4 : CAMELLIA-128-CFB : camellia-128-cfb - -camellia 21 : CAMELLIA-192-ECB : camellia-192-ecb -!Cname camellia-192-ofb128 -camellia 23 : CAMELLIA-192-OFB : camellia-192-ofb -!Cname camellia-192-cfb128 -camellia 24 : CAMELLIA-192-CFB : camellia-192-cfb - -camellia 41 : CAMELLIA-256-ECB : camellia-256-ecb -!Cname camellia-256-ofb128 -camellia 43 : CAMELLIA-256-OFB : camellia-256-ofb -!Cname camellia-256-cfb128 -camellia 44 : CAMELLIA-256-CFB : camellia-256-cfb - -# There are no OIDs for these modes... - - : CAMELLIA-128-CFB1 : camellia-128-cfb1 - : CAMELLIA-192-CFB1 : camellia-192-cfb1 - : CAMELLIA-256-CFB1 : camellia-256-cfb1 - : CAMELLIA-128-CFB8 : camellia-128-cfb8 - : CAMELLIA-192-CFB8 : camellia-192-cfb8 - : CAMELLIA-256-CFB8 : camellia-256-cfb8 - -# Definitions for SEED cipher - ECB, CBC, OFB mode - -member-body 410 200004 : KISA : kisa -kisa 1 3 : SEED-ECB : seed-ecb -kisa 1 4 : SEED-CBC : seed-cbc -!Cname seed-cfb128 -kisa 1 5 : SEED-CFB : seed-cfb -!Cname seed-ofb128 -kisa 1 6 : SEED-OFB : seed-ofb - -# Definitions for SM4 cipher - -member-body 156 : ISO-CN : ISO CN Member Body -ISO-CN 10197 : oscca -oscca 1 : sm-scheme - -sm-scheme 104 1 : SM4-ECB : sm4-ecb -sm-scheme 104 2 : SM4-CBC : sm4-cbc -!Cname sm4-ofb128 -sm-scheme 104 3 : SM4-OFB : sm4-ofb -!Cname sm4-cfb128 -sm-scheme 104 4 : SM4-CFB : sm4-cfb -sm-scheme 104 5 : SM4-CFB1 : sm4-cfb1 -sm-scheme 104 6 : SM4-CFB8 : sm4-cfb8 -sm-scheme 104 7 : SM4-CTR : sm4-ctr - -# There is no OID that just denotes "HMAC" oddly enough... - - : HMAC : hmac -# Nor CMAC either - : CMAC : cmac - -# Synthetic composite ciphersuites - : RC4-HMAC-MD5 : rc4-hmac-md5 - : AES-128-CBC-HMAC-SHA1 : aes-128-cbc-hmac-sha1 - : AES-192-CBC-HMAC-SHA1 : aes-192-cbc-hmac-sha1 - : AES-256-CBC-HMAC-SHA1 : aes-256-cbc-hmac-sha1 - -# ECDH schemes from RFC 5753 -!Alias x9-63-scheme 1 3 133 16 840 63 0 -!Alias secg-scheme certicom-arc 1 - -x9-63-scheme 2 : dhSinglePass-stdDH-sha1kdf-scheme -secg-scheme 11 0 : dhSinglePass-stdDH-sha224kdf-scheme -secg-scheme 11 1 : dhSinglePass-stdDH-sha256kdf-scheme -secg-scheme 11 2 : dhSinglePass-stdDH-sha384kdf-scheme -secg-scheme 11 3 : dhSinglePass-stdDH-sha512kdf-scheme - -x9-63-scheme 3 : dhSinglePass-cofactorDH-sha1kdf-scheme -secg-scheme 14 0 : dhSinglePass-cofactorDH-sha224kdf-scheme -secg-scheme 14 1 : dhSinglePass-cofactorDH-sha256kdf-scheme -secg-scheme 14 2 : dhSinglePass-cofactorDH-sha384kdf-scheme -secg-scheme 14 3 : dhSinglePass-cofactorDH-sha512kdf-scheme - -# DH NIDs for use with lookup tables. - : dh-std-kdf - : dh-cofactor-kdf - -# RFC 6962 Extension OIDs (see http://www.ietf.org/rfc/rfc6962.txt) -1 3 6 1 4 1 11129 2 4 2 : ct_precert_scts : CT Precertificate SCTs -1 3 6 1 4 1 11129 2 4 3 : ct_precert_poison : CT Precertificate Poison -1 3 6 1 4 1 11129 2 4 4 : ct_precert_signer : CT Precertificate Signer -1 3 6 1 4 1 11129 2 4 5 : ct_cert_scts : CT Certificate SCTs - -# NID for TLS1 PRF - : TLS1-PRF : tls1-prf -# NID for HKDF - : HKDF : hkdf - -identified-organization 36 : teletrust -teletrust 3 3 2 8 1 : brainpool -brainpool 1 1 : brainpoolP160r1 -brainpool 1 2 : brainpoolP160t1 -brainpool 1 3 : brainpoolP192r1 -brainpool 1 4 : brainpoolP192t1 -brainpool 1 5 : brainpoolP224r1 -brainpool 1 6 : brainpoolP224t1 -brainpool 1 7 : brainpoolP256r1 -brainpool 1 8 : brainpoolP256t1 -brainpool 1 9 : brainpoolP320r1 -brainpool 1 10 : brainpoolP320t1 -brainpool 1 11 : brainpoolP384r1 -brainpool 1 12 : brainpoolP384t1 -brainpool 1 13 : brainpoolP512r1 -brainpool 1 14 : brainpoolP512t1 - -1 2 250 1 223 101 256 1 : FRP256v1 - -# ChaCha Stream Cipher -!Cname chacha20 - : ChaCha : chacha - - : ChaCha20-Poly1305 : chacha20-poly1305 - - : gost89-ecb - : gost89-cbc - -member-body 643 7 1 : tc26 -!Cname id-tc26-gost3411-2012-256 -tc26 1 2 2 : streebog256 : GOST R 34.11-2012 (256 bit) -!Cname id-tc26-gost3411-2012-512 -tc26 1 2 3 : streebog512 : GOST R 34-11-2012 (512 bit) -tc26 1 4 1 : id-tc26-hmac-gost-3411-12-256 : HMAC STREEBOG 256 -tc26 1 4 2 : id-tc26-hmac-gost-3411-12-512 : HMAC STREEBOG 512 -tc26 2 1 1 1 : id-tc26-gost-3410-12-256-paramSetA : GOST R 34.10-2012 (256 bit) ParamSet A -tc26 2 1 1 2 : id-tc26-gost-3410-12-256-paramSetB : GOST R 34.10-2012 (256 bit) ParamSet B -tc26 2 1 1 3 : id-tc26-gost-3410-12-256-paramSetC : GOST R 34.10-2012 (256 bit) ParamSet C -tc26 2 1 1 4 : id-tc26-gost-3410-12-256-paramSetD : GOST R 34.10-2012 (256 bit) ParamSet D -tc26 2 1 2 0 : id-tc26-gost-3410-12-512-paramSetTest : GOST R 34.10-2012 (512 bit) testing parameter set -tc26 2 1 2 1 : id-tc26-gost-3410-12-512-paramSetA : GOST R 34.10-2012 (512 bit) ParamSet A -tc26 2 1 2 2 : id-tc26-gost-3410-12-512-paramSetB : GOST R 34.10-2012 (512 bit) ParamSet B -tc26 2 1 2 3 : id-tc26-gost-3410-12-512-paramSetC : GOST R 34.10-2012 (512 bit) ParamSet C -tc26 2 5 1 1 : id-tc26-gost-28147-param-Z -tc26 1 1 1 : id-tc26-gost3410-2012-256 : GOST R 34.10-2012 (256 bit) -tc26 1 1 2 : id-tc26-gost3410-2012-512 : GOST R 34.10-2012 (512 bit) -tc26 1 3 2 : id-tc26-signwithdigest-gost3410-2012-256 : GOST R 34.11-2012 with GOST R 34.10-2012 (256 bit) -tc26 1 3 3 : id-tc26-signwithdigest-gost3410-2012-512 : GOST R 34.11-2012 with GOST R 34.10-2012 (512 bit) - -# Curves from draft-ietf-curdle-pkix-02 -1 3 101 110 : X25519 -1 3 101 111 : X448 -1 3 101 112 : Ed25519 -1 3 101 113 : Ed448 -1 3 101 114 : Ed25519ph -1 3 101 115 : Ed448ph - -# TLS cipher suite key exchange - : KxRSA : kx-rsa - : KxECDHE : kx-ecdhe - : KxDHE : kx-dhe - : KxGOST : kx-gost - -# TLS cipher suite authentication - : AuthRSA : auth-rsa - : AuthECDSA : auth-ecdsa - : AuthGOST01 : auth-gost01 - : AuthNULL : auth-null diff --git a/src/lib/libcrypto/ocsp/ocsp.h b/src/lib/libcrypto/ocsp/ocsp.h deleted file mode 100644 index 691ee4a3dc..0000000000 --- a/src/lib/libcrypto/ocsp/ocsp.h +++ /dev/null @@ -1,484 +0,0 @@ -/* $OpenBSD: ocsp.h,v 1.20 2022/07/12 14:42:49 kn Exp $ */ -/* Written by Tom Titchener for the OpenSSL - * project. */ - -/* History: - This file was transfered to Richard Levitte from CertCo by Kathy - Weinhold in mid-spring 2000 to be included in OpenSSL or released - as a patch kit. */ - -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_OCSP_H -#define HEADER_OCSP_H - -#include -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * CRLReason ::= ENUMERATED { - * unspecified (0), - * keyCompromise (1), - * cACompromise (2), - * affiliationChanged (3), - * superseded (4), - * cessationOfOperation (5), - * certificateHold (6), - * removeFromCRL (8) } - */ -#define OCSP_REVOKED_STATUS_NOSTATUS -1 -#define OCSP_REVOKED_STATUS_UNSPECIFIED 0 -#define OCSP_REVOKED_STATUS_KEYCOMPROMISE 1 -#define OCSP_REVOKED_STATUS_CACOMPROMISE 2 -#define OCSP_REVOKED_STATUS_AFFILIATIONCHANGED 3 -#define OCSP_REVOKED_STATUS_SUPERSEDED 4 -#define OCSP_REVOKED_STATUS_CESSATIONOFOPERATION 5 -#define OCSP_REVOKED_STATUS_CERTIFICATEHOLD 6 -#define OCSP_REVOKED_STATUS_REMOVEFROMCRL 8 - - -/* Various flags and values */ - -#define OCSP_DEFAULT_NONCE_LENGTH 16 - -#define OCSP_NOCERTS 0x1 -#define OCSP_NOINTERN 0x2 -#define OCSP_NOSIGS 0x4 -#define OCSP_NOCHAIN 0x8 -#define OCSP_NOVERIFY 0x10 -#define OCSP_NOEXPLICIT 0x20 -#define OCSP_NOCASIGN 0x40 -#define OCSP_NODELEGATED 0x80 -#define OCSP_NOCHECKS 0x100 -#define OCSP_TRUSTOTHER 0x200 -#define OCSP_RESPID_KEY 0x400 -#define OCSP_NOTIME 0x800 - -typedef struct ocsp_cert_id_st OCSP_CERTID; - -DECLARE_STACK_OF(OCSP_CERTID) - -typedef struct ocsp_one_request_st OCSP_ONEREQ; - -DECLARE_STACK_OF(OCSP_ONEREQ) - -typedef struct ocsp_req_info_st OCSP_REQINFO; -typedef struct ocsp_signature_st OCSP_SIGNATURE; -typedef struct ocsp_request_st OCSP_REQUEST; - -#define OCSP_RESPONSE_STATUS_SUCCESSFUL 0 -#define OCSP_RESPONSE_STATUS_MALFORMEDREQUEST 1 -#define OCSP_RESPONSE_STATUS_INTERNALERROR 2 -#define OCSP_RESPONSE_STATUS_TRYLATER 3 -#define OCSP_RESPONSE_STATUS_SIGREQUIRED 5 -#define OCSP_RESPONSE_STATUS_UNAUTHORIZED 6 - -typedef struct ocsp_resp_bytes_st OCSP_RESPBYTES; - -#define V_OCSP_RESPID_NAME 0 -#define V_OCSP_RESPID_KEY 1 - -DECLARE_STACK_OF(OCSP_RESPID) - -OCSP_RESPID *OCSP_RESPID_new(void); -void OCSP_RESPID_free(OCSP_RESPID *a); -OCSP_RESPID *d2i_OCSP_RESPID(OCSP_RESPID **a, const unsigned char **in, long len); -int i2d_OCSP_RESPID(OCSP_RESPID *a, unsigned char **out); -extern const ASN1_ITEM OCSP_RESPID_it; - -typedef struct ocsp_revoked_info_st OCSP_REVOKEDINFO; - -#define V_OCSP_CERTSTATUS_GOOD 0 -#define V_OCSP_CERTSTATUS_REVOKED 1 -#define V_OCSP_CERTSTATUS_UNKNOWN 2 - -typedef struct ocsp_cert_status_st OCSP_CERTSTATUS; -typedef struct ocsp_single_response_st OCSP_SINGLERESP; - -DECLARE_STACK_OF(OCSP_SINGLERESP) - -typedef struct ocsp_response_data_st OCSP_RESPDATA; - -typedef struct ocsp_basic_response_st OCSP_BASICRESP; - -typedef struct ocsp_crl_id_st OCSP_CRLID; -typedef struct ocsp_service_locator_st OCSP_SERVICELOC; - -#define PEM_STRING_OCSP_REQUEST "OCSP REQUEST" -#define PEM_STRING_OCSP_RESPONSE "OCSP RESPONSE" - -#define PEM_read_bio_OCSP_REQUEST(bp,x,cb) \ - (OCSP_REQUEST *)PEM_ASN1_read_bio((char *(*)())d2i_OCSP_REQUEST, \ - PEM_STRING_OCSP_REQUEST,bp,(char **)x,cb,NULL) - -#define PEM_read_bio_OCSP_RESPONSE(bp,x,cb) \ - (OCSP_RESPONSE *)PEM_ASN1_read_bio((char *(*)())d2i_OCSP_RESPONSE, \ - PEM_STRING_OCSP_RESPONSE,bp,(char **)x,cb,NULL) - -#define PEM_write_bio_OCSP_REQUEST(bp,o) \ - PEM_ASN1_write_bio((int (*)())i2d_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,\ - bp,(char *)o, NULL,NULL,0,NULL,NULL) - -#define PEM_write_bio_OCSP_RESPONSE(bp,o) \ - PEM_ASN1_write_bio((int (*)())i2d_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,\ - bp,(char *)o, NULL,NULL,0,NULL,NULL) - -#define ASN1_BIT_STRING_digest(data,type,md,len) \ - ASN1_item_digest(&ASN1_BIT_STRING_it,type,data,md,len) - -#define OCSP_CERTSTATUS_dup(cs) \ - ASN1_item_dup(&OCSP_CERTSTATUS_it, cs) - -OCSP_CERTID *OCSP_CERTID_dup(OCSP_CERTID *id); - -OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, const char *path, OCSP_REQUEST *req); -OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, OCSP_REQUEST *req, - int maxline); -int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx); -void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx); -int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req); -int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx, const char *name, - const char *value); - -OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, const X509 *subject, - const X509 *issuer); - -OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst, const X509_NAME *issuerName, - const ASN1_BIT_STRING *issuerKey, const ASN1_INTEGER *serialNumber); - -OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid); - -int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len); -int OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len); -int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs); -int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req); - -int OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm); -int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert); - -int OCSP_request_sign(OCSP_REQUEST *req, X509 *signer, EVP_PKEY *key, - const EVP_MD *dgst, STACK_OF(X509) *certs, unsigned long flags); - -int OCSP_response_status(OCSP_RESPONSE *resp); -OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp); - -const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs); -const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs); -const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs); -int OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer, - STACK_OF(X509) *extra_certs); - -int OCSP_resp_count(OCSP_BASICRESP *bs); -OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx); -const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(const OCSP_BASICRESP *bs); -const STACK_OF(X509) *OCSP_resp_get0_certs(const OCSP_BASICRESP *bs); -int OCSP_resp_get0_id(const OCSP_BASICRESP *bs, - const ASN1_OCTET_STRING **pid, const X509_NAME **pname); - -int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last); -int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason, - ASN1_GENERALIZEDTIME **revtime, ASN1_GENERALIZEDTIME **thisupd, - ASN1_GENERALIZEDTIME **nextupd); -int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status, - int *reason, ASN1_GENERALIZEDTIME **revtime, - ASN1_GENERALIZEDTIME **thisupd, ASN1_GENERALIZEDTIME **nextupd); -int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd, - ASN1_GENERALIZEDTIME *nextupd, long sec, long maxsec); - -int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs, - X509_STORE *store, unsigned long flags); - -int OCSP_parse_url(const char *url, char **phost, char **pport, - char **ppath, int *pssl); - -int OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b); -int OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b); - -int OCSP_request_onereq_count(OCSP_REQUEST *req); -OCSP_ONEREQ *OCSP_request_onereq_get0(OCSP_REQUEST *req, int i); -OCSP_CERTID *OCSP_onereq_get0_id(OCSP_ONEREQ *one); -int OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd, - ASN1_OCTET_STRING **pikeyHash, ASN1_INTEGER **pserial, - OCSP_CERTID *cid); -int OCSP_request_is_signed(OCSP_REQUEST *req); -OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs); -OCSP_SINGLERESP *OCSP_basic_add1_status(OCSP_BASICRESP *rsp, OCSP_CERTID *cid, - int status, int reason, ASN1_TIME *revtime, ASN1_TIME *thisupd, - ASN1_TIME *nextupd); -int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert); -int OCSP_basic_sign(OCSP_BASICRESP *brsp, X509 *signer, EVP_PKEY *key, - const EVP_MD *dgst, STACK_OF(X509) *certs, unsigned long flags); - -X509_EXTENSION *OCSP_crlID_new(const char *url, long *n, char *tim); - -X509_EXTENSION *OCSP_accept_responses_new(char **oids); - -X509_EXTENSION *OCSP_archive_cutoff_new(char* tim); - -X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME* issuer, const char **urls); - -int OCSP_REQUEST_get_ext_count(OCSP_REQUEST *x); -int OCSP_REQUEST_get_ext_by_NID(OCSP_REQUEST *x, int nid, int lastpos); -int OCSP_REQUEST_get_ext_by_OBJ(OCSP_REQUEST *x, const ASN1_OBJECT *obj, - int lastpos); -int OCSP_REQUEST_get_ext_by_critical(OCSP_REQUEST *x, int crit, - int lastpos); -X509_EXTENSION *OCSP_REQUEST_get_ext(OCSP_REQUEST *x, int loc); -X509_EXTENSION *OCSP_REQUEST_delete_ext(OCSP_REQUEST *x, int loc); -void *OCSP_REQUEST_get1_ext_d2i(OCSP_REQUEST *x, int nid, int *crit, int *idx); -int OCSP_REQUEST_add1_ext_i2d(OCSP_REQUEST *x, int nid, void *value, - int crit, unsigned long flags); -int OCSP_REQUEST_add_ext(OCSP_REQUEST *x, X509_EXTENSION *ex, int loc); - -int OCSP_ONEREQ_get_ext_count(OCSP_ONEREQ *x); -int OCSP_ONEREQ_get_ext_by_NID(OCSP_ONEREQ *x, int nid, int lastpos); -int OCSP_ONEREQ_get_ext_by_OBJ(OCSP_ONEREQ *x, const ASN1_OBJECT *obj, - int lastpos); -int OCSP_ONEREQ_get_ext_by_critical(OCSP_ONEREQ *x, int crit, int lastpos); -X509_EXTENSION *OCSP_ONEREQ_get_ext(OCSP_ONEREQ *x, int loc); -X509_EXTENSION *OCSP_ONEREQ_delete_ext(OCSP_ONEREQ *x, int loc); -void *OCSP_ONEREQ_get1_ext_d2i(OCSP_ONEREQ *x, int nid, int *crit, int *idx); -int OCSP_ONEREQ_add1_ext_i2d(OCSP_ONEREQ *x, int nid, void *value, int crit, - unsigned long flags); -int OCSP_ONEREQ_add_ext(OCSP_ONEREQ *x, X509_EXTENSION *ex, int loc); - -int OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *x); -int OCSP_BASICRESP_get_ext_by_NID(OCSP_BASICRESP *x, int nid, int lastpos); -int OCSP_BASICRESP_get_ext_by_OBJ(OCSP_BASICRESP *x, const ASN1_OBJECT *obj, - int lastpos); -int OCSP_BASICRESP_get_ext_by_critical(OCSP_BASICRESP *x, int crit, - int lastpos); -X509_EXTENSION *OCSP_BASICRESP_get_ext(OCSP_BASICRESP *x, int loc); -X509_EXTENSION *OCSP_BASICRESP_delete_ext(OCSP_BASICRESP *x, int loc); -void *OCSP_BASICRESP_get1_ext_d2i(OCSP_BASICRESP *x, int nid, int *crit, - int *idx); -int OCSP_BASICRESP_add1_ext_i2d(OCSP_BASICRESP *x, int nid, void *value, - int crit, unsigned long flags); -int OCSP_BASICRESP_add_ext(OCSP_BASICRESP *x, X509_EXTENSION *ex, int loc); - -int OCSP_SINGLERESP_get_ext_count(OCSP_SINGLERESP *x); -int OCSP_SINGLERESP_get_ext_by_NID(OCSP_SINGLERESP *x, int nid, - int lastpos); -int OCSP_SINGLERESP_get_ext_by_OBJ(OCSP_SINGLERESP *x, - const ASN1_OBJECT *obj, int lastpos); -int OCSP_SINGLERESP_get_ext_by_critical(OCSP_SINGLERESP *x, int crit, - int lastpos); -X509_EXTENSION *OCSP_SINGLERESP_get_ext(OCSP_SINGLERESP *x, int loc); -X509_EXTENSION *OCSP_SINGLERESP_delete_ext(OCSP_SINGLERESP *x, int loc); -void *OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP *x, int nid, int *crit, - int *idx); -int OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value, - int crit, unsigned long flags); -int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, - int loc); -const OCSP_CERTID *OCSP_SINGLERESP_get0_id(const OCSP_SINGLERESP *x); - -OCSP_SINGLERESP *OCSP_SINGLERESP_new(void); -void OCSP_SINGLERESP_free(OCSP_SINGLERESP *a); -OCSP_SINGLERESP *d2i_OCSP_SINGLERESP(OCSP_SINGLERESP **a, const unsigned char **in, long len); -int i2d_OCSP_SINGLERESP(OCSP_SINGLERESP *a, unsigned char **out); -extern const ASN1_ITEM OCSP_SINGLERESP_it; -OCSP_CERTSTATUS *OCSP_CERTSTATUS_new(void); -void OCSP_CERTSTATUS_free(OCSP_CERTSTATUS *a); -OCSP_CERTSTATUS *d2i_OCSP_CERTSTATUS(OCSP_CERTSTATUS **a, const unsigned char **in, long len); -int i2d_OCSP_CERTSTATUS(OCSP_CERTSTATUS *a, unsigned char **out); -extern const ASN1_ITEM OCSP_CERTSTATUS_it; -OCSP_REVOKEDINFO *OCSP_REVOKEDINFO_new(void); -void OCSP_REVOKEDINFO_free(OCSP_REVOKEDINFO *a); -OCSP_REVOKEDINFO *d2i_OCSP_REVOKEDINFO(OCSP_REVOKEDINFO **a, const unsigned char **in, long len); -int i2d_OCSP_REVOKEDINFO(OCSP_REVOKEDINFO *a, unsigned char **out); -extern const ASN1_ITEM OCSP_REVOKEDINFO_it; -OCSP_BASICRESP *OCSP_BASICRESP_new(void); -void OCSP_BASICRESP_free(OCSP_BASICRESP *a); -OCSP_BASICRESP *d2i_OCSP_BASICRESP(OCSP_BASICRESP **a, const unsigned char **in, long len); -int i2d_OCSP_BASICRESP(OCSP_BASICRESP *a, unsigned char **out); -extern const ASN1_ITEM OCSP_BASICRESP_it; -OCSP_RESPDATA *OCSP_RESPDATA_new(void); -void OCSP_RESPDATA_free(OCSP_RESPDATA *a); -OCSP_RESPDATA *d2i_OCSP_RESPDATA(OCSP_RESPDATA **a, const unsigned char **in, long len); -int i2d_OCSP_RESPDATA(OCSP_RESPDATA *a, unsigned char **out); -extern const ASN1_ITEM OCSP_RESPDATA_it; -OCSP_RESPID *OCSP_RESPID_new(void); -void OCSP_RESPID_free(OCSP_RESPID *a); -OCSP_RESPID *d2i_OCSP_RESPID(OCSP_RESPID **a, const unsigned char **in, long len); -int i2d_OCSP_RESPID(OCSP_RESPID *a, unsigned char **out); -extern const ASN1_ITEM OCSP_RESPID_it; -OCSP_RESPONSE *OCSP_RESPONSE_new(void); -void OCSP_RESPONSE_free(OCSP_RESPONSE *a); -OCSP_RESPONSE *d2i_OCSP_RESPONSE(OCSP_RESPONSE **a, const unsigned char **in, long len); -int i2d_OCSP_RESPONSE(OCSP_RESPONSE *a, unsigned char **out); -OCSP_RESPONSE *d2i_OCSP_RESPONSE_bio(BIO *bp, OCSP_RESPONSE **a); -int i2d_OCSP_RESPONSE_bio(BIO *bp, OCSP_RESPONSE *a); -extern const ASN1_ITEM OCSP_RESPONSE_it; -OCSP_RESPBYTES *OCSP_RESPBYTES_new(void); -void OCSP_RESPBYTES_free(OCSP_RESPBYTES *a); -OCSP_RESPBYTES *d2i_OCSP_RESPBYTES(OCSP_RESPBYTES **a, const unsigned char **in, long len); -int i2d_OCSP_RESPBYTES(OCSP_RESPBYTES *a, unsigned char **out); -extern const ASN1_ITEM OCSP_RESPBYTES_it; -OCSP_ONEREQ *OCSP_ONEREQ_new(void); -void OCSP_ONEREQ_free(OCSP_ONEREQ *a); -OCSP_ONEREQ *d2i_OCSP_ONEREQ(OCSP_ONEREQ **a, const unsigned char **in, long len); -int i2d_OCSP_ONEREQ(OCSP_ONEREQ *a, unsigned char **out); -extern const ASN1_ITEM OCSP_ONEREQ_it; -OCSP_CERTID *OCSP_CERTID_new(void); -void OCSP_CERTID_free(OCSP_CERTID *a); -OCSP_CERTID *d2i_OCSP_CERTID(OCSP_CERTID **a, const unsigned char **in, long len); -int i2d_OCSP_CERTID(OCSP_CERTID *a, unsigned char **out); -extern const ASN1_ITEM OCSP_CERTID_it; -OCSP_REQUEST *OCSP_REQUEST_new(void); -void OCSP_REQUEST_free(OCSP_REQUEST *a); -OCSP_REQUEST *d2i_OCSP_REQUEST(OCSP_REQUEST **a, const unsigned char **in, long len); -int i2d_OCSP_REQUEST(OCSP_REQUEST *a, unsigned char **out); -OCSP_REQUEST *d2i_OCSP_REQUEST_bio(BIO *bp, OCSP_REQUEST **a); -int i2d_OCSP_REQUEST_bio(BIO *bp, OCSP_REQUEST *a); -extern const ASN1_ITEM OCSP_REQUEST_it; -OCSP_SIGNATURE *OCSP_SIGNATURE_new(void); -void OCSP_SIGNATURE_free(OCSP_SIGNATURE *a); -OCSP_SIGNATURE *d2i_OCSP_SIGNATURE(OCSP_SIGNATURE **a, const unsigned char **in, long len); -int i2d_OCSP_SIGNATURE(OCSP_SIGNATURE *a, unsigned char **out); -extern const ASN1_ITEM OCSP_SIGNATURE_it; -OCSP_REQINFO *OCSP_REQINFO_new(void); -void OCSP_REQINFO_free(OCSP_REQINFO *a); -OCSP_REQINFO *d2i_OCSP_REQINFO(OCSP_REQINFO **a, const unsigned char **in, long len); -int i2d_OCSP_REQINFO(OCSP_REQINFO *a, unsigned char **out); -extern const ASN1_ITEM OCSP_REQINFO_it; -OCSP_CRLID *OCSP_CRLID_new(void); -void OCSP_CRLID_free(OCSP_CRLID *a); -OCSP_CRLID *d2i_OCSP_CRLID(OCSP_CRLID **a, const unsigned char **in, long len); -int i2d_OCSP_CRLID(OCSP_CRLID *a, unsigned char **out); -extern const ASN1_ITEM OCSP_CRLID_it; -OCSP_SERVICELOC *OCSP_SERVICELOC_new(void); -void OCSP_SERVICELOC_free(OCSP_SERVICELOC *a); -OCSP_SERVICELOC *d2i_OCSP_SERVICELOC(OCSP_SERVICELOC **a, const unsigned char **in, long len); -int i2d_OCSP_SERVICELOC(OCSP_SERVICELOC *a, unsigned char **out); -extern const ASN1_ITEM OCSP_SERVICELOC_it; - -const char *OCSP_response_status_str(long s); -const char *OCSP_cert_status_str(long s); -const char *OCSP_crl_reason_str(long s); - -int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* a, unsigned long flags); -int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags); - -int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs, - X509_STORE *st, unsigned long flags); - -void ERR_load_OCSP_strings(void); - -/* Error codes for the OCSP functions. */ - -/* Function codes. */ -#define OCSP_F_ASN1_STRING_ENCODE 100 -#define OCSP_F_D2I_OCSP_NONCE 102 -#define OCSP_F_OCSP_BASIC_ADD1_STATUS 103 -#define OCSP_F_OCSP_BASIC_SIGN 104 -#define OCSP_F_OCSP_BASIC_VERIFY 105 -#define OCSP_F_OCSP_CERT_ID_NEW 101 -#define OCSP_F_OCSP_CHECK_DELEGATED 106 -#define OCSP_F_OCSP_CHECK_IDS 107 -#define OCSP_F_OCSP_CHECK_ISSUER 108 -#define OCSP_F_OCSP_CHECK_VALIDITY 115 -#define OCSP_F_OCSP_MATCH_ISSUERID 109 -#define OCSP_F_OCSP_PARSE_URL 114 -#define OCSP_F_OCSP_REQUEST_SIGN 110 -#define OCSP_F_OCSP_REQUEST_VERIFY 116 -#define OCSP_F_OCSP_RESPONSE_GET1_BASIC 111 -#define OCSP_F_OCSP_SENDREQ_BIO 112 -#define OCSP_F_OCSP_SENDREQ_NBIO 117 -#define OCSP_F_PARSE_HTTP_LINE1 118 -#define OCSP_F_REQUEST_VERIFY 113 - -/* Reason codes. */ -#define OCSP_R_BAD_DATA 100 -#define OCSP_R_CERTIFICATE_VERIFY_ERROR 101 -#define OCSP_R_DIGEST_ERR 102 -#define OCSP_R_ERROR_IN_NEXTUPDATE_FIELD 122 -#define OCSP_R_ERROR_IN_THISUPDATE_FIELD 123 -#define OCSP_R_ERROR_PARSING_URL 121 -#define OCSP_R_MISSING_OCSPSIGNING_USAGE 103 -#define OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE 124 -#define OCSP_R_NOT_BASIC_RESPONSE 104 -#define OCSP_R_NO_CERTIFICATES_IN_CHAIN 105 -#define OCSP_R_NO_CONTENT 106 -#define OCSP_R_NO_PUBLIC_KEY 107 -#define OCSP_R_NO_RESPONSE_DATA 108 -#define OCSP_R_NO_REVOKED_TIME 109 -#define OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 110 -#define OCSP_R_REQUEST_NOT_SIGNED 128 -#define OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA 111 -#define OCSP_R_ROOT_CA_NOT_TRUSTED 112 -#define OCSP_R_SERVER_READ_ERROR 113 -#define OCSP_R_SERVER_RESPONSE_ERROR 114 -#define OCSP_R_SERVER_RESPONSE_PARSE_ERROR 115 -#define OCSP_R_SERVER_WRITE_ERROR 116 -#define OCSP_R_SIGNATURE_FAILURE 117 -#define OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND 118 -#define OCSP_R_STATUS_EXPIRED 125 -#define OCSP_R_STATUS_NOT_YET_VALID 126 -#define OCSP_R_STATUS_TOO_OLD 127 -#define OCSP_R_UNKNOWN_MESSAGE_DIGEST 119 -#define OCSP_R_UNKNOWN_NID 120 -#define OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE 129 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/ocsp/ocsp_asn.c b/src/lib/libcrypto/ocsp/ocsp_asn.c deleted file mode 100644 index abceaac832..0000000000 --- a/src/lib/libcrypto/ocsp/ocsp_asn.c +++ /dev/null @@ -1,1066 +0,0 @@ -/* $OpenBSD: ocsp_asn.c,v 1.12 2024/07/08 14:53:11 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -#include -#include -#include - -#include "ocsp_local.h" - -static const ASN1_TEMPLATE OCSP_SIGNATURE_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(OCSP_SIGNATURE, signatureAlgorithm), - .field_name = "signatureAlgorithm", - .item = &X509_ALGOR_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(OCSP_SIGNATURE, signature), - .field_name = "signature", - .item = &ASN1_BIT_STRING_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(OCSP_SIGNATURE, certs), - .field_name = "certs", - .item = &X509_it, - }, -}; - -const ASN1_ITEM OCSP_SIGNATURE_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = OCSP_SIGNATURE_seq_tt, - .tcount = sizeof(OCSP_SIGNATURE_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(OCSP_SIGNATURE), - .sname = "OCSP_SIGNATURE", -}; -LCRYPTO_ALIAS(OCSP_SIGNATURE_it); - - -OCSP_SIGNATURE * -d2i_OCSP_SIGNATURE(OCSP_SIGNATURE **a, const unsigned char **in, long len) -{ - return (OCSP_SIGNATURE *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &OCSP_SIGNATURE_it); -} -LCRYPTO_ALIAS(d2i_OCSP_SIGNATURE); - -int -i2d_OCSP_SIGNATURE(OCSP_SIGNATURE *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_SIGNATURE_it); -} -LCRYPTO_ALIAS(i2d_OCSP_SIGNATURE); - -OCSP_SIGNATURE * -OCSP_SIGNATURE_new(void) -{ - return (OCSP_SIGNATURE *)ASN1_item_new(&OCSP_SIGNATURE_it); -} -LCRYPTO_ALIAS(OCSP_SIGNATURE_new); - -void -OCSP_SIGNATURE_free(OCSP_SIGNATURE *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &OCSP_SIGNATURE_it); -} -LCRYPTO_ALIAS(OCSP_SIGNATURE_free); - -static const ASN1_TEMPLATE OCSP_CERTID_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(OCSP_CERTID, hashAlgorithm), - .field_name = "hashAlgorithm", - .item = &X509_ALGOR_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(OCSP_CERTID, issuerNameHash), - .field_name = "issuerNameHash", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(OCSP_CERTID, issuerKeyHash), - .field_name = "issuerKeyHash", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(OCSP_CERTID, serialNumber), - .field_name = "serialNumber", - .item = &ASN1_INTEGER_it, - }, -}; - -const ASN1_ITEM OCSP_CERTID_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = OCSP_CERTID_seq_tt, - .tcount = sizeof(OCSP_CERTID_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(OCSP_CERTID), - .sname = "OCSP_CERTID", -}; -LCRYPTO_ALIAS(OCSP_CERTID_it); - - -OCSP_CERTID * -d2i_OCSP_CERTID(OCSP_CERTID **a, const unsigned char **in, long len) -{ - return (OCSP_CERTID *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &OCSP_CERTID_it); -} -LCRYPTO_ALIAS(d2i_OCSP_CERTID); - -int -i2d_OCSP_CERTID(OCSP_CERTID *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_CERTID_it); -} -LCRYPTO_ALIAS(i2d_OCSP_CERTID); - -OCSP_CERTID * -OCSP_CERTID_new(void) -{ - return (OCSP_CERTID *)ASN1_item_new(&OCSP_CERTID_it); -} -LCRYPTO_ALIAS(OCSP_CERTID_new); - -void -OCSP_CERTID_free(OCSP_CERTID *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &OCSP_CERTID_it); -} -LCRYPTO_ALIAS(OCSP_CERTID_free); - -static const ASN1_TEMPLATE OCSP_ONEREQ_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(OCSP_ONEREQ, reqCert), - .field_name = "reqCert", - .item = &OCSP_CERTID_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(OCSP_ONEREQ, singleRequestExtensions), - .field_name = "singleRequestExtensions", - .item = &X509_EXTENSION_it, - }, -}; - -const ASN1_ITEM OCSP_ONEREQ_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = OCSP_ONEREQ_seq_tt, - .tcount = sizeof(OCSP_ONEREQ_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(OCSP_ONEREQ), - .sname = "OCSP_ONEREQ", -}; -LCRYPTO_ALIAS(OCSP_ONEREQ_it); - - -OCSP_ONEREQ * -d2i_OCSP_ONEREQ(OCSP_ONEREQ **a, const unsigned char **in, long len) -{ - return (OCSP_ONEREQ *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &OCSP_ONEREQ_it); -} -LCRYPTO_ALIAS(d2i_OCSP_ONEREQ); - -int -i2d_OCSP_ONEREQ(OCSP_ONEREQ *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_ONEREQ_it); -} -LCRYPTO_ALIAS(i2d_OCSP_ONEREQ); - -OCSP_ONEREQ * -OCSP_ONEREQ_new(void) -{ - return (OCSP_ONEREQ *)ASN1_item_new(&OCSP_ONEREQ_it); -} -LCRYPTO_ALIAS(OCSP_ONEREQ_new); - -void -OCSP_ONEREQ_free(OCSP_ONEREQ *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &OCSP_ONEREQ_it); -} -LCRYPTO_ALIAS(OCSP_ONEREQ_free); - -static const ASN1_TEMPLATE OCSP_REQINFO_seq_tt[] = { - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(OCSP_REQINFO, version), - .field_name = "version", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(OCSP_REQINFO, requestorName), - .field_name = "requestorName", - .item = &GENERAL_NAME_it, - }, - { - .flags = ASN1_TFLG_SEQUENCE_OF, - .tag = 0, - .offset = offsetof(OCSP_REQINFO, requestList), - .field_name = "requestList", - .item = &OCSP_ONEREQ_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, - .tag = 2, - .offset = offsetof(OCSP_REQINFO, requestExtensions), - .field_name = "requestExtensions", - .item = &X509_EXTENSION_it, - }, -}; - -const ASN1_ITEM OCSP_REQINFO_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = OCSP_REQINFO_seq_tt, - .tcount = sizeof(OCSP_REQINFO_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(OCSP_REQINFO), - .sname = "OCSP_REQINFO", -}; -LCRYPTO_ALIAS(OCSP_REQINFO_it); - - -OCSP_REQINFO * -d2i_OCSP_REQINFO(OCSP_REQINFO **a, const unsigned char **in, long len) -{ - return (OCSP_REQINFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &OCSP_REQINFO_it); -} -LCRYPTO_ALIAS(d2i_OCSP_REQINFO); - -int -i2d_OCSP_REQINFO(OCSP_REQINFO *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_REQINFO_it); -} -LCRYPTO_ALIAS(i2d_OCSP_REQINFO); - -OCSP_REQINFO * -OCSP_REQINFO_new(void) -{ - return (OCSP_REQINFO *)ASN1_item_new(&OCSP_REQINFO_it); -} -LCRYPTO_ALIAS(OCSP_REQINFO_new); - -void -OCSP_REQINFO_free(OCSP_REQINFO *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &OCSP_REQINFO_it); -} -LCRYPTO_ALIAS(OCSP_REQINFO_free); - -static const ASN1_TEMPLATE OCSP_REQUEST_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(OCSP_REQUEST, tbsRequest), - .field_name = "tbsRequest", - .item = &OCSP_REQINFO_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(OCSP_REQUEST, optionalSignature), - .field_name = "optionalSignature", - .item = &OCSP_SIGNATURE_it, - }, -}; - -const ASN1_ITEM OCSP_REQUEST_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = OCSP_REQUEST_seq_tt, - .tcount = sizeof(OCSP_REQUEST_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(OCSP_REQUEST), - .sname = "OCSP_REQUEST", -}; -LCRYPTO_ALIAS(OCSP_REQUEST_it); - -OCSP_REQUEST * -d2i_OCSP_REQUEST(OCSP_REQUEST **a, const unsigned char **in, long len) -{ - return (OCSP_REQUEST *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &OCSP_REQUEST_it); -} -LCRYPTO_ALIAS(d2i_OCSP_REQUEST); - -int -i2d_OCSP_REQUEST(OCSP_REQUEST *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_REQUEST_it); -} -LCRYPTO_ALIAS(i2d_OCSP_REQUEST); - -OCSP_REQUEST * -d2i_OCSP_REQUEST_bio(BIO *bp, OCSP_REQUEST **a) -{ - return ASN1_item_d2i_bio(&OCSP_REQUEST_it, bp, a); -} -LCRYPTO_ALIAS(d2i_OCSP_REQUEST_bio); - -int -i2d_OCSP_REQUEST_bio(BIO *bp, OCSP_REQUEST *a) -{ - return ASN1_item_i2d_bio(&OCSP_REQUEST_it, bp, a); -} -LCRYPTO_ALIAS(i2d_OCSP_REQUEST_bio); - -OCSP_REQUEST * -OCSP_REQUEST_new(void) -{ - return (OCSP_REQUEST *)ASN1_item_new(&OCSP_REQUEST_it); -} -LCRYPTO_ALIAS(OCSP_REQUEST_new); - -void -OCSP_REQUEST_free(OCSP_REQUEST *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &OCSP_REQUEST_it); -} -LCRYPTO_ALIAS(OCSP_REQUEST_free); - -/* OCSP_RESPONSE templates */ - -static const ASN1_TEMPLATE OCSP_RESPBYTES_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(OCSP_RESPBYTES, responseType), - .field_name = "responseType", - .item = &ASN1_OBJECT_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(OCSP_RESPBYTES, response), - .field_name = "response", - .item = &ASN1_OCTET_STRING_it, - }, -}; - -const ASN1_ITEM OCSP_RESPBYTES_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = OCSP_RESPBYTES_seq_tt, - .tcount = sizeof(OCSP_RESPBYTES_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(OCSP_RESPBYTES), - .sname = "OCSP_RESPBYTES", -}; -LCRYPTO_ALIAS(OCSP_RESPBYTES_it); - - -OCSP_RESPBYTES * -d2i_OCSP_RESPBYTES(OCSP_RESPBYTES **a, const unsigned char **in, long len) -{ - return (OCSP_RESPBYTES *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &OCSP_RESPBYTES_it); -} -LCRYPTO_ALIAS(d2i_OCSP_RESPBYTES); - -int -i2d_OCSP_RESPBYTES(OCSP_RESPBYTES *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_RESPBYTES_it); -} -LCRYPTO_ALIAS(i2d_OCSP_RESPBYTES); - -OCSP_RESPBYTES * -OCSP_RESPBYTES_new(void) -{ - return (OCSP_RESPBYTES *)ASN1_item_new(&OCSP_RESPBYTES_it); -} -LCRYPTO_ALIAS(OCSP_RESPBYTES_new); - -void -OCSP_RESPBYTES_free(OCSP_RESPBYTES *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &OCSP_RESPBYTES_it); -} -LCRYPTO_ALIAS(OCSP_RESPBYTES_free); - -static const ASN1_TEMPLATE OCSP_RESPONSE_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(OCSP_RESPONSE, responseStatus), - .field_name = "responseStatus", - .item = &ASN1_ENUMERATED_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(OCSP_RESPONSE, responseBytes), - .field_name = "responseBytes", - .item = &OCSP_RESPBYTES_it, - }, -}; - -const ASN1_ITEM OCSP_RESPONSE_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = OCSP_RESPONSE_seq_tt, - .tcount = sizeof(OCSP_RESPONSE_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(OCSP_RESPONSE), - .sname = "OCSP_RESPONSE", -}; -LCRYPTO_ALIAS(OCSP_RESPONSE_it); - - -OCSP_RESPONSE * -d2i_OCSP_RESPONSE(OCSP_RESPONSE **a, const unsigned char **in, long len) -{ - return (OCSP_RESPONSE *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &OCSP_RESPONSE_it); -} -LCRYPTO_ALIAS(d2i_OCSP_RESPONSE); - -int -i2d_OCSP_RESPONSE(OCSP_RESPONSE *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_RESPONSE_it); -} -LCRYPTO_ALIAS(i2d_OCSP_RESPONSE); - -OCSP_RESPONSE * -d2i_OCSP_RESPONSE_bio(BIO *bp, OCSP_RESPONSE **a) -{ - return ASN1_item_d2i_bio(&OCSP_RESPONSE_it, bp, a); -} -LCRYPTO_ALIAS(d2i_OCSP_RESPONSE_bio); - -int -i2d_OCSP_RESPONSE_bio(BIO *bp, OCSP_RESPONSE *a) -{ - return ASN1_item_i2d_bio(&OCSP_RESPONSE_it, bp, a); -} -LCRYPTO_ALIAS(i2d_OCSP_RESPONSE_bio); - -OCSP_RESPONSE * -OCSP_RESPONSE_new(void) -{ - return (OCSP_RESPONSE *)ASN1_item_new(&OCSP_RESPONSE_it); -} -LCRYPTO_ALIAS(OCSP_RESPONSE_new); - -void -OCSP_RESPONSE_free(OCSP_RESPONSE *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &OCSP_RESPONSE_it); -} -LCRYPTO_ALIAS(OCSP_RESPONSE_free); - -static const ASN1_TEMPLATE OCSP_RESPID_ch_tt[] = { - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 1, - .offset = offsetof(OCSP_RESPID, value.byName), - .field_name = "value.byName", - .item = &X509_NAME_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 2, - .offset = offsetof(OCSP_RESPID, value.byKey), - .field_name = "value.byKey", - .item = &ASN1_OCTET_STRING_it, - }, -}; - -const ASN1_ITEM OCSP_RESPID_it = { - .itype = ASN1_ITYPE_CHOICE, - .utype = offsetof(OCSP_RESPID, type), - .templates = OCSP_RESPID_ch_tt, - .tcount = sizeof(OCSP_RESPID_ch_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(OCSP_RESPID), - .sname = "OCSP_RESPID", -}; -LCRYPTO_ALIAS(OCSP_RESPID_it); - - -OCSP_RESPID * -d2i_OCSP_RESPID(OCSP_RESPID **a, const unsigned char **in, long len) -{ - return (OCSP_RESPID *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &OCSP_RESPID_it); -} -LCRYPTO_ALIAS(d2i_OCSP_RESPID); - -int -i2d_OCSP_RESPID(OCSP_RESPID *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_RESPID_it); -} -LCRYPTO_ALIAS(i2d_OCSP_RESPID); - -OCSP_RESPID * -OCSP_RESPID_new(void) -{ - return (OCSP_RESPID *)ASN1_item_new(&OCSP_RESPID_it); -} -LCRYPTO_ALIAS(OCSP_RESPID_new); - -void -OCSP_RESPID_free(OCSP_RESPID *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &OCSP_RESPID_it); -} -LCRYPTO_ALIAS(OCSP_RESPID_free); - -static const ASN1_TEMPLATE OCSP_REVOKEDINFO_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(OCSP_REVOKEDINFO, revocationTime), - .field_name = "revocationTime", - .item = &ASN1_GENERALIZEDTIME_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(OCSP_REVOKEDINFO, revocationReason), - .field_name = "revocationReason", - .item = &ASN1_ENUMERATED_it, - }, -}; - -const ASN1_ITEM OCSP_REVOKEDINFO_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = OCSP_REVOKEDINFO_seq_tt, - .tcount = sizeof(OCSP_REVOKEDINFO_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(OCSP_REVOKEDINFO), - .sname = "OCSP_REVOKEDINFO", -}; -LCRYPTO_ALIAS(OCSP_REVOKEDINFO_it); - - -OCSP_REVOKEDINFO * -d2i_OCSP_REVOKEDINFO(OCSP_REVOKEDINFO **a, const unsigned char **in, long len) -{ - return (OCSP_REVOKEDINFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &OCSP_REVOKEDINFO_it); -} -LCRYPTO_ALIAS(d2i_OCSP_REVOKEDINFO); - -int -i2d_OCSP_REVOKEDINFO(OCSP_REVOKEDINFO *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_REVOKEDINFO_it); -} -LCRYPTO_ALIAS(i2d_OCSP_REVOKEDINFO); - -OCSP_REVOKEDINFO * -OCSP_REVOKEDINFO_new(void) -{ - return (OCSP_REVOKEDINFO *)ASN1_item_new(&OCSP_REVOKEDINFO_it); -} -LCRYPTO_ALIAS(OCSP_REVOKEDINFO_new); - -void -OCSP_REVOKEDINFO_free(OCSP_REVOKEDINFO *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &OCSP_REVOKEDINFO_it); -} -LCRYPTO_ALIAS(OCSP_REVOKEDINFO_free); - -static const ASN1_TEMPLATE OCSP_CERTSTATUS_ch_tt[] = { - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = 0, - .offset = offsetof(OCSP_CERTSTATUS, value.good), - .field_name = "value.good", - .item = &ASN1_NULL_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = 1, - .offset = offsetof(OCSP_CERTSTATUS, value.revoked), - .field_name = "value.revoked", - .item = &OCSP_REVOKEDINFO_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = 2, - .offset = offsetof(OCSP_CERTSTATUS, value.unknown), - .field_name = "value.unknown", - .item = &ASN1_NULL_it, - }, -}; - -const ASN1_ITEM OCSP_CERTSTATUS_it = { - .itype = ASN1_ITYPE_CHOICE, - .utype = offsetof(OCSP_CERTSTATUS, type), - .templates = OCSP_CERTSTATUS_ch_tt, - .tcount = sizeof(OCSP_CERTSTATUS_ch_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(OCSP_CERTSTATUS), - .sname = "OCSP_CERTSTATUS", -}; -LCRYPTO_ALIAS(OCSP_CERTSTATUS_it); - - -OCSP_CERTSTATUS * -d2i_OCSP_CERTSTATUS(OCSP_CERTSTATUS **a, const unsigned char **in, long len) -{ - return (OCSP_CERTSTATUS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &OCSP_CERTSTATUS_it); -} -LCRYPTO_ALIAS(d2i_OCSP_CERTSTATUS); - -int -i2d_OCSP_CERTSTATUS(OCSP_CERTSTATUS *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_CERTSTATUS_it); -} -LCRYPTO_ALIAS(i2d_OCSP_CERTSTATUS); - -OCSP_CERTSTATUS * -OCSP_CERTSTATUS_new(void) -{ - return (OCSP_CERTSTATUS *)ASN1_item_new(&OCSP_CERTSTATUS_it); -} -LCRYPTO_ALIAS(OCSP_CERTSTATUS_new); - -void -OCSP_CERTSTATUS_free(OCSP_CERTSTATUS *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &OCSP_CERTSTATUS_it); -} -LCRYPTO_ALIAS(OCSP_CERTSTATUS_free); - -static const ASN1_TEMPLATE OCSP_SINGLERESP_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(OCSP_SINGLERESP, certId), - .field_name = "certId", - .item = &OCSP_CERTID_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(OCSP_SINGLERESP, certStatus), - .field_name = "certStatus", - .item = &OCSP_CERTSTATUS_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(OCSP_SINGLERESP, thisUpdate), - .field_name = "thisUpdate", - .item = &ASN1_GENERALIZEDTIME_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(OCSP_SINGLERESP, nextUpdate), - .field_name = "nextUpdate", - .item = &ASN1_GENERALIZEDTIME_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(OCSP_SINGLERESP, singleExtensions), - .field_name = "singleExtensions", - .item = &X509_EXTENSION_it, - }, -}; - -const ASN1_ITEM OCSP_SINGLERESP_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = OCSP_SINGLERESP_seq_tt, - .tcount = sizeof(OCSP_SINGLERESP_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(OCSP_SINGLERESP), - .sname = "OCSP_SINGLERESP", -}; -LCRYPTO_ALIAS(OCSP_SINGLERESP_it); - - -OCSP_SINGLERESP * -d2i_OCSP_SINGLERESP(OCSP_SINGLERESP **a, const unsigned char **in, long len) -{ - return (OCSP_SINGLERESP *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &OCSP_SINGLERESP_it); -} -LCRYPTO_ALIAS(d2i_OCSP_SINGLERESP); - -int -i2d_OCSP_SINGLERESP(OCSP_SINGLERESP *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_SINGLERESP_it); -} -LCRYPTO_ALIAS(i2d_OCSP_SINGLERESP); - -OCSP_SINGLERESP * -OCSP_SINGLERESP_new(void) -{ - return (OCSP_SINGLERESP *)ASN1_item_new(&OCSP_SINGLERESP_it); -} -LCRYPTO_ALIAS(OCSP_SINGLERESP_new); - -void -OCSP_SINGLERESP_free(OCSP_SINGLERESP *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &OCSP_SINGLERESP_it); -} -LCRYPTO_ALIAS(OCSP_SINGLERESP_free); - -static const ASN1_TEMPLATE OCSP_RESPDATA_seq_tt[] = { - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(OCSP_RESPDATA, version), - .field_name = "version", - .item = &ASN1_INTEGER_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(OCSP_RESPDATA, responderId), - .field_name = "responderId", - .item = &OCSP_RESPID_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(OCSP_RESPDATA, producedAt), - .field_name = "producedAt", - .item = &ASN1_GENERALIZEDTIME_it, - }, - { - .flags = ASN1_TFLG_SEQUENCE_OF, - .tag = 0, - .offset = offsetof(OCSP_RESPDATA, responses), - .field_name = "responses", - .item = &OCSP_SINGLERESP_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(OCSP_RESPDATA, responseExtensions), - .field_name = "responseExtensions", - .item = &X509_EXTENSION_it, - }, -}; - -const ASN1_ITEM OCSP_RESPDATA_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = OCSP_RESPDATA_seq_tt, - .tcount = sizeof(OCSP_RESPDATA_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(OCSP_RESPDATA), - .sname = "OCSP_RESPDATA", -}; -LCRYPTO_ALIAS(OCSP_RESPDATA_it); - - -OCSP_RESPDATA * -d2i_OCSP_RESPDATA(OCSP_RESPDATA **a, const unsigned char **in, long len) -{ - return (OCSP_RESPDATA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &OCSP_RESPDATA_it); -} -LCRYPTO_ALIAS(d2i_OCSP_RESPDATA); - -int -i2d_OCSP_RESPDATA(OCSP_RESPDATA *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_RESPDATA_it); -} -LCRYPTO_ALIAS(i2d_OCSP_RESPDATA); - -OCSP_RESPDATA * -OCSP_RESPDATA_new(void) -{ - return (OCSP_RESPDATA *)ASN1_item_new(&OCSP_RESPDATA_it); -} -LCRYPTO_ALIAS(OCSP_RESPDATA_new); - -void -OCSP_RESPDATA_free(OCSP_RESPDATA *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &OCSP_RESPDATA_it); -} -LCRYPTO_ALIAS(OCSP_RESPDATA_free); - -static const ASN1_TEMPLATE OCSP_BASICRESP_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(OCSP_BASICRESP, tbsResponseData), - .field_name = "tbsResponseData", - .item = &OCSP_RESPDATA_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(OCSP_BASICRESP, signatureAlgorithm), - .field_name = "signatureAlgorithm", - .item = &X509_ALGOR_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(OCSP_BASICRESP, signature), - .field_name = "signature", - .item = &ASN1_BIT_STRING_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(OCSP_BASICRESP, certs), - .field_name = "certs", - .item = &X509_it, - }, -}; - -const ASN1_ITEM OCSP_BASICRESP_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = OCSP_BASICRESP_seq_tt, - .tcount = sizeof(OCSP_BASICRESP_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(OCSP_BASICRESP), - .sname = "OCSP_BASICRESP", -}; -LCRYPTO_ALIAS(OCSP_BASICRESP_it); - - -OCSP_BASICRESP * -d2i_OCSP_BASICRESP(OCSP_BASICRESP **a, const unsigned char **in, long len) -{ - return (OCSP_BASICRESP *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &OCSP_BASICRESP_it); -} -LCRYPTO_ALIAS(d2i_OCSP_BASICRESP); - -int -i2d_OCSP_BASICRESP(OCSP_BASICRESP *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_BASICRESP_it); -} -LCRYPTO_ALIAS(i2d_OCSP_BASICRESP); - -OCSP_BASICRESP * -OCSP_BASICRESP_new(void) -{ - return (OCSP_BASICRESP *)ASN1_item_new(&OCSP_BASICRESP_it); -} -LCRYPTO_ALIAS(OCSP_BASICRESP_new); - -void -OCSP_BASICRESP_free(OCSP_BASICRESP *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &OCSP_BASICRESP_it); -} -LCRYPTO_ALIAS(OCSP_BASICRESP_free); - -static const ASN1_TEMPLATE OCSP_CRLID_seq_tt[] = { - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(OCSP_CRLID, crlUrl), - .field_name = "crlUrl", - .item = &ASN1_IA5STRING_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(OCSP_CRLID, crlNum), - .field_name = "crlNum", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 2, - .offset = offsetof(OCSP_CRLID, crlTime), - .field_name = "crlTime", - .item = &ASN1_GENERALIZEDTIME_it, - }, -}; - -const ASN1_ITEM OCSP_CRLID_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = OCSP_CRLID_seq_tt, - .tcount = sizeof(OCSP_CRLID_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(OCSP_CRLID), - .sname = "OCSP_CRLID", -}; -LCRYPTO_ALIAS(OCSP_CRLID_it); - - -OCSP_CRLID * -d2i_OCSP_CRLID(OCSP_CRLID **a, const unsigned char **in, long len) -{ - return (OCSP_CRLID *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &OCSP_CRLID_it); -} -LCRYPTO_ALIAS(d2i_OCSP_CRLID); - -int -i2d_OCSP_CRLID(OCSP_CRLID *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_CRLID_it); -} -LCRYPTO_ALIAS(i2d_OCSP_CRLID); - -OCSP_CRLID * -OCSP_CRLID_new(void) -{ - return (OCSP_CRLID *)ASN1_item_new(&OCSP_CRLID_it); -} -LCRYPTO_ALIAS(OCSP_CRLID_new); - -void -OCSP_CRLID_free(OCSP_CRLID *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &OCSP_CRLID_it); -} -LCRYPTO_ALIAS(OCSP_CRLID_free); - -static const ASN1_TEMPLATE OCSP_SERVICELOC_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(OCSP_SERVICELOC, issuer), - .field_name = "issuer", - .item = &X509_NAME_it, - }, - { - .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(OCSP_SERVICELOC, locator), - .field_name = "locator", - .item = &ACCESS_DESCRIPTION_it, - }, -}; - -const ASN1_ITEM OCSP_SERVICELOC_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = OCSP_SERVICELOC_seq_tt, - .tcount = sizeof(OCSP_SERVICELOC_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(OCSP_SERVICELOC), - .sname = "OCSP_SERVICELOC", -}; -LCRYPTO_ALIAS(OCSP_SERVICELOC_it); - - -OCSP_SERVICELOC * -d2i_OCSP_SERVICELOC(OCSP_SERVICELOC **a, const unsigned char **in, long len) -{ - return (OCSP_SERVICELOC *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &OCSP_SERVICELOC_it); -} -LCRYPTO_ALIAS(d2i_OCSP_SERVICELOC); - -int -i2d_OCSP_SERVICELOC(OCSP_SERVICELOC *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_SERVICELOC_it); -} -LCRYPTO_ALIAS(i2d_OCSP_SERVICELOC); - -OCSP_SERVICELOC * -OCSP_SERVICELOC_new(void) -{ - return (OCSP_SERVICELOC *)ASN1_item_new(&OCSP_SERVICELOC_it); -} -LCRYPTO_ALIAS(OCSP_SERVICELOC_new); - -void -OCSP_SERVICELOC_free(OCSP_SERVICELOC *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &OCSP_SERVICELOC_it); -} -LCRYPTO_ALIAS(OCSP_SERVICELOC_free); diff --git a/src/lib/libcrypto/ocsp/ocsp_cl.c b/src/lib/libcrypto/ocsp/ocsp_cl.c deleted file mode 100644 index d8ee33c391..0000000000 --- a/src/lib/libcrypto/ocsp/ocsp_cl.c +++ /dev/null @@ -1,463 +0,0 @@ -/* $OpenBSD: ocsp_cl.c,v 1.25 2024/03/24 11:30:12 beck Exp $ */ -/* Written by Tom Titchener for the OpenSSL - * project. */ - -/* History: - This file was transfered to Richard Levitte from CertCo by Kathy - Weinhold in mid-spring 2000 to be included in OpenSSL or released - as a patch kit. */ - -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include -#include -#include -#include -#include - -#include "asn1_local.h" -#include "ocsp_local.h" - -/* Utility functions related to sending OCSP requests and extracting - * relevant information from the response. - */ - -/* Add an OCSP_CERTID to an OCSP request. Return new OCSP_ONEREQ - * pointer: useful if we want to add extensions. - */ -OCSP_ONEREQ * -OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid) -{ - OCSP_ONEREQ *one; - - if ((one = OCSP_ONEREQ_new()) == NULL) - goto err; - if (req != NULL) { - if (!sk_OCSP_ONEREQ_push(req->tbsRequest->requestList, one)) - goto err; - } - OCSP_CERTID_free(one->reqCert); - one->reqCert = cid; - return one; - - err: - OCSP_ONEREQ_free(one); - return NULL; -} -LCRYPTO_ALIAS(OCSP_request_add0_id); - -/* Set requestorName from an X509_NAME structure */ -int -OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm) -{ - GENERAL_NAME *gen; - - gen = GENERAL_NAME_new(); - if (gen == NULL) - return 0; - if (!X509_NAME_set(&gen->d.directoryName, nm)) { - GENERAL_NAME_free(gen); - return 0; - } - gen->type = GEN_DIRNAME; - if (req->tbsRequest->requestorName) - GENERAL_NAME_free(req->tbsRequest->requestorName); - req->tbsRequest->requestorName = gen; - return 1; -} -LCRYPTO_ALIAS(OCSP_request_set1_name); - -/* Add a certificate to an OCSP request */ -int -OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert) -{ - OCSP_SIGNATURE *sig; - - if (!req->optionalSignature) - req->optionalSignature = OCSP_SIGNATURE_new(); - sig = req->optionalSignature; - if (!sig) - return 0; - if (!cert) - return 1; - if (!sig->certs && !(sig->certs = sk_X509_new_null())) - return 0; - - if (!sk_X509_push(sig->certs, cert)) - return 0; - X509_up_ref(cert); - return 1; -} -LCRYPTO_ALIAS(OCSP_request_add1_cert); - -/* Sign an OCSP request set the requestorName to the subject - * name of an optional signers certificate and include one - * or more optional certificates in the request. Behaves - * like PKCS7_sign(). - */ -int -OCSP_request_sign(OCSP_REQUEST *req, X509 *signer, EVP_PKEY *key, - const EVP_MD *dgst, STACK_OF(X509) *certs, unsigned long flags) -{ - int i; - OCSP_SIGNATURE *sig; - X509 *x; - - if (!OCSP_request_set1_name(req, X509_get_subject_name(signer))) - goto err; - - if (!(req->optionalSignature = sig = OCSP_SIGNATURE_new())) - goto err; - if (key) { - if (!X509_check_private_key(signer, key)) { - OCSPerror(OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE); - goto err; - } - if (!OCSP_REQUEST_sign(req, key, dgst)) - goto err; - } - - if (!(flags & OCSP_NOCERTS)) { - if (!OCSP_request_add1_cert(req, signer)) - goto err; - for (i = 0; i < sk_X509_num(certs); i++) { - x = sk_X509_value(certs, i); - if (!OCSP_request_add1_cert(req, x)) - goto err; - } - } - - return 1; - -err: - OCSP_SIGNATURE_free(req->optionalSignature); - req->optionalSignature = NULL; - return 0; -} -LCRYPTO_ALIAS(OCSP_request_sign); - -/* Get response status */ -int -OCSP_response_status(OCSP_RESPONSE *resp) -{ - return ASN1_ENUMERATED_get(resp->responseStatus); -} -LCRYPTO_ALIAS(OCSP_response_status); - -/* Extract basic response from OCSP_RESPONSE or NULL if - * no basic response present. - */ -OCSP_BASICRESP * -OCSP_response_get1_basic(OCSP_RESPONSE *resp) -{ - OCSP_RESPBYTES *rb; - - rb = resp->responseBytes; - if (!rb) { - OCSPerror(OCSP_R_NO_RESPONSE_DATA); - return NULL; - } - if (OBJ_obj2nid(rb->responseType) != NID_id_pkix_OCSP_basic) { - OCSPerror(OCSP_R_NOT_BASIC_RESPONSE); - return NULL; - } - - return ASN1_item_unpack(rb->response, &OCSP_BASICRESP_it); -} -LCRYPTO_ALIAS(OCSP_response_get1_basic); - -/* Return number of OCSP_SINGLERESP responses present in - * a basic response. - */ -int -OCSP_resp_count(OCSP_BASICRESP *bs) -{ - if (!bs) - return -1; - return sk_OCSP_SINGLERESP_num(bs->tbsResponseData->responses); -} -LCRYPTO_ALIAS(OCSP_resp_count); - -/* Extract an OCSP_SINGLERESP response with a given index */ -OCSP_SINGLERESP * -OCSP_resp_get0(OCSP_BASICRESP *bs, int idx) -{ - if (!bs) - return NULL; - return sk_OCSP_SINGLERESP_value(bs->tbsResponseData->responses, idx); -} -LCRYPTO_ALIAS(OCSP_resp_get0); - -const ASN1_GENERALIZEDTIME * -OCSP_resp_get0_produced_at(const OCSP_BASICRESP *bs) -{ - return bs->tbsResponseData->producedAt; -} -LCRYPTO_ALIAS(OCSP_resp_get0_produced_at); - -const STACK_OF(X509) * -OCSP_resp_get0_certs(const OCSP_BASICRESP *bs) -{ - return bs->certs; -} -LCRYPTO_ALIAS(OCSP_resp_get0_certs); - -int -OCSP_resp_get0_id(const OCSP_BASICRESP *bs, const ASN1_OCTET_STRING **pid, - const X509_NAME **pname) -{ - const OCSP_RESPID *rid = bs->tbsResponseData->responderId; - - if (rid->type == V_OCSP_RESPID_NAME) { - *pname = rid->value.byName; - *pid = NULL; - } else if (rid->type == V_OCSP_RESPID_KEY) { - *pid = rid->value.byKey; - *pname = NULL; - } else { - return 0; - } - - return 1; -} -LCRYPTO_ALIAS(OCSP_resp_get0_id); - -const ASN1_OCTET_STRING * -OCSP_resp_get0_signature(const OCSP_BASICRESP *bs) -{ - return bs->signature; -} -LCRYPTO_ALIAS(OCSP_resp_get0_signature); - -const X509_ALGOR * -OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs) -{ - return bs->signatureAlgorithm; -} -LCRYPTO_ALIAS(OCSP_resp_get0_tbs_sigalg); - -const OCSP_RESPDATA * -OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs) -{ - return bs->tbsResponseData; -} -LCRYPTO_ALIAS(OCSP_resp_get0_respdata); - -/* Look single response matching a given certificate ID */ -int -OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last) -{ - int i; - STACK_OF(OCSP_SINGLERESP) *sresp; - OCSP_SINGLERESP *single; - - if (!bs) - return -1; - if (last < 0) - last = 0; - else - last++; - sresp = bs->tbsResponseData->responses; - for (i = last; i < sk_OCSP_SINGLERESP_num(sresp); i++) { - single = sk_OCSP_SINGLERESP_value(sresp, i); - if (!OCSP_id_cmp(id, single->certId)) - return i; - } - return -1; -} -LCRYPTO_ALIAS(OCSP_resp_find); - -/* Extract status information from an OCSP_SINGLERESP structure. - * Note: the revtime and reason values are only set if the - * certificate status is revoked. Returns numerical value of - * status. - */ -int -OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason, - ASN1_GENERALIZEDTIME **revtime, ASN1_GENERALIZEDTIME **thisupd, - ASN1_GENERALIZEDTIME **nextupd) -{ - int ret; - OCSP_CERTSTATUS *cst; - - if (!single) - return -1; - cst = single->certStatus; - ret = cst->type; - if (ret == V_OCSP_CERTSTATUS_REVOKED) { - OCSP_REVOKEDINFO *rev = cst->value.revoked; - - if (revtime) - *revtime = rev->revocationTime; - if (reason) { - if (rev->revocationReason) - *reason = ASN1_ENUMERATED_get( - rev->revocationReason); - else - *reason = -1; - } - } - if (thisupd) - *thisupd = single->thisUpdate; - if (nextupd) - *nextupd = single->nextUpdate; - return ret; -} -LCRYPTO_ALIAS(OCSP_single_get0_status); - -/* This function combines the previous ones: look up a certificate ID and - * if found extract status information. Return 0 is successful. - */ -int -OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status, - int *reason, ASN1_GENERALIZEDTIME **revtime, ASN1_GENERALIZEDTIME **thisupd, - ASN1_GENERALIZEDTIME **nextupd) -{ - int i; - OCSP_SINGLERESP *single; - - i = OCSP_resp_find(bs, id, -1); - /* Maybe check for multiple responses and give an error? */ - if (i < 0) - return 0; - single = OCSP_resp_get0(bs, i); - i = OCSP_single_get0_status(single, reason, revtime, thisupd, nextupd); - if (status) - *status = i; - return 1; -} -LCRYPTO_ALIAS(OCSP_resp_find_status); - -/* Check validity of thisUpdate and nextUpdate fields. It is possible that the request will - * take a few seconds to process and/or the time wont be totally accurate. Therefore to avoid - * rejecting otherwise valid time we allow the times to be within 'nsec' of the current time. - * Also to avoid accepting very old responses without a nextUpdate field an optional maxage - * parameter specifies the maximum age the thisUpdate field can be. - */ -int -OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd, - ASN1_GENERALIZEDTIME *nextupd, long nsec, long maxsec) -{ - int64_t posix_next, posix_this, posix_now; - struct tm tm_this, tm_next; - - /* Negative values of nsec make no sense */ - if (nsec < 0) - return 0; - - posix_now = time(NULL); - - /* - * Times must explicitly be a GENERALIZEDTIME as per section - * 4.2.2.1 of RFC 6960 - It is invalid to accept other times - * (such as UTCTIME permitted/required by RFC 5280 for certificates) - */ - /* Check that thisUpdate is valid. */ - if (ASN1_time_parse(thisupd->data, thisupd->length, &tm_this, - V_ASN1_GENERALIZEDTIME) != V_ASN1_GENERALIZEDTIME) { - OCSPerror(OCSP_R_ERROR_IN_THISUPDATE_FIELD); - return 0; - } - if (!OPENSSL_tm_to_posix(&tm_this, &posix_this)) - return 0; - /* thisUpdate must not be more than nsec in the future. */ - if (posix_this - nsec > posix_now) { - OCSPerror(OCSP_R_STATUS_NOT_YET_VALID); - return 0; - } - /* thisUpdate must not be more than maxsec seconds in the past. */ - if (maxsec >= 0 && posix_this < posix_now - maxsec) { - OCSPerror(OCSP_R_STATUS_TOO_OLD); - return 0; - } - - /* RFC 6960 section 4.2.2.1 allows for servers to not set nextUpdate */ - if (nextupd == NULL) - return 1; - - /* Check that nextUpdate is valid. */ - if (ASN1_time_parse(nextupd->data, nextupd->length, &tm_next, - V_ASN1_GENERALIZEDTIME) != V_ASN1_GENERALIZEDTIME) { - OCSPerror(OCSP_R_ERROR_IN_NEXTUPDATE_FIELD); - return 0; - } - if (!OPENSSL_tm_to_posix(&tm_next, &posix_next)) - return 0; - /* Don't allow nextUpdate to precede thisUpdate. */ - if (posix_next < posix_this) { - OCSPerror(OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE); - return 0; - } - /* nextUpdate must not be more than nsec seconds in the past. */ - if (posix_next + nsec < posix_now) { - OCSPerror(OCSP_R_STATUS_EXPIRED); - return 0; - } - - return 1; -} -LCRYPTO_ALIAS(OCSP_check_validity); - -const OCSP_CERTID * -OCSP_SINGLERESP_get0_id(const OCSP_SINGLERESP *single) -{ - return single->certId; -} -LCRYPTO_ALIAS(OCSP_SINGLERESP_get0_id); diff --git a/src/lib/libcrypto/ocsp/ocsp_err.c b/src/lib/libcrypto/ocsp/ocsp_err.c deleted file mode 100644 index ca8f8f22b2..0000000000 --- a/src/lib/libcrypto/ocsp/ocsp_err.c +++ /dev/null @@ -1,121 +0,0 @@ -/* $OpenBSD: ocsp_err.c,v 1.11 2024/06/24 06:43:22 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include - -#include "err_local.h" - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_OCSP,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_OCSP,0,reason) - -static const ERR_STRING_DATA OCSP_str_functs[] = { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static const ERR_STRING_DATA OCSP_str_reasons[] = { - {ERR_REASON(OCSP_R_BAD_DATA) , "bad data"}, - {ERR_REASON(OCSP_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error"}, - {ERR_REASON(OCSP_R_DIGEST_ERR) , "digest err"}, - {ERR_REASON(OCSP_R_ERROR_IN_NEXTUPDATE_FIELD), "error in nextupdate field"}, - {ERR_REASON(OCSP_R_ERROR_IN_THISUPDATE_FIELD), "error in thisupdate field"}, - {ERR_REASON(OCSP_R_ERROR_PARSING_URL) , "error parsing url"}, - {ERR_REASON(OCSP_R_MISSING_OCSPSIGNING_USAGE), "missing ocspsigning usage"}, - {ERR_REASON(OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE), "nextupdate before thisupdate"}, - {ERR_REASON(OCSP_R_NOT_BASIC_RESPONSE) , "not basic response"}, - {ERR_REASON(OCSP_R_NO_CERTIFICATES_IN_CHAIN), "no certificates in chain"}, - {ERR_REASON(OCSP_R_NO_CONTENT) , "no content"}, - {ERR_REASON(OCSP_R_NO_PUBLIC_KEY) , "no public key"}, - {ERR_REASON(OCSP_R_NO_RESPONSE_DATA) , "no response data"}, - {ERR_REASON(OCSP_R_NO_REVOKED_TIME) , "no revoked time"}, - {ERR_REASON(OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE), "private key does not match certificate"}, - {ERR_REASON(OCSP_R_REQUEST_NOT_SIGNED) , "request not signed"}, - {ERR_REASON(OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA), "response contains no revocation data"}, - {ERR_REASON(OCSP_R_ROOT_CA_NOT_TRUSTED) , "root ca not trusted"}, - {ERR_REASON(OCSP_R_SERVER_READ_ERROR) , "server read error"}, - {ERR_REASON(OCSP_R_SERVER_RESPONSE_ERROR), "server response error"}, - {ERR_REASON(OCSP_R_SERVER_RESPONSE_PARSE_ERROR), "server response parse error"}, - {ERR_REASON(OCSP_R_SERVER_WRITE_ERROR) , "server write error"}, - {ERR_REASON(OCSP_R_SIGNATURE_FAILURE) , "signature failure"}, - {ERR_REASON(OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND), "signer certificate not found"}, - {ERR_REASON(OCSP_R_STATUS_EXPIRED) , "status expired"}, - {ERR_REASON(OCSP_R_STATUS_NOT_YET_VALID) , "status not yet valid"}, - {ERR_REASON(OCSP_R_STATUS_TOO_OLD) , "status too old"}, - {ERR_REASON(OCSP_R_UNKNOWN_MESSAGE_DIGEST), "unknown message digest"}, - {ERR_REASON(OCSP_R_UNKNOWN_NID) , "unknown nid"}, - {ERR_REASON(OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE), "unsupported requestorname type"}, - {0, NULL} -}; - -#endif - -void -ERR_load_OCSP_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(OCSP_str_functs[0].error) == NULL) { - ERR_load_const_strings(OCSP_str_functs); - ERR_load_const_strings(OCSP_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_OCSP_strings); diff --git a/src/lib/libcrypto/ocsp/ocsp_ext.c b/src/lib/libcrypto/ocsp/ocsp_ext.c deleted file mode 100644 index 9f8cb74b6a..0000000000 --- a/src/lib/libcrypto/ocsp/ocsp_ext.c +++ /dev/null @@ -1,612 +0,0 @@ -/* $OpenBSD: ocsp_ext.c,v 1.23 2023/07/08 10:44:00 beck Exp $ */ -/* Written by Tom Titchener for the OpenSSL - * project. */ - -/* History: - This file was transfered to Richard Levitte from CertCo by Kathy - Weinhold in mid-spring 2000 to be included in OpenSSL or released - as a patch kit. */ - -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include - -#include -#include -#include -#include - -#include "ocsp_local.h" -#include "x509_local.h" - -/* Standard wrapper functions for extensions */ - -/* OCSP request extensions */ - -int -OCSP_REQUEST_get_ext_count(OCSP_REQUEST *x) -{ - return X509v3_get_ext_count(x->tbsRequest->requestExtensions); -} -LCRYPTO_ALIAS(OCSP_REQUEST_get_ext_count); - -int -OCSP_REQUEST_get_ext_by_NID(OCSP_REQUEST *x, int nid, int lastpos) -{ - return X509v3_get_ext_by_NID(x->tbsRequest->requestExtensions, nid, - lastpos); -} -LCRYPTO_ALIAS(OCSP_REQUEST_get_ext_by_NID); - -int -OCSP_REQUEST_get_ext_by_OBJ(OCSP_REQUEST *x, const ASN1_OBJECT *obj, - int lastpos) -{ - return X509v3_get_ext_by_OBJ(x->tbsRequest->requestExtensions, obj, - lastpos); -} -LCRYPTO_ALIAS(OCSP_REQUEST_get_ext_by_OBJ); - -int -OCSP_REQUEST_get_ext_by_critical(OCSP_REQUEST *x, int crit, int lastpos) -{ - return X509v3_get_ext_by_critical(x->tbsRequest->requestExtensions, - crit, lastpos); -} -LCRYPTO_ALIAS(OCSP_REQUEST_get_ext_by_critical); - -X509_EXTENSION * -OCSP_REQUEST_get_ext(OCSP_REQUEST *x, int loc) -{ - return X509v3_get_ext(x->tbsRequest->requestExtensions, loc); -} -LCRYPTO_ALIAS(OCSP_REQUEST_get_ext); - -X509_EXTENSION * -OCSP_REQUEST_delete_ext(OCSP_REQUEST *x, int loc) -{ - return X509v3_delete_ext(x->tbsRequest->requestExtensions, loc); -} -LCRYPTO_ALIAS(OCSP_REQUEST_delete_ext); - -void * -OCSP_REQUEST_get1_ext_d2i(OCSP_REQUEST *x, int nid, int *crit, int *idx) -{ - return X509V3_get_d2i(x->tbsRequest->requestExtensions, nid, crit, idx); -} -LCRYPTO_ALIAS(OCSP_REQUEST_get1_ext_d2i); - -int -OCSP_REQUEST_add1_ext_i2d(OCSP_REQUEST *x, int nid, void *value, int crit, - unsigned long flags) -{ - return X509V3_add1_i2d(&x->tbsRequest->requestExtensions, nid, value, - crit, flags); -} -LCRYPTO_ALIAS(OCSP_REQUEST_add1_ext_i2d); - -int -OCSP_REQUEST_add_ext(OCSP_REQUEST *x, X509_EXTENSION *ex, int loc) -{ - return X509v3_add_ext(&(x->tbsRequest->requestExtensions), ex, - loc) != NULL; -} -LCRYPTO_ALIAS(OCSP_REQUEST_add_ext); - -/* Single extensions */ - -int -OCSP_ONEREQ_get_ext_count(OCSP_ONEREQ *x) -{ - return X509v3_get_ext_count(x->singleRequestExtensions); -} -LCRYPTO_ALIAS(OCSP_ONEREQ_get_ext_count); - -int -OCSP_ONEREQ_get_ext_by_NID(OCSP_ONEREQ *x, int nid, int lastpos) -{ - return X509v3_get_ext_by_NID(x->singleRequestExtensions, nid, lastpos); -} -LCRYPTO_ALIAS(OCSP_ONEREQ_get_ext_by_NID); - -int -OCSP_ONEREQ_get_ext_by_OBJ(OCSP_ONEREQ *x, const ASN1_OBJECT *obj, int lastpos) -{ - return X509v3_get_ext_by_OBJ(x->singleRequestExtensions, obj, lastpos); -} -LCRYPTO_ALIAS(OCSP_ONEREQ_get_ext_by_OBJ); - -int -OCSP_ONEREQ_get_ext_by_critical(OCSP_ONEREQ *x, int crit, int lastpos) -{ - return X509v3_get_ext_by_critical(x->singleRequestExtensions, crit, - lastpos); -} -LCRYPTO_ALIAS(OCSP_ONEREQ_get_ext_by_critical); - -X509_EXTENSION * -OCSP_ONEREQ_get_ext(OCSP_ONEREQ *x, int loc) -{ - return X509v3_get_ext(x->singleRequestExtensions, loc); -} -LCRYPTO_ALIAS(OCSP_ONEREQ_get_ext); - -X509_EXTENSION * -OCSP_ONEREQ_delete_ext(OCSP_ONEREQ *x, int loc) -{ - return X509v3_delete_ext(x->singleRequestExtensions, loc); -} -LCRYPTO_ALIAS(OCSP_ONEREQ_delete_ext); - -void * -OCSP_ONEREQ_get1_ext_d2i(OCSP_ONEREQ *x, int nid, int *crit, int *idx) -{ - return X509V3_get_d2i(x->singleRequestExtensions, nid, crit, idx); -} -LCRYPTO_ALIAS(OCSP_ONEREQ_get1_ext_d2i); - -int -OCSP_ONEREQ_add1_ext_i2d(OCSP_ONEREQ *x, int nid, void *value, int crit, - unsigned long flags) -{ - return X509V3_add1_i2d(&x->singleRequestExtensions, nid, value, crit, - flags); -} -LCRYPTO_ALIAS(OCSP_ONEREQ_add1_ext_i2d); - -int -OCSP_ONEREQ_add_ext(OCSP_ONEREQ *x, X509_EXTENSION *ex, int loc) -{ - return X509v3_add_ext(&(x->singleRequestExtensions), ex, loc) != NULL; -} -LCRYPTO_ALIAS(OCSP_ONEREQ_add_ext); - -/* OCSP Basic response */ - -int -OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *x) -{ - return X509v3_get_ext_count(x->tbsResponseData->responseExtensions); -} -LCRYPTO_ALIAS(OCSP_BASICRESP_get_ext_count); - -int -OCSP_BASICRESP_get_ext_by_NID(OCSP_BASICRESP *x, int nid, int lastpos) -{ - return X509v3_get_ext_by_NID(x->tbsResponseData->responseExtensions, - nid, lastpos); -} -LCRYPTO_ALIAS(OCSP_BASICRESP_get_ext_by_NID); - -int -OCSP_BASICRESP_get_ext_by_OBJ(OCSP_BASICRESP *x, const ASN1_OBJECT *obj, - int lastpos) -{ - return X509v3_get_ext_by_OBJ(x->tbsResponseData->responseExtensions, - obj, lastpos); -} -LCRYPTO_ALIAS(OCSP_BASICRESP_get_ext_by_OBJ); - -int -OCSP_BASICRESP_get_ext_by_critical(OCSP_BASICRESP *x, int crit, int lastpos) -{ - return X509v3_get_ext_by_critical( - x->tbsResponseData->responseExtensions, crit, lastpos); -} -LCRYPTO_ALIAS(OCSP_BASICRESP_get_ext_by_critical); - -X509_EXTENSION * -OCSP_BASICRESP_get_ext(OCSP_BASICRESP *x, int loc) -{ - return X509v3_get_ext(x->tbsResponseData->responseExtensions, loc); -} -LCRYPTO_ALIAS(OCSP_BASICRESP_get_ext); - -X509_EXTENSION * -OCSP_BASICRESP_delete_ext(OCSP_BASICRESP *x, int loc) -{ - return X509v3_delete_ext(x->tbsResponseData->responseExtensions, loc); -} -LCRYPTO_ALIAS(OCSP_BASICRESP_delete_ext); - -void * -OCSP_BASICRESP_get1_ext_d2i(OCSP_BASICRESP *x, int nid, int *crit, int *idx) -{ - return X509V3_get_d2i(x->tbsResponseData->responseExtensions, nid, - crit, idx); -} -LCRYPTO_ALIAS(OCSP_BASICRESP_get1_ext_d2i); - -int -OCSP_BASICRESP_add1_ext_i2d(OCSP_BASICRESP *x, int nid, void *value, int crit, - unsigned long flags) -{ - return X509V3_add1_i2d(&x->tbsResponseData->responseExtensions, nid, - value, crit, flags); -} -LCRYPTO_ALIAS(OCSP_BASICRESP_add1_ext_i2d); - -int -OCSP_BASICRESP_add_ext(OCSP_BASICRESP *x, X509_EXTENSION *ex, int loc) -{ - return X509v3_add_ext(&(x->tbsResponseData->responseExtensions), ex, - loc) != NULL; -} -LCRYPTO_ALIAS(OCSP_BASICRESP_add_ext); - -/* OCSP single response extensions */ - -int -OCSP_SINGLERESP_get_ext_count(OCSP_SINGLERESP *x) -{ - return X509v3_get_ext_count(x->singleExtensions); -} -LCRYPTO_ALIAS(OCSP_SINGLERESP_get_ext_count); - -int -OCSP_SINGLERESP_get_ext_by_NID(OCSP_SINGLERESP *x, int nid, int lastpos) -{ - return X509v3_get_ext_by_NID(x->singleExtensions, nid, lastpos); -} -LCRYPTO_ALIAS(OCSP_SINGLERESP_get_ext_by_NID); - -int -OCSP_SINGLERESP_get_ext_by_OBJ(OCSP_SINGLERESP *x, const ASN1_OBJECT *obj, - int lastpos) -{ - return X509v3_get_ext_by_OBJ(x->singleExtensions, obj, lastpos); -} -LCRYPTO_ALIAS(OCSP_SINGLERESP_get_ext_by_OBJ); - -int -OCSP_SINGLERESP_get_ext_by_critical(OCSP_SINGLERESP *x, int crit, int lastpos) -{ - return X509v3_get_ext_by_critical(x->singleExtensions, crit, lastpos); -} -LCRYPTO_ALIAS(OCSP_SINGLERESP_get_ext_by_critical); - -X509_EXTENSION * -OCSP_SINGLERESP_get_ext(OCSP_SINGLERESP *x, int loc) -{ - return X509v3_get_ext(x->singleExtensions, loc); -} -LCRYPTO_ALIAS(OCSP_SINGLERESP_get_ext); - -X509_EXTENSION * -OCSP_SINGLERESP_delete_ext(OCSP_SINGLERESP *x, int loc) -{ - return X509v3_delete_ext(x->singleExtensions, loc); -} -LCRYPTO_ALIAS(OCSP_SINGLERESP_delete_ext); - -void * -OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP *x, int nid, int *crit, int *idx) -{ - return X509V3_get_d2i(x->singleExtensions, nid, crit, idx); -} -LCRYPTO_ALIAS(OCSP_SINGLERESP_get1_ext_d2i); - -int -OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value, int crit, - unsigned long flags) -{ - return X509V3_add1_i2d(&x->singleExtensions, nid, value, crit, flags); -} -LCRYPTO_ALIAS(OCSP_SINGLERESP_add1_ext_i2d); - -int -OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc) -{ - return X509v3_add_ext(&(x->singleExtensions), ex, loc) != NULL; -} -LCRYPTO_ALIAS(OCSP_SINGLERESP_add_ext); - -/* Nonce handling functions */ - -/* Add a nonce to an extension stack. A nonce can be specified or if NULL - * a random nonce will be generated. - * Note: OpenSSL 0.9.7d and later create an OCTET STRING containing the - * nonce, previous versions used the raw nonce. - */ - -static int -ocsp_add1_nonce(STACK_OF(X509_EXTENSION) **exts, unsigned char *val, int len) -{ - unsigned char *tmpval; - ASN1_OCTET_STRING os; - int ret = 0; - - if (len <= 0) - len = OCSP_DEFAULT_NONCE_LENGTH; - /* Create the OCTET STRING manually by writing out the header and - * appending the content octets. This avoids an extra memory allocation - * operation in some cases. Applications should *NOT* do this because - * it relies on library internals. - */ - os.length = ASN1_object_size(0, len, V_ASN1_OCTET_STRING); - os.data = malloc(os.length); - if (os.data == NULL) - goto err; - tmpval = os.data; - ASN1_put_object(&tmpval, 0, len, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL); - if (val) - memcpy(tmpval, val, len); - else - arc4random_buf(tmpval, len); - if (!X509V3_add1_i2d(exts, NID_id_pkix_OCSP_Nonce, &os, 0, - X509V3_ADD_REPLACE)) - goto err; - ret = 1; - -err: - free(os.data); - return ret; -} - -/* Add nonce to an OCSP request */ -int -OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len) -{ - return ocsp_add1_nonce(&req->tbsRequest->requestExtensions, val, len); -} -LCRYPTO_ALIAS(OCSP_request_add1_nonce); - -/* Same as above but for a response */ -int -OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len) -{ - return ocsp_add1_nonce(&resp->tbsResponseData->responseExtensions, val, - len); -} -LCRYPTO_ALIAS(OCSP_basic_add1_nonce); - -/* Check nonce validity in a request and response. - * Return value reflects result: - * 1: nonces present and equal. - * 2: nonces both absent. - * 3: nonce present in response only. - * 0: nonces both present and not equal. - * -1: nonce in request only. - * - * For most responders clients can check return > 0. - * If responder doesn't handle nonces return != 0 may be - * necessary. return == 0 is always an error. - */ -int -OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs) -{ - /* - * Since we are only interested in the presence or absence of - * the nonce and comparing its value there is no need to use - * the X509V3 routines: this way we can avoid them allocating an - * ASN1_OCTET_STRING structure for the value which would be - * freed immediately anyway. - */ - int req_idx, resp_idx; - X509_EXTENSION *req_ext, *resp_ext; - - req_idx = OCSP_REQUEST_get_ext_by_NID(req, NID_id_pkix_OCSP_Nonce, -1); - resp_idx = OCSP_BASICRESP_get_ext_by_NID(bs, - NID_id_pkix_OCSP_Nonce, -1); - /* Check both absent */ - if (req_idx < 0 && resp_idx < 0) - return 2; - /* Check in request only */ - if (req_idx >= 0 && resp_idx < 0) - return -1; - /* Check in response but not request */ - if (req_idx < 0 && resp_idx >= 0) - return 3; - /* Otherwise nonce in request and response so retrieve the extensions */ - req_ext = OCSP_REQUEST_get_ext(req, req_idx); - resp_ext = OCSP_BASICRESP_get_ext(bs, resp_idx); - if (ASN1_OCTET_STRING_cmp(req_ext->value, resp_ext->value)) - return 0; - return 1; -} -LCRYPTO_ALIAS(OCSP_check_nonce); - -/* Copy the nonce value (if any) from an OCSP request to - * a response. - */ -int -OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req) -{ - X509_EXTENSION *req_ext; - int req_idx; - - /* Check for nonce in request */ - req_idx = OCSP_REQUEST_get_ext_by_NID(req, NID_id_pkix_OCSP_Nonce, -1); - /* If no nonce that's OK */ - if (req_idx < 0) - return 2; - req_ext = OCSP_REQUEST_get_ext(req, req_idx); - return OCSP_BASICRESP_add_ext(resp, req_ext, -1); -} -LCRYPTO_ALIAS(OCSP_copy_nonce); - -X509_EXTENSION * -OCSP_crlID_new(const char *url, long *n, char *tim) -{ - X509_EXTENSION *x = NULL; - OCSP_CRLID *cid = NULL; - - if (!(cid = OCSP_CRLID_new())) - goto err; - if (url) { - if (!(cid->crlUrl = ASN1_IA5STRING_new())) - goto err; - if (!(ASN1_STRING_set(cid->crlUrl, url, -1))) - goto err; - } - if (n) { - if (!(cid->crlNum = ASN1_INTEGER_new())) - goto err; - if (!(ASN1_INTEGER_set(cid->crlNum, *n))) - goto err; - } - if (tim) { - if (!(cid->crlTime = ASN1_GENERALIZEDTIME_new())) - goto err; - if (!(ASN1_GENERALIZEDTIME_set_string(cid->crlTime, tim))) - goto err; - } - x = X509V3_EXT_i2d(NID_id_pkix_OCSP_CrlID, 0, cid); - -err: - if (cid) - OCSP_CRLID_free(cid); - return x; -} -LCRYPTO_ALIAS(OCSP_crlID_new); - -/* AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER */ -X509_EXTENSION * -OCSP_accept_responses_new(char **oids) -{ - int nid; - STACK_OF(ASN1_OBJECT) *sk = NULL; - ASN1_OBJECT *o = NULL; - X509_EXTENSION *x = NULL; - - if (!(sk = sk_ASN1_OBJECT_new_null())) - return NULL; - while (oids && *oids) { - if ((nid = OBJ_txt2nid(*oids)) != NID_undef && - (o = OBJ_nid2obj(nid))) - if (sk_ASN1_OBJECT_push(sk, o) == 0) { - sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free); - return NULL; - } - oids++; - } - x = X509V3_EXT_i2d(NID_id_pkix_OCSP_acceptableResponses, 0, sk); - sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free); - return x; -} -LCRYPTO_ALIAS(OCSP_accept_responses_new); - -/* ArchiveCutoff ::= GeneralizedTime */ -X509_EXTENSION * -OCSP_archive_cutoff_new(char* tim) -{ - X509_EXTENSION *x = NULL; - ASN1_GENERALIZEDTIME *gt = NULL; - - if (!(gt = ASN1_GENERALIZEDTIME_new())) - return NULL; - if (!(ASN1_GENERALIZEDTIME_set_string(gt, tim))) - goto err; - x = X509V3_EXT_i2d(NID_id_pkix_OCSP_archiveCutoff, 0, gt); - -err: - if (gt) - ASN1_GENERALIZEDTIME_free(gt); - return x; -} -LCRYPTO_ALIAS(OCSP_archive_cutoff_new); - -/* per ACCESS_DESCRIPTION parameter are oids, of which there are currently - * two--NID_ad_ocsp, NID_id_ad_caIssuers--and GeneralName value. This - * method forces NID_ad_ocsp and uniformResourceLocator [6] IA5String. - */ -X509_EXTENSION * -OCSP_url_svcloc_new(X509_NAME* issuer, const char **urls) -{ - X509_EXTENSION *x = NULL; - ASN1_IA5STRING *ia5 = NULL; - OCSP_SERVICELOC *sloc = NULL; - ACCESS_DESCRIPTION *ad = NULL; - - if (!(sloc = OCSP_SERVICELOC_new())) - goto err; - if (!(sloc->issuer = X509_NAME_dup(issuer))) - goto err; - if (urls && *urls && - !(sloc->locator = sk_ACCESS_DESCRIPTION_new_null())) - goto err; - while (urls && *urls) { - if (!(ad = ACCESS_DESCRIPTION_new())) - goto err; - if (!(ad->method = OBJ_nid2obj(NID_ad_OCSP))) - goto err; - if (!(ad->location = GENERAL_NAME_new())) - goto err; - if (!(ia5 = ASN1_IA5STRING_new())) - goto err; - if (!ASN1_STRING_set((ASN1_STRING*)ia5, *urls, -1)) - goto err; - ad->location->type = GEN_URI; - ad->location->d.ia5 = ia5; - ia5 = NULL; - if (!sk_ACCESS_DESCRIPTION_push(sloc->locator, ad)) - goto err; - ad = NULL; - urls++; - } - x = X509V3_EXT_i2d(NID_id_pkix_OCSP_serviceLocator, 0, sloc); - -err: - if (ia5) - ASN1_IA5STRING_free(ia5); - if (ad) - ACCESS_DESCRIPTION_free(ad); - if (sloc) - OCSP_SERVICELOC_free(sloc); - return x; -} -LCRYPTO_ALIAS(OCSP_url_svcloc_new); diff --git a/src/lib/libcrypto/ocsp/ocsp_ht.c b/src/lib/libcrypto/ocsp/ocsp_ht.c deleted file mode 100644 index 69723c2154..0000000000 --- a/src/lib/libcrypto/ocsp/ocsp_ht.c +++ /dev/null @@ -1,469 +0,0 @@ -/* $OpenBSD: ocsp_ht.c,v 1.27 2023/11/28 09:29:20 jsg Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2006. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include -#include -#include -#include -#include - -/* Stateful OCSP request code, supporting non-blocking I/O */ - -/* Opaque OCSP request status structure */ - -struct ocsp_req_ctx_st { - int state; /* Current I/O state */ - unsigned char *iobuf; /* Line buffer */ - int iobuflen; /* Line buffer length */ - BIO *io; /* BIO to perform I/O with */ - BIO *mem; /* Memory BIO response is built into */ - unsigned long asn1_len; /* ASN1 length of response */ -}; - -#define OCSP_MAX_REQUEST_LENGTH (100 * 1024) -#define OCSP_MAX_LINE_LEN 4096; - -/* OCSP states */ - -/* If set no reading should be performed */ -#define OHS_NOREAD 0x1000 -/* Error condition */ -#define OHS_ERROR (0 | OHS_NOREAD) -/* First line being read */ -#define OHS_FIRSTLINE 1 -/* MIME headers being read */ -#define OHS_HEADERS 2 -/* OCSP initial header (tag + length) being read */ -#define OHS_ASN1_HEADER 3 -/* OCSP content octets being read */ -#define OHS_ASN1_CONTENT 4 -/* Request being sent */ -#define OHS_ASN1_WRITE (6 | OHS_NOREAD) -/* Request being flushed */ -#define OHS_ASN1_FLUSH (7 | OHS_NOREAD) -/* Completed */ -#define OHS_DONE (8 | OHS_NOREAD) - - -static int parse_http_line1(char *line); - -void -OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx) -{ - if (rctx == NULL) - return; - - BIO_free(rctx->mem); - free(rctx->iobuf); - free(rctx); -} -LCRYPTO_ALIAS(OCSP_REQ_CTX_free); - -int -OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req) -{ - if (BIO_printf(rctx->mem, "Content-Type: application/ocsp-request\r\n" - "Content-Length: %d\r\n\r\n", i2d_OCSP_REQUEST(req, NULL)) <= 0) - return 0; - if (i2d_OCSP_REQUEST_bio(rctx->mem, req) <= 0) - return 0; - rctx->state = OHS_ASN1_WRITE; - rctx->asn1_len = BIO_get_mem_data(rctx->mem, NULL); - return 1; -} -LCRYPTO_ALIAS(OCSP_REQ_CTX_set1_req); - -int -OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx, const char *name, - const char *value) -{ - if (!name) - return 0; - if (BIO_puts(rctx->mem, name) <= 0) - return 0; - if (value) { - if (BIO_write(rctx->mem, ": ", 2) != 2) - return 0; - if (BIO_puts(rctx->mem, value) <= 0) - return 0; - } - if (BIO_write(rctx->mem, "\r\n", 2) != 2) - return 0; - return 1; -} -LCRYPTO_ALIAS(OCSP_REQ_CTX_add1_header); - -OCSP_REQ_CTX * -OCSP_sendreq_new(BIO *io, const char *path, OCSP_REQUEST *req, int maxline) -{ - OCSP_REQ_CTX *rctx; - - rctx = malloc(sizeof(OCSP_REQ_CTX)); - if (rctx == NULL) - return NULL; - rctx->state = OHS_ERROR; - if ((rctx->mem = BIO_new(BIO_s_mem())) == NULL) { - free(rctx); - return NULL; - } - rctx->io = io; - rctx->asn1_len = 0; - if (maxline > 0) - rctx->iobuflen = maxline; - else - rctx->iobuflen = OCSP_MAX_LINE_LEN; - rctx->iobuf = malloc(rctx->iobuflen); - if (!rctx->iobuf) { - BIO_free(rctx->mem); - free(rctx); - return NULL; - } - if (!path) - path = "/"; - - if (BIO_printf(rctx->mem, "POST %s HTTP/1.0\r\n", path) <= 0) { - free(rctx->iobuf); - BIO_free(rctx->mem); - free(rctx); - return NULL; - } - - if (req && !OCSP_REQ_CTX_set1_req(rctx, req)) { - free(rctx->iobuf); - BIO_free(rctx->mem); - free(rctx); - return NULL; - } - - return rctx; -} -LCRYPTO_ALIAS(OCSP_sendreq_new); - -/* Parse the HTTP response. This will look like this: - * "HTTP/1.0 200 OK". We need to obtain the numeric code and - * (optional) informational message. - */ -static int -parse_http_line1(char *line) -{ - int retcode; - char *p, *q, *r; - - /* Skip to first white space (passed protocol info) */ - for (p = line; *p && !isspace((unsigned char)*p); p++) - continue; - if (!*p) { - OCSPerror(OCSP_R_SERVER_RESPONSE_PARSE_ERROR); - return 0; - } - - /* Skip past white space to start of response code */ - while (*p && isspace((unsigned char)*p)) - p++; - if (!*p) { - OCSPerror(OCSP_R_SERVER_RESPONSE_PARSE_ERROR); - return 0; - } - - /* Find end of response code: first whitespace after start of code */ - for (q = p; *q && !isspace((unsigned char)*q); q++) - continue; - if (!*q) { - OCSPerror(OCSP_R_SERVER_RESPONSE_PARSE_ERROR); - return 0; - } - - /* Set end of response code and start of message */ - *q++ = 0; - - /* Attempt to parse numeric code */ - retcode = strtoul(p, &r, 10); - - if (*r) - return 0; - - /* Skip over any leading white space in message */ - while (*q && isspace((unsigned char)*q)) - q++; - if (*q) { - /* Finally zap any trailing white space in message (include - * CRLF) */ - - /* We know q has a non white space character so this is OK */ - for (r = q + strlen(q) - 1; isspace((unsigned char)*r); r--) - *r = 0; - } - if (retcode != 200) { - OCSPerror(OCSP_R_SERVER_RESPONSE_ERROR); - if (!*q) - ERR_asprintf_error_data("Code=%s", p); - else - ERR_asprintf_error_data("Code=%s,Reason=%s", p, q); - return 0; - } - - return 1; -} - -int -OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx) -{ - int i, n; - const unsigned char *p; - -next_io: - if (!(rctx->state & OHS_NOREAD)) { - n = BIO_read(rctx->io, rctx->iobuf, rctx->iobuflen); - - if (n <= 0) { - if (BIO_should_retry(rctx->io)) - return -1; - return 0; - } - - /* Write data to memory BIO */ - if (BIO_write(rctx->mem, rctx->iobuf, n) != n) - return 0; - } - - switch (rctx->state) { - case OHS_ASN1_WRITE: - n = BIO_get_mem_data(rctx->mem, &p); - i = BIO_write(rctx->io, - p + (n - rctx->asn1_len), rctx->asn1_len); - if (i <= 0) { - if (BIO_should_retry(rctx->io)) - return -1; - rctx->state = OHS_ERROR; - return 0; - } - - rctx->asn1_len -= i; - if (rctx->asn1_len > 0) - goto next_io; - - rctx->state = OHS_ASN1_FLUSH; - - (void)BIO_reset(rctx->mem); - /* FALLTHROUGH */ - - case OHS_ASN1_FLUSH: - i = BIO_flush(rctx->io); - if (i > 0) { - rctx->state = OHS_FIRSTLINE; - goto next_io; - } - - if (BIO_should_retry(rctx->io)) - return -1; - - rctx->state = OHS_ERROR; - return 0; - - case OHS_ERROR: - return 0; - - case OHS_FIRSTLINE: - case OHS_HEADERS: - /* Attempt to read a line in */ -next_line: - /* Due to &%^*$" memory BIO behaviour with BIO_gets we - * have to check there's a complete line in there before - * calling BIO_gets or we'll just get a partial read. - */ - n = BIO_get_mem_data(rctx->mem, &p); - if ((n <= 0) || !memchr(p, '\n', n)) { - if (n >= rctx->iobuflen) { - rctx->state = OHS_ERROR; - return 0; - } - goto next_io; - } - n = BIO_gets(rctx->mem, (char *)rctx->iobuf, rctx->iobuflen); - if (n <= 0) { - if (BIO_should_retry(rctx->mem)) - goto next_io; - rctx->state = OHS_ERROR; - return 0; - } - - /* Don't allow excessive lines */ - if (n == rctx->iobuflen) { - rctx->state = OHS_ERROR; - return 0; - } - - /* First line */ - if (rctx->state == OHS_FIRSTLINE) { - if (parse_http_line1((char *)rctx->iobuf)) { - rctx->state = OHS_HEADERS; - goto next_line; - } else { - rctx->state = OHS_ERROR; - return 0; - } - } else { - /* Look for blank line: end of headers */ - for (p = rctx->iobuf; *p; p++) { - if ((*p != '\r') && (*p != '\n')) - break; - } - if (*p) - goto next_line; - - rctx->state = OHS_ASN1_HEADER; - } - /* FALLTHROUGH */ - - case OHS_ASN1_HEADER: - /* Now reading ASN1 header: can read at least 2 bytes which - * is enough for ASN1 SEQUENCE header and either length field - * or at least the length of the length field. - */ - n = BIO_get_mem_data(rctx->mem, &p); - if (n < 2) - goto next_io; - - /* Check it is an ASN1 SEQUENCE */ - if (*p++ != (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) { - rctx->state = OHS_ERROR; - return 0; - } - - /* Check out length field */ - if (*p & 0x80) { - /* If MSB set on initial length octet we can now - * always read 6 octets: make sure we have them. - */ - if (n < 6) - goto next_io; - n = *p & 0x7F; - /* Not NDEF or excessive length */ - if (!n || (n > 4)) { - rctx->state = OHS_ERROR; - return 0; - } - p++; - rctx->asn1_len = 0; - for (i = 0; i < n; i++) { - rctx->asn1_len <<= 8; - rctx->asn1_len |= *p++; - } - - if (rctx->asn1_len > OCSP_MAX_REQUEST_LENGTH) { - rctx->state = OHS_ERROR; - return 0; - } - - rctx->asn1_len += n + 2; - } else - rctx->asn1_len = *p + 2; - - rctx->state = OHS_ASN1_CONTENT; - - /* FALLTHROUGH */ - - case OHS_ASN1_CONTENT: - n = BIO_get_mem_data(rctx->mem, &p); - if (n < (int)rctx->asn1_len) - goto next_io; - - *presp = d2i_OCSP_RESPONSE(NULL, &p, rctx->asn1_len); - if (*presp) { - rctx->state = OHS_DONE; - return 1; - } - - rctx->state = OHS_ERROR; - return 0; - - case OHS_DONE: - return 1; - } - - return 0; -} -LCRYPTO_ALIAS(OCSP_sendreq_nbio); - -/* Blocking OCSP request handler: now a special case of non-blocking I/O */ -OCSP_RESPONSE * -OCSP_sendreq_bio(BIO *b, const char *path, OCSP_REQUEST *req) -{ - OCSP_RESPONSE *resp = NULL; - OCSP_REQ_CTX *ctx; - int rv; - - ctx = OCSP_sendreq_new(b, path, req, -1); - if (ctx == NULL) - return NULL; - - do { - rv = OCSP_sendreq_nbio(&resp, ctx); - } while ((rv == -1) && BIO_should_retry(b)); - - OCSP_REQ_CTX_free(ctx); - - if (rv) - return resp; - - return NULL; -} -LCRYPTO_ALIAS(OCSP_sendreq_bio); diff --git a/src/lib/libcrypto/ocsp/ocsp_lib.c b/src/lib/libcrypto/ocsp/ocsp_lib.c deleted file mode 100644 index 521fb67aed..0000000000 --- a/src/lib/libcrypto/ocsp/ocsp_lib.c +++ /dev/null @@ -1,249 +0,0 @@ -/* $OpenBSD: ocsp_lib.c,v 1.28 2024/08/28 06:27:19 tb Exp $ */ -/* Written by Tom Titchener for the OpenSSL - * project. */ - -/* History: - This file was transfered to Richard Levitte from CertCo by Kathy - Weinhold in mid-spring 2000 to be included in OpenSSL or released - as a patch kit. */ - -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include - -#include -#include -#include -#include -#include -#include -#include - -#include "ocsp_local.h" -#include "x509_local.h" - -/* Convert a certificate and its issuer to an OCSP_CERTID */ - -OCSP_CERTID * -OCSP_cert_to_id(const EVP_MD *dgst, const X509 *subject, const X509 *issuer) -{ - X509_NAME *iname; - const ASN1_INTEGER *serial; - ASN1_BIT_STRING *ikey; - -#ifndef OPENSSL_NO_SHA1 - if (!dgst) - dgst = EVP_sha1(); -#endif - if (subject) { - iname = X509_get_issuer_name(subject); - serial = X509_get0_serialNumber(subject); - } else { - iname = X509_get_subject_name(issuer); - serial = NULL; - } - if ((ikey = X509_get0_pubkey_bitstr(issuer)) == NULL) - return NULL; - - return OCSP_cert_id_new(dgst, iname, ikey, serial); -} -LCRYPTO_ALIAS(OCSP_cert_to_id); - -OCSP_CERTID * -OCSP_cert_id_new(const EVP_MD *dgst, const X509_NAME *issuerName, - const ASN1_BIT_STRING *issuerKey, const ASN1_INTEGER *serialNumber) -{ - int nid; - unsigned int i; - OCSP_CERTID *cid = NULL; - unsigned char md[EVP_MAX_MD_SIZE]; - - if ((cid = OCSP_CERTID_new()) == NULL) - goto err; - - if ((nid = EVP_MD_type(dgst)) == NID_undef) { - OCSPerror(OCSP_R_UNKNOWN_NID); - goto err; - } - if (!X509_ALGOR_set0_by_nid(cid->hashAlgorithm, nid, V_ASN1_NULL, NULL)) - goto err; - - if (!X509_NAME_digest(issuerName, dgst, md, &i)) { - OCSPerror(OCSP_R_DIGEST_ERR); - goto err; - } - if (!ASN1_OCTET_STRING_set(cid->issuerNameHash, md, i)) - goto err; - - /* Calculate the issuerKey hash, excluding tag and length */ - if (!EVP_Digest(issuerKey->data, issuerKey->length, md, &i, dgst, NULL)) - goto err; - - if (!ASN1_OCTET_STRING_set(cid->issuerKeyHash, md, i)) - goto err; - - if (serialNumber != NULL) { - ASN1_INTEGER_free(cid->serialNumber); - if ((cid->serialNumber = ASN1_INTEGER_dup(serialNumber)) == NULL) - goto err; - } - - return cid; - - err: - OCSP_CERTID_free(cid); - - return NULL; -} -LCRYPTO_ALIAS(OCSP_cert_id_new); - -int -OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b) -{ - int ret; - - /* - * XXX - should we really ignore parameters here? We probably need to - * consider omitted parameters and explicit ASN.1 NULL as equal for - * the SHAs, so don't blindly switch to X509_ALGOR_cmp(). - */ - ret = OBJ_cmp(a->hashAlgorithm->algorithm, b->hashAlgorithm->algorithm); - if (ret) - return ret; - ret = ASN1_OCTET_STRING_cmp(a->issuerNameHash, b->issuerNameHash); - if (ret) - return ret; - return ASN1_OCTET_STRING_cmp(a->issuerKeyHash, b->issuerKeyHash); -} -LCRYPTO_ALIAS(OCSP_id_issuer_cmp); - -int -OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b) -{ - int ret; - - ret = OCSP_id_issuer_cmp(a, b); - if (ret) - return ret; - return ASN1_INTEGER_cmp(a->serialNumber, b->serialNumber); -} -LCRYPTO_ALIAS(OCSP_id_cmp); - -/* Parse a URL and split it up into host, port and path components and whether - * it is SSL. - */ -int -OCSP_parse_url(const char *url, char **phost, char **pport, char **ppath, - int *pssl) -{ - char *host, *path, *port, *tmp; - - *phost = *pport = *ppath = NULL; - *pssl = 0; - - if (strncmp(url, "https://", 8) == 0) { - *pssl = 1; - host = strdup(url + 8); - } else if (strncmp(url, "http://", 7) == 0) - host = strdup(url + 7); - else { - OCSPerror(OCSP_R_ERROR_PARSING_URL); - return 0; - } - if (host == NULL) { - OCSPerror(ERR_R_MALLOC_FAILURE); - return 0; - } - - if ((tmp = strchr(host, '/')) != NULL) { - path = strdup(tmp); - *tmp = '\0'; - } else - path = strdup("/"); - - if ((tmp = strchr(host, ':')) != NULL ) { - port = strdup(tmp + 1); - *tmp = '\0'; - } else { - if (*pssl) - port = strdup("443"); - else - port = strdup("80"); - } - - if (path == NULL || port == NULL) { - free(host); - free(path); - free(port); - OCSPerror(ERR_R_MALLOC_FAILURE); - return 0; - } - - *phost = host; - *ppath = path; - *pport = port; - return 1; -} -LCRYPTO_ALIAS(OCSP_parse_url); - -OCSP_CERTID * -OCSP_CERTID_dup(OCSP_CERTID *x) -{ - return ASN1_item_dup(&OCSP_CERTID_it, x); -} -LCRYPTO_ALIAS(OCSP_CERTID_dup); diff --git a/src/lib/libcrypto/ocsp/ocsp_local.h b/src/lib/libcrypto/ocsp/ocsp_local.h deleted file mode 100644 index bd933b1915..0000000000 --- a/src/lib/libcrypto/ocsp/ocsp_local.h +++ /dev/null @@ -1,291 +0,0 @@ -/* $OpenBSD: ocsp_local.h,v 1.2 2022/01/14 08:32:26 tb Exp $ */ -/* Written by Tom Titchener for the OpenSSL - * project. */ - -/* History: - This file was transfered to Richard Levitte from CertCo by Kathy - Weinhold in mid-spring 2000 to be included in OpenSSL or released - as a patch kit. */ - -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_OCSP_LOCAL_H -#define HEADER_OCSP_LOCAL_H - -__BEGIN_HIDDEN_DECLS - -/* CertID ::= SEQUENCE { - * hashAlgorithm AlgorithmIdentifier, - * issuerNameHash OCTET STRING, -- Hash of Issuer's DN - * issuerKeyHash OCTET STRING, -- Hash of Issuers public key (excluding the tag & length fields) - * serialNumber CertificateSerialNumber } - */ -struct ocsp_cert_id_st { - X509_ALGOR *hashAlgorithm; - ASN1_OCTET_STRING *issuerNameHash; - ASN1_OCTET_STRING *issuerKeyHash; - ASN1_INTEGER *serialNumber; -} /* OCSP_CERTID */; - -/* Request ::= SEQUENCE { - * reqCert CertID, - * singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL } - */ -struct ocsp_one_request_st { - OCSP_CERTID *reqCert; - STACK_OF(X509_EXTENSION) *singleRequestExtensions; -} /* OCSP_ONEREQ */; - -/* TBSRequest ::= SEQUENCE { - * version [0] EXPLICIT Version DEFAULT v1, - * requestorName [1] EXPLICIT GeneralName OPTIONAL, - * requestList SEQUENCE OF Request, - * requestExtensions [2] EXPLICIT Extensions OPTIONAL } - */ -struct ocsp_req_info_st { - ASN1_INTEGER *version; - GENERAL_NAME *requestorName; - STACK_OF(OCSP_ONEREQ) *requestList; - STACK_OF(X509_EXTENSION) *requestExtensions; -} /* OCSP_REQINFO */; - -/* Signature ::= SEQUENCE { - * signatureAlgorithm AlgorithmIdentifier, - * signature BIT STRING, - * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } - */ -struct ocsp_signature_st { - X509_ALGOR *signatureAlgorithm; - ASN1_BIT_STRING *signature; - STACK_OF(X509) *certs; -} /* OCSP_SIGNATURE */; - -/* OCSPRequest ::= SEQUENCE { - * tbsRequest TBSRequest, - * optionalSignature [0] EXPLICIT Signature OPTIONAL } - */ -struct ocsp_request_st { - OCSP_REQINFO *tbsRequest; - OCSP_SIGNATURE *optionalSignature; /* OPTIONAL */ -} /* OCSP_REQUEST */; - -/* OCSPResponseStatus ::= ENUMERATED { - * successful (0), --Response has valid confirmations - * malformedRequest (1), --Illegal confirmation request - * internalError (2), --Internal error in issuer - * tryLater (3), --Try again later - * --(4) is not used - * sigRequired (5), --Must sign the request - * unauthorized (6) --Request unauthorized - * } - */ - -/* ResponseBytes ::= SEQUENCE { - * responseType OBJECT IDENTIFIER, - * response OCTET STRING } - */ -struct ocsp_resp_bytes_st { - ASN1_OBJECT *responseType; - ASN1_OCTET_STRING *response; -} /* OCSP_RESPBYTES */; - -/* OCSPResponse ::= SEQUENCE { - * responseStatus OCSPResponseStatus, - * responseBytes [0] EXPLICIT ResponseBytes OPTIONAL } - */ -struct ocsp_response_st { - ASN1_ENUMERATED *responseStatus; - OCSP_RESPBYTES *responseBytes; -}; - -/* ResponderID ::= CHOICE { - * byName [1] Name, - * byKey [2] KeyHash } - */ -struct ocsp_responder_id_st { - int type; - union { - X509_NAME* byName; - ASN1_OCTET_STRING *byKey; - } value; -}; - -/* KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key - * --(excluding the tag and length fields) - */ - -/* RevokedInfo ::= SEQUENCE { - * revocationTime GeneralizedTime, - * revocationReason [0] EXPLICIT CRLReason OPTIONAL } - */ -struct ocsp_revoked_info_st { - ASN1_GENERALIZEDTIME *revocationTime; - ASN1_ENUMERATED *revocationReason; -} /* OCSP_REVOKEDINFO */; - -/* CertStatus ::= CHOICE { - * good [0] IMPLICIT NULL, - * revoked [1] IMPLICIT RevokedInfo, - * unknown [2] IMPLICIT UnknownInfo } - */ -struct ocsp_cert_status_st { - int type; - union { - ASN1_NULL *good; - OCSP_REVOKEDINFO *revoked; - ASN1_NULL *unknown; - } value; -} /* OCSP_CERTSTATUS */; - -/* SingleResponse ::= SEQUENCE { - * certID CertID, - * certStatus CertStatus, - * thisUpdate GeneralizedTime, - * nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL, - * singleExtensions [1] EXPLICIT Extensions OPTIONAL } - */ -struct ocsp_single_response_st { - OCSP_CERTID *certId; - OCSP_CERTSTATUS *certStatus; - ASN1_GENERALIZEDTIME *thisUpdate; - ASN1_GENERALIZEDTIME *nextUpdate; - STACK_OF(X509_EXTENSION) *singleExtensions; -} /* OCSP_SINGLERESP */; - -/* ResponseData ::= SEQUENCE { - * version [0] EXPLICIT Version DEFAULT v1, - * responderID ResponderID, - * producedAt GeneralizedTime, - * responses SEQUENCE OF SingleResponse, - * responseExtensions [1] EXPLICIT Extensions OPTIONAL } - */ -struct ocsp_response_data_st { - ASN1_INTEGER *version; - OCSP_RESPID *responderId; - ASN1_GENERALIZEDTIME *producedAt; - STACK_OF(OCSP_SINGLERESP) *responses; - STACK_OF(X509_EXTENSION) *responseExtensions; -} /* OCSP_RESPDATA */; - -/* BasicOCSPResponse ::= SEQUENCE { - * tbsResponseData ResponseData, - * signatureAlgorithm AlgorithmIdentifier, - * signature BIT STRING, - * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } - */ - /* Note 1: - The value for "signature" is specified in the OCSP rfc2560 as follows: - "The value for the signature SHALL be computed on the hash of the DER - encoding ResponseData." This means that you must hash the DER-encoded - tbsResponseData, and then run it through a crypto-signing function, which - will (at least w/RSA) do a hash-'n'-private-encrypt operation. This seems - a bit odd, but that's the spec. Also note that the data structures do not - leave anywhere to independently specify the algorithm used for the initial - hash. So, we look at the signature-specification algorithm, and try to do - something intelligent. -- Kathy Weinhold, CertCo */ - /* Note 2: - It seems that the mentioned passage from RFC 2560 (section 4.2.1) is open - for interpretation. I've done tests against another responder, and found - that it doesn't do the double hashing that the RFC seems to say one - should. Therefore, all relevant functions take a flag saying which - variant should be used. -- Richard Levitte, OpenSSL team and CeloCom */ -struct ocsp_basic_response_st { - OCSP_RESPDATA *tbsResponseData; - X509_ALGOR *signatureAlgorithm; - ASN1_BIT_STRING *signature; - STACK_OF(X509) *certs; -} /* OCSP_BASICRESP */; - -/* CrlID ::= SEQUENCE { - * crlUrl [0] EXPLICIT IA5String OPTIONAL, - * crlNum [1] EXPLICIT INTEGER OPTIONAL, - * crlTime [2] EXPLICIT GeneralizedTime OPTIONAL } - */ -struct ocsp_crl_id_st { - ASN1_IA5STRING *crlUrl; - ASN1_INTEGER *crlNum; - ASN1_GENERALIZEDTIME *crlTime; -} /* OCSP_CRLID */; - -/* ServiceLocator ::= SEQUENCE { - * issuer Name, - * locator AuthorityInfoAccessSyntax OPTIONAL } - */ -struct ocsp_service_locator_st { - X509_NAME* issuer; - STACK_OF(ACCESS_DESCRIPTION) *locator; -} /* OCSP_SERVICELOC */; - -#define OCSP_REQUEST_sign(o,pkey,md) \ - ASN1_item_sign(&OCSP_REQINFO_it, \ - (o)->optionalSignature->signatureAlgorithm, NULL, \ - (o)->optionalSignature->signature,o->tbsRequest, (pkey), (md)) - -#define OCSP_BASICRESP_sign(o,pkey,md,d) \ - ASN1_item_sign(&OCSP_RESPDATA_it,o->signatureAlgorithm,NULL, \ - (o)->signature,(o)->tbsResponseData,(pkey),(md)) - -#define OCSP_REQUEST_verify(a,r) \ - ASN1_item_verify(&OCSP_REQINFO_it, \ - (a)->optionalSignature->signatureAlgorithm, \ - (a)->optionalSignature->signature, (a)->tbsRequest, (r)) - -#define OCSP_BASICRESP_verify(a,r,d) \ - ASN1_item_verify(&OCSP_RESPDATA_it, \ - (a)->signatureAlgorithm, (a)->signature, (a)->tbsResponseData, (r)) - -__END_HIDDEN_DECLS - -#endif /* !HEADER_OCSP_LOCAL_H */ diff --git a/src/lib/libcrypto/ocsp/ocsp_prn.c b/src/lib/libcrypto/ocsp/ocsp_prn.c deleted file mode 100644 index fb7b9651d9..0000000000 --- a/src/lib/libcrypto/ocsp/ocsp_prn.c +++ /dev/null @@ -1,323 +0,0 @@ -/* $OpenBSD: ocsp_prn.c,v 1.11 2024/08/28 06:18:44 tb Exp $ */ -/* Written by Tom Titchener for the OpenSSL - * project. */ - -/* History: - This file was originally part of ocsp.c and was transfered to Richard - Levitte from CertCo by Kathy Weinhold in mid-spring 2000 to be included - in OpenSSL or released as a patch kit. */ - -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include -#include - -#include "ocsp_local.h" - -static int -ocsp_certid_print(BIO *bp, OCSP_CERTID* a, int indent) -{ - const ASN1_OBJECT *aobj; - - BIO_printf(bp, "%*sCertificate ID:\n", indent, ""); - indent += 2; - BIO_printf(bp, "%*sHash Algorithm: ", indent, ""); - X509_ALGOR_get0(&aobj, NULL, NULL, a->hashAlgorithm); - i2a_ASN1_OBJECT(bp, aobj); - BIO_printf(bp, "\n%*sIssuer Name Hash: ", indent, ""); - i2a_ASN1_STRING(bp, a->issuerNameHash, V_ASN1_OCTET_STRING); - BIO_printf(bp, "\n%*sIssuer Key Hash: ", indent, ""); - i2a_ASN1_STRING(bp, a->issuerKeyHash, V_ASN1_OCTET_STRING); - BIO_printf(bp, "\n%*sSerial Number: ", indent, ""); - i2a_ASN1_INTEGER(bp, a->serialNumber); - BIO_printf(bp, "\n"); - return 1; -} - -typedef struct { - long t; - const char *m; -} OCSP_TBLSTR; - -static const char * -table2string(long s, const OCSP_TBLSTR *ts, int len) -{ - const OCSP_TBLSTR *p; - - for (p = ts; p < ts + len; p++) - if (p->t == s) - return p->m; - return "(UNKNOWN)"; -} - -const char * -OCSP_response_status_str(long s) -{ - static const OCSP_TBLSTR rstat_tbl[] = { - { OCSP_RESPONSE_STATUS_SUCCESSFUL, "successful" }, - { OCSP_RESPONSE_STATUS_MALFORMEDREQUEST, "malformedrequest" }, - { OCSP_RESPONSE_STATUS_INTERNALERROR, "internalerror" }, - { OCSP_RESPONSE_STATUS_TRYLATER, "trylater" }, - { OCSP_RESPONSE_STATUS_SIGREQUIRED, "sigrequired" }, - { OCSP_RESPONSE_STATUS_UNAUTHORIZED, "unauthorized" } - }; - return table2string(s, rstat_tbl, 6); -} -LCRYPTO_ALIAS(OCSP_response_status_str); - -const char * -OCSP_cert_status_str(long s) -{ - static const OCSP_TBLSTR cstat_tbl[] = { - { V_OCSP_CERTSTATUS_GOOD, "good" }, - { V_OCSP_CERTSTATUS_REVOKED, "revoked" }, - { V_OCSP_CERTSTATUS_UNKNOWN, "unknown" } - }; - return table2string(s, cstat_tbl, 3); -} -LCRYPTO_ALIAS(OCSP_cert_status_str); - -const char * -OCSP_crl_reason_str(long s) -{ - static const OCSP_TBLSTR reason_tbl[] = { - { OCSP_REVOKED_STATUS_UNSPECIFIED, "unspecified" }, - { OCSP_REVOKED_STATUS_KEYCOMPROMISE, "keyCompromise" }, - { OCSP_REVOKED_STATUS_CACOMPROMISE, "cACompromise" }, - { OCSP_REVOKED_STATUS_AFFILIATIONCHANGED, "affiliationChanged" }, - { OCSP_REVOKED_STATUS_SUPERSEDED, "superseded" }, - { OCSP_REVOKED_STATUS_CESSATIONOFOPERATION, "cessationOfOperation" }, - { OCSP_REVOKED_STATUS_CERTIFICATEHOLD, "certificateHold" }, - { OCSP_REVOKED_STATUS_REMOVEFROMCRL, "removeFromCRL" } - }; - return table2string(s, reason_tbl, 8); -} -LCRYPTO_ALIAS(OCSP_crl_reason_str); - -int -OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* o, unsigned long flags) -{ - int i; - long l; - OCSP_CERTID* cid = NULL; - OCSP_ONEREQ *one = NULL; - OCSP_REQINFO *inf = o->tbsRequest; - OCSP_SIGNATURE *sig = o->optionalSignature; - - if (BIO_write(bp, "OCSP Request Data:\n", 19) <= 0) - goto err; - l = ASN1_INTEGER_get(inf->version); - if (BIO_printf(bp, " Version: %lu (0x%lx)", l+1, l) <= 0) - goto err; - if (inf->requestorName != NULL) { - if (BIO_write(bp, "\n Requestor Name: ", 21) <= 0) - goto err; - GENERAL_NAME_print(bp, inf->requestorName); - } - if (BIO_write(bp, "\n Requestor List:\n", 21) <= 0) - goto err; - for (i = 0; i < sk_OCSP_ONEREQ_num(inf->requestList); i++) { - one = sk_OCSP_ONEREQ_value(inf->requestList, i); - cid = one->reqCert; - ocsp_certid_print(bp, cid, 8); - if (!X509V3_extensions_print(bp, "Request Single Extensions", - one->singleRequestExtensions, flags, 8)) - goto err; - } - if (!X509V3_extensions_print(bp, "Request Extensions", - inf->requestExtensions, flags, 4)) - goto err; - if (sig) { - if (X509_signature_print(bp, sig->signatureAlgorithm, - sig->signature) == 0) - goto err; - for (i = 0; i < sk_X509_num(sig->certs); i++) { - if (X509_print(bp, sk_X509_value(sig->certs, i)) == 0) - goto err; - if (PEM_write_bio_X509(bp, - sk_X509_value(sig->certs, i)) == 0) - goto err; - } - } - return 1; - -err: - return 0; -} -LCRYPTO_ALIAS(OCSP_REQUEST_print); - -int -OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags) -{ - int i, ret = 0; - long l; - OCSP_CERTID *cid = NULL; - OCSP_BASICRESP *br = NULL; - OCSP_RESPID *rid = NULL; - OCSP_RESPDATA *rd = NULL; - OCSP_CERTSTATUS *cst = NULL; - OCSP_REVOKEDINFO *rev = NULL; - OCSP_SINGLERESP *single = NULL; - OCSP_RESPBYTES *rb = o->responseBytes; - - if (BIO_puts(bp, "OCSP Response Data:\n") <= 0) - goto err; - l = ASN1_ENUMERATED_get(o->responseStatus); - if (BIO_printf(bp, " OCSP Response Status: %s (0x%lx)\n", - OCSP_response_status_str(l), l) <= 0) - goto err; - if (rb == NULL) - return 1; - if (BIO_puts(bp, " Response Type: ") <= 0) - goto err; - if (i2a_ASN1_OBJECT(bp, rb->responseType) <= 0) - goto err; - if (OBJ_obj2nid(rb->responseType) != NID_id_pkix_OCSP_basic) { - BIO_puts(bp, " (unknown response type)\n"); - return 1; - } - - i = ASN1_STRING_length(rb->response); - if (!(br = OCSP_response_get1_basic(o))) - goto err; - rd = br->tbsResponseData; - l = ASN1_INTEGER_get(rd->version); - if (BIO_printf(bp, "\n Version: %lu (0x%lx)\n", l+1, l) <= 0) - goto err; - if (BIO_puts(bp, " Responder Id: ") <= 0) - goto err; - - rid = rd->responderId; - switch (rid->type) { - case V_OCSP_RESPID_NAME: - X509_NAME_print_ex(bp, rid->value.byName, 0, XN_FLAG_ONELINE); - break; - case V_OCSP_RESPID_KEY: - i2a_ASN1_STRING(bp, rid->value.byKey, V_ASN1_OCTET_STRING); - break; - } - - if (BIO_printf(bp, "\n Produced At: ")<=0) - goto err; - if (!ASN1_GENERALIZEDTIME_print(bp, rd->producedAt)) - goto err; - if (BIO_printf(bp, "\n Responses:\n") <= 0) - goto err; - for (i = 0; i < sk_OCSP_SINGLERESP_num(rd->responses); i++) { - if (! sk_OCSP_SINGLERESP_value(rd->responses, i)) - continue; - single = sk_OCSP_SINGLERESP_value(rd->responses, i); - cid = single->certId; - if (ocsp_certid_print(bp, cid, 4) <= 0) - goto err; - cst = single->certStatus; - if (BIO_printf(bp, " Cert Status: %s", - OCSP_cert_status_str(cst->type)) <= 0) - goto err; - if (cst->type == V_OCSP_CERTSTATUS_REVOKED) { - rev = cst->value.revoked; - if (BIO_printf(bp, "\n Revocation Time: ") <= 0) - goto err; - if (!ASN1_GENERALIZEDTIME_print(bp, - rev->revocationTime)) - goto err; - if (rev->revocationReason) { - l = ASN1_ENUMERATED_get(rev->revocationReason); - if (BIO_printf(bp, - "\n Revocation Reason: %s (0x%lx)", - OCSP_crl_reason_str(l), l) <= 0) - goto err; - } - } - if (BIO_printf(bp, "\n This Update: ") <= 0) - goto err; - if (!ASN1_GENERALIZEDTIME_print(bp, single->thisUpdate)) - goto err; - if (single->nextUpdate) { - if (BIO_printf(bp, "\n Next Update: ") <= 0) - goto err; - if (!ASN1_GENERALIZEDTIME_print(bp, single->nextUpdate)) - goto err; - } - if (BIO_write(bp, "\n", 1) <= 0) - goto err; - if (!X509V3_extensions_print(bp, "Response Single Extensions", - single->singleExtensions, flags, 8)) - goto err; - if (BIO_write(bp, "\n", 1) <= 0) - goto err; - } - if (!X509V3_extensions_print(bp, "Response Extensions", - rd->responseExtensions, flags, 4)) - goto err; - if (X509_signature_print(bp, br->signatureAlgorithm, br->signature) <= - 0) - goto err; - - for (i = 0; i < sk_X509_num(br->certs); i++) { - X509_print(bp, sk_X509_value(br->certs, i)); - PEM_write_bio_X509(bp, sk_X509_value(br->certs, i)); - } - - ret = 1; - -err: - OCSP_BASICRESP_free(br); - return ret; -} -LCRYPTO_ALIAS(OCSP_RESPONSE_print); diff --git a/src/lib/libcrypto/ocsp/ocsp_srv.c b/src/lib/libcrypto/ocsp/ocsp_srv.c deleted file mode 100644 index 77c5e2e0fd..0000000000 --- a/src/lib/libcrypto/ocsp/ocsp_srv.c +++ /dev/null @@ -1,285 +0,0 @@ -/* $OpenBSD: ocsp_srv.c,v 1.13 2023/07/08 10:44:00 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2001. - */ -/* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include -#include -#include -#include - -#include "ocsp_local.h" - -/* Utility functions related to sending OCSP responses and extracting - * relevant information from the request. - */ - -int -OCSP_request_onereq_count(OCSP_REQUEST *req) -{ - return sk_OCSP_ONEREQ_num(req->tbsRequest->requestList); -} -LCRYPTO_ALIAS(OCSP_request_onereq_count); - -OCSP_ONEREQ * -OCSP_request_onereq_get0(OCSP_REQUEST *req, int i) -{ - return sk_OCSP_ONEREQ_value(req->tbsRequest->requestList, i); -} -LCRYPTO_ALIAS(OCSP_request_onereq_get0); - -OCSP_CERTID * -OCSP_onereq_get0_id(OCSP_ONEREQ *one) -{ - return one->reqCert; -} -LCRYPTO_ALIAS(OCSP_onereq_get0_id); - -int -OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd, - ASN1_OCTET_STRING **pikeyHash, ASN1_INTEGER **pserial, OCSP_CERTID *cid) -{ - if (!cid) - return 0; - if (pmd) - *pmd = cid->hashAlgorithm->algorithm; - if (piNameHash) - *piNameHash = cid->issuerNameHash; - if (pikeyHash) - *pikeyHash = cid->issuerKeyHash; - if (pserial) - *pserial = cid->serialNumber; - return 1; -} -LCRYPTO_ALIAS(OCSP_id_get0_info); - -int -OCSP_request_is_signed(OCSP_REQUEST *req) -{ - if (req->optionalSignature) - return 1; - return 0; -} -LCRYPTO_ALIAS(OCSP_request_is_signed); - -/* Create an OCSP response and encode an optional basic response */ -OCSP_RESPONSE * -OCSP_response_create(int status, OCSP_BASICRESP *bs) -{ - OCSP_RESPONSE *rsp = NULL; - - if (!(rsp = OCSP_RESPONSE_new())) - goto err; - if (!(ASN1_ENUMERATED_set(rsp->responseStatus, status))) - goto err; - if (!bs) - return rsp; - if (!(rsp->responseBytes = OCSP_RESPBYTES_new())) - goto err; - rsp->responseBytes->responseType = OBJ_nid2obj(NID_id_pkix_OCSP_basic); - if (!ASN1_item_pack(bs, &OCSP_BASICRESP_it, - &rsp->responseBytes->response)) - goto err; - return rsp; - -err: - if (rsp) - OCSP_RESPONSE_free(rsp); - return NULL; -} -LCRYPTO_ALIAS(OCSP_response_create); - -OCSP_SINGLERESP * -OCSP_basic_add1_status(OCSP_BASICRESP *rsp, OCSP_CERTID *cid, int status, - int reason, ASN1_TIME *revtime, ASN1_TIME *thisupd, ASN1_TIME *nextupd) -{ - OCSP_SINGLERESP *single = NULL; - OCSP_CERTSTATUS *cs; - OCSP_REVOKEDINFO *ri; - - if (!rsp->tbsResponseData->responses && - !(rsp->tbsResponseData->responses = sk_OCSP_SINGLERESP_new_null())) - goto err; - - if (!(single = OCSP_SINGLERESP_new())) - goto err; - - if (!ASN1_TIME_to_generalizedtime(thisupd, &single->thisUpdate)) - goto err; - if (nextupd && - !ASN1_TIME_to_generalizedtime(nextupd, &single->nextUpdate)) - goto err; - - OCSP_CERTID_free(single->certId); - - if (!(single->certId = OCSP_CERTID_dup(cid))) - goto err; - - cs = single->certStatus; - switch (cs->type = status) { - case V_OCSP_CERTSTATUS_REVOKED: - if (!revtime) { - OCSPerror(OCSP_R_NO_REVOKED_TIME); - goto err; - } - if (!(cs->value.revoked = ri = OCSP_REVOKEDINFO_new())) - goto err; - if (!ASN1_TIME_to_generalizedtime(revtime, &ri->revocationTime)) - goto err; - if (reason != OCSP_REVOKED_STATUS_NOSTATUS) { - if (!(ri->revocationReason = ASN1_ENUMERATED_new())) - goto err; - if (!(ASN1_ENUMERATED_set(ri->revocationReason, - reason))) - goto err; - } - break; - - case V_OCSP_CERTSTATUS_GOOD: - cs->value.good = ASN1_NULL_new(); - break; - - case V_OCSP_CERTSTATUS_UNKNOWN: - cs->value.unknown = ASN1_NULL_new(); - break; - - default: - goto err; - } - if (!(sk_OCSP_SINGLERESP_push(rsp->tbsResponseData->responses, single))) - goto err; - return single; - -err: - OCSP_SINGLERESP_free(single); - return NULL; -} -LCRYPTO_ALIAS(OCSP_basic_add1_status); - -/* Add a certificate to an OCSP request */ -int -OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert) -{ - if (!resp->certs && !(resp->certs = sk_X509_new_null())) - return 0; - - if (!sk_X509_push(resp->certs, cert)) - return 0; - X509_up_ref(cert); - return 1; -} -LCRYPTO_ALIAS(OCSP_basic_add1_cert); - -int -OCSP_basic_sign(OCSP_BASICRESP *brsp, X509 *signer, EVP_PKEY *key, - const EVP_MD *dgst, STACK_OF(X509) *certs, unsigned long flags) -{ - int i; - OCSP_RESPID *rid; - - if (!X509_check_private_key(signer, key)) { - OCSPerror(OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE); - goto err; - } - - if (!(flags & OCSP_NOCERTS)) { - if (!OCSP_basic_add1_cert(brsp, signer)) - goto err; - for (i = 0; i < sk_X509_num(certs); i++) { - X509 *tmpcert = sk_X509_value(certs, i); - if (!OCSP_basic_add1_cert(brsp, tmpcert)) - goto err; - } - } - - rid = brsp->tbsResponseData->responderId; - if (flags & OCSP_RESPID_KEY) { - unsigned char md[SHA_DIGEST_LENGTH]; - - X509_pubkey_digest(signer, EVP_sha1(), md, NULL); - if (!(rid->value.byKey = ASN1_OCTET_STRING_new())) - goto err; - if (!(ASN1_OCTET_STRING_set(rid->value.byKey, md, - SHA_DIGEST_LENGTH))) - goto err; - rid->type = V_OCSP_RESPID_KEY; - } else { - if (!X509_NAME_set(&rid->value.byName, - X509_get_subject_name(signer))) - goto err; - rid->type = V_OCSP_RESPID_NAME; - } - - if (!(flags & OCSP_NOTIME) && - !ASN1_GENERALIZEDTIME_set(brsp->tbsResponseData->producedAt, time(NULL))) - goto err; - - /* Right now, I think that not doing double hashing is the right - thing. -- Richard Levitte */ - - if (!OCSP_BASICRESP_sign(brsp, key, dgst, 0)) - goto err; - - return 1; - -err: - return 0; -} -LCRYPTO_ALIAS(OCSP_basic_sign); diff --git a/src/lib/libcrypto/ocsp/ocsp_vfy.c b/src/lib/libcrypto/ocsp/ocsp_vfy.c deleted file mode 100644 index 27d2283ea7..0000000000 --- a/src/lib/libcrypto/ocsp/ocsp_vfy.c +++ /dev/null @@ -1,475 +0,0 @@ -/* $OpenBSD: ocsp_vfy.c,v 1.24 2024/07/12 18:15:10 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include - -#include "ocsp_local.h" -#include "x509_local.h" - -static int ocsp_find_signer(X509 **psigner, OCSP_BASICRESP *bs, - STACK_OF(X509) *certs, X509_STORE *st, unsigned long flags); -static X509 *ocsp_find_signer_sk(STACK_OF(X509) *certs, OCSP_RESPID *id); -static int ocsp_check_issuer(OCSP_BASICRESP *bs, STACK_OF(X509) *chain, - unsigned long flags); -static int ocsp_check_ids(STACK_OF(OCSP_SINGLERESP) *sresp, OCSP_CERTID **ret); -static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid, - STACK_OF(OCSP_SINGLERESP) *sresp); -static int ocsp_check_delegated(X509 *x, int flags); -static int ocsp_req_find_signer(X509 **psigner, OCSP_REQUEST *req, - X509_NAME *nm, STACK_OF(X509) *certs, X509_STORE *st, - unsigned long flags); - -/* Verify a basic response message */ -int -OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs, X509_STORE *st, - unsigned long flags) -{ - X509 *signer, *x; - STACK_OF(X509) *chain = NULL; - STACK_OF(X509) *untrusted = NULL; - X509_STORE_CTX ctx; - int i, ret = 0; - - ret = ocsp_find_signer(&signer, bs, certs, st, flags); - if (!ret) { - OCSPerror(OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND); - goto end; - } - if ((ret == 2) && (flags & OCSP_TRUSTOTHER)) - flags |= OCSP_NOVERIFY; - if (!(flags & OCSP_NOSIGS)) { - EVP_PKEY *skey; - - skey = X509_get0_pubkey(signer); - if (skey) { - ret = OCSP_BASICRESP_verify(bs, skey, 0); - } - if (!skey || ret <= 0) { - OCSPerror(OCSP_R_SIGNATURE_FAILURE); - goto end; - } - } - if (!(flags & OCSP_NOVERIFY)) { - int init_res; - - if (flags & OCSP_NOCHAIN) { - untrusted = NULL; - } else if (bs->certs && certs) { - untrusted = sk_X509_dup(bs->certs); - for (i = 0; i < sk_X509_num(certs); i++) { - if (!sk_X509_push(untrusted, - sk_X509_value(certs, i))) { - OCSPerror(ERR_R_MALLOC_FAILURE); - goto end; - } - } - } else if (certs != NULL) { - untrusted = certs; - } else { - untrusted = bs->certs; - } - init_res = X509_STORE_CTX_init(&ctx, st, signer, untrusted); - if (!init_res) { - ret = -1; - OCSPerror(ERR_R_X509_LIB); - goto end; - } - - if (X509_STORE_CTX_set_purpose(&ctx, - X509_PURPOSE_OCSP_HELPER) == 0) { - X509_STORE_CTX_cleanup(&ctx); - ret = -1; - goto end; - } - ret = X509_verify_cert(&ctx); - chain = X509_STORE_CTX_get1_chain(&ctx); - X509_STORE_CTX_cleanup(&ctx); - if (ret <= 0) { - i = X509_STORE_CTX_get_error(&ctx); - OCSPerror(OCSP_R_CERTIFICATE_VERIFY_ERROR); - ERR_asprintf_error_data("Verify error:%s", - X509_verify_cert_error_string(i)); - goto end; - } - if (flags & OCSP_NOCHECKS) { - ret = 1; - goto end; - } - /* At this point we have a valid certificate chain - * need to verify it against the OCSP issuer criteria. - */ - ret = ocsp_check_issuer(bs, chain, flags); - - /* If fatal error or valid match then finish */ - if (ret != 0) - goto end; - - /* Easy case: explicitly trusted. Get root CA and - * check for explicit trust - */ - if (flags & OCSP_NOEXPLICIT) - goto end; - - x = sk_X509_value(chain, sk_X509_num(chain) - 1); - if (X509_check_trust(x, X509_TRUST_OCSP_SIGN, 0) != - X509_TRUST_TRUSTED) { - OCSPerror(OCSP_R_ROOT_CA_NOT_TRUSTED); - goto end; - } - ret = 1; - } - -end: - if (chain) - sk_X509_pop_free(chain, X509_free); - if (bs->certs && certs) - sk_X509_free(untrusted); - return ret; -} -LCRYPTO_ALIAS(OCSP_basic_verify); - -int -OCSP_resp_get0_signer(OCSP_BASICRESP *bs, X509 **signer, - STACK_OF(X509) *extra_certs) -{ - return ocsp_find_signer(signer, bs, extra_certs, NULL, 0) > 0; -} -LCRYPTO_ALIAS(OCSP_resp_get0_signer); - -static int -ocsp_find_signer(X509 **psigner, OCSP_BASICRESP *bs, STACK_OF(X509) *certs, - X509_STORE *st, unsigned long flags) -{ - X509 *signer; - OCSP_RESPID *rid = bs->tbsResponseData->responderId; - - if ((signer = ocsp_find_signer_sk(certs, rid))) { - *psigner = signer; - return 2; - } - if (!(flags & OCSP_NOINTERN) && - (signer = ocsp_find_signer_sk(bs->certs, rid))) { - *psigner = signer; - return 1; - } - /* Maybe lookup from store if by subject name */ - - *psigner = NULL; - return 0; -} - -static X509 * -ocsp_find_signer_sk(STACK_OF(X509) *certs, OCSP_RESPID *id) -{ - int i; - unsigned char tmphash[SHA_DIGEST_LENGTH], *keyhash; - X509 *x; - - /* Easy if lookup by name */ - if (id->type == V_OCSP_RESPID_NAME) - return X509_find_by_subject(certs, id->value.byName); - - /* Lookup by key hash */ - - /* If key hash isn't SHA1 length then forget it */ - if (id->value.byKey->length != SHA_DIGEST_LENGTH) - return NULL; - keyhash = id->value.byKey->data; - /* Calculate hash of each key and compare */ - for (i = 0; i < sk_X509_num(certs); i++) { - x = sk_X509_value(certs, i); - X509_pubkey_digest(x, EVP_sha1(), tmphash, NULL); - if (!memcmp(keyhash, tmphash, SHA_DIGEST_LENGTH)) - return x; - } - return NULL; -} - -static int -ocsp_check_issuer(OCSP_BASICRESP *bs, STACK_OF(X509) *chain, - unsigned long flags) -{ - STACK_OF(OCSP_SINGLERESP) *sresp; - X509 *signer, *sca; - OCSP_CERTID *caid = NULL; - int i; - - sresp = bs->tbsResponseData->responses; - - if (sk_X509_num(chain) <= 0) { - OCSPerror(OCSP_R_NO_CERTIFICATES_IN_CHAIN); - return -1; - } - - /* See if the issuer IDs match. */ - i = ocsp_check_ids(sresp, &caid); - - /* If ID mismatch or other error then return */ - if (i <= 0) - return i; - - signer = sk_X509_value(chain, 0); - /* Check to see if OCSP responder CA matches request CA */ - if (sk_X509_num(chain) > 1) { - sca = sk_X509_value(chain, 1); - i = ocsp_match_issuerid(sca, caid, sresp); - if (i < 0) - return i; - if (i) { - /* We have a match, if extensions OK then success */ - if (ocsp_check_delegated(signer, flags)) - return 1; - return 0; - } - } - - /* Otherwise check if OCSP request signed directly by request CA */ - return ocsp_match_issuerid(signer, caid, sresp); -} - -/* Check the issuer certificate IDs for equality. If there is a mismatch with the same - * algorithm then there's no point trying to match any certificates against the issuer. - * If the issuer IDs all match then we just need to check equality against one of them. - */ -static int -ocsp_check_ids(STACK_OF(OCSP_SINGLERESP) *sresp, OCSP_CERTID **ret) -{ - OCSP_CERTID *tmpid, *cid; - int i, idcount; - - idcount = sk_OCSP_SINGLERESP_num(sresp); - if (idcount <= 0) { - OCSPerror(OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA); - return -1; - } - - cid = sk_OCSP_SINGLERESP_value(sresp, 0)->certId; - - *ret = NULL; - - for (i = 1; i < idcount; i++) { - tmpid = sk_OCSP_SINGLERESP_value(sresp, i)->certId; - /* Check to see if IDs match */ - if (OCSP_id_issuer_cmp(cid, tmpid)) { - return 0; - } - } - - /* All IDs match: only need to check one ID */ - *ret = cid; - return 1; -} - -static int -ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid, - STACK_OF(OCSP_SINGLERESP) *sresp) -{ - /* If only one ID to match then do it */ - if (cid) { - const EVP_MD *dgst; - X509_NAME *iname; - int mdlen; - unsigned char md[EVP_MAX_MD_SIZE]; - - if (!(dgst = - EVP_get_digestbyobj(cid->hashAlgorithm->algorithm))) { - OCSPerror(OCSP_R_UNKNOWN_MESSAGE_DIGEST); - return -1; - } - - mdlen = EVP_MD_size(dgst); - if (mdlen < 0) - return -1; - if (cid->issuerNameHash->length != mdlen || - cid->issuerKeyHash->length != mdlen) - return 0; - iname = X509_get_subject_name(cert); - if (!X509_NAME_digest(iname, dgst, md, NULL)) - return -1; - if (memcmp(md, cid->issuerNameHash->data, mdlen)) - return 0; - X509_pubkey_digest(cert, dgst, md, NULL); - if (memcmp(md, cid->issuerKeyHash->data, mdlen)) - return 0; - - return 1; - } else { - /* We have to match the whole lot */ - int i, ret; - OCSP_CERTID *tmpid; - - for (i = 0; i < sk_OCSP_SINGLERESP_num(sresp); i++) { - tmpid = sk_OCSP_SINGLERESP_value(sresp, i)->certId; - ret = ocsp_match_issuerid(cert, tmpid, NULL); - if (ret <= 0) - return ret; - } - return 1; - } -} - -static int -ocsp_check_delegated(X509 *x, int flags) -{ - X509_check_purpose(x, -1, 0); - if ((x->ex_flags & EXFLAG_XKUSAGE) && (x->ex_xkusage & XKU_OCSP_SIGN)) - return 1; - OCSPerror(OCSP_R_MISSING_OCSPSIGNING_USAGE); - return 0; -} - -/* Verify an OCSP request. This is fortunately much easier than OCSP - * response verify. Just find the signers certificate and verify it - * against a given trust value. - */ -int -OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs, X509_STORE *store, - unsigned long flags) -{ - X509 *signer; - X509_NAME *nm; - GENERAL_NAME *gen; - int ret; - X509_STORE_CTX ctx; - - if (!req->optionalSignature) { - OCSPerror(OCSP_R_REQUEST_NOT_SIGNED); - return 0; - } - gen = req->tbsRequest->requestorName; - if (!gen || gen->type != GEN_DIRNAME) { - OCSPerror(OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE); - return 0; - } - nm = gen->d.directoryName; - ret = ocsp_req_find_signer(&signer, req, nm, certs, store, flags); - if (ret <= 0) { - OCSPerror(OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND); - return 0; - } - if ((ret == 2) && (flags & OCSP_TRUSTOTHER)) - flags |= OCSP_NOVERIFY; - if (!(flags & OCSP_NOSIGS)) { - EVP_PKEY *skey; - - if ((skey = X509_get0_pubkey(signer)) == NULL) - return 0; - ret = OCSP_REQUEST_verify(req, skey); - if (ret <= 0) { - OCSPerror(OCSP_R_SIGNATURE_FAILURE); - return 0; - } - } - if (!(flags & OCSP_NOVERIFY)) { - int init_res; - - if (flags & OCSP_NOCHAIN) - init_res = X509_STORE_CTX_init(&ctx, store, signer, - NULL); - else - init_res = X509_STORE_CTX_init(&ctx, store, signer, - req->optionalSignature->certs); - if (!init_res) { - OCSPerror(ERR_R_X509_LIB); - return 0; - } - - if (X509_STORE_CTX_set_purpose(&ctx, - X509_PURPOSE_OCSP_HELPER) == 0 || - X509_STORE_CTX_set_trust(&ctx, - X509_TRUST_OCSP_REQUEST) == 0) { - X509_STORE_CTX_cleanup(&ctx); - return 0; - } - ret = X509_verify_cert(&ctx); - X509_STORE_CTX_cleanup(&ctx); - if (ret <= 0) { - ret = X509_STORE_CTX_get_error(&ctx); - OCSPerror(OCSP_R_CERTIFICATE_VERIFY_ERROR); - ERR_asprintf_error_data("Verify error:%s", - X509_verify_cert_error_string(ret)); - return 0; - } - } - return 1; -} -LCRYPTO_ALIAS(OCSP_request_verify); - -static int -ocsp_req_find_signer(X509 **psigner, OCSP_REQUEST *req, X509_NAME *nm, - STACK_OF(X509) *certs, X509_STORE *st, unsigned long flags) -{ - X509 *signer; - - if (!(flags & OCSP_NOINTERN)) { - signer = X509_find_by_subject(req->optionalSignature->certs, nm); - if (signer) { - *psigner = signer; - return 1; - } - } - - signer = X509_find_by_subject(certs, nm); - if (signer) { - *psigner = signer; - return 2; - } - return 0; -} diff --git a/src/lib/libcrypto/openssl.cnf b/src/lib/libcrypto/openssl.cnf deleted file mode 100644 index 8ce83bf90d..0000000000 --- a/src/lib/libcrypto/openssl.cnf +++ /dev/null @@ -1,24 +0,0 @@ -[ req ] -#default_bits = 2048 -#default_md = sha256 -#default_keyfile = privkey.pem -distinguished_name = req_distinguished_name -attributes = req_attributes - -[ req_distinguished_name ] -countryName = Country Name (2 letter code) -countryName_min = 2 -countryName_max = 2 -stateOrProvinceName = State or Province Name (full name) -localityName = Locality Name (eg, city) -0.organizationName = Organization Name (eg, company) -organizationalUnitName = Organizational Unit Name (eg, section) -commonName = Common Name (eg, fully qualified host name) -commonName_max = 64 -emailAddress = Email Address -emailAddress_max = 64 - -[ req_attributes ] -challengePassword = A challenge password -challengePassword_min = 4 -challengePassword_max = 20 diff --git a/src/lib/libcrypto/opensslfeatures.h b/src/lib/libcrypto/opensslfeatures.h deleted file mode 100644 index f5d451621d..0000000000 --- a/src/lib/libcrypto/opensslfeatures.h +++ /dev/null @@ -1,146 +0,0 @@ -/* $OpenBSD: opensslfeatures.h,v 1.44 2024/08/31 10:38:49 tb Exp $ */ -/* - * Feature flags for LibreSSL... so you can actually tell when things - * are enabled, rather than not being able to tell when things are - * enabled (or possibly not yet not implemented, or removed!). - */ -#define LIBRESSL_HAS_QUIC -#define LIBRESSL_HAS_TLS1_3 -#define LIBRESSL_HAS_DTLS1_2 - -#define OPENSSL_THREADS - -#define OPENSSL_NO_BUF_FREELISTS -#define OPENSSL_NO_DEPRECATED -#define OPENSSL_NO_EC2M -#define OPENSSL_NO_GMP -#define OPENSSL_NO_JPAKE -#define OPENSSL_NO_KRB5 -#define OPENSSL_NO_RSAX -#define OPENSSL_NO_SHA0 -#define OPENSSL_NO_SSL2 -#define OPENSSL_NO_STORE - -/* - * OPENSSL_NO_* flags that currently appear in OpenSSL. - */ - -/* #define OPENSSL_NO_AFALGENG */ -/* #define OPENSSL_NO_ALGORITHMS */ -/* #define OPENSSL_NO_ARIA */ -/* #define OPENSSL_NO_ASM */ -#define OPENSSL_NO_ASYNC -/* #define OPENSSL_NO_AUTOALGINIT */ -/* #define OPENSSL_NO_AUTOERRINIT */ -/* #define OPENSSL_NO_AUTOLOAD_CONFIG */ -/* #define OPENSSL_NO_BF */ -#define OPENSSL_NO_BLAKE2 -#define OPENSSL_NO_BROTLI -/* #define OPENSSL_NO_BUILTIN_OVERFLOW_CHECKING */ -/* #define OPENSSL_NO_CAMELLIA */ -#define OPENSSL_NO_CAPIENG -/* #define OPENSSL_NO_CAST */ -/* #define OPENSSL_NO_CHACHA */ -/* #define OPENSSL_NO_CMAC */ -/* #define OPENSSL_NO_CMP */ -/* #define OPENSSL_NO_CMS */ -#define OPENSSL_NO_COMP -/* #define OPENSSL_NO_COMP_ALG */ -/* #define OPENSSL_NO_CRMF */ -/* #define OPENSSL_NO_CRYPTO_MDEBUG */ -/* #define OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE */ -/* #define OPENSSL_NO_CT */ -/* #define OPENSSL_NO_DECC_INIT */ -/* #define OPENSSL_NO_DES */ -/* #define OPENSSL_NO_DEVCRYPTOENG */ -/* #define OPENSSL_NO_DGRAM */ -/* #define OPENSSL_NO_DH */ -/* #define OPENSSL_NO_DSA */ -#define OPENSSL_NO_DSO -/* #define OPENSSL_NO_DTLS */ -#define OPENSSL_NO_DTLS1 -#ifndef LIBRESSL_HAS_DTLS1_2 -#define OPENSSL_NO_DTLS1_2 -#endif -/* #define OPENSSL_NO_DTLS1_2_METHOD */ -/* #define OPENSSL_NO_DTLS1_METHOD */ -#define OPENSSL_NO_DYNAMIC_ENGINE -/* #define OPENSSL_NO_EC */ -#define OPENSSL_NO_EC_NISTP_64_GCC_128 -#define OPENSSL_NO_EGD -#define OPENSSL_NO_ENGINE -/* #define OPENSSL_NO_ERR */ -/* #define OPENSSL_NO_FILENAMES */ -/* #define OPENSSL_NO_FUZZ_AFL */ -/* #define OPENSSL_NO_FUZZ_LIBFUZZER */ -#define OPENSSL_NO_GOST -#define OPENSSL_NO_HEARTBEATS -/* #define OPENSSL_NO_HW */ -/* #define OPENSSL_NO_HW_PADLOCK */ -/* #define OPENSSL_NO_IDEA */ -/* #define OPENSSL_NO_INLINE_ASM */ -/* #define OPENSSL_NO_KEYPARAMS */ -#define OPENSSL_NO_KTLS -/* #define OPENSSL_NO_KTLS_RX */ -/* #define OPENSSL_NO_KTLS_ZC_TX */ -/* #define OPENSSL_NO_LOCALE */ -#define OPENSSL_NO_MD2 -/* #define OPENSSL_NO_MD4 */ -/* #define OPENSSL_NO_MD5 */ -#define OPENSSL_NO_MDC2 -/* #define OPENSSL_NO_MULTIBLOCK */ -/* #define OPENSSL_NO_NEXTPROTONEG */ -/* #define OPENSSL_NO_OCB */ -/* #define OPENSSL_NO_OCSP */ -/* #define OPENSSL_NO_PADLOCKENG */ -/* #define OPENSSL_NO_PINSHARED */ -/* #define OPENSSL_NO_POLY1305 */ -/* #define OPENSSL_NO_POSIX_IO */ -#define OPENSSL_NO_PSK -#define OPENSSL_NO_QUIC -/* #define OPENSSL_NO_RC2 */ -/* #define OPENSSL_NO_RC4 */ -#define OPENSSL_NO_RC5 -/* #define OPENSSL_NO_RDRAND */ -/* #define OPENSSL_NO_RFC3779 */ -/* #define OPENSSL_NO_RMD160 */ -/* #define OPENSSL_NO_RSA */ -#define OPENSSL_NO_SCRYPT -#define OPENSSL_NO_SCTP -/* #define OPENSSL_NO_SECURE_MEMORY */ -#define OPENSSL_NO_SEED -/* #define OPENSSL_NO_SIPHASH */ -/* #define OPENSSL_NO_SIV */ -/* #define OPENSSL_NO_SM2 */ -/* #define OPENSSL_NO_SM3 */ -/* #define OPENSSL_NO_SM4 */ -/* #define OPENSSL_NO_SOCK */ -#define OPENSSL_NO_SRP -/* #define OPENSSL_NO_SRTP */ -#define OPENSSL_NO_SSL3 -#define OPENSSL_NO_SSL3_METHOD -#define OPENSSL_NO_SSL_TRACE -/* #define OPENSSL_NO_STATIC_ENGINE */ -/* #define OPENSSL_NO_STDIO */ -/* #define OPENSSL_NO_THREAD_POOL */ -/* #define OPENSSL_NO_TLS */ -#define OPENSSL_NO_TLS1 -#define OPENSSL_NO_TLS1_1 -#define OPENSSL_NO_TLS1_METHOD -#define OPENSSL_NO_TLS1_1_METHOD -/* #define OPENSSL_NO_TLS1_2 */ -/* #define OPENSSL_NO_TLS1_2_METHOD */ -#ifndef LIBRESSL_HAS_TLS1_3 -#define OPENSSL_NO_TLS1_3 -#endif -/* #define OPENSSL_NO_TLS1_METHOD */ -/* #define OPENSSL_NO_TRACE */ -/* #define OPENSSL_NO_TS */ -/* #define OPENSSL_NO_UI_CONSOLE */ -/* #define OPENSSL_NO_UNIT_TEST */ -/* #define OPENSSL_NO_UNIX_SOCK */ -/* #define OPENSSL_NO_WEAK_SSL_CIPHERS */ -#define OPENSSL_NO_WHIRLPOOL -/* #define OPENSSL_NO_WINSTORE */ -#define OPENSSL_NO_ZLIB -/* #define OPENSSL_NO_ZSTD */ diff --git a/src/lib/libcrypto/opensslv.h b/src/lib/libcrypto/opensslv.h deleted file mode 100644 index bf06db8bce..0000000000 --- a/src/lib/libcrypto/opensslv.h +++ /dev/null @@ -1,18 +0,0 @@ -/* $OpenBSD: opensslv.h,v 1.80 2025/03/09 15:49:18 tb Exp $ */ -#ifndef HEADER_OPENSSLV_H -#define HEADER_OPENSSLV_H - -/* These will change with each release of LibreSSL-portable */ -#define LIBRESSL_VERSION_NUMBER 0x4010000fL -/* ^ Patch starts here */ -#define LIBRESSL_VERSION_TEXT "LibreSSL 4.1.0" - -/* These will never change */ -#define OPENSSL_VERSION_NUMBER 0x20000000L -#define OPENSSL_VERSION_TEXT LIBRESSL_VERSION_TEXT -#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT - -#define SHLIB_VERSION_HISTORY "" -#define SHLIB_VERSION_NUMBER "1.0.0" - -#endif /* HEADER_OPENSSLV_H */ diff --git a/src/lib/libcrypto/ossl_typ.h b/src/lib/libcrypto/ossl_typ.h deleted file mode 100644 index 2d8e6674d2..0000000000 --- a/src/lib/libcrypto/ossl_typ.h +++ /dev/null @@ -1,181 +0,0 @@ -/* $OpenBSD: ossl_typ.h,v 1.31 2024/05/27 09:12:32 jsg Exp $ */ -/* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_OPENSSL_TYPES_H -#define HEADER_OPENSSL_TYPES_H - -#include - -typedef struct asn1_string_st ASN1_INTEGER; -typedef struct asn1_string_st ASN1_ENUMERATED; -typedef struct asn1_string_st ASN1_BIT_STRING; -typedef struct asn1_string_st ASN1_OCTET_STRING; -typedef struct asn1_string_st ASN1_PRINTABLESTRING; -typedef struct asn1_string_st ASN1_T61STRING; -typedef struct asn1_string_st ASN1_IA5STRING; -typedef struct asn1_string_st ASN1_GENERALSTRING; -typedef struct asn1_string_st ASN1_UNIVERSALSTRING; -typedef struct asn1_string_st ASN1_BMPSTRING; -typedef struct asn1_string_st ASN1_UTCTIME; -typedef struct asn1_string_st ASN1_TIME; -typedef struct asn1_string_st ASN1_GENERALIZEDTIME; -typedef struct asn1_string_st ASN1_VISIBLESTRING; -typedef struct asn1_string_st ASN1_UTF8STRING; -typedef struct asn1_string_st ASN1_STRING; -typedef int ASN1_BOOLEAN; -typedef int ASN1_NULL; - -typedef struct asn1_object_st ASN1_OBJECT; - -typedef struct ASN1_ITEM_st ASN1_ITEM; -typedef struct asn1_pctx_st ASN1_PCTX; - -#ifdef BIGNUM -#undef BIGNUM -#endif -typedef struct bignum_st BIGNUM; -typedef struct bignum_ctx BN_CTX; -typedef struct bn_blinding_st BN_BLINDING; -typedef struct bn_mont_ctx_st BN_MONT_CTX; -typedef struct bn_gencb_st BN_GENCB; - -typedef struct bio_st BIO; -typedef struct buf_mem_st BUF_MEM; - -typedef struct evp_cipher_st EVP_CIPHER; -typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX; -typedef struct evp_md_st EVP_MD; -typedef struct evp_md_ctx_st EVP_MD_CTX; -typedef struct evp_pkey_st EVP_PKEY; - -typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD; - -typedef struct evp_pkey_method_st EVP_PKEY_METHOD; -typedef struct evp_pkey_ctx_st EVP_PKEY_CTX; - -typedef struct evp_Encode_Ctx_st EVP_ENCODE_CTX; - -typedef struct hmac_ctx_st HMAC_CTX; - -typedef struct dh_st DH; -typedef struct dh_method DH_METHOD; - -typedef struct dsa_st DSA; -typedef struct dsa_method DSA_METHOD; - -typedef struct ec_key_st EC_KEY; -typedef struct ec_key_method_st EC_KEY_METHOD; - -typedef struct rsa_st RSA; -typedef struct rsa_meth_st RSA_METHOD; -typedef struct rsa_pss_params_st RSA_PSS_PARAMS; - -typedef struct rand_meth_st RAND_METHOD; - -typedef struct x509_st X509; -typedef struct X509_algor_st X509_ALGOR; -typedef struct X509_crl_st X509_CRL; -typedef struct x509_revoked_st X509_REVOKED; -typedef struct X509_name_st X509_NAME; -typedef struct X509_pubkey_st X509_PUBKEY; -typedef struct x509_store_st X509_STORE; -typedef struct x509_store_ctx_st X509_STORE_CTX; - -typedef struct x509_object_st X509_OBJECT; -typedef struct x509_lookup_st X509_LOOKUP; -typedef struct x509_lookup_method_st X509_LOOKUP_METHOD; -typedef struct X509_VERIFY_PARAM_st X509_VERIFY_PARAM; - -typedef struct pkcs8_priv_key_info_st PKCS8_PRIV_KEY_INFO; - -typedef struct v3_ext_ctx X509V3_CTX; -typedef struct conf_st CONF; - -typedef struct ui_st UI; -typedef struct ui_method_st UI_METHOD; - -typedef struct engine_st ENGINE; -typedef struct ssl_st SSL; -typedef struct ssl_ctx_st SSL_CTX; - -typedef struct AUTHORITY_KEYID_st AUTHORITY_KEYID; -typedef struct DIST_POINT_st DIST_POINT; -typedef struct ISSUING_DIST_POINT_st ISSUING_DIST_POINT; -typedef struct NAME_CONSTRAINTS_st NAME_CONSTRAINTS; - -/* If placed in pkcs12.h, we end up with a circular dependency with pkcs7.h */ -#define DECLARE_PKCS12_STACK_OF(type) /* Nothing */ -#define IMPLEMENT_PKCS12_STACK_OF(type) /* Nothing */ - -typedef struct crypto_ex_data_st CRYPTO_EX_DATA; -/* Callback types for crypto.h */ -typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp); -typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp); -typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, - void *from_d, int idx, long argl, void *argp); - -typedef struct ocsp_req_ctx_st OCSP_REQ_CTX; -typedef struct ocsp_response_st OCSP_RESPONSE; -typedef struct ocsp_responder_id_st OCSP_RESPID; - -typedef struct sct_st SCT; -typedef struct sct_ctx_st SCT_CTX; -typedef struct ctlog_st CTLOG; -typedef struct ctlog_store_st CTLOG_STORE; -typedef struct ct_policy_eval_ctx_st CT_POLICY_EVAL_CTX; - -#endif /* def HEADER_OPENSSL_TYPES_H */ diff --git a/src/lib/libcrypto/pem/message b/src/lib/libcrypto/pem/message deleted file mode 100644 index e8bf9d7592..0000000000 --- a/src/lib/libcrypto/pem/message +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PRIVACY-ENHANCED MESSAGE----- -Proc-Type: 4,ENCRYPTED -Proc-Type: 4,MIC-ONLY -Proc-Type: 4,MIC-CLEAR -Content-Domain: RFC822 -DEK-Info: DES-CBC,0123456789abcdef -Originator-Certificate - xxxx -Issuer-Certificate - xxxx -MIC-Info: RSA-MD5,RSA, - xxxx - - ------END PRIVACY-ENHANCED MESSAGE----- - diff --git a/src/lib/libcrypto/pem/pem.h b/src/lib/libcrypto/pem/pem.h deleted file mode 100644 index 4fdab48bb2..0000000000 --- a/src/lib/libcrypto/pem/pem.h +++ /dev/null @@ -1,546 +0,0 @@ -/* $OpenBSD: pem.h,v 1.28 2024/05/11 05:41:28 tb Exp $ */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_PEM_H -#define HEADER_PEM_H - -#include - -#ifndef OPENSSL_NO_BIO -#include -#endif -#ifndef OPENSSL_NO_STACK -#include -#endif -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#define PEM_BUFSIZE 1024 - -#define PEM_OBJ_UNDEF 0 -#define PEM_OBJ_X509 1 -#define PEM_OBJ_X509_REQ 2 -#define PEM_OBJ_CRL 3 -#define PEM_OBJ_SSL_SESSION 4 -#define PEM_OBJ_PRIV_KEY 10 -#define PEM_OBJ_PRIV_RSA 11 -#define PEM_OBJ_PRIV_DSA 12 -#define PEM_OBJ_PRIV_DH 13 -#define PEM_OBJ_PUB_RSA 14 -#define PEM_OBJ_PUB_DSA 15 -#define PEM_OBJ_PUB_DH 16 -#define PEM_OBJ_DHPARAMS 17 -#define PEM_OBJ_DSAPARAMS 18 -#define PEM_OBJ_PRIV_RSA_PUBLIC 19 -#define PEM_OBJ_PRIV_ECDSA 20 -#define PEM_OBJ_PUB_ECDSA 21 -#define PEM_OBJ_ECPARAMETERS 22 - -#define PEM_ERROR 30 -#define PEM_DEK_DES_CBC 40 -#define PEM_DEK_IDEA_CBC 45 -#define PEM_DEK_DES_EDE 50 -#define PEM_DEK_DES_ECB 60 -#define PEM_DEK_RSA 70 -#define PEM_DEK_RSA_MD2 80 -#define PEM_DEK_RSA_MD5 90 - -#define PEM_MD_MD2 NID_md2 -#define PEM_MD_MD5 NID_md5 -#define PEM_MD_SHA NID_sha -#define PEM_MD_MD2_RSA NID_md2WithRSAEncryption -#define PEM_MD_MD5_RSA NID_md5WithRSAEncryption -#define PEM_MD_SHA_RSA NID_sha1WithRSAEncryption - -#define PEM_STRING_X509_OLD "X509 CERTIFICATE" -#define PEM_STRING_X509 "CERTIFICATE" -#define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE" -#define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST" -#define PEM_STRING_X509_REQ "CERTIFICATE REQUEST" -#define PEM_STRING_X509_CRL "X509 CRL" -#define PEM_STRING_EVP_PKEY "ANY PRIVATE KEY" -#define PEM_STRING_PUBLIC "PUBLIC KEY" -#define PEM_STRING_RSA "RSA PRIVATE KEY" -#define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY" -#define PEM_STRING_DSA "DSA PRIVATE KEY" -#define PEM_STRING_DSA_PUBLIC "DSA PUBLIC KEY" -#define PEM_STRING_PKCS7 "PKCS7" -#define PEM_STRING_PKCS7_SIGNED "PKCS #7 SIGNED DATA" -#define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY" -#define PEM_STRING_PKCS8INF "PRIVATE KEY" -#define PEM_STRING_DHPARAMS "DH PARAMETERS" -#define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS" -#define PEM_STRING_DSAPARAMS "DSA PARAMETERS" -#define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY" -#define PEM_STRING_ECPARAMETERS "EC PARAMETERS" -#define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY" -#define PEM_STRING_PARAMETERS "PARAMETERS" -#define PEM_STRING_CMS "CMS" - -/* enc_type is one off */ -#define PEM_TYPE_ENCRYPTED 10 -#define PEM_TYPE_MIC_ONLY 20 -#define PEM_TYPE_MIC_CLEAR 30 -#define PEM_TYPE_CLEAR 40 - -#ifndef LIBRESSL_INTERNAL -/* These macros make the PEM_read/PEM_write functions easier to maintain and - * write. Now they are all implemented with either: - * IMPLEMENT_PEM_rw(...) or IMPLEMENT_PEM_rw_cb(...) - */ - -#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \ -type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\ -{ \ -return PEM_ASN1_read((d2i_of_void *)d2i_##asn1, str,fp,(void **)x,cb,u); \ -} - -#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \ -int PEM_write_##name(FILE *fp, type *x) \ -{ \ -return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL); \ -} - -#define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \ -int PEM_write_##name(FILE *fp, const type *x) \ -{ \ -return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,(void *)x,NULL,NULL,0,NULL,NULL); \ -} - -#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \ -int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, \ - void *u) \ - { \ - return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \ - } - -#define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \ -int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, \ - void *u) \ - { \ - return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \ - } - - -#define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \ -type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\ -{ \ -return PEM_ASN1_read_bio((d2i_of_void *)d2i_##asn1, str,bp,(void **)x,cb,u); \ -} - -#define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \ -int PEM_write_bio_##name(BIO *bp, type *x) \ -{ \ -return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL); \ -} - -#define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \ -int PEM_write_bio_##name(BIO *bp, const type *x) \ -{ \ -return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,NULL,NULL,0,NULL,NULL); \ -} - -#define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ -int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \ - { \ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,enc,kstr,klen,cb,u); \ - } - -#define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \ -int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \ - { \ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,enc,kstr,klen,cb,u); \ - } - -#define IMPLEMENT_PEM_write(name, type, str, asn1) \ - IMPLEMENT_PEM_write_bio(name, type, str, asn1) \ - IMPLEMENT_PEM_write_fp(name, type, str, asn1) - -#define IMPLEMENT_PEM_write_const(name, type, str, asn1) \ - IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \ - IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) - -#define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \ - IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ - IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) - -#define IMPLEMENT_PEM_write_cb_const(name, type, str, asn1) \ - IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \ - IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) - -#define IMPLEMENT_PEM_read(name, type, str, asn1) \ - IMPLEMENT_PEM_read_bio(name, type, str, asn1) \ - IMPLEMENT_PEM_read_fp(name, type, str, asn1) - -#define IMPLEMENT_PEM_rw(name, type, str, asn1) \ - IMPLEMENT_PEM_read(name, type, str, asn1) \ - IMPLEMENT_PEM_write(name, type, str, asn1) - -#define IMPLEMENT_PEM_rw_const(name, type, str, asn1) \ - IMPLEMENT_PEM_read(name, type, str, asn1) \ - IMPLEMENT_PEM_write_const(name, type, str, asn1) - -#define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \ - IMPLEMENT_PEM_read(name, type, str, asn1) \ - IMPLEMENT_PEM_write_cb(name, type, str, asn1) - -#endif - -/* These are the same except they are for the declarations */ - - -#define DECLARE_PEM_read_fp(name, type) \ - type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u); - -#define DECLARE_PEM_write_fp(name, type) \ - int PEM_write_##name(FILE *fp, type *x); - -#define DECLARE_PEM_write_fp_const(name, type) \ - int PEM_write_##name(FILE *fp, const type *x); - -#define DECLARE_PEM_write_cb_fp(name, type) \ - int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, void *u); - - -#ifndef OPENSSL_NO_BIO -#define DECLARE_PEM_read_bio(name, type) \ - type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u); - -#define DECLARE_PEM_write_bio(name, type) \ - int PEM_write_bio_##name(BIO *bp, type *x); - -#define DECLARE_PEM_write_bio_const(name, type) \ - int PEM_write_bio_##name(BIO *bp, const type *x); - -#define DECLARE_PEM_write_cb_bio(name, type) \ - int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, void *u); - -#else - -#define DECLARE_PEM_read_bio(name, type) /**/ -#define DECLARE_PEM_write_bio(name, type) /**/ -#define DECLARE_PEM_write_bio_const(name, type) /**/ -#define DECLARE_PEM_write_cb_bio(name, type) /**/ - -#endif - -#define DECLARE_PEM_write(name, type) \ - DECLARE_PEM_write_bio(name, type) \ - DECLARE_PEM_write_fp(name, type) - -#define DECLARE_PEM_write_const(name, type) \ - DECLARE_PEM_write_bio_const(name, type) \ - DECLARE_PEM_write_fp_const(name, type) - -#define DECLARE_PEM_write_cb(name, type) \ - DECLARE_PEM_write_cb_bio(name, type) \ - DECLARE_PEM_write_cb_fp(name, type) - -#define DECLARE_PEM_read(name, type) \ - DECLARE_PEM_read_bio(name, type) \ - DECLARE_PEM_read_fp(name, type) - -#define DECLARE_PEM_rw(name, type) \ - DECLARE_PEM_read(name, type) \ - DECLARE_PEM_write(name, type) - -#define DECLARE_PEM_rw_const(name, type) \ - DECLARE_PEM_read(name, type) \ - DECLARE_PEM_write_const(name, type) - -#define DECLARE_PEM_rw_cb(name, type) \ - DECLARE_PEM_read(name, type) \ - DECLARE_PEM_write_cb(name, type) - -typedef int pem_password_cb(char *buf, int size, int rwflag, void *userdata); - -int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher); -int PEM_do_header (EVP_CIPHER_INFO *cipher, unsigned char *data, long *len, - pem_password_cb *callback, void *u); - -#ifndef OPENSSL_NO_BIO -int PEM_read_bio(BIO *bp, char **name, char **header, - unsigned char **data, long *len); -int PEM_write_bio(BIO *bp, const char *name, const char *hdr, - const unsigned char *data, long len); -int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, - const char *name, BIO *bp, pem_password_cb *cb, void *u); -void * PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, - void **x, pem_password_cb *cb, void *u); -int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x, - const EVP_CIPHER *enc, unsigned char *kstr, int klen, - pem_password_cb *cb, void *u); - -STACK_OF(X509_INFO) * PEM_X509_INFO_read_bio(BIO *bp, - STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u); -int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, - unsigned char *kstr, int klen, pem_password_cb *cd, void *u); -#endif - -int PEM_read(FILE *fp, char **name, char **header, - unsigned char **data, long *len); -int PEM_write(FILE *fp, const char *name, const char *hdr, - const unsigned char *data, long len); -void * PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x, - pem_password_cb *cb, void *u); -int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp, - void *x, const EVP_CIPHER *enc, unsigned char *kstr, - int klen, pem_password_cb *callback, void *u); -STACK_OF(X509_INFO) * PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, - pem_password_cb *cb, void *u); - -int PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type); -int PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *d, unsigned int cnt); -int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, - unsigned int *siglen, EVP_PKEY *pkey); - -int PEM_def_callback(char *buf, int num, int w, void *key); -void PEM_proc_type(char *buf, int type); -void PEM_dek_info(char *buf, const char *type, int len, char *str); - - -DECLARE_PEM_rw(X509, X509) - -DECLARE_PEM_rw(X509_AUX, X509) - -DECLARE_PEM_rw(X509_REQ, X509_REQ) -DECLARE_PEM_write(X509_REQ_NEW, X509_REQ) - -DECLARE_PEM_rw(X509_CRL, X509_CRL) - -DECLARE_PEM_rw(PKCS7, PKCS7) - -DECLARE_PEM_rw(PKCS8, X509_SIG) - -DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO) - -#ifndef OPENSSL_NO_RSA - -DECLARE_PEM_rw_cb(RSAPrivateKey, RSA) - -DECLARE_PEM_rw_const(RSAPublicKey, RSA) -DECLARE_PEM_rw(RSA_PUBKEY, RSA) - -#endif - -#ifndef OPENSSL_NO_DSA - -DECLARE_PEM_rw_cb(DSAPrivateKey, DSA) - -DECLARE_PEM_rw(DSA_PUBKEY, DSA) - -DECLARE_PEM_rw_const(DSAparams, DSA) - -#endif - -#ifndef OPENSSL_NO_EC -DECLARE_PEM_rw_const(ECPKParameters, EC_GROUP) -DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY) -DECLARE_PEM_rw(EC_PUBKEY, EC_KEY) -#endif - -#ifndef OPENSSL_NO_DH - -DECLARE_PEM_rw_const(DHparams, DH) - -#endif - -DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY) - -DECLARE_PEM_rw(PUBKEY, EVP_PKEY) - -int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x, - const EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *cb, - void *u); -int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid, - char *kstr, int klen, - pem_password_cb *cb, void *u); -int PEM_write_bio_PKCS8PrivateKey(BIO *, EVP_PKEY *, const EVP_CIPHER *, - char *, int, pem_password_cb *, void *); -int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, - char *kstr, int klen, - pem_password_cb *cb, void *u); -int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid, - char *kstr, int klen, - pem_password_cb *cb, void *u); -EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, - void *u); - -int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, - char *kstr, int klen, - pem_password_cb *cb, void *u); -int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid, - char *kstr, int klen, - pem_password_cb *cb, void *u); -int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid, - char *kstr, int klen, - pem_password_cb *cb, void *u); - -EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, - void *u); - -int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, - char *kstr, int klen, pem_password_cb *cd, void *u); - -EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x); -int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x); - - -EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length); -EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length); -EVP_PKEY *b2i_PrivateKey_bio(BIO *in); -EVP_PKEY *b2i_PublicKey_bio(BIO *in); -int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk); -int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk); -#ifndef OPENSSL_NO_RC4 -EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u); -int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel, pem_password_cb *cb, - void *u); -#endif - - -void ERR_load_PEM_strings(void); - -/* Error codes for the PEM functions. */ - -/* Function codes. */ -#define PEM_F_B2I_DSS 127 -#define PEM_F_B2I_PVK_BIO 128 -#define PEM_F_B2I_RSA 129 -#define PEM_F_CHECK_BITLEN_DSA 130 -#define PEM_F_CHECK_BITLEN_RSA 131 -#define PEM_F_D2I_PKCS8PRIVATEKEY_BIO 120 -#define PEM_F_D2I_PKCS8PRIVATEKEY_FP 121 -#define PEM_F_DO_B2I 132 -#define PEM_F_DO_B2I_BIO 133 -#define PEM_F_DO_BLOB_HEADER 134 -#define PEM_F_DO_PK8PKEY 126 -#define PEM_F_DO_PK8PKEY_FP 125 -#define PEM_F_DO_PVK_BODY 135 -#define PEM_F_DO_PVK_HEADER 136 -#define PEM_F_I2B_PVK 137 -#define PEM_F_I2B_PVK_BIO 138 -#define PEM_F_LOAD_IV 101 -#define PEM_F_PEM_ASN1_READ 102 -#define PEM_F_PEM_ASN1_READ_BIO 103 -#define PEM_F_PEM_ASN1_WRITE 104 -#define PEM_F_PEM_ASN1_WRITE_BIO 105 -#define PEM_F_PEM_DEF_CALLBACK 100 -#define PEM_F_PEM_DO_HEADER 106 -#define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY 118 -#define PEM_F_PEM_GET_EVP_CIPHER_INFO 107 -#define PEM_F_PEM_PK8PKEY 119 -#define PEM_F_PEM_READ 108 -#define PEM_F_PEM_READ_BIO 109 -#define PEM_F_PEM_READ_BIO_PARAMETERS 140 -#define PEM_F_PEM_READ_BIO_PRIVATEKEY 123 -#define PEM_F_PEM_READ_PRIVATEKEY 124 -#define PEM_F_PEM_SEALFINAL 110 -#define PEM_F_PEM_SEALINIT 111 -#define PEM_F_PEM_SIGNFINAL 112 -#define PEM_F_PEM_WRITE 113 -#define PEM_F_PEM_WRITE_BIO 114 -#define PEM_F_PEM_WRITE_PRIVATEKEY 139 -#define PEM_F_PEM_X509_INFO_READ 115 -#define PEM_F_PEM_X509_INFO_READ_BIO 116 -#define PEM_F_PEM_X509_INFO_WRITE_BIO 117 - -/* Reason codes. */ -#define PEM_R_BAD_BASE64_DECODE 100 -#define PEM_R_BAD_DECRYPT 101 -#define PEM_R_BAD_END_LINE 102 -#define PEM_R_BAD_IV_CHARS 103 -#define PEM_R_BAD_MAGIC_NUMBER 116 -#define PEM_R_BAD_PASSWORD_READ 104 -#define PEM_R_BAD_VERSION_NUMBER 117 -#define PEM_R_BIO_WRITE_FAILURE 118 -#define PEM_R_CIPHER_IS_NULL 127 -#define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115 -#define PEM_R_EXPECTING_PRIVATE_KEY_BLOB 119 -#define PEM_R_EXPECTING_PUBLIC_KEY_BLOB 120 -#define PEM_R_INCONSISTENT_HEADER 121 -#define PEM_R_KEYBLOB_HEADER_PARSE_ERROR 122 -#define PEM_R_KEYBLOB_TOO_SHORT 123 -#define PEM_R_NOT_DEK_INFO 105 -#define PEM_R_NOT_ENCRYPTED 106 -#define PEM_R_NOT_PROC_TYPE 107 -#define PEM_R_NO_START_LINE 108 -#define PEM_R_PROBLEMS_GETTING_PASSWORD 109 -#define PEM_R_PUBLIC_KEY_NO_RSA 110 -#define PEM_R_PVK_DATA_TOO_SHORT 124 -#define PEM_R_PVK_TOO_SHORT 125 -#define PEM_R_READ_KEY 111 -#define PEM_R_SHORT_HEADER 112 -#define PEM_R_UNSUPPORTED_CIPHER 113 -#define PEM_R_UNSUPPORTED_ENCRYPTION 114 -#define PEM_R_UNSUPPORTED_KEY_COMPONENTS 126 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/pem/pem_all.c b/src/lib/libcrypto/pem/pem_all.c deleted file mode 100644 index 21e325b9f1..0000000000 --- a/src/lib/libcrypto/pem/pem_all.c +++ /dev/null @@ -1,704 +0,0 @@ -/* $OpenBSD: pem_all.c,v 1.21 2023/07/07 13:40:44 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include -#include -#include -#include - -#ifndef OPENSSL_NO_DH -#include -#endif -#ifndef OPENSSL_NO_DSA -#include -#endif -#ifndef OPENSSL_NO_RSA -#include -#endif - -#ifndef OPENSSL_NO_RSA -static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa); -#endif -#ifndef OPENSSL_NO_DSA -static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa); -#endif - -#ifndef OPENSSL_NO_EC -static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey); -#endif - - -X509_REQ * -PEM_read_X509_REQ(FILE *fp, X509_REQ **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read((d2i_of_void *)d2i_X509_REQ, PEM_STRING_X509_REQ, fp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_X509_REQ); - -int -PEM_write_X509_REQ(FILE *fp, X509_REQ *x) -{ - return PEM_ASN1_write((i2d_of_void *)i2d_X509_REQ, PEM_STRING_X509_REQ, fp, - x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_X509_REQ); - -X509_REQ * -PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read_bio((d2i_of_void *)d2i_X509_REQ, PEM_STRING_X509_REQ, bp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_bio_X509_REQ); - -int -PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x) -{ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_X509_REQ, PEM_STRING_X509_REQ, bp, - x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_bio_X509_REQ); - -int -PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x) -{ - return PEM_ASN1_write((i2d_of_void *)i2d_X509_REQ, PEM_STRING_X509_REQ_OLD, fp, - x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_X509_REQ_NEW); - -int -PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x) -{ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_X509_REQ, PEM_STRING_X509_REQ_OLD, bp, - x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_bio_X509_REQ_NEW); - -X509_CRL * -PEM_read_X509_CRL(FILE *fp, X509_CRL **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read((d2i_of_void *)d2i_X509_CRL, PEM_STRING_X509_CRL, fp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_X509_CRL); - -int -PEM_write_X509_CRL(FILE *fp, X509_CRL *x) -{ - return PEM_ASN1_write((i2d_of_void *)i2d_X509_CRL, PEM_STRING_X509_CRL, fp, - x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_X509_CRL); - -X509_CRL * -PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read_bio((d2i_of_void *)d2i_X509_CRL, PEM_STRING_X509_CRL, bp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_bio_X509_CRL); - -int -PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x) -{ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_X509_CRL, PEM_STRING_X509_CRL, bp, - x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_bio_X509_CRL); - -PKCS7 * -PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read((d2i_of_void *)d2i_PKCS7, PEM_STRING_PKCS7, fp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_PKCS7); - -int -PEM_write_PKCS7(FILE *fp, PKCS7 *x) -{ - return PEM_ASN1_write((i2d_of_void *)i2d_PKCS7, PEM_STRING_PKCS7, fp, - x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_PKCS7); - -PKCS7 * -PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read_bio((d2i_of_void *)d2i_PKCS7, PEM_STRING_PKCS7, bp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_bio_PKCS7); - -int -PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x) -{ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_PKCS7, PEM_STRING_PKCS7, bp, - x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_bio_PKCS7); - -#ifndef OPENSSL_NO_RSA - -/* We treat RSA or DSA private keys as a special case. - * - * For private keys we read in an EVP_PKEY structure with - * PEM_read_bio_PrivateKey() and extract the relevant private - * key: this means can handle "traditional" and PKCS#8 formats - * transparently. - */ - -static RSA * -pkey_get_rsa(EVP_PKEY *key, RSA **rsa) -{ - RSA *rtmp; - - if (!key) - return NULL; - rtmp = EVP_PKEY_get1_RSA(key); - EVP_PKEY_free(key); - if (!rtmp) - return NULL; - if (rsa) { - RSA_free(*rsa); - *rsa = rtmp; - } - return rtmp; -} - -RSA * -PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, void *u) -{ - EVP_PKEY *pktmp; - - pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); - return pkey_get_rsa(pktmp, rsa); -} -LCRYPTO_ALIAS(PEM_read_RSAPrivateKey); - -int -PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_write((i2d_of_void *)i2d_RSAPrivateKey, PEM_STRING_RSA, fp, - x, enc, kstr, klen, cb, u); -} -LCRYPTO_ALIAS(PEM_write_RSAPrivateKey); - -RSA * -PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **rsa, pem_password_cb *cb, void *u) -{ - EVP_PKEY *pktmp; - - pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u); - return pkey_get_rsa(pktmp, rsa); -} -LCRYPTO_ALIAS(PEM_read_bio_RSAPrivateKey); - -int -PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, - const EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *cb, - void *u) -{ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_RSAPrivateKey, PEM_STRING_RSA, bp, - x, enc, kstr, klen, cb, u); -} -LCRYPTO_ALIAS(PEM_write_bio_RSAPrivateKey); - -RSA * -PEM_read_RSAPublicKey(FILE *fp, RSA **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read((d2i_of_void *)d2i_RSAPublicKey, PEM_STRING_RSA_PUBLIC, fp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_RSAPublicKey); - -int -PEM_write_RSAPublicKey(FILE *fp, const RSA *x) -{ - return PEM_ASN1_write((i2d_of_void *)i2d_RSAPublicKey, PEM_STRING_RSA_PUBLIC, fp, - (void *)x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_RSAPublicKey); - -RSA * -PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read_bio((d2i_of_void *)d2i_RSAPublicKey, PEM_STRING_RSA_PUBLIC, bp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_bio_RSAPublicKey); - -int -PEM_write_bio_RSAPublicKey(BIO *bp, const RSA *x) -{ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_RSAPublicKey, PEM_STRING_RSA_PUBLIC, bp, - (void *)x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_bio_RSAPublicKey); - -RSA * -PEM_read_RSA_PUBKEY(FILE *fp, RSA **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read((d2i_of_void *)d2i_RSA_PUBKEY, PEM_STRING_PUBLIC, fp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_RSA_PUBKEY); - -int -PEM_write_RSA_PUBKEY(FILE *fp, RSA *x) -{ - return PEM_ASN1_write((i2d_of_void *)i2d_RSA_PUBKEY, PEM_STRING_PUBLIC, fp, - x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_RSA_PUBKEY); - -RSA * -PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read_bio((d2i_of_void *)d2i_RSA_PUBKEY, PEM_STRING_PUBLIC, bp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_bio_RSA_PUBKEY); - -int -PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x) -{ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_RSA_PUBKEY, PEM_STRING_PUBLIC, bp, - x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_bio_RSA_PUBKEY); - -#endif - -#ifndef OPENSSL_NO_DSA - -static DSA * -pkey_get_dsa(EVP_PKEY *key, DSA **dsa) -{ - DSA *dtmp; - - if (!key) - return NULL; - dtmp = EVP_PKEY_get1_DSA(key); - EVP_PKEY_free(key); - if (!dtmp) - return NULL; - if (dsa) { - DSA_free(*dsa); - *dsa = dtmp; - } - return dtmp; -} - -DSA * -PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb, void *u) -{ - EVP_PKEY *pktmp; - - pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); - return pkey_get_dsa(pktmp, dsa); /* will free pktmp */ -} -LCRYPTO_ALIAS(PEM_read_DSAPrivateKey); - -int -PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_write((i2d_of_void *)i2d_DSAPrivateKey, PEM_STRING_DSA, fp, - x, enc, kstr, klen, cb, u); -} -LCRYPTO_ALIAS(PEM_write_DSAPrivateKey); - -DSA * -PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb, void *u) -{ - EVP_PKEY *pktmp; - - pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u); - return pkey_get_dsa(pktmp, dsa); /* will free pktmp */ -} -LCRYPTO_ALIAS(PEM_read_bio_DSAPrivateKey); - -int -PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, - const EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *cb, - void *u) -{ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_DSAPrivateKey, PEM_STRING_DSA, bp, - x, enc, kstr, klen, cb, u); -} -LCRYPTO_ALIAS(PEM_write_bio_DSAPrivateKey); - -DSA * -PEM_read_DSA_PUBKEY(FILE *fp, DSA **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read((d2i_of_void *)d2i_DSA_PUBKEY, PEM_STRING_PUBLIC, fp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_DSA_PUBKEY); - -int -PEM_write_DSA_PUBKEY(FILE *fp, DSA *x) -{ - return PEM_ASN1_write((i2d_of_void *)i2d_DSA_PUBKEY, PEM_STRING_PUBLIC, fp, - x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_DSA_PUBKEY); - -int -PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x) -{ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_DSA_PUBKEY, PEM_STRING_PUBLIC, bp, - x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_bio_DSA_PUBKEY); - -DSA * -PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read_bio((d2i_of_void *)d2i_DSA_PUBKEY, PEM_STRING_PUBLIC, bp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_bio_DSA_PUBKEY); - -DSA * -PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read((d2i_of_void *)d2i_DSAparams, PEM_STRING_DSAPARAMS, fp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_DSAparams); - -int -PEM_write_DSAparams(FILE *fp, const DSA *x) -{ - return PEM_ASN1_write((i2d_of_void *)i2d_DSAparams, PEM_STRING_DSAPARAMS, fp, - (void *)x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_DSAparams); - -DSA * -PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read_bio((d2i_of_void *)d2i_DSAparams, PEM_STRING_DSAPARAMS, bp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_bio_DSAparams); - -int -PEM_write_bio_DSAparams(BIO *bp, const DSA *x) -{ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_DSAparams, PEM_STRING_DSAPARAMS, bp, - (void *)x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_bio_DSAparams); - -#endif - - -#ifndef OPENSSL_NO_EC -static EC_KEY * -pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey) -{ - EC_KEY *dtmp; - - if (!key) - return NULL; - dtmp = EVP_PKEY_get1_EC_KEY(key); - EVP_PKEY_free(key); - if (!dtmp) - return NULL; - if (eckey) { - EC_KEY_free(*eckey); - *eckey = dtmp; - } - return dtmp; -} - -EC_GROUP * -PEM_read_ECPKParameters(FILE *fp, EC_GROUP **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read((d2i_of_void *)d2i_ECPKParameters, PEM_STRING_ECPARAMETERS, fp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_ECPKParameters); - -int -PEM_write_ECPKParameters(FILE *fp, const EC_GROUP *x) -{ - return PEM_ASN1_write((i2d_of_void *)i2d_ECPKParameters, PEM_STRING_ECPARAMETERS, fp, - (void *)x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_ECPKParameters); - -EC_GROUP * -PEM_read_bio_ECPKParameters(BIO *bp, EC_GROUP **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read_bio((d2i_of_void *)d2i_ECPKParameters, PEM_STRING_ECPARAMETERS, bp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_bio_ECPKParameters); - -int -PEM_write_bio_ECPKParameters(BIO *bp, const EC_GROUP *x) -{ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_ECPKParameters, PEM_STRING_ECPARAMETERS, bp, - (void *)x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_bio_ECPKParameters); - -EC_KEY * -PEM_read_ECPrivateKey(FILE *fp, EC_KEY **eckey, pem_password_cb *cb, void *u) -{ - EVP_PKEY *pktmp; - - pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); - return pkey_get_eckey(pktmp, eckey); /* will free pktmp */ -} -LCRYPTO_ALIAS(PEM_read_ECPrivateKey); - -int -PEM_write_ECPrivateKey(FILE *fp, EC_KEY *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_write((i2d_of_void *)i2d_ECPrivateKey, PEM_STRING_ECPRIVATEKEY, fp, - x, enc, kstr, klen, cb, u); -} -LCRYPTO_ALIAS(PEM_write_ECPrivateKey); - -EC_KEY * -PEM_read_bio_ECPrivateKey(BIO *bp, EC_KEY **key, pem_password_cb *cb, void *u) -{ - EVP_PKEY *pktmp; - pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u); - return pkey_get_eckey(pktmp, key); /* will free pktmp */ -} -LCRYPTO_ALIAS(PEM_read_bio_ECPrivateKey); - -int -PEM_write_bio_ECPrivateKey(BIO *bp, EC_KEY *x, - const EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *cb, - void *u) -{ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_ECPrivateKey, PEM_STRING_ECPRIVATEKEY, bp, - x, enc, kstr, klen, cb, u); -} -LCRYPTO_ALIAS(PEM_write_bio_ECPrivateKey); - -EC_KEY * -PEM_read_EC_PUBKEY(FILE *fp, EC_KEY **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read((d2i_of_void *)d2i_EC_PUBKEY, PEM_STRING_PUBLIC, fp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_EC_PUBKEY); - -int -PEM_write_EC_PUBKEY(FILE *fp, EC_KEY *x) -{ - return PEM_ASN1_write((i2d_of_void *)i2d_EC_PUBKEY, PEM_STRING_PUBLIC, fp, - x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_EC_PUBKEY); - -EC_KEY * -PEM_read_bio_EC_PUBKEY(BIO *bp, EC_KEY **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read_bio((d2i_of_void *)d2i_EC_PUBKEY, PEM_STRING_PUBLIC, bp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_bio_EC_PUBKEY); - -int -PEM_write_bio_EC_PUBKEY(BIO *bp, EC_KEY *x) -{ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_EC_PUBKEY, PEM_STRING_PUBLIC, bp, - x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_bio_EC_PUBKEY); - -#endif - -#ifndef OPENSSL_NO_DH - -DH * -PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read((d2i_of_void *)d2i_DHparams, PEM_STRING_DHPARAMS, fp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_DHparams); - -int -PEM_write_DHparams(FILE *fp, const DH *x) -{ - return PEM_ASN1_write((i2d_of_void *)i2d_DHparams, PEM_STRING_DHPARAMS, fp, - (void *)x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_DHparams); - -DH * -PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read_bio((d2i_of_void *)d2i_DHparams, PEM_STRING_DHPARAMS, bp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_bio_DHparams); - -int -PEM_write_bio_DHparams(BIO *bp, const DH *x) -{ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_DHparams, PEM_STRING_DHPARAMS, bp, - (void *)x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_bio_DHparams); - -#endif - -EVP_PKEY * -PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read((d2i_of_void *)d2i_PUBKEY, PEM_STRING_PUBLIC, fp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_PUBKEY); - -int -PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x) -{ - return PEM_ASN1_write((i2d_of_void *)i2d_PUBKEY, PEM_STRING_PUBLIC, fp, - x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_PUBKEY); - -EVP_PKEY * -PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read_bio((d2i_of_void *)d2i_PUBKEY, PEM_STRING_PUBLIC, bp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_bio_PUBKEY); - -int -PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x) -{ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_PUBKEY, PEM_STRING_PUBLIC, bp, - x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_bio_PUBKEY); diff --git a/src/lib/libcrypto/pem/pem_err.c b/src/lib/libcrypto/pem/pem_err.c deleted file mode 100644 index 05025c8ee0..0000000000 --- a/src/lib/libcrypto/pem/pem_err.c +++ /dev/null @@ -1,119 +0,0 @@ -/* $OpenBSD: pem_err.c,v 1.15 2024/06/24 06:43:22 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include - -#include "err_local.h" - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_PEM,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_PEM,0,reason) - -static const ERR_STRING_DATA PEM_str_functs[] = { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static const ERR_STRING_DATA PEM_str_reasons[] = { - {ERR_REASON(PEM_R_BAD_BASE64_DECODE) , "bad base64 decode"}, - {ERR_REASON(PEM_R_BAD_DECRYPT) , "bad decrypt"}, - {ERR_REASON(PEM_R_BAD_END_LINE) , "bad end line"}, - {ERR_REASON(PEM_R_BAD_IV_CHARS) , "bad iv chars"}, - {ERR_REASON(PEM_R_BAD_MAGIC_NUMBER) , "bad magic number"}, - {ERR_REASON(PEM_R_BAD_PASSWORD_READ) , "bad password read"}, - {ERR_REASON(PEM_R_BAD_VERSION_NUMBER) , "bad version number"}, - {ERR_REASON(PEM_R_BIO_WRITE_FAILURE) , "bio write failure"}, - {ERR_REASON(PEM_R_CIPHER_IS_NULL) , "cipher is null"}, - {ERR_REASON(PEM_R_ERROR_CONVERTING_PRIVATE_KEY), "error converting private key"}, - {ERR_REASON(PEM_R_EXPECTING_PRIVATE_KEY_BLOB), "expecting private key blob"}, - {ERR_REASON(PEM_R_EXPECTING_PUBLIC_KEY_BLOB), "expecting public key blob"}, - {ERR_REASON(PEM_R_INCONSISTENT_HEADER) , "inconsistent header"}, - {ERR_REASON(PEM_R_KEYBLOB_HEADER_PARSE_ERROR), "keyblob header parse error"}, - {ERR_REASON(PEM_R_KEYBLOB_TOO_SHORT) , "keyblob too short"}, - {ERR_REASON(PEM_R_NOT_DEK_INFO) , "not dek info"}, - {ERR_REASON(PEM_R_NOT_ENCRYPTED) , "not encrypted"}, - {ERR_REASON(PEM_R_NOT_PROC_TYPE) , "not proc type"}, - {ERR_REASON(PEM_R_NO_START_LINE) , "no start line"}, - {ERR_REASON(PEM_R_PROBLEMS_GETTING_PASSWORD), "problems getting password"}, - {ERR_REASON(PEM_R_PUBLIC_KEY_NO_RSA) , "public key no rsa"}, - {ERR_REASON(PEM_R_PVK_DATA_TOO_SHORT) , "pvk data too short"}, - {ERR_REASON(PEM_R_PVK_TOO_SHORT) , "pvk too short"}, - {ERR_REASON(PEM_R_READ_KEY) , "read key"}, - {ERR_REASON(PEM_R_SHORT_HEADER) , "short header"}, - {ERR_REASON(PEM_R_UNSUPPORTED_CIPHER) , "unsupported cipher"}, - {ERR_REASON(PEM_R_UNSUPPORTED_ENCRYPTION), "unsupported encryption"}, - {ERR_REASON(PEM_R_UNSUPPORTED_KEY_COMPONENTS), "unsupported key components"}, - {0, NULL} -}; - -#endif - -void -ERR_load_PEM_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(PEM_str_functs[0].error) == NULL) { - ERR_load_const_strings(PEM_str_functs); - ERR_load_const_strings(PEM_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_PEM_strings); diff --git a/src/lib/libcrypto/pem/pem_info.c b/src/lib/libcrypto/pem/pem_info.c deleted file mode 100644 index b979c79b33..0000000000 --- a/src/lib/libcrypto/pem/pem_info.c +++ /dev/null @@ -1,387 +0,0 @@ -/* $OpenBSD: pem_info.c,v 1.27 2023/07/07 13:40:44 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include - -#include -#include -#include -#include -#include -#include - -#ifndef OPENSSL_NO_DSA -#include -#endif -#ifndef OPENSSL_NO_RSA -#include -#endif - -#include "evp_local.h" - -STACK_OF(X509_INFO) * -PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, - void *u) -{ - BIO *b; - STACK_OF(X509_INFO) *ret; - - if ((b = BIO_new(BIO_s_file())) == NULL) { - PEMerror(ERR_R_BUF_LIB); - return (0); - } - BIO_set_fp(b, fp, BIO_NOCLOSE); - ret = PEM_X509_INFO_read_bio(b, sk, cb, u); - BIO_free(b); - return (ret); -} -LCRYPTO_ALIAS(PEM_X509_INFO_read); - -STACK_OF(X509_INFO) * -PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, - void *u) -{ - X509_INFO *xi = NULL; - char *name = NULL, *header = NULL; - void *pp; - unsigned char *data = NULL; - const unsigned char *p; - long len; - int ok = 0; - int num_in, ptype, raw; - STACK_OF(X509_INFO) *ret = sk; - d2i_of_void *d2i = NULL; - - if (ret == NULL) { - if ((ret = sk_X509_INFO_new_null()) == NULL) { - PEMerror(ERR_R_MALLOC_FAILURE); - return NULL; - } - } - num_in = sk_X509_INFO_num(ret); - - if ((xi = X509_INFO_new()) == NULL) - goto err; - for (;;) { - raw = 0; - ptype = 0; - if (!PEM_read_bio(bp, &name, &header, &data, &len)) { - if (ERR_GET_REASON(ERR_peek_last_error()) == - PEM_R_NO_START_LINE) { - ERR_clear_error(); - break; - } - goto err; - } - if ((strcmp(name, PEM_STRING_X509) == 0) || - (strcmp(name, PEM_STRING_X509_OLD) == 0)) { - d2i = (D2I_OF(void))d2i_X509; - if (xi->x509 != NULL) { - if (!sk_X509_INFO_push(ret, xi)) - goto err; - if ((xi = X509_INFO_new()) == NULL) - goto err; - } - pp = &(xi->x509); - } else if ((strcmp(name, PEM_STRING_X509_TRUSTED) == 0)) { - d2i = (D2I_OF(void))d2i_X509_AUX; - if (xi->x509 != NULL) { - if (!sk_X509_INFO_push(ret, xi)) - goto err; - if ((xi = X509_INFO_new()) == NULL) - goto err; - } - pp = &(xi->x509); - } else if (strcmp(name, PEM_STRING_X509_CRL) == 0) { - d2i = (D2I_OF(void))d2i_X509_CRL; - if (xi->crl != NULL) { - if (!sk_X509_INFO_push(ret, xi)) - goto err; - if ((xi = X509_INFO_new()) == NULL) - goto err; - } - pp = &(xi->crl); - } else -#ifndef OPENSSL_NO_RSA - if (strcmp(name, PEM_STRING_RSA) == 0) { - d2i = (D2I_OF(void))d2i_RSAPrivateKey; - if (xi->x_pkey != NULL) { - if (!sk_X509_INFO_push(ret, xi)) - goto err; - if ((xi = X509_INFO_new()) == NULL) - goto err; - } - xi->enc_data = NULL; - xi->enc_len = 0; - xi->x_pkey = X509_PKEY_new(); - if (xi->x_pkey == NULL) - goto err; - ptype = EVP_PKEY_RSA; - pp = &xi->x_pkey->dec_pkey; - if (strlen(header) > 10) /* assume encrypted */ - raw = 1; - } else -#endif -#ifndef OPENSSL_NO_DSA - if (strcmp(name, PEM_STRING_DSA) == 0) { - d2i = (D2I_OF(void))d2i_DSAPrivateKey; - if (xi->x_pkey != NULL) { - if (!sk_X509_INFO_push(ret, xi)) - goto err; - if ((xi = X509_INFO_new()) == NULL) - goto err; - } - xi->enc_data = NULL; - xi->enc_len = 0; - xi->x_pkey = X509_PKEY_new(); - if (xi->x_pkey == NULL) - goto err; - ptype = EVP_PKEY_DSA; - pp = &xi->x_pkey->dec_pkey; - if (strlen(header) > 10) /* assume encrypted */ - raw = 1; - } else -#endif -#ifndef OPENSSL_NO_EC - if (strcmp(name, PEM_STRING_ECPRIVATEKEY) == 0) { - d2i = (D2I_OF(void))d2i_ECPrivateKey; - if (xi->x_pkey != NULL) { - if (!sk_X509_INFO_push(ret, xi)) - goto err; - if ((xi = X509_INFO_new()) == NULL) - goto err; - } - xi->enc_data = NULL; - xi->enc_len = 0; - xi->x_pkey = X509_PKEY_new(); - if (xi->x_pkey == NULL) - goto err; - ptype = EVP_PKEY_EC; - pp = &xi->x_pkey->dec_pkey; - if (strlen(header) > 10) /* assume encrypted */ - raw = 1; - } else -#endif - { - d2i = NULL; - pp = NULL; - } - - if (d2i != NULL) { - if (!raw) { - EVP_CIPHER_INFO cipher; - - if (!PEM_get_EVP_CIPHER_INFO(header, &cipher)) - goto err; - if (!PEM_do_header(&cipher, data, &len, cb, u)) - goto err; - p = data; - if (ptype) { - if (!d2i_PrivateKey(ptype, pp, &p, - len)) { - PEMerror(ERR_R_ASN1_LIB); - goto err; - } - } else if (d2i(pp, &p, len) == NULL) { - PEMerror(ERR_R_ASN1_LIB); - goto err; - } - } else { /* encrypted RSA data */ - if (!PEM_get_EVP_CIPHER_INFO(header, - &xi->enc_cipher)) - goto err; - xi->enc_data = (char *)data; - xi->enc_len = (int)len; - data = NULL; - } - } else { - /* unknown */ - } - free(name); - free(header); - free(data); - name = NULL; - header = NULL; - data = NULL; - } - - /* if the last one hasn't been pushed yet and there is anything - * in it then add it to the stack ... - */ - if ((xi->x509 != NULL) || (xi->crl != NULL) || - (xi->x_pkey != NULL) || (xi->enc_data != NULL)) { - if (!sk_X509_INFO_push(ret, xi)) - goto err; - xi = NULL; - } - ok = 1; - -err: - if (!ok) { - while (sk_X509_INFO_num(ret) > num_in) - X509_INFO_free(sk_X509_INFO_pop(ret)); - if (ret != sk) - sk_X509_INFO_free(ret); - ret = NULL; - } - X509_INFO_free(xi); - free(name); - free(header); - free(data); - - return ret; -} -LCRYPTO_ALIAS(PEM_X509_INFO_read_bio); - - -/* A TJH addition */ -int -PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, - unsigned char *kstr, int klen, pem_password_cb *cb, void *u) -{ - EVP_CIPHER_CTX ctx; - int i, ret = 0; - unsigned char *data = NULL; - const char *objstr = NULL; - char buf[PEM_BUFSIZE]; - unsigned char *iv = NULL; - - if (enc != NULL) { - objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc)); - if (objstr == NULL) { - PEMerror(PEM_R_UNSUPPORTED_CIPHER); - goto err; - } - } - - /* now for the fun part ... if we have a private key then - * we have to be able to handle a not-yet-decrypted key - * being written out correctly ... if it is decrypted or - * it is non-encrypted then we use the base code - */ - if (xi->x_pkey != NULL) { - if ((xi->enc_data != NULL) && (xi->enc_len > 0) ) { - if (enc == NULL) { - PEMerror(PEM_R_CIPHER_IS_NULL); - goto err; - } - - /* copy from weirdo names into more normal things */ - iv = xi->enc_cipher.iv; - data = (unsigned char *)xi->enc_data; - i = xi->enc_len; - - /* we take the encryption data from the - * internal stuff rather than what the - * user has passed us ... as we have to - * match exactly for some strange reason - */ - objstr = OBJ_nid2sn( - EVP_CIPHER_nid(xi->enc_cipher.cipher)); - if (objstr == NULL) { - PEMerror(PEM_R_UNSUPPORTED_CIPHER); - goto err; - } - - /* create the right magic header stuff */ - if (strlen(objstr) + 23 + 2 * enc->iv_len + 13 > - sizeof buf) { - PEMerror(ASN1_R_BUFFER_TOO_SMALL); - goto err; - } - buf[0] = '\0'; - PEM_proc_type(buf, PEM_TYPE_ENCRYPTED); - PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv); - - /* use the normal code to write things out */ - i = PEM_write_bio(bp, PEM_STRING_RSA, buf, data, i); - if (i <= 0) - goto err; - } else { - /* Add DSA/DH */ -#ifndef OPENSSL_NO_RSA - /* normal optionally encrypted stuff */ - if (PEM_write_bio_RSAPrivateKey(bp, - xi->x_pkey->dec_pkey->pkey.rsa, - enc, kstr, klen, cb, u) <= 0) - goto err; -#endif - } - } - - /* if we have a certificate then write it out now */ - if ((xi->x509 != NULL) && (PEM_write_bio_X509(bp, xi->x509) <= 0)) - goto err; - - /* we are ignoring anything else that is loaded into the X509_INFO - * structure for the moment ... as I don't need it so I'm not - * coding it here and Eric can do it when this makes it into the - * base library --tjh - */ - - ret = 1; - -err: - explicit_bzero((char *)&ctx, sizeof(ctx)); - explicit_bzero(buf, PEM_BUFSIZE); - return (ret); -} -LCRYPTO_ALIAS(PEM_X509_INFO_write_bio); diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c deleted file mode 100644 index 30db092c3e..0000000000 --- a/src/lib/libcrypto/pem/pem_lib.c +++ /dev/null @@ -1,866 +0,0 @@ -/* $OpenBSD: pem_lib.c,v 1.56 2024/02/18 15:44:10 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include - -#include - -#include -#include -#include -#include -#include -#include -#include - -#ifndef OPENSSL_NO_DES -#include -#endif - -#include "asn1_local.h" -#include "evp_local.h" - -#define MIN_LENGTH 4 - -static int load_iv(char **fromp, unsigned char *to, int num); -static int check_pem(const char *nm, const char *name); -int pem_check_suffix(const char *pem_str, const char *suffix); - -/* XXX LSSL ABI XXX return value and `num' ought to be size_t */ -int -PEM_def_callback(char *buf, int num, int w, void *key) -{ - size_t l; - int i; - const char *prompt; - - if (num < 0) - return -1; - - if (key) { - l = strlen(key); - if (l > (size_t)num) - l = (size_t)num; - memcpy(buf, key, l); - return (int)l; - } - - prompt = EVP_get_pw_prompt(); - if (prompt == NULL) - prompt = "Enter PEM pass phrase:"; - - for (;;) { - i = EVP_read_pw_string_min(buf, MIN_LENGTH, num, prompt, w); - if (i != 0) { - PEMerror(PEM_R_PROBLEMS_GETTING_PASSWORD); - memset(buf, 0, num); - return (-1); - } - l = strlen(buf); - if (l < MIN_LENGTH) { - fprintf(stderr, "phrase is too short, " - "needs to be at least %zu chars\n", - (size_t)MIN_LENGTH); - } else - break; - } - return (int)l; -} -LCRYPTO_ALIAS(PEM_def_callback); - -void -PEM_proc_type(char *buf, int type) -{ - const char *str; - - if (type == PEM_TYPE_ENCRYPTED) - str = "ENCRYPTED"; - else if (type == PEM_TYPE_MIC_CLEAR) - str = "MIC-CLEAR"; - else if (type == PEM_TYPE_MIC_ONLY) - str = "MIC-ONLY"; - else - str = "BAD-TYPE"; - - strlcat(buf, "Proc-Type: 4,", PEM_BUFSIZE); - strlcat(buf, str, PEM_BUFSIZE); - strlcat(buf, "\n", PEM_BUFSIZE); -} -LCRYPTO_ALIAS(PEM_proc_type); - -void -PEM_dek_info(char *buf, const char *type, int len, char *str) -{ - static const unsigned char map[17] = "0123456789ABCDEF"; - long i; - int j; - - strlcat(buf, "DEK-Info: ", PEM_BUFSIZE); - strlcat(buf, type, PEM_BUFSIZE); - strlcat(buf, ",", PEM_BUFSIZE); - j = strlen(buf); - if (j + (len * 2) + 1 > PEM_BUFSIZE) - return; - for (i = 0; i < len; i++) { - buf[j + i * 2] = map[(str[i] >> 4) & 0x0f]; - buf[j + i * 2 + 1] = map[(str[i]) & 0x0f]; - } - buf[j + i * 2] = '\n'; - buf[j + i * 2 + 1] = '\0'; -} -LCRYPTO_ALIAS(PEM_dek_info); - -void * -PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x, - pem_password_cb *cb, void *u) -{ - BIO *b; - void *ret; - - if ((b = BIO_new(BIO_s_file())) == NULL) { - PEMerror(ERR_R_BUF_LIB); - return (0); - } - BIO_set_fp(b, fp, BIO_NOCLOSE); - ret = PEM_ASN1_read_bio(d2i, name, b, x, cb, u); - BIO_free(b); - return (ret); -} -LCRYPTO_ALIAS(PEM_ASN1_read); - -static int -check_pem(const char *nm, const char *name) -{ - /* Normal matching nm and name */ - if (!strcmp(nm, name)) - return 1; - - /* Make PEM_STRING_EVP_PKEY match any private key */ - - if (!strcmp(name, PEM_STRING_EVP_PKEY)) { - int slen; - const EVP_PKEY_ASN1_METHOD *ameth; - if (!strcmp(nm, PEM_STRING_PKCS8)) - return 1; - if (!strcmp(nm, PEM_STRING_PKCS8INF)) - return 1; - slen = pem_check_suffix(nm, "PRIVATE KEY"); - if (slen > 0) { - /* NB: ENGINE implementations wont contain - * a deprecated old private key decode function - * so don't look for them. - */ - ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen); - if (ameth && ameth->old_priv_decode) - return 1; - } - return 0; - } - - if (!strcmp(name, PEM_STRING_PARAMETERS)) { - int slen; - const EVP_PKEY_ASN1_METHOD *ameth; - slen = pem_check_suffix(nm, "PARAMETERS"); - if (slen > 0) { - ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen); - if (ameth) { - int r; - if (ameth->param_decode) - r = 1; - else - r = 0; - return r; - } - } - return 0; - } - - /* Permit older strings */ - - if (!strcmp(nm, PEM_STRING_X509_OLD) && - !strcmp(name, PEM_STRING_X509)) - return 1; - - if (!strcmp(nm, PEM_STRING_X509_REQ_OLD) && - !strcmp(name, PEM_STRING_X509_REQ)) - return 1; - - /* Allow normal certs to be read as trusted certs */ - if (!strcmp(nm, PEM_STRING_X509) && - !strcmp(name, PEM_STRING_X509_TRUSTED)) - return 1; - - if (!strcmp(nm, PEM_STRING_X509_OLD) && - !strcmp(name, PEM_STRING_X509_TRUSTED)) - return 1; - - /* Some CAs use PKCS#7 with CERTIFICATE headers */ - if (!strcmp(nm, PEM_STRING_X509) && - !strcmp(name, PEM_STRING_PKCS7)) - return 1; - - if (!strcmp(nm, PEM_STRING_PKCS7_SIGNED) && - !strcmp(name, PEM_STRING_PKCS7)) - return 1; - -#ifndef OPENSSL_NO_CMS - if (strcmp(nm, PEM_STRING_X509) == 0 && - strcmp(name, PEM_STRING_CMS) == 0) - return 1; - - /* Allow CMS to be read from PKCS#7 headers */ - if (strcmp(nm, PEM_STRING_PKCS7) == 0 && - strcmp(name, PEM_STRING_CMS) == 0) - return 1; -#endif - - return 0; -} - -int -PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, - const char *name, BIO *bp, pem_password_cb *cb, void *u) -{ - EVP_CIPHER_INFO cipher; - char *nm = NULL, *header = NULL; - unsigned char *data = NULL; - long len; - int ret = 0; - - for (;;) { - if (!PEM_read_bio(bp, &nm, &header, &data, &len)) { - if (ERR_GET_REASON(ERR_peek_error()) == - PEM_R_NO_START_LINE) - ERR_asprintf_error_data("Expecting: %s", name); - return 0; - } - if (check_pem(nm, name)) - break; - free(nm); - free(header); - free(data); - } - if (!PEM_get_EVP_CIPHER_INFO(header, &cipher)) - goto err; - if (!PEM_do_header(&cipher, data, &len, cb, u)) - goto err; - - *pdata = data; - *plen = len; - - if (pnm) - *pnm = nm; - - ret = 1; - -err: - if (!ret || !pnm) - free(nm); - free(header); - if (!ret) - free(data); - return ret; -} -LCRYPTO_ALIAS(PEM_bytes_read_bio); - -int -PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp, void *x, - const EVP_CIPHER *enc, unsigned char *kstr, int klen, - pem_password_cb *callback, void *u) -{ - BIO *b; - int ret; - - if ((b = BIO_new(BIO_s_file())) == NULL) { - PEMerror(ERR_R_BUF_LIB); - return (0); - } - BIO_set_fp(b, fp, BIO_NOCLOSE); - ret = PEM_ASN1_write_bio(i2d, name, b, x, enc, kstr, klen, callback, u); - BIO_free(b); - return (ret); -} -LCRYPTO_ALIAS(PEM_ASN1_write); - -int -PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x, - const EVP_CIPHER *enc, unsigned char *kstr, int klen, - pem_password_cb *callback, void *u) -{ - EVP_CIPHER_CTX ctx; - int dsize = 0, i, j, ret = 0; - unsigned char *p, *data = NULL; - const char *objstr = NULL; - char buf[PEM_BUFSIZE]; - unsigned char key[EVP_MAX_KEY_LENGTH]; - unsigned char iv[EVP_MAX_IV_LENGTH]; - - if (enc != NULL) { - objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc)); - if (objstr == NULL) { - PEMerror(PEM_R_UNSUPPORTED_CIPHER); - goto err; - } - } - - if ((dsize = i2d(x, NULL)) < 0) { - PEMerror(ERR_R_ASN1_LIB); - dsize = 0; - goto err; - } - /* dzise + 8 bytes are needed */ - /* actually it needs the cipher block size extra... */ - data = malloc(dsize + 20); - if (data == NULL) { - PEMerror(ERR_R_MALLOC_FAILURE); - goto err; - } - p = data; - i = i2d(x, &p); - - if (enc != NULL) { - if (kstr == NULL) { - if (callback == NULL) - klen = PEM_def_callback(buf, PEM_BUFSIZE, 1, u); - else - klen = (*callback)(buf, PEM_BUFSIZE, 1, u); - if (klen <= 0) { - PEMerror(PEM_R_READ_KEY); - goto err; - } - kstr = (unsigned char *)buf; - } - if ((size_t)enc->iv_len > sizeof(iv)) { - PEMerror(EVP_R_IV_TOO_LARGE); - goto err; - } - arc4random_buf(iv, enc->iv_len); /* Generate a salt */ - /* The 'iv' is used as the iv and as a salt. It is - * NOT taken from the BytesToKey function */ - if (!EVP_BytesToKey(enc, EVP_md5(), iv, kstr, klen, 1, - key, NULL)) - goto err; - - if (kstr == (unsigned char *)buf) - explicit_bzero(buf, PEM_BUFSIZE); - - if (strlen(objstr) + 23 + 2 * enc->iv_len + 13 > sizeof buf) { - PEMerror(ASN1_R_BUFFER_TOO_SMALL); - goto err; - } - - buf[0] = '\0'; - PEM_proc_type(buf, PEM_TYPE_ENCRYPTED); - PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv); - /* k=strlen(buf); */ - - EVP_CIPHER_CTX_legacy_clear(&ctx); - ret = 1; - if (!EVP_EncryptInit_ex(&ctx, enc, NULL, key, iv) || - !EVP_EncryptUpdate(&ctx, data, &j, data, i) || - !EVP_EncryptFinal_ex(&ctx, &(data[j]), &i)) - ret = 0; - EVP_CIPHER_CTX_cleanup(&ctx); - if (ret == 0) - goto err; - i += j; - } else { - ret = 1; - buf[0] = '\0'; - } - i = PEM_write_bio(bp, name, buf, data, i); - if (i <= 0) - ret = 0; -err: - explicit_bzero(key, sizeof(key)); - explicit_bzero(iv, sizeof(iv)); - explicit_bzero((char *)&ctx, sizeof(ctx)); - explicit_bzero(buf, PEM_BUFSIZE); - freezero(data, (unsigned int)dsize); - return (ret); -} -LCRYPTO_ALIAS(PEM_ASN1_write_bio); - -int -PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen, - pem_password_cb *callback, void *u) -{ - int i, j, o, klen; - long len; - EVP_CIPHER_CTX ctx; - unsigned char key[EVP_MAX_KEY_LENGTH]; - char buf[PEM_BUFSIZE]; - - len = *plen; - - if (cipher->cipher == NULL) - return (1); - if (callback == NULL) - klen = PEM_def_callback(buf, PEM_BUFSIZE, 0, u); - else - klen = callback(buf, PEM_BUFSIZE, 0, u); - if (klen <= 0) { - PEMerror(PEM_R_BAD_PASSWORD_READ); - return (0); - } - if (!EVP_BytesToKey(cipher->cipher, EVP_md5(), &(cipher->iv[0]), - (unsigned char *)buf, klen, 1, key, NULL)) - return 0; - - j = (int)len; - EVP_CIPHER_CTX_legacy_clear(&ctx); - o = EVP_DecryptInit_ex(&ctx, cipher->cipher, NULL, key, - &(cipher->iv[0])); - if (o) - o = EVP_DecryptUpdate(&ctx, data, &i, data, j); - if (o) - o = EVP_DecryptFinal_ex(&ctx, &(data[i]), &j); - EVP_CIPHER_CTX_cleanup(&ctx); - explicit_bzero((char *)buf, sizeof(buf)); - explicit_bzero((char *)key, sizeof(key)); - if (!o) { - PEMerror(PEM_R_BAD_DECRYPT); - return (0); - } - *plen = j + i; - return (1); -} -LCRYPTO_ALIAS(PEM_do_header); - -int -PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher) -{ - const EVP_CIPHER *enc = NULL; - char *p, c; - char **header_pp = &header; - - cipher->cipher = NULL; - if ((header == NULL) || (*header == '\0') || (*header == '\n')) - return (1); - if (strncmp(header, "Proc-Type: ", 11) != 0) { - PEMerror(PEM_R_NOT_PROC_TYPE); - return (0); - } - header += 11; - if (*header != '4') - return (0); - header++; - if (*header != ',') - return (0); - header++; - if (strncmp(header, "ENCRYPTED", 9) != 0) { - PEMerror(PEM_R_NOT_ENCRYPTED); - return (0); - } - for (; (*header != '\n') && (*header != '\0'); header++) - ; - if (*header == '\0') { - PEMerror(PEM_R_SHORT_HEADER); - return (0); - } - header++; - if (strncmp(header, "DEK-Info: ", 10) != 0) { - PEMerror(PEM_R_NOT_DEK_INFO); - return (0); - } - header += 10; - - p = header; - for (;;) { - c= *header; - if (!( ((c >= 'A') && (c <= 'Z')) || (c == '-') || - ((c >= '0') && (c <= '9')))) - break; - header++; - } - *header = '\0'; - cipher->cipher = enc = EVP_get_cipherbyname(p); - *header = c; - header++; - - if (enc == NULL) { - PEMerror(PEM_R_UNSUPPORTED_ENCRYPTION); - return (0); - } - if (!load_iv(header_pp, &(cipher->iv[0]), enc->iv_len)) - return (0); - - return (1); -} -LCRYPTO_ALIAS(PEM_get_EVP_CIPHER_INFO); - -static int -load_iv(char **fromp, unsigned char *to, int num) -{ - int v, i; - char *from; - - from= *fromp; - for (i = 0; i < num; i++) - to[i] = 0; - num *= 2; - for (i = 0; i < num; i++) { - if ((*from >= '0') && (*from <= '9')) - v = *from - '0'; - else if ((*from >= 'A') && (*from <= 'F')) - v = *from - 'A' + 10; - else if ((*from >= 'a') && (*from <= 'f')) - v = *from - 'a' + 10; - else { - PEMerror(PEM_R_BAD_IV_CHARS); - return (0); - } - from++; - to[i / 2] |= v << (long)((!(i & 1)) * 4); - } - - *fromp = from; - return (1); -} - -int -PEM_write(FILE *fp, const char *name, const char *header, - const unsigned char *data, long len) -{ - BIO *b; - int ret; - - if ((b = BIO_new(BIO_s_file())) == NULL) { - PEMerror(ERR_R_BUF_LIB); - return (0); - } - BIO_set_fp(b, fp, BIO_NOCLOSE); - ret = PEM_write_bio(b, name, header, data, len); - BIO_free(b); - return (ret); -} -LCRYPTO_ALIAS(PEM_write); - -int -PEM_write_bio(BIO *bp, const char *name, const char *header, - const unsigned char *data, long len) -{ - int nlen, n, i, j, outl; - unsigned char *buf = NULL; - EVP_ENCODE_CTX ctx; - int reason = ERR_R_BUF_LIB; - - EVP_EncodeInit(&ctx); - nlen = strlen(name); - - if ((BIO_write(bp, "-----BEGIN ", 11) != 11) || - (BIO_write(bp, name, nlen) != nlen) || - (BIO_write(bp, "-----\n", 6) != 6)) - goto err; - - if (header != NULL && (i = strlen(header)) > 0) { - if ((BIO_write(bp, header, i) != i) || - (BIO_write(bp, "\n", 1) != 1)) - goto err; - } - - buf = reallocarray(NULL, PEM_BUFSIZE, 8); - if (buf == NULL) { - reason = ERR_R_MALLOC_FAILURE; - goto err; - } - - i = j = 0; - while (len > 0) { - n = (int)((len > (PEM_BUFSIZE * 5)) ? (PEM_BUFSIZE * 5) : len); - if (!EVP_EncodeUpdate(&ctx, buf, &outl, &(data[j]), n)) - goto err; - if ((outl) && (BIO_write(bp, (char *)buf, outl) != outl)) - goto err; - i += outl; - len -= n; - j += n; - } - EVP_EncodeFinal(&ctx, buf, &outl); - if ((outl > 0) && (BIO_write(bp, (char *)buf, outl) != outl)) - goto err; - freezero(buf, PEM_BUFSIZE * 8); - buf = NULL; - if ((BIO_write(bp, "-----END ", 9) != 9) || - (BIO_write(bp, name, nlen) != nlen) || - (BIO_write(bp, "-----\n", 6) != 6)) - goto err; - return (i + outl); - -err: - freezero(buf, PEM_BUFSIZE * 8); - PEMerror(reason); - return (0); -} -LCRYPTO_ALIAS(PEM_write_bio); - -int -PEM_read(FILE *fp, char **name, char **header, unsigned char **data, long *len) -{ - BIO *b; - int ret; - - if ((b = BIO_new(BIO_s_file())) == NULL) { - PEMerror(ERR_R_BUF_LIB); - return (0); - } - BIO_set_fp(b, fp, BIO_NOCLOSE); - ret = PEM_read_bio(b, name, header, data, len); - BIO_free(b); - return (ret); -} -LCRYPTO_ALIAS(PEM_read); - -int -PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, - long *len) -{ - EVP_ENCODE_CTX ctx; - int end = 0, i, k, bl = 0, hl = 0, nohead = 0; - char buf[256]; - BUF_MEM *nameB; - BUF_MEM *headerB; - BUF_MEM *dataB, *tmpB; - - nameB = BUF_MEM_new(); - headerB = BUF_MEM_new(); - dataB = BUF_MEM_new(); - if ((nameB == NULL) || (headerB == NULL) || (dataB == NULL)) { - BUF_MEM_free(nameB); - BUF_MEM_free(headerB); - BUF_MEM_free(dataB); - PEMerror(ERR_R_MALLOC_FAILURE); - return (0); - } - - buf[254] = '\0'; - for (;;) { - i = BIO_gets(bp, buf, 254); - - if (i <= 0) { - PEMerror(PEM_R_NO_START_LINE); - goto err; - } - - while ((i >= 0) && (buf[i] <= ' ')) - i--; - buf[++i] = '\n'; - buf[++i] = '\0'; - - if (strncmp(buf, "-----BEGIN ", 11) == 0) { - i = strlen(&(buf[11])); - - if (strncmp(&(buf[11 + i - 6]), "-----\n", 6) != 0) - continue; - if (!BUF_MEM_grow(nameB, i + 9)) { - PEMerror(ERR_R_MALLOC_FAILURE); - goto err; - } - memcpy(nameB->data, &(buf[11]), i - 6); - nameB->data[i - 6] = '\0'; - break; - } - } - hl = 0; - if (!BUF_MEM_grow(headerB, 256)) { - PEMerror(ERR_R_MALLOC_FAILURE); - goto err; - } - headerB->data[0] = '\0'; - for (;;) { - i = BIO_gets(bp, buf, 254); - if (i <= 0) - break; - - while ((i >= 0) && (buf[i] <= ' ')) - i--; - buf[++i] = '\n'; - buf[++i] = '\0'; - - if (buf[0] == '\n') - break; - if (!BUF_MEM_grow(headerB, hl + i + 9)) { - PEMerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if (strncmp(buf, "-----END ", 9) == 0) { - nohead = 1; - break; - } - memcpy(&(headerB->data[hl]), buf, i); - headerB->data[hl + i] = '\0'; - hl += i; - } - - bl = 0; - if (!BUF_MEM_grow(dataB, 1024)) { - PEMerror(ERR_R_MALLOC_FAILURE); - goto err; - } - dataB->data[0] = '\0'; - if (!nohead) { - for (;;) { - i = BIO_gets(bp, buf, 254); - if (i <= 0) - break; - - while ((i >= 0) && (buf[i] <= ' ')) - i--; - buf[++i] = '\n'; - buf[++i] = '\0'; - - if (i != 65) - end = 1; - if (strncmp(buf, "-----END ", 9) == 0) - break; - if (i > 65) - break; - if (!BUF_MEM_grow_clean(dataB, i + bl + 9)) { - PEMerror(ERR_R_MALLOC_FAILURE); - goto err; - } - memcpy(&(dataB->data[bl]), buf, i); - dataB->data[bl + i] = '\0'; - bl += i; - if (end) { - buf[0] = '\0'; - i = BIO_gets(bp, buf, 254); - if (i <= 0) - break; - - while ((i >= 0) && (buf[i] <= ' ')) - i--; - buf[++i] = '\n'; - buf[++i] = '\0'; - - break; - } - } - } else { - tmpB = headerB; - headerB = dataB; - dataB = tmpB; - bl = hl; - } - i = strlen(nameB->data); - if ((strncmp(buf, "-----END ", 9) != 0) || - (strncmp(nameB->data, &(buf[9]), i) != 0) || - (strncmp(&(buf[9 + i]), "-----\n", 6) != 0)) { - PEMerror(PEM_R_BAD_END_LINE); - goto err; - } - - EVP_DecodeInit(&ctx); - i = EVP_DecodeUpdate(&ctx, - (unsigned char *)dataB->data, &bl, - (unsigned char *)dataB->data, bl); - if (i < 0) { - PEMerror(PEM_R_BAD_BASE64_DECODE); - goto err; - } - i = EVP_DecodeFinal(&ctx, (unsigned char *)&(dataB->data[bl]), &k); - if (i < 0) { - PEMerror(PEM_R_BAD_BASE64_DECODE); - goto err; - } - bl += k; - - if (bl == 0) - goto err; - *name = nameB->data; - *header = headerB->data; - *data = (unsigned char *)dataB->data; - *len = bl; - free(nameB); - free(headerB); - free(dataB); - return (1); - -err: - BUF_MEM_free(nameB); - BUF_MEM_free(headerB); - BUF_MEM_free(dataB); - return (0); -} -LCRYPTO_ALIAS(PEM_read_bio); - -/* Check pem string and return prefix length. - * If for example the pem_str == "RSA PRIVATE KEY" and suffix = "PRIVATE KEY" - * the return value is 3 for the string "RSA". - */ - -int -pem_check_suffix(const char *pem_str, const char *suffix) -{ - int pem_len = strlen(pem_str); - int suffix_len = strlen(suffix); - const char *p; - - if (suffix_len + 1 >= pem_len) - return 0; - p = pem_str + pem_len - suffix_len; - if (strcmp(p, suffix)) - return 0; - p--; - if (*p != ' ') - return 0; - return p - pem_str; -} diff --git a/src/lib/libcrypto/pem/pem_oth.c b/src/lib/libcrypto/pem/pem_oth.c deleted file mode 100644 index 2dca978efd..0000000000 --- a/src/lib/libcrypto/pem/pem_oth.c +++ /dev/null @@ -1,88 +0,0 @@ -/* $OpenBSD: pem_oth.c,v 1.9 2023/07/07 13:40:44 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include -#include -#include -#include -#include - -/* Handle 'other' PEMs: not private keys */ - -void * -PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x, - pem_password_cb *cb, void *u) -{ - const unsigned char *p = NULL; - unsigned char *data = NULL; - long len; - char *ret = NULL; - - if (!PEM_bytes_read_bio(&data, &len, NULL, name, bp, cb, u)) - return NULL; - p = data; - ret = d2i(x, &p, len); - if (ret == NULL) - PEMerror(ERR_R_ASN1_LIB); - free(data); - return (ret); -} -LCRYPTO_ALIAS(PEM_ASN1_read_bio); diff --git a/src/lib/libcrypto/pem/pem_pk8.c b/src/lib/libcrypto/pem/pem_pk8.c deleted file mode 100644 index 6d0c0cbd57..0000000000 --- a/src/lib/libcrypto/pem/pem_pk8.c +++ /dev/null @@ -1,324 +0,0 @@ -/* $OpenBSD: pem_pk8.c,v 1.14 2023/07/07 13:40:44 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include -#include -#include -#include -#include -#include -#include - -static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, - const EVP_CIPHER *enc, char *kstr, int klen, pem_password_cb *cb, void *u); -static int do_pk8pkey_fp(FILE *bp, EVP_PKEY *x, int isder, int nid, - const EVP_CIPHER *enc, char *kstr, int klen, pem_password_cb *cb, void *u); - -/* These functions write a private key in PKCS#8 format: it is a "drop in" - * replacement for PEM_write_bio_PrivateKey() and friends. As usual if 'enc' - * is NULL then it uses the unencrypted private key form. The 'nid' versions - * uses PKCS#5 v1.5 PBE algorithms whereas the others use PKCS#5 v2.0. - */ - -int -PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid, char *kstr, - int klen, pem_password_cb *cb, void *u) -{ - return do_pk8pkey(bp, x, 0, nid, NULL, kstr, klen, cb, u); -} -LCRYPTO_ALIAS(PEM_write_bio_PKCS8PrivateKey_nid); - -int -PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, - char *kstr, int klen, pem_password_cb *cb, void *u) -{ - return do_pk8pkey(bp, x, 0, -1, enc, kstr, klen, cb, u); -} -LCRYPTO_ALIAS(PEM_write_bio_PKCS8PrivateKey); - -int -i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, - char *kstr, int klen, pem_password_cb *cb, void *u) -{ - return do_pk8pkey(bp, x, 1, -1, enc, kstr, klen, cb, u); -} -LCRYPTO_ALIAS(i2d_PKCS8PrivateKey_bio); - -int -i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid, - char *kstr, int klen, pem_password_cb *cb, void *u) -{ - return do_pk8pkey(bp, x, 1, nid, NULL, kstr, klen, cb, u); -} -LCRYPTO_ALIAS(i2d_PKCS8PrivateKey_nid_bio); - -static int -do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc, - char *kstr, int klen, pem_password_cb *cb, void *u) -{ - X509_SIG *p8; - PKCS8_PRIV_KEY_INFO *p8inf; - char buf[PEM_BUFSIZE]; - int ret; - - if (!(p8inf = EVP_PKEY2PKCS8(x))) { - PEMerror(PEM_R_ERROR_CONVERTING_PRIVATE_KEY); - return 0; - } - if (enc || (nid != -1)) { - if (!kstr) { - if (!cb) - klen = PEM_def_callback(buf, PEM_BUFSIZE, 1, u); - else - klen = cb(buf, PEM_BUFSIZE, 1, u); - if (klen <= 0) { - PEMerror(PEM_R_READ_KEY); - PKCS8_PRIV_KEY_INFO_free(p8inf); - return 0; - } - - kstr = buf; - } - p8 = PKCS8_encrypt(nid, enc, kstr, klen, NULL, 0, 0, p8inf); - if (kstr == buf) - explicit_bzero(buf, klen); - PKCS8_PRIV_KEY_INFO_free(p8inf); - if (isder) - ret = i2d_PKCS8_bio(bp, p8); - else - ret = PEM_write_bio_PKCS8(bp, p8); - X509_SIG_free(p8); - return ret; - } else { - if (isder) - ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf); - else - ret = PEM_write_bio_PKCS8_PRIV_KEY_INFO(bp, p8inf); - PKCS8_PRIV_KEY_INFO_free(p8inf); - return ret; - } -} - -EVP_PKEY * -d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u) -{ - PKCS8_PRIV_KEY_INFO *p8inf = NULL; - X509_SIG *p8 = NULL; - int klen; - EVP_PKEY *ret; - char psbuf[PEM_BUFSIZE]; - - p8 = d2i_PKCS8_bio(bp, NULL); - if (!p8) - return NULL; - if (cb) - klen = cb(psbuf, PEM_BUFSIZE, 0, u); - else - klen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u); - if (klen <= 0) { - PEMerror(PEM_R_BAD_PASSWORD_READ); - X509_SIG_free(p8); - return NULL; - } - p8inf = PKCS8_decrypt(p8, psbuf, klen); - X509_SIG_free(p8); - if (!p8inf) - return NULL; - ret = EVP_PKCS82PKEY(p8inf); - PKCS8_PRIV_KEY_INFO_free(p8inf); - if (!ret) - return NULL; - if (x) { - EVP_PKEY_free(*x); - *x = ret; - } - return ret; -} -LCRYPTO_ALIAS(d2i_PKCS8PrivateKey_bio); - - -int -i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, - char *kstr, int klen, pem_password_cb *cb, void *u) -{ - return do_pk8pkey_fp(fp, x, 1, -1, enc, kstr, klen, cb, u); -} -LCRYPTO_ALIAS(i2d_PKCS8PrivateKey_fp); - -int -i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid, char *kstr, - int klen, pem_password_cb *cb, void *u) -{ - return do_pk8pkey_fp(fp, x, 1, nid, NULL, kstr, klen, cb, u); -} -LCRYPTO_ALIAS(i2d_PKCS8PrivateKey_nid_fp); - -int -PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid, char *kstr, - int klen, pem_password_cb *cb, void *u) -{ - return do_pk8pkey_fp(fp, x, 0, nid, NULL, kstr, klen, cb, u); -} -LCRYPTO_ALIAS(PEM_write_PKCS8PrivateKey_nid); - -int -PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, - char *kstr, int klen, pem_password_cb *cb, void *u) -{ - return do_pk8pkey_fp(fp, x, 0, -1, enc, kstr, klen, cb, u); -} -LCRYPTO_ALIAS(PEM_write_PKCS8PrivateKey); - -static int -do_pk8pkey_fp(FILE *fp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc, - char *kstr, int klen, pem_password_cb *cb, void *u) -{ - BIO *bp; - int ret; - - if (!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) { - PEMerror(ERR_R_BUF_LIB); - return (0); - } - ret = do_pk8pkey(bp, x, isder, nid, enc, kstr, klen, cb, u); - BIO_free(bp); - return ret; -} - -EVP_PKEY * -d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u) -{ - BIO *bp; - EVP_PKEY *ret; - - if (!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) { - PEMerror(ERR_R_BUF_LIB); - return NULL; - } - ret = d2i_PKCS8PrivateKey_bio(bp, x, cb, u); - BIO_free(bp); - return ret; -} -LCRYPTO_ALIAS(d2i_PKCS8PrivateKey_fp); - -X509_SIG * -PEM_read_PKCS8(FILE *fp, X509_SIG **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read((d2i_of_void *)d2i_X509_SIG, PEM_STRING_PKCS8, fp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_PKCS8); - -int -PEM_write_PKCS8(FILE *fp, X509_SIG *x) -{ - return PEM_ASN1_write((i2d_of_void *)i2d_X509_SIG, PEM_STRING_PKCS8, fp, - x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_PKCS8); - -X509_SIG * -PEM_read_bio_PKCS8(BIO *bp, X509_SIG **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read_bio((d2i_of_void *)d2i_X509_SIG, PEM_STRING_PKCS8, bp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_bio_PKCS8); - -int -PEM_write_bio_PKCS8(BIO *bp, X509_SIG *x) -{ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_X509_SIG, PEM_STRING_PKCS8, bp, - x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_bio_PKCS8); - -PKCS8_PRIV_KEY_INFO * -PEM_read_PKCS8_PRIV_KEY_INFO(FILE *fp, PKCS8_PRIV_KEY_INFO **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read((d2i_of_void *)d2i_PKCS8_PRIV_KEY_INFO, PEM_STRING_PKCS8INF, fp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_PKCS8_PRIV_KEY_INFO); - -int -PEM_write_PKCS8_PRIV_KEY_INFO(FILE *fp, PKCS8_PRIV_KEY_INFO *x) -{ - return PEM_ASN1_write((i2d_of_void *)i2d_PKCS8_PRIV_KEY_INFO, PEM_STRING_PKCS8INF, fp, - x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_PKCS8_PRIV_KEY_INFO); - -PKCS8_PRIV_KEY_INFO * -PEM_read_bio_PKCS8_PRIV_KEY_INFO(BIO *bp, PKCS8_PRIV_KEY_INFO **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read_bio((d2i_of_void *)d2i_PKCS8_PRIV_KEY_INFO, PEM_STRING_PKCS8INF, bp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_bio_PKCS8_PRIV_KEY_INFO); - -int -PEM_write_bio_PKCS8_PRIV_KEY_INFO(BIO *bp, PKCS8_PRIV_KEY_INFO *x) -{ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_PKCS8_PRIV_KEY_INFO, PEM_STRING_PKCS8INF, bp, - x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_bio_PKCS8_PRIV_KEY_INFO); diff --git a/src/lib/libcrypto/pem/pem_pkey.c b/src/lib/libcrypto/pem/pem_pkey.c deleted file mode 100644 index d7001c83cc..0000000000 --- a/src/lib/libcrypto/pem/pem_pkey.c +++ /dev/null @@ -1,263 +0,0 @@ -/* $OpenBSD: pem_pkey.c,v 1.28 2023/11/19 15:46:10 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include - -#include -#include -#include -#include -#include -#include -#include - -#include "asn1_local.h" -#include "evp_local.h" - -int pem_check_suffix(const char *pem_str, const char *suffix); - -EVP_PKEY * -PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u) -{ - char *nm = NULL; - const unsigned char *p = NULL; - unsigned char *data = NULL; - long len; - int slen; - EVP_PKEY *ret = NULL; - - if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_EVP_PKEY, - bp, cb, u)) - return NULL; - p = data; - - if (strcmp(nm, PEM_STRING_PKCS8INF) == 0) { - PKCS8_PRIV_KEY_INFO *p8inf; - p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len); - if (!p8inf) - goto p8err; - ret = EVP_PKCS82PKEY(p8inf); - if (x) { - EVP_PKEY_free(*x); - *x = ret; - } - PKCS8_PRIV_KEY_INFO_free(p8inf); - } else if (strcmp(nm, PEM_STRING_PKCS8) == 0) { - PKCS8_PRIV_KEY_INFO *p8inf; - X509_SIG *p8; - int klen; - char psbuf[PEM_BUFSIZE]; - p8 = d2i_X509_SIG(NULL, &p, len); - if (!p8) - goto p8err; - if (cb) - klen = cb(psbuf, PEM_BUFSIZE, 0, u); - else - klen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u); - if (klen <= 0) { - PEMerror(PEM_R_BAD_PASSWORD_READ); - X509_SIG_free(p8); - goto err; - } - p8inf = PKCS8_decrypt(p8, psbuf, klen); - X509_SIG_free(p8); - if (!p8inf) - goto p8err; - ret = EVP_PKCS82PKEY(p8inf); - if (x) { - EVP_PKEY_free(*x); - *x = ret; - } - PKCS8_PRIV_KEY_INFO_free(p8inf); - } else if ((slen = pem_check_suffix(nm, "PRIVATE KEY")) > 0) { - const EVP_PKEY_ASN1_METHOD *ameth; - ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen); - if (!ameth || !ameth->old_priv_decode) - goto p8err; - ret = d2i_PrivateKey(ameth->pkey_id, x, &p, len); - } - -p8err: - if (ret == NULL) - PEMerror(ERR_R_ASN1_LIB); -err: - free(nm); - freezero(data, len); - return (ret); -} -LCRYPTO_ALIAS(PEM_read_bio_PrivateKey); - -int -PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, pem_password_cb *cb, void *u) -{ - if (x->ameth == NULL || x->ameth->priv_encode != NULL) - return PEM_write_bio_PKCS8PrivateKey(bp, x, enc, - (char *)kstr, klen, cb, u); - - return PEM_write_bio_PrivateKey_traditional(bp, x, enc, kstr, klen, cb, - u); -} -LCRYPTO_ALIAS(PEM_write_bio_PrivateKey); - -int -PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x, - const EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *cb, - void *u) -{ - char pem_str[80]; - - (void) snprintf(pem_str, sizeof(pem_str), "%s PRIVATE KEY", - x->ameth->pem_str); - return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey, - pem_str, bp, x, enc, kstr, klen, cb, u); -} -LCRYPTO_ALIAS(PEM_write_bio_PrivateKey_traditional); - -EVP_PKEY * -PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x) -{ - char *nm = NULL; - const unsigned char *p = NULL; - unsigned char *data = NULL; - long len; - int slen; - EVP_PKEY *ret = NULL; - - if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_PARAMETERS, - bp, 0, NULL)) - return NULL; - p = data; - - if ((slen = pem_check_suffix(nm, "PARAMETERS")) > 0) { - ret = EVP_PKEY_new(); - if (!ret) - goto err; - if (!EVP_PKEY_set_type_str(ret, nm, slen) || - !ret->ameth->param_decode || - !ret->ameth->param_decode(ret, &p, len)) { - EVP_PKEY_free(ret); - ret = NULL; - goto err; - } - if (x) { - EVP_PKEY_free(*x); - *x = ret; - } - } - -err: - if (ret == NULL) - PEMerror(ERR_R_ASN1_LIB); - free(nm); - free(data); - return (ret); -} -LCRYPTO_ALIAS(PEM_read_bio_Parameters); - -int -PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x) -{ - char pem_str[80]; - - if (!x->ameth || !x->ameth->param_encode) - return 0; - - (void) snprintf(pem_str, sizeof(pem_str), "%s PARAMETERS", - x->ameth->pem_str); - return PEM_ASN1_write_bio((i2d_of_void *)x->ameth->param_encode, - pem_str, bp, x, NULL, NULL, 0, 0, NULL); -} -LCRYPTO_ALIAS(PEM_write_bio_Parameters); - -EVP_PKEY * -PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u) -{ - BIO *b; - EVP_PKEY *ret; - - if ((b = BIO_new(BIO_s_file())) == NULL) { - PEMerror(ERR_R_BUF_LIB); - return (0); - } - BIO_set_fp(b, fp, BIO_NOCLOSE); - ret = PEM_read_bio_PrivateKey(b, x, cb, u); - BIO_free(b); - return (ret); -} -LCRYPTO_ALIAS(PEM_read_PrivateKey); - -int -PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, - unsigned char *kstr, int klen, pem_password_cb *cb, void *u) -{ - BIO *b; - int ret; - - if ((b = BIO_new_fp(fp, BIO_NOCLOSE)) == NULL) { - PEMerror(ERR_R_BUF_LIB); - return 0; - } - ret = PEM_write_bio_PrivateKey(b, x, enc, kstr, klen, cb, u); - BIO_free(b); - return ret; -} -LCRYPTO_ALIAS(PEM_write_PrivateKey); diff --git a/src/lib/libcrypto/pem/pem_sign.c b/src/lib/libcrypto/pem/pem_sign.c deleted file mode 100644 index 461f957445..0000000000 --- a/src/lib/libcrypto/pem/pem_sign.c +++ /dev/null @@ -1,108 +0,0 @@ -/* $OpenBSD: pem_sign.c,v 1.15 2023/07/07 13:40:44 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include -#include -#include -#include - -int -PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type) -{ - return EVP_DigestInit_ex(ctx, type, NULL); -} -LCRYPTO_ALIAS(PEM_SignInit); - -int -PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data, - unsigned int count) -{ - return EVP_DigestUpdate(ctx, data, count); -} -LCRYPTO_ALIAS(PEM_SignUpdate); - -int -PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, - EVP_PKEY *pkey) -{ - unsigned char *m; - int i, ret = 0; - unsigned int m_len; - - m = malloc(EVP_PKEY_size(pkey) + 2); - if (m == NULL) { - PEMerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (EVP_SignFinal(ctx, m, &m_len, pkey) <= 0) - goto err; - - i = EVP_EncodeBlock(sigret, m, m_len); - *siglen = i; - ret = 1; - -err: - /* ctx has been zeroed by EVP_SignFinal() */ - free(m); - return (ret); -} -LCRYPTO_ALIAS(PEM_SignFinal); diff --git a/src/lib/libcrypto/pem/pem_x509.c b/src/lib/libcrypto/pem/pem_x509.c deleted file mode 100644 index 0016413b51..0000000000 --- a/src/lib/libcrypto/pem/pem_x509.c +++ /dev/null @@ -1,98 +0,0 @@ -/* $OpenBSD: pem_x509.c,v 1.9 2023/07/07 13:40:44 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2001. - */ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include -#include -#include - - -X509 * -PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read((d2i_of_void *)d2i_X509, PEM_STRING_X509, fp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_X509); - -int -PEM_write_X509(FILE *fp, X509 *x) -{ - return PEM_ASN1_write((i2d_of_void *)i2d_X509, PEM_STRING_X509, fp, - x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_X509); - -X509 * -PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read_bio((d2i_of_void *)d2i_X509, PEM_STRING_X509, bp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_bio_X509); - -int -PEM_write_bio_X509(BIO *bp, X509 *x) -{ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_X509, PEM_STRING_X509, bp, - x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_bio_X509); diff --git a/src/lib/libcrypto/pem/pem_xaux.c b/src/lib/libcrypto/pem/pem_xaux.c deleted file mode 100644 index 5f44a2b5ef..0000000000 --- a/src/lib/libcrypto/pem/pem_xaux.c +++ /dev/null @@ -1,98 +0,0 @@ -/* $OpenBSD: pem_xaux.c,v 1.11 2023/07/07 13:40:44 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2001. - */ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include -#include -#include - - -X509 * -PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read((d2i_of_void *)d2i_X509_AUX, PEM_STRING_X509_TRUSTED, fp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_X509_AUX); - -int -PEM_write_X509_AUX(FILE *fp, X509 *x) -{ - return PEM_ASN1_write((i2d_of_void *)i2d_X509_AUX, PEM_STRING_X509_TRUSTED, fp, - x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_X509_AUX); - -X509 * -PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u) -{ - return PEM_ASN1_read_bio((d2i_of_void *)d2i_X509_AUX, PEM_STRING_X509_TRUSTED, bp, - (void **)x, cb, u); -} -LCRYPTO_ALIAS(PEM_read_bio_X509_AUX); - -int -PEM_write_bio_X509_AUX(BIO *bp, X509 *x) -{ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_X509_AUX, PEM_STRING_X509_TRUSTED, bp, - x, NULL, NULL, 0, NULL, NULL); -} -LCRYPTO_ALIAS(PEM_write_bio_X509_AUX); diff --git a/src/lib/libcrypto/pem/pkcs7.lis b/src/lib/libcrypto/pem/pkcs7.lis deleted file mode 100644 index be90c5d87f..0000000000 --- a/src/lib/libcrypto/pem/pkcs7.lis +++ /dev/null @@ -1,22 +0,0 @@ -21 0:d=0 hl=2 l= 0 cons: univ: SEQUENCE - 00 2:d=0 hl=2 l= 9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-signedData - 21 13:d=0 hl=2 l= 0 cons: cont: 00 # explicit tag - 21 15:d=0 hl=2 l= 0 cons: univ: SEQUENCE - 00 17:d=0 hl=2 l= 1 prim: univ: INTEGER # version - 20 20:d=0 hl=2 l= 0 cons: univ: SET - 21 22:d=0 hl=2 l= 0 cons: univ: SEQUENCE - 00 24:d=0 hl=2 l= 9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-data - 00 35:d=0 hl=2 l= 0 prim: univ: EOC - 21 37:d=0 hl=2 l= 0 cons: cont: 00 # cert tag - 20 39:d=0 hl=4 l=545 cons: univ: SEQUENCE - 20 588:d=0 hl=4 l=524 cons: univ: SEQUENCE - 00 1116:d=0 hl=2 l= 0 prim: univ: EOC - 21 1118:d=0 hl=2 l= 0 cons: cont: 01 # crl tag - 20 1120:d=0 hl=4 l=653 cons: univ: SEQUENCE - 20 1777:d=0 hl=4 l=285 cons: univ: SEQUENCE - 00 2066:d=0 hl=2 l= 0 prim: univ: EOC - 21 2068:d=0 hl=2 l= 0 cons: univ: SET # signers - 00 2070:d=0 hl=2 l= 0 prim: univ: EOC - 00 2072:d=0 hl=2 l= 0 prim: univ: EOC - 00 2074:d=0 hl=2 l= 0 prim: univ: EOC -00 2076:d=0 hl=2 l= 0 prim: univ: EOC diff --git a/src/lib/libcrypto/pem/pvkfmt.c b/src/lib/libcrypto/pem/pvkfmt.c deleted file mode 100644 index 40c9feefe5..0000000000 --- a/src/lib/libcrypto/pem/pvkfmt.c +++ /dev/null @@ -1,944 +0,0 @@ -/* $OpenBSD: pvkfmt.c,v 1.28 2024/02/18 15:45:42 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2005. - */ -/* ==================================================================== - * Copyright (c) 2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* Support for PVK format keys and related structures (such a PUBLICKEYBLOB - * and PRIVATEKEYBLOB). - */ - -#include -#include - -#include - -#include -#include -#include - -#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA) -#include -#include - -#include "bn_local.h" -#include "dsa_local.h" -#include "evp_local.h" -#include "rsa_local.h" - -/* Utility function: read a DWORD (4 byte unsigned integer) in little endian - * format - */ - -static unsigned int -read_ledword(const unsigned char **in) -{ - const unsigned char *p = *in; - unsigned int ret; - - ret = *p++; - ret |= (*p++ << 8); - ret |= (*p++ << 16); - ret |= (*p++ << 24); - *in = p; - return ret; -} - -/* Read a BIGNUM in little endian format. The docs say that this should take up - * bitlen/8 bytes. - */ - -static int -read_lebn(const unsigned char **in, unsigned int nbyte, BIGNUM **r) -{ - const unsigned char *p; - unsigned char *tmpbuf, *q; - unsigned int i; - - p = *in + nbyte - 1; - tmpbuf = malloc(nbyte); - if (!tmpbuf) - return 0; - q = tmpbuf; - for (i = 0; i < nbyte; i++) - *q++ = *p--; - *r = BN_bin2bn(tmpbuf, nbyte, NULL); - free(tmpbuf); - if (*r) { - *in += nbyte; - return 1; - } else - return 0; -} - - -/* Convert private key blob to EVP_PKEY: RSA and DSA keys supported */ - -#define MS_PUBLICKEYBLOB 0x6 -#define MS_PRIVATEKEYBLOB 0x7 -#define MS_RSA1MAGIC 0x31415352L -#define MS_RSA2MAGIC 0x32415352L -#define MS_DSS1MAGIC 0x31535344L -#define MS_DSS2MAGIC 0x32535344L - -#define MS_KEYALG_RSA_KEYX 0xa400 -#define MS_KEYALG_DSS_SIGN 0x2200 - -#define MS_KEYTYPE_KEYX 0x1 -#define MS_KEYTYPE_SIGN 0x2 - -/* The PVK file magic number: seems to spell out "bobsfile", who is Bob? */ -#define MS_PVKMAGIC 0xb0b5f11eL -/* Salt length for PVK files */ -#define PVK_SALTLEN 0x10 - -static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int length, - unsigned int bitlen, int ispub); -static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int length, - unsigned int bitlen, int ispub); - -static int -do_blob_header(const unsigned char **in, unsigned int length, - unsigned int *pmagic, unsigned int *pbitlen, int *pisdss, int *pispub) -{ - const unsigned char *p = *in; - - if (length < 16) - return 0; - /* bType */ - if (*p == MS_PUBLICKEYBLOB) { - if (*pispub == 0) { - PEMerror(PEM_R_EXPECTING_PRIVATE_KEY_BLOB); - return 0; - } - *pispub = 1; - } else if (*p == MS_PRIVATEKEYBLOB) { - if (*pispub == 1) { - PEMerror(PEM_R_EXPECTING_PUBLIC_KEY_BLOB); - return 0; - } - *pispub = 0; - } else - return 0; - p++; - /* Version */ - if (*p++ != 0x2) { - PEMerror(PEM_R_BAD_VERSION_NUMBER); - return 0; - } - /* Ignore reserved, aiKeyAlg */ - p += 6; - *pmagic = read_ledword(&p); - *pbitlen = read_ledword(&p); - if (*pbitlen > 65536) { - PEMerror(PEM_R_INCONSISTENT_HEADER); - return 0; - } - *pisdss = 0; - switch (*pmagic) { - - case MS_DSS1MAGIC: - *pisdss = 1; - case MS_RSA1MAGIC: - if (*pispub == 0) { - PEMerror(PEM_R_EXPECTING_PRIVATE_KEY_BLOB); - return 0; - } - break; - - case MS_DSS2MAGIC: - *pisdss = 1; - case MS_RSA2MAGIC: - if (*pispub == 1) { - PEMerror(PEM_R_EXPECTING_PUBLIC_KEY_BLOB); - return 0; - } - break; - - default: - PEMerror(PEM_R_BAD_MAGIC_NUMBER); - return -1; - } - *in = p; - return 1; -} - -static unsigned int -blob_length(unsigned bitlen, int isdss, int ispub) -{ - unsigned int nbyte, hnbyte; - - nbyte = (bitlen + 7) >> 3; - hnbyte = (bitlen + 15) >> 4; - if (isdss) { - - /* Expected length: 20 for q + 3 components bitlen each + 24 - * for seed structure. - */ - if (ispub) - return 44 + 3 * nbyte; - /* Expected length: 20 for q, priv, 2 bitlen components + 24 - * for seed structure. - */ - else - return 64 + 2 * nbyte; - } else { - /* Expected length: 4 for 'e' + 'n' */ - if (ispub) - return 4 + nbyte; - else - /* Expected length: 4 for 'e' and 7 other components. - * 2 components are bitlen size, 5 are bitlen/2 - */ - return 4 + 2*nbyte + 5*hnbyte; - } - -} - -static EVP_PKEY * -do_b2i(const unsigned char **in, unsigned int length, int ispub) -{ - const unsigned char *p = *in; - unsigned int bitlen, magic; - int isdss; - - if (do_blob_header(&p, length, &magic, &bitlen, &isdss, &ispub) <= 0) { - PEMerror(PEM_R_KEYBLOB_HEADER_PARSE_ERROR); - return NULL; - } - length -= 16; - if (length < blob_length(bitlen, isdss, ispub)) { - PEMerror(PEM_R_KEYBLOB_TOO_SHORT); - return NULL; - } - if (isdss) - return b2i_dss(&p, length, bitlen, ispub); - else - return b2i_rsa(&p, length, bitlen, ispub); -} - -static EVP_PKEY * -do_b2i_bio(BIO *in, int ispub) -{ - const unsigned char *p; - unsigned char hdr_buf[16], *buf = NULL; - unsigned int bitlen, magic, length; - int isdss; - EVP_PKEY *ret = NULL; - - if (BIO_read(in, hdr_buf, 16) != 16) { - PEMerror(PEM_R_KEYBLOB_TOO_SHORT); - return NULL; - } - p = hdr_buf; - if (do_blob_header(&p, 16, &magic, &bitlen, &isdss, &ispub) <= 0) - return NULL; - - length = blob_length(bitlen, isdss, ispub); - buf = malloc(length); - if (!buf) { - PEMerror(ERR_R_MALLOC_FAILURE); - goto err; - } - p = buf; - if (BIO_read(in, buf, length) != (int)length) { - PEMerror(PEM_R_KEYBLOB_TOO_SHORT); - goto err; - } - - if (isdss) - ret = b2i_dss(&p, length, bitlen, ispub); - else - ret = b2i_rsa(&p, length, bitlen, ispub); - - err: - free(buf); - return ret; -} - -static EVP_PKEY * -b2i_dss(const unsigned char **in, unsigned int length, unsigned int bitlen, - int ispub) -{ - const unsigned char *p = *in; - EVP_PKEY *ret = NULL; - DSA *dsa = NULL; - BN_CTX *ctx = NULL; - unsigned int nbyte; - - nbyte = (bitlen + 7) >> 3; - - dsa = DSA_new(); - ret = EVP_PKEY_new(); - if (!dsa || !ret) - goto err; - if (!read_lebn(&p, nbyte, &dsa->p)) - goto err; - if (!read_lebn(&p, 20, &dsa->q)) - goto err; - if (!read_lebn(&p, nbyte, &dsa->g)) - goto err; - if (ispub) { - if (!read_lebn(&p, nbyte, &dsa->pub_key)) - goto err; - } else { - if (!read_lebn(&p, 20, &dsa->priv_key)) - goto err; - /* Calculate public key */ - if (!(dsa->pub_key = BN_new())) - goto err; - if (!(ctx = BN_CTX_new())) - goto err; - if (!BN_mod_exp_ct(dsa->pub_key, dsa->g, - dsa->priv_key, dsa->p, ctx)) - goto err; - BN_CTX_free(ctx); - } - - EVP_PKEY_set1_DSA(ret, dsa); - DSA_free(dsa); - *in = p; - return ret; - - err: - PEMerror(ERR_R_MALLOC_FAILURE); - DSA_free(dsa); - EVP_PKEY_free(ret); - BN_CTX_free(ctx); - return NULL; -} - -static EVP_PKEY * -b2i_rsa(const unsigned char **in, unsigned int length, unsigned int bitlen, - int ispub) -{ - const unsigned char *p = *in; - EVP_PKEY *ret = NULL; - RSA *rsa = NULL; - unsigned int nbyte, hnbyte; - - nbyte = (bitlen + 7) >> 3; - hnbyte = (bitlen + 15) >> 4; - rsa = RSA_new(); - ret = EVP_PKEY_new(); - if (!rsa || !ret) - goto err; - rsa->e = BN_new(); - if (!rsa->e) - goto err; - if (!BN_set_word(rsa->e, read_ledword(&p))) - goto err; - if (!read_lebn(&p, nbyte, &rsa->n)) - goto err; - if (!ispub) { - if (!read_lebn(&p, hnbyte, &rsa->p)) - goto err; - if (!read_lebn(&p, hnbyte, &rsa->q)) - goto err; - if (!read_lebn(&p, hnbyte, &rsa->dmp1)) - goto err; - if (!read_lebn(&p, hnbyte, &rsa->dmq1)) - goto err; - if (!read_lebn(&p, hnbyte, &rsa->iqmp)) - goto err; - if (!read_lebn(&p, nbyte, &rsa->d)) - goto err; - } - - EVP_PKEY_set1_RSA(ret, rsa); - RSA_free(rsa); - *in = p; - return ret; - - err: - PEMerror(ERR_R_MALLOC_FAILURE); - RSA_free(rsa); - EVP_PKEY_free(ret); - return NULL; -} - -EVP_PKEY * -b2i_PrivateKey(const unsigned char **in, long length) -{ - return do_b2i(in, length, 0); -} -LCRYPTO_ALIAS(b2i_PrivateKey); - -EVP_PKEY * -b2i_PublicKey(const unsigned char **in, long length) -{ - return do_b2i(in, length, 1); -} -LCRYPTO_ALIAS(b2i_PublicKey); - -EVP_PKEY * -b2i_PrivateKey_bio(BIO *in) -{ - return do_b2i_bio(in, 0); -} -LCRYPTO_ALIAS(b2i_PrivateKey_bio); - -EVP_PKEY * -b2i_PublicKey_bio(BIO *in) -{ - return do_b2i_bio(in, 1); -} -LCRYPTO_ALIAS(b2i_PublicKey_bio); - -static void -write_ledword(unsigned char **out, unsigned int dw) -{ - unsigned char *p = *out; - - *p++ = dw & 0xff; - *p++ = (dw >> 8) & 0xff; - *p++ = (dw >> 16) & 0xff; - *p++ = (dw >> 24) & 0xff; - *out = p; -} - -static void -write_lebn(unsigned char **out, const BIGNUM *bn, int len) -{ - int nb, i; - unsigned char *p = *out, *q, c; - - nb = BN_num_bytes(bn); - BN_bn2bin(bn, p); - q = p + nb - 1; - /* In place byte order reversal */ - for (i = 0; i < nb / 2; i++) { - c = *p; - *p++ = *q; - *q-- = c; - } - *out += nb; - /* Pad with zeroes if we have to */ - if (len > 0) { - len -= nb; - if (len > 0) { - memset(*out, 0, len); - *out += len; - } - } -} - - -static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *magic); -static int check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *magic); - -static void write_rsa(unsigned char **out, RSA *rsa, int ispub); -static void write_dsa(unsigned char **out, DSA *dsa, int ispub); - -static int -do_i2b(unsigned char **out, EVP_PKEY *pk, int ispub) -{ - unsigned char *p; - unsigned int bitlen, magic = 0, keyalg; - int outlen, noinc = 0; - - if (pk->type == EVP_PKEY_DSA) { - bitlen = check_bitlen_dsa(pk->pkey.dsa, ispub, &magic); - keyalg = MS_KEYALG_DSS_SIGN; - } else if (pk->type == EVP_PKEY_RSA) { - bitlen = check_bitlen_rsa(pk->pkey.rsa, ispub, &magic); - keyalg = MS_KEYALG_RSA_KEYX; - } else - return -1; - if (bitlen == 0) - return -1; - outlen = 16 + blob_length(bitlen, - keyalg == MS_KEYALG_DSS_SIGN ? 1 : 0, ispub); - if (out == NULL) - return outlen; - if (*out) - p = *out; - else { - p = malloc(outlen); - if (!p) - return -1; - *out = p; - noinc = 1; - } - if (ispub) - *p++ = MS_PUBLICKEYBLOB; - else - *p++ = MS_PRIVATEKEYBLOB; - *p++ = 0x2; - *p++ = 0; - *p++ = 0; - write_ledword(&p, keyalg); - write_ledword(&p, magic); - write_ledword(&p, bitlen); - if (keyalg == MS_KEYALG_DSS_SIGN) - write_dsa(&p, pk->pkey.dsa, ispub); - else - write_rsa(&p, pk->pkey.rsa, ispub); - if (!noinc) - *out += outlen; - return outlen; -} - -static int -do_i2b_bio(BIO *out, EVP_PKEY *pk, int ispub) -{ - unsigned char *tmp = NULL; - int outlen, wrlen; - - outlen = do_i2b(&tmp, pk, ispub); - if (outlen < 0) - return -1; - wrlen = BIO_write(out, tmp, outlen); - free(tmp); - if (wrlen == outlen) - return outlen; - return -1; -} - -static int -check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *pmagic) -{ - int bitlen; - - bitlen = BN_num_bits(dsa->p); - if ((bitlen & 7) || (BN_num_bits(dsa->q) != 160) || - (BN_num_bits(dsa->g) > bitlen)) - goto err; - if (ispub) { - if (BN_num_bits(dsa->pub_key) > bitlen) - goto err; - *pmagic = MS_DSS1MAGIC; - } else { - if (BN_num_bits(dsa->priv_key) > 160) - goto err; - *pmagic = MS_DSS2MAGIC; - } - - return bitlen; - - err: - PEMerror(PEM_R_UNSUPPORTED_KEY_COMPONENTS); - return 0; -} - -static int -check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *pmagic) -{ - int nbyte, hnbyte, bitlen; - - if (BN_num_bits(rsa->e) > 32) - goto err; - bitlen = BN_num_bits(rsa->n); - nbyte = BN_num_bytes(rsa->n); - hnbyte = (BN_num_bits(rsa->n) + 15) >> 4; - if (ispub) { - *pmagic = MS_RSA1MAGIC; - return bitlen; - } else { - *pmagic = MS_RSA2MAGIC; - /* For private key each component must fit within nbyte or - * hnbyte. - */ - if (BN_num_bytes(rsa->d) > nbyte) - goto err; - if ((BN_num_bytes(rsa->iqmp) > hnbyte) || - (BN_num_bytes(rsa->p) > hnbyte) || - (BN_num_bytes(rsa->q) > hnbyte) || - (BN_num_bytes(rsa->dmp1) > hnbyte) || - (BN_num_bytes(rsa->dmq1) > hnbyte)) - goto err; - } - return bitlen; - - err: - PEMerror(PEM_R_UNSUPPORTED_KEY_COMPONENTS); - return 0; -} - -static void -write_rsa(unsigned char **out, RSA *rsa, int ispub) -{ - int nbyte, hnbyte; - - nbyte = BN_num_bytes(rsa->n); - hnbyte = (BN_num_bits(rsa->n) + 15) >> 4; - write_lebn(out, rsa->e, 4); - write_lebn(out, rsa->n, -1); - if (ispub) - return; - write_lebn(out, rsa->p, hnbyte); - write_lebn(out, rsa->q, hnbyte); - write_lebn(out, rsa->dmp1, hnbyte); - write_lebn(out, rsa->dmq1, hnbyte); - write_lebn(out, rsa->iqmp, hnbyte); - write_lebn(out, rsa->d, nbyte); -} - -static void -write_dsa(unsigned char **out, DSA *dsa, int ispub) -{ - int nbyte; - - nbyte = BN_num_bytes(dsa->p); - write_lebn(out, dsa->p, nbyte); - write_lebn(out, dsa->q, 20); - write_lebn(out, dsa->g, nbyte); - if (ispub) - write_lebn(out, dsa->pub_key, nbyte); - else - write_lebn(out, dsa->priv_key, 20); - /* Set "invalid" for seed structure values */ - memset(*out, 0xff, 24); - *out += 24; - return; -} - -int -i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk) -{ - return do_i2b_bio(out, pk, 0); -} -LCRYPTO_ALIAS(i2b_PrivateKey_bio); - -int -i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk) -{ - return do_i2b_bio(out, pk, 1); -} -LCRYPTO_ALIAS(i2b_PublicKey_bio); - -#ifndef OPENSSL_NO_RC4 - -static int -do_PVK_header(const unsigned char **in, unsigned int length, int skip_magic, - unsigned int *psaltlen, unsigned int *pkeylen) -{ - const unsigned char *p = *in; - unsigned int pvk_magic, is_encrypted; - - if (skip_magic) { - if (length < 20) { - PEMerror(PEM_R_PVK_TOO_SHORT); - return 0; - } - length -= 20; - } else { - if (length < 24) { - PEMerror(PEM_R_PVK_TOO_SHORT); - return 0; - } - length -= 24; - pvk_magic = read_ledword(&p); - if (pvk_magic != MS_PVKMAGIC) { - PEMerror(PEM_R_BAD_MAGIC_NUMBER); - return 0; - } - } - /* Skip reserved */ - p += 4; - /*keytype = */read_ledword(&p); - is_encrypted = read_ledword(&p); - *psaltlen = read_ledword(&p); - *pkeylen = read_ledword(&p); - if (*psaltlen > 65536 || *pkeylen > 65536) { - PEMerror(PEM_R_ERROR_CONVERTING_PRIVATE_KEY); - return 0; - } - - if (is_encrypted && !*psaltlen) { - PEMerror(PEM_R_INCONSISTENT_HEADER); - return 0; - } - - *in = p; - return 1; -} - -static int -derive_pvk_key(unsigned char *key, const unsigned char *salt, - unsigned int saltlen, const unsigned char *pass, int passlen) -{ - EVP_MD_CTX mctx; - int rv = 1; - - EVP_MD_CTX_legacy_clear(&mctx); - if (!EVP_DigestInit_ex(&mctx, EVP_sha1(), NULL) || - !EVP_DigestUpdate(&mctx, salt, saltlen) || - !EVP_DigestUpdate(&mctx, pass, passlen) || - !EVP_DigestFinal_ex(&mctx, key, NULL)) - rv = 0; - - EVP_MD_CTX_cleanup(&mctx); - return rv; -} - -static EVP_PKEY * -do_PVK_body(const unsigned char **in, unsigned int saltlen, - unsigned int keylen, pem_password_cb *cb, void *u) -{ - EVP_PKEY *ret = NULL; - const unsigned char *p = *in; - unsigned int magic; - unsigned char *enctmp = NULL, *q; - EVP_CIPHER_CTX *cctx = NULL; - - if ((cctx = EVP_CIPHER_CTX_new()) == NULL) { - PEMerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if (saltlen) { - char psbuf[PEM_BUFSIZE]; - unsigned char keybuf[20]; - int enctmplen, inlen; - - if (cb) - inlen = cb(psbuf, PEM_BUFSIZE, 0, u); - else - inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u); - if (inlen <= 0) { - PEMerror(PEM_R_BAD_PASSWORD_READ); - goto err; - } - enctmp = malloc(keylen + 8); - if (!enctmp) { - PEMerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if (!derive_pvk_key(keybuf, p, saltlen, (unsigned char *)psbuf, - inlen)) { - goto err; - } - p += saltlen; - /* Copy BLOBHEADER across, decrypt rest */ - memcpy(enctmp, p, 8); - p += 8; - if (keylen < 8) { - PEMerror(PEM_R_PVK_TOO_SHORT); - goto err; - } - inlen = keylen - 8; - q = enctmp + 8; - if (!EVP_DecryptInit_ex(cctx, EVP_rc4(), NULL, keybuf, NULL)) - goto err; - if (!EVP_DecryptUpdate(cctx, q, &enctmplen, p, inlen)) - goto err; - if (!EVP_DecryptFinal_ex(cctx, q + enctmplen, &enctmplen)) - goto err; - magic = read_ledword((const unsigned char **)&q); - if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) { - q = enctmp + 8; - memset(keybuf + 5, 0, 11); - if (!EVP_DecryptInit_ex(cctx, EVP_rc4(), NULL, keybuf, - NULL)) - goto err; - explicit_bzero(keybuf, 20); - if (!EVP_DecryptUpdate(cctx, q, &enctmplen, p, inlen)) - goto err; - if (!EVP_DecryptFinal_ex(cctx, q + enctmplen, - &enctmplen)) - goto err; - magic = read_ledword((const unsigned char **)&q); - if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) { - PEMerror(PEM_R_BAD_DECRYPT); - goto err; - } - } else - explicit_bzero(keybuf, 20); - p = enctmp; - } - - ret = b2i_PrivateKey(&p, keylen); - - err: - EVP_CIPHER_CTX_free(cctx); - if (enctmp && saltlen) - free(enctmp); - return ret; -} - - -EVP_PKEY * -b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u) -{ - unsigned char pvk_hdr[24], *buf = NULL; - const unsigned char *p; - size_t buflen; - EVP_PKEY *ret = NULL; - unsigned int saltlen, keylen; - - if (BIO_read(in, pvk_hdr, 24) != 24) { - PEMerror(PEM_R_PVK_DATA_TOO_SHORT); - return NULL; - } - p = pvk_hdr; - - if (!do_PVK_header(&p, 24, 0, &saltlen, &keylen)) - return 0; - buflen = keylen + saltlen; - buf = malloc(buflen); - if (!buf) { - PEMerror(ERR_R_MALLOC_FAILURE); - return 0; - } - p = buf; - if (BIO_read(in, buf, buflen) != buflen) { - PEMerror(PEM_R_PVK_DATA_TOO_SHORT); - goto err; - } - ret = do_PVK_body(&p, saltlen, keylen, cb, u); - - err: - freezero(buf, buflen); - return ret; -} -LCRYPTO_ALIAS(b2i_PVK_bio); - -static int -i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel, pem_password_cb *cb, - void *u) -{ - int outlen = 24, pklen; - unsigned char *p = NULL, *start = NULL, *salt = NULL; - EVP_CIPHER_CTX *cctx = NULL; - - if ((cctx = EVP_CIPHER_CTX_new()) == NULL) { - PEMerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if (enclevel != 0) - outlen += PVK_SALTLEN; - pklen = do_i2b(NULL, pk, 0); - if (pklen < 0) - goto err; - outlen += pklen; - start = p = malloc(outlen); - if (!p) { - PEMerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - write_ledword(&p, MS_PVKMAGIC); - write_ledword(&p, 0); - if (pk->type == EVP_PKEY_DSA) - write_ledword(&p, MS_KEYTYPE_SIGN); - else - write_ledword(&p, MS_KEYTYPE_KEYX); - write_ledword(&p, enclevel ? 1 : 0); - write_ledword(&p, enclevel ? PVK_SALTLEN : 0); - write_ledword(&p, pklen); - if (enclevel != 0) { - arc4random_buf(p, PVK_SALTLEN); - salt = p; - p += PVK_SALTLEN; - } - do_i2b(&p, pk, 0); - if (enclevel != 0) { - char psbuf[PEM_BUFSIZE]; - unsigned char keybuf[20]; - int enctmplen, inlen; - if (cb) - inlen = cb(psbuf, PEM_BUFSIZE, 1, u); - else - inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 1, u); - if (inlen <= 0) { - PEMerror(PEM_R_BAD_PASSWORD_READ); - goto err; - } - if (!derive_pvk_key(keybuf, salt, PVK_SALTLEN, - (unsigned char *)psbuf, inlen)) - goto err; - if (enclevel == 1) - memset(keybuf + 5, 0, 11); - p = salt + PVK_SALTLEN + 8; - if (!EVP_EncryptInit_ex(cctx, EVP_rc4(), NULL, keybuf, NULL)) - goto err; - explicit_bzero(keybuf, 20); - if (!EVP_EncryptUpdate(cctx, p, &enctmplen, p, pklen - 8)) - goto err; - if (!EVP_EncryptFinal_ex(cctx, p + enctmplen, &enctmplen)) - goto err; - } - EVP_CIPHER_CTX_free(cctx); - *out = start; - return outlen; - - err: - EVP_CIPHER_CTX_free(cctx); - free(start); - return -1; -} - -int -i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel, pem_password_cb *cb, void *u) -{ - unsigned char *tmp = NULL; - int outlen, wrlen; - - outlen = i2b_PVK(&tmp, pk, enclevel, cb, u); - if (outlen < 0) - return -1; - wrlen = BIO_write(out, tmp, outlen); - free(tmp); - if (wrlen != outlen) { - PEMerror(PEM_R_BIO_WRITE_FAILURE); - return -1; - } - return outlen; -} -LCRYPTO_ALIAS(i2b_PVK_bio); - -#endif - -#endif diff --git a/src/lib/libcrypto/perlasm/cbc.pl b/src/lib/libcrypto/perlasm/cbc.pl deleted file mode 100644 index 392f23e145..0000000000 --- a/src/lib/libcrypto/perlasm/cbc.pl +++ /dev/null @@ -1,331 +0,0 @@ -#!/usr/local/bin/perl - -# void des_ncbc_encrypt(input, output, length, schedule, ivec, enc) -# des_cblock (*input); -# des_cblock (*output); -# long length; -# des_key_schedule schedule; -# des_cblock (*ivec); -# int enc; -# -# calls -# des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); -# - -#&cbc("des_ncbc_encrypt","des_encrypt",0); -#&cbc("BF_cbc_encrypt","BF_encrypt","BF_encrypt", -# 1,4,5,3,5,-1); -#&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt", -# 0,4,5,3,5,-1); -#&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3", -# 0,6,7,3,4,5); -# -# When doing a cipher that needs bigendian order, -# for encrypt, the iv is kept in bigendian form, -# while for decrypt, it is kept in little endian. -sub cbc - { - local($name,$enc_func,$dec_func,$swap,$iv_off,$enc_off,$p1,$p2,$p3)=@_; - # name is the function name - # enc_func and dec_func and the functions to call for encrypt/decrypt - # swap is true if byte order needs to be reversed - # iv_off is parameter number for the iv - # enc_off is parameter number for the encrypt/decrypt flag - # p1,p2,p3 are the offsets for parameters to be passed to the - # underlying calls. - -&static_label("cbc_enc_jmp_table_".$name); -&static_label("ej1_".$name); -&static_label("ej2_".$name); -&static_label("ej3_".$name); -&static_label("ej4_".$name); -&static_label("ej5_".$name); -&static_label("ej6_".$name); -&static_label("ej7_".$name); - - &function_begin_B($name,""); - &comment(""); - - $in="esi"; - $out="edi"; - $count="ebp"; - - &push("ebp"); - &push("ebx"); - &push("esi"); - &push("edi"); - - $data_off=4; - $data_off+=4 if ($p1 > 0); - $data_off+=4 if ($p2 > 0); - $data_off+=4 if ($p3 > 0); - - &mov($count, &wparam(2)); # length - - &comment("getting iv ptr from parameter $iv_off"); - &mov("ebx", &wparam($iv_off)); # Get iv ptr - - &mov($in, &DWP(0,"ebx","",0));# iv[0] - &mov($out, &DWP(4,"ebx","",0));# iv[1] - - &push($out); - &push($in); - &push($out); # used in decrypt for iv[1] - &push($in); # used in decrypt for iv[0] - - &mov("ebx", "esp"); # This is the address of tin[2] - - &mov($in, &wparam(0)); # in - &mov($out, &wparam(1)); # out - - # We have loaded them all, how lets push things - &comment("getting encrypt flag from parameter $enc_off"); - &mov("ecx", &wparam($enc_off)); # Get enc flag - if ($p3 > 0) - { - &comment("get and push parameter $p3"); - if ($enc_off != $p3) - { &mov("eax", &wparam($p3)); &push("eax"); } - else { &push("ecx"); } - } - if ($p2 > 0) - { - &comment("get and push parameter $p2"); - if ($enc_off != $p2) - { &mov("eax", &wparam($p2)); &push("eax"); } - else { &push("ecx"); } - } - if ($p1 > 0) - { - &comment("get and push parameter $p1"); - if ($enc_off != $p1) - { &mov("eax", &wparam($p1)); &push("eax"); } - else { &push("ecx"); } - } - &push("ebx"); # push data/iv - - &cmp("ecx",0); - &jz(&label("decrypt")); - - &and($count,0xfffffff8); - &mov("eax", &DWP($data_off,"esp","",0)); # load iv[0] - &mov("ebx", &DWP($data_off+4,"esp","",0)); # load iv[1] - - &jz(&label("encrypt_finish")); - - ############################################################# - - &set_label("encrypt_loop"); - # encrypt start - # "eax" and "ebx" hold iv (or the last cipher text) - - &mov("ecx", &DWP(0,$in,"",0)); # load first 4 bytes - &mov("edx", &DWP(4,$in,"",0)); # second 4 bytes - - &xor("eax", "ecx"); - &xor("ebx", "edx"); - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - - &call($enc_func); - - &mov("eax", &DWP($data_off,"esp","",0)); - &mov("ebx", &DWP($data_off+4,"esp","",0)); - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP(0,$out,"",0),"eax"); - &mov(&DWP(4,$out,"",0),"ebx"); - - # eax and ebx are the next iv. - - &add($in, 8); - &add($out, 8); - - &sub($count, 8); - &jnz(&label("encrypt_loop")); - -###################################################################3 - &set_label("encrypt_finish"); - &mov($count, &wparam(2)); # length - &and($count, 7); - &jz(&label("finish")); - - &picsetup("edx"); - &picsymbol("ecx", &label("cbc_enc_jmp_table_".$name), "edx") - &mov($count,&DWP(0,"ecx",$count,4)); - &picadjust($count, "edx"); - - &xor("ecx","ecx"); - &xor("edx","edx"); - &jmp_ptr($count); - -&set_label("ej7_".$name); - &movb(&HB("edx"), &BP(6,$in,"",0)); - &shl("edx",8); -&set_label("ej6_".$name); - &movb(&HB("edx"), &BP(5,$in,"",0)); -&set_label("ej5_".$name); - &movb(&LB("edx"), &BP(4,$in,"",0)); -&set_label("ej4_".$name); - &mov("ecx", &DWP(0,$in,"",0)); - &jmp(&label("ejend")); -&set_label("ej3_".$name); - &movb(&HB("ecx"), &BP(2,$in,"",0)); - &shl("ecx",8); -&set_label("ej2_".$name); - &movb(&HB("ecx"), &BP(1,$in,"",0)); -&set_label("ej1_".$name); - &movb(&LB("ecx"), &BP(0,$in,"",0)); -&set_label("ejend"); - - &xor("eax", "ecx"); - &xor("ebx", "edx"); - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - - &call($enc_func); - - &mov("eax", &DWP($data_off,"esp","",0)); - &mov("ebx", &DWP($data_off+4,"esp","",0)); - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP(0,$out,"",0),"eax"); - &mov(&DWP(4,$out,"",0),"ebx"); - - &jmp(&label("finish")); - - ############################################################# - ############################################################# - &set_label("decrypt",1); - # decrypt start - &and($count,0xfffffff8); - # The next 2 instructions are only for if the jz is taken - &mov("eax", &DWP($data_off+8,"esp","",0)); # get iv[0] - &mov("ebx", &DWP($data_off+12,"esp","",0)); # get iv[1] - &jz(&label("decrypt_finish")); - - &set_label("decrypt_loop"); - &mov("eax", &DWP(0,$in,"",0)); # load first 4 bytes - &mov("ebx", &DWP(4,$in,"",0)); # second 4 bytes - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP($data_off,"esp","",0), "eax"); # put back - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - - &call($dec_func); - - &mov("eax", &DWP($data_off,"esp","",0)); # get return - &mov("ebx", &DWP($data_off+4,"esp","",0)); # - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov("ecx", &DWP($data_off+8,"esp","",0)); # get iv[0] - &mov("edx", &DWP($data_off+12,"esp","",0)); # get iv[1] - - &xor("ecx", "eax"); - &xor("edx", "ebx"); - - &mov("eax", &DWP(0,$in,"",0)); # get old cipher text, - &mov("ebx", &DWP(4,$in,"",0)); # next iv actually - - &mov(&DWP(0,$out,"",0),"ecx"); - &mov(&DWP(4,$out,"",0),"edx"); - - &mov(&DWP($data_off+8,"esp","",0), "eax"); # save iv - &mov(&DWP($data_off+12,"esp","",0), "ebx"); # - - &add($in, 8); - &add($out, 8); - - &sub($count, 8); - &jnz(&label("decrypt_loop")); -############################ ENDIT #######################3 - &set_label("decrypt_finish"); - &mov($count, &wparam(2)); # length - &and($count, 7); - &jz(&label("finish")); - - &mov("eax", &DWP(0,$in,"",0)); # load first 4 bytes - &mov("ebx", &DWP(4,$in,"",0)); # second 4 bytes - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP($data_off,"esp","",0), "eax"); # put back - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - - &call($dec_func); - - &mov("eax", &DWP($data_off,"esp","",0)); # get return - &mov("ebx", &DWP($data_off+4,"esp","",0)); # - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov("ecx", &DWP($data_off+8,"esp","",0)); # get iv[0] - &mov("edx", &DWP($data_off+12,"esp","",0)); # get iv[1] - - &xor("ecx", "eax"); - &xor("edx", "ebx"); - - # this is for when we exit - &mov("eax", &DWP(0,$in,"",0)); # get old cipher text, - &mov("ebx", &DWP(4,$in,"",0)); # next iv actually - - &rotr("edx", 16); - &movb(&BP(6,$out,"",0), &LB("edx")); - &shr("edx",16); - &movb(&BP(5,$out,"",0), &HB("edx")); - &movb(&BP(4,$out,"",0), &LB("edx")); - &mov(&DWP(0,$out,"",0), "ecx"); - - # final iv is still in eax:ebx - -############################ FINISH #######################3 - &set_label("finish",1); - &mov("ecx", &wparam($iv_off)); # Get iv ptr - - ################################################# - $total=16+4; - $total+=4 if ($p1 > 0); - $total+=4 if ($p2 > 0); - $total+=4 if ($p3 > 0); - &add("esp",$total); - - &mov(&DWP(0,"ecx","",0), "eax"); # save iv - &mov(&DWP(4,"ecx","",0), "ebx"); # save iv - - &function_end_A($name); - &function_end_B($name); - - &rodataseg(); - &align(64); - &set_label("cbc_enc_jmp_table_".$name); - &data_word("0"); - &data_word(&code_sym(&label("ej1_".$name))); - &data_word(&code_sym(&label("ej2_".$name))); - &data_word(&code_sym(&label("ej3_".$name))); - &data_word(&code_sym(&label("ej4_".$name))); - &data_word(&code_sym(&label("ej5_".$name))); - &data_word(&code_sym(&label("ej6_".$name))); - &data_word(&code_sym(&label("ej7_".$name))); - &previous(); - - } - -1; diff --git a/src/lib/libcrypto/perlasm/ppc-xlate.pl b/src/lib/libcrypto/perlasm/ppc-xlate.pl deleted file mode 100755 index a3edd982b6..0000000000 --- a/src/lib/libcrypto/perlasm/ppc-xlate.pl +++ /dev/null @@ -1,159 +0,0 @@ -#!/usr/bin/env perl - -# PowerPC assembler distiller by . - -my $flavour = shift; -my $output = shift; -open STDOUT,">$output" || die "can't open $output: $!"; - -my %GLOBALS; -my $dotinlocallabels=($flavour=~/linux/)?1:0; - -################################################################ -# directives which need special treatment on different platforms -################################################################ -my $globl = sub { - my $junk = shift; - my $name = shift; - my $global = \$GLOBALS{$name}; - my $ret; - - $name =~ s|^[\.\_]||; - - SWITCH: for ($flavour) { - /aix/ && do { $name = ".$name"; - last; - }; - /osx/ && do { $name = "_$name"; - last; - }; - /linux.*32/ && do { $ret .= ".globl $name\n"; - $ret .= ".type $name,\@function"; - last; - }; - /linux.*64/ && do { $ret .= ".globl $name\n"; - $ret .= ".type $name,\@function\n"; - $ret .= ".section \".opd\",\"aw\"\n"; - $ret .= ".align 3\n"; - $ret .= "$name:\n"; - $ret .= ".quad .$name,.TOC.\@tocbase,0\n"; - $ret .= ".size $name,24\n"; - $ret .= ".previous\n"; - - $name = ".$name"; - last; - }; - } - - $ret = ".globl $name" if (!$ret); - $$global = $name; - $ret; -}; -my $text = sub { - ($flavour =~ /aix/) ? ".csect" : ".text"; -}; -my $machine = sub { - my $junk = shift; - my $arch = shift; - if ($flavour =~ /osx/) - { $arch =~ s/\"//g; - $arch = ($flavour=~/64/) ? "ppc970-64" : "ppc970" if ($arch eq "any"); - } - ".machine $arch"; -}; -my $size = sub { - if ($flavour =~ /linux.*32/) - { shift; - ".size " . join(",",@_); - } - else - { ""; } -}; -my $asciz = sub { - shift; - my $line = join(",",@_); - if ($line =~ /^"(.*)"$/) - { ".byte " . join(",",unpack("C*",$1),0) . "\n.align 2"; } - else - { ""; } -}; - -################################################################ -# simplified mnemonics not handled by at least one assembler -################################################################ -my $cmplw = sub { - my $f = shift; - my $cr = 0; $cr = shift if ($#_>1); - # Some out-of-date 32-bit GNU assembler just can't handle cmplw... - ($flavour =~ /linux.*32/) ? - " .long ".sprintf "0x%x",31<<26|$cr<<23|$_[0]<<16|$_[1]<<11|64 : - " cmplw ".join(',',$cr,@_); -}; -my $bdnz = sub { - my $f = shift; - my $bo = $f=~/[\+\-]/ ? 16+9 : 16; # optional "to be taken" hint - " bc $bo,0,".shift; -} if ($flavour!~/linux/); -my $bltlr = sub { - my $f = shift; - my $bo = $f=~/\-/ ? 12+2 : 12; # optional "not to be taken" hint - ($flavour =~ /linux/) ? # GNU as doesn't allow most recent hints - " .long ".sprintf "0x%x",19<<26|$bo<<21|16<<1 : - " bclr $bo,0"; -}; -my $bnelr = sub { - my $f = shift; - my $bo = $f=~/\-/ ? 4+2 : 4; # optional "not to be taken" hint - ($flavour =~ /linux/) ? # GNU as doesn't allow most recent hints - " .long ".sprintf "0x%x",19<<26|$bo<<21|2<<16|16<<1 : - " bclr $bo,2"; -}; -my $beqlr = sub { - my $f = shift; - my $bo = $f=~/-/ ? 12+2 : 12; # optional "not to be taken" hint - ($flavour =~ /linux/) ? # GNU as doesn't allow most recent hints - " .long ".sprintf "0x%X",19<<26|$bo<<21|2<<16|16<<1 : - " bclr $bo,2"; -}; -# GNU assembler can't handle extrdi rA,rS,16,48, or when sum of last two -# arguments is 64, with "operand out of range" error. -my $extrdi = sub { - my ($f,$ra,$rs,$n,$b) = @_; - $b = ($b+$n)&63; $n = 64-$n; - " rldicl $ra,$rs,$b,$n"; -}; - -while($line=<>) { - - $line =~ s|[#!;].*$||; # get rid of asm-style comments... - $line =~ s|/\*.*\*/||; # ... and C-style comments... - $line =~ s|^\s+||; # ... and skip white spaces in beginning... - $line =~ s|\s+$||; # ... and at the end - - { - $line =~ s|\b\.L(\w+)|L$1|g; # common denominator for Locallabel - $line =~ s|\bL(\w+)|\.L$1|g if ($dotinlocallabels); - } - - { - $line =~ s|(^[\.\w]+)\:\s*||; - my $label = $1; - printf "%s:",($GLOBALS{$label} or $label) if ($label); - } - - { - $line =~ s|^\s*(\.?)(\w+)([\.\+\-]?)\s*||; - my $c = $1; $c = "\t" if ($c eq ""); - my $mnemonic = $2; - my $f = $3; - my $opcode = eval("\$$mnemonic"); - $line =~ s|\bc?[rf]([0-9]+)\b|$1|g if ($c ne "." and $flavour !~ /osx/); - if (ref($opcode) eq 'CODE') { $line = &$opcode($f,split(',',$line)); } - elsif ($mnemonic) { $line = $c.$mnemonic.$f."\t".$line; } - } - - print $line if ($line); - print "\n"; -} - -close STDOUT; diff --git a/src/lib/libcrypto/perlasm/readme b/src/lib/libcrypto/perlasm/readme deleted file mode 100644 index a7876bcc95..0000000000 --- a/src/lib/libcrypto/perlasm/readme +++ /dev/null @@ -1,124 +0,0 @@ -The perl scripts in this directory are my 'hack' to generate -multiple different assembler formats via the one original script. - -The way to use this library is to start with adding the path to this directory -and then include it. - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -The first thing we do is setup the file and type of assembler - -&asm_init($ARGV[0],$0); - -The first argument is the 'type'. Currently -'cpp', 'sol', 'a.out', 'elf' or 'win32'. -Argument 2 is the file name. - -The reciprocal function is -&asm_finish() which should be called at the end. - -There are 2 main 'packages'. x86ms.pl, which is the microsoft assembler, -and x86unix.pl which is the unix (gas) version. - -Functions of interest are: -&external_label("des_SPtrans"); declare and external variable -&LB(reg); Low byte for a register -&HB(reg); High byte for a register -&BP(off,base,index,scale) Byte pointer addressing -&DWP(off,base,index,scale) Word pointer addressing -&stack_push(num) Basically a 'sub esp, num*4' with extra -&stack_pop(num) inverse of stack_push -&function_begin(name,extra) Start a function with pushing of - edi, esi, ebx and ebp. extra is extra win32 - external info that may be required. -&function_begin_B(name,extra) Same as norma function_begin but no pushing. -&function_end(name) Call at end of function. -&function_end_A(name) Standard pop and ret, for use inside functions -&function_end_B(name) Call at end but with poping or 'ret'. -&swtmp(num) Address on stack temp word. -&wparam(num) Parameter number num, that was push - in C convention. This all works over pushes - and pops. -&comment("hello there") Put in a comment. -&label("loop") Refer to a label, normally a jmp target. -&set_label("loop") Set a label at this point. -&data_word(word) Put in a word of data. - -So how does this all hold together? Given - -int calc(int len, int *data) - { - int i,j=0; - - for (i=0; i. -# -# Why AT&T to MASM and not vice versa? Several reasons. Because AT&T -# format is way easier to parse. Because it's simpler to "gear" from -# Unix ABI to Windows one [see cross-reference "card" at the end of -# file]. Because Linux targets were available first... -# -# In addition the script also "distills" code suitable for GNU -# assembler, so that it can be compiled with more rigid assemblers, -# such as Solaris /usr/ccs/bin/as. -# -# This translator is not designed to convert *arbitrary* assembler -# code from AT&T format to MASM one. It's designed to convert just -# enough to provide for dual-ABI OpenSSL modules development... -# There *are* limitations and you might have to modify your assembler -# code or this script to achieve the desired result... -# -# Currently recognized limitations: -# -# - can't use multiple ops per line; -# -# Dual-ABI styling rules. -# -# 1. Adhere to Unix register and stack layout [see cross-reference -# ABI "card" at the end for explanation]. -# 2. Forget about "red zone," stick to more traditional blended -# stack frame allocation. If volatile storage is actually required -# that is. If not, just leave the stack as is. -# 3. Functions tagged with ".type name,@function" get crafted with -# unified Win64 prologue and epilogue automatically. If you want -# to take care of ABI differences yourself, tag functions as -# ".type name,@abi-omnipotent" instead. -# 4. To optimize the Win64 prologue you can specify number of input -# arguments as ".type name,@function,N." Keep in mind that if N is -# larger than 6, then you *have to* write "abi-omnipotent" code, -# because >6 cases can't be addressed with unified prologue. -# 5. Name local labels as .L*, do *not* use dynamic labels such as 1: -# (sorry about latter). -# 6. Don't use [or hand-code with .byte] "rep ret." "ret" mnemonic is -# required to identify the spots, where to inject Win64 epilogue! -# But on the pros, it's then prefixed with rep automatically:-) -# 7. Stick to explicit ip-relative addressing. If you have to use -# GOTPCREL addressing, stick to mov symbol@GOTPCREL(%rip),%r??. -# Both are recognized and translated to proper Win64 addressing -# modes. To support legacy code a synthetic directive, .picmeup, -# is implemented. It puts address of the *next* instruction into -# target register, e.g.: -# -# .picmeup %rax -# lea .Label-.(%rax),%rax -# -# 8. In order to provide for structured exception handling unified -# Win64 prologue copies %rsp value to %rax. For further details -# see SEH paragraph at the end. -# 9. .init segment is allowed to contain calls to functions only. -# a. If function accepts more than 4 arguments *and* >4th argument -# is declared as non 64-bit value, do clear its upper part. - -my $flavour = shift; -my $output = shift; -if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } - -open STDOUT,">$output" || die "can't open $output: $!" - if (defined($output)); - -my $gas=1; $gas=0 if ($output =~ /\.asm$/); -my $elf=1; $elf=0 if (!$gas); -my $win64=0; -my $prefix=""; -my $decor=".L"; - -my $masmref=8 + 50727*2**-32; # 8.00.50727 shipped with VS2005 -my $masm=0; -my $PTR=" PTR"; - -my $nasmref=2.03; -my $nasm=0; - -if ($flavour eq "mingw64") { $gas=1; $elf=0; $win64=1; - $prefix=`echo __USER_LABEL_PREFIX__ | $ENV{CC} -E -P -`; - chomp($prefix); - } -elsif ($flavour eq "macosx") { $gas=1; $elf=0; $prefix="_"; $decor="L\$"; } -elsif ($flavour eq "masm") { $gas=0; $elf=0; $masm=$masmref; $win64=1; $decor="\$L\$"; } -elsif ($flavour eq "nasm") { $gas=0; $elf=0; $nasm=$nasmref; $win64=1; $decor="\$L\$"; $PTR=""; } -elsif (!$gas) -{ if ($ENV{ASM} =~ m/nasm/ && `nasm -v` =~ m/version ([0-9]+)\.([0-9]+)/i) - { $nasm = $1 + $2*0.01; $PTR=""; } - elsif (`ml64 2>&1` =~ m/Version ([0-9]+)\.([0-9]+)(\.([0-9]+))?/) - { $masm = $1 + $2*2**-16 + $4*2**-32; } - die "no assembler found on %PATH" if (!($nasm || $masm)); - $win64=1; - $elf=0; - $decor="\$L\$"; -} - -my $current_segment; -my $current_function; -my %globals; - -{ package opcode; # pick up opcodes - sub re { - my $self = shift; # single instance in enough... - local *line = shift; - undef $ret; - - if ($line =~ /^([a-z][a-z0-9]*)/i) { - $self->{op} = $1; - $ret = $self; - $line = substr($line,@+[0]); $line =~ s/^\s+//; - - undef $self->{sz}; - if ($self->{op} =~ /^(movz)x?([bw]).*/) { # movz is pain... - $self->{op} = $1; - $self->{sz} = $2; - } elsif ($self->{op} =~ /call|jmp/) { - $self->{sz} = ""; - } elsif ($self->{op} =~ /^p/ && $' !~ /^(ush|op|insrw)/) { # SSEn - $self->{sz} = ""; - } elsif ($self->{op} =~ /^v/) { # VEX - $self->{sz} = ""; - } elsif ($self->{op} =~ /mov[dq]/ && $line =~ /%xmm/) { - $self->{sz} = ""; - } elsif ($self->{op} =~ /([a-z]{3,})([qlwb])$/) { - $self->{op} = $1; - $self->{sz} = $2; - } - } - $ret; - } - sub size { - my $self = shift; - my $sz = shift; - $self->{sz} = $sz if (defined($sz) && !defined($self->{sz})); - $self->{sz}; - } - sub out { - my $self = shift; - if ($gas) { - if ($self->{op} eq "movz") { # movz is pain... - sprintf "%s%s%s",$self->{op},$self->{sz},shift; - } elsif ($self->{op} =~ /^set/) { - "$self->{op}"; - } elsif ($self->{op} eq "ret") { - my $epilogue = ""; - if ($win64 && $current_function->{abi} eq "svr4") { - $epilogue = "movq 8(%rsp),%rdi\n\t" . - "movq 16(%rsp),%rsi\n\t"; - } - $epilogue . "retq"; - } elsif ($self->{op} eq "call" && !$elf && $current_segment eq ".init") { - ".p2align\t3\n\t.quad"; - } else { - "$self->{op}$self->{sz}"; - } - } else { - $self->{op} =~ s/^movz/movzx/; - if ($self->{op} eq "ret") { - $self->{op} = ""; - if ($win64 && $current_function->{abi} eq "svr4") { - $self->{op} = "mov rdi,QWORD${PTR}[8+rsp]\t;WIN64 epilogue\n\t". - "mov rsi,QWORD${PTR}[16+rsp]\n\t"; - } - $self->{op} .= "DB\t0F3h,0C3h\t\t;repret"; - } elsif ($self->{op} =~ /^(pop|push)f/) { - $self->{op} .= $self->{sz}; - } elsif ($self->{op} eq "call" && $current_segment eq ".CRT\$XCU") { - $self->{op} = "\tDQ"; - } - $self->{op}; - } - } - sub mnemonic { - my $self=shift; - my $op=shift; - $self->{op}=$op if (defined($op)); - $self->{op}; - } -} -{ package const; # pick up constants, which start with $ - sub re { - my $self = shift; # single instance in enough... - local *line = shift; - undef $ret; - - if ($line =~ /^\$([^,]+)/) { - $self->{value} = $1; - $ret = $self; - $line = substr($line,@+[0]); $line =~ s/^\s+//; - } - $ret; - } - sub out { - my $self = shift; - - if ($gas) { - # Solaris /usr/ccs/bin/as can't handle multiplications - # in $self->{value} - $self->{value} =~ s/(?{value} =~ s/([0-9]+\s*[\*\/\%]\s*[0-9]+)/eval($1)/eg; - sprintf "\$%s",$self->{value}; - } else { - $self->{value} =~ s/(0b[0-1]+)/oct($1)/eig; - $self->{value} =~ s/0x([0-9a-f]+)/0$1h/ig if ($masm); - sprintf "%s",$self->{value}; - } - } -} -{ package ea; # pick up effective addresses: expr(%reg,%reg,scale) - sub re { - my $self = shift; # single instance in enough... - local *line = shift; - undef $ret; - - # optional * ---vvv--- appears in indirect jmp/call - if ($line =~ /^(\*?)([^\(,]*)\(([%\w,]+)\)/) { - $self->{asterisk} = $1; - $self->{label} = $2; - ($self->{base},$self->{index},$self->{scale})=split(/,/,$3); - $self->{scale} = 1 if (!defined($self->{scale})); - $ret = $self; - $line = substr($line,@+[0]); $line =~ s/^\s+//; - - if ($win64 && $self->{label} =~ s/\@GOTPCREL//) { - die if (opcode->mnemonic() ne "mov"); - opcode->mnemonic("lea"); - } - $self->{base} =~ s/^%//; - $self->{index} =~ s/^%// if (defined($self->{index})); - } - $ret; - } - sub size {} - sub out { - my $self = shift; - my $sz = shift; - - $self->{label} =~ s/([_a-z][_a-z0-9]*)/$globals{$1} or $1/gei; - $self->{label} =~ s/\.L/$decor/g; - - # Silently convert all EAs to 64-bit. This is required for - # elder GNU assembler and results in more compact code, - # *but* most importantly AES module depends on this feature! - $self->{index} =~ s/^[er](.?[0-9xpi])[d]?$/r\1/; - $self->{base} =~ s/^[er](.?[0-9xpi])[d]?$/r\1/; - - # Solaris /usr/ccs/bin/as can't handle multiplications - # in $self->{label}, new gas requires sign extension... - use integer; - $self->{label} =~ s/(?{label} =~ s/([0-9]+\s*[\*\/\%]\s*[0-9]+)/eval($1)/eg; - $self->{label} =~ s/([0-9]+)/$1<<32>>32/eg; - - if ($gas) { - $self->{label} =~ s/^___imp_/__imp__/ if ($flavour eq "mingw64"); - - if (defined($self->{index})) { - sprintf "%s%s(%s,%%%s,%d)",$self->{asterisk}, - $self->{label}, - $self->{base}?"%$self->{base}":"", - $self->{index},$self->{scale}; - } else { - sprintf "%s%s(%%%s)", $self->{asterisk},$self->{label},$self->{base}; - } - } else { - %szmap = ( b=>"BYTE$PTR", w=>"WORD$PTR", l=>"DWORD$PTR", - q=>"QWORD$PTR",o=>"OWORD$PTR",x=>"XMMWORD$PTR" ); - - $self->{label} =~ s/\./\$/g; - $self->{label} =~ s/(?{label} = "($self->{label})" if ($self->{label} =~ /[\*\+\-\/]/); - $sz="q" if ($self->{asterisk} || opcode->mnemonic() eq "movq"); - $sz="l" if (opcode->mnemonic() eq "movd"); - - if (defined($self->{index})) { - sprintf "%s[%s%s*%d%s]",$szmap{$sz}, - $self->{label}?"$self->{label}+":"", - $self->{index},$self->{scale}, - $self->{base}?"+$self->{base}":""; - } elsif ($self->{base} eq "rip") { - sprintf "%s[%s]",$szmap{$sz},$self->{label}; - } else { - sprintf "%s[%s%s]",$szmap{$sz}, - $self->{label}?"$self->{label}+":"", - $self->{base}; - } - } - } -} -{ package register; # pick up registers, which start with %. - sub re { - my $class = shift; # multiple instances... - my $self = {}; - local *line = shift; - undef $ret; - - # optional * ---vvv--- appears in indirect jmp/call - if ($line =~ /^(\*?)%(\w+)/) { - bless $self,$class; - $self->{asterisk} = $1; - $self->{value} = $2; - $ret = $self; - $line = substr($line,@+[0]); $line =~ s/^\s+//; - } - $ret; - } - sub size { - my $self = shift; - undef $ret; - - if ($self->{value} =~ /^r[\d]+b$/i) { $ret="b"; } - elsif ($self->{value} =~ /^r[\d]+w$/i) { $ret="w"; } - elsif ($self->{value} =~ /^r[\d]+d$/i) { $ret="l"; } - elsif ($self->{value} =~ /^r[\w]+$/i) { $ret="q"; } - elsif ($self->{value} =~ /^[a-d][hl]$/i){ $ret="b"; } - elsif ($self->{value} =~ /^[\w]{2}l$/i) { $ret="b"; } - elsif ($self->{value} =~ /^[\w]{2}$/i) { $ret="w"; } - elsif ($self->{value} =~ /^e[a-z]{2}$/i){ $ret="l"; } - - $ret; - } - sub out { - my $self = shift; - if ($gas) { sprintf "%s%%%s",$self->{asterisk},$self->{value}; } - else { $self->{value}; } - } -} -{ package label; # pick up labels, which end with : - sub re { - my $self = shift; # single instance is enough... - local *line = shift; - undef $ret; - - if ($line =~ /(^[\.\w]+)\:/) { - $self->{value} = $1; - $ret = $self; - $line = substr($line,@+[0]); $line =~ s/^\s+//; - - $self->{value} =~ s/^\.L/$decor/; - } - $ret; - } - sub out { - my $self = shift; - - if ($gas) { - my $func = ($globals{$self->{value}} or $self->{value}) . ":"; - if ($win64 && - $current_function->{name} eq $self->{value} && - $current_function->{abi} eq "svr4") { - $func .= "\n"; - $func .= " movq %rdi,8(%rsp)\n"; - $func .= " movq %rsi,16(%rsp)\n"; - $func .= " movq %rsp,%rax\n"; - $func .= "${decor}SEH_begin_$current_function->{name}:\n"; - my $narg = $current_function->{narg}; - $narg=6 if (!defined($narg)); - $func .= " movq %rcx,%rdi\n" if ($narg>0); - $func .= " movq %rdx,%rsi\n" if ($narg>1); - $func .= " movq %r8,%rdx\n" if ($narg>2); - $func .= " movq %r9,%rcx\n" if ($narg>3); - $func .= " movq 40(%rsp),%r8\n" if ($narg>4); - $func .= " movq 48(%rsp),%r9\n" if ($narg>5); - } - $func; - } elsif ($self->{value} ne "$current_function->{name}") { - $self->{value} .= ":" if ($masm && $ret!~m/^\$/); - $self->{value} . ":"; - } elsif ($win64 && $current_function->{abi} eq "svr4") { - my $func = "$current_function->{name}" . - ($nasm ? ":" : "\tPROC $current_function->{scope}") . - "\n"; - $func .= " mov QWORD${PTR}[8+rsp],rdi\t;WIN64 prologue\n"; - $func .= " mov QWORD${PTR}[16+rsp],rsi\n"; - $func .= " mov rax,rsp\n"; - $func .= "${decor}SEH_begin_$current_function->{name}:"; - $func .= ":" if ($masm); - $func .= "\n"; - my $narg = $current_function->{narg}; - $narg=6 if (!defined($narg)); - $func .= " mov rdi,rcx\n" if ($narg>0); - $func .= " mov rsi,rdx\n" if ($narg>1); - $func .= " mov rdx,r8\n" if ($narg>2); - $func .= " mov rcx,r9\n" if ($narg>3); - $func .= " mov r8,QWORD${PTR}[40+rsp]\n" if ($narg>4); - $func .= " mov r9,QWORD${PTR}[48+rsp]\n" if ($narg>5); - $func .= "\n"; - } else { - "$current_function->{name}". - ($nasm ? ":" : "\tPROC $current_function->{scope}"); - } - } -} -{ package expr; # pick up expressions - sub re { - my $self = shift; # single instance is enough... - local *line = shift; - undef $ret; - - if ($line =~ /(^[^,]+)/) { - $self->{value} = $1; - $ret = $self; - $line = substr($line,@+[0]); $line =~ s/^\s+//; - - $self->{value} =~ s/\@PLT// if (!$elf); - $self->{value} =~ s/([_a-z][_a-z0-9]*)/$globals{$1} or $1/gei; - $self->{value} =~ s/\.L/$decor/g; - } - $ret; - } - sub out { - my $self = shift; - if ($nasm && opcode->mnemonic()=~m/^j/) { - "NEAR ".$self->{value}; - } else { - $self->{value}; - } - } -} -{ package directive; # pick up directives, which start with . - sub re { - my $self = shift; # single instance is enough... - local *line = shift; - undef $ret; - my $dir; - my %opcode = # lea 2f-1f(%rip),%dst; 1: nop; 2: - ( "%rax"=>0x01058d48, "%rcx"=>0x010d8d48, - "%rdx"=>0x01158d48, "%rbx"=>0x011d8d48, - "%rsp"=>0x01258d48, "%rbp"=>0x012d8d48, - "%rsi"=>0x01358d48, "%rdi"=>0x013d8d48, - "%r8" =>0x01058d4c, "%r9" =>0x010d8d4c, - "%r10"=>0x01158d4c, "%r11"=>0x011d8d4c, - "%r12"=>0x01258d4c, "%r13"=>0x012d8d4c, - "%r14"=>0x01358d4c, "%r15"=>0x013d8d4c ); - - if ($line =~ /^\s*(\.\w+)/) { - $dir = $1; - $ret = $self; - undef $self->{value}; - $line = substr($line,@+[0]); $line =~ s/^\s+//; - - SWITCH: for ($dir) { - /\.picmeup/ && do { if ($line =~ /(%r[\w]+)/i) { - $dir="\t.long"; - $line=sprintf "0x%x,0x90000000",$opcode{$1}; - } - last; - }; - /\.global|\.globl|\.extern/ - && do { $globals{$line} = $prefix . $line; - $line = $globals{$line} if ($prefix); - last; - }; - /\.type/ && do { ($sym,$type,$narg) = split(',',$line); - if ($type eq "\@function") { - undef $current_function; - $current_function->{name} = $sym; - $current_function->{abi} = "svr4"; - $current_function->{narg} = $narg; - $current_function->{scope} = defined($globals{$sym})?"PUBLIC":"PRIVATE"; - } elsif ($type eq "\@abi-omnipotent") { - undef $current_function; - $current_function->{name} = $sym; - $current_function->{scope} = defined($globals{$sym})?"PUBLIC":"PRIVATE"; - } - $line =~ s/\@abi\-omnipotent/\@function/; - $line =~ s/\@function.*/\@function/; - last; - }; - /\.asciz/ && do { if ($line =~ /^"(.*)"$/) { - $dir = ".byte"; - $line = join(",",unpack("C*",$1),0); - } - last; - }; - /\.rva|\.long|\.quad/ - && do { $line =~ s/([_a-z][_a-z0-9]*)/$globals{$1} or $1/gei; - $line =~ s/\.L/$decor/g; - last; - }; - } - - if ($gas) { - $self->{value} = $dir . "\t" . $line; - - if ($dir =~ /\.extern/) { - $self->{value} = ""; # swallow extern - } elsif (!$elf && $dir =~ /\.type/) { - $self->{value} = ""; - $self->{value} = ".def\t" . ($globals{$1} or $1) . ";\t" . - (defined($globals{$1})?".scl 2;":".scl 3;") . - "\t.type 32;\t.endef" - if ($win64 && $line =~ /([^,]+),\@function/); - } elsif (!$elf && $dir =~ /\.size/) { - $self->{value} = ""; - if (defined($current_function)) { - $self->{value} .= "${decor}SEH_end_$current_function->{name}:" - if ($win64 && $current_function->{abi} eq "svr4"); - undef $current_function; - } - } elsif (!$elf && $dir =~ /\.align/) { - $self->{value} = ".p2align\t" . (log($line)/log(2)); - } elsif ($dir eq ".section") { - $current_segment=$line; - if (!$elf && $current_segment eq ".rodata") { - if ($flavour eq "macosx") { $self->{value} = ".section\t__DATA,__const"; } - } - if (!$elf && $current_segment eq ".init") { - if ($flavour eq "macosx") { $self->{value} = ".mod_init_func"; } - elsif ($flavour eq "mingw64") { $self->{value} = ".section\t.ctors"; } - } - } elsif ($dir =~ /\.(text|data)/) { - $current_segment=".$1"; - } elsif ($dir =~ /\.hidden/) { - if ($flavour eq "macosx") { $self->{value} = ".private_extern\t$prefix$line"; } - elsif ($flavour eq "mingw64") { $self->{value} = ""; } - } elsif ($dir =~ /\.comm/) { - $self->{value} = "$dir\t$prefix$line"; - $self->{value} =~ s|,([0-9]+),([0-9]+)$|",$1,".log($2)/log(2)|e if ($flavour eq "macosx"); - } - $line = ""; - return $self; - } - - # non-gas case or nasm/masm - SWITCH: for ($dir) { - /\.text/ && do { my $v=undef; - if ($nasm) { - $v="section .text code align=64\n"; - } else { - $v="$current_segment\tENDS\n" if ($current_segment); - $current_segment = ".text\$"; - $v.="$current_segment\tSEGMENT "; - $v.=$masm>=$masmref ? "ALIGN(64)" : "PAGE"; - $v.=" 'CODE'"; - } - $self->{value} = $v; - last; - }; - /\.data/ && do { my $v=undef; - if ($nasm) { - $v="section .data data align=8\n"; - } else { - $v="$current_segment\tENDS\n" if ($current_segment); - $current_segment = "_DATA"; - $v.="$current_segment\tSEGMENT"; - } - $self->{value} = $v; - last; - }; - /\.section/ && do { my $v=undef; - $line =~ s/([^,]*).*/$1/; - $line = ".CRT\$XCU" if ($line eq ".init"); - $line = ".rdata" if ($line eq ".rodata"); - if ($nasm) { - $v="section $line"; - if ($line=~/\.([prx])data/) { - $v.=" rdata align="; - $v.=$1 eq "p"? 4 : 8; - } elsif ($line=~/\.CRT\$/i) { - $v.=" rdata align=8"; - } - } else { - $v="$current_segment\tENDS\n" if ($current_segment); - $v.="$line\tSEGMENT"; - if ($line=~/\.([prx])data/) { - $v.=" READONLY"; - if ($masm>=$masmref) { - if ($1 eq "r") { - $v.=" ALIGN(64)"; - } elsif ($1 eq "p") { - $v.=" ALIGN(4)"; - } else { - $v.=" ALIGN(8)"; - } - } - } elsif ($line=~/\.CRT\$/i) { - $v.=" READONLY "; - $v.=$masm>=$masmref ? "ALIGN(8)" : "DWORD"; - } - } - $current_segment = $line; - $self->{value} = $v; - last; - }; - /\.extern/ && do { $self->{value} = "EXTERN\t".$line; - $self->{value} .= ":NEAR" if ($masm); - last; - }; - /\.globl|.global/ - && do { $self->{value} = $masm?"PUBLIC":"global"; - $self->{value} .= "\t".$line; - last; - }; - /\.size/ && do { if (defined($current_function)) { - undef $self->{value}; - if ($current_function->{abi} eq "svr4") { - $self->{value}="${decor}SEH_end_$current_function->{name}:"; - $self->{value}.=":\n" if($masm); - } - $self->{value}.="$current_function->{name}\tENDP" if($masm && $current_function->{name}); - undef $current_function; - } - last; - }; - /\.align/ && do { $self->{value} = "ALIGN\t".$line; last; }; - /\.(value|long|rva|quad)/ - && do { my $sz = substr($1,0,1); - my @arr = split(/,\s*/,$line); - my $last = pop(@arr); - my $conv = sub { my $var=shift; - $var=~s/^(0b[0-1]+)/oct($1)/eig; - $var=~s/^0x([0-9a-f]+)/0$1h/ig if ($masm); - if ($sz eq "D" && ($current_segment=~/.[px]data/ || $dir eq ".rva")) - { $var=~s/([_a-z\$\@][_a-z0-9\$\@]*)/$nasm?"$1 wrt ..imagebase":"imagerel $1"/egi; } - $var; - }; - - $sz =~ tr/bvlrq/BWDDQ/; - $self->{value} = "\tD$sz\t"; - for (@arr) { $self->{value} .= &$conv($_).","; } - $self->{value} .= &$conv($last); - last; - }; - /\.byte/ && do { my @str=split(/,\s*/,$line); - map(s/(0b[0-1]+)/oct($1)/eig,@str); - map(s/0x([0-9a-f]+)/0$1h/ig,@str) if ($masm); - while ($#str>15) { - $self->{value}.="DB\t" - .join(",",@str[0..15])."\n"; - foreach (0..15) { shift @str; } - } - $self->{value}.="DB\t" - .join(",",@str) if (@str); - last; - }; - /\.comm/ && do { my @str=split(/,\s*/,$line); - my $v=undef; - if ($nasm) { - $v.="common $prefix@str[0] @str[1]"; - } else { - $v="$current_segment\tENDS\n" if ($current_segment); - $current_segment = "_DATA"; - $v.="$current_segment\tSEGMENT\n"; - $v.="COMM @str[0]:DWORD:".@str[1]/4; - } - $self->{value} = $v; - last; - }; - } - $line = ""; - } - - $ret; - } - sub out { - my $self = shift; - $self->{value}; - } -} - -sub rex { - local *opcode=shift; - my ($dst,$src,$rex)=@_; - - $rex|=0x04 if($dst>=8); - $rex|=0x01 if($src>=8); - push @opcode,($rex|0x40) if ($rex); -} - -# older gas and ml64 don't handle SSE>2 instructions -my %regrm = ( "%eax"=>0, "%ecx"=>1, "%edx"=>2, "%ebx"=>3, - "%esp"=>4, "%ebp"=>5, "%esi"=>6, "%edi"=>7 ); - -if ($flavour ne "openbsd") { - -$movq = sub { # elderly gas can't handle inter-register movq - my $arg = shift; - my @opcode=(0x66); - if ($arg =~ /%xmm([0-9]+),\s*%r(\w+)/) { - my ($src,$dst)=($1,$2); - if ($dst !~ /[0-9]+/) { $dst = $regrm{"%e$dst"}; } - rex(\@opcode,$src,$dst,0x8); - push @opcode,0x0f,0x7e; - push @opcode,0xc0|(($src&7)<<3)|($dst&7); # ModR/M - @opcode; - } elsif ($arg =~ /%r(\w+),\s*%xmm([0-9]+)/) { - my ($src,$dst)=($2,$1); - if ($dst !~ /[0-9]+/) { $dst = $regrm{"%e$dst"}; } - rex(\@opcode,$src,$dst,0x8); - push @opcode,0x0f,0x6e; - push @opcode,0xc0|(($src&7)<<3)|($dst&7); # ModR/M - @opcode; - } else { - (); - } -}; - -} - -my $pextrd = sub { - if (shift =~ /\$([0-9]+),\s*%xmm([0-9]+),\s*(%\w+)/) { - my @opcode=(0x66); - $imm=$1; - $src=$2; - $dst=$3; - if ($dst =~ /%r([0-9]+)d/) { $dst = $1; } - elsif ($dst =~ /%e/) { $dst = $regrm{$dst}; } - rex(\@opcode,$src,$dst); - push @opcode,0x0f,0x3a,0x16; - push @opcode,0xc0|(($src&7)<<3)|($dst&7); # ModR/M - push @opcode,$imm; - @opcode; - } else { - (); - } -}; - -my $pinsrd = sub { - if (shift =~ /\$([0-9]+),\s*(%\w+),\s*%xmm([0-9]+)/) { - my @opcode=(0x66); - $imm=$1; - $src=$2; - $dst=$3; - if ($src =~ /%r([0-9]+)/) { $src = $1; } - elsif ($src =~ /%e/) { $src = $regrm{$src}; } - rex(\@opcode,$dst,$src); - push @opcode,0x0f,0x3a,0x22; - push @opcode,0xc0|(($dst&7)<<3)|($src&7); # ModR/M - push @opcode,$imm; - @opcode; - } else { - (); - } -}; - -if ($flavour ne "openbsd") { - -$pshufb = sub { - if (shift =~ /%xmm([0-9]+),\s*%xmm([0-9]+)/) { - my @opcode=(0x66); - rex(\@opcode,$2,$1); - push @opcode,0x0f,0x38,0x00; - push @opcode,0xc0|($1&7)|(($2&7)<<3); # ModR/M - @opcode; - } else { - (); - } -}; - -$palignr = sub { - if (shift =~ /\$([0-9]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) { - my @opcode=(0x66); - rex(\@opcode,$3,$2); - push @opcode,0x0f,0x3a,0x0f; - push @opcode,0xc0|($2&7)|(($3&7)<<3); # ModR/M - push @opcode,$1; - @opcode; - } else { - (); - } -}; - -$pclmulqdq = sub { - if (shift =~ /\$([x0-9a-f]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) { - my @opcode=(0x66); - rex(\@opcode,$3,$2); - push @opcode,0x0f,0x3a,0x44; - push @opcode,0xc0|($2&7)|(($3&7)<<3); # ModR/M - my $c=$1; - push @opcode,$c=~/^0/?oct($c):$c; - @opcode; - } else { - (); - } -}; - -} - -if ($nasm) { - print <<___; -default rel -%define XMMWORD -___ -} elsif ($masm) { - print <<___; -OPTION DOTNAME -___ -} - -if ($nasm) { - print <<___; -\%define _CET_ENDBR -___ -} else { - print <<___; -#if defined(__CET__) -#include -#else -#define _CET_ENDBR -#endif - -___ -} - -print "#include \"x86_arch.h\"\n"; - -while($line=<>) { - - chomp($line); - - $line =~ s|[#!].*$||; # get rid of asm-style comments... - $line =~ s|/\*.*\*/||; # ... and C-style comments... - $line =~ s|^\s+||; # ... and skip white spaces in beginning - - undef $label; - undef $opcode; - undef @args; - - if ($label=label->re(\$line)) { print $label->out(); } - - if (directive->re(\$line)) { - printf "%s",directive->out(); - } elsif ($opcode=opcode->re(\$line)) { - my $asm = eval("\$".$opcode->mnemonic()); - undef @bytes; - - if ((ref($asm) eq 'CODE') && scalar(@bytes=&$asm($line))) { - print $gas?".byte\t":"DB\t",join(',',@bytes),"\n"; - next; - } - - ARGUMENT: while (1) { - my $arg; - - if ($arg=register->re(\$line)) { opcode->size($arg->size()); } - elsif ($arg=const->re(\$line)) { } - elsif ($arg=ea->re(\$line)) { } - elsif ($arg=expr->re(\$line)) { } - else { last ARGUMENT; } - - push @args,$arg; - - last ARGUMENT if ($line !~ /^,/); - - $line =~ s/^,\s*//; - } # ARGUMENT: - - if ($#args>=0) { - my $insn; - my $sz=opcode->size(); - - if ($gas) { - $insn = $opcode->out($#args>=1?$args[$#args]->size():$sz); - @args = map($_->out($sz),@args); - printf "\t%s\t%s",$insn,join(",",@args); - } else { - $insn = $opcode->out(); - foreach (@args) { - my $arg = $_->out(); - # $insn.=$sz compensates for movq, pinsrw, ... - if ($arg =~ /^xmm[0-9]+$/) { $insn.=$sz; $sz="x" if(!$sz); last; } - if ($arg =~ /^mm[0-9]+$/) { $insn.=$sz; $sz="q" if(!$sz); last; } - } - @args = reverse(@args); - undef $sz if ($nasm && $opcode->mnemonic() eq "lea"); - printf "\t%s\t%s",$insn,join(",",map($_->out($sz),@args)); - } - } else { - printf "\t%s",$opcode->out(); - } - } - - print $line,"\n"; -} - -print "\n$current_segment\tENDS\n" if ($current_segment && $masm); -print "END\n" if ($masm); - -close STDOUT; - - ################################################# -# Cross-reference x86_64 ABI "card" -# -# Unix Win64 -# %rax * * -# %rbx - - -# %rcx #4 #1 -# %rdx #3 #2 -# %rsi #2 - -# %rdi #1 - -# %rbp - - -# %rsp - - -# %r8 #5 #3 -# %r9 #6 #4 -# %r10 * * -# %r11 * * -# %r12 - - -# %r13 - - -# %r14 - - -# %r15 - - -# -# (*) volatile register -# (-) preserved by callee -# (#) Nth argument, volatile -# -# In Unix terms top of stack is argument transfer area for arguments -# which could not be accommodated in registers. Or in other words 7th -# [integer] argument resides at 8(%rsp) upon function entry point. -# 128 bytes above %rsp constitute a "red zone" which is not touched -# by signal handlers and can be used as temporal storage without -# allocating a frame. -# -# In Win64 terms N*8 bytes on top of stack is argument transfer area, -# which belongs to/can be overwritten by callee. N is the number of -# arguments passed to callee, *but* not less than 4! This means that -# upon function entry point 5th argument resides at 40(%rsp), as well -# as that 32 bytes from 8(%rsp) can always be used as temporal -# storage [without allocating a frame]. One can actually argue that -# one can assume a "red zone" above stack pointer under Win64 as well. -# Point is that at apparently no occasion Windows kernel would alter -# the area above user stack pointer in true asynchronous manner... -# -# All the above means that if assembler programmer adheres to Unix -# register and stack layout, but disregards the "red zone" existence, -# it's possible to use following prologue and epilogue to "gear" from -# Unix to Win64 ABI in leaf functions with not more than 6 arguments. -# -# omnipotent_function: -# ifdef WIN64 -# movq %rdi,8(%rsp) -# movq %rsi,16(%rsp) -# movq %rcx,%rdi ; if 1st argument is actually present -# movq %rdx,%rsi ; if 2nd argument is actually ... -# movq %r8,%rdx ; if 3rd argument is ... -# movq %r9,%rcx ; if 4th argument ... -# movq 40(%rsp),%r8 ; if 5th ... -# movq 48(%rsp),%r9 ; if 6th ... -# endif -# ... -# ifdef WIN64 -# movq 8(%rsp),%rdi -# movq 16(%rsp),%rsi -# endif -# ret -# - ################################################# -# Win64 SEH, Structured Exception Handling. -# -# Unlike on Unix systems(*) lack of Win64 stack unwinding information -# has undesired side-effect at run-time: if an exception is raised in -# assembler subroutine such as those in question (basically we're -# referring to segmentation violations caused by malformed input -# parameters), the application is briskly terminated without invoking -# any exception handlers, most notably without generating memory dump -# or any user notification whatsoever. This poses a problem. It's -# possible to address it by registering custom language-specific -# handler that would restore processor context to the state at -# subroutine entry point and return "exception is not handled, keep -# unwinding" code. Writing such handler can be a challenge... But it's -# doable, though requires certain coding convention. Consider following -# snippet: -# -# .type function,@function -# function: -# movq %rsp,%rax # copy rsp to volatile register -# pushq %r15 # save non-volatile registers -# pushq %rbx -# pushq %rbp -# movq %rsp,%r11 -# subq %rdi,%r11 # prepare [variable] stack frame -# andq $-64,%r11 -# movq %rax,0(%r11) # check for exceptions -# movq %r11,%rsp # allocate [variable] stack frame -# movq %rax,0(%rsp) # save original rsp value -# magic_point: -# ... -# movq 0(%rsp),%rcx # pull original rsp value -# movq -24(%rcx),%rbp # restore non-volatile registers -# movq -16(%rcx),%rbx -# movq -8(%rcx),%r15 -# movq %rcx,%rsp # restore original rsp -# ret -# .size function,.-function -# -# The key is that up to magic_point copy of original rsp value remains -# in chosen volatile register and no non-volatile register, except for -# rsp, is modified. While past magic_point rsp remains constant till -# the very end of the function. In this case custom language-specific -# exception handler would look like this: -# -# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame, -# CONTEXT *context,DISPATCHER_CONTEXT *disp) -# { ULONG64 *rsp = (ULONG64 *)context->Rax; -# if (context->Rip >= magic_point) -# { rsp = ((ULONG64 **)context->Rsp)[0]; -# context->Rbp = rsp[-3]; -# context->Rbx = rsp[-2]; -# context->R15 = rsp[-1]; -# } -# context->Rsp = (ULONG64)rsp; -# context->Rdi = rsp[1]; -# context->Rsi = rsp[2]; -# -# memcpy (disp->ContextRecord,context,sizeof(CONTEXT)); -# RtlVirtualUnwind(UNW_FLAG_NHANDLER,disp->ImageBase, -# dips->ControlPc,disp->FunctionEntry,disp->ContextRecord, -# &disp->HandlerData,&disp->EstablisherFrame,NULL); -# return ExceptionContinueSearch; -# } -# -# It's appropriate to implement this handler in assembler, directly in -# function's module. In order to do that one has to know members' -# offsets in CONTEXT and DISPATCHER_CONTEXT structures and some constant -# values. Here they are: -# -# CONTEXT.Rax 120 -# CONTEXT.Rcx 128 -# CONTEXT.Rdx 136 -# CONTEXT.Rbx 144 -# CONTEXT.Rsp 152 -# CONTEXT.Rbp 160 -# CONTEXT.Rsi 168 -# CONTEXT.Rdi 176 -# CONTEXT.R8 184 -# CONTEXT.R9 192 -# CONTEXT.R10 200 -# CONTEXT.R11 208 -# CONTEXT.R12 216 -# CONTEXT.R13 224 -# CONTEXT.R14 232 -# CONTEXT.R15 240 -# CONTEXT.Rip 248 -# CONTEXT.Xmm6 512 -# sizeof(CONTEXT) 1232 -# DISPATCHER_CONTEXT.ControlPc 0 -# DISPATCHER_CONTEXT.ImageBase 8 -# DISPATCHER_CONTEXT.FunctionEntry 16 -# DISPATCHER_CONTEXT.EstablisherFrame 24 -# DISPATCHER_CONTEXT.TargetIp 32 -# DISPATCHER_CONTEXT.ContextRecord 40 -# DISPATCHER_CONTEXT.LanguageHandler 48 -# DISPATCHER_CONTEXT.HandlerData 56 -# UNW_FLAG_NHANDLER 0 -# ExceptionContinueSearch 1 -# -# In order to tie the handler to the function one has to compose -# couple of structures: one for .xdata segment and one for .pdata. -# -# UNWIND_INFO structure for .xdata segment would be -# -# function_unwind_info: -# .byte 9,0,0,0 -# .rva handler -# -# This structure designates exception handler for a function with -# zero-length prologue, no stack frame or frame register. -# -# To facilitate composing of .pdata structures, auto-generated "gear" -# prologue copies rsp value to rax and denotes next instruction with -# .LSEH_begin_{function_name} label. This essentially defines the SEH -# styling rule mentioned in the beginning. Position of this label is -# chosen in such manner that possible exceptions raised in the "gear" -# prologue would be accounted to caller and unwound from latter's frame. -# End of function is marked with respective .LSEH_end_{function_name} -# label. To summarize, .pdata segment would contain -# -# .rva .LSEH_begin_function -# .rva .LSEH_end_function -# .rva function_unwind_info -# -# Reference to functon_unwind_info from .xdata segment is the anchor. -# In case you wonder why references are 32-bit .rvas and not 64-bit -# .quads. References put into these two segments are required to be -# *relative* to the base address of the current binary module, a.k.a. -# image base. No Win64 module, be it .exe or .dll, can be larger than -# 2GB and thus such relative references can be and are accommodated in -# 32 bits. -# -# Having reviewed the example function code, one can argue that "movq -# %rsp,%rax" above is redundant. It is not! Keep in mind that on Unix -# rax would contain an undefined value. If this "offends" you, use -# another register and refrain from modifying rax till magic_point is -# reached, i.e. as if it was a non-volatile register. If more registers -# are required prior [variable] frame setup is completed, note that -# nobody says that you can have only one "magic point." You can -# "liberate" non-volatile registers by denoting last stack off-load -# instruction and reflecting it in finer grade unwind logic in handler. -# After all, isn't it why it's called *language-specific* handler... -# -# Attentive reader can notice that exceptions would be mishandled in -# auto-generated "gear" epilogue. Well, exception effectively can't -# occur there, because if memory area used by it was subject to -# segmentation violation, then it would be raised upon call to the -# function (and as already mentioned be accounted to caller, which is -# not a problem). If you're still not comfortable, then define tail -# "magic point" just prior ret instruction and have handler treat it... -# -# (*) Note that we're talking about run-time, not debug-time. Lack of -# unwind information makes debugging hard on both Windows and -# Unix. "Unlike" referes to the fact that on Unix signal handler -# will always be invoked, core dumped and appropriate exit code -# returned to parent (for user notification). diff --git a/src/lib/libcrypto/perlasm/x86asm.pl b/src/lib/libcrypto/perlasm/x86asm.pl deleted file mode 100644 index 7e72707684..0000000000 --- a/src/lib/libcrypto/perlasm/x86asm.pl +++ /dev/null @@ -1,257 +0,0 @@ -#!/usr/bin/env perl - -# require 'x86asm.pl'; -# &asm_init(,"aes-586.pl"[,$x86only]); -# &function_begin("foo"); -# ... -# &function_end("foo"); -# &asm_finish - -$out=(); -$i386=0; - -# AUTOLOAD is this context has quite unpleasant side effect, namely -# that typos in function calls effectively go to assembler output, -# but on the pros side we don't have to implement one subroutine per -# each opcode... -sub ::AUTOLOAD -{ my $opcode = $AUTOLOAD; - - die "more than 4 arguments passed to $opcode" if ($#_>3); - - $opcode =~ s/.*:://; - if ($opcode =~ /^push/) { $stack+=4; } - elsif ($opcode =~ /^pop/) { $stack-=4; } - - &generic($opcode,@_) or die "undefined subroutine \&$AUTOLOAD"; -} - -sub ::emit -{ my $opcode=shift; - - if ($#_==-1) { push(@out,"\t$opcode\n"); } - else { push(@out,"\t$opcode\t".join(',',@_)."\n"); } -} - -sub ::emitraw -{ my $opcode=shift; - - if ($#_==-1) { push(@out,"$opcode\n"); } - else { push(@out,"$opcode\t".join(',',@_)."\n"); } -} - -sub ::LB -{ $_[0] =~ m/^e?([a-d])x$/o or die "$_[0] does not have a 'low byte'"; - $1."l"; -} -sub ::HB -{ $_[0] =~ m/^e?([a-d])x$/o or die "$_[0] does not have a 'high byte'"; - $1."h"; -} -sub ::stack_push{ my $num=$_[0]*4; $stack+=$num; &sub("esp",$num); } -sub ::stack_pop { my $num=$_[0]*4; $stack-=$num; &add("esp",$num); } -sub ::blindpop { &pop($_[0]); $stack+=4; } -sub ::wparam { &DWP($stack+4*$_[0],"esp"); } -sub ::swtmp { &DWP(4*$_[0],"esp"); } - -sub ::bswap -{ if ($i386) # emulate bswap for i386 - { &comment("bswap @_"); - &xchg(&HB(@_),&LB(@_)); - &ror (@_,16); - &xchg(&HB(@_),&LB(@_)); - } - else - { &generic("bswap",@_); } -} -# These are made-up opcodes introduced over the years essentially -# by ignorance, just alias them to real ones... -sub ::movb { &mov(@_); } -sub ::xorb { &xor(@_); } -sub ::rotl { &rol(@_); } -sub ::rotr { &ror(@_); } -sub ::exch { &xchg(@_); } -sub ::halt { &hlt; } -sub ::movz { &movzx(@_); } -sub ::pushf { &pushfd; } -sub ::popf { &popfd; } - -# 3 argument instructions -sub ::movq -{ my($p1,$p2,$optimize)=@_; - - if ($optimize && $p1=~/^mm[0-7]$/ && $p2=~/^mm[0-7]$/) - # movq between mmx registers can sink Intel CPUs - { &::pshufw($p1,$p2,0xe4); } - else - { &::generic("movq",@_); } -} - -# SSE>2 instructions -my %regrm = ( "eax"=>0, "ecx"=>1, "edx"=>2, "ebx"=>3, - "esp"=>4, "ebp"=>5, "esi"=>6, "edi"=>7 ); -sub ::pextrd -{ my($dst,$src,$imm)=@_; - if ("$dst:$src" =~ /(e[a-dsd][ixp]):xmm([0-7])/) - { &::data_byte(0x66,0x0f,0x3a,0x16,0xc0|($2<<3)|$regrm{$1},$imm); } - else - { &::generic("pextrd",@_); } -} - -sub ::pinsrd -{ my($dst,$src,$imm)=@_; - if ("$dst:$src" =~ /xmm([0-7]):(e[a-dsd][ixp])/) - { &::data_byte(0x66,0x0f,0x3a,0x22,0xc0|($1<<3)|$regrm{$2},$imm); } - else - { &::generic("pinsrd",@_); } -} - -sub ::pshufb -{ my($dst,$src)=@_; - if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/) - { &data_byte(0x66,0x0f,0x38,0x00,0xc0|($1<<3)|$2); } - else - { &::generic("pshufb",@_); } -} - -sub ::palignr -{ my($dst,$src,$imm)=@_; - if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/) - { &::data_byte(0x66,0x0f,0x3a,0x0f,0xc0|($1<<3)|$2,$imm); } - else - { &::generic("palignr",@_); } -} - -sub ::pclmulqdq -{ my($dst,$src,$imm)=@_; - if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/) - { &::data_byte(0x66,0x0f,0x3a,0x44,0xc0|($1<<3)|$2,$imm); } - else - { &::generic("pclmulqdq",@_); } -} - -# label management -$lbdecor="L"; # local label decoration, set by package -$label="000"; - -sub ::islabel # see is argument is a known label -{ my $i; - foreach $i (values %label) { return $i if ($i eq $_[0]); } - $label{$_[0]}; # can be undef -} - -sub ::label # instantiate a function-scope label -{ if (!defined($label{$_[0]})) - { $label{$_[0]}="${lbdecor}${label}${_[0]}"; $label++; } - $label{$_[0]}; -} - -sub ::LABEL # instantiate a file-scope label -{ $label{$_[0]}=$_[1] if (!defined($label{$_[0]})); - $label{$_[0]}; -} - -sub ::static_label { &::LABEL($_[0],$lbdecor.$_[0]); } - -sub ::set_label_B { push(@out,"@_:\n"); } -sub ::set_label -{ my $label=&::label($_[0]); - &::align($_[1]) if ($_[1]>1); - &::set_label_B($label); - $label; -} - -sub ::wipe_labels # wipes function-scope labels -{ foreach $i (keys %label) - { delete $label{$i} if ($label{$i} =~ /^\Q${lbdecor}\E[0-9]{3}/); } -} - -# subroutine management -sub ::function_begin -{ &function_begin_B(@_); - $stack=4; - &push("ebp"); - &push("ebx"); - &push("esi"); - &push("edi"); -} - -sub ::function_end -{ &pop("edi"); - &pop("esi"); - &pop("ebx"); - &pop("ebp"); - &ret(); - &function_end_B(@_); - $stack=0; - &wipe_labels(); -} - -sub ::function_end_A -{ &pop("edi"); - &pop("esi"); - &pop("ebx"); - &pop("ebp"); - &ret(); - $stack+=16; # readjust esp as if we didn't pop anything -} - -sub ::asciz -{ my @str=unpack("C*",shift); - push @str,0; - while ($#str>15) { - &data_byte(@str[0..15]); - foreach (0..15) { shift @str; } - } - &data_byte(@str) if (@str); -} - -sub ::asm_finish -{ &file_end(); - print @out; -} - -sub ::asm_init -{ my ($type,$fn,$cpu)=@_; - - $filename=$fn; - $i386=$cpu; - - $elf=$cpp=$coff=$aout=$macosx=$win32=$openbsd=$android=0; - if (($type eq "elf")) - { $elf=1; require "x86gas.pl"; } - elsif (($type eq "a\.out")) - { $aout=1; require "x86gas.pl"; } - elsif (($type eq "coff" or $type eq "gaswin")) - { $coff=1; require "x86gas.pl"; } - elsif (($type eq "macosx")) - { $aout=1; $macosx=1; require "x86gas.pl"; } - elsif (($type eq "openbsd-elf")) - { $openbsd=$elf=1; require "x86gas.pl"; } - elsif (($type eq "openbsd-a.out")) - { $openbsd=1; require "x86gas.pl"; } - elsif (($type eq "android")) - { $elf=1; $android=1; require "x86gas.pl"; } - else - { print STDERR <<"EOF"; -Pick one target type from - elf - Linux, FreeBSD, Solaris x86, etc. - a.out - DJGPP, elder OpenBSD, etc. - coff - GAS/COFF such as Win32 targets - openbsd-elf - OpenBSD elf - openbsd-a.out - OpenBSD a.out - macosx - Mac OS X -EOF - exit(1); - } - - $pic=0; - for (@ARGV) { $pic=1 if (/\-[fK]PIC/i); } - - ::emitraw("#include \"x86_arch.h\"\n"); - ::emitraw("#include \n") if $openbsd; - $filename =~ s/\.pl$//; - &file($filename); -} - -1; diff --git a/src/lib/libcrypto/perlasm/x86gas.pl b/src/lib/libcrypto/perlasm/x86gas.pl deleted file mode 100644 index b84e28be97..0000000000 --- a/src/lib/libcrypto/perlasm/x86gas.pl +++ /dev/null @@ -1,315 +0,0 @@ -#!/usr/bin/env perl - -package x86gas; - -*out=\@::out; - -$::lbdecor=$::aout?"L":".L"; # local label decoration -$nmdecor=($::aout or $::coff)?"_":""; # external name decoration - -$initseg=""; - -$align=16; -$align=log($align)/log(2) if ($::aout); -$com_start="#" if ($::aout or $::coff); - -sub opsize() -{ my $reg=shift; - if ($reg =~ m/^%e/o) { "l"; } - elsif ($reg =~ m/^%[a-d][hl]$/o) { "b"; } - elsif ($reg =~ m/^%[xm]/o) { undef; } - else { "w"; } -} - -# swap arguments; -# expand opcode with size suffix; -# prefix numeric constants with $; -sub ::generic -{ my($opcode,@arg)=@_; - my($suffix,$dst,$src); - - @arg=reverse(@arg); - - for (@arg) - { s/^(\*?)(e?[a-dsixphl]{2})$/$1%$2/o; # gp registers - s/^([xy]?mm[0-7])$/%$1/o; # xmm/mmx registers - s/^(\-?[0-9]+)$/\$$1/o; # constants - s/^(\-?0x[0-9a-f]+)$/\$$1/o; # constants - } - - $dst = $arg[$#arg] if ($#arg>=0); - $src = $arg[$#arg-1] if ($#arg>=1); - if ($dst =~ m/^%/o) { $suffix=&opsize($dst); } - elsif ($src =~ m/^%/o) { $suffix=&opsize($src); } - else { $suffix="l"; } - undef $suffix if ($dst =~ m/^%[xm]/o || $src =~ m/^%[xm]/o); - - if ($#_==0) { &::emit($opcode); } - elsif ($#_==1 && $opcode =~ m/^(call|clflush|j|loop|set)/o) - { &::emit($opcode,@arg); } - else { &::emit($opcode.$suffix,@arg);} - - 1; -} -# -# opcodes not covered by ::generic above, mostly inconsistent namings... -# -sub ::movzx { &::movzb(@_); } -sub ::pushfd { &::pushfl; } -sub ::popfd { &::popfl; } -sub ::cpuid { &::emit(".byte\t0x0f,0xa2"); } -sub ::rdtsc { &::emit(".byte\t0x0f,0x31"); } - -sub ::call { &::emit("call",(&::islabel($_[0]) or "$nmdecor$_[0]")); } -sub ::call_ptr { &::generic("call","*$_[0]"); } -sub ::jmp_ptr { &::generic("jmp","*$_[0]"); } - -*::bswap = sub { &::emit("bswap","%$_[0]"); } if (!$::i386); - -sub ::DWP -{ my($addr,$reg1,$reg2,$idx)=@_; - my $ret=""; - - $addr =~ s/^\s+//; - # prepend global references with optional underscore - $addr =~ s/^([^\+\-0-9][^\+\-]*)/&::islabel($1) or "$nmdecor$1"/ige; - - $reg1 = "%$reg1" if ($reg1); - $reg2 = "%$reg2" if ($reg2); - - $ret .= $addr if (($addr ne "") && ($addr ne 0)); - - if ($reg2) - { $idx!= 0 or $idx=1; - $ret .= "($reg1,$reg2,$idx)"; - } - elsif ($reg1) - { $ret .= "($reg1)"; } - - $ret; -} -sub ::QWP { &::DWP(@_); } -sub ::BP { &::DWP(@_); } -sub ::WP { &::DWP(@_); } -sub ::BC { @_; } -sub ::DWC { @_; } - -sub ::file -{ push(@out,".file\t\"$_[0].s\"\n.text\n"); } - -sub ::function_begin_B -{ my $func=shift; - my $global=($func !~ /^_/); - my $begin="${::lbdecor}_${func}_begin"; - - &::LABEL($func,$global?"$begin":"$nmdecor$func"); - $func=$nmdecor.$func; - - push(@out,".globl\t$func\n") if ($global); - if ($::coff) - { push(@out,".def\t$func;\t.scl\t".(3-$global).";\t.type\t32;\t.endef\n"); } - elsif (($::aout and !$::pic) or $::macosx) - { } - else - { push(@out,".type $func,\@function\n"); } - push(@out,".align\t$align\n"); - push(@out,"$func:\n"); - push(@out,"$begin:\n") if ($global); - $::stack=4; -} - -sub ::function_end_B -{ my $func=shift; - push(@out,".size\t$nmdecor$func,.-".&::LABEL($func)."\n") if ($::elf); - $::stack=0; - &::wipe_labels(); -} - -sub ::comment - { - if (!defined($com_start) or $::elf) - { # Regarding $::elf above... - # GNU and SVR4 as'es use different comment delimiters, - push(@out,"\n"); # so we just skip ELF comments... - return; - } - foreach (@_) - { - if (/^\s*$/) - { push(@out,"\n"); } - else - { push(@out,"\t$com_start $_ $com_end\n"); } - } - } - -sub ::external_label -{ foreach(@_) { &::LABEL($_,$nmdecor.$_); } } - -sub ::public_label -{ push(@out,".globl\t".&::LABEL($_[0],$nmdecor.$_[0])."\n"); } - -sub ::file_end -{ if ($::macosx) - { if (%non_lazy_ptr) - { push(@out,".section __IMPORT,__pointers,non_lazy_symbol_pointers\n"); - foreach $i (keys %non_lazy_ptr) - { push(@out,"$non_lazy_ptr{$i}:\n.indirect_symbol\t$i\n.long\t0\n"); } - } - } - if (grep {/\b${nmdecor}OPENSSL_ia32cap_P\b/i} @out) { - push (@out, ".extern\t${nmdecor}OPENSSL_ia32cap_P\n"); - push (@out, ".hidden\t${nmdecor}OPENSSL_ia32cap_P\n"); - } - push(@out,$initseg) if ($initseg); -} - -sub ::data_byte { push(@out,".byte\t".join(',',@_)."\n"); } -sub ::data_short{ push(@out,".value\t".join(',',@_)."\n"); } -sub ::data_word { push(@out,".long\t".join(',',@_)."\n"); } - -sub ::align -{ my $val=$_[0],$p2,$i; - if ($::aout) - { for ($p2=0;$val!=0;$val>>=1) { $p2++; } - $val=$p2-1; - $val.=",0x90"; - } - push(@out,".align\t$val\n"); -} - -# -# PIC data access wrappers -# -# Usage: -# picsetup($base) -# - only allowed once per function (because of hardcoded label name), -# sets up pic access, uses $base register as temporary -# picsymbol($dst, $sym, $base) -# - loads the address of symbol $sym into $dst with the help of $base -# initialized by picsetup -# picadjust($sym, $base) -# - adjusts a code pointer read from a code_sym table with the help of -# $base initialized by picsetup -# code_sym($sym) -# - emits a pointer to the given code symbol, relative to the GOT if -# PIC. This pointer will need to be adjusted with picadjust above -# before use. - -sub ::picsetup -{ my($base)=@_; - - if (($::pic && ($::openbsd || $::elf || $::aout)) || $::macosx) - { - &::call(&::label("PIC_setup")); - &::set_label("PIC_setup"); - &::blindpop($base); - if ($::macosx) - { my $indirect=&::static_label("$nmdecor$sym\$non_lazy_ptr"); - $non_lazy_ptr{"$nmdecor$sym"}=$indirect; - } - } -} - -sub ::picsymbol -{ my($dst,$sym,$base)=@_; - - if (($::pic && ($::openbsd || $::elf || $::aout)) || $::macosx) - { - my $reflabel=&::label("PIC_setup"); - if ($::macosx) - { my $indirect=$non_lazy_ptr{"$nmdecor$sym"}; - &::mov($dst,&::DWP("$indirect-$reflabel",$base)); - } - else - { &::lea($dst,&::DWP("_GLOBAL_OFFSET_TABLE_+[.-$reflabel]", - $base)); - &::mov($dst,&::DWP("$sym\@GOT",$dst)); - } - } - else - { &::lea($dst,&::DWP($sym)); } -} - -sub ::picadjust -{ my($sym,$base)=@_; - - if (($::pic && ($::openbsd || $::elf || $::aout)) || $::macosx) - { - my $reflabel=&::label("PIC_setup"); - &::lea($sym,&::DWP("_GLOBAL_OFFSET_TABLE_+[.-$reflabel]", - $base,$sym)); - } -} - -sub ::code_sym -{ my($sym)=@_; - - if (($::pic && ($::openbsd || $::elf || $::aout)) || $::macosx) - { - $sym."\@GOTOFF"; - } - else - { - $sym; - } -} - -sub ::initseg -{ my $f=$nmdecor.shift; - - if ($::openbsd) - { $initseg.=<<___; -.section .init -PIC_PROLOGUE - call PIC_PLT($f) -PIC_EPILOGUE -___ - } elsif ($::android) - { $initseg.=<<___; -.section .init_array -.align 4 -.long $f -___ - } - elsif ($::elf) - { $initseg.=<<___; -.section .init - call $f -___ - } - elsif ($::coff) - { $initseg.=<<___; # applies to both Cygwin and Mingw -.section .ctors -.long $f -___ - } - elsif ($::macosx) - { $initseg.=<<___; -.mod_init_func -.align 2 -.long $f -___ - } - elsif ($::aout) - { my $ctor="${nmdecor}_GLOBAL_\$I\$$f"; - $initseg.=".text\n"; - $initseg.=".type $ctor,\@function\n" if ($::pic); - $initseg.=<<___; # OpenBSD way... -.globl $ctor -.align 2 -$ctor: - jmp $f -___ - } -} - -sub ::dataseg -{ push(@out,".data\n"); } - -sub ::rodataseg -{ push(@out,".section .rodata\n"); } - -sub ::previous -{ push(@out,".previous\n"); } - -1; diff --git a/src/lib/libcrypto/pkcs12/p12_add.c b/src/lib/libcrypto/pkcs12/p12_add.c deleted file mode 100644 index f6f42c558c..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_add.c +++ /dev/null @@ -1,229 +0,0 @@ -/* $OpenBSD: p12_add.c,v 1.25 2024/03/02 10:20:27 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include - -#include "pkcs12_local.h" -#include "x509_local.h" - -/* Pack an object into an OCTET STRING and turn into a safebag */ - -PKCS12_SAFEBAG * -PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it, int nid1, int nid2) -{ - PKCS12_BAGS *bag; - PKCS12_SAFEBAG *safebag; - - if (!(bag = PKCS12_BAGS_new())) { - PKCS12error(ERR_R_MALLOC_FAILURE); - return NULL; - } - bag->type = OBJ_nid2obj(nid1); - if (!ASN1_item_pack(obj, it, &bag->value.octet)) { - PKCS12error(ERR_R_MALLOC_FAILURE); - PKCS12_BAGS_free(bag); - return NULL; - } - if (!(safebag = PKCS12_SAFEBAG_new())) { - PKCS12error(ERR_R_MALLOC_FAILURE); - PKCS12_BAGS_free(bag); - return NULL; - } - safebag->value.bag = bag; - safebag->type = OBJ_nid2obj(nid2); - return safebag; -} - -/* Turn a stack of SAFEBAGS into a PKCS#7 data Contentinfo */ -PKCS7 * -PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk) -{ - PKCS7 *p7; - - if (!(p7 = PKCS7_new())) { - PKCS12error(ERR_R_MALLOC_FAILURE); - return NULL; - } - p7->type = OBJ_nid2obj(NID_pkcs7_data); - if (!(p7->d.data = ASN1_OCTET_STRING_new())) { - PKCS12error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!ASN1_item_pack(sk, &PKCS12_SAFEBAGS_it, &p7->d.data)) { - PKCS12error(PKCS12_R_CANT_PACK_STRUCTURE); - goto err; - } - return p7; - -err: - PKCS7_free(p7); - return NULL; -} - -/* Unpack SAFEBAGS from PKCS#7 data ContentInfo */ -STACK_OF(PKCS12_SAFEBAG) * -PKCS12_unpack_p7data(PKCS7 *p7) -{ - ASN1_OCTET_STRING *aos; - - if (!PKCS7_type_is_data(p7)) { - PKCS12error(PKCS12_R_CONTENT_TYPE_NOT_DATA); - return NULL; - } - if ((aos = PKCS7_get_octet_string(p7)) == NULL) - return NULL; - return ASN1_item_unpack(aos, &PKCS12_SAFEBAGS_it); -} -LCRYPTO_ALIAS(PKCS12_unpack_p7data); - -/* Turn a stack of SAFEBAGS into a PKCS#7 encrypted data ContentInfo */ - -PKCS7 * -PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen, - unsigned char *salt, int saltlen, int iter, STACK_OF(PKCS12_SAFEBAG) *bags) -{ - PKCS7 *p7; - X509_ALGOR *pbe; - const EVP_CIPHER *pbe_ciph; - - if (!(p7 = PKCS7_new())) { - PKCS12error(ERR_R_MALLOC_FAILURE); - return NULL; - } - if (!PKCS7_set_type(p7, NID_pkcs7_encrypted)) { - PKCS12error(PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE); - goto err; - } - - pbe_ciph = EVP_get_cipherbynid(pbe_nid); - - if (pbe_ciph) - pbe = PKCS5_pbe2_set(pbe_ciph, iter, salt, saltlen); - else - pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen); - - if (!pbe) { - PKCS12error(ERR_R_MALLOC_FAILURE); - goto err; - } - X509_ALGOR_free(p7->d.encrypted->enc_data->algorithm); - p7->d.encrypted->enc_data->algorithm = pbe; - ASN1_OCTET_STRING_free(p7->d.encrypted->enc_data->enc_data); - if (!(p7->d.encrypted->enc_data->enc_data = PKCS12_item_i2d_encrypt( - pbe, &PKCS12_SAFEBAGS_it, pass, passlen, bags, 1))) { - PKCS12error(PKCS12_R_ENCRYPT_ERROR); - goto err; - } - - return p7; - -err: - PKCS7_free(p7); - return NULL; -} - -STACK_OF(PKCS12_SAFEBAG) * -PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass, int passlen) -{ - PKCS7_ENC_CONTENT *content; - - if (!PKCS7_type_is_encrypted(p7)) - return NULL; - if (p7->d.encrypted == NULL) - return NULL; - if ((content = p7->d.encrypted->enc_data) == NULL) - return NULL; - return PKCS12_item_decrypt_d2i(content->algorithm, &PKCS12_SAFEBAGS_it, - pass, passlen, content->enc_data, 1); -} -LCRYPTO_ALIAS(PKCS12_unpack_p7encdata); - -PKCS8_PRIV_KEY_INFO * -PKCS12_decrypt_skey(const PKCS12_SAFEBAG *bag, const char *pass, int passlen) -{ - return PKCS8_decrypt(bag->value.shkeybag, pass, passlen); -} -LCRYPTO_ALIAS(PKCS12_decrypt_skey); - -int -PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes) -{ - if (ASN1_item_pack(safes, &PKCS12_AUTHSAFES_it, - &p12->authsafes->d.data)) - return 1; - return 0; -} - -STACK_OF(PKCS7) * -PKCS12_unpack_authsafes(const PKCS12 *p12) -{ - ASN1_OCTET_STRING *aos; - - if (!PKCS7_type_is_data(p12->authsafes)) { - PKCS12error(PKCS12_R_CONTENT_TYPE_NOT_DATA); - return NULL; - } - if ((aos = PKCS7_get_octet_string(p12->authsafes)) == NULL) - return NULL; - return ASN1_item_unpack(aos, &PKCS12_AUTHSAFES_it); -} -LCRYPTO_ALIAS(PKCS12_unpack_authsafes); diff --git a/src/lib/libcrypto/pkcs12/p12_asn.c b/src/lib/libcrypto/pkcs12/p12_asn.c deleted file mode 100644 index fd2f431f46..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_asn.c +++ /dev/null @@ -1,485 +0,0 @@ -/* $OpenBSD: p12_asn.c,v 1.16 2024/07/09 06:13:22 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include - -#include "pkcs12_local.h" - -/* PKCS#12 ASN1 module */ - -static const ASN1_TEMPLATE PKCS12_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS12, version), - .field_name = "version", - .item = &ASN1_INTEGER_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS12, authsafes), - .field_name = "authsafes", - .item = &PKCS7_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(PKCS12, mac), - .field_name = "mac", - .item = &PKCS12_MAC_DATA_it, - }, -}; - -const ASN1_ITEM PKCS12_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = PKCS12_seq_tt, - .tcount = sizeof(PKCS12_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(PKCS12), - .sname = "PKCS12", -}; -LCRYPTO_ALIAS(PKCS12_it); - - -PKCS12 * -d2i_PKCS12(PKCS12 **a, const unsigned char **in, long len) -{ - return (PKCS12 *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &PKCS12_it); -} -LCRYPTO_ALIAS(d2i_PKCS12); - -int -i2d_PKCS12(PKCS12 *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS12_it); -} -LCRYPTO_ALIAS(i2d_PKCS12); - -PKCS12 * -PKCS12_new(void) -{ - return (PKCS12 *)ASN1_item_new(&PKCS12_it); -} -LCRYPTO_ALIAS(PKCS12_new); - -void -PKCS12_free(PKCS12 *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &PKCS12_it); -} -LCRYPTO_ALIAS(PKCS12_free); - -static const ASN1_TEMPLATE PKCS12_MAC_DATA_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS12_MAC_DATA, dinfo), - .field_name = "dinfo", - .item = &X509_SIG_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS12_MAC_DATA, salt), - .field_name = "salt", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(PKCS12_MAC_DATA, iter), - .field_name = "iter", - .item = &ASN1_INTEGER_it, - }, -}; - -const ASN1_ITEM PKCS12_MAC_DATA_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = PKCS12_MAC_DATA_seq_tt, - .tcount = sizeof(PKCS12_MAC_DATA_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(PKCS12_MAC_DATA), - .sname = "PKCS12_MAC_DATA", -}; - - -PKCS12_MAC_DATA * -d2i_PKCS12_MAC_DATA(PKCS12_MAC_DATA **a, const unsigned char **in, long len) -{ - return (PKCS12_MAC_DATA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &PKCS12_MAC_DATA_it); -} - -int -i2d_PKCS12_MAC_DATA(PKCS12_MAC_DATA *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS12_MAC_DATA_it); -} - -PKCS12_MAC_DATA * -PKCS12_MAC_DATA_new(void) -{ - return (PKCS12_MAC_DATA *)ASN1_item_new(&PKCS12_MAC_DATA_it); -} - -void -PKCS12_MAC_DATA_free(PKCS12_MAC_DATA *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &PKCS12_MAC_DATA_it); -} - -static const ASN1_TEMPLATE bag_default_tt = { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 0, - .offset = offsetof(PKCS12_BAGS, value.other), - .field_name = "value.other", - .item = &ASN1_ANY_it, -}; - -static const ASN1_ADB_TABLE PKCS12_BAGS_adbtbl[] = { - { - .value = NID_x509Certificate, - .tt = { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 0, - .offset = offsetof(PKCS12_BAGS, value.x509cert), - .field_name = "value.x509cert", - .item = &ASN1_OCTET_STRING_it, - }, - - }, - { - .value = NID_x509Crl, - .tt = { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 0, - .offset = offsetof(PKCS12_BAGS, value.x509crl), - .field_name = "value.x509crl", - .item = &ASN1_OCTET_STRING_it, - }, - - }, - { - .value = NID_sdsiCertificate, - .tt = { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 0, - .offset = offsetof(PKCS12_BAGS, value.sdsicert), - .field_name = "value.sdsicert", - .item = &ASN1_IA5STRING_it, - }, - - }, -}; - -static const ASN1_ADB PKCS12_BAGS_adb = { - .flags = 0, - .offset = offsetof(PKCS12_BAGS, type), - .tbl = PKCS12_BAGS_adbtbl, - .tblcount = sizeof(PKCS12_BAGS_adbtbl) / sizeof(ASN1_ADB_TABLE), - .default_tt = &bag_default_tt, - .null_tt = NULL, -}; - -static const ASN1_TEMPLATE PKCS12_BAGS_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS12_BAGS, type), - .field_name = "type", - .item = &ASN1_OBJECT_it, - }, - { - .flags = ASN1_TFLG_ADB_OID, - .tag = -1, - .offset = 0, - .field_name = "PKCS12_BAGS", - .item = (const ASN1_ITEM *)&PKCS12_BAGS_adb, - }, -}; - -const ASN1_ITEM PKCS12_BAGS_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = PKCS12_BAGS_seq_tt, - .tcount = sizeof(PKCS12_BAGS_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(PKCS12_BAGS), - .sname = "PKCS12_BAGS", -}; - - -PKCS12_BAGS * -d2i_PKCS12_BAGS(PKCS12_BAGS **a, const unsigned char **in, long len) -{ - return (PKCS12_BAGS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &PKCS12_BAGS_it); -} - -int -i2d_PKCS12_BAGS(PKCS12_BAGS *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS12_BAGS_it); -} - -PKCS12_BAGS * -PKCS12_BAGS_new(void) -{ - return (PKCS12_BAGS *)ASN1_item_new(&PKCS12_BAGS_it); -} - -void -PKCS12_BAGS_free(PKCS12_BAGS *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &PKCS12_BAGS_it); -} - -static const ASN1_TEMPLATE safebag_default_tt = { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 0, - .offset = offsetof(PKCS12_SAFEBAG, value.other), - .field_name = "value.other", - .item = &ASN1_ANY_it, -}; - -static const ASN1_ADB_TABLE PKCS12_SAFEBAG_adbtbl[] = { - { - .value = NID_keyBag, - .tt = { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 0, - .offset = offsetof(PKCS12_SAFEBAG, value.keybag), - .field_name = "value.keybag", - .item = &PKCS8_PRIV_KEY_INFO_it, - }, - - }, - { - .value = NID_pkcs8ShroudedKeyBag, - .tt = { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 0, - .offset = offsetof(PKCS12_SAFEBAG, value.shkeybag), - .field_name = "value.shkeybag", - .item = &X509_SIG_it, - }, - - }, - { - .value = NID_safeContentsBag, - .tt = { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF, - .tag = 0, - .offset = offsetof(PKCS12_SAFEBAG, value.safes), - .field_name = "value.safes", - .item = &PKCS12_SAFEBAG_it, - }, - }, - { - .value = NID_certBag, - .tt = { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 0, - .offset = offsetof(PKCS12_SAFEBAG, value.bag), - .field_name = "value.bag", - .item = &PKCS12_BAGS_it, - }, - - }, - { - .value = NID_crlBag, - .tt = { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 0, - .offset = offsetof(PKCS12_SAFEBAG, value.bag), - .field_name = "value.bag", - .item = &PKCS12_BAGS_it, - }, - - }, - { - .value = NID_secretBag, - .tt = { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 0, - .offset = offsetof(PKCS12_SAFEBAG, value.bag), - .field_name = "value.bag", - .item = &PKCS12_BAGS_it, - }, - - }, -}; - -static const ASN1_ADB PKCS12_SAFEBAG_adb = { - .flags = 0, - .offset = offsetof(PKCS12_SAFEBAG, type), - .tbl = PKCS12_SAFEBAG_adbtbl, - .tblcount = sizeof(PKCS12_SAFEBAG_adbtbl) / sizeof(ASN1_ADB_TABLE), - .default_tt = &safebag_default_tt, - .null_tt = NULL, -}; - -static const ASN1_TEMPLATE PKCS12_SAFEBAG_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS12_SAFEBAG, type), - .field_name = "type", - .item = &ASN1_OBJECT_it, - }, - { - .flags = ASN1_TFLG_ADB_OID, - .tag = -1, - .offset = 0, - .field_name = "PKCS12_SAFEBAG", - .item = (const ASN1_ITEM *)&PKCS12_SAFEBAG_adb, - }, - { - .flags = ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(PKCS12_SAFEBAG, attrib), - .field_name = "attrib", - .item = &X509_ATTRIBUTE_it, - }, -}; - -const ASN1_ITEM PKCS12_SAFEBAG_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = PKCS12_SAFEBAG_seq_tt, - .tcount = sizeof(PKCS12_SAFEBAG_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(PKCS12_SAFEBAG), - .sname = "PKCS12_SAFEBAG", -}; -LCRYPTO_ALIAS(PKCS12_SAFEBAG_it); - - -PKCS12_SAFEBAG * -d2i_PKCS12_SAFEBAG(PKCS12_SAFEBAG **a, const unsigned char **in, long len) -{ - return (PKCS12_SAFEBAG *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &PKCS12_SAFEBAG_it); -} -LCRYPTO_ALIAS(d2i_PKCS12_SAFEBAG); - -int -i2d_PKCS12_SAFEBAG(PKCS12_SAFEBAG *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS12_SAFEBAG_it); -} -LCRYPTO_ALIAS(i2d_PKCS12_SAFEBAG); - -PKCS12_SAFEBAG * -PKCS12_SAFEBAG_new(void) -{ - return (PKCS12_SAFEBAG *)ASN1_item_new(&PKCS12_SAFEBAG_it); -} -LCRYPTO_ALIAS(PKCS12_SAFEBAG_new); - -void -PKCS12_SAFEBAG_free(PKCS12_SAFEBAG *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &PKCS12_SAFEBAG_it); -} -LCRYPTO_ALIAS(PKCS12_SAFEBAG_free); - -/* SEQUENCE OF SafeBag */ -static const ASN1_TEMPLATE PKCS12_SAFEBAGS_item_tt = { - .flags = ASN1_TFLG_SEQUENCE_OF, - .tag = 0, - .offset = 0, - .field_name = "PKCS12_SAFEBAGS", - .item = &PKCS12_SAFEBAG_it, -}; - -const ASN1_ITEM PKCS12_SAFEBAGS_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = -1, - .templates = &PKCS12_SAFEBAGS_item_tt, - .tcount = 0, - .funcs = NULL, - .size = 0, - .sname = "PKCS12_SAFEBAGS", -}; - -/* Authsafes: SEQUENCE OF PKCS7 */ -static const ASN1_TEMPLATE PKCS12_AUTHSAFES_item_tt = { - .flags = ASN1_TFLG_SEQUENCE_OF, - .tag = 0, - .offset = 0, - .field_name = "PKCS12_AUTHSAFES", - .item = &PKCS7_it, -}; - -const ASN1_ITEM PKCS12_AUTHSAFES_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = -1, - .templates = &PKCS12_AUTHSAFES_item_tt, - .tcount = 0, - .funcs = NULL, - .size = 0, - .sname = "PKCS12_AUTHSAFES", -}; diff --git a/src/lib/libcrypto/pkcs12/p12_attr.c b/src/lib/libcrypto/pkcs12/p12_attr.c deleted file mode 100644 index 533be3b69c..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_attr.c +++ /dev/null @@ -1,158 +0,0 @@ -/* $OpenBSD: p12_attr.c,v 1.21 2024/03/24 06:48:03 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include "pkcs12_local.h" -#include "x509_local.h" - -/* Add a local keyid to a safebag */ - -int -PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen) -{ - if (X509at_add1_attr_by_NID(&bag->attrib, NID_localKeyID, - V_ASN1_OCTET_STRING, name, namelen)) - return 1; - else - return 0; -} - -/* Add key usage to PKCS#8 structure */ - -int -PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage) -{ - unsigned char us_val = (unsigned char)usage; - - return PKCS8_pkey_add1_attr_by_NID(p8, NID_key_usage, V_ASN1_BIT_STRING, - &us_val, 1); -} -LCRYPTO_ALIAS(PKCS8_add_keyusage); - -/* Add a friendlyname to a safebag */ - -int -PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name, int namelen) -{ - if (X509at_add1_attr_by_NID(&bag->attrib, NID_friendlyName, - MBSTRING_ASC, (unsigned char *)name, namelen)) - return 1; - else - return 0; -} - -int -PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag, const unsigned char *name, - int namelen) -{ - if (X509at_add1_attr_by_NID(&bag->attrib, NID_friendlyName, - MBSTRING_BMP, name, namelen)) - return 1; - else - return 0; -} - -int -PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name, int namelen) -{ - if (X509at_add1_attr_by_NID(&bag->attrib, NID_ms_csp_name, - MBSTRING_ASC, (unsigned char *)name, namelen)) - return 1; - else - return 0; -} - -ASN1_TYPE * -PKCS12_get_attr_gen(const STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid) -{ - X509_ATTRIBUTE *attrib; - int i; - - if (!attrs) - return NULL; - for (i = 0; i < sk_X509_ATTRIBUTE_num(attrs); i++) { - attrib = sk_X509_ATTRIBUTE_value(attrs, i); - if (OBJ_obj2nid(attrib->object) == attr_nid) - return sk_ASN1_TYPE_value(attrib->set, 0); - } - return NULL; -} - -char * -PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag) -{ - const ASN1_TYPE *atype; - - if (!(atype = PKCS12_SAFEBAG_get0_attr(bag, NID_friendlyName))) - return NULL; - if (atype->type != V_ASN1_BMPSTRING) - return NULL; - return OPENSSL_uni2asc(atype->value.bmpstring->data, - atype->value.bmpstring->length); -} -LCRYPTO_ALIAS(PKCS12_get_friendlyname); - -const STACK_OF(X509_ATTRIBUTE) * -PKCS12_SAFEBAG_get0_attrs(const PKCS12_SAFEBAG *bag) -{ - return bag->attrib; -} -LCRYPTO_ALIAS(PKCS12_SAFEBAG_get0_attrs); diff --git a/src/lib/libcrypto/pkcs12/p12_crt.c b/src/lib/libcrypto/pkcs12/p12_crt.c deleted file mode 100644 index 502ccecd25..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_crt.c +++ /dev/null @@ -1,336 +0,0 @@ -/* $OpenBSD: p12_crt.c,v 1.26 2024/08/22 12:22:42 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include - -#include "evp_local.h" -#include "pkcs12_local.h" -#include "x509_local.h" - -static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags, - PKCS12_SAFEBAG *bag); - -PKCS12 * -PKCS12_create(const char *pass, const char *name, EVP_PKEY *pkey, X509 *cert, - STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter, int mac_iter, - int keytype) -{ - PKCS12 *p12 = NULL; - STACK_OF(PKCS7) *safes = NULL; - STACK_OF(PKCS12_SAFEBAG) *bags = NULL; - PKCS12_SAFEBAG *bag = NULL; - int i; - unsigned char keyid[EVP_MAX_MD_SIZE]; - unsigned int keyidlen = 0; - - /* Set defaults */ - if (!nid_cert) { - nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC; - } - if (!nid_key) - nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; - if (!iter) - iter = PKCS12_DEFAULT_ITER; - if (!mac_iter) - mac_iter = 1; - - if (!pkey && !cert && !ca) { - PKCS12error(PKCS12_R_INVALID_NULL_ARGUMENT); - return NULL; - } - - if (pkey && cert) { - if (!X509_check_private_key(cert, pkey)) - return NULL; - if (!X509_digest(cert, EVP_sha1(), keyid, &keyidlen)) - return NULL; - } - - if (cert) { - bag = PKCS12_add_cert(&bags, cert); - if (name && !PKCS12_add_friendlyname(bag, name, -1)) - goto err; - if (keyidlen && !PKCS12_add_localkeyid(bag, keyid, keyidlen)) - goto err; - } - - /* Add all other certificates */ - for (i = 0; i < sk_X509_num(ca); i++) { - if (!PKCS12_add_cert(&bags, sk_X509_value(ca, i))) - goto err; - } - - if (bags && !PKCS12_add_safe(&safes, bags, nid_cert, iter, pass)) - goto err; - - sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); - bags = NULL; - - if (pkey) { - bag = PKCS12_add_key(&bags, pkey, keytype, iter, nid_key, pass); - - if (!bag) - goto err; - - if (name && !PKCS12_add_friendlyname(bag, name, -1)) - goto err; - if (keyidlen && !PKCS12_add_localkeyid(bag, keyid, keyidlen)) - goto err; - } - - if (bags && !PKCS12_add_safe(&safes, bags, -1, 0, NULL)) - goto err; - - sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); - bags = NULL; - - p12 = PKCS12_add_safes(safes, 0); - - if (!p12) - goto err; - - sk_PKCS7_pop_free(safes, PKCS7_free); - - safes = NULL; - - if ((mac_iter != -1) && - !PKCS12_set_mac(p12, pass, -1, NULL, 0, mac_iter, NULL)) - goto err; - - return p12; - -err: - if (p12) - PKCS12_free(p12); - if (safes) - sk_PKCS7_pop_free(safes, PKCS7_free); - if (bags) - sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); - return NULL; -} -LCRYPTO_ALIAS(PKCS12_create); - -PKCS12_SAFEBAG * -PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert) -{ - PKCS12_SAFEBAG *bag = NULL; - char *name; - int namelen = -1; - unsigned char *keyid; - int keyidlen = -1; - - /* Add user certificate */ - if (!(bag = PKCS12_x5092certbag(cert))) - goto err; - - /* Use friendlyName and localKeyID in certificate. - * (if present) - */ - name = (char *)X509_alias_get0(cert, &namelen); - if (name && !PKCS12_add_friendlyname(bag, name, namelen)) - goto err; - - keyid = X509_keyid_get0(cert, &keyidlen); - - if (keyid && !PKCS12_add_localkeyid(bag, keyid, keyidlen)) - goto err; - - if (!pkcs12_add_bag(pbags, bag)) - goto err; - - return bag; - -err: - if (bag) - PKCS12_SAFEBAG_free(bag); - - return NULL; -} - -PKCS12_SAFEBAG * -PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags, EVP_PKEY *key, int key_usage, - int iter, int nid_key, const char *pass) -{ - PKCS12_SAFEBAG *bag = NULL; - PKCS8_PRIV_KEY_INFO *p8 = NULL; - - /* Make a PKCS#8 structure */ - if (!(p8 = EVP_PKEY2PKCS8(key))) - goto err; - if (key_usage && !PKCS8_add_keyusage(p8, key_usage)) - goto err; - if (nid_key != -1) { - bag = PKCS12_SAFEBAG_create_pkcs8_encrypt(nid_key, pass, -1, - NULL, 0, iter, p8); - PKCS8_PRIV_KEY_INFO_free(p8); - p8 = NULL; - } else { - bag = PKCS12_SAFEBAG_create0_p8inf(p8); - if (bag != NULL) - p8 = NULL; - } - - if (!bag) - goto err; - - if (!pkcs12_add_bag(pbags, bag)) - goto err; - - return bag; - -err: - if (bag) - PKCS12_SAFEBAG_free(bag); - if (p8) - PKCS8_PRIV_KEY_INFO_free(p8); - - return NULL; -} - -int -PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags, - int nid_safe, int iter, const char *pass) -{ - PKCS7 *p7 = NULL; - int free_safes = 0; - - if (!*psafes) { - *psafes = sk_PKCS7_new_null(); - if (!*psafes) - return 0; - free_safes = 1; - } else - free_safes = 0; - - if (nid_safe == 0) - nid_safe = NID_pbe_WithSHA1And40BitRC2_CBC; - - if (nid_safe == -1) - p7 = PKCS12_pack_p7data(bags); - else - p7 = PKCS12_pack_p7encdata(nid_safe, pass, -1, NULL, 0, - iter, bags); - if (!p7) - goto err; - - if (!sk_PKCS7_push(*psafes, p7)) - goto err; - - return 1; - -err: - if (free_safes) { - sk_PKCS7_free(*psafes); - *psafes = NULL; - } - - if (p7) - PKCS7_free(p7); - - return 0; -} - -static int -pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags, PKCS12_SAFEBAG *bag) -{ - int free_bags; - - if (!pbags) - return 1; - if (!*pbags) { - *pbags = sk_PKCS12_SAFEBAG_new_null(); - if (!*pbags) - return 0; - free_bags = 1; - } else - free_bags = 0; - - if (!sk_PKCS12_SAFEBAG_push(*pbags, bag)) { - if (free_bags) { - sk_PKCS12_SAFEBAG_free(*pbags); - *pbags = NULL; - } - return 0; - } - - return 1; -} - -PKCS12 * -PKCS12_add_safes(STACK_OF(PKCS7) *safes, int nid_p7) -{ - PKCS12 *p12; - - if (nid_p7 <= 0) - nid_p7 = NID_pkcs7_data; - p12 = PKCS12_init(nid_p7); - - if (!p12) - return NULL; - - if (!PKCS12_pack_authsafes(p12, safes)) { - PKCS12_free(p12); - return NULL; - } - - return p12; -} diff --git a/src/lib/libcrypto/pkcs12/p12_decr.c b/src/lib/libcrypto/pkcs12/p12_decr.c deleted file mode 100644 index 907d4e52a6..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_decr.c +++ /dev/null @@ -1,184 +0,0 @@ -/* $OpenBSD: p12_decr.c,v 1.26 2024/03/02 10:15:16 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include - -#include "evp_local.h" - -/* Encrypt/Decrypt a buffer based on password and algor, result in a - * malloc'ed buffer - */ - -unsigned char * -PKCS12_pbe_crypt(const X509_ALGOR *algor, const char *pass, int passlen, - const unsigned char *in, int inlen, unsigned char **data, int *datalen, - int en_de) -{ - unsigned char *out; - int outlen, i; - EVP_CIPHER_CTX ctx; - - EVP_CIPHER_CTX_legacy_clear(&ctx); - /* Decrypt data */ - if (!EVP_PBE_CipherInit(algor->algorithm, pass, passlen, - algor->parameter, &ctx, en_de)) { - out = NULL; - PKCS12error(PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR); - goto err; - } - - if (!(out = malloc(inlen + EVP_CIPHER_CTX_block_size(&ctx)))) { - PKCS12error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!EVP_CipherUpdate(&ctx, out, &i, in, inlen)) { - free(out); - out = NULL; - PKCS12error(ERR_R_EVP_LIB); - goto err; - } - - outlen = i; - if (!EVP_CipherFinal_ex(&ctx, out + i, &i)) { - free(out); - out = NULL; - PKCS12error(PKCS12_R_PKCS12_CIPHERFINAL_ERROR); - goto err; - } - outlen += i; - if (datalen) - *datalen = outlen; - if (data) - *data = out; - -err: - EVP_CIPHER_CTX_cleanup(&ctx); - return out; - -} - -/* Decrypt an OCTET STRING and decode ASN1 structure - * if zbuf set zero buffer after use. - */ - -void * -PKCS12_item_decrypt_d2i(const X509_ALGOR *algor, const ASN1_ITEM *it, - const char *pass, int passlen, const ASN1_OCTET_STRING *oct, int zbuf) -{ - unsigned char *out; - const unsigned char *p; - void *ret; - int outlen; - - if (!PKCS12_pbe_crypt(algor, pass, passlen, oct->data, oct->length, - &out, &outlen, 0)) { - PKCS12error(PKCS12_R_PKCS12_PBE_CRYPT_ERROR); - return NULL; - } - p = out; - ret = ASN1_item_d2i(NULL, &p, outlen, it); - if (zbuf) - explicit_bzero(out, outlen); - if (!ret) - PKCS12error(PKCS12_R_DECODE_ERROR); - free(out); - return ret; -} - -/* Encode ASN1 structure and encrypt, return OCTET STRING - * if zbuf set zero encoding. - */ - -ASN1_OCTET_STRING * -PKCS12_item_i2d_encrypt(X509_ALGOR *algor, const ASN1_ITEM *it, - const char *pass, int passlen, - void *obj, int zbuf) -{ - ASN1_OCTET_STRING *oct; - unsigned char *in = NULL; - int inlen; - - if (!(oct = ASN1_OCTET_STRING_new())) { - PKCS12error(ERR_R_MALLOC_FAILURE); - return NULL; - } - inlen = ASN1_item_i2d(obj, &in, it); - if (!in) { - PKCS12error(PKCS12_R_ENCODE_ERROR); - goto err; - } - if (!PKCS12_pbe_crypt(algor, pass, passlen, in, inlen, &oct->data, - &oct->length, 1)) { - PKCS12error(PKCS12_R_ENCRYPT_ERROR); - goto err; - } - if (zbuf) - explicit_bzero(in, inlen); - free(in); - return oct; - -err: - free(in); - ASN1_OCTET_STRING_free(oct); - return NULL; -} diff --git a/src/lib/libcrypto/pkcs12/p12_init.c b/src/lib/libcrypto/pkcs12/p12_init.c deleted file mode 100644 index cd9422d215..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_init.c +++ /dev/null @@ -1,100 +0,0 @@ -/* $OpenBSD: p12_init.c,v 1.17 2024/03/24 06:48:03 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include - -#include "pkcs12_local.h" - -/* Initialise a PKCS12 structure to take data */ - -PKCS12 * -PKCS12_init(int mode) -{ - PKCS12 *pkcs12; - - if (!(pkcs12 = PKCS12_new())) { - PKCS12error(ERR_R_MALLOC_FAILURE); - return NULL; - } - if (!ASN1_INTEGER_set(pkcs12->version, 3)) - goto err; - if ((pkcs12->authsafes->type = OBJ_nid2obj(mode)) == NULL) - goto err; - switch (mode) { - case NID_pkcs7_data: - if (!(pkcs12->authsafes->d.data = - ASN1_OCTET_STRING_new())) { - PKCS12error(ERR_R_MALLOC_FAILURE); - goto err; - } - break; - default: - PKCS12error(PKCS12_R_UNSUPPORTED_PKCS12_MODE); - goto err; - } - - return pkcs12; - -err: - if (pkcs12 != NULL) - PKCS12_free(pkcs12); - return NULL; -} diff --git a/src/lib/libcrypto/pkcs12/p12_key.c b/src/lib/libcrypto/pkcs12/p12_key.c deleted file mode 100644 index 443d632c87..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_key.c +++ /dev/null @@ -1,197 +0,0 @@ -/* $OpenBSD: p12_key.c,v 1.36 2025/03/09 15:45:52 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include - -#include "evp_local.h" -#include "pkcs12_local.h" - -/* PKCS12 compatible key/IV generation */ -#ifndef min -#define min(a,b) ((a) < (b) ? (a) : (b)) -#endif - -int -PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, - int saltlen, int id, int iter, int n, unsigned char *out, - const EVP_MD *md_type) -{ - int ret; - unsigned char *unipass; - int uniplen; - - if (!pass) { - unipass = NULL; - uniplen = 0; - } else if (!OPENSSL_asc2uni(pass, passlen, &unipass, &uniplen)) { - PKCS12error(ERR_R_MALLOC_FAILURE); - return 0; - } - ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen, - id, iter, n, out, md_type); - if (ret <= 0) - return 0; - freezero(unipass, uniplen); - return ret; -} - -int -PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, - int saltlen, int id, int iter, int n, unsigned char *out, - const EVP_MD *md_type) -{ - EVP_MD_CTX *ctx = NULL; - unsigned char *B = NULL, *D = NULL, *I = NULL, *Ai = NULL; - unsigned char *p; - int Slen, Plen, Ilen; - int i, j, u, v; - int ret = 0; - - if ((ctx = EVP_MD_CTX_new()) == NULL) - goto err; - - if ((v = EVP_MD_block_size(md_type)) <= 0) - goto err; - if ((u = EVP_MD_size(md_type)) <= 0) - goto err; - - if ((D = malloc(v)) == NULL) - goto err; - if ((Ai = malloc(u)) == NULL) - goto err; - if ((B = malloc(v + 1)) == NULL) - goto err; - - Slen = v * ((saltlen + v - 1) / v); - - Plen = 0; - if (passlen) - Plen = v * ((passlen + v - 1) / v); - - Ilen = Slen + Plen; - - if ((I = malloc(Ilen)) == NULL) - goto err; - - for (i = 0; i < v; i++) - D[i] = id; - - p = I; - for (i = 0; i < Slen; i++) - *p++ = salt[i % saltlen]; - for (i = 0; i < Plen; i++) - *p++ = pass[i % passlen]; - - for (;;) { - if (!EVP_DigestInit_ex(ctx, md_type, NULL)) - goto err; - if (!EVP_DigestUpdate(ctx, D, v)) - goto err; - if (!EVP_DigestUpdate(ctx, I, Ilen)) - goto err; - if (!EVP_DigestFinal_ex(ctx, Ai, NULL)) - goto err; - for (j = 1; j < iter; j++) { - if (!EVP_DigestInit_ex(ctx, md_type, NULL)) - goto err; - if (!EVP_DigestUpdate(ctx, Ai, u)) - goto err; - if (!EVP_DigestFinal_ex(ctx, Ai, NULL)) - goto err; - } - memcpy(out, Ai, min(n, u)); - if (u >= n) { - ret = 1; - goto end; - } - n -= u; - out += u; - for (j = 0; j < v; j++) - B[j] = Ai[j % u]; - - for (j = 0; j < Ilen; j += v) { - uint16_t c = 1; - int k; - - /* Work out I[j] = I[j] + B + 1. */ - for (k = v - 1; k >= 0; k--) { - c += I[j + k] + B[k]; - I[j + k] = (unsigned char)c; - c >>= 8; - } - } - } - - err: - PKCS12error(ERR_R_MALLOC_FAILURE); - - end: - free(Ai); - free(B); - free(D); - free(I); - EVP_MD_CTX_free(ctx); - - return ret; -} -LCRYPTO_ALIAS(PKCS12_key_gen_uni); diff --git a/src/lib/libcrypto/pkcs12/p12_kiss.c b/src/lib/libcrypto/pkcs12/p12_kiss.c deleted file mode 100644 index e4de2eb61c..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_kiss.c +++ /dev/null @@ -1,299 +0,0 @@ -/* $OpenBSD: p12_kiss.c,v 1.28 2025/01/06 23:35:25 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include - -#include "pkcs12_local.h" - -/* Simplified PKCS#12 routines */ - -static int parse_pk12( PKCS12 *p12, const char *pass, int passlen, - EVP_PKEY **pkey, STACK_OF(X509) *ocerts); - -static int parse_bags( STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass, - int passlen, EVP_PKEY **pkey, STACK_OF(X509) *ocerts); - -static int parse_bag( PKCS12_SAFEBAG *bag, const char *pass, int passlen, - EVP_PKEY **pkey, STACK_OF(X509) *ocerts); - -/* Parse and decrypt a PKCS#12 structure returning user key, user cert - * and other (CA) certs. Note either ca should be NULL, *ca should be NULL, - * or it should point to a valid STACK structure. pkey and cert can be - * passed uninitialised. - */ - -int -PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, - STACK_OF(X509) **ca) -{ - STACK_OF(X509) *ocerts = NULL; - X509 *x = NULL; - - if (pkey != NULL) - *pkey = NULL; - if (cert != NULL) - *cert = NULL; - - if (p12 == NULL) { - PKCS12error(PKCS12_R_INVALID_NULL_PKCS12_POINTER); - goto err; - } - - /* Check the mac */ - - /* If password is zero length or NULL then try verifying both cases - * to determine which password is correct. The reason for this is that - * under PKCS#12 password based encryption no password and a zero length - * password are two different things... - */ - - if (pass == NULL || *pass == '\0') { - if (PKCS12_verify_mac(p12, NULL, 0)) - pass = NULL; - else if (PKCS12_verify_mac(p12, "", 0)) - pass = ""; - else { - PKCS12error(PKCS12_R_MAC_VERIFY_FAILURE); - goto err; - } - } else if (!PKCS12_verify_mac(p12, pass, -1)) { - PKCS12error(PKCS12_R_MAC_VERIFY_FAILURE); - goto err; - } - - /* Allocate stack for other certificates */ - if ((ocerts = sk_X509_new_null()) == NULL) { - PKCS12error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!parse_pk12(p12, pass, -1, pkey, ocerts)) { - PKCS12error(PKCS12_R_PARSE_ERROR); - goto err; - } - - while ((x = sk_X509_pop(ocerts)) != NULL) { - if (pkey != NULL && *pkey != NULL && - cert != NULL && *cert == NULL) { - ERR_set_mark(); - if (X509_check_private_key(x, *pkey)) { - *cert = x; - x = NULL; - } - ERR_pop_to_mark(); - } - - if (ca != NULL && x != NULL) { - if (*ca == NULL) - *ca = sk_X509_new_null(); - if (*ca == NULL) - goto err; - if (!sk_X509_push(*ca, x)) - goto err; - x = NULL; - } - X509_free(x); - x = NULL; - } - - sk_X509_pop_free(ocerts, X509_free); - - return 1; - -err: - if (pkey != NULL) - EVP_PKEY_free(*pkey); - if (cert != NULL) - X509_free(*cert); - X509_free(x); - sk_X509_pop_free(ocerts, X509_free); - - return 0; -} -LCRYPTO_ALIAS(PKCS12_parse); - -/* Parse the outer PKCS#12 structure */ - -static int -parse_pk12(PKCS12 *p12, const char *pass, int passlen, EVP_PKEY **pkey, - STACK_OF(X509) *ocerts) -{ - STACK_OF(PKCS7) *asafes; - STACK_OF(PKCS12_SAFEBAG) *bags; - int i, bagnid; - PKCS7 *p7; - - if (!(asafes = PKCS12_unpack_authsafes(p12))) - return 0; - for (i = 0; i < sk_PKCS7_num(asafes); i++) { - p7 = sk_PKCS7_value(asafes, i); - bagnid = OBJ_obj2nid(p7->type); - if (bagnid == NID_pkcs7_data) { - bags = PKCS12_unpack_p7data(p7); - } else if (bagnid == NID_pkcs7_encrypted) { - bags = PKCS12_unpack_p7encdata(p7, pass, passlen); - } else - continue; - if (!bags) { - sk_PKCS7_pop_free(asafes, PKCS7_free); - return 0; - } - if (!parse_bags(bags, pass, passlen, pkey, ocerts)) { - sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); - sk_PKCS7_pop_free(asafes, PKCS7_free); - return 0; - } - sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); - } - sk_PKCS7_pop_free(asafes, PKCS7_free); - return 1; -} - -static int -parse_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass, int passlen, - EVP_PKEY **pkey, STACK_OF(X509) *ocerts) -{ - int i; - - for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) { - if (!parse_bag(sk_PKCS12_SAFEBAG_value(bags, i), pass, passlen, - pkey, ocerts)) - return 0; - } - return 1; -} - -static int -parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen, EVP_PKEY **pkey, - STACK_OF(X509) *ocerts) -{ - PKCS8_PRIV_KEY_INFO *p8; - X509 *x509; - const ASN1_TYPE *attrib; - ASN1_BMPSTRING *fname = NULL; - ASN1_OCTET_STRING *lkid = NULL; - - if ((attrib = PKCS12_SAFEBAG_get0_attr(bag, NID_friendlyName))) - fname = attrib->value.bmpstring; - - if ((attrib = PKCS12_SAFEBAG_get0_attr(bag, NID_localKeyID))) - lkid = attrib->value.octet_string; - - switch (OBJ_obj2nid(bag->type)) { - case NID_keyBag: - if (!pkey || *pkey) - return 1; - if (!(*pkey = EVP_PKCS82PKEY(bag->value.keybag))) - return 0; - break; - - case NID_pkcs8ShroudedKeyBag: - if (!pkey || *pkey) - return 1; - if (!(p8 = PKCS12_decrypt_skey(bag, pass, passlen))) - return 0; - *pkey = EVP_PKCS82PKEY(p8); - PKCS8_PRIV_KEY_INFO_free(p8); - if (!(*pkey)) - return 0; - break; - - case NID_certBag: - if (OBJ_obj2nid(bag->value.bag->type) != NID_x509Certificate ) - return 1; - if (!(x509 = PKCS12_certbag2x509(bag))) - return 0; - if (lkid && !X509_keyid_set1(x509, lkid->data, lkid->length)) { - X509_free(x509); - return 0; - } - if (fname) { - int len, r; - unsigned char *data = NULL; - len = ASN1_STRING_to_UTF8(&data, fname); - if (len >= 0) { - r = X509_alias_set1(x509, data, len); - free(data); - if (!r) { - X509_free(x509); - return 0; - } - } - } - - if (!sk_X509_push(ocerts, x509)) { - X509_free(x509); - return 0; - } - - break; - - case NID_safeContentsBag: - return parse_bags(bag->value.safes, pass, passlen, - pkey, ocerts); - break; - - default: - return 1; - break; - } - return 1; -} diff --git a/src/lib/libcrypto/pkcs12/p12_mutl.c b/src/lib/libcrypto/pkcs12/p12_mutl.c deleted file mode 100644 index 2060358188..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_mutl.c +++ /dev/null @@ -1,265 +0,0 @@ -/* $OpenBSD: p12_mutl.c,v 1.38 2024/03/24 06:48:03 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include - -#include - -#ifndef OPENSSL_NO_HMAC - -#include -#include -#include - -#include "evp_local.h" -#include "hmac_local.h" -#include "pkcs12_local.h" -#include "x509_local.h" - -int -PKCS12_mac_present(const PKCS12 *p12) -{ - return p12->mac != NULL; -} -LCRYPTO_ALIAS(PKCS12_mac_present); - -void -PKCS12_get0_mac(const ASN1_OCTET_STRING **pmac, const X509_ALGOR **pmacalg, - const ASN1_OCTET_STRING **psalt, const ASN1_INTEGER **piter, - const PKCS12 *p12) -{ - if (p12->mac == NULL) { - if (pmac != NULL) - *pmac = NULL; - if (pmacalg != NULL) - *pmacalg = NULL; - if (psalt != NULL) - *psalt = NULL; - if (piter != NULL) - *piter = NULL; - return; - } - - if (pmac != NULL) - *pmac = p12->mac->dinfo->digest; - if (pmacalg != NULL) - *pmacalg = p12->mac->dinfo->algor; - if (psalt != NULL) - *psalt = p12->mac->salt; - if (piter != NULL) - *piter = p12->mac->iter; -} -LCRYPTO_ALIAS(PKCS12_get0_mac); - -/* Generate a MAC */ -int -PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, - unsigned char *mac, unsigned int *maclen) -{ - const EVP_MD *md_type; - HMAC_CTX *hmac = NULL; - ASN1_OCTET_STRING *aos; - unsigned char key[EVP_MAX_MD_SIZE], *salt; - int saltlen, iter; - int md_size; - int ret = 0; - - if (!PKCS7_type_is_data(p12->authsafes)) { - PKCS12error(PKCS12_R_CONTENT_TYPE_NOT_DATA); - goto err; - } - if ((aos = PKCS7_get_octet_string(p12->authsafes)) == NULL) { - PKCS12error(PKCS12_R_DECODE_ERROR); - goto err; - } - - salt = p12->mac->salt->data; - saltlen = p12->mac->salt->length; - - iter = 1; - if (p12->mac->iter != NULL) { - if ((iter = ASN1_INTEGER_get(p12->mac->iter)) <= 0) { - PKCS12error(PKCS12_R_DECODE_ERROR); - goto err; - } - } - - md_type = EVP_get_digestbyobj(p12->mac->dinfo->algor->algorithm); - if (md_type == NULL) { - PKCS12error(PKCS12_R_UNKNOWN_DIGEST_ALGORITHM); - goto err; - } - - if ((md_size = EVP_MD_size(md_type)) < 0) - goto err; - - if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter, - md_size, key, md_type)) { - PKCS12error(PKCS12_R_KEY_GEN_ERROR); - goto err; - } - - if ((hmac = HMAC_CTX_new()) == NULL) - goto err; - if (!HMAC_Init_ex(hmac, key, md_size, md_type, NULL)) - goto err; - if (!HMAC_Update(hmac, aos->data, aos->length)) - goto err; - if (!HMAC_Final(hmac, mac, maclen)) - goto err; - - ret = 1; - - err: - explicit_bzero(key, sizeof(key)); - HMAC_CTX_free(hmac); - - return ret; -} - -/* Verify the mac */ -int -PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen) -{ - unsigned char mac[EVP_MAX_MD_SIZE]; - unsigned int maclen; - - if (p12->mac == NULL) { - PKCS12error(PKCS12_R_MAC_ABSENT); - return 0; - } - if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) { - PKCS12error(PKCS12_R_MAC_GENERATION_ERROR); - return 0; - } - if ((maclen != (unsigned int)p12->mac->dinfo->digest->length) || - memcmp(mac, p12->mac->dinfo->digest->data, maclen)) - return 0; - return 1; -} -LCRYPTO_ALIAS(PKCS12_verify_mac); - -/* Set a mac */ - -int -PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen, unsigned char *salt, - int saltlen, int iter, const EVP_MD *md_type) -{ - unsigned char mac[EVP_MAX_MD_SIZE]; - unsigned int maclen; - - if (!md_type) - md_type = EVP_sha1(); - if (PKCS12_setup_mac(p12, iter, salt, saltlen, md_type) == - PKCS12_ERROR) { - PKCS12error(PKCS12_R_MAC_SETUP_ERROR); - return 0; - } - if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) { - PKCS12error(PKCS12_R_MAC_GENERATION_ERROR); - return 0; - } - if (!(ASN1_STRING_set(p12->mac->dinfo->digest, mac, maclen))) { - PKCS12error(PKCS12_R_MAC_STRING_SET_ERROR); - return 0; - } - return 1; -} -LCRYPTO_ALIAS(PKCS12_set_mac); - -/* Set up a mac structure */ -int -PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen, - const EVP_MD *md_type) -{ - PKCS12_MAC_DATA_free(p12->mac); - if ((p12->mac = PKCS12_MAC_DATA_new()) == NULL) - return PKCS12_ERROR; - if (iter > 1) { - if (!(p12->mac->iter = ASN1_INTEGER_new())) { - PKCS12error(ERR_R_MALLOC_FAILURE); - return 0; - } - if (!ASN1_INTEGER_set(p12->mac->iter, iter)) { - PKCS12error(ERR_R_MALLOC_FAILURE); - return 0; - } - } - if (!saltlen) - saltlen = PKCS12_SALT_LEN; - if (!(p12->mac->salt->data = malloc(saltlen))) { - PKCS12error(ERR_R_MALLOC_FAILURE); - return 0; - } - p12->mac->salt->length = saltlen; - if (!salt) - arc4random_buf(p12->mac->salt->data, saltlen); - else - memcpy(p12->mac->salt->data, salt, saltlen); - p12->mac->dinfo->algor->algorithm = OBJ_nid2obj(EVP_MD_type(md_type)); - if (!(p12->mac->dinfo->algor->parameter = ASN1_TYPE_new())) { - PKCS12error(ERR_R_MALLOC_FAILURE); - return 0; - } - p12->mac->dinfo->algor->parameter->type = V_ASN1_NULL; - - return 1; -} -#endif diff --git a/src/lib/libcrypto/pkcs12/p12_npas.c b/src/lib/libcrypto/pkcs12/p12_npas.c deleted file mode 100644 index 6d3b43ce22..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_npas.c +++ /dev/null @@ -1,300 +0,0 @@ -/* $OpenBSD: p12_npas.c,v 1.27 2024/01/25 15:33:35 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include -#include -#include - -#include "pkcs12_local.h" -#include "x509_local.h" - -/* PKCS#12 password change routine */ - -static int -alg_get(X509_ALGOR *alg, int *nid, int *iter, int *salt_len) -{ - const ASN1_OBJECT *aobj; - int param_type; - const void *param; - PBEPARAM *pbe = NULL; - int ret = 0; - - *nid = *iter = *salt_len = 0; - - X509_ALGOR_get0(&aobj, ¶m_type, ¶m, alg); - if (param_type != V_ASN1_SEQUENCE) - goto err; - if ((pbe = ASN1_item_unpack(param, &PBEPARAM_it)) == NULL) - goto err; - - /* XXX - can we validate these somehow? */ - *nid = OBJ_obj2nid(alg->algorithm); - *iter = ASN1_INTEGER_get(pbe->iter); - *salt_len = pbe->salt->length; - - ret = 1; - - err: - PBEPARAM_free(pbe); - - return ret; -} - -/* Change password of safebag: only needs handle shrouded keybags */ -static int -newpass_bag(PKCS12_SAFEBAG *bag, const char *oldpass, const char *newpass) -{ - PKCS8_PRIV_KEY_INFO *p8 = NULL; - X509_SIG *keybag; - int nid, salt_len, iter; - int ret = 0; - - if (OBJ_obj2nid(bag->type) != NID_pkcs8ShroudedKeyBag) - goto done; - - if ((p8 = PKCS8_decrypt(bag->value.shkeybag, oldpass, -1)) == NULL) - goto err; - if (!alg_get(bag->value.shkeybag->algor, &nid, &iter, &salt_len)) - goto err; - - if ((keybag = PKCS8_encrypt(nid, NULL, newpass, -1, NULL, salt_len, - iter, p8)) == NULL) - goto err; - - X509_SIG_free(bag->value.shkeybag); - bag->value.shkeybag = keybag; - - done: - ret = 1; - - err: - PKCS8_PRIV_KEY_INFO_free(p8); - - return ret; -} - -static int -newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *oldpass, - const char *newpass) -{ - int i; - - for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) { - PKCS12_SAFEBAG *bag = sk_PKCS12_SAFEBAG_value(bags, i); - - if (!newpass_bag(bag, oldpass, newpass)) - return 0; - } - - return 1; -} - -static int -pkcs7_repack_data(PKCS7 *pkcs7, STACK_OF(PKCS7) *safes, const char *oldpass, - const char *newpass) -{ - STACK_OF(PKCS12_SAFEBAG) *bags; - PKCS7 *data = NULL; - int ret = 0; - - if ((bags = PKCS12_unpack_p7data(pkcs7)) == NULL) - goto err; - if (!newpass_bags(bags, oldpass, newpass)) - goto err; - if ((data = PKCS12_pack_p7data(bags)) == NULL) - goto err; - if (sk_PKCS7_push(safes, data) == 0) - goto err; - data = NULL; - - ret = 1; - - err: - sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); - PKCS7_free(data); - - return ret; -} - -static int -pkcs7_repack_encdata(PKCS7 *pkcs7, STACK_OF(PKCS7) *safes, const char *oldpass, - const char *newpass) -{ - STACK_OF(PKCS12_SAFEBAG) *bags; - int nid, iter, salt_len; - PKCS7 *data = NULL; - int ret = 0; - - if ((bags = PKCS12_unpack_p7encdata(pkcs7, oldpass, -1)) == NULL) - goto err; - if (!alg_get(pkcs7->d.encrypted->enc_data->algorithm, &nid, - &iter, &salt_len)) - goto err; - if (!newpass_bags(bags, oldpass, newpass)) - goto err; - if ((data = PKCS12_pack_p7encdata(nid, newpass, -1, NULL, salt_len, - iter, bags)) == NULL) - goto err; - if (!sk_PKCS7_push(safes, data)) - goto err; - data = NULL; - - ret = 1; - - err: - sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); - PKCS7_free(data); - - return ret; -} - -static int -pkcs12_repack_authsafes(PKCS12 *pkcs12, STACK_OF(PKCS7) *safes, - const char *newpass) -{ - ASN1_OCTET_STRING *old_data; - ASN1_OCTET_STRING *new_mac = NULL; - unsigned char mac[EVP_MAX_MD_SIZE]; - unsigned int mac_len; - int ret = 0; - - if ((old_data = pkcs12->authsafes->d.data) == NULL) - goto err; - if ((pkcs12->authsafes->d.data = ASN1_OCTET_STRING_new()) == NULL) - goto err; - if (!PKCS12_pack_authsafes(pkcs12, safes)) - goto err; - if (!PKCS12_gen_mac(pkcs12, newpass, -1, mac, &mac_len)) - goto err; - if ((new_mac = ASN1_OCTET_STRING_new()) == NULL) - goto err; - if (!ASN1_OCTET_STRING_set(new_mac, mac, mac_len)) - goto err; - - ASN1_OCTET_STRING_free(pkcs12->mac->dinfo->digest); - pkcs12->mac->dinfo->digest = new_mac; - new_mac = NULL; - - ASN1_OCTET_STRING_free(old_data); - old_data = NULL; - - ret = 1; - - err: - if (old_data != NULL) { - ASN1_OCTET_STRING_free(pkcs12->authsafes->d.data); - pkcs12->authsafes->d.data = old_data; - } - explicit_bzero(mac, sizeof(mac)); - ASN1_OCTET_STRING_free(new_mac); - - return ret; -} - -int -PKCS12_newpass(PKCS12 *pkcs12, const char *oldpass, const char *newpass) -{ - STACK_OF(PKCS7) *authsafes = NULL, *safes = NULL; - int i; - int ret = 0; - - if (pkcs12 == NULL) { - PKCS12error(PKCS12_R_INVALID_NULL_PKCS12_POINTER); - goto err; - } - - if (!PKCS12_verify_mac(pkcs12, oldpass, -1)) { - PKCS12error(PKCS12_R_MAC_VERIFY_FAILURE); - goto err; - } - - if ((authsafes = PKCS12_unpack_authsafes(pkcs12)) == NULL) - goto err; - if ((safes = sk_PKCS7_new_null()) == NULL) - goto err; - - for (i = 0; i < sk_PKCS7_num(authsafes); i++) { - PKCS7 *pkcs7 = sk_PKCS7_value(authsafes, i); - - switch (OBJ_obj2nid(pkcs7->type)) { - case NID_pkcs7_data: - if (pkcs7_repack_data(pkcs7, safes, oldpass, newpass)) - goto err; - break; - case NID_pkcs7_encrypted: - if (pkcs7_repack_encdata(pkcs7, safes, oldpass, newpass)) - goto err; - break; - } - } - - if (!pkcs12_repack_authsafes(pkcs12, safes, newpass)) - goto err; - - ret = 1; - - err: - sk_PKCS7_pop_free(authsafes, PKCS7_free); - sk_PKCS7_pop_free(safes, PKCS7_free); - - return ret; -} -LCRYPTO_ALIAS(PKCS12_newpass); diff --git a/src/lib/libcrypto/pkcs12/p12_p8d.c b/src/lib/libcrypto/pkcs12/p12_p8d.c deleted file mode 100644 index d4874e3b73..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_p8d.c +++ /dev/null @@ -1,72 +0,0 @@ -/* $OpenBSD: p12_p8d.c,v 1.12 2024/03/02 10:15:16 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2001. - */ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include "pkcs12_local.h" -#include "x509_local.h" - -PKCS8_PRIV_KEY_INFO * -PKCS8_decrypt(const X509_SIG *p8, const char *pass, int passlen) -{ - return PKCS12_item_decrypt_d2i(p8->algor, - &PKCS8_PRIV_KEY_INFO_it, pass, passlen, p8->digest, 1); -} -LCRYPTO_ALIAS(PKCS8_decrypt); diff --git a/src/lib/libcrypto/pkcs12/p12_p8e.c b/src/lib/libcrypto/pkcs12/p12_p8e.c deleted file mode 100644 index bf61593266..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_p8e.c +++ /dev/null @@ -1,104 +0,0 @@ -/* $OpenBSD: p12_p8e.c,v 1.13 2024/03/02 10:15:16 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2001. - */ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include - -#include "pkcs12_local.h" -#include "x509_local.h" - -X509_SIG * -PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, const char *pass, - int passlen, unsigned char *salt, int saltlen, int iter, - PKCS8_PRIV_KEY_INFO *p8inf) -{ - X509_SIG *p8 = NULL; - X509_ALGOR *pbe; - - if (!(p8 = X509_SIG_new())) { - PKCS12error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (pbe_nid == -1) - pbe = PKCS5_pbe2_set(cipher, iter, salt, saltlen); - else - pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen); - if (!pbe) { - PKCS12error(ERR_R_ASN1_LIB); - goto err; - } - X509_ALGOR_free(p8->algor); - p8->algor = pbe; - ASN1_OCTET_STRING_free(p8->digest); - p8->digest = PKCS12_item_i2d_encrypt(pbe, - &PKCS8_PRIV_KEY_INFO_it, pass, passlen, p8inf, 1); - if (!p8->digest) { - PKCS12error(PKCS12_R_ENCRYPT_ERROR); - goto err; - } - - return p8; - -err: - X509_SIG_free(p8); - return NULL; -} -LCRYPTO_ALIAS(PKCS8_encrypt); diff --git a/src/lib/libcrypto/pkcs12/p12_sbag.c b/src/lib/libcrypto/pkcs12/p12_sbag.c deleted file mode 100644 index 1664e9409d..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_sbag.c +++ /dev/null @@ -1,235 +0,0 @@ -/* $OpenBSD: p12_sbag.c,v 1.9 2024/03/24 06:48:03 tb Exp $ */ -/* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project - * 1999-2018. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include - -#include "pkcs12_local.h" -#include "x509_local.h" - -const ASN1_TYPE * -PKCS12_SAFEBAG_get0_attr(const PKCS12_SAFEBAG *bag, int attr_nid) -{ - return PKCS12_get_attr_gen(bag->attrib, attr_nid); -} -LCRYPTO_ALIAS(PKCS12_SAFEBAG_get0_attr); - -ASN1_TYPE * -PKCS8_get_attr(PKCS8_PRIV_KEY_INFO *p8, int attr_nid) -{ - return PKCS12_get_attr_gen(p8->attributes, attr_nid); -} -LCRYPTO_ALIAS(PKCS8_get_attr); - -const PKCS8_PRIV_KEY_INFO * -PKCS12_SAFEBAG_get0_p8inf(const PKCS12_SAFEBAG *bag) -{ - if (PKCS12_SAFEBAG_get_nid(bag) != NID_keyBag) - return NULL; - - return bag->value.keybag; -} -LCRYPTO_ALIAS(PKCS12_SAFEBAG_get0_p8inf); - -const X509_SIG * -PKCS12_SAFEBAG_get0_pkcs8(const PKCS12_SAFEBAG *bag) -{ - if (PKCS12_SAFEBAG_get_nid(bag) != NID_pkcs8ShroudedKeyBag) - return NULL; - - return bag->value.shkeybag; -} -LCRYPTO_ALIAS(PKCS12_SAFEBAG_get0_pkcs8); - -const STACK_OF(PKCS12_SAFEBAG) * -PKCS12_SAFEBAG_get0_safes(const PKCS12_SAFEBAG *bag) -{ - if (PKCS12_SAFEBAG_get_nid(bag) != NID_safeContentsBag) - return NULL; - - return bag->value.safes; -} -LCRYPTO_ALIAS(PKCS12_SAFEBAG_get0_safes); - -const ASN1_OBJECT * -PKCS12_SAFEBAG_get0_type(const PKCS12_SAFEBAG *bag) -{ - return bag->type; -} -LCRYPTO_ALIAS(PKCS12_SAFEBAG_get0_type); - -int -PKCS12_SAFEBAG_get_nid(const PKCS12_SAFEBAG *bag) -{ - return OBJ_obj2nid(bag->type); -} -LCRYPTO_ALIAS(PKCS12_SAFEBAG_get_nid); - -int -PKCS12_SAFEBAG_get_bag_nid(const PKCS12_SAFEBAG *bag) -{ - int bag_type; - - bag_type = PKCS12_SAFEBAG_get_nid(bag); - - if (bag_type == NID_certBag || bag_type == NID_crlBag || - bag_type == NID_secretBag) - return OBJ_obj2nid(bag->value.bag->type); - - return -1; -} -LCRYPTO_ALIAS(PKCS12_SAFEBAG_get_bag_nid); - -X509 * -PKCS12_SAFEBAG_get1_cert(const PKCS12_SAFEBAG *bag) -{ - if (OBJ_obj2nid(bag->type) != NID_certBag) - return NULL; - if (OBJ_obj2nid(bag->value.bag->type) != NID_x509Certificate) - return NULL; - return ASN1_item_unpack(bag->value.bag->value.octet, &X509_it); -} -LCRYPTO_ALIAS(PKCS12_SAFEBAG_get1_cert); - -X509_CRL * -PKCS12_SAFEBAG_get1_crl(const PKCS12_SAFEBAG *bag) -{ - if (OBJ_obj2nid(bag->type) != NID_crlBag) - return NULL; - if (OBJ_obj2nid(bag->value.bag->type) != NID_x509Crl) - return NULL; - return ASN1_item_unpack(bag->value.bag->value.octet, &X509_CRL_it); -} -LCRYPTO_ALIAS(PKCS12_SAFEBAG_get1_crl); - -PKCS12_SAFEBAG * -PKCS12_SAFEBAG_create_cert(X509 *x509) -{ - return PKCS12_item_pack_safebag(x509, &X509_it, - NID_x509Certificate, NID_certBag); -} - -PKCS12_SAFEBAG * -PKCS12_SAFEBAG_create_crl(X509_CRL *crl) -{ - return PKCS12_item_pack_safebag(crl, &X509_CRL_it, - NID_x509Crl, NID_crlBag); -} - -/* Turn PKCS8 object into a keybag */ - -PKCS12_SAFEBAG * -PKCS12_SAFEBAG_create0_p8inf(PKCS8_PRIV_KEY_INFO *p8) -{ - PKCS12_SAFEBAG *bag; - - if ((bag = PKCS12_SAFEBAG_new()) == NULL) { - PKCS12error(ERR_R_MALLOC_FAILURE); - return NULL; - } - - bag->type = OBJ_nid2obj(NID_keyBag); - bag->value.keybag = p8; - - return bag; -} - -/* Turn PKCS8 object into a shrouded keybag */ - -PKCS12_SAFEBAG * -PKCS12_SAFEBAG_create0_pkcs8(X509_SIG *p8) -{ - PKCS12_SAFEBAG *bag; - - /* Set up the safe bag */ - if ((bag = PKCS12_SAFEBAG_new()) == NULL) { - PKCS12error(ERR_R_MALLOC_FAILURE); - return NULL; - } - - bag->type = OBJ_nid2obj(NID_pkcs8ShroudedKeyBag); - bag->value.shkeybag = p8; - - return bag; -} - -PKCS12_SAFEBAG * -PKCS12_SAFEBAG_create_pkcs8_encrypt(int pbe_nid, const char *pass, int passlen, - unsigned char *salt, int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8info) -{ - const EVP_CIPHER *pbe_ciph; - X509_SIG *p8; - PKCS12_SAFEBAG *bag; - - if ((pbe_ciph = EVP_get_cipherbynid(pbe_nid)) != NULL) - pbe_nid = -1; - - if ((p8 = PKCS8_encrypt(pbe_nid, pbe_ciph, pass, passlen, salt, saltlen, - iter, p8info)) == NULL) - return NULL; - - if ((bag = PKCS12_SAFEBAG_create0_pkcs8(p8)) == NULL) { - X509_SIG_free(p8); - return NULL; - } - - return bag; -} diff --git a/src/lib/libcrypto/pkcs12/p12_utl.c b/src/lib/libcrypto/pkcs12/p12_utl.c deleted file mode 100644 index 72692a9eae..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_utl.c +++ /dev/null @@ -1,157 +0,0 @@ -/* $OpenBSD: p12_utl.c,v 1.21 2023/02/16 08:38:17 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include - -#include - -#include "pkcs12_local.h" - -/* Cheap and nasty Unicode stuff */ - -unsigned char * -OPENSSL_asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen) -{ - size_t ulen, i; - unsigned char *unitmp; - - if (asclen < 0) - ulen = strlen(asc); - else - ulen = (size_t)asclen; - ulen++; - if (ulen == 0) /* unlikely overflow */ - return NULL; - if ((unitmp = reallocarray(NULL, ulen, 2)) == NULL) - return NULL; - ulen *= 2; - /* XXX This interface ought to use unsigned types */ - if (ulen > INT_MAX) { - free(unitmp); - return NULL; - } - for (i = 0; i < ulen - 2; i += 2) { - unitmp[i] = 0; - unitmp[i + 1] = *asc++; - } - /* Make result double-NUL terminated */ - unitmp[ulen - 2] = 0; - unitmp[ulen - 1] = 0; - if (unilen) - *unilen = ulen; - if (uni) - *uni = unitmp; - return unitmp; -} -LCRYPTO_ALIAS(OPENSSL_asc2uni); - -char * -OPENSSL_uni2asc(const unsigned char *uni, int unilen) -{ - size_t asclen, u16len, i; - char *asctmp; - - if (unilen < 0) - return NULL; - - asclen = u16len = (size_t)unilen / 2; - /* If no terminating NUL, allow for one */ - if (unilen == 0 || uni[unilen - 1] != '\0') - asclen++; - if ((asctmp = malloc(asclen)) == NULL) - return NULL; - /* Skip first zero byte */ - uni++; - for (i = 0; i < u16len; i++) { - asctmp[i] = *uni; - uni += 2; - } - asctmp[asclen - 1] = '\0'; - return asctmp; -} -LCRYPTO_ALIAS(OPENSSL_uni2asc); - -int -i2d_PKCS12_bio(BIO *bp, PKCS12 *p12) -{ - return ASN1_item_i2d_bio(&PKCS12_it, bp, p12); -} -LCRYPTO_ALIAS(i2d_PKCS12_bio); - -int -i2d_PKCS12_fp(FILE *fp, PKCS12 *p12) -{ - return ASN1_item_i2d_fp(&PKCS12_it, fp, p12); -} -LCRYPTO_ALIAS(i2d_PKCS12_fp); - -PKCS12 * -d2i_PKCS12_bio(BIO *bp, PKCS12 **p12) -{ - return ASN1_item_d2i_bio(&PKCS12_it, bp, p12); -} -LCRYPTO_ALIAS(d2i_PKCS12_bio); - -PKCS12 * -d2i_PKCS12_fp(FILE *fp, PKCS12 **p12) -{ - return ASN1_item_d2i_fp(&PKCS12_it, fp, p12); -} -LCRYPTO_ALIAS(d2i_PKCS12_fp); diff --git a/src/lib/libcrypto/pkcs12/pk12err.c b/src/lib/libcrypto/pkcs12/pk12err.c deleted file mode 100644 index c04c83c4f1..0000000000 --- a/src/lib/libcrypto/pkcs12/pk12err.c +++ /dev/null @@ -1,113 +0,0 @@ -/* $OpenBSD: pk12err.c,v 1.15 2024/06/24 06:43:22 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include - -#include "err_local.h" - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_PKCS12,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_PKCS12,0,reason) - -static const ERR_STRING_DATA PKCS12_str_functs[] = { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static const ERR_STRING_DATA PKCS12_str_reasons[] = { - {ERR_REASON(PKCS12_R_CANT_PACK_STRUCTURE), "cant pack structure"}, - {ERR_REASON(PKCS12_R_CONTENT_TYPE_NOT_DATA), "content type not data"}, - {ERR_REASON(PKCS12_R_DECODE_ERROR) , "decode error"}, - {ERR_REASON(PKCS12_R_ENCODE_ERROR) , "encode error"}, - {ERR_REASON(PKCS12_R_ENCRYPT_ERROR) , "encrypt error"}, - {ERR_REASON(PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE), "error setting encrypted data type"}, - {ERR_REASON(PKCS12_R_INVALID_NULL_ARGUMENT), "invalid null argument"}, - {ERR_REASON(PKCS12_R_INVALID_NULL_PKCS12_POINTER), "invalid null pkcs12 pointer"}, - {ERR_REASON(PKCS12_R_IV_GEN_ERROR) , "iv gen error"}, - {ERR_REASON(PKCS12_R_KEY_GEN_ERROR) , "key gen error"}, - {ERR_REASON(PKCS12_R_MAC_ABSENT) , "mac absent"}, - {ERR_REASON(PKCS12_R_MAC_GENERATION_ERROR), "mac generation error"}, - {ERR_REASON(PKCS12_R_MAC_SETUP_ERROR) , "mac setup error"}, - {ERR_REASON(PKCS12_R_MAC_STRING_SET_ERROR), "mac string set error"}, - {ERR_REASON(PKCS12_R_MAC_VERIFY_ERROR) , "mac verify error"}, - {ERR_REASON(PKCS12_R_MAC_VERIFY_FAILURE) , "mac verify failure"}, - {ERR_REASON(PKCS12_R_PARSE_ERROR) , "parse error"}, - {ERR_REASON(PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR), "pkcs12 algor cipherinit error"}, - {ERR_REASON(PKCS12_R_PKCS12_CIPHERFINAL_ERROR), "pkcs12 cipherfinal error"}, - {ERR_REASON(PKCS12_R_PKCS12_PBE_CRYPT_ERROR), "pkcs12 pbe crypt error"}, - {ERR_REASON(PKCS12_R_UNKNOWN_DIGEST_ALGORITHM), "unknown digest algorithm"}, - {ERR_REASON(PKCS12_R_UNSUPPORTED_PKCS12_MODE), "unsupported pkcs12 mode"}, - {0, NULL} -}; - -#endif - -void -ERR_load_PKCS12_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(PKCS12_str_functs[0].error) == NULL) { - ERR_load_const_strings(PKCS12_str_functs); - ERR_load_const_strings(PKCS12_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_PKCS12_strings); diff --git a/src/lib/libcrypto/pkcs12/pkcs12.h b/src/lib/libcrypto/pkcs12/pkcs12.h deleted file mode 100644 index 200712039b..0000000000 --- a/src/lib/libcrypto/pkcs12/pkcs12.h +++ /dev/null @@ -1,284 +0,0 @@ -/* $OpenBSD: pkcs12.h,v 1.29 2025/03/09 15:45:52 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_PKCS12_H -#define HEADER_PKCS12_H - -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#define PKCS12_KEY_ID 1 -#define PKCS12_IV_ID 2 -#define PKCS12_MAC_ID 3 - -/* Default iteration count */ -#ifndef PKCS12_DEFAULT_ITER -#define PKCS12_DEFAULT_ITER PKCS5_DEFAULT_ITER -#endif - -#define PKCS12_MAC_KEY_LENGTH 20 - -#define PKCS12_SALT_LEN 8 - -/* Uncomment out next line for unicode password and names, otherwise ASCII */ - -/*#define PBE_UNICODE*/ - -#ifdef PBE_UNICODE -#define PKCS12_key_gen PKCS12_key_gen_uni -#define PKCS12_add_friendlyname PKCS12_add_friendlyname_uni -#else -#define PKCS12_key_gen PKCS12_key_gen_asc -#define PKCS12_add_friendlyname PKCS12_add_friendlyname_asc -#endif - -/* MS key usage constants */ - -#define KEY_EX 0x10 -#define KEY_SIG 0x80 - -typedef struct PKCS12_MAC_DATA_st PKCS12_MAC_DATA; - -typedef struct PKCS12_st PKCS12; - -typedef struct PKCS12_SAFEBAG_st PKCS12_SAFEBAG; - -DECLARE_STACK_OF(PKCS12_SAFEBAG) -DECLARE_PKCS12_STACK_OF(PKCS12_SAFEBAG) - -typedef struct pkcs12_bag_st PKCS12_BAGS; - -#define PKCS12_ERROR 0 -#define PKCS12_OK 1 - -#ifndef LIBRESSL_INTERNAL - -/* Compatibility macros */ - -#define M_PKCS12_x5092certbag PKCS12_x5092certbag -#define M_PKCS12_x509crl2certbag PKCS12_x509crl2certbag - -#define M_PKCS12_certbag2x509 PKCS12_certbag2x509 -#define M_PKCS12_certbag2x509crl PKCS12_certbag2x509crl - -#define M_PKCS12_unpack_p7data PKCS12_unpack_p7data -#define M_PKCS12_pack_authsafes PKCS12_pack_authsafes -#define M_PKCS12_unpack_authsafes PKCS12_unpack_authsafes -#define M_PKCS12_unpack_p7encdata PKCS12_unpack_p7encdata - -#define M_PKCS12_decrypt_skey PKCS12_decrypt_skey -#define M_PKCS8_decrypt PKCS8_decrypt - -#endif /* !LIBRESSL_INTERNAL */ - -#define M_PKCS12_bag_type PKCS12_bag_type -#define M_PKCS12_cert_bag_type PKCS12_cert_bag_type -#define M_PKCS12_crl_bag_type PKCS12_cert_bag_type - -#define PKCS12_bag_type PKCS12_SAFEBAG_get_nid -#define PKCS12_cert_bag_type PKCS12_SAFEBAG_get_bag_nid - -#define PKCS12_certbag2x509 PKCS12_SAFEBAG_get1_cert -#define PKCS12_certbag2x509crl PKCS12_SAFEBAG_get1_crl - -#define PKCS12_x5092certbag PKCS12_SAFEBAG_create_cert -#define PKCS12_x509crl2certbag PKCS12_SAFEBAG_create_crl -#define PKCS12_MAKE_KEYBAG PKCS12_SAFEBAG_create0_p8inf -#define PKCS12_MAKE_SHKEYBAG PKCS12_SAFEBAG_create_pkcs8_encrypt - -const ASN1_TYPE *PKCS12_SAFEBAG_get0_attr(const PKCS12_SAFEBAG *bag, - int attr_nid); -const STACK_OF(X509_ATTRIBUTE) * - PKCS12_SAFEBAG_get0_attrs(const PKCS12_SAFEBAG *bag); -int PKCS12_SAFEBAG_get_nid(const PKCS12_SAFEBAG *bag); -int PKCS12_SAFEBAG_get_bag_nid(const PKCS12_SAFEBAG *bag); - -X509 *PKCS12_SAFEBAG_get1_cert(const PKCS12_SAFEBAG *bag); -X509_CRL *PKCS12_SAFEBAG_get1_crl(const PKCS12_SAFEBAG *bag); - -ASN1_TYPE *PKCS8_get_attr(PKCS8_PRIV_KEY_INFO *p8, int attr_nid); -int PKCS12_mac_present(const PKCS12 *p12); -void PKCS12_get0_mac(const ASN1_OCTET_STRING **pmac, const X509_ALGOR **pmacalg, - const ASN1_OCTET_STRING **psalt, const ASN1_INTEGER **piter, - const PKCS12 *p12); - -const PKCS8_PRIV_KEY_INFO *PKCS12_SAFEBAG_get0_p8inf(const PKCS12_SAFEBAG *bag); -const X509_SIG *PKCS12_SAFEBAG_get0_pkcs8(const PKCS12_SAFEBAG *bag); -const STACK_OF(PKCS12_SAFEBAG) * - PKCS12_SAFEBAG_get0_safes(const PKCS12_SAFEBAG *bag); -const ASN1_OBJECT *PKCS12_SAFEBAG_get0_type(const PKCS12_SAFEBAG *bag); - -PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(const X509_SIG *p8, const char *pass, - int passlen); -PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(const PKCS12_SAFEBAG *bag, - const char *pass, int passlen); -X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, - const char *pass, int passlen, unsigned char *salt, int saltlen, int iter, - PKCS8_PRIV_KEY_INFO *p8); - -STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7); -STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass, - int passlen); -STACK_OF(PKCS7) *PKCS12_unpack_authsafes(const PKCS12 *p12); - -int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage); -char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag); -int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, - int saltlen, int id, int iter, int n, unsigned char *out, - const EVP_MD *md_type); -int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen); -int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen, - unsigned char *salt, int saltlen, int iter, - const EVP_MD *md_type); - -unsigned char *OPENSSL_asc2uni(const char *asc, int asclen, - unsigned char **uni, int *unilen); -char *OPENSSL_uni2asc(const unsigned char *uni, int unilen); - -PKCS12 *PKCS12_new(void); -void PKCS12_free(PKCS12 *a); -PKCS12 *d2i_PKCS12(PKCS12 **a, const unsigned char **in, long len); -int i2d_PKCS12(PKCS12 *a, unsigned char **out); -extern const ASN1_ITEM PKCS12_it; - -PKCS12_SAFEBAG *PKCS12_SAFEBAG_new(void); -void PKCS12_SAFEBAG_free(PKCS12_SAFEBAG *a); -PKCS12_SAFEBAG *d2i_PKCS12_SAFEBAG(PKCS12_SAFEBAG **a, const unsigned char **in, long len); -int i2d_PKCS12_SAFEBAG(PKCS12_SAFEBAG *a, unsigned char **out); -extern const ASN1_ITEM PKCS12_SAFEBAG_it; - -void PKCS12_PBE_add(void); -int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, - STACK_OF(X509) **ca); -PKCS12 *PKCS12_create(const char *pass, const char *name, EVP_PKEY *pkey, - X509 *cert, STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter, - int mac_iter, int keytype); - -int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12); -int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12); -PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12); -PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12); -int PKCS12_newpass(PKCS12 *p12, const char *oldpass, const char *newpass); - -void ERR_load_PKCS12_strings(void); - -/* Error codes for the PKCS12 functions. */ - -/* Function codes. */ -#define PKCS12_F_PARSE_BAG 129 -#define PKCS12_F_PARSE_BAGS 103 -#define PKCS12_F_PKCS12_ADD_FRIENDLYNAME 100 -#define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC 127 -#define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI 102 -#define PKCS12_F_PKCS12_ADD_LOCALKEYID 104 -#define PKCS12_F_PKCS12_CREATE 105 -#define PKCS12_F_PKCS12_GEN_MAC 107 -#define PKCS12_F_PKCS12_INIT 109 -#define PKCS12_F_PKCS12_ITEM_DECRYPT_D2I 106 -#define PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT 108 -#define PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG 117 -#define PKCS12_F_PKCS12_KEY_GEN_ASC 110 -#define PKCS12_F_PKCS12_KEY_GEN_UNI 111 -#define PKCS12_F_PKCS12_MAKE_KEYBAG 112 -#define PKCS12_F_PKCS12_MAKE_SHKEYBAG 113 -#define PKCS12_F_PKCS12_NEWPASS 128 -#define PKCS12_F_PKCS12_PACK_P7DATA 114 -#define PKCS12_F_PKCS12_PACK_P7ENCDATA 115 -#define PKCS12_F_PKCS12_PARSE 118 -#define PKCS12_F_PKCS12_PBE_CRYPT 119 -#define PKCS12_F_PKCS12_PBE_KEYIVGEN 120 -#define PKCS12_F_PKCS12_SETUP_MAC 122 -#define PKCS12_F_PKCS12_SET_MAC 123 -#define PKCS12_F_PKCS12_UNPACK_AUTHSAFES 130 -#define PKCS12_F_PKCS12_UNPACK_P7DATA 131 -#define PKCS12_F_PKCS12_VERIFY_MAC 126 -#define PKCS12_F_PKCS8_ADD_KEYUSAGE 124 -#define PKCS12_F_PKCS8_ENCRYPT 125 - -/* Reason codes. */ -#define PKCS12_R_CANT_PACK_STRUCTURE 100 -#define PKCS12_R_CONTENT_TYPE_NOT_DATA 121 -#define PKCS12_R_DECODE_ERROR 101 -#define PKCS12_R_ENCODE_ERROR 102 -#define PKCS12_R_ENCRYPT_ERROR 103 -#define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE 120 -#define PKCS12_R_INVALID_NULL_ARGUMENT 104 -#define PKCS12_R_INVALID_NULL_PKCS12_POINTER 105 -#define PKCS12_R_IV_GEN_ERROR 106 -#define PKCS12_R_KEY_GEN_ERROR 107 -#define PKCS12_R_MAC_ABSENT 108 -#define PKCS12_R_MAC_GENERATION_ERROR 109 -#define PKCS12_R_MAC_SETUP_ERROR 110 -#define PKCS12_R_MAC_STRING_SET_ERROR 111 -#define PKCS12_R_MAC_VERIFY_ERROR 112 -#define PKCS12_R_MAC_VERIFY_FAILURE 113 -#define PKCS12_R_PARSE_ERROR 114 -#define PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR 115 -#define PKCS12_R_PKCS12_CIPHERFINAL_ERROR 116 -#define PKCS12_R_PKCS12_PBE_CRYPT_ERROR 117 -#define PKCS12_R_UNKNOWN_DIGEST_ALGORITHM 118 -#define PKCS12_R_UNSUPPORTED_PKCS12_MODE 119 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/pkcs12/pkcs12_local.h b/src/lib/libcrypto/pkcs12/pkcs12_local.h deleted file mode 100644 index 4a3ce4b3f0..0000000000 --- a/src/lib/libcrypto/pkcs12/pkcs12_local.h +++ /dev/null @@ -1,174 +0,0 @@ -/* $OpenBSD: pkcs12_local.h,v 1.6 2025/03/09 15:45:52 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_PKCS12_LOCAL_H -#define HEADER_PKCS12_LOCAL_H - -__BEGIN_HIDDEN_DECLS - -struct PKCS12_MAC_DATA_st { - X509_SIG *dinfo; - ASN1_OCTET_STRING *salt; - ASN1_INTEGER *iter; /* defaults to 1 */ -}; - -struct PKCS12_st { - ASN1_INTEGER *version; - PKCS12_MAC_DATA *mac; - PKCS7 *authsafes; -}; - -struct PKCS12_SAFEBAG_st { - ASN1_OBJECT *type; - union { - struct pkcs12_bag_st *bag; /* secret, crl and certbag */ - struct pkcs8_priv_key_info_st *keybag; /* keybag */ - X509_SIG *shkeybag; /* shrouded key bag */ - STACK_OF(PKCS12_SAFEBAG) *safes; - ASN1_TYPE *other; - } value; - STACK_OF(X509_ATTRIBUTE) *attrib; -}; - -struct pkcs12_bag_st { - ASN1_OBJECT *type; - union { - ASN1_OCTET_STRING *x509cert; - ASN1_OCTET_STRING *x509crl; - ASN1_OCTET_STRING *octet; - ASN1_IA5STRING *sdsicert; - ASN1_TYPE *other; /* Secret or other bag */ - } value; -}; - -extern const ASN1_ITEM PKCS12_SAFEBAGS_it; -extern const ASN1_ITEM PKCS12_AUTHSAFES_it; - -PKCS12_BAGS *PKCS12_BAGS_new(void); -void PKCS12_BAGS_free(PKCS12_BAGS *a); -PKCS12_BAGS *d2i_PKCS12_BAGS(PKCS12_BAGS **a, const unsigned char **in, long len); -int i2d_PKCS12_BAGS(PKCS12_BAGS *a, unsigned char **out); -extern const ASN1_ITEM PKCS12_BAGS_it; - -PKCS12_MAC_DATA *PKCS12_MAC_DATA_new(void); -void PKCS12_MAC_DATA_free(PKCS12_MAC_DATA *a); -PKCS12_MAC_DATA *d2i_PKCS12_MAC_DATA(PKCS12_MAC_DATA **a, const unsigned char **in, long len); -int i2d_PKCS12_MAC_DATA(PKCS12_MAC_DATA *a, unsigned char **out); -extern const ASN1_ITEM PKCS12_MAC_DATA_it; - -PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_p8inf(PKCS8_PRIV_KEY_INFO *p8); -PKCS12_SAFEBAG *PKCS12_SAFEBAG_create0_pkcs8(X509_SIG *p8); -PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_cert(X509 *x509); -PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_crl(X509_CRL *crl); -PKCS12_SAFEBAG *PKCS12_SAFEBAG_create_pkcs8_encrypt(int pbe_nid, - const char *pass, int passlen, unsigned char *salt, int saltlen, int iter, - PKCS8_PRIV_KEY_INFO *p8); - -PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert); -PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags, EVP_PKEY *key, - int key_usage, int iter, int key_nid, const char *pass); -int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags, - int safe_nid, int iter, const char *pass); -PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid); - -int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name, - int namelen); -int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name, - int namelen); -int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag, const unsigned char *name, - int namelen); -int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, - int namelen); - -int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, - unsigned char *mac, unsigned int *maclen); - -ASN1_TYPE *PKCS12_get_attr_gen(const STACK_OF(X509_ATTRIBUTE) *attrs, - int attr_nid); - -PKCS12 *PKCS12_init(int mode); - -void *PKCS12_item_decrypt_d2i(const X509_ALGOR *algor, const ASN1_ITEM *it, - const char *pass, int passlen, const ASN1_OCTET_STRING *oct, int zbuf); -ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor, - const ASN1_ITEM *it, const char *pass, int passlen, void *obj, int zbuf); -PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it, - int nid1, int nid2); - -int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, - int saltlen, int id, int iter, int n, unsigned char *out, - const EVP_MD *md_type); - -int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes); -PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk); -PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen, - unsigned char *salt, int saltlen, int iter, STACK_OF(PKCS12_SAFEBAG) *bags); - -unsigned char *PKCS12_pbe_crypt(const X509_ALGOR *algor, const char *pass, - int passlen, const unsigned char *in, int inlen, unsigned char **data, - int *datalen, int en_de); - -int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, - int saltlen, const EVP_MD *md_type); - -/* XXX - should go into pkcs7_local.h. */ -ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7); - -__END_HIDDEN_DECLS - -#endif /* !HEADER_PKCS12_LOCAL_H */ diff --git a/src/lib/libcrypto/pkcs7/pk7_asn1.c b/src/lib/libcrypto/pkcs7/pk7_asn1.c deleted file mode 100644 index 8a6ae487da..0000000000 --- a/src/lib/libcrypto/pkcs7/pk7_asn1.c +++ /dev/null @@ -1,1053 +0,0 @@ -/* $OpenBSD: pk7_asn1.c,v 1.18 2024/07/08 16:23:27 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include - -/* PKCS#7 ASN1 module */ - -/* This is the ANY DEFINED BY table for the top level PKCS#7 structure */ - -static const ASN1_TEMPLATE p7default_tt = { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(PKCS7, d.other), - .field_name = "d.other", - .item = &ASN1_ANY_it, -}; - -static const ASN1_ADB_TABLE PKCS7_adbtbl[] = { - { - .value = NID_pkcs7_data, - .tt = { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL | ASN1_TFLG_NDEF, - .tag = 0, - .offset = offsetof(PKCS7, d.data), - .field_name = "d.data", - .item = &ASN1_OCTET_STRING_NDEF_it, - }, - - }, - { - .value = NID_pkcs7_signed, - .tt = { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL | ASN1_TFLG_NDEF, - .tag = 0, - .offset = offsetof(PKCS7, d.sign), - .field_name = "d.sign", - .item = &PKCS7_SIGNED_it, - }, - - }, - { - .value = NID_pkcs7_enveloped, - .tt = { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL | ASN1_TFLG_NDEF, - .tag = 0, - .offset = offsetof(PKCS7, d.enveloped), - .field_name = "d.enveloped", - .item = &PKCS7_ENVELOPE_it, - }, - - }, - { - .value = NID_pkcs7_signedAndEnveloped, - .tt = { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL | ASN1_TFLG_NDEF, - .tag = 0, - .offset = offsetof(PKCS7, d.signed_and_enveloped), - .field_name = "d.signed_and_enveloped", - .item = &PKCS7_SIGN_ENVELOPE_it, - }, - - }, - { - .value = NID_pkcs7_digest, - .tt = { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL | ASN1_TFLG_NDEF, - .tag = 0, - .offset = offsetof(PKCS7, d.digest), - .field_name = "d.digest", - .item = &PKCS7_DIGEST_it, - }, - - }, - { - .value = NID_pkcs7_encrypted, - .tt = { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL | ASN1_TFLG_NDEF, - .tag = 0, - .offset = offsetof(PKCS7, d.encrypted), - .field_name = "d.encrypted", - .item = &PKCS7_ENCRYPT_it, - }, - - }, -}; - -static const ASN1_ADB PKCS7_adb = { - .flags = 0, - .offset = offsetof(PKCS7, type), - .tbl = PKCS7_adbtbl, - .tblcount = sizeof(PKCS7_adbtbl) / sizeof(ASN1_ADB_TABLE), - .default_tt = &p7default_tt, - .null_tt = NULL, -}; - -/* PKCS#7 streaming support */ -static int -pk7_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) -{ - ASN1_STREAM_ARG *sarg = exarg; - PKCS7 **pp7 = (PKCS7 **)pval; - - switch (operation) { - case ASN1_OP_STREAM_PRE: - if (PKCS7_stream(&sarg->boundary, *pp7) <= 0) - return 0; - /* FALLTHROUGH */ - - case ASN1_OP_DETACHED_PRE: - sarg->ndef_bio = PKCS7_dataInit(*pp7, sarg->out); - if (!sarg->ndef_bio) - return 0; - break; - - case ASN1_OP_STREAM_POST: - case ASN1_OP_DETACHED_POST: - if (PKCS7_dataFinal(*pp7, sarg->ndef_bio) <= 0) - return 0; - break; - } - return 1; -} - -static const ASN1_AUX PKCS7_aux = { - .app_data = NULL, - .flags = 0, - .ref_offset = 0, - .ref_lock = 0, - .asn1_cb = pk7_cb, - .enc_offset = 0, -}; -static const ASN1_TEMPLATE PKCS7_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7, type), - .field_name = "type", - .item = &ASN1_OBJECT_it, - }, - { - .flags = ASN1_TFLG_ADB_OID, - .tag = -1, - .offset = 0, - .field_name = "PKCS7", - .item = (const ASN1_ITEM *)&PKCS7_adb, - }, -}; - -const ASN1_ITEM PKCS7_it = { - .itype = ASN1_ITYPE_NDEF_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = PKCS7_seq_tt, - .tcount = sizeof(PKCS7_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &PKCS7_aux, - .size = sizeof(PKCS7), - .sname = "PKCS7", -}; -LCRYPTO_ALIAS(PKCS7_it); - - -PKCS7 * -d2i_PKCS7(PKCS7 **a, const unsigned char **in, long len) -{ - return (PKCS7 *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &PKCS7_it); -} -LCRYPTO_ALIAS(d2i_PKCS7); - -int -i2d_PKCS7(PKCS7 *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS7_it); -} -LCRYPTO_ALIAS(i2d_PKCS7); - -PKCS7 * -PKCS7_new(void) -{ - return (PKCS7 *)ASN1_item_new(&PKCS7_it); -} -LCRYPTO_ALIAS(PKCS7_new); - -void -PKCS7_free(PKCS7 *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &PKCS7_it); -} -LCRYPTO_ALIAS(PKCS7_free); - -PKCS7 * -PKCS7_dup(PKCS7 *x) -{ - return ASN1_item_dup(&PKCS7_it, x); -} -LCRYPTO_ALIAS(PKCS7_dup); - -static const ASN1_TEMPLATE PKCS7_SIGNED_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7_SIGNED, version), - .field_name = "version", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_SET_OF, - .tag = 0, - .offset = offsetof(PKCS7_SIGNED, md_algs), - .field_name = "md_algs", - .item = &X509_ALGOR_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7_SIGNED, contents), - .field_name = "contents", - .item = &PKCS7_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(PKCS7_SIGNED, cert), - .field_name = "cert", - .item = &X509_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(PKCS7_SIGNED, crl), - .field_name = "crl", - .item = &X509_CRL_it, - }, - { - .flags = ASN1_TFLG_SET_OF, - .tag = 0, - .offset = offsetof(PKCS7_SIGNED, signer_info), - .field_name = "signer_info", - .item = &PKCS7_SIGNER_INFO_it, - }, -}; - -const ASN1_ITEM PKCS7_SIGNED_it = { - .itype = ASN1_ITYPE_NDEF_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = PKCS7_SIGNED_seq_tt, - .tcount = sizeof(PKCS7_SIGNED_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(PKCS7_SIGNED), - .sname = "PKCS7_SIGNED", -}; -LCRYPTO_ALIAS(PKCS7_SIGNED_it); - - -PKCS7_SIGNED * -d2i_PKCS7_SIGNED(PKCS7_SIGNED **a, const unsigned char **in, long len) -{ - return (PKCS7_SIGNED *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &PKCS7_SIGNED_it); -} -LCRYPTO_ALIAS(d2i_PKCS7_SIGNED); - -int -i2d_PKCS7_SIGNED(PKCS7_SIGNED *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS7_SIGNED_it); -} -LCRYPTO_ALIAS(i2d_PKCS7_SIGNED); - -PKCS7_SIGNED * -PKCS7_SIGNED_new(void) -{ - return (PKCS7_SIGNED *)ASN1_item_new(&PKCS7_SIGNED_it); -} -LCRYPTO_ALIAS(PKCS7_SIGNED_new); - -void -PKCS7_SIGNED_free(PKCS7_SIGNED *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &PKCS7_SIGNED_it); -} -LCRYPTO_ALIAS(PKCS7_SIGNED_free); - -/* Minor tweak to operation: free up EVP_PKEY */ -static int -si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) -{ - if (operation == ASN1_OP_FREE_POST) { - PKCS7_SIGNER_INFO *si = (PKCS7_SIGNER_INFO *)*pval; - EVP_PKEY_free(si->pkey); - } - return 1; -} - -static const ASN1_AUX PKCS7_SIGNER_INFO_aux = { - .app_data = NULL, - .flags = 0, - .ref_offset = 0, - .ref_lock = 0, - .asn1_cb = si_cb, - .enc_offset = 0, -}; -static const ASN1_TEMPLATE PKCS7_SIGNER_INFO_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7_SIGNER_INFO, version), - .field_name = "version", - .item = &ASN1_INTEGER_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7_SIGNER_INFO, issuer_and_serial), - .field_name = "issuer_and_serial", - .item = &PKCS7_ISSUER_AND_SERIAL_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7_SIGNER_INFO, digest_alg), - .field_name = "digest_alg", - .item = &X509_ALGOR_it, - }, - /* NB this should be a SET OF but we use a SEQUENCE OF so the - * original order * is retained when the structure is reencoded. - * Since the attributes are implicitly tagged this will not affect - * the encoding. - */ - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(PKCS7_SIGNER_INFO, auth_attr), - .field_name = "auth_attr", - .item = &X509_ATTRIBUTE_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7_SIGNER_INFO, digest_enc_alg), - .field_name = "digest_enc_alg", - .item = &X509_ALGOR_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7_SIGNER_INFO, enc_digest), - .field_name = "enc_digest", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(PKCS7_SIGNER_INFO, unauth_attr), - .field_name = "unauth_attr", - .item = &X509_ATTRIBUTE_it, - }, -}; - -const ASN1_ITEM PKCS7_SIGNER_INFO_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = PKCS7_SIGNER_INFO_seq_tt, - .tcount = sizeof(PKCS7_SIGNER_INFO_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &PKCS7_SIGNER_INFO_aux, - .size = sizeof(PKCS7_SIGNER_INFO), - .sname = "PKCS7_SIGNER_INFO", -}; -LCRYPTO_ALIAS(PKCS7_SIGNER_INFO_it); - - -PKCS7_SIGNER_INFO * -d2i_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO **a, const unsigned char **in, long len) -{ - return (PKCS7_SIGNER_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &PKCS7_SIGNER_INFO_it); -} -LCRYPTO_ALIAS(d2i_PKCS7_SIGNER_INFO); - -int -i2d_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS7_SIGNER_INFO_it); -} -LCRYPTO_ALIAS(i2d_PKCS7_SIGNER_INFO); - -PKCS7_SIGNER_INFO * -PKCS7_SIGNER_INFO_new(void) -{ - return (PKCS7_SIGNER_INFO *)ASN1_item_new(&PKCS7_SIGNER_INFO_it); -} -LCRYPTO_ALIAS(PKCS7_SIGNER_INFO_new); - -void -PKCS7_SIGNER_INFO_free(PKCS7_SIGNER_INFO *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &PKCS7_SIGNER_INFO_it); -} -LCRYPTO_ALIAS(PKCS7_SIGNER_INFO_free); - -static const ASN1_TEMPLATE PKCS7_ISSUER_AND_SERIAL_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7_ISSUER_AND_SERIAL, issuer), - .field_name = "issuer", - .item = &X509_NAME_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7_ISSUER_AND_SERIAL, serial), - .field_name = "serial", - .item = &ASN1_INTEGER_it, - }, -}; - -const ASN1_ITEM PKCS7_ISSUER_AND_SERIAL_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = PKCS7_ISSUER_AND_SERIAL_seq_tt, - .tcount = sizeof(PKCS7_ISSUER_AND_SERIAL_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(PKCS7_ISSUER_AND_SERIAL), - .sname = "PKCS7_ISSUER_AND_SERIAL", -}; -LCRYPTO_ALIAS(PKCS7_ISSUER_AND_SERIAL_it); - - -PKCS7_ISSUER_AND_SERIAL * -d2i_PKCS7_ISSUER_AND_SERIAL(PKCS7_ISSUER_AND_SERIAL **a, const unsigned char **in, long len) -{ - return (PKCS7_ISSUER_AND_SERIAL *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &PKCS7_ISSUER_AND_SERIAL_it); -} -LCRYPTO_ALIAS(d2i_PKCS7_ISSUER_AND_SERIAL); - -int -i2d_PKCS7_ISSUER_AND_SERIAL(PKCS7_ISSUER_AND_SERIAL *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS7_ISSUER_AND_SERIAL_it); -} -LCRYPTO_ALIAS(i2d_PKCS7_ISSUER_AND_SERIAL); - -PKCS7_ISSUER_AND_SERIAL * -PKCS7_ISSUER_AND_SERIAL_new(void) -{ - return (PKCS7_ISSUER_AND_SERIAL *)ASN1_item_new(&PKCS7_ISSUER_AND_SERIAL_it); -} -LCRYPTO_ALIAS(PKCS7_ISSUER_AND_SERIAL_new); - -void -PKCS7_ISSUER_AND_SERIAL_free(PKCS7_ISSUER_AND_SERIAL *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &PKCS7_ISSUER_AND_SERIAL_it); -} -LCRYPTO_ALIAS(PKCS7_ISSUER_AND_SERIAL_free); - -static const ASN1_TEMPLATE PKCS7_ENVELOPE_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7_ENVELOPE, version), - .field_name = "version", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_SET_OF, - .tag = 0, - .offset = offsetof(PKCS7_ENVELOPE, recipientinfo), - .field_name = "recipientinfo", - .item = &PKCS7_RECIP_INFO_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7_ENVELOPE, enc_data), - .field_name = "enc_data", - .item = &PKCS7_ENC_CONTENT_it, - }, -}; - -const ASN1_ITEM PKCS7_ENVELOPE_it = { - .itype = ASN1_ITYPE_NDEF_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = PKCS7_ENVELOPE_seq_tt, - .tcount = sizeof(PKCS7_ENVELOPE_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(PKCS7_ENVELOPE), - .sname = "PKCS7_ENVELOPE", -}; -LCRYPTO_ALIAS(PKCS7_ENVELOPE_it); - - -PKCS7_ENVELOPE * -d2i_PKCS7_ENVELOPE(PKCS7_ENVELOPE **a, const unsigned char **in, long len) -{ - return (PKCS7_ENVELOPE *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &PKCS7_ENVELOPE_it); -} -LCRYPTO_ALIAS(d2i_PKCS7_ENVELOPE); - -int -i2d_PKCS7_ENVELOPE(PKCS7_ENVELOPE *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS7_ENVELOPE_it); -} -LCRYPTO_ALIAS(i2d_PKCS7_ENVELOPE); - -PKCS7_ENVELOPE * -PKCS7_ENVELOPE_new(void) -{ - return (PKCS7_ENVELOPE *)ASN1_item_new(&PKCS7_ENVELOPE_it); -} -LCRYPTO_ALIAS(PKCS7_ENVELOPE_new); - -void -PKCS7_ENVELOPE_free(PKCS7_ENVELOPE *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &PKCS7_ENVELOPE_it); -} -LCRYPTO_ALIAS(PKCS7_ENVELOPE_free); - -/* Minor tweak to operation: free up X509 */ -static int -ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) -{ - if (operation == ASN1_OP_FREE_POST) { - PKCS7_RECIP_INFO *ri = (PKCS7_RECIP_INFO *)*pval; - X509_free(ri->cert); - } - return 1; -} - -static const ASN1_AUX PKCS7_RECIP_INFO_aux = { - .app_data = NULL, - .flags = 0, - .ref_offset = 0, - .ref_lock = 0, - .asn1_cb = ri_cb, - .enc_offset = 0, -}; -static const ASN1_TEMPLATE PKCS7_RECIP_INFO_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7_RECIP_INFO, version), - .field_name = "version", - .item = &ASN1_INTEGER_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7_RECIP_INFO, issuer_and_serial), - .field_name = "issuer_and_serial", - .item = &PKCS7_ISSUER_AND_SERIAL_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7_RECIP_INFO, key_enc_algor), - .field_name = "key_enc_algor", - .item = &X509_ALGOR_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7_RECIP_INFO, enc_key), - .field_name = "enc_key", - .item = &ASN1_OCTET_STRING_it, - }, -}; - -const ASN1_ITEM PKCS7_RECIP_INFO_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = PKCS7_RECIP_INFO_seq_tt, - .tcount = sizeof(PKCS7_RECIP_INFO_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &PKCS7_RECIP_INFO_aux, - .size = sizeof(PKCS7_RECIP_INFO), - .sname = "PKCS7_RECIP_INFO", -}; -LCRYPTO_ALIAS(PKCS7_RECIP_INFO_it); - - -PKCS7_RECIP_INFO * -d2i_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO **a, const unsigned char **in, long len) -{ - return (PKCS7_RECIP_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &PKCS7_RECIP_INFO_it); -} -LCRYPTO_ALIAS(d2i_PKCS7_RECIP_INFO); - -int -i2d_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS7_RECIP_INFO_it); -} -LCRYPTO_ALIAS(i2d_PKCS7_RECIP_INFO); - -PKCS7_RECIP_INFO * -PKCS7_RECIP_INFO_new(void) -{ - return (PKCS7_RECIP_INFO *)ASN1_item_new(&PKCS7_RECIP_INFO_it); -} -LCRYPTO_ALIAS(PKCS7_RECIP_INFO_new); - -void -PKCS7_RECIP_INFO_free(PKCS7_RECIP_INFO *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &PKCS7_RECIP_INFO_it); -} -LCRYPTO_ALIAS(PKCS7_RECIP_INFO_free); - -static const ASN1_TEMPLATE PKCS7_ENC_CONTENT_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7_ENC_CONTENT, content_type), - .field_name = "content_type", - .item = &ASN1_OBJECT_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7_ENC_CONTENT, algorithm), - .field_name = "algorithm", - .item = &X509_ALGOR_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(PKCS7_ENC_CONTENT, enc_data), - .field_name = "enc_data", - .item = &ASN1_OCTET_STRING_NDEF_it, - }, -}; - -const ASN1_ITEM PKCS7_ENC_CONTENT_it = { - .itype = ASN1_ITYPE_NDEF_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = PKCS7_ENC_CONTENT_seq_tt, - .tcount = sizeof(PKCS7_ENC_CONTENT_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(PKCS7_ENC_CONTENT), - .sname = "PKCS7_ENC_CONTENT", -}; -LCRYPTO_ALIAS(PKCS7_ENC_CONTENT_it); - - -PKCS7_ENC_CONTENT * -d2i_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT **a, const unsigned char **in, long len) -{ - return (PKCS7_ENC_CONTENT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &PKCS7_ENC_CONTENT_it); -} -LCRYPTO_ALIAS(d2i_PKCS7_ENC_CONTENT); - -int -i2d_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS7_ENC_CONTENT_it); -} -LCRYPTO_ALIAS(i2d_PKCS7_ENC_CONTENT); - -PKCS7_ENC_CONTENT * -PKCS7_ENC_CONTENT_new(void) -{ - return (PKCS7_ENC_CONTENT *)ASN1_item_new(&PKCS7_ENC_CONTENT_it); -} -LCRYPTO_ALIAS(PKCS7_ENC_CONTENT_new); - -void -PKCS7_ENC_CONTENT_free(PKCS7_ENC_CONTENT *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &PKCS7_ENC_CONTENT_it); -} -LCRYPTO_ALIAS(PKCS7_ENC_CONTENT_free); - -static const ASN1_TEMPLATE PKCS7_SIGN_ENVELOPE_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7_SIGN_ENVELOPE, version), - .field_name = "version", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_SET_OF, - .tag = 0, - .offset = offsetof(PKCS7_SIGN_ENVELOPE, recipientinfo), - .field_name = "recipientinfo", - .item = &PKCS7_RECIP_INFO_it, - }, - { - .flags = ASN1_TFLG_SET_OF, - .tag = 0, - .offset = offsetof(PKCS7_SIGN_ENVELOPE, md_algs), - .field_name = "md_algs", - .item = &X509_ALGOR_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7_SIGN_ENVELOPE, enc_data), - .field_name = "enc_data", - .item = &PKCS7_ENC_CONTENT_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(PKCS7_SIGN_ENVELOPE, cert), - .field_name = "cert", - .item = &X509_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(PKCS7_SIGN_ENVELOPE, crl), - .field_name = "crl", - .item = &X509_CRL_it, - }, - { - .flags = ASN1_TFLG_SET_OF, - .tag = 0, - .offset = offsetof(PKCS7_SIGN_ENVELOPE, signer_info), - .field_name = "signer_info", - .item = &PKCS7_SIGNER_INFO_it, - }, -}; - -const ASN1_ITEM PKCS7_SIGN_ENVELOPE_it = { - .itype = ASN1_ITYPE_NDEF_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = PKCS7_SIGN_ENVELOPE_seq_tt, - .tcount = sizeof(PKCS7_SIGN_ENVELOPE_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(PKCS7_SIGN_ENVELOPE), - .sname = "PKCS7_SIGN_ENVELOPE", -}; -LCRYPTO_ALIAS(PKCS7_SIGN_ENVELOPE_it); - - -PKCS7_SIGN_ENVELOPE * -d2i_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE **a, const unsigned char **in, long len) -{ - return (PKCS7_SIGN_ENVELOPE *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &PKCS7_SIGN_ENVELOPE_it); -} -LCRYPTO_ALIAS(d2i_PKCS7_SIGN_ENVELOPE); - -int -i2d_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS7_SIGN_ENVELOPE_it); -} -LCRYPTO_ALIAS(i2d_PKCS7_SIGN_ENVELOPE); - -PKCS7_SIGN_ENVELOPE * -PKCS7_SIGN_ENVELOPE_new(void) -{ - return (PKCS7_SIGN_ENVELOPE *)ASN1_item_new(&PKCS7_SIGN_ENVELOPE_it); -} -LCRYPTO_ALIAS(PKCS7_SIGN_ENVELOPE_new); - -void -PKCS7_SIGN_ENVELOPE_free(PKCS7_SIGN_ENVELOPE *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &PKCS7_SIGN_ENVELOPE_it); -} -LCRYPTO_ALIAS(PKCS7_SIGN_ENVELOPE_free); - -static const ASN1_TEMPLATE PKCS7_ENCRYPT_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7_ENCRYPT, version), - .field_name = "version", - .item = &ASN1_INTEGER_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7_ENCRYPT, enc_data), - .field_name = "enc_data", - .item = &PKCS7_ENC_CONTENT_it, - }, -}; - -const ASN1_ITEM PKCS7_ENCRYPT_it = { - .itype = ASN1_ITYPE_NDEF_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = PKCS7_ENCRYPT_seq_tt, - .tcount = sizeof(PKCS7_ENCRYPT_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(PKCS7_ENCRYPT), - .sname = "PKCS7_ENCRYPT", -}; -LCRYPTO_ALIAS(PKCS7_ENCRYPT_it); - - -PKCS7_ENCRYPT * -d2i_PKCS7_ENCRYPT(PKCS7_ENCRYPT **a, const unsigned char **in, long len) -{ - return (PKCS7_ENCRYPT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &PKCS7_ENCRYPT_it); -} -LCRYPTO_ALIAS(d2i_PKCS7_ENCRYPT); - -int -i2d_PKCS7_ENCRYPT(PKCS7_ENCRYPT *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS7_ENCRYPT_it); -} -LCRYPTO_ALIAS(i2d_PKCS7_ENCRYPT); - -PKCS7_ENCRYPT * -PKCS7_ENCRYPT_new(void) -{ - return (PKCS7_ENCRYPT *)ASN1_item_new(&PKCS7_ENCRYPT_it); -} -LCRYPTO_ALIAS(PKCS7_ENCRYPT_new); - -void -PKCS7_ENCRYPT_free(PKCS7_ENCRYPT *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &PKCS7_ENCRYPT_it); -} -LCRYPTO_ALIAS(PKCS7_ENCRYPT_free); - -static const ASN1_TEMPLATE PKCS7_DIGEST_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7_DIGEST, version), - .field_name = "version", - .item = &ASN1_INTEGER_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7_DIGEST, md), - .field_name = "md", - .item = &X509_ALGOR_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7_DIGEST, contents), - .field_name = "contents", - .item = &PKCS7_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(PKCS7_DIGEST, digest), - .field_name = "digest", - .item = &ASN1_OCTET_STRING_it, - }, -}; - -const ASN1_ITEM PKCS7_DIGEST_it = { - .itype = ASN1_ITYPE_NDEF_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = PKCS7_DIGEST_seq_tt, - .tcount = sizeof(PKCS7_DIGEST_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(PKCS7_DIGEST), - .sname = "PKCS7_DIGEST", -}; -LCRYPTO_ALIAS(PKCS7_DIGEST_it); - - -PKCS7_DIGEST * -d2i_PKCS7_DIGEST(PKCS7_DIGEST **a, const unsigned char **in, long len) -{ - return (PKCS7_DIGEST *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &PKCS7_DIGEST_it); -} -LCRYPTO_ALIAS(d2i_PKCS7_DIGEST); - -int -i2d_PKCS7_DIGEST(PKCS7_DIGEST *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS7_DIGEST_it); -} -LCRYPTO_ALIAS(i2d_PKCS7_DIGEST); - -PKCS7_DIGEST * -PKCS7_DIGEST_new(void) -{ - return (PKCS7_DIGEST *)ASN1_item_new(&PKCS7_DIGEST_it); -} -LCRYPTO_ALIAS(PKCS7_DIGEST_new); - -void -PKCS7_DIGEST_free(PKCS7_DIGEST *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &PKCS7_DIGEST_it); -} -LCRYPTO_ALIAS(PKCS7_DIGEST_free); - -/* Specials for authenticated attributes */ - -/* When signing attributes we want to reorder them to match the sorted - * encoding. - */ - -static const ASN1_TEMPLATE PKCS7_ATTR_SIGN_item_tt = { - .flags = ASN1_TFLG_SET_ORDER, - .tag = 0, - .offset = 0, - .field_name = "PKCS7_ATTRIBUTES", - .item = &X509_ATTRIBUTE_it, -}; - -const ASN1_ITEM PKCS7_ATTR_SIGN_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = -1, - .templates = &PKCS7_ATTR_SIGN_item_tt, - .tcount = 0, - .funcs = NULL, - .size = 0, - .sname = "PKCS7_ATTR_SIGN", -}; -LCRYPTO_ALIAS(PKCS7_ATTR_SIGN_it); - -/* When verifying attributes we need to use the received order. So - * we use SEQUENCE OF and tag it to SET OF - */ - -static const ASN1_TEMPLATE PKCS7_ATTR_VERIFY_item_tt = { - .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_IMPTAG | ASN1_TFLG_UNIVERSAL, - .tag = V_ASN1_SET, - .offset = 0, - .field_name = "PKCS7_ATTRIBUTES", - .item = &X509_ATTRIBUTE_it, -}; - -const ASN1_ITEM PKCS7_ATTR_VERIFY_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = -1, - .templates = &PKCS7_ATTR_VERIFY_item_tt, - .tcount = 0, - .funcs = NULL, - .size = 0, - .sname = "PKCS7_ATTR_VERIFY", -}; -LCRYPTO_ALIAS(PKCS7_ATTR_VERIFY_it); - - -int -PKCS7_print_ctx(BIO *out, PKCS7 *x, int indent, const ASN1_PCTX *pctx) -{ - return ASN1_item_print(out, (ASN1_VALUE *)x, indent, - &PKCS7_it, pctx); -} -LCRYPTO_ALIAS(PKCS7_print_ctx); - -PKCS7 * -d2i_PKCS7_bio(BIO *bp, PKCS7 **p7) -{ - return ASN1_item_d2i_bio(&PKCS7_it, bp, p7); -} -LCRYPTO_ALIAS(d2i_PKCS7_bio); - -int -i2d_PKCS7_bio(BIO *bp, PKCS7 *p7) -{ - return ASN1_item_i2d_bio(&PKCS7_it, bp, p7); -} -LCRYPTO_ALIAS(i2d_PKCS7_bio); - -PKCS7 * -d2i_PKCS7_fp(FILE *fp, PKCS7 **p7) -{ - return ASN1_item_d2i_fp(&PKCS7_it, fp, p7); -} -LCRYPTO_ALIAS(d2i_PKCS7_fp); - -int -i2d_PKCS7_fp(FILE *fp, PKCS7 *p7) -{ - return ASN1_item_i2d_fp(&PKCS7_it, fp, p7); -} -LCRYPTO_ALIAS(i2d_PKCS7_fp); - -int -PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data, - const EVP_MD *type, unsigned char *md, unsigned int *len) -{ - return(ASN1_item_digest(&PKCS7_ISSUER_AND_SERIAL_it, type, - (char *)data, md, len)); -} -LCRYPTO_ALIAS(PKCS7_ISSUER_AND_SERIAL_digest); diff --git a/src/lib/libcrypto/pkcs7/pk7_attr.c b/src/lib/libcrypto/pkcs7/pk7_attr.c deleted file mode 100644 index 52463aa3a3..0000000000 --- a/src/lib/libcrypto/pkcs7/pk7_attr.c +++ /dev/null @@ -1,176 +0,0 @@ -/* $OpenBSD: pk7_attr.c,v 1.15 2024/02/19 15:37:44 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2001. - */ -/* ==================================================================== - * Copyright (c) 2001-2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include -#include -#include - -int -PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, STACK_OF(X509_ALGOR) *cap) -{ - ASN1_STRING *seq; - if (!(seq = ASN1_STRING_new())) { - PKCS7error(ERR_R_MALLOC_FAILURE); - return 0; - } - seq->length = ASN1_item_i2d((ASN1_VALUE *)cap, &seq->data, - &X509_ALGORS_it); - return PKCS7_add_signed_attribute(si, NID_SMIMECapabilities, - V_ASN1_SEQUENCE, seq); -} -LCRYPTO_ALIAS(PKCS7_add_attrib_smimecap); - -STACK_OF(X509_ALGOR) * -PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si) -{ - ASN1_TYPE *cap; - const unsigned char *p; - - cap = PKCS7_get_signed_attribute(si, NID_SMIMECapabilities); - if (!cap || (cap->type != V_ASN1_SEQUENCE)) - return NULL; - p = cap->value.sequence->data; - return (STACK_OF(X509_ALGOR) *) - ASN1_item_d2i(NULL, &p, cap->value.sequence->length, - &X509_ALGORS_it); -} -LCRYPTO_ALIAS(PKCS7_get_smimecap); - -/* Basic smime-capabilities OID and optional integer arg */ -int -PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg) -{ - X509_ALGOR *alg; - - if (!(alg = X509_ALGOR_new())) { - PKCS7error(ERR_R_MALLOC_FAILURE); - return 0; - } - ASN1_OBJECT_free(alg->algorithm); - alg->algorithm = OBJ_nid2obj(nid); - if (arg > 0) { - ASN1_INTEGER *nbit; - - if (!(alg->parameter = ASN1_TYPE_new())) - goto err; - if (!(nbit = ASN1_INTEGER_new())) - goto err; - if (!ASN1_INTEGER_set(nbit, arg)) { - ASN1_INTEGER_free(nbit); - goto err; - } - alg->parameter->value.integer = nbit; - alg->parameter->type = V_ASN1_INTEGER; - } - if (sk_X509_ALGOR_push(sk, alg) == 0) - goto err; - return 1; - -err: - PKCS7error(ERR_R_MALLOC_FAILURE); - X509_ALGOR_free(alg); - return 0; -} -LCRYPTO_ALIAS(PKCS7_simple_smimecap); - -int -PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid) -{ - if (PKCS7_get_signed_attribute(si, NID_pkcs9_contentType)) - return 0; - if (!coid) - coid = OBJ_nid2obj(NID_pkcs7_data); - return PKCS7_add_signed_attribute(si, NID_pkcs9_contentType, - V_ASN1_OBJECT, coid); -} -LCRYPTO_ALIAS(PKCS7_add_attrib_content_type); - -int -PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t) -{ - if (!t && !(t = X509_gmtime_adj(NULL, 0))) { - PKCS7error(ERR_R_MALLOC_FAILURE); - return 0; - } - return PKCS7_add_signed_attribute(si, NID_pkcs9_signingTime, - V_ASN1_UTCTIME, t); -} -LCRYPTO_ALIAS(PKCS7_add0_attrib_signing_time); - -int -PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si, const unsigned char *md, - int mdlen) -{ - ASN1_OCTET_STRING *os; - - os = ASN1_OCTET_STRING_new(); - if (!os) - return 0; - if (!ASN1_STRING_set(os, md, mdlen) || - !PKCS7_add_signed_attribute(si, NID_pkcs9_messageDigest, - V_ASN1_OCTET_STRING, os)) { - ASN1_OCTET_STRING_free(os); - return 0; - } - return 1; -} -LCRYPTO_ALIAS(PKCS7_add1_attrib_digest); diff --git a/src/lib/libcrypto/pkcs7/pk7_doit.c b/src/lib/libcrypto/pkcs7/pk7_doit.c deleted file mode 100644 index 020de71fef..0000000000 --- a/src/lib/libcrypto/pkcs7/pk7_doit.c +++ /dev/null @@ -1,1263 +0,0 @@ -/* $OpenBSD: pk7_doit.c,v 1.59 2025/03/18 12:53:25 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include -#include -#include -#include - -#include "evp_local.h" -#include "x509_local.h" - -static int -PKCS7_type_is_other(PKCS7* p7) -{ - int isOther = 1; - - int nid = OBJ_obj2nid(p7->type); - - switch (nid ) { - case NID_pkcs7_data: - case NID_pkcs7_signed: - case NID_pkcs7_enveloped: - case NID_pkcs7_signedAndEnveloped: - case NID_pkcs7_digest: - case NID_pkcs7_encrypted: - isOther = 0; - break; - default: - isOther = 1; - } - - return isOther; - -} - -ASN1_OCTET_STRING * -PKCS7_get_octet_string(PKCS7 *p7) -{ - if (PKCS7_type_is_data(p7)) - return p7->d.data; - if (PKCS7_type_is_other(p7) && p7->d.other && - (p7->d.other->type == V_ASN1_OCTET_STRING)) - return p7->d.other->value.octet_string; - return NULL; -} - -static int -PKCS7_bio_add_digest(BIO **pbio, X509_ALGOR *alg) -{ - BIO *btmp; - const EVP_MD *md; - - if ((btmp = BIO_new(BIO_f_md())) == NULL) { - PKCS7error(ERR_R_BIO_LIB); - goto err; - } - - md = EVP_get_digestbyobj(alg->algorithm); - if (md == NULL) { - PKCS7error(PKCS7_R_UNKNOWN_DIGEST_TYPE); - goto err; - } - - if (BIO_set_md(btmp, md) <= 0) { - PKCS7error(ERR_R_BIO_LIB); - goto err; - } - - if (*pbio == NULL) - *pbio = btmp; - else if (!BIO_push(*pbio, btmp)) { - PKCS7error(ERR_R_BIO_LIB); - goto err; - } - btmp = NULL; - - return 1; - -err: - BIO_free(btmp); - return 0; - -} - -static int -pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri, unsigned char *key, int keylen) -{ - EVP_PKEY_CTX *pctx = NULL; - EVP_PKEY *pkey = NULL; - unsigned char *ek = NULL; - int ret = 0; - size_t eklen; - - pkey = X509_get_pubkey(ri->cert); - if (!pkey) - return 0; - - pctx = EVP_PKEY_CTX_new(pkey, NULL); - if (!pctx) - return 0; - - if (EVP_PKEY_encrypt_init(pctx) <= 0) - goto err; - - if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_ENCRYPT, - EVP_PKEY_CTRL_PKCS7_ENCRYPT, 0, ri) <= 0) { - PKCS7error(PKCS7_R_CTRL_ERROR); - goto err; - } - - if (EVP_PKEY_encrypt(pctx, NULL, &eklen, key, keylen) <= 0) - goto err; - - ek = malloc(eklen); - - if (ek == NULL) { - PKCS7error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (EVP_PKEY_encrypt(pctx, ek, &eklen, key, keylen) <= 0) - goto err; - - ASN1_STRING_set0(ri->enc_key, ek, eklen); - ek = NULL; - - ret = 1; - -err: - EVP_PKEY_free(pkey); - EVP_PKEY_CTX_free(pctx); - free(ek); - return ret; -} - - -static int -pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen, PKCS7_RECIP_INFO *ri, - EVP_PKEY *pkey, size_t fixlen) -{ - EVP_PKEY_CTX *pctx = NULL; - unsigned char *ek = NULL; - size_t eklen; - - int ret = -1; - - pctx = EVP_PKEY_CTX_new(pkey, NULL); - if (!pctx) - return -1; - - if (EVP_PKEY_decrypt_init(pctx) <= 0) - goto err; - - if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DECRYPT, - EVP_PKEY_CTRL_PKCS7_DECRYPT, 0, ri) <= 0) { - PKCS7error(PKCS7_R_CTRL_ERROR); - goto err; - } - - if (EVP_PKEY_decrypt(pctx, NULL, &eklen, - ri->enc_key->data, ri->enc_key->length) <= 0) - goto err; - - ek = malloc(eklen); - if (ek == NULL) { - PKCS7error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (EVP_PKEY_decrypt(pctx, ek, &eklen, ri->enc_key->data, - ri->enc_key->length) <= 0 || eklen == 0 || - (fixlen != 0 && eklen != fixlen)) { - ret = 0; - PKCS7error(ERR_R_EVP_LIB); - goto err; - } - - ret = 1; - - freezero(*pek, *peklen); - - *pek = ek; - *peklen = eklen; - -err: - EVP_PKEY_CTX_free(pctx); - if (!ret && ek) - free(ek); - - return ret; -} - -BIO * -PKCS7_dataInit(PKCS7 *p7, BIO *bio) -{ - int i; - BIO *out = NULL, *btmp = NULL; - X509_ALGOR *xa = NULL; - const EVP_CIPHER *evp_cipher = NULL; - STACK_OF(X509_ALGOR) *md_sk = NULL; - STACK_OF(PKCS7_RECIP_INFO) *rsk = NULL; - X509_ALGOR *xalg = NULL; - PKCS7_RECIP_INFO *ri = NULL; - ASN1_OCTET_STRING *os = NULL; - - if (p7 == NULL) { - PKCS7error(PKCS7_R_INVALID_NULL_POINTER); - return NULL; - } - - /* - * The content field in the PKCS7 ContentInfo is optional, - * but that really only applies to inner content (precisely, - * detached signatures). - * - * When reading content, missing outer content is therefore - * treated as an error. - * - * When creating content, PKCS7_content_new() must be called - * before calling this method, so a NULL p7->d is always - * an error. - */ - if (p7->d.ptr == NULL) { - PKCS7error(PKCS7_R_NO_CONTENT); - return NULL; - } - - i = OBJ_obj2nid(p7->type); - p7->state = PKCS7_S_HEADER; - - switch (i) { - case NID_pkcs7_signed: - md_sk = p7->d.sign->md_algs; - os = PKCS7_get_octet_string(p7->d.sign->contents); - break; - case NID_pkcs7_signedAndEnveloped: - rsk = p7->d.signed_and_enveloped->recipientinfo; - md_sk = p7->d.signed_and_enveloped->md_algs; - xalg = p7->d.signed_and_enveloped->enc_data->algorithm; - evp_cipher = p7->d.signed_and_enveloped->enc_data->cipher; - if (evp_cipher == NULL) { - PKCS7error(PKCS7_R_CIPHER_NOT_INITIALIZED); - goto err; - } - break; - case NID_pkcs7_enveloped: - rsk = p7->d.enveloped->recipientinfo; - xalg = p7->d.enveloped->enc_data->algorithm; - evp_cipher = p7->d.enveloped->enc_data->cipher; - if (evp_cipher == NULL) { - PKCS7error(PKCS7_R_CIPHER_NOT_INITIALIZED); - goto err; - } - break; - case NID_pkcs7_digest: - xa = p7->d.digest->md; - os = PKCS7_get_octet_string(p7->d.digest->contents); - break; - case NID_pkcs7_data: - break; - default: - PKCS7error(PKCS7_R_UNSUPPORTED_CONTENT_TYPE); - goto err; - } - - for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++) - if (!PKCS7_bio_add_digest(&out, sk_X509_ALGOR_value(md_sk, i))) - goto err; - - if (xa && !PKCS7_bio_add_digest(&out, xa)) - goto err; - - if (evp_cipher != NULL) { - unsigned char key[EVP_MAX_KEY_LENGTH]; - unsigned char iv[EVP_MAX_IV_LENGTH]; - int keylen, ivlen; - EVP_CIPHER_CTX *ctx; - - if ((btmp = BIO_new(BIO_f_cipher())) == NULL) { - PKCS7error(ERR_R_BIO_LIB); - goto err; - } - BIO_get_cipher_ctx(btmp, &ctx); - keylen = EVP_CIPHER_key_length(evp_cipher); - ivlen = EVP_CIPHER_iv_length(evp_cipher); - xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher)); - if (ivlen > 0) - arc4random_buf(iv, ivlen); - if (EVP_CipherInit_ex(ctx, evp_cipher, NULL, NULL, - NULL, 1) <= 0) - goto err; - if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0) - goto err; - if (EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, 1) <= 0) - goto err; - - if (ivlen > 0) { - if (xalg->parameter == NULL) { - xalg->parameter = ASN1_TYPE_new(); - if (xalg->parameter == NULL) - goto err; - } - if (EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) < 0) - goto err; - } - - /* Lets do the pub key stuff :-) */ - for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) { - ri = sk_PKCS7_RECIP_INFO_value(rsk, i); - if (pkcs7_encode_rinfo(ri, key, keylen) <= 0) - goto err; - } - explicit_bzero(key, keylen); - - if (out == NULL) - out = btmp; - else - BIO_push(out, btmp); - btmp = NULL; - } - - if (bio == NULL) { - if (PKCS7_is_detached(p7)) - bio = BIO_new(BIO_s_null()); - else if (os && os->length > 0) - bio = BIO_new_mem_buf(os->data, os->length); - if (bio == NULL) { - bio = BIO_new(BIO_s_mem()); - if (bio == NULL) - goto err; - BIO_set_mem_eof_return(bio, 0); - } - } - if (out) - BIO_push(out, bio); - else - out = bio; - bio = NULL; - if (0) { -err: - if (out != NULL) - BIO_free_all(out); - if (btmp != NULL) - BIO_free_all(btmp); - out = NULL; - } - return out; -} -LCRYPTO_ALIAS(PKCS7_dataInit); - -static int -pkcs7_cmp_ri(PKCS7_RECIP_INFO *ri, X509 *pcert) -{ - int ret; - - ret = X509_NAME_cmp(ri->issuer_and_serial->issuer, - pcert->cert_info->issuer); - if (ret) - return ret; - return ASN1_INTEGER_cmp(pcert->cert_info->serialNumber, - ri->issuer_and_serial->serial); -} - -/* int */ -BIO * -PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) -{ - int i, j; - BIO *out = NULL, *btmp = NULL, *etmp = NULL, *bio = NULL; - X509_ALGOR *xa; - ASN1_OCTET_STRING *data_body = NULL; - const EVP_MD *evp_md; - const EVP_CIPHER *evp_cipher = NULL; - EVP_CIPHER_CTX *evp_ctx = NULL; - X509_ALGOR *enc_alg = NULL; - STACK_OF(X509_ALGOR) *md_sk = NULL; - STACK_OF(PKCS7_RECIP_INFO) *rsk = NULL; - PKCS7_RECIP_INFO *ri = NULL; - unsigned char *ek = NULL, *tkey = NULL; - int eklen = 0, tkeylen = 0; - - if (p7 == NULL) { - PKCS7error(PKCS7_R_INVALID_NULL_POINTER); - return NULL; - } - - if (p7->d.ptr == NULL) { - PKCS7error(PKCS7_R_NO_CONTENT); - return NULL; - } - - i = OBJ_obj2nid(p7->type); - p7->state = PKCS7_S_HEADER; - - switch (i) { - case NID_pkcs7_signed: - data_body = PKCS7_get_octet_string(p7->d.sign->contents); - md_sk = p7->d.sign->md_algs; - break; - case NID_pkcs7_signedAndEnveloped: - rsk = p7->d.signed_and_enveloped->recipientinfo; - md_sk = p7->d.signed_and_enveloped->md_algs; - data_body = p7->d.signed_and_enveloped->enc_data->enc_data; - enc_alg = p7->d.signed_and_enveloped->enc_data->algorithm; - evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm); - if (evp_cipher == NULL) { - PKCS7error(PKCS7_R_UNSUPPORTED_CIPHER_TYPE); - goto err; - } - break; - case NID_pkcs7_enveloped: - rsk = p7->d.enveloped->recipientinfo; - enc_alg = p7->d.enveloped->enc_data->algorithm; - data_body = p7->d.enveloped->enc_data->enc_data; - evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm); - if (evp_cipher == NULL) { - PKCS7error(PKCS7_R_UNSUPPORTED_CIPHER_TYPE); - goto err; - } - break; - default: - PKCS7error(PKCS7_R_UNSUPPORTED_CONTENT_TYPE); - goto err; - } - - /* We will be checking the signature */ - if (md_sk != NULL) { - for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++) { - xa = sk_X509_ALGOR_value(md_sk, i); - if ((btmp = BIO_new(BIO_f_md())) == NULL) { - PKCS7error(ERR_R_BIO_LIB); - goto err; - } - - j = OBJ_obj2nid(xa->algorithm); - evp_md = EVP_get_digestbynid(j); - if (evp_md == NULL) { - PKCS7error(PKCS7_R_UNKNOWN_DIGEST_TYPE); - goto err; - } - - if (BIO_set_md(btmp, evp_md) <= 0) { - PKCS7error(ERR_R_BIO_LIB); - goto err; - } - if (out == NULL) - out = btmp; - else - BIO_push(out, btmp); - btmp = NULL; - } - } - - if (evp_cipher != NULL) { - if ((etmp = BIO_new(BIO_f_cipher())) == NULL) { - PKCS7error(ERR_R_BIO_LIB); - goto err; - } - - /* It was encrypted, we need to decrypt the secret key - * with the private key */ - - /* Find the recipientInfo which matches the passed certificate - * (if any) - */ - if (pcert) { - for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) { - ri = sk_PKCS7_RECIP_INFO_value(rsk, i); - if (!pkcs7_cmp_ri(ri, pcert)) - break; - ri = NULL; - } - if (ri == NULL) { - PKCS7error(PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE); - goto err; - } - } - - /* If we haven't got a certificate try each ri in turn */ - if (pcert == NULL) { - /* Always attempt to decrypt all rinfo even - * after success as a defence against MMA timing - * attacks. - */ - for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) { - ri = sk_PKCS7_RECIP_INFO_value(rsk, i); - - if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey, - EVP_CIPHER_key_length(evp_cipher)) < 0) - goto err; - ERR_clear_error(); - } - } else { - /* Only exit on fatal errors, not decrypt failure */ - if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey, 0) < 0) - goto err; - ERR_clear_error(); - } - - evp_ctx = NULL; - BIO_get_cipher_ctx(etmp, &evp_ctx); - if (EVP_CipherInit_ex(evp_ctx, evp_cipher, NULL, NULL, - NULL, 0) <= 0) - goto err; - if (EVP_CIPHER_asn1_to_param(evp_ctx, enc_alg->parameter) < 0) - goto err; - /* Generate random key as MMA defence */ - tkeylen = EVP_CIPHER_CTX_key_length(evp_ctx); - tkey = malloc(tkeylen); - if (!tkey) - goto err; - if (EVP_CIPHER_CTX_rand_key(evp_ctx, tkey) <= 0) - goto err; - if (ek == NULL) { - ek = tkey; - eklen = tkeylen; - tkey = NULL; - } - - if (eklen != EVP_CIPHER_CTX_key_length(evp_ctx)) { - /* Some S/MIME clients don't use the same key - * and effective key length. The key length is - * determined by the size of the decrypted RSA key. - */ - if (!EVP_CIPHER_CTX_set_key_length(evp_ctx, eklen)) { - /* Use random key as MMA defence */ - freezero(ek, eklen); - ek = tkey; - eklen = tkeylen; - tkey = NULL; - } - } - /* Clear errors so we don't leak information useful in MMA */ - ERR_clear_error(); - if (EVP_CipherInit_ex(evp_ctx, NULL, NULL, ek, NULL, 0) <= 0) - goto err; - - freezero(ek, eklen); - ek = NULL; - freezero(tkey, tkeylen); - tkey = NULL; - - if (out == NULL) - out = etmp; - else - BIO_push(out, etmp); - etmp = NULL; - } - - if (PKCS7_is_detached(p7) || (in_bio != NULL)) { - bio = in_bio; - } else { - if (data_body != NULL && data_body->length > 0) - bio = BIO_new_mem_buf(data_body->data, data_body->length); - else { - bio = BIO_new(BIO_s_mem()); - BIO_set_mem_eof_return(bio, 0); - } - if (bio == NULL) - goto err; - } - BIO_push(out, bio); - - if (0) { -err: - freezero(ek, eklen); - freezero(tkey, tkeylen); - if (out != NULL) - BIO_free_all(out); - if (btmp != NULL) - BIO_free_all(btmp); - if (etmp != NULL) - BIO_free_all(etmp); - out = NULL; - } - return out; -} -LCRYPTO_ALIAS(PKCS7_dataDecode); - -static BIO * -PKCS7_find_digest(EVP_MD_CTX **pmd, BIO *bio, int nid) -{ - for (;;) { - bio = BIO_find_type(bio, BIO_TYPE_MD); - if (bio == NULL) { - PKCS7error(PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST); - return NULL; - } - BIO_get_md_ctx(bio, pmd); - if (*pmd == NULL) { - PKCS7error(ERR_R_INTERNAL_ERROR); - return NULL; - } - if (EVP_MD_CTX_type(*pmd) == nid) - return bio; - bio = BIO_next(bio); - } - return NULL; -} - -static int -do_pkcs7_signed_attrib(PKCS7_SIGNER_INFO *si, EVP_MD_CTX *mctx) -{ - unsigned char md_data[EVP_MAX_MD_SIZE]; - unsigned int md_len; - - /* Add signing time if not already present */ - if (!PKCS7_get_signed_attribute(si, NID_pkcs9_signingTime)) { - if (!PKCS7_add0_attrib_signing_time(si, NULL)) { - PKCS7error(ERR_R_MALLOC_FAILURE); - return 0; - } - } - - /* Add digest */ - if (!EVP_DigestFinal_ex(mctx, md_data, &md_len)) { - PKCS7error(ERR_R_EVP_LIB); - return 0; - } - if (!PKCS7_add1_attrib_digest(si, md_data, md_len)) { - PKCS7error(ERR_R_MALLOC_FAILURE); - return 0; - } - - /* Now sign the attributes */ - if (!PKCS7_SIGNER_INFO_sign(si)) - return 0; - - return 1; -} - - -int -PKCS7_dataFinal(PKCS7 *p7, BIO *bio) -{ - int ret = 0; - int i, j; - BIO *btmp; - PKCS7_SIGNER_INFO *si; - EVP_MD_CTX *mdc, ctx_tmp; - STACK_OF(X509_ATTRIBUTE) *sk; - STACK_OF(PKCS7_SIGNER_INFO) *si_sk = NULL; - ASN1_OCTET_STRING *os = NULL; - - if (p7 == NULL) { - PKCS7error(PKCS7_R_INVALID_NULL_POINTER); - return 0; - } - - if (p7->d.ptr == NULL) { - PKCS7error(PKCS7_R_NO_CONTENT); - return 0; - } - - EVP_MD_CTX_legacy_clear(&ctx_tmp); - i = OBJ_obj2nid(p7->type); - p7->state = PKCS7_S_HEADER; - - switch (i) { - case NID_pkcs7_data: - os = p7->d.data; - break; - case NID_pkcs7_signedAndEnveloped: - /* XXX */ - si_sk = p7->d.signed_and_enveloped->signer_info; - os = p7->d.signed_and_enveloped->enc_data->enc_data; - if (!os) { - os = ASN1_OCTET_STRING_new(); - if (!os) { - PKCS7error(ERR_R_MALLOC_FAILURE); - goto err; - } - p7->d.signed_and_enveloped->enc_data->enc_data = os; - } - break; - case NID_pkcs7_enveloped: - /* XXX */ - os = p7->d.enveloped->enc_data->enc_data; - if (!os) { - os = ASN1_OCTET_STRING_new(); - if (!os) { - PKCS7error(ERR_R_MALLOC_FAILURE); - goto err; - } - p7->d.enveloped->enc_data->enc_data = os; - } - break; - case NID_pkcs7_signed: - si_sk = p7->d.sign->signer_info; - os = PKCS7_get_octet_string(p7->d.sign->contents); - if (!PKCS7_is_detached(p7) && os == NULL) { - PKCS7error(PKCS7_R_DECODE_ERROR); - goto err; - } - /* If detached data then the content is excluded */ - if (PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) { - ASN1_OCTET_STRING_free(os); - os = NULL; - p7->d.sign->contents->d.data = NULL; - } - break; - - case NID_pkcs7_digest: - os = PKCS7_get_octet_string(p7->d.digest->contents); - if (os == NULL) { - PKCS7error(PKCS7_R_DECODE_ERROR); - goto err; - } - /* If detached data then the content is excluded */ - if (PKCS7_type_is_data(p7->d.digest->contents) && - p7->detached) { - ASN1_OCTET_STRING_free(os); - os = NULL; - p7->d.digest->contents->d.data = NULL; - } - break; - - default: - PKCS7error(PKCS7_R_UNSUPPORTED_CONTENT_TYPE); - goto err; - } - - if (si_sk != NULL) { - for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(si_sk); i++) { - si = sk_PKCS7_SIGNER_INFO_value(si_sk, i); - if (si->pkey == NULL) - continue; - - j = OBJ_obj2nid(si->digest_alg->algorithm); - - if ((btmp = PKCS7_find_digest(&mdc, bio, j)) == NULL) - goto err; - - /* We now have the EVP_MD_CTX, lets do the - * signing. */ - if (!EVP_MD_CTX_copy_ex(&ctx_tmp, mdc)) - goto err; - - sk = si->auth_attr; - - /* If there are attributes, we add the digest - * attribute and only sign the attributes */ - if (sk_X509_ATTRIBUTE_num(sk) > 0) { - if (!do_pkcs7_signed_attrib(si, &ctx_tmp)) - goto err; - } else { - unsigned char *abuf = NULL; - unsigned int abuflen; - abuflen = EVP_PKEY_size(si->pkey); - abuf = malloc(abuflen); - if (!abuf) - goto err; - - if (!EVP_SignFinal(&ctx_tmp, abuf, &abuflen, - si->pkey)) { - PKCS7error(ERR_R_EVP_LIB); - free(abuf); - goto err; - } - ASN1_STRING_set0(si->enc_digest, abuf, abuflen); - } - } - } else if (i == NID_pkcs7_digest) { - unsigned char md_data[EVP_MAX_MD_SIZE]; - unsigned int md_len; - - if (!PKCS7_find_digest(&mdc, bio, - OBJ_obj2nid(p7->d.digest->md->algorithm))) - goto err; - if (!EVP_DigestFinal_ex(mdc, md_data, &md_len)) - goto err; - if (ASN1_STRING_set(p7->d.digest->digest, md_data, - md_len) == 0) - goto err; - } - - if (!PKCS7_is_detached(p7)) { - /* - * NOTE: only reach os == NULL here because detached - * digested data support is broken? - */ - if (os == NULL) - goto err; - if (!(os->flags & ASN1_STRING_FLAG_NDEF)) { - char *cont; - long contlen; - - btmp = BIO_find_type(bio, BIO_TYPE_MEM); - if (btmp == NULL) { - PKCS7error(PKCS7_R_UNABLE_TO_FIND_MEM_BIO); - goto err; - } - contlen = BIO_get_mem_data(btmp, &cont); - /* - * Mark the BIO read only then we can use its copy - * of the data instead of making an extra copy. - */ - BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY); - BIO_set_mem_eof_return(btmp, 0); - ASN1_STRING_set0(os, (unsigned char *)cont, contlen); - } - } - ret = 1; -err: - EVP_MD_CTX_cleanup(&ctx_tmp); - return ret; -} -LCRYPTO_ALIAS(PKCS7_dataFinal); - -int -PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si) -{ - EVP_MD_CTX mctx; - EVP_PKEY_CTX *pctx; - unsigned char *abuf = NULL; - int alen; - size_t siglen; - const EVP_MD *md = NULL; - - md = EVP_get_digestbyobj(si->digest_alg->algorithm); - if (md == NULL) - return 0; - - EVP_MD_CTX_legacy_clear(&mctx); - if (EVP_DigestSignInit(&mctx, &pctx, md, NULL, si->pkey) <= 0) - goto err; - - if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN, - EVP_PKEY_CTRL_PKCS7_SIGN, 0, si) <= 0) { - PKCS7error(PKCS7_R_CTRL_ERROR); - goto err; - } - - alen = ASN1_item_i2d((ASN1_VALUE *)si->auth_attr, &abuf, - &PKCS7_ATTR_SIGN_it); - if (!abuf) - goto err; - if (EVP_DigestSignUpdate(&mctx, abuf, alen) <= 0) - goto err; - free(abuf); - abuf = NULL; - if (EVP_DigestSignFinal(&mctx, NULL, &siglen) <= 0) - goto err; - abuf = malloc(siglen); - if (!abuf) - goto err; - if (EVP_DigestSignFinal(&mctx, abuf, &siglen) <= 0) - goto err; - - if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN, - EVP_PKEY_CTRL_PKCS7_SIGN, 1, si) <= 0) { - PKCS7error(PKCS7_R_CTRL_ERROR); - goto err; - } - - EVP_MD_CTX_cleanup(&mctx); - - ASN1_STRING_set0(si->enc_digest, abuf, siglen); - - return 1; - -err: - free(abuf); - EVP_MD_CTX_cleanup(&mctx); - return 0; -} -LCRYPTO_ALIAS(PKCS7_SIGNER_INFO_sign); - -int -PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio, - PKCS7 *p7, PKCS7_SIGNER_INFO *si) -{ - PKCS7_ISSUER_AND_SERIAL *ias; - int ret = 0, i; - STACK_OF(X509) *cert; - X509 *x509; - - if (p7 == NULL) { - PKCS7error(PKCS7_R_INVALID_NULL_POINTER); - return 0; - } - - if (p7->d.ptr == NULL) { - PKCS7error(PKCS7_R_NO_CONTENT); - return 0; - } - - if (PKCS7_type_is_signed(p7)) { - cert = p7->d.sign->cert; - } else if (PKCS7_type_is_signedAndEnveloped(p7)) { - cert = p7->d.signed_and_enveloped->cert; - } else { - PKCS7error(PKCS7_R_WRONG_PKCS7_TYPE); - goto err; - } - /* XXXX */ - ias = si->issuer_and_serial; - - x509 = X509_find_by_issuer_and_serial(cert, ias->issuer, ias->serial); - - /* were we able to find the cert in passed to us */ - if (x509 == NULL) { - PKCS7error(PKCS7_R_UNABLE_TO_FIND_CERTIFICATE); - goto err; - } - - /* Lets verify */ - if (!X509_STORE_CTX_init(ctx, cert_store, x509, cert)) { - PKCS7error(ERR_R_X509_LIB); - goto err; - } - if (X509_STORE_CTX_set_purpose(ctx, X509_PURPOSE_SMIME_SIGN) == 0) { - X509_STORE_CTX_cleanup(ctx); - goto err; - } - i = X509_verify_cert(ctx); - if (i <= 0) { - PKCS7error(ERR_R_X509_LIB); - X509_STORE_CTX_cleanup(ctx); - goto err; - } - X509_STORE_CTX_cleanup(ctx); - - return PKCS7_signatureVerify(bio, p7, si, x509); - -err: - return ret; -} -LCRYPTO_ALIAS(PKCS7_dataVerify); - -int -PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si, X509 *x509) -{ - ASN1_OCTET_STRING *os; - EVP_MD_CTX mdc_tmp, *mdc; - int ret = 0, i; - int md_type; - STACK_OF(X509_ATTRIBUTE) *sk; - BIO *btmp; - EVP_PKEY *pkey; - - EVP_MD_CTX_legacy_clear(&mdc_tmp); - - if (!PKCS7_type_is_signed(p7) && - !PKCS7_type_is_signedAndEnveloped(p7)) { - PKCS7error(PKCS7_R_WRONG_PKCS7_TYPE); - goto err; - } - - md_type = OBJ_obj2nid(si->digest_alg->algorithm); - - btmp = bio; - for (;;) { - if ((btmp == NULL) || - ((btmp = BIO_find_type(btmp, BIO_TYPE_MD)) == NULL)) { - PKCS7error(PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST); - goto err; - } - BIO_get_md_ctx(btmp, &mdc); - if (mdc == NULL) { - PKCS7error(ERR_R_INTERNAL_ERROR); - goto err; - } - if (EVP_MD_CTX_type(mdc) == md_type) - break; - /* Workaround for some broken clients that put the signature - * OID instead of the digest OID in digest_alg->algorithm - */ - if (EVP_MD_pkey_type(EVP_MD_CTX_md(mdc)) == md_type) - break; - btmp = BIO_next(btmp); - } - - /* mdc is the digest ctx that we want, unless there are attributes, - * in which case the digest is the signed attributes */ - if (!EVP_MD_CTX_copy_ex(&mdc_tmp, mdc)) - goto err; - - sk = si->auth_attr; - if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0)) { - unsigned char md_dat[EVP_MAX_MD_SIZE], *abuf = NULL; - unsigned int md_len; - int alen; - ASN1_OCTET_STRING *message_digest; - - if (!EVP_DigestFinal_ex(&mdc_tmp, md_dat, &md_len)) - goto err; - message_digest = PKCS7_digest_from_attributes(sk); - if (!message_digest) { - PKCS7error(PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST); - goto err; - } - if ((message_digest->length != (int)md_len) || - (memcmp(message_digest->data, md_dat, md_len))) { - PKCS7error(PKCS7_R_DIGEST_FAILURE); - ret = -1; - goto err; - } - - if (!EVP_VerifyInit_ex(&mdc_tmp, EVP_get_digestbynid(md_type), - NULL)) - goto err; - - alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf, - &PKCS7_ATTR_VERIFY_it); - if (alen <= 0) { - PKCS7error(ERR_R_ASN1_LIB); - ret = -1; - goto err; - } - if (!EVP_VerifyUpdate(&mdc_tmp, abuf, alen)) { - free(abuf); - goto err; - } - - free(abuf); - } - - os = si->enc_digest; - pkey = X509_get_pubkey(x509); - if (!pkey) { - ret = -1; - goto err; - } - - i = EVP_VerifyFinal(&mdc_tmp, os->data, os->length, pkey); - EVP_PKEY_free(pkey); - if (i <= 0) { - PKCS7error(PKCS7_R_SIGNATURE_FAILURE); - ret = -1; - goto err; - } else - ret = 1; -err: - EVP_MD_CTX_cleanup(&mdc_tmp); - return ret; -} -LCRYPTO_ALIAS(PKCS7_signatureVerify); - -PKCS7_ISSUER_AND_SERIAL * -PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx) -{ - STACK_OF(PKCS7_RECIP_INFO) *rsk; - PKCS7_RECIP_INFO *ri; - int i; - - i = OBJ_obj2nid(p7->type); - if (i != NID_pkcs7_signedAndEnveloped) - return NULL; - if (p7->d.signed_and_enveloped == NULL) - return NULL; - rsk = p7->d.signed_and_enveloped->recipientinfo; - if (rsk == NULL) - return NULL; - ri = sk_PKCS7_RECIP_INFO_value(rsk, 0); - if (sk_PKCS7_RECIP_INFO_num(rsk) <= idx) - return NULL; - ri = sk_PKCS7_RECIP_INFO_value(rsk, idx); - return ri->issuer_and_serial; -} -LCRYPTO_ALIAS(PKCS7_get_issuer_and_serial); - -static ASN1_TYPE * -get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid) -{ - int i; - X509_ATTRIBUTE *xa; - ASN1_OBJECT *o; - - o = OBJ_nid2obj(nid); - if (!o || !sk) - return NULL; - for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) { - xa = sk_X509_ATTRIBUTE_value(sk, i); - if (OBJ_cmp(xa->object, o) == 0) - return sk_ASN1_TYPE_value(xa->set, 0); - } - return NULL; -} - -ASN1_TYPE * -PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid) -{ - return get_attribute(si->auth_attr, nid); -} -LCRYPTO_ALIAS(PKCS7_get_signed_attribute); - -ASN1_TYPE * -PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid) -{ - return get_attribute(si->unauth_attr, nid); -} -LCRYPTO_ALIAS(PKCS7_get_attribute); - -ASN1_OCTET_STRING * -PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk) -{ - ASN1_TYPE *astype; - - if (!(astype = get_attribute(sk, NID_pkcs9_messageDigest))) - return NULL; - if (astype->type != V_ASN1_OCTET_STRING) - return NULL; - return astype->value.octet_string; -} -LCRYPTO_ALIAS(PKCS7_digest_from_attributes); - -int -PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si, - STACK_OF(X509_ATTRIBUTE) *sk) -{ - int i; - - if (p7si->auth_attr != NULL) - sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr, - X509_ATTRIBUTE_free); - p7si->auth_attr = sk_X509_ATTRIBUTE_dup(sk); - if (p7si->auth_attr == NULL) - return 0; - for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) { - if ((sk_X509_ATTRIBUTE_set(p7si->auth_attr, i, - X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value(sk, i)))) - == NULL) - return 0; - } - return 1; -} -LCRYPTO_ALIAS(PKCS7_set_signed_attributes); - -int -PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si, STACK_OF(X509_ATTRIBUTE) *sk) -{ - int i; - - if (p7si->unauth_attr != NULL) - sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr, - X509_ATTRIBUTE_free); - p7si->unauth_attr = sk_X509_ATTRIBUTE_dup(sk); - if (p7si->unauth_attr == NULL) - return 0; - for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) { - if ((sk_X509_ATTRIBUTE_set(p7si->unauth_attr, i, - X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value(sk, i)))) - == NULL) - return 0; - } - return 1; -} -LCRYPTO_ALIAS(PKCS7_set_attributes); - -static int -add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype, void *value) -{ - X509_ATTRIBUTE *attr = NULL; - - if (*sk == NULL) { - *sk = sk_X509_ATTRIBUTE_new_null(); - if (*sk == NULL) - return 0; -new_attrib: - if (!(attr = X509_ATTRIBUTE_create(nid, atrtype, value))) - return 0; - if (!sk_X509_ATTRIBUTE_push(*sk, attr)) { - X509_ATTRIBUTE_free(attr); - return 0; - } - } else { - int i; - - for (i = 0; i < sk_X509_ATTRIBUTE_num(*sk); i++) { - attr = sk_X509_ATTRIBUTE_value(*sk, i); - if (OBJ_obj2nid(attr->object) == nid) { - X509_ATTRIBUTE_free(attr); - attr = X509_ATTRIBUTE_create(nid, atrtype, - value); - if (attr == NULL) - return 0; - if (!sk_X509_ATTRIBUTE_set(*sk, i, attr)) { - X509_ATTRIBUTE_free(attr); - return 0; - } - goto end; - } - } - goto new_attrib; - } -end: - return 1; -} - -int -PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype, - void *value) -{ - return add_attribute(&(p7si->auth_attr), nid, atrtype, value); -} -LCRYPTO_ALIAS(PKCS7_add_signed_attribute); - -int -PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype, void *value) -{ - return add_attribute(&(p7si->unauth_attr), nid, atrtype, value); -} -LCRYPTO_ALIAS(PKCS7_add_attribute); diff --git a/src/lib/libcrypto/pkcs7/pk7_lib.c b/src/lib/libcrypto/pkcs7/pk7_lib.c deleted file mode 100644 index a1c7d61cca..0000000000 --- a/src/lib/libcrypto/pkcs7/pk7_lib.c +++ /dev/null @@ -1,685 +0,0 @@ -/* $OpenBSD: pk7_lib.c,v 1.30 2024/12/06 07:10:20 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include -#include - -#include "asn1_local.h" -#include "evp_local.h" -#include "x509_local.h" - -long -PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg) -{ - int nid; - long ret = 0; - - nid = OBJ_obj2nid(p7->type); - - switch (cmd) { - case PKCS7_OP_SET_DETACHED_SIGNATURE: - if (nid == NID_pkcs7_signed) { - if (p7->d.sign == NULL) { - PKCS7error(PKCS7_R_NO_CONTENT); - break; - } - ret = p7->detached = (int)larg; - if (ret && PKCS7_type_is_data(p7->d.sign->contents)) { - ASN1_OCTET_STRING *os; - os = p7->d.sign->contents->d.data; - ASN1_OCTET_STRING_free(os); - p7->d.sign->contents->d.data = NULL; - } - } else { - PKCS7error(PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE); - ret = 0; - } - break; - case PKCS7_OP_GET_DETACHED_SIGNATURE: - if (nid == NID_pkcs7_signed) { - if (p7->d.sign == NULL || - p7->d.sign->contents->d.ptr == NULL) - ret = 1; - else - ret = 0; - - p7->detached = ret; - } else { - PKCS7error(PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE); - ret = 0; - } - - break; - default: - PKCS7error(PKCS7_R_UNKNOWN_OPERATION); - ret = 0; - } - return (ret); -} -LCRYPTO_ALIAS(PKCS7_ctrl); - -int -PKCS7_content_new(PKCS7 *p7, int type) -{ - PKCS7 *ret = NULL; - - if ((ret = PKCS7_new()) == NULL) - goto err; - if (!PKCS7_set_type(ret, type)) - goto err; - if (!PKCS7_set_content(p7, ret)) - goto err; - - return (1); -err: - if (ret != NULL) - PKCS7_free(ret); - return (0); -} -LCRYPTO_ALIAS(PKCS7_content_new); - -int -PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data) -{ - int i; - - i = OBJ_obj2nid(p7->type); - switch (i) { - case NID_pkcs7_signed: - if (p7->d.sign->contents != NULL) - PKCS7_free(p7->d.sign->contents); - p7->d.sign->contents = p7_data; - break; - case NID_pkcs7_digest: - if (p7->d.digest->contents != NULL) - PKCS7_free(p7->d.digest->contents); - p7->d.digest->contents = p7_data; - break; - case NID_pkcs7_data: - case NID_pkcs7_enveloped: - case NID_pkcs7_signedAndEnveloped: - case NID_pkcs7_encrypted: - default: - PKCS7error(PKCS7_R_UNSUPPORTED_CONTENT_TYPE); - goto err; - } - return (1); -err: - return (0); -} -LCRYPTO_ALIAS(PKCS7_set_content); - -int -PKCS7_set_type(PKCS7 *p7, int type) -{ - ASN1_OBJECT *obj; - - /*PKCS7_content_free(p7);*/ - obj=OBJ_nid2obj(type); /* will not fail */ - - switch (type) { - case NID_pkcs7_signed: - p7->type = obj; - if ((p7->d.sign = PKCS7_SIGNED_new()) == NULL) - goto err; - if (!ASN1_INTEGER_set(p7->d.sign->version, 1)) { - PKCS7_SIGNED_free(p7->d.sign); - p7->d.sign = NULL; - goto err; - } - break; - case NID_pkcs7_data: - p7->type = obj; - if ((p7->d.data = ASN1_OCTET_STRING_new()) == NULL) - goto err; - break; - case NID_pkcs7_signedAndEnveloped: - p7->type = obj; - if ((p7->d.signed_and_enveloped = - PKCS7_SIGN_ENVELOPE_new()) == NULL) - goto err; - if (!ASN1_INTEGER_set(p7->d.signed_and_enveloped->version, 1)) - goto err; - p7->d.signed_and_enveloped->enc_data->content_type = - OBJ_nid2obj(NID_pkcs7_data); - break; - case NID_pkcs7_enveloped: - p7->type = obj; - if ((p7->d.enveloped = PKCS7_ENVELOPE_new()) == NULL) - goto err; - if (!ASN1_INTEGER_set(p7->d.enveloped->version, 0)) - goto err; - p7->d.enveloped->enc_data->content_type = - OBJ_nid2obj(NID_pkcs7_data); - break; - case NID_pkcs7_encrypted: - p7->type = obj; - if ((p7->d.encrypted = PKCS7_ENCRYPT_new()) == NULL) - goto err; - if (!ASN1_INTEGER_set(p7->d.encrypted->version, 0)) - goto err; - p7->d.encrypted->enc_data->content_type = - OBJ_nid2obj(NID_pkcs7_data); - break; - - case NID_pkcs7_digest: - p7->type = obj; - if ((p7->d.digest = PKCS7_DIGEST_new()) == NULL) - goto err; - if (!ASN1_INTEGER_set(p7->d.digest->version, 0)) - goto err; - break; - default: - PKCS7error(PKCS7_R_UNSUPPORTED_CONTENT_TYPE); - goto err; - } - return (1); -err: - return (0); -} -LCRYPTO_ALIAS(PKCS7_set_type); - -int -PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other) -{ - p7->type = OBJ_nid2obj(type); - p7->d.other = other; - return 1; -} -LCRYPTO_ALIAS(PKCS7_set0_type_other); - -int -PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi) -{ - int i, j, nid; - X509_ALGOR *alg; - STACK_OF(PKCS7_SIGNER_INFO) *signer_sk; - STACK_OF(X509_ALGOR) *md_sk; - - i = OBJ_obj2nid(p7->type); - switch (i) { - case NID_pkcs7_signed: - signer_sk = p7->d.sign->signer_info; - md_sk = p7->d.sign->md_algs; - break; - case NID_pkcs7_signedAndEnveloped: - signer_sk = p7->d.signed_and_enveloped->signer_info; - md_sk = p7->d.signed_and_enveloped->md_algs; - break; - default: - PKCS7error(PKCS7_R_WRONG_CONTENT_TYPE); - return (0); - } - - nid = OBJ_obj2nid(psi->digest_alg->algorithm); - - /* If the digest is not currently listed, add it */ - j = 0; - for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++) { - alg = sk_X509_ALGOR_value(md_sk, i); - if (OBJ_obj2nid(alg->algorithm) == nid) { - j = 1; - break; - } - } - if (!j) /* we need to add another algorithm */ - { - if (!(alg = X509_ALGOR_new()) || - !(alg->parameter = ASN1_TYPE_new())) { - X509_ALGOR_free(alg); - PKCS7error(ERR_R_MALLOC_FAILURE); - return (0); - } - alg->algorithm = OBJ_nid2obj(nid); - alg->parameter->type = V_ASN1_NULL; - if (!sk_X509_ALGOR_push(md_sk, alg)) { - X509_ALGOR_free(alg); - return 0; - } - } - - if (!sk_PKCS7_SIGNER_INFO_push(signer_sk, psi)) - return 0; - return (1); -} -LCRYPTO_ALIAS(PKCS7_add_signer); - -int -PKCS7_add_certificate(PKCS7 *p7, X509 *x509) -{ - int i; - STACK_OF(X509) **sk; - - i = OBJ_obj2nid(p7->type); - switch (i) { - case NID_pkcs7_signed: - sk = &(p7->d.sign->cert); - break; - case NID_pkcs7_signedAndEnveloped: - sk = &(p7->d.signed_and_enveloped->cert); - break; - default: - PKCS7error(PKCS7_R_WRONG_CONTENT_TYPE); - return (0); - } - - if (*sk == NULL) - *sk = sk_X509_new_null(); - if (*sk == NULL) { - PKCS7error(ERR_R_MALLOC_FAILURE); - return 0; - } - CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509); - if (!sk_X509_push(*sk, x509)) { - X509_free(x509); - return 0; - } - return (1); -} -LCRYPTO_ALIAS(PKCS7_add_certificate); - -int -PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl) -{ - int i; - STACK_OF(X509_CRL) **sk; - - i = OBJ_obj2nid(p7->type); - switch (i) { - case NID_pkcs7_signed: - sk = &(p7->d.sign->crl); - break; - case NID_pkcs7_signedAndEnveloped: - sk = &(p7->d.signed_and_enveloped->crl); - break; - default: - PKCS7error(PKCS7_R_WRONG_CONTENT_TYPE); - return (0); - } - - if (*sk == NULL) - *sk = sk_X509_CRL_new_null(); - if (*sk == NULL) { - PKCS7error(ERR_R_MALLOC_FAILURE); - return 0; - } - - CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509_CRL); - if (!sk_X509_CRL_push(*sk, crl)) { - X509_CRL_free(crl); - return 0; - } - return (1); -} -LCRYPTO_ALIAS(PKCS7_add_crl); - -int -PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, - const EVP_MD *dgst) -{ - int nid; - int ret; - - /* We now need to add another PKCS7_SIGNER_INFO entry */ - if (!ASN1_INTEGER_set(p7i->version, 1)) - goto err; - if (!X509_NAME_set(&p7i->issuer_and_serial->issuer, - X509_get_issuer_name(x509))) - goto err; - - /* because ASN1_INTEGER_set is used to set a 'long' we will do - * things the ugly way. */ - ASN1_INTEGER_free(p7i->issuer_and_serial->serial); - if (!(p7i->issuer_and_serial->serial = - ASN1_INTEGER_dup(X509_get_serialNumber(x509)))) - goto err; - - /* lets keep the pkey around for a while */ - CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY); - p7i->pkey = pkey; - - /* - * Do not use X509_ALGOR_set_evp_md() to match historical behavior. - * A mistranslation of the ASN.1 from 1988 to 1997 syntax lost the - * OPTIONAL field, cf. the NOTE above RFC 5754, 2.1. - * Using X509_ALGOR_set_evp_md() would change encoding of the SHAs. - */ - nid = EVP_MD_type(dgst); - if (!X509_ALGOR_set0_by_nid(p7i->digest_alg, nid, V_ASN1_NULL, NULL)) - return 0; - - if (pkey->ameth && pkey->ameth->pkey_ctrl) { - ret = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_PKCS7_SIGN, - 0, p7i); - if (ret > 0) - return 1; - if (ret != -2) { - PKCS7error(PKCS7_R_SIGNING_CTRL_FAILURE); - return 0; - } - } - PKCS7error(PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); -err: - return 0; -} -LCRYPTO_ALIAS(PKCS7_SIGNER_INFO_set); - -PKCS7_SIGNER_INFO * -PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey, const EVP_MD *dgst) -{ - PKCS7_SIGNER_INFO *si = NULL; - - if (dgst == NULL) { - int def_nid; - if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) <= 0) - goto err; - dgst = EVP_get_digestbynid(def_nid); - if (dgst == NULL) { - PKCS7error(PKCS7_R_NO_DEFAULT_DIGEST); - goto err; - } - } - - if ((si = PKCS7_SIGNER_INFO_new()) == NULL) - goto err; - if (!PKCS7_SIGNER_INFO_set(si, x509, pkey, dgst)) - goto err; - if (!PKCS7_add_signer(p7, si)) - goto err; - return (si); -err: - if (si) - PKCS7_SIGNER_INFO_free(si); - return (NULL); -} -LCRYPTO_ALIAS(PKCS7_add_signature); - -int -PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md) -{ - if (PKCS7_type_is_digest(p7)) { - if (!(p7->d.digest->md->parameter = ASN1_TYPE_new())) { - PKCS7error(ERR_R_MALLOC_FAILURE); - return 0; - } - p7->d.digest->md->parameter->type = V_ASN1_NULL; - p7->d.digest->md->algorithm = OBJ_nid2obj(EVP_MD_nid(md)); - return 1; - } - - PKCS7error(PKCS7_R_WRONG_CONTENT_TYPE); - return 1; -} -LCRYPTO_ALIAS(PKCS7_set_digest); - -STACK_OF(PKCS7_SIGNER_INFO) * -PKCS7_get_signer_info(PKCS7 *p7) -{ - if (p7 == NULL || p7->d.ptr == NULL) - return (NULL); - if (PKCS7_type_is_signed(p7)) { - return (p7->d.sign->signer_info); - } else if (PKCS7_type_is_signedAndEnveloped(p7)) { - return (p7->d.signed_and_enveloped->signer_info); - } else - return (NULL); -} -LCRYPTO_ALIAS(PKCS7_get_signer_info); - -void -PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk, - X509_ALGOR **pdig, X509_ALGOR **psig) -{ - if (pk) - *pk = si->pkey; - if (pdig) - *pdig = si->digest_alg; - if (psig) - *psig = si->digest_enc_alg; -} -LCRYPTO_ALIAS(PKCS7_SIGNER_INFO_get0_algs); - -void -PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc) -{ - if (penc) - *penc = ri->key_enc_algor; -} -LCRYPTO_ALIAS(PKCS7_RECIP_INFO_get0_alg); - -PKCS7_RECIP_INFO * -PKCS7_add_recipient(PKCS7 *p7, X509 *x509) -{ - PKCS7_RECIP_INFO *ri; - - if ((ri = PKCS7_RECIP_INFO_new()) == NULL) - goto err; - if (!PKCS7_RECIP_INFO_set(ri, x509)) - goto err; - if (!PKCS7_add_recipient_info(p7, ri)) - goto err; - return ri; -err: - if (ri) - PKCS7_RECIP_INFO_free(ri); - return NULL; -} -LCRYPTO_ALIAS(PKCS7_add_recipient); - -int -PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri) -{ - int i; - STACK_OF(PKCS7_RECIP_INFO) *sk; - - i = OBJ_obj2nid(p7->type); - switch (i) { - case NID_pkcs7_signedAndEnveloped: - sk = p7->d.signed_and_enveloped->recipientinfo; - break; - case NID_pkcs7_enveloped: - sk = p7->d.enveloped->recipientinfo; - break; - default: - PKCS7error(PKCS7_R_WRONG_CONTENT_TYPE); - return (0); - } - - if (!sk_PKCS7_RECIP_INFO_push(sk, ri)) - return 0; - return (1); -} -LCRYPTO_ALIAS(PKCS7_add_recipient_info); - -int -PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509) -{ - int ret; - EVP_PKEY *pkey = NULL; - if (!ASN1_INTEGER_set(p7i->version, 0)) - return 0; - if (!X509_NAME_set(&p7i->issuer_and_serial->issuer, - X509_get_issuer_name(x509))) - return 0; - - ASN1_INTEGER_free(p7i->issuer_and_serial->serial); - if (!(p7i->issuer_and_serial->serial = - ASN1_INTEGER_dup(X509_get_serialNumber(x509)))) - return 0; - - pkey = X509_get_pubkey(x509); - - if (!pkey || !pkey->ameth || !pkey->ameth->pkey_ctrl) { - PKCS7error(PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); - goto err; - } - - ret = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_PKCS7_ENCRYPT, - 0, p7i); - if (ret == -2) { - PKCS7error(PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); - goto err; - } - if (ret <= 0) { - PKCS7error(PKCS7_R_ENCRYPTION_CTRL_FAILURE); - goto err; - } - - EVP_PKEY_free(pkey); - - CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509); - p7i->cert = x509; - - return 1; - -err: - EVP_PKEY_free(pkey); - return 0; -} -LCRYPTO_ALIAS(PKCS7_RECIP_INFO_set); - -X509 * -PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si) -{ - if (PKCS7_type_is_signed(p7)) - return(X509_find_by_issuer_and_serial(p7->d.sign->cert, - si->issuer_and_serial->issuer, - si->issuer_and_serial->serial)); - else - return (NULL); -} -LCRYPTO_ALIAS(PKCS7_cert_from_signer_info); - -int -PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher) -{ - int i; - PKCS7_ENC_CONTENT *ec; - - i = OBJ_obj2nid(p7->type); - switch (i) { - case NID_pkcs7_signedAndEnveloped: - ec = p7->d.signed_and_enveloped->enc_data; - break; - case NID_pkcs7_enveloped: - ec = p7->d.enveloped->enc_data; - break; - default: - PKCS7error(PKCS7_R_WRONG_CONTENT_TYPE); - return (0); - } - - /* Check cipher OID exists and has data in it*/ - i = EVP_CIPHER_type(cipher); - if (i == NID_undef) { - PKCS7error(PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER); - return (0); - } - - ec->cipher = cipher; - return 1; -} -LCRYPTO_ALIAS(PKCS7_set_cipher); - -int -PKCS7_stream(unsigned char ***boundary, PKCS7 *p7) -{ - ASN1_OCTET_STRING *os = NULL; - - switch (OBJ_obj2nid(p7->type)) { - case NID_pkcs7_data: - os = p7->d.data; - break; - - case NID_pkcs7_signedAndEnveloped: - os = p7->d.signed_and_enveloped->enc_data->enc_data; - if (os == NULL) { - os = ASN1_OCTET_STRING_new(); - p7->d.signed_and_enveloped->enc_data->enc_data = os; - } - break; - - case NID_pkcs7_enveloped: - os = p7->d.enveloped->enc_data->enc_data; - if (os == NULL) { - os = ASN1_OCTET_STRING_new(); - p7->d.enveloped->enc_data->enc_data = os; - } - break; - - case NID_pkcs7_signed: - os = p7->d.sign->contents->d.data; - break; - - default: - os = NULL; - break; - } - - if (os == NULL) - return 0; - - os->flags |= ASN1_STRING_FLAG_NDEF; - *boundary = &os->data; - - return 1; -} -LCRYPTO_ALIAS(PKCS7_stream); diff --git a/src/lib/libcrypto/pkcs7/pk7_mime.c b/src/lib/libcrypto/pkcs7/pk7_mime.c deleted file mode 100644 index 381335589f..0000000000 --- a/src/lib/libcrypto/pkcs7/pk7_mime.c +++ /dev/null @@ -1,110 +0,0 @@ -/* $OpenBSD: pk7_mime.c,v 1.20 2024/01/25 13:44:08 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - */ - -#include -#include - -#include -#include - -#include "asn1_local.h" - -/* PKCS#7 wrappers round generalised stream and MIME routines */ -BIO * -BIO_new_PKCS7(BIO *out, PKCS7 *p7) -{ - return BIO_new_NDEF(out, (ASN1_VALUE *)p7, &PKCS7_it); -} -LCRYPTO_ALIAS(BIO_new_PKCS7); - -int -i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags) -{ - return i2d_ASN1_bio_stream(out, (ASN1_VALUE *)p7, in, flags, &PKCS7_it); -} -LCRYPTO_ALIAS(i2d_PKCS7_bio_stream); - -int -PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *in, int flags) -{ - return PEM_write_bio_ASN1_stream(out, (ASN1_VALUE *) p7, in, flags, - "PKCS7", &PKCS7_it); -} -LCRYPTO_ALIAS(PEM_write_bio_PKCS7_stream); - -int -SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags) -{ - STACK_OF(X509_ALGOR) *mdalgs = NULL; - int ctype_nid; - - if ((ctype_nid = OBJ_obj2nid(p7->type)) == NID_pkcs7_signed) { - if (p7->d.sign == NULL) - return 0; - mdalgs = p7->d.sign->md_algs; - } - - flags ^= SMIME_OLDMIME; - - return SMIME_write_ASN1(bio, (ASN1_VALUE *)p7, data, flags, - ctype_nid, NID_undef, mdalgs, &PKCS7_it); -} -LCRYPTO_ALIAS(SMIME_write_PKCS7); - -PKCS7 * -SMIME_read_PKCS7(BIO *bio, BIO **bcont) -{ - return (PKCS7 *)SMIME_read_ASN1(bio, bcont, &PKCS7_it); -} -LCRYPTO_ALIAS(SMIME_read_PKCS7); diff --git a/src/lib/libcrypto/pkcs7/pk7_smime.c b/src/lib/libcrypto/pkcs7/pk7_smime.c deleted file mode 100644 index cff89c34e1..0000000000 --- a/src/lib/libcrypto/pkcs7/pk7_smime.c +++ /dev/null @@ -1,587 +0,0 @@ -/* $OpenBSD: pk7_smime.c,v 1.27 2024/04/20 10:11:55 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* Simple PKCS#7 processing functions */ - -#include - -#include -#include -#include - -#include "x509_local.h" - -static int pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si); - -PKCS7 * -PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, - int flags) -{ - PKCS7 *p7; - int i; - - if (!(p7 = PKCS7_new())) { - PKCS7error(ERR_R_MALLOC_FAILURE); - return NULL; - } - - if (!PKCS7_set_type(p7, NID_pkcs7_signed)) - goto err; - - if (!PKCS7_content_new(p7, NID_pkcs7_data)) - goto err; - - if (pkey && !PKCS7_sign_add_signer(p7, signcert, pkey, NULL, flags)) { - PKCS7error(PKCS7_R_PKCS7_ADD_SIGNER_ERROR); - goto err; - } - - if (!(flags & PKCS7_NOCERTS)) { - for (i = 0; i < sk_X509_num(certs); i++) { - if (!PKCS7_add_certificate(p7, sk_X509_value(certs, i))) - goto err; - } - } - - if (flags & PKCS7_DETACHED) - PKCS7_set_detached(p7, 1); - - if (flags & (PKCS7_STREAM|PKCS7_PARTIAL)) - return p7; - - if (PKCS7_final(p7, data, flags)) - return p7; - -err: - PKCS7_free(p7); - return NULL; -} -LCRYPTO_ALIAS(PKCS7_sign); - -int -PKCS7_final(PKCS7 *p7, BIO *data, int flags) -{ - BIO *p7bio; - int ret = 0; - - if (!(p7bio = PKCS7_dataInit(p7, NULL))) { - PKCS7error(ERR_R_MALLOC_FAILURE); - return 0; - } - - SMIME_crlf_copy(data, p7bio, flags); - - (void)BIO_flush(p7bio); - - if (!PKCS7_dataFinal(p7, p7bio)) { - PKCS7error(PKCS7_R_PKCS7_DATASIGN); - goto err; - } - - ret = 1; - -err: - BIO_free_all(p7bio); - - return ret; -} -LCRYPTO_ALIAS(PKCS7_final); - -/* Check to see if a cipher exists and if so add S/MIME capabilities */ - -static int -add_cipher_smcap(STACK_OF(X509_ALGOR) *sk, int nid, int arg) -{ - if (EVP_get_cipherbynid(nid)) - return PKCS7_simple_smimecap(sk, nid, arg); - return 1; -} - -PKCS7_SIGNER_INFO * -PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert, EVP_PKEY *pkey, - const EVP_MD *md, int flags) -{ - PKCS7_SIGNER_INFO *si = NULL; - STACK_OF(X509_ALGOR) *smcap = NULL; - - if (!X509_check_private_key(signcert, pkey)) { - PKCS7error(PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE); - return NULL; - } - - if (!(si = PKCS7_add_signature(p7, signcert, pkey, md))) { - PKCS7error(PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR); - return NULL; - } - - if (!(flags & PKCS7_NOCERTS)) { - if (!PKCS7_add_certificate(p7, signcert)) - goto err; - } - - if (!(flags & PKCS7_NOATTR)) { - if (!PKCS7_add_attrib_content_type(si, NULL)) - goto err; - /* Add SMIMECapabilities */ - if (!(flags & PKCS7_NOSMIMECAP)) { - if (!(smcap = sk_X509_ALGOR_new_null())) { - PKCS7error(ERR_R_MALLOC_FAILURE); - goto err; - } - if (!add_cipher_smcap(smcap, NID_aes_256_cbc, -1) || - !add_cipher_smcap(smcap, NID_aes_192_cbc, -1) || - !add_cipher_smcap(smcap, NID_aes_128_cbc, -1) || - !add_cipher_smcap(smcap, NID_des_ede3_cbc, -1) || - !add_cipher_smcap(smcap, NID_rc2_cbc, 128) || - !add_cipher_smcap(smcap, NID_rc2_cbc, 64) || - !add_cipher_smcap(smcap, NID_des_cbc, -1) || - !add_cipher_smcap(smcap, NID_rc2_cbc, 40) || - !PKCS7_add_attrib_smimecap(si, smcap)) - goto err; - sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free); - smcap = NULL; - } - if (flags & PKCS7_REUSE_DIGEST) { - if (!pkcs7_copy_existing_digest(p7, si)) - goto err; - if (!(flags & PKCS7_PARTIAL) && - !PKCS7_SIGNER_INFO_sign(si)) - goto err; - } - } - return si; - -err: - if (smcap) - sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free); - return NULL; -} -LCRYPTO_ALIAS(PKCS7_sign_add_signer); - -/* Search for a digest matching SignerInfo digest type and if found - * copy across. - */ - -static int -pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si) -{ - int i; - STACK_OF(PKCS7_SIGNER_INFO) *sinfos; - PKCS7_SIGNER_INFO *sitmp; - ASN1_OCTET_STRING *osdig = NULL; - - sinfos = PKCS7_get_signer_info(p7); - for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++) { - sitmp = sk_PKCS7_SIGNER_INFO_value(sinfos, i); - if (si == sitmp) - break; - if (sk_X509_ATTRIBUTE_num(sitmp->auth_attr) <= 0) - continue; - if (!OBJ_cmp(si->digest_alg->algorithm, - sitmp->digest_alg->algorithm)) { - osdig = PKCS7_digest_from_attributes(sitmp->auth_attr); - break; - } - - } - - if (osdig) - return PKCS7_add1_attrib_digest(si, osdig->data, osdig->length); - - PKCS7error(PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND); - return 0; -} - -int -PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, - BIO *out, int flags) -{ - STACK_OF(X509) *signers; - X509 *signer; - STACK_OF(PKCS7_SIGNER_INFO) *sinfos; - PKCS7_SIGNER_INFO *si; - X509_STORE_CTX cert_ctx; - char buf[4096]; - int i, j = 0, k, ret = 0; - BIO *p7bio; - BIO *tmpin, *tmpout; - - if (!p7) { - PKCS7error(PKCS7_R_INVALID_NULL_POINTER); - return 0; - } - - if (!PKCS7_type_is_signed(p7)) { - PKCS7error(PKCS7_R_WRONG_CONTENT_TYPE); - return 0; - } - - /* Check for no data and no content: no data to verify signature */ - if (PKCS7_get_detached(p7) && !indata) { - PKCS7error(PKCS7_R_NO_CONTENT); - return 0; - } - - /* - * Very old Netscape illegally included empty content with - * a detached signature. Very old users should upgrade. - */ - /* Check for data and content: two sets of data */ - if (!PKCS7_get_detached(p7) && indata) { - PKCS7error(PKCS7_R_CONTENT_AND_DATA_PRESENT); - return 0; - } - - sinfos = PKCS7_get_signer_info(p7); - - if (!sinfos || !sk_PKCS7_SIGNER_INFO_num(sinfos)) { - PKCS7error(PKCS7_R_NO_SIGNATURES_ON_DATA); - return 0; - } - - - signers = PKCS7_get0_signers(p7, certs, flags); - - if (!signers) - return 0; - - /* Now verify the certificates */ - - if (!(flags & PKCS7_NOVERIFY)) - for (k = 0; k < sk_X509_num(signers); k++) { - signer = sk_X509_value (signers, k); - if (!(flags & PKCS7_NOCHAIN)) { - if (!X509_STORE_CTX_init(&cert_ctx, store, - signer, p7->d.sign->cert)) { - PKCS7error(ERR_R_X509_LIB); - sk_X509_free(signers); - return 0; - } - if (X509_STORE_CTX_set_default(&cert_ctx, - "smime_sign") == 0) { - sk_X509_free(signers); - return 0; - } - } else if (!X509_STORE_CTX_init(&cert_ctx, store, - signer, NULL)) { - PKCS7error(ERR_R_X509_LIB); - sk_X509_free(signers); - return 0; - } - if (!(flags & PKCS7_NOCRL)) - X509_STORE_CTX_set0_crls(&cert_ctx, p7->d.sign->crl); - i = X509_verify_cert(&cert_ctx); - if (i <= 0) - j = X509_STORE_CTX_get_error(&cert_ctx); - X509_STORE_CTX_cleanup(&cert_ctx); - if (i <= 0) { - PKCS7error(PKCS7_R_CERTIFICATE_VERIFY_ERROR); - ERR_asprintf_error_data("Verify error:%s", - X509_verify_cert_error_string(j)); - sk_X509_free(signers); - return 0; - } - /* Check for revocation status here */ - } - - /* - * Performance optimization: if the content is a memory BIO then - * store its contents in a temporary read only memory BIO. This - * avoids potentially large numbers of slow copies of data which will - * occur when reading from a read write memory BIO when signatures - * are calculated. - */ - if (indata && (BIO_method_type(indata) == BIO_TYPE_MEM)) { - char *ptr; - long len; - - len = BIO_get_mem_data(indata, &ptr); - tmpin = BIO_new_mem_buf(ptr, len); - if (tmpin == NULL) { - PKCS7error(ERR_R_MALLOC_FAILURE); - return 0; - } - } else - tmpin = indata; - - - if (!(p7bio = PKCS7_dataInit(p7, tmpin))) - goto err; - - if (flags & PKCS7_TEXT) { - if (!(tmpout = BIO_new(BIO_s_mem()))) { - PKCS7error(ERR_R_MALLOC_FAILURE); - goto err; - } - BIO_set_mem_eof_return(tmpout, 0); - } else - tmpout = out; - - /* We now have to 'read' from p7bio to calculate digests etc. */ - for (;;) { - i = BIO_read(p7bio, buf, sizeof(buf)); - if (i <= 0) - break; - if (tmpout) - BIO_write(tmpout, buf, i); - } - - if (flags & PKCS7_TEXT) { - if (!SMIME_text(tmpout, out)) { - PKCS7error(PKCS7_R_SMIME_TEXT_ERROR); - BIO_free(tmpout); - goto err; - } - BIO_free(tmpout); - } - - /* Now Verify All Signatures */ - if (!(flags & PKCS7_NOSIGS)) - for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++) { - si = sk_PKCS7_SIGNER_INFO_value(sinfos, i); - signer = sk_X509_value (signers, i); - j = PKCS7_signatureVerify(p7bio, p7, si, signer); - if (j <= 0) { - PKCS7error(PKCS7_R_SIGNATURE_FAILURE); - goto err; - } - } - - ret = 1; - -err: - if (tmpin == indata) { - if (indata) - BIO_pop(p7bio); - } - BIO_free_all(p7bio); - sk_X509_free(signers); - - return ret; -} -LCRYPTO_ALIAS(PKCS7_verify); - -STACK_OF(X509) * -PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags) -{ - STACK_OF(X509) *signers; - STACK_OF(PKCS7_SIGNER_INFO) *sinfos; - PKCS7_SIGNER_INFO *si; - PKCS7_ISSUER_AND_SERIAL *ias; - X509 *signer; - int i; - - if (!p7) { - PKCS7error(PKCS7_R_INVALID_NULL_POINTER); - return NULL; - } - - if (!PKCS7_type_is_signed(p7)) { - PKCS7error(PKCS7_R_WRONG_CONTENT_TYPE); - return NULL; - } - - /* Collect all the signers together */ - sinfos = PKCS7_get_signer_info(p7); - if (sk_PKCS7_SIGNER_INFO_num(sinfos) <= 0) { - PKCS7error(PKCS7_R_NO_SIGNERS); - return 0; - } - - if (!(signers = sk_X509_new_null())) { - PKCS7error(ERR_R_MALLOC_FAILURE); - return NULL; - } - - for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++) { - si = sk_PKCS7_SIGNER_INFO_value(sinfos, i); - ias = si->issuer_and_serial; - signer = NULL; - /* If any certificates passed they take priority */ - if (certs) - signer = X509_find_by_issuer_and_serial (certs, - ias->issuer, ias->serial); - if (!signer && !(flags & PKCS7_NOINTERN) && p7->d.sign->cert) - signer = - X509_find_by_issuer_and_serial(p7->d.sign->cert, - ias->issuer, ias->serial); - if (!signer) { - PKCS7error(PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND); - sk_X509_free(signers); - return 0; - } - - if (!sk_X509_push(signers, signer)) { - sk_X509_free(signers); - return NULL; - } - } - return signers; -} -LCRYPTO_ALIAS(PKCS7_get0_signers); - -/* Build a complete PKCS#7 enveloped data */ - -PKCS7 * -PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, - int flags) -{ - PKCS7 *p7; - BIO *p7bio = NULL; - int i; - X509 *x509; - - if (!(p7 = PKCS7_new())) { - PKCS7error(ERR_R_MALLOC_FAILURE); - return NULL; - } - - if (!PKCS7_set_type(p7, NID_pkcs7_enveloped)) - goto err; - if (!PKCS7_set_cipher(p7, cipher)) { - PKCS7error(PKCS7_R_ERROR_SETTING_CIPHER); - goto err; - } - - for (i = 0; i < sk_X509_num(certs); i++) { - x509 = sk_X509_value(certs, i); - if (!PKCS7_add_recipient(p7, x509)) { - PKCS7error(PKCS7_R_ERROR_ADDING_RECIPIENT); - goto err; - } - } - - if (flags & PKCS7_STREAM) - return p7; - - if (PKCS7_final(p7, in, flags)) - return p7; - -err: - BIO_free_all(p7bio); - PKCS7_free(p7); - return NULL; -} -LCRYPTO_ALIAS(PKCS7_encrypt); - -int -PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags) -{ - BIO *tmpmem; - int ret, i; - char buf[4096]; - - if (!p7) { - PKCS7error(PKCS7_R_INVALID_NULL_POINTER); - return 0; - } - - if (!PKCS7_type_is_enveloped(p7)) { - PKCS7error(PKCS7_R_WRONG_CONTENT_TYPE); - return 0; - } - - if (cert && !X509_check_private_key(cert, pkey)) { - PKCS7error(PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE); - return 0; - } - - if (!(tmpmem = PKCS7_dataDecode(p7, pkey, NULL, cert))) { - PKCS7error(PKCS7_R_DECRYPT_ERROR); - return 0; - } - - if (flags & PKCS7_TEXT) { - BIO *tmpbuf; - - /* Encrypt BIOs can't do BIO_gets() so add a buffer BIO */ - if (!(tmpbuf = BIO_new(BIO_f_buffer()))) { - PKCS7error(ERR_R_MALLOC_FAILURE); - BIO_free_all(tmpmem); - return 0; - } - BIO_push(tmpbuf, tmpmem); - ret = SMIME_text(tmpbuf, data); - if (ret > 0 && BIO_method_type(tmpmem) == BIO_TYPE_CIPHER) { - if (!BIO_get_cipher_status(tmpmem)) - ret = 0; - } - BIO_free_all(tmpbuf); - return ret; - } else { - for (;;) { - i = BIO_read(tmpmem, buf, sizeof(buf)); - if (i <= 0) { - ret = 1; - if (BIO_method_type(tmpmem) == - BIO_TYPE_CIPHER) { - if (!BIO_get_cipher_status(tmpmem)) - ret = 0; - } - break; - } - if (BIO_write(data, buf, i) != i) { - ret = 0; - break; - } - } - BIO_free_all(tmpmem); - return ret; - } -} -LCRYPTO_ALIAS(PKCS7_decrypt); diff --git a/src/lib/libcrypto/pkcs7/pkcs7.h b/src/lib/libcrypto/pkcs7/pkcs7.h deleted file mode 100644 index 6fd5adf457..0000000000 --- a/src/lib/libcrypto/pkcs7/pkcs7.h +++ /dev/null @@ -1,510 +0,0 @@ -/* $OpenBSD: pkcs7.h,v 1.22 2024/10/23 01:57:19 jsg Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_PKCS7_H -#define HEADER_PKCS7_H - -#include - -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* -Encryption_ID DES-CBC -Digest_ID MD5 -Digest_Encryption_ID rsaEncryption -Key_Encryption_ID rsaEncryption -*/ - -typedef struct pkcs7_issuer_and_serial_st { - X509_NAME *issuer; - ASN1_INTEGER *serial; -} PKCS7_ISSUER_AND_SERIAL; - -typedef struct pkcs7_signer_info_st { - ASN1_INTEGER *version; /* version 1 */ - PKCS7_ISSUER_AND_SERIAL *issuer_and_serial; - X509_ALGOR *digest_alg; - STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */ - X509_ALGOR *digest_enc_alg; - ASN1_OCTET_STRING *enc_digest; - STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */ - - /* The private key to sign with */ - EVP_PKEY *pkey; -} PKCS7_SIGNER_INFO; - -DECLARE_STACK_OF(PKCS7_SIGNER_INFO) - -typedef struct pkcs7_recip_info_st { - ASN1_INTEGER *version; /* version 0 */ - PKCS7_ISSUER_AND_SERIAL *issuer_and_serial; - X509_ALGOR *key_enc_algor; - ASN1_OCTET_STRING *enc_key; - X509 *cert; /* get the pub-key from this */ -} PKCS7_RECIP_INFO; - -DECLARE_STACK_OF(PKCS7_RECIP_INFO) - -typedef struct pkcs7_signed_st { - ASN1_INTEGER *version; /* version 1 */ - STACK_OF(X509_ALGOR) *md_algs; /* md used */ - STACK_OF(X509) *cert; /* [ 0 ] */ - STACK_OF(X509_CRL) *crl; /* [ 1 ] */ - STACK_OF(PKCS7_SIGNER_INFO) *signer_info; - - struct pkcs7_st *contents; -} PKCS7_SIGNED; -/* The above structure is very very similar to PKCS7_SIGN_ENVELOPE. - * How about merging the two */ - -typedef struct pkcs7_enc_content_st { - ASN1_OBJECT *content_type; - X509_ALGOR *algorithm; - ASN1_OCTET_STRING *enc_data; /* [ 0 ] */ - const EVP_CIPHER *cipher; -} PKCS7_ENC_CONTENT; - -typedef struct pkcs7_enveloped_st { - ASN1_INTEGER *version; /* version 0 */ - STACK_OF(PKCS7_RECIP_INFO) *recipientinfo; - PKCS7_ENC_CONTENT *enc_data; -} PKCS7_ENVELOPE; - -typedef struct pkcs7_signedandenveloped_st { - ASN1_INTEGER *version; /* version 1 */ - STACK_OF(X509_ALGOR) *md_algs; /* md used */ - STACK_OF(X509) *cert; /* [ 0 ] */ - STACK_OF(X509_CRL) *crl; /* [ 1 ] */ - STACK_OF(PKCS7_SIGNER_INFO) *signer_info; - - PKCS7_ENC_CONTENT *enc_data; - STACK_OF(PKCS7_RECIP_INFO) *recipientinfo; -} PKCS7_SIGN_ENVELOPE; - -typedef struct pkcs7_digest_st { - ASN1_INTEGER *version; /* version 0 */ - X509_ALGOR *md; /* md used */ - struct pkcs7_st *contents; - ASN1_OCTET_STRING *digest; -} PKCS7_DIGEST; - -typedef struct pkcs7_encrypted_st { - ASN1_INTEGER *version; /* version 0 */ - PKCS7_ENC_CONTENT *enc_data; -} PKCS7_ENCRYPT; - -typedef struct pkcs7_st { - /* The following is non NULL if it contains ASN1 encoding of - * this structure */ - unsigned char *asn1; - long length; - -#define PKCS7_S_HEADER 0 -#define PKCS7_S_BODY 1 -#define PKCS7_S_TAIL 2 - int state; /* used during processing */ - - int detached; - - ASN1_OBJECT *type; - /* content as defined by the type */ - /* all encryption/message digests are applied to the 'contents', - * leaving out the 'type' field. */ - union { - char *ptr; - - /* NID_pkcs7_data */ - ASN1_OCTET_STRING *data; - - /* NID_pkcs7_signed */ - PKCS7_SIGNED *sign; - - /* NID_pkcs7_enveloped */ - PKCS7_ENVELOPE *enveloped; - - /* NID_pkcs7_signedAndEnveloped */ - PKCS7_SIGN_ENVELOPE *signed_and_enveloped; - - /* NID_pkcs7_digest */ - PKCS7_DIGEST *digest; - - /* NID_pkcs7_encrypted */ - PKCS7_ENCRYPT *encrypted; - - /* Anything else */ - ASN1_TYPE *other; - } d; -} PKCS7; - -DECLARE_STACK_OF(PKCS7) -DECLARE_PKCS12_STACK_OF(PKCS7) - -#define PKCS7_OP_SET_DETACHED_SIGNATURE 1 -#define PKCS7_OP_GET_DETACHED_SIGNATURE 2 - -#define PKCS7_get_signed_attributes(si) ((si)->auth_attr) -#define PKCS7_get_attributes(si) ((si)->unauth_attr) - -#define PKCS7_type_is_signed(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_signed) -#define PKCS7_type_is_encrypted(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted) -#define PKCS7_type_is_enveloped(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_enveloped) -#define PKCS7_type_is_signedAndEnveloped(a) \ - (OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped) -#define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data) -#define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest) -#define PKCS7_type_is_encrypted(a) \ - (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted) - -#define PKCS7_set_detached(p,v) \ - PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL) -#define PKCS7_get_detached(p) \ - PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL) - -#define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7)) - -/* S/MIME related flags */ - -#define PKCS7_TEXT 0x1 -#define PKCS7_NOCERTS 0x2 -#define PKCS7_NOSIGS 0x4 -#define PKCS7_NOCHAIN 0x8 -#define PKCS7_NOINTERN 0x10 -#define PKCS7_NOVERIFY 0x20 -#define PKCS7_DETACHED 0x40 -#define PKCS7_BINARY 0x80 -#define PKCS7_NOATTR 0x100 -#define PKCS7_NOSMIMECAP 0x200 -#define PKCS7_NOOLDMIMETYPE 0x400 -#define PKCS7_CRLFEOL 0x800 -#define PKCS7_STREAM 0x1000 -#define PKCS7_NOCRL 0x2000 -#define PKCS7_PARTIAL 0x4000 -#define PKCS7_REUSE_DIGEST 0x8000 - -/* Flags: for compatibility with older code */ - -#define SMIME_TEXT PKCS7_TEXT -#define SMIME_NOCERTS PKCS7_NOCERTS -#define SMIME_NOSIGS PKCS7_NOSIGS -#define SMIME_NOCHAIN PKCS7_NOCHAIN -#define SMIME_NOINTERN PKCS7_NOINTERN -#define SMIME_NOVERIFY PKCS7_NOVERIFY -#define SMIME_DETACHED PKCS7_DETACHED -#define SMIME_BINARY PKCS7_BINARY -#define SMIME_NOATTR PKCS7_NOATTR - -PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new(void); -void PKCS7_ISSUER_AND_SERIAL_free(PKCS7_ISSUER_AND_SERIAL *a); -PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL(PKCS7_ISSUER_AND_SERIAL **a, const unsigned char **in, long len); -int i2d_PKCS7_ISSUER_AND_SERIAL(PKCS7_ISSUER_AND_SERIAL *a, unsigned char **out); -extern const ASN1_ITEM PKCS7_ISSUER_AND_SERIAL_it; - -int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data, - const EVP_MD *type, unsigned char *md, unsigned int *len); -PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7); -int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7); -PKCS7 *PKCS7_dup(PKCS7 *p7); -PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7); -int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7); -int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags); -int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *in, int flags); - -PKCS7_SIGNER_INFO *PKCS7_SIGNER_INFO_new(void); -void PKCS7_SIGNER_INFO_free(PKCS7_SIGNER_INFO *a); -PKCS7_SIGNER_INFO *d2i_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO **a, const unsigned char **in, long len); -int i2d_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO *a, unsigned char **out); -extern const ASN1_ITEM PKCS7_SIGNER_INFO_it; -PKCS7_RECIP_INFO *PKCS7_RECIP_INFO_new(void); -void PKCS7_RECIP_INFO_free(PKCS7_RECIP_INFO *a); -PKCS7_RECIP_INFO *d2i_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO **a, const unsigned char **in, long len); -int i2d_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO *a, unsigned char **out); -extern const ASN1_ITEM PKCS7_RECIP_INFO_it; -PKCS7_SIGNED *PKCS7_SIGNED_new(void); -void PKCS7_SIGNED_free(PKCS7_SIGNED *a); -PKCS7_SIGNED *d2i_PKCS7_SIGNED(PKCS7_SIGNED **a, const unsigned char **in, long len); -int i2d_PKCS7_SIGNED(PKCS7_SIGNED *a, unsigned char **out); -extern const ASN1_ITEM PKCS7_SIGNED_it; -PKCS7_ENC_CONTENT *PKCS7_ENC_CONTENT_new(void); -void PKCS7_ENC_CONTENT_free(PKCS7_ENC_CONTENT *a); -PKCS7_ENC_CONTENT *d2i_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT **a, const unsigned char **in, long len); -int i2d_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT *a, unsigned char **out); -extern const ASN1_ITEM PKCS7_ENC_CONTENT_it; -PKCS7_ENVELOPE *PKCS7_ENVELOPE_new(void); -void PKCS7_ENVELOPE_free(PKCS7_ENVELOPE *a); -PKCS7_ENVELOPE *d2i_PKCS7_ENVELOPE(PKCS7_ENVELOPE **a, const unsigned char **in, long len); -int i2d_PKCS7_ENVELOPE(PKCS7_ENVELOPE *a, unsigned char **out); -extern const ASN1_ITEM PKCS7_ENVELOPE_it; -PKCS7_SIGN_ENVELOPE *PKCS7_SIGN_ENVELOPE_new(void); -void PKCS7_SIGN_ENVELOPE_free(PKCS7_SIGN_ENVELOPE *a); -PKCS7_SIGN_ENVELOPE *d2i_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE **a, const unsigned char **in, long len); -int i2d_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE *a, unsigned char **out); -extern const ASN1_ITEM PKCS7_SIGN_ENVELOPE_it; -PKCS7_DIGEST *PKCS7_DIGEST_new(void); -void PKCS7_DIGEST_free(PKCS7_DIGEST *a); -PKCS7_DIGEST *d2i_PKCS7_DIGEST(PKCS7_DIGEST **a, const unsigned char **in, long len); -int i2d_PKCS7_DIGEST(PKCS7_DIGEST *a, unsigned char **out); -extern const ASN1_ITEM PKCS7_DIGEST_it; -PKCS7_ENCRYPT *PKCS7_ENCRYPT_new(void); -void PKCS7_ENCRYPT_free(PKCS7_ENCRYPT *a); -PKCS7_ENCRYPT *d2i_PKCS7_ENCRYPT(PKCS7_ENCRYPT **a, const unsigned char **in, long len); -int i2d_PKCS7_ENCRYPT(PKCS7_ENCRYPT *a, unsigned char **out); -extern const ASN1_ITEM PKCS7_ENCRYPT_it; -PKCS7 *PKCS7_new(void); -void PKCS7_free(PKCS7 *a); -PKCS7 *d2i_PKCS7(PKCS7 **a, const unsigned char **in, long len); -int i2d_PKCS7(PKCS7 *a, unsigned char **out); -extern const ASN1_ITEM PKCS7_it; - -extern const ASN1_ITEM PKCS7_ATTR_SIGN_it; -extern const ASN1_ITEM PKCS7_ATTR_VERIFY_it; - -int PKCS7_print_ctx(BIO *out, PKCS7 *x, int indent, const ASN1_PCTX *pctx); - -long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg); - -int PKCS7_set_type(PKCS7 *p7, int type); -int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other); -int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data); -int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, - const EVP_MD *dgst); -int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si); -int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i); -int PKCS7_add_certificate(PKCS7 *p7, X509 *x509); -int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509); -int PKCS7_content_new(PKCS7 *p7, int nid); -int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, - BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si); -int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si, - X509 *x509); - -BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio); -int PKCS7_dataFinal(PKCS7 *p7, BIO *bio); -BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert); - - -PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, - EVP_PKEY *pkey, const EVP_MD *dgst); -X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si); -int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md); -STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7); - -PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509); -void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk, - X509_ALGOR **pdig, X509_ALGOR **psig); -void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc); -int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri); -int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509); -int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher); -int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7); - -PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx); -ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk); -int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int type, - void *data); -int PKCS7_add_attribute (PKCS7_SIGNER_INFO *p7si, int nid, int atrtype, - void *value); -ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid); -ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid); -int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si, - STACK_OF(X509_ATTRIBUTE) *sk); -int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si, STACK_OF(X509_ATTRIBUTE) *sk); - - -PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, - BIO *data, int flags); - -PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, - X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md, - int flags); - -int PKCS7_final(PKCS7 *p7, BIO *data, int flags); -int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, - BIO *indata, BIO *out, int flags); -STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags); -PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, - int flags); -int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags); - -int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, - STACK_OF(X509_ALGOR) *cap); -STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si); -int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg); - -int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid); -int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t); -int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si, - const unsigned char *md, int mdlen); - -int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags); -PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont); - -BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7); - - -void ERR_load_PKCS7_strings(void); - -/* Error codes for the PKCS7 functions. */ - -/* Function codes. */ -#define PKCS7_F_B64_READ_PKCS7 120 -#define PKCS7_F_B64_WRITE_PKCS7 121 -#define PKCS7_F_DO_PKCS7_SIGNED_ATTRIB 136 -#define PKCS7_F_I2D_PKCS7_BIO_STREAM 140 -#define PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME 135 -#define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP 118 -#define PKCS7_F_PKCS7_ADD_CERTIFICATE 100 -#define PKCS7_F_PKCS7_ADD_CRL 101 -#define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO 102 -#define PKCS7_F_PKCS7_ADD_SIGNATURE 131 -#define PKCS7_F_PKCS7_ADD_SIGNER 103 -#define PKCS7_F_PKCS7_BIO_ADD_DIGEST 125 -#define PKCS7_F_PKCS7_COPY_EXISTING_DIGEST 138 -#define PKCS7_F_PKCS7_CTRL 104 -#define PKCS7_F_PKCS7_DATADECODE 112 -#define PKCS7_F_PKCS7_DATAFINAL 128 -#define PKCS7_F_PKCS7_DATAINIT 105 -#define PKCS7_F_PKCS7_DATASIGN 106 -#define PKCS7_F_PKCS7_DATAVERIFY 107 -#define PKCS7_F_PKCS7_DECRYPT 114 -#define PKCS7_F_PKCS7_DECRYPT_RINFO 133 -#define PKCS7_F_PKCS7_ENCODE_RINFO 132 -#define PKCS7_F_PKCS7_ENCRYPT 115 -#define PKCS7_F_PKCS7_FINAL 134 -#define PKCS7_F_PKCS7_FIND_DIGEST 127 -#define PKCS7_F_PKCS7_GET0_SIGNERS 124 -#define PKCS7_F_PKCS7_RECIP_INFO_SET 130 -#define PKCS7_F_PKCS7_SET_CIPHER 108 -#define PKCS7_F_PKCS7_SET_CONTENT 109 -#define PKCS7_F_PKCS7_SET_DIGEST 126 -#define PKCS7_F_PKCS7_SET_TYPE 110 -#define PKCS7_F_PKCS7_SIGN 116 -#define PKCS7_F_PKCS7_SIGNATUREVERIFY 113 -#define PKCS7_F_PKCS7_SIGNER_INFO_SET 129 -#define PKCS7_F_PKCS7_SIGNER_INFO_SIGN 139 -#define PKCS7_F_PKCS7_SIGN_ADD_SIGNER 137 -#define PKCS7_F_PKCS7_SIMPLE_SMIMECAP 119 -#define PKCS7_F_PKCS7_VERIFY 117 -#define PKCS7_F_SMIME_READ_PKCS7 122 -#define PKCS7_F_SMIME_TEXT 123 - -/* Reason codes. */ -#define PKCS7_R_CERTIFICATE_VERIFY_ERROR 117 -#define PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 144 -#define PKCS7_R_CIPHER_NOT_INITIALIZED 116 -#define PKCS7_R_CONTENT_AND_DATA_PRESENT 118 -#define PKCS7_R_CTRL_ERROR 152 -#define PKCS7_R_DECODE_ERROR 130 -#define PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH 100 -#define PKCS7_R_DECRYPT_ERROR 119 -#define PKCS7_R_DIGEST_FAILURE 101 -#define PKCS7_R_ENCRYPTION_CTRL_FAILURE 149 -#define PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 150 -#define PKCS7_R_ERROR_ADDING_RECIPIENT 120 -#define PKCS7_R_ERROR_SETTING_CIPHER 121 -#define PKCS7_R_INVALID_MIME_TYPE 131 -#define PKCS7_R_INVALID_NULL_POINTER 143 -#define PKCS7_R_MIME_NO_CONTENT_TYPE 132 -#define PKCS7_R_MIME_PARSE_ERROR 133 -#define PKCS7_R_MIME_SIG_PARSE_ERROR 134 -#define PKCS7_R_MISSING_CERIPEND_INFO 103 -#define PKCS7_R_NO_CONTENT 122 -#define PKCS7_R_NO_CONTENT_TYPE 135 -#define PKCS7_R_NO_DEFAULT_DIGEST 151 -#define PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND 154 -#define PKCS7_R_NO_MULTIPART_BODY_FAILURE 136 -#define PKCS7_R_NO_MULTIPART_BOUNDARY 137 -#define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE 115 -#define PKCS7_R_NO_RECIPIENT_MATCHES_KEY 146 -#define PKCS7_R_NO_SIGNATURES_ON_DATA 123 -#define PKCS7_R_NO_SIGNERS 142 -#define PKCS7_R_NO_SIG_CONTENT_TYPE 138 -#define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 104 -#define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR 124 -#define PKCS7_R_PKCS7_ADD_SIGNER_ERROR 153 -#define PKCS7_R_PKCS7_DATAFINAL 126 -#define PKCS7_R_PKCS7_DATAFINAL_ERROR 125 -#define PKCS7_R_PKCS7_DATASIGN 145 -#define PKCS7_R_PKCS7_PARSE_ERROR 139 -#define PKCS7_R_PKCS7_SIG_PARSE_ERROR 140 -#define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 127 -#define PKCS7_R_SIGNATURE_FAILURE 105 -#define PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND 128 -#define PKCS7_R_SIGNING_CTRL_FAILURE 147 -#define PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 148 -#define PKCS7_R_SIG_INVALID_MIME_TYPE 141 -#define PKCS7_R_SMIME_TEXT_ERROR 129 -#define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 106 -#define PKCS7_R_UNABLE_TO_FIND_MEM_BIO 107 -#define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST 108 -#define PKCS7_R_UNKNOWN_DIGEST_TYPE 109 -#define PKCS7_R_UNKNOWN_OPERATION 110 -#define PKCS7_R_UNSUPPORTED_CIPHER_TYPE 111 -#define PKCS7_R_UNSUPPORTED_CONTENT_TYPE 112 -#define PKCS7_R_WRONG_CONTENT_TYPE 113 -#define PKCS7_R_WRONG_PKCS7_TYPE 114 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/pkcs7/pkcs7err.c b/src/lib/libcrypto/pkcs7/pkcs7err.c deleted file mode 100644 index d4e6d7cf77..0000000000 --- a/src/lib/libcrypto/pkcs7/pkcs7err.c +++ /dev/null @@ -1,145 +0,0 @@ -/* $OpenBSD: pkcs7err.c,v 1.16 2024/06/24 06:43:22 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include - -#include "err_local.h" - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_PKCS7,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_PKCS7,0,reason) - -static const ERR_STRING_DATA PKCS7_str_functs[] = { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static const ERR_STRING_DATA PKCS7_str_reasons[] = { - {ERR_REASON(PKCS7_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error"}, - {ERR_REASON(PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER), "cipher has no object identifier"}, - {ERR_REASON(PKCS7_R_CIPHER_NOT_INITIALIZED), "cipher not initialized"}, - {ERR_REASON(PKCS7_R_CONTENT_AND_DATA_PRESENT), "content and data present"}, - {ERR_REASON(PKCS7_R_CTRL_ERROR) , "ctrl error"}, - {ERR_REASON(PKCS7_R_DECODE_ERROR) , "decode error"}, - {ERR_REASON(PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH), "decrypted key is wrong length"}, - {ERR_REASON(PKCS7_R_DECRYPT_ERROR) , "decrypt error"}, - {ERR_REASON(PKCS7_R_DIGEST_FAILURE) , "digest failure"}, - {ERR_REASON(PKCS7_R_ENCRYPTION_CTRL_FAILURE), "encryption ctrl failure"}, - {ERR_REASON(PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE), "encryption not supported for this key type"}, - {ERR_REASON(PKCS7_R_ERROR_ADDING_RECIPIENT), "error adding recipient"}, - {ERR_REASON(PKCS7_R_ERROR_SETTING_CIPHER), "error setting cipher"}, - {ERR_REASON(PKCS7_R_INVALID_MIME_TYPE) , "invalid mime type"}, - {ERR_REASON(PKCS7_R_INVALID_NULL_POINTER), "invalid null pointer"}, - {ERR_REASON(PKCS7_R_MIME_NO_CONTENT_TYPE), "mime no content type"}, - {ERR_REASON(PKCS7_R_MIME_PARSE_ERROR) , "mime parse error"}, - {ERR_REASON(PKCS7_R_MIME_SIG_PARSE_ERROR), "mime sig parse error"}, - {ERR_REASON(PKCS7_R_MISSING_CERIPEND_INFO), "missing ceripend info"}, - {ERR_REASON(PKCS7_R_NO_CONTENT) , "no content"}, - {ERR_REASON(PKCS7_R_NO_CONTENT_TYPE) , "no content type"}, - {ERR_REASON(PKCS7_R_NO_DEFAULT_DIGEST) , "no default digest"}, - {ERR_REASON(PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND), "no matching digest type found"}, - {ERR_REASON(PKCS7_R_NO_MULTIPART_BODY_FAILURE), "no multipart body failure"}, - {ERR_REASON(PKCS7_R_NO_MULTIPART_BOUNDARY), "no multipart boundary"}, - {ERR_REASON(PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE), "no recipient matches certificate"}, - {ERR_REASON(PKCS7_R_NO_RECIPIENT_MATCHES_KEY), "no recipient matches key"}, - {ERR_REASON(PKCS7_R_NO_SIGNATURES_ON_DATA), "no signatures on data"}, - {ERR_REASON(PKCS7_R_NO_SIGNERS) , "no signers"}, - {ERR_REASON(PKCS7_R_NO_SIG_CONTENT_TYPE) , "no sig content type"}, - {ERR_REASON(PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE), "operation not supported on this type"}, - {ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR), "pkcs7 add signature error"}, - {ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNER_ERROR), "pkcs7 add signer error"}, - {ERR_REASON(PKCS7_R_PKCS7_DATAFINAL) , "pkcs7 datafinal"}, - {ERR_REASON(PKCS7_R_PKCS7_DATAFINAL_ERROR), "pkcs7 datafinal error"}, - {ERR_REASON(PKCS7_R_PKCS7_DATASIGN) , "pkcs7 datasign"}, - {ERR_REASON(PKCS7_R_PKCS7_PARSE_ERROR) , "pkcs7 parse error"}, - {ERR_REASON(PKCS7_R_PKCS7_SIG_PARSE_ERROR), "pkcs7 sig parse error"}, - {ERR_REASON(PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE), "private key does not match certificate"}, - {ERR_REASON(PKCS7_R_SIGNATURE_FAILURE) , "signature failure"}, - {ERR_REASON(PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND), "signer certificate not found"}, - {ERR_REASON(PKCS7_R_SIGNING_CTRL_FAILURE), "signing ctrl failure"}, - {ERR_REASON(PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE), "signing not supported for this key type"}, - {ERR_REASON(PKCS7_R_SIG_INVALID_MIME_TYPE), "sig invalid mime type"}, - {ERR_REASON(PKCS7_R_SMIME_TEXT_ERROR) , "smime text error"}, - {ERR_REASON(PKCS7_R_UNABLE_TO_FIND_CERTIFICATE), "unable to find certificate"}, - {ERR_REASON(PKCS7_R_UNABLE_TO_FIND_MEM_BIO), "unable to find mem bio"}, - {ERR_REASON(PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST), "unable to find message digest"}, - {ERR_REASON(PKCS7_R_UNKNOWN_DIGEST_TYPE) , "unknown digest type"}, - {ERR_REASON(PKCS7_R_UNKNOWN_OPERATION) , "unknown operation"}, - {ERR_REASON(PKCS7_R_UNSUPPORTED_CIPHER_TYPE), "unsupported cipher type"}, - {ERR_REASON(PKCS7_R_UNSUPPORTED_CONTENT_TYPE), "unsupported content type"}, - {ERR_REASON(PKCS7_R_WRONG_CONTENT_TYPE) , "wrong content type"}, - {ERR_REASON(PKCS7_R_WRONG_PKCS7_TYPE) , "wrong pkcs7 type"}, - {0, NULL} -}; - -#endif - -void -ERR_load_PKCS7_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(PKCS7_str_functs[0].error) == NULL) { - ERR_load_const_strings(PKCS7_str_functs); - ERR_load_const_strings(PKCS7_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_PKCS7_strings); diff --git a/src/lib/libcrypto/poly1305/poly1305-donna.c b/src/lib/libcrypto/poly1305/poly1305-donna.c deleted file mode 100644 index 773ea4ebe7..0000000000 --- a/src/lib/libcrypto/poly1305/poly1305-donna.c +++ /dev/null @@ -1,321 +0,0 @@ -/* $OpenBSD: poly1305-donna.c,v 1.3 2014/06/12 15:49:30 deraadt Exp $ */ -/* - * Public Domain poly1305 from Andrew Moon - * Based on poly1305-donna.c, poly1305-donna-32.h and poly1305-donna.h from: - * https://github.com/floodyberry/poly1305-donna - */ - -#include - -static inline void poly1305_init(poly1305_context *ctx, - const unsigned char key[32]); -static inline void poly1305_update(poly1305_context *ctx, - const unsigned char *m, size_t bytes); -static inline void poly1305_finish(poly1305_context *ctx, - unsigned char mac[16]); - -/* - * poly1305 implementation using 32 bit * 32 bit = 64 bit multiplication - * and 64 bit addition. - */ - -#define poly1305_block_size 16 - -/* 17 + sizeof(size_t) + 14*sizeof(unsigned long) */ -typedef struct poly1305_state_internal_t { - unsigned long r[5]; - unsigned long h[5]; - unsigned long pad[4]; - size_t leftover; - unsigned char buffer[poly1305_block_size]; - unsigned char final; -} poly1305_state_internal_t; - -/* interpret four 8 bit unsigned integers as a 32 bit unsigned integer in little endian */ -static unsigned long -U8TO32(const unsigned char *p) -{ - return (((unsigned long)(p[0] & 0xff)) | - ((unsigned long)(p[1] & 0xff) << 8) | - ((unsigned long)(p[2] & 0xff) << 16) | - ((unsigned long)(p[3] & 0xff) << 24)); -} - -/* store a 32 bit unsigned integer as four 8 bit unsigned integers in little endian */ -static void -U32TO8(unsigned char *p, unsigned long v) -{ - p[0] = (v) & 0xff; - p[1] = (v >> 8) & 0xff; - p[2] = (v >> 16) & 0xff; - p[3] = (v >> 24) & 0xff; -} - -static inline void -poly1305_init(poly1305_context *ctx, const unsigned char key[32]) -{ - poly1305_state_internal_t *st = (poly1305_state_internal_t *)ctx; - - /* r &= 0xffffffc0ffffffc0ffffffc0fffffff */ - st->r[0] = (U8TO32(&key[0])) & 0x3ffffff; - st->r[1] = (U8TO32(&key[3]) >> 2) & 0x3ffff03; - st->r[2] = (U8TO32(&key[6]) >> 4) & 0x3ffc0ff; - st->r[3] = (U8TO32(&key[9]) >> 6) & 0x3f03fff; - st->r[4] = (U8TO32(&key[12]) >> 8) & 0x00fffff; - - /* h = 0 */ - st->h[0] = 0; - st->h[1] = 0; - st->h[2] = 0; - st->h[3] = 0; - st->h[4] = 0; - - /* save pad for later */ - st->pad[0] = U8TO32(&key[16]); - st->pad[1] = U8TO32(&key[20]); - st->pad[2] = U8TO32(&key[24]); - st->pad[3] = U8TO32(&key[28]); - - st->leftover = 0; - st->final = 0; -} - -static void -poly1305_blocks(poly1305_state_internal_t *st, const unsigned char *m, size_t bytes) -{ - const unsigned long hibit = (st->final) ? 0 : (1 << 24); /* 1 << 128 */ - unsigned long r0, r1, r2, r3, r4; - unsigned long s1, s2, s3, s4; - unsigned long h0, h1, h2, h3, h4; - unsigned long long d0, d1, d2, d3, d4; - unsigned long c; - - r0 = st->r[0]; - r1 = st->r[1]; - r2 = st->r[2]; - r3 = st->r[3]; - r4 = st->r[4]; - - s1 = r1 * 5; - s2 = r2 * 5; - s3 = r3 * 5; - s4 = r4 * 5; - - h0 = st->h[0]; - h1 = st->h[1]; - h2 = st->h[2]; - h3 = st->h[3]; - h4 = st->h[4]; - - while (bytes >= poly1305_block_size) { - /* h += m[i] */ - h0 += (U8TO32(m + 0)) & 0x3ffffff; - h1 += (U8TO32(m + 3) >> 2) & 0x3ffffff; - h2 += (U8TO32(m + 6) >> 4) & 0x3ffffff; - h3 += (U8TO32(m + 9) >> 6) & 0x3ffffff; - h4 += (U8TO32(m + 12) >> 8) | hibit; - - /* h *= r */ - d0 = ((unsigned long long)h0 * r0) + - ((unsigned long long)h1 * s4) + - ((unsigned long long)h2 * s3) + - ((unsigned long long)h3 * s2) + - ((unsigned long long)h4 * s1); - d1 = ((unsigned long long)h0 * r1) + - ((unsigned long long)h1 * r0) + - ((unsigned long long)h2 * s4) + - ((unsigned long long)h3 * s3) + - ((unsigned long long)h4 * s2); - d2 = ((unsigned long long)h0 * r2) + - ((unsigned long long)h1 * r1) + - ((unsigned long long)h2 * r0) + - ((unsigned long long)h3 * s4) + - ((unsigned long long)h4 * s3); - d3 = ((unsigned long long)h0 * r3) + - ((unsigned long long)h1 * r2) + - ((unsigned long long)h2 * r1) + - ((unsigned long long)h3 * r0) + - ((unsigned long long)h4 * s4); - d4 = ((unsigned long long)h0 * r4) + - ((unsigned long long)h1 * r3) + - ((unsigned long long)h2 * r2) + - ((unsigned long long)h3 * r1) + - ((unsigned long long)h4 * r0); - - /* (partial) h %= p */ - c = (unsigned long)(d0 >> 26); - h0 = (unsigned long)d0 & 0x3ffffff; - d1 += c; - c = (unsigned long)(d1 >> 26); - h1 = (unsigned long)d1 & 0x3ffffff; - d2 += c; - c = (unsigned long)(d2 >> 26); - h2 = (unsigned long)d2 & 0x3ffffff; - d3 += c; - c = (unsigned long)(d3 >> 26); - h3 = (unsigned long)d3 & 0x3ffffff; - d4 += c; - c = (unsigned long)(d4 >> 26); - h4 = (unsigned long)d4 & 0x3ffffff; - h0 += c * 5; - c = (h0 >> 26); - h0 = h0 & 0x3ffffff; - h1 += c; - - m += poly1305_block_size; - bytes -= poly1305_block_size; - } - - st->h[0] = h0; - st->h[1] = h1; - st->h[2] = h2; - st->h[3] = h3; - st->h[4] = h4; -} - -static inline void -poly1305_update(poly1305_context *ctx, const unsigned char *m, size_t bytes) -{ - poly1305_state_internal_t *st = (poly1305_state_internal_t *)ctx; - size_t i; - - /* handle leftover */ - if (st->leftover) { - size_t want = (poly1305_block_size - st->leftover); - if (want > bytes) - want = bytes; - for (i = 0; i < want; i++) - st->buffer[st->leftover + i] = m[i]; - bytes -= want; - m += want; - st->leftover += want; - if (st->leftover < poly1305_block_size) - return; - poly1305_blocks(st, st->buffer, poly1305_block_size); - st->leftover = 0; - } - - /* process full blocks */ - if (bytes >= poly1305_block_size) { - size_t want = (bytes & ~(poly1305_block_size - 1)); - poly1305_blocks(st, m, want); - m += want; - bytes -= want; - } - - /* store leftover */ - if (bytes) { - for (i = 0; i < bytes; i++) - st->buffer[st->leftover + i] = m[i]; - st->leftover += bytes; - } -} - -static inline void -poly1305_finish(poly1305_context *ctx, unsigned char mac[16]) -{ - poly1305_state_internal_t *st = (poly1305_state_internal_t *)ctx; - unsigned long h0, h1, h2, h3, h4, c; - unsigned long g0, g1, g2, g3, g4; - unsigned long long f; - unsigned long mask; - - /* process the remaining block */ - if (st->leftover) { - size_t i = st->leftover; - st->buffer[i++] = 1; - for (; i < poly1305_block_size; i++) - st->buffer[i] = 0; - st->final = 1; - poly1305_blocks(st, st->buffer, poly1305_block_size); - } - - /* fully carry h */ - h0 = st->h[0]; - h1 = st->h[1]; - h2 = st->h[2]; - h3 = st->h[3]; - h4 = st->h[4]; - - c = h1 >> 26; - h1 = h1 & 0x3ffffff; - h2 += c; - c = h2 >> 26; - h2 = h2 & 0x3ffffff; - h3 += c; - c = h3 >> 26; - h3 = h3 & 0x3ffffff; - h4 += c; - c = h4 >> 26; - h4 = h4 & 0x3ffffff; - h0 += c * 5; - c = h0 >> 26; - h0 = h0 & 0x3ffffff; - h1 += c; - - /* compute h + -p */ - g0 = h0 + 5; - c = g0 >> 26; - g0 &= 0x3ffffff; - g1 = h1 + c; - c = g1 >> 26; - g1 &= 0x3ffffff; - g2 = h2 + c; - c = g2 >> 26; - g2 &= 0x3ffffff; - g3 = h3 + c; - c = g3 >> 26; - g3 &= 0x3ffffff; - g4 = h4 + c - (1 << 26); - - /* select h if h < p, or h + -p if h >= p */ - mask = (g4 >> ((sizeof(unsigned long) * 8) - 1)) - 1; - g0 &= mask; - g1 &= mask; - g2 &= mask; - g3 &= mask; - g4 &= mask; - mask = ~mask; - h0 = (h0 & mask) | g0; - h1 = (h1 & mask) | g1; - h2 = (h2 & mask) | g2; - h3 = (h3 & mask) | g3; - h4 = (h4 & mask) | g4; - - /* h = h % (2^128) */ - h0 = ((h0) | (h1 << 26)) & 0xffffffff; - h1 = ((h1 >> 6) | (h2 << 20)) & 0xffffffff; - h2 = ((h2 >> 12) | (h3 << 14)) & 0xffffffff; - h3 = ((h3 >> 18) | (h4 << 8)) & 0xffffffff; - - /* mac = (h + pad) % (2^128) */ - f = (unsigned long long)h0 + st->pad[0]; - h0 = (unsigned long)f; - f = (unsigned long long)h1 + st->pad[1] + (f >> 32); - h1 = (unsigned long)f; - f = (unsigned long long)h2 + st->pad[2] + (f >> 32); - h2 = (unsigned long)f; - f = (unsigned long long)h3 + st->pad[3] + (f >> 32); - h3 = (unsigned long)f; - - U32TO8(mac + 0, h0); - U32TO8(mac + 4, h1); - U32TO8(mac + 8, h2); - U32TO8(mac + 12, h3); - - /* zero out the state */ - st->h[0] = 0; - st->h[1] = 0; - st->h[2] = 0; - st->h[3] = 0; - st->h[4] = 0; - st->r[0] = 0; - st->r[1] = 0; - st->r[2] = 0; - st->r[3] = 0; - st->r[4] = 0; - st->pad[0] = 0; - st->pad[1] = 0; - st->pad[2] = 0; - st->pad[3] = 0; -} diff --git a/src/lib/libcrypto/poly1305/poly1305.c b/src/lib/libcrypto/poly1305/poly1305.c deleted file mode 100644 index a34e8f8e88..0000000000 --- a/src/lib/libcrypto/poly1305/poly1305.c +++ /dev/null @@ -1,41 +0,0 @@ -/* $OpenBSD: poly1305.c,v 1.4 2023/07/07 12:01:32 beck Exp $ */ -/* - * Copyright (c) 2014 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include "poly1305-donna.c" - -void -CRYPTO_poly1305_init(poly1305_context *ctx, const unsigned char key[32]) -{ - poly1305_init(ctx, key); -} -LCRYPTO_ALIAS(CRYPTO_poly1305_init); - -void -CRYPTO_poly1305_update(poly1305_context *ctx, const unsigned char *in, - size_t len) -{ - poly1305_update(ctx, in, len); -} -LCRYPTO_ALIAS(CRYPTO_poly1305_update); - -void -CRYPTO_poly1305_finish(poly1305_context *ctx, unsigned char mac[16]) -{ - poly1305_finish(ctx, mac); -} -LCRYPTO_ALIAS(CRYPTO_poly1305_finish); diff --git a/src/lib/libcrypto/poly1305/poly1305.h b/src/lib/libcrypto/poly1305/poly1305.h deleted file mode 100644 index f5383355a6..0000000000 --- a/src/lib/libcrypto/poly1305/poly1305.h +++ /dev/null @@ -1,45 +0,0 @@ -/* $OpenBSD: poly1305.h,v 1.4 2025/01/25 17:59:44 tb Exp $ */ -/* - * Copyright (c) 2014 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_POLY1305_H -#define HEADER_POLY1305_H - -#include - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct poly1305_context { - size_t aligner; - unsigned char opaque[136]; -} poly1305_context; - -typedef struct poly1305_context poly1305_state; - -void CRYPTO_poly1305_init(poly1305_context *ctx, const unsigned char key[32]); -void CRYPTO_poly1305_update(poly1305_context *ctx, const unsigned char *in, - size_t len); -void CRYPTO_poly1305_finish(poly1305_context *ctx, unsigned char mac[16]); - -#ifdef __cplusplus -} -#endif - -#endif /* HEADER_POLY1305_H */ diff --git a/src/lib/libcrypto/rand/rand.h b/src/lib/libcrypto/rand/rand.h deleted file mode 100644 index 1a2c8f715f..0000000000 --- a/src/lib/libcrypto/rand/rand.h +++ /dev/null @@ -1,118 +0,0 @@ -/* $OpenBSD: rand.h,v 1.25 2024/04/10 14:53:01 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#ifndef HEADER_RAND_H -#define HEADER_RAND_H - -#include - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* Already defined in ossl_typ.h */ -/* typedef struct rand_meth_st RAND_METHOD; */ - -struct rand_meth_st { - void (*seed)(const void *buf, int num); - int (*bytes)(unsigned char *buf, int num); - void (*cleanup)(void); - void (*add)(const void *buf, int num, double entropy); - int (*pseudorand)(unsigned char *buf, int num); - int (*status)(void); -}; - -int RAND_set_rand_method(const RAND_METHOD *meth); -const RAND_METHOD *RAND_get_rand_method(void); -RAND_METHOD *RAND_SSLeay(void); - -void RAND_cleanup(void ); -int RAND_bytes(unsigned char *buf, int num); -int RAND_pseudo_bytes(unsigned char *buf, int num); -void RAND_seed(const void *buf, int num); -void RAND_add(const void *buf, int num, double entropy); -int RAND_load_file(const char *file, long max_bytes); -int RAND_write_file(const char *file); -const char *RAND_file_name(char *file, size_t num); -int RAND_status(void); -int RAND_poll(void); - -void ERR_load_RAND_strings(void); - -/* Error codes for the RAND functions. (no longer used) */ - -/* Function codes. */ -#define RAND_F_RAND_GET_RAND_METHOD 101 -#define RAND_F_RAND_INIT_FIPS 102 -#define RAND_F_SSLEAY_RAND_BYTES 100 - -/* Reason codes. */ -#define RAND_R_DUAL_EC_DRBG_DISABLED 104 -#define RAND_R_ERROR_INITIALISING_DRBG 102 -#define RAND_R_ERROR_INSTANTIATING_DRBG 103 -#define RAND_R_NO_FIPS_RANDOM_METHOD_SET 101 -#define RAND_R_PRNG_NOT_SEEDED 100 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/rand/rand_err.c b/src/lib/libcrypto/rand/rand_err.c deleted file mode 100644 index 1f0e251207..0000000000 --- a/src/lib/libcrypto/rand/rand_err.c +++ /dev/null @@ -1,96 +0,0 @@ -/* $OpenBSD: rand_err.c,v 1.18 2024/06/24 06:43:22 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include - -#include "err_local.h" - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_RAND,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_RAND,0,reason) - -static const ERR_STRING_DATA RAND_str_functs[] = { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static const ERR_STRING_DATA RAND_str_reasons[] = { - {ERR_REASON(RAND_R_DUAL_EC_DRBG_DISABLED), "dual ec drbg disabled"}, - {ERR_REASON(RAND_R_ERROR_INITIALISING_DRBG), "error initialising drbg"}, - {ERR_REASON(RAND_R_ERROR_INSTANTIATING_DRBG), "error instantiating drbg"}, - {ERR_REASON(RAND_R_NO_FIPS_RANDOM_METHOD_SET), "no fips random method set"}, - {ERR_REASON(RAND_R_PRNG_NOT_SEEDED) , "PRNG not seeded"}, - {0, NULL} -}; - -#endif - -void -ERR_load_RAND_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(RAND_str_functs[0].error) == NULL) { - ERR_load_const_strings(RAND_str_functs); - ERR_load_const_strings(RAND_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_RAND_strings); diff --git a/src/lib/libcrypto/rand/rand_lib.c b/src/lib/libcrypto/rand/rand_lib.c deleted file mode 100644 index 0c9810f848..0000000000 --- a/src/lib/libcrypto/rand/rand_lib.c +++ /dev/null @@ -1,102 +0,0 @@ -/* $OpenBSD: rand_lib.c,v 1.24 2024/04/10 14:53:01 beck Exp $ */ -/* - * Copyright (c) 2014 Ted Unangst - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include - -#include - -/* - * The useful functions in this file are at the bottom. - */ -int -RAND_set_rand_method(const RAND_METHOD *meth) -{ - return 1; -} -LCRYPTO_ALIAS(RAND_set_rand_method); - -const RAND_METHOD * -RAND_get_rand_method(void) -{ - return NULL; -} -LCRYPTO_ALIAS(RAND_get_rand_method); - -RAND_METHOD * -RAND_SSLeay(void) -{ - return NULL; -} -LCRYPTO_ALIAS(RAND_SSLeay); - -void -RAND_cleanup(void) -{ - -} -LCRYPTO_ALIAS(RAND_cleanup); - -void -RAND_seed(const void *buf, int num) -{ - -} -LCRYPTO_ALIAS(RAND_seed); - -void -RAND_add(const void *buf, int num, double entropy) -{ - -} -LCRYPTO_ALIAS(RAND_add); - -int -RAND_status(void) -{ - return 1; -} -LCRYPTO_ALIAS(RAND_status); - -int -RAND_poll(void) -{ - return 1; -} -LCRYPTO_ALIAS(RAND_poll); - -/* - * Hurray. You've made it to the good parts. - */ -int -RAND_bytes(unsigned char *buf, int num) -{ - if (num > 0) - arc4random_buf(buf, num); - return 1; -} -LCRYPTO_ALIAS(RAND_bytes); - -int -RAND_pseudo_bytes(unsigned char *buf, int num) -{ - if (num > 0) - arc4random_buf(buf, num); - return 1; -} -LCRYPTO_ALIAS(RAND_pseudo_bytes); diff --git a/src/lib/libcrypto/rand/randfile.c b/src/lib/libcrypto/rand/randfile.c deleted file mode 100644 index 5fdfcb8dd3..0000000000 --- a/src/lib/libcrypto/rand/randfile.c +++ /dev/null @@ -1,146 +0,0 @@ -/* $OpenBSD: randfile.c,v 1.45 2024/04/10 14:53:01 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include -#include - -#include -#include -#include - -#include -#include -#include - -#undef BUFSIZE -#define BUFSIZE 1024 -#define RAND_DATA 1024 - -/* Note that these functions should not be used. */ - -int -RAND_load_file(const char *file, long bytes) -{ - /* the "whole" file */ - if (bytes == -1) - return 123456; - else - return bytes; -} -LCRYPTO_ALIAS(RAND_load_file); - -int -RAND_write_file(const char *file) -{ - unsigned char buf[BUFSIZE]; - int i, ret = 0; - FILE *out = NULL; - int n, fd; - struct stat sb; - - /* - * If this file is a device, avoid opening it. - * XXX TOCTOU - */ - if (stat(file, &sb) != -1 && - (S_ISBLK(sb.st_mode) || S_ISCHR(sb.st_mode))) { - return (1); - } - - fd = open(file, O_WRONLY|O_CREAT, 0600); - if (fd == -1) - return (1); - out = fdopen(fd, "wb"); - - if (out == NULL) { - close(fd); - return (1); - } - - n = RAND_DATA; - for (;;) { - i = (n > BUFSIZE) ? BUFSIZE : n; - n -= BUFSIZE; - arc4random_buf(buf, i); - i = fwrite(buf, 1, i, out); - if (i <= 0) { - ret = 0; - break; - } - ret += i; - if (n <= 0) - break; - } - - fclose(out); - explicit_bzero(buf, BUFSIZE); - return ret; -} -LCRYPTO_ALIAS(RAND_write_file); - -const char * -RAND_file_name(char * buf, size_t size) -{ - if (strlcpy(buf, "/dev/urandom", size) >= size) - return (NULL); - return buf; -} -LCRYPTO_ALIAS(RAND_file_name); diff --git a/src/lib/libcrypto/rc2/rc2.h b/src/lib/libcrypto/rc2/rc2.h deleted file mode 100644 index 96e395f32d..0000000000 --- a/src/lib/libcrypto/rc2/rc2.h +++ /dev/null @@ -1,96 +0,0 @@ -/* $OpenBSD: rc2.h,v 1.13 2025/01/25 17:59:44 tb Exp $ */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_RC2_H -#define HEADER_RC2_H - -#include /* OPENSSL_NO_RC2, RC2_INT */ - -#define RC2_ENCRYPT 1 -#define RC2_DECRYPT 0 - -#define RC2_BLOCK 8 -#define RC2_KEY_LENGTH 16 - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct rc2_key_st { - RC2_INT data[64]; -} RC2_KEY; - -void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits); -void RC2_ecb_encrypt(const unsigned char *in, unsigned char *out, RC2_KEY *key, - int enc); -void RC2_encrypt(unsigned long *data, RC2_KEY *key); -void RC2_decrypt(unsigned long *data, RC2_KEY *key); -void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, - RC2_KEY *ks, unsigned char *iv, int enc); -void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out, - long length, RC2_KEY *schedule, unsigned char *ivec, - int *num, int enc); -void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out, - long length, RC2_KEY *schedule, unsigned char *ivec, - int *num); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/rc2/rc2_cbc.c b/src/lib/libcrypto/rc2/rc2_cbc.c deleted file mode 100644 index 1d8e2def99..0000000000 --- a/src/lib/libcrypto/rc2/rc2_cbc.c +++ /dev/null @@ -1,236 +0,0 @@ -/* $OpenBSD: rc2_cbc.c,v 1.8 2023/07/07 13:40:44 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "rc2_local.h" - -void -RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, - RC2_KEY *ks, unsigned char *iv, int encrypt) -{ - unsigned long tin0, tin1; - unsigned long tout0, tout1, xor0, xor1; - long l = length; - unsigned long tin[2]; - - if (encrypt) { - c2l(iv, tout0); - c2l(iv, tout1); - iv -= 8; - for (l -= 8; l >= 0; l -= 8) - { - c2l(in, tin0); - c2l(in, tin1); - tin0 ^= tout0; - tin1 ^= tout1; - tin[0] = tin0; - tin[1] = tin1; - RC2_encrypt(tin, ks); - tout0 = tin[0]; - l2c(tout0, out); - tout1 = tin[1]; - l2c(tout1, out); - } - if (l != -8) { - c2ln(in, tin0, tin1, l + 8); - tin0 ^= tout0; - tin1 ^= tout1; - tin[0] = tin0; - tin[1] = tin1; - RC2_encrypt(tin, ks); - tout0 = tin[0]; - l2c(tout0, out); - tout1 = tin[1]; - l2c(tout1, out); - } - l2c(tout0, iv); - l2c(tout1, iv); - } else { - c2l(iv, xor0); - c2l(iv, xor1); - iv -= 8; - for (l -= 8; l >= 0; l -= 8) - { - c2l(in, tin0); - tin[0] = tin0; - c2l(in, tin1); - tin[1] = tin1; - RC2_decrypt(tin, ks); - tout0 = tin[0] ^ xor0; - tout1 = tin[1] ^ xor1; - l2c(tout0, out); - l2c(tout1, out); - xor0 = tin0; - xor1 = tin1; - } - if (l != -8) { - c2l(in, tin0); - tin[0] = tin0; - c2l(in, tin1); - tin[1] = tin1; - RC2_decrypt(tin, ks); - tout0 = tin[0] ^ xor0; - tout1 = tin[1] ^ xor1; - l2cn(tout0, tout1, out, l + 8); - xor0 = tin0; - xor1 = tin1; - } - l2c(xor0, iv); - l2c(xor1, iv); - } - tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0; - tin[0] = tin[1] = 0; -} -LCRYPTO_ALIAS(RC2_cbc_encrypt); - -void -RC2_encrypt(unsigned long *d, RC2_KEY *key) -{ - int i, n; - RC2_INT *p0, *p1; - RC2_INT x0, x1, x2, x3, t; - unsigned long l; - - l = d[0]; - x0 = (RC2_INT)l & 0xffff; - x1 = (RC2_INT)(l >> 16L); - l = d[1]; - x2 = (RC2_INT)l & 0xffff; - x3 = (RC2_INT)(l >> 16L); - - n = 3; - i = 5; - - p0 = p1 = &(key->data[0]); - for (;;) { - t = (x0 + (x1 & ~x3) + (x2 & x3) + *(p0++)) & 0xffff; - x0 = (t << 1)|(t >> 15); - t = (x1 + (x2 & ~x0) + (x3 & x0) + *(p0++)) & 0xffff; - x1 = (t << 2)|(t >> 14); - t = (x2 + (x3 & ~x1) + (x0 & x1) + *(p0++)) & 0xffff; - x2 = (t << 3)|(t >> 13); - t = (x3 + (x0 & ~x2) + (x1 & x2) + *(p0++)) & 0xffff; - x3 = (t << 5)|(t >> 11); - - if (--i == 0) { - if (--n == 0) - break; - i = (n == 2) ? 6 : 5; - - x0 += p1[x3 & 0x3f]; - x1 += p1[x0 & 0x3f]; - x2 += p1[x1 & 0x3f]; - x3 += p1[x2 & 0x3f]; - } - } - - d[0] = (unsigned long)(x0 & 0xffff)|((unsigned long)(x1 & 0xffff) << - 16L); - d[1] = (unsigned long)(x2 & 0xffff)|((unsigned long)(x3 & 0xffff) << - 16L); -} -LCRYPTO_ALIAS(RC2_encrypt); - -void -RC2_decrypt(unsigned long *d, RC2_KEY *key) -{ - int i, n; - RC2_INT *p0, *p1; - RC2_INT x0, x1, x2, x3, t; - unsigned long l; - - l = d[0]; - x0 = (RC2_INT)l & 0xffff; - x1 = (RC2_INT)(l >> 16L); - l = d[1]; - x2 = (RC2_INT)l & 0xffff; - x3 = (RC2_INT)(l >> 16L); - - n = 3; - i = 5; - - p0 = &(key->data[63]); - p1 = &(key->data[0]); - for (;;) { - t = ((x3 << 11)|(x3 >> 5)) & 0xffff; - x3 = (t - (x0 & ~x2) - (x1 & x2) - *(p0--)) & 0xffff; - t = ((x2 << 13)|(x2 >> 3)) & 0xffff; - x2 = (t - (x3 & ~x1) - (x0 & x1) - *(p0--)) & 0xffff; - t = ((x1 << 14)|(x1 >> 2)) & 0xffff; - x1 = (t - (x2 & ~x0) - (x3 & x0) - *(p0--)) & 0xffff; - t = ((x0 << 15)|(x0 >> 1)) & 0xffff; - x0 = (t - (x1 & ~x3) - (x2 & x3) - *(p0--)) & 0xffff; - - if (--i == 0) { - if (--n == 0) - break; - i = (n == 2) ? 6 : 5; - - x3 = (x3 - p1[x2 & 0x3f]) & 0xffff; - x2 = (x2 - p1[x1 & 0x3f]) & 0xffff; - x1 = (x1 - p1[x0 & 0x3f]) & 0xffff; - x0 = (x0 - p1[x3 & 0x3f]) & 0xffff; - } - } - - d[0] = (unsigned long)(x0 & 0xffff)|((unsigned long)(x1 & 0xffff) << - 16L); - d[1] = (unsigned long)(x2 & 0xffff)|((unsigned long)(x3 & 0xffff) << - 16L); -} -LCRYPTO_ALIAS(RC2_decrypt); diff --git a/src/lib/libcrypto/rc2/rc2_ecb.c b/src/lib/libcrypto/rc2/rc2_ecb.c deleted file mode 100644 index 6a3c8098eb..0000000000 --- a/src/lib/libcrypto/rc2/rc2_ecb.c +++ /dev/null @@ -1,91 +0,0 @@ -/* $OpenBSD: rc2_ecb.c,v 1.9 2023/07/07 13:40:44 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "rc2_local.h" -#include - -/* RC2 as implemented frm a posting from - * Newsgroups: sci.crypt - * Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann) - * Subject: Specification for Ron Rivests Cipher No.2 - * Message-ID: <4fk39f$f70@net.auckland.ac.nz> - * Date: 11 Feb 1996 06:45:03 GMT - */ - -void -RC2_ecb_encrypt(const unsigned char *in, unsigned char *out, RC2_KEY *ks, - int encrypt) -{ - unsigned long l, d[2]; - - c2l(in, l); - d[0] = l; - c2l(in, l); - d[1] = l; - if (encrypt) - RC2_encrypt(d, ks); - else - RC2_decrypt(d, ks); - l = d[0]; - l2c(l, out); - l = d[1]; - l2c(l, out); - l = d[0] = d[1] = 0; -} -LCRYPTO_ALIAS(RC2_ecb_encrypt); diff --git a/src/lib/libcrypto/rc2/rc2_local.h b/src/lib/libcrypto/rc2/rc2_local.h deleted file mode 100644 index dd5598760e..0000000000 --- a/src/lib/libcrypto/rc2/rc2_local.h +++ /dev/null @@ -1,112 +0,0 @@ -/* $OpenBSD: rc2_local.h,v 1.3 2024/03/29 05:03:48 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#undef c2l -#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \ - l|=((unsigned long)(*((c)++)))<< 8L, \ - l|=((unsigned long)(*((c)++)))<<16L, \ - l|=((unsigned long)(*((c)++)))<<24L) - -/* NOTE - c is not incremented as per c2l */ -#undef c2ln -#define c2ln(c,l1,l2,n) { \ - c+=n; \ - l1=l2=0; \ - switch (n) { \ - case 8: l2 =((unsigned long)(*(--(c))))<<24L; \ - case 7: l2|=((unsigned long)(*(--(c))))<<16L; \ - case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \ - case 5: l2|=((unsigned long)(*(--(c)))); \ - case 4: l1 =((unsigned long)(*(--(c))))<<24L; \ - case 3: l1|=((unsigned long)(*(--(c))))<<16L; \ - case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \ - case 1: l1|=((unsigned long)(*(--(c)))); \ - } \ - } - -#undef l2c -#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>24L)&0xff)) - -/* NOTE - c is not incremented as per l2c */ -#undef l2cn -#define l2cn(l1,l2,c,n) { \ - c+=n; \ - switch (n) { \ - case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff);\ - case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff);\ - case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff);\ - case 5: *(--(c))=(unsigned char)(((l2) )&0xff);\ - case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff);\ - case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff);\ - case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff);\ - case 1: *(--(c))=(unsigned char)(((l1) )&0xff);\ - } \ - } - -#define C_RC2(n) \ - t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff; \ - x0=(t<<1)|(t>>15); \ - t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff; \ - x1=(t<<2)|(t>>14); \ - t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff; \ - x2=(t<<3)|(t>>13); \ - t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff; \ - x3=(t<<5)|(t>>11); diff --git a/src/lib/libcrypto/rc2/rc2_skey.c b/src/lib/libcrypto/rc2/rc2_skey.c deleted file mode 100644 index d33c02da8c..0000000000 --- a/src/lib/libcrypto/rc2/rc2_skey.c +++ /dev/null @@ -1,142 +0,0 @@ -/* $OpenBSD: rc2_skey.c,v 1.15 2023/07/07 13:40:44 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "rc2_local.h" - -static const unsigned char key_table[256]={ - 0xd9,0x78,0xf9,0xc4,0x19,0xdd,0xb5,0xed,0x28,0xe9,0xfd,0x79, - 0x4a,0xa0,0xd8,0x9d,0xc6,0x7e,0x37,0x83,0x2b,0x76,0x53,0x8e, - 0x62,0x4c,0x64,0x88,0x44,0x8b,0xfb,0xa2,0x17,0x9a,0x59,0xf5, - 0x87,0xb3,0x4f,0x13,0x61,0x45,0x6d,0x8d,0x09,0x81,0x7d,0x32, - 0xbd,0x8f,0x40,0xeb,0x86,0xb7,0x7b,0x0b,0xf0,0x95,0x21,0x22, - 0x5c,0x6b,0x4e,0x82,0x54,0xd6,0x65,0x93,0xce,0x60,0xb2,0x1c, - 0x73,0x56,0xc0,0x14,0xa7,0x8c,0xf1,0xdc,0x12,0x75,0xca,0x1f, - 0x3b,0xbe,0xe4,0xd1,0x42,0x3d,0xd4,0x30,0xa3,0x3c,0xb6,0x26, - 0x6f,0xbf,0x0e,0xda,0x46,0x69,0x07,0x57,0x27,0xf2,0x1d,0x9b, - 0xbc,0x94,0x43,0x03,0xf8,0x11,0xc7,0xf6,0x90,0xef,0x3e,0xe7, - 0x06,0xc3,0xd5,0x2f,0xc8,0x66,0x1e,0xd7,0x08,0xe8,0xea,0xde, - 0x80,0x52,0xee,0xf7,0x84,0xaa,0x72,0xac,0x35,0x4d,0x6a,0x2a, - 0x96,0x1a,0xd2,0x71,0x5a,0x15,0x49,0x74,0x4b,0x9f,0xd0,0x5e, - 0x04,0x18,0xa4,0xec,0xc2,0xe0,0x41,0x6e,0x0f,0x51,0xcb,0xcc, - 0x24,0x91,0xaf,0x50,0xa1,0xf4,0x70,0x39,0x99,0x7c,0x3a,0x85, - 0x23,0xb8,0xb4,0x7a,0xfc,0x02,0x36,0x5b,0x25,0x55,0x97,0x31, - 0x2d,0x5d,0xfa,0x98,0xe3,0x8a,0x92,0xae,0x05,0xdf,0x29,0x10, - 0x67,0x6c,0xba,0xc9,0xd3,0x00,0xe6,0xcf,0xe1,0x9e,0xa8,0x2c, - 0x63,0x16,0x01,0x3f,0x58,0xe2,0x89,0xa9,0x0d,0x38,0x34,0x1b, - 0xab,0x33,0xff,0xb0,0xbb,0x48,0x0c,0x5f,0xb9,0xb1,0xcd,0x2e, - 0xc5,0xf3,0xdb,0x47,0xe5,0xa5,0x9c,0x77,0x0a,0xa6,0x20,0x68, - 0xfe,0x7f,0xc1,0xad, - }; - -/* It has come to my attention that there are 2 versions of the RC2 - * key schedule. One which is normal, and anther which has a hook to - * use a reduced key length. - * BSAFE uses the 'retarded' version. What I previously shipped is - * the same as specifying 1024 for the 'bits' parameter. Bsafe uses - * a version where the bits parameter is the same as len*8 */ -void -RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) -{ - int i, j; - unsigned char *k; - RC2_INT *ki; - unsigned int c, d; - - k = (unsigned char *)&(key->data[0]); - *k = 0; /* for if there is a zero length key */ - - if (len > 128) - len = 128; - if (bits <= 0) - bits = 1024; - if (bits > 1024) - bits = 1024; - - for (i = 0; i < len; i++) - k[i] = data[i]; - - /* expand table */ - d = k[len - 1]; - j = 0; - for (i = len; i < 128; i++, j++) - { - d = key_table[(k[j] + d) & 0xff]; - k[i] = d; - } - - /* hmm.... key reduction to 'bits' bits */ - - j = (bits + 7) >> 3; - i = 128 - j; - c = (0xff >> (-bits & 0x07)); - - d = key_table[k[i] & c]; - k[i] = d; - while (i--) { - d = key_table[k[i + j] ^ d]; - k[i] = d; - } - - /* copy from bytes into RC2_INT's */ - ki = &(key->data[63]); - for (i = 127; i >= 0; i -= 2) - *(ki--) = ((k[i] << 8)|k[i - 1]) & 0xffff; -} -LCRYPTO_ALIAS(RC2_set_key); diff --git a/src/lib/libcrypto/rc2/rc2cfb64.c b/src/lib/libcrypto/rc2/rc2cfb64.c deleted file mode 100644 index 21266c430b..0000000000 --- a/src/lib/libcrypto/rc2/rc2cfb64.c +++ /dev/null @@ -1,124 +0,0 @@ -/* $OpenBSD: rc2cfb64.c,v 1.8 2023/07/07 13:40:44 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "rc2_local.h" - -/* The input and output encrypted as though 64bit cfb mode is being - * used. The extra state information to record how much of the - * 64bit block we have used is contained in *num; - */ - -void -RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out, - long length, RC2_KEY *schedule, unsigned char *ivec, - int *num, int encrypt) -{ - unsigned long v0, v1, t; - int n = *num; - long l = length; - unsigned long ti[2]; - unsigned char *iv, c, cc; - - iv = (unsigned char *)ivec; - if (encrypt) { - while (l--) { - if (n == 0) { - c2l(iv, v0); - ti[0] = v0; - c2l(iv, v1); - ti[1] = v1; - RC2_encrypt((unsigned long *)ti, schedule); - iv = (unsigned char *)ivec; - t = ti[0]; - l2c(t, iv); - t = ti[1]; - l2c(t, iv); - iv = (unsigned char *)ivec; - } - c = *(in++) ^ iv[n]; - *(out++) = c; - iv[n] = c; - n = (n + 1) & 0x07; - } - } else { - while (l--) { - if (n == 0) { - c2l(iv, v0); - ti[0] = v0; - c2l(iv, v1); - ti[1] = v1; - RC2_encrypt((unsigned long *)ti, schedule); - iv = (unsigned char *)ivec; - t = ti[0]; - l2c(t, iv); - t = ti[1]; - l2c(t, iv); - iv = (unsigned char *)ivec; - } - cc = *(in++); - c = iv[n]; - iv[n] = cc; - *(out++) = c ^ cc; - n = (n + 1) & 0x07; - } - } - v0 = v1 = ti[0] = ti[1] = t = c = cc = 0; - *num = n; -} -LCRYPTO_ALIAS(RC2_cfb64_encrypt); diff --git a/src/lib/libcrypto/rc2/rc2ofb64.c b/src/lib/libcrypto/rc2/rc2ofb64.c deleted file mode 100644 index 73d8323e92..0000000000 --- a/src/lib/libcrypto/rc2/rc2ofb64.c +++ /dev/null @@ -1,111 +0,0 @@ -/* $OpenBSD: rc2ofb64.c,v 1.8 2023/07/07 13:40:44 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "rc2_local.h" - -/* The input and output encrypted as though 64bit ofb mode is being - * used. The extra state information to record how much of the - * 64bit block we have used is contained in *num; - */ -void -RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out, - long length, RC2_KEY *schedule, unsigned char *ivec, - int *num) -{ - unsigned long v0, v1, t; - int n = *num; - long l = length; - unsigned char d[8]; - char *dp; - unsigned long ti[2]; - unsigned char *iv; - int save = 0; - - iv = (unsigned char *)ivec; - c2l(iv, v0); - c2l(iv, v1); - ti[0] = v0; - ti[1] = v1; - dp = (char *)d; - l2c(v0, dp); - l2c(v1, dp); - while (l--) { - if (n == 0) { - RC2_encrypt((unsigned long *)ti, schedule); - dp = (char *)d; - t = ti[0]; - l2c(t, dp); - t = ti[1]; - l2c(t, dp); - save++; - } - *(out++) = *(in++) ^ d[n]; - n = (n + 1) & 0x07; - } - if (save) { - v0 = ti[0]; - v1 = ti[1]; - iv = (unsigned char *)ivec; - l2c(v0, iv); - l2c(v1, iv); - } - t = v0 = v1 = ti[0] = ti[1] = 0; - *num = n; -} -LCRYPTO_ALIAS(RC2_ofb64_encrypt); diff --git a/src/lib/libcrypto/rc2/rrc2.doc b/src/lib/libcrypto/rc2/rrc2.doc deleted file mode 100644 index f93ee003d2..0000000000 --- a/src/lib/libcrypto/rc2/rrc2.doc +++ /dev/null @@ -1,219 +0,0 @@ ->From cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news Mon Feb 12 18:48:17 EST 1996 -Article 23601 of sci.crypt: -Path: cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news ->From: pgut01@cs.auckland.ac.nz (Peter Gutmann) -Newsgroups: sci.crypt -Subject: Specification for Ron Rivests Cipher No.2 -Date: 11 Feb 1996 06:45:03 GMT -Organization: University of Auckland -Lines: 203 -Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann) -Message-ID: <4fk39f$f70@net.auckland.ac.nz> -NNTP-Posting-Host: cs26.cs.auckland.ac.nz -X-Newsreader: NN version 6.5.0 #3 (NOV) - - - - - Ron Rivest's Cipher No.2 - ------------------------ - -Ron Rivest's Cipher No.2 (hereafter referred to as RRC.2, other people may -refer to it by other names) is word oriented, operating on a block of 64 bits -divided into four 16-bit words, with a key table of 64 words. All data units -are little-endian. This functional description of the algorithm is based in -the paper "The RC5 Encryption Algorithm" (RC5 is a trademark of RSADSI), using -the same general layout, terminology, and pseudocode style. - - -Notation and RRC.2 Primitive Operations - -RRC.2 uses the following primitive operations: - -1. Two's-complement addition of words, denoted by "+". The inverse operation, - subtraction, is denoted by "-". -2. Bitwise exclusive OR, denoted by "^". -3. Bitwise AND, denoted by "&". -4. Bitwise NOT, denoted by "~". -5. A left-rotation of words; the rotation of word x left by y is denoted - x <<< y. The inverse operation, right-rotation, is denoted x >>> y. - -These operations are directly and efficiently supported by most processors. - - -The RRC.2 Algorithm - -RRC.2 consists of three components, a *key expansion* algorithm, an -*encryption* algorithm, and a *decryption* algorithm. - - -Key Expansion - -The purpose of the key-expansion routine is to expand the user's key K to fill -the expanded key array S, so S resembles an array of random binary words -determined by the user's secret key K. - -Initialising the S-box - -RRC.2 uses a single 256-byte S-box derived from the ciphertext contents of -Beale Cipher No.1 XOR'd with a one-time pad. The Beale Ciphers predate modern -cryptography by enough time that there should be no concerns about trapdoors -hidden in the data. They have been published widely, and the S-box can be -easily recreated from the one-time pad values and the Beale Cipher data taken -from a standard source. To initialise the S-box: - - for i = 0 to 255 do - sBox[ i ] = ( beale[ i ] mod 256 ) ^ pad[ i ] - -The contents of Beale Cipher No.1 and the necessary one-time pad are given as -an appendix at the end of this document. For efficiency, implementors may wish -to skip the Beale Cipher expansion and store the sBox table directly. - -Expanding the Secret Key to 128 Bytes - -The secret key is first expanded to fill 128 bytes (64 words). The expansion -consists of taking the sum of the first and last bytes in the user key, looking -up the sum (modulo 256) in the S-box, and appending the result to the key. The -operation is repeated with the second byte and new last byte of the key until -all 128 bytes have been generated. Note that the following pseudocode treats -the S array as an array of 128 bytes rather than 64 words. - - for j = 0 to length-1 do - S[ j ] = K[ j ] - for j = length to 127 do - s[ j ] = sBox[ ( S[ j-length ] + S[ j-1 ] ) mod 256 ]; - -At this point it is possible to perform a truncation of the effective key -length to ease the creation of espionage-enabled software products. However -since the author cannot conceive why anyone would want to do this, it will not -be considered further. - -The final phase of the key expansion involves replacing the first byte of S -with the entry selected from the S-box: - - S[ 0 ] = sBox[ S[ 0 ] ] - - -Encryption - -The cipher has 16 full rounds, each divided into 4 subrounds. Two of the full -rounds perform an additional transformation on the data. Note that the -following pseudocode treats the S array as an array of 64 words rather than 128 -bytes. - - for i = 0 to 15 do - j = i * 4; - word0 = ( word0 + ( word1 & ~word3 ) + ( word2 & word3 ) + S[ j+0 ] ) <<< 1 - word1 = ( word1 + ( word2 & ~word0 ) + ( word3 & word0 ) + S[ j+1 ] ) <<< 2 - word2 = ( word2 + ( word3 & ~word1 ) + ( word0 & word1 ) + S[ j+2 ] ) <<< 3 - word3 = ( word3 + ( word0 & ~word2 ) + ( word1 & word2 ) + S[ j+3 ] ) <<< 5 - -In addition the fifth and eleventh rounds add the contents of the S-box indexed -by one of the data words to another of the data words following the four -subrounds as follows: - - word0 = word0 + S[ word3 & 63 ]; - word1 = word1 + S[ word0 & 63 ]; - word2 = word2 + S[ word1 & 63 ]; - word3 = word3 + S[ word2 & 63 ]; - - -Decryption - -The decryption operation is simply the inverse of the encryption operation. -Note that the following pseudocode treats the S array as an array of 64 words -rather than 128 bytes. - - for i = 15 downto 0 do - j = i * 4; - word3 = ( word3 >>> 5 ) - ( word0 & ~word2 ) - ( word1 & word2 ) - S[ j+3 ] - word2 = ( word2 >>> 3 ) - ( word3 & ~word1 ) - ( word0 & word1 ) - S[ j+2 ] - word1 = ( word1 >>> 2 ) - ( word2 & ~word0 ) - ( word3 & word0 ) - S[ j+1 ] - word0 = ( word0 >>> 1 ) - ( word1 & ~word3 ) - ( word2 & word3 ) - S[ j+0 ] - -In addition the fifth and eleventh rounds subtract the contents of the S-box -indexed by one of the data words from another one of the data words following -the four subrounds as follows: - - word3 = word3 - S[ word2 & 63 ] - word2 = word2 - S[ word1 & 63 ] - word1 = word1 - S[ word0 & 63 ] - word0 = word0 - S[ word3 & 63 ] - - -Test Vectors - -The following test vectors may be used to test the correctness of an RRC.2 -implementation: - - Key: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 - Plain: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 - Cipher: 0x1C, 0x19, 0x8A, 0x83, 0x8D, 0xF0, 0x28, 0xB7 - - Key: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 - Plain: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 - Cipher: 0x21, 0x82, 0x9C, 0x78, 0xA9, 0xF9, 0xC0, 0x74 - - Key: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 - Plain: 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF - Cipher: 0x13, 0xDB, 0x35, 0x17, 0xD3, 0x21, 0x86, 0x9E - - Key: 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F - Plain: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 - Cipher: 0x50, 0xDC, 0x01, 0x62, 0xBD, 0x75, 0x7F, 0x31 - - -Appendix: Beale Cipher No.1, "The Locality of the Vault", and One-time Pad for - Creating the S-Box - -Beale Cipher No.1. - - 71, 194, 38,1701, 89, 76, 11, 83,1629, 48, 94, 63, 132, 16, 111, 95, - 84, 341, 975, 14, 40, 64, 27, 81, 139, 213, 63, 90,1120, 8, 15, 3, - 126,2018, 40, 74, 758, 485, 604, 230, 436, 664, 582, 150, 251, 284, 308, 231, - 124, 211, 486, 225, 401, 370, 11, 101, 305, 139, 189, 17, 33, 88, 208, 193, - 145, 1, 94, 73, 416, 918, 263, 28, 500, 538, 356, 117, 136, 219, 27, 176, - 130, 10, 460, 25, 485, 18, 436, 65, 84, 200, 283, 118, 320, 138, 36, 416, - 280, 15, 71, 224, 961, 44, 16, 401, 39, 88, 61, 304, 12, 21, 24, 283, - 134, 92, 63, 246, 486, 682, 7, 219, 184, 360, 780, 18, 64, 463, 474, 131, - 160, 79, 73, 440, 95, 18, 64, 581, 34, 69, 128, 367, 460, 17, 81, 12, - 103, 820, 62, 110, 97, 103, 862, 70, 60,1317, 471, 540, 208, 121, 890, 346, - 36, 150, 59, 568, 614, 13, 120, 63, 219, 812,2160,1780, 99, 35, 18, 21, - 136, 872, 15, 28, 170, 88, 4, 30, 44, 112, 18, 147, 436, 195, 320, 37, - 122, 113, 6, 140, 8, 120, 305, 42, 58, 461, 44, 106, 301, 13, 408, 680, - 93, 86, 116, 530, 82, 568, 9, 102, 38, 416, 89, 71, 216, 728, 965, 818, - 2, 38, 121, 195, 14, 326, 148, 234, 18, 55, 131, 234, 361, 824, 5, 81, - 623, 48, 961, 19, 26, 33, 10,1101, 365, 92, 88, 181, 275, 346, 201, 206 - -One-time Pad. - - 158, 186, 223, 97, 64, 145, 190, 190, 117, 217, 163, 70, 206, 176, 183, 194, - 146, 43, 248, 141, 3, 54, 72, 223, 233, 153, 91, 210, 36, 131, 244, 161, - 105, 120, 113, 191, 113, 86, 19, 245, 213, 221, 43, 27, 242, 157, 73, 213, - 193, 92, 166, 10, 23, 197, 112, 110, 193, 30, 156, 51, 125, 51, 158, 67, - 197, 215, 59, 218, 110, 246, 181, 0, 135, 76, 164, 97, 47, 87, 234, 108, - 144, 127, 6, 6, 222, 172, 80, 144, 22, 245, 207, 70, 227, 182, 146, 134, - 119, 176, 73, 58, 135, 69, 23, 198, 0, 170, 32, 171, 176, 129, 91, 24, - 126, 77, 248, 0, 118, 69, 57, 60, 190, 171, 217, 61, 136, 169, 196, 84, - 168, 167, 163, 102, 223, 64, 174, 178, 166, 239, 242, 195, 249, 92, 59, 38, - 241, 46, 236, 31, 59, 114, 23, 50, 119, 186, 7, 66, 212, 97, 222, 182, - 230, 118, 122, 86, 105, 92, 179, 243, 255, 189, 223, 164, 194, 215, 98, 44, - 17, 20, 53, 153, 137, 224, 176, 100, 208, 114, 36, 200, 145, 150, 215, 20, - 87, 44, 252, 20, 235, 242, 163, 132, 63, 18, 5, 122, 74, 97, 34, 97, - 142, 86, 146, 221, 179, 166, 161, 74, 69, 182, 88, 120, 128, 58, 76, 155, - 15, 30, 77, 216, 165, 117, 107, 90, 169, 127, 143, 181, 208, 137, 200, 127, - 170, 195, 26, 84, 255, 132, 150, 58, 103, 250, 120, 221, 237, 37, 8, 99 - - -Implementation - -A non-US based programmer who has never seen any encryption code before will -shortly be implementing RRC.2 based solely on this specification and not on -knowledge of any other encryption algorithms. Stand by. - - - diff --git a/src/lib/libcrypto/rc2/version b/src/lib/libcrypto/rc2/version deleted file mode 100644 index 8ca161a613..0000000000 --- a/src/lib/libcrypto/rc2/version +++ /dev/null @@ -1,22 +0,0 @@ -1.1 23/08/96 - eay - Changed RC2_set_key() so it now takes another argument. Many - thanks to Peter Gutmann for the - clarification and original specification of RC2. BSAFE uses - this last parameter, 'bits'. It the key is 128 bits, BSAFE - also sets this parameter to 128. The old behaviour can be - duplicated by setting this parameter to 1024. - -1.0 08/04/96 - eay - First version of SSLeay with rc2. This has been written from the spec - posted sci.crypt. It is in this directory under rrc2.doc - I have no test values for any mode other than ecb, my wrappers for the - other modes should be ok since they are basically the same as - the ones taken from idea and des :-). I have implemented them as - little-endian operators. - While rc2 is included because it is used with SSL, I don't know how - far I trust it. It is about the same speed as IDEA and DES. - So if you are paranoid, used Triple DES, else IDEA. If RC2 - does get used more, perhaps more people will look for weaknesses in - it. - - diff --git a/src/lib/libcrypto/rc4/asm/rc4-586.pl b/src/lib/libcrypto/rc4/asm/rc4-586.pl deleted file mode 100644 index 8fffe91e74..0000000000 --- a/src/lib/libcrypto/rc4/asm/rc4-586.pl +++ /dev/null @@ -1,388 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# [Re]written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# At some point it became apparent that the original SSLeay RC4 -# assembler implementation performs suboptimally on latest IA-32 -# microarchitectures. After re-tuning performance has changed as -# following: -# -# Pentium -10% -# Pentium III +12% -# AMD +50%(*) -# P4 +250%(**) -# -# (*) This number is actually a trade-off:-) It's possible to -# achieve +72%, but at the cost of -48% off PIII performance. -# In other words code performing further 13% faster on AMD -# would perform almost 2 times slower on Intel PIII... -# For reference! This code delivers ~80% of rc4-amd64.pl -# performance on the same Opteron machine. -# (**) This number requires compressed key schedule set up by -# RC4_set_key [see commentary below for further details]. -# -# - -# May 2011 -# -# Optimize for Core2 and Westmere [and incidentally Opteron]. Current -# performance in cycles per processed byte (less is better) and -# improvement relative to previous version of this module is: -# -# Pentium 10.2 # original numbers -# Pentium III 7.8(*) -# Intel P4 7.5 -# -# Opteron 6.1/+20% # new MMX numbers -# Core2 5.3/+67%(**) -# Westmere 5.1/+94%(**) -# Sandy Bridge 5.0/+8% -# Atom 12.6/+6% -# -# (*) PIII can actually deliver 6.6 cycles per byte with MMX code, -# but this specific code performs poorly on Core2. And vice -# versa, below MMX/SSE code delivering 5.8/7.1 on Core2 performs -# poorly on PIII, at 8.0/14.5:-( As PIII is not a "hot" CPU -# [anymore], I chose to discard PIII-specific code path and opt -# for original IALU-only code, which is why MMX/SSE code path -# is guarded by SSE2 bit (see below), not MMX/SSE. -# (**) Performance vs. block size on Core2 and Westmere had a maximum -# at ... 64 bytes block size. And it was quite a maximum, 40-60% -# in comparison to largest 8KB block size. Above improvement -# coefficients are for the largest block size. - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -push(@INC,"${dir}","${dir}../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],"rc4-586.pl"); - -$xx="eax"; -$yy="ebx"; -$tx="ecx"; -$ty="edx"; -$inp="esi"; -$out="ebp"; -$dat="edi"; - -sub RC4_loop { - my $i=shift; - my $func = ($i==0)?*mov:*or; - - &add (&LB($yy),&LB($tx)); - &mov ($ty,&DWP(0,$dat,$yy,4)); - &mov (&DWP(0,$dat,$yy,4),$tx); - &mov (&DWP(0,$dat,$xx,4),$ty); - &add ($ty,$tx); - &inc (&LB($xx)); - &and ($ty,0xff); - &ror ($out,8) if ($i!=0); - if ($i<3) { - &mov ($tx,&DWP(0,$dat,$xx,4)); - } else { - &mov ($tx,&wparam(3)); # reload [re-biased] out - } - &$func ($out,&DWP(0,$dat,$ty,4)); -} - -if ($alt=0) { - # >20% faster on Atom and Sandy Bridge[!], 8% faster on Opteron, - # but ~40% slower on Core2 and Westmere... Attempt to add movz - # brings down Opteron by 25%, Atom and Sandy Bridge by 15%, yet - # on Core2 with movz it's almost 20% slower than below alternative - # code... Yes, it's a total mess... - my @XX=($xx,$out); - $RC4_loop_mmx = sub { # SSE actually... - my $i=shift; - my $j=$i<=0?0:$i>>1; - my $mm=$i<=0?"mm0":"mm".($i&1); - - &add (&LB($yy),&LB($tx)); - &lea (@XX[1],&DWP(1,@XX[0])); - &pxor ("mm2","mm0") if ($i==0); - &psllq ("mm1",8) if ($i==0); - &and (@XX[1],0xff); - &pxor ("mm0","mm0") if ($i<=0); - &mov ($ty,&DWP(0,$dat,$yy,4)); - &mov (&DWP(0,$dat,$yy,4),$tx); - &pxor ("mm1","mm2") if ($i==0); - &mov (&DWP(0,$dat,$XX[0],4),$ty); - &add (&LB($ty),&LB($tx)); - &movd (@XX[0],"mm7") if ($i==0); - &mov ($tx,&DWP(0,$dat,@XX[1],4)); - &pxor ("mm1","mm1") if ($i==1); - &movq ("mm2",&QWP(0,$inp)) if ($i==1); - &movq (&QWP(-8,(@XX[0],$inp)),"mm1") if ($i==0); - &pinsrw ($mm,&DWP(0,$dat,$ty,4),$j); - - push (@XX,shift(@XX)) if ($i>=0); - } -} else { - # Using pinsrw here improves performance on Intel CPUs by 2-3%, but - # brings down AMD by 7%... - $RC4_loop_mmx = sub { - my $i=shift; - - &add (&LB($yy),&LB($tx)); - &psllq ("mm1",8*(($i-1)&7)) if (abs($i)!=1); - &mov ($ty,&DWP(0,$dat,$yy,4)); - &mov (&DWP(0,$dat,$yy,4),$tx); - &mov (&DWP(0,$dat,$xx,4),$ty); - &inc ($xx); - &add ($ty,$tx); - &movz ($xx,&LB($xx)); # (*) - &movz ($ty,&LB($ty)); # (*) - &pxor ("mm2",$i==1?"mm0":"mm1") if ($i>=0); - &movq ("mm0",&QWP(0,$inp)) if ($i<=0); - &movq (&QWP(-8,($out,$inp)),"mm2") if ($i==0); - &mov ($tx,&DWP(0,$dat,$xx,4)); - &movd ($i>0?"mm1":"mm2",&DWP(0,$dat,$ty,4)); - - # (*) This is the key to Core2 and Westmere performance. - # Without movz out-of-order execution logic confuses - # itself and fails to reorder loads and stores. Problem - # appears to be fixed in Sandy Bridge... - } -} - -&external_label("OPENSSL_ia32cap_P"); - -# void rc4_internal(RC4_KEY *key, size_t len, const unsigned char *inp, -# unsigned char *out); -&function_begin("rc4_internal"); - &mov ($dat,&wparam(0)); # load key schedule pointer - &mov ($ty, &wparam(1)); # load len - &mov ($inp,&wparam(2)); # load inp - &mov ($out,&wparam(3)); # load out - - &xor ($xx,$xx); # avoid partial register stalls - &xor ($yy,$yy); - - &cmp ($ty,0); # safety net - &je (&label("abort")); - - &mov (&LB($xx),&BP(0,$dat)); # load key->x - &mov (&LB($yy),&BP(4,$dat)); # load key->y - &add ($dat,8); - - &lea ($tx,&DWP(0,$inp,$ty)); - &sub ($out,$inp); # re-bias out - &mov (&wparam(1),$tx); # save input+len - - &inc (&LB($xx)); - - # detect compressed key schedule... - &cmp (&DWP(256,$dat),-1); - &je (&label("RC4_CHAR")); - - &mov ($tx,&DWP(0,$dat,$xx,4)); - - &and ($ty,-4); # how many 4-byte chunks? - &jz (&label("loop1")); - - &test ($ty,-8); - &mov (&wparam(3),$out); # $out as accumulator in these loops - &jz (&label("go4loop4")); - - &picsetup($out); - &picsymbol($out, "OPENSSL_ia32cap_P", $out); - # check SSE2 bit [could have been MMX] - &bt (&DWP(0,$out),"\$IA32CAP_BIT0_SSE2"); - &jnc (&label("go4loop4")); - - &mov ($out,&wparam(3)) if (!$alt); - &movd ("mm7",&wparam(3)) if ($alt); - &and ($ty,-8); - &lea ($ty,&DWP(-8,$inp,$ty)); - &mov (&DWP(-4,$dat),$ty); # save input+(len/8)*8-8 - - &$RC4_loop_mmx(-1); - &jmp(&label("loop_mmx_enter")); - - &set_label("loop_mmx",16); - &$RC4_loop_mmx(0); - &set_label("loop_mmx_enter"); - for ($i=1;$i<8;$i++) { &$RC4_loop_mmx($i); } - &mov ($ty,$yy); - &xor ($yy,$yy); # this is second key to Core2 - &mov (&LB($yy),&LB($ty)); # and Westmere performance... - &cmp ($inp,&DWP(-4,$dat)); - &lea ($inp,&DWP(8,$inp)); - &jb (&label("loop_mmx")); - - if ($alt) { - &movd ($out,"mm7"); - &pxor ("mm2","mm0"); - &psllq ("mm1",8); - &pxor ("mm1","mm2"); - &movq (&QWP(-8,$out,$inp),"mm1"); - } else { - &psllq ("mm1",56); - &pxor ("mm2","mm1"); - &movq (&QWP(-8,$out,$inp),"mm2"); - } - &emms (); - - &cmp ($inp,&wparam(1)); # compare to input+len - &je (&label("done")); - &jmp (&label("loop1")); - -&set_label("go4loop4",16); - &lea ($ty,&DWP(-4,$inp,$ty)); - &mov (&wparam(2),$ty); # save input+(len/4)*4-4 - - &set_label("loop4"); - for ($i=0;$i<4;$i++) { RC4_loop($i); } - &ror ($out,8); - &xor ($out,&DWP(0,$inp)); - &cmp ($inp,&wparam(2)); # compare to input+(len/4)*4-4 - &mov (&DWP(0,$tx,$inp),$out);# $tx holds re-biased out here - &lea ($inp,&DWP(4,$inp)); - &mov ($tx,&DWP(0,$dat,$xx,4)); - &jb (&label("loop4")); - - &cmp ($inp,&wparam(1)); # compare to input+len - &je (&label("done")); - &mov ($out,&wparam(3)); # restore $out - - &set_label("loop1",16); - &add (&LB($yy),&LB($tx)); - &mov ($ty,&DWP(0,$dat,$yy,4)); - &mov (&DWP(0,$dat,$yy,4),$tx); - &mov (&DWP(0,$dat,$xx,4),$ty); - &add ($ty,$tx); - &inc (&LB($xx)); - &and ($ty,0xff); - &mov ($ty,&DWP(0,$dat,$ty,4)); - &xor (&LB($ty),&BP(0,$inp)); - &lea ($inp,&DWP(1,$inp)); - &mov ($tx,&DWP(0,$dat,$xx,4)); - &cmp ($inp,&wparam(1)); # compare to input+len - &mov (&BP(-1,$out,$inp),&LB($ty)); - &jb (&label("loop1")); - - &jmp (&label("done")); - -# this is essentially Intel P4 specific codepath... -&set_label("RC4_CHAR",16); - &movz ($tx,&BP(0,$dat,$xx)); - # strangely enough unrolled loop performs over 20% slower... - &set_label("cloop1"); - &add (&LB($yy),&LB($tx)); - &movz ($ty,&BP(0,$dat,$yy)); - &mov (&BP(0,$dat,$yy),&LB($tx)); - &mov (&BP(0,$dat,$xx),&LB($ty)); - &add (&LB($ty),&LB($tx)); - &movz ($ty,&BP(0,$dat,$ty)); - &add (&LB($xx),1); - &xor (&LB($ty),&BP(0,$inp)); - &lea ($inp,&DWP(1,$inp)); - &movz ($tx,&BP(0,$dat,$xx)); - &cmp ($inp,&wparam(1)); - &mov (&BP(-1,$out,$inp),&LB($ty)); - &jb (&label("cloop1")); - -&set_label("done"); - &dec (&LB($xx)); - &mov (&DWP(-4,$dat),$yy); # save key->y - &mov (&BP(-8,$dat),&LB($xx)); # save key->x -&set_label("abort"); -&function_end("rc4_internal"); - -######################################################################## - -$inp="esi"; -$out="edi"; -$idi="ebp"; -$ido="ecx"; -$idx="edx"; - -# void rc4_set_key_internal(RC4_KEY *key,int len,const unsigned char *data); -&function_begin("rc4_set_key_internal"); - &mov ($out,&wparam(0)); # load key - &mov ($idi,&wparam(1)); # load len - &mov ($inp,&wparam(2)); # load data - - &picsetup($idx); - &picsymbol($idx, "OPENSSL_ia32cap_P", $idx); - - &lea ($out,&DWP(2*4,$out)); # &key->data - &lea ($inp,&DWP(0,$inp,$idi)); # $inp to point at the end - &neg ($idi); - &xor ("eax","eax"); - &mov (&DWP(-4,$out),$idi); # borrow key->y - - &bt (&DWP(0,$idx),"\$IA32CAP_BIT0_INTELP4"); - &jc (&label("c1stloop")); - -&set_label("w1stloop",16); - &mov (&DWP(0,$out,"eax",4),"eax"); # key->data[i]=i; - &add (&LB("eax"),1); # i++; - &jnc (&label("w1stloop")); - - &xor ($ido,$ido); - &xor ($idx,$idx); - -&set_label("w2ndloop",16); - &mov ("eax",&DWP(0,$out,$ido,4)); - &add (&LB($idx),&BP(0,$inp,$idi)); - &add (&LB($idx),&LB("eax")); - &add ($idi,1); - &mov ("ebx",&DWP(0,$out,$idx,4)); - &jnz (&label("wnowrap")); - &mov ($idi,&DWP(-4,$out)); - &set_label("wnowrap"); - &mov (&DWP(0,$out,$idx,4),"eax"); - &mov (&DWP(0,$out,$ido,4),"ebx"); - &add (&LB($ido),1); - &jnc (&label("w2ndloop")); -&jmp (&label("exit")); - -# Unlike all other x86 [and x86_64] implementations, Intel P4 core -# [including EM64T] was found to perform poorly with above "32-bit" key -# schedule, a.k.a. RC4_INT. Performance improvement for IA-32 hand-coded -# assembler turned out to be 3.5x if re-coded for compressed 8-bit one, -# a.k.a. RC4_CHAR! It's however inappropriate to just switch to 8-bit -# schedule for x86[_64], because non-P4 implementations suffer from -# significant performance losses then, e.g. PIII exhibits >2x -# deterioration, and so does Opteron. In order to assure optimal -# all-round performance, we detect P4 at run-time and set up compressed -# key schedule, which is recognized by RC4 procedure. - -&set_label("c1stloop",16); - &mov (&BP(0,$out,"eax"),&LB("eax")); # key->data[i]=i; - &add (&LB("eax"),1); # i++; - &jnc (&label("c1stloop")); - - &xor ($ido,$ido); - &xor ($idx,$idx); - &xor ("ebx","ebx"); - -&set_label("c2ndloop",16); - &mov (&LB("eax"),&BP(0,$out,$ido)); - &add (&LB($idx),&BP(0,$inp,$idi)); - &add (&LB($idx),&LB("eax")); - &add ($idi,1); - &mov (&LB("ebx"),&BP(0,$out,$idx)); - &jnz (&label("cnowrap")); - &mov ($idi,&DWP(-4,$out)); - &set_label("cnowrap"); - &mov (&BP(0,$out,$idx),&LB("eax")); - &mov (&BP(0,$out,$ido),&LB("ebx")); - &add (&LB($ido),1); - &jnc (&label("c2ndloop")); - - &mov (&DWP(256,$out),-1); # mark schedule as compressed - -&set_label("exit"); - &xor ("eax","eax"); - &mov (&DWP(-8,$out),"eax"); # key->x=0; - &mov (&DWP(-4,$out),"eax"); # key->y=0; -&function_end("rc4_set_key_internal"); - -&asm_finish(); diff --git a/src/lib/libcrypto/rc4/asm/rc4-x86_64.pl b/src/lib/libcrypto/rc4/asm/rc4-x86_64.pl deleted file mode 100755 index 4dfce6a9ad..0000000000 --- a/src/lib/libcrypto/rc4/asm/rc4-x86_64.pl +++ /dev/null @@ -1,522 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== -# -# July 2004 -# -# 2.22x RC4 tune-up:-) It should be noted though that my hand [as in -# "hand-coded assembler"] doesn't stand for the whole improvement -# coefficient. It turned out that eliminating RC4_CHAR from config -# line results in ~40% improvement (yes, even for C implementation). -# Presumably it has everything to do with AMD cache architecture and -# RAW or whatever penalties. Once again! The module *requires* config -# line *without* RC4_CHAR! As for coding "secret," I bet on partial -# register arithmetics. For example instead of 'inc %r8; and $255,%r8' -# I simply 'inc %r8b'. Even though optimization manual discourages -# to operate on partial registers, it turned out to be the best bet. -# At least for AMD... How IA32E would perform remains to be seen... - -# November 2004 -# -# As was shown by Marc Bevand reordering of couple of load operations -# results in even higher performance gain of 3.3x:-) At least on -# Opteron... For reference, 1x in this case is RC4_CHAR C-code -# compiled with gcc 3.3.2, which performs at ~54MBps per 1GHz clock. -# Latter means that if you want to *estimate* what to expect from -# *your* Opteron, then multiply 54 by 3.3 and clock frequency in GHz. - -# November 2004 -# -# Intel P4 EM64T core was found to run the AMD64 code really slow... -# The only way to achieve comparable performance on P4 was to keep -# RC4_CHAR. Kind of ironic, huh? As it's apparently impossible to -# compose blended code, which would perform even within 30% marginal -# on either AMD and Intel platforms, I implement both cases. See -# rc4_skey.c for further details... - -# April 2005 -# -# P4 EM64T core appears to be "allergic" to 64-bit inc/dec. Replacing -# those with add/sub results in 50% performance improvement of folded -# loop... - -# May 2005 -# -# As was shown by Zou Nanhai loop unrolling can improve Intel EM64T -# performance by >30% [unlike P4 32-bit case that is]. But this is -# provided that loads are reordered even more aggressively! Both code -# paths, AMD64 and EM64T, reorder loads in essentially same manner -# as my IA-64 implementation. On Opteron this resulted in modest 5% -# improvement [I had to test it], while final Intel P4 performance -# achieves respectful 432MBps on 2.8GHz processor now. For reference. -# If executed on Xeon, current RC4_CHAR code-path is 2.7x faster than -# RC4_INT code-path. While if executed on Opteron, it's only 25% -# slower than the RC4_INT one [meaning that if CPU µ-arch detection -# is not implemented, then this final RC4_CHAR code-path should be -# preferred, as it provides better *all-round* performance]. - -# March 2007 -# -# Intel Core2 was observed to perform poorly on both code paths:-( It -# apparently suffers from some kind of partial register stall, which -# occurs in 64-bit mode only [as virtually identical 32-bit loop was -# observed to outperform 64-bit one by almost 50%]. Adding two movzb to -# cloop1 boosts its performance by 80%! This loop appears to be optimal -# fit for Core2 and therefore the code was modified to skip cloop8 on -# this CPU. - -# May 2010 -# -# Intel Westmere was observed to perform suboptimally. Adding yet -# another movzb to cloop1 improved performance by almost 50%! Core2 -# performance is improved too, but nominally... - -# May 2011 -# -# The only code path that was not modified is P4-specific one. Non-P4 -# Intel code path optimization is heavily based on submission by Maxim -# Perminov, Maxim Locktyukhin and Jim Guilford of Intel. I've used -# some of the ideas even in attempt to optimize the original RC4_INT -# code path... Current performance in cycles per processed byte (less -# is better) and improvement coefficients relative to previous -# version of this module are: -# -# Opteron 5.3/+0%(*) -# P4 6.5 -# Core2 6.2/+15%(**) -# Westmere 4.2/+60% -# Sandy Bridge 4.2/+120% -# Atom 9.3/+80% -# -# (*) But corresponding loop has less instructions, which should have -# positive effect on upcoming Bulldozer, which has one less ALU. -# For reference, Intel code runs at 6.8 cpb rate on Opteron. -# (**) Note that Core2 result is ~15% lower than corresponding result -# for 32-bit code, meaning that it's possible to improve it, -# but more than likely at the cost of the others (see rc4-586.pl -# to get the idea)... - -$flavour = shift; -$output = shift; -if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or -( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or -die "can't locate x86_64-xlate.pl"; - -open OUT,"| \"$^X\" $xlate $flavour $output"; -*STDOUT=*OUT; - -$dat="%rdi"; # arg1 -$len="%rsi"; # arg2 -$inp="%rdx"; # arg3 -$out="%rcx"; # arg4 - -{ -$code=<<___; -.text -.extern OPENSSL_ia32cap_P -.hidden OPENSSL_ia32cap_P - -.globl rc4_internal -.type rc4_internal,\@function,4 -.align 16 -rc4_internal: - _CET_ENDBR - or $len,$len - jne .Lentry - ret -.Lentry: - push %rbx - push %r12 - push %r13 -.Lprologue: - mov $len,%r11 - mov $inp,%r12 - mov $out,%r13 -___ -my $len="%r11"; # reassign input arguments -my $inp="%r12"; -my $out="%r13"; - -my @XX=("%r10","%rsi"); -my @TX=("%rax","%rbx"); -my $YY="%rcx"; -my $TY="%rdx"; - -$code.=<<___; - xor $XX[0],$XX[0] - xor $YY,$YY - - lea 8($dat),$dat - mov -8($dat),$XX[0]#b - mov -4($dat),$YY#b - cmpl \$-1,256($dat) - je .LRC4_CHAR - mov OPENSSL_ia32cap_P(%rip),%r8d - xor $TX[1],$TX[1] - inc $XX[0]#b - sub $XX[0],$TX[1] - sub $inp,$out - movl ($dat,$XX[0],4),$TX[0]#d - test \$-16,$len - jz .Lloop1 - bt \$IA32CAP_BIT0_INTEL,%r8d # Intel CPU? - jc .Lintel - and \$7,$TX[1] - lea 1($XX[0]),$XX[1] - jz .Loop8 - sub $TX[1],$len -.Loop8_warmup: - add $TX[0]#b,$YY#b - movl ($dat,$YY,4),$TY#d - movl $TX[0]#d,($dat,$YY,4) - movl $TY#d,($dat,$XX[0],4) - add $TY#b,$TX[0]#b - inc $XX[0]#b - movl ($dat,$TX[0],4),$TY#d - movl ($dat,$XX[0],4),$TX[0]#d - xorb ($inp),$TY#b - movb $TY#b,($out,$inp) - lea 1($inp),$inp - dec $TX[1] - jnz .Loop8_warmup - - lea 1($XX[0]),$XX[1] - jmp .Loop8 -.align 16 -.Loop8: -___ -for ($i=0;$i<8;$i++) { -$code.=<<___ if ($i==7); - add \$8,$XX[1]#b -___ -$code.=<<___; - add $TX[0]#b,$YY#b - movl ($dat,$YY,4),$TY#d - movl $TX[0]#d,($dat,$YY,4) - movl `4*($i==7?-1:$i)`($dat,$XX[1],4),$TX[1]#d - ror \$8,%r8 # ror is redundant when $i=0 - movl $TY#d,4*$i($dat,$XX[0],4) - add $TX[0]#b,$TY#b - movb ($dat,$TY,4),%r8b -___ -push(@TX,shift(@TX)); #push(@XX,shift(@XX)); # "rotate" registers -} -$code.=<<___; - add \$8,$XX[0]#b - ror \$8,%r8 - sub \$8,$len - - xor ($inp),%r8 - mov %r8,($out,$inp) - lea 8($inp),$inp - - test \$-8,$len - jnz .Loop8 - cmp \$0,$len - jne .Lloop1 - jmp .Lexit - -.align 16 -.Lintel: - test \$-32,$len - jz .Lloop1 - and \$15,$TX[1] - jz .Loop16_is_hot - sub $TX[1],$len -.Loop16_warmup: - add $TX[0]#b,$YY#b - movl ($dat,$YY,4),$TY#d - movl $TX[0]#d,($dat,$YY,4) - movl $TY#d,($dat,$XX[0],4) - add $TY#b,$TX[0]#b - inc $XX[0]#b - movl ($dat,$TX[0],4),$TY#d - movl ($dat,$XX[0],4),$TX[0]#d - xorb ($inp),$TY#b - movb $TY#b,($out,$inp) - lea 1($inp),$inp - dec $TX[1] - jnz .Loop16_warmup - - mov $YY,$TX[1] - xor $YY,$YY - mov $TX[1]#b,$YY#b - -.Loop16_is_hot: - lea ($dat,$XX[0],4),$XX[1] -___ -sub RC4_loop { - my $i=shift; - my $j=$i<0?0:$i; - my $xmm="%xmm".($j&1); - - $code.=" add \$16,$XX[0]#b\n" if ($i==15); - $code.=" movdqu ($inp),%xmm2\n" if ($i==15); - $code.=" add $TX[0]#b,$YY#b\n" if ($i<=0); - $code.=" movl ($dat,$YY,4),$TY#d\n"; - $code.=" pxor %xmm0,%xmm2\n" if ($i==0); - $code.=" psllq \$8,%xmm1\n" if ($i==0); - $code.=" pxor $xmm,$xmm\n" if ($i<=1); - $code.=" movl $TX[0]#d,($dat,$YY,4)\n"; - $code.=" add $TY#b,$TX[0]#b\n"; - $code.=" movl `4*($j+1)`($XX[1]),$TX[1]#d\n" if ($i<15); - $code.=" movz $TX[0]#b,$TX[0]#d\n"; - $code.=" movl $TY#d,4*$j($XX[1])\n"; - $code.=" pxor %xmm1,%xmm2\n" if ($i==0); - $code.=" lea ($dat,$XX[0],4),$XX[1]\n" if ($i==15); - $code.=" add $TX[1]#b,$YY#b\n" if ($i<15); - $code.=" pinsrw \$`($j>>1)&7`,($dat,$TX[0],4),$xmm\n"; - $code.=" movdqu %xmm2,($out,$inp)\n" if ($i==0); - $code.=" lea 16($inp),$inp\n" if ($i==0); - $code.=" movl ($XX[1]),$TX[1]#d\n" if ($i==15); -} - RC4_loop(-1); -$code.=<<___; - jmp .Loop16_enter -.align 16 -.Loop16: -___ - -for ($i=0;$i<16;$i++) { - $code.=".Loop16_enter:\n" if ($i==1); - RC4_loop($i); - push(@TX,shift(@TX)); # "rotate" registers -} -$code.=<<___; - mov $YY,$TX[1] - xor $YY,$YY # keyword to partial register - sub \$16,$len - mov $TX[1]#b,$YY#b - test \$-16,$len - jnz .Loop16 - - psllq \$8,%xmm1 - pxor %xmm0,%xmm2 - pxor %xmm1,%xmm2 - movdqu %xmm2,($out,$inp) - lea 16($inp),$inp - - cmp \$0,$len - jne .Lloop1 - jmp .Lexit - -.align 16 -.Lloop1: - add $TX[0]#b,$YY#b - movl ($dat,$YY,4),$TY#d - movl $TX[0]#d,($dat,$YY,4) - movl $TY#d,($dat,$XX[0],4) - add $TY#b,$TX[0]#b - inc $XX[0]#b - movl ($dat,$TX[0],4),$TY#d - movl ($dat,$XX[0],4),$TX[0]#d - xorb ($inp),$TY#b - movb $TY#b,($out,$inp) - lea 1($inp),$inp - dec $len - jnz .Lloop1 - jmp .Lexit - -.align 16 -.LRC4_CHAR: - add \$1,$XX[0]#b - movzb ($dat,$XX[0]),$TX[0]#d - test \$-8,$len - jz .Lcloop1 - jmp .Lcloop8 -.align 16 -.Lcloop8: - mov ($inp),%r8d - mov 4($inp),%r9d -___ -# unroll 2x4-wise, because 64-bit rotates kill Intel P4... -for ($i=0;$i<4;$i++) { -$code.=<<___; - add $TX[0]#b,$YY#b - lea 1($XX[0]),$XX[1] - movzb ($dat,$YY),$TY#d - movzb $XX[1]#b,$XX[1]#d - movzb ($dat,$XX[1]),$TX[1]#d - movb $TX[0]#b,($dat,$YY) - cmp $XX[1],$YY - movb $TY#b,($dat,$XX[0]) - jne .Lcmov$i # Intel cmov is sloooow... - mov $TX[0],$TX[1] -.Lcmov$i: - add $TX[0]#b,$TY#b - xor ($dat,$TY),%r8b - ror \$8,%r8d -___ -push(@TX,shift(@TX)); push(@XX,shift(@XX)); # "rotate" registers -} -for ($i=4;$i<8;$i++) { -$code.=<<___; - add $TX[0]#b,$YY#b - lea 1($XX[0]),$XX[1] - movzb ($dat,$YY),$TY#d - movzb $XX[1]#b,$XX[1]#d - movzb ($dat,$XX[1]),$TX[1]#d - movb $TX[0]#b,($dat,$YY) - cmp $XX[1],$YY - movb $TY#b,($dat,$XX[0]) - jne .Lcmov$i # Intel cmov is sloooow... - mov $TX[0],$TX[1] -.Lcmov$i: - add $TX[0]#b,$TY#b - xor ($dat,$TY),%r9b - ror \$8,%r9d -___ -push(@TX,shift(@TX)); push(@XX,shift(@XX)); # "rotate" registers -} -$code.=<<___; - lea -8($len),$len - mov %r8d,($out) - lea 8($inp),$inp - mov %r9d,4($out) - lea 8($out),$out - - test \$-8,$len - jnz .Lcloop8 - cmp \$0,$len - jne .Lcloop1 - jmp .Lexit -___ -$code.=<<___; -.align 16 -.Lcloop1: - add $TX[0]#b,$YY#b - movzb $YY#b,$YY#d - movzb ($dat,$YY),$TY#d - movb $TX[0]#b,($dat,$YY) - movb $TY#b,($dat,$XX[0]) - add $TX[0]#b,$TY#b - add \$1,$XX[0]#b - movzb $TY#b,$TY#d - movzb $XX[0]#b,$XX[0]#d - movzb ($dat,$TY),$TY#d - movzb ($dat,$XX[0]),$TX[0]#d - xorb ($inp),$TY#b - lea 1($inp),$inp - movb $TY#b,($out) - lea 1($out),$out - sub \$1,$len - jnz .Lcloop1 - jmp .Lexit - -.align 16 -.Lexit: - sub \$1,$XX[0]#b - movl $XX[0]#d,-8($dat) - movl $YY#d,-4($dat) - - mov (%rsp),%r13 - mov 8(%rsp),%r12 - mov 16(%rsp),%rbx - add \$24,%rsp -.Lepilogue: - ret -.size rc4_internal,.-rc4_internal -___ -} - -$idx="%r8"; -$ido="%r9"; - -$code.=<<___; -.globl rc4_set_key_internal -.type rc4_set_key_internal,\@function,3 -.align 16 -rc4_set_key_internal: - _CET_ENDBR - lea 8($dat),$dat - lea ($inp,$len),$inp - neg $len - mov $len,%rcx - xor %eax,%eax - xor $ido,$ido - xor %r10,%r10 - xor %r11,%r11 - - mov OPENSSL_ia32cap_P(%rip),$idx#d - bt \$IA32CAP_BIT0_INTELP4,$idx#d # RC4_CHAR? - jc .Lc1stloop - jmp .Lw1stloop - -.align 16 -.Lw1stloop: - mov %eax,($dat,%rax,4) - add \$1,%al - jnc .Lw1stloop - - xor $ido,$ido - xor $idx,$idx -.align 16 -.Lw2ndloop: - mov ($dat,$ido,4),%r10d - add ($inp,$len,1),$idx#b - add %r10b,$idx#b - add \$1,$len - mov ($dat,$idx,4),%r11d - cmovz %rcx,$len - mov %r10d,($dat,$idx,4) - mov %r11d,($dat,$ido,4) - add \$1,$ido#b - jnc .Lw2ndloop - jmp .Lexit_key - -.align 16 -.Lc1stloop: - mov %al,($dat,%rax) - add \$1,%al - jnc .Lc1stloop - - xor $ido,$ido - xor $idx,$idx -.align 16 -.Lc2ndloop: - mov ($dat,$ido),%r10b - add ($inp,$len),$idx#b - add %r10b,$idx#b - add \$1,$len - mov ($dat,$idx),%r11b - jnz .Lcnowrap - mov %rcx,$len -.Lcnowrap: - mov %r10b,($dat,$idx) - mov %r11b,($dat,$ido) - add \$1,$ido#b - jnc .Lc2ndloop - movl \$-1,256($dat) - -.align 16 -.Lexit_key: - xor %eax,%eax - mov %eax,-8($dat) - mov %eax,-4($dat) - ret -.size rc4_set_key_internal,.-rc4_set_key_internal -___ - -sub reg_part { -my ($reg,$conv)=@_; - if ($reg =~ /%r[0-9]+/) { $reg .= $conv; } - elsif ($conv eq "b") { $reg =~ s/%[er]([^x]+)x?/%$1l/; } - elsif ($conv eq "w") { $reg =~ s/%[er](.+)/%$1/; } - elsif ($conv eq "d") { $reg =~ s/%[er](.+)/%e$1/; } - return $reg; -} - -$code =~ s/(%[a-z0-9]+)#([bwd])/reg_part($1,$2)/gem; -$code =~ s/\`([^\`]*)\`/eval $1/gem; - -print $code; - -close STDOUT; diff --git a/src/lib/libcrypto/rc4/rc4.c b/src/lib/libcrypto/rc4/rc4.c deleted file mode 100644 index 56ed43cba7..0000000000 --- a/src/lib/libcrypto/rc4/rc4.c +++ /dev/null @@ -1,305 +0,0 @@ -/* $OpenBSD: rc4.c,v 1.13 2025/01/27 14:02:32 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include - -#include "crypto_arch.h" - -/* RC4 as implemented from a posting from - * Newsgroups: sci.crypt - * From: sterndark@netcom.com (David Sterndark) - * Subject: RC4 Algorithm revealed. - * Message-ID: - * Date: Wed, 14 Sep 1994 06:35:31 GMT - */ - -#ifdef HAVE_RC4_INTERNAL -void rc4_internal(RC4_KEY *key, size_t len, const unsigned char *indata, - unsigned char *outdata); - -#else -static void -rc4_internal(RC4_KEY *key, size_t len, const unsigned char *indata, - unsigned char *outdata) -{ - RC4_INT *d; - RC4_INT x, y,tx, ty; - size_t i; - - x = key->x; - y = key->y; - d = key->data; - -#if defined(RC4_CHUNK) - /* - * The original reason for implementing this(*) was the fact that - * pre-21164a Alpha CPUs don't have byte load/store instructions - * and e.g. a byte store has to be done with 64-bit load, shift, - * and, or and finally 64-bit store. Peaking data and operating - * at natural word size made it possible to reduce amount of - * instructions as well as to perform early read-ahead without - * suffering from RAW (read-after-write) hazard. This resulted - * in ~40%(**) performance improvement on 21064 box with gcc. - * But it's not only Alpha users who win here:-) Thanks to the - * early-n-wide read-ahead this implementation also exhibits - * >40% speed-up on SPARC and 20-30% on 64-bit MIPS (depending - * on sizeof(RC4_INT)). - * - * (*) "this" means code which recognizes the case when input - * and output pointers appear to be aligned at natural CPU - * word boundary - * (**) i.e. according to 'apps/openssl speed rc4' benchmark, - * crypto/rc4/rc4speed.c exhibits almost 70% speed-up... - * - * Caveats. - * - * - RC4_CHUNK="unsigned long long" should be a #1 choice for - * UltraSPARC. Unfortunately gcc generates very slow code - * (2.5-3 times slower than one generated by Sun's WorkShop - * C) and therefore gcc (at least 2.95 and earlier) should - * always be told that RC4_CHUNK="unsigned long". - * - * - */ - -# define RC4_STEP ( \ - x=(x+1) &0xff, \ - tx=d[x], \ - y=(tx+y)&0xff, \ - ty=d[y], \ - d[y]=tx, \ - d[x]=ty, \ - (RC4_CHUNK)d[(tx+ty)&0xff]\ - ) - - if ((((size_t)indata & (sizeof(RC4_CHUNK) - 1)) | - ((size_t)outdata & (sizeof(RC4_CHUNK) - 1))) == 0 ) { - RC4_CHUNK ichunk, otp; - - /* - * I reckon we can afford to implement both endian - * cases and to decide which way to take at run-time - * because the machine code appears to be very compact - * and redundant 1-2KB is perfectly tolerable (i.e. - * in case the compiler fails to eliminate it:-). By - * suggestion from Terrel Larson . - * - * Special notes. - * - * - compilers (those I've tried) don't seem to have - * problems eliminating either the operators guarded - * by "if (sizeof(RC4_CHUNK)==8)" or the condition - * expressions themselves so I've got 'em to replace - * corresponding #ifdefs from the previous version; - * - I chose to let the redundant switch cases when - * sizeof(RC4_CHUNK)!=8 be (were also #ifdefed - * before); - * - in case you wonder "&(sizeof(RC4_CHUNK)*8-1)" in - * [LB]ESHFT guards against "shift is out of range" - * warnings when sizeof(RC4_CHUNK)!=8 - * - * - */ -#if BYTE_ORDER == BIG_ENDIAN -# define BESHFT(c) (((sizeof(RC4_CHUNK)-(c)-1)*8)&(sizeof(RC4_CHUNK)*8-1)) - for (; len & (0 - sizeof(RC4_CHUNK)); len -= sizeof(RC4_CHUNK)) { - ichunk = *(RC4_CHUNK *)indata; - otp = RC4_STEP << BESHFT(0); - otp |= RC4_STEP << BESHFT(1); - otp |= RC4_STEP << BESHFT(2); - otp |= RC4_STEP << BESHFT(3); - if (sizeof(RC4_CHUNK) == 8) { - otp |= RC4_STEP << BESHFT(4); - otp |= RC4_STEP << BESHFT(5); - otp |= RC4_STEP << BESHFT(6); - otp |= RC4_STEP << BESHFT(7); - } - *(RC4_CHUNK *)outdata = otp^ichunk; - indata += sizeof(RC4_CHUNK); - outdata += sizeof(RC4_CHUNK); - } -#else -# define LESHFT(c) (((c)*8)&(sizeof(RC4_CHUNK)*8-1)) - for (; len & (0 - sizeof(RC4_CHUNK)); len -= sizeof(RC4_CHUNK)) { - ichunk = *(RC4_CHUNK *)indata; - otp = RC4_STEP; - otp |= RC4_STEP << 8; - otp |= RC4_STEP << 16; - otp |= RC4_STEP << 24; - if (sizeof(RC4_CHUNK) == 8) { - otp |= RC4_STEP << LESHFT(4); - otp |= RC4_STEP << LESHFT(5); - otp |= RC4_STEP << LESHFT(6); - otp |= RC4_STEP << LESHFT(7); - } - *(RC4_CHUNK *)outdata = otp ^ ichunk; - indata += sizeof(RC4_CHUNK); - outdata += sizeof(RC4_CHUNK); - } -#endif - } -#endif -#define RC4_LOOP(in,out) \ - x=((x+1)&0xff); \ - tx=d[x]; \ - y=(tx+y)&0xff; \ - d[x]=ty=d[y]; \ - d[y]=tx; \ - (out) = d[(tx+ty)&0xff]^ (in); - - i = len >> 3; - if (i) { - for (;;) { - RC4_LOOP(indata[0], outdata[0]); - RC4_LOOP(indata[1], outdata[1]); - RC4_LOOP(indata[2], outdata[2]); - RC4_LOOP(indata[3], outdata[3]); - RC4_LOOP(indata[4], outdata[4]); - RC4_LOOP(indata[5], outdata[5]); - RC4_LOOP(indata[6], outdata[6]); - RC4_LOOP(indata[7], outdata[7]); - - indata += 8; - outdata += 8; - - if (--i == 0) - break; - } - } - i = len&0x07; - if (i) { - for (;;) { - RC4_LOOP(indata[0], outdata[0]); - if (--i == 0) - break; - RC4_LOOP(indata[1], outdata[1]); - if (--i == 0) - break; - RC4_LOOP(indata[2], outdata[2]); - if (--i == 0) - break; - RC4_LOOP(indata[3], outdata[3]); - if (--i == 0) - break; - RC4_LOOP(indata[4], outdata[4]); - if (--i == 0) - break; - RC4_LOOP(indata[5], outdata[5]); - if (--i == 0) - break; - RC4_LOOP(indata[6], outdata[6]); - if (--i == 0) - break; - } - } - key->x = x; - key->y = y; -} -#endif - -#ifdef HAVE_RC4_SET_KEY_INTERNAL -void rc4_set_key_internal(RC4_KEY *key, int len, const unsigned char *data); - -#else -static inline void -rc4_set_key_internal(RC4_KEY *key, int len, const unsigned char *data) -{ - RC4_INT tmp; - int id1, id2; - RC4_INT *d; - unsigned int i; - - d = &(key->data[0]); - key->x = 0; - key->y = 0; - id1 = id2 = 0; - -#define SK_LOOP(d,n) { \ - tmp=d[(n)]; \ - id2 = (data[id1] + tmp + id2) & 0xff; \ - if (++id1 == len) id1=0; \ - d[(n)]=d[id2]; \ - d[id2]=tmp; } - - for (i = 0; i < 256; i++) - d[i] = i; - for (i = 0; i < 256; i += 4) { - SK_LOOP(d, i + 0); - SK_LOOP(d, i + 1); - SK_LOOP(d, i + 2); - SK_LOOP(d, i + 3); - } -} -#endif - -void -RC4(RC4_KEY *key, size_t len, const unsigned char *indata, - unsigned char *outdata) -{ - rc4_internal(key, len, indata, outdata); -} -LCRYPTO_ALIAS(RC4); - -void -RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) -{ - rc4_set_key_internal(key, len, data); -} -LCRYPTO_ALIAS(RC4_set_key); diff --git a/src/lib/libcrypto/rc4/rc4.h b/src/lib/libcrypto/rc4/rc4.h deleted file mode 100644 index a20472372b..0000000000 --- a/src/lib/libcrypto/rc4/rc4.h +++ /dev/null @@ -1,83 +0,0 @@ -/* $OpenBSD: rc4.h,v 1.16 2025/01/25 17:59:44 tb Exp $ */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_RC4_H -#define HEADER_RC4_H - -#include /* OPENSSL_NO_RC4, RC4_INT */ - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct rc4_key_st { - RC4_INT x, y; - RC4_INT data[256]; -} RC4_KEY; - -void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); -void RC4(RC4_KEY *key, size_t len, const unsigned char *indata, - unsigned char *outdata); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/ripemd/ripemd.c b/src/lib/libcrypto/ripemd/ripemd.c deleted file mode 100644 index 08fa208dcc..0000000000 --- a/src/lib/libcrypto/ripemd/ripemd.c +++ /dev/null @@ -1,497 +0,0 @@ -/* $OpenBSD: ripemd.c,v 1.19 2024/06/01 07:36:16 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include - -#include -#include - -#include "crypto_internal.h" - -/* Ensure that SHA_LONG and uint32_t are equivalent sizes. */ -CTASSERT(sizeof(RIPEMD160_LONG) == sizeof(uint32_t)); - -#if 0 -#define F1(x,y,z) ((x)^(y)^(z)) -#define F2(x,y,z) (((x)&(y))|((~x)&z)) -#define F3(x,y,z) (((x)|(~y))^(z)) -#define F4(x,y,z) (((x)&(z))|((y)&(~(z)))) -#define F5(x,y,z) ((x)^((y)|(~(z)))) -#else -/* - * Transformed F2 and F4 are courtesy of Wei Dai - */ -#define F1(x,y,z) ((x) ^ (y) ^ (z)) -#define F2(x,y,z) ((((y) ^ (z)) & (x)) ^ (z)) -#define F3(x,y,z) (((~(y)) | (x)) ^ (z)) -#define F4(x,y,z) ((((x) ^ (y)) & (z)) ^ (y)) -#define F5(x,y,z) (((~(z)) | (y)) ^ (x)) -#endif - -#define KL0 0x00000000L -#define KL1 0x5A827999L -#define KL2 0x6ED9EBA1L -#define KL3 0x8F1BBCDCL -#define KL4 0xA953FD4EL - -#define KR0 0x50A28BE6L -#define KR1 0x5C4DD124L -#define KR2 0x6D703EF3L -#define KR3 0x7A6D76E9L -#define KR4 0x00000000L - -#define RIP1(a,b,c,d,e,w,s) { \ - a+=F1(b,c,d)+w; \ - a=crypto_rol_u32(a,s)+e; \ - c=crypto_rol_u32(c,10); } - -#define RIP2(a,b,c,d,e,w,s,K) { \ - a+=F2(b,c,d)+w+K; \ - a=crypto_rol_u32(a,s)+e; \ - c=crypto_rol_u32(c,10); } - -#define RIP3(a,b,c,d,e,w,s,K) { \ - a+=F3(b,c,d)+w+K; \ - a=crypto_rol_u32(a,s)+e; \ - c=crypto_rol_u32(c,10); } - -#define RIP4(a,b,c,d,e,w,s,K) { \ - a+=F4(b,c,d)+w+K; \ - a=crypto_rol_u32(a,s)+e; \ - c=crypto_rol_u32(c,10); } - -#define RIP5(a,b,c,d,e,w,s,K) { \ - a+=F5(b,c,d)+w+K; \ - a=crypto_rol_u32(a,s)+e; \ - c=crypto_rol_u32(c,10); } - -static void -ripemd160_block_data_order(RIPEMD160_CTX *ctx, const void *_in, size_t num) -{ - const uint8_t *in = _in; - const RIPEMD160_LONG *in32; - unsigned int A, B, C, D, E; - unsigned int a, b, c, d, e; - unsigned int X0, X1, X2, X3, X4, X5, X6, X7, - X8, X9, X10, X11, X12, X13, X14, X15; - - for (; num--; ) { - A = ctx->A; - B = ctx->B; - C = ctx->C; - D = ctx->D; - E = ctx->E; - - if ((uintptr_t)in % 4 == 0) { - /* Input is 32 bit aligned. */ - in32 = (const RIPEMD160_LONG *)in; - X0 = le32toh(in32[0]); - X1 = le32toh(in32[1]); - X2 = le32toh(in32[2]); - X3 = le32toh(in32[3]); - X4 = le32toh(in32[4]); - X5 = le32toh(in32[5]); - X6 = le32toh(in32[6]); - X7 = le32toh(in32[7]); - X8 = le32toh(in32[8]); - X9 = le32toh(in32[9]); - X10 = le32toh(in32[10]); - X11 = le32toh(in32[11]); - X12 = le32toh(in32[12]); - X13 = le32toh(in32[13]); - X14 = le32toh(in32[14]); - X15 = le32toh(in32[15]); - } else { - /* Input is not 32 bit aligned. */ - X0 = crypto_load_le32toh(&in[0 * 4]); - X1 = crypto_load_le32toh(&in[1 * 4]); - X2 = crypto_load_le32toh(&in[2 * 4]); - X3 = crypto_load_le32toh(&in[3 * 4]); - X4 = crypto_load_le32toh(&in[4 * 4]); - X5 = crypto_load_le32toh(&in[5 * 4]); - X6 = crypto_load_le32toh(&in[6 * 4]); - X7 = crypto_load_le32toh(&in[7 * 4]); - X8 = crypto_load_le32toh(&in[8 * 4]); - X9 = crypto_load_le32toh(&in[9 * 4]); - X10 = crypto_load_le32toh(&in[10 * 4]); - X11 = crypto_load_le32toh(&in[11 * 4]); - X12 = crypto_load_le32toh(&in[12 * 4]); - X13 = crypto_load_le32toh(&in[13 * 4]); - X14 = crypto_load_le32toh(&in[14 * 4]); - X15 = crypto_load_le32toh(&in[15 * 4]); - } - in += RIPEMD160_CBLOCK; - - RIP1(A, B, C, D, E, X0, 11); - RIP1(E, A, B, C, D, X1, 14); - RIP1(D, E, A, B, C, X2, 15); - RIP1(C, D, E, A, B, X3, 12); - RIP1(B, C, D, E, A, X4, 5); - RIP1(A, B, C, D, E, X5, 8); - RIP1(E, A, B, C, D, X6, 7); - RIP1(D, E, A, B, C, X7, 9); - RIP1(C, D, E, A, B, X8, 11); - RIP1(B, C, D, E, A, X9, 13); - RIP1(A, B, C, D, E, X10, 14); - RIP1(E, A, B, C, D, X11, 15); - RIP1(D, E, A, B, C, X12, 6); - RIP1(C, D, E, A, B, X13, 7); - RIP1(B, C, D, E, A, X14, 9); - RIP1(A, B, C, D, E, X15, 8); - - RIP2(E, A, B, C, D, X7, 7, KL1); - RIP2(D, E, A, B, C, X4, 6, KL1); - RIP2(C, D, E, A, B, X13, 8, KL1); - RIP2(B, C, D, E, A, X1, 13, KL1); - RIP2(A, B, C, D, E, X10, 11, KL1); - RIP2(E, A, B, C, D, X6, 9, KL1); - RIP2(D, E, A, B, C, X15, 7, KL1); - RIP2(C, D, E, A, B, X3, 15, KL1); - RIP2(B, C, D, E, A, X12, 7, KL1); - RIP2(A, B, C, D, E, X0, 12, KL1); - RIP2(E, A, B, C, D, X9, 15, KL1); - RIP2(D, E, A, B, C, X5, 9, KL1); - RIP2(C, D, E, A, B, X2, 11, KL1); - RIP2(B, C, D, E, A, X14, 7, KL1); - RIP2(A, B, C, D, E, X11, 13, KL1); - RIP2(E, A, B, C, D, X8, 12, KL1); - - RIP3(D, E, A, B, C, X3, 11, KL2); - RIP3(C, D, E, A, B, X10, 13, KL2); - RIP3(B, C, D, E, A, X14, 6, KL2); - RIP3(A, B, C, D, E, X4, 7, KL2); - RIP3(E, A, B, C, D, X9, 14, KL2); - RIP3(D, E, A, B, C, X15, 9, KL2); - RIP3(C, D, E, A, B, X8, 13, KL2); - RIP3(B, C, D, E, A, X1, 15, KL2); - RIP3(A, B, C, D, E, X2, 14, KL2); - RIP3(E, A, B, C, D, X7, 8, KL2); - RIP3(D, E, A, B, C, X0, 13, KL2); - RIP3(C, D, E, A, B, X6, 6, KL2); - RIP3(B, C, D, E, A, X13, 5, KL2); - RIP3(A, B, C, D, E, X11, 12, KL2); - RIP3(E, A, B, C, D, X5, 7, KL2); - RIP3(D, E, A, B, C, X12, 5, KL2); - - RIP4(C, D, E, A, B, X1, 11, KL3); - RIP4(B, C, D, E, A, X9, 12, KL3); - RIP4(A, B, C, D, E, X11, 14, KL3); - RIP4(E, A, B, C, D, X10, 15, KL3); - RIP4(D, E, A, B, C, X0, 14, KL3); - RIP4(C, D, E, A, B, X8, 15, KL3); - RIP4(B, C, D, E, A, X12, 9, KL3); - RIP4(A, B, C, D, E, X4, 8, KL3); - RIP4(E, A, B, C, D, X13, 9, KL3); - RIP4(D, E, A, B, C, X3, 14, KL3); - RIP4(C, D, E, A, B, X7, 5, KL3); - RIP4(B, C, D, E, A, X15, 6, KL3); - RIP4(A, B, C, D, E, X14, 8, KL3); - RIP4(E, A, B, C, D, X5, 6, KL3); - RIP4(D, E, A, B, C, X6, 5, KL3); - RIP4(C, D, E, A, B, X2, 12, KL3); - - RIP5(B, C, D, E, A, X4, 9, KL4); - RIP5(A, B, C, D, E, X0, 15, KL4); - RIP5(E, A, B, C, D, X5, 5, KL4); - RIP5(D, E, A, B, C, X9, 11, KL4); - RIP5(C, D, E, A, B, X7, 6, KL4); - RIP5(B, C, D, E, A, X12, 8, KL4); - RIP5(A, B, C, D, E, X2, 13, KL4); - RIP5(E, A, B, C, D, X10, 12, KL4); - RIP5(D, E, A, B, C, X14, 5, KL4); - RIP5(C, D, E, A, B, X1, 12, KL4); - RIP5(B, C, D, E, A, X3, 13, KL4); - RIP5(A, B, C, D, E, X8, 14, KL4); - RIP5(E, A, B, C, D, X11, 11, KL4); - RIP5(D, E, A, B, C, X6, 8, KL4); - RIP5(C, D, E, A, B, X15, 5, KL4); - RIP5(B, C, D, E, A, X13, 6, KL4); - - a = A; - b = B; - c = C; - d = D; - e = E; - /* Do other half */ - A = ctx->A; - B = ctx->B; - C = ctx->C; - D = ctx->D; - E = ctx->E; - - RIP5(A, B, C, D, E, X5, 8, KR0); - RIP5(E, A, B, C, D, X14, 9, KR0); - RIP5(D, E, A, B, C, X7, 9, KR0); - RIP5(C, D, E, A, B, X0, 11, KR0); - RIP5(B, C, D, E, A, X9, 13, KR0); - RIP5(A, B, C, D, E, X2, 15, KR0); - RIP5(E, A, B, C, D, X11, 15, KR0); - RIP5(D, E, A, B, C, X4, 5, KR0); - RIP5(C, D, E, A, B, X13, 7, KR0); - RIP5(B, C, D, E, A, X6, 7, KR0); - RIP5(A, B, C, D, E, X15, 8, KR0); - RIP5(E, A, B, C, D, X8, 11, KR0); - RIP5(D, E, A, B, C, X1, 14, KR0); - RIP5(C, D, E, A, B, X10, 14, KR0); - RIP5(B, C, D, E, A, X3, 12, KR0); - RIP5(A, B, C, D, E, X12, 6, KR0); - - RIP4(E, A, B, C, D, X6, 9, KR1); - RIP4(D, E, A, B, C, X11, 13, KR1); - RIP4(C, D, E, A, B, X3, 15, KR1); - RIP4(B, C, D, E, A, X7, 7, KR1); - RIP4(A, B, C, D, E, X0, 12, KR1); - RIP4(E, A, B, C, D, X13, 8, KR1); - RIP4(D, E, A, B, C, X5, 9, KR1); - RIP4(C, D, E, A, B, X10, 11, KR1); - RIP4(B, C, D, E, A, X14, 7, KR1); - RIP4(A, B, C, D, E, X15, 7, KR1); - RIP4(E, A, B, C, D, X8, 12, KR1); - RIP4(D, E, A, B, C, X12, 7, KR1); - RIP4(C, D, E, A, B, X4, 6, KR1); - RIP4(B, C, D, E, A, X9, 15, KR1); - RIP4(A, B, C, D, E, X1, 13, KR1); - RIP4(E, A, B, C, D, X2, 11, KR1); - - RIP3(D, E, A, B, C, X15, 9, KR2); - RIP3(C, D, E, A, B, X5, 7, KR2); - RIP3(B, C, D, E, A, X1, 15, KR2); - RIP3(A, B, C, D, E, X3, 11, KR2); - RIP3(E, A, B, C, D, X7, 8, KR2); - RIP3(D, E, A, B, C, X14, 6, KR2); - RIP3(C, D, E, A, B, X6, 6, KR2); - RIP3(B, C, D, E, A, X9, 14, KR2); - RIP3(A, B, C, D, E, X11, 12, KR2); - RIP3(E, A, B, C, D, X8, 13, KR2); - RIP3(D, E, A, B, C, X12, 5, KR2); - RIP3(C, D, E, A, B, X2, 14, KR2); - RIP3(B, C, D, E, A, X10, 13, KR2); - RIP3(A, B, C, D, E, X0, 13, KR2); - RIP3(E, A, B, C, D, X4, 7, KR2); - RIP3(D, E, A, B, C, X13, 5, KR2); - - RIP2(C, D, E, A, B, X8, 15, KR3); - RIP2(B, C, D, E, A, X6, 5, KR3); - RIP2(A, B, C, D, E, X4, 8, KR3); - RIP2(E, A, B, C, D, X1, 11, KR3); - RIP2(D, E, A, B, C, X3, 14, KR3); - RIP2(C, D, E, A, B, X11, 14, KR3); - RIP2(B, C, D, E, A, X15, 6, KR3); - RIP2(A, B, C, D, E, X0, 14, KR3); - RIP2(E, A, B, C, D, X5, 6, KR3); - RIP2(D, E, A, B, C, X12, 9, KR3); - RIP2(C, D, E, A, B, X2, 12, KR3); - RIP2(B, C, D, E, A, X13, 9, KR3); - RIP2(A, B, C, D, E, X9, 12, KR3); - RIP2(E, A, B, C, D, X7, 5, KR3); - RIP2(D, E, A, B, C, X10, 15, KR3); - RIP2(C, D, E, A, B, X14, 8, KR3); - - RIP1(B, C, D, E, A, X12, 8); - RIP1(A, B, C, D, E, X15, 5); - RIP1(E, A, B, C, D, X10, 12); - RIP1(D, E, A, B, C, X4, 9); - RIP1(C, D, E, A, B, X1, 12); - RIP1(B, C, D, E, A, X5, 5); - RIP1(A, B, C, D, E, X8, 14); - RIP1(E, A, B, C, D, X7, 6); - RIP1(D, E, A, B, C, X6, 8); - RIP1(C, D, E, A, B, X2, 13); - RIP1(B, C, D, E, A, X13, 6); - RIP1(A, B, C, D, E, X14, 5); - RIP1(E, A, B, C, D, X0, 15); - RIP1(D, E, A, B, C, X3, 13); - RIP1(C, D, E, A, B, X9, 11); - RIP1(B, C, D, E, A, X11, 11); - - D = ctx->B + c + D; - ctx->B = ctx->C + d + E; - ctx->C = ctx->D + e + A; - ctx->D = ctx->E + a + B; - ctx->E = ctx->A + b + C; - ctx->A = D; - } -} - -int -RIPEMD160_Init(RIPEMD160_CTX *c) -{ - memset(c, 0, sizeof(*c)); - - c->A = 0x67452301UL; - c->B = 0xEFCDAB89UL; - c->C = 0x98BADCFEUL; - c->D = 0x10325476UL; - c->E = 0xC3D2E1F0UL; - - return 1; -} -LCRYPTO_ALIAS(RIPEMD160_Init); - -int -RIPEMD160_Update(RIPEMD160_CTX *c, const void *data_, size_t len) -{ - const unsigned char *data = data_; - unsigned char *p; - RIPEMD160_LONG l; - size_t n; - - if (len == 0) - return 1; - - l = (c->Nl + (((RIPEMD160_LONG)len) << 3))&0xffffffffUL; - /* 95-05-24 eay Fixed a bug with the overflow handling, thanks to - * Wei Dai for pointing it out. */ - if (l < c->Nl) /* overflow */ - c->Nh++; - c->Nh+=(RIPEMD160_LONG)(len>>29); /* might cause compiler warning on 16-bit */ - c->Nl = l; - - n = c->num; - if (n != 0) { - p = (unsigned char *)c->data; - - if (len >= RIPEMD160_CBLOCK || len + n >= RIPEMD160_CBLOCK) { - memcpy(p + n, data, RIPEMD160_CBLOCK - n); - ripemd160_block_data_order(c, p, 1); - n = RIPEMD160_CBLOCK - n; - data += n; - len -= n; - c->num = 0; - memset(p, 0, RIPEMD160_CBLOCK); /* keep it zeroed */ - } else { - memcpy(p + n, data, len); - c->num += (unsigned int)len; - return 1; - } - } - - n = len/RIPEMD160_CBLOCK; - if (n > 0) { - ripemd160_block_data_order(c, data, n); - n *= RIPEMD160_CBLOCK; - data += n; - len -= n; - } - - if (len != 0) { - p = (unsigned char *)c->data; - c->num = (unsigned int)len; - memcpy(p, data, len); - } - return 1; -} -LCRYPTO_ALIAS(RIPEMD160_Update); - -void -RIPEMD160_Transform(RIPEMD160_CTX *c, const unsigned char *data) -{ - ripemd160_block_data_order(c, data, 1); -} -LCRYPTO_ALIAS(RIPEMD160_Transform); - -int -RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c) -{ - unsigned char *p = (unsigned char *)c->data; - size_t n = c->num; - - p[n] = 0x80; /* there is always room for one */ - n++; - - if (n > (RIPEMD160_CBLOCK - 8)) { - memset(p + n, 0, RIPEMD160_CBLOCK - n); - n = 0; - ripemd160_block_data_order(c, p, 1); - } - - memset(p + n, 0, RIPEMD160_CBLOCK - 8 - n); - c->data[RIPEMD160_LBLOCK - 2] = htole32(c->Nl); - c->data[RIPEMD160_LBLOCK - 1] = htole32(c->Nh); - - ripemd160_block_data_order(c, p, 1); - c->num = 0; - memset(p, 0, RIPEMD160_CBLOCK); - - crypto_store_htole32(&md[0 * 4], c->A); - crypto_store_htole32(&md[1 * 4], c->B); - crypto_store_htole32(&md[2 * 4], c->C); - crypto_store_htole32(&md[3 * 4], c->D); - crypto_store_htole32(&md[4 * 4], c->E); - - return 1; -} -LCRYPTO_ALIAS(RIPEMD160_Final); - -unsigned char * -RIPEMD160(const unsigned char *d, size_t n, unsigned char *md) -{ - RIPEMD160_CTX c; - - if (!RIPEMD160_Init(&c)) - return NULL; - RIPEMD160_Update(&c, d, n); - RIPEMD160_Final(md, &c); - explicit_bzero(&c, sizeof(c)); - return (md); -} -LCRYPTO_ALIAS(RIPEMD160); diff --git a/src/lib/libcrypto/ripemd/ripemd.h b/src/lib/libcrypto/ripemd/ripemd.h deleted file mode 100644 index c7b1bd79b9..0000000000 --- a/src/lib/libcrypto/ripemd/ripemd.h +++ /dev/null @@ -1,107 +0,0 @@ -/* $OpenBSD: ripemd.h,v 1.20 2025/01/25 17:59:44 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#ifndef HEADER_RIPEMD_H -#define HEADER_RIPEMD_H - -#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__OpenBSD__) -#define __bounded__(x, y, z) -#endif - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#if defined(__LP32__) -#define RIPEMD160_LONG unsigned long -#elif defined(__ILP64__) -#define RIPEMD160_LONG unsigned long -#define RIPEMD160_LONG_LOG2 3 -#else -#define RIPEMD160_LONG unsigned int -#endif - -#define RIPEMD160_CBLOCK 64 -#define RIPEMD160_LBLOCK (RIPEMD160_CBLOCK/4) -#define RIPEMD160_DIGEST_LENGTH 20 - -typedef struct RIPEMD160state_st { - RIPEMD160_LONG A, B,C, D, E; - RIPEMD160_LONG Nl, Nh; - RIPEMD160_LONG data[RIPEMD160_LBLOCK]; - unsigned int num; -} RIPEMD160_CTX; - -int RIPEMD160_Init(RIPEMD160_CTX *c); -int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len) - __attribute__ ((__bounded__(__buffer__, 2, 3))); -int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c); -unsigned char *RIPEMD160(const unsigned char *d, size_t n, - unsigned char *md) - __attribute__ ((__bounded__(__buffer__, 1, 2))) - __attribute__ ((__nonnull__(3))); -void RIPEMD160_Transform(RIPEMD160_CTX *c, const unsigned char *b); -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/rsa/rsa.h b/src/lib/libcrypto/rsa/rsa.h deleted file mode 100644 index 5620128998..0000000000 --- a/src/lib/libcrypto/rsa/rsa.h +++ /dev/null @@ -1,603 +0,0 @@ -/* $OpenBSD: rsa.h,v 1.67 2025/01/25 17:59:44 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_RSA_H -#define HEADER_RSA_H - -#include - -#include - -#ifndef OPENSSL_NO_BIO -#include -#endif -#include -#include - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -struct rsa_pss_params_st { - X509_ALGOR *hashAlgorithm; - X509_ALGOR *maskGenAlgorithm; - ASN1_INTEGER *saltLength; - ASN1_INTEGER *trailerField; - - /* Hash algorithm decoded from maskGenAlgorithm. */ - X509_ALGOR *maskHash; -} /* RSA_PSS_PARAMS */; - -typedef struct rsa_oaep_params_st { - X509_ALGOR *hashFunc; - X509_ALGOR *maskGenFunc; - X509_ALGOR *pSourceFunc; - - /* Hash algorithm decoded from maskGenFunc. */ - X509_ALGOR *maskHash; -} RSA_OAEP_PARAMS; - -#ifndef OPENSSL_RSA_MAX_MODULUS_BITS -# define OPENSSL_RSA_MAX_MODULUS_BITS 16384 -#endif - -#ifndef OPENSSL_RSA_SMALL_MODULUS_BITS -# define OPENSSL_RSA_SMALL_MODULUS_BITS 3072 -#endif -#ifndef OPENSSL_RSA_MAX_PUBEXP_BITS -# define OPENSSL_RSA_MAX_PUBEXP_BITS 64 /* exponent limit enforced for "large" modulus only */ -#endif - -#define RSA_3 0x3L -#define RSA_F4 0x10001L - -/* Don't check pub/private match. */ -#define RSA_METHOD_FLAG_NO_CHECK 0x0001 - -#define RSA_FLAG_CACHE_PUBLIC 0x0002 -#define RSA_FLAG_CACHE_PRIVATE 0x0004 -#define RSA_FLAG_BLINDING 0x0008 -#define RSA_FLAG_THREAD_SAFE 0x0010 - -/* - * This flag means the private key operations will be handled by rsa_mod_exp - * and that they do not depend on the private key components being present: - * for example a key stored in external hardware. Without this flag bn_mod_exp - * gets called when private key components are absent. - */ -#define RSA_FLAG_EXT_PKEY 0x0020 - -/* - * This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify functions. - */ -#define RSA_FLAG_SIGN_VER 0x0040 - -/* - * The built-in RSA implementation uses blinding by default, but other engines - * might not need it. - */ -#define RSA_FLAG_NO_BLINDING 0x0080 - -/* Salt length matches digest */ -#define RSA_PSS_SALTLEN_DIGEST -1 -/* Verify only: auto detect salt length */ -#define RSA_PSS_SALTLEN_AUTO -2 -/* Set salt length to maximum possible */ -#define RSA_PSS_SALTLEN_MAX -3 - -#define EVP_PKEY_CTX_set_rsa_padding(ctx, pad) \ - RSA_pkey_ctx_ctrl(ctx, -1, EVP_PKEY_CTRL_RSA_PADDING, pad, NULL) - -#define EVP_PKEY_CTX_get_rsa_padding(ctx, ppad) \ - RSA_pkey_ctx_ctrl(ctx, -1, EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad) - -#define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \ - RSA_pkey_ctx_ctrl(ctx, (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \ - EVP_PKEY_CTRL_RSA_PSS_SALTLEN, len, NULL) - -#define EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen(ctx, len) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_KEYGEN, \ - EVP_PKEY_CTRL_RSA_PSS_SALTLEN, len, NULL) - -#define EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, plen) \ - RSA_pkey_ctx_ctrl(ctx, (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \ - EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, 0, plen) - -#define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \ - RSA_pkey_ctx_ctrl(ctx, EVP_PKEY_OP_KEYGEN, \ - EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL) - -#define EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, pubexp) \ - RSA_pkey_ctx_ctrl(ctx, EVP_PKEY_OP_KEYGEN, \ - EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp) - -#define EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md) \ - RSA_pkey_ctx_ctrl(ctx, EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, \ - EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)(md)) - -#define EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md(ctx, md) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_KEYGEN, \ - EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)(md)) - -#define EVP_PKEY_CTX_set_rsa_oaep_md(ctx, md) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \ - EVP_PKEY_CTRL_RSA_OAEP_MD, 0, (void *)(md)) - -#define EVP_PKEY_CTX_get_rsa_mgf1_md(ctx, pmd) \ - RSA_pkey_ctx_ctrl(ctx, EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, \ - EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, (void *)(pmd)) - -#define EVP_PKEY_CTX_get_rsa_oaep_md(ctx, pmd) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \ - EVP_PKEY_CTRL_GET_RSA_OAEP_MD, 0, (void *)(pmd)) - -#define EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, l, llen) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \ - EVP_PKEY_CTRL_RSA_OAEP_LABEL, llen, (void *)(l)) - -#define EVP_PKEY_CTX_get0_rsa_oaep_label(ctx, l) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \ - EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL, 0, (void *)(l)) - -#define EVP_PKEY_CTX_set_rsa_pss_keygen_md(ctx, md) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA_PSS, \ - EVP_PKEY_OP_KEYGEN, EVP_PKEY_CTRL_MD, 0, (void *)(md)) - -#define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1) -#define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2) - -#define EVP_PKEY_CTRL_RSA_KEYGEN_BITS (EVP_PKEY_ALG_CTRL + 3) -#define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4) -#define EVP_PKEY_CTRL_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 5) - -#define EVP_PKEY_CTRL_GET_RSA_PADDING (EVP_PKEY_ALG_CTRL + 6) -#define EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 7) -#define EVP_PKEY_CTRL_GET_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 8) - -#define EVP_PKEY_CTRL_RSA_OAEP_MD (EVP_PKEY_ALG_CTRL + 9) -#define EVP_PKEY_CTRL_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 10) - -#define EVP_PKEY_CTRL_GET_RSA_OAEP_MD (EVP_PKEY_ALG_CTRL + 11) -#define EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 12) - -#define RSA_PKCS1_PADDING 1 -#define RSA_SSLV23_PADDING 2 -#define RSA_NO_PADDING 3 -#define RSA_PKCS1_OAEP_PADDING 4 -/* rust-openssl and erlang expose this and salt even uses it. */ -#define RSA_X931_PADDING 5 -/* EVP_PKEY_ only */ -#define RSA_PKCS1_PSS_PADDING 6 - -#define RSA_PKCS1_PADDING_SIZE 11 - -#define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,arg) -#define RSA_get_app_data(s) RSA_get_ex_data(s,0) - -RSA *RSA_new(void); -RSA *RSA_new_method(ENGINE *engine); -int RSA_bits(const RSA *rsa); -int RSA_size(const RSA *rsa); - -/* - * Wrapped in OPENSSL_NO_DEPRECATED in 0.9.8. Still used for libressl bindings - * in rust-openssl. - */ -RSA *RSA_generate_key(int bits, unsigned long e, - void (*callback)(int, int, void *), void *cb_arg); - -/* New version */ -int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); - -int RSA_check_key(const RSA *); -/* next 4 return -1 on error */ -int RSA_public_encrypt(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding); -int RSA_private_encrypt(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding); -int RSA_public_decrypt(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding); -int RSA_private_decrypt(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding); -void RSA_free(RSA *r); -/* "up" the RSA object's reference count */ -int RSA_up_ref(RSA *r); - -int RSA_flags(const RSA *r); - -void RSA_set_default_method(const RSA_METHOD *meth); -const RSA_METHOD *RSA_get_default_method(void); -const RSA_METHOD *RSA_get_method(const RSA *rsa); -int RSA_set_method(RSA *rsa, const RSA_METHOD *meth); - -const RSA_METHOD *RSA_PKCS1_OpenSSL(void); -const RSA_METHOD *RSA_PKCS1_SSLeay(void); - -int RSA_pkey_ctx_ctrl(EVP_PKEY_CTX *ctx, int optype, int cmd, int p1, void *p2); - -RSA *d2i_RSAPublicKey(RSA **a, const unsigned char **in, long len); -int i2d_RSAPublicKey(const RSA *a, unsigned char **out); -extern const ASN1_ITEM RSAPublicKey_it; -RSA *d2i_RSAPrivateKey(RSA **a, const unsigned char **in, long len); -int i2d_RSAPrivateKey(const RSA *a, unsigned char **out); -extern const ASN1_ITEM RSAPrivateKey_it; - -RSA_PSS_PARAMS *RSA_PSS_PARAMS_new(void); -void RSA_PSS_PARAMS_free(RSA_PSS_PARAMS *a); -RSA_PSS_PARAMS *d2i_RSA_PSS_PARAMS(RSA_PSS_PARAMS **a, const unsigned char **in, long len); -int i2d_RSA_PSS_PARAMS(RSA_PSS_PARAMS *a, unsigned char **out); -extern const ASN1_ITEM RSA_PSS_PARAMS_it; - -RSA_OAEP_PARAMS *RSA_OAEP_PARAMS_new(void); -void RSA_OAEP_PARAMS_free(RSA_OAEP_PARAMS *a); -RSA_OAEP_PARAMS *d2i_RSA_OAEP_PARAMS(RSA_OAEP_PARAMS **a, const unsigned char **in, long len); -int i2d_RSA_OAEP_PARAMS(RSA_OAEP_PARAMS *a, unsigned char **out); -extern const ASN1_ITEM RSA_OAEP_PARAMS_it; - -int RSA_print_fp(FILE *fp, const RSA *r, int offset); - -#ifndef OPENSSL_NO_BIO -int RSA_print(BIO *bp, const RSA *r, int offset); -#endif - -/* The following 2 functions sign and verify a X509_SIG ASN1 object - * inside PKCS#1 padded RSA encryption */ -int RSA_sign(int type, const unsigned char *m, unsigned int m_length, - unsigned char *sigret, unsigned int *siglen, RSA *rsa); -int RSA_verify(int type, const unsigned char *m, unsigned int m_length, - const unsigned char *sigbuf, unsigned int siglen, RSA *rsa); - -/* The following 2 function sign and verify a ASN1_OCTET_STRING - * object inside PKCS#1 padded RSA encryption */ -int RSA_sign_ASN1_OCTET_STRING(int type, const unsigned char *m, - unsigned int m_length, unsigned char *sigret, unsigned int *siglen, - RSA *rsa); -int RSA_verify_ASN1_OCTET_STRING(int type, const unsigned char *m, - unsigned int m_length, unsigned char *sigbuf, unsigned int siglen, - RSA *rsa); - -int RSA_blinding_on(RSA *rsa, BN_CTX *ctx); -void RSA_blinding_off(RSA *rsa); - -int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen, - const unsigned char *f, int fl); -int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen, - const unsigned char *f, int fl, int rsa_len); -int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen, - const unsigned char *f, int fl); -int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, - const unsigned char *f, int fl, int rsa_len); -int PKCS1_MGF1(unsigned char *mask, long len, - const unsigned char *seed, long seedlen, const EVP_MD *dgst); -int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, - const unsigned char *f, int fl, - const unsigned char *p, int pl); -int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, - const unsigned char *f, int fl, int rsa_len, - const unsigned char *p, int pl); -int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, - const unsigned char *from, int flen, const unsigned char *param, int plen, - const EVP_MD *md, const EVP_MD *mgf1md); -int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, - const unsigned char *from, int flen, int num, const unsigned char *param, - int plen, const EVP_MD *md, const EVP_MD *mgf1md); -int RSA_padding_add_none(unsigned char *to, int tlen, - const unsigned char *f, int fl); -int RSA_padding_check_none(unsigned char *to, int tlen, - const unsigned char *f, int fl, int rsa_len); - -int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash, - const EVP_MD *Hash, const unsigned char *EM, int sLen); -int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM, - const unsigned char *mHash, const EVP_MD *Hash, int sLen); - -int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash, - const EVP_MD *Hash, const EVP_MD *mgf1Hash, const unsigned char *EM, - int sLen); - -int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, - const unsigned char *mHash, const EVP_MD *Hash, const EVP_MD *mgf1Hash, - int sLen); - -int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int RSA_set_ex_data(RSA *r, int idx, void *arg); -void *RSA_get_ex_data(const RSA *r, int idx); - -int RSA_security_bits(const RSA *rsa); - -void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, - const BIGNUM **d); -int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d); -void RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1, - const BIGNUM **iqmp); -int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp); -void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q); -int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q); -const BIGNUM *RSA_get0_n(const RSA *r); -const BIGNUM *RSA_get0_e(const RSA *r); -const BIGNUM *RSA_get0_d(const RSA *r); -const BIGNUM *RSA_get0_p(const RSA *r); -const BIGNUM *RSA_get0_q(const RSA *r); -const BIGNUM *RSA_get0_dmp1(const RSA *r); -const BIGNUM *RSA_get0_dmq1(const RSA *r); -const BIGNUM *RSA_get0_iqmp(const RSA *r); -const RSA_PSS_PARAMS *RSA_get0_pss_params(const RSA *r); -void RSA_clear_flags(RSA *r, int flags); -int RSA_test_flags(const RSA *r, int flags); -void RSA_set_flags(RSA *r, int flags); - -RSA *RSAPublicKey_dup(RSA *rsa); -RSA *RSAPrivateKey_dup(RSA *rsa); - -/* If this flag is set the RSA method is FIPS compliant and can be used - * in FIPS mode. This is set in the validated module method. If an - * application sets this flag in its own methods it is its responsibility - * to ensure the result is compliant. - */ - -#define RSA_FLAG_FIPS_METHOD 0x0400 - -/* If this flag is set the operations normally disabled in FIPS mode are - * permitted it is then the applications responsibility to ensure that the - * usage is compliant. - */ - -#define RSA_FLAG_NON_FIPS_ALLOW 0x0400 -/* Application has decided PRNG is good enough to generate a key: don't - * check. - */ -#define RSA_FLAG_CHECKED 0x0800 - -RSA_METHOD *RSA_meth_new(const char *name, int flags); -void RSA_meth_free(RSA_METHOD *meth); -RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth); -int RSA_meth_set1_name(RSA_METHOD *meth, const char *name); -int RSA_meth_set_priv_enc(RSA_METHOD *meth, int (*priv_enc)(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding)); -int RSA_meth_set_priv_dec(RSA_METHOD *meth, int (*priv_dec)(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding)); -int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa); -int RSA_meth_set_finish(RSA_METHOD *meth, int (*finish)(RSA *rsa)); -int RSA_meth_set_pub_enc(RSA_METHOD *meth, int (*pub_enc)(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding)); -int RSA_meth_set_pub_dec(RSA_METHOD *meth, int (*pub_dec)(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding)); -int RSA_meth_set_mod_exp(RSA_METHOD *meth, int (*mod_exp)(BIGNUM *r0, - const BIGNUM *i, RSA *rsa, BN_CTX *ctx)); -int RSA_meth_set_bn_mod_exp(RSA_METHOD *meth, int (*bn_mod_exp)(BIGNUM *r, - const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx)); -int RSA_meth_set_init(RSA_METHOD *meth, int (*init)(RSA *rsa)); -int RSA_meth_set_keygen(RSA_METHOD *meth, int (*keygen)(RSA *rsa, int bits, - BIGNUM *e, BN_GENCB *cb)); -int RSA_meth_set_flags(RSA_METHOD *meth, int flags); -int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data); -const char *RSA_meth_get0_name(const RSA_METHOD *); -int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding); -int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding); -int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding); -int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding); -int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i, - RSA *rsa, BN_CTX *ctx); -int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, - const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); -int (*RSA_meth_get_init(const RSA_METHOD *meth))(RSA *rsa); -int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e, - BN_GENCB *cb); -int RSA_meth_get_flags(const RSA_METHOD *meth); -void *RSA_meth_get0_app_data(const RSA_METHOD *meth); -int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, - const unsigned char *m, unsigned int m_length, - unsigned char *sigret, unsigned int *siglen, - const RSA *rsa); -int RSA_meth_set_sign(RSA_METHOD *rsa, int (*sign)(int type, - const unsigned char *m, unsigned int m_length, unsigned char *sigret, - unsigned int *siglen, const RSA *rsa)); -int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, - const unsigned char *m, unsigned int m_length, const unsigned char *sigbuf, - unsigned int siglen, const RSA *rsa); -int RSA_meth_set_verify(RSA_METHOD *rsa, int (*verify)(int dtype, - const unsigned char *m, unsigned int m_length, const unsigned char *sigbuf, - unsigned int siglen, const RSA *rsa)); - - -void ERR_load_RSA_strings(void); - -/* Error codes for the RSA functions. */ - -/* Function codes. */ -#define RSA_F_CHECK_PADDING_MD 140 -#define RSA_F_DO_RSA_PRINT 146 -#define RSA_F_INT_RSA_VERIFY 145 -#define RSA_F_MEMORY_LOCK 100 -#define RSA_F_OLD_RSA_PRIV_DECODE 147 -#define RSA_F_PKEY_RSA_CTRL 143 -#define RSA_F_PKEY_RSA_CTRL_STR 144 -#define RSA_F_PKEY_RSA_SIGN 142 -#define RSA_F_PKEY_RSA_VERIFY 154 -#define RSA_F_PKEY_RSA_VERIFYRECOVER 141 -#define RSA_F_RSA_BUILTIN_KEYGEN 129 -#define RSA_F_RSA_CHECK_KEY 123 -#define RSA_F_RSA_EAY_MOD_EXP 157 -#define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101 -#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102 -#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103 -#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104 -#define RSA_F_RSA_GENERATE_KEY 105 -#define RSA_F_RSA_GENERATE_KEY_EX 155 -#define RSA_F_RSA_ITEM_VERIFY 156 -#define RSA_F_RSA_MEMORY_LOCK 130 -#define RSA_F_RSA_NEW_METHOD 106 -#define RSA_F_RSA_NULL 124 -#define RSA_F_RSA_NULL_MOD_EXP 131 -#define RSA_F_RSA_NULL_PRIVATE_DECRYPT 132 -#define RSA_F_RSA_NULL_PRIVATE_ENCRYPT 133 -#define RSA_F_RSA_NULL_PUBLIC_DECRYPT 134 -#define RSA_F_RSA_NULL_PUBLIC_ENCRYPT 135 -#define RSA_F_RSA_PADDING_ADD_NONE 107 -#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121 -#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125 -#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 148 -#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108 -#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109 -#define RSA_F_RSA_PADDING_ADD_X931 127 -#define RSA_F_RSA_PADDING_CHECK_NONE 111 -#define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 122 -#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112 -#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113 -#define RSA_F_RSA_PADDING_CHECK_X931 128 -#define RSA_F_RSA_PRINT 115 -#define RSA_F_RSA_PRINT_FP 116 -#define RSA_F_RSA_PRIVATE_DECRYPT 150 -#define RSA_F_RSA_PRIVATE_ENCRYPT 151 -#define RSA_F_RSA_PRIV_DECODE 137 -#define RSA_F_RSA_PRIV_ENCODE 138 -#define RSA_F_RSA_PUBLIC_DECRYPT 152 -#define RSA_F_RSA_PUBLIC_ENCRYPT 153 -#define RSA_F_RSA_PUB_DECODE 139 -#define RSA_F_RSA_SETUP_BLINDING 136 -#define RSA_F_RSA_SIGN 117 -#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118 -#define RSA_F_RSA_VERIFY 119 -#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120 -#define RSA_F_RSA_VERIFY_PKCS1_PSS 126 -#define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 149 - -/* Reason codes. */ -#define RSA_R_ALGORITHM_MISMATCH 100 -#define RSA_R_BAD_E_VALUE 101 -#define RSA_R_BAD_FIXED_HEADER_DECRYPT 102 -#define RSA_R_BAD_PAD_BYTE_COUNT 103 -#define RSA_R_BAD_SIGNATURE 104 -#define RSA_R_BLOCK_TYPE_IS_NOT_01 106 -#define RSA_R_BLOCK_TYPE_IS_NOT_02 107 -#define RSA_R_DATA_GREATER_THAN_MOD_LEN 108 -#define RSA_R_DATA_TOO_LARGE 109 -#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 110 -#define RSA_R_DATA_TOO_LARGE_FOR_MODULUS 132 -#define RSA_R_DATA_TOO_SMALL 111 -#define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE 122 -#define RSA_R_DIGEST_DOES_NOT_MATCH 158 -#define RSA_R_DIGEST_NOT_ALLOWED 145 -#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112 -#define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124 -#define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125 -#define RSA_R_D_E_NOT_CONGRUENT_TO_1 123 -#define RSA_R_FIRST_OCTET_INVALID 133 -#define RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE 144 -#define RSA_R_INVALID_DIGEST 157 -#define RSA_R_INVALID_DIGEST_LENGTH 143 -#define RSA_R_INVALID_HEADER 137 -#define RSA_R_INVALID_KEYBITS 145 -#define RSA_R_INVALID_LABEL 160 -#define RSA_R_INVALID_MESSAGE_LENGTH 131 -#define RSA_R_INVALID_MGF1_MD 156 -#define RSA_R_INVALID_OAEP_PARAMETERS 161 -#define RSA_R_INVALID_PADDING 138 -#define RSA_R_INVALID_PADDING_MODE 141 -#define RSA_R_INVALID_PSS_PARAMETERS 149 -#define RSA_R_INVALID_PSS_SALTLEN 146 -#define RSA_R_INVALID_SALT_LENGTH 150 -#define RSA_R_INVALID_TRAILER 139 -#define RSA_R_INVALID_X931_DIGEST 142 -#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126 -#define RSA_R_KEY_SIZE_TOO_SMALL 120 -#define RSA_R_LAST_OCTET_INVALID 134 -#define RSA_R_MODULUS_TOO_LARGE 105 -#define RSA_R_MGF1_DIGEST_NOT_ALLOWED 152 -#define RSA_R_NON_FIPS_RSA_METHOD 157 -#define RSA_R_NO_PUBLIC_EXPONENT 140 -#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 -#define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 -#define RSA_R_OAEP_DECODING_ERROR 121 -#define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 158 -#define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148 -#define RSA_R_PADDING_CHECK_FAILED 114 -#define RSA_R_PSS_SALTLEN_TOO_SMALL 164 -#define RSA_R_P_NOT_PRIME 128 -#define RSA_R_Q_NOT_PRIME 129 -#define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130 -#define RSA_R_SLEN_CHECK_FAILED 136 -#define RSA_R_SLEN_RECOVERY_FAILED 135 -#define RSA_R_SSLV3_ROLLBACK_ATTACK 115 -#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116 -#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117 -#define RSA_R_UNKNOWN_DIGEST 166 -#define RSA_R_UNKNOWN_MASK_DIGEST 151 -#define RSA_R_UNKNOWN_PADDING_TYPE 118 -#define RSA_R_UNKNOWN_PSS_DIGEST 152 -#define RSA_R_UNSUPPORTED_ENCRYPTION_TYPE 162 -#define RSA_R_UNSUPPORTED_LABEL_SOURCE 163 -#define RSA_R_UNSUPPORTED_MASK_ALGORITHM 153 -#define RSA_R_UNSUPPORTED_MASK_PARAMETER 154 -#define RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155 -#define RSA_R_VALUE_MISSING 147 -#define RSA_R_WRONG_SIGNATURE_LENGTH 119 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/rsa/rsa_ameth.c b/src/lib/libcrypto/rsa/rsa_ameth.c deleted file mode 100644 index 5a87522289..0000000000 --- a/src/lib/libcrypto/rsa/rsa_ameth.c +++ /dev/null @@ -1,1275 +0,0 @@ -/* $OpenBSD: rsa_ameth.c,v 1.62 2024/11/02 07:11:14 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2006. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include - -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "asn1_local.h" -#include "bn_local.h" -#include "evp_local.h" -#include "rsa_local.h" -#include "x509_local.h" - -#ifndef OPENSSL_NO_CMS -static int rsa_cms_sign(CMS_SignerInfo *si); -static int rsa_cms_verify(CMS_SignerInfo *si); -static int rsa_cms_decrypt(CMS_RecipientInfo *ri); -static int rsa_cms_encrypt(CMS_RecipientInfo *ri); -#endif - -static RSA_PSS_PARAMS *rsa_pss_decode(const X509_ALGOR *alg); - -static int rsa_alg_set_pkcs1_padding(X509_ALGOR *alg); - -/* Set any parameters associated with pkey */ -static int -rsa_param_encode(const EVP_PKEY *pkey, ASN1_STRING **pstr, int *pstrtype) -{ - const RSA *rsa = pkey->pkey.rsa; - - *pstr = NULL; - - /* If RSA it's just NULL type */ - if (pkey->ameth->pkey_id != EVP_PKEY_RSA_PSS) { - *pstrtype = V_ASN1_NULL; - return 1; - } - - /* If no PSS parameters we omit parameters entirely */ - if (rsa->pss == NULL) { - *pstrtype = V_ASN1_UNDEF; - return 1; - } - - /* Encode PSS parameters */ - if (ASN1_item_pack(rsa->pss, &RSA_PSS_PARAMS_it, pstr) == NULL) - return 0; - - *pstrtype = V_ASN1_SEQUENCE; - return 1; -} - -/* Decode any parameters and set them in RSA structure */ -static int -rsa_param_decode(RSA *rsa, const X509_ALGOR *alg) -{ - const ASN1_OBJECT *algoid; - const void *algp; - int algptype; - - X509_ALGOR_get0(&algoid, &algptype, &algp, alg); - if (OBJ_obj2nid(algoid) != EVP_PKEY_RSA_PSS) - return 1; - if (algptype == V_ASN1_UNDEF) - return 1; - if (algptype != V_ASN1_SEQUENCE) { - RSAerror(RSA_R_INVALID_PSS_PARAMETERS); - return 0; - } - rsa->pss = rsa_pss_decode(alg); - if (rsa->pss == NULL) - return 0; - return 1; -} - -static int -rsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) -{ - ASN1_STRING *str = NULL; - int strtype; - unsigned char *penc = NULL; - int penclen = 0; - ASN1_OBJECT *aobj; - - if (!rsa_param_encode(pkey, &str, &strtype)) - goto err; - if ((penclen = i2d_RSAPublicKey(pkey->pkey.rsa, &penc)) <= 0) { - penclen = 0; - goto err; - } - if ((aobj = OBJ_nid2obj(pkey->ameth->pkey_id)) == NULL) - goto err; - if (!X509_PUBKEY_set0_param(pk, aobj, strtype, str, penc, penclen)) - goto err; - - return 1; - - err: - ASN1_STRING_free(str); - freezero(penc, penclen); - - return 0; -} - -static int -rsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) -{ - const unsigned char *p; - int pklen; - X509_ALGOR *alg; - RSA *rsa = NULL; - - if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &alg, pubkey)) - return 0; - if ((rsa = d2i_RSAPublicKey(NULL, &p, pklen)) == NULL) { - RSAerror(ERR_R_RSA_LIB); - return 0; - } - if (!rsa_param_decode(rsa, alg)) { - RSA_free(rsa); - return 0; - } - if (!EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, rsa)) { - RSA_free(rsa); - return 0; - } - return 1; -} - -static int -rsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) -{ - if (BN_cmp(b->pkey.rsa->n, a->pkey.rsa->n) != 0 || - BN_cmp(b->pkey.rsa->e, a->pkey.rsa->e) != 0) - return 0; - - return 1; -} - -static int -old_rsa_priv_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen) -{ - RSA *rsa; - int ret = 0; - - if ((rsa = d2i_RSAPrivateKey(NULL, pder, derlen)) == NULL) { - RSAerror(ERR_R_RSA_LIB); - goto err; - } - if (!EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, rsa)) - goto err; - rsa = NULL; - - ret = 1; - - err: - RSA_free(rsa); - - return ret; -} - -static int -old_rsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder) -{ - return i2d_RSAPrivateKey(pkey->pkey.rsa, pder); -} - -static int -rsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) -{ - ASN1_STRING *str = NULL; - ASN1_OBJECT *aobj; - int strtype; - unsigned char *rk = NULL; - int rklen = 0; - - if (!rsa_param_encode(pkey, &str, &strtype)) - goto err; - if ((rklen = i2d_RSAPrivateKey(pkey->pkey.rsa, &rk)) <= 0) { - RSAerror(ERR_R_MALLOC_FAILURE); - rklen = 0; - goto err; - } - if ((aobj = OBJ_nid2obj(pkey->ameth->pkey_id)) == NULL) - goto err; - if (!PKCS8_pkey_set0(p8, aobj, 0, strtype, str, rk, rklen)) { - RSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - return 1; - - err: - ASN1_STRING_free(str); - freezero(rk, rklen); - - return 0; -} - -static int -rsa_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8) -{ - const unsigned char *p; - RSA *rsa = NULL; - int pklen; - const X509_ALGOR *alg; - int ret = 0; - - if (!PKCS8_pkey_get0(NULL, &p, &pklen, &alg, p8)) - goto err; - if ((rsa = d2i_RSAPrivateKey(NULL, &p, pklen)) == NULL) - goto err; - if (!rsa_param_decode(rsa, alg)) - goto err; - if (!EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, rsa)) - goto err; - rsa = NULL; - - ret = 1; - - err: - RSA_free(rsa); - - return ret; -} - -static int -rsa_size(const EVP_PKEY *pkey) -{ - return RSA_size(pkey->pkey.rsa); -} - -static int -rsa_bits(const EVP_PKEY *pkey) -{ - return BN_num_bits(pkey->pkey.rsa->n); -} - -static int -rsa_security_bits(const EVP_PKEY *pkey) -{ - return RSA_security_bits(pkey->pkey.rsa); -} - -static void -rsa_free(EVP_PKEY *pkey) -{ - RSA_free(pkey->pkey.rsa); -} - -static X509_ALGOR * -rsa_mgf1_decode(X509_ALGOR *alg) -{ - if (OBJ_obj2nid(alg->algorithm) != NID_mgf1) - return NULL; - - return ASN1_TYPE_unpack_sequence(&X509_ALGOR_it, alg->parameter); -} - -static RSA_PSS_PARAMS * -rsa_pss_decode(const X509_ALGOR *alg) -{ - RSA_PSS_PARAMS *pss; - - pss = ASN1_TYPE_unpack_sequence(&RSA_PSS_PARAMS_it, alg->parameter); - if (pss == NULL) - return NULL; - - if (pss->maskGenAlgorithm != NULL) { - pss->maskHash = rsa_mgf1_decode(pss->maskGenAlgorithm); - if (pss->maskHash == NULL) { - RSA_PSS_PARAMS_free(pss); - return NULL; - } - } - - return pss; -} - -static int -rsa_pss_param_print(BIO *bp, int pss_key, RSA_PSS_PARAMS *pss, int indent) -{ - int rv = 0; - X509_ALGOR *maskHash = NULL; - - if (!BIO_indent(bp, indent, 128)) - goto err; - if (pss_key) { - if (pss == NULL) { - if (BIO_puts(bp, "No PSS parameter restrictions\n") <= 0) - return 0; - return 1; - } else { - if (BIO_puts(bp, "PSS parameter restrictions:") <= 0) - return 0; - } - } else if (pss == NULL) { - if (BIO_puts(bp,"(INVALID PSS PARAMETERS)\n") <= 0) - return 0; - return 1; - } - if (BIO_puts(bp, "\n") <= 0) - goto err; - if (pss_key) - indent += 2; - if (!BIO_indent(bp, indent, 128)) - goto err; - if (BIO_puts(bp, "Hash Algorithm: ") <= 0) - goto err; - - if (pss->hashAlgorithm) { - if (i2a_ASN1_OBJECT(bp, pss->hashAlgorithm->algorithm) <= 0) - goto err; - } else if (BIO_puts(bp, "sha1 (default)") <= 0) { - goto err; - } - - if (BIO_puts(bp, "\n") <= 0) - goto err; - - if (!BIO_indent(bp, indent, 128)) - goto err; - - if (BIO_puts(bp, "Mask Algorithm: ") <= 0) - goto err; - if (pss->maskGenAlgorithm) { - if (i2a_ASN1_OBJECT(bp, pss->maskGenAlgorithm->algorithm) <= 0) - goto err; - if (BIO_puts(bp, " with ") <= 0) - goto err; - maskHash = rsa_mgf1_decode(pss->maskGenAlgorithm); - if (maskHash != NULL) { - if (i2a_ASN1_OBJECT(bp, maskHash->algorithm) <= 0) - goto err; - } else if (BIO_puts(bp, "INVALID") <= 0) { - goto err; - } - } else if (BIO_puts(bp, "mgf1 with sha1 (default)") <= 0) { - goto err; - } - BIO_puts(bp, "\n"); - - if (!BIO_indent(bp, indent, 128)) - goto err; - if (BIO_printf(bp, "%s Salt Length: 0x", pss_key ? "Minimum" : "") <= 0) - goto err; - if (pss->saltLength) { - if (i2a_ASN1_INTEGER(bp, pss->saltLength) <= 0) - goto err; - } else if (BIO_puts(bp, "14 (default)") <= 0) { - goto err; - } - BIO_puts(bp, "\n"); - - if (!BIO_indent(bp, indent, 128)) - goto err; - if (BIO_puts(bp, "Trailer Field: 0x") <= 0) - goto err; - if (pss->trailerField) { - if (i2a_ASN1_INTEGER(bp, pss->trailerField) <= 0) - goto err; - } else if (BIO_puts(bp, "BC (default)") <= 0) { - goto err; - } - BIO_puts(bp, "\n"); - - rv = 1; - - err: - X509_ALGOR_free(maskHash); - return rv; - -} - -static int -pkey_rsa_print(BIO *bp, const EVP_PKEY *pkey, int off, int priv) -{ - const RSA *x = pkey->pkey.rsa; - char *str; - const char *s; - int ret = 0, mod_len = 0; - - if (x->n != NULL) - mod_len = BN_num_bits(x->n); - - if (!BIO_indent(bp, off, 128)) - goto err; - - if (BIO_printf(bp, "%s ", - pkey->ameth->pkey_id == EVP_PKEY_RSA_PSS ? "RSA-PSS" : "RSA") <= 0) - goto err; - - if (priv && x->d != NULL) { - if (BIO_printf(bp, "Private-Key: (%d bit)\n", mod_len) <= 0) - goto err; - str = "modulus:"; - s = "publicExponent:"; - } else { - if (BIO_printf(bp, "Public-Key: (%d bit)\n", mod_len) <= 0) - goto err; - str = "Modulus:"; - s = "Exponent:"; - } - if (!bn_printf(bp, x->n, off, "%s", str)) - goto err; - if (!bn_printf(bp, x->e, off, "%s", s)) - goto err; - if (priv) { - if (!bn_printf(bp, x->d, off, "privateExponent:")) - goto err; - if (!bn_printf(bp, x->p, off, "prime1:")) - goto err; - if (!bn_printf(bp, x->q, off, "prime2:")) - goto err; - if (!bn_printf(bp, x->dmp1, off, "exponent1:")) - goto err; - if (!bn_printf(bp, x->dmq1, off, "exponent2:")) - goto err; - if (!bn_printf(bp, x->iqmp, off, "coefficient:")) - goto err; - } - if (pkey->ameth->pkey_id == EVP_PKEY_RSA_PSS && - !rsa_pss_param_print(bp, 1, x->pss, off)) - goto err; - ret = 1; - err: - return ret; -} - -static int -rsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx) -{ - return pkey_rsa_print(bp, pkey, indent, 0); -} - -static int -rsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx) -{ - return pkey_rsa_print(bp, pkey, indent, 1); -} - -static int -rsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, const ASN1_STRING *sig, - int indent, ASN1_PCTX *pctx) -{ - if (OBJ_obj2nid(sigalg->algorithm) == EVP_PKEY_RSA_PSS) { - int rv; - RSA_PSS_PARAMS *pss = rsa_pss_decode(sigalg); - - rv = rsa_pss_param_print(bp, 0, pss, indent); - RSA_PSS_PARAMS_free(pss); - if (!rv) - return 0; - } else if (!sig && BIO_puts(bp, "\n") <= 0) { - return 0; - } - if (sig) - return X509_signature_dump(bp, sig, indent); - return 1; -} - -static int -rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) -{ - X509_ALGOR *alg = NULL; - const EVP_MD *md; - const EVP_MD *mgf1md; - int min_saltlen; - - switch (op) { - case ASN1_PKEY_CTRL_PKCS7_SIGN: - if (arg1 == 0) - PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, NULL, &alg); - break; - - case ASN1_PKEY_CTRL_PKCS7_ENCRYPT: - if (pkey->ameth->pkey_id == EVP_PKEY_RSA_PSS) - return -2; - if (arg1 == 0) - PKCS7_RECIP_INFO_get0_alg(arg2, &alg); - break; -#ifndef OPENSSL_NO_CMS - case ASN1_PKEY_CTRL_CMS_SIGN: - if (arg1 == 0) - return rsa_cms_sign(arg2); - else if (arg1 == 1) - return rsa_cms_verify(arg2); - break; - - case ASN1_PKEY_CTRL_CMS_ENVELOPE: - if (pkey->ameth->pkey_id == EVP_PKEY_RSA_PSS) - return -2; - if (arg1 == 0) - return rsa_cms_encrypt(arg2); - else if (arg1 == 1) - return rsa_cms_decrypt(arg2); - break; - - case ASN1_PKEY_CTRL_CMS_RI_TYPE: - if (pkey->ameth->pkey_id == EVP_PKEY_RSA_PSS) - return -2; - *(int *)arg2 = CMS_RECIPINFO_TRANS; - return 1; -#endif - - case ASN1_PKEY_CTRL_DEFAULT_MD_NID: - if (pkey->pkey.rsa->pss != NULL) { - if (!rsa_pss_get_param(pkey->pkey.rsa->pss, &md, &mgf1md, - &min_saltlen)) { - RSAerror(ERR_R_INTERNAL_ERROR); - return 0; - } - *(int *)arg2 = EVP_MD_type(md); - /* Return of 2 indicates this MD is mandatory */ - return 2; - } - *(int *)arg2 = NID_sha256; - return 1; - - default: - return -2; - } - - if (alg != NULL) - return rsa_alg_set_pkcs1_padding(alg); - - return 1; -} - -static int -rsa_md_to_algor(const EVP_MD *md, X509_ALGOR **out_alg) -{ - X509_ALGOR *alg = NULL; - int ret = 0; - - X509_ALGOR_free(*out_alg); - *out_alg = NULL; - - /* RFC 8017 - default hash is SHA-1 and hence omitted. */ - if (md == NULL || EVP_MD_type(md) == NID_sha1) - goto done; - - if ((alg = X509_ALGOR_new()) == NULL) - goto err; - /* - * XXX - This omits the parameters, whereas RFC 4055, section 2.1 - * explicitly states that an explicit ASN.1 NULL is required. - */ - if (!X509_ALGOR_set_evp_md(alg, md)) - goto err; - - done: - *out_alg = alg; - alg = NULL; - - ret = 1; - - err: - X509_ALGOR_free(alg); - - return ret; -} - -/* - * RFC 8017, A.2.1 and A.2.3 - encode maskGenAlgorithm for RSAES-OAEP - * and RSASSA-PSS. The default is mgfSHA1 and hence omitted. - */ -static int -rsa_mgf1md_to_maskGenAlgorithm(const EVP_MD *mgf1md, X509_ALGOR **out_alg) -{ - X509_ALGOR *alg = NULL; - X509_ALGOR *inner_alg = NULL; - ASN1_STRING *astr = NULL; - int ret = 0; - - X509_ALGOR_free(*out_alg); - *out_alg = NULL; - - if (mgf1md == NULL || EVP_MD_type(mgf1md) == NID_sha1) - goto done; - - if ((inner_alg = X509_ALGOR_new()) == NULL) - goto err; - /* - * XXX - This omits the parameters, whereas RFC 4055, section 2.1 - * explicitly states that an explicit ASN.1 NULL is required. - */ - if (!X509_ALGOR_set_evp_md(inner_alg, mgf1md)) - goto err; - if ((astr = ASN1_item_pack(inner_alg, &X509_ALGOR_it, NULL)) == NULL) - goto err; - - if ((alg = X509_ALGOR_new()) == NULL) - goto err; - if (!X509_ALGOR_set0_by_nid(alg, NID_mgf1, V_ASN1_SEQUENCE, astr)) - goto err; - astr = NULL; - - done: - *out_alg = alg; - alg = NULL; - - ret = 1; - - err: - X509_ALGOR_free(alg); - X509_ALGOR_free(inner_alg); - ASN1_STRING_free(astr); - - return ret; -} - -/* Convert algorithm ID to EVP_MD, defaults to SHA1. */ -static const EVP_MD * -rsa_algor_to_md(X509_ALGOR *alg) -{ - const EVP_MD *md; - - if (!alg) - return EVP_sha1(); - md = EVP_get_digestbyobj(alg->algorithm); - if (md == NULL) - RSAerror(RSA_R_UNKNOWN_DIGEST); - return md; -} - -/* - * Convert EVP_PKEY_CTX in PSS mode into corresponding algorithm parameter, - * suitable for setting an AlgorithmIdentifier. - */ -static RSA_PSS_PARAMS * -rsa_ctx_to_pss(EVP_PKEY_CTX *pkey_ctx) -{ - const EVP_MD *sigmd, *mgf1md; - EVP_PKEY *pk = EVP_PKEY_CTX_get0_pkey(pkey_ctx); - int saltlen; - - if (EVP_PKEY_CTX_get_signature_md(pkey_ctx, &sigmd) <= 0) - return NULL; - if (EVP_PKEY_CTX_get_rsa_mgf1_md(pkey_ctx, &mgf1md) <= 0) - return NULL; - if (!EVP_PKEY_CTX_get_rsa_pss_saltlen(pkey_ctx, &saltlen)) - return NULL; - if (saltlen == -1) { - saltlen = EVP_MD_size(sigmd); - } else if (saltlen == -2 || saltlen == -3) { - saltlen = EVP_PKEY_size(pk) - EVP_MD_size(sigmd) - 2; - if ((EVP_PKEY_bits(pk) & 0x7) == 1) - saltlen--; - if (saltlen < 0) - return NULL; - } - - return rsa_pss_params_create(sigmd, mgf1md, saltlen); -} - -RSA_PSS_PARAMS * -rsa_pss_params_create(const EVP_MD *sigmd, const EVP_MD *mgf1md, int saltlen) -{ - RSA_PSS_PARAMS *pss = NULL; - - if (mgf1md == NULL) - mgf1md = sigmd; - - if ((pss = RSA_PSS_PARAMS_new()) == NULL) - goto err; - - if (!rsa_md_to_algor(sigmd, &pss->hashAlgorithm)) - goto err; - if (!rsa_mgf1md_to_maskGenAlgorithm(mgf1md, &pss->maskGenAlgorithm)) - goto err; - - /* Translate mgf1md to X509_ALGOR in decoded form for internal use. */ - if (!rsa_md_to_algor(mgf1md, &pss->maskHash)) - goto err; - - /* RFC 8017, A.2.3 - default saltLength is SHA_DIGEST_LENGTH. */ - if (saltlen != SHA_DIGEST_LENGTH) { - if ((pss->saltLength = ASN1_INTEGER_new()) == NULL) - goto err; - if (!ASN1_INTEGER_set(pss->saltLength, saltlen)) - goto err; - } - - return pss; - - err: - RSA_PSS_PARAMS_free(pss); - - return NULL; -} - -/* - * From PSS AlgorithmIdentifier set public key parameters. If pkey isn't NULL - * then the EVP_MD_CTX is setup and initialised. If it is NULL parameters are - * passed to pkey_ctx instead. - */ - -static int -rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkey_ctx, - X509_ALGOR *sigalg, EVP_PKEY *pkey) -{ - int rv = -1; - int saltlen; - const EVP_MD *mgf1md = NULL, *md = NULL; - RSA_PSS_PARAMS *pss; - - /* Sanity check: make sure it is PSS */ - if (OBJ_obj2nid(sigalg->algorithm) != EVP_PKEY_RSA_PSS) { - RSAerror(RSA_R_UNSUPPORTED_SIGNATURE_TYPE); - return -1; - } - /* Decode PSS parameters */ - pss = rsa_pss_decode(sigalg); - - if (!rsa_pss_get_param(pss, &md, &mgf1md, &saltlen)) { - RSAerror(RSA_R_INVALID_PSS_PARAMETERS); - goto err; - } - - /* We have all parameters now set up context */ - if (pkey) { - if (!EVP_DigestVerifyInit(ctx, &pkey_ctx, md, NULL, pkey)) - goto err; - } else { - const EVP_MD *checkmd; - if (EVP_PKEY_CTX_get_signature_md(pkey_ctx, &checkmd) <= 0) - goto err; - if (EVP_MD_type(md) != EVP_MD_type(checkmd)) { - RSAerror(RSA_R_DIGEST_DOES_NOT_MATCH); - goto err; - } - } - - if (EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING) <= 0) - goto err; - - if (EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, saltlen) <= 0) - goto err; - - if (EVP_PKEY_CTX_set_rsa_mgf1_md(pkey_ctx, mgf1md) <= 0) - goto err; - /* Carry on */ - rv = 1; - - err: - RSA_PSS_PARAMS_free(pss); - return rv; -} - -int -rsa_pss_get_param(const RSA_PSS_PARAMS *pss, const EVP_MD **pmd, - const EVP_MD **pmgf1md, int *psaltlen) -{ - if (pss == NULL) - return 0; - *pmd = rsa_algor_to_md(pss->hashAlgorithm); - if (*pmd == NULL) - return 0; - *pmgf1md = rsa_algor_to_md(pss->maskHash); - if (*pmgf1md == NULL) - return 0; - if (pss->saltLength) { - *psaltlen = ASN1_INTEGER_get(pss->saltLength); - if (*psaltlen < 0) { - RSAerror(RSA_R_INVALID_SALT_LENGTH); - return 0; - } - } else { - *psaltlen = 20; - } - - /* - * low-level routines support only trailer field 0xbc (value 1) and - * PKCS#1 says we should reject any other value anyway. - */ - if (pss->trailerField && ASN1_INTEGER_get(pss->trailerField) != 1) { - RSAerror(RSA_R_INVALID_TRAILER); - return 0; - } - - return 1; -} - -static int -rsa_pss_signature_info(const X509_ALGOR *alg, int *out_md_nid, - int *out_pkey_nid, int *out_security_bits, uint32_t *out_flags) -{ - RSA_PSS_PARAMS *pss = NULL; - const ASN1_OBJECT *aobj; - const EVP_MD *md, *mgf1md; - int md_len, salt_len; - int md_nid = NID_undef, pkey_nid = NID_undef; - int security_bits = -1; - uint32_t flags = 0; - - X509_ALGOR_get0(&aobj, NULL, NULL, alg); - if (OBJ_obj2nid(aobj) != EVP_PKEY_RSA_PSS) - goto err; - - if ((pss = rsa_pss_decode(alg)) == NULL) - goto err; - if (!rsa_pss_get_param(pss, &md, &mgf1md, &salt_len)) - goto err; - - if ((md_nid = EVP_MD_type(md)) == NID_undef) - goto err; - if ((md_len = EVP_MD_size(md)) <= 0) - goto err; - - /* - * RFC 8446, section 4.2.3 - restricts the digest algorithm: - * - it must be one of SHA256, SHA384, and SHA512; - * - the same digest must be used in the mask generation function; - * - the salt length must match the output length of the digest. - * XXX - consider separate flags for these checks. - */ - if (md_nid == NID_sha256 || md_nid == NID_sha384 || md_nid == NID_sha512) { - if (md_nid == EVP_MD_type(mgf1md) && salt_len == md_len) - flags |= X509_SIG_INFO_TLS; - } - - security_bits = md_len * 4; - flags |= X509_SIG_INFO_VALID; - - *out_md_nid = md_nid; - *out_pkey_nid = pkey_nid; - *out_security_bits = security_bits; - *out_flags = flags; - - err: - RSA_PSS_PARAMS_free(pss); - - return (flags & X509_SIG_INFO_VALID) != 0; -} - -#ifndef OPENSSL_NO_CMS -static int -rsa_cms_verify(CMS_SignerInfo *si) -{ - int nid, nid2; - X509_ALGOR *alg; - EVP_PKEY_CTX *pkey_ctx = CMS_SignerInfo_get0_pkey_ctx(si); - - CMS_SignerInfo_get0_algs(si, NULL, NULL, NULL, &alg); - nid = OBJ_obj2nid(alg->algorithm); - if (nid == EVP_PKEY_RSA_PSS) - return rsa_pss_to_ctx(NULL, pkey_ctx, alg, NULL); - /* Only PSS allowed for PSS keys */ - if (pkey_ctx->pmeth->pkey_id == EVP_PKEY_RSA_PSS) { - RSAerror(RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE); - return 0; - } - if (nid == NID_rsaEncryption) - return 1; - /* Workaround for some implementation that use a signature OID */ - if (OBJ_find_sigid_algs(nid, NULL, &nid2)) { - if (nid2 == NID_rsaEncryption) - return 1; - } - return 0; -} -#endif - -/* - * Customised RSA item verification routine. This is called when a signature - * is encountered requiring special handling. We currently only handle PSS. - */ -static int -rsa_item_verify(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn, - X509_ALGOR *sigalg, ASN1_BIT_STRING *sig, EVP_PKEY *pkey) -{ - /* Sanity check: make sure it is PSS */ - if (OBJ_obj2nid(sigalg->algorithm) != EVP_PKEY_RSA_PSS) { - RSAerror(RSA_R_UNSUPPORTED_SIGNATURE_TYPE); - return -1; - } - if (rsa_pss_to_ctx(ctx, NULL, sigalg, pkey) > 0) { - /* Carry on */ - return 2; - } - return -1; -} - -static int -rsa_alg_set_pkcs1_padding(X509_ALGOR *alg) -{ - return X509_ALGOR_set0_by_nid(alg, NID_rsaEncryption, V_ASN1_NULL, NULL); -} - -static int -rsa_alg_set_pss_padding(X509_ALGOR *alg, EVP_PKEY_CTX *pkey_ctx) -{ - RSA_PSS_PARAMS *pss = NULL; - ASN1_STRING *astr = NULL; - int ret = 0; - - if (pkey_ctx == NULL) - goto err; - - if ((pss = rsa_ctx_to_pss(pkey_ctx)) == NULL) - goto err; - if ((astr = ASN1_item_pack(pss, &RSA_PSS_PARAMS_it, NULL)) == NULL) - goto err; - if (!X509_ALGOR_set0_by_nid(alg, EVP_PKEY_RSA_PSS, V_ASN1_SEQUENCE, astr)) - goto err; - astr = NULL; - - ret = 1; - - err: - ASN1_STRING_free(astr); - RSA_PSS_PARAMS_free(pss); - - return ret; -} - -#ifndef OPENSSL_NO_CMS -static int -rsa_alg_set_oaep_padding(X509_ALGOR *alg, EVP_PKEY_CTX *pkey_ctx) -{ - const EVP_MD *md, *mgf1md; - RSA_OAEP_PARAMS *oaep = NULL; - ASN1_STRING *astr = NULL; - ASN1_OCTET_STRING *ostr = NULL; - unsigned char *label; - int labellen; - int ret = 0; - - if (EVP_PKEY_CTX_get_rsa_oaep_md(pkey_ctx, &md) <= 0) - goto err; - if (EVP_PKEY_CTX_get_rsa_mgf1_md(pkey_ctx, &mgf1md) <= 0) - goto err; - labellen = EVP_PKEY_CTX_get0_rsa_oaep_label(pkey_ctx, &label); - if (labellen < 0) - goto err; - - if ((oaep = RSA_OAEP_PARAMS_new()) == NULL) - goto err; - - if (!rsa_md_to_algor(md, &oaep->hashFunc)) - goto err; - if (!rsa_mgf1md_to_maskGenAlgorithm(mgf1md, &oaep->maskGenFunc)) - goto err; - - /* XXX - why do we not set oaep->maskHash here? */ - - if (labellen > 0) { - if ((oaep->pSourceFunc = X509_ALGOR_new()) == NULL) - goto err; - if ((ostr = ASN1_OCTET_STRING_new()) == NULL) - goto err; - if (!ASN1_OCTET_STRING_set(ostr, label, labellen)) - goto err; - if (!X509_ALGOR_set0_by_nid(oaep->pSourceFunc, NID_pSpecified, - V_ASN1_OCTET_STRING, ostr)) - goto err; - ostr = NULL; - } - - if ((astr = ASN1_item_pack(oaep, &RSA_OAEP_PARAMS_it, NULL)) == NULL) - goto err; - if (!X509_ALGOR_set0_by_nid(alg, NID_rsaesOaep, V_ASN1_SEQUENCE, astr)) - goto err; - astr = NULL; - - ret = 1; - - err: - RSA_OAEP_PARAMS_free(oaep); - ASN1_STRING_free(astr); - ASN1_OCTET_STRING_free(ostr); - - return ret; -} - -static int -rsa_cms_sign(CMS_SignerInfo *si) -{ - EVP_PKEY_CTX *pkey_ctx; - X509_ALGOR *alg; - int pad_mode = RSA_PKCS1_PADDING; - - if ((pkey_ctx = CMS_SignerInfo_get0_pkey_ctx(si)) != NULL) { - if (EVP_PKEY_CTX_get_rsa_padding(pkey_ctx, &pad_mode) <= 0) - return 0; - } - - CMS_SignerInfo_get0_algs(si, NULL, NULL, NULL, &alg); - if (pad_mode == RSA_PKCS1_PADDING) - return rsa_alg_set_pkcs1_padding(alg); - if (pad_mode == RSA_PKCS1_PSS_PADDING) - return rsa_alg_set_pss_padding(alg, pkey_ctx); - - return 0; -} -#endif - -static int -rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn, - X509_ALGOR *alg1, X509_ALGOR *alg2, ASN1_BIT_STRING *sig) -{ - EVP_PKEY_CTX *pkey_ctx = ctx->pctx; - int pad_mode; - - if (EVP_PKEY_CTX_get_rsa_padding(pkey_ctx, &pad_mode) <= 0) - return 0; - if (pad_mode == RSA_PKCS1_PADDING) - return 2; - if (pad_mode == RSA_PKCS1_PSS_PADDING) { - if (!rsa_alg_set_pss_padding(alg1, pkey_ctx)) - return 0; - if (alg2 != NULL) { - if (!rsa_alg_set_pss_padding(alg2, pkey_ctx)) - return 0; - } - return 3; - } - return 2; -} - -#ifndef OPENSSL_NO_CMS -static RSA_OAEP_PARAMS * -rsa_oaep_decode(const X509_ALGOR *alg) -{ - RSA_OAEP_PARAMS *oaep; - - oaep = ASN1_TYPE_unpack_sequence(&RSA_OAEP_PARAMS_it, alg->parameter); - if (oaep == NULL) - return NULL; - - if (oaep->maskGenFunc != NULL) { - oaep->maskHash = rsa_mgf1_decode(oaep->maskGenFunc); - if (oaep->maskHash == NULL) { - RSA_OAEP_PARAMS_free(oaep); - return NULL; - } - } - return oaep; -} - -static int -rsa_cms_decrypt(CMS_RecipientInfo *ri) -{ - EVP_PKEY_CTX *pkctx; - X509_ALGOR *cmsalg; - int nid; - int rv = -1; - unsigned char *label = NULL; - int labellen = 0; - const EVP_MD *mgf1md = NULL, *md = NULL; - RSA_OAEP_PARAMS *oaep; - - pkctx = CMS_RecipientInfo_get0_pkey_ctx(ri); - if (pkctx == NULL) - return 0; - if (!CMS_RecipientInfo_ktri_get0_algs(ri, NULL, NULL, &cmsalg)) - return -1; - nid = OBJ_obj2nid(cmsalg->algorithm); - if (nid == NID_rsaEncryption) - return 1; - if (nid != NID_rsaesOaep) { - RSAerror(RSA_R_UNSUPPORTED_ENCRYPTION_TYPE); - return -1; - } - /* Decode OAEP parameters */ - oaep = rsa_oaep_decode(cmsalg); - - if (oaep == NULL) { - RSAerror(RSA_R_INVALID_OAEP_PARAMETERS); - goto err; - } - - mgf1md = rsa_algor_to_md(oaep->maskHash); - if (mgf1md == NULL) - goto err; - md = rsa_algor_to_md(oaep->hashFunc); - if (md == NULL) - goto err; - - if (oaep->pSourceFunc != NULL) { - X509_ALGOR *plab = oaep->pSourceFunc; - - if (OBJ_obj2nid(plab->algorithm) != NID_pSpecified) { - RSAerror(RSA_R_UNSUPPORTED_LABEL_SOURCE); - goto err; - } - if (plab->parameter->type != V_ASN1_OCTET_STRING) { - RSAerror(RSA_R_INVALID_LABEL); - goto err; - } - - label = plab->parameter->value.octet_string->data; - - /* Stop label being freed when OAEP parameters are freed */ - /* XXX - this leaks label on error... */ - plab->parameter->value.octet_string->data = NULL; - labellen = plab->parameter->value.octet_string->length; - } - - if (EVP_PKEY_CTX_set_rsa_padding(pkctx, RSA_PKCS1_OAEP_PADDING) <= 0) - goto err; - if (EVP_PKEY_CTX_set_rsa_oaep_md(pkctx, md) <= 0) - goto err; - if (EVP_PKEY_CTX_set_rsa_mgf1_md(pkctx, mgf1md) <= 0) - goto err; - if (EVP_PKEY_CTX_set0_rsa_oaep_label(pkctx, label, labellen) <= 0) - goto err; - - rv = 1; - - err: - RSA_OAEP_PARAMS_free(oaep); - return rv; -} - -static int -rsa_cms_encrypt(CMS_RecipientInfo *ri) -{ - X509_ALGOR *alg; - EVP_PKEY_CTX *pkey_ctx; - int pad_mode = RSA_PKCS1_PADDING; - - if ((pkey_ctx = CMS_RecipientInfo_get0_pkey_ctx(ri)) != NULL) { - if (EVP_PKEY_CTX_get_rsa_padding(pkey_ctx, &pad_mode) <= 0) - return 0; - } - - if (!CMS_RecipientInfo_ktri_get0_algs(ri, NULL, NULL, &alg)) - return 0; - if (pad_mode == RSA_PKCS1_PADDING) - return rsa_alg_set_pkcs1_padding(alg); - if (pad_mode == RSA_PKCS1_OAEP_PADDING) - return rsa_alg_set_oaep_padding(alg, pkey_ctx); - - return 0; -} -#endif - -const EVP_PKEY_ASN1_METHOD rsa_asn1_meth = { - .base_method = &rsa_asn1_meth, - .pkey_id = EVP_PKEY_RSA, - .pkey_flags = ASN1_PKEY_SIGPARAM_NULL, - - .pem_str = "RSA", - .info = "OpenSSL RSA method", - - .pub_decode = rsa_pub_decode, - .pub_encode = rsa_pub_encode, - .pub_cmp = rsa_pub_cmp, - .pub_print = rsa_pub_print, - - .priv_decode = rsa_priv_decode, - .priv_encode = rsa_priv_encode, - .priv_print = rsa_priv_print, - - .pkey_size = rsa_size, - .pkey_bits = rsa_bits, - .pkey_security_bits = rsa_security_bits, - - .sig_print = rsa_sig_print, - - .pkey_free = rsa_free, - .pkey_ctrl = rsa_pkey_ctrl, - .old_priv_decode = old_rsa_priv_decode, - .old_priv_encode = old_rsa_priv_encode, - .item_verify = rsa_item_verify, - .item_sign = rsa_item_sign, -}; - -const EVP_PKEY_ASN1_METHOD rsa2_asn1_meth = { - .base_method = &rsa_asn1_meth, - .pkey_id = EVP_PKEY_RSA2, - .pkey_flags = ASN1_PKEY_ALIAS, -}; - -const EVP_PKEY_ASN1_METHOD rsa_pss_asn1_meth = { - .base_method = &rsa_pss_asn1_meth, - .pkey_id = EVP_PKEY_RSA_PSS, - .pkey_flags = ASN1_PKEY_SIGPARAM_NULL, - - .pem_str = "RSA-PSS", - .info = "OpenSSL RSA-PSS method", - - .pub_decode = rsa_pub_decode, - .pub_encode = rsa_pub_encode, - .pub_cmp = rsa_pub_cmp, - .pub_print = rsa_pub_print, - - .priv_decode = rsa_priv_decode, - .priv_encode = rsa_priv_encode, - .priv_print = rsa_priv_print, - - .pkey_size = rsa_size, - .pkey_bits = rsa_bits, - .pkey_security_bits = rsa_security_bits, - - .signature_info = rsa_pss_signature_info, - - .sig_print = rsa_sig_print, - - .pkey_free = rsa_free, - .pkey_ctrl = rsa_pkey_ctrl, - .item_verify = rsa_item_verify, - .item_sign = rsa_item_sign -}; diff --git a/src/lib/libcrypto/rsa/rsa_asn1.c b/src/lib/libcrypto/rsa/rsa_asn1.c deleted file mode 100644 index 1526e07931..0000000000 --- a/src/lib/libcrypto/rsa/rsa_asn1.c +++ /dev/null @@ -1,426 +0,0 @@ -/* $OpenBSD: rsa_asn1.c,v 1.18 2024/07/08 17:10:18 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include -#include - -#include "rsa_local.h" - -/* Override the default free and new methods */ -static int -rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) -{ - if (operation == ASN1_OP_NEW_PRE) { - *pval = (ASN1_VALUE *)RSA_new(); - if (*pval) - return 2; - return 0; - } else if (operation == ASN1_OP_FREE_PRE) { - RSA_free((RSA *)*pval); - *pval = NULL; - return 2; - } - return 1; -} - -static const ASN1_AUX RSAPrivateKey_aux = { - .app_data = NULL, - .flags = 0, - .ref_offset = 0, - .ref_lock = 0, - .asn1_cb = rsa_cb, - .enc_offset = 0, -}; -static const ASN1_TEMPLATE RSAPrivateKey_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(RSA, version), - .field_name = "version", - .item = &LONG_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(RSA, n), - .field_name = "n", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(RSA, e), - .field_name = "e", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(RSA, d), - .field_name = "d", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(RSA, p), - .field_name = "p", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(RSA, q), - .field_name = "q", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(RSA, dmp1), - .field_name = "dmp1", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(RSA, dmq1), - .field_name = "dmq1", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(RSA, iqmp), - .field_name = "iqmp", - .item = &BIGNUM_it, - }, -}; - -const ASN1_ITEM RSAPrivateKey_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = RSAPrivateKey_seq_tt, - .tcount = sizeof(RSAPrivateKey_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &RSAPrivateKey_aux, - .size = sizeof(RSA), - .sname = "RSA", -}; -LCRYPTO_ALIAS(RSAPrivateKey_it); - - -static const ASN1_AUX RSAPublicKey_aux = { - .app_data = NULL, - .flags = 0, - .ref_offset = 0, - .ref_lock = 0, - .asn1_cb = rsa_cb, - .enc_offset = 0, -}; -static const ASN1_TEMPLATE RSAPublicKey_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(RSA, n), - .field_name = "n", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(RSA, e), - .field_name = "e", - .item = &BIGNUM_it, - }, -}; - -const ASN1_ITEM RSAPublicKey_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = RSAPublicKey_seq_tt, - .tcount = sizeof(RSAPublicKey_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &RSAPublicKey_aux, - .size = sizeof(RSA), - .sname = "RSA", -}; -LCRYPTO_ALIAS(RSAPublicKey_it); - -static int -rsa_pss_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) -{ - /* Free up maskHash */ - if (operation == ASN1_OP_FREE_PRE) { - RSA_PSS_PARAMS *pss = (RSA_PSS_PARAMS *)*pval; - X509_ALGOR_free(pss->maskHash); - } - return 1; -} - -static const ASN1_AUX RSA_PSS_PARAMS_aux = { - .app_data = NULL, - .flags = 0, - .ref_offset = 0, - .ref_lock = 0, - .asn1_cb = rsa_pss_cb, - .enc_offset = 0, -}; - -static const ASN1_TEMPLATE RSA_PSS_PARAMS_seq_tt[] = { - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(RSA_PSS_PARAMS, hashAlgorithm), - .field_name = "hashAlgorithm", - .item = &X509_ALGOR_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(RSA_PSS_PARAMS, maskGenAlgorithm), - .field_name = "maskGenAlgorithm", - .item = &X509_ALGOR_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 2, - .offset = offsetof(RSA_PSS_PARAMS, saltLength), - .field_name = "saltLength", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 3, - .offset = offsetof(RSA_PSS_PARAMS, trailerField), - .field_name = "trailerField", - .item = &ASN1_INTEGER_it, - }, -}; - -const ASN1_ITEM RSA_PSS_PARAMS_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = RSA_PSS_PARAMS_seq_tt, - .tcount = sizeof(RSA_PSS_PARAMS_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &RSA_PSS_PARAMS_aux, - .size = sizeof(RSA_PSS_PARAMS), - .sname = "RSA_PSS_PARAMS", -}; -LCRYPTO_ALIAS(RSA_PSS_PARAMS_it); - -RSA_PSS_PARAMS * -d2i_RSA_PSS_PARAMS(RSA_PSS_PARAMS **a, const unsigned char **in, long len) -{ - return (RSA_PSS_PARAMS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &RSA_PSS_PARAMS_it); -} -LCRYPTO_ALIAS(d2i_RSA_PSS_PARAMS); - -int -i2d_RSA_PSS_PARAMS(RSA_PSS_PARAMS *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &RSA_PSS_PARAMS_it); -} -LCRYPTO_ALIAS(i2d_RSA_PSS_PARAMS); - -RSA_PSS_PARAMS * -RSA_PSS_PARAMS_new(void) -{ - return (RSA_PSS_PARAMS *)ASN1_item_new(&RSA_PSS_PARAMS_it); -} -LCRYPTO_ALIAS(RSA_PSS_PARAMS_new); - -void -RSA_PSS_PARAMS_free(RSA_PSS_PARAMS *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &RSA_PSS_PARAMS_it); -} -LCRYPTO_ALIAS(RSA_PSS_PARAMS_free); - -static int -rsa_oaep_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) -{ - /* Free up maskHash */ - if (operation == ASN1_OP_FREE_PRE) { - RSA_OAEP_PARAMS *oaep = (RSA_OAEP_PARAMS *)*pval; - X509_ALGOR_free(oaep->maskHash); - } - return 1; -} - -static const ASN1_AUX RSA_OAEP_PARAMS_aux = { - .app_data = NULL, - .flags = 0, - .ref_offset = 0, - .ref_lock = 0, - .asn1_cb = rsa_oaep_cb, - .enc_offset = 0, -}; - -static const ASN1_TEMPLATE RSA_OAEP_PARAMS_seq_tt[] = { - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(RSA_OAEP_PARAMS, hashFunc), - .field_name = "hashFunc", - .item = &X509_ALGOR_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(RSA_OAEP_PARAMS, maskGenFunc), - .field_name = "maskGenFunc", - .item = &X509_ALGOR_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 2, - .offset = offsetof(RSA_OAEP_PARAMS, pSourceFunc), - .field_name = "pSourceFunc", - .item = &X509_ALGOR_it, - }, -}; - -const ASN1_ITEM RSA_OAEP_PARAMS_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = RSA_OAEP_PARAMS_seq_tt, - .tcount = sizeof(RSA_OAEP_PARAMS_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &RSA_OAEP_PARAMS_aux, - .size = sizeof(RSA_OAEP_PARAMS), - .sname = "RSA_OAEP_PARAMS", -}; -LCRYPTO_ALIAS(RSA_OAEP_PARAMS_it); - - -RSA_OAEP_PARAMS * -d2i_RSA_OAEP_PARAMS(RSA_OAEP_PARAMS **a, const unsigned char **in, long len) -{ - return (RSA_OAEP_PARAMS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &RSA_OAEP_PARAMS_it); -} -LCRYPTO_ALIAS(d2i_RSA_OAEP_PARAMS); - -int -i2d_RSA_OAEP_PARAMS(RSA_OAEP_PARAMS *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &RSA_OAEP_PARAMS_it); -} -LCRYPTO_ALIAS(i2d_RSA_OAEP_PARAMS); - -RSA_OAEP_PARAMS * -RSA_OAEP_PARAMS_new(void) -{ - return (RSA_OAEP_PARAMS *)ASN1_item_new(&RSA_OAEP_PARAMS_it); -} -LCRYPTO_ALIAS(RSA_OAEP_PARAMS_new); - -void -RSA_OAEP_PARAMS_free(RSA_OAEP_PARAMS *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &RSA_OAEP_PARAMS_it); -} -LCRYPTO_ALIAS(RSA_OAEP_PARAMS_free); - -RSA * -d2i_RSAPrivateKey(RSA **a, const unsigned char **in, long len) -{ - return (RSA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &RSAPrivateKey_it); -} -LCRYPTO_ALIAS(d2i_RSAPrivateKey); - -int -i2d_RSAPrivateKey(const RSA *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &RSAPrivateKey_it); -} -LCRYPTO_ALIAS(i2d_RSAPrivateKey); - - -RSA * -d2i_RSAPublicKey(RSA **a, const unsigned char **in, long len) -{ - return (RSA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &RSAPublicKey_it); -} -LCRYPTO_ALIAS(d2i_RSAPublicKey); - -int -i2d_RSAPublicKey(const RSA *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &RSAPublicKey_it); -} -LCRYPTO_ALIAS(i2d_RSAPublicKey); - -RSA * -RSAPublicKey_dup(RSA *rsa) -{ - return ASN1_item_dup(&RSAPublicKey_it, rsa); -} -LCRYPTO_ALIAS(RSAPublicKey_dup); - -RSA * -RSAPrivateKey_dup(RSA *rsa) -{ - return ASN1_item_dup(&RSAPrivateKey_it, rsa); -} -LCRYPTO_ALIAS(RSAPrivateKey_dup); diff --git a/src/lib/libcrypto/rsa/rsa_blinding.c b/src/lib/libcrypto/rsa/rsa_blinding.c deleted file mode 100644 index cac5bd91d2..0000000000 --- a/src/lib/libcrypto/rsa/rsa_blinding.c +++ /dev/null @@ -1,361 +0,0 @@ -/* $OpenBSD: rsa_blinding.c,v 1.3 2023/08/09 12:09:06 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include - -#include -#include - -#include "bn_local.h" -#include "rsa_local.h" - -#define BN_BLINDING_COUNTER 32 - -struct bn_blinding_st { - BIGNUM *A; - BIGNUM *Ai; - BIGNUM *e; - BIGNUM *mod; - pthread_t tid; - int counter; - BN_MONT_CTX *m_ctx; - int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); -}; - -BN_BLINDING * -BN_BLINDING_new(const BIGNUM *e, const BIGNUM *mod, BN_CTX *ctx, - int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx), BN_MONT_CTX *m_ctx) -{ - BN_BLINDING *ret = NULL; - - if ((ret = calloc(1, sizeof(BN_BLINDING))) == NULL) { - BNerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if ((ret->A = BN_new()) == NULL) - goto err; - if ((ret->Ai = BN_new()) == NULL) - goto err; - if ((ret->e = BN_dup(e)) == NULL) - goto err; - if ((ret->mod = BN_dup(mod)) == NULL) - goto err; - if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0) - BN_set_flags(ret->mod, BN_FLG_CONSTTIME); - - /* Update on first use. */ - ret->counter = BN_BLINDING_COUNTER - 1; - ret->tid = pthread_self(); - - if (bn_mod_exp != NULL) - ret->bn_mod_exp = bn_mod_exp; - if (m_ctx != NULL) - ret->m_ctx = m_ctx; - - return ret; - - err: - BN_BLINDING_free(ret); - - return NULL; -} - -void -BN_BLINDING_free(BN_BLINDING *r) -{ - if (r == NULL) - return; - - BN_free(r->A); - BN_free(r->Ai); - BN_free(r->e); - BN_free(r->mod); - free(r); -} - -static int -BN_BLINDING_setup(BN_BLINDING *b, BN_CTX *ctx) -{ - if (!bn_rand_interval(b->A, 1, b->mod)) - return 0; - if (BN_mod_inverse_ct(b->Ai, b->A, b->mod, ctx) == NULL) - return 0; - - if (b->bn_mod_exp != NULL && b->m_ctx != NULL) { - if (!b->bn_mod_exp(b->A, b->A, b->e, b->mod, ctx, b->m_ctx)) - return 0; - } else { - if (!BN_mod_exp_ct(b->A, b->A, b->e, b->mod, ctx)) - return 0; - } - - return 1; -} - -static int -BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx) -{ - int ret = 0; - - if (++b->counter >= BN_BLINDING_COUNTER) { - if (!BN_BLINDING_setup(b, ctx)) - goto err; - b->counter = 0; - } else { - if (!BN_mod_sqr(b->A, b->A, b->mod, ctx)) - goto err; - if (!BN_mod_sqr(b->Ai, b->Ai, b->mod, ctx)) - goto err; - } - - ret = 1; - - err: - return ret; -} - -int -BN_BLINDING_convert(BIGNUM *n, BIGNUM *inv, BN_BLINDING *b, BN_CTX *ctx) -{ - int ret = 0; - - if (!BN_BLINDING_update(b, ctx)) - goto err; - - if (inv != NULL) { - if (!bn_copy(inv, b->Ai)) - goto err; - } - - ret = BN_mod_mul(n, n, b->A, b->mod, ctx); - - err: - return ret; -} - -int -BN_BLINDING_invert(BIGNUM *n, const BIGNUM *inv, BN_BLINDING *b, BN_CTX *ctx) -{ - if (inv == NULL) - inv = b->Ai; - - return BN_mod_mul(n, n, inv, b->mod, ctx); -} - -int -BN_BLINDING_is_local(BN_BLINDING *b) -{ - return pthread_equal(pthread_self(), b->tid) != 0; -} - -static BIGNUM * -rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p, const BIGNUM *q, - BN_CTX *ctx) -{ - BIGNUM *ret = NULL, *r0, *r1, *r2; - - if (d == NULL || p == NULL || q == NULL) - return NULL; - - BN_CTX_start(ctx); - if ((r0 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((r1 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((r2 = BN_CTX_get(ctx)) == NULL) - goto err; - - if (!BN_sub(r1, p, BN_value_one())) - goto err; - if (!BN_sub(r2, q, BN_value_one())) - goto err; - if (!BN_mul(r0, r1, r2, ctx)) - goto err; - - ret = BN_mod_inverse_ct(NULL, d, r0, ctx); -err: - BN_CTX_end(ctx); - return ret; -} - -BN_BLINDING * -RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx) -{ - BIGNUM *e = NULL; - BIGNUM n; - BN_CTX *ctx = NULL; - BN_BLINDING *ret = NULL; - - if ((ctx = in_ctx) == NULL) - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - - BN_CTX_start(ctx); - - if ((e = rsa->e) == NULL) - e = rsa_get_public_exp(rsa->d, rsa->p, rsa->q, ctx); - if (e == NULL) { - RSAerror(RSA_R_NO_PUBLIC_EXPONENT); - goto err; - } - - BN_init(&n); - BN_with_flags(&n, rsa->n, BN_FLG_CONSTTIME); - - if ((ret = BN_BLINDING_new(e, &n, ctx, rsa->meth->bn_mod_exp, - rsa->_method_mod_n)) == NULL) { - RSAerror(ERR_R_BN_LIB); - goto err; - } - - err: - BN_CTX_end(ctx); - if (ctx != in_ctx) - BN_CTX_free(ctx); - if (e != rsa->e) - BN_free(e); - - return ret; -} - -void -RSA_blinding_off(RSA *rsa) -{ - BN_BLINDING_free(rsa->blinding); - rsa->blinding = NULL; - rsa->flags |= RSA_FLAG_NO_BLINDING; -} -LCRYPTO_ALIAS(RSA_blinding_off); - -int -RSA_blinding_on(RSA *rsa, BN_CTX *ctx) -{ - int ret = 0; - - if (rsa->blinding != NULL) - RSA_blinding_off(rsa); - - rsa->blinding = RSA_setup_blinding(rsa, ctx); - if (rsa->blinding == NULL) - goto err; - - rsa->flags &= ~RSA_FLAG_NO_BLINDING; - ret = 1; -err: - return (ret); -} -LCRYPTO_ALIAS(RSA_blinding_on); diff --git a/src/lib/libcrypto/rsa/rsa_chk.c b/src/lib/libcrypto/rsa/rsa_chk.c deleted file mode 100644 index b7666e0fed..0000000000 --- a/src/lib/libcrypto/rsa/rsa_chk.c +++ /dev/null @@ -1,223 +0,0 @@ -/* $OpenBSD: rsa_chk.c,v 1.18 2023/07/08 12:26:45 beck Exp $ */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include -#include - -#include "bn_local.h" -#include "rsa_local.h" - -int -RSA_check_key(const RSA *key) -{ - BIGNUM *i, *j, *k, *l, *m; - BN_CTX *ctx; - int r; - int ret = 1; - - if (!key->p || !key->q || !key->n || !key->e || !key->d) { - RSAerror(RSA_R_VALUE_MISSING); - return 0; - } - - i = BN_new(); - j = BN_new(); - k = BN_new(); - l = BN_new(); - m = BN_new(); - ctx = BN_CTX_new(); - if (i == NULL || j == NULL || k == NULL || l == NULL || m == NULL || - ctx == NULL) { - ret = -1; - RSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (BN_is_one(key->e)) { - ret = 0; - RSAerror(RSA_R_BAD_E_VALUE); - } - if (!BN_is_odd(key->e)) { - ret = 0; - RSAerror(RSA_R_BAD_E_VALUE); - } - - /* p prime? */ - r = BN_is_prime_ex(key->p, BN_prime_checks, NULL, NULL); - if (r != 1) { - ret = r; - if (r != 0) - goto err; - RSAerror(RSA_R_P_NOT_PRIME); - } - - /* q prime? */ - r = BN_is_prime_ex(key->q, BN_prime_checks, NULL, NULL); - if (r != 1) { - ret = r; - if (r != 0) - goto err; - RSAerror(RSA_R_Q_NOT_PRIME); - } - - /* n = p*q? */ - r = BN_mul(i, key->p, key->q, ctx); - if (!r) { - ret = -1; - goto err; - } - - if (BN_cmp(i, key->n) != 0) { - ret = 0; - RSAerror(RSA_R_N_DOES_NOT_EQUAL_P_Q); - } - - /* d*e = 1 mod lcm(p-1,q-1)? */ - - r = BN_sub(i, key->p, BN_value_one()); - if (!r) { - ret = -1; - goto err; - } - r = BN_sub(j, key->q, BN_value_one()); - if (!r) { - ret = -1; - goto err; - } - - /* now compute k = lcm(i,j) */ - r = BN_mul(l, i, j, ctx); - if (!r) { - ret = -1; - goto err; - } - r = BN_gcd_ct(m, i, j, ctx); - if (!r) { - ret = -1; - goto err; - } - r = BN_div_ct(k, NULL, l, m, ctx); /* remainder is 0 */ - if (!r) { - ret = -1; - goto err; - } - - r = BN_mod_mul(i, key->d, key->e, k, ctx); - if (!r) { - ret = -1; - goto err; - } - - if (!BN_is_one(i)) { - ret = 0; - RSAerror(RSA_R_D_E_NOT_CONGRUENT_TO_1); - } - - if (key->dmp1 != NULL && key->dmq1 != NULL && key->iqmp != NULL) { - /* dmp1 = d mod (p-1)? */ - r = BN_sub(i, key->p, BN_value_one()); - if (!r) { - ret = -1; - goto err; - } - - r = BN_mod_ct(j, key->d, i, ctx); - if (!r) { - ret = -1; - goto err; - } - - if (BN_cmp(j, key->dmp1) != 0) { - ret = 0; - RSAerror(RSA_R_DMP1_NOT_CONGRUENT_TO_D); - } - - /* dmq1 = d mod (q-1)? */ - r = BN_sub(i, key->q, BN_value_one()); - if (!r) { - ret = -1; - goto err; - } - - r = BN_mod_ct(j, key->d, i, ctx); - if (!r) { - ret = -1; - goto err; - } - - if (BN_cmp(j, key->dmq1) != 0) { - ret = 0; - RSAerror(RSA_R_DMQ1_NOT_CONGRUENT_TO_D); - } - - /* iqmp = q^-1 mod p? */ - if (BN_mod_inverse_ct(i, key->q, key->p, ctx) == NULL) { - ret = -1; - goto err; - } - - if (BN_cmp(i, key->iqmp) != 0) { - ret = 0; - RSAerror(RSA_R_IQMP_NOT_INVERSE_OF_Q); - } - } - -err: - BN_free(i); - BN_free(j); - BN_free(k); - BN_free(l); - BN_free(m); - BN_CTX_free(ctx); - - return (ret); -} -LCRYPTO_ALIAS(RSA_check_key); diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c deleted file mode 100644 index c2e1e22f9a..0000000000 --- a/src/lib/libcrypto/rsa/rsa_eay.c +++ /dev/null @@ -1,902 +0,0 @@ -/* $OpenBSD: rsa_eay.c,v 1.65 2023/08/09 12:09:06 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include - -#include -#include -#include - -#include "bn_local.h" -#include "rsa_local.h" - -static int -rsa_public_encrypt(int flen, const unsigned char *from, unsigned char *to, - RSA *rsa, int padding) -{ - BIGNUM *f, *ret; - int i, j, k, num = 0, r = -1; - unsigned char *buf = NULL; - BN_CTX *ctx = NULL; - - if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) { - RSAerror(RSA_R_MODULUS_TOO_LARGE); - return -1; - } - - if (BN_ucmp(rsa->n, rsa->e) <= 0) { - RSAerror(RSA_R_BAD_E_VALUE); - return -1; - } - - /* for large moduli, enforce exponent limit */ - if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS) { - if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) { - RSAerror(RSA_R_BAD_E_VALUE); - return -1; - } - } - - if ((ctx = BN_CTX_new()) == NULL) - goto err; - - BN_CTX_start(ctx); - f = BN_CTX_get(ctx); - ret = BN_CTX_get(ctx); - num = BN_num_bytes(rsa->n); - buf = malloc(num); - - if (f == NULL || ret == NULL || buf == NULL) { - RSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - switch (padding) { - case RSA_PKCS1_PADDING: - i = RSA_padding_add_PKCS1_type_2(buf, num, from, flen); - break; -#ifndef OPENSSL_NO_SHA - case RSA_PKCS1_OAEP_PADDING: - i = RSA_padding_add_PKCS1_OAEP(buf, num, from, flen, NULL, 0); - break; -#endif - case RSA_NO_PADDING: - i = RSA_padding_add_none(buf, num, from, flen); - break; - default: - RSAerror(RSA_R_UNKNOWN_PADDING_TYPE); - goto err; - } - if (i <= 0) - goto err; - - if (BN_bin2bn(buf, num, f) == NULL) - goto err; - - if (BN_ucmp(f, rsa->n) >= 0) { - /* usually the padding functions would catch this */ - RSAerror(RSA_R_DATA_TOO_LARGE_FOR_MODULUS); - goto err; - } - - if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) { - if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, - CRYPTO_LOCK_RSA, rsa->n, ctx)) - goto err; - } - - if (!rsa->meth->bn_mod_exp(ret, f, rsa->e, rsa->n, ctx, - rsa->_method_mod_n)) - goto err; - - /* put in leading 0 bytes if the number is less than the - * length of the modulus */ - j = BN_num_bytes(ret); - i = BN_bn2bin(ret, &(to[num - j])); - for (k = 0; k < num - i; k++) - to[k] = 0; - - r = num; -err: - if (ctx != NULL) { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - freezero(buf, num); - return r; -} - -static BN_BLINDING * -rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx) -{ - BN_BLINDING *ret; - int got_write_lock = 0; - - CRYPTO_r_lock(CRYPTO_LOCK_RSA); - - if (rsa->blinding == NULL) { - CRYPTO_r_unlock(CRYPTO_LOCK_RSA); - CRYPTO_w_lock(CRYPTO_LOCK_RSA); - got_write_lock = 1; - - if (rsa->blinding == NULL) - rsa->blinding = RSA_setup_blinding(rsa, ctx); - } - - if ((ret = rsa->blinding) == NULL) - goto err; - - /* - * We need a shared blinding. Accesses require locks and a copy of the - * blinding factor needs to be retained on use. - */ - if ((*local = BN_BLINDING_is_local(ret)) == 0) { - if (rsa->mt_blinding == NULL) { - if (!got_write_lock) { - CRYPTO_r_unlock(CRYPTO_LOCK_RSA); - CRYPTO_w_lock(CRYPTO_LOCK_RSA); - got_write_lock = 1; - } - - if (rsa->mt_blinding == NULL) - rsa->mt_blinding = RSA_setup_blinding(rsa, ctx); - } - ret = rsa->mt_blinding; - } - - err: - if (got_write_lock) - CRYPTO_w_unlock(CRYPTO_LOCK_RSA); - else - CRYPTO_r_unlock(CRYPTO_LOCK_RSA); - - return ret; -} - -static int -rsa_blinding_convert(BN_BLINDING *b, BIGNUM *f, BIGNUM *unblind, BN_CTX *ctx) -{ - if (unblind == NULL) - /* - * Local blinding: store the unblinding factor - * in BN_BLINDING. - */ - return BN_BLINDING_convert(f, NULL, b, ctx); - else { - /* - * Shared blinding: store the unblinding factor - * outside BN_BLINDING. - */ - int ret; - CRYPTO_w_lock(CRYPTO_LOCK_RSA_BLINDING); - ret = BN_BLINDING_convert(f, unblind, b, ctx); - CRYPTO_w_unlock(CRYPTO_LOCK_RSA_BLINDING); - return ret; - } -} - -static int -rsa_blinding_invert(BN_BLINDING *b, BIGNUM *f, BIGNUM *unblind, BN_CTX *ctx) -{ - /* - * For local blinding, unblind is set to NULL, and BN_BLINDING_invert() - * will use the unblinding factor stored in BN_BLINDING. - * If BN_BLINDING is shared between threads, unblind must be non-null: - * BN_BLINDING_invert() will then use the local unblinding factor, - * and will only read the modulus from BN_BLINDING. - * In both cases it's safe to access the blinding without a lock. - */ - return BN_BLINDING_invert(f, unblind, b, ctx); -} - -/* signing */ -static int -rsa_private_encrypt(int flen, const unsigned char *from, unsigned char *to, - RSA *rsa, int padding) -{ - BIGNUM *f, *ret, *res; - int i, j, k, num = 0, r = -1; - unsigned char *buf = NULL; - BN_CTX *ctx = NULL; - int local_blinding = 0; - /* - * Used only if the blinding structure is shared. A non-NULL unblind - * instructs rsa_blinding_convert() and rsa_blinding_invert() to store - * the unblinding factor outside the blinding structure. - */ - BIGNUM *unblind = NULL; - BN_BLINDING *blinding = NULL; - - if ((ctx = BN_CTX_new()) == NULL) - goto err; - - BN_CTX_start(ctx); - f = BN_CTX_get(ctx); - ret = BN_CTX_get(ctx); - num = BN_num_bytes(rsa->n); - buf = malloc(num); - - if (f == NULL || ret == NULL || buf == NULL) { - RSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - switch (padding) { - case RSA_PKCS1_PADDING: - i = RSA_padding_add_PKCS1_type_1(buf, num, from, flen); - break; - case RSA_X931_PADDING: - i = RSA_padding_add_X931(buf, num, from, flen); - break; - case RSA_NO_PADDING: - i = RSA_padding_add_none(buf, num, from, flen); - break; - default: - RSAerror(RSA_R_UNKNOWN_PADDING_TYPE); - goto err; - } - if (i <= 0) - goto err; - - if (BN_bin2bn(buf, num, f) == NULL) - goto err; - - if (BN_ucmp(f, rsa->n) >= 0) { - /* usually the padding functions would catch this */ - RSAerror(RSA_R_DATA_TOO_LARGE_FOR_MODULUS); - goto err; - } - - if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) { - if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, - CRYPTO_LOCK_RSA, rsa->n, ctx)) - goto err; - } - - if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) { - blinding = rsa_get_blinding(rsa, &local_blinding, ctx); - if (blinding == NULL) { - RSAerror(ERR_R_INTERNAL_ERROR); - goto err; - } - } - - if (blinding != NULL) { - if (!local_blinding && ((unblind = BN_CTX_get(ctx)) == NULL)) { - RSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if (!rsa_blinding_convert(blinding, f, unblind, ctx)) - goto err; - } - - if ((rsa->flags & RSA_FLAG_EXT_PKEY) || - (rsa->p != NULL && rsa->q != NULL && rsa->dmp1 != NULL && - rsa->dmq1 != NULL && rsa->iqmp != NULL)) { - if (!rsa->meth->rsa_mod_exp(ret, f, rsa, ctx)) - goto err; - } else { - BIGNUM d; - - BN_init(&d); - BN_with_flags(&d, rsa->d, BN_FLG_CONSTTIME); - - if (!rsa->meth->bn_mod_exp(ret, f, &d, rsa->n, ctx, - rsa->_method_mod_n)) { - goto err; - } - } - - if (blinding) - if (!rsa_blinding_invert(blinding, ret, unblind, ctx)) - goto err; - - if (padding == RSA_X931_PADDING) { - if (!BN_sub(f, rsa->n, ret)) - goto err; - if (BN_cmp(ret, f) > 0) - res = f; - else - res = ret; - } else - res = ret; - - /* put in leading 0 bytes if the number is less than the - * length of the modulus */ - j = BN_num_bytes(res); - i = BN_bn2bin(res, &(to[num - j])); - for (k = 0; k < num - i; k++) - to[k] = 0; - - r = num; -err: - if (ctx != NULL) { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - freezero(buf, num); - return r; -} - -static int -rsa_private_decrypt(int flen, const unsigned char *from, unsigned char *to, - RSA *rsa, int padding) -{ - BIGNUM *f, *ret; - int j, num = 0, r = -1; - unsigned char *p; - unsigned char *buf = NULL; - BN_CTX *ctx = NULL; - int local_blinding = 0; - /* - * Used only if the blinding structure is shared. A non-NULL unblind - * instructs rsa_blinding_convert() and rsa_blinding_invert() to store - * the unblinding factor outside the blinding structure. - */ - BIGNUM *unblind = NULL; - BN_BLINDING *blinding = NULL; - - if ((ctx = BN_CTX_new()) == NULL) - goto err; - - BN_CTX_start(ctx); - f = BN_CTX_get(ctx); - ret = BN_CTX_get(ctx); - num = BN_num_bytes(rsa->n); - buf = malloc(num); - - if (!f || !ret || !buf) { - RSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - /* This check was for equality but PGP does evil things - * and chops off the top '0' bytes */ - if (flen > num) { - RSAerror(RSA_R_DATA_GREATER_THAN_MOD_LEN); - goto err; - } - - /* make data into a big number */ - if (BN_bin2bn(from, (int)flen, f) == NULL) - goto err; - - if (BN_ucmp(f, rsa->n) >= 0) { - RSAerror(RSA_R_DATA_TOO_LARGE_FOR_MODULUS); - goto err; - } - - if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) { - if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, - CRYPTO_LOCK_RSA, rsa->n, ctx)) - goto err; - } - - if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) { - blinding = rsa_get_blinding(rsa, &local_blinding, ctx); - if (blinding == NULL) { - RSAerror(ERR_R_INTERNAL_ERROR); - goto err; - } - } - - if (blinding != NULL) { - if (!local_blinding && ((unblind = BN_CTX_get(ctx)) == NULL)) { - RSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if (!rsa_blinding_convert(blinding, f, unblind, ctx)) - goto err; - } - - /* do the decrypt */ - if ((rsa->flags & RSA_FLAG_EXT_PKEY) || - (rsa->p != NULL && rsa->q != NULL && rsa->dmp1 != NULL && - rsa->dmq1 != NULL && rsa->iqmp != NULL)) { - if (!rsa->meth->rsa_mod_exp(ret, f, rsa, ctx)) - goto err; - } else { - BIGNUM d; - - BN_init(&d); - BN_with_flags(&d, rsa->d, BN_FLG_CONSTTIME); - - if (!rsa->meth->bn_mod_exp(ret, f, &d, rsa->n, ctx, - rsa->_method_mod_n)) { - goto err; - } - } - - if (blinding) - if (!rsa_blinding_invert(blinding, ret, unblind, ctx)) - goto err; - - p = buf; - j = BN_bn2bin(ret, p); /* j is only used with no-padding mode */ - - switch (padding) { - case RSA_PKCS1_PADDING: - r = RSA_padding_check_PKCS1_type_2(to, num, buf, j, num); - break; -#ifndef OPENSSL_NO_SHA - case RSA_PKCS1_OAEP_PADDING: - r = RSA_padding_check_PKCS1_OAEP(to, num, buf, j, num, NULL, 0); - break; -#endif - case RSA_NO_PADDING: - r = RSA_padding_check_none(to, num, buf, j, num); - break; - default: - RSAerror(RSA_R_UNKNOWN_PADDING_TYPE); - goto err; - } - if (r < 0) - RSAerror(RSA_R_PADDING_CHECK_FAILED); - -err: - if (ctx != NULL) { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - freezero(buf, num); - return r; -} - -/* signature verification */ -static int -rsa_public_decrypt(int flen, const unsigned char *from, unsigned char *to, - RSA *rsa, int padding) -{ - BIGNUM *f, *ret; - int i, num = 0, r = -1; - unsigned char *p; - unsigned char *buf = NULL; - BN_CTX *ctx = NULL; - - if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) { - RSAerror(RSA_R_MODULUS_TOO_LARGE); - return -1; - } - - if (BN_ucmp(rsa->n, rsa->e) <= 0) { - RSAerror(RSA_R_BAD_E_VALUE); - return -1; - } - - /* for large moduli, enforce exponent limit */ - if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS) { - if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) { - RSAerror(RSA_R_BAD_E_VALUE); - return -1; - } - } - - if ((ctx = BN_CTX_new()) == NULL) - goto err; - - BN_CTX_start(ctx); - f = BN_CTX_get(ctx); - ret = BN_CTX_get(ctx); - num = BN_num_bytes(rsa->n); - buf = malloc(num); - - if (!f || !ret || !buf) { - RSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - /* This check was for equality but PGP does evil things - * and chops off the top '0' bytes */ - if (flen > num) { - RSAerror(RSA_R_DATA_GREATER_THAN_MOD_LEN); - goto err; - } - - if (BN_bin2bn(from, flen, f) == NULL) - goto err; - - if (BN_ucmp(f, rsa->n) >= 0) { - RSAerror(RSA_R_DATA_TOO_LARGE_FOR_MODULUS); - goto err; - } - - if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) { - if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, - CRYPTO_LOCK_RSA, rsa->n, ctx)) - goto err; - } - - if (!rsa->meth->bn_mod_exp(ret, f, rsa->e, rsa->n, ctx, - rsa->_method_mod_n)) - goto err; - - if (padding == RSA_X931_PADDING && (ret->d[0] & 0xf) != 12) - if (!BN_sub(ret, rsa->n, ret)) - goto err; - - p = buf; - i = BN_bn2bin(ret, p); - - switch (padding) { - case RSA_PKCS1_PADDING: - r = RSA_padding_check_PKCS1_type_1(to, num, buf, i, num); - break; - case RSA_X931_PADDING: - r = RSA_padding_check_X931(to, num, buf, i, num); - break; - case RSA_NO_PADDING: - r = RSA_padding_check_none(to, num, buf, i, num); - break; - default: - RSAerror(RSA_R_UNKNOWN_PADDING_TYPE); - goto err; - } - if (r < 0) - RSAerror(RSA_R_PADDING_CHECK_FAILED); - -err: - if (ctx != NULL) { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - freezero(buf, num); - return r; -} - -static int -rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) -{ - BIGNUM *r1, *m1, *vrfy; - BIGNUM dmp1, dmq1, c, pr1; - int ret = 0; - - BN_CTX_start(ctx); - r1 = BN_CTX_get(ctx); - m1 = BN_CTX_get(ctx); - vrfy = BN_CTX_get(ctx); - if (r1 == NULL || m1 == NULL || vrfy == NULL) { - RSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - { - BIGNUM p, q; - - /* - * Make sure BN_mod_inverse in Montgomery initialization uses the - * BN_FLG_CONSTTIME flag - */ - BN_init(&p); - BN_init(&q); - BN_with_flags(&p, rsa->p, BN_FLG_CONSTTIME); - BN_with_flags(&q, rsa->q, BN_FLG_CONSTTIME); - - if (rsa->flags & RSA_FLAG_CACHE_PRIVATE) { - if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_p, - CRYPTO_LOCK_RSA, &p, ctx) || - !BN_MONT_CTX_set_locked(&rsa->_method_mod_q, - CRYPTO_LOCK_RSA, &q, ctx)) { - goto err; - } - } - } - - if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) { - if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, - CRYPTO_LOCK_RSA, rsa->n, ctx)) - goto err; - } - - /* compute I mod q */ - BN_init(&c); - BN_with_flags(&c, I, BN_FLG_CONSTTIME); - - if (!BN_mod_ct(r1, &c, rsa->q, ctx)) - goto err; - - /* compute r1^dmq1 mod q */ - BN_init(&dmq1); - BN_with_flags(&dmq1, rsa->dmq1, BN_FLG_CONSTTIME); - - if (!rsa->meth->bn_mod_exp(m1, r1, &dmq1, rsa->q, ctx, - rsa->_method_mod_q)) - goto err; - - /* compute I mod p */ - BN_init(&c); - BN_with_flags(&c, I, BN_FLG_CONSTTIME); - - if (!BN_mod_ct(r1, &c, rsa->p, ctx)) - goto err; - - /* compute r1^dmp1 mod p */ - BN_init(&dmp1); - BN_with_flags(&dmp1, rsa->dmp1, BN_FLG_CONSTTIME); - - if (!rsa->meth->bn_mod_exp(r0, r1, &dmp1, rsa->p, ctx, - rsa->_method_mod_p)) - goto err; - - if (!BN_sub(r0, r0, m1)) - goto err; - - /* - * This will help stop the size of r0 increasing, which does - * affect the multiply if it optimised for a power of 2 size - */ - if (BN_is_negative(r0)) - if (!BN_add(r0, r0, rsa->p)) - goto err; - - if (!BN_mul(r1, r0, rsa->iqmp, ctx)) - goto err; - - /* Turn BN_FLG_CONSTTIME flag on before division operation */ - BN_init(&pr1); - BN_with_flags(&pr1, r1, BN_FLG_CONSTTIME); - - if (!BN_mod_ct(r0, &pr1, rsa->p, ctx)) - goto err; - - /* - * If p < q it is occasionally possible for the correction of - * adding 'p' if r0 is negative above to leave the result still - * negative. This can break the private key operations: the following - * second correction should *always* correct this rare occurrence. - * This will *never* happen with OpenSSL generated keys because - * they ensure p > q [steve] - */ - if (BN_is_negative(r0)) - if (!BN_add(r0, r0, rsa->p)) - goto err; - if (!BN_mul(r1, r0, rsa->q, ctx)) - goto err; - if (!BN_add(r0, r1, m1)) - goto err; - - if (rsa->e && rsa->n) { - if (!rsa->meth->bn_mod_exp(vrfy, r0, rsa->e, rsa->n, ctx, - rsa->_method_mod_n)) - goto err; - /* - * If 'I' was greater than (or equal to) rsa->n, the operation - * will be equivalent to using 'I mod n'. However, the result of - * the verify will *always* be less than 'n' so we don't check - * for absolute equality, just congruency. - */ - if (!BN_sub(vrfy, vrfy, I)) - goto err; - if (!BN_mod_ct(vrfy, vrfy, rsa->n, ctx)) - goto err; - if (BN_is_negative(vrfy)) - if (!BN_add(vrfy, vrfy, rsa->n)) - goto err; - if (!BN_is_zero(vrfy)) { - /* - * 'I' and 'vrfy' aren't congruent mod n. Don't leak - * miscalculated CRT output, just do a raw (slower) - * mod_exp and return that instead. - */ - BIGNUM d; - - BN_init(&d); - BN_with_flags(&d, rsa->d, BN_FLG_CONSTTIME); - - if (!rsa->meth->bn_mod_exp(r0, I, &d, rsa->n, ctx, - rsa->_method_mod_n)) { - goto err; - } - } - } - ret = 1; -err: - BN_CTX_end(ctx); - return ret; -} - -static int -rsa_init(RSA *rsa) -{ - rsa->flags |= RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE; - return 1; -} - -static int -rsa_finish(RSA *rsa) -{ - BN_MONT_CTX_free(rsa->_method_mod_n); - BN_MONT_CTX_free(rsa->_method_mod_p); - BN_MONT_CTX_free(rsa->_method_mod_q); - - return 1; -} - -static const RSA_METHOD rsa_pkcs1_meth = { - .name = "OpenSSL PKCS#1 RSA", - .rsa_pub_enc = rsa_public_encrypt, - .rsa_pub_dec = rsa_public_decrypt, /* signature verification */ - .rsa_priv_enc = rsa_private_encrypt, /* signing */ - .rsa_priv_dec = rsa_private_decrypt, - .rsa_mod_exp = rsa_mod_exp, - .bn_mod_exp = BN_mod_exp_mont_ct, /* XXX probably we should not use Montgomery if e == 3 */ - .init = rsa_init, - .finish = rsa_finish, -}; - -const RSA_METHOD * -RSA_PKCS1_OpenSSL(void) -{ - return &rsa_pkcs1_meth; -} -LCRYPTO_ALIAS(RSA_PKCS1_OpenSSL); - -const RSA_METHOD * -RSA_PKCS1_SSLeay(void) -{ - return RSA_PKCS1_OpenSSL(); -} -LCRYPTO_ALIAS(RSA_PKCS1_SSLeay); - -int -RSA_bits(const RSA *r) -{ - return BN_num_bits(r->n); -} -LCRYPTO_ALIAS(RSA_bits); - -int -RSA_size(const RSA *r) -{ - return BN_num_bytes(r->n); -} -LCRYPTO_ALIAS(RSA_size); - -int -RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, - RSA *rsa, int padding) -{ - return rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding); -} -LCRYPTO_ALIAS(RSA_public_encrypt); - -int -RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to, - RSA *rsa, int padding) -{ - return rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding); -} -LCRYPTO_ALIAS(RSA_private_encrypt); - -int -RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to, - RSA *rsa, int padding) -{ - return rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding); -} -LCRYPTO_ALIAS(RSA_private_decrypt); - -int -RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to, - RSA *rsa, int padding) -{ - return rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding); -} -LCRYPTO_ALIAS(RSA_public_decrypt); - -int -RSA_flags(const RSA *r) -{ - return r == NULL ? 0 : r->meth->flags; -} -LCRYPTO_ALIAS(RSA_flags); diff --git a/src/lib/libcrypto/rsa/rsa_err.c b/src/lib/libcrypto/rsa/rsa_err.c deleted file mode 100644 index 934a59f663..0000000000 --- a/src/lib/libcrypto/rsa/rsa_err.c +++ /dev/null @@ -1,160 +0,0 @@ -/* $OpenBSD: rsa_err.c,v 1.23 2024/06/24 06:43:22 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include - -#include "err_local.h" - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_RSA,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_RSA,0,reason) - -static const ERR_STRING_DATA RSA_str_functs[] = { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static const ERR_STRING_DATA RSA_str_reasons[] = { - {ERR_REASON(RSA_R_ALGORITHM_MISMATCH) , "algorithm mismatch"}, - {ERR_REASON(RSA_R_BAD_E_VALUE) , "bad e value"}, - {ERR_REASON(RSA_R_BAD_FIXED_HEADER_DECRYPT), "bad fixed header decrypt"}, - {ERR_REASON(RSA_R_BAD_PAD_BYTE_COUNT) , "bad pad byte count"}, - {ERR_REASON(RSA_R_BAD_SIGNATURE) , "bad signature"}, - {ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_01) , "block type is not 01"}, - {ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_02) , "block type is not 02"}, - {ERR_REASON(RSA_R_DATA_GREATER_THAN_MOD_LEN), "data greater than mod len"}, - {ERR_REASON(RSA_R_DATA_TOO_LARGE) , "data too large"}, - {ERR_REASON(RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE), "data too large for key size"}, - {ERR_REASON(RSA_R_DATA_TOO_LARGE_FOR_MODULUS), "data too large for modulus"}, - {ERR_REASON(RSA_R_DATA_TOO_SMALL) , "data too small"}, - {ERR_REASON(RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE), "data too small for key size"}, - {ERR_REASON(RSA_R_DIGEST_DOES_NOT_MATCH) , "digest does not match"}, - {ERR_REASON(RSA_R_DIGEST_NOT_ALLOWED) , "digest not allowed"}, - {ERR_REASON(RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY), "digest too big for rsa key"}, - {ERR_REASON(RSA_R_DMP1_NOT_CONGRUENT_TO_D), "dmp1 not congruent to d"}, - {ERR_REASON(RSA_R_DMQ1_NOT_CONGRUENT_TO_D), "dmq1 not congruent to d"}, - {ERR_REASON(RSA_R_D_E_NOT_CONGRUENT_TO_1), "d e not congruent to 1"}, - {ERR_REASON(RSA_R_FIRST_OCTET_INVALID) , "first octet invalid"}, - {ERR_REASON(RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE), "illegal or unsupported padding mode"}, - {ERR_REASON(RSA_R_INVALID_DIGEST) , "invalid digest"}, - {ERR_REASON(RSA_R_INVALID_DIGEST_LENGTH) , "invalid digest length"}, - {ERR_REASON(RSA_R_INVALID_HEADER) , "invalid header"}, - {ERR_REASON(RSA_R_INVALID_LABEL) , "invalid label"}, - {ERR_REASON(RSA_R_INVALID_KEYBITS) , "invalid keybits"}, - {ERR_REASON(RSA_R_INVALID_MESSAGE_LENGTH), "invalid message length"}, - {ERR_REASON(RSA_R_INVALID_MGF1_MD) , "invalid mgf1 md"}, - {ERR_REASON(RSA_R_INVALID_OAEP_PARAMETERS), "invalid oaep parameters"}, - {ERR_REASON(RSA_R_INVALID_PADDING) , "invalid padding"}, - {ERR_REASON(RSA_R_INVALID_PADDING_MODE) , "invalid padding mode"}, - {ERR_REASON(RSA_R_INVALID_PSS_PARAMETERS), "invalid pss parameters"}, - {ERR_REASON(RSA_R_INVALID_PSS_SALTLEN) , "invalid pss saltlen"}, - {ERR_REASON(RSA_R_INVALID_SALT_LENGTH) , "invalid salt length"}, - {ERR_REASON(RSA_R_INVALID_TRAILER) , "invalid trailer"}, - {ERR_REASON(RSA_R_INVALID_X931_DIGEST) , "invalid x931 digest"}, - {ERR_REASON(RSA_R_IQMP_NOT_INVERSE_OF_Q) , "iqmp not inverse of q"}, - {ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL) , "key size too small"}, - {ERR_REASON(RSA_R_LAST_OCTET_INVALID) , "last octet invalid"}, - {ERR_REASON(RSA_R_MGF1_DIGEST_NOT_ALLOWED), "mgf1 digest not allowed"}, - {ERR_REASON(RSA_R_MODULUS_TOO_LARGE) , "modulus too large"}, - {ERR_REASON(RSA_R_NON_FIPS_RSA_METHOD) , "non fips rsa method"}, - {ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT) , "no public exponent"}, - {ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING), "null before block missing"}, - {ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q) , "n does not equal p q"}, - {ERR_REASON(RSA_R_OAEP_DECODING_ERROR) , "oaep decoding error"}, - {ERR_REASON(RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE), "operation not allowed in fips mode"}, - {ERR_REASON(RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE), "operation not supported for this keytype"}, - {ERR_REASON(RSA_R_PADDING_CHECK_FAILED) , "padding check failed"}, - {ERR_REASON(RSA_R_PSS_SALTLEN_TOO_SMALL) , "pss saltlen too small"}, - {ERR_REASON(RSA_R_P_NOT_PRIME) , "p not prime"}, - {ERR_REASON(RSA_R_Q_NOT_PRIME) , "q not prime"}, - {ERR_REASON(RSA_R_RSA_OPERATIONS_NOT_SUPPORTED), "rsa operations not supported"}, - {ERR_REASON(RSA_R_SLEN_CHECK_FAILED) , "salt length check failed"}, - {ERR_REASON(RSA_R_SLEN_RECOVERY_FAILED) , "salt length recovery failed"}, - {ERR_REASON(RSA_R_SSLV3_ROLLBACK_ATTACK) , "sslv3 rollback attack"}, - {ERR_REASON(RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD), "the asn1 object identifier is not known for this md"}, - {ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE), "unknown algorithm type"}, - {ERR_REASON(RSA_R_UNKNOWN_DIGEST) , "unknown digest"}, - {ERR_REASON(RSA_R_UNKNOWN_MASK_DIGEST) , "unknown mask digest"}, - {ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE) , "unknown padding type"}, - {ERR_REASON(RSA_R_UNKNOWN_PSS_DIGEST) , "unknown pss digest"}, - {ERR_REASON(RSA_R_UNSUPPORTED_ENCRYPTION_TYPE), "unsupported encryption type"}, - {ERR_REASON(RSA_R_UNSUPPORTED_LABEL_SOURCE), "unsupported label source"}, - {ERR_REASON(RSA_R_UNSUPPORTED_MASK_ALGORITHM), "unsupported mask algorithm"}, - {ERR_REASON(RSA_R_UNSUPPORTED_MASK_PARAMETER), "unsupported mask parameter"}, - {ERR_REASON(RSA_R_UNSUPPORTED_SIGNATURE_TYPE), "unsupported signature type"}, - {ERR_REASON(RSA_R_VALUE_MISSING) , "value missing"}, - {ERR_REASON(RSA_R_WRONG_SIGNATURE_LENGTH), "wrong signature length"}, - {0, NULL} -}; - -#endif - -void -ERR_load_RSA_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(RSA_str_functs[0].error) == NULL) { - ERR_load_const_strings(RSA_str_functs); - ERR_load_const_strings(RSA_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_RSA_strings); diff --git a/src/lib/libcrypto/rsa/rsa_gen.c b/src/lib/libcrypto/rsa/rsa_gen.c deleted file mode 100644 index ff64eb2f0e..0000000000 --- a/src/lib/libcrypto/rsa/rsa_gen.c +++ /dev/null @@ -1,257 +0,0 @@ -/* $OpenBSD: rsa_gen.c,v 1.30 2023/07/08 12:26:45 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include -#include -#include - -#include "bn_local.h" -#include "rsa_local.h" - -static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb); - -int -RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) -{ - if (rsa->meth->rsa_keygen) - return rsa->meth->rsa_keygen(rsa, bits, e_value, cb); - return rsa_builtin_keygen(rsa, bits, e_value, cb); -} -LCRYPTO_ALIAS(RSA_generate_key_ex); - -static int -rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) -{ - BIGNUM *r0 = NULL, *r1 = NULL, *r2 = NULL, *r3 = NULL, *tmp; - BIGNUM pr0, d, p; - int bitsp, bitsq, ok = -1, n = 0; - BN_CTX *ctx = NULL; - - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - BN_CTX_start(ctx); - if ((r0 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((r1 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((r2 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((r3 = BN_CTX_get(ctx)) == NULL) - goto err; - - bitsp = (bits + 1) / 2; - bitsq = bits - bitsp; - - /* We need the RSA components non-NULL */ - if (!rsa->n && ((rsa->n = BN_new()) == NULL)) - goto err; - if (!rsa->d && ((rsa->d = BN_new()) == NULL)) - goto err; - if (!rsa->e && ((rsa->e = BN_new()) == NULL)) - goto err; - if (!rsa->p && ((rsa->p = BN_new()) == NULL)) - goto err; - if (!rsa->q && ((rsa->q = BN_new()) == NULL)) - goto err; - if (!rsa->dmp1 && ((rsa->dmp1 = BN_new()) == NULL)) - goto err; - if (!rsa->dmq1 && ((rsa->dmq1 = BN_new()) == NULL)) - goto err; - if (!rsa->iqmp && ((rsa->iqmp = BN_new()) == NULL)) - goto err; - - if (!bn_copy(rsa->e, e_value)) - goto err; - - /* generate p and q */ - for (;;) { - if (!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb)) - goto err; - if (!BN_sub(r2, rsa->p, BN_value_one())) - goto err; - if (!BN_gcd_ct(r1, r2, rsa->e, ctx)) - goto err; - if (BN_is_one(r1)) - break; - if (!BN_GENCB_call(cb, 2, n++)) - goto err; - } - if (!BN_GENCB_call(cb, 3, 0)) - goto err; - for (;;) { - /* - * When generating ridiculously small keys, we can get stuck - * continually regenerating the same prime values. Check for - * this and bail if it happens 3 times. - */ - unsigned int degenerate = 0; - do { - if (!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, - cb)) - goto err; - } while (BN_cmp(rsa->p, rsa->q) == 0 && - ++degenerate < 3); - if (degenerate == 3) { - ok = 0; /* we set our own err */ - RSAerror(RSA_R_KEY_SIZE_TOO_SMALL); - goto err; - } - if (!BN_sub(r2, rsa->q, BN_value_one())) - goto err; - if (!BN_gcd_ct(r1, r2, rsa->e, ctx)) - goto err; - if (BN_is_one(r1)) - break; - if (!BN_GENCB_call(cb, 2, n++)) - goto err; - } - if (!BN_GENCB_call(cb, 3, 1)) - goto err; - if (BN_cmp(rsa->p, rsa->q) < 0) { - tmp = rsa->p; - rsa->p = rsa->q; - rsa->q = tmp; - } - - /* calculate n */ - if (!BN_mul(rsa->n, rsa->p, rsa->q, ctx)) - goto err; - - /* calculate d */ - if (!BN_sub(r1, rsa->p, BN_value_one())) /* p-1 */ - goto err; - if (!BN_sub(r2, rsa->q, BN_value_one())) /* q-1 */ - goto err; - if (!BN_mul(r0, r1, r2, ctx)) /* (p-1)(q-1) */ - goto err; - - BN_init(&pr0); - BN_with_flags(&pr0, r0, BN_FLG_CONSTTIME); - - if (BN_mod_inverse_ct(rsa->d, rsa->e, &pr0, ctx) == NULL) /* d */ - goto err; - - /* set up d for correct BN_FLG_CONSTTIME flag */ - BN_init(&d); - BN_with_flags(&d, rsa->d, BN_FLG_CONSTTIME); - - /* calculate d mod (p-1) */ - if (!BN_mod_ct(rsa->dmp1, &d, r1, ctx)) - goto err; - - /* calculate d mod (q-1) */ - if (!BN_mod_ct(rsa->dmq1, &d, r2, ctx)) - goto err; - - /* calculate inverse of q mod p */ - BN_init(&p); - BN_with_flags(&p, rsa->p, BN_FLG_CONSTTIME); - if (BN_mod_inverse_ct(rsa->iqmp, rsa->q, &p, ctx) == NULL) - goto err; - - ok = 1; -err: - if (ok == -1) { - RSAerror(ERR_LIB_BN); - ok = 0; - } - if (ctx != NULL) { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - - return ok; -} - -RSA * -RSA_generate_key(int bits, unsigned long e_value, - void (*callback)(int, int, void *), void *cb_arg) -{ - BN_GENCB cb; - int i; - RSA *rsa = RSA_new(); - BIGNUM *e = BN_new(); - - if (!rsa || !e) - goto err; - - /* The problem is when building with 8, 16, or 32 BN_ULONG, - * unsigned long can be larger */ - for (i = 0; i < (int)sizeof(unsigned long) * 8; i++) { - if (e_value & (1UL << i)) - if (BN_set_bit(e, i) == 0) - goto err; - } - - BN_GENCB_set_old(&cb, callback, cb_arg); - - if (RSA_generate_key_ex(rsa, bits, e, &cb)) { - BN_free(e); - return rsa; - } -err: - BN_free(e); - RSA_free(rsa); - - return 0; -} -LCRYPTO_ALIAS(RSA_generate_key); diff --git a/src/lib/libcrypto/rsa/rsa_lib.c b/src/lib/libcrypto/rsa/rsa_lib.c deleted file mode 100644 index 91f4938ec9..0000000000 --- a/src/lib/libcrypto/rsa/rsa_lib.c +++ /dev/null @@ -1,426 +0,0 @@ -/* $OpenBSD: rsa_lib.c,v 1.50 2024/03/27 01:22:30 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include - -#include -#include -#include -#include -#include -#include - -#include "bn_local.h" -#include "evp_local.h" -#include "rsa_local.h" - -static const RSA_METHOD *default_RSA_meth = NULL; - -RSA * -RSA_new(void) -{ - RSA *r = RSA_new_method(NULL); - - return r; -} -LCRYPTO_ALIAS(RSA_new); - -void -RSA_set_default_method(const RSA_METHOD *meth) -{ - default_RSA_meth = meth; -} -LCRYPTO_ALIAS(RSA_set_default_method); - -const RSA_METHOD * -RSA_get_default_method(void) -{ - if (default_RSA_meth == NULL) - default_RSA_meth = RSA_PKCS1_SSLeay(); - - return default_RSA_meth; -} -LCRYPTO_ALIAS(RSA_get_default_method); - -const RSA_METHOD * -RSA_get_method(const RSA *rsa) -{ - return rsa->meth; -} -LCRYPTO_ALIAS(RSA_get_method); - -int -RSA_set_method(RSA *rsa, const RSA_METHOD *meth) -{ - /* - * NB: The caller is specifically setting a method, so it's not up to us - * to deal with which ENGINE it comes from. - */ - const RSA_METHOD *mtmp; - - mtmp = rsa->meth; - if (mtmp->finish) - mtmp->finish(rsa); - rsa->meth = meth; - if (meth->init) - meth->init(rsa); - return 1; -} -LCRYPTO_ALIAS(RSA_set_method); - -RSA * -RSA_new_method(ENGINE *engine) -{ - RSA *ret; - - if ((ret = calloc(1, sizeof(RSA))) == NULL) { - RSAerror(ERR_R_MALLOC_FAILURE); - return NULL; - } - - ret->meth = RSA_get_default_method(); - - ret->references = 1; - ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW; - - if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) - goto err; - - if (ret->meth->init != NULL && !ret->meth->init(ret)) { - CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); - goto err; - } - - return ret; - - err: - free(ret); - - return NULL; -} -LCRYPTO_ALIAS(RSA_new_method); - -void -RSA_free(RSA *r) -{ - int i; - - if (r == NULL) - return; - - i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_RSA); - if (i > 0) - return; - - if (r->meth->finish) - r->meth->finish(r); - - CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data); - - BN_free(r->n); - BN_free(r->e); - BN_free(r->d); - BN_free(r->p); - BN_free(r->q); - BN_free(r->dmp1); - BN_free(r->dmq1); - BN_free(r->iqmp); - BN_BLINDING_free(r->blinding); - BN_BLINDING_free(r->mt_blinding); - RSA_PSS_PARAMS_free(r->pss); - free(r); -} -LCRYPTO_ALIAS(RSA_free); - -int -RSA_up_ref(RSA *r) -{ - return CRYPTO_add(&r->references, 1, CRYPTO_LOCK_RSA) > 1; -} -LCRYPTO_ALIAS(RSA_up_ref); - -int -RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) -{ - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, argl, argp, - new_func, dup_func, free_func); -} -LCRYPTO_ALIAS(RSA_get_ex_new_index); - -int -RSA_set_ex_data(RSA *r, int idx, void *arg) -{ - return CRYPTO_set_ex_data(&r->ex_data, idx, arg); -} -LCRYPTO_ALIAS(RSA_set_ex_data); - -void * -RSA_get_ex_data(const RSA *r, int idx) -{ - return CRYPTO_get_ex_data(&r->ex_data, idx); -} -LCRYPTO_ALIAS(RSA_get_ex_data); - -int -RSA_security_bits(const RSA *rsa) -{ - return BN_security_bits(RSA_bits(rsa), -1); -} -LCRYPTO_ALIAS(RSA_security_bits); - -void -RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) -{ - if (n != NULL) - *n = r->n; - if (e != NULL) - *e = r->e; - if (d != NULL) - *d = r->d; -} -LCRYPTO_ALIAS(RSA_get0_key); - -int -RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) -{ - if ((r->n == NULL && n == NULL) || (r->e == NULL && e == NULL)) - return 0; - - if (n != NULL) { - BN_free(r->n); - r->n = n; - } - if (e != NULL) { - BN_free(r->e); - r->e = e; - } - if (d != NULL) { - BN_free(r->d); - r->d = d; - } - - return 1; -} -LCRYPTO_ALIAS(RSA_set0_key); - -void -RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1, - const BIGNUM **iqmp) -{ - if (dmp1 != NULL) - *dmp1 = r->dmp1; - if (dmq1 != NULL) - *dmq1 = r->dmq1; - if (iqmp != NULL) - *iqmp = r->iqmp; -} -LCRYPTO_ALIAS(RSA_get0_crt_params); - -int -RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp) -{ - if ((r->dmp1 == NULL && dmp1 == NULL) || - (r->dmq1 == NULL && dmq1 == NULL) || - (r->iqmp == NULL && iqmp == NULL)) - return 0; - - if (dmp1 != NULL) { - BN_free(r->dmp1); - r->dmp1 = dmp1; - } - if (dmq1 != NULL) { - BN_free(r->dmq1); - r->dmq1 = dmq1; - } - if (iqmp != NULL) { - BN_free(r->iqmp); - r->iqmp = iqmp; - } - - return 1; -} -LCRYPTO_ALIAS(RSA_set0_crt_params); - -void -RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q) -{ - if (p != NULL) - *p = r->p; - if (q != NULL) - *q = r->q; -} -LCRYPTO_ALIAS(RSA_get0_factors); - -int -RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q) -{ - if ((r->p == NULL && p == NULL) || (r->q == NULL && q == NULL)) - return 0; - - if (p != NULL) { - BN_free(r->p); - r->p = p; - } - if (q != NULL) { - BN_free(r->q); - r->q = q; - } - - return 1; -} -LCRYPTO_ALIAS(RSA_set0_factors); - -const BIGNUM * -RSA_get0_n(const RSA *r) -{ - return r->n; -} -LCRYPTO_ALIAS(RSA_get0_n); - -const BIGNUM * -RSA_get0_e(const RSA *r) -{ - return r->e; -} -LCRYPTO_ALIAS(RSA_get0_e); - -const BIGNUM * -RSA_get0_d(const RSA *r) -{ - return r->d; -} -LCRYPTO_ALIAS(RSA_get0_d); - -const BIGNUM * -RSA_get0_p(const RSA *r) -{ - return r->p; -} -LCRYPTO_ALIAS(RSA_get0_p); - -const BIGNUM * -RSA_get0_q(const RSA *r) -{ - return r->q; -} -LCRYPTO_ALIAS(RSA_get0_q); - -const BIGNUM * -RSA_get0_dmp1(const RSA *r) -{ - return r->dmp1; -} -LCRYPTO_ALIAS(RSA_get0_dmp1); - -const BIGNUM * -RSA_get0_dmq1(const RSA *r) -{ - return r->dmq1; -} -LCRYPTO_ALIAS(RSA_get0_dmq1); - -const BIGNUM * -RSA_get0_iqmp(const RSA *r) -{ - return r->iqmp; -} -LCRYPTO_ALIAS(RSA_get0_iqmp); - -const RSA_PSS_PARAMS * -RSA_get0_pss_params(const RSA *r) -{ - return r->pss; -} -LCRYPTO_ALIAS(RSA_get0_pss_params); - -void -RSA_clear_flags(RSA *r, int flags) -{ - r->flags &= ~flags; -} -LCRYPTO_ALIAS(RSA_clear_flags); - -int -RSA_test_flags(const RSA *r, int flags) -{ - return r->flags & flags; -} -LCRYPTO_ALIAS(RSA_test_flags); - -void -RSA_set_flags(RSA *r, int flags) -{ - r->flags |= flags; -} -LCRYPTO_ALIAS(RSA_set_flags); - -int -RSA_pkey_ctx_ctrl(EVP_PKEY_CTX *ctx, int optype, int cmd, int p1, void *p2) -{ - /* Return an error if the key type is not RSA or RSA-PSS. */ - if (ctx != NULL && ctx->pmeth != NULL && - ctx->pmeth->pkey_id != EVP_PKEY_RSA && - ctx->pmeth->pkey_id != EVP_PKEY_RSA_PSS) - return -1; - - return EVP_PKEY_CTX_ctrl(ctx, -1, optype, cmd, p1, p2); -} -LCRYPTO_ALIAS(RSA_pkey_ctx_ctrl); diff --git a/src/lib/libcrypto/rsa/rsa_local.h b/src/lib/libcrypto/rsa/rsa_local.h deleted file mode 100644 index 3f88b952a2..0000000000 --- a/src/lib/libcrypto/rsa/rsa_local.h +++ /dev/null @@ -1,154 +0,0 @@ -/* $OpenBSD: rsa_local.h,v 1.10 2025/01/05 15:39:12 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -__BEGIN_HIDDEN_DECLS - -#define RSA_MIN_MODULUS_BITS 512 - -struct rsa_meth_st { - char *name; - int (*rsa_pub_enc)(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding); - int (*rsa_pub_dec)(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding); - int (*rsa_priv_enc)(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding); - int (*rsa_priv_dec)(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding); - int (*rsa_mod_exp)(BIGNUM *r0, const BIGNUM *I, RSA *rsa, - BN_CTX *ctx); /* Can be null */ - int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* Can be null */ - int (*init)(RSA *rsa); /* called at new */ - int (*finish)(RSA *rsa); /* called at free */ - int flags; /* RSA_METHOD_FLAG_* things */ - char *app_data; /* may be needed! */ -/* New sign and verify functions: some libraries don't allow arbitrary data - * to be signed/verified: this allows them to be used. Note: for this to work - * the RSA_public_decrypt() and RSA_private_encrypt() should *NOT* be used - * RSA_sign(), RSA_verify() should be used instead. - */ - int (*rsa_sign)(int type, const unsigned char *m, unsigned int m_length, - unsigned char *sigret, unsigned int *siglen, const RSA *rsa); - int (*rsa_verify)(int dtype, const unsigned char *m, - unsigned int m_length, const unsigned char *sigbuf, - unsigned int siglen, const RSA *rsa); -/* If this callback is NULL, the builtin software RSA key-gen will be used. This - * is for behavioural compatibility whilst the code gets rewired, but one day - * it would be nice to assume there are no such things as "builtin software" - * implementations. */ - int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); -}; - -struct rsa_st { - long version; - const RSA_METHOD *meth; - - BIGNUM *n; - BIGNUM *e; - BIGNUM *d; - BIGNUM *p; - BIGNUM *q; - BIGNUM *dmp1; - BIGNUM *dmq1; - BIGNUM *iqmp; - - /* Parameter restrictions for PSS only keys. */ - RSA_PSS_PARAMS *pss; - - /* be careful using this if the RSA structure is shared */ - CRYPTO_EX_DATA ex_data; - int references; - int flags; - - /* Used to cache montgomery values */ - BN_MONT_CTX *_method_mod_n; - BN_MONT_CTX *_method_mod_p; - BN_MONT_CTX *_method_mod_q; - - /* all BIGNUM values are actually in the following data, if it is not - * NULL */ - BN_BLINDING *blinding; - BN_BLINDING *mt_blinding; -}; - -RSA_PSS_PARAMS *rsa_pss_params_create(const EVP_MD *sigmd, const EVP_MD *mgf1md, - int saltlen); -int rsa_pss_get_param(const RSA_PSS_PARAMS *pss, const EVP_MD **pmd, - const EVP_MD **pmgf1md, int *psaltlen); - -extern int int_rsa_verify(int dtype, const unsigned char *m, - unsigned int m_len, unsigned char *rm, size_t *prm_len, - const unsigned char *sigbuf, size_t siglen, RSA *rsa); - -int RSA_padding_add_X931(unsigned char *to, int tlen, - const unsigned char *f, int fl); -int RSA_padding_check_X931(unsigned char *to, int tlen, - const unsigned char *f, int fl, int rsa_len); -int RSA_X931_hash_id(int nid); - -BN_BLINDING *BN_BLINDING_new(const BIGNUM *e, const BIGNUM *mod, BN_CTX *ctx, - int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx), BN_MONT_CTX *m_ctx); -void BN_BLINDING_free(BN_BLINDING *b); -int BN_BLINDING_convert(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *); -int BN_BLINDING_invert(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *); -int BN_BLINDING_is_local(BN_BLINDING *b); -BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx); - -__END_HIDDEN_DECLS diff --git a/src/lib/libcrypto/rsa/rsa_meth.c b/src/lib/libcrypto/rsa/rsa_meth.c deleted file mode 100644 index 71608caa01..0000000000 --- a/src/lib/libcrypto/rsa/rsa_meth.c +++ /dev/null @@ -1,309 +0,0 @@ -/* $OpenBSD: rsa_meth.c,v 1.7 2023/07/08 12:26:45 beck Exp $ */ -/* - * Copyright (c) 2018 Theo Buehler - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include - -#include -#include - -#include "rsa_local.h" - -RSA_METHOD * -RSA_meth_new(const char *name, int flags) -{ - RSA_METHOD *meth; - - if ((meth = calloc(1, sizeof(*meth))) == NULL) - return NULL; - if ((meth->name = strdup(name)) == NULL) { - free(meth); - return NULL; - } - meth->flags = flags; - - return meth; -} -LCRYPTO_ALIAS(RSA_meth_new); - -void -RSA_meth_free(RSA_METHOD *meth) -{ - if (meth == NULL) - return; - - free(meth->name); - free(meth); -} -LCRYPTO_ALIAS(RSA_meth_free); - -RSA_METHOD * -RSA_meth_dup(const RSA_METHOD *meth) -{ - RSA_METHOD *copy; - - if ((copy = calloc(1, sizeof(*copy))) == NULL) - return NULL; - memcpy(copy, meth, sizeof(*copy)); - if ((copy->name = strdup(meth->name)) == NULL) { - free(copy); - return NULL; - } - - return copy; -} -LCRYPTO_ALIAS(RSA_meth_dup); - -int -RSA_meth_set1_name(RSA_METHOD *meth, const char *name) -{ - char *new_name; - - if ((new_name = strdup(name)) == NULL) - return 0; - free(meth->name); - meth->name = new_name; - return 1; -} -LCRYPTO_ALIAS(RSA_meth_set1_name); - -int -(*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa) -{ - return meth->finish; -} -LCRYPTO_ALIAS(RSA_meth_get_finish); - -int -RSA_meth_set_priv_enc(RSA_METHOD *meth, int (*priv_enc)(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding)) -{ - meth->rsa_priv_enc = priv_enc; - return 1; -} -LCRYPTO_ALIAS(RSA_meth_set_priv_enc); - -int -RSA_meth_set_priv_dec(RSA_METHOD *meth, int (*priv_dec)(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding)) -{ - meth->rsa_priv_dec = priv_dec; - return 1; -} -LCRYPTO_ALIAS(RSA_meth_set_priv_dec); - -int -RSA_meth_set_finish(RSA_METHOD *meth, int (*finish)(RSA *rsa)) -{ - meth->finish = finish; - return 1; -} -LCRYPTO_ALIAS(RSA_meth_set_finish); - -int -RSA_meth_set_pub_enc(RSA_METHOD *meth, int (*pub_enc)(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding)) -{ - meth->rsa_pub_enc = pub_enc; - return 1; -} -LCRYPTO_ALIAS(RSA_meth_set_pub_enc); - -int -RSA_meth_set_pub_dec(RSA_METHOD *meth, int (*pub_dec)(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding)) -{ - meth->rsa_pub_dec = pub_dec; - return 1; -} -LCRYPTO_ALIAS(RSA_meth_set_pub_dec); - -int -RSA_meth_set_mod_exp(RSA_METHOD *meth, int (*mod_exp)(BIGNUM *r0, - const BIGNUM *i, RSA *rsa, BN_CTX *ctx)) -{ - meth->rsa_mod_exp = mod_exp; - return 1; -} -LCRYPTO_ALIAS(RSA_meth_set_mod_exp); - -int -RSA_meth_set_bn_mod_exp(RSA_METHOD *meth, int (*bn_mod_exp)(BIGNUM *r, - const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx)) -{ - meth->bn_mod_exp = bn_mod_exp; - return 1; -} -LCRYPTO_ALIAS(RSA_meth_set_bn_mod_exp); - -int -RSA_meth_set_init(RSA_METHOD *meth, int (*init)(RSA *rsa)) -{ - meth->init = init; - return 1; -} -LCRYPTO_ALIAS(RSA_meth_set_init); - -int -RSA_meth_set_keygen(RSA_METHOD *meth, int (*keygen)(RSA *rsa, int bits, - BIGNUM *e, BN_GENCB *cb)) -{ - meth->rsa_keygen = keygen; - return 1; -} -LCRYPTO_ALIAS(RSA_meth_set_keygen); - -int -RSA_meth_set_flags(RSA_METHOD *meth, int flags) -{ - meth->flags = flags; - return 1; -} -LCRYPTO_ALIAS(RSA_meth_set_flags); - -int -RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data) -{ - meth->app_data = app_data; - return 1; -} -LCRYPTO_ALIAS(RSA_meth_set0_app_data); - -const char * -RSA_meth_get0_name(const RSA_METHOD *meth) -{ - return meth->name; -} -LCRYPTO_ALIAS(RSA_meth_get0_name); - -int -(*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding) -{ - return meth->rsa_pub_enc; -} -LCRYPTO_ALIAS(RSA_meth_get_pub_enc); - -int -(*RSA_meth_get_pub_dec(const RSA_METHOD *meth))(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding) -{ - return meth->rsa_pub_dec; -} -LCRYPTO_ALIAS(RSA_meth_get_pub_dec); - -int -(*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding) -{ - return meth->rsa_priv_enc; -} -LCRYPTO_ALIAS(RSA_meth_get_priv_enc); - -int -(*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, - const unsigned char *from, unsigned char *to, RSA *rsa, int padding) -{ - return meth->rsa_priv_dec; -} -LCRYPTO_ALIAS(RSA_meth_get_priv_dec); - -int -(*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *i, - RSA *rsa, BN_CTX *ctx) -{ - return meth->rsa_mod_exp; -} -LCRYPTO_ALIAS(RSA_meth_get_mod_exp); - -int -(*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, - const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx) -{ - return meth->bn_mod_exp; -} -LCRYPTO_ALIAS(RSA_meth_get_bn_mod_exp); - -int -(*RSA_meth_get_init(const RSA_METHOD *meth))(RSA *rsa) -{ - return meth->init; -} -LCRYPTO_ALIAS(RSA_meth_get_init); - -int -(*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e, - BN_GENCB *cb) -{ - return meth->rsa_keygen; -} -LCRYPTO_ALIAS(RSA_meth_get_keygen); - -int -RSA_meth_get_flags(const RSA_METHOD *meth) -{ - return meth->flags; -} -LCRYPTO_ALIAS(RSA_meth_get_flags); - -void * -RSA_meth_get0_app_data(const RSA_METHOD *meth) -{ - return meth->app_data; -} -LCRYPTO_ALIAS(RSA_meth_get0_app_data); - -int -(*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, - const unsigned char *m, unsigned int m_length, - unsigned char *sigret, unsigned int *siglen, - const RSA *rsa) -{ - return meth->rsa_sign; -} -LCRYPTO_ALIAS(RSA_meth_get_sign); - -int -RSA_meth_set_sign(RSA_METHOD *meth, int (*sign)(int type, - const unsigned char *m, unsigned int m_length, unsigned char *sigret, - unsigned int *siglen, const RSA *rsa)) -{ - meth->rsa_sign = sign; - return 1; -} -LCRYPTO_ALIAS(RSA_meth_set_sign); - -int -(*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, - const unsigned char *m, unsigned int m_length, const unsigned char *sigbuf, - unsigned int siglen, const RSA *rsa) -{ - return meth->rsa_verify; -} -LCRYPTO_ALIAS(RSA_meth_get_verify); - -int -RSA_meth_set_verify(RSA_METHOD *meth, int (*verify)(int dtype, - const unsigned char *m, unsigned int m_length, const unsigned char *sigbuf, - unsigned int siglen, const RSA *rsa)) -{ - meth->rsa_verify = verify; - return 1; -} -LCRYPTO_ALIAS(RSA_meth_set_verify); diff --git a/src/lib/libcrypto/rsa/rsa_none.c b/src/lib/libcrypto/rsa/rsa_none.c deleted file mode 100644 index 9c53dcf595..0000000000 --- a/src/lib/libcrypto/rsa/rsa_none.c +++ /dev/null @@ -1,98 +0,0 @@ -/* $OpenBSD: rsa_none.c,v 1.12 2023/07/08 12:26:45 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include -#include -#include - -int -RSA_padding_add_none(unsigned char *to, int tlen, const unsigned char *from, - int flen) -{ - if (flen > tlen) { - RSAerror(RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); - return 0; - } - - if (flen < tlen) { - RSAerror(RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE); - return 0; - } - - memcpy(to, from, flen); - return 1; -} -LCRYPTO_ALIAS(RSA_padding_add_none); - -int -RSA_padding_check_none(unsigned char *to, int tlen, const unsigned char *from, - int flen, int num) -{ - if (flen > tlen) { - RSAerror(RSA_R_DATA_TOO_LARGE); - return -1; - } - - memset(to, 0, tlen - flen); - memcpy(to + tlen - flen, from, flen); - return tlen; -} -LCRYPTO_ALIAS(RSA_padding_check_none); diff --git a/src/lib/libcrypto/rsa/rsa_oaep.c b/src/lib/libcrypto/rsa/rsa_oaep.c deleted file mode 100644 index d1e138c299..0000000000 --- a/src/lib/libcrypto/rsa/rsa_oaep.c +++ /dev/null @@ -1,368 +0,0 @@ -/* $OpenBSD: rsa_oaep.c,v 1.39 2024/03/26 05:37:28 joshua Exp $ */ -/* - * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* EME-OAEP as defined in RFC 2437 (PKCS #1 v2.0) */ - -/* See Victor Shoup, "OAEP reconsidered," Nov. 2000, - * - * for problems with the security proof for the - * original OAEP scheme, which EME-OAEP is based on. - * - * A new proof can be found in E. Fujisaki, T. Okamoto, - * D. Pointcheval, J. Stern, "RSA-OEAP is Still Alive!", - * Dec. 2000, . - * The new proof has stronger requirements for the - * underlying permutation: "partial-one-wayness" instead - * of one-wayness. For the RSA function, this is - * an equivalent notion. - */ - -#include -#include -#include - -#include -#include -#include -#include -#include - -#include "constant_time.h" -#include "evp_local.h" -#include "rsa_local.h" - -int -RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, - const unsigned char *from, int flen, const unsigned char *param, int plen) -{ - return RSA_padding_add_PKCS1_OAEP_mgf1(to, tlen, from, flen, param, - plen, NULL, NULL); -} -LCRYPTO_ALIAS(RSA_padding_add_PKCS1_OAEP); - -int -RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, - const unsigned char *from, int flen, const unsigned char *param, int plen, - const EVP_MD *md, const EVP_MD *mgf1md) -{ - int i, emlen = tlen - 1; - unsigned char *db, *seed; - unsigned char *dbmask = NULL; - unsigned char seedmask[EVP_MAX_MD_SIZE]; - int mdlen, dbmask_len = 0; - int rv = 0; - - if (md == NULL) - md = EVP_sha1(); - if (mgf1md == NULL) - mgf1md = md; - - if ((mdlen = EVP_MD_size(md)) <= 0) - goto err; - - if (flen > emlen - 2 * mdlen - 1) { - RSAerror(RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); - goto err; - } - - if (emlen < 2 * mdlen + 1) { - RSAerror(RSA_R_KEY_SIZE_TOO_SMALL); - goto err; - } - - to[0] = 0; - seed = to + 1; - db = to + mdlen + 1; - - if (!EVP_Digest((void *)param, plen, db, NULL, md, NULL)) - goto err; - - memset(db + mdlen, 0, emlen - flen - 2 * mdlen - 1); - db[emlen - flen - mdlen - 1] = 0x01; - memcpy(db + emlen - flen - mdlen, from, flen); - arc4random_buf(seed, mdlen); - - dbmask_len = emlen - mdlen; - if ((dbmask = malloc(dbmask_len)) == NULL) { - RSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (PKCS1_MGF1(dbmask, dbmask_len, seed, mdlen, mgf1md) < 0) - goto err; - for (i = 0; i < dbmask_len; i++) - db[i] ^= dbmask[i]; - if (PKCS1_MGF1(seedmask, mdlen, db, dbmask_len, mgf1md) < 0) - goto err; - for (i = 0; i < mdlen; i++) - seed[i] ^= seedmask[i]; - - rv = 1; - - err: - explicit_bzero(seedmask, sizeof(seedmask)); - freezero(dbmask, dbmask_len); - - return rv; -} -LCRYPTO_ALIAS(RSA_padding_add_PKCS1_OAEP_mgf1); - -int -RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, - const unsigned char *from, int flen, int num, const unsigned char *param, - int plen) -{ - return RSA_padding_check_PKCS1_OAEP_mgf1(to, tlen, from, flen, num, - param, plen, NULL, NULL); -} -LCRYPTO_ALIAS(RSA_padding_check_PKCS1_OAEP); - -int -RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, - const unsigned char *from, int flen, int num, const unsigned char *param, - int plen, const EVP_MD *md, const EVP_MD *mgf1md) -{ - int i, dblen = 0, mlen = -1, one_index = 0, msg_index; - unsigned int good = 0, found_one_byte, mask; - const unsigned char *maskedseed, *maskeddb; - unsigned char seed[EVP_MAX_MD_SIZE], phash[EVP_MAX_MD_SIZE]; - unsigned char *db = NULL, *em = NULL; - int mdlen; - - if (md == NULL) - md = EVP_sha1(); - if (mgf1md == NULL) - mgf1md = md; - - if ((mdlen = EVP_MD_size(md)) <= 0) - return -1; - - if (tlen <= 0 || flen <= 0) - return -1; - - /* - * |num| is the length of the modulus; |flen| is the length of the - * encoded message. Therefore, for any |from| that was obtained by - * decrypting a ciphertext, we must have |flen| <= |num|. Similarly, - * |num| >= 2 * |mdlen| + 2 must hold for the modulus irrespective - * of the ciphertext, see PKCS #1 v2.2, section 7.1.2. - * This does not leak any side-channel information. - */ - if (num < flen || num < 2 * mdlen + 2) { - RSAerror(RSA_R_OAEP_DECODING_ERROR); - return -1; - } - - dblen = num - mdlen - 1; - if ((db = malloc(dblen)) == NULL) { - RSAerror(ERR_R_MALLOC_FAILURE); - goto cleanup; - } - if ((em = malloc(num)) == NULL) { - RSAerror(ERR_R_MALLOC_FAILURE); - goto cleanup; - } - - /* - * Caller is encouraged to pass zero-padded message created with - * BN_bn2binpad. Trouble is that since we can't read out of |from|'s - * bounds, it's impossible to have an invariant memory access pattern - * in case |from| was not zero-padded in advance. - */ - for (from += flen, em += num, i = 0; i < num; i++) { - mask = ~constant_time_is_zero(flen); - flen -= 1 & mask; - from -= 1 & mask; - *--em = *from & mask; - } - - /* - * The first byte must be zero, however we must not leak if this is - * true. See James H. Manger, "A Chosen Ciphertext Attack on RSA - * Optimal Asymmetric Encryption Padding (OAEP) [...]", CRYPTO 2001). - */ - good = constant_time_is_zero(em[0]); - - maskedseed = em + 1; - maskeddb = em + 1 + mdlen; - - if (PKCS1_MGF1(seed, mdlen, maskeddb, dblen, mgf1md)) - goto cleanup; - for (i = 0; i < mdlen; i++) - seed[i] ^= maskedseed[i]; - - if (PKCS1_MGF1(db, dblen, seed, mdlen, mgf1md)) - goto cleanup; - for (i = 0; i < dblen; i++) - db[i] ^= maskeddb[i]; - - if (!EVP_Digest((void *)param, plen, phash, NULL, md, NULL)) - goto cleanup; - - good &= constant_time_is_zero(timingsafe_memcmp(db, phash, mdlen)); - - found_one_byte = 0; - for (i = mdlen; i < dblen; i++) { - /* - * Padding consists of a number of 0-bytes, followed by a 1. - */ - unsigned int equals1 = constant_time_eq(db[i], 1); - unsigned int equals0 = constant_time_is_zero(db[i]); - - one_index = constant_time_select_int(~found_one_byte & equals1, - i, one_index); - found_one_byte |= equals1; - good &= (found_one_byte | equals0); - } - - good &= found_one_byte; - - /* - * At this point |good| is zero unless the plaintext was valid, - * so plaintext-awareness ensures timing side-channels are no longer a - * concern. - */ - msg_index = one_index + 1; - mlen = dblen - msg_index; - - /* - * For good measure, do this check in constant time as well. - */ - good &= constant_time_ge(tlen, mlen); - - /* - * Even though we can't fake result's length, we can pretend copying - * |tlen| bytes where |mlen| bytes would be real. The last |tlen| of - * |dblen| bytes are viewed as a circular buffer starting at |tlen|-|mlen'|, - * where |mlen'| is the "saturated" |mlen| value. Deducing information - * about failure or |mlen| would require an attacker to observe - * memory access patterns with byte granularity *as it occurs*. It - * should be noted that failure is indistinguishable from normal - * operation if |tlen| is fixed by protocol. - */ - tlen = constant_time_select_int(constant_time_lt(dblen - mdlen - 1, tlen), - dblen - mdlen - 1, tlen); - msg_index = constant_time_select_int(good, msg_index, dblen - tlen); - mlen = dblen - msg_index; - for (mask = good, i = 0; i < tlen; i++) { - unsigned int equals = constant_time_eq(msg_index, dblen); - - msg_index -= tlen & equals; /* rewind at EOF */ - mask &= ~equals; /* mask = 0 at EOF */ - to[i] = constant_time_select_8(mask, db[msg_index++], to[i]); - } - - /* - * To avoid chosen ciphertext attacks, the error message should not - * reveal which kind of decoding error happened. - */ - RSAerror(RSA_R_OAEP_DECODING_ERROR); - err_clear_last_constant_time(1 & good); - - cleanup: - explicit_bzero(seed, sizeof(seed)); - freezero(db, dblen); - freezero(em, num); - - return constant_time_select_int(good, mlen, -1); -} -LCRYPTO_ALIAS(RSA_padding_check_PKCS1_OAEP_mgf1); - -int -PKCS1_MGF1(unsigned char *mask, long len, const unsigned char *seed, - long seedlen, const EVP_MD *dgst) -{ - long i, outlen = 0; - unsigned char cnt[4]; - EVP_MD_CTX *md_ctx; - unsigned char md[EVP_MAX_MD_SIZE]; - int mdlen; - int rv = -1; - - if ((md_ctx = EVP_MD_CTX_new()) == NULL) - goto err; - - mdlen = EVP_MD_size(dgst); - if (mdlen < 0) - goto err; - for (i = 0; outlen < len; i++) { - cnt[0] = (unsigned char)((i >> 24) & 255); - cnt[1] = (unsigned char)((i >> 16) & 255); - cnt[2] = (unsigned char)((i >> 8)) & 255; - cnt[3] = (unsigned char)(i & 255); - if (!EVP_DigestInit_ex(md_ctx, dgst, NULL) || - !EVP_DigestUpdate(md_ctx, seed, seedlen) || - !EVP_DigestUpdate(md_ctx, cnt, 4)) - goto err; - if (outlen + mdlen <= len) { - if (!EVP_DigestFinal_ex(md_ctx, mask + outlen, NULL)) - goto err; - outlen += mdlen; - } else { - if (!EVP_DigestFinal_ex(md_ctx, md, NULL)) - goto err; - memcpy(mask + outlen, md, len - outlen); - outlen = len; - } - } - - rv = 0; - - err: - EVP_MD_CTX_free(md_ctx); - - return rv; -} -LCRYPTO_ALIAS(PKCS1_MGF1); diff --git a/src/lib/libcrypto/rsa/rsa_pk1.c b/src/lib/libcrypto/rsa/rsa_pk1.c deleted file mode 100644 index 8e56a8c4cd..0000000000 --- a/src/lib/libcrypto/rsa/rsa_pk1.c +++ /dev/null @@ -1,283 +0,0 @@ -/* $OpenBSD: rsa_pk1.c,v 1.17 2024/03/30 04:34:17 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include -#include -#include - -#include "bytestring.h" - -int -RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen, - const unsigned char *from, int flen) -{ - CBB cbb; - int i; - int ret = 0; - - /* - * Pad data block with PKCS1 type 1 padding - RFC 2313, section 8.1. - */ - - memset(&cbb, 0, sizeof(cbb)); - - if (flen < 0 || tlen < 0) - goto err; - - if (flen > tlen - RSA_PKCS1_PADDING_SIZE) { - RSAerror(RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); - goto err; - } - - if (!CBB_init_fixed(&cbb, to, tlen)) - goto err; - - /* - * Add leading NUL, block type (0x01), padding bytes (0xff) and - * trailing NUL. - */ - if (!CBB_add_u8(&cbb, 0)) - goto err; - if (!CBB_add_u8(&cbb, 1)) - goto err; - for (i = 0; i < tlen - 3 - flen; i++) { - if (!CBB_add_u8(&cbb, 0xff)) - goto err; - } - if (!CBB_add_u8(&cbb, 0)) - goto err; - - /* Now add the actual data. */ - if (!CBB_add_bytes(&cbb, from, flen)) - goto err; - - if (!CBB_finish(&cbb, NULL, NULL)) - goto err; - - ret = 1; - - err: - CBB_cleanup(&cbb); - - return ret; -} -LCRYPTO_ALIAS(RSA_padding_add_PKCS1_type_1); - -int -RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen, - const unsigned char *from, int flen, int num) -{ - int i, j; - const unsigned char *p; - - p = from; - if (num != flen + 1 || *(p++) != 01) { - RSAerror(RSA_R_BLOCK_TYPE_IS_NOT_01); - return -1; - } - - /* scan over padding data */ - j = flen - 1; /* one for type. */ - for (i = 0; i < j; i++) { - if (*p != 0xff) { - /* should decrypt to 0xff */ - if (*p == 0) { - p++; - break; - } else { - RSAerror(RSA_R_BAD_FIXED_HEADER_DECRYPT); - return -1; - } - } - p++; - } - - if (i == j) { - RSAerror(RSA_R_NULL_BEFORE_BLOCK_MISSING); - return -1; - } - - if (i < 8) { - RSAerror(RSA_R_BAD_PAD_BYTE_COUNT); - return -1; - } - i++; /* Skip over the '\0' */ - j -= i; - if (j > tlen) { - RSAerror(RSA_R_DATA_TOO_LARGE); - return -1; - } - memcpy(to, p, j); - - return j; -} -LCRYPTO_ALIAS(RSA_padding_check_PKCS1_type_1); - -int -RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen, - const unsigned char *from, int flen) -{ - uint8_t padding[256]; - uint8_t pad; - CBB cbb; - CBS cbs; - int i; - int ret = 0; - - /* - * Pad data block with PKCS1 type 2 padding - RFC 2313, section 8.1. - */ - - memset(&cbb, 0, sizeof(cbb)); - CBS_init(&cbs, NULL, 0); - - if (flen < 0 || tlen < 0) - goto err; - - if (flen > tlen - RSA_PKCS1_PADDING_SIZE) { - RSAerror(RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); - goto err; - } - - if (!CBB_init_fixed(&cbb, to, tlen)) - goto err; - - /* - * Add leading NUL, block type (0x02), padding bytes (random non-zero - * bytes) and trailing NUL. - */ - if (!CBB_add_u8(&cbb, 0)) - goto err; - if (!CBB_add_u8(&cbb, 2)) - goto err; - for (i = 0; i < tlen - 3 - flen; i++) { - do { - if (CBS_len(&cbs) == 0) { - arc4random_buf(padding, sizeof(padding)); - CBS_init(&cbs, padding, sizeof(padding)); - } - if (!CBS_get_u8(&cbs, &pad)) - goto err; - } while (pad == 0); - - if (!CBB_add_u8(&cbb, pad)) - goto err; - } - if (!CBB_add_u8(&cbb, 0)) - goto err; - - /* Now add the actual data. */ - if (!CBB_add_bytes(&cbb, from, flen)) - goto err; - - if (!CBB_finish(&cbb, NULL, NULL)) - goto err; - - ret = 1; - - err: - CBB_cleanup(&cbb); - explicit_bzero(padding, sizeof(padding)); - - return ret; -} -LCRYPTO_ALIAS(RSA_padding_add_PKCS1_type_2); - -int -RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, - const unsigned char *from, int flen, int num) -{ - int i, j; - const unsigned char *p; - - p = from; - if (num != flen + 1 || *(p++) != 02) { - RSAerror(RSA_R_BLOCK_TYPE_IS_NOT_02); - return -1; - } - - /* scan over padding data */ - j = flen - 1; /* one for type. */ - for (i = 0; i < j; i++) - if (*(p++) == 0) - break; - - if (i == j) { - RSAerror(RSA_R_NULL_BEFORE_BLOCK_MISSING); - return -1; - } - - if (i < 8) { - RSAerror(RSA_R_BAD_PAD_BYTE_COUNT); - return -1; - } - i++; /* Skip over the '\0' */ - j -= i; - if (j > tlen) { - RSAerror(RSA_R_DATA_TOO_LARGE); - return -1; - } - memcpy(to, p, j); - - return j; -} -LCRYPTO_ALIAS(RSA_padding_check_PKCS1_type_2); diff --git a/src/lib/libcrypto/rsa/rsa_pmeth.c b/src/lib/libcrypto/rsa/rsa_pmeth.c deleted file mode 100644 index 453570cf74..0000000000 --- a/src/lib/libcrypto/rsa/rsa_pmeth.c +++ /dev/null @@ -1,911 +0,0 @@ -/* $OpenBSD: rsa_pmeth.c,v 1.43 2025/01/17 15:39:19 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2006. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include - -#include - -#include -#include -#include -#include -#include -#include -#include - -#include "bn_local.h" -#include "evp_local.h" -#include "rsa_local.h" - -/* RSA pkey context structure */ - -typedef struct { - /* Key gen parameters */ - int nbits; - BIGNUM *pub_exp; - /* Keygen callback info */ - int gentmp[2]; - /* RSA padding mode */ - int pad_mode; - /* message digest */ - const EVP_MD *md; - /* message digest for MGF1 */ - const EVP_MD *mgf1md; - /* PSS salt length */ - int saltlen; - /* Minimum salt length or -1 if no PSS parameter restriction */ - int min_saltlen; - /* Temp buffer */ - unsigned char *tbuf; - /* OAEP label */ - unsigned char *oaep_label; - size_t oaep_labellen; -} RSA_PKEY_CTX; - -/* True if PSS parameters are restricted */ -#define rsa_pss_restricted(rctx) (rctx->min_saltlen != -1) - -static int -pkey_rsa_init(EVP_PKEY_CTX *ctx) -{ - RSA_PKEY_CTX *rctx; - - if ((rctx = calloc(1, sizeof(RSA_PKEY_CTX))) == NULL) - return 0; - - rctx->nbits = 2048; - - if (ctx->pmeth->pkey_id == EVP_PKEY_RSA_PSS) - rctx->pad_mode = RSA_PKCS1_PSS_PADDING; - else - rctx->pad_mode = RSA_PKCS1_PADDING; - - /* Maximum for sign, auto for verify */ - rctx->saltlen = RSA_PSS_SALTLEN_AUTO; - rctx->min_saltlen = -1; - - ctx->data = rctx; - ctx->keygen_info = rctx->gentmp; - ctx->keygen_info_count = 2; - - return 1; -} - -static int -pkey_rsa_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) -{ - RSA_PKEY_CTX *dctx, *sctx; - - if (!pkey_rsa_init(dst)) - return 0; - - sctx = src->data; - dctx = dst->data; - dctx->nbits = sctx->nbits; - if (sctx->pub_exp != NULL) { - BN_free(dctx->pub_exp); - if ((dctx->pub_exp = BN_dup(sctx->pub_exp)) == NULL) - return 0; - } - dctx->pad_mode = sctx->pad_mode; - dctx->md = sctx->md; - dctx->mgf1md = sctx->mgf1md; - if (sctx->oaep_label != NULL) { - free(dctx->oaep_label); - if ((dctx->oaep_label = calloc(1, sctx->oaep_labellen)) == NULL) - return 0; - memcpy(dctx->oaep_label, sctx->oaep_label, sctx->oaep_labellen); - dctx->oaep_labellen = sctx->oaep_labellen; - } - - return 1; -} - -static int -setup_tbuf(RSA_PKEY_CTX *ctx, EVP_PKEY_CTX *pk) -{ - if (ctx->tbuf != NULL) - return 1; - if ((ctx->tbuf = calloc(1, EVP_PKEY_size(pk->pkey))) == NULL) { - RSAerror(ERR_R_MALLOC_FAILURE); - return 0; - } - return 1; -} - -static void -pkey_rsa_cleanup(EVP_PKEY_CTX *ctx) -{ - RSA_PKEY_CTX *rctx = ctx->data; - - if (rctx) { - BN_free(rctx->pub_exp); - free(rctx->tbuf); - free(rctx->oaep_label); - free(rctx); - } -} - -static int -pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbslen) -{ - int ret; - RSA_PKEY_CTX *rctx = ctx->data; - RSA *rsa = ctx->pkey->pkey.rsa; - - if (rctx->md) { - if (tbslen != (size_t)EVP_MD_size(rctx->md)) { - RSAerror(RSA_R_INVALID_DIGEST_LENGTH); - return -1; - } - - if (rctx->pad_mode == RSA_X931_PADDING) { - if ((size_t)EVP_PKEY_size(ctx->pkey) < tbslen + 1) { - RSAerror(RSA_R_KEY_SIZE_TOO_SMALL); - return -1; - } - if (!setup_tbuf(rctx, ctx)) { - RSAerror(ERR_R_MALLOC_FAILURE); - return -1; - } - memcpy(rctx->tbuf, tbs, tbslen); - rctx->tbuf[tbslen] = - RSA_X931_hash_id(EVP_MD_type(rctx->md)); - ret = RSA_private_encrypt(tbslen + 1, rctx->tbuf, sig, - rsa, RSA_X931_PADDING); - } else if (rctx->pad_mode == RSA_PKCS1_PADDING) { - unsigned int sltmp; - - ret = RSA_sign(EVP_MD_type(rctx->md), tbs, tbslen, sig, - &sltmp, rsa); - if (ret <= 0) - return ret; - ret = sltmp; - } else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING) { - if (!setup_tbuf(rctx, ctx)) - return -1; - if (!RSA_padding_add_PKCS1_PSS_mgf1(rsa, rctx->tbuf, - tbs, rctx->md, rctx->mgf1md, rctx->saltlen)) - return -1; - ret = RSA_private_encrypt(RSA_size(rsa), rctx->tbuf, - sig, rsa, RSA_NO_PADDING); - } else { - return -1; - } - } else { - ret = RSA_private_encrypt(tbslen, tbs, sig, ctx->pkey->pkey.rsa, - rctx->pad_mode); - } - if (ret < 0) - return ret; - *siglen = ret; - return 1; -} - -static int -pkey_rsa_verifyrecover(EVP_PKEY_CTX *ctx, unsigned char *rout, size_t *routlen, - const unsigned char *sig, size_t siglen) -{ - int ret; - RSA_PKEY_CTX *rctx = ctx->data; - - if (rctx->md) { - if (rctx->pad_mode == RSA_X931_PADDING) { - if (!setup_tbuf(rctx, ctx)) - return -1; - ret = RSA_public_decrypt(siglen, sig, rctx->tbuf, - ctx->pkey->pkey.rsa, RSA_X931_PADDING); - if (ret < 1) - return 0; - ret--; - if (rctx->tbuf[ret] != - RSA_X931_hash_id(EVP_MD_type(rctx->md))) { - RSAerror(RSA_R_ALGORITHM_MISMATCH); - return 0; - } - if (ret != EVP_MD_size(rctx->md)) { - RSAerror(RSA_R_INVALID_DIGEST_LENGTH); - return 0; - } - if (rout) - memcpy(rout, rctx->tbuf, ret); - } else if (rctx->pad_mode == RSA_PKCS1_PADDING) { - size_t sltmp; - - ret = int_rsa_verify(EVP_MD_type(rctx->md), NULL, 0, - rout, &sltmp, sig, siglen, ctx->pkey->pkey.rsa); - if (ret <= 0) - return 0; - ret = sltmp; - } else { - return -1; - } - } else { - ret = RSA_public_decrypt(siglen, sig, rout, ctx->pkey->pkey.rsa, - rctx->pad_mode); - } - if (ret < 0) - return ret; - *routlen = ret; - return 1; -} - -static int -pkey_rsa_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, - const unsigned char *tbs, size_t tbslen) -{ - RSA_PKEY_CTX *rctx = ctx->data; - RSA *rsa = ctx->pkey->pkey.rsa; - size_t rslen; - - if (rctx->md) { - if (rctx->pad_mode == RSA_PKCS1_PADDING) - return RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen, - sig, siglen, rsa); - if (tbslen != (size_t)EVP_MD_size(rctx->md)) { - RSAerror(RSA_R_INVALID_DIGEST_LENGTH); - return -1; - } - if (rctx->pad_mode == RSA_X931_PADDING) { - if (pkey_rsa_verifyrecover(ctx, NULL, &rslen, sig, - siglen) <= 0) - return 0; - } else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING) { - int ret; - - if (!setup_tbuf(rctx, ctx)) - return -1; - ret = RSA_public_decrypt(siglen, sig, rctx->tbuf, - rsa, RSA_NO_PADDING); - if (ret <= 0) - return 0; - ret = RSA_verify_PKCS1_PSS_mgf1(rsa, tbs, rctx->md, - rctx->mgf1md, rctx->tbuf, rctx->saltlen); - if (ret <= 0) - return 0; - return 1; - } else { - return -1; - } - } else { - int ret; - - if (!setup_tbuf(rctx, ctx)) - return -1; - - if ((ret = RSA_public_decrypt(siglen, sig, rctx->tbuf, rsa, - rctx->pad_mode)) <= 0) - return 0; - - rslen = ret; - } - - if (rslen != tbslen || timingsafe_bcmp(tbs, rctx->tbuf, rslen)) - return 0; - - return 1; -} - -static int -pkey_rsa_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen) -{ - RSA_PKEY_CTX *rctx = ctx->data; - int ret; - - if (rctx->pad_mode == RSA_PKCS1_OAEP_PADDING) { - int klen = RSA_size(ctx->pkey->pkey.rsa); - if (!setup_tbuf(rctx, ctx)) - return -1; - if (!RSA_padding_add_PKCS1_OAEP_mgf1(rctx->tbuf, klen, - in, inlen, rctx->oaep_label, rctx->oaep_labellen, - rctx->md, rctx->mgf1md)) - return -1; - ret = RSA_public_encrypt(klen, rctx->tbuf, out, - ctx->pkey->pkey.rsa, RSA_NO_PADDING); - } else { - ret = RSA_public_encrypt(inlen, in, out, ctx->pkey->pkey.rsa, - rctx->pad_mode); - } - if (ret < 0) - return ret; - *outlen = ret; - return 1; -} - -static int -pkey_rsa_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen) -{ - int ret; - RSA_PKEY_CTX *rctx = ctx->data; - - if (rctx->pad_mode == RSA_PKCS1_OAEP_PADDING) { - if (!setup_tbuf(rctx, ctx)) - return -1; - ret = RSA_private_decrypt(inlen, in, rctx->tbuf, - ctx->pkey->pkey.rsa, RSA_NO_PADDING); - if (ret <= 0) - return ret; - ret = RSA_padding_check_PKCS1_OAEP_mgf1(out, ret, rctx->tbuf, - ret, ret, rctx->oaep_label, rctx->oaep_labellen, rctx->md, - rctx->mgf1md); - } else { - ret = RSA_private_decrypt(inlen, in, out, ctx->pkey->pkey.rsa, - rctx->pad_mode); - } - if (ret < 0) - return ret; - *outlen = ret; - return 1; -} - -static int -check_padding_md(const EVP_MD *md, int padding) -{ - if (md == NULL) - return 1; - - if (padding == RSA_NO_PADDING) { - RSAerror(RSA_R_INVALID_PADDING_MODE); - return 0; - } - - if (padding == RSA_X931_PADDING) { - if (RSA_X931_hash_id(EVP_MD_type(md)) == -1) { - RSAerror(RSA_R_INVALID_X931_DIGEST); - return 0; - } - } else { - /* List of all supported RSA digests. */ - /* RFC 8017 and NIST CSOR. */ - switch(EVP_MD_type(md)) { - case NID_sha1: - case NID_sha224: - case NID_sha256: - case NID_sha384: - case NID_sha512: - case NID_sha512_224: - case NID_sha512_256: - case NID_sha3_224: - case NID_sha3_256: - case NID_sha3_384: - case NID_sha3_512: - case NID_md5: - case NID_md5_sha1: - case NID_md4: - case NID_ripemd160: - return 1; - - default: - RSAerror(RSA_R_INVALID_DIGEST); - return 0; - } - } - - return 1; -} - -static int -pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) -{ - RSA_PKEY_CTX *rctx = ctx->data; - - switch (type) { - case EVP_PKEY_CTRL_RSA_PADDING: - if (p1 >= RSA_PKCS1_PADDING && p1 <= RSA_PKCS1_PSS_PADDING) { - if (!check_padding_md(rctx->md, p1)) - return 0; - if (p1 == RSA_PKCS1_PSS_PADDING) { - if (!(ctx->operation & - (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY))) - goto bad_pad; - if (!rctx->md) - rctx->md = EVP_sha1(); - } else if (ctx->pmeth->pkey_id == EVP_PKEY_RSA_PSS) { - goto bad_pad; - } - if (p1 == RSA_PKCS1_OAEP_PADDING) { - if (!(ctx->operation & EVP_PKEY_OP_TYPE_CRYPT)) - goto bad_pad; - if (!rctx->md) - rctx->md = EVP_sha1(); - } - rctx->pad_mode = p1; - return 1; - } - bad_pad: - RSAerror(RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE); - return -2; - - case EVP_PKEY_CTRL_GET_RSA_PADDING: - *(int *)p2 = rctx->pad_mode; - return 1; - - case EVP_PKEY_CTRL_RSA_PSS_SALTLEN: - case EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN: - if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING) { - RSAerror(RSA_R_INVALID_PSS_SALTLEN); - return -2; - } - if (type == EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN) { - *(int *)p2 = rctx->saltlen; - } else { - if (p1 < RSA_PSS_SALTLEN_MAX) - return -2; - if (rsa_pss_restricted(rctx)) { - if (p1 == RSA_PSS_SALTLEN_AUTO && - ctx->operation == EVP_PKEY_OP_VERIFY) { - RSAerror(RSA_R_INVALID_PSS_SALTLEN); - return -2; - } - if ((p1 == RSA_PSS_SALTLEN_DIGEST && - rctx->min_saltlen > EVP_MD_size(rctx->md)) || - (p1 >= 0 && p1 < rctx->min_saltlen)) { - RSAerror(RSA_R_PSS_SALTLEN_TOO_SMALL); - return 0; - } - } - rctx->saltlen = p1; - } - return 1; - - case EVP_PKEY_CTRL_RSA_KEYGEN_BITS: - if (p1 < RSA_MIN_MODULUS_BITS) { - RSAerror(RSA_R_KEY_SIZE_TOO_SMALL); - return -2; - } - rctx->nbits = p1; - return 1; - - case EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP: - if (p2 == NULL || !BN_is_odd((BIGNUM *)p2) || - BN_is_one((BIGNUM *)p2)) { - RSAerror(RSA_R_BAD_E_VALUE); - return -2; - } - BN_free(rctx->pub_exp); - rctx->pub_exp = p2; - return 1; - - case EVP_PKEY_CTRL_RSA_OAEP_MD: - case EVP_PKEY_CTRL_GET_RSA_OAEP_MD: - if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) { - RSAerror(RSA_R_INVALID_PADDING_MODE); - return -2; - } - if (type == EVP_PKEY_CTRL_GET_RSA_OAEP_MD) - *(const EVP_MD **)p2 = rctx->md; - else - rctx->md = p2; - return 1; - - case EVP_PKEY_CTRL_MD: - if (!check_padding_md(p2, rctx->pad_mode)) - return 0; - if (rsa_pss_restricted(rctx)) { - if (EVP_MD_type(rctx->md) == EVP_MD_type(p2)) - return 1; - RSAerror(RSA_R_DIGEST_NOT_ALLOWED); - return 0; - } - rctx->md = p2; - return 1; - - case EVP_PKEY_CTRL_GET_MD: - *(const EVP_MD **)p2 = rctx->md; - return 1; - - case EVP_PKEY_CTRL_RSA_MGF1_MD: - case EVP_PKEY_CTRL_GET_RSA_MGF1_MD: - if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING && - rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) { - RSAerror(RSA_R_INVALID_MGF1_MD); - return -2; - } - if (type == EVP_PKEY_CTRL_GET_RSA_MGF1_MD) { - if (rctx->mgf1md) - *(const EVP_MD **)p2 = rctx->mgf1md; - else - *(const EVP_MD **)p2 = rctx->md; - } else { - if (rsa_pss_restricted(rctx)) { - if (EVP_MD_type(rctx->mgf1md) == EVP_MD_type(p2)) - return 1; - RSAerror(RSA_R_MGF1_DIGEST_NOT_ALLOWED); - return 0; - } - rctx->mgf1md = p2; - } - return 1; - - case EVP_PKEY_CTRL_RSA_OAEP_LABEL: - if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) { - RSAerror(RSA_R_INVALID_PADDING_MODE); - return -2; - } - free(rctx->oaep_label); - if (p2 != NULL && p1 > 0) { - rctx->oaep_label = p2; - rctx->oaep_labellen = p1; - } else { - rctx->oaep_label = NULL; - rctx->oaep_labellen = 0; - } - return 1; - - case EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL: - if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) { - RSAerror(RSA_R_INVALID_PADDING_MODE); - return -2; - } - *(unsigned char **)p2 = rctx->oaep_label; - return rctx->oaep_labellen; - - case EVP_PKEY_CTRL_DIGESTINIT: - case EVP_PKEY_CTRL_PKCS7_SIGN: -#ifndef OPENSSL_NO_CMS - case EVP_PKEY_CTRL_CMS_SIGN: -#endif - return 1; - - case EVP_PKEY_CTRL_PKCS7_ENCRYPT: - case EVP_PKEY_CTRL_PKCS7_DECRYPT: -#ifndef OPENSSL_NO_CMS - case EVP_PKEY_CTRL_CMS_DECRYPT: - case EVP_PKEY_CTRL_CMS_ENCRYPT: -#endif - if (ctx->pmeth->pkey_id != EVP_PKEY_RSA_PSS) - return 1; - - /* fall through */ - case EVP_PKEY_CTRL_PEER_KEY: - RSAerror(RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); - return -2; - - default: - return -2; - - } -} - -static int -pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value) -{ - const char *errstr; - - if (!value) { - RSAerror(RSA_R_VALUE_MISSING); - return 0; - } - if (strcmp(type, "rsa_padding_mode") == 0) { - int pm; - if (strcmp(value, "pkcs1") == 0) - pm = RSA_PKCS1_PADDING; - else if (strcmp(value, "none") == 0) - pm = RSA_NO_PADDING; - else if (strcmp(value, "oaep") == 0 || strcmp(value, "oeap") == 0) - pm = RSA_PKCS1_OAEP_PADDING; - else if (strcmp(value, "x931") == 0) - pm = RSA_X931_PADDING; - else if (strcmp(value, "pss") == 0) - pm = RSA_PKCS1_PSS_PADDING; - else { - RSAerror(RSA_R_UNKNOWN_PADDING_TYPE); - return -2; - } - return EVP_PKEY_CTX_set_rsa_padding(ctx, pm); - } - - if (strcmp(type, "rsa_pss_saltlen") == 0) { - int saltlen; - - if (strcmp(value, "digest") == 0) - saltlen = RSA_PSS_SALTLEN_DIGEST; - else if (strcmp(value, "max") == 0) - saltlen = RSA_PSS_SALTLEN_MAX; - else if (strcmp(value, "auto") == 0) - saltlen = RSA_PSS_SALTLEN_AUTO; - else { - /* - * Accept the special values -1, -2, -3 since that's - * what atoi() historically did. Lower values are later - * rejected in EVP_PKEY_CTRL_RSA_PSS_SALTLEN anyway. - */ - saltlen = strtonum(value, -3, INT_MAX, &errstr); - if (errstr != NULL) { - RSAerror(RSA_R_INVALID_PSS_SALTLEN); - return -2; - } - } - return EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, saltlen); - } - - if (strcmp(type, "rsa_keygen_bits") == 0) { - int nbits; - - nbits = strtonum(value, 0, INT_MAX, &errstr); - if (errstr != NULL) { - RSAerror(RSA_R_INVALID_KEYBITS); - return -2; - } - - return EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, nbits); - } - - if (strcmp(type, "rsa_keygen_pubexp") == 0) { - BIGNUM *pubexp = NULL; - int ret; - - if (!BN_asc2bn(&pubexp, value)) - return 0; - ret = EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, pubexp); - if (ret <= 0) - BN_free(pubexp); - return ret; - } - - if (strcmp(type, "rsa_mgf1_md") == 0) - return EVP_PKEY_CTX_md(ctx, - EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, - EVP_PKEY_CTRL_RSA_MGF1_MD, value); - - if (ctx->pmeth->pkey_id == EVP_PKEY_RSA_PSS) { - if (strcmp(type, "rsa_pss_keygen_mgf1_md") == 0) - return EVP_PKEY_CTX_md(ctx, EVP_PKEY_OP_KEYGEN, - EVP_PKEY_CTRL_RSA_MGF1_MD, value); - - if (strcmp(type, "rsa_pss_keygen_md") == 0) - return EVP_PKEY_CTX_md(ctx, EVP_PKEY_OP_KEYGEN, - EVP_PKEY_CTRL_MD, value); - - if (strcmp(type, "rsa_pss_keygen_saltlen") == 0) { - int saltlen; - - /* - * Accept the special values -1, -2, -3 since that's - * what atoi() historically did. Lower values are later - * rejected in EVP_PKEY_CTRL_RSA_PSS_SALTLEN anyway. - */ - saltlen = strtonum(value, -3, INT_MAX, &errstr); - if (errstr != NULL) { - RSAerror(RSA_R_INVALID_PSS_SALTLEN); - return -2; - } - - return EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen(ctx, saltlen); - } - } - - if (strcmp(type, "rsa_oaep_md") == 0) - return EVP_PKEY_CTX_md(ctx, EVP_PKEY_OP_TYPE_CRYPT, - EVP_PKEY_CTRL_RSA_OAEP_MD, value); - - if (strcmp(type, "rsa_oaep_label") == 0) { - unsigned char *lab; - long lablen; - int ret; - - if ((lab = string_to_hex(value, &lablen)) == NULL) - return 0; - ret = EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, lab, lablen); - if (ret <= 0) - free(lab); - - return ret; - } - - return -2; -} - -/* Set PSS parameters when generating a key, if necessary. */ -static int -rsa_set_pss_param(RSA *rsa, EVP_PKEY_CTX *ctx) -{ - RSA_PKEY_CTX *rctx = ctx->data; - - if (ctx->pmeth->pkey_id != EVP_PKEY_RSA_PSS) - return 1; - - /* If all parameters are default values then do not set PSS. */ - if (rctx->md == NULL && rctx->mgf1md == NULL && - rctx->saltlen == RSA_PSS_SALTLEN_AUTO) - return 1; - - rsa->pss = rsa_pss_params_create(rctx->md, rctx->mgf1md, - rctx->saltlen == RSA_PSS_SALTLEN_AUTO ? 0 : rctx->saltlen); - if (rsa->pss == NULL) - return 0; - - return 1; -} - -static int -pkey_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -{ - RSA *rsa = NULL; - RSA_PKEY_CTX *rctx = ctx->data; - BN_GENCB *pcb = NULL; - BN_GENCB cb = {0}; - int ret = 0; - - if (rctx->pub_exp == NULL) { - if ((rctx->pub_exp = BN_new()) == NULL) - goto err; - if (!BN_set_word(rctx->pub_exp, RSA_F4)) - goto err; - } - - if ((rsa = RSA_new()) == NULL) - goto err; - if (ctx->pkey_gencb != NULL) { - pcb = &cb; - evp_pkey_set_cb_translate(pcb, ctx); - } - if (!RSA_generate_key_ex(rsa, rctx->nbits, rctx->pub_exp, pcb)) - goto err; - if (!rsa_set_pss_param(rsa, ctx)) - goto err; - if (!EVP_PKEY_assign(pkey, ctx->pmeth->pkey_id, rsa)) - goto err; - rsa = NULL; - - ret = 1; - - err: - RSA_free(rsa); - - return ret; -} - -const EVP_PKEY_METHOD rsa_pkey_meth = { - .pkey_id = EVP_PKEY_RSA, - .flags = EVP_PKEY_FLAG_AUTOARGLEN, - - .init = pkey_rsa_init, - .copy = pkey_rsa_copy, - .cleanup = pkey_rsa_cleanup, - - .keygen = pkey_rsa_keygen, - - .sign = pkey_rsa_sign, - - .verify = pkey_rsa_verify, - - .verify_recover = pkey_rsa_verifyrecover, - - .encrypt = pkey_rsa_encrypt, - - .decrypt = pkey_rsa_decrypt, - - .ctrl = pkey_rsa_ctrl, - .ctrl_str = pkey_rsa_ctrl_str -}; - -/* - * Called for PSS sign or verify initialisation: checks PSS parameter - * sanity and sets any restrictions on key usage. - */ - -static int -pkey_pss_init(EVP_PKEY_CTX *ctx) -{ - RSA *rsa; - RSA_PKEY_CTX *rctx = ctx->data; - const EVP_MD *md; - const EVP_MD *mgf1md; - int min_saltlen, max_saltlen; - - /* Should never happen */ - if (ctx->pmeth->pkey_id != EVP_PKEY_RSA_PSS) - return 0; - rsa = ctx->pkey->pkey.rsa; - - /* If no restrictions just return */ - if (rsa->pss == NULL) - return 1; - - /* Get and check parameters */ - if (!rsa_pss_get_param(rsa->pss, &md, &mgf1md, &min_saltlen)) - return 0; - - /* See if minimum salt length exceeds maximum possible */ - max_saltlen = RSA_size(rsa) - EVP_MD_size(md); - if ((RSA_bits(rsa) & 0x7) == 1) - max_saltlen--; - if (min_saltlen > max_saltlen) { - RSAerror(RSA_R_INVALID_SALT_LENGTH); - return 0; - } - rctx->min_saltlen = min_saltlen; - - /* - * Set PSS restrictions as defaults: we can then block any attempt to - * use invalid values in pkey_rsa_ctrl - */ - - rctx->md = md; - rctx->mgf1md = mgf1md; - rctx->saltlen = min_saltlen; - - return 1; -} - -const EVP_PKEY_METHOD rsa_pss_pkey_meth = { - .pkey_id = EVP_PKEY_RSA_PSS, - .flags = EVP_PKEY_FLAG_AUTOARGLEN, - - .init = pkey_rsa_init, - .copy = pkey_rsa_copy, - .cleanup = pkey_rsa_cleanup, - - .keygen = pkey_rsa_keygen, - - .sign_init = pkey_pss_init, - .sign = pkey_rsa_sign, - - .verify_init = pkey_pss_init, - .verify = pkey_rsa_verify, - - .ctrl = pkey_rsa_ctrl, - .ctrl_str = pkey_rsa_ctrl_str -}; diff --git a/src/lib/libcrypto/rsa/rsa_prn.c b/src/lib/libcrypto/rsa/rsa_prn.c deleted file mode 100644 index 1783563661..0000000000 --- a/src/lib/libcrypto/rsa/rsa_prn.c +++ /dev/null @@ -1,99 +0,0 @@ -/* $OpenBSD: rsa_prn.c,v 1.10 2023/07/08 12:26:45 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2006. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include - -int -RSA_print_fp(FILE *fp, const RSA *x, int off) -{ - BIO *b; - int ret; - - if ((b = BIO_new(BIO_s_file())) == NULL) { - RSAerror(ERR_R_BUF_LIB); - return 0; - } - BIO_set_fp(b, fp, BIO_NOCLOSE); - ret = RSA_print(b, x, off); - BIO_free(b); - return ret; -} -LCRYPTO_ALIAS(RSA_print_fp); - -int -RSA_print(BIO *bp, const RSA *x, int off) -{ - EVP_PKEY *pk; - int ret = 0; - - if ((pk = EVP_PKEY_new()) == NULL) - goto err; - - if (!EVP_PKEY_set1_RSA(pk, (RSA *)x)) - goto err; - - ret = EVP_PKEY_print_private(bp, pk, off, NULL); - err: - EVP_PKEY_free(pk); - return ret; -} -LCRYPTO_ALIAS(RSA_print); diff --git a/src/lib/libcrypto/rsa/rsa_pss.c b/src/lib/libcrypto/rsa/rsa_pss.c deleted file mode 100644 index 610ae7c928..0000000000 --- a/src/lib/libcrypto/rsa/rsa_pss.c +++ /dev/null @@ -1,291 +0,0 @@ -/* $OpenBSD: rsa_pss.c,v 1.19 2024/03/26 05:26:27 joshua Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2005. - */ -/* ==================================================================== - * Copyright (c) 2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include - -#include -#include -#include -#include -#include - -#include "evp_local.h" -#include "rsa_local.h" - -static const unsigned char zeroes[] = { 0, 0, 0, 0, 0, 0, 0, 0 }; - -int -RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash, const EVP_MD *Hash, - const unsigned char *EM, int sLen) -{ - return RSA_verify_PKCS1_PSS_mgf1(rsa, mHash, Hash, NULL, EM, sLen); -} -LCRYPTO_ALIAS(RSA_verify_PKCS1_PSS); - -int -RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash, - const EVP_MD *Hash, const EVP_MD *mgf1Hash, const unsigned char *EM, - int sLen) -{ - int i; - int ret = 0; - int hLen, maskedDBLen, MSBits, emLen; - const unsigned char *H; - unsigned char *DB = NULL; - EVP_MD_CTX *md_ctx; - unsigned char H_[EVP_MAX_MD_SIZE]; - - if ((md_ctx = EVP_MD_CTX_new()) == NULL) - goto err; - - if (mgf1Hash == NULL) - mgf1Hash = Hash; - - hLen = EVP_MD_size(Hash); - if (hLen < 0) - goto err; - /* - * Negative sLen has special meanings: - * -1 sLen == hLen - * -2 salt length is autorecovered from signature - * -N reserved - */ - if (sLen == -1) - sLen = hLen; - else if (sLen == -2) - sLen = -2; - else if (sLen < -2) { - RSAerror(RSA_R_SLEN_CHECK_FAILED); - goto err; - } - - MSBits = (BN_num_bits(rsa->n) - 1) & 0x7; - emLen = RSA_size(rsa); - if (EM[0] & (0xFF << MSBits)) { - RSAerror(RSA_R_FIRST_OCTET_INVALID); - goto err; - } - if (MSBits == 0) { - EM++; - emLen--; - } - if (emLen < (hLen + sLen + 2)) { - /* sLen can be small negative */ - RSAerror(RSA_R_DATA_TOO_LARGE); - goto err; - } - if (EM[emLen - 1] != 0xbc) { - RSAerror(RSA_R_LAST_OCTET_INVALID); - goto err; - } - maskedDBLen = emLen - hLen - 1; - H = EM + maskedDBLen; - DB = malloc(maskedDBLen); - if (!DB) { - RSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if (PKCS1_MGF1(DB, maskedDBLen, H, hLen, mgf1Hash) < 0) - goto err; - for (i = 0; i < maskedDBLen; i++) - DB[i] ^= EM[i]; - if (MSBits) - DB[0] &= 0xFF >> (8 - MSBits); - for (i = 0; DB[i] == 0 && i < (maskedDBLen - 1); i++) - ; - if (DB[i++] != 0x1) { - RSAerror(RSA_R_SLEN_RECOVERY_FAILED); - goto err; - } - if (sLen >= 0 && (maskedDBLen - i) != sLen) { - RSAerror(RSA_R_SLEN_CHECK_FAILED); - goto err; - } - if (!EVP_DigestInit_ex(md_ctx, Hash, NULL) || - !EVP_DigestUpdate(md_ctx, zeroes, sizeof zeroes) || - !EVP_DigestUpdate(md_ctx, mHash, hLen)) - goto err; - if (maskedDBLen - i) { - if (!EVP_DigestUpdate(md_ctx, DB + i, maskedDBLen - i)) - goto err; - } - if (!EVP_DigestFinal_ex(md_ctx, H_, NULL)) - goto err; - if (timingsafe_bcmp(H_, H, hLen)) { - RSAerror(RSA_R_BAD_SIGNATURE); - ret = 0; - } else { - ret = 1; - } - - err: - free(DB); - EVP_MD_CTX_free(md_ctx); - - return ret; -} -LCRYPTO_ALIAS(RSA_verify_PKCS1_PSS_mgf1); - -int -RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM, - const unsigned char *mHash, const EVP_MD *Hash, int sLen) -{ - return RSA_padding_add_PKCS1_PSS_mgf1(rsa, EM, mHash, Hash, NULL, sLen); -} -LCRYPTO_ALIAS(RSA_padding_add_PKCS1_PSS); - -int -RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, - const unsigned char *mHash, const EVP_MD *Hash, const EVP_MD *mgf1Hash, - int sLen) -{ - int i; - int ret = 0; - int hLen, maskedDBLen, MSBits, emLen; - unsigned char *H, *salt = NULL, *p; - EVP_MD_CTX *md_ctx; - - if ((md_ctx = EVP_MD_CTX_new()) == NULL) - goto err; - - if (mgf1Hash == NULL) - mgf1Hash = Hash; - - hLen = EVP_MD_size(Hash); - if (hLen < 0) - goto err; - /* - * Negative sLen has special meanings: - * -1 sLen == hLen - * -2 salt length is maximized - * -N reserved - */ - if (sLen == -1) - sLen = hLen; - else if (sLen == -2) - sLen = -2; - else if (sLen < -2) { - RSAerror(RSA_R_SLEN_CHECK_FAILED); - goto err; - } - - MSBits = (BN_num_bits(rsa->n) - 1) & 0x7; - emLen = RSA_size(rsa); - if (MSBits == 0) { - *EM++ = 0; - emLen--; - } - if (sLen == -2) - sLen = emLen - hLen - 2; - else if (emLen < (hLen + sLen + 2)) { - RSAerror(RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); - goto err; - } - if (sLen > 0) { - salt = malloc(sLen); - if (!salt) { - RSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - arc4random_buf(salt, sLen); - } - maskedDBLen = emLen - hLen - 1; - H = EM + maskedDBLen; - if (!EVP_DigestInit_ex(md_ctx, Hash, NULL) || - !EVP_DigestUpdate(md_ctx, zeroes, sizeof zeroes) || - !EVP_DigestUpdate(md_ctx, mHash, hLen)) - goto err; - if (sLen && !EVP_DigestUpdate(md_ctx, salt, sLen)) - goto err; - if (!EVP_DigestFinal_ex(md_ctx, H, NULL)) - goto err; - - /* Generate dbMask in place then perform XOR on it */ - if (PKCS1_MGF1(EM, maskedDBLen, H, hLen, mgf1Hash)) - goto err; - - p = EM; - - /* - * Initial PS XORs with all zeroes which is a NOP so just update - * pointer. Note from a test above this value is guaranteed to - * be non-negative. - */ - p += emLen - sLen - hLen - 2; - *p++ ^= 0x1; - if (sLen > 0) { - for (i = 0; i < sLen; i++) - *p++ ^= salt[i]; - } - if (MSBits) - EM[0] &= 0xFF >> (8 - MSBits); - - /* H is already in place so just set final 0xbc */ - EM[emLen - 1] = 0xbc; - - ret = 1; - -err: - free(salt); - EVP_MD_CTX_free(md_ctx); - - return ret; -} -LCRYPTO_ALIAS(RSA_padding_add_PKCS1_PSS_mgf1); diff --git a/src/lib/libcrypto/rsa/rsa_saos.c b/src/lib/libcrypto/rsa/rsa_saos.c deleted file mode 100644 index 07a4f5d659..0000000000 --- a/src/lib/libcrypto/rsa/rsa_saos.c +++ /dev/null @@ -1,143 +0,0 @@ -/* $OpenBSD: rsa_saos.c,v 1.25 2023/07/08 12:26:45 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include -#include -#include -#include -#include - -int -RSA_sign_ASN1_OCTET_STRING(int type, const unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, RSA *rsa) -{ - ASN1_OCTET_STRING sig; - int i, j, ret = 1; - unsigned char *p, *s; - - sig.type = V_ASN1_OCTET_STRING; - sig.length = m_len; - sig.data = (unsigned char *)m; - - i = i2d_ASN1_OCTET_STRING(&sig, NULL); - j = RSA_size(rsa); - if (i > (j - RSA_PKCS1_PADDING_SIZE)) { - RSAerror(RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); - return 0; - } - s = malloc(j + 1); - if (s == NULL) { - RSAerror(ERR_R_MALLOC_FAILURE); - return 0; - } - p = s; - i2d_ASN1_OCTET_STRING(&sig, &p); - i = RSA_private_encrypt(i, s, sigret, rsa, RSA_PKCS1_PADDING); - if (i <= 0) - ret = 0; - else - *siglen = i; - - freezero(s, (unsigned int)j + 1); - return ret; -} -LCRYPTO_ALIAS(RSA_sign_ASN1_OCTET_STRING); - -int -RSA_verify_ASN1_OCTET_STRING(int dtype, const unsigned char *m, - unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, RSA *rsa) -{ - int i, ret = 0; - unsigned char *s; - const unsigned char *p; - ASN1_OCTET_STRING *sig = NULL; - - if (siglen != (unsigned int)RSA_size(rsa)) { - RSAerror(RSA_R_WRONG_SIGNATURE_LENGTH); - return 0; - } - - s = malloc(siglen); - if (s == NULL) { - RSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - i = RSA_public_decrypt((int)siglen, sigbuf, s, rsa, RSA_PKCS1_PADDING); - - if (i <= 0) - goto err; - - p = s; - sig = d2i_ASN1_OCTET_STRING(NULL, &p, (long)i); - if (sig == NULL) - goto err; - - if ((unsigned int)sig->length != m_len || - timingsafe_bcmp(m, sig->data, m_len) != 0) { - RSAerror(RSA_R_BAD_SIGNATURE); - } else - ret = 1; -err: - ASN1_OCTET_STRING_free(sig); - freezero(s, (unsigned int)siglen); - return ret; -} -LCRYPTO_ALIAS(RSA_verify_ASN1_OCTET_STRING); diff --git a/src/lib/libcrypto/rsa/rsa_sign.c b/src/lib/libcrypto/rsa/rsa_sign.c deleted file mode 100644 index 6edd20626d..0000000000 --- a/src/lib/libcrypto/rsa/rsa_sign.c +++ /dev/null @@ -1,280 +0,0 @@ -/* $OpenBSD: rsa_sign.c,v 1.37 2025/01/05 15:39:12 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include -#include -#include -#include -#include - -#include "asn1_local.h" -#include "rsa_local.h" -#include "x509_local.h" - -/* Size of an SSL signature: MD5+SHA1 */ -#define SSL_SIG_LENGTH 36 - -static int encode_pkcs1(unsigned char **, int *, int , const unsigned char *, - unsigned int); - -/* - * encode_pkcs1 encodes a DigestInfo prefix of hash `type' and digest `m', as - * described in EMSA-PKCS-v1_5-ENCODE, RFC 8017 section 9. step 2. This - * encodes the DigestInfo (T and tLen) but does not add the padding. - * - * On success, it returns one and sets `*out' to a newly allocated buffer - * containing the result and `*out_len' to its length. Freeing `*out' is - * the caller's responsibility. Failure is indicated by zero. - */ -static int -encode_pkcs1(unsigned char **out, int *out_len, int type, - const unsigned char *m, unsigned int m_len) -{ - X509_SIG sig; - X509_ALGOR algor; - ASN1_TYPE parameter; - ASN1_OCTET_STRING digest; - uint8_t *der = NULL; - int len; - - sig.algor = &algor; - if ((sig.algor->algorithm = OBJ_nid2obj(type)) == NULL) { - RSAerror(RSA_R_UNKNOWN_ALGORITHM_TYPE); - return 0; - } - if (sig.algor->algorithm->length == 0) { - RSAerror( - RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD); - return 0; - } - parameter.type = V_ASN1_NULL; - parameter.value.ptr = NULL; - sig.algor->parameter = ¶meter; - - sig.digest = &digest; - sig.digest->data = (unsigned char *)m; /* TMP UGLY CAST */ - sig.digest->length = m_len; - - if ((len = i2d_X509_SIG(&sig, &der)) < 0) - return 0; - - *out = der; - *out_len = len; - - return 1; -} - -int -RSA_sign(int type, const unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, RSA *rsa) -{ - const unsigned char *encoded = NULL; - unsigned char *tmps = NULL; - int encrypt_len, encoded_len = 0, ret = 0; - - if (rsa->meth->rsa_sign != NULL) - return rsa->meth->rsa_sign(type, m, m_len, sigret, siglen, rsa); - - /* Compute the encoded digest. */ - if (type == NID_md5_sha1) { - /* - * NID_md5_sha1 corresponds to the MD5/SHA1 combination in - * TLS 1.1 and earlier. It has no DigestInfo wrapper but - * otherwise is RSASSA-PKCS-v1.5. - */ - if (m_len != SSL_SIG_LENGTH) { - RSAerror(RSA_R_INVALID_DIGEST_LENGTH); - return 0; - } - encoded_len = SSL_SIG_LENGTH; - encoded = m; - } else { - if (!encode_pkcs1(&tmps, &encoded_len, type, m, m_len)) - goto err; - encoded = tmps; - } - if (encoded_len > RSA_size(rsa) - RSA_PKCS1_PADDING_SIZE) { - RSAerror(RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); - goto err; - } - if ((encrypt_len = RSA_private_encrypt(encoded_len, encoded, sigret, - rsa, RSA_PKCS1_PADDING)) <= 0) - goto err; - - *siglen = encrypt_len; - ret = 1; - - err: - freezero(tmps, (size_t)encoded_len); - return (ret); -} -LCRYPTO_ALIAS(RSA_sign); - -/* - * int_rsa_verify verifies an RSA signature in `sigbuf' using `rsa'. It may be - * called in two modes. If `rm' is NULL, it verifies the signature for the - * digest `m'. Otherwise, it recovers the digest from the signature, writing the - * digest to `rm' and the length to `*prm_len'. `type' is the NID of the digest - * algorithm to use. It returns one on successful verification and zero - * otherwise. - */ -int -int_rsa_verify(int type, const unsigned char *m, unsigned int m_len, - unsigned char *rm, size_t *prm_len, const unsigned char *sigbuf, - size_t siglen, RSA *rsa) -{ - unsigned char *decrypt_buf, *encoded = NULL; - int decrypt_len, encoded_len = 0, ret = 0; - - if (siglen != (size_t)RSA_size(rsa)) { - RSAerror(RSA_R_WRONG_SIGNATURE_LENGTH); - return 0; - } - - /* Recover the encoded digest. */ - if ((decrypt_buf = malloc(siglen)) == NULL) { - RSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if ((decrypt_len = RSA_public_decrypt((int)siglen, sigbuf, decrypt_buf, - rsa, RSA_PKCS1_PADDING)) <= 0) - goto err; - - if (type == NID_md5_sha1) { - /* - * NID_md5_sha1 corresponds to the MD5/SHA1 combination in - * TLS 1.1 and earlier. It has no DigestInfo wrapper but - * otherwise is RSASSA-PKCS1-v1_5. - */ - if (decrypt_len != SSL_SIG_LENGTH) { - RSAerror(RSA_R_INVALID_DIGEST_LENGTH); - goto err; - } - - if (rm != NULL) { - memcpy(rm, decrypt_buf, SSL_SIG_LENGTH); - *prm_len = SSL_SIG_LENGTH; - } else { - if (m_len != SSL_SIG_LENGTH) { - RSAerror(RSA_R_INVALID_MESSAGE_LENGTH); - goto err; - } - if (timingsafe_bcmp(decrypt_buf, - m, SSL_SIG_LENGTH) != 0) { - RSAerror(RSA_R_BAD_SIGNATURE); - goto err; - } - } - } else { - /* - * If recovering the digest, extract a digest-sized output from - * the end of `decrypt_buf' for `encode_pkcs1', then compare the - * decryption output as in a standard verification. - */ - if (rm != NULL) { - const EVP_MD *md; - - if ((md = EVP_get_digestbynid(type)) == NULL) { - RSAerror(RSA_R_UNKNOWN_ALGORITHM_TYPE); - goto err; - } - if ((m_len = EVP_MD_size(md)) > (size_t)decrypt_len) { - RSAerror(RSA_R_INVALID_DIGEST_LENGTH); - goto err; - } - m = decrypt_buf + decrypt_len - m_len; - } - - /* Construct the encoded digest and ensure it matches */ - if (!encode_pkcs1(&encoded, &encoded_len, type, m, m_len)) - goto err; - - if (encoded_len != decrypt_len || - timingsafe_bcmp(encoded, decrypt_buf, encoded_len) != 0) { - RSAerror(RSA_R_BAD_SIGNATURE); - goto err; - } - - /* Output the recovered digest. */ - if (rm != NULL) { - memcpy(rm, m, m_len); - *prm_len = m_len; - } - } - - ret = 1; - err: - freezero(encoded, (size_t)encoded_len); - freezero(decrypt_buf, siglen); - return ret; -} - -int -RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, - const unsigned char *sigbuf, unsigned int siglen, RSA *rsa) -{ - if (rsa->meth->rsa_verify != NULL) - return rsa->meth->rsa_verify(dtype, m, m_len, sigbuf, siglen, - rsa); - - return int_rsa_verify(dtype, m, m_len, NULL, NULL, sigbuf, siglen, rsa); -} -LCRYPTO_ALIAS(RSA_verify); diff --git a/src/lib/libcrypto/rsa/rsa_x931.c b/src/lib/libcrypto/rsa/rsa_x931.c deleted file mode 100644 index 52f3f803b2..0000000000 --- a/src/lib/libcrypto/rsa/rsa_x931.c +++ /dev/null @@ -1,164 +0,0 @@ -/* $OpenBSD: rsa_x931.c,v 1.12 2023/05/05 12:19:37 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2005. - */ -/* ==================================================================== - * Copyright (c) 2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include -#include - -int -RSA_padding_add_X931(unsigned char *to, int tlen, const unsigned char *from, - int flen) -{ - int j; - unsigned char *p; - - /* - * Absolute minimum amount of padding is 1 header nibble, 1 padding - * nibble and 2 trailer bytes: but 1 hash if is already in 'from'. - */ - j = tlen - flen - 2; - - if (j < 0) { - RSAerror(RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); - return -1; - } - - p = (unsigned char *)to; - - /* If no padding start and end nibbles are in one byte */ - if (j == 0) - *p++ = 0x6A; - else { - *p++ = 0x6B; - if (j > 1) { - memset(p, 0xBB, j - 1); - p += j - 1; - } - *p++ = 0xBA; - } - memcpy(p, from, flen); - p += flen; - *p = 0xCC; - return 1; -} - -int -RSA_padding_check_X931(unsigned char *to, int tlen, const unsigned char *from, - int flen, int num) -{ - int i = 0, j; - const unsigned char *p = from; - - if (num != flen || (*p != 0x6A && *p != 0x6B)) { - RSAerror(RSA_R_INVALID_HEADER); - return -1; - } - - if (*p++ == 0x6B) { - j = flen - 3; - for (i = 0; i < j; i++) { - unsigned char c = *p++; - if (c == 0xBA) - break; - if (c != 0xBB) { - RSAerror(RSA_R_INVALID_PADDING); - return -1; - } - } - - if (i == 0) { - RSAerror(RSA_R_INVALID_PADDING); - return -1; - } - - j -= i; - } else - j = flen - 2; - - if (j < 0 || p[j] != 0xCC) { - RSAerror(RSA_R_INVALID_TRAILER); - return -1; - } - - memcpy(to, p, j); - - return j; -} - -/* Translate between X931 hash ids and NIDs */ - -int -RSA_X931_hash_id(int nid) -{ - switch (nid) { - case NID_sha1: - return 0x33; - case NID_sha256: - return 0x34; - case NID_sha384: - return 0x36; - case NID_sha512: - return 0x35; - } - - return -1; -} diff --git a/src/lib/libcrypto/sha/asm/sha1-586.pl b/src/lib/libcrypto/sha/asm/sha1-586.pl deleted file mode 100644 index 5928e083c1..0000000000 --- a/src/lib/libcrypto/sha/asm/sha1-586.pl +++ /dev/null @@ -1,1223 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# [Re]written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# "[Re]written" was achieved in two major overhauls. In 2004 BODY_* -# functions were re-implemented to address P4 performance issue [see -# commentary below], and in 2006 the rest was rewritten in order to -# gain freedom to liberate licensing terms. - -# January, September 2004. -# -# It was noted that Intel IA-32 C compiler generates code which -# performs ~30% *faster* on P4 CPU than original *hand-coded* -# SHA1 assembler implementation. To address this problem (and -# prove that humans are still better than machines:-), the -# original code was overhauled, which resulted in following -# performance changes: -# -# compared with original compared with Intel cc -# assembler impl. generated code -# Pentium -16% +48% -# PIII/AMD +8% +16% -# P4 +85%(!) +45% -# -# As you can see Pentium came out as looser:-( Yet I reckoned that -# improvement on P4 outweighs the loss and incorporate this -# re-tuned code to 0.9.7 and later. -# ---------------------------------------------------------------- -# - -# August 2009. -# -# George Spelvin has tipped that F_40_59(b,c,d) can be rewritten as -# '(c&d) + (b&(c^d))', which allows to accumulate partial results -# and lighten "pressure" on scratch registers. This resulted in -# >12% performance improvement on contemporary AMD cores (with no -# degradation on other CPUs:-). Also, the code was revised to maximize -# "distance" between instructions producing input to 'lea' instruction -# and the 'lea' instruction itself, which is essential for Intel Atom -# core and resulted in ~15% improvement. - -# October 2010. -# -# Add SSSE3, Supplemental[!] SSE3, implementation. The idea behind it -# is to offload message schedule denoted by Wt in NIST specification, -# or Xupdate in OpenSSL source, to SIMD unit. The idea is not novel, -# and in SSE2 context was first explored by Dean Gaudet in 2004, see -# http://arctic.org/~dean/crypto/sha1.html. Since then several things -# have changed that made it interesting again: -# -# a) XMM units became faster and wider; -# b) instruction set became more versatile; -# c) an important observation was made by Max Locktykhin, which made -# it possible to reduce amount of instructions required to perform -# the operation in question, for further details see -# http://software.intel.com/en-us/articles/improving-the-performance-of-the-secure-hash-algorithm-1/. - -# April 2011. -# -# Add AVX code path, probably most controversial... The thing is that -# switch to AVX alone improves performance by as little as 4% in -# comparison to SSSE3 code path. But below result doesn't look like -# 4% improvement... Trouble is that Sandy Bridge decodes 'ro[rl]' as -# pair of µ-ops, and it's the additional µ-ops, two per round, that -# make it run slower than Core2 and Westmere. But 'sh[rl]d' is decoded -# as single µ-op by Sandy Bridge and it's replacing 'ro[rl]' with -# equivalent 'sh[rl]d' that is responsible for the impressive 5.1 -# cycles per processed byte. But 'sh[rl]d' is not something that used -# to be fast, nor does it appear to be fast in upcoming Bulldozer -# [according to its optimization manual]. Which is why AVX code path -# is guarded by *both* AVX and synthetic bit denoting Intel CPUs. -# One can argue that it's unfair to AMD, but without 'sh[rl]d' it -# makes no sense to keep the AVX code path. If somebody feels that -# strongly, it's probably more appropriate to discuss possibility of -# using vector rotate XOP on AMD... - -###################################################################### -# Current performance is summarized in following table. Numbers are -# CPU clock cycles spent to process single byte (less is better). -# -# x86 SSSE3 AVX -# Pentium 15.7 - -# PIII 11.5 - -# P4 10.6 - -# AMD K8 7.1 - -# Core2 7.3 6.1/+20% - -# Atom 12.5 9.5(*)/+32% - -# Westmere 7.3 5.6/+30% - -# Sandy Bridge 8.8 6.2/+40% 5.1(**)/+70% -# -# (*) Loop is 1056 instructions long and expected result is ~8.25. -# It remains mystery [to me] why ILP is limited to 1.7. -# -# (**) As per above comment, the result is for AVX *plus* sh[rl]d. - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -push(@INC,"${dir}","${dir}../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],"sha1-586.pl",$ARGV[$#ARGV] eq "386"); - -$xmm=$ymm=0; -for (@ARGV) { $xmm=1 if (/-DOPENSSL_IA32_SSE2/); } - -$ymm=1 if ($xmm && - `$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1` - =~ /GNU assembler version ([2-9]\.[0-9]+)/ && - $1>=2.19); # first version supporting AVX - -&external_label("OPENSSL_ia32cap_P") if ($xmm); - - -$A="eax"; -$B="ebx"; -$C="ecx"; -$D="edx"; -$E="edi"; -$T="esi"; -$tmp1="ebp"; - -@V=($A,$B,$C,$D,$E,$T); - -$alt=0; # 1 denotes alternative IALU implementation, which performs - # 8% *worse* on P4, same on Westmere and Atom, 2% better on - # Sandy Bridge... - -sub BODY_00_15 - { - local($n,$a,$b,$c,$d,$e,$f)=@_; - - &comment("00_15 $n"); - - &mov($f,$c); # f to hold F_00_19(b,c,d) - if ($n==0) { &mov($tmp1,$a); } - else { &mov($a,$tmp1); } - &rotl($tmp1,5); # tmp1=ROTATE(a,5) - &xor($f,$d); - &add($tmp1,$e); # tmp1+=e; - &mov($e,&swtmp($n%16)); # e becomes volatile and is loaded - # with xi, also note that e becomes - # f in next round... - &and($f,$b); - &rotr($b,2); # b=ROTATE(b,30) - &xor($f,$d); # f holds F_00_19(b,c,d) - &lea($tmp1,&DWP(0x5a827999,$tmp1,$e)); # tmp1+=K_00_19+xi - - if ($n==15) { &mov($e,&swtmp(($n+1)%16));# pre-fetch f for next round - &add($f,$tmp1); } # f+=tmp1 - else { &add($tmp1,$f); } # f becomes a in next round - &mov($tmp1,$a) if ($alt && $n==15); - } - -sub BODY_16_19 - { - local($n,$a,$b,$c,$d,$e,$f)=@_; - - &comment("16_19 $n"); - -if ($alt) { - &xor($c,$d); - &xor($f,&swtmp(($n+2)%16)); # f to hold Xupdate(xi,xa,xb,xc,xd) - &and($tmp1,$c); # tmp1 to hold F_00_19(b,c,d), b&=c^d - &xor($f,&swtmp(($n+8)%16)); - &xor($tmp1,$d); # tmp1=F_00_19(b,c,d) - &xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd - &rotl($f,1); # f=ROTATE(f,1) - &add($e,$tmp1); # e+=F_00_19(b,c,d) - &xor($c,$d); # restore $c - &mov($tmp1,$a); # b in next round - &rotr($b,$n==16?2:7); # b=ROTATE(b,30) - &mov(&swtmp($n%16),$f); # xi=f - &rotl($a,5); # ROTATE(a,5) - &lea($f,&DWP(0x5a827999,$f,$e));# f+=F_00_19(b,c,d)+e - &mov($e,&swtmp(($n+1)%16)); # pre-fetch f for next round - &add($f,$a); # f+=ROTATE(a,5) -} else { - &mov($tmp1,$c); # tmp1 to hold F_00_19(b,c,d) - &xor($f,&swtmp(($n+2)%16)); # f to hold Xupdate(xi,xa,xb,xc,xd) - &xor($tmp1,$d); - &xor($f,&swtmp(($n+8)%16)); - &and($tmp1,$b); - &xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd - &rotl($f,1); # f=ROTATE(f,1) - &xor($tmp1,$d); # tmp1=F_00_19(b,c,d) - &add($e,$tmp1); # e+=F_00_19(b,c,d) - &mov($tmp1,$a); - &rotr($b,2); # b=ROTATE(b,30) - &mov(&swtmp($n%16),$f); # xi=f - &rotl($tmp1,5); # ROTATE(a,5) - &lea($f,&DWP(0x5a827999,$f,$e));# f+=F_00_19(b,c,d)+e - &mov($e,&swtmp(($n+1)%16)); # pre-fetch f for next round - &add($f,$tmp1); # f+=ROTATE(a,5) -} - } - -sub BODY_20_39 - { - local($n,$a,$b,$c,$d,$e,$f)=@_; - local $K=($n<40)?0x6ed9eba1:0xca62c1d6; - - &comment("20_39 $n"); - -if ($alt) { - &xor($tmp1,$c); # tmp1 to hold F_20_39(b,c,d), b^=c - &xor($f,&swtmp(($n+2)%16)); # f to hold Xupdate(xi,xa,xb,xc,xd) - &xor($tmp1,$d); # tmp1 holds F_20_39(b,c,d) - &xor($f,&swtmp(($n+8)%16)); - &add($e,$tmp1); # e+=F_20_39(b,c,d) - &xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd - &rotl($f,1); # f=ROTATE(f,1) - &mov($tmp1,$a); # b in next round - &rotr($b,7); # b=ROTATE(b,30) - &mov(&swtmp($n%16),$f) if($n<77);# xi=f - &rotl($a,5); # ROTATE(a,5) - &xor($b,$c) if($n==39);# warm up for BODY_40_59 - &and($tmp1,$b) if($n==39); - &lea($f,&DWP($K,$f,$e)); # f+=e+K_XX_YY - &mov($e,&swtmp(($n+1)%16)) if($n<79);# pre-fetch f for next round - &add($f,$a); # f+=ROTATE(a,5) - &rotr($a,5) if ($n==79); -} else { - &mov($tmp1,$b); # tmp1 to hold F_20_39(b,c,d) - &xor($f,&swtmp(($n+2)%16)); # f to hold Xupdate(xi,xa,xb,xc,xd) - &xor($tmp1,$c); - &xor($f,&swtmp(($n+8)%16)); - &xor($tmp1,$d); # tmp1 holds F_20_39(b,c,d) - &xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd - &rotl($f,1); # f=ROTATE(f,1) - &add($e,$tmp1); # e+=F_20_39(b,c,d) - &rotr($b,2); # b=ROTATE(b,30) - &mov($tmp1,$a); - &rotl($tmp1,5); # ROTATE(a,5) - &mov(&swtmp($n%16),$f) if($n<77);# xi=f - &lea($f,&DWP($K,$f,$e)); # f+=e+K_XX_YY - &mov($e,&swtmp(($n+1)%16)) if($n<79);# pre-fetch f for next round - &add($f,$tmp1); # f+=ROTATE(a,5) -} - } - -sub BODY_40_59 - { - local($n,$a,$b,$c,$d,$e,$f)=@_; - - &comment("40_59 $n"); - -if ($alt) { - &add($e,$tmp1); # e+=b&(c^d) - &xor($f,&swtmp(($n+2)%16)); # f to hold Xupdate(xi,xa,xb,xc,xd) - &mov($tmp1,$d); - &xor($f,&swtmp(($n+8)%16)); - &xor($c,$d); # restore $c - &xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd - &rotl($f,1); # f=ROTATE(f,1) - &and($tmp1,$c); - &rotr($b,7); # b=ROTATE(b,30) - &add($e,$tmp1); # e+=c&d - &mov($tmp1,$a); # b in next round - &mov(&swtmp($n%16),$f); # xi=f - &rotl($a,5); # ROTATE(a,5) - &xor($b,$c) if ($n<59); - &and($tmp1,$b) if ($n<59);# tmp1 to hold F_40_59(b,c,d) - &lea($f,&DWP(0x8f1bbcdc,$f,$e));# f+=K_40_59+e+(b&(c^d)) - &mov($e,&swtmp(($n+1)%16)); # pre-fetch f for next round - &add($f,$a); # f+=ROTATE(a,5) -} else { - &mov($tmp1,$c); # tmp1 to hold F_40_59(b,c,d) - &xor($f,&swtmp(($n+2)%16)); # f to hold Xupdate(xi,xa,xb,xc,xd) - &xor($tmp1,$d); - &xor($f,&swtmp(($n+8)%16)); - &and($tmp1,$b); - &xor($f,&swtmp(($n+13)%16)); # f holds xa^xb^xc^xd - &rotl($f,1); # f=ROTATE(f,1) - &add($tmp1,$e); # b&(c^d)+=e - &rotr($b,2); # b=ROTATE(b,30) - &mov($e,$a); # e becomes volatile - &rotl($e,5); # ROTATE(a,5) - &mov(&swtmp($n%16),$f); # xi=f - &lea($f,&DWP(0x8f1bbcdc,$f,$tmp1));# f+=K_40_59+e+(b&(c^d)) - &mov($tmp1,$c); - &add($f,$e); # f+=ROTATE(a,5) - &and($tmp1,$d); - &mov($e,&swtmp(($n+1)%16)); # pre-fetch f for next round - &add($f,$tmp1); # f+=c&d -} - } - -&function_begin("sha1_block_data_order"); -if ($xmm) { - &static_label("ssse3_shortcut"); - &static_label("avx_shortcut") if ($ymm); - &static_label("K_XX_XX"); - - &picsetup($tmp1); - &picsymbol($T, "OPENSSL_ia32cap_P", $tmp1); - &picsymbol($tmp1, &label("K_XX_XX"), $tmp1); - - &mov ($A,&DWP(0,$T)); - &mov ($D,&DWP(4,$T)); - &test ($D,"\$IA32CAP_MASK1_SSSE3"); # check SSSE3 bit - &jz (&label("x86")); - &test ($A,"\$IA32CAP_MASK0_FXSR"); # check FXSR bit - &jz (&label("x86")); - if ($ymm) { - &and ($D,"\$IA32CAP_MASK1_AVX"); # mask AVX bit - &and ($A,"\$IA32CAP_MASK0_INTEL"); # mask "Intel CPU" bit - &or ($A,$D); - &cmp ($A,"\$(IA32CAP_MASK1_AVX | IA32CAP_MASK0_INTEL)"); - &je (&label("avx_shortcut")); - } - &jmp (&label("ssse3_shortcut")); - &set_label("x86",16); -} - &mov($tmp1,&wparam(0)); # SHA_CTX *c - &mov($T,&wparam(1)); # const void *input - &mov($A,&wparam(2)); # size_t num - &stack_push(16+3); # allocate X[16] - &shl($A,6); - &add($A,$T); - &mov(&wparam(2),$A); # pointer beyond the end of input - &mov($E,&DWP(16,$tmp1));# pre-load E - &jmp(&label("loop")); - -&set_label("loop",16); - - # copy input chunk to X, but reversing byte order! - for ($i=0; $i<16; $i+=4) - { - &mov($A,&DWP(4*($i+0),$T)); - &mov($B,&DWP(4*($i+1),$T)); - &mov($C,&DWP(4*($i+2),$T)); - &mov($D,&DWP(4*($i+3),$T)); - &bswap($A); - &bswap($B); - &bswap($C); - &bswap($D); - &mov(&swtmp($i+0),$A); - &mov(&swtmp($i+1),$B); - &mov(&swtmp($i+2),$C); - &mov(&swtmp($i+3),$D); - } - &mov(&wparam(1),$T); # redundant in 1st spin - - &mov($A,&DWP(0,$tmp1)); # load SHA_CTX - &mov($B,&DWP(4,$tmp1)); - &mov($C,&DWP(8,$tmp1)); - &mov($D,&DWP(12,$tmp1)); - # E is pre-loaded - - for($i=0;$i<16;$i++) { &BODY_00_15($i,@V); unshift(@V,pop(@V)); } - for(;$i<20;$i++) { &BODY_16_19($i,@V); unshift(@V,pop(@V)); } - for(;$i<40;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); } - for(;$i<60;$i++) { &BODY_40_59($i,@V); unshift(@V,pop(@V)); } - for(;$i<80;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); } - - (($V[5] eq $D) and ($V[0] eq $E)) or die; # double-check - - &mov($tmp1,&wparam(0)); # re-load SHA_CTX* - &mov($D,&wparam(1)); # D is last "T" and is discarded - - &add($E,&DWP(0,$tmp1)); # E is last "A"... - &add($T,&DWP(4,$tmp1)); - &add($A,&DWP(8,$tmp1)); - &add($B,&DWP(12,$tmp1)); - &add($C,&DWP(16,$tmp1)); - - &mov(&DWP(0,$tmp1),$E); # update SHA_CTX - &add($D,64); # advance input pointer - &mov(&DWP(4,$tmp1),$T); - &cmp($D,&wparam(2)); # have we reached the end yet? - &mov(&DWP(8,$tmp1),$A); - &mov($E,$C); # C is last "E" which needs to be "pre-loaded" - &mov(&DWP(12,$tmp1),$B); - &mov($T,$D); # input pointer - &mov(&DWP(16,$tmp1),$C); - &jb(&label("loop")); - - &stack_pop(16+3); -&function_end("sha1_block_data_order"); - -if ($xmm) { -###################################################################### -# The SSSE3 implementation. -# -# %xmm[0-7] are used as ring @X[] buffer containing quadruples of last -# 32 elements of the message schedule or Xupdate outputs. First 4 -# quadruples are simply byte-swapped input, next 4 are calculated -# according to method originally suggested by Dean Gaudet (modulo -# being implemented in SSSE3). Once 8 quadruples or 32 elements are -# collected, it switches to routine proposed by Max Locktyukhin. -# -# Calculations inevitably require temporary reqisters, and there are -# no %xmm registers left to spare. For this reason part of the ring -# buffer, X[2..4] to be specific, is offloaded to 3 quadriples ring -# buffer on the stack. Keep in mind that X[2] is alias X[-6], X[3] - -# X[-5], and X[4] - X[-4]... -# -# Another notable optimization is aggressive stack frame compression -# aiming to minimize amount of 9-byte instructions... -# -# Yet another notable optimization is "jumping" $B variable. It means -# that there is no register permanently allocated for $B value. This -# allowed to eliminate one instruction from body_20_39... -# -my $Xi=4; # 4xSIMD Xupdate round, start pre-seeded -my @X=map("xmm$_",(4..7,0..3)); # pre-seeded for $Xi=4 -my @V=($A,$B,$C,$D,$E); -my $j=0; # hash round -my @T=($T,$tmp1); -my $inp; - -my $_rol=sub { &rol(@_) }; -my $_ror=sub { &ror(@_) }; - -&function_begin("_sha1_block_data_order_ssse3"); - &picsetup($tmp1); - &picsymbol($tmp1, &label("K_XX_XX"), $tmp1); - -&set_label("ssse3_shortcut"); - - &movdqa (@X[3],&QWP(0,$tmp1)); # K_00_19 - &movdqa (@X[4],&QWP(16,$tmp1)); # K_20_39 - &movdqa (@X[5],&QWP(32,$tmp1)); # K_40_59 - &movdqa (@X[6],&QWP(48,$tmp1)); # K_60_79 - &movdqa (@X[2],&QWP(64,$tmp1)); # pbswap mask - - &mov ($E,&wparam(0)); # load argument block - &mov ($inp=@T[1],&wparam(1)); - &mov ($D,&wparam(2)); - &mov (@T[0],"esp"); - - # stack frame layout - # - # +0 X[0]+K X[1]+K X[2]+K X[3]+K # XMM->IALU xfer area - # X[4]+K X[5]+K X[6]+K X[7]+K - # X[8]+K X[9]+K X[10]+K X[11]+K - # X[12]+K X[13]+K X[14]+K X[15]+K - # - # +64 X[0] X[1] X[2] X[3] # XMM->XMM backtrace area - # X[4] X[5] X[6] X[7] - # X[8] X[9] X[10] X[11] # even borrowed for K_00_19 - # - # +112 K_20_39 K_20_39 K_20_39 K_20_39 # constants - # K_40_59 K_40_59 K_40_59 K_40_59 - # K_60_79 K_60_79 K_60_79 K_60_79 - # K_00_19 K_00_19 K_00_19 K_00_19 - # pbswap mask - # - # +192 ctx # argument block - # +196 inp - # +200 end - # +204 esp - &sub ("esp",208); - &and ("esp",-64); - - &movdqa (&QWP(112+0,"esp"),@X[4]); # copy constants - &movdqa (&QWP(112+16,"esp"),@X[5]); - &movdqa (&QWP(112+32,"esp"),@X[6]); - &shl ($D,6); # len*64 - &movdqa (&QWP(112+48,"esp"),@X[3]); - &add ($D,$inp); # end of input - &movdqa (&QWP(112+64,"esp"),@X[2]); - &add ($inp,64); - &mov (&DWP(192+0,"esp"),$E); # save argument block - &mov (&DWP(192+4,"esp"),$inp); - &mov (&DWP(192+8,"esp"),$D); - &mov (&DWP(192+12,"esp"),@T[0]); # save original %esp - - &mov ($A,&DWP(0,$E)); # load context - &mov ($B,&DWP(4,$E)); - &mov ($C,&DWP(8,$E)); - &mov ($D,&DWP(12,$E)); - &mov ($E,&DWP(16,$E)); - &mov (@T[0],$B); # magic seed - - &movdqu (@X[-4&7],&QWP(-64,$inp)); # load input to %xmm[0-3] - &movdqu (@X[-3&7],&QWP(-48,$inp)); - &movdqu (@X[-2&7],&QWP(-32,$inp)); - &movdqu (@X[-1&7],&QWP(-16,$inp)); - &pshufb (@X[-4&7],@X[2]); # byte swap - &pshufb (@X[-3&7],@X[2]); - &pshufb (@X[-2&7],@X[2]); - &movdqa (&QWP(112-16,"esp"),@X[3]); # borrow last backtrace slot - &pshufb (@X[-1&7],@X[2]); - &paddd (@X[-4&7],@X[3]); # add K_00_19 - &paddd (@X[-3&7],@X[3]); - &paddd (@X[-2&7],@X[3]); - &movdqa (&QWP(0,"esp"),@X[-4&7]); # X[]+K xfer to IALU - &psubd (@X[-4&7],@X[3]); # restore X[] - &movdqa (&QWP(0+16,"esp"),@X[-3&7]); - &psubd (@X[-3&7],@X[3]); - &movdqa (&QWP(0+32,"esp"),@X[-2&7]); - &psubd (@X[-2&7],@X[3]); - &movdqa (@X[0],@X[-3&7]); - &jmp (&label("loop")); - -###################################################################### -# SSE instruction sequence is first broken to groups of independent -# instructions, independent in respect to their inputs and shifter -# (not all architectures have more than one). Then IALU instructions -# are "knitted in" between the SSE groups. Distance is maintained for -# SSE latency of 2 in hope that it fits better upcoming AMD Bulldozer -# [which allegedly also implements SSSE3]... -# -# Temporary registers usage. X[2] is volatile at the entry and at the -# end is restored from backtrace ring buffer. X[3] is expected to -# contain current K_XX_XX constant and is used to calculate X[-1]+K -# from previous round, it becomes volatile the moment the value is -# saved to stack for transfer to IALU. X[4] becomes volatile whenever -# X[-4] is accumulated and offloaded to backtrace ring buffer, at the -# end it is loaded with next K_XX_XX [which becomes X[3] in next -# round]... -# -sub Xupdate_ssse3_16_31() # recall that $Xi starts with 4 -{ use integer; - my $body = shift; - my @insns = (&$body,&$body,&$body,&$body); # 40 instructions - my ($a,$b,$c,$d,$e); - - eval(shift(@insns)); - eval(shift(@insns)); - &palignr(@X[0],@X[-4&7],8); # compose "X[-14]" in "X[0]" - &movdqa (@X[2],@X[-1&7]); - eval(shift(@insns)); - eval(shift(@insns)); - - &paddd (@X[3],@X[-1&7]); - &movdqa (&QWP(64+16*(($Xi-4)%3),"esp"),@X[-4&7]);# save X[] to backtrace buffer - eval(shift(@insns)); - eval(shift(@insns)); - &psrldq (@X[2],4); # "X[-3]", 3 dwords - eval(shift(@insns)); - eval(shift(@insns)); - &pxor (@X[0],@X[-4&7]); # "X[0]"^="X[-16]" - eval(shift(@insns)); - eval(shift(@insns)); - - &pxor (@X[2],@X[-2&7]); # "X[-3]"^"X[-8]" - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); - - &pxor (@X[0],@X[2]); # "X[0]"^="X[-3]"^"X[-8]" - eval(shift(@insns)); - eval(shift(@insns)); - &movdqa (&QWP(0+16*(($Xi-1)&3),"esp"),@X[3]); # X[]+K xfer to IALU - eval(shift(@insns)); - eval(shift(@insns)); - - &movdqa (@X[4],@X[0]); - &movdqa (@X[2],@X[0]); - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); - - &pslldq (@X[4],12); # "X[0]"<<96, extract one dword - &paddd (@X[0],@X[0]); - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); - - &psrld (@X[2],31); - eval(shift(@insns)); - eval(shift(@insns)); - &movdqa (@X[3],@X[4]); - eval(shift(@insns)); - eval(shift(@insns)); - - &psrld (@X[4],30); - &por (@X[0],@X[2]); # "X[0]"<<<=1 - eval(shift(@insns)); - eval(shift(@insns)); - &movdqa (@X[2],&QWP(64+16*(($Xi-6)%3),"esp")) if ($Xi>5); # restore X[] from backtrace buffer - eval(shift(@insns)); - eval(shift(@insns)); - - &pslld (@X[3],2); - &pxor (@X[0],@X[4]); - eval(shift(@insns)); - eval(shift(@insns)); - &movdqa (@X[4],&QWP(112-16+16*(($Xi)/5),"esp")); # K_XX_XX - eval(shift(@insns)); - eval(shift(@insns)); - - &pxor (@X[0],@X[3]); # "X[0]"^=("X[0]"<<96)<<<2 - &movdqa (@X[1],@X[-2&7]) if ($Xi<7); - eval(shift(@insns)); - eval(shift(@insns)); - - foreach (@insns) { eval; } # remaining instructions [if any] - - $Xi++; push(@X,shift(@X)); # "rotate" X[] -} - -sub Xupdate_ssse3_32_79() -{ use integer; - my $body = shift; - my @insns = (&$body,&$body,&$body,&$body); # 32 to 48 instructions - my ($a,$b,$c,$d,$e); - - &movdqa (@X[2],@X[-1&7]) if ($Xi==8); - eval(shift(@insns)); # body_20_39 - &pxor (@X[0],@X[-4&7]); # "X[0]"="X[-32]"^"X[-16]" - &palignr(@X[2],@X[-2&7],8); # compose "X[-6]" - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); # rol - - &pxor (@X[0],@X[-7&7]); # "X[0]"^="X[-28]" - &movdqa (&QWP(64+16*(($Xi-4)%3),"esp"),@X[-4&7]); # save X[] to backtrace buffer - eval(shift(@insns)); - eval(shift(@insns)); - if ($Xi%5) { - &movdqa (@X[4],@X[3]); # "perpetuate" K_XX_XX... - } else { # ... or load next one - &movdqa (@X[4],&QWP(112-16+16*($Xi/5),"esp")); - } - &paddd (@X[3],@X[-1&7]); - eval(shift(@insns)); # ror - eval(shift(@insns)); - - &pxor (@X[0],@X[2]); # "X[0]"^="X[-6]" - eval(shift(@insns)); # body_20_39 - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); # rol - - &movdqa (@X[2],@X[0]); - &movdqa (&QWP(0+16*(($Xi-1)&3),"esp"),@X[3]); # X[]+K xfer to IALU - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); # ror - eval(shift(@insns)); - - &pslld (@X[0],2); - eval(shift(@insns)); # body_20_39 - eval(shift(@insns)); - &psrld (@X[2],30); - eval(shift(@insns)); - eval(shift(@insns)); # rol - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); # ror - eval(shift(@insns)); - - &por (@X[0],@X[2]); # "X[0]"<<<=2 - eval(shift(@insns)); # body_20_39 - eval(shift(@insns)); - &movdqa (@X[2],&QWP(64+16*(($Xi-6)%3),"esp")) if($Xi<19); # restore X[] from backtrace buffer - eval(shift(@insns)); - eval(shift(@insns)); # rol - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); # ror - &movdqa (@X[3],@X[0]) if ($Xi<19); - eval(shift(@insns)); - - foreach (@insns) { eval; } # remaining instructions - - $Xi++; push(@X,shift(@X)); # "rotate" X[] -} - -sub Xuplast_ssse3_80() -{ use integer; - my $body = shift; - my @insns = (&$body,&$body,&$body,&$body); # 32 instructions - my ($a,$b,$c,$d,$e); - - eval(shift(@insns)); - &paddd (@X[3],@X[-1&7]); - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); - - &movdqa (&QWP(0+16*(($Xi-1)&3),"esp"),@X[3]); # X[]+K xfer IALU - - foreach (@insns) { eval; } # remaining instructions - - &mov ($inp=@T[1],&DWP(192+4,"esp")); - &cmp ($inp,&DWP(192+8,"esp")); - &je (&label("done")); - - &movdqa (@X[3],&QWP(112+48,"esp")); # K_00_19 - &movdqa (@X[2],&QWP(112+64,"esp")); # pbswap mask - &movdqu (@X[-4&7],&QWP(0,$inp)); # load input - &movdqu (@X[-3&7],&QWP(16,$inp)); - &movdqu (@X[-2&7],&QWP(32,$inp)); - &movdqu (@X[-1&7],&QWP(48,$inp)); - &add ($inp,64); - &pshufb (@X[-4&7],@X[2]); # byte swap - &mov (&DWP(192+4,"esp"),$inp); - &movdqa (&QWP(112-16,"esp"),@X[3]); # borrow last backtrace slot - - $Xi=0; -} - -sub Xloop_ssse3() -{ use integer; - my $body = shift; - my @insns = (&$body,&$body,&$body,&$body); # 32 instructions - my ($a,$b,$c,$d,$e); - - eval(shift(@insns)); - eval(shift(@insns)); - &pshufb (@X[($Xi-3)&7],@X[2]); - eval(shift(@insns)); - eval(shift(@insns)); - &paddd (@X[($Xi-4)&7],@X[3]); - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); - &movdqa (&QWP(0+16*$Xi,"esp"),@X[($Xi-4)&7]); # X[]+K xfer to IALU - eval(shift(@insns)); - eval(shift(@insns)); - &psubd (@X[($Xi-4)&7],@X[3]); - - foreach (@insns) { eval; } - $Xi++; -} - -sub Xtail_ssse3() -{ use integer; - my $body = shift; - my @insns = (&$body,&$body,&$body,&$body); # 32 instructions - my ($a,$b,$c,$d,$e); - - foreach (@insns) { eval; } -} - -sub body_00_19 () { - ( - '($a,$b,$c,$d,$e)=@V;'. - '&add ($e,&DWP(4*($j&15),"esp"));', # X[]+K xfer - '&xor ($c,$d);', - '&mov (@T[1],$a);', # $b in next round - '&$_rol ($a,5);', - '&and (@T[0],$c);', # ($b&($c^$d)) - '&xor ($c,$d);', # restore $c - '&xor (@T[0],$d);', - '&add ($e,$a);', - '&$_ror ($b,$j?7:2);', # $b>>>2 - '&add ($e,@T[0]);' .'$j++; unshift(@V,pop(@V)); unshift(@T,pop(@T));' - ); -} - -sub body_20_39 () { - ( - '($a,$b,$c,$d,$e)=@V;'. - '&add ($e,&DWP(4*($j++&15),"esp"));', # X[]+K xfer - '&xor (@T[0],$d);', # ($b^$d) - '&mov (@T[1],$a);', # $b in next round - '&$_rol ($a,5);', - '&xor (@T[0],$c);', # ($b^$d^$c) - '&add ($e,$a);', - '&$_ror ($b,7);', # $b>>>2 - '&add ($e,@T[0]);' .'unshift(@V,pop(@V)); unshift(@T,pop(@T));' - ); -} - -sub body_40_59 () { - ( - '($a,$b,$c,$d,$e)=@V;'. - '&mov (@T[1],$c);', - '&xor ($c,$d);', - '&add ($e,&DWP(4*($j++&15),"esp"));', # X[]+K xfer - '&and (@T[1],$d);', - '&and (@T[0],$c);', # ($b&($c^$d)) - '&$_ror ($b,7);', # $b>>>2 - '&add ($e,@T[1]);', - '&mov (@T[1],$a);', # $b in next round - '&$_rol ($a,5);', - '&add ($e,@T[0]);', - '&xor ($c,$d);', # restore $c - '&add ($e,$a);' .'unshift(@V,pop(@V)); unshift(@T,pop(@T));' - ); -} - -&set_label("loop",16); - &Xupdate_ssse3_16_31(\&body_00_19); - &Xupdate_ssse3_16_31(\&body_00_19); - &Xupdate_ssse3_16_31(\&body_00_19); - &Xupdate_ssse3_16_31(\&body_00_19); - &Xupdate_ssse3_32_79(\&body_00_19); - &Xupdate_ssse3_32_79(\&body_20_39); - &Xupdate_ssse3_32_79(\&body_20_39); - &Xupdate_ssse3_32_79(\&body_20_39); - &Xupdate_ssse3_32_79(\&body_20_39); - &Xupdate_ssse3_32_79(\&body_20_39); - &Xupdate_ssse3_32_79(\&body_40_59); - &Xupdate_ssse3_32_79(\&body_40_59); - &Xupdate_ssse3_32_79(\&body_40_59); - &Xupdate_ssse3_32_79(\&body_40_59); - &Xupdate_ssse3_32_79(\&body_40_59); - &Xupdate_ssse3_32_79(\&body_20_39); - &Xuplast_ssse3_80(\&body_20_39); # can jump to "done" - - $saved_j=$j; @saved_V=@V; - - &Xloop_ssse3(\&body_20_39); - &Xloop_ssse3(\&body_20_39); - &Xloop_ssse3(\&body_20_39); - - &mov (@T[1],&DWP(192,"esp")); # update context - &add ($A,&DWP(0,@T[1])); - &add (@T[0],&DWP(4,@T[1])); # $b - &add ($C,&DWP(8,@T[1])); - &mov (&DWP(0,@T[1]),$A); - &add ($D,&DWP(12,@T[1])); - &mov (&DWP(4,@T[1]),@T[0]); - &add ($E,&DWP(16,@T[1])); - &mov (&DWP(8,@T[1]),$C); - &mov ($B,@T[0]); - &mov (&DWP(12,@T[1]),$D); - &mov (&DWP(16,@T[1]),$E); - &movdqa (@X[0],@X[-3&7]); - - &jmp (&label("loop")); - -&set_label("done",16); $j=$saved_j; @V=@saved_V; - - &Xtail_ssse3(\&body_20_39); - &Xtail_ssse3(\&body_20_39); - &Xtail_ssse3(\&body_20_39); - - &mov (@T[1],&DWP(192,"esp")); # update context - &add ($A,&DWP(0,@T[1])); - &mov ("esp",&DWP(192+12,"esp")); # restore %esp - &add (@T[0],&DWP(4,@T[1])); # $b - &add ($C,&DWP(8,@T[1])); - &mov (&DWP(0,@T[1]),$A); - &add ($D,&DWP(12,@T[1])); - &mov (&DWP(4,@T[1]),@T[0]); - &add ($E,&DWP(16,@T[1])); - &mov (&DWP(8,@T[1]),$C); - &mov (&DWP(12,@T[1]),$D); - &mov (&DWP(16,@T[1]),$E); - -&function_end("_sha1_block_data_order_ssse3"); - -if ($ymm) { -my $Xi=4; # 4xSIMD Xupdate round, start pre-seeded -my @X=map("xmm$_",(4..7,0..3)); # pre-seeded for $Xi=4 -my @V=($A,$B,$C,$D,$E); -my $j=0; # hash round -my @T=($T,$tmp1); -my $inp; - -my $_rol=sub { &shld(@_[0],@_) }; -my $_ror=sub { &shrd(@_[0],@_) }; - -&function_begin("_sha1_block_data_order_avx"); - &picsetup($tmp1); - &picsymbol($tmp1, &label("K_XX_XX"), $tmp1); - -&set_label("avx_shortcut"); - &vzeroall(); - - &vmovdqa(@X[3],&QWP(0,$tmp1)); # K_00_19 - &vmovdqa(@X[4],&QWP(16,$tmp1)); # K_20_39 - &vmovdqa(@X[5],&QWP(32,$tmp1)); # K_40_59 - &vmovdqa(@X[6],&QWP(48,$tmp1)); # K_60_79 - &vmovdqa(@X[2],&QWP(64,$tmp1)); # pbswap mask - - &mov ($E,&wparam(0)); # load argument block - &mov ($inp=@T[1],&wparam(1)); - &mov ($D,&wparam(2)); - &mov (@T[0],"esp"); - - # stack frame layout - # - # +0 X[0]+K X[1]+K X[2]+K X[3]+K # XMM->IALU xfer area - # X[4]+K X[5]+K X[6]+K X[7]+K - # X[8]+K X[9]+K X[10]+K X[11]+K - # X[12]+K X[13]+K X[14]+K X[15]+K - # - # +64 X[0] X[1] X[2] X[3] # XMM->XMM backtrace area - # X[4] X[5] X[6] X[7] - # X[8] X[9] X[10] X[11] # even borrowed for K_00_19 - # - # +112 K_20_39 K_20_39 K_20_39 K_20_39 # constants - # K_40_59 K_40_59 K_40_59 K_40_59 - # K_60_79 K_60_79 K_60_79 K_60_79 - # K_00_19 K_00_19 K_00_19 K_00_19 - # pbswap mask - # - # +192 ctx # argument block - # +196 inp - # +200 end - # +204 esp - &sub ("esp",208); - &and ("esp",-64); - - &vmovdqa(&QWP(112+0,"esp"),@X[4]); # copy constants - &vmovdqa(&QWP(112+16,"esp"),@X[5]); - &vmovdqa(&QWP(112+32,"esp"),@X[6]); - &shl ($D,6); # len*64 - &vmovdqa(&QWP(112+48,"esp"),@X[3]); - &add ($D,$inp); # end of input - &vmovdqa(&QWP(112+64,"esp"),@X[2]); - &add ($inp,64); - &mov (&DWP(192+0,"esp"),$E); # save argument block - &mov (&DWP(192+4,"esp"),$inp); - &mov (&DWP(192+8,"esp"),$D); - &mov (&DWP(192+12,"esp"),@T[0]); # save original %esp - - &mov ($A,&DWP(0,$E)); # load context - &mov ($B,&DWP(4,$E)); - &mov ($C,&DWP(8,$E)); - &mov ($D,&DWP(12,$E)); - &mov ($E,&DWP(16,$E)); - &mov (@T[0],$B); # magic seed - - &vmovdqu(@X[-4&7],&QWP(-64,$inp)); # load input to %xmm[0-3] - &vmovdqu(@X[-3&7],&QWP(-48,$inp)); - &vmovdqu(@X[-2&7],&QWP(-32,$inp)); - &vmovdqu(@X[-1&7],&QWP(-16,$inp)); - &vpshufb(@X[-4&7],@X[-4&7],@X[2]); # byte swap - &vpshufb(@X[-3&7],@X[-3&7],@X[2]); - &vpshufb(@X[-2&7],@X[-2&7],@X[2]); - &vmovdqa(&QWP(112-16,"esp"),@X[3]); # borrow last backtrace slot - &vpshufb(@X[-1&7],@X[-1&7],@X[2]); - &vpaddd (@X[0],@X[-4&7],@X[3]); # add K_00_19 - &vpaddd (@X[1],@X[-3&7],@X[3]); - &vpaddd (@X[2],@X[-2&7],@X[3]); - &vmovdqa(&QWP(0,"esp"),@X[0]); # X[]+K xfer to IALU - &vmovdqa(&QWP(0+16,"esp"),@X[1]); - &vmovdqa(&QWP(0+32,"esp"),@X[2]); - &jmp (&label("loop")); - -sub Xupdate_avx_16_31() # recall that $Xi starts with 4 -{ use integer; - my $body = shift; - my @insns = (&$body,&$body,&$body,&$body); # 40 instructions - my ($a,$b,$c,$d,$e); - - eval(shift(@insns)); - eval(shift(@insns)); - &vpalignr(@X[0],@X[-3&7],@X[-4&7],8); # compose "X[-14]" in "X[0]" - eval(shift(@insns)); - eval(shift(@insns)); - - &vpaddd (@X[3],@X[3],@X[-1&7]); - &vmovdqa (&QWP(64+16*(($Xi-4)%3),"esp"),@X[-4&7]);# save X[] to backtrace buffer - eval(shift(@insns)); - eval(shift(@insns)); - &vpsrldq(@X[2],@X[-1&7],4); # "X[-3]", 3 dwords - eval(shift(@insns)); - eval(shift(@insns)); - &vpxor (@X[0],@X[0],@X[-4&7]); # "X[0]"^="X[-16]" - eval(shift(@insns)); - eval(shift(@insns)); - - &vpxor (@X[2],@X[2],@X[-2&7]); # "X[-3]"^"X[-8]" - eval(shift(@insns)); - eval(shift(@insns)); - &vmovdqa (&QWP(0+16*(($Xi-1)&3),"esp"),@X[3]); # X[]+K xfer to IALU - eval(shift(@insns)); - eval(shift(@insns)); - - &vpxor (@X[0],@X[0],@X[2]); # "X[0]"^="X[-3]"^"X[-8]" - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); - - &vpsrld (@X[2],@X[0],31); - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); - - &vpslldq(@X[4],@X[0],12); # "X[0]"<<96, extract one dword - &vpaddd (@X[0],@X[0],@X[0]); - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); - - &vpsrld (@X[3],@X[4],30); - &vpor (@X[0],@X[0],@X[2]); # "X[0]"<<<=1 - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); - - &vpslld (@X[4],@X[4],2); - &vmovdqa (@X[2],&QWP(64+16*(($Xi-6)%3),"esp")) if ($Xi>5); # restore X[] from backtrace buffer - eval(shift(@insns)); - eval(shift(@insns)); - &vpxor (@X[0],@X[0],@X[3]); - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); - - &vpxor (@X[0],@X[0],@X[4]); # "X[0]"^=("X[0]"<<96)<<<2 - eval(shift(@insns)); - eval(shift(@insns)); - &vmovdqa (@X[4],&QWP(112-16+16*(($Xi)/5),"esp")); # K_XX_XX - eval(shift(@insns)); - eval(shift(@insns)); - - foreach (@insns) { eval; } # remaining instructions [if any] - - $Xi++; push(@X,shift(@X)); # "rotate" X[] -} - -sub Xupdate_avx_32_79() -{ use integer; - my $body = shift; - my @insns = (&$body,&$body,&$body,&$body); # 32 to 48 instructions - my ($a,$b,$c,$d,$e); - - &vpalignr(@X[2],@X[-1&7],@X[-2&7],8); # compose "X[-6]" - &vpxor (@X[0],@X[0],@X[-4&7]); # "X[0]"="X[-32]"^"X[-16]" - eval(shift(@insns)); # body_20_39 - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); # rol - - &vpxor (@X[0],@X[0],@X[-7&7]); # "X[0]"^="X[-28]" - &vmovdqa (&QWP(64+16*(($Xi-4)%3),"esp"),@X[-4&7]); # save X[] to backtrace buffer - eval(shift(@insns)); - eval(shift(@insns)); - if ($Xi%5) { - &vmovdqa (@X[4],@X[3]); # "perpetuate" K_XX_XX... - } else { # ... or load next one - &vmovdqa (@X[4],&QWP(112-16+16*($Xi/5),"esp")); - } - &vpaddd (@X[3],@X[3],@X[-1&7]); - eval(shift(@insns)); # ror - eval(shift(@insns)); - - &vpxor (@X[0],@X[0],@X[2]); # "X[0]"^="X[-6]" - eval(shift(@insns)); # body_20_39 - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); # rol - - &vpsrld (@X[2],@X[0],30); - &vmovdqa (&QWP(0+16*(($Xi-1)&3),"esp"),@X[3]); # X[]+K xfer to IALU - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); # ror - eval(shift(@insns)); - - &vpslld (@X[0],@X[0],2); - eval(shift(@insns)); # body_20_39 - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); # rol - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); # ror - eval(shift(@insns)); - - &vpor (@X[0],@X[0],@X[2]); # "X[0]"<<<=2 - eval(shift(@insns)); # body_20_39 - eval(shift(@insns)); - &vmovdqa (@X[2],&QWP(64+16*(($Xi-6)%3),"esp")) if($Xi<19); # restore X[] from backtrace buffer - eval(shift(@insns)); - eval(shift(@insns)); # rol - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); # ror - eval(shift(@insns)); - - foreach (@insns) { eval; } # remaining instructions - - $Xi++; push(@X,shift(@X)); # "rotate" X[] -} - -sub Xuplast_avx_80() -{ use integer; - my $body = shift; - my @insns = (&$body,&$body,&$body,&$body); # 32 instructions - my ($a,$b,$c,$d,$e); - - eval(shift(@insns)); - &vpaddd (@X[3],@X[3],@X[-1&7]); - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); - - &vmovdqa (&QWP(0+16*(($Xi-1)&3),"esp"),@X[3]); # X[]+K xfer IALU - - foreach (@insns) { eval; } # remaining instructions - - &mov ($inp=@T[1],&DWP(192+4,"esp")); - &cmp ($inp,&DWP(192+8,"esp")); - &je (&label("done")); - - &vmovdqa(@X[3],&QWP(112+48,"esp")); # K_00_19 - &vmovdqa(@X[2],&QWP(112+64,"esp")); # pbswap mask - &vmovdqu(@X[-4&7],&QWP(0,$inp)); # load input - &vmovdqu(@X[-3&7],&QWP(16,$inp)); - &vmovdqu(@X[-2&7],&QWP(32,$inp)); - &vmovdqu(@X[-1&7],&QWP(48,$inp)); - &add ($inp,64); - &vpshufb(@X[-4&7],@X[-4&7],@X[2]); # byte swap - &mov (&DWP(192+4,"esp"),$inp); - &vmovdqa(&QWP(112-16,"esp"),@X[3]); # borrow last backtrace slot - - $Xi=0; -} - -sub Xloop_avx() -{ use integer; - my $body = shift; - my @insns = (&$body,&$body,&$body,&$body); # 32 instructions - my ($a,$b,$c,$d,$e); - - eval(shift(@insns)); - eval(shift(@insns)); - &vpshufb (@X[($Xi-3)&7],@X[($Xi-3)&7],@X[2]); - eval(shift(@insns)); - eval(shift(@insns)); - &vpaddd (@X[$Xi&7],@X[($Xi-4)&7],@X[3]); - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); - eval(shift(@insns)); - &vmovdqa (&QWP(0+16*$Xi,"esp"),@X[$Xi&7]); # X[]+K xfer to IALU - eval(shift(@insns)); - eval(shift(@insns)); - - foreach (@insns) { eval; } - $Xi++; -} - -sub Xtail_avx() -{ use integer; - my $body = shift; - my @insns = (&$body,&$body,&$body,&$body); # 32 instructions - my ($a,$b,$c,$d,$e); - - foreach (@insns) { eval; } -} - -&set_label("loop",16); - &Xupdate_avx_16_31(\&body_00_19); - &Xupdate_avx_16_31(\&body_00_19); - &Xupdate_avx_16_31(\&body_00_19); - &Xupdate_avx_16_31(\&body_00_19); - &Xupdate_avx_32_79(\&body_00_19); - &Xupdate_avx_32_79(\&body_20_39); - &Xupdate_avx_32_79(\&body_20_39); - &Xupdate_avx_32_79(\&body_20_39); - &Xupdate_avx_32_79(\&body_20_39); - &Xupdate_avx_32_79(\&body_20_39); - &Xupdate_avx_32_79(\&body_40_59); - &Xupdate_avx_32_79(\&body_40_59); - &Xupdate_avx_32_79(\&body_40_59); - &Xupdate_avx_32_79(\&body_40_59); - &Xupdate_avx_32_79(\&body_40_59); - &Xupdate_avx_32_79(\&body_20_39); - &Xuplast_avx_80(\&body_20_39); # can jump to "done" - - $saved_j=$j; @saved_V=@V; - - &Xloop_avx(\&body_20_39); - &Xloop_avx(\&body_20_39); - &Xloop_avx(\&body_20_39); - - &mov (@T[1],&DWP(192,"esp")); # update context - &add ($A,&DWP(0,@T[1])); - &add (@T[0],&DWP(4,@T[1])); # $b - &add ($C,&DWP(8,@T[1])); - &mov (&DWP(0,@T[1]),$A); - &add ($D,&DWP(12,@T[1])); - &mov (&DWP(4,@T[1]),@T[0]); - &add ($E,&DWP(16,@T[1])); - &mov (&DWP(8,@T[1]),$C); - &mov ($B,@T[0]); - &mov (&DWP(12,@T[1]),$D); - &mov (&DWP(16,@T[1]),$E); - - &jmp (&label("loop")); - -&set_label("done",16); $j=$saved_j; @V=@saved_V; - - &Xtail_avx(\&body_20_39); - &Xtail_avx(\&body_20_39); - &Xtail_avx(\&body_20_39); - - &vzeroall(); - - &mov (@T[1],&DWP(192,"esp")); # update context - &add ($A,&DWP(0,@T[1])); - &mov ("esp",&DWP(192+12,"esp")); # restore %esp - &add (@T[0],&DWP(4,@T[1])); # $b - &add ($C,&DWP(8,@T[1])); - &mov (&DWP(0,@T[1]),$A); - &add ($D,&DWP(12,@T[1])); - &mov (&DWP(4,@T[1]),@T[0]); - &add ($E,&DWP(16,@T[1])); - &mov (&DWP(8,@T[1]),$C); - &mov (&DWP(12,@T[1]),$D); - &mov (&DWP(16,@T[1]),$E); -&function_end("_sha1_block_data_order_avx"); -} - - &rodataseg(); -&set_label("K_XX_XX",64); -&data_word(0x5a827999,0x5a827999,0x5a827999,0x5a827999); # K_00_19 -&data_word(0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1); # K_20_39 -&data_word(0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc); # K_40_59 -&data_word(0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6); # K_60_79 -&data_word(0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f); # pbswap mask - &previous(); -} - -&asm_finish(); diff --git a/src/lib/libcrypto/sha/asm/sha1-alpha.pl b/src/lib/libcrypto/sha/asm/sha1-alpha.pl deleted file mode 100644 index 56b3369f09..0000000000 --- a/src/lib/libcrypto/sha/asm/sha1-alpha.pl +++ /dev/null @@ -1,316 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# SHA1 block procedure for Alpha. - -# On 21264 performance is 33% better than code generated by vendor -# compiler, and 75% better than GCC [3.4], and in absolute terms is -# 8.7 cycles per processed byte. Implementation features vectorized -# byte swap, but not Xupdate. - -@X=( "\$0", "\$1", "\$2", "\$3", "\$4", "\$5", "\$6", "\$7", - "\$8", "\$9", "\$10", "\$11", "\$12", "\$13", "\$14", "\$15"); -$ctx="a0"; # $16 -$inp="a1"; -$num="a2"; -$A="a3"; -$B="a4"; # 20 -$C="a5"; -$D="t8"; -$E="t9"; @V=($A,$B,$C,$D,$E); -$t0="t10"; # 24 -$t1="t11"; -$t2="ra"; -$t3="t12"; -$K="AT"; # 28 - -sub BODY_00_19 { -my ($i,$a,$b,$c,$d,$e)=@_; -my $j=$i+1; -$code.=<<___ if ($i==0); - ldq_u @X[0],0+0($inp) - ldq_u @X[1],0+7($inp) -___ -$code.=<<___ if (!($i&1) && $i<14); - ldq_u @X[$i+2],($i+2)*4+0($inp) - ldq_u @X[$i+3],($i+2)*4+7($inp) -___ -$code.=<<___ if (!($i&1) && $i<15); - extql @X[$i],$inp,@X[$i] - extqh @X[$i+1],$inp,@X[$i+1] - - or @X[$i+1],@X[$i],@X[$i] # pair of 32-bit values are fetched - - srl @X[$i],24,$t0 # vectorized byte swap - srl @X[$i],8,$t2 - - sll @X[$i],8,$t3 - sll @X[$i],24,@X[$i] - zapnot $t0,0x11,$t0 - zapnot $t2,0x22,$t2 - - zapnot @X[$i],0x88,@X[$i] - or $t0,$t2,$t0 - zapnot $t3,0x44,$t3 - sll $a,5,$t1 - - or @X[$i],$t0,@X[$i] - addl $K,$e,$e - and $b,$c,$t2 - zapnot $a,0xf,$a - - or @X[$i],$t3,@X[$i] - srl $a,27,$t0 - bic $d,$b,$t3 - sll $b,30,$b - - extll @X[$i],4,@X[$i+1] # extract upper half - or $t2,$t3,$t2 - addl @X[$i],$e,$e - - addl $t1,$e,$e - srl $b,32,$t3 - zapnot @X[$i],0xf,@X[$i] - - addl $t0,$e,$e - addl $t2,$e,$e - or $t3,$b,$b -___ -$code.=<<___ if (($i&1) && $i<15); - sll $a,5,$t1 - addl $K,$e,$e - and $b,$c,$t2 - zapnot $a,0xf,$a - - srl $a,27,$t0 - addl @X[$i%16],$e,$e - bic $d,$b,$t3 - sll $b,30,$b - - or $t2,$t3,$t2 - addl $t1,$e,$e - srl $b,32,$t3 - zapnot @X[$i],0xf,@X[$i] - - addl $t0,$e,$e - addl $t2,$e,$e - or $t3,$b,$b -___ -$code.=<<___ if ($i>=15); # with forward Xupdate - sll $a,5,$t1 - addl $K,$e,$e - and $b,$c,$t2 - xor @X[($j+2)%16],@X[$j%16],@X[$j%16] - - zapnot $a,0xf,$a - addl @X[$i%16],$e,$e - bic $d,$b,$t3 - xor @X[($j+8)%16],@X[$j%16],@X[$j%16] - - srl $a,27,$t0 - addl $t1,$e,$e - or $t2,$t3,$t2 - xor @X[($j+13)%16],@X[$j%16],@X[$j%16] - - sll $b,30,$b - addl $t0,$e,$e - srl @X[$j%16],31,$t1 - - addl $t2,$e,$e - srl $b,32,$t3 - addl @X[$j%16],@X[$j%16],@X[$j%16] - - or $t3,$b,$b - zapnot @X[$i%16],0xf,@X[$i%16] - or $t1,@X[$j%16],@X[$j%16] -___ -} - -sub BODY_20_39 { -my ($i,$a,$b,$c,$d,$e)=@_; -my $j=$i+1; -$code.=<<___ if ($i<79); # with forward Xupdate - sll $a,5,$t1 - addl $K,$e,$e - zapnot $a,0xf,$a - xor @X[($j+2)%16],@X[$j%16],@X[$j%16] - - sll $b,30,$t3 - addl $t1,$e,$e - xor $b,$c,$t2 - xor @X[($j+8)%16],@X[$j%16],@X[$j%16] - - srl $b,2,$b - addl @X[$i%16],$e,$e - xor $d,$t2,$t2 - xor @X[($j+13)%16],@X[$j%16],@X[$j%16] - - srl @X[$j%16],31,$t1 - addl $t2,$e,$e - srl $a,27,$t0 - addl @X[$j%16],@X[$j%16],@X[$j%16] - - or $t3,$b,$b - addl $t0,$e,$e - or $t1,@X[$j%16],@X[$j%16] -___ -$code.=<<___ if ($i<77); - zapnot @X[$i%16],0xf,@X[$i%16] -___ -$code.=<<___ if ($i==79); # with context fetch - sll $a,5,$t1 - addl $K,$e,$e - zapnot $a,0xf,$a - ldl @X[0],0($ctx) - - sll $b,30,$t3 - addl $t1,$e,$e - xor $b,$c,$t2 - ldl @X[1],4($ctx) - - srl $b,2,$b - addl @X[$i%16],$e,$e - xor $d,$t2,$t2 - ldl @X[2],8($ctx) - - srl $a,27,$t0 - addl $t2,$e,$e - ldl @X[3],12($ctx) - - or $t3,$b,$b - addl $t0,$e,$e - ldl @X[4],16($ctx) -___ -} - -sub BODY_40_59 { -my ($i,$a,$b,$c,$d,$e)=@_; -my $j=$i+1; -$code.=<<___; # with forward Xupdate - sll $a,5,$t1 - addl $K,$e,$e - zapnot $a,0xf,$a - xor @X[($j+2)%16],@X[$j%16],@X[$j%16] - - srl $a,27,$t0 - and $b,$c,$t2 - and $b,$d,$t3 - xor @X[($j+8)%16],@X[$j%16],@X[$j%16] - - sll $b,30,$b - addl $t1,$e,$e - xor @X[($j+13)%16],@X[$j%16],@X[$j%16] - - srl @X[$j%16],31,$t1 - addl $t0,$e,$e - or $t2,$t3,$t2 - and $c,$d,$t3 - - or $t2,$t3,$t2 - srl $b,32,$t3 - addl @X[$i%16],$e,$e - addl @X[$j%16],@X[$j%16],@X[$j%16] - - or $t3,$b,$b - addl $t2,$e,$e - or $t1,@X[$j%16],@X[$j%16] - zapnot @X[$i%16],0xf,@X[$i%16] -___ -} - -$code=<<___; -#include - -.text - -.set noat -.set noreorder -.globl sha1_block_data_order -.align 5 -.ent sha1_block_data_order -sha1_block_data_order: - lda sp,-64(sp) - stq ra,0(sp) - stq s0,8(sp) - stq s1,16(sp) - stq s2,24(sp) - stq s3,32(sp) - stq s4,40(sp) - stq s5,48(sp) - stq fp,56(sp) - .mask 0x0400fe00,-64 - .frame sp,64,ra - .prologue 0 - - ldl $A,0($ctx) - ldl $B,4($ctx) - sll $num,6,$num - ldl $C,8($ctx) - ldl $D,12($ctx) - ldl $E,16($ctx) - addq $inp,$num,$num - -.Lloop: - .set noreorder - ldah $K,23170(zero) - zapnot $B,0xf,$B - lda $K,31129($K) # K_00_19 -___ -for ($i=0;$i<20;$i++) { &BODY_00_19($i,@V); unshift(@V,pop(@V)); } - -$code.=<<___; - ldah $K,28378(zero) - lda $K,-5215($K) # K_20_39 -___ -for (;$i<40;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); } - -$code.=<<___; - ldah $K,-28900(zero) - lda $K,-17188($K) # K_40_59 -___ -for (;$i<60;$i++) { &BODY_40_59($i,@V); unshift(@V,pop(@V)); } - -$code.=<<___; - ldah $K,-13725(zero) - lda $K,-15914($K) # K_60_79 -___ -for (;$i<80;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); } - -$code.=<<___; - addl @X[0],$A,$A - addl @X[1],$B,$B - addl @X[2],$C,$C - addl @X[3],$D,$D - addl @X[4],$E,$E - stl $A,0($ctx) - stl $B,4($ctx) - addq $inp,64,$inp - stl $C,8($ctx) - stl $D,12($ctx) - stl $E,16($ctx) - cmpult $inp,$num,$t1 - bne $t1,.Lloop - - .set noreorder - ldq ra,0(sp) - ldq s0,8(sp) - ldq s1,16(sp) - ldq s2,24(sp) - ldq s3,32(sp) - ldq s4,40(sp) - ldq s5,48(sp) - ldq fp,56(sp) - lda sp,64(sp) - ret (ra) -.end sha1_block_data_order -.align 2 -___ -$output=shift and open STDOUT,">$output"; -print $code; -close STDOUT; diff --git a/src/lib/libcrypto/sha/asm/sha1-armv4-large.pl b/src/lib/libcrypto/sha/asm/sha1-armv4-large.pl deleted file mode 100644 index 8f0cdaf83c..0000000000 --- a/src/lib/libcrypto/sha/asm/sha1-armv4-large.pl +++ /dev/null @@ -1,248 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# sha1_block procedure for ARMv4. -# -# January 2007. - -# Size/performance trade-off -# ==================================================================== -# impl size in bytes comp cycles[*] measured performance -# ==================================================================== -# thumb 304 3212 4420 -# armv4-small 392/+29% 1958/+64% 2250/+96% -# armv4-compact 740/+89% 1552/+26% 1840/+22% -# armv4-large 1420/+92% 1307/+19% 1370/+34%[***] -# full unroll ~5100/+260% ~1260/+4% ~1300/+5% -# ==================================================================== -# thumb = same as 'small' but in Thumb instructions[**] and -# with recurring code in two private functions; -# small = detached Xload/update, loops are folded; -# compact = detached Xload/update, 5x unroll; -# large = interleaved Xload/update, 5x unroll; -# full unroll = interleaved Xload/update, full unroll, estimated[!]; -# -# [*] Manually counted instructions in "grand" loop body. Measured -# performance is affected by prologue and epilogue overhead, -# i-cache availability, branch penalties, etc. -# [**] While each Thumb instruction is twice smaller, they are not as -# diverse as ARM ones: e.g., there are only two arithmetic -# instructions with 3 arguments, no [fixed] rotate, addressing -# modes are limited. As result it takes more instructions to do -# the same job in Thumb, therefore the code is never twice as -# small and always slower. -# [***] which is also ~35% better than compiler generated code. Dual- -# issue Cortex A8 core was measured to process input block in -# ~990 cycles. - -# August 2010. -# -# Rescheduling for dual-issue pipeline resulted in 13% improvement on -# Cortex A8 core and in absolute terms ~870 cycles per input block -# [or 13.6 cycles per byte]. - -# February 2011. -# -# Profiler-assisted and platform-specific optimization resulted in 10% -# improvement on Cortex A8 core and 12.2 cycles per byte. - -while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {} -open STDOUT,">$output"; - -$ctx="r0"; -$inp="r1"; -$len="r2"; -$a="r3"; -$b="r4"; -$c="r5"; -$d="r6"; -$e="r7"; -$K="r8"; -$t0="r9"; -$t1="r10"; -$t2="r11"; -$t3="r12"; -$Xi="r14"; -@V=($a,$b,$c,$d,$e); - -sub Xupdate { -my ($a,$b,$c,$d,$e,$opt1,$opt2)=@_; -$code.=<<___; - ldr $t0,[$Xi,#15*4] - ldr $t1,[$Xi,#13*4] - ldr $t2,[$Xi,#7*4] - add $e,$K,$e,ror#2 @ E+=K_xx_xx - ldr $t3,[$Xi,#2*4] - eor $t0,$t0,$t1 - eor $t2,$t2,$t3 @ 1 cycle stall - eor $t1,$c,$d @ F_xx_xx - mov $t0,$t0,ror#31 - add $e,$e,$a,ror#27 @ E+=ROR(A,27) - eor $t0,$t0,$t2,ror#31 - str $t0,[$Xi,#-4]! - $opt1 @ F_xx_xx - $opt2 @ F_xx_xx - add $e,$e,$t0 @ E+=X[i] -___ -} - -sub BODY_00_15 { -my ($a,$b,$c,$d,$e)=@_; -$code.=<<___; -#if __ARM_ARCH__<7 || defined(__STRICT_ALIGNMENT) - ldrb $t1,[$inp,#2] - ldrb $t0,[$inp,#3] - ldrb $t2,[$inp,#1] - add $e,$K,$e,ror#2 @ E+=K_00_19 - ldrb $t3,[$inp],#4 - orr $t0,$t0,$t1,lsl#8 - eor $t1,$c,$d @ F_xx_xx - orr $t0,$t0,$t2,lsl#16 - add $e,$e,$a,ror#27 @ E+=ROR(A,27) - orr $t0,$t0,$t3,lsl#24 -#else - ldr $t0,[$inp],#4 @ handles unaligned - add $e,$K,$e,ror#2 @ E+=K_00_19 - eor $t1,$c,$d @ F_xx_xx - add $e,$e,$a,ror#27 @ E+=ROR(A,27) -#ifdef __ARMEL__ - rev $t0,$t0 @ byte swap -#endif -#endif - and $t1,$b,$t1,ror#2 - add $e,$e,$t0 @ E+=X[i] - eor $t1,$t1,$d,ror#2 @ F_00_19(B,C,D) - str $t0,[$Xi,#-4]! - add $e,$e,$t1 @ E+=F_00_19(B,C,D) -___ -} - -sub BODY_16_19 { -my ($a,$b,$c,$d,$e)=@_; - &Xupdate(@_,"and $t1,$b,$t1,ror#2"); -$code.=<<___; - eor $t1,$t1,$d,ror#2 @ F_00_19(B,C,D) - add $e,$e,$t1 @ E+=F_00_19(B,C,D) -___ -} - -sub BODY_20_39 { -my ($a,$b,$c,$d,$e)=@_; - &Xupdate(@_,"eor $t1,$b,$t1,ror#2"); -$code.=<<___; - add $e,$e,$t1 @ E+=F_20_39(B,C,D) -___ -} - -sub BODY_40_59 { -my ($a,$b,$c,$d,$e)=@_; - &Xupdate(@_,"and $t1,$b,$t1,ror#2","and $t2,$c,$d"); -$code.=<<___; - add $e,$e,$t1 @ E+=F_40_59(B,C,D) - add $e,$e,$t2,ror#2 -___ -} - -$code=<<___; -#include "arm_arch.h" - -.text - -.global sha1_block_data_order -.type sha1_block_data_order,%function - -.align 2 -sha1_block_data_order: - stmdb sp!,{r4-r12,lr} - add $len,$inp,$len,lsl#6 @ $len to point at the end of $inp - ldmia $ctx,{$a,$b,$c,$d,$e} -.Lloop: - ldr $K,.LK_00_19 - mov $Xi,sp - sub sp,sp,#15*4 - mov $c,$c,ror#30 - mov $d,$d,ror#30 - mov $e,$e,ror#30 @ [6] -.L_00_15: -___ -for($i=0;$i<5;$i++) { - &BODY_00_15(@V); unshift(@V,pop(@V)); -} -$code.=<<___; - teq $Xi,sp - bne .L_00_15 @ [((11+4)*5+2)*3] - sub sp,sp,#25*4 -___ - &BODY_00_15(@V); unshift(@V,pop(@V)); - &BODY_16_19(@V); unshift(@V,pop(@V)); - &BODY_16_19(@V); unshift(@V,pop(@V)); - &BODY_16_19(@V); unshift(@V,pop(@V)); - &BODY_16_19(@V); unshift(@V,pop(@V)); -$code.=<<___; - - ldr $K,.LK_20_39 @ [+15+16*4] - cmn sp,#0 @ [+3], clear carry to denote 20_39 -.L_20_39_or_60_79: -___ -for($i=0;$i<5;$i++) { - &BODY_20_39(@V); unshift(@V,pop(@V)); -} -$code.=<<___; - teq $Xi,sp @ preserve carry - bne .L_20_39_or_60_79 @ [+((12+3)*5+2)*4] - bcs .L_done @ [+((12+3)*5+2)*4], spare 300 bytes - - ldr $K,.LK_40_59 - sub sp,sp,#20*4 @ [+2] -.L_40_59: -___ -for($i=0;$i<5;$i++) { - &BODY_40_59(@V); unshift(@V,pop(@V)); -} -$code.=<<___; - teq $Xi,sp - bne .L_40_59 @ [+((12+5)*5+2)*4] - - ldr $K,.LK_60_79 - sub sp,sp,#20*4 - cmp sp,#0 @ set carry to denote 60_79 - b .L_20_39_or_60_79 @ [+4], spare 300 bytes -.L_done: - add sp,sp,#80*4 @ "deallocate" stack frame - ldmia $ctx,{$K,$t0,$t1,$t2,$t3} - add $a,$K,$a - add $b,$t0,$b - add $c,$t1,$c,ror#2 - add $d,$t2,$d,ror#2 - add $e,$t3,$e,ror#2 - stmia $ctx,{$a,$b,$c,$d,$e} - teq $inp,$len - bne .Lloop @ [+18], total 1307 - -#if __ARM_ARCH__>=5 - ldmia sp!,{r4-r12,pc} -#else - ldmia sp!,{r4-r12,lr} - tst lr,#1 - moveq pc,lr @ be binary compatible with V4, yet - bx lr @ interoperable with Thumb ISA:-) -#endif -.align 2 -.LK_00_19: .word 0x5a827999 -.LK_20_39: .word 0x6ed9eba1 -.LK_40_59: .word 0x8f1bbcdc -.LK_60_79: .word 0xca62c1d6 -.size sha1_block_data_order,.-sha1_block_data_order -.asciz "SHA1 block transform for ARMv4, CRYPTOGAMS by " -.align 2 -___ - -$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm; # make it possible to compile with -march=armv4 -print $code; -close STDOUT; # enforce flush diff --git a/src/lib/libcrypto/sha/asm/sha1-mips.pl b/src/lib/libcrypto/sha/asm/sha1-mips.pl deleted file mode 100644 index 75fe7113e2..0000000000 --- a/src/lib/libcrypto/sha/asm/sha1-mips.pl +++ /dev/null @@ -1,350 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# SHA1 block procedure for MIPS. - -# Performance improvement is 30% on unaligned input. The "secret" is -# to deploy lwl/lwr pair to load unaligned input. One could have -# vectorized Xupdate on MIPSIII/IV, but the goal was to code MIPS32- -# compatible subroutine. There is room for minor optimization on -# little-endian platforms... - -###################################################################### -# There is a number of MIPS ABI in use, O32 and N32/64 are most -# widely used. Then there is a new contender: NUBI. It appears that if -# one picks the latter, it's possible to arrange code in ABI neutral -# manner. Therefore let's stick to NUBI register layout: -# -($zero,$at,$t0,$t1,$t2)=map("\$$_",(0..2,24,25)); -($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11)); -($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7,$s8,$s9,$s10,$s11)=map("\$$_",(12..23)); -($gp,$tp,$sp,$fp,$ra)=map("\$$_",(3,28..31)); -# -# The return value is placed in $a0. Following coding rules facilitate -# interoperability: -# -# - never ever touch $tp, "thread pointer", former $gp; -# - copy return value to $t0, former $v0 [or to $a0 if you're adapting -# old code]; -# - on O32 populate $a4-$a7 with 'lw $aN,4*N($sp)' if necessary; -# -# For reference here is register layout for N32/64 MIPS ABIs: -# -# ($zero,$at,$v0,$v1)=map("\$$_",(0..3)); -# ($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11)); -# ($t0,$t1,$t2,$t3,$t8,$t9)=map("\$$_",(12..15,24,25)); -# ($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7)=map("\$$_",(16..23)); -# ($gp,$sp,$fp,$ra)=map("\$$_",(28..31)); -# -$flavour = shift; # supported flavours are o32,n32,64,nubi32,nubi64 - -if ($flavour =~ /64|n32/i) { - $PTR_ADD="dadd"; # incidentally works even on n32 - $PTR_SUB="dsub"; # incidentally works even on n32 - $REG_S="sd"; - $REG_L="ld"; - $PTR_SLL="dsll"; # incidentally works even on n32 - $SZREG=8; -} else { - $PTR_ADD="add"; - $PTR_SUB="sub"; - $REG_S="sw"; - $REG_L="lw"; - $PTR_SLL="sll"; - $SZREG=4; -} -# -# -# -###################################################################### - -$big_endian=(`echo MIPSEL | $ENV{CC} -E -P -`=~/MIPSEL/)?1:0; - -for (@ARGV) { $output=$_ if (/^\w[\w\-]*\.\w+$/); } -open STDOUT,">$output"; - -if (!defined($big_endian)) - { $big_endian=(unpack('L',pack('N',1))==1); } - -# offsets of the Most and Least Significant Bytes -$MSB=$big_endian?0:3; -$LSB=3&~$MSB; - -@X=map("\$$_",(8..23)); # a4-a7,s0-s11 - -$ctx=$a0; -$inp=$a1; -$num=$a2; -$A="\$1"; -$B="\$2"; -$C="\$3"; -$D="\$7"; -$E="\$24"; @V=($A,$B,$C,$D,$E); -$t0="\$25"; -$t1=$num; # $num is offloaded to stack -$t2="\$30"; # fp -$K="\$31"; # ra - -sub BODY_00_14 { -my ($i,$a,$b,$c,$d,$e)=@_; -my $j=$i+1; -$code.=<<___ if (!$big_endian); - srl $t0,@X[$i],24 # byte swap($i) - srl $t1,@X[$i],8 - andi $t2,@X[$i],0xFF00 - sll @X[$i],@X[$i],24 - andi $t1,0xFF00 - sll $t2,$t2,8 - or @X[$i],$t0 - or $t1,$t2 - or @X[$i],$t1 -___ -$code.=<<___; - lwl @X[$j],$j*4+$MSB($inp) - sll $t0,$a,5 # $i - addu $e,$K - lwr @X[$j],$j*4+$LSB($inp) - srl $t1,$a,27 - addu $e,$t0 - xor $t0,$c,$d - addu $e,$t1 - sll $t2,$b,30 - and $t0,$b - srl $b,$b,2 - xor $t0,$d - addu $e,@X[$i] - or $b,$t2 - addu $e,$t0 -___ -} - -sub BODY_15_19 { -my ($i,$a,$b,$c,$d,$e)=@_; -my $j=$i+1; - -$code.=<<___ if (!$big_endian && $i==15); - srl $t0,@X[$i],24 # byte swap($i) - srl $t1,@X[$i],8 - andi $t2,@X[$i],0xFF00 - sll @X[$i],@X[$i],24 - andi $t1,0xFF00 - sll $t2,$t2,8 - or @X[$i],$t0 - or @X[$i],$t1 - or @X[$i],$t2 -___ -$code.=<<___; - xor @X[$j%16],@X[($j+2)%16] - sll $t0,$a,5 # $i - addu $e,$K - srl $t1,$a,27 - addu $e,$t0 - xor @X[$j%16],@X[($j+8)%16] - xor $t0,$c,$d - addu $e,$t1 - xor @X[$j%16],@X[($j+13)%16] - sll $t2,$b,30 - and $t0,$b - srl $t1,@X[$j%16],31 - addu @X[$j%16],@X[$j%16] - srl $b,$b,2 - xor $t0,$d - or @X[$j%16],$t1 - addu $e,@X[$i%16] - or $b,$t2 - addu $e,$t0 -___ -} - -sub BODY_20_39 { -my ($i,$a,$b,$c,$d,$e)=@_; -my $j=$i+1; -$code.=<<___ if ($i<79); - xor @X[$j%16],@X[($j+2)%16] - sll $t0,$a,5 # $i - addu $e,$K - srl $t1,$a,27 - addu $e,$t0 - xor @X[$j%16],@X[($j+8)%16] - xor $t0,$c,$d - addu $e,$t1 - xor @X[$j%16],@X[($j+13)%16] - sll $t2,$b,30 - xor $t0,$b - srl $t1,@X[$j%16],31 - addu @X[$j%16],@X[$j%16] - srl $b,$b,2 - addu $e,@X[$i%16] - or @X[$j%16],$t1 - or $b,$t2 - addu $e,$t0 -___ -$code.=<<___ if ($i==79); - lw @X[0],0($ctx) - sll $t0,$a,5 # $i - addu $e,$K - lw @X[1],4($ctx) - srl $t1,$a,27 - addu $e,$t0 - lw @X[2],8($ctx) - xor $t0,$c,$d - addu $e,$t1 - lw @X[3],12($ctx) - sll $t2,$b,30 - xor $t0,$b - lw @X[4],16($ctx) - srl $b,$b,2 - addu $e,@X[$i%16] - or $b,$t2 - addu $e,$t0 -___ -} - -sub BODY_40_59 { -my ($i,$a,$b,$c,$d,$e)=@_; -my $j=$i+1; -$code.=<<___ if ($i<79); - xor @X[$j%16],@X[($j+2)%16] - sll $t0,$a,5 # $i - addu $e,$K - srl $t1,$a,27 - addu $e,$t0 - xor @X[$j%16],@X[($j+8)%16] - and $t0,$c,$d - addu $e,$t1 - xor @X[$j%16],@X[($j+13)%16] - sll $t2,$b,30 - addu $e,$t0 - srl $t1,@X[$j%16],31 - xor $t0,$c,$d - addu @X[$j%16],@X[$j%16] - and $t0,$b - srl $b,$b,2 - or @X[$j%16],$t1 - addu $e,@X[$i%16] - or $b,$t2 - addu $e,$t0 -___ -} - -$FRAMESIZE=16; # large enough to accommodate NUBI saved registers -$SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0xc0fff008 : 0xc0ff0000; - -$code=<<___; -.text - -.set noat -.set noreorder -.align 5 -.globl sha1_block_data_order -.ent sha1_block_data_order -sha1_block_data_order: - .frame $sp,$FRAMESIZE*$SZREG,$ra - .mask $SAVED_REGS_MASK,-$SZREG - .set noreorder - $PTR_SUB $sp,$FRAMESIZE*$SZREG - $REG_S $ra,($FRAMESIZE-1)*$SZREG($sp) - $REG_S $fp,($FRAMESIZE-2)*$SZREG($sp) - $REG_S $s11,($FRAMESIZE-3)*$SZREG($sp) - $REG_S $s10,($FRAMESIZE-4)*$SZREG($sp) - $REG_S $s9,($FRAMESIZE-5)*$SZREG($sp) - $REG_S $s8,($FRAMESIZE-6)*$SZREG($sp) - $REG_S $s7,($FRAMESIZE-7)*$SZREG($sp) - $REG_S $s6,($FRAMESIZE-8)*$SZREG($sp) - $REG_S $s5,($FRAMESIZE-9)*$SZREG($sp) - $REG_S $s4,($FRAMESIZE-10)*$SZREG($sp) -___ -$code.=<<___ if ($flavour =~ /nubi/i); # optimize non-nubi prologue - $REG_S $s3,($FRAMESIZE-11)*$SZREG($sp) - $REG_S $s2,($FRAMESIZE-12)*$SZREG($sp) - $REG_S $s1,($FRAMESIZE-13)*$SZREG($sp) - $REG_S $s0,($FRAMESIZE-14)*$SZREG($sp) - $REG_S $gp,($FRAMESIZE-15)*$SZREG($sp) -___ -$code.=<<___; - $PTR_SLL $num,6 - $PTR_ADD $num,$inp - $REG_S $num,0($sp) - lw $A,0($ctx) - lw $B,4($ctx) - lw $C,8($ctx) - lw $D,12($ctx) - b .Loop - lw $E,16($ctx) -.align 4 -.Loop: - .set reorder - lwl @X[0],$MSB($inp) - lui $K,0x5a82 - lwr @X[0],$LSB($inp) - ori $K,0x7999 # K_00_19 -___ -for ($i=0;$i<15;$i++) { &BODY_00_14($i,@V); unshift(@V,pop(@V)); } -for (;$i<20;$i++) { &BODY_15_19($i,@V); unshift(@V,pop(@V)); } -$code.=<<___; - lui $K,0x6ed9 - ori $K,0xeba1 # K_20_39 -___ -for (;$i<40;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); } -$code.=<<___; - lui $K,0x8f1b - ori $K,0xbcdc # K_40_59 -___ -for (;$i<60;$i++) { &BODY_40_59($i,@V); unshift(@V,pop(@V)); } -$code.=<<___; - lui $K,0xca62 - ori $K,0xc1d6 # K_60_79 -___ -for (;$i<80;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); } -$code.=<<___; - $PTR_ADD $inp,64 - $REG_L $num,0($sp) - - addu $A,$X[0] - addu $B,$X[1] - sw $A,0($ctx) - addu $C,$X[2] - addu $D,$X[3] - sw $B,4($ctx) - addu $E,$X[4] - sw $C,8($ctx) - sw $D,12($ctx) - sw $E,16($ctx) - .set noreorder - bne $inp,$num,.Loop - nop - - .set noreorder - $REG_L $ra,($FRAMESIZE-1)*$SZREG($sp) - $REG_L $fp,($FRAMESIZE-2)*$SZREG($sp) - $REG_L $s11,($FRAMESIZE-3)*$SZREG($sp) - $REG_L $s10,($FRAMESIZE-4)*$SZREG($sp) - $REG_L $s9,($FRAMESIZE-5)*$SZREG($sp) - $REG_L $s8,($FRAMESIZE-6)*$SZREG($sp) - $REG_L $s7,($FRAMESIZE-7)*$SZREG($sp) - $REG_L $s6,($FRAMESIZE-8)*$SZREG($sp) - $REG_L $s5,($FRAMESIZE-9)*$SZREG($sp) - $REG_L $s4,($FRAMESIZE-10)*$SZREG($sp) -___ -$code.=<<___ if ($flavour =~ /nubi/i); - $REG_L $s3,($FRAMESIZE-11)*$SZREG($sp) - $REG_L $s2,($FRAMESIZE-12)*$SZREG($sp) - $REG_L $s1,($FRAMESIZE-13)*$SZREG($sp) - $REG_L $s0,($FRAMESIZE-14)*$SZREG($sp) - $REG_L $gp,($FRAMESIZE-15)*$SZREG($sp) -___ -$code.=<<___; - jr $ra - $PTR_ADD $sp,$FRAMESIZE*$SZREG -.end sha1_block_data_order -.rdata -.asciiz "SHA1 for MIPS, CRYPTOGAMS by " -___ -print $code; -close STDOUT; diff --git a/src/lib/libcrypto/sha/asm/sha1-parisc.pl b/src/lib/libcrypto/sha/asm/sha1-parisc.pl deleted file mode 100644 index 783c26272b..0000000000 --- a/src/lib/libcrypto/sha/asm/sha1-parisc.pl +++ /dev/null @@ -1,258 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# SHA1 block procedure for PA-RISC. - -# June 2009. -# -# On PA-7100LC performance is >30% better than gcc 3.2 generated code -# for aligned input and >50% better for unaligned. Compared to vendor -# compiler on PA-8600 it's almost 60% faster in 64-bit build and just -# few percent faster in 32-bit one (this for aligned input, data for -# unaligned input is not available). -# -# Special thanks to polarhome.com for providing HP-UX account. - -$flavour = shift; -$output = shift; -open STDOUT,">$output"; - -if ($flavour =~ /64/) { - $LEVEL ="2.0W"; - $SIZE_T =8; - $FRAME_MARKER =80; - $SAVED_RP =16; - $PUSH ="std"; - $PUSHMA ="std,ma"; - $POP ="ldd"; - $POPMB ="ldd,mb"; -} else { - $LEVEL ="1.0"; - $SIZE_T =4; - $FRAME_MARKER =48; - $SAVED_RP =20; - $PUSH ="stw"; - $PUSHMA ="stwm"; - $POP ="ldw"; - $POPMB ="ldwm"; -} - -$FRAME=14*$SIZE_T+$FRAME_MARKER;# 14 saved regs + frame marker - # [+ argument transfer] -$ctx="%r26"; # arg0 -$inp="%r25"; # arg1 -$num="%r24"; # arg2 - -$t0="%r28"; -$t1="%r29"; -$K="%r31"; - -@X=("%r1", "%r2", "%r3", "%r4", "%r5", "%r6", "%r7", "%r8", - "%r9", "%r10","%r11","%r12","%r13","%r14","%r15","%r16",$t0); - -@V=($A,$B,$C,$D,$E)=("%r19","%r20","%r21","%r22","%r23"); - -sub BODY_00_19 { -my ($i,$a,$b,$c,$d,$e)=@_; -my $j=$i+1; -$code.=<<___ if ($i<15); - addl $K,$e,$e ; $i - shd $a,$a,27,$t1 - addl @X[$i],$e,$e - and $c,$b,$t0 - addl $t1,$e,$e - andcm $d,$b,$t1 - shd $b,$b,2,$b - or $t1,$t0,$t0 - addl $t0,$e,$e -___ -$code.=<<___ if ($i>=15); # with forward Xupdate - addl $K,$e,$e ; $i - shd $a,$a,27,$t1 - xor @X[($j+2)%16],@X[$j%16],@X[$j%16] - addl @X[$i%16],$e,$e - and $c,$b,$t0 - xor @X[($j+8)%16],@X[$j%16],@X[$j%16] - addl $t1,$e,$e - andcm $d,$b,$t1 - shd $b,$b,2,$b - or $t1,$t0,$t0 - xor @X[($j+13)%16],@X[$j%16],@X[$j%16] - add $t0,$e,$e - shd @X[$j%16],@X[$j%16],31,@X[$j%16] -___ -} - -sub BODY_20_39 { -my ($i,$a,$b,$c,$d,$e)=@_; -my $j=$i+1; -$code.=<<___ if ($i<79); - xor @X[($j+2)%16],@X[$j%16],@X[$j%16] ; $i - addl $K,$e,$e - shd $a,$a,27,$t1 - xor @X[($j+8)%16],@X[$j%16],@X[$j%16] - addl @X[$i%16],$e,$e - xor $b,$c,$t0 - xor @X[($j+13)%16],@X[$j%16],@X[$j%16] - addl $t1,$e,$e - shd $b,$b,2,$b - xor $d,$t0,$t0 - shd @X[$j%16],@X[$j%16],31,@X[$j%16] - addl $t0,$e,$e -___ -$code.=<<___ if ($i==79); # with context load - ldw 0($ctx),@X[0] ; $i - addl $K,$e,$e - shd $a,$a,27,$t1 - ldw 4($ctx),@X[1] - addl @X[$i%16],$e,$e - xor $b,$c,$t0 - ldw 8($ctx),@X[2] - addl $t1,$e,$e - shd $b,$b,2,$b - xor $d,$t0,$t0 - ldw 12($ctx),@X[3] - addl $t0,$e,$e - ldw 16($ctx),@X[4] -___ -} - -sub BODY_40_59 { -my ($i,$a,$b,$c,$d,$e)=@_; -my $j=$i+1; -$code.=<<___; - shd $a,$a,27,$t1 ; $i - addl $K,$e,$e - xor @X[($j+2)%16],@X[$j%16],@X[$j%16] - xor $d,$c,$t0 - addl @X[$i%16],$e,$e - xor @X[($j+8)%16],@X[$j%16],@X[$j%16] - and $b,$t0,$t0 - addl $t1,$e,$e - shd $b,$b,2,$b - xor @X[($j+13)%16],@X[$j%16],@X[$j%16] - addl $t0,$e,$e - and $d,$c,$t1 - shd @X[$j%16],@X[$j%16],31,@X[$j%16] - addl $t1,$e,$e -___ -} - -$code=<<___; - .LEVEL $LEVEL - .text - - .EXPORT sha1_block_data_order,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR -sha1_block_data_order - .PROC - .CALLINFO FRAME=`$FRAME-14*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=16 - .ENTRY - $PUSH %r2,-$SAVED_RP(%sp) ; standard prologue - $PUSHMA %r3,$FRAME(%sp) - $PUSH %r4,`-$FRAME+1*$SIZE_T`(%sp) - $PUSH %r5,`-$FRAME+2*$SIZE_T`(%sp) - $PUSH %r6,`-$FRAME+3*$SIZE_T`(%sp) - $PUSH %r7,`-$FRAME+4*$SIZE_T`(%sp) - $PUSH %r8,`-$FRAME+5*$SIZE_T`(%sp) - $PUSH %r9,`-$FRAME+6*$SIZE_T`(%sp) - $PUSH %r10,`-$FRAME+7*$SIZE_T`(%sp) - $PUSH %r11,`-$FRAME+8*$SIZE_T`(%sp) - $PUSH %r12,`-$FRAME+9*$SIZE_T`(%sp) - $PUSH %r13,`-$FRAME+10*$SIZE_T`(%sp) - $PUSH %r14,`-$FRAME+11*$SIZE_T`(%sp) - $PUSH %r15,`-$FRAME+12*$SIZE_T`(%sp) - $PUSH %r16,`-$FRAME+13*$SIZE_T`(%sp) - - ldw 0($ctx),$A - ldw 4($ctx),$B - ldw 8($ctx),$C - ldw 12($ctx),$D - ldw 16($ctx),$E - - extru $inp,31,2,$t0 ; t0=inp&3; - sh3addl $t0,%r0,$t0 ; t0*=8; - subi 32,$t0,$t0 ; t0=32-t0; - mtctl $t0,%cr11 ; %sar=t0; - -L\$oop - ldi 3,$t0 - andcm $inp,$t0,$t0 ; 64-bit neutral -___ - for ($i=0;$i<15;$i++) { # load input block - $code.="\tldw `4*$i`($t0),@X[$i]\n"; } -$code.=<<___; - cmpb,*= $inp,$t0,L\$aligned - ldw 60($t0),@X[15] - ldw 64($t0),@X[16] -___ - for ($i=0;$i<16;$i++) { # align input - $code.="\tvshd @X[$i],@X[$i+1],@X[$i]\n"; } -$code.=<<___; -L\$aligned - ldil L'0x5a827000,$K ; K_00_19 - ldo 0x999($K),$K -___ -for ($i=0;$i<20;$i++) { &BODY_00_19($i,@V); unshift(@V,pop(@V)); } -$code.=<<___; - ldil L'0x6ed9e000,$K ; K_20_39 - ldo 0xba1($K),$K -___ - -for (;$i<40;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); } -$code.=<<___; - ldil L'0x8f1bb000,$K ; K_40_59 - ldo 0xcdc($K),$K -___ - -for (;$i<60;$i++) { &BODY_40_59($i,@V); unshift(@V,pop(@V)); } -$code.=<<___; - ldil L'0xca62c000,$K ; K_60_79 - ldo 0x1d6($K),$K -___ -for (;$i<80;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); } - -$code.=<<___; - addl @X[0],$A,$A - addl @X[1],$B,$B - addl @X[2],$C,$C - addl @X[3],$D,$D - addl @X[4],$E,$E - stw $A,0($ctx) - stw $B,4($ctx) - stw $C,8($ctx) - stw $D,12($ctx) - stw $E,16($ctx) - addib,*<> -1,$num,L\$oop - ldo 64($inp),$inp - - $POP `-$FRAME-$SAVED_RP`(%sp),%r2 ; standard epilogue - $POP `-$FRAME+1*$SIZE_T`(%sp),%r4 - $POP `-$FRAME+2*$SIZE_T`(%sp),%r5 - $POP `-$FRAME+3*$SIZE_T`(%sp),%r6 - $POP `-$FRAME+4*$SIZE_T`(%sp),%r7 - $POP `-$FRAME+5*$SIZE_T`(%sp),%r8 - $POP `-$FRAME+6*$SIZE_T`(%sp),%r9 - $POP `-$FRAME+7*$SIZE_T`(%sp),%r10 - $POP `-$FRAME+8*$SIZE_T`(%sp),%r11 - $POP `-$FRAME+9*$SIZE_T`(%sp),%r12 - $POP `-$FRAME+10*$SIZE_T`(%sp),%r13 - $POP `-$FRAME+11*$SIZE_T`(%sp),%r14 - $POP `-$FRAME+12*$SIZE_T`(%sp),%r15 - $POP `-$FRAME+13*$SIZE_T`(%sp),%r16 - bv (%r2) - .EXIT - $POPMB -$FRAME(%sp),%r3 - .PROCEND -___ - -$code =~ s/\`([^\`]*)\`/eval $1/gem; -$code =~ s/,\*/,/gm if ($SIZE_T==4); -$code =~ s/\bbv\b/bve/gm if ($SIZE_T==8); -print $code; -close STDOUT; diff --git a/src/lib/libcrypto/sha/asm/sha1-ppc.pl b/src/lib/libcrypto/sha/asm/sha1-ppc.pl deleted file mode 100755 index 85342b6a82..0000000000 --- a/src/lib/libcrypto/sha/asm/sha1-ppc.pl +++ /dev/null @@ -1,318 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# I let hardware handle unaligned input(*), except on page boundaries -# (see below for details). Otherwise straightforward implementation -# with X vector in register bank. The module is big-endian [which is -# not big deal as there're no little-endian targets left around]. -# -# (*) this means that this module is inappropriate for PPC403? Does -# anybody know if pre-POWER3 can sustain unaligned load? - -# -m64 -m32 -# ---------------------------------- -# PPC970,gcc-4.0.0 +76% +59% -# Power6,xlc-7 +68% +33% - -$flavour = shift; - -if ($flavour =~ /64/) { - $SIZE_T =8; - $LRSAVE =2*$SIZE_T; - $UCMP ="cmpld"; - $STU ="stdu"; - $POP ="ld"; - $PUSH ="std"; -} elsif ($flavour =~ /32/) { - $SIZE_T =4; - $LRSAVE =$SIZE_T; - $UCMP ="cmplw"; - $STU ="stwu"; - $POP ="lwz"; - $PUSH ="stw"; -} else { die "nonsense $flavour"; } - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or -( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or -die "can't locate ppc-xlate.pl"; - -open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!"; - -$FRAME=24*$SIZE_T+64; -$LOCALS=6*$SIZE_T; - -$K ="r0"; -$sp ="r1"; -$toc="r2"; -$ctx="r3"; -$inp="r4"; -$num="r5"; -$t0 ="r15"; -$t1 ="r6"; - -$A ="r7"; -$B ="r8"; -$C ="r9"; -$D ="r10"; -$E ="r11"; -$T ="r12"; - -@V=($A,$B,$C,$D,$E,$T); -@X=("r16","r17","r18","r19","r20","r21","r22","r23", - "r24","r25","r26","r27","r28","r29","r30","r31"); - -sub BODY_00_19 { -my ($i,$a,$b,$c,$d,$e,$f)=@_; -my $j=$i+1; -$code.=<<___ if ($i==0); - lwz @X[$i],`$i*4`($inp) -___ -$code.=<<___ if ($i<15); - lwz @X[$j],`$j*4`($inp) - add $f,$K,$e - rotlwi $e,$a,5 - add $f,$f,@X[$i] - and $t0,$c,$b - add $f,$f,$e - andc $t1,$d,$b - rotlwi $b,$b,30 - or $t0,$t0,$t1 - add $f,$f,$t0 -___ -$code.=<<___ if ($i>=15); - add $f,$K,$e - rotlwi $e,$a,5 - xor @X[$j%16],@X[$j%16],@X[($j+2)%16] - add $f,$f,@X[$i%16] - and $t0,$c,$b - xor @X[$j%16],@X[$j%16],@X[($j+8)%16] - add $f,$f,$e - andc $t1,$d,$b - rotlwi $b,$b,30 - or $t0,$t0,$t1 - xor @X[$j%16],@X[$j%16],@X[($j+13)%16] - add $f,$f,$t0 - rotlwi @X[$j%16],@X[$j%16],1 -___ -} - -sub BODY_20_39 { -my ($i,$a,$b,$c,$d,$e,$f)=@_; -my $j=$i+1; -$code.=<<___ if ($i<79); - add $f,$K,$e - rotlwi $e,$a,5 - xor @X[$j%16],@X[$j%16],@X[($j+2)%16] - add $f,$f,@X[$i%16] - xor $t0,$b,$c - xor @X[$j%16],@X[$j%16],@X[($j+8)%16] - add $f,$f,$e - rotlwi $b,$b,30 - xor $t0,$t0,$d - xor @X[$j%16],@X[$j%16],@X[($j+13)%16] - add $f,$f,$t0 - rotlwi @X[$j%16],@X[$j%16],1 -___ -$code.=<<___ if ($i==79); - add $f,$K,$e - rotlwi $e,$a,5 - lwz r16,0($ctx) - add $f,$f,@X[$i%16] - xor $t0,$b,$c - lwz r17,4($ctx) - add $f,$f,$e - rotlwi $b,$b,30 - lwz r18,8($ctx) - xor $t0,$t0,$d - lwz r19,12($ctx) - add $f,$f,$t0 - lwz r20,16($ctx) -___ -} - -sub BODY_40_59 { -my ($i,$a,$b,$c,$d,$e,$f)=@_; -my $j=$i+1; -$code.=<<___; - add $f,$K,$e - rotlwi $e,$a,5 - xor @X[$j%16],@X[$j%16],@X[($j+2)%16] - add $f,$f,@X[$i%16] - and $t0,$b,$c - xor @X[$j%16],@X[$j%16],@X[($j+8)%16] - add $f,$f,$e - or $t1,$b,$c - rotlwi $b,$b,30 - xor @X[$j%16],@X[$j%16],@X[($j+13)%16] - and $t1,$t1,$d - or $t0,$t0,$t1 - rotlwi @X[$j%16],@X[$j%16],1 - add $f,$f,$t0 -___ -} - -$code=<<___; -.machine "any" -.text - -.globl .sha1_block_data_order -.align 4 -.sha1_block_data_order: - $STU $sp,-$FRAME($sp) - mflr r0 - $PUSH r15,`$FRAME-$SIZE_T*17`($sp) - $PUSH r16,`$FRAME-$SIZE_T*16`($sp) - $PUSH r17,`$FRAME-$SIZE_T*15`($sp) - $PUSH r18,`$FRAME-$SIZE_T*14`($sp) - $PUSH r19,`$FRAME-$SIZE_T*13`($sp) - $PUSH r20,`$FRAME-$SIZE_T*12`($sp) - $PUSH r21,`$FRAME-$SIZE_T*11`($sp) - $PUSH r22,`$FRAME-$SIZE_T*10`($sp) - $PUSH r23,`$FRAME-$SIZE_T*9`($sp) - $PUSH r24,`$FRAME-$SIZE_T*8`($sp) - $PUSH r25,`$FRAME-$SIZE_T*7`($sp) - $PUSH r26,`$FRAME-$SIZE_T*6`($sp) - $PUSH r27,`$FRAME-$SIZE_T*5`($sp) - $PUSH r28,`$FRAME-$SIZE_T*4`($sp) - $PUSH r29,`$FRAME-$SIZE_T*3`($sp) - $PUSH r30,`$FRAME-$SIZE_T*2`($sp) - $PUSH r31,`$FRAME-$SIZE_T*1`($sp) - $PUSH r0,`$FRAME+$LRSAVE`($sp) - lwz $A,0($ctx) - lwz $B,4($ctx) - lwz $C,8($ctx) - lwz $D,12($ctx) - lwz $E,16($ctx) - andi. r0,$inp,3 - bne Lunaligned -Laligned: - mtctr $num - bl Lsha1_block_private - b Ldone - -; PowerPC specification allows an implementation to be ill-behaved -; upon unaligned access which crosses page boundary. "Better safe -; than sorry" principle makes me treat it specially. But I don't -; look for particular offending word, but rather for 64-byte input -; block which crosses the boundary. Once found that block is aligned -; and hashed separately... -.align 4 -Lunaligned: - subfic $t1,$inp,4096 - andi. $t1,$t1,4095 ; distance to closest page boundary - srwi. $t1,$t1,6 ; t1/=64 - beq Lcross_page - $UCMP $num,$t1 - ble- Laligned ; didn't cross the page boundary - mtctr $t1 - subfc $num,$t1,$num - bl Lsha1_block_private -Lcross_page: - li $t1,16 - mtctr $t1 - addi r20,$sp,$LOCALS ; spot within the frame -Lmemcpy: - lbz r16,0($inp) - lbz r17,1($inp) - lbz r18,2($inp) - lbz r19,3($inp) - addi $inp,$inp,4 - stb r16,0(r20) - stb r17,1(r20) - stb r18,2(r20) - stb r19,3(r20) - addi r20,r20,4 - bdnz Lmemcpy - - $PUSH $inp,`$FRAME-$SIZE_T*18`($sp) - li $t1,1 - addi $inp,$sp,$LOCALS - mtctr $t1 - bl Lsha1_block_private - $POP $inp,`$FRAME-$SIZE_T*18`($sp) - addic. $num,$num,-1 - bne- Lunaligned - -Ldone: - $POP r0,`$FRAME+$LRSAVE`($sp) - $POP r15,`$FRAME-$SIZE_T*17`($sp) - $POP r16,`$FRAME-$SIZE_T*16`($sp) - $POP r17,`$FRAME-$SIZE_T*15`($sp) - $POP r18,`$FRAME-$SIZE_T*14`($sp) - $POP r19,`$FRAME-$SIZE_T*13`($sp) - $POP r20,`$FRAME-$SIZE_T*12`($sp) - $POP r21,`$FRAME-$SIZE_T*11`($sp) - $POP r22,`$FRAME-$SIZE_T*10`($sp) - $POP r23,`$FRAME-$SIZE_T*9`($sp) - $POP r24,`$FRAME-$SIZE_T*8`($sp) - $POP r25,`$FRAME-$SIZE_T*7`($sp) - $POP r26,`$FRAME-$SIZE_T*6`($sp) - $POP r27,`$FRAME-$SIZE_T*5`($sp) - $POP r28,`$FRAME-$SIZE_T*4`($sp) - $POP r29,`$FRAME-$SIZE_T*3`($sp) - $POP r30,`$FRAME-$SIZE_T*2`($sp) - $POP r31,`$FRAME-$SIZE_T*1`($sp) - mtlr r0 - addi $sp,$sp,$FRAME - blr -___ - -# This is private block function, which uses tailored calling -# interface, namely upon entry SHA_CTX is pre-loaded to given -# registers and counter register contains amount of chunks to -# digest... -$code.=<<___; -.align 4 -Lsha1_block_private: -___ -$code.=<<___; # load K_00_19 - lis $K,0x5a82 - ori $K,$K,0x7999 -___ -for($i=0;$i<20;$i++) { &BODY_00_19($i,@V); unshift(@V,pop(@V)); } -$code.=<<___; # load K_20_39 - lis $K,0x6ed9 - ori $K,$K,0xeba1 -___ -for(;$i<40;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); } -$code.=<<___; # load K_40_59 - lis $K,0x8f1b - ori $K,$K,0xbcdc -___ -for(;$i<60;$i++) { &BODY_40_59($i,@V); unshift(@V,pop(@V)); } -$code.=<<___; # load K_60_79 - lis $K,0xca62 - ori $K,$K,0xc1d6 -___ -for(;$i<80;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); } -$code.=<<___; - add r16,r16,$E - add r17,r17,$T - add r18,r18,$A - add r19,r19,$B - add r20,r20,$C - stw r16,0($ctx) - mr $A,r16 - stw r17,4($ctx) - mr $B,r17 - stw r18,8($ctx) - mr $C,r18 - stw r19,12($ctx) - mr $D,r19 - stw r20,16($ctx) - mr $E,r20 - addi $inp,$inp,`16*4` - bdnz- Lsha1_block_private - blr -___ - -$code =~ s/\`([^\`]*)\`/eval $1/gem; -print $code; -close STDOUT; diff --git a/src/lib/libcrypto/sha/asm/sha1-sparcv9.pl b/src/lib/libcrypto/sha/asm/sha1-sparcv9.pl deleted file mode 100644 index 5235c59e63..0000000000 --- a/src/lib/libcrypto/sha/asm/sha1-sparcv9.pl +++ /dev/null @@ -1,282 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# Performance improvement is not really impressive on pre-T1 CPU: +8% -# over Sun C and +25% over gcc [3.3]. While on T1, a.k.a. Niagara, it -# turned to be 40% faster than 64-bit code generated by Sun C 5.8 and -# >2x than 64-bit code generated by gcc 3.4. And there is a gimmick. -# X[16] vector is packed to 8 64-bit registers and as result nothing -# is spilled on stack. In addition input data is loaded in compact -# instruction sequence, thus minimizing the window when the code is -# subject to [inter-thread] cache-thrashing hazard. The goal is to -# ensure scalability on UltraSPARC T1, or rather to avoid decay when -# amount of active threads exceeds the number of physical cores. - -$bits=32; -for (@ARGV) { $bits=64 if (/\-m64/ || /\-xarch\=v9/); } -if ($bits==64) { $bias=2047; $frame=192; } -else { $bias=0; $frame=112; } - -$output=shift; -open STDOUT,">$output"; - -@X=("%o0","%o1","%o2","%o3","%o4","%o5","%g1","%o7"); -$rot1m="%g2"; -$tmp64="%g3"; -$Xi="%g4"; -$A="%l0"; -$B="%l1"; -$C="%l2"; -$D="%l3"; -$E="%l4"; -@V=($A,$B,$C,$D,$E); -$K_00_19="%l5"; -$K_20_39="%l6"; -$K_40_59="%l7"; -$K_60_79="%g5"; -@K=($K_00_19,$K_20_39,$K_40_59,$K_60_79); - -$ctx="%i0"; -$inp="%i1"; -$len="%i2"; -$tmp0="%i3"; -$tmp1="%i4"; -$tmp2="%i5"; - -sub BODY_00_15 { -my ($i,$a,$b,$c,$d,$e)=@_; -my $xi=($i&1)?@X[($i/2)%8]:$Xi; - -$code.=<<___; - sll $a,5,$tmp0 !! $i - add @K[$i/20],$e,$e - srl $a,27,$tmp1 - add $tmp0,$e,$e - and $c,$b,$tmp0 - add $tmp1,$e,$e - sll $b,30,$tmp2 - andn $d,$b,$tmp1 - srl $b,2,$b - or $tmp1,$tmp0,$tmp1 - or $tmp2,$b,$b - add $xi,$e,$e -___ -if ($i&1 && $i<15) { - $code.= - " srlx @X[(($i+1)/2)%8],32,$Xi\n"; -} -$code.=<<___; - add $tmp1,$e,$e -___ -} - -sub Xupdate { -my ($i,$a,$b,$c,$d,$e)=@_; -my $j=$i/2; - -if ($i&1) { -$code.=<<___; - sll $a,5,$tmp0 !! $i - add @K[$i/20],$e,$e - srl $a,27,$tmp1 -___ -} else { -$code.=<<___; - sllx @X[($j+6)%8],32,$Xi ! Xupdate($i) - xor @X[($j+1)%8],@X[$j%8],@X[$j%8] - srlx @X[($j+7)%8],32,$tmp1 - xor @X[($j+4)%8],@X[$j%8],@X[$j%8] - sll $a,5,$tmp0 !! $i - or $tmp1,$Xi,$Xi - add @K[$i/20],$e,$e !! - xor $Xi,@X[$j%8],@X[$j%8] - srlx @X[$j%8],31,$Xi - add @X[$j%8],@X[$j%8],@X[$j%8] - and $Xi,$rot1m,$Xi - andn @X[$j%8],$rot1m,@X[$j%8] - srl $a,27,$tmp1 !! - or $Xi,@X[$j%8],@X[$j%8] -___ -} -} - -sub BODY_16_19 { -my ($i,$a,$b,$c,$d,$e)=@_; - - &Xupdate(@_); - if ($i&1) { - $xi=@X[($i/2)%8]; - } else { - $xi=$Xi; - $code.="\tsrlx @X[($i/2)%8],32,$xi\n"; - } -$code.=<<___; - add $tmp0,$e,$e !! - and $c,$b,$tmp0 - add $tmp1,$e,$e - sll $b,30,$tmp2 - add $xi,$e,$e - andn $d,$b,$tmp1 - srl $b,2,$b - or $tmp1,$tmp0,$tmp1 - or $tmp2,$b,$b - add $tmp1,$e,$e -___ -} - -sub BODY_20_39 { -my ($i,$a,$b,$c,$d,$e)=@_; -my $xi; - &Xupdate(@_); - if ($i&1) { - $xi=@X[($i/2)%8]; - } else { - $xi=$Xi; - $code.="\tsrlx @X[($i/2)%8],32,$xi\n"; - } -$code.=<<___; - add $tmp0,$e,$e !! - xor $c,$b,$tmp0 - add $tmp1,$e,$e - sll $b,30,$tmp2 - xor $d,$tmp0,$tmp1 - srl $b,2,$b - add $tmp1,$e,$e - or $tmp2,$b,$b - add $xi,$e,$e -___ -} - -sub BODY_40_59 { -my ($i,$a,$b,$c,$d,$e)=@_; -my $xi; - &Xupdate(@_); - if ($i&1) { - $xi=@X[($i/2)%8]; - } else { - $xi=$Xi; - $code.="\tsrlx @X[($i/2)%8],32,$xi\n"; - } -$code.=<<___; - add $tmp0,$e,$e !! - and $c,$b,$tmp0 - add $tmp1,$e,$e - sll $b,30,$tmp2 - or $c,$b,$tmp1 - srl $b,2,$b - and $d,$tmp1,$tmp1 - add $xi,$e,$e - or $tmp1,$tmp0,$tmp1 - or $tmp2,$b,$b - add $tmp1,$e,$e -___ -} - -$code.=<<___ if ($bits==64); -.register %g2,#scratch -.register %g3,#scratch -___ -$code.=<<___; -.section ".text",#alloc,#execinstr - -.align 32 -.globl sha1_block_data_order -sha1_block_data_order: - save %sp,-$frame,%sp - sllx $len,6,$len - add $inp,$len,$len - - or %g0,1,$rot1m - sllx $rot1m,32,$rot1m - or $rot1m,1,$rot1m - - ld [$ctx+0],$A - ld [$ctx+4],$B - ld [$ctx+8],$C - ld [$ctx+12],$D - ld [$ctx+16],$E - andn $inp,7,$tmp0 - - sethi %hi(0x5a827999),$K_00_19 - or $K_00_19,%lo(0x5a827999),$K_00_19 - sethi %hi(0x6ed9eba1),$K_20_39 - or $K_20_39,%lo(0x6ed9eba1),$K_20_39 - sethi %hi(0x8f1bbcdc),$K_40_59 - or $K_40_59,%lo(0x8f1bbcdc),$K_40_59 - sethi %hi(0xca62c1d6),$K_60_79 - or $K_60_79,%lo(0xca62c1d6),$K_60_79 - -.Lloop: - ldx [$tmp0+0],@X[0] - ldx [$tmp0+16],@X[2] - ldx [$tmp0+32],@X[4] - ldx [$tmp0+48],@X[6] - and $inp,7,$tmp1 - ldx [$tmp0+8],@X[1] - sll $tmp1,3,$tmp1 - ldx [$tmp0+24],@X[3] - subcc %g0,$tmp1,$tmp2 ! should be 64-$tmp1, but -$tmp1 works too - ldx [$tmp0+40],@X[5] - bz,pt %icc,.Laligned - ldx [$tmp0+56],@X[7] - - sllx @X[0],$tmp1,@X[0] - ldx [$tmp0+64],$tmp64 -___ -for($i=0;$i<7;$i++) -{ $code.=<<___; - srlx @X[$i+1],$tmp2,$Xi - sllx @X[$i+1],$tmp1,@X[$i+1] - or $Xi,@X[$i],@X[$i] -___ -} -$code.=<<___; - srlx $tmp64,$tmp2,$tmp64 - or $tmp64,@X[7],@X[7] -.Laligned: - srlx @X[0],32,$Xi -___ -for ($i=0;$i<16;$i++) { &BODY_00_15($i,@V); unshift(@V,pop(@V)); } -for (;$i<20;$i++) { &BODY_16_19($i,@V); unshift(@V,pop(@V)); } -for (;$i<40;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); } -for (;$i<60;$i++) { &BODY_40_59($i,@V); unshift(@V,pop(@V)); } -for (;$i<80;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); } -$code.=<<___; - - ld [$ctx+0],@X[0] - ld [$ctx+4],@X[1] - ld [$ctx+8],@X[2] - ld [$ctx+12],@X[3] - add $inp,64,$inp - ld [$ctx+16],@X[4] - cmp $inp,$len - - add $A,@X[0],$A - st $A,[$ctx+0] - add $B,@X[1],$B - st $B,[$ctx+4] - add $C,@X[2],$C - st $C,[$ctx+8] - add $D,@X[3],$D - st $D,[$ctx+12] - add $E,@X[4],$E - st $E,[$ctx+16] - - bne `$bits==64?"%xcc":"%icc"`,.Lloop - andn $inp,7,$tmp0 - - ret - restore -.type sha1_block_data_order,#function -.size sha1_block_data_order,(.-sha1_block_data_order) -___ - -$code =~ s/\`([^\`]*)\`/eval $1/gem; -print $code; -close STDOUT; diff --git a/src/lib/libcrypto/sha/asm/sha256-586.pl b/src/lib/libcrypto/sha/asm/sha256-586.pl deleted file mode 100644 index 2b05c96063..0000000000 --- a/src/lib/libcrypto/sha/asm/sha256-586.pl +++ /dev/null @@ -1,249 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== -# -# SHA256 block transform for x86. September 2007. -# -# Performance in clock cycles per processed byte (less is better): -# -# Pentium PIII P4 AMD K8 Core2 -# gcc 46 36 41 27 26 -# icc 57 33 38 25 23 -# x86 asm 40 30 33 20 18 -# x86_64 asm(*) - - 21 16 16 -# -# (*) x86_64 assembler performance is presented for reference -# purposes. -# -# Performance improvement over compiler generated code varies from -# 10% to 40% [see above]. Not very impressive on some µ-archs, but -# it's 5 times smaller and optimizies amount of writes. - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -push(@INC,"${dir}","${dir}../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],"sha512-586.pl",$ARGV[$#ARGV] eq "386"); - -$A="eax"; -$E="edx"; -$T="ebx"; -$Aoff=&DWP(0,"esp"); -$Boff=&DWP(4,"esp"); -$Coff=&DWP(8,"esp"); -$Doff=&DWP(12,"esp"); -$Eoff=&DWP(16,"esp"); -$Foff=&DWP(20,"esp"); -$Goff=&DWP(24,"esp"); -$Hoff=&DWP(28,"esp"); -$Xoff=&DWP(32,"esp"); -$K256="ebp"; - -sub BODY_00_15() { - my $in_16_63=shift; - - &mov ("ecx",$E); - &add ($T,"edi") if ($in_16_63); # T += sigma1(X[-2]) - &ror ("ecx",25-11); - &mov ("esi",$Foff); - &xor ("ecx",$E); - &ror ("ecx",11-6); - &mov (&DWP(4*(8+15),"esp"),$T) if ($in_16_63); # save X[0] - &xor ("ecx",$E); - &ror ("ecx",6); # Sigma1(e) - &mov ("edi",$Goff); - &add ($T,"ecx"); # T += Sigma1(e) - - &xor ("esi","edi"); - &mov ($Eoff,$E); # modulo-scheduled - &mov ("ecx",$A); - &and ("esi",$E); - &mov ($E,$Doff); # e becomes d, which is e in next iteration - &xor ("esi","edi"); # Ch(e,f,g) - &mov ("edi",$A); - &add ($T,"esi"); # T += Ch(e,f,g) - - &ror ("ecx",22-13); - &add ($T,$Hoff); # T += h - &xor ("ecx",$A); - &ror ("ecx",13-2); - &mov ("esi",$Boff); - &xor ("ecx",$A); - &ror ("ecx",2); # Sigma0(a) - &add ($E,$T); # d += T - &mov ("edi",$Coff); - - &add ($T,"ecx"); # T += Sigma0(a) - &mov ($Aoff,$A); # modulo-scheduled - - &mov ("ecx",$A); - &sub ("esp",4); - &or ($A,"esi"); # a becomes h, which is a in next iteration - &and ("ecx","esi"); - &and ($A,"edi"); - &mov ("esi",&DWP(0,$K256)); - &or ($A,"ecx"); # h=Maj(a,b,c) - - &add ($K256,4); - &add ($A,$T); # h += T - &mov ($T,&DWP(4*(8+15+16-1),"esp")) if ($in_16_63); # preload T - &add ($E,"esi"); # d += K256[i] - &add ($A,"esi"); # h += K256[i] -} - -&static_label("K256"); -&function_begin("sha256_block_data_order"); - &mov ("esi",wparam(0)); # ctx - &mov ("edi",wparam(1)); # inp - &mov ("eax",wparam(2)); # num - &mov ("ebx","esp"); # saved sp - - &picsetup($K256); - &picsymbol($K256, &label("K256"), $K256); - - &sub ("esp",16); - &and ("esp",-64); - - &shl ("eax",6); - &add ("eax","edi"); - &mov (&DWP(0,"esp"),"esi"); # ctx - &mov (&DWP(4,"esp"),"edi"); # inp - &mov (&DWP(8,"esp"),"eax"); # inp+num*128 - &mov (&DWP(12,"esp"),"ebx"); # saved sp - -&set_label("loop",16); - # copy input block to stack reversing byte and dword order - for($i=0;$i<4;$i++) { - &mov ("eax",&DWP($i*16+0,"edi")); - &mov ("ebx",&DWP($i*16+4,"edi")); - &mov ("ecx",&DWP($i*16+8,"edi")); - &mov ("edx",&DWP($i*16+12,"edi")); - &bswap ("eax"); - &bswap ("ebx"); - &bswap ("ecx"); - &bswap ("edx"); - &push ("eax"); - &push ("ebx"); - &push ("ecx"); - &push ("edx"); - } - &add ("edi",64); - &sub ("esp",4*8); # place for A,B,C,D,E,F,G,H - &mov (&DWP(4*(8+16)+4,"esp"),"edi"); - - # copy ctx->h[0-7] to A,B,C,D,E,F,G,H on stack - &mov ($A,&DWP(0,"esi")); - &mov ("ebx",&DWP(4,"esi")); - &mov ("ecx",&DWP(8,"esi")); - &mov ("edi",&DWP(12,"esi")); - # &mov ($Aoff,$A); - &mov ($Boff,"ebx"); - &mov ($Coff,"ecx"); - &mov ($Doff,"edi"); - &mov ($E,&DWP(16,"esi")); - &mov ("ebx",&DWP(20,"esi")); - &mov ("ecx",&DWP(24,"esi")); - &mov ("edi",&DWP(28,"esi")); - # &mov ($Eoff,$E); - &mov ($Foff,"ebx"); - &mov ($Goff,"ecx"); - &mov ($Hoff,"edi"); - -&set_label("00_15",16); - &mov ($T,&DWP(4*(8+15),"esp")); - - &BODY_00_15(); - - &cmp ("esi",0xc19bf174); - &jne (&label("00_15")); - - &mov ($T,&DWP(4*(8+15+16-1),"esp")); # preloaded in BODY_00_15(1) -&set_label("16_63",16); - &mov ("esi",$T); - &mov ("ecx",&DWP(4*(8+15+16-14),"esp")); - &ror ("esi",18-7); - &mov ("edi","ecx"); - &xor ("esi",$T); - &ror ("esi",7); - &shr ($T,3); - - &ror ("edi",19-17); - &xor ($T,"esi"); # T = sigma0(X[-15]) - &xor ("edi","ecx"); - &ror ("edi",17); - &shr ("ecx",10); - &add ($T,&DWP(4*(8+15+16),"esp")); # T += X[-16] - &xor ("edi","ecx"); # sigma1(X[-2]) - - &add ($T,&DWP(4*(8+15+16-9),"esp")); # T += X[-7] - # &add ($T,"edi"); # T += sigma1(X[-2]) - # &mov (&DWP(4*(8+15),"esp"),$T); # save X[0] - - &BODY_00_15(1); - - &cmp ("esi",0xc67178f2); - &jne (&label("16_63")); - - &mov ("esi",&DWP(4*(8+16+64)+0,"esp"));#ctx - # &mov ($A,$Aoff); - &mov ("ebx",$Boff); - &mov ("ecx",$Coff); - &mov ("edi",$Doff); - &add ($A,&DWP(0,"esi")); - &add ("ebx",&DWP(4,"esi")); - &add ("ecx",&DWP(8,"esi")); - &add ("edi",&DWP(12,"esi")); - &mov (&DWP(0,"esi"),$A); - &mov (&DWP(4,"esi"),"ebx"); - &mov (&DWP(8,"esi"),"ecx"); - &mov (&DWP(12,"esi"),"edi"); - # &mov ($E,$Eoff); - &mov ("eax",$Foff); - &mov ("ebx",$Goff); - &mov ("ecx",$Hoff); - &mov ("edi",&DWP(4*(8+16+64)+4,"esp"));#inp - &add ($E,&DWP(16,"esi")); - &add ("eax",&DWP(20,"esi")); - &add ("ebx",&DWP(24,"esi")); - &add ("ecx",&DWP(28,"esi")); - &mov (&DWP(16,"esi"),$E); - &mov (&DWP(20,"esi"),"eax"); - &mov (&DWP(24,"esi"),"ebx"); - &mov (&DWP(28,"esi"),"ecx"); - - &add ("esp",4*(8+16+64)); # destroy frame - &sub ($K256,4*64); # rewind K - - &cmp ("edi",&DWP(8,"esp")); # are we done yet? - &jb (&label("loop")); - - &mov ("esp",&DWP(12,"esp")); # restore sp -&function_end_A(); -&function_end_B("sha256_block_data_order"); - - &rodataseg(); -&set_label("K256",64); - &data_word(0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5); - &data_word(0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5); - &data_word(0xd807aa98,0x12835b01,0x243185be,0x550c7dc3); - &data_word(0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174); - &data_word(0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc); - &data_word(0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da); - &data_word(0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7); - &data_word(0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967); - &data_word(0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13); - &data_word(0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85); - &data_word(0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3); - &data_word(0xd192e819,0xd6990624,0xf40e3585,0x106aa070); - &data_word(0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5); - &data_word(0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3); - &data_word(0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208); - &data_word(0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2); - &previous(); - -&asm_finish(); diff --git a/src/lib/libcrypto/sha/asm/sha256-armv4.pl b/src/lib/libcrypto/sha/asm/sha256-armv4.pl deleted file mode 100644 index 292520731c..0000000000 --- a/src/lib/libcrypto/sha/asm/sha256-armv4.pl +++ /dev/null @@ -1,211 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# SHA256 block procedure for ARMv4. May 2007. - -# Performance is ~2x better than gcc 3.4 generated code and in "abso- -# lute" terms is ~2250 cycles per 64-byte block or ~35 cycles per -# byte [on single-issue Xscale PXA250 core]. - -# July 2010. -# -# Rescheduling for dual-issue pipeline resulted in 22% improvement on -# Cortex A8 core and ~20 cycles per processed byte. - -# February 2011. -# -# Profiler-assisted and platform-specific optimization resulted in 16% -# improvement on Cortex A8 core and ~17 cycles per processed byte. - -while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {} -open STDOUT,">$output"; - -$ctx="r0"; $t0="r0"; -$inp="r1"; $t3="r1"; -$len="r2"; $t1="r2"; -$T1="r3"; -$A="r4"; -$B="r5"; -$C="r6"; -$D="r7"; -$E="r8"; -$F="r9"; -$G="r10"; -$H="r11"; -@V=($A,$B,$C,$D,$E,$F,$G,$H); -$t2="r12"; -$Ktbl="r14"; - -@Sigma0=( 2,13,22); -@Sigma1=( 6,11,25); -@sigma0=( 7,18, 3); -@sigma1=(17,19,10); - -sub BODY_00_15 { -my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_; - -$code.=<<___ if ($i<16); -#if __ARM_ARCH__>=7 && !defined(__STRICT_ALIGNMENT) - ldr $T1,[$inp],#4 -#else - ldrb $T1,[$inp,#3] @ $i - ldrb $t2,[$inp,#2] - ldrb $t1,[$inp,#1] - ldrb $t0,[$inp],#4 - orr $T1,$T1,$t2,lsl#8 - orr $T1,$T1,$t1,lsl#16 - orr $T1,$T1,$t0,lsl#24 -#endif -___ -$code.=<<___; - mov $t0,$e,ror#$Sigma1[0] - ldr $t2,[$Ktbl],#4 @ *K256++ - eor $t0,$t0,$e,ror#$Sigma1[1] - eor $t1,$f,$g -#if $i>=16 - add $T1,$T1,$t3 @ from BODY_16_xx -#elif __ARM_ARCH__>=7 && defined(__ARMEL__) && !defined(__STRICT_ALIGNMENT) - rev $T1,$T1 -#endif -#if $i==15 - str $inp,[sp,#17*4] @ leave room for $t3 -#endif - eor $t0,$t0,$e,ror#$Sigma1[2] @ Sigma1(e) - and $t1,$t1,$e - str $T1,[sp,#`$i%16`*4] - add $T1,$T1,$t0 - eor $t1,$t1,$g @ Ch(e,f,g) - add $T1,$T1,$h - mov $h,$a,ror#$Sigma0[0] - add $T1,$T1,$t1 - eor $h,$h,$a,ror#$Sigma0[1] - add $T1,$T1,$t2 - eor $h,$h,$a,ror#$Sigma0[2] @ Sigma0(a) -#if $i>=15 - ldr $t3,[sp,#`($i+2)%16`*4] @ from BODY_16_xx -#endif - orr $t0,$a,$b - and $t1,$a,$b - and $t0,$t0,$c - add $h,$h,$T1 - orr $t0,$t0,$t1 @ Maj(a,b,c) - add $d,$d,$T1 - add $h,$h,$t0 -___ -} - -sub BODY_16_XX { -my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_; - -$code.=<<___; - @ ldr $t3,[sp,#`($i+1)%16`*4] @ $i - ldr $t2,[sp,#`($i+14)%16`*4] - mov $t0,$t3,ror#$sigma0[0] - ldr $T1,[sp,#`($i+0)%16`*4] - eor $t0,$t0,$t3,ror#$sigma0[1] - ldr $t1,[sp,#`($i+9)%16`*4] - eor $t0,$t0,$t3,lsr#$sigma0[2] @ sigma0(X[i+1]) - mov $t3,$t2,ror#$sigma1[0] - add $T1,$T1,$t0 - eor $t3,$t3,$t2,ror#$sigma1[1] - add $T1,$T1,$t1 - eor $t3,$t3,$t2,lsr#$sigma1[2] @ sigma1(X[i+14]) - @ add $T1,$T1,$t3 -___ - &BODY_00_15(@_); -} - -$code=<<___; -#include "arm_arch.h" - -.text -.code 32 - -.type K256,%object -.align 5 -K256: -.word 0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5 -.word 0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5 -.word 0xd807aa98,0x12835b01,0x243185be,0x550c7dc3 -.word 0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174 -.word 0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc -.word 0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da -.word 0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7 -.word 0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967 -.word 0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13 -.word 0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85 -.word 0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3 -.word 0xd192e819,0xd6990624,0xf40e3585,0x106aa070 -.word 0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5 -.word 0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3 -.word 0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208 -.word 0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2 -.size K256,.-K256 - -.global sha256_block_data_order -.type sha256_block_data_order,%function -sha256_block_data_order: - sub r3,pc,#8 @ sha256_block_data_order - add $len,$inp,$len,lsl#6 @ len to point at the end of inp - stmdb sp!,{$ctx,$inp,$len,r4-r11,lr} - ldmia $ctx,{$A,$B,$C,$D,$E,$F,$G,$H} - sub $Ktbl,r3,#256 @ K256 - sub sp,sp,#16*4 @ alloca(X[16]) -.Loop: -___ -for($i=0;$i<16;$i++) { &BODY_00_15($i,@V); unshift(@V,pop(@V)); } -$code.=".Lrounds_16_xx:\n"; -for (;$i<32;$i++) { &BODY_16_XX($i,@V); unshift(@V,pop(@V)); } -$code.=<<___; - and $t2,$t2,#0xff - cmp $t2,#0xf2 - bne .Lrounds_16_xx - - ldr $T1,[sp,#16*4] @ pull ctx - ldr $t0,[$T1,#0] - ldr $t1,[$T1,#4] - ldr $t2,[$T1,#8] - add $A,$A,$t0 - ldr $t0,[$T1,#12] - add $B,$B,$t1 - ldr $t1,[$T1,#16] - add $C,$C,$t2 - ldr $t2,[$T1,#20] - add $D,$D,$t0 - ldr $t0,[$T1,#24] - add $E,$E,$t1 - ldr $t1,[$T1,#28] - add $F,$F,$t2 - ldr $inp,[sp,#17*4] @ pull inp - ldr $t2,[sp,#18*4] @ pull inp+len - add $G,$G,$t0 - add $H,$H,$t1 - stmia $T1,{$A,$B,$C,$D,$E,$F,$G,$H} - cmp $inp,$t2 - sub $Ktbl,$Ktbl,#256 @ rewind Ktbl - bne .Loop - - add sp,sp,#`16+3`*4 @ destroy frame -#if __ARM_ARCH__>=5 - ldmia sp!,{r4-r11,pc} -#else - ldmia sp!,{r4-r11,lr} - tst lr,#1 - moveq pc,lr @ be binary compatible with V4, yet - bx lr @ interoperable with Thumb ISA:-) -#endif -.size sha256_block_data_order,.-sha256_block_data_order -.asciz "SHA256 block transform for ARMv4, CRYPTOGAMS by " -.align 2 -___ - -$code =~ s/\`([^\`]*)\`/eval $1/gem; -$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm; # make it possible to compile with -march=armv4 -print $code; -close STDOUT; # enforce flush diff --git a/src/lib/libcrypto/sha/asm/sha512-586.pl b/src/lib/libcrypto/sha/asm/sha512-586.pl deleted file mode 100644 index c1d0684e92..0000000000 --- a/src/lib/libcrypto/sha/asm/sha512-586.pl +++ /dev/null @@ -1,646 +0,0 @@ -#!/usr/bin/env perl -# -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== -# -# SHA512 block transform for x86. September 2007. -# -# Performance in clock cycles per processed byte (less is better): -# -# Pentium PIII P4 AMD K8 Core2 -# gcc 100 75 116 54 66 -# icc 97 77 95 55 57 -# x86 asm 61 56 82 36 40 -# SSE2 asm - - 38 24 20 -# x86_64 asm(*) - - 30 10.0 10.5 -# -# (*) x86_64 assembler performance is presented for reference -# purposes. -# -# IALU code-path is optimized for elder Pentiums. On vanilla Pentium -# performance improvement over compiler generated code reaches ~60%, -# while on PIII - ~35%. On newer µ-archs improvement varies from 15% -# to 50%, but it's less important as they are expected to execute SSE2 -# code-path, which is commonly ~2-3x faster [than compiler generated -# code]. SSE2 code-path is as fast as original sha512-sse2.pl, even -# though it does not use 128-bit operations. The latter means that -# SSE2-aware kernel is no longer required to execute the code. Another -# difference is that new code optimizes amount of writes, but at the -# cost of increased data cache "footprint" by 1/2KB. - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -push(@INC,"${dir}","${dir}../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],"sha512-586.pl",$ARGV[$#ARGV] eq "386"); - -$sse2=0; -for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); } - -&external_label("OPENSSL_ia32cap_P") if ($sse2); - -$Tlo=&DWP(0,"esp"); $Thi=&DWP(4,"esp"); -$Alo=&DWP(8,"esp"); $Ahi=&DWP(8+4,"esp"); -$Blo=&DWP(16,"esp"); $Bhi=&DWP(16+4,"esp"); -$Clo=&DWP(24,"esp"); $Chi=&DWP(24+4,"esp"); -$Dlo=&DWP(32,"esp"); $Dhi=&DWP(32+4,"esp"); -$Elo=&DWP(40,"esp"); $Ehi=&DWP(40+4,"esp"); -$Flo=&DWP(48,"esp"); $Fhi=&DWP(48+4,"esp"); -$Glo=&DWP(56,"esp"); $Ghi=&DWP(56+4,"esp"); -$Hlo=&DWP(64,"esp"); $Hhi=&DWP(64+4,"esp"); -$K512="ebp"; - -$Asse2=&QWP(0,"esp"); -$Bsse2=&QWP(8,"esp"); -$Csse2=&QWP(16,"esp"); -$Dsse2=&QWP(24,"esp"); -$Esse2=&QWP(32,"esp"); -$Fsse2=&QWP(40,"esp"); -$Gsse2=&QWP(48,"esp"); -$Hsse2=&QWP(56,"esp"); - -$A="mm0"; # B-D and -$E="mm4"; # F-H are commonly loaded to respectively mm1-mm3 and - # mm5-mm7, but it's done on on-demand basis... - -sub BODY_00_15_sse2 { - my $prefetch=shift; - - &movq ("mm5",$Fsse2); # load f - &movq ("mm6",$Gsse2); # load g - &movq ("mm7",$Hsse2); # load h - - &movq ("mm1",$E); # %mm1 is sliding right - &movq ("mm2",$E); # %mm2 is sliding left - &psrlq ("mm1",14); - &movq ($Esse2,$E); # modulo-scheduled save e - &psllq ("mm2",23); - &movq ("mm3","mm1"); # %mm3 is T1 - &psrlq ("mm1",4); - &pxor ("mm3","mm2"); - &psllq ("mm2",23); - &pxor ("mm3","mm1"); - &psrlq ("mm1",23); - &pxor ("mm3","mm2"); - &psllq ("mm2",4); - &pxor ("mm3","mm1"); - &paddq ("mm7",QWP(0,$K512)); # h+=K512[i] - &pxor ("mm3","mm2"); # T1=Sigma1_512(e) - - &pxor ("mm5","mm6"); # f^=g - &movq ("mm1",$Bsse2); # load b - &pand ("mm5",$E); # f&=e - &movq ("mm2",$Csse2); # load c - &pxor ("mm5","mm6"); # f^=g - &movq ($E,$Dsse2); # e = load d - &paddq ("mm3","mm5"); # T1+=Ch(e,f,g) - &movq (&QWP(0,"esp"),$A); # modulo-scheduled save a - &paddq ("mm3","mm7"); # T1+=h - - &movq ("mm5",$A); # %mm5 is sliding right - &movq ("mm6",$A); # %mm6 is sliding left - &paddq ("mm3",&QWP(8*9,"esp")); # T1+=X[0] - &psrlq ("mm5",28); - &paddq ($E,"mm3"); # e += T1 - &psllq ("mm6",25); - &movq ("mm7","mm5"); # %mm7 is T2 - &psrlq ("mm5",6); - &pxor ("mm7","mm6"); - &psllq ("mm6",5); - &pxor ("mm7","mm5"); - &psrlq ("mm5",5); - &pxor ("mm7","mm6"); - &psllq ("mm6",6); - &pxor ("mm7","mm5"); - &sub ("esp",8); - &pxor ("mm7","mm6"); # T2=Sigma0_512(a) - - &movq ("mm5",$A); # %mm5=a - &por ($A,"mm2"); # a=a|c - &movq ("mm6",&QWP(8*(9+16-14),"esp")) if ($prefetch); - &pand ("mm5","mm2"); # %mm5=a&c - &pand ($A,"mm1"); # a=(a|c)&b - &movq ("mm2",&QWP(8*(9+16-1),"esp")) if ($prefetch); - &por ("mm5",$A); # %mm5=(a&c)|((a|c)&b) - &paddq ("mm7","mm5"); # T2+=Maj(a,b,c) - &movq ($A,"mm3"); # a=T1 - - &mov (&LB("edx"),&BP(0,$K512)); - &paddq ($A,"mm7"); # a+=T2 - &add ($K512,8); -} - -sub BODY_00_15_x86 { - #define Sigma1(x) (ROTR((x),14) ^ ROTR((x),18) ^ ROTR((x),41)) - # LO lo>>14^hi<<18 ^ lo>>18^hi<<14 ^ hi>>9^lo<<23 - # HI hi>>14^lo<<18 ^ hi>>18^lo<<14 ^ lo>>9^hi<<23 - &mov ("ecx",$Elo); - &mov ("edx",$Ehi); - &mov ("esi","ecx"); - - &shr ("ecx",9); # lo>>9 - &mov ("edi","edx"); - &shr ("edx",9); # hi>>9 - &mov ("ebx","ecx"); - &shl ("esi",14); # lo<<14 - &mov ("eax","edx"); - &shl ("edi",14); # hi<<14 - &xor ("ebx","esi"); - - &shr ("ecx",14-9); # lo>>14 - &xor ("eax","edi"); - &shr ("edx",14-9); # hi>>14 - &xor ("eax","ecx"); - &shl ("esi",18-14); # lo<<18 - &xor ("ebx","edx"); - &shl ("edi",18-14); # hi<<18 - &xor ("ebx","esi"); - - &shr ("ecx",18-14); # lo>>18 - &xor ("eax","edi"); - &shr ("edx",18-14); # hi>>18 - &xor ("eax","ecx"); - &shl ("esi",23-18); # lo<<23 - &xor ("ebx","edx"); - &shl ("edi",23-18); # hi<<23 - &xor ("eax","esi"); - &xor ("ebx","edi"); # T1 = Sigma1(e) - - &mov ("ecx",$Flo); - &mov ("edx",$Fhi); - &mov ("esi",$Glo); - &mov ("edi",$Ghi); - &add ("eax",$Hlo); - &adc ("ebx",$Hhi); # T1 += h - &xor ("ecx","esi"); - &xor ("edx","edi"); - &and ("ecx",$Elo); - &and ("edx",$Ehi); - &add ("eax",&DWP(8*(9+15)+0,"esp")); - &adc ("ebx",&DWP(8*(9+15)+4,"esp")); # T1 += X[0] - &xor ("ecx","esi"); - &xor ("edx","edi"); # Ch(e,f,g) = (f^g)&e)^g - - &mov ("esi",&DWP(0,$K512)); - &mov ("edi",&DWP(4,$K512)); # K[i] - &add ("eax","ecx"); - &adc ("ebx","edx"); # T1 += Ch(e,f,g) - &mov ("ecx",$Dlo); - &mov ("edx",$Dhi); - &add ("eax","esi"); - &adc ("ebx","edi"); # T1 += K[i] - &mov ($Tlo,"eax"); - &mov ($Thi,"ebx"); # put T1 away - &add ("eax","ecx"); - &adc ("ebx","edx"); # d += T1 - - #define Sigma0(x) (ROTR((x),28) ^ ROTR((x),34) ^ ROTR((x),39)) - # LO lo>>28^hi<<4 ^ hi>>2^lo<<30 ^ hi>>7^lo<<25 - # HI hi>>28^lo<<4 ^ lo>>2^hi<<30 ^ lo>>7^hi<<25 - &mov ("ecx",$Alo); - &mov ("edx",$Ahi); - &mov ($Dlo,"eax"); - &mov ($Dhi,"ebx"); - &mov ("esi","ecx"); - - &shr ("ecx",2); # lo>>2 - &mov ("edi","edx"); - &shr ("edx",2); # hi>>2 - &mov ("ebx","ecx"); - &shl ("esi",4); # lo<<4 - &mov ("eax","edx"); - &shl ("edi",4); # hi<<4 - &xor ("ebx","esi"); - - &shr ("ecx",7-2); # lo>>7 - &xor ("eax","edi"); - &shr ("edx",7-2); # hi>>7 - &xor ("ebx","ecx"); - &shl ("esi",25-4); # lo<<25 - &xor ("eax","edx"); - &shl ("edi",25-4); # hi<<25 - &xor ("eax","esi"); - - &shr ("ecx",28-7); # lo>>28 - &xor ("ebx","edi"); - &shr ("edx",28-7); # hi>>28 - &xor ("eax","ecx"); - &shl ("esi",30-25); # lo<<30 - &xor ("ebx","edx"); - &shl ("edi",30-25); # hi<<30 - &xor ("eax","esi"); - &xor ("ebx","edi"); # Sigma0(a) - - &mov ("ecx",$Alo); - &mov ("edx",$Ahi); - &mov ("esi",$Blo); - &mov ("edi",$Bhi); - &add ("eax",$Tlo); - &adc ("ebx",$Thi); # T1 = Sigma0(a)+T1 - &or ("ecx","esi"); - &or ("edx","edi"); - &and ("ecx",$Clo); - &and ("edx",$Chi); - &and ("esi",$Alo); - &and ("edi",$Ahi); - &or ("ecx","esi"); - &or ("edx","edi"); # Maj(a,b,c) = ((a|b)&c)|(a&b) - - &add ("eax","ecx"); - &adc ("ebx","edx"); # T1 += Maj(a,b,c) - &mov ($Tlo,"eax"); - &mov ($Thi,"ebx"); - - &mov (&LB("edx"),&BP(0,$K512)); # pre-fetch LSB of *K - &sub ("esp",8); - &lea ($K512,&DWP(8,$K512)); # K++ -} - - -&static_label("K512"); -&function_begin("sha512_block_data_order"); - &mov ("esi",wparam(0)); # ctx - &mov ("edi",wparam(1)); # inp - &mov ("eax",wparam(2)); # num - &mov ("ebx","esp"); # saved sp - - &picsetup($K512); -if ($sse2) { - &picsymbol("edx", "OPENSSL_ia32cap_P", $K512); -} - &picsymbol($K512, &label("K512"), $K512); - - &sub ("esp",16); - &and ("esp",-64); - - &shl ("eax",7); - &add ("eax","edi"); - &mov (&DWP(0,"esp"),"esi"); # ctx - &mov (&DWP(4,"esp"),"edi"); # inp - &mov (&DWP(8,"esp"),"eax"); # inp+num*128 - &mov (&DWP(12,"esp"),"ebx"); # saved sp - -if ($sse2) { - &bt (&DWP(0,"edx"),"\$IA32CAP_BIT0_SSE2"); - &jnc (&label("loop_x86")); - - # load ctx->h[0-7] - &movq ($A,&QWP(0,"esi")); - &movq ("mm1",&QWP(8,"esi")); - &movq ("mm2",&QWP(16,"esi")); - &movq ("mm3",&QWP(24,"esi")); - &movq ($E,&QWP(32,"esi")); - &movq ("mm5",&QWP(40,"esi")); - &movq ("mm6",&QWP(48,"esi")); - &movq ("mm7",&QWP(56,"esi")); - &sub ("esp",8*10); - -&set_label("loop_sse2",16); - # &movq ($Asse2,$A); - &movq ($Bsse2,"mm1"); - &movq ($Csse2,"mm2"); - &movq ($Dsse2,"mm3"); - # &movq ($Esse2,$E); - &movq ($Fsse2,"mm5"); - &movq ($Gsse2,"mm6"); - &movq ($Hsse2,"mm7"); - - &mov ("ecx",&DWP(0,"edi")); - &mov ("edx",&DWP(4,"edi")); - &add ("edi",8); - &bswap ("ecx"); - &bswap ("edx"); - &mov (&DWP(8*9+4,"esp"),"ecx"); - &mov (&DWP(8*9+0,"esp"),"edx"); - -&set_label("00_14_sse2",16); - &mov ("eax",&DWP(0,"edi")); - &mov ("ebx",&DWP(4,"edi")); - &add ("edi",8); - &bswap ("eax"); - &bswap ("ebx"); - &mov (&DWP(8*8+4,"esp"),"eax"); - &mov (&DWP(8*8+0,"esp"),"ebx"); - - &BODY_00_15_sse2(); - - &cmp (&LB("edx"),0x35); - &jne (&label("00_14_sse2")); - - &BODY_00_15_sse2(1); - -&set_label("16_79_sse2",16); - #&movq ("mm2",&QWP(8*(9+16-1),"esp")); #prefetched in BODY_00_15 - #&movq ("mm6",&QWP(8*(9+16-14),"esp")); - &movq ("mm1","mm2"); - - &psrlq ("mm2",1); - &movq ("mm7","mm6"); - &psrlq ("mm6",6); - &movq ("mm3","mm2"); - - &psrlq ("mm2",7-1); - &movq ("mm5","mm6"); - &psrlq ("mm6",19-6); - &pxor ("mm3","mm2"); - - &psrlq ("mm2",8-7); - &pxor ("mm5","mm6"); - &psrlq ("mm6",61-19); - &pxor ("mm3","mm2"); - - &movq ("mm2",&QWP(8*(9+16),"esp")); - - &psllq ("mm1",56); - &pxor ("mm5","mm6"); - &psllq ("mm7",3); - &pxor ("mm3","mm1"); - - &paddq ("mm2",&QWP(8*(9+16-9),"esp")); - - &psllq ("mm1",63-56); - &pxor ("mm5","mm7"); - &psllq ("mm7",45-3); - &pxor ("mm3","mm1"); - &pxor ("mm5","mm7"); - - &paddq ("mm3","mm5"); - &paddq ("mm3","mm2"); - &movq (&QWP(8*9,"esp"),"mm3"); - - &BODY_00_15_sse2(1); - - &cmp (&LB("edx"),0x17); - &jne (&label("16_79_sse2")); - - # &movq ($A,$Asse2); - &movq ("mm1",$Bsse2); - &movq ("mm2",$Csse2); - &movq ("mm3",$Dsse2); - # &movq ($E,$Esse2); - &movq ("mm5",$Fsse2); - &movq ("mm6",$Gsse2); - &movq ("mm7",$Hsse2); - - &paddq ($A,&QWP(0,"esi")); - &paddq ("mm1",&QWP(8,"esi")); - &paddq ("mm2",&QWP(16,"esi")); - &paddq ("mm3",&QWP(24,"esi")); - &paddq ($E,&QWP(32,"esi")); - &paddq ("mm5",&QWP(40,"esi")); - &paddq ("mm6",&QWP(48,"esi")); - &paddq ("mm7",&QWP(56,"esi")); - - &movq (&QWP(0,"esi"),$A); - &movq (&QWP(8,"esi"),"mm1"); - &movq (&QWP(16,"esi"),"mm2"); - &movq (&QWP(24,"esi"),"mm3"); - &movq (&QWP(32,"esi"),$E); - &movq (&QWP(40,"esi"),"mm5"); - &movq (&QWP(48,"esi"),"mm6"); - &movq (&QWP(56,"esi"),"mm7"); - - &add ("esp",8*80); # destroy frame - &sub ($K512,8*80); # rewind K - - &cmp ("edi",&DWP(8*10+8,"esp")); # are we done yet? - &jb (&label("loop_sse2")); - - &emms (); - &mov ("esp",&DWP(8*10+12,"esp")); # restore sp -&function_end_A(); -} -&set_label("loop_x86",16); - # copy input block to stack reversing byte and qword order - for ($i=0;$i<8;$i++) { - &mov ("eax",&DWP($i*16+0,"edi")); - &mov ("ebx",&DWP($i*16+4,"edi")); - &mov ("ecx",&DWP($i*16+8,"edi")); - &mov ("edx",&DWP($i*16+12,"edi")); - &bswap ("eax"); - &bswap ("ebx"); - &bswap ("ecx"); - &bswap ("edx"); - &push ("eax"); - &push ("ebx"); - &push ("ecx"); - &push ("edx"); - } - &add ("edi",128); - &sub ("esp",9*8); # place for T,A,B,C,D,E,F,G,H - &mov (&DWP(8*(9+16)+4,"esp"),"edi"); - - # copy ctx->h[0-7] to A,B,C,D,E,F,G,H on stack - &lea ("edi",&DWP(8,"esp")); - &mov ("ecx",16); - &data_word(0xA5F3F689); # rep movsd - -&set_label("00_15_x86",16); - &BODY_00_15_x86(); - - &cmp (&LB("edx"),0x94); - &jne (&label("00_15_x86")); - -&set_label("16_79_x86",16); - #define sigma0(x) (ROTR((x),1) ^ ROTR((x),8) ^ ((x)>>7)) - # LO lo>>1^hi<<31 ^ lo>>8^hi<<24 ^ lo>>7^hi<<25 - # HI hi>>1^lo<<31 ^ hi>>8^lo<<24 ^ hi>>7 - &mov ("ecx",&DWP(8*(9+15+16-1)+0,"esp")); - &mov ("edx",&DWP(8*(9+15+16-1)+4,"esp")); - &mov ("esi","ecx"); - - &shr ("ecx",1); # lo>>1 - &mov ("edi","edx"); - &shr ("edx",1); # hi>>1 - &mov ("eax","ecx"); - &shl ("esi",24); # lo<<24 - &mov ("ebx","edx"); - &shl ("edi",24); # hi<<24 - &xor ("ebx","esi"); - - &shr ("ecx",7-1); # lo>>7 - &xor ("eax","edi"); - &shr ("edx",7-1); # hi>>7 - &xor ("eax","ecx"); - &shl ("esi",31-24); # lo<<31 - &xor ("ebx","edx"); - &shl ("edi",25-24); # hi<<25 - &xor ("ebx","esi"); - - &shr ("ecx",8-7); # lo>>8 - &xor ("eax","edi"); - &shr ("edx",8-7); # hi>>8 - &xor ("eax","ecx"); - &shl ("edi",31-25); # hi<<31 - &xor ("ebx","edx"); - &xor ("eax","edi"); # T1 = sigma0(X[-15]) - - &mov (&DWP(0,"esp"),"eax"); - &mov (&DWP(4,"esp"),"ebx"); # put T1 away - - #define sigma1(x) (ROTR((x),19) ^ ROTR((x),61) ^ ((x)>>6)) - # LO lo>>19^hi<<13 ^ hi>>29^lo<<3 ^ lo>>6^hi<<26 - # HI hi>>19^lo<<13 ^ lo>>29^hi<<3 ^ hi>>6 - &mov ("ecx",&DWP(8*(9+15+16-14)+0,"esp")); - &mov ("edx",&DWP(8*(9+15+16-14)+4,"esp")); - &mov ("esi","ecx"); - - &shr ("ecx",6); # lo>>6 - &mov ("edi","edx"); - &shr ("edx",6); # hi>>6 - &mov ("eax","ecx"); - &shl ("esi",3); # lo<<3 - &mov ("ebx","edx"); - &shl ("edi",3); # hi<<3 - &xor ("eax","esi"); - - &shr ("ecx",19-6); # lo>>19 - &xor ("ebx","edi"); - &shr ("edx",19-6); # hi>>19 - &xor ("eax","ecx"); - &shl ("esi",13-3); # lo<<13 - &xor ("ebx","edx"); - &shl ("edi",13-3); # hi<<13 - &xor ("ebx","esi"); - - &shr ("ecx",29-19); # lo>>29 - &xor ("eax","edi"); - &shr ("edx",29-19); # hi>>29 - &xor ("ebx","ecx"); - &shl ("edi",26-13); # hi<<26 - &xor ("eax","edx"); - &xor ("eax","edi"); # sigma1(X[-2]) - - &mov ("ecx",&DWP(8*(9+15+16)+0,"esp")); - &mov ("edx",&DWP(8*(9+15+16)+4,"esp")); - &add ("eax",&DWP(0,"esp")); - &adc ("ebx",&DWP(4,"esp")); # T1 = sigma1(X[-2])+T1 - &mov ("esi",&DWP(8*(9+15+16-9)+0,"esp")); - &mov ("edi",&DWP(8*(9+15+16-9)+4,"esp")); - &add ("eax","ecx"); - &adc ("ebx","edx"); # T1 += X[-16] - &add ("eax","esi"); - &adc ("ebx","edi"); # T1 += X[-7] - &mov (&DWP(8*(9+15)+0,"esp"),"eax"); - &mov (&DWP(8*(9+15)+4,"esp"),"ebx"); # save X[0] - - &BODY_00_15_x86(); - - &cmp (&LB("edx"),0x17); - &jne (&label("16_79_x86")); - - &mov ("esi",&DWP(8*(9+16+80)+0,"esp"));# ctx - &mov ("edi",&DWP(8*(9+16+80)+4,"esp"));# inp - for($i=0;$i<4;$i++) { - &mov ("eax",&DWP($i*16+0,"esi")); - &mov ("ebx",&DWP($i*16+4,"esi")); - &mov ("ecx",&DWP($i*16+8,"esi")); - &mov ("edx",&DWP($i*16+12,"esi")); - &add ("eax",&DWP(8+($i*16)+0,"esp")); - &adc ("ebx",&DWP(8+($i*16)+4,"esp")); - &mov (&DWP($i*16+0,"esi"),"eax"); - &mov (&DWP($i*16+4,"esi"),"ebx"); - &add ("ecx",&DWP(8+($i*16)+8,"esp")); - &adc ("edx",&DWP(8+($i*16)+12,"esp")); - &mov (&DWP($i*16+8,"esi"),"ecx"); - &mov (&DWP($i*16+12,"esi"),"edx"); - } - &add ("esp",8*(9+16+80)); # destroy frame - &sub ($K512,8*80); # rewind K - - &cmp ("edi",&DWP(8,"esp")); # are we done yet? - &jb (&label("loop_x86")); - - &mov ("esp",&DWP(12,"esp")); # restore sp -&function_end_A(); -&function_end_B("sha512_block_data_order"); - - &rodataseg(); -&set_label("K512",64); - &data_word(0xd728ae22,0x428a2f98); # u64 - &data_word(0x23ef65cd,0x71374491); # u64 - &data_word(0xec4d3b2f,0xb5c0fbcf); # u64 - &data_word(0x8189dbbc,0xe9b5dba5); # u64 - &data_word(0xf348b538,0x3956c25b); # u64 - &data_word(0xb605d019,0x59f111f1); # u64 - &data_word(0xaf194f9b,0x923f82a4); # u64 - &data_word(0xda6d8118,0xab1c5ed5); # u64 - &data_word(0xa3030242,0xd807aa98); # u64 - &data_word(0x45706fbe,0x12835b01); # u64 - &data_word(0x4ee4b28c,0x243185be); # u64 - &data_word(0xd5ffb4e2,0x550c7dc3); # u64 - &data_word(0xf27b896f,0x72be5d74); # u64 - &data_word(0x3b1696b1,0x80deb1fe); # u64 - &data_word(0x25c71235,0x9bdc06a7); # u64 - &data_word(0xcf692694,0xc19bf174); # u64 - &data_word(0x9ef14ad2,0xe49b69c1); # u64 - &data_word(0x384f25e3,0xefbe4786); # u64 - &data_word(0x8b8cd5b5,0x0fc19dc6); # u64 - &data_word(0x77ac9c65,0x240ca1cc); # u64 - &data_word(0x592b0275,0x2de92c6f); # u64 - &data_word(0x6ea6e483,0x4a7484aa); # u64 - &data_word(0xbd41fbd4,0x5cb0a9dc); # u64 - &data_word(0x831153b5,0x76f988da); # u64 - &data_word(0xee66dfab,0x983e5152); # u64 - &data_word(0x2db43210,0xa831c66d); # u64 - &data_word(0x98fb213f,0xb00327c8); # u64 - &data_word(0xbeef0ee4,0xbf597fc7); # u64 - &data_word(0x3da88fc2,0xc6e00bf3); # u64 - &data_word(0x930aa725,0xd5a79147); # u64 - &data_word(0xe003826f,0x06ca6351); # u64 - &data_word(0x0a0e6e70,0x14292967); # u64 - &data_word(0x46d22ffc,0x27b70a85); # u64 - &data_word(0x5c26c926,0x2e1b2138); # u64 - &data_word(0x5ac42aed,0x4d2c6dfc); # u64 - &data_word(0x9d95b3df,0x53380d13); # u64 - &data_word(0x8baf63de,0x650a7354); # u64 - &data_word(0x3c77b2a8,0x766a0abb); # u64 - &data_word(0x47edaee6,0x81c2c92e); # u64 - &data_word(0x1482353b,0x92722c85); # u64 - &data_word(0x4cf10364,0xa2bfe8a1); # u64 - &data_word(0xbc423001,0xa81a664b); # u64 - &data_word(0xd0f89791,0xc24b8b70); # u64 - &data_word(0x0654be30,0xc76c51a3); # u64 - &data_word(0xd6ef5218,0xd192e819); # u64 - &data_word(0x5565a910,0xd6990624); # u64 - &data_word(0x5771202a,0xf40e3585); # u64 - &data_word(0x32bbd1b8,0x106aa070); # u64 - &data_word(0xb8d2d0c8,0x19a4c116); # u64 - &data_word(0x5141ab53,0x1e376c08); # u64 - &data_word(0xdf8eeb99,0x2748774c); # u64 - &data_word(0xe19b48a8,0x34b0bcb5); # u64 - &data_word(0xc5c95a63,0x391c0cb3); # u64 - &data_word(0xe3418acb,0x4ed8aa4a); # u64 - &data_word(0x7763e373,0x5b9cca4f); # u64 - &data_word(0xd6b2b8a3,0x682e6ff3); # u64 - &data_word(0x5defb2fc,0x748f82ee); # u64 - &data_word(0x43172f60,0x78a5636f); # u64 - &data_word(0xa1f0ab72,0x84c87814); # u64 - &data_word(0x1a6439ec,0x8cc70208); # u64 - &data_word(0x23631e28,0x90befffa); # u64 - &data_word(0xde82bde9,0xa4506ceb); # u64 - &data_word(0xb2c67915,0xbef9a3f7); # u64 - &data_word(0xe372532b,0xc67178f2); # u64 - &data_word(0xea26619c,0xca273ece); # u64 - &data_word(0x21c0c207,0xd186b8c7); # u64 - &data_word(0xcde0eb1e,0xeada7dd6); # u64 - &data_word(0xee6ed178,0xf57d4f7f); # u64 - &data_word(0x72176fba,0x06f067aa); # u64 - &data_word(0xa2c898a6,0x0a637dc5); # u64 - &data_word(0xbef90dae,0x113f9804); # u64 - &data_word(0x131c471b,0x1b710b35); # u64 - &data_word(0x23047d84,0x28db77f5); # u64 - &data_word(0x40c72493,0x32caab7b); # u64 - &data_word(0x15c9bebc,0x3c9ebe0a); # u64 - &data_word(0x9c100d4c,0x431d67c4); # u64 - &data_word(0xcb3e42b6,0x4cc5d4be); # u64 - &data_word(0xfc657e2a,0x597f299c); # u64 - &data_word(0x3ad6faec,0x5fcb6fab); # u64 - &data_word(0x4a475817,0x6c44198c); # u64 - &previous(); - -&asm_finish(); diff --git a/src/lib/libcrypto/sha/asm/sha512-armv4.pl b/src/lib/libcrypto/sha/asm/sha512-armv4.pl deleted file mode 100644 index a247a00c2b..0000000000 --- a/src/lib/libcrypto/sha/asm/sha512-armv4.pl +++ /dev/null @@ -1,582 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# SHA512 block procedure for ARMv4. September 2007. - -# This code is ~4.5 (four and a half) times faster than code generated -# by gcc 3.4 and it spends ~72 clock cycles per byte [on single-issue -# Xscale PXA250 core]. -# -# July 2010. -# -# Rescheduling for dual-issue pipeline resulted in 6% improvement on -# Cortex A8 core and ~40 cycles per processed byte. - -# February 2011. -# -# Profiler-assisted and platform-specific optimization resulted in 7% -# improvement on Coxtex A8 core and ~38 cycles per byte. - -# March 2011. -# -# Add NEON implementation. On Cortex A8 it was measured to process -# one byte in 25.5 cycles or 47% faster than integer-only code. - -# Byte order [in]dependence. ========================================= -# -# Originally caller was expected to maintain specific *dword* order in -# h[0-7], namely with most significant dword at *lower* address, which -# was reflected in below two parameters as 0 and 4. Now caller is -# expected to maintain native byte order for whole 64-bit values. -$hi="HI"; -$lo="LO"; -# ==================================================================== - -while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {} -open STDOUT,">$output"; - -$ctx="r0"; # parameter block -$inp="r1"; -$len="r2"; - -$Tlo="r3"; -$Thi="r4"; -$Alo="r5"; -$Ahi="r6"; -$Elo="r7"; -$Ehi="r8"; -$t0="r9"; -$t1="r10"; -$t2="r11"; -$t3="r12"; -############ r13 is stack pointer -$Ktbl="r14"; -############ r15 is program counter - -$Aoff=8*0; -$Boff=8*1; -$Coff=8*2; -$Doff=8*3; -$Eoff=8*4; -$Foff=8*5; -$Goff=8*6; -$Hoff=8*7; -$Xoff=8*8; - -sub BODY_00_15() { -my $magic = shift; -$code.=<<___; - @ Sigma1(x) (ROTR((x),14) ^ ROTR((x),18) ^ ROTR((x),41)) - @ LO lo>>14^hi<<18 ^ lo>>18^hi<<14 ^ hi>>9^lo<<23 - @ HI hi>>14^lo<<18 ^ hi>>18^lo<<14 ^ lo>>9^hi<<23 - mov $t0,$Elo,lsr#14 - str $Tlo,[sp,#$Xoff+0] - mov $t1,$Ehi,lsr#14 - str $Thi,[sp,#$Xoff+4] - eor $t0,$t0,$Ehi,lsl#18 - ldr $t2,[sp,#$Hoff+0] @ h.lo - eor $t1,$t1,$Elo,lsl#18 - ldr $t3,[sp,#$Hoff+4] @ h.hi - eor $t0,$t0,$Elo,lsr#18 - eor $t1,$t1,$Ehi,lsr#18 - eor $t0,$t0,$Ehi,lsl#14 - eor $t1,$t1,$Elo,lsl#14 - eor $t0,$t0,$Ehi,lsr#9 - eor $t1,$t1,$Elo,lsr#9 - eor $t0,$t0,$Elo,lsl#23 - eor $t1,$t1,$Ehi,lsl#23 @ Sigma1(e) - adds $Tlo,$Tlo,$t0 - ldr $t0,[sp,#$Foff+0] @ f.lo - adc $Thi,$Thi,$t1 @ T += Sigma1(e) - ldr $t1,[sp,#$Foff+4] @ f.hi - adds $Tlo,$Tlo,$t2 - ldr $t2,[sp,#$Goff+0] @ g.lo - adc $Thi,$Thi,$t3 @ T += h - ldr $t3,[sp,#$Goff+4] @ g.hi - - eor $t0,$t0,$t2 - str $Elo,[sp,#$Eoff+0] - eor $t1,$t1,$t3 - str $Ehi,[sp,#$Eoff+4] - and $t0,$t0,$Elo - str $Alo,[sp,#$Aoff+0] - and $t1,$t1,$Ehi - str $Ahi,[sp,#$Aoff+4] - eor $t0,$t0,$t2 - ldr $t2,[$Ktbl,#$lo] @ K[i].lo - eor $t1,$t1,$t3 @ Ch(e,f,g) - ldr $t3,[$Ktbl,#$hi] @ K[i].hi - - adds $Tlo,$Tlo,$t0 - ldr $Elo,[sp,#$Doff+0] @ d.lo - adc $Thi,$Thi,$t1 @ T += Ch(e,f,g) - ldr $Ehi,[sp,#$Doff+4] @ d.hi - adds $Tlo,$Tlo,$t2 - and $t0,$t2,#0xff - adc $Thi,$Thi,$t3 @ T += K[i] - adds $Elo,$Elo,$Tlo - ldr $t2,[sp,#$Boff+0] @ b.lo - adc $Ehi,$Ehi,$Thi @ d += T - teq $t0,#$magic - - ldr $t3,[sp,#$Coff+0] @ c.lo - orreq $Ktbl,$Ktbl,#1 - @ Sigma0(x) (ROTR((x),28) ^ ROTR((x),34) ^ ROTR((x),39)) - @ LO lo>>28^hi<<4 ^ hi>>2^lo<<30 ^ hi>>7^lo<<25 - @ HI hi>>28^lo<<4 ^ lo>>2^hi<<30 ^ lo>>7^hi<<25 - mov $t0,$Alo,lsr#28 - mov $t1,$Ahi,lsr#28 - eor $t0,$t0,$Ahi,lsl#4 - eor $t1,$t1,$Alo,lsl#4 - eor $t0,$t0,$Ahi,lsr#2 - eor $t1,$t1,$Alo,lsr#2 - eor $t0,$t0,$Alo,lsl#30 - eor $t1,$t1,$Ahi,lsl#30 - eor $t0,$t0,$Ahi,lsr#7 - eor $t1,$t1,$Alo,lsr#7 - eor $t0,$t0,$Alo,lsl#25 - eor $t1,$t1,$Ahi,lsl#25 @ Sigma0(a) - adds $Tlo,$Tlo,$t0 - and $t0,$Alo,$t2 - adc $Thi,$Thi,$t1 @ T += Sigma0(a) - - ldr $t1,[sp,#$Boff+4] @ b.hi - orr $Alo,$Alo,$t2 - ldr $t2,[sp,#$Coff+4] @ c.hi - and $Alo,$Alo,$t3 - and $t3,$Ahi,$t1 - orr $Ahi,$Ahi,$t1 - orr $Alo,$Alo,$t0 @ Maj(a,b,c).lo - and $Ahi,$Ahi,$t2 - adds $Alo,$Alo,$Tlo - orr $Ahi,$Ahi,$t3 @ Maj(a,b,c).hi - sub sp,sp,#8 - adc $Ahi,$Ahi,$Thi @ h += T - tst $Ktbl,#1 - add $Ktbl,$Ktbl,#8 -___ -} -$code=<<___; -#include "arm_arch.h" -#ifdef __ARMEL__ -# define LO 0 -# define HI 4 -# define WORD64(hi0,lo0,hi1,lo1) .word lo0,hi0, lo1,hi1 -#else -# define HI 0 -# define LO 4 -# define WORD64(hi0,lo0,hi1,lo1) .word hi0,lo0, hi1,lo1 -#endif - -.text -.code 32 -.type K512,%object -.align 5 -K512: -WORD64(0x428a2f98,0xd728ae22, 0x71374491,0x23ef65cd) -WORD64(0xb5c0fbcf,0xec4d3b2f, 0xe9b5dba5,0x8189dbbc) -WORD64(0x3956c25b,0xf348b538, 0x59f111f1,0xb605d019) -WORD64(0x923f82a4,0xaf194f9b, 0xab1c5ed5,0xda6d8118) -WORD64(0xd807aa98,0xa3030242, 0x12835b01,0x45706fbe) -WORD64(0x243185be,0x4ee4b28c, 0x550c7dc3,0xd5ffb4e2) -WORD64(0x72be5d74,0xf27b896f, 0x80deb1fe,0x3b1696b1) -WORD64(0x9bdc06a7,0x25c71235, 0xc19bf174,0xcf692694) -WORD64(0xe49b69c1,0x9ef14ad2, 0xefbe4786,0x384f25e3) -WORD64(0x0fc19dc6,0x8b8cd5b5, 0x240ca1cc,0x77ac9c65) -WORD64(0x2de92c6f,0x592b0275, 0x4a7484aa,0x6ea6e483) -WORD64(0x5cb0a9dc,0xbd41fbd4, 0x76f988da,0x831153b5) -WORD64(0x983e5152,0xee66dfab, 0xa831c66d,0x2db43210) -WORD64(0xb00327c8,0x98fb213f, 0xbf597fc7,0xbeef0ee4) -WORD64(0xc6e00bf3,0x3da88fc2, 0xd5a79147,0x930aa725) -WORD64(0x06ca6351,0xe003826f, 0x14292967,0x0a0e6e70) -WORD64(0x27b70a85,0x46d22ffc, 0x2e1b2138,0x5c26c926) -WORD64(0x4d2c6dfc,0x5ac42aed, 0x53380d13,0x9d95b3df) -WORD64(0x650a7354,0x8baf63de, 0x766a0abb,0x3c77b2a8) -WORD64(0x81c2c92e,0x47edaee6, 0x92722c85,0x1482353b) -WORD64(0xa2bfe8a1,0x4cf10364, 0xa81a664b,0xbc423001) -WORD64(0xc24b8b70,0xd0f89791, 0xc76c51a3,0x0654be30) -WORD64(0xd192e819,0xd6ef5218, 0xd6990624,0x5565a910) -WORD64(0xf40e3585,0x5771202a, 0x106aa070,0x32bbd1b8) -WORD64(0x19a4c116,0xb8d2d0c8, 0x1e376c08,0x5141ab53) -WORD64(0x2748774c,0xdf8eeb99, 0x34b0bcb5,0xe19b48a8) -WORD64(0x391c0cb3,0xc5c95a63, 0x4ed8aa4a,0xe3418acb) -WORD64(0x5b9cca4f,0x7763e373, 0x682e6ff3,0xd6b2b8a3) -WORD64(0x748f82ee,0x5defb2fc, 0x78a5636f,0x43172f60) -WORD64(0x84c87814,0xa1f0ab72, 0x8cc70208,0x1a6439ec) -WORD64(0x90befffa,0x23631e28, 0xa4506ceb,0xde82bde9) -WORD64(0xbef9a3f7,0xb2c67915, 0xc67178f2,0xe372532b) -WORD64(0xca273ece,0xea26619c, 0xd186b8c7,0x21c0c207) -WORD64(0xeada7dd6,0xcde0eb1e, 0xf57d4f7f,0xee6ed178) -WORD64(0x06f067aa,0x72176fba, 0x0a637dc5,0xa2c898a6) -WORD64(0x113f9804,0xbef90dae, 0x1b710b35,0x131c471b) -WORD64(0x28db77f5,0x23047d84, 0x32caab7b,0x40c72493) -WORD64(0x3c9ebe0a,0x15c9bebc, 0x431d67c4,0x9c100d4c) -WORD64(0x4cc5d4be,0xcb3e42b6, 0x597f299c,0xfc657e2a) -WORD64(0x5fcb6fab,0x3ad6faec, 0x6c44198c,0x4a475817) -.size K512,.-K512 -.LOPENSSL_armcap: -.word OPENSSL_armcap_P-sha512_block_data_order -.skip 32-4 - -.global sha512_block_data_order -.type sha512_block_data_order,%function -sha512_block_data_order: - sub r3,pc,#8 @ sha512_block_data_order - add $len,$inp,$len,lsl#7 @ len to point at the end of inp -#if __ARM_ARCH__>=7 && !defined(__STRICT_ALIGNMENT) - ldr r12,.LOPENSSL_armcap - ldr r12,[r3,r12] @ OPENSSL_armcap_P - tst r12,#1 - bne .LNEON -#endif - stmdb sp!,{r4-r12,lr} - sub $Ktbl,r3,#672 @ K512 - sub sp,sp,#9*8 - - ldr $Elo,[$ctx,#$Eoff+$lo] - ldr $Ehi,[$ctx,#$Eoff+$hi] - ldr $t0, [$ctx,#$Goff+$lo] - ldr $t1, [$ctx,#$Goff+$hi] - ldr $t2, [$ctx,#$Hoff+$lo] - ldr $t3, [$ctx,#$Hoff+$hi] -.Loop: - str $t0, [sp,#$Goff+0] - str $t1, [sp,#$Goff+4] - str $t2, [sp,#$Hoff+0] - str $t3, [sp,#$Hoff+4] - ldr $Alo,[$ctx,#$Aoff+$lo] - ldr $Ahi,[$ctx,#$Aoff+$hi] - ldr $Tlo,[$ctx,#$Boff+$lo] - ldr $Thi,[$ctx,#$Boff+$hi] - ldr $t0, [$ctx,#$Coff+$lo] - ldr $t1, [$ctx,#$Coff+$hi] - ldr $t2, [$ctx,#$Doff+$lo] - ldr $t3, [$ctx,#$Doff+$hi] - str $Tlo,[sp,#$Boff+0] - str $Thi,[sp,#$Boff+4] - str $t0, [sp,#$Coff+0] - str $t1, [sp,#$Coff+4] - str $t2, [sp,#$Doff+0] - str $t3, [sp,#$Doff+4] - ldr $Tlo,[$ctx,#$Foff+$lo] - ldr $Thi,[$ctx,#$Foff+$hi] - str $Tlo,[sp,#$Foff+0] - str $Thi,[sp,#$Foff+4] - -.L00_15: -#if __ARM_ARCH__<7 || defined(__STRICT_ALIGNMENT) - ldrb $Tlo,[$inp,#7] - ldrb $t0, [$inp,#6] - ldrb $t1, [$inp,#5] - ldrb $t2, [$inp,#4] - ldrb $Thi,[$inp,#3] - ldrb $t3, [$inp,#2] - orr $Tlo,$Tlo,$t0,lsl#8 - ldrb $t0, [$inp,#1] - orr $Tlo,$Tlo,$t1,lsl#16 - ldrb $t1, [$inp],#8 - orr $Tlo,$Tlo,$t2,lsl#24 - orr $Thi,$Thi,$t3,lsl#8 - orr $Thi,$Thi,$t0,lsl#16 - orr $Thi,$Thi,$t1,lsl#24 -#else - ldr $Tlo,[$inp,#4] - ldr $Thi,[$inp],#8 -#ifdef __ARMEL__ - rev $Tlo,$Tlo - rev $Thi,$Thi -#endif -#endif -___ - &BODY_00_15(0x94); -$code.=<<___; - tst $Ktbl,#1 - beq .L00_15 - ldr $t0,[sp,#`$Xoff+8*(16-1)`+0] - ldr $t1,[sp,#`$Xoff+8*(16-1)`+4] - bic $Ktbl,$Ktbl,#1 -.L16_79: - @ sigma0(x) (ROTR((x),1) ^ ROTR((x),8) ^ ((x)>>7)) - @ LO lo>>1^hi<<31 ^ lo>>8^hi<<24 ^ lo>>7^hi<<25 - @ HI hi>>1^lo<<31 ^ hi>>8^lo<<24 ^ hi>>7 - mov $Tlo,$t0,lsr#1 - ldr $t2,[sp,#`$Xoff+8*(16-14)`+0] - mov $Thi,$t1,lsr#1 - ldr $t3,[sp,#`$Xoff+8*(16-14)`+4] - eor $Tlo,$Tlo,$t1,lsl#31 - eor $Thi,$Thi,$t0,lsl#31 - eor $Tlo,$Tlo,$t0,lsr#8 - eor $Thi,$Thi,$t1,lsr#8 - eor $Tlo,$Tlo,$t1,lsl#24 - eor $Thi,$Thi,$t0,lsl#24 - eor $Tlo,$Tlo,$t0,lsr#7 - eor $Thi,$Thi,$t1,lsr#7 - eor $Tlo,$Tlo,$t1,lsl#25 - - @ sigma1(x) (ROTR((x),19) ^ ROTR((x),61) ^ ((x)>>6)) - @ LO lo>>19^hi<<13 ^ hi>>29^lo<<3 ^ lo>>6^hi<<26 - @ HI hi>>19^lo<<13 ^ lo>>29^hi<<3 ^ hi>>6 - mov $t0,$t2,lsr#19 - mov $t1,$t3,lsr#19 - eor $t0,$t0,$t3,lsl#13 - eor $t1,$t1,$t2,lsl#13 - eor $t0,$t0,$t3,lsr#29 - eor $t1,$t1,$t2,lsr#29 - eor $t0,$t0,$t2,lsl#3 - eor $t1,$t1,$t3,lsl#3 - eor $t0,$t0,$t2,lsr#6 - eor $t1,$t1,$t3,lsr#6 - ldr $t2,[sp,#`$Xoff+8*(16-9)`+0] - eor $t0,$t0,$t3,lsl#26 - - ldr $t3,[sp,#`$Xoff+8*(16-9)`+4] - adds $Tlo,$Tlo,$t0 - ldr $t0,[sp,#`$Xoff+8*16`+0] - adc $Thi,$Thi,$t1 - - ldr $t1,[sp,#`$Xoff+8*16`+4] - adds $Tlo,$Tlo,$t2 - adc $Thi,$Thi,$t3 - adds $Tlo,$Tlo,$t0 - adc $Thi,$Thi,$t1 -___ - &BODY_00_15(0x17); -$code.=<<___; - ldreq $t0,[sp,#`$Xoff+8*(16-1)`+0] - ldreq $t1,[sp,#`$Xoff+8*(16-1)`+4] - beq .L16_79 - bic $Ktbl,$Ktbl,#1 - - ldr $Tlo,[sp,#$Boff+0] - ldr $Thi,[sp,#$Boff+4] - ldr $t0, [$ctx,#$Aoff+$lo] - ldr $t1, [$ctx,#$Aoff+$hi] - ldr $t2, [$ctx,#$Boff+$lo] - ldr $t3, [$ctx,#$Boff+$hi] - adds $t0,$Alo,$t0 - str $t0, [$ctx,#$Aoff+$lo] - adc $t1,$Ahi,$t1 - str $t1, [$ctx,#$Aoff+$hi] - adds $t2,$Tlo,$t2 - str $t2, [$ctx,#$Boff+$lo] - adc $t3,$Thi,$t3 - str $t3, [$ctx,#$Boff+$hi] - - ldr $Alo,[sp,#$Coff+0] - ldr $Ahi,[sp,#$Coff+4] - ldr $Tlo,[sp,#$Doff+0] - ldr $Thi,[sp,#$Doff+4] - ldr $t0, [$ctx,#$Coff+$lo] - ldr $t1, [$ctx,#$Coff+$hi] - ldr $t2, [$ctx,#$Doff+$lo] - ldr $t3, [$ctx,#$Doff+$hi] - adds $t0,$Alo,$t0 - str $t0, [$ctx,#$Coff+$lo] - adc $t1,$Ahi,$t1 - str $t1, [$ctx,#$Coff+$hi] - adds $t2,$Tlo,$t2 - str $t2, [$ctx,#$Doff+$lo] - adc $t3,$Thi,$t3 - str $t3, [$ctx,#$Doff+$hi] - - ldr $Tlo,[sp,#$Foff+0] - ldr $Thi,[sp,#$Foff+4] - ldr $t0, [$ctx,#$Eoff+$lo] - ldr $t1, [$ctx,#$Eoff+$hi] - ldr $t2, [$ctx,#$Foff+$lo] - ldr $t3, [$ctx,#$Foff+$hi] - adds $Elo,$Elo,$t0 - str $Elo,[$ctx,#$Eoff+$lo] - adc $Ehi,$Ehi,$t1 - str $Ehi,[$ctx,#$Eoff+$hi] - adds $t2,$Tlo,$t2 - str $t2, [$ctx,#$Foff+$lo] - adc $t3,$Thi,$t3 - str $t3, [$ctx,#$Foff+$hi] - - ldr $Alo,[sp,#$Goff+0] - ldr $Ahi,[sp,#$Goff+4] - ldr $Tlo,[sp,#$Hoff+0] - ldr $Thi,[sp,#$Hoff+4] - ldr $t0, [$ctx,#$Goff+$lo] - ldr $t1, [$ctx,#$Goff+$hi] - ldr $t2, [$ctx,#$Hoff+$lo] - ldr $t3, [$ctx,#$Hoff+$hi] - adds $t0,$Alo,$t0 - str $t0, [$ctx,#$Goff+$lo] - adc $t1,$Ahi,$t1 - str $t1, [$ctx,#$Goff+$hi] - adds $t2,$Tlo,$t2 - str $t2, [$ctx,#$Hoff+$lo] - adc $t3,$Thi,$t3 - str $t3, [$ctx,#$Hoff+$hi] - - add sp,sp,#640 - sub $Ktbl,$Ktbl,#640 - - teq $inp,$len - bne .Loop - - add sp,sp,#8*9 @ destroy frame -#if __ARM_ARCH__>=5 - ldmia sp!,{r4-r12,pc} -#else - ldmia sp!,{r4-r12,lr} - tst lr,#1 - moveq pc,lr @ be binary compatible with V4, yet - bx lr @ interoperable with Thumb ISA:-) -#endif -___ - -{ -my @Sigma0=(28,34,39); -my @Sigma1=(14,18,41); -my @sigma0=(1, 8, 7); -my @sigma1=(19,61,6); - -my $Ktbl="r3"; -my $cnt="r12"; # volatile register known as ip, intra-procedure-call scratch - -my @X=map("d$_",(0..15)); -my @V=($A,$B,$C,$D,$E,$F,$G,$H)=map("d$_",(16..23)); - -sub NEON_00_15() { -my $i=shift; -my ($a,$b,$c,$d,$e,$f,$g,$h)=@_; -my ($t0,$t1,$t2,$T1,$K,$Ch,$Maj)=map("d$_",(24..31)); # temps - -$code.=<<___ if ($i<16 || $i&1); - vshr.u64 $t0,$e,#@Sigma1[0] @ $i -#if $i<16 - vld1.64 {@X[$i%16]},[$inp]! @ handles unaligned -#endif - vshr.u64 $t1,$e,#@Sigma1[1] - vshr.u64 $t2,$e,#@Sigma1[2] -___ -$code.=<<___; - vld1.64 {$K},[$Ktbl,:64]! @ K[i++] - vsli.64 $t0,$e,#`64-@Sigma1[0]` - vsli.64 $t1,$e,#`64-@Sigma1[1]` - vsli.64 $t2,$e,#`64-@Sigma1[2]` -#if $i<16 && defined(__ARMEL__) - vrev64.8 @X[$i],@X[$i] -#endif - vadd.i64 $T1,$K,$h - veor $Ch,$f,$g - veor $t0,$t1 - vand $Ch,$e - veor $t0,$t2 @ Sigma1(e) - veor $Ch,$g @ Ch(e,f,g) - vadd.i64 $T1,$t0 - vshr.u64 $t0,$a,#@Sigma0[0] - vadd.i64 $T1,$Ch - vshr.u64 $t1,$a,#@Sigma0[1] - vshr.u64 $t2,$a,#@Sigma0[2] - vsli.64 $t0,$a,#`64-@Sigma0[0]` - vsli.64 $t1,$a,#`64-@Sigma0[1]` - vsli.64 $t2,$a,#`64-@Sigma0[2]` - vadd.i64 $T1,@X[$i%16] - vorr $Maj,$a,$c - vand $Ch,$a,$c - veor $h,$t0,$t1 - vand $Maj,$b - veor $h,$t2 @ Sigma0(a) - vorr $Maj,$Ch @ Maj(a,b,c) - vadd.i64 $h,$T1 - vadd.i64 $d,$T1 - vadd.i64 $h,$Maj -___ -} - -sub NEON_16_79() { -my $i=shift; - -if ($i&1) { &NEON_00_15($i,@_); return; } - -# 2x-vectorized, therefore runs every 2nd round -my @X=map("q$_",(0..7)); # view @X as 128-bit vector -my ($t0,$t1,$s0,$s1) = map("q$_",(12..15)); # temps -my ($d0,$d1,$d2) = map("d$_",(24..26)); # temps from NEON_00_15 -my $e=@_[4]; # $e from NEON_00_15 -$i /= 2; -$code.=<<___; - vshr.u64 $t0,@X[($i+7)%8],#@sigma1[0] - vshr.u64 $t1,@X[($i+7)%8],#@sigma1[1] - vshr.u64 $s1,@X[($i+7)%8],#@sigma1[2] - vsli.64 $t0,@X[($i+7)%8],#`64-@sigma1[0]` - vext.8 $s0,@X[$i%8],@X[($i+1)%8],#8 @ X[i+1] - vsli.64 $t1,@X[($i+7)%8],#`64-@sigma1[1]` - veor $s1,$t0 - vshr.u64 $t0,$s0,#@sigma0[0] - veor $s1,$t1 @ sigma1(X[i+14]) - vshr.u64 $t1,$s0,#@sigma0[1] - vadd.i64 @X[$i%8],$s1 - vshr.u64 $s1,$s0,#@sigma0[2] - vsli.64 $t0,$s0,#`64-@sigma0[0]` - vsli.64 $t1,$s0,#`64-@sigma0[1]` - vext.8 $s0,@X[($i+4)%8],@X[($i+5)%8],#8 @ X[i+9] - veor $s1,$t0 - vshr.u64 $d0,$e,#@Sigma1[0] @ from NEON_00_15 - vadd.i64 @X[$i%8],$s0 - vshr.u64 $d1,$e,#@Sigma1[1] @ from NEON_00_15 - veor $s1,$t1 @ sigma0(X[i+1]) - vshr.u64 $d2,$e,#@Sigma1[2] @ from NEON_00_15 - vadd.i64 @X[$i%8],$s1 -___ - &NEON_00_15(2*$i,@_); -} - -$code.=<<___; -#if __ARM_ARCH__>=7 && !defined(__STRICT_ALIGNMENT) -.fpu neon - -.align 4 -.LNEON: - dmb @ errata #451034 on early Cortex A8 - vstmdb sp!,{d8-d15} @ ABI specification says so - sub $Ktbl,r3,#672 @ K512 - vldmia $ctx,{$A-$H} @ load context -.Loop_neon: -___ -for($i=0;$i<16;$i++) { &NEON_00_15($i,@V); unshift(@V,pop(@V)); } -$code.=<<___; - mov $cnt,#4 -.L16_79_neon: - subs $cnt,#1 -___ -for(;$i<32;$i++) { &NEON_16_79($i,@V); unshift(@V,pop(@V)); } -$code.=<<___; - bne .L16_79_neon - - vldmia $ctx,{d24-d31} @ load context to temp - vadd.i64 q8,q12 @ vectorized accumulate - vadd.i64 q9,q13 - vadd.i64 q10,q14 - vadd.i64 q11,q15 - vstmia $ctx,{$A-$H} @ save context - teq $inp,$len - sub $Ktbl,#640 @ rewind K512 - bne .Loop_neon - - vldmia sp!,{d8-d15} @ epilogue - bx lr -#endif -___ -} -$code.=<<___; -.size sha512_block_data_order,.-sha512_block_data_order -.asciz "SHA512 block transform for ARMv4/NEON, CRYPTOGAMS by " -.align 2 -.comm OPENSSL_armcap_P,4,4 -___ - -$code =~ s/\`([^\`]*)\`/eval $1/gem; -$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm; # make it possible to compile with -march=armv4 -print $code; -close STDOUT; # enforce flush diff --git a/src/lib/libcrypto/sha/asm/sha512-mips.pl b/src/lib/libcrypto/sha/asm/sha512-mips.pl deleted file mode 100644 index 495a000695..0000000000 --- a/src/lib/libcrypto/sha/asm/sha512-mips.pl +++ /dev/null @@ -1,457 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# SHA2 block procedures for MIPS. - -# October 2010. -# -# SHA256 performance improvement on MIPS R5000 CPU is ~27% over gcc- -# generated code in o32 build and ~55% in n32/64 build. SHA512 [which -# for now can only be compiled for MIPS64 ISA] improvement is modest -# ~17%, but it comes for free, because it's same instruction sequence. -# Improvement coefficients are for aligned input. - -###################################################################### -# There is a number of MIPS ABI in use, O32 and N32/64 are most -# widely used. Then there is a new contender: NUBI. It appears that if -# one picks the latter, it's possible to arrange code in ABI neutral -# manner. Therefore let's stick to NUBI register layout: -# -($zero,$at,$t0,$t1,$t2)=map("\$$_",(0..2,24,25)); -($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11)); -($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7,$s8,$s9,$s10,$s11)=map("\$$_",(12..23)); -($gp,$tp,$sp,$fp,$ra)=map("\$$_",(3,28..31)); -# -# The return value is placed in $a0. Following coding rules facilitate -# interoperability: -# -# - never ever touch $tp, "thread pointer", former $gp [o32 can be -# excluded from the rule, because it's specified volatile]; -# - copy return value to $t0, former $v0 [or to $a0 if you're adapting -# old code]; -# - on O32 populate $a4-$a7 with 'lw $aN,4*N($sp)' if necessary; -# -# For reference here is register layout for N32/64 MIPS ABIs: -# -# ($zero,$at,$v0,$v1)=map("\$$_",(0..3)); -# ($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11)); -# ($t0,$t1,$t2,$t3,$t8,$t9)=map("\$$_",(12..15,24,25)); -# ($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7)=map("\$$_",(16..23)); -# ($gp,$sp,$fp,$ra)=map("\$$_",(28..31)); -# -$flavour = shift; # supported flavours are o32,n32,64,nubi32,nubi64 - -if ($flavour =~ /64/i) { - $LA="dla"; -} else { - $LA="la"; -} - -if ($flavour =~ /64|n32/i) { - $PTR_ADD="dadd"; # incidentally works even on n32 - $PTR_SUB="dsub"; # incidentally works even on n32 - $REG_S="sd"; - $REG_L="ld"; - $PTR_SLL="dsll"; # incidentally works even on n32 - $SZREG=8; -} else { - $PTR_ADD="add"; - $PTR_SUB="sub"; - $REG_S="sw"; - $REG_L="lw"; - $PTR_SLL="sll"; - $SZREG=4; -} -$pf = ($flavour =~ /nubi/i) ? $t0 : $t2; -# -# -# -###################################################################### - -$big_endian=(`echo MIPSEL | $ENV{CC} -E -P -`=~/MIPSEL/)?1:0; - -for (@ARGV) { $output=$_ if (/^\w[\w\-]*\.\w+$/); } -open STDOUT,">$output"; - -if (!defined($big_endian)) { $big_endian=(unpack('L',pack('N',1))==1); } - -if ($output =~ /512/) { - $label="512"; - $SZ=8; - $LD="ld"; # load from memory - $ST="sd"; # store to memory - $SLL="dsll"; # shift left logical - $SRL="dsrl"; # shift right logical - $ADDU="daddu"; - @Sigma0=(28,34,39); - @Sigma1=(14,18,41); - @sigma0=( 7, 1, 8); # right shift first - @sigma1=( 6,19,61); # right shift first - $lastK=0x817; - $rounds=80; -} else { - $label="256"; - $SZ=4; - $LD="lw"; # load from memory - $ST="sw"; # store to memory - $SLL="sll"; # shift left logical - $SRL="srl"; # shift right logical - $ADDU="addu"; - @Sigma0=( 2,13,22); - @Sigma1=( 6,11,25); - @sigma0=( 3, 7,18); # right shift first - @sigma1=(10,17,19); # right shift first - $lastK=0x8f2; - $rounds=64; -} - -$MSB = $big_endian ? 0 : ($SZ-1); -$LSB = ($SZ-1)&~$MSB; - -@V=($A,$B,$C,$D,$E,$F,$G,$H)=map("\$$_",(1,2,3,7,24,25,30,31)); -@X=map("\$$_",(8..23)); - -$ctx=$a0; -$inp=$a1; -$len=$a2; $Ktbl=$len; - -sub BODY_00_15 { -my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_; -my ($T1,$tmp0,$tmp1,$tmp2)=(@X[4],@X[5],@X[6],@X[7]); - -$code.=<<___ if ($i<15); - ${LD}l @X[1],`($i+1)*$SZ+$MSB`($inp) - ${LD}r @X[1],`($i+1)*$SZ+$LSB`($inp) -___ -$code.=<<___ if (!$big_endian && $i<16 && $SZ==4); - srl $tmp0,@X[0],24 # byte swap($i) - srl $tmp1,@X[0],8 - andi $tmp2,@X[0],0xFF00 - sll @X[0],@X[0],24 - andi $tmp1,0xFF00 - sll $tmp2,$tmp2,8 - or @X[0],$tmp0 - or $tmp1,$tmp2 - or @X[0],$tmp1 -___ -$code.=<<___ if (!$big_endian && $i<16 && $SZ==8); - ori $tmp0,$zero,0xFF - dsll $tmp2,$tmp0,32 - or $tmp0,$tmp2 # 0x000000FF000000FF - and $tmp1,@X[0],$tmp0 # byte swap($i) - dsrl $tmp2,@X[0],24 - dsll $tmp1,24 - and $tmp2,$tmp0 - dsll $tmp0,8 # 0x0000FF000000FF00 - or $tmp1,$tmp2 - and $tmp2,@X[0],$tmp0 - dsrl @X[0],8 - dsll $tmp2,8 - and @X[0],$tmp0 - or $tmp1,$tmp2 - or @X[0],$tmp1 - dsrl $tmp1,@X[0],32 - dsll @X[0],32 - or @X[0],$tmp1 -___ -$code.=<<___; - $ADDU $T1,$X[0],$h # $i - $SRL $h,$e,@Sigma1[0] - xor $tmp2,$f,$g - $SLL $tmp1,$e,`$SZ*8-@Sigma1[2]` - and $tmp2,$e - $SRL $tmp0,$e,@Sigma1[1] - xor $h,$tmp1 - $SLL $tmp1,$e,`$SZ*8-@Sigma1[1]` - xor $h,$tmp0 - $SRL $tmp0,$e,@Sigma1[2] - xor $h,$tmp1 - $SLL $tmp1,$e,`$SZ*8-@Sigma1[0]` - xor $h,$tmp0 - xor $tmp2,$g # Ch(e,f,g) - xor $tmp0,$tmp1,$h # Sigma1(e) - - $SRL $h,$a,@Sigma0[0] - $ADDU $T1,$tmp2 - $LD $tmp2,`$i*$SZ`($Ktbl) # K[$i] - $SLL $tmp1,$a,`$SZ*8-@Sigma0[2]` - $ADDU $T1,$tmp0 - $SRL $tmp0,$a,@Sigma0[1] - xor $h,$tmp1 - $SLL $tmp1,$a,`$SZ*8-@Sigma0[1]` - xor $h,$tmp0 - $SRL $tmp0,$a,@Sigma0[2] - xor $h,$tmp1 - $SLL $tmp1,$a,`$SZ*8-@Sigma0[0]` - xor $h,$tmp0 - $ST @X[0],`($i%16)*$SZ`($sp) # offload to ring buffer - xor $h,$tmp1 # Sigma0(a) - - or $tmp0,$a,$b - and $tmp1,$a,$b - and $tmp0,$c - or $tmp1,$tmp0 # Maj(a,b,c) - $ADDU $T1,$tmp2 # +=K[$i] - $ADDU $h,$tmp1 - - $ADDU $d,$T1 - $ADDU $h,$T1 -___ -$code.=<<___ if ($i>=13); - $LD @X[3],`(($i+3)%16)*$SZ`($sp) # prefetch from ring buffer -___ -} - -sub BODY_16_XX { -my $i=@_[0]; -my ($tmp0,$tmp1,$tmp2,$tmp3)=(@X[4],@X[5],@X[6],@X[7]); - -$code.=<<___; - $SRL $tmp2,@X[1],@sigma0[0] # Xupdate($i) - $ADDU @X[0],@X[9] # +=X[i+9] - $SLL $tmp1,@X[1],`$SZ*8-@sigma0[2]` - $SRL $tmp0,@X[1],@sigma0[1] - xor $tmp2,$tmp1 - $SLL $tmp1,`@sigma0[2]-@sigma0[1]` - xor $tmp2,$tmp0 - $SRL $tmp0,@X[1],@sigma0[2] - xor $tmp2,$tmp1 - - $SRL $tmp3,@X[14],@sigma1[0] - xor $tmp2,$tmp0 # sigma0(X[i+1]) - $SLL $tmp1,@X[14],`$SZ*8-@sigma1[2]` - $ADDU @X[0],$tmp2 - $SRL $tmp0,@X[14],@sigma1[1] - xor $tmp3,$tmp1 - $SLL $tmp1,`@sigma1[2]-@sigma1[1]` - xor $tmp3,$tmp0 - $SRL $tmp0,@X[14],@sigma1[2] - xor $tmp3,$tmp1 - - xor $tmp3,$tmp0 # sigma1(X[i+14]) - $ADDU @X[0],$tmp3 -___ - &BODY_00_15(@_); -} - -$FRAMESIZE=16*$SZ+16*$SZREG; -$SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0xc0fff008 : 0xc0ff0000; - -$code.=<<___; -.text -.set noat -#if !defined(__vxworks) || defined(__pic__) -.option pic2 -#endif - -.align 5 -.globl sha${label}_block_data_order -.ent sha${label}_block_data_order -sha${label}_block_data_order: - .frame $sp,$FRAMESIZE,$ra - .mask $SAVED_REGS_MASK,-$SZREG - .set noreorder -___ -$code.=<<___ if ($flavour =~ /o32/i); # o32 PIC-ification - .cpload $pf -___ -$code.=<<___; - $PTR_SUB $sp,$FRAMESIZE - $REG_S $ra,$FRAMESIZE-1*$SZREG($sp) - $REG_S $fp,$FRAMESIZE-2*$SZREG($sp) - $REG_S $s11,$FRAMESIZE-3*$SZREG($sp) - $REG_S $s10,$FRAMESIZE-4*$SZREG($sp) - $REG_S $s9,$FRAMESIZE-5*$SZREG($sp) - $REG_S $s8,$FRAMESIZE-6*$SZREG($sp) - $REG_S $s7,$FRAMESIZE-7*$SZREG($sp) - $REG_S $s6,$FRAMESIZE-8*$SZREG($sp) - $REG_S $s5,$FRAMESIZE-9*$SZREG($sp) - $REG_S $s4,$FRAMESIZE-10*$SZREG($sp) -___ -$code.=<<___ if ($flavour =~ /nubi/i); # optimize non-nubi prologue - $REG_S $s3,$FRAMESIZE-11*$SZREG($sp) - $REG_S $s2,$FRAMESIZE-12*$SZREG($sp) - $REG_S $s1,$FRAMESIZE-13*$SZREG($sp) - $REG_S $s0,$FRAMESIZE-14*$SZREG($sp) - $REG_S $gp,$FRAMESIZE-15*$SZREG($sp) -___ -$code.=<<___; - $PTR_SLL @X[15],$len,`log(16*$SZ)/log(2)` -___ -$code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification - .cplocal $Ktbl - .cpsetup $pf,$zero,sha${label}_block_data_order -___ -$code.=<<___; - .set reorder - $LA $Ktbl,K${label} # PIC-ified 'load address' - - $LD $A,0*$SZ($ctx) # load context - $LD $B,1*$SZ($ctx) - $LD $C,2*$SZ($ctx) - $LD $D,3*$SZ($ctx) - $LD $E,4*$SZ($ctx) - $LD $F,5*$SZ($ctx) - $LD $G,6*$SZ($ctx) - $LD $H,7*$SZ($ctx) - - $PTR_ADD @X[15],$inp # pointer to the end of input - $REG_S @X[15],16*$SZ($sp) - b .Loop - -.align 5 -.Loop: - ${LD}l @X[0],$MSB($inp) - ${LD}r @X[0],$LSB($inp) -___ -for ($i=0;$i<16;$i++) -{ &BODY_00_15($i,@V); unshift(@V,pop(@V)); push(@X,shift(@X)); } -$code.=<<___; - b .L16_xx -.align 4 -.L16_xx: -___ -for (;$i<32;$i++) -{ &BODY_16_XX($i,@V); unshift(@V,pop(@V)); push(@X,shift(@X)); } -$code.=<<___; - and @X[6],0xfff - li @X[7],$lastK - .set noreorder - bne @X[6],@X[7],.L16_xx - $PTR_ADD $Ktbl,16*$SZ # Ktbl+=16 - - $REG_L @X[15],16*$SZ($sp) # restore pointer to the end of input - $LD @X[0],0*$SZ($ctx) - $LD @X[1],1*$SZ($ctx) - $LD @X[2],2*$SZ($ctx) - $PTR_ADD $inp,16*$SZ - $LD @X[3],3*$SZ($ctx) - $ADDU $A,@X[0] - $LD @X[4],4*$SZ($ctx) - $ADDU $B,@X[1] - $LD @X[5],5*$SZ($ctx) - $ADDU $C,@X[2] - $LD @X[6],6*$SZ($ctx) - $ADDU $D,@X[3] - $LD @X[7],7*$SZ($ctx) - $ADDU $E,@X[4] - $ST $A,0*$SZ($ctx) - $ADDU $F,@X[5] - $ST $B,1*$SZ($ctx) - $ADDU $G,@X[6] - $ST $C,2*$SZ($ctx) - $ADDU $H,@X[7] - $ST $D,3*$SZ($ctx) - $ST $E,4*$SZ($ctx) - $ST $F,5*$SZ($ctx) - $ST $G,6*$SZ($ctx) - $ST $H,7*$SZ($ctx) - - bne $inp,@X[15],.Loop - $PTR_SUB $Ktbl,`($rounds-16)*$SZ` # rewind $Ktbl - - $REG_L $ra,$FRAMESIZE-1*$SZREG($sp) - $REG_L $fp,$FRAMESIZE-2*$SZREG($sp) - $REG_L $s11,$FRAMESIZE-3*$SZREG($sp) - $REG_L $s10,$FRAMESIZE-4*$SZREG($sp) - $REG_L $s9,$FRAMESIZE-5*$SZREG($sp) - $REG_L $s8,$FRAMESIZE-6*$SZREG($sp) - $REG_L $s7,$FRAMESIZE-7*$SZREG($sp) - $REG_L $s6,$FRAMESIZE-8*$SZREG($sp) - $REG_L $s5,$FRAMESIZE-9*$SZREG($sp) - $REG_L $s4,$FRAMESIZE-10*$SZREG($sp) -___ -$code.=<<___ if ($flavour =~ /nubi/i); - $REG_L $s3,$FRAMESIZE-11*$SZREG($sp) - $REG_L $s2,$FRAMESIZE-12*$SZREG($sp) - $REG_L $s1,$FRAMESIZE-13*$SZREG($sp) - $REG_L $s0,$FRAMESIZE-14*$SZREG($sp) - $REG_L $gp,$FRAMESIZE-15*$SZREG($sp) -___ -$code.=<<___; - jr $ra - $PTR_ADD $sp,$FRAMESIZE -.end sha${label}_block_data_order - -.rdata -.align 5 -K${label}: -___ -if ($SZ==4) { -$code.=<<___; - .word 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5 - .word 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5 - .word 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3 - .word 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174 - .word 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc - .word 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da - .word 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7 - .word 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967 - .word 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13 - .word 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85 - .word 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3 - .word 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070 - .word 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5 - .word 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3 - .word 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208 - .word 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 -___ -} else { -$code.=<<___; - .dword 0x428a2f98d728ae22, 0x7137449123ef65cd - .dword 0xb5c0fbcfec4d3b2f, 0xe9b5dba58189dbbc - .dword 0x3956c25bf348b538, 0x59f111f1b605d019 - .dword 0x923f82a4af194f9b, 0xab1c5ed5da6d8118 - .dword 0xd807aa98a3030242, 0x12835b0145706fbe - .dword 0x243185be4ee4b28c, 0x550c7dc3d5ffb4e2 - .dword 0x72be5d74f27b896f, 0x80deb1fe3b1696b1 - .dword 0x9bdc06a725c71235, 0xc19bf174cf692694 - .dword 0xe49b69c19ef14ad2, 0xefbe4786384f25e3 - .dword 0x0fc19dc68b8cd5b5, 0x240ca1cc77ac9c65 - .dword 0x2de92c6f592b0275, 0x4a7484aa6ea6e483 - .dword 0x5cb0a9dcbd41fbd4, 0x76f988da831153b5 - .dword 0x983e5152ee66dfab, 0xa831c66d2db43210 - .dword 0xb00327c898fb213f, 0xbf597fc7beef0ee4 - .dword 0xc6e00bf33da88fc2, 0xd5a79147930aa725 - .dword 0x06ca6351e003826f, 0x142929670a0e6e70 - .dword 0x27b70a8546d22ffc, 0x2e1b21385c26c926 - .dword 0x4d2c6dfc5ac42aed, 0x53380d139d95b3df - .dword 0x650a73548baf63de, 0x766a0abb3c77b2a8 - .dword 0x81c2c92e47edaee6, 0x92722c851482353b - .dword 0xa2bfe8a14cf10364, 0xa81a664bbc423001 - .dword 0xc24b8b70d0f89791, 0xc76c51a30654be30 - .dword 0xd192e819d6ef5218, 0xd69906245565a910 - .dword 0xf40e35855771202a, 0x106aa07032bbd1b8 - .dword 0x19a4c116b8d2d0c8, 0x1e376c085141ab53 - .dword 0x2748774cdf8eeb99, 0x34b0bcb5e19b48a8 - .dword 0x391c0cb3c5c95a63, 0x4ed8aa4ae3418acb - .dword 0x5b9cca4f7763e373, 0x682e6ff3d6b2b8a3 - .dword 0x748f82ee5defb2fc, 0x78a5636f43172f60 - .dword 0x84c87814a1f0ab72, 0x8cc702081a6439ec - .dword 0x90befffa23631e28, 0xa4506cebde82bde9 - .dword 0xbef9a3f7b2c67915, 0xc67178f2e372532b - .dword 0xca273eceea26619c, 0xd186b8c721c0c207 - .dword 0xeada7dd6cde0eb1e, 0xf57d4f7fee6ed178 - .dword 0x06f067aa72176fba, 0x0a637dc5a2c898a6 - .dword 0x113f9804bef90dae, 0x1b710b35131c471b - .dword 0x28db77f523047d84, 0x32caab7b40c72493 - .dword 0x3c9ebe0a15c9bebc, 0x431d67c49c100d4c - .dword 0x4cc5d4becb3e42b6, 0x597f299cfc657e2a - .dword 0x5fcb6fab3ad6faec, 0x6c44198c4a475817 -___ -} -$code.=<<___; -.asciiz "SHA${label} for MIPS, CRYPTOGAMS by " -.align 5 - -___ - -$code =~ s/\`([^\`]*)\`/eval $1/gem; -print $code; -close STDOUT; diff --git a/src/lib/libcrypto/sha/asm/sha512-parisc.pl b/src/lib/libcrypto/sha/asm/sha512-parisc.pl deleted file mode 100755 index 42832e29f1..0000000000 --- a/src/lib/libcrypto/sha/asm/sha512-parisc.pl +++ /dev/null @@ -1,801 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# SHA256/512 block procedure for PA-RISC. - -# June 2009. -# -# SHA256 performance is >75% better than gcc 3.2 generated code on -# PA-7100LC. Compared to code generated by vendor compiler this -# implementation is almost 70% faster in 64-bit build, but delivers -# virtually same performance in 32-bit build on PA-8600. -# -# SHA512 performance is >2.9x better than gcc 3.2 generated code on -# PA-7100LC, PA-RISC 1.1 processor. Then implementation detects if the -# code is executed on PA-RISC 2.0 processor and switches to 64-bit -# code path delivering adequate performance even in "blended" 32-bit -# build. Though 64-bit code is not any faster than code generated by -# vendor compiler on PA-8600... -# -# Special thanks to polarhome.com for providing HP-UX account. - -$flavour = shift; -$output = shift; -open STDOUT,">$output"; - -if ($flavour =~ /64/) { - $LEVEL ="2.0W"; - $SIZE_T =8; - $FRAME_MARKER =80; - $SAVED_RP =16; - $PUSH ="std"; - $PUSHMA ="std,ma"; - $POP ="ldd"; - $POPMB ="ldd,mb"; -} else { - $LEVEL ="1.0"; - $SIZE_T =4; - $FRAME_MARKER =48; - $SAVED_RP =20; - $PUSH ="stw"; - $PUSHMA ="stwm"; - $POP ="ldw"; - $POPMB ="ldwm"; -} - -if ($output =~ /512/) { - $func="sha512_block_data_order"; - $SZ=8; - @Sigma0=(28,34,39); - @Sigma1=(14,18,41); - @sigma0=(1, 8, 7); - @sigma1=(19,61, 6); - $rounds=80; - $LAST10BITS=0x017; - $LD="ldd"; - $LDM="ldd,ma"; - $ST="std"; -} else { - $func="sha256_block_data_order"; - $SZ=4; - @Sigma0=( 2,13,22); - @Sigma1=( 6,11,25); - @sigma0=( 7,18, 3); - @sigma1=(17,19,10); - $rounds=64; - $LAST10BITS=0x0f2; - $LD="ldw"; - $LDM="ldwm"; - $ST="stw"; -} - -$FRAME=16*$SIZE_T+$FRAME_MARKER;# 16 saved regs + frame marker - # [+ argument transfer] -$XOFF=16*$SZ+32; # local variables -$FRAME+=$XOFF; -$XOFF+=$FRAME_MARKER; # distance between %sp and local variables - -$ctx="%r26"; # zapped by $a0 -$inp="%r25"; # zapped by $a1 -$num="%r24"; # zapped by $t0 - -$a0 ="%r26"; -$a1 ="%r25"; -$t0 ="%r24"; -$t1 ="%r29"; -$Tbl="%r31"; - -@V=($A,$B,$C,$D,$E,$F,$G,$H)=("%r17","%r18","%r19","%r20","%r21","%r22","%r23","%r28"); - -@X=("%r1", "%r2", "%r3", "%r4", "%r5", "%r6", "%r7", "%r8", - "%r9", "%r10","%r11","%r12","%r13","%r14","%r15","%r16",$inp); - -sub ROUND_00_15 { -my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_; -$code.=<<___; - _ror $e,$Sigma1[0],$a0 - and $f,$e,$t0 - _ror $e,$Sigma1[1],$a1 - addl $t1,$h,$h - andcm $g,$e,$t1 - xor $a1,$a0,$a0 - _ror $a1,`$Sigma1[2]-$Sigma1[1]`,$a1 - or $t0,$t1,$t1 ; Ch(e,f,g) - addl @X[$i%16],$h,$h - xor $a0,$a1,$a1 ; Sigma1(e) - addl $t1,$h,$h - _ror $a,$Sigma0[0],$a0 - addl $a1,$h,$h - - _ror $a,$Sigma0[1],$a1 - and $a,$b,$t0 - and $a,$c,$t1 - xor $a1,$a0,$a0 - _ror $a1,`$Sigma0[2]-$Sigma0[1]`,$a1 - xor $t1,$t0,$t0 - and $b,$c,$t1 - xor $a0,$a1,$a1 ; Sigma0(a) - addl $h,$d,$d - xor $t1,$t0,$t0 ; Maj(a,b,c) - `"$LDM $SZ($Tbl),$t1" if ($i<15)` - addl $a1,$h,$h - addl $t0,$h,$h - -___ -} - -sub ROUND_16_xx { -my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_; -$i-=16; -$code.=<<___; - _ror @X[($i+1)%16],$sigma0[0],$a0 - _ror @X[($i+1)%16],$sigma0[1],$a1 - addl @X[($i+9)%16],@X[$i],@X[$i] - _ror @X[($i+14)%16],$sigma1[0],$t0 - _ror @X[($i+14)%16],$sigma1[1],$t1 - xor $a1,$a0,$a0 - _shr @X[($i+1)%16],$sigma0[2],$a1 - xor $t1,$t0,$t0 - _shr @X[($i+14)%16],$sigma1[2],$t1 - xor $a1,$a0,$a0 ; sigma0(X[(i+1)&0x0f]) - xor $t1,$t0,$t0 ; sigma1(X[(i+14)&0x0f]) - $LDM $SZ($Tbl),$t1 - addl $a0,@X[$i],@X[$i] - addl $t0,@X[$i],@X[$i] -___ -$code.=<<___ if ($i==15); - extru $t1,31,10,$a1 - comiclr,<> $LAST10BITS,$a1,%r0 - ldo 1($Tbl),$Tbl ; signal end of $Tbl -___ -&ROUND_00_15($i+16,$a,$b,$c,$d,$e,$f,$g,$h); -} - -$code=<<___; - .LEVEL $LEVEL - .text - - .section .rodata - .ALIGN 64 -L\$table -___ -$code.=<<___ if ($SZ==8); - .WORD 0x428a2f98,0xd728ae22,0x71374491,0x23ef65cd - .WORD 0xb5c0fbcf,0xec4d3b2f,0xe9b5dba5,0x8189dbbc - .WORD 0x3956c25b,0xf348b538,0x59f111f1,0xb605d019 - .WORD 0x923f82a4,0xaf194f9b,0xab1c5ed5,0xda6d8118 - .WORD 0xd807aa98,0xa3030242,0x12835b01,0x45706fbe - .WORD 0x243185be,0x4ee4b28c,0x550c7dc3,0xd5ffb4e2 - .WORD 0x72be5d74,0xf27b896f,0x80deb1fe,0x3b1696b1 - .WORD 0x9bdc06a7,0x25c71235,0xc19bf174,0xcf692694 - .WORD 0xe49b69c1,0x9ef14ad2,0xefbe4786,0x384f25e3 - .WORD 0x0fc19dc6,0x8b8cd5b5,0x240ca1cc,0x77ac9c65 - .WORD 0x2de92c6f,0x592b0275,0x4a7484aa,0x6ea6e483 - .WORD 0x5cb0a9dc,0xbd41fbd4,0x76f988da,0x831153b5 - .WORD 0x983e5152,0xee66dfab,0xa831c66d,0x2db43210 - .WORD 0xb00327c8,0x98fb213f,0xbf597fc7,0xbeef0ee4 - .WORD 0xc6e00bf3,0x3da88fc2,0xd5a79147,0x930aa725 - .WORD 0x06ca6351,0xe003826f,0x14292967,0x0a0e6e70 - .WORD 0x27b70a85,0x46d22ffc,0x2e1b2138,0x5c26c926 - .WORD 0x4d2c6dfc,0x5ac42aed,0x53380d13,0x9d95b3df - .WORD 0x650a7354,0x8baf63de,0x766a0abb,0x3c77b2a8 - .WORD 0x81c2c92e,0x47edaee6,0x92722c85,0x1482353b - .WORD 0xa2bfe8a1,0x4cf10364,0xa81a664b,0xbc423001 - .WORD 0xc24b8b70,0xd0f89791,0xc76c51a3,0x0654be30 - .WORD 0xd192e819,0xd6ef5218,0xd6990624,0x5565a910 - .WORD 0xf40e3585,0x5771202a,0x106aa070,0x32bbd1b8 - .WORD 0x19a4c116,0xb8d2d0c8,0x1e376c08,0x5141ab53 - .WORD 0x2748774c,0xdf8eeb99,0x34b0bcb5,0xe19b48a8 - .WORD 0x391c0cb3,0xc5c95a63,0x4ed8aa4a,0xe3418acb - .WORD 0x5b9cca4f,0x7763e373,0x682e6ff3,0xd6b2b8a3 - .WORD 0x748f82ee,0x5defb2fc,0x78a5636f,0x43172f60 - .WORD 0x84c87814,0xa1f0ab72,0x8cc70208,0x1a6439ec - .WORD 0x90befffa,0x23631e28,0xa4506ceb,0xde82bde9 - .WORD 0xbef9a3f7,0xb2c67915,0xc67178f2,0xe372532b - .WORD 0xca273ece,0xea26619c,0xd186b8c7,0x21c0c207 - .WORD 0xeada7dd6,0xcde0eb1e,0xf57d4f7f,0xee6ed178 - .WORD 0x06f067aa,0x72176fba,0x0a637dc5,0xa2c898a6 - .WORD 0x113f9804,0xbef90dae,0x1b710b35,0x131c471b - .WORD 0x28db77f5,0x23047d84,0x32caab7b,0x40c72493 - .WORD 0x3c9ebe0a,0x15c9bebc,0x431d67c4,0x9c100d4c - .WORD 0x4cc5d4be,0xcb3e42b6,0x597f299c,0xfc657e2a - .WORD 0x5fcb6fab,0x3ad6faec,0x6c44198c,0x4a475817 -___ -$code.=<<___ if ($SZ==4); - .WORD 0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5 - .WORD 0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5 - .WORD 0xd807aa98,0x12835b01,0x243185be,0x550c7dc3 - .WORD 0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174 - .WORD 0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc - .WORD 0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da - .WORD 0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7 - .WORD 0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967 - .WORD 0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13 - .WORD 0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85 - .WORD 0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3 - .WORD 0xd192e819,0xd6990624,0xf40e3585,0x106aa070 - .WORD 0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5 - .WORD 0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3 - .WORD 0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208 - .WORD 0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2 -___ -$code.=<<___; - .previous - - .EXPORT $func,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR - .ALIGN 64 -$func - .PROC - .CALLINFO FRAME=`$FRAME-16*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=18 - .ENTRY - $PUSH %r2,-$SAVED_RP(%sp) ; standard prologue - $PUSHMA %r3,$FRAME(%sp) - $PUSH %r4,`-$FRAME+1*$SIZE_T`(%sp) - $PUSH %r5,`-$FRAME+2*$SIZE_T`(%sp) - $PUSH %r6,`-$FRAME+3*$SIZE_T`(%sp) - $PUSH %r7,`-$FRAME+4*$SIZE_T`(%sp) - $PUSH %r8,`-$FRAME+5*$SIZE_T`(%sp) - $PUSH %r9,`-$FRAME+6*$SIZE_T`(%sp) - $PUSH %r10,`-$FRAME+7*$SIZE_T`(%sp) - $PUSH %r11,`-$FRAME+8*$SIZE_T`(%sp) - $PUSH %r12,`-$FRAME+9*$SIZE_T`(%sp) - $PUSH %r13,`-$FRAME+10*$SIZE_T`(%sp) - $PUSH %r14,`-$FRAME+11*$SIZE_T`(%sp) - $PUSH %r15,`-$FRAME+12*$SIZE_T`(%sp) - $PUSH %r16,`-$FRAME+13*$SIZE_T`(%sp) - $PUSH %r17,`-$FRAME+14*$SIZE_T`(%sp) - $PUSH %r18,`-$FRAME+15*$SIZE_T`(%sp) - - _shl $num,`log(16*$SZ)/log(2)`,$num - addl $inp,$num,$num ; $num to point at the end of $inp - - $PUSH $num,`-$FRAME_MARKER-4*$SIZE_T`(%sp) ; save arguments - $PUSH $inp,`-$FRAME_MARKER-3*$SIZE_T`(%sp) - $PUSH $ctx,`-$FRAME_MARKER-2*$SIZE_T`(%sp) - -#ifdef __PIC__ - addil LT'L\$table, %r19 - ldw RT'L\$table(%r1), $Tbl -#else - ldil L'L\$table, %t1 - ldo R'L\$table(%t1), $Tbl -#endif -___ -$code.=<<___ if ($SZ==8 && $SIZE_T==4); -#ifndef __OpenBSD__ -___ -$code.=<<___ if ($SZ==8 && $SIZE_T==4); - ldi 31,$t1 - mtctl $t1,%cr11 - extrd,u,*= $t1,%sar,1,$t1 ; executes on PA-RISC 1.0 - b L\$parisc1 - nop -___ -$code.=<<___; - $LD `0*$SZ`($ctx),$A ; load context - $LD `1*$SZ`($ctx),$B - $LD `2*$SZ`($ctx),$C - $LD `3*$SZ`($ctx),$D - $LD `4*$SZ`($ctx),$E - $LD `5*$SZ`($ctx),$F - $LD `6*$SZ`($ctx),$G - $LD `7*$SZ`($ctx),$H - - extru $inp,31,`log($SZ)/log(2)`,$t0 - sh3addl $t0,%r0,$t0 - subi `8*$SZ`,$t0,$t0 - mtctl $t0,%cr11 ; load %sar with align factor - -L\$oop - ldi `$SZ-1`,$t0 - $LDM $SZ($Tbl),$t1 - andcm $inp,$t0,$t0 ; align $inp -___ - for ($i=0;$i<15;$i++) { # load input block - $code.="\t$LD `$SZ*$i`($t0),@X[$i]\n"; } -$code.=<<___; - cmpb,*= $inp,$t0,L\$aligned - $LD `$SZ*15`($t0),@X[15] - $LD `$SZ*16`($t0),@X[16] -___ - for ($i=0;$i<16;$i++) { # align data - $code.="\t_align @X[$i],@X[$i+1],@X[$i]\n"; } -$code.=<<___; -L\$aligned - nop ; otherwise /usr/ccs/bin/as is confused by below .WORD -___ - -for($i=0;$i<16;$i++) { &ROUND_00_15($i,@V); unshift(@V,pop(@V)); } -$code.=<<___; -L\$rounds - nop ; otherwise /usr/ccs/bin/as is confused by below .WORD -___ -for(;$i<32;$i++) { &ROUND_16_xx($i,@V); unshift(@V,pop(@V)); } -$code.=<<___; - bb,>= $Tbl,31,L\$rounds ; end of $Tbl signalled? - nop - - $POP `-$FRAME_MARKER-2*$SIZE_T`(%sp),$ctx ; restore arguments - $POP `-$FRAME_MARKER-3*$SIZE_T`(%sp),$inp - $POP `-$FRAME_MARKER-4*$SIZE_T`(%sp),$num - ldo `-$rounds*$SZ-1`($Tbl),$Tbl ; rewind $Tbl - - $LD `0*$SZ`($ctx),@X[0] ; load context - $LD `1*$SZ`($ctx),@X[1] - $LD `2*$SZ`($ctx),@X[2] - $LD `3*$SZ`($ctx),@X[3] - $LD `4*$SZ`($ctx),@X[4] - $LD `5*$SZ`($ctx),@X[5] - addl @X[0],$A,$A - $LD `6*$SZ`($ctx),@X[6] - addl @X[1],$B,$B - $LD `7*$SZ`($ctx),@X[7] - ldo `16*$SZ`($inp),$inp ; advance $inp - - $ST $A,`0*$SZ`($ctx) ; save context - addl @X[2],$C,$C - $ST $B,`1*$SZ`($ctx) - addl @X[3],$D,$D - $ST $C,`2*$SZ`($ctx) - addl @X[4],$E,$E - $ST $D,`3*$SZ`($ctx) - addl @X[5],$F,$F - $ST $E,`4*$SZ`($ctx) - addl @X[6],$G,$G - $ST $F,`5*$SZ`($ctx) - addl @X[7],$H,$H - $ST $G,`6*$SZ`($ctx) - $ST $H,`7*$SZ`($ctx) - - cmpb,*<>,n $inp,$num,L\$oop - $PUSH $inp,`-$FRAME_MARKER-3*$SIZE_T`(%sp) ; save $inp -___ -if ($SZ==8 && $SIZE_T==4) # SHA512 for 32-bit PA-RISC 1.0 -{{ -$code.=<<___; - b L\$done - nop - - .ALIGN 64 -L\$parisc1 -___ -$code.=<<___ if ($SZ==8 && $SIZE_T==4); -#endif -___ - -@V=( $Ahi, $Alo, $Bhi, $Blo, $Chi, $Clo, $Dhi, $Dlo, - $Ehi, $Elo, $Fhi, $Flo, $Ghi, $Glo, $Hhi, $Hlo) = - ( "%r1", "%r2", "%r3", "%r4", "%r5", "%r6", "%r7", "%r8", - "%r9","%r10","%r11","%r12","%r13","%r14","%r15","%r16"); -$a0 ="%r17"; -$a1 ="%r18"; -$a2 ="%r19"; -$a3 ="%r20"; -$t0 ="%r21"; -$t1 ="%r22"; -$t2 ="%r28"; -$t3 ="%r29"; -$Tbl="%r31"; - -@X=("%r23","%r24","%r25","%r26"); # zaps $num,$inp,$ctx - -sub ROUND_00_15_pa1 { -my ($i,$ahi,$alo,$bhi,$blo,$chi,$clo,$dhi,$dlo, - $ehi,$elo,$fhi,$flo,$ghi,$glo,$hhi,$hlo,$flag)=@_; -my ($Xhi,$Xlo,$Xnhi,$Xnlo) = @X; - -$code.=<<___ if (!$flag); - ldw `-$XOFF+8*(($i+1)%16)`(%sp),$Xnhi - ldw `-$XOFF+8*(($i+1)%16)+4`(%sp),$Xnlo ; load X[i+1] -___ -$code.=<<___; - shd $ehi,$elo,$Sigma1[0],$t0 - add $Xlo,$hlo,$hlo - shd $elo,$ehi,$Sigma1[0],$t1 - addc $Xhi,$hhi,$hhi ; h += X[i] - shd $ehi,$elo,$Sigma1[1],$t2 - ldwm 8($Tbl),$Xhi - shd $elo,$ehi,$Sigma1[1],$t3 - ldw -4($Tbl),$Xlo ; load K[i] - xor $t2,$t0,$t0 - xor $t3,$t1,$t1 - and $flo,$elo,$a0 - and $fhi,$ehi,$a1 - shd $ehi,$elo,$Sigma1[2],$t2 - andcm $glo,$elo,$a2 - shd $elo,$ehi,$Sigma1[2],$t3 - andcm $ghi,$ehi,$a3 - xor $t2,$t0,$t0 - xor $t3,$t1,$t1 ; Sigma1(e) - add $Xlo,$hlo,$hlo - xor $a2,$a0,$a0 - addc $Xhi,$hhi,$hhi ; h += K[i] - xor $a3,$a1,$a1 ; Ch(e,f,g) - - add $t0,$hlo,$hlo - shd $ahi,$alo,$Sigma0[0],$t0 - addc $t1,$hhi,$hhi ; h += Sigma1(e) - shd $alo,$ahi,$Sigma0[0],$t1 - add $a0,$hlo,$hlo - shd $ahi,$alo,$Sigma0[1],$t2 - addc $a1,$hhi,$hhi ; h += Ch(e,f,g) - shd $alo,$ahi,$Sigma0[1],$t3 - - xor $t2,$t0,$t0 - xor $t3,$t1,$t1 - shd $ahi,$alo,$Sigma0[2],$t2 - and $alo,$blo,$a0 - shd $alo,$ahi,$Sigma0[2],$t3 - and $ahi,$bhi,$a1 - xor $t2,$t0,$t0 - xor $t3,$t1,$t1 ; Sigma0(a) - - and $alo,$clo,$a2 - and $ahi,$chi,$a3 - xor $a2,$a0,$a0 - add $hlo,$dlo,$dlo - xor $a3,$a1,$a1 - addc $hhi,$dhi,$dhi ; d += h - and $blo,$clo,$a2 - add $t0,$hlo,$hlo - and $bhi,$chi,$a3 - addc $t1,$hhi,$hhi ; h += Sigma0(a) - xor $a2,$a0,$a0 - add $a0,$hlo,$hlo - xor $a3,$a1,$a1 ; Maj(a,b,c) - addc $a1,$hhi,$hhi ; h += Maj(a,b,c) - -___ -$code.=<<___ if ($i==15 && $flag); - extru $Xlo,31,10,$Xlo - comiclr,= $LAST10BITS,$Xlo,%r0 - b L\$rounds_pa1 - nop -___ -push(@X,shift(@X)); push(@X,shift(@X)); -} - -sub ROUND_16_xx_pa1 { -my ($Xhi,$Xlo,$Xnhi,$Xnlo) = @X; -my ($i)=shift; -$i-=16; -$code.=<<___; - ldw `-$XOFF+8*(($i+1)%16)`(%sp),$Xnhi - ldw `-$XOFF+8*(($i+1)%16)+4`(%sp),$Xnlo ; load X[i+1] - ldw `-$XOFF+8*(($i+9)%16)`(%sp),$a1 - ldw `-$XOFF+8*(($i+9)%16)+4`(%sp),$a0 ; load X[i+9] - ldw `-$XOFF+8*(($i+14)%16)`(%sp),$a3 - ldw `-$XOFF+8*(($i+14)%16)+4`(%sp),$a2 ; load X[i+14] - shd $Xnhi,$Xnlo,$sigma0[0],$t0 - shd $Xnlo,$Xnhi,$sigma0[0],$t1 - add $a0,$Xlo,$Xlo - shd $Xnhi,$Xnlo,$sigma0[1],$t2 - addc $a1,$Xhi,$Xhi - shd $Xnlo,$Xnhi,$sigma0[1],$t3 - xor $t2,$t0,$t0 - shd $Xnhi,$Xnlo,$sigma0[2],$t2 - xor $t3,$t1,$t1 - extru $Xnhi,`31-$sigma0[2]`,`32-$sigma0[2]`,$t3 - xor $t2,$t0,$t0 - shd $a3,$a2,$sigma1[0],$a0 - xor $t3,$t1,$t1 ; sigma0(X[i+1)&0x0f]) - shd $a2,$a3,$sigma1[0],$a1 - add $t0,$Xlo,$Xlo - shd $a3,$a2,$sigma1[1],$t2 - addc $t1,$Xhi,$Xhi - shd $a2,$a3,$sigma1[1],$t3 - xor $t2,$a0,$a0 - shd $a3,$a2,$sigma1[2],$t2 - xor $t3,$a1,$a1 - extru $a3,`31-$sigma1[2]`,`32-$sigma1[2]`,$t3 - xor $t2,$a0,$a0 - xor $t3,$a1,$a1 ; sigma0(X[i+14)&0x0f]) - add $a0,$Xlo,$Xlo - addc $a1,$Xhi,$Xhi - - stw $Xhi,`-$XOFF+8*($i%16)`(%sp) - stw $Xlo,`-$XOFF+8*($i%16)+4`(%sp) -___ -&ROUND_00_15_pa1($i,@_,1); -} -$code.=<<___; - ldw `0*4`($ctx),$Ahi ; load context - ldw `1*4`($ctx),$Alo - ldw `2*4`($ctx),$Bhi - ldw `3*4`($ctx),$Blo - ldw `4*4`($ctx),$Chi - ldw `5*4`($ctx),$Clo - ldw `6*4`($ctx),$Dhi - ldw `7*4`($ctx),$Dlo - ldw `8*4`($ctx),$Ehi - ldw `9*4`($ctx),$Elo - ldw `10*4`($ctx),$Fhi - ldw `11*4`($ctx),$Flo - ldw `12*4`($ctx),$Ghi - ldw `13*4`($ctx),$Glo - ldw `14*4`($ctx),$Hhi - ldw `15*4`($ctx),$Hlo - - extru $inp,31,2,$t0 - sh3addl $t0,%r0,$t0 - subi 32,$t0,$t0 - mtctl $t0,%cr11 ; load %sar with align factor - -L\$oop_pa1 - extru $inp,31,2,$a3 - comib,= 0,$a3,L\$aligned_pa1 - sub $inp,$a3,$inp - - ldw `0*4`($inp),$X[0] - ldw `1*4`($inp),$X[1] - ldw `2*4`($inp),$t2 - ldw `3*4`($inp),$t3 - ldw `4*4`($inp),$a0 - ldw `5*4`($inp),$a1 - ldw `6*4`($inp),$a2 - ldw `7*4`($inp),$a3 - vshd $X[0],$X[1],$X[0] - vshd $X[1],$t2,$X[1] - stw $X[0],`-$XOFF+0*4`(%sp) - ldw `8*4`($inp),$t0 - vshd $t2,$t3,$t2 - stw $X[1],`-$XOFF+1*4`(%sp) - ldw `9*4`($inp),$t1 - vshd $t3,$a0,$t3 -___ -{ -my @t=($t2,$t3,$a0,$a1,$a2,$a3,$t0,$t1); -for ($i=2;$i<=(128/4-8);$i++) { -$code.=<<___; - stw $t[0],`-$XOFF+$i*4`(%sp) - ldw `(8+$i)*4`($inp),$t[0] - vshd $t[1],$t[2],$t[1] -___ -push(@t,shift(@t)); -} -for (;$i<(128/4-1);$i++) { -$code.=<<___; - stw $t[0],`-$XOFF+$i*4`(%sp) - vshd $t[1],$t[2],$t[1] -___ -push(@t,shift(@t)); -} -$code.=<<___; - b L\$collected_pa1 - stw $t[0],`-$XOFF+$i*4`(%sp) - -___ -} -$code.=<<___; -L\$aligned_pa1 - ldw `0*4`($inp),$X[0] - ldw `1*4`($inp),$X[1] - ldw `2*4`($inp),$t2 - ldw `3*4`($inp),$t3 - ldw `4*4`($inp),$a0 - ldw `5*4`($inp),$a1 - ldw `6*4`($inp),$a2 - ldw `7*4`($inp),$a3 - stw $X[0],`-$XOFF+0*4`(%sp) - ldw `8*4`($inp),$t0 - stw $X[1],`-$XOFF+1*4`(%sp) - ldw `9*4`($inp),$t1 -___ -{ -my @t=($t2,$t3,$a0,$a1,$a2,$a3,$t0,$t1); -for ($i=2;$i<(128/4-8);$i++) { -$code.=<<___; - stw $t[0],`-$XOFF+$i*4`(%sp) - ldw `(8+$i)*4`($inp),$t[0] -___ -push(@t,shift(@t)); -} -for (;$i<128/4;$i++) { -$code.=<<___; - stw $t[0],`-$XOFF+$i*4`(%sp) -___ -push(@t,shift(@t)); -} -$code.="L\$collected_pa1\n"; -} - -for($i=0;$i<16;$i++) { &ROUND_00_15_pa1($i,@V); unshift(@V,pop(@V)); unshift(@V,pop(@V)); } -$code.="L\$rounds_pa1\n"; -for(;$i<32;$i++) { &ROUND_16_xx_pa1($i,@V); unshift(@V,pop(@V)); unshift(@V,pop(@V)); } - -$code.=<<___; - $POP `-$FRAME_MARKER-2*$SIZE_T`(%sp),$ctx ; restore arguments - $POP `-$FRAME_MARKER-3*$SIZE_T`(%sp),$inp - $POP `-$FRAME_MARKER-4*$SIZE_T`(%sp),$num - ldo `-$rounds*$SZ`($Tbl),$Tbl ; rewind $Tbl - - ldw `0*4`($ctx),$t1 ; update context - ldw `1*4`($ctx),$t0 - ldw `2*4`($ctx),$t3 - ldw `3*4`($ctx),$t2 - ldw `4*4`($ctx),$a1 - ldw `5*4`($ctx),$a0 - ldw `6*4`($ctx),$a3 - add $t0,$Alo,$Alo - ldw `7*4`($ctx),$a2 - addc $t1,$Ahi,$Ahi - ldw `8*4`($ctx),$t1 - add $t2,$Blo,$Blo - ldw `9*4`($ctx),$t0 - addc $t3,$Bhi,$Bhi - ldw `10*4`($ctx),$t3 - add $a0,$Clo,$Clo - ldw `11*4`($ctx),$t2 - addc $a1,$Chi,$Chi - ldw `12*4`($ctx),$a1 - add $a2,$Dlo,$Dlo - ldw `13*4`($ctx),$a0 - addc $a3,$Dhi,$Dhi - ldw `14*4`($ctx),$a3 - add $t0,$Elo,$Elo - ldw `15*4`($ctx),$a2 - addc $t1,$Ehi,$Ehi - stw $Ahi,`0*4`($ctx) - add $t2,$Flo,$Flo - stw $Alo,`1*4`($ctx) - addc $t3,$Fhi,$Fhi - stw $Bhi,`2*4`($ctx) - add $a0,$Glo,$Glo - stw $Blo,`3*4`($ctx) - addc $a1,$Ghi,$Ghi - stw $Chi,`4*4`($ctx) - add $a2,$Hlo,$Hlo - stw $Clo,`5*4`($ctx) - addc $a3,$Hhi,$Hhi - stw $Dhi,`6*4`($ctx) - ldo `16*$SZ`($inp),$inp ; advance $inp - stw $Dlo,`7*4`($ctx) - stw $Ehi,`8*4`($ctx) - stw $Elo,`9*4`($ctx) - stw $Fhi,`10*4`($ctx) - stw $Flo,`11*4`($ctx) - stw $Ghi,`12*4`($ctx) - stw $Glo,`13*4`($ctx) - stw $Hhi,`14*4`($ctx) - comb,= $inp,$num,L\$done - stw $Hlo,`15*4`($ctx) - b L\$oop_pa1 - $PUSH $inp,`-$FRAME_MARKER-3*$SIZE_T`(%sp) ; save $inp -L\$done -___ -}} -$code.=<<___; - $POP `-$FRAME-$SAVED_RP`(%sp),%r2 ; standard epilogue - $POP `-$FRAME+1*$SIZE_T`(%sp),%r4 - $POP `-$FRAME+2*$SIZE_T`(%sp),%r5 - $POP `-$FRAME+3*$SIZE_T`(%sp),%r6 - $POP `-$FRAME+4*$SIZE_T`(%sp),%r7 - $POP `-$FRAME+5*$SIZE_T`(%sp),%r8 - $POP `-$FRAME+6*$SIZE_T`(%sp),%r9 - $POP `-$FRAME+7*$SIZE_T`(%sp),%r10 - $POP `-$FRAME+8*$SIZE_T`(%sp),%r11 - $POP `-$FRAME+9*$SIZE_T`(%sp),%r12 - $POP `-$FRAME+10*$SIZE_T`(%sp),%r13 - $POP `-$FRAME+11*$SIZE_T`(%sp),%r14 - $POP `-$FRAME+12*$SIZE_T`(%sp),%r15 - $POP `-$FRAME+13*$SIZE_T`(%sp),%r16 - $POP `-$FRAME+14*$SIZE_T`(%sp),%r17 - $POP `-$FRAME+15*$SIZE_T`(%sp),%r18 - bv (%r2) - .EXIT - $POPMB -$FRAME(%sp),%r3 - .PROCEND -___ - -# Explicitly encode PA-RISC 2.0 instructions used in this module, so -# that it can be compiled with .LEVEL 1.0. It should be noted that I -# wouldn't have to do this, if GNU assembler understood .ALLOW 2.0 -# directive... - -my $ldd = sub { - my ($mod,$args) = @_; - my $orig = "ldd$mod\t$args"; - - if ($args =~ /(\-?[0-9]+)\(%r([0-9]+)\),%r([0-9]+)/) # format 3 suffices - { my $opcode=(0x14<<26)|($2<<21)|($3<<16)|(($1&0x1FF8)<<1)|(($1>>13)&1); - $opcode|=(1<<3) if ($mod =~ /^,m/); - $opcode|=(1<<2) if ($mod =~ /^,mb/); - sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig; - } - else { "\t".$orig; } -}; - -my $std = sub { - my ($mod,$args) = @_; - my $orig = "std$mod\t$args"; - - if ($args =~ /%r([0-9]+),(\-?[0-9]+)\(%r([0-9]+)\)/) # format 3 suffices - { my $opcode=(0x1c<<26)|($3<<21)|($1<<16)|(($2&0x1FF8)<<1)|(($2>>13)&1); - sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig; - } - else { "\t".$orig; } -}; - -my $extrd = sub { - my ($mod,$args) = @_; - my $orig = "extrd$mod\t$args"; - - # I only have ",u" completer, it's implicitly encoded... - if ($args =~ /%r([0-9]+),([0-9]+),([0-9]+),%r([0-9]+)/) # format 15 - { my $opcode=(0x36<<26)|($1<<21)|($4<<16); - my $len=32-$3; - $opcode |= (($2&0x20)<<6)|(($2&0x1f)<<5); # encode pos - $opcode |= (($len&0x20)<<7)|($len&0x1f); # encode len - sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig; - } - elsif ($args =~ /%r([0-9]+),%sar,([0-9]+),%r([0-9]+)/) # format 12 - { my $opcode=(0x34<<26)|($1<<21)|($3<<16)|(2<<11)|(1<<9); - my $len=32-$2; - $opcode |= (($len&0x20)<<3)|($len&0x1f); # encode len - $opcode |= (1<<13) if ($mod =~ /,\**=/); - sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig; - } - else { "\t".$orig; } -}; - -my $shrpd = sub { - my ($mod,$args) = @_; - my $orig = "shrpd$mod\t$args"; - - if ($args =~ /%r([0-9]+),%r([0-9]+),([0-9]+),%r([0-9]+)/) # format 14 - { my $opcode=(0x34<<26)|($2<<21)|($1<<16)|(1<<10)|$4; - my $cpos=63-$3; - $opcode |= (($cpos&0x20)<<6)|(($cpos&0x1f)<<5); # encode sa - sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig; - } - elsif ($args =~ /%r([0-9]+),%r([0-9]+),%sar,%r([0-9]+)/) # format 11 - { sprintf "\t.WORD\t0x%08x\t; %s", - (0x34<<26)|($2<<21)|($1<<16)|(1<<9)|$3,$orig; - } - else { "\t".$orig; } -}; - -sub assemble { - my ($mnemonic,$mod,$args)=@_; - my $opcode = eval("\$$mnemonic"); - - ref($opcode) eq 'CODE' ? &$opcode($mod,$args) : "\t$mnemonic$mod\t$args"; -} - -foreach (split("\n",$code)) { - s/\`([^\`]*)\`/eval $1/ge; - - s/shd\s+(%r[0-9]+),(%r[0-9]+),([0-9]+)/ - $3>31 ? sprintf("shd\t%$2,%$1,%d",$3-32) # rotation for >=32 - : sprintf("shd\t%$1,%$2,%d",$3)/e or - # translate made up instructons: _ror, _shr, _align, _shl - s/_ror(\s+)(%r[0-9]+),/ - ($SZ==4 ? "shd" : "shrpd")."$1$2,$2,"/e or - - s/_shr(\s+%r[0-9]+),([0-9]+),/ - $SZ==4 ? sprintf("extru%s,%d,%d,",$1,31-$2,32-$2) - : sprintf("extrd,u%s,%d,%d,",$1,63-$2,64-$2)/e or - - s/_align(\s+%r[0-9]+,%r[0-9]+),/ - ($SZ==4 ? "vshd$1," : "shrpd$1,%sar,")/e or - - s/_shl(\s+%r[0-9]+),([0-9]+),/ - $SIZE_T==4 ? sprintf("zdep%s,%d,%d,",$1,31-$2,32-$2) - : sprintf("depd,z%s,%d,%d,",$1,63-$2,64-$2)/e; - - s/^\s+([a-z]+)([\S]*)\s+([\S]*)/&assemble($1,$2,$3)/e if ($SIZE_T==4); - - s/cmpb,\*/comb,/ if ($SIZE_T==4); - - s/\bbv\b/bve/ if ($SIZE_T==8); - - print $_,"\n"; -} - -close STDOUT; diff --git a/src/lib/libcrypto/sha/asm/sha512-ppc.pl b/src/lib/libcrypto/sha/asm/sha512-ppc.pl deleted file mode 100755 index 28bd997cf8..0000000000 --- a/src/lib/libcrypto/sha/asm/sha512-ppc.pl +++ /dev/null @@ -1,444 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# I let hardware handle unaligned input, except on page boundaries -# (see below for details). Otherwise straightforward implementation -# with X vector in register bank. The module is big-endian [which is -# not big deal as there're no little-endian targets left around]. - -# sha256 | sha512 -# -m64 -m32 | -m64 -m32 -# --------------------------------------+----------------------- -# PPC970,gcc-4.0.0 +50% +38% | +40% +410%(*) -# Power6,xlc-7 +150% +90% | +100% +430%(*) -# -# (*) 64-bit code in 32-bit application context, which actually is -# on TODO list. It should be noted that for safe deployment in -# 32-bit *multi-threaded* context asynchronous signals should be -# blocked upon entry to SHA512 block routine. This is because -# 32-bit signaling procedure invalidates upper halves of GPRs. -# Context switch procedure preserves them, but not signaling:-( - -# Second version is true multi-thread safe. Trouble with the original -# version was that it was using thread local storage pointer register. -# Well, it scrupulously preserved it, but the problem would arise the -# moment asynchronous signal was delivered and signal handler would -# dereference the TLS pointer. While it's never the case in openssl -# application or test suite, we have to respect this scenario and not -# use TLS pointer register. Alternative would be to require caller to -# block signals prior calling this routine. For the record, in 32-bit -# context R2 serves as TLS pointer, while in 64-bit context - R13. - -$flavour=shift; -$output =shift; - -if ($flavour =~ /64/) { - $SIZE_T=8; - $LRSAVE=2*$SIZE_T; - $STU="stdu"; - $UCMP="cmpld"; - $SHL="sldi"; - $POP="ld"; - $PUSH="std"; -} elsif ($flavour =~ /32/) { - $SIZE_T=4; - $LRSAVE=$SIZE_T; - $STU="stwu"; - $UCMP="cmplw"; - $SHL="slwi"; - $POP="lwz"; - $PUSH="stw"; -} else { die "nonsense $flavour"; } - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or -( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or -die "can't locate ppc-xlate.pl"; - -open STDOUT,"| $^X $xlate $flavour $output" || die "can't call $xlate: $!"; - -if ($output =~ /512/) { - $func="sha512_block_data_order"; - $SZ=8; - @Sigma0=(28,34,39); - @Sigma1=(14,18,41); - @sigma0=(1, 8, 7); - @sigma1=(19,61, 6); - $rounds=80; - $LD="ld"; - $ST="std"; - $ROR="rotrdi"; - $SHR="srdi"; -} else { - $func="sha256_block_data_order"; - $SZ=4; - @Sigma0=( 2,13,22); - @Sigma1=( 6,11,25); - @sigma0=( 7,18, 3); - @sigma1=(17,19,10); - $rounds=64; - $LD="lwz"; - $ST="stw"; - $ROR="rotrwi"; - $SHR="srwi"; -} - -$FRAME=32*$SIZE_T+16*$SZ; -$LOCALS=6*$SIZE_T; - -$sp ="r1"; -$toc="r2"; -$ctx="r3"; # zapped by $a0 -$inp="r4"; # zapped by $a1 -$num="r5"; # zapped by $t0 - -$T ="r0"; -$a0 ="r3"; -$a1 ="r4"; -$t0 ="r5"; -$t1 ="r6"; -$Tbl="r7"; - -$A ="r8"; -$B ="r9"; -$C ="r10"; -$D ="r11"; -$E ="r12"; -$F ="r13"; $F="r2" if ($SIZE_T==8);# reassigned to exempt TLS pointer -$G ="r14"; -$H ="r15"; - -@V=($A,$B,$C,$D,$E,$F,$G,$H); -@X=("r16","r17","r18","r19","r20","r21","r22","r23", - "r24","r25","r26","r27","r28","r29","r30","r31"); - -$inp="r31"; # reassigned $inp! aliases with @X[15] - -sub ROUND_00_15 { -my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_; -$code.=<<___; - $LD $T,`$i*$SZ`($Tbl) - $ROR $a0,$e,$Sigma1[0] - $ROR $a1,$e,$Sigma1[1] - and $t0,$f,$e - andc $t1,$g,$e - add $T,$T,$h - xor $a0,$a0,$a1 - $ROR $a1,$a1,`$Sigma1[2]-$Sigma1[1]` - or $t0,$t0,$t1 ; Ch(e,f,g) - add $T,$T,@X[$i] - xor $a0,$a0,$a1 ; Sigma1(e) - add $T,$T,$t0 - add $T,$T,$a0 - - $ROR $a0,$a,$Sigma0[0] - $ROR $a1,$a,$Sigma0[1] - and $t0,$a,$b - and $t1,$a,$c - xor $a0,$a0,$a1 - $ROR $a1,$a1,`$Sigma0[2]-$Sigma0[1]` - xor $t0,$t0,$t1 - and $t1,$b,$c - xor $a0,$a0,$a1 ; Sigma0(a) - add $d,$d,$T - xor $t0,$t0,$t1 ; Maj(a,b,c) - add $h,$T,$a0 - add $h,$h,$t0 - -___ -} - -sub ROUND_16_xx { -my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_; -$i-=16; -$code.=<<___; - $ROR $a0,@X[($i+1)%16],$sigma0[0] - $ROR $a1,@X[($i+1)%16],$sigma0[1] - $ROR $t0,@X[($i+14)%16],$sigma1[0] - $ROR $t1,@X[($i+14)%16],$sigma1[1] - xor $a0,$a0,$a1 - $SHR $a1,@X[($i+1)%16],$sigma0[2] - xor $t0,$t0,$t1 - $SHR $t1,@X[($i+14)%16],$sigma1[2] - add @X[$i],@X[$i],@X[($i+9)%16] - xor $a0,$a0,$a1 ; sigma0(X[(i+1)&0x0f]) - xor $t0,$t0,$t1 ; sigma1(X[(i+14)&0x0f]) - add @X[$i],@X[$i],$a0 - add @X[$i],@X[$i],$t0 -___ -&ROUND_00_15($i,$a,$b,$c,$d,$e,$f,$g,$h); -} - -$code=<<___; -.machine "any" -.text - -.globl $func -.align 6 -$func: - $STU $sp,-$FRAME($sp) - mflr r0 - $SHL $num,$num,`log(16*$SZ)/log(2)` - - $PUSH $ctx,`$FRAME-$SIZE_T*22`($sp) - - $PUSH $toc,`$FRAME-$SIZE_T*20`($sp) - $PUSH r13,`$FRAME-$SIZE_T*19`($sp) - $PUSH r14,`$FRAME-$SIZE_T*18`($sp) - $PUSH r15,`$FRAME-$SIZE_T*17`($sp) - $PUSH r16,`$FRAME-$SIZE_T*16`($sp) - $PUSH r17,`$FRAME-$SIZE_T*15`($sp) - $PUSH r18,`$FRAME-$SIZE_T*14`($sp) - $PUSH r19,`$FRAME-$SIZE_T*13`($sp) - $PUSH r20,`$FRAME-$SIZE_T*12`($sp) - $PUSH r21,`$FRAME-$SIZE_T*11`($sp) - $PUSH r22,`$FRAME-$SIZE_T*10`($sp) - $PUSH r23,`$FRAME-$SIZE_T*9`($sp) - $PUSH r24,`$FRAME-$SIZE_T*8`($sp) - $PUSH r25,`$FRAME-$SIZE_T*7`($sp) - $PUSH r26,`$FRAME-$SIZE_T*6`($sp) - $PUSH r27,`$FRAME-$SIZE_T*5`($sp) - $PUSH r28,`$FRAME-$SIZE_T*4`($sp) - $PUSH r29,`$FRAME-$SIZE_T*3`($sp) - $PUSH r30,`$FRAME-$SIZE_T*2`($sp) - $PUSH r31,`$FRAME-$SIZE_T*1`($sp) - $PUSH r0,`$FRAME+$LRSAVE`($sp) - - $LD $A,`0*$SZ`($ctx) - mr $inp,r4 ; incarnate $inp - $LD $B,`1*$SZ`($ctx) - $LD $C,`2*$SZ`($ctx) - $LD $D,`3*$SZ`($ctx) - $LD $E,`4*$SZ`($ctx) - $LD $F,`5*$SZ`($ctx) - $LD $G,`6*$SZ`($ctx) - $LD $H,`7*$SZ`($ctx) - - bcl 20,31,Lpc -Lpc: - mflr $Tbl - addis $Tbl,$Tbl,Ltable-Lpc\@ha - addi $Tbl,$Tbl,Ltable-Lpc\@l - andi. r0,$inp,3 - bne Lunaligned -Laligned: - add $num,$inp,$num - $PUSH $num,`$FRAME-$SIZE_T*24`($sp) ; end pointer - $PUSH $inp,`$FRAME-$SIZE_T*23`($sp) ; inp pointer - bl Lsha2_block_private - b Ldone - -; PowerPC specification allows an implementation to be ill-behaved -; upon unaligned access which crosses page boundary. "Better safe -; than sorry" principle makes me treat it specially. But I don't -; look for particular offending word, but rather for the input -; block which crosses the boundary. Once found that block is aligned -; and hashed separately... -.align 4 -Lunaligned: - subfic $t1,$inp,4096 - andi. $t1,$t1,`4096-16*$SZ` ; distance to closest page boundary - beq Lcross_page - $UCMP $num,$t1 - ble- Laligned ; didn't cross the page boundary - subfc $num,$t1,$num - add $t1,$inp,$t1 - $PUSH $num,`$FRAME-$SIZE_T*25`($sp) ; save real remaining num - $PUSH $t1,`$FRAME-$SIZE_T*24`($sp) ; intermediate end pointer - $PUSH $inp,`$FRAME-$SIZE_T*23`($sp) ; inp pointer - bl Lsha2_block_private - ; $inp equals to the intermediate end pointer here - $POP $num,`$FRAME-$SIZE_T*25`($sp) ; restore real remaining num -Lcross_page: - li $t1,`16*$SZ/4` - mtctr $t1 - addi r20,$sp,$LOCALS ; aligned spot below the frame -Lmemcpy: - lbz r16,0($inp) - lbz r17,1($inp) - lbz r18,2($inp) - lbz r19,3($inp) - addi $inp,$inp,4 - stb r16,0(r20) - stb r17,1(r20) - stb r18,2(r20) - stb r19,3(r20) - addi r20,r20,4 - bdnz Lmemcpy - - $PUSH $inp,`$FRAME-$SIZE_T*26`($sp) ; save real inp - addi $t1,$sp,`$LOCALS+16*$SZ` ; fictitious end pointer - addi $inp,$sp,$LOCALS ; fictitious inp pointer - $PUSH $num,`$FRAME-$SIZE_T*25`($sp) ; save real num - $PUSH $t1,`$FRAME-$SIZE_T*24`($sp) ; end pointer - $PUSH $inp,`$FRAME-$SIZE_T*23`($sp) ; inp pointer - bl Lsha2_block_private - $POP $inp,`$FRAME-$SIZE_T*26`($sp) ; restore real inp - $POP $num,`$FRAME-$SIZE_T*25`($sp) ; restore real num - addic. $num,$num,`-16*$SZ` ; num-- - bne- Lunaligned - -Ldone: - $POP r0,`$FRAME+$LRSAVE`($sp) - $POP $toc,`$FRAME-$SIZE_T*20`($sp) - $POP r13,`$FRAME-$SIZE_T*19`($sp) - $POP r14,`$FRAME-$SIZE_T*18`($sp) - $POP r15,`$FRAME-$SIZE_T*17`($sp) - $POP r16,`$FRAME-$SIZE_T*16`($sp) - $POP r17,`$FRAME-$SIZE_T*15`($sp) - $POP r18,`$FRAME-$SIZE_T*14`($sp) - $POP r19,`$FRAME-$SIZE_T*13`($sp) - $POP r20,`$FRAME-$SIZE_T*12`($sp) - $POP r21,`$FRAME-$SIZE_T*11`($sp) - $POP r22,`$FRAME-$SIZE_T*10`($sp) - $POP r23,`$FRAME-$SIZE_T*9`($sp) - $POP r24,`$FRAME-$SIZE_T*8`($sp) - $POP r25,`$FRAME-$SIZE_T*7`($sp) - $POP r26,`$FRAME-$SIZE_T*6`($sp) - $POP r27,`$FRAME-$SIZE_T*5`($sp) - $POP r28,`$FRAME-$SIZE_T*4`($sp) - $POP r29,`$FRAME-$SIZE_T*3`($sp) - $POP r30,`$FRAME-$SIZE_T*2`($sp) - $POP r31,`$FRAME-$SIZE_T*1`($sp) - mtlr r0 - addi $sp,$sp,$FRAME - blr - -.align 4 -Lsha2_block_private: -___ -for($i=0;$i<16;$i++) { -$code.=<<___ if ($SZ==4); - lwz @X[$i],`$i*$SZ`($inp) -___ -# 64-bit loads are split to 2x32-bit ones, as CPU can't handle -# unaligned 64-bit loads, only 32-bit ones... -$code.=<<___ if ($SZ==8); - lwz $t0,`$i*$SZ`($inp) - lwz @X[$i],`$i*$SZ+4`($inp) - insrdi @X[$i],$t0,32,0 -___ - &ROUND_00_15($i,@V); - unshift(@V,pop(@V)); -} -$code.=<<___; - li $T,`$rounds/16-1` - mtctr $T -.align 4 -Lrounds: - addi $Tbl,$Tbl,`16*$SZ` -___ -for(;$i<32;$i++) { - &ROUND_16_xx($i,@V); - unshift(@V,pop(@V)); -} -$code.=<<___; - bdnz- Lrounds - - $POP $ctx,`$FRAME-$SIZE_T*22`($sp) - $POP $inp,`$FRAME-$SIZE_T*23`($sp) ; inp pointer - $POP $num,`$FRAME-$SIZE_T*24`($sp) ; end pointer - subi $Tbl,$Tbl,`($rounds-16)*$SZ` ; rewind Tbl - - $LD r16,`0*$SZ`($ctx) - $LD r17,`1*$SZ`($ctx) - $LD r18,`2*$SZ`($ctx) - $LD r19,`3*$SZ`($ctx) - $LD r20,`4*$SZ`($ctx) - $LD r21,`5*$SZ`($ctx) - $LD r22,`6*$SZ`($ctx) - addi $inp,$inp,`16*$SZ` ; advance inp - $LD r23,`7*$SZ`($ctx) - add $A,$A,r16 - add $B,$B,r17 - $PUSH $inp,`$FRAME-$SIZE_T*23`($sp) - add $C,$C,r18 - $ST $A,`0*$SZ`($ctx) - add $D,$D,r19 - $ST $B,`1*$SZ`($ctx) - add $E,$E,r20 - $ST $C,`2*$SZ`($ctx) - add $F,$F,r21 - $ST $D,`3*$SZ`($ctx) - add $G,$G,r22 - $ST $E,`4*$SZ`($ctx) - add $H,$H,r23 - $ST $F,`5*$SZ`($ctx) - $ST $G,`6*$SZ`($ctx) - $UCMP $inp,$num - $ST $H,`7*$SZ`($ctx) - bne Lsha2_block_private - blr - .section .rodata -Ltable: -___ -$code.=<<___ if ($SZ==8); - .long 0x428a2f98,0xd728ae22,0x71374491,0x23ef65cd - .long 0xb5c0fbcf,0xec4d3b2f,0xe9b5dba5,0x8189dbbc - .long 0x3956c25b,0xf348b538,0x59f111f1,0xb605d019 - .long 0x923f82a4,0xaf194f9b,0xab1c5ed5,0xda6d8118 - .long 0xd807aa98,0xa3030242,0x12835b01,0x45706fbe - .long 0x243185be,0x4ee4b28c,0x550c7dc3,0xd5ffb4e2 - .long 0x72be5d74,0xf27b896f,0x80deb1fe,0x3b1696b1 - .long 0x9bdc06a7,0x25c71235,0xc19bf174,0xcf692694 - .long 0xe49b69c1,0x9ef14ad2,0xefbe4786,0x384f25e3 - .long 0x0fc19dc6,0x8b8cd5b5,0x240ca1cc,0x77ac9c65 - .long 0x2de92c6f,0x592b0275,0x4a7484aa,0x6ea6e483 - .long 0x5cb0a9dc,0xbd41fbd4,0x76f988da,0x831153b5 - .long 0x983e5152,0xee66dfab,0xa831c66d,0x2db43210 - .long 0xb00327c8,0x98fb213f,0xbf597fc7,0xbeef0ee4 - .long 0xc6e00bf3,0x3da88fc2,0xd5a79147,0x930aa725 - .long 0x06ca6351,0xe003826f,0x14292967,0x0a0e6e70 - .long 0x27b70a85,0x46d22ffc,0x2e1b2138,0x5c26c926 - .long 0x4d2c6dfc,0x5ac42aed,0x53380d13,0x9d95b3df - .long 0x650a7354,0x8baf63de,0x766a0abb,0x3c77b2a8 - .long 0x81c2c92e,0x47edaee6,0x92722c85,0x1482353b - .long 0xa2bfe8a1,0x4cf10364,0xa81a664b,0xbc423001 - .long 0xc24b8b70,0xd0f89791,0xc76c51a3,0x0654be30 - .long 0xd192e819,0xd6ef5218,0xd6990624,0x5565a910 - .long 0xf40e3585,0x5771202a,0x106aa070,0x32bbd1b8 - .long 0x19a4c116,0xb8d2d0c8,0x1e376c08,0x5141ab53 - .long 0x2748774c,0xdf8eeb99,0x34b0bcb5,0xe19b48a8 - .long 0x391c0cb3,0xc5c95a63,0x4ed8aa4a,0xe3418acb - .long 0x5b9cca4f,0x7763e373,0x682e6ff3,0xd6b2b8a3 - .long 0x748f82ee,0x5defb2fc,0x78a5636f,0x43172f60 - .long 0x84c87814,0xa1f0ab72,0x8cc70208,0x1a6439ec - .long 0x90befffa,0x23631e28,0xa4506ceb,0xde82bde9 - .long 0xbef9a3f7,0xb2c67915,0xc67178f2,0xe372532b - .long 0xca273ece,0xea26619c,0xd186b8c7,0x21c0c207 - .long 0xeada7dd6,0xcde0eb1e,0xf57d4f7f,0xee6ed178 - .long 0x06f067aa,0x72176fba,0x0a637dc5,0xa2c898a6 - .long 0x113f9804,0xbef90dae,0x1b710b35,0x131c471b - .long 0x28db77f5,0x23047d84,0x32caab7b,0x40c72493 - .long 0x3c9ebe0a,0x15c9bebc,0x431d67c4,0x9c100d4c - .long 0x4cc5d4be,0xcb3e42b6,0x597f299c,0xfc657e2a - .long 0x5fcb6fab,0x3ad6faec,0x6c44198c,0x4a475817 -___ -$code.=<<___ if ($SZ==4); - .long 0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5 - .long 0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5 - .long 0xd807aa98,0x12835b01,0x243185be,0x550c7dc3 - .long 0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174 - .long 0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc - .long 0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da - .long 0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7 - .long 0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967 - .long 0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13 - .long 0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85 - .long 0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3 - .long 0xd192e819,0xd6990624,0xf40e3585,0x106aa070 - .long 0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5 - .long 0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3 - .long 0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208 - .long 0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2 -___ - -$code =~ s/\`([^\`]*)\`/eval $1/gem; -print $code; -close STDOUT; diff --git a/src/lib/libcrypto/sha/asm/sha512-sparcv9.pl b/src/lib/libcrypto/sha/asm/sha512-sparcv9.pl deleted file mode 100644 index 3c93799446..0000000000 --- a/src/lib/libcrypto/sha/asm/sha512-sparcv9.pl +++ /dev/null @@ -1,604 +0,0 @@ -#!/usr/bin/env perl - -# ==================================================================== -# Written by Andy Polyakov for the OpenSSL -# project. The module is, however, dual licensed under OpenSSL and -# CRYPTOGAMS licenses depending on where you obtain it. For further -# details see http://www.openssl.org/~appro/cryptogams/. -# ==================================================================== - -# SHA256 performance improvement over compiler generated code varies -# from 40% for Sun C [32-bit build] to 70% for gcc [3.3, 64-bit -# build]. Just like in SHA1 module I aim to ensure scalability on -# UltraSPARC T1 by packing X[16] to 8 64-bit registers. - -# SHA512 on pre-T1 UltraSPARC. -# -# Performance is >75% better than 64-bit code generated by Sun C and -# over 2x than 32-bit code. X[16] resides on stack, but access to it -# is scheduled for L2 latency and staged through 32 least significant -# bits of %l0-%l7. The latter is done to achieve 32-/64-bit ABI -# duality. Nevetheless it's ~40% faster than SHA256, which is pretty -# good [optimal coefficient is 50%]. -# -# SHA512 on UltraSPARC T1. -# -# It's not any faster than 64-bit code generated by Sun C 5.8. This is -# because 64-bit code generator has the advantage of using 64-bit -# loads(*) to access X[16], which I consciously traded for 32-/64-bit -# ABI duality [as per above]. But it surpasses 32-bit Sun C generated -# code by 60%, not to mention that it doesn't suffer from severe decay -# when running 4 times physical cores threads and that it leaves gcc -# [3.4] behind by over 4x factor! If compared to SHA256, single thread -# performance is only 10% better, but overall throughput for maximum -# amount of threads for given CPU exceeds corresponding one of SHA256 -# by 30% [again, optimal coefficient is 50%]. -# -# (*) Unlike pre-T1 UltraSPARC loads on T1 are executed strictly -# in-order, i.e. load instruction has to complete prior next -# instruction in given thread is executed, even if the latter is -# not dependent on load result! This means that on T1 two 32-bit -# loads are always slower than one 64-bit load. Once again this -# is unlike pre-T1 UltraSPARC, where, if scheduled appropriately, -# 2x32-bit loads can be as fast as 1x64-bit ones. - -$bits=32; -for (@ARGV) { $bits=64 if (/\-m64/ || /\-xarch\=v9/); } -if ($bits==64) { $bias=2047; $frame=192; } -else { $bias=0; $frame=112; } - -$output=shift; -open STDOUT,">$output"; - -if ($output =~ /512/) { - $label="512"; - $SZ=8; - $LD="ldx"; # load from memory - $ST="stx"; # store to memory - $SLL="sllx"; # shift left logical - $SRL="srlx"; # shift right logical - @Sigma0=(28,34,39); - @Sigma1=(14,18,41); - @sigma0=( 7, 1, 8); # right shift first - @sigma1=( 6,19,61); # right shift first - $lastK=0x817; - $rounds=80; - $align=4; - - $locals=16*$SZ; # X[16] - - $A="%o0"; - $B="%o1"; - $C="%o2"; - $D="%o3"; - $E="%o4"; - $F="%o5"; - $G="%g1"; - $H="%o7"; - @V=($A,$B,$C,$D,$E,$F,$G,$H); -} else { - $label="256"; - $SZ=4; - $LD="ld"; # load from memory - $ST="st"; # store to memory - $SLL="sll"; # shift left logical - $SRL="srl"; # shift right logical - @Sigma0=( 2,13,22); - @Sigma1=( 6,11,25); - @sigma0=( 3, 7,18); # right shift first - @sigma1=(10,17,19); # right shift first - $lastK=0x8f2; - $rounds=64; - $align=8; - - $locals=0; # X[16] is register resident - @X=("%o0","%o1","%o2","%o3","%o4","%o5","%g1","%o7"); - - $A="%l0"; - $B="%l1"; - $C="%l2"; - $D="%l3"; - $E="%l4"; - $F="%l5"; - $G="%l6"; - $H="%l7"; - @V=($A,$B,$C,$D,$E,$F,$G,$H); -} -$T1="%g2"; -$tmp0="%g3"; -$tmp1="%g4"; -$tmp2="%g5"; - -$ctx="%i0"; -$inp="%i1"; -$len="%i2"; -$Ktbl="%i3"; -$tmp31="%i4"; -$tmp32="%i5"; - -########### SHA256 -$Xload = sub { -my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_; - - if ($i==0) { -$code.=<<___; - ldx [$inp+0],@X[0] - ldx [$inp+16],@X[2] - ldx [$inp+32],@X[4] - ldx [$inp+48],@X[6] - ldx [$inp+8],@X[1] - ldx [$inp+24],@X[3] - subcc %g0,$tmp31,$tmp32 ! should be 64-$tmp31, but -$tmp31 works too - ldx [$inp+40],@X[5] - bz,pt %icc,.Laligned - ldx [$inp+56],@X[7] - - sllx @X[0],$tmp31,@X[0] - ldx [$inp+64],$T1 -___ -for($j=0;$j<7;$j++) -{ $code.=<<___; - srlx @X[$j+1],$tmp32,$tmp1 - sllx @X[$j+1],$tmp31,@X[$j+1] - or $tmp1,@X[$j],@X[$j] -___ -} -$code.=<<___; - srlx $T1,$tmp32,$T1 - or $T1,@X[7],@X[7] -.Laligned: -___ - } - - if ($i&1) { - $code.="\tadd @X[$i/2],$h,$T1\n"; - } else { - $code.="\tsrlx @X[$i/2],32,$T1\n\tadd $h,$T1,$T1\n"; - } -} if ($SZ==4); - -########### SHA512 -$Xload = sub { -my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_; -my @pair=("%l".eval(($i*2)%8),"%l".eval(($i*2)%8+1),"%l".eval((($i+1)*2)%8)); - -$code.=<<___ if ($i==0); - ld [$inp+0],%l0 - ld [$inp+4],%l1 - ld [$inp+8],%l2 - ld [$inp+12],%l3 - ld [$inp+16],%l4 - ld [$inp+20],%l5 - ld [$inp+24],%l6 - ld [$inp+28],%l7 -___ -$code.=<<___ if ($i<15); - sllx @pair[1],$tmp31,$tmp2 ! Xload($i) - add $tmp31,32,$tmp0 - sllx @pair[0],$tmp0,$tmp1 - `"ld [$inp+".eval(32+0+$i*8)."],@pair[0]" if ($i<12)` - srlx @pair[2],$tmp32,@pair[1] - or $tmp1,$tmp2,$tmp2 - or @pair[1],$tmp2,$tmp2 - `"ld [$inp+".eval(32+4+$i*8)."],@pair[1]" if ($i<12)` - add $h,$tmp2,$T1 - $ST $tmp2,[%sp+`$bias+$frame+$i*$SZ`] -___ -$code.=<<___ if ($i==12); - brnz,a $tmp31,.+8 - ld [$inp+128],%l0 -___ -$code.=<<___ if ($i==15); - ld [%sp+`$bias+$frame+(($i+1+1)%16)*$SZ+0`],%l2 - sllx @pair[1],$tmp31,$tmp2 ! Xload($i) - add $tmp31,32,$tmp0 - ld [%sp+`$bias+$frame+(($i+1+1)%16)*$SZ+4`],%l3 - sllx @pair[0],$tmp0,$tmp1 - ld [%sp+`$bias+$frame+(($i+1+9)%16)*$SZ+0`],%l4 - srlx @pair[2],$tmp32,@pair[1] - or $tmp1,$tmp2,$tmp2 - ld [%sp+`$bias+$frame+(($i+1+9)%16)*$SZ+4`],%l5 - or @pair[1],$tmp2,$tmp2 - ld [%sp+`$bias+$frame+(($i+1+14)%16)*$SZ+0`],%l6 - add $h,$tmp2,$T1 - $ST $tmp2,[%sp+`$bias+$frame+$i*$SZ`] - ld [%sp+`$bias+$frame+(($i+1+14)%16)*$SZ+4`],%l7 - ld [%sp+`$bias+$frame+(($i+1+0)%16)*$SZ+0`],%l0 - ld [%sp+`$bias+$frame+(($i+1+0)%16)*$SZ+4`],%l1 -___ -} if ($SZ==8); - -########### common -sub BODY_00_15 { -my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_; - - if ($i<16) { - &$Xload(@_); - } else { - $code.="\tadd $h,$T1,$T1\n"; - } - -$code.=<<___; - $SRL $e,@Sigma1[0],$h !! $i - xor $f,$g,$tmp2 - $SLL $e,`$SZ*8-@Sigma1[2]`,$tmp1 - and $e,$tmp2,$tmp2 - $SRL $e,@Sigma1[1],$tmp0 - xor $tmp1,$h,$h - $SLL $e,`$SZ*8-@Sigma1[1]`,$tmp1 - xor $tmp0,$h,$h - $SRL $e,@Sigma1[2],$tmp0 - xor $tmp1,$h,$h - $SLL $e,`$SZ*8-@Sigma1[0]`,$tmp1 - xor $tmp0,$h,$h - xor $g,$tmp2,$tmp2 ! Ch(e,f,g) - xor $tmp1,$h,$tmp0 ! Sigma1(e) - - $SRL $a,@Sigma0[0],$h - add $tmp2,$T1,$T1 - $LD [$Ktbl+`$i*$SZ`],$tmp2 ! K[$i] - $SLL $a,`$SZ*8-@Sigma0[2]`,$tmp1 - add $tmp0,$T1,$T1 - $SRL $a,@Sigma0[1],$tmp0 - xor $tmp1,$h,$h - $SLL $a,`$SZ*8-@Sigma0[1]`,$tmp1 - xor $tmp0,$h,$h - $SRL $a,@Sigma0[2],$tmp0 - xor $tmp1,$h,$h - $SLL $a,`$SZ*8-@Sigma0[0]`,$tmp1 - xor $tmp0,$h,$h - xor $tmp1,$h,$h ! Sigma0(a) - - or $a,$b,$tmp0 - and $a,$b,$tmp1 - and $c,$tmp0,$tmp0 - or $tmp0,$tmp1,$tmp1 ! Maj(a,b,c) - add $tmp2,$T1,$T1 ! +=K[$i] - add $tmp1,$h,$h - - add $T1,$d,$d - add $T1,$h,$h -___ -} - -########### SHA256 -$BODY_16_XX = sub { -my $i=@_[0]; -my $xi; - - if ($i&1) { - $xi=$tmp32; - $code.="\tsrlx @X[(($i+1)/2)%8],32,$xi\n"; - } else { - $xi=@X[(($i+1)/2)%8]; - } -$code.=<<___; - srl $xi,@sigma0[0],$T1 !! Xupdate($i) - sll $xi,`32-@sigma0[2]`,$tmp1 - srl $xi,@sigma0[1],$tmp0 - xor $tmp1,$T1,$T1 - sll $tmp1,`@sigma0[2]-@sigma0[1]`,$tmp1 - xor $tmp0,$T1,$T1 - srl $xi,@sigma0[2],$tmp0 - xor $tmp1,$T1,$T1 -___ - if ($i&1) { - $xi=@X[(($i+14)/2)%8]; - } else { - $xi=$tmp32; - $code.="\tsrlx @X[(($i+14)/2)%8],32,$xi\n"; - } -$code.=<<___; - srl $xi,@sigma1[0],$tmp2 - xor $tmp0,$T1,$T1 ! T1=sigma0(X[i+1]) - sll $xi,`32-@sigma1[2]`,$tmp1 - srl $xi,@sigma1[1],$tmp0 - xor $tmp1,$tmp2,$tmp2 - sll $tmp1,`@sigma1[2]-@sigma1[1]`,$tmp1 - xor $tmp0,$tmp2,$tmp2 - srl $xi,@sigma1[2],$tmp0 - xor $tmp1,$tmp2,$tmp2 -___ - if ($i&1) { - $xi=@X[($i/2)%8]; -$code.=<<___; - srlx @X[(($i+9)/2)%8],32,$tmp1 ! X[i+9] - xor $tmp0,$tmp2,$tmp2 ! sigma1(X[i+14]) - srl @X[($i/2)%8],0,$tmp0 - add $tmp2,$tmp1,$tmp1 - add $xi,$T1,$T1 ! +=X[i] - xor $tmp0,@X[($i/2)%8],@X[($i/2)%8] - add $tmp1,$T1,$T1 - - srl $T1,0,$T1 - or $T1,@X[($i/2)%8],@X[($i/2)%8] -___ - } else { - $xi=@X[(($i+9)/2)%8]; -$code.=<<___; - srlx @X[($i/2)%8],32,$tmp1 ! X[i] - xor $tmp0,$tmp2,$tmp2 ! sigma1(X[i+14]) - add $xi,$T1,$T1 ! +=X[i+9] - add $tmp2,$tmp1,$tmp1 - srl @X[($i/2)%8],0,@X[($i/2)%8] - add $tmp1,$T1,$T1 - - sllx $T1,32,$tmp0 - or $tmp0,@X[($i/2)%8],@X[($i/2)%8] -___ - } - &BODY_00_15(@_); -} if ($SZ==4); - -########### SHA512 -$BODY_16_XX = sub { -my $i=@_[0]; -my @pair=("%l".eval(($i*2)%8),"%l".eval(($i*2)%8+1)); - -$code.=<<___; - sllx %l2,32,$tmp0 !! Xupdate($i) - or %l3,$tmp0,$tmp0 - - srlx $tmp0,@sigma0[0],$T1 - ld [%sp+`$bias+$frame+(($i+1+1)%16)*$SZ+0`],%l2 - sllx $tmp0,`64-@sigma0[2]`,$tmp1 - ld [%sp+`$bias+$frame+(($i+1+1)%16)*$SZ+4`],%l3 - srlx $tmp0,@sigma0[1],$tmp0 - xor $tmp1,$T1,$T1 - sllx $tmp1,`@sigma0[2]-@sigma0[1]`,$tmp1 - xor $tmp0,$T1,$T1 - srlx $tmp0,`@sigma0[2]-@sigma0[1]`,$tmp0 - xor $tmp1,$T1,$T1 - sllx %l6,32,$tmp2 - xor $tmp0,$T1,$T1 ! sigma0(X[$i+1]) - or %l7,$tmp2,$tmp2 - - srlx $tmp2,@sigma1[0],$tmp1 - ld [%sp+`$bias+$frame+(($i+1+14)%16)*$SZ+0`],%l6 - sllx $tmp2,`64-@sigma1[2]`,$tmp0 - ld [%sp+`$bias+$frame+(($i+1+14)%16)*$SZ+4`],%l7 - srlx $tmp2,@sigma1[1],$tmp2 - xor $tmp0,$tmp1,$tmp1 - sllx $tmp0,`@sigma1[2]-@sigma1[1]`,$tmp0 - xor $tmp2,$tmp1,$tmp1 - srlx $tmp2,`@sigma1[2]-@sigma1[1]`,$tmp2 - xor $tmp0,$tmp1,$tmp1 - sllx %l4,32,$tmp0 - xor $tmp2,$tmp1,$tmp1 ! sigma1(X[$i+14]) - ld [%sp+`$bias+$frame+(($i+1+9)%16)*$SZ+0`],%l4 - or %l5,$tmp0,$tmp0 - ld [%sp+`$bias+$frame+(($i+1+9)%16)*$SZ+4`],%l5 - - sllx %l0,32,$tmp2 - add $tmp1,$T1,$T1 - ld [%sp+`$bias+$frame+(($i+1+0)%16)*$SZ+0`],%l0 - or %l1,$tmp2,$tmp2 - add $tmp0,$T1,$T1 ! +=X[$i+9] - ld [%sp+`$bias+$frame+(($i+1+0)%16)*$SZ+4`],%l1 - add $tmp2,$T1,$T1 ! +=X[$i] - $ST $T1,[%sp+`$bias+$frame+($i%16)*$SZ`] -___ - &BODY_00_15(@_); -} if ($SZ==8); - -$code.=<<___ if ($bits==64); -.register %g2,#scratch -.register %g3,#scratch -___ -$code.=<<___; -.section ".rodata",#alloc - -.align 64 -K${label}: -.type K${label},#object -___ -if ($SZ==4) { -$code.=<<___; - .long 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5 - .long 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5 - .long 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3 - .long 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174 - .long 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc - .long 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da - .long 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7 - .long 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967 - .long 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13 - .long 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85 - .long 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3 - .long 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070 - .long 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5 - .long 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3 - .long 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208 - .long 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 -___ -} else { -$code.=<<___; - .long 0x428a2f98,0xd728ae22, 0x71374491,0x23ef65cd - .long 0xb5c0fbcf,0xec4d3b2f, 0xe9b5dba5,0x8189dbbc - .long 0x3956c25b,0xf348b538, 0x59f111f1,0xb605d019 - .long 0x923f82a4,0xaf194f9b, 0xab1c5ed5,0xda6d8118 - .long 0xd807aa98,0xa3030242, 0x12835b01,0x45706fbe - .long 0x243185be,0x4ee4b28c, 0x550c7dc3,0xd5ffb4e2 - .long 0x72be5d74,0xf27b896f, 0x80deb1fe,0x3b1696b1 - .long 0x9bdc06a7,0x25c71235, 0xc19bf174,0xcf692694 - .long 0xe49b69c1,0x9ef14ad2, 0xefbe4786,0x384f25e3 - .long 0x0fc19dc6,0x8b8cd5b5, 0x240ca1cc,0x77ac9c65 - .long 0x2de92c6f,0x592b0275, 0x4a7484aa,0x6ea6e483 - .long 0x5cb0a9dc,0xbd41fbd4, 0x76f988da,0x831153b5 - .long 0x983e5152,0xee66dfab, 0xa831c66d,0x2db43210 - .long 0xb00327c8,0x98fb213f, 0xbf597fc7,0xbeef0ee4 - .long 0xc6e00bf3,0x3da88fc2, 0xd5a79147,0x930aa725 - .long 0x06ca6351,0xe003826f, 0x14292967,0x0a0e6e70 - .long 0x27b70a85,0x46d22ffc, 0x2e1b2138,0x5c26c926 - .long 0x4d2c6dfc,0x5ac42aed, 0x53380d13,0x9d95b3df - .long 0x650a7354,0x8baf63de, 0x766a0abb,0x3c77b2a8 - .long 0x81c2c92e,0x47edaee6, 0x92722c85,0x1482353b - .long 0xa2bfe8a1,0x4cf10364, 0xa81a664b,0xbc423001 - .long 0xc24b8b70,0xd0f89791, 0xc76c51a3,0x0654be30 - .long 0xd192e819,0xd6ef5218, 0xd6990624,0x5565a910 - .long 0xf40e3585,0x5771202a, 0x106aa070,0x32bbd1b8 - .long 0x19a4c116,0xb8d2d0c8, 0x1e376c08,0x5141ab53 - .long 0x2748774c,0xdf8eeb99, 0x34b0bcb5,0xe19b48a8 - .long 0x391c0cb3,0xc5c95a63, 0x4ed8aa4a,0xe3418acb - .long 0x5b9cca4f,0x7763e373, 0x682e6ff3,0xd6b2b8a3 - .long 0x748f82ee,0x5defb2fc, 0x78a5636f,0x43172f60 - .long 0x84c87814,0xa1f0ab72, 0x8cc70208,0x1a6439ec - .long 0x90befffa,0x23631e28, 0xa4506ceb,0xde82bde9 - .long 0xbef9a3f7,0xb2c67915, 0xc67178f2,0xe372532b - .long 0xca273ece,0xea26619c, 0xd186b8c7,0x21c0c207 - .long 0xeada7dd6,0xcde0eb1e, 0xf57d4f7f,0xee6ed178 - .long 0x06f067aa,0x72176fba, 0x0a637dc5,0xa2c898a6 - .long 0x113f9804,0xbef90dae, 0x1b710b35,0x131c471b - .long 0x28db77f5,0x23047d84, 0x32caab7b,0x40c72493 - .long 0x3c9ebe0a,0x15c9bebc, 0x431d67c4,0x9c100d4c - .long 0x4cc5d4be,0xcb3e42b6, 0x597f299c,0xfc657e2a - .long 0x5fcb6fab,0x3ad6faec, 0x6c44198c,0x4a475817 -___ -} -$code.=<<___; -.size K${label},.-K${label} - -.section ".text",#alloc,#execinstr -.globl sha${label}_block_data_order -sha${label}_block_data_order: - save %sp,`-$frame-$locals`,%sp -#ifdef __PIC__ - sethi %hi(_GLOBAL_OFFSET_TABLE_-4), %o5 - rd %pc, %o4 - or %o5, %lo(_GLOBAL_OFFSET_TABLE_+4), %o5 - add %o5, %o4, %o5 -#endif - and $inp,`$align-1`,$tmp31 - sllx $len,`log(16*$SZ)/log(2)`,$len - andn $inp,`$align-1`,$inp - sll $tmp31,3,$tmp31 - add $inp,$len,$len -___ -$code.=<<___ if ($SZ==8); # SHA512 - mov 32,$tmp32 - sub $tmp32,$tmp31,$tmp32 -___ -$code.=<<___; -#ifdef __PIC__ - set K${label}, $Ktbl - ldx [$Ktbl+%o5], $Ktbl -#else - set K${label}, $Ktbl -#endif - - $LD [$ctx+`0*$SZ`],$A - $LD [$ctx+`1*$SZ`],$B - $LD [$ctx+`2*$SZ`],$C - $LD [$ctx+`3*$SZ`],$D - $LD [$ctx+`4*$SZ`],$E - $LD [$ctx+`5*$SZ`],$F - $LD [$ctx+`6*$SZ`],$G - $LD [$ctx+`7*$SZ`],$H - -.Lloop: -___ -for ($i=0;$i<16;$i++) { &BODY_00_15($i,@V); unshift(@V,pop(@V)); } -$code.=".L16_xx:\n"; -for (;$i<32;$i++) { &$BODY_16_XX($i,@V); unshift(@V,pop(@V)); } -$code.=<<___; - and $tmp2,0xfff,$tmp2 - cmp $tmp2,$lastK - bne .L16_xx - add $Ktbl,`16*$SZ`,$Ktbl ! Ktbl+=16 - -___ -$code.=<<___ if ($SZ==4); # SHA256 - $LD [$ctx+`0*$SZ`],@X[0] - $LD [$ctx+`1*$SZ`],@X[1] - $LD [$ctx+`2*$SZ`],@X[2] - $LD [$ctx+`3*$SZ`],@X[3] - $LD [$ctx+`4*$SZ`],@X[4] - $LD [$ctx+`5*$SZ`],@X[5] - $LD [$ctx+`6*$SZ`],@X[6] - $LD [$ctx+`7*$SZ`],@X[7] - - add $A,@X[0],$A - $ST $A,[$ctx+`0*$SZ`] - add $B,@X[1],$B - $ST $B,[$ctx+`1*$SZ`] - add $C,@X[2],$C - $ST $C,[$ctx+`2*$SZ`] - add $D,@X[3],$D - $ST $D,[$ctx+`3*$SZ`] - add $E,@X[4],$E - $ST $E,[$ctx+`4*$SZ`] - add $F,@X[5],$F - $ST $F,[$ctx+`5*$SZ`] - add $G,@X[6],$G - $ST $G,[$ctx+`6*$SZ`] - add $H,@X[7],$H - $ST $H,[$ctx+`7*$SZ`] -___ -$code.=<<___ if ($SZ==8); # SHA512 - ld [$ctx+`0*$SZ+0`],%l0 - ld [$ctx+`0*$SZ+4`],%l1 - ld [$ctx+`1*$SZ+0`],%l2 - ld [$ctx+`1*$SZ+4`],%l3 - ld [$ctx+`2*$SZ+0`],%l4 - ld [$ctx+`2*$SZ+4`],%l5 - ld [$ctx+`3*$SZ+0`],%l6 - - sllx %l0,32,$tmp0 - ld [$ctx+`3*$SZ+4`],%l7 - sllx %l2,32,$tmp1 - or %l1,$tmp0,$tmp0 - or %l3,$tmp1,$tmp1 - add $tmp0,$A,$A - add $tmp1,$B,$B - $ST $A,[$ctx+`0*$SZ`] - sllx %l4,32,$tmp2 - $ST $B,[$ctx+`1*$SZ`] - sllx %l6,32,$T1 - or %l5,$tmp2,$tmp2 - or %l7,$T1,$T1 - add $tmp2,$C,$C - $ST $C,[$ctx+`2*$SZ`] - add $T1,$D,$D - $ST $D,[$ctx+`3*$SZ`] - - ld [$ctx+`4*$SZ+0`],%l0 - ld [$ctx+`4*$SZ+4`],%l1 - ld [$ctx+`5*$SZ+0`],%l2 - ld [$ctx+`5*$SZ+4`],%l3 - ld [$ctx+`6*$SZ+0`],%l4 - ld [$ctx+`6*$SZ+4`],%l5 - ld [$ctx+`7*$SZ+0`],%l6 - - sllx %l0,32,$tmp0 - ld [$ctx+`7*$SZ+4`],%l7 - sllx %l2,32,$tmp1 - or %l1,$tmp0,$tmp0 - or %l3,$tmp1,$tmp1 - add $tmp0,$E,$E - add $tmp1,$F,$F - $ST $E,[$ctx+`4*$SZ`] - sllx %l4,32,$tmp2 - $ST $F,[$ctx+`5*$SZ`] - sllx %l6,32,$T1 - or %l5,$tmp2,$tmp2 - or %l7,$T1,$T1 - add $tmp2,$G,$G - $ST $G,[$ctx+`6*$SZ`] - add $T1,$H,$H - $ST $H,[$ctx+`7*$SZ`] -___ -$code.=<<___; - add $inp,`16*$SZ`,$inp ! advance inp - cmp $inp,$len - bne `$bits==64?"%xcc":"%icc"`,.Lloop - sub $Ktbl,`($rounds-16)*$SZ`,$Ktbl ! rewind Ktbl - - ret - restore -.type sha${label}_block_data_order,#function -.size sha${label}_block_data_order,(.-sha${label}_block_data_order) -___ - -$code =~ s/\`([^\`]*)\`/eval $1/gem; -print $code; -close STDOUT; diff --git a/src/lib/libcrypto/sha/sha.h b/src/lib/libcrypto/sha/sha.h deleted file mode 100644 index ec97f48b2e..0000000000 --- a/src/lib/libcrypto/sha/sha.h +++ /dev/null @@ -1,190 +0,0 @@ -/* $OpenBSD: sha.h,v 1.26 2025/01/25 17:59:44 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#ifndef HEADER_SHA_H -#define HEADER_SHA_H -#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__OpenBSD__) -#define __bounded__(x, y, z) -#endif - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - * ! SHA_LONG has to be at least 32 bits wide. ! - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - */ - -#define SHA_LONG unsigned int - -#define SHA_LBLOCK 16 -#define SHA_CBLOCK (SHA_LBLOCK*4) /* SHA treats input data as a - * contiguous array of 32 bit - * wide big-endian values. */ -#define SHA_LAST_BLOCK (SHA_CBLOCK-8) -#define SHA_DIGEST_LENGTH 20 - -typedef struct SHAstate_st { - SHA_LONG h0, h1, h2, h3, h4; - SHA_LONG Nl, Nh; - SHA_LONG data[SHA_LBLOCK]; - unsigned int num; -} SHA_CTX; - -#ifndef OPENSSL_NO_SHA1 -int SHA1_Init(SHA_CTX *c); -int SHA1_Update(SHA_CTX *c, const void *data, size_t len) - __attribute__ ((__bounded__(__buffer__, 2, 3))); -int SHA1_Final(unsigned char *md, SHA_CTX *c); -unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md) - __attribute__ ((__bounded__(__buffer__, 1, 2))) - __attribute__ ((__nonnull__(3))); -void SHA1_Transform(SHA_CTX *c, const unsigned char *data); -#endif - -#define SHA256_CBLOCK (SHA_LBLOCK*4) /* SHA-256 treats input data as a - * contiguous array of 32 bit - * wide big-endian values. */ -#define SHA224_DIGEST_LENGTH 28 -#define SHA256_DIGEST_LENGTH 32 - -typedef struct SHA256state_st { - SHA_LONG h[8]; - SHA_LONG Nl, Nh; - SHA_LONG data[SHA_LBLOCK]; - unsigned int num, md_len; -} SHA256_CTX; - -#ifndef OPENSSL_NO_SHA256 -int SHA224_Init(SHA256_CTX *c); -int SHA224_Update(SHA256_CTX *c, const void *data, size_t len) - __attribute__ ((__bounded__(__buffer__, 2, 3))); -int SHA224_Final(unsigned char *md, SHA256_CTX *c); -unsigned char *SHA224(const unsigned char *d, size_t n, unsigned char *md) - __attribute__ ((__bounded__(__buffer__, 1, 2))) - __attribute__ ((__nonnull__(3))); -int SHA256_Init(SHA256_CTX *c); -int SHA256_Update(SHA256_CTX *c, const void *data, size_t len) - __attribute__ ((__bounded__(__buffer__, 2, 3))); -int SHA256_Final(unsigned char *md, SHA256_CTX *c); -unsigned char *SHA256(const unsigned char *d, size_t n, unsigned char *md) - __attribute__ ((__bounded__(__buffer__, 1, 2))) - __attribute__ ((__nonnull__(3))); -void SHA256_Transform(SHA256_CTX *c, const unsigned char *data); -#endif - -#define SHA384_DIGEST_LENGTH 48 -#define SHA512_DIGEST_LENGTH 64 - -#ifndef OPENSSL_NO_SHA512 -/* - * Unlike 32-bit digest algorithms, SHA-512 *relies* on SHA_LONG64 - * being exactly 64-bit wide. See Implementation Notes in sha512.c - * for further details. - */ -#define SHA512_CBLOCK (SHA_LBLOCK*8) /* SHA-512 treats input data as a - * contiguous array of 64 bit - * wide big-endian values. */ -#if defined(_LP64) -#define SHA_LONG64 unsigned long -#define U64(C) C##UL -#else -#define SHA_LONG64 unsigned long long -#define U64(C) C##ULL -#endif - -typedef struct SHA512state_st { - SHA_LONG64 h[8]; - SHA_LONG64 Nl, Nh; - union { - SHA_LONG64 d[SHA_LBLOCK]; - unsigned char p[SHA512_CBLOCK]; - } u; - unsigned int num, md_len; -} SHA512_CTX; -#endif - -#ifndef OPENSSL_NO_SHA512 -int SHA384_Init(SHA512_CTX *c); -int SHA384_Update(SHA512_CTX *c, const void *data, size_t len) - __attribute__ ((__bounded__(__buffer__, 2, 3))); -int SHA384_Final(unsigned char *md, SHA512_CTX *c); -unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md) - __attribute__ ((__bounded__(__buffer__, 1, 2))) - __attribute__ ((__nonnull__(3))); -int SHA512_Init(SHA512_CTX *c); -int SHA512_Update(SHA512_CTX *c, const void *data, size_t len) - __attribute__ ((__bounded__(__buffer__, 2, 3))); -int SHA512_Final(unsigned char *md, SHA512_CTX *c); -unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md) - __attribute__ ((__bounded__(__buffer__, 1, 2))) - __attribute__ ((__nonnull__(3))); -void SHA512_Transform(SHA512_CTX *c, const unsigned char *data); -#endif - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/sha/sha1.c b/src/lib/libcrypto/sha/sha1.c deleted file mode 100644 index ab05709818..0000000000 --- a/src/lib/libcrypto/sha/sha1.c +++ /dev/null @@ -1,518 +0,0 @@ -/* $OpenBSD: sha1.c,v 1.16 2025/02/14 12:01:58 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include - -#include -#include - -#include "crypto_internal.h" - -#if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_SHA) - -/* Ensure that SHA_LONG and uint32_t are equivalent sizes. */ -CTASSERT(sizeof(SHA_LONG) == sizeof(uint32_t)); - -void sha1_block_data_order(SHA_CTX *ctx, const void *p, size_t num); -void sha1_block_generic(SHA_CTX *ctx, const void *p, size_t num); - -#ifndef HAVE_SHA1_BLOCK_GENERIC -static inline SHA_LONG -Ch(SHA_LONG x, SHA_LONG y, SHA_LONG z) -{ - return (x & y) ^ (~x & z); -} - -static inline SHA_LONG -Parity(SHA_LONG x, SHA_LONG y, SHA_LONG z) -{ - return x ^ y ^ z; -} - -static inline SHA_LONG -Maj(SHA_LONG x, SHA_LONG y, SHA_LONG z) -{ - return (x & y) ^ (x & z) ^ (y & z); -} - -static inline void -sha1_msg_schedule_update(SHA_LONG *W0, SHA_LONG W2, SHA_LONG W8, SHA_LONG W13) -{ - *W0 = crypto_rol_u32(W13 ^ W8 ^ W2 ^ *W0, 1); -} - -static inline void -sha1_round1(SHA_LONG *a, SHA_LONG *b, SHA_LONG *c, SHA_LONG *d, SHA_LONG *e, - SHA_LONG Wt) -{ - SHA_LONG Kt, T; - - Kt = 0x5a827999UL; - T = crypto_rol_u32(*a, 5) + Ch(*b, *c, *d) + *e + Kt + Wt; - - *e = *d; - *d = *c; - *c = crypto_rol_u32(*b, 30); - *b = *a; - *a = T; -} - -static inline void -sha1_round2(SHA_LONG *a, SHA_LONG *b, SHA_LONG *c, SHA_LONG *d, SHA_LONG *e, - SHA_LONG Wt) -{ - SHA_LONG Kt, T; - - Kt = 0x6ed9eba1UL; - T = crypto_rol_u32(*a, 5) + Parity(*b, *c, *d) + *e + Kt + Wt; - - *e = *d; - *d = *c; - *c = crypto_rol_u32(*b, 30); - *b = *a; - *a = T; -} - -static inline void -sha1_round3(SHA_LONG *a, SHA_LONG *b, SHA_LONG *c, SHA_LONG *d, SHA_LONG *e, - SHA_LONG Wt) -{ - SHA_LONG Kt, T; - - Kt = 0x8f1bbcdcUL; - T = crypto_rol_u32(*a, 5) + Maj(*b, *c, *d) + *e + Kt + Wt; - - *e = *d; - *d = *c; - *c = crypto_rol_u32(*b, 30); - *b = *a; - *a = T; -} - -static inline void -sha1_round4(SHA_LONG *a, SHA_LONG *b, SHA_LONG *c, SHA_LONG *d, SHA_LONG *e, - SHA_LONG Wt) -{ - SHA_LONG Kt, T; - - Kt = 0xca62c1d6UL; - T = crypto_rol_u32(*a, 5) + Parity(*b, *c, *d) + *e + Kt + Wt; - - *e = *d; - *d = *c; - *c = crypto_rol_u32(*b, 30); - *b = *a; - *a = T; -} - -void -sha1_block_generic(SHA_CTX *ctx, const void *_in, size_t num) -{ - const uint8_t *in = _in; - const SHA_LONG *in32; - unsigned int a, b, c, d, e; - unsigned int X0, X1, X2, X3, X4, X5, X6, X7, - X8, X9, X10, X11, X12, X13, X14, X15; - - while (num--) { - a = ctx->h0; - b = ctx->h1; - c = ctx->h2; - d = ctx->h3; - e = ctx->h4; - - if ((size_t)in % 4 == 0) { - /* Input is 32 bit aligned. */ - in32 = (const SHA_LONG *)in; - X0 = be32toh(in32[0]); - X1 = be32toh(in32[1]); - X2 = be32toh(in32[2]); - X3 = be32toh(in32[3]); - X4 = be32toh(in32[4]); - X5 = be32toh(in32[5]); - X6 = be32toh(in32[6]); - X7 = be32toh(in32[7]); - X8 = be32toh(in32[8]); - X9 = be32toh(in32[9]); - X10 = be32toh(in32[10]); - X11 = be32toh(in32[11]); - X12 = be32toh(in32[12]); - X13 = be32toh(in32[13]); - X14 = be32toh(in32[14]); - X15 = be32toh(in32[15]); - } else { - /* Input is not 32 bit aligned. */ - X0 = crypto_load_be32toh(&in[0 * 4]); - X1 = crypto_load_be32toh(&in[1 * 4]); - X2 = crypto_load_be32toh(&in[2 * 4]); - X3 = crypto_load_be32toh(&in[3 * 4]); - X4 = crypto_load_be32toh(&in[4 * 4]); - X5 = crypto_load_be32toh(&in[5 * 4]); - X6 = crypto_load_be32toh(&in[6 * 4]); - X7 = crypto_load_be32toh(&in[7 * 4]); - X8 = crypto_load_be32toh(&in[8 * 4]); - X9 = crypto_load_be32toh(&in[9 * 4]); - X10 = crypto_load_be32toh(&in[10 * 4]); - X11 = crypto_load_be32toh(&in[11 * 4]); - X12 = crypto_load_be32toh(&in[12 * 4]); - X13 = crypto_load_be32toh(&in[13 * 4]); - X14 = crypto_load_be32toh(&in[14 * 4]); - X15 = crypto_load_be32toh(&in[15 * 4]); - } - in += SHA_CBLOCK; - - sha1_round1(&a, &b, &c, &d, &e, X0); - sha1_round1(&a, &b, &c, &d, &e, X1); - sha1_round1(&a, &b, &c, &d, &e, X2); - sha1_round1(&a, &b, &c, &d, &e, X3); - sha1_round1(&a, &b, &c, &d, &e, X4); - sha1_round1(&a, &b, &c, &d, &e, X5); - sha1_round1(&a, &b, &c, &d, &e, X6); - sha1_round1(&a, &b, &c, &d, &e, X7); - sha1_round1(&a, &b, &c, &d, &e, X8); - sha1_round1(&a, &b, &c, &d, &e, X9); - sha1_round1(&a, &b, &c, &d, &e, X10); - sha1_round1(&a, &b, &c, &d, &e, X11); - sha1_round1(&a, &b, &c, &d, &e, X12); - sha1_round1(&a, &b, &c, &d, &e, X13); - sha1_round1(&a, &b, &c, &d, &e, X14); - sha1_round1(&a, &b, &c, &d, &e, X15); - - sha1_msg_schedule_update(&X0, X2, X8, X13); - sha1_msg_schedule_update(&X1, X3, X9, X14); - sha1_msg_schedule_update(&X2, X4, X10, X15); - sha1_msg_schedule_update(&X3, X5, X11, X0); - sha1_msg_schedule_update(&X4, X6, X12, X1); - sha1_msg_schedule_update(&X5, X7, X13, X2); - sha1_msg_schedule_update(&X6, X8, X14, X3); - sha1_msg_schedule_update(&X7, X9, X15, X4); - sha1_msg_schedule_update(&X8, X10, X0, X5); - sha1_msg_schedule_update(&X9, X11, X1, X6); - sha1_msg_schedule_update(&X10, X12, X2, X7); - sha1_msg_schedule_update(&X11, X13, X3, X8); - sha1_msg_schedule_update(&X12, X14, X4, X9); - sha1_msg_schedule_update(&X13, X15, X5, X10); - sha1_msg_schedule_update(&X14, X0, X6, X11); - sha1_msg_schedule_update(&X15, X1, X7, X12); - - sha1_round1(&a, &b, &c, &d, &e, X0); - sha1_round1(&a, &b, &c, &d, &e, X1); - sha1_round1(&a, &b, &c, &d, &e, X2); - sha1_round1(&a, &b, &c, &d, &e, X3); - sha1_round2(&a, &b, &c, &d, &e, X4); - sha1_round2(&a, &b, &c, &d, &e, X5); - sha1_round2(&a, &b, &c, &d, &e, X6); - sha1_round2(&a, &b, &c, &d, &e, X7); - sha1_round2(&a, &b, &c, &d, &e, X8); - sha1_round2(&a, &b, &c, &d, &e, X9); - sha1_round2(&a, &b, &c, &d, &e, X10); - sha1_round2(&a, &b, &c, &d, &e, X11); - sha1_round2(&a, &b, &c, &d, &e, X12); - sha1_round2(&a, &b, &c, &d, &e, X13); - sha1_round2(&a, &b, &c, &d, &e, X14); - sha1_round2(&a, &b, &c, &d, &e, X15); - - sha1_msg_schedule_update(&X0, X2, X8, X13); - sha1_msg_schedule_update(&X1, X3, X9, X14); - sha1_msg_schedule_update(&X2, X4, X10, X15); - sha1_msg_schedule_update(&X3, X5, X11, X0); - sha1_msg_schedule_update(&X4, X6, X12, X1); - sha1_msg_schedule_update(&X5, X7, X13, X2); - sha1_msg_schedule_update(&X6, X8, X14, X3); - sha1_msg_schedule_update(&X7, X9, X15, X4); - sha1_msg_schedule_update(&X8, X10, X0, X5); - sha1_msg_schedule_update(&X9, X11, X1, X6); - sha1_msg_schedule_update(&X10, X12, X2, X7); - sha1_msg_schedule_update(&X11, X13, X3, X8); - sha1_msg_schedule_update(&X12, X14, X4, X9); - sha1_msg_schedule_update(&X13, X15, X5, X10); - sha1_msg_schedule_update(&X14, X0, X6, X11); - sha1_msg_schedule_update(&X15, X1, X7, X12); - - sha1_round2(&a, &b, &c, &d, &e, X0); - sha1_round2(&a, &b, &c, &d, &e, X1); - sha1_round2(&a, &b, &c, &d, &e, X2); - sha1_round2(&a, &b, &c, &d, &e, X3); - sha1_round2(&a, &b, &c, &d, &e, X4); - sha1_round2(&a, &b, &c, &d, &e, X5); - sha1_round2(&a, &b, &c, &d, &e, X6); - sha1_round2(&a, &b, &c, &d, &e, X7); - sha1_round3(&a, &b, &c, &d, &e, X8); - sha1_round3(&a, &b, &c, &d, &e, X9); - sha1_round3(&a, &b, &c, &d, &e, X10); - sha1_round3(&a, &b, &c, &d, &e, X11); - sha1_round3(&a, &b, &c, &d, &e, X12); - sha1_round3(&a, &b, &c, &d, &e, X13); - sha1_round3(&a, &b, &c, &d, &e, X14); - sha1_round3(&a, &b, &c, &d, &e, X15); - - sha1_msg_schedule_update(&X0, X2, X8, X13); - sha1_msg_schedule_update(&X1, X3, X9, X14); - sha1_msg_schedule_update(&X2, X4, X10, X15); - sha1_msg_schedule_update(&X3, X5, X11, X0); - sha1_msg_schedule_update(&X4, X6, X12, X1); - sha1_msg_schedule_update(&X5, X7, X13, X2); - sha1_msg_schedule_update(&X6, X8, X14, X3); - sha1_msg_schedule_update(&X7, X9, X15, X4); - sha1_msg_schedule_update(&X8, X10, X0, X5); - sha1_msg_schedule_update(&X9, X11, X1, X6); - sha1_msg_schedule_update(&X10, X12, X2, X7); - sha1_msg_schedule_update(&X11, X13, X3, X8); - sha1_msg_schedule_update(&X12, X14, X4, X9); - sha1_msg_schedule_update(&X13, X15, X5, X10); - sha1_msg_schedule_update(&X14, X0, X6, X11); - sha1_msg_schedule_update(&X15, X1, X7, X12); - - sha1_round3(&a, &b, &c, &d, &e, X0); - sha1_round3(&a, &b, &c, &d, &e, X1); - sha1_round3(&a, &b, &c, &d, &e, X2); - sha1_round3(&a, &b, &c, &d, &e, X3); - sha1_round3(&a, &b, &c, &d, &e, X4); - sha1_round3(&a, &b, &c, &d, &e, X5); - sha1_round3(&a, &b, &c, &d, &e, X6); - sha1_round3(&a, &b, &c, &d, &e, X7); - sha1_round3(&a, &b, &c, &d, &e, X8); - sha1_round3(&a, &b, &c, &d, &e, X9); - sha1_round3(&a, &b, &c, &d, &e, X10); - sha1_round3(&a, &b, &c, &d, &e, X11); - sha1_round4(&a, &b, &c, &d, &e, X12); - sha1_round4(&a, &b, &c, &d, &e, X13); - sha1_round4(&a, &b, &c, &d, &e, X14); - sha1_round4(&a, &b, &c, &d, &e, X15); - - sha1_msg_schedule_update(&X0, X2, X8, X13); - sha1_msg_schedule_update(&X1, X3, X9, X14); - sha1_msg_schedule_update(&X2, X4, X10, X15); - sha1_msg_schedule_update(&X3, X5, X11, X0); - sha1_msg_schedule_update(&X4, X6, X12, X1); - sha1_msg_schedule_update(&X5, X7, X13, X2); - sha1_msg_schedule_update(&X6, X8, X14, X3); - sha1_msg_schedule_update(&X7, X9, X15, X4); - sha1_msg_schedule_update(&X8, X10, X0, X5); - sha1_msg_schedule_update(&X9, X11, X1, X6); - sha1_msg_schedule_update(&X10, X12, X2, X7); - sha1_msg_schedule_update(&X11, X13, X3, X8); - sha1_msg_schedule_update(&X12, X14, X4, X9); - sha1_msg_schedule_update(&X13, X15, X5, X10); - sha1_msg_schedule_update(&X14, X0, X6, X11); - sha1_msg_schedule_update(&X15, X1, X7, X12); - - sha1_round4(&a, &b, &c, &d, &e, X0); - sha1_round4(&a, &b, &c, &d, &e, X1); - sha1_round4(&a, &b, &c, &d, &e, X2); - sha1_round4(&a, &b, &c, &d, &e, X3); - sha1_round4(&a, &b, &c, &d, &e, X4); - sha1_round4(&a, &b, &c, &d, &e, X5); - sha1_round4(&a, &b, &c, &d, &e, X6); - sha1_round4(&a, &b, &c, &d, &e, X7); - sha1_round4(&a, &b, &c, &d, &e, X8); - sha1_round4(&a, &b, &c, &d, &e, X9); - sha1_round4(&a, &b, &c, &d, &e, X10); - sha1_round4(&a, &b, &c, &d, &e, X11); - sha1_round4(&a, &b, &c, &d, &e, X12); - sha1_round4(&a, &b, &c, &d, &e, X13); - sha1_round4(&a, &b, &c, &d, &e, X14); - sha1_round4(&a, &b, &c, &d, &e, X15); - - ctx->h0 += a; - ctx->h1 += b; - ctx->h2 += c; - ctx->h3 += d; - ctx->h4 += e; - } -} -#endif - -#ifndef HAVE_SHA1_BLOCK_DATA_ORDER -void -sha1_block_data_order(SHA_CTX *ctx, const void *_in, size_t num) -{ - sha1_block_generic(ctx, _in, num); -} -#endif - -int -SHA1_Init(SHA_CTX *c) -{ - memset(c, 0, sizeof(*c)); - - c->h0 = 0x67452301UL; - c->h1 = 0xefcdab89UL; - c->h2 = 0x98badcfeUL; - c->h3 = 0x10325476UL; - c->h4 = 0xc3d2e1f0UL; - - return 1; -} -LCRYPTO_ALIAS(SHA1_Init); - -int -SHA1_Update(SHA_CTX *c, const void *data_, size_t len) -{ - const unsigned char *data = data_; - unsigned char *p; - SHA_LONG l; - size_t n; - - if (len == 0) - return 1; - - l = (c->Nl + (((SHA_LONG)len) << 3))&0xffffffffUL; - /* 95-05-24 eay Fixed a bug with the overflow handling, thanks to - * Wei Dai for pointing it out. */ - if (l < c->Nl) /* overflow */ - c->Nh++; - c->Nh+=(SHA_LONG)(len>>29); /* might cause compiler warning on 16-bit */ - c->Nl = l; - - n = c->num; - if (n != 0) { - p = (unsigned char *)c->data; - - if (len >= SHA_CBLOCK || len + n >= SHA_CBLOCK) { - memcpy(p + n, data, SHA_CBLOCK - n); - sha1_block_data_order(c, p, 1); - n = SHA_CBLOCK - n; - data += n; - len -= n; - c->num = 0; - memset(p,0,SHA_CBLOCK); /* keep it zeroed */ - } else { - memcpy(p + n, data, len); - c->num += (unsigned int)len; - return 1; - } - } - - n = len/SHA_CBLOCK; - if (n > 0) { - sha1_block_data_order(c, data, n); - n *= SHA_CBLOCK; - data += n; - len -= n; - } - - if (len != 0) { - p = (unsigned char *)c->data; - c->num = (unsigned int)len; - memcpy(p, data, len); - } - return 1; -} -LCRYPTO_ALIAS(SHA1_Update); - -void -SHA1_Transform(SHA_CTX *c, const unsigned char *data) -{ - sha1_block_data_order(c, data, 1); -} -LCRYPTO_ALIAS(SHA1_Transform); - -int -SHA1_Final(unsigned char *md, SHA_CTX *c) -{ - unsigned char *p = (unsigned char *)c->data; - size_t n = c->num; - - p[n] = 0x80; /* there is always room for one */ - n++; - - if (n > (SHA_CBLOCK - 8)) { - memset(p + n, 0, SHA_CBLOCK - n); - n = 0; - sha1_block_data_order(c, p, 1); - } - - memset(p + n, 0, SHA_CBLOCK - 8 - n); - c->data[SHA_LBLOCK - 2] = htobe32(c->Nh); - c->data[SHA_LBLOCK - 1] = htobe32(c->Nl); - - sha1_block_data_order(c, p, 1); - c->num = 0; - memset(p, 0, SHA_CBLOCK); - - crypto_store_htobe32(&md[0 * 4], c->h0); - crypto_store_htobe32(&md[1 * 4], c->h1); - crypto_store_htobe32(&md[2 * 4], c->h2); - crypto_store_htobe32(&md[3 * 4], c->h3); - crypto_store_htobe32(&md[4 * 4], c->h4); - - return 1; -} -LCRYPTO_ALIAS(SHA1_Final); - -unsigned char * -SHA1(const unsigned char *d, size_t n, unsigned char *md) -{ - SHA_CTX c; - - if (!SHA1_Init(&c)) - return NULL; - SHA1_Update(&c, d, n); - SHA1_Final(md, &c); - - explicit_bzero(&c, sizeof(c)); - - return (md); -} -LCRYPTO_ALIAS(SHA1); - -#endif diff --git a/src/lib/libcrypto/sha/sha1_amd64.c b/src/lib/libcrypto/sha/sha1_amd64.c deleted file mode 100644 index 2976cc7e6e..0000000000 --- a/src/lib/libcrypto/sha/sha1_amd64.c +++ /dev/null @@ -1,34 +0,0 @@ -/* $OpenBSD: sha1_amd64.c,v 1.2 2024/12/06 11:57:18 jsing Exp $ */ -/* - * Copyright (c) 2024 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include "crypto_arch.h" - -void sha1_block_generic(SHA_CTX *ctx, const void *in, size_t num); -void sha1_block_shani(SHA_CTX *ctx, const void *in, size_t num); - -void -sha1_block_data_order(SHA_CTX *ctx, const void *in, size_t num) -{ - if ((crypto_cpu_caps_amd64 & CRYPTO_CPU_CAPS_AMD64_SHA) != 0) { - sha1_block_shani(ctx, in, num); - return; - } - - sha1_block_generic(ctx, in, num); -} diff --git a/src/lib/libcrypto/sha/sha1_amd64_generic.S b/src/lib/libcrypto/sha/sha1_amd64_generic.S deleted file mode 100644 index 38f49b0c3c..0000000000 --- a/src/lib/libcrypto/sha/sha1_amd64_generic.S +++ /dev/null @@ -1,314 +0,0 @@ -/* $OpenBSD: sha1_amd64_generic.S,v 1.2 2025/01/18 02:56:07 jsing Exp $ */ -/* - * Copyright (c) 2024 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifdef __CET__ -#include -#else -#define _CET_ENDBR -#endif - -#define ctx %rdi -#define in %rsi -#define num %rdx - -#define end %rbp - -#define hs0 %r8d -#define hs1 %r9d -#define hs2 %r10d -#define hs3 %r11d -#define hs4 %r12d - -#define tmp0 %eax -#define tmp1 %ebx -#define tmp2 %ecx -#define tmp3 %edx - -/* - * Load message into wt, storing a copy in the message schedule: - * - * Wt = Mt - */ -#define sha1_message_schedule_load(idx, m, w, wt) \ - movl ((idx&0xf)*4)(m), wt; \ - bswapl wt; \ - movl wt, ((idx&0xf)*4)(w); - -/* - * Update message schedule and return current value in wt: - * - * W0 = rol(W13 ^ W8 ^ W2 ^ W0, 1) - */ -#define sha1_message_schedule_update(idx, w, wt) \ - movl (((idx-3)&0xf)*4)(w), wt; /* W13 */ \ - xorl (((idx-8)&0xf)*4)(w), wt; /* W8 */ \ - xorl (((idx-14)&0xf)*4)(w), wt; /* W2 */ \ - xorl (((idx)&0xf)*4)(w), wt; /* W0 */ \ - roll $1, wt; \ - \ - movl wt, ((idx&0xf)*4)(w); - -/* - * Compute a SHA-1 round without logic function: - * - * T = rol(a, 5) + e + Kt + Wt - * - * The caller is required to compute the appropriate logic function - * (Ch, Maj, Parity) and add it to e. - * - * Upon completion b = rol(b, 30), e = T, pending rotation. - */ -#define sha1_round(a, b, c, d, e, kt, wt) \ - leal kt(wt, e, 1), e; /* Kt + Wt */ \ - \ - movl a, tmp1; /* rol(a, 5) */ \ - roll $5, tmp1; \ - addl tmp1, e; \ - \ - roll $30, b; /* rol(b, 30) */ - -/* - * Compute a SHA-1 round with Ch: - * - * T = rol(a, 5) + Ch(b, c, d) + e + Kt + Wt - * - * Ch(x, y, z) = (x & y) ^ (~x & z) = ((y ^ z) & x) ^ z - * - * Upon completion b = rol(b, 30), e = T, pending rotation. - */ -#define sha1_round_ch(a, b, c, d, e, kt, wt) \ - movl c, tmp2; /* Ch */ \ - xorl d, tmp2; /* Ch */ \ - andl b, tmp2; /* Ch */ \ - xorl d, tmp2; /* Ch */ \ - addl tmp2, e; /* Ch */ \ - \ - sha1_round(a, b, c, d, e, kt, wt); - -/* - * Compute a SHA-1 round with Parity: - * - * T = rol(a, 5) + Parity(b, c, d) + e + Kt + Wt - * - * Parity(x, y, z) = x ^ y ^ z - * - * Upon completion b = rol(b, 30), e = T, pending rotation. - */ -#define sha1_round_parity(a, b, c, d, e, kt, wt) \ - movl b, tmp2; /* Parity */ \ - xorl c, tmp2; /* Parity */ \ - xorl d, tmp2; /* Parity */ \ - addl tmp2, e; /* Parity */ \ - \ - sha1_round(a, b, c, d, e, kt, wt); - -/* - * Compute a SHA-1 round with Maj: - * - * T = rol(a, 5) + Maj(b, c, d) + e + Kt + Wt - * - * Maj(x, y, z) = (x & y) ^ (x & z) ^ (y & z) = ((y ^ z) & x) ^ (y & z) - * - * Upon completion b = rol(b, 30), e = T, pending rotation. - */ -#define sha1_round_maj(a, b, c, d, e, kt, wt) \ - movl c, tmp2; /* Maj */ \ - xorl d, tmp2; /* Maj */ \ - andl b, tmp2; /* Maj */ \ - movl c, tmp3; /* Maj */ \ - andl d, tmp3; /* Maj */ \ - xorl tmp2, tmp3; /* Maj */ \ - addl tmp3, e; /* Maj */ \ - \ - sha1_round(a, b, c, d, e, kt, wt); - -#define sha1_round1_load(idx, a, b, c, d, e) \ - sha1_message_schedule_load(idx, in, %rsp, tmp0) \ - sha1_round_ch(a, b, c, d, e, 0x5a827999, tmp0) - -#define sha1_round1_update(idx, a, b, c, d, e) \ - sha1_message_schedule_update(idx, %rsp, tmp0) \ - sha1_round_ch(a, b, c, d, e, 0x5a827999, tmp0) - -#define sha1_round2_update(idx, a, b, c, d, e) \ - sha1_message_schedule_update(idx, %rsp, tmp0) \ - sha1_round_parity(a, b, c, d, e, 0x6ed9eba1, tmp0) - -#define sha1_round3_update(idx, a, b, c, d, e) \ - sha1_message_schedule_update(idx, %rsp, tmp0) \ - sha1_round_maj(a, b, c, d, e, 0x8f1bbcdc, tmp0) - -#define sha1_round4_update(idx, a, b, c, d, e) \ - sha1_message_schedule_update(idx, %rsp, tmp0) \ - sha1_round_parity(a, b, c, d, e, 0xca62c1d6, tmp0) - -.text - -/* - * void sha1_block_generic(SHA1_CTX *ctx, const void *in, size_t num); - * - * Standard x86-64 ABI: rdi = ctx, rsi = in, rdx = num - */ -.align 16 -.globl sha1_block_generic -.type sha1_block_generic,@function -sha1_block_generic: - _CET_ENDBR - - /* Save callee save registers. */ - pushq %rbx - pushq %rbp - pushq %r12 - - /* Allocate space for message schedule. */ - movq %rsp, %rax - subq $(64+1*8), %rsp - andq $~63, %rsp - movq %rax, (64+0*8)(%rsp) - - /* Compute end of message. */ - shlq $6, num - leaq (in, num, 1), end - - /* Load current hash state from context. */ - movl (0*4)(ctx), hs0 - movl (1*4)(ctx), hs1 - movl (2*4)(ctx), hs2 - movl (3*4)(ctx), hs3 - movl (4*4)(ctx), hs4 - - jmp .Lblock_loop - -.align 16 -.Lblock_loop: - - /* Round 0 through 15. */ - sha1_round1_load(0, hs0, hs1, hs2, hs3, hs4) - sha1_round1_load(1, hs4, hs0, hs1, hs2, hs3) - sha1_round1_load(2, hs3, hs4, hs0, hs1, hs2) - sha1_round1_load(3, hs2, hs3, hs4, hs0, hs1) - sha1_round1_load(4, hs1, hs2, hs3, hs4, hs0) - sha1_round1_load(5, hs0, hs1, hs2, hs3, hs4) - sha1_round1_load(6, hs4, hs0, hs1, hs2, hs3) - sha1_round1_load(7, hs3, hs4, hs0, hs1, hs2) - sha1_round1_load(8, hs2, hs3, hs4, hs0, hs1) - sha1_round1_load(9, hs1, hs2, hs3, hs4, hs0) - sha1_round1_load(10, hs0, hs1, hs2, hs3, hs4) - sha1_round1_load(11, hs4, hs0, hs1, hs2, hs3) - sha1_round1_load(12, hs3, hs4, hs0, hs1, hs2) - sha1_round1_load(13, hs2, hs3, hs4, hs0, hs1) - sha1_round1_load(14, hs1, hs2, hs3, hs4, hs0) - sha1_round1_load(15, hs0, hs1, hs2, hs3, hs4) - - /* Round 16 through 31. */ - sha1_round1_update(16, hs4, hs0, hs1, hs2, hs3); - sha1_round1_update(17, hs3, hs4, hs0, hs1, hs2); - sha1_round1_update(18, hs2, hs3, hs4, hs0, hs1); - sha1_round1_update(19, hs1, hs2, hs3, hs4, hs0); - sha1_round2_update(20, hs0, hs1, hs2, hs3, hs4); - sha1_round2_update(21, hs4, hs0, hs1, hs2, hs3); - sha1_round2_update(22, hs3, hs4, hs0, hs1, hs2); - sha1_round2_update(23, hs2, hs3, hs4, hs0, hs1); - sha1_round2_update(24, hs1, hs2, hs3, hs4, hs0); - sha1_round2_update(25, hs0, hs1, hs2, hs3, hs4); - sha1_round2_update(26, hs4, hs0, hs1, hs2, hs3); - sha1_round2_update(27, hs3, hs4, hs0, hs1, hs2); - sha1_round2_update(28, hs2, hs3, hs4, hs0, hs1); - sha1_round2_update(29, hs1, hs2, hs3, hs4, hs0); - sha1_round2_update(30, hs0, hs1, hs2, hs3, hs4); - sha1_round2_update(31, hs4, hs0, hs1, hs2, hs3); - - /* Round 32 through 47. */ - sha1_round2_update(32, hs3, hs4, hs0, hs1, hs2); - sha1_round2_update(33, hs2, hs3, hs4, hs0, hs1); - sha1_round2_update(34, hs1, hs2, hs3, hs4, hs0); - sha1_round2_update(35, hs0, hs1, hs2, hs3, hs4); - sha1_round2_update(36, hs4, hs0, hs1, hs2, hs3); - sha1_round2_update(37, hs3, hs4, hs0, hs1, hs2); - sha1_round2_update(38, hs2, hs3, hs4, hs0, hs1); - sha1_round2_update(39, hs1, hs2, hs3, hs4, hs0); - sha1_round3_update(40, hs0, hs1, hs2, hs3, hs4); - sha1_round3_update(41, hs4, hs0, hs1, hs2, hs3); - sha1_round3_update(42, hs3, hs4, hs0, hs1, hs2); - sha1_round3_update(43, hs2, hs3, hs4, hs0, hs1); - sha1_round3_update(44, hs1, hs2, hs3, hs4, hs0); - sha1_round3_update(45, hs0, hs1, hs2, hs3, hs4); - sha1_round3_update(46, hs4, hs0, hs1, hs2, hs3); - sha1_round3_update(47, hs3, hs4, hs0, hs1, hs2); - - /* Round 48 through 63. */ - sha1_round3_update(48, hs2, hs3, hs4, hs0, hs1); - sha1_round3_update(49, hs1, hs2, hs3, hs4, hs0); - sha1_round3_update(50, hs0, hs1, hs2, hs3, hs4); - sha1_round3_update(51, hs4, hs0, hs1, hs2, hs3); - sha1_round3_update(52, hs3, hs4, hs0, hs1, hs2); - sha1_round3_update(53, hs2, hs3, hs4, hs0, hs1); - sha1_round3_update(54, hs1, hs2, hs3, hs4, hs0); - sha1_round3_update(55, hs0, hs1, hs2, hs3, hs4); - sha1_round3_update(56, hs4, hs0, hs1, hs2, hs3); - sha1_round3_update(57, hs3, hs4, hs0, hs1, hs2); - sha1_round3_update(58, hs2, hs3, hs4, hs0, hs1); - sha1_round3_update(59, hs1, hs2, hs3, hs4, hs0); - sha1_round4_update(60, hs0, hs1, hs2, hs3, hs4); - sha1_round4_update(61, hs4, hs0, hs1, hs2, hs3); - sha1_round4_update(62, hs3, hs4, hs0, hs1, hs2); - sha1_round4_update(63, hs2, hs3, hs4, hs0, hs1); - - /* Round 64 through 79. */ - sha1_round4_update(64, hs1, hs2, hs3, hs4, hs0); - sha1_round4_update(65, hs0, hs1, hs2, hs3, hs4); - sha1_round4_update(66, hs4, hs0, hs1, hs2, hs3); - sha1_round4_update(67, hs3, hs4, hs0, hs1, hs2); - sha1_round4_update(68, hs2, hs3, hs4, hs0, hs1); - sha1_round4_update(69, hs1, hs2, hs3, hs4, hs0); - sha1_round4_update(70, hs0, hs1, hs2, hs3, hs4); - sha1_round4_update(71, hs4, hs0, hs1, hs2, hs3); - sha1_round4_update(72, hs3, hs4, hs0, hs1, hs2); - sha1_round4_update(73, hs2, hs3, hs4, hs0, hs1); - sha1_round4_update(74, hs1, hs2, hs3, hs4, hs0); - sha1_round4_update(75, hs0, hs1, hs2, hs3, hs4); - sha1_round4_update(76, hs4, hs0, hs1, hs2, hs3); - sha1_round4_update(77, hs3, hs4, hs0, hs1, hs2); - sha1_round4_update(78, hs2, hs3, hs4, hs0, hs1); - sha1_round4_update(79, hs1, hs2, hs3, hs4, hs0); - - /* Add intermediate state to hash state. */ - addl (0*4)(ctx), hs0 - addl (1*4)(ctx), hs1 - addl (2*4)(ctx), hs2 - addl (3*4)(ctx), hs3 - addl (4*4)(ctx), hs4 - - /* Store new hash state to context. */ - movl hs0, (0*4)(ctx) - movl hs1, (1*4)(ctx) - movl hs2, (2*4)(ctx) - movl hs3, (3*4)(ctx) - movl hs4, (4*4)(ctx) - - addq $64, in - cmpq end, in - jb .Lblock_loop - - movq (64+0*8)(%rsp), %rsp - - /* Restore callee save registers. */ - popq %r12 - popq %rbp - popq %rbx - - ret diff --git a/src/lib/libcrypto/sha/sha1_amd64_shani.S b/src/lib/libcrypto/sha/sha1_amd64_shani.S deleted file mode 100644 index d7699d10f1..0000000000 --- a/src/lib/libcrypto/sha/sha1_amd64_shani.S +++ /dev/null @@ -1,170 +0,0 @@ -/* $OpenBSD: sha1_amd64_shani.S,v 1.1 2024/12/06 11:57:18 jsing Exp $ */ -/* - * Copyright (c) 2024 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifdef __CET__ -#include -#else -#define _CET_ENDBR -#endif - -/* - * SHA-1 implementation using the Intel SHA extensions: - * - * https://www.intel.com/content/www/us/en/developer/articles/technical/intel-sha-extensions.html - */ - -#define ctx %rdi -#define in %rsi -#define num %rdx - -#define end %rbx - -#define xabcd_save %xmm0 -#define xe_save %xmm1 - -#define xabcd %xmm2 -#define xe0 %xmm3 -#define xe1 %xmm4 - -#define xmsg0 %xmm5 -#define xmsg1 %xmm6 -#define xmsg2 %xmm7 -#define xmsg3 %xmm8 - -#define xshufmask %xmm9 - - -#define sha1_message_schedule_load(idx, m, xmsg) \ - movdqu (idx*16)(m), xmsg; \ - pshufb xshufmask, xmsg; - -#define sha1_message_schedule_update(xm0, xm1, xm2, xm3) \ - sha1msg1 xm1, xm0; \ - pxor xm2, xm0; \ - sha1msg2 xm3, xm0; - -#define sha1_shani_round(fn, xmsg, xe, xe_next) \ - sha1nexte xmsg, xe; \ - movdqa xabcd, xe_next; \ - sha1rnds4 fn, xe, xabcd; - -#define sha1_shani_round_load(fn, idx, m, xmsg, xe, xe_next) \ - sha1_message_schedule_load(idx, m, xmsg); \ - sha1_shani_round(fn, xmsg, xe, xe_next); - -#define sha1_shani_round_update(fn, xm0, xm1, xm2, xm3, xe, xe_next) \ - sha1_message_schedule_update(xm0, xm1, xm2, xm3); \ - sha1_shani_round(fn, xm0, xe, xe_next); - - -.text - -/* - * void sha1_block_shani(SHA256_CTX *ctx, const void *in, size_t num); - * - * Standard x86-64 ABI: rdi = ctx, rsi = in, rdx = num - */ -.align 16 -.globl sha1_block_shani -.type sha1_block_shani,@function -sha1_block_shani: - _CET_ENDBR - - /* Save callee save registers. */ - pushq %rbx - - /* Compute end of message. */ - shlq $6, num - leaq (in, num, 1), end - - /* Load endian shuffle mask. */ - movdqa shufmask(%rip), xshufmask - - /* Load current hash state from context. */ - movdqu (0*16)(ctx), xabcd - pshufd $0x1b, xabcd, xabcd /* dcba -> abcd */ - pxor xe0, xe0 - pinsrd $3, (1*16)(ctx), xe0 /* e */ - - jmp .Lshani_block_loop - -.align 16 -.Lshani_block_loop: - /* Save state for accumulation. */ - movdqa xabcd, xabcd_save - movdqa xe0, xe_save - - /* Rounds 0 through 15 (four rounds at a time). */ - sha1_message_schedule_load(0, in, xmsg0); - paddd xmsg0, xe0 - movdqa xabcd, xe1 - sha1rnds4 $0, xe0, xabcd - - sha1_shani_round_load($0, 1, in, xmsg1, xe1, xe0); - sha1_shani_round_load($0, 2, in, xmsg2, xe0, xe1); - sha1_shani_round_load($0, 3, in, xmsg3, xe1, xe0); - - /* Rounds 16 through 79 (four rounds at a time). */ - sha1_shani_round_update($0, xmsg0, xmsg1, xmsg2, xmsg3, xe0, xe1) - sha1_shani_round_update($1, xmsg1, xmsg2, xmsg3, xmsg0, xe1, xe0) - sha1_shani_round_update($1, xmsg2, xmsg3, xmsg0, xmsg1, xe0, xe1) - sha1_shani_round_update($1, xmsg3, xmsg0, xmsg1, xmsg2, xe1, xe0) - - sha1_shani_round_update($1, xmsg0, xmsg1, xmsg2, xmsg3, xe0, xe1) - sha1_shani_round_update($1, xmsg1, xmsg2, xmsg3, xmsg0, xe1, xe0) - sha1_shani_round_update($2, xmsg2, xmsg3, xmsg0, xmsg1, xe0, xe1) - sha1_shani_round_update($2, xmsg3, xmsg0, xmsg1, xmsg2, xe1, xe0) - - sha1_shani_round_update($2, xmsg0, xmsg1, xmsg2, xmsg3, xe0, xe1) - sha1_shani_round_update($2, xmsg1, xmsg2, xmsg3, xmsg0, xe1, xe0) - sha1_shani_round_update($2, xmsg2, xmsg3, xmsg0, xmsg1, xe0, xe1) - sha1_shani_round_update($3, xmsg3, xmsg0, xmsg1, xmsg2, xe1, xe0) - - sha1_shani_round_update($3, xmsg0, xmsg1, xmsg2, xmsg3, xe0, xe1) - sha1_shani_round_update($3, xmsg1, xmsg2, xmsg3, xmsg0, xe1, xe0) - sha1_shani_round_update($3, xmsg2, xmsg3, xmsg0, xmsg1, xe0, xe1) - sha1_shani_round_update($3, xmsg3, xmsg0, xmsg1, xmsg2, xe1, xe0) - - /* Accumulate hash state. */ - paddd xabcd_save, xabcd - sha1nexte xe_save, xe0 - - addq $64, in - cmpq end, in - jb .Lshani_block_loop - - /* Update stored hash context. */ - pshufd $0x1b, xabcd, xabcd /* abcd -> dcba */ - movdqu xabcd, (0*16)(ctx) - pextrd $3, xe0, (1*16)(ctx) /* e */ - - /* Restore callee save registers. */ - popq %rbx - - ret - -.rodata - -/* - * Shuffle mask - byte reversal for little endian to big endian word conversion, - * and reordering to abcd. - */ -.align 16 -.type shufmask,@object -shufmask: -.octa 0x000102030405060708090a0b0c0d0e0f -.size shufmask,.-shufmask diff --git a/src/lib/libcrypto/sha/sha256.c b/src/lib/libcrypto/sha/sha256.c deleted file mode 100644 index 5d002ca62c..0000000000 --- a/src/lib/libcrypto/sha/sha256.c +++ /dev/null @@ -1,496 +0,0 @@ -/* $OpenBSD: sha256.c,v 1.33 2025/02/14 12:01:58 jsing Exp $ */ -/* ==================================================================== - * Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - */ - -#include -#include -#include - -#include - -#include -#include - -#include "crypto_internal.h" - -#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256) - -/* Ensure that SHA_LONG and uint32_t are equivalent. */ -CTASSERT(sizeof(SHA_LONG) == sizeof(uint32_t)); - -void sha256_block_data_order(SHA256_CTX *ctx, const void *_in, size_t num); -void sha256_block_generic(SHA256_CTX *ctx, const void *_in, size_t num); - -#ifndef HAVE_SHA256_BLOCK_GENERIC -static const SHA_LONG K256[64] = { - 0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, - 0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, - 0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL, - 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL, 0xc19bf174UL, - 0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL, - 0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL, - 0x983e5152UL, 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL, - 0xc6e00bf3UL, 0xd5a79147UL, 0x06ca6351UL, 0x14292967UL, - 0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL, 0x53380d13UL, - 0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL, - 0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL, - 0xd192e819UL, 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL, - 0x19a4c116UL, 0x1e376c08UL, 0x2748774cUL, 0x34b0bcb5UL, - 0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL, 0x682e6ff3UL, - 0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL, - 0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL, -}; - -static inline SHA_LONG -Sigma0(SHA_LONG x) -{ - return crypto_ror_u32(x, 2) ^ crypto_ror_u32(x, 13) ^ - crypto_ror_u32(x, 22); -} - -static inline SHA_LONG -Sigma1(SHA_LONG x) -{ - return crypto_ror_u32(x, 6) ^ crypto_ror_u32(x, 11) ^ - crypto_ror_u32(x, 25); -} - -static inline SHA_LONG -sigma0(SHA_LONG x) -{ - return crypto_ror_u32(x, 7) ^ crypto_ror_u32(x, 18) ^ (x >> 3); -} - -static inline SHA_LONG -sigma1(SHA_LONG x) -{ - return crypto_ror_u32(x, 17) ^ crypto_ror_u32(x, 19) ^ (x >> 10); -} - -static inline SHA_LONG -Ch(SHA_LONG x, SHA_LONG y, SHA_LONG z) -{ - return (x & y) ^ (~x & z); -} - -static inline SHA_LONG -Maj(SHA_LONG x, SHA_LONG y, SHA_LONG z) -{ - return (x & y) ^ (x & z) ^ (y & z); -} - -static inline void -sha256_msg_schedule_update(SHA_LONG *W0, SHA_LONG W1, SHA_LONG W9, SHA_LONG W14) -{ - *W0 = sigma1(W14) + W9 + sigma0(W1) + *W0; -} - -static inline void -sha256_round(SHA_LONG *a, SHA_LONG *b, SHA_LONG *c, SHA_LONG *d, SHA_LONG *e, - SHA_LONG *f, SHA_LONG *g, SHA_LONG *h, SHA_LONG Kt, SHA_LONG Wt) -{ - SHA_LONG T1, T2; - - T1 = *h + Sigma1(*e) + Ch(*e, *f, *g) + Kt + Wt; - T2 = Sigma0(*a) + Maj(*a, *b, *c); - - *h = *g; - *g = *f; - *f = *e; - *e = *d + T1; - *d = *c; - *c = *b; - *b = *a; - *a = T1 + T2; -} - -void -sha256_block_generic(SHA256_CTX *ctx, const void *_in, size_t num) -{ - const uint8_t *in = _in; - const SHA_LONG *in32; - SHA_LONG a, b, c, d, e, f, g, h; - SHA_LONG X[16]; - int i; - - while (num--) { - a = ctx->h[0]; - b = ctx->h[1]; - c = ctx->h[2]; - d = ctx->h[3]; - e = ctx->h[4]; - f = ctx->h[5]; - g = ctx->h[6]; - h = ctx->h[7]; - - if ((size_t)in % 4 == 0) { - /* Input is 32 bit aligned. */ - in32 = (const SHA_LONG *)in; - X[0] = be32toh(in32[0]); - X[1] = be32toh(in32[1]); - X[2] = be32toh(in32[2]); - X[3] = be32toh(in32[3]); - X[4] = be32toh(in32[4]); - X[5] = be32toh(in32[5]); - X[6] = be32toh(in32[6]); - X[7] = be32toh(in32[7]); - X[8] = be32toh(in32[8]); - X[9] = be32toh(in32[9]); - X[10] = be32toh(in32[10]); - X[11] = be32toh(in32[11]); - X[12] = be32toh(in32[12]); - X[13] = be32toh(in32[13]); - X[14] = be32toh(in32[14]); - X[15] = be32toh(in32[15]); - } else { - /* Input is not 32 bit aligned. */ - X[0] = crypto_load_be32toh(&in[0 * 4]); - X[1] = crypto_load_be32toh(&in[1 * 4]); - X[2] = crypto_load_be32toh(&in[2 * 4]); - X[3] = crypto_load_be32toh(&in[3 * 4]); - X[4] = crypto_load_be32toh(&in[4 * 4]); - X[5] = crypto_load_be32toh(&in[5 * 4]); - X[6] = crypto_load_be32toh(&in[6 * 4]); - X[7] = crypto_load_be32toh(&in[7 * 4]); - X[8] = crypto_load_be32toh(&in[8 * 4]); - X[9] = crypto_load_be32toh(&in[9 * 4]); - X[10] = crypto_load_be32toh(&in[10 * 4]); - X[11] = crypto_load_be32toh(&in[11 * 4]); - X[12] = crypto_load_be32toh(&in[12 * 4]); - X[13] = crypto_load_be32toh(&in[13 * 4]); - X[14] = crypto_load_be32toh(&in[14 * 4]); - X[15] = crypto_load_be32toh(&in[15 * 4]); - } - in += SHA256_CBLOCK; - - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[0], X[0]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[1], X[1]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[2], X[2]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[3], X[3]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[4], X[4]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[5], X[5]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[6], X[6]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[7], X[7]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[8], X[8]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[9], X[9]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[10], X[10]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[11], X[11]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[12], X[12]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[13], X[13]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[14], X[14]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[15], X[15]); - - for (i = 16; i < 64; i += 16) { - sha256_msg_schedule_update(&X[0], X[1], X[9], X[14]); - sha256_msg_schedule_update(&X[1], X[2], X[10], X[15]); - sha256_msg_schedule_update(&X[2], X[3], X[11], X[0]); - sha256_msg_schedule_update(&X[3], X[4], X[12], X[1]); - sha256_msg_schedule_update(&X[4], X[5], X[13], X[2]); - sha256_msg_schedule_update(&X[5], X[6], X[14], X[3]); - sha256_msg_schedule_update(&X[6], X[7], X[15], X[4]); - sha256_msg_schedule_update(&X[7], X[8], X[0], X[5]); - sha256_msg_schedule_update(&X[8], X[9], X[1], X[6]); - sha256_msg_schedule_update(&X[9], X[10], X[2], X[7]); - sha256_msg_schedule_update(&X[10], X[11], X[3], X[8]); - sha256_msg_schedule_update(&X[11], X[12], X[4], X[9]); - sha256_msg_schedule_update(&X[12], X[13], X[5], X[10]); - sha256_msg_schedule_update(&X[13], X[14], X[6], X[11]); - sha256_msg_schedule_update(&X[14], X[15], X[7], X[12]); - sha256_msg_schedule_update(&X[15], X[0], X[8], X[13]); - - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[i + 0], X[0]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[i + 1], X[1]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[i + 2], X[2]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[i + 3], X[3]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[i + 4], X[4]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[i + 5], X[5]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[i + 6], X[6]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[i + 7], X[7]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[i + 8], X[8]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[i + 9], X[9]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[i + 10], X[10]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[i + 11], X[11]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[i + 12], X[12]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[i + 13], X[13]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[i + 14], X[14]); - sha256_round(&a, &b, &c, &d, &e, &f, &g, &h, K256[i + 15], X[15]); - } - - ctx->h[0] += a; - ctx->h[1] += b; - ctx->h[2] += c; - ctx->h[3] += d; - ctx->h[4] += e; - ctx->h[5] += f; - ctx->h[6] += g; - ctx->h[7] += h; - } -} -#endif - -#ifndef HAVE_SHA256_BLOCK_DATA_ORDER -void -sha256_block_data_order(SHA256_CTX *ctx, const void *_in, size_t num) -{ - sha256_block_generic(ctx, _in, num); -} -#endif - -int -SHA224_Init(SHA256_CTX *c) -{ - memset(c, 0, sizeof(*c)); - - c->h[0] = 0xc1059ed8UL; - c->h[1] = 0x367cd507UL; - c->h[2] = 0x3070dd17UL; - c->h[3] = 0xf70e5939UL; - c->h[4] = 0xffc00b31UL; - c->h[5] = 0x68581511UL; - c->h[6] = 0x64f98fa7UL; - c->h[7] = 0xbefa4fa4UL; - - c->md_len = SHA224_DIGEST_LENGTH; - - return 1; -} -LCRYPTO_ALIAS(SHA224_Init); - -int -SHA224_Update(SHA256_CTX *c, const void *data, size_t len) -{ - return SHA256_Update(c, data, len); -} -LCRYPTO_ALIAS(SHA224_Update); - -int -SHA224_Final(unsigned char *md, SHA256_CTX *c) -{ - return SHA256_Final(md, c); -} -LCRYPTO_ALIAS(SHA224_Final); - -unsigned char * -SHA224(const unsigned char *d, size_t n, unsigned char *md) -{ - SHA256_CTX c; - - SHA224_Init(&c); - SHA256_Update(&c, d, n); - SHA256_Final(md, &c); - - explicit_bzero(&c, sizeof(c)); - - return (md); -} -LCRYPTO_ALIAS(SHA224); - -int -SHA256_Init(SHA256_CTX *c) -{ - memset(c, 0, sizeof(*c)); - - c->h[0] = 0x6a09e667UL; - c->h[1] = 0xbb67ae85UL; - c->h[2] = 0x3c6ef372UL; - c->h[3] = 0xa54ff53aUL; - c->h[4] = 0x510e527fUL; - c->h[5] = 0x9b05688cUL; - c->h[6] = 0x1f83d9abUL; - c->h[7] = 0x5be0cd19UL; - - c->md_len = SHA256_DIGEST_LENGTH; - - return 1; -} -LCRYPTO_ALIAS(SHA256_Init); - -int -SHA256_Update(SHA256_CTX *c, const void *data_, size_t len) -{ - const unsigned char *data = data_; - unsigned char *p; - SHA_LONG l; - size_t n; - - if (len == 0) - return 1; - - l = (c->Nl + (((SHA_LONG)len) << 3)) & 0xffffffffUL; - /* 95-05-24 eay Fixed a bug with the overflow handling, thanks to - * Wei Dai for pointing it out. */ - if (l < c->Nl) /* overflow */ - c->Nh++; - c->Nh += (SHA_LONG)(len >> 29); /* might cause compiler warning on 16-bit */ - c->Nl = l; - - n = c->num; - if (n != 0) { - p = (unsigned char *)c->data; - - if (len >= SHA_CBLOCK || len + n >= SHA_CBLOCK) { - memcpy(p + n, data, SHA_CBLOCK - n); - sha256_block_data_order(c, p, 1); - n = SHA_CBLOCK - n; - data += n; - len -= n; - c->num = 0; - memset(p, 0, SHA_CBLOCK); /* keep it zeroed */ - } else { - memcpy(p + n, data, len); - c->num += (unsigned int)len; - return 1; - } - } - - n = len/SHA_CBLOCK; - if (n > 0) { - sha256_block_data_order(c, data, n); - n *= SHA_CBLOCK; - data += n; - len -= n; - } - - if (len != 0) { - p = (unsigned char *)c->data; - c->num = (unsigned int)len; - memcpy(p, data, len); - } - return 1; -} -LCRYPTO_ALIAS(SHA256_Update); - -void -SHA256_Transform(SHA256_CTX *c, const unsigned char *data) -{ - sha256_block_data_order(c, data, 1); -} -LCRYPTO_ALIAS(SHA256_Transform); - -int -SHA256_Final(unsigned char *md, SHA256_CTX *c) -{ - unsigned char *p = (unsigned char *)c->data; - size_t n = c->num; - unsigned int nn; - - p[n] = 0x80; /* there is always room for one */ - n++; - - if (n > (SHA_CBLOCK - 8)) { - memset(p + n, 0, SHA_CBLOCK - n); - n = 0; - sha256_block_data_order(c, p, 1); - } - - memset(p + n, 0, SHA_CBLOCK - 8 - n); - c->data[SHA_LBLOCK - 2] = htobe32(c->Nh); - c->data[SHA_LBLOCK - 1] = htobe32(c->Nl); - - sha256_block_data_order(c, p, 1); - c->num = 0; - memset(p, 0, SHA_CBLOCK); - - /* - * Note that FIPS180-2 discusses "Truncation of the Hash Function Output." - * default: case below covers for it. It's not clear however if it's - * permitted to truncate to amount of bytes not divisible by 4. I bet not, - * but if it is, then default: case shall be extended. For reference. - * Idea behind separate cases for pre-defined lengths is to let the - * compiler decide if it's appropriate to unroll small loops. - */ - switch (c->md_len) { - case SHA224_DIGEST_LENGTH: - for (nn = 0; nn < SHA224_DIGEST_LENGTH / 4; nn++) { - crypto_store_htobe32(md, c->h[nn]); - md += 4; - } - break; - - case SHA256_DIGEST_LENGTH: - for (nn = 0; nn < SHA256_DIGEST_LENGTH / 4; nn++) { - crypto_store_htobe32(md, c->h[nn]); - md += 4; - } - break; - - default: - if (c->md_len > SHA256_DIGEST_LENGTH) - return 0; - for (nn = 0; nn < c->md_len / 4; nn++) { - crypto_store_htobe32(md, c->h[nn]); - md += 4; - } - break; - } - - return 1; -} -LCRYPTO_ALIAS(SHA256_Final); - -unsigned char * -SHA256(const unsigned char *d, size_t n, unsigned char *md) -{ - SHA256_CTX c; - - SHA256_Init(&c); - SHA256_Update(&c, d, n); - SHA256_Final(md, &c); - - explicit_bzero(&c, sizeof(c)); - - return (md); -} -LCRYPTO_ALIAS(SHA256); - -#endif /* OPENSSL_NO_SHA256 */ diff --git a/src/lib/libcrypto/sha/sha256_aarch64.c b/src/lib/libcrypto/sha/sha256_aarch64.c deleted file mode 100644 index ecac64390d..0000000000 --- a/src/lib/libcrypto/sha/sha256_aarch64.c +++ /dev/null @@ -1,34 +0,0 @@ -/* $OpenBSD: sha256_aarch64.c,v 1.1 2025/03/07 14:21:22 jsing Exp $ */ -/* - * Copyright (c) 2025 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include "crypto_arch.h" - -void sha256_block_ce(SHA256_CTX *ctx, const void *in, size_t num); -void sha256_block_generic(SHA256_CTX *ctx, const void *in, size_t num); - -void -sha256_block_data_order(SHA256_CTX *ctx, const void *in, size_t num) -{ - if ((crypto_cpu_caps_aarch64 & CRYPTO_CPU_CAPS_AARCH64_SHA2) != 0) { - sha256_block_ce(ctx, in, num); - return; - } - - sha256_block_generic(ctx, in, num); -} diff --git a/src/lib/libcrypto/sha/sha256_aarch64_ce.S b/src/lib/libcrypto/sha/sha256_aarch64_ce.S deleted file mode 100644 index 15726827e6..0000000000 --- a/src/lib/libcrypto/sha/sha256_aarch64_ce.S +++ /dev/null @@ -1,189 +0,0 @@ -/* $OpenBSD: sha256_aarch64_ce.S,v 1.2 2025/03/12 12:53:33 jsing Exp $ */ -/* - * Copyright (c) 2023,2025 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * SHA-256 implementation using the ARM Cryptographic Extension (CE). - * - * There are four instructions that enable hardware acceleration of SHA-256, - * however the documentation for these is woefully inadequate: - * - * sha256h: hash update - part 1 (without a number to be inconsistent) - * sha256h2: hash update - part 2 - * sha256su0: message schedule update with sigma0 for four rounds - * sha256su1: message schedule update with sigma1 for four rounds - */ - -#define ctx x0 -#define in x1 -#define num x2 - -#define k256_base x9 -#define k256 x10 - -/* Note: the lower 64 bits of v8 through v15 are callee save. */ - -#define hc0 v16 -#define hc1 v17 - -#define hs0 v18 -#define hs1 v19 - -#define w0 v20 -#define w1 v21 -#define w2 v22 -#define w3 v23 - -#define k0 v24 -#define k1 v25 -#define k2 v26 -#define k3 v27 - -#define tmp0 v28 -#define tmp1 v29 - -/* - * Update message schedule for m0 (W0:W1:W2:W3), using m1 (W4:W5:W6:W7), - * m2 (W8:W9:W10:11) and m3 (W12:W13:W14:W15). The sha256su0 instruction - * computes the sigma0 component of the message schedule update as: - * W0:W1:W2:W3 = sigma0(W1:W2:W3:W4) + W0:W1:W2:W3 - * while sha256su1 computes the sigma1 component and adds in W9 as: - * W0:W1:W2:W3 = sigma1(W14:W15:W0:W1) + W9:W10:W12:W13 + W0:W1:W2:W3 - */ -#define sha256_message_schedule_update(m0, m1, m2, m3) \ - sha256su0 m0.4s, m1.4s; \ - sha256su1 m0.4s, m2.4s, m3.4s; - -/* - * Compute four SHA-256 rounds by adding W0:W1:W2:W3 + K0:K1:K2:K3, then - * computing the remainder of each round (including the shuffle) via - * sha256h/sha256h2. - */ -#define sha256_round(h0, h1, w, k) \ - add tmp0.4s, w.4s, k.4s; /* Tt = Wt + Kt */ \ - mov tmp1.4s, h0.4s; \ - sha256h h0, h1, tmp0.4s; \ - sha256h2 h1, tmp1, tmp0.4s; - -#define sha256_round_update(h0, h1, m0, m1, m2, m3, k) \ - sha256_message_schedule_update(m0, m1, m2, m3) \ - sha256_round(h0, h1, m0, k) - -.arch armv8-a+sha2 - -.text - -/* - * void sha256_block_ce(SHA256_CTX *ctx, const void *in, size_t num); - * - * Standard ARM ABI: x0 = ctx, x1 = in, x2 = num - */ -.globl sha256_block_ce -.type sha256_block_ce,@function -sha256_block_ce: - - /* Address of SHA-256 constants. */ - adrp k256_base, K256 - add k256_base, k256_base, :lo12:K256 - - /* - * Load current hash state from context. - * hc0 = a:b:c:d, hc1 = e:f:g:h - */ - ld1 {hc0.4s, hc1.4s}, [ctx] - -block_loop: - mov k256, k256_base - - /* Copy current hash state. */ - mov hs0.4s, hc0.4s - mov hs1.4s, hc1.4s - - /* Load and byte swap message schedule. */ - ld1 {w0.16b, w1.16b, w2.16b, w3.16b}, [in], #64 - rev32 w0.16b, w0.16b - rev32 w1.16b, w1.16b - rev32 w2.16b, w2.16b - rev32 w3.16b, w3.16b - - /* Rounds 0 through 15 (four rounds at a time). */ - ld1 {k0.4s, k1.4s, k2.4s, k3.4s}, [k256], #64 - - sha256_round(hs0, hs1, w0, k0) - sha256_round(hs0, hs1, w1, k1) - sha256_round(hs0, hs1, w2, k2) - sha256_round(hs0, hs1, w3, k3) - - /* Rounds 16 through 31 (four rounds at a time). */ - ld1 {k0.4s, k1.4s, k2.4s, k3.4s}, [k256], #64 - - sha256_round_update(hs0, hs1, w0, w1, w2, w3, k0) - sha256_round_update(hs0, hs1, w1, w2, w3, w0, k1) - sha256_round_update(hs0, hs1, w2, w3, w0, w1, k2) - sha256_round_update(hs0, hs1, w3, w0, w1, w2, k3) - - /* Rounds 32 through 47 (four rounds at a time). */ - ld1 {k0.4s, k1.4s, k2.4s, k3.4s}, [k256], #64 - - sha256_round_update(hs0, hs1, w0, w1, w2, w3, k0) - sha256_round_update(hs0, hs1, w1, w2, w3, w0, k1) - sha256_round_update(hs0, hs1, w2, w3, w0, w1, k2) - sha256_round_update(hs0, hs1, w3, w0, w1, w2, k3) - - /* Rounds 48 through 63 (four rounds at a time). */ - ld1 {k0.4s, k1.4s, k2.4s, k3.4s}, [k256], #64 - - sha256_round_update(hs0, hs1, w0, w1, w2, w3, k0) - sha256_round_update(hs0, hs1, w1, w2, w3, w0, k1) - sha256_round_update(hs0, hs1, w2, w3, w0, w1, k2) - sha256_round_update(hs0, hs1, w3, w0, w1, w2, k3) - - /* Add intermediate state to hash state. */ - add hc0.4s, hc0.4s, hs0.4s - add hc1.4s, hc1.4s, hs1.4s - - sub num, num, #1 - cbnz num, block_loop - - /* Store hash state to context. */ - st1 {hc0.4s, hc1.4s}, [ctx] - - ret - -/* - * SHA-256 constants - see FIPS 180-4 section 4.2.3. - */ -.rodata -.align 4 -.type K256,@object -K256: -.long 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5 -.long 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5 -.long 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3 -.long 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174 -.long 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc -.long 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da -.long 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7 -.long 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967 -.long 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13 -.long 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85 -.long 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3 -.long 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070 -.long 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5 -.long 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3 -.long 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208 -.long 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 -.size K256,.-K256 diff --git a/src/lib/libcrypto/sha/sha256_amd64.c b/src/lib/libcrypto/sha/sha256_amd64.c deleted file mode 100644 index 6c5d3e897f..0000000000 --- a/src/lib/libcrypto/sha/sha256_amd64.c +++ /dev/null @@ -1,34 +0,0 @@ -/* $OpenBSD: sha256_amd64.c,v 1.2 2024/11/16 15:31:36 jsing Exp $ */ -/* - * Copyright (c) 2024 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include "crypto_arch.h" - -void sha256_block_generic(SHA256_CTX *ctx, const void *in, size_t num); -void sha256_block_shani(SHA256_CTX *ctx, const void *in, size_t num); - -void -sha256_block_data_order(SHA256_CTX *ctx, const void *in, size_t num) -{ - if ((crypto_cpu_caps_amd64 & CRYPTO_CPU_CAPS_AMD64_SHA) != 0) { - sha256_block_shani(ctx, in, num); - return; - } - - sha256_block_generic(ctx, in, num); -} diff --git a/src/lib/libcrypto/sha/sha256_amd64_generic.S b/src/lib/libcrypto/sha/sha256_amd64_generic.S deleted file mode 100644 index 166bce9ca8..0000000000 --- a/src/lib/libcrypto/sha/sha256_amd64_generic.S +++ /dev/null @@ -1,302 +0,0 @@ -/* $OpenBSD: sha256_amd64_generic.S,v 1.3 2024/11/16 12:34:16 jsing Exp $ */ -/* - * Copyright (c) 2024 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifdef __CET__ -#include -#else -#define _CET_ENDBR -#endif - -#define ctx %rdi -#define in %rsi -#define num %rdx - -#define round %rdi - -#define hs0 %r8d -#define hs1 %r9d -#define hs2 %r10d -#define hs3 %r11d -#define hs4 %r12d -#define hs5 %r13d -#define hs6 %r14d -#define hs7 %r15d - -#define k256 %rbp - -#define tmp0 %eax -#define tmp1 %ebx -#define tmp2 %ecx -#define tmp3 %edx - -/* - * Load message into wt, storing a copy in the message schedule: - * - * Wt = Mt - */ -#define sha256_message_schedule_load(idx, m, w, wt) \ - movl (m, round, 4), wt; \ - bswapl wt; \ - movl wt, ((idx&0xf)*4)(w); - -/* - * Update message schedule and return current value in wt: - * - * Wt = sigma1(W(t-2)) + W(t-7) + sigma0(W(t-15)) + W(t-16) - * - * sigma0(x) = ror(x, 7) ^ ror(x, 18) ^ (x >> 3) - * sigma1(x) = ror(x, 17) ^ ror(x, 19) ^ (x >> 10) - */ -#define sha256_message_schedule_update(idx, w, wt) \ - movl (((idx-2)&0xf)*4)(w), wt; /* sigma1 */ \ - movl wt, tmp1; /* sigma1 */ \ - rorl $(19-17), tmp1; /* sigma1 */ \ - xorl wt, tmp1; /* sigma1 */ \ - rorl $17, tmp1; /* sigma1 */ \ - shrl $10, wt; /* sigma1 */ \ - xorl tmp1, wt; /* sigma1 */ \ - \ - addl (((idx-7)&0xf)*4)(w), wt; /* Wt-7 */ \ - addl (((idx-16)&0xf)*4)(w), wt; /* Wt-16 */ \ - \ - movl (((idx-15)&0xf)*4)(w), tmp2; /* sigma0 */ \ - movl tmp2, tmp3; /* sigma0 */ \ - rorl $(18-7), tmp2; /* sigma0 */ \ - xorl tmp3, tmp2; /* sigma0 */ \ - rorl $7, tmp2; /* sigma0 */ \ - shrl $3, tmp3; /* sigma0 */ \ - xorl tmp3, tmp2; /* sigma0 */ \ - addl tmp2, wt; /* sigma0 */ \ - \ - movl wt, ((idx&0xf)*4)(w); - -/* - * Compute a SHA-256 round: - * - * T1 = h + Sigma1(e) + Ch(e, f, g) + Kt + Wt - * T2 = Sigma0(a) + Maj(a, b, c) - * - * Sigma0(x) = ror(x, 2) ^ ror(x, 13) ^ ror(x, 22) - * Sigma1(x) = ror(x, 6) ^ ror(x, 11) ^ ror(x, 25) - * Ch(x, y, z) = (x & y) ^ (~x & z) = ((y ^ z) & x) ^ z - * Maj(x, y, z) = (x & y) ^ (x & z) ^ (y & z) = ((y ^ z) & x) ^ (y & z) - * - * Upon completion d = d + T1, h = T1 + T2, pending rotation. - */ -#define sha256_round(idx, a, b, c, d, e, f, g, h, k, w, wt) \ - addl wt, h; /* T1 Wt */ \ - addl (k256, round, 4), h; /* T1 Kt */ \ - \ - movl e, tmp1; /* T1 Sigma1 */ \ - rorl $(25-11), tmp1; /* T1 Sigma1 */ \ - xorl e, tmp1; /* T1 Sigma1 */ \ - rorl $(11-6), tmp1; /* T1 Sigma1 */ \ - xorl e, tmp1; /* T1 Sigma1 */ \ - rorl $6, tmp1; /* T1 Sigma1 */ \ - addl tmp1, h; /* T1 Sigma1 */ \ - \ - movl f, tmp2; /* T1 Ch */ \ - xorl g, tmp2; /* T1 Ch */ \ - andl e, tmp2; /* T1 Ch */ \ - xorl g, tmp2; /* T1 Ch */ \ - addl tmp2, h; /* T1 Ch */ \ - \ - addl h, d; /* d += T1 */ \ - \ - movl a, tmp1; /* T2 Sigma0 */ \ - rorl $(22-13), tmp1; /* T2 Sigma0 */ \ - xorl a, tmp1; /* T2 Sigma0 */ \ - rorl $(13-2), tmp1; /* T2 Sigma0 */ \ - xorl a, tmp1; /* T2 Sigma0 */ \ - rorl $2, tmp1; /* T2 Sigma0 */ \ - addl tmp1, h; /* T2 Sigma0 */ \ - \ - movl b, tmp2; /* T2 Maj */ \ - xorl c, tmp2; /* T2 Maj */ \ - andl a, tmp2; /* T2 Maj */ \ - movl b, tmp3; /* T2 Maj */ \ - andl c, tmp3; /* T2 Maj */ \ - xorl tmp2, tmp3; /* T2 Maj */ \ - addl tmp3, h; /* T2 Maj */ \ - \ - addq $1, round; - -#define sha256_round_load(idx, a, b, c, d, e, f, g, h) \ - sha256_message_schedule_load(idx, in, %rsp, tmp0) \ - sha256_round(idx, a, b, c, d, e, f, g, h, k256, %rsp, tmp0) - -#define sha256_round_update(idx, a, b, c, d, e, f, g, h) \ - sha256_message_schedule_update(idx, %rsp, tmp0) \ - sha256_round(idx, a, b, c, d, e, f, g, h, k256, %rsp, tmp0) - -.text - -/* - * void sha256_block_generic(SHA256_CTX *ctx, const void *in, size_t num); - * - * Standard x86-64 ABI: rdi = ctx, rsi = in, rdx = num - */ -.align 16 -.globl sha256_block_generic -.type sha256_block_generic,@function -sha256_block_generic: - _CET_ENDBR - - /* Save callee save registers. */ - pushq %rbx - pushq %rbp - pushq %r12 - pushq %r13 - pushq %r14 - pushq %r15 - - /* Allocate space for message schedule, context pointer and end of message. */ - movq %rsp, %rax - subq $(64+3*8), %rsp - andq $~63, %rsp - movq %rax, (64+2*8)(%rsp) - movq ctx, (64+1*8)(%rsp) - - /* Compute and store end of message. */ - shlq $6, num - leaq (in, num, 1), %rbx - movq %rbx, (64+0*8)(%rsp) - - /* Address of SHA-256 constants. */ - leaq K256(%rip), k256 - - /* Load current hash state from context. */ - movl (0*4)(ctx), hs0 - movl (1*4)(ctx), hs1 - movl (2*4)(ctx), hs2 - movl (3*4)(ctx), hs3 - movl (4*4)(ctx), hs4 - movl (5*4)(ctx), hs5 - movl (6*4)(ctx), hs6 - movl (7*4)(ctx), hs7 - - jmp .Lblock_loop0 - -.align 16 -.Lblock_loop0: - mov $0, round - - /* Round 0 through 15. */ - sha256_round_load(0, hs0, hs1, hs2, hs3, hs4, hs5, hs6, hs7) - sha256_round_load(1, hs7, hs0, hs1, hs2, hs3, hs4, hs5, hs6) - sha256_round_load(2, hs6, hs7, hs0, hs1, hs2, hs3, hs4, hs5) - sha256_round_load(3, hs5, hs6, hs7, hs0, hs1, hs2, hs3, hs4) - sha256_round_load(4, hs4, hs5, hs6, hs7, hs0, hs1, hs2, hs3) - sha256_round_load(5, hs3, hs4, hs5, hs6, hs7, hs0, hs1, hs2) - sha256_round_load(6, hs2, hs3, hs4, hs5, hs6, hs7, hs0, hs1) - sha256_round_load(7, hs1, hs2, hs3, hs4, hs5, hs6, hs7, hs0) - sha256_round_load(8, hs0, hs1, hs2, hs3, hs4, hs5, hs6, hs7) - sha256_round_load(9, hs7, hs0, hs1, hs2, hs3, hs4, hs5, hs6) - sha256_round_load(10, hs6, hs7, hs0, hs1, hs2, hs3, hs4, hs5) - sha256_round_load(11, hs5, hs6, hs7, hs0, hs1, hs2, hs3, hs4) - sha256_round_load(12, hs4, hs5, hs6, hs7, hs0, hs1, hs2, hs3) - sha256_round_load(13, hs3, hs4, hs5, hs6, hs7, hs0, hs1, hs2) - sha256_round_load(14, hs2, hs3, hs4, hs5, hs6, hs7, hs0, hs1) - sha256_round_load(15, hs1, hs2, hs3, hs4, hs5, hs6, hs7, hs0) - - jmp .Lblock_loop16 - -.align 16 -.Lblock_loop16: - /* Round 16 through 63. */ - sha256_round_update(16, hs0, hs1, hs2, hs3, hs4, hs5, hs6, hs7) - sha256_round_update(17, hs7, hs0, hs1, hs2, hs3, hs4, hs5, hs6) - sha256_round_update(18, hs6, hs7, hs0, hs1, hs2, hs3, hs4, hs5) - sha256_round_update(19, hs5, hs6, hs7, hs0, hs1, hs2, hs3, hs4) - sha256_round_update(20, hs4, hs5, hs6, hs7, hs0, hs1, hs2, hs3) - sha256_round_update(21, hs3, hs4, hs5, hs6, hs7, hs0, hs1, hs2) - sha256_round_update(22, hs2, hs3, hs4, hs5, hs6, hs7, hs0, hs1) - sha256_round_update(23, hs1, hs2, hs3, hs4, hs5, hs6, hs7, hs0) - sha256_round_update(24, hs0, hs1, hs2, hs3, hs4, hs5, hs6, hs7) - sha256_round_update(25, hs7, hs0, hs1, hs2, hs3, hs4, hs5, hs6) - sha256_round_update(26, hs6, hs7, hs0, hs1, hs2, hs3, hs4, hs5) - sha256_round_update(27, hs5, hs6, hs7, hs0, hs1, hs2, hs3, hs4) - sha256_round_update(28, hs4, hs5, hs6, hs7, hs0, hs1, hs2, hs3) - sha256_round_update(29, hs3, hs4, hs5, hs6, hs7, hs0, hs1, hs2) - sha256_round_update(30, hs2, hs3, hs4, hs5, hs6, hs7, hs0, hs1) - sha256_round_update(31, hs1, hs2, hs3, hs4, hs5, hs6, hs7, hs0) - - cmp $64, round - jb .Lblock_loop16 - - movq (64+1*8)(%rsp), ctx - - /* Add intermediate state to hash state. */ - addl (0*4)(ctx), hs0 - addl (1*4)(ctx), hs1 - addl (2*4)(ctx), hs2 - addl (3*4)(ctx), hs3 - addl (4*4)(ctx), hs4 - addl (5*4)(ctx), hs5 - addl (6*4)(ctx), hs6 - addl (7*4)(ctx), hs7 - - /* Store new hash state to context. */ - movl hs0, (0*4)(ctx) - movl hs1, (1*4)(ctx) - movl hs2, (2*4)(ctx) - movl hs3, (3*4)(ctx) - movl hs4, (4*4)(ctx) - movl hs5, (5*4)(ctx) - movl hs6, (6*4)(ctx) - movl hs7, (7*4)(ctx) - - addq $64, in - cmpq (64+0*8)(%rsp), in - jb .Lblock_loop0 - - movq (64+2*8)(%rsp), %rsp - - /* Restore callee save registers. */ - popq %r15 - popq %r14 - popq %r13 - popq %r12 - popq %rbp - popq %rbx - - ret - -/* - * SHA-256 constants - see FIPS 180-4 section 4.2.2. - */ -.rodata -.align 64 -.type K256,@object -K256: -.long 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5 -.long 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5 -.long 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3 -.long 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174 -.long 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc -.long 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da -.long 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7 -.long 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967 -.long 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13 -.long 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85 -.long 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3 -.long 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070 -.long 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5 -.long 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3 -.long 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208 -.long 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 -.size K256,.-K256 diff --git a/src/lib/libcrypto/sha/sha256_amd64_shani.S b/src/lib/libcrypto/sha/sha256_amd64_shani.S deleted file mode 100644 index df3a796b45..0000000000 --- a/src/lib/libcrypto/sha/sha256_amd64_shani.S +++ /dev/null @@ -1,209 +0,0 @@ -/* $OpenBSD: sha256_amd64_shani.S,v 1.1 2024/11/16 15:31:36 jsing Exp $ */ -/* - * Copyright (c) 2024 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifdef __CET__ -#include -#else -#define _CET_ENDBR -#endif - -/* - * SHA-256 implementation using the Intel SHA extensions: - * - * https://www.intel.com/content/www/us/en/developer/articles/technical/intel-sha-extensions.html - */ - -#define ctx %rdi -#define in %rsi -#define num %rdx - -#define end %rbx - -#define k256 %rbp - -#define xmsg %xmm0 - -#define xhs0 %xmm1 -#define xhs1 %xmm2 - -#define xabef %xmm3 -#define xcdgh %xmm4 - -#define xmsgtmp0 %xmm6 -#define xmsgtmp1 %xmm7 -#define xmsgtmp2 %xmm8 -#define xmsgtmp3 %xmm9 -#define xmsgtmp4 %xmm10 - -#define xshufmask %xmm11 - -#define xtmp0 %xmm12 - -#define sha256_message_schedule_load(idx, m, xmsgtmp) \ - movdqu (idx*16)(m), xmsg; \ - pshufb xshufmask, xmsg; \ - movdqa xmsg, xmsgtmp; - -#define sha256_message_schedule_update(xmt0, xmt1, xmt2, xmt3) \ - sha256msg1 xmt1, xmt0; \ - movdqa xmt3, xmsgtmp4; \ - palignr $4, xmt2, xmsgtmp4; \ - paddd xmsgtmp4, xmt0; \ - sha256msg2 xmt3, xmt0; - -#define sha256_shani_round(idx) \ - paddd (idx*16)(k256), xmsg; \ - sha256rnds2 xmsg, xhs0, xhs1; \ - pshufd $0x0e, xmsg, xmsg; \ - sha256rnds2 xmsg, xhs1, xhs0; - -#define sha256_shani_round_load(idx, m, xmsgtmp) \ - sha256_message_schedule_load(idx, m, xmsgtmp); \ - sha256_shani_round(idx); - -#define sha256_shani_round_update(idx, xmt0, xmt1, xmt2, xmt3) \ - sha256_message_schedule_update(xmt0, xmt1, xmt2, xmt3); \ - movdqa xmt0, xmsg; \ - sha256_shani_round(idx); - -.text - -/* - * void sha256_block_shani(SHA256_CTX *ctx, const void *in, size_t num); - * - * Standard x86-64 ABI: rdi = ctx, rsi = in, rdx = num - */ -.align 16 -.globl sha256_block_shani -.type sha256_block_shani,@function -sha256_block_shani: - _CET_ENDBR - - /* Save callee save registers. */ - pushq %rbx - pushq %rbp - - /* Compute end of message. */ - shlq $6, num - leaq (in, num, 1), end - - /* Address of SHA-256 constants. */ - leaq K256(%rip), k256 - - /* Load endian shuffle mask. */ - movdqa shufmask(%rip), xshufmask - - /* Load current hash state from context. */ - movdqu (0*16)(ctx), xhs0 /* dcba */ - movdqu (1*16)(ctx), xhs1 /* hgfe */ - - /* Rearrange words to construct abef/cdgh. */ - pshufd $0xb1, xhs0, xhs0 /* cdab */ - pshufd $0x1b, xhs1, xhs1 /* efgh */ - movdqa xhs0, xtmp0 - palignr $8, xhs1, xhs0 /* abef */ - pblendw $0xf0, xtmp0, xhs1 /* cdgh */ - - jmp .Lshani_block_loop - -.align 16 -.Lshani_block_loop: - /* Save state for accumulation. */ - movdqa xhs0, xabef - movdqa xhs1, xcdgh - - /* Rounds 0 through 15 (four rounds at a time). */ - sha256_shani_round_load(0, in, xmsgtmp0) - sha256_shani_round_load(1, in, xmsgtmp1) - sha256_shani_round_load(2, in, xmsgtmp2) - sha256_shani_round_load(3, in, xmsgtmp3) - - /* Rounds 16 through 63 (four rounds at a time). */ - sha256_shani_round_update(4, xmsgtmp0, xmsgtmp1, xmsgtmp2, xmsgtmp3) - sha256_shani_round_update(5, xmsgtmp1, xmsgtmp2, xmsgtmp3, xmsgtmp0) - sha256_shani_round_update(6, xmsgtmp2, xmsgtmp3, xmsgtmp0, xmsgtmp1) - sha256_shani_round_update(7, xmsgtmp3, xmsgtmp0, xmsgtmp1, xmsgtmp2) - - sha256_shani_round_update(8, xmsgtmp0, xmsgtmp1, xmsgtmp2, xmsgtmp3) - sha256_shani_round_update(9, xmsgtmp1, xmsgtmp2, xmsgtmp3, xmsgtmp0) - sha256_shani_round_update(10, xmsgtmp2, xmsgtmp3, xmsgtmp0, xmsgtmp1) - sha256_shani_round_update(11, xmsgtmp3, xmsgtmp0, xmsgtmp1, xmsgtmp2) - - sha256_shani_round_update(12, xmsgtmp0, xmsgtmp1, xmsgtmp2, xmsgtmp3) - sha256_shani_round_update(13, xmsgtmp1, xmsgtmp2, xmsgtmp3, xmsgtmp0) - sha256_shani_round_update(14, xmsgtmp2, xmsgtmp3, xmsgtmp0, xmsgtmp1) - sha256_shani_round_update(15, xmsgtmp3, xmsgtmp0, xmsgtmp1, xmsgtmp2) - - /* Accumulate hash state. */ - paddd xabef, xhs0 - paddd xcdgh, xhs1 - - addq $64, in - cmpq end, in - jb .Lshani_block_loop - - /* Rearrange words to construct dcba/hgfe. */ - pshufd $0x1b, xhs0, xhs0 /* feba */ - pshufd $0xb1, xhs1, xhs1 /* dchg */ - movdqa xhs0, xtmp0 - pblendw $0xf0, xhs1, xhs0 /* dcba */ - palignr $8, xtmp0, xhs1 /* hgfe */ - - /* Update stored hash context. */ - movdqu xhs0, (0*16)(ctx) - movdqu xhs1, (1*16)(ctx) - - /* Restore callee save registers. */ - popq %rbp - popq %rbx - - ret - -.rodata - -/* - * Shuffle mask - little endian to big endian word conversion. - */ -.align 16 -.type shufmask,@object -shufmask: -.octa 0x0c0d0e0f08090a0b0405060700010203 -.size shufmask,.-shufmask - -/* - * SHA-256 constants - see FIPS 180-4 section 4.2.2. - */ -.align 64 -.type K256,@object -K256: -.long 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5 -.long 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5 -.long 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3 -.long 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174 -.long 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc -.long 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da -.long 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7 -.long 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967 -.long 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13 -.long 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85 -.long 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3 -.long 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070 -.long 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5 -.long 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3 -.long 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208 -.long 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 -.size K256,.-K256 diff --git a/src/lib/libcrypto/sha/sha3.c b/src/lib/libcrypto/sha/sha3.c deleted file mode 100644 index 6a7196d582..0000000000 --- a/src/lib/libcrypto/sha/sha3.c +++ /dev/null @@ -1,172 +0,0 @@ -/* $OpenBSD: sha3.c,v 1.16 2024/11/23 15:38:12 jsing Exp $ */ -/* - * The MIT License (MIT) - * - * Copyright (c) 2015 Markku-Juhani O. Saarinen - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in all - * copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE - * SOFTWARE. - */ - -#include -#include - -#include "sha3_internal.h" - -#define KECCAKF_ROUNDS 24 - -#define ROTL64(x, y) (((x) << (y)) | ((x) >> (64 - (y)))) - -static const uint64_t sha3_keccakf_rndc[24] = { - 0x0000000000000001, 0x0000000000008082, 0x800000000000808a, - 0x8000000080008000, 0x000000000000808b, 0x0000000080000001, - 0x8000000080008081, 0x8000000000008009, 0x000000000000008a, - 0x0000000000000088, 0x0000000080008009, 0x000000008000000a, - 0x000000008000808b, 0x800000000000008b, 0x8000000000008089, - 0x8000000000008003, 0x8000000000008002, 0x8000000000000080, - 0x000000000000800a, 0x800000008000000a, 0x8000000080008081, - 0x8000000000008080, 0x0000000080000001, 0x8000000080008008 -}; -static const int sha3_keccakf_rotc[24] = { - 1, 3, 6, 10, 15, 21, 28, 36, 45, 55, 2, 14, - 27, 41, 56, 8, 25, 43, 62, 18, 39, 61, 20, 44 -}; -static const int sha3_keccakf_piln[24] = { - 10, 7, 11, 17, 18, 3, 5, 16, 8, 21, 24, 4, - 15, 23, 19, 13, 12, 2, 20, 14, 22, 9, 6, 1 -}; - -static void -sha3_keccakf(uint64_t st[25]) -{ - uint64_t t, bc[5]; - int i, j, r; - - for (i = 0; i < 25; i++) - st[i] = le64toh(st[i]); - - for (r = 0; r < KECCAKF_ROUNDS; r++) { - - /* Theta */ - for (i = 0; i < 5; i++) - bc[i] = st[i] ^ st[i + 5] ^ st[i + 10] ^ st[i + 15] ^ st[i + 20]; - - for (i = 0; i < 5; i++) { - t = bc[(i + 4) % 5] ^ ROTL64(bc[(i + 1) % 5], 1); - for (j = 0; j < 25; j += 5) - st[j + i] ^= t; - } - - /* Rho Pi */ - t = st[1]; - for (i = 0; i < 24; i++) { - j = sha3_keccakf_piln[i]; - bc[0] = st[j]; - st[j] = ROTL64(t, sha3_keccakf_rotc[i]); - t = bc[0]; - } - - /* Chi */ - for (j = 0; j < 25; j += 5) { - for (i = 0; i < 5; i++) - bc[i] = st[j + i]; - for (i = 0; i < 5; i++) - st[j + i] ^= (~bc[(i + 1) % 5]) & bc[(i + 2) % 5]; - } - - /* Iota */ - st[0] ^= sha3_keccakf_rndc[r]; - } - - for (i = 0; i < 25; i++) - st[i] = htole64(st[i]); -} - -int -sha3_init(sha3_ctx *c, int mdlen) -{ - if (mdlen < 0 || mdlen >= KECCAK_BYTE_WIDTH / 2) - return 0; - - memset(c, 0, sizeof(*c)); - - c->mdlen = mdlen; - c->rsize = KECCAK_BYTE_WIDTH - 2 * mdlen; - - return 1; -} - -int -sha3_update(sha3_ctx *c, const void *data, size_t len) -{ - size_t i, j; - - j = c->pt; - for (i = 0; i < len; i++) { - c->state.b[j++] ^= ((const uint8_t *) data)[i]; - if (j >= c->rsize) { - sha3_keccakf(c->state.q); - j = 0; - } - } - c->pt = j; - - return 1; -} - -int -sha3_final(void *md, sha3_ctx *c) -{ - int i; - - c->state.b[c->pt] ^= 0x06; - c->state.b[c->rsize - 1] ^= 0x80; - sha3_keccakf(c->state.q); - - for (i = 0; i < c->mdlen; i++) { - ((uint8_t *) md)[i] = c->state.b[i]; - } - - return 1; -} - -/* SHAKE128 and SHAKE256 extensible-output functionality. */ -void -shake_xof(sha3_ctx *c) -{ - c->state.b[c->pt] ^= 0x1F; - c->state.b[c->rsize - 1] ^= 0x80; - sha3_keccakf(c->state.q); - c->pt = 0; -} - -void -shake_out(sha3_ctx *c, void *out, size_t len) -{ - size_t i, j; - - j = c->pt; - for (i = 0; i < len; i++) { - if (j >= c->rsize) { - sha3_keccakf(c->state.q); - j = 0; - } - ((uint8_t *) out)[i] = c->state.b[j++]; - } - c->pt = j; -} diff --git a/src/lib/libcrypto/sha/sha3_internal.h b/src/lib/libcrypto/sha/sha3_internal.h deleted file mode 100644 index 53a4980c19..0000000000 --- a/src/lib/libcrypto/sha/sha3_internal.h +++ /dev/null @@ -1,81 +0,0 @@ -/* $OpenBSD: sha3_internal.h,v 1.15 2023/04/25 19:32:19 tb Exp $ */ -/* - * The MIT License (MIT) - * - * Copyright (c) 2015 Markku-Juhani O. Saarinen - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in all - * copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE - * SOFTWARE. - */ - -#include -#include - -#ifndef HEADER_SHA3_INTERNAL_H -#define HEADER_SHA3_INTERNAL_H - -#define KECCAK_BIT_WIDTH 1600 -#define KECCAK_BYTE_WIDTH (KECCAK_BIT_WIDTH / 8) - -#define SHA3_224_BIT_LENGTH 224 -#define SHA3_224_BITRATE (2 * SHA3_224_BIT_LENGTH) -#define SHA3_224_CAPACITY (KECCAK_BIT_WIDTH - SHA3_224_BITRATE) -#define SHA3_224_BLOCK_SIZE (SHA3_224_CAPACITY / 8) -#define SHA3_224_DIGEST_LENGTH (SHA3_224_BIT_LENGTH / 8) - -#define SHA3_256_BIT_LENGTH 256 -#define SHA3_256_BITRATE (2 * SHA3_256_BIT_LENGTH) -#define SHA3_256_CAPACITY (KECCAK_BIT_WIDTH - SHA3_256_BITRATE) -#define SHA3_256_BLOCK_SIZE (SHA3_256_CAPACITY / 8) -#define SHA3_256_DIGEST_LENGTH (SHA3_256_BIT_LENGTH / 8) - -#define SHA3_384_BIT_LENGTH 384 -#define SHA3_384_BITRATE (2 * SHA3_384_BIT_LENGTH) -#define SHA3_384_CAPACITY (KECCAK_BIT_WIDTH - SHA3_384_BITRATE) -#define SHA3_384_BLOCK_SIZE (SHA3_384_CAPACITY / 8) -#define SHA3_384_DIGEST_LENGTH (SHA3_384_BIT_LENGTH / 8) - -#define SHA3_512_BIT_LENGTH 512 -#define SHA3_512_BITRATE (2 * SHA3_512_BIT_LENGTH) -#define SHA3_512_CAPACITY (KECCAK_BIT_WIDTH - SHA3_512_BITRATE) -#define SHA3_512_BLOCK_SIZE (SHA3_512_CAPACITY / 8) -#define SHA3_512_DIGEST_LENGTH (SHA3_512_BIT_LENGTH / 8) - -typedef struct sha3_ctx_st { - union { - uint8_t b[200]; /* State as 8 bit bytes. */ - uint64_t q[25]; /* State as 64 bit words. */ - } state; - size_t pt; - size_t rsize; - size_t mdlen; -} sha3_ctx; - -int sha3_init(sha3_ctx *c, int mdlen); -int sha3_update(sha3_ctx *c, const void *data, size_t len); -int sha3_final(void *md, sha3_ctx *c); - -/* SHAKE128 and SHAKE256 extensible-output functions. */ -#define shake128_init(c) sha3_init(c, 16) -#define shake256_init(c) sha3_init(c, 32) -#define shake_update sha3_update - -void shake_xof(sha3_ctx *c); -void shake_out(sha3_ctx *c, void *out, size_t len); - -#endif diff --git a/src/lib/libcrypto/sha/sha512.c b/src/lib/libcrypto/sha/sha512.c deleted file mode 100644 index 43d25eb119..0000000000 --- a/src/lib/libcrypto/sha/sha512.c +++ /dev/null @@ -1,578 +0,0 @@ -/* $OpenBSD: sha512.c,v 1.43 2025/02/14 12:01:58 jsing Exp $ */ -/* ==================================================================== - * Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - */ - -#include -#include -#include - -#include - -#include -#include - -#include "crypto_internal.h" -#include "sha_internal.h" - -#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA512) - -/* Ensure that SHA_LONG64 and uint64_t are equivalent. */ -CTASSERT(sizeof(SHA_LONG64) == sizeof(uint64_t)); - -void sha512_block_data_order(SHA512_CTX *ctx, const void *in, size_t num); -void sha512_block_generic(SHA512_CTX *ctx, const void *in, size_t num); - -#ifndef HAVE_SHA512_BLOCK_GENERIC -static const SHA_LONG64 K512[80] = { - U64(0x428a2f98d728ae22), U64(0x7137449123ef65cd), - U64(0xb5c0fbcfec4d3b2f), U64(0xe9b5dba58189dbbc), - U64(0x3956c25bf348b538), U64(0x59f111f1b605d019), - U64(0x923f82a4af194f9b), U64(0xab1c5ed5da6d8118), - U64(0xd807aa98a3030242), U64(0x12835b0145706fbe), - U64(0x243185be4ee4b28c), U64(0x550c7dc3d5ffb4e2), - U64(0x72be5d74f27b896f), U64(0x80deb1fe3b1696b1), - U64(0x9bdc06a725c71235), U64(0xc19bf174cf692694), - U64(0xe49b69c19ef14ad2), U64(0xefbe4786384f25e3), - U64(0x0fc19dc68b8cd5b5), U64(0x240ca1cc77ac9c65), - U64(0x2de92c6f592b0275), U64(0x4a7484aa6ea6e483), - U64(0x5cb0a9dcbd41fbd4), U64(0x76f988da831153b5), - U64(0x983e5152ee66dfab), U64(0xa831c66d2db43210), - U64(0xb00327c898fb213f), U64(0xbf597fc7beef0ee4), - U64(0xc6e00bf33da88fc2), U64(0xd5a79147930aa725), - U64(0x06ca6351e003826f), U64(0x142929670a0e6e70), - U64(0x27b70a8546d22ffc), U64(0x2e1b21385c26c926), - U64(0x4d2c6dfc5ac42aed), U64(0x53380d139d95b3df), - U64(0x650a73548baf63de), U64(0x766a0abb3c77b2a8), - U64(0x81c2c92e47edaee6), U64(0x92722c851482353b), - U64(0xa2bfe8a14cf10364), U64(0xa81a664bbc423001), - U64(0xc24b8b70d0f89791), U64(0xc76c51a30654be30), - U64(0xd192e819d6ef5218), U64(0xd69906245565a910), - U64(0xf40e35855771202a), U64(0x106aa07032bbd1b8), - U64(0x19a4c116b8d2d0c8), U64(0x1e376c085141ab53), - U64(0x2748774cdf8eeb99), U64(0x34b0bcb5e19b48a8), - U64(0x391c0cb3c5c95a63), U64(0x4ed8aa4ae3418acb), - U64(0x5b9cca4f7763e373), U64(0x682e6ff3d6b2b8a3), - U64(0x748f82ee5defb2fc), U64(0x78a5636f43172f60), - U64(0x84c87814a1f0ab72), U64(0x8cc702081a6439ec), - U64(0x90befffa23631e28), U64(0xa4506cebde82bde9), - U64(0xbef9a3f7b2c67915), U64(0xc67178f2e372532b), - U64(0xca273eceea26619c), U64(0xd186b8c721c0c207), - U64(0xeada7dd6cde0eb1e), U64(0xf57d4f7fee6ed178), - U64(0x06f067aa72176fba), U64(0x0a637dc5a2c898a6), - U64(0x113f9804bef90dae), U64(0x1b710b35131c471b), - U64(0x28db77f523047d84), U64(0x32caab7b40c72493), - U64(0x3c9ebe0a15c9bebc), U64(0x431d67c49c100d4c), - U64(0x4cc5d4becb3e42b6), U64(0x597f299cfc657e2a), - U64(0x5fcb6fab3ad6faec), U64(0x6c44198c4a475817), -}; - -static inline SHA_LONG64 -Sigma0(SHA_LONG64 x) -{ - return crypto_ror_u64(x, 28) ^ crypto_ror_u64(x, 34) ^ - crypto_ror_u64(x, 39); -} - -static inline SHA_LONG64 -Sigma1(SHA_LONG64 x) -{ - return crypto_ror_u64(x, 14) ^ crypto_ror_u64(x, 18) ^ - crypto_ror_u64(x, 41); -} - -static inline SHA_LONG64 -sigma0(SHA_LONG64 x) -{ - return crypto_ror_u64(x, 1) ^ crypto_ror_u64(x, 8) ^ (x >> 7); -} - -static inline SHA_LONG64 -sigma1(SHA_LONG64 x) -{ - return crypto_ror_u64(x, 19) ^ crypto_ror_u64(x, 61) ^ (x >> 6); -} - -static inline SHA_LONG64 -Ch(SHA_LONG64 x, SHA_LONG64 y, SHA_LONG64 z) -{ - return (x & y) ^ (~x & z); -} - -static inline SHA_LONG64 -Maj(SHA_LONG64 x, SHA_LONG64 y, SHA_LONG64 z) -{ - return (x & y) ^ (x & z) ^ (y & z); -} - -static inline void -sha512_msg_schedule_update(SHA_LONG64 *W0, SHA_LONG64 W1, - SHA_LONG64 W9, SHA_LONG64 W14) -{ - *W0 = sigma1(W14) + W9 + sigma0(W1) + *W0; -} - -static inline void -sha512_round(SHA_LONG64 *a, SHA_LONG64 *b, SHA_LONG64 *c, SHA_LONG64 *d, - SHA_LONG64 *e, SHA_LONG64 *f, SHA_LONG64 *g, SHA_LONG64 *h, - SHA_LONG64 Kt, SHA_LONG64 Wt) -{ - SHA_LONG64 T1, T2; - - T1 = *h + Sigma1(*e) + Ch(*e, *f, *g) + Kt + Wt; - T2 = Sigma0(*a) + Maj(*a, *b, *c); - - *h = *g; - *g = *f; - *f = *e; - *e = *d + T1; - *d = *c; - *c = *b; - *b = *a; - *a = T1 + T2; -} - -void -sha512_block_generic(SHA512_CTX *ctx, const void *_in, size_t num) -{ - const uint8_t *in = _in; - const SHA_LONG64 *in64; - SHA_LONG64 a, b, c, d, e, f, g, h; - SHA_LONG64 X[16]; - int i; - - while (num--) { - a = ctx->h[0]; - b = ctx->h[1]; - c = ctx->h[2]; - d = ctx->h[3]; - e = ctx->h[4]; - f = ctx->h[5]; - g = ctx->h[6]; - h = ctx->h[7]; - - if ((size_t)in % sizeof(SHA_LONG64) == 0) { - /* Input is 64 bit aligned. */ - in64 = (const SHA_LONG64 *)in; - X[0] = be64toh(in64[0]); - X[1] = be64toh(in64[1]); - X[2] = be64toh(in64[2]); - X[3] = be64toh(in64[3]); - X[4] = be64toh(in64[4]); - X[5] = be64toh(in64[5]); - X[6] = be64toh(in64[6]); - X[7] = be64toh(in64[7]); - X[8] = be64toh(in64[8]); - X[9] = be64toh(in64[9]); - X[10] = be64toh(in64[10]); - X[11] = be64toh(in64[11]); - X[12] = be64toh(in64[12]); - X[13] = be64toh(in64[13]); - X[14] = be64toh(in64[14]); - X[15] = be64toh(in64[15]); - } else { - /* Input is not 64 bit aligned. */ - X[0] = crypto_load_be64toh(&in[0 * 8]); - X[1] = crypto_load_be64toh(&in[1 * 8]); - X[2] = crypto_load_be64toh(&in[2 * 8]); - X[3] = crypto_load_be64toh(&in[3 * 8]); - X[4] = crypto_load_be64toh(&in[4 * 8]); - X[5] = crypto_load_be64toh(&in[5 * 8]); - X[6] = crypto_load_be64toh(&in[6 * 8]); - X[7] = crypto_load_be64toh(&in[7 * 8]); - X[8] = crypto_load_be64toh(&in[8 * 8]); - X[9] = crypto_load_be64toh(&in[9 * 8]); - X[10] = crypto_load_be64toh(&in[10 * 8]); - X[11] = crypto_load_be64toh(&in[11 * 8]); - X[12] = crypto_load_be64toh(&in[12 * 8]); - X[13] = crypto_load_be64toh(&in[13 * 8]); - X[14] = crypto_load_be64toh(&in[14 * 8]); - X[15] = crypto_load_be64toh(&in[15 * 8]); - } - in += SHA512_CBLOCK; - - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[0], X[0]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[1], X[1]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[2], X[2]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[3], X[3]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[4], X[4]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[5], X[5]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[6], X[6]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[7], X[7]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[8], X[8]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[9], X[9]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[10], X[10]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[11], X[11]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[12], X[12]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[13], X[13]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[14], X[14]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[15], X[15]); - - for (i = 16; i < 80; i += 16) { - sha512_msg_schedule_update(&X[0], X[1], X[9], X[14]); - sha512_msg_schedule_update(&X[1], X[2], X[10], X[15]); - sha512_msg_schedule_update(&X[2], X[3], X[11], X[0]); - sha512_msg_schedule_update(&X[3], X[4], X[12], X[1]); - sha512_msg_schedule_update(&X[4], X[5], X[13], X[2]); - sha512_msg_schedule_update(&X[5], X[6], X[14], X[3]); - sha512_msg_schedule_update(&X[6], X[7], X[15], X[4]); - sha512_msg_schedule_update(&X[7], X[8], X[0], X[5]); - sha512_msg_schedule_update(&X[8], X[9], X[1], X[6]); - sha512_msg_schedule_update(&X[9], X[10], X[2], X[7]); - sha512_msg_schedule_update(&X[10], X[11], X[3], X[8]); - sha512_msg_schedule_update(&X[11], X[12], X[4], X[9]); - sha512_msg_schedule_update(&X[12], X[13], X[5], X[10]); - sha512_msg_schedule_update(&X[13], X[14], X[6], X[11]); - sha512_msg_schedule_update(&X[14], X[15], X[7], X[12]); - sha512_msg_schedule_update(&X[15], X[0], X[8], X[13]); - - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[i + 0], X[0]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[i + 1], X[1]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[i + 2], X[2]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[i + 3], X[3]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[i + 4], X[4]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[i + 5], X[5]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[i + 6], X[6]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[i + 7], X[7]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[i + 8], X[8]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[i + 9], X[9]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[i + 10], X[10]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[i + 11], X[11]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[i + 12], X[12]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[i + 13], X[13]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[i + 14], X[14]); - sha512_round(&a, &b, &c, &d, &e, &f, &g, &h, K512[i + 15], X[15]); - } - - ctx->h[0] += a; - ctx->h[1] += b; - ctx->h[2] += c; - ctx->h[3] += d; - ctx->h[4] += e; - ctx->h[5] += f; - ctx->h[6] += g; - ctx->h[7] += h; - } -} -#endif - -#ifndef HAVE_SHA512_BLOCK_DATA_ORDER -void -sha512_block_data_order(SHA512_CTX *ctx, const void *_in, size_t num) -{ - sha512_block_generic(ctx, _in, num); -} -#endif - -int -SHA384_Init(SHA512_CTX *c) -{ - memset(c, 0, sizeof(*c)); - - c->h[0] = U64(0xcbbb9d5dc1059ed8); - c->h[1] = U64(0x629a292a367cd507); - c->h[2] = U64(0x9159015a3070dd17); - c->h[3] = U64(0x152fecd8f70e5939); - c->h[4] = U64(0x67332667ffc00b31); - c->h[5] = U64(0x8eb44a8768581511); - c->h[6] = U64(0xdb0c2e0d64f98fa7); - c->h[7] = U64(0x47b5481dbefa4fa4); - - c->md_len = SHA384_DIGEST_LENGTH; - - return 1; -} -LCRYPTO_ALIAS(SHA384_Init); - -int -SHA384_Update(SHA512_CTX *c, const void *data, size_t len) -{ - return SHA512_Update(c, data, len); -} -LCRYPTO_ALIAS(SHA384_Update); - -int -SHA384_Final(unsigned char *md, SHA512_CTX *c) -{ - return SHA512_Final(md, c); -} -LCRYPTO_ALIAS(SHA384_Final); - -unsigned char * -SHA384(const unsigned char *d, size_t n, unsigned char *md) -{ - SHA512_CTX c; - - SHA384_Init(&c); - SHA512_Update(&c, d, n); - SHA512_Final(md, &c); - - explicit_bzero(&c, sizeof(c)); - - return (md); -} -LCRYPTO_ALIAS(SHA384); - -int -SHA512_Init(SHA512_CTX *c) -{ - memset(c, 0, sizeof(*c)); - - c->h[0] = U64(0x6a09e667f3bcc908); - c->h[1] = U64(0xbb67ae8584caa73b); - c->h[2] = U64(0x3c6ef372fe94f82b); - c->h[3] = U64(0xa54ff53a5f1d36f1); - c->h[4] = U64(0x510e527fade682d1); - c->h[5] = U64(0x9b05688c2b3e6c1f); - c->h[6] = U64(0x1f83d9abfb41bd6b); - c->h[7] = U64(0x5be0cd19137e2179); - - c->md_len = SHA512_DIGEST_LENGTH; - - return 1; -} -LCRYPTO_ALIAS(SHA512_Init); - -void -SHA512_Transform(SHA512_CTX *c, const unsigned char *data) -{ - sha512_block_data_order(c, data, 1); -} -LCRYPTO_ALIAS(SHA512_Transform); - -int -SHA512_Update(SHA512_CTX *c, const void *_data, size_t len) -{ - const unsigned char *data = _data; - unsigned char *p = c->u.p; - SHA_LONG64 l; - - if (len == 0) - return 1; - - l = (c->Nl + (((SHA_LONG64)len) << 3))&U64(0xffffffffffffffff); - if (l < c->Nl) - c->Nh++; - if (sizeof(len) >= 8) - c->Nh += (((SHA_LONG64)len) >> 61); - c->Nl = l; - - if (c->num != 0) { - size_t n = sizeof(c->u) - c->num; - - if (len < n) { - memcpy(p + c->num, data, len); - c->num += (unsigned int)len; - return 1; - } else{ - memcpy(p + c->num, data, n); - c->num = 0; - len -= n; - data += n; - sha512_block_data_order(c, p, 1); - } - } - - if (len >= sizeof(c->u)) { - sha512_block_data_order(c, data, len/sizeof(c->u)); - data += len; - len %= sizeof(c->u); - data -= len; - } - - if (len != 0) { - memcpy(p, data, len); - c->num = (int)len; - } - - return 1; -} -LCRYPTO_ALIAS(SHA512_Update); - -int -SHA512_Final(unsigned char *md, SHA512_CTX *c) -{ - unsigned char *p = (unsigned char *)c->u.p; - size_t n = c->num; - - p[n]=0x80; /* There always is a room for one */ - n++; - if (n > (sizeof(c->u) - 16)) { - memset(p + n, 0, sizeof(c->u) - n); - n = 0; - sha512_block_data_order(c, p, 1); - } - - memset(p + n, 0, sizeof(c->u) - 16 - n); - c->u.d[SHA_LBLOCK - 2] = htobe64(c->Nh); - c->u.d[SHA_LBLOCK - 1] = htobe64(c->Nl); - - sha512_block_data_order(c, p, 1); - - if (md == NULL) - return 0; - - /* Let compiler decide if it's appropriate to unroll... */ - switch (c->md_len) { - case SHA512_224_DIGEST_LENGTH: - for (n = 0; n < SHA512_224_DIGEST_LENGTH/8; n++) { - crypto_store_htobe64(md, c->h[n]); - md += 8; - } - crypto_store_htobe32(md, c->h[n] >> 32); - break; - case SHA512_256_DIGEST_LENGTH: - for (n = 0; n < SHA512_256_DIGEST_LENGTH/8; n++) { - crypto_store_htobe64(md, c->h[n]); - md += 8; - } - break; - case SHA384_DIGEST_LENGTH: - for (n = 0; n < SHA384_DIGEST_LENGTH/8; n++) { - crypto_store_htobe64(md, c->h[n]); - md += 8; - } - break; - case SHA512_DIGEST_LENGTH: - for (n = 0; n < SHA512_DIGEST_LENGTH/8; n++) { - crypto_store_htobe64(md, c->h[n]); - md += 8; - } - break; - default: - return 0; - } - - return 1; -} -LCRYPTO_ALIAS(SHA512_Final); - -unsigned char * -SHA512(const unsigned char *d, size_t n, unsigned char *md) -{ - SHA512_CTX c; - - SHA512_Init(&c); - SHA512_Update(&c, d, n); - SHA512_Final(md, &c); - - explicit_bzero(&c, sizeof(c)); - - return (md); -} -LCRYPTO_ALIAS(SHA512); - -int -SHA512_224_Init(SHA512_CTX *c) -{ - memset(c, 0, sizeof(*c)); - - /* FIPS 180-4 section 5.3.6.1. */ - c->h[0] = U64(0x8c3d37c819544da2); - c->h[1] = U64(0x73e1996689dcd4d6); - c->h[2] = U64(0x1dfab7ae32ff9c82); - c->h[3] = U64(0x679dd514582f9fcf); - c->h[4] = U64(0x0f6d2b697bd44da8); - c->h[5] = U64(0x77e36f7304c48942); - c->h[6] = U64(0x3f9d85a86a1d36c8); - c->h[7] = U64(0x1112e6ad91d692a1); - - c->md_len = SHA512_224_DIGEST_LENGTH; - - return 1; -} - -int -SHA512_224_Update(SHA512_CTX *c, const void *data, size_t len) -{ - return SHA512_Update(c, data, len); -} - -int -SHA512_224_Final(unsigned char *md, SHA512_CTX *c) -{ - return SHA512_Final(md, c); -} - -int -SHA512_256_Init(SHA512_CTX *c) -{ - memset(c, 0, sizeof(*c)); - - /* FIPS 180-4 section 5.3.6.2. */ - c->h[0] = U64(0x22312194fc2bf72c); - c->h[1] = U64(0x9f555fa3c84c64c2); - c->h[2] = U64(0x2393b86b6f53b151); - c->h[3] = U64(0x963877195940eabd); - c->h[4] = U64(0x96283ee2a88effe3); - c->h[5] = U64(0xbe5e1e2553863992); - c->h[6] = U64(0x2b0199fc2c85b8aa); - c->h[7] = U64(0x0eb72ddc81c52ca2); - - c->md_len = SHA512_256_DIGEST_LENGTH; - - return 1; -} - -int -SHA512_256_Update(SHA512_CTX *c, const void *data, size_t len) -{ - return SHA512_Update(c, data, len); -} - -int -SHA512_256_Final(unsigned char *md, SHA512_CTX *c) -{ - return SHA512_Final(md, c); -} - -#endif /* !OPENSSL_NO_SHA512 */ diff --git a/src/lib/libcrypto/sha/sha512_aarch64.c b/src/lib/libcrypto/sha/sha512_aarch64.c deleted file mode 100644 index 3c997e3e89..0000000000 --- a/src/lib/libcrypto/sha/sha512_aarch64.c +++ /dev/null @@ -1,34 +0,0 @@ -/* $OpenBSD: sha512_aarch64.c,v 1.1 2025/03/12 14:13:41 jsing Exp $ */ -/* - * Copyright (c) 2024 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include "crypto_arch.h" - -void sha512_block_ce(SHA512_CTX *ctx, const void *in, size_t num); -void sha512_block_generic(SHA512_CTX *ctx, const void *in, size_t num); - -void -sha512_block_data_order(SHA512_CTX *ctx, const void *in, size_t num) -{ - if ((crypto_cpu_caps_aarch64 & CRYPTO_CPU_CAPS_AARCH64_SHA512) != 0) { - sha512_block_ce(ctx, in, num); - return; - } - - sha512_block_generic(ctx, in, num); -} diff --git a/src/lib/libcrypto/sha/sha512_aarch64_ce.S b/src/lib/libcrypto/sha/sha512_aarch64_ce.S deleted file mode 100644 index 89109a78ba..0000000000 --- a/src/lib/libcrypto/sha/sha512_aarch64_ce.S +++ /dev/null @@ -1,312 +0,0 @@ -/* $OpenBSD: sha512_aarch64_ce.S,v 1.1 2025/03/12 14:13:41 jsing Exp $ */ -/* - * Copyright (c) 2023,2025 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * SHA-512 implementation using the ARM Cryptographic Extension (CE). - * - * The documentation for these is rather inadequate - each instruction is - * described in a mechanical sense, however their combined usage does not - * seem to be detailed anywhere. - * - * There are four instructions that enable hardware acceleration of SHA-512: - * - * sha512h - hash update, part 1 (without a number to be inconsistent): - * inputs , , - * output T1 for W0, T1 for W1 - * - * sha512h2 - hash update, part 2: - * inputs , , - * output - * - * sha512su0 - message schedule update with sigma0 for two rounds: - * inputs , - * output W0 += sigma0(W1), W1 += sigma0(W2) - * - * sha512su1 - message schedule update with sigma1 for two rounds: - * inputs , , - * output W0 += sigma1(W14) + W9, W1 += sigma1(W15) + W10 - */ - -#define ctx x0 -#define in x1 -#define num x2 - -#define k512_base x3 -#define k512 x4 - -/* Note: the lower 64 bits of v8 through v15 are callee save. */ - -#define hc0 v28 -#define hc1 v29 -#define hc2 v30 -#define hc3 v31 - -#define hs0 v0 -#define hs1 v1 -#define hs2 v2 -#define hs3 v3 -#define hs4 v4 -#define hs5 v5 -#define hs6 v6 -#define hs7 v7 - -#define w0 v10 -#define w1 v11 -#define w2 v12 -#define w3 v13 -#define w4 v14 -#define w5 v15 -#define w6 v16 -#define w7 v17 - -#define k0 v20 -#define k1 v21 -#define k2 v22 -#define k3 v23 -#define k4 v24 -#define k5 v25 -#define k6 v26 -#define k7 v27 - -#define tmp0 v8 -#define tmp1 v9 -#define tmp2 v18 - -/* - * Update message schedule for m0 (W0:W1), using m1 (W2:W3), m4 (W8:W9), - * m5 (W10:W11) and m7 (W14:W15). The sha512su0 instruction computes the sigma0 - * component of the message schedule update as m0 = sigma0(m1) + m0, while - * sha512su1 computes the sigma1 component as m0 = sigma1(m7) + W9:W10 + m0. - * Note that W9:W10 is split across two registers, hence this needs to be - * constructed before it is passed to sha512su1: - * - * W0 = sigma1(W14) + W9 + sigma0(W1) + W0 - */ -#define sha512_message_schedule_update(m0, m1, m4, m5, m7) \ - sha512su0 m0.2d, m1.2d; /* W0 += sigma0(W1) */ \ - ext tmp2.16b, m4.16b, m5.16b, #8; /* W9:W10 */ \ - sha512su1 m0.2d, m7.2d, tmp2.2d; /* W0 += sigma1(W14) + W9 */ - -/* - * Compute two SHA-512 rounds by adding W0:W1 + K0:K1, then computing T1 for two - * rounds by swapping the double words, adding g:h and calling sha512h with this - * value (W1:W0 = W1:W0 + K1:K0 + g:h), f:g and d:e. The new e:f value is then - * computed by adding T1 + c:d (producing the next e:f values), before calling - * sha512h2 with T1, c:d and a:b, computing T1 + T2 for two rounds (producing - * the next a:b values): - * - * T1 = h + Sigma1(e) + Ch(e, f, g) + Kt + Wt - * T2 = Sigma0(a) + Maj(a, b, c) - * - * h = g - * g = f - * f = e - * e = d + T1 - * d = c - * c = b - * b = a - * a = T1 + T2 - * - * The inputs are: - * - * h0 = a:b - * h1 = c:d - * h2 = e:f - * h3 = g:h - * - * Producing the following outputs: - * - * h4 = next a:b - * h5 = next e:f - * - * These values are then rotated by the caller to perform the next two rounds. - */ -#define sha512_round(h0, h1, h2, h3, h4, h5, w, k) \ - add h4.2d, w.2d, k.2d; /* W0:W1 += K0:K1 */ \ - ext h4.16b, h4.16b, h4.16b, #8; /* W1:W0 (swap) */ \ - add h4.2d, h4.2d, h3.2d; /* W1:W0 += g:h */ \ - ext tmp0.16b, h2.16b, h3.16b, #8; /* f:g */ \ - ext tmp1.16b, h1.16b, h2.16b, #8; /* d:e */ \ - sha512h h4, tmp0, tmp1.2d; /* T1 */ \ - add h5.2d, h1.2d, h4.2d; /* c:d + T1 */ \ - sha512h2 h4, h1, h0.2d; /* T1 + T2 */ - -#define sha512_round_update(h0, h1, h2, h3, h4, h5, m0, m1, m2, m3, m4, k) \ - sha512_message_schedule_update(m0, m1, m2, m3, m4) \ - sha512_round(h0, h1, h2, h3, h4, h5, m0, k) - -.arch armv8-a+sha3 - -.text - -/* - * void sha512_block_ce(SHA512_CTX *ctx, const void *in, size_t num); - * - * Standard ARM ABI: x0 = ctx, x1 = in, x2 = num - */ -.globl sha512_block_ce -sha512_block_ce: - - /* Save low 64 bits of v8 through v15 to the stack. */ - sub sp, sp, #32 - st4 {v8.d, v9.d, v10.d, v11.d}[0], [sp] - sub sp, sp, #32 - st4 {v12.d, v13.d, v14.d, v15.d}[0], [sp] - - /* Address of SHA-512 constants. */ - adrp k512_base, K512 - add k512_base, k512_base, :lo12:K512 - - /* - * Load current hash state from context. - * hc0 = a:b, hc1 = c:d, hc2 = e:f, hc3 = g:h - */ - ld1 {hc0.2d, hc1.2d, hc2.2d, hc3.2d}, [ctx] - -block_loop: - mov k512, k512_base - - /* Copy current hash state. */ - mov hs0.2d, hc0.2d - mov hs1.2d, hc1.2d - mov hs2.2d, hc2.2d - mov hs3.2d, hc3.2d - - /* Load and byte swap message schedule. */ - ld1 {w0.16b, w1.16b, w2.16b, w3.16b}, [in], #64 - rev64 w0.16b, w0.16b - rev64 w1.16b, w1.16b - rev64 w2.16b, w2.16b - rev64 w3.16b, w3.16b - - ld1 {w4.2d, w5.2d, w6.2d, w7.2d}, [in], #64 - rev64 w4.16b, w4.16b - rev64 w5.16b, w5.16b - rev64 w6.16b, w6.16b - rev64 w7.16b, w7.16b - - /* Rounds 0 through 15 (two rounds at a time). */ - ld1 {k0.2d, k1.2d, k2.2d, k3.2d}, [k512], #64 - ld1 {k4.2d, k5.2d, k6.2d, k7.2d}, [k512], #64 - - sha512_round(hs0, hs1, hs2, hs3, hs4, hs5, w0, k0) - sha512_round(hs4, hs0, hs5, hs2, hs6, hs7, w1, k1) - sha512_round(hs6, hs4, hs7, hs5, hs1, hs3, w2, k2) - sha512_round(hs1, hs6, hs3, hs7, hs0, hs2, w3, k3) - sha512_round(hs0, hs1, hs2, hs3, hs4, hs5, w4, k4) - sha512_round(hs4, hs0, hs5, hs2, hs6, hs7, w5, k5) - sha512_round(hs6, hs4, hs7, hs5, hs1, hs3, w6, k6) - sha512_round(hs1, hs6, hs3, hs7, hs0, hs2, w7, k7) - - /* Rounds 16 through 31 (two rounds at a time). */ - ld1 {k0.2d, k1.2d, k2.2d, k3.2d}, [k512], #64 - ld1 {k4.2d, k5.2d, k6.2d, k7.2d}, [k512], #64 - - sha512_round_update(hs0, hs1, hs2, hs3, hs4, hs5, w0, w1, w4, w5, w7, k0) - sha512_round_update(hs4, hs0, hs5, hs2, hs6, hs7, w1, w2, w5, w6, w0, k1) - sha512_round_update(hs6, hs4, hs7, hs5, hs1, hs3, w2, w3, w6, w7, w1, k2) - sha512_round_update(hs1, hs6, hs3, hs7, hs0, hs2, w3, w4, w7, w0, w2, k3) - sha512_round_update(hs0, hs1, hs2, hs3, hs4, hs5, w4, w5, w0, w1, w3, k4) - sha512_round_update(hs4, hs0, hs5, hs2, hs6, hs7, w5, w6, w1, w2, w4, k5) - sha512_round_update(hs6, hs4, hs7, hs5, hs1, hs3, w6, w7, w2, w3, w5, k6) - sha512_round_update(hs1, hs6, hs3, hs7, hs0, hs2, w7, w0, w3, w4, w6, k7) - - /* Rounds 32 through 47 (two rounds at a time). */ - ld1 {k0.2d, k1.2d, k2.2d, k3.2d}, [k512], #64 - ld1 {k4.2d, k5.2d, k6.2d, k7.2d}, [k512], #64 - - sha512_round_update(hs0, hs1, hs2, hs3, hs4, hs5, w0, w1, w4, w5, w7, k0) - sha512_round_update(hs4, hs0, hs5, hs2, hs6, hs7, w1, w2, w5, w6, w0, k1) - sha512_round_update(hs6, hs4, hs7, hs5, hs1, hs3, w2, w3, w6, w7, w1, k2) - sha512_round_update(hs1, hs6, hs3, hs7, hs0, hs2, w3, w4, w7, w0, w2, k3) - sha512_round_update(hs0, hs1, hs2, hs3, hs4, hs5, w4, w5, w0, w1, w3, k4) - sha512_round_update(hs4, hs0, hs5, hs2, hs6, hs7, w5, w6, w1, w2, w4, k5) - sha512_round_update(hs6, hs4, hs7, hs5, hs1, hs3, w6, w7, w2, w3, w5, k6) - sha512_round_update(hs1, hs6, hs3, hs7, hs0, hs2, w7, w0, w3, w4, w6, k7) - - /* Rounds 48 through 63 (two rounds at a time). */ - ld1 {k0.2d, k1.2d, k2.2d, k3.2d}, [k512], #64 - ld1 {k4.2d, k5.2d, k6.2d, k7.2d}, [k512], #64 - - sha512_round_update(hs0, hs1, hs2, hs3, hs4, hs5, w0, w1, w4, w5, w7, k0) - sha512_round_update(hs4, hs0, hs5, hs2, hs6, hs7, w1, w2, w5, w6, w0, k1) - sha512_round_update(hs6, hs4, hs7, hs5, hs1, hs3, w2, w3, w6, w7, w1, k2) - sha512_round_update(hs1, hs6, hs3, hs7, hs0, hs2, w3, w4, w7, w0, w2, k3) - sha512_round_update(hs0, hs1, hs2, hs3, hs4, hs5, w4, w5, w0, w1, w3, k4) - sha512_round_update(hs4, hs0, hs5, hs2, hs6, hs7, w5, w6, w1, w2, w4, k5) - sha512_round_update(hs6, hs4, hs7, hs5, hs1, hs3, w6, w7, w2, w3, w5, k6) - sha512_round_update(hs1, hs6, hs3, hs7, hs0, hs2, w7, w0, w3, w4, w6, k7) - - /* Rounds 64 through 79 (two rounds at a time). */ - ld1 {k0.2d, k1.2d, k2.2d, k3.2d}, [k512], #64 - ld1 {k4.2d, k5.2d, k6.2d, k7.2d}, [k512], #64 - - sha512_round_update(hs0, hs1, hs2, hs3, hs4, hs5, w0, w1, w4, w5, w7, k0) - sha512_round_update(hs4, hs0, hs5, hs2, hs6, hs7, w1, w2, w5, w6, w0, k1) - sha512_round_update(hs6, hs4, hs7, hs5, hs1, hs3, w2, w3, w6, w7, w1, k2) - sha512_round_update(hs1, hs6, hs3, hs7, hs0, hs2, w3, w4, w7, w0, w2, k3) - sha512_round_update(hs0, hs1, hs2, hs3, hs4, hs5, w4, w5, w0, w1, w3, k4) - sha512_round_update(hs4, hs0, hs5, hs2, hs6, hs7, w5, w6, w1, w2, w4, k5) - sha512_round_update(hs6, hs4, hs7, hs5, hs1, hs3, w6, w7, w2, w3, w5, k6) - sha512_round_update(hs1, hs6, hs3, hs7, hs0, hs2, w7, w0, w3, w4, w6, k7) - - /* Add intermediate state to hash state. */ - add hc0.2d, hc0.2d, hs0.2d - add hc1.2d, hc1.2d, hs1.2d - add hc2.2d, hc2.2d, hs2.2d - add hc3.2d, hc3.2d, hs3.2d - - sub num, num, #1 - cbnz num, block_loop - - /* Store hash state to context. */ - st1 {hc0.2d, hc1.2d, hc2.2d, hc3.2d}, [ctx] - - /* Restore low 64 bits of v8 through v15 from the stack. */ - ld4 {v12.d, v13.d, v14.d, v15.d}[0], [sp], #32 - ld4 {v8.d, v9.d, v10.d, v11.d}[0], [sp], #32 - - ret - -/* - * SHA-512 constants - see FIPS 180-4 section 4.2.3. - */ -.rodata -.align 4 -.type K512,@object -K512: -.quad 0x428a2f98d728ae22, 0x7137449123ef65cd, 0xb5c0fbcfec4d3b2f, 0xe9b5dba58189dbbc -.quad 0x3956c25bf348b538, 0x59f111f1b605d019, 0x923f82a4af194f9b, 0xab1c5ed5da6d8118 -.quad 0xd807aa98a3030242, 0x12835b0145706fbe, 0x243185be4ee4b28c, 0x550c7dc3d5ffb4e2 -.quad 0x72be5d74f27b896f, 0x80deb1fe3b1696b1, 0x9bdc06a725c71235, 0xc19bf174cf692694 -.quad 0xe49b69c19ef14ad2, 0xefbe4786384f25e3, 0x0fc19dc68b8cd5b5, 0x240ca1cc77ac9c65 -.quad 0x2de92c6f592b0275, 0x4a7484aa6ea6e483, 0x5cb0a9dcbd41fbd4, 0x76f988da831153b5 -.quad 0x983e5152ee66dfab, 0xa831c66d2db43210, 0xb00327c898fb213f, 0xbf597fc7beef0ee4 -.quad 0xc6e00bf33da88fc2, 0xd5a79147930aa725, 0x06ca6351e003826f, 0x142929670a0e6e70 -.quad 0x27b70a8546d22ffc, 0x2e1b21385c26c926, 0x4d2c6dfc5ac42aed, 0x53380d139d95b3df -.quad 0x650a73548baf63de, 0x766a0abb3c77b2a8, 0x81c2c92e47edaee6, 0x92722c851482353b -.quad 0xa2bfe8a14cf10364, 0xa81a664bbc423001, 0xc24b8b70d0f89791, 0xc76c51a30654be30 -.quad 0xd192e819d6ef5218, 0xd69906245565a910, 0xf40e35855771202a, 0x106aa07032bbd1b8 -.quad 0x19a4c116b8d2d0c8, 0x1e376c085141ab53, 0x2748774cdf8eeb99, 0x34b0bcb5e19b48a8 -.quad 0x391c0cb3c5c95a63, 0x4ed8aa4ae3418acb, 0x5b9cca4f7763e373, 0x682e6ff3d6b2b8a3 -.quad 0x748f82ee5defb2fc, 0x78a5636f43172f60, 0x84c87814a1f0ab72, 0x8cc702081a6439ec -.quad 0x90befffa23631e28, 0xa4506cebde82bde9, 0xbef9a3f7b2c67915, 0xc67178f2e372532b -.quad 0xca273eceea26619c, 0xd186b8c721c0c207, 0xeada7dd6cde0eb1e, 0xf57d4f7fee6ed178 -.quad 0x06f067aa72176fba, 0x0a637dc5a2c898a6, 0x113f9804bef90dae, 0x1b710b35131c471b -.quad 0x28db77f523047d84, 0x32caab7b40c72493, 0x3c9ebe0a15c9bebc, 0x431d67c49c100d4c -.quad 0x4cc5d4becb3e42b6, 0x597f299cfc657e2a, 0x5fcb6fab3ad6faec, 0x6c44198c4a475817 -.size K512,.-K512 diff --git a/src/lib/libcrypto/sha/sha512_amd64.c b/src/lib/libcrypto/sha/sha512_amd64.c deleted file mode 100644 index 0b54243020..0000000000 --- a/src/lib/libcrypto/sha/sha512_amd64.c +++ /dev/null @@ -1,26 +0,0 @@ -/* $OpenBSD: sha512_amd64.c,v 1.1 2024/11/16 14:56:39 jsing Exp $ */ -/* - * Copyright (c) 2024 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -void sha512_block_generic(SHA512_CTX *ctx, const void *in, size_t num); - -void -sha512_block_data_order(SHA512_CTX *ctx, const void *in, size_t num) -{ - sha512_block_generic(ctx, in, num); -} diff --git a/src/lib/libcrypto/sha/sha512_amd64_generic.S b/src/lib/libcrypto/sha/sha512_amd64_generic.S deleted file mode 100644 index 8419d60b8e..0000000000 --- a/src/lib/libcrypto/sha/sha512_amd64_generic.S +++ /dev/null @@ -1,307 +0,0 @@ -/* $OpenBSD: sha512_amd64_generic.S,v 1.1 2024/11/16 14:56:39 jsing Exp $ */ -/* - * Copyright (c) 2024 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifdef __CET__ -#include -#else -#define _CET_ENDBR -#endif - -#define ctx %rdi -#define in %rsi -#define num %rdx - -#define round %rdi - -#define hs0 %r8 -#define hs1 %r9 -#define hs2 %r10 -#define hs3 %r11 -#define hs4 %r12 -#define hs5 %r13 -#define hs6 %r14 -#define hs7 %r15 - -#define k512 %rbp - -#define tmp0 %rax -#define tmp1 %rbx -#define tmp2 %rcx -#define tmp3 %rdx - -/* - * Load message into wt, storing a copy in the message schedule: - * - * Wt = Mt - */ -#define sha512_message_schedule_load(idx, m, w, wt) \ - movq (m, round, 8), wt; \ - bswapq wt; \ - movq wt, ((idx&0xf)*8)(w); - -/* - * Update message schedule and return current value in wt: - * - * Wt = sigma1(W(t-2)) + W(t-7) + sigma0(W(t-15)) + W(t-16) - * - * sigma0(x) = ror(x, 1) ^ ror(x, 8) ^ (x >> 7) - * sigma1(x) = ror(x, 19) ^ ror(x, 61) ^ (x >> 6) - * - */ -#define sha512_message_schedule_update(idx, w, wt) \ - movq (((idx-2)&0xf)*8)(w), wt; /* sigma1 */ \ - movq wt, tmp1; /* sigma1 */ \ - rorq $(61-19), tmp1; /* sigma1 */ \ - xorq wt, tmp1; /* sigma1 */ \ - rorq $19, tmp1; /* sigma1 */ \ - shrq $6, wt; /* sigma1 */ \ - xorq tmp1, wt; /* sigma1 */ \ - \ - addq (((idx-7)&0xf)*8)(w), wt; /* Wt-7 */ \ - addq (((idx-16)&0xf)*8)(w), wt; /* Wt-16 */ \ - \ - movq (((idx-15)&0xf)*8)(w), tmp2; /* sigma0 */ \ - movq tmp2, tmp3; /* sigma0 */ \ - rorq $(8-1), tmp2; /* sigma0 */ \ - xorq tmp3, tmp2; /* sigma0 */ \ - rorq $1, tmp2; /* sigma0 */ \ - shrq $7, tmp3; /* sigma0 */ \ - xorq tmp3, tmp2; /* sigma0 */ \ - addq tmp2, wt; /* sigma0 */ \ - \ - movq wt, ((idx&0xf)*8)(w); - -/* - * Compute a SHA-512 round: - * - * T1 = h + Sigma1(e) + Ch(e, f, g) + Kt + Wt - * T2 = Sigma0(a) + Maj(a, b, c) - * - * Sigma0(x) = ror(x, 28) ^ ror(x, 34) ^ ror(x, 39) - * Sigma1(x) = ror(x, 14) ^ ror(x, 18) ^ ror(x, 41) - * Ch(x, y, z) = (x & y) ^ (~x & z) = ((y ^ z) & x) ^ z - * Maj(x, y, z) = (x & y) ^ (x & z) ^ (y & z) = ((y ^ z) & x) ^ (y & z) - * - * Upon completion d = d + T1, h = T1 + T2, pending rotation. - */ -#define sha512_round(idx, a, b, c, d, e, f, g, h, k, w, wt) \ - addq wt, h; /* T1 Wt */ \ - addq (k512, round, 8), h; /* T1 Kt */ \ - \ - movq e, tmp1; /* T1 Sigma1 */ \ - rorq $(41-18), tmp1; /* T1 Sigma1 */ \ - xorq e, tmp1; /* T1 Sigma1 */ \ - rorq $(18-14), tmp1; /* T1 Sigma1 */ \ - xorq e, tmp1; /* T1 Sigma1 */ \ - rorq $14, tmp1; /* T1 Sigma1 */ \ - addq tmp1, h; /* T1 Sigma1 */ \ - \ - movq f, tmp2; /* T1 Ch */ \ - xorq g, tmp2; /* T1 Ch */ \ - andq e, tmp2; /* T1 Ch */ \ - xorq g, tmp2; /* T1 Ch */ \ - addq tmp2, h; /* T1 Ch */ \ - \ - addq h, d; /* d += T1 */ \ - \ - movq a, tmp1; /* T2 Sigma0 */ \ - rorq $(39-34), tmp1; /* T2 Sigma0 */ \ - xorq a, tmp1; /* T2 Sigma0 */ \ - rorq $(34-28), tmp1; /* T2 Sigma0 */ \ - xorq a, tmp1; /* T2 Sigma0 */ \ - rorq $28, tmp1; /* T2 Sigma0 */ \ - addq tmp1, h; /* T2 Sigma0 */ \ - \ - movq b, tmp2; /* T2 Maj */ \ - xorq c, tmp2; /* T2 Maj */ \ - andq a, tmp2; /* T2 Maj */ \ - movq b, tmp3; /* T2 Maj */ \ - andq c, tmp3; /* T2 Maj */ \ - xorq tmp2, tmp3; /* T2 Maj */ \ - addq tmp3, h; /* T2 Maj */ \ - \ - addq $1, round; - -#define sha512_round_load(idx, a, b, c, d, e, f, g, h) \ - sha512_message_schedule_load(idx, in, %rsp, tmp0) \ - sha512_round(idx, a, b, c, d, e, f, g, h, k512, %rsp, tmp0) - -#define sha512_round_update(idx, a, b, c, d, e, f, g, h) \ - sha512_message_schedule_update(idx, %rsp, tmp0) \ - sha512_round(idx, a, b, c, d, e, f, g, h, k512, %rsp, tmp0) - -.text - -/* - * void sha512_block_generic(SHA512_CTX *ctx, const void *in, size_t num); - * - * Standard x86-64 ABI: rdi = ctx, rsi = in, rdx = num - */ -.align 16 -.globl sha512_block_generic -.type sha512_block_generic,@function -sha512_block_generic: - _CET_ENDBR - - /* Save callee save registers. */ - pushq %rbx - pushq %rbp - pushq %r12 - pushq %r13 - pushq %r14 - pushq %r15 - - /* Allocate space for message schedule and context pointer. */ - movq %rsp, %rax - subq $(128+3*8), %rsp - andq $~63, %rsp - movq %rax, (128+2*8)(%rsp) - movq ctx, (128+1*8)(%rsp) - - /* Compute and store end of message. */ - shlq $7, num - leaq (in, num, 1), %rbx - movq %rbx, (128+0*8)(%rsp) - - /* Address of SHA-512 constants. */ - leaq K512(%rip), k512 - - /* Load current hash state from context. */ - movq (0*8)(ctx), hs0 - movq (1*8)(ctx), hs1 - movq (2*8)(ctx), hs2 - movq (3*8)(ctx), hs3 - movq (4*8)(ctx), hs4 - movq (5*8)(ctx), hs5 - movq (6*8)(ctx), hs6 - movq (7*8)(ctx), hs7 - - jmp .Lblock_loop0 - -.align 16 -.Lblock_loop0: - mov $0, round - - /* Round 0 through 15. */ - sha512_round_load(0, hs0, hs1, hs2, hs3, hs4, hs5, hs6, hs7) - sha512_round_load(1, hs7, hs0, hs1, hs2, hs3, hs4, hs5, hs6) - sha512_round_load(2, hs6, hs7, hs0, hs1, hs2, hs3, hs4, hs5) - sha512_round_load(3, hs5, hs6, hs7, hs0, hs1, hs2, hs3, hs4) - sha512_round_load(4, hs4, hs5, hs6, hs7, hs0, hs1, hs2, hs3) - sha512_round_load(5, hs3, hs4, hs5, hs6, hs7, hs0, hs1, hs2) - sha512_round_load(6, hs2, hs3, hs4, hs5, hs6, hs7, hs0, hs1) - sha512_round_load(7, hs1, hs2, hs3, hs4, hs5, hs6, hs7, hs0) - sha512_round_load(8, hs0, hs1, hs2, hs3, hs4, hs5, hs6, hs7) - sha512_round_load(9, hs7, hs0, hs1, hs2, hs3, hs4, hs5, hs6) - sha512_round_load(10, hs6, hs7, hs0, hs1, hs2, hs3, hs4, hs5) - sha512_round_load(11, hs5, hs6, hs7, hs0, hs1, hs2, hs3, hs4) - sha512_round_load(12, hs4, hs5, hs6, hs7, hs0, hs1, hs2, hs3) - sha512_round_load(13, hs3, hs4, hs5, hs6, hs7, hs0, hs1, hs2) - sha512_round_load(14, hs2, hs3, hs4, hs5, hs6, hs7, hs0, hs1) - sha512_round_load(15, hs1, hs2, hs3, hs4, hs5, hs6, hs7, hs0) - - jmp .Lblock_loop16 - -.align 16 -.Lblock_loop16: - /* Round 16 through 79. */ - sha512_round_update(16, hs0, hs1, hs2, hs3, hs4, hs5, hs6, hs7) - sha512_round_update(17, hs7, hs0, hs1, hs2, hs3, hs4, hs5, hs6) - sha512_round_update(18, hs6, hs7, hs0, hs1, hs2, hs3, hs4, hs5) - sha512_round_update(19, hs5, hs6, hs7, hs0, hs1, hs2, hs3, hs4) - sha512_round_update(20, hs4, hs5, hs6, hs7, hs0, hs1, hs2, hs3) - sha512_round_update(21, hs3, hs4, hs5, hs6, hs7, hs0, hs1, hs2) - sha512_round_update(22, hs2, hs3, hs4, hs5, hs6, hs7, hs0, hs1) - sha512_round_update(23, hs1, hs2, hs3, hs4, hs5, hs6, hs7, hs0) - sha512_round_update(24, hs0, hs1, hs2, hs3, hs4, hs5, hs6, hs7) - sha512_round_update(25, hs7, hs0, hs1, hs2, hs3, hs4, hs5, hs6) - sha512_round_update(26, hs6, hs7, hs0, hs1, hs2, hs3, hs4, hs5) - sha512_round_update(27, hs5, hs6, hs7, hs0, hs1, hs2, hs3, hs4) - sha512_round_update(28, hs4, hs5, hs6, hs7, hs0, hs1, hs2, hs3) - sha512_round_update(29, hs3, hs4, hs5, hs6, hs7, hs0, hs1, hs2) - sha512_round_update(30, hs2, hs3, hs4, hs5, hs6, hs7, hs0, hs1) - sha512_round_update(31, hs1, hs2, hs3, hs4, hs5, hs6, hs7, hs0) - - cmp $80, round - jb .Lblock_loop16 - - movq (128+1*8)(%rsp), ctx - - /* Add intermediate state to hash state. */ - addq (0*8)(ctx), hs0 - addq (1*8)(ctx), hs1 - addq (2*8)(ctx), hs2 - addq (3*8)(ctx), hs3 - addq (4*8)(ctx), hs4 - addq (5*8)(ctx), hs5 - addq (6*8)(ctx), hs6 - addq (7*8)(ctx), hs7 - - /* Store new hash state to context. */ - movq hs0, (0*8)(ctx) - movq hs1, (1*8)(ctx) - movq hs2, (2*8)(ctx) - movq hs3, (3*8)(ctx) - movq hs4, (4*8)(ctx) - movq hs5, (5*8)(ctx) - movq hs6, (6*8)(ctx) - movq hs7, (7*8)(ctx) - - addq $128, in - cmpq (128+0*8)(%rsp), in - jb .Lblock_loop0 - - movq (128+2*8)(%rsp), %rsp - - /* Restore callee save registers. */ - popq %r15 - popq %r14 - popq %r13 - popq %r12 - popq %rbp - popq %rbx - - ret - -/* - * SHA-512 constants - see FIPS 180-4 section 4.2.3. - */ -.rodata -.align 64 -.type K512,@object -K512: -.quad 0x428a2f98d728ae22, 0x7137449123ef65cd, 0xb5c0fbcfec4d3b2f, 0xe9b5dba58189dbbc -.quad 0x3956c25bf348b538, 0x59f111f1b605d019, 0x923f82a4af194f9b, 0xab1c5ed5da6d8118 -.quad 0xd807aa98a3030242, 0x12835b0145706fbe, 0x243185be4ee4b28c, 0x550c7dc3d5ffb4e2 -.quad 0x72be5d74f27b896f, 0x80deb1fe3b1696b1, 0x9bdc06a725c71235, 0xc19bf174cf692694 -.quad 0xe49b69c19ef14ad2, 0xefbe4786384f25e3, 0x0fc19dc68b8cd5b5, 0x240ca1cc77ac9c65 -.quad 0x2de92c6f592b0275, 0x4a7484aa6ea6e483, 0x5cb0a9dcbd41fbd4, 0x76f988da831153b5 -.quad 0x983e5152ee66dfab, 0xa831c66d2db43210, 0xb00327c898fb213f, 0xbf597fc7beef0ee4 -.quad 0xc6e00bf33da88fc2, 0xd5a79147930aa725, 0x06ca6351e003826f, 0x142929670a0e6e70 -.quad 0x27b70a8546d22ffc, 0x2e1b21385c26c926, 0x4d2c6dfc5ac42aed, 0x53380d139d95b3df -.quad 0x650a73548baf63de, 0x766a0abb3c77b2a8, 0x81c2c92e47edaee6, 0x92722c851482353b -.quad 0xa2bfe8a14cf10364, 0xa81a664bbc423001, 0xc24b8b70d0f89791, 0xc76c51a30654be30 -.quad 0xd192e819d6ef5218, 0xd69906245565a910, 0xf40e35855771202a, 0x106aa07032bbd1b8 -.quad 0x19a4c116b8d2d0c8, 0x1e376c085141ab53, 0x2748774cdf8eeb99, 0x34b0bcb5e19b48a8 -.quad 0x391c0cb3c5c95a63, 0x4ed8aa4ae3418acb, 0x5b9cca4f7763e373, 0x682e6ff3d6b2b8a3 -.quad 0x748f82ee5defb2fc, 0x78a5636f43172f60, 0x84c87814a1f0ab72, 0x8cc702081a6439ec -.quad 0x90befffa23631e28, 0xa4506cebde82bde9, 0xbef9a3f7b2c67915, 0xc67178f2e372532b -.quad 0xca273eceea26619c, 0xd186b8c721c0c207, 0xeada7dd6cde0eb1e, 0xf57d4f7fee6ed178 -.quad 0x06f067aa72176fba, 0x0a637dc5a2c898a6, 0x113f9804bef90dae, 0x1b710b35131c471b -.quad 0x28db77f523047d84, 0x32caab7b40c72493, 0x3c9ebe0a15c9bebc, 0x431d67c49c100d4c -.quad 0x4cc5d4becb3e42b6, 0x597f299cfc657e2a, 0x5fcb6fab3ad6faec, 0x6c44198c4a475817 -.size K512,.-K512 diff --git a/src/lib/libcrypto/sha/sha_internal.h b/src/lib/libcrypto/sha/sha_internal.h deleted file mode 100644 index 63cae3d3b3..0000000000 --- a/src/lib/libcrypto/sha/sha_internal.h +++ /dev/null @@ -1,36 +0,0 @@ -/* $OpenBSD: sha_internal.h,v 1.3 2023/04/25 15:47:29 tb Exp $ */ -/* - * Copyright (c) 2023 Joel Sing - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#ifndef HEADER_SHA_INTERNAL_H -#define HEADER_SHA_INTERNAL_H - -#define SHA512_224_DIGEST_LENGTH 28 -#define SHA512_256_DIGEST_LENGTH 32 - -int SHA512_224_Init(SHA512_CTX *c); -int SHA512_224_Update(SHA512_CTX *c, const void *data, size_t len) - __attribute__ ((__bounded__(__buffer__,2,3))); -int SHA512_224_Final(unsigned char *md, SHA512_CTX *c); - -int SHA512_256_Init(SHA512_CTX *c); -int SHA512_256_Update(SHA512_CTX *c, const void *data, size_t len) - __attribute__ ((__bounded__(__buffer__,2,3))); -int SHA512_256_Final(unsigned char *md, SHA512_CTX *c); - -#endif diff --git a/src/lib/libcrypto/shlib_version b/src/lib/libcrypto/shlib_version deleted file mode 100644 index a5cb76dd4f..0000000000 --- a/src/lib/libcrypto/shlib_version +++ /dev/null @@ -1,3 +0,0 @@ -# Don't forget to give libssl and libtls the same type of bump! -major=56 -minor=0 diff --git a/src/lib/libcrypto/sm2/sm2.h b/src/lib/libcrypto/sm2/sm2.h deleted file mode 100644 index b5195a73e1..0000000000 --- a/src/lib/libcrypto/sm2/sm2.h +++ /dev/null @@ -1,138 +0,0 @@ -/* $OpenBSD: sm2.h,v 1.4 2025/01/25 17:59:44 tb Exp $ */ -/* - * Copyright (c) 2017, 2019 Ribose Inc - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_SM2_H -#define HEADER_SM2_H - -#include - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * SM2 signature generation. - */ -int SM2_sign(const unsigned char *dgst, int dgstlen, unsigned char *sig, - unsigned int *siglen, EC_KEY *eckey); - -/* - * SM2 signature verification. Assumes input is an SM3 digest - */ -int SM2_verify(const unsigned char *dgst, int dgstlen, const unsigned char *sig, - int siglen, EC_KEY *eckey); - -/* - * SM2 encryption - */ -int SM2_ciphertext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len, - size_t *c_size); - -int SM2_plaintext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len, - size_t *pl_size); - -int SM2_encrypt(const EC_KEY *key, const EVP_MD *digest, const uint8_t *msg, - size_t msg_len, uint8_t *ciphertext_buf, size_t *ciphertext_len); - -int SM2_decrypt(const EC_KEY *key, const EVP_MD *digest, - const uint8_t *ciphertext, size_t ciphertext_len, uint8_t *ptext_buf, - size_t *ptext_len); - -void ERR_load_SM2_strings(void); - -/* Error codes for the SM2 functions. */ - -/* Function codes. */ -# define SM2_F_PKEY_SM2_CTRL 274 -# define SM2_F_PKEY_SM2_CTRL_STR 275 -# define SM2_F_PKEY_SM2_KEYGEN 276 -# define SM2_F_PKEY_SM2_PARAMGEN 277 -# define SM2_F_PKEY_SM2_SIGN 278 -# define SM2_F_PKEY_SM2_VERIFY 279 -# define SM2_F_PKEY_SM2_ENCRYPT 280 -# define SM2_F_PKEY_SM2_DECRYPT 281 - -/* Reason codes. */ -# define SM2_R_ASN1_ERROR 115 -# define SM2_R_ASN5_ERROR 1150 -# define SM2_R_BAD_SIGNATURE 156 -# define SM2_R_BIGNUM_OUT_OF_RANGE 144 -# define SM2_R_BUFFER_TOO_SMALL 100 -# define SM2_R_COORDINATES_OUT_OF_RANGE 146 -# define SM2_R_CURVE_DOES_NOT_SUPPORT_ECDH 160 -# define SM2_R_CURVE_DOES_NOT_SUPPORT_SIGNING 159 -# define SM2_R_D2I_ECPKPARAMETERS_FAILURE 117 -# define SM2_R_DECODE_ERROR 142 -# define SM2_R_DIGEST_FAILURE 163 -# define SM2_R_DISCRIMINANT_IS_ZERO 118 -# define SM2_R_EC_GROUP_NEW_BY_NAME_FAILURE 119 -# define SM2_R_FIELD_TOO_LARGE 143 -# define SM2_R_GF2M_NOT_SUPPORTED 147 -# define SM2_R_GROUP2PKPARAMETERS_FAILURE 120 -# define SM2_R_I2D_ECPKPARAMETERS_FAILURE 121 -# define SM2_R_INCOMPATIBLE_OBJECTS 101 -# define SM2_R_INVALID_ARGUMENT 112 -# define SM2_R_INVALID_COMPRESSED_POINT 110 -# define SM2_R_INVALID_COMPRESSION_BIT 109 -# define SM2_R_INVALID_CURVE 141 -# define SM2_R_INVALID_DIGEST 151 -# define SM2_R_INVALID_DIGEST_TYPE 138 -# define SM2_R_INVALID_ENCODING 102 -# define SM2_R_INVALID_FIELD 103 -# define SM2_R_INVALID_FORM 104 -# define SM2_R_INVALID_GROUP_ORDER 122 -# define SM2_R_INVALID_KEY 116 -# define SM2_R_INVALID_OUTPUT_LENGTH 161 -# define SM2_R_INVALID_PEER_KEY 133 -# define SM2_R_INVALID_PENTANOMIAL_BASIS 132 -# define SM2_R_INVALID_PRIVATE_KEY 123 -# define SM2_R_INVALID_TRINOMIAL_BASIS 137 -# define SM2_R_KDF_FAILURE 162 -# define SM2_R_KDF_PARAMETER_ERROR 148 -# define SM2_R_KEYS_NOT_SET 140 -# define SM2_R_MISSING_PARAMETERS 124 -# define SM2_R_MISSING_PRIVATE_KEY 125 -# define SM2_R_NEED_NEW_SETUP_VALUES 157 -# define SM2_R_NOT_A_NIST_PRIME 135 -# define SM2_R_NOT_IMPLEMENTED 126 -# define SM2_R_NOT_INITIALIZED 111 -# define SM2_R_NO_PARAMETERS_SET 139 -# define SM2_R_NO_PRIVATE_VALUE 154 -# define SM2_R_OPERATION_NOT_SUPPORTED 152 -# define SM2_R_PASSED_NULL_PARAMETER 134 -# define SM2_R_PEER_KEY_ERROR 149 -# define SM2_R_PKPARAMETERS2GROUP_FAILURE 127 -# define SM2_R_POINT_ARITHMETIC_FAILURE 155 -# define SM2_R_POINT_AT_INFINITY 106 -# define SM2_R_POINT_IS_NOT_ON_CURVE 107 -# define SM2_R_RANDOM_NUMBER_GENERATION_FAILED 158 -# define SM2_R_SHARED_INFO_ERROR 150 -# define SM2_R_SLOT_FULL 108 -# define SM2_R_UNDEFINED_GENERATOR 113 -# define SM2_R_UNDEFINED_ORDER 128 -# define SM2_R_UNKNOWN_GROUP 129 -# define SM2_R_UNKNOWN_ORDER 114 -# define SM2_R_UNSUPPORTED_FIELD 131 -# define SM2_R_WRONG_CURVE_PARAMETERS 145 -# define SM2_R_WRONG_ORDER 130 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/sm2/sm2_crypt.c b/src/lib/libcrypto/sm2/sm2_crypt.c deleted file mode 100644 index 63fe1e6ab9..0000000000 --- a/src/lib/libcrypto/sm2/sm2_crypt.c +++ /dev/null @@ -1,631 +0,0 @@ -/* $OpenBSD: sm2_crypt.c,v 1.3 2024/02/09 07:43:52 tb Exp $ */ -/* - * Copyright (c) 2017, 2019 Ribose Inc - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef OPENSSL_NO_SM2 - -#include - -#include -#include -#include -#include -#include -#include - -#include "sm2_local.h" - -typedef struct SM2_Ciphertext_st SM2_Ciphertext; - -SM2_Ciphertext *SM2_Ciphertext_new(void); -void SM2_Ciphertext_free(SM2_Ciphertext *a); -SM2_Ciphertext *d2i_SM2_Ciphertext(SM2_Ciphertext **a, const unsigned char **in, - long len); -int i2d_SM2_Ciphertext(SM2_Ciphertext *a, unsigned char **out); - -struct SM2_Ciphertext_st { - BIGNUM *C1x; - BIGNUM *C1y; - ASN1_OCTET_STRING *C3; - ASN1_OCTET_STRING *C2; -}; - -static const ASN1_TEMPLATE SM2_Ciphertext_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(SM2_Ciphertext, C1x), - .field_name = "C1x", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(SM2_Ciphertext, C1y), - .field_name = "C1y", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(SM2_Ciphertext, C3), - .field_name = "C3", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(SM2_Ciphertext, C2), - .field_name = "C2", - .item = &ASN1_OCTET_STRING_it, - }, -}; - -const ASN1_ITEM SM2_Ciphertext_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = SM2_Ciphertext_seq_tt, - .tcount = sizeof(SM2_Ciphertext_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(SM2_Ciphertext), - .sname = "SM2_Ciphertext", -}; - -SM2_Ciphertext * -d2i_SM2_Ciphertext(SM2_Ciphertext **a, const unsigned char **in, long len) -{ - return (SM2_Ciphertext *) ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &SM2_Ciphertext_it); -} - -int -i2d_SM2_Ciphertext(SM2_Ciphertext *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &SM2_Ciphertext_it); -} - -SM2_Ciphertext * -SM2_Ciphertext_new(void) -{ - return (SM2_Ciphertext *)ASN1_item_new(&SM2_Ciphertext_it); -} - -void -SM2_Ciphertext_free(SM2_Ciphertext *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &SM2_Ciphertext_it); -} - -static size_t -ec_field_size(const EC_GROUP *group) -{ - /* Is there some simpler way to do this? */ - BIGNUM *p; - size_t field_size = 0; - - if ((p = BN_new()) == NULL) - goto err; - if (!EC_GROUP_get_curve(group, p, NULL, NULL, NULL)) - goto err; - field_size = BN_num_bytes(p); - err: - BN_free(p); - return field_size; -} - -int -SM2_plaintext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len, - size_t *pl_size) -{ - size_t field_size, overhead; - int md_size; - - if ((field_size = ec_field_size(EC_KEY_get0_group(key))) == 0) { - SM2error(SM2_R_INVALID_FIELD); - return 0; - } - - if ((md_size = EVP_MD_size(digest)) < 0) { - SM2error(SM2_R_INVALID_DIGEST); - return 0; - } - - overhead = 10 + 2 * field_size + md_size; - if (msg_len <= overhead) { - SM2error(SM2_R_INVALID_ARGUMENT); - return 0; - } - - *pl_size = msg_len - overhead; - return 1; -} - -int -SM2_ciphertext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len, - size_t *c_size) -{ - size_t asn_size, field_size; - int md_size; - - if ((field_size = ec_field_size(EC_KEY_get0_group(key))) == 0) { - SM2error(SM2_R_INVALID_FIELD); - return 0; - } - - if ((md_size = EVP_MD_size(digest)) < 0) { - SM2error(SM2_R_INVALID_DIGEST); - return 0; - } - - asn_size = 2 * ASN1_object_size(0, field_size + 1, V_ASN1_INTEGER) + - ASN1_object_size(0, md_size, V_ASN1_OCTET_STRING) + - ASN1_object_size(0, msg_len, V_ASN1_OCTET_STRING); - - *c_size = ASN1_object_size(1, asn_size, V_ASN1_SEQUENCE); - return 1; -} - -int -sm2_kdf(uint8_t *key, size_t key_len, uint8_t *secret, size_t secret_len, - const EVP_MD *digest) -{ - EVP_MD_CTX *hash; - uint8_t *hash_buf = NULL; - uint32_t ctr = 1; - uint8_t ctr_buf[4] = {0}; - size_t hadd, hlen; - int rc = 0; - - if ((hash = EVP_MD_CTX_new()) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if ((hlen = EVP_MD_size(digest)) < 0) { - SM2error(SM2_R_INVALID_DIGEST); - goto err; - } - if ((hash_buf = malloc(hlen)) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - - while ((key_len > 0) && (ctr != 0)) { - if (!EVP_DigestInit_ex(hash, digest, NULL)) { - SM2error(ERR_R_EVP_LIB); - goto err; - } - if (!EVP_DigestUpdate(hash, secret, secret_len)) { - SM2error(ERR_R_EVP_LIB); - goto err; - } - - /* big-endian counter representation */ - ctr_buf[0] = (ctr >> 24) & 0xff; - ctr_buf[1] = (ctr >> 16) & 0xff; - ctr_buf[2] = (ctr >> 8) & 0xff; - ctr_buf[3] = ctr & 0xff; - ctr++; - - if (!EVP_DigestUpdate(hash, ctr_buf, 4)) { - SM2error(ERR_R_EVP_LIB); - goto err; - } - if (!EVP_DigestFinal(hash, hash_buf, NULL)) { - SM2error(ERR_R_EVP_LIB); - goto err; - } - - hadd = key_len > hlen ? hlen : key_len; - memcpy(key, hash_buf, hadd); - memset(hash_buf, 0, hlen); - key_len -= hadd; - key += hadd; - } - - rc = 1; - err: - free(hash_buf); - EVP_MD_CTX_free(hash); - return rc; -} - -int -SM2_encrypt(const EC_KEY *key, const EVP_MD *digest, const uint8_t *msg, - size_t msg_len, uint8_t *ciphertext_buf, size_t *ciphertext_len) -{ - SM2_Ciphertext ctext_struct; - EVP_MD_CTX *hash = NULL; - BN_CTX *ctx = NULL; - BIGNUM *order = NULL; - BIGNUM *k, *x1, *y1, *x2, *y2; - const EC_GROUP *group; - const EC_POINT *P; - EC_POINT *kG = NULL, *kP = NULL; - uint8_t *msg_mask = NULL, *x2y2 = NULL, *C3 = NULL; - size_t C3_size, field_size, i, x2size, y2size; - int rc = 0; - int clen; - - ctext_struct.C2 = NULL; - ctext_struct.C3 = NULL; - - if ((hash = EVP_MD_CTX_new()) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if ((group = EC_KEY_get0_group(key)) == NULL) { - SM2error(SM2_R_INVALID_KEY); - goto err; - } - - if ((order = BN_new()) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!EC_GROUP_get_order(group, order, NULL)) { - SM2error(SM2_R_INVALID_GROUP_ORDER); - goto err; - } - - if ((P = EC_KEY_get0_public_key(key)) == NULL) { - SM2error(SM2_R_INVALID_KEY); - goto err; - } - - if ((field_size = ec_field_size(group)) == 0) { - SM2error(SM2_R_INVALID_FIELD); - goto err; - } - - if ((C3_size = EVP_MD_size(digest)) < 0) { - SM2error(SM2_R_INVALID_DIGEST); - goto err; - } - - if ((kG = EC_POINT_new(group)) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - if ((kP = EC_POINT_new(group)) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if ((ctx = BN_CTX_new()) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - - BN_CTX_start(ctx); - if ((k = BN_CTX_get(ctx)) == NULL) { - SM2error(ERR_R_BN_LIB); - goto err; - } - if ((x1 = BN_CTX_get(ctx)) == NULL) { - SM2error(ERR_R_BN_LIB); - goto err; - } - if ((x2 = BN_CTX_get(ctx)) == NULL) { - SM2error(ERR_R_BN_LIB); - goto err; - } - if ((y1 = BN_CTX_get(ctx)) == NULL) { - SM2error(ERR_R_BN_LIB); - goto err; - } - if ((y2 = BN_CTX_get(ctx)) == NULL) { - SM2error(ERR_R_BN_LIB); - goto err; - } - - if ((x2y2 = calloc(2, field_size)) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if ((C3 = calloc(1, C3_size)) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - - memset(ciphertext_buf, 0, *ciphertext_len); - - if (!BN_rand_range(k, order)) { - SM2error(SM2_R_RANDOM_NUMBER_GENERATION_FAILED); - goto err; - } - - if (!EC_POINT_mul(group, kG, k, NULL, NULL, ctx)) { - SM2error(ERR_R_EC_LIB); - goto err; - } - - if (!EC_POINT_get_affine_coordinates(group, kG, x1, y1, ctx)) { - SM2error(ERR_R_EC_LIB); - goto err; - } - - if (!EC_POINT_mul(group, kP, NULL, P, k, ctx)) { - SM2error(ERR_R_EC_LIB); - goto err; - } - - if (!EC_POINT_get_affine_coordinates(group, kP, x2, y2, ctx)) { - SM2error(ERR_R_EC_LIB); - goto err; - } - - if ((x2size = BN_num_bytes(x2)) > field_size || - (y2size = BN_num_bytes(y2)) > field_size) { - SM2error(SM2_R_BIGNUM_OUT_OF_RANGE); - goto err; - } - - BN_bn2bin(x2, x2y2 + field_size - x2size); - BN_bn2bin(y2, x2y2 + 2 * field_size - y2size); - - if ((msg_mask = calloc(1, msg_len)) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!sm2_kdf(msg_mask, msg_len, x2y2, 2 * field_size, digest)) { - SM2error(SM2_R_KDF_FAILURE); - goto err; - } - - for (i = 0; i != msg_len; i++) - msg_mask[i] ^= msg[i]; - - if (!EVP_DigestInit(hash, digest)) { - SM2error(ERR_R_EVP_LIB); - goto err; - } - - if (!EVP_DigestUpdate(hash, x2y2, field_size)) { - SM2error(ERR_R_EVP_LIB); - goto err; - } - - if (!EVP_DigestUpdate(hash, msg, msg_len)) { - SM2error(ERR_R_EVP_LIB); - goto err; - } - - if (!EVP_DigestUpdate(hash, x2y2 + field_size, field_size)) { - SM2error(ERR_R_EVP_LIB); - goto err; - } - - if (!EVP_DigestFinal(hash, C3, NULL)) { - SM2error(ERR_R_EVP_LIB); - goto err; - } - - ctext_struct.C1x = x1; - ctext_struct.C1y = y1; - if ((ctext_struct.C3 = ASN1_OCTET_STRING_new()) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - if ((ctext_struct.C2 = ASN1_OCTET_STRING_new()) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - if (!ASN1_OCTET_STRING_set(ctext_struct.C3, C3, C3_size)) { - SM2error(ERR_R_INTERNAL_ERROR); - goto err; - } - if (!ASN1_OCTET_STRING_set(ctext_struct.C2, msg_mask, msg_len)) { - SM2error(ERR_R_INTERNAL_ERROR); - goto err; - } - - if ((clen = i2d_SM2_Ciphertext(&ctext_struct, &ciphertext_buf)) < 0) { - SM2error(ERR_R_INTERNAL_ERROR); - goto err; - } - - *ciphertext_len = clen; - rc = 1; - - err: - ASN1_OCTET_STRING_free(ctext_struct.C2); - ASN1_OCTET_STRING_free(ctext_struct.C3); - free(msg_mask); - free(x2y2); - free(C3); - EVP_MD_CTX_free(hash); - BN_CTX_end(ctx); - BN_CTX_free(ctx); - EC_POINT_free(kG); - EC_POINT_free(kP); - BN_free(order); - return rc; -} - -int -SM2_decrypt(const EC_KEY *key, const EVP_MD *digest, const uint8_t *ciphertext, - size_t ciphertext_len, uint8_t *ptext_buf, size_t *ptext_len) -{ - SM2_Ciphertext *sm2_ctext = NULL; - EVP_MD_CTX *hash = NULL; - BN_CTX *ctx = NULL; - BIGNUM *x2, *y2; - const EC_GROUP *group; - EC_POINT *C1 = NULL; - const uint8_t *C2, *C3; - uint8_t *computed_C3 = NULL, *msg_mask = NULL, *x2y2 = NULL; - size_t field_size, x2size, y2size; - int msg_len = 0, rc = 0; - int hash_size, i; - - if ((group = EC_KEY_get0_group(key)) == NULL) { - SM2error(SM2_R_INVALID_KEY); - goto err; - } - - if ((field_size = ec_field_size(group)) == 0) { - SM2error(SM2_R_INVALID_FIELD); - goto err; - } - - if ((hash_size = EVP_MD_size(digest)) < 0) { - SM2error(SM2_R_INVALID_DIGEST); - goto err; - } - - memset(ptext_buf, 0xFF, *ptext_len); - - if ((sm2_ctext = d2i_SM2_Ciphertext(NULL, &ciphertext, - ciphertext_len)) == NULL) { - SM2error(SM2_R_ASN1_ERROR); - goto err; - } - - if (sm2_ctext->C3->length != hash_size) { - SM2error(SM2_R_INVALID_ENCODING); - goto err; - } - - C2 = sm2_ctext->C2->data; - C3 = sm2_ctext->C3->data; - msg_len = sm2_ctext->C2->length; - - if ((ctx = BN_CTX_new()) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - - BN_CTX_start(ctx); - if ((x2 = BN_CTX_get(ctx)) == NULL) { - SM2error(ERR_R_BN_LIB); - goto err; - } - if ((y2 = BN_CTX_get(ctx)) == NULL) { - SM2error(ERR_R_BN_LIB); - goto err; - } - - if ((msg_mask = calloc(1, msg_len)) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - if ((x2y2 = calloc(2, field_size)) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - if ((computed_C3 = calloc(1, hash_size)) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if ((C1 = EC_POINT_new(group)) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!EC_POINT_set_affine_coordinates(group, C1, sm2_ctext->C1x, - sm2_ctext->C1y, ctx)) - { - SM2error(ERR_R_EC_LIB); - goto err; - } - - if (!EC_POINT_mul(group, C1, NULL, C1, EC_KEY_get0_private_key(key), - ctx)) { - SM2error(ERR_R_EC_LIB); - goto err; - } - - if (!EC_POINT_get_affine_coordinates(group, C1, x2, y2, ctx)) { - SM2error(ERR_R_EC_LIB); - goto err; - } - - if ((x2size = BN_num_bytes(x2)) > field_size || - (y2size = BN_num_bytes(y2)) > field_size) { - SM2error(SM2_R_BIGNUM_OUT_OF_RANGE); - goto err; - } - - BN_bn2bin(x2, x2y2 + field_size - x2size); - BN_bn2bin(y2, x2y2 + 2 * field_size - y2size); - - if (!sm2_kdf(msg_mask, msg_len, x2y2, 2 * field_size, digest)) { - SM2error(SM2_R_KDF_FAILURE); - goto err; - } - - for (i = 0; i != msg_len; ++i) - ptext_buf[i] = C2[i] ^ msg_mask[i]; - - if ((hash = EVP_MD_CTX_new()) == NULL) { - SM2error(ERR_R_EVP_LIB); - goto err; - } - - if (!EVP_DigestInit(hash, digest)) { - SM2error(ERR_R_EVP_LIB); - goto err; - } - - if (!EVP_DigestUpdate(hash, x2y2, field_size)) { - SM2error(ERR_R_EVP_LIB); - goto err; - } - - if (!EVP_DigestUpdate(hash, ptext_buf, msg_len)) { - SM2error(ERR_R_EVP_LIB); - goto err; - } - - if (!EVP_DigestUpdate(hash, x2y2 + field_size, field_size)) { - SM2error(ERR_R_EVP_LIB); - goto err; - } - - if (!EVP_DigestFinal(hash, computed_C3, NULL)) { - SM2error(ERR_R_EVP_LIB); - goto err; - } - - if (memcmp(computed_C3, C3, hash_size) != 0) - goto err; - - rc = 1; - *ptext_len = msg_len; - - err: - if (rc == 0) - memset(ptext_buf, 0, *ptext_len); - - free(msg_mask); - free(x2y2); - free(computed_C3); - EC_POINT_free(C1); - BN_CTX_end(ctx); - BN_CTX_free(ctx); - SM2_Ciphertext_free(sm2_ctext); - EVP_MD_CTX_free(hash); - - return rc; -} - -#endif /* OPENSSL_NO_SM2 */ diff --git a/src/lib/libcrypto/sm2/sm2_err.c b/src/lib/libcrypto/sm2/sm2_err.c deleted file mode 100644 index a7dc1e0d9e..0000000000 --- a/src/lib/libcrypto/sm2/sm2_err.c +++ /dev/null @@ -1,105 +0,0 @@ -/* $OpenBSD: sm2_err.c,v 1.2 2022/07/12 14:42:50 kn Exp $ */ -/* - * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#ifndef OPENSSL_NO_SM2 - -#include -#include - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_SM2,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_SM2,0,reason) - -static ERR_STRING_DATA SM2_str_functs[] = { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static ERR_STRING_DATA SM2_str_reasons[] = { - {ERR_REASON(SM2_R_ASN1_ERROR), "asn1 error"}, - {ERR_REASON(SM2_R_ASN5_ERROR), "asn5 error"}, - {ERR_REASON(SM2_R_BAD_SIGNATURE), "bad signature"}, - {ERR_REASON(SM2_R_BIGNUM_OUT_OF_RANGE), "bignum out of range"}, - {ERR_REASON(SM2_R_BUFFER_TOO_SMALL), "buffer too small"}, - {ERR_REASON(SM2_R_COORDINATES_OUT_OF_RANGE), "coordinates out of range"}, - {ERR_REASON(SM2_R_CURVE_DOES_NOT_SUPPORT_ECDH), "curve does not support ecdh"}, - {ERR_REASON(SM2_R_CURVE_DOES_NOT_SUPPORT_SIGNING), "curve does not support signing"}, - {ERR_REASON(SM2_R_D2I_ECPKPARAMETERS_FAILURE), "d2i ecpkparameters failure"}, - {ERR_REASON(SM2_R_DECODE_ERROR), "decode error"}, - {ERR_REASON(SM2_R_DIGEST_FAILURE), "digest calculation failure"}, - {ERR_REASON(SM2_R_DISCRIMINANT_IS_ZERO), "discriminant is zero"}, - {ERR_REASON(SM2_R_EC_GROUP_NEW_BY_NAME_FAILURE), "ec group new by name failure"}, - {ERR_REASON(SM2_R_FIELD_TOO_LARGE), "field too large"}, - {ERR_REASON(SM2_R_GF2M_NOT_SUPPORTED), "gf2m not supported"}, - {ERR_REASON(SM2_R_GROUP2PKPARAMETERS_FAILURE), "group2pkparameters failure"}, - {ERR_REASON(SM2_R_I2D_ECPKPARAMETERS_FAILURE), "i2d ecpkparameters failure"}, - {ERR_REASON(SM2_R_INCOMPATIBLE_OBJECTS), "incompatible objects"}, - {ERR_REASON(SM2_R_INVALID_ARGUMENT), "invalid argument"}, - {ERR_REASON(SM2_R_INVALID_COMPRESSED_POINT), "invalid compressed point"}, - {ERR_REASON(SM2_R_INVALID_COMPRESSION_BIT), "invalid compression bit"}, - {ERR_REASON(SM2_R_INVALID_CURVE), "invalid curve"}, - {ERR_REASON(SM2_R_INVALID_DIGEST), "invalid digest"}, - {ERR_REASON(SM2_R_INVALID_DIGEST_TYPE), "invalid digest type"}, - {ERR_REASON(SM2_R_INVALID_ENCODING), "invalid encoding"}, - {ERR_REASON(SM2_R_INVALID_FIELD), "invalid field"}, - {ERR_REASON(SM2_R_INVALID_FORM), "invalid form"}, - {ERR_REASON(SM2_R_INVALID_GROUP_ORDER), "invalid group order"}, - {ERR_REASON(SM2_R_INVALID_KEY), "invalid key"}, - {ERR_REASON(SM2_R_INVALID_OUTPUT_LENGTH), "invalid output length"}, - {ERR_REASON(SM2_R_INVALID_PEER_KEY), "invalid peer key"}, - {ERR_REASON(SM2_R_INVALID_PENTANOMIAL_BASIS), "invalid pentanomial basis"}, - {ERR_REASON(SM2_R_INVALID_PRIVATE_KEY), "invalid private key"}, - {ERR_REASON(SM2_R_INVALID_TRINOMIAL_BASIS), "invalid trinomial basis"}, - {ERR_REASON(SM2_R_KDF_FAILURE), "kdf calculation failure"}, - {ERR_REASON(SM2_R_KDF_PARAMETER_ERROR), "kdf parameter error"}, - {ERR_REASON(SM2_R_KEYS_NOT_SET), "keys not set"}, - {ERR_REASON(SM2_R_MISSING_PARAMETERS), "missing parameters"}, - {ERR_REASON(SM2_R_MISSING_PRIVATE_KEY), "missing private key"}, - {ERR_REASON(SM2_R_NEED_NEW_SETUP_VALUES), "need new setup values"}, - {ERR_REASON(SM2_R_NOT_A_NIST_PRIME), "not a NIST prime"}, - {ERR_REASON(SM2_R_NOT_IMPLEMENTED), "not implemented"}, - {ERR_REASON(SM2_R_NOT_INITIALIZED), "not initialized"}, - {ERR_REASON(SM2_R_NO_PARAMETERS_SET), "no parameters set"}, - {ERR_REASON(SM2_R_NO_PRIVATE_VALUE), "no private value"}, - {ERR_REASON(SM2_R_OPERATION_NOT_SUPPORTED), "operation not supported"}, - {ERR_REASON(SM2_R_PASSED_NULL_PARAMETER), "passed null parameter"}, - {ERR_REASON(SM2_R_PEER_KEY_ERROR), "peer key error"}, - {ERR_REASON(SM2_R_PKPARAMETERS2GROUP_FAILURE), "pkparameters2group failure"}, - {ERR_REASON(SM2_R_POINT_ARITHMETIC_FAILURE), "point arithmetic failure"}, - {ERR_REASON(SM2_R_POINT_AT_INFINITY), "point at infinity"}, - {ERR_REASON(SM2_R_POINT_IS_NOT_ON_CURVE), "point is not on curve"}, - {ERR_REASON(SM2_R_RANDOM_NUMBER_GENERATION_FAILED), "random number generation failed"}, - {ERR_REASON(SM2_R_SHARED_INFO_ERROR), "shared info error"}, - {ERR_REASON(SM2_R_SLOT_FULL), "slot full"}, - {ERR_REASON(SM2_R_UNDEFINED_GENERATOR), "undefined generator"}, - {ERR_REASON(SM2_R_UNDEFINED_ORDER), "undefined order"}, - {ERR_REASON(SM2_R_UNKNOWN_GROUP), "unknown group"}, - {ERR_REASON(SM2_R_UNKNOWN_ORDER), "unknown order"}, - {ERR_REASON(SM2_R_UNSUPPORTED_FIELD), "unsupported field"}, - {ERR_REASON(SM2_R_WRONG_CURVE_PARAMETERS), "wrong curve parameters"}, - {ERR_REASON(SM2_R_WRONG_ORDER), "wrong order"}, - {0, NULL} -}; - -#endif - -void -ERR_load_SM2_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(SM2_str_functs[0].error) == NULL) { - ERR_load_strings(0, SM2_str_functs); - ERR_load_strings(0, SM2_str_reasons); - } -#endif -} - -#endif /* OPENSSL_NO_SM2 */ diff --git a/src/lib/libcrypto/sm2/sm2_local.h b/src/lib/libcrypto/sm2/sm2_local.h deleted file mode 100644 index 388c468ef2..0000000000 --- a/src/lib/libcrypto/sm2/sm2_local.h +++ /dev/null @@ -1,41 +0,0 @@ -/* $OpenBSD: sm2_local.h,v 1.3 2023/07/28 15:50:33 tb Exp $ */ -/* - * Copyright (c) 2017, 2019 Ribose Inc - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_SM2_LOCAL_H -#define HEADER_SM2_LOCAL_H - -#include - -__BEGIN_HIDDEN_DECLS - -int sm2_compute_userid_digest(uint8_t *out, const EVP_MD *digest, - const uint8_t *uid, size_t uid_len, const EC_KEY *key); - -/* - * SM2 signature operation. Computes ZA (user id digest) and then signs - * H(ZA || msg) using SM2 - */ -ECDSA_SIG *sm2_do_sign(const EC_KEY *key, const EVP_MD *digest, - const uint8_t *uid, size_t uid_len, const uint8_t *msg, size_t msg_len); - -int sm2_do_verify(const EC_KEY *key, const EVP_MD *digest, - const ECDSA_SIG *signature, const uint8_t *uid, size_t uid_len, - const uint8_t *msg, size_t msg_len); - -__END_HIDDEN_DECLS - -#endif /* !HEADER_SM2_LOCAL_H */ diff --git a/src/lib/libcrypto/sm2/sm2_pmeth.c b/src/lib/libcrypto/sm2/sm2_pmeth.c deleted file mode 100644 index 441f5475d1..0000000000 --- a/src/lib/libcrypto/sm2/sm2_pmeth.c +++ /dev/null @@ -1,316 +0,0 @@ -/* $OpenBSD: sm2_pmeth.c,v 1.2 2022/11/26 16:08:54 tb Exp $ */ -/* - * Copyright (c) 2017, 2019 Ribose Inc - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef OPENSSL_NO_SM2 - -#include - -#include -#include -#include -#include -#include - -#include "evp_local.h" -#include "sm2_local.h" - -/* SM2 pkey context structure */ - -typedef struct { - /* key and paramgen group */ - EC_GROUP *gen_group; - /* message digest */ - const EVP_MD *md; - EVP_MD_CTX *md_ctx; - /* personalization string */ - uint8_t* uid; - size_t uid_len; -} SM2_PKEY_CTX; - -static int -pkey_sm2_init(EVP_PKEY_CTX *ctx) -{ - SM2_PKEY_CTX *dctx; - - if ((dctx = calloc(1, sizeof(*dctx))) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - return 0; - } - ctx->data = dctx; - return 1; -} - -static void -pkey_sm2_cleanup(EVP_PKEY_CTX *ctx) -{ - SM2_PKEY_CTX *dctx = ctx->data; - - if (ctx == NULL || ctx->data == NULL) - return; - - EC_GROUP_free(dctx->gen_group); - free(dctx->uid); - free(dctx); - ctx->data = NULL; -} - -static int -pkey_sm2_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) -{ - SM2_PKEY_CTX *dctx, *sctx; - - if (!pkey_sm2_init(dst)) - return 0; - sctx = src->data; - dctx = dst->data; - if (sctx->gen_group) { - if ((dctx->gen_group = EC_GROUP_dup(sctx->gen_group)) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - } - - if (sctx->uid != NULL) { - if ((dctx->uid = malloc(sctx->uid_len)) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - memcpy(dctx->uid, sctx->uid, sctx->uid_len); - dctx->uid_len = sctx->uid_len; - } - - dctx->md = sctx->md; - - if (!EVP_MD_CTX_copy(dctx->md_ctx, sctx->md_ctx)) - goto err; - - return 1; - - err: - pkey_sm2_cleanup(dst); - return 0; -} - -static int -pkey_sm2_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbslen) -{ - unsigned int sltmp; - int ret, sig_sz; - - if ((sig_sz = ECDSA_size(ctx->pkey->pkey.ec)) <= 0) - return 0; - - if (sig == NULL) { - *siglen = sig_sz; - return 1; - } - - if (*siglen < (size_t)sig_sz) { - SM2error(SM2_R_BUFFER_TOO_SMALL); - return 0; - } - - if ((ret = SM2_sign(tbs, tbslen, sig, &sltmp, ctx->pkey->pkey.ec)) <= 0) - return ret; - - *siglen = (size_t)sltmp; - return 1; -} - -static int -pkey_sm2_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, - const unsigned char *tbs, size_t tbslen) -{ - return SM2_verify(tbs, tbslen, sig, siglen, ctx->pkey->pkey.ec); -} - -static int -pkey_sm2_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen) -{ - SM2_PKEY_CTX *dctx = ctx->data; - const EVP_MD *md = (dctx->md == NULL) ? EVP_sm3() : dctx->md; - - if (out == NULL) { - if (!SM2_ciphertext_size(ctx->pkey->pkey.ec, md, inlen, outlen)) - return -1; - else - return 1; - } - - return SM2_encrypt(ctx->pkey->pkey.ec, md, in, inlen, out, outlen); -} - -static int -pkey_sm2_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen) -{ - SM2_PKEY_CTX *dctx = ctx->data; - const EVP_MD *md = (dctx->md == NULL) ? EVP_sm3() : dctx->md; - - if (out == NULL) { - if (!SM2_plaintext_size(ctx->pkey->pkey.ec, md, inlen, outlen)) - return -1; - else - return 1; - } - - return SM2_decrypt(ctx->pkey->pkey.ec, md, in, inlen, out, outlen); -} - -static int -pkey_sm2_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) -{ - SM2_PKEY_CTX *dctx = ctx->data; - EC_GROUP *group = NULL; - - switch (type) { - case EVP_PKEY_CTRL_DIGESTINIT: - dctx->md_ctx = p2; - return 1; - - case EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID: - if ((group = EC_GROUP_new_by_curve_name(p1)) == NULL) { - SM2error(SM2_R_INVALID_CURVE); - return 0; - } - EC_GROUP_free(dctx->gen_group); - dctx->gen_group = group; - return 1; - - case EVP_PKEY_CTRL_SM2_SET_UID: - if ((p1 < 0) || ((p1 == 0) && (p2 != NULL))) { - SM2error(SM2_R_INVALID_ARGUMENT); - return 0; - } - if ((p1 > 0) && (p2 == NULL)) { - SM2error(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - free(dctx->uid); - if (p2 == NULL) { - dctx->uid = NULL; - dctx->uid_len = 0; - return 1; - } - - if ((dctx->uid = malloc(p1)) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - return 1; - } - memcpy(dctx->uid, p2, p1); - dctx->uid_len = p1; - return 1; - - case EVP_PKEY_CTRL_SM2_HASH_UID: - { - const EVP_MD* md; - uint8_t za[EVP_MAX_MD_SIZE] = {0}; - int md_len; - - if (dctx->uid == NULL) { - SM2error(SM2_R_INVALID_ARGUMENT); - return 0; - } - - if ((md = EVP_MD_CTX_md(dctx->md_ctx)) == NULL) { - SM2error(ERR_R_EVP_LIB); - return 0; - } - - if ((md_len = EVP_MD_size(md)) < 0) { - SM2error(SM2_R_INVALID_DIGEST); - return 0; - } - - if (sm2_compute_userid_digest(za, md, dctx->uid, dctx->uid_len, - ctx->pkey->pkey.ec) != 1) { - SM2error(SM2_R_DIGEST_FAILURE); - return 0; - } - return EVP_DigestUpdate(dctx->md_ctx, za, md_len); - } - - case EVP_PKEY_CTRL_SM2_GET_UID_LEN: - if (p2 == NULL) { - SM2error(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - *(size_t *)p2 = dctx->uid_len; - return 1; - - case EVP_PKEY_CTRL_SM2_GET_UID: - if (p2 == NULL) { - SM2error(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if (dctx->uid_len == 0) { - return 1; - } - memcpy(p2, dctx->uid, dctx->uid_len); - return 1; - - case EVP_PKEY_CTRL_MD: - dctx->md = p2; - return 1; - - default: - return -2; - } -} - -static int -pkey_sm2_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value) -{ - int nid; - - if (strcmp(type, "ec_paramgen_curve") == 0) { - if (((nid = EC_curve_nist2nid(value)) == NID_undef) && - ((nid = OBJ_sn2nid(value)) == NID_undef) && - ((nid = OBJ_ln2nid(value)) == NID_undef)) { - SM2error(SM2_R_INVALID_CURVE); - return 0; - } - return EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid); - } else if (strcmp(type, "sm2_uid") == 0) { - return EVP_PKEY_CTX_set_sm2_uid(ctx, (void*) value, - (int)strlen(value)); - } - - return -2; -} - -const EVP_PKEY_METHOD sm2_pkey_meth = { - .pkey_id = EVP_PKEY_SM2, - .init = pkey_sm2_init, - .copy = pkey_sm2_copy, - .cleanup = pkey_sm2_cleanup, - - .sign = pkey_sm2_sign, - - .verify = pkey_sm2_verify, - - .encrypt = pkey_sm2_encrypt, - - .decrypt = pkey_sm2_decrypt, - - .ctrl = pkey_sm2_ctrl, - .ctrl_str = pkey_sm2_ctrl_str -}; - -#endif /* OPENSSL_NO_SM2 */ diff --git a/src/lib/libcrypto/sm2/sm2_sign.c b/src/lib/libcrypto/sm2/sm2_sign.c deleted file mode 100644 index a5e3a8aee5..0000000000 --- a/src/lib/libcrypto/sm2/sm2_sign.c +++ /dev/null @@ -1,465 +0,0 @@ -/* $OpenBSD: sm2_sign.c,v 1.4 2023/07/05 17:36:19 tb Exp $ */ -/* - * Copyright (c) 2017, 2019 Ribose Inc - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef OPENSSL_NO_SM2 - -#include - -#include -#include -#include -#include - -#include "bn_local.h" -#include "sm2_local.h" - -static BIGNUM * -sm2_compute_msg_hash(const EVP_MD *digest, const EC_KEY *key, - const uint8_t *uid, size_t uid_len, const uint8_t *msg, size_t msg_len) -{ - EVP_MD_CTX *hash; - BIGNUM *e = NULL; - int md_size; - uint8_t *za = NULL; - - if ((hash = EVP_MD_CTX_new()) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if ((md_size = EVP_MD_size(digest)) < 0) { - SM2error(SM2_R_INVALID_DIGEST); - goto err; - } - - if ((za = calloc(1, md_size)) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!sm2_compute_userid_digest(za, digest, uid, uid_len, key)) { - SM2error(SM2_R_DIGEST_FAILURE); - goto err; - } - - if (!EVP_DigestInit(hash, digest)) { - SM2error(ERR_R_EVP_LIB); - goto err; - } - - if (!EVP_DigestUpdate(hash, za, md_size)) { - SM2error(ERR_R_EVP_LIB); - goto err; - } - - if (!EVP_DigestUpdate(hash, msg, msg_len)) { - SM2error(ERR_R_EVP_LIB); - goto err; - } - - /* reuse za buffer to hold H(ZA || M) */ - if (!EVP_DigestFinal(hash, za, NULL)) { - SM2error(ERR_R_EVP_LIB); - goto err; - } - - e = BN_bin2bn(za, md_size, NULL); - - err: - free(za); - EVP_MD_CTX_free(hash); - return e; -} - -static ECDSA_SIG * -sm2_sig_gen(const EC_KEY *key, const BIGNUM *e) -{ - ECDSA_SIG *sig = NULL; - const EC_GROUP *group; - EC_POINT *kG = NULL; - BN_CTX *ctx = NULL; - const BIGNUM *dA; - BIGNUM *order = NULL, *r = NULL, *s = NULL; - BIGNUM *k, *rk, *tmp, *x1; - - if ((dA = EC_KEY_get0_private_key(key)) == NULL) { - SM2error(SM2_R_INVALID_FIELD); - goto err; - } - - if ((group = EC_KEY_get0_group(key)) == NULL) { - SM2error(SM2_R_INVALID_FIELD); - goto err; - } - - if ((order = BN_new()) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!EC_GROUP_get_order(group, order, NULL)) { - SM2error(ERR_R_EC_LIB); - goto err; - } - - if ((kG = EC_POINT_new(group)) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if ((ctx = BN_CTX_new()) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - - BN_CTX_start(ctx); - - if ((k = BN_CTX_get(ctx)) == NULL) { - SM2error(ERR_R_BN_LIB); - goto err; - } - if ((rk = BN_CTX_get(ctx)) == NULL) { - SM2error(ERR_R_BN_LIB); - goto err; - } - if ((x1 = BN_CTX_get(ctx)) == NULL) { - SM2error(ERR_R_BN_LIB); - goto err; - } - if ((tmp = BN_CTX_get(ctx)) == NULL) { - SM2error(ERR_R_BN_LIB); - goto err; - } - - /* r and s are returned as part of sig, so they can't be part of ctx. */ - if ((r = BN_new()) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - if ((s = BN_new()) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - - for (;;) { - if (!BN_rand_range(k, order)) { - SM2error(SM2_R_RANDOM_NUMBER_GENERATION_FAILED); - goto err; - } - - if (!EC_POINT_mul(group, kG, k, NULL, NULL, ctx)) { - SM2error(ERR_R_EC_LIB); - goto err; - } - - if (!EC_POINT_get_affine_coordinates(group, kG, x1, NULL, - ctx)) { - SM2error(ERR_R_EC_LIB); - goto err; - } - - if (!BN_mod_add(r, e, x1, order, ctx)) { - SM2error(ERR_R_BN_LIB); - goto err; - } - - /* try again if r == 0 or r + k == n */ - if (BN_is_zero(r)) - continue; - - if (!BN_add(rk, r, k)) { - SM2error(ERR_R_BN_LIB); - goto err; - } - - if (BN_cmp(rk, order) == 0) - continue; - - if (!BN_add(s, dA, BN_value_one())) { - SM2error(ERR_R_BN_LIB); - goto err; - } - - if (BN_mod_inverse_ct(s, s, order, ctx) == NULL) { - SM2error(ERR_R_BN_LIB); - goto err; - } - - if (!BN_mod_mul(tmp, dA, r, order, ctx)) { - SM2error(ERR_R_BN_LIB); - goto err; - } - - if (!BN_sub(tmp, k, tmp)) { - SM2error(ERR_R_BN_LIB); - goto err; - } - - if (!BN_mod_mul(s, s, tmp, order, ctx)) { - SM2error(ERR_R_BN_LIB); - goto err; - } - - if ((sig = ECDSA_SIG_new()) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - - /* sig takes ownership of r and s */ - if (!ECDSA_SIG_set0(sig, r, s)) { - SM2error(ERR_R_INTERNAL_ERROR); - goto err; - } - break; - } - - err: - if (sig == NULL) { - BN_free(r); - BN_free(s); - } - - BN_free(order); - BN_CTX_end(ctx); - BN_CTX_free(ctx); - EC_POINT_free(kG); - return sig; -} - -static int -sm2_sig_verify(const EC_KEY *key, const ECDSA_SIG *sig, const BIGNUM *e) -{ - const EC_GROUP *group; - EC_POINT *pt = NULL; - const BIGNUM *r = NULL, *s = NULL; - BN_CTX *ctx = NULL; - BIGNUM *order, *t, *x1; - int ret = 0; - - if ((group = EC_KEY_get0_group(key)) == NULL) { - SM2error(SM2_R_INVALID_FIELD); - goto err; - } - - if ((ctx = BN_CTX_new()) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - - BN_CTX_start(ctx); - - if ((order = BN_CTX_get(ctx)) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!EC_GROUP_get_order(group, order, NULL)) { - SM2error(ERR_R_EC_LIB); - goto err; - } - - if ((pt = EC_POINT_new(group)) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if ((t = BN_CTX_get(ctx)) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - if ((x1 = BN_CTX_get(ctx)) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - - /* - * Section 5.3.1 in https://tools.ietf.org/html/draft-shen-sm2-ecdsa-00 - * - * B1: verify that r' is in [1, n-1] - * B2: verify that s' is in [1, n-1] - * B3: set M' ~= ZA || M' - * B4: calculate e' = Hv(M'~) - * B5: verify that t = r' + s' (mod n) is not zero - * B6: calculate the point (x1', y1') = [s']G + [t]PA - * B7: verify that r' == e' + x1' (mod n) - */ - - ECDSA_SIG_get0(sig, &r, &s); - - /* B1: verify that r' is in [1, n-1] */ - if (BN_cmp(r, BN_value_one()) < 0 || BN_cmp(order, r) <= 0) { - SM2error(SM2_R_BAD_SIGNATURE); - goto err; - } - - /* B2: verify that s' is in [1, n-1] */ - if (BN_cmp(s, BN_value_one()) < 0 || BN_cmp(order, s) <= 0) { - SM2error(SM2_R_BAD_SIGNATURE); - goto err; - } - - /* B5: verify that t = r + s is not zero */ - if (!BN_mod_add(t, r, s, order, ctx)) { - SM2error(ERR_R_BN_LIB); - goto err; - } - if (BN_is_zero(t)) { - SM2error(SM2_R_BAD_SIGNATURE); - goto err; - } - - /* B6: calculate pt = (x1', y1') = [s']G + [t]PA */ - if (!EC_POINT_mul(group, pt, s, EC_KEY_get0_public_key(key), t, ctx)) { - SM2error(ERR_R_EC_LIB); - goto err; - } - - if (!EC_POINT_get_affine_coordinates(group, pt, x1, NULL, ctx)) { - SM2error(ERR_R_EC_LIB); - goto err; - } - - /* B7: verify that r' == e' + x1' (mod n) */ - if (!BN_mod_add(t, e, x1, order, ctx)) { - SM2error(ERR_R_BN_LIB); - goto err; - } - if (BN_cmp(r, t) == 0) - ret = 1; - - err: - EC_POINT_free(pt); - BN_CTX_end(ctx); - BN_CTX_free(ctx); - return ret; -} - -ECDSA_SIG * -sm2_do_sign(const EC_KEY *key, const EVP_MD *digest, const uint8_t *uid, - size_t uid_len, const uint8_t *msg, size_t msg_len) -{ - ECDSA_SIG *sig = NULL; - BIGNUM *e; - - e = sm2_compute_msg_hash(digest, key, uid, uid_len, msg, msg_len); - if (e == NULL) { - SM2error(SM2_R_DIGEST_FAILURE); - goto err; - } - - sig = sm2_sig_gen(key, e); - - err: - BN_free(e); - return sig; -} - -int -sm2_do_verify(const EC_KEY *key, const EVP_MD *digest, const ECDSA_SIG *sig, - const uint8_t *uid, size_t uid_len, const uint8_t *msg, size_t msg_len) -{ - BIGNUM *e; - int ret = -1; - - e = sm2_compute_msg_hash(digest, key, uid, uid_len, msg, msg_len); - if (e == NULL) { - SM2error(SM2_R_DIGEST_FAILURE); - goto err; - } - - ret = sm2_sig_verify(key, sig, e); - - err: - BN_free(e); - return ret; -} - -int -SM2_sign(const unsigned char *dgst, int dgstlen, unsigned char *sig, - unsigned int *siglen, EC_KEY *eckey) -{ - BIGNUM *e; - ECDSA_SIG *s = NULL; - int outlen = 0; - int ret = -1; - - if ((e = BN_bin2bn(dgst, dgstlen, NULL)) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if ((s = sm2_sig_gen(eckey, e)) == NULL) { - goto err; - } - - if ((outlen = i2d_ECDSA_SIG(s, &sig)) < 0) { - SM2error(SM2_R_ASN1_ERROR); - goto err; - } - - *siglen = outlen; - ret = 1; - - err: - ECDSA_SIG_free(s); - BN_free(e); - return ret; -} - -int -SM2_verify(const unsigned char *dgst, int dgstlen, const unsigned char *sig, - int sig_len, EC_KEY *eckey) -{ - ECDSA_SIG *s; - BIGNUM *e = NULL; - const unsigned char *p = sig; - unsigned char *der = NULL; - int derlen = -1; - int ret = -1; - - if ((s = ECDSA_SIG_new()) == NULL) { - SM2error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (d2i_ECDSA_SIG(&s, &p, sig_len) == NULL) { - SM2error(SM2_R_INVALID_ENCODING); - goto err; - } - - /* Ensure signature uses DER and doesn't have trailing garbage */ - derlen = i2d_ECDSA_SIG(s, &der); - if (derlen != sig_len || memcmp(sig, der, derlen) != 0) { - SM2error(SM2_R_INVALID_ENCODING); - goto err; - } - - if ((e = BN_bin2bn(dgst, dgstlen, NULL)) == NULL) { - SM2error(ERR_R_BN_LIB); - goto err; - } - - ret = sm2_sig_verify(eckey, s, e); - - err: - free(der); - BN_free(e); - ECDSA_SIG_free(s); - return ret; -} - -#endif /* OPENSSL_NO_SM2 */ diff --git a/src/lib/libcrypto/sm2/sm2_za.c b/src/lib/libcrypto/sm2/sm2_za.c deleted file mode 100644 index 2a7f2846ec..0000000000 --- a/src/lib/libcrypto/sm2/sm2_za.c +++ /dev/null @@ -1,161 +0,0 @@ -/* $OpenBSD: sm2_za.c,v 1.1.1.1 2021/08/18 16:04:32 tb Exp $ */ -/* - * Copyright (c) 2017, 2019 Ribose Inc - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef OPENSSL_NO_SM2 - -#include -#include -#include -#include - -int -sm2_compute_userid_digest(uint8_t *out, const EVP_MD *digest, uint8_t *uid, - size_t uid_len, const EC_KEY *key) -{ - const EC_GROUP *group; - EVP_MD_CTX *hash = NULL; - BN_CTX *ctx = NULL; - BIGNUM *p, *a, *b, *xG, *yG, *xA, *yA; - uint8_t *buf = NULL; - uint16_t entla; - uint8_t e_byte; - int bytes, p_bytes; - int rc = 0; - - if ((group = EC_KEY_get0_group(key)) == NULL) - goto err; - - if ((hash = EVP_MD_CTX_new()) == NULL) - goto err; - - if ((ctx = BN_CTX_new()) == NULL) - goto err; - - if ((p = BN_CTX_get(ctx)) == NULL) - goto err; - if ((a = BN_CTX_get(ctx)) == NULL) - goto err; - if ((b = BN_CTX_get(ctx)) == NULL) - goto err; - if ((xG = BN_CTX_get(ctx)) == NULL) - goto err; - if ((yG = BN_CTX_get(ctx)) == NULL) - goto err; - if ((xA = BN_CTX_get(ctx)) == NULL) - goto err; - if ((yA = BN_CTX_get(ctx)) == NULL) - goto err; - - memset(out, 0, EVP_MD_size(digest)); - - if (!EVP_DigestInit(hash, digest)) - goto err; - - /* - * ZA=H256(ENTLA || IDA || a || b || xG || yG || xA || yA) - */ - - if (uid_len >= 8192) - goto err; - - entla = (unsigned short)(8 * uid_len); - - e_byte = entla >> 8; - if (!EVP_DigestUpdate(hash, &e_byte, 1)) - goto err; - - e_byte = entla & 0xFF; - if (!EVP_DigestUpdate(hash, &e_byte, 1)) - goto err; - - if (!EVP_DigestUpdate(hash, uid, uid_len)) - goto err; - - if (!EC_GROUP_get_curve(group, p, a, b, ctx)) - goto err; - - p_bytes = BN_num_bytes(p); - - if ((buf = calloc(1, p_bytes)) == NULL) - goto err; - - if ((bytes = BN_num_bytes(a)) > p_bytes) - goto err; - BN_bn2bin(a, buf + p_bytes - bytes); - if (!EVP_DigestUpdate(hash, buf, p_bytes)) - goto err; - - if ((bytes = BN_num_bytes(b)) > p_bytes) - goto err; - memset(buf, 0, p_bytes - bytes); - BN_bn2bin(b, buf + p_bytes - bytes); - if (!EVP_DigestUpdate(hash, buf, p_bytes)) - goto err; - - if (!EC_POINT_get_affine_coordinates(group, - EC_GROUP_get0_generator(group), xG, yG, ctx)) - goto err; - - if ((bytes = BN_num_bytes(xG)) > p_bytes) - goto err; - memset(buf, 0, p_bytes - bytes); - BN_bn2bin(xG, buf + p_bytes - bytes); - - if (!EVP_DigestUpdate(hash, buf, p_bytes)) - goto err; - - if ((bytes = BN_num_bytes(yG)) > p_bytes) - goto err; - memset(buf, 0, p_bytes - bytes); - BN_bn2bin(yG, buf + p_bytes - bytes); - - if (!EVP_DigestUpdate(hash, buf, p_bytes)) - goto err; - - if (!EC_POINT_get_affine_coordinates(group, - EC_KEY_get0_public_key(key), xA, yA, ctx)) - goto err; - - if ((bytes = BN_num_bytes(xA)) > p_bytes) - goto err; - memset(buf, 0, p_bytes - bytes); - BN_bn2bin(xA, buf + p_bytes - bytes); - - if (!EVP_DigestUpdate(hash, buf, p_bytes)) - goto err; - - if ((bytes = BN_num_bytes(yA)) > p_bytes) - goto err; - memset(buf, 0, p_bytes - bytes); - BN_bn2bin(yA, buf + p_bytes - bytes); - - if (!EVP_DigestUpdate(hash, buf, p_bytes)) - goto err; - - if (!EVP_DigestFinal(hash, out, NULL)) - goto err; - - rc = 1; - - err: - free(buf); - BN_CTX_free(ctx); - EVP_MD_CTX_free(hash); - return rc; -} - -#endif /* OPENSSL_NO_SM2 */ diff --git a/src/lib/libcrypto/sm3/sm3.c b/src/lib/libcrypto/sm3/sm3.c deleted file mode 100644 index 4da85244ba..0000000000 --- a/src/lib/libcrypto/sm3/sm3.c +++ /dev/null @@ -1,361 +0,0 @@ -/* $OpenBSD: sm3.c,v 1.18 2024/12/12 09:54:44 tb Exp $ */ -/* - * Copyright (c) 2018, Ribose Inc - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include - -#include - -#include "crypto_internal.h" - -/* Ensure that SM3_WORD and uint32_t are equivalent size. */ -CTASSERT(sizeof(SM3_WORD) == sizeof(uint32_t)); - -#ifndef OPENSSL_NO_SM3 - -#define P0(X) (X ^ crypto_rol_u32(X, 9) ^ crypto_rol_u32(X, 17)) -#define P1(X) (X ^ crypto_rol_u32(X, 15) ^ crypto_rol_u32(X, 23)) - -#define FF0(X, Y, Z) (X ^ Y ^ Z) -#define GG0(X, Y, Z) (X ^ Y ^ Z) - -#define FF1(X, Y, Z) ((X & Y) | ((X | Y) & Z)) -#define GG1(X, Y, Z) ((Z ^ (X & (Y ^ Z)))) - -#define EXPAND(W0, W7, W13, W3, W10) \ - (P1(W0 ^ W7 ^ crypto_rol_u32(W13, 15)) ^ crypto_rol_u32(W3, 7) ^ W10) - -#define ROUND(A, B, C, D, E, F, G, H, TJ, Wi, Wj, FF, GG) do { \ - const SM3_WORD A12 = crypto_rol_u32(A, 12); \ - const SM3_WORD A12_SM = A12 + E + TJ; \ - const SM3_WORD SS1 = crypto_rol_u32(A12_SM, 7); \ - const SM3_WORD TT1 = FF(A, B, C) + D + (SS1 ^ A12) + (Wj); \ - const SM3_WORD TT2 = GG(E, F, G) + H + SS1 + Wi; \ - B = crypto_rol_u32(B, 9); \ - D = TT1; \ - F = crypto_rol_u32(F, 19); \ - H = P0(TT2); \ -} while(0) - -#define R1(A, B, C, D, E, F, G, H, TJ, Wi, Wj) \ - ROUND(A, B, C, D, E, F, G, H, TJ, Wi, Wj, FF0, GG0) - -#define R2(A, B, C, D, E, F, G, H, TJ, Wi, Wj) \ - ROUND(A, B, C, D, E, F, G, H, TJ, Wi, Wj, FF1, GG1) - -static void -sm3_block_data_order(SM3_CTX *ctx, const void *_in, size_t num) -{ - const uint8_t *in = _in; - const SM3_WORD *in32; - SM3_WORD A, B, C, D, E, F, G, H; - SM3_WORD W00, W01, W02, W03, W04, W05, W06, W07; - SM3_WORD W08, W09, W10, W11, W12, W13, W14, W15; - - while (num-- != 0) { - A = ctx->A; - B = ctx->B; - C = ctx->C; - D = ctx->D; - E = ctx->E; - F = ctx->F; - G = ctx->G; - H = ctx->H; - - /* - * We have to load all message bytes immediately since SM3 reads - * them slightly out of order. - */ - if ((uintptr_t)in % 4 == 0) { - /* Input is 32 bit aligned. */ - in32 = (const SM3_WORD *)in; - W00 = be32toh(in32[0]); - W01 = be32toh(in32[1]); - W02 = be32toh(in32[2]); - W03 = be32toh(in32[3]); - W04 = be32toh(in32[4]); - W05 = be32toh(in32[5]); - W06 = be32toh(in32[6]); - W07 = be32toh(in32[7]); - W08 = be32toh(in32[8]); - W09 = be32toh(in32[9]); - W10 = be32toh(in32[10]); - W11 = be32toh(in32[11]); - W12 = be32toh(in32[12]); - W13 = be32toh(in32[13]); - W14 = be32toh(in32[14]); - W15 = be32toh(in32[15]); - } else { - /* Input is not 32 bit aligned. */ - W00 = crypto_load_be32toh(&in[0 * 4]); - W01 = crypto_load_be32toh(&in[1 * 4]); - W02 = crypto_load_be32toh(&in[2 * 4]); - W03 = crypto_load_be32toh(&in[3 * 4]); - W04 = crypto_load_be32toh(&in[4 * 4]); - W05 = crypto_load_be32toh(&in[5 * 4]); - W06 = crypto_load_be32toh(&in[6 * 4]); - W07 = crypto_load_be32toh(&in[7 * 4]); - W08 = crypto_load_be32toh(&in[8 * 4]); - W09 = crypto_load_be32toh(&in[9 * 4]); - W10 = crypto_load_be32toh(&in[10 * 4]); - W11 = crypto_load_be32toh(&in[11 * 4]); - W12 = crypto_load_be32toh(&in[12 * 4]); - W13 = crypto_load_be32toh(&in[13 * 4]); - W14 = crypto_load_be32toh(&in[14 * 4]); - W15 = crypto_load_be32toh(&in[15 * 4]); - } - in += SM3_CBLOCK; - - R1(A, B, C, D, E, F, G, H, 0x79cc4519, W00, W00 ^ W04); - W00 = EXPAND(W00, W07, W13, W03, W10); - R1(D, A, B, C, H, E, F, G, 0xf3988a32, W01, W01 ^ W05); - W01 = EXPAND(W01, W08, W14, W04, W11); - R1(C, D, A, B, G, H, E, F, 0xe7311465, W02, W02 ^ W06); - W02 = EXPAND(W02, W09, W15, W05, W12); - R1(B, C, D, A, F, G, H, E, 0xce6228cb, W03, W03 ^ W07); - W03 = EXPAND(W03, W10, W00, W06, W13); - R1(A, B, C, D, E, F, G, H, 0x9cc45197, W04, W04 ^ W08); - W04 = EXPAND(W04, W11, W01, W07, W14); - R1(D, A, B, C, H, E, F, G, 0x3988a32f, W05, W05 ^ W09); - W05 = EXPAND(W05, W12, W02, W08, W15); - R1(C, D, A, B, G, H, E, F, 0x7311465e, W06, W06 ^ W10); - W06 = EXPAND(W06, W13, W03, W09, W00); - R1(B, C, D, A, F, G, H, E, 0xe6228cbc, W07, W07 ^ W11); - W07 = EXPAND(W07, W14, W04, W10, W01); - R1(A, B, C, D, E, F, G, H, 0xcc451979, W08, W08 ^ W12); - W08 = EXPAND(W08, W15, W05, W11, W02); - R1(D, A, B, C, H, E, F, G, 0x988a32f3, W09, W09 ^ W13); - W09 = EXPAND(W09, W00, W06, W12, W03); - R1(C, D, A, B, G, H, E, F, 0x311465e7, W10, W10 ^ W14); - W10 = EXPAND(W10, W01, W07, W13, W04); - R1(B, C, D, A, F, G, H, E, 0x6228cbce, W11, W11 ^ W15); - W11 = EXPAND(W11, W02, W08, W14, W05); - R1(A, B, C, D, E, F, G, H, 0xc451979c, W12, W12 ^ W00); - W12 = EXPAND(W12, W03, W09, W15, W06); - R1(D, A, B, C, H, E, F, G, 0x88a32f39, W13, W13 ^ W01); - W13 = EXPAND(W13, W04, W10, W00, W07); - R1(C, D, A, B, G, H, E, F, 0x11465e73, W14, W14 ^ W02); - W14 = EXPAND(W14, W05, W11, W01, W08); - R1(B, C, D, A, F, G, H, E, 0x228cbce6, W15, W15 ^ W03); - W15 = EXPAND(W15, W06, W12, W02, W09); - R2(A, B, C, D, E, F, G, H, 0x9d8a7a87, W00, W00 ^ W04); - W00 = EXPAND(W00, W07, W13, W03, W10); - R2(D, A, B, C, H, E, F, G, 0x3b14f50f, W01, W01 ^ W05); - W01 = EXPAND(W01, W08, W14, W04, W11); - R2(C, D, A, B, G, H, E, F, 0x7629ea1e, W02, W02 ^ W06); - W02 = EXPAND(W02, W09, W15, W05, W12); - R2(B, C, D, A, F, G, H, E, 0xec53d43c, W03, W03 ^ W07); - W03 = EXPAND(W03, W10, W00, W06, W13); - R2(A, B, C, D, E, F, G, H, 0xd8a7a879, W04, W04 ^ W08); - W04 = EXPAND(W04, W11, W01, W07, W14); - R2(D, A, B, C, H, E, F, G, 0xb14f50f3, W05, W05 ^ W09); - W05 = EXPAND(W05, W12, W02, W08, W15); - R2(C, D, A, B, G, H, E, F, 0x629ea1e7, W06, W06 ^ W10); - W06 = EXPAND(W06, W13, W03, W09, W00); - R2(B, C, D, A, F, G, H, E, 0xc53d43ce, W07, W07 ^ W11); - W07 = EXPAND(W07, W14, W04, W10, W01); - R2(A, B, C, D, E, F, G, H, 0x8a7a879d, W08, W08 ^ W12); - W08 = EXPAND(W08, W15, W05, W11, W02); - R2(D, A, B, C, H, E, F, G, 0x14f50f3b, W09, W09 ^ W13); - W09 = EXPAND(W09, W00, W06, W12, W03); - R2(C, D, A, B, G, H, E, F, 0x29ea1e76, W10, W10 ^ W14); - W10 = EXPAND(W10, W01, W07, W13, W04); - R2(B, C, D, A, F, G, H, E, 0x53d43cec, W11, W11 ^ W15); - W11 = EXPAND(W11, W02, W08, W14, W05); - R2(A, B, C, D, E, F, G, H, 0xa7a879d8, W12, W12 ^ W00); - W12 = EXPAND(W12, W03, W09, W15, W06); - R2(D, A, B, C, H, E, F, G, 0x4f50f3b1, W13, W13 ^ W01); - W13 = EXPAND(W13, W04, W10, W00, W07); - R2(C, D, A, B, G, H, E, F, 0x9ea1e762, W14, W14 ^ W02); - W14 = EXPAND(W14, W05, W11, W01, W08); - R2(B, C, D, A, F, G, H, E, 0x3d43cec5, W15, W15 ^ W03); - W15 = EXPAND(W15, W06, W12, W02, W09); - R2(A, B, C, D, E, F, G, H, 0x7a879d8a, W00, W00 ^ W04); - W00 = EXPAND(W00, W07, W13, W03, W10); - R2(D, A, B, C, H, E, F, G, 0xf50f3b14, W01, W01 ^ W05); - W01 = EXPAND(W01, W08, W14, W04, W11); - R2(C, D, A, B, G, H, E, F, 0xea1e7629, W02, W02 ^ W06); - W02 = EXPAND(W02, W09, W15, W05, W12); - R2(B, C, D, A, F, G, H, E, 0xd43cec53, W03, W03 ^ W07); - W03 = EXPAND(W03, W10, W00, W06, W13); - R2(A, B, C, D, E, F, G, H, 0xa879d8a7, W04, W04 ^ W08); - W04 = EXPAND(W04, W11, W01, W07, W14); - R2(D, A, B, C, H, E, F, G, 0x50f3b14f, W05, W05 ^ W09); - W05 = EXPAND(W05, W12, W02, W08, W15); - R2(C, D, A, B, G, H, E, F, 0xa1e7629e, W06, W06 ^ W10); - W06 = EXPAND(W06, W13, W03, W09, W00); - R2(B, C, D, A, F, G, H, E, 0x43cec53d, W07, W07 ^ W11); - W07 = EXPAND(W07, W14, W04, W10, W01); - R2(A, B, C, D, E, F, G, H, 0x879d8a7a, W08, W08 ^ W12); - W08 = EXPAND(W08, W15, W05, W11, W02); - R2(D, A, B, C, H, E, F, G, 0x0f3b14f5, W09, W09 ^ W13); - W09 = EXPAND(W09, W00, W06, W12, W03); - R2(C, D, A, B, G, H, E, F, 0x1e7629ea, W10, W10 ^ W14); - W10 = EXPAND(W10, W01, W07, W13, W04); - R2(B, C, D, A, F, G, H, E, 0x3cec53d4, W11, W11 ^ W15); - W11 = EXPAND(W11, W02, W08, W14, W05); - R2(A, B, C, D, E, F, G, H, 0x79d8a7a8, W12, W12 ^ W00); - W12 = EXPAND(W12, W03, W09, W15, W06); - R2(D, A, B, C, H, E, F, G, 0xf3b14f50, W13, W13 ^ W01); - W13 = EXPAND(W13, W04, W10, W00, W07); - R2(C, D, A, B, G, H, E, F, 0xe7629ea1, W14, W14 ^ W02); - W14 = EXPAND(W14, W05, W11, W01, W08); - R2(B, C, D, A, F, G, H, E, 0xcec53d43, W15, W15 ^ W03); - W15 = EXPAND(W15, W06, W12, W02, W09); - R2(A, B, C, D, E, F, G, H, 0x9d8a7a87, W00, W00 ^ W04); - W00 = EXPAND(W00, W07, W13, W03, W10); - R2(D, A, B, C, H, E, F, G, 0x3b14f50f, W01, W01 ^ W05); - W01 = EXPAND(W01, W08, W14, W04, W11); - R2(C, D, A, B, G, H, E, F, 0x7629ea1e, W02, W02 ^ W06); - W02 = EXPAND(W02, W09, W15, W05, W12); - R2(B, C, D, A, F, G, H, E, 0xec53d43c, W03, W03 ^ W07); - W03 = EXPAND(W03, W10, W00, W06, W13); - R2(A, B, C, D, E, F, G, H, 0xd8a7a879, W04, W04 ^ W08); - R2(D, A, B, C, H, E, F, G, 0xb14f50f3, W05, W05 ^ W09); - R2(C, D, A, B, G, H, E, F, 0x629ea1e7, W06, W06 ^ W10); - R2(B, C, D, A, F, G, H, E, 0xc53d43ce, W07, W07 ^ W11); - R2(A, B, C, D, E, F, G, H, 0x8a7a879d, W08, W08 ^ W12); - R2(D, A, B, C, H, E, F, G, 0x14f50f3b, W09, W09 ^ W13); - R2(C, D, A, B, G, H, E, F, 0x29ea1e76, W10, W10 ^ W14); - R2(B, C, D, A, F, G, H, E, 0x53d43cec, W11, W11 ^ W15); - R2(A, B, C, D, E, F, G, H, 0xa7a879d8, W12, W12 ^ W00); - R2(D, A, B, C, H, E, F, G, 0x4f50f3b1, W13, W13 ^ W01); - R2(C, D, A, B, G, H, E, F, 0x9ea1e762, W14, W14 ^ W02); - R2(B, C, D, A, F, G, H, E, 0x3d43cec5, W15, W15 ^ W03); - - ctx->A ^= A; - ctx->B ^= B; - ctx->C ^= C; - ctx->D ^= D; - ctx->E ^= E; - ctx->F ^= F; - ctx->G ^= G; - ctx->H ^= H; - } -} - -int -SM3_Init(SM3_CTX *c) -{ - memset(c, 0, sizeof(*c)); - - c->A = 0x7380166fUL; - c->B = 0x4914b2b9UL; - c->C = 0x172442d7UL; - c->D = 0xda8a0600UL; - c->E = 0xa96f30bcUL; - c->F = 0x163138aaUL; - c->G = 0xe38dee4dUL; - c->H = 0xb0fb0e4eUL; - - return 1; -} -LCRYPTO_ALIAS(SM3_Init); - -int -SM3_Update(SM3_CTX *c, const void *data_, size_t len) -{ - const unsigned char *data = data_; - unsigned char *p; - SM3_WORD l; - size_t n; - - if (len == 0) - return 1; - - l = (c->Nl + (((SM3_WORD)len) << 3))&0xffffffffUL; - /* 95-05-24 eay Fixed a bug with the overflow handling, thanks to - * Wei Dai for pointing it out. */ - if (l < c->Nl) /* overflow */ - c->Nh++; - c->Nh+=(SM3_WORD)(len>>29); /* might cause compiler warning on 16-bit */ - c->Nl = l; - - n = c->num; - if (n != 0) { - p = (unsigned char *)c->data; - - if (len >= SM3_CBLOCK || len + n >= SM3_CBLOCK) { - memcpy(p + n, data, SM3_CBLOCK - n); - sm3_block_data_order(c, p, 1); - n = SM3_CBLOCK - n; - data += n; - len -= n; - c->num = 0; - memset(p, 0, SM3_CBLOCK); /* keep it zeroed */ - } else { - memcpy(p + n, data, len); - c->num += (unsigned int)len; - return 1; - } - } - - n = len / SM3_CBLOCK; - if (n > 0) { - sm3_block_data_order(c, data, n); - n *= SM3_CBLOCK; - data += n; - len -= n; - } - - if (len != 0) { - p = (unsigned char *)c->data; - c->num = (unsigned int)len; - memcpy(p, data, len); - } - return 1; -} -LCRYPTO_ALIAS(SM3_Update); - -int -SM3_Final(unsigned char *md, SM3_CTX *c) -{ - unsigned char *p = (unsigned char *)c->data; - size_t n = c->num; - - p[n] = 0x80; /* there is always room for one */ - n++; - - if (n > (SM3_CBLOCK - 8)) { - memset(p + n, 0, SM3_CBLOCK - n); - n = 0; - sm3_block_data_order(c, p, 1); - } - - memset(p + n, 0, SM3_CBLOCK - 8 - n); - c->data[SM3_LBLOCK - 2] = htobe32(c->Nh); - c->data[SM3_LBLOCK - 1] = htobe32(c->Nl); - - sm3_block_data_order(c, p, 1); - c->num = 0; - memset(p, 0, SM3_CBLOCK); - - crypto_store_htobe32(&md[0 * 4], c->A); - crypto_store_htobe32(&md[1 * 4], c->B); - crypto_store_htobe32(&md[2 * 4], c->C); - crypto_store_htobe32(&md[3 * 4], c->D); - crypto_store_htobe32(&md[4 * 4], c->E); - crypto_store_htobe32(&md[5 * 4], c->F); - crypto_store_htobe32(&md[6 * 4], c->G); - crypto_store_htobe32(&md[7 * 4], c->H); - - return 1; -} -LCRYPTO_ALIAS(SM3_Final); - -#endif /* !OPENSSL_NO_SM3 */ diff --git a/src/lib/libcrypto/sm3/sm3.h b/src/lib/libcrypto/sm3/sm3.h deleted file mode 100644 index fa435d3d0f..0000000000 --- a/src/lib/libcrypto/sm3/sm3.h +++ /dev/null @@ -1,49 +0,0 @@ -/* $OpenBSD: sm3.h,v 1.2 2025/01/25 17:59:44 tb Exp $ */ -/* - * Copyright (c) 2018, Ribose Inc - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_SM3_H -#define HEADER_SM3_H - -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#define SM3_DIGEST_LENGTH 32 -#define SM3_WORD unsigned int - -#define SM3_CBLOCK 64 -#define SM3_LBLOCK (SM3_CBLOCK / 4) - -typedef struct SM3state_st { - SM3_WORD A, B, C, D, E, F, G, H; - SM3_WORD Nl, Nh; - SM3_WORD data[SM3_LBLOCK]; - unsigned int num; -} SM3_CTX; - -int SM3_Init(SM3_CTX *c); -int SM3_Update(SM3_CTX *c, const void *data, size_t len); -int SM3_Final(unsigned char *md, SM3_CTX *c); - -#ifdef __cplusplus -} -#endif - -#endif /* HEADER_SM3_H */ diff --git a/src/lib/libcrypto/sm4/sm4.c b/src/lib/libcrypto/sm4/sm4.c deleted file mode 100644 index 6e90fa19dd..0000000000 --- a/src/lib/libcrypto/sm4/sm4.c +++ /dev/null @@ -1,304 +0,0 @@ -/* $OpenBSD: sm4.c,v 1.6 2025/01/22 09:53:16 jsing Exp $ */ -/* - * Copyright (c) 2017, 2019 Ribose Inc - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#ifndef OPENSSL_NO_SM4 -#include - -#include "crypto_internal.h" - -struct sm4_key { - uint32_t rk[SM4_KEY_SCHEDULE]; -}; - -static const uint8_t SM4_S[256] = { - 0xD6, 0x90, 0xE9, 0xFE, 0xCC, 0xE1, 0x3D, 0xB7, 0x16, 0xB6, 0x14, 0xC2, - 0x28, 0xFB, 0x2C, 0x05, 0x2B, 0x67, 0x9A, 0x76, 0x2A, 0xBE, 0x04, 0xC3, - 0xAA, 0x44, 0x13, 0x26, 0x49, 0x86, 0x06, 0x99, 0x9C, 0x42, 0x50, 0xF4, - 0x91, 0xEF, 0x98, 0x7A, 0x33, 0x54, 0x0B, 0x43, 0xED, 0xCF, 0xAC, 0x62, - 0xE4, 0xB3, 0x1C, 0xA9, 0xC9, 0x08, 0xE8, 0x95, 0x80, 0xDF, 0x94, 0xFA, - 0x75, 0x8F, 0x3F, 0xA6, 0x47, 0x07, 0xA7, 0xFC, 0xF3, 0x73, 0x17, 0xBA, - 0x83, 0x59, 0x3C, 0x19, 0xE6, 0x85, 0x4F, 0xA8, 0x68, 0x6B, 0x81, 0xB2, - 0x71, 0x64, 0xDA, 0x8B, 0xF8, 0xEB, 0x0F, 0x4B, 0x70, 0x56, 0x9D, 0x35, - 0x1E, 0x24, 0x0E, 0x5E, 0x63, 0x58, 0xD1, 0xA2, 0x25, 0x22, 0x7C, 0x3B, - 0x01, 0x21, 0x78, 0x87, 0xD4, 0x00, 0x46, 0x57, 0x9F, 0xD3, 0x27, 0x52, - 0x4C, 0x36, 0x02, 0xE7, 0xA0, 0xC4, 0xC8, 0x9E, 0xEA, 0xBF, 0x8A, 0xD2, - 0x40, 0xC7, 0x38, 0xB5, 0xA3, 0xF7, 0xF2, 0xCE, 0xF9, 0x61, 0x15, 0xA1, - 0xE0, 0xAE, 0x5D, 0xA4, 0x9B, 0x34, 0x1A, 0x55, 0xAD, 0x93, 0x32, 0x30, - 0xF5, 0x8C, 0xB1, 0xE3, 0x1D, 0xF6, 0xE2, 0x2E, 0x82, 0x66, 0xCA, 0x60, - 0xC0, 0x29, 0x23, 0xAB, 0x0D, 0x53, 0x4E, 0x6F, 0xD5, 0xDB, 0x37, 0x45, - 0xDE, 0xFD, 0x8E, 0x2F, 0x03, 0xFF, 0x6A, 0x72, 0x6D, 0x6C, 0x5B, 0x51, - 0x8D, 0x1B, 0xAF, 0x92, 0xBB, 0xDD, 0xBC, 0x7F, 0x11, 0xD9, 0x5C, 0x41, - 0x1F, 0x10, 0x5A, 0xD8, 0x0A, 0xC1, 0x31, 0x88, 0xA5, 0xCD, 0x7B, 0xBD, - 0x2D, 0x74, 0xD0, 0x12, 0xB8, 0xE5, 0xB4, 0xB0, 0x89, 0x69, 0x97, 0x4A, - 0x0C, 0x96, 0x77, 0x7E, 0x65, 0xB9, 0xF1, 0x09, 0xC5, 0x6E, 0xC6, 0x84, - 0x18, 0xF0, 0x7D, 0xEC, 0x3A, 0xDC, 0x4D, 0x20, 0x79, 0xEE, 0x5F, 0x3E, - 0xD7, 0xCB, 0x39, 0x48, -}; - -/* - * SM4_SBOX_T[j] == L(SM4_SBOX[j]). - */ -static const uint32_t SM4_SBOX_T[256] = { - 0x8ED55B5B, 0xD0924242, 0x4DEAA7A7, 0x06FDFBFB, 0xFCCF3333, 0x65E28787, - 0xC93DF4F4, 0x6BB5DEDE, 0x4E165858, 0x6EB4DADA, 0x44145050, 0xCAC10B0B, - 0x8828A0A0, 0x17F8EFEF, 0x9C2CB0B0, 0x11051414, 0x872BACAC, 0xFB669D9D, - 0xF2986A6A, 0xAE77D9D9, 0x822AA8A8, 0x46BCFAFA, 0x14041010, 0xCFC00F0F, - 0x02A8AAAA, 0x54451111, 0x5F134C4C, 0xBE269898, 0x6D482525, 0x9E841A1A, - 0x1E061818, 0xFD9B6666, 0xEC9E7272, 0x4A430909, 0x10514141, 0x24F7D3D3, - 0xD5934646, 0x53ECBFBF, 0xF89A6262, 0x927BE9E9, 0xFF33CCCC, 0x04555151, - 0x270B2C2C, 0x4F420D0D, 0x59EEB7B7, 0xF3CC3F3F, 0x1CAEB2B2, 0xEA638989, - 0x74E79393, 0x7FB1CECE, 0x6C1C7070, 0x0DABA6A6, 0xEDCA2727, 0x28082020, - 0x48EBA3A3, 0xC1975656, 0x80820202, 0xA3DC7F7F, 0xC4965252, 0x12F9EBEB, - 0xA174D5D5, 0xB38D3E3E, 0xC33FFCFC, 0x3EA49A9A, 0x5B461D1D, 0x1B071C1C, - 0x3BA59E9E, 0x0CFFF3F3, 0x3FF0CFCF, 0xBF72CDCD, 0x4B175C5C, 0x52B8EAEA, - 0x8F810E0E, 0x3D586565, 0xCC3CF0F0, 0x7D196464, 0x7EE59B9B, 0x91871616, - 0x734E3D3D, 0x08AAA2A2, 0xC869A1A1, 0xC76AADAD, 0x85830606, 0x7AB0CACA, - 0xB570C5C5, 0xF4659191, 0xB2D96B6B, 0xA7892E2E, 0x18FBE3E3, 0x47E8AFAF, - 0x330F3C3C, 0x674A2D2D, 0xB071C1C1, 0x0E575959, 0xE99F7676, 0xE135D4D4, - 0x661E7878, 0xB4249090, 0x360E3838, 0x265F7979, 0xEF628D8D, 0x38596161, - 0x95D24747, 0x2AA08A8A, 0xB1259494, 0xAA228888, 0x8C7DF1F1, 0xD73BECEC, - 0x05010404, 0xA5218484, 0x9879E1E1, 0x9B851E1E, 0x84D75353, 0x00000000, - 0x5E471919, 0x0B565D5D, 0xE39D7E7E, 0x9FD04F4F, 0xBB279C9C, 0x1A534949, - 0x7C4D3131, 0xEE36D8D8, 0x0A020808, 0x7BE49F9F, 0x20A28282, 0xD4C71313, - 0xE8CB2323, 0xE69C7A7A, 0x42E9ABAB, 0x43BDFEFE, 0xA2882A2A, 0x9AD14B4B, - 0x40410101, 0xDBC41F1F, 0xD838E0E0, 0x61B7D6D6, 0x2FA18E8E, 0x2BF4DFDF, - 0x3AF1CBCB, 0xF6CD3B3B, 0x1DFAE7E7, 0xE5608585, 0x41155454, 0x25A38686, - 0x60E38383, 0x16ACBABA, 0x295C7575, 0x34A69292, 0xF7996E6E, 0xE434D0D0, - 0x721A6868, 0x01545555, 0x19AFB6B6, 0xDF914E4E, 0xFA32C8C8, 0xF030C0C0, - 0x21F6D7D7, 0xBC8E3232, 0x75B3C6C6, 0x6FE08F8F, 0x691D7474, 0x2EF5DBDB, - 0x6AE18B8B, 0x962EB8B8, 0x8A800A0A, 0xFE679999, 0xE2C92B2B, 0xE0618181, - 0xC0C30303, 0x8D29A4A4, 0xAF238C8C, 0x07A9AEAE, 0x390D3434, 0x1F524D4D, - 0x764F3939, 0xD36EBDBD, 0x81D65757, 0xB7D86F6F, 0xEB37DCDC, 0x51441515, - 0xA6DD7B7B, 0x09FEF7F7, 0xB68C3A3A, 0x932FBCBC, 0x0F030C0C, 0x03FCFFFF, - 0xC26BA9A9, 0xBA73C9C9, 0xD96CB5B5, 0xDC6DB1B1, 0x375A6D6D, 0x15504545, - 0xB98F3636, 0x771B6C6C, 0x13ADBEBE, 0xDA904A4A, 0x57B9EEEE, 0xA9DE7777, - 0x4CBEF2F2, 0x837EFDFD, 0x55114444, 0xBDDA6767, 0x2C5D7171, 0x45400505, - 0x631F7C7C, 0x50104040, 0x325B6969, 0xB8DB6363, 0x220A2828, 0xC5C20707, - 0xF531C4C4, 0xA88A2222, 0x31A79696, 0xF9CE3737, 0x977AEDED, 0x49BFF6F6, - 0x992DB4B4, 0xA475D1D1, 0x90D34343, 0x5A124848, 0x58BAE2E2, 0x71E69797, - 0x64B6D2D2, 0x70B2C2C2, 0xAD8B2626, 0xCD68A5A5, 0xCB955E5E, 0x624B2929, - 0x3C0C3030, 0xCE945A5A, 0xAB76DDDD, 0x867FF9F9, 0xF1649595, 0x5DBBE6E6, - 0x35F2C7C7, 0x2D092424, 0xD1C61717, 0xD66FB9B9, 0xDEC51B1B, 0x94861212, - 0x78186060, 0x30F3C3C3, 0x897CF5F5, 0x5CEFB3B3, 0xD23AE8E8, 0xACDF7373, - 0x794C3535, 0xA0208080, 0x9D78E5E5, 0x56EDBBBB, 0x235E7D7D, 0xC63EF8F8, - 0x8BD45F5F, 0xE7C82F2F, 0xDD39E4E4, 0x68492121, -}; - -static inline uint32_t -SM4_T_slow(uint32_t X) -{ - uint32_t t = 0; - - t |= ((uint32_t)SM4_S[(uint8_t)(X >> 24)]) << 24; - t |= ((uint32_t)SM4_S[(uint8_t)(X >> 16)]) << 16; - t |= ((uint32_t)SM4_S[(uint8_t)(X >> 8)]) << 8; - t |= SM4_S[(uint8_t)X]; - - /* L linear transform. */ - return t ^ crypto_rol_u32(t, 2) ^ crypto_rol_u32(t, 10) ^ - crypto_rol_u32(t, 18) ^ crypto_rol_u32(t, 24); -} - -static inline uint32_t -SM4_T(uint32_t X) -{ - return SM4_SBOX_T[(uint8_t)(X >> 24)] ^ - crypto_rol_u32(SM4_SBOX_T[(uint8_t)(X >> 16)], 24) ^ - crypto_rol_u32(SM4_SBOX_T[(uint8_t)(X >> 8)], 16) ^ - crypto_rol_u32(SM4_SBOX_T[(uint8_t)X], 8); -} - -/* - * SM4 Family Key - */ -static const uint32_t SM4_FK[4] = { - 0xa3b1bac6, 0x56aa3350, 0x677d9197, 0xb27022dc, -}; - -/* - * SM4 Constant Key - */ -static const uint32_t SM4_CK[32] = { - 0x00070E15, 0x1C232A31, 0x383F464D, 0x545B6269, - 0x70777E85, 0x8C939AA1, 0xA8AFB6BD, 0xC4CBD2D9, - 0xE0E7EEF5, 0xFC030A11, 0x181F262D, 0x343B4249, - 0x50575E65, 0x6C737A81, 0x888F969D, 0xA4ABB2B9, - 0xC0C7CED5, 0xDCE3EAF1, 0xF8FF060D, 0x141B2229, - 0x30373E45, 0x4C535A61, 0x686F767D, 0x848B9299, - 0xA0A7AEB5, 0xBCC3CAD1, 0xD8DFE6ED, 0xF4FB0209, - 0x10171E25, 0x2C333A41, 0x484F565D, 0x646B7279, -}; - -int -SM4_set_key(const uint8_t *key, SM4_KEY *k) -{ - struct sm4_key *ks = (struct sm4_key *)k; - uint32_t K[4]; - int i; - - K[0] = crypto_load_be32toh(&key[0 * 4]) ^ SM4_FK[0]; - K[1] = crypto_load_be32toh(&key[1 * 4]) ^ SM4_FK[1]; - K[2] = crypto_load_be32toh(&key[2 * 4]) ^ SM4_FK[2]; - K[3] = crypto_load_be32toh(&key[3 * 4]) ^ SM4_FK[3]; - - for (i = 0; i < SM4_KEY_SCHEDULE; i++) { - uint32_t X; - uint32_t t = 0; - - X = K[(i + 1) % 4] ^ K[(i + 2) % 4] ^ K[(i + 3) % 4] ^ SM4_CK[i]; - - t |= ((uint32_t)SM4_S[(uint8_t)(X >> 24)]) << 24; - t |= ((uint32_t)SM4_S[(uint8_t)(X >> 16)]) << 16; - t |= ((uint32_t)SM4_S[(uint8_t)(X >> 8)]) << 8; - t |= SM4_S[(uint8_t)X]; - - t = t ^ crypto_rol_u32(t, 13) ^ crypto_rol_u32(t, 23); - K[i % 4] ^= t; - ks->rk[i] = K[i % 4]; - } - - return 1; -} -LCRYPTO_ALIAS(SM4_set_key); - -void -SM4_encrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *k) -{ - struct sm4_key *ks = (struct sm4_key *)k; - uint32_t B0, B1, B2, B3; - - B0 = crypto_load_be32toh(&in[0 * 4]); - B1 = crypto_load_be32toh(&in[1 * 4]); - B2 = crypto_load_be32toh(&in[2 * 4]); - B3 = crypto_load_be32toh(&in[3 * 4]); - - /* - * Uses byte-wise sbox in the first and last rounds to provide some - * protection from cache based side channels. - */ - B0 ^= SM4_T_slow(B1 ^ B2 ^ B3 ^ ks->rk[0]); - B1 ^= SM4_T_slow(B0 ^ B2 ^ B3 ^ ks->rk[1]); - B2 ^= SM4_T_slow(B0 ^ B1 ^ B3 ^ ks->rk[2]); - B3 ^= SM4_T_slow(B0 ^ B1 ^ B2 ^ ks->rk[3]); - - B0 ^= SM4_T(B1 ^ B2 ^ B3 ^ ks->rk[4]); - B1 ^= SM4_T(B0 ^ B2 ^ B3 ^ ks->rk[5]); - B2 ^= SM4_T(B0 ^ B1 ^ B3 ^ ks->rk[6]); - B3 ^= SM4_T(B0 ^ B1 ^ B2 ^ ks->rk[7]); - - B0 ^= SM4_T(B1 ^ B2 ^ B3 ^ ks->rk[8]); - B1 ^= SM4_T(B0 ^ B2 ^ B3 ^ ks->rk[9]); - B2 ^= SM4_T(B0 ^ B1 ^ B3 ^ ks->rk[10]); - B3 ^= SM4_T(B0 ^ B1 ^ B2 ^ ks->rk[11]); - - B0 ^= SM4_T(B1 ^ B2 ^ B3 ^ ks->rk[12]); - B1 ^= SM4_T(B0 ^ B2 ^ B3 ^ ks->rk[13]); - B2 ^= SM4_T(B0 ^ B1 ^ B3 ^ ks->rk[14]); - B3 ^= SM4_T(B0 ^ B1 ^ B2 ^ ks->rk[15]); - - B0 ^= SM4_T(B1 ^ B2 ^ B3 ^ ks->rk[16]); - B1 ^= SM4_T(B0 ^ B2 ^ B3 ^ ks->rk[17]); - B2 ^= SM4_T(B0 ^ B1 ^ B3 ^ ks->rk[18]); - B3 ^= SM4_T(B0 ^ B1 ^ B2 ^ ks->rk[19]); - - B0 ^= SM4_T(B1 ^ B2 ^ B3 ^ ks->rk[20]); - B1 ^= SM4_T(B0 ^ B2 ^ B3 ^ ks->rk[21]); - B2 ^= SM4_T(B0 ^ B1 ^ B3 ^ ks->rk[22]); - B3 ^= SM4_T(B0 ^ B1 ^ B2 ^ ks->rk[23]); - - B0 ^= SM4_T(B1 ^ B2 ^ B3 ^ ks->rk[24]); - B1 ^= SM4_T(B0 ^ B2 ^ B3 ^ ks->rk[25]); - B2 ^= SM4_T(B0 ^ B1 ^ B3 ^ ks->rk[26]); - B3 ^= SM4_T(B0 ^ B1 ^ B2 ^ ks->rk[27]); - - B0 ^= SM4_T_slow(B1 ^ B2 ^ B3 ^ ks->rk[28]); - B1 ^= SM4_T_slow(B0 ^ B2 ^ B3 ^ ks->rk[29]); - B2 ^= SM4_T_slow(B0 ^ B1 ^ B3 ^ ks->rk[30]); - B3 ^= SM4_T_slow(B0 ^ B1 ^ B2 ^ ks->rk[31]); - - crypto_store_htobe32(&out[0 * 4], B3); - crypto_store_htobe32(&out[1 * 4], B2); - crypto_store_htobe32(&out[2 * 4], B1); - crypto_store_htobe32(&out[3 * 4], B0); -} -LCRYPTO_ALIAS(SM4_encrypt); - -void -SM4_decrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *k) -{ - struct sm4_key *ks = (struct sm4_key *)k; - uint32_t B0, B1, B2, B3; - - B0 = crypto_load_be32toh(&in[0 * 4]); - B1 = crypto_load_be32toh(&in[1 * 4]); - B2 = crypto_load_be32toh(&in[2 * 4]); - B3 = crypto_load_be32toh(&in[3 * 4]); - - /* - * Uses byte-wise sbox in the first and last rounds to provide some - * protection from cache based side channels. - */ - B0 ^= SM4_T_slow(B1 ^ B2 ^ B3 ^ ks->rk[31]); - B1 ^= SM4_T_slow(B0 ^ B2 ^ B3 ^ ks->rk[30]); - B2 ^= SM4_T_slow(B0 ^ B1 ^ B3 ^ ks->rk[29]); - B3 ^= SM4_T_slow(B0 ^ B1 ^ B2 ^ ks->rk[28]); - - B0 ^= SM4_T(B1 ^ B2 ^ B3 ^ ks->rk[27]); - B1 ^= SM4_T(B0 ^ B2 ^ B3 ^ ks->rk[26]); - B2 ^= SM4_T(B0 ^ B1 ^ B3 ^ ks->rk[25]); - B3 ^= SM4_T(B0 ^ B1 ^ B2 ^ ks->rk[24]); - - B0 ^= SM4_T(B1 ^ B2 ^ B3 ^ ks->rk[23]); - B1 ^= SM4_T(B0 ^ B2 ^ B3 ^ ks->rk[22]); - B2 ^= SM4_T(B0 ^ B1 ^ B3 ^ ks->rk[21]); - B3 ^= SM4_T(B0 ^ B1 ^ B2 ^ ks->rk[20]); - - B0 ^= SM4_T(B1 ^ B2 ^ B3 ^ ks->rk[19]); - B1 ^= SM4_T(B0 ^ B2 ^ B3 ^ ks->rk[18]); - B2 ^= SM4_T(B0 ^ B1 ^ B3 ^ ks->rk[17]); - B3 ^= SM4_T(B0 ^ B1 ^ B2 ^ ks->rk[16]); - - B0 ^= SM4_T(B1 ^ B2 ^ B3 ^ ks->rk[15]); - B1 ^= SM4_T(B0 ^ B2 ^ B3 ^ ks->rk[14]); - B2 ^= SM4_T(B0 ^ B1 ^ B3 ^ ks->rk[13]); - B3 ^= SM4_T(B0 ^ B1 ^ B2 ^ ks->rk[12]); - - B0 ^= SM4_T(B1 ^ B2 ^ B3 ^ ks->rk[11]); - B1 ^= SM4_T(B0 ^ B2 ^ B3 ^ ks->rk[10]); - B2 ^= SM4_T(B0 ^ B1 ^ B3 ^ ks->rk[9]); - B3 ^= SM4_T(B0 ^ B1 ^ B2 ^ ks->rk[8]); - - B0 ^= SM4_T(B1 ^ B2 ^ B3 ^ ks->rk[7]); - B1 ^= SM4_T(B0 ^ B2 ^ B3 ^ ks->rk[6]); - B2 ^= SM4_T(B0 ^ B1 ^ B3 ^ ks->rk[5]); - B3 ^= SM4_T(B0 ^ B1 ^ B2 ^ ks->rk[4]); - - B0 ^= SM4_T_slow(B1 ^ B2 ^ B3 ^ ks->rk[3]); - B1 ^= SM4_T_slow(B0 ^ B2 ^ B3 ^ ks->rk[2]); - B2 ^= SM4_T_slow(B0 ^ B1 ^ B3 ^ ks->rk[1]); - B3 ^= SM4_T_slow(B0 ^ B1 ^ B2 ^ ks->rk[0]); - - crypto_store_htobe32(&out[0 * 4], B3); - crypto_store_htobe32(&out[1 * 4], B2); - crypto_store_htobe32(&out[2 * 4], B1); - crypto_store_htobe32(&out[3 * 4], B0); -} -LCRYPTO_ALIAS(SM4_decrypt); - -#endif /* OPENSSL_NO_SM4 */ diff --git a/src/lib/libcrypto/sm4/sm4.h b/src/lib/libcrypto/sm4/sm4.h deleted file mode 100644 index 0c7fc223eb..0000000000 --- a/src/lib/libcrypto/sm4/sm4.h +++ /dev/null @@ -1,47 +0,0 @@ -/* $OpenBSD: sm4.h,v 1.2 2025/01/25 17:59:44 tb Exp $ */ -/* - * Copyright (c) 2017, 2019 Ribose Inc - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef HEADER_SM4_H -#define HEADER_SM4_H - -#include - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#define SM4_DECRYPT 0 -#define SM4_ENCRYPT 1 - -#define SM4_BLOCK_SIZE 16 -#define SM4_KEY_SCHEDULE 32 - -typedef struct sm4_key_st { - unsigned char opaque[128]; -} SM4_KEY; - -int SM4_set_key(const uint8_t *key, SM4_KEY *ks); -void SM4_decrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks); -void SM4_encrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks); - -#ifdef __cplusplus -} -#endif - -#endif /* HEADER_SM4_H */ diff --git a/src/lib/libcrypto/stack/safestack.h b/src/lib/libcrypto/stack/safestack.h deleted file mode 100644 index 8425a45c6c..0000000000 --- a/src/lib/libcrypto/stack/safestack.h +++ /dev/null @@ -1,1739 +0,0 @@ -/* $OpenBSD: safestack.h,v 1.33 2024/03/02 11:22:48 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_SAFESTACK_H -#define HEADER_SAFESTACK_H - -#include - -#ifndef CHECKED_PTR_OF -#define CHECKED_PTR_OF(type, p) \ - ((void*) (1 ? p : (type*)0)) -#endif - -/* In C++ we get problems because an explicit cast is needed from (void *) - * we use CHECKED_STACK_OF to ensure the correct type is passed in the macros - * below. - */ - -#define CHECKED_STACK_OF(type, p) \ - ((_STACK*) (1 ? p : (STACK_OF(type)*)0)) - -#define CHECKED_SK_FREE_FUNC(type, p) \ - ((void (*)(void *)) ((1 ? p : (void (*)(type *))0))) - -#define CHECKED_SK_FREE_FUNC2(type, p) \ - ((void (*)(void *)) ((1 ? p : (void (*)(type))0))) - -#define CHECKED_SK_CMP_FUNC(type, p) \ - ((int (*)(const void *, const void *)) \ - ((1 ? p : (int (*)(const type * const *, const type * const *))0))) - -#define STACK_OF(type) struct stack_st_##type -#define PREDECLARE_STACK_OF(type) STACK_OF(type); - -#define DECLARE_STACK_OF(type) STACK_OF(type); -#define DECLARE_SPECIAL_STACK_OF(type, type2) STACK_OF(type); - -#define IMPLEMENT_STACK_OF(type) /* nada (obsolete in new safestack approach)*/ - - -/* Strings are special: normally an lhash entry will point to a single - * (somewhat) mutable object. In the case of strings: - * - * a) Instead of a single char, there is an array of chars, NUL-terminated. - * b) The string may have be immutable. - * - * So, they need their own declarations. Especially important for - * type-checking tools, such as Deputy. - * -o * In practice, however, it appears to be hard to have a const - * string. For now, I'm settling for dealing with the fact it is a - * string at all. - */ -typedef char *OPENSSL_STRING; - -typedef const char *OPENSSL_CSTRING; - -/* Confusingly, LHASH_OF(STRING) deals with char ** throughout, but - * STACK_OF(STRING) is really more like STACK_OF(char), only, as - * mentioned above, instead of a single char each entry is a - * NUL-terminated array of chars. So, we have to implement STRING - * specially for STACK_OF. This is dealt with in the autogenerated - * macros below. - */ - -DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char) - -/* SKM_sk_... stack macros are internal to safestack.h: - * never use them directly, use sk__... instead */ -#define SKM_sk_new(type, cmp) \ - ((STACK_OF(type) *)sk_new(CHECKED_SK_CMP_FUNC(type, cmp))) -#define SKM_sk_new_null(type) \ - ((STACK_OF(type) *)sk_new_null()) -#define SKM_sk_free(type, st) \ - sk_free(CHECKED_STACK_OF(type, st)) -#define SKM_sk_num(type, st) \ - sk_num(CHECKED_STACK_OF(type, st)) -#define SKM_sk_value(type, st,i) \ - ((type *)sk_value(CHECKED_STACK_OF(type, st), i)) -#define SKM_sk_set(type, st,i,val) \ - sk_set(CHECKED_STACK_OF(type, st), i, CHECKED_PTR_OF(type, val)) -#define SKM_sk_zero(type, st) \ - sk_zero(CHECKED_STACK_OF(type, st)) -#define SKM_sk_push(type, st, val) \ - sk_push(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val)) -#define SKM_sk_unshift(type, st, val) \ - sk_unshift(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val)) -#define SKM_sk_find(type, st, val) \ - sk_find(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val)) -#define SKM_sk_delete(type, st, i) \ - (type *)sk_delete(CHECKED_STACK_OF(type, st), i) -#define SKM_sk_delete_ptr(type, st, ptr) \ - (type *)sk_delete_ptr(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, ptr)) -#define SKM_sk_insert(type, st,val, i) \ - sk_insert(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val), i) -#define SKM_sk_set_cmp_func(type, st, cmp) \ - ((int (*)(const type * const *,const type * const *)) \ - sk_set_cmp_func(CHECKED_STACK_OF(type, st), CHECKED_SK_CMP_FUNC(type, cmp))) -#define SKM_sk_dup(type, st) \ - (STACK_OF(type) *)sk_dup(CHECKED_STACK_OF(type, st)) -#define SKM_sk_pop_free(type, st, free_func) \ - sk_pop_free(CHECKED_STACK_OF(type, st), CHECKED_SK_FREE_FUNC(type, free_func)) -#define SKM_sk_shift(type, st) \ - (type *)sk_shift(CHECKED_STACK_OF(type, st)) -#define SKM_sk_pop(type, st) \ - (type *)sk_pop(CHECKED_STACK_OF(type, st)) -#define SKM_sk_sort(type, st) \ - sk_sort(CHECKED_STACK_OF(type, st)) -#define SKM_sk_is_sorted(type, st) \ - sk_is_sorted(CHECKED_STACK_OF(type, st)) - -#define sk_ACCESS_DESCRIPTION_new(cmp) SKM_sk_new(ACCESS_DESCRIPTION, (cmp)) -#define sk_ACCESS_DESCRIPTION_new_null() SKM_sk_new_null(ACCESS_DESCRIPTION) -#define sk_ACCESS_DESCRIPTION_free(st) SKM_sk_free(ACCESS_DESCRIPTION, (st)) -#define sk_ACCESS_DESCRIPTION_num(st) SKM_sk_num(ACCESS_DESCRIPTION, (st)) -#define sk_ACCESS_DESCRIPTION_value(st, i) SKM_sk_value(ACCESS_DESCRIPTION, (st), (i)) -#define sk_ACCESS_DESCRIPTION_set(st, i, val) SKM_sk_set(ACCESS_DESCRIPTION, (st), (i), (val)) -#define sk_ACCESS_DESCRIPTION_zero(st) SKM_sk_zero(ACCESS_DESCRIPTION, (st)) -#define sk_ACCESS_DESCRIPTION_push(st, val) SKM_sk_push(ACCESS_DESCRIPTION, (st), (val)) -#define sk_ACCESS_DESCRIPTION_unshift(st, val) SKM_sk_unshift(ACCESS_DESCRIPTION, (st), (val)) -#define sk_ACCESS_DESCRIPTION_find(st, val) SKM_sk_find(ACCESS_DESCRIPTION, (st), (val)) -#define sk_ACCESS_DESCRIPTION_delete(st, i) SKM_sk_delete(ACCESS_DESCRIPTION, (st), (i)) -#define sk_ACCESS_DESCRIPTION_delete_ptr(st, ptr) SKM_sk_delete_ptr(ACCESS_DESCRIPTION, (st), (ptr)) -#define sk_ACCESS_DESCRIPTION_insert(st, val, i) SKM_sk_insert(ACCESS_DESCRIPTION, (st), (val), (i)) -#define sk_ACCESS_DESCRIPTION_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ACCESS_DESCRIPTION, (st), (cmp)) -#define sk_ACCESS_DESCRIPTION_dup(st) SKM_sk_dup(ACCESS_DESCRIPTION, st) -#define sk_ACCESS_DESCRIPTION_pop_free(st, free_func) SKM_sk_pop_free(ACCESS_DESCRIPTION, (st), (free_func)) -#define sk_ACCESS_DESCRIPTION_shift(st) SKM_sk_shift(ACCESS_DESCRIPTION, (st)) -#define sk_ACCESS_DESCRIPTION_pop(st) SKM_sk_pop(ACCESS_DESCRIPTION, (st)) -#define sk_ACCESS_DESCRIPTION_sort(st) SKM_sk_sort(ACCESS_DESCRIPTION, (st)) -#define sk_ACCESS_DESCRIPTION_is_sorted(st) SKM_sk_is_sorted(ACCESS_DESCRIPTION, (st)) - -#define sk_ASIdOrRange_new(cmp) SKM_sk_new(ASIdOrRange, (cmp)) -#define sk_ASIdOrRange_new_null() SKM_sk_new_null(ASIdOrRange) -#define sk_ASIdOrRange_free(st) SKM_sk_free(ASIdOrRange, (st)) -#define sk_ASIdOrRange_num(st) SKM_sk_num(ASIdOrRange, (st)) -#define sk_ASIdOrRange_value(st, i) SKM_sk_value(ASIdOrRange, (st), (i)) -#define sk_ASIdOrRange_set(st, i, val) SKM_sk_set(ASIdOrRange, (st), (i), (val)) -#define sk_ASIdOrRange_zero(st) SKM_sk_zero(ASIdOrRange, (st)) -#define sk_ASIdOrRange_push(st, val) SKM_sk_push(ASIdOrRange, (st), (val)) -#define sk_ASIdOrRange_unshift(st, val) SKM_sk_unshift(ASIdOrRange, (st), (val)) -#define sk_ASIdOrRange_find(st, val) SKM_sk_find(ASIdOrRange, (st), (val)) -#define sk_ASIdOrRange_delete(st, i) SKM_sk_delete(ASIdOrRange, (st), (i)) -#define sk_ASIdOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASIdOrRange, (st), (ptr)) -#define sk_ASIdOrRange_insert(st, val, i) SKM_sk_insert(ASIdOrRange, (st), (val), (i)) -#define sk_ASIdOrRange_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASIdOrRange, (st), (cmp)) -#define sk_ASIdOrRange_dup(st) SKM_sk_dup(ASIdOrRange, st) -#define sk_ASIdOrRange_pop_free(st, free_func) SKM_sk_pop_free(ASIdOrRange, (st), (free_func)) -#define sk_ASIdOrRange_shift(st) SKM_sk_shift(ASIdOrRange, (st)) -#define sk_ASIdOrRange_pop(st) SKM_sk_pop(ASIdOrRange, (st)) -#define sk_ASIdOrRange_sort(st) SKM_sk_sort(ASIdOrRange, (st)) -#define sk_ASIdOrRange_is_sorted(st) SKM_sk_is_sorted(ASIdOrRange, (st)) - -#define sk_ASN1_GENERALSTRING_new(cmp) SKM_sk_new(ASN1_GENERALSTRING, (cmp)) -#define sk_ASN1_GENERALSTRING_new_null() SKM_sk_new_null(ASN1_GENERALSTRING) -#define sk_ASN1_GENERALSTRING_free(st) SKM_sk_free(ASN1_GENERALSTRING, (st)) -#define sk_ASN1_GENERALSTRING_num(st) SKM_sk_num(ASN1_GENERALSTRING, (st)) -#define sk_ASN1_GENERALSTRING_value(st, i) SKM_sk_value(ASN1_GENERALSTRING, (st), (i)) -#define sk_ASN1_GENERALSTRING_set(st, i, val) SKM_sk_set(ASN1_GENERALSTRING, (st), (i), (val)) -#define sk_ASN1_GENERALSTRING_zero(st) SKM_sk_zero(ASN1_GENERALSTRING, (st)) -#define sk_ASN1_GENERALSTRING_push(st, val) SKM_sk_push(ASN1_GENERALSTRING, (st), (val)) -#define sk_ASN1_GENERALSTRING_unshift(st, val) SKM_sk_unshift(ASN1_GENERALSTRING, (st), (val)) -#define sk_ASN1_GENERALSTRING_find(st, val) SKM_sk_find(ASN1_GENERALSTRING, (st), (val)) -#define sk_ASN1_GENERALSTRING_delete(st, i) SKM_sk_delete(ASN1_GENERALSTRING, (st), (i)) -#define sk_ASN1_GENERALSTRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_GENERALSTRING, (st), (ptr)) -#define sk_ASN1_GENERALSTRING_insert(st, val, i) SKM_sk_insert(ASN1_GENERALSTRING, (st), (val), (i)) -#define sk_ASN1_GENERALSTRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_GENERALSTRING, (st), (cmp)) -#define sk_ASN1_GENERALSTRING_dup(st) SKM_sk_dup(ASN1_GENERALSTRING, st) -#define sk_ASN1_GENERALSTRING_pop_free(st, free_func) SKM_sk_pop_free(ASN1_GENERALSTRING, (st), (free_func)) -#define sk_ASN1_GENERALSTRING_shift(st) SKM_sk_shift(ASN1_GENERALSTRING, (st)) -#define sk_ASN1_GENERALSTRING_pop(st) SKM_sk_pop(ASN1_GENERALSTRING, (st)) -#define sk_ASN1_GENERALSTRING_sort(st) SKM_sk_sort(ASN1_GENERALSTRING, (st)) -#define sk_ASN1_GENERALSTRING_is_sorted(st) SKM_sk_is_sorted(ASN1_GENERALSTRING, (st)) - -#define sk_ASN1_INTEGER_new(cmp) SKM_sk_new(ASN1_INTEGER, (cmp)) -#define sk_ASN1_INTEGER_new_null() SKM_sk_new_null(ASN1_INTEGER) -#define sk_ASN1_INTEGER_free(st) SKM_sk_free(ASN1_INTEGER, (st)) -#define sk_ASN1_INTEGER_num(st) SKM_sk_num(ASN1_INTEGER, (st)) -#define sk_ASN1_INTEGER_value(st, i) SKM_sk_value(ASN1_INTEGER, (st), (i)) -#define sk_ASN1_INTEGER_set(st, i, val) SKM_sk_set(ASN1_INTEGER, (st), (i), (val)) -#define sk_ASN1_INTEGER_zero(st) SKM_sk_zero(ASN1_INTEGER, (st)) -#define sk_ASN1_INTEGER_push(st, val) SKM_sk_push(ASN1_INTEGER, (st), (val)) -#define sk_ASN1_INTEGER_unshift(st, val) SKM_sk_unshift(ASN1_INTEGER, (st), (val)) -#define sk_ASN1_INTEGER_find(st, val) SKM_sk_find(ASN1_INTEGER, (st), (val)) -#define sk_ASN1_INTEGER_delete(st, i) SKM_sk_delete(ASN1_INTEGER, (st), (i)) -#define sk_ASN1_INTEGER_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_INTEGER, (st), (ptr)) -#define sk_ASN1_INTEGER_insert(st, val, i) SKM_sk_insert(ASN1_INTEGER, (st), (val), (i)) -#define sk_ASN1_INTEGER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_INTEGER, (st), (cmp)) -#define sk_ASN1_INTEGER_dup(st) SKM_sk_dup(ASN1_INTEGER, st) -#define sk_ASN1_INTEGER_pop_free(st, free_func) SKM_sk_pop_free(ASN1_INTEGER, (st), (free_func)) -#define sk_ASN1_INTEGER_shift(st) SKM_sk_shift(ASN1_INTEGER, (st)) -#define sk_ASN1_INTEGER_pop(st) SKM_sk_pop(ASN1_INTEGER, (st)) -#define sk_ASN1_INTEGER_sort(st) SKM_sk_sort(ASN1_INTEGER, (st)) -#define sk_ASN1_INTEGER_is_sorted(st) SKM_sk_is_sorted(ASN1_INTEGER, (st)) - -#define sk_ASN1_OBJECT_new(cmp) SKM_sk_new(ASN1_OBJECT, (cmp)) -#define sk_ASN1_OBJECT_new_null() SKM_sk_new_null(ASN1_OBJECT) -#define sk_ASN1_OBJECT_free(st) SKM_sk_free(ASN1_OBJECT, (st)) -#define sk_ASN1_OBJECT_num(st) SKM_sk_num(ASN1_OBJECT, (st)) -#define sk_ASN1_OBJECT_value(st, i) SKM_sk_value(ASN1_OBJECT, (st), (i)) -#define sk_ASN1_OBJECT_set(st, i, val) SKM_sk_set(ASN1_OBJECT, (st), (i), (val)) -#define sk_ASN1_OBJECT_zero(st) SKM_sk_zero(ASN1_OBJECT, (st)) -#define sk_ASN1_OBJECT_push(st, val) SKM_sk_push(ASN1_OBJECT, (st), (val)) -#define sk_ASN1_OBJECT_unshift(st, val) SKM_sk_unshift(ASN1_OBJECT, (st), (val)) -#define sk_ASN1_OBJECT_find(st, val) SKM_sk_find(ASN1_OBJECT, (st), (val)) -#define sk_ASN1_OBJECT_delete(st, i) SKM_sk_delete(ASN1_OBJECT, (st), (i)) -#define sk_ASN1_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_OBJECT, (st), (ptr)) -#define sk_ASN1_OBJECT_insert(st, val, i) SKM_sk_insert(ASN1_OBJECT, (st), (val), (i)) -#define sk_ASN1_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_OBJECT, (st), (cmp)) -#define sk_ASN1_OBJECT_dup(st) SKM_sk_dup(ASN1_OBJECT, st) -#define sk_ASN1_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(ASN1_OBJECT, (st), (free_func)) -#define sk_ASN1_OBJECT_shift(st) SKM_sk_shift(ASN1_OBJECT, (st)) -#define sk_ASN1_OBJECT_pop(st) SKM_sk_pop(ASN1_OBJECT, (st)) -#define sk_ASN1_OBJECT_sort(st) SKM_sk_sort(ASN1_OBJECT, (st)) -#define sk_ASN1_OBJECT_is_sorted(st) SKM_sk_is_sorted(ASN1_OBJECT, (st)) - -#define sk_ASN1_TYPE_new(cmp) SKM_sk_new(ASN1_TYPE, (cmp)) -#define sk_ASN1_TYPE_new_null() SKM_sk_new_null(ASN1_TYPE) -#define sk_ASN1_TYPE_free(st) SKM_sk_free(ASN1_TYPE, (st)) -#define sk_ASN1_TYPE_num(st) SKM_sk_num(ASN1_TYPE, (st)) -#define sk_ASN1_TYPE_value(st, i) SKM_sk_value(ASN1_TYPE, (st), (i)) -#define sk_ASN1_TYPE_set(st, i, val) SKM_sk_set(ASN1_TYPE, (st), (i), (val)) -#define sk_ASN1_TYPE_zero(st) SKM_sk_zero(ASN1_TYPE, (st)) -#define sk_ASN1_TYPE_push(st, val) SKM_sk_push(ASN1_TYPE, (st), (val)) -#define sk_ASN1_TYPE_unshift(st, val) SKM_sk_unshift(ASN1_TYPE, (st), (val)) -#define sk_ASN1_TYPE_find(st, val) SKM_sk_find(ASN1_TYPE, (st), (val)) -#define sk_ASN1_TYPE_delete(st, i) SKM_sk_delete(ASN1_TYPE, (st), (i)) -#define sk_ASN1_TYPE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_TYPE, (st), (ptr)) -#define sk_ASN1_TYPE_insert(st, val, i) SKM_sk_insert(ASN1_TYPE, (st), (val), (i)) -#define sk_ASN1_TYPE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_TYPE, (st), (cmp)) -#define sk_ASN1_TYPE_dup(st) SKM_sk_dup(ASN1_TYPE, st) -#define sk_ASN1_TYPE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_TYPE, (st), (free_func)) -#define sk_ASN1_TYPE_shift(st) SKM_sk_shift(ASN1_TYPE, (st)) -#define sk_ASN1_TYPE_pop(st) SKM_sk_pop(ASN1_TYPE, (st)) -#define sk_ASN1_TYPE_sort(st) SKM_sk_sort(ASN1_TYPE, (st)) -#define sk_ASN1_TYPE_is_sorted(st) SKM_sk_is_sorted(ASN1_TYPE, (st)) - -#define sk_ASN1_UTF8STRING_new(cmp) SKM_sk_new(ASN1_UTF8STRING, (cmp)) -#define sk_ASN1_UTF8STRING_new_null() SKM_sk_new_null(ASN1_UTF8STRING) -#define sk_ASN1_UTF8STRING_free(st) SKM_sk_free(ASN1_UTF8STRING, (st)) -#define sk_ASN1_UTF8STRING_num(st) SKM_sk_num(ASN1_UTF8STRING, (st)) -#define sk_ASN1_UTF8STRING_value(st, i) SKM_sk_value(ASN1_UTF8STRING, (st), (i)) -#define sk_ASN1_UTF8STRING_set(st, i, val) SKM_sk_set(ASN1_UTF8STRING, (st), (i), (val)) -#define sk_ASN1_UTF8STRING_zero(st) SKM_sk_zero(ASN1_UTF8STRING, (st)) -#define sk_ASN1_UTF8STRING_push(st, val) SKM_sk_push(ASN1_UTF8STRING, (st), (val)) -#define sk_ASN1_UTF8STRING_unshift(st, val) SKM_sk_unshift(ASN1_UTF8STRING, (st), (val)) -#define sk_ASN1_UTF8STRING_find(st, val) SKM_sk_find(ASN1_UTF8STRING, (st), (val)) -#define sk_ASN1_UTF8STRING_delete(st, i) SKM_sk_delete(ASN1_UTF8STRING, (st), (i)) -#define sk_ASN1_UTF8STRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_UTF8STRING, (st), (ptr)) -#define sk_ASN1_UTF8STRING_insert(st, val, i) SKM_sk_insert(ASN1_UTF8STRING, (st), (val), (i)) -#define sk_ASN1_UTF8STRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_UTF8STRING, (st), (cmp)) -#define sk_ASN1_UTF8STRING_dup(st) SKM_sk_dup(ASN1_UTF8STRING, st) -#define sk_ASN1_UTF8STRING_pop_free(st, free_func) SKM_sk_pop_free(ASN1_UTF8STRING, (st), (free_func)) -#define sk_ASN1_UTF8STRING_shift(st) SKM_sk_shift(ASN1_UTF8STRING, (st)) -#define sk_ASN1_UTF8STRING_pop(st) SKM_sk_pop(ASN1_UTF8STRING, (st)) -#define sk_ASN1_UTF8STRING_sort(st) SKM_sk_sort(ASN1_UTF8STRING, (st)) -#define sk_ASN1_UTF8STRING_is_sorted(st) SKM_sk_is_sorted(ASN1_UTF8STRING, (st)) - -#define sk_ASN1_VALUE_new(cmp) SKM_sk_new(ASN1_VALUE, (cmp)) -#define sk_ASN1_VALUE_new_null() SKM_sk_new_null(ASN1_VALUE) -#define sk_ASN1_VALUE_free(st) SKM_sk_free(ASN1_VALUE, (st)) -#define sk_ASN1_VALUE_num(st) SKM_sk_num(ASN1_VALUE, (st)) -#define sk_ASN1_VALUE_value(st, i) SKM_sk_value(ASN1_VALUE, (st), (i)) -#define sk_ASN1_VALUE_set(st, i, val) SKM_sk_set(ASN1_VALUE, (st), (i), (val)) -#define sk_ASN1_VALUE_zero(st) SKM_sk_zero(ASN1_VALUE, (st)) -#define sk_ASN1_VALUE_push(st, val) SKM_sk_push(ASN1_VALUE, (st), (val)) -#define sk_ASN1_VALUE_unshift(st, val) SKM_sk_unshift(ASN1_VALUE, (st), (val)) -#define sk_ASN1_VALUE_find(st, val) SKM_sk_find(ASN1_VALUE, (st), (val)) -#define sk_ASN1_VALUE_delete(st, i) SKM_sk_delete(ASN1_VALUE, (st), (i)) -#define sk_ASN1_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_VALUE, (st), (ptr)) -#define sk_ASN1_VALUE_insert(st, val, i) SKM_sk_insert(ASN1_VALUE, (st), (val), (i)) -#define sk_ASN1_VALUE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_VALUE, (st), (cmp)) -#define sk_ASN1_VALUE_dup(st) SKM_sk_dup(ASN1_VALUE, st) -#define sk_ASN1_VALUE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_VALUE, (st), (free_func)) -#define sk_ASN1_VALUE_shift(st) SKM_sk_shift(ASN1_VALUE, (st)) -#define sk_ASN1_VALUE_pop(st) SKM_sk_pop(ASN1_VALUE, (st)) -#define sk_ASN1_VALUE_sort(st) SKM_sk_sort(ASN1_VALUE, (st)) -#define sk_ASN1_VALUE_is_sorted(st) SKM_sk_is_sorted(ASN1_VALUE, (st)) - -#define sk_BIO_new(cmp) SKM_sk_new(BIO, (cmp)) -#define sk_BIO_new_null() SKM_sk_new_null(BIO) -#define sk_BIO_free(st) SKM_sk_free(BIO, (st)) -#define sk_BIO_num(st) SKM_sk_num(BIO, (st)) -#define sk_BIO_value(st, i) SKM_sk_value(BIO, (st), (i)) -#define sk_BIO_set(st, i, val) SKM_sk_set(BIO, (st), (i), (val)) -#define sk_BIO_zero(st) SKM_sk_zero(BIO, (st)) -#define sk_BIO_push(st, val) SKM_sk_push(BIO, (st), (val)) -#define sk_BIO_unshift(st, val) SKM_sk_unshift(BIO, (st), (val)) -#define sk_BIO_find(st, val) SKM_sk_find(BIO, (st), (val)) -#define sk_BIO_delete(st, i) SKM_sk_delete(BIO, (st), (i)) -#define sk_BIO_delete_ptr(st, ptr) SKM_sk_delete_ptr(BIO, (st), (ptr)) -#define sk_BIO_insert(st, val, i) SKM_sk_insert(BIO, (st), (val), (i)) -#define sk_BIO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BIO, (st), (cmp)) -#define sk_BIO_dup(st) SKM_sk_dup(BIO, st) -#define sk_BIO_pop_free(st, free_func) SKM_sk_pop_free(BIO, (st), (free_func)) -#define sk_BIO_shift(st) SKM_sk_shift(BIO, (st)) -#define sk_BIO_pop(st) SKM_sk_pop(BIO, (st)) -#define sk_BIO_sort(st) SKM_sk_sort(BIO, (st)) -#define sk_BIO_is_sorted(st) SKM_sk_is_sorted(BIO, (st)) - -#define sk_BY_DIR_ENTRY_new(cmp) SKM_sk_new(BY_DIR_ENTRY, (cmp)) -#define sk_BY_DIR_ENTRY_new_null() SKM_sk_new_null(BY_DIR_ENTRY) -#define sk_BY_DIR_ENTRY_free(st) SKM_sk_free(BY_DIR_ENTRY, (st)) -#define sk_BY_DIR_ENTRY_num(st) SKM_sk_num(BY_DIR_ENTRY, (st)) -#define sk_BY_DIR_ENTRY_value(st, i) SKM_sk_value(BY_DIR_ENTRY, (st), (i)) -#define sk_BY_DIR_ENTRY_set(st, i, val) SKM_sk_set(BY_DIR_ENTRY, (st), (i), (val)) -#define sk_BY_DIR_ENTRY_zero(st) SKM_sk_zero(BY_DIR_ENTRY, (st)) -#define sk_BY_DIR_ENTRY_push(st, val) SKM_sk_push(BY_DIR_ENTRY, (st), (val)) -#define sk_BY_DIR_ENTRY_unshift(st, val) SKM_sk_unshift(BY_DIR_ENTRY, (st), (val)) -#define sk_BY_DIR_ENTRY_find(st, val) SKM_sk_find(BY_DIR_ENTRY, (st), (val)) -#define sk_BY_DIR_ENTRY_delete(st, i) SKM_sk_delete(BY_DIR_ENTRY, (st), (i)) -#define sk_BY_DIR_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(BY_DIR_ENTRY, (st), (ptr)) -#define sk_BY_DIR_ENTRY_insert(st, val, i) SKM_sk_insert(BY_DIR_ENTRY, (st), (val), (i)) -#define sk_BY_DIR_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BY_DIR_ENTRY, (st), (cmp)) -#define sk_BY_DIR_ENTRY_dup(st) SKM_sk_dup(BY_DIR_ENTRY, st) -#define sk_BY_DIR_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(BY_DIR_ENTRY, (st), (free_func)) -#define sk_BY_DIR_ENTRY_shift(st) SKM_sk_shift(BY_DIR_ENTRY, (st)) -#define sk_BY_DIR_ENTRY_pop(st) SKM_sk_pop(BY_DIR_ENTRY, (st)) -#define sk_BY_DIR_ENTRY_sort(st) SKM_sk_sort(BY_DIR_ENTRY, (st)) -#define sk_BY_DIR_ENTRY_is_sorted(st) SKM_sk_is_sorted(BY_DIR_ENTRY, (st)) - -#define sk_BY_DIR_HASH_new(cmp) SKM_sk_new(BY_DIR_HASH, (cmp)) -#define sk_BY_DIR_HASH_new_null() SKM_sk_new_null(BY_DIR_HASH) -#define sk_BY_DIR_HASH_free(st) SKM_sk_free(BY_DIR_HASH, (st)) -#define sk_BY_DIR_HASH_num(st) SKM_sk_num(BY_DIR_HASH, (st)) -#define sk_BY_DIR_HASH_value(st, i) SKM_sk_value(BY_DIR_HASH, (st), (i)) -#define sk_BY_DIR_HASH_set(st, i, val) SKM_sk_set(BY_DIR_HASH, (st), (i), (val)) -#define sk_BY_DIR_HASH_zero(st) SKM_sk_zero(BY_DIR_HASH, (st)) -#define sk_BY_DIR_HASH_push(st, val) SKM_sk_push(BY_DIR_HASH, (st), (val)) -#define sk_BY_DIR_HASH_unshift(st, val) SKM_sk_unshift(BY_DIR_HASH, (st), (val)) -#define sk_BY_DIR_HASH_find(st, val) SKM_sk_find(BY_DIR_HASH, (st), (val)) -#define sk_BY_DIR_HASH_delete(st, i) SKM_sk_delete(BY_DIR_HASH, (st), (i)) -#define sk_BY_DIR_HASH_delete_ptr(st, ptr) SKM_sk_delete_ptr(BY_DIR_HASH, (st), (ptr)) -#define sk_BY_DIR_HASH_insert(st, val, i) SKM_sk_insert(BY_DIR_HASH, (st), (val), (i)) -#define sk_BY_DIR_HASH_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BY_DIR_HASH, (st), (cmp)) -#define sk_BY_DIR_HASH_dup(st) SKM_sk_dup(BY_DIR_HASH, st) -#define sk_BY_DIR_HASH_pop_free(st, free_func) SKM_sk_pop_free(BY_DIR_HASH, (st), (free_func)) -#define sk_BY_DIR_HASH_shift(st) SKM_sk_shift(BY_DIR_HASH, (st)) -#define sk_BY_DIR_HASH_pop(st) SKM_sk_pop(BY_DIR_HASH, (st)) -#define sk_BY_DIR_HASH_sort(st) SKM_sk_sort(BY_DIR_HASH, (st)) -#define sk_BY_DIR_HASH_is_sorted(st) SKM_sk_is_sorted(BY_DIR_HASH, (st)) - -#define sk_CMS_CertificateChoices_new(cmp) SKM_sk_new(CMS_CertificateChoices, (cmp)) -#define sk_CMS_CertificateChoices_new_null() SKM_sk_new_null(CMS_CertificateChoices) -#define sk_CMS_CertificateChoices_free(st) SKM_sk_free(CMS_CertificateChoices, (st)) -#define sk_CMS_CertificateChoices_num(st) SKM_sk_num(CMS_CertificateChoices, (st)) -#define sk_CMS_CertificateChoices_value(st, i) SKM_sk_value(CMS_CertificateChoices, (st), (i)) -#define sk_CMS_CertificateChoices_set(st, i, val) SKM_sk_set(CMS_CertificateChoices, (st), (i), (val)) -#define sk_CMS_CertificateChoices_zero(st) SKM_sk_zero(CMS_CertificateChoices, (st)) -#define sk_CMS_CertificateChoices_push(st, val) SKM_sk_push(CMS_CertificateChoices, (st), (val)) -#define sk_CMS_CertificateChoices_unshift(st, val) SKM_sk_unshift(CMS_CertificateChoices, (st), (val)) -#define sk_CMS_CertificateChoices_find(st, val) SKM_sk_find(CMS_CertificateChoices, (st), (val)) -#define sk_CMS_CertificateChoices_delete(st, i) SKM_sk_delete(CMS_CertificateChoices, (st), (i)) -#define sk_CMS_CertificateChoices_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_CertificateChoices, (st), (ptr)) -#define sk_CMS_CertificateChoices_insert(st, val, i) SKM_sk_insert(CMS_CertificateChoices, (st), (val), (i)) -#define sk_CMS_CertificateChoices_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_CertificateChoices, (st), (cmp)) -#define sk_CMS_CertificateChoices_dup(st) SKM_sk_dup(CMS_CertificateChoices, st) -#define sk_CMS_CertificateChoices_pop_free(st, free_func) SKM_sk_pop_free(CMS_CertificateChoices, (st), (free_func)) -#define sk_CMS_CertificateChoices_shift(st) SKM_sk_shift(CMS_CertificateChoices, (st)) -#define sk_CMS_CertificateChoices_pop(st) SKM_sk_pop(CMS_CertificateChoices, (st)) -#define sk_CMS_CertificateChoices_sort(st) SKM_sk_sort(CMS_CertificateChoices, (st)) -#define sk_CMS_CertificateChoices_is_sorted(st) SKM_sk_is_sorted(CMS_CertificateChoices, (st)) - -#define sk_CMS_RecipientEncryptedKey_new(cmp) SKM_sk_new(CMS_RecipientEncryptedKey, (cmp)) -#define sk_CMS_RecipientEncryptedKey_new_null() SKM_sk_new_null(CMS_RecipientEncryptedKey) -#define sk_CMS_RecipientEncryptedKey_free(st) SKM_sk_free(CMS_RecipientEncryptedKey, (st)) -#define sk_CMS_RecipientEncryptedKey_num(st) SKM_sk_num(CMS_RecipientEncryptedKey, (st)) -#define sk_CMS_RecipientEncryptedKey_value(st, i) SKM_sk_value(CMS_RecipientEncryptedKey, (st), (i)) -#define sk_CMS_RecipientEncryptedKey_set(st, i, val) SKM_sk_set(CMS_RecipientEncryptedKey, (st), (i), (val)) -#define sk_CMS_RecipientEncryptedKey_zero(st) SKM_sk_zero(CMS_RecipientEncryptedKey, (st)) -#define sk_CMS_RecipientEncryptedKey_push(st, val) SKM_sk_push(CMS_RecipientEncryptedKey, (st), (val)) -#define sk_CMS_RecipientEncryptedKey_unshift(st, val) SKM_sk_unshift(CMS_RecipientEncryptedKey, (st), (val)) -#define sk_CMS_RecipientEncryptedKey_find(st, val) SKM_sk_find(CMS_RecipientEncryptedKey, (st), (val)) -#define sk_CMS_RecipientEncryptedKey_delete(st, i) SKM_sk_delete(CMS_RecipientEncryptedKey, (st), (i)) -#define sk_CMS_RecipientEncryptedKey_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RecipientEncryptedKey, (st), (ptr)) -#define sk_CMS_RecipientEncryptedKey_insert(st, val, i) SKM_sk_insert(CMS_RecipientEncryptedKey, (st), (val), (i)) -#define sk_CMS_RecipientEncryptedKey_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RecipientEncryptedKey, (st), (cmp)) -#define sk_CMS_RecipientEncryptedKey_dup(st) SKM_sk_dup(CMS_RecipientEncryptedKey, st) -#define sk_CMS_RecipientEncryptedKey_pop_free(st, free_func) SKM_sk_pop_free(CMS_RecipientEncryptedKey, (st), (free_func)) -#define sk_CMS_RecipientEncryptedKey_shift(st) SKM_sk_shift(CMS_RecipientEncryptedKey, (st)) -#define sk_CMS_RecipientEncryptedKey_pop(st) SKM_sk_pop(CMS_RecipientEncryptedKey, (st)) -#define sk_CMS_RecipientEncryptedKey_sort(st) SKM_sk_sort(CMS_RecipientEncryptedKey, (st)) -#define sk_CMS_RecipientEncryptedKey_is_sorted(st) SKM_sk_is_sorted(CMS_RecipientEncryptedKey, (st)) - -#define sk_CMS_RecipientInfo_new(cmp) SKM_sk_new(CMS_RecipientInfo, (cmp)) -#define sk_CMS_RecipientInfo_new_null() SKM_sk_new_null(CMS_RecipientInfo) -#define sk_CMS_RecipientInfo_free(st) SKM_sk_free(CMS_RecipientInfo, (st)) -#define sk_CMS_RecipientInfo_num(st) SKM_sk_num(CMS_RecipientInfo, (st)) -#define sk_CMS_RecipientInfo_value(st, i) SKM_sk_value(CMS_RecipientInfo, (st), (i)) -#define sk_CMS_RecipientInfo_set(st, i, val) SKM_sk_set(CMS_RecipientInfo, (st), (i), (val)) -#define sk_CMS_RecipientInfo_zero(st) SKM_sk_zero(CMS_RecipientInfo, (st)) -#define sk_CMS_RecipientInfo_push(st, val) SKM_sk_push(CMS_RecipientInfo, (st), (val)) -#define sk_CMS_RecipientInfo_unshift(st, val) SKM_sk_unshift(CMS_RecipientInfo, (st), (val)) -#define sk_CMS_RecipientInfo_find(st, val) SKM_sk_find(CMS_RecipientInfo, (st), (val)) -#define sk_CMS_RecipientInfo_delete(st, i) SKM_sk_delete(CMS_RecipientInfo, (st), (i)) -#define sk_CMS_RecipientInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RecipientInfo, (st), (ptr)) -#define sk_CMS_RecipientInfo_insert(st, val, i) SKM_sk_insert(CMS_RecipientInfo, (st), (val), (i)) -#define sk_CMS_RecipientInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RecipientInfo, (st), (cmp)) -#define sk_CMS_RecipientInfo_dup(st) SKM_sk_dup(CMS_RecipientInfo, st) -#define sk_CMS_RecipientInfo_pop_free(st, free_func) SKM_sk_pop_free(CMS_RecipientInfo, (st), (free_func)) -#define sk_CMS_RecipientInfo_shift(st) SKM_sk_shift(CMS_RecipientInfo, (st)) -#define sk_CMS_RecipientInfo_pop(st) SKM_sk_pop(CMS_RecipientInfo, (st)) -#define sk_CMS_RecipientInfo_sort(st) SKM_sk_sort(CMS_RecipientInfo, (st)) -#define sk_CMS_RecipientInfo_is_sorted(st) SKM_sk_is_sorted(CMS_RecipientInfo, (st)) - -#define sk_CMS_RevocationInfoChoice_new(cmp) SKM_sk_new(CMS_RevocationInfoChoice, (cmp)) -#define sk_CMS_RevocationInfoChoice_new_null() SKM_sk_new_null(CMS_RevocationInfoChoice) -#define sk_CMS_RevocationInfoChoice_free(st) SKM_sk_free(CMS_RevocationInfoChoice, (st)) -#define sk_CMS_RevocationInfoChoice_num(st) SKM_sk_num(CMS_RevocationInfoChoice, (st)) -#define sk_CMS_RevocationInfoChoice_value(st, i) SKM_sk_value(CMS_RevocationInfoChoice, (st), (i)) -#define sk_CMS_RevocationInfoChoice_set(st, i, val) SKM_sk_set(CMS_RevocationInfoChoice, (st), (i), (val)) -#define sk_CMS_RevocationInfoChoice_zero(st) SKM_sk_zero(CMS_RevocationInfoChoice, (st)) -#define sk_CMS_RevocationInfoChoice_push(st, val) SKM_sk_push(CMS_RevocationInfoChoice, (st), (val)) -#define sk_CMS_RevocationInfoChoice_unshift(st, val) SKM_sk_unshift(CMS_RevocationInfoChoice, (st), (val)) -#define sk_CMS_RevocationInfoChoice_find(st, val) SKM_sk_find(CMS_RevocationInfoChoice, (st), (val)) -#define sk_CMS_RevocationInfoChoice_delete(st, i) SKM_sk_delete(CMS_RevocationInfoChoice, (st), (i)) -#define sk_CMS_RevocationInfoChoice_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RevocationInfoChoice, (st), (ptr)) -#define sk_CMS_RevocationInfoChoice_insert(st, val, i) SKM_sk_insert(CMS_RevocationInfoChoice, (st), (val), (i)) -#define sk_CMS_RevocationInfoChoice_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RevocationInfoChoice, (st), (cmp)) -#define sk_CMS_RevocationInfoChoice_dup(st) SKM_sk_dup(CMS_RevocationInfoChoice, st) -#define sk_CMS_RevocationInfoChoice_pop_free(st, free_func) SKM_sk_pop_free(CMS_RevocationInfoChoice, (st), (free_func)) -#define sk_CMS_RevocationInfoChoice_shift(st) SKM_sk_shift(CMS_RevocationInfoChoice, (st)) -#define sk_CMS_RevocationInfoChoice_pop(st) SKM_sk_pop(CMS_RevocationInfoChoice, (st)) -#define sk_CMS_RevocationInfoChoice_sort(st) SKM_sk_sort(CMS_RevocationInfoChoice, (st)) -#define sk_CMS_RevocationInfoChoice_is_sorted(st) SKM_sk_is_sorted(CMS_RevocationInfoChoice, (st)) - -#define sk_CMS_SignerInfo_new(cmp) SKM_sk_new(CMS_SignerInfo, (cmp)) -#define sk_CMS_SignerInfo_new_null() SKM_sk_new_null(CMS_SignerInfo) -#define sk_CMS_SignerInfo_free(st) SKM_sk_free(CMS_SignerInfo, (st)) -#define sk_CMS_SignerInfo_num(st) SKM_sk_num(CMS_SignerInfo, (st)) -#define sk_CMS_SignerInfo_value(st, i) SKM_sk_value(CMS_SignerInfo, (st), (i)) -#define sk_CMS_SignerInfo_set(st, i, val) SKM_sk_set(CMS_SignerInfo, (st), (i), (val)) -#define sk_CMS_SignerInfo_zero(st) SKM_sk_zero(CMS_SignerInfo, (st)) -#define sk_CMS_SignerInfo_push(st, val) SKM_sk_push(CMS_SignerInfo, (st), (val)) -#define sk_CMS_SignerInfo_unshift(st, val) SKM_sk_unshift(CMS_SignerInfo, (st), (val)) -#define sk_CMS_SignerInfo_find(st, val) SKM_sk_find(CMS_SignerInfo, (st), (val)) -#define sk_CMS_SignerInfo_delete(st, i) SKM_sk_delete(CMS_SignerInfo, (st), (i)) -#define sk_CMS_SignerInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_SignerInfo, (st), (ptr)) -#define sk_CMS_SignerInfo_insert(st, val, i) SKM_sk_insert(CMS_SignerInfo, (st), (val), (i)) -#define sk_CMS_SignerInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_SignerInfo, (st), (cmp)) -#define sk_CMS_SignerInfo_dup(st) SKM_sk_dup(CMS_SignerInfo, st) -#define sk_CMS_SignerInfo_pop_free(st, free_func) SKM_sk_pop_free(CMS_SignerInfo, (st), (free_func)) -#define sk_CMS_SignerInfo_shift(st) SKM_sk_shift(CMS_SignerInfo, (st)) -#define sk_CMS_SignerInfo_pop(st) SKM_sk_pop(CMS_SignerInfo, (st)) -#define sk_CMS_SignerInfo_sort(st) SKM_sk_sort(CMS_SignerInfo, (st)) -#define sk_CMS_SignerInfo_is_sorted(st) SKM_sk_is_sorted(CMS_SignerInfo, (st)) - -#define sk_CONF_IMODULE_new(cmp) SKM_sk_new(CONF_IMODULE, (cmp)) -#define sk_CONF_IMODULE_new_null() SKM_sk_new_null(CONF_IMODULE) -#define sk_CONF_IMODULE_free(st) SKM_sk_free(CONF_IMODULE, (st)) -#define sk_CONF_IMODULE_num(st) SKM_sk_num(CONF_IMODULE, (st)) -#define sk_CONF_IMODULE_value(st, i) SKM_sk_value(CONF_IMODULE, (st), (i)) -#define sk_CONF_IMODULE_set(st, i, val) SKM_sk_set(CONF_IMODULE, (st), (i), (val)) -#define sk_CONF_IMODULE_zero(st) SKM_sk_zero(CONF_IMODULE, (st)) -#define sk_CONF_IMODULE_push(st, val) SKM_sk_push(CONF_IMODULE, (st), (val)) -#define sk_CONF_IMODULE_unshift(st, val) SKM_sk_unshift(CONF_IMODULE, (st), (val)) -#define sk_CONF_IMODULE_find(st, val) SKM_sk_find(CONF_IMODULE, (st), (val)) -#define sk_CONF_IMODULE_delete(st, i) SKM_sk_delete(CONF_IMODULE, (st), (i)) -#define sk_CONF_IMODULE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_IMODULE, (st), (ptr)) -#define sk_CONF_IMODULE_insert(st, val, i) SKM_sk_insert(CONF_IMODULE, (st), (val), (i)) -#define sk_CONF_IMODULE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_IMODULE, (st), (cmp)) -#define sk_CONF_IMODULE_dup(st) SKM_sk_dup(CONF_IMODULE, st) -#define sk_CONF_IMODULE_pop_free(st, free_func) SKM_sk_pop_free(CONF_IMODULE, (st), (free_func)) -#define sk_CONF_IMODULE_shift(st) SKM_sk_shift(CONF_IMODULE, (st)) -#define sk_CONF_IMODULE_pop(st) SKM_sk_pop(CONF_IMODULE, (st)) -#define sk_CONF_IMODULE_sort(st) SKM_sk_sort(CONF_IMODULE, (st)) -#define sk_CONF_IMODULE_is_sorted(st) SKM_sk_is_sorted(CONF_IMODULE, (st)) - -#define sk_CONF_MODULE_new(cmp) SKM_sk_new(CONF_MODULE, (cmp)) -#define sk_CONF_MODULE_new_null() SKM_sk_new_null(CONF_MODULE) -#define sk_CONF_MODULE_free(st) SKM_sk_free(CONF_MODULE, (st)) -#define sk_CONF_MODULE_num(st) SKM_sk_num(CONF_MODULE, (st)) -#define sk_CONF_MODULE_value(st, i) SKM_sk_value(CONF_MODULE, (st), (i)) -#define sk_CONF_MODULE_set(st, i, val) SKM_sk_set(CONF_MODULE, (st), (i), (val)) -#define sk_CONF_MODULE_zero(st) SKM_sk_zero(CONF_MODULE, (st)) -#define sk_CONF_MODULE_push(st, val) SKM_sk_push(CONF_MODULE, (st), (val)) -#define sk_CONF_MODULE_unshift(st, val) SKM_sk_unshift(CONF_MODULE, (st), (val)) -#define sk_CONF_MODULE_find(st, val) SKM_sk_find(CONF_MODULE, (st), (val)) -#define sk_CONF_MODULE_delete(st, i) SKM_sk_delete(CONF_MODULE, (st), (i)) -#define sk_CONF_MODULE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_MODULE, (st), (ptr)) -#define sk_CONF_MODULE_insert(st, val, i) SKM_sk_insert(CONF_MODULE, (st), (val), (i)) -#define sk_CONF_MODULE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_MODULE, (st), (cmp)) -#define sk_CONF_MODULE_dup(st) SKM_sk_dup(CONF_MODULE, st) -#define sk_CONF_MODULE_pop_free(st, free_func) SKM_sk_pop_free(CONF_MODULE, (st), (free_func)) -#define sk_CONF_MODULE_shift(st) SKM_sk_shift(CONF_MODULE, (st)) -#define sk_CONF_MODULE_pop(st) SKM_sk_pop(CONF_MODULE, (st)) -#define sk_CONF_MODULE_sort(st) SKM_sk_sort(CONF_MODULE, (st)) -#define sk_CONF_MODULE_is_sorted(st) SKM_sk_is_sorted(CONF_MODULE, (st)) - -#define sk_CONF_VALUE_new(cmp) SKM_sk_new(CONF_VALUE, (cmp)) -#define sk_CONF_VALUE_new_null() SKM_sk_new_null(CONF_VALUE) -#define sk_CONF_VALUE_free(st) SKM_sk_free(CONF_VALUE, (st)) -#define sk_CONF_VALUE_num(st) SKM_sk_num(CONF_VALUE, (st)) -#define sk_CONF_VALUE_value(st, i) SKM_sk_value(CONF_VALUE, (st), (i)) -#define sk_CONF_VALUE_set(st, i, val) SKM_sk_set(CONF_VALUE, (st), (i), (val)) -#define sk_CONF_VALUE_zero(st) SKM_sk_zero(CONF_VALUE, (st)) -#define sk_CONF_VALUE_push(st, val) SKM_sk_push(CONF_VALUE, (st), (val)) -#define sk_CONF_VALUE_unshift(st, val) SKM_sk_unshift(CONF_VALUE, (st), (val)) -#define sk_CONF_VALUE_find(st, val) SKM_sk_find(CONF_VALUE, (st), (val)) -#define sk_CONF_VALUE_delete(st, i) SKM_sk_delete(CONF_VALUE, (st), (i)) -#define sk_CONF_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_VALUE, (st), (ptr)) -#define sk_CONF_VALUE_insert(st, val, i) SKM_sk_insert(CONF_VALUE, (st), (val), (i)) -#define sk_CONF_VALUE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_VALUE, (st), (cmp)) -#define sk_CONF_VALUE_dup(st) SKM_sk_dup(CONF_VALUE, st) -#define sk_CONF_VALUE_pop_free(st, free_func) SKM_sk_pop_free(CONF_VALUE, (st), (free_func)) -#define sk_CONF_VALUE_shift(st) SKM_sk_shift(CONF_VALUE, (st)) -#define sk_CONF_VALUE_pop(st) SKM_sk_pop(CONF_VALUE, (st)) -#define sk_CONF_VALUE_sort(st) SKM_sk_sort(CONF_VALUE, (st)) -#define sk_CONF_VALUE_is_sorted(st) SKM_sk_is_sorted(CONF_VALUE, (st)) - -#define sk_CRYPTO_dynlock_new(cmp) SKM_sk_new(CRYPTO_dynlock, (cmp)) -#define sk_CRYPTO_dynlock_new_null() SKM_sk_new_null(CRYPTO_dynlock) -#define sk_CRYPTO_dynlock_free(st) SKM_sk_free(CRYPTO_dynlock, (st)) -#define sk_CRYPTO_dynlock_num(st) SKM_sk_num(CRYPTO_dynlock, (st)) -#define sk_CRYPTO_dynlock_value(st, i) SKM_sk_value(CRYPTO_dynlock, (st), (i)) -#define sk_CRYPTO_dynlock_set(st, i, val) SKM_sk_set(CRYPTO_dynlock, (st), (i), (val)) -#define sk_CRYPTO_dynlock_zero(st) SKM_sk_zero(CRYPTO_dynlock, (st)) -#define sk_CRYPTO_dynlock_push(st, val) SKM_sk_push(CRYPTO_dynlock, (st), (val)) -#define sk_CRYPTO_dynlock_unshift(st, val) SKM_sk_unshift(CRYPTO_dynlock, (st), (val)) -#define sk_CRYPTO_dynlock_find(st, val) SKM_sk_find(CRYPTO_dynlock, (st), (val)) -#define sk_CRYPTO_dynlock_delete(st, i) SKM_sk_delete(CRYPTO_dynlock, (st), (i)) -#define sk_CRYPTO_dynlock_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_dynlock, (st), (ptr)) -#define sk_CRYPTO_dynlock_insert(st, val, i) SKM_sk_insert(CRYPTO_dynlock, (st), (val), (i)) -#define sk_CRYPTO_dynlock_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CRYPTO_dynlock, (st), (cmp)) -#define sk_CRYPTO_dynlock_dup(st) SKM_sk_dup(CRYPTO_dynlock, st) -#define sk_CRYPTO_dynlock_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_dynlock, (st), (free_func)) -#define sk_CRYPTO_dynlock_shift(st) SKM_sk_shift(CRYPTO_dynlock, (st)) -#define sk_CRYPTO_dynlock_pop(st) SKM_sk_pop(CRYPTO_dynlock, (st)) -#define sk_CRYPTO_dynlock_sort(st) SKM_sk_sort(CRYPTO_dynlock, (st)) -#define sk_CRYPTO_dynlock_is_sorted(st) SKM_sk_is_sorted(CRYPTO_dynlock, (st)) - -#define sk_CTLOG_new(cmp) SKM_sk_new(CTLOG, (cmp)) -#define sk_CTLOG_new_null() SKM_sk_new_null(CTLOG) -#define sk_CTLOG_free(st) SKM_sk_free(CTLOG, (st)) -#define sk_CTLOG_num(st) SKM_sk_num(CTLOG, (st)) -#define sk_CTLOG_value(st, i) SKM_sk_value(CTLOG, (st), (i)) -#define sk_CTLOG_set(st, i, val) SKM_sk_set(CTLOG, (st), (i), (val)) -#define sk_CTLOG_zero(st) SKM_sk_zero(CTLOG, (st)) -#define sk_CTLOG_push(st, val) SKM_sk_push(CTLOG, (st), (val)) -#define sk_CTLOG_unshift(st, val) SKM_sk_unshift(CTLOG, (st), (val)) -#define sk_CTLOG_find(st, val) SKM_sk_find(CTLOG, (st), (val)) -#define sk_CTLOG_delete(st, i) SKM_sk_delete(CTLOG, (st), (i)) -#define sk_CTLOG_delete_ptr(st, ptr) SKM_sk_delete_ptr(CTLOG, (st), (ptr)) -#define sk_CTLOG_insert(st, val, i) SKM_sk_insert(CTLOG, (st), (val), (i)) -#define sk_CTLOG_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CTLOG, (st), (cmp)) -#define sk_CTLOG_dup(st) SKM_sk_dup(CTLOG, st) -#define sk_CTLOG_pop_free(st, free_func) SKM_sk_pop_free(CTLOG, (st), (free_func)) -#define sk_CTLOG_shift(st) SKM_sk_shift(CTLOG, (st)) -#define sk_CTLOG_pop(st) SKM_sk_pop(CTLOG, (st)) -#define sk_CTLOG_sort(st) SKM_sk_sort(CTLOG, (st)) -#define sk_CTLOG_is_sorted(st) SKM_sk_is_sorted(CTLOG, (st)) - -#define sk_DIST_POINT_new(cmp) SKM_sk_new(DIST_POINT, (cmp)) -#define sk_DIST_POINT_new_null() SKM_sk_new_null(DIST_POINT) -#define sk_DIST_POINT_free(st) SKM_sk_free(DIST_POINT, (st)) -#define sk_DIST_POINT_num(st) SKM_sk_num(DIST_POINT, (st)) -#define sk_DIST_POINT_value(st, i) SKM_sk_value(DIST_POINT, (st), (i)) -#define sk_DIST_POINT_set(st, i, val) SKM_sk_set(DIST_POINT, (st), (i), (val)) -#define sk_DIST_POINT_zero(st) SKM_sk_zero(DIST_POINT, (st)) -#define sk_DIST_POINT_push(st, val) SKM_sk_push(DIST_POINT, (st), (val)) -#define sk_DIST_POINT_unshift(st, val) SKM_sk_unshift(DIST_POINT, (st), (val)) -#define sk_DIST_POINT_find(st, val) SKM_sk_find(DIST_POINT, (st), (val)) -#define sk_DIST_POINT_delete(st, i) SKM_sk_delete(DIST_POINT, (st), (i)) -#define sk_DIST_POINT_delete_ptr(st, ptr) SKM_sk_delete_ptr(DIST_POINT, (st), (ptr)) -#define sk_DIST_POINT_insert(st, val, i) SKM_sk_insert(DIST_POINT, (st), (val), (i)) -#define sk_DIST_POINT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(DIST_POINT, (st), (cmp)) -#define sk_DIST_POINT_dup(st) SKM_sk_dup(DIST_POINT, st) -#define sk_DIST_POINT_pop_free(st, free_func) SKM_sk_pop_free(DIST_POINT, (st), (free_func)) -#define sk_DIST_POINT_shift(st) SKM_sk_shift(DIST_POINT, (st)) -#define sk_DIST_POINT_pop(st) SKM_sk_pop(DIST_POINT, (st)) -#define sk_DIST_POINT_sort(st) SKM_sk_sort(DIST_POINT, (st)) -#define sk_DIST_POINT_is_sorted(st) SKM_sk_is_sorted(DIST_POINT, (st)) - -#define sk_ESS_CERT_ID_new(cmp) SKM_sk_new(ESS_CERT_ID, (cmp)) -#define sk_ESS_CERT_ID_new_null() SKM_sk_new_null(ESS_CERT_ID) -#define sk_ESS_CERT_ID_free(st) SKM_sk_free(ESS_CERT_ID, (st)) -#define sk_ESS_CERT_ID_num(st) SKM_sk_num(ESS_CERT_ID, (st)) -#define sk_ESS_CERT_ID_value(st, i) SKM_sk_value(ESS_CERT_ID, (st), (i)) -#define sk_ESS_CERT_ID_set(st, i, val) SKM_sk_set(ESS_CERT_ID, (st), (i), (val)) -#define sk_ESS_CERT_ID_zero(st) SKM_sk_zero(ESS_CERT_ID, (st)) -#define sk_ESS_CERT_ID_push(st, val) SKM_sk_push(ESS_CERT_ID, (st), (val)) -#define sk_ESS_CERT_ID_unshift(st, val) SKM_sk_unshift(ESS_CERT_ID, (st), (val)) -#define sk_ESS_CERT_ID_find(st, val) SKM_sk_find(ESS_CERT_ID, (st), (val)) -#define sk_ESS_CERT_ID_delete(st, i) SKM_sk_delete(ESS_CERT_ID, (st), (i)) -#define sk_ESS_CERT_ID_delete_ptr(st, ptr) SKM_sk_delete_ptr(ESS_CERT_ID, (st), (ptr)) -#define sk_ESS_CERT_ID_insert(st, val, i) SKM_sk_insert(ESS_CERT_ID, (st), (val), (i)) -#define sk_ESS_CERT_ID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ESS_CERT_ID, (st), (cmp)) -#define sk_ESS_CERT_ID_dup(st) SKM_sk_dup(ESS_CERT_ID, st) -#define sk_ESS_CERT_ID_pop_free(st, free_func) SKM_sk_pop_free(ESS_CERT_ID, (st), (free_func)) -#define sk_ESS_CERT_ID_shift(st) SKM_sk_shift(ESS_CERT_ID, (st)) -#define sk_ESS_CERT_ID_pop(st) SKM_sk_pop(ESS_CERT_ID, (st)) -#define sk_ESS_CERT_ID_sort(st) SKM_sk_sort(ESS_CERT_ID, (st)) -#define sk_ESS_CERT_ID_is_sorted(st) SKM_sk_is_sorted(ESS_CERT_ID, (st)) - -#ifdef LIBRESSL_INTERNAL -#define sk_ESS_CERT_ID_V2_new(cmp) SKM_sk_new(ESS_CERT_ID_V2, (cmp)) -#define sk_ESS_CERT_ID_V2_new_null() SKM_sk_new_null(ESS_CERT_ID_V2) -#define sk_ESS_CERT_ID_V2_free(st) SKM_sk_free(ESS_CERT_ID_V2, (st)) -#define sk_ESS_CERT_ID_V2_num(st) SKM_sk_num(ESS_CERT_ID_V2, (st)) -#define sk_ESS_CERT_ID_V2_value(st, i) SKM_sk_value(ESS_CERT_ID_V2, (st), (i)) -#define sk_ESS_CERT_ID_V2_set(st, i, val) SKM_sk_set(ESS_CERT_ID_V2, (st), (i), (val)) -#define sk_ESS_CERT_ID_V2_zero(st) SKM_sk_zero(ESS_CERT_ID_V2, (st)) -#define sk_ESS_CERT_ID_V2_push(st, val) SKM_sk_push(ESS_CERT_ID_V2, (st), (val)) -#define sk_ESS_CERT_ID_V2_unshift(st, val) SKM_sk_unshift(ESS_CERT_ID_V2, (st), (val)) -#define sk_ESS_CERT_ID_V2_find(st, val) SKM_sk_find(ESS_CERT_ID_V2, (st), (val)) -#define sk_ESS_CERT_ID_V2_delete(st, i) SKM_sk_delete(ESS_CERT_ID_V2, (st), (i)) -#define sk_ESS_CERT_ID_V2_delete_ptr(st, ptr) SKM_sk_delete_ptr(ESS_CERT_ID_V2, (st), (ptr)) -#define sk_ESS_CERT_ID_V2_insert(st, val, i) SKM_sk_insert(ESS_CERT_ID_V2, (st), (val), (i)) -#define sk_ESS_CERT_ID_V2_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ESS_CERT_ID_V2, (st), (cmp)) -#define sk_ESS_CERT_ID_V2_dup(st) SKM_sk_dup(ESS_CERT_ID_V2, st) -#define sk_ESS_CERT_ID_V2_pop_free(st, free_func) SKM_sk_pop_free(ESS_CERT_ID_V2, (st), (free_func)) -#define sk_ESS_CERT_ID_V2_shift(st) SKM_sk_shift(ESS_CERT_ID_V2, (st)) -#define sk_ESS_CERT_ID_V2_pop(st) SKM_sk_pop(ESS_CERT_ID_V2, (st)) -#define sk_ESS_CERT_ID_V2_sort(st) SKM_sk_sort(ESS_CERT_ID_V2, (st)) -#define sk_ESS_CERT_ID_V2_is_sorted(st) SKM_sk_is_sorted(ESS_CERT_ID_V2, (st)) -#endif /* LIBRESSL_INTERNAL */ - -#define sk_EVP_MD_new(cmp) SKM_sk_new(EVP_MD, (cmp)) -#define sk_EVP_MD_new_null() SKM_sk_new_null(EVP_MD) -#define sk_EVP_MD_free(st) SKM_sk_free(EVP_MD, (st)) -#define sk_EVP_MD_num(st) SKM_sk_num(EVP_MD, (st)) -#define sk_EVP_MD_value(st, i) SKM_sk_value(EVP_MD, (st), (i)) -#define sk_EVP_MD_set(st, i, val) SKM_sk_set(EVP_MD, (st), (i), (val)) -#define sk_EVP_MD_zero(st) SKM_sk_zero(EVP_MD, (st)) -#define sk_EVP_MD_push(st, val) SKM_sk_push(EVP_MD, (st), (val)) -#define sk_EVP_MD_unshift(st, val) SKM_sk_unshift(EVP_MD, (st), (val)) -#define sk_EVP_MD_find(st, val) SKM_sk_find(EVP_MD, (st), (val)) -#define sk_EVP_MD_delete(st, i) SKM_sk_delete(EVP_MD, (st), (i)) -#define sk_EVP_MD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_MD, (st), (ptr)) -#define sk_EVP_MD_insert(st, val, i) SKM_sk_insert(EVP_MD, (st), (val), (i)) -#define sk_EVP_MD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_MD, (st), (cmp)) -#define sk_EVP_MD_dup(st) SKM_sk_dup(EVP_MD, st) -#define sk_EVP_MD_pop_free(st, free_func) SKM_sk_pop_free(EVP_MD, (st), (free_func)) -#define sk_EVP_MD_shift(st) SKM_sk_shift(EVP_MD, (st)) -#define sk_EVP_MD_pop(st) SKM_sk_pop(EVP_MD, (st)) -#define sk_EVP_MD_sort(st) SKM_sk_sort(EVP_MD, (st)) -#define sk_EVP_MD_is_sorted(st) SKM_sk_is_sorted(EVP_MD, (st)) - -#define sk_EVP_PKEY_ASN1_METHOD_new(cmp) SKM_sk_new(EVP_PKEY_ASN1_METHOD, (cmp)) -#define sk_EVP_PKEY_ASN1_METHOD_new_null() SKM_sk_new_null(EVP_PKEY_ASN1_METHOD) -#define sk_EVP_PKEY_ASN1_METHOD_free(st) SKM_sk_free(EVP_PKEY_ASN1_METHOD, (st)) -#define sk_EVP_PKEY_ASN1_METHOD_num(st) SKM_sk_num(EVP_PKEY_ASN1_METHOD, (st)) -#define sk_EVP_PKEY_ASN1_METHOD_value(st, i) SKM_sk_value(EVP_PKEY_ASN1_METHOD, (st), (i)) -#define sk_EVP_PKEY_ASN1_METHOD_set(st, i, val) SKM_sk_set(EVP_PKEY_ASN1_METHOD, (st), (i), (val)) -#define sk_EVP_PKEY_ASN1_METHOD_zero(st) SKM_sk_zero(EVP_PKEY_ASN1_METHOD, (st)) -#define sk_EVP_PKEY_ASN1_METHOD_push(st, val) SKM_sk_push(EVP_PKEY_ASN1_METHOD, (st), (val)) -#define sk_EVP_PKEY_ASN1_METHOD_unshift(st, val) SKM_sk_unshift(EVP_PKEY_ASN1_METHOD, (st), (val)) -#define sk_EVP_PKEY_ASN1_METHOD_find(st, val) SKM_sk_find(EVP_PKEY_ASN1_METHOD, (st), (val)) -#define sk_EVP_PKEY_ASN1_METHOD_delete(st, i) SKM_sk_delete(EVP_PKEY_ASN1_METHOD, (st), (i)) -#define sk_EVP_PKEY_ASN1_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PKEY_ASN1_METHOD, (st), (ptr)) -#define sk_EVP_PKEY_ASN1_METHOD_insert(st, val, i) SKM_sk_insert(EVP_PKEY_ASN1_METHOD, (st), (val), (i)) -#define sk_EVP_PKEY_ASN1_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PKEY_ASN1_METHOD, (st), (cmp)) -#define sk_EVP_PKEY_ASN1_METHOD_dup(st) SKM_sk_dup(EVP_PKEY_ASN1_METHOD, st) -#define sk_EVP_PKEY_ASN1_METHOD_pop_free(st, free_func) SKM_sk_pop_free(EVP_PKEY_ASN1_METHOD, (st), (free_func)) -#define sk_EVP_PKEY_ASN1_METHOD_shift(st) SKM_sk_shift(EVP_PKEY_ASN1_METHOD, (st)) -#define sk_EVP_PKEY_ASN1_METHOD_pop(st) SKM_sk_pop(EVP_PKEY_ASN1_METHOD, (st)) -#define sk_EVP_PKEY_ASN1_METHOD_sort(st) SKM_sk_sort(EVP_PKEY_ASN1_METHOD, (st)) -#define sk_EVP_PKEY_ASN1_METHOD_is_sorted(st) SKM_sk_is_sorted(EVP_PKEY_ASN1_METHOD, (st)) - -#define sk_EVP_PKEY_METHOD_new(cmp) SKM_sk_new(EVP_PKEY_METHOD, (cmp)) -#define sk_EVP_PKEY_METHOD_new_null() SKM_sk_new_null(EVP_PKEY_METHOD) -#define sk_EVP_PKEY_METHOD_free(st) SKM_sk_free(EVP_PKEY_METHOD, (st)) -#define sk_EVP_PKEY_METHOD_num(st) SKM_sk_num(EVP_PKEY_METHOD, (st)) -#define sk_EVP_PKEY_METHOD_value(st, i) SKM_sk_value(EVP_PKEY_METHOD, (st), (i)) -#define sk_EVP_PKEY_METHOD_set(st, i, val) SKM_sk_set(EVP_PKEY_METHOD, (st), (i), (val)) -#define sk_EVP_PKEY_METHOD_zero(st) SKM_sk_zero(EVP_PKEY_METHOD, (st)) -#define sk_EVP_PKEY_METHOD_push(st, val) SKM_sk_push(EVP_PKEY_METHOD, (st), (val)) -#define sk_EVP_PKEY_METHOD_unshift(st, val) SKM_sk_unshift(EVP_PKEY_METHOD, (st), (val)) -#define sk_EVP_PKEY_METHOD_find(st, val) SKM_sk_find(EVP_PKEY_METHOD, (st), (val)) -#define sk_EVP_PKEY_METHOD_delete(st, i) SKM_sk_delete(EVP_PKEY_METHOD, (st), (i)) -#define sk_EVP_PKEY_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PKEY_METHOD, (st), (ptr)) -#define sk_EVP_PKEY_METHOD_insert(st, val, i) SKM_sk_insert(EVP_PKEY_METHOD, (st), (val), (i)) -#define sk_EVP_PKEY_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PKEY_METHOD, (st), (cmp)) -#define sk_EVP_PKEY_METHOD_dup(st) SKM_sk_dup(EVP_PKEY_METHOD, st) -#define sk_EVP_PKEY_METHOD_pop_free(st, free_func) SKM_sk_pop_free(EVP_PKEY_METHOD, (st), (free_func)) -#define sk_EVP_PKEY_METHOD_shift(st) SKM_sk_shift(EVP_PKEY_METHOD, (st)) -#define sk_EVP_PKEY_METHOD_pop(st) SKM_sk_pop(EVP_PKEY_METHOD, (st)) -#define sk_EVP_PKEY_METHOD_sort(st) SKM_sk_sort(EVP_PKEY_METHOD, (st)) -#define sk_EVP_PKEY_METHOD_is_sorted(st) SKM_sk_is_sorted(EVP_PKEY_METHOD, (st)) - -#define sk_GENERAL_NAME_new(cmp) SKM_sk_new(GENERAL_NAME, (cmp)) -#define sk_GENERAL_NAME_new_null() SKM_sk_new_null(GENERAL_NAME) -#define sk_GENERAL_NAME_free(st) SKM_sk_free(GENERAL_NAME, (st)) -#define sk_GENERAL_NAME_num(st) SKM_sk_num(GENERAL_NAME, (st)) -#define sk_GENERAL_NAME_value(st, i) SKM_sk_value(GENERAL_NAME, (st), (i)) -#define sk_GENERAL_NAME_set(st, i, val) SKM_sk_set(GENERAL_NAME, (st), (i), (val)) -#define sk_GENERAL_NAME_zero(st) SKM_sk_zero(GENERAL_NAME, (st)) -#define sk_GENERAL_NAME_push(st, val) SKM_sk_push(GENERAL_NAME, (st), (val)) -#define sk_GENERAL_NAME_unshift(st, val) SKM_sk_unshift(GENERAL_NAME, (st), (val)) -#define sk_GENERAL_NAME_find(st, val) SKM_sk_find(GENERAL_NAME, (st), (val)) -#define sk_GENERAL_NAME_delete(st, i) SKM_sk_delete(GENERAL_NAME, (st), (i)) -#define sk_GENERAL_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAME, (st), (ptr)) -#define sk_GENERAL_NAME_insert(st, val, i) SKM_sk_insert(GENERAL_NAME, (st), (val), (i)) -#define sk_GENERAL_NAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_NAME, (st), (cmp)) -#define sk_GENERAL_NAME_dup(st) SKM_sk_dup(GENERAL_NAME, st) -#define sk_GENERAL_NAME_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_NAME, (st), (free_func)) -#define sk_GENERAL_NAME_shift(st) SKM_sk_shift(GENERAL_NAME, (st)) -#define sk_GENERAL_NAME_pop(st) SKM_sk_pop(GENERAL_NAME, (st)) -#define sk_GENERAL_NAME_sort(st) SKM_sk_sort(GENERAL_NAME, (st)) -#define sk_GENERAL_NAME_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAME, (st)) - -#define sk_GENERAL_NAMES_new(cmp) SKM_sk_new(GENERAL_NAMES, (cmp)) -#define sk_GENERAL_NAMES_new_null() SKM_sk_new_null(GENERAL_NAMES) -#define sk_GENERAL_NAMES_free(st) SKM_sk_free(GENERAL_NAMES, (st)) -#define sk_GENERAL_NAMES_num(st) SKM_sk_num(GENERAL_NAMES, (st)) -#define sk_GENERAL_NAMES_value(st, i) SKM_sk_value(GENERAL_NAMES, (st), (i)) -#define sk_GENERAL_NAMES_set(st, i, val) SKM_sk_set(GENERAL_NAMES, (st), (i), (val)) -#define sk_GENERAL_NAMES_zero(st) SKM_sk_zero(GENERAL_NAMES, (st)) -#define sk_GENERAL_NAMES_push(st, val) SKM_sk_push(GENERAL_NAMES, (st), (val)) -#define sk_GENERAL_NAMES_unshift(st, val) SKM_sk_unshift(GENERAL_NAMES, (st), (val)) -#define sk_GENERAL_NAMES_find(st, val) SKM_sk_find(GENERAL_NAMES, (st), (val)) -#define sk_GENERAL_NAMES_delete(st, i) SKM_sk_delete(GENERAL_NAMES, (st), (i)) -#define sk_GENERAL_NAMES_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAMES, (st), (ptr)) -#define sk_GENERAL_NAMES_insert(st, val, i) SKM_sk_insert(GENERAL_NAMES, (st), (val), (i)) -#define sk_GENERAL_NAMES_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_NAMES, (st), (cmp)) -#define sk_GENERAL_NAMES_dup(st) SKM_sk_dup(GENERAL_NAMES, st) -#define sk_GENERAL_NAMES_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_NAMES, (st), (free_func)) -#define sk_GENERAL_NAMES_shift(st) SKM_sk_shift(GENERAL_NAMES, (st)) -#define sk_GENERAL_NAMES_pop(st) SKM_sk_pop(GENERAL_NAMES, (st)) -#define sk_GENERAL_NAMES_sort(st) SKM_sk_sort(GENERAL_NAMES, (st)) -#define sk_GENERAL_NAMES_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAMES, (st)) - -#define sk_GENERAL_SUBTREE_new(cmp) SKM_sk_new(GENERAL_SUBTREE, (cmp)) -#define sk_GENERAL_SUBTREE_new_null() SKM_sk_new_null(GENERAL_SUBTREE) -#define sk_GENERAL_SUBTREE_free(st) SKM_sk_free(GENERAL_SUBTREE, (st)) -#define sk_GENERAL_SUBTREE_num(st) SKM_sk_num(GENERAL_SUBTREE, (st)) -#define sk_GENERAL_SUBTREE_value(st, i) SKM_sk_value(GENERAL_SUBTREE, (st), (i)) -#define sk_GENERAL_SUBTREE_set(st, i, val) SKM_sk_set(GENERAL_SUBTREE, (st), (i), (val)) -#define sk_GENERAL_SUBTREE_zero(st) SKM_sk_zero(GENERAL_SUBTREE, (st)) -#define sk_GENERAL_SUBTREE_push(st, val) SKM_sk_push(GENERAL_SUBTREE, (st), (val)) -#define sk_GENERAL_SUBTREE_unshift(st, val) SKM_sk_unshift(GENERAL_SUBTREE, (st), (val)) -#define sk_GENERAL_SUBTREE_find(st, val) SKM_sk_find(GENERAL_SUBTREE, (st), (val)) -#define sk_GENERAL_SUBTREE_delete(st, i) SKM_sk_delete(GENERAL_SUBTREE, (st), (i)) -#define sk_GENERAL_SUBTREE_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_SUBTREE, (st), (ptr)) -#define sk_GENERAL_SUBTREE_insert(st, val, i) SKM_sk_insert(GENERAL_SUBTREE, (st), (val), (i)) -#define sk_GENERAL_SUBTREE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_SUBTREE, (st), (cmp)) -#define sk_GENERAL_SUBTREE_dup(st) SKM_sk_dup(GENERAL_SUBTREE, st) -#define sk_GENERAL_SUBTREE_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_SUBTREE, (st), (free_func)) -#define sk_GENERAL_SUBTREE_shift(st) SKM_sk_shift(GENERAL_SUBTREE, (st)) -#define sk_GENERAL_SUBTREE_pop(st) SKM_sk_pop(GENERAL_SUBTREE, (st)) -#define sk_GENERAL_SUBTREE_sort(st) SKM_sk_sort(GENERAL_SUBTREE, (st)) -#define sk_GENERAL_SUBTREE_is_sorted(st) SKM_sk_is_sorted(GENERAL_SUBTREE, (st)) - -#define sk_IPAddressFamily_new(cmp) SKM_sk_new(IPAddressFamily, (cmp)) -#define sk_IPAddressFamily_new_null() SKM_sk_new_null(IPAddressFamily) -#define sk_IPAddressFamily_free(st) SKM_sk_free(IPAddressFamily, (st)) -#define sk_IPAddressFamily_num(st) SKM_sk_num(IPAddressFamily, (st)) -#define sk_IPAddressFamily_value(st, i) SKM_sk_value(IPAddressFamily, (st), (i)) -#define sk_IPAddressFamily_set(st, i, val) SKM_sk_set(IPAddressFamily, (st), (i), (val)) -#define sk_IPAddressFamily_zero(st) SKM_sk_zero(IPAddressFamily, (st)) -#define sk_IPAddressFamily_push(st, val) SKM_sk_push(IPAddressFamily, (st), (val)) -#define sk_IPAddressFamily_unshift(st, val) SKM_sk_unshift(IPAddressFamily, (st), (val)) -#define sk_IPAddressFamily_find(st, val) SKM_sk_find(IPAddressFamily, (st), (val)) -#define sk_IPAddressFamily_delete(st, i) SKM_sk_delete(IPAddressFamily, (st), (i)) -#define sk_IPAddressFamily_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressFamily, (st), (ptr)) -#define sk_IPAddressFamily_insert(st, val, i) SKM_sk_insert(IPAddressFamily, (st), (val), (i)) -#define sk_IPAddressFamily_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(IPAddressFamily, (st), (cmp)) -#define sk_IPAddressFamily_dup(st) SKM_sk_dup(IPAddressFamily, st) -#define sk_IPAddressFamily_pop_free(st, free_func) SKM_sk_pop_free(IPAddressFamily, (st), (free_func)) -#define sk_IPAddressFamily_shift(st) SKM_sk_shift(IPAddressFamily, (st)) -#define sk_IPAddressFamily_pop(st) SKM_sk_pop(IPAddressFamily, (st)) -#define sk_IPAddressFamily_sort(st) SKM_sk_sort(IPAddressFamily, (st)) -#define sk_IPAddressFamily_is_sorted(st) SKM_sk_is_sorted(IPAddressFamily, (st)) - -#define sk_IPAddressOrRange_new(cmp) SKM_sk_new(IPAddressOrRange, (cmp)) -#define sk_IPAddressOrRange_new_null() SKM_sk_new_null(IPAddressOrRange) -#define sk_IPAddressOrRange_free(st) SKM_sk_free(IPAddressOrRange, (st)) -#define sk_IPAddressOrRange_num(st) SKM_sk_num(IPAddressOrRange, (st)) -#define sk_IPAddressOrRange_value(st, i) SKM_sk_value(IPAddressOrRange, (st), (i)) -#define sk_IPAddressOrRange_set(st, i, val) SKM_sk_set(IPAddressOrRange, (st), (i), (val)) -#define sk_IPAddressOrRange_zero(st) SKM_sk_zero(IPAddressOrRange, (st)) -#define sk_IPAddressOrRange_push(st, val) SKM_sk_push(IPAddressOrRange, (st), (val)) -#define sk_IPAddressOrRange_unshift(st, val) SKM_sk_unshift(IPAddressOrRange, (st), (val)) -#define sk_IPAddressOrRange_find(st, val) SKM_sk_find(IPAddressOrRange, (st), (val)) -#define sk_IPAddressOrRange_delete(st, i) SKM_sk_delete(IPAddressOrRange, (st), (i)) -#define sk_IPAddressOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressOrRange, (st), (ptr)) -#define sk_IPAddressOrRange_insert(st, val, i) SKM_sk_insert(IPAddressOrRange, (st), (val), (i)) -#define sk_IPAddressOrRange_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(IPAddressOrRange, (st), (cmp)) -#define sk_IPAddressOrRange_dup(st) SKM_sk_dup(IPAddressOrRange, st) -#define sk_IPAddressOrRange_pop_free(st, free_func) SKM_sk_pop_free(IPAddressOrRange, (st), (free_func)) -#define sk_IPAddressOrRange_shift(st) SKM_sk_shift(IPAddressOrRange, (st)) -#define sk_IPAddressOrRange_pop(st) SKM_sk_pop(IPAddressOrRange, (st)) -#define sk_IPAddressOrRange_sort(st) SKM_sk_sort(IPAddressOrRange, (st)) -#define sk_IPAddressOrRange_is_sorted(st) SKM_sk_is_sorted(IPAddressOrRange, (st)) - -#define sk_MIME_HEADER_new(cmp) SKM_sk_new(MIME_HEADER, (cmp)) -#define sk_MIME_HEADER_new_null() SKM_sk_new_null(MIME_HEADER) -#define sk_MIME_HEADER_free(st) SKM_sk_free(MIME_HEADER, (st)) -#define sk_MIME_HEADER_num(st) SKM_sk_num(MIME_HEADER, (st)) -#define sk_MIME_HEADER_value(st, i) SKM_sk_value(MIME_HEADER, (st), (i)) -#define sk_MIME_HEADER_set(st, i, val) SKM_sk_set(MIME_HEADER, (st), (i), (val)) -#define sk_MIME_HEADER_zero(st) SKM_sk_zero(MIME_HEADER, (st)) -#define sk_MIME_HEADER_push(st, val) SKM_sk_push(MIME_HEADER, (st), (val)) -#define sk_MIME_HEADER_unshift(st, val) SKM_sk_unshift(MIME_HEADER, (st), (val)) -#define sk_MIME_HEADER_find(st, val) SKM_sk_find(MIME_HEADER, (st), (val)) -#define sk_MIME_HEADER_delete(st, i) SKM_sk_delete(MIME_HEADER, (st), (i)) -#define sk_MIME_HEADER_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_HEADER, (st), (ptr)) -#define sk_MIME_HEADER_insert(st, val, i) SKM_sk_insert(MIME_HEADER, (st), (val), (i)) -#define sk_MIME_HEADER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_HEADER, (st), (cmp)) -#define sk_MIME_HEADER_dup(st) SKM_sk_dup(MIME_HEADER, st) -#define sk_MIME_HEADER_pop_free(st, free_func) SKM_sk_pop_free(MIME_HEADER, (st), (free_func)) -#define sk_MIME_HEADER_shift(st) SKM_sk_shift(MIME_HEADER, (st)) -#define sk_MIME_HEADER_pop(st) SKM_sk_pop(MIME_HEADER, (st)) -#define sk_MIME_HEADER_sort(st) SKM_sk_sort(MIME_HEADER, (st)) -#define sk_MIME_HEADER_is_sorted(st) SKM_sk_is_sorted(MIME_HEADER, (st)) - -#define sk_MIME_PARAM_new(cmp) SKM_sk_new(MIME_PARAM, (cmp)) -#define sk_MIME_PARAM_new_null() SKM_sk_new_null(MIME_PARAM) -#define sk_MIME_PARAM_free(st) SKM_sk_free(MIME_PARAM, (st)) -#define sk_MIME_PARAM_num(st) SKM_sk_num(MIME_PARAM, (st)) -#define sk_MIME_PARAM_value(st, i) SKM_sk_value(MIME_PARAM, (st), (i)) -#define sk_MIME_PARAM_set(st, i, val) SKM_sk_set(MIME_PARAM, (st), (i), (val)) -#define sk_MIME_PARAM_zero(st) SKM_sk_zero(MIME_PARAM, (st)) -#define sk_MIME_PARAM_push(st, val) SKM_sk_push(MIME_PARAM, (st), (val)) -#define sk_MIME_PARAM_unshift(st, val) SKM_sk_unshift(MIME_PARAM, (st), (val)) -#define sk_MIME_PARAM_find(st, val) SKM_sk_find(MIME_PARAM, (st), (val)) -#define sk_MIME_PARAM_delete(st, i) SKM_sk_delete(MIME_PARAM, (st), (i)) -#define sk_MIME_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_PARAM, (st), (ptr)) -#define sk_MIME_PARAM_insert(st, val, i) SKM_sk_insert(MIME_PARAM, (st), (val), (i)) -#define sk_MIME_PARAM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_PARAM, (st), (cmp)) -#define sk_MIME_PARAM_dup(st) SKM_sk_dup(MIME_PARAM, st) -#define sk_MIME_PARAM_pop_free(st, free_func) SKM_sk_pop_free(MIME_PARAM, (st), (free_func)) -#define sk_MIME_PARAM_shift(st) SKM_sk_shift(MIME_PARAM, (st)) -#define sk_MIME_PARAM_pop(st) SKM_sk_pop(MIME_PARAM, (st)) -#define sk_MIME_PARAM_sort(st) SKM_sk_sort(MIME_PARAM, (st)) -#define sk_MIME_PARAM_is_sorted(st) SKM_sk_is_sorted(MIME_PARAM, (st)) - -#define sk_NAME_FUNCS_new(cmp) SKM_sk_new(NAME_FUNCS, (cmp)) -#define sk_NAME_FUNCS_new_null() SKM_sk_new_null(NAME_FUNCS) -#define sk_NAME_FUNCS_free(st) SKM_sk_free(NAME_FUNCS, (st)) -#define sk_NAME_FUNCS_num(st) SKM_sk_num(NAME_FUNCS, (st)) -#define sk_NAME_FUNCS_value(st, i) SKM_sk_value(NAME_FUNCS, (st), (i)) -#define sk_NAME_FUNCS_set(st, i, val) SKM_sk_set(NAME_FUNCS, (st), (i), (val)) -#define sk_NAME_FUNCS_zero(st) SKM_sk_zero(NAME_FUNCS, (st)) -#define sk_NAME_FUNCS_push(st, val) SKM_sk_push(NAME_FUNCS, (st), (val)) -#define sk_NAME_FUNCS_unshift(st, val) SKM_sk_unshift(NAME_FUNCS, (st), (val)) -#define sk_NAME_FUNCS_find(st, val) SKM_sk_find(NAME_FUNCS, (st), (val)) -#define sk_NAME_FUNCS_delete(st, i) SKM_sk_delete(NAME_FUNCS, (st), (i)) -#define sk_NAME_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(NAME_FUNCS, (st), (ptr)) -#define sk_NAME_FUNCS_insert(st, val, i) SKM_sk_insert(NAME_FUNCS, (st), (val), (i)) -#define sk_NAME_FUNCS_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(NAME_FUNCS, (st), (cmp)) -#define sk_NAME_FUNCS_dup(st) SKM_sk_dup(NAME_FUNCS, st) -#define sk_NAME_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(NAME_FUNCS, (st), (free_func)) -#define sk_NAME_FUNCS_shift(st) SKM_sk_shift(NAME_FUNCS, (st)) -#define sk_NAME_FUNCS_pop(st) SKM_sk_pop(NAME_FUNCS, (st)) -#define sk_NAME_FUNCS_sort(st) SKM_sk_sort(NAME_FUNCS, (st)) -#define sk_NAME_FUNCS_is_sorted(st) SKM_sk_is_sorted(NAME_FUNCS, (st)) - -#define sk_OCSP_CERTID_new(cmp) SKM_sk_new(OCSP_CERTID, (cmp)) -#define sk_OCSP_CERTID_new_null() SKM_sk_new_null(OCSP_CERTID) -#define sk_OCSP_CERTID_free(st) SKM_sk_free(OCSP_CERTID, (st)) -#define sk_OCSP_CERTID_num(st) SKM_sk_num(OCSP_CERTID, (st)) -#define sk_OCSP_CERTID_value(st, i) SKM_sk_value(OCSP_CERTID, (st), (i)) -#define sk_OCSP_CERTID_set(st, i, val) SKM_sk_set(OCSP_CERTID, (st), (i), (val)) -#define sk_OCSP_CERTID_zero(st) SKM_sk_zero(OCSP_CERTID, (st)) -#define sk_OCSP_CERTID_push(st, val) SKM_sk_push(OCSP_CERTID, (st), (val)) -#define sk_OCSP_CERTID_unshift(st, val) SKM_sk_unshift(OCSP_CERTID, (st), (val)) -#define sk_OCSP_CERTID_find(st, val) SKM_sk_find(OCSP_CERTID, (st), (val)) -#define sk_OCSP_CERTID_delete(st, i) SKM_sk_delete(OCSP_CERTID, (st), (i)) -#define sk_OCSP_CERTID_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_CERTID, (st), (ptr)) -#define sk_OCSP_CERTID_insert(st, val, i) SKM_sk_insert(OCSP_CERTID, (st), (val), (i)) -#define sk_OCSP_CERTID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_CERTID, (st), (cmp)) -#define sk_OCSP_CERTID_dup(st) SKM_sk_dup(OCSP_CERTID, st) -#define sk_OCSP_CERTID_pop_free(st, free_func) SKM_sk_pop_free(OCSP_CERTID, (st), (free_func)) -#define sk_OCSP_CERTID_shift(st) SKM_sk_shift(OCSP_CERTID, (st)) -#define sk_OCSP_CERTID_pop(st) SKM_sk_pop(OCSP_CERTID, (st)) -#define sk_OCSP_CERTID_sort(st) SKM_sk_sort(OCSP_CERTID, (st)) -#define sk_OCSP_CERTID_is_sorted(st) SKM_sk_is_sorted(OCSP_CERTID, (st)) - -#define sk_OCSP_ONEREQ_new(cmp) SKM_sk_new(OCSP_ONEREQ, (cmp)) -#define sk_OCSP_ONEREQ_new_null() SKM_sk_new_null(OCSP_ONEREQ) -#define sk_OCSP_ONEREQ_free(st) SKM_sk_free(OCSP_ONEREQ, (st)) -#define sk_OCSP_ONEREQ_num(st) SKM_sk_num(OCSP_ONEREQ, (st)) -#define sk_OCSP_ONEREQ_value(st, i) SKM_sk_value(OCSP_ONEREQ, (st), (i)) -#define sk_OCSP_ONEREQ_set(st, i, val) SKM_sk_set(OCSP_ONEREQ, (st), (i), (val)) -#define sk_OCSP_ONEREQ_zero(st) SKM_sk_zero(OCSP_ONEREQ, (st)) -#define sk_OCSP_ONEREQ_push(st, val) SKM_sk_push(OCSP_ONEREQ, (st), (val)) -#define sk_OCSP_ONEREQ_unshift(st, val) SKM_sk_unshift(OCSP_ONEREQ, (st), (val)) -#define sk_OCSP_ONEREQ_find(st, val) SKM_sk_find(OCSP_ONEREQ, (st), (val)) -#define sk_OCSP_ONEREQ_delete(st, i) SKM_sk_delete(OCSP_ONEREQ, (st), (i)) -#define sk_OCSP_ONEREQ_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_ONEREQ, (st), (ptr)) -#define sk_OCSP_ONEREQ_insert(st, val, i) SKM_sk_insert(OCSP_ONEREQ, (st), (val), (i)) -#define sk_OCSP_ONEREQ_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_ONEREQ, (st), (cmp)) -#define sk_OCSP_ONEREQ_dup(st) SKM_sk_dup(OCSP_ONEREQ, st) -#define sk_OCSP_ONEREQ_pop_free(st, free_func) SKM_sk_pop_free(OCSP_ONEREQ, (st), (free_func)) -#define sk_OCSP_ONEREQ_shift(st) SKM_sk_shift(OCSP_ONEREQ, (st)) -#define sk_OCSP_ONEREQ_pop(st) SKM_sk_pop(OCSP_ONEREQ, (st)) -#define sk_OCSP_ONEREQ_sort(st) SKM_sk_sort(OCSP_ONEREQ, (st)) -#define sk_OCSP_ONEREQ_is_sorted(st) SKM_sk_is_sorted(OCSP_ONEREQ, (st)) - -#define sk_OCSP_RESPID_new(cmp) SKM_sk_new(OCSP_RESPID, (cmp)) -#define sk_OCSP_RESPID_new_null() SKM_sk_new_null(OCSP_RESPID) -#define sk_OCSP_RESPID_free(st) SKM_sk_free(OCSP_RESPID, (st)) -#define sk_OCSP_RESPID_num(st) SKM_sk_num(OCSP_RESPID, (st)) -#define sk_OCSP_RESPID_value(st, i) SKM_sk_value(OCSP_RESPID, (st), (i)) -#define sk_OCSP_RESPID_set(st, i, val) SKM_sk_set(OCSP_RESPID, (st), (i), (val)) -#define sk_OCSP_RESPID_zero(st) SKM_sk_zero(OCSP_RESPID, (st)) -#define sk_OCSP_RESPID_push(st, val) SKM_sk_push(OCSP_RESPID, (st), (val)) -#define sk_OCSP_RESPID_unshift(st, val) SKM_sk_unshift(OCSP_RESPID, (st), (val)) -#define sk_OCSP_RESPID_find(st, val) SKM_sk_find(OCSP_RESPID, (st), (val)) -#define sk_OCSP_RESPID_delete(st, i) SKM_sk_delete(OCSP_RESPID, (st), (i)) -#define sk_OCSP_RESPID_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_RESPID, (st), (ptr)) -#define sk_OCSP_RESPID_insert(st, val, i) SKM_sk_insert(OCSP_RESPID, (st), (val), (i)) -#define sk_OCSP_RESPID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_RESPID, (st), (cmp)) -#define sk_OCSP_RESPID_dup(st) SKM_sk_dup(OCSP_RESPID, st) -#define sk_OCSP_RESPID_pop_free(st, free_func) SKM_sk_pop_free(OCSP_RESPID, (st), (free_func)) -#define sk_OCSP_RESPID_shift(st) SKM_sk_shift(OCSP_RESPID, (st)) -#define sk_OCSP_RESPID_pop(st) SKM_sk_pop(OCSP_RESPID, (st)) -#define sk_OCSP_RESPID_sort(st) SKM_sk_sort(OCSP_RESPID, (st)) -#define sk_OCSP_RESPID_is_sorted(st) SKM_sk_is_sorted(OCSP_RESPID, (st)) - -#define sk_OCSP_SINGLERESP_new(cmp) SKM_sk_new(OCSP_SINGLERESP, (cmp)) -#define sk_OCSP_SINGLERESP_new_null() SKM_sk_new_null(OCSP_SINGLERESP) -#define sk_OCSP_SINGLERESP_free(st) SKM_sk_free(OCSP_SINGLERESP, (st)) -#define sk_OCSP_SINGLERESP_num(st) SKM_sk_num(OCSP_SINGLERESP, (st)) -#define sk_OCSP_SINGLERESP_value(st, i) SKM_sk_value(OCSP_SINGLERESP, (st), (i)) -#define sk_OCSP_SINGLERESP_set(st, i, val) SKM_sk_set(OCSP_SINGLERESP, (st), (i), (val)) -#define sk_OCSP_SINGLERESP_zero(st) SKM_sk_zero(OCSP_SINGLERESP, (st)) -#define sk_OCSP_SINGLERESP_push(st, val) SKM_sk_push(OCSP_SINGLERESP, (st), (val)) -#define sk_OCSP_SINGLERESP_unshift(st, val) SKM_sk_unshift(OCSP_SINGLERESP, (st), (val)) -#define sk_OCSP_SINGLERESP_find(st, val) SKM_sk_find(OCSP_SINGLERESP, (st), (val)) -#define sk_OCSP_SINGLERESP_delete(st, i) SKM_sk_delete(OCSP_SINGLERESP, (st), (i)) -#define sk_OCSP_SINGLERESP_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_SINGLERESP, (st), (ptr)) -#define sk_OCSP_SINGLERESP_insert(st, val, i) SKM_sk_insert(OCSP_SINGLERESP, (st), (val), (i)) -#define sk_OCSP_SINGLERESP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_SINGLERESP, (st), (cmp)) -#define sk_OCSP_SINGLERESP_dup(st) SKM_sk_dup(OCSP_SINGLERESP, st) -#define sk_OCSP_SINGLERESP_pop_free(st, free_func) SKM_sk_pop_free(OCSP_SINGLERESP, (st), (free_func)) -#define sk_OCSP_SINGLERESP_shift(st) SKM_sk_shift(OCSP_SINGLERESP, (st)) -#define sk_OCSP_SINGLERESP_pop(st) SKM_sk_pop(OCSP_SINGLERESP, (st)) -#define sk_OCSP_SINGLERESP_sort(st) SKM_sk_sort(OCSP_SINGLERESP, (st)) -#define sk_OCSP_SINGLERESP_is_sorted(st) SKM_sk_is_sorted(OCSP_SINGLERESP, (st)) - -#define sk_PKCS12_SAFEBAG_new(cmp) SKM_sk_new(PKCS12_SAFEBAG, (cmp)) -#define sk_PKCS12_SAFEBAG_new_null() SKM_sk_new_null(PKCS12_SAFEBAG) -#define sk_PKCS12_SAFEBAG_free(st) SKM_sk_free(PKCS12_SAFEBAG, (st)) -#define sk_PKCS12_SAFEBAG_num(st) SKM_sk_num(PKCS12_SAFEBAG, (st)) -#define sk_PKCS12_SAFEBAG_value(st, i) SKM_sk_value(PKCS12_SAFEBAG, (st), (i)) -#define sk_PKCS12_SAFEBAG_set(st, i, val) SKM_sk_set(PKCS12_SAFEBAG, (st), (i), (val)) -#define sk_PKCS12_SAFEBAG_zero(st) SKM_sk_zero(PKCS12_SAFEBAG, (st)) -#define sk_PKCS12_SAFEBAG_push(st, val) SKM_sk_push(PKCS12_SAFEBAG, (st), (val)) -#define sk_PKCS12_SAFEBAG_unshift(st, val) SKM_sk_unshift(PKCS12_SAFEBAG, (st), (val)) -#define sk_PKCS12_SAFEBAG_find(st, val) SKM_sk_find(PKCS12_SAFEBAG, (st), (val)) -#define sk_PKCS12_SAFEBAG_delete(st, i) SKM_sk_delete(PKCS12_SAFEBAG, (st), (i)) -#define sk_PKCS12_SAFEBAG_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS12_SAFEBAG, (st), (ptr)) -#define sk_PKCS12_SAFEBAG_insert(st, val, i) SKM_sk_insert(PKCS12_SAFEBAG, (st), (val), (i)) -#define sk_PKCS12_SAFEBAG_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS12_SAFEBAG, (st), (cmp)) -#define sk_PKCS12_SAFEBAG_dup(st) SKM_sk_dup(PKCS12_SAFEBAG, st) -#define sk_PKCS12_SAFEBAG_pop_free(st, free_func) SKM_sk_pop_free(PKCS12_SAFEBAG, (st), (free_func)) -#define sk_PKCS12_SAFEBAG_shift(st) SKM_sk_shift(PKCS12_SAFEBAG, (st)) -#define sk_PKCS12_SAFEBAG_pop(st) SKM_sk_pop(PKCS12_SAFEBAG, (st)) -#define sk_PKCS12_SAFEBAG_sort(st) SKM_sk_sort(PKCS12_SAFEBAG, (st)) -#define sk_PKCS12_SAFEBAG_is_sorted(st) SKM_sk_is_sorted(PKCS12_SAFEBAG, (st)) - -#define sk_PKCS7_new(cmp) SKM_sk_new(PKCS7, (cmp)) -#define sk_PKCS7_new_null() SKM_sk_new_null(PKCS7) -#define sk_PKCS7_free(st) SKM_sk_free(PKCS7, (st)) -#define sk_PKCS7_num(st) SKM_sk_num(PKCS7, (st)) -#define sk_PKCS7_value(st, i) SKM_sk_value(PKCS7, (st), (i)) -#define sk_PKCS7_set(st, i, val) SKM_sk_set(PKCS7, (st), (i), (val)) -#define sk_PKCS7_zero(st) SKM_sk_zero(PKCS7, (st)) -#define sk_PKCS7_push(st, val) SKM_sk_push(PKCS7, (st), (val)) -#define sk_PKCS7_unshift(st, val) SKM_sk_unshift(PKCS7, (st), (val)) -#define sk_PKCS7_find(st, val) SKM_sk_find(PKCS7, (st), (val)) -#define sk_PKCS7_delete(st, i) SKM_sk_delete(PKCS7, (st), (i)) -#define sk_PKCS7_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7, (st), (ptr)) -#define sk_PKCS7_insert(st, val, i) SKM_sk_insert(PKCS7, (st), (val), (i)) -#define sk_PKCS7_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7, (st), (cmp)) -#define sk_PKCS7_dup(st) SKM_sk_dup(PKCS7, st) -#define sk_PKCS7_pop_free(st, free_func) SKM_sk_pop_free(PKCS7, (st), (free_func)) -#define sk_PKCS7_shift(st) SKM_sk_shift(PKCS7, (st)) -#define sk_PKCS7_pop(st) SKM_sk_pop(PKCS7, (st)) -#define sk_PKCS7_sort(st) SKM_sk_sort(PKCS7, (st)) -#define sk_PKCS7_is_sorted(st) SKM_sk_is_sorted(PKCS7, (st)) - -#define sk_PKCS7_RECIP_INFO_new(cmp) SKM_sk_new(PKCS7_RECIP_INFO, (cmp)) -#define sk_PKCS7_RECIP_INFO_new_null() SKM_sk_new_null(PKCS7_RECIP_INFO) -#define sk_PKCS7_RECIP_INFO_free(st) SKM_sk_free(PKCS7_RECIP_INFO, (st)) -#define sk_PKCS7_RECIP_INFO_num(st) SKM_sk_num(PKCS7_RECIP_INFO, (st)) -#define sk_PKCS7_RECIP_INFO_value(st, i) SKM_sk_value(PKCS7_RECIP_INFO, (st), (i)) -#define sk_PKCS7_RECIP_INFO_set(st, i, val) SKM_sk_set(PKCS7_RECIP_INFO, (st), (i), (val)) -#define sk_PKCS7_RECIP_INFO_zero(st) SKM_sk_zero(PKCS7_RECIP_INFO, (st)) -#define sk_PKCS7_RECIP_INFO_push(st, val) SKM_sk_push(PKCS7_RECIP_INFO, (st), (val)) -#define sk_PKCS7_RECIP_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_RECIP_INFO, (st), (val)) -#define sk_PKCS7_RECIP_INFO_find(st, val) SKM_sk_find(PKCS7_RECIP_INFO, (st), (val)) -#define sk_PKCS7_RECIP_INFO_delete(st, i) SKM_sk_delete(PKCS7_RECIP_INFO, (st), (i)) -#define sk_PKCS7_RECIP_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_RECIP_INFO, (st), (ptr)) -#define sk_PKCS7_RECIP_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_RECIP_INFO, (st), (val), (i)) -#define sk_PKCS7_RECIP_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7_RECIP_INFO, (st), (cmp)) -#define sk_PKCS7_RECIP_INFO_dup(st) SKM_sk_dup(PKCS7_RECIP_INFO, st) -#define sk_PKCS7_RECIP_INFO_pop_free(st, free_func) SKM_sk_pop_free(PKCS7_RECIP_INFO, (st), (free_func)) -#define sk_PKCS7_RECIP_INFO_shift(st) SKM_sk_shift(PKCS7_RECIP_INFO, (st)) -#define sk_PKCS7_RECIP_INFO_pop(st) SKM_sk_pop(PKCS7_RECIP_INFO, (st)) -#define sk_PKCS7_RECIP_INFO_sort(st) SKM_sk_sort(PKCS7_RECIP_INFO, (st)) -#define sk_PKCS7_RECIP_INFO_is_sorted(st) SKM_sk_is_sorted(PKCS7_RECIP_INFO, (st)) - -#define sk_PKCS7_SIGNER_INFO_new(cmp) SKM_sk_new(PKCS7_SIGNER_INFO, (cmp)) -#define sk_PKCS7_SIGNER_INFO_new_null() SKM_sk_new_null(PKCS7_SIGNER_INFO) -#define sk_PKCS7_SIGNER_INFO_free(st) SKM_sk_free(PKCS7_SIGNER_INFO, (st)) -#define sk_PKCS7_SIGNER_INFO_num(st) SKM_sk_num(PKCS7_SIGNER_INFO, (st)) -#define sk_PKCS7_SIGNER_INFO_value(st, i) SKM_sk_value(PKCS7_SIGNER_INFO, (st), (i)) -#define sk_PKCS7_SIGNER_INFO_set(st, i, val) SKM_sk_set(PKCS7_SIGNER_INFO, (st), (i), (val)) -#define sk_PKCS7_SIGNER_INFO_zero(st) SKM_sk_zero(PKCS7_SIGNER_INFO, (st)) -#define sk_PKCS7_SIGNER_INFO_push(st, val) SKM_sk_push(PKCS7_SIGNER_INFO, (st), (val)) -#define sk_PKCS7_SIGNER_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_SIGNER_INFO, (st), (val)) -#define sk_PKCS7_SIGNER_INFO_find(st, val) SKM_sk_find(PKCS7_SIGNER_INFO, (st), (val)) -#define sk_PKCS7_SIGNER_INFO_delete(st, i) SKM_sk_delete(PKCS7_SIGNER_INFO, (st), (i)) -#define sk_PKCS7_SIGNER_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_SIGNER_INFO, (st), (ptr)) -#define sk_PKCS7_SIGNER_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_SIGNER_INFO, (st), (val), (i)) -#define sk_PKCS7_SIGNER_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7_SIGNER_INFO, (st), (cmp)) -#define sk_PKCS7_SIGNER_INFO_dup(st) SKM_sk_dup(PKCS7_SIGNER_INFO, st) -#define sk_PKCS7_SIGNER_INFO_pop_free(st, free_func) SKM_sk_pop_free(PKCS7_SIGNER_INFO, (st), (free_func)) -#define sk_PKCS7_SIGNER_INFO_shift(st) SKM_sk_shift(PKCS7_SIGNER_INFO, (st)) -#define sk_PKCS7_SIGNER_INFO_pop(st) SKM_sk_pop(PKCS7_SIGNER_INFO, (st)) -#define sk_PKCS7_SIGNER_INFO_sort(st) SKM_sk_sort(PKCS7_SIGNER_INFO, (st)) -#define sk_PKCS7_SIGNER_INFO_is_sorted(st) SKM_sk_is_sorted(PKCS7_SIGNER_INFO, (st)) - -#define sk_POLICYINFO_new(cmp) SKM_sk_new(POLICYINFO, (cmp)) -#define sk_POLICYINFO_new_null() SKM_sk_new_null(POLICYINFO) -#define sk_POLICYINFO_free(st) SKM_sk_free(POLICYINFO, (st)) -#define sk_POLICYINFO_num(st) SKM_sk_num(POLICYINFO, (st)) -#define sk_POLICYINFO_value(st, i) SKM_sk_value(POLICYINFO, (st), (i)) -#define sk_POLICYINFO_set(st, i, val) SKM_sk_set(POLICYINFO, (st), (i), (val)) -#define sk_POLICYINFO_zero(st) SKM_sk_zero(POLICYINFO, (st)) -#define sk_POLICYINFO_push(st, val) SKM_sk_push(POLICYINFO, (st), (val)) -#define sk_POLICYINFO_unshift(st, val) SKM_sk_unshift(POLICYINFO, (st), (val)) -#define sk_POLICYINFO_find(st, val) SKM_sk_find(POLICYINFO, (st), (val)) -#define sk_POLICYINFO_delete(st, i) SKM_sk_delete(POLICYINFO, (st), (i)) -#define sk_POLICYINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYINFO, (st), (ptr)) -#define sk_POLICYINFO_insert(st, val, i) SKM_sk_insert(POLICYINFO, (st), (val), (i)) -#define sk_POLICYINFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICYINFO, (st), (cmp)) -#define sk_POLICYINFO_dup(st) SKM_sk_dup(POLICYINFO, st) -#define sk_POLICYINFO_pop_free(st, free_func) SKM_sk_pop_free(POLICYINFO, (st), (free_func)) -#define sk_POLICYINFO_shift(st) SKM_sk_shift(POLICYINFO, (st)) -#define sk_POLICYINFO_pop(st) SKM_sk_pop(POLICYINFO, (st)) -#define sk_POLICYINFO_sort(st) SKM_sk_sort(POLICYINFO, (st)) -#define sk_POLICYINFO_is_sorted(st) SKM_sk_is_sorted(POLICYINFO, (st)) - -#define sk_POLICYQUALINFO_new(cmp) SKM_sk_new(POLICYQUALINFO, (cmp)) -#define sk_POLICYQUALINFO_new_null() SKM_sk_new_null(POLICYQUALINFO) -#define sk_POLICYQUALINFO_free(st) SKM_sk_free(POLICYQUALINFO, (st)) -#define sk_POLICYQUALINFO_num(st) SKM_sk_num(POLICYQUALINFO, (st)) -#define sk_POLICYQUALINFO_value(st, i) SKM_sk_value(POLICYQUALINFO, (st), (i)) -#define sk_POLICYQUALINFO_set(st, i, val) SKM_sk_set(POLICYQUALINFO, (st), (i), (val)) -#define sk_POLICYQUALINFO_zero(st) SKM_sk_zero(POLICYQUALINFO, (st)) -#define sk_POLICYQUALINFO_push(st, val) SKM_sk_push(POLICYQUALINFO, (st), (val)) -#define sk_POLICYQUALINFO_unshift(st, val) SKM_sk_unshift(POLICYQUALINFO, (st), (val)) -#define sk_POLICYQUALINFO_find(st, val) SKM_sk_find(POLICYQUALINFO, (st), (val)) -#define sk_POLICYQUALINFO_delete(st, i) SKM_sk_delete(POLICYQUALINFO, (st), (i)) -#define sk_POLICYQUALINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYQUALINFO, (st), (ptr)) -#define sk_POLICYQUALINFO_insert(st, val, i) SKM_sk_insert(POLICYQUALINFO, (st), (val), (i)) -#define sk_POLICYQUALINFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICYQUALINFO, (st), (cmp)) -#define sk_POLICYQUALINFO_dup(st) SKM_sk_dup(POLICYQUALINFO, st) -#define sk_POLICYQUALINFO_pop_free(st, free_func) SKM_sk_pop_free(POLICYQUALINFO, (st), (free_func)) -#define sk_POLICYQUALINFO_shift(st) SKM_sk_shift(POLICYQUALINFO, (st)) -#define sk_POLICYQUALINFO_pop(st) SKM_sk_pop(POLICYQUALINFO, (st)) -#define sk_POLICYQUALINFO_sort(st) SKM_sk_sort(POLICYQUALINFO, (st)) -#define sk_POLICYQUALINFO_is_sorted(st) SKM_sk_is_sorted(POLICYQUALINFO, (st)) - -#define sk_POLICY_MAPPING_new(cmp) SKM_sk_new(POLICY_MAPPING, (cmp)) -#define sk_POLICY_MAPPING_new_null() SKM_sk_new_null(POLICY_MAPPING) -#define sk_POLICY_MAPPING_free(st) SKM_sk_free(POLICY_MAPPING, (st)) -#define sk_POLICY_MAPPING_num(st) SKM_sk_num(POLICY_MAPPING, (st)) -#define sk_POLICY_MAPPING_value(st, i) SKM_sk_value(POLICY_MAPPING, (st), (i)) -#define sk_POLICY_MAPPING_set(st, i, val) SKM_sk_set(POLICY_MAPPING, (st), (i), (val)) -#define sk_POLICY_MAPPING_zero(st) SKM_sk_zero(POLICY_MAPPING, (st)) -#define sk_POLICY_MAPPING_push(st, val) SKM_sk_push(POLICY_MAPPING, (st), (val)) -#define sk_POLICY_MAPPING_unshift(st, val) SKM_sk_unshift(POLICY_MAPPING, (st), (val)) -#define sk_POLICY_MAPPING_find(st, val) SKM_sk_find(POLICY_MAPPING, (st), (val)) -#define sk_POLICY_MAPPING_delete(st, i) SKM_sk_delete(POLICY_MAPPING, (st), (i)) -#define sk_POLICY_MAPPING_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICY_MAPPING, (st), (ptr)) -#define sk_POLICY_MAPPING_insert(st, val, i) SKM_sk_insert(POLICY_MAPPING, (st), (val), (i)) -#define sk_POLICY_MAPPING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICY_MAPPING, (st), (cmp)) -#define sk_POLICY_MAPPING_dup(st) SKM_sk_dup(POLICY_MAPPING, st) -#define sk_POLICY_MAPPING_pop_free(st, free_func) SKM_sk_pop_free(POLICY_MAPPING, (st), (free_func)) -#define sk_POLICY_MAPPING_shift(st) SKM_sk_shift(POLICY_MAPPING, (st)) -#define sk_POLICY_MAPPING_pop(st) SKM_sk_pop(POLICY_MAPPING, (st)) -#define sk_POLICY_MAPPING_sort(st) SKM_sk_sort(POLICY_MAPPING, (st)) -#define sk_POLICY_MAPPING_is_sorted(st) SKM_sk_is_sorted(POLICY_MAPPING, (st)) - -#define sk_SCT_new(cmp) SKM_sk_new(SCT, (cmp)) -#define sk_SCT_new_null() SKM_sk_new_null(SCT) -#define sk_SCT_free(st) SKM_sk_free(SCT, (st)) -#define sk_SCT_num(st) SKM_sk_num(SCT, (st)) -#define sk_SCT_value(st, i) SKM_sk_value(SCT, (st), (i)) -#define sk_SCT_set(st, i, val) SKM_sk_set(SCT, (st), (i), (val)) -#define sk_SCT_zero(st) SKM_sk_zero(SCT, (st)) -#define sk_SCT_push(st, val) SKM_sk_push(SCT, (st), (val)) -#define sk_SCT_unshift(st, val) SKM_sk_unshift(SCT, (st), (val)) -#define sk_SCT_find(st, val) SKM_sk_find(SCT, (st), (val)) -#define sk_SCT_delete(st, i) SKM_sk_delete(SCT, (st), (i)) -#define sk_SCT_delete_ptr(st, ptr) SKM_sk_delete_ptr(SCT, (st), (ptr)) -#define sk_SCT_insert(st, val, i) SKM_sk_insert(SCT, (st), (val), (i)) -#define sk_SCT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SCT, (st), (cmp)) -#define sk_SCT_dup(st) SKM_sk_dup(SCT, st) -#define sk_SCT_pop_free(st, free_func) SKM_sk_pop_free(SCT, (st), (free_func)) -#define sk_SCT_shift(st) SKM_sk_shift(SCT, (st)) -#define sk_SCT_pop(st) SKM_sk_pop(SCT, (st)) -#define sk_SCT_sort(st) SKM_sk_sort(SCT, (st)) -#define sk_SCT_is_sorted(st) SKM_sk_is_sorted(SCT, (st)) - -#define sk_SRTP_PROTECTION_PROFILE_new(cmp) SKM_sk_new(SRTP_PROTECTION_PROFILE, (cmp)) -#define sk_SRTP_PROTECTION_PROFILE_new_null() SKM_sk_new_null(SRTP_PROTECTION_PROFILE) -#define sk_SRTP_PROTECTION_PROFILE_free(st) SKM_sk_free(SRTP_PROTECTION_PROFILE, (st)) -#define sk_SRTP_PROTECTION_PROFILE_num(st) SKM_sk_num(SRTP_PROTECTION_PROFILE, (st)) -#define sk_SRTP_PROTECTION_PROFILE_value(st, i) SKM_sk_value(SRTP_PROTECTION_PROFILE, (st), (i)) -#define sk_SRTP_PROTECTION_PROFILE_set(st, i, val) SKM_sk_set(SRTP_PROTECTION_PROFILE, (st), (i), (val)) -#define sk_SRTP_PROTECTION_PROFILE_zero(st) SKM_sk_zero(SRTP_PROTECTION_PROFILE, (st)) -#define sk_SRTP_PROTECTION_PROFILE_push(st, val) SKM_sk_push(SRTP_PROTECTION_PROFILE, (st), (val)) -#define sk_SRTP_PROTECTION_PROFILE_unshift(st, val) SKM_sk_unshift(SRTP_PROTECTION_PROFILE, (st), (val)) -#define sk_SRTP_PROTECTION_PROFILE_find(st, val) SKM_sk_find(SRTP_PROTECTION_PROFILE, (st), (val)) -#define sk_SRTP_PROTECTION_PROFILE_delete(st, i) SKM_sk_delete(SRTP_PROTECTION_PROFILE, (st), (i)) -#define sk_SRTP_PROTECTION_PROFILE_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRTP_PROTECTION_PROFILE, (st), (ptr)) -#define sk_SRTP_PROTECTION_PROFILE_insert(st, val, i) SKM_sk_insert(SRTP_PROTECTION_PROFILE, (st), (val), (i)) -#define sk_SRTP_PROTECTION_PROFILE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRTP_PROTECTION_PROFILE, (st), (cmp)) -#define sk_SRTP_PROTECTION_PROFILE_dup(st) SKM_sk_dup(SRTP_PROTECTION_PROFILE, st) -#define sk_SRTP_PROTECTION_PROFILE_pop_free(st, free_func) SKM_sk_pop_free(SRTP_PROTECTION_PROFILE, (st), (free_func)) -#define sk_SRTP_PROTECTION_PROFILE_shift(st) SKM_sk_shift(SRTP_PROTECTION_PROFILE, (st)) -#define sk_SRTP_PROTECTION_PROFILE_pop(st) SKM_sk_pop(SRTP_PROTECTION_PROFILE, (st)) -#define sk_SRTP_PROTECTION_PROFILE_sort(st) SKM_sk_sort(SRTP_PROTECTION_PROFILE, (st)) -#define sk_SRTP_PROTECTION_PROFILE_is_sorted(st) SKM_sk_is_sorted(SRTP_PROTECTION_PROFILE, (st)) - -#define sk_SSL_CIPHER_new(cmp) SKM_sk_new(SSL_CIPHER, (cmp)) -#define sk_SSL_CIPHER_new_null() SKM_sk_new_null(SSL_CIPHER) -#define sk_SSL_CIPHER_free(st) SKM_sk_free(SSL_CIPHER, (st)) -#define sk_SSL_CIPHER_num(st) SKM_sk_num(SSL_CIPHER, (st)) -#define sk_SSL_CIPHER_value(st, i) SKM_sk_value(SSL_CIPHER, (st), (i)) -#define sk_SSL_CIPHER_set(st, i, val) SKM_sk_set(SSL_CIPHER, (st), (i), (val)) -#define sk_SSL_CIPHER_zero(st) SKM_sk_zero(SSL_CIPHER, (st)) -#define sk_SSL_CIPHER_push(st, val) SKM_sk_push(SSL_CIPHER, (st), (val)) -#define sk_SSL_CIPHER_unshift(st, val) SKM_sk_unshift(SSL_CIPHER, (st), (val)) -#define sk_SSL_CIPHER_find(st, val) SKM_sk_find(SSL_CIPHER, (st), (val)) -#define sk_SSL_CIPHER_delete(st, i) SKM_sk_delete(SSL_CIPHER, (st), (i)) -#define sk_SSL_CIPHER_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_CIPHER, (st), (ptr)) -#define sk_SSL_CIPHER_insert(st, val, i) SKM_sk_insert(SSL_CIPHER, (st), (val), (i)) -#define sk_SSL_CIPHER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SSL_CIPHER, (st), (cmp)) -#define sk_SSL_CIPHER_dup(st) SKM_sk_dup(SSL_CIPHER, st) -#define sk_SSL_CIPHER_pop_free(st, free_func) SKM_sk_pop_free(SSL_CIPHER, (st), (free_func)) -#define sk_SSL_CIPHER_shift(st) SKM_sk_shift(SSL_CIPHER, (st)) -#define sk_SSL_CIPHER_pop(st) SKM_sk_pop(SSL_CIPHER, (st)) -#define sk_SSL_CIPHER_sort(st) SKM_sk_sort(SSL_CIPHER, (st)) -#define sk_SSL_CIPHER_is_sorted(st) SKM_sk_is_sorted(SSL_CIPHER, (st)) - -#define sk_SSL_COMP_new(cmp) SKM_sk_new(SSL_COMP, (cmp)) -#define sk_SSL_COMP_new_null() SKM_sk_new_null(SSL_COMP) -#define sk_SSL_COMP_free(st) SKM_sk_free(SSL_COMP, (st)) -#define sk_SSL_COMP_num(st) SKM_sk_num(SSL_COMP, (st)) -#define sk_SSL_COMP_value(st, i) SKM_sk_value(SSL_COMP, (st), (i)) -#define sk_SSL_COMP_set(st, i, val) SKM_sk_set(SSL_COMP, (st), (i), (val)) -#define sk_SSL_COMP_zero(st) SKM_sk_zero(SSL_COMP, (st)) -#define sk_SSL_COMP_push(st, val) SKM_sk_push(SSL_COMP, (st), (val)) -#define sk_SSL_COMP_unshift(st, val) SKM_sk_unshift(SSL_COMP, (st), (val)) -#define sk_SSL_COMP_find(st, val) SKM_sk_find(SSL_COMP, (st), (val)) -#define sk_SSL_COMP_delete(st, i) SKM_sk_delete(SSL_COMP, (st), (i)) -#define sk_SSL_COMP_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_COMP, (st), (ptr)) -#define sk_SSL_COMP_insert(st, val, i) SKM_sk_insert(SSL_COMP, (st), (val), (i)) -#define sk_SSL_COMP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SSL_COMP, (st), (cmp)) -#define sk_SSL_COMP_dup(st) SKM_sk_dup(SSL_COMP, st) -#define sk_SSL_COMP_pop_free(st, free_func) SKM_sk_pop_free(SSL_COMP, (st), (free_func)) -#define sk_SSL_COMP_shift(st) SKM_sk_shift(SSL_COMP, (st)) -#define sk_SSL_COMP_pop(st) SKM_sk_pop(SSL_COMP, (st)) -#define sk_SSL_COMP_sort(st) SKM_sk_sort(SSL_COMP, (st)) -#define sk_SSL_COMP_is_sorted(st) SKM_sk_is_sorted(SSL_COMP, (st)) - -#define sk_STACK_OF_X509_NAME_ENTRY_new(cmp) SKM_sk_new(STACK_OF_X509_NAME_ENTRY, (cmp)) -#define sk_STACK_OF_X509_NAME_ENTRY_new_null() SKM_sk_new_null(STACK_OF_X509_NAME_ENTRY) -#define sk_STACK_OF_X509_NAME_ENTRY_free(st) SKM_sk_free(STACK_OF_X509_NAME_ENTRY, (st)) -#define sk_STACK_OF_X509_NAME_ENTRY_num(st) SKM_sk_num(STACK_OF_X509_NAME_ENTRY, (st)) -#define sk_STACK_OF_X509_NAME_ENTRY_value(st, i) SKM_sk_value(STACK_OF_X509_NAME_ENTRY, (st), (i)) -#define sk_STACK_OF_X509_NAME_ENTRY_set(st, i, val) SKM_sk_set(STACK_OF_X509_NAME_ENTRY, (st), (i), (val)) -#define sk_STACK_OF_X509_NAME_ENTRY_zero(st) SKM_sk_zero(STACK_OF_X509_NAME_ENTRY, (st)) -#define sk_STACK_OF_X509_NAME_ENTRY_push(st, val) SKM_sk_push(STACK_OF_X509_NAME_ENTRY, (st), (val)) -#define sk_STACK_OF_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(STACK_OF_X509_NAME_ENTRY, (st), (val)) -#define sk_STACK_OF_X509_NAME_ENTRY_find(st, val) SKM_sk_find(STACK_OF_X509_NAME_ENTRY, (st), (val)) -#define sk_STACK_OF_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(STACK_OF_X509_NAME_ENTRY, (st), (i)) -#define sk_STACK_OF_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(STACK_OF_X509_NAME_ENTRY, (st), (ptr)) -#define sk_STACK_OF_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(STACK_OF_X509_NAME_ENTRY, (st), (val), (i)) -#define sk_STACK_OF_X509_NAME_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STACK_OF_X509_NAME_ENTRY, (st), (cmp)) -#define sk_STACK_OF_X509_NAME_ENTRY_dup(st) SKM_sk_dup(STACK_OF_X509_NAME_ENTRY, st) -#define sk_STACK_OF_X509_NAME_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(STACK_OF_X509_NAME_ENTRY, (st), (free_func)) -#define sk_STACK_OF_X509_NAME_ENTRY_shift(st) SKM_sk_shift(STACK_OF_X509_NAME_ENTRY, (st)) -#define sk_STACK_OF_X509_NAME_ENTRY_pop(st) SKM_sk_pop(STACK_OF_X509_NAME_ENTRY, (st)) -#define sk_STACK_OF_X509_NAME_ENTRY_sort(st) SKM_sk_sort(STACK_OF_X509_NAME_ENTRY, (st)) -#define sk_STACK_OF_X509_NAME_ENTRY_is_sorted(st) SKM_sk_is_sorted(STACK_OF_X509_NAME_ENTRY, (st)) - -#define sk_STORE_ATTR_INFO_new(cmp) SKM_sk_new(STORE_ATTR_INFO, (cmp)) -#define sk_STORE_ATTR_INFO_new_null() SKM_sk_new_null(STORE_ATTR_INFO) -#define sk_STORE_ATTR_INFO_free(st) SKM_sk_free(STORE_ATTR_INFO, (st)) -#define sk_STORE_ATTR_INFO_num(st) SKM_sk_num(STORE_ATTR_INFO, (st)) -#define sk_STORE_ATTR_INFO_value(st, i) SKM_sk_value(STORE_ATTR_INFO, (st), (i)) -#define sk_STORE_ATTR_INFO_set(st, i, val) SKM_sk_set(STORE_ATTR_INFO, (st), (i), (val)) -#define sk_STORE_ATTR_INFO_zero(st) SKM_sk_zero(STORE_ATTR_INFO, (st)) -#define sk_STORE_ATTR_INFO_push(st, val) SKM_sk_push(STORE_ATTR_INFO, (st), (val)) -#define sk_STORE_ATTR_INFO_unshift(st, val) SKM_sk_unshift(STORE_ATTR_INFO, (st), (val)) -#define sk_STORE_ATTR_INFO_find(st, val) SKM_sk_find(STORE_ATTR_INFO, (st), (val)) -#define sk_STORE_ATTR_INFO_delete(st, i) SKM_sk_delete(STORE_ATTR_INFO, (st), (i)) -#define sk_STORE_ATTR_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(STORE_ATTR_INFO, (st), (ptr)) -#define sk_STORE_ATTR_INFO_insert(st, val, i) SKM_sk_insert(STORE_ATTR_INFO, (st), (val), (i)) -#define sk_STORE_ATTR_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STORE_ATTR_INFO, (st), (cmp)) -#define sk_STORE_ATTR_INFO_dup(st) SKM_sk_dup(STORE_ATTR_INFO, st) -#define sk_STORE_ATTR_INFO_pop_free(st, free_func) SKM_sk_pop_free(STORE_ATTR_INFO, (st), (free_func)) -#define sk_STORE_ATTR_INFO_shift(st) SKM_sk_shift(STORE_ATTR_INFO, (st)) -#define sk_STORE_ATTR_INFO_pop(st) SKM_sk_pop(STORE_ATTR_INFO, (st)) -#define sk_STORE_ATTR_INFO_sort(st) SKM_sk_sort(STORE_ATTR_INFO, (st)) -#define sk_STORE_ATTR_INFO_is_sorted(st) SKM_sk_is_sorted(STORE_ATTR_INFO, (st)) - -#define sk_STORE_OBJECT_new(cmp) SKM_sk_new(STORE_OBJECT, (cmp)) -#define sk_STORE_OBJECT_new_null() SKM_sk_new_null(STORE_OBJECT) -#define sk_STORE_OBJECT_free(st) SKM_sk_free(STORE_OBJECT, (st)) -#define sk_STORE_OBJECT_num(st) SKM_sk_num(STORE_OBJECT, (st)) -#define sk_STORE_OBJECT_value(st, i) SKM_sk_value(STORE_OBJECT, (st), (i)) -#define sk_STORE_OBJECT_set(st, i, val) SKM_sk_set(STORE_OBJECT, (st), (i), (val)) -#define sk_STORE_OBJECT_zero(st) SKM_sk_zero(STORE_OBJECT, (st)) -#define sk_STORE_OBJECT_push(st, val) SKM_sk_push(STORE_OBJECT, (st), (val)) -#define sk_STORE_OBJECT_unshift(st, val) SKM_sk_unshift(STORE_OBJECT, (st), (val)) -#define sk_STORE_OBJECT_find(st, val) SKM_sk_find(STORE_OBJECT, (st), (val)) -#define sk_STORE_OBJECT_delete(st, i) SKM_sk_delete(STORE_OBJECT, (st), (i)) -#define sk_STORE_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(STORE_OBJECT, (st), (ptr)) -#define sk_STORE_OBJECT_insert(st, val, i) SKM_sk_insert(STORE_OBJECT, (st), (val), (i)) -#define sk_STORE_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STORE_OBJECT, (st), (cmp)) -#define sk_STORE_OBJECT_dup(st) SKM_sk_dup(STORE_OBJECT, st) -#define sk_STORE_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(STORE_OBJECT, (st), (free_func)) -#define sk_STORE_OBJECT_shift(st) SKM_sk_shift(STORE_OBJECT, (st)) -#define sk_STORE_OBJECT_pop(st) SKM_sk_pop(STORE_OBJECT, (st)) -#define sk_STORE_OBJECT_sort(st) SKM_sk_sort(STORE_OBJECT, (st)) -#define sk_STORE_OBJECT_is_sorted(st) SKM_sk_is_sorted(STORE_OBJECT, (st)) - -#define sk_UI_STRING_new(cmp) SKM_sk_new(UI_STRING, (cmp)) -#define sk_UI_STRING_new_null() SKM_sk_new_null(UI_STRING) -#define sk_UI_STRING_free(st) SKM_sk_free(UI_STRING, (st)) -#define sk_UI_STRING_num(st) SKM_sk_num(UI_STRING, (st)) -#define sk_UI_STRING_value(st, i) SKM_sk_value(UI_STRING, (st), (i)) -#define sk_UI_STRING_set(st, i, val) SKM_sk_set(UI_STRING, (st), (i), (val)) -#define sk_UI_STRING_zero(st) SKM_sk_zero(UI_STRING, (st)) -#define sk_UI_STRING_push(st, val) SKM_sk_push(UI_STRING, (st), (val)) -#define sk_UI_STRING_unshift(st, val) SKM_sk_unshift(UI_STRING, (st), (val)) -#define sk_UI_STRING_find(st, val) SKM_sk_find(UI_STRING, (st), (val)) -#define sk_UI_STRING_delete(st, i) SKM_sk_delete(UI_STRING, (st), (i)) -#define sk_UI_STRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(UI_STRING, (st), (ptr)) -#define sk_UI_STRING_insert(st, val, i) SKM_sk_insert(UI_STRING, (st), (val), (i)) -#define sk_UI_STRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(UI_STRING, (st), (cmp)) -#define sk_UI_STRING_dup(st) SKM_sk_dup(UI_STRING, st) -#define sk_UI_STRING_pop_free(st, free_func) SKM_sk_pop_free(UI_STRING, (st), (free_func)) -#define sk_UI_STRING_shift(st) SKM_sk_shift(UI_STRING, (st)) -#define sk_UI_STRING_pop(st) SKM_sk_pop(UI_STRING, (st)) -#define sk_UI_STRING_sort(st) SKM_sk_sort(UI_STRING, (st)) -#define sk_UI_STRING_is_sorted(st) SKM_sk_is_sorted(UI_STRING, (st)) - -#define sk_X509_new(cmp) SKM_sk_new(X509, (cmp)) -#define sk_X509_new_null() SKM_sk_new_null(X509) -#define sk_X509_free(st) SKM_sk_free(X509, (st)) -#define sk_X509_num(st) SKM_sk_num(X509, (st)) -#define sk_X509_value(st, i) SKM_sk_value(X509, (st), (i)) -#define sk_X509_set(st, i, val) SKM_sk_set(X509, (st), (i), (val)) -#define sk_X509_zero(st) SKM_sk_zero(X509, (st)) -#define sk_X509_push(st, val) SKM_sk_push(X509, (st), (val)) -#define sk_X509_unshift(st, val) SKM_sk_unshift(X509, (st), (val)) -#define sk_X509_find(st, val) SKM_sk_find(X509, (st), (val)) -#define sk_X509_delete(st, i) SKM_sk_delete(X509, (st), (i)) -#define sk_X509_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509, (st), (ptr)) -#define sk_X509_insert(st, val, i) SKM_sk_insert(X509, (st), (val), (i)) -#define sk_X509_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509, (st), (cmp)) -#define sk_X509_dup(st) SKM_sk_dup(X509, st) -#define sk_X509_pop_free(st, free_func) SKM_sk_pop_free(X509, (st), (free_func)) -#define sk_X509_shift(st) SKM_sk_shift(X509, (st)) -#define sk_X509_pop(st) SKM_sk_pop(X509, (st)) -#define sk_X509_sort(st) SKM_sk_sort(X509, (st)) -#define sk_X509_is_sorted(st) SKM_sk_is_sorted(X509, (st)) - -#define sk_X509V3_EXT_METHOD_new(cmp) SKM_sk_new(X509V3_EXT_METHOD, (cmp)) -#define sk_X509V3_EXT_METHOD_new_null() SKM_sk_new_null(X509V3_EXT_METHOD) -#define sk_X509V3_EXT_METHOD_free(st) SKM_sk_free(X509V3_EXT_METHOD, (st)) -#define sk_X509V3_EXT_METHOD_num(st) SKM_sk_num(X509V3_EXT_METHOD, (st)) -#define sk_X509V3_EXT_METHOD_value(st, i) SKM_sk_value(X509V3_EXT_METHOD, (st), (i)) -#define sk_X509V3_EXT_METHOD_set(st, i, val) SKM_sk_set(X509V3_EXT_METHOD, (st), (i), (val)) -#define sk_X509V3_EXT_METHOD_zero(st) SKM_sk_zero(X509V3_EXT_METHOD, (st)) -#define sk_X509V3_EXT_METHOD_push(st, val) SKM_sk_push(X509V3_EXT_METHOD, (st), (val)) -#define sk_X509V3_EXT_METHOD_unshift(st, val) SKM_sk_unshift(X509V3_EXT_METHOD, (st), (val)) -#define sk_X509V3_EXT_METHOD_find(st, val) SKM_sk_find(X509V3_EXT_METHOD, (st), (val)) -#define sk_X509V3_EXT_METHOD_delete(st, i) SKM_sk_delete(X509V3_EXT_METHOD, (st), (i)) -#define sk_X509V3_EXT_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509V3_EXT_METHOD, (st), (ptr)) -#define sk_X509V3_EXT_METHOD_insert(st, val, i) SKM_sk_insert(X509V3_EXT_METHOD, (st), (val), (i)) -#define sk_X509V3_EXT_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509V3_EXT_METHOD, (st), (cmp)) -#define sk_X509V3_EXT_METHOD_dup(st) SKM_sk_dup(X509V3_EXT_METHOD, st) -#define sk_X509V3_EXT_METHOD_pop_free(st, free_func) SKM_sk_pop_free(X509V3_EXT_METHOD, (st), (free_func)) -#define sk_X509V3_EXT_METHOD_shift(st) SKM_sk_shift(X509V3_EXT_METHOD, (st)) -#define sk_X509V3_EXT_METHOD_pop(st) SKM_sk_pop(X509V3_EXT_METHOD, (st)) -#define sk_X509V3_EXT_METHOD_sort(st) SKM_sk_sort(X509V3_EXT_METHOD, (st)) -#define sk_X509V3_EXT_METHOD_is_sorted(st) SKM_sk_is_sorted(X509V3_EXT_METHOD, (st)) - -#define sk_X509_ALGOR_new(cmp) SKM_sk_new(X509_ALGOR, (cmp)) -#define sk_X509_ALGOR_new_null() SKM_sk_new_null(X509_ALGOR) -#define sk_X509_ALGOR_free(st) SKM_sk_free(X509_ALGOR, (st)) -#define sk_X509_ALGOR_num(st) SKM_sk_num(X509_ALGOR, (st)) -#define sk_X509_ALGOR_value(st, i) SKM_sk_value(X509_ALGOR, (st), (i)) -#define sk_X509_ALGOR_set(st, i, val) SKM_sk_set(X509_ALGOR, (st), (i), (val)) -#define sk_X509_ALGOR_zero(st) SKM_sk_zero(X509_ALGOR, (st)) -#define sk_X509_ALGOR_push(st, val) SKM_sk_push(X509_ALGOR, (st), (val)) -#define sk_X509_ALGOR_unshift(st, val) SKM_sk_unshift(X509_ALGOR, (st), (val)) -#define sk_X509_ALGOR_find(st, val) SKM_sk_find(X509_ALGOR, (st), (val)) -#define sk_X509_ALGOR_delete(st, i) SKM_sk_delete(X509_ALGOR, (st), (i)) -#define sk_X509_ALGOR_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ALGOR, (st), (ptr)) -#define sk_X509_ALGOR_insert(st, val, i) SKM_sk_insert(X509_ALGOR, (st), (val), (i)) -#define sk_X509_ALGOR_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_ALGOR, (st), (cmp)) -#define sk_X509_ALGOR_dup(st) SKM_sk_dup(X509_ALGOR, st) -#define sk_X509_ALGOR_pop_free(st, free_func) SKM_sk_pop_free(X509_ALGOR, (st), (free_func)) -#define sk_X509_ALGOR_shift(st) SKM_sk_shift(X509_ALGOR, (st)) -#define sk_X509_ALGOR_pop(st) SKM_sk_pop(X509_ALGOR, (st)) -#define sk_X509_ALGOR_sort(st) SKM_sk_sort(X509_ALGOR, (st)) -#define sk_X509_ALGOR_is_sorted(st) SKM_sk_is_sorted(X509_ALGOR, (st)) - -#define sk_X509_ATTRIBUTE_new(cmp) SKM_sk_new(X509_ATTRIBUTE, (cmp)) -#define sk_X509_ATTRIBUTE_new_null() SKM_sk_new_null(X509_ATTRIBUTE) -#define sk_X509_ATTRIBUTE_free(st) SKM_sk_free(X509_ATTRIBUTE, (st)) -#define sk_X509_ATTRIBUTE_num(st) SKM_sk_num(X509_ATTRIBUTE, (st)) -#define sk_X509_ATTRIBUTE_value(st, i) SKM_sk_value(X509_ATTRIBUTE, (st), (i)) -#define sk_X509_ATTRIBUTE_set(st, i, val) SKM_sk_set(X509_ATTRIBUTE, (st), (i), (val)) -#define sk_X509_ATTRIBUTE_zero(st) SKM_sk_zero(X509_ATTRIBUTE, (st)) -#define sk_X509_ATTRIBUTE_push(st, val) SKM_sk_push(X509_ATTRIBUTE, (st), (val)) -#define sk_X509_ATTRIBUTE_unshift(st, val) SKM_sk_unshift(X509_ATTRIBUTE, (st), (val)) -#define sk_X509_ATTRIBUTE_find(st, val) SKM_sk_find(X509_ATTRIBUTE, (st), (val)) -#define sk_X509_ATTRIBUTE_delete(st, i) SKM_sk_delete(X509_ATTRIBUTE, (st), (i)) -#define sk_X509_ATTRIBUTE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ATTRIBUTE, (st), (ptr)) -#define sk_X509_ATTRIBUTE_insert(st, val, i) SKM_sk_insert(X509_ATTRIBUTE, (st), (val), (i)) -#define sk_X509_ATTRIBUTE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_ATTRIBUTE, (st), (cmp)) -#define sk_X509_ATTRIBUTE_dup(st) SKM_sk_dup(X509_ATTRIBUTE, st) -#define sk_X509_ATTRIBUTE_pop_free(st, free_func) SKM_sk_pop_free(X509_ATTRIBUTE, (st), (free_func)) -#define sk_X509_ATTRIBUTE_shift(st) SKM_sk_shift(X509_ATTRIBUTE, (st)) -#define sk_X509_ATTRIBUTE_pop(st) SKM_sk_pop(X509_ATTRIBUTE, (st)) -#define sk_X509_ATTRIBUTE_sort(st) SKM_sk_sort(X509_ATTRIBUTE, (st)) -#define sk_X509_ATTRIBUTE_is_sorted(st) SKM_sk_is_sorted(X509_ATTRIBUTE, (st)) - -#define sk_X509_CRL_new(cmp) SKM_sk_new(X509_CRL, (cmp)) -#define sk_X509_CRL_new_null() SKM_sk_new_null(X509_CRL) -#define sk_X509_CRL_free(st) SKM_sk_free(X509_CRL, (st)) -#define sk_X509_CRL_num(st) SKM_sk_num(X509_CRL, (st)) -#define sk_X509_CRL_value(st, i) SKM_sk_value(X509_CRL, (st), (i)) -#define sk_X509_CRL_set(st, i, val) SKM_sk_set(X509_CRL, (st), (i), (val)) -#define sk_X509_CRL_zero(st) SKM_sk_zero(X509_CRL, (st)) -#define sk_X509_CRL_push(st, val) SKM_sk_push(X509_CRL, (st), (val)) -#define sk_X509_CRL_unshift(st, val) SKM_sk_unshift(X509_CRL, (st), (val)) -#define sk_X509_CRL_find(st, val) SKM_sk_find(X509_CRL, (st), (val)) -#define sk_X509_CRL_delete(st, i) SKM_sk_delete(X509_CRL, (st), (i)) -#define sk_X509_CRL_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_CRL, (st), (ptr)) -#define sk_X509_CRL_insert(st, val, i) SKM_sk_insert(X509_CRL, (st), (val), (i)) -#define sk_X509_CRL_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_CRL, (st), (cmp)) -#define sk_X509_CRL_dup(st) SKM_sk_dup(X509_CRL, st) -#define sk_X509_CRL_pop_free(st, free_func) SKM_sk_pop_free(X509_CRL, (st), (free_func)) -#define sk_X509_CRL_shift(st) SKM_sk_shift(X509_CRL, (st)) -#define sk_X509_CRL_pop(st) SKM_sk_pop(X509_CRL, (st)) -#define sk_X509_CRL_sort(st) SKM_sk_sort(X509_CRL, (st)) -#define sk_X509_CRL_is_sorted(st) SKM_sk_is_sorted(X509_CRL, (st)) - -#define sk_X509_EXTENSION_new(cmp) SKM_sk_new(X509_EXTENSION, (cmp)) -#define sk_X509_EXTENSION_new_null() SKM_sk_new_null(X509_EXTENSION) -#define sk_X509_EXTENSION_free(st) SKM_sk_free(X509_EXTENSION, (st)) -#define sk_X509_EXTENSION_num(st) SKM_sk_num(X509_EXTENSION, (st)) -#define sk_X509_EXTENSION_value(st, i) SKM_sk_value(X509_EXTENSION, (st), (i)) -#define sk_X509_EXTENSION_set(st, i, val) SKM_sk_set(X509_EXTENSION, (st), (i), (val)) -#define sk_X509_EXTENSION_zero(st) SKM_sk_zero(X509_EXTENSION, (st)) -#define sk_X509_EXTENSION_push(st, val) SKM_sk_push(X509_EXTENSION, (st), (val)) -#define sk_X509_EXTENSION_unshift(st, val) SKM_sk_unshift(X509_EXTENSION, (st), (val)) -#define sk_X509_EXTENSION_find(st, val) SKM_sk_find(X509_EXTENSION, (st), (val)) -#define sk_X509_EXTENSION_delete(st, i) SKM_sk_delete(X509_EXTENSION, (st), (i)) -#define sk_X509_EXTENSION_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_EXTENSION, (st), (ptr)) -#define sk_X509_EXTENSION_insert(st, val, i) SKM_sk_insert(X509_EXTENSION, (st), (val), (i)) -#define sk_X509_EXTENSION_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_EXTENSION, (st), (cmp)) -#define sk_X509_EXTENSION_dup(st) SKM_sk_dup(X509_EXTENSION, st) -#define sk_X509_EXTENSION_pop_free(st, free_func) SKM_sk_pop_free(X509_EXTENSION, (st), (free_func)) -#define sk_X509_EXTENSION_shift(st) SKM_sk_shift(X509_EXTENSION, (st)) -#define sk_X509_EXTENSION_pop(st) SKM_sk_pop(X509_EXTENSION, (st)) -#define sk_X509_EXTENSION_sort(st) SKM_sk_sort(X509_EXTENSION, (st)) -#define sk_X509_EXTENSION_is_sorted(st) SKM_sk_is_sorted(X509_EXTENSION, (st)) - -#define sk_X509_INFO_new(cmp) SKM_sk_new(X509_INFO, (cmp)) -#define sk_X509_INFO_new_null() SKM_sk_new_null(X509_INFO) -#define sk_X509_INFO_free(st) SKM_sk_free(X509_INFO, (st)) -#define sk_X509_INFO_num(st) SKM_sk_num(X509_INFO, (st)) -#define sk_X509_INFO_value(st, i) SKM_sk_value(X509_INFO, (st), (i)) -#define sk_X509_INFO_set(st, i, val) SKM_sk_set(X509_INFO, (st), (i), (val)) -#define sk_X509_INFO_zero(st) SKM_sk_zero(X509_INFO, (st)) -#define sk_X509_INFO_push(st, val) SKM_sk_push(X509_INFO, (st), (val)) -#define sk_X509_INFO_unshift(st, val) SKM_sk_unshift(X509_INFO, (st), (val)) -#define sk_X509_INFO_find(st, val) SKM_sk_find(X509_INFO, (st), (val)) -#define sk_X509_INFO_delete(st, i) SKM_sk_delete(X509_INFO, (st), (i)) -#define sk_X509_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_INFO, (st), (ptr)) -#define sk_X509_INFO_insert(st, val, i) SKM_sk_insert(X509_INFO, (st), (val), (i)) -#define sk_X509_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_INFO, (st), (cmp)) -#define sk_X509_INFO_dup(st) SKM_sk_dup(X509_INFO, st) -#define sk_X509_INFO_pop_free(st, free_func) SKM_sk_pop_free(X509_INFO, (st), (free_func)) -#define sk_X509_INFO_shift(st) SKM_sk_shift(X509_INFO, (st)) -#define sk_X509_INFO_pop(st) SKM_sk_pop(X509_INFO, (st)) -#define sk_X509_INFO_sort(st) SKM_sk_sort(X509_INFO, (st)) -#define sk_X509_INFO_is_sorted(st) SKM_sk_is_sorted(X509_INFO, (st)) - -#define sk_X509_LOOKUP_new(cmp) SKM_sk_new(X509_LOOKUP, (cmp)) -#define sk_X509_LOOKUP_new_null() SKM_sk_new_null(X509_LOOKUP) -#define sk_X509_LOOKUP_free(st) SKM_sk_free(X509_LOOKUP, (st)) -#define sk_X509_LOOKUP_num(st) SKM_sk_num(X509_LOOKUP, (st)) -#define sk_X509_LOOKUP_value(st, i) SKM_sk_value(X509_LOOKUP, (st), (i)) -#define sk_X509_LOOKUP_set(st, i, val) SKM_sk_set(X509_LOOKUP, (st), (i), (val)) -#define sk_X509_LOOKUP_zero(st) SKM_sk_zero(X509_LOOKUP, (st)) -#define sk_X509_LOOKUP_push(st, val) SKM_sk_push(X509_LOOKUP, (st), (val)) -#define sk_X509_LOOKUP_unshift(st, val) SKM_sk_unshift(X509_LOOKUP, (st), (val)) -#define sk_X509_LOOKUP_find(st, val) SKM_sk_find(X509_LOOKUP, (st), (val)) -#define sk_X509_LOOKUP_delete(st, i) SKM_sk_delete(X509_LOOKUP, (st), (i)) -#define sk_X509_LOOKUP_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_LOOKUP, (st), (ptr)) -#define sk_X509_LOOKUP_insert(st, val, i) SKM_sk_insert(X509_LOOKUP, (st), (val), (i)) -#define sk_X509_LOOKUP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_LOOKUP, (st), (cmp)) -#define sk_X509_LOOKUP_dup(st) SKM_sk_dup(X509_LOOKUP, st) -#define sk_X509_LOOKUP_pop_free(st, free_func) SKM_sk_pop_free(X509_LOOKUP, (st), (free_func)) -#define sk_X509_LOOKUP_shift(st) SKM_sk_shift(X509_LOOKUP, (st)) -#define sk_X509_LOOKUP_pop(st) SKM_sk_pop(X509_LOOKUP, (st)) -#define sk_X509_LOOKUP_sort(st) SKM_sk_sort(X509_LOOKUP, (st)) -#define sk_X509_LOOKUP_is_sorted(st) SKM_sk_is_sorted(X509_LOOKUP, (st)) - -#define sk_X509_NAME_new(cmp) SKM_sk_new(X509_NAME, (cmp)) -#define sk_X509_NAME_new_null() SKM_sk_new_null(X509_NAME) -#define sk_X509_NAME_free(st) SKM_sk_free(X509_NAME, (st)) -#define sk_X509_NAME_num(st) SKM_sk_num(X509_NAME, (st)) -#define sk_X509_NAME_value(st, i) SKM_sk_value(X509_NAME, (st), (i)) -#define sk_X509_NAME_set(st, i, val) SKM_sk_set(X509_NAME, (st), (i), (val)) -#define sk_X509_NAME_zero(st) SKM_sk_zero(X509_NAME, (st)) -#define sk_X509_NAME_push(st, val) SKM_sk_push(X509_NAME, (st), (val)) -#define sk_X509_NAME_unshift(st, val) SKM_sk_unshift(X509_NAME, (st), (val)) -#define sk_X509_NAME_find(st, val) SKM_sk_find(X509_NAME, (st), (val)) -#define sk_X509_NAME_delete(st, i) SKM_sk_delete(X509_NAME, (st), (i)) -#define sk_X509_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME, (st), (ptr)) -#define sk_X509_NAME_insert(st, val, i) SKM_sk_insert(X509_NAME, (st), (val), (i)) -#define sk_X509_NAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_NAME, (st), (cmp)) -#define sk_X509_NAME_dup(st) SKM_sk_dup(X509_NAME, st) -#define sk_X509_NAME_pop_free(st, free_func) SKM_sk_pop_free(X509_NAME, (st), (free_func)) -#define sk_X509_NAME_shift(st) SKM_sk_shift(X509_NAME, (st)) -#define sk_X509_NAME_pop(st) SKM_sk_pop(X509_NAME, (st)) -#define sk_X509_NAME_sort(st) SKM_sk_sort(X509_NAME, (st)) -#define sk_X509_NAME_is_sorted(st) SKM_sk_is_sorted(X509_NAME, (st)) - -#define sk_X509_NAME_ENTRY_new(cmp) SKM_sk_new(X509_NAME_ENTRY, (cmp)) -#define sk_X509_NAME_ENTRY_new_null() SKM_sk_new_null(X509_NAME_ENTRY) -#define sk_X509_NAME_ENTRY_free(st) SKM_sk_free(X509_NAME_ENTRY, (st)) -#define sk_X509_NAME_ENTRY_num(st) SKM_sk_num(X509_NAME_ENTRY, (st)) -#define sk_X509_NAME_ENTRY_value(st, i) SKM_sk_value(X509_NAME_ENTRY, (st), (i)) -#define sk_X509_NAME_ENTRY_set(st, i, val) SKM_sk_set(X509_NAME_ENTRY, (st), (i), (val)) -#define sk_X509_NAME_ENTRY_zero(st) SKM_sk_zero(X509_NAME_ENTRY, (st)) -#define sk_X509_NAME_ENTRY_push(st, val) SKM_sk_push(X509_NAME_ENTRY, (st), (val)) -#define sk_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(X509_NAME_ENTRY, (st), (val)) -#define sk_X509_NAME_ENTRY_find(st, val) SKM_sk_find(X509_NAME_ENTRY, (st), (val)) -#define sk_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(X509_NAME_ENTRY, (st), (i)) -#define sk_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME_ENTRY, (st), (ptr)) -#define sk_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(X509_NAME_ENTRY, (st), (val), (i)) -#define sk_X509_NAME_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_NAME_ENTRY, (st), (cmp)) -#define sk_X509_NAME_ENTRY_dup(st) SKM_sk_dup(X509_NAME_ENTRY, st) -#define sk_X509_NAME_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(X509_NAME_ENTRY, (st), (free_func)) -#define sk_X509_NAME_ENTRY_shift(st) SKM_sk_shift(X509_NAME_ENTRY, (st)) -#define sk_X509_NAME_ENTRY_pop(st) SKM_sk_pop(X509_NAME_ENTRY, (st)) -#define sk_X509_NAME_ENTRY_sort(st) SKM_sk_sort(X509_NAME_ENTRY, (st)) -#define sk_X509_NAME_ENTRY_is_sorted(st) SKM_sk_is_sorted(X509_NAME_ENTRY, (st)) - -#define sk_X509_OBJECT_new(cmp) SKM_sk_new(X509_OBJECT, (cmp)) -#define sk_X509_OBJECT_new_null() SKM_sk_new_null(X509_OBJECT) -#define sk_X509_OBJECT_free(st) SKM_sk_free(X509_OBJECT, (st)) -#define sk_X509_OBJECT_num(st) SKM_sk_num(X509_OBJECT, (st)) -#define sk_X509_OBJECT_value(st, i) SKM_sk_value(X509_OBJECT, (st), (i)) -#define sk_X509_OBJECT_set(st, i, val) SKM_sk_set(X509_OBJECT, (st), (i), (val)) -#define sk_X509_OBJECT_zero(st) SKM_sk_zero(X509_OBJECT, (st)) -#define sk_X509_OBJECT_push(st, val) SKM_sk_push(X509_OBJECT, (st), (val)) -#define sk_X509_OBJECT_unshift(st, val) SKM_sk_unshift(X509_OBJECT, (st), (val)) -#define sk_X509_OBJECT_find(st, val) SKM_sk_find(X509_OBJECT, (st), (val)) -#define sk_X509_OBJECT_delete(st, i) SKM_sk_delete(X509_OBJECT, (st), (i)) -#define sk_X509_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_OBJECT, (st), (ptr)) -#define sk_X509_OBJECT_insert(st, val, i) SKM_sk_insert(X509_OBJECT, (st), (val), (i)) -#define sk_X509_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_OBJECT, (st), (cmp)) -#define sk_X509_OBJECT_dup(st) SKM_sk_dup(X509_OBJECT, st) -#define sk_X509_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(X509_OBJECT, (st), (free_func)) -#define sk_X509_OBJECT_shift(st) SKM_sk_shift(X509_OBJECT, (st)) -#define sk_X509_OBJECT_pop(st) SKM_sk_pop(X509_OBJECT, (st)) -#define sk_X509_OBJECT_sort(st) SKM_sk_sort(X509_OBJECT, (st)) -#define sk_X509_OBJECT_is_sorted(st) SKM_sk_is_sorted(X509_OBJECT, (st)) - -#define sk_X509_REVOKED_new(cmp) SKM_sk_new(X509_REVOKED, (cmp)) -#define sk_X509_REVOKED_new_null() SKM_sk_new_null(X509_REVOKED) -#define sk_X509_REVOKED_free(st) SKM_sk_free(X509_REVOKED, (st)) -#define sk_X509_REVOKED_num(st) SKM_sk_num(X509_REVOKED, (st)) -#define sk_X509_REVOKED_value(st, i) SKM_sk_value(X509_REVOKED, (st), (i)) -#define sk_X509_REVOKED_set(st, i, val) SKM_sk_set(X509_REVOKED, (st), (i), (val)) -#define sk_X509_REVOKED_zero(st) SKM_sk_zero(X509_REVOKED, (st)) -#define sk_X509_REVOKED_push(st, val) SKM_sk_push(X509_REVOKED, (st), (val)) -#define sk_X509_REVOKED_unshift(st, val) SKM_sk_unshift(X509_REVOKED, (st), (val)) -#define sk_X509_REVOKED_find(st, val) SKM_sk_find(X509_REVOKED, (st), (val)) -#define sk_X509_REVOKED_delete(st, i) SKM_sk_delete(X509_REVOKED, (st), (i)) -#define sk_X509_REVOKED_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_REVOKED, (st), (ptr)) -#define sk_X509_REVOKED_insert(st, val, i) SKM_sk_insert(X509_REVOKED, (st), (val), (i)) -#define sk_X509_REVOKED_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_REVOKED, (st), (cmp)) -#define sk_X509_REVOKED_dup(st) SKM_sk_dup(X509_REVOKED, st) -#define sk_X509_REVOKED_pop_free(st, free_func) SKM_sk_pop_free(X509_REVOKED, (st), (free_func)) -#define sk_X509_REVOKED_shift(st) SKM_sk_shift(X509_REVOKED, (st)) -#define sk_X509_REVOKED_pop(st) SKM_sk_pop(X509_REVOKED, (st)) -#define sk_X509_REVOKED_sort(st) SKM_sk_sort(X509_REVOKED, (st)) -#define sk_X509_REVOKED_is_sorted(st) SKM_sk_is_sorted(X509_REVOKED, (st)) - -#define sk_X509_VERIFY_PARAM_new(cmp) SKM_sk_new(X509_VERIFY_PARAM, (cmp)) -#define sk_X509_VERIFY_PARAM_new_null() SKM_sk_new_null(X509_VERIFY_PARAM) -#define sk_X509_VERIFY_PARAM_free(st) SKM_sk_free(X509_VERIFY_PARAM, (st)) -#define sk_X509_VERIFY_PARAM_num(st) SKM_sk_num(X509_VERIFY_PARAM, (st)) -#define sk_X509_VERIFY_PARAM_value(st, i) SKM_sk_value(X509_VERIFY_PARAM, (st), (i)) -#define sk_X509_VERIFY_PARAM_set(st, i, val) SKM_sk_set(X509_VERIFY_PARAM, (st), (i), (val)) -#define sk_X509_VERIFY_PARAM_zero(st) SKM_sk_zero(X509_VERIFY_PARAM, (st)) -#define sk_X509_VERIFY_PARAM_push(st, val) SKM_sk_push(X509_VERIFY_PARAM, (st), (val)) -#define sk_X509_VERIFY_PARAM_unshift(st, val) SKM_sk_unshift(X509_VERIFY_PARAM, (st), (val)) -#define sk_X509_VERIFY_PARAM_find(st, val) SKM_sk_find(X509_VERIFY_PARAM, (st), (val)) -#define sk_X509_VERIFY_PARAM_delete(st, i) SKM_sk_delete(X509_VERIFY_PARAM, (st), (i)) -#define sk_X509_VERIFY_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_VERIFY_PARAM, (st), (ptr)) -#define sk_X509_VERIFY_PARAM_insert(st, val, i) SKM_sk_insert(X509_VERIFY_PARAM, (st), (val), (i)) -#define sk_X509_VERIFY_PARAM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_VERIFY_PARAM, (st), (cmp)) -#define sk_X509_VERIFY_PARAM_dup(st) SKM_sk_dup(X509_VERIFY_PARAM, st) -#define sk_X509_VERIFY_PARAM_pop_free(st, free_func) SKM_sk_pop_free(X509_VERIFY_PARAM, (st), (free_func)) -#define sk_X509_VERIFY_PARAM_shift(st) SKM_sk_shift(X509_VERIFY_PARAM, (st)) -#define sk_X509_VERIFY_PARAM_pop(st) SKM_sk_pop(X509_VERIFY_PARAM, (st)) -#define sk_X509_VERIFY_PARAM_sort(st) SKM_sk_sort(X509_VERIFY_PARAM, (st)) -#define sk_X509_VERIFY_PARAM_is_sorted(st) SKM_sk_is_sorted(X509_VERIFY_PARAM, (st)) - -#define sk_void_new(cmp) SKM_sk_new(void, (cmp)) -#define sk_void_new_null() SKM_sk_new_null(void) -#define sk_void_free(st) SKM_sk_free(void, (st)) -#define sk_void_num(st) SKM_sk_num(void, (st)) -#define sk_void_value(st, i) SKM_sk_value(void, (st), (i)) -#define sk_void_set(st, i, val) SKM_sk_set(void, (st), (i), (val)) -#define sk_void_zero(st) SKM_sk_zero(void, (st)) -#define sk_void_push(st, val) SKM_sk_push(void, (st), (val)) -#define sk_void_unshift(st, val) SKM_sk_unshift(void, (st), (val)) -#define sk_void_find(st, val) SKM_sk_find(void, (st), (val)) -#define sk_void_delete(st, i) SKM_sk_delete(void, (st), (i)) -#define sk_void_delete_ptr(st, ptr) SKM_sk_delete_ptr(void, (st), (ptr)) -#define sk_void_insert(st, val, i) SKM_sk_insert(void, (st), (val), (i)) -#define sk_void_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(void, (st), (cmp)) -#define sk_void_dup(st) SKM_sk_dup(void, st) -#define sk_void_pop_free(st, free_func) SKM_sk_pop_free(void, (st), (free_func)) -#define sk_void_shift(st) SKM_sk_shift(void, (st)) -#define sk_void_pop(st) SKM_sk_pop(void, (st)) -#define sk_void_sort(st) SKM_sk_sort(void, (st)) -#define sk_void_is_sorted(st) SKM_sk_is_sorted(void, (st)) - -#define sk_OPENSSL_STRING_new(cmp) ((STACK_OF(OPENSSL_STRING) *)sk_new(CHECKED_SK_CMP_FUNC(char, cmp))) -#define sk_OPENSSL_STRING_new_null() ((STACK_OF(OPENSSL_STRING) *)sk_new_null()) -#define sk_OPENSSL_STRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val)) -#define sk_OPENSSL_STRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val)) -#define sk_OPENSSL_STRING_value(st, i) ((OPENSSL_STRING)sk_value(CHECKED_STACK_OF(OPENSSL_STRING, st), i)) -#define sk_OPENSSL_STRING_num(st) SKM_sk_num(OPENSSL_STRING, st) -#define sk_OPENSSL_STRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_SK_FREE_FUNC2(OPENSSL_STRING, free_func)) -#define sk_OPENSSL_STRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val), i) -#define sk_OPENSSL_STRING_free(st) SKM_sk_free(OPENSSL_STRING, st) -#define sk_OPENSSL_STRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_STRING, st), i, CHECKED_PTR_OF(char, val)) -#define sk_OPENSSL_STRING_zero(st) SKM_sk_zero(OPENSSL_STRING, (st)) -#define sk_OPENSSL_STRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val)) -#define sk_OPENSSL_STRING_delete(st, i) SKM_sk_delete(OPENSSL_STRING, (st), (i)) -#define sk_OPENSSL_STRING_delete_ptr(st, ptr) (OPENSSL_STRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, ptr)) -#define sk_OPENSSL_STRING_set_cmp_func(st, cmp) \ - ((int (*)(const char * const *,const char * const *)) \ - sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_SK_CMP_FUNC(char, cmp))) -#define sk_OPENSSL_STRING_dup(st) SKM_sk_dup(OPENSSL_STRING, st) -#define sk_OPENSSL_STRING_shift(st) SKM_sk_shift(OPENSSL_STRING, (st)) -#define sk_OPENSSL_STRING_pop(st) (char *)sk_pop(CHECKED_STACK_OF(OPENSSL_STRING, st)) -#define sk_OPENSSL_STRING_sort(st) SKM_sk_sort(OPENSSL_STRING, (st)) -#define sk_OPENSSL_STRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_STRING, (st)) - -#define sk_OPENSSL_PSTRING_new(cmp) ((STACK_OF(OPENSSL_PSTRING) *)sk_new(CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp))) -#define sk_OPENSSL_PSTRING_new_null() ((STACK_OF(OPENSSL_PSTRING) *)sk_new_null()) -#define sk_OPENSSL_PSTRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val)) -#define sk_OPENSSL_PSTRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val)) -#define sk_OPENSSL_PSTRING_value(st, i) ((OPENSSL_PSTRING)sk_value(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i)) -#define sk_OPENSSL_PSTRING_num(st) SKM_sk_num(OPENSSL_PSTRING, st) -#define sk_OPENSSL_PSTRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_FREE_FUNC2(OPENSSL_PSTRING, free_func)) -#define sk_OPENSSL_PSTRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val), i) -#define sk_OPENSSL_PSTRING_free(st) SKM_sk_free(OPENSSL_PSTRING, st) -#define sk_OPENSSL_PSTRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i, CHECKED_PTR_OF(OPENSSL_STRING, val)) -#define sk_OPENSSL_PSTRING_zero(st) SKM_sk_zero(OPENSSL_PSTRING, (st)) -#define sk_OPENSSL_PSTRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val)) -#define sk_OPENSSL_PSTRING_delete(st, i) SKM_sk_delete(OPENSSL_PSTRING, (st), (i)) -#define sk_OPENSSL_PSTRING_delete_ptr(st, ptr) (OPENSSL_PSTRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, ptr)) -#define sk_OPENSSL_PSTRING_set_cmp_func(st, cmp) \ - ((int (*)(const OPENSSL_STRING * const *,const OPENSSL_STRING * const *)) \ - sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp))) -#define sk_OPENSSL_PSTRING_dup(st) SKM_sk_dup(OPENSSL_PSTRING, st) -#define sk_OPENSSL_PSTRING_shift(st) SKM_sk_shift(OPENSSL_PSTRING, (st)) -#define sk_OPENSSL_PSTRING_pop(st) (OPENSSL_STRING *)sk_pop(CHECKED_STACK_OF(OPENSSL_PSTRING, st)) -#define sk_OPENSSL_PSTRING_sort(st) SKM_sk_sort(OPENSSL_PSTRING, (st)) -#define sk_OPENSSL_PSTRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_PSTRING, (st)) - -#define lh_ADDED_OBJ_new() LHM_lh_new(ADDED_OBJ,added_obj) -#define lh_ADDED_OBJ_insert(lh,inst) LHM_lh_insert(ADDED_OBJ,lh,inst) -#define lh_ADDED_OBJ_retrieve(lh,inst) LHM_lh_retrieve(ADDED_OBJ,lh,inst) -#define lh_ADDED_OBJ_delete(lh,inst) LHM_lh_delete(ADDED_OBJ,lh,inst) -#define lh_ADDED_OBJ_doall(lh,fn) LHM_lh_doall(ADDED_OBJ,lh,fn) -#define lh_ADDED_OBJ_doall_arg(lh,fn,arg_type,arg) \ - LHM_lh_doall_arg(ADDED_OBJ,lh,fn,arg_type,arg) -#define lh_ADDED_OBJ_error(lh) LHM_lh_error(ADDED_OBJ,lh) -#define lh_ADDED_OBJ_num_items(lh) LHM_lh_num_items(ADDED_OBJ,lh) -#define lh_ADDED_OBJ_free(lh) LHM_lh_free(ADDED_OBJ,lh) - -#define lh_CONF_VALUE_new() LHM_lh_new(CONF_VALUE,conf_value) -#define lh_CONF_VALUE_insert(lh,inst) LHM_lh_insert(CONF_VALUE,lh,inst) -#define lh_CONF_VALUE_retrieve(lh,inst) LHM_lh_retrieve(CONF_VALUE,lh,inst) -#define lh_CONF_VALUE_delete(lh,inst) LHM_lh_delete(CONF_VALUE,lh,inst) -#define lh_CONF_VALUE_doall(lh,fn) LHM_lh_doall(CONF_VALUE,lh,fn) -#define lh_CONF_VALUE_doall_arg(lh,fn,arg_type,arg) \ - LHM_lh_doall_arg(CONF_VALUE,lh,fn,arg_type,arg) -#define lh_CONF_VALUE_error(lh) LHM_lh_error(CONF_VALUE,lh) -#define lh_CONF_VALUE_num_items(lh) LHM_lh_num_items(CONF_VALUE,lh) -#define lh_CONF_VALUE_free(lh) LHM_lh_free(CONF_VALUE,lh) - -#define lh_ERR_STATE_new() LHM_lh_new(ERR_STATE,err_state) -#define lh_ERR_STATE_insert(lh,inst) LHM_lh_insert(ERR_STATE,lh,inst) -#define lh_ERR_STATE_retrieve(lh,inst) LHM_lh_retrieve(ERR_STATE,lh,inst) -#define lh_ERR_STATE_delete(lh,inst) LHM_lh_delete(ERR_STATE,lh,inst) -#define lh_ERR_STATE_doall(lh,fn) LHM_lh_doall(ERR_STATE,lh,fn) -#define lh_ERR_STATE_doall_arg(lh,fn,arg_type,arg) \ - LHM_lh_doall_arg(ERR_STATE,lh,fn,arg_type,arg) -#define lh_ERR_STATE_error(lh) LHM_lh_error(ERR_STATE,lh) -#define lh_ERR_STATE_num_items(lh) LHM_lh_num_items(ERR_STATE,lh) -#define lh_ERR_STATE_free(lh) LHM_lh_free(ERR_STATE,lh) - -#define lh_ERR_STRING_DATA_new() LHM_lh_new(ERR_STRING_DATA,err_string_data) -#define lh_ERR_STRING_DATA_insert(lh,inst) LHM_lh_insert(ERR_STRING_DATA,lh,inst) -#define lh_ERR_STRING_DATA_retrieve(lh,inst) LHM_lh_retrieve(ERR_STRING_DATA,lh,inst) -#define lh_ERR_STRING_DATA_delete(lh,inst) LHM_lh_delete(ERR_STRING_DATA,lh,inst) -#define lh_ERR_STRING_DATA_doall(lh,fn) LHM_lh_doall(ERR_STRING_DATA,lh,fn) -#define lh_ERR_STRING_DATA_doall_arg(lh,fn,arg_type,arg) \ - LHM_lh_doall_arg(ERR_STRING_DATA,lh,fn,arg_type,arg) -#define lh_ERR_STRING_DATA_error(lh) LHM_lh_error(ERR_STRING_DATA,lh) -#define lh_ERR_STRING_DATA_num_items(lh) LHM_lh_num_items(ERR_STRING_DATA,lh) -#define lh_ERR_STRING_DATA_free(lh) LHM_lh_free(ERR_STRING_DATA,lh) - -#define lh_EX_CLASS_ITEM_new() LHM_lh_new(EX_CLASS_ITEM,ex_class_item) -#define lh_EX_CLASS_ITEM_insert(lh,inst) LHM_lh_insert(EX_CLASS_ITEM,lh,inst) -#define lh_EX_CLASS_ITEM_retrieve(lh,inst) LHM_lh_retrieve(EX_CLASS_ITEM,lh,inst) -#define lh_EX_CLASS_ITEM_delete(lh,inst) LHM_lh_delete(EX_CLASS_ITEM,lh,inst) -#define lh_EX_CLASS_ITEM_doall(lh,fn) LHM_lh_doall(EX_CLASS_ITEM,lh,fn) -#define lh_EX_CLASS_ITEM_doall_arg(lh,fn,arg_type,arg) \ - LHM_lh_doall_arg(EX_CLASS_ITEM,lh,fn,arg_type,arg) -#define lh_EX_CLASS_ITEM_error(lh) LHM_lh_error(EX_CLASS_ITEM,lh) -#define lh_EX_CLASS_ITEM_num_items(lh) LHM_lh_num_items(EX_CLASS_ITEM,lh) -#define lh_EX_CLASS_ITEM_free(lh) LHM_lh_free(EX_CLASS_ITEM,lh) - -#define lh_FUNCTION_new() LHM_lh_new(FUNCTION,function) -#define lh_FUNCTION_insert(lh,inst) LHM_lh_insert(FUNCTION,lh,inst) -#define lh_FUNCTION_retrieve(lh,inst) LHM_lh_retrieve(FUNCTION,lh,inst) -#define lh_FUNCTION_delete(lh,inst) LHM_lh_delete(FUNCTION,lh,inst) -#define lh_FUNCTION_doall(lh,fn) LHM_lh_doall(FUNCTION,lh,fn) -#define lh_FUNCTION_doall_arg(lh,fn,arg_type,arg) \ - LHM_lh_doall_arg(FUNCTION,lh,fn,arg_type,arg) -#define lh_FUNCTION_error(lh) LHM_lh_error(FUNCTION,lh) -#define lh_FUNCTION_num_items(lh) LHM_lh_num_items(FUNCTION,lh) -#define lh_FUNCTION_free(lh) LHM_lh_free(FUNCTION,lh) - -#define lh_OBJ_NAME_new() LHM_lh_new(OBJ_NAME,obj_name) -#define lh_OBJ_NAME_insert(lh,inst) LHM_lh_insert(OBJ_NAME,lh,inst) -#define lh_OBJ_NAME_retrieve(lh,inst) LHM_lh_retrieve(OBJ_NAME,lh,inst) -#define lh_OBJ_NAME_delete(lh,inst) LHM_lh_delete(OBJ_NAME,lh,inst) -#define lh_OBJ_NAME_doall(lh,fn) LHM_lh_doall(OBJ_NAME,lh,fn) -#define lh_OBJ_NAME_doall_arg(lh,fn,arg_type,arg) \ - LHM_lh_doall_arg(OBJ_NAME,lh,fn,arg_type,arg) -#define lh_OBJ_NAME_error(lh) LHM_lh_error(OBJ_NAME,lh) -#define lh_OBJ_NAME_num_items(lh) LHM_lh_num_items(OBJ_NAME,lh) -#define lh_OBJ_NAME_free(lh) LHM_lh_free(OBJ_NAME,lh) - -#define lh_OPENSSL_STRING_new() LHM_lh_new(OPENSSL_STRING,openssl_string) -#define lh_OPENSSL_STRING_insert(lh,inst) LHM_lh_insert(OPENSSL_STRING,lh,inst) -#define lh_OPENSSL_STRING_retrieve(lh,inst) LHM_lh_retrieve(OPENSSL_STRING,lh,inst) -#define lh_OPENSSL_STRING_delete(lh,inst) LHM_lh_delete(OPENSSL_STRING,lh,inst) -#define lh_OPENSSL_STRING_doall(lh,fn) LHM_lh_doall(OPENSSL_STRING,lh,fn) -#define lh_OPENSSL_STRING_doall_arg(lh,fn,arg_type,arg) \ - LHM_lh_doall_arg(OPENSSL_STRING,lh,fn,arg_type,arg) -#define lh_OPENSSL_STRING_error(lh) LHM_lh_error(OPENSSL_STRING,lh) -#define lh_OPENSSL_STRING_num_items(lh) LHM_lh_num_items(OPENSSL_STRING,lh) -#define lh_OPENSSL_STRING_free(lh) LHM_lh_free(OPENSSL_STRING,lh) - -#define lh_SSL_SESSION_new() LHM_lh_new(SSL_SESSION,ssl_session) -#define lh_SSL_SESSION_insert(lh,inst) LHM_lh_insert(SSL_SESSION,lh,inst) -#define lh_SSL_SESSION_retrieve(lh,inst) LHM_lh_retrieve(SSL_SESSION,lh,inst) -#define lh_SSL_SESSION_delete(lh,inst) LHM_lh_delete(SSL_SESSION,lh,inst) -#define lh_SSL_SESSION_doall(lh,fn) LHM_lh_doall(SSL_SESSION,lh,fn) -#define lh_SSL_SESSION_doall_arg(lh,fn,arg_type,arg) \ - LHM_lh_doall_arg(SSL_SESSION,lh,fn,arg_type,arg) -#define lh_SSL_SESSION_error(lh) LHM_lh_error(SSL_SESSION,lh) -#define lh_SSL_SESSION_num_items(lh) LHM_lh_num_items(SSL_SESSION,lh) -#define lh_SSL_SESSION_free(lh) LHM_lh_free(SSL_SESSION,lh) - -#endif /* !defined HEADER_SAFESTACK_H */ diff --git a/src/lib/libcrypto/stack/stack.c b/src/lib/libcrypto/stack/stack.c deleted file mode 100644 index 1424661879..0000000000 --- a/src/lib/libcrypto/stack/stack.c +++ /dev/null @@ -1,385 +0,0 @@ -/* $OpenBSD: stack.c,v 1.33 2025/01/03 08:04:16 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include -#include - -#include "stack_local.h" - -#undef MIN_NODES -#define MIN_NODES 4 - -int -(*sk_set_cmp_func(_STACK *sk, int (*c)(const void *, const void *)))( - const void *, const void *) -{ - int (*old)(const void *, const void *) = sk->comp; - - if (sk->comp != c) - sk->sorted = 0; - sk->comp = c; - - return old; -} -LCRYPTO_ALIAS(sk_set_cmp_func); - -_STACK * -sk_dup(_STACK *sk) -{ - _STACK *ret; - char **s; - - if ((ret = sk_new(sk->comp)) == NULL) - goto err; - s = reallocarray(ret->data, sk->num_alloc, sizeof(char *)); - if (s == NULL) - goto err; - ret->data = s; - - ret->num = sk->num; - memcpy(ret->data, sk->data, sizeof(char *) * sk->num); - ret->sorted = sk->sorted; - ret->num_alloc = sk->num_alloc; - ret->comp = sk->comp; - return (ret); - -err: - if (ret) - sk_free(ret); - return (NULL); -} -LCRYPTO_ALIAS(sk_dup); - -_STACK * -sk_new_null(void) -{ - return sk_new((int (*)(const void *, const void *))0); -} -LCRYPTO_ALIAS(sk_new_null); - -_STACK * -sk_new(int (*c)(const void *, const void *)) -{ - _STACK *ret; - int i; - - if ((ret = malloc(sizeof(_STACK))) == NULL) - goto err; - if ((ret->data = reallocarray(NULL, MIN_NODES, sizeof(char *))) == NULL) - goto err; - for (i = 0; i < MIN_NODES; i++) - ret->data[i] = NULL; - ret->comp = c; - ret->num_alloc = MIN_NODES; - ret->num = 0; - ret->sorted = 0; - return (ret); - -err: - free(ret); - return (NULL); -} -LCRYPTO_ALIAS(sk_new); - -int -sk_insert(_STACK *st, void *data, int loc) -{ - char **s; - - if (st == NULL) - return 0; - if (st->num_alloc <= st->num + 1) { - s = reallocarray(st->data, st->num_alloc, 2 * sizeof(char *)); - if (s == NULL) - return (0); - st->data = s; - st->num_alloc *= 2; - } - if ((loc >= (int)st->num) || (loc < 0)) - st->data[st->num] = data; - else { - memmove(&(st->data[loc + 1]), &(st->data[loc]), - sizeof(char *)*(st->num - loc)); - st->data[loc] = data; - } - st->num++; - st->sorted = 0; - return (st->num); -} -LCRYPTO_ALIAS(sk_insert); - -void * -sk_delete_ptr(_STACK *st, void *p) -{ - int i; - - for (i = 0; i < st->num; i++) - if (st->data[i] == p) - return (sk_delete(st, i)); - return (NULL); -} -LCRYPTO_ALIAS(sk_delete_ptr); - -void * -sk_delete(_STACK *st, int loc) -{ - char *ret; - - if (!st || (loc < 0) || (loc >= st->num)) - return NULL; - - ret = st->data[loc]; - if (loc != st->num - 1) { - memmove(&(st->data[loc]), &(st->data[loc + 1]), - sizeof(char *)*(st->num - 1 - loc)); - } - st->num--; - return (ret); -} -LCRYPTO_ALIAS(sk_delete); - -static const void * -obj_bsearch_ex(const void *key, const void *base_, int num, int size, - int (*cmp)(const void *, const void *)) -{ - const char *base = base_; - int l, h, i, c; - - l = 0; - h = num; - while (l < h) { - i = (l + h) / 2; - if ((c = cmp(key, &base[i * size])) == 0) { - /* Return first match. */ - while (i > 0 && cmp(key, &base[(i - 1) * size]) == 0) - i--; - return &base[i * size]; - } - if (c < 0) - h = i; - else - l = i + 1; - } - - return NULL; -} - -int -sk_find(_STACK *st, void *data) -{ - const void * const *r; - int i; - - if (st == NULL) - return -1; - - if (st->comp == NULL) { - for (i = 0; i < st->num; i++) - if (st->data[i] == data) - return (i); - return (-1); - } - sk_sort(st); - if (data == NULL) - return (-1); - r = obj_bsearch_ex(&data, st->data, st->num, sizeof(void *), st->comp); - if (r == NULL) - return (-1); - return (int)((char **)r - st->data); -} -LCRYPTO_ALIAS(sk_find); - -int -sk_push(_STACK *st, void *data) -{ - return (sk_insert(st, data, st->num)); -} -LCRYPTO_ALIAS(sk_push); - -int -sk_unshift(_STACK *st, void *data) -{ - return (sk_insert(st, data, 0)); -} -LCRYPTO_ALIAS(sk_unshift); - -void * -sk_shift(_STACK *st) -{ - if (st == NULL) - return (NULL); - if (st->num <= 0) - return (NULL); - return (sk_delete(st, 0)); -} -LCRYPTO_ALIAS(sk_shift); - -void * -sk_pop(_STACK *st) -{ - if (st == NULL) - return (NULL); - if (st->num <= 0) - return (NULL); - return (sk_delete(st, st->num - 1)); -} -LCRYPTO_ALIAS(sk_pop); - -void -sk_zero(_STACK *st) -{ - if (st == NULL) - return; - if (st->num <= 0) - return; - memset(st->data, 0, sizeof(st->data)*st->num); - st->num = 0; -} -LCRYPTO_ALIAS(sk_zero); - -void -sk_pop_free(_STACK *st, void (*func)(void *)) -{ - int i; - - if (st == NULL) - return; - for (i = 0; i < st->num; i++) - if (st->data[i] != NULL) - func(st->data[i]); - sk_free(st); -} -LCRYPTO_ALIAS(sk_pop_free); - -void -sk_free(_STACK *st) -{ - if (st == NULL) - return; - free(st->data); - free(st); -} -LCRYPTO_ALIAS(sk_free); - -int -sk_num(const _STACK *st) -{ - if (st == NULL) - return -1; - return st->num; -} -LCRYPTO_ALIAS(sk_num); - -void * -sk_value(const _STACK *st, int i) -{ - if (!st || (i < 0) || (i >= st->num)) - return NULL; - return st->data[i]; -} -LCRYPTO_ALIAS(sk_value); - -void * -sk_set(_STACK *st, int i, void *value) -{ - if (!st || (i < 0) || (i >= st->num)) - return NULL; - st->sorted = 0; - return (st->data[i] = value); -} -LCRYPTO_ALIAS(sk_set); - -void -sk_sort(_STACK *st) -{ - if (st && !st->sorted) { - int (*comp_func)(const void *, const void *); - - /* same comment as in sk_find ... previously st->comp was declared - * as a (void*,void*) callback type, but this made the population - * of the callback pointer illogical - our callbacks compare - * type** with type**, so we leave the casting until absolutely - * necessary (ie. "now"). */ - comp_func = (int (*)(const void *, const void *))(st->comp); - qsort(st->data, st->num, sizeof(char *), comp_func); - st->sorted = 1; - } -} -LCRYPTO_ALIAS(sk_sort); - -int -sk_is_sorted(const _STACK *st) -{ - if (st == NULL) - return 1; - - if (st->sorted) - return 1; - - /* If there is no comparison function we cannot sort. */ - if (st->comp == NULL) - return 0; - - /* Lists with zero or one elements are always sorted. */ - return st->num <= 1; -} -LCRYPTO_ALIAS(sk_is_sorted); diff --git a/src/lib/libcrypto/stack/stack.h b/src/lib/libcrypto/stack/stack.h deleted file mode 100644 index 783ccb482b..0000000000 --- a/src/lib/libcrypto/stack/stack.h +++ /dev/null @@ -1,99 +0,0 @@ -/* $OpenBSD: stack.h,v 1.11 2024/03/02 11:20:36 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_STACK_H -#define HEADER_STACK_H - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct stack_st _STACK; - -#define M_sk_num(sk) ((sk) ? (sk)->num:-1) -#define M_sk_value(sk,n) ((sk) ? (sk)->data[n] : NULL) - -int sk_num(const _STACK *); -void *sk_value(const _STACK *, int); - -void *sk_set(_STACK *, int, void *); - -_STACK *sk_new(int (*cmp)(const void *, const void *)); -_STACK *sk_new_null(void); -void sk_free(_STACK *); -void sk_pop_free(_STACK *st, void (*func)(void *)); -int sk_insert(_STACK *sk, void *data, int where); -void *sk_delete(_STACK *st, int loc); -void *sk_delete_ptr(_STACK *st, void *p); -int sk_find(_STACK *st, void *data); -int sk_push(_STACK *st, void *data); -int sk_unshift(_STACK *st, void *data); -void *sk_shift(_STACK *st); -void *sk_pop(_STACK *st); -void sk_zero(_STACK *st); -int (*sk_set_cmp_func(_STACK *sk, int (*c)(const void *, const void *)))( - const void *, const void *); -_STACK *sk_dup(_STACK *st); -void sk_sort(_STACK *st); -int sk_is_sorted(const _STACK *st); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/stack/stack_local.h b/src/lib/libcrypto/stack/stack_local.h deleted file mode 100644 index a330707192..0000000000 --- a/src/lib/libcrypto/stack/stack_local.h +++ /dev/null @@ -1,71 +0,0 @@ -/* $OpenBSD: stack_local.h,v 1.1 2024/03/02 11:11:11 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_STACK_LOCAL_H -#define HEADER_STACK_LOCAL_H - -struct stack_st { - int num; - char **data; - int sorted; - - int num_alloc; - int (*comp)(const void *, const void *); -} /* _STACK */; - -#endif diff --git a/src/lib/libcrypto/ts/ts.h b/src/lib/libcrypto/ts/ts.h deleted file mode 100644 index c2b2a9ed3d..0000000000 --- a/src/lib/libcrypto/ts/ts.h +++ /dev/null @@ -1,660 +0,0 @@ -/* $OpenBSD: ts.h,v 1.24 2024/03/26 00:39:22 beck Exp $ */ -/* Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL - * project 2002, 2003, 2004. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_TS_H -#define HEADER_TS_H - -#include - -#ifndef OPENSSL_NO_BUFFER -#include -#endif -#ifndef OPENSSL_NO_EVP -#include -#endif -#ifndef OPENSSL_NO_BIO -#include -#endif -#include -#include -#include - -#ifndef OPENSSL_NO_RSA -#include -#endif - -#ifndef OPENSSL_NO_DSA -#include -#endif - -#ifndef OPENSSL_NO_DH -#include -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -#include -#include - -typedef struct TS_msg_imprint_st TS_MSG_IMPRINT; -typedef struct TS_req_st TS_REQ; -typedef struct TS_accuracy_st TS_ACCURACY; -typedef struct TS_tst_info_st TS_TST_INFO; - -/* Possible values for status. */ -#define TS_STATUS_GRANTED 0 -#define TS_STATUS_GRANTED_WITH_MODS 1 -#define TS_STATUS_REJECTION 2 -#define TS_STATUS_WAITING 3 -#define TS_STATUS_REVOCATION_WARNING 4 -#define TS_STATUS_REVOCATION_NOTIFICATION 5 - -/* Possible values for failure_info. */ -#define TS_INFO_BAD_ALG 0 -#define TS_INFO_BAD_REQUEST 2 -#define TS_INFO_BAD_DATA_FORMAT 5 -#define TS_INFO_TIME_NOT_AVAILABLE 14 -#define TS_INFO_UNACCEPTED_POLICY 15 -#define TS_INFO_UNACCEPTED_EXTENSION 16 -#define TS_INFO_ADD_INFO_NOT_AVAILABLE 17 -#define TS_INFO_SYSTEM_FAILURE 25 - -typedef struct TS_status_info_st TS_STATUS_INFO; - -DECLARE_STACK_OF(ASN1_UTF8STRING) - -typedef struct ESS_issuer_serial ESS_ISSUER_SERIAL; -typedef struct ESS_cert_id ESS_CERT_ID; -DECLARE_STACK_OF(ESS_CERT_ID) -typedef struct ESS_signing_cert ESS_SIGNING_CERT; - -typedef struct ESS_cert_id_v2 ESS_CERT_ID_V2; -DECLARE_STACK_OF(ESS_CERT_ID_V2) - -typedef struct ESS_signing_cert_v2 ESS_SIGNING_CERT_V2; - -typedef struct TS_resp_st TS_RESP; - -TS_REQ *TS_REQ_new(void); -void TS_REQ_free(TS_REQ *a); -int i2d_TS_REQ(const TS_REQ *a, unsigned char **pp); -TS_REQ *d2i_TS_REQ(TS_REQ **a, const unsigned char **pp, long length); - -TS_REQ *TS_REQ_dup(TS_REQ *a); - -TS_REQ *d2i_TS_REQ_fp(FILE *fp, TS_REQ **a); -int i2d_TS_REQ_fp(FILE *fp, TS_REQ *a); -TS_REQ *d2i_TS_REQ_bio(BIO *fp, TS_REQ **a); -int i2d_TS_REQ_bio(BIO *fp, TS_REQ *a); - -TS_MSG_IMPRINT *TS_MSG_IMPRINT_new(void); -void TS_MSG_IMPRINT_free(TS_MSG_IMPRINT *a); -int i2d_TS_MSG_IMPRINT(const TS_MSG_IMPRINT *a, unsigned char **pp); -TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT(TS_MSG_IMPRINT **a, - const unsigned char **pp, long length); - -TS_MSG_IMPRINT *TS_MSG_IMPRINT_dup(TS_MSG_IMPRINT *a); - -TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a); -int i2d_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT *a); -TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT **a); -int i2d_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT *a); - -TS_RESP *TS_RESP_new(void); -void TS_RESP_free(TS_RESP *a); -int i2d_TS_RESP(const TS_RESP *a, unsigned char **pp); -TS_RESP *d2i_TS_RESP(TS_RESP **a, const unsigned char **pp, long length); -TS_TST_INFO *PKCS7_to_TS_TST_INFO(PKCS7 *token); -TS_RESP *TS_RESP_dup(TS_RESP *a); - -TS_RESP *d2i_TS_RESP_fp(FILE *fp, TS_RESP **a); -int i2d_TS_RESP_fp(FILE *fp, TS_RESP *a); -TS_RESP *d2i_TS_RESP_bio(BIO *fp, TS_RESP **a); -int i2d_TS_RESP_bio(BIO *fp, TS_RESP *a); - -TS_STATUS_INFO *TS_STATUS_INFO_new(void); -void TS_STATUS_INFO_free(TS_STATUS_INFO *a); -int i2d_TS_STATUS_INFO(const TS_STATUS_INFO *a, unsigned char **pp); -TS_STATUS_INFO *d2i_TS_STATUS_INFO(TS_STATUS_INFO **a, - const unsigned char **pp, long length); -TS_STATUS_INFO *TS_STATUS_INFO_dup(TS_STATUS_INFO *a); - -TS_TST_INFO *TS_TST_INFO_new(void); -void TS_TST_INFO_free(TS_TST_INFO *a); -int i2d_TS_TST_INFO(const TS_TST_INFO *a, unsigned char **pp); -TS_TST_INFO *d2i_TS_TST_INFO(TS_TST_INFO **a, const unsigned char **pp, - long length); -TS_TST_INFO *TS_TST_INFO_dup(TS_TST_INFO *a); - -TS_TST_INFO *d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a); -int i2d_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO *a); -TS_TST_INFO *d2i_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO **a); -int i2d_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO *a); - -TS_ACCURACY *TS_ACCURACY_new(void); -void TS_ACCURACY_free(TS_ACCURACY *a); -int i2d_TS_ACCURACY(const TS_ACCURACY *a, unsigned char **pp); -TS_ACCURACY *d2i_TS_ACCURACY(TS_ACCURACY **a, const unsigned char **pp, - long length); -TS_ACCURACY *TS_ACCURACY_dup(TS_ACCURACY *a); - -ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_new(void); -void ESS_ISSUER_SERIAL_free(ESS_ISSUER_SERIAL *a); -int i2d_ESS_ISSUER_SERIAL(const ESS_ISSUER_SERIAL *a, - unsigned char **pp); -ESS_ISSUER_SERIAL *d2i_ESS_ISSUER_SERIAL(ESS_ISSUER_SERIAL **a, - const unsigned char **pp, long length); -ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_dup(ESS_ISSUER_SERIAL *a); - -ESS_CERT_ID *ESS_CERT_ID_new(void); -void ESS_CERT_ID_free(ESS_CERT_ID *a); -int i2d_ESS_CERT_ID(const ESS_CERT_ID *a, unsigned char **pp); -ESS_CERT_ID *d2i_ESS_CERT_ID(ESS_CERT_ID **a, const unsigned char **pp, - long length); -ESS_CERT_ID *ESS_CERT_ID_dup(ESS_CERT_ID *a); - -ESS_SIGNING_CERT *ESS_SIGNING_CERT_new(void); -void ESS_SIGNING_CERT_free(ESS_SIGNING_CERT *a); -int i2d_ESS_SIGNING_CERT(const ESS_SIGNING_CERT *a, - unsigned char **pp); -ESS_SIGNING_CERT *d2i_ESS_SIGNING_CERT(ESS_SIGNING_CERT **a, - const unsigned char **pp, long length); -ESS_SIGNING_CERT *ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT *a); - -int TS_REQ_set_version(TS_REQ *a, long version); -long TS_REQ_get_version(const TS_REQ *a); - -int TS_REQ_set_msg_imprint(TS_REQ *a, TS_MSG_IMPRINT *msg_imprint); -TS_MSG_IMPRINT *TS_REQ_get_msg_imprint(TS_REQ *a); - -int TS_MSG_IMPRINT_set_algo(TS_MSG_IMPRINT *a, X509_ALGOR *alg); -X509_ALGOR *TS_MSG_IMPRINT_get_algo(TS_MSG_IMPRINT *a); - -int TS_MSG_IMPRINT_set_msg(TS_MSG_IMPRINT *a, unsigned char *d, int len); -ASN1_OCTET_STRING *TS_MSG_IMPRINT_get_msg(TS_MSG_IMPRINT *a); - -int TS_REQ_set_policy_id(TS_REQ *a, const ASN1_OBJECT *policy); -ASN1_OBJECT *TS_REQ_get_policy_id(TS_REQ *a); - -int TS_REQ_set_nonce(TS_REQ *a, const ASN1_INTEGER *nonce); -const ASN1_INTEGER *TS_REQ_get_nonce(const TS_REQ *a); - -int TS_REQ_set_cert_req(TS_REQ *a, int cert_req); -int TS_REQ_get_cert_req(const TS_REQ *a); - -STACK_OF(X509_EXTENSION) *TS_REQ_get_exts(TS_REQ *a); -void TS_REQ_ext_free(TS_REQ *a); -int TS_REQ_get_ext_count(TS_REQ *a); -int TS_REQ_get_ext_by_NID(TS_REQ *a, int nid, int lastpos); -int TS_REQ_get_ext_by_OBJ(TS_REQ *a, const ASN1_OBJECT *obj, int lastpos); -int TS_REQ_get_ext_by_critical(TS_REQ *a, int crit, int lastpos); -X509_EXTENSION *TS_REQ_get_ext(TS_REQ *a, int loc); -X509_EXTENSION *TS_REQ_delete_ext(TS_REQ *a, int loc); -int TS_REQ_add_ext(TS_REQ *a, X509_EXTENSION *ex, int loc); -void *TS_REQ_get_ext_d2i(TS_REQ *a, int nid, int *crit, int *idx); - -/* Function declarations for TS_REQ defined in ts/ts_req_print.c */ - -int TS_REQ_print_bio(BIO *bio, TS_REQ *a); - -/* Function declarations for TS_RESP defined in ts/ts_rsp_utils.c */ - -int TS_RESP_set_status_info(TS_RESP *a, TS_STATUS_INFO *info); -TS_STATUS_INFO *TS_RESP_get_status_info(TS_RESP *a); - -const ASN1_UTF8STRING *TS_STATUS_INFO_get0_failure_info(const TS_STATUS_INFO *si); -const STACK_OF(ASN1_UTF8STRING) * - TS_STATUS_INFO_get0_text(const TS_STATUS_INFO *si); -const ASN1_INTEGER *TS_STATUS_INFO_get0_status(const TS_STATUS_INFO *si); -int TS_STATUS_INFO_set_status(TS_STATUS_INFO *si, int i); - -/* Caller loses ownership of PKCS7 and TS_TST_INFO objects. */ -void TS_RESP_set_tst_info(TS_RESP *a, PKCS7 *p7, TS_TST_INFO *tst_info); -PKCS7 *TS_RESP_get_token(TS_RESP *a); -TS_TST_INFO *TS_RESP_get_tst_info(TS_RESP *a); - -int TS_TST_INFO_set_version(TS_TST_INFO *a, long version); -long TS_TST_INFO_get_version(const TS_TST_INFO *a); - -int TS_TST_INFO_set_policy_id(TS_TST_INFO *a, ASN1_OBJECT *policy_id); -ASN1_OBJECT *TS_TST_INFO_get_policy_id(TS_TST_INFO *a); - -int TS_TST_INFO_set_msg_imprint(TS_TST_INFO *a, TS_MSG_IMPRINT *msg_imprint); -TS_MSG_IMPRINT *TS_TST_INFO_get_msg_imprint(TS_TST_INFO *a); - -int TS_TST_INFO_set_serial(TS_TST_INFO *a, const ASN1_INTEGER *serial); -const ASN1_INTEGER *TS_TST_INFO_get_serial(const TS_TST_INFO *a); - -int TS_TST_INFO_set_time(TS_TST_INFO *a, const ASN1_GENERALIZEDTIME *gtime); -const ASN1_GENERALIZEDTIME *TS_TST_INFO_get_time(const TS_TST_INFO *a); - -int TS_TST_INFO_set_accuracy(TS_TST_INFO *a, TS_ACCURACY *accuracy); -TS_ACCURACY *TS_TST_INFO_get_accuracy(TS_TST_INFO *a); - -int TS_ACCURACY_set_seconds(TS_ACCURACY *a, const ASN1_INTEGER *seconds); -const ASN1_INTEGER *TS_ACCURACY_get_seconds(const TS_ACCURACY *a); - -int TS_ACCURACY_set_millis(TS_ACCURACY *a, const ASN1_INTEGER *millis); -const ASN1_INTEGER *TS_ACCURACY_get_millis(const TS_ACCURACY *a); - -int TS_ACCURACY_set_micros(TS_ACCURACY *a, const ASN1_INTEGER *micros); -const ASN1_INTEGER *TS_ACCURACY_get_micros(const TS_ACCURACY *a); - -int TS_TST_INFO_set_ordering(TS_TST_INFO *a, int ordering); -int TS_TST_INFO_get_ordering(const TS_TST_INFO *a); - -int TS_TST_INFO_set_nonce(TS_TST_INFO *a, const ASN1_INTEGER *nonce); -const ASN1_INTEGER *TS_TST_INFO_get_nonce(const TS_TST_INFO *a); - -int TS_TST_INFO_set_tsa(TS_TST_INFO *a, GENERAL_NAME *tsa); -GENERAL_NAME *TS_TST_INFO_get_tsa(TS_TST_INFO *a); - -STACK_OF(X509_EXTENSION) *TS_TST_INFO_get_exts(TS_TST_INFO *a); -void TS_TST_INFO_ext_free(TS_TST_INFO *a); -int TS_TST_INFO_get_ext_count(TS_TST_INFO *a); -int TS_TST_INFO_get_ext_by_NID(TS_TST_INFO *a, int nid, int lastpos); -int TS_TST_INFO_get_ext_by_OBJ(TS_TST_INFO *a, const ASN1_OBJECT *obj, - int lastpos); -int TS_TST_INFO_get_ext_by_critical(TS_TST_INFO *a, int crit, int lastpos); -X509_EXTENSION *TS_TST_INFO_get_ext(TS_TST_INFO *a, int loc); -X509_EXTENSION *TS_TST_INFO_delete_ext(TS_TST_INFO *a, int loc); -int TS_TST_INFO_add_ext(TS_TST_INFO *a, X509_EXTENSION *ex, int loc); -void *TS_TST_INFO_get_ext_d2i(TS_TST_INFO *a, int nid, int *crit, int *idx); - -/* Declarations related to response generation, defined in ts/ts_rsp_sign.c. */ - -/* Optional flags for response generation. */ - -/* Don't include the TSA name in response. */ -#define TS_TSA_NAME 0x01 - -/* Set ordering to true in response. */ -#define TS_ORDERING 0x02 - -/* - * Include the signer certificate and the other specified certificates in - * the ESS signing certificate attribute beside the PKCS7 signed data. - * Only the signer certificates is included by default. - */ -#define TS_ESS_CERT_ID_CHAIN 0x04 - -/* Forward declaration. */ -struct TS_resp_ctx; - -/* This must return a unique number less than 160 bits long. */ -typedef ASN1_INTEGER *(*TS_serial_cb)(struct TS_resp_ctx *, void *); - -/* This must return the seconds and microseconds since Jan 1, 1970 in - the sec and usec variables allocated by the caller. - Return non-zero for success and zero for failure. */ -typedef int (*TS_time_cb)(struct TS_resp_ctx *, void *, time_t *sec, long *usec); - -/* This must process the given extension. - * It can modify the TS_TST_INFO object of the context. - * Return values: !0 (processed), 0 (error, it must set the - * status info/failure info of the response). - */ -typedef int (*TS_extension_cb)(struct TS_resp_ctx *, X509_EXTENSION *, void *); - -typedef struct TS_resp_ctx TS_RESP_CTX; - -DECLARE_STACK_OF(EVP_MD) - -/* Creates a response context that can be used for generating responses. */ -TS_RESP_CTX *TS_RESP_CTX_new(void); -void TS_RESP_CTX_free(TS_RESP_CTX *ctx); - -/* This parameter must be set. */ -int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer); - -/* This parameter must be set. */ -int TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key); - -/* This parameter must be set. */ -int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, const ASN1_OBJECT *def_policy); - -/* No additional certs are included in the response by default. */ -int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs); - -/* Adds a new acceptable policy, only the default policy - is accepted by default. */ -int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, const ASN1_OBJECT *policy); - -/* Adds a new acceptable message digest. Note that no message digests - are accepted by default. The md argument is shared with the caller. */ -int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md); - -/* Accuracy is not included by default. */ -int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx, - int secs, int millis, int micros); - -/* Clock precision digits, i.e. the number of decimal digits: - '0' means sec, '3' msec, '6' usec, and so on. Default is 0. */ -int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx, - unsigned clock_precision_digits); -/* At most we accept sec precision. */ -#define TS_MAX_CLOCK_PRECISION_DIGITS 0 - -/* No flags are set by default. */ -void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags); - -/* Default callback always returns a constant. */ -void TS_RESP_CTX_set_serial_cb(TS_RESP_CTX *ctx, TS_serial_cb cb, void *data); - -/* Default callback uses gettimeofday() and gmtime(). */ -void TS_RESP_CTX_set_time_cb(TS_RESP_CTX *ctx, TS_time_cb cb, void *data); - -/* Default callback rejects all extensions. The extension callback is called - * when the TS_TST_INFO object is already set up and not signed yet. */ -/* FIXME: extension handling is not tested yet. */ -void TS_RESP_CTX_set_extension_cb(TS_RESP_CTX *ctx, - TS_extension_cb cb, void *data); - -/* The following methods can be used in the callbacks. */ -int TS_RESP_CTX_set_status_info(TS_RESP_CTX *ctx, - int status, const char *text); - -/* Sets the status info only if it is still TS_STATUS_GRANTED. */ -int TS_RESP_CTX_set_status_info_cond(TS_RESP_CTX *ctx, - int status, const char *text); - -int TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure); - -/* The get methods below can be used in the extension callback. */ -TS_REQ *TS_RESP_CTX_get_request(TS_RESP_CTX *ctx); - -TS_TST_INFO *TS_RESP_CTX_get_tst_info(TS_RESP_CTX *ctx); - -/* - * Creates the signed TS_TST_INFO and puts it in TS_RESP. - * In case of errors it sets the status info properly. - * Returns NULL only in case of memory allocation/fatal error. - */ -TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio); - -/* - * Declarations related to response verification, - * they are defined in ts/ts_rsp_verify.c. - */ - -int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs, - X509_STORE *store, X509 **signer_out); - -/* Context structure for the generic verify method. */ - -/* Verify the signer's certificate and the signature of the response. */ -#define TS_VFY_SIGNATURE (1u << 0) -/* Verify the version number of the response. */ -#define TS_VFY_VERSION (1u << 1) -/* Verify if the policy supplied by the user matches the policy of the TSA. */ -#define TS_VFY_POLICY (1u << 2) -/* Verify the message imprint provided by the user. This flag should not be - specified with TS_VFY_DATA. */ -#define TS_VFY_IMPRINT (1u << 3) -/* Verify the message imprint computed by the verify method from the user - provided data and the MD algorithm of the response. This flag should not be - specified with TS_VFY_IMPRINT. */ -#define TS_VFY_DATA (1u << 4) -/* Verify the nonce value. */ -#define TS_VFY_NONCE (1u << 5) -/* Verify if the TSA name field matches the signer certificate. */ -#define TS_VFY_SIGNER (1u << 6) -/* Verify if the TSA name field equals to the user provided name. */ -#define TS_VFY_TSA_NAME (1u << 7) - -/* You can use the following convenience constants. */ -#define TS_VFY_ALL_IMPRINT (TS_VFY_SIGNATURE \ - | TS_VFY_VERSION \ - | TS_VFY_POLICY \ - | TS_VFY_IMPRINT \ - | TS_VFY_NONCE \ - | TS_VFY_SIGNER \ - | TS_VFY_TSA_NAME) -#define TS_VFY_ALL_DATA (TS_VFY_SIGNATURE \ - | TS_VFY_VERSION \ - | TS_VFY_POLICY \ - | TS_VFY_DATA \ - | TS_VFY_NONCE \ - | TS_VFY_SIGNER \ - | TS_VFY_TSA_NAME) - -typedef struct TS_verify_ctx TS_VERIFY_CTX; - -int TS_RESP_verify_response(TS_VERIFY_CTX *ctx, TS_RESP *response); -int TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token); - -/* - * Declarations related to response verification context, - * they are defined in ts/ts_verify_ctx.c. - */ - -/* Set all fields to zero. */ -TS_VERIFY_CTX *TS_VERIFY_CTX_new(void); -void TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx); -void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx); - -int TS_VERIFY_CTX_add_flags(TS_VERIFY_CTX *ctx, int flags); -int TS_VERIFY_CTX_set_flags(TS_VERIFY_CTX *ctx, int flags); -BIO *TS_VERIFY_CTX_set_data(TS_VERIFY_CTX *ctx, BIO *bio); -X509_STORE *TS_VERIFY_CTX_set_store(TS_VERIFY_CTX *ctx, X509_STORE *store); -/* R$ special */ -#define TS_VERIFY_CTS_set_certs TS_VERIFY_CTX_set_certs -STACK_OF(X509) *TS_VERIFY_CTX_set_certs(TS_VERIFY_CTX *ctx, - STACK_OF(X509) *certs); -unsigned char *TS_VERIFY_CTX_set_imprint(TS_VERIFY_CTX *ctx, - unsigned char *imprint, long imprint_len); - -/* - * If ctx is NULL, it allocates and returns a new object, otherwise - * it returns ctx. It initialises all the members as follows: - * flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE) - * certs = NULL - * store = NULL - * policy = policy from the request or NULL if absent (in this case - * TS_VFY_POLICY is cleared from flags as well) - * md_alg = MD algorithm from request - * imprint, imprint_len = imprint from request - * data = NULL - * nonce, nonce_len = nonce from the request or NULL if absent (in this case - * TS_VFY_NONCE is cleared from flags as well) - * tsa_name = NULL - * Important: after calling this method TS_VFY_SIGNATURE should be added! - */ -TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx); - -/* Function declarations for TS_RESP defined in ts/ts_rsp_print.c */ - -int TS_RESP_print_bio(BIO *bio, TS_RESP *a); -int TS_STATUS_INFO_print_bio(BIO *bio, TS_STATUS_INFO *a); -int TS_TST_INFO_print_bio(BIO *bio, TS_TST_INFO *a); - -/* Common utility functions defined in ts/ts_lib.c */ - -int TS_ASN1_INTEGER_print_bio(BIO *bio, const ASN1_INTEGER *num); -int TS_OBJ_print_bio(BIO *bio, const ASN1_OBJECT *obj); -int TS_ext_print_bio(BIO *bio, const STACK_OF(X509_EXTENSION) *extensions); -int TS_X509_ALGOR_print_bio(BIO *bio, const X509_ALGOR *alg); -int TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *msg); - -/* Function declarations for handling configuration options, - defined in ts/ts_conf.c */ - -X509 *TS_CONF_load_cert(const char *file); -STACK_OF(X509) *TS_CONF_load_certs(const char *file); -EVP_PKEY *TS_CONF_load_key(const char *file, const char *pass); -const char *TS_CONF_get_tsa_section(CONF *conf, const char *section); -int TS_CONF_set_serial(CONF *conf, const char *section, TS_serial_cb cb, - TS_RESP_CTX *ctx); -int TS_CONF_set_signer_cert(CONF *conf, const char *section, - const char *cert, TS_RESP_CTX *ctx); -int TS_CONF_set_certs(CONF *conf, const char *section, const char *certs, - TS_RESP_CTX *ctx); -int TS_CONF_set_signer_key(CONF *conf, const char *section, - const char *key, const char *pass, TS_RESP_CTX *ctx); -int TS_CONF_set_def_policy(CONF *conf, const char *section, - const char *policy, TS_RESP_CTX *ctx); -int TS_CONF_set_policies(CONF *conf, const char *section, TS_RESP_CTX *ctx); -int TS_CONF_set_digests(CONF *conf, const char *section, TS_RESP_CTX *ctx); -int TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx); -int TS_CONF_set_clock_precision_digits(CONF *conf, const char *section, - TS_RESP_CTX *ctx); -int TS_CONF_set_ordering(CONF *conf, const char *section, TS_RESP_CTX *ctx); -int TS_CONF_set_tsa_name(CONF *conf, const char *section, TS_RESP_CTX *ctx); -int TS_CONF_set_ess_cert_id_chain(CONF *conf, const char *section, - TS_RESP_CTX *ctx); - -void ERR_load_TS_strings(void); - -/* Error codes for the TS functions. */ - -/* Function codes. */ -#define TS_F_D2I_TS_RESP 147 -#define TS_F_DEF_SERIAL_CB 110 -#define TS_F_DEF_TIME_CB 111 -#define TS_F_ESS_ADD_SIGNING_CERT 112 -#define TS_F_ESS_CERT_ID_NEW_INIT 113 -#define TS_F_ESS_SIGNING_CERT_NEW_INIT 114 -#define TS_F_INT_TS_RESP_VERIFY_TOKEN 149 -#define TS_F_PKCS7_TO_TS_TST_INFO 148 -#define TS_F_TS_ACCURACY_SET_MICROS 115 -#define TS_F_TS_ACCURACY_SET_MILLIS 116 -#define TS_F_TS_ACCURACY_SET_SECONDS 117 -#define TS_F_TS_CHECK_IMPRINTS 100 -#define TS_F_TS_CHECK_NONCES 101 -#define TS_F_TS_CHECK_POLICY 102 -#define TS_F_TS_CHECK_SIGNING_CERTS 103 -#define TS_F_TS_CHECK_STATUS_INFO 104 -#define TS_F_TS_COMPUTE_IMPRINT 145 -#define TS_F_TS_CONF_SET_DEFAULT_ENGINE 146 -#define TS_F_TS_GET_STATUS_TEXT 105 -#define TS_F_TS_MSG_IMPRINT_SET_ALGO 118 -#define TS_F_TS_REQ_SET_MSG_IMPRINT 119 -#define TS_F_TS_REQ_SET_NONCE 120 -#define TS_F_TS_REQ_SET_POLICY_ID 121 -#define TS_F_TS_RESP_CREATE_RESPONSE 122 -#define TS_F_TS_RESP_CREATE_TST_INFO 123 -#define TS_F_TS_RESP_CTX_ADD_FAILURE_INFO 124 -#define TS_F_TS_RESP_CTX_ADD_MD 125 -#define TS_F_TS_RESP_CTX_ADD_POLICY 126 -#define TS_F_TS_RESP_CTX_NEW 127 -#define TS_F_TS_RESP_CTX_SET_ACCURACY 128 -#define TS_F_TS_RESP_CTX_SET_CERTS 129 -#define TS_F_TS_RESP_CTX_SET_DEF_POLICY 130 -#define TS_F_TS_RESP_CTX_SET_SIGNER_CERT 131 -#define TS_F_TS_RESP_CTX_SET_STATUS_INFO 132 -#define TS_F_TS_RESP_GET_POLICY 133 -#define TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION 134 -#define TS_F_TS_RESP_SET_STATUS_INFO 135 -#define TS_F_TS_RESP_SET_TST_INFO 150 -#define TS_F_TS_RESP_SIGN 136 -#define TS_F_TS_RESP_VERIFY_SIGNATURE 106 -#define TS_F_TS_RESP_VERIFY_TOKEN 107 -#define TS_F_TS_TST_INFO_SET_ACCURACY 137 -#define TS_F_TS_TST_INFO_SET_MSG_IMPRINT 138 -#define TS_F_TS_TST_INFO_SET_NONCE 139 -#define TS_F_TS_TST_INFO_SET_POLICY_ID 140 -#define TS_F_TS_TST_INFO_SET_SERIAL 141 -#define TS_F_TS_TST_INFO_SET_TIME 142 -#define TS_F_TS_TST_INFO_SET_TSA 143 -#define TS_F_TS_VERIFY 108 -#define TS_F_TS_VERIFY_CERT 109 -#define TS_F_TS_VERIFY_CTX_NEW 144 - -/* Reason codes. */ -#define TS_R_BAD_PKCS7_TYPE 132 -#define TS_R_BAD_TYPE 133 -#define TS_R_CERTIFICATE_VERIFY_ERROR 100 -#define TS_R_COULD_NOT_SET_ENGINE 127 -#define TS_R_COULD_NOT_SET_TIME 115 -#define TS_R_D2I_TS_RESP_INT_FAILED 128 -#define TS_R_DETACHED_CONTENT 134 -#define TS_R_ESS_ADD_SIGNING_CERT_ERROR 116 -#define TS_R_ESS_SIGNING_CERTIFICATE_ERROR 101 -#define TS_R_INVALID_NULL_POINTER 102 -#define TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE 117 -#define TS_R_MESSAGE_IMPRINT_MISMATCH 103 -#define TS_R_NONCE_MISMATCH 104 -#define TS_R_NONCE_NOT_RETURNED 105 -#define TS_R_NO_CONTENT 106 -#define TS_R_NO_TIME_STAMP_TOKEN 107 -#define TS_R_PKCS7_ADD_SIGNATURE_ERROR 118 -#define TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR 119 -#define TS_R_PKCS7_TO_TS_TST_INFO_FAILED 129 -#define TS_R_POLICY_MISMATCH 108 -#define TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 120 -#define TS_R_RESPONSE_SETUP_ERROR 121 -#define TS_R_SIGNATURE_FAILURE 109 -#define TS_R_THERE_MUST_BE_ONE_SIGNER 110 -#define TS_R_TIME_SYSCALL_ERROR 122 -#define TS_R_TOKEN_NOT_PRESENT 130 -#define TS_R_TOKEN_PRESENT 131 -#define TS_R_TSA_NAME_MISMATCH 111 -#define TS_R_TSA_UNTRUSTED 112 -#define TS_R_TST_INFO_SETUP_ERROR 123 -#define TS_R_TS_DATASIGN 124 -#define TS_R_UNACCEPTABLE_POLICY 125 -#define TS_R_UNSUPPORTED_MD_ALGORITHM 126 -#define TS_R_UNSUPPORTED_VERSION 113 -#define TS_R_WRONG_CONTENT_TYPE 114 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/ts/ts_asn1.c b/src/lib/libcrypto/ts/ts_asn1.c deleted file mode 100644 index feb2da68f9..0000000000 --- a/src/lib/libcrypto/ts/ts_asn1.c +++ /dev/null @@ -1,1077 +0,0 @@ -/* $OpenBSD: ts_asn1.c,v 1.15 2024/04/15 15:52:46 tb Exp $ */ -/* Written by Nils Larsch for the OpenSSL project 2004. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include - -#include "ts_local.h" - -static const ASN1_TEMPLATE TS_MSG_IMPRINT_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(TS_MSG_IMPRINT, hash_algo), - .field_name = "hash_algo", - .item = &X509_ALGOR_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(TS_MSG_IMPRINT, hashed_msg), - .field_name = "hashed_msg", - .item = &ASN1_OCTET_STRING_it, - }, -}; - -static const ASN1_ITEM TS_MSG_IMPRINT_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = TS_MSG_IMPRINT_seq_tt, - .tcount = sizeof(TS_MSG_IMPRINT_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(TS_MSG_IMPRINT), - .sname = "TS_MSG_IMPRINT", -}; - - -TS_MSG_IMPRINT * -d2i_TS_MSG_IMPRINT(TS_MSG_IMPRINT **a, const unsigned char **in, long len) -{ - return (TS_MSG_IMPRINT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &TS_MSG_IMPRINT_it); -} -LCRYPTO_ALIAS(d2i_TS_MSG_IMPRINT); - -int -i2d_TS_MSG_IMPRINT(const TS_MSG_IMPRINT *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_MSG_IMPRINT_it); -} -LCRYPTO_ALIAS(i2d_TS_MSG_IMPRINT); - -TS_MSG_IMPRINT * -TS_MSG_IMPRINT_new(void) -{ - return (TS_MSG_IMPRINT *)ASN1_item_new(&TS_MSG_IMPRINT_it); -} -LCRYPTO_ALIAS(TS_MSG_IMPRINT_new); - -void -TS_MSG_IMPRINT_free(TS_MSG_IMPRINT *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &TS_MSG_IMPRINT_it); -} -LCRYPTO_ALIAS(TS_MSG_IMPRINT_free); - -TS_MSG_IMPRINT * -TS_MSG_IMPRINT_dup(TS_MSG_IMPRINT *x) -{ - return ASN1_item_dup(&TS_MSG_IMPRINT_it, x); -} -LCRYPTO_ALIAS(TS_MSG_IMPRINT_dup); - -#ifndef OPENSSL_NO_BIO -TS_MSG_IMPRINT * -d2i_TS_MSG_IMPRINT_bio(BIO *bp, TS_MSG_IMPRINT **a) -{ - return ASN1_item_d2i_bio(&TS_MSG_IMPRINT_it, bp, a); -} -LCRYPTO_ALIAS(d2i_TS_MSG_IMPRINT_bio); - -int -i2d_TS_MSG_IMPRINT_bio(BIO *bp, TS_MSG_IMPRINT *a) -{ - return ASN1_item_i2d_bio(&TS_MSG_IMPRINT_it, bp, a); -} -LCRYPTO_ALIAS(i2d_TS_MSG_IMPRINT_bio); -#endif - -TS_MSG_IMPRINT * -d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a) -{ - return ASN1_item_d2i_fp(&TS_MSG_IMPRINT_it, fp, a); -} -LCRYPTO_ALIAS(d2i_TS_MSG_IMPRINT_fp); - -int -i2d_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT *a) -{ - return ASN1_item_i2d_fp(&TS_MSG_IMPRINT_it, fp, a); -} -LCRYPTO_ALIAS(i2d_TS_MSG_IMPRINT_fp); - -static const ASN1_TEMPLATE TS_REQ_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(TS_REQ, version), - .field_name = "version", - .item = &ASN1_INTEGER_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(TS_REQ, msg_imprint), - .field_name = "msg_imprint", - .item = &TS_MSG_IMPRINT_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(TS_REQ, policy_id), - .field_name = "policy_id", - .item = &ASN1_OBJECT_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(TS_REQ, nonce), - .field_name = "nonce", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(TS_REQ, cert_req), - .field_name = "cert_req", - .item = &ASN1_FBOOLEAN_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(TS_REQ, extensions), - .field_name = "extensions", - .item = &X509_EXTENSION_it, - }, -}; - -static const ASN1_ITEM TS_REQ_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = TS_REQ_seq_tt, - .tcount = sizeof(TS_REQ_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(TS_REQ), - .sname = "TS_REQ", -}; - - -TS_REQ * -d2i_TS_REQ(TS_REQ **a, const unsigned char **in, long len) -{ - return (TS_REQ *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &TS_REQ_it); -} -LCRYPTO_ALIAS(d2i_TS_REQ); - -int -i2d_TS_REQ(const TS_REQ *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_REQ_it); -} -LCRYPTO_ALIAS(i2d_TS_REQ); - -TS_REQ * -TS_REQ_new(void) -{ - return (TS_REQ *)ASN1_item_new(&TS_REQ_it); -} -LCRYPTO_ALIAS(TS_REQ_new); - -void -TS_REQ_free(TS_REQ *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &TS_REQ_it); -} -LCRYPTO_ALIAS(TS_REQ_free); - -TS_REQ * -TS_REQ_dup(TS_REQ *x) -{ - return ASN1_item_dup(&TS_REQ_it, x); -} -LCRYPTO_ALIAS(TS_REQ_dup); - -#ifndef OPENSSL_NO_BIO -TS_REQ * -d2i_TS_REQ_bio(BIO *bp, TS_REQ **a) -{ - return ASN1_item_d2i_bio(&TS_REQ_it, bp, a); -} -LCRYPTO_ALIAS(d2i_TS_REQ_bio); - -int -i2d_TS_REQ_bio(BIO *bp, TS_REQ *a) -{ - return ASN1_item_i2d_bio(&TS_REQ_it, bp, a); -} -LCRYPTO_ALIAS(i2d_TS_REQ_bio); -#endif - -TS_REQ * -d2i_TS_REQ_fp(FILE *fp, TS_REQ **a) -{ - return ASN1_item_d2i_fp(&TS_REQ_it, fp, a); -} -LCRYPTO_ALIAS(d2i_TS_REQ_fp); - -int -i2d_TS_REQ_fp(FILE *fp, TS_REQ *a) -{ - return ASN1_item_i2d_fp(&TS_REQ_it, fp, a); -} -LCRYPTO_ALIAS(i2d_TS_REQ_fp); - -static const ASN1_TEMPLATE TS_ACCURACY_seq_tt[] = { - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(TS_ACCURACY, seconds), - .field_name = "seconds", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(TS_ACCURACY, millis), - .field_name = "millis", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(TS_ACCURACY, micros), - .field_name = "micros", - .item = &ASN1_INTEGER_it, - }, -}; - -static const ASN1_ITEM TS_ACCURACY_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = TS_ACCURACY_seq_tt, - .tcount = sizeof(TS_ACCURACY_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(TS_ACCURACY), - .sname = "TS_ACCURACY", -}; - - -TS_ACCURACY * -d2i_TS_ACCURACY(TS_ACCURACY **a, const unsigned char **in, long len) -{ - return (TS_ACCURACY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &TS_ACCURACY_it); -} -LCRYPTO_ALIAS(d2i_TS_ACCURACY); - -int -i2d_TS_ACCURACY(const TS_ACCURACY *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_ACCURACY_it); -} -LCRYPTO_ALIAS(i2d_TS_ACCURACY); - -TS_ACCURACY * -TS_ACCURACY_new(void) -{ - return (TS_ACCURACY *)ASN1_item_new(&TS_ACCURACY_it); -} -LCRYPTO_ALIAS(TS_ACCURACY_new); - -void -TS_ACCURACY_free(TS_ACCURACY *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &TS_ACCURACY_it); -} -LCRYPTO_ALIAS(TS_ACCURACY_free); - -TS_ACCURACY * -TS_ACCURACY_dup(TS_ACCURACY *x) -{ - return ASN1_item_dup(&TS_ACCURACY_it, x); -} -LCRYPTO_ALIAS(TS_ACCURACY_dup); - -static const ASN1_TEMPLATE TS_TST_INFO_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(TS_TST_INFO, version), - .field_name = "version", - .item = &ASN1_INTEGER_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(TS_TST_INFO, policy_id), - .field_name = "policy_id", - .item = &ASN1_OBJECT_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(TS_TST_INFO, msg_imprint), - .field_name = "msg_imprint", - .item = &TS_MSG_IMPRINT_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(TS_TST_INFO, serial), - .field_name = "serial", - .item = &ASN1_INTEGER_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(TS_TST_INFO, time), - .field_name = "time", - .item = &ASN1_GENERALIZEDTIME_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(TS_TST_INFO, accuracy), - .field_name = "accuracy", - .item = &TS_ACCURACY_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(TS_TST_INFO, ordering), - .field_name = "ordering", - .item = &ASN1_FBOOLEAN_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(TS_TST_INFO, nonce), - .field_name = "nonce", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(TS_TST_INFO, tsa), - .field_name = "tsa", - .item = &GENERAL_NAME_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(TS_TST_INFO, extensions), - .field_name = "extensions", - .item = &X509_EXTENSION_it, - }, -}; - -static const ASN1_ITEM TS_TST_INFO_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = TS_TST_INFO_seq_tt, - .tcount = sizeof(TS_TST_INFO_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(TS_TST_INFO), - .sname = "TS_TST_INFO", -}; - - -TS_TST_INFO * -d2i_TS_TST_INFO(TS_TST_INFO **a, const unsigned char **in, long len) -{ - return (TS_TST_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &TS_TST_INFO_it); -} -LCRYPTO_ALIAS(d2i_TS_TST_INFO); - -int -i2d_TS_TST_INFO(const TS_TST_INFO *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_TST_INFO_it); -} -LCRYPTO_ALIAS(i2d_TS_TST_INFO); - -TS_TST_INFO * -TS_TST_INFO_new(void) -{ - return (TS_TST_INFO *)ASN1_item_new(&TS_TST_INFO_it); -} -LCRYPTO_ALIAS(TS_TST_INFO_new); - -void -TS_TST_INFO_free(TS_TST_INFO *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &TS_TST_INFO_it); -} -LCRYPTO_ALIAS(TS_TST_INFO_free); - -TS_TST_INFO * -TS_TST_INFO_dup(TS_TST_INFO *x) -{ - return ASN1_item_dup(&TS_TST_INFO_it, x); -} -LCRYPTO_ALIAS(TS_TST_INFO_dup); - -#ifndef OPENSSL_NO_BIO -TS_TST_INFO * -d2i_TS_TST_INFO_bio(BIO *bp, TS_TST_INFO **a) -{ - return ASN1_item_d2i_bio(&TS_TST_INFO_it, bp, a); -} -LCRYPTO_ALIAS(d2i_TS_TST_INFO_bio); - -int -i2d_TS_TST_INFO_bio(BIO *bp, TS_TST_INFO *a) -{ - return ASN1_item_i2d_bio(&TS_TST_INFO_it, bp, a); -} -LCRYPTO_ALIAS(i2d_TS_TST_INFO_bio); -#endif - -TS_TST_INFO * -d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a) -{ - return ASN1_item_d2i_fp(&TS_TST_INFO_it, fp, a); -} -LCRYPTO_ALIAS(d2i_TS_TST_INFO_fp); - -int -i2d_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO *a) -{ - return ASN1_item_i2d_fp(&TS_TST_INFO_it, fp, a); -} -LCRYPTO_ALIAS(i2d_TS_TST_INFO_fp); - -static const ASN1_TEMPLATE TS_STATUS_INFO_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(TS_STATUS_INFO, status), - .field_name = "status", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(TS_STATUS_INFO, text), - .field_name = "text", - .item = &ASN1_UTF8STRING_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(TS_STATUS_INFO, failure_info), - .field_name = "failure_info", - .item = &ASN1_BIT_STRING_it, - }, -}; - -static const ASN1_ITEM TS_STATUS_INFO_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = TS_STATUS_INFO_seq_tt, - .tcount = sizeof(TS_STATUS_INFO_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(TS_STATUS_INFO), - .sname = "TS_STATUS_INFO", -}; - - -TS_STATUS_INFO * -d2i_TS_STATUS_INFO(TS_STATUS_INFO **a, const unsigned char **in, long len) -{ - return (TS_STATUS_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &TS_STATUS_INFO_it); -} -LCRYPTO_ALIAS(d2i_TS_STATUS_INFO); - -int -i2d_TS_STATUS_INFO(const TS_STATUS_INFO *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_STATUS_INFO_it); -} -LCRYPTO_ALIAS(i2d_TS_STATUS_INFO); - -TS_STATUS_INFO * -TS_STATUS_INFO_new(void) -{ - return (TS_STATUS_INFO *)ASN1_item_new(&TS_STATUS_INFO_it); -} -LCRYPTO_ALIAS(TS_STATUS_INFO_new); - -void -TS_STATUS_INFO_free(TS_STATUS_INFO *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &TS_STATUS_INFO_it); -} -LCRYPTO_ALIAS(TS_STATUS_INFO_free); - -TS_STATUS_INFO * -TS_STATUS_INFO_dup(TS_STATUS_INFO *x) -{ - return ASN1_item_dup(&TS_STATUS_INFO_it, x); -} -LCRYPTO_ALIAS(TS_STATUS_INFO_dup); - -static int -ts_resp_set_tst_info(TS_RESP *a) -{ - long status; - - status = ASN1_INTEGER_get(a->status_info->status); - - if (a->token) { - if (status != 0 && status != 1) { - TSerror(TS_R_TOKEN_PRESENT); - return 0; - } - if (a->tst_info != NULL) - TS_TST_INFO_free(a->tst_info); - a->tst_info = PKCS7_to_TS_TST_INFO(a->token); - if (!a->tst_info) { - TSerror(TS_R_PKCS7_TO_TS_TST_INFO_FAILED); - return 0; - } - } else if (status == 0 || status == 1) { - TSerror(TS_R_TOKEN_NOT_PRESENT); - return 0; - } - - return 1; -} - -static int -ts_resp_cb(int op, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) -{ - TS_RESP *ts_resp = (TS_RESP *)*pval; - - if (op == ASN1_OP_NEW_POST) { - ts_resp->tst_info = NULL; - } else if (op == ASN1_OP_FREE_POST) { - if (ts_resp->tst_info != NULL) - TS_TST_INFO_free(ts_resp->tst_info); - } else if (op == ASN1_OP_D2I_POST) { - if (ts_resp_set_tst_info(ts_resp) == 0) - return 0; - } - return 1; -} - -static const ASN1_AUX TS_RESP_aux = { - .app_data = NULL, - .flags = 0, - .ref_offset = 0, - .ref_lock = 0, - .asn1_cb = ts_resp_cb, - .enc_offset = 0, -}; -static const ASN1_TEMPLATE TS_RESP_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(TS_RESP, status_info), - .field_name = "status_info", - .item = &TS_STATUS_INFO_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(TS_RESP, token), - .field_name = "token", - .item = &PKCS7_it, - }, -}; - -static const ASN1_ITEM TS_RESP_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = TS_RESP_seq_tt, - .tcount = sizeof(TS_RESP_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &TS_RESP_aux, - .size = sizeof(TS_RESP), - .sname = "TS_RESP", -}; - - -TS_RESP * -d2i_TS_RESP(TS_RESP **a, const unsigned char **in, long len) -{ - return (TS_RESP *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &TS_RESP_it); -} -LCRYPTO_ALIAS(d2i_TS_RESP); - -int -i2d_TS_RESP(const TS_RESP *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_RESP_it); -} -LCRYPTO_ALIAS(i2d_TS_RESP); - -TS_RESP * -TS_RESP_new(void) -{ - return (TS_RESP *)ASN1_item_new(&TS_RESP_it); -} -LCRYPTO_ALIAS(TS_RESP_new); - -void -TS_RESP_free(TS_RESP *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &TS_RESP_it); -} -LCRYPTO_ALIAS(TS_RESP_free); - -TS_RESP * -TS_RESP_dup(TS_RESP *x) -{ - return ASN1_item_dup(&TS_RESP_it, x); -} -LCRYPTO_ALIAS(TS_RESP_dup); - -#ifndef OPENSSL_NO_BIO -TS_RESP * -d2i_TS_RESP_bio(BIO *bp, TS_RESP **a) -{ - return ASN1_item_d2i_bio(&TS_RESP_it, bp, a); -} -LCRYPTO_ALIAS(d2i_TS_RESP_bio); - -int -i2d_TS_RESP_bio(BIO *bp, TS_RESP *a) -{ - return ASN1_item_i2d_bio(&TS_RESP_it, bp, a); -} -LCRYPTO_ALIAS(i2d_TS_RESP_bio); -#endif - -TS_RESP * -d2i_TS_RESP_fp(FILE *fp, TS_RESP **a) -{ - return ASN1_item_d2i_fp(&TS_RESP_it, fp, a); -} -LCRYPTO_ALIAS(d2i_TS_RESP_fp); - -int -i2d_TS_RESP_fp(FILE *fp, TS_RESP *a) -{ - return ASN1_item_i2d_fp(&TS_RESP_it, fp, a); -} -LCRYPTO_ALIAS(i2d_TS_RESP_fp); - -static const ASN1_TEMPLATE ESS_ISSUER_SERIAL_seq_tt[] = { - { - .flags = ASN1_TFLG_SEQUENCE_OF, - .tag = 0, - .offset = offsetof(ESS_ISSUER_SERIAL, issuer), - .field_name = "issuer", - .item = &GENERAL_NAME_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(ESS_ISSUER_SERIAL, serial), - .field_name = "serial", - .item = &ASN1_INTEGER_it, - }, -}; - -static const ASN1_ITEM ESS_ISSUER_SERIAL_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = ESS_ISSUER_SERIAL_seq_tt, - .tcount = sizeof(ESS_ISSUER_SERIAL_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(ESS_ISSUER_SERIAL), - .sname = "ESS_ISSUER_SERIAL", -}; - - -ESS_ISSUER_SERIAL * -d2i_ESS_ISSUER_SERIAL(ESS_ISSUER_SERIAL **a, const unsigned char **in, long len) -{ - return (ESS_ISSUER_SERIAL *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ESS_ISSUER_SERIAL_it); -} -LCRYPTO_ALIAS(d2i_ESS_ISSUER_SERIAL); - -int -i2d_ESS_ISSUER_SERIAL(const ESS_ISSUER_SERIAL *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ESS_ISSUER_SERIAL_it); -} -LCRYPTO_ALIAS(i2d_ESS_ISSUER_SERIAL); - -ESS_ISSUER_SERIAL * -ESS_ISSUER_SERIAL_new(void) -{ - return (ESS_ISSUER_SERIAL *)ASN1_item_new(&ESS_ISSUER_SERIAL_it); -} -LCRYPTO_ALIAS(ESS_ISSUER_SERIAL_new); - -void -ESS_ISSUER_SERIAL_free(ESS_ISSUER_SERIAL *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ESS_ISSUER_SERIAL_it); -} -LCRYPTO_ALIAS(ESS_ISSUER_SERIAL_free); - -ESS_ISSUER_SERIAL * -ESS_ISSUER_SERIAL_dup(ESS_ISSUER_SERIAL *x) -{ - return ASN1_item_dup(&ESS_ISSUER_SERIAL_it, x); -} -LCRYPTO_ALIAS(ESS_ISSUER_SERIAL_dup); - -static const ASN1_TEMPLATE ESS_CERT_ID_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(ESS_CERT_ID, hash), - .field_name = "hash", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(ESS_CERT_ID, issuer_serial), - .field_name = "issuer_serial", - .item = &ESS_ISSUER_SERIAL_it, - }, -}; - -static const ASN1_ITEM ESS_CERT_ID_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = ESS_CERT_ID_seq_tt, - .tcount = sizeof(ESS_CERT_ID_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(ESS_CERT_ID), - .sname = "ESS_CERT_ID", -}; - - -ESS_CERT_ID * -d2i_ESS_CERT_ID(ESS_CERT_ID **a, const unsigned char **in, long len) -{ - return (ESS_CERT_ID *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ESS_CERT_ID_it); -} -LCRYPTO_ALIAS(d2i_ESS_CERT_ID); - -int -i2d_ESS_CERT_ID(const ESS_CERT_ID *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ESS_CERT_ID_it); -} -LCRYPTO_ALIAS(i2d_ESS_CERT_ID); - -ESS_CERT_ID * -ESS_CERT_ID_new(void) -{ - return (ESS_CERT_ID *)ASN1_item_new(&ESS_CERT_ID_it); -} -LCRYPTO_ALIAS(ESS_CERT_ID_new); - -void -ESS_CERT_ID_free(ESS_CERT_ID *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ESS_CERT_ID_it); -} -LCRYPTO_ALIAS(ESS_CERT_ID_free); - -ESS_CERT_ID * -ESS_CERT_ID_dup(ESS_CERT_ID *x) -{ - return ASN1_item_dup(&ESS_CERT_ID_it, x); -} -LCRYPTO_ALIAS(ESS_CERT_ID_dup); - -static const ASN1_TEMPLATE ESS_SIGNING_CERT_seq_tt[] = { - { - .flags = ASN1_TFLG_SEQUENCE_OF, - .tag = 0, - .offset = offsetof(ESS_SIGNING_CERT, cert_ids), - .field_name = "cert_ids", - .item = &ESS_CERT_ID_it, - }, - { - .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(ESS_SIGNING_CERT, policy_info), - .field_name = "policy_info", - .item = &POLICYINFO_it, - }, -}; - -static const ASN1_ITEM ESS_SIGNING_CERT_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = ESS_SIGNING_CERT_seq_tt, - .tcount = sizeof(ESS_SIGNING_CERT_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(ESS_SIGNING_CERT), - .sname = "ESS_SIGNING_CERT", -}; - - -ESS_SIGNING_CERT * -d2i_ESS_SIGNING_CERT(ESS_SIGNING_CERT **a, const unsigned char **in, long len) -{ - return (ESS_SIGNING_CERT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ESS_SIGNING_CERT_it); -} -LCRYPTO_ALIAS(d2i_ESS_SIGNING_CERT); - -int -i2d_ESS_SIGNING_CERT(const ESS_SIGNING_CERT *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ESS_SIGNING_CERT_it); -} -LCRYPTO_ALIAS(i2d_ESS_SIGNING_CERT); - -ESS_SIGNING_CERT * -ESS_SIGNING_CERT_new(void) -{ - return (ESS_SIGNING_CERT *)ASN1_item_new(&ESS_SIGNING_CERT_it); -} -LCRYPTO_ALIAS(ESS_SIGNING_CERT_new); - -void -ESS_SIGNING_CERT_free(ESS_SIGNING_CERT *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ESS_SIGNING_CERT_it); -} -LCRYPTO_ALIAS(ESS_SIGNING_CERT_free); - -ESS_SIGNING_CERT * -ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT *x) -{ - return ASN1_item_dup(&ESS_SIGNING_CERT_it, x); -} -LCRYPTO_ALIAS(ESS_SIGNING_CERT_dup); - -static const ASN1_TEMPLATE ESS_CERT_ID_V2_seq_tt[] = { - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(ESS_CERT_ID_V2, hash_alg), - .field_name = "hash_alg", - .item = &X509_ALGOR_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(ESS_CERT_ID_V2, hash), - .field_name = "hash", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(ESS_CERT_ID_V2, issuer_serial), - .field_name = "issuer_serial", - .item = &ESS_ISSUER_SERIAL_it, - }, -}; - -static const ASN1_ITEM ESS_CERT_ID_V2_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = ESS_CERT_ID_V2_seq_tt, - .tcount = sizeof(ESS_CERT_ID_V2_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(ESS_CERT_ID_V2), - .sname = "ESS_CERT_ID_V2", -}; - -ESS_CERT_ID_V2 * -d2i_ESS_CERT_ID_V2(ESS_CERT_ID_V2 **a, const unsigned char **in, long len) -{ - return (ESS_CERT_ID_V2 *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ESS_CERT_ID_V2_it); -} - -int -i2d_ESS_CERT_ID_V2(const ESS_CERT_ID_V2 *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ESS_CERT_ID_V2_it); -} - -ESS_CERT_ID_V2 * -ESS_CERT_ID_V2_new(void) -{ - return (ESS_CERT_ID_V2 *)ASN1_item_new(&ESS_CERT_ID_V2_it); -} - -void -ESS_CERT_ID_V2_free(ESS_CERT_ID_V2 *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ESS_CERT_ID_V2_it); -} - -ESS_CERT_ID_V2 * -ESS_CERT_ID_V2_dup(ESS_CERT_ID_V2 *x) -{ - return ASN1_item_dup(&ESS_CERT_ID_V2_it, x); -} - -static const ASN1_TEMPLATE ESS_SIGNING_CERT_V2_seq_tt[] = { - { - .flags = ASN1_TFLG_SEQUENCE_OF, - .tag = 0, - .offset = offsetof(ESS_SIGNING_CERT_V2, cert_ids), - .field_name = "cert_ids", - .item = &ESS_CERT_ID_V2_it, - }, - { - .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(ESS_SIGNING_CERT_V2, policy_info), - .field_name = "policy_info", - .item = &POLICYINFO_it, - }, -}; - -static const ASN1_ITEM ESS_SIGNING_CERT_V2_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = ESS_SIGNING_CERT_V2_seq_tt, - .tcount = sizeof(ESS_SIGNING_CERT_V2_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(ESS_SIGNING_CERT_V2), - .sname = "ESS_SIGNING_CERT_V2", -}; - -ESS_SIGNING_CERT_V2 * -d2i_ESS_SIGNING_CERT_V2(ESS_SIGNING_CERT_V2 **a, const unsigned char **in, long len) -{ - return (ESS_SIGNING_CERT_V2 *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ESS_SIGNING_CERT_V2_it); -} - -int -i2d_ESS_SIGNING_CERT_V2(const ESS_SIGNING_CERT_V2 *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ESS_SIGNING_CERT_V2_it); -} - -ESS_SIGNING_CERT_V2 * -ESS_SIGNING_CERT_V2_new(void) -{ - return (ESS_SIGNING_CERT_V2 *)ASN1_item_new(&ESS_SIGNING_CERT_V2_it); -} - -void -ESS_SIGNING_CERT_V2_free(ESS_SIGNING_CERT_V2 *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ESS_SIGNING_CERT_V2_it); -} - -ESS_SIGNING_CERT_V2 * -ESS_SIGNING_CERT_V2_dup(ESS_SIGNING_CERT_V2 *x) -{ - return ASN1_item_dup(&ESS_SIGNING_CERT_V2_it, x); -} - -/* Getting encapsulated TS_TST_INFO object from PKCS7. */ -TS_TST_INFO * -PKCS7_to_TS_TST_INFO(PKCS7 *token) -{ - PKCS7_SIGNED *pkcs7_signed; - PKCS7 *enveloped; - ASN1_TYPE *tst_info_wrapper; - ASN1_OCTET_STRING *tst_info_der; - const unsigned char *p; - - if (!PKCS7_type_is_signed(token)) { - TSerror(TS_R_BAD_PKCS7_TYPE); - return NULL; - } - - /* Content must be present. */ - if (PKCS7_get_detached(token)) { - TSerror(TS_R_DETACHED_CONTENT); - return NULL; - } - - /* We have a signed data with content. */ - pkcs7_signed = token->d.sign; - enveloped = pkcs7_signed->contents; - if (OBJ_obj2nid(enveloped->type) != NID_id_smime_ct_TSTInfo) { - TSerror(TS_R_BAD_PKCS7_TYPE); - return NULL; - } - - /* We have a DER encoded TST_INFO as the signed data. */ - tst_info_wrapper = enveloped->d.other; - if (tst_info_wrapper->type != V_ASN1_OCTET_STRING) { - TSerror(TS_R_BAD_TYPE); - return NULL; - } - - /* We have the correct ASN1_OCTET_STRING type. */ - tst_info_der = tst_info_wrapper->value.octet_string; - /* At last, decode the TST_INFO. */ - p = tst_info_der->data; - return d2i_TS_TST_INFO(NULL, &p, tst_info_der->length); -} -LCRYPTO_ALIAS(PKCS7_to_TS_TST_INFO); diff --git a/src/lib/libcrypto/ts/ts_conf.c b/src/lib/libcrypto/ts/ts_conf.c deleted file mode 100644 index bd499238f5..0000000000 --- a/src/lib/libcrypto/ts/ts_conf.c +++ /dev/null @@ -1,517 +0,0 @@ -/* $OpenBSD: ts_conf.c,v 1.15 2024/08/26 22:01:28 op Exp $ */ -/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL - * project 2002. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include - -#include - -#include -#include -#include -#include - -/* Macro definitions for the configuration file. */ - -#define BASE_SECTION "tsa" -#define ENV_DEFAULT_TSA "default_tsa" -#define ENV_SERIAL "serial" -#define ENV_CRYPTO_DEVICE "crypto_device" -#define ENV_SIGNER_CERT "signer_cert" -#define ENV_CERTS "certs" -#define ENV_SIGNER_KEY "signer_key" -#define ENV_DEFAULT_POLICY "default_policy" -#define ENV_OTHER_POLICIES "other_policies" -#define ENV_DIGESTS "digests" -#define ENV_ACCURACY "accuracy" -#define ENV_ORDERING "ordering" -#define ENV_TSA_NAME "tsa_name" -#define ENV_ESS_CERT_ID_CHAIN "ess_cert_id_chain" -#define ENV_VALUE_SECS "secs" -#define ENV_VALUE_MILLISECS "millisecs" -#define ENV_VALUE_MICROSECS "microsecs" -#define ENV_CLOCK_PRECISION_DIGITS "clock_precision_digits" -#define ENV_VALUE_YES "yes" -#define ENV_VALUE_NO "no" - -/* Function definitions for certificate and key loading. */ - -X509 * -TS_CONF_load_cert(const char *file) -{ - BIO *cert = NULL; - X509 *x = NULL; - - if ((cert = BIO_new_file(file, "r")) == NULL) - goto end; - x = PEM_read_bio_X509_AUX(cert, NULL, NULL, NULL); - -end: - if (x == NULL) - fprintf(stderr, "unable to load certificate: %s\n", file); - BIO_free(cert); - return x; -} -LCRYPTO_ALIAS(TS_CONF_load_cert); - -STACK_OF(X509) * -TS_CONF_load_certs(const char *file) -{ - BIO *certs = NULL; - STACK_OF(X509) *othercerts = NULL; - STACK_OF(X509_INFO) *allcerts = NULL; - int i; - - if (!(certs = BIO_new_file(file, "r"))) - goto end; - - if (!(othercerts = sk_X509_new_null())) - goto end; - allcerts = PEM_X509_INFO_read_bio(certs, NULL, NULL, NULL); - for (i = 0; i < sk_X509_INFO_num(allcerts); i++) { - X509_INFO *xi = sk_X509_INFO_value(allcerts, i); - if (xi->x509) { - if (sk_X509_push(othercerts, xi->x509) == 0) { - sk_X509_pop_free(othercerts, X509_free); - othercerts = NULL; - goto end; - } - xi->x509 = NULL; - } - } - -end: - if (othercerts == NULL) - fprintf(stderr, "unable to load certificates: %s\n", file); - sk_X509_INFO_pop_free(allcerts, X509_INFO_free); - BIO_free(certs); - return othercerts; -} -LCRYPTO_ALIAS(TS_CONF_load_certs); - -EVP_PKEY * -TS_CONF_load_key(const char *file, const char *pass) -{ - BIO *key = NULL; - EVP_PKEY *pkey = NULL; - - if (!(key = BIO_new_file(file, "r"))) - goto end; - pkey = PEM_read_bio_PrivateKey(key, NULL, NULL, (char *) pass); - -end: - if (pkey == NULL) - fprintf(stderr, "unable to load private key: %s\n", file); - BIO_free(key); - return pkey; -} -LCRYPTO_ALIAS(TS_CONF_load_key); - -/* Function definitions for handling configuration options. */ - -static void -TS_CONF_lookup_fail(const char *name, const char *tag) -{ - fprintf(stderr, "variable lookup failed for %s::%s\n", name, tag); -} - -static void -TS_CONF_invalid(const char *name, const char *tag) -{ - fprintf(stderr, "invalid variable value for %s::%s\n", name, tag); -} - -const char * -TS_CONF_get_tsa_section(CONF *conf, const char *section) -{ - if (!section) { - section = NCONF_get_string(conf, BASE_SECTION, ENV_DEFAULT_TSA); - if (!section) - TS_CONF_lookup_fail(BASE_SECTION, ENV_DEFAULT_TSA); - } - return section; -} -LCRYPTO_ALIAS(TS_CONF_get_tsa_section); - -int -TS_CONF_set_serial(CONF *conf, const char *section, TS_serial_cb cb, - TS_RESP_CTX *ctx) -{ - int ret = 0; - char *serial = NCONF_get_string(conf, section, ENV_SERIAL); - - if (!serial) { - TS_CONF_lookup_fail(section, ENV_SERIAL); - goto err; - } - TS_RESP_CTX_set_serial_cb(ctx, cb, serial); - - ret = 1; - -err: - return ret; -} -LCRYPTO_ALIAS(TS_CONF_set_serial); - -int -TS_CONF_set_signer_cert(CONF *conf, const char *section, const char *cert, - TS_RESP_CTX *ctx) -{ - int ret = 0; - X509 *cert_obj = NULL; - - if (!cert) - cert = NCONF_get_string(conf, section, ENV_SIGNER_CERT); - if (!cert) { - TS_CONF_lookup_fail(section, ENV_SIGNER_CERT); - goto err; - } - if (!(cert_obj = TS_CONF_load_cert(cert))) - goto err; - if (!TS_RESP_CTX_set_signer_cert(ctx, cert_obj)) - goto err; - - ret = 1; - -err: - X509_free(cert_obj); - return ret; -} -LCRYPTO_ALIAS(TS_CONF_set_signer_cert); - -int -TS_CONF_set_certs(CONF *conf, const char *section, const char *certs, - TS_RESP_CTX *ctx) -{ - int ret = 0; - STACK_OF(X509) *certs_obj = NULL; - - if (!certs) - certs = NCONF_get_string(conf, section, ENV_CERTS); - /* Certificate chain is optional. */ - if (!certs) - goto end; - if (!(certs_obj = TS_CONF_load_certs(certs))) - goto err; - if (!TS_RESP_CTX_set_certs(ctx, certs_obj)) - goto err; - -end: - ret = 1; -err: - sk_X509_pop_free(certs_obj, X509_free); - return ret; -} -LCRYPTO_ALIAS(TS_CONF_set_certs); - -int -TS_CONF_set_signer_key(CONF *conf, const char *section, const char *key, - const char *pass, TS_RESP_CTX *ctx) -{ - int ret = 0; - EVP_PKEY *key_obj = NULL; - - if (!key) - key = NCONF_get_string(conf, section, ENV_SIGNER_KEY); - if (!key) { - TS_CONF_lookup_fail(section, ENV_SIGNER_KEY); - goto err; - } - if (!(key_obj = TS_CONF_load_key(key, pass))) - goto err; - if (!TS_RESP_CTX_set_signer_key(ctx, key_obj)) - goto err; - - ret = 1; - -err: - EVP_PKEY_free(key_obj); - return ret; -} -LCRYPTO_ALIAS(TS_CONF_set_signer_key); - -int -TS_CONF_set_def_policy(CONF *conf, const char *section, const char *policy, - TS_RESP_CTX *ctx) -{ - int ret = 0; - ASN1_OBJECT *policy_obj = NULL; - - if (!policy) - policy = NCONF_get_string(conf, section, ENV_DEFAULT_POLICY); - if (!policy) { - TS_CONF_lookup_fail(section, ENV_DEFAULT_POLICY); - goto err; - } - if (!(policy_obj = OBJ_txt2obj(policy, 0))) { - TS_CONF_invalid(section, ENV_DEFAULT_POLICY); - goto err; - } - if (!TS_RESP_CTX_set_def_policy(ctx, policy_obj)) - goto err; - - ret = 1; - -err: - ASN1_OBJECT_free(policy_obj); - return ret; -} -LCRYPTO_ALIAS(TS_CONF_set_def_policy); - -int -TS_CONF_set_policies(CONF *conf, const char *section, TS_RESP_CTX *ctx) -{ - int ret = 0; - int i; - STACK_OF(CONF_VALUE) *list = NULL; - char *policies = NCONF_get_string(conf, section, ENV_OTHER_POLICIES); - - /* If no other policy is specified, that's fine. */ - if (policies && !(list = X509V3_parse_list(policies))) { - TS_CONF_invalid(section, ENV_OTHER_POLICIES); - goto err; - } - for (i = 0; i < sk_CONF_VALUE_num(list); ++i) { - CONF_VALUE *val = sk_CONF_VALUE_value(list, i); - const char *extval = val->value ? val->value : val->name; - ASN1_OBJECT *objtmp; - if (!(objtmp = OBJ_txt2obj(extval, 0))) { - TS_CONF_invalid(section, ENV_OTHER_POLICIES); - goto err; - } - if (!TS_RESP_CTX_add_policy(ctx, objtmp)) - goto err; - ASN1_OBJECT_free(objtmp); - } - - ret = 1; - -err: - sk_CONF_VALUE_pop_free(list, X509V3_conf_free); - return ret; -} -LCRYPTO_ALIAS(TS_CONF_set_policies); - -int -TS_CONF_set_digests(CONF *conf, const char *section, TS_RESP_CTX *ctx) -{ - int ret = 0; - int i; - STACK_OF(CONF_VALUE) *list = NULL; - char *digests = NCONF_get_string(conf, section, ENV_DIGESTS); - - if (!digests) { - TS_CONF_lookup_fail(section, ENV_DIGESTS); - goto err; - } - if (!(list = X509V3_parse_list(digests))) { - TS_CONF_invalid(section, ENV_DIGESTS); - goto err; - } - if (sk_CONF_VALUE_num(list) == 0) { - TS_CONF_invalid(section, ENV_DIGESTS); - goto err; - } - for (i = 0; i < sk_CONF_VALUE_num(list); ++i) { - CONF_VALUE *val = sk_CONF_VALUE_value(list, i); - const char *extval = val->value ? val->value : val->name; - const EVP_MD *md; - if (!(md = EVP_get_digestbyname(extval))) { - TS_CONF_invalid(section, ENV_DIGESTS); - goto err; - } - if (!TS_RESP_CTX_add_md(ctx, md)) - goto err; - } - - ret = 1; - -err: - sk_CONF_VALUE_pop_free(list, X509V3_conf_free); - return ret; -} -LCRYPTO_ALIAS(TS_CONF_set_digests); - -int -TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx) -{ - int ret = 0; - int i; - int secs = 0, millis = 0, micros = 0; - STACK_OF(CONF_VALUE) *list = NULL; - char *accuracy = NCONF_get_string(conf, section, ENV_ACCURACY); - const char *errstr; - - if (accuracy && !(list = X509V3_parse_list(accuracy))) { - TS_CONF_invalid(section, ENV_ACCURACY); - goto err; - } - for (i = 0; i < sk_CONF_VALUE_num(list); ++i) { - CONF_VALUE *val = sk_CONF_VALUE_value(list, i); - if (strcmp(val->name, ENV_VALUE_SECS) == 0) { - if (val->value) { - secs = strtonum(val->value, 0, INT_MAX, - &errstr); - if (errstr != NULL) { - TS_CONF_invalid(section, - ENV_VALUE_SECS); - goto err; - } - } - } else if (strcmp(val->name, ENV_VALUE_MILLISECS) == 0) { - if (val->value) { - millis = strtonum(val->value, 1, 999, &errstr); - if (errstr != NULL) { - TS_CONF_invalid(section, - ENV_VALUE_MILLISECS); - goto err; - } - } - } else if (strcmp(val->name, ENV_VALUE_MICROSECS) == 0) { - if (val->value) { - micros = strtonum(val->value, 1, 999, &errstr); - if (errstr != NULL) { - TS_CONF_invalid(section, - ENV_VALUE_MICROSECS); - goto err; - } - } - } else { - TS_CONF_invalid(section, ENV_ACCURACY); - goto err; - } - } - if (!TS_RESP_CTX_set_accuracy(ctx, secs, millis, micros)) - goto err; - - ret = 1; - -err: - sk_CONF_VALUE_pop_free(list, X509V3_conf_free); - return ret; -} -LCRYPTO_ALIAS(TS_CONF_set_accuracy); - -int -TS_CONF_set_clock_precision_digits(CONF *conf, const char *section, - TS_RESP_CTX *ctx) -{ - int ret = 0; - long digits = 0; - - /* If not specified, set the default value to 0, i.e. sec precision */ - if (!NCONF_get_number_e(conf, section, ENV_CLOCK_PRECISION_DIGITS, - &digits)) - digits = 0; - /* We only support second precision, so reject everything else */ - if (digits != 0) { - TS_CONF_invalid(section, ENV_CLOCK_PRECISION_DIGITS); - goto err; - } - - if (!TS_RESP_CTX_set_clock_precision_digits(ctx, digits)) - goto err; - - return 1; - -err: - return ret; -} -LCRYPTO_ALIAS(TS_CONF_set_clock_precision_digits); - -static int -TS_CONF_add_flag(CONF *conf, const char *section, const char *field, int flag, - TS_RESP_CTX *ctx) -{ - /* Default is false. */ - const char *value = NCONF_get_string(conf, section, field); - - if (value) { - if (strcmp(value, ENV_VALUE_YES) == 0) - TS_RESP_CTX_add_flags(ctx, flag); - else if (strcmp(value, ENV_VALUE_NO) != 0) { - TS_CONF_invalid(section, field); - return 0; - } - } - - return 1; -} - -int -TS_CONF_set_ordering(CONF *conf, const char *section, TS_RESP_CTX *ctx) -{ - return TS_CONF_add_flag(conf, section, ENV_ORDERING, TS_ORDERING, ctx); -} -LCRYPTO_ALIAS(TS_CONF_set_ordering); - -int -TS_CONF_set_tsa_name(CONF *conf, const char *section, TS_RESP_CTX *ctx) -{ - return TS_CONF_add_flag(conf, section, ENV_TSA_NAME, TS_TSA_NAME, ctx); -} -LCRYPTO_ALIAS(TS_CONF_set_tsa_name); - -int -TS_CONF_set_ess_cert_id_chain(CONF *conf, const char *section, TS_RESP_CTX *ctx) -{ - return TS_CONF_add_flag(conf, section, ENV_ESS_CERT_ID_CHAIN, - TS_ESS_CERT_ID_CHAIN, ctx); -} -LCRYPTO_ALIAS(TS_CONF_set_ess_cert_id_chain); diff --git a/src/lib/libcrypto/ts/ts_err.c b/src/lib/libcrypto/ts/ts_err.c deleted file mode 100644 index c0dcc73099..0000000000 --- a/src/lib/libcrypto/ts/ts_err.c +++ /dev/null @@ -1,126 +0,0 @@ -/* $OpenBSD: ts_err.c,v 1.8 2024/06/24 06:43:22 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include - -#include "err_local.h" - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_TS,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_TS,0,reason) - -static const ERR_STRING_DATA TS_str_functs[] = { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static const ERR_STRING_DATA TS_str_reasons[] = { - {ERR_REASON(TS_R_BAD_PKCS7_TYPE) , "bad pkcs7 type"}, - {ERR_REASON(TS_R_BAD_TYPE) , "bad type"}, - {ERR_REASON(TS_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error"}, - {ERR_REASON(TS_R_COULD_NOT_SET_ENGINE) , "could not set engine"}, - {ERR_REASON(TS_R_COULD_NOT_SET_TIME) , "could not set time"}, - {ERR_REASON(TS_R_D2I_TS_RESP_INT_FAILED) , "d2i ts resp int failed"}, - {ERR_REASON(TS_R_DETACHED_CONTENT) , "detached content"}, - {ERR_REASON(TS_R_ESS_ADD_SIGNING_CERT_ERROR), "ess add signing cert error"}, - {ERR_REASON(TS_R_ESS_SIGNING_CERTIFICATE_ERROR), "ess signing certificate error"}, - {ERR_REASON(TS_R_INVALID_NULL_POINTER) , "invalid null pointer"}, - {ERR_REASON(TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE), "invalid signer certificate purpose"}, - {ERR_REASON(TS_R_MESSAGE_IMPRINT_MISMATCH), "message imprint mismatch"}, - {ERR_REASON(TS_R_NONCE_MISMATCH) , "nonce mismatch"}, - {ERR_REASON(TS_R_NONCE_NOT_RETURNED) , "nonce not returned"}, - {ERR_REASON(TS_R_NO_CONTENT) , "no content"}, - {ERR_REASON(TS_R_NO_TIME_STAMP_TOKEN) , "no time stamp token"}, - {ERR_REASON(TS_R_PKCS7_ADD_SIGNATURE_ERROR), "pkcs7 add signature error"}, - {ERR_REASON(TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR), "pkcs7 add signed attr error"}, - {ERR_REASON(TS_R_PKCS7_TO_TS_TST_INFO_FAILED), "pkcs7 to ts tst info failed"}, - {ERR_REASON(TS_R_POLICY_MISMATCH) , "policy mismatch"}, - {ERR_REASON(TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE), "private key does not match certificate"}, - {ERR_REASON(TS_R_RESPONSE_SETUP_ERROR) , "response setup error"}, - {ERR_REASON(TS_R_SIGNATURE_FAILURE) , "signature failure"}, - {ERR_REASON(TS_R_THERE_MUST_BE_ONE_SIGNER), "there must be one signer"}, - {ERR_REASON(TS_R_TIME_SYSCALL_ERROR) , "time syscall error"}, - {ERR_REASON(TS_R_TOKEN_NOT_PRESENT) , "token not present"}, - {ERR_REASON(TS_R_TOKEN_PRESENT) , "token present"}, - {ERR_REASON(TS_R_TSA_NAME_MISMATCH) , "tsa name mismatch"}, - {ERR_REASON(TS_R_TSA_UNTRUSTED) , "tsa untrusted"}, - {ERR_REASON(TS_R_TST_INFO_SETUP_ERROR) , "tst info setup error"}, - {ERR_REASON(TS_R_TS_DATASIGN) , "ts datasign"}, - {ERR_REASON(TS_R_UNACCEPTABLE_POLICY) , "unacceptable policy"}, - {ERR_REASON(TS_R_UNSUPPORTED_MD_ALGORITHM), "unsupported md algorithm"}, - {ERR_REASON(TS_R_UNSUPPORTED_VERSION) , "unsupported version"}, - {ERR_REASON(TS_R_WRONG_CONTENT_TYPE) , "wrong content type"}, - {0, NULL} -}; - -#endif - -void -ERR_load_TS_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(TS_str_functs[0].error) == NULL) { - ERR_load_const_strings(TS_str_functs); - ERR_load_const_strings(TS_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_TS_strings); diff --git a/src/lib/libcrypto/ts/ts_lib.c b/src/lib/libcrypto/ts/ts_lib.c deleted file mode 100644 index 7e40101752..0000000000 --- a/src/lib/libcrypto/ts/ts_lib.c +++ /dev/null @@ -1,163 +0,0 @@ -/* $OpenBSD: ts_lib.c,v 1.15 2025/01/07 14:22:19 tb Exp $ */ -/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL - * project 2002. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include -#include - -#include "bn_local.h" -#include "x509_local.h" - -/* Local function declarations. */ - -/* Function definitions. */ - -int -TS_ASN1_INTEGER_print_bio(BIO *bio, const ASN1_INTEGER *num) -{ - BIGNUM *bn = NULL; - char *hex = NULL; - int ret = 0; - - /* XXX - OpenSSL decided to return -1 here for some stupid reason. */ - if ((bn = ASN1_INTEGER_to_BN(num, NULL)) == NULL) - goto err; - if ((hex = BN_bn2hex(bn)) == NULL) - goto err; - if (BIO_printf(bio, "0x%s", hex) <= 0) - goto err; - - ret = 1; - - err: - BN_free(bn); - free(hex); - - return ret; -} -LCRYPTO_ALIAS(TS_ASN1_INTEGER_print_bio); - -int -TS_OBJ_print_bio(BIO *bio, const ASN1_OBJECT *obj) -{ - char obj_txt[128]; - - int len = OBJ_obj2txt(obj_txt, sizeof(obj_txt), obj, 0); - if (len >= sizeof(obj_txt)) - len = sizeof(obj_txt) - 1; - BIO_write(bio, obj_txt, len); - BIO_write(bio, "\n", 1); - return 1; -} -LCRYPTO_ALIAS(TS_OBJ_print_bio); - -int -TS_ext_print_bio(BIO *bio, const STACK_OF(X509_EXTENSION) *extensions) -{ - int i, critical, n; - X509_EXTENSION *ex; - ASN1_OBJECT *obj; - - BIO_printf(bio, "Extensions:\n"); - n = X509v3_get_ext_count(extensions); - for (i = 0; i < n; i++) { - ex = X509v3_get_ext(extensions, i); - obj = X509_EXTENSION_get_object(ex); - i2a_ASN1_OBJECT(bio, obj); - critical = X509_EXTENSION_get_critical(ex); - BIO_printf(bio, ": %s\n", critical ? "critical" : ""); - if (!X509V3_EXT_print(bio, ex, 0, 4)) { - BIO_printf(bio, "%4s", ""); - ASN1_STRING_print(bio, ex->value); - } - BIO_write(bio, "\n", 1); - } - - return 1; -} -LCRYPTO_ALIAS(TS_ext_print_bio); - -int -TS_X509_ALGOR_print_bio(BIO *bio, const X509_ALGOR *alg) -{ - int i = OBJ_obj2nid(alg->algorithm); - - return BIO_printf(bio, "Hash Algorithm: %s\n", - (i == NID_undef) ? "UNKNOWN" : OBJ_nid2ln(i)); -} -LCRYPTO_ALIAS(TS_X509_ALGOR_print_bio); - -int -TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *a) -{ - ASN1_OCTET_STRING *msg; - - TS_X509_ALGOR_print_bio(bio, TS_MSG_IMPRINT_get_algo(a)); - - BIO_printf(bio, "Message data:\n"); - msg = TS_MSG_IMPRINT_get_msg(a); - BIO_dump_indent(bio, (const char *)ASN1_STRING_data(msg), - ASN1_STRING_length(msg), 4); - - return 1; -} -LCRYPTO_ALIAS(TS_MSG_IMPRINT_print_bio); diff --git a/src/lib/libcrypto/ts/ts_local.h b/src/lib/libcrypto/ts/ts_local.h deleted file mode 100644 index 07c9861e02..0000000000 --- a/src/lib/libcrypto/ts/ts_local.h +++ /dev/null @@ -1,316 +0,0 @@ -/* $OpenBSD: ts_local.h,v 1.3 2022/11/26 17:23:18 tb Exp $ */ -/* Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL - * project 2002, 2003, 2004. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_TS_LOCAL_H -#define HEADER_TS_LOCAL_H - -__BEGIN_HIDDEN_DECLS - -/* - * MessageImprint ::= SEQUENCE { - * hashAlgorithm AlgorithmIdentifier, - * hashedMessage OCTET STRING } - */ - -struct TS_msg_imprint_st { - X509_ALGOR *hash_algo; - ASN1_OCTET_STRING *hashed_msg; -}; - -/* - * TimeStampReq ::= SEQUENCE { - * version INTEGER { v1(1) }, - * messageImprint MessageImprint, - * --a hash algorithm OID and the hash value of the data to be - * --time-stamped - * reqPolicy TSAPolicyId OPTIONAL, - * nonce INTEGER OPTIONAL, - * certReq BOOLEAN DEFAULT FALSE, - * extensions [0] IMPLICIT Extensions OPTIONAL } - */ - -struct TS_req_st { - ASN1_INTEGER *version; - TS_MSG_IMPRINT *msg_imprint; - ASN1_OBJECT *policy_id; /* OPTIONAL */ - ASN1_INTEGER *nonce; /* OPTIONAL */ - ASN1_BOOLEAN cert_req; /* DEFAULT FALSE */ - STACK_OF(X509_EXTENSION) *extensions; /* [0] OPTIONAL */ -}; - -/* - * Accuracy ::= SEQUENCE { - * seconds INTEGER OPTIONAL, - * millis [0] INTEGER (1..999) OPTIONAL, - * micros [1] INTEGER (1..999) OPTIONAL } - */ - -struct TS_accuracy_st { - ASN1_INTEGER *seconds; - ASN1_INTEGER *millis; - ASN1_INTEGER *micros; -}; - -/* - * TSTInfo ::= SEQUENCE { - * version INTEGER { v1(1) }, - * policy TSAPolicyId, - * messageImprint MessageImprint, - * -- MUST have the same value as the similar field in - * -- TimeStampReq - * serialNumber INTEGER, - * -- Time-Stamping users MUST be ready to accommodate integers - * -- up to 160 bits. - * genTime GeneralizedTime, - * accuracy Accuracy OPTIONAL, - * ordering BOOLEAN DEFAULT FALSE, - * nonce INTEGER OPTIONAL, - * -- MUST be present if the similar field was present - * -- in TimeStampReq. In that case it MUST have the same value. - * tsa [0] GeneralName OPTIONAL, - * extensions [1] IMPLICIT Extensions OPTIONAL } - */ - -struct TS_tst_info_st { - ASN1_INTEGER *version; - ASN1_OBJECT *policy_id; - TS_MSG_IMPRINT *msg_imprint; - ASN1_INTEGER *serial; - ASN1_GENERALIZEDTIME *time; - TS_ACCURACY *accuracy; - ASN1_BOOLEAN ordering; - ASN1_INTEGER *nonce; - GENERAL_NAME *tsa; - STACK_OF(X509_EXTENSION) *extensions; -}; - -/* - * PKIStatusInfo ::= SEQUENCE { - * status PKIStatus, - * statusString PKIFreeText OPTIONAL, - * failInfo PKIFailureInfo OPTIONAL } - * - * From RFC 1510 - section 3.1.1: - * PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String - * -- text encoded as UTF-8 String (note: each UTF8String SHOULD - * -- include an RFC 1766 language tag to indicate the language - * -- of the contained text) - */ - -struct TS_status_info_st { - ASN1_INTEGER *status; - STACK_OF(ASN1_UTF8STRING) *text; - ASN1_BIT_STRING *failure_info; -}; - -/* - * TimeStampResp ::= SEQUENCE { - * status PKIStatusInfo, - * timeStampToken TimeStampToken OPTIONAL } - */ - -struct TS_resp_st { - TS_STATUS_INFO *status_info; - PKCS7 *token; - TS_TST_INFO *tst_info; -}; - -/* The structure below would belong to the ESS component. */ - -/* - * IssuerSerial ::= SEQUENCE { - * issuer GeneralNames, - * serialNumber CertificateSerialNumber - * } - */ - -struct ESS_issuer_serial { - STACK_OF(GENERAL_NAME) *issuer; - ASN1_INTEGER *serial; -}; - -/* - * ESSCertID ::= SEQUENCE { - * certHash Hash, - * issuerSerial IssuerSerial OPTIONAL - * } - */ - -struct ESS_cert_id { - ASN1_OCTET_STRING *hash; /* Always SHA-1 digest. */ - ESS_ISSUER_SERIAL *issuer_serial; -}; - -/* - * SigningCertificate ::= SEQUENCE { - * certs SEQUENCE OF ESSCertID, - * policies SEQUENCE OF PolicyInformation OPTIONAL - * } - */ - -struct ESS_signing_cert { - STACK_OF(ESS_CERT_ID) *cert_ids; - STACK_OF(POLICYINFO) *policy_info; -}; - -/* - * ESSCertIDv2 ::= SEQUENCE { - * hashAlgorithm AlgorithmIdentifier - * DEFAULT {algorithm id-sha256}, - * certHash Hash, - * issuerSerial IssuerSerial OPTIONAL } - */ - -struct ESS_cert_id_v2 { - X509_ALGOR *hash_alg; /* Default SHA-256. */ - ASN1_OCTET_STRING *hash; - ESS_ISSUER_SERIAL *issuer_serial; -}; - -/* - * SigningCertificateV2 ::= SEQUENCE { - * certs SEQUENCE OF ESSCertIDv2, - * policies SEQUENCE OF PolicyInformation OPTIONAL } - */ - -struct ESS_signing_cert_v2 { - STACK_OF(ESS_CERT_ID_V2) *cert_ids; - STACK_OF(POLICYINFO) *policy_info; -}; - -struct TS_resp_ctx { - X509 *signer_cert; - EVP_PKEY *signer_key; - STACK_OF(X509) *certs; /* Certs to include in signed data. */ - STACK_OF(ASN1_OBJECT) *policies; /* Acceptable policies. */ - ASN1_OBJECT *default_policy; /* It may appear in policies, too. */ - STACK_OF(EVP_MD) *mds; /* Acceptable message digests. */ - ASN1_INTEGER *seconds; /* accuracy, 0 means not specified. */ - ASN1_INTEGER *millis; /* accuracy, 0 means not specified. */ - ASN1_INTEGER *micros; /* accuracy, 0 means not specified. */ - unsigned clock_precision_digits; /* fraction of seconds in - time stamp token. */ - unsigned flags; /* Optional info, see values above. */ - - /* Callback functions. */ - TS_serial_cb serial_cb; - void *serial_cb_data; /* User data for serial_cb. */ - - TS_time_cb time_cb; - void *time_cb_data; /* User data for time_cb. */ - - TS_extension_cb extension_cb; - void *extension_cb_data; /* User data for extension_cb. */ - - /* These members are used only while creating the response. */ - TS_REQ *request; - TS_RESP *response; - TS_TST_INFO *tst_info; -}; - -/* Context structure for the generic verify method. */ - -struct TS_verify_ctx { - /* Set this to the union of TS_VFY_... flags you want to carry out. */ - unsigned flags; - - /* Must be set only with TS_VFY_SIGNATURE. certs is optional. */ - X509_STORE *store; - STACK_OF(X509) *certs; - - /* Must be set only with TS_VFY_POLICY. */ - ASN1_OBJECT *policy; - - /* Must be set only with TS_VFY_IMPRINT. If md_alg is NULL, - the algorithm from the response is used. */ - X509_ALGOR *md_alg; - unsigned char *imprint; - unsigned imprint_len; - - /* Must be set only with TS_VFY_DATA. */ - BIO *data; - - /* Must be set only with TS_VFY_TSA_NAME. */ - ASN1_INTEGER *nonce; - - /* Must be set only with TS_VFY_TSA_NAME. */ - GENERAL_NAME *tsa_name; -}; - -/* - * Public OpenSSL API that we do not currently want to expose. - */ - -ESS_CERT_ID_V2 *ESS_CERT_ID_V2_new(void); -void ESS_CERT_ID_V2_free(ESS_CERT_ID_V2 *a); -int i2d_ESS_CERT_ID_V2(const ESS_CERT_ID_V2 *a, unsigned char **pp); -ESS_CERT_ID_V2 *d2i_ESS_CERT_ID_V2(ESS_CERT_ID_V2 **a, const unsigned char **pp, - long length); -ESS_CERT_ID_V2 *ESS_CERT_ID_V2_dup(ESS_CERT_ID_V2 *a); - -ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_new(void); -void ESS_SIGNING_CERT_V2_free(ESS_SIGNING_CERT_V2 *a); -int i2d_ESS_SIGNING_CERT_V2(const ESS_SIGNING_CERT_V2 *a, - unsigned char **pp); -ESS_SIGNING_CERT_V2 *d2i_ESS_SIGNING_CERT_V2(ESS_SIGNING_CERT_V2 **a, - const unsigned char **pp, long length); -ESS_SIGNING_CERT_V2 *ESS_SIGNING_CERT_V2_dup(ESS_SIGNING_CERT_V2 *a); - -__END_HIDDEN_DECLS - -#endif /* !HEADER_TS_LOCAL_H */ diff --git a/src/lib/libcrypto/ts/ts_req_print.c b/src/lib/libcrypto/ts/ts_req_print.c deleted file mode 100644 index ddcdda97a3..0000000000 --- a/src/lib/libcrypto/ts/ts_req_print.c +++ /dev/null @@ -1,105 +0,0 @@ -/* $OpenBSD: ts_req_print.c,v 1.5 2023/07/07 07:25:21 beck Exp $ */ -/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL - * project 2002. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include -#include - -/* Function definitions. */ - -int -TS_REQ_print_bio(BIO *bio, TS_REQ *a) -{ - int v; - ASN1_OBJECT *policy_id; - const ASN1_INTEGER *nonce; - - if (a == NULL) - return 0; - - v = TS_REQ_get_version(a); - BIO_printf(bio, "Version: %d\n", v); - - TS_MSG_IMPRINT_print_bio(bio, TS_REQ_get_msg_imprint(a)); - - BIO_printf(bio, "Policy OID: "); - policy_id = TS_REQ_get_policy_id(a); - if (policy_id == NULL) - BIO_printf(bio, "unspecified\n"); - else - TS_OBJ_print_bio(bio, policy_id); - - BIO_printf(bio, "Nonce: "); - nonce = TS_REQ_get_nonce(a); - if (nonce == NULL) - BIO_printf(bio, "unspecified"); - else - TS_ASN1_INTEGER_print_bio(bio, nonce); - BIO_write(bio, "\n", 1); - - BIO_printf(bio, "Certificate required: %s\n", - TS_REQ_get_cert_req(a) ? "yes" : "no"); - - TS_ext_print_bio(bio, TS_REQ_get_exts(a)); - - return 1; -} -LCRYPTO_ALIAS(TS_REQ_print_bio); diff --git a/src/lib/libcrypto/ts/ts_req_utils.c b/src/lib/libcrypto/ts/ts_req_utils.c deleted file mode 100644 index d679418060..0000000000 --- a/src/lib/libcrypto/ts/ts_req_utils.c +++ /dev/null @@ -1,281 +0,0 @@ -/* $OpenBSD: ts_req_utils.c,v 1.9 2023/07/07 19:37:54 beck Exp $ */ -/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL - * project 2002. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include -#include - -#include "ts_local.h" - -int -TS_REQ_set_version(TS_REQ *a, long version) -{ - return ASN1_INTEGER_set(a->version, version); -} -LCRYPTO_ALIAS(TS_REQ_set_version); - -long -TS_REQ_get_version(const TS_REQ *a) -{ - return ASN1_INTEGER_get(a->version); -} -LCRYPTO_ALIAS(TS_REQ_get_version); - -int -TS_REQ_set_msg_imprint(TS_REQ *a, TS_MSG_IMPRINT *msg_imprint) -{ - TS_MSG_IMPRINT *new_msg_imprint; - - if (a->msg_imprint == msg_imprint) - return 1; - new_msg_imprint = TS_MSG_IMPRINT_dup(msg_imprint); - if (new_msg_imprint == NULL) { - TSerror(ERR_R_MALLOC_FAILURE); - return 0; - } - TS_MSG_IMPRINT_free(a->msg_imprint); - a->msg_imprint = new_msg_imprint; - return 1; -} -LCRYPTO_ALIAS(TS_REQ_set_msg_imprint); - -TS_MSG_IMPRINT * -TS_REQ_get_msg_imprint(TS_REQ *a) -{ - return a->msg_imprint; -} -LCRYPTO_ALIAS(TS_REQ_get_msg_imprint); - -int -TS_MSG_IMPRINT_set_algo(TS_MSG_IMPRINT *a, X509_ALGOR *alg) -{ - X509_ALGOR *new_alg; - - if (a->hash_algo == alg) - return 1; - new_alg = X509_ALGOR_dup(alg); - if (new_alg == NULL) { - TSerror(ERR_R_MALLOC_FAILURE); - return 0; - } - X509_ALGOR_free(a->hash_algo); - a->hash_algo = new_alg; - return 1; -} -LCRYPTO_ALIAS(TS_MSG_IMPRINT_set_algo); - -X509_ALGOR * -TS_MSG_IMPRINT_get_algo(TS_MSG_IMPRINT *a) -{ - return a->hash_algo; -} -LCRYPTO_ALIAS(TS_MSG_IMPRINT_get_algo); - -int -TS_MSG_IMPRINT_set_msg(TS_MSG_IMPRINT *a, unsigned char *d, int len) -{ - return ASN1_OCTET_STRING_set(a->hashed_msg, d, len); -} -LCRYPTO_ALIAS(TS_MSG_IMPRINT_set_msg); - -ASN1_OCTET_STRING * -TS_MSG_IMPRINT_get_msg(TS_MSG_IMPRINT *a) -{ - return a->hashed_msg; -} -LCRYPTO_ALIAS(TS_MSG_IMPRINT_get_msg); - -int -TS_REQ_set_policy_id(TS_REQ *a, const ASN1_OBJECT *policy) -{ - ASN1_OBJECT *new_policy; - - if (a->policy_id == policy) - return 1; - new_policy = OBJ_dup(policy); - if (new_policy == NULL) { - TSerror(ERR_R_MALLOC_FAILURE); - return 0; - } - ASN1_OBJECT_free(a->policy_id); - a->policy_id = new_policy; - return 1; -} -LCRYPTO_ALIAS(TS_REQ_set_policy_id); - -ASN1_OBJECT * -TS_REQ_get_policy_id(TS_REQ *a) -{ - return a->policy_id; -} -LCRYPTO_ALIAS(TS_REQ_get_policy_id); - -int -TS_REQ_set_nonce(TS_REQ *a, const ASN1_INTEGER *nonce) -{ - ASN1_INTEGER *new_nonce; - - if (a->nonce == nonce) - return 1; - new_nonce = ASN1_INTEGER_dup(nonce); - if (new_nonce == NULL) { - TSerror(ERR_R_MALLOC_FAILURE); - return 0; - } - ASN1_INTEGER_free(a->nonce); - a->nonce = new_nonce; - return 1; -} -LCRYPTO_ALIAS(TS_REQ_set_nonce); - -const ASN1_INTEGER * -TS_REQ_get_nonce(const TS_REQ *a) -{ - return a->nonce; -} -LCRYPTO_ALIAS(TS_REQ_get_nonce); - -int -TS_REQ_set_cert_req(TS_REQ *a, int cert_req) -{ - a->cert_req = cert_req ? 0xFF : 0x00; - return 1; -} -LCRYPTO_ALIAS(TS_REQ_set_cert_req); - -int -TS_REQ_get_cert_req(const TS_REQ *a) -{ - return a->cert_req ? 1 : 0; -} -LCRYPTO_ALIAS(TS_REQ_get_cert_req); - -STACK_OF(X509_EXTENSION) *TS_REQ_get_exts(TS_REQ *a) -{ - return a->extensions; -} -LCRYPTO_ALIAS(TS_REQ_get_exts); - -void -TS_REQ_ext_free(TS_REQ *a) -{ - if (!a) - return; - sk_X509_EXTENSION_pop_free(a->extensions, X509_EXTENSION_free); - a->extensions = NULL; -} -LCRYPTO_ALIAS(TS_REQ_ext_free); - -int -TS_REQ_get_ext_count(TS_REQ *a) -{ - return X509v3_get_ext_count(a->extensions); -} -LCRYPTO_ALIAS(TS_REQ_get_ext_count); - -int -TS_REQ_get_ext_by_NID(TS_REQ *a, int nid, int lastpos) -{ - return X509v3_get_ext_by_NID(a->extensions, nid, lastpos); -} -LCRYPTO_ALIAS(TS_REQ_get_ext_by_NID); - -int -TS_REQ_get_ext_by_OBJ(TS_REQ *a, const ASN1_OBJECT *obj, int lastpos) -{ - return X509v3_get_ext_by_OBJ(a->extensions, obj, lastpos); -} -LCRYPTO_ALIAS(TS_REQ_get_ext_by_OBJ); - -int -TS_REQ_get_ext_by_critical(TS_REQ *a, int crit, int lastpos) -{ - return X509v3_get_ext_by_critical(a->extensions, crit, lastpos); -} -LCRYPTO_ALIAS(TS_REQ_get_ext_by_critical); - -X509_EXTENSION * -TS_REQ_get_ext(TS_REQ *a, int loc) -{ - return X509v3_get_ext(a->extensions, loc); -} -LCRYPTO_ALIAS(TS_REQ_get_ext); - -X509_EXTENSION * -TS_REQ_delete_ext(TS_REQ *a, int loc) -{ - return X509v3_delete_ext(a->extensions, loc); -} -LCRYPTO_ALIAS(TS_REQ_delete_ext); - -int -TS_REQ_add_ext(TS_REQ *a, X509_EXTENSION *ex, int loc) -{ - return X509v3_add_ext(&a->extensions, ex, loc) != NULL; -} -LCRYPTO_ALIAS(TS_REQ_add_ext); - -void * -TS_REQ_get_ext_d2i(TS_REQ *a, int nid, int *crit, int *idx) -{ - return X509V3_get_d2i(a->extensions, nid, crit, idx); -} -LCRYPTO_ALIAS(TS_REQ_get_ext_d2i); diff --git a/src/lib/libcrypto/ts/ts_rsp_print.c b/src/lib/libcrypto/ts/ts_rsp_print.c deleted file mode 100644 index c65d226686..0000000000 --- a/src/lib/libcrypto/ts/ts_rsp_print.c +++ /dev/null @@ -1,306 +0,0 @@ -/* $OpenBSD: ts_rsp_print.c,v 1.7 2023/07/07 07:25:21 beck Exp $ */ -/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL - * project 2002. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include -#include - -#include "ts_local.h" - -struct status_map_st { - int bit; - const char *text; -}; - -/* Local function declarations. */ - -static int TS_status_map_print(BIO *bio, struct status_map_st *a, - ASN1_BIT_STRING *v); -static int TS_ACCURACY_print_bio(BIO *bio, const TS_ACCURACY *accuracy); - -/* Function definitions. */ - -int -TS_RESP_print_bio(BIO *bio, TS_RESP *a) -{ - TS_TST_INFO *tst_info; - - BIO_printf(bio, "Status info:\n"); - TS_STATUS_INFO_print_bio(bio, TS_RESP_get_status_info(a)); - - BIO_printf(bio, "\nTST info:\n"); - tst_info = TS_RESP_get_tst_info(a); - if (tst_info != NULL) - TS_TST_INFO_print_bio(bio, TS_RESP_get_tst_info(a)); - else - BIO_printf(bio, "Not included.\n"); - - return 1; -} -LCRYPTO_ALIAS(TS_RESP_print_bio); - -int -TS_STATUS_INFO_print_bio(BIO *bio, TS_STATUS_INFO *a) -{ - static const char *status_map[] = { - "Granted.", - "Granted with modifications.", - "Rejected.", - "Waiting.", - "Revocation warning.", - "Revoked." - }; - static struct status_map_st failure_map[] = { - { - TS_INFO_BAD_ALG, - "unrecognized or unsupported algorithm identifier" - }, - { - TS_INFO_BAD_REQUEST, - "transaction not permitted or supported" - }, - { - TS_INFO_BAD_DATA_FORMAT, - "the data submitted has the wrong format" - }, - { - TS_INFO_TIME_NOT_AVAILABLE, - "the TSA's time source is not available" - }, - { - TS_INFO_UNACCEPTED_POLICY, - "the requested TSA policy is not supported by the TSA" - }, - { - TS_INFO_UNACCEPTED_EXTENSION, - "the requested extension is not supported by the TSA" - }, - { - TS_INFO_ADD_INFO_NOT_AVAILABLE, - "the additional information requested could not be understood " - "or is not available" - }, - { - TS_INFO_SYSTEM_FAILURE, - "the request cannot be handled due to system failure" - }, - { -1, NULL } - }; - long status; - int i, lines = 0; - - /* Printing status code. */ - BIO_printf(bio, "Status: "); - status = ASN1_INTEGER_get(a->status); - if (0 <= status && - status < (long)(sizeof(status_map) / sizeof(status_map[0]))) - BIO_printf(bio, "%s\n", status_map[status]); - else - BIO_printf(bio, "out of bounds\n"); - - /* Printing status description. */ - BIO_printf(bio, "Status description: "); - for (i = 0; i < sk_ASN1_UTF8STRING_num(a->text); ++i) { - if (i > 0) - BIO_puts(bio, "\t"); - ASN1_STRING_print_ex(bio, sk_ASN1_UTF8STRING_value(a->text, i), - 0); - BIO_puts(bio, "\n"); - } - if (i == 0) - BIO_printf(bio, "unspecified\n"); - - /* Printing failure information. */ - BIO_printf(bio, "Failure info: "); - if (a->failure_info != NULL) - lines = TS_status_map_print(bio, failure_map, a->failure_info); - if (lines == 0) - BIO_printf(bio, "unspecified"); - BIO_printf(bio, "\n"); - - return 1; -} -LCRYPTO_ALIAS(TS_STATUS_INFO_print_bio); - -static int -TS_status_map_print(BIO *bio, struct status_map_st *a, ASN1_BIT_STRING *v) -{ - int lines = 0; - - for (; a->bit >= 0; ++a) { - if (ASN1_BIT_STRING_get_bit(v, a->bit)) { - if (++lines > 1) - BIO_printf(bio, ", "); - BIO_printf(bio, "%s", a->text); - } - } - - return lines; -} - -int -TS_TST_INFO_print_bio(BIO *bio, TS_TST_INFO *a) -{ - int v; - ASN1_OBJECT *policy_id; - const ASN1_INTEGER *serial; - const ASN1_GENERALIZEDTIME *gtime; - TS_ACCURACY *accuracy; - const ASN1_INTEGER *nonce; - GENERAL_NAME *tsa_name; - - if (a == NULL) - return 0; - - /* Print version. */ - v = TS_TST_INFO_get_version(a); - BIO_printf(bio, "Version: %d\n", v); - - /* Print policy id. */ - BIO_printf(bio, "Policy OID: "); - policy_id = TS_TST_INFO_get_policy_id(a); - TS_OBJ_print_bio(bio, policy_id); - - /* Print message imprint. */ - TS_MSG_IMPRINT_print_bio(bio, TS_TST_INFO_get_msg_imprint(a)); - - /* Print serial number. */ - BIO_printf(bio, "Serial number: "); - serial = TS_TST_INFO_get_serial(a); - if (serial == NULL) - BIO_printf(bio, "unspecified"); - else - TS_ASN1_INTEGER_print_bio(bio, serial); - BIO_write(bio, "\n", 1); - - /* Print time stamp. */ - BIO_printf(bio, "Time stamp: "); - gtime = TS_TST_INFO_get_time(a); - ASN1_GENERALIZEDTIME_print(bio, gtime); - BIO_write(bio, "\n", 1); - - /* Print accuracy. */ - BIO_printf(bio, "Accuracy: "); - accuracy = TS_TST_INFO_get_accuracy(a); - if (accuracy == NULL) - BIO_printf(bio, "unspecified"); - else - TS_ACCURACY_print_bio(bio, accuracy); - BIO_write(bio, "\n", 1); - - /* Print ordering. */ - BIO_printf(bio, "Ordering: %s\n", - TS_TST_INFO_get_ordering(a) ? "yes" : "no"); - - /* Print nonce. */ - BIO_printf(bio, "Nonce: "); - nonce = TS_TST_INFO_get_nonce(a); - if (nonce == NULL) - BIO_printf(bio, "unspecified"); - else - TS_ASN1_INTEGER_print_bio(bio, nonce); - BIO_write(bio, "\n", 1); - - /* Print TSA name. */ - BIO_printf(bio, "TSA: "); - tsa_name = TS_TST_INFO_get_tsa(a); - if (tsa_name == NULL) - BIO_printf(bio, "unspecified"); - else { - STACK_OF(CONF_VALUE) *nval; - if ((nval = i2v_GENERAL_NAME(NULL, tsa_name, NULL))) - X509V3_EXT_val_prn(bio, nval, 0, 0); - sk_CONF_VALUE_pop_free(nval, X509V3_conf_free); - } - BIO_write(bio, "\n", 1); - - /* Print extensions. */ - TS_ext_print_bio(bio, TS_TST_INFO_get_exts(a)); - - return 1; -} -LCRYPTO_ALIAS(TS_TST_INFO_print_bio); - -static int -TS_ACCURACY_print_bio(BIO *bio, const TS_ACCURACY *accuracy) -{ - const ASN1_INTEGER *seconds = TS_ACCURACY_get_seconds(accuracy); - const ASN1_INTEGER *millis = TS_ACCURACY_get_millis(accuracy); - const ASN1_INTEGER *micros = TS_ACCURACY_get_micros(accuracy); - - if (seconds != NULL) - TS_ASN1_INTEGER_print_bio(bio, seconds); - else - BIO_printf(bio, "unspecified"); - BIO_printf(bio, " seconds, "); - if (millis != NULL) - TS_ASN1_INTEGER_print_bio(bio, millis); - else - BIO_printf(bio, "unspecified"); - BIO_printf(bio, " millis, "); - if (micros != NULL) - TS_ASN1_INTEGER_print_bio(bio, micros); - else - BIO_printf(bio, "unspecified"); - BIO_printf(bio, " micros"); - - return 1; -} diff --git a/src/lib/libcrypto/ts/ts_rsp_sign.c b/src/lib/libcrypto/ts/ts_rsp_sign.c deleted file mode 100644 index e3101340c5..0000000000 --- a/src/lib/libcrypto/ts/ts_rsp_sign.c +++ /dev/null @@ -1,982 +0,0 @@ -/* $OpenBSD: ts_rsp_sign.c,v 1.35 2024/03/26 00:39:22 beck Exp $ */ -/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL - * project 2002. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include -#include -#include - -#include "evp_local.h" -#include "ts_local.h" -#include "x509_local.h" - -/* Private function declarations. */ - -static ASN1_INTEGER *def_serial_cb(struct TS_resp_ctx *, void *); -static int def_time_cb(struct TS_resp_ctx *, void *, time_t *sec, long *usec); -static int def_extension_cb(struct TS_resp_ctx *, X509_EXTENSION *, void *); - -static void TS_RESP_CTX_init(TS_RESP_CTX *ctx); -static void TS_RESP_CTX_cleanup(TS_RESP_CTX *ctx); -static int TS_RESP_check_request(TS_RESP_CTX *ctx); -static ASN1_OBJECT *TS_RESP_get_policy(TS_RESP_CTX *ctx); -static TS_TST_INFO *TS_RESP_create_tst_info(TS_RESP_CTX *ctx, - ASN1_OBJECT *policy); -static int TS_RESP_process_extensions(TS_RESP_CTX *ctx); -static int TS_RESP_sign(TS_RESP_CTX *ctx); - -static ESS_SIGNING_CERT *ESS_SIGNING_CERT_new_init(X509 *signcert, - STACK_OF(X509) *certs); -static ESS_CERT_ID *ESS_CERT_ID_new_init(X509 *cert, int issuer_needed); -static int TS_TST_INFO_content_new(PKCS7 *p7); -static int ESS_add_signing_cert(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc); - -/* Default callbacks for response generation. */ - -static ASN1_INTEGER * -def_serial_cb(struct TS_resp_ctx *ctx, void *data) -{ - ASN1_INTEGER *serial; - - if ((serial = ASN1_INTEGER_new()) == NULL) - goto err; - if (!ASN1_INTEGER_set(serial, 1)) - goto err; - - return serial; - - err: - ASN1_INTEGER_free(serial); - TSerror(ERR_R_MALLOC_FAILURE); - TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION, - "Error during serial number generation."); - - return NULL; -} - -/* Use the gettimeofday function call. */ -static int -def_time_cb(struct TS_resp_ctx *ctx, void *data, time_t *sec, long *usec) -{ - struct timeval tv; - - if (gettimeofday(&tv, NULL) != 0) { - TSerror(TS_R_TIME_SYSCALL_ERROR); - TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION, - "Time is not available."); - TS_RESP_CTX_add_failure_info(ctx, TS_INFO_TIME_NOT_AVAILABLE); - return 0; - } - /* Return time to caller. */ - *sec = tv.tv_sec; - *usec = tv.tv_usec; - - return 1; -} - -static int -def_extension_cb(struct TS_resp_ctx *ctx, X509_EXTENSION *ext, void *data) -{ - /* No extensions are processed here. */ - TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION, - "Unsupported extension."); - TS_RESP_CTX_add_failure_info(ctx, TS_INFO_UNACCEPTED_EXTENSION); - return 0; -} - -void -TS_RESP_CTX_set_time_cb(TS_RESP_CTX *ctx, TS_time_cb cb, void *data) -{ - ctx->time_cb = cb; - ctx->time_cb_data = data; -} -LCRYPTO_ALIAS(TS_RESP_CTX_set_time_cb); - -/* TS_RESP_CTX management functions. */ - -TS_RESP_CTX * -TS_RESP_CTX_new(void) -{ - TS_RESP_CTX *ctx; - - if (!(ctx = calloc(1, sizeof(TS_RESP_CTX)))) { - TSerror(ERR_R_MALLOC_FAILURE); - return NULL; - } - - /* Setting default callbacks. */ - ctx->serial_cb = def_serial_cb; - ctx->time_cb = def_time_cb; - ctx->extension_cb = def_extension_cb; - - return ctx; -} -LCRYPTO_ALIAS(TS_RESP_CTX_new); - -void -TS_RESP_CTX_free(TS_RESP_CTX *ctx) -{ - if (!ctx) - return; - - X509_free(ctx->signer_cert); - EVP_PKEY_free(ctx->signer_key); - sk_X509_pop_free(ctx->certs, X509_free); - sk_ASN1_OBJECT_pop_free(ctx->policies, ASN1_OBJECT_free); - ASN1_OBJECT_free(ctx->default_policy); - sk_EVP_MD_free(ctx->mds); /* No EVP_MD_free method exists. */ - ASN1_INTEGER_free(ctx->seconds); - ASN1_INTEGER_free(ctx->millis); - ASN1_INTEGER_free(ctx->micros); - free(ctx); -} -LCRYPTO_ALIAS(TS_RESP_CTX_free); - -int -TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer) -{ - if (X509_check_purpose(signer, X509_PURPOSE_TIMESTAMP_SIGN, 0) != 1) { - TSerror(TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE); - return 0; - } - X509_free(ctx->signer_cert); - ctx->signer_cert = signer; - CRYPTO_add(&ctx->signer_cert->references, +1, CRYPTO_LOCK_X509); - return 1; -} -LCRYPTO_ALIAS(TS_RESP_CTX_set_signer_cert); - -int -TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key) -{ - EVP_PKEY_free(ctx->signer_key); - ctx->signer_key = key; - CRYPTO_add(&ctx->signer_key->references, +1, CRYPTO_LOCK_EVP_PKEY); - - return 1; -} -LCRYPTO_ALIAS(TS_RESP_CTX_set_signer_key); - -int -TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, const ASN1_OBJECT *def_policy) -{ - if (ctx->default_policy) - ASN1_OBJECT_free(ctx->default_policy); - if (!(ctx->default_policy = OBJ_dup(def_policy))) - goto err; - return 1; - -err: - TSerror(ERR_R_MALLOC_FAILURE); - return 0; -} -LCRYPTO_ALIAS(TS_RESP_CTX_set_def_policy); - -int -TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs) -{ - int i; - - if (ctx->certs) { - sk_X509_pop_free(ctx->certs, X509_free); - ctx->certs = NULL; - } - if (!certs) - return 1; - if (!(ctx->certs = sk_X509_dup(certs))) { - TSerror(ERR_R_MALLOC_FAILURE); - return 0; - } - for (i = 0; i < sk_X509_num(ctx->certs); ++i) { - X509 *cert = sk_X509_value(ctx->certs, i); - CRYPTO_add(&cert->references, +1, CRYPTO_LOCK_X509); - } - - return 1; -} -LCRYPTO_ALIAS(TS_RESP_CTX_set_certs); - -int -TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, const ASN1_OBJECT *policy) -{ - ASN1_OBJECT *copy = NULL; - - /* Create new policy stack if necessary. */ - if (!ctx->policies && !(ctx->policies = sk_ASN1_OBJECT_new_null())) - goto err; - if (!(copy = OBJ_dup(policy))) - goto err; - if (!sk_ASN1_OBJECT_push(ctx->policies, copy)) - goto err; - - return 1; - -err: - TSerror(ERR_R_MALLOC_FAILURE); - ASN1_OBJECT_free(copy); - return 0; -} -LCRYPTO_ALIAS(TS_RESP_CTX_add_policy); - -int -TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md) -{ - /* Create new md stack if necessary. */ - if (!ctx->mds && !(ctx->mds = sk_EVP_MD_new_null())) - goto err; - /* Add the shared md, no copy needed. */ - if (!sk_EVP_MD_push(ctx->mds, (EVP_MD *)md)) - goto err; - - return 1; - -err: - TSerror(ERR_R_MALLOC_FAILURE); - return 0; -} -LCRYPTO_ALIAS(TS_RESP_CTX_add_md); - -#define TS_RESP_CTX_accuracy_free(ctx) \ - ASN1_INTEGER_free(ctx->seconds); \ - ctx->seconds = NULL; \ - ASN1_INTEGER_free(ctx->millis); \ - ctx->millis = NULL; \ - ASN1_INTEGER_free(ctx->micros); \ - ctx->micros = NULL; - -int -TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx, int secs, int millis, int micros) -{ - TS_RESP_CTX_accuracy_free(ctx); - if (secs && (!(ctx->seconds = ASN1_INTEGER_new()) || - !ASN1_INTEGER_set(ctx->seconds, secs))) - goto err; - if (millis && (!(ctx->millis = ASN1_INTEGER_new()) || - !ASN1_INTEGER_set(ctx->millis, millis))) - goto err; - if (micros && (!(ctx->micros = ASN1_INTEGER_new()) || - !ASN1_INTEGER_set(ctx->micros, micros))) - goto err; - - return 1; - -err: - TS_RESP_CTX_accuracy_free(ctx); - TSerror(ERR_R_MALLOC_FAILURE); - return 0; -} -LCRYPTO_ALIAS(TS_RESP_CTX_set_accuracy); - -void -TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags) -{ - ctx->flags |= flags; -} -LCRYPTO_ALIAS(TS_RESP_CTX_add_flags); - -void -TS_RESP_CTX_set_serial_cb(TS_RESP_CTX *ctx, TS_serial_cb cb, void *data) -{ - ctx->serial_cb = cb; - ctx->serial_cb_data = data; -} -LCRYPTO_ALIAS(TS_RESP_CTX_set_serial_cb); - -void -TS_RESP_CTX_set_extension_cb(TS_RESP_CTX *ctx, TS_extension_cb cb, void *data) -{ - ctx->extension_cb = cb; - ctx->extension_cb_data = data; -} -LCRYPTO_ALIAS(TS_RESP_CTX_set_extension_cb); - -int -TS_RESP_CTX_set_status_info(TS_RESP_CTX *ctx, int status, const char *text) -{ - TS_STATUS_INFO *si = NULL; - ASN1_UTF8STRING *utf8_text = NULL; - int ret = 0; - - if (!(si = TS_STATUS_INFO_new())) - goto err; - if (!ASN1_INTEGER_set(si->status, status)) - goto err; - if (text) { - if (!(utf8_text = ASN1_UTF8STRING_new()) || - !ASN1_STRING_set(utf8_text, text, strlen(text))) - goto err; - if (!si->text && !(si->text = sk_ASN1_UTF8STRING_new_null())) - goto err; - if (!sk_ASN1_UTF8STRING_push(si->text, utf8_text)) - goto err; - utf8_text = NULL; /* Ownership is lost. */ - } - if (!TS_RESP_set_status_info(ctx->response, si)) - goto err; - ret = 1; - -err: - if (!ret) - TSerror(ERR_R_MALLOC_FAILURE); - TS_STATUS_INFO_free(si); - ASN1_UTF8STRING_free(utf8_text); - return ret; -} -LCRYPTO_ALIAS(TS_RESP_CTX_set_status_info); - -int -TS_RESP_CTX_set_status_info_cond(TS_RESP_CTX *ctx, int status, const char *text) -{ - int ret = 1; - TS_STATUS_INFO *si = TS_RESP_get_status_info(ctx->response); - - if (ASN1_INTEGER_get(si->status) == TS_STATUS_GRANTED) { - /* Status has not been set, set it now. */ - ret = TS_RESP_CTX_set_status_info(ctx, status, text); - } - return ret; -} -LCRYPTO_ALIAS(TS_RESP_CTX_set_status_info_cond); - -int -TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure) -{ - TS_STATUS_INFO *si = TS_RESP_get_status_info(ctx->response); - - if (!si->failure_info && !(si->failure_info = ASN1_BIT_STRING_new())) - goto err; - if (!ASN1_BIT_STRING_set_bit(si->failure_info, failure, 1)) - goto err; - return 1; - -err: - TSerror(ERR_R_MALLOC_FAILURE); - return 0; -} -LCRYPTO_ALIAS(TS_RESP_CTX_add_failure_info); - -TS_REQ * -TS_RESP_CTX_get_request(TS_RESP_CTX *ctx) -{ - return ctx->request; -} -LCRYPTO_ALIAS(TS_RESP_CTX_get_request); - -TS_TST_INFO * -TS_RESP_CTX_get_tst_info(TS_RESP_CTX *ctx) -{ - return ctx->tst_info; -} -LCRYPTO_ALIAS(TS_RESP_CTX_get_tst_info); - -int -TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx, unsigned precision) -{ - if (precision > 0) - return 0; - ctx->clock_precision_digits = precision; - return 1; -} -LCRYPTO_ALIAS(TS_RESP_CTX_set_clock_precision_digits); - -/* Main entry method of the response generation. */ -TS_RESP * -TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio) -{ - ASN1_OBJECT *policy; - TS_RESP *response; - int result = 0; - - TS_RESP_CTX_init(ctx); - - /* Creating the response object. */ - if (!(ctx->response = TS_RESP_new())) { - TSerror(ERR_R_MALLOC_FAILURE); - goto end; - } - - /* Parsing DER request. */ - if (!(ctx->request = d2i_TS_REQ_bio(req_bio, NULL))) { - TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION, - "Bad request format or " - "system error."); - TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_DATA_FORMAT); - goto end; - } - - /* Setting default status info. */ - if (!TS_RESP_CTX_set_status_info(ctx, TS_STATUS_GRANTED, NULL)) - goto end; - - /* Checking the request format. */ - if (!TS_RESP_check_request(ctx)) - goto end; - - /* Checking acceptable policies. */ - if (!(policy = TS_RESP_get_policy(ctx))) - goto end; - - /* Creating the TS_TST_INFO object. */ - if (!(ctx->tst_info = TS_RESP_create_tst_info(ctx, policy))) - goto end; - - /* Processing extensions. */ - if (!TS_RESP_process_extensions(ctx)) - goto end; - - /* Generating the signature. */ - if (!TS_RESP_sign(ctx)) - goto end; - - /* Everything was successful. */ - result = 1; - -end: - if (!result) { - TSerror(TS_R_RESPONSE_SETUP_ERROR); - if (ctx->response != NULL) { - if (TS_RESP_CTX_set_status_info_cond(ctx, - TS_STATUS_REJECTION, "Error during response " - "generation.") == 0) { - TS_RESP_free(ctx->response); - ctx->response = NULL; - } - } - } - response = ctx->response; - ctx->response = NULL; /* Ownership will be returned to caller. */ - TS_RESP_CTX_cleanup(ctx); - return response; -} -LCRYPTO_ALIAS(TS_RESP_create_response); - -/* Initializes the variable part of the context. */ -static void -TS_RESP_CTX_init(TS_RESP_CTX *ctx) -{ - ctx->request = NULL; - ctx->response = NULL; - ctx->tst_info = NULL; -} - -/* Cleans up the variable part of the context. */ -static void -TS_RESP_CTX_cleanup(TS_RESP_CTX *ctx) -{ - TS_REQ_free(ctx->request); - ctx->request = NULL; - TS_RESP_free(ctx->response); - ctx->response = NULL; - TS_TST_INFO_free(ctx->tst_info); - ctx->tst_info = NULL; -} - -/* Checks the format and content of the request. */ -static int -TS_RESP_check_request(TS_RESP_CTX *ctx) -{ - TS_REQ *request = ctx->request; - TS_MSG_IMPRINT *msg_imprint; - X509_ALGOR *md_alg; - int md_alg_id; - const ASN1_OCTET_STRING *digest; - EVP_MD *md = NULL; - int i; - - /* Checking request version. */ - if (TS_REQ_get_version(request) != 1) { - TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION, - "Bad request version."); - TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_REQUEST); - return 0; - } - - /* Checking message digest algorithm. */ - msg_imprint = TS_REQ_get_msg_imprint(request); - md_alg = TS_MSG_IMPRINT_get_algo(msg_imprint); - md_alg_id = OBJ_obj2nid(md_alg->algorithm); - for (i = 0; !md && i < sk_EVP_MD_num(ctx->mds); ++i) { - EVP_MD *current_md = sk_EVP_MD_value(ctx->mds, i); - if (md_alg_id == EVP_MD_type(current_md)) - md = current_md; - } - if (!md) { - TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION, - "Message digest algorithm is " - "not supported."); - TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_ALG); - return 0; - } - - /* No message digest takes parameter. */ - if (md_alg->parameter && - ASN1_TYPE_get(md_alg->parameter) != V_ASN1_NULL) { - TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION, - "Superfluous message digest " - "parameter."); - TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_ALG); - return 0; - } - /* Checking message digest size. */ - digest = TS_MSG_IMPRINT_get_msg(msg_imprint); - if (digest->length != EVP_MD_size(md)) { - TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION, - "Bad message digest."); - TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_DATA_FORMAT); - return 0; - } - - return 1; -} - -/* Returns the TSA policy based on the requested and acceptable policies. */ -static ASN1_OBJECT * -TS_RESP_get_policy(TS_RESP_CTX *ctx) -{ - ASN1_OBJECT *requested = TS_REQ_get_policy_id(ctx->request); - ASN1_OBJECT *policy = NULL; - int i; - - if (ctx->default_policy == NULL) { - TSerror(TS_R_INVALID_NULL_POINTER); - return NULL; - } - /* Return the default policy if none is requested or the default is - requested. */ - if (!requested || !OBJ_cmp(requested, ctx->default_policy)) - policy = ctx->default_policy; - - /* Check if the policy is acceptable. */ - for (i = 0; !policy && i < sk_ASN1_OBJECT_num(ctx->policies); ++i) { - ASN1_OBJECT *current = sk_ASN1_OBJECT_value(ctx->policies, i); - if (!OBJ_cmp(requested, current)) - policy = current; - } - if (!policy) { - TSerror(TS_R_UNACCEPTABLE_POLICY); - TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION, - "Requested policy is not " - "supported."); - TS_RESP_CTX_add_failure_info(ctx, TS_INFO_UNACCEPTED_POLICY); - } - return policy; -} - -/* Creates the TS_TST_INFO object based on the settings of the context. */ -static TS_TST_INFO * -TS_RESP_create_tst_info(TS_RESP_CTX *ctx, ASN1_OBJECT *policy) -{ - int result = 0; - TS_TST_INFO *tst_info = NULL; - ASN1_INTEGER *serial = NULL; - ASN1_GENERALIZEDTIME *asn1_time = NULL; - time_t sec; - long usec; - TS_ACCURACY *accuracy = NULL; - const ASN1_INTEGER *nonce; - GENERAL_NAME *tsa_name = NULL; - - if (!(tst_info = TS_TST_INFO_new())) - goto end; - if (!TS_TST_INFO_set_version(tst_info, 1)) - goto end; - if (!TS_TST_INFO_set_policy_id(tst_info, policy)) - goto end; - if (!TS_TST_INFO_set_msg_imprint(tst_info, ctx->request->msg_imprint)) - goto end; - if (!(serial = (*ctx->serial_cb)(ctx, ctx->serial_cb_data)) || - !TS_TST_INFO_set_serial(tst_info, serial)) - goto end; - if (!(*ctx->time_cb)(ctx, ctx->time_cb_data, &sec, &usec) || - ((asn1_time = ASN1_GENERALIZEDTIME_set(NULL, sec)) == NULL) || - !TS_TST_INFO_set_time(tst_info, asn1_time)) - goto end; - - /* Setting accuracy if needed. */ - if ((ctx->seconds || ctx->millis || ctx->micros) && - !(accuracy = TS_ACCURACY_new())) - goto end; - - if (ctx->seconds && !TS_ACCURACY_set_seconds(accuracy, ctx->seconds)) - goto end; - if (ctx->millis && !TS_ACCURACY_set_millis(accuracy, ctx->millis)) - goto end; - if (ctx->micros && !TS_ACCURACY_set_micros(accuracy, ctx->micros)) - goto end; - if (accuracy && !TS_TST_INFO_set_accuracy(tst_info, accuracy)) - goto end; - - /* Setting ordering. */ - if ((ctx->flags & TS_ORDERING) && - !TS_TST_INFO_set_ordering(tst_info, 1)) - goto end; - - /* Setting nonce if needed. */ - if ((nonce = TS_REQ_get_nonce(ctx->request)) != NULL && - !TS_TST_INFO_set_nonce(tst_info, nonce)) - goto end; - - /* Setting TSA name to subject of signer certificate. */ - if (ctx->flags & TS_TSA_NAME) { - if (!(tsa_name = GENERAL_NAME_new())) - goto end; - tsa_name->type = GEN_DIRNAME; - tsa_name->d.dirn = - X509_NAME_dup(X509_get_subject_name(ctx->signer_cert)); - if (!tsa_name->d.dirn) - goto end; - if (!TS_TST_INFO_set_tsa(tst_info, tsa_name)) - goto end; - } - - result = 1; - -end: - if (!result) { - TS_TST_INFO_free(tst_info); - tst_info = NULL; - TSerror(TS_R_TST_INFO_SETUP_ERROR); - TS_RESP_CTX_set_status_info_cond(ctx, TS_STATUS_REJECTION, - "Error during TSTInfo " - "generation."); - } - GENERAL_NAME_free(tsa_name); - TS_ACCURACY_free(accuracy); - ASN1_GENERALIZEDTIME_free(asn1_time); - ASN1_INTEGER_free(serial); - - return tst_info; -} - -/* Processing the extensions of the request. */ -static int -TS_RESP_process_extensions(TS_RESP_CTX *ctx) -{ - STACK_OF(X509_EXTENSION) *exts = TS_REQ_get_exts(ctx->request); - int i; - int ok = 1; - - for (i = 0; ok && i < sk_X509_EXTENSION_num(exts); ++i) { - X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i); - /* XXXXX The last argument was previously - (void *)ctx->extension_cb, but ISO C doesn't permit - converting a function pointer to void *. For lack of - better information, I'm placing a NULL there instead. - The callback can pick its own address out from the ctx - anyway... - */ - ok = (*ctx->extension_cb)(ctx, ext, NULL); - } - - return ok; -} - -/* Functions for signing the TS_TST_INFO structure of the context. */ -static int -TS_RESP_sign(TS_RESP_CTX *ctx) -{ - int ret = 0; - PKCS7 *p7 = NULL; - PKCS7_SIGNER_INFO *si; - STACK_OF(X509) *certs; /* Certificates to include in sc. */ - ESS_SIGNING_CERT *sc = NULL; - ASN1_OBJECT *oid; - BIO *p7bio = NULL; - int i; - - /* Check if signcert and pkey match. */ - if (!X509_check_private_key(ctx->signer_cert, ctx->signer_key)) { - TSerror(TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE); - goto err; - } - - /* Create a new PKCS7 signed object. */ - if (!(p7 = PKCS7_new())) { - TSerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if (!PKCS7_set_type(p7, NID_pkcs7_signed)) - goto err; - - /* Force SignedData version to be 3 instead of the default 1. */ - if (!ASN1_INTEGER_set(p7->d.sign->version, 3)) - goto err; - - /* Add signer certificate and optional certificate chain. */ - if (TS_REQ_get_cert_req(ctx->request)) { - PKCS7_add_certificate(p7, ctx->signer_cert); - if (ctx->certs) { - for (i = 0; i < sk_X509_num(ctx->certs); ++i) { - X509 *cert = sk_X509_value(ctx->certs, i); - PKCS7_add_certificate(p7, cert); - } - } - } - - /* Add a new signer info. */ - if (!(si = PKCS7_add_signature(p7, ctx->signer_cert, - ctx->signer_key, EVP_sha1()))) { - TSerror(TS_R_PKCS7_ADD_SIGNATURE_ERROR); - goto err; - } - - /* Add content type signed attribute to the signer info. */ - oid = OBJ_nid2obj(NID_id_smime_ct_TSTInfo); - if (!PKCS7_add_signed_attribute(si, NID_pkcs9_contentType, - V_ASN1_OBJECT, oid)) { - TSerror(TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR); - goto err; - } - - /* Create the ESS SigningCertificate attribute which contains - the signer certificate id and optionally the certificate chain. */ - certs = ctx->flags & TS_ESS_CERT_ID_CHAIN ? ctx->certs : NULL; - if (!(sc = ESS_SIGNING_CERT_new_init(ctx->signer_cert, certs))) - goto err; - - /* Add SigningCertificate signed attribute to the signer info. */ - if (!ESS_add_signing_cert(si, sc)) { - TSerror(TS_R_ESS_ADD_SIGNING_CERT_ERROR); - goto err; - } - - /* Add a new empty NID_id_smime_ct_TSTInfo encapsulated content. */ - if (!TS_TST_INFO_content_new(p7)) - goto err; - - /* Add the DER encoded tst_info to the PKCS7 structure. */ - if (!(p7bio = PKCS7_dataInit(p7, NULL))) { - TSerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - /* Convert tst_info to DER. */ - if (!i2d_TS_TST_INFO_bio(p7bio, ctx->tst_info)) { - TSerror(TS_R_TS_DATASIGN); - goto err; - } - - /* Create the signature and add it to the signer info. */ - if (!PKCS7_dataFinal(p7, p7bio)) { - TSerror(TS_R_TS_DATASIGN); - goto err; - } - - /* Set new PKCS7 and TST_INFO objects. */ - TS_RESP_set_tst_info(ctx->response, p7, ctx->tst_info); - p7 = NULL; /* Ownership is lost. */ - ctx->tst_info = NULL; /* Ownership is lost. */ - - ret = 1; - -err: - if (!ret) - TS_RESP_CTX_set_status_info_cond(ctx, TS_STATUS_REJECTION, - "Error during signature " - "generation."); - BIO_free_all(p7bio); - ESS_SIGNING_CERT_free(sc); - PKCS7_free(p7); - return ret; -} - -static ESS_SIGNING_CERT * -ESS_SIGNING_CERT_new_init(X509 *signcert, STACK_OF(X509) *certs) -{ - ESS_CERT_ID *cid; - ESS_SIGNING_CERT *sc = NULL; - int i; - - /* Creating the ESS_CERT_ID stack. */ - if (!(sc = ESS_SIGNING_CERT_new())) - goto err; - if (!sc->cert_ids && !(sc->cert_ids = sk_ESS_CERT_ID_new_null())) - goto err; - - /* Adding the signing certificate id. */ - if (!(cid = ESS_CERT_ID_new_init(signcert, 0)) || - !sk_ESS_CERT_ID_push(sc->cert_ids, cid)) - goto err; - /* Adding the certificate chain ids. */ - for (i = 0; i < sk_X509_num(certs); ++i) { - X509 *cert = sk_X509_value(certs, i); - if (!(cid = ESS_CERT_ID_new_init(cert, 1)) || - !sk_ESS_CERT_ID_push(sc->cert_ids, cid)) - goto err; - } - - return sc; - -err: - ESS_SIGNING_CERT_free(sc); - TSerror(ERR_R_MALLOC_FAILURE); - return NULL; -} - -static ESS_CERT_ID * -ESS_CERT_ID_new_init(X509 *cert, int issuer_needed) -{ - ESS_CERT_ID *cid = NULL; - GENERAL_NAME *name = NULL; - unsigned char cert_hash[TS_HASH_LEN]; - - /* Recompute SHA1 hash of certificate if necessary (side effect). */ - X509_check_purpose(cert, -1, 0); - - if (!(cid = ESS_CERT_ID_new())) - goto err; - - if (!X509_digest(cert, TS_HASH_EVP, cert_hash, NULL)) - goto err; - - if (!ASN1_OCTET_STRING_set(cid->hash, cert_hash, sizeof(cert_hash))) - goto err; - - /* Setting the issuer/serial if requested. */ - if (issuer_needed) { - /* Creating issuer/serial structure. */ - if (!cid->issuer_serial && - !(cid->issuer_serial = ESS_ISSUER_SERIAL_new())) - goto err; - /* Creating general name from the certificate issuer. */ - if (!(name = GENERAL_NAME_new())) - goto err; - name->type = GEN_DIRNAME; - if ((name->d.dirn = X509_NAME_dup(X509_get_issuer_name(cert))) == NULL) - goto err; - if (!sk_GENERAL_NAME_push(cid->issuer_serial->issuer, name)) - goto err; - name = NULL; /* Ownership is lost. */ - /* Setting the serial number. */ - ASN1_INTEGER_free(cid->issuer_serial->serial); - if (!(cid->issuer_serial->serial = - ASN1_INTEGER_dup(X509_get_serialNumber(cert)))) - goto err; - } - - return cid; - -err: - GENERAL_NAME_free(name); - ESS_CERT_ID_free(cid); - TSerror(ERR_R_MALLOC_FAILURE); - return NULL; -} - -static int -TS_TST_INFO_content_new(PKCS7 *p7) -{ - PKCS7 *ret = NULL; - ASN1_OCTET_STRING *octet_string = NULL; - - /* Create new encapsulated NID_id_smime_ct_TSTInfo content. */ - if (!(ret = PKCS7_new())) - goto err; - if (!(ret->d.other = ASN1_TYPE_new())) - goto err; - ret->type = OBJ_nid2obj(NID_id_smime_ct_TSTInfo); - if (!(octet_string = ASN1_OCTET_STRING_new())) - goto err; - ASN1_TYPE_set(ret->d.other, V_ASN1_OCTET_STRING, octet_string); - octet_string = NULL; - - /* Add encapsulated content to signed PKCS7 structure. */ - if (!PKCS7_set_content(p7, ret)) - goto err; - - return 1; - -err: - ASN1_OCTET_STRING_free(octet_string); - PKCS7_free(ret); - return 0; -} - -static int -ESS_add_signing_cert(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc) -{ - ASN1_STRING *seq = NULL; - unsigned char *p, *pp = NULL; - int len; - - len = i2d_ESS_SIGNING_CERT(sc, NULL); - if (!(pp = malloc(len))) { - TSerror(ERR_R_MALLOC_FAILURE); - goto err; - } - p = pp; - i2d_ESS_SIGNING_CERT(sc, &p); - if (!(seq = ASN1_STRING_new()) || !ASN1_STRING_set(seq, pp, len)) { - TSerror(ERR_R_MALLOC_FAILURE); - goto err; - } - free(pp); - pp = NULL; - return PKCS7_add_signed_attribute(si, - NID_id_smime_aa_signingCertificate, V_ASN1_SEQUENCE, seq); - -err: - ASN1_STRING_free(seq); - free(pp); - - return 0; -} diff --git a/src/lib/libcrypto/ts/ts_rsp_utils.c b/src/lib/libcrypto/ts/ts_rsp_utils.c deleted file mode 100644 index 34994adce8..0000000000 --- a/src/lib/libcrypto/ts/ts_rsp_utils.c +++ /dev/null @@ -1,503 +0,0 @@ -/* $OpenBSD: ts_rsp_utils.c,v 1.11 2023/07/07 19:37:54 beck Exp $ */ -/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL - * project 2002. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include -#include - -#include "ts_local.h" - -/* Function definitions. */ - -int -TS_RESP_set_status_info(TS_RESP *a, TS_STATUS_INFO *status_info) -{ - TS_STATUS_INFO *new_status_info; - - if (a->status_info == status_info) - return 1; - new_status_info = TS_STATUS_INFO_dup(status_info); - if (new_status_info == NULL) { - TSerror(ERR_R_MALLOC_FAILURE); - return 0; - } - TS_STATUS_INFO_free(a->status_info); - a->status_info = new_status_info; - - return 1; -} -LCRYPTO_ALIAS(TS_RESP_set_status_info); - -TS_STATUS_INFO * -TS_RESP_get_status_info(TS_RESP *a) -{ - return a->status_info; -} -LCRYPTO_ALIAS(TS_RESP_get_status_info); - -const ASN1_UTF8STRING * -TS_STATUS_INFO_get0_failure_info(const TS_STATUS_INFO *si) -{ - return si->failure_info; -} -LCRYPTO_ALIAS(TS_STATUS_INFO_get0_failure_info); - -const STACK_OF(ASN1_UTF8STRING) * -TS_STATUS_INFO_get0_text(const TS_STATUS_INFO *si) -{ - return si->text; -} -LCRYPTO_ALIAS(TS_STATUS_INFO_get0_text); - -const ASN1_INTEGER * -TS_STATUS_INFO_get0_status(const TS_STATUS_INFO *si) -{ - return si->status; -} -LCRYPTO_ALIAS(TS_STATUS_INFO_get0_status); - -int -TS_STATUS_INFO_set_status(TS_STATUS_INFO *si, int i) -{ - return ASN1_INTEGER_set(si->status, i); -} -LCRYPTO_ALIAS(TS_STATUS_INFO_set_status); - -/* Caller loses ownership of PKCS7 and TS_TST_INFO objects. */ -void -TS_RESP_set_tst_info(TS_RESP *a, PKCS7 *p7, TS_TST_INFO *tst_info) -{ - /* Set new PKCS7 and TST_INFO objects. */ - PKCS7_free(a->token); - a->token = p7; - TS_TST_INFO_free(a->tst_info); - a->tst_info = tst_info; -} -LCRYPTO_ALIAS(TS_RESP_set_tst_info); - -PKCS7 * -TS_RESP_get_token(TS_RESP *a) -{ - return a->token; -} -LCRYPTO_ALIAS(TS_RESP_get_token); - -TS_TST_INFO * -TS_RESP_get_tst_info(TS_RESP *a) -{ - return a->tst_info; -} -LCRYPTO_ALIAS(TS_RESP_get_tst_info); - -int -TS_TST_INFO_set_version(TS_TST_INFO *a, long version) -{ - return ASN1_INTEGER_set(a->version, version); -} -LCRYPTO_ALIAS(TS_TST_INFO_set_version); - -long -TS_TST_INFO_get_version(const TS_TST_INFO *a) -{ - return ASN1_INTEGER_get(a->version); -} -LCRYPTO_ALIAS(TS_TST_INFO_get_version); - -int -TS_TST_INFO_set_policy_id(TS_TST_INFO *a, ASN1_OBJECT *policy) -{ - ASN1_OBJECT *new_policy; - - if (a->policy_id == policy) - return 1; - new_policy = OBJ_dup(policy); - if (new_policy == NULL) { - TSerror(ERR_R_MALLOC_FAILURE); - return 0; - } - ASN1_OBJECT_free(a->policy_id); - a->policy_id = new_policy; - return 1; -} -LCRYPTO_ALIAS(TS_TST_INFO_set_policy_id); - -ASN1_OBJECT * -TS_TST_INFO_get_policy_id(TS_TST_INFO *a) -{ - return a->policy_id; -} -LCRYPTO_ALIAS(TS_TST_INFO_get_policy_id); - -int -TS_TST_INFO_set_msg_imprint(TS_TST_INFO *a, TS_MSG_IMPRINT *msg_imprint) -{ - TS_MSG_IMPRINT *new_msg_imprint; - - if (a->msg_imprint == msg_imprint) - return 1; - new_msg_imprint = TS_MSG_IMPRINT_dup(msg_imprint); - if (new_msg_imprint == NULL) { - TSerror(ERR_R_MALLOC_FAILURE); - return 0; - } - TS_MSG_IMPRINT_free(a->msg_imprint); - a->msg_imprint = new_msg_imprint; - return 1; -} -LCRYPTO_ALIAS(TS_TST_INFO_set_msg_imprint); - -TS_MSG_IMPRINT * -TS_TST_INFO_get_msg_imprint(TS_TST_INFO *a) -{ - return a->msg_imprint; -} -LCRYPTO_ALIAS(TS_TST_INFO_get_msg_imprint); - -int -TS_TST_INFO_set_serial(TS_TST_INFO *a, const ASN1_INTEGER *serial) -{ - ASN1_INTEGER *new_serial; - - if (a->serial == serial) - return 1; - new_serial = ASN1_INTEGER_dup(serial); - if (new_serial == NULL) { - TSerror(ERR_R_MALLOC_FAILURE); - return 0; - } - ASN1_INTEGER_free(a->serial); - a->serial = new_serial; - return 1; -} -LCRYPTO_ALIAS(TS_TST_INFO_set_serial); - -const ASN1_INTEGER * -TS_TST_INFO_get_serial(const TS_TST_INFO *a) -{ - return a->serial; -} -LCRYPTO_ALIAS(TS_TST_INFO_get_serial); - -int -TS_TST_INFO_set_time(TS_TST_INFO *a, const ASN1_GENERALIZEDTIME *gtime) -{ - ASN1_GENERALIZEDTIME *new_time; - - if (a->time == gtime) - return 1; - new_time = ASN1_STRING_dup(gtime); - if (new_time == NULL) { - TSerror(ERR_R_MALLOC_FAILURE); - return 0; - } - ASN1_GENERALIZEDTIME_free(a->time); - a->time = new_time; - return 1; -} -LCRYPTO_ALIAS(TS_TST_INFO_set_time); - -const ASN1_GENERALIZEDTIME * -TS_TST_INFO_get_time(const TS_TST_INFO *a) -{ - return a->time; -} -LCRYPTO_ALIAS(TS_TST_INFO_get_time); - -int -TS_TST_INFO_set_accuracy(TS_TST_INFO *a, TS_ACCURACY *accuracy) -{ - TS_ACCURACY *new_accuracy; - - if (a->accuracy == accuracy) - return 1; - new_accuracy = TS_ACCURACY_dup(accuracy); - if (new_accuracy == NULL) { - TSerror(ERR_R_MALLOC_FAILURE); - return 0; - } - TS_ACCURACY_free(a->accuracy); - a->accuracy = new_accuracy; - return 1; -} -LCRYPTO_ALIAS(TS_TST_INFO_set_accuracy); - -TS_ACCURACY * -TS_TST_INFO_get_accuracy(TS_TST_INFO *a) -{ - return a->accuracy; -} -LCRYPTO_ALIAS(TS_TST_INFO_get_accuracy); - -int -TS_ACCURACY_set_seconds(TS_ACCURACY *a, const ASN1_INTEGER *seconds) -{ - ASN1_INTEGER *new_seconds; - - if (a->seconds == seconds) - return 1; - new_seconds = ASN1_INTEGER_dup(seconds); - if (new_seconds == NULL) { - TSerror(ERR_R_MALLOC_FAILURE); - return 0; - } - ASN1_INTEGER_free(a->seconds); - a->seconds = new_seconds; - return 1; -} -LCRYPTO_ALIAS(TS_ACCURACY_set_seconds); - -const ASN1_INTEGER * -TS_ACCURACY_get_seconds(const TS_ACCURACY *a) -{ - return a->seconds; -} -LCRYPTO_ALIAS(TS_ACCURACY_get_seconds); - -int -TS_ACCURACY_set_millis(TS_ACCURACY *a, const ASN1_INTEGER *millis) -{ - ASN1_INTEGER *new_millis = NULL; - - if (a->millis == millis) - return 1; - if (millis != NULL) { - new_millis = ASN1_INTEGER_dup(millis); - if (new_millis == NULL) { - TSerror(ERR_R_MALLOC_FAILURE); - return 0; - } - } - ASN1_INTEGER_free(a->millis); - a->millis = new_millis; - return 1; -} -LCRYPTO_ALIAS(TS_ACCURACY_set_millis); - -const ASN1_INTEGER * -TS_ACCURACY_get_millis(const TS_ACCURACY *a) -{ - return a->millis; -} -LCRYPTO_ALIAS(TS_ACCURACY_get_millis); - -int -TS_ACCURACY_set_micros(TS_ACCURACY *a, const ASN1_INTEGER *micros) -{ - ASN1_INTEGER *new_micros = NULL; - - if (a->micros == micros) - return 1; - if (micros != NULL) { - new_micros = ASN1_INTEGER_dup(micros); - if (new_micros == NULL) { - TSerror(ERR_R_MALLOC_FAILURE); - return 0; - } - } - ASN1_INTEGER_free(a->micros); - a->micros = new_micros; - return 1; -} -LCRYPTO_ALIAS(TS_ACCURACY_set_micros); - -const ASN1_INTEGER * -TS_ACCURACY_get_micros(const TS_ACCURACY *a) -{ - return a->micros; -} -LCRYPTO_ALIAS(TS_ACCURACY_get_micros); - -int -TS_TST_INFO_set_ordering(TS_TST_INFO *a, int ordering) -{ - a->ordering = ordering ? 0xFF : 0x00; - return 1; -} -LCRYPTO_ALIAS(TS_TST_INFO_set_ordering); - -int -TS_TST_INFO_get_ordering(const TS_TST_INFO *a) -{ - return a->ordering ? 1 : 0; -} -LCRYPTO_ALIAS(TS_TST_INFO_get_ordering); - -int -TS_TST_INFO_set_nonce(TS_TST_INFO *a, const ASN1_INTEGER *nonce) -{ - ASN1_INTEGER *new_nonce; - - if (a->nonce == nonce) - return 1; - new_nonce = ASN1_INTEGER_dup(nonce); - if (new_nonce == NULL) { - TSerror(ERR_R_MALLOC_FAILURE); - return 0; - } - ASN1_INTEGER_free(a->nonce); - a->nonce = new_nonce; - return 1; -} -LCRYPTO_ALIAS(TS_TST_INFO_set_nonce); - -const ASN1_INTEGER * -TS_TST_INFO_get_nonce(const TS_TST_INFO *a) -{ - return a->nonce; -} -LCRYPTO_ALIAS(TS_TST_INFO_get_nonce); - -int -TS_TST_INFO_set_tsa(TS_TST_INFO *a, GENERAL_NAME *tsa) -{ - GENERAL_NAME *new_tsa; - - if (a->tsa == tsa) - return 1; - new_tsa = GENERAL_NAME_dup(tsa); - if (new_tsa == NULL) { - TSerror(ERR_R_MALLOC_FAILURE); - return 0; - } - GENERAL_NAME_free(a->tsa); - a->tsa = new_tsa; - return 1; -} -LCRYPTO_ALIAS(TS_TST_INFO_set_tsa); - -GENERAL_NAME * -TS_TST_INFO_get_tsa(TS_TST_INFO *a) -{ - return a->tsa; -} -LCRYPTO_ALIAS(TS_TST_INFO_get_tsa); - -STACK_OF(X509_EXTENSION) *TS_TST_INFO_get_exts(TS_TST_INFO *a) -{ - return a->extensions; -} -LCRYPTO_ALIAS(TS_TST_INFO_get_exts); - -void -TS_TST_INFO_ext_free(TS_TST_INFO *a) -{ - if (!a) - return; - sk_X509_EXTENSION_pop_free(a->extensions, X509_EXTENSION_free); - a->extensions = NULL; -} -LCRYPTO_ALIAS(TS_TST_INFO_ext_free); - -int -TS_TST_INFO_get_ext_count(TS_TST_INFO *a) -{ - return X509v3_get_ext_count(a->extensions); -} -LCRYPTO_ALIAS(TS_TST_INFO_get_ext_count); - -int -TS_TST_INFO_get_ext_by_NID(TS_TST_INFO *a, int nid, int lastpos) -{ - return X509v3_get_ext_by_NID(a->extensions, nid, lastpos); -} -LCRYPTO_ALIAS(TS_TST_INFO_get_ext_by_NID); - -int -TS_TST_INFO_get_ext_by_OBJ(TS_TST_INFO *a, const ASN1_OBJECT *obj, int lastpos) -{ - return X509v3_get_ext_by_OBJ(a->extensions, obj, lastpos); -} -LCRYPTO_ALIAS(TS_TST_INFO_get_ext_by_OBJ); - -int -TS_TST_INFO_get_ext_by_critical(TS_TST_INFO *a, int crit, int lastpos) -{ - return X509v3_get_ext_by_critical(a->extensions, crit, lastpos); -} -LCRYPTO_ALIAS(TS_TST_INFO_get_ext_by_critical); - -X509_EXTENSION * -TS_TST_INFO_get_ext(TS_TST_INFO *a, int loc) -{ - return X509v3_get_ext(a->extensions, loc); -} -LCRYPTO_ALIAS(TS_TST_INFO_get_ext); - -X509_EXTENSION * -TS_TST_INFO_delete_ext(TS_TST_INFO *a, int loc) -{ - return X509v3_delete_ext(a->extensions, loc); -} -LCRYPTO_ALIAS(TS_TST_INFO_delete_ext); - -int -TS_TST_INFO_add_ext(TS_TST_INFO *a, X509_EXTENSION *ex, int loc) -{ - return X509v3_add_ext(&a->extensions, ex, loc) != NULL; -} -LCRYPTO_ALIAS(TS_TST_INFO_add_ext); - -void * -TS_TST_INFO_get_ext_d2i(TS_TST_INFO *a, int nid, int *crit, int *idx) -{ - return X509V3_get_d2i(a->extensions, nid, crit, idx); -} -LCRYPTO_ALIAS(TS_TST_INFO_get_ext_d2i); diff --git a/src/lib/libcrypto/ts/ts_rsp_verify.c b/src/lib/libcrypto/ts/ts_rsp_verify.c deleted file mode 100644 index 69236f68ab..0000000000 --- a/src/lib/libcrypto/ts/ts_rsp_verify.c +++ /dev/null @@ -1,847 +0,0 @@ -/* $OpenBSD: ts_rsp_verify.c,v 1.30 2023/07/07 07:25:21 beck Exp $ */ -/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL - * project 2002. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include -#include - -#include "evp_local.h" -#include "ts_local.h" -#include "x509_local.h" - -/* Private function declarations. */ - -static int TS_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted, - X509 *signer, STACK_OF(X509) **chain); -static int TS_check_signing_certs(PKCS7_SIGNER_INFO *si, STACK_OF(X509) *chain); -static ESS_SIGNING_CERT *ESS_get_signing_cert(PKCS7_SIGNER_INFO *si); -static int TS_find_cert(STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert); -static ESS_SIGNING_CERT_V2 *ESS_get_signing_cert_v2(PKCS7_SIGNER_INFO *si); -static int TS_find_cert_v2(STACK_OF(ESS_CERT_ID_V2) *cert_ids, X509 *cert); -static int TS_issuer_serial_cmp(ESS_ISSUER_SERIAL *is, X509 *cert); -static int int_TS_RESP_verify_token(TS_VERIFY_CTX *ctx, - PKCS7 *token, TS_TST_INFO *tst_info); -static int TS_check_status_info(TS_RESP *response); -static char *TS_get_status_text(STACK_OF(ASN1_UTF8STRING) *text); -static int TS_check_policy(ASN1_OBJECT *req_oid, TS_TST_INFO *tst_info); -static int TS_compute_imprint(BIO *data, TS_TST_INFO *tst_info, - X509_ALGOR **md_alg, - unsigned char **imprint, unsigned *imprint_len); -static int TS_check_imprints(X509_ALGOR *algor_a, - unsigned char *imprint_a, unsigned len_a, - TS_TST_INFO *tst_info); -static int TS_check_nonces(const ASN1_INTEGER *a, TS_TST_INFO *tst_info); -static int TS_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer); -static int TS_find_name(STACK_OF(GENERAL_NAME) *gen_names, GENERAL_NAME *name); - -/* - * Local mapping between response codes and descriptions. - * Don't forget to change TS_STATUS_BUF_SIZE when modifying - * the elements of this array. - */ -static const char *TS_status_text[] = { - "granted", - "grantedWithMods", - "rejection", - "waiting", - "revocationWarning", - "revocationNotification" -}; - -#define TS_STATUS_TEXT_SIZE (sizeof(TS_status_text)/sizeof(*TS_status_text)) - -/* - * This must be greater or equal to the sum of the strings in TS_status_text - * plus the number of its elements. - */ -#define TS_STATUS_BUF_SIZE 256 - -static struct { - int code; - const char *text; -} TS_failure_info[] = { - { TS_INFO_BAD_ALG, "badAlg" }, - { TS_INFO_BAD_REQUEST, "badRequest" }, - { TS_INFO_BAD_DATA_FORMAT, "badDataFormat" }, - { TS_INFO_TIME_NOT_AVAILABLE, "timeNotAvailable" }, - { TS_INFO_UNACCEPTED_POLICY, "unacceptedPolicy" }, - { TS_INFO_UNACCEPTED_EXTENSION, "unacceptedExtension" }, - { TS_INFO_ADD_INFO_NOT_AVAILABLE, "addInfoNotAvailable" }, - { TS_INFO_SYSTEM_FAILURE, "systemFailure" } -}; - -#define TS_FAILURE_INFO_SIZE (sizeof(TS_failure_info) / \ - sizeof(*TS_failure_info)) - -/* Functions for verifying a signed TS_TST_INFO structure. */ - -/* - * This function carries out the following tasks: - * - Checks if there is one and only one signer. - * - Search for the signing certificate in 'certs' and in the response. - * - Check the extended key usage and key usage fields of the signer - * certificate (done by the path validation). - * - Build and validate the certificate path. - * - Check if the certificate path meets the requirements of the - * SigningCertificate ESS signed attribute. - * - Verify the signature value. - * - Returns the signer certificate in 'signer', if 'signer' is not NULL. - */ -int -TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs, - X509_STORE *store, X509 **signer_out) -{ - STACK_OF(PKCS7_SIGNER_INFO) *sinfos = NULL; - PKCS7_SIGNER_INFO *si; - STACK_OF(X509) *signers = NULL; - X509 *signer; - STACK_OF(X509) *chain = NULL; - char buf[4096]; - int i, j = 0, ret = 0; - BIO *p7bio = NULL; - - /* Some sanity checks first. */ - if (!token) { - TSerror(TS_R_INVALID_NULL_POINTER); - goto err; - } - - /* Check for the correct content type */ - if (!PKCS7_type_is_signed(token)) { - TSerror(TS_R_WRONG_CONTENT_TYPE); - goto err; - } - - /* Check if there is one and only one signer. */ - sinfos = PKCS7_get_signer_info(token); - if (!sinfos || sk_PKCS7_SIGNER_INFO_num(sinfos) != 1) { - TSerror(TS_R_THERE_MUST_BE_ONE_SIGNER); - goto err; - } - si = sk_PKCS7_SIGNER_INFO_value(sinfos, 0); - - /* Check for no content: no data to verify signature. */ - if (PKCS7_get_detached(token)) { - TSerror(TS_R_NO_CONTENT); - goto err; - } - - /* Get hold of the signer certificate, search only internal - certificates if it was requested. */ - signers = PKCS7_get0_signers(token, certs, 0); - if (!signers || sk_X509_num(signers) != 1) - goto err; - signer = sk_X509_value(signers, 0); - - /* Now verify the certificate. */ - if (!TS_verify_cert(store, certs, signer, &chain)) - goto err; - - /* Check if the signer certificate is consistent with the - ESS extension. */ - if (!TS_check_signing_certs(si, chain)) - goto err; - - /* Creating the message digest. */ - p7bio = PKCS7_dataInit(token, NULL); - - /* We now have to 'read' from p7bio to calculate digests etc. */ - while ((i = BIO_read(p7bio, buf, sizeof(buf))) > 0) - ; - - /* Verifying the signature. */ - j = PKCS7_signatureVerify(p7bio, token, si, signer); - if (j <= 0) { - TSerror(TS_R_SIGNATURE_FAILURE); - goto err; - } - - /* Return the signer certificate if needed. */ - if (signer_out) { - *signer_out = signer; - CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509); - } - - ret = 1; - -err: - BIO_free_all(p7bio); - sk_X509_pop_free(chain, X509_free); - sk_X509_free(signers); - - return ret; -} -LCRYPTO_ALIAS(TS_RESP_verify_signature); - -/* - * The certificate chain is returned in chain. Caller is responsible for - * freeing the vector. - */ -static int -TS_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted, X509 *signer, - STACK_OF(X509) **chain) -{ - X509_STORE_CTX cert_ctx; - int i; - int ret = 0; - - /* chain is an out argument. */ - *chain = NULL; - if (X509_STORE_CTX_init(&cert_ctx, store, signer, untrusted) == 0) { - TSerror(ERR_R_X509_LIB); - goto err; - } - if (X509_STORE_CTX_set_purpose(&cert_ctx, - X509_PURPOSE_TIMESTAMP_SIGN) == 0) - goto err; - i = X509_verify_cert(&cert_ctx); - if (i <= 0) { - int j = X509_STORE_CTX_get_error(&cert_ctx); - - TSerror(TS_R_CERTIFICATE_VERIFY_ERROR); - ERR_asprintf_error_data("Verify error:%s", - X509_verify_cert_error_string(j)); - goto err; - } else { - /* Get a copy of the certificate chain. */ - *chain = X509_STORE_CTX_get1_chain(&cert_ctx); - ret = 1; - } - -err: - X509_STORE_CTX_cleanup(&cert_ctx); - - return ret; -} - -static int -TS_check_signing_certs(PKCS7_SIGNER_INFO *si, STACK_OF(X509) *chain) -{ - ESS_SIGNING_CERT *ss = NULL; - STACK_OF(ESS_CERT_ID) *cert_ids; - ESS_SIGNING_CERT_V2 *ssv2 = NULL; - STACK_OF(ESS_CERT_ID_V2) *cert_ids_v2; - X509 *cert; - int i = 0; - int ret = 0; - - if ((ss = ESS_get_signing_cert(si)) != NULL) { - cert_ids = ss->cert_ids; - /* The signer certificate must be the first in cert_ids. */ - cert = sk_X509_value(chain, 0); - - if (TS_find_cert(cert_ids, cert) != 0) - goto err; - - /* - * Check the other certificates of the chain if there are more - * than one certificate ids in cert_ids. - */ - if (sk_ESS_CERT_ID_num(cert_ids) > 1) { - /* All the certificates of the chain must be in cert_ids. */ - for (i = 1; i < sk_X509_num(chain); i++) { - cert = sk_X509_value(chain, i); - - if (TS_find_cert(cert_ids, cert) < 0) - goto err; - } - } - } - - if ((ssv2 = ESS_get_signing_cert_v2(si)) != NULL) { - cert_ids_v2 = ssv2->cert_ids; - /* The signer certificate must be the first in cert_ids_v2. */ - cert = sk_X509_value(chain, 0); - - if (TS_find_cert_v2(cert_ids_v2, cert) != 0) - goto err; - - /* - * Check the other certificates of the chain if there are more - * than one certificate ids in cert_ids_v2. - */ - if (sk_ESS_CERT_ID_V2_num(cert_ids_v2) > 1) { - /* All the certificates of the chain must be in cert_ids_v2. */ - for (i = 1; i < sk_X509_num(chain); i++) { - cert = sk_X509_value(chain, i); - - if (TS_find_cert_v2(cert_ids_v2, cert) < 0) - goto err; - } - } - } - - ret = 1; - -err: - if (!ret) - TSerror(TS_R_ESS_SIGNING_CERTIFICATE_ERROR); - ESS_SIGNING_CERT_free(ss); - ESS_SIGNING_CERT_V2_free(ssv2); - return ret; -} - -static ESS_SIGNING_CERT * -ESS_get_signing_cert(PKCS7_SIGNER_INFO *si) -{ - ASN1_TYPE *attr; - const unsigned char *p; - - attr = PKCS7_get_signed_attribute(si, - NID_id_smime_aa_signingCertificate); - if (!attr) - return NULL; - if (attr->type != V_ASN1_SEQUENCE) - return NULL; - p = attr->value.sequence->data; - return d2i_ESS_SIGNING_CERT(NULL, &p, attr->value.sequence->length); -} - -static ESS_SIGNING_CERT_V2 * -ESS_get_signing_cert_v2(PKCS7_SIGNER_INFO *si) -{ - ASN1_TYPE *attr; - const unsigned char *p; - - attr = PKCS7_get_signed_attribute(si, NID_id_smime_aa_signingCertificateV2); - if (attr == NULL) - return NULL; - p = attr->value.sequence->data; - return d2i_ESS_SIGNING_CERT_V2(NULL, &p, attr->value.sequence->length); -} - -/* Returns < 0 if certificate is not found, certificate index otherwise. */ -static int -TS_find_cert(STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert) -{ - int i; - unsigned char cert_hash[TS_HASH_LEN]; - - if (!cert_ids || !cert) - return -1; - - if (!X509_digest(cert, TS_HASH_EVP, cert_hash, NULL)) - return -1; - - /* Recompute SHA1 hash of certificate if necessary (side effect). */ - if (X509_check_purpose(cert, -1, 0) == -1) - return -1; - - /* Look for cert in the cert_ids vector. */ - for (i = 0; i < sk_ESS_CERT_ID_num(cert_ids); ++i) { - ESS_CERT_ID *cid = sk_ESS_CERT_ID_value(cert_ids, i); - - /* Check the SHA-1 hash first. */ - if (cid->hash->length == TS_HASH_LEN && !memcmp(cid->hash->data, - cert_hash, TS_HASH_LEN)) { - /* Check the issuer/serial as well if specified. */ - ESS_ISSUER_SERIAL *is = cid->issuer_serial; - - if (is == NULL || TS_issuer_serial_cmp(is, cert) == 0) - return i; - } - } - - return -1; -} - -/* Returns < 0 if certificate is not found, certificate index otherwise. */ -static int -TS_find_cert_v2(STACK_OF(ESS_CERT_ID_V2) *cert_ids, X509 *cert) -{ - int i; - unsigned char cert_digest[EVP_MAX_MD_SIZE]; - unsigned int len; - - /* Look for cert in the cert_ids vector. */ - for (i = 0; i < sk_ESS_CERT_ID_V2_num(cert_ids); ++i) { - ESS_CERT_ID_V2 *cid = sk_ESS_CERT_ID_V2_value(cert_ids, i); - const EVP_MD *md = EVP_sha256(); - - if (cid->hash_alg != NULL) - md = EVP_get_digestbyobj(cid->hash_alg->algorithm); - if (md == NULL) - return -1; - - if (!X509_digest(cert, md, cert_digest, &len)) - return -1; - - if ((unsigned int)cid->hash->length != len) - return -1; - - if (memcmp(cid->hash->data, cert_digest, cid->hash->length) == 0) { - ESS_ISSUER_SERIAL *is = cid->issuer_serial; - - if (is == NULL || TS_issuer_serial_cmp(is, cert) == 0) - return i; - } - } - - return -1; -} - -static int -TS_issuer_serial_cmp(ESS_ISSUER_SERIAL *is, X509 *cert) -{ - GENERAL_NAME *issuer; - - if (is == NULL || cert == NULL || sk_GENERAL_NAME_num(is->issuer) != 1) - return -1; - - /* Check the issuer first. It must be a directory name. */ - issuer = sk_GENERAL_NAME_value(is->issuer, 0); - if (issuer->type != GEN_DIRNAME || - X509_NAME_cmp(issuer->d.dirn, X509_get_issuer_name(cert))) - return -1; - - /* Check the serial number, too. */ - if (ASN1_INTEGER_cmp(is->serial, X509_get_serialNumber(cert))) - return -1; - - return 0; -} - -/* - * Verifies whether 'response' contains a valid response with regards - * to the settings of the context: - * - Gives an error message if the TS_TST_INFO is not present. - * - Calls _TS_RESP_verify_token to verify the token content. - */ -int -TS_RESP_verify_response(TS_VERIFY_CTX *ctx, TS_RESP *response) -{ - PKCS7 *token = TS_RESP_get_token(response); - TS_TST_INFO *tst_info = TS_RESP_get_tst_info(response); - int ret = 0; - - /* Check if we have a successful TS_TST_INFO object in place. */ - if (!TS_check_status_info(response)) - goto err; - - /* Check the contents of the time stamp token. */ - if (!int_TS_RESP_verify_token(ctx, token, tst_info)) - goto err; - - ret = 1; - -err: - return ret; -} -LCRYPTO_ALIAS(TS_RESP_verify_response); - -/* - * Tries to extract a TS_TST_INFO structure from the PKCS7 token and - * calls the internal int_TS_RESP_verify_token function for verifying it. - */ -int -TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token) -{ - TS_TST_INFO *tst_info = PKCS7_to_TS_TST_INFO(token); - int ret = 0; - - if (tst_info) { - ret = int_TS_RESP_verify_token(ctx, token, tst_info); - TS_TST_INFO_free(tst_info); - } - return ret; -} -LCRYPTO_ALIAS(TS_RESP_verify_token); - -/* - * Verifies whether the 'token' contains a valid time stamp token - * with regards to the settings of the context. Only those checks are - * carried out that are specified in the context: - * - Verifies the signature of the TS_TST_INFO. - * - Checks the version number of the response. - * - Check if the requested and returned policies math. - * - Check if the message imprints are the same. - * - Check if the nonces are the same. - * - Check if the TSA name matches the signer. - * - Check if the TSA name is the expected TSA. - */ -static int -int_TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token, - TS_TST_INFO *tst_info) -{ - X509 *signer = NULL; - GENERAL_NAME *tsa_name = TS_TST_INFO_get_tsa(tst_info); - X509_ALGOR *md_alg = NULL; - unsigned char *imprint = NULL; - unsigned imprint_len = 0; - int ret = 0; - - /* Verify the signature. */ - if ((ctx->flags & TS_VFY_SIGNATURE) && - !TS_RESP_verify_signature(token, ctx->certs, ctx->store, &signer)) - goto err; - - /* Check version number of response. */ - if ((ctx->flags & TS_VFY_VERSION) && - TS_TST_INFO_get_version(tst_info) != 1) { - TSerror(TS_R_UNSUPPORTED_VERSION); - goto err; - } - - /* Check policies. */ - if ((ctx->flags & TS_VFY_POLICY) && - !TS_check_policy(ctx->policy, tst_info)) - goto err; - - /* Check message imprints. */ - if ((ctx->flags & TS_VFY_IMPRINT) && - !TS_check_imprints(ctx->md_alg, ctx->imprint, ctx->imprint_len, - tst_info)) - goto err; - - /* Compute and check message imprints. */ - if ((ctx->flags & TS_VFY_DATA) && - (!TS_compute_imprint(ctx->data, tst_info, - &md_alg, &imprint, &imprint_len) || - !TS_check_imprints(md_alg, imprint, imprint_len, tst_info))) - goto err; - - /* Check nonces. */ - if ((ctx->flags & TS_VFY_NONCE) && - !TS_check_nonces(ctx->nonce, tst_info)) - goto err; - - /* Check whether TSA name and signer certificate match. */ - if ((ctx->flags & TS_VFY_SIGNER) && - tsa_name && !TS_check_signer_name(tsa_name, signer)) { - TSerror(TS_R_TSA_NAME_MISMATCH); - goto err; - } - - /* Check whether the TSA is the expected one. */ - if ((ctx->flags & TS_VFY_TSA_NAME) && - !TS_check_signer_name(ctx->tsa_name, signer)) { - TSerror(TS_R_TSA_UNTRUSTED); - goto err; - } - - ret = 1; - -err: - X509_free(signer); - X509_ALGOR_free(md_alg); - free(imprint); - return ret; -} - -static int -TS_check_status_info(TS_RESP *response) -{ - TS_STATUS_INFO *info = TS_RESP_get_status_info(response); - long status = ASN1_INTEGER_get(info->status); - const char *status_text = NULL; - char *embedded_status_text = NULL; - char failure_text[TS_STATUS_BUF_SIZE] = ""; - - /* Check if everything went fine. */ - if (status == 0 || status == 1) - return 1; - - /* There was an error, get the description in status_text. */ - if (0 <= status && status < (long)TS_STATUS_TEXT_SIZE) - status_text = TS_status_text[status]; - else - status_text = "unknown code"; - - /* Set the embedded_status_text to the returned description. */ - if (sk_ASN1_UTF8STRING_num(info->text) > 0 && - !(embedded_status_text = TS_get_status_text(info->text))) - return 0; - - /* Filling in failure_text with the failure information. */ - if (info->failure_info) { - int i; - int first = 1; - for (i = 0; i < (int)TS_FAILURE_INFO_SIZE; ++i) { - if (ASN1_BIT_STRING_get_bit(info->failure_info, - TS_failure_info[i].code)) { - if (!first) - strlcat(failure_text, ",", - TS_STATUS_BUF_SIZE); - else - first = 0; - strlcat(failure_text, TS_failure_info[i].text, - TS_STATUS_BUF_SIZE); - } - } - } - if (failure_text[0] == '\0') - strlcpy(failure_text, "unspecified", TS_STATUS_BUF_SIZE); - - /* Making up the error string. */ - TSerror(TS_R_NO_TIME_STAMP_TOKEN); - ERR_asprintf_error_data - ("status code: %s, status text: %s, failure codes: %s", - status_text, - embedded_status_text ? embedded_status_text : "unspecified", - failure_text); - free(embedded_status_text); - - return 0; -} - -static char * -TS_get_status_text(STACK_OF(ASN1_UTF8STRING) *text) -{ - int i; - unsigned int length = 0; - char *result = NULL; - - /* Determine length first. */ - for (i = 0; i < sk_ASN1_UTF8STRING_num(text); ++i) { - ASN1_UTF8STRING *current = sk_ASN1_UTF8STRING_value(text, i); - length += ASN1_STRING_length(current); - length += 1; /* separator character */ - } - /* Allocate memory (closing '\0' included). */ - if (!(result = malloc(length))) { - TSerror(ERR_R_MALLOC_FAILURE); - return NULL; - } - /* Concatenate the descriptions. */ - result[0] = '\0'; - for (i = 0; i < sk_ASN1_UTF8STRING_num(text); ++i) { - ASN1_UTF8STRING *current = sk_ASN1_UTF8STRING_value(text, i); - if (i > 0) - strlcat(result, "/", length); - strlcat(result, (const char *)ASN1_STRING_data(current), length); - } - return result; -} - -static int -TS_check_policy(ASN1_OBJECT *req_oid, TS_TST_INFO *tst_info) -{ - ASN1_OBJECT *resp_oid = TS_TST_INFO_get_policy_id(tst_info); - - if (OBJ_cmp(req_oid, resp_oid) != 0) { - TSerror(TS_R_POLICY_MISMATCH); - return 0; - } - - return 1; -} - -static int -TS_compute_imprint(BIO *data, TS_TST_INFO *tst_info, X509_ALGOR **out_md_alg, - unsigned char **out_imprint, unsigned int *out_imprint_len) -{ - TS_MSG_IMPRINT *msg_imprint; - X509_ALGOR *md_alg_resp; - X509_ALGOR *md_alg = NULL; - unsigned char *imprint = NULL; - unsigned int imprint_len = 0; - const EVP_MD *md; - EVP_MD_CTX md_ctx; - unsigned char buffer[4096]; - int length; - - *out_md_alg = NULL; - *out_imprint = NULL; - *out_imprint_len = 0; - - /* Retrieve the MD algorithm of the response. */ - msg_imprint = TS_TST_INFO_get_msg_imprint(tst_info); - md_alg_resp = TS_MSG_IMPRINT_get_algo(msg_imprint); - if ((md_alg = X509_ALGOR_dup(md_alg_resp)) == NULL) - goto err; - - /* Getting the MD object. */ - if ((md = EVP_get_digestbyobj((md_alg)->algorithm)) == NULL) { - TSerror(TS_R_UNSUPPORTED_MD_ALGORITHM); - goto err; - } - - /* Compute message digest. */ - if ((length = EVP_MD_size(md)) < 0) - goto err; - imprint_len = length; - if ((imprint = malloc(imprint_len)) == NULL) { - TSerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!EVP_DigestInit(&md_ctx, md)) - goto err; - while ((length = BIO_read(data, buffer, sizeof(buffer))) > 0) { - if (!EVP_DigestUpdate(&md_ctx, buffer, length)) - goto err; - } - if (!EVP_DigestFinal(&md_ctx, imprint, NULL)) - goto err; - - *out_md_alg = md_alg; - md_alg = NULL; - *out_imprint = imprint; - imprint = NULL; - *out_imprint_len = imprint_len; - - return 1; - -err: - X509_ALGOR_free(md_alg); - free(imprint); - return 0; -} - -static int -TS_check_imprints(X509_ALGOR *algor_a, unsigned char *imprint_a, unsigned len_a, - TS_TST_INFO *tst_info) -{ - TS_MSG_IMPRINT *b = TS_TST_INFO_get_msg_imprint(tst_info); - X509_ALGOR *algor_b = TS_MSG_IMPRINT_get_algo(b); - int ret = 0; - - /* algor_a is optional. */ - if (algor_a) { - /* Compare algorithm OIDs. */ - if (OBJ_cmp(algor_a->algorithm, algor_b->algorithm)) - goto err; - - /* The parameter must be NULL in both. */ - if ((algor_a->parameter && - ASN1_TYPE_get(algor_a->parameter) != V_ASN1_NULL) || - (algor_b->parameter && - ASN1_TYPE_get(algor_b->parameter) != V_ASN1_NULL)) - goto err; - } - - /* Compare octet strings. */ - ret = len_a == (unsigned) ASN1_STRING_length(b->hashed_msg) && - memcmp(imprint_a, ASN1_STRING_data(b->hashed_msg), len_a) == 0; - -err: - if (!ret) - TSerror(TS_R_MESSAGE_IMPRINT_MISMATCH); - return ret; -} - -static int -TS_check_nonces(const ASN1_INTEGER *a, TS_TST_INFO *tst_info) -{ - const ASN1_INTEGER *b = TS_TST_INFO_get_nonce(tst_info); - - /* Error if nonce is missing. */ - if (!b) { - TSerror(TS_R_NONCE_NOT_RETURNED); - return 0; - } - - /* No error if a nonce is returned without being requested. */ - if (ASN1_INTEGER_cmp(a, b) != 0) { - TSerror(TS_R_NONCE_MISMATCH); - return 0; - } - - return 1; -} - -/* Check if the specified TSA name matches either the subject - or one of the subject alternative names of the TSA certificate. */ -static int -TS_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer) -{ - STACK_OF(GENERAL_NAME) *gen_names = NULL; - int idx = -1; - int found = 0; - - if (signer == NULL) - return 0; - - /* Check the subject name first. */ - if (tsa_name->type == GEN_DIRNAME && - X509_name_cmp(tsa_name->d.dirn, X509_get_subject_name(signer)) == 0) - return 1; - - /* Check all the alternative names. */ - gen_names = X509_get_ext_d2i(signer, NID_subject_alt_name, - NULL, &idx); - while (gen_names != NULL && - !(found = (TS_find_name(gen_names, tsa_name) >= 0))) { - /* Get the next subject alternative name, - although there should be no more than one. */ - GENERAL_NAMES_free(gen_names); - gen_names = X509_get_ext_d2i(signer, NID_subject_alt_name, - NULL, &idx); - } - if (gen_names) - GENERAL_NAMES_free(gen_names); - - return found; -} - -/* Returns 1 if name is in gen_names, 0 otherwise. */ -static int -TS_find_name(STACK_OF(GENERAL_NAME) *gen_names, GENERAL_NAME *name) -{ - int i, found; - for (i = 0, found = 0; !found && i < sk_GENERAL_NAME_num(gen_names); - ++i) { - GENERAL_NAME *current = sk_GENERAL_NAME_value(gen_names, i); - found = GENERAL_NAME_cmp(current, name) == 0; - } - return found ? i - 1 : -1; -} diff --git a/src/lib/libcrypto/ts/ts_verify_ctx.c b/src/lib/libcrypto/ts/ts_verify_ctx.c deleted file mode 100644 index 5a2d95c680..0000000000 --- a/src/lib/libcrypto/ts/ts_verify_ctx.c +++ /dev/null @@ -1,236 +0,0 @@ -/* $OpenBSD: ts_verify_ctx.c,v 1.14 2023/07/07 07:25:21 beck Exp $ */ -/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL - * project 2003. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include - -#include "ts_local.h" - -TS_VERIFY_CTX * -TS_VERIFY_CTX_new(void) -{ - TS_VERIFY_CTX *ctx = calloc(1, sizeof(TS_VERIFY_CTX)); - - if (!ctx) - TSerror(ERR_R_MALLOC_FAILURE); - - return ctx; -} -LCRYPTO_ALIAS(TS_VERIFY_CTX_new); - -void -TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx) -{ - if (!ctx) - return; - - TS_VERIFY_CTX_cleanup(ctx); - free(ctx); -} -LCRYPTO_ALIAS(TS_VERIFY_CTX_free); - -void -TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx) -{ - if (!ctx) - return; - - X509_STORE_free(ctx->store); - sk_X509_pop_free(ctx->certs, X509_free); - - ASN1_OBJECT_free(ctx->policy); - - X509_ALGOR_free(ctx->md_alg); - free(ctx->imprint); - - BIO_free_all(ctx->data); - - ASN1_INTEGER_free(ctx->nonce); - - GENERAL_NAME_free(ctx->tsa_name); - - memset(ctx, 0, sizeof(*ctx)); -} -LCRYPTO_ALIAS(TS_VERIFY_CTX_cleanup); - -/* - * XXX: The following accessors demonstrate the amount of care and thought that - * went into OpenSSL 1.1 API design and the review thereof: for whatever reason - * these functions return what was passed in. Correct memory management is left - * as an exercise for the reader... Unfortunately, careful consumers like - * openssl-ruby assume this behavior, so we're stuck with this insanity. The - * cherry on top is the TS_VERIFY_CTS_set_certs() [sic!] function that made it - * into the public API. - * - * Outstanding job, R$ and tjh, A+. - */ - -int -TS_VERIFY_CTX_add_flags(TS_VERIFY_CTX *ctx, int flags) -{ - ctx->flags |= flags; - - return ctx->flags; -} -LCRYPTO_ALIAS(TS_VERIFY_CTX_add_flags); - -int -TS_VERIFY_CTX_set_flags(TS_VERIFY_CTX *ctx, int flags) -{ - ctx->flags = flags; - - return ctx->flags; -} -LCRYPTO_ALIAS(TS_VERIFY_CTX_set_flags); - -BIO * -TS_VERIFY_CTX_set_data(TS_VERIFY_CTX *ctx, BIO *bio) -{ - ctx->data = bio; - - return ctx->data; -} -LCRYPTO_ALIAS(TS_VERIFY_CTX_set_data); - -X509_STORE * -TS_VERIFY_CTX_set_store(TS_VERIFY_CTX *ctx, X509_STORE *store) -{ - ctx->store = store; - - return ctx->store; -} -LCRYPTO_ALIAS(TS_VERIFY_CTX_set_store); - -STACK_OF(X509) * -TS_VERIFY_CTX_set_certs(TS_VERIFY_CTX *ctx, STACK_OF(X509) *certs) -{ - ctx->certs = certs; - - return ctx->certs; -} -LCRYPTO_ALIAS(TS_VERIFY_CTX_set_certs); - -unsigned char * -TS_VERIFY_CTX_set_imprint(TS_VERIFY_CTX *ctx, unsigned char *imprint, - long imprint_len) -{ - free(ctx->imprint); - - ctx->imprint = imprint; - ctx->imprint_len = imprint_len; - - return ctx->imprint; -} -LCRYPTO_ALIAS(TS_VERIFY_CTX_set_imprint); - -TS_VERIFY_CTX * -TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx) -{ - TS_VERIFY_CTX *ret = ctx; - ASN1_OBJECT *policy; - TS_MSG_IMPRINT *imprint; - X509_ALGOR *md_alg; - ASN1_OCTET_STRING *msg; - const ASN1_INTEGER *nonce; - - if (ret) - TS_VERIFY_CTX_cleanup(ret); - else if (!(ret = TS_VERIFY_CTX_new())) - return NULL; - - /* Setting flags. */ - ret->flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE); - - /* Setting policy. */ - if ((policy = TS_REQ_get_policy_id(req)) != NULL) { - if (!(ret->policy = OBJ_dup(policy))) - goto err; - } else - ret->flags &= ~TS_VFY_POLICY; - - /* Setting md_alg, imprint and imprint_len. */ - imprint = TS_REQ_get_msg_imprint(req); - md_alg = TS_MSG_IMPRINT_get_algo(imprint); - if (!(ret->md_alg = X509_ALGOR_dup(md_alg))) - goto err; - msg = TS_MSG_IMPRINT_get_msg(imprint); - ret->imprint_len = ASN1_STRING_length(msg); - if (!(ret->imprint = malloc(ret->imprint_len))) - goto err; - memcpy(ret->imprint, ASN1_STRING_data(msg), ret->imprint_len); - - /* Setting nonce. */ - if ((nonce = TS_REQ_get_nonce(req)) != NULL) { - if (!(ret->nonce = ASN1_INTEGER_dup(nonce))) - goto err; - } else - ret->flags &= ~TS_VFY_NONCE; - - return ret; - -err: - if (ctx) - TS_VERIFY_CTX_cleanup(ctx); - else - TS_VERIFY_CTX_free(ret); - return NULL; -} -LCRYPTO_ALIAS(TS_REQ_to_TS_VERIFY_CTX); diff --git a/src/lib/libcrypto/txt_db/txt_db.c b/src/lib/libcrypto/txt_db/txt_db.c deleted file mode 100644 index 7d1f82c49d..0000000000 --- a/src/lib/libcrypto/txt_db/txt_db.c +++ /dev/null @@ -1,378 +0,0 @@ -/* $OpenBSD: txt_db.c,v 1.19 2023/07/08 11:28:03 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include -#include - -#undef BUFSIZE -#define BUFSIZE 512 - -TXT_DB * -TXT_DB_read(BIO *in, int num) -{ - TXT_DB *ret = NULL; - int er = 1; - int esc = 0; - long ln = 0; - int i, add, n; - int size = BUFSIZE; - int offset = 0; - char *p, *f; - OPENSSL_STRING *pp; - BUF_MEM *buf = NULL; - - if ((buf = BUF_MEM_new()) == NULL) - goto err; - if (!BUF_MEM_grow(buf, size)) - goto err; - - if ((ret = malloc(sizeof(TXT_DB))) == NULL) - goto err; - ret->num_fields = num; - ret->index = NULL; - ret->qual = NULL; - if ((ret->data = sk_OPENSSL_PSTRING_new_null()) == NULL) - goto err; - if ((ret->index = reallocarray(NULL, num, sizeof(*ret->index))) == NULL) - goto err; - if ((ret->qual = reallocarray(NULL, num, sizeof(*(ret->qual)))) == NULL) - goto err; - for (i = 0; i < num; i++) { - ret->index[i] = NULL; - ret->qual[i] = NULL; - } - - add = (num + 1)*sizeof(char *); - buf->data[size-1] = '\0'; - offset = 0; - for (;;) { - if (offset != 0) { - size += BUFSIZE; - if (!BUF_MEM_grow_clean(buf, size)) - goto err; - } - buf->data[offset] = '\0'; - BIO_gets(in, &(buf->data[offset]), size - offset); - ln++; - if (buf->data[offset] == '\0') - break; - if ((offset == 0) && (buf->data[0] == '#')) - continue; - i = strlen(&(buf->data[offset])); - offset += i; - if (buf->data[offset-1] != '\n') - continue; - else { - buf->data[offset-1] = '\0'; /* blat the '\n' */ - if (!(p = malloc(add + offset))) - goto err; - offset = 0; - } - pp = (char **)p; - p += add; - n = 0; - pp[n++] = p; - i = 0; - f = buf->data; - - esc = 0; - for (;;) { - if (*f == '\0') - break; - if (*f == '\t') { - if (esc) - p--; - else { - *(p++)='\0'; - f++; - if (n >= num) - break; - pp[n++] = p; - continue; - } - } - esc=(*f == '\\'); - *(p++)= *(f++); - } - *(p++)='\0'; - if ((n != num) || (*f != '\0')) { - fprintf(stderr, "wrong number of fields on line %ld (looking for field %d, got %d, '%s' left)\n",ln,num,n,f); - er = 2; - goto err; - } - pp[n] = p; - if (!sk_OPENSSL_PSTRING_push(ret->data, pp)) { - fprintf(stderr, "failure in sk_push\n"); - er = 2; - goto err; - } - } - er = 0; - -err: - BUF_MEM_free(buf); - if (er) { - if (er == 1) - fprintf(stderr, "malloc failure\n"); - if (ret != NULL) { - if (ret->data != NULL) - sk_OPENSSL_PSTRING_free(ret->data); - free(ret->index); - free(ret->qual); - free(ret); - } - return (NULL); - } else - return (ret); -} -LCRYPTO_ALIAS(TXT_DB_read); - -OPENSSL_STRING * -TXT_DB_get_by_index(TXT_DB *db, int idx, OPENSSL_STRING *value) -{ - OPENSSL_STRING *ret; - LHASH_OF(OPENSSL_STRING) *lh; - - if (idx >= db->num_fields) { - db->error = DB_ERROR_INDEX_OUT_OF_RANGE; - return (NULL); - } - lh = db->index[idx]; - if (lh == NULL) { - db->error = DB_ERROR_NO_INDEX; - return (NULL); - } - ret = lh_OPENSSL_STRING_retrieve(lh, value); - db->error = DB_ERROR_OK; - return (ret); -} -LCRYPTO_ALIAS(TXT_DB_get_by_index); - -int -TXT_DB_create_index(TXT_DB *db, int field, int (*qual)(OPENSSL_STRING *), - LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp) -{ - LHASH_OF(OPENSSL_STRING) *idx; - OPENSSL_STRING *r; - int i, n; - - if (field >= db->num_fields) { - db->error = DB_ERROR_INDEX_OUT_OF_RANGE; - return (0); - } - /* FIXME: we lose type checking at this point */ - if ((idx = (LHASH_OF(OPENSSL_STRING) *)lh_new(hash, cmp)) == NULL) { - db->error = DB_ERROR_MALLOC; - return (0); - } - n = sk_OPENSSL_PSTRING_num(db->data); - for (i = 0; i < n; i++) { - r = sk_OPENSSL_PSTRING_value(db->data, i); - if ((qual != NULL) && (qual(r) == 0)) - continue; - if ((r = lh_OPENSSL_STRING_insert(idx, r)) != NULL) { - db->error = DB_ERROR_INDEX_CLASH; - db->arg1 = sk_OPENSSL_PSTRING_find(db->data, r); - db->arg2 = i; - lh_OPENSSL_STRING_free(idx); - return (0); - } - } - if (db->index[field] != NULL) - lh_OPENSSL_STRING_free(db->index[field]); - db->index[field] = idx; - db->qual[field] = qual; - return (1); -} -LCRYPTO_ALIAS(TXT_DB_create_index); - -long -TXT_DB_write(BIO *out, TXT_DB *db) -{ - long i, j,n, nn, l, tot = 0; - char *p, **pp, *f; - BUF_MEM *buf = NULL; - long ret = -1; - - if ((buf = BUF_MEM_new()) == NULL) - goto err; - n = sk_OPENSSL_PSTRING_num(db->data); - nn = db->num_fields; - for (i = 0; i < n; i++) { - pp = sk_OPENSSL_PSTRING_value(db->data, i); - - l = 0; - for (j = 0; j < nn; j++) { - if (pp[j] != NULL) - l += strlen(pp[j]); - } - if (!BUF_MEM_grow_clean(buf, (int)(l*2 + nn))) - goto err; - - p = buf->data; - for (j = 0; j < nn; j++) { - f = pp[j]; - if (f != NULL) - for (;;) { - if (*f == '\0') - break; - if (*f == '\t') - *(p++) = '\\'; - *(p++) = *(f++); - } - *(p++) = '\t'; - } - p[-1] = '\n'; - j = p - buf->data; - if (BIO_write(out, buf->data, (int)j) != j) - goto err; - tot += j; - } - ret = tot; - -err: - if (buf != NULL) - BUF_MEM_free(buf); - return (ret); -} -LCRYPTO_ALIAS(TXT_DB_write); - -int -TXT_DB_insert(TXT_DB *db, OPENSSL_STRING *row) -{ - int i; - OPENSSL_STRING *r; - - for (i = 0; i < db->num_fields; i++) { - if (db->index[i] != NULL) { - if ((db->qual[i] != NULL) && (db->qual[i](row) == 0)) - continue; - r = lh_OPENSSL_STRING_retrieve(db->index[i], row); - if (r != NULL) { - db->error = DB_ERROR_INDEX_CLASH; - db->arg1 = i; - db->arg_row = r; - goto err; - } - } - } - /* We have passed the index checks, now just append and insert */ - if (!sk_OPENSSL_PSTRING_push(db->data, row)) { - db->error = DB_ERROR_MALLOC; - goto err; - } - - for (i = 0; i < db->num_fields; i++) { - if (db->index[i] != NULL) { - if ((db->qual[i] != NULL) && (db->qual[i](row) == 0)) - continue; - (void)lh_OPENSSL_STRING_insert(db->index[i], row); - } - } - return (1); - -err: - return (0); -} -LCRYPTO_ALIAS(TXT_DB_insert); - -void -TXT_DB_free(TXT_DB *db) -{ - int i, n; - char **p, *max; - - if (db == NULL) - return; - - if (db->index != NULL) { - for (i = db->num_fields - 1; i >= 0; i--) - if (db->index[i] != NULL) - lh_OPENSSL_STRING_free(db->index[i]); - free(db->index); - } - free(db->qual); - if (db->data != NULL) { - for (i = sk_OPENSSL_PSTRING_num(db->data) - 1; i >= 0; i--) { - /* check if any 'fields' have been allocated - * from outside of the initial block */ - p = sk_OPENSSL_PSTRING_value(db->data, i); - max = p[db->num_fields]; /* last address */ - if (max == NULL) /* new row */ - { - for (n = 0; n < db->num_fields; n++) - free(p[n]); - } else { - for (n = 0; n < db->num_fields; n++) { - if (((p[n] < (char *)p) || - (p[n] > max)) && - (p[n] != NULL)) - free(p[n]); - } - } - free(sk_OPENSSL_PSTRING_value(db->data, i)); - } - sk_OPENSSL_PSTRING_free(db->data); - } - free(db); -} -LCRYPTO_ALIAS(TXT_DB_free); diff --git a/src/lib/libcrypto/txt_db/txt_db.h b/src/lib/libcrypto/txt_db/txt_db.h deleted file mode 100644 index 56b6b42482..0000000000 --- a/src/lib/libcrypto/txt_db/txt_db.h +++ /dev/null @@ -1,112 +0,0 @@ -/* $OpenBSD: txt_db.h,v 1.9 2014/07/10 22:45:58 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_TXT_DB_H -#define HEADER_TXT_DB_H - -#include - -#ifndef OPENSSL_NO_BIO -#include -#endif -#include -#include - -#define DB_ERROR_OK 0 -#define DB_ERROR_MALLOC 1 -#define DB_ERROR_INDEX_CLASH 2 -#define DB_ERROR_INDEX_OUT_OF_RANGE 3 -#define DB_ERROR_NO_INDEX 4 -#define DB_ERROR_INSERT_INDEX_CLASH 5 - -#ifdef __cplusplus -extern "C" { -#endif - -typedef OPENSSL_STRING *OPENSSL_PSTRING; -DECLARE_SPECIAL_STACK_OF(OPENSSL_PSTRING, OPENSSL_STRING) - -typedef struct txt_db_st { - int num_fields; - STACK_OF(OPENSSL_PSTRING) *data; - LHASH_OF(OPENSSL_STRING) **index; - int (**qual)(OPENSSL_STRING *); - long error; - long arg1; - long arg2; - OPENSSL_STRING *arg_row; -} TXT_DB; - -#ifndef OPENSSL_NO_BIO -TXT_DB *TXT_DB_read(BIO *in, int num); -long TXT_DB_write(BIO *out, TXT_DB *db); -#else -TXT_DB *TXT_DB_read(char *in, int num); -long TXT_DB_write(char *out, TXT_DB *db); -#endif -int TXT_DB_create_index(TXT_DB *db, int field, int (*qual)(OPENSSL_STRING *), - LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp); -void TXT_DB_free(TXT_DB *db); -OPENSSL_STRING *TXT_DB_get_by_index(TXT_DB *db, int idx, OPENSSL_STRING *value); -int TXT_DB_insert(TXT_DB *db, OPENSSL_STRING *value); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/ui/ui.h b/src/lib/libcrypto/ui/ui.h deleted file mode 100644 index cc400c2d5a..0000000000 --- a/src/lib/libcrypto/ui/ui.h +++ /dev/null @@ -1,397 +0,0 @@ -/* $OpenBSD: ui.h,v 1.20 2025/03/09 15:25:53 tb Exp $ */ -/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL - * project 2001. - */ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_UI_H -#define HEADER_UI_H - -#include - -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* Declared already in ossl_typ.h */ -/* typedef struct ui_st UI; */ -/* typedef struct ui_method_st UI_METHOD; */ - - -/* - * All the following functions return -1 or NULL on error and in some cases - * (UI_process()) -2 if interrupted or in some other way cancelled. - * When everything is fine, they return 0, a positive value or a non-NULL - * pointer, all depending on their purpose. - */ - -/* Creators and destructor. */ -UI *UI_new(void); -UI *UI_new_method(const UI_METHOD *method); -void UI_free(UI *ui); - -/* - * The following functions are used to add strings to be printed and prompt - * strings to prompt for data. The names are UI_{add,dup}__string - * and UI_{add,dup}_input_boolean. - * - * UI_{add,dup}__string have the following meanings: - * add add a text or prompt string. The pointers given to these - * functions are used verbatim, no copying is done. - * dup make a copy of the text or prompt string, then add the copy - * to the collection of strings in the user interface. - * - * The function is a name for the functionality that the given - * string shall be used for. It can be one of: - * input use the string as data prompt. - * verify use the string as verification prompt. This - * is used to verify a previous input. - * info use the string for informational output. - * error use the string for error output. - * Honestly, there's currently no difference between info and error for the - * moment. - * - * UI_{add,dup}_input_boolean have the same semantics for "add" and "dup", - * and are typically used when one wants to prompt for a yes/no response. - * - * All of the functions in this group take a UI and a prompt string. - * The string input and verify addition functions also take a flag argument, - * a buffer for the result to end up in, a minimum input size and a maximum - * input size (the result buffer MUST be large enough to be able to contain - * the maximum number of characters). Additionally, the verify addition - * functions takes another buffer to compare the result against. - * The boolean input functions take an action description string (which should - * be safe to ignore if the expected user action is obvious, for example with - * a dialog box with an OK button and a Cancel button), a string of acceptable - * characters to mean OK and to mean Cancel. The two last strings are checked - * to make sure they don't have common characters. Additionally, the same - * flag argument as for the string input is taken, as well as a result buffer. - * The result buffer is required to be at least one byte long. Depending on - * the answer, the first character from the OK or the Cancel character strings - * will be stored in the first byte of the result buffer. No NUL will be - * added, so the result is *not* a string. - * - * On success, the functions all return an index of the added information. - * That index is useful when retrieving results with UI_get0_result(). - */ -int UI_add_input_string(UI *ui, const char *prompt, int flags, - char *result_buf, int minsize, int maxsize); -int UI_dup_input_string(UI *ui, const char *prompt, int flags, - char *result_buf, int minsize, int maxsize); -int UI_add_verify_string(UI *ui, const char *prompt, int flags, - char *result_buf, int minsize, int maxsize, const char *test_buf); -int UI_dup_verify_string(UI *ui, const char *prompt, int flags, - char *result_buf, int minsize, int maxsize, const char *test_buf); -int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc, - const char *ok_chars, const char *cancel_chars, - int flags, char *result_buf); -int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc, - const char *ok_chars, const char *cancel_chars, - int flags, char *result_buf); -int UI_add_info_string(UI *ui, const char *text); -int UI_dup_info_string(UI *ui, const char *text); -int UI_add_error_string(UI *ui, const char *text); -int UI_dup_error_string(UI *ui, const char *text); - -/* These are the possible flags. They can be or'ed together. */ -/* Use to have echoing of input */ -#define UI_INPUT_FLAG_ECHO 0x01 -/* - * Use a default password. Where that password is found is completely - * up to the application, it might for example be in the user data set - * with UI_add_user_data(). It is not recommended to have more than - * one input in each UI being marked with this flag, or the application - * might get confused. - */ -#define UI_INPUT_FLAG_DEFAULT_PWD 0x02 - -/* - * Users of these routines may want to define flags of their own. The core - * UI won't look at those, but will pass them on to the method routines. They - * must use higher bits so they don't get confused with the UI bits above. - * UI_INPUT_FLAG_USER_BASE tells which is the lowest bit to use. A good - * example of use is this: - * - * #define MY_UI_FLAG1 (0x01 << UI_INPUT_FLAG_USER_BASE) - */ -#define UI_INPUT_FLAG_USER_BASE 16 - - -/* - * The following function helps construct a prompt. object_desc is a - * textual short description of the object, for example "pass phrase", - * and object_name is the name of the object (might be a card name or - * a file name. - * The returned string shall always be allocated on the heap with - * malloc(), and need to be free'd with free(). - * - * If the ui_method doesn't contain a pointer to a user-defined prompt - * constructor, a default string is built, looking like this: - * - * "Enter {object_desc} for {object_name}:" - * - * So, if object_desc has the value "pass phrase" and object_name has - * the value "foo.key", the resulting string is: - * - * "Enter pass phrase for foo.key:" - */ -char *UI_construct_prompt(UI *ui_method, const char *object_desc, - const char *object_name); - - -/* - * The following function is used to store a pointer to user-specific data. - * Any previous such pointer will be returned and replaced. - * - * For callback purposes, this function makes a lot more sense than using - * ex_data, since the latter requires that different parts of OpenSSL or - * applications share the same ex_data index. - * - * Note that the UI_OpenSSL() method completely ignores the user data. - * Other methods may not, however. - */ -void *UI_add_user_data(UI *ui, void *user_data); -/* We need a user data retrieving function as well. */ -void *UI_get0_user_data(UI *ui); - -/* Return the result associated with a prompt given with the index i. */ -const char *UI_get0_result(UI *ui, int i); - -/* When all strings have been added, process the whole thing. */ -int UI_process(UI *ui); - -/* - * Give a user interface parametrised control commands. This can be used to - * send down an integer, a data pointer or a function pointer, as well as - * be used to get information from a UI. - */ -int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)(void)); - -/* The commands */ -/* - * Use UI_CONTROL_PRINT_ERRORS with the value 1 to have UI_process print the - * OpenSSL error stack before printing any info or added error messages and - * before any prompting. - */ -#define UI_CTRL_PRINT_ERRORS 1 -/* - * Check if a UI_process() is possible to do again with the same instance of - * a user interface. This makes UI_ctrl() return 1 if it is redoable, and 0 - * if not. - */ -#define UI_CTRL_IS_REDOABLE 2 - - -/* Some methods may use extra data */ -#define UI_set_app_data(s,arg) UI_set_ex_data(s,0,arg) -#define UI_get_app_data(s) UI_get_ex_data(s,0) -int UI_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int UI_set_ex_data(UI *r, int idx, void *arg); -void *UI_get_ex_data(UI *r, int idx); - -/* Use specific methods instead of the built-in one */ -void UI_set_default_method(const UI_METHOD *meth); -const UI_METHOD *UI_get_default_method(void); -const UI_METHOD *UI_get_method(UI *ui); -const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth); - -/* The method with all the built-in thingies */ -const UI_METHOD *UI_OpenSSL(void); - -const UI_METHOD *UI_null(void); - -/* - * ---------- For method writers ---------- - * A method contains a number of functions that implement the low level - * of the User Interface. The functions are: - * - * an opener This function starts a session, maybe by opening - * a channel to a tty, or by opening a window. - * a writer This function is called to write a given string, - * maybe to the tty, maybe as a field label in a - * window. - * a flusher This function is called to flush everything that - * has been output so far. It can be used to actually - * display a dialog box after it has been built. - * a reader This function is called to read a given prompt, - * maybe from the tty, maybe from a field in a - * window. Note that it's called with all string - * structures, not only the prompt ones, so it must - * check such things itself. - * a closer This function closes the session, maybe by closing - * the channel to the tty, or closing the window. - * - * All these functions are expected to return: - * - * 0 on error. - * 1 on success. - * -1 on out-of-band events, for example if some prompting has - * been canceled (by pressing Ctrl-C, for example). This is - * only checked when returned by the flusher or the reader. - * - * The way this is used, the opener is first called, then the writer for all - * strings, then the flusher, then the reader for all strings and finally the - * closer. Note that if you want to prompt from a terminal or other command - * line interface, the best is to have the reader also write the prompts - * instead of having the writer do it. If you want to prompt from a dialog - * box, the writer can be used to build up the contents of the box, and the - * flusher to actually display the box and run the event loop until all data - * has been given, after which the reader only grabs the given data and puts - * them back into the UI strings. - * - * All method functions take a UI as argument. Additionally, the writer and - * the reader take a UI_STRING. - */ - -/* - * The UI_STRING type is the data structure that contains all the needed info - * about a string or a prompt, including test data for a verification prompt. - */ -typedef struct ui_string_st UI_STRING; -DECLARE_STACK_OF(UI_STRING) - -/* - * The different types of strings that are currently supported. - * This is only needed by method authors. - */ -enum UI_string_types { - UIT_NONE = 0, - UIT_PROMPT, /* Prompt for a string */ - UIT_VERIFY, /* Prompt for a string and verify */ - UIT_BOOLEAN, /* Prompt for a yes/no response */ - UIT_INFO, /* Send info to the user */ - UIT_ERROR /* Send an error message to the user */ -}; - -/* Create and manipulate methods */ -UI_METHOD *UI_create_method(const char *name); -void UI_destroy_method(UI_METHOD *ui_method); -int UI_method_set_opener(UI_METHOD *method, int (*opener)(UI *ui)); -int UI_method_set_writer(UI_METHOD *method, - int (*writer)(UI *ui, UI_STRING *uis)); -int UI_method_set_flusher(UI_METHOD *method, int (*flusher)(UI *ui)); -int UI_method_set_reader(UI_METHOD *method, - int (*reader)(UI *ui, UI_STRING *uis)); -int UI_method_set_closer(UI_METHOD *method, int (*closer)(UI *ui)); -int UI_method_set_prompt_constructor(UI_METHOD *method, - char *(*prompt_constructor)(UI *ui, const char *object_desc, - const char *object_name)); -int (*UI_method_get_opener(const UI_METHOD *method))(UI *); -int (*UI_method_get_writer(const UI_METHOD *method))(UI *, UI_STRING *); -int (*UI_method_get_flusher(const UI_METHOD *method))(UI *); -int (*UI_method_get_reader(const UI_METHOD *method))(UI *, UI_STRING *); -int (*UI_method_get_closer(const UI_METHOD *method))(UI *); -char *(*UI_method_get_prompt_constructor(const UI_METHOD *method))(UI *, - const char *, const char *); - -/* - * The following functions are helpers for method writers to access relevant - * data from a UI_STRING. - */ -/* Return type of the UI_STRING */ -enum UI_string_types UI_get_string_type(UI_STRING *uis); -/* Return input flags of the UI_STRING */ -int UI_get_input_flags(UI_STRING *uis); -/* Return the actual string to output (the prompt, info or error) */ -const char *UI_get0_output_string(UI_STRING *uis); -/* Return the optional action string to output (boolean prompt instruction) */ -const char *UI_get0_action_string(UI_STRING *uis); -/* Return the result of a prompt */ -const char *UI_get0_result_string(UI_STRING *uis); -/* Return the string to test the result against. Only useful with verifies. */ -const char *UI_get0_test_string(UI_STRING *uis); -/* Return the required minimum size of the result */ -int UI_get_result_minsize(UI_STRING *uis); -/* Return the required maximum size of the result */ -int UI_get_result_maxsize(UI_STRING *uis); -/* Set the result of a UI_STRING. */ -int UI_set_result(UI *ui, UI_STRING *uis, const char *result); - -void ERR_load_UI_strings(void); - -/* Error codes for the UI functions. */ - -/* Function codes. */ -#define UI_F_GENERAL_ALLOCATE_BOOLEAN 108 -#define UI_F_GENERAL_ALLOCATE_PROMPT 109 -#define UI_F_GENERAL_ALLOCATE_STRING 100 -#define UI_F_UI_CTRL 111 -#define UI_F_UI_DUP_ERROR_STRING 101 -#define UI_F_UI_DUP_INFO_STRING 102 -#define UI_F_UI_DUP_INPUT_BOOLEAN 110 -#define UI_F_UI_DUP_INPUT_STRING 103 -#define UI_F_UI_DUP_VERIFY_STRING 106 -#define UI_F_UI_GET0_RESULT 107 -#define UI_F_UI_NEW_METHOD 104 -#define UI_F_UI_SET_RESULT 105 - -/* Reason codes. */ -#define UI_R_COMMON_OK_AND_CANCEL_CHARACTERS 104 -#define UI_R_INDEX_TOO_LARGE 102 -#define UI_R_INDEX_TOO_SMALL 103 -#define UI_R_NO_RESULT_BUFFER 105 -#define UI_R_RESULT_TOO_LARGE 100 -#define UI_R_RESULT_TOO_SMALL 101 -#define UI_R_UNKNOWN_CONTROL_COMMAND 106 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/ui/ui_err.c b/src/lib/libcrypto/ui/ui_err.c deleted file mode 100644 index 656fa42887..0000000000 --- a/src/lib/libcrypto/ui/ui_err.c +++ /dev/null @@ -1,98 +0,0 @@ -/* $OpenBSD: ui_err.c,v 1.13 2024/06/24 06:43:23 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include - -#include "err_local.h" - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_UI,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_UI,0,reason) - -static const ERR_STRING_DATA UI_str_functs[] = { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static const ERR_STRING_DATA UI_str_reasons[] = { - {ERR_REASON(UI_R_COMMON_OK_AND_CANCEL_CHARACTERS), "common ok and cancel characters"}, - {ERR_REASON(UI_R_INDEX_TOO_LARGE), "index too large"}, - {ERR_REASON(UI_R_INDEX_TOO_SMALL), "index too small"}, - {ERR_REASON(UI_R_NO_RESULT_BUFFER), "no result buffer"}, - {ERR_REASON(UI_R_RESULT_TOO_LARGE), "result too large"}, - {ERR_REASON(UI_R_RESULT_TOO_SMALL), "result too small"}, - {ERR_REASON(UI_R_UNKNOWN_CONTROL_COMMAND), "unknown control command"}, - {0, NULL} -}; - -#endif - -void -ERR_load_UI_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(UI_str_functs[0].error) == NULL) { - ERR_load_const_strings(UI_str_functs); - ERR_load_const_strings(UI_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_UI_strings); diff --git a/src/lib/libcrypto/ui/ui_lib.c b/src/lib/libcrypto/ui/ui_lib.c deleted file mode 100644 index 73d899afcc..0000000000 --- a/src/lib/libcrypto/ui/ui_lib.c +++ /dev/null @@ -1,907 +0,0 @@ -/* $OpenBSD: ui_lib.c,v 1.51 2023/02/16 08:38:17 tb Exp $ */ -/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL - * project 2001. - */ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include -#include - -#include "ui_local.h" - -static const UI_METHOD *default_UI_meth = NULL; - -UI * -UI_new(void) -{ - return (UI_new_method(NULL)); -} -LCRYPTO_ALIAS(UI_new); - -UI * -UI_new_method(const UI_METHOD *method) -{ - UI *ret; - - if ((ret = calloc(1, sizeof(UI))) == NULL) { - UIerror(ERR_R_MALLOC_FAILURE); - return NULL; - } - if ((ret->meth = method) == NULL) - ret->meth = UI_get_default_method(); - CRYPTO_new_ex_data(CRYPTO_EX_INDEX_UI, ret, &ret->ex_data); - - return ret; -} -LCRYPTO_ALIAS(UI_new_method); - -static void -free_string(UI_STRING *uis) -{ - if (uis == NULL) - return; - if (uis->flags & OUT_STRING_FREEABLE) { - free((char *) uis->out_string); - switch (uis->type) { - case UIT_BOOLEAN: - free((char *)uis->_.boolean_data.action_desc); - free((char *)uis->_.boolean_data.ok_chars); - free((char *)uis->_.boolean_data.cancel_chars); - break; - default: - break; - } - } - free(uis); -} - -void -UI_free(UI *ui) -{ - if (ui == NULL) - return; - - sk_UI_STRING_pop_free(ui->strings, free_string); - CRYPTO_free_ex_data(CRYPTO_EX_INDEX_UI, ui, &ui->ex_data); - free(ui); -} -LCRYPTO_ALIAS(UI_free); - -static int -allocate_string_stack(UI *ui) -{ - if (ui->strings == NULL) { - if ((ui->strings = sk_UI_STRING_new_null()) == NULL) { - UIerror(ERR_R_MALLOC_FAILURE); - return -1; - } - } - return 0; -} - -static UI_STRING * -general_allocate_prompt(const char *prompt, int dup_prompt, - enum UI_string_types type, int input_flags, char *result_buf) -{ - UI_STRING *uis = NULL; - - if (prompt == NULL) { - UIerror(ERR_R_PASSED_NULL_PARAMETER); - goto err; - } - if ((type == UIT_PROMPT || type == UIT_VERIFY || type == UIT_BOOLEAN) && - result_buf == NULL) { - UIerror(UI_R_NO_RESULT_BUFFER); - goto err; - } - - if ((uis = calloc(1, sizeof(UI_STRING))) == NULL) { - UIerror(ERR_R_MALLOC_FAILURE); - goto err; - } - uis->out_string = prompt; - if (dup_prompt) { - if ((uis->out_string = strdup(prompt)) == NULL) { - UIerror(ERR_R_MALLOC_FAILURE); - goto err; - } - uis->flags = OUT_STRING_FREEABLE; - } - uis->input_flags = input_flags; - uis->type = type; - uis->result_buf = result_buf; - - return uis; - - err: - free_string(uis); - return NULL; -} - -static int -general_allocate_string(UI *ui, const char *prompt, int dup_prompt, - enum UI_string_types type, int input_flags, char *result_buf, int minsize, - int maxsize, const char *test_buf) -{ - UI_STRING *s; - int ret; - - if ((s = general_allocate_prompt(prompt, dup_prompt, type, input_flags, - result_buf)) == NULL) - goto err; - s->_.string_data.result_minsize = minsize; - s->_.string_data.result_maxsize = maxsize; - s->_.string_data.test_buf = test_buf; - - if (allocate_string_stack(ui) < 0) - goto err; - if ((ret = sk_UI_STRING_push(ui->strings, s)) <= 0) - goto err; - - return ret; - - err: - free_string(s); - return -1; -} - -static int -general_allocate_boolean(UI *ui, const char *prompt, const char *action_desc, - const char *ok_chars, const char *cancel_chars, int dup_strings, - enum UI_string_types type, int input_flags, char *result_buf) -{ - UI_STRING *s = NULL; - int ret; - - if (ok_chars == NULL || cancel_chars == NULL) { - UIerror(ERR_R_PASSED_NULL_PARAMETER); - goto err; - } - if (ok_chars[strcspn(ok_chars, cancel_chars)] != '\0') { - UIerror(UI_R_COMMON_OK_AND_CANCEL_CHARACTERS); - goto err; - } - - if ((s = general_allocate_prompt(prompt, dup_strings, type, input_flags, - result_buf)) == NULL) - goto err; - - if (dup_strings) { - if (action_desc != NULL) { - if ((s->_.boolean_data.action_desc = - strdup(action_desc)) == NULL) { - UIerror(ERR_R_MALLOC_FAILURE); - goto err; - } - } - if ((s->_.boolean_data.ok_chars = strdup(ok_chars)) == NULL) { - UIerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if ((s->_.boolean_data.cancel_chars = strdup(cancel_chars)) == - NULL) { - UIerror(ERR_R_MALLOC_FAILURE); - goto err; - } - } else { - s->_.boolean_data.action_desc = action_desc; - s->_.boolean_data.ok_chars = ok_chars; - s->_.boolean_data.cancel_chars = cancel_chars; - } - - if (allocate_string_stack(ui) < 0) - goto err; - if ((ret = sk_UI_STRING_push(ui->strings, s)) <= 0) - goto err; - - return ret; - - err: - free_string(s); - return -1; -} - -/* - * Returns the index to the place in the stack or -1 for error. Uses a - * direct reference to the prompt. - */ -int -UI_add_input_string(UI *ui, const char *prompt, int flags, char *result_buf, - int minsize, int maxsize) -{ - return general_allocate_string(ui, prompt, 0, UIT_PROMPT, flags, - result_buf, minsize, maxsize, NULL); -} -LCRYPTO_ALIAS(UI_add_input_string); - -/* Same as UI_add_input_string(), excepts it takes a copy of the prompt. */ -int -UI_dup_input_string(UI *ui, const char *prompt, int flags, char *result_buf, - int minsize, int maxsize) -{ - return general_allocate_string(ui, prompt, 1, UIT_PROMPT, flags, - result_buf, minsize, maxsize, NULL); -} -LCRYPTO_ALIAS(UI_dup_input_string); - -int -UI_add_verify_string(UI *ui, const char *prompt, int flags, char *result_buf, - int minsize, int maxsize, const char *test_buf) -{ - return general_allocate_string(ui, prompt, 0, UIT_VERIFY, flags, - result_buf, minsize, maxsize, test_buf); -} -LCRYPTO_ALIAS(UI_add_verify_string); - -int -UI_dup_verify_string(UI *ui, const char *prompt, int flags, - char *result_buf, int minsize, int maxsize, const char *test_buf) -{ - return general_allocate_string(ui, prompt, 1, UIT_VERIFY, flags, - result_buf, minsize, maxsize, test_buf); -} -LCRYPTO_ALIAS(UI_dup_verify_string); - -int -UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc, - const char *ok_chars, const char *cancel_chars, int flags, char *result_buf) -{ - return general_allocate_boolean(ui, prompt, action_desc, ok_chars, - cancel_chars, 0, UIT_BOOLEAN, flags, result_buf); -} -LCRYPTO_ALIAS(UI_add_input_boolean); - -int -UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc, - const char *ok_chars, const char *cancel_chars, int flags, char *result_buf) -{ - return general_allocate_boolean(ui, prompt, action_desc, ok_chars, - cancel_chars, 1, UIT_BOOLEAN, flags, result_buf); -} -LCRYPTO_ALIAS(UI_dup_input_boolean); - -int -UI_add_info_string(UI *ui, const char *text) -{ - return general_allocate_string(ui, text, 0, UIT_INFO, 0, NULL, 0, 0, - NULL); -} -LCRYPTO_ALIAS(UI_add_info_string); - -int -UI_dup_info_string(UI *ui, const char *text) -{ - return general_allocate_string(ui, text, 1, UIT_INFO, 0, NULL, 0, 0, - NULL); -} -LCRYPTO_ALIAS(UI_dup_info_string); - -int -UI_add_error_string(UI *ui, const char *text) -{ - return general_allocate_string(ui, text, 0, UIT_ERROR, 0, NULL, 0, 0, - NULL); -} -LCRYPTO_ALIAS(UI_add_error_string); - -int -UI_dup_error_string(UI *ui, const char *text) -{ - return general_allocate_string(ui, text, 1, UIT_ERROR, 0, NULL, 0, 0, - NULL); -} -LCRYPTO_ALIAS(UI_dup_error_string); - -char * -UI_construct_prompt(UI *ui, const char *object_desc, const char *object_name) -{ - char *prompt; - - if (ui->meth->ui_construct_prompt) - return ui->meth->ui_construct_prompt(ui, object_desc, - object_name); - - if (object_desc == NULL) - return NULL; - - if (object_name == NULL) { - if (asprintf(&prompt, "Enter %s:", object_desc) == -1) - return (NULL); - } else { - if (asprintf(&prompt, "Enter %s for %s:", object_desc, - object_name) == -1) - return (NULL); - } - - return prompt; -} -LCRYPTO_ALIAS(UI_construct_prompt); - -void * -UI_add_user_data(UI *ui, void *user_data) -{ - void *old_data = ui->user_data; - - ui->user_data = user_data; - - return old_data; -} -LCRYPTO_ALIAS(UI_add_user_data); - -void * -UI_get0_user_data(UI *ui) -{ - return ui->user_data; -} -LCRYPTO_ALIAS(UI_get0_user_data); - -const char * -UI_get0_result(UI *ui, int i) -{ - if (i < 0) { - UIerror(UI_R_INDEX_TOO_SMALL); - return NULL; - } - if (i >= sk_UI_STRING_num(ui->strings)) { - UIerror(UI_R_INDEX_TOO_LARGE); - return NULL; - } - return UI_get0_result_string(sk_UI_STRING_value(ui->strings, i)); -} -LCRYPTO_ALIAS(UI_get0_result); - -static int -print_error(const char *str, size_t len, void *arg) -{ - UI *ui = arg; - UI_STRING uis; - - memset(&uis, 0, sizeof(uis)); - uis.type = UIT_ERROR; - uis.out_string = str; - - if (ui->meth->ui_write_string && - !ui->meth->ui_write_string(ui, &uis)) - return -1; - return 0; -} - -int -UI_process(UI *ui) -{ - int i, ok = 0; - - if (ui->meth->ui_open_session && !ui->meth->ui_open_session(ui)) - return -1; - - if (ui->flags & UI_FLAG_PRINT_ERRORS) - ERR_print_errors_cb(print_error, ui); - - for (i = 0; i < sk_UI_STRING_num(ui->strings); i++) { - if (ui->meth->ui_write_string && - !ui->meth->ui_write_string(ui, - sk_UI_STRING_value(ui->strings, i))) { - ok = -1; - goto err; - } - } - - if (ui->meth->ui_flush) - switch (ui->meth->ui_flush(ui)) { - case -1: /* Interrupt/Cancel/something... */ - ok = -2; - goto err; - case 0: /* Errors */ - ok = -1; - goto err; - default: /* Success */ - ok = 0; - break; - } - - for (i = 0; i < sk_UI_STRING_num(ui->strings); i++) { - if (ui->meth->ui_read_string) { - switch (ui->meth->ui_read_string(ui, - sk_UI_STRING_value(ui->strings, i))) { - case -1: /* Interrupt/Cancel/something... */ - ui->flags &= ~UI_FLAG_REDOABLE; - ok = -2; - goto err; - case 0: /* Errors */ - ok = -1; - goto err; - default: /* Success */ - ok = 0; - break; - } - } - } - - err: - if (ui->meth->ui_close_session && !ui->meth->ui_close_session(ui)) - return -1; - return ok; -} -LCRYPTO_ALIAS(UI_process); - -int -UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f) (void)) -{ - if (ui == NULL) { - UIerror(ERR_R_PASSED_NULL_PARAMETER); - return -1; - } - - switch (cmd) { - case UI_CTRL_PRINT_ERRORS: - { - int save_flag = !!(ui->flags & UI_FLAG_PRINT_ERRORS); - if (i) - ui->flags |= UI_FLAG_PRINT_ERRORS; - else - ui->flags &= ~UI_FLAG_PRINT_ERRORS; - return save_flag; - } - case UI_CTRL_IS_REDOABLE: - return !!(ui->flags & UI_FLAG_REDOABLE); - default: - break; - } - UIerror(UI_R_UNKNOWN_CONTROL_COMMAND); - return -1; -} -LCRYPTO_ALIAS(UI_ctrl); - -int -UI_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) -{ - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI, argl, argp, - new_func, dup_func, free_func); -} -LCRYPTO_ALIAS(UI_get_ex_new_index); - -int -UI_set_ex_data(UI *r, int idx, void *arg) -{ - return (CRYPTO_set_ex_data(&r->ex_data, idx, arg)); -} -LCRYPTO_ALIAS(UI_set_ex_data); - -void * -UI_get_ex_data(UI *r, int idx) -{ - return (CRYPTO_get_ex_data(&r->ex_data, idx)); -} -LCRYPTO_ALIAS(UI_get_ex_data); - -void -UI_set_default_method(const UI_METHOD *method) -{ - default_UI_meth = method; -} -LCRYPTO_ALIAS(UI_set_default_method); - -const UI_METHOD * -UI_get_default_method(void) -{ - if (default_UI_meth == NULL) - default_UI_meth = UI_OpenSSL(); - - return default_UI_meth; -} -LCRYPTO_ALIAS(UI_get_default_method); - -const UI_METHOD * -UI_get_method(UI *ui) -{ - return ui->meth; -} -LCRYPTO_ALIAS(UI_get_method); - -const UI_METHOD * -UI_set_method(UI *ui, const UI_METHOD *method) -{ - ui->meth = method; - - return ui->meth; -} -LCRYPTO_ALIAS(UI_set_method); - -UI_METHOD * -UI_create_method(const char *name) -{ - UI_METHOD *method = NULL; - - if ((method = calloc(1, sizeof(UI_METHOD))) == NULL) - goto err; - - if (name != NULL) { - if ((method->name = strdup(name)) == NULL) - goto err; - } - - return method; - - err: - UI_destroy_method(method); - - return NULL; -} -LCRYPTO_ALIAS(UI_create_method); - -void -UI_destroy_method(UI_METHOD *method) -{ - if (method == NULL) - return; - - free(method->name); - free(method); -} -LCRYPTO_ALIAS(UI_destroy_method); - -int -UI_method_set_opener(UI_METHOD *method, int (*opener)(UI *ui)) -{ - if (method == NULL) - return -1; - - method->ui_open_session = opener; - - return 0; -} -LCRYPTO_ALIAS(UI_method_set_opener); - -int -UI_method_set_writer(UI_METHOD *method, int (*writer)(UI *ui, UI_STRING *uis)) -{ - if (method == NULL) - return -1; - - method->ui_write_string = writer; - - return 0; -} -LCRYPTO_ALIAS(UI_method_set_writer); - -int -UI_method_set_flusher(UI_METHOD *method, int (*flusher)(UI *ui)) -{ - if (method == NULL) - return -1; - - method->ui_flush = flusher; - - return 0; -} -LCRYPTO_ALIAS(UI_method_set_flusher); - -int -UI_method_set_reader(UI_METHOD *method, int (*reader)(UI *ui, UI_STRING *uis)) -{ - if (method == NULL) - return -1; - - method->ui_read_string = reader; - - return 0; -} -LCRYPTO_ALIAS(UI_method_set_reader); - -int -UI_method_set_closer(UI_METHOD *method, int (*closer)(UI *ui)) -{ - if (method == NULL) - return -1; - - method->ui_close_session = closer; - - return 0; -} -LCRYPTO_ALIAS(UI_method_set_closer); - -int -UI_method_set_prompt_constructor(UI_METHOD *method, - char *(*prompt_constructor)(UI *ui, const char *object_desc, - const char *object_name)) -{ - if (method == NULL) - return -1; - - method->ui_construct_prompt = prompt_constructor; - - return 0; -} -LCRYPTO_ALIAS(UI_method_set_prompt_constructor); - -int -(*UI_method_get_opener(const UI_METHOD * method))(UI *) -{ - if (method == NULL) - return NULL; - - return method->ui_open_session; -} -LCRYPTO_ALIAS(UI_method_get_opener); - -int -(*UI_method_get_writer(const UI_METHOD *method))(UI *, UI_STRING *) -{ - if (method == NULL) - return NULL; - - return method->ui_write_string; -} -LCRYPTO_ALIAS(UI_method_get_writer); - -int -(*UI_method_get_flusher(const UI_METHOD *method)) (UI *) -{ - if (method == NULL) - return NULL; - - return method->ui_flush; -} -LCRYPTO_ALIAS(UI_method_get_flusher); - -int -(*UI_method_get_reader(const UI_METHOD *method))(UI *, UI_STRING *) -{ - if (method == NULL) - return NULL; - - return method->ui_read_string; -} -LCRYPTO_ALIAS(UI_method_get_reader); - -int -(*UI_method_get_closer(const UI_METHOD *method))(UI *) -{ - if (method == NULL) - return NULL; - - return method->ui_close_session; -} -LCRYPTO_ALIAS(UI_method_get_closer); - -char * -(*UI_method_get_prompt_constructor(const UI_METHOD *method))(UI *, const char *, - const char *) -{ - if (method == NULL) - return NULL; - - return method->ui_construct_prompt; -} -LCRYPTO_ALIAS(UI_method_get_prompt_constructor); - -enum UI_string_types -UI_get_string_type(UI_STRING *uis) -{ - if (uis == NULL) - return UIT_NONE; - - return uis->type; -} -LCRYPTO_ALIAS(UI_get_string_type); - -int -UI_get_input_flags(UI_STRING *uis) -{ - if (uis == NULL) - return 0; - - return uis->input_flags; -} -LCRYPTO_ALIAS(UI_get_input_flags); - -const char * -UI_get0_output_string(UI_STRING *uis) -{ - if (uis == NULL) - return NULL; - - return uis->out_string; -} -LCRYPTO_ALIAS(UI_get0_output_string); - -const char * -UI_get0_action_string(UI_STRING *uis) -{ - if (uis == NULL) - return NULL; - - switch (uis->type) { - case UIT_PROMPT: - case UIT_BOOLEAN: - return uis->_.boolean_data.action_desc; - default: - return NULL; - } -} -LCRYPTO_ALIAS(UI_get0_action_string); - -const char * -UI_get0_result_string(UI_STRING *uis) -{ - if (uis == NULL) - return NULL; - - switch (uis->type) { - case UIT_PROMPT: - case UIT_VERIFY: - return uis->result_buf; - default: - return NULL; - } -} -LCRYPTO_ALIAS(UI_get0_result_string); - -const char * -UI_get0_test_string(UI_STRING *uis) -{ - if (uis == NULL) - return NULL; - - switch (uis->type) { - case UIT_VERIFY: - return uis->_.string_data.test_buf; - default: - return NULL; - } -} -LCRYPTO_ALIAS(UI_get0_test_string); - -int -UI_get_result_minsize(UI_STRING *uis) -{ - if (uis == NULL) - return -1; - - switch (uis->type) { - case UIT_PROMPT: - case UIT_VERIFY: - return uis->_.string_data.result_minsize; - default: - return -1; - } -} -LCRYPTO_ALIAS(UI_get_result_minsize); - -int -UI_get_result_maxsize(UI_STRING *uis) -{ - if (uis == NULL) - return -1; - - switch (uis->type) { - case UIT_PROMPT: - case UIT_VERIFY: - return uis->_.string_data.result_maxsize; - default: - return -1; - } -} -LCRYPTO_ALIAS(UI_get_result_maxsize); - -int -UI_set_result(UI *ui, UI_STRING *uis, const char *result) -{ - const char *p; - int l = strlen(result); - - ui->flags &= ~UI_FLAG_REDOABLE; - - if (uis == NULL) - return -1; - - switch (uis->type) { - case UIT_PROMPT: - case UIT_VERIFY: - if (l < uis->_.string_data.result_minsize) { - ui->flags |= UI_FLAG_REDOABLE; - UIerror(UI_R_RESULT_TOO_SMALL); - ERR_asprintf_error_data - ("You must type in %d to %d characters", - uis->_.string_data.result_minsize, - uis->_.string_data.result_maxsize); - return -1; - } - if (l > uis->_.string_data.result_maxsize) { - ui->flags |= UI_FLAG_REDOABLE; - UIerror(UI_R_RESULT_TOO_LARGE); - ERR_asprintf_error_data - ("You must type in %d to %d characters", - uis->_.string_data.result_minsize, - uis->_.string_data.result_maxsize); - return -1; - } - if (!uis->result_buf) { - UIerror(UI_R_NO_RESULT_BUFFER); - return -1; - } - strlcpy(uis->result_buf, result, - uis->_.string_data.result_maxsize + 1); - break; - case UIT_BOOLEAN: - if (!uis->result_buf) { - UIerror(UI_R_NO_RESULT_BUFFER); - return -1; - } - uis->result_buf[0] = '\0'; - for (p = result; *p; p++) { - if (strchr(uis->_.boolean_data.ok_chars, *p)) { - uis->result_buf[0] = - uis->_.boolean_data.ok_chars[0]; - break; - } - if (strchr(uis->_.boolean_data.cancel_chars, *p)) { - uis->result_buf[0] = - uis->_.boolean_data.cancel_chars[0]; - break; - } - } - default: - break; - } - return 0; -} -LCRYPTO_ALIAS(UI_set_result); diff --git a/src/lib/libcrypto/ui/ui_local.h b/src/lib/libcrypto/ui/ui_local.h deleted file mode 100644 index 460b5600bd..0000000000 --- a/src/lib/libcrypto/ui/ui_local.h +++ /dev/null @@ -1,152 +0,0 @@ -/* $OpenBSD: ui_local.h,v 1.2 2022/11/26 17:23:18 tb Exp $ */ - -/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL - * project 2001. - */ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_UI_LOCAL_H -#define HEADER_UI_LOCAL_H - -#include -#include - -__BEGIN_HIDDEN_DECLS - -#ifdef _ -#undef _ -#endif - -struct ui_method_st { - char *name; - - /* All the functions return 1 or non-NULL for success and 0 or NULL - for failure */ - - /* Open whatever channel for this, be it the console, an X window - or whatever. - This function should use the ex_data structure to save - intermediate data. */ - int (*ui_open_session)(UI *ui); - - int (*ui_write_string)(UI *ui, UI_STRING *uis); - - /* Flush the output. If a GUI dialog box is used, this function can - be used to actually display it. */ - int (*ui_flush)(UI *ui); - - int (*ui_read_string)(UI *ui, UI_STRING *uis); - - int (*ui_close_session)(UI *ui); - - /* Construct a prompt in a user-defined manner. object_desc is a - textual short description of the object, for example "pass phrase", - and object_name is the name of the object (might be a card name or - a file name. - The returned string shall always be allocated on the heap with - malloc(), and need to be free'd with free(). */ - char *(*ui_construct_prompt)(UI *ui, const char *object_desc, - const char *object_name); -}; - -struct ui_string_st { - enum UI_string_types type; /* Input */ - const char *out_string; /* Input */ - int input_flags; /* Flags from the user */ - - /* The following parameters are completely irrelevant for UIT_INFO, - and can therefore be set to 0 or NULL */ - char *result_buf; /* Input and Output: If not NULL, user-defined - with size in result_maxsize. Otherwise, it - may be allocated by the UI routine, meaning - result_minsize is going to be overwritten.*/ - union { - struct { - int result_minsize; /* Input: minimum required - size of the result. - */ - int result_maxsize; /* Input: maximum permitted - size of the result */ - - const char *test_buf; /* Input: test string to verify - against */ - } string_data; - struct { - const char *action_desc; /* Input */ - const char *ok_chars; /* Input */ - const char *cancel_chars; /* Input */ - } boolean_data; - } _; - -#define OUT_STRING_FREEABLE 0x01 - int flags; /* flags for internal use */ -}; - -struct ui_st { - const UI_METHOD *meth; - STACK_OF(UI_STRING) *strings; /* We might want to prompt for more - than one thing at a time, and - with different echoing status. */ - void *user_data; - CRYPTO_EX_DATA ex_data; - -#define UI_FLAG_REDOABLE 0x0001 -#define UI_FLAG_PRINT_ERRORS 0x0100 - int flags; -}; - -__END_HIDDEN_DECLS - -#endif /* !HEADER_UI_LOCAL_H */ diff --git a/src/lib/libcrypto/ui/ui_null.c b/src/lib/libcrypto/ui/ui_null.c deleted file mode 100644 index cbc9a5025b..0000000000 --- a/src/lib/libcrypto/ui/ui_null.c +++ /dev/null @@ -1,18 +0,0 @@ -/* $OpenBSD: ui_null.c,v 1.2 2023/02/16 08:38:17 tb Exp $ */ - -/* - * Written by Theo Buehler. Public domain. - */ - -#include "ui_local.h" - -static const UI_METHOD ui_null = { - .name = "OpenSSL NULL UI", -}; - -const UI_METHOD * -UI_null(void) -{ - return &ui_null; -} -LCRYPTO_ALIAS(UI_null); diff --git a/src/lib/libcrypto/ui/ui_openssl.c b/src/lib/libcrypto/ui/ui_openssl.c deleted file mode 100644 index 3ace3a4e75..0000000000 --- a/src/lib/libcrypto/ui/ui_openssl.c +++ /dev/null @@ -1,398 +0,0 @@ -/* $OpenBSD: ui_openssl.c,v 1.29 2025/03/09 15:25:53 tb Exp $ */ -/* Written by Richard Levitte (richard@levitte.org) and others - * for the OpenSSL project 2001. - */ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* The lowest level part of this file was previously in crypto/des/read_pwd.c, - * Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include - -#include -#include -#include -#include -#include -#include - -#include "ui_local.h" - -#ifndef NX509_SIG -#define NX509_SIG 32 -#endif - -/* Define globals. They are protected by a lock */ -static struct sigaction savsig[NX509_SIG]; - -static struct termios tty_orig; -static FILE *tty_in, *tty_out; -static int is_a_tty; - -/* Declare static functions */ -static int read_till_nl(FILE *); -static void recsig(int); -static void pushsig(void); -static void popsig(void); -static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl); - -static int read_string(UI *ui, UI_STRING *uis); -static int write_string(UI *ui, UI_STRING *uis); - -static int open_console(UI *ui); -static int echo_console(UI *ui); -static int noecho_console(UI *ui); -static int close_console(UI *ui); - -static const UI_METHOD ui_openssl = { - .name = "OpenSSL default user interface", - .ui_open_session = open_console, - .ui_write_string = write_string, - .ui_read_string = read_string, - .ui_close_session = close_console, -}; - -/* The method with all the built-in thingies */ -const UI_METHOD * -UI_OpenSSL(void) -{ - return &ui_openssl; -} -LCRYPTO_ALIAS(UI_OpenSSL); - -/* The following function makes sure that info and error strings are printed - before any prompt. */ -static int -write_string(UI *ui, UI_STRING *uis) -{ - switch (UI_get_string_type(uis)) { - case UIT_ERROR: - case UIT_INFO: - fputs(UI_get0_output_string(uis), tty_out); - fflush(tty_out); - break; - default: - break; - } - return 1; -} - -static int -read_string(UI *ui, UI_STRING *uis) -{ - int ok = 0; - - switch (UI_get_string_type(uis)) { - case UIT_BOOLEAN: - fputs(UI_get0_output_string(uis), tty_out); - fputs(UI_get0_action_string(uis), tty_out); - fflush(tty_out); - return read_string_inner(ui, uis, - UI_get_input_flags(uis) & UI_INPUT_FLAG_ECHO, 0); - case UIT_PROMPT: - fputs(UI_get0_output_string(uis), tty_out); - fflush(tty_out); - return read_string_inner(ui, uis, - UI_get_input_flags(uis) & UI_INPUT_FLAG_ECHO, 1); - case UIT_VERIFY: - fprintf(tty_out, "Verifying - %s", - UI_get0_output_string(uis)); - fflush(tty_out); - if ((ok = read_string_inner(ui, uis, UI_get_input_flags(uis) & - UI_INPUT_FLAG_ECHO, 1)) <= 0) - return ok; - if (strcmp(UI_get0_result_string(uis), - UI_get0_test_string(uis)) != 0) { - fprintf(tty_out, "Verify failure\n"); - fflush(tty_out); - return 0; - } - break; - default: - break; - } - return 1; -} - - -/* Internal functions to read a string without echoing */ -static int -read_till_nl(FILE *in) -{ -#define SIZE 4 - char buf[SIZE + 1]; - - do { - if (!fgets(buf, SIZE, in)) - return 0; - } while (strchr(buf, '\n') == NULL); - return 1; -} - -static volatile sig_atomic_t intr_signal; - -static int -read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl) -{ - static int ps; - int ok; - char result[BUFSIZ]; - int maxsize = BUFSIZ - 1; - char *p; - - intr_signal = 0; - ok = 0; - ps = 0; - - pushsig(); - ps = 1; - - if (!echo && !noecho_console(ui)) - goto error; - ps = 2; - - result[0] = '\0'; - p = fgets(result, maxsize, tty_in); - if (!p) - goto error; - if (feof(tty_in)) - goto error; - if (ferror(tty_in)) - goto error; - if ((p = strchr(result, '\n')) != NULL) { - if (strip_nl) - *p = '\0'; - } else if (!read_till_nl(tty_in)) - goto error; - if (UI_set_result(ui, uis, result) >= 0) - ok = 1; - -error: - if (intr_signal == SIGINT) - ok = -1; - if (!echo) - fprintf(tty_out, "\n"); - if (ps >= 2 && !echo && !echo_console(ui)) - ok = 0; - - if (ps >= 1) - popsig(); - - explicit_bzero(result, BUFSIZ); - return ok; -} - - -/* Internal functions to open, handle and close a channel to the console. */ -static int -open_console(UI *ui) -{ - CRYPTO_w_lock(CRYPTO_LOCK_UI); - is_a_tty = 1; - -#define DEV_TTY "/dev/tty" - if ((tty_in = fopen(DEV_TTY, "r")) == NULL) - tty_in = stdin; - if ((tty_out = fopen(DEV_TTY, "w")) == NULL) - tty_out = stderr; - - if (tcgetattr(fileno(tty_in), &tty_orig) == -1) { - if (errno == ENOTTY) - is_a_tty = 0; - else - /* - * Ariel Glenn ariel@columbia.edu reports that - * solaris can return EINVAL instead. This should be - * ok - */ - if (errno == EINVAL) - is_a_tty = 0; - else - return 0; - } - - return 1; -} - -static int -noecho_console(UI *ui) -{ - struct termios tty_new = tty_orig; - - tty_new.c_lflag &= ~ECHO; - if (is_a_tty && (tcsetattr(fileno(tty_in), TCSANOW, &tty_new) == -1)) - return 0; - return 1; -} - -static int -echo_console(UI *ui) -{ - if (is_a_tty && (tcsetattr(fileno(tty_in), TCSANOW, &tty_orig) == -1)) - return 0; - return 1; -} - -static int -close_console(UI *ui) -{ - if (tty_in != stdin) - fclose(tty_in); - if (tty_out != stderr) - fclose(tty_out); - CRYPTO_w_unlock(CRYPTO_LOCK_UI); - - return 1; -} - - -/* Internal functions to handle signals and act on them */ -static void -pushsig(void) -{ - int i; - struct sigaction sa; - - memset(&sa, 0, sizeof sa); - sa.sa_handler = recsig; - - for (i = 1; i < NX509_SIG; i++) { - if (i == SIGUSR1) - continue; - if (i == SIGUSR2) - continue; - if (i == SIGKILL) /* We can't make any action on that. */ - continue; - sigaction(i, &sa, &savsig[i]); - } - - signal(SIGWINCH, SIG_DFL); -} - -static void -popsig(void) -{ - int i; - for (i = 1; i < NX509_SIG; i++) { - if (i == SIGUSR1) - continue; - if (i == SIGUSR2) - continue; - sigaction(i, &savsig[i], NULL); - } -} - -static void -recsig(int i) -{ - intr_signal = i; -} diff --git a/src/lib/libcrypto/util/mkstack.pl b/src/lib/libcrypto/util/mkstack.pl deleted file mode 100644 index 79f8df7e24..0000000000 --- a/src/lib/libcrypto/util/mkstack.pl +++ /dev/null @@ -1,171 +0,0 @@ -#!/usr/local/bin/perl -w - -# This is a utility that searches out "DECLARE_STACK_OF()" -# declarations in .h and .c files, and updates/creates/replaces -# the corresponding macro declarations in crypto/stack/safestack.h. -# As it's not generally possible to have macros that generate macros, -# we need to control this from the "outside", here in this script. -# -# Geoff Thorpe, June, 2000 (with massive Perl-hacking -# help from Steve Robb) - -my $safestack = "crypto/stack/safestack"; - -my $do_write; -while (@ARGV) { - my $arg = $ARGV[0]; - if($arg eq "-write") { - $do_write = 1; - } - shift @ARGV; -} - - -@source = (, , , ); -foreach $file (@source) { - next if -l $file; - - # Open the .c/.h file for reading - open(IN, "< $file") || die "Can't open $file for reading: $!"; - - while() { - if (/^DECLARE_STACK_OF\(([^)]+)\)/) { - push @stacklst, $1; - } - if (/^DECLARE_SPECIAL_STACK_OF\(([^,\s]+)\s*,\s*([^>\s]+)\)/) { - push @sstacklst, [$1, $2]; - } - if (/^DECLARE_ASN1_SET_OF\(([^)]+)\)/) { - push @asn1setlst, $1; - } - if (/^DECLARE_PKCS12_STACK_OF\(([^)]+)\)/) { - push @p12stklst, $1; - } - if (/^DECLARE_LHASH_OF\(([^)]+)\)/) { - push @lhashlst, $1; - } - } - close(IN); -} - - - -my $old_stackfile = ""; -my $new_stackfile = ""; -my $inside_block = 0; -my $type_thing; - -open(IN, "< $safestack.h") || die "Can't open input file: $!"; -while() { - $old_stackfile .= $_; - - if (m|^/\* This block of defines is updated by util/mkstack.pl, please do not touch! \*/|) { - $inside_block = 1; - } - if (m|^/\* End of util/mkstack.pl block, you may now edit :-\) \*/|) { - $inside_block = 0; - } elsif ($inside_block == 0) { - $new_stackfile .= $_; - } - next if($inside_block != 1); - $new_stackfile .= "/* This block of defines is updated by util/mkstack.pl, please do not touch! */"; - - foreach $type_thing (sort @stacklst) { - $new_stackfile .= <[0]; - my $t2 = $type_thing->[1]; - $new_stackfile .= <$safestack.h" || die "Can't open output file"; - print OUT $new_stackfile; - close OUT; -} diff --git a/src/lib/libcrypto/x509/by_dir.c b/src/lib/libcrypto/x509/by_dir.c deleted file mode 100644 index 2b2733a04b..0000000000 --- a/src/lib/libcrypto/x509/by_dir.c +++ /dev/null @@ -1,407 +0,0 @@ -/* $OpenBSD: by_dir.c,v 1.48 2024/08/31 10:19:17 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include -#include - -#include - -#include -#include - -#include "x509_local.h" - -typedef struct lookup_dir_hashes_st { - unsigned long hash; - int suffix; -} BY_DIR_HASH; - -typedef struct lookup_dir_entry_st { - char *dir; - int dir_type; - STACK_OF(BY_DIR_HASH) *hashes; -} BY_DIR_ENTRY; - -typedef struct lookup_dir_st { - BUF_MEM *buffer; - STACK_OF(BY_DIR_ENTRY) *dirs; -} BY_DIR; - -DECLARE_STACK_OF(BY_DIR_HASH) -DECLARE_STACK_OF(BY_DIR_ENTRY) - -static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, - char **ret); -static int new_dir(X509_LOOKUP *lu); -static void free_dir(X509_LOOKUP *lu); -static int add_cert_dir(BY_DIR *ctx, const char *dir, int type); -static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, - X509_OBJECT *ret); - -static const X509_LOOKUP_METHOD x509_dir_lookup = { - .name = "Load certs from files in a directory", - .new_item = new_dir, - .free = free_dir, - .ctrl = dir_ctrl, - .get_by_subject = get_cert_by_subject, -}; - -const X509_LOOKUP_METHOD * -X509_LOOKUP_hash_dir(void) -{ - return &x509_dir_lookup; -} -LCRYPTO_ALIAS(X509_LOOKUP_hash_dir); - -static int -dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, - char **retp) -{ - BY_DIR *ld = ctx->method_data; - int ret = 0; - - switch (cmd) { - case X509_L_ADD_DIR: - if (argl == X509_FILETYPE_DEFAULT) { - ret = add_cert_dir(ld, X509_get_default_cert_dir(), - X509_FILETYPE_PEM); - if (!ret) { - X509error(X509_R_LOADING_CERT_DIR); - } - } else - ret = add_cert_dir(ld, argp, (int)argl); - break; - } - return ret; -} - -static int -new_dir(X509_LOOKUP *lu) -{ - BY_DIR *a; - - if ((a = malloc(sizeof(*a))) == NULL) { - X509error(ERR_R_MALLOC_FAILURE); - return 0; - } - if ((a->buffer = BUF_MEM_new()) == NULL) { - X509error(ERR_R_MALLOC_FAILURE); - free(a); - return 0; - } - a->dirs = NULL; - lu->method_data = a; - return 1; -} - -static void -by_dir_hash_free(BY_DIR_HASH *hash) -{ - free(hash); -} - -static int -by_dir_hash_cmp(const BY_DIR_HASH * const *a, - const BY_DIR_HASH * const *b) -{ - if ((*a)->hash > (*b)->hash) - return 1; - if ((*a)->hash < (*b)->hash) - return -1; - return 0; -} - -static void -by_dir_entry_free(BY_DIR_ENTRY *ent) -{ - free(ent->dir); - sk_BY_DIR_HASH_pop_free(ent->hashes, by_dir_hash_free); - free(ent); -} - -static void -free_dir(X509_LOOKUP *lu) -{ - BY_DIR *a; - - a = lu->method_data; - sk_BY_DIR_ENTRY_pop_free(a->dirs, by_dir_entry_free); - BUF_MEM_free(a->buffer); - free(a); -} - -static int -add_cert_dir(BY_DIR *ctx, const char *dir, int type) -{ - int j; - const char *s, *ss, *p; - ptrdiff_t len; - - if (dir == NULL || !*dir) { - X509error(X509_R_INVALID_DIRECTORY); - return 0; - } - - s = dir; - p = s; - do { - if ((*p == ':') || (*p == '\0')) { - BY_DIR_ENTRY *ent; - - ss = s; - s = p + 1; - len = p - ss; - if (len == 0) - continue; - for (j = 0; j < sk_BY_DIR_ENTRY_num(ctx->dirs); j++) { - ent = sk_BY_DIR_ENTRY_value(ctx->dirs, j); - if (strlen(ent->dir) == (size_t)len && - strncmp(ent->dir, ss, (size_t)len) == 0) - break; - } - if (j < sk_BY_DIR_ENTRY_num(ctx->dirs)) - continue; - if (ctx->dirs == NULL) { - ctx->dirs = sk_BY_DIR_ENTRY_new_null(); - if (ctx->dirs == NULL) { - X509error(ERR_R_MALLOC_FAILURE); - return 0; - } - } - ent = malloc(sizeof(*ent)); - if (ent == NULL) { - X509error(ERR_R_MALLOC_FAILURE); - return 0; - } - ent->dir_type = type; - ent->hashes = sk_BY_DIR_HASH_new(by_dir_hash_cmp); - ent->dir = strndup(ss, (size_t)len); - if (ent->dir == NULL || ent->hashes == NULL) { - X509error(ERR_R_MALLOC_FAILURE); - by_dir_entry_free(ent); - return 0; - } - if (!sk_BY_DIR_ENTRY_push(ctx->dirs, ent)) { - X509error(ERR_R_MALLOC_FAILURE); - by_dir_entry_free(ent); - return 0; - } - } - } while (*p++ != '\0'); - return 1; -} - -static int -get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, - X509_OBJECT *ret) -{ - BY_DIR *ctx; - union { - struct { - X509 st_x509; - X509_CINF st_x509_cinf; - } x509; - struct { - X509_CRL st_crl; - X509_CRL_INFO st_crl_info; - } crl; - } data; - int ok = 0; - int i, j, k; - unsigned long h; - BUF_MEM *b = NULL; - X509_OBJECT stmp, *tmp; - const char *postfix=""; - - if (name == NULL) - return 0; - - stmp.type = type; - if (type == X509_LU_X509) { - data.x509.st_x509.cert_info = &data.x509.st_x509_cinf; - data.x509.st_x509_cinf.subject = name; - stmp.data.x509 = &data.x509.st_x509; - postfix=""; - } else if (type == X509_LU_CRL) { - data.crl.st_crl.crl = &data.crl.st_crl_info; - data.crl.st_crl_info.issuer = name; - stmp.data.crl = &data.crl.st_crl; - postfix="r"; - } else { - X509error(X509_R_WRONG_LOOKUP_TYPE); - goto finish; - } - - if ((b = BUF_MEM_new()) == NULL) { - X509error(ERR_R_BUF_LIB); - goto finish; - } - - ctx = xl->method_data; - - h = X509_NAME_hash(name); - for (i = 0; i < sk_BY_DIR_ENTRY_num(ctx->dirs); i++) { - BY_DIR_ENTRY *ent; - int idx; - BY_DIR_HASH htmp, *hent; - - ent = sk_BY_DIR_ENTRY_value(ctx->dirs, i); - j = strlen(ent->dir) + 1 + 8 + 6 + 1 + 1; - if (!BUF_MEM_grow(b, j)) { - X509error(ERR_R_MALLOC_FAILURE); - goto finish; - } - if (type == X509_LU_CRL) { - htmp.hash = h; - CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE); - idx = sk_BY_DIR_HASH_find(ent->hashes, &htmp); - if (idx >= 0) { - hent = sk_BY_DIR_HASH_value(ent->hashes, idx); - k = hent->suffix; - } else { - hent = NULL; - k = 0; - } - CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE); - } else { - k = 0; - hent = NULL; - } - for (;;) { - (void) snprintf(b->data, b->max, "%s/%08lx.%s%d", - ent->dir, h, postfix, k); - /* - * Found one. Attempt to load it. This could fail for - * any number of reasons from the file can't be opened, - * the file contains garbage, etc. Clear the error stack - * to avoid exposing the lower level error. These all - * boil down to "we could not find CA/CRL". - */ - if (type == X509_LU_X509) { - if ((X509_load_cert_file(xl, b->data, - ent->dir_type)) == 0) { - ERR_clear_error(); - break; - } - } else if (type == X509_LU_CRL) { - if ((X509_load_crl_file(xl, b->data, - ent->dir_type)) == 0) { - ERR_clear_error(); - break; - } - } - /* The lack of a CA or CRL will be caught higher up. */ - k++; - } - - /* we have added it to the cache so now pull it out again */ - CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); - j = sk_X509_OBJECT_find(xl->store_ctx->objs, &stmp); - tmp = sk_X509_OBJECT_value(xl->store_ctx->objs, j); - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); - - /* If a CRL, update the last file suffix added for this */ - if (type == X509_LU_CRL) { - CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); - /* - * Look for entry again in case another thread added - * an entry first. - */ - if (hent == NULL) { - htmp.hash = h; - idx = sk_BY_DIR_HASH_find(ent->hashes, &htmp); - hent = sk_BY_DIR_HASH_value(ent->hashes, idx); - } - if (hent == NULL) { - hent = malloc(sizeof(*hent)); - if (hent == NULL) { - X509error(ERR_R_MALLOC_FAILURE); - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); - ok = 0; - goto finish; - } - hent->hash = h; - hent->suffix = k; - if (!sk_BY_DIR_HASH_push(ent->hashes, hent)) { - X509error(ERR_R_MALLOC_FAILURE); - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); - free(hent); - ok = 0; - goto finish; - } - } else if (hent->suffix < k) - hent->suffix = k; - - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); - - } - - if (tmp != NULL) { - ok = 1; - ret->type = tmp->type; - memcpy(&ret->data, &tmp->data, sizeof(ret->data)); - goto finish; - } - } -finish: - BUF_MEM_free(b); - return ok; -} diff --git a/src/lib/libcrypto/x509/by_file.c b/src/lib/libcrypto/x509/by_file.c deleted file mode 100644 index 9b0fd2542c..0000000000 --- a/src/lib/libcrypto/x509/by_file.c +++ /dev/null @@ -1,262 +0,0 @@ -/* $OpenBSD: by_file.c,v 1.31 2024/08/31 10:19:17 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include - -#include -#include -#include -#include - -#include "x509_local.h" - -static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, - long argl, char **ret); - -static const X509_LOOKUP_METHOD x509_file_lookup = { - .name = "Load file into cache", - .new_item = NULL, - .free = NULL, - .ctrl = by_file_ctrl, - .get_by_subject = NULL, -}; - -const X509_LOOKUP_METHOD * -X509_LOOKUP_file(void) -{ - return &x509_file_lookup; -} -LCRYPTO_ALIAS(X509_LOOKUP_file); - -static int -by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, - char **ret) -{ - const char *file = argp; - int type = argl; - - if (cmd != X509_L_FILE_LOAD) - return 0; - - if (argl == X509_FILETYPE_DEFAULT) { - file = X509_get_default_cert_file(); - type = X509_FILETYPE_PEM; - } - if (X509_load_cert_crl_file(ctx, file, type) != 0) - return 1; - if (argl == X509_FILETYPE_DEFAULT) - X509error(X509_R_LOADING_DEFAULTS); - - return 0; -} - -int -X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type) -{ - int ret = 0; - BIO *in = NULL; - int i, count = 0; - X509 *x = NULL; - - in = BIO_new(BIO_s_file()); - - if ((in == NULL) || (BIO_read_filename(in, file) <= 0)) { - X509error(ERR_R_SYS_LIB); - goto err; - } - - if (type == X509_FILETYPE_PEM) { - for (;;) { - x = PEM_read_bio_X509_AUX(in, NULL, NULL, ""); - if (x == NULL) { - if ((ERR_GET_REASON(ERR_peek_last_error()) == - PEM_R_NO_START_LINE) && (count > 0)) { - ERR_clear_error(); - break; - } else { - X509error(ERR_R_PEM_LIB); - goto err; - } - } - i = X509_STORE_add_cert(ctx->store_ctx, x); - if (!i) - goto err; - count++; - X509_free(x); - x = NULL; - } - ret = count; - } else if (type == X509_FILETYPE_ASN1) { - x = d2i_X509_bio(in, NULL); - if (x == NULL) { - X509error(ERR_R_ASN1_LIB); - goto err; - } - i = X509_STORE_add_cert(ctx->store_ctx, x); - if (!i) - goto err; - ret = i; - } else { - X509error(X509_R_BAD_X509_FILETYPE); - goto err; - } -err: - X509_free(x); - BIO_free(in); - return ret; -} -LCRYPTO_ALIAS(X509_load_cert_file); - -int -X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type) -{ - int ret = 0; - BIO *in = NULL; - int i, count = 0; - X509_CRL *x = NULL; - - in = BIO_new(BIO_s_file()); - - if ((in == NULL) || (BIO_read_filename(in, file) <= 0)) { - X509error(ERR_R_SYS_LIB); - goto err; - } - - if (type == X509_FILETYPE_PEM) { - for (;;) { - x = PEM_read_bio_X509_CRL(in, NULL, NULL, ""); - if (x == NULL) { - if ((ERR_GET_REASON(ERR_peek_last_error()) == - PEM_R_NO_START_LINE) && (count > 0)) { - ERR_clear_error(); - break; - } else { - X509error(ERR_R_PEM_LIB); - goto err; - } - } - i = X509_STORE_add_crl(ctx->store_ctx, x); - if (!i) - goto err; - count++; - X509_CRL_free(x); - x = NULL; - } - ret = count; - } else if (type == X509_FILETYPE_ASN1) { - x = d2i_X509_CRL_bio(in, NULL); - if (x == NULL) { - X509error(ERR_R_ASN1_LIB); - goto err; - } - i = X509_STORE_add_crl(ctx->store_ctx, x); - if (!i) - goto err; - ret = i; - } else { - X509error(X509_R_BAD_X509_FILETYPE); - goto err; - } -err: - X509_CRL_free(x); - BIO_free(in); - return ret; -} -LCRYPTO_ALIAS(X509_load_crl_file); - -int -X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type) -{ - STACK_OF(X509_INFO) *inf; - X509_INFO *itmp; - BIO *in; - int i, count = 0; - - if (type != X509_FILETYPE_PEM) - return X509_load_cert_file(ctx, file, type); - in = BIO_new_file(file, "r"); - if (!in) { - X509error(ERR_R_SYS_LIB); - return 0; - } - inf = PEM_X509_INFO_read_bio(in, NULL, NULL, ""); - BIO_free(in); - if (!inf) { - X509error(ERR_R_PEM_LIB); - return 0; - } - for (i = 0; i < sk_X509_INFO_num(inf); i++) { - itmp = sk_X509_INFO_value(inf, i); - if (itmp->x509) { - X509_STORE_add_cert(ctx->store_ctx, itmp->x509); - count++; - } - if (itmp->crl) { - X509_STORE_add_crl(ctx->store_ctx, itmp->crl); - count++; - } - } - if (count == 0) - X509error(X509_R_NO_CERTIFICATE_OR_CRL_FOUND); - sk_X509_INFO_pop_free(inf, X509_INFO_free); - return count; -} -LCRYPTO_ALIAS(X509_load_cert_crl_file); diff --git a/src/lib/libcrypto/x509/by_mem.c b/src/lib/libcrypto/x509/by_mem.c deleted file mode 100644 index 71afefa8a4..0000000000 --- a/src/lib/libcrypto/x509/by_mem.c +++ /dev/null @@ -1,136 +0,0 @@ -/* $OpenBSD: by_mem.c,v 1.10 2024/08/31 10:19:17 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include - -#include "x509_local.h" - -static int by_mem_ctrl(X509_LOOKUP *, int, const char *, long, char **); - -static const X509_LOOKUP_METHOD x509_mem_lookup = { - .name = "Load cert from memory", - .new_item = NULL, - .free = NULL, - .ctrl = by_mem_ctrl, - .get_by_subject = NULL, -}; - -const X509_LOOKUP_METHOD * -X509_LOOKUP_mem(void) -{ - return (&x509_mem_lookup); -} -LCRYPTO_ALIAS(X509_LOOKUP_mem); - -static int -by_mem_ctrl(X509_LOOKUP *lu, int cmd, const char *buf, - long type, char **ret) -{ - STACK_OF(X509_INFO) *inf = NULL; - const struct iovec *iov; - X509_INFO *itmp; - BIO *in = NULL; - int i, count = 0, ok = 0; - - iov = (const struct iovec *)buf; - - if (!(cmd == X509_L_MEM && type == X509_FILETYPE_PEM)) - goto done; - - if ((in = BIO_new_mem_buf(iov->iov_base, iov->iov_len)) == NULL) - goto done; - - if ((inf = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL)) == NULL) - goto done; - - for (i = 0; i < sk_X509_INFO_num(inf); i++) { - itmp = sk_X509_INFO_value(inf, i); - if (itmp->x509) { - ok = X509_STORE_add_cert(lu->store_ctx, itmp->x509); - if (!ok) - goto done; - count++; - } - if (itmp->crl) { - ok = X509_STORE_add_crl(lu->store_ctx, itmp->crl); - if (!ok) - goto done; - count++; - } - } - - ok = count != 0; - done: - if (count == 0) - X509error(ERR_R_PEM_LIB); - if (inf != NULL) - sk_X509_INFO_pop_free(inf, X509_INFO_free); - if (in != NULL) - BIO_free(in); - return (ok); -} diff --git a/src/lib/libcrypto/x509/x509.h b/src/lib/libcrypto/x509/x509.h deleted file mode 100644 index a198b23202..0000000000 --- a/src/lib/libcrypto/x509/x509.h +++ /dev/null @@ -1,1041 +0,0 @@ -/* $OpenBSD: x509.h,v 1.121 2025/03/09 15:17:22 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * ECDH support in OpenSSL originally developed by - * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. - */ - -#ifndef HEADER_X509_H -#define HEADER_X509_H - -#include - -#include -#ifndef OPENSSL_NO_BIO -#include -#endif -#ifndef OPENSSL_NO_BUFFER -#include -#endif -#ifndef OPENSSL_NO_DH -#include -#endif -#ifndef OPENSSL_NO_DSA -#include -#endif -#ifndef OPENSSL_NO_EC -#include -#endif -#ifndef OPENSSL_NO_EVP -#include -#endif -#ifndef OPENSSL_NO_RSA -#include -#endif -#ifndef OPENSSL_NO_SHA -#include -#endif -#include -#include - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#define X509_FILETYPE_PEM 1 -#define X509_FILETYPE_ASN1 2 -#define X509_FILETYPE_DEFAULT 3 - -#define X509v3_KU_DIGITAL_SIGNATURE 0x0080 -#define X509v3_KU_NON_REPUDIATION 0x0040 -#define X509v3_KU_KEY_ENCIPHERMENT 0x0020 -#define X509v3_KU_DATA_ENCIPHERMENT 0x0010 -#define X509v3_KU_KEY_AGREEMENT 0x0008 -#define X509v3_KU_KEY_CERT_SIGN 0x0004 -#define X509v3_KU_CRL_SIGN 0x0002 -#define X509v3_KU_ENCIPHER_ONLY 0x0001 -#define X509v3_KU_DECIPHER_ONLY 0x8000 -#define X509v3_KU_UNDEF 0xffff - -struct X509_algor_st { - ASN1_OBJECT *algorithm; - ASN1_TYPE *parameter; -} /* X509_ALGOR */; - -typedef STACK_OF(X509_ALGOR) X509_ALGORS; - -typedef struct X509_val_st X509_VAL; - -typedef struct X509_sig_st X509_SIG; - -typedef struct X509_name_entry_st X509_NAME_ENTRY; - -DECLARE_STACK_OF(X509_NAME_ENTRY) - -DECLARE_STACK_OF(X509_NAME) - -typedef struct X509_extension_st X509_EXTENSION; - -typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS; - -DECLARE_STACK_OF(X509_EXTENSION) - -typedef struct x509_attributes_st X509_ATTRIBUTE; - -DECLARE_STACK_OF(X509_ATTRIBUTE) - -typedef struct X509_req_info_st X509_REQ_INFO; - -typedef struct X509_req_st X509_REQ; - -typedef struct x509_cinf_st X509_CINF; - -DECLARE_STACK_OF(X509) - -#define X509_TRUST_COMPAT 1 -#define X509_TRUST_SSL_CLIENT 2 -#define X509_TRUST_SSL_SERVER 3 -#define X509_TRUST_EMAIL 4 -#define X509_TRUST_OBJECT_SIGN 5 -#define X509_TRUST_OCSP_SIGN 6 -#define X509_TRUST_OCSP_REQUEST 7 -#define X509_TRUST_TSA 8 - -/* Keep these up to date! */ -#define X509_TRUST_MIN 1 -#define X509_TRUST_MAX 8 - -/* Flags for X509_print_ex() */ - -#define X509_FLAG_COMPAT 0 -#define X509_FLAG_NO_HEADER 1L -#define X509_FLAG_NO_VERSION (1L << 1) -#define X509_FLAG_NO_SERIAL (1L << 2) -#define X509_FLAG_NO_SIGNAME (1L << 3) -#define X509_FLAG_NO_ISSUER (1L << 4) -#define X509_FLAG_NO_VALIDITY (1L << 5) -#define X509_FLAG_NO_SUBJECT (1L << 6) -#define X509_FLAG_NO_PUBKEY (1L << 7) -#define X509_FLAG_NO_EXTENSIONS (1L << 8) -#define X509_FLAG_NO_SIGDUMP (1L << 9) -#define X509_FLAG_NO_AUX (1L << 10) -#define X509_FLAG_NO_ATTRIBUTES (1L << 11) - -/* Flags specific to X509_NAME_print_ex() */ - -/* The field separator information */ - -#define XN_FLAG_SEP_MASK (0xf << 16) - -#define XN_FLAG_COMPAT 0 /* Traditional SSLeay: use old X509_NAME_print */ -#define XN_FLAG_SEP_COMMA_PLUS (1 << 16) /* RFC2253 ,+ */ -#define XN_FLAG_SEP_CPLUS_SPC (2 << 16) /* ,+ spaced: more readable */ -#define XN_FLAG_SEP_SPLUS_SPC (3 << 16) /* ;+ spaced */ -#define XN_FLAG_SEP_MULTILINE (4 << 16) /* One line per field */ - -#define XN_FLAG_DN_REV (1 << 20) /* Reverse DN order */ - -/* How the field name is shown */ - -#define XN_FLAG_FN_MASK (0x3 << 21) - -#define XN_FLAG_FN_SN 0 /* Object short name */ -#define XN_FLAG_FN_LN (1 << 21) /* Object long name */ -#define XN_FLAG_FN_OID (2 << 21) /* Always use OIDs */ -#define XN_FLAG_FN_NONE (3 << 21) /* No field names */ - -#define XN_FLAG_SPC_EQ (1 << 23) /* Put spaces round '=' */ - -/* This determines if we dump fields we don't recognise: - * RFC2253 requires this. - */ - -#define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24) - -#define XN_FLAG_FN_ALIGN (1 << 25) /* Align field names to 20 characters */ - -/* Complete set of RFC2253 flags */ - -#define XN_FLAG_RFC2253 (ASN1_STRFLGS_RFC2253 | \ - XN_FLAG_SEP_COMMA_PLUS | \ - XN_FLAG_DN_REV | \ - XN_FLAG_FN_SN | \ - XN_FLAG_DUMP_UNKNOWN_FIELDS) - -/* readable oneline form */ - -#define XN_FLAG_ONELINE (ASN1_STRFLGS_RFC2253 | \ - ASN1_STRFLGS_ESC_QUOTE | \ - XN_FLAG_SEP_CPLUS_SPC | \ - XN_FLAG_SPC_EQ | \ - XN_FLAG_FN_SN) - -/* readable multiline form */ - -#define XN_FLAG_MULTILINE (ASN1_STRFLGS_ESC_CTRL | \ - ASN1_STRFLGS_ESC_MSB | \ - XN_FLAG_SEP_MULTILINE | \ - XN_FLAG_SPC_EQ | \ - XN_FLAG_FN_LN | \ - XN_FLAG_FN_ALIGN) - -DECLARE_STACK_OF(X509_REVOKED) - -typedef struct X509_crl_info_st X509_CRL_INFO; - -DECLARE_STACK_OF(X509_CRL) - -typedef struct private_key_st { - int version; - /* The PKCS#8 data types */ - X509_ALGOR *enc_algor; - ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */ - - /* When decrypted, the following will not be NULL */ - EVP_PKEY *dec_pkey; - - /* used to encrypt and decrypt */ - int key_length; - char *key_data; - int key_free; /* true if we should auto free key_data */ - - /* expanded version of 'enc_algor' */ - EVP_CIPHER_INFO cipher; - - int references; -} X509_PKEY; - -#ifndef OPENSSL_NO_EVP -typedef struct X509_info_st { - X509 *x509; - X509_CRL *crl; - X509_PKEY *x_pkey; - - EVP_CIPHER_INFO enc_cipher; - int enc_len; - char *enc_data; - - int references; -} X509_INFO; - -DECLARE_STACK_OF(X509_INFO) -#endif - -/* The next 2 structures and their 8 routines were sent to me by - * Pat Richard and are used to manipulate - * Netscapes spki structures - useful if you are writing a CA web page - */ -typedef struct Netscape_spkac_st { - X509_PUBKEY *pubkey; - ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */ -} NETSCAPE_SPKAC; - -typedef struct Netscape_spki_st { - NETSCAPE_SPKAC *spkac; /* signed public key and challenge */ - X509_ALGOR *sig_algor; - ASN1_BIT_STRING *signature; -} NETSCAPE_SPKI; - -typedef struct PBEPARAM_st { - ASN1_OCTET_STRING *salt; - ASN1_INTEGER *iter; -} PBEPARAM; - -#ifdef __cplusplus -} -#endif - -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#define X509_extract_key(x) X509_get_pubkey(x) /*****/ -#define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a) -#define X509_name_cmp(a,b) X509_NAME_cmp((a),(b)) - -int X509_CRL_up_ref(X509_CRL *x); -int X509_CRL_get_signature_nid(const X509_CRL *crl); - -int i2d_re_X509_CRL_tbs(X509_CRL *req, unsigned char **pp); - -const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl); -long X509_CRL_get_version(const X509_CRL *crl); -const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl); -const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl); -ASN1_TIME *X509_CRL_get_lastUpdate(X509_CRL *crl); -ASN1_TIME *X509_CRL_get_nextUpdate(X509_CRL *crl); -X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl); -STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl); -void X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig, - const X509_ALGOR **palg); - -const X509_ALGOR *X509_CRL_get0_tbs_sigalg(const X509_CRL *crl); - -int X509_REQ_get_signature_nid(const X509_REQ *req); - -void X509_REQ_get0_signature(const X509_REQ *req, const ASN1_BIT_STRING **psig, - const X509_ALGOR **palg); - -X509_PUBKEY *X509_get_X509_PUBKEY(const X509 *x); - -const char *X509_verify_cert_error_string(long n); - -#ifndef OPENSSL_NO_EVP -int X509_verify(X509 *a, EVP_PKEY *r); - -int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r); -int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r); -int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r); - -NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len); -char * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *x); -EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x); -int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey); - -int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki); - -int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent); -int X509_signature_print(BIO *bp, const X509_ALGOR *alg, - const ASN1_STRING *sig); - -int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); -int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx); -int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md); -int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx); -int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md); -int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx); -int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md); - -int X509_pubkey_digest(const X509 *data,const EVP_MD *type, - unsigned char *md, unsigned int *len); -int X509_digest(const X509 *data,const EVP_MD *type, - unsigned char *md, unsigned int *len); -int X509_CRL_digest(const X509_CRL *data,const EVP_MD *type, - unsigned char *md, unsigned int *len); -int X509_REQ_digest(const X509_REQ *data,const EVP_MD *type, - unsigned char *md, unsigned int *len); -int X509_NAME_digest(const X509_NAME *data,const EVP_MD *type, - unsigned char *md, unsigned int *len); -#endif - -X509 *d2i_X509_fp(FILE *fp, X509 **x509); -int i2d_X509_fp(FILE *fp,X509 *x509); -X509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL **crl); -int i2d_X509_CRL_fp(FILE *fp,X509_CRL *crl); -X509_REQ *d2i_X509_REQ_fp(FILE *fp,X509_REQ **req); -int i2d_X509_REQ_fp(FILE *fp,X509_REQ *req); -#ifndef OPENSSL_NO_RSA -RSA *d2i_RSAPrivateKey_fp(FILE *fp,RSA **rsa); -int i2d_RSAPrivateKey_fp(FILE *fp,RSA *rsa); -RSA *d2i_RSAPublicKey_fp(FILE *fp,RSA **rsa); -int i2d_RSAPublicKey_fp(FILE *fp,RSA *rsa); -RSA *d2i_RSA_PUBKEY_fp(FILE *fp,RSA **rsa); -int i2d_RSA_PUBKEY_fp(FILE *fp,RSA *rsa); -#endif -#ifndef OPENSSL_NO_DSA -DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa); -int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa); -DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa); -int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa); -#endif -#ifndef OPENSSL_NO_EC -EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey); -int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey); -EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey); -int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey); -#endif -X509_SIG *d2i_PKCS8_fp(FILE *fp,X509_SIG **p8); -int i2d_PKCS8_fp(FILE *fp,X509_SIG *p8); -PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, - PKCS8_PRIV_KEY_INFO **p8inf); -int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,PKCS8_PRIV_KEY_INFO *p8inf); -int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key); -int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey); -EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a); -int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey); -EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a); - -#ifndef OPENSSL_NO_BIO -X509 *d2i_X509_bio(BIO *bp,X509 **x509); -int i2d_X509_bio(BIO *bp,X509 *x509); -X509_CRL *d2i_X509_CRL_bio(BIO *bp,X509_CRL **crl); -int i2d_X509_CRL_bio(BIO *bp,X509_CRL *crl); -X509_REQ *d2i_X509_REQ_bio(BIO *bp,X509_REQ **req); -int i2d_X509_REQ_bio(BIO *bp,X509_REQ *req); -#ifndef OPENSSL_NO_RSA -RSA *d2i_RSAPrivateKey_bio(BIO *bp,RSA **rsa); -int i2d_RSAPrivateKey_bio(BIO *bp,RSA *rsa); -RSA *d2i_RSAPublicKey_bio(BIO *bp,RSA **rsa); -int i2d_RSAPublicKey_bio(BIO *bp,RSA *rsa); -RSA *d2i_RSA_PUBKEY_bio(BIO *bp,RSA **rsa); -int i2d_RSA_PUBKEY_bio(BIO *bp,RSA *rsa); -#endif -#ifndef OPENSSL_NO_DSA -DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa); -int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa); -DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa); -int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa); -#endif -#ifndef OPENSSL_NO_EC -EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey); -int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey); -EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey); -int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey); -#endif -X509_SIG *d2i_PKCS8_bio(BIO *bp,X509_SIG **p8); -int i2d_PKCS8_bio(BIO *bp,X509_SIG *p8); -PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, - PKCS8_PRIV_KEY_INFO **p8inf); -int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,PKCS8_PRIV_KEY_INFO *p8inf); -int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key); -int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey); -EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a); -int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey); -EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a); -#endif - -X509 *X509_dup(X509 *x509); -X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa); -X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex); -X509_CRL *X509_CRL_dup(X509_CRL *crl); -X509_REQ *X509_REQ_dup(X509_REQ *req); -X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn); -int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval); -void X509_ALGOR_get0(const ASN1_OBJECT **paobj, int *pptype, const void **ppval, - const X509_ALGOR *algor); -int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b); - -X509_NAME *X509_NAME_dup(X509_NAME *xn); -int X509_NAME_get0_der(X509_NAME *nm, const unsigned char **pder, size_t *pderlen); -X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne); - -int X509_cmp_time(const ASN1_TIME *s, time_t *t); -int X509_cmp_current_time(const ASN1_TIME *s); -ASN1_TIME * X509_time_adj(ASN1_TIME *s, long adj, time_t *t); -ASN1_TIME * X509_time_adj_ex(ASN1_TIME *s, - int offset_day, long offset_sec, time_t *t); -ASN1_TIME * X509_gmtime_adj(ASN1_TIME *s, long adj); - -const char * X509_get_default_cert_area(void ); -const char * X509_get_default_cert_dir(void ); -const char * X509_get_default_cert_file(void ); -const char * X509_get_default_cert_dir_env(void ); -const char * X509_get_default_cert_file_env(void ); -const char * X509_get_default_private_dir(void ); - -X509_REQ * X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); -X509 * X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey); - -X509_ALGOR *X509_ALGOR_new(void); -void X509_ALGOR_free(X509_ALGOR *a); -X509_ALGOR *d2i_X509_ALGOR(X509_ALGOR **a, const unsigned char **in, long len); -int i2d_X509_ALGOR(X509_ALGOR *a, unsigned char **out); -extern const ASN1_ITEM X509_ALGOR_it; -X509_ALGORS *d2i_X509_ALGORS(X509_ALGORS **a, const unsigned char **in, long len); -int i2d_X509_ALGORS(X509_ALGORS *a, unsigned char **out); -extern const ASN1_ITEM X509_ALGORS_it; -X509_VAL *X509_VAL_new(void); -void X509_VAL_free(X509_VAL *a); -X509_VAL *d2i_X509_VAL(X509_VAL **a, const unsigned char **in, long len); -int i2d_X509_VAL(X509_VAL *a, unsigned char **out); -extern const ASN1_ITEM X509_VAL_it; - -X509_PUBKEY *X509_PUBKEY_new(void); -void X509_PUBKEY_free(X509_PUBKEY *a); -X509_PUBKEY *d2i_X509_PUBKEY(X509_PUBKEY **a, const unsigned char **in, long len); -int i2d_X509_PUBKEY(X509_PUBKEY *a, unsigned char **out); -extern const ASN1_ITEM X509_PUBKEY_it; - -int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey); -EVP_PKEY * X509_PUBKEY_get(X509_PUBKEY *key); -EVP_PKEY * X509_PUBKEY_get0(X509_PUBKEY *key); -int X509_get_pubkey_parameters(EVP_PKEY *pkey, - STACK_OF(X509) *chain); -int i2d_PUBKEY(EVP_PKEY *a,unsigned char **pp); -EVP_PKEY * d2i_PUBKEY(EVP_PKEY **a,const unsigned char **pp, - long length); -#ifndef OPENSSL_NO_RSA -int i2d_RSA_PUBKEY(RSA *a,unsigned char **pp); -RSA * d2i_RSA_PUBKEY(RSA **a,const unsigned char **pp, - long length); -#endif -#ifndef OPENSSL_NO_DSA -int i2d_DSA_PUBKEY(DSA *a,unsigned char **pp); -DSA * d2i_DSA_PUBKEY(DSA **a,const unsigned char **pp, - long length); -#endif -#ifndef OPENSSL_NO_EC -int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp); -EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, - long length); -#endif - -X509_SIG *X509_SIG_new(void); -void X509_SIG_free(X509_SIG *a); -X509_SIG *d2i_X509_SIG(X509_SIG **a, const unsigned char **in, long len); -int i2d_X509_SIG(X509_SIG *a, unsigned char **out); -extern const ASN1_ITEM X509_SIG_it; -void X509_SIG_get0(const X509_SIG *sig, const X509_ALGOR **palg, - const ASN1_OCTET_STRING **pdigest); -void X509_SIG_getm(X509_SIG *sig, X509_ALGOR **palg, - ASN1_OCTET_STRING **pdigest); - -X509_REQ_INFO *X509_REQ_INFO_new(void); -void X509_REQ_INFO_free(X509_REQ_INFO *a); -X509_REQ_INFO *d2i_X509_REQ_INFO(X509_REQ_INFO **a, const unsigned char **in, long len); -int i2d_X509_REQ_INFO(X509_REQ_INFO *a, unsigned char **out); -extern const ASN1_ITEM X509_REQ_INFO_it; -X509_REQ *X509_REQ_new(void); -void X509_REQ_free(X509_REQ *a); -X509_REQ *d2i_X509_REQ(X509_REQ **a, const unsigned char **in, long len); -int i2d_X509_REQ(X509_REQ *a, unsigned char **out); -extern const ASN1_ITEM X509_REQ_it; - -X509_ATTRIBUTE *X509_ATTRIBUTE_new(void); -void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a); -X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a, const unsigned char **in, long len); -int i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a, unsigned char **out); -extern const ASN1_ITEM X509_ATTRIBUTE_it; -X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value); - -X509_EXTENSION *X509_EXTENSION_new(void); -void X509_EXTENSION_free(X509_EXTENSION *a); -X509_EXTENSION *d2i_X509_EXTENSION(X509_EXTENSION **a, const unsigned char **in, long len); -int i2d_X509_EXTENSION(X509_EXTENSION *a, unsigned char **out); -extern const ASN1_ITEM X509_EXTENSION_it; -X509_EXTENSIONS *d2i_X509_EXTENSIONS(X509_EXTENSIONS **a, const unsigned char **in, long len); -int i2d_X509_EXTENSIONS(X509_EXTENSIONS *a, unsigned char **out); -extern const ASN1_ITEM X509_EXTENSIONS_it; - -X509_NAME_ENTRY *X509_NAME_ENTRY_new(void); -void X509_NAME_ENTRY_free(X509_NAME_ENTRY *a); -X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **a, const unsigned char **in, long len); -int i2d_X509_NAME_ENTRY(X509_NAME_ENTRY *a, unsigned char **out); -extern const ASN1_ITEM X509_NAME_ENTRY_it; - -X509_NAME *X509_NAME_new(void); -void X509_NAME_free(X509_NAME *a); -X509_NAME *d2i_X509_NAME(X509_NAME **a, const unsigned char **in, long len); -int i2d_X509_NAME(X509_NAME *a, unsigned char **out); -extern const ASN1_ITEM X509_NAME_it; - -int X509_NAME_set(X509_NAME **xn, X509_NAME *name); - -X509_CINF *X509_CINF_new(void); -void X509_CINF_free(X509_CINF *a); -X509_CINF *d2i_X509_CINF(X509_CINF **a, const unsigned char **in, long len); -int i2d_X509_CINF(X509_CINF *a, unsigned char **out); -extern const ASN1_ITEM X509_CINF_it; - -X509 *X509_new(void); -void X509_free(X509 *a); -X509 *d2i_X509(X509 **a, const unsigned char **in, long len); -int i2d_X509(X509 *a, unsigned char **out); -extern const ASN1_ITEM X509_it; - -int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int X509_set_ex_data(X509 *r, int idx, void *arg); -void *X509_get_ex_data(X509 *r, int idx); -int i2d_X509_AUX(X509 *a,unsigned char **pp); -X509 * d2i_X509_AUX(X509 **a,const unsigned char **pp,long length); - -int i2d_re_X509_tbs(X509 *x, unsigned char **pp); - -/* Flags returned by X509_get_signature_info(): valid and suitable for TLS. */ -#define X509_SIG_INFO_VALID 1 -#define X509_SIG_INFO_TLS 2 -int X509_get_signature_info(X509 *x, int *mdnid, int *pknid, int *secbits, - uint32_t *flags); - -void X509_get0_signature(const ASN1_BIT_STRING **psig, - const X509_ALGOR **palg, const X509 *x); -int X509_get_signature_nid(const X509 *x); - -int X509_alias_set1(X509 *x, const unsigned char *name, int len); -int X509_keyid_set1(X509 *x, const unsigned char *id, int len); -unsigned char *X509_alias_get0(X509 *x, int *len); -unsigned char *X509_keyid_get0(X509 *x, int *len); -int X509_add1_trust_object(X509 *x, const ASN1_OBJECT *obj); -int X509_add1_reject_object(X509 *x, const ASN1_OBJECT *obj); -void X509_trust_clear(X509 *x); -void X509_reject_clear(X509 *x); - -X509_REVOKED *X509_REVOKED_new(void); -void X509_REVOKED_free(X509_REVOKED *a); -X509_REVOKED *X509_REVOKED_dup(X509_REVOKED *a); -X509_REVOKED *d2i_X509_REVOKED(X509_REVOKED **a, const unsigned char **in, long len); -int i2d_X509_REVOKED(X509_REVOKED *a, unsigned char **out); -extern const ASN1_ITEM X509_REVOKED_it; - -X509_CRL_INFO *X509_CRL_INFO_new(void); -void X509_CRL_INFO_free(X509_CRL_INFO *a); -X509_CRL_INFO *d2i_X509_CRL_INFO(X509_CRL_INFO **a, const unsigned char **in, long len); -int i2d_X509_CRL_INFO(X509_CRL_INFO *a, unsigned char **out); -extern const ASN1_ITEM X509_CRL_INFO_it; - -X509_CRL *X509_CRL_new(void); -void X509_CRL_free(X509_CRL *a); -X509_CRL *d2i_X509_CRL(X509_CRL **a, const unsigned char **in, long len); -int i2d_X509_CRL(X509_CRL *a, unsigned char **out); -extern const ASN1_ITEM X509_CRL_it; - -int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev); -int X509_CRL_get0_by_serial(X509_CRL *crl, - X509_REVOKED **ret, ASN1_INTEGER *serial); -int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x); - -X509_PKEY * X509_PKEY_new(void ); -void X509_PKEY_free(X509_PKEY *a); - -NETSCAPE_SPKI *NETSCAPE_SPKI_new(void); -void NETSCAPE_SPKI_free(NETSCAPE_SPKI *a); -NETSCAPE_SPKI *d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **a, const unsigned char **in, long len); -int i2d_NETSCAPE_SPKI(NETSCAPE_SPKI *a, unsigned char **out); -extern const ASN1_ITEM NETSCAPE_SPKI_it; -NETSCAPE_SPKAC *NETSCAPE_SPKAC_new(void); -void NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a); -NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a, const unsigned char **in, long len); -int i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a, unsigned char **out); -extern const ASN1_ITEM NETSCAPE_SPKAC_it; - -#ifndef OPENSSL_NO_EVP -X509_INFO * X509_INFO_new(void); -void X509_INFO_free(X509_INFO *a); -char * X509_NAME_oneline(const X509_NAME *a, char *buf, int size); - -int ASN1_item_digest(const ASN1_ITEM *it,const EVP_MD *type,void *data, - unsigned char *md,unsigned int *len); - -int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *algor1, - ASN1_BIT_STRING *signature,void *data,EVP_PKEY *pkey); - -int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, - ASN1_BIT_STRING *signature, - void *data, EVP_PKEY *pkey, const EVP_MD *type); -int ASN1_item_sign_ctx(const ASN1_ITEM *it, - X509_ALGOR *algor1, X509_ALGOR *algor2, - ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx); -#endif - -const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x); -void X509_get0_uids(const X509 *x, const ASN1_BIT_STRING **issuerUID, - const ASN1_BIT_STRING **subjectUID); -const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x); -int X509_set_version(X509 *x, long version); -long X509_get_version(const X509 *x); -int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial); -ASN1_INTEGER * X509_get_serialNumber(X509 *x); -const ASN1_INTEGER *X509_get0_serialNumber(const X509 *x); -int X509_set_issuer_name(X509 *x, X509_NAME *name); -X509_NAME * X509_get_issuer_name(const X509 *a); -int X509_set_subject_name(X509 *x, X509_NAME *name); -X509_NAME * X509_get_subject_name(const X509 *a); -int X509_set_notBefore(X509 *x, const ASN1_TIME *tm); -int X509_set1_notBefore(X509 *x, const ASN1_TIME *tm); -int X509_set_notAfter(X509 *x, const ASN1_TIME *tm); -int X509_set1_notAfter(X509 *x, const ASN1_TIME *tm); -const ASN1_TIME *X509_get0_notBefore(const X509 *x); -ASN1_TIME *X509_getm_notBefore(const X509 *x); -const ASN1_TIME *X509_get0_notAfter(const X509 *x); -ASN1_TIME *X509_getm_notAfter(const X509 *x); -int X509_set_pubkey(X509 *x, EVP_PKEY *pkey); -EVP_PKEY * X509_get_pubkey(X509 *x); -EVP_PKEY * X509_get0_pubkey(const X509 *x); -ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x); -int X509_certificate_type(const X509 *x, const EVP_PKEY *pubkey); -int X509_get_signature_type(const X509 *x); - -#define X509_get_notBefore X509_getm_notBefore -#define X509_get_notAfter X509_getm_notAfter - -int X509_REQ_set_version(X509_REQ *x,long version); -long X509_REQ_get_version(const X509_REQ *x); -int X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name); -X509_NAME *X509_REQ_get_subject_name(const X509_REQ *x); -int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey); -EVP_PKEY * X509_REQ_get_pubkey(X509_REQ *req); -int i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp); -EVP_PKEY * X509_REQ_get0_pubkey(X509_REQ *req); -int X509_REQ_extension_nid(int nid); -STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req); -int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts, - int nid); -int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts); -int X509_REQ_get_attr_count(const X509_REQ *req); -int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, - int lastpos); -int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, const ASN1_OBJECT *obj, - int lastpos); -X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc); -X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc); -int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr); -int X509_REQ_add1_attr_by_OBJ(X509_REQ *req, - const ASN1_OBJECT *obj, int type, - const unsigned char *bytes, int len); -int X509_REQ_add1_attr_by_NID(X509_REQ *req, - int nid, int type, - const unsigned char *bytes, int len); -int X509_REQ_add1_attr_by_txt(X509_REQ *req, - const char *attrname, int type, - const unsigned char *bytes, int len); - -int X509_CRL_set_version(X509_CRL *x, long version); -int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name); -int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm); -int X509_CRL_set1_lastUpdate(X509_CRL *x, const ASN1_TIME *tm); -int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm); -int X509_CRL_set1_nextUpdate(X509_CRL *x, const ASN1_TIME *tm); -int X509_CRL_sort(X509_CRL *crl); - -const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(const X509_REVOKED *x); -const ASN1_TIME *X509_REVOKED_get0_revocationDate(const X509_REVOKED *x); -const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(const X509_REVOKED *x); -int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm); -int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial); - -int X509_REQ_check_private_key(X509_REQ *x509,EVP_PKEY *pkey); - -int X509_check_private_key(const X509 *x509, const EVP_PKEY *pkey); - -int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b); -unsigned long X509_issuer_and_serial_hash(X509 *a); - -int X509_issuer_name_cmp(const X509 *a, const X509 *b); -unsigned long X509_issuer_name_hash(X509 *a); - -int X509_subject_name_cmp(const X509 *a, const X509 *b); -unsigned long X509_subject_name_hash(X509 *x); - -#ifndef OPENSSL_NO_MD5 -unsigned long X509_issuer_name_hash_old(X509 *a); -unsigned long X509_subject_name_hash_old(X509 *x); -#endif - -int X509_cmp(const X509 *a, const X509 *b); -int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b); -unsigned long X509_NAME_hash(X509_NAME *x); -unsigned long X509_NAME_hash_old(X509_NAME *x); - -int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b); -int X509_CRL_match(const X509_CRL *a, const X509_CRL *b); -int X509_print_ex_fp(FILE *bp,X509 *x, unsigned long nmflag, unsigned long cflag); -int X509_print_fp(FILE *bp,X509 *x); -int X509_CRL_print_fp(FILE *bp,X509_CRL *x); -int X509_REQ_print_fp(FILE *bp,X509_REQ *req); -int X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm, int indent, - unsigned long flags); - -#ifndef OPENSSL_NO_BIO -int X509_NAME_print_ex(BIO *out, const X509_NAME *nm, int indent, - unsigned long flags); -int X509_print_ex(BIO *bp,X509 *x, unsigned long nmflag, unsigned long cflag); -int X509_print(BIO *bp,X509 *x); -int X509_ocspid_print(BIO *bp,X509 *x); -int X509_CRL_print(BIO *bp,X509_CRL *x); -int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag, unsigned long cflag); -int X509_REQ_print(BIO *bp,X509_REQ *req); -#endif - -int X509_NAME_entry_count(const X509_NAME *name); -int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, - char *buf,int len); -int X509_NAME_get_text_by_OBJ(X509_NAME *name, - const ASN1_OBJECT *obj, char *buf,int len); - -/* NOTE: you should be passing -1, not 0 as lastpos. The functions that use - * lastpos, search after that position on. */ -int X509_NAME_get_index_by_NID(const X509_NAME *name, int nid, - int lastpos); -int X509_NAME_get_index_by_OBJ(const X509_NAME *name, - const ASN1_OBJECT *obj, int lastpos); -X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name, int loc); -X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc); -int X509_NAME_add_entry(X509_NAME *name, const X509_NAME_ENTRY *ne, - int loc, int set); -int X509_NAME_add_entry_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, - int type, const unsigned char *bytes, int len, int loc, int set); -int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, - const unsigned char *bytes, int len, int loc, int set); -X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, - const char *field, int type, const unsigned char *bytes, int len); -X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, - int type, const unsigned char *bytes, int len); -int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type, - const unsigned char *bytes, int len, int loc, int set); -X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, - const ASN1_OBJECT *obj, int type, - const unsigned char *bytes, int len); -int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, - const ASN1_OBJECT *obj); -int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, - const unsigned char *bytes, int len); -ASN1_OBJECT * X509_NAME_ENTRY_get_object(const X509_NAME_ENTRY *ne); -ASN1_STRING * X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne); -int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne); - -int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x); -int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, - int nid, int lastpos); -int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x, - const ASN1_OBJECT *obj, int lastpos); -int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x, - int crit, int lastpos); -X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc); -X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc); -STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, - X509_EXTENSION *ex, int loc); - -int X509_get_ext_count(const X509 *x); -int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos); -int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, - int lastpos); -int X509_get_ext_by_critical(const X509 *x, int crit, int lastpos); -X509_EXTENSION *X509_get_ext(const X509 *x, int loc); -X509_EXTENSION *X509_delete_ext(X509 *x, int loc); -int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); -void * X509_get_ext_d2i(const X509 *x, int nid, int *crit, int *idx); -int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit, - unsigned long flags); - -int X509_CRL_get_ext_count(const X509_CRL *x); -int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, - int lastpos); -int X509_CRL_get_ext_by_OBJ(const X509_CRL *x, - const ASN1_OBJECT *obj, int lastpos); -int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, - int lastpos); -X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc); -X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc); -int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc); -void * X509_CRL_get_ext_d2i(const X509_CRL *x, int nid, int *crit, - int *idx); -int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, - int crit, unsigned long flags); - -int X509_REVOKED_get_ext_count(const X509_REVOKED *x); -int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, - int lastpos); -int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, - const ASN1_OBJECT *obj, int lastpos); -int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, - int crit, int lastpos); -X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x, int loc); -X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc); -int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, - int loc); -void * X509_REVOKED_get_ext_d2i(const X509_REVOKED *x, int nid, - int *crit, int *idx); -int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, - int crit, unsigned long flags); - -X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, - int nid, int crit, ASN1_OCTET_STRING *data); -X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex, - const ASN1_OBJECT *obj, int crit, ASN1_OCTET_STRING *data); -int X509_EXTENSION_set_object(X509_EXTENSION *ex, - const ASN1_OBJECT *obj); -int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit); -int X509_EXTENSION_set_data(X509_EXTENSION *ex, - ASN1_OCTET_STRING *data); -ASN1_OBJECT * X509_EXTENSION_get_object(X509_EXTENSION *ex); -ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne); -int X509_EXTENSION_get_critical(const X509_EXTENSION *ex); - -X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, - int atrtype, const void *data, int len); -X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, - const ASN1_OBJECT *obj, int atrtype, const void *data, int len); -X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, - const char *atrname, int type, const unsigned char *bytes, int len); -int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj); -int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, int len); -void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, - int atrtype, void *data); -int X509_ATTRIBUTE_count(const X509_ATTRIBUTE *attr); -ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr); -ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx); - -int X509_verify_cert(X509_STORE_CTX *ctx); - -/* lookup a cert from a X509 STACK */ -X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,X509_NAME *name, - ASN1_INTEGER *serial); -X509 *X509_find_by_subject(STACK_OF(X509) *sk,X509_NAME *name); - -extern const ASN1_ITEM PBEPARAM_it; - -/* PKCS#8 utilities */ - -PKCS8_PRIV_KEY_INFO *PKCS8_PRIV_KEY_INFO_new(void); -void PKCS8_PRIV_KEY_INFO_free(PKCS8_PRIV_KEY_INFO *a); -PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO **a, const unsigned char **in, long len); -int i2d_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO *a, unsigned char **out); -extern const ASN1_ITEM PKCS8_PRIV_KEY_INFO_it; - -EVP_PKEY *EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8); -PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey); - -int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj, int version, - int ptype, void *pval, unsigned char *penc, int penclen); -int PKCS8_pkey_get0(const ASN1_OBJECT **ppkalg, const unsigned char **pk, - int *ppklen, const X509_ALGOR **pa, const PKCS8_PRIV_KEY_INFO *p8); - -const STACK_OF(X509_ATTRIBUTE) *PKCS8_pkey_get0_attrs(const PKCS8_PRIV_KEY_INFO *p8); -int PKCS8_pkey_add1_attr_by_NID(PKCS8_PRIV_KEY_INFO *p8, int nid, int type, - const unsigned char *bytes, int len); - -int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj, int ptype, - void *pval, unsigned char *penc, int penclen); -int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, const unsigned char **pk, - int *ppklen, X509_ALGOR **pa, X509_PUBKEY *pub); - -int X509_up_ref(X509 *x); -STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain); - -void ERR_load_X509_strings(void); - -/* Error codes for the X509 functions. */ - -/* Function codes. */ -#define X509_F_ADD_CERT_DIR 100 -#define X509_F_BY_FILE_CTRL 101 -#define X509_F_CHECK_POLICY 145 -#define X509_F_DIR_CTRL 102 -#define X509_F_GET_CERT_BY_SUBJECT 103 -#define X509_F_NETSCAPE_SPKI_B64_DECODE 129 -#define X509_F_NETSCAPE_SPKI_B64_ENCODE 130 -#define X509_F_X509AT_ADD1_ATTR 135 -#define X509_F_X509V3_ADD_EXT 104 -#define X509_F_X509_ATTRIBUTE_CREATE_BY_NID 136 -#define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ 137 -#define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT 140 -#define X509_F_X509_ATTRIBUTE_GET0_DATA 139 -#define X509_F_X509_ATTRIBUTE_SET1_DATA 138 -#define X509_F_X509_CHECK_PRIVATE_KEY 128 -#define X509_F_X509_CRL_PRINT_FP 147 -#define X509_F_X509_EXTENSION_CREATE_BY_NID 108 -#define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109 -#define X509_F_X509_GET_PUBKEY_PARAMETERS 110 -#define X509_F_X509_LOAD_CERT_CRL_FILE 132 -#define X509_F_X509_LOAD_CERT_FILE 111 -#define X509_F_X509_LOAD_CRL_FILE 112 -#define X509_F_X509_NAME_ADD_ENTRY 113 -#define X509_F_X509_NAME_ENTRY_CREATE_BY_NID 114 -#define X509_F_X509_NAME_ENTRY_CREATE_BY_TXT 131 -#define X509_F_X509_NAME_ENTRY_SET_OBJECT 115 -#define X509_F_X509_NAME_ONELINE 116 -#define X509_F_X509_NAME_PRINT 117 -#define X509_F_X509_PRINT_EX_FP 118 -#define X509_F_X509_PUBKEY_GET 119 -#define X509_F_X509_PUBKEY_SET 120 -#define X509_F_X509_REQ_CHECK_PRIVATE_KEY 144 -#define X509_F_X509_REQ_PRINT_EX 121 -#define X509_F_X509_REQ_PRINT_FP 122 -#define X509_F_X509_REQ_TO_X509 123 -#define X509_F_X509_STORE_ADD_CERT 124 -#define X509_F_X509_STORE_ADD_CRL 125 -#define X509_F_X509_STORE_CTX_GET1_ISSUER 146 -#define X509_F_X509_STORE_CTX_INIT 143 -#define X509_F_X509_STORE_CTX_NEW 142 -#define X509_F_X509_STORE_CTX_PURPOSE_INHERIT 134 -#define X509_F_X509_TO_X509_REQ 126 -#define X509_F_X509_TRUST_ADD 133 -#define X509_F_X509_TRUST_SET 141 -#define X509_F_X509_VERIFY_CERT 127 - -/* Reason codes. */ -#define X509_R_BAD_X509_FILETYPE 100 -#define X509_R_BASE64_DECODE_ERROR 118 -#define X509_R_CANT_CHECK_DH_KEY 114 -#define X509_R_CERT_ALREADY_IN_HASH_TABLE 101 -#define X509_R_ERR_ASN1_LIB 102 -#define X509_R_INVALID_DIRECTORY 113 -#define X509_R_INVALID_FIELD_NAME 119 -#define X509_R_INVALID_TRUST 123 -#define X509_R_INVALID_VERSION 137 -#define X509_R_KEY_TYPE_MISMATCH 115 -#define X509_R_KEY_VALUES_MISMATCH 116 -#define X509_R_LOADING_CERT_DIR 103 -#define X509_R_LOADING_DEFAULTS 104 -#define X509_R_METHOD_NOT_SUPPORTED 124 -#define X509_R_NO_CERTIFICATE_OR_CRL_FOUND 136 -#define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105 -#define X509_R_PUBLIC_KEY_DECODE_ERROR 125 -#define X509_R_PUBLIC_KEY_ENCODE_ERROR 126 -#define X509_R_SHOULD_RETRY 106 -#define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107 -#define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108 -#define X509_R_UNKNOWN_KEY_TYPE 117 -#define X509_R_UNKNOWN_NID 109 -#define X509_R_UNKNOWN_PURPOSE_ID 121 -#define X509_R_UNKNOWN_TRUST_ID 120 -#define X509_R_UNSUPPORTED_ALGORITHM 111 -#define X509_R_WRONG_LOOKUP_TYPE 112 -#define X509_R_WRONG_TYPE 122 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/x509/x509_addr.c b/src/lib/libcrypto/x509/x509_addr.c deleted file mode 100644 index 2208cc434e..0000000000 --- a/src/lib/libcrypto/x509/x509_addr.c +++ /dev/null @@ -1,2074 +0,0 @@ -/* $OpenBSD: x509_addr.c,v 1.93 2024/07/13 15:08:58 tb Exp $ */ -/* - * Contributed to the OpenSSL Project by the American Registry for - * Internet Numbers ("ARIN"). - */ -/* ==================================================================== - * Copyright (c) 2006-2016 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - */ - -/* - * Implementation of RFC 3779 section 2.2. - */ - -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include - -#include "asn1_local.h" -#include "bytestring.h" -#include "x509_local.h" - -#ifndef OPENSSL_NO_RFC3779 - -/* - * OpenSSL ASN.1 template translation of RFC 3779 2.2.3. - */ - -static const ASN1_TEMPLATE IPAddressRange_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(IPAddressRange, min), - .field_name = "min", - .item = &ASN1_BIT_STRING_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(IPAddressRange, max), - .field_name = "max", - .item = &ASN1_BIT_STRING_it, - }, -}; - -const ASN1_ITEM IPAddressRange_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = IPAddressRange_seq_tt, - .tcount = sizeof(IPAddressRange_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(IPAddressRange), - .sname = "IPAddressRange", -}; -LCRYPTO_ALIAS(IPAddressRange_it); - -static const ASN1_TEMPLATE IPAddressOrRange_ch_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(IPAddressOrRange, u.addressPrefix), - .field_name = "u.addressPrefix", - .item = &ASN1_BIT_STRING_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(IPAddressOrRange, u.addressRange), - .field_name = "u.addressRange", - .item = &IPAddressRange_it, - }, -}; - -const ASN1_ITEM IPAddressOrRange_it = { - .itype = ASN1_ITYPE_CHOICE, - .utype = offsetof(IPAddressOrRange, type), - .templates = IPAddressOrRange_ch_tt, - .tcount = sizeof(IPAddressOrRange_ch_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(IPAddressOrRange), - .sname = "IPAddressOrRange", -}; -LCRYPTO_ALIAS(IPAddressOrRange_it); - -static const ASN1_TEMPLATE IPAddressChoice_ch_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(IPAddressChoice, u.inherit), - .field_name = "u.inherit", - .item = &ASN1_NULL_it, - }, - { - .flags = ASN1_TFLG_SEQUENCE_OF, - .tag = 0, - .offset = offsetof(IPAddressChoice, u.addressesOrRanges), - .field_name = "u.addressesOrRanges", - .item = &IPAddressOrRange_it, - }, -}; - -const ASN1_ITEM IPAddressChoice_it = { - .itype = ASN1_ITYPE_CHOICE, - .utype = offsetof(IPAddressChoice, type), - .templates = IPAddressChoice_ch_tt, - .tcount = sizeof(IPAddressChoice_ch_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(IPAddressChoice), - .sname = "IPAddressChoice", -}; -LCRYPTO_ALIAS(IPAddressChoice_it); - -static const ASN1_TEMPLATE IPAddressFamily_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(IPAddressFamily, addressFamily), - .field_name = "addressFamily", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(IPAddressFamily, ipAddressChoice), - .field_name = "ipAddressChoice", - .item = &IPAddressChoice_it, - }, -}; - -const ASN1_ITEM IPAddressFamily_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = IPAddressFamily_seq_tt, - .tcount = sizeof(IPAddressFamily_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(IPAddressFamily), - .sname = "IPAddressFamily", -}; -LCRYPTO_ALIAS(IPAddressFamily_it); - -static const ASN1_TEMPLATE IPAddrBlocks_item_tt = { - .flags = ASN1_TFLG_SEQUENCE_OF, - .tag = 0, - .offset = 0, - .field_name = "IPAddrBlocks", - .item = &IPAddressFamily_it, -}; - -static const ASN1_ITEM IPAddrBlocks_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = -1, - .templates = &IPAddrBlocks_item_tt, - .tcount = 0, - .funcs = NULL, - .size = 0, - .sname = "IPAddrBlocks", -}; - -IPAddressRange * -d2i_IPAddressRange(IPAddressRange **a, const unsigned char **in, long len) -{ - return (IPAddressRange *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &IPAddressRange_it); -} -LCRYPTO_ALIAS(d2i_IPAddressRange); - -int -i2d_IPAddressRange(IPAddressRange *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &IPAddressRange_it); -} -LCRYPTO_ALIAS(i2d_IPAddressRange); - -IPAddressRange * -IPAddressRange_new(void) -{ - return (IPAddressRange *)ASN1_item_new(&IPAddressRange_it); -} -LCRYPTO_ALIAS(IPAddressRange_new); - -void -IPAddressRange_free(IPAddressRange *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &IPAddressRange_it); -} -LCRYPTO_ALIAS(IPAddressRange_free); - -IPAddressOrRange * -d2i_IPAddressOrRange(IPAddressOrRange **a, const unsigned char **in, long len) -{ - return (IPAddressOrRange *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &IPAddressOrRange_it); -} -LCRYPTO_ALIAS(d2i_IPAddressOrRange); - -int -i2d_IPAddressOrRange(IPAddressOrRange *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &IPAddressOrRange_it); -} -LCRYPTO_ALIAS(i2d_IPAddressOrRange); - -IPAddressOrRange * -IPAddressOrRange_new(void) -{ - return (IPAddressOrRange *)ASN1_item_new(&IPAddressOrRange_it); -} -LCRYPTO_ALIAS(IPAddressOrRange_new); - -void -IPAddressOrRange_free(IPAddressOrRange *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &IPAddressOrRange_it); -} -LCRYPTO_ALIAS(IPAddressOrRange_free); - -IPAddressChoice * -d2i_IPAddressChoice(IPAddressChoice **a, const unsigned char **in, long len) -{ - return (IPAddressChoice *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &IPAddressChoice_it); -} -LCRYPTO_ALIAS(d2i_IPAddressChoice); - -int -i2d_IPAddressChoice(IPAddressChoice *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &IPAddressChoice_it); -} -LCRYPTO_ALIAS(i2d_IPAddressChoice); - -IPAddressChoice * -IPAddressChoice_new(void) -{ - return (IPAddressChoice *)ASN1_item_new(&IPAddressChoice_it); -} -LCRYPTO_ALIAS(IPAddressChoice_new); - -void -IPAddressChoice_free(IPAddressChoice *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &IPAddressChoice_it); -} -LCRYPTO_ALIAS(IPAddressChoice_free); - -IPAddressFamily * -d2i_IPAddressFamily(IPAddressFamily **a, const unsigned char **in, long len) -{ - return (IPAddressFamily *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &IPAddressFamily_it); -} -LCRYPTO_ALIAS(d2i_IPAddressFamily); - -int -i2d_IPAddressFamily(IPAddressFamily *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &IPAddressFamily_it); -} -LCRYPTO_ALIAS(i2d_IPAddressFamily); - -IPAddressFamily * -IPAddressFamily_new(void) -{ - return (IPAddressFamily *)ASN1_item_new(&IPAddressFamily_it); -} -LCRYPTO_ALIAS(IPAddressFamily_new); - -void -IPAddressFamily_free(IPAddressFamily *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &IPAddressFamily_it); -} -LCRYPTO_ALIAS(IPAddressFamily_free); - -/* - * Convenience accessors for IPAddressFamily. - */ - -static int -IPAddressFamily_type(IPAddressFamily *af) -{ - /* XXX - can af->ipAddressChoice == NULL actually happen? */ - if (af == NULL || af->ipAddressChoice == NULL) - return -1; - - switch (af->ipAddressChoice->type) { - case IPAddressChoice_inherit: - case IPAddressChoice_addressesOrRanges: - return af->ipAddressChoice->type; - default: - return -1; - } -} - -static IPAddressOrRanges * -IPAddressFamily_addressesOrRanges(IPAddressFamily *af) -{ - if (IPAddressFamily_type(af) == IPAddressChoice_addressesOrRanges) - return af->ipAddressChoice->u.addressesOrRanges; - - return NULL; -} - -static ASN1_NULL * -IPAddressFamily_inheritance(IPAddressFamily *af) -{ - if (IPAddressFamily_type(af) == IPAddressChoice_inherit) - return af->ipAddressChoice->u.inherit; - - return NULL; -} - -static int -IPAddressFamily_set_inheritance(IPAddressFamily *af) -{ - if (IPAddressFamily_addressesOrRanges(af) != NULL) - return 0; - - if (IPAddressFamily_inheritance(af) != NULL) - return 1; - - if ((af->ipAddressChoice->u.inherit = ASN1_NULL_new()) == NULL) - return 0; - af->ipAddressChoice->type = IPAddressChoice_inherit; - - return 1; -} - -/* - * How much buffer space do we need for a raw address? - */ -#define ADDR_RAW_BUF_LEN 16 - -/* - * What's the address length associated with this AFI? - */ -static int -length_from_afi(const unsigned afi, int *length) -{ - switch (afi) { - case IANA_AFI_IPV4: - *length = 4; - return 1; - case IANA_AFI_IPV6: - *length = 16; - return 1; - default: - *length = 0; - return 0; - } -} - -/* - * Get AFI and optional SAFI from an IPAddressFamily. All three out arguments - * are optional; if |out_safi| is non-NULL, |safi_is_set| must be non-NULL. - */ -static int -IPAddressFamily_afi_safi(const IPAddressFamily *af, uint16_t *out_afi, - uint8_t *out_safi, int *safi_is_set) -{ - CBS cbs; - uint16_t afi; - uint8_t safi = 0; - int got_safi = 0; - - if (out_afi != NULL) - *out_afi = 0; - if (out_safi != NULL) { - *out_safi = 0; - *safi_is_set = 0; - } - - CBS_init(&cbs, af->addressFamily->data, af->addressFamily->length); - - if (!CBS_get_u16(&cbs, &afi)) - return 0; - - if (afi != IANA_AFI_IPV4 && afi != IANA_AFI_IPV6) - return 0; - - /* Fetch the optional SAFI. */ - if (CBS_len(&cbs) != 0) { - if (!CBS_get_u8(&cbs, &safi)) - return 0; - got_safi = 1; - } - - /* If there's anything left, it's garbage. */ - if (CBS_len(&cbs) != 0) - return 0; - - /* XXX - error on reserved AFI/SAFI? */ - - if (out_afi != NULL) - *out_afi = afi; - - if (out_safi != NULL) { - *out_safi = safi; - *safi_is_set = got_safi; - } - - return 1; -} - -static int -IPAddressFamily_afi(const IPAddressFamily *af, uint16_t *out_afi) -{ - return IPAddressFamily_afi_safi(af, out_afi, NULL, NULL); -} - -static int -IPAddressFamily_afi_is_valid(const IPAddressFamily *af) -{ - return IPAddressFamily_afi_safi(af, NULL, NULL, NULL); -} - -static int -IPAddressFamily_afi_length(const IPAddressFamily *af, int *out_length) -{ - uint16_t afi; - - *out_length = 0; - - if (!IPAddressFamily_afi(af, &afi)) - return 0; - - return length_from_afi(afi, out_length); -} - -#define MINIMUM(a, b) (((a) < (b)) ? (a) : (b)) - -/* - * Sort comparison function for a sequence of IPAddressFamily. - * - * The last paragraph of RFC 3779 2.2.3.3 is slightly ambiguous about - * the ordering: I can read it as meaning that IPv6 without a SAFI - * comes before IPv4 with a SAFI, which seems pretty weird. The - * examples in appendix B suggest that the author intended the - * null-SAFI rule to apply only within a single AFI, which is what I - * would have expected and is what the following code implements. - */ -static int -IPAddressFamily_cmp(const IPAddressFamily *const *a_, - const IPAddressFamily *const *b_) -{ - const ASN1_OCTET_STRING *a = (*a_)->addressFamily; - const ASN1_OCTET_STRING *b = (*b_)->addressFamily; - int len, cmp; - - len = MINIMUM(a->length, b->length); - - if ((cmp = memcmp(a->data, b->data, len)) != 0) - return cmp; - - return a->length - b->length; -} - -static IPAddressFamily * -IPAddressFamily_find_in_parent(IPAddrBlocks *parent, IPAddressFamily *child_af) -{ - int index; - - (void)sk_IPAddressFamily_set_cmp_func(parent, IPAddressFamily_cmp); - - if ((index = sk_IPAddressFamily_find(parent, child_af)) < 0) - return NULL; - - return sk_IPAddressFamily_value(parent, index); -} - -/* - * Extract the AFI from an IPAddressFamily. - * - * This is public API. It uses the reserved AFI 0 as an in-band error - * while it doesn't care about the reserved AFI 65535... - */ -unsigned int -X509v3_addr_get_afi(const IPAddressFamily *af) -{ - uint16_t afi; - - /* - * XXX are these NULL checks really sensible? If af is non-NULL, it - * should have both addressFamily and ipAddressChoice... - */ - if (af == NULL || af->addressFamily == NULL || - af->addressFamily->data == NULL) - return 0; - - if (!IPAddressFamily_afi(af, &afi)) - return 0; - - return afi; -} -LCRYPTO_ALIAS(X509v3_addr_get_afi); - -/* - * Expand the bitstring form (RFC 3779, section 2.1.2) of an address into - * a raw byte array. At the moment this is coded for simplicity, not speed. - * - * Unused bits in the last octet of |bs| and all bits in subsequent bytes - * of |addr| are set to 0 or 1 depending on whether |fill| is 0 or not. - */ -static int -addr_expand(unsigned char *addr, const ASN1_BIT_STRING *bs, const int length, - uint8_t fill) -{ - if (bs->length < 0 || bs->length > length) - return 0; - - if (fill != 0) - fill = 0xff; - - if (bs->length > 0) { - /* XXX - shouldn't this check ASN1_STRING_FLAG_BITS_LEFT? */ - uint8_t unused_bits = bs->flags & 7; - uint8_t mask = (1 << unused_bits) - 1; - - memcpy(addr, bs->data, bs->length); - - if (fill == 0) - addr[bs->length - 1] &= ~mask; - else - addr[bs->length - 1] |= mask; - } - - memset(addr + bs->length, fill, length - bs->length); - - return 1; -} - -/* - * Extract the prefix length from a bitstring: 8 * length - unused bits. - */ -#define addr_prefix_len(bs) ((int) ((bs)->length * 8 - ((bs)->flags & 7))) - -/* - * i2r handler for one address bitstring. - */ -static int -i2r_address(BIO *out, const unsigned afi, const unsigned char fill, - const ASN1_BIT_STRING *bs) -{ - unsigned char addr[ADDR_RAW_BUF_LEN]; - int i, n; - - if (bs->length < 0) - return 0; - switch (afi) { - case IANA_AFI_IPV4: - if (!addr_expand(addr, bs, 4, fill)) - return 0; - BIO_printf(out, "%d.%d.%d.%d", addr[0], addr[1], addr[2], - addr[3]); - break; - case IANA_AFI_IPV6: - if (!addr_expand(addr, bs, 16, fill)) - return 0; - for (n = 16; - n > 1 && addr[n - 1] == 0x00 && addr[n - 2] == 0x00; n -= 2) - continue; - for (i = 0; i < n; i += 2) - BIO_printf(out, "%x%s", (addr[i] << 8) | addr[i + 1], - (i < 14 ? ":" : "")); - if (i < 16) - BIO_puts(out, ":"); - if (i == 0) - BIO_puts(out, ":"); - break; - default: - for (i = 0; i < bs->length; i++) - BIO_printf(out, "%s%02x", (i > 0 ? ":" : ""), - bs->data[i]); - BIO_printf(out, "[%d]", (int)(bs->flags & 7)); - break; - } - return 1; -} - -/* - * i2r handler for a sequence of addresses and ranges. - */ -static int -i2r_IPAddressOrRanges(BIO *out, const int indent, - const IPAddressOrRanges *aors, const unsigned afi) -{ - const IPAddressOrRange *aor; - const ASN1_BIT_STRING *prefix; - const IPAddressRange *range; - int i; - - for (i = 0; i < sk_IPAddressOrRange_num(aors); i++) { - aor = sk_IPAddressOrRange_value(aors, i); - - BIO_printf(out, "%*s", indent, ""); - - switch (aor->type) { - case IPAddressOrRange_addressPrefix: - prefix = aor->u.addressPrefix; - - if (!i2r_address(out, afi, 0x00, prefix)) - return 0; - BIO_printf(out, "/%d\n", addr_prefix_len(prefix)); - continue; - case IPAddressOrRange_addressRange: - range = aor->u.addressRange; - - if (!i2r_address(out, afi, 0x00, range->min)) - return 0; - BIO_puts(out, "-"); - if (!i2r_address(out, afi, 0xff, range->max)) - return 0; - BIO_puts(out, "\n"); - continue; - } - } - - return 1; -} - -/* - * i2r handler for an IPAddrBlocks extension. - */ -static int -i2r_IPAddrBlocks(const X509V3_EXT_METHOD *method, void *ext, BIO *out, - int indent) -{ - const IPAddrBlocks *addr = ext; - IPAddressFamily *af; - uint16_t afi; - uint8_t safi; - int i, safi_is_set; - - for (i = 0; i < sk_IPAddressFamily_num(addr); i++) { - af = sk_IPAddressFamily_value(addr, i); - - if (!IPAddressFamily_afi_safi(af, &afi, &safi, &safi_is_set)) - goto print_addresses; - - switch (afi) { - case IANA_AFI_IPV4: - BIO_printf(out, "%*sIPv4", indent, ""); - break; - case IANA_AFI_IPV6: - BIO_printf(out, "%*sIPv6", indent, ""); - break; - default: - BIO_printf(out, "%*sUnknown AFI %u", indent, "", afi); - break; - } - if (safi_is_set) { - switch (safi) { - case 1: - BIO_puts(out, " (Unicast)"); - break; - case 2: - BIO_puts(out, " (Multicast)"); - break; - case 3: - BIO_puts(out, " (Unicast/Multicast)"); - break; - case 4: - BIO_puts(out, " (MPLS)"); - break; - case 64: - BIO_puts(out, " (Tunnel)"); - break; - case 65: - BIO_puts(out, " (VPLS)"); - break; - case 66: - BIO_puts(out, " (BGP MDT)"); - break; - case 128: - BIO_puts(out, " (MPLS-labeled VPN)"); - break; - default: - BIO_printf(out, " (Unknown SAFI %u)", safi); - break; - } - } - - print_addresses: - switch (IPAddressFamily_type(af)) { - case IPAddressChoice_inherit: - BIO_puts(out, ": inherit\n"); - break; - case IPAddressChoice_addressesOrRanges: - BIO_puts(out, ":\n"); - if (!i2r_IPAddressOrRanges(out, indent + 2, - IPAddressFamily_addressesOrRanges(af), afi)) - return 0; - break; - /* XXX - how should we handle -1 here? */ - } - } - return 1; -} - -/* - * Sort comparison function for a sequence of IPAddressOrRange - * elements. - * - * There's no sane answer we can give if addr_expand() fails, and an - * assertion failure on externally supplied data is seriously uncool, - * so we just arbitrarily declare that if given invalid inputs this - * function returns -1. If this messes up your preferred sort order - * for garbage input, tough noogies. - */ -static int -IPAddressOrRange_cmp(const IPAddressOrRange *a, const IPAddressOrRange *b, - const int length) -{ - unsigned char addr_a[ADDR_RAW_BUF_LEN], addr_b[ADDR_RAW_BUF_LEN]; - int prefix_len_a = 0, prefix_len_b = 0; - int r; - - switch (a->type) { - case IPAddressOrRange_addressPrefix: - if (!addr_expand(addr_a, a->u.addressPrefix, length, 0x00)) - return -1; - prefix_len_a = addr_prefix_len(a->u.addressPrefix); - break; - case IPAddressOrRange_addressRange: - if (!addr_expand(addr_a, a->u.addressRange->min, length, 0x00)) - return -1; - prefix_len_a = length * 8; - break; - } - - switch (b->type) { - case IPAddressOrRange_addressPrefix: - if (!addr_expand(addr_b, b->u.addressPrefix, length, 0x00)) - return -1; - prefix_len_b = addr_prefix_len(b->u.addressPrefix); - break; - case IPAddressOrRange_addressRange: - if (!addr_expand(addr_b, b->u.addressRange->min, length, 0x00)) - return -1; - prefix_len_b = length * 8; - break; - } - - if ((r = memcmp(addr_a, addr_b, length)) != 0) - return r; - else - return prefix_len_a - prefix_len_b; -} - -/* - * IPv4-specific closure over IPAddressOrRange_cmp, since sk_sort() - * comparison routines are only allowed two arguments. - */ -static int -v4IPAddressOrRange_cmp(const IPAddressOrRange *const *a, - const IPAddressOrRange *const *b) -{ - return IPAddressOrRange_cmp(*a, *b, 4); -} - -/* - * IPv6-specific closure over IPAddressOrRange_cmp, since sk_sort() - * comparison routines are only allowed two arguments. - */ -static int -v6IPAddressOrRange_cmp(const IPAddressOrRange *const *a, - const IPAddressOrRange *const *b) -{ - return IPAddressOrRange_cmp(*a, *b, 16); -} - -/* - * Calculate whether a range collapses to a prefix. - * See last paragraph of RFC 3779 2.2.3.7. - * - * It's the caller's responsibility to ensure that min <= max. - */ -static int -range_should_be_prefix(const unsigned char *min, const unsigned char *max, - const int length) -{ - unsigned char mask; - int i, j; - - for (i = 0; i < length && min[i] == max[i]; i++) - continue; - for (j = length - 1; j >= 0 && min[j] == 0x00 && max[j] == 0xff; j--) - continue; - if (i < j) - return -1; - if (i > j) - return i * 8; - mask = min[i] ^ max[i]; - switch (mask) { - case 0x01: - j = 7; - break; - case 0x03: - j = 6; - break; - case 0x07: - j = 5; - break; - case 0x0f: - j = 4; - break; - case 0x1f: - j = 3; - break; - case 0x3f: - j = 2; - break; - case 0x7f: - j = 1; - break; - default: - return -1; - } - if ((min[i] & mask) != 0 || (max[i] & mask) != mask) - return -1; - else - return i * 8 + j; -} - -/* - * Fill IPAddressOrRange with bit string encoding of a prefix - RFC 3779, 2.1.1. - */ -static int -make_addressPrefix(IPAddressOrRange **out_aor, uint8_t *addr, uint32_t afi, - int prefix_len) -{ - IPAddressOrRange *aor = NULL; - int afi_len, num_bits, num_octets; - uint8_t unused_bits; - - if (prefix_len < 0) - goto err; - - if (!length_from_afi(afi, &afi_len)) - goto err; - if (prefix_len > 8 * afi_len) - goto err; - - num_octets = (prefix_len + 7) / 8; - num_bits = prefix_len % 8; - - unused_bits = 0; - if (num_bits > 0) - unused_bits = 8 - num_bits; - - if ((aor = IPAddressOrRange_new()) == NULL) - goto err; - - aor->type = IPAddressOrRange_addressPrefix; - - if ((aor->u.addressPrefix = ASN1_BIT_STRING_new()) == NULL) - goto err; - if (!ASN1_BIT_STRING_set(aor->u.addressPrefix, addr, num_octets)) - goto err; - if (!asn1_abs_set_unused_bits(aor->u.addressPrefix, unused_bits)) - goto err; - - *out_aor = aor; - return 1; - - err: - IPAddressOrRange_free(aor); - return 0; -} - -static uint8_t -count_trailing_zeroes(uint8_t octet) -{ - uint8_t count = 0; - - if (octet == 0) - return 8; - - while ((octet & (1 << count)) == 0) - count++; - - return count; -} - -static int -trim_end_u8(CBS *cbs, uint8_t trim) -{ - uint8_t octet; - - while (CBS_len(cbs) > 0) { - if (!CBS_peek_last_u8(cbs, &octet)) - return 0; - if (octet != trim) - return 1; - if (!CBS_get_last_u8(cbs, &octet)) - return 0; - } - - return 1; -} - -/* - * Populate IPAddressOrRange with bit string encoding of a range, see - * RFC 3779, 2.1.2. - */ -static int -make_addressRange(IPAddressOrRange **out_aor, uint8_t *min, uint8_t *max, - uint32_t afi, int length) -{ - IPAddressOrRange *aor = NULL; - IPAddressRange *range; - int prefix_len; - CBS cbs; - size_t max_len, min_len; - uint8_t unused_bits_min, unused_bits_max; - uint8_t octet; - - if (memcmp(min, max, length) > 0) - goto err; - - /* - * RFC 3779, 2.2.3.6 - a range that can be expressed as a prefix - * must be encoded as a prefix. - */ - - if ((prefix_len = range_should_be_prefix(min, max, length)) >= 0) - return make_addressPrefix(out_aor, min, afi, prefix_len); - - /* - * The bit string representing min is formed by removing all its - * trailing zero bits, so remove all trailing zero octets and count - * the trailing zero bits of the last octet. - */ - - CBS_init(&cbs, min, length); - - if (!trim_end_u8(&cbs, 0x00)) - goto err; - - unused_bits_min = 0; - if ((min_len = CBS_len(&cbs)) > 0) { - if (!CBS_peek_last_u8(&cbs, &octet)) - goto err; - - unused_bits_min = count_trailing_zeroes(octet); - } - - /* - * The bit string representing max is formed by removing all its - * trailing one bits, so remove all trailing 0xff octets and count - * the trailing ones of the last octet. - */ - - CBS_init(&cbs, max, length); - - if (!trim_end_u8(&cbs, 0xff)) - goto err; - - unused_bits_max = 0; - if ((max_len = CBS_len(&cbs)) > 0) { - if (!CBS_peek_last_u8(&cbs, &octet)) - goto err; - - unused_bits_max = count_trailing_zeroes(octet + 1); - } - - /* - * Populate IPAddressOrRange. - */ - - if ((aor = IPAddressOrRange_new()) == NULL) - goto err; - - aor->type = IPAddressOrRange_addressRange; - - if ((range = aor->u.addressRange = IPAddressRange_new()) == NULL) - goto err; - - if (!ASN1_BIT_STRING_set(range->min, min, min_len)) - goto err; - if (!asn1_abs_set_unused_bits(range->min, unused_bits_min)) - goto err; - - if (!ASN1_BIT_STRING_set(range->max, max, max_len)) - goto err; - if (!asn1_abs_set_unused_bits(range->max, unused_bits_max)) - goto err; - - *out_aor = aor; - - return 1; - - err: - IPAddressOrRange_free(aor); - return 0; -} - -/* - * Construct a new address family or find an existing one. - */ -static IPAddressFamily * -make_IPAddressFamily(IPAddrBlocks *addr, const unsigned afi, - const unsigned *safi) -{ - IPAddressFamily *af = NULL; - CBB cbb; - CBS cbs; - uint8_t *key = NULL; - size_t keylen; - int i; - - if (!CBB_init(&cbb, 0)) - goto err; - - if (afi != IANA_AFI_IPV4 && afi != IANA_AFI_IPV6) - goto err; - if (!CBB_add_u16(&cbb, afi)) - goto err; - - if (safi != NULL) { - if (*safi > 255) - goto err; - if (!CBB_add_u8(&cbb, *safi)) - goto err; - } - - if (!CBB_finish(&cbb, &key, &keylen)) - goto err; - - for (i = 0; i < sk_IPAddressFamily_num(addr); i++) { - af = sk_IPAddressFamily_value(addr, i); - - CBS_init(&cbs, af->addressFamily->data, - af->addressFamily->length); - if (CBS_mem_equal(&cbs, key, keylen)) - goto done; - } - - if ((af = IPAddressFamily_new()) == NULL) - goto err; - if (!ASN1_OCTET_STRING_set(af->addressFamily, key, keylen)) - goto err; - if (!sk_IPAddressFamily_push(addr, af)) - goto err; - - done: - free(key); - - return af; - - err: - CBB_cleanup(&cbb); - free(key); - IPAddressFamily_free(af); - - return NULL; -} - -/* - * Add an inheritance element. - */ -int -X509v3_addr_add_inherit(IPAddrBlocks *addr, const unsigned afi, - const unsigned *safi) -{ - IPAddressFamily *af; - - if ((af = make_IPAddressFamily(addr, afi, safi)) == NULL) - return 0; - - return IPAddressFamily_set_inheritance(af); -} -LCRYPTO_ALIAS(X509v3_addr_add_inherit); - -/* - * Construct an IPAddressOrRange sequence, or return an existing one. - */ -static IPAddressOrRanges * -make_prefix_or_range(IPAddrBlocks *addr, const unsigned afi, - const unsigned *safi) -{ - IPAddressFamily *af; - IPAddressOrRanges *aors = NULL; - - if ((af = make_IPAddressFamily(addr, afi, safi)) == NULL) - return NULL; - - if (IPAddressFamily_inheritance(af) != NULL) - return NULL; - - if ((aors = IPAddressFamily_addressesOrRanges(af)) != NULL) - return aors; - - if ((aors = sk_IPAddressOrRange_new_null()) == NULL) - return NULL; - - switch (afi) { - case IANA_AFI_IPV4: - (void)sk_IPAddressOrRange_set_cmp_func(aors, - v4IPAddressOrRange_cmp); - break; - case IANA_AFI_IPV6: - (void)sk_IPAddressOrRange_set_cmp_func(aors, - v6IPAddressOrRange_cmp); - break; - } - - af->ipAddressChoice->type = IPAddressChoice_addressesOrRanges; - af->ipAddressChoice->u.addressesOrRanges = aors; - - return aors; -} - -/* - * Add a prefix. - */ -int -X509v3_addr_add_prefix(IPAddrBlocks *addr, const unsigned afi, - const unsigned *safi, unsigned char *a, const int prefix_len) -{ - IPAddressOrRanges *aors; - IPAddressOrRange *aor; - - if ((aors = make_prefix_or_range(addr, afi, safi)) == NULL) - return 0; - - if (!make_addressPrefix(&aor, a, afi, prefix_len)) - return 0; - - if (sk_IPAddressOrRange_push(aors, aor) <= 0) { - IPAddressOrRange_free(aor); - return 0; - } - - return 1; -} -LCRYPTO_ALIAS(X509v3_addr_add_prefix); - -/* - * Add a range. - */ -int -X509v3_addr_add_range(IPAddrBlocks *addr, const unsigned afi, - const unsigned *safi, unsigned char *min, unsigned char *max) -{ - IPAddressOrRanges *aors; - IPAddressOrRange *aor; - int length; - - if ((aors = make_prefix_or_range(addr, afi, safi)) == NULL) - return 0; - - if (!length_from_afi(afi, &length)) - return 0; - - if (!make_addressRange(&aor, min, max, afi, length)) - return 0; - - if (sk_IPAddressOrRange_push(aors, aor) <= 0) { - IPAddressOrRange_free(aor); - return 0; - } - - return 1; -} -LCRYPTO_ALIAS(X509v3_addr_add_range); - -static int -extract_min_max_bitstr(IPAddressOrRange *aor, ASN1_BIT_STRING **out_min, - ASN1_BIT_STRING **out_max) -{ - switch (aor->type) { - case IPAddressOrRange_addressPrefix: - *out_min = *out_max = aor->u.addressPrefix; - return 1; - case IPAddressOrRange_addressRange: - *out_min = aor->u.addressRange->min; - *out_max = aor->u.addressRange->max; - return 1; - default: - return 0; - } -} - -/* - * Extract min and max values from an IPAddressOrRange. - */ -static int -extract_min_max(IPAddressOrRange *aor, unsigned char *min, unsigned char *max, - int length) -{ - ASN1_BIT_STRING *min_bitstr, *max_bitstr; - - if (aor == NULL || min == NULL || max == NULL) - return 0; - - if (!extract_min_max_bitstr(aor, &min_bitstr, &max_bitstr)) - return 0; - - if (!addr_expand(min, min_bitstr, length, 0)) - return 0; - - return addr_expand(max, max_bitstr, length, 1); -} - -/* - * Public wrapper for extract_min_max(). - */ -int -X509v3_addr_get_range(IPAddressOrRange *aor, const unsigned afi, - unsigned char *min, unsigned char *max, const int length) -{ - int afi_len; - - if (!length_from_afi(afi, &afi_len)) - return 0; - - if (length < afi_len) - return 0; - - if (!extract_min_max(aor, min, max, afi_len)) - return 0; - - return afi_len; -} -LCRYPTO_ALIAS(X509v3_addr_get_range); - -/* - * Check whether an IPAddrBLocks is in canonical form. - */ -int -X509v3_addr_is_canonical(IPAddrBlocks *addr) -{ - unsigned char a_min[ADDR_RAW_BUF_LEN], a_max[ADDR_RAW_BUF_LEN]; - unsigned char b_min[ADDR_RAW_BUF_LEN], b_max[ADDR_RAW_BUF_LEN]; - IPAddressFamily *af; - IPAddressOrRanges *aors; - IPAddressOrRange *aor, *aor_a, *aor_b; - int i, j, k, length; - - /* - * Empty extension is canonical. - */ - if (addr == NULL) - return 1; - - /* - * Check whether the top-level list is in order. - */ - for (i = 0; i < sk_IPAddressFamily_num(addr) - 1; i++) { - const IPAddressFamily *a = sk_IPAddressFamily_value(addr, i); - const IPAddressFamily *b = sk_IPAddressFamily_value(addr, i + 1); - - /* Check that both have valid AFIs before comparing them. */ - if (!IPAddressFamily_afi_is_valid(a)) - return 0; - if (!IPAddressFamily_afi_is_valid(b)) - return 0; - - if (IPAddressFamily_cmp(&a, &b) >= 0) - return 0; - } - - /* - * Top level's ok, now check each address family. - */ - for (i = 0; i < sk_IPAddressFamily_num(addr); i++) { - af = sk_IPAddressFamily_value(addr, i); - - if (!IPAddressFamily_afi_length(af, &length)) - return 0; - - /* - * If this family has an inheritance element, it is canonical. - */ - if (IPAddressFamily_inheritance(af) != NULL) - continue; - - /* - * If this family has neither an inheritance element nor an - * addressesOrRanges, we don't know what this is. - */ - if ((aors = IPAddressFamily_addressesOrRanges(af)) == NULL) - return 0; - - if (sk_IPAddressOrRange_num(aors) == 0) - return 0; - - for (j = 0; j < sk_IPAddressOrRange_num(aors) - 1; j++) { - aor_a = sk_IPAddressOrRange_value(aors, j); - aor_b = sk_IPAddressOrRange_value(aors, j + 1); - - if (!extract_min_max(aor_a, a_min, a_max, length) || - !extract_min_max(aor_b, b_min, b_max, length)) - return 0; - - /* - * Punt misordered list, overlapping start, or inverted - * range. - */ - if (memcmp(a_min, b_min, length) >= 0 || - memcmp(a_min, a_max, length) > 0 || - memcmp(b_min, b_max, length) > 0) - return 0; - - /* - * Punt if adjacent or overlapping. Check for adjacency - * by subtracting one from b_min first. - */ - for (k = length - 1; k >= 0 && b_min[k]-- == 0x00; k--) - continue; - if (memcmp(a_max, b_min, length) >= 0) - return 0; - - /* - * Check for range that should be expressed as a prefix. - */ - if (aor_a->type == IPAddressOrRange_addressPrefix) - continue; - - if (range_should_be_prefix(a_min, a_max, length) >= 0) - return 0; - } - - /* - * Check final range to see if it's inverted or should be a - * prefix. - */ - aor = sk_IPAddressOrRange_value(aors, j); - if (aor->type == IPAddressOrRange_addressRange) { - if (!extract_min_max(aor, a_min, a_max, length)) - return 0; - if (memcmp(a_min, a_max, length) > 0) - return 0; - if (range_should_be_prefix(a_min, a_max, length) >= 0) - return 0; - } - } - - /* - * If we made it through all that, we're happy. - */ - return 1; -} -LCRYPTO_ALIAS(X509v3_addr_is_canonical); - -/* - * Whack an IPAddressOrRanges into canonical form. - */ -static int -IPAddressOrRanges_canonize(IPAddressOrRanges *aors, const unsigned afi) -{ - IPAddressOrRange *a, *b, *merged; - unsigned char a_min[ADDR_RAW_BUF_LEN], a_max[ADDR_RAW_BUF_LEN]; - unsigned char b_min[ADDR_RAW_BUF_LEN], b_max[ADDR_RAW_BUF_LEN]; - int i, j, length; - - if (!length_from_afi(afi, &length)) - return 0; - - /* - * Sort the IPAddressOrRanges sequence. - */ - sk_IPAddressOrRange_sort(aors); - - /* - * Clean up representation issues, punt on duplicates or overlaps. - */ - for (i = 0; i < sk_IPAddressOrRange_num(aors) - 1; i++) { - a = sk_IPAddressOrRange_value(aors, i); - b = sk_IPAddressOrRange_value(aors, i + 1); - - if (!extract_min_max(a, a_min, a_max, length) || - !extract_min_max(b, b_min, b_max, length)) - return 0; - - /* - * Punt inverted ranges. - */ - if (memcmp(a_min, a_max, length) > 0 || - memcmp(b_min, b_max, length) > 0) - return 0; - - /* - * Punt overlaps. - */ - if (memcmp(a_max, b_min, length) >= 0) - return 0; - - /* - * Merge if a and b are adjacent. We check for - * adjacency by subtracting one from b_min first. - */ - for (j = length - 1; j >= 0 && b_min[j]-- == 0x00; j--) - continue; - - if (memcmp(a_max, b_min, length) != 0) - continue; - - if (!make_addressRange(&merged, a_min, b_max, afi, length)) - return 0; - sk_IPAddressOrRange_set(aors, i, merged); - (void)sk_IPAddressOrRange_delete(aors, i + 1); - IPAddressOrRange_free(a); - IPAddressOrRange_free(b); - i--; - } - - /* - * Check for inverted final range. - */ - a = sk_IPAddressOrRange_value(aors, i); - if (a != NULL && a->type == IPAddressOrRange_addressRange) { - if (!extract_min_max(a, a_min, a_max, length)) - return 0; - if (memcmp(a_min, a_max, length) > 0) - return 0; - } - - return 1; -} - -/* - * Whack an IPAddrBlocks extension into canonical form. - */ -int -X509v3_addr_canonize(IPAddrBlocks *addr) -{ - IPAddressFamily *af; - IPAddressOrRanges *aors; - uint16_t afi; - int i; - - for (i = 0; i < sk_IPAddressFamily_num(addr); i++) { - af = sk_IPAddressFamily_value(addr, i); - - /* Check AFI/SAFI here - IPAddressFamily_cmp() can't error. */ - if (!IPAddressFamily_afi(af, &afi)) - return 0; - - if ((aors = IPAddressFamily_addressesOrRanges(af)) == NULL) - continue; - - if (!IPAddressOrRanges_canonize(aors, afi)) - return 0; - } - - (void)sk_IPAddressFamily_set_cmp_func(addr, IPAddressFamily_cmp); - sk_IPAddressFamily_sort(addr); - - return X509v3_addr_is_canonical(addr); -} -LCRYPTO_ALIAS(X509v3_addr_canonize); - -/* - * v2i handler for the IPAddrBlocks extension. - */ -static void * -v2i_IPAddrBlocks(const struct v3_ext_method *method, struct v3_ext_ctx *ctx, - STACK_OF(CONF_VALUE)*values) -{ - static const char v4addr_chars[] = "0123456789."; - static const char v6addr_chars[] = "0123456789.:abcdefABCDEF"; - IPAddrBlocks *addr = NULL; - char *s = NULL, *t; - int i; - - if ((addr = sk_IPAddressFamily_new(IPAddressFamily_cmp)) == NULL) { - X509V3error(ERR_R_MALLOC_FAILURE); - return NULL; - } - - for (i = 0; i < sk_CONF_VALUE_num(values); i++) { - CONF_VALUE *val = sk_CONF_VALUE_value(values, i); - unsigned char min[ADDR_RAW_BUF_LEN], max[ADDR_RAW_BUF_LEN]; - unsigned afi, *safi = NULL, safi_; - const char *addr_chars = NULL; - const char *errstr; - int prefix_len, i1, i2, delim, length; - - if (!name_cmp(val->name, "IPv4")) { - afi = IANA_AFI_IPV4; - } else if (!name_cmp(val->name, "IPv6")) { - afi = IANA_AFI_IPV6; - } else if (!name_cmp(val->name, "IPv4-SAFI")) { - afi = IANA_AFI_IPV4; - safi = &safi_; - } else if (!name_cmp(val->name, "IPv6-SAFI")) { - afi = IANA_AFI_IPV6; - safi = &safi_; - } else { - X509V3error(X509V3_R_EXTENSION_NAME_ERROR); - X509V3_conf_err(val); - goto err; - } - - switch (afi) { - case IANA_AFI_IPV4: - addr_chars = v4addr_chars; - break; - case IANA_AFI_IPV6: - addr_chars = v6addr_chars; - break; - } - - if (!length_from_afi(afi, &length)) - goto err; - - /* - * Handle SAFI, if any, and strdup() so we can null-terminate - * the other input values. - */ - if (safi != NULL) { - unsigned long parsed_safi; - int saved_errno = errno; - - errno = 0; - parsed_safi = strtoul(val->value, &t, 0); - - /* Value must be present, then a tab, space or colon. */ - if (val->value[0] == '\0' || - (*t != '\t' && *t != ' ' && *t != ':')) { - X509V3error(X509V3_R_INVALID_SAFI); - X509V3_conf_err(val); - goto err; - } - /* Range and overflow check. */ - if ((errno == ERANGE && parsed_safi == ULONG_MAX) || - parsed_safi > 0xff) { - X509V3error(X509V3_R_INVALID_SAFI); - X509V3_conf_err(val); - goto err; - } - errno = saved_errno; - - *safi = parsed_safi; - - /* Check possible whitespace is followed by a colon. */ - t += strspn(t, " \t"); - if (*t != ':') { - X509V3error(X509V3_R_INVALID_SAFI); - X509V3_conf_err(val); - goto err; - } - - /* Skip over colon. */ - t++; - - /* Then over any trailing whitespace. */ - t += strspn(t, " \t"); - - s = strdup(t); - } else { - s = strdup(val->value); - } - if (s == NULL) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - - /* - * Check for inheritance. Not worth additional complexity to - * optimize this (seldom-used) case. - */ - if (strcmp(s, "inherit") == 0) { - if (!X509v3_addr_add_inherit(addr, afi, safi)) { - X509V3error(X509V3_R_INVALID_INHERITANCE); - X509V3_conf_err(val); - goto err; - } - free(s); - s = NULL; - continue; - } - - i1 = strspn(s, addr_chars); - i2 = i1 + strspn(s + i1, " \t"); - delim = s[i2++]; - s[i1] = '\0'; - - if (a2i_ipadd(min, s) != length) { - X509V3error(X509V3_R_INVALID_IPADDRESS); - X509V3_conf_err(val); - goto err; - } - - switch (delim) { - case '/': - /* length contains the size of the address in bytes. */ - if (length != 4 && length != 16) - goto err; - prefix_len = strtonum(s + i2, 0, 8 * length, &errstr); - if (errstr != NULL) { - X509V3error(X509V3_R_EXTENSION_VALUE_ERROR); - X509V3_conf_err(val); - goto err; - } - if (!X509v3_addr_add_prefix(addr, afi, safi, min, - prefix_len)) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - break; - case '-': - i1 = i2 + strspn(s + i2, " \t"); - i2 = i1 + strspn(s + i1, addr_chars); - if (i1 == i2 || s[i2] != '\0') { - X509V3error(X509V3_R_EXTENSION_VALUE_ERROR); - X509V3_conf_err(val); - goto err; - } - if (a2i_ipadd(max, s + i1) != length) { - X509V3error(X509V3_R_INVALID_IPADDRESS); - X509V3_conf_err(val); - goto err; - } - if (memcmp(min, max, length) > 0) { - X509V3error(X509V3_R_EXTENSION_VALUE_ERROR); - X509V3_conf_err(val); - goto err; - } - if (!X509v3_addr_add_range(addr, afi, safi, min, max)) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - break; - case '\0': - if (!X509v3_addr_add_prefix(addr, afi, safi, min, - length * 8)) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - break; - default: - X509V3error(X509V3_R_EXTENSION_VALUE_ERROR); - X509V3_conf_err(val); - goto err; - } - - free(s); - s = NULL; - } - - /* - * Canonize the result, then we're done. - */ - if (!X509v3_addr_canonize(addr)) - goto err; - return addr; - - err: - free(s); - sk_IPAddressFamily_pop_free(addr, IPAddressFamily_free); - return NULL; -} - -/* - * OpenSSL dispatch - */ -static const X509V3_EXT_METHOD x509v3_ext_sbgp_ipAddrBlock = { - .ext_nid = NID_sbgp_ipAddrBlock, - .ext_flags = 0, - .it = &IPAddrBlocks_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = NULL, - .v2i = v2i_IPAddrBlocks, - .i2r = i2r_IPAddrBlocks, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_sbgp_ipAddrBlock(void) -{ - return &x509v3_ext_sbgp_ipAddrBlock; -} - -/* - * Figure out whether extension uses inheritance. - */ -int -X509v3_addr_inherits(IPAddrBlocks *addr) -{ - IPAddressFamily *af; - int i; - - if (addr == NULL) - return 0; - - for (i = 0; i < sk_IPAddressFamily_num(addr); i++) { - af = sk_IPAddressFamily_value(addr, i); - - if (IPAddressFamily_inheritance(af) != NULL) - return 1; - } - - return 0; -} -LCRYPTO_ALIAS(X509v3_addr_inherits); - -/* - * Figure out whether parent contains child. - * - * This only works correctly if both parent and child are in canonical form. - */ -static int -addr_contains(IPAddressOrRanges *parent, IPAddressOrRanges *child, int length) -{ - IPAddressOrRange *child_aor, *parent_aor; - uint8_t parent_min[ADDR_RAW_BUF_LEN], parent_max[ADDR_RAW_BUF_LEN]; - uint8_t child_min[ADDR_RAW_BUF_LEN], child_max[ADDR_RAW_BUF_LEN]; - int p, c; - - if (child == NULL || parent == child) - return 1; - if (parent == NULL) - return 0; - - p = 0; - for (c = 0; c < sk_IPAddressOrRange_num(child); c++) { - child_aor = sk_IPAddressOrRange_value(child, c); - - if (!extract_min_max(child_aor, child_min, child_max, length)) - return 0; - - for (;; p++) { - if (p >= sk_IPAddressOrRange_num(parent)) - return 0; - - parent_aor = sk_IPAddressOrRange_value(parent, p); - - if (!extract_min_max(parent_aor, parent_min, parent_max, - length)) - return 0; - - if (memcmp(parent_max, child_max, length) < 0) - continue; - if (memcmp(parent_min, child_min, length) > 0) - return 0; - break; - } - } - - return 1; -} - -/* - * Test whether |child| is a subset of |parent|. - */ -int -X509v3_addr_subset(IPAddrBlocks *child, IPAddrBlocks *parent) -{ - IPAddressFamily *child_af, *parent_af; - IPAddressOrRanges *child_aor, *parent_aor; - int i, length; - - if (child == NULL || child == parent) - return 1; - if (parent == NULL) - return 0; - - if (X509v3_addr_inherits(child) || X509v3_addr_inherits(parent)) - return 0; - - for (i = 0; i < sk_IPAddressFamily_num(child); i++) { - child_af = sk_IPAddressFamily_value(child, i); - - parent_af = IPAddressFamily_find_in_parent(parent, child_af); - if (parent_af == NULL) - return 0; - - if (!IPAddressFamily_afi_length(parent_af, &length)) - return 0; - - child_aor = IPAddressFamily_addressesOrRanges(child_af); - parent_aor = IPAddressFamily_addressesOrRanges(parent_af); - - if (!addr_contains(parent_aor, child_aor, length)) - return 0; - } - return 1; -} -LCRYPTO_ALIAS(X509v3_addr_subset); - -static int -verify_error(X509_STORE_CTX *ctx, X509 *cert, int error, int depth) -{ - if (ctx == NULL) - return 0; - - ctx->current_cert = cert; - ctx->error = error; - ctx->error_depth = depth; - - return ctx->verify_cb(0, ctx); -} - -/* - * Core code for RFC 3779 2.3 path validation. - * - * Returns 1 for success, 0 on error. - * - * When returning 0, ctx->error MUST be set to an appropriate value other than - * X509_V_OK. - */ -static int -addr_validate_path_internal(X509_STORE_CTX *ctx, STACK_OF(X509) *chain, - IPAddrBlocks *ext) -{ - IPAddrBlocks *child = NULL, *parent = NULL; - IPAddressFamily *child_af, *parent_af; - IPAddressOrRanges *child_aor, *parent_aor; - X509 *cert = NULL; - int depth = -1; - int i; - unsigned int length; - int ret = 1; - - /* We need a non-empty chain to test against. */ - if (sk_X509_num(chain) <= 0) - goto err; - /* We need either a store ctx or an extension to work with. */ - if (ctx == NULL && ext == NULL) - goto err; - /* If there is a store ctx, it needs a verify_cb. */ - if (ctx != NULL && ctx->verify_cb == NULL) - goto err; - - /* - * Figure out where to start. If we don't have an extension to check, - * (either extracted from the leaf or passed by the caller), we're done. - * Otherwise, check canonical form and set up for walking up the chain. - */ - if (ext == NULL) { - depth = 0; - cert = sk_X509_value(chain, depth); - if ((X509_get_extension_flags(cert) & EXFLAG_INVALID) != 0) { - if ((ret = verify_error(ctx, cert, - X509_V_ERR_INVALID_EXTENSION, depth)) == 0) - goto done; - } - if ((ext = cert->rfc3779_addr) == NULL) - goto done; - } else if (!X509v3_addr_is_canonical(ext)) { - if ((ret = verify_error(ctx, cert, - X509_V_ERR_INVALID_EXTENSION, depth)) == 0) - goto done; - } - - (void)sk_IPAddressFamily_set_cmp_func(ext, IPAddressFamily_cmp); - if ((child = sk_IPAddressFamily_dup(ext)) == NULL) { - X509V3error(ERR_R_MALLOC_FAILURE); - if (ctx != NULL) - ctx->error = X509_V_ERR_OUT_OF_MEM; - ret = 0; - goto done; - } - - /* - * Now walk up the chain. No cert may list resources that its parent - * doesn't list. - */ - for (depth++; depth < sk_X509_num(chain); depth++) { - cert = sk_X509_value(chain, depth); - - if ((X509_get_extension_flags(cert) & EXFLAG_INVALID) != 0) { - if ((ret = verify_error(ctx, cert, - X509_V_ERR_INVALID_EXTENSION, depth)) == 0) - goto done; - } - - if ((parent = cert->rfc3779_addr) == NULL) { - for (i = 0; i < sk_IPAddressFamily_num(child); i++) { - child_af = sk_IPAddressFamily_value(child, i); - - if (IPAddressFamily_inheritance(child_af) != - NULL) - continue; - - if ((ret = verify_error(ctx, cert, - X509_V_ERR_UNNESTED_RESOURCE, depth)) == 0) - goto done; - break; - } - continue; - } - - /* - * Check that the child's resources are covered by the parent. - * Each covered resource is replaced with the parent's resource - * covering it, so the next iteration will check that the - * parent's resources are covered by the grandparent. - */ - for (i = 0; i < sk_IPAddressFamily_num(child); i++) { - child_af = sk_IPAddressFamily_value(child, i); - - if ((parent_af = IPAddressFamily_find_in_parent(parent, - child_af)) == NULL) { - /* - * If we have no match in the parent and the - * child inherits, that's fine. - */ - if (IPAddressFamily_inheritance(child_af) != - NULL) - continue; - - /* Otherwise the child isn't covered. */ - if ((ret = verify_error(ctx, cert, - X509_V_ERR_UNNESTED_RESOURCE, depth)) == 0) - goto done; - break; - } - - /* Parent inherits, nothing to do. */ - if (IPAddressFamily_inheritance(parent_af) != NULL) - continue; - - /* Child inherits. Use parent's address family. */ - if (IPAddressFamily_inheritance(child_af) != NULL) { - sk_IPAddressFamily_set(child, i, parent_af); - continue; - } - - child_aor = IPAddressFamily_addressesOrRanges(child_af); - parent_aor = - IPAddressFamily_addressesOrRanges(parent_af); - - /* - * Child and parent are canonical and neither inherits. - * If either addressesOrRanges is NULL, something's - * very wrong. - */ - if (child_aor == NULL || parent_aor == NULL) - goto err; - - if (!IPAddressFamily_afi_length(child_af, &length)) - goto err; - - /* Now check containment and replace or error. */ - if (addr_contains(parent_aor, child_aor, length)) { - sk_IPAddressFamily_set(child, i, parent_af); - continue; - } - - if ((ret = verify_error(ctx, cert, - X509_V_ERR_UNNESTED_RESOURCE, depth)) == 0) - goto done; - } - } - - /* - * Trust anchor can't inherit. - */ - if ((parent = cert->rfc3779_addr) != NULL) { - for (i = 0; i < sk_IPAddressFamily_num(parent); i++) { - parent_af = sk_IPAddressFamily_value(parent, i); - - if (IPAddressFamily_inheritance(parent_af) == NULL) - continue; - - if ((ret = verify_error(ctx, cert, - X509_V_ERR_UNNESTED_RESOURCE, depth)) == 0) - goto done; - } - } - - done: - sk_IPAddressFamily_free(child); - return ret; - - err: - sk_IPAddressFamily_free(child); - - if (ctx != NULL) - ctx->error = X509_V_ERR_UNSPECIFIED; - - return 0; -} - -/* - * RFC 3779 2.3 path validation -- called from X509_verify_cert(). - */ -int -X509v3_addr_validate_path(X509_STORE_CTX *ctx) -{ - if (sk_X509_num(ctx->chain) <= 0 || ctx->verify_cb == NULL) { - ctx->error = X509_V_ERR_UNSPECIFIED; - return 0; - } - return addr_validate_path_internal(ctx, ctx->chain, NULL); -} -LCRYPTO_ALIAS(X509v3_addr_validate_path); - -/* - * RFC 3779 2.3 path validation of an extension. - * Test whether chain covers extension. - */ -int -X509v3_addr_validate_resource_set(STACK_OF(X509) *chain, IPAddrBlocks *ext, - int allow_inheritance) -{ - if (ext == NULL) - return 1; - if (sk_X509_num(chain) <= 0) - return 0; - if (!allow_inheritance && X509v3_addr_inherits(ext)) - return 0; - return addr_validate_path_internal(NULL, chain, ext); -} -LCRYPTO_ALIAS(X509v3_addr_validate_resource_set); - -#endif /* OPENSSL_NO_RFC3779 */ diff --git a/src/lib/libcrypto/x509/x509_akey.c b/src/lib/libcrypto/x509/x509_akey.c deleted file mode 100644 index 926508c4cd..0000000000 --- a/src/lib/libcrypto/x509/x509_akey.c +++ /dev/null @@ -1,245 +0,0 @@ -/* $OpenBSD: x509_akey.c,v 1.3 2024/08/31 10:03:03 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include -#include -#include - -#include "x509_local.h" - -static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, - AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist); -static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values); - -static const X509V3_EXT_METHOD x509v3_ext_authority_key_identifier = { - .ext_nid = NID_authority_key_identifier, - .ext_flags = X509V3_EXT_MULTILINE, - .it = &AUTHORITY_KEYID_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = (X509V3_EXT_I2V)i2v_AUTHORITY_KEYID, - .v2i = (X509V3_EXT_V2I)v2i_AUTHORITY_KEYID, - .i2r = NULL, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_authority_key_identifier(void) -{ - return &x509v3_ext_authority_key_identifier; -} - -static STACK_OF(CONF_VALUE) * -i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, AUTHORITY_KEYID *akeyid, - STACK_OF(CONF_VALUE) *extlist) -{ - STACK_OF(CONF_VALUE) *free_extlist = NULL; - char *tmpstr = NULL; - - if (extlist == NULL) { - if ((free_extlist = extlist = sk_CONF_VALUE_new_null()) == NULL) - return NULL; - } - - if (akeyid->keyid != NULL) { - if ((tmpstr = hex_to_string(akeyid->keyid->data, - akeyid->keyid->length)) == NULL) - goto err; - if (!X509V3_add_value("keyid", tmpstr, &extlist)) - goto err; - free(tmpstr); - tmpstr = NULL; - } - - if (akeyid->issuer != NULL) { - if ((extlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, - extlist)) == NULL) - goto err; - } - - if (akeyid->serial != NULL) { - if ((tmpstr = hex_to_string(akeyid->serial->data, - akeyid->serial->length)) == NULL) - goto err; - if (!X509V3_add_value("serial", tmpstr, &extlist)) - goto err; - free(tmpstr); - tmpstr = NULL; - } - - if (sk_CONF_VALUE_num(extlist) <= 0) - goto err; - - return extlist; - - err: - free(tmpstr); - sk_CONF_VALUE_pop_free(free_extlist, X509V3_conf_free); - - return NULL; -} - -/* - * Currently two options: - * keyid: use the issuers subject keyid, the value 'always' means its is - * an error if the issuer certificate doesn't have a key id. - * issuer: use the issuers cert issuer and serial number. The default is - * to only use this if keyid is not present. With the option 'always' - * this is always included. - */ -static AUTHORITY_KEYID * -v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - STACK_OF(CONF_VALUE) *values) -{ - char keyid = 0, issuer = 0; - int i; - CONF_VALUE *cnf; - ASN1_OCTET_STRING *ikeyid = NULL; - X509_NAME *isname = NULL; - STACK_OF(GENERAL_NAME) *gens = NULL; - GENERAL_NAME *gen = NULL; - ASN1_INTEGER *serial = NULL; - X509_EXTENSION *ext; - X509 *cert; - AUTHORITY_KEYID *akeyid = NULL; - - for (i = 0; i < sk_CONF_VALUE_num(values); i++) { - cnf = sk_CONF_VALUE_value(values, i); - if (!strcmp(cnf->name, "keyid")) { - keyid = 1; - if (cnf->value && !strcmp(cnf->value, "always")) - keyid = 2; - } else if (!strcmp(cnf->name, "issuer")) { - issuer = 1; - if (cnf->value && !strcmp(cnf->value, "always")) - issuer = 2; - } else { - X509V3error(X509V3_R_UNKNOWN_OPTION); - ERR_asprintf_error_data("name=%s", cnf->name); - return NULL; - } - } - - if (!ctx || !ctx->issuer_cert) { - if (ctx && (ctx->flags == CTX_TEST)) - return AUTHORITY_KEYID_new(); - X509V3error(X509V3_R_NO_ISSUER_CERTIFICATE); - return NULL; - } - - cert = ctx->issuer_cert; - - if (keyid) { - i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1); - if ((i >= 0) && (ext = X509_get_ext(cert, i))) - ikeyid = X509V3_EXT_d2i(ext); - if (keyid == 2 && !ikeyid) { - X509V3error(X509V3_R_UNABLE_TO_GET_ISSUER_KEYID); - return NULL; - } - } - - if ((issuer && !ikeyid) || (issuer == 2)) { - isname = X509_NAME_dup(X509_get_issuer_name(cert)); - serial = ASN1_INTEGER_dup(X509_get_serialNumber(cert)); - if (!isname || !serial) { - X509V3error(X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS); - goto err; - } - } - - if (!(akeyid = AUTHORITY_KEYID_new())) - goto err; - - if (isname) { - if (!(gens = sk_GENERAL_NAME_new_null()) || - !(gen = GENERAL_NAME_new()) || - !sk_GENERAL_NAME_push(gens, gen)) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - gen->type = GEN_DIRNAME; - gen->d.dirn = isname; - } - - akeyid->issuer = gens; - akeyid->serial = serial; - akeyid->keyid = ikeyid; - - return akeyid; - - err: - AUTHORITY_KEYID_free(akeyid); - GENERAL_NAME_free(gen); - sk_GENERAL_NAME_free(gens); - X509_NAME_free(isname); - ASN1_INTEGER_free(serial); - ASN1_OCTET_STRING_free(ikeyid); - return NULL; -} diff --git a/src/lib/libcrypto/x509/x509_akeya.c b/src/lib/libcrypto/x509/x509_akeya.c deleted file mode 100644 index e816e6b613..0000000000 --- a/src/lib/libcrypto/x509/x509_akeya.c +++ /dev/null @@ -1,129 +0,0 @@ -/* $OpenBSD: x509_akeya.c,v 1.4 2024/07/08 14:47:44 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include -#include - -static const ASN1_TEMPLATE AUTHORITY_KEYID_seq_tt[] = { - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(AUTHORITY_KEYID, keyid), - .field_name = "keyid", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(AUTHORITY_KEYID, issuer), - .field_name = "issuer", - .item = &GENERAL_NAME_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 2, - .offset = offsetof(AUTHORITY_KEYID, serial), - .field_name = "serial", - .item = &ASN1_INTEGER_it, - }, -}; - -const ASN1_ITEM AUTHORITY_KEYID_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = AUTHORITY_KEYID_seq_tt, - .tcount = sizeof(AUTHORITY_KEYID_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(AUTHORITY_KEYID), - .sname = "AUTHORITY_KEYID", -}; -LCRYPTO_ALIAS(AUTHORITY_KEYID_it); - - -AUTHORITY_KEYID * -d2i_AUTHORITY_KEYID(AUTHORITY_KEYID **a, const unsigned char **in, long len) -{ - return (AUTHORITY_KEYID *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &AUTHORITY_KEYID_it); -} -LCRYPTO_ALIAS(d2i_AUTHORITY_KEYID); - -int -i2d_AUTHORITY_KEYID(AUTHORITY_KEYID *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &AUTHORITY_KEYID_it); -} -LCRYPTO_ALIAS(i2d_AUTHORITY_KEYID); - -AUTHORITY_KEYID * -AUTHORITY_KEYID_new(void) -{ - return (AUTHORITY_KEYID *)ASN1_item_new(&AUTHORITY_KEYID_it); -} -LCRYPTO_ALIAS(AUTHORITY_KEYID_new); - -void -AUTHORITY_KEYID_free(AUTHORITY_KEYID *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &AUTHORITY_KEYID_it); -} -LCRYPTO_ALIAS(AUTHORITY_KEYID_free); diff --git a/src/lib/libcrypto/x509/x509_alt.c b/src/lib/libcrypto/x509/x509_alt.c deleted file mode 100644 index 34734a55bd..0000000000 --- a/src/lib/libcrypto/x509/x509_alt.c +++ /dev/null @@ -1,799 +0,0 @@ -/* $OpenBSD: x509_alt.c,v 1.19 2025/03/06 07:20:01 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include - -#include "x509_internal.h" - -static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); -static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); -static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p); -static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens); -static int do_othername(GENERAL_NAME *gen, const char *value, X509V3_CTX *ctx); -static int do_dirname(GENERAL_NAME *gen, const char *value, X509V3_CTX *ctx); - -static const X509V3_EXT_METHOD x509v3_ext_subject_alt_name = { - .ext_nid = NID_subject_alt_name, - .ext_flags = 0, - .it = &GENERAL_NAMES_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = (X509V3_EXT_I2V)i2v_GENERAL_NAMES, - .v2i = (X509V3_EXT_V2I)v2i_subject_alt, - .i2r = NULL, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_subject_alt_name(void) -{ - return &x509v3_ext_subject_alt_name; -} - -static const X509V3_EXT_METHOD x509v3_ext_issuer_alt_name = { - .ext_nid = NID_issuer_alt_name, - .ext_flags = 0, - .it = &GENERAL_NAMES_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = (X509V3_EXT_I2V)i2v_GENERAL_NAMES, - .v2i = (X509V3_EXT_V2I)v2i_issuer_alt, - .i2r = NULL, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_issuer_alt_name(void) -{ - return &x509v3_ext_issuer_alt_name; -} - -static const X509V3_EXT_METHOD x509v3_ext_certificate_issuer = { - .ext_nid = NID_certificate_issuer, - .ext_flags = 0, - .it = &GENERAL_NAMES_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = (X509V3_EXT_I2V)i2v_GENERAL_NAMES, - .v2i = NULL, - .i2r = NULL, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_certificate_issuer(void) -{ - return &x509v3_ext_certificate_issuer; -} - -STACK_OF(CONF_VALUE) * -i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method, GENERAL_NAMES *gens, - STACK_OF(CONF_VALUE) *ret) -{ - STACK_OF(CONF_VALUE) *free_ret = NULL; - GENERAL_NAME *gen; - int i; - - if (ret == NULL) { - if ((free_ret = ret = sk_CONF_VALUE_new_null()) == NULL) - return NULL; - } - - for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) { - if ((gen = sk_GENERAL_NAME_value(gens, i)) == NULL) - goto err; - if ((ret = i2v_GENERAL_NAME(method, gen, ret)) == NULL) - goto err; - } - - return ret; - - err: - sk_CONF_VALUE_pop_free(free_ret, X509V3_conf_free); - - return NULL; -} -LCRYPTO_ALIAS(i2v_GENERAL_NAMES); - -STACK_OF(CONF_VALUE) * -i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, - STACK_OF(CONF_VALUE) *ret) -{ - STACK_OF(CONF_VALUE) *free_ret = NULL; - unsigned char *p; - char oline[256], htmp[5]; - int i; - - if (ret == NULL) { - if ((free_ret = ret = sk_CONF_VALUE_new_null()) == NULL) - return NULL; - } - - switch (gen->type) { - case GEN_OTHERNAME: - if (!X509V3_add_value("othername", "", &ret)) - goto err; - break; - - case GEN_X400: - if (!X509V3_add_value("X400Name", "", &ret)) - goto err; - break; - - case GEN_EDIPARTY: - if (!X509V3_add_value("EdiPartyName", "", &ret)) - goto err; - break; - - case GEN_EMAIL: - if (!X509V3_add_value_uchar("email", gen->d.ia5->data, &ret)) - goto err; - break; - - case GEN_DNS: - if (!X509V3_add_value_uchar("DNS", gen->d.ia5->data, &ret)) - goto err; - break; - - case GEN_URI: - if (!X509V3_add_value_uchar("URI", gen->d.ia5->data, &ret)) - goto err; - break; - - case GEN_DIRNAME: - if (X509_NAME_oneline(gen->d.dirn, oline, 256) == NULL) - goto err; - if (!X509V3_add_value("DirName", oline, &ret)) - goto err; - break; - - case GEN_IPADD: /* XXX */ - p = gen->d.ip->data; - if (gen->d.ip->length == 4) - (void) snprintf(oline, sizeof oline, - "%d.%d.%d.%d", p[0], p[1], p[2], p[3]); - else if (gen->d.ip->length == 16) { - oline[0] = 0; - for (i = 0; i < 8; i++) { - (void) snprintf(htmp, sizeof htmp, - "%X", p[0] << 8 | p[1]); - p += 2; - strlcat(oline, htmp, sizeof(oline)); - if (i != 7) - strlcat(oline, ":", sizeof(oline)); - } - } else { - if (!X509V3_add_value("IP Address", "", &ret)) - goto err; - break; - } - if (!X509V3_add_value("IP Address", oline, &ret)) - goto err; - break; - - case GEN_RID: - if (!i2t_ASN1_OBJECT(oline, 256, gen->d.rid)) - goto err; - if (!X509V3_add_value("Registered ID", oline, &ret)) - goto err; - break; - } - - return ret; - - err: - sk_CONF_VALUE_pop_free(free_ret, X509V3_conf_free); - - return NULL; -} -LCRYPTO_ALIAS(i2v_GENERAL_NAME); - -int -GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen) -{ - unsigned char *p; - int i; - - switch (gen->type) { - case GEN_OTHERNAME: - BIO_printf(out, "othername:"); - break; - - case GEN_X400: - BIO_printf(out, "X400Name:"); - break; - - case GEN_EDIPARTY: - /* Maybe fix this: it is supported now */ - BIO_printf(out, "EdiPartyName:"); - break; - - case GEN_EMAIL: - BIO_printf(out, "email:%.*s", gen->d.ia5->length, - gen->d.ia5->data); - break; - - case GEN_DNS: - BIO_printf(out, "DNS:%.*s", gen->d.ia5->length, - gen->d.ia5->data); - break; - - case GEN_URI: - BIO_printf(out, "URI:%.*s", gen->d.ia5->length, - gen->d.ia5->data); - break; - - case GEN_DIRNAME: - BIO_printf(out, "DirName: "); - X509_NAME_print_ex(out, gen->d.dirn, 0, XN_FLAG_ONELINE); - break; - - case GEN_IPADD: - p = gen->d.ip->data; - if (gen->d.ip->length == 4) - BIO_printf(out, "IP Address:%d.%d.%d.%d", - p[0], p[1], p[2], p[3]); - else if (gen->d.ip->length == 16) { - BIO_printf(out, "IP Address"); - for (i = 0; i < 8; i++) { - BIO_printf(out, ":%X", p[0] << 8 | p[1]); - p += 2; - } - BIO_puts(out, "\n"); - } else { - BIO_printf(out, "IP Address:"); - break; - } - break; - - case GEN_RID: - BIO_printf(out, "Registered ID"); - i2a_ASN1_OBJECT(out, gen->d.rid); - break; - } - return 1; -} -LCRYPTO_ALIAS(GENERAL_NAME_print); - -static GENERAL_NAMES * -v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - STACK_OF(CONF_VALUE) *nval) -{ - GENERAL_NAMES *gens = NULL; - CONF_VALUE *cnf; - int i; - - if ((gens = sk_GENERAL_NAME_new_null()) == NULL) { - X509V3error(ERR_R_MALLOC_FAILURE); - return NULL; - } - for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { - cnf = sk_CONF_VALUE_value(nval, i); - if (name_cmp(cnf->name, "issuer") == 0 && cnf->value != NULL && - strcmp(cnf->value, "copy") == 0) { - if (!copy_issuer(ctx, gens)) - goto err; - } else { - GENERAL_NAME *gen; - if ((gen = v2i_GENERAL_NAME(method, ctx, cnf)) == NULL) - goto err; - if (sk_GENERAL_NAME_push(gens, gen) == 0) { - GENERAL_NAME_free(gen); - goto err; - } - } - } - return gens; - -err: - sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free); - return NULL; -} - -/* Append subject altname of issuer to issuer alt name of subject */ - -static int -copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens) -{ - GENERAL_NAMES *ialt = NULL; - GENERAL_NAME *gen = NULL; - X509_EXTENSION *ext; - int i; - int ret = 0; - - if (ctx && (ctx->flags == CTX_TEST)) - return 1; - if (!ctx || !ctx->issuer_cert) { - X509V3error(X509V3_R_NO_ISSUER_DETAILS); - goto err; - } - i = X509_get_ext_by_NID(ctx->issuer_cert, NID_subject_alt_name, -1); - if (i < 0) - return 1; - if (!(ext = X509_get_ext(ctx->issuer_cert, i)) || - !(ialt = X509V3_EXT_d2i(ext))) { - X509V3error(X509V3_R_ISSUER_DECODE_ERROR); - goto err; - } - - for (i = 0; i < sk_GENERAL_NAME_num(ialt); i++) { - GENERAL_NAME *val = sk_GENERAL_NAME_value(ialt, i); - - if ((gen = GENERAL_NAME_dup(val)) == NULL) - goto err; - if (!sk_GENERAL_NAME_push(gens, gen)) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - gen = NULL; - } - - ret = 1; - - err: - sk_GENERAL_NAME_pop_free(ialt, GENERAL_NAME_free); - GENERAL_NAME_free(gen); - - return ret; -} - -static GENERAL_NAMES * -v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - STACK_OF(CONF_VALUE) *nval) -{ - GENERAL_NAMES *gens = NULL; - CONF_VALUE *cnf; - int i; - - if (!(gens = sk_GENERAL_NAME_new_null())) { - X509V3error(ERR_R_MALLOC_FAILURE); - return NULL; - } - for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { - cnf = sk_CONF_VALUE_value(nval, i); - if (!name_cmp(cnf->name, "email") && cnf->value && - !strcmp(cnf->value, "copy")) { - if (!copy_email(ctx, gens, 0)) - goto err; - } else if (!name_cmp(cnf->name, "email") && cnf->value && - !strcmp(cnf->value, "move")) { - if (!copy_email(ctx, gens, 1)) - goto err; - } else { - GENERAL_NAME *gen; - if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) - goto err; - if (sk_GENERAL_NAME_push(gens, gen) == 0) { - GENERAL_NAME_free(gen); - goto err; - } - } - } - return gens; - -err: - sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free); - return NULL; -} - -/* Copy any email addresses in a certificate or request to - * GENERAL_NAMES - */ - -static int -copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p) -{ - X509_NAME *nm; - ASN1_IA5STRING *email = NULL; - X509_NAME_ENTRY *ne; - GENERAL_NAME *gen = NULL; - int i; - - if (ctx != NULL && ctx->flags == CTX_TEST) - return 1; - if (!ctx || (!ctx->subject_cert && !ctx->subject_req)) { - X509V3error(X509V3_R_NO_SUBJECT_DETAILS); - goto err; - } - /* Find the subject name */ - if (ctx->subject_cert) - nm = X509_get_subject_name(ctx->subject_cert); - else - nm = X509_REQ_get_subject_name(ctx->subject_req); - - /* Now add any email address(es) to STACK */ - i = -1; - while ((i = X509_NAME_get_index_by_NID(nm, - NID_pkcs9_emailAddress, i)) >= 0) { - ne = X509_NAME_get_entry(nm, i); - email = ASN1_STRING_dup(X509_NAME_ENTRY_get_data(ne)); - if (move_p) { - X509_NAME_delete_entry(nm, i); - X509_NAME_ENTRY_free(ne); - i--; - } - if (!email || !(gen = GENERAL_NAME_new())) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - gen->d.ia5 = email; - email = NULL; - gen->type = GEN_EMAIL; - if (!sk_GENERAL_NAME_push(gens, gen)) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - gen = NULL; - } - - return 1; - -err: - GENERAL_NAME_free(gen); - ASN1_IA5STRING_free(email); - return 0; -} - -GENERAL_NAMES * -v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - STACK_OF(CONF_VALUE) *nval) -{ - GENERAL_NAME *gen; - GENERAL_NAMES *gens = NULL; - CONF_VALUE *cnf; - int i; - - if (!(gens = sk_GENERAL_NAME_new_null())) { - X509V3error(ERR_R_MALLOC_FAILURE); - return NULL; - } - for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { - cnf = sk_CONF_VALUE_value(nval, i); - if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) - goto err; - if (sk_GENERAL_NAME_push(gens, gen) == 0) { - GENERAL_NAME_free(gen); - goto err; - } - } - return gens; - -err: - sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free); - return NULL; -} -LCRYPTO_ALIAS(v2i_GENERAL_NAMES); - -GENERAL_NAME * -v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - CONF_VALUE *cnf) -{ - return v2i_GENERAL_NAME_ex(NULL, method, ctx, cnf, 0); -} -LCRYPTO_ALIAS(v2i_GENERAL_NAME); - -GENERAL_NAME * -a2i_GENERAL_NAME(GENERAL_NAME *out, const X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, int gen_type, const char *value, int is_nc) -{ - char is_string = 0; - GENERAL_NAME *gen = NULL; - - if (!value) { - X509V3error(X509V3_R_MISSING_VALUE); - return NULL; - } - - if (out) - gen = out; - else { - gen = GENERAL_NAME_new(); - if (gen == NULL) { - X509V3error(ERR_R_MALLOC_FAILURE); - return NULL; - } - } - - switch (gen_type) { - case GEN_URI: - case GEN_EMAIL: - case GEN_DNS: - is_string = 1; - break; - - case GEN_RID: - { - ASN1_OBJECT *obj; - if (!(obj = OBJ_txt2obj(value, 0))) { - X509V3error(X509V3_R_BAD_OBJECT); - ERR_asprintf_error_data("value=%s", value); - goto err; - } - gen->d.rid = obj; - } - break; - - case GEN_IPADD: - if (is_nc) - gen->d.ip = a2i_IPADDRESS_NC(value); - else - gen->d.ip = a2i_IPADDRESS(value); - if (gen->d.ip == NULL) { - X509V3error(X509V3_R_BAD_IP_ADDRESS); - ERR_asprintf_error_data("value=%s", value); - goto err; - } - break; - - case GEN_DIRNAME: - if (!do_dirname(gen, value, ctx)) { - X509V3error(X509V3_R_DIRNAME_ERROR); - goto err; - } - break; - - case GEN_OTHERNAME: - if (!do_othername(gen, value, ctx)) { - X509V3error(X509V3_R_OTHERNAME_ERROR); - goto err; - } - break; - - default: - X509V3error(X509V3_R_UNSUPPORTED_TYPE); - goto err; - } - - if (is_string) { - if (!(gen->d.ia5 = ASN1_IA5STRING_new()) || - !ASN1_STRING_set(gen->d.ia5, value, strlen(value))) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - } - - gen->type = gen_type; - - return gen; - -err: - if (out == NULL) - GENERAL_NAME_free(gen); - return NULL; -} -LCRYPTO_ALIAS(a2i_GENERAL_NAME); - -GENERAL_NAME * -v2i_GENERAL_NAME_ex(GENERAL_NAME *out, const X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc) -{ - uint8_t *bytes = NULL; - char *name, *value; - GENERAL_NAME *ret; - size_t len = 0; - int type; - CBS cbs; - - name = cnf->name; - value = cnf->value; - - if (!value) { - X509V3error(X509V3_R_MISSING_VALUE); - return NULL; - } - - if (!name_cmp(name, "email")) - type = GEN_EMAIL; - else if (!name_cmp(name, "URI")) - type = GEN_URI; - else if (!name_cmp(name, "DNS")) - type = GEN_DNS; - else if (!name_cmp(name, "RID")) - type = GEN_RID; - else if (!name_cmp(name, "IP")) - type = GEN_IPADD; - else if (!name_cmp(name, "dirName")) - type = GEN_DIRNAME; - else if (!name_cmp(name, "otherName")) - type = GEN_OTHERNAME; - else { - X509V3error(X509V3_R_UNSUPPORTED_OPTION); - ERR_asprintf_error_data("name=%s", name); - return NULL; - } - - ret = a2i_GENERAL_NAME(out, method, ctx, type, value, is_nc); - if (ret == NULL) - return NULL; - - /* - * Validate what we have for sanity. - */ - - if (is_nc) { - struct x509_constraints_name *constraints_name = NULL; - - if (!x509_constraints_validate(ret, &constraints_name, NULL)) { - X509V3error(X509V3_R_BAD_OBJECT); - ERR_asprintf_error_data("name=%s", name); - goto err; - } - x509_constraints_name_free(constraints_name); - return ret; - } - - type = x509_constraints_general_to_bytes(ret, &bytes, &len); - CBS_init(&cbs, bytes, len); - switch (type) { - case GEN_DNS: - if (!x509_constraints_valid_sandns(&cbs)) { - X509V3error(X509V3_R_BAD_OBJECT); - ERR_asprintf_error_data("name=%s value='%.*s'", name, - (int)len, bytes); - goto err; - } - break; - case GEN_URI: - if (!x509_constraints_uri_host(bytes, len, NULL)) { - X509V3error(X509V3_R_BAD_OBJECT); - ERR_asprintf_error_data("name=%s value='%.*s'", name, - (int)len, bytes); - goto err; - } - break; - case GEN_EMAIL: - if (!x509_constraints_parse_mailbox(&cbs, NULL)) { - X509V3error(X509V3_R_BAD_OBJECT); - ERR_asprintf_error_data("name=%s value='%.*s'", name, - (int)len, bytes); - goto err; - } - break; - case GEN_IPADD: - if (len != 4 && len != 16) { - X509V3error(X509V3_R_BAD_IP_ADDRESS); - ERR_asprintf_error_data("name=%s len=%zu", name, len); - goto err; - } - break; - default: - break; - } - return ret; - err: - if (out == NULL) - GENERAL_NAME_free(ret); - return NULL; -} -LCRYPTO_ALIAS(v2i_GENERAL_NAME_ex); - -static int -do_othername(GENERAL_NAME *gen, const char *value, X509V3_CTX *ctx) -{ - char *objtmp = NULL, *p; - int objlen; - - if (!(p = strchr(value, ';'))) - return 0; - if (!(gen->d.otherName = OTHERNAME_new())) - return 0; - /* Free this up because we will overwrite it. - * no need to free type_id because it is static - */ - ASN1_TYPE_free(gen->d.otherName->value); - if (!(gen->d.otherName->value = ASN1_generate_v3(p + 1, ctx))) - return 0; - objlen = p - value; - objtmp = malloc(objlen + 1); - if (objtmp) { - strlcpy(objtmp, value, objlen + 1); - gen->d.otherName->type_id = OBJ_txt2obj(objtmp, 0); - free(objtmp); - } else - gen->d.otherName->type_id = NULL; - if (!gen->d.otherName->type_id) - return 0; - return 1; -} - -static int -do_dirname(GENERAL_NAME *gen, const char *value, X509V3_CTX *ctx) -{ - int ret; - STACK_OF(CONF_VALUE) *sk; - X509_NAME *nm; - - if (!(nm = X509_NAME_new())) - return 0; - sk = X509V3_get0_section(ctx, value); - if (!sk) { - X509V3error(X509V3_R_SECTION_NOT_FOUND); - ERR_asprintf_error_data("section=%s", value); - X509_NAME_free(nm); - return 0; - } - /* FIXME: should allow other character types... */ - ret = X509V3_NAME_from_section(nm, sk, MBSTRING_ASC); - if (!ret) - X509_NAME_free(nm); - gen->d.dirn = nm; - - return ret; -} diff --git a/src/lib/libcrypto/x509/x509_asid.c b/src/lib/libcrypto/x509/x509_asid.c deleted file mode 100644 index 40ee201a9f..0000000000 --- a/src/lib/libcrypto/x509/x509_asid.c +++ /dev/null @@ -1,1255 +0,0 @@ -/* $OpenBSD: x509_asid.c,v 1.45 2024/07/13 15:08:58 tb Exp $ */ -/* - * Contributed to the OpenSSL Project by the American Registry for - * Internet Numbers ("ARIN"). - */ -/* ==================================================================== - * Copyright (c) 2006-2018 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - */ - -/* - * Implementation of RFC 3779 section 3.2. - */ - -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include - -#include "x509_local.h" - -#ifndef OPENSSL_NO_RFC3779 - -static const ASN1_TEMPLATE ASRange_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(ASRange, min), - .field_name = "min", - .item = &ASN1_INTEGER_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(ASRange, max), - .field_name = "max", - .item = &ASN1_INTEGER_it, - }, -}; - -const ASN1_ITEM ASRange_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = ASRange_seq_tt, - .tcount = sizeof(ASRange_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(ASRange), - .sname = "ASRange", -}; -LCRYPTO_ALIAS(ASRange_it); - -static const ASN1_TEMPLATE ASIdOrRange_ch_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(ASIdOrRange, u.id), - .field_name = "u.id", - .item = &ASN1_INTEGER_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(ASIdOrRange, u.range), - .field_name = "u.range", - .item = &ASRange_it, - }, -}; - -const ASN1_ITEM ASIdOrRange_it = { - .itype = ASN1_ITYPE_CHOICE, - .utype = offsetof(ASIdOrRange, type), - .templates = ASIdOrRange_ch_tt, - .tcount = sizeof(ASIdOrRange_ch_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(ASIdOrRange), - .sname = "ASIdOrRange", -}; -LCRYPTO_ALIAS(ASIdOrRange_it); - -static const ASN1_TEMPLATE ASIdentifierChoice_ch_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(ASIdentifierChoice, u.inherit), - .field_name = "u.inherit", - .item = &ASN1_NULL_it, - }, - { - .flags = ASN1_TFLG_SEQUENCE_OF, - .tag = 0, - .offset = offsetof(ASIdentifierChoice, u.asIdsOrRanges), - .field_name = "u.asIdsOrRanges", - .item = &ASIdOrRange_it, - }, -}; - -const ASN1_ITEM ASIdentifierChoice_it = { - .itype = ASN1_ITYPE_CHOICE, - .utype = offsetof(ASIdentifierChoice, type), - .templates = ASIdentifierChoice_ch_tt, - .tcount = sizeof(ASIdentifierChoice_ch_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(ASIdentifierChoice), - .sname = "ASIdentifierChoice", -}; -LCRYPTO_ALIAS(ASIdentifierChoice_it); - -static const ASN1_TEMPLATE ASIdentifiers_seq_tt[] = { - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(ASIdentifiers, asnum), - .field_name = "asnum", - .item = &ASIdentifierChoice_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(ASIdentifiers, rdi), - .field_name = "rdi", - .item = &ASIdentifierChoice_it, - }, -}; - -const ASN1_ITEM ASIdentifiers_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = ASIdentifiers_seq_tt, - .tcount = sizeof(ASIdentifiers_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(ASIdentifiers), - .sname = "ASIdentifiers", -}; -LCRYPTO_ALIAS(ASIdentifiers_it); - -ASRange * -d2i_ASRange(ASRange **a, const unsigned char **in, long len) -{ - return (ASRange *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ASRange_it); -} -LCRYPTO_ALIAS(d2i_ASRange); - -int -i2d_ASRange(ASRange *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASRange_it); -} -LCRYPTO_ALIAS(i2d_ASRange); - -ASRange * -ASRange_new(void) -{ - return (ASRange *)ASN1_item_new(&ASRange_it); -} -LCRYPTO_ALIAS(ASRange_new); - -void -ASRange_free(ASRange *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ASRange_it); -} -LCRYPTO_ALIAS(ASRange_free); - -ASIdOrRange * -d2i_ASIdOrRange(ASIdOrRange **a, const unsigned char **in, long len) -{ - return (ASIdOrRange *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ASIdOrRange_it); -} -LCRYPTO_ALIAS(d2i_ASIdOrRange); - -int -i2d_ASIdOrRange(ASIdOrRange *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASIdOrRange_it); -} -LCRYPTO_ALIAS(i2d_ASIdOrRange); - -ASIdOrRange * -ASIdOrRange_new(void) -{ - return (ASIdOrRange *)ASN1_item_new(&ASIdOrRange_it); -} -LCRYPTO_ALIAS(ASIdOrRange_new); - -void -ASIdOrRange_free(ASIdOrRange *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ASIdOrRange_it); -} -LCRYPTO_ALIAS(ASIdOrRange_free); - -ASIdentifierChoice * -d2i_ASIdentifierChoice(ASIdentifierChoice **a, const unsigned char **in, - long len) -{ - return (ASIdentifierChoice *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ASIdentifierChoice_it); -} -LCRYPTO_ALIAS(d2i_ASIdentifierChoice); - -int -i2d_ASIdentifierChoice(ASIdentifierChoice *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASIdentifierChoice_it); -} -LCRYPTO_ALIAS(i2d_ASIdentifierChoice); - -ASIdentifierChoice * -ASIdentifierChoice_new(void) -{ - return (ASIdentifierChoice *)ASN1_item_new(&ASIdentifierChoice_it); -} -LCRYPTO_ALIAS(ASIdentifierChoice_new); - -void -ASIdentifierChoice_free(ASIdentifierChoice *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ASIdentifierChoice_it); -} -LCRYPTO_ALIAS(ASIdentifierChoice_free); - -ASIdentifiers * -d2i_ASIdentifiers(ASIdentifiers **a, const unsigned char **in, long len) -{ - return (ASIdentifiers *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ASIdentifiers_it); -} -LCRYPTO_ALIAS(d2i_ASIdentifiers); - -int -i2d_ASIdentifiers(ASIdentifiers *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASIdentifiers_it); -} -LCRYPTO_ALIAS(i2d_ASIdentifiers); - -ASIdentifiers * -ASIdentifiers_new(void) -{ - return (ASIdentifiers *)ASN1_item_new(&ASIdentifiers_it); -} -LCRYPTO_ALIAS(ASIdentifiers_new); - -void -ASIdentifiers_free(ASIdentifiers *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ASIdentifiers_it); -} -LCRYPTO_ALIAS(ASIdentifiers_free); - -/* - * i2r method for an ASIdentifierChoice. - */ -static int -i2r_ASIdentifierChoice(BIO *out, ASIdentifierChoice *choice, int indent, - const char *msg) -{ - int i; - char *s; - if (choice == NULL) - return 1; - BIO_printf(out, "%*s%s:\n", indent, "", msg); - switch (choice->type) { - case ASIdentifierChoice_inherit: - BIO_printf(out, "%*sinherit\n", indent + 2, ""); - break; - case ASIdentifierChoice_asIdsOrRanges: - for (i = 0; i < sk_ASIdOrRange_num(choice->u.asIdsOrRanges); - i++) { - ASIdOrRange *aor = - sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i); - switch (aor->type) { - case ASIdOrRange_id: - if ((s = i2s_ASN1_INTEGER(NULL, aor->u.id)) == - NULL) - return 0; - BIO_printf(out, "%*s%s\n", indent + 2, "", s); - free(s); - break; - case ASIdOrRange_range: - if ((s = i2s_ASN1_INTEGER(NULL, - aor->u.range->min)) == NULL) - return 0; - BIO_printf(out, "%*s%s-", indent + 2, "", s); - free(s); - if ((s = i2s_ASN1_INTEGER(NULL, - aor->u.range->max)) == NULL) - return 0; - BIO_printf(out, "%s\n", s); - free(s); - break; - default: - return 0; - } - } - break; - default: - return 0; - } - return 1; -} - -/* - * i2r method for an ASIdentifier extension. - */ -static int -i2r_ASIdentifiers(const X509V3_EXT_METHOD *method, void *ext, BIO *out, - int indent) -{ - ASIdentifiers *asid = ext; - return (i2r_ASIdentifierChoice(out, asid->asnum, indent, - "Autonomous System Numbers") && - i2r_ASIdentifierChoice(out, asid->rdi, indent, - "Routing Domain Identifiers")); -} - -/* - * Sort comparison function for a sequence of ASIdOrRange elements. - */ -static int -ASIdOrRange_cmp(const ASIdOrRange *const *a_, const ASIdOrRange *const *b_) -{ - const ASIdOrRange *a = *a_, *b = *b_; - - /* XXX: these asserts need to be replaced */ - OPENSSL_assert((a->type == ASIdOrRange_id && a->u.id != NULL) || - (a->type == ASIdOrRange_range && a->u.range != NULL && - a->u.range->min != NULL && a->u.range->max != NULL)); - - OPENSSL_assert((b->type == ASIdOrRange_id && b->u.id != NULL) || - (b->type == ASIdOrRange_range && b->u.range != NULL && - b->u.range->min != NULL && b->u.range->max != NULL)); - - if (a->type == ASIdOrRange_id && b->type == ASIdOrRange_id) - return ASN1_INTEGER_cmp(a->u.id, b->u.id); - - if (a->type == ASIdOrRange_range && b->type == ASIdOrRange_range) { - int r = ASN1_INTEGER_cmp(a->u.range->min, b->u.range->min); - return r != 0 ? r : ASN1_INTEGER_cmp(a->u.range->max, - b->u.range->max); - } - - if (a->type == ASIdOrRange_id) - return ASN1_INTEGER_cmp(a->u.id, b->u.range->min); - else - return ASN1_INTEGER_cmp(a->u.range->min, b->u.id); -} - -/* - * Add an inherit element. - */ -int -X509v3_asid_add_inherit(ASIdentifiers *asid, int which) -{ - ASIdentifierChoice **choice; - ASIdentifierChoice *aic = NULL; - int ret = 0; - - if (asid == NULL) - goto err; - - switch (which) { - case V3_ASID_ASNUM: - choice = &asid->asnum; - break; - case V3_ASID_RDI: - choice = &asid->rdi; - break; - default: - goto err; - } - - if (*choice != NULL) { - if ((*choice)->type != ASIdentifierChoice_inherit) - goto err; - } else { - if ((aic = ASIdentifierChoice_new()) == NULL) - goto err; - if ((aic->u.inherit = ASN1_NULL_new()) == NULL) - goto err; - aic->type = ASIdentifierChoice_inherit; - - *choice = aic; - aic = NULL; - } - - ret = 1; - - err: - ASIdentifierChoice_free(aic); - - return ret; -} -LCRYPTO_ALIAS(X509v3_asid_add_inherit); - -static int -ASIdOrRanges_add_id_or_range(ASIdOrRanges *aors, ASN1_INTEGER *min, - ASN1_INTEGER *max) -{ - ASIdOrRange *aor = NULL; - ASRange *asr = NULL; - int ret = 0; - - /* Preallocate since we must not fail after sk_ASIdOrRange_push(). */ - if (max != NULL) { - if ((asr = ASRange_new()) == NULL) - goto err; - } - - if ((aor = ASIdOrRange_new()) == NULL) - goto err; - if (sk_ASIdOrRange_push(aors, aor) <= 0) - goto err; - - if (max == NULL) { - aor->type = ASIdOrRange_id; - aor->u.id = min; - } else { - ASN1_INTEGER_free(asr->min); - asr->min = min; - ASN1_INTEGER_free(asr->max); - asr->max = max; - - aor->type = ASIdOrRange_range; - aor->u.range = asr; - asr = NULL; - } - - aor = NULL; - - ret = 1; - - err: - ASIdOrRange_free(aor); - ASRange_free(asr); - - return ret; -} - -/* - * Add an ID or range to an ASIdentifierChoice. - */ -int -X509v3_asid_add_id_or_range(ASIdentifiers *asid, int which, ASN1_INTEGER *min, - ASN1_INTEGER *max) -{ - ASIdentifierChoice **choice; - ASIdentifierChoice *aic = NULL, *new_aic = NULL; - int ret = 0; - - if (asid == NULL) - goto err; - - switch (which) { - case V3_ASID_ASNUM: - choice = &asid->asnum; - break; - case V3_ASID_RDI: - choice = &asid->rdi; - break; - default: - goto err; - } - - if ((aic = *choice) != NULL) { - if (aic->type != ASIdentifierChoice_asIdsOrRanges) - goto err; - } else { - if ((aic = new_aic = ASIdentifierChoice_new()) == NULL) - goto err; - aic->u.asIdsOrRanges = sk_ASIdOrRange_new(ASIdOrRange_cmp); - if (aic->u.asIdsOrRanges == NULL) - goto err; - aic->type = ASIdentifierChoice_asIdsOrRanges; - } - - if (!ASIdOrRanges_add_id_or_range(aic->u.asIdsOrRanges, min, max)) - goto err; - - *choice = aic; - aic = new_aic = NULL; - - ret = 1; - - err: - ASIdentifierChoice_free(new_aic); - - return ret; -} -LCRYPTO_ALIAS(X509v3_asid_add_id_or_range); - -/* - * Extract min and max values from an ASIdOrRange. - */ -static int -extract_min_max(ASIdOrRange *aor, ASN1_INTEGER **min, ASN1_INTEGER **max) -{ - switch (aor->type) { - case ASIdOrRange_id: - *min = aor->u.id; - *max = aor->u.id; - return 1; - case ASIdOrRange_range: - *min = aor->u.range->min; - *max = aor->u.range->max; - return 1; - } - *min = NULL; - *max = NULL; - - return 0; -} - -/* - * Check whether an ASIdentifierChoice is in canonical form. - */ -static int -ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice) -{ - ASIdOrRange *a, *b; - ASN1_INTEGER *a_min = NULL, *a_max = NULL, *b_min = NULL, *b_max = NULL; - ASN1_INTEGER *a_max_plus_one = NULL; - ASN1_INTEGER *orig; - BIGNUM *bn = NULL; - int i, ret = 0; - - /* - * Empty element or inheritance is canonical. - */ - if (choice == NULL || choice->type == ASIdentifierChoice_inherit) - return 1; - - /* - * If not a list, or if empty list, it's broken. - */ - if (choice->type != ASIdentifierChoice_asIdsOrRanges || - sk_ASIdOrRange_num(choice->u.asIdsOrRanges) == 0) - return 0; - - /* - * It's a list, check it. - */ - for (i = 0; i < sk_ASIdOrRange_num(choice->u.asIdsOrRanges) - 1; i++) { - a = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i); - b = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i + 1); - - if (!extract_min_max(a, &a_min, &a_max) || - !extract_min_max(b, &b_min, &b_max)) - goto done; - - /* - * Punt misordered list, overlapping start, or inverted range. - */ - if (ASN1_INTEGER_cmp(a_min, b_min) >= 0 || - ASN1_INTEGER_cmp(a_min, a_max) > 0 || - ASN1_INTEGER_cmp(b_min, b_max) > 0) - goto done; - - /* - * Calculate a_max + 1 to check for adjacency. - */ - if ((bn == NULL && (bn = BN_new()) == NULL) || - ASN1_INTEGER_to_BN(a_max, bn) == NULL || - !BN_add_word(bn, 1)) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto done; - } - - if ((a_max_plus_one = - BN_to_ASN1_INTEGER(bn, orig = a_max_plus_one)) == NULL) { - a_max_plus_one = orig; - X509V3error(ERR_R_MALLOC_FAILURE); - goto done; - } - - /* - * Punt if adjacent or overlapping. - */ - if (ASN1_INTEGER_cmp(a_max_plus_one, b_min) >= 0) - goto done; - } - - /* - * Check for inverted range. - */ - i = sk_ASIdOrRange_num(choice->u.asIdsOrRanges) - 1; - a = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i); - if (a != NULL && a->type == ASIdOrRange_range) { - if (!extract_min_max(a, &a_min, &a_max) || - ASN1_INTEGER_cmp(a_min, a_max) > 0) - goto done; - } - - ret = 1; - - done: - ASN1_INTEGER_free(a_max_plus_one); - BN_free(bn); - return ret; -} - -/* - * Check whether an ASIdentifier extension is in canonical form. - */ -int -X509v3_asid_is_canonical(ASIdentifiers *asid) -{ - return (asid == NULL || - (ASIdentifierChoice_is_canonical(asid->asnum) && - ASIdentifierChoice_is_canonical(asid->rdi))); -} -LCRYPTO_ALIAS(X509v3_asid_is_canonical); - -/* - * Whack an ASIdentifierChoice into canonical form. - */ -static int -ASIdentifierChoice_canonize(ASIdentifierChoice *choice) -{ - ASIdOrRange *a, *b; - ASN1_INTEGER *a_min = NULL, *a_max = NULL, *b_min = NULL, *b_max = NULL; - ASN1_INTEGER *a_max_plus_one = NULL; - ASN1_INTEGER *orig; - BIGNUM *bn = NULL; - int i, ret = 0; - - /* - * Nothing to do for empty element or inheritance. - */ - if (choice == NULL || choice->type == ASIdentifierChoice_inherit) - return 1; - - /* - * If not a list, or if empty list, it's broken. - */ - if (choice->type != ASIdentifierChoice_asIdsOrRanges || - sk_ASIdOrRange_num(choice->u.asIdsOrRanges) == 0) { - X509V3error(X509V3_R_EXTENSION_VALUE_ERROR); - return 0; - } - - /* - * We have a non-empty list. Sort it. - */ - sk_ASIdOrRange_sort(choice->u.asIdsOrRanges); - - /* - * Now check for errors and suboptimal encoding, rejecting the - * former and fixing the latter. - */ - for (i = 0; i < sk_ASIdOrRange_num(choice->u.asIdsOrRanges) - 1; i++) { - a = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i); - b = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i + 1); - - if (!extract_min_max(a, &a_min, &a_max) || - !extract_min_max(b, &b_min, &b_max)) - goto done; - - /* - * Make sure we're properly sorted (paranoia). - */ - if (ASN1_INTEGER_cmp(a_min, b_min) > 0) - goto done; - - /* - * Punt inverted ranges. - */ - if (ASN1_INTEGER_cmp(a_min, a_max) > 0 || - ASN1_INTEGER_cmp(b_min, b_max) > 0) - goto done; - - /* - * Check for overlaps. - */ - if (ASN1_INTEGER_cmp(a_max, b_min) >= 0) { - X509V3error(X509V3_R_EXTENSION_VALUE_ERROR); - goto done; - } - - /* - * Calculate a_max + 1 to check for adjacency. - */ - if ((bn == NULL && (bn = BN_new()) == NULL) || - ASN1_INTEGER_to_BN(a_max, bn) == NULL || - !BN_add_word(bn, 1)) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto done; - } - - if ((a_max_plus_one = - BN_to_ASN1_INTEGER(bn, orig = a_max_plus_one)) == NULL) { - a_max_plus_one = orig; - X509V3error(ERR_R_MALLOC_FAILURE); - goto done; - } - - /* - * If a and b are adjacent, merge them. - */ - if (ASN1_INTEGER_cmp(a_max_plus_one, b_min) == 0) { - ASRange *r; - switch (a->type) { - case ASIdOrRange_id: - if ((r = calloc(1, sizeof(*r))) == NULL) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto done; - } - r->min = a_min; - r->max = b_max; - a->type = ASIdOrRange_range; - a->u.range = r; - break; - case ASIdOrRange_range: - ASN1_INTEGER_free(a->u.range->max); - a->u.range->max = b_max; - break; - } - switch (b->type) { - case ASIdOrRange_id: - b->u.id = NULL; - break; - case ASIdOrRange_range: - b->u.range->max = NULL; - break; - } - ASIdOrRange_free(b); - (void)sk_ASIdOrRange_delete(choice->u.asIdsOrRanges, - i + 1); - i--; - continue; - } - } - - /* - * Check for final inverted range. - */ - i = sk_ASIdOrRange_num(choice->u.asIdsOrRanges) - 1; - a = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i); - if (a != NULL && a->type == ASIdOrRange_range) { - if (!extract_min_max(a, &a_min, &a_max) || - ASN1_INTEGER_cmp(a_min, a_max) > 0) - goto done; - } - - /* Paranoia */ - if (!ASIdentifierChoice_is_canonical(choice)) - goto done; - - ret = 1; - - done: - ASN1_INTEGER_free(a_max_plus_one); - BN_free(bn); - return ret; -} - -/* - * Whack an ASIdentifier extension into canonical form. - */ -int -X509v3_asid_canonize(ASIdentifiers *asid) -{ - if (asid == NULL) - return 1; - - if (!ASIdentifierChoice_canonize(asid->asnum)) - return 0; - - return ASIdentifierChoice_canonize(asid->rdi); -} -LCRYPTO_ALIAS(X509v3_asid_canonize); - -/* - * v2i method for an ASIdentifier extension. - */ -static void * -v2i_ASIdentifiers(const struct v3_ext_method *method, struct v3_ext_ctx *ctx, - STACK_OF(CONF_VALUE)*values) -{ - ASN1_INTEGER *min = NULL, *max = NULL; - ASIdentifiers *asid = NULL; - int i; - - if ((asid = ASIdentifiers_new()) == NULL) { - X509V3error(ERR_R_MALLOC_FAILURE); - return NULL; - } - - for (i = 0; i < sk_CONF_VALUE_num(values); i++) { - CONF_VALUE *val = sk_CONF_VALUE_value(values, i); - int i1 = 0, i2 = 0, i3 = 0, is_range = 0, which = 0; - - /* - * Figure out whether this is an AS or an RDI. - */ - if (!name_cmp(val->name, "AS")) { - which = V3_ASID_ASNUM; - } else if (!name_cmp(val->name, "RDI")) { - which = V3_ASID_RDI; - } else { - X509V3error(X509V3_R_EXTENSION_NAME_ERROR); - X509V3_conf_err(val); - goto err; - } - - /* - * Handle inheritance. - */ - if (strcmp(val->value, "inherit") == 0) { - if (X509v3_asid_add_inherit(asid, which)) - continue; - X509V3error(X509V3_R_INVALID_INHERITANCE); - X509V3_conf_err(val); - goto err; - } - - /* - * Number, range, or mistake, pick it apart and figure out which - */ - i1 = strspn(val->value, "0123456789"); - if (val->value[i1] == '\0') { - is_range = 0; - } else { - is_range = 1; - i2 = i1 + strspn(val->value + i1, " \t"); - if (val->value[i2] != '-') { - X509V3error(X509V3_R_INVALID_ASNUMBER); - X509V3_conf_err(val); - goto err; - } - i2++; - i2 = i2 + strspn(val->value + i2, " \t"); - i3 = i2 + strspn(val->value + i2, "0123456789"); - if (val->value[i3] != '\0') { - X509V3error(X509V3_R_INVALID_ASRANGE); - X509V3_conf_err(val); - goto err; - } - } - - /* - * Syntax is ok, read and add it. - */ - if (!is_range) { - if (!X509V3_get_value_int(val, &min)) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - } else { - char *s = strdup(val->value); - if (s == NULL) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - s[i1] = '\0'; - min = s2i_ASN1_INTEGER(NULL, s); - max = s2i_ASN1_INTEGER(NULL, s + i2); - free(s); - if (min == NULL || max == NULL) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - if (ASN1_INTEGER_cmp(min, max) > 0) { - X509V3error(X509V3_R_EXTENSION_VALUE_ERROR); - goto err; - } - } - if (!X509v3_asid_add_id_or_range(asid, which, min, max)) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - min = max = NULL; - } - - /* - * Canonize the result, then we're done. - */ - if (!X509v3_asid_canonize(asid)) - goto err; - return asid; - - err: - ASIdentifiers_free(asid); - ASN1_INTEGER_free(min); - ASN1_INTEGER_free(max); - return NULL; -} - -/* - * OpenSSL dispatch. - */ -static const X509V3_EXT_METHOD x509v3_ext_sbgp_autonomousSysNum = { - .ext_nid = NID_sbgp_autonomousSysNum, - .ext_flags = 0, - .it = &ASIdentifiers_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = NULL, - .v2i = v2i_ASIdentifiers, - .i2r = i2r_ASIdentifiers, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_sbgp_autonomousSysNum(void) -{ - return &x509v3_ext_sbgp_autonomousSysNum; -} - -/* - * Figure out whether extension uses inheritance. - */ -int -X509v3_asid_inherits(ASIdentifiers *asid) -{ - if (asid == NULL) - return 0; - - if (asid->asnum != NULL) { - if (asid->asnum->type == ASIdentifierChoice_inherit) - return 1; - } - - if (asid->rdi != NULL) { - if (asid->rdi->type == ASIdentifierChoice_inherit) - return 1; - } - - return 0; -} -LCRYPTO_ALIAS(X509v3_asid_inherits); - -/* - * Figure out whether parent contains child. - */ -static int -asid_contains(ASIdOrRanges *parent, ASIdOrRanges *child) -{ - ASN1_INTEGER *p_min = NULL, *p_max = NULL, *c_min = NULL, *c_max = NULL; - int p, c; - - if (child == NULL || parent == child) - return 1; - - if (parent == NULL) - return 0; - - p = 0; - for (c = 0; c < sk_ASIdOrRange_num(child); c++) { - if (!extract_min_max(sk_ASIdOrRange_value(child, c), &c_min, - &c_max)) - return 0; - for (;; p++) { - if (p >= sk_ASIdOrRange_num(parent)) - return 0; - if (!extract_min_max(sk_ASIdOrRange_value(parent, p), - &p_min, &p_max)) - return 0; - if (ASN1_INTEGER_cmp(p_max, c_max) < 0) - continue; - if (ASN1_INTEGER_cmp(p_min, c_min) > 0) - return 0; - break; - } - } - - return 1; -} - -/* - * Test whether child is a subset of parent. - */ -int -X509v3_asid_subset(ASIdentifiers *child, ASIdentifiers *parent) -{ - if (child == NULL || child == parent) - return 1; - - if (parent == NULL) - return 0; - - if (X509v3_asid_inherits(child) || X509v3_asid_inherits(parent)) - return 0; - - if (child->asnum != NULL) { - if (parent->asnum == NULL) - return 0; - - if (!asid_contains(parent->asnum->u.asIdsOrRanges, - child->asnum->u.asIdsOrRanges)) - return 0; - } - - if (child->rdi != NULL) { - if (parent->rdi == NULL) - return 0; - - if (!asid_contains(parent->rdi->u.asIdsOrRanges, - child->rdi->u.asIdsOrRanges)) - return 0; - } - - return 1; -} -LCRYPTO_ALIAS(X509v3_asid_subset); - -/* - * Validation error handling via callback. - */ -#define validation_err(_err_) \ - do { \ - if (ctx != NULL) { \ - ctx->error = _err_; \ - ctx->error_depth = i; \ - ctx->current_cert = x; \ - ret = ctx->verify_cb(0, ctx); \ - } else { \ - ret = 0; \ - } \ - if (!ret) \ - goto done; \ - } while (0) - -/* - * Core code for RFC 3779 3.3 path validation. - */ -static int -asid_validate_path_internal(X509_STORE_CTX *ctx, STACK_OF(X509) *chain, - ASIdentifiers *ext) -{ - ASIdOrRanges *child_as = NULL, *child_rdi = NULL; - int i, ret = 1, inherit_as = 0, inherit_rdi = 0; - X509 *x; - - /* We need a non-empty chain to test against. */ - if (sk_X509_num(chain) <= 0) - goto err; - /* We need either a store ctx or an extension to work with. */ - if (ctx == NULL && ext == NULL) - goto err; - /* If there is a store ctx, it needs a verify_cb. */ - if (ctx != NULL && ctx->verify_cb == NULL) - goto err; - - /* - * Figure out where to start. If we don't have an extension to check, - * (either extracted from the leaf or passed by the caller), we're done. - * Otherwise, check canonical form and set up for walking up the chain. - */ - if (ext != NULL) { - i = -1; - x = NULL; - if (!X509v3_asid_is_canonical(ext)) - validation_err(X509_V_ERR_INVALID_EXTENSION); - } else { - i = 0; - x = sk_X509_value(chain, i); - if ((X509_get_extension_flags(x) & EXFLAG_INVALID) != 0) - goto done; - if ((ext = x->rfc3779_asid) == NULL) - goto done; - } - if (ext->asnum != NULL) { - switch (ext->asnum->type) { - case ASIdentifierChoice_inherit: - inherit_as = 1; - break; - case ASIdentifierChoice_asIdsOrRanges: - child_as = ext->asnum->u.asIdsOrRanges; - break; - } - } - if (ext->rdi != NULL) { - switch (ext->rdi->type) { - case ASIdentifierChoice_inherit: - inherit_rdi = 1; - break; - case ASIdentifierChoice_asIdsOrRanges: - child_rdi = ext->rdi->u.asIdsOrRanges; - break; - } - } - - /* - * Now walk up the chain. Extensions must be in canonical form, no - * cert may list resources that its parent doesn't list. - */ - for (i++; i < sk_X509_num(chain); i++) { - x = sk_X509_value(chain, i); - - if ((X509_get_extension_flags(x) & EXFLAG_INVALID) != 0) - validation_err(X509_V_ERR_INVALID_EXTENSION); - if (x->rfc3779_asid == NULL) { - if (child_as != NULL || child_rdi != NULL) - validation_err(X509_V_ERR_UNNESTED_RESOURCE); - continue; - } - if (x->rfc3779_asid->asnum == NULL && child_as != NULL) { - validation_err(X509_V_ERR_UNNESTED_RESOURCE); - child_as = NULL; - inherit_as = 0; - } - if (x->rfc3779_asid->asnum != NULL && - x->rfc3779_asid->asnum->type == - ASIdentifierChoice_asIdsOrRanges) { - if (inherit_as || - asid_contains(x->rfc3779_asid->asnum->u.asIdsOrRanges, - child_as)) { - child_as = x->rfc3779_asid->asnum->u.asIdsOrRanges; - inherit_as = 0; - } else { - validation_err(X509_V_ERR_UNNESTED_RESOURCE); - } - } - if (x->rfc3779_asid->rdi == NULL && child_rdi != NULL) { - validation_err(X509_V_ERR_UNNESTED_RESOURCE); - child_rdi = NULL; - inherit_rdi = 0; - } - if (x->rfc3779_asid->rdi != NULL && - x->rfc3779_asid->rdi->type == ASIdentifierChoice_asIdsOrRanges) { - if (inherit_rdi || - asid_contains(x->rfc3779_asid->rdi->u.asIdsOrRanges, - child_rdi)) { - child_rdi = x->rfc3779_asid->rdi->u.asIdsOrRanges; - inherit_rdi = 0; - } else { - validation_err(X509_V_ERR_UNNESTED_RESOURCE); - } - } - } - - /* - * Trust anchor can't inherit. - */ - - if (x == NULL) - goto err; - - if (x->rfc3779_asid != NULL) { - if (x->rfc3779_asid->asnum != NULL && - x->rfc3779_asid->asnum->type == ASIdentifierChoice_inherit) - validation_err(X509_V_ERR_UNNESTED_RESOURCE); - if (x->rfc3779_asid->rdi != NULL && - x->rfc3779_asid->rdi->type == ASIdentifierChoice_inherit) - validation_err(X509_V_ERR_UNNESTED_RESOURCE); - } - - done: - return ret; - - err: - if (ctx != NULL) - ctx->error = X509_V_ERR_UNSPECIFIED; - - return 0; -} - -#undef validation_err - -/* - * RFC 3779 3.3 path validation -- called from X509_verify_cert(). - */ -int -X509v3_asid_validate_path(X509_STORE_CTX *ctx) -{ - if (sk_X509_num(ctx->chain) <= 0 || ctx->verify_cb == NULL) { - ctx->error = X509_V_ERR_UNSPECIFIED; - return 0; - } - return asid_validate_path_internal(ctx, ctx->chain, NULL); -} -LCRYPTO_ALIAS(X509v3_asid_validate_path); - -/* - * RFC 3779 3.3 path validation of an extension. - * Test whether chain covers extension. - */ -int -X509v3_asid_validate_resource_set(STACK_OF(X509) *chain, ASIdentifiers *ext, - int allow_inheritance) -{ - if (ext == NULL) - return 1; - if (sk_X509_num(chain) <= 0) - return 0; - if (!allow_inheritance && X509v3_asid_inherits(ext)) - return 0; - return asid_validate_path_internal(NULL, chain, ext); -} -LCRYPTO_ALIAS(X509v3_asid_validate_resource_set); - -#endif /* OPENSSL_NO_RFC3779 */ diff --git a/src/lib/libcrypto/x509/x509_att.c b/src/lib/libcrypto/x509/x509_att.c deleted file mode 100644 index 4931cbbc17..0000000000 --- a/src/lib/libcrypto/x509/x509_att.c +++ /dev/null @@ -1,377 +0,0 @@ -/* $OpenBSD: x509_att.c,v 1.25 2024/08/31 10:46:40 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include -#include -#include -#include -#include -#include - -#include "x509_local.h" - -int -X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid, int lastpos) -{ - ASN1_OBJECT *obj; - - obj = OBJ_nid2obj(nid); - if (obj == NULL) - return (-2); - return (X509at_get_attr_by_OBJ(x, obj, lastpos)); -} - -int -X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, - const ASN1_OBJECT *obj, int lastpos) -{ - int n; - X509_ATTRIBUTE *ex; - - if (sk == NULL) - return (-1); - lastpos++; - if (lastpos < 0) - lastpos = 0; - n = sk_X509_ATTRIBUTE_num(sk); - for (; lastpos < n; lastpos++) { - ex = sk_X509_ATTRIBUTE_value(sk, lastpos); - if (OBJ_cmp(ex->object, obj) == 0) - return (lastpos); - } - return (-1); -} - -STACK_OF(X509_ATTRIBUTE) * -X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, X509_ATTRIBUTE *attr) -{ - X509_ATTRIBUTE *new_attr = NULL; - STACK_OF(X509_ATTRIBUTE) *sk = NULL; - - if (x == NULL) { - X509error(ERR_R_PASSED_NULL_PARAMETER); - return (NULL); - } - - if (*x == NULL) { - if ((sk = sk_X509_ATTRIBUTE_new_null()) == NULL) - goto err; - } else - sk = *x; - - if ((new_attr = X509_ATTRIBUTE_dup(attr)) == NULL) - goto err2; - if (!sk_X509_ATTRIBUTE_push(sk, new_attr)) - goto err; - if (*x == NULL) - *x = sk; - return (sk); - -err: - X509error(ERR_R_MALLOC_FAILURE); -err2: - if (new_attr != NULL) - X509_ATTRIBUTE_free(new_attr); - if (sk != NULL && sk != *x) - sk_X509_ATTRIBUTE_free(sk); - return (NULL); -} - -STACK_OF(X509_ATTRIBUTE) * -X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x, const ASN1_OBJECT *obj, - int type, const unsigned char *bytes, int len) -{ - X509_ATTRIBUTE *attr; - STACK_OF(X509_ATTRIBUTE) *ret; - - attr = X509_ATTRIBUTE_create_by_OBJ(NULL, obj, type, bytes, len); - if (!attr) - return 0; - ret = X509at_add1_attr(x, attr); - X509_ATTRIBUTE_free(attr); - return ret; -} - -STACK_OF(X509_ATTRIBUTE) * -X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x, int nid, int type, - const unsigned char *bytes, int len) -{ - X509_ATTRIBUTE *attr; - STACK_OF(X509_ATTRIBUTE) *ret; - - attr = X509_ATTRIBUTE_create_by_NID(NULL, nid, type, bytes, len); - if (!attr) - return 0; - ret = X509at_add1_attr(x, attr); - X509_ATTRIBUTE_free(attr); - return ret; -} - -STACK_OF(X509_ATTRIBUTE) * -X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, const char *attrname, - int type, const unsigned char *bytes, int len) -{ - X509_ATTRIBUTE *attr; - STACK_OF(X509_ATTRIBUTE) *ret; - - attr = X509_ATTRIBUTE_create_by_txt(NULL, attrname, type, bytes, len); - if (!attr) - return 0; - ret = X509at_add1_attr(x, attr); - X509_ATTRIBUTE_free(attr); - return ret; -} - -void * -X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, const ASN1_OBJECT *obj, - int lastpos, int type) -{ - int i; - X509_ATTRIBUTE *at; - - i = X509at_get_attr_by_OBJ(x, obj, lastpos); - if (i == -1) - return NULL; - if ((lastpos <= -2) && (X509at_get_attr_by_OBJ(x, obj, i) != -1)) - return NULL; - at = sk_X509_ATTRIBUTE_value(x, i); - if (lastpos <= -3 && (X509_ATTRIBUTE_count(at) != 1)) - return NULL; - return X509_ATTRIBUTE_get0_data(at, 0, type, NULL); -} - -X509_ATTRIBUTE * -X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, int atrtype, - const void *data, int len) -{ - ASN1_OBJECT *obj; - X509_ATTRIBUTE *ret; - - obj = OBJ_nid2obj(nid); - if (obj == NULL) { - X509error(X509_R_UNKNOWN_NID); - return (NULL); - } - ret = X509_ATTRIBUTE_create_by_OBJ(attr, obj, atrtype, data, len); - if (ret == NULL) - ASN1_OBJECT_free(obj); - return (ret); -} -LCRYPTO_ALIAS(X509_ATTRIBUTE_create_by_NID); - -X509_ATTRIBUTE * -X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, const ASN1_OBJECT *obj, - int atrtype, const void *data, int len) -{ - X509_ATTRIBUTE *ret; - - if ((attr == NULL) || (*attr == NULL)) { - if ((ret = X509_ATTRIBUTE_new()) == NULL) { - X509error(ERR_R_MALLOC_FAILURE); - return (NULL); - } - } else - ret= *attr; - - if (!X509_ATTRIBUTE_set1_object(ret, obj)) - goto err; - if (!X509_ATTRIBUTE_set1_data(ret, atrtype, data, len)) - goto err; - - if ((attr != NULL) && (*attr == NULL)) - *attr = ret; - return (ret); - -err: - if ((attr == NULL) || (ret != *attr)) - X509_ATTRIBUTE_free(ret); - return (NULL); -} -LCRYPTO_ALIAS(X509_ATTRIBUTE_create_by_OBJ); - -X509_ATTRIBUTE * -X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, const char *atrname, - int type, const unsigned char *bytes, int len) -{ - ASN1_OBJECT *obj; - X509_ATTRIBUTE *nattr; - - obj = OBJ_txt2obj(atrname, 0); - if (obj == NULL) { - X509error(X509_R_INVALID_FIELD_NAME); - ERR_asprintf_error_data("name=%s", atrname); - return (NULL); - } - nattr = X509_ATTRIBUTE_create_by_OBJ(attr, obj, type, bytes, len); - ASN1_OBJECT_free(obj); - return nattr; -} -LCRYPTO_ALIAS(X509_ATTRIBUTE_create_by_txt); - -int -X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj) -{ - if ((attr == NULL) || (obj == NULL)) - return (0); - ASN1_OBJECT_free(attr->object); - attr->object = OBJ_dup(obj); - return attr->object != NULL; -} -LCRYPTO_ALIAS(X509_ATTRIBUTE_set1_object); - -int -X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, - int len) -{ - ASN1_TYPE *ttmp = NULL; - ASN1_STRING *stmp = NULL; - int atype = 0; - - if (!attr) - return 0; - if (attrtype & MBSTRING_FLAG) { - stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype, - OBJ_obj2nid(attr->object)); - if (!stmp) { - X509error(ERR_R_ASN1_LIB); - return 0; - } - atype = stmp->type; - } else if (len != -1){ - if (!(stmp = ASN1_STRING_type_new(attrtype))) - goto err; - if (!ASN1_STRING_set(stmp, data, len)) - goto err; - atype = attrtype; - } - /* - * This is a bit naughty because the attribute should really have - * at least one value but some types use and zero length SET and - * require this. - */ - if (attrtype == 0) { - ASN1_STRING_free(stmp); - return 1; - } - - if (!(ttmp = ASN1_TYPE_new())) - goto err; - if ((len == -1) && !(attrtype & MBSTRING_FLAG)) { - if (!ASN1_TYPE_set1(ttmp, attrtype, data)) - goto err; - } else - ASN1_TYPE_set(ttmp, atype, stmp); - if (!sk_ASN1_TYPE_push(attr->set, ttmp)) - goto err; - return 1; - -err: - ASN1_TYPE_free(ttmp); - ASN1_STRING_free(stmp); - X509error(ERR_R_MALLOC_FAILURE); - return 0; -} -LCRYPTO_ALIAS(X509_ATTRIBUTE_set1_data); - -int -X509_ATTRIBUTE_count(const X509_ATTRIBUTE *attr) -{ - if (attr == NULL) - return 0; - - return sk_ASN1_TYPE_num(attr->set); -} -LCRYPTO_ALIAS(X509_ATTRIBUTE_count); - -ASN1_OBJECT * -X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr) -{ - if (attr == NULL) - return (NULL); - return (attr->object); -} -LCRYPTO_ALIAS(X509_ATTRIBUTE_get0_object); - -void * -X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, int atrtype, void *data) -{ - ASN1_TYPE *ttmp; - - ttmp = X509_ATTRIBUTE_get0_type(attr, idx); - if (!ttmp) - return NULL; - if (atrtype != ASN1_TYPE_get(ttmp)){ - X509error(X509_R_WRONG_TYPE); - return NULL; - } - return ttmp->value.ptr; -} -LCRYPTO_ALIAS(X509_ATTRIBUTE_get0_data); - -ASN1_TYPE * -X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx) -{ - if (attr == NULL) - return (NULL); - - return sk_ASN1_TYPE_value(attr->set, idx); -} -LCRYPTO_ALIAS(X509_ATTRIBUTE_get0_type); diff --git a/src/lib/libcrypto/x509/x509_bcons.c b/src/lib/libcrypto/x509/x509_bcons.c deleted file mode 100644 index 99cb5afe9a..0000000000 --- a/src/lib/libcrypto/x509/x509_bcons.c +++ /dev/null @@ -1,212 +0,0 @@ -/* $OpenBSD: x509_bcons.c,v 1.6 2024/08/31 10:03:03 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include -#include -#include - -#include "x509_local.h" - -static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, - BASIC_CONSTRAINTS *bcons, STACK_OF(CONF_VALUE) *extlist); -static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values); - -static const X509V3_EXT_METHOD x509v3_ext_basic_constraints = { - .ext_nid = NID_basic_constraints, - .ext_flags = 0, - .it = &BASIC_CONSTRAINTS_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = (X509V3_EXT_I2V)i2v_BASIC_CONSTRAINTS, - .v2i = (X509V3_EXT_V2I)v2i_BASIC_CONSTRAINTS, - .i2r = NULL, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_basic_constraints(void) -{ - return &x509v3_ext_basic_constraints; -} - -static const ASN1_TEMPLATE BASIC_CONSTRAINTS_seq_tt[] = { - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(BASIC_CONSTRAINTS, ca), - .field_name = "ca", - .item = &ASN1_FBOOLEAN_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(BASIC_CONSTRAINTS, pathlen), - .field_name = "pathlen", - .item = &ASN1_INTEGER_it, - }, -}; - -const ASN1_ITEM BASIC_CONSTRAINTS_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = BASIC_CONSTRAINTS_seq_tt, - .tcount = sizeof(BASIC_CONSTRAINTS_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(BASIC_CONSTRAINTS), - .sname = "BASIC_CONSTRAINTS", -}; -LCRYPTO_ALIAS(BASIC_CONSTRAINTS_it); - - -BASIC_CONSTRAINTS * -d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **a, const unsigned char **in, long len) -{ - return (BASIC_CONSTRAINTS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &BASIC_CONSTRAINTS_it); -} -LCRYPTO_ALIAS(d2i_BASIC_CONSTRAINTS); - -int -i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &BASIC_CONSTRAINTS_it); -} -LCRYPTO_ALIAS(i2d_BASIC_CONSTRAINTS); - -BASIC_CONSTRAINTS * -BASIC_CONSTRAINTS_new(void) -{ - return (BASIC_CONSTRAINTS *)ASN1_item_new(&BASIC_CONSTRAINTS_it); -} -LCRYPTO_ALIAS(BASIC_CONSTRAINTS_new); - -void -BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &BASIC_CONSTRAINTS_it); -} -LCRYPTO_ALIAS(BASIC_CONSTRAINTS_free); - - -static STACK_OF(CONF_VALUE) * -i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, BASIC_CONSTRAINTS *bcons, - STACK_OF(CONF_VALUE) *extlist) -{ - STACK_OF(CONF_VALUE) *free_extlist = NULL; - - if (extlist == NULL) { - if ((free_extlist = extlist = sk_CONF_VALUE_new_null()) == NULL) - return NULL; - } - - if (!X509V3_add_value_bool("CA", bcons->ca, &extlist)) - goto err; - if (!X509V3_add_value_int("pathlen", bcons->pathlen, &extlist)) - goto err; - - return extlist; - - err: - sk_CONF_VALUE_pop_free(free_extlist, X509V3_conf_free); - - return NULL; -} - -static BASIC_CONSTRAINTS * -v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - STACK_OF(CONF_VALUE) *values) -{ - BASIC_CONSTRAINTS *bcons = NULL; - CONF_VALUE *val; - int i; - - if (!(bcons = BASIC_CONSTRAINTS_new())) { - X509V3error(ERR_R_MALLOC_FAILURE); - return NULL; - } - for (i = 0; i < sk_CONF_VALUE_num(values); i++) { - val = sk_CONF_VALUE_value(values, i); - if (!strcmp(val->name, "CA")) { - if (!X509V3_get_value_bool(val, &bcons->ca)) - goto err; - } else if (!strcmp(val->name, "pathlen")) { - if (!X509V3_get_value_int(val, &bcons->pathlen)) - goto err; - } else { - X509V3error(X509V3_R_INVALID_NAME); - X509V3_conf_err(val); - goto err; - } - } - return bcons; - -err: - BASIC_CONSTRAINTS_free(bcons); - return NULL; -} diff --git a/src/lib/libcrypto/x509/x509_bitst.c b/src/lib/libcrypto/x509/x509_bitst.c deleted file mode 100644 index 2bc4f9911a..0000000000 --- a/src/lib/libcrypto/x509/x509_bitst.c +++ /dev/null @@ -1,240 +0,0 @@ -/* $OpenBSD: x509_bitst.c,v 1.8 2024/08/31 10:23:13 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include - -#include "x509_local.h" - -static const BIT_STRING_BITNAME ns_cert_type_table[] = { - {0, "SSL Client", "client"}, - {1, "SSL Server", "server"}, - {2, "S/MIME", "email"}, - {3, "Object Signing", "objsign"}, - {4, "Unused", "reserved"}, - {5, "SSL CA", "sslCA"}, - {6, "S/MIME CA", "emailCA"}, - {7, "Object Signing CA", "objCA"}, - {-1, NULL, NULL} -}; - -static const BIT_STRING_BITNAME key_usage_type_table[] = { - {0, "Digital Signature", "digitalSignature"}, - {1, "Non Repudiation", "nonRepudiation"}, - {2, "Key Encipherment", "keyEncipherment"}, - {3, "Data Encipherment", "dataEncipherment"}, - {4, "Key Agreement", "keyAgreement"}, - {5, "Certificate Sign", "keyCertSign"}, - {6, "CRL Sign", "cRLSign"}, - {7, "Encipher Only", "encipherOnly"}, - {8, "Decipher Only", "decipherOnly"}, - {-1, NULL, NULL} -}; - -static const BIT_STRING_BITNAME crl_reasons[] = { - {CRL_REASON_UNSPECIFIED, "Unspecified", "unspecified"}, - {CRL_REASON_KEY_COMPROMISE, "Key Compromise", "keyCompromise"}, - {CRL_REASON_CA_COMPROMISE, "CA Compromise", "CACompromise"}, - {CRL_REASON_AFFILIATION_CHANGED, "Affiliation Changed", "affiliationChanged"}, - {CRL_REASON_SUPERSEDED, "Superseded", "superseded"}, - {CRL_REASON_CESSATION_OF_OPERATION, "Cessation Of Operation", "cessationOfOperation"}, - {CRL_REASON_CERTIFICATE_HOLD, "Certificate Hold", "certificateHold"}, - {CRL_REASON_REMOVE_FROM_CRL, "Remove From CRL", "removeFromCRL"}, - {CRL_REASON_PRIVILEGE_WITHDRAWN, "Privilege Withdrawn", "privilegeWithdrawn"}, - {CRL_REASON_AA_COMPROMISE, "AA Compromise", "AACompromise"}, - {-1, NULL, NULL} -}; - -static const X509V3_EXT_METHOD x509v3_ext_netscape_cert_type = { - .ext_nid = NID_netscape_cert_type, - .ext_flags = 0, - .it = &ASN1_BIT_STRING_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, - .v2i = (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, - .i2r = NULL, - .r2i = NULL, - .usr_data = ns_cert_type_table, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_netscape_cert_type(void) -{ - return &x509v3_ext_netscape_cert_type; -} - -static const X509V3_EXT_METHOD x509v3_ext_key_usage = { - .ext_nid = NID_key_usage, - .ext_flags = 0, - .it = &ASN1_BIT_STRING_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, - .v2i = (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, - .i2r = NULL, - .r2i = NULL, - .usr_data = key_usage_type_table, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_key_usage(void) -{ - return &x509v3_ext_key_usage; -} - -static const X509V3_EXT_METHOD x509v3_ext_crl_reason = { - .ext_nid = NID_crl_reason, - .ext_flags = 0, - .it = &ASN1_ENUMERATED_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = (X509V3_EXT_I2S)i2s_ASN1_ENUMERATED_TABLE, - .s2i = NULL, - .i2v = NULL, - .v2i = NULL, - .i2r = NULL, - .r2i = NULL, - .usr_data = crl_reasons, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_crl_reason(void) -{ - return &x509v3_ext_crl_reason; -} - -STACK_OF(CONF_VALUE) * -i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, ASN1_BIT_STRING *bits, - STACK_OF(CONF_VALUE) *ret) -{ - const BIT_STRING_BITNAME *bnam; - STACK_OF(CONF_VALUE) *free_ret = NULL; - - if (ret == NULL) { - if ((free_ret = ret = sk_CONF_VALUE_new_null()) == NULL) - return NULL; - } - - for (bnam = method->usr_data; bnam->lname != NULL; bnam++) { - if (!ASN1_BIT_STRING_get_bit(bits, bnam->bitnum)) - continue; - if (!X509V3_add_value(bnam->lname, NULL, &ret)) - goto err; - } - - return ret; - - err: - sk_CONF_VALUE_pop_free(free_ret, X509V3_conf_free); - - return NULL; -} -LCRYPTO_ALIAS(i2v_ASN1_BIT_STRING); - -ASN1_BIT_STRING * -v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - STACK_OF(CONF_VALUE) *nval) -{ - CONF_VALUE *val; - ASN1_BIT_STRING *bs; - int i; - const BIT_STRING_BITNAME *bnam; - - if (!(bs = ASN1_BIT_STRING_new())) { - X509V3error(ERR_R_MALLOC_FAILURE); - return NULL; - } - for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { - val = sk_CONF_VALUE_value(nval, i); - for (bnam = method->usr_data; bnam->lname; bnam++) { - if (!strcmp(bnam->sname, val->name) || - !strcmp(bnam->lname, val->name) ) { - if (!ASN1_BIT_STRING_set_bit(bs, - bnam->bitnum, 1)) { - X509V3error(ERR_R_MALLOC_FAILURE); - ASN1_BIT_STRING_free(bs); - return NULL; - } - break; - } - } - if (!bnam->lname) { - X509V3error(X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT); - X509V3_conf_err(val); - ASN1_BIT_STRING_free(bs); - return NULL; - } - } - return bs; -} -LCRYPTO_ALIAS(v2i_ASN1_BIT_STRING); diff --git a/src/lib/libcrypto/x509/x509_cmp.c b/src/lib/libcrypto/x509/x509_cmp.c deleted file mode 100644 index 2c1e427093..0000000000 --- a/src/lib/libcrypto/x509/x509_cmp.c +++ /dev/null @@ -1,429 +0,0 @@ -/* $OpenBSD: x509_cmp.c,v 1.44 2024/03/25 03:41:16 joshua Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include - -#include -#include -#include -#include -#include - -#include "evp_local.h" -#include "x509_local.h" - -int -X509_issuer_and_serial_cmp(const X509 *a, const X509 *b) -{ - int i; - X509_CINF *ai, *bi; - - ai = a->cert_info; - bi = b->cert_info; - i = ASN1_INTEGER_cmp(ai->serialNumber, bi->serialNumber); - if (i) - return (i); - return (X509_NAME_cmp(ai->issuer, bi->issuer)); -} -LCRYPTO_ALIAS(X509_issuer_and_serial_cmp); - -#ifndef OPENSSL_NO_MD5 -unsigned long -X509_issuer_and_serial_hash(X509 *a) -{ - unsigned long ret = 0; - EVP_MD_CTX *md_ctx; - unsigned char md[16]; - char *f = NULL; - - if ((md_ctx = EVP_MD_CTX_new()) == NULL) - goto err; - - if ((f = X509_NAME_oneline(a->cert_info->issuer, NULL, 0)) == NULL) - goto err; - if (!EVP_DigestInit_ex(md_ctx, EVP_md5(), NULL)) - goto err; - if (!EVP_DigestUpdate(md_ctx, (unsigned char *)f, strlen(f))) - goto err; - if (!EVP_DigestUpdate(md_ctx, - (unsigned char *)a->cert_info->serialNumber->data, - (unsigned long)a->cert_info->serialNumber->length)) - goto err; - if (!EVP_DigestFinal_ex(md_ctx, &(md[0]), NULL)) - goto err; - - ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) | - ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)) & - 0xffffffffL; - -err: - EVP_MD_CTX_free(md_ctx); - free(f); - - return ret; -} -LCRYPTO_ALIAS(X509_issuer_and_serial_hash); -#endif - -int -X509_issuer_name_cmp(const X509 *a, const X509 *b) -{ - return (X509_NAME_cmp(a->cert_info->issuer, b->cert_info->issuer)); -} -LCRYPTO_ALIAS(X509_issuer_name_cmp); - -int -X509_subject_name_cmp(const X509 *a, const X509 *b) -{ - return (X509_NAME_cmp(a->cert_info->subject, b->cert_info->subject)); -} -LCRYPTO_ALIAS(X509_subject_name_cmp); - -int -X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b) -{ - return (X509_NAME_cmp(a->crl->issuer, b->crl->issuer)); -} -LCRYPTO_ALIAS(X509_CRL_cmp); - -#ifndef OPENSSL_NO_SHA -int -X509_CRL_match(const X509_CRL *a, const X509_CRL *b) -{ - return memcmp(a->hash, b->hash, X509_CRL_HASH_LEN); -} -LCRYPTO_ALIAS(X509_CRL_match); -#endif - -X509_NAME * -X509_get_issuer_name(const X509 *a) -{ - return (a->cert_info->issuer); -} -LCRYPTO_ALIAS(X509_get_issuer_name); - -unsigned long -X509_issuer_name_hash(X509 *x) -{ - return (X509_NAME_hash(x->cert_info->issuer)); -} -LCRYPTO_ALIAS(X509_issuer_name_hash); - -#ifndef OPENSSL_NO_MD5 -unsigned long -X509_issuer_name_hash_old(X509 *x) -{ - return (X509_NAME_hash_old(x->cert_info->issuer)); -} -LCRYPTO_ALIAS(X509_issuer_name_hash_old); -#endif - -X509_NAME * -X509_get_subject_name(const X509 *a) -{ - return (a->cert_info->subject); -} -LCRYPTO_ALIAS(X509_get_subject_name); - -ASN1_INTEGER * -X509_get_serialNumber(X509 *a) -{ - return (a->cert_info->serialNumber); -} -LCRYPTO_ALIAS(X509_get_serialNumber); - -const ASN1_INTEGER * -X509_get0_serialNumber(const X509 *a) -{ - return (a->cert_info->serialNumber); -} -LCRYPTO_ALIAS(X509_get0_serialNumber); - -unsigned long -X509_subject_name_hash(X509 *x) -{ - return (X509_NAME_hash(x->cert_info->subject)); -} -LCRYPTO_ALIAS(X509_subject_name_hash); - -#ifndef OPENSSL_NO_MD5 -unsigned long -X509_subject_name_hash_old(X509 *x) -{ - return (X509_NAME_hash_old(x->cert_info->subject)); -} -LCRYPTO_ALIAS(X509_subject_name_hash_old); -#endif - -#ifndef OPENSSL_NO_SHA -/* Compare two certificates: they must be identical for - * this to work. NB: Although "cmp" operations are generally - * prototyped to take "const" arguments (eg. for use in - * STACKs), the way X509 handling is - these operations may - * involve ensuring the hashes are up-to-date and ensuring - * certain cert information is cached. So this is the point - * where the "depth-first" constification tree has to halt - * with an evil cast. - */ -int -X509_cmp(const X509 *a, const X509 *b) -{ - /* ensure hash is valid */ - X509_check_purpose((X509 *)a, -1, 0); - X509_check_purpose((X509 *)b, -1, 0); - - return memcmp(a->hash, b->hash, X509_CERT_HASH_LEN); -} -LCRYPTO_ALIAS(X509_cmp); -#endif - -int -X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b) -{ - int ret; - - /* Ensure canonical encoding is present and up to date */ - if (!a->canon_enc || a->modified) { - ret = i2d_X509_NAME((X509_NAME *)a, NULL); - if (ret < 0) - return -2; - } - if (!b->canon_enc || b->modified) { - ret = i2d_X509_NAME((X509_NAME *)b, NULL); - if (ret < 0) - return -2; - } - ret = a->canon_enclen - b->canon_enclen; - if (ret) - return ret; - return memcmp(a->canon_enc, b->canon_enc, a->canon_enclen); -} -LCRYPTO_ALIAS(X509_NAME_cmp); - -unsigned long -X509_NAME_hash(X509_NAME *x) -{ - unsigned long ret = 0; - unsigned char md[SHA_DIGEST_LENGTH]; - - /* Make sure X509_NAME structure contains valid cached encoding */ - i2d_X509_NAME(x, NULL); - if (!EVP_Digest(x->canon_enc, x->canon_enclen, md, NULL, EVP_sha1(), - NULL)) - return 0; - - ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) | - ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)) & - 0xffffffffL; - return (ret); -} -LCRYPTO_ALIAS(X509_NAME_hash); - - -#ifndef OPENSSL_NO_MD5 -/* I now DER encode the name and hash it. Since I cache the DER encoding, - * this is reasonably efficient. */ - -unsigned long -X509_NAME_hash_old(X509_NAME *x) -{ - EVP_MD_CTX *md_ctx; - unsigned long ret = 0; - unsigned char md[16]; - - if ((md_ctx = EVP_MD_CTX_new()) == NULL) - return ret; - - /* Make sure X509_NAME structure contains valid cached encoding */ - i2d_X509_NAME(x, NULL); - if (EVP_DigestInit_ex(md_ctx, EVP_md5(), NULL) && - EVP_DigestUpdate(md_ctx, x->bytes->data, x->bytes->length) && - EVP_DigestFinal_ex(md_ctx, md, NULL)) - ret = (((unsigned long)md[0]) | - ((unsigned long)md[1] << 8L) | - ((unsigned long)md[2] << 16L) | - ((unsigned long)md[3] << 24L)) & - 0xffffffffL; - - EVP_MD_CTX_free(md_ctx); - - return ret; -} -LCRYPTO_ALIAS(X509_NAME_hash_old); -#endif - -/* Search a stack of X509 for a match */ -X509 * -X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name, - ASN1_INTEGER *serial) -{ - int i; - X509_CINF cinf; - X509 x, *x509 = NULL; - - if (!sk) - return NULL; - - x.cert_info = &cinf; - cinf.serialNumber = serial; - cinf.issuer = name; - - for (i = 0; i < sk_X509_num(sk); i++) { - x509 = sk_X509_value(sk, i); - if (X509_issuer_and_serial_cmp(x509, &x) == 0) - return (x509); - } - return (NULL); -} -LCRYPTO_ALIAS(X509_find_by_issuer_and_serial); - -X509 * -X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name) -{ - X509 *x509; - int i; - - for (i = 0; i < sk_X509_num(sk); i++) { - x509 = sk_X509_value(sk, i); - if (X509_NAME_cmp(X509_get_subject_name(x509), name) == 0) - return (x509); - } - return (NULL); -} -LCRYPTO_ALIAS(X509_find_by_subject); - -EVP_PKEY * -X509_get_pubkey(X509 *x) -{ - if (x == NULL || x->cert_info == NULL) - return (NULL); - return (X509_PUBKEY_get(x->cert_info->key)); -} -LCRYPTO_ALIAS(X509_get_pubkey); - -EVP_PKEY * -X509_get0_pubkey(const X509 *x) -{ - if (x == NULL || x->cert_info == NULL) - return (NULL); - return (X509_PUBKEY_get0(x->cert_info->key)); -} -LCRYPTO_ALIAS(X509_get0_pubkey); - -ASN1_BIT_STRING * -X509_get0_pubkey_bitstr(const X509 *x) -{ - if (!x) - return NULL; - return x->cert_info->key->public_key; -} -LCRYPTO_ALIAS(X509_get0_pubkey_bitstr); - -int -X509_check_private_key(const X509 *x, const EVP_PKEY *k) -{ - const EVP_PKEY *xk; - int ret; - - xk = X509_get0_pubkey(x); - - if (xk) - ret = EVP_PKEY_cmp(xk, k); - else - ret = -2; - - switch (ret) { - case 1: - break; - case 0: - X509error(X509_R_KEY_VALUES_MISMATCH); - break; - case -1: - X509error(X509_R_KEY_TYPE_MISMATCH); - break; - case -2: - X509error(X509_R_UNKNOWN_KEY_TYPE); - } - if (ret > 0) - return 1; - return 0; -} -LCRYPTO_ALIAS(X509_check_private_key); - -/* - * Not strictly speaking an "up_ref" as a STACK doesn't have a reference - * count but it has the same effect by duping the STACK and upping the ref of - * each X509 structure. - */ -STACK_OF(X509) * -X509_chain_up_ref(STACK_OF(X509) *chain) -{ - STACK_OF(X509) *ret; - size_t i; - - ret = sk_X509_dup(chain); - for (i = 0; i < sk_X509_num(ret); i++) - X509_up_ref(sk_X509_value(ret, i)); - - return ret; -} -LCRYPTO_ALIAS(X509_chain_up_ref); diff --git a/src/lib/libcrypto/x509/x509_conf.c b/src/lib/libcrypto/x509/x509_conf.c deleted file mode 100644 index e5b18c2f77..0000000000 --- a/src/lib/libcrypto/x509/x509_conf.c +++ /dev/null @@ -1,456 +0,0 @@ -/* $OpenBSD: x509_conf.c,v 1.29 2025/03/06 07:20:01 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* extension creation utilities */ - -#include -#include -#include - -#include -#include -#include -#include - -#include "conf_local.h" -#include "x509_local.h" - -static int v3_check_critical(const char **value); -static int v3_check_generic(const char **value); -static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int nid, - int crit, const char *value); -static X509_EXTENSION *v3_generic_extension(const char *ext, const char *value, - int crit, int type, X509V3_CTX *ctx); -static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method, int nid, - int crit, void *ext_struct); -static unsigned char *generic_asn1(const char *value, X509V3_CTX *ctx, - long *ext_len); - -X509_EXTENSION * -X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, const char *name, - const char *value) -{ - int crit; - int ext_type; - X509_EXTENSION *ret; - - crit = v3_check_critical(&value); - if ((ext_type = v3_check_generic(&value))) - return v3_generic_extension(name, value, crit, ext_type, ctx); - ret = do_ext_nconf(conf, ctx, OBJ_sn2nid(name), crit, value); - if (!ret) { - X509V3error(X509V3_R_ERROR_IN_EXTENSION); - ERR_asprintf_error_data("name=%s, value=%s", name, value); - } - return ret; -} -LCRYPTO_ALIAS(X509V3_EXT_nconf); - -X509_EXTENSION * -X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int nid, const char *value) -{ - int crit; - int ext_type; - - crit = v3_check_critical(&value); - if ((ext_type = v3_check_generic(&value))) - return v3_generic_extension(OBJ_nid2sn(nid), - value, crit, ext_type, ctx); - return do_ext_nconf(conf, ctx, nid, crit, value); -} -LCRYPTO_ALIAS(X509V3_EXT_nconf_nid); - -static X509_EXTENSION * -do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int nid, int crit, const char *value) -{ - const X509V3_EXT_METHOD *method; - X509_EXTENSION *ext; - void *ext_struct; - - if (nid == NID_undef) { - X509V3error(X509V3_R_UNKNOWN_EXTENSION_NAME); - return NULL; - } - if (!(method = X509V3_EXT_get_nid(nid))) { - X509V3error(X509V3_R_UNKNOWN_EXTENSION); - return NULL; - } - /* Now get internal extension representation based on type */ - if (method->v2i) { - STACK_OF(CONF_VALUE) *nval; - - if (*value == '@') - nval = NCONF_get_section(conf, value + 1); - else - nval = X509V3_parse_list(value); - if (sk_CONF_VALUE_num(nval) <= 0) { - X509V3error(X509V3_R_INVALID_EXTENSION_STRING); - ERR_asprintf_error_data("name=%s,section=%s", - OBJ_nid2sn(nid), value); - if (*value != '@') - sk_CONF_VALUE_pop_free(nval, X509V3_conf_free); - return NULL; - } - ext_struct = method->v2i(method, ctx, nval); - if (*value != '@') - sk_CONF_VALUE_pop_free(nval, X509V3_conf_free); - } else if (method->s2i) { - ext_struct = method->s2i(method, ctx, value); - } else if (method->r2i) { - if (ctx->db == NULL) { - X509V3error(X509V3_R_NO_CONFIG_DATABASE); - return NULL; - } - ext_struct = method->r2i(method, ctx, value); - } else { - X509V3error(X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED); - ERR_asprintf_error_data("name=%s", OBJ_nid2sn(nid)); - return NULL; - } - if (ext_struct == NULL) - return NULL; - - ext = do_ext_i2d(method, nid, crit, ext_struct); - if (method->it) - ASN1_item_free(ext_struct, method->it); - else - method->ext_free(ext_struct); - return ext; -} - -static X509_EXTENSION * -do_ext_i2d(const X509V3_EXT_METHOD *method, int nid, int crit, - void *ext_struct) -{ - unsigned char *ext_der = NULL; - int ext_len; - ASN1_OCTET_STRING *ext_oct = NULL; - X509_EXTENSION *ext; - - /* Convert internal representation to DER */ - if (method->it != NULL) { - ext_der = NULL; - ext_len = ASN1_item_i2d(ext_struct, &ext_der, method->it); - if (ext_len < 0) - goto err; - } else { - unsigned char *p; - - if ((ext_len = method->i2d(ext_struct, NULL)) <= 0) - goto err; - if ((ext_der = calloc(1, ext_len)) == NULL) - goto err; - p = ext_der; - if (method->i2d(ext_struct, &p) != ext_len) - goto err; - } - if ((ext_oct = ASN1_OCTET_STRING_new()) == NULL) - goto err; - ASN1_STRING_set0(ext_oct, ext_der, ext_len); - ext_der = NULL; - ext_len = 0; - - ext = X509_EXTENSION_create_by_NID(NULL, nid, crit, ext_oct); - if (ext == NULL) - goto err; - ASN1_OCTET_STRING_free(ext_oct); - - return ext; - - err: - free(ext_der); - ASN1_OCTET_STRING_free(ext_oct); - X509V3error(ERR_R_MALLOC_FAILURE); - - return NULL; -} - -/* Given an internal structure, nid and critical flag create an extension */ -X509_EXTENSION * -X509V3_EXT_i2d(int nid, int crit, void *ext_struct) -{ - const X509V3_EXT_METHOD *method; - - if (!(method = X509V3_EXT_get_nid(nid))) { - X509V3error(X509V3_R_UNKNOWN_EXTENSION); - return NULL; - } - return do_ext_i2d(method, nid, crit, ext_struct); -} -LCRYPTO_ALIAS(X509V3_EXT_i2d); - -/* Check the extension string for critical flag */ -static int -v3_check_critical(const char **value) -{ - const char *p = *value; - - if ((strlen(p) < 9) || strncmp(p, "critical,", 9)) - return 0; - p += 9; - while (isspace((unsigned char)*p)) p++; - *value = p; - return 1; -} - -/* Check extension string for generic extension and return the type */ -static int -v3_check_generic(const char **value) -{ - int gen_type = 0; - const char *p = *value; - - if ((strlen(p) >= 4) && !strncmp(p, "DER:", 4)) { - p += 4; - gen_type = 1; - } else if ((strlen(p) >= 5) && !strncmp(p, "ASN1:", 5)) { - p += 5; - gen_type = 2; - } else - return 0; - - while (isspace((unsigned char)*p)) - p++; - *value = p; - return gen_type; -} - -/* Create a generic extension: for now just handle DER type */ -static X509_EXTENSION * -v3_generic_extension(const char *name, const char *value, int crit, int gen_type, - X509V3_CTX *ctx) -{ - unsigned char *ext_der = NULL; - long ext_len = 0; - ASN1_OBJECT *obj = NULL; - ASN1_OCTET_STRING *oct = NULL; - X509_EXTENSION *ext = NULL; - - if ((obj = OBJ_txt2obj(name, 0)) == NULL) { - X509V3error(X509V3_R_EXTENSION_NAME_ERROR); - ERR_asprintf_error_data("name=%s", name); - goto err; - } - - if (gen_type == 1) - ext_der = string_to_hex(value, &ext_len); - else if (gen_type == 2) - ext_der = generic_asn1(value, ctx, &ext_len); - else { - ERR_asprintf_error_data("Unexpected generic extension type %d", gen_type); - goto err; - } - - if (ext_der == NULL) { - X509V3error(X509V3_R_EXTENSION_VALUE_ERROR); - ERR_asprintf_error_data("value=%s", value); - goto err; - } - - if ((oct = ASN1_OCTET_STRING_new()) == NULL) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - - ASN1_STRING_set0(oct, ext_der, ext_len); - ext_der = NULL; - ext_len = 0; - - ext = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct); - - err: - ASN1_OBJECT_free(obj); - ASN1_OCTET_STRING_free(oct); - free(ext_der); - - return ext; -} - -static unsigned char * -generic_asn1(const char *value, X509V3_CTX *ctx, long *ext_len) -{ - ASN1_TYPE *typ; - unsigned char *ext_der = NULL; - - typ = ASN1_generate_v3(value, ctx); - if (typ == NULL) - return NULL; - *ext_len = i2d_ASN1_TYPE(typ, &ext_der); - ASN1_TYPE_free(typ); - return ext_der; -} - -/* - * This is the main function: add a bunch of extensions based on a config file - * section to an extension STACK. - */ - -int -X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, const char *section, - STACK_OF(X509_EXTENSION) **sk) -{ - X509_EXTENSION *ext; - STACK_OF(CONF_VALUE) *nval; - CONF_VALUE *val; - int i; - - if (!(nval = NCONF_get_section(conf, section))) - return 0; - for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { - val = sk_CONF_VALUE_value(nval, i); - if (!(ext = X509V3_EXT_nconf(conf, ctx, val->name, val->value))) - return 0; - if (sk) - X509v3_add_ext(sk, ext, -1); - X509_EXTENSION_free(ext); - } - return 1; -} -LCRYPTO_ALIAS(X509V3_EXT_add_nconf_sk); - -int -X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, const char *section, - X509 *cert) -{ - STACK_OF(X509_EXTENSION) **sk = NULL; - - if (cert) - sk = &cert->cert_info->extensions; - return X509V3_EXT_add_nconf_sk(conf, ctx, section, sk); -} -LCRYPTO_ALIAS(X509V3_EXT_add_nconf); - -int -X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, const char *section, - X509_CRL *crl) -{ - STACK_OF(X509_EXTENSION) **sk = NULL; - - if (crl) - sk = &crl->crl->extensions; - return X509V3_EXT_add_nconf_sk(conf, ctx, section, sk); -} -LCRYPTO_ALIAS(X509V3_EXT_CRL_add_nconf); - -int -X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, const char *section, - X509_REQ *req) -{ - STACK_OF(X509_EXTENSION) *extlist = NULL, **sk = NULL; - int i; - - if (req) - sk = &extlist; - i = X509V3_EXT_add_nconf_sk(conf, ctx, section, sk); - if (!i || !sk) - return i; - i = X509_REQ_add_extensions(req, extlist); - sk_X509_EXTENSION_pop_free(extlist, X509_EXTENSION_free); - return i; -} -LCRYPTO_ALIAS(X509V3_EXT_REQ_add_nconf); - -STACK_OF(CONF_VALUE) * -X509V3_get0_section(X509V3_CTX *ctx, const char *section) -{ - if (ctx->db == NULL) { - X509V3error(X509V3_R_OPERATION_NOT_DEFINED); - return NULL; - } - return NCONF_get_section(ctx->db, section); -} - -void -X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf) -{ - ctx->db = conf; -} -LCRYPTO_ALIAS(X509V3_set_nconf); - -void -X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subj, X509_REQ *req, - X509_CRL *crl, int flags) -{ - ctx->issuer_cert = issuer; - ctx->subject_cert = subj; - ctx->crl = crl; - ctx->subject_req = req; - ctx->flags = flags; -} -LCRYPTO_ALIAS(X509V3_set_ctx); - -X509_EXTENSION * -X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, const char *name, - const char *value) -{ - CONF ctmp; - - CONF_set_nconf(&ctmp, conf); - return X509V3_EXT_nconf(&ctmp, ctx, name, value); -} -LCRYPTO_ALIAS(X509V3_EXT_conf); - -X509_EXTENSION * -X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, int nid, - const char *value) -{ - CONF ctmp; - - CONF_set_nconf(&ctmp, conf); - return X509V3_EXT_nconf_nid(&ctmp, ctx, nid, value); -} -LCRYPTO_ALIAS(X509V3_EXT_conf_nid); diff --git a/src/lib/libcrypto/x509/x509_constraints.c b/src/lib/libcrypto/x509/x509_constraints.c deleted file mode 100644 index 0773d2ba71..0000000000 --- a/src/lib/libcrypto/x509/x509_constraints.c +++ /dev/null @@ -1,1294 +0,0 @@ -/* $OpenBSD: x509_constraints.c,v 1.32 2023/09/29 15:53:59 beck Exp $ */ -/* - * Copyright (c) 2020 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include -#include -#include -#include -#include - -#include -#include - -#include -#include -#include - -#include "bytestring.h" -#include "x509_internal.h" - -/* RFC 2821 section 4.5.3.1 */ -#define LOCAL_PART_MAX_LEN (size_t)64 -#define DOMAIN_PART_MAX_LEN (size_t)255 -#define MAX_IP_ADDRESS_LENGTH (size_t)46 - -static int -cbs_is_ip_address(CBS *cbs, int *is_ip) -{ - struct sockaddr_in6 sin6; - struct sockaddr_in sin4; - char *name = NULL; - - *is_ip = 0; - if (CBS_len(cbs) > MAX_IP_ADDRESS_LENGTH) - return 1; - if (!CBS_strdup(cbs, &name)) - return 0; - if (inet_pton(AF_INET, name, &sin4) == 1 || - inet_pton(AF_INET6, name, &sin6) == 1) - *is_ip = 1; - - free(name); - return 1; -} - -struct x509_constraints_name * -x509_constraints_name_new(void) -{ - return (calloc(1, sizeof(struct x509_constraints_name))); -} - -void -x509_constraints_name_clear(struct x509_constraints_name *name) -{ - free(name->name); - free(name->local); - free(name->der); - memset(name, 0, sizeof(*name)); -} - -void -x509_constraints_name_free(struct x509_constraints_name *name) -{ - if (name == NULL) - return; - x509_constraints_name_clear(name); - free(name); -} - -struct x509_constraints_name * -x509_constraints_name_dup(struct x509_constraints_name *name) -{ - struct x509_constraints_name *new; - - if ((new = x509_constraints_name_new()) == NULL) - goto err; - new->type = name->type; - new->af = name->af; - new->der_len = name->der_len; - if (name->der_len > 0) { - if ((new->der = malloc(name->der_len)) == NULL) - goto err; - memcpy(new->der, name->der, name->der_len); - } - if (name->name != NULL && (new->name = strdup(name->name)) == NULL) - goto err; - if (name->local != NULL && (new->local = strdup(name->local)) == NULL) - goto err; - memcpy(new->address, name->address, sizeof(name->address)); - return new; - err: - x509_constraints_name_free(new); - return NULL; -} - -struct x509_constraints_names * -x509_constraints_names_new(size_t names_max) -{ - struct x509_constraints_names *new; - - if ((new = calloc(1, sizeof(struct x509_constraints_names))) == NULL) - return NULL; - - new->names_max = names_max; - - return new; -} - -void -x509_constraints_names_clear(struct x509_constraints_names *names) -{ - size_t i; - - for (i = 0; i < names->names_count; i++) - x509_constraints_name_free(names->names[i]); - free(names->names); - memset(names, 0, sizeof(*names)); -} - -void -x509_constraints_names_free(struct x509_constraints_names *names) -{ - if (names == NULL) - return; - - x509_constraints_names_clear(names); - free(names); -} - -int -x509_constraints_names_add(struct x509_constraints_names *names, - struct x509_constraints_name *name) -{ - if (names->names_count >= names->names_max) - return 0; - if (names->names_count == names->names_len) { - struct x509_constraints_name **tmp; - if ((tmp = recallocarray(names->names, names->names_len, - names->names_len + 32, sizeof(*tmp))) == NULL) - return 0; - names->names_len += 32; - names->names = tmp; - } - names->names[names->names_count] = name; - names->names_count++; - return 1; -} - -struct x509_constraints_names * -x509_constraints_names_dup(struct x509_constraints_names *names) -{ - struct x509_constraints_names *new = NULL; - struct x509_constraints_name *name = NULL; - size_t i; - - if (names == NULL) - return NULL; - - if ((new = x509_constraints_names_new(names->names_max)) == NULL) - goto err; - - for (i = 0; i < names->names_count; i++) { - if ((name = x509_constraints_name_dup(names->names[i])) == NULL) - goto err; - if (!x509_constraints_names_add(new, name)) - goto err; - } - - return new; - err: - x509_constraints_names_free(new); - x509_constraints_name_free(name); - return NULL; -} - -/* - * Validate that the name contains only a hostname consisting of RFC - * 5890 compliant A-labels (see RFC 6066 section 3). This is more - * permissive to allow for a leading '.' for a subdomain based - * constraint, as well as allowing for '_' which is commonly accepted - * by nonconformant DNS implementations. - * - * if "wildcards" is set it allows '*' to occur in the string at the end of a - * component. - */ -static int -x509_constraints_valid_domain_internal(CBS *cbs, int wildcards) -{ - int first, component = 0; - uint8_t prev, c = 0; - size_t i, len; - CBS copy; - - CBS_dup(cbs, ©); - - len = CBS_len(cbs); - - if (len > DOMAIN_PART_MAX_LEN) - return 0; - for (i = 0; i < len; i++) { - prev = c; - if (!CBS_get_u8(©, &c)) - return 0; - - first = (i == 0); - - /* Everything has to be ASCII, with no NUL byte */ - if (!isascii(c) || c == '\0') - return 0; - /* It must be alphanumeric, a '-', '.', '_' or '*' */ - if (!isalnum(c) && c != '-' && c != '.' && c != '_' && c != '*') - return 0; - - /* if it is a '*', fail if not wildcards */ - if (!wildcards && c == '*') - return 0; - - /* '-' must not start a component or be at the end. */ - if (c == '-' && (component == 0 || i == len - 1)) - return 0; - - /* - * '.' must not be at the end. It may be first overall - * but must not otherwise start a component. - */ - if (c == '.' && ((component == 0 && !first) || i == len - 1)) - return 0; - - if (c == '.') { - /* Components can not end with a dash. */ - if (prev == '-') - return 0; - /* Start new component */ - component = 0; - continue; - } - /* - * Wildcards can only occur at the end of a component. - * c*.com is valid, c*c.com is not. - */ - if (prev == '*') - return 0; - - /* Components must be 63 chars or less. */ - if (++component > 63) - return 0; - } - - return 1; -} - -int -x509_constraints_valid_host(CBS *cbs, int permit_ip) -{ - uint8_t first; - int is_ip; - - if (!CBS_peek_u8(cbs, &first)) - return 0; - if (first == '.') - return 0; /* leading . not allowed in a host name or IP */ - if (!permit_ip) { - if (!cbs_is_ip_address(cbs, &is_ip)) - return 0; - if (is_ip) - return 0; - } - - return x509_constraints_valid_domain_internal(cbs, 0); -} - -int -x509_constraints_valid_sandns(CBS *cbs) -{ - uint8_t first; - - if (!CBS_peek_u8(cbs, &first)) - return 0; - if (first == '.') - return 0; /* leading . not allowed in a SAN DNS name */ - /* - * A domain may not be less than two characters, so you - * can't wildcard a single domain of less than that - */ - if (CBS_len(cbs) < 4 && first == '*') - return 0; - - return x509_constraints_valid_domain_internal(cbs, 1); -} - -static inline int -local_part_ok(char c) -{ - return (('0' <= c && c <= '9') || ('a' <= c && c <= 'z') || - ('A' <= c && c <= 'Z') || c == '!' || c == '#' || c == '$' || - c == '%' || c == '&' || c == '\'' || c == '*' || c == '+' || - c == '-' || c == '/' || c == '=' || c == '?' || c == '^' || - c == '_' || c == '`' || c == '{' || c == '|' || c == '}' || - c == '~' || c == '.'); -} - -/* - * Parse "candidate" as an RFC 2821 mailbox. - * Returns 0 if candidate is not a valid mailbox or if an error occurs. - * Returns 1 if candidate is a mailbox and adds newly allocated - * local and domain parts of the mailbox to "name->local" and name->name" - */ -int -x509_constraints_parse_mailbox(CBS *candidate, - struct x509_constraints_name *name) -{ - char working[DOMAIN_PART_MAX_LEN + 1] = { 0 }; - char *candidate_local = NULL; - char *candidate_domain = NULL; - CBS domain_cbs; - size_t i, len, wi = 0; - int accept = 0; - int quoted = 0; - CBS copy; - - /* XXX This should not be necessary - revisit and remove */ - if (candidate == NULL) - return 0; - - CBS_dup(candidate, ©); - - if ((len = CBS_len(©)) == 0) - return 0; - - /* It can't be bigger than the local part, domain part and the '@' */ - if (len > LOCAL_PART_MAX_LEN + DOMAIN_PART_MAX_LEN + 1) - return 0; - - for (i = 0; i < len; i++) { - char c; - if (!CBS_get_u8(©, &c)) - goto bad; - /* non ascii, cr, lf, or nul is never allowed */ - if (!isascii(c) || c == '\r' || c == '\n' || c == '\0') - goto bad; - if (i == 0) { - /* local part is quoted part */ - if (c == '"') - quoted = 1; - /* can not start with a . */ - if (c == '.') - goto bad; - } - if (accept) { - if (wi >= DOMAIN_PART_MAX_LEN) - goto bad; - working[wi++] = c; - accept = 0; - continue; - } - if (candidate_local != NULL) { - /* We are looking for the domain part */ - if (wi >= DOMAIN_PART_MAX_LEN) - goto bad; - working[wi++] = c; - if (i == len - 1) { - if (wi == 0) - goto bad; - if (candidate_domain != NULL) - goto bad; - candidate_domain = strdup(working); - if (candidate_domain == NULL) - goto bad; - } - continue; - } - /* We are looking for the local part */ - if (wi >= LOCAL_PART_MAX_LEN) - break; - - if (quoted) { - if (c == '\\') { - accept = 1; - continue; - } - if (c == '"' && i != 0) { - uint8_t next; - /* end the quoted part. @ must be next */ - if (!CBS_peek_u8(©, &next)) - goto bad; - if (next != '@') - goto bad; - quoted = 0; - } - /* - * XXX Go strangely permits sp but forbids ht - * mimic that for now - */ - if (c == 9) - goto bad; - if (wi >= LOCAL_PART_MAX_LEN) - goto bad; - working[wi++] = c; - continue; /* all's good inside our quoted string */ - } - if (c == '@') { - if (wi == 0) - goto bad; - if (candidate_local != NULL) - goto bad; - candidate_local = strdup(working); - if (candidate_local == NULL) - goto bad; - memset(working, 0, sizeof(working)); - wi = 0; - continue; - } - if (c == '\\') { - uint8_t next; - /* - * RFC 2821 hints these can happen outside of - * quoted string. Don't include the \ but - * next character must be ok. - */ - if (!CBS_peek_u8(©, &next)) - goto bad; - if (!local_part_ok(next)) - goto bad; - accept = 1; - } - if (!local_part_ok(c)) - goto bad; - if (wi >= LOCAL_PART_MAX_LEN) - goto bad; - working[wi++] = c; - } - if (candidate_local == NULL || candidate_domain == NULL) - goto bad; - CBS_init(&domain_cbs, candidate_domain, strlen(candidate_domain)); - if (!x509_constraints_valid_host(&domain_cbs, 0)) - goto bad; - - if (name != NULL) { - name->local = candidate_local; - name->name = candidate_domain; - name->type = GEN_EMAIL; - } else { - free(candidate_local); - free(candidate_domain); - } - return 1; - bad: - free(candidate_local); - free(candidate_domain); - return 0; -} - -int -x509_constraints_valid_domain_constraint(CBS *cbs) -{ - uint8_t first; - - if (CBS_len(cbs) == 0) - return 1; /* empty constraints match */ - - /* - * A domain may not be less than two characters, so you - * can't match a single domain of less than that - */ - if (CBS_len(cbs) < 3) { - if (!CBS_peek_u8(cbs, &first)) - return 0; - if (first == '.') - return 0; - } - return x509_constraints_valid_domain_internal(cbs, 0); -} - -/* - * Extract the host part of a URI. On failure to parse a valid host part of the - * URI, 0 is returned indicating an invalid URI. If the host part parses as - * valid, or is not present, 1 is returned indicating a possibly valid URI. - * - * In the case of a valid URI, *hostpart will be set to a copy of the host part - * of the URI, or the empty string if no URI is present. If memory allocation - * fails *hostpart will be set to NULL, even though we returned 1. It is the - * caller's responsibility to indicate an error for memory allocation failure, - * and the callers responsibility to free *hostpart. - * - * RFC 3986: - * the authority part of a uri starts with // and is terminated with - * the next '/', '?', '#' or end of the URI. - * - * The authority itself contains [userinfo '@'] host [: port] - * - * so the host starts at the start or after the '@', and ends - * with end of URI, '/', '?', "#', or ':'. - */ -int -x509_constraints_uri_host(uint8_t *uri, size_t len, char **hostpart) -{ - size_t i, hostlen = 0; - uint8_t *authority = NULL; - char *host = NULL; - CBS host_cbs; - - /* - * Find first '//'. there must be at least a '//' and - * something else. - */ - if (len < 3) - return 0; - for (i = 0; i < len - 1; i++) { - if (!isascii(uri[i])) - return 0; - if (uri[i] == '/' && uri[i + 1] == '/') { - authority = uri + i + 2; - break; - } - } - if (authority == NULL) { - /* - * There is no authority, so no host part in this - * URI. This might be ok or might not, but it must - * fail if we run into a name constraint later, so - * we indicate that we have a URI with an empty - * host part, and succeed. - */ - if (hostpart != NULL) - *hostpart = strdup(""); - return 1; - } - for (i = authority - uri; i < len; i++) { - if (!isascii(uri[i])) - return 0; - /* it has a userinfo part */ - if (uri[i] == '@') { - hostlen = 0; - /* it can only have one */ - if (host != NULL) - break; - /* start after the userinfo part */ - host = uri + i + 1; - continue; - } - /* did we find the end? */ - if (uri[i] == ':' || uri[i] == '/' || uri[i] == '?' || - uri[i] == '#') - break; - hostlen++; - } - if (hostlen == 0) - return 0; - if (host == NULL) - host = authority; - CBS_init(&host_cbs, host, hostlen); - if (!x509_constraints_valid_host(&host_cbs, 1)) - return 0; - if (hostpart != NULL && !CBS_strdup(&host_cbs, hostpart)) - return 0; - return 1; -} - -int -x509_constraints_sandns(char *sandns, size_t dlen, char *constraint, size_t len) -{ - char *suffix; - - if (len == 0) - return 1; /* an empty constraint matches everything */ - - /* match the end of the domain */ - if (dlen < len) - return 0; - suffix = sandns + (dlen - len); - return (strncasecmp(suffix, constraint, len) == 0); -} - -/* - * Validate a pre-validated domain of length dlen against a pre-validated - * constraint of length len. - * - * returns 1 if the domain and constraint match. - * returns 0 otherwise. - * - * an empty constraint matches everything. - * constraint will be matched against the domain as a suffix if it - * starts with a '.'. - * domain will be matched against the constraint as a suffix if it - * starts with a '.'. - */ -int -x509_constraints_domain(char *domain, size_t dlen, char *constraint, size_t len) -{ - if (len == 0) - return 1; /* an empty constraint matches everything */ - - if (constraint[0] == '.') { - /* match the end of the domain */ - char *suffix; - if (dlen < len) - return 0; - suffix = domain + (dlen - len); - return (strncasecmp(suffix, constraint, len) == 0); - } - if (domain[0] == '.') { - /* match the end of the constraint */ - char *suffix; - if (len < dlen) - return 0; - suffix = constraint + (len - dlen); - return (strncasecmp(suffix, domain, dlen) == 0); - } - /* otherwise we must exactly match the constraint */ - if (dlen != len) - return 0; - return (strncasecmp(domain, constraint, len) == 0); -} - -int -x509_constraints_uri(uint8_t *uri, size_t ulen, uint8_t *constraint, - size_t len, - int *error) -{ - int ret = 0; - char *hostpart = NULL; - CBS cbs; - - CBS_init(&cbs, constraint, len); - if (!x509_constraints_uri_host(uri, ulen, &hostpart)) { - *error = X509_V_ERR_UNSUPPORTED_NAME_SYNTAX; - goto err; - } - if (hostpart == NULL) { - *error = X509_V_ERR_OUT_OF_MEM; - goto err; - } - if (!x509_constraints_valid_domain_constraint(&cbs)) { - *error = X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX; - goto err; - } - ret = x509_constraints_domain(hostpart, strlen(hostpart), constraint, - len); - err: - free(hostpart); - return ret; -} - -/* - * Verify a validated address of size alen with a validated constraint - * of size constraint_len. returns 1 if matching, 0 if not. - * Addresses are assumed to be pre-validated for a length of 4 and 8 - * respectively for ipv4 addresses and constraints, and a length of - * 16 and 32 respectively for ipv6 address constraints by the caller. - */ -int -x509_constraints_ipaddr(uint8_t *address, size_t alen, uint8_t *constraint, - size_t len) -{ - uint8_t *mask; - size_t i; - - if (alen * 2 != len) - return 0; - - mask = constraint + alen; - for (i = 0; i < alen; i++) { - if ((address[i] & mask[i]) != (constraint[i] & mask[i])) - return 0; - } - return 1; -} - -/* - * Verify a canonicalized der encoded constraint dirname - * a canonicalized der encoded constraint. - */ -int -x509_constraints_dirname(uint8_t *dirname, size_t dlen, - uint8_t *constraint, size_t len) -{ - /* - * The constraint must be a prefix in DER format, so it can't be - * longer than the name it is checked against. - */ - if (len > dlen) - return 0; - return (memcmp(constraint, dirname, len) == 0); -} - -/* - * De-obfuscate a GENERAL_NAME into useful bytes for a name or constraint. - */ -int -x509_constraints_general_to_bytes(GENERAL_NAME *name, uint8_t **bytes, - size_t *len) -{ - *bytes = NULL; - *len = 0; - - if (name->type == GEN_DNS) { - ASN1_IA5STRING *aname = name->d.dNSName; - - *bytes = aname->data; - *len = aname->length; - - return name->type; - } - if (name->type == GEN_EMAIL) { - ASN1_IA5STRING *aname = name->d.rfc822Name; - - *bytes = aname->data; - *len = aname->length; - - return name->type; - } - if (name->type == GEN_URI) { - ASN1_IA5STRING *aname = name->d.uniformResourceIdentifier; - - *bytes = aname->data; - *len = aname->length; - - return name->type; - } - if (name->type == GEN_DIRNAME) { - X509_NAME *dname = name->d.directoryName; - - if (!dname->modified || i2d_X509_NAME(dname, NULL) >= 0) { - *bytes = dname->canon_enc; - *len = dname->canon_enclen; - - return name->type; - } - } - if (name->type == GEN_IPADD) { - *bytes = name->d.ip->data; - *len = name->d.ip->length; - - return name->type; - } - - return 0; -} - -/* - * Extract the relevant names for constraint checking from "cert", - * validate them, and add them to the list of cert names for "chain". - * returns 1 on success sets error and returns 0 on failure. - */ -int -x509_constraints_extract_names(struct x509_constraints_names *names, - X509 *cert, int is_leaf, int *error) -{ - struct x509_constraints_name *vname = NULL; - X509_NAME *subject_name; - GENERAL_NAME *name; - ssize_t i = 0; - int name_type, include_cn = is_leaf, include_email = is_leaf; - - /* first grab the altnames */ - while ((name = sk_GENERAL_NAME_value(cert->altname, i++)) != NULL) { - uint8_t *bytes = NULL; - size_t len = 0; - CBS cbs; - - if ((vname = x509_constraints_name_new()) == NULL) { - *error = X509_V_ERR_OUT_OF_MEM; - goto err; - } - - name_type = x509_constraints_general_to_bytes(name, &bytes, - &len); - CBS_init(&cbs, bytes, len); - switch (name_type) { - case GEN_DNS: - if (!x509_constraints_valid_sandns(&cbs)) { - *error = X509_V_ERR_UNSUPPORTED_NAME_SYNTAX; - goto err; - } - if (!CBS_strdup(&cbs, &vname->name)) { - *error = X509_V_ERR_OUT_OF_MEM; - goto err; - } - vname->type = GEN_DNS; - include_cn = 0; /* Don't use cn from subject */ - break; - case GEN_EMAIL: - if (!x509_constraints_parse_mailbox(&cbs, vname)) { - *error = X509_V_ERR_UNSUPPORTED_NAME_SYNTAX; - goto err; - } - vname->type = GEN_EMAIL; - include_email = 0; /* Don't use email from subject */ - break; - case GEN_URI: - if (!x509_constraints_uri_host(bytes, len, - &vname->name)) { - *error = X509_V_ERR_UNSUPPORTED_NAME_SYNTAX; - goto err; - } - if (vname->name == NULL) { - *error = X509_V_ERR_OUT_OF_MEM; - goto err; - } - vname->type = GEN_URI; - break; - case GEN_DIRNAME: - if (len == 0) { - *error = X509_V_ERR_UNSUPPORTED_NAME_SYNTAX; - goto err; - } - if (bytes == NULL || ((vname->der = malloc(len)) == - NULL)) { - *error = X509_V_ERR_OUT_OF_MEM; - goto err; - } - memcpy(vname->der, bytes, len); - vname->der_len = len; - vname->type = GEN_DIRNAME; - break; - case GEN_IPADD: - if (len == 4) - vname->af = AF_INET; - if (len == 16) - vname->af = AF_INET6; - if (vname->af != AF_INET && vname->af != AF_INET6) { - *error = X509_V_ERR_UNSUPPORTED_NAME_SYNTAX; - goto err; - } - memcpy(vname->address, bytes, len); - vname->type = GEN_IPADD; - break; - default: - /* Ignore this name */ - x509_constraints_name_free(vname); - vname = NULL; - continue; - } - if (!x509_constraints_names_add(names, vname)) { - *error = X509_V_ERR_OUT_OF_MEM; - goto err; - } - vname = NULL; - } - - x509_constraints_name_free(vname); - vname = NULL; - - subject_name = X509_get_subject_name(cert); - if (X509_NAME_entry_count(subject_name) > 0) { - X509_NAME_ENTRY *email; - X509_NAME_ENTRY *cn; - /* - * This cert has a non-empty subject, so we must add - * the subject as a dirname to be compared against - * any dirname constraints - */ - if ((subject_name->modified && - i2d_X509_NAME(subject_name, NULL) < 0) || - (vname = x509_constraints_name_new()) == NULL || - (vname->der = malloc(subject_name->canon_enclen)) == NULL) { - *error = X509_V_ERR_OUT_OF_MEM; - goto err; - } - - memcpy(vname->der, subject_name->canon_enc, - subject_name->canon_enclen); - vname->der_len = subject_name->canon_enclen; - vname->type = GEN_DIRNAME; - if (!x509_constraints_names_add(names, vname)) { - *error = X509_V_ERR_OUT_OF_MEM; - goto err; - } - vname = NULL; - /* - * Get any email addresses from the subject line, and - * add them as mbox names to be compared against any - * email constraints - */ - while (include_email && - (i = X509_NAME_get_index_by_NID(subject_name, - NID_pkcs9_emailAddress, i)) >= 0) { - ASN1_STRING *aname; - CBS cbs; - if ((email = X509_NAME_get_entry(subject_name, i)) == - NULL || - (aname = X509_NAME_ENTRY_get_data(email)) == NULL) { - *error = X509_V_ERR_OUT_OF_MEM; - goto err; - } - CBS_init(&cbs, aname->data, aname->length); - if ((vname = x509_constraints_name_new()) == NULL) { - *error = X509_V_ERR_OUT_OF_MEM; - goto err; - } - if (!x509_constraints_parse_mailbox(&cbs, vname)) { - *error = X509_V_ERR_UNSUPPORTED_NAME_SYNTAX; - goto err; - } - vname->type = GEN_EMAIL; - if (!x509_constraints_names_add(names, vname)) { - *error = X509_V_ERR_OUT_OF_MEM; - goto err; - } - vname = NULL; - } - /* - * Include the CN as a hostname to be checked against - * name constraints if it looks like a hostname. - */ - while (include_cn && - (i = X509_NAME_get_index_by_NID(subject_name, - NID_commonName, i)) >= 0) { - CBS cbs; - ASN1_STRING *aname; - if ((cn = X509_NAME_get_entry(subject_name, i)) == - NULL || - (aname = X509_NAME_ENTRY_get_data(cn)) == NULL) { - *error = X509_V_ERR_OUT_OF_MEM; - goto err; - } - CBS_init(&cbs, aname->data, aname->length); - if (!x509_constraints_valid_host(&cbs, 0)) - continue; /* ignore it if not a hostname */ - if ((vname = x509_constraints_name_new()) == NULL) { - *error = X509_V_ERR_OUT_OF_MEM; - goto err; - } - if (!CBS_strdup(&cbs, &vname->name)) { - *error = X509_V_ERR_OUT_OF_MEM; - goto err; - } - vname->type = GEN_DNS; - if (!x509_constraints_names_add(names, vname)) { - *error = X509_V_ERR_OUT_OF_MEM; - goto err; - } - vname = NULL; - } - } - return 1; - err: - x509_constraints_name_free(vname); - return 0; -} - -/* - * Validate a constraint in a general name, putting the relevant data - * into "name" if valid. returns 0, and sets error if the constraint is - * not valid. returns 1 if the constraint validated. name->type will be - * set to a valid type if there is constraint data in name, or unmodified - * if the GENERAL_NAME had a valid type but was ignored. - */ -int -x509_constraints_validate(GENERAL_NAME *constraint, - struct x509_constraints_name **out_name, int *out_error) -{ - uint8_t next, *bytes = NULL; - size_t len = 0; - struct x509_constraints_name *name; - int error = X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX; - int name_type; - CBS cbs; - - if (out_name == NULL || *out_name != NULL) - return 0; - - if (out_error != NULL) - *out_error = 0; - - if ((name = x509_constraints_name_new()) == NULL) { - error = X509_V_ERR_OUT_OF_MEM; - goto err; - } - - name_type = x509_constraints_general_to_bytes(constraint, &bytes, &len); - CBS_init(&cbs, bytes, len); - switch (name_type) { - case GEN_DIRNAME: - if (len == 0) - goto err; /* XXX The RFCs are delightfully vague */ - if (bytes == NULL || (name->der = malloc(len)) == NULL) { - error = X509_V_ERR_OUT_OF_MEM; - goto err; - } - memcpy(name->der, bytes, len); - name->der_len = len; - name->type = GEN_DIRNAME; - break; - case GEN_DNS: - if (!x509_constraints_valid_domain_constraint(&cbs)) - goto err; - if ((name->name = strndup(bytes, len)) == NULL) { - error = X509_V_ERR_OUT_OF_MEM; - goto err; - } - name->type = GEN_DNS; - break; - case GEN_EMAIL: - if (len > 0 && memchr(bytes + 1, '@', len - 1) != NULL) { - if (!x509_constraints_parse_mailbox(&cbs, name)) - goto err; - break; - } - /* - * Mail constraints of the form @domain.com are accepted by - * OpenSSL and Microsoft. - */ - if (CBS_len(&cbs) > 0) { - if (!CBS_peek_u8(&cbs, &next)) - goto err; - if (next == '@') { - if (!CBS_skip(&cbs, 1)) - goto err; - } - } - if (!x509_constraints_valid_domain_constraint(&cbs)) - goto err; - if (!CBS_strdup(&cbs, &name->name)) { - error = X509_V_ERR_OUT_OF_MEM; - goto err; - } - name->type = GEN_EMAIL; - break; - case GEN_IPADD: - /* Constraints are ip then mask */ - if (len == 8) - name->af = AF_INET; - else if (len == 32) - name->af = AF_INET6; - else - goto err; - memcpy(&name->address[0], bytes, len); - name->type = GEN_IPADD; - break; - case GEN_URI: - if (!x509_constraints_valid_domain_constraint(&cbs)) - goto err; - if ((name->name = strndup(bytes, len)) == NULL) { - error = X509_V_ERR_OUT_OF_MEM; - goto err; - } - name->type = GEN_URI; - break; - default: - break; - } - - *out_name = name; - - return 1; - - err: - x509_constraints_name_free(name); - if (out_error != NULL) - *out_error = error; - - return 0; -} - -int -x509_constraints_extract_constraints(X509 *cert, - struct x509_constraints_names *permitted, - struct x509_constraints_names *excluded, - int *error) -{ - struct x509_constraints_name *vname = NULL; - NAME_CONSTRAINTS *nc = cert->nc; - GENERAL_SUBTREE *subtree; - int i; - - if (nc == NULL) - return 1; - - for (i = 0; i < sk_GENERAL_SUBTREE_num(nc->permittedSubtrees); i++) { - subtree = sk_GENERAL_SUBTREE_value(nc->permittedSubtrees, i); - if (subtree->minimum || subtree->maximum) { - *error = X509_V_ERR_SUBTREE_MINMAX; - return 0; - } - if (!x509_constraints_validate(subtree->base, &vname, error)) - return 0; - if (vname->type == 0) { - x509_constraints_name_free(vname); - vname = NULL; - continue; - } - if (!x509_constraints_names_add(permitted, vname)) { - x509_constraints_name_free(vname); - vname = NULL; - *error = X509_V_ERR_OUT_OF_MEM; - return 0; - } - vname = NULL; - } - - for (i = 0; i < sk_GENERAL_SUBTREE_num(nc->excludedSubtrees); i++) { - subtree = sk_GENERAL_SUBTREE_value(nc->excludedSubtrees, i); - if (subtree->minimum || subtree->maximum) { - *error = X509_V_ERR_SUBTREE_MINMAX; - return 0; - } - if (!x509_constraints_validate(subtree->base, &vname, error)) - return 0; - if (vname->type == 0) { - x509_constraints_name_free(vname); - vname = NULL; - continue; - } - if (!x509_constraints_names_add(excluded, vname)) { - x509_constraints_name_free(vname); - vname = NULL; - *error = X509_V_ERR_OUT_OF_MEM; - return 0; - } - vname = NULL; - } - - return 1; -} - -/* - * Match a validated name in "name" against a validated constraint in - * "constraint" return 1 if then name matches, 0 otherwise. - */ -int -x509_constraints_match(struct x509_constraints_name *name, - struct x509_constraints_name *constraint) -{ - if (name->type != constraint->type) - return 0; - if (name->type == GEN_DNS) - return x509_constraints_sandns(name->name, strlen(name->name), - constraint->name, strlen(constraint->name)); - if (name->type == GEN_URI) - return x509_constraints_domain(name->name, strlen(name->name), - constraint->name, strlen(constraint->name)); - if (name->type == GEN_IPADD) { - size_t nlen = name->af == AF_INET ? 4 : 16; - size_t clen = name->af == AF_INET ? 8 : 32; - if (name->af != AF_INET && name->af != AF_INET6) - return 0; - if (constraint->af != AF_INET && constraint->af != AF_INET6) - return 0; - if (name->af != constraint->af) - return 0; - return x509_constraints_ipaddr(name->address, nlen, - constraint->address, clen); - } - if (name->type == GEN_EMAIL) { - if (constraint->local) { - /* mailbox local and domain parts must exactly match */ - return (strcmp(name->local, constraint->local) == 0 && - strcmp(name->name, constraint->name) == 0); - } - /* otherwise match the constraint to the domain part */ - return x509_constraints_domain(name->name, strlen(name->name), - constraint->name, strlen(constraint->name)); - } - if (name->type == GEN_DIRNAME) - return x509_constraints_dirname(name->der, name->der_len, - constraint->der, constraint->der_len); - return 0; -} - -/* - * Make sure every name in names does not match any excluded - * constraints, and does match at least one permitted constraint if - * any are present. Returns 1 if ok, 0, and sets error if not. - */ -int -x509_constraints_check(struct x509_constraints_names *names, - struct x509_constraints_names *permitted, - struct x509_constraints_names *excluded, int *error) -{ - size_t i, j; - - for (i = 0; i < names->names_count; i++) { - int permitted_seen = 0; - int permitted_matched = 0; - - for (j = 0; j < excluded->names_count; j++) { - if (x509_constraints_match(names->names[i], - excluded->names[j])) { - *error = X509_V_ERR_EXCLUDED_VIOLATION; - return 0; - } - } - for (j = 0; j < permitted->names_count; j++) { - if (permitted->names[j]->type == names->names[i]->type) - permitted_seen++; - if (x509_constraints_match(names->names[i], - permitted->names[j])) { - permitted_matched++; - break; - } - } - if (permitted_seen && !permitted_matched) { - *error = X509_V_ERR_PERMITTED_VIOLATION; - return 0; - } - } - return 1; -} - -/* - * Walk a validated chain of X509 certs, starting at the leaf, and - * validate the name constraints in the chain. Intended for use with - * the legacy X509 validation code in x509_vfy.c - * - * returns 1 if the constraints are ok, 0 otherwise, setting error and - * depth - */ -int -x509_constraints_chain(STACK_OF(X509) *chain, int *error, int *depth) -{ - int chain_length, verify_err = X509_V_ERR_UNSPECIFIED, i = 0; - struct x509_constraints_names *names = NULL; - struct x509_constraints_names *excluded = NULL; - struct x509_constraints_names *permitted = NULL; - size_t constraints_count = 0; - X509 *cert; - - if (chain == NULL || (chain_length = sk_X509_num(chain)) == 0) - goto err; - if (chain_length == 1) - return 1; - if ((names = x509_constraints_names_new( - X509_VERIFY_MAX_CHAIN_NAMES)) == NULL) { - verify_err = X509_V_ERR_OUT_OF_MEM; - goto err; - } - - if ((cert = sk_X509_value(chain, 0)) == NULL) - goto err; - if (!x509_constraints_extract_names(names, cert, 1, &verify_err)) - goto err; - for (i = 1; i < chain_length; i++) { - if ((cert = sk_X509_value(chain, i)) == NULL) - goto err; - if (cert->nc != NULL) { - if ((permitted = x509_constraints_names_new( - X509_VERIFY_MAX_CHAIN_CONSTRAINTS)) == NULL) { - verify_err = X509_V_ERR_OUT_OF_MEM; - goto err; - } - if ((excluded = x509_constraints_names_new( - X509_VERIFY_MAX_CHAIN_CONSTRAINTS)) == NULL) { - verify_err = X509_V_ERR_OUT_OF_MEM; - goto err; - } - if (!x509_constraints_extract_constraints(cert, - permitted, excluded, &verify_err)) - goto err; - constraints_count += permitted->names_count; - constraints_count += excluded->names_count; - if (constraints_count > - X509_VERIFY_MAX_CHAIN_CONSTRAINTS) { - verify_err = X509_V_ERR_OUT_OF_MEM; - goto err; - } - if (!x509_constraints_check(names, permitted, excluded, - &verify_err)) - goto err; - x509_constraints_names_free(excluded); - excluded = NULL; - x509_constraints_names_free(permitted); - permitted = NULL; - } - if (!x509_constraints_extract_names(names, cert, 0, - &verify_err)) - goto err; - } - - x509_constraints_names_free(names); - return 1; - - err: - *error = verify_err; - *depth = i; - x509_constraints_names_free(excluded); - x509_constraints_names_free(permitted); - x509_constraints_names_free(names); - return 0; -} diff --git a/src/lib/libcrypto/x509/x509_cpols.c b/src/lib/libcrypto/x509/x509_cpols.c deleted file mode 100644 index 6bae2a0482..0000000000 --- a/src/lib/libcrypto/x509/x509_cpols.c +++ /dev/null @@ -1,773 +0,0 @@ -/* $OpenBSD: x509_cpols.c,v 1.15 2025/03/06 07:20:01 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include -#include -#include - -#include "x509_local.h" - -/* Certificate policies extension support: this one is a bit complex... */ - -static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, - BIO *out, int indent); -static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, char *value); -static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals, - int indent); -static void print_notice(BIO *out, USERNOTICE *notice, int indent); -static POLICYINFO *policy_section(X509V3_CTX *ctx, - STACK_OF(CONF_VALUE) *polstrs, int ia5org); -static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, - STACK_OF(CONF_VALUE) *unot, int ia5org); -static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos); - -static const X509V3_EXT_METHOD x509v3_ext_certificate_policies = { - .ext_nid = NID_certificate_policies, - .ext_flags = 0, - .it = &CERTIFICATEPOLICIES_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = NULL, - .v2i = NULL, - .i2r = (X509V3_EXT_I2R)i2r_certpol, - .r2i = (X509V3_EXT_R2I)r2i_certpol, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_certificate_policies(void) -{ - return &x509v3_ext_certificate_policies; -} - -static const ASN1_TEMPLATE CERTIFICATEPOLICIES_item_tt = { - .flags = ASN1_TFLG_SEQUENCE_OF, - .tag = 0, - .offset = 0, - .field_name = "CERTIFICATEPOLICIES", - .item = &POLICYINFO_it, -}; - -const ASN1_ITEM CERTIFICATEPOLICIES_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = -1, - .templates = &CERTIFICATEPOLICIES_item_tt, - .tcount = 0, - .funcs = NULL, - .size = 0, - .sname = "CERTIFICATEPOLICIES", -}; -LCRYPTO_ALIAS(CERTIFICATEPOLICIES_it); - - -CERTIFICATEPOLICIES * -d2i_CERTIFICATEPOLICIES(CERTIFICATEPOLICIES **a, const unsigned char **in, long len) -{ - return (CERTIFICATEPOLICIES *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &CERTIFICATEPOLICIES_it); -} -LCRYPTO_ALIAS(d2i_CERTIFICATEPOLICIES); - -int -i2d_CERTIFICATEPOLICIES(CERTIFICATEPOLICIES *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &CERTIFICATEPOLICIES_it); -} -LCRYPTO_ALIAS(i2d_CERTIFICATEPOLICIES); - -CERTIFICATEPOLICIES * -CERTIFICATEPOLICIES_new(void) -{ - return (CERTIFICATEPOLICIES *)ASN1_item_new(&CERTIFICATEPOLICIES_it); -} -LCRYPTO_ALIAS(CERTIFICATEPOLICIES_new); - -void -CERTIFICATEPOLICIES_free(CERTIFICATEPOLICIES *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &CERTIFICATEPOLICIES_it); -} -LCRYPTO_ALIAS(CERTIFICATEPOLICIES_free); - -static const ASN1_TEMPLATE POLICYINFO_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(POLICYINFO, policyid), - .field_name = "policyid", - .item = &ASN1_OBJECT_it, - }, - { - .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(POLICYINFO, qualifiers), - .field_name = "qualifiers", - .item = &POLICYQUALINFO_it, - }, -}; - -const ASN1_ITEM POLICYINFO_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = POLICYINFO_seq_tt, - .tcount = sizeof(POLICYINFO_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(POLICYINFO), - .sname = "POLICYINFO", -}; -LCRYPTO_ALIAS(POLICYINFO_it); - - -POLICYINFO * -d2i_POLICYINFO(POLICYINFO **a, const unsigned char **in, long len) -{ - return (POLICYINFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &POLICYINFO_it); -} -LCRYPTO_ALIAS(d2i_POLICYINFO); - -int -i2d_POLICYINFO(POLICYINFO *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &POLICYINFO_it); -} -LCRYPTO_ALIAS(i2d_POLICYINFO); - -POLICYINFO * -POLICYINFO_new(void) -{ - return (POLICYINFO *)ASN1_item_new(&POLICYINFO_it); -} -LCRYPTO_ALIAS(POLICYINFO_new); - -void -POLICYINFO_free(POLICYINFO *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &POLICYINFO_it); -} -LCRYPTO_ALIAS(POLICYINFO_free); - -static const ASN1_TEMPLATE policydefault_tt = { - .flags = 0, - .tag = 0, - .offset = offsetof(POLICYQUALINFO, d.other), - .field_name = "d.other", - .item = &ASN1_ANY_it, -}; - -static const ASN1_ADB_TABLE POLICYQUALINFO_adbtbl[] = { - { - .value = NID_id_qt_cps, - .tt = { - .flags = 0, - .tag = 0, - .offset = offsetof(POLICYQUALINFO, d.cpsuri), - .field_name = "d.cpsuri", - .item = &ASN1_IA5STRING_it, - }, - }, - { - .value = NID_id_qt_unotice, - .tt = { - .flags = 0, - .tag = 0, - .offset = offsetof(POLICYQUALINFO, d.usernotice), - .field_name = "d.usernotice", - .item = &USERNOTICE_it, - }, - }, -}; - -static const ASN1_ADB POLICYQUALINFO_adb = { - .flags = 0, - .offset = offsetof(POLICYQUALINFO, pqualid), - .tbl = POLICYQUALINFO_adbtbl, - .tblcount = sizeof(POLICYQUALINFO_adbtbl) / sizeof(ASN1_ADB_TABLE), - .default_tt = &policydefault_tt, - .null_tt = NULL, -}; - -static const ASN1_TEMPLATE POLICYQUALINFO_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(POLICYQUALINFO, pqualid), - .field_name = "pqualid", - .item = &ASN1_OBJECT_it, - }, - { - .flags = ASN1_TFLG_ADB_OID, - .tag = -1, - .offset = 0, - .field_name = "POLICYQUALINFO", - .item = (const ASN1_ITEM *)&POLICYQUALINFO_adb, - }, -}; - -const ASN1_ITEM POLICYQUALINFO_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = POLICYQUALINFO_seq_tt, - .tcount = sizeof(POLICYQUALINFO_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(POLICYQUALINFO), - .sname = "POLICYQUALINFO", -}; -LCRYPTO_ALIAS(POLICYQUALINFO_it); - - -POLICYQUALINFO * -d2i_POLICYQUALINFO(POLICYQUALINFO **a, const unsigned char **in, long len) -{ - return (POLICYQUALINFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &POLICYQUALINFO_it); -} -LCRYPTO_ALIAS(d2i_POLICYQUALINFO); - -int -i2d_POLICYQUALINFO(POLICYQUALINFO *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &POLICYQUALINFO_it); -} -LCRYPTO_ALIAS(i2d_POLICYQUALINFO); - -POLICYQUALINFO * -POLICYQUALINFO_new(void) -{ - return (POLICYQUALINFO *)ASN1_item_new(&POLICYQUALINFO_it); -} -LCRYPTO_ALIAS(POLICYQUALINFO_new); - -void -POLICYQUALINFO_free(POLICYQUALINFO *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &POLICYQUALINFO_it); -} -LCRYPTO_ALIAS(POLICYQUALINFO_free); - -static const ASN1_TEMPLATE USERNOTICE_seq_tt[] = { - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(USERNOTICE, noticeref), - .field_name = "noticeref", - .item = &NOTICEREF_it, - }, - { - .flags = ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(USERNOTICE, exptext), - .field_name = "exptext", - .item = &DISPLAYTEXT_it, - }, -}; - -const ASN1_ITEM USERNOTICE_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = USERNOTICE_seq_tt, - .tcount = sizeof(USERNOTICE_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(USERNOTICE), - .sname = "USERNOTICE", -}; -LCRYPTO_ALIAS(USERNOTICE_it); - - -USERNOTICE * -d2i_USERNOTICE(USERNOTICE **a, const unsigned char **in, long len) -{ - return (USERNOTICE *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &USERNOTICE_it); -} -LCRYPTO_ALIAS(d2i_USERNOTICE); - -int -i2d_USERNOTICE(USERNOTICE *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &USERNOTICE_it); -} -LCRYPTO_ALIAS(i2d_USERNOTICE); - -USERNOTICE * -USERNOTICE_new(void) -{ - return (USERNOTICE *)ASN1_item_new(&USERNOTICE_it); -} -LCRYPTO_ALIAS(USERNOTICE_new); - -void -USERNOTICE_free(USERNOTICE *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &USERNOTICE_it); -} -LCRYPTO_ALIAS(USERNOTICE_free); - -static const ASN1_TEMPLATE NOTICEREF_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(NOTICEREF, organization), - .field_name = "organization", - .item = &DISPLAYTEXT_it, - }, - { - .flags = ASN1_TFLG_SEQUENCE_OF, - .tag = 0, - .offset = offsetof(NOTICEREF, noticenos), - .field_name = "noticenos", - .item = &ASN1_INTEGER_it, - }, -}; - -const ASN1_ITEM NOTICEREF_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = NOTICEREF_seq_tt, - .tcount = sizeof(NOTICEREF_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(NOTICEREF), - .sname = "NOTICEREF", -}; -LCRYPTO_ALIAS(NOTICEREF_it); - - -NOTICEREF * -d2i_NOTICEREF(NOTICEREF **a, const unsigned char **in, long len) -{ - return (NOTICEREF *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &NOTICEREF_it); -} -LCRYPTO_ALIAS(d2i_NOTICEREF); - -int -i2d_NOTICEREF(NOTICEREF *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &NOTICEREF_it); -} -LCRYPTO_ALIAS(i2d_NOTICEREF); - -NOTICEREF * -NOTICEREF_new(void) -{ - return (NOTICEREF *)ASN1_item_new(&NOTICEREF_it); -} -LCRYPTO_ALIAS(NOTICEREF_new); - -void -NOTICEREF_free(NOTICEREF *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &NOTICEREF_it); -} -LCRYPTO_ALIAS(NOTICEREF_free); - -static STACK_OF(POLICYINFO) * -r2i_certpol(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *value) -{ - STACK_OF(POLICYINFO) *pols = NULL; - char *pstr; - POLICYINFO *pol; - ASN1_OBJECT *pobj; - STACK_OF(CONF_VALUE) *vals; - CONF_VALUE *cnf; - int i, ia5org; - - pols = sk_POLICYINFO_new_null(); - if (pols == NULL) { - X509V3error(ERR_R_MALLOC_FAILURE); - return NULL; - } - vals = X509V3_parse_list(value); - if (vals == NULL) { - X509V3error(ERR_R_X509V3_LIB); - goto err; - } - ia5org = 0; - for (i = 0; i < sk_CONF_VALUE_num(vals); i++) { - cnf = sk_CONF_VALUE_value(vals, i); - if (cnf->value || !cnf->name) { - X509V3error(X509V3_R_INVALID_POLICY_IDENTIFIER); - X509V3_conf_err(cnf); - goto err; - } - pstr = cnf->name; - if (!strcmp(pstr, "ia5org")) { - ia5org = 1; - continue; - } else if (*pstr == '@') { - STACK_OF(CONF_VALUE) *polsect; - polsect = X509V3_get0_section(ctx, pstr + 1); - if (!polsect) { - X509V3error(X509V3_R_INVALID_SECTION); - X509V3_conf_err(cnf); - goto err; - } - pol = policy_section(ctx, polsect, ia5org); - if (!pol) - goto err; - } else { - if (!(pobj = OBJ_txt2obj(cnf->name, 0))) { - X509V3error(X509V3_R_INVALID_OBJECT_IDENTIFIER); - X509V3_conf_err(cnf); - goto err; - } - pol = POLICYINFO_new(); - pol->policyid = pobj; - } - if (!sk_POLICYINFO_push(pols, pol)){ - POLICYINFO_free(pol); - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - } - sk_CONF_VALUE_pop_free(vals, X509V3_conf_free); - return pols; - -err: - sk_CONF_VALUE_pop_free(vals, X509V3_conf_free); - sk_POLICYINFO_pop_free(pols, POLICYINFO_free); - return NULL; -} - -static POLICYINFO * -policy_section(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *polstrs, int ia5org) -{ - int i; - CONF_VALUE *cnf; - POLICYINFO *pol; - POLICYQUALINFO *nqual = NULL; - - if ((pol = POLICYINFO_new()) == NULL) - goto merr; - for (i = 0; i < sk_CONF_VALUE_num(polstrs); i++) { - cnf = sk_CONF_VALUE_value(polstrs, i); - if (strcmp(cnf->name, "policyIdentifier") == 0) { - ASN1_OBJECT *pobj; - - if ((pobj = OBJ_txt2obj(cnf->value, 0)) == NULL) { - X509V3error(X509V3_R_INVALID_OBJECT_IDENTIFIER); - X509V3_conf_err(cnf); - goto err; - } - pol->policyid = pobj; - } else if (name_cmp(cnf->name, "CPS") == 0) { - if ((nqual = POLICYQUALINFO_new()) == NULL) - goto merr; - nqual->pqualid = OBJ_nid2obj(NID_id_qt_cps); - nqual->d.cpsuri = ASN1_IA5STRING_new(); - if (nqual->d.cpsuri == NULL) - goto merr; - if (ASN1_STRING_set(nqual->d.cpsuri, cnf->value, - strlen(cnf->value)) == 0) - goto merr; - - if (pol->qualifiers == NULL) { - pol->qualifiers = sk_POLICYQUALINFO_new_null(); - if (pol->qualifiers == NULL) - goto merr; - } - if (sk_POLICYQUALINFO_push(pol->qualifiers, nqual) == 0) - goto merr; - nqual = NULL; - } else if (name_cmp(cnf->name, "userNotice") == 0) { - STACK_OF(CONF_VALUE) *unot; - POLICYQUALINFO *qual; - - if (*cnf->value != '@') { - X509V3error(X509V3_R_EXPECTED_A_SECTION_NAME); - X509V3_conf_err(cnf); - goto err; - } - unot = X509V3_get0_section(ctx, cnf->value + 1); - if (unot == NULL) { - X509V3error(X509V3_R_INVALID_SECTION); - X509V3_conf_err(cnf); - goto err; - } - qual = notice_section(ctx, unot, ia5org); - if (qual == NULL) - goto err; - - if (pol->qualifiers == NULL) { - pol->qualifiers = sk_POLICYQUALINFO_new_null(); - if (pol->qualifiers == NULL) - goto merr; - } - if (sk_POLICYQUALINFO_push(pol->qualifiers, qual) == 0) - goto merr; - } else { - X509V3error(X509V3_R_INVALID_OPTION); - X509V3_conf_err(cnf); - goto err; - } - } - if (pol->policyid == NULL) { - X509V3error(X509V3_R_NO_POLICY_IDENTIFIER); - goto err; - } - - return pol; - -merr: - X509V3error(ERR_R_MALLOC_FAILURE); - -err: - POLICYQUALINFO_free(nqual); - POLICYINFO_free(pol); - return NULL; -} - -static POLICYQUALINFO * -notice_section(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *unot, int ia5org) -{ - int i, ret; - CONF_VALUE *cnf; - USERNOTICE *not; - POLICYQUALINFO *qual; - - if (!(qual = POLICYQUALINFO_new())) - goto merr; - qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice); - if (!(not = USERNOTICE_new())) - goto merr; - qual->d.usernotice = not; - for (i = 0; i < sk_CONF_VALUE_num(unot); i++) { - cnf = sk_CONF_VALUE_value(unot, i); - if (!strcmp(cnf->name, "explicitText")) { - if (not->exptext == NULL) { - not->exptext = ASN1_UTF8STRING_new(); - if (not->exptext == NULL) - goto merr; - } - if (!ASN1_STRING_set(not->exptext, cnf->value, - strlen(cnf->value))) - goto merr; - } else if (!strcmp(cnf->name, "organization")) { - NOTICEREF *nref; - if (!not->noticeref) { - if (!(nref = NOTICEREF_new())) - goto merr; - not->noticeref = nref; - } else - nref = not->noticeref; - if (ia5org) - nref->organization->type = V_ASN1_IA5STRING; - else - nref->organization->type = V_ASN1_VISIBLESTRING; - if (!ASN1_STRING_set(nref->organization, cnf->value, - strlen(cnf->value))) - goto merr; - } else if (!strcmp(cnf->name, "noticeNumbers")) { - NOTICEREF *nref; - STACK_OF(CONF_VALUE) *nos; - if (!not->noticeref) { - if (!(nref = NOTICEREF_new())) - goto merr; - not->noticeref = nref; - } else - nref = not->noticeref; - nos = X509V3_parse_list(cnf->value); - if (!nos || !sk_CONF_VALUE_num(nos)) { - X509V3error(X509V3_R_INVALID_NUMBERS); - X509V3_conf_err(cnf); - if (nos != NULL) - sk_CONF_VALUE_pop_free(nos, - X509V3_conf_free); - goto err; - } - ret = nref_nos(nref->noticenos, nos); - sk_CONF_VALUE_pop_free(nos, X509V3_conf_free); - if (!ret) - goto err; - } else { - X509V3error(X509V3_R_INVALID_OPTION); - X509V3_conf_err(cnf); - goto err; - } - } - - if (not->noticeref && - (!not->noticeref->noticenos || !not->noticeref->organization)) { - X509V3error(X509V3_R_NEED_ORGANIZATION_AND_NUMBERS); - goto err; - } - - return qual; - -merr: - X509V3error(ERR_R_MALLOC_FAILURE); - -err: - POLICYQUALINFO_free(qual); - return NULL; -} - -static int -nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos) -{ - CONF_VALUE *cnf; - ASN1_INTEGER *aint; - int i; - - for (i = 0; i < sk_CONF_VALUE_num(nos); i++) { - cnf = sk_CONF_VALUE_value(nos, i); - if (!(aint = s2i_ASN1_INTEGER(NULL, cnf->name))) { - X509V3error(X509V3_R_INVALID_NUMBER); - goto err; - } - if (!sk_ASN1_INTEGER_push(nnums, aint)) - goto merr; - } - return 1; - -merr: - X509V3error(ERR_R_MALLOC_FAILURE); - -err: - sk_ASN1_INTEGER_pop_free(nnums, ASN1_STRING_free); - return 0; -} - -static int -i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, BIO *out, - int indent) -{ - int i; - POLICYINFO *pinfo; - - /* First print out the policy OIDs */ - for (i = 0; i < sk_POLICYINFO_num(pol); i++) { - pinfo = sk_POLICYINFO_value(pol, i); - BIO_printf(out, "%*sPolicy: ", indent, ""); - i2a_ASN1_OBJECT(out, pinfo->policyid); - BIO_puts(out, "\n"); - if (pinfo->qualifiers) - print_qualifiers(out, pinfo->qualifiers, indent + 2); - } - return 1; -} - -static void -print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals, int indent) -{ - POLICYQUALINFO *qualinfo; - int i; - - for (i = 0; i < sk_POLICYQUALINFO_num(quals); i++) { - qualinfo = sk_POLICYQUALINFO_value(quals, i); - switch (OBJ_obj2nid(qualinfo->pqualid)) { - case NID_id_qt_cps: - BIO_printf(out, "%*sCPS: %.*s\n", indent, "", - qualinfo->d.cpsuri->length, - qualinfo->d.cpsuri->data); - break; - - case NID_id_qt_unotice: - BIO_printf(out, "%*sUser Notice:\n", indent, ""); - print_notice(out, qualinfo->d.usernotice, indent + 2); - break; - - default: - BIO_printf(out, "%*sUnknown Qualifier: ", - indent + 2, ""); - - i2a_ASN1_OBJECT(out, qualinfo->pqualid); - BIO_puts(out, "\n"); - break; - } - } -} - -static void -print_notice(BIO *out, USERNOTICE *notice, int indent) -{ - int i; - - if (notice->noticeref) { - NOTICEREF *ref; - ref = notice->noticeref; - BIO_printf(out, "%*sOrganization: %.*s\n", indent, "", - ref->organization->length, ref->organization->data); - BIO_printf(out, "%*sNumber%s: ", indent, "", - sk_ASN1_INTEGER_num(ref->noticenos) > 1 ? "s" : ""); - for (i = 0; i < sk_ASN1_INTEGER_num(ref->noticenos); i++) { - ASN1_INTEGER *num; - char *tmp; - num = sk_ASN1_INTEGER_value(ref->noticenos, i); - if (i) - BIO_puts(out, ", "); - tmp = i2s_ASN1_INTEGER(NULL, num); - BIO_puts(out, tmp); - free(tmp); - } - BIO_puts(out, "\n"); - } - if (notice->exptext) - BIO_printf(out, "%*sExplicit Text: %.*s\n", indent, "", - notice->exptext->length, notice->exptext->data); -} diff --git a/src/lib/libcrypto/x509/x509_crld.c b/src/lib/libcrypto/x509/x509_crld.c deleted file mode 100644 index 81f2010df5..0000000000 --- a/src/lib/libcrypto/x509/x509_crld.c +++ /dev/null @@ -1,852 +0,0 @@ -/* $OpenBSD: x509_crld.c,v 1.9 2025/03/06 07:20:01 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include -#include -#include - -#include "x509_local.h" - -static void *v2i_crld(const X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); -static int i2r_crldp(const X509V3_EXT_METHOD *method, void *pcrldp, BIO *out, - int indent); - -static const X509V3_EXT_METHOD x509v3_ext_crl_distribution_points = { - .ext_nid = NID_crl_distribution_points, - .ext_flags = 0, - .it = &CRL_DIST_POINTS_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = NULL, - .v2i = v2i_crld, - .i2r = i2r_crldp, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_crl_distribution_points(void) -{ - return &x509v3_ext_crl_distribution_points; -} - -static const X509V3_EXT_METHOD x509v3_ext_freshest_crl = { - .ext_nid = NID_freshest_crl, - .ext_flags = 0, - .it = &CRL_DIST_POINTS_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = NULL, - .v2i = v2i_crld, - .i2r = i2r_crldp, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_freshest_crl(void) -{ - return &x509v3_ext_freshest_crl; -} - -static STACK_OF(GENERAL_NAME) * -gnames_from_sectname(X509V3_CTX *ctx, char *sect) -{ - STACK_OF(CONF_VALUE) *gnsect; - STACK_OF(GENERAL_NAME) *gens; - - if (*sect == '@') - gnsect = X509V3_get0_section(ctx, sect + 1); - else - gnsect = X509V3_parse_list(sect); - if (!gnsect) { - X509V3error(X509V3_R_SECTION_NOT_FOUND); - return NULL; - } - gens = v2i_GENERAL_NAMES(NULL, ctx, gnsect); - if (*sect != '@') - sk_CONF_VALUE_pop_free(gnsect, X509V3_conf_free); - return gens; -} - -static int -set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, CONF_VALUE *cnf) -{ - STACK_OF(GENERAL_NAME) *fnm = NULL; - STACK_OF(X509_NAME_ENTRY) *rnm = NULL; - - if (!strncmp(cnf->name, "fullname", 9)) { - fnm = gnames_from_sectname(ctx, cnf->value); - if (!fnm) - goto err; - } else if (!strcmp(cnf->name, "relativename")) { - int ret; - STACK_OF(CONF_VALUE) *dnsect; - X509_NAME *nm; - nm = X509_NAME_new(); - if (!nm) - return -1; - dnsect = X509V3_get0_section(ctx, cnf->value); - if (!dnsect) { - X509V3error(X509V3_R_SECTION_NOT_FOUND); - X509_NAME_free(nm); - return -1; - } - ret = X509V3_NAME_from_section(nm, dnsect, MBSTRING_ASC); - rnm = nm->entries; - nm->entries = NULL; - X509_NAME_free(nm); - if (!ret || sk_X509_NAME_ENTRY_num(rnm) <= 0) - goto err; - /* Since its a name fragment can't have more than one - * RDNSequence - */ - if (sk_X509_NAME_ENTRY_value(rnm, - sk_X509_NAME_ENTRY_num(rnm) - 1)->set) { - X509V3error(X509V3_R_INVALID_MULTIPLE_RDNS); - goto err; - } - } else - return 0; - - if (*pdp) { - X509V3error(X509V3_R_DISTPOINT_ALREADY_SET); - goto err; - } - - *pdp = DIST_POINT_NAME_new(); - if (!*pdp) - goto err; - if (fnm) { - (*pdp)->type = 0; - (*pdp)->name.fullname = fnm; - } else { - (*pdp)->type = 1; - (*pdp)->name.relativename = rnm; - } - - return 1; - -err: - sk_GENERAL_NAME_pop_free(fnm, GENERAL_NAME_free); - sk_X509_NAME_ENTRY_pop_free(rnm, X509_NAME_ENTRY_free); - return -1; -} - -static const BIT_STRING_BITNAME reason_flags[] = { - {0, "Unused", "unused"}, - {1, "Key Compromise", "keyCompromise"}, - {2, "CA Compromise", "CACompromise"}, - {3, "Affiliation Changed", "affiliationChanged"}, - {4, "Superseded", "superseded"}, - {5, "Cessation Of Operation", "cessationOfOperation"}, - {6, "Certificate Hold", "certificateHold"}, - {7, "Privilege Withdrawn", "privilegeWithdrawn"}, - {8, "AA Compromise", "AACompromise"}, - {-1, NULL, NULL} -}; - -static int -set_reasons(ASN1_BIT_STRING **preas, char *value) -{ - STACK_OF(CONF_VALUE) *rsk = NULL; - const BIT_STRING_BITNAME *pbn; - const char *bnam; - int i, ret = 0; - - if (*preas != NULL) - return 0; - rsk = X509V3_parse_list(value); - if (rsk == NULL) - return 0; - for (i = 0; i < sk_CONF_VALUE_num(rsk); i++) { - bnam = sk_CONF_VALUE_value(rsk, i)->name; - if (!*preas) { - *preas = ASN1_BIT_STRING_new(); - if (!*preas) - goto err; - } - for (pbn = reason_flags; pbn->lname; pbn++) { - if (!strcmp(pbn->sname, bnam)) { - if (!ASN1_BIT_STRING_set_bit(*preas, - pbn->bitnum, 1)) - goto err; - break; - } - } - if (!pbn->lname) - goto err; - } - ret = 1; - -err: - sk_CONF_VALUE_pop_free(rsk, X509V3_conf_free); - return ret; -} - -static int -print_reasons(BIO *out, const char *rname, ASN1_BIT_STRING *rflags, int indent) -{ - int first = 1; - const BIT_STRING_BITNAME *pbn; - - BIO_printf(out, "%*s%s:\n%*s", indent, "", rname, indent + 2, ""); - for (pbn = reason_flags; pbn->lname; pbn++) { - if (ASN1_BIT_STRING_get_bit(rflags, pbn->bitnum)) { - if (first) - first = 0; - else - BIO_puts(out, ", "); - BIO_puts(out, pbn->lname); - } - } - if (first) - BIO_puts(out, "\n"); - else - BIO_puts(out, "\n"); - return 1; -} - -static DIST_POINT * -crldp_from_section(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) -{ - int i; - CONF_VALUE *cnf; - DIST_POINT *point = NULL; - - point = DIST_POINT_new(); - if (!point) - goto err; - for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { - int ret; - cnf = sk_CONF_VALUE_value(nval, i); - ret = set_dist_point_name(&point->distpoint, ctx, cnf); - if (ret > 0) - continue; - if (ret < 0) - goto err; - if (!strcmp(cnf->name, "reasons")) { - if (!set_reasons(&point->reasons, cnf->value)) - goto err; - } - else if (!strcmp(cnf->name, "CRLissuer")) { - point->CRLissuer = - gnames_from_sectname(ctx, cnf->value); - if (!point->CRLissuer) - goto err; - } - } - - return point; - -err: - DIST_POINT_free(point); - return NULL; -} - -static void * -v2i_crld(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - STACK_OF(CONF_VALUE) *nval) -{ - STACK_OF(DIST_POINT) *crld = NULL; - GENERAL_NAMES *gens = NULL; - GENERAL_NAME *gen = NULL; - CONF_VALUE *cnf; - int i; - - if (!(crld = sk_DIST_POINT_new_null())) - goto merr; - for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { - DIST_POINT *point; - cnf = sk_CONF_VALUE_value(nval, i); - if (!cnf->value) { - STACK_OF(CONF_VALUE) *dpsect; - dpsect = X509V3_get0_section(ctx, cnf->name); - if (!dpsect) - goto err; - point = crldp_from_section(ctx, dpsect); - if (!point) - goto err; - if (!sk_DIST_POINT_push(crld, point)) { - DIST_POINT_free(point); - goto merr; - } - } else { - if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) - goto err; - if (!(gens = GENERAL_NAMES_new())) - goto merr; - if (!sk_GENERAL_NAME_push(gens, gen)) - goto merr; - gen = NULL; - if (!(point = DIST_POINT_new())) - goto merr; - if (!sk_DIST_POINT_push(crld, point)) { - DIST_POINT_free(point); - goto merr; - } - if (!(point->distpoint = DIST_POINT_NAME_new())) - goto merr; - point->distpoint->name.fullname = gens; - point->distpoint->type = 0; - gens = NULL; - } - } - return crld; - -merr: - X509V3error(ERR_R_MALLOC_FAILURE); -err: - GENERAL_NAME_free(gen); - GENERAL_NAMES_free(gens); - sk_DIST_POINT_pop_free(crld, DIST_POINT_free); - return NULL; -} - -static int -dpn_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) -{ - DIST_POINT_NAME *dpn = (DIST_POINT_NAME *)*pval; - - switch (operation) { - case ASN1_OP_NEW_POST: - dpn->dpname = NULL; - break; - - case ASN1_OP_FREE_POST: - if (dpn->dpname) - X509_NAME_free(dpn->dpname); - break; - } - return 1; -} - - -static const ASN1_AUX DIST_POINT_NAME_aux = { - .app_data = NULL, - .flags = 0, - .ref_offset = 0, - .ref_lock = 0, - .asn1_cb = dpn_cb, - .enc_offset = 0, -}; -static const ASN1_TEMPLATE DIST_POINT_NAME_ch_tt[] = { - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF, - .tag = 0, - .offset = offsetof(DIST_POINT_NAME, name.fullname), - .field_name = "name.fullname", - .item = &GENERAL_NAME_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF, - .tag = 1, - .offset = offsetof(DIST_POINT_NAME, name.relativename), - .field_name = "name.relativename", - .item = &X509_NAME_ENTRY_it, - }, -}; - -const ASN1_ITEM DIST_POINT_NAME_it = { - .itype = ASN1_ITYPE_CHOICE, - .utype = offsetof(DIST_POINT_NAME, type), - .templates = DIST_POINT_NAME_ch_tt, - .tcount = sizeof(DIST_POINT_NAME_ch_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &DIST_POINT_NAME_aux, - .size = sizeof(DIST_POINT_NAME), - .sname = "DIST_POINT_NAME", -}; -LCRYPTO_ALIAS(DIST_POINT_NAME_it); - - - -DIST_POINT_NAME * -d2i_DIST_POINT_NAME(DIST_POINT_NAME **a, const unsigned char **in, long len) -{ - return (DIST_POINT_NAME *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &DIST_POINT_NAME_it); -} -LCRYPTO_ALIAS(d2i_DIST_POINT_NAME); - -int -i2d_DIST_POINT_NAME(DIST_POINT_NAME *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &DIST_POINT_NAME_it); -} -LCRYPTO_ALIAS(i2d_DIST_POINT_NAME); - -DIST_POINT_NAME * -DIST_POINT_NAME_new(void) -{ - return (DIST_POINT_NAME *)ASN1_item_new(&DIST_POINT_NAME_it); -} -LCRYPTO_ALIAS(DIST_POINT_NAME_new); - -void -DIST_POINT_NAME_free(DIST_POINT_NAME *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &DIST_POINT_NAME_it); -} -LCRYPTO_ALIAS(DIST_POINT_NAME_free); - -static const ASN1_TEMPLATE DIST_POINT_seq_tt[] = { - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(DIST_POINT, distpoint), - .field_name = "distpoint", - .item = &DIST_POINT_NAME_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(DIST_POINT, reasons), - .field_name = "reasons", - .item = &ASN1_BIT_STRING_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, - .tag = 2, - .offset = offsetof(DIST_POINT, CRLissuer), - .field_name = "CRLissuer", - .item = &GENERAL_NAME_it, - }, -}; - -const ASN1_ITEM DIST_POINT_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = DIST_POINT_seq_tt, - .tcount = sizeof(DIST_POINT_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(DIST_POINT), - .sname = "DIST_POINT", -}; -LCRYPTO_ALIAS(DIST_POINT_it); - - -DIST_POINT * -d2i_DIST_POINT(DIST_POINT **a, const unsigned char **in, long len) -{ - return (DIST_POINT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &DIST_POINT_it); -} -LCRYPTO_ALIAS(d2i_DIST_POINT); - -int -i2d_DIST_POINT(DIST_POINT *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &DIST_POINT_it); -} -LCRYPTO_ALIAS(i2d_DIST_POINT); - -DIST_POINT * -DIST_POINT_new(void) -{ - return (DIST_POINT *)ASN1_item_new(&DIST_POINT_it); -} -LCRYPTO_ALIAS(DIST_POINT_new); - -void -DIST_POINT_free(DIST_POINT *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &DIST_POINT_it); -} -LCRYPTO_ALIAS(DIST_POINT_free); - -static const ASN1_TEMPLATE CRL_DIST_POINTS_item_tt = { - .flags = ASN1_TFLG_SEQUENCE_OF, - .tag = 0, - .offset = 0, - .field_name = "CRLDistributionPoints", - .item = &DIST_POINT_it, -}; - -const ASN1_ITEM CRL_DIST_POINTS_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = -1, - .templates = &CRL_DIST_POINTS_item_tt, - .tcount = 0, - .funcs = NULL, - .size = 0, - .sname = "CRL_DIST_POINTS", -}; -LCRYPTO_ALIAS(CRL_DIST_POINTS_it); - - -CRL_DIST_POINTS * -d2i_CRL_DIST_POINTS(CRL_DIST_POINTS **a, const unsigned char **in, long len) -{ - return (CRL_DIST_POINTS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &CRL_DIST_POINTS_it); -} -LCRYPTO_ALIAS(d2i_CRL_DIST_POINTS); - -int -i2d_CRL_DIST_POINTS(CRL_DIST_POINTS *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &CRL_DIST_POINTS_it); -} -LCRYPTO_ALIAS(i2d_CRL_DIST_POINTS); - -CRL_DIST_POINTS * -CRL_DIST_POINTS_new(void) -{ - return (CRL_DIST_POINTS *)ASN1_item_new(&CRL_DIST_POINTS_it); -} -LCRYPTO_ALIAS(CRL_DIST_POINTS_new); - -void -CRL_DIST_POINTS_free(CRL_DIST_POINTS *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &CRL_DIST_POINTS_it); -} -LCRYPTO_ALIAS(CRL_DIST_POINTS_free); - -static const ASN1_TEMPLATE ISSUING_DIST_POINT_seq_tt[] = { - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(ISSUING_DIST_POINT, distpoint), - .field_name = "distpoint", - .item = &DIST_POINT_NAME_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(ISSUING_DIST_POINT, onlyuser), - .field_name = "onlyuser", - .item = &ASN1_FBOOLEAN_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 2, - .offset = offsetof(ISSUING_DIST_POINT, onlyCA), - .field_name = "onlyCA", - .item = &ASN1_FBOOLEAN_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 3, - .offset = offsetof(ISSUING_DIST_POINT, onlysomereasons), - .field_name = "onlysomereasons", - .item = &ASN1_BIT_STRING_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 4, - .offset = offsetof(ISSUING_DIST_POINT, indirectCRL), - .field_name = "indirectCRL", - .item = &ASN1_FBOOLEAN_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 5, - .offset = offsetof(ISSUING_DIST_POINT, onlyattr), - .field_name = "onlyattr", - .item = &ASN1_FBOOLEAN_it, - }, -}; - -const ASN1_ITEM ISSUING_DIST_POINT_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = ISSUING_DIST_POINT_seq_tt, - .tcount = sizeof(ISSUING_DIST_POINT_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(ISSUING_DIST_POINT), - .sname = "ISSUING_DIST_POINT", -}; -LCRYPTO_ALIAS(ISSUING_DIST_POINT_it); - - -ISSUING_DIST_POINT * -d2i_ISSUING_DIST_POINT(ISSUING_DIST_POINT **a, const unsigned char **in, long len) -{ - return (ISSUING_DIST_POINT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ISSUING_DIST_POINT_it); -} -LCRYPTO_ALIAS(d2i_ISSUING_DIST_POINT); - -int -i2d_ISSUING_DIST_POINT(ISSUING_DIST_POINT *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ISSUING_DIST_POINT_it); -} -LCRYPTO_ALIAS(i2d_ISSUING_DIST_POINT); - -ISSUING_DIST_POINT * -ISSUING_DIST_POINT_new(void) -{ - return (ISSUING_DIST_POINT *)ASN1_item_new(&ISSUING_DIST_POINT_it); -} -LCRYPTO_ALIAS(ISSUING_DIST_POINT_new); - -void -ISSUING_DIST_POINT_free(ISSUING_DIST_POINT *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ISSUING_DIST_POINT_it); -} -LCRYPTO_ALIAS(ISSUING_DIST_POINT_free); - -static int i2r_idp(const X509V3_EXT_METHOD *method, void *pidp, BIO *out, - int indent); -static void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - STACK_OF(CONF_VALUE) *nval); - -static const X509V3_EXT_METHOD x509v3_ext_issuing_distribution_point = { - .ext_nid = NID_issuing_distribution_point, - .ext_flags = X509V3_EXT_MULTILINE, - .it = &ISSUING_DIST_POINT_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = NULL, - .v2i = v2i_idp, - .i2r = i2r_idp, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_issuing_distribution_point(void) -{ - return &x509v3_ext_issuing_distribution_point; -} - -static void * -v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - STACK_OF(CONF_VALUE) *nval) -{ - ISSUING_DIST_POINT *idp = NULL; - CONF_VALUE *cnf; - char *name, *val; - int i, ret; - - idp = ISSUING_DIST_POINT_new(); - if (!idp) - goto merr; - for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { - cnf = sk_CONF_VALUE_value(nval, i); - name = cnf->name; - val = cnf->value; - ret = set_dist_point_name(&idp->distpoint, ctx, cnf); - if (ret > 0) - continue; - if (ret < 0) - goto err; - if (!strcmp(name, "onlyuser")) { - if (!X509V3_get_value_bool(cnf, &idp->onlyuser)) - goto err; - } - else if (!strcmp(name, "onlyCA")) { - if (!X509V3_get_value_bool(cnf, &idp->onlyCA)) - goto err; - } - else if (!strcmp(name, "onlyAA")) { - if (!X509V3_get_value_bool(cnf, &idp->onlyattr)) - goto err; - } - else if (!strcmp(name, "indirectCRL")) { - if (!X509V3_get_value_bool(cnf, &idp->indirectCRL)) - goto err; - } - else if (!strcmp(name, "onlysomereasons")) { - if (!set_reasons(&idp->onlysomereasons, val)) - goto err; - } else { - X509V3error(X509V3_R_INVALID_NAME); - X509V3_conf_err(cnf); - goto err; - } - } - return idp; - -merr: - X509V3error(ERR_R_MALLOC_FAILURE); -err: - ISSUING_DIST_POINT_free(idp); - return NULL; -} - -static int -print_gens(BIO *out, STACK_OF(GENERAL_NAME) *gens, int indent) -{ - int i; - - for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) { - BIO_printf(out, "%*s", indent + 2, ""); - GENERAL_NAME_print(out, sk_GENERAL_NAME_value(gens, i)); - BIO_puts(out, "\n"); - } - return 1; -} - -static int -print_distpoint(BIO *out, DIST_POINT_NAME *dpn, int indent) -{ - if (dpn->type == 0) { - BIO_printf(out, "%*sFull Name:\n", indent, ""); - print_gens(out, dpn->name.fullname, indent); - } else { - X509_NAME ntmp; - ntmp.entries = dpn->name.relativename; - BIO_printf(out, "%*sRelative Name:\n%*s", - indent, "", indent + 2, ""); - X509_NAME_print_ex(out, &ntmp, 0, XN_FLAG_ONELINE); - BIO_puts(out, "\n"); - } - return 1; -} - -static int -i2r_idp(const X509V3_EXT_METHOD *method, void *pidp, BIO *out, int indent) -{ - ISSUING_DIST_POINT *idp = pidp; - - if (idp->distpoint) - print_distpoint(out, idp->distpoint, indent); - if (idp->onlyuser > 0) - BIO_printf(out, "%*sOnly User Certificates\n", indent, ""); - if (idp->onlyCA > 0) - BIO_printf(out, "%*sOnly CA Certificates\n", indent, ""); - if (idp->indirectCRL > 0) - BIO_printf(out, "%*sIndirect CRL\n", indent, ""); - if (idp->onlysomereasons) - print_reasons(out, "Only Some Reasons", - idp->onlysomereasons, indent); - if (idp->onlyattr > 0) - BIO_printf(out, "%*sOnly Attribute Certificates\n", indent, ""); - if (!idp->distpoint && (idp->onlyuser <= 0) && (idp->onlyCA <= 0) && - (idp->indirectCRL <= 0) && !idp->onlysomereasons && - (idp->onlyattr <= 0)) - BIO_printf(out, "%*s\n", indent, ""); - - return 1; -} - -static int -i2r_crldp(const X509V3_EXT_METHOD *method, void *pcrldp, BIO *out, int indent) -{ - STACK_OF(DIST_POINT) *crld = pcrldp; - DIST_POINT *point; - int i; - - for (i = 0; i < sk_DIST_POINT_num(crld); i++) { - BIO_puts(out, "\n"); - point = sk_DIST_POINT_value(crld, i); - if (point->distpoint) - print_distpoint(out, point->distpoint, indent); - if (point->reasons) - print_reasons(out, "Reasons", point->reasons, - indent); - if (point->CRLissuer) { - BIO_printf(out, "%*sCRL Issuer:\n", indent, ""); - print_gens(out, point->CRLissuer, indent); - } - } - return 1; -} - -int -DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, X509_NAME *iname) -{ - int i; - STACK_OF(X509_NAME_ENTRY) *frag; - X509_NAME_ENTRY *ne; - - if (!dpn || (dpn->type != 1)) - return 1; - frag = dpn->name.relativename; - dpn->dpname = X509_NAME_dup(iname); - if (!dpn->dpname) - return 0; - for (i = 0; i < sk_X509_NAME_ENTRY_num(frag); i++) { - ne = sk_X509_NAME_ENTRY_value(frag, i); - if (!X509_NAME_add_entry(dpn->dpname, ne, -1, i ? 0 : 1)) { - X509_NAME_free(dpn->dpname); - dpn->dpname = NULL; - return 0; - } - } - /* generate cached encoding of name */ - if (i2d_X509_NAME(dpn->dpname, NULL) < 0) { - X509_NAME_free(dpn->dpname); - dpn->dpname = NULL; - return 0; - } - return 1; -} -LCRYPTO_ALIAS(DIST_POINT_set_dpname); diff --git a/src/lib/libcrypto/x509/x509_d2.c b/src/lib/libcrypto/x509/x509_d2.c deleted file mode 100644 index bf358ec299..0000000000 --- a/src/lib/libcrypto/x509/x509_d2.c +++ /dev/null @@ -1,131 +0,0 @@ -/* $OpenBSD: x509_d2.c,v 1.12 2023/02/16 08:38:17 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include -#include -#include - -int -X509_STORE_set_default_paths(X509_STORE *ctx) -{ - X509_LOOKUP *lookup; - - lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_file()); - if (lookup == NULL) - return (0); - X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT); - - lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_hash_dir()); - if (lookup == NULL) - return (0); - X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT); - - /* clear any errors */ - ERR_clear_error(); - - return (1); -} -LCRYPTO_ALIAS(X509_STORE_set_default_paths); - -int -X509_STORE_load_locations(X509_STORE *ctx, const char *file, const char *path) -{ - X509_LOOKUP *lookup; - - if (file != NULL) { - lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_file()); - if (lookup == NULL) - return (0); - if (X509_LOOKUP_load_file(lookup, file, X509_FILETYPE_PEM) != 1) - return (0); - } - if (path != NULL) { - lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_hash_dir()); - if (lookup == NULL) - return (0); - if (X509_LOOKUP_add_dir(lookup, path, X509_FILETYPE_PEM) != 1) - return (0); - } - if ((path == NULL) && (file == NULL)) - return (0); - return (1); -} -LCRYPTO_ALIAS(X509_STORE_load_locations); - -int -X509_STORE_load_mem(X509_STORE *ctx, void *buf, int len) -{ - X509_LOOKUP *lookup; - struct iovec iov; - - lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_mem()); - if (lookup == NULL) - return (0); - - iov.iov_base = buf; - iov.iov_len = len; - - if (X509_LOOKUP_add_mem(lookup, &iov, X509_FILETYPE_PEM) != 1) - return (0); - - return (1); -} -LCRYPTO_ALIAS(X509_STORE_load_mem); diff --git a/src/lib/libcrypto/x509/x509_def.c b/src/lib/libcrypto/x509/x509_def.c deleted file mode 100644 index f9b395c206..0000000000 --- a/src/lib/libcrypto/x509/x509_def.c +++ /dev/null @@ -1,103 +0,0 @@ -/* $OpenBSD: x509_def.c,v 1.10 2024/11/05 09:35:40 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include "crypto_local.h" - -const char * -X509_get_default_private_dir(void) -{ - return X509_PRIVATE_DIR; -} -LCRYPTO_ALIAS(X509_get_default_private_dir); - -const char * -X509_get_default_cert_area(void) -{ - return X509_CERT_AREA; -} -LCRYPTO_ALIAS(X509_get_default_cert_area); - -const char * -X509_get_default_cert_dir(void) -{ - return X509_CERT_DIR; -} -LCRYPTO_ALIAS(X509_get_default_cert_dir); - -const char * -X509_get_default_cert_file(void) -{ - return X509_CERT_FILE; -} -LCRYPTO_ALIAS(X509_get_default_cert_file); - -const char * -X509_get_default_cert_dir_env(void) -{ - return X509_CERT_DIR_EVP; -} -LCRYPTO_ALIAS(X509_get_default_cert_dir_env); - -const char * -X509_get_default_cert_file_env(void) -{ - return X509_CERT_FILE_EVP; -} -LCRYPTO_ALIAS(X509_get_default_cert_file_env); diff --git a/src/lib/libcrypto/x509/x509_err.c b/src/lib/libcrypto/x509/x509_err.c deleted file mode 100644 index cff045b105..0000000000 --- a/src/lib/libcrypto/x509/x509_err.c +++ /dev/null @@ -1,215 +0,0 @@ -/* $OpenBSD: x509_err.c,v 1.23 2024/06/24 06:43:23 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include -#include - -#include "err_local.h" - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509,0,reason) - -static const ERR_STRING_DATA X509_str_functs[] = { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static const ERR_STRING_DATA X509_str_reasons[] = { - {ERR_REASON(X509_R_BAD_X509_FILETYPE) , "bad x509 filetype"}, - {ERR_REASON(X509_R_BASE64_DECODE_ERROR) , "base64 decode error"}, - {ERR_REASON(X509_R_CANT_CHECK_DH_KEY) , "cant check dh key"}, - {ERR_REASON(X509_R_CERT_ALREADY_IN_HASH_TABLE), "cert already in hash table"}, - {ERR_REASON(X509_R_ERR_ASN1_LIB) , "err asn1 lib"}, - {ERR_REASON(X509_R_INVALID_DIRECTORY) , "invalid directory"}, - {ERR_REASON(X509_R_INVALID_FIELD_NAME) , "invalid field name"}, - {ERR_REASON(X509_R_INVALID_TRUST) , "invalid trust"}, - {ERR_REASON(X509_R_INVALID_VERSION) , "invalid x509 version"}, - {ERR_REASON(X509_R_KEY_TYPE_MISMATCH) , "key type mismatch"}, - {ERR_REASON(X509_R_KEY_VALUES_MISMATCH) , "key values mismatch"}, - {ERR_REASON(X509_R_LOADING_CERT_DIR) , "loading cert dir"}, - {ERR_REASON(X509_R_LOADING_DEFAULTS) , "loading defaults"}, - {ERR_REASON(X509_R_METHOD_NOT_SUPPORTED) , "method not supported"}, - {ERR_REASON(X509_R_NO_CERTIFICATE_OR_CRL_FOUND), "no certificate or crl found"}, - {ERR_REASON(X509_R_NO_CERT_SET_FOR_US_TO_VERIFY), "no cert set for us to verify"}, - {ERR_REASON(X509_R_PUBLIC_KEY_DECODE_ERROR), "public key decode error"}, - {ERR_REASON(X509_R_PUBLIC_KEY_ENCODE_ERROR), "public key encode error"}, - {ERR_REASON(X509_R_SHOULD_RETRY) , "should retry"}, - {ERR_REASON(X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN), "unable to find parameters in chain"}, - {ERR_REASON(X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY), "unable to get certs public key"}, - {ERR_REASON(X509_R_UNKNOWN_KEY_TYPE) , "unknown key type"}, - {ERR_REASON(X509_R_UNKNOWN_NID) , "unknown nid"}, - {ERR_REASON(X509_R_UNKNOWN_PURPOSE_ID) , "unknown purpose id"}, - {ERR_REASON(X509_R_UNKNOWN_TRUST_ID) , "unknown trust id"}, - {ERR_REASON(X509_R_UNSUPPORTED_ALGORITHM), "unsupported algorithm"}, - {ERR_REASON(X509_R_WRONG_LOOKUP_TYPE) , "wrong lookup type"}, - {ERR_REASON(X509_R_WRONG_TYPE) , "wrong type"}, - {0, NULL} -}; - -#undef ERR_FUNC -#undef ERR_REASON -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509V3,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509V3,0,reason) - -static const ERR_STRING_DATA X509V3_str_functs[] = { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static const ERR_STRING_DATA X509V3_str_reasons[] = { - {ERR_REASON(X509V3_R_BAD_IP_ADDRESS) , "bad ip address"}, - {ERR_REASON(X509V3_R_BAD_OBJECT) , "bad object"}, - {ERR_REASON(X509V3_R_BN_DEC2BN_ERROR) , "bn dec2bn error"}, - {ERR_REASON(X509V3_R_BN_TO_ASN1_INTEGER_ERROR), "bn to asn1 integer error"}, - {ERR_REASON(X509V3_R_DIRNAME_ERROR) , "dirname error"}, - {ERR_REASON(X509V3_R_DISTPOINT_ALREADY_SET), "distpoint already set"}, - {ERR_REASON(X509V3_R_DUPLICATE_ZONE_ID) , "duplicate zone id"}, - {ERR_REASON(X509V3_R_ERROR_CONVERTING_ZONE), "error converting zone"}, - {ERR_REASON(X509V3_R_ERROR_CREATING_EXTENSION), "error creating extension"}, - {ERR_REASON(X509V3_R_ERROR_IN_EXTENSION) , "error in extension"}, - {ERR_REASON(X509V3_R_EXPECTED_A_SECTION_NAME), "expected a section name"}, - {ERR_REASON(X509V3_R_EXTENSION_EXISTS) , "extension exists"}, - {ERR_REASON(X509V3_R_EXTENSION_NAME_ERROR), "extension name error"}, - {ERR_REASON(X509V3_R_EXTENSION_NOT_FOUND), "extension not found"}, - {ERR_REASON(X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED), "extension setting not supported"}, - {ERR_REASON(X509V3_R_EXTENSION_VALUE_ERROR), "extension value error"}, - {ERR_REASON(X509V3_R_ILLEGAL_EMPTY_EXTENSION), "illegal empty extension"}, - {ERR_REASON(X509V3_R_ILLEGAL_HEX_DIGIT) , "illegal hex digit"}, - {ERR_REASON(X509V3_R_INCORRECT_POLICY_SYNTAX_TAG), "incorrect policy syntax tag"}, - {ERR_REASON(X509V3_R_INVALID_MULTIPLE_RDNS), "invalid multiple rdns"}, - {ERR_REASON(X509V3_R_INVALID_ASNUMBER) , "invalid asnumber"}, - {ERR_REASON(X509V3_R_INVALID_ASRANGE) , "invalid asrange"}, - {ERR_REASON(X509V3_R_INVALID_BOOLEAN_STRING), "invalid boolean string"}, - {ERR_REASON(X509V3_R_INVALID_EXTENSION_STRING), "invalid extension string"}, - {ERR_REASON(X509V3_R_INVALID_INHERITANCE), "invalid inheritance"}, - {ERR_REASON(X509V3_R_INVALID_IPADDRESS) , "invalid ipaddress"}, - {ERR_REASON(X509V3_R_INVALID_NAME) , "invalid name"}, - {ERR_REASON(X509V3_R_INVALID_NULL_ARGUMENT), "invalid null argument"}, - {ERR_REASON(X509V3_R_INVALID_NULL_NAME) , "invalid null name"}, - {ERR_REASON(X509V3_R_INVALID_NULL_VALUE) , "invalid null value"}, - {ERR_REASON(X509V3_R_INVALID_NUMBER) , "invalid number"}, - {ERR_REASON(X509V3_R_INVALID_NUMBERS) , "invalid numbers"}, - {ERR_REASON(X509V3_R_INVALID_OBJECT_IDENTIFIER), "invalid object identifier"}, - {ERR_REASON(X509V3_R_INVALID_OPTION) , "invalid option"}, - {ERR_REASON(X509V3_R_INVALID_POLICY_IDENTIFIER), "invalid policy identifier"}, - {ERR_REASON(X509V3_R_INVALID_PROXY_POLICY_SETTING), "invalid proxy policy setting"}, - {ERR_REASON(X509V3_R_INVALID_PURPOSE) , "invalid purpose"}, - {ERR_REASON(X509V3_R_INVALID_SAFI) , "invalid safi"}, - {ERR_REASON(X509V3_R_INVALID_SECTION) , "invalid section"}, - {ERR_REASON(X509V3_R_INVALID_SYNTAX) , "invalid syntax"}, - {ERR_REASON(X509V3_R_ISSUER_DECODE_ERROR), "issuer decode error"}, - {ERR_REASON(X509V3_R_MISSING_VALUE) , "missing value"}, - {ERR_REASON(X509V3_R_NEED_ORGANIZATION_AND_NUMBERS), "need organization and numbers"}, - {ERR_REASON(X509V3_R_NO_CONFIG_DATABASE) , "no config database"}, - {ERR_REASON(X509V3_R_NO_ISSUER_CERTIFICATE), "no issuer certificate"}, - {ERR_REASON(X509V3_R_NO_ISSUER_DETAILS) , "no issuer details"}, - {ERR_REASON(X509V3_R_NO_POLICY_IDENTIFIER), "no policy identifier"}, - {ERR_REASON(X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED), "no proxy cert policy language defined"}, - {ERR_REASON(X509V3_R_NO_PUBLIC_KEY) , "no public key"}, - {ERR_REASON(X509V3_R_NO_SUBJECT_DETAILS) , "no subject details"}, - {ERR_REASON(X509V3_R_ODD_NUMBER_OF_DIGITS), "odd number of digits"}, - {ERR_REASON(X509V3_R_OPERATION_NOT_DEFINED), "operation not defined"}, - {ERR_REASON(X509V3_R_OTHERNAME_ERROR) , "othername error"}, - {ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED), "policy language already defined"}, - {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH) , "policy path length"}, - {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED), "policy path length already defined"}, - {ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED), "policy syntax not currently supported"}, - {ERR_REASON(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY), "policy when proxy language requires no policy"}, - {ERR_REASON(X509V3_R_SECTION_NOT_FOUND) , "section not found"}, - {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS), "unable to get issuer details"}, - {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_KEYID), "unable to get issuer keyid"}, - {ERR_REASON(X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT), "unknown bit string argument"}, - {ERR_REASON(X509V3_R_UNKNOWN_EXTENSION) , "unknown extension"}, - {ERR_REASON(X509V3_R_UNKNOWN_EXTENSION_NAME), "unknown extension name"}, - {ERR_REASON(X509V3_R_UNKNOWN_OPTION) , "unknown option"}, - {ERR_REASON(X509V3_R_UNSUPPORTED_OPTION) , "unsupported option"}, - {ERR_REASON(X509V3_R_UNSUPPORTED_TYPE) , "unsupported type"}, - {ERR_REASON(X509V3_R_USER_TOO_LONG) , "user too long"}, - {0, NULL} -}; - -#endif - -void -ERR_load_X509_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(X509_str_functs[0].error) == NULL) { - ERR_load_const_strings(X509_str_functs); - ERR_load_const_strings(X509_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_X509_strings); - - -void -ERR_load_X509V3_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(X509V3_str_functs[0].error) == NULL) { - ERR_load_const_strings(X509V3_str_functs); - ERR_load_const_strings(X509V3_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_X509V3_strings); diff --git a/src/lib/libcrypto/x509/x509_ext.c b/src/lib/libcrypto/x509/x509_ext.c deleted file mode 100644 index f9a311feff..0000000000 --- a/src/lib/libcrypto/x509/x509_ext.c +++ /dev/null @@ -1,258 +0,0 @@ -/* $OpenBSD: x509_ext.c,v 1.18 2024/05/14 07:39:43 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include - -#include "x509_local.h" - -int -X509_CRL_get_ext_count(const X509_CRL *x) -{ - return X509v3_get_ext_count(x->crl->extensions); -} -LCRYPTO_ALIAS(X509_CRL_get_ext_count); - -int -X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid, int lastpos) -{ - return X509v3_get_ext_by_NID(x->crl->extensions, nid, lastpos); -} -LCRYPTO_ALIAS(X509_CRL_get_ext_by_NID); - -int -X509_CRL_get_ext_by_OBJ(const X509_CRL *x, const ASN1_OBJECT *obj, int lastpos) -{ - return X509v3_get_ext_by_OBJ(x->crl->extensions, obj, lastpos); -} -LCRYPTO_ALIAS(X509_CRL_get_ext_by_OBJ); - -int -X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit, int lastpos) -{ - return X509v3_get_ext_by_critical(x->crl->extensions, crit, lastpos); -} -LCRYPTO_ALIAS(X509_CRL_get_ext_by_critical); - -X509_EXTENSION * -X509_CRL_get_ext(const X509_CRL *x, int loc) -{ - return X509v3_get_ext(x->crl->extensions, loc); -} -LCRYPTO_ALIAS(X509_CRL_get_ext); - -X509_EXTENSION * -X509_CRL_delete_ext(X509_CRL *x, int loc) -{ - return X509v3_delete_ext(x->crl->extensions, loc); -} -LCRYPTO_ALIAS(X509_CRL_delete_ext); - -void * -X509_CRL_get_ext_d2i(const X509_CRL *x, int nid, int *crit, int *idx) -{ - return X509V3_get_d2i(x->crl->extensions, nid, crit, idx); -} -LCRYPTO_ALIAS(X509_CRL_get_ext_d2i); - -int -X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, int crit, - unsigned long flags) -{ - return X509V3_add1_i2d(&x->crl->extensions, nid, value, crit, flags); -} -LCRYPTO_ALIAS(X509_CRL_add1_ext_i2d); - -int -X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc) -{ - return X509v3_add_ext(&x->crl->extensions, ex, loc) != NULL; -} -LCRYPTO_ALIAS(X509_CRL_add_ext); - -int -X509_get_ext_count(const X509 *x) -{ - return X509v3_get_ext_count(x->cert_info->extensions); -} -LCRYPTO_ALIAS(X509_get_ext_count); - -int -X509_get_ext_by_NID(const X509 *x, int nid, int lastpos) -{ - return X509v3_get_ext_by_NID(x->cert_info->extensions, nid, lastpos); -} -LCRYPTO_ALIAS(X509_get_ext_by_NID); - -int -X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj, int lastpos) -{ - return X509v3_get_ext_by_OBJ(x->cert_info->extensions, obj, lastpos); -} -LCRYPTO_ALIAS(X509_get_ext_by_OBJ); - -int -X509_get_ext_by_critical(const X509 *x, int crit, int lastpos) -{ - return X509v3_get_ext_by_critical(x->cert_info->extensions, crit, - lastpos); -} -LCRYPTO_ALIAS(X509_get_ext_by_critical); - -X509_EXTENSION * -X509_get_ext(const X509 *x, int loc) -{ - return X509v3_get_ext(x->cert_info->extensions, loc); -} -LCRYPTO_ALIAS(X509_get_ext); - -X509_EXTENSION * -X509_delete_ext(X509 *x, int loc) -{ - return X509v3_delete_ext(x->cert_info->extensions, loc); -} -LCRYPTO_ALIAS(X509_delete_ext); - -int -X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc) -{ - return X509v3_add_ext(&x->cert_info->extensions, ex, loc) != NULL; -} -LCRYPTO_ALIAS(X509_add_ext); - -void * -X509_get_ext_d2i(const X509 *x, int nid, int *crit, int *idx) -{ - return X509V3_get_d2i(x->cert_info->extensions, nid, crit, idx); -} -LCRYPTO_ALIAS(X509_get_ext_d2i); - -int -X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit, unsigned long flags) -{ - return X509V3_add1_i2d(&x->cert_info->extensions, nid, value, crit, - flags); -} -LCRYPTO_ALIAS(X509_add1_ext_i2d); - -int -X509_REVOKED_get_ext_count(const X509_REVOKED *x) -{ - return X509v3_get_ext_count(x->extensions); -} -LCRYPTO_ALIAS(X509_REVOKED_get_ext_count); - -int -X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid, int lastpos) -{ - return X509v3_get_ext_by_NID(x->extensions, nid, lastpos); -} -LCRYPTO_ALIAS(X509_REVOKED_get_ext_by_NID); - -int -X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x, const ASN1_OBJECT *obj, - int lastpos) -{ - return X509v3_get_ext_by_OBJ(x->extensions, obj, lastpos); -} -LCRYPTO_ALIAS(X509_REVOKED_get_ext_by_OBJ); - -int -X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x, int crit, int lastpos) -{ - return X509v3_get_ext_by_critical(x->extensions, crit, lastpos); -} -LCRYPTO_ALIAS(X509_REVOKED_get_ext_by_critical); - -X509_EXTENSION * -X509_REVOKED_get_ext(const X509_REVOKED *x, int loc) -{ - return X509v3_get_ext(x->extensions, loc); -} -LCRYPTO_ALIAS(X509_REVOKED_get_ext); - -X509_EXTENSION * -X509_REVOKED_delete_ext(X509_REVOKED *x, int loc) -{ - return X509v3_delete_ext(x->extensions, loc); -} -LCRYPTO_ALIAS(X509_REVOKED_delete_ext); - -int -X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc) -{ - return X509v3_add_ext(&x->extensions, ex, loc) != NULL; -} -LCRYPTO_ALIAS(X509_REVOKED_add_ext); - -void * -X509_REVOKED_get_ext_d2i(const X509_REVOKED *x, int nid, int *crit, int *idx) -{ - return X509V3_get_d2i(x->extensions, nid, crit, idx); -} -LCRYPTO_ALIAS(X509_REVOKED_get_ext_d2i); - -int -X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, int crit, - unsigned long flags) -{ - return X509V3_add1_i2d(&x->extensions, nid, value, crit, flags); -} -LCRYPTO_ALIAS(X509_REVOKED_add1_ext_i2d); diff --git a/src/lib/libcrypto/x509/x509_extku.c b/src/lib/libcrypto/x509/x509_extku.c deleted file mode 100644 index da5036a09a..0000000000 --- a/src/lib/libcrypto/x509/x509_extku.c +++ /dev/null @@ -1,236 +0,0 @@ -/* $OpenBSD: x509_extku.c,v 1.6 2024/08/31 10:03:03 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include -#include - -#include "x509_local.h" - -static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); -static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE( - const X509V3_EXT_METHOD *method, void *eku, STACK_OF(CONF_VALUE) *extlist); - -static const X509V3_EXT_METHOD x509v3_ext_ext_key_usage = { - .ext_nid = NID_ext_key_usage, - .ext_flags = 0, - .it = &EXTENDED_KEY_USAGE_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = i2v_EXTENDED_KEY_USAGE, - .v2i = v2i_EXTENDED_KEY_USAGE, - .i2r = NULL, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_ext_key_usage(void) -{ - return &x509v3_ext_ext_key_usage; -} - -/* NB OCSP acceptable responses also is a SEQUENCE OF OBJECT */ -static const X509V3_EXT_METHOD x509v3_ext_id_pkix_OCSP_acceptableResponses = { - .ext_nid = NID_id_pkix_OCSP_acceptableResponses, - .ext_flags = 0, - .it = &EXTENDED_KEY_USAGE_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = i2v_EXTENDED_KEY_USAGE, - .v2i = v2i_EXTENDED_KEY_USAGE, - .i2r = NULL, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_id_pkix_OCSP_acceptableResponses(void) -{ - return &x509v3_ext_id_pkix_OCSP_acceptableResponses; -} - -static const ASN1_TEMPLATE EXTENDED_KEY_USAGE_item_tt = { - .flags = ASN1_TFLG_SEQUENCE_OF, - .tag = 0, - .offset = 0, - .field_name = "EXTENDED_KEY_USAGE", - .item = &ASN1_OBJECT_it, -}; - -const ASN1_ITEM EXTENDED_KEY_USAGE_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = -1, - .templates = &EXTENDED_KEY_USAGE_item_tt, - .tcount = 0, - .funcs = NULL, - .size = 0, - .sname = "EXTENDED_KEY_USAGE", -}; -LCRYPTO_ALIAS(EXTENDED_KEY_USAGE_it); - - -EXTENDED_KEY_USAGE * -d2i_EXTENDED_KEY_USAGE(EXTENDED_KEY_USAGE **a, const unsigned char **in, long len) -{ - return (EXTENDED_KEY_USAGE *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &EXTENDED_KEY_USAGE_it); -} -LCRYPTO_ALIAS(d2i_EXTENDED_KEY_USAGE); - -int -i2d_EXTENDED_KEY_USAGE(EXTENDED_KEY_USAGE *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &EXTENDED_KEY_USAGE_it); -} -LCRYPTO_ALIAS(i2d_EXTENDED_KEY_USAGE); - -EXTENDED_KEY_USAGE * -EXTENDED_KEY_USAGE_new(void) -{ - return (EXTENDED_KEY_USAGE *)ASN1_item_new(&EXTENDED_KEY_USAGE_it); -} -LCRYPTO_ALIAS(EXTENDED_KEY_USAGE_new); - -void -EXTENDED_KEY_USAGE_free(EXTENDED_KEY_USAGE *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &EXTENDED_KEY_USAGE_it); -} -LCRYPTO_ALIAS(EXTENDED_KEY_USAGE_free); - -static STACK_OF(CONF_VALUE) * -i2v_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, void *a, - STACK_OF(CONF_VALUE) *extlist) -{ - ASN1_OBJECT *obj; - EXTENDED_KEY_USAGE *eku = a; - STACK_OF(CONF_VALUE) *free_extlist = NULL; - char obj_tmp[80]; - int i; - - if (extlist == NULL) { - if ((free_extlist = extlist = sk_CONF_VALUE_new_null()) == NULL) - return NULL; - } - - for (i = 0; i < sk_ASN1_OBJECT_num(eku); i++) { - if ((obj = sk_ASN1_OBJECT_value(eku, i)) == NULL) - goto err; - if (!i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, obj)) - goto err; - if (!X509V3_add_value(NULL, obj_tmp, &extlist)) - goto err; - } - - return extlist; - - err: - sk_CONF_VALUE_pop_free(free_extlist, X509V3_conf_free); - - return NULL; -} - -static void * -v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - STACK_OF(CONF_VALUE) *nval) -{ - EXTENDED_KEY_USAGE *extku; - char *extval; - ASN1_OBJECT *objtmp; - CONF_VALUE *val; - int i; - - if (!(extku = sk_ASN1_OBJECT_new_null())) { - X509V3error(ERR_R_MALLOC_FAILURE); - return NULL; - } - - for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { - val = sk_CONF_VALUE_value(nval, i); - if (val->value) - extval = val->value; - else - extval = val->name; - if (!(objtmp = OBJ_txt2obj(extval, 0))) { - sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free); - X509V3error(X509V3_R_INVALID_OBJECT_IDENTIFIER); - X509V3_conf_err(val); - return NULL; - } - if (sk_ASN1_OBJECT_push(extku, objtmp) == 0) { - ASN1_OBJECT_free(objtmp); - sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free); - X509V3error(ERR_R_MALLOC_FAILURE); - return NULL; - } - } - return extku; -} diff --git a/src/lib/libcrypto/x509/x509_genn.c b/src/lib/libcrypto/x509/x509_genn.c deleted file mode 100644 index 1ea7155795..0000000000 --- a/src/lib/libcrypto/x509/x509_genn.c +++ /dev/null @@ -1,541 +0,0 @@ -/* $OpenBSD: x509_genn.c,v 1.7 2024/07/08 14:47:44 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - - -#include - -#include -#include -#include - -static const ASN1_TEMPLATE OTHERNAME_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(OTHERNAME, type_id), - .field_name = "type_id", - .item = &ASN1_OBJECT_it, - }, - /* Maybe have a true ANY DEFINED BY later */ - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 0, - .offset = offsetof(OTHERNAME, value), - .field_name = "value", - .item = &ASN1_ANY_it, - }, -}; - -const ASN1_ITEM OTHERNAME_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = OTHERNAME_seq_tt, - .tcount = sizeof(OTHERNAME_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(OTHERNAME), - .sname = "OTHERNAME", -}; -LCRYPTO_ALIAS(OTHERNAME_it); - - -OTHERNAME * -d2i_OTHERNAME(OTHERNAME **a, const unsigned char **in, long len) -{ - return (OTHERNAME *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &OTHERNAME_it); -} -LCRYPTO_ALIAS(d2i_OTHERNAME); - -int -i2d_OTHERNAME(OTHERNAME *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &OTHERNAME_it); -} -LCRYPTO_ALIAS(i2d_OTHERNAME); - -OTHERNAME * -OTHERNAME_new(void) -{ - return (OTHERNAME *)ASN1_item_new(&OTHERNAME_it); -} -LCRYPTO_ALIAS(OTHERNAME_new); - -void -OTHERNAME_free(OTHERNAME *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &OTHERNAME_it); -} -LCRYPTO_ALIAS(OTHERNAME_free); - -/* Uses explicit tagging since DIRECTORYSTRING is a CHOICE type */ -static const ASN1_TEMPLATE EDIPARTYNAME_seq_tt[] = { - { - .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(EDIPARTYNAME, nameAssigner), - .field_name = "nameAssigner", - .item = &DIRECTORYSTRING_it, - }, - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = 1, - .offset = offsetof(EDIPARTYNAME, partyName), - .field_name = "partyName", - .item = &DIRECTORYSTRING_it, - }, -}; - -const ASN1_ITEM EDIPARTYNAME_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = EDIPARTYNAME_seq_tt, - .tcount = sizeof(EDIPARTYNAME_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(EDIPARTYNAME), - .sname = "EDIPARTYNAME", -}; -LCRYPTO_ALIAS(EDIPARTYNAME_it); - - -EDIPARTYNAME * -d2i_EDIPARTYNAME(EDIPARTYNAME **a, const unsigned char **in, long len) -{ - return (EDIPARTYNAME *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &EDIPARTYNAME_it); -} -LCRYPTO_ALIAS(d2i_EDIPARTYNAME); - -int -i2d_EDIPARTYNAME(EDIPARTYNAME *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &EDIPARTYNAME_it); -} -LCRYPTO_ALIAS(i2d_EDIPARTYNAME); - -EDIPARTYNAME * -EDIPARTYNAME_new(void) -{ - return (EDIPARTYNAME *)ASN1_item_new(&EDIPARTYNAME_it); -} -LCRYPTO_ALIAS(EDIPARTYNAME_new); - -void -EDIPARTYNAME_free(EDIPARTYNAME *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &EDIPARTYNAME_it); -} -LCRYPTO_ALIAS(EDIPARTYNAME_free); - -static const ASN1_TEMPLATE GENERAL_NAME_ch_tt[] = { - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = GEN_OTHERNAME, - .offset = offsetof(GENERAL_NAME, d.otherName), - .field_name = "d.otherName", - .item = &OTHERNAME_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = GEN_EMAIL, - .offset = offsetof(GENERAL_NAME, d.rfc822Name), - .field_name = "d.rfc822Name", - .item = &ASN1_IA5STRING_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = GEN_DNS, - .offset = offsetof(GENERAL_NAME, d.dNSName), - .field_name = "d.dNSName", - .item = &ASN1_IA5STRING_it, - }, - /* Don't decode this */ - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = GEN_X400, - .offset = offsetof(GENERAL_NAME, d.x400Address), - .field_name = "d.x400Address", - .item = &ASN1_SEQUENCE_it, - }, - /* X509_NAME is a CHOICE type so use EXPLICIT */ - { - .flags = ASN1_TFLG_EXPLICIT, - .tag = GEN_DIRNAME, - .offset = offsetof(GENERAL_NAME, d.directoryName), - .field_name = "d.directoryName", - .item = &X509_NAME_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = GEN_EDIPARTY, - .offset = offsetof(GENERAL_NAME, d.ediPartyName), - .field_name = "d.ediPartyName", - .item = &EDIPARTYNAME_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = GEN_URI, - .offset = offsetof(GENERAL_NAME, d.uniformResourceIdentifier), - .field_name = "d.uniformResourceIdentifier", - .item = &ASN1_IA5STRING_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = GEN_IPADD, - .offset = offsetof(GENERAL_NAME, d.iPAddress), - .field_name = "d.iPAddress", - .item = &ASN1_OCTET_STRING_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT, - .tag = GEN_RID, - .offset = offsetof(GENERAL_NAME, d.registeredID), - .field_name = "d.registeredID", - .item = &ASN1_OBJECT_it, - }, -}; - -const ASN1_ITEM GENERAL_NAME_it = { - .itype = ASN1_ITYPE_CHOICE, - .utype = offsetof(GENERAL_NAME, type), - .templates = GENERAL_NAME_ch_tt, - .tcount = sizeof(GENERAL_NAME_ch_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(GENERAL_NAME), - .sname = "GENERAL_NAME", -}; -LCRYPTO_ALIAS(GENERAL_NAME_it); - - -GENERAL_NAME * -d2i_GENERAL_NAME(GENERAL_NAME **a, const unsigned char **in, long len) -{ - return (GENERAL_NAME *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &GENERAL_NAME_it); -} -LCRYPTO_ALIAS(d2i_GENERAL_NAME); - -int -i2d_GENERAL_NAME(GENERAL_NAME *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &GENERAL_NAME_it); -} -LCRYPTO_ALIAS(i2d_GENERAL_NAME); - -GENERAL_NAME * -GENERAL_NAME_new(void) -{ - return (GENERAL_NAME *)ASN1_item_new(&GENERAL_NAME_it); -} -LCRYPTO_ALIAS(GENERAL_NAME_new); - -void -GENERAL_NAME_free(GENERAL_NAME *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &GENERAL_NAME_it); -} -LCRYPTO_ALIAS(GENERAL_NAME_free); - -static const ASN1_TEMPLATE GENERAL_NAMES_item_tt = { - .flags = ASN1_TFLG_SEQUENCE_OF, - .tag = 0, - .offset = 0, - .field_name = "GeneralNames", - .item = &GENERAL_NAME_it, -}; - -const ASN1_ITEM GENERAL_NAMES_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = -1, - .templates = &GENERAL_NAMES_item_tt, - .tcount = 0, - .funcs = NULL, - .size = 0, - .sname = "GENERAL_NAMES", -}; -LCRYPTO_ALIAS(GENERAL_NAMES_it); - - -GENERAL_NAMES * -d2i_GENERAL_NAMES(GENERAL_NAMES **a, const unsigned char **in, long len) -{ - return (GENERAL_NAMES *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &GENERAL_NAMES_it); -} -LCRYPTO_ALIAS(d2i_GENERAL_NAMES); - -int -i2d_GENERAL_NAMES(GENERAL_NAMES *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &GENERAL_NAMES_it); -} -LCRYPTO_ALIAS(i2d_GENERAL_NAMES); - -GENERAL_NAMES * -GENERAL_NAMES_new(void) -{ - return (GENERAL_NAMES *)ASN1_item_new(&GENERAL_NAMES_it); -} -LCRYPTO_ALIAS(GENERAL_NAMES_new); - -void -GENERAL_NAMES_free(GENERAL_NAMES *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &GENERAL_NAMES_it); -} -LCRYPTO_ALIAS(GENERAL_NAMES_free); - -GENERAL_NAME * -GENERAL_NAME_dup(GENERAL_NAME *a) -{ - return ASN1_item_dup(&GENERAL_NAME_it, a); -} -LCRYPTO_ALIAS(GENERAL_NAME_dup); - -static int -EDIPARTYNAME_cmp(const EDIPARTYNAME *a, const EDIPARTYNAME *b) -{ - int res; - - /* - * Shouldn't be possible in a valid GENERAL_NAME, but we handle it - * anyway. OTHERNAME_cmp treats NULL != NULL, so we do the same here. - */ - if (a == NULL || b == NULL) - return -1; - if (a->nameAssigner == NULL && b->nameAssigner != NULL) - return -1; - if (a->nameAssigner != NULL && b->nameAssigner == NULL) - return 1; - /* If we get here, both have nameAssigner set or both unset. */ - if (a->nameAssigner != NULL) { - res = ASN1_STRING_cmp(a->nameAssigner, b->nameAssigner); - if (res != 0) - return res; - } - /* - * partyName is required, so these should never be NULL. We treat it in - * the same way as the a == NULL || b == NULL case above. - */ - if (a->partyName == NULL || b->partyName == NULL) - return -1; - - return ASN1_STRING_cmp(a->partyName, b->partyName); -} - -/* Returns 0 if they are equal, != 0 otherwise. */ -int -GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b) -{ - int result = -1; - - if (!a || !b || a->type != b->type) - return -1; - switch (a->type) { - case GEN_X400: - result = ASN1_STRING_cmp(a->d.x400Address, b->d.x400Address); - break; - - case GEN_EDIPARTY: - result = EDIPARTYNAME_cmp(a->d.ediPartyName, b->d.ediPartyName); - break; - - case GEN_OTHERNAME: - result = OTHERNAME_cmp(a->d.otherName, b->d.otherName); - break; - - case GEN_EMAIL: - case GEN_DNS: - case GEN_URI: - result = ASN1_STRING_cmp(a->d.ia5, b->d.ia5); - break; - - case GEN_DIRNAME: - result = X509_NAME_cmp(a->d.dirn, b->d.dirn); - break; - - case GEN_IPADD: - result = ASN1_OCTET_STRING_cmp(a->d.ip, b->d.ip); - break; - - case GEN_RID: - result = OBJ_cmp(a->d.rid, b->d.rid); - break; - } - return result; -} -LCRYPTO_ALIAS(GENERAL_NAME_cmp); - -/* Returns 0 if they are equal, != 0 otherwise. */ -int -OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b) -{ - int result = -1; - - if (!a || !b) - return -1; - /* Check their type first. */ - if ((result = OBJ_cmp(a->type_id, b->type_id)) != 0) - return result; - /* Check the value. */ - result = ASN1_TYPE_cmp(a->value, b->value); - return result; -} -LCRYPTO_ALIAS(OTHERNAME_cmp); - -void -GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value) -{ - switch (type) { - case GEN_X400: - a->d.x400Address = value; - break; - - case GEN_EDIPARTY: - a->d.ediPartyName = value; - break; - - case GEN_OTHERNAME: - a->d.otherName = value; - break; - - case GEN_EMAIL: - case GEN_DNS: - case GEN_URI: - a->d.ia5 = value; - break; - - case GEN_DIRNAME: - a->d.dirn = value; - break; - - case GEN_IPADD: - a->d.ip = value; - break; - - case GEN_RID: - a->d.rid = value; - break; - } - a->type = type; -} -LCRYPTO_ALIAS(GENERAL_NAME_set0_value); - -void * -GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype) -{ - if (ptype) - *ptype = a->type; - switch (a->type) { - case GEN_X400: - return a->d.x400Address; - - case GEN_EDIPARTY: - return a->d.ediPartyName; - - case GEN_OTHERNAME: - return a->d.otherName; - - case GEN_EMAIL: - case GEN_DNS: - case GEN_URI: - return a->d.ia5; - - case GEN_DIRNAME: - return a->d.dirn; - - case GEN_IPADD: - return a->d.ip; - - case GEN_RID: - return a->d.rid; - - default: - return NULL; - } -} -LCRYPTO_ALIAS(GENERAL_NAME_get0_value); - -int -GENERAL_NAME_set0_othername(GENERAL_NAME *gen, ASN1_OBJECT *oid, - ASN1_TYPE *value) -{ - OTHERNAME *oth; - - oth = OTHERNAME_new(); - if (!oth) - return 0; - oth->type_id = oid; - oth->value = value; - GENERAL_NAME_set0_value(gen, GEN_OTHERNAME, oth); - return 1; -} -LCRYPTO_ALIAS(GENERAL_NAME_set0_othername); - -int -GENERAL_NAME_get0_otherName(GENERAL_NAME *gen, ASN1_OBJECT **poid, - ASN1_TYPE **pvalue) -{ - if (gen->type != GEN_OTHERNAME) - return 0; - if (poid) - *poid = gen->d.otherName->type_id; - if (pvalue) - *pvalue = gen->d.otherName->value; - return 1; -} -LCRYPTO_ALIAS(GENERAL_NAME_get0_otherName); diff --git a/src/lib/libcrypto/x509/x509_ia5.c b/src/lib/libcrypto/x509/x509_ia5.c deleted file mode 100644 index 4f62a9134c..0000000000 --- a/src/lib/libcrypto/x509/x509_ia5.c +++ /dev/null @@ -1,268 +0,0 @@ -/* $OpenBSD: x509_ia5.c,v 1.2 2024/07/13 15:08:58 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include -#include - -static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5); -static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, char *str); - -static const X509V3_EXT_METHOD x509v3_ext_netscape_base_url = { - .ext_nid = NID_netscape_base_url, - .ext_flags = 0, - .it = &ASN1_IA5STRING_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, - .s2i = (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, - .i2v = NULL, - .v2i = NULL, - .i2r = NULL, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_netscape_base_url(void) -{ - return &x509v3_ext_netscape_base_url; -} - -static const X509V3_EXT_METHOD x509v3_ext_netscape_revocation_url = { - .ext_nid = NID_netscape_revocation_url, - .ext_flags = 0, - .it = &ASN1_IA5STRING_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, - .s2i = (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, - .i2v = NULL, - .v2i = NULL, - .i2r = NULL, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_netscape_revocation_url(void) -{ - return &x509v3_ext_netscape_revocation_url; -} - -static const X509V3_EXT_METHOD x509v3_ext_netscape_ca_revocation_url = { - .ext_nid = NID_netscape_ca_revocation_url, - .ext_flags = 0, - .it = &ASN1_IA5STRING_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, - .s2i = (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, - .i2v = NULL, - .v2i = NULL, - .i2r = NULL, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_netscape_ca_revocation_url(void) -{ - return &x509v3_ext_netscape_ca_revocation_url; -} - -static const X509V3_EXT_METHOD x509v3_ext_netscape_renewal_url = { - .ext_nid = NID_netscape_renewal_url, - .ext_flags = 0, - .it = &ASN1_IA5STRING_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, - .s2i = (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, - .i2v = NULL, - .v2i = NULL, - .i2r = NULL, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_netscape_renewal_url(void) -{ - return &x509v3_ext_netscape_renewal_url; -} - -static const X509V3_EXT_METHOD x509v3_ext_netscape_ca_policy_url = { - .ext_nid = NID_netscape_ca_policy_url, - .ext_flags = 0, - .it = &ASN1_IA5STRING_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, - .s2i = (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, - .i2v = NULL, - .v2i = NULL, - .i2r = NULL, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_netscape_ca_policy_url(void) -{ - return &x509v3_ext_netscape_ca_policy_url; -} - -static const X509V3_EXT_METHOD x509v3_ext_netscape_ssl_server_name = { - .ext_nid = NID_netscape_ssl_server_name, - .ext_flags = 0, - .it = &ASN1_IA5STRING_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, - .s2i = (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, - .i2v = NULL, - .v2i = NULL, - .i2r = NULL, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_netscape_ssl_server_name(void) -{ - return &x509v3_ext_netscape_ssl_server_name; -} - -static const X509V3_EXT_METHOD x509v3_ext_netscape_comment = { - .ext_nid = NID_netscape_comment, - .ext_flags = 0, - .it = &ASN1_IA5STRING_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, - .s2i = (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, - .i2v = NULL, - .v2i = NULL, - .i2r = NULL, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_netscape_comment(void) -{ - return &x509v3_ext_netscape_comment; -} - -static char * -i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5) -{ - char *tmp; - - if (!ia5 || !ia5->length) - return NULL; - if (!(tmp = malloc(ia5->length + 1))) { - X509V3error(ERR_R_MALLOC_FAILURE); - return NULL; - } - memcpy(tmp, ia5->data, ia5->length); - tmp[ia5->length] = 0; - return tmp; -} - -static ASN1_IA5STRING * -s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str) -{ - ASN1_IA5STRING *ia5; - if (!str) { - X509V3error(X509V3_R_INVALID_NULL_ARGUMENT); - return NULL; - } - if (!(ia5 = ASN1_IA5STRING_new())) - goto err; - if (!ASN1_STRING_set((ASN1_STRING *)ia5, (unsigned char*)str, - strlen(str))) { - ASN1_IA5STRING_free(ia5); - goto err; - } - return ia5; - -err: - X509V3error(ERR_R_MALLOC_FAILURE); - return NULL; -} diff --git a/src/lib/libcrypto/x509/x509_info.c b/src/lib/libcrypto/x509/x509_info.c deleted file mode 100644 index d1de346ee6..0000000000 --- a/src/lib/libcrypto/x509/x509_info.c +++ /dev/null @@ -1,331 +0,0 @@ -/* $OpenBSD: x509_info.c,v 1.5 2024/07/13 15:08:58 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include -#include -#include - -static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS( - X509V3_EXT_METHOD *method, AUTHORITY_INFO_ACCESS *ainfo, - STACK_OF(CONF_VALUE) *ret); -static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS( - X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); - -static const X509V3_EXT_METHOD x509v3_ext_info_access = { - .ext_nid = NID_info_access, - .ext_flags = X509V3_EXT_MULTILINE, - .it = &AUTHORITY_INFO_ACCESS_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = (X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS, - .v2i = (X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS, - .i2r = NULL, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_info_access(void) -{ - return &x509v3_ext_info_access; -} - -static const X509V3_EXT_METHOD x509v3_ext_sinfo_access = { - .ext_nid = NID_sinfo_access, - .ext_flags = X509V3_EXT_MULTILINE, - .it = &AUTHORITY_INFO_ACCESS_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = (X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS, - .v2i = (X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS, - .i2r = NULL, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_sinfo_access(void) -{ - return &x509v3_ext_sinfo_access; -} - -static const ASN1_TEMPLATE ACCESS_DESCRIPTION_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(ACCESS_DESCRIPTION, method), - .field_name = "method", - .item = &ASN1_OBJECT_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(ACCESS_DESCRIPTION, location), - .field_name = "location", - .item = &GENERAL_NAME_it, - }, -}; - -const ASN1_ITEM ACCESS_DESCRIPTION_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = ACCESS_DESCRIPTION_seq_tt, - .tcount = sizeof(ACCESS_DESCRIPTION_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(ACCESS_DESCRIPTION), - .sname = "ACCESS_DESCRIPTION", -}; -LCRYPTO_ALIAS(ACCESS_DESCRIPTION_it); - - -ACCESS_DESCRIPTION * -d2i_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION **a, const unsigned char **in, long len) -{ - return (ACCESS_DESCRIPTION *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &ACCESS_DESCRIPTION_it); -} -LCRYPTO_ALIAS(d2i_ACCESS_DESCRIPTION); - -int -i2d_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &ACCESS_DESCRIPTION_it); -} -LCRYPTO_ALIAS(i2d_ACCESS_DESCRIPTION); - -ACCESS_DESCRIPTION * -ACCESS_DESCRIPTION_new(void) -{ - return (ACCESS_DESCRIPTION *)ASN1_item_new(&ACCESS_DESCRIPTION_it); -} -LCRYPTO_ALIAS(ACCESS_DESCRIPTION_new); - -void -ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &ACCESS_DESCRIPTION_it); -} -LCRYPTO_ALIAS(ACCESS_DESCRIPTION_free); - -static const ASN1_TEMPLATE AUTHORITY_INFO_ACCESS_item_tt = { - .flags = ASN1_TFLG_SEQUENCE_OF, - .tag = 0, - .offset = 0, - .field_name = "GeneralNames", - .item = &ACCESS_DESCRIPTION_it, -}; - -const ASN1_ITEM AUTHORITY_INFO_ACCESS_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = -1, - .templates = &AUTHORITY_INFO_ACCESS_item_tt, - .tcount = 0, - .funcs = NULL, - .size = 0, - .sname = "AUTHORITY_INFO_ACCESS", -}; -LCRYPTO_ALIAS(AUTHORITY_INFO_ACCESS_it); - - -AUTHORITY_INFO_ACCESS * -d2i_AUTHORITY_INFO_ACCESS(AUTHORITY_INFO_ACCESS **a, const unsigned char **in, long len) -{ - return (AUTHORITY_INFO_ACCESS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &AUTHORITY_INFO_ACCESS_it); -} -LCRYPTO_ALIAS(d2i_AUTHORITY_INFO_ACCESS); - -int -i2d_AUTHORITY_INFO_ACCESS(AUTHORITY_INFO_ACCESS *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &AUTHORITY_INFO_ACCESS_it); -} -LCRYPTO_ALIAS(i2d_AUTHORITY_INFO_ACCESS); - -AUTHORITY_INFO_ACCESS * -AUTHORITY_INFO_ACCESS_new(void) -{ - return (AUTHORITY_INFO_ACCESS *)ASN1_item_new(&AUTHORITY_INFO_ACCESS_it); -} -LCRYPTO_ALIAS(AUTHORITY_INFO_ACCESS_new); - -void -AUTHORITY_INFO_ACCESS_free(AUTHORITY_INFO_ACCESS *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &AUTHORITY_INFO_ACCESS_it); -} -LCRYPTO_ALIAS(AUTHORITY_INFO_ACCESS_free); - -static STACK_OF(CONF_VALUE) * -i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, - AUTHORITY_INFO_ACCESS *ainfo, STACK_OF(CONF_VALUE) *ret) -{ - ACCESS_DESCRIPTION *desc; - CONF_VALUE *vtmp; - STACK_OF(CONF_VALUE) *free_ret = NULL; - char objtmp[80], *ntmp; - int i; - - if (ret == NULL) { - if ((free_ret = ret = sk_CONF_VALUE_new_null()) == NULL) - return NULL; - } - - for (i = 0; i < sk_ACCESS_DESCRIPTION_num(ainfo); i++) { - if ((desc = sk_ACCESS_DESCRIPTION_value(ainfo, i)) == NULL) - goto err; - if ((ret = i2v_GENERAL_NAME(method, desc->location, - ret)) == NULL) - goto err; - if ((vtmp = sk_CONF_VALUE_value(ret, i)) == NULL) - goto err; - if (!i2t_ASN1_OBJECT(objtmp, sizeof objtmp, desc->method)) - goto err; - if (asprintf(&ntmp, "%s - %s", objtmp, vtmp->name) == -1) { - ntmp = NULL; - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - free(vtmp->name); - vtmp->name = ntmp; - } - - return ret; - - err: - sk_CONF_VALUE_pop_free(free_ret, X509V3_conf_free); - - return NULL; -} - -static AUTHORITY_INFO_ACCESS * -v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - STACK_OF(CONF_VALUE) *nval) -{ - AUTHORITY_INFO_ACCESS *ainfo = NULL; - CONF_VALUE *cnf, ctmp; - ACCESS_DESCRIPTION *acc; - int i, objlen; - char *objtmp, *ptmp; - - if (!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) { - X509V3error(ERR_R_MALLOC_FAILURE); - return NULL; - } - for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { - cnf = sk_CONF_VALUE_value(nval, i); - if ((acc = ACCESS_DESCRIPTION_new()) == NULL) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - if (sk_ACCESS_DESCRIPTION_push(ainfo, acc) == 0) { - ACCESS_DESCRIPTION_free(acc); - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - ptmp = strchr(cnf->name, ';'); - if (!ptmp) { - X509V3error(X509V3_R_INVALID_SYNTAX); - goto err; - } - objlen = ptmp - cnf->name; - ctmp.name = ptmp + 1; - ctmp.value = cnf->value; - if (!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0)) - goto err; - if (!(objtmp = malloc(objlen + 1))) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - strlcpy(objtmp, cnf->name, objlen + 1); - acc->method = OBJ_txt2obj(objtmp, 0); - if (!acc->method) { - X509V3error(X509V3_R_BAD_OBJECT); - ERR_asprintf_error_data("value=%s", objtmp); - free(objtmp); - goto err; - } - free(objtmp); - } - return ainfo; - -err: - sk_ACCESS_DESCRIPTION_pop_free(ainfo, ACCESS_DESCRIPTION_free); - return NULL; -} - -int -i2a_ACCESS_DESCRIPTION(BIO *bp, const ACCESS_DESCRIPTION* a) -{ - i2a_ASN1_OBJECT(bp, a->method); - return 2; -} -LCRYPTO_ALIAS(i2a_ACCESS_DESCRIPTION); diff --git a/src/lib/libcrypto/x509/x509_int.c b/src/lib/libcrypto/x509/x509_int.c deleted file mode 100644 index 2236bfe4c4..0000000000 --- a/src/lib/libcrypto/x509/x509_int.c +++ /dev/null @@ -1,136 +0,0 @@ -/* $OpenBSD: x509_int.c,v 1.2 2024/07/13 15:08:58 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -static const X509V3_EXT_METHOD x509v3_ext_crl_number = { - .ext_nid = NID_crl_number, - .ext_flags = 0, - .it = &ASN1_INTEGER_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = (X509V3_EXT_I2S)i2s_ASN1_INTEGER, - .s2i = NULL, - .i2v = NULL, - .v2i = NULL, - .i2r = NULL, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_crl_number(void) -{ - return &x509v3_ext_crl_number; -} - -static const X509V3_EXT_METHOD x509v3_ext_delta_crl = { - .ext_nid = NID_delta_crl, - .ext_flags = 0, - .it = &ASN1_INTEGER_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = (X509V3_EXT_I2S)i2s_ASN1_INTEGER, - .s2i = NULL, - .i2v = NULL, - .v2i = NULL, - .i2r = NULL, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_delta_crl(void) -{ - return &x509v3_ext_delta_crl; -} - -static void * -s2i_asn1_int(X509V3_EXT_METHOD *meth, X509V3_CTX *ctx, char *value) -{ - return s2i_ASN1_INTEGER(meth, value); -} - -static const X509V3_EXT_METHOD x509v3_ext_inhibit_any_policy = { - .ext_nid = NID_inhibit_any_policy, - .ext_flags = 0, - .it = &ASN1_INTEGER_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = (X509V3_EXT_I2S)i2s_ASN1_INTEGER, - .s2i = (X509V3_EXT_S2I)s2i_asn1_int, - .i2v = NULL, - .v2i = NULL, - .i2r = NULL, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_inhibit_any_policy(void) -{ - return &x509v3_ext_inhibit_any_policy; -} diff --git a/src/lib/libcrypto/x509/x509_internal.h b/src/lib/libcrypto/x509/x509_internal.h deleted file mode 100644 index 9b9980ece5..0000000000 --- a/src/lib/libcrypto/x509/x509_internal.h +++ /dev/null @@ -1,141 +0,0 @@ -/* $OpenBSD: x509_internal.h,v 1.28 2024/05/19 07:12:50 jsg Exp $ */ -/* - * Copyright (c) 2020 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ -#ifndef HEADER_X509_INTERNAL_H -#define HEADER_X509_INTERNAL_H - -/* Internal use only, not public API */ -#include - -#include "bytestring.h" -#include "x509_local.h" -#include "x509_verify.h" - -/* Hard limits on structure size and number of signature checks. */ -#define X509_VERIFY_MAX_CHAINS 8 /* Max validated chains */ -#define X509_VERIFY_MAX_CHAIN_CERTS 32 /* Max depth of a chain */ -#define X509_VERIFY_MAX_SIGCHECKS 256 /* Max signature checks */ - -/* - * Limit the number of names and constraints we will check in a chain - * to avoid a hostile input DOS - */ -#define X509_VERIFY_MAX_CHAIN_NAMES 512 -#define X509_VERIFY_MAX_CHAIN_CONSTRAINTS 512 - -/* - * Hold the parsed and validated result of names from a certificate. - * these typically come from a GENERALNAME, but we store the parsed - * and validated results, not the ASN1 bytes. - */ -struct x509_constraints_name { - int type; /* GEN_* types from GENERAL_NAME */ - char *name; /* Name to check */ - char *local; /* holds the local part of GEN_EMAIL */ - uint8_t *der; /* DER encoded value or NULL*/ - size_t der_len; - int af; /* INET and INET6 are supported */ - uint8_t address[32]; /* Must hold ipv6 + mask */ -}; - -struct x509_constraints_names { - struct x509_constraints_name **names; - size_t names_count; - size_t names_len; - size_t names_max; -}; - -struct x509_verify_chain { - STACK_OF(X509) *certs; /* Kept in chain order, includes leaf */ - int *cert_errors; /* Verify error for each cert in chain. */ - struct x509_constraints_names *names; /* All names from all certs */ -}; - -struct x509_verify_ctx { - X509_STORE_CTX *xsc; - struct x509_verify_chain **chains; /* Validated chains */ - STACK_OF(X509) *saved_error_chain; - int saved_error; - int saved_error_depth; - size_t chains_count; - STACK_OF(X509) *roots; /* Trusted roots for this validation */ - STACK_OF(X509) *intermediates; /* Intermediates provided by peer */ - time_t *check_time; /* Time for validity checks */ - int purpose; /* Cert purpose we are validating */ - size_t max_chains; /* Max chains to return */ - size_t max_depth; /* Max chain depth for validation */ - size_t max_sigs; /* Max number of signature checks */ - size_t sig_checks; /* Number of signature checks done */ - size_t error_depth; /* Depth of last error seen */ - int error; /* Last error seen */ -}; - -int ASN1_time_tm_clamp_notafter(struct tm *tm); - -__BEGIN_HIDDEN_DECLS - -int x509_vfy_check_id(X509_STORE_CTX *ctx); -int x509_vfy_check_revocation(X509_STORE_CTX *ctx); -int x509_vfy_check_policy(X509_STORE_CTX *ctx); -int x509_vfy_check_trust(X509_STORE_CTX *ctx); -int x509_vfy_check_chain_extensions(X509_STORE_CTX *ctx); -int x509_vfy_callback_indicate_completion(X509_STORE_CTX *ctx); -int x509v3_cache_extensions(X509 *x); -X509 *x509_vfy_lookup_cert_match(X509_STORE_CTX *ctx, X509 *x); - -int x509_verify_asn1_time_to_time_t(const ASN1_TIME *atime, int notafter, - time_t *out); - -struct x509_verify_ctx *x509_verify_ctx_new_from_xsc(X509_STORE_CTX *xsc); - -void x509_constraints_name_clear(struct x509_constraints_name *name); -void x509_constraints_name_free(struct x509_constraints_name *name); -int x509_constraints_names_add(struct x509_constraints_names *names, - struct x509_constraints_name *name); -struct x509_constraints_names *x509_constraints_names_dup( - struct x509_constraints_names *names); -void x509_constraints_names_clear(struct x509_constraints_names *names); -struct x509_constraints_names *x509_constraints_names_new(size_t names_max); -int x509_constraints_general_to_bytes(GENERAL_NAME *name, uint8_t **bytes, - size_t *len); -void x509_constraints_names_free(struct x509_constraints_names *names); -int x509_constraints_valid_host(CBS *cbs, int permit_ip); -int x509_constraints_valid_sandns(CBS *cbs); -int x509_constraints_domain(char *domain, size_t dlen, char *constraint, - size_t len); -int x509_constraints_parse_mailbox(CBS *candidate, - struct x509_constraints_name *name); -int x509_constraints_valid_domain_constraint(CBS *cbs); -int x509_constraints_uri_host(uint8_t *uri, size_t len, char **hostp); -int x509_constraints_uri(uint8_t *uri, size_t ulen, uint8_t *constraint, - size_t len, int *error); -int x509_constraints_extract_names(struct x509_constraints_names *names, - X509 *cert, int include_cn, int *error); -int x509_constraints_extract_constraints(X509 *cert, - struct x509_constraints_names *permitted, - struct x509_constraints_names *excluded, int *error); -int x509_constraints_validate(GENERAL_NAME *constraint, - struct x509_constraints_name **out_name, int *error); -int x509_constraints_check(struct x509_constraints_names *names, - struct x509_constraints_names *permitted, - struct x509_constraints_names *excluded, int *error); -int x509_constraints_chain(STACK_OF(X509) *chain, int *error, - int *depth); -int x509_vfy_check_security_level(X509_STORE_CTX *ctx); - -__END_HIDDEN_DECLS - -#endif diff --git a/src/lib/libcrypto/x509/x509_issuer_cache.c b/src/lib/libcrypto/x509/x509_issuer_cache.c deleted file mode 100644 index 070e85b0a9..0000000000 --- a/src/lib/libcrypto/x509/x509_issuer_cache.c +++ /dev/null @@ -1,193 +0,0 @@ -/* $OpenBSD: x509_issuer_cache.c,v 1.7 2023/12/30 18:26:13 tb Exp $ */ -/* - * Copyright (c) 2020 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* x509_issuer_cache */ - -/* - * The issuer cache is a cache of parent and child x509 certificate - * hashes with a signature validation result. - * - * Entries should only be added to the cache with a validation result - * from checking the public key math that "parent" signed "child". - * - * Finding an entry in the cache gets us the result of a previously - * performed validation of the signature of "parent" signing for the - * validity of "child". It allows us to skip doing the public key math - * when validating a certificate chain. It does not allow us to skip - * any other steps of validation (times, names, key usage, etc.) - */ - -#include -#include - -#include "x509_issuer_cache.h" - -static int -x509_issuer_cmp(struct x509_issuer *x1, struct x509_issuer *x2) -{ - int pcmp; - if ((pcmp = memcmp(x1->parent_md, x2->parent_md, EVP_MAX_MD_SIZE)) != 0) - return pcmp; - return memcmp(x1->child_md, x2->child_md, EVP_MAX_MD_SIZE); -} - -static size_t x509_issuer_cache_count; -static size_t x509_issuer_cache_max = X509_ISSUER_CACHE_MAX; -static RB_HEAD(x509_issuer_tree, x509_issuer) x509_issuer_cache = - RB_INITIALIZER(&x509_issuer_cache); -static TAILQ_HEAD(lruqueue, x509_issuer) x509_issuer_lru = - TAILQ_HEAD_INITIALIZER(x509_issuer_lru); -static pthread_mutex_t x509_issuer_tree_mutex = PTHREAD_MUTEX_INITIALIZER; - -RB_PROTOTYPE(x509_issuer_tree, x509_issuer, entry, x509_issuer_cmp); -RB_GENERATE(x509_issuer_tree, x509_issuer, entry, x509_issuer_cmp); - -/* - * Set the maximum number of cached entries. On additions to the cache - * the least recently used entries will be discarded so that the cache - * stays under the maximum number of entries. Setting a maximum of 0 - * disables the cache. - */ -int -x509_issuer_cache_set_max(size_t max) -{ - if (pthread_mutex_lock(&x509_issuer_tree_mutex) != 0) - return 0; - x509_issuer_cache_max = max; - (void) pthread_mutex_unlock(&x509_issuer_tree_mutex); - - return 1; -} - -/* - * Free the oldest entry in the issuer cache. Returns 1 - * if an entry was successfully freed, 0 otherwise. Must - * be called with x509_issuer_tree_mutex held. - */ -static void -x509_issuer_cache_free_oldest(void) -{ - struct x509_issuer *old; - - if (x509_issuer_cache_count == 0) - return; - old = TAILQ_LAST(&x509_issuer_lru, lruqueue); - TAILQ_REMOVE(&x509_issuer_lru, old, queue); - RB_REMOVE(x509_issuer_tree, &x509_issuer_cache, old); - free(old->parent_md); - free(old->child_md); - free(old); - x509_issuer_cache_count--; -} - -/* - * Free the entire issuer cache, discarding all entries. - */ -void -x509_issuer_cache_free(void) -{ - if (pthread_mutex_lock(&x509_issuer_tree_mutex) != 0) - return; - while (x509_issuer_cache_count > 0) - x509_issuer_cache_free_oldest(); - (void) pthread_mutex_unlock(&x509_issuer_tree_mutex); -} - -/* - * Find a previous result of checking if parent signed child - * - * Returns: - * -1 : No entry exists in the cache. signature must be checked. - * 0 : The signature of parent signing child is invalid. - * 1 : The signature of parent signing child is valid. - */ -int -x509_issuer_cache_find(unsigned char *parent_md, unsigned char *child_md) -{ - struct x509_issuer candidate, *found; - int ret = -1; - - memset(&candidate, 0, sizeof(candidate)); - candidate.parent_md = parent_md; - candidate.child_md = child_md; - - if (x509_issuer_cache_max == 0) - return -1; - - if (pthread_mutex_lock(&x509_issuer_tree_mutex) != 0) - return -1; - if ((found = RB_FIND(x509_issuer_tree, &x509_issuer_cache, - &candidate)) != NULL) { - TAILQ_REMOVE(&x509_issuer_lru, found, queue); - TAILQ_INSERT_HEAD(&x509_issuer_lru, found, queue); - ret = found->valid; - } - (void) pthread_mutex_unlock(&x509_issuer_tree_mutex); - - return ret; -} - -/* - * Attempt to add a validation result to the cache. - * - * valid must be: - * 0: The signature of parent signing child is invalid. - * 1: The signature of parent signing child is valid. - * - * Previously added entries for the same parent and child are *not* replaced. - */ -void -x509_issuer_cache_add(unsigned char *parent_md, unsigned char *child_md, - int valid) -{ - struct x509_issuer *new; - - if (x509_issuer_cache_max == 0) - return; - if (valid != 0 && valid != 1) - return; - - if ((new = calloc(1, sizeof(struct x509_issuer))) == NULL) - return; - if ((new->parent_md = calloc(1, EVP_MAX_MD_SIZE)) == NULL) - goto err; - memcpy(new->parent_md, parent_md, EVP_MAX_MD_SIZE); - if ((new->child_md = calloc(1, EVP_MAX_MD_SIZE)) == NULL) - goto err; - memcpy(new->child_md, child_md, EVP_MAX_MD_SIZE); - - new->valid = valid; - - if (pthread_mutex_lock(&x509_issuer_tree_mutex) != 0) - goto err; - while (x509_issuer_cache_count >= x509_issuer_cache_max) - x509_issuer_cache_free_oldest(); - if (RB_INSERT(x509_issuer_tree, &x509_issuer_cache, new) == NULL) { - TAILQ_INSERT_HEAD(&x509_issuer_lru, new, queue); - x509_issuer_cache_count++; - new = NULL; - } - (void) pthread_mutex_unlock(&x509_issuer_tree_mutex); - - err: - if (new != NULL) { - free(new->parent_md); - free(new->child_md); - } - free(new); - return; -} diff --git a/src/lib/libcrypto/x509/x509_issuer_cache.h b/src/lib/libcrypto/x509/x509_issuer_cache.h deleted file mode 100644 index 00b18be0de..0000000000 --- a/src/lib/libcrypto/x509/x509_issuer_cache.h +++ /dev/null @@ -1,48 +0,0 @@ -/* $OpenBSD: x509_issuer_cache.h,v 1.3 2023/12/30 18:06:59 tb Exp $ */ -/* - * Copyright (c) 2020 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* x509_issuer_cache */ -#ifndef HEADER_X509_ISSUER_CACHE_H -#define HEADER_X509_ISSUER_CACHE_H - -#include -#include - -#include - -__BEGIN_HIDDEN_DECLS - -struct x509_issuer { - RB_ENTRY(x509_issuer) entry; - TAILQ_ENTRY(x509_issuer) queue; /* LRU of entries */ - /* parent_md and child_md must point to EVP_MAX_MD_SIZE of memory */ - unsigned char *parent_md; - unsigned char *child_md; - int valid; /* Result of signature validation. */ -}; - -#define X509_ISSUER_CACHE_MAX 40000 /* Approx 7.5 MB, entries 200 bytes */ - -int x509_issuer_cache_set_max(size_t max); -int x509_issuer_cache_find(unsigned char *parent_md, unsigned char *child_md); -void x509_issuer_cache_add(unsigned char *parent_md, unsigned char *child_md, - int valid); -void x509_issuer_cache_free(void); - -__END_HIDDEN_DECLS - -#endif diff --git a/src/lib/libcrypto/x509/x509_lib.c b/src/lib/libcrypto/x509/x509_lib.c deleted file mode 100644 index 6fa66ab88e..0000000000 --- a/src/lib/libcrypto/x509/x509_lib.c +++ /dev/null @@ -1,374 +0,0 @@ -/* $OpenBSD: x509_lib.c,v 1.24 2024/07/13 15:08:58 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* X509 v3 extension utilities */ - -#include - -#include -#include -#include - -#include "x509_local.h" - -const X509V3_EXT_METHOD * -X509V3_EXT_get_nid(int nid) -{ - switch (nid) { - case NID_authority_key_identifier: - return x509v3_ext_method_authority_key_identifier(); - case NID_basic_constraints: - return x509v3_ext_method_basic_constraints(); - case NID_certificate_issuer: - return x509v3_ext_method_certificate_issuer(); - case NID_certificate_policies: - return x509v3_ext_method_certificate_policies(); - case NID_crl_distribution_points: - return x509v3_ext_method_crl_distribution_points(); - case NID_crl_number: - return x509v3_ext_method_crl_number(); - case NID_crl_reason: - return x509v3_ext_method_crl_reason(); -#ifndef OPENSSL_NO_CT - case NID_ct_cert_scts: - return x509v3_ext_method_ct_cert_scts(); - case NID_ct_precert_poison: - return x509v3_ext_method_ct_precert_poison(); - case NID_ct_precert_scts: - return x509v3_ext_method_ct_precert_scts(); -#endif - case NID_delta_crl: - return x509v3_ext_method_delta_crl(); - case NID_ext_key_usage: - return x509v3_ext_method_ext_key_usage(); - case NID_freshest_crl: - return x509v3_ext_method_freshest_crl(); -#ifndef OPENSSL_NO_OCSP - case NID_hold_instruction_code: - return x509v3_ext_method_hold_instruction_code(); - case NID_id_pkix_OCSP_CrlID: - return x509v3_ext_method_id_pkix_OCSP_CrlID(); - case NID_id_pkix_OCSP_Nonce: - return x509v3_ext_method_id_pkix_OCSP_Nonce(); - case NID_id_pkix_OCSP_acceptableResponses: - return x509v3_ext_method_id_pkix_OCSP_acceptableResponses(); - case NID_id_pkix_OCSP_archiveCutoff: - return x509v3_ext_method_id_pkix_OCSP_archiveCutoff(); - case NID_id_pkix_OCSP_serviceLocator: - return x509v3_ext_method_id_pkix_OCSP_serviceLocator(); -#endif - case NID_info_access: - return x509v3_ext_method_info_access(); - case NID_inhibit_any_policy: - return x509v3_ext_method_inhibit_any_policy(); - case NID_invalidity_date: - return x509v3_ext_method_invalidity_date(); - case NID_issuer_alt_name: - return x509v3_ext_method_issuer_alt_name(); - case NID_issuing_distribution_point: - return x509v3_ext_method_issuing_distribution_point(); - case NID_key_usage: - return x509v3_ext_method_key_usage(); - case NID_name_constraints: - return x509v3_ext_method_name_constraints(); - case NID_netscape_base_url: - return x509v3_ext_method_netscape_base_url(); - case NID_netscape_ca_policy_url: - return x509v3_ext_method_netscape_ca_policy_url(); - case NID_netscape_ca_revocation_url: - return x509v3_ext_method_netscape_ca_revocation_url(); - case NID_netscape_cert_type: - return x509v3_ext_method_netscape_cert_type(); - case NID_netscape_comment: - return x509v3_ext_method_netscape_comment(); - case NID_netscape_renewal_url: - return x509v3_ext_method_netscape_renewal_url(); - case NID_netscape_revocation_url: - return x509v3_ext_method_netscape_revocation_url(); - case NID_netscape_ssl_server_name: - return x509v3_ext_method_netscape_ssl_server_name(); - case NID_policy_constraints: - return x509v3_ext_method_policy_constraints(); - case NID_policy_mappings: - return x509v3_ext_method_policy_mappings(); - case NID_private_key_usage_period: - return x509v3_ext_method_private_key_usage_period(); -#ifndef OPENSSL_NO_RFC3779 - case NID_sbgp_ipAddrBlock: - return x509v3_ext_method_sbgp_ipAddrBlock(); - case NID_sbgp_autonomousSysNum: - return x509v3_ext_method_sbgp_autonomousSysNum(); -#endif - case NID_sinfo_access: - return x509v3_ext_method_sinfo_access(); - case NID_subject_alt_name: - return x509v3_ext_method_subject_alt_name(); - case NID_subject_key_identifier: - return x509v3_ext_method_subject_key_identifier(); - default: - return NULL; - } -}; -LCRYPTO_ALIAS(X509V3_EXT_get_nid); - -const X509V3_EXT_METHOD * -X509V3_EXT_get(X509_EXTENSION *ext) -{ - int nid; - - if ((nid = OBJ_obj2nid(ext->object)) == NID_undef) - return NULL; - return X509V3_EXT_get_nid(nid); -} -LCRYPTO_ALIAS(X509V3_EXT_get); - -/* Return an extension internal structure */ - -void * -X509V3_EXT_d2i(X509_EXTENSION *ext) -{ - const X509V3_EXT_METHOD *method; - const unsigned char *p; - - if ((method = X509V3_EXT_get(ext)) == NULL) - return NULL; - p = ext->value->data; - if (method->it != NULL) - return ASN1_item_d2i(NULL, &p, ext->value->length, method->it); - return method->d2i(NULL, &p, ext->value->length); -} -LCRYPTO_ALIAS(X509V3_EXT_d2i); - -/* - * This API is only safe to call with known nid, crit != NULL and idx == NULL. - * On NULL return, crit acts as a failure indicator: crit == -1 means an - * extension of type nid was not present, crit != -1 is fatal: crit == -2 - * means multiple extensions of type nid are present; if crit is 0 or 1, this - * implies the extension was found but could not be decoded. - */ - -void * -X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *x509_exts, int nid, int *crit, - int *idx) -{ - X509_EXTENSION *ext; - int lastpos = idx == NULL ? -1 : *idx; - - if (crit != NULL) - *crit = -1; - if (idx != NULL) - *idx = -1; - - /* - * Nothing to do if no extensions, unknown nid, or missing extension. - */ - - if (x509_exts == NULL) - return NULL; - if ((lastpos = X509v3_get_ext_by_NID(x509_exts, nid, lastpos)) < 0) - return NULL; - if ((ext = X509v3_get_ext(x509_exts, lastpos)) == NULL) - return NULL; - - /* - * API madness. Only check for a second extension of type nid if - * idx == NULL. Indicate this by setting *crit to -2. If idx != NULL, - * don't care and set *idx to the index of the first extension found. - */ - - if (idx == NULL && X509v3_get_ext_by_NID(x509_exts, nid, lastpos) > 0) { - if (crit != NULL) - *crit = -2; - return NULL; - } - - /* - * Another beautiful API detail: *crit will be set to 0 or 1, so if the - * extension fails to decode, we can deduce this from return value NULL - * and crit != -1. - */ - - if (crit != NULL) - *crit = X509_EXTENSION_get_critical(ext); - if (idx != NULL) - *idx = lastpos; - - return X509V3_EXT_d2i(ext); -} -LCRYPTO_ALIAS(X509V3_get_d2i); - -int -X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x509_exts, int nid, void *value, - int crit, unsigned long flags) -{ - STACK_OF(X509_EXTENSION) *exts = *x509_exts; - X509_EXTENSION *ext = NULL; - X509_EXTENSION *existing; - int extidx; - int errcode = 0; - int ret = 0; - - /* See if the extension already exists. */ - extidx = X509v3_get_ext_by_NID(*x509_exts, nid, -1); - - switch (flags & X509V3_ADD_OP_MASK) { - case X509V3_ADD_DEFAULT: - /* If the extension exists, adding another one is an error. */ - if (extidx >= 0) { - errcode = X509V3_R_EXTENSION_EXISTS; - goto err; - } - break; - case X509V3_ADD_APPEND: - /* - * XXX - Total misfeature. If the extension exists, appending - * another one will invalidate the certificate. Unfortunately - * things use this, in particular Viktor's DANE code. - */ - /* Pretend the extension didn't exist and append the new one. */ - extidx = -1; - break; - case X509V3_ADD_REPLACE: - /* Replace existing extension, otherwise append the new one. */ - break; - case X509V3_ADD_REPLACE_EXISTING: - /* Can't replace a non-existent extension. */ - if (extidx < 0) { - errcode = X509V3_R_EXTENSION_NOT_FOUND; - goto err; - } - break; - case X509V3_ADD_KEEP_EXISTING: - /* If the extension exists, there's nothing to do. */ - if (extidx >= 0) - goto done; - break; - case X509V3_ADD_DELETE: - /* Can't delete a non-existent extension. */ - if (extidx < 0) { - errcode = X509V3_R_EXTENSION_NOT_FOUND; - goto err; - } - if ((existing = sk_X509_EXTENSION_delete(*x509_exts, - extidx)) == NULL) { - ret = -1; - goto err; - } - X509_EXTENSION_free(existing); - existing = NULL; - goto done; - default: - errcode = X509V3_R_UNSUPPORTED_OPTION; /* XXX */ - ret = -1; - goto err; - } - - if ((ext = X509V3_EXT_i2d(nid, crit, value)) == NULL) { - X509V3error(X509V3_R_ERROR_CREATING_EXTENSION); - goto err; - } - - /* From here, errors are fatal. */ - ret = -1; - - /* If extension exists, replace it. */ - if (extidx >= 0) { - existing = sk_X509_EXTENSION_value(*x509_exts, extidx); - X509_EXTENSION_free(existing); - existing = NULL; - if (sk_X509_EXTENSION_set(*x509_exts, extidx, ext) == NULL) { - /* - * XXX - Can't happen. If it did happen, |existing| is - * now a freed pointer. Nothing we can do here. - */ - goto err; - } - goto done; - } - - if (exts == NULL) - exts = sk_X509_EXTENSION_new_null(); - if (exts == NULL) - goto err; - - if (!sk_X509_EXTENSION_push(exts, ext)) - goto err; - ext = NULL; - - *x509_exts = exts; - - done: - return 1; - - err: - if ((flags & X509V3_ADD_SILENT) == 0 && errcode != 0) - X509V3error(errcode); - - if (exts != *x509_exts) - sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); - X509_EXTENSION_free(ext); - - return ret; -} -LCRYPTO_ALIAS(X509V3_add1_i2d); - -int -X509V3_add_standard_extensions(void) -{ - return 1; -} -LCRYPTO_ALIAS(X509V3_add_standard_extensions); diff --git a/src/lib/libcrypto/x509/x509_local.h b/src/lib/libcrypto/x509/x509_local.h deleted file mode 100644 index 796a2ee718..0000000000 --- a/src/lib/libcrypto/x509/x509_local.h +++ /dev/null @@ -1,503 +0,0 @@ -/* $OpenBSD: x509_local.h,v 1.38 2025/03/06 07:20:01 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2013. - */ -/* ==================================================================== - * Copyright (c) 2013 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_X509_LOCAL_H -#define HEADER_X509_LOCAL_H - -#include - -#include "bytestring.h" - -__BEGIN_HIDDEN_DECLS - -#define TS_HASH_EVP EVP_sha1() -#define TS_HASH_LEN SHA_DIGEST_LENGTH - -#define X509_CERT_HASH_EVP EVP_sha512() -#define X509_CERT_HASH_LEN SHA512_DIGEST_LENGTH -#define X509_CRL_HASH_EVP EVP_sha512() -#define X509_CRL_HASH_LEN SHA512_DIGEST_LENGTH - -#define X509_TRUST_ACCEPT_ALL -1 - -/* check_trust return codes */ -#define X509_TRUST_TRUSTED 1 -#define X509_TRUST_REJECTED 2 -#define X509_TRUST_UNTRUSTED 3 - -int X509_check_trust(X509 *x, int id, int flags); - -struct X509_val_st { - ASN1_TIME *notBefore; - ASN1_TIME *notAfter; -} /* X509_VAL */; - -struct X509_pubkey_st { - X509_ALGOR *algor; - ASN1_BIT_STRING *public_key; - EVP_PKEY *pkey; -}; - -struct X509_sig_st { - X509_ALGOR *algor; - ASN1_OCTET_STRING *digest; -} /* X509_SIG */; - -struct X509_name_entry_st { - ASN1_OBJECT *object; - ASN1_STRING *value; - int set; - int size; /* temp variable */ -} /* X509_NAME_ENTRY */; - -/* we always keep X509_NAMEs in 2 forms. */ -struct X509_name_st { - STACK_OF(X509_NAME_ENTRY) *entries; - int modified; /* true if 'bytes' needs to be built */ -#ifndef OPENSSL_NO_BUFFER - BUF_MEM *bytes; -#else - char *bytes; -#endif -/* unsigned long hash; Keep the hash around for lookups */ - unsigned char *canon_enc; - int canon_enclen; -} /* X509_NAME */; - -struct X509_extension_st { - ASN1_OBJECT *object; - ASN1_BOOLEAN critical; - ASN1_OCTET_STRING *value; -} /* X509_EXTENSION */; - -struct x509_attributes_st { - ASN1_OBJECT *object; - STACK_OF(ASN1_TYPE) *set; -} /* X509_ATTRIBUTE */; - -struct X509_req_info_st { - ASN1_ENCODING enc; - ASN1_INTEGER *version; - X509_NAME *subject; - X509_PUBKEY *pubkey; - /* d=2 hl=2 l= 0 cons: cont: 00 */ - STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ -} /* X509_REQ_INFO */; - -struct X509_req_st { - X509_REQ_INFO *req_info; - X509_ALGOR *sig_alg; - ASN1_BIT_STRING *signature; - int references; -} /* X509_REQ */; - -/* - * This stuff is certificate "auxiliary info" it contains details which are - * useful in certificate stores and databases. When used this is tagged onto - * the end of the certificate itself. - */ -typedef struct x509_cert_aux_st { - STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */ - STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */ - ASN1_UTF8STRING *alias; /* "friendly name" */ - ASN1_OCTET_STRING *keyid; /* key id of private key */ - STACK_OF(X509_ALGOR) *other; /* other unspecified info */ -} X509_CERT_AUX; - -X509_CERT_AUX *X509_CERT_AUX_new(void); -void X509_CERT_AUX_free(X509_CERT_AUX *a); -X509_CERT_AUX *d2i_X509_CERT_AUX(X509_CERT_AUX **a, const unsigned char **in, long len); -int i2d_X509_CERT_AUX(X509_CERT_AUX *a, unsigned char **out); -extern const ASN1_ITEM X509_CERT_AUX_it; -int X509_CERT_AUX_print(BIO *bp,X509_CERT_AUX *x, int indent); - -struct x509_cinf_st { - ASN1_INTEGER *version; /* [ 0 ] default of v1 */ - ASN1_INTEGER *serialNumber; - X509_ALGOR *signature; - X509_NAME *issuer; - X509_VAL *validity; - X509_NAME *subject; - X509_PUBKEY *key; - ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */ - ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */ - STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */ - ASN1_ENCODING enc; -} /* X509_CINF */; - -struct x509_st { - X509_CINF *cert_info; - X509_ALGOR *sig_alg; - ASN1_BIT_STRING *signature; - int references; - CRYPTO_EX_DATA ex_data; - /* These contain copies of various extension values */ - long ex_pathlen; - unsigned long ex_flags; - unsigned long ex_kusage; - unsigned long ex_xkusage; - unsigned long ex_nscert; - ASN1_OCTET_STRING *skid; - AUTHORITY_KEYID *akid; - STACK_OF(DIST_POINT) *crldp; - STACK_OF(GENERAL_NAME) *altname; - NAME_CONSTRAINTS *nc; -#ifndef OPENSSL_NO_RFC3779 - STACK_OF(IPAddressFamily) *rfc3779_addr; - ASIdentifiers *rfc3779_asid; -#endif - unsigned char hash[X509_CERT_HASH_LEN]; - X509_CERT_AUX *aux; -} /* X509 */; - -struct x509_revoked_st { - ASN1_INTEGER *serialNumber; - ASN1_TIME *revocationDate; - STACK_OF(X509_EXTENSION) /* optional */ *extensions; - /* Set up if indirect CRL */ - STACK_OF(GENERAL_NAME) *issuer; - /* Revocation reason */ - int reason; - int sequence; /* load sequence */ -}; - -struct X509_crl_info_st { - ASN1_INTEGER *version; - X509_ALGOR *sig_alg; - X509_NAME *issuer; - ASN1_TIME *lastUpdate; - ASN1_TIME *nextUpdate; - STACK_OF(X509_REVOKED) *revoked; - STACK_OF(X509_EXTENSION) /* [0] */ *extensions; - ASN1_ENCODING enc; -} /* X509_CRL_INFO */; - -struct X509_crl_st { - /* actual signature */ - X509_CRL_INFO *crl; - X509_ALGOR *sig_alg; - ASN1_BIT_STRING *signature; - int references; - int flags; - /* Copies of various extensions */ - AUTHORITY_KEYID *akid; - ISSUING_DIST_POINT *idp; - /* Convenient breakdown of IDP */ - int idp_flags; - int idp_reasons; - /* CRL and base CRL numbers for delta processing */ - ASN1_INTEGER *crl_number; - ASN1_INTEGER *base_crl_number; - unsigned char hash[X509_CRL_HASH_LEN]; - STACK_OF(GENERAL_NAMES) *issuers; -} /* X509_CRL */; - -struct pkcs8_priv_key_info_st { - ASN1_INTEGER *version; - X509_ALGOR *pkeyalg; - ASN1_OCTET_STRING *pkey; - STACK_OF(X509_ATTRIBUTE) *attributes; -}; - -struct x509_object_st { - /* one of the above types */ - int type; - union { - X509 *x509; - X509_CRL *crl; - } data; -} /* X509_OBJECT */; - -struct x509_lookup_method_st { - const char *name; - int (*new_item)(X509_LOOKUP *ctx); - void (*free)(X509_LOOKUP *ctx); - int (*ctrl)(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, - char **ret); - int (*get_by_subject)(X509_LOOKUP *ctx, int type, X509_NAME *name, - X509_OBJECT *ret); -} /* X509_LOOKUP_METHOD */; - -struct X509_VERIFY_PARAM_st { - char *name; - time_t check_time; /* Time to use */ - unsigned long inh_flags; /* Inheritance flags */ - unsigned long flags; /* Various verify flags */ - int purpose; /* purpose to check untrusted certificates */ - int trust; /* trust setting to check */ - int depth; /* Verify depth */ - int security_level; /* 'Security level', see SP800-57. */ - STACK_OF(ASN1_OBJECT) *policies; /* Permissible policies */ - STACK_OF(OPENSSL_STRING) *hosts; /* Set of acceptable names */ - unsigned int hostflags; /* Flags to control matching features */ - char *peername; /* Matching hostname in peer certificate */ - char *email; /* If not NULL email address to match */ - size_t emaillen; - unsigned char *ip; /* If not NULL IP address to match */ - size_t iplen; /* Length of IP address */ - int poisoned; -} /* X509_VERIFY_PARAM */; - -/* - * This is used to hold everything. It is used for all certificate - * validation. Once we have a certificate chain, the 'verify' - * function is then called to actually check the cert chain. - */ -struct x509_store_st { - /* The following is a cache of trusted certs */ - STACK_OF(X509_OBJECT) *objs; /* Cache of all objects */ - - /* These are external lookup methods */ - STACK_OF(X509_LOOKUP) *get_cert_methods; - - X509_VERIFY_PARAM *param; - - /* Callbacks for various operations */ - int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */ - int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */ - int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */ - - CRYPTO_EX_DATA ex_data; - int references; -} /* X509_STORE */; - -/* This is the functions plus an instance of the local variables. */ -struct x509_lookup_st { - const X509_LOOKUP_METHOD *method; /* the functions */ - void *method_data; /* method data */ - - X509_STORE *store_ctx; /* who owns us */ -} /* X509_LOOKUP */; - -/* - * This is used when verifying cert chains. Since the gathering of the cert - * chain can take some time (and has to be 'retried'), this needs to be kept - * and passed around. - */ -struct x509_store_ctx_st { - X509_STORE *store; - int current_method; /* used when looking up certs */ - - /* The following are set by the caller */ - X509 *cert; /* The cert to check */ - STACK_OF(X509) *untrusted; /* chain of X509s - untrusted - passed in */ - STACK_OF(X509) *trusted; /* trusted stack for use with get_issuer() */ - STACK_OF(X509_CRL) *crls; /* set of CRLs passed in */ - - X509_VERIFY_PARAM *param; - - /* Callbacks for various operations */ - int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */ - int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */ - int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); /* get issuers cert from ctx */ - int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */ - - /* The following is built up */ - int valid; /* if 0, rebuild chain */ - int num_untrusted; /* number of untrusted certs in chain */ - STACK_OF(X509) *chain; /* chain of X509s - built up and trusted */ - - int explicit_policy; /* Require explicit policy value */ - - /* When something goes wrong, this is why */ - int error_depth; - int error; - X509 *current_cert; - X509 *current_issuer; /* cert currently being tested as valid issuer */ - X509_CRL *current_crl; /* current CRL */ - - int current_crl_score; /* score of current CRL */ - unsigned int current_reasons; /* Reason mask */ - - X509_STORE_CTX *parent; /* For CRL path validation: parent context */ - - CRYPTO_EX_DATA ex_data; -} /* X509_STORE_CTX */; - -int x509_check_cert_time(X509_STORE_CTX *ctx, X509 *x, int quiet); - -int name_cmp(const char *name, const char *cmp); - -int X509_ALGOR_set_evp_md(X509_ALGOR *alg, const EVP_MD *md); -int X509_ALGOR_set0_by_nid(X509_ALGOR *alg, int nid, int parameter_type, - void *parameter_value); - -int X509_policy_check(const STACK_OF(X509) *certs, - const STACK_OF(ASN1_OBJECT) *user_policies, unsigned long flags, - X509 **out_current_cert); - -PBEPARAM *PBEPARAM_new(void); -void PBEPARAM_free(PBEPARAM *a); -PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, const unsigned char **in, long len); -int i2d_PBEPARAM(PBEPARAM *a, unsigned char **out); - -/* Password based encryption V2 structures */ -typedef struct PBE2PARAM_st { - X509_ALGOR *keyfunc; - X509_ALGOR *encryption; -} PBE2PARAM; - -PBE2PARAM *PBE2PARAM_new(void); -void PBE2PARAM_free(PBE2PARAM *a); -PBE2PARAM *d2i_PBE2PARAM(PBE2PARAM **a, const unsigned char **in, long len); -int i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **out); -extern const ASN1_ITEM PBE2PARAM_it; - -typedef struct PBKDF2PARAM_st { - /* Usually OCTET STRING but could be anything */ - ASN1_TYPE *salt; - ASN1_INTEGER *iter; - ASN1_INTEGER *keylength; - X509_ALGOR *prf; -} PBKDF2PARAM; - -PBKDF2PARAM *PBKDF2PARAM_new(void); -void PBKDF2PARAM_free(PBKDF2PARAM *a); -PBKDF2PARAM *d2i_PBKDF2PARAM(PBKDF2PARAM **a, const unsigned char **in, long len); -int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **out); -extern const ASN1_ITEM PBKDF2PARAM_it; - -int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, - const unsigned char *salt, int saltlen); -X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, - unsigned char *salt, int saltlen); -X509_ALGOR *PKCS5_pbe_set(int alg, int iter, const unsigned char *salt, - int saltlen); -X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, - int prf_nid, int keylen); - -int X509_PURPOSE_get_by_id(int id); -int X509_PURPOSE_get_trust(const X509_PURPOSE *xp); - -int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid, - int lastpos); -int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, - const ASN1_OBJECT *obj, int lastpos); -STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, - X509_ATTRIBUTE *attr); -STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x, - const ASN1_OBJECT *obj, int type, const unsigned char *bytes, int len); -STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x, - int nid, int type, const unsigned char *bytes, int len); -STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, - const char *attrname, int type, const unsigned char *bytes, int len); -void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, - const ASN1_OBJECT *obj, int lastpos, int type); - -int X509_NAME_ENTRY_add_cbb(CBB *cbb, const X509_NAME_ENTRY *ne); - -int X509V3_add_value(const char *name, const char *value, - STACK_OF(CONF_VALUE) **extlist); -int X509V3_add_value_uchar(const char *name, const unsigned char *value, - STACK_OF(CONF_VALUE) **extlist); -int X509V3_add_value_bool(const char *name, int asn1_bool, - STACK_OF(CONF_VALUE) **extlist); -int X509V3_add_value_int(const char *name, const ASN1_INTEGER *aint, - STACK_OF(CONF_VALUE) **extlist); - -int X509V3_get_value_bool(const CONF_VALUE *value, int *asn1_bool); -int X509V3_get_value_int(const CONF_VALUE *value, ASN1_INTEGER **aint); - -STACK_OF(CONF_VALUE) *X509V3_get0_section(X509V3_CTX *ctx, const char *section); - -const X509V3_EXT_METHOD *x509v3_ext_method_authority_key_identifier(void); -const X509V3_EXT_METHOD *x509v3_ext_method_basic_constraints(void); -const X509V3_EXT_METHOD *x509v3_ext_method_certificate_issuer(void); -const X509V3_EXT_METHOD *x509v3_ext_method_certificate_policies(void); -const X509V3_EXT_METHOD *x509v3_ext_method_crl_distribution_points(void); -const X509V3_EXT_METHOD *x509v3_ext_method_crl_number(void); -const X509V3_EXT_METHOD *x509v3_ext_method_crl_reason(void); -const X509V3_EXT_METHOD *x509v3_ext_method_ct_cert_scts(void); -const X509V3_EXT_METHOD *x509v3_ext_method_ct_precert_poison(void); -const X509V3_EXT_METHOD *x509v3_ext_method_ct_precert_scts(void); -const X509V3_EXT_METHOD *x509v3_ext_method_delta_crl(void); -const X509V3_EXT_METHOD *x509v3_ext_method_ext_key_usage(void); -const X509V3_EXT_METHOD *x509v3_ext_method_freshest_crl(void); -const X509V3_EXT_METHOD *x509v3_ext_method_hold_instruction_code(void); -const X509V3_EXT_METHOD *x509v3_ext_method_id_pkix_OCSP_CrlID(void); -const X509V3_EXT_METHOD *x509v3_ext_method_id_pkix_OCSP_Nonce(void); -const X509V3_EXT_METHOD *x509v3_ext_method_id_pkix_OCSP_acceptableResponses(void); -const X509V3_EXT_METHOD *x509v3_ext_method_id_pkix_OCSP_archiveCutoff(void); -const X509V3_EXT_METHOD *x509v3_ext_method_id_pkix_OCSP_serviceLocator(void); -const X509V3_EXT_METHOD *x509v3_ext_method_info_access(void); -const X509V3_EXT_METHOD *x509v3_ext_method_inhibit_any_policy(void); -const X509V3_EXT_METHOD *x509v3_ext_method_invalidity_date(void); -const X509V3_EXT_METHOD *x509v3_ext_method_issuer_alt_name(void); -const X509V3_EXT_METHOD *x509v3_ext_method_issuing_distribution_point(void); -const X509V3_EXT_METHOD *x509v3_ext_method_key_usage(void); -const X509V3_EXT_METHOD *x509v3_ext_method_name_constraints(void); -const X509V3_EXT_METHOD *x509v3_ext_method_netscape_base_url(void); -const X509V3_EXT_METHOD *x509v3_ext_method_netscape_ca_policy_url(void); -const X509V3_EXT_METHOD *x509v3_ext_method_netscape_ca_revocation_url(void); -const X509V3_EXT_METHOD *x509v3_ext_method_netscape_cert_type(void); -const X509V3_EXT_METHOD *x509v3_ext_method_netscape_comment(void); -const X509V3_EXT_METHOD *x509v3_ext_method_netscape_renewal_url(void); -const X509V3_EXT_METHOD *x509v3_ext_method_netscape_revocation_url(void); -const X509V3_EXT_METHOD *x509v3_ext_method_netscape_ssl_server_name(void); -const X509V3_EXT_METHOD *x509v3_ext_method_policy_constraints(void); -const X509V3_EXT_METHOD *x509v3_ext_method_policy_mappings(void); -const X509V3_EXT_METHOD *x509v3_ext_method_private_key_usage_period(void); -const X509V3_EXT_METHOD *x509v3_ext_method_sbgp_ipAddrBlock(void); -const X509V3_EXT_METHOD *x509v3_ext_method_sbgp_autonomousSysNum(void); -const X509V3_EXT_METHOD *x509v3_ext_method_sinfo_access(void); -const X509V3_EXT_METHOD *x509v3_ext_method_subject_alt_name(void); -const X509V3_EXT_METHOD *x509v3_ext_method_subject_key_identifier(void); - -__END_HIDDEN_DECLS - -#endif /* !HEADER_X509_LOCAL_H */ diff --git a/src/lib/libcrypto/x509/x509_lu.c b/src/lib/libcrypto/x509/x509_lu.c deleted file mode 100644 index 0367794fca..0000000000 --- a/src/lib/libcrypto/x509/x509_lu.c +++ /dev/null @@ -1,883 +0,0 @@ -/* $OpenBSD: x509_lu.c,v 1.67 2025/03/09 15:20:20 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include -#include -#include -#include - -#include "x509_local.h" - -static int X509_OBJECT_up_ref_count(X509_OBJECT *a); - -static X509_LOOKUP * -X509_LOOKUP_new(const X509_LOOKUP_METHOD *method) -{ - X509_LOOKUP *lu; - - if ((lu = calloc(1, sizeof(*lu))) == NULL) { - X509error(ERR_R_MALLOC_FAILURE); - return NULL; - } - - lu->method = method; - - if (method->new_item != NULL && !method->new_item(lu)) { - free(lu); - return NULL; - } - - return lu; -} - -void -X509_LOOKUP_free(X509_LOOKUP *ctx) -{ - if (ctx == NULL) - return; - if (ctx->method != NULL && ctx->method->free != NULL) - ctx->method->free(ctx); - free(ctx); -} -LCRYPTO_ALIAS(X509_LOOKUP_free); - -int -X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, - char **ret) -{ - if (ctx->method == NULL) - return -1; - if (ctx->method->ctrl == NULL) - return 1; - return ctx->method->ctrl(ctx, cmd, argc, argl, ret); -} -LCRYPTO_ALIAS(X509_LOOKUP_ctrl); - -static int -X509_LOOKUP_by_subject(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, X509_NAME *name, - X509_OBJECT *ret) -{ - if (ctx->method == NULL || ctx->method->get_by_subject == NULL) - return 0; - return ctx->method->get_by_subject(ctx, type, name, ret); -} - -static int -x509_object_cmp(const X509_OBJECT * const *a, const X509_OBJECT * const *b) -{ - int ret; - - if ((ret = (*a)->type - (*b)->type) != 0) - return ret; - - switch ((*a)->type) { - case X509_LU_X509: - return X509_subject_name_cmp((*a)->data.x509, (*b)->data.x509); - case X509_LU_CRL: - return X509_CRL_cmp((*a)->data.crl, (*b)->data.crl); - } - return 0; -} - -X509_STORE * -X509_STORE_new(void) -{ - X509_STORE *store; - - if ((store = calloc(1, sizeof(*store))) == NULL) - goto err; - - if ((store->objs = sk_X509_OBJECT_new(x509_object_cmp)) == NULL) - goto err; - if ((store->get_cert_methods = sk_X509_LOOKUP_new_null()) == NULL) - goto err; - if ((store->param = X509_VERIFY_PARAM_new()) == NULL) - goto err; - - if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, store, - &store->ex_data)) - goto err; - - store->references = 1; - - return store; - - err: - X509error(ERR_R_MALLOC_FAILURE); - X509_STORE_free(store); - - return NULL; -} -LCRYPTO_ALIAS(X509_STORE_new); - -X509_OBJECT * -X509_OBJECT_new(void) -{ - X509_OBJECT *obj; - - if ((obj = calloc(1, sizeof(*obj))) == NULL) { - X509error(ERR_R_MALLOC_FAILURE); - return NULL; - } - - obj->type = X509_LU_NONE; - - return obj; -} -LCRYPTO_ALIAS(X509_OBJECT_new); - -void -X509_OBJECT_free(X509_OBJECT *a) -{ - if (a == NULL) - return; - - switch (a->type) { - case X509_LU_X509: - X509_free(a->data.x509); - break; - case X509_LU_CRL: - X509_CRL_free(a->data.crl); - break; - } - - free(a); -} -LCRYPTO_ALIAS(X509_OBJECT_free); - -static X509_OBJECT * -x509_object_dup(const X509_OBJECT *obj) -{ - X509_OBJECT *copy; - - if ((copy = X509_OBJECT_new()) == NULL) { - X509error(ERR_R_MALLOC_FAILURE); - return NULL; - } - - copy->type = obj->type; - copy->data = obj->data; - - X509_OBJECT_up_ref_count(copy); - - return copy; -} - -void -X509_STORE_free(X509_STORE *store) -{ - if (store == NULL) - return; - - if (CRYPTO_add(&store->references, -1, CRYPTO_LOCK_X509_STORE) > 0) - return; - - sk_X509_LOOKUP_pop_free(store->get_cert_methods, X509_LOOKUP_free); - sk_X509_OBJECT_pop_free(store->objs, X509_OBJECT_free); - - CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE, store, &store->ex_data); - X509_VERIFY_PARAM_free(store->param); - free(store); -} -LCRYPTO_ALIAS(X509_STORE_free); - -int -X509_STORE_up_ref(X509_STORE *store) -{ - return CRYPTO_add(&store->references, 1, CRYPTO_LOCK_X509_STORE) > 1; -} -LCRYPTO_ALIAS(X509_STORE_up_ref); - -X509_LOOKUP * -X509_STORE_add_lookup(X509_STORE *store, const X509_LOOKUP_METHOD *method) -{ - STACK_OF(X509_LOOKUP) *sk; - X509_LOOKUP *lu; - int i; - - sk = store->get_cert_methods; - for (i = 0; i < sk_X509_LOOKUP_num(sk); i++) { - lu = sk_X509_LOOKUP_value(sk, i); - if (method == lu->method) { - return lu; - } - } - - if ((lu = X509_LOOKUP_new(method)) == NULL) - return NULL; - - lu->store_ctx = store; - if (sk_X509_LOOKUP_push(store->get_cert_methods, lu) <= 0) { - X509error(ERR_R_MALLOC_FAILURE); - X509_LOOKUP_free(lu); - return NULL; - } - - return lu; -} -LCRYPTO_ALIAS(X509_STORE_add_lookup); - -X509_OBJECT * -X509_STORE_CTX_get_obj_by_subject(X509_STORE_CTX *vs, X509_LOOKUP_TYPE type, - X509_NAME *name) -{ - X509_OBJECT *obj; - - if ((obj = X509_OBJECT_new()) == NULL) - return NULL; - if (!X509_STORE_CTX_get_by_subject(vs, type, name, obj)) { - X509_OBJECT_free(obj); - return NULL; - } - - return obj; -} -LCRYPTO_ALIAS(X509_STORE_CTX_get_obj_by_subject); - -int -X509_STORE_CTX_get_by_subject(X509_STORE_CTX *vs, X509_LOOKUP_TYPE type, - X509_NAME *name, X509_OBJECT *ret) -{ - X509_STORE *ctx = vs->store; - X509_LOOKUP *lu; - X509_OBJECT stmp, *tmp; - int i; - - if (ctx == NULL) - return 0; - - memset(&stmp, 0, sizeof(stmp)); - - CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); - tmp = X509_OBJECT_retrieve_by_subject(ctx->objs, type, name); - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); - - if (tmp == NULL || type == X509_LU_CRL) { - for (i = 0; i < sk_X509_LOOKUP_num(ctx->get_cert_methods); i++) { - lu = sk_X509_LOOKUP_value(ctx->get_cert_methods, i); - if (X509_LOOKUP_by_subject(lu, type, name, &stmp) != 0) { - tmp = &stmp; - break; - } - } - if (tmp == NULL) - return 0; - } - - if (!X509_OBJECT_up_ref_count(tmp)) - return 0; - - *ret = *tmp; - - return 1; -} -LCRYPTO_ALIAS(X509_STORE_CTX_get_by_subject); - -/* Add obj to the store. Takes ownership of obj. */ -static int -X509_STORE_add_object(X509_STORE *store, X509_OBJECT *obj) -{ - int ret = 0; - - CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); - - if (X509_OBJECT_retrieve_match(store->objs, obj) != NULL) { - /* Object is already present in the store. That's fine. */ - ret = 1; - goto out; - } - - if (sk_X509_OBJECT_push(store->objs, obj) <= 0) { - X509error(ERR_R_MALLOC_FAILURE); - goto out; - } - - obj = NULL; - ret = 1; - - out: - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); - X509_OBJECT_free(obj); - - return ret; -} - -int -X509_STORE_add_cert(X509_STORE *store, X509 *x) -{ - X509_OBJECT *obj; - - if (x == NULL) - return 0; - - if ((obj = X509_OBJECT_new()) == NULL) - return 0; - - if (!X509_up_ref(x)) { - X509_OBJECT_free(obj); - return 0; - } - - obj->type = X509_LU_X509; - obj->data.x509 = x; - - return X509_STORE_add_object(store, obj); -} -LCRYPTO_ALIAS(X509_STORE_add_cert); - -int -X509_STORE_add_crl(X509_STORE *store, X509_CRL *x) -{ - X509_OBJECT *obj; - - if (x == NULL) - return 0; - - if ((obj = X509_OBJECT_new()) == NULL) - return 0; - - if (!X509_CRL_up_ref(x)) { - X509_OBJECT_free(obj); - return 0; - } - - obj->type = X509_LU_CRL; - obj->data.crl = x; - - return X509_STORE_add_object(store, obj); -} -LCRYPTO_ALIAS(X509_STORE_add_crl); - -static int -X509_OBJECT_up_ref_count(X509_OBJECT *a) -{ - switch (a->type) { - case X509_LU_X509: - return X509_up_ref(a->data.x509); - case X509_LU_CRL: - return X509_CRL_up_ref(a->data.crl); - } - return 1; -} - -X509_LOOKUP_TYPE -X509_OBJECT_get_type(const X509_OBJECT *a) -{ - return a->type; -} -LCRYPTO_ALIAS(X509_OBJECT_get_type); - -static int -x509_object_idx_cnt(STACK_OF(X509_OBJECT) *h, X509_LOOKUP_TYPE type, - X509_NAME *name, int *pnmatch) -{ - X509_OBJECT stmp; - X509 x509_s; - X509_CINF cinf_s; - X509_CRL crl_s; - X509_CRL_INFO crl_info_s; - int idx; - - stmp.type = type; - switch (type) { - case X509_LU_X509: - stmp.data.x509 = &x509_s; - x509_s.cert_info = &cinf_s; - cinf_s.subject = name; - break; - case X509_LU_CRL: - stmp.data.crl = &crl_s; - crl_s.crl = &crl_info_s; - crl_info_s.issuer = name; - break; - default: - return -1; - } - - idx = sk_X509_OBJECT_find(h, &stmp); - if (idx >= 0 && pnmatch) { - int tidx; - const X509_OBJECT *tobj, *pstmp; - - *pnmatch = 1; - pstmp = &stmp; - for (tidx = idx + 1; tidx < sk_X509_OBJECT_num(h); tidx++) { - tobj = sk_X509_OBJECT_value(h, tidx); - if (x509_object_cmp(&tobj, &pstmp)) - break; - (*pnmatch)++; - } - } - return idx; -} - -int -X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, X509_LOOKUP_TYPE type, - X509_NAME *name) -{ - return x509_object_idx_cnt(h, type, name, NULL); -} -LCRYPTO_ALIAS(X509_OBJECT_idx_by_subject); - -X509_OBJECT * -X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h, X509_LOOKUP_TYPE type, - X509_NAME *name) -{ - int idx; - - idx = X509_OBJECT_idx_by_subject(h, type, name); - if (idx == -1) - return NULL; - return sk_X509_OBJECT_value(h, idx); -} -LCRYPTO_ALIAS(X509_OBJECT_retrieve_by_subject); - -X509 * -X509_OBJECT_get0_X509(const X509_OBJECT *xo) -{ - if (xo != NULL && xo->type == X509_LU_X509) - return xo->data.x509; - return NULL; -} -LCRYPTO_ALIAS(X509_OBJECT_get0_X509); - -X509_CRL * -X509_OBJECT_get0_X509_CRL(X509_OBJECT *xo) -{ - if (xo != NULL && xo->type == X509_LU_CRL) - return xo->data.crl; - return NULL; -} -LCRYPTO_ALIAS(X509_OBJECT_get0_X509_CRL); - -static STACK_OF(X509) * -X509_get1_certs_from_cache(X509_STORE *store, X509_NAME *name) -{ - STACK_OF(X509) *sk = NULL; - X509 *x = NULL; - X509_OBJECT *obj; - int i, idx, cnt; - - CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); - - idx = x509_object_idx_cnt(store->objs, X509_LU_X509, name, &cnt); - if (idx < 0) - goto err; - - if ((sk = sk_X509_new_null()) == NULL) - goto err; - - for (i = 0; i < cnt; i++, idx++) { - obj = sk_X509_OBJECT_value(store->objs, idx); - - x = obj->data.x509; - if (!X509_up_ref(x)) { - x = NULL; - goto err; - } - if (!sk_X509_push(sk, x)) - goto err; - } - - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); - - return sk; - - err: - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); - sk_X509_pop_free(sk, X509_free); - X509_free(x); - - return NULL; -} - -STACK_OF(X509) * -X509_STORE_CTX_get1_certs(X509_STORE_CTX *ctx, X509_NAME *name) -{ - X509_STORE *store = ctx->store; - STACK_OF(X509) *sk; - X509_OBJECT *obj; - - if (store == NULL) - return NULL; - - if ((sk = X509_get1_certs_from_cache(store, name)) != NULL) - return sk; - - /* Nothing found: do lookup to possibly add new objects to cache. */ - obj = X509_STORE_CTX_get_obj_by_subject(ctx, X509_LU_X509, name); - if (obj == NULL) - return NULL; - X509_OBJECT_free(obj); - - return X509_get1_certs_from_cache(store, name); -} -LCRYPTO_ALIAS(X509_STORE_CTX_get1_certs); - -STACK_OF(X509_CRL) * -X509_STORE_CTX_get1_crls(X509_STORE_CTX *ctx, X509_NAME *name) -{ - X509_STORE *store = ctx->store; - STACK_OF(X509_CRL) *sk = NULL; - X509_CRL *x = NULL; - X509_OBJECT *obj = NULL; - int i, idx, cnt; - - if (store == NULL) - return NULL; - - /* Always do lookup to possibly add new CRLs to cache */ - obj = X509_STORE_CTX_get_obj_by_subject(ctx, X509_LU_CRL, name); - if (obj == NULL) - return NULL; - - X509_OBJECT_free(obj); - obj = NULL; - - CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); - idx = x509_object_idx_cnt(store->objs, X509_LU_CRL, name, &cnt); - if (idx < 0) - goto err; - - if ((sk = sk_X509_CRL_new_null()) == NULL) - goto err; - - for (i = 0; i < cnt; i++, idx++) { - obj = sk_X509_OBJECT_value(store->objs, idx); - - x = obj->data.crl; - if (!X509_CRL_up_ref(x)) { - x = NULL; - goto err; - } - if (!sk_X509_CRL_push(sk, x)) - goto err; - } - - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); - return sk; - - err: - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); - X509_CRL_free(x); - sk_X509_CRL_pop_free(sk, X509_CRL_free); - return NULL; -} -LCRYPTO_ALIAS(X509_STORE_CTX_get1_crls); - -X509_OBJECT * -X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h, X509_OBJECT *x) -{ - int idx, i; - X509_OBJECT *obj; - - idx = sk_X509_OBJECT_find(h, x); - if (idx == -1) - return NULL; - if ((x->type != X509_LU_X509) && (x->type != X509_LU_CRL)) - return sk_X509_OBJECT_value(h, idx); - for (i = idx; i < sk_X509_OBJECT_num(h); i++) { - obj = sk_X509_OBJECT_value(h, i); - if (x509_object_cmp((const X509_OBJECT **)&obj, - (const X509_OBJECT **)&x)) - return NULL; - if (x->type == X509_LU_X509) { - if (!X509_cmp(obj->data.x509, x->data.x509)) - return obj; - } else if (x->type == X509_LU_CRL) { - if (!X509_CRL_match(obj->data.crl, x->data.crl)) - return obj; - } else - return obj; - } - return NULL; -} -LCRYPTO_ALIAS(X509_OBJECT_retrieve_match); - -/* Try to get issuer certificate from store. Due to limitations - * of the API this can only retrieve a single certificate matching - * a given subject name. However it will fill the cache with all - * matching certificates, so we can examine the cache for all - * matches. - * - * Return values are: - * 1 lookup successful. - * 0 certificate not found. - * -1 some other error. - */ -int -X509_STORE_CTX_get1_issuer(X509 **out_issuer, X509_STORE_CTX *ctx, X509 *x) -{ - X509_NAME *xn; - X509_OBJECT *obj, *pobj; - X509 *issuer = NULL; - int i, idx, ret; - - *out_issuer = NULL; - - xn = X509_get_issuer_name(x); - obj = X509_STORE_CTX_get_obj_by_subject(ctx, X509_LU_X509, xn); - if (obj == NULL) - return 0; - - if ((issuer = X509_OBJECT_get0_X509(obj)) == NULL) { - X509_OBJECT_free(obj); - return 0; - } - if (!X509_up_ref(issuer)) { - X509_OBJECT_free(obj); - return -1; - } - - /* If certificate matches all OK */ - if (ctx->check_issued(ctx, x, issuer)) { - if (x509_check_cert_time(ctx, issuer, -1)) { - *out_issuer = issuer; - X509_OBJECT_free(obj); - return 1; - } - } - X509_free(issuer); - issuer = NULL; - X509_OBJECT_free(obj); - obj = NULL; - - if (ctx->store == NULL) - return 0; - - /* Else find index of first cert accepted by 'check_issued' */ - CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); - idx = X509_OBJECT_idx_by_subject(ctx->store->objs, X509_LU_X509, xn); - if (idx != -1) /* should be true as we've had at least one match */ { - /* Look through all matching certs for suitable issuer */ - for (i = idx; i < sk_X509_OBJECT_num(ctx->store->objs); i++) { - pobj = sk_X509_OBJECT_value(ctx->store->objs, i); - /* See if we've run past the matches */ - if (pobj->type != X509_LU_X509) - break; - if (X509_NAME_cmp(xn, - X509_get_subject_name(pobj->data.x509))) - break; - if (ctx->check_issued(ctx, x, pobj->data.x509)) { - issuer = pobj->data.x509; - /* - * If times check, exit with match, - * otherwise keep looking. Leave last - * match in issuer so we return nearest - * match if no certificate time is OK. - */ - if (x509_check_cert_time(ctx, issuer, -1)) - break; - } - } - } - ret = 0; - if (issuer != NULL) { - if (!X509_up_ref(issuer)) { - ret = -1; - } else { - *out_issuer = issuer; - ret = 1; - } - } - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); - return ret; -} -LCRYPTO_ALIAS(X509_STORE_CTX_get1_issuer); - -STACK_OF(X509_OBJECT) * -X509_STORE_get0_objects(X509_STORE *xs) -{ - return xs->objs; -} -LCRYPTO_ALIAS(X509_STORE_get0_objects); - -static STACK_OF(X509_OBJECT) * -sk_X509_OBJECT_deep_copy(const STACK_OF(X509_OBJECT) *objs) -{ - STACK_OF(X509_OBJECT) *copy = NULL; - X509_OBJECT *obj = NULL; - int i; - - if ((copy = sk_X509_OBJECT_new(x509_object_cmp)) == NULL) { - X509error(ERR_R_MALLOC_FAILURE); - goto err; - } - - for (i = 0; i < sk_X509_OBJECT_num(objs); i++) { - if ((obj = x509_object_dup(sk_X509_OBJECT_value(objs, i))) == NULL) - goto err; - if (!sk_X509_OBJECT_push(copy, obj)) - goto err; - obj = NULL; - } - - return copy; - - err: - X509_OBJECT_free(obj); - sk_X509_OBJECT_pop_free(copy, X509_OBJECT_free); - - return NULL; -} - -STACK_OF(X509_OBJECT) * -X509_STORE_get1_objects(X509_STORE *store) -{ - STACK_OF(X509_OBJECT) *objs; - - if (store == NULL) { - X509error(ERR_R_PASSED_NULL_PARAMETER); - return NULL; - } - - CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE); - objs = sk_X509_OBJECT_deep_copy(store->objs); - CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE); - - return objs; -} -LCRYPTO_ALIAS(X509_STORE_get1_objects); - -void * -X509_STORE_get_ex_data(X509_STORE *xs, int idx) -{ - return CRYPTO_get_ex_data(&xs->ex_data, idx); -} -LCRYPTO_ALIAS(X509_STORE_get_ex_data); - -int -X509_STORE_set_ex_data(X509_STORE *xs, int idx, void *data) -{ - return CRYPTO_set_ex_data(&xs->ex_data, idx, data); -} -LCRYPTO_ALIAS(X509_STORE_set_ex_data); - -int -X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags) -{ - return X509_VERIFY_PARAM_set_flags(ctx->param, flags); -} -LCRYPTO_ALIAS(X509_STORE_set_flags); - -int -X509_STORE_set_depth(X509_STORE *ctx, int depth) -{ - X509_VERIFY_PARAM_set_depth(ctx->param, depth); - return 1; -} -LCRYPTO_ALIAS(X509_STORE_set_depth); - -int -X509_STORE_set_purpose(X509_STORE *ctx, int purpose) -{ - return X509_VERIFY_PARAM_set_purpose(ctx->param, purpose); -} -LCRYPTO_ALIAS(X509_STORE_set_purpose); - -int -X509_STORE_set_trust(X509_STORE *ctx, int trust) -{ - return X509_VERIFY_PARAM_set_trust(ctx->param, trust); -} -LCRYPTO_ALIAS(X509_STORE_set_trust); - -int -X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *param) -{ - return X509_VERIFY_PARAM_set1(ctx->param, param); -} -LCRYPTO_ALIAS(X509_STORE_set1_param); - -X509_VERIFY_PARAM * -X509_STORE_get0_param(X509_STORE *ctx) -{ - return ctx->param; -} -LCRYPTO_ALIAS(X509_STORE_get0_param); - -void -X509_STORE_set_verify(X509_STORE *store, X509_STORE_CTX_verify_fn verify) -{ - store->verify = verify; -} -LCRYPTO_ALIAS(X509_STORE_set_verify); - -X509_STORE_CTX_verify_fn -X509_STORE_get_verify(X509_STORE *store) -{ - return store->verify; -} -LCRYPTO_ALIAS(X509_STORE_get_verify); - -void -X509_STORE_set_verify_cb(X509_STORE *store, X509_STORE_CTX_verify_cb verify_cb) -{ - store->verify_cb = verify_cb; -} -LCRYPTO_ALIAS(X509_STORE_set_verify_cb); - -X509_STORE_CTX_verify_cb -X509_STORE_get_verify_cb(X509_STORE *store) -{ - return store->verify_cb; -} -LCRYPTO_ALIAS(X509_STORE_get_verify_cb); diff --git a/src/lib/libcrypto/x509/x509_ncons.c b/src/lib/libcrypto/x509/x509_ncons.c deleted file mode 100644 index 148a66e887..0000000000 --- a/src/lib/libcrypto/x509/x509_ncons.c +++ /dev/null @@ -1,569 +0,0 @@ -/* $OpenBSD: x509_ncons.c,v 1.11 2024/07/13 15:08:58 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include -#include - -#include "x509_local.h" - -static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); -static int i2r_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, - void *a, BIO *bp, int ind); -static int do_i2r_name_constraints(const X509V3_EXT_METHOD *method, - STACK_OF(GENERAL_SUBTREE) *trees, BIO *bp, int ind, char *name); -static int print_nc_ipadd(BIO *bp, ASN1_OCTET_STRING *ip); - -static int nc_match(GENERAL_NAME *gen, NAME_CONSTRAINTS *nc); -static int nc_match_single(GENERAL_NAME *sub, GENERAL_NAME *gen); -static int nc_dn(X509_NAME *sub, X509_NAME *nm); -static int nc_dns(ASN1_IA5STRING *sub, ASN1_IA5STRING *dns); -static int nc_email(ASN1_IA5STRING *sub, ASN1_IA5STRING *eml); -static int nc_uri(ASN1_IA5STRING *uri, ASN1_IA5STRING *base); - -static const X509V3_EXT_METHOD x509v3_ext_name_constraints = { - .ext_nid = NID_name_constraints, - .ext_flags = 0, - .it = &NAME_CONSTRAINTS_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = NULL, - .v2i = v2i_NAME_CONSTRAINTS, - .i2r = i2r_NAME_CONSTRAINTS, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_name_constraints(void) -{ - return &x509v3_ext_name_constraints; -} - -static const ASN1_TEMPLATE GENERAL_SUBTREE_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(GENERAL_SUBTREE, base), - .field_name = "base", - .item = &GENERAL_NAME_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(GENERAL_SUBTREE, minimum), - .field_name = "minimum", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(GENERAL_SUBTREE, maximum), - .field_name = "maximum", - .item = &ASN1_INTEGER_it, - }, -}; - -const ASN1_ITEM GENERAL_SUBTREE_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = GENERAL_SUBTREE_seq_tt, - .tcount = sizeof(GENERAL_SUBTREE_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(GENERAL_SUBTREE), - .sname = "GENERAL_SUBTREE", -}; -LCRYPTO_ALIAS(GENERAL_SUBTREE_it); - -static const ASN1_TEMPLATE NAME_CONSTRAINTS_seq_tt[] = { - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(NAME_CONSTRAINTS, permittedSubtrees), - .field_name = "permittedSubtrees", - .item = &GENERAL_SUBTREE_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(NAME_CONSTRAINTS, excludedSubtrees), - .field_name = "excludedSubtrees", - .item = &GENERAL_SUBTREE_it, - }, -}; - -const ASN1_ITEM NAME_CONSTRAINTS_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = NAME_CONSTRAINTS_seq_tt, - .tcount = sizeof(NAME_CONSTRAINTS_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(NAME_CONSTRAINTS), - .sname = "NAME_CONSTRAINTS", -}; -LCRYPTO_ALIAS(NAME_CONSTRAINTS_it); - - -GENERAL_SUBTREE * -GENERAL_SUBTREE_new(void) -{ - return (GENERAL_SUBTREE*)ASN1_item_new(&GENERAL_SUBTREE_it); -} -LCRYPTO_ALIAS(GENERAL_SUBTREE_new); - -void -GENERAL_SUBTREE_free(GENERAL_SUBTREE *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &GENERAL_SUBTREE_it); -} -LCRYPTO_ALIAS(GENERAL_SUBTREE_free); - -NAME_CONSTRAINTS * -NAME_CONSTRAINTS_new(void) -{ - return (NAME_CONSTRAINTS*)ASN1_item_new(&NAME_CONSTRAINTS_it); -} -LCRYPTO_ALIAS(NAME_CONSTRAINTS_new); - -void -NAME_CONSTRAINTS_free(NAME_CONSTRAINTS *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &NAME_CONSTRAINTS_it); -} -LCRYPTO_ALIAS(NAME_CONSTRAINTS_free); - -static void * -v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - STACK_OF(CONF_VALUE) *nval) -{ - int i; - CONF_VALUE tval, *val; - STACK_OF(GENERAL_SUBTREE) **ptree = NULL; - NAME_CONSTRAINTS *ncons = NULL; - GENERAL_SUBTREE *sub = NULL; - - ncons = NAME_CONSTRAINTS_new(); - if (!ncons) - goto memerr; - for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { - val = sk_CONF_VALUE_value(nval, i); - if (!strncmp(val->name, "permitted", 9) && val->name[9]) { - ptree = &ncons->permittedSubtrees; - tval.name = val->name + 10; - } else if (!strncmp(val->name, "excluded", 8) && val->name[8]) { - ptree = &ncons->excludedSubtrees; - tval.name = val->name + 9; - } else { - X509V3error(X509V3_R_INVALID_SYNTAX); - goto err; - } - tval.value = val->value; - sub = GENERAL_SUBTREE_new(); - if (!v2i_GENERAL_NAME_ex(sub->base, method, ctx, &tval, 1)) - goto err; - if (!*ptree) - *ptree = sk_GENERAL_SUBTREE_new_null(); - if (!*ptree || !sk_GENERAL_SUBTREE_push(*ptree, sub)) - goto memerr; - sub = NULL; - } - - return ncons; - -memerr: - X509V3error(ERR_R_MALLOC_FAILURE); -err: - NAME_CONSTRAINTS_free(ncons); - GENERAL_SUBTREE_free(sub); - return NULL; -} - -static int -i2r_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, void *a, BIO *bp, int ind) -{ - NAME_CONSTRAINTS *ncons = a; - - do_i2r_name_constraints(method, ncons->permittedSubtrees, - bp, ind, "Permitted"); - do_i2r_name_constraints(method, ncons->excludedSubtrees, - bp, ind, "Excluded"); - return 1; -} - -static int -do_i2r_name_constraints(const X509V3_EXT_METHOD *method, - STACK_OF(GENERAL_SUBTREE) *trees, BIO *bp, int ind, char *name) -{ - GENERAL_SUBTREE *tree; - int i; - - if (sk_GENERAL_SUBTREE_num(trees) > 0) - BIO_printf(bp, "%*s%s:\n", ind, "", name); - for (i = 0; i < sk_GENERAL_SUBTREE_num(trees); i++) { - tree = sk_GENERAL_SUBTREE_value(trees, i); - BIO_printf(bp, "%*s", ind + 2, ""); - if (tree->base->type == GEN_IPADD) - print_nc_ipadd(bp, tree->base->d.ip); - else - GENERAL_NAME_print(bp, tree->base); - BIO_puts(bp, "\n"); - } - return 1; -} - -static int -print_nc_ipadd(BIO *bp, ASN1_OCTET_STRING *ip) -{ - int i, len; - unsigned char *p; - - p = ip->data; - len = ip->length; - BIO_puts(bp, "IP:"); - if (len == 8) { - BIO_printf(bp, "%d.%d.%d.%d/%d.%d.%d.%d", - p[0], p[1], p[2], p[3], p[4], p[5], p[6], p[7]); - } else if (len == 32) { - for (i = 0; i < 16; i++) { - BIO_printf(bp, "%X", p[0] << 8 | p[1]); - p += 2; - if (i == 7) - BIO_puts(bp, "/"); - else if (i != 15) - BIO_puts(bp, ":"); - } - } else - BIO_printf(bp, "IP Address:"); - return 1; -} - -/* Check a certificate conforms to a specified set of constraints. - * Return values: - * X509_V_OK: All constraints obeyed. - * X509_V_ERR_PERMITTED_VIOLATION: Permitted subtree violation. - * X509_V_ERR_EXCLUDED_VIOLATION: Excluded subtree violation. - * X509_V_ERR_SUBTREE_MINMAX: Min or max values present and matching type. - * X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: Unsupported constraint type. - * X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: bad unsupported constraint syntax. - * X509_V_ERR_UNSUPPORTED_NAME_SYNTAX: bad or unsupported syntax of name - */ - -int -NAME_CONSTRAINTS_check(X509 *x, NAME_CONSTRAINTS *nc) -{ - int r, i; - X509_NAME *nm; - - nm = X509_get_subject_name(x); - - if (X509_NAME_entry_count(nm) > 0) { - GENERAL_NAME gntmp; - gntmp.type = GEN_DIRNAME; - gntmp.d.directoryName = nm; - - r = nc_match(&gntmp, nc); - - if (r != X509_V_OK) - return r; - - gntmp.type = GEN_EMAIL; - - /* Process any email address attributes in subject name */ - - for (i = -1;;) { - X509_NAME_ENTRY *ne; - i = X509_NAME_get_index_by_NID(nm, - NID_pkcs9_emailAddress, i); - if (i == -1) - break; - ne = X509_NAME_get_entry(nm, i); - gntmp.d.rfc822Name = X509_NAME_ENTRY_get_data(ne); - if (gntmp.d.rfc822Name->type != V_ASN1_IA5STRING) - return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX; - - r = nc_match(&gntmp, nc); - - if (r != X509_V_OK) - return r; - } - - } - - for (i = 0; i < sk_GENERAL_NAME_num(x->altname); i++) { - GENERAL_NAME *gen = sk_GENERAL_NAME_value(x->altname, i); - r = nc_match(gen, nc); - if (r != X509_V_OK) - return r; - } - return X509_V_OK; -} -LCRYPTO_ALIAS(NAME_CONSTRAINTS_check); -static int -nc_match(GENERAL_NAME *gen, NAME_CONSTRAINTS *nc) -{ - GENERAL_SUBTREE *sub; - int i, r, match = 0; - - /* Permitted subtrees: if any subtrees exist of matching the type - * at least one subtree must match. - */ - - for (i = 0; i < sk_GENERAL_SUBTREE_num(nc->permittedSubtrees); i++) { - sub = sk_GENERAL_SUBTREE_value(nc->permittedSubtrees, i); - if (gen->type != sub->base->type) - continue; - if (sub->minimum || sub->maximum) - return X509_V_ERR_SUBTREE_MINMAX; - /* If we already have a match don't bother trying any more */ - if (match == 2) - continue; - if (match == 0) - match = 1; - r = nc_match_single(gen, sub->base); - if (r == X509_V_OK) - match = 2; - else if (r != X509_V_ERR_PERMITTED_VIOLATION) - return r; - } - - if (match == 1) - return X509_V_ERR_PERMITTED_VIOLATION; - - /* Excluded subtrees: must not match any of these */ - - for (i = 0; i < sk_GENERAL_SUBTREE_num(nc->excludedSubtrees); i++) { - sub = sk_GENERAL_SUBTREE_value(nc->excludedSubtrees, i); - if (gen->type != sub->base->type) - continue; - if (sub->minimum || sub->maximum) - return X509_V_ERR_SUBTREE_MINMAX; - - r = nc_match_single(gen, sub->base); - if (r == X509_V_OK) - return X509_V_ERR_EXCLUDED_VIOLATION; - else if (r != X509_V_ERR_PERMITTED_VIOLATION) - return r; - - } - - return X509_V_OK; -} - -static int -nc_match_single(GENERAL_NAME *gen, GENERAL_NAME *base) -{ - switch (base->type) { - case GEN_DIRNAME: - return nc_dn(gen->d.directoryName, base->d.directoryName); - - case GEN_DNS: - return nc_dns(gen->d.dNSName, base->d.dNSName); - - case GEN_EMAIL: - return nc_email(gen->d.rfc822Name, base->d.rfc822Name); - - case GEN_URI: - return nc_uri(gen->d.uniformResourceIdentifier, - base->d.uniformResourceIdentifier); - - default: - return X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE; - } -} - -/* directoryName name constraint matching. - * The canonical encoding of X509_NAME makes this comparison easy. It is - * matched if the subtree is a subset of the name. - */ - -static int -nc_dn(X509_NAME *nm, X509_NAME *base) -{ - /* Ensure canonical encodings are up to date. */ - if (nm->modified && i2d_X509_NAME(nm, NULL) < 0) - return X509_V_ERR_OUT_OF_MEM; - if (base->modified && i2d_X509_NAME(base, NULL) < 0) - return X509_V_ERR_OUT_OF_MEM; - if (base->canon_enclen > nm->canon_enclen) - return X509_V_ERR_PERMITTED_VIOLATION; - if (memcmp(base->canon_enc, nm->canon_enc, base->canon_enclen)) - return X509_V_ERR_PERMITTED_VIOLATION; - return X509_V_OK; -} - -static int -nc_dns(ASN1_IA5STRING *dns, ASN1_IA5STRING *base) -{ - char *baseptr = (char *)base->data; - char *dnsptr = (char *)dns->data; - - /* Empty matches everything */ - if (!*baseptr) - return X509_V_OK; - /* Otherwise can add zero or more components on the left so - * compare RHS and if dns is longer and expect '.' as preceding - * character. - */ - if (dns->length > base->length) { - dnsptr += dns->length - base->length; - if (baseptr[0] != '.' && dnsptr[-1] != '.') - return X509_V_ERR_PERMITTED_VIOLATION; - } - - if (strcasecmp(baseptr, dnsptr)) - return X509_V_ERR_PERMITTED_VIOLATION; - - return X509_V_OK; -} - -static int -nc_email(ASN1_IA5STRING *eml, ASN1_IA5STRING *base) -{ - const char *baseptr = (char *)base->data; - const char *emlptr = (char *)eml->data; - const char *baseat = strchr(baseptr, '@'); - const char *emlat = strchr(emlptr, '@'); - - if (!emlat) - return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX; - /* Special case: initial '.' is RHS match */ - if (!baseat && (*baseptr == '.')) { - if (eml->length > base->length) { - emlptr += eml->length - base->length; - if (!strcasecmp(baseptr, emlptr)) - return X509_V_OK; - } - return X509_V_ERR_PERMITTED_VIOLATION; - } - - /* If we have anything before '@' match local part */ - - if (baseat) { - if (baseat != baseptr) { - if ((baseat - baseptr) != (emlat - emlptr)) - return X509_V_ERR_PERMITTED_VIOLATION; - /* Case sensitive match of local part */ - if (strncmp(baseptr, emlptr, emlat - emlptr)) - return X509_V_ERR_PERMITTED_VIOLATION; - } - /* Position base after '@' */ - baseptr = baseat + 1; - } - emlptr = emlat + 1; - /* Just have hostname left to match: case insensitive */ - if (strcasecmp(baseptr, emlptr)) - return X509_V_ERR_PERMITTED_VIOLATION; - - return X509_V_OK; -} - -static int -nc_uri(ASN1_IA5STRING *uri, ASN1_IA5STRING *base) -{ - const char *baseptr = (char *)base->data; - const char *hostptr = (char *)uri->data; - const char *p = strchr(hostptr, ':'); - int hostlen; - - /* Check for foo:// and skip past it */ - if (!p || (p[1] != '/') || (p[2] != '/')) - return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX; - hostptr = p + 3; - - /* Determine length of hostname part of URI */ - - /* Look for a port indicator as end of hostname first */ - - p = strchr(hostptr, ':'); - /* Otherwise look for trailing slash */ - if (!p) - p = strchr(hostptr, '/'); - - if (!p) - hostlen = strlen(hostptr); - else - hostlen = p - hostptr; - - if (hostlen == 0) - return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX; - - /* Special case: initial '.' is RHS match */ - if (*baseptr == '.') { - if (hostlen > base->length) { - p = hostptr + hostlen - base->length; - if (!strncasecmp(p, baseptr, base->length)) - return X509_V_OK; - } - return X509_V_ERR_PERMITTED_VIOLATION; - } - - if ((base->length != (int)hostlen) || - strncasecmp(hostptr, baseptr, hostlen)) - return X509_V_ERR_PERMITTED_VIOLATION; - - return X509_V_OK; -} diff --git a/src/lib/libcrypto/x509/x509_obj.c b/src/lib/libcrypto/x509/x509_obj.c deleted file mode 100644 index db1741cc9e..0000000000 --- a/src/lib/libcrypto/x509/x509_obj.c +++ /dev/null @@ -1,198 +0,0 @@ -/* $OpenBSD: x509_obj.c,v 1.25 2025/01/27 04:24:46 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include - -#include -#include -#include - -#include "bytestring.h" -#include "x509_local.h" - -static int -X509_NAME_ENTRY_add_object_cbb(CBB *cbb, const ASN1_OBJECT *aobj) -{ - const char *str; - char buf[80]; - int nid; - - /* Prefer SN over LN, and fall back to textual representation of OID. */ - if ((nid = OBJ_obj2nid(aobj)) != NID_undef) { - if ((str = OBJ_nid2sn(nid)) != NULL) - return CBB_add_bytes(cbb, str, strlen(str)); - if ((str = OBJ_nid2ln(nid)) != NULL) - return CBB_add_bytes(cbb, str, strlen(str)); - } - if (OBJ_obj2txt(buf, sizeof(buf), aobj, 1) == 0) - return 0; - return CBB_add_bytes(cbb, buf, strlen(buf)); -} - -static int -X509_NAME_ENTRY_add_u8_cbb(CBB *cbb, uint8_t u8) -{ - static const char hex[] = "0123456789ABCDEF"; - - if (' ' <= u8 && u8 <= '~') - return CBB_add_u8(cbb, u8); - - if (!CBB_add_u8(cbb, '\\')) - return 0; - if (!CBB_add_u8(cbb, 'x')) - return 0; - if (!CBB_add_u8(cbb, hex[u8 >> 4])) - return 0; - if (!CBB_add_u8(cbb, hex[u8 & 0xf])) - return 0; - return 1; -} - -static int -X509_NAME_ENTRY_add_value_cbb(CBB *cbb, const ASN1_STRING *astr) -{ - CBS cbs; - uint8_t u8; - size_t i; - int mask[4] = { 1, 1, 1, 1 }; - - if (astr->type == V_ASN1_GENERALSTRING && astr->length % 4 == 0) { - int gs_mask[4] = { 0, 0, 0, 0 }; - - i = 0; - CBS_init(&cbs, astr->data, astr->length); - while (CBS_len(&cbs) > 0) { - if (!CBS_get_u8(&cbs, &u8)) - return 0; - - gs_mask[i++ & 0x3] |= u8; - } - - if (gs_mask[0] == 0 && gs_mask[1] == 0 && gs_mask[2] == 0) - mask[0] = mask[1] = mask[2] = 0; - } - - i = 0; - CBS_init(&cbs, astr->data, astr->length); - while (CBS_len(&cbs) > 0) { - if (!CBS_get_u8(&cbs, &u8)) - return 0; - if (mask[i++ & 0x3] == 0) - continue; - if (!X509_NAME_ENTRY_add_u8_cbb(cbb, u8)) - return 0; - } - - return 1; -} - -int -X509_NAME_ENTRY_add_cbb(CBB *cbb, const X509_NAME_ENTRY *ne) -{ - if (!X509_NAME_ENTRY_add_object_cbb(cbb, ne->object)) - return 0; - if (!CBB_add_u8(cbb, '=')) - return 0; - if (!X509_NAME_ENTRY_add_value_cbb(cbb, ne->value)) - return 0; - return 1; -} - -char * -X509_NAME_oneline(const X509_NAME *a, char *buf, int len) -{ - CBB cbb; - const X509_NAME_ENTRY *ne; - uint8_t *line = NULL; - size_t line_len = 0; - int i; - - if (!CBB_init(&cbb, 0)) - goto err; - - for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) { - ne = sk_X509_NAME_ENTRY_value(a->entries, i); - if (!CBB_add_u8(&cbb, '/')) - goto err; - if (!X509_NAME_ENTRY_add_cbb(&cbb, ne)) - goto err; - } - - if (!CBB_add_u8(&cbb, '\0')) - goto err; - - if (!CBB_finish(&cbb, &line, &line_len)) - goto err; - - if (buf == NULL) - return line; - - strlcpy(buf, line, len); - free(line); - - return buf; - - err: - CBB_cleanup(&cbb); - - return NULL; -} -LCRYPTO_ALIAS(X509_NAME_oneline); diff --git a/src/lib/libcrypto/x509/x509_ocsp.c b/src/lib/libcrypto/x509/x509_ocsp.c deleted file mode 100644 index 6531b4c420..0000000000 --- a/src/lib/libcrypto/x509/x509_ocsp.c +++ /dev/null @@ -1,424 +0,0 @@ -/* $OpenBSD: x509_ocsp.c,v 1.4 2024/12/24 09:14:33 schwarze Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include - -#ifndef OPENSSL_NO_OCSP - -#include -#include -#include -#include -#include - -#include "ocsp_local.h" - -/* OCSP extensions and a couple of CRL entry extensions - */ - -static int i2r_ocsp_crlid(const X509V3_EXT_METHOD *method, void *nonce, - BIO *out, int indent); -static int i2r_ocsp_acutoff(const X509V3_EXT_METHOD *method, void *nonce, - BIO *out, int indent); -static int i2r_object(const X509V3_EXT_METHOD *method, void *obj, BIO *out, - int indent); - -static void *ocsp_nonce_new(void); -static int i2d_ocsp_nonce(void *a, unsigned char **pp); -static void *d2i_ocsp_nonce(void *a, const unsigned char **pp, long length); -static void ocsp_nonce_free(void *a); -static int i2r_ocsp_nonce(const X509V3_EXT_METHOD *method, void *nonce, - BIO *out, int indent); - -static int i2r_ocsp_nocheck(const X509V3_EXT_METHOD *method, - void *nocheck, BIO *out, int indent); -static void *s2i_ocsp_nocheck(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - const char *str); -static int i2r_ocsp_serviceloc(const X509V3_EXT_METHOD *method, void *in, - BIO *bp, int ind); - -static const X509V3_EXT_METHOD x509v3_ext_id_pkix_OCSP_CrlID = { - .ext_nid = NID_id_pkix_OCSP_CrlID, - .ext_flags = 0, - .it = &OCSP_CRLID_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = NULL, - .v2i = NULL, - .i2r = i2r_ocsp_crlid, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_id_pkix_OCSP_CrlID(void) -{ - return &x509v3_ext_id_pkix_OCSP_CrlID; -} - -static const X509V3_EXT_METHOD x509v3_ext_id_pkix_OCSP_archiveCutoff = { - .ext_nid = NID_id_pkix_OCSP_archiveCutoff, - .ext_flags = 0, - .it = &ASN1_GENERALIZEDTIME_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = NULL, - .v2i = NULL, - .i2r = i2r_ocsp_acutoff, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_id_pkix_OCSP_archiveCutoff(void) -{ - return &x509v3_ext_id_pkix_OCSP_archiveCutoff; -} - -static const X509V3_EXT_METHOD x509v3_ext_invalidity_date = { - .ext_nid = NID_invalidity_date, - .ext_flags = 0, - .it = &ASN1_GENERALIZEDTIME_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = NULL, - .v2i = NULL, - .i2r = i2r_ocsp_acutoff, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_invalidity_date(void) -{ - return &x509v3_ext_invalidity_date; -} - -static const X509V3_EXT_METHOD x509v3_ext_hold_instruction_code = { - .ext_nid = NID_hold_instruction_code, - .ext_flags = 0, - .it = &ASN1_OBJECT_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = NULL, - .v2i = NULL, - .i2r = i2r_object, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_hold_instruction_code(void) -{ - return &x509v3_ext_hold_instruction_code; -} - -static const X509V3_EXT_METHOD x509v3_ext_id_pkix_OCSP_Nonce = { - .ext_nid = NID_id_pkix_OCSP_Nonce, - .ext_flags = 0, - .it = NULL, - .ext_new = ocsp_nonce_new, - .ext_free = ocsp_nonce_free, - .d2i = d2i_ocsp_nonce, - .i2d = i2d_ocsp_nonce, - .i2s = NULL, - .s2i = NULL, - .i2v = NULL, - .v2i = NULL, - .i2r = i2r_ocsp_nonce, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_id_pkix_OCSP_Nonce(void) -{ - return &x509v3_ext_id_pkix_OCSP_Nonce; -} - -static const X509V3_EXT_METHOD x509v3_ext_id_pkix_OCSP_noCheck = { - .ext_nid = NID_id_pkix_OCSP_noCheck, - .ext_flags = 0, - .it = &ASN1_NULL_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = s2i_ocsp_nocheck, - .i2v = NULL, - .v2i = NULL, - .i2r = i2r_ocsp_nocheck, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_id_pkix_OCSP_noCheck(void) -{ - return &x509v3_ext_id_pkix_OCSP_noCheck; -} - -static const X509V3_EXT_METHOD x509v3_ext_id_pkix_OCSP_serviceLocator = { - .ext_nid = NID_id_pkix_OCSP_serviceLocator, - .ext_flags = 0, - .it = &OCSP_SERVICELOC_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = NULL, - .v2i = NULL, - .i2r = i2r_ocsp_serviceloc, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_id_pkix_OCSP_serviceLocator(void) -{ - return &x509v3_ext_id_pkix_OCSP_serviceLocator; -} - -static int -i2r_ocsp_crlid(const X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind) -{ - OCSP_CRLID *a = in; - if (a->crlUrl) { - if (BIO_printf(bp, "%*scrlUrl: ", ind, "") <= 0) - goto err; - if (!ASN1_STRING_print(bp, (ASN1_STRING*)a->crlUrl)) - goto err; - if (BIO_write(bp, "\n", 1) <= 0) - goto err; - } - if (a->crlNum) { - if (BIO_printf(bp, "%*scrlNum: ", ind, "") <= 0) - goto err; - if (i2a_ASN1_INTEGER(bp, a->crlNum) <= 0) - goto err; - if (BIO_write(bp, "\n", 1) <= 0) - goto err; - } - if (a->crlTime) { - if (BIO_printf(bp, "%*scrlTime: ", ind, "") <= 0) - goto err; - if (!ASN1_GENERALIZEDTIME_print(bp, a->crlTime)) - goto err; - if (BIO_write(bp, "\n", 1) <= 0) - goto err; - } - return 1; - -err: - return 0; -} - -static int -i2r_ocsp_acutoff(const X509V3_EXT_METHOD *method, void *cutoff, BIO *bp, - int ind) -{ - if (BIO_printf(bp, "%*s", ind, "") <= 0) - return 0; - if (!ASN1_GENERALIZEDTIME_print(bp, cutoff)) - return 0; - return 1; -} - -static int -i2r_object(const X509V3_EXT_METHOD *method, void *oid, BIO *bp, int ind) -{ - if (BIO_printf(bp, "%*s", ind, "") <= 0) - return 0; - if (i2a_ASN1_OBJECT(bp, oid) <= 0) - return 0; - return 1; -} - -/* OCSP nonce. This is needs special treatment because it doesn't have - * an ASN1 encoding at all: it just contains arbitrary data. - */ - -static void * -ocsp_nonce_new(void) -{ - return ASN1_OCTET_STRING_new(); -} - -static int -i2d_ocsp_nonce(void *a, unsigned char **pp) -{ - ASN1_OCTET_STRING *os = a; - - if (pp) { - memcpy(*pp, os->data, os->length); - *pp += os->length; - } - return os->length; -} - -static void * -d2i_ocsp_nonce(void *a, const unsigned char **pp, long length) -{ - ASN1_OCTET_STRING *os, **pos; - - pos = a; - if (pos == NULL || *pos == NULL) { - os = ASN1_OCTET_STRING_new(); - if (os == NULL) - goto err; - } else - os = *pos; - if (ASN1_OCTET_STRING_set(os, *pp, length) == 0) - goto err; - - *pp += length; - - if (pos != NULL) - *pos = os; - return os; - -err: - if (pos == NULL || *pos != os) - ASN1_OCTET_STRING_free(os); - OCSPerror(ERR_R_MALLOC_FAILURE); - return NULL; -} - -static void -ocsp_nonce_free(void *a) -{ - ASN1_OCTET_STRING_free(a); -} - -static int -i2r_ocsp_nonce(const X509V3_EXT_METHOD *method, void *nonce, BIO *out, - int indent) -{ - if (BIO_printf(out, "%*s", indent, "") <= 0) - return 0; - if (i2a_ASN1_STRING(out, nonce, V_ASN1_OCTET_STRING) <= 0) - return 0; - return 1; -} - -/* Nocheck is just a single NULL. Don't print anything and always set it */ - -static int -i2r_ocsp_nocheck(const X509V3_EXT_METHOD *method, void *nocheck, BIO *out, - int indent) -{ - return 1; -} - -static void * -s2i_ocsp_nocheck(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - const char *str) -{ - return ASN1_NULL_new(); -} - -static int -i2r_ocsp_serviceloc(const X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind) -{ - int i; - OCSP_SERVICELOC *a = in; - ACCESS_DESCRIPTION *ad; - - if (BIO_printf(bp, "%*sIssuer: ", ind, "") <= 0) - goto err; - if (X509_NAME_print_ex(bp, a->issuer, 0, XN_FLAG_ONELINE) <= 0) - goto err; - for (i = 0; i < sk_ACCESS_DESCRIPTION_num(a->locator); i++) { - ad = sk_ACCESS_DESCRIPTION_value(a->locator, i); - if (BIO_printf(bp, "\n%*s", (2 * ind), "") <= 0) - goto err; - if (i2a_ASN1_OBJECT(bp, ad->method) <= 0) - goto err; - if (BIO_puts(bp, " - ") <= 0) - goto err; - if (GENERAL_NAME_print(bp, ad->location) <= 0) - goto err; - } - return 1; - -err: - return 0; -} -#endif diff --git a/src/lib/libcrypto/x509/x509_pcons.c b/src/lib/libcrypto/x509/x509_pcons.c deleted file mode 100644 index 66dc57abf6..0000000000 --- a/src/lib/libcrypto/x509/x509_pcons.c +++ /dev/null @@ -1,205 +0,0 @@ -/* $OpenBSD: x509_pcons.c,v 1.6 2024/08/31 10:03:03 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include -#include -#include - -#include "x509_local.h" - -static STACK_OF(CONF_VALUE) * -i2v_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method, void *bcons, - STACK_OF(CONF_VALUE) *extlist); -static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values); - -static const X509V3_EXT_METHOD x509v3_ext_policy_constraints = { - .ext_nid = NID_policy_constraints, - .ext_flags = 0, - .it = &POLICY_CONSTRAINTS_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = i2v_POLICY_CONSTRAINTS, - .v2i = v2i_POLICY_CONSTRAINTS, - .i2r = NULL, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_policy_constraints(void) -{ - return &x509v3_ext_policy_constraints; -} - -static const ASN1_TEMPLATE POLICY_CONSTRAINTS_seq_tt[] = { - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(POLICY_CONSTRAINTS, requireExplicitPolicy), - .field_name = "requireExplicitPolicy", - .item = &ASN1_INTEGER_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(POLICY_CONSTRAINTS, inhibitPolicyMapping), - .field_name = "inhibitPolicyMapping", - .item = &ASN1_INTEGER_it, - }, -}; - -const ASN1_ITEM POLICY_CONSTRAINTS_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = POLICY_CONSTRAINTS_seq_tt, - .tcount = sizeof(POLICY_CONSTRAINTS_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(POLICY_CONSTRAINTS), - .sname = "POLICY_CONSTRAINTS", -}; -LCRYPTO_ALIAS(POLICY_CONSTRAINTS_it); - - -POLICY_CONSTRAINTS * -POLICY_CONSTRAINTS_new(void) -{ - return (POLICY_CONSTRAINTS*)ASN1_item_new(&POLICY_CONSTRAINTS_it); -} -LCRYPTO_ALIAS(POLICY_CONSTRAINTS_new); - -void -POLICY_CONSTRAINTS_free(POLICY_CONSTRAINTS *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &POLICY_CONSTRAINTS_it); -} -LCRYPTO_ALIAS(POLICY_CONSTRAINTS_free); - -static STACK_OF(CONF_VALUE) * -i2v_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method, void *a, - STACK_OF(CONF_VALUE) *extlist) -{ - POLICY_CONSTRAINTS *pcons = a; - STACK_OF(CONF_VALUE) *free_extlist = NULL; - - if (extlist == NULL) { - if ((free_extlist = extlist = sk_CONF_VALUE_new_null()) == NULL) - return NULL; - } - - if (!X509V3_add_value_int("Require Explicit Policy", - pcons->requireExplicitPolicy, &extlist)) - goto err; - if (!X509V3_add_value_int("Inhibit Policy Mapping", - pcons->inhibitPolicyMapping, &extlist)) - goto err; - - return extlist; - - err: - sk_CONF_VALUE_pop_free(free_extlist, X509V3_conf_free); - - return NULL; -} - -static void * -v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - STACK_OF(CONF_VALUE) *values) -{ - POLICY_CONSTRAINTS *pcons = NULL; - CONF_VALUE *val; - int i; - - if (!(pcons = POLICY_CONSTRAINTS_new())) { - X509V3error(ERR_R_MALLOC_FAILURE); - return NULL; - } - for (i = 0; i < sk_CONF_VALUE_num(values); i++) { - val = sk_CONF_VALUE_value(values, i); - if (!strcmp(val->name, "requireExplicitPolicy")) { - if (!X509V3_get_value_int(val, - &pcons->requireExplicitPolicy)) goto err; - } else if (!strcmp(val->name, "inhibitPolicyMapping")) { - if (!X509V3_get_value_int(val, - &pcons->inhibitPolicyMapping)) goto err; - } else { - X509V3error(X509V3_R_INVALID_NAME); - X509V3_conf_err(val); - goto err; - } - } - if (!pcons->inhibitPolicyMapping && !pcons->requireExplicitPolicy) { - X509V3error(X509V3_R_ILLEGAL_EMPTY_EXTENSION); - goto err; - } - - return pcons; - -err: - POLICY_CONSTRAINTS_free(pcons); - return NULL; -} diff --git a/src/lib/libcrypto/x509/x509_pku.c b/src/lib/libcrypto/x509/x509_pku.c deleted file mode 100644 index 6753f0f733..0000000000 --- a/src/lib/libcrypto/x509/x509_pku.c +++ /dev/null @@ -1,165 +0,0 @@ -/* $OpenBSD: x509_pku.c,v 1.5 2024/07/13 15:08:58 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include - -static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, - PKEY_USAGE_PERIOD *usage, BIO *out, int indent); - -static const X509V3_EXT_METHOD x509v3_ext_private_key_usage_period = { - .ext_nid = NID_private_key_usage_period, - .ext_flags = 0, - .it = &PKEY_USAGE_PERIOD_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = NULL, - .v2i = NULL, - .i2r = (X509V3_EXT_I2R)i2r_PKEY_USAGE_PERIOD, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_private_key_usage_period(void) -{ - return &x509v3_ext_private_key_usage_period; -} - -static const ASN1_TEMPLATE PKEY_USAGE_PERIOD_seq_tt[] = { - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 0, - .offset = offsetof(PKEY_USAGE_PERIOD, notBefore), - .field_name = "notBefore", - .item = &ASN1_GENERALIZEDTIME_it, - }, - { - .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL, - .tag = 1, - .offset = offsetof(PKEY_USAGE_PERIOD, notAfter), - .field_name = "notAfter", - .item = &ASN1_GENERALIZEDTIME_it, - }, -}; - -const ASN1_ITEM PKEY_USAGE_PERIOD_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = PKEY_USAGE_PERIOD_seq_tt, - .tcount = sizeof(PKEY_USAGE_PERIOD_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(PKEY_USAGE_PERIOD), - .sname = "PKEY_USAGE_PERIOD", -}; -LCRYPTO_ALIAS(PKEY_USAGE_PERIOD_it); - - -PKEY_USAGE_PERIOD * -d2i_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD **a, const unsigned char **in, long len) -{ - return (PKEY_USAGE_PERIOD *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &PKEY_USAGE_PERIOD_it); -} -LCRYPTO_ALIAS(d2i_PKEY_USAGE_PERIOD); - -int -i2d_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKEY_USAGE_PERIOD_it); -} -LCRYPTO_ALIAS(i2d_PKEY_USAGE_PERIOD); - -PKEY_USAGE_PERIOD * -PKEY_USAGE_PERIOD_new(void) -{ - return (PKEY_USAGE_PERIOD *)ASN1_item_new(&PKEY_USAGE_PERIOD_it); -} -LCRYPTO_ALIAS(PKEY_USAGE_PERIOD_new); - -void -PKEY_USAGE_PERIOD_free(PKEY_USAGE_PERIOD *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &PKEY_USAGE_PERIOD_it); -} -LCRYPTO_ALIAS(PKEY_USAGE_PERIOD_free); - -static int -i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, PKEY_USAGE_PERIOD *usage, - BIO *out, int indent) -{ - BIO_printf(out, "%*s", indent, ""); - if (usage->notBefore) { - BIO_write(out, "Not Before: ", 12); - ASN1_GENERALIZEDTIME_print(out, usage->notBefore); - if (usage->notAfter) - BIO_write(out, ", ", 2); - } - if (usage->notAfter) { - BIO_write(out, "Not After: ", 11); - ASN1_GENERALIZEDTIME_print(out, usage->notAfter); - } - return 1; -} diff --git a/src/lib/libcrypto/x509/x509_pmaps.c b/src/lib/libcrypto/x509/x509_pmaps.c deleted file mode 100644 index 5039f65f2e..0000000000 --- a/src/lib/libcrypto/x509/x509_pmaps.c +++ /dev/null @@ -1,247 +0,0 @@ -/* $OpenBSD: x509_pmaps.c,v 1.6 2024/08/31 10:03:03 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - - -#include - -#include -#include -#include -#include - -#include "x509_local.h" - -static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); -static STACK_OF(CONF_VALUE) *i2v_POLICY_MAPPINGS( - const X509V3_EXT_METHOD *method, void *pmps, STACK_OF(CONF_VALUE) *extlist); - -static const X509V3_EXT_METHOD x509v3_ext_policy_mappings = { - .ext_nid = NID_policy_mappings, - .ext_flags = 0, - .it = &POLICY_MAPPINGS_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = NULL, - .s2i = NULL, - .i2v = i2v_POLICY_MAPPINGS, - .v2i = v2i_POLICY_MAPPINGS, - .i2r = NULL, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_policy_mappings(void) -{ - return &x509v3_ext_policy_mappings; -} - -static const ASN1_TEMPLATE POLICY_MAPPING_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(POLICY_MAPPING, issuerDomainPolicy), - .field_name = "issuerDomainPolicy", - .item = &ASN1_OBJECT_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(POLICY_MAPPING, subjectDomainPolicy), - .field_name = "subjectDomainPolicy", - .item = &ASN1_OBJECT_it, - }, -}; - -const ASN1_ITEM POLICY_MAPPING_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = POLICY_MAPPING_seq_tt, - .tcount = sizeof(POLICY_MAPPING_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(POLICY_MAPPING), - .sname = "POLICY_MAPPING", -}; -LCRYPTO_ALIAS(POLICY_MAPPING_it); - -static const ASN1_TEMPLATE POLICY_MAPPINGS_item_tt = { - .flags = ASN1_TFLG_SEQUENCE_OF, - .tag = 0, - .offset = 0, - .field_name = "POLICY_MAPPINGS", - .item = &POLICY_MAPPING_it, -}; - -const ASN1_ITEM POLICY_MAPPINGS_it = { - .itype = ASN1_ITYPE_PRIMITIVE, - .utype = -1, - .templates = &POLICY_MAPPINGS_item_tt, - .tcount = 0, - .funcs = NULL, - .size = 0, - .sname = "POLICY_MAPPINGS", -}; -LCRYPTO_ALIAS(POLICY_MAPPINGS_it); - - -POLICY_MAPPING * -POLICY_MAPPING_new(void) -{ - return (POLICY_MAPPING*)ASN1_item_new(&POLICY_MAPPING_it); -} -LCRYPTO_ALIAS(POLICY_MAPPING_new); - -void -POLICY_MAPPING_free(POLICY_MAPPING *a) -{ - ASN1_item_free((ASN1_VALUE *)a, &POLICY_MAPPING_it); -} -LCRYPTO_ALIAS(POLICY_MAPPING_free); - -static STACK_OF(CONF_VALUE) * -i2v_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, void *a, - STACK_OF(CONF_VALUE) *extlist) -{ - STACK_OF(CONF_VALUE) *free_extlist = NULL; - POLICY_MAPPINGS *pmaps = a; - POLICY_MAPPING *pmap; - char issuer[80], subject[80]; - int i; - - if (extlist == NULL) { - if ((free_extlist = extlist = sk_CONF_VALUE_new_null()) == NULL) - return NULL; - } - - for (i = 0; i < sk_POLICY_MAPPING_num(pmaps); i++) { - if ((pmap = sk_POLICY_MAPPING_value(pmaps, i)) == NULL) - goto err; - if (!i2t_ASN1_OBJECT(issuer, sizeof issuer, - pmap->issuerDomainPolicy)) - goto err; - if (!i2t_ASN1_OBJECT(subject, sizeof subject, - pmap->subjectDomainPolicy)) - goto err; - if (!X509V3_add_value(issuer, subject, &extlist)) - goto err; - } - - return extlist; - - err: - sk_CONF_VALUE_pop_free(free_extlist, X509V3_conf_free); - - return NULL; -} - -static void * -v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - STACK_OF(CONF_VALUE) *nval) -{ - POLICY_MAPPINGS *pmaps = NULL; - POLICY_MAPPING *pmap = NULL; - ASN1_OBJECT *obj1 = NULL, *obj2 = NULL; - CONF_VALUE *val; - int i, rc; - - if (!(pmaps = sk_POLICY_MAPPING_new_null())) { - X509V3error(ERR_R_MALLOC_FAILURE); - return NULL; - } - - for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { - val = sk_CONF_VALUE_value(nval, i); - if (!val->value || !val->name) { - rc = X509V3_R_INVALID_OBJECT_IDENTIFIER; - goto err; - } - obj1 = OBJ_txt2obj(val->name, 0); - obj2 = OBJ_txt2obj(val->value, 0); - if (!obj1 || !obj2) { - rc = X509V3_R_INVALID_OBJECT_IDENTIFIER; - goto err; - } - pmap = POLICY_MAPPING_new(); - if (!pmap) { - rc = ERR_R_MALLOC_FAILURE; - goto err; - } - pmap->issuerDomainPolicy = obj1; - pmap->subjectDomainPolicy = obj2; - obj1 = obj2 = NULL; - if (sk_POLICY_MAPPING_push(pmaps, pmap) == 0) { - rc = ERR_R_MALLOC_FAILURE; - goto err; - } - pmap = NULL; - } - return pmaps; - -err: - sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); - X509V3error(rc); - if (rc == X509V3_R_INVALID_OBJECT_IDENTIFIER) - X509V3_conf_err(val); - ASN1_OBJECT_free(obj1); - ASN1_OBJECT_free(obj2); - POLICY_MAPPING_free(pmap); - return NULL; -} diff --git a/src/lib/libcrypto/x509/x509_policy.c b/src/lib/libcrypto/x509/x509_policy.c deleted file mode 100644 index d93760755d..0000000000 --- a/src/lib/libcrypto/x509/x509_policy.c +++ /dev/null @@ -1,1018 +0,0 @@ -/* $OpenBSD: x509_policy.c,v 1.31 2025/03/28 13:11:57 tb Exp $ */ -/* - * Copyright (c) 2022, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#include -#include -#include -#include -#include - -#include "stack_local.h" -#include "x509_internal.h" -#include "x509_local.h" - -/* XXX move to proper place */ -#define X509_R_INVALID_POLICY_EXTENSION 201 - -/* - * This file computes the X.509 policy tree, as described in RFC 5280, - * section 6.1 and RFC 9618. It differs in that: - * - * (1) It does not track "qualifier_set". This is not needed as it is not - * output by this implementation. - * - * (2) It builds a directed acyclic graph, rather than a tree. When a given - * policy matches multiple parents, RFC 5280 makes a separate node for - * each parent. This representation condenses them into one node with - * multiple parents. Thus we refer to this structure as a "policy graph", - * rather than a "policy tree". - * - * (3) "expected_policy_set" is not tracked explicitly and built temporarily - * as part of building the graph. - * - * (4) anyPolicy nodes are not tracked explicitly. - * - * (5) Some pruning steps are deferred to when policies are evaluated, as a - * reachability pass. - */ - -/* - * An X509_POLICY_NODE is a node in the policy graph. It corresponds to a node - * from RFC 5280, section 6.1.2, step (a), but we store some fields differently. - */ -typedef struct x509_policy_node_st { - /* policy is the "valid_policy" field from RFC 5280. */ - ASN1_OBJECT *policy; - - /* - * parent_policies, if non-empty, is the list of "valid_policy" values - * for all nodes which are a parent of this node. In this case, no entry - * in this list will be anyPolicy. This list is in no particular order - * and may contain duplicates if the corresponding certificate had - * duplicate mappings. - * - * If empty, this node has a single parent, anyPolicy. The node is then - * a root policies, and is in authorities-constrained-policy-set if it - * has a path to a leaf node. - * - * Note it is not possible for a policy to have both anyPolicy and a - * concrete policy as a parent. Section 6.1.3, step (d.1.ii) only runs - * if there was no match in step (d.1.i). We do not need to represent a - * parent list of, say, {anyPolicy, OID1, OID2}. - */ - STACK_OF(ASN1_OBJECT) *parent_policies; - - /* - * mapped is one if this node matches a policy mapping in the - * certificate and zero otherwise. - */ - int mapped; - - /* - * reachable is one if this node is reachable from some valid policy in - * the end-entity certificate. It is computed during |has_explicit_policy|. - */ - int reachable; -} X509_POLICY_NODE; - -DECLARE_STACK_OF(X509_POLICY_NODE) - -#define sk_X509_POLICY_NODE_new(cmp) SKM_sk_new(X509_POLICY_NODE, (cmp)) -#define sk_X509_POLICY_NODE_new_null() SKM_sk_new_null(X509_POLICY_NODE) -#define sk_X509_POLICY_NODE_free(st) SKM_sk_free(X509_POLICY_NODE, (st)) -#define sk_X509_POLICY_NODE_num(st) SKM_sk_num(X509_POLICY_NODE, (st)) -#define sk_X509_POLICY_NODE_value(st, i) SKM_sk_value(X509_POLICY_NODE, (st), (i)) -#define sk_X509_POLICY_NODE_set(st, i, val) SKM_sk_set(X509_POLICY_NODE, (st), (i), (val)) -#define sk_X509_POLICY_NODE_zero(st) SKM_sk_zero(X509_POLICY_NODE, (st)) -#define sk_X509_POLICY_NODE_push(st, val) SKM_sk_push(X509_POLICY_NODE, (st), (val)) -#define sk_X509_POLICY_NODE_unshift(st, val) SKM_sk_unshift(X509_POLICY_NODE, (st), (val)) -#define sk_X509_POLICY_NODE_find(st, val) SKM_sk_find(X509_POLICY_NODE, (st), (val)) -#define sk_X509_POLICY_NODE_delete(st, i) SKM_sk_delete(X509_POLICY_NODE, (st), (i)) -#define sk_X509_POLICY_NODE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_POLICY_NODE, (st), (ptr)) -#define sk_X509_POLICY_NODE_insert(st, val, i) SKM_sk_insert(X509_POLICY_NODE, (st), (val), (i)) -#define sk_X509_POLICY_NODE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_POLICY_NODE, (st), (cmp)) -#define sk_X509_POLICY_NODE_dup(st) SKM_sk_dup(X509_POLICY_NODE, st) -#define sk_X509_POLICY_NODE_pop_free(st, free_func) SKM_sk_pop_free(X509_POLICY_NODE, (st), (free_func)) -#define sk_X509_POLICY_NODE_shift(st) SKM_sk_shift(X509_POLICY_NODE, (st)) -#define sk_X509_POLICY_NODE_pop(st) SKM_sk_pop(X509_POLICY_NODE, (st)) -#define sk_X509_POLICY_NODE_sort(st) SKM_sk_sort(X509_POLICY_NODE, (st)) -#define sk_X509_POLICY_NODE_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_NODE, (st)) - -/* - * An X509_POLICY_LEVEL is the collection of nodes at the same depth in the - * policy graph. This structure can also be used to represent a level's - * "expected_policy_set" values. See |process_policy_mappings|. - */ -typedef struct x509_policy_level_st { - /* - * nodes is the list of nodes at this depth, except for the anyPolicy - * node, if any. This list is sorted by policy OID for efficient lookup. - */ - STACK_OF(X509_POLICY_NODE) *nodes; - - /* - * has_any_policy is one if there is an anyPolicy node at this depth, - * and zero otherwise. - */ - int has_any_policy; -} X509_POLICY_LEVEL; - -DECLARE_STACK_OF(X509_POLICY_LEVEL) - -#define sk_X509_POLICY_LEVEL_new(cmp) SKM_sk_new(X509_POLICY_LEVEL, (cmp)) -#define sk_X509_POLICY_LEVEL_new_null() SKM_sk_new_null(X509_POLICY_LEVEL) -#define sk_X509_POLICY_LEVEL_free(st) SKM_sk_free(X509_POLICY_LEVEL, (st)) -#define sk_X509_POLICY_LEVEL_num(st) SKM_sk_num(X509_POLICY_LEVEL, (st)) -#define sk_X509_POLICY_LEVEL_value(st, i) SKM_sk_value(X509_POLICY_LEVEL, (st), (i)) -#define sk_X509_POLICY_LEVEL_set(st, i, val) SKM_sk_set(X509_POLICY_LEVEL, (st), (i), (val)) -#define sk_X509_POLICY_LEVEL_zero(st) SKM_sk_zero(X509_POLICY_LEVEL, (st)) -#define sk_X509_POLICY_LEVEL_push(st, val) SKM_sk_push(X509_POLICY_LEVEL, (st), (val)) -#define sk_X509_POLICY_LEVEL_unshift(st, val) SKM_sk_unshift(X509_POLICY_LEVEL, (st), (val)) -#define sk_X509_POLICY_LEVEL_find(st, val) SKM_sk_find(X509_POLICY_LEVEL, (st), (val)) -#define sk_X509_POLICY_LEVEL_delete(st, i) SKM_sk_delete(X509_POLICY_LEVEL, (st), (i)) -#define sk_X509_POLICY_LEVEL_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_POLICY_LEVEL, (st), (ptr)) -#define sk_X509_POLICY_LEVEL_insert(st, val, i) SKM_sk_insert(X509_POLICY_LEVEL, (st), (val), (i)) -#define sk_X509_POLICY_LEVEL_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_POLICY_LEVEL, (st), (cmp)) -#define sk_X509_POLICY_LEVEL_dup(st) SKM_sk_dup(X509_POLICY_LEVEL, st) -#define sk_X509_POLICY_LEVEL_pop_free(st, free_func) SKM_sk_pop_free(X509_POLICY_LEVEL, (st), (free_func)) -#define sk_X509_POLICY_LEVEL_shift(st) SKM_sk_shift(X509_POLICY_LEVEL, (st)) -#define sk_X509_POLICY_LEVEL_pop(st) SKM_sk_pop(X509_POLICY_LEVEL, (st)) -#define sk_X509_POLICY_LEVEL_sort(st) SKM_sk_sort(X509_POLICY_LEVEL, (st)) -#define sk_X509_POLICY_LEVEL_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_LEVEL, (st)) - -/* - * Don't look Ethel, but you would really not want to look if we did - * this the OpenSSL way either, and we are not using this boringsslism - * anywhere else. Callers should ensure that the stack in data is sorted. - */ -void -sk_X509_POLICY_NODE_delete_if(STACK_OF(X509_POLICY_NODE) *nodes, - int (*delete_if)(X509_POLICY_NODE *, void *), void *data) -{ - _STACK *sk = (_STACK *)nodes; - X509_POLICY_NODE *node; - int new_num = 0; - int i; - - for (i = 0; i < sk_X509_POLICY_NODE_num(nodes); i++) { - node = sk_X509_POLICY_NODE_value(nodes, i); - if (!delete_if(node, data)) - sk->data[new_num++] = (char *)node; - } - sk->num = new_num; -} - -static int -is_any_policy(const ASN1_OBJECT *obj) -{ - return OBJ_obj2nid(obj) == NID_any_policy; -} - -static void -x509_policy_node_free(X509_POLICY_NODE *node) -{ - if (node == NULL) - return; - - ASN1_OBJECT_free(node->policy); - sk_ASN1_OBJECT_pop_free(node->parent_policies, ASN1_OBJECT_free); - free(node); -} - -static X509_POLICY_NODE * -x509_policy_node_new(const ASN1_OBJECT *policy) -{ - X509_POLICY_NODE *node = NULL; - - if (is_any_policy(policy)) - goto err; - if ((node = calloc(1, sizeof(*node))) == NULL) - goto err; - if ((node->policy = OBJ_dup(policy)) == NULL) - goto err; - if ((node->parent_policies = sk_ASN1_OBJECT_new_null()) == NULL) - goto err; - - return node; - - err: - x509_policy_node_free(node); - return NULL; -} - -static int -x509_policy_node_cmp(const X509_POLICY_NODE *const *a, - const X509_POLICY_NODE *const *b) -{ - return OBJ_cmp((*a)->policy, (*b)->policy); -} - -static void -x509_policy_level_free(X509_POLICY_LEVEL *level) -{ - if (level == NULL) - return; - - sk_X509_POLICY_NODE_pop_free(level->nodes, x509_policy_node_free); - free(level); -} - -static X509_POLICY_LEVEL * -x509_policy_level_new(void) -{ - X509_POLICY_LEVEL *level; - - if ((level = calloc(1, sizeof(*level))) == NULL) - goto err; - level->nodes = sk_X509_POLICY_NODE_new(x509_policy_node_cmp); - if (level->nodes == NULL) - goto err; - - return level; - - err: - x509_policy_level_free(level); - return NULL; -} - -static int -x509_policy_level_is_empty(const X509_POLICY_LEVEL *level) -{ - if (level->has_any_policy) - return 0; - - return sk_X509_POLICY_NODE_num(level->nodes) == 0; -} - -static void -x509_policy_level_clear(X509_POLICY_LEVEL *level) -{ - X509_POLICY_NODE *node; - int i; - - level->has_any_policy = 0; - for (i = 0; i < sk_X509_POLICY_NODE_num(level->nodes); i++) { - node = sk_X509_POLICY_NODE_value(level->nodes, i); - x509_policy_node_free(node); - } - sk_X509_POLICY_NODE_zero(level->nodes); -} - -/* - * x509_policy_level_find returns the node in |level| corresponding to |policy|, - * or NULL if none exists. Callers should ensure that level->nodes is sorted - * to avoid the cost of sorting it in sk_find(). - */ -static X509_POLICY_NODE * -x509_policy_level_find(X509_POLICY_LEVEL *level, const ASN1_OBJECT *policy) -{ - X509_POLICY_NODE node; - node.policy = (ASN1_OBJECT *)policy; - int idx; - - if ((idx = sk_X509_POLICY_NODE_find(level->nodes, &node)) < 0) - return NULL; - return sk_X509_POLICY_NODE_value(level->nodes, idx); -} - -/* - * x509_policy_level_add_nodes adds the nodes in |nodes| to |level|. It returns - * one on success and zero on error. No policy in |nodes| may already be present - * in |level|. This function modifies |nodes| to avoid making a copy, but the - * caller is still responsible for releasing |nodes| itself. - * - * This function is used to add nodes to |level| in bulk, and avoid resorting - * |level| after each addition. - */ -static int -x509_policy_level_add_nodes(X509_POLICY_LEVEL *level, - STACK_OF(X509_POLICY_NODE) *nodes) -{ - int i; - - for (i = 0; i < sk_X509_POLICY_NODE_num(nodes); i++) { - X509_POLICY_NODE *node = sk_X509_POLICY_NODE_value(nodes, i); - if (!sk_X509_POLICY_NODE_push(level->nodes, node)) - return 0; - sk_X509_POLICY_NODE_set(nodes, i, NULL); - } - sk_X509_POLICY_NODE_sort(level->nodes); - - return 1; -} - -static int -policyinfo_cmp(const POLICYINFO *const *a, - const POLICYINFO *const *b) -{ - return OBJ_cmp((*a)->policyid, (*b)->policyid); -} - -static int -delete_if_not_in_policies(X509_POLICY_NODE *node, void *data) -{ - const CERTIFICATEPOLICIES *policies = data; - POLICYINFO info; - info.policyid = node->policy; - - if (sk_POLICYINFO_find(policies, &info) >= 0) - return 0; - x509_policy_node_free(node); - return 1; -} - -/* - * process_certificate_policies updates |level| to incorporate |x509|'s - * certificate policies extension. This implements steps (d) and (e) of RFC - * 5280, section 6.1.3. |level| must contain the previous level's - * "expected_policy_set" information. For all but the top-most level, this is - * the output of |process_policy_mappings|. |any_policy_allowed| specifies - * whether anyPolicy is allowed or inhibited, taking into account the exception - * for self-issued certificates. - */ -static int -process_certificate_policies(const X509 *x509, X509_POLICY_LEVEL *level, - int any_policy_allowed) -{ - STACK_OF(X509_POLICY_NODE) *new_nodes = NULL; - CERTIFICATEPOLICIES *policies; - const POLICYINFO *policy; - X509_POLICY_NODE *node; - int cert_has_any_policy, critical, i, previous_level_has_any_policy; - int ret = 0; - - policies = X509_get_ext_d2i(x509, NID_certificate_policies, &critical, - NULL); - if (policies == NULL) { - if (critical != -1) - return 0; /* Syntax error in the extension. */ - - /* RFC 5280, section 6.1.3, step (e). */ - x509_policy_level_clear(level); - return 1; - } - - /* - * certificatePolicies may not be empty. See RFC 5280, section 4.2.1.4. - * TODO(https://crbug.com/boringssl/443): Move this check into the parser. - */ - if (sk_POLICYINFO_num(policies) == 0) { - X509error(X509_R_INVALID_POLICY_EXTENSION); - goto err; - } - - (void)sk_POLICYINFO_set_cmp_func(policies, policyinfo_cmp); - sk_POLICYINFO_sort(policies); - cert_has_any_policy = 0; - for (i = 0; i < sk_POLICYINFO_num(policies); i++) { - policy = sk_POLICYINFO_value(policies, i); - if (is_any_policy(policy->policyid)) - cert_has_any_policy = 1; - if (i > 0 && - OBJ_cmp(sk_POLICYINFO_value(policies, i - 1)->policyid, - policy->policyid) == 0) { - /* - * Per RFC 5280, section 4.2.1.4, |policies| may not - * have duplicates. - */ - X509error(X509_R_INVALID_POLICY_EXTENSION); - goto err; - } - } - - /* - * This does the same thing as RFC 5280, section 6.1.3, step (d), - * though in a slightly different order. |level| currently contains - * "expected_policy_set" values of the previous level. - * See |process_policy_mappings| for details. - */ - previous_level_has_any_policy = level->has_any_policy; - - /* - * First, we handle steps (d.1.i) and (d.2). The net effect of these - * two steps is to intersect |level| with |policies|, ignoring - * anyPolicy if it is inhibited. - */ - if (!cert_has_any_policy || !any_policy_allowed) { - if (!sk_POLICYINFO_is_sorted(policies)) - goto err; - sk_X509_POLICY_NODE_delete_if(level->nodes, - delete_if_not_in_policies, policies); - level->has_any_policy = 0; - } - - /* - * Step (d.1.ii) may attach new nodes to the previous level's anyPolicy - * node. - */ - if (previous_level_has_any_policy) { - new_nodes = sk_X509_POLICY_NODE_new_null(); - if (new_nodes == NULL) - goto err; - for (i = 0; i < sk_POLICYINFO_num(policies); i++) { - policy = sk_POLICYINFO_value(policies, i); - /* - * Though we've reordered the steps slightly, |policy| - * is in |level| if and only if it would have been a - * match in step (d.1.ii). - */ - if (is_any_policy(policy->policyid)) - continue; - if (!sk_X509_POLICY_NODE_is_sorted(level->nodes)) - goto err; - if (x509_policy_level_find(level, policy->policyid) != NULL) - continue; - node = x509_policy_node_new(policy->policyid); - if (node == NULL || - !sk_X509_POLICY_NODE_push(new_nodes, node)) { - x509_policy_node_free(node); - goto err; - } - } - if (!x509_policy_level_add_nodes(level, new_nodes)) - goto err; - } - - ret = 1; - -err: - sk_X509_POLICY_NODE_pop_free(new_nodes, x509_policy_node_free); - CERTIFICATEPOLICIES_free(policies); - return ret; -} - -static int -compare_issuer_policy(const POLICY_MAPPING *const *a, - const POLICY_MAPPING *const *b) -{ - return OBJ_cmp((*a)->issuerDomainPolicy, (*b)->issuerDomainPolicy); -} - -static int -compare_subject_policy(const POLICY_MAPPING *const *a, - const POLICY_MAPPING *const *b) -{ - return OBJ_cmp((*a)->subjectDomainPolicy, (*b)->subjectDomainPolicy); -} - -static int -delete_if_mapped(X509_POLICY_NODE *node, void *data) -{ - const POLICY_MAPPINGS *mappings = data; - POLICY_MAPPING mapping; - mapping.issuerDomainPolicy = node->policy; - if (sk_POLICY_MAPPING_find(mappings, &mapping) < 0) - return 0; - x509_policy_node_free(node); - return 1; -} - -/* - * process_policy_mappings processes the policy mappings extension of |cert|, - * whose corresponding graph level is |level|. |mapping_allowed| specifies - * whether policy mapping is inhibited at this point. On success, it returns an - * |X509_POLICY_LEVEL| containing the "expected_policy_set" for |level|. On - * error, it returns NULL. This implements steps (a) and (b) of RFC 5280, - * section 6.1.4. - * - * We represent the "expected_policy_set" as an |X509_POLICY_LEVEL|. - * |has_any_policy| indicates whether there is an anyPolicy node with - * "expected_policy_set" of {anyPolicy}. If a node with policy oid P1 contains - * P2 in its "expected_policy_set", the level will contain a node of policy P2 - * with P1 in |parent_policies|. - * - * This is equivalent to the |X509_POLICY_LEVEL| that would result if the next - * certificate contained anyPolicy. |process_certificate_policies| will filter - * this result down to compute the actual level. - */ -static X509_POLICY_LEVEL * -process_policy_mappings(const X509 *cert, - X509_POLICY_LEVEL *level, - int mapping_allowed) -{ - STACK_OF(X509_POLICY_NODE) *new_nodes = NULL; - POLICY_MAPPINGS *mappings; - const ASN1_OBJECT *last_policy; - POLICY_MAPPING *mapping; - X509_POLICY_LEVEL *next = NULL; - X509_POLICY_NODE *node; - int critical, i; - int ok = 0; - - mappings = X509_get_ext_d2i(cert, NID_policy_mappings, &critical, NULL); - if (mappings == NULL && critical != -1) { - /* Syntax error in the policy mappings extension. */ - goto err; - } - - if (mappings != NULL) { - /* - * PolicyMappings may not be empty. See RFC 5280, section 4.2.1.5. - * TODO(https://crbug.com/boringssl/443): Move this check into - * the parser. - */ - if (sk_POLICY_MAPPING_num(mappings) == 0) { - X509error(X509_R_INVALID_POLICY_EXTENSION); - goto err; - } - - /* RFC 5280, section 6.1.4, step (a). */ - for (i = 0; i < sk_POLICY_MAPPING_num(mappings); i++) { - mapping = sk_POLICY_MAPPING_value(mappings, i); - if (is_any_policy(mapping->issuerDomainPolicy) || - is_any_policy(mapping->subjectDomainPolicy)) - goto err; - } - - /* Sort to group by issuerDomainPolicy. */ - (void)sk_POLICY_MAPPING_set_cmp_func(mappings, - compare_issuer_policy); - sk_POLICY_MAPPING_sort(mappings); - - if (mapping_allowed) { - /* - * Mark nodes as mapped, and add any nodes to |level| - * which may be needed as part of RFC 5280, - * section 6.1.4, step (b.1). - */ - new_nodes = sk_X509_POLICY_NODE_new_null(); - if (new_nodes == NULL) - goto err; - last_policy = NULL; - for (i = 0; i < sk_POLICY_MAPPING_num(mappings); i++) { - mapping = sk_POLICY_MAPPING_value(mappings, i); - /* - * There may be multiple mappings with the same - * |issuerDomainPolicy|. - */ - if (last_policy != NULL && - OBJ_cmp(mapping->issuerDomainPolicy, - last_policy) == 0) - continue; - last_policy = mapping->issuerDomainPolicy; - - if (!sk_X509_POLICY_NODE_is_sorted(level->nodes)) - goto err; - node = x509_policy_level_find(level, - mapping->issuerDomainPolicy); - if (node == NULL) { - if (!level->has_any_policy) - continue; - node = x509_policy_node_new( - mapping->issuerDomainPolicy); - if (node == NULL || - !sk_X509_POLICY_NODE_push(new_nodes, - node)) { - x509_policy_node_free(node); - goto err; - } - } - node->mapped = 1; - } - if (!x509_policy_level_add_nodes(level, new_nodes)) - goto err; - } else { - /* - * RFC 5280, section 6.1.4, step (b.2). If mapping is - * inhibited, delete all mapped nodes. - */ - if (!sk_POLICY_MAPPING_is_sorted(mappings)) - goto err; - sk_X509_POLICY_NODE_delete_if(level->nodes, - delete_if_mapped, mappings); - sk_POLICY_MAPPING_pop_free(mappings, - POLICY_MAPPING_free); - mappings = NULL; - } - } - - /* - * If a node was not mapped, it retains the original "explicit_policy_set" - * value, itself. Add those to |mappings|. - */ - if (mappings == NULL) { - mappings = sk_POLICY_MAPPING_new_null(); - if (mappings == NULL) - goto err; - } - for (i = 0; i < sk_X509_POLICY_NODE_num(level->nodes); i++) { - node = sk_X509_POLICY_NODE_value(level->nodes, i); - if (!node->mapped) { - mapping = POLICY_MAPPING_new(); - if (mapping == NULL) - goto err; - mapping->issuerDomainPolicy = OBJ_dup(node->policy); - mapping->subjectDomainPolicy = OBJ_dup(node->policy); - if (mapping->issuerDomainPolicy == NULL || - mapping->subjectDomainPolicy == NULL || - !sk_POLICY_MAPPING_push(mappings, mapping)) { - POLICY_MAPPING_free(mapping); - goto err; - } - } - } - - /* Sort to group by subjectDomainPolicy. */ - (void)sk_POLICY_MAPPING_set_cmp_func(mappings, compare_subject_policy); - sk_POLICY_MAPPING_sort(mappings); - - /* Convert |mappings| to our "expected_policy_set" representation. */ - next = x509_policy_level_new(); - if (next == NULL) - goto err; - next->has_any_policy = level->has_any_policy; - - X509_POLICY_NODE *last_node = NULL; - for (i = 0; i < sk_POLICY_MAPPING_num(mappings); i++) { - mapping = sk_POLICY_MAPPING_value(mappings, i); - /* - * Skip mappings where |issuerDomainPolicy| does not appear in - * the graph. - */ - if (!level->has_any_policy) { - if (!sk_X509_POLICY_NODE_is_sorted(level->nodes)) - goto err; - if (x509_policy_level_find(level, - mapping->issuerDomainPolicy) == NULL) - continue; - } - - if (last_node == NULL || - OBJ_cmp(last_node->policy, mapping->subjectDomainPolicy) != - 0) { - last_node = x509_policy_node_new( - mapping->subjectDomainPolicy); - if (last_node == NULL || - !sk_X509_POLICY_NODE_push(next->nodes, last_node)) { - x509_policy_node_free(last_node); - goto err; - } - } - - if (!sk_ASN1_OBJECT_push(last_node->parent_policies, - mapping->issuerDomainPolicy)) - goto err; - mapping->issuerDomainPolicy = NULL; - } - - sk_X509_POLICY_NODE_sort(next->nodes); - ok = 1; - -err: - if (!ok) { - x509_policy_level_free(next); - next = NULL; - } - - sk_POLICY_MAPPING_pop_free(mappings, POLICY_MAPPING_free); - sk_X509_POLICY_NODE_pop_free(new_nodes, x509_policy_node_free); - return next; -} - -/* - * apply_skip_certs, if |skip_certs| is non-NULL, sets |*value| to the minimum - * of its current value and |skip_certs|. It returns one on success and zero if - * |skip_certs| is negative. - */ -static int -apply_skip_certs(const ASN1_INTEGER *skip_certs, size_t *value) -{ - if (skip_certs == NULL) - return 1; - - /* TODO(https://crbug.com/boringssl/443): Move this check into the parser. */ - if (skip_certs->type & V_ASN1_NEG) { - X509error(X509_R_INVALID_POLICY_EXTENSION); - return 0; - } - - /* If |skip_certs| does not fit in |uint64_t|, it must exceed |*value|. */ - uint64_t u64; - if (ASN1_INTEGER_get_uint64(&u64, skip_certs) && u64 < *value) - *value = (size_t)u64; - ERR_clear_error(); - return 1; -} - -/* - * process_policy_constraints updates |*explicit_policy|, |*policy_mapping|, and - * |*inhibit_any_policy| according to |x509|'s policy constraints and inhibit - * anyPolicy extensions. It returns one on success and zero on error. This - * implements steps (i) and (j) of RFC 5280, section 6.1.4. - */ -static int -process_policy_constraints(const X509 *x509, size_t *explicit_policy, - size_t *policy_mapping, - size_t *inhibit_any_policy) -{ - ASN1_INTEGER *inhibit_any_policy_ext; - POLICY_CONSTRAINTS *constraints; - int critical; - int ok = 0; - - constraints = X509_get_ext_d2i(x509, NID_policy_constraints, &critical, - NULL); - if (constraints == NULL && critical != -1) - return 0; - if (constraints != NULL) { - if (constraints->requireExplicitPolicy == NULL && - constraints->inhibitPolicyMapping == NULL) { - /* - * Per RFC 5280, section 4.2.1.11, at least one of the - * fields must be - */ - X509error(X509_R_INVALID_POLICY_EXTENSION); - POLICY_CONSTRAINTS_free(constraints); - return 0; - } - ok = apply_skip_certs(constraints->requireExplicitPolicy, - explicit_policy) && - apply_skip_certs(constraints->inhibitPolicyMapping, - policy_mapping); - POLICY_CONSTRAINTS_free(constraints); - if (!ok) - return 0; - } - - inhibit_any_policy_ext = X509_get_ext_d2i(x509, NID_inhibit_any_policy, - &critical, NULL); - if (inhibit_any_policy_ext == NULL && critical != -1) - return 0; - ok = apply_skip_certs(inhibit_any_policy_ext, inhibit_any_policy); - ASN1_INTEGER_free(inhibit_any_policy_ext); - return ok; -} - -/* - * has_explicit_policy returns one if the set of authority-space policy OIDs - * |levels| has some non-empty intersection with |user_policies|, and zero - * otherwise. This mirrors the logic in RFC 5280, section 6.1.5, step (g). This - * function modifies |levels| and should only be called at the end of policy - * evaluation. - */ -static int -has_explicit_policy(STACK_OF(X509_POLICY_LEVEL) *levels, - const STACK_OF(ASN1_OBJECT) *user_policies) -{ - X509_POLICY_LEVEL *level, *prev; - X509_POLICY_NODE *node, *parent; - int num_levels, user_has_any_policy; - int i, j, k; - - if (!sk_ASN1_OBJECT_is_sorted(user_policies)) - return 0; - - /* Step (g.i). If the policy graph is empty, the intersection is empty. */ - num_levels = sk_X509_POLICY_LEVEL_num(levels); - level = sk_X509_POLICY_LEVEL_value(levels, num_levels - 1); - if (x509_policy_level_is_empty(level)) - return 0; - - /* - * If |user_policies| is empty, we interpret it as having a single - * anyPolicy value. The caller may also have supplied anyPolicy - * explicitly. - */ - user_has_any_policy = sk_ASN1_OBJECT_num(user_policies) <= 0; - for (i = 0; i < sk_ASN1_OBJECT_num(user_policies); i++) { - if (is_any_policy(sk_ASN1_OBJECT_value(user_policies, i))) { - user_has_any_policy = 1; - break; - } - } - - /* - * Step (g.ii). If the policy graph is not empty and the user set - * contains anyPolicy, the intersection is the entire (non-empty) graph. - */ - if (user_has_any_policy) - return 1; - - /* - * Step (g.iii) does not delete anyPolicy nodes, so if the graph has - * anyPolicy, some explicit policy will survive. The actual intersection - * may synthesize some nodes in step (g.iii.3), but we do not return the - * policy list itself, so we skip actually computing this. - */ - if (level->has_any_policy) - return 1; - - /* - * We defer pruning the tree, so as we look for nodes with parent - * anyPolicy, step (g.iii.1), we must limit to nodes reachable from the - * bottommost level. Start by marking each of those nodes as reachable. - */ - for (i = 0; i < sk_X509_POLICY_NODE_num(level->nodes); i++) - sk_X509_POLICY_NODE_value(level->nodes, i)->reachable = 1; - - for (i = num_levels - 1; i >= 0; i--) { - level = sk_X509_POLICY_LEVEL_value(levels, i); - for (j = 0; j < sk_X509_POLICY_NODE_num(level->nodes); j++) { - node = sk_X509_POLICY_NODE_value(level->nodes, j); - if (!node->reachable) - continue; - if (sk_ASN1_OBJECT_num(node->parent_policies) == 0) { - /* - * |node|'s parent is anyPolicy and is part of - * "valid_policy_node_set". If it exists in - * |user_policies|, the intersection is - * non-empty and we * can return immediately. - */ - if (sk_ASN1_OBJECT_find(user_policies, - node->policy) >= 0) - return 1; - } else if (i > 0) { - int num_parent_policies = - sk_ASN1_OBJECT_num(node->parent_policies); - /* - * |node|'s parents are concrete policies. Mark - * the parents reachable, to be inspected by the - * next loop iteration. - */ - prev = sk_X509_POLICY_LEVEL_value(levels, i - 1); - for (k = 0; k < num_parent_policies; k++) { - if (!sk_X509_POLICY_NODE_is_sorted(prev->nodes)) - return 0; - parent = x509_policy_level_find(prev, - sk_ASN1_OBJECT_value(node->parent_policies, - k)); - if (parent != NULL) - parent->reachable = 1; - } - } - } - } - - return 0; -} - -static int -asn1_object_cmp(const ASN1_OBJECT *const *a, const ASN1_OBJECT *const *b) -{ - return OBJ_cmp(*a, *b); -} - -int -X509_policy_check(const STACK_OF(X509) *certs, - const STACK_OF(ASN1_OBJECT) *user_policies, - unsigned long flags, X509 **out_current_cert) -{ - *out_current_cert = NULL; - int ret = X509_V_ERR_OUT_OF_MEM; - X509 *cert; - X509_POLICY_LEVEL *level = NULL; - X509_POLICY_LEVEL *current_level; - STACK_OF(X509_POLICY_LEVEL) *levels = NULL; - STACK_OF(ASN1_OBJECT) *user_policies_sorted = NULL; - int num_certs = sk_X509_num(certs); - int is_self_issued, any_policy_allowed; - int i; - - /* Skip policy checking if the chain is just the trust anchor. */ - if (num_certs <= 1) - return X509_V_OK; - - /* See RFC 5280, section 6.1.2, steps (d) through (f). */ - size_t explicit_policy = - (flags & X509_V_FLAG_EXPLICIT_POLICY) ? 0 : num_certs + 1; - size_t inhibit_any_policy = - (flags & X509_V_FLAG_INHIBIT_ANY) ? 0 : num_certs + 1; - size_t policy_mapping = - (flags & X509_V_FLAG_INHIBIT_MAP) ? 0 : num_certs + 1; - - levels = sk_X509_POLICY_LEVEL_new_null(); - if (levels == NULL) - goto err; - - for (i = num_certs - 2; i >= 0; i--) { - cert = sk_X509_value(certs, i); - if (!x509v3_cache_extensions(cert)) - goto err; - is_self_issued = (cert->ex_flags & EXFLAG_SI) != 0; - - if (level == NULL) { - if (i != num_certs - 2) - goto err; - level = x509_policy_level_new(); - if (level == NULL) - goto err; - level->has_any_policy = 1; - } - - /* - * RFC 5280, section 6.1.3, steps (d) and (e). |any_policy_allowed| - * is computed as in step (d.2). - */ - any_policy_allowed = - inhibit_any_policy > 0 || (i > 0 && is_self_issued); - if (!process_certificate_policies(cert, level, - any_policy_allowed)) { - ret = X509_V_ERR_INVALID_POLICY_EXTENSION; - *out_current_cert = cert; - goto err; - } - - /* RFC 5280, section 6.1.3, step (f). */ - if (explicit_policy == 0 && x509_policy_level_is_empty(level)) { - ret = X509_V_ERR_NO_EXPLICIT_POLICY; - goto err; - } - - /* Insert into the list. */ - if (!sk_X509_POLICY_LEVEL_push(levels, level)) - goto err; - current_level = level; - level = NULL; - - /* - * If this is not the leaf certificate, we go to section 6.1.4. - * If it is the leaf certificate, we go to section 6.1.5 instead. - */ - if (i != 0) { - /* RFC 5280, section 6.1.4, steps (a) and (b). */ - level = process_policy_mappings(cert, current_level, - policy_mapping > 0); - if (level == NULL) { - ret = X509_V_ERR_INVALID_POLICY_EXTENSION; - *out_current_cert = cert; - goto err; - } - } - - /* - * RFC 5280, section 6.1.4, step (h-j) for non-leaves, and - * section 6.1.5, step (a-b) for leaves. In the leaf case, - * RFC 5280 says only to update |explicit_policy|, but - * |policy_mapping| and |inhibit_any_policy| are no - * longer read at this point, so we use the same process. - */ - if (i == 0 || !is_self_issued) { - if (explicit_policy > 0) - explicit_policy--; - if (policy_mapping > 0) - policy_mapping--; - if (inhibit_any_policy > 0) - inhibit_any_policy--; - } - if (!process_policy_constraints(cert, &explicit_policy, - &policy_mapping, &inhibit_any_policy)) { - ret = X509_V_ERR_INVALID_POLICY_EXTENSION; - *out_current_cert = cert; - goto err; - } - } - - /* - * RFC 5280, section 6.1.5, step (g). We do not output the policy set, - * so it is only necessary to check if the user-constrained-policy-set - * is not empty. - */ - if (explicit_policy == 0) { - /* - * Build a sorted copy of |user_policies| for more efficient - * lookup. - */ - if (user_policies != NULL) { - user_policies_sorted = sk_ASN1_OBJECT_dup( - user_policies); - if (user_policies_sorted == NULL) - goto err; - (void)sk_ASN1_OBJECT_set_cmp_func(user_policies_sorted, - asn1_object_cmp); - sk_ASN1_OBJECT_sort(user_policies_sorted); - } - - if (!has_explicit_policy(levels, user_policies_sorted)) { - ret = X509_V_ERR_NO_EXPLICIT_POLICY; - goto err; - } - } - - ret = X509_V_OK; - -err: - x509_policy_level_free(level); - /* - * |user_policies_sorted|'s contents are owned by |user_policies|, so - * we do not use |sk_ASN1_OBJECT_pop_free|. - */ - sk_ASN1_OBJECT_free(user_policies_sorted); - sk_X509_POLICY_LEVEL_pop_free(levels, x509_policy_level_free); - return ret; -} diff --git a/src/lib/libcrypto/x509/x509_prn.c b/src/lib/libcrypto/x509/x509_prn.c deleted file mode 100644 index 3bf7c803e5..0000000000 --- a/src/lib/libcrypto/x509/x509_prn.c +++ /dev/null @@ -1,231 +0,0 @@ -/* $OpenBSD: x509_prn.c,v 1.6 2023/05/08 05:30:38 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* X509 v3 extension utilities */ - -#include - -#include -#include - -#include "x509_local.h" - -/* Extension printing routines */ - -static int unknown_ext_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, - int indent, int supported); - -/* Print out a name+value stack */ - -void -X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, int ml) -{ - int i; - CONF_VALUE *nval; - - if (!val) - return; - if (!ml || !sk_CONF_VALUE_num(val)) { - BIO_printf(out, "%*s", indent, ""); - if (!sk_CONF_VALUE_num(val)) - BIO_puts(out, "\n"); - } - for (i = 0; i < sk_CONF_VALUE_num(val); i++) { - if (ml) - BIO_printf(out, "%*s", indent, ""); - else if (i > 0) BIO_printf(out, ", "); - nval = sk_CONF_VALUE_value(val, i); - if (!nval->name) - BIO_puts(out, nval->value); - else if (!nval->value) - BIO_puts(out, nval->name); - else - BIO_printf(out, "%s:%s", nval->name, nval->value); - if (ml) - BIO_puts(out, "\n"); - } -} -LCRYPTO_ALIAS(X509V3_EXT_val_prn); - -/* Main routine: print out a general extension */ - -int -X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent) -{ - void *ext_str = NULL; - char *value = NULL; - const unsigned char *p; - const X509V3_EXT_METHOD *method; - STACK_OF(CONF_VALUE) *nval = NULL; - int ok = 1; - - if (!(method = X509V3_EXT_get(ext))) - return unknown_ext_print(out, ext, flag, indent, 0); - p = ext->value->data; - if (method->it) - ext_str = ASN1_item_d2i(NULL, &p, ext->value->length, - method->it); - else - ext_str = method->d2i(NULL, &p, ext->value->length); - - if (!ext_str) - return unknown_ext_print(out, ext, flag, indent, 1); - - if (method->i2s) { - if (!(value = method->i2s(method, ext_str))) { - ok = 0; - goto err; - } - BIO_printf(out, "%*s%s", indent, "", value); - } else if (method->i2v) { - if (!(nval = method->i2v(method, ext_str, NULL))) { - ok = 0; - goto err; - } - X509V3_EXT_val_prn(out, nval, indent, - method->ext_flags & X509V3_EXT_MULTILINE); - } else if (method->i2r) { - if (!method->i2r(method, ext_str, out, indent)) - ok = 0; - } else - ok = 0; - -err: - sk_CONF_VALUE_pop_free(nval, X509V3_conf_free); - free(value); - if (method->it) - ASN1_item_free(ext_str, method->it); - else - method->ext_free(ext_str); - return ok; -} -LCRYPTO_ALIAS(X509V3_EXT_print); - -int -X509V3_extensions_print(BIO *bp, const char *title, - const STACK_OF(X509_EXTENSION) *exts, unsigned long flag, int indent) -{ - int i, j; - - if (sk_X509_EXTENSION_num(exts) <= 0) - return 1; - - if (title) { - BIO_printf(bp, "%*s%s:\n",indent, "", title); - indent += 4; - } - - for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) { - ASN1_OBJECT *obj; - X509_EXTENSION *ex; - ex = sk_X509_EXTENSION_value(exts, i); - if (indent && BIO_printf(bp, "%*s",indent, "") <= 0) - return 0; - obj = X509_EXTENSION_get_object(ex); - i2a_ASN1_OBJECT(bp, obj); - j = X509_EXTENSION_get_critical(ex); - if (BIO_printf(bp, ":%s\n", j ? " critical" : "") <= 0) - return 0; - if (!X509V3_EXT_print(bp, ex, flag, indent + 4)) { - BIO_printf(bp, "%*s", indent + 4, ""); - ASN1_STRING_print(bp, ex->value); - } - if (BIO_write(bp, "\n",1) <= 0) - return 0; - } - return 1; -} -LCRYPTO_ALIAS(X509V3_extensions_print); - -static int -unknown_ext_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, - int indent, int supported) -{ - switch (flag & X509V3_EXT_UNKNOWN_MASK) { - case X509V3_EXT_DEFAULT: - return 0; - case X509V3_EXT_ERROR_UNKNOWN: - if (supported) - BIO_printf(out, "%*s", indent, ""); - else - BIO_printf(out, "%*s", indent, ""); - return 1; - case X509V3_EXT_PARSE_UNKNOWN: - return ASN1_parse_dump(out, - ext->value->data, ext->value->length, indent, -1); - case X509V3_EXT_DUMP_UNKNOWN: - return BIO_dump_indent(out, (char *)ext->value->data, - ext->value->length, indent); - default: - return 1; - } -} - - -int -X509V3_EXT_print_fp(FILE *fp, X509_EXTENSION *ext, int flag, int indent) -{ - BIO *bio_tmp; - int ret; - - if (!(bio_tmp = BIO_new_fp(fp, BIO_NOCLOSE))) - return 0; - ret = X509V3_EXT_print(bio_tmp, ext, flag, indent); - BIO_free(bio_tmp); - return ret; -} -LCRYPTO_ALIAS(X509V3_EXT_print_fp); diff --git a/src/lib/libcrypto/x509/x509_purp.c b/src/lib/libcrypto/x509/x509_purp.c deleted file mode 100644 index 619a4b890a..0000000000 --- a/src/lib/libcrypto/x509/x509_purp.c +++ /dev/null @@ -1,930 +0,0 @@ -/* $OpenBSD: x509_purp.c,v 1.43 2024/07/12 18:15:10 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2001. - */ -/* ==================================================================== - * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include - -#include -#include -#include - -#include "x509_internal.h" -#include "x509_local.h" - -struct x509_purpose_st { - int purpose; - int trust; /* Default trust ID */ - int flags; - int (*check_purpose)(const struct x509_purpose_st *, const X509 *, int); - char *name; - char *sname; - void *usr_data; -} /* X509_PURPOSE */; - -#define V1_ROOT (EXFLAG_V1|EXFLAG_SS) -#define ku_reject(x, usage) \ - (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage))) -#define xku_reject(x, usage) \ - (((x)->ex_flags & EXFLAG_XKUSAGE) && !((x)->ex_xkusage & (usage))) -#define ns_reject(x, usage) \ - (((x)->ex_flags & EXFLAG_NSCERT) && !((x)->ex_nscert & (usage))) - -static int check_ssl_ca(const X509 *x); -static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x, - int ca); -static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x, - int ca); -static int check_purpose_ns_ssl_server(const X509_PURPOSE *xp, const X509 *x, - int ca); -static int purpose_smime(const X509 *x, int ca); -static int check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x, - int ca); -static int check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x, - int ca); -static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x, - int ca); -static int check_purpose_timestamp_sign(const X509_PURPOSE *xp, const X509 *x, - int ca); -static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca); -static int ocsp_helper(const X509_PURPOSE *xp, const X509 *x, int ca); - -static const X509_PURPOSE xstandard[] = { - { - .purpose = X509_PURPOSE_SSL_CLIENT, - .trust = X509_TRUST_SSL_CLIENT, - .check_purpose = check_purpose_ssl_client, - .name = "SSL client", - .sname = "sslclient", - }, - { - .purpose = X509_PURPOSE_SSL_SERVER, - .trust = X509_TRUST_SSL_SERVER, - .check_purpose = check_purpose_ssl_server, - .name = "SSL server", - .sname = "sslserver", - }, - { - .purpose = X509_PURPOSE_NS_SSL_SERVER, - .trust = X509_TRUST_SSL_SERVER, - .check_purpose = check_purpose_ns_ssl_server, - .name = "Netscape SSL server", - .sname = "nssslserver", - }, - { - .purpose = X509_PURPOSE_SMIME_SIGN, - .trust = X509_TRUST_EMAIL, - .check_purpose = check_purpose_smime_sign, - .name = "S/MIME signing", - .sname = "smimesign", - }, - { - .purpose = X509_PURPOSE_SMIME_ENCRYPT, - .trust = X509_TRUST_EMAIL, - .check_purpose = check_purpose_smime_encrypt, - .name = "S/MIME encryption", - .sname = "smimeencrypt", - }, - { - .purpose = X509_PURPOSE_CRL_SIGN, - .trust = X509_TRUST_COMPAT, - .check_purpose = check_purpose_crl_sign, - .name = "CRL signing", - .sname = "crlsign", - }, - { - .purpose = X509_PURPOSE_ANY, - .trust = X509_TRUST_ACCEPT_ALL, - .check_purpose = no_check, - .name = "Any Purpose", - .sname = "any", - }, - { - .purpose = X509_PURPOSE_OCSP_HELPER, - .trust = X509_TRUST_COMPAT, - .check_purpose = ocsp_helper, - .name = "OCSP helper", - .sname = "ocsphelper", - }, - { - .purpose = X509_PURPOSE_TIMESTAMP_SIGN, - .trust = X509_TRUST_TSA, - .check_purpose = check_purpose_timestamp_sign, - .name = "Time Stamp signing", - .sname = "timestampsign", - }, -}; - -#define X509_PURPOSE_COUNT (sizeof(xstandard) / sizeof(xstandard[0])) - -/* As much as I'd like to make X509_check_purpose use a "const" X509* - * I really can't because it does recalculate hashes and do other non-const - * things. */ -int -X509_check_purpose(X509 *x, int id, int ca) -{ - int idx; - const X509_PURPOSE *pt; - - if (!x509v3_cache_extensions(x)) - return -1; - - if (id == -1) - return 1; - - if ((idx = X509_PURPOSE_get_by_id(id)) == -1) - return -1; - if ((pt = X509_PURPOSE_get0(idx)) == NULL) - return -1; - - return pt->check_purpose(pt, x, ca); -} -LCRYPTO_ALIAS(X509_check_purpose); - -int -X509_PURPOSE_get_count(void) -{ - return X509_PURPOSE_COUNT; -} -LCRYPTO_ALIAS(X509_PURPOSE_get_count); - -const X509_PURPOSE * -X509_PURPOSE_get0(int idx) -{ - if (idx < 0 || (size_t)idx >= X509_PURPOSE_COUNT) - return NULL; - - return &xstandard[idx]; -} -LCRYPTO_ALIAS(X509_PURPOSE_get0); - -int -X509_PURPOSE_get_by_sname(const char *sname) -{ - int i; - const X509_PURPOSE *xptmp; - - for (i = 0; i < X509_PURPOSE_get_count(); i++) { - xptmp = X509_PURPOSE_get0(i); - if (!strcmp(xptmp->sname, sname)) - return i; - } - return -1; -} -LCRYPTO_ALIAS(X509_PURPOSE_get_by_sname); - -int -X509_PURPOSE_get_by_id(int purpose) -{ - /* - * Ensure the purpose identifier is between MIN and MAX inclusive. - * If so, translate it to an index into the xstandard[] table. - */ - if (purpose < X509_PURPOSE_MIN || purpose > X509_PURPOSE_MAX) - return -1; - - return purpose - X509_PURPOSE_MIN; -} - -int -X509_PURPOSE_get_id(const X509_PURPOSE *xp) -{ - return xp->purpose; -} -LCRYPTO_ALIAS(X509_PURPOSE_get_id); - -const char * -X509_PURPOSE_get0_name(const X509_PURPOSE *xp) -{ - return xp->name; -} -LCRYPTO_ALIAS(X509_PURPOSE_get0_name); - -const char * -X509_PURPOSE_get0_sname(const X509_PURPOSE *xp) -{ - return xp->sname; -} -LCRYPTO_ALIAS(X509_PURPOSE_get0_sname); - -int -X509_PURPOSE_get_trust(const X509_PURPOSE *xp) -{ - return xp->trust; -} - -/* - * List of NIDs of extensions supported by the verifier. If an extension - * is critical and doesn't appear in this list, then the certificate will - * normally be rejected. - */ -int -X509_supported_extension(X509_EXTENSION *ext) -{ - switch (OBJ_obj2nid(X509_EXTENSION_get_object(ext))) { - case NID_basic_constraints: - case NID_certificate_policies: - case NID_ext_key_usage: - case NID_inhibit_any_policy: - case NID_key_usage: - case NID_name_constraints: - case NID_netscape_cert_type: - case NID_policy_constraints: - case NID_policy_mappings: -#ifndef OPENSSL_NO_RFC3779 - case NID_sbgp_ipAddrBlock: - case NID_sbgp_autonomousSysNum: -#endif - case NID_subject_alt_name: - return 1; - default: - return 0; - } -} -LCRYPTO_ALIAS(X509_supported_extension); - -static void -setup_dp(X509 *x, DIST_POINT *dp) -{ - X509_NAME *iname = NULL; - int i; - - if (dp->reasons) { - if (dp->reasons->length > 0) - dp->dp_reasons = dp->reasons->data[0]; - if (dp->reasons->length > 1) - dp->dp_reasons |= (dp->reasons->data[1] << 8); - dp->dp_reasons &= CRLDP_ALL_REASONS; - } else - dp->dp_reasons = CRLDP_ALL_REASONS; - if (!dp->distpoint || (dp->distpoint->type != 1)) - return; - for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++) { - GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i); - if (gen->type == GEN_DIRNAME) { - iname = gen->d.directoryName; - break; - } - } - if (!iname) - iname = X509_get_issuer_name(x); - - DIST_POINT_set_dpname(dp->distpoint, iname); -} - -static void -setup_crldp(X509 *x) -{ - int i; - - x->crldp = X509_get_ext_d2i(x, NID_crl_distribution_points, &i, NULL); - if (x->crldp == NULL && i != -1) { - x->ex_flags |= EXFLAG_INVALID; - return; - } - - for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++) - setup_dp(x, sk_DIST_POINT_value(x->crldp, i)); -} - -static int -x509_extension_oid_cmp(const X509_EXTENSION *const *a, - const X509_EXTENSION *const *b) -{ - return OBJ_cmp((*a)->object, (*b)->object); -} - -static int -x509_extension_oids_are_unique(X509 *x509) -{ - STACK_OF(X509_EXTENSION) *exts = NULL; - const X509_EXTENSION *prev_ext, *curr_ext; - int i; - int ret = 0; - - if (X509_get_ext_count(x509) <= 1) - goto done; - - if ((exts = sk_X509_EXTENSION_dup(x509->cert_info->extensions)) == NULL) - goto err; - - (void)sk_X509_EXTENSION_set_cmp_func(exts, x509_extension_oid_cmp); - sk_X509_EXTENSION_sort(exts); - - prev_ext = sk_X509_EXTENSION_value(exts, 0); - for (i = 1; i < sk_X509_EXTENSION_num(exts); i++) { - curr_ext = sk_X509_EXTENSION_value(exts, i); - if (x509_extension_oid_cmp(&prev_ext, &curr_ext) == 0) - goto err; - prev_ext = curr_ext; - } - - done: - ret = 1; - - err: - sk_X509_EXTENSION_free(exts); - - return ret; -} - -static void -x509v3_cache_extensions_internal(X509 *x) -{ - BASIC_CONSTRAINTS *bs; - ASN1_BIT_STRING *usage; - ASN1_BIT_STRING *ns; - EXTENDED_KEY_USAGE *extusage; - X509_EXTENSION *ex; - long version; - int i; - - if (x->ex_flags & EXFLAG_SET) - return; - - /* - * XXX - this should really only set EXFLAG_INVALID if extensions are - * invalid. However, the X509_digest() failure matches OpenSSL/BoringSSL - * behavior and the version checks are at least vaguely related to - * extensions. - */ - - if (!X509_digest(x, X509_CERT_HASH_EVP, x->hash, NULL)) - x->ex_flags |= EXFLAG_INVALID; - - version = X509_get_version(x); - if (version < 0 || version > 2) - x->ex_flags |= EXFLAG_INVALID; - if (version == 0) { - x->ex_flags |= EXFLAG_V1; - /* UIDs may only appear in v2 or v3 certs */ - if (x->cert_info->issuerUID != NULL || - x->cert_info->subjectUID != NULL) - x->ex_flags |= EXFLAG_INVALID; - } - if (version != 2 && X509_get_ext_count(x) != 0) - x->ex_flags |= EXFLAG_INVALID; - - /* Handle basic constraints */ - if ((bs = X509_get_ext_d2i(x, NID_basic_constraints, &i, NULL))) { - if (bs->ca) - x->ex_flags |= EXFLAG_CA; - if (bs->pathlen) { - if ((bs->pathlen->type == V_ASN1_NEG_INTEGER) || - !bs->ca) { - x->ex_flags |= EXFLAG_INVALID; - x->ex_pathlen = 0; - } else - x->ex_pathlen = ASN1_INTEGER_get(bs->pathlen); - } else - x->ex_pathlen = -1; - BASIC_CONSTRAINTS_free(bs); - x->ex_flags |= EXFLAG_BCONS; - } else if (i != -1) { - x->ex_flags |= EXFLAG_INVALID; - } - - /* Handle key usage */ - if ((usage = X509_get_ext_d2i(x, NID_key_usage, &i, NULL))) { - if (usage->length > 0) { - x->ex_kusage = usage->data[0]; - if (usage->length > 1) - x->ex_kusage |= usage->data[1] << 8; - } else - x->ex_kusage = 0; - x->ex_flags |= EXFLAG_KUSAGE; - ASN1_BIT_STRING_free(usage); - } else if (i != -1) { - x->ex_flags |= EXFLAG_INVALID; - } - - x->ex_xkusage = 0; - if ((extusage = X509_get_ext_d2i(x, NID_ext_key_usage, &i, NULL))) { - x->ex_flags |= EXFLAG_XKUSAGE; - for (i = 0; i < sk_ASN1_OBJECT_num(extusage); i++) { - switch (OBJ_obj2nid(sk_ASN1_OBJECT_value(extusage, i))) { - case NID_server_auth: - x->ex_xkusage |= XKU_SSL_SERVER; - break; - - case NID_client_auth: - x->ex_xkusage |= XKU_SSL_CLIENT; - break; - - case NID_email_protect: - x->ex_xkusage |= XKU_SMIME; - break; - - case NID_code_sign: - x->ex_xkusage |= XKU_CODE_SIGN; - break; - - case NID_ms_sgc: - case NID_ns_sgc: - x->ex_xkusage |= XKU_SGC; - break; - - case NID_OCSP_sign: - x->ex_xkusage |= XKU_OCSP_SIGN; - break; - - case NID_time_stamp: - x->ex_xkusage |= XKU_TIMESTAMP; - break; - - case NID_dvcs: - x->ex_xkusage |= XKU_DVCS; - break; - - case NID_anyExtendedKeyUsage: - x->ex_xkusage |= XKU_ANYEKU; - break; - } - } - sk_ASN1_OBJECT_pop_free(extusage, ASN1_OBJECT_free); - } else if (i != -1) { - x->ex_flags |= EXFLAG_INVALID; - } - - if ((ns = X509_get_ext_d2i(x, NID_netscape_cert_type, &i, NULL))) { - if (ns->length > 0) - x->ex_nscert = ns->data[0]; - else - x->ex_nscert = 0; - x->ex_flags |= EXFLAG_NSCERT; - ASN1_BIT_STRING_free(ns); - } else if (i != -1) { - x->ex_flags |= EXFLAG_INVALID; - } - - x->skid = X509_get_ext_d2i(x, NID_subject_key_identifier, &i, NULL); - if (x->skid == NULL && i != -1) - x->ex_flags |= EXFLAG_INVALID; - x->akid = X509_get_ext_d2i(x, NID_authority_key_identifier, &i, NULL); - if (x->akid == NULL && i != -1) - x->ex_flags |= EXFLAG_INVALID; - - /* Does subject name match issuer? */ - if (!X509_NAME_cmp(X509_get_subject_name(x), X509_get_issuer_name(x))) { - x->ex_flags |= EXFLAG_SI; - /* If SKID matches AKID also indicate self signed. */ - if (X509_check_akid(x, x->akid) == X509_V_OK && - !ku_reject(x, KU_KEY_CERT_SIGN)) - x->ex_flags |= EXFLAG_SS; - } - - x->altname = X509_get_ext_d2i(x, NID_subject_alt_name, &i, NULL); - if (x->altname == NULL && i != -1) - x->ex_flags |= EXFLAG_INVALID; - x->nc = X509_get_ext_d2i(x, NID_name_constraints, &i, NULL); - if (!x->nc && (i != -1)) - x->ex_flags |= EXFLAG_INVALID; - setup_crldp(x); - -#ifndef OPENSSL_NO_RFC3779 - x->rfc3779_addr = X509_get_ext_d2i(x, NID_sbgp_ipAddrBlock, &i, NULL); - if (x->rfc3779_addr == NULL && i != -1) - x->ex_flags |= EXFLAG_INVALID; - if (!X509v3_addr_is_canonical(x->rfc3779_addr)) - x->ex_flags |= EXFLAG_INVALID; - x->rfc3779_asid = X509_get_ext_d2i(x, NID_sbgp_autonomousSysNum, &i, NULL); - if (x->rfc3779_asid == NULL && i != -1) - x->ex_flags |= EXFLAG_INVALID; - if (!X509v3_asid_is_canonical(x->rfc3779_asid)) - x->ex_flags |= EXFLAG_INVALID; -#endif - - for (i = 0; i < X509_get_ext_count(x); i++) { - ex = X509_get_ext(x, i); - if (OBJ_obj2nid(X509_EXTENSION_get_object(ex)) == - NID_freshest_crl) - x->ex_flags |= EXFLAG_FRESHEST; - if (!X509_EXTENSION_get_critical(ex)) - continue; - if (!X509_supported_extension(ex)) { - x->ex_flags |= EXFLAG_CRITICAL; - break; - } - } - - if (!x509_extension_oids_are_unique(x)) - x->ex_flags |= EXFLAG_INVALID; - - x->ex_flags |= EXFLAG_SET; -} - -int -x509v3_cache_extensions(X509 *x) -{ - if ((x->ex_flags & EXFLAG_SET) == 0) { - CRYPTO_w_lock(CRYPTO_LOCK_X509); - x509v3_cache_extensions_internal(x); - CRYPTO_w_unlock(CRYPTO_LOCK_X509); - } - - return (x->ex_flags & EXFLAG_INVALID) == 0; -} - -/* CA checks common to all purposes - * return codes: - * 0 not a CA - * 1 is a CA - * 2 basicConstraints absent so "maybe" a CA - * 3 basicConstraints absent but self signed V1. - * 4 basicConstraints absent but keyUsage present and keyCertSign asserted. - */ - -static int -check_ca(const X509 *x) -{ - /* keyUsage if present should allow cert signing */ - if (ku_reject(x, KU_KEY_CERT_SIGN)) - return 0; - if (x->ex_flags & EXFLAG_BCONS) { - if (x->ex_flags & EXFLAG_CA) - return 1; - /* If basicConstraints says not a CA then say so */ - else - return 0; - } else { - /* we support V1 roots for... uh, I don't really know why. */ - if ((x->ex_flags & V1_ROOT) == V1_ROOT) - return 3; - /* If key usage present it must have certSign so tolerate it */ - else if (x->ex_flags & EXFLAG_KUSAGE) - return 4; - /* Older certificates could have Netscape-specific CA types */ - else if (x->ex_flags & EXFLAG_NSCERT && - x->ex_nscert & NS_ANY_CA) - return 5; - /* can this still be regarded a CA certificate? I doubt it */ - return 0; - } -} - -int -X509_check_ca(X509 *x) -{ - x509v3_cache_extensions(x); - - return check_ca(x); -} -LCRYPTO_ALIAS(X509_check_ca); - -/* Check SSL CA: common checks for SSL client and server */ -static int -check_ssl_ca(const X509 *x) -{ - int ca_ret; - - ca_ret = check_ca(x); - if (!ca_ret) - return 0; - /* check nsCertType if present */ - if (ca_ret != 5 || x->ex_nscert & NS_SSL_CA) - return ca_ret; - else - return 0; -} - -static int -check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x, int ca) -{ - if (xku_reject(x, XKU_SSL_CLIENT)) - return 0; - if (ca) - return check_ssl_ca(x); - /* We need to do digital signatures with it */ - if (ku_reject(x, KU_DIGITAL_SIGNATURE)) - return 0; - /* nsCertType if present should allow SSL client use */ - if (ns_reject(x, NS_SSL_CLIENT)) - return 0; - return 1; -} - -static int -check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca) -{ - if (xku_reject(x, XKU_SSL_SERVER|XKU_SGC)) - return 0; - if (ca) - return check_ssl_ca(x); - - if (ns_reject(x, NS_SSL_SERVER)) - return 0; - /* Now as for keyUsage: we'll at least need to sign OR encipher */ - if (ku_reject(x, KU_DIGITAL_SIGNATURE|KU_KEY_ENCIPHERMENT)) - return 0; - - return 1; -} - -static int -check_purpose_ns_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca) -{ - int ret; - - ret = check_purpose_ssl_server(xp, x, ca); - if (!ret || ca) - return ret; - /* We need to encipher or Netscape complains */ - if (ku_reject(x, KU_KEY_ENCIPHERMENT)) - return 0; - return ret; -} - -/* common S/MIME checks */ -static int -purpose_smime(const X509 *x, int ca) -{ - if (xku_reject(x, XKU_SMIME)) - return 0; - if (ca) { - int ca_ret; - ca_ret = check_ca(x); - if (!ca_ret) - return 0; - /* check nsCertType if present */ - if (ca_ret != 5 || x->ex_nscert & NS_SMIME_CA) - return ca_ret; - else - return 0; - } - if (x->ex_flags & EXFLAG_NSCERT) { - if (x->ex_nscert & NS_SMIME) - return 1; - /* Workaround for some buggy certificates */ - if (x->ex_nscert & NS_SSL_CLIENT) - return 2; - return 0; - } - return 1; -} - -static int -check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x, int ca) -{ - int ret; - - ret = purpose_smime(x, ca); - if (!ret || ca) - return ret; - if (ku_reject(x, KU_DIGITAL_SIGNATURE|KU_NON_REPUDIATION)) - return 0; - return ret; -} - -static int -check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x, int ca) -{ - int ret; - - ret = purpose_smime(x, ca); - if (!ret || ca) - return ret; - if (ku_reject(x, KU_KEY_ENCIPHERMENT)) - return 0; - return ret; -} - -static int -check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x, int ca) -{ - if (ca) { - int ca_ret; - if ((ca_ret = check_ca(x)) != 2) - return ca_ret; - else - return 0; - } - if (ku_reject(x, KU_CRL_SIGN)) - return 0; - return 1; -} - -/* OCSP helper: this is *not* a full OCSP check. It just checks that - * each CA is valid. Additional checks must be made on the chain. - */ -static int -ocsp_helper(const X509_PURPOSE *xp, const X509 *x, int ca) -{ - /* Must be a valid CA. Should we really support the "I don't know" - value (2)? */ - if (ca) - return check_ca(x); - /* leaf certificate is checked in OCSP_verify() */ - return 1; -} - -static int -check_purpose_timestamp_sign(const X509_PURPOSE *xp, const X509 *x, int ca) -{ - int i_ext; - - /* If ca is true we must return if this is a valid CA certificate. */ - if (ca) - return check_ca(x); - - /* - * Check the optional key usage field: - * if Key Usage is present, it must be one of digitalSignature - * and/or nonRepudiation (other values are not consistent and shall - * be rejected). - */ - if ((x->ex_flags & EXFLAG_KUSAGE) && - ((x->ex_kusage & ~(KU_NON_REPUDIATION | KU_DIGITAL_SIGNATURE)) || - !(x->ex_kusage & (KU_NON_REPUDIATION | KU_DIGITAL_SIGNATURE)))) - return 0; - - /* Only time stamp key usage is permitted and it's required. */ - if (!(x->ex_flags & EXFLAG_XKUSAGE) || x->ex_xkusage != XKU_TIMESTAMP) - return 0; - - /* Extended Key Usage MUST be critical */ - i_ext = X509_get_ext_by_NID((X509 *) x, NID_ext_key_usage, -1); - if (i_ext >= 0) { - X509_EXTENSION *ext = X509_get_ext((X509 *) x, i_ext); - if (!X509_EXTENSION_get_critical(ext)) - return 0; - } - - return 1; -} - -static int -no_check(const X509_PURPOSE *xp, const X509 *x, int ca) -{ - return 1; -} - -/* Various checks to see if one certificate issued the second. - * This can be used to prune a set of possible issuer certificates - * which have been looked up using some simple method such as by - * subject name. - * These are: - * 1. Check issuer_name(subject) == subject_name(issuer) - * 2. If akid(subject) exists check it matches issuer - * 3. If key_usage(issuer) exists check it supports certificate signing - * returns 0 for OK, positive for reason for mismatch, reasons match - * codes for X509_verify_cert() - */ - -int -X509_check_issued(X509 *issuer, X509 *subject) -{ - if (X509_NAME_cmp(X509_get_subject_name(issuer), - X509_get_issuer_name(subject))) - return X509_V_ERR_SUBJECT_ISSUER_MISMATCH; - - if (!x509v3_cache_extensions(issuer)) - return X509_V_ERR_UNSPECIFIED; - if (!x509v3_cache_extensions(subject)) - return X509_V_ERR_UNSPECIFIED; - - if (subject->akid) { - int ret = X509_check_akid(issuer, subject->akid); - if (ret != X509_V_OK) - return ret; - } - - if (ku_reject(issuer, KU_KEY_CERT_SIGN)) - return X509_V_ERR_KEYUSAGE_NO_CERTSIGN; - return X509_V_OK; -} -LCRYPTO_ALIAS(X509_check_issued); - -int -X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid) -{ - if (!akid) - return X509_V_OK; - - /* Check key ids (if present) */ - if (akid->keyid && issuer->skid && - ASN1_OCTET_STRING_cmp(akid->keyid, issuer->skid)) - return X509_V_ERR_AKID_SKID_MISMATCH; - /* Check serial number */ - if (akid->serial && - ASN1_INTEGER_cmp(X509_get_serialNumber(issuer), akid->serial)) - return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH; - /* Check issuer name */ - if (akid->issuer) { - /* Ugh, for some peculiar reason AKID includes - * SEQUENCE OF GeneralName. So look for a DirName. - * There may be more than one but we only take any - * notice of the first. - */ - GENERAL_NAMES *gens; - GENERAL_NAME *gen; - X509_NAME *nm = NULL; - int i; - gens = akid->issuer; - for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) { - gen = sk_GENERAL_NAME_value(gens, i); - if (gen->type == GEN_DIRNAME) { - nm = gen->d.dirn; - break; - } - } - if (nm && X509_NAME_cmp(nm, X509_get_issuer_name(issuer))) - return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH; - } - return X509_V_OK; -} -LCRYPTO_ALIAS(X509_check_akid); - -uint32_t -X509_get_extension_flags(X509 *x) -{ - /* Call for side-effect of computing hash and caching extensions */ - if (X509_check_purpose(x, -1, -1) != 1) - return EXFLAG_INVALID; - - return x->ex_flags; -} -LCRYPTO_ALIAS(X509_get_extension_flags); - -uint32_t -X509_get_key_usage(X509 *x) -{ - /* Call for side-effect of computing hash and caching extensions */ - if (X509_check_purpose(x, -1, -1) != 1) - return 0; - - if (x->ex_flags & EXFLAG_KUSAGE) - return x->ex_kusage; - - return UINT32_MAX; -} -LCRYPTO_ALIAS(X509_get_key_usage); - -uint32_t -X509_get_extended_key_usage(X509 *x) -{ - /* Call for side-effect of computing hash and caching extensions */ - if (X509_check_purpose(x, -1, -1) != 1) - return 0; - - if (x->ex_flags & EXFLAG_XKUSAGE) - return x->ex_xkusage; - - return UINT32_MAX; -} -LCRYPTO_ALIAS(X509_get_extended_key_usage); diff --git a/src/lib/libcrypto/x509/x509_r2x.c b/src/lib/libcrypto/x509/x509_r2x.c deleted file mode 100644 index 39b392259b..0000000000 --- a/src/lib/libcrypto/x509/x509_r2x.c +++ /dev/null @@ -1,117 +0,0 @@ -/* $OpenBSD: x509_r2x.c,v 1.17 2023/04/25 09:46:36 job Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include -#include -#include -#include -#include -#include - -#include "x509_local.h" - -X509 * -X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey) -{ - X509 *ret = NULL; - X509_CINF *xi = NULL; - X509_NAME *xn; - EVP_PKEY *pubkey; - - if ((ret = X509_new()) == NULL) { - X509error(ERR_R_MALLOC_FAILURE); - goto err; - } - - /* duplicate the request */ - xi = ret->cert_info; - - if (sk_X509_ATTRIBUTE_num(r->req_info->attributes) != 0) { - if (!X509_set_version(ret, 2)) - goto err; - } - - xn = X509_REQ_get_subject_name(r); - if (X509_set_subject_name(ret, xn) == 0) - goto err; - if (X509_set_issuer_name(ret, xn) == 0) - goto err; - - if (X509_gmtime_adj(xi->validity->notBefore, 0) == NULL) - goto err; - if (X509_gmtime_adj(xi->validity->notAfter, - (long)60 * 60 * 24 * days) == NULL) - goto err; - - if ((pubkey = X509_REQ_get0_pubkey(r)) == NULL) - goto err; - if (!X509_set_pubkey(ret, pubkey)) - goto err; - - if (!X509_sign(ret, pkey, EVP_md5())) - goto err; - return ret; - -err: - X509_free(ret); - return NULL; -} -LCRYPTO_ALIAS(X509_REQ_to_X509); diff --git a/src/lib/libcrypto/x509/x509_req.c b/src/lib/libcrypto/x509/x509_req.c deleted file mode 100644 index 704acbd897..0000000000 --- a/src/lib/libcrypto/x509/x509_req.c +++ /dev/null @@ -1,320 +0,0 @@ -/* $OpenBSD: x509_req.c,v 1.43 2024/08/31 10:16:52 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "asn1_local.h" -#include "evp_local.h" -#include "x509_local.h" - -X509_REQ * -X509_to_X509_REQ(X509 *x509, EVP_PKEY *signing_key, const EVP_MD *signing_md) -{ - X509_REQ *req; - X509_NAME *subject; - EVP_PKEY *public_key; - - if ((req = X509_REQ_new()) == NULL) { - X509error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if ((subject = X509_get_subject_name(x509)) == NULL) - goto err; - if (!X509_REQ_set_subject_name(req, subject)) - goto err; - - if ((public_key = X509_get0_pubkey(x509)) == NULL) - goto err; - if (!X509_REQ_set_pubkey(req, public_key)) - goto err; - - if (signing_key != NULL) { - if (!X509_REQ_sign(req, signing_key, signing_md)) - goto err; - } - - return req; - - err: - X509_REQ_free(req); - - return NULL; -} -LCRYPTO_ALIAS(X509_to_X509_REQ); - -EVP_PKEY * -X509_REQ_get_pubkey(X509_REQ *req) -{ - if (req == NULL || req->req_info == NULL) - return NULL; - return X509_PUBKEY_get(req->req_info->pubkey); -} -LCRYPTO_ALIAS(X509_REQ_get_pubkey); - -EVP_PKEY * -X509_REQ_get0_pubkey(X509_REQ *req) -{ - if (req == NULL || req->req_info == NULL) - return NULL; - return X509_PUBKEY_get0(req->req_info->pubkey); -} -LCRYPTO_ALIAS(X509_REQ_get0_pubkey); - -int -X509_REQ_check_private_key(X509_REQ *req, EVP_PKEY *pkey) -{ - EVP_PKEY *req_pubkey = NULL; - int ret; - - if ((req_pubkey = X509_REQ_get0_pubkey(req)) == NULL) - return 0; - - if ((ret = EVP_PKEY_cmp(req_pubkey, pkey)) == 1) - return 1; - - switch (ret) { - case 0: - X509error(X509_R_KEY_VALUES_MISMATCH); - return 0; - case -1: - X509error(X509_R_KEY_TYPE_MISMATCH); - return 0; - case -2: -#ifndef OPENSSL_NO_EC - if (pkey->type == EVP_PKEY_EC) { - X509error(ERR_R_EC_LIB); - return 0; - } -#endif -#ifndef OPENSSL_NO_DH - if (pkey->type == EVP_PKEY_DH) { - /* No idea */ - X509error(X509_R_CANT_CHECK_DH_KEY); - return 0; - } -#endif - X509error(X509_R_UNKNOWN_KEY_TYPE); - return 0; - } - - return 0; -} -LCRYPTO_ALIAS(X509_REQ_check_private_key); - -int -X509_REQ_extension_nid(int nid) -{ - return nid == NID_ext_req || nid == NID_ms_ext_req; -} -LCRYPTO_ALIAS(X509_REQ_extension_nid); - -STACK_OF(X509_EXTENSION) * -X509_REQ_get_extensions(X509_REQ *req) -{ - X509_ATTRIBUTE *attr; - ASN1_TYPE *ext = NULL; - int idx; - - if (req == NULL || req->req_info == NULL) - return NULL; - - if ((idx = X509_REQ_get_attr_by_NID(req, NID_ext_req, -1)) == -1) - idx = X509_REQ_get_attr_by_NID(req, NID_ms_ext_req, -1); - if (idx == -1) - return NULL; - - if ((attr = X509_REQ_get_attr(req, idx)) == NULL) - return NULL; - if ((ext = X509_ATTRIBUTE_get0_type(attr, 0)) == NULL) - return NULL; - - return ASN1_TYPE_unpack_sequence(&X509_EXTENSIONS_it, ext); -} -LCRYPTO_ALIAS(X509_REQ_get_extensions); - -/* - * Add a STACK_OF extensions to a certificate request: allow alternative OIDs - * in case we want to create a non-standard one. - */ - -int -X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts, - int nid) -{ - unsigned char *ext = NULL; - int extlen; - int ret; - - if ((extlen = i2d_X509_EXTENSIONS(exts, &ext)) <= 0) - return 0; - - ret = X509_REQ_add1_attr_by_NID(req, nid, V_ASN1_SEQUENCE, ext, extlen); - free(ext); - - return ret; -} -LCRYPTO_ALIAS(X509_REQ_add_extensions_nid); - -/* This is the normal usage: use the "official" OID */ -int -X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts) -{ - return X509_REQ_add_extensions_nid(req, exts, NID_ext_req); -} -LCRYPTO_ALIAS(X509_REQ_add_extensions); - -/* Request attribute functions */ - -int -X509_REQ_get_attr_count(const X509_REQ *req) -{ - return sk_X509_ATTRIBUTE_num(req->req_info->attributes); -} -LCRYPTO_ALIAS(X509_REQ_get_attr_count); - -int -X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, int lastpos) -{ - return X509at_get_attr_by_NID(req->req_info->attributes, nid, lastpos); -} -LCRYPTO_ALIAS(X509_REQ_get_attr_by_NID); - -int -X509_REQ_get_attr_by_OBJ(const X509_REQ *req, const ASN1_OBJECT *obj, - int lastpos) -{ - return X509at_get_attr_by_OBJ(req->req_info->attributes, obj, lastpos); -} -LCRYPTO_ALIAS(X509_REQ_get_attr_by_OBJ); - -X509_ATTRIBUTE * -X509_REQ_get_attr(const X509_REQ *req, int loc) -{ - return sk_X509_ATTRIBUTE_value(req->req_info->attributes, loc); -} -LCRYPTO_ALIAS(X509_REQ_get_attr); - -X509_ATTRIBUTE * -X509_REQ_delete_attr(X509_REQ *req, int loc) -{ - return sk_X509_ATTRIBUTE_delete(req->req_info->attributes, loc); -} -LCRYPTO_ALIAS(X509_REQ_delete_attr); - -int -X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr) -{ - if (X509at_add1_attr(&req->req_info->attributes, attr)) - return 1; - return 0; -} -LCRYPTO_ALIAS(X509_REQ_add1_attr); - -int -X509_REQ_add1_attr_by_OBJ(X509_REQ *req, const ASN1_OBJECT *obj, int type, - const unsigned char *bytes, int len) -{ - if (X509at_add1_attr_by_OBJ(&req->req_info->attributes, obj, - type, bytes, len)) - return 1; - return 0; -} -LCRYPTO_ALIAS(X509_REQ_add1_attr_by_OBJ); - -int -X509_REQ_add1_attr_by_NID(X509_REQ *req, int nid, int type, - const unsigned char *bytes, int len) -{ - if (X509at_add1_attr_by_NID(&req->req_info->attributes, nid, - type, bytes, len)) - return 1; - return 0; -} -LCRYPTO_ALIAS(X509_REQ_add1_attr_by_NID); - -int -X509_REQ_add1_attr_by_txt(X509_REQ *req, const char *attrname, int type, - const unsigned char *bytes, int len) -{ - if (X509at_add1_attr_by_txt(&req->req_info->attributes, attrname, - type, bytes, len)) - return 1; - return 0; -} -LCRYPTO_ALIAS(X509_REQ_add1_attr_by_txt); - -int -i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp) -{ - req->req_info->enc.modified = 1; - return i2d_X509_REQ_INFO(req->req_info, pp); -} -LCRYPTO_ALIAS(i2d_re_X509_REQ_tbs); diff --git a/src/lib/libcrypto/x509/x509_set.c b/src/lib/libcrypto/x509/x509_set.c deleted file mode 100644 index 442bc12827..0000000000 --- a/src/lib/libcrypto/x509/x509_set.c +++ /dev/null @@ -1,268 +0,0 @@ -/* $OpenBSD: x509_set.c,v 1.29 2024/03/26 23:21:36 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include -#include -#include - -#include "x509_local.h" - -const STACK_OF(X509_EXTENSION) * -X509_get0_extensions(const X509 *x) -{ - return x->cert_info->extensions; -} -LCRYPTO_ALIAS(X509_get0_extensions); - -const X509_ALGOR * -X509_get0_tbs_sigalg(const X509 *x) -{ - return x->cert_info->signature; -} -LCRYPTO_ALIAS(X509_get0_tbs_sigalg); - -int -X509_set_version(X509 *x, long version) -{ - if (x == NULL) - return 0; - /* - * RFC 5280, 4.1: versions 1 - 3 are specified as follows. - * Version ::= INTEGER { v1(0), v2(1), v3(2) } - */ - if (version < 0 || version > 2) - return 0; - if (x->cert_info->version == NULL) { - if ((x->cert_info->version = ASN1_INTEGER_new()) == NULL) - return 0; - } - x->cert_info->enc.modified = 1; - return ASN1_INTEGER_set(x->cert_info->version, version); -} -LCRYPTO_ALIAS(X509_set_version); - -long -X509_get_version(const X509 *x) -{ - return ASN1_INTEGER_get(x->cert_info->version); -} -LCRYPTO_ALIAS(X509_get_version); - -int -X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial) -{ - ASN1_INTEGER *in; - - if (x == NULL) - return 0; - in = x->cert_info->serialNumber; - if (in != serial) { - in = ASN1_INTEGER_dup(serial); - if (in != NULL) { - x->cert_info->enc.modified = 1; - ASN1_INTEGER_free(x->cert_info->serialNumber); - x->cert_info->serialNumber = in; - } - } - return in != NULL; -} -LCRYPTO_ALIAS(X509_set_serialNumber); - -int -X509_set_issuer_name(X509 *x, X509_NAME *name) -{ - if (x == NULL || x->cert_info == NULL) - return 0; - x->cert_info->enc.modified = 1; - return X509_NAME_set(&x->cert_info->issuer, name); -} -LCRYPTO_ALIAS(X509_set_issuer_name); - -int -X509_set_subject_name(X509 *x, X509_NAME *name) -{ - if (x == NULL || x->cert_info == NULL) - return 0; - x->cert_info->enc.modified = 1; - return X509_NAME_set(&x->cert_info->subject, name); -} -LCRYPTO_ALIAS(X509_set_subject_name); - -const ASN1_TIME * -X509_get0_notBefore(const X509 *x) -{ - return X509_getm_notBefore(x); -} -LCRYPTO_ALIAS(X509_get0_notBefore); - -ASN1_TIME * -X509_getm_notBefore(const X509 *x) -{ - if (x == NULL || x->cert_info == NULL || x->cert_info->validity == NULL) - return NULL; - return x->cert_info->validity->notBefore; -} -LCRYPTO_ALIAS(X509_getm_notBefore); - -int -X509_set_notBefore(X509 *x, const ASN1_TIME *tm) -{ - ASN1_TIME *in; - - if (x == NULL || x->cert_info->validity == NULL) - return 0; - in = x->cert_info->validity->notBefore; - if (in != tm) { - in = ASN1_STRING_dup(tm); - if (in != NULL) { - x->cert_info->enc.modified = 1; - ASN1_TIME_free(x->cert_info->validity->notBefore); - x->cert_info->validity->notBefore = in; - } - } - return in != NULL; -} -LCRYPTO_ALIAS(X509_set_notBefore); - -int -X509_set1_notBefore(X509 *x, const ASN1_TIME *tm) -{ - return X509_set_notBefore(x, tm); -} -LCRYPTO_ALIAS(X509_set1_notBefore); - -const ASN1_TIME * -X509_get0_notAfter(const X509 *x) -{ - return X509_getm_notAfter(x); -} -LCRYPTO_ALIAS(X509_get0_notAfter); - -ASN1_TIME * -X509_getm_notAfter(const X509 *x) -{ - if (x == NULL || x->cert_info == NULL || x->cert_info->validity == NULL) - return NULL; - return x->cert_info->validity->notAfter; -} -LCRYPTO_ALIAS(X509_getm_notAfter); - -int -X509_set_notAfter(X509 *x, const ASN1_TIME *tm) -{ - ASN1_TIME *in; - - if (x == NULL || x->cert_info->validity == NULL) - return 0; - in = x->cert_info->validity->notAfter; - if (in != tm) { - in = ASN1_STRING_dup(tm); - if (in != NULL) { - x->cert_info->enc.modified = 1; - ASN1_TIME_free(x->cert_info->validity->notAfter); - x->cert_info->validity->notAfter = in; - } - } - return in != NULL; -} -LCRYPTO_ALIAS(X509_set_notAfter); - -int -X509_set1_notAfter(X509 *x, const ASN1_TIME *tm) -{ - return X509_set_notAfter(x, tm); -} -LCRYPTO_ALIAS(X509_set1_notAfter); - -int -X509_set_pubkey(X509 *x, EVP_PKEY *pkey) -{ - if (x == NULL || x->cert_info == NULL) - return 0; - x->cert_info->enc.modified = 1; - return X509_PUBKEY_set(&x->cert_info->key, pkey); -} -LCRYPTO_ALIAS(X509_set_pubkey); - -int -X509_get_signature_type(const X509 *x) -{ - return EVP_PKEY_type(OBJ_obj2nid(x->sig_alg->algorithm)); -} -LCRYPTO_ALIAS(X509_get_signature_type); - -X509_PUBKEY * -X509_get_X509_PUBKEY(const X509 *x) -{ - return x->cert_info->key; -} -LCRYPTO_ALIAS(X509_get_X509_PUBKEY); - -void -X509_get0_uids(const X509 *x, const ASN1_BIT_STRING **issuerUID, - const ASN1_BIT_STRING **subjectUID) -{ - if (issuerUID != NULL) - *issuerUID = x->cert_info->issuerUID; - if (subjectUID != NULL) - *subjectUID = x->cert_info->subjectUID; -} -LCRYPTO_ALIAS(X509_get0_uids); diff --git a/src/lib/libcrypto/x509/x509_siginfo.c b/src/lib/libcrypto/x509/x509_siginfo.c deleted file mode 100644 index 9bbb133216..0000000000 --- a/src/lib/libcrypto/x509/x509_siginfo.c +++ /dev/null @@ -1,113 +0,0 @@ -/* $OpenBSD: x509_siginfo.c,v 1.1 2024/08/28 07:15:04 tb Exp $ */ - -/* - * Copyright (c) 2024 Theo Buehler - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include -#include - -#include "evp_local.h" - -#include "x509_internal.h" - -static int -x509_find_sigid_algs(const X509 *x509, int *out_md_nid, int *out_pkey_nid) -{ - const ASN1_OBJECT *aobj; - int nid; - - *out_md_nid = NID_undef; - *out_pkey_nid = NID_undef; - - X509_ALGOR_get0(&aobj, NULL, NULL, x509->sig_alg); - if ((nid = OBJ_obj2nid(aobj)) == NID_undef) - return 0; - - return OBJ_find_sigid_algs(nid, out_md_nid, out_pkey_nid); -} - -int -X509_get_signature_info(X509 *x509, int *out_md_nid, int *out_pkey_nid, - int *out_security_bits, uint32_t *out_flags) -{ - const EVP_MD *md; - int md_nid = NID_undef, pkey_nid = NID_undef, security_bits = -1; - uint32_t flags = 0; - - if (out_md_nid != NULL) - *out_md_nid = md_nid; - if (out_pkey_nid != NULL) - *out_pkey_nid = pkey_nid; - if (out_security_bits != NULL) - *out_security_bits = security_bits; - if (out_flags != NULL) - *out_flags = flags; - - if (!x509v3_cache_extensions(x509)) - goto err; - - if (!x509_find_sigid_algs(x509, &md_nid, &pkey_nid)) - goto err; - - /* - * If md_nid == NID_undef, this means we need to consult the ameth. - * Handlers are available for EdDSA and RSA-PSS. No other signature - * algorithm with NID_undef should appear in a certificate. - */ - if (md_nid == NID_undef) { - const EVP_PKEY_ASN1_METHOD *ameth; - - if ((ameth = EVP_PKEY_asn1_find(NULL, pkey_nid)) == NULL || - ameth->signature_info == NULL) - goto err; - - if (!ameth->signature_info(x509->sig_alg, &md_nid, &pkey_nid, - &security_bits, &flags)) - goto err; - - goto done; - } - - /* XXX - OpenSSL 3 special cases SHA-1 (63 bits) and MD5 (39 bits). */ - if ((md = EVP_get_digestbynid(md_nid)) == NULL) - goto err; - - /* Assume 4 bits of collision resistance per octet. */ - if ((security_bits = EVP_MD_size(md)) <= 0) - goto err; - security_bits *= 4; - - if (md_nid == NID_sha1 || md_nid == NID_sha256 || - md_nid == NID_sha384 || md_nid == NID_sha512) - flags |= X509_SIG_INFO_TLS; - - flags |= X509_SIG_INFO_VALID; - - done: - if (out_md_nid != NULL) - *out_md_nid = md_nid; - if (out_pkey_nid != NULL) - *out_pkey_nid = pkey_nid; - if (out_security_bits != NULL) - *out_security_bits = security_bits; - if (out_flags != NULL) - *out_flags = flags; - - err: - return (flags & X509_SIG_INFO_VALID) != 0; -} -LCRYPTO_ALIAS(X509_get_signature_info); diff --git a/src/lib/libcrypto/x509/x509_skey.c b/src/lib/libcrypto/x509/x509_skey.c deleted file mode 100644 index d2c90b6f1c..0000000000 --- a/src/lib/libcrypto/x509/x509_skey.c +++ /dev/null @@ -1,171 +0,0 @@ -/* $OpenBSD: x509_skey.c,v 1.6 2024/07/13 15:08:58 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include - -#include "x509_local.h" - -static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, char *str); - -static const X509V3_EXT_METHOD x509v3_ext_subject_key_identifier = { - .ext_nid = NID_subject_key_identifier, - .ext_flags = 0, - .it = &ASN1_OCTET_STRING_it, - .ext_new = NULL, - .ext_free = NULL, - .d2i = NULL, - .i2d = NULL, - .i2s = (X509V3_EXT_I2S)i2s_ASN1_OCTET_STRING, - .s2i = (X509V3_EXT_S2I)s2i_skey_id, - .i2v = NULL, - .v2i = NULL, - .i2r = NULL, - .r2i = NULL, - .usr_data = NULL, -}; - -const X509V3_EXT_METHOD * -x509v3_ext_method_subject_key_identifier(void) -{ - return &x509v3_ext_subject_key_identifier; -} - -char * -i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, const ASN1_OCTET_STRING *oct) -{ - return hex_to_string(oct->data, oct->length); -} -LCRYPTO_ALIAS(i2s_ASN1_OCTET_STRING); - -ASN1_OCTET_STRING * -s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - const char *str) -{ - ASN1_OCTET_STRING *oct; - long length; - - if (!(oct = ASN1_OCTET_STRING_new())) { - X509V3error(ERR_R_MALLOC_FAILURE); - return NULL; - } - - if (!(oct->data = string_to_hex(str, &length))) { - ASN1_OCTET_STRING_free(oct); - return NULL; - } - - oct->length = length; - - return oct; -} -LCRYPTO_ALIAS(s2i_ASN1_OCTET_STRING); - -static ASN1_OCTET_STRING * -s2i_skey_id(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str) -{ - ASN1_OCTET_STRING *oct; - ASN1_BIT_STRING *pk; - unsigned char pkey_dig[EVP_MAX_MD_SIZE]; - unsigned int diglen; - - if (strcmp(str, "hash")) - return s2i_ASN1_OCTET_STRING(method, ctx, str); - - if (!(oct = ASN1_OCTET_STRING_new())) { - X509V3error(ERR_R_MALLOC_FAILURE); - return NULL; - } - - if (ctx && (ctx->flags == CTX_TEST)) - return oct; - - if (!ctx || (!ctx->subject_req && !ctx->subject_cert)) { - X509V3error(X509V3_R_NO_PUBLIC_KEY); - goto err; - } - - if (ctx->subject_req) - pk = ctx->subject_req->req_info->pubkey->public_key; - else - pk = ctx->subject_cert->cert_info->key->public_key; - - if (!pk) { - X509V3error(X509V3_R_NO_PUBLIC_KEY); - goto err; - } - - if (!EVP_Digest(pk->data, pk->length, pkey_dig, &diglen, - EVP_sha1(), NULL)) - goto err; - - if (!ASN1_STRING_set(oct, pkey_dig, diglen)) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - - return oct; - -err: - ASN1_OCTET_STRING_free(oct); - return NULL; -} diff --git a/src/lib/libcrypto/x509/x509_trs.c b/src/lib/libcrypto/x509/x509_trs.c deleted file mode 100644 index e7e42a83cd..0000000000 --- a/src/lib/libcrypto/x509/x509_trs.c +++ /dev/null @@ -1,173 +0,0 @@ -/* $OpenBSD: x509_trs.c,v 1.58 2024/08/31 10:12:23 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include -#include - -#include "x509_internal.h" -#include "x509_local.h" - -static int -trust_if_self_signed(const X509 *x) -{ - /* Extensions already cached in X509_check_trust(). */ - if ((x->ex_flags & EXFLAG_SS) != 0) - return X509_TRUST_TRUSTED; - - return X509_TRUST_UNTRUSTED; -} - -static int -trust_was_set(const X509 *x) -{ - return x->aux != NULL && (x->aux->trust != NULL || - x->aux->reject != NULL); -} - -static int -obj_trust(int id, const X509 *x) -{ - const X509_CERT_AUX *aux; - ASN1_OBJECT *obj; - int i, nid; - - if ((aux = x->aux) == NULL) - return X509_TRUST_UNTRUSTED; - - for (i = 0; i < sk_ASN1_OBJECT_num(aux->reject); i++) { - obj = sk_ASN1_OBJECT_value(aux->reject, i); - nid = OBJ_obj2nid(obj); - if (nid == id || nid == NID_anyExtendedKeyUsage) - return X509_TRUST_REJECTED; - } - - for (i = 0; i < sk_ASN1_OBJECT_num(aux->trust); i++) { - obj = sk_ASN1_OBJECT_value(aux->trust, i); - nid = OBJ_obj2nid(obj); - if (nid == id || nid == NID_anyExtendedKeyUsage) - return X509_TRUST_TRUSTED; - } - - return X509_TRUST_UNTRUSTED; -} - -static int -nid_from_trust_id(int trust_id) -{ - OPENSSL_assert(trust_id == 0 || - (trust_id >= X509_TRUST_MIN && trust_id <= X509_TRUST_MAX)); - - switch (trust_id) { - case X509_TRUST_COMPAT: - return NID_undef; - case X509_TRUST_SSL_CLIENT: - return NID_client_auth; - case X509_TRUST_SSL_SERVER: - return NID_server_auth; - case X509_TRUST_EMAIL: - return NID_email_protect; - case X509_TRUST_OBJECT_SIGN: - return NID_code_sign; - case X509_TRUST_OCSP_SIGN: - return NID_OCSP_sign; - case X509_TRUST_OCSP_REQUEST: - return NID_ad_OCSP; - case X509_TRUST_TSA: - return NID_time_stamp; - default: - return NID_undef; - } -} - -int -X509_check_trust(X509 *x, int trust_id, int flags) -{ - int rv; - - /* Call early so the trust handlers don't need to modify the certs. */ - if (!x509v3_cache_extensions(x)) - return X509_TRUST_UNTRUSTED; - - if (trust_id == X509_TRUST_ACCEPT_ALL) - return 1; - - switch (trust_id) { - case X509_TRUST_COMPAT: - return trust_if_self_signed(x); - case X509_TRUST_EMAIL: - case X509_TRUST_OBJECT_SIGN: - case X509_TRUST_SSL_SERVER: - case X509_TRUST_SSL_CLIENT: - case X509_TRUST_TSA: - if (trust_was_set(x)) - return obj_trust(nid_from_trust_id(trust_id), x); - return trust_if_self_signed(x); - case X509_TRUST_OCSP_SIGN: - case X509_TRUST_OCSP_REQUEST: - return obj_trust(nid_from_trust_id(trust_id), x); - default: - rv = obj_trust(NID_anyExtendedKeyUsage, x); - if (rv != X509_TRUST_UNTRUSTED) - return rv; - return trust_if_self_signed(x); - } -} diff --git a/src/lib/libcrypto/x509/x509_txt.c b/src/lib/libcrypto/x509/x509_txt.c deleted file mode 100644 index 5f5bc5ae84..0000000000 --- a/src/lib/libcrypto/x509/x509_txt.c +++ /dev/null @@ -1,196 +0,0 @@ -/* $OpenBSD: x509_txt.c,v 1.28 2023/02/16 08:38:17 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -const char * -X509_verify_cert_error_string(long n) -{ - switch ((int)n) { - case X509_V_OK: - return "ok"; - case X509_V_ERR_UNSPECIFIED: - return "Unspecified certificate verification error"; - case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: - return "unable to get issuer certificate"; - case X509_V_ERR_UNABLE_TO_GET_CRL: - return "unable to get certificate CRL"; - case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: - return "unable to decrypt certificate's signature"; - case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: - return "unable to decrypt CRL's signature"; - case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: - return "unable to decode issuer public key"; - case X509_V_ERR_CERT_SIGNATURE_FAILURE: - return "certificate signature failure"; - case X509_V_ERR_CRL_SIGNATURE_FAILURE: - return "CRL signature failure"; - case X509_V_ERR_CERT_NOT_YET_VALID: - return "certificate is not yet valid"; - case X509_V_ERR_CERT_HAS_EXPIRED: - return "certificate has expired"; - case X509_V_ERR_CRL_NOT_YET_VALID: - return "CRL is not yet valid"; - case X509_V_ERR_CRL_HAS_EXPIRED: - return "CRL has expired"; - case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: - return "format error in certificate's notBefore field"; - case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: - return "format error in certificate's notAfter field"; - case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: - return "format error in CRL's lastUpdate field"; - case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: - return "format error in CRL's nextUpdate field"; - case X509_V_ERR_OUT_OF_MEM: - return "out of memory"; - case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: - return "self signed certificate"; - case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: - return "self signed certificate in certificate chain"; - case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: - return "unable to get local issuer certificate"; - case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: - return "unable to verify the first certificate"; - case X509_V_ERR_CERT_CHAIN_TOO_LONG: - return "certificate chain too long"; - case X509_V_ERR_CERT_REVOKED: - return "certificate revoked"; - case X509_V_ERR_INVALID_CA: - return "invalid CA certificate"; - case X509_V_ERR_PATH_LENGTH_EXCEEDED: - return "path length constraint exceeded"; - case X509_V_ERR_INVALID_PURPOSE: - return "unsupported certificate purpose"; - case X509_V_ERR_CERT_UNTRUSTED: - return "certificate not trusted"; - case X509_V_ERR_CERT_REJECTED: - return "certificate rejected"; - case X509_V_ERR_SUBJECT_ISSUER_MISMATCH: - return "subject issuer mismatch"; - case X509_V_ERR_AKID_SKID_MISMATCH: - return "authority and subject key identifier mismatch"; - case X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: - return "authority and issuer serial number mismatch"; - case X509_V_ERR_KEYUSAGE_NO_CERTSIGN: - return "key usage does not include certificate signing"; - case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER: - return "unable to get CRL issuer certificate"; - case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION: - return "unhandled critical extension"; - case X509_V_ERR_KEYUSAGE_NO_CRL_SIGN: - return "key usage does not include CRL signing"; - case X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION: - return "unhandled critical CRL extension"; - case X509_V_ERR_INVALID_NON_CA: - return "invalid non-CA certificate (has CA markings)"; - case X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED: - return "proxy path length constraint exceeded"; - case X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE: - return "key usage does not include digital signature"; - case X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED: - return "proxy certificates not allowed, " - "please set the appropriate flag"; - case X509_V_ERR_INVALID_EXTENSION: - return "invalid or inconsistent certificate extension"; - case X509_V_ERR_INVALID_POLICY_EXTENSION: - return "invalid or inconsistent certificate policy extension"; - case X509_V_ERR_NO_EXPLICIT_POLICY: - return "no explicit policy"; - case X509_V_ERR_DIFFERENT_CRL_SCOPE: - return "Different CRL scope"; - case X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: - return "Unsupported extension feature"; - case X509_V_ERR_UNNESTED_RESOURCE: - return "RFC 3779 resource not subset of parent's resources"; - case X509_V_ERR_PERMITTED_VIOLATION: - return "permitted subtree violation"; - case X509_V_ERR_EXCLUDED_VIOLATION: - return "excluded subtree violation"; - case X509_V_ERR_SUBTREE_MINMAX: - return "name constraints minimum and maximum not supported"; - case X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: - return "unsupported name constraint type"; - case X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: - return "unsupported or invalid name constraint syntax"; - case X509_V_ERR_UNSUPPORTED_NAME_SYNTAX: - return "unsupported or invalid name syntax"; - case X509_V_ERR_CRL_PATH_VALIDATION_ERROR: - return "CRL path validation error"; - case X509_V_ERR_APPLICATION_VERIFICATION: - return "application verification failure"; - case X509_V_ERR_HOSTNAME_MISMATCH: - return "Hostname mismatch"; - case X509_V_ERR_EMAIL_MISMATCH: - return "Email address mismatch"; - case X509_V_ERR_IP_ADDRESS_MISMATCH: - return "IP address mismatch"; - case X509_V_ERR_INVALID_CALL: - return "Invalid certificate verification context"; - case X509_V_ERR_STORE_LOOKUP: - return "Issuer certificate lookup error"; - case X509_V_ERR_EE_KEY_TOO_SMALL: - return "EE certificate key too weak"; - case X509_V_ERR_CA_KEY_TOO_SMALL: - return "CA certificate key too weak"; - case X509_V_ERR_CA_MD_TOO_WEAK: - return "CA signature digest algorithm too weak"; - default: - return "Unknown certificate verification error"; - } -} -LCRYPTO_ALIAS(X509_verify_cert_error_string); diff --git a/src/lib/libcrypto/x509/x509_utl.c b/src/lib/libcrypto/x509/x509_utl.c deleted file mode 100644 index 08383849c9..0000000000 --- a/src/lib/libcrypto/x509/x509_utl.c +++ /dev/null @@ -1,1494 +0,0 @@ -/* $OpenBSD: x509_utl.c,v 1.26 2025/01/26 13:51:41 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include - -#include -#include -#include -#include -#include - -#include "bytestring.h" -#include "conf_local.h" - -/* - * Match reference identifiers starting with "." to any sub-domain. This - * flag is set implicitly when the subject reference identity is a DNS name. - */ -#define _X509_CHECK_FLAG_DOT_SUBDOMAINS 0x8000 - -static char *bn_to_string(const BIGNUM *bn); -static char *strip_spaces(char *name); -static int sk_strcmp(const char * const *a, const char * const *b); -static STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name, - GENERAL_NAMES *gens); -static void str_free(OPENSSL_STRING str); -static int append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email); - -static int ipv4_from_asc(unsigned char *v4, const char *in); -static int ipv6_from_asc(unsigned char *v6, const char *in); -static int ipv6_cb(const char *elem, int len, void *usr); -static int ipv6_hex(unsigned char *out, const char *in, int inlen); - -/* Add a CONF_VALUE name-value pair to stack. */ -int -X509V3_add_value(const char *name, const char *value, - STACK_OF(CONF_VALUE) **out_extlist) -{ - STACK_OF(CONF_VALUE) *extlist = NULL; - CONF_VALUE *conf_value = NULL; - int ret = 0; - - if ((conf_value = calloc(1, sizeof(*conf_value))) == NULL) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - if (name != NULL) { - if ((conf_value->name = strdup(name)) == NULL) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - } - if (value != NULL) { - if ((conf_value->value = strdup(value)) == NULL) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - } - - if ((extlist = *out_extlist) == NULL) - extlist = sk_CONF_VALUE_new_null(); - if (extlist == NULL) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!sk_CONF_VALUE_push(extlist, conf_value)) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - conf_value = NULL; - - *out_extlist = extlist; - extlist = NULL; - - ret = 1; - - err: - if (extlist != *out_extlist) - sk_CONF_VALUE_pop_free(extlist, X509V3_conf_free); - X509V3_conf_free(conf_value); - - return ret; -} - -int -X509V3_add_value_uchar(const char *name, const unsigned char *value, - STACK_OF(CONF_VALUE) **extlist) -{ - return X509V3_add_value(name, (const char *)value, extlist); -} - -/* Free function for STACK_OF(CONF_VALUE) */ - -void -X509V3_conf_free(CONF_VALUE *conf) -{ - if (!conf) - return; - free(conf->name); - free(conf->value); - free(conf->section); - free(conf); -} -LCRYPTO_ALIAS(X509V3_conf_free); - -int -X509V3_add_value_bool(const char *name, int asn1_bool, - STACK_OF(CONF_VALUE) **extlist) -{ - if (asn1_bool) - return X509V3_add_value(name, "TRUE", extlist); - return X509V3_add_value(name, "FALSE", extlist); -} - -static char * -bn_to_string(const BIGNUM *bn) -{ - const char *sign = ""; - char *bnstr, *hex; - char *ret = NULL; - - /* Only display small numbers in decimal, as conversion is quadratic. */ - if (BN_num_bits(bn) < 128) - return BN_bn2dec(bn); - - if ((hex = bnstr = BN_bn2hex(bn)) == NULL) - goto err; - - if (BN_is_negative(bn)) { - sign = "-"; - hex++; - } - - if (asprintf(&ret, "%s0x%s", sign, hex) == -1) - ret = NULL; - - err: - free(bnstr); - return ret; -} - -char * -i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, const ASN1_ENUMERATED *a) -{ - BIGNUM *bntmp; - char *strtmp = NULL; - - if (a == NULL) - return NULL; - if ((bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) == NULL || - (strtmp = bn_to_string(bntmp)) == NULL) - X509V3error(ERR_R_MALLOC_FAILURE); - BN_free(bntmp); - return strtmp; -} -LCRYPTO_ALIAS(i2s_ASN1_ENUMERATED); - -char * -i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *method, const ASN1_ENUMERATED *e) -{ - const BIT_STRING_BITNAME *enam; - long strval; - - strval = ASN1_ENUMERATED_get(e); - for (enam = method->usr_data; enam->lname; enam++) { - if (strval == enam->bitnum) - return strdup(enam->lname); - } - return i2s_ASN1_ENUMERATED(method, e); -} -LCRYPTO_ALIAS(i2s_ASN1_ENUMERATED_TABLE); - -char * -i2s_ASN1_INTEGER(X509V3_EXT_METHOD *method, const ASN1_INTEGER *a) -{ - BIGNUM *bntmp; - char *strtmp = NULL; - - if (a == NULL) - return NULL; - if ((bntmp = ASN1_INTEGER_to_BN(a, NULL)) == NULL || - (strtmp = bn_to_string(bntmp)) == NULL) - X509V3error(ERR_R_MALLOC_FAILURE); - BN_free(bntmp); - return strtmp; -} -LCRYPTO_ALIAS(i2s_ASN1_INTEGER); - -ASN1_INTEGER * -s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, const char *value) -{ - BIGNUM *bn = NULL; - ASN1_INTEGER *aint; - int isneg = 0, ishex = 0; - int ret; - - if (!value) { - X509V3error(X509V3_R_INVALID_NULL_VALUE); - return NULL; - } - if ((bn = BN_new()) == NULL) { - X509V3error(ERR_R_MALLOC_FAILURE); - return NULL; - } - if (value[0] == '-') { - value++; - isneg = 1; - } - - if (value[0] == '0' && (value[1] == 'x' || value[1] == 'X')) { - value += 2; - ishex = 1; - } - - if (ishex) - ret = BN_hex2bn(&bn, value); - else - ret = BN_dec2bn(&bn, value); - - if (!ret || value[ret]) { - BN_free(bn); - X509V3error(X509V3_R_BN_DEC2BN_ERROR); - return NULL; - } - - if (BN_is_zero(bn)) - isneg = 0; - - aint = BN_to_ASN1_INTEGER(bn, NULL); - BN_free(bn); - if (!aint) { - X509V3error(X509V3_R_BN_TO_ASN1_INTEGER_ERROR); - return NULL; - } - if (isneg) - aint->type |= V_ASN1_NEG; - return aint; -} -LCRYPTO_ALIAS(s2i_ASN1_INTEGER); - -int -X509V3_add_value_int(const char *name, const ASN1_INTEGER *aint, - STACK_OF(CONF_VALUE) **extlist) -{ - char *strtmp; - int ret; - - if (!aint) - return 1; - if (!(strtmp = i2s_ASN1_INTEGER(NULL, aint))) - return 0; - ret = X509V3_add_value(name, strtmp, extlist); - free(strtmp); - return ret; -} - -int -X509V3_get_value_bool(const CONF_VALUE *value, int *asn1_bool) -{ - char *btmp; - - if (!(btmp = value->value)) - goto err; - if (!strcmp(btmp, "TRUE") || !strcmp(btmp, "true") || - !strcmp(btmp, "Y") || !strcmp(btmp, "y") || - !strcmp(btmp, "YES") || !strcmp(btmp, "yes")) { - *asn1_bool = 0xff; - return 1; - } else if (!strcmp(btmp, "FALSE") || !strcmp(btmp, "false") || - !strcmp(btmp, "N") || !strcmp(btmp, "n") || - !strcmp(btmp, "NO") || !strcmp(btmp, "no")) { - *asn1_bool = 0; - return 1; - } - - err: - X509V3error(X509V3_R_INVALID_BOOLEAN_STRING); - X509V3_conf_err(value); - return 0; -} - -int -X509V3_get_value_int(const CONF_VALUE *value, ASN1_INTEGER **aint) -{ - ASN1_INTEGER *itmp; - - if (!(itmp = s2i_ASN1_INTEGER(NULL, value->value))) { - X509V3_conf_err(value); - return 0; - } - *aint = itmp; - return 1; -} - -#define HDR_NAME 1 -#define HDR_VALUE 2 - -/*#define DEBUG*/ - -STACK_OF(CONF_VALUE) * -X509V3_parse_list(const char *line) -{ - char *p, *q, c; - char *ntmp, *vtmp; - STACK_OF(CONF_VALUE) *values = NULL; - char *linebuf; - int state; - - /* We are going to modify the line so copy it first */ - if ((linebuf = strdup(line)) == NULL) { - X509V3error(ERR_R_MALLOC_FAILURE); - goto err; - } - state = HDR_NAME; - ntmp = NULL; - - /* Go through all characters */ - for (p = linebuf, q = linebuf; (c = *p) && (c != '\r') && - (c != '\n'); p++) { - - switch (state) { - case HDR_NAME: - if (c == ':') { - state = HDR_VALUE; - *p = 0; - ntmp = strip_spaces(q); - if (!ntmp) { - X509V3error(X509V3_R_INVALID_NULL_NAME); - goto err; - } - q = p + 1; - } else if (c == ',') { - *p = 0; - ntmp = strip_spaces(q); - q = p + 1; - if (!ntmp) { - X509V3error(X509V3_R_INVALID_NULL_NAME); - goto err; - } - if (!X509V3_add_value(ntmp, NULL, &values)) - goto err; - } - break; - - case HDR_VALUE: - if (c == ',') { - state = HDR_NAME; - *p = 0; - vtmp = strip_spaces(q); - if (!vtmp) { - X509V3error(X509V3_R_INVALID_NULL_VALUE); - goto err; - } - if (!X509V3_add_value(ntmp, vtmp, &values)) - goto err; - ntmp = NULL; - q = p + 1; - } - - } - } - - if (state == HDR_VALUE) { - vtmp = strip_spaces(q); - if (!vtmp) { - X509V3error(X509V3_R_INVALID_NULL_VALUE); - goto err; - } - if (!X509V3_add_value(ntmp, vtmp, &values)) - goto err; - } else { - ntmp = strip_spaces(q); - if (!ntmp) { - X509V3error(X509V3_R_INVALID_NULL_NAME); - goto err; - } - if (!X509V3_add_value(ntmp, NULL, &values)) - goto err; - } - free(linebuf); - return values; - - err: - free(linebuf); - sk_CONF_VALUE_pop_free(values, X509V3_conf_free); - return NULL; -} -LCRYPTO_ALIAS(X509V3_parse_list); - -/* Delete leading and trailing spaces from a string */ -static char * -strip_spaces(char *name) -{ - char *p, *q; - - /* Skip over leading spaces */ - p = name; - while (*p && isspace((unsigned char)*p)) - p++; - if (!*p) - return NULL; - q = p + strlen(p) - 1; - while ((q != p) && isspace((unsigned char)*q)) - q--; - if (p != q) - q[1] = 0; - if (!*p) - return NULL; - return p; -} - -static const char hex_digits[] = "0123456789ABCDEF"; - -char * -hex_to_string(const unsigned char *buffer, long len) -{ - CBB cbb; - CBS cbs; - uint8_t *out = NULL; - uint8_t c; - size_t out_len; - - if (!CBB_init(&cbb, 0)) - goto err; - - if (len < 0) - goto err; - - CBS_init(&cbs, buffer, len); - while (CBS_len(&cbs) > 0) { - if (!CBS_get_u8(&cbs, &c)) - goto err; - if (!CBB_add_u8(&cbb, hex_digits[c >> 4])) - goto err; - if (!CBB_add_u8(&cbb, hex_digits[c & 0xf])) - goto err; - if (CBS_len(&cbs) > 0) { - if (!CBB_add_u8(&cbb, ':')) - goto err; - } - } - - if (!CBB_add_u8(&cbb, '\0')) - goto err; - - if (!CBB_finish(&cbb, &out, &out_len)) - goto err; - - err: - CBB_cleanup(&cbb); - - return out; -} -LCRYPTO_ALIAS(hex_to_string); - -static int -x509_skip_colons_cbs(CBS *cbs) -{ - uint8_t c; - - while (CBS_len(cbs) > 0) { - if (!CBS_peek_u8(cbs, &c)) - return 0; - if (c != ':') - return 1; - if (!CBS_get_u8(cbs, &c)) - return 0; - } - - return 1; -} - -static int -x509_get_xdigit_nibble_cbs(CBS *cbs, uint8_t *out_nibble) -{ - uint8_t c; - - if (!CBS_get_u8(cbs, &c)) - return 0; - - if (c >= '0' && c <= '9') { - *out_nibble = c - '0'; - return 1; - } - if (c >= 'a' && c <= 'f') { - *out_nibble = c - 'a' + 10; - return 1; - } - if (c >= 'A' && c <= 'F') { - *out_nibble = c - 'A' + 10; - return 1; - } - - X509V3error(X509V3_R_ILLEGAL_HEX_DIGIT); - return 0; -} - -unsigned char * -string_to_hex(const char *str, long *len) -{ - CBB cbb; - CBS cbs; - uint8_t *out = NULL; - size_t out_len; - uint8_t hi, lo; - - *len = 0; - - if (!CBB_init(&cbb, 0)) - goto err; - - if (str == NULL) { - X509V3error(X509V3_R_INVALID_NULL_ARGUMENT); - goto err; - } - - CBS_init(&cbs, str, strlen(str)); - while (CBS_len(&cbs) > 0) { - /* - * Skipping only a single colon between two pairs of digits - * would make more sense - history... - */ - if (!x509_skip_colons_cbs(&cbs)) - goto err; - /* Another historic idiocy. */ - if (CBS_len(&cbs) == 0) - break; - if (!x509_get_xdigit_nibble_cbs(&cbs, &hi)) - goto err; - if (CBS_len(&cbs) == 0) { - X509V3error(X509V3_R_ODD_NUMBER_OF_DIGITS); - goto err; - } - if (!x509_get_xdigit_nibble_cbs(&cbs, &lo)) - goto err; - if (!CBB_add_u8(&cbb, hi << 4 | lo)) - goto err; - } - - if (!CBB_finish(&cbb, &out, &out_len)) - goto err; - if (out_len > LONG_MAX) { - freezero(out, out_len); - out = NULL; - goto err; - } - - *len = out_len; - - err: - CBB_cleanup(&cbb); - - return out; -} -LCRYPTO_ALIAS(string_to_hex); - -/* V2I name comparison function: returns zero if 'name' matches - * cmp or cmp.* - */ - -int -name_cmp(const char *name, const char *cmp) -{ - int len, ret; - char c; - - len = strlen(cmp); - if ((ret = strncmp(name, cmp, len))) - return ret; - c = name[len]; - if (!c || (c=='.')) - return 0; - return 1; -} - -static int -sk_strcmp(const char * const *a, const char * const *b) -{ - return strcmp(*a, *b); -} - -STACK_OF(OPENSSL_STRING) * -X509_get1_email(X509 *x) -{ - GENERAL_NAMES *gens; - STACK_OF(OPENSSL_STRING) *ret; - - gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL); - ret = get_email(X509_get_subject_name(x), gens); - sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free); - return ret; -} -LCRYPTO_ALIAS(X509_get1_email); - -STACK_OF(OPENSSL_STRING) * -X509_get1_ocsp(X509 *x) -{ - AUTHORITY_INFO_ACCESS *info; - STACK_OF(OPENSSL_STRING) *ret = NULL; - int i; - - info = X509_get_ext_d2i(x, NID_info_access, NULL, NULL); - if (!info) - return NULL; - for (i = 0; i < sk_ACCESS_DESCRIPTION_num(info); i++) { - ACCESS_DESCRIPTION *ad = sk_ACCESS_DESCRIPTION_value(info, i); - if (OBJ_obj2nid(ad->method) == NID_ad_OCSP) { - if (ad->location->type == GEN_URI) { - if (!append_ia5(&ret, - ad->location->d.uniformResourceIdentifier)) - break; - } - } - } - AUTHORITY_INFO_ACCESS_free(info); - return ret; -} -LCRYPTO_ALIAS(X509_get1_ocsp); - -STACK_OF(OPENSSL_STRING) * -X509_REQ_get1_email(X509_REQ *x) -{ - GENERAL_NAMES *gens; - STACK_OF(X509_EXTENSION) *exts; - STACK_OF(OPENSSL_STRING) *ret; - - exts = X509_REQ_get_extensions(x); - gens = X509V3_get_d2i(exts, NID_subject_alt_name, NULL, NULL); - ret = get_email(X509_REQ_get_subject_name(x), gens); - sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free); - sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); - return ret; -} -LCRYPTO_ALIAS(X509_REQ_get1_email); - - -static STACK_OF(OPENSSL_STRING) * -get_email(X509_NAME *name, GENERAL_NAMES *gens) -{ - STACK_OF(OPENSSL_STRING) *ret = NULL; - X509_NAME_ENTRY *ne; - ASN1_IA5STRING *email; - GENERAL_NAME *gen; - int i; - - /* Now add any email address(es) to STACK */ - i = -1; - - /* First supplied X509_NAME */ - while ((i = X509_NAME_get_index_by_NID(name, - NID_pkcs9_emailAddress, i)) >= 0) { - ne = X509_NAME_get_entry(name, i); - email = X509_NAME_ENTRY_get_data(ne); - if (!append_ia5(&ret, email)) - return NULL; - } - for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) { - gen = sk_GENERAL_NAME_value(gens, i); - if (gen->type != GEN_EMAIL) - continue; - if (!append_ia5(&ret, gen->d.ia5)) - return NULL; - } - return ret; -} - -static void -str_free(OPENSSL_STRING str) -{ - free(str); -} - -static int -append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email) -{ - char *emtmp; - - /* First some sanity checks */ - if (email->type != V_ASN1_IA5STRING) - return 1; - if (!email->data || !email->length) - return 1; - if (!*sk) - *sk = sk_OPENSSL_STRING_new(sk_strcmp); - if (!*sk) - return 0; - /* Don't add duplicates */ - if (sk_OPENSSL_STRING_find(*sk, (char *)email->data) != -1) - return 1; - emtmp = strdup((char *)email->data); - if (!emtmp || !sk_OPENSSL_STRING_push(*sk, emtmp)) { - X509_email_free(*sk); - *sk = NULL; - return 0; - } - return 1; -} - -void -X509_email_free(STACK_OF(OPENSSL_STRING) *sk) -{ - sk_OPENSSL_STRING_pop_free(sk, str_free); -} -LCRYPTO_ALIAS(X509_email_free); - -typedef int (*equal_fn)(const unsigned char *pattern, size_t pattern_len, - const unsigned char *subject, size_t subject_len, unsigned int flags); - -/* Skip pattern prefix to match "wildcard" subject */ -static void -skip_prefix(const unsigned char **p, size_t *plen, const unsigned char *subject, - size_t subject_len, unsigned int flags) -{ - const unsigned char *pattern = *p; - size_t pattern_len = *plen; - - /* - * If subject starts with a leading '.' followed by more octets, and - * pattern is longer, compare just an equal-length suffix with the - * full subject (starting at the '.'), provided the prefix contains - * no NULs. - */ - if ((flags & _X509_CHECK_FLAG_DOT_SUBDOMAINS) == 0) - return; - - while (pattern_len > subject_len && *pattern) { - if ((flags & X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS) && - *pattern == '.') - break; - ++pattern; - --pattern_len; - } - - /* Skip if entire prefix acceptable */ - if (pattern_len == subject_len) { - *p = pattern; - *plen = pattern_len; - } -} - -/* - * Open/BoringSSL uses memcmp for "equal_case" while their - * "equal_nocase" function is a hand-rolled strncasecmp that does not - * allow \0 in the pattern. Since an embedded \0 is likely a sign of - * problems, we simply don't allow it in either case, and then we use - * standard libc functions. - */ - -/* Compare using strncasecmp */ -static int -equal_nocase(const unsigned char *pattern, size_t pattern_len, - const unsigned char *subject, size_t subject_len, unsigned int flags) -{ - if (memchr(pattern, '\0', pattern_len) != NULL) - return 0; - if (memchr(subject, '\0', subject_len) != NULL) - return 0; - skip_prefix(&pattern, &pattern_len, subject, subject_len, flags); - if (pattern_len != subject_len) - return 0; - return (strncasecmp(pattern, subject, pattern_len) == 0); -} - -/* Compare using strncmp. */ -static int -equal_case(const unsigned char *pattern, size_t pattern_len, - const unsigned char *subject, size_t subject_len, unsigned int flags) -{ - if (memchr(pattern, 0, pattern_len) != NULL) - return 0; - if (memchr(subject, 0, subject_len) != NULL) - return 0; - skip_prefix(&pattern, &pattern_len, subject, subject_len, flags); - if (pattern_len != subject_len) - return 0; - return (strncmp(pattern, subject, pattern_len) == 0); -} - -/* - * RFC 5280, section 7.5, requires that only the domain is compared in a - * case-insensitive manner. - */ -static int -equal_email(const unsigned char *a, size_t a_len, const unsigned char *b, - size_t b_len, unsigned int unused_flags) -{ - size_t pos = a_len; - if (a_len != b_len) - return 0; - /* - * We search backwards for the '@' character, so that we do not have to - * deal with quoted local-parts. The domain part is compared in a - * case-insensitive manner. - */ - while (pos > 0) { - pos--; - if (a[pos] == '@' || b[pos] == '@') { - if (!equal_nocase(a + pos, a_len - pos, b + pos, - a_len - pos, 0)) - return 0; - break; - } - } - if (pos == 0) - pos = a_len; - return equal_case(a, pos, b, pos, 0); -} - -/* - * Compare the prefix and suffix with the subject, and check that the - * characters in-between are valid. - */ -static int -wildcard_match(const unsigned char *prefix, size_t prefix_len, - const unsigned char *suffix, size_t suffix_len, - const unsigned char *subject, size_t subject_len, unsigned int flags) -{ - const unsigned char *wildcard_start; - const unsigned char *wildcard_end; - const unsigned char *p; - int allow_multi = 0; - int allow_idna = 0; - - if (subject_len < prefix_len + suffix_len) - return 0; - if (!equal_nocase(prefix, prefix_len, subject, prefix_len, flags)) - return 0; - wildcard_start = subject + prefix_len; - wildcard_end = subject + (subject_len - suffix_len); - if (!equal_nocase(wildcard_end, suffix_len, suffix, suffix_len, flags)) - return 0; - /* - * If the wildcard makes up the entire first label, it must match at - * least one character. - */ - if (prefix_len == 0 && *suffix == '.') { - if (wildcard_start == wildcard_end) - return 0; - allow_idna = 1; - if (flags & X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS) - allow_multi = 1; - } - /* IDNA labels cannot match partial wildcards */ - if (!allow_idna && - subject_len >= 4 - && strncasecmp((char *)subject, "xn--", 4) == 0) - return 0; - /* The wildcard may match a literal '*' */ - if (wildcard_end == wildcard_start + 1 && *wildcard_start == '*') - return 1; - /* - * Check that the part matched by the wildcard contains only - * permitted characters and only matches a single label unless - * allow_multi is set. - */ - for (p = wildcard_start; p != wildcard_end; ++p) - if (!(('0' <= *p && *p <= '9') || ('A' <= *p && *p <= 'Z') || - ('a' <= *p && *p <= 'z') || *p == '-' || - (allow_multi && *p == '.'))) - return 0; - return 1; -} - -#define LABEL_START (1 << 0) -#define LABEL_END (1 << 1) -#define LABEL_HYPHEN (1 << 2) -#define LABEL_IDNA (1 << 3) - -static const unsigned char * -valid_star(const unsigned char *p, size_t len, unsigned int flags) -{ - const unsigned char *star = 0; - size_t i; - int state = LABEL_START; - int dots = 0; - for (i = 0; i < len; ++i) { - /* - * Locate first and only legal wildcard, either at the start - * or end of a non-IDNA first and not final label. - */ - if (p[i] == '*') { - int atstart = (state & LABEL_START); - int atend = (i == len - 1 || p[i + 1] == '.'); - /* - * At most one wildcard per pattern. - * No wildcards in IDNA labels. - * No wildcards after the first label. - */ - if (star != NULL || (state & LABEL_IDNA) != 0 || dots) - return NULL; - /* Only full-label '*.example.com' wildcards? */ - if ((flags & X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS) - && (!atstart || !atend)) - return NULL; - /* No 'foo*bar' wildcards */ - if (!atstart && !atend) - return NULL; - star = &p[i]; - state &= ~LABEL_START; - } else if ((state & LABEL_START) != 0) { - /* - * At the start of a label, skip any "xn--" and - * remain in the LABEL_START state, but set the - * IDNA label state - */ - if ((state & LABEL_IDNA) == 0 && len - i >= 4 - && strncasecmp((char *)&p[i], "xn--", 4) == 0) { - i += 3; - state |= LABEL_IDNA; - continue; - } - /* Labels must start with a letter or digit */ - state &= ~LABEL_START; - if (('a' <= p[i] && p[i] <= 'z') - || ('A' <= p[i] && p[i] <= 'Z') - || ('0' <= p[i] && p[i] <= '9')) - continue; - return NULL; - } else if (('a' <= p[i] && p[i] <= 'z') - || ('A' <= p[i] && p[i] <= 'Z') - || ('0' <= p[i] && p[i] <= '9')) { - state &= LABEL_IDNA; - continue; - } else if (p[i] == '.') { - if (state & (LABEL_HYPHEN | LABEL_START)) - return NULL; - state = LABEL_START; - ++dots; - } else if (p[i] == '-') { - /* no domain/subdomain starts with '-' */ - if ((state & LABEL_START) != 0) - return NULL; - state |= LABEL_HYPHEN; - } else - return NULL; - } - - /* - * The final label must not end in a hyphen or ".", and - * there must be at least two dots after the star. - */ - if ((state & (LABEL_START | LABEL_HYPHEN)) != 0 || dots < 2) - return NULL; - return star; -} - -/* Compare using wildcards. */ -static int -equal_wildcard(const unsigned char *pattern, size_t pattern_len, - const unsigned char *subject, size_t subject_len, unsigned int flags) -{ - const unsigned char *star = NULL; - - /* - * Subject names starting with '.' can only match a wildcard pattern - * via a subject sub-domain pattern suffix match. - */ - if (!(subject_len > 1 && subject[0] == '.')) - star = valid_star(pattern, pattern_len, flags); - if (star == NULL) - return equal_nocase(pattern, pattern_len, - subject, subject_len, flags); - return wildcard_match(pattern, star - pattern, - star + 1, (pattern + pattern_len) - star - 1, - subject, subject_len, flags); -} - -/* - * Compare an ASN1_STRING to a supplied string. If they match return 1. If - * cmp_type > 0 only compare if string matches the type, otherwise convert it - * to UTF8. - */ - -static int -do_check_string(ASN1_STRING *a, int cmp_type, equal_fn equal, - unsigned int flags, const char *b, size_t blen, char **peername) -{ - int rv = 0; - - if (!a->data || !a->length) - return 0; - if (cmp_type > 0) { - if (cmp_type != a->type) - return 0; - if (cmp_type == V_ASN1_IA5STRING) - rv = equal(a->data, a->length, (unsigned char *)b, - blen, flags); - else if (a->length == (int)blen && !memcmp(a->data, b, blen)) - rv = 1; - if (rv > 0 && peername && - (*peername = strndup((char *)a->data, a->length)) == NULL) - rv = -1; - } else { - int astrlen; - unsigned char *astr = NULL; - astrlen = ASN1_STRING_to_UTF8(&astr, a); - if (astrlen < 0) - return -1; - rv = equal(astr, astrlen, (unsigned char *)b, blen, flags); - if (rv > 0 && peername && - (*peername = strndup((char *)astr, astrlen)) == NULL) - rv = -1; - free(astr); - } - return rv; -} - -static int -do_x509_check(X509 *x, const char *chk, size_t chklen, unsigned int flags, - int check_type, char **peername) -{ - GENERAL_NAMES *gens = NULL; - X509_NAME *name = NULL; - size_t i; - int j; - int cnid = NID_undef; - int alt_type; - int san_present = 0; - int rv = 0; - equal_fn equal; - - /* See below, this flag is internal-only */ - flags &= ~_X509_CHECK_FLAG_DOT_SUBDOMAINS; - if (check_type == GEN_EMAIL) { - cnid = NID_pkcs9_emailAddress; - alt_type = V_ASN1_IA5STRING; - equal = equal_email; - } else if (check_type == GEN_DNS) { - if (!(flags & X509_CHECK_FLAG_NEVER_CHECK_SUBJECT)) - cnid = NID_commonName; - /* Implicit client-side DNS sub-domain pattern */ - if (chklen > 1 && chk[0] == '.') - flags |= _X509_CHECK_FLAG_DOT_SUBDOMAINS; - alt_type = V_ASN1_IA5STRING; - if (flags & X509_CHECK_FLAG_NO_WILDCARDS) - equal = equal_nocase; - else - equal = equal_wildcard; - } else { - alt_type = V_ASN1_OCTET_STRING; - equal = equal_case; - } - - gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL); - if (gens != NULL) { - for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) { - GENERAL_NAME *gen; - ASN1_STRING *cstr; - gen = sk_GENERAL_NAME_value(gens, i); - if (gen->type != check_type) - continue; - san_present = 1; - if (check_type == GEN_EMAIL) - cstr = gen->d.rfc822Name; - else if (check_type == GEN_DNS) - cstr = gen->d.dNSName; - else - cstr = gen->d.iPAddress; - /* Positive on success, negative on error! */ - if ((rv = do_check_string(cstr, alt_type, equal, flags, - chk, chklen, peername)) != 0) - break; - } - GENERAL_NAMES_free(gens); - if (rv != 0) - return rv; - if (cnid == NID_undef || - (san_present && - !(flags & X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT))) - return 0; - } - - /* We're done if CN-ID is not pertinent */ - if (cnid == NID_undef) - return 0; - - j = -1; - name = X509_get_subject_name(x); - while ((j = X509_NAME_get_index_by_NID(name, cnid, j)) >= 0) { - X509_NAME_ENTRY *ne; - ASN1_STRING *str; - if ((ne = X509_NAME_get_entry(name, j)) == NULL) - return -1; - if ((str = X509_NAME_ENTRY_get_data(ne)) == NULL) - return -1; - /* Positive on success, negative on error! */ - if ((rv = do_check_string(str, -1, equal, flags, - chk, chklen, peername)) != 0) - return rv; - } - return 0; -} - -int -X509_check_host(X509 *x, const char *chk, size_t chklen, unsigned int flags, - char **peername) -{ - if (chk == NULL) - return -2; - if (chklen == 0) - chklen = strlen(chk); - else if (memchr(chk, '\0', chklen)) - return -2; - return do_x509_check(x, chk, chklen, flags, GEN_DNS, peername); -} -LCRYPTO_ALIAS(X509_check_host); - -int -X509_check_email(X509 *x, const char *chk, size_t chklen, unsigned int flags) -{ - if (chk == NULL) - return -2; - if (chklen == 0) - chklen = strlen(chk); - else if (memchr(chk, '\0', chklen)) - return -2; - return do_x509_check(x, chk, chklen, flags, GEN_EMAIL, NULL); -} -LCRYPTO_ALIAS(X509_check_email); - -int -X509_check_ip(X509 *x, const unsigned char *chk, size_t chklen, - unsigned int flags) -{ - if (chk == NULL) - return -2; - return do_x509_check(x, (char *)chk, chklen, flags, GEN_IPADD, NULL); -} -LCRYPTO_ALIAS(X509_check_ip); - -int -X509_check_ip_asc(X509 *x, const char *ipasc, unsigned int flags) -{ - unsigned char ipout[16]; - size_t iplen; - - if (ipasc == NULL) - return -2; - iplen = (size_t)a2i_ipadd(ipout, ipasc); - if (iplen == 0) - return -2; - return do_x509_check(x, (char *)ipout, iplen, flags, GEN_IPADD, NULL); -} -LCRYPTO_ALIAS(X509_check_ip_asc); - -/* Convert IP addresses both IPv4 and IPv6 into an - * OCTET STRING compatible with RFC3280. - */ - -ASN1_OCTET_STRING * -a2i_IPADDRESS(const char *ipasc) -{ - unsigned char ipout[16]; - ASN1_OCTET_STRING *ret; - int iplen; - - /* If string contains a ':' assume IPv6 */ - - iplen = a2i_ipadd(ipout, ipasc); - - if (!iplen) - return NULL; - - ret = ASN1_OCTET_STRING_new(); - if (!ret) - return NULL; - if (!ASN1_OCTET_STRING_set(ret, ipout, iplen)) { - ASN1_OCTET_STRING_free(ret); - return NULL; - } - return ret; -} -LCRYPTO_ALIAS(a2i_IPADDRESS); - -ASN1_OCTET_STRING * -a2i_IPADDRESS_NC(const char *ipasc) -{ - ASN1_OCTET_STRING *ret = NULL; - unsigned char ipout[32]; - char *iptmp = NULL, *p; - int iplen1, iplen2; - - p = strchr(ipasc, '/'); - if (!p) - return NULL; - iptmp = strdup(ipasc); - if (!iptmp) - return NULL; - p = iptmp + (p - ipasc); - *p++ = 0; - - iplen1 = a2i_ipadd(ipout, iptmp); - - if (!iplen1) - goto err; - - iplen2 = a2i_ipadd(ipout + iplen1, p); - - free(iptmp); - iptmp = NULL; - - if (!iplen2 || (iplen1 != iplen2)) - goto err; - - ret = ASN1_OCTET_STRING_new(); - if (!ret) - goto err; - if (!ASN1_OCTET_STRING_set(ret, ipout, iplen1 + iplen2)) - goto err; - - return ret; - - err: - free(iptmp); - if (ret) - ASN1_OCTET_STRING_free(ret); - return NULL; -} -LCRYPTO_ALIAS(a2i_IPADDRESS_NC); - - -int -a2i_ipadd(unsigned char *ipout, const char *ipasc) -{ - /* If string contains a ':' assume IPv6 */ - - if (strchr(ipasc, ':')) { - if (!ipv6_from_asc(ipout, ipasc)) - return 0; - return 16; - } else { - if (!ipv4_from_asc(ipout, ipasc)) - return 0; - return 4; - } -} -LCRYPTO_ALIAS(a2i_ipadd); - -static int -ipv4_from_asc(unsigned char *v4, const char *in) -{ - int a0, a1, a2, a3; - if (sscanf(in, "%d.%d.%d.%d", &a0, &a1, &a2, &a3) != 4) - return 0; - if ((a0 < 0) || (a0 > 255) || (a1 < 0) || (a1 > 255) || - (a2 < 0) || (a2 > 255) || (a3 < 0) || (a3 > 255)) - return 0; - v4[0] = a0; - v4[1] = a1; - v4[2] = a2; - v4[3] = a3; - return 1; -} - -typedef struct { - /* Temporary store for IPV6 output */ - unsigned char tmp[16]; - /* Total number of bytes in tmp */ - int total; - /* The position of a zero (corresponding to '::') */ - int zero_pos; - /* Number of zeroes */ - int zero_cnt; -} IPV6_STAT; - - -static int -ipv6_from_asc(unsigned char *v6, const char *in) -{ - IPV6_STAT v6stat; - - v6stat.total = 0; - v6stat.zero_pos = -1; - v6stat.zero_cnt = 0; - - /* - * Treat the IPv6 representation as a list of values separated by ':'. - * The presence of a '::' will parse as one (e.g., "2001:db8::1"), - * two (e.g., "2001:db8::") or three (e.g., "::") zero length elements. - */ - if (!CONF_parse_list(in, ':', 0, ipv6_cb, &v6stat)) - return 0; - - /* Now for some sanity checks */ - - if (v6stat.zero_pos == -1) { - /* If no '::' must have exactly 16 bytes */ - if (v6stat.total != 16) - return 0; - } else { - /* If '::' must have less than 16 bytes */ - if (v6stat.total == 16) - return 0; - /* More than three zeroes is an error */ - if (v6stat.zero_cnt > 3) - return 0; - /* Can only have three zeroes if nothing else present */ - else if (v6stat.zero_cnt == 3) { - if (v6stat.total > 0) - return 0; - } - /* Can only have two zeroes if at start or end */ - else if (v6stat.zero_cnt == 2) { - if ((v6stat.zero_pos != 0) && - (v6stat.zero_pos != v6stat.total)) - return 0; - } else - /* Can only have one zero if *not* start or end */ - { - if ((v6stat.zero_pos == 0) || - (v6stat.zero_pos == v6stat.total)) - return 0; - } - } - - /* Format result */ - - if (v6stat.zero_pos >= 0) { - /* Copy initial part */ - memcpy(v6, v6stat.tmp, v6stat.zero_pos); - /* Zero middle */ - memset(v6 + v6stat.zero_pos, 0, 16 - v6stat.total); - /* Copy final part */ - if (v6stat.total != v6stat.zero_pos) - memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total, - v6stat.tmp + v6stat.zero_pos, - v6stat.total - v6stat.zero_pos); - } else - memcpy(v6, v6stat.tmp, 16); - - return 1; -} - -static int -ipv6_cb(const char *elem, int len, void *usr) -{ - IPV6_STAT *s = usr; - - /* Error if 16 bytes written */ - if (s->total == 16) - return 0; - if (len == 0) { - /* Zero length element, corresponds to '::' */ - if (s->zero_pos == -1) - s->zero_pos = s->total; - /* If we've already got a :: its an error */ - else if (s->zero_pos != s->total) - return 0; - s->zero_cnt++; - } else { - /* If more than 4 characters could be final a.b.c.d form */ - if (len > 4) { - /* Need at least 4 bytes left */ - if (s->total > 12) - return 0; - /* Must be end of string */ - if (elem[len]) - return 0; - if (!ipv4_from_asc(s->tmp + s->total, elem)) - return 0; - s->total += 4; - } else { - if (!ipv6_hex(s->tmp + s->total, elem, len)) - return 0; - s->total += 2; - } - } - return 1; -} - -/* Convert a string of up to 4 hex digits into the corresponding - * IPv6 form. - */ - -static int -ipv6_hex(unsigned char *out, const char *in, int inlen) -{ - unsigned char c; - unsigned int num = 0; - - if (inlen > 4) - return 0; - while (inlen--) { - c = *in++; - num <<= 4; - if ((c >= '0') && (c <= '9')) - num |= c - '0'; - else if ((c >= 'A') && (c <= 'F')) - num |= c - 'A' + 10; - else if ((c >= 'a') && (c <= 'f')) - num |= c - 'a' + 10; - else - return 0; - } - out[0] = num >> 8; - out[1] = num & 0xff; - return 1; -} - -int -X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk, - unsigned long chtype) -{ - CONF_VALUE *v; - int i, mval; - char *p, *type; - - if (!nm) - return 0; - - for (i = 0; i < sk_CONF_VALUE_num(dn_sk); i++) { - v = sk_CONF_VALUE_value(dn_sk, i); - type = v->name; - /* Skip past any leading X. X: X, etc to allow for - * multiple instances - */ - for (p = type; *p; p++) - if ((*p == ':') || (*p == ',') || (*p == '.')) { - p++; - if (*p) - type = p; - break; - } - if (*type == '+') { - mval = -1; - type++; - } else - mval = 0; - if (!X509_NAME_add_entry_by_txt(nm, type, chtype, - (unsigned char *) v->value, -1, -1, mval)) - return 0; - } - return 1; -} -LCRYPTO_ALIAS(X509V3_NAME_from_section); diff --git a/src/lib/libcrypto/x509/x509_v3.c b/src/lib/libcrypto/x509/x509_v3.c deleted file mode 100644 index 688aed15a2..0000000000 --- a/src/lib/libcrypto/x509/x509_v3.c +++ /dev/null @@ -1,295 +0,0 @@ -/* $OpenBSD: x509_v3.c,v 1.43 2024/07/12 09:57:04 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include -#include -#include -#include -#include - -#include "x509_local.h" - -int -X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *exts) -{ - if (exts == NULL) - return 0; - - return sk_X509_EXTENSION_num(exts); -} -LCRYPTO_ALIAS(X509v3_get_ext_count); - -int -X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *exts, int nid, int lastpos) -{ - const ASN1_OBJECT *obj; - - if ((obj = OBJ_nid2obj(nid)) == NULL) - return -2; - - return X509v3_get_ext_by_OBJ(exts, obj, lastpos); -} -LCRYPTO_ALIAS(X509v3_get_ext_by_NID); - -int -X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *exts, - const ASN1_OBJECT *obj, int lastpos) -{ - if (++lastpos < 0) - lastpos = 0; - - for (; lastpos < X509v3_get_ext_count(exts); lastpos++) { - const X509_EXTENSION *ext = X509v3_get_ext(exts, lastpos); - - if (OBJ_cmp(ext->object, obj) == 0) - return lastpos; - } - - return -1; -} -LCRYPTO_ALIAS(X509v3_get_ext_by_OBJ); - -int -X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *exts, int critical, - int lastpos) -{ - critical = (critical != 0); - - if (++lastpos < 0) - lastpos = 0; - - for (; lastpos < X509v3_get_ext_count(exts); lastpos++) { - const X509_EXTENSION *ext = X509v3_get_ext(exts, lastpos); - - if (X509_EXTENSION_get_critical(ext) == critical) - return lastpos; - } - - return -1; -} -LCRYPTO_ALIAS(X509v3_get_ext_by_critical); - -X509_EXTENSION * -X509v3_get_ext(const STACK_OF(X509_EXTENSION) *exts, int loc) -{ - return sk_X509_EXTENSION_value(exts, loc); -} -LCRYPTO_ALIAS(X509v3_get_ext); - -X509_EXTENSION * -X509v3_delete_ext(STACK_OF(X509_EXTENSION) *exts, int loc) -{ - return sk_X509_EXTENSION_delete(exts, loc); -} -LCRYPTO_ALIAS(X509v3_delete_ext); - -STACK_OF(X509_EXTENSION) * -X509v3_add_ext(STACK_OF(X509_EXTENSION) **out_exts, X509_EXTENSION *ext, int loc) -{ - STACK_OF(X509_EXTENSION) *exts = NULL; - X509_EXTENSION *new_ext = NULL; - - /* - * XXX - Nonsense from the poorly reviewed OpenSSL c755c5fd8ba (2005). - * This check should have been joined with the next check, i.e., if no - * stack was passed in, a new one should be created and returned. - */ - if (out_exts == NULL) { - X509error(ERR_R_PASSED_NULL_PARAMETER); - goto err; - } - - if ((exts = *out_exts) == NULL) - exts = sk_X509_EXTENSION_new_null(); - if (exts == NULL) { - X509error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if ((new_ext = X509_EXTENSION_dup(ext)) == NULL) - goto err; - if (!sk_X509_EXTENSION_insert(exts, new_ext, loc)) - goto err; - new_ext = NULL; - - *out_exts = exts; - - return exts; - - err: - X509_EXTENSION_free(new_ext); - if (out_exts != NULL && exts != *out_exts) - sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); - - return NULL; -} -LCRYPTO_ALIAS(X509v3_add_ext); - -X509_EXTENSION * -X509_EXTENSION_create_by_NID(X509_EXTENSION **out_ext, int nid, int critical, - ASN1_OCTET_STRING *data) -{ - const ASN1_OBJECT *obj; - - if ((obj = OBJ_nid2obj(nid)) == NULL) { - X509error(X509_R_UNKNOWN_NID); - return NULL; - } - - return X509_EXTENSION_create_by_OBJ(out_ext, obj, critical, data); -} -LCRYPTO_ALIAS(X509_EXTENSION_create_by_NID); - -X509_EXTENSION * -X509_EXTENSION_create_by_OBJ(X509_EXTENSION **out_ext, const ASN1_OBJECT *obj, - int critical, ASN1_OCTET_STRING *data) -{ - X509_EXTENSION *ext; - - if (out_ext == NULL || (ext = *out_ext) == NULL) - ext = X509_EXTENSION_new(); - if (ext == NULL) { - X509error(ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!X509_EXTENSION_set_object(ext, obj)) - goto err; - if (!X509_EXTENSION_set_critical(ext, critical)) - goto err; - if (!X509_EXTENSION_set_data(ext, data)) - goto err; - - if (out_ext != NULL) - *out_ext = ext; - - return ext; - - err: - if (out_ext == NULL || ext != *out_ext) - X509_EXTENSION_free(ext); - - return NULL; -} -LCRYPTO_ALIAS(X509_EXTENSION_create_by_OBJ); - -int -X509_EXTENSION_set_object(X509_EXTENSION *ext, const ASN1_OBJECT *obj) -{ - if (ext == NULL || obj == NULL) - return 0; - - ASN1_OBJECT_free(ext->object); - return (ext->object = OBJ_dup(obj)) != NULL; -} -LCRYPTO_ALIAS(X509_EXTENSION_set_object); - -int -X509_EXTENSION_set_critical(X509_EXTENSION *ext, int critical) -{ - if (ext == NULL) - return 0; - - ext->critical = critical ? 0xFF : -1; - - return 1; -} -LCRYPTO_ALIAS(X509_EXTENSION_set_critical); - -int -X509_EXTENSION_set_data(X509_EXTENSION *ext, ASN1_OCTET_STRING *data) -{ - if (ext == NULL) - return 0; - - return ASN1_STRING_set(ext->value, data->data, data->length); -} -LCRYPTO_ALIAS(X509_EXTENSION_set_data); - -ASN1_OBJECT * -X509_EXTENSION_get_object(X509_EXTENSION *ext) -{ - if (ext == NULL) - return NULL; - - return ext->object; -} -LCRYPTO_ALIAS(X509_EXTENSION_get_object); - -ASN1_OCTET_STRING * -X509_EXTENSION_get_data(X509_EXTENSION *ext) -{ - if (ext == NULL) - return NULL; - - return ext->value; -} -LCRYPTO_ALIAS(X509_EXTENSION_get_data); - -int -X509_EXTENSION_get_critical(const X509_EXTENSION *ext) -{ - if (ext == NULL) - return 0; - - return ext->critical > 0; -} -LCRYPTO_ALIAS(X509_EXTENSION_get_critical); diff --git a/src/lib/libcrypto/x509/x509_verify.c b/src/lib/libcrypto/x509/x509_verify.c deleted file mode 100644 index f25e2b3f15..0000000000 --- a/src/lib/libcrypto/x509/x509_verify.c +++ /dev/null @@ -1,1288 +0,0 @@ -/* $OpenBSD: x509_verify.c,v 1.73 2025/02/08 10:12:00 tb Exp $ */ -/* - * Copyright (c) 2020-2021 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* x509_verify - inspired by golang's crypto/x509.Verify */ - -#include -#include -#include -#include -#include - -#include -#include -#include - -#include "asn1_local.h" -#include "x509_internal.h" -#include "x509_issuer_cache.h" - -static int x509_verify_cert_valid(struct x509_verify_ctx *ctx, X509 *cert, - struct x509_verify_chain *current_chain); -static int x509_verify_cert_hostname(struct x509_verify_ctx *ctx, X509 *cert, - char *name); -static void x509_verify_build_chains(struct x509_verify_ctx *ctx, X509 *cert, - struct x509_verify_chain *current_chain, int full_chain, char *name); -static int x509_verify_cert_error(struct x509_verify_ctx *ctx, X509 *cert, - size_t depth, int error, int ok); -static void x509_verify_chain_free(struct x509_verify_chain *chain); - -/* - * Parse an asn1 to a representable time_t as per RFC 5280 rules. - * Returns -1 if that can't be done for any reason. - */ -int -x509_verify_asn1_time_to_time_t(const ASN1_TIME *atime, int notAfter, - time_t *out) -{ - struct tm tm = { 0 }; - int type; - - if (atime == NULL) - return 0; - - type = ASN1_time_parse(atime->data, atime->length, &tm, atime->type); - if (type == -1) - return 0; - - /* RFC 5280 section 4.1.2.5 */ - if (tm.tm_year < 150 && type != V_ASN1_UTCTIME) - return 0; - if (tm.tm_year >= 150 && type != V_ASN1_GENERALIZEDTIME) - return 0; - - if (notAfter) { - /* - * If we are a completely broken operating system with a - * 32 bit time_t, and we have been told this is a notAfter - * date, limit the date to a 32 bit representable value. - */ - if (!ASN1_time_tm_clamp_notafter(&tm)) - return 0; - } - - /* - * Defensively fail if the time string is not representable as - * a time_t. A time_t must be sane if you care about times after - * Jan 19 2038. - */ - return asn1_time_tm_to_time_t(&tm, out); -} - -struct x509_verify_chain * -x509_verify_chain_new(void) -{ - struct x509_verify_chain *chain; - - if ((chain = calloc(1, sizeof(*chain))) == NULL) - goto err; - if ((chain->certs = sk_X509_new_null()) == NULL) - goto err; - if ((chain->cert_errors = calloc(X509_VERIFY_MAX_CHAIN_CERTS, - sizeof(int))) == NULL) - goto err; - if ((chain->names = - x509_constraints_names_new(X509_VERIFY_MAX_CHAIN_NAMES)) == NULL) - goto err; - - return chain; - err: - x509_verify_chain_free(chain); - return NULL; -} - -static void -x509_verify_chain_clear(struct x509_verify_chain *chain) -{ - sk_X509_pop_free(chain->certs, X509_free); - chain->certs = NULL; - free(chain->cert_errors); - chain->cert_errors = NULL; - x509_constraints_names_free(chain->names); - chain->names = NULL; -} - -static void -x509_verify_chain_free(struct x509_verify_chain *chain) -{ - if (chain == NULL) - return; - x509_verify_chain_clear(chain); - free(chain); -} - -static struct x509_verify_chain * -x509_verify_chain_dup(struct x509_verify_chain *chain) -{ - struct x509_verify_chain *new_chain; - - if ((new_chain = calloc(1, sizeof(*chain))) == NULL) - goto err; - if ((new_chain->certs = X509_chain_up_ref(chain->certs)) == NULL) - goto err; - if ((new_chain->cert_errors = calloc(X509_VERIFY_MAX_CHAIN_CERTS, - sizeof(int))) == NULL) - goto err; - memcpy(new_chain->cert_errors, chain->cert_errors, - X509_VERIFY_MAX_CHAIN_CERTS * sizeof(int)); - if ((new_chain->names = - x509_constraints_names_dup(chain->names)) == NULL) - goto err; - return(new_chain); - err: - x509_verify_chain_free(new_chain); - return NULL; -} - -static int -x509_verify_chain_append(struct x509_verify_chain *chain, X509 *cert, - int *error) -{ - int verify_err = X509_V_ERR_UNSPECIFIED; - size_t idx; - - if (!x509_constraints_extract_names(chain->names, cert, - sk_X509_num(chain->certs) == 0, &verify_err)) { - *error = verify_err; - return 0; - } - - X509_up_ref(cert); - if (!sk_X509_push(chain->certs, cert)) { - X509_free(cert); - *error = X509_V_ERR_OUT_OF_MEM; - return 0; - } - - idx = sk_X509_num(chain->certs) - 1; - chain->cert_errors[idx] = *error; - - /* - * We've just added the issuer for the previous certificate, - * clear its error if appropriate. - */ - if (idx > 1 && chain->cert_errors[idx - 1] == - X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY) - chain->cert_errors[idx - 1] = X509_V_OK; - - return 1; -} - -static X509 * -x509_verify_chain_last(struct x509_verify_chain *chain) -{ - int last; - - if (chain->certs == NULL) - return NULL; - if ((last = sk_X509_num(chain->certs) - 1) < 0) - return NULL; - return sk_X509_value(chain->certs, last); -} - -X509 * -x509_verify_chain_leaf(struct x509_verify_chain *chain) -{ - if (chain->certs == NULL) - return NULL; - return sk_X509_value(chain->certs, 0); -} - -static void -x509_verify_ctx_reset(struct x509_verify_ctx *ctx) -{ - size_t i; - - for (i = 0; i < ctx->chains_count; i++) - x509_verify_chain_free(ctx->chains[i]); - sk_X509_pop_free(ctx->saved_error_chain, X509_free); - ctx->saved_error = 0; - ctx->saved_error_depth = 0; - ctx->error = 0; - ctx->error_depth = 0; - ctx->chains_count = 0; - ctx->sig_checks = 0; - ctx->check_time = NULL; -} - -static void -x509_verify_ctx_clear(struct x509_verify_ctx *ctx) -{ - x509_verify_ctx_reset(ctx); - sk_X509_pop_free(ctx->intermediates, X509_free); - free(ctx->chains); - -} - -static int -x509_verify_cert_cache_extensions(X509 *cert) -{ - return x509v3_cache_extensions(cert); -} - -static int -x509_verify_cert_self_signed(X509 *cert) -{ - return (cert->ex_flags & EXFLAG_SS) ? 1 : 0; -} - -/* XXX beck - clean up this mess of is_root */ -static int -x509_verify_check_chain_end(X509 *cert, int full_chain) -{ - if (full_chain) - return x509_verify_cert_self_signed(cert); - return 1; -} - -static int -x509_verify_ctx_cert_is_root(struct x509_verify_ctx *ctx, X509 *cert, - int full_chain) -{ - X509 *match = NULL; - int i; - - if (!x509_verify_cert_cache_extensions(cert)) - return 0; - - /* Check by lookup if we have a legacy xsc */ - if (ctx->xsc != NULL) { - /* - * "alternative" lookup method, using the "trusted" stack in the - * xsc as the source for roots. - */ - if (ctx->xsc->trusted != NULL) { - for (i = 0; i < sk_X509_num(ctx->xsc->trusted); i++) { - if (X509_cmp(sk_X509_value(ctx->xsc->trusted, - i), cert) == 0) - return x509_verify_check_chain_end(cert, - full_chain); - } - } - if ((match = x509_vfy_lookup_cert_match(ctx->xsc, - cert)) != NULL) { - X509_free(match); - return x509_verify_check_chain_end(cert, full_chain); - } - } else { - /* Check the provided roots */ - for (i = 0; i < sk_X509_num(ctx->roots); i++) { - if (X509_cmp(sk_X509_value(ctx->roots, i), cert) == 0) - return x509_verify_check_chain_end(cert, - full_chain); - } - } - - return 0; -} - -static int -x509_verify_ctx_set_xsc_chain(struct x509_verify_ctx *ctx, - struct x509_verify_chain *chain, int set_error, int is_trusted) -{ - size_t num_untrusted; - int i; - - if (ctx->xsc == NULL) - return 1; - - /* - * XXX num_untrusted is the number of untrusted certs at the - * bottom of the chain. This works now since we stop at the first - * trusted cert. This will need fixing once we allow more than one - * trusted certificate. - */ - num_untrusted = sk_X509_num(chain->certs); - if (is_trusted && num_untrusted > 0) - num_untrusted--; - ctx->xsc->num_untrusted = num_untrusted; - - sk_X509_pop_free(ctx->xsc->chain, X509_free); - ctx->xsc->chain = X509_chain_up_ref(chain->certs); - if (ctx->xsc->chain == NULL) - return x509_verify_cert_error(ctx, NULL, 0, - X509_V_ERR_OUT_OF_MEM, 0); - - if (set_error) { - ctx->xsc->error = X509_V_OK; - ctx->xsc->error_depth = 0; - for (i = 0; i < sk_X509_num(chain->certs); i++) { - if (chain->cert_errors[i] != X509_V_OK) { - ctx->xsc->error = chain->cert_errors[i]; - ctx->xsc->error_depth = i; - break; - } - } - } - - return 1; -} - - -/* - * Save the error state and unvalidated chain off of the xsc for - * later. - */ -static int -x509_verify_ctx_save_xsc_error(struct x509_verify_ctx *ctx) -{ - if (ctx->xsc != NULL && ctx->xsc->chain != NULL) { - sk_X509_pop_free(ctx->saved_error_chain, X509_free); - ctx->saved_error_chain = X509_chain_up_ref(ctx->xsc->chain); - if (ctx->saved_error_chain == NULL) - return x509_verify_cert_error(ctx, NULL, 0, - X509_V_ERR_OUT_OF_MEM, 0); - ctx->saved_error = ctx->xsc->error; - ctx->saved_error_depth = ctx->xsc->error_depth; - } - return 1; -} - -/* - * Restore the saved error state and unvalidated chain to the xsc - * if we do not have a validated chain. - */ -static int -x509_verify_ctx_restore_xsc_error(struct x509_verify_ctx *ctx) -{ - if (ctx->xsc != NULL && ctx->chains_count == 0 && - ctx->saved_error_chain != NULL) { - sk_X509_pop_free(ctx->xsc->chain, X509_free); - ctx->xsc->chain = X509_chain_up_ref(ctx->saved_error_chain); - if (ctx->xsc->chain == NULL) - return x509_verify_cert_error(ctx, NULL, 0, - X509_V_ERR_OUT_OF_MEM, 0); - ctx->xsc->error = ctx->saved_error; - ctx->xsc->error_depth = ctx->saved_error_depth; - } - return 1; -} - -/* Perform legacy style validation of a chain */ -static int -x509_verify_ctx_validate_legacy_chain(struct x509_verify_ctx *ctx, - struct x509_verify_chain *chain, size_t depth) -{ - int ret = 0, trust; - - if (ctx->xsc == NULL) - return 1; - - /* - * If we have a legacy xsc, choose a validated chain, and - * apply the extensions, revocation, and policy checks just - * like the legacy code did. We do this here instead of as - * building the chains to more easily support the callback and - * the bewildering array of VERIFY_PARAM knobs that are there - * for the fiddling. - */ - - /* These may be set in one of the following calls. */ - ctx->xsc->error = X509_V_OK; - ctx->xsc->error_depth = 0; - - if (!x509_verify_ctx_set_xsc_chain(ctx, chain, 0, 1)) - goto err; - - /* - * Call the legacy code to walk the chain and check trust - * in the legacy way to handle partial chains and get the - * callback fired correctly. - */ - trust = x509_vfy_check_trust(ctx->xsc); - if (trust == X509_TRUST_REJECTED) - goto err; /* callback was called in x509_vfy_check_trust */ - if (trust != X509_TRUST_TRUSTED) { - /* NOTREACHED */ - goto err; /* should not happen if we get in here - abort? */ - } - - /* - * XXX currently this duplicates some work done in chain - * build, but we keep it here until we have feature parity - */ - if (!x509_vfy_check_chain_extensions(ctx->xsc)) - goto err; - -#ifndef OPENSSL_NO_RFC3779 - if (!X509v3_asid_validate_path(ctx->xsc)) - goto err; - - if (!X509v3_addr_validate_path(ctx->xsc)) - goto err; -#endif - - if (!x509_vfy_check_security_level(ctx->xsc)) - goto err; - - if (!x509_constraints_chain(ctx->xsc->chain, - &ctx->xsc->error, &ctx->xsc->error_depth)) { - X509 *cert = sk_X509_value(ctx->xsc->chain, depth); - if (!x509_verify_cert_error(ctx, cert, - ctx->xsc->error_depth, ctx->xsc->error, 0)) - goto err; - } - - if (!x509_vfy_check_revocation(ctx->xsc)) - goto err; - - if (!x509_vfy_check_policy(ctx->xsc)) - goto err; - - ret = 1; - - err: - /* - * The above checks may have set ctx->xsc->error and - * ctx->xsc->error_depth - save these for later on. - */ - if (ctx->xsc->error != X509_V_OK) { - if (ctx->xsc->error_depth < 0 || - ctx->xsc->error_depth >= X509_VERIFY_MAX_CHAIN_CERTS) - return 0; - chain->cert_errors[ctx->xsc->error_depth] = - ctx->xsc->error; - ctx->error_depth = ctx->xsc->error_depth; - } - - return ret; -} - -/* Add a validated chain to our list of valid chains */ -static int -x509_verify_ctx_add_chain(struct x509_verify_ctx *ctx, - struct x509_verify_chain *chain, char *name) -{ - size_t depth; - X509 *last = x509_verify_chain_last(chain); - X509 *leaf = x509_verify_chain_leaf(chain); - - depth = sk_X509_num(chain->certs); - if (depth > 0) - depth--; - - if (ctx->chains_count >= ctx->max_chains) - return x509_verify_cert_error(ctx, last, depth, - X509_V_ERR_CERT_CHAIN_TOO_LONG, 0); - - /* Clear a get issuer failure for a root certificate. */ - if (chain->cert_errors[depth] == - X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY) - chain->cert_errors[depth] = X509_V_OK; - - if (!x509_verify_ctx_validate_legacy_chain(ctx, chain, depth)) - return 0; - - /* Verify the leaf certificate and store any resulting error. */ - if (!x509_verify_cert_valid(ctx, leaf, NULL)) - return 0; - if (!x509_verify_cert_hostname(ctx, leaf, name)) - return 0; - if (ctx->error_depth == 0 && - ctx->error != X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY) - chain->cert_errors[0] = ctx->error; - - /* - * In the non-legacy code, extensions and purpose are dealt - * with as the chain is built. - * - * The non-legacy api returns multiple chains but does not do - * any revocation checking (it must be done by the caller on - * any chain they wish to use) - */ - - if ((ctx->chains[ctx->chains_count] = x509_verify_chain_dup(chain)) == - NULL) { - return x509_verify_cert_error(ctx, last, depth, - X509_V_ERR_OUT_OF_MEM, 0); - } - ctx->chains_count++; - - ctx->error = X509_V_OK; - ctx->error_depth = depth; - - return 1; -} - -static int -x509_verify_potential_parent(struct x509_verify_ctx *ctx, X509 *parent, - X509 *child) -{ - if (!x509_verify_cert_cache_extensions(parent)) - return 0; - if (ctx->xsc != NULL) - return (ctx->xsc->check_issued(ctx->xsc, child, parent)); - - /* XXX key usage */ - return X509_check_issued(parent, child) == X509_V_OK; -} - -/* Matches x509_crl_verify_parent_signature() */ -static int -x509_verify_parent_signature(X509 *parent, X509 *child, int *error) -{ - EVP_PKEY *pkey; - int cached; - int ret = 0; - - /* Use cached value if we have it */ - if ((cached = x509_issuer_cache_find(parent->hash, child->hash)) >= 0) { - if (cached == 0) - *error = X509_V_ERR_CERT_SIGNATURE_FAILURE; - return cached; - } - - /* Check signature. Did parent sign child? */ - if ((pkey = X509_get0_pubkey(parent)) == NULL) { - *error = X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY; - return 0; - } - if (X509_verify(child, pkey) <= 0) - *error = X509_V_ERR_CERT_SIGNATURE_FAILURE; - else - ret = 1; - - /* Add result to cache */ - x509_issuer_cache_add(parent->hash, child->hash, ret); - - return ret; -} - -static int -x509_verify_consider_candidate(struct x509_verify_ctx *ctx, X509 *cert, - int is_root_cert, X509 *candidate, struct x509_verify_chain *current_chain, - int full_chain, char *name) -{ - int depth = sk_X509_num(current_chain->certs); - struct x509_verify_chain *new_chain; - int i; - - /* Fail if the certificate is already in the chain */ - for (i = 0; i < sk_X509_num(current_chain->certs); i++) { - if (X509_cmp(sk_X509_value(current_chain->certs, i), - candidate) == 0) - return 0; - } - - if (ctx->sig_checks++ > X509_VERIFY_MAX_SIGCHECKS) { - /* don't allow callback to override safety check */ - (void) x509_verify_cert_error(ctx, candidate, depth, - X509_V_ERR_CERT_CHAIN_TOO_LONG, 0); - return 0; - } - - if (!x509_verify_parent_signature(candidate, cert, &ctx->error)) { - if (!x509_verify_cert_error(ctx, candidate, depth, - ctx->error, 0)) - return 0; - } - - if (!x509_verify_cert_valid(ctx, candidate, current_chain)) - return 0; - - /* candidate is good, add it to a copy of the current chain */ - if ((new_chain = x509_verify_chain_dup(current_chain)) == NULL) { - x509_verify_cert_error(ctx, candidate, depth, - X509_V_ERR_OUT_OF_MEM, 0); - return 0; - } - if (!x509_verify_chain_append(new_chain, candidate, &ctx->error)) { - x509_verify_cert_error(ctx, candidate, depth, ctx->error, 0); - x509_verify_chain_free(new_chain); - return 0; - } - - /* - * If candidate is a trusted root, we have a validated chain, - * so we save it. Otherwise, recurse until we find a root or - * give up. - */ - if (is_root_cert) { - if (!x509_verify_ctx_set_xsc_chain(ctx, new_chain, 0, 1)) { - x509_verify_chain_free(new_chain); - return 0; - } - if (!x509_verify_ctx_add_chain(ctx, new_chain, name)) { - x509_verify_chain_free(new_chain); - return 0; - } - goto done; - } - - x509_verify_build_chains(ctx, candidate, new_chain, full_chain, name); - - done: - x509_verify_chain_free(new_chain); - return 1; -} - -static int -x509_verify_cert_error(struct x509_verify_ctx *ctx, X509 *cert, size_t depth, - int error, int ok) -{ - ctx->error = error; - ctx->error_depth = depth; - if (ctx->xsc != NULL) { - ctx->xsc->error = error; - ctx->xsc->error_depth = depth; - ctx->xsc->current_cert = cert; - return ctx->xsc->verify_cb(ok, ctx->xsc); - } - return ok; -} - -static void -x509_verify_build_chains(struct x509_verify_ctx *ctx, X509 *cert, - struct x509_verify_chain *current_chain, int full_chain, char *name) -{ - X509 *candidate; - int i, depth, count, ret, is_root; - - /* - * If we are finding chains with an xsc, just stop after we have - * one chain, there's no point in finding more, it just exercises - * the potentially buggy callback processing in the calling software. - */ - if (ctx->xsc != NULL && ctx->chains_count > 0) - return; - - depth = sk_X509_num(current_chain->certs); - if (depth > 0) - depth--; - - if (depth >= ctx->max_depth && - !x509_verify_cert_error(ctx, cert, depth, - X509_V_ERR_CERT_CHAIN_TOO_LONG, 0)) - return; - - count = ctx->chains_count; - - ctx->error = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY; - ctx->error_depth = depth; - - if (ctx->saved_error != 0) - ctx->error = ctx->saved_error; - if (ctx->saved_error_depth != 0) - ctx->error_depth = ctx->saved_error_depth; - - if (ctx->xsc != NULL) { - /* - * Long ago experiments at Muppet labs resulted in a - * situation where software not only sees these errors - * but forced developers to expect them in certain cases. - * so we must mimic this awfulness for the legacy case. - */ - if (cert->ex_flags & EXFLAG_SS) - ctx->error = (depth == 0) ? - X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: - X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN; - } - - /* Check for legacy mode roots */ - if (ctx->xsc != NULL) { - if ((ret = ctx->xsc->get_issuer(&candidate, ctx->xsc, cert)) < 0) { - x509_verify_cert_error(ctx, cert, depth, - X509_V_ERR_STORE_LOOKUP, 0); - return; - } - if (ret > 0) { - if (x509_verify_potential_parent(ctx, candidate, cert)) { - is_root = x509_verify_check_chain_end(candidate, - full_chain); - x509_verify_consider_candidate(ctx, cert, - is_root, candidate, current_chain, - full_chain, name); - } - X509_free(candidate); - } - } else { - /* Check to see if we have a trusted root issuer. */ - for (i = 0; i < sk_X509_num(ctx->roots); i++) { - candidate = sk_X509_value(ctx->roots, i); - if (x509_verify_potential_parent(ctx, candidate, cert)) { - is_root = x509_verify_check_chain_end(candidate, - full_chain); - x509_verify_consider_candidate(ctx, cert, - is_root, candidate, current_chain, - full_chain, name); - } - } - } - - /* Check intermediates after checking roots */ - if (ctx->intermediates != NULL) { - for (i = 0; i < sk_X509_num(ctx->intermediates); i++) { - candidate = sk_X509_value(ctx->intermediates, i); - if (x509_verify_potential_parent(ctx, candidate, cert)) { - x509_verify_consider_candidate(ctx, cert, - 0, candidate, current_chain, - full_chain, name); - } - } - } - - if (ctx->chains_count > count) { - if (ctx->xsc != NULL) { - ctx->xsc->error = X509_V_OK; - ctx->xsc->error_depth = depth; - ctx->xsc->current_cert = cert; - } - } else if (ctx->error_depth == depth) { - if (!x509_verify_ctx_set_xsc_chain(ctx, current_chain, 0, 0)) - return; - } -} - -static int -x509_verify_cert_hostname(struct x509_verify_ctx *ctx, X509 *cert, char *name) -{ - char *candidate; - size_t len; - - if (name == NULL) { - if (ctx->xsc != NULL) { - int ret; - - if ((ret = x509_vfy_check_id(ctx->xsc)) == 0) - ctx->error = ctx->xsc->error; - return ret; - } - return 1; - } - if ((candidate = strdup(name)) == NULL) { - ctx->error = X509_V_ERR_OUT_OF_MEM; - goto err; - } - if ((len = strlen(candidate)) < 1) { - ctx->error = X509_V_ERR_UNSPECIFIED; /* XXX */ - goto err; - } - - /* IP addresses may be written in [ ]. */ - if (candidate[0] == '[' && candidate[len - 1] == ']') { - candidate[len - 1] = '\0'; - if (X509_check_ip_asc(cert, candidate + 1, 0) <= 0) { - ctx->error = X509_V_ERR_IP_ADDRESS_MISMATCH; - goto err; - } - } else { - int flags = 0; - - if (ctx->xsc == NULL) - flags = X509_CHECK_FLAG_NEVER_CHECK_SUBJECT; - - if (X509_check_host(cert, candidate, len, flags, NULL) <= 0) { - ctx->error = X509_V_ERR_HOSTNAME_MISMATCH; - goto err; - } - } - free(candidate); - return 1; - err: - free(candidate); - return x509_verify_cert_error(ctx, cert, 0, ctx->error, 0); -} - -static int -x509_verify_set_check_time(struct x509_verify_ctx *ctx) -{ - if (ctx->xsc != NULL) { - if (ctx->xsc->param->flags & X509_V_FLAG_USE_CHECK_TIME) { - ctx->check_time = &ctx->xsc->param->check_time; - return 1; - } - if (ctx->xsc->param->flags & X509_V_FLAG_NO_CHECK_TIME) - return 0; - } - - ctx->check_time = NULL; - return 1; -} - -static int -x509_verify_cert_times(X509 *cert, time_t *cmp_time, int *error) -{ - time_t when, not_before, not_after; - - if (cmp_time == NULL) - when = time(NULL); - else - when = *cmp_time; - - if (!x509_verify_asn1_time_to_time_t(X509_get_notBefore(cert), 0, - ¬_before)) { - *error = X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD; - return 0; - } - if (when < not_before) { - *error = X509_V_ERR_CERT_NOT_YET_VALID; - return 0; - } - if (!x509_verify_asn1_time_to_time_t(X509_get_notAfter(cert), 1, - ¬_after)) { - *error = X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD; - return 0; - } - if (when > not_after) { - *error = X509_V_ERR_CERT_HAS_EXPIRED; - return 0; - } - - return 1; -} - -static int -x509_verify_validate_constraints(X509 *cert, - struct x509_verify_chain *current_chain, int *error) -{ - struct x509_constraints_names *excluded = NULL; - struct x509_constraints_names *permitted = NULL; - int err = X509_V_ERR_UNSPECIFIED; - - if (current_chain == NULL) - return 1; - - if (cert->nc != NULL) { - if ((permitted = x509_constraints_names_new( - X509_VERIFY_MAX_CHAIN_CONSTRAINTS)) == NULL) { - err = X509_V_ERR_OUT_OF_MEM; - goto err; - } - if ((excluded = x509_constraints_names_new( - X509_VERIFY_MAX_CHAIN_CONSTRAINTS)) == NULL) { - err = X509_V_ERR_OUT_OF_MEM; - goto err; - } - if (!x509_constraints_extract_constraints(cert, - permitted, excluded, &err)) - goto err; - if (!x509_constraints_check(current_chain->names, - permitted, excluded, &err)) - goto err; - x509_constraints_names_free(excluded); - x509_constraints_names_free(permitted); - } - - return 1; - err: - *error = err; - x509_constraints_names_free(excluded); - x509_constraints_names_free(permitted); - return 0; -} - -static int -x509_verify_cert_extensions(struct x509_verify_ctx *ctx, X509 *cert, int need_ca) -{ - if (!x509_verify_cert_cache_extensions(cert)) { - ctx->error = X509_V_ERR_UNSPECIFIED; - return 0; - } - - if (ctx->xsc != NULL) - return 1; /* legacy is checked after chain is built */ - - if (cert->ex_flags & EXFLAG_CRITICAL) { - ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION; - return 0; - } - /* No we don't care about v1, netscape, and other ancient silliness */ - if (need_ca && (!(cert->ex_flags & EXFLAG_BCONS) && - (cert->ex_flags & EXFLAG_CA))) { - ctx->error = X509_V_ERR_INVALID_CA; - return 0; - } - if (ctx->purpose > 0 && X509_check_purpose(cert, ctx->purpose, need_ca)) { - ctx->error = X509_V_ERR_INVALID_PURPOSE; - return 0; - } - - return 1; -} - -/* Validate that cert is a possible candidate to append to current_chain */ -static int -x509_verify_cert_valid(struct x509_verify_ctx *ctx, X509 *cert, - struct x509_verify_chain *current_chain) -{ - X509 *issuer_candidate; - int should_be_ca = current_chain != NULL; - size_t depth = 0; - - if (current_chain != NULL) - depth = sk_X509_num(current_chain->certs); - - if (!x509_verify_cert_extensions(ctx, cert, should_be_ca)) - return 0; - - if (should_be_ca) { - issuer_candidate = x509_verify_chain_last(current_chain); - if (issuer_candidate != NULL && - !X509_check_issued(issuer_candidate, cert)) - if (!x509_verify_cert_error(ctx, cert, depth, - X509_V_ERR_SUBJECT_ISSUER_MISMATCH, 0)) - return 0; - } - - if (x509_verify_set_check_time(ctx)) { - if (!x509_verify_cert_times(cert, ctx->check_time, - &ctx->error)) { - if (!x509_verify_cert_error(ctx, cert, depth, - ctx->error, 0)) - return 0; - } - } - - if (!x509_verify_validate_constraints(cert, current_chain, - &ctx->error) && !x509_verify_cert_error(ctx, cert, depth, - ctx->error, 0)) - return 0; - - return 1; -} - -struct x509_verify_ctx * -x509_verify_ctx_new_from_xsc(X509_STORE_CTX *xsc) -{ - struct x509_verify_ctx *ctx; - size_t max_depth; - - if (xsc == NULL) - return NULL; - - if ((ctx = x509_verify_ctx_new(NULL)) == NULL) - return NULL; - - ctx->xsc = xsc; - - if (xsc->untrusted && - (ctx->intermediates = X509_chain_up_ref(xsc->untrusted)) == NULL) - goto err; - - max_depth = X509_VERIFY_MAX_CHAIN_CERTS; - if (xsc->param->depth > 0 && xsc->param->depth < X509_VERIFY_MAX_CHAIN_CERTS) - max_depth = xsc->param->depth; - if (!x509_verify_ctx_set_max_depth(ctx, max_depth)) - goto err; - - return ctx; - err: - x509_verify_ctx_free(ctx); - return NULL; -} - -/* Public API */ - -struct x509_verify_ctx * -x509_verify_ctx_new(STACK_OF(X509) *roots) -{ - struct x509_verify_ctx *ctx; - - if ((ctx = calloc(1, sizeof(struct x509_verify_ctx))) == NULL) - return NULL; - - if (roots != NULL) { - if ((ctx->roots = X509_chain_up_ref(roots)) == NULL) - goto err; - } else { - if ((ctx->roots = sk_X509_new_null()) == NULL) - goto err; - } - - ctx->max_depth = X509_VERIFY_MAX_CHAIN_CERTS; - ctx->max_chains = X509_VERIFY_MAX_CHAINS; - ctx->max_sigs = X509_VERIFY_MAX_SIGCHECKS; - - if ((ctx->chains = calloc(X509_VERIFY_MAX_CHAINS, - sizeof(*ctx->chains))) == NULL) - goto err; - - return ctx; - err: - x509_verify_ctx_free(ctx); - return NULL; -} - -void -x509_verify_ctx_free(struct x509_verify_ctx *ctx) -{ - if (ctx == NULL) - return; - sk_X509_pop_free(ctx->roots, X509_free); - x509_verify_ctx_clear(ctx); - free(ctx); -} - -int -x509_verify_ctx_set_max_depth(struct x509_verify_ctx *ctx, size_t max) -{ - if (max < 1 || max > X509_VERIFY_MAX_CHAIN_CERTS) - return 0; - ctx->max_depth = max; - return 1; -} - -int -x509_verify_ctx_set_max_chains(struct x509_verify_ctx *ctx, size_t max) -{ - if (max < 1 || max > X509_VERIFY_MAX_CHAINS) - return 0; - ctx->max_chains = max; - return 1; -} - -int -x509_verify_ctx_set_max_signatures(struct x509_verify_ctx *ctx, size_t max) -{ - if (max < 1 || max > 100000) - return 0; - ctx->max_sigs = max; - return 1; -} - -int -x509_verify_ctx_set_purpose(struct x509_verify_ctx *ctx, int purpose) -{ - if (purpose < X509_PURPOSE_MIN || purpose > X509_PURPOSE_MAX) - return 0; - ctx->purpose = purpose; - return 1; -} - -int -x509_verify_ctx_set_intermediates(struct x509_verify_ctx *ctx, - STACK_OF(X509) *intermediates) -{ - if ((ctx->intermediates = X509_chain_up_ref(intermediates)) == NULL) - return 0; - return 1; -} - -const char * -x509_verify_ctx_error_string(struct x509_verify_ctx *ctx) -{ - return X509_verify_cert_error_string(ctx->error); -} - -size_t -x509_verify_ctx_error_depth(struct x509_verify_ctx *ctx) -{ - return ctx->error_depth; -} - -STACK_OF(X509) * -x509_verify_ctx_chain(struct x509_verify_ctx *ctx, size_t i) -{ - if (i >= ctx->chains_count) - return NULL; - return ctx->chains[i]->certs; -} - -size_t -x509_verify(struct x509_verify_ctx *ctx, X509 *leaf, char *name) -{ - struct x509_verify_chain *current_chain; - int retry_chain_build, full_chain = 0; - - if (ctx->roots == NULL || ctx->max_depth == 0) { - ctx->error = X509_V_ERR_INVALID_CALL; - goto err; - } - - if (ctx->xsc != NULL) { - if (leaf != NULL || name != NULL) { - ctx->error = X509_V_ERR_INVALID_CALL; - goto err; - } - leaf = ctx->xsc->cert; - - /* XXX */ - full_chain = 1; - if (ctx->xsc->param->flags & X509_V_FLAG_PARTIAL_CHAIN) - full_chain = 0; - /* - * XXX - * The legacy code expects the top level cert to be - * there, even if we didn't find a chain. So put it - * there, we will clobber it later if we find a valid - * chain. - */ - if ((ctx->xsc->chain = sk_X509_new_null()) == NULL) { - ctx->error = X509_V_ERR_OUT_OF_MEM; - goto err; - } - if (!X509_up_ref(leaf)) { - ctx->error = X509_V_ERR_OUT_OF_MEM; - goto err; - } - if (!sk_X509_push(ctx->xsc->chain, leaf)) { - X509_free(leaf); - ctx->error = X509_V_ERR_OUT_OF_MEM; - goto err; - } - ctx->xsc->error_depth = 0; - ctx->xsc->current_cert = leaf; - } - - if ((current_chain = x509_verify_chain_new()) == NULL) { - ctx->error = X509_V_ERR_OUT_OF_MEM; - goto err; - } - - /* - * Add the leaf to the chain and try to build chains from it. - * Note that unlike Go's verifier, we have not yet checked - * anything about the leaf, This is intentional, so that we - * report failures in chain building before we report problems - * with the leaf. - */ - if (!x509_verify_chain_append(current_chain, leaf, &ctx->error)) { - x509_verify_chain_free(current_chain); - goto err; - } - do { - retry_chain_build = 0; - if (x509_verify_ctx_cert_is_root(ctx, leaf, full_chain)) { - if (!x509_verify_ctx_add_chain(ctx, current_chain, - name)) { - x509_verify_chain_free(current_chain); - goto err; - } - } else { - x509_verify_build_chains(ctx, leaf, current_chain, - full_chain, name); - if (full_chain && ctx->chains_count == 0) { - /* - * Save the error state from the xsc - * at this point to put back on the - * xsc in case we do not find a chain - * that is trusted but not a full - * chain to a self signed root. This - * is because the unvalidated chain is - * used by the autochain batshittery - * on failure and will be needed for - * that. - */ - ctx->xsc->error_depth = ctx->error_depth; - if (!x509_verify_ctx_save_xsc_error(ctx)) { - x509_verify_chain_free(current_chain); - goto err; - } - full_chain = 0; - retry_chain_build = 1; - } - } - } while (retry_chain_build); - - x509_verify_chain_free(current_chain); - - /* - * Do the new verifier style return, where we don't have an xsc - * that allows a crazy callback to turn invalid things into valid. - */ - if (ctx->xsc == NULL) { - /* - * Safety net: - * We could not find a validated chain, and for some reason do not - * have an error set. - */ - if (ctx->chains_count == 0 && ctx->error == X509_V_OK) - ctx->error = X509_V_ERR_UNSPECIFIED; - - /* - * If we are not using an xsc, and have no possibility for the - * crazy OpenSSL callback API changing the results of - * validation steps (because the callback can make validation - * proceed in the presence of invalid certs), any chains we - * have here are correctly built and verified. - */ - if (ctx->chains_count > 0) - ctx->error = X509_V_OK; - - return ctx->chains_count; - } - - /* - * Otherwise we are doing compatibility with an xsc, which means that we - * will have one chain, which might actually be a bogus chain because - * the callback told us to ignore errors and proceed to build an invalid - * chain. Possible return values from this include returning 1 with an - * invalid chain and a value of xsc->error != X509_V_OK (It's tradition - * that makes it ok). - */ - - if (ctx->chains_count > 0) { - /* - * The chain we have using an xsc might not be a verified chain - * if the callback perverted things while we built it to ignore - * failures and proceed with chain building. We put this chain - * and the error associated with it on the xsc. - */ - if (!x509_verify_ctx_set_xsc_chain(ctx, ctx->chains[0], 1, 1)) - goto err; - - /* - * Call the callback for completion up our built - * chain. The callback could still tell us to - * fail. Since this chain might exist as the result of - * callback doing perversions, we could still return - * "success" with something other than X509_V_OK set - * as the error. - */ - if (!x509_vfy_callback_indicate_completion(ctx->xsc)) - goto err; - } else { - /* - * We did not find a chain. Bring back the failure - * case we wanted to the xsc if we saved one. If we - * did not we should have just the leaf on the xsc. - */ - if (!x509_verify_ctx_restore_xsc_error(ctx)) - goto err; - - /* - * Safety net, ensure we have an error set in the - * failing case. - */ - if (ctx->xsc->error == X509_V_OK) { - if (ctx->error == X509_V_OK) - ctx->error = X509_V_ERR_UNSPECIFIED; - ctx->xsc->error = ctx->error; - } - - /* - * Let the callback override the return value - * at depth 0 if it chooses to - */ - return ctx->xsc->verify_cb(0, ctx->xsc); - } - - /* We only ever find one chain in compat mode with an xsc. */ - return 1; - - err: - if (ctx->error == X509_V_OK) - ctx->error = X509_V_ERR_UNSPECIFIED; - - if (ctx->xsc != NULL) { - if (ctx->xsc->error == X509_V_OK) - ctx->xsc->error = X509_V_ERR_UNSPECIFIED; - ctx->error = ctx->xsc->error; - } - - return 0; -} diff --git a/src/lib/libcrypto/x509/x509_verify.h b/src/lib/libcrypto/x509/x509_verify.h deleted file mode 100644 index d8d2cb0b5f..0000000000 --- a/src/lib/libcrypto/x509/x509_verify.h +++ /dev/null @@ -1,43 +0,0 @@ -/* $OpenBSD: x509_verify.h,v 1.2 2021/11/04 23:52:34 beck Exp $ */ -/* - * Copyright (c) 2020 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ -#ifndef HEADER_X509_VERIFY_H -#define HEADER_X509_VERIFY_H - -#ifdef LIBRESSL_INTERNAL -struct x509_verify_ctx; -struct x509_verify_cert_info; -typedef struct x509_verify_ctx X509_VERIFY_CTX; - -X509_VERIFY_CTX *x509_verify_ctx_new(STACK_OF(X509) *roots); -void x509_verify_ctx_free(struct x509_verify_ctx *ctx); - -int x509_verify_ctx_set_max_depth(X509_VERIFY_CTX *ctx, size_t max); -int x509_verify_ctx_set_max_chains(X509_VERIFY_CTX *ctx, size_t max); -int x509_verify_ctx_set_max_signatures(X509_VERIFY_CTX *ctx, size_t max); -int x509_verify_ctx_set_purpose(X509_VERIFY_CTX *ctx, int purpose_id); -int x509_verify_ctx_set_intermediates(X509_VERIFY_CTX *ctx, - STACK_OF(X509) *intermediates); - -const char *x509_verify_ctx_error_string(X509_VERIFY_CTX *ctx); -size_t x509_verify_ctx_error_depth(X509_VERIFY_CTX *ctx); - -STACK_OF(X509) *x509_verify_ctx_chain(X509_VERIFY_CTX *ctx, size_t chain); - -size_t x509_verify(X509_VERIFY_CTX *ctx, X509 *leaf, char *name); -#endif - -#endif diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c deleted file mode 100644 index c93ae81bd8..0000000000 --- a/src/lib/libcrypto/x509/x509_vfy.c +++ /dev/null @@ -1,2602 +0,0 @@ -/* $OpenBSD: x509_vfy.c,v 1.147 2025/03/04 08:43:25 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include -#include - -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "asn1_local.h" -#include "x509_internal.h" -#include "x509_issuer_cache.h" -#include "x509_local.h" - -/* CRL score values */ - -/* No unhandled critical extensions */ - -#define CRL_SCORE_NOCRITICAL 0x100 - -/* certificate is within CRL scope */ - -#define CRL_SCORE_SCOPE 0x080 - -/* CRL times valid */ - -#define CRL_SCORE_TIME 0x040 - -/* Issuer name matches certificate */ - -#define CRL_SCORE_ISSUER_NAME 0x020 - -/* If this score or above CRL is probably valid */ - -#define CRL_SCORE_VALID (CRL_SCORE_NOCRITICAL|CRL_SCORE_TIME|CRL_SCORE_SCOPE) - -/* CRL issuer is certificate issuer */ - -#define CRL_SCORE_ISSUER_CERT 0x018 - -/* CRL issuer is on certificate path */ - -#define CRL_SCORE_SAME_PATH 0x008 - -/* CRL issuer matches CRL AKID */ - -#define CRL_SCORE_AKID 0x004 - -/* Have a delta CRL with valid times */ - -#define CRL_SCORE_TIME_DELTA 0x002 - -static int x509_vfy_check_crl(X509_STORE_CTX *ctx, X509_CRL *crl); -static int x509_vfy_cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); - -static int null_callback(int ok, X509_STORE_CTX *e); -static int check_issued(X509_STORE_CTX *ctx, X509 *subject, X509 *issuer); -static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x, - int allow_expired); -static int check_name_constraints(X509_STORE_CTX *ctx); -static int check_cert(X509_STORE_CTX *ctx, STACK_OF(X509) *chain, int depth); - -static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer, - unsigned int *preasons, X509_CRL *crl, X509 *x); -static int get_crl_delta(X509_STORE_CTX *ctx, - X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x); -static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pcrl_score, - X509_CRL *base, STACK_OF(X509_CRL) *crls); -static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl, X509 **pissuer, - int *pcrl_score); -static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score, - unsigned int *preasons); -static int check_crl_path(X509_STORE_CTX *ctx, X509 *x); -static int check_crl_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *cert_path, - STACK_OF(X509) *crl_path); -static int X509_cmp_time_internal(const ASN1_TIME *ctm, time_t *cmp_time, - int clamp_notafter); - -static int internal_verify(X509_STORE_CTX *ctx); -static int check_key_level(X509_STORE_CTX *ctx, X509 *cert); -static int verify_cb_cert(X509_STORE_CTX *ctx, X509 *x, int depth, int err); - -static int -null_callback(int ok, X509_STORE_CTX *e) -{ - return ok; -} - -/* Return 1 if a certificate is self signed */ -static int -cert_self_signed(X509 *x) -{ - X509_check_purpose(x, -1, 0); - if (x->ex_flags & EXFLAG_SS) - return 1; - else - return 0; -} - -static int -check_id_error(X509_STORE_CTX *ctx, int errcode) -{ - ctx->error = errcode; - ctx->current_cert = ctx->cert; - ctx->error_depth = 0; - return ctx->verify_cb(0, ctx); -} - -static int -x509_vfy_check_hosts(X509 *x, X509_VERIFY_PARAM *vpm) -{ - int i, n; - char *name; - - n = sk_OPENSSL_STRING_num(vpm->hosts); - free(vpm->peername); - vpm->peername = NULL; - - for (i = 0; i < n; ++i) { - name = sk_OPENSSL_STRING_value(vpm->hosts, i); - if (X509_check_host(x, name, strlen(name), vpm->hostflags, - &vpm->peername) > 0) - return 1; - } - return n == 0; -} - -int -x509_vfy_check_id(X509_STORE_CTX *ctx) -{ - X509_VERIFY_PARAM *vpm = ctx->param; - X509 *x = ctx->cert; - - if (vpm->hosts && x509_vfy_check_hosts(x, vpm) <= 0) { - if (!check_id_error(ctx, X509_V_ERR_HOSTNAME_MISMATCH)) - return 0; - } - if (vpm->email != NULL && X509_check_email(x, vpm->email, vpm->emaillen, 0) - <= 0) { - if (!check_id_error(ctx, X509_V_ERR_EMAIL_MISMATCH)) - return 0; - } - if (vpm->ip != NULL && X509_check_ip(x, vpm->ip, vpm->iplen, 0) <= 0) { - if (!check_id_error(ctx, X509_V_ERR_IP_ADDRESS_MISMATCH)) - return 0; - } - return 1; -} - -/* - * This is the effectively broken legacy OpenSSL chain builder. It - * might find an unvalidated chain and leave it sitting in - * ctx->chain. It does not correctly handle many cases where multiple - * chains could exist. - * - * Oh no.. I know a dirty word... - * Oooooooh.. - */ -static int -X509_verify_cert_legacy_build_chain(X509_STORE_CTX *ctx, int *bad, int *out_ok) -{ - X509 *x, *xtmp, *xtmp2, *chain_ss = NULL; - int bad_chain = 0; - X509_VERIFY_PARAM *param = ctx->param; - int ok = 0, ret = 0; - int depth, i; - int num, j, retry, trust; - int (*cb) (int xok, X509_STORE_CTX *xctx); - STACK_OF(X509) *sktmp = NULL; - - cb = ctx->verify_cb; - - /* - * First we make sure the chain we are going to build is - * present and that the first entry is in place. - */ - ctx->chain = sk_X509_new_null(); - if (ctx->chain == NULL || !sk_X509_push(ctx->chain, ctx->cert)) { - X509error(ERR_R_MALLOC_FAILURE); - ctx->error = X509_V_ERR_OUT_OF_MEM; - goto end; - } - X509_up_ref(ctx->cert); - ctx->num_untrusted = 1; - - /* We use a temporary STACK so we can chop and hack at it */ - if (ctx->untrusted != NULL && - (sktmp = sk_X509_dup(ctx->untrusted)) == NULL) { - X509error(ERR_R_MALLOC_FAILURE); - ctx->error = X509_V_ERR_OUT_OF_MEM; - goto end; - } - - num = sk_X509_num(ctx->chain); - x = sk_X509_value(ctx->chain, num - 1); - depth = param->depth; - - for (;;) { - /* If we have enough, we break */ - /* FIXME: If this happens, we should take - * note of it and, if appropriate, use the - * X509_V_ERR_CERT_CHAIN_TOO_LONG error code - * later. - */ - if (depth < num) - break; - /* If we are self signed, we break */ - if (cert_self_signed(x)) - break; - /* - * If asked see if we can find issuer in trusted store first - */ - if (ctx->param->flags & X509_V_FLAG_TRUSTED_FIRST) { - ok = ctx->get_issuer(&xtmp, ctx, x); - if (ok < 0) { - ctx->error = X509_V_ERR_STORE_LOOKUP; - goto end; - } - /* - * If successful for now free up cert so it - * will be picked up again later. - */ - if (ok > 0) { - X509_free(xtmp); - break; - } - } - /* If we were passed a cert chain, use it first */ - if (ctx->untrusted != NULL) { - /* - * If we do not find a non-expired untrusted cert, peek - * ahead and see if we can satisfy this from the trusted - * store. If not, see if we have an expired untrusted cert. - */ - xtmp = find_issuer(ctx, sktmp, x, 0); - if (xtmp == NULL && - !(ctx->param->flags & X509_V_FLAG_TRUSTED_FIRST)) { - ok = ctx->get_issuer(&xtmp, ctx, x); - if (ok < 0) { - ctx->error = X509_V_ERR_STORE_LOOKUP; - goto end; - } - if (ok > 0) { - X509_free(xtmp); - break; - } - xtmp = find_issuer(ctx, sktmp, x, 1); - } - if (xtmp != NULL) { - if (!sk_X509_push(ctx->chain, xtmp)) { - X509error(ERR_R_MALLOC_FAILURE); - ctx->error = X509_V_ERR_OUT_OF_MEM; - ok = 0; - goto end; - } - X509_up_ref(xtmp); - (void)sk_X509_delete_ptr(sktmp, xtmp); - ctx->num_untrusted++; - x = xtmp; - num++; - /* - * reparse the full chain for the next one - */ - continue; - } - } - break; - } - /* Remember how many untrusted certs we have */ - j = num; - - /* - * At this point, chain should contain a list of untrusted - * certificates. We now need to add at least one trusted one, - * if possible, otherwise we complain. - */ - - do { - /* - * Examine last certificate in chain and see if it is - * self signed. - */ - i = sk_X509_num(ctx->chain); - x = sk_X509_value(ctx->chain, i - 1); - if (cert_self_signed(x)) { - /* we have a self signed certificate */ - if (i == 1) { - /* - * We have a single self signed - * certificate: see if we can find it - * in the store. We must have an exact - * match to avoid possible - * impersonation. - */ - ok = ctx->get_issuer(&xtmp, ctx, x); - if ((ok <= 0) || X509_cmp(x, xtmp)) { - ctx->error = X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT; - ctx->current_cert = x; - ctx->error_depth = i - 1; - if (ok == 1) - X509_free(xtmp); - bad_chain = 1; - ok = cb(0, ctx); - if (!ok) - goto end; - } else { - /* - * We have a match: replace - * certificate with store - * version so we get any trust - * settings. - */ - X509_free(x); - x = xtmp; - (void)sk_X509_set(ctx->chain, i - 1, x); - ctx->num_untrusted = 0; - } - } else { - /* - * extract and save self signed - * certificate for later use - */ - chain_ss = sk_X509_pop(ctx->chain); - ctx->num_untrusted--; - num--; - j--; - x = sk_X509_value(ctx->chain, num - 1); - } - } - /* We now lookup certs from the certificate store */ - for (;;) { - /* If we have enough, we break */ - if (depth < num) - break; - /* If we are self signed, we break */ - if (cert_self_signed(x)) - break; - ok = ctx->get_issuer(&xtmp, ctx, x); - - if (ok < 0) { - ctx->error = X509_V_ERR_STORE_LOOKUP; - goto end; - } - if (ok == 0) - break; - x = xtmp; - if (!sk_X509_push(ctx->chain, x)) { - X509_free(xtmp); - X509error(ERR_R_MALLOC_FAILURE); - ctx->error = X509_V_ERR_OUT_OF_MEM; - ok = 0; - goto end; - } - num++; - } - - /* we now have our chain, lets check it... */ - trust = x509_vfy_check_trust(ctx); - - /* If explicitly rejected error */ - if (trust == X509_TRUST_REJECTED) { - ok = 0; - goto end; - } - /* - * If it's not explicitly trusted then check if there - * is an alternative chain that could be used. We only - * do this if we haven't already checked via - * TRUSTED_FIRST and the user hasn't switched off - * alternate chain checking - */ - retry = 0; - if (trust != X509_TRUST_TRUSTED && - !(ctx->param->flags & X509_V_FLAG_TRUSTED_FIRST) && - !(ctx->param->flags & X509_V_FLAG_NO_ALT_CHAINS)) { - while (j-- > 1) { - xtmp2 = sk_X509_value(ctx->chain, j - 1); - ok = ctx->get_issuer(&xtmp, ctx, xtmp2); - if (ok < 0) - goto end; - /* Check if we found an alternate chain */ - if (ok > 0) { - /* - * Free up the found cert - * we'll add it again later - */ - X509_free(xtmp); - /* - * Dump all the certs above - * this point - we've found an - * alternate chain - */ - while (num > j) { - xtmp = sk_X509_pop(ctx->chain); - X509_free(xtmp); - num--; - } - ctx->num_untrusted = sk_X509_num(ctx->chain); - retry = 1; - break; - } - } - } - } while (retry); - - /* - * If not explicitly trusted then indicate error unless it's a single - * self signed certificate in which case we've indicated an error already - * and set bad_chain == 1 - */ - if (trust != X509_TRUST_TRUSTED && !bad_chain) { - if ((chain_ss == NULL) || !ctx->check_issued(ctx, x, chain_ss)) { - if (ctx->num_untrusted >= num) - ctx->error = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY; - else - ctx->error = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT; - ctx->current_cert = x; - } else { - if (!sk_X509_push(ctx->chain, chain_ss)) { - X509error(ERR_R_MALLOC_FAILURE); - ctx->error = X509_V_ERR_OUT_OF_MEM; - ok = 0; - goto end; - } - num++; - ctx->num_untrusted = num; - ctx->current_cert = chain_ss; - ctx->error = X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN; - chain_ss = NULL; - } - - ctx->error_depth = num - 1; - bad_chain = 1; - ok = cb(0, ctx); - if (!ok) - goto end; - } - - ret = 1; - end: - sk_X509_free(sktmp); - X509_free(chain_ss); - *bad = bad_chain; - *out_ok = ok; - - return ret; -} - -static int -X509_verify_cert_legacy(X509_STORE_CTX *ctx) -{ - int ok = 0, bad_chain; - - ctx->error = X509_V_OK; /* Initialize to OK */ - - if (!X509_verify_cert_legacy_build_chain(ctx, &bad_chain, &ok)) - goto end; - - /* We have the chain complete: now we need to check its purpose */ - ok = x509_vfy_check_chain_extensions(ctx); - if (!ok) - goto end; - - /* Check that the chain satisfies the security level. */ - ok = x509_vfy_check_security_level(ctx); - if (!ok) - goto end; - - /* Check name constraints */ - ok = check_name_constraints(ctx); - if (!ok) - goto end; - -#ifndef OPENSSL_NO_RFC3779 - ok = X509v3_asid_validate_path(ctx); - if (!ok) - goto end; - - ok = X509v3_addr_validate_path(ctx); - if (!ok) - goto end; -#endif - - ok = x509_vfy_check_id(ctx); - if (!ok) - goto end; - - /* - * Check revocation status: we do this after copying parameters because - * they may be needed for CRL signature verification. - */ - ok = x509_vfy_check_revocation(ctx); - if (!ok) - goto end; - - /* At this point, we have a chain and need to verify it */ - if (ctx->verify != NULL) - ok = ctx->verify(ctx); - else - ok = internal_verify(ctx); - if (!ok) - goto end; - - /* If we get this far evaluate policies */ - if (!bad_chain) - ok = x509_vfy_check_policy(ctx); - - end: - /* Safety net, error returns must set ctx->error */ - if (ok <= 0 && ctx->error == X509_V_OK) - ctx->error = X509_V_ERR_UNSPECIFIED; - - return ok; -} - -int -X509_verify_cert(X509_STORE_CTX *ctx) -{ - struct x509_verify_ctx *vctx = NULL; - int chain_count = 0; - - if (ctx->cert == NULL) { - X509error(X509_R_NO_CERT_SET_FOR_US_TO_VERIFY); - ctx->error = X509_V_ERR_INVALID_CALL; - return -1; - } - if (ctx->chain != NULL) { - /* - * This X509_STORE_CTX has already been used to verify - * a cert. We cannot do another one. - */ - X509error(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - ctx->error = X509_V_ERR_INVALID_CALL; - return -1; - } - if (ctx->param->poisoned) { - /* - * This X509_STORE_CTX had failures setting - * up verify parameters. We can not use it. - */ - X509error(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - ctx->error = X509_V_ERR_INVALID_CALL; - return -1; - } - if (ctx->error != X509_V_ERR_INVALID_CALL) { - /* - * This X509_STORE_CTX has not been properly initialized. - */ - X509error(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - ctx->error = X509_V_ERR_INVALID_CALL; - return -1; - } - - /* - * If the certificate's public key is too weak, don't bother - * continuing. - */ - if (!check_key_level(ctx, ctx->cert) && - !verify_cb_cert(ctx, ctx->cert, 0, X509_V_ERR_EE_KEY_TOO_SMALL)) - return 0; - - /* - * If flags request legacy, use the legacy verifier. If we - * requested "no alt chains" from the age of hammer pants, use - * the legacy verifier because the multi chain verifier really - * does find all the "alt chains". - * - * XXX deprecate the NO_ALT_CHAINS flag? - */ - if ((ctx->param->flags & X509_V_FLAG_LEGACY_VERIFY) || - (ctx->param->flags & X509_V_FLAG_NO_ALT_CHAINS)) - return X509_verify_cert_legacy(ctx); - - /* Use the modern multi-chain verifier from x509_verify_cert */ - - if ((vctx = x509_verify_ctx_new_from_xsc(ctx)) != NULL) { - ctx->error = X509_V_OK; /* Initialize to OK */ - chain_count = x509_verify(vctx, NULL, NULL); - } - x509_verify_ctx_free(vctx); - - /* if we succeed we have a chain in ctx->chain */ - return chain_count > 0 && ctx->chain != NULL; -} -LCRYPTO_ALIAS(X509_verify_cert); - -/* Given a STACK_OF(X509) find the issuer of cert (if any) - */ - -static X509 * -find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x, - int allow_expired) -{ - int i; - X509 *issuer, *rv = NULL; - - for (i = 0; i < sk_X509_num(sk); i++) { - issuer = sk_X509_value(sk, i); - if (ctx->check_issued(ctx, x, issuer)) { - if (x509_check_cert_time(ctx, issuer, -1)) - return issuer; - if (allow_expired) - rv = issuer; - } - } - return rv; -} - -/* Given a possible certificate and issuer check them */ - -static int -check_issued(X509_STORE_CTX *ctx, X509 *subject, X509 *issuer) -{ - /* - * Yes, the arguments of X509_STORE_CTX_check_issued_fn were exposed in - * reverse order compared to the already public X509_check_issued()... - */ - return X509_check_issued(issuer, subject) == X509_V_OK; -} - -/* Alternative lookup method: look from a STACK stored in ctx->trusted */ - -static int -x509_vfy_get_trusted_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) -{ - *issuer = find_issuer(ctx, ctx->trusted, x, 1); - if (*issuer) { - CRYPTO_add(&(*issuer)->references, 1, CRYPTO_LOCK_X509); - return 1; - } else - return 0; -} - -/* Check a certificate chains extensions for consistency - * with the supplied purpose - */ - -int -x509_vfy_check_chain_extensions(X509_STORE_CTX *ctx) -{ - int i, ok = 0, must_be_ca, plen = 0; - X509 *x; - int (*cb)(int xok, X509_STORE_CTX *xctx); - int proxy_path_length = 0; - int purpose; - - cb = ctx->verify_cb; - - /* must_be_ca can have 1 of 3 values: - -1: we accept both CA and non-CA certificates, to allow direct - use of self-signed certificates (which are marked as CA). - 0: we only accept non-CA certificates. This is currently not - used, but the possibility is present for future extensions. - 1: we only accept CA certificates. This is currently used for - all certificates in the chain except the leaf certificate. - */ - must_be_ca = -1; - - /* CRL path validation */ - if (ctx->parent) - purpose = X509_PURPOSE_CRL_SIGN; - else - purpose = ctx->param->purpose; - - /* Check all untrusted certificates */ - for (i = 0; i < ctx->num_untrusted; i++) { - int ret; - x = sk_X509_value(ctx->chain, i); - if (!(ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL) && - (x->ex_flags & EXFLAG_CRITICAL)) { - ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION; - ctx->error_depth = i; - ctx->current_cert = x; - ok = cb(0, ctx); - if (!ok) - goto end; - } - ret = X509_check_ca(x); - if (must_be_ca == -1) { - if ((ctx->param->flags & X509_V_FLAG_X509_STRICT) && - (ret != 1) && (ret != 0)) { - ret = 0; - ctx->error = X509_V_ERR_INVALID_CA; - } else - ret = 1; - } else { - if ((ret == 0) || - ((ctx->param->flags & X509_V_FLAG_X509_STRICT) && - (ret != 1))) { - ret = 0; - ctx->error = X509_V_ERR_INVALID_CA; - } else - ret = 1; - } - if (ret == 0) { - ctx->error_depth = i; - ctx->current_cert = x; - ok = cb(0, ctx); - if (!ok) - goto end; - } - if (ctx->param->purpose > 0) { - ret = X509_check_purpose(x, purpose, must_be_ca > 0); - if ((ret == 0) || - ((ctx->param->flags & X509_V_FLAG_X509_STRICT) && - (ret != 1))) { - ctx->error = X509_V_ERR_INVALID_PURPOSE; - ctx->error_depth = i; - ctx->current_cert = x; - ok = cb(0, ctx); - if (!ok) - goto end; - } - } - /* Check pathlen if not self issued */ - if ((i > 1) && !(x->ex_flags & EXFLAG_SI) && - (x->ex_pathlen != -1) && - (plen > (x->ex_pathlen + proxy_path_length + 1))) { - ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED; - ctx->error_depth = i; - ctx->current_cert = x; - ok = cb(0, ctx); - if (!ok) - goto end; - } - /* Increment path length if not self issued */ - if (!(x->ex_flags & EXFLAG_SI)) - plen++; - must_be_ca = 1; - } - - ok = 1; - - end: - return ok; -} - -static int -check_name_constraints(X509_STORE_CTX *ctx) -{ - if (!x509_constraints_chain(ctx->chain, &ctx->error, - &ctx->error_depth)) { - ctx->current_cert = sk_X509_value(ctx->chain, ctx->error_depth); - if (!ctx->verify_cb(0, ctx)) - return 0; - } - return 1; -} - -/* Given a certificate try and find an exact match in the store */ - -static X509 * -lookup_cert_match(X509_STORE_CTX *ctx, X509 *x) -{ - STACK_OF(X509) *certs; - X509 *xtmp = NULL; - size_t i; - - /* Lookup all certs with matching subject name */ - certs = X509_STORE_CTX_get1_certs(ctx, X509_get_subject_name(x)); - if (certs == NULL) - return NULL; - - /* Look for exact match */ - for (i = 0; i < sk_X509_num(certs); i++) { - xtmp = sk_X509_value(certs, i); - if (!X509_cmp(xtmp, x)) - break; - } - - if (i < sk_X509_num(certs)) - X509_up_ref(xtmp); - else - xtmp = NULL; - - sk_X509_pop_free(certs, X509_free); - return xtmp; -} - -X509 * -x509_vfy_lookup_cert_match(X509_STORE_CTX *ctx, X509 *x) -{ - if (ctx->store == NULL || ctx->store->objs == NULL) - return NULL; - return lookup_cert_match(ctx, x); -} - -int -x509_vfy_check_trust(X509_STORE_CTX *ctx) -{ - size_t i; - int ok; - X509 *x = NULL; - int (*cb) (int xok, X509_STORE_CTX *xctx); - - cb = ctx->verify_cb; - /* Check all trusted certificates in chain */ - for (i = ctx->num_untrusted; i < sk_X509_num(ctx->chain); i++) { - x = sk_X509_value(ctx->chain, i); - ok = X509_check_trust(x, ctx->param->trust, 0); - - /* If explicitly trusted return trusted */ - if (ok == X509_TRUST_TRUSTED) - return X509_TRUST_TRUSTED; - /* - * If explicitly rejected notify callback and reject if not - * overridden. - */ - if (ok == X509_TRUST_REJECTED) { - ctx->error_depth = i; - ctx->current_cert = x; - ctx->error = X509_V_ERR_CERT_REJECTED; - ok = cb(0, ctx); - if (!ok) - return X509_TRUST_REJECTED; - } - } - /* - * If we accept partial chains and have at least one trusted certificate - * return success. - */ - if (ctx->param->flags & X509_V_FLAG_PARTIAL_CHAIN) { - X509 *mx; - if (ctx->num_untrusted < (int)sk_X509_num(ctx->chain)) - return X509_TRUST_TRUSTED; - x = sk_X509_value(ctx->chain, 0); - mx = lookup_cert_match(ctx, x); - if (mx) { - (void)sk_X509_set(ctx->chain, 0, mx); - X509_free(x); - ctx->num_untrusted = 0; - return X509_TRUST_TRUSTED; - } - } - - /* - * If no trusted certs in chain at all return untrusted and allow - * standard (no issuer cert) etc errors to be indicated. - */ - return X509_TRUST_UNTRUSTED; -} - -int -x509_vfy_check_revocation(X509_STORE_CTX *ctx) -{ - int i, last, ok; - - if (!(ctx->param->flags & X509_V_FLAG_CRL_CHECK)) - return 1; - if (ctx->param->flags & X509_V_FLAG_CRL_CHECK_ALL) - last = sk_X509_num(ctx->chain) - 1; - else { - /* If checking CRL paths this isn't the EE certificate */ - if (ctx->parent) - return 1; - last = 0; - } - for (i = 0; i <= last; i++) { - ok = check_cert(ctx, ctx->chain, i); - if (!ok) - return ok; - } - return 1; -} - -static int -check_cert(X509_STORE_CTX *ctx, STACK_OF(X509) *chain, int depth) -{ - X509_CRL *crl = NULL, *dcrl = NULL; - X509 *x; - int ok = 0, cnum; - unsigned int last_reasons; - - cnum = ctx->error_depth = depth; - x = sk_X509_value(chain, cnum); - ctx->current_cert = x; - ctx->current_issuer = NULL; - ctx->current_crl_score = 0; - ctx->current_reasons = 0; - while (ctx->current_reasons != CRLDP_ALL_REASONS) { - last_reasons = ctx->current_reasons; - /* Try to retrieve relevant CRL */ - ok = get_crl_delta(ctx, &crl, &dcrl, x); - if (!ok) { - ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL; - ok = ctx->verify_cb(0, ctx); - goto err; - } - ctx->current_crl = crl; - ok = x509_vfy_check_crl(ctx, crl); - if (!ok) - goto err; - - if (dcrl) { - ok = x509_vfy_check_crl(ctx, dcrl); - if (!ok) - goto err; - ok = x509_vfy_cert_crl(ctx, dcrl, x); - if (!ok) - goto err; - } else - ok = 1; - - /* Don't look in full CRL if delta reason is removefromCRL */ - if (ok != 2) { - ok = x509_vfy_cert_crl(ctx, crl, x); - if (!ok) - goto err; - } - - ctx->current_crl = NULL; - X509_CRL_free(crl); - X509_CRL_free(dcrl); - crl = NULL; - dcrl = NULL; - /* If reasons not updated we wont get anywhere by - * another iteration, so exit loop. - */ - if (last_reasons == ctx->current_reasons) { - ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL; - ok = ctx->verify_cb(0, ctx); - goto err; - } - } - -err: - ctx->current_crl = NULL; - X509_CRL_free(crl); - X509_CRL_free(dcrl); - return ok; -} - -/* Check CRL times against values in X509_STORE_CTX */ - -static int -check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify) -{ - time_t *ptime; - int i; - - if (notify) - ctx->current_crl = crl; - if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME) - ptime = &ctx->param->check_time; - else if (ctx->param->flags & X509_V_FLAG_NO_CHECK_TIME) - return 1; - else - ptime = NULL; - - i = X509_cmp_time(X509_CRL_get_lastUpdate(crl), ptime); - if (i == 0) { - if (!notify) - return 0; - ctx->error = X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD; - if (!ctx->verify_cb(0, ctx)) - return 0; - } - - if (i > 0) { - if (!notify) - return 0; - ctx->error = X509_V_ERR_CRL_NOT_YET_VALID; - if (!ctx->verify_cb(0, ctx)) - return 0; - } - - if (X509_CRL_get_nextUpdate(crl)) { - i = X509_cmp_time(X509_CRL_get_nextUpdate(crl), ptime); - - if (i == 0) { - if (!notify) - return 0; - ctx->error = X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD; - if (!ctx->verify_cb(0, ctx)) - return 0; - } - /* Ignore expiry of base CRL is delta is valid */ - if ((i < 0) && - !(ctx->current_crl_score & CRL_SCORE_TIME_DELTA)) { - if (!notify) - return 0; - ctx->error = X509_V_ERR_CRL_HAS_EXPIRED; - if (!ctx->verify_cb(0, ctx)) - return 0; - } - } - - if (notify) - ctx->current_crl = NULL; - - return 1; -} - -static int -get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl, - X509 **pissuer, int *pscore, unsigned int *preasons, - STACK_OF(X509_CRL) *crls) -{ - int i, crl_score, best_score = *pscore; - unsigned int reasons, best_reasons = 0; - X509 *x = ctx->current_cert; - X509_CRL *crl, *best_crl = NULL; - X509 *crl_issuer = NULL, *best_crl_issuer = NULL; - - for (i = 0; i < sk_X509_CRL_num(crls); i++) { - crl = sk_X509_CRL_value(crls, i); - reasons = *preasons; - crl_score = get_crl_score(ctx, &crl_issuer, &reasons, crl, x); - - if (crl_score > best_score) { - best_crl = crl; - best_crl_issuer = crl_issuer; - best_score = crl_score; - best_reasons = reasons; - } - } - - if (best_crl) { - if (*pcrl) - X509_CRL_free(*pcrl); - *pcrl = best_crl; - *pissuer = best_crl_issuer; - *pscore = best_score; - *preasons = best_reasons; - CRYPTO_add(&best_crl->references, 1, CRYPTO_LOCK_X509_CRL); - if (*pdcrl) { - X509_CRL_free(*pdcrl); - *pdcrl = NULL; - } - get_delta_sk(ctx, pdcrl, pscore, best_crl, crls); - } - - if (best_score >= CRL_SCORE_VALID) - return 1; - - return 0; -} - -/* Compare two CRL extensions for delta checking purposes. They should be - * both present or both absent. If both present all fields must be identical. - */ - -static int -crl_extension_match(X509_CRL *a, X509_CRL *b, int nid) -{ - ASN1_OCTET_STRING *exta, *extb; - int i; - - i = X509_CRL_get_ext_by_NID(a, nid, -1); - if (i >= 0) { - /* Can't have multiple occurrences */ - if (X509_CRL_get_ext_by_NID(a, nid, i) != -1) - return 0; - exta = X509_EXTENSION_get_data(X509_CRL_get_ext(a, i)); - } else - exta = NULL; - - i = X509_CRL_get_ext_by_NID(b, nid, -1); - - if (i >= 0) { - if (X509_CRL_get_ext_by_NID(b, nid, i) != -1) - return 0; - extb = X509_EXTENSION_get_data(X509_CRL_get_ext(b, i)); - } else - extb = NULL; - - if (!exta && !extb) - return 1; - - if (!exta || !extb) - return 0; - - if (ASN1_OCTET_STRING_cmp(exta, extb)) - return 0; - - return 1; -} - -/* See if a base and delta are compatible */ - -static int -check_delta_base(X509_CRL *delta, X509_CRL *base) -{ - /* Delta CRL must be a delta */ - if (!delta->base_crl_number) - return 0; - /* Base must have a CRL number */ - if (!base->crl_number) - return 0; - /* Issuer names must match */ - if (X509_NAME_cmp(X509_CRL_get_issuer(base), - X509_CRL_get_issuer(delta))) - return 0; - /* AKID and IDP must match */ - if (!crl_extension_match(delta, base, NID_authority_key_identifier)) - return 0; - if (!crl_extension_match(delta, base, NID_issuing_distribution_point)) - return 0; - /* Delta CRL base number must not exceed Full CRL number. */ - if (ASN1_INTEGER_cmp(delta->base_crl_number, base->crl_number) > 0) - return 0; - /* Delta CRL number must exceed full CRL number */ - if (ASN1_INTEGER_cmp(delta->crl_number, base->crl_number) > 0) - return 1; - return 0; -} - -/* For a given base CRL find a delta... maybe extend to delta scoring - * or retrieve a chain of deltas... - */ - -static void -get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pscore, X509_CRL *base, - STACK_OF(X509_CRL) *crls) -{ - X509_CRL *delta; - int i; - - if (!(ctx->param->flags & X509_V_FLAG_USE_DELTAS)) - return; - if (!((ctx->current_cert->ex_flags | base->flags) & EXFLAG_FRESHEST)) - return; - for (i = 0; i < sk_X509_CRL_num(crls); i++) { - delta = sk_X509_CRL_value(crls, i); - if (check_delta_base(delta, base)) { - if (check_crl_time(ctx, delta, 0)) - *pscore |= CRL_SCORE_TIME_DELTA; - CRYPTO_add(&delta->references, 1, CRYPTO_LOCK_X509_CRL); - *dcrl = delta; - return; - } - } - *dcrl = NULL; -} - -/* For a given CRL return how suitable it is for the supplied certificate 'x'. - * The return value is a mask of several criteria. - * If the issuer is not the certificate issuer this is returned in *pissuer. - * The reasons mask is also used to determine if the CRL is suitable: if - * no new reasons the CRL is rejected, otherwise reasons is updated. - */ - -static int -get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer, unsigned int *preasons, - X509_CRL *crl, X509 *x) -{ - int crl_score = 0; - unsigned int tmp_reasons = *preasons, crl_reasons; - - /* First see if we can reject CRL straight away */ - - /* Invalid IDP cannot be processed */ - if (crl->idp_flags & IDP_INVALID) - return 0; - /* Reason codes or indirect CRLs need extended CRL support */ - if (!(ctx->param->flags & X509_V_FLAG_EXTENDED_CRL_SUPPORT)) { - if (crl->idp_flags & (IDP_INDIRECT | IDP_REASONS)) - return 0; - } else if (crl->idp_flags & IDP_REASONS) { - /* If no new reasons reject */ - if (!(crl->idp_reasons & ~tmp_reasons)) - return 0; - } - /* Don't process deltas at this stage */ - else if (crl->base_crl_number) - return 0; - /* If issuer name doesn't match certificate need indirect CRL */ - if (X509_NAME_cmp(X509_get_issuer_name(x), X509_CRL_get_issuer(crl))) { - if (!(crl->idp_flags & IDP_INDIRECT)) - return 0; - } else - crl_score |= CRL_SCORE_ISSUER_NAME; - - if (!(crl->flags & EXFLAG_CRITICAL)) - crl_score |= CRL_SCORE_NOCRITICAL; - - /* Check expiry */ - if (check_crl_time(ctx, crl, 0)) - crl_score |= CRL_SCORE_TIME; - - /* Check authority key ID and locate certificate issuer */ - crl_akid_check(ctx, crl, pissuer, &crl_score); - - /* If we can't locate certificate issuer at this point forget it */ - - if (!(crl_score & CRL_SCORE_AKID)) - return 0; - - /* Check cert for matching CRL distribution points */ - - if (crl_crldp_check(x, crl, crl_score, &crl_reasons)) { - /* If no new reasons reject */ - if (!(crl_reasons & ~tmp_reasons)) - return 0; - tmp_reasons |= crl_reasons; - crl_score |= CRL_SCORE_SCOPE; - } - - *preasons = tmp_reasons; - - return crl_score; -} - -static void -crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl, X509 **pissuer, - int *pcrl_score) -{ - X509 *crl_issuer = NULL; - X509_NAME *cnm = X509_CRL_get_issuer(crl); - int cidx = ctx->error_depth; - int i; - - if (cidx != sk_X509_num(ctx->chain) - 1) - cidx++; - - crl_issuer = sk_X509_value(ctx->chain, cidx); - - if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) { - if (*pcrl_score & CRL_SCORE_ISSUER_NAME) { - *pcrl_score |= CRL_SCORE_AKID|CRL_SCORE_ISSUER_CERT; - *pissuer = crl_issuer; - return; - } - } - - for (cidx++; cidx < sk_X509_num(ctx->chain); cidx++) { - crl_issuer = sk_X509_value(ctx->chain, cidx); - if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm)) - continue; - if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) { - *pcrl_score |= CRL_SCORE_AKID|CRL_SCORE_SAME_PATH; - *pissuer = crl_issuer; - return; - } - } - - /* Anything else needs extended CRL support */ - - if (!(ctx->param->flags & X509_V_FLAG_EXTENDED_CRL_SUPPORT)) - return; - - /* Otherwise the CRL issuer is not on the path. Look for it in the - * set of untrusted certificates. - */ - for (i = 0; i < sk_X509_num(ctx->untrusted); i++) { - crl_issuer = sk_X509_value(ctx->untrusted, i); - if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm)) - continue; - if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) { - *pissuer = crl_issuer; - *pcrl_score |= CRL_SCORE_AKID; - return; - } - } -} - -/* Check the path of a CRL issuer certificate. This creates a new - * X509_STORE_CTX and populates it with most of the parameters from the - * parent. This could be optimised somewhat since a lot of path checking - * will be duplicated by the parent, but this will rarely be used in - * practice. - */ - -static int -check_crl_path(X509_STORE_CTX *ctx, X509 *x) -{ - X509_STORE_CTX crl_ctx; - int ret; - - /* Don't allow recursive CRL path validation */ - if (ctx->parent) - return 0; - if (!X509_STORE_CTX_init(&crl_ctx, ctx->store, x, ctx->untrusted)) { - ret = -1; - goto err; - } - - crl_ctx.crls = ctx->crls; - /* Copy verify params across */ - X509_STORE_CTX_set0_param(&crl_ctx, ctx->param); - - crl_ctx.parent = ctx; - crl_ctx.verify_cb = ctx->verify_cb; - - /* Verify CRL issuer */ - ret = X509_verify_cert(&crl_ctx); - - if (ret <= 0) - goto err; - - /* Check chain is acceptable */ - ret = check_crl_chain(ctx, ctx->chain, crl_ctx.chain); - -err: - X509_STORE_CTX_cleanup(&crl_ctx); - return ret; -} - -/* RFC3280 says nothing about the relationship between CRL path - * and certificate path, which could lead to situations where a - * certificate could be revoked or validated by a CA not authorised - * to do so. RFC5280 is more strict and states that the two paths must - * end in the same trust anchor, though some discussions remain... - * until this is resolved we use the RFC5280 version - */ - -static int -check_crl_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *cert_path, - STACK_OF(X509) *crl_path) -{ - X509 *cert_ta, *crl_ta; - - cert_ta = sk_X509_value(cert_path, sk_X509_num(cert_path) - 1); - crl_ta = sk_X509_value(crl_path, sk_X509_num(crl_path) - 1); - if (!X509_cmp(cert_ta, crl_ta)) - return 1; - return 0; -} - -/* Check for match between two dist point names: three separate cases. - * 1. Both are relative names and compare X509_NAME types. - * 2. One full, one relative. Compare X509_NAME to GENERAL_NAMES. - * 3. Both are full names and compare two GENERAL_NAMES. - * 4. One is NULL: automatic match. - */ - -static int -idp_check_dp(DIST_POINT_NAME *a, DIST_POINT_NAME *b) -{ - X509_NAME *nm = NULL; - GENERAL_NAMES *gens = NULL; - GENERAL_NAME *gena, *genb; - int i, j; - - if (!a || !b) - return 1; - if (a->type == 1) { - if (!a->dpname) - return 0; - /* Case 1: two X509_NAME */ - if (b->type == 1) { - if (!b->dpname) - return 0; - if (!X509_NAME_cmp(a->dpname, b->dpname)) - return 1; - else - return 0; - } - /* Case 2: set name and GENERAL_NAMES appropriately */ - nm = a->dpname; - gens = b->name.fullname; - } else if (b->type == 1) { - if (!b->dpname) - return 0; - /* Case 2: set name and GENERAL_NAMES appropriately */ - gens = a->name.fullname; - nm = b->dpname; - } - - /* Handle case 2 with one GENERAL_NAMES and one X509_NAME */ - if (nm) { - for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) { - gena = sk_GENERAL_NAME_value(gens, i); - if (gena->type != GEN_DIRNAME) - continue; - if (!X509_NAME_cmp(nm, gena->d.directoryName)) - return 1; - } - return 0; - } - - /* Else case 3: two GENERAL_NAMES */ - - for (i = 0; i < sk_GENERAL_NAME_num(a->name.fullname); i++) { - gena = sk_GENERAL_NAME_value(a->name.fullname, i); - for (j = 0; j < sk_GENERAL_NAME_num(b->name.fullname); j++) { - genb = sk_GENERAL_NAME_value(b->name.fullname, j); - if (!GENERAL_NAME_cmp(gena, genb)) - return 1; - } - } - - return 0; -} - -static int -crldp_check_crlissuer(DIST_POINT *dp, X509_CRL *crl, int crl_score) -{ - int i; - X509_NAME *nm = X509_CRL_get_issuer(crl); - - /* If no CRLissuer return is successful iff don't need a match */ - if (!dp->CRLissuer) - return !!(crl_score & CRL_SCORE_ISSUER_NAME); - for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++) { - GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i); - if (gen->type != GEN_DIRNAME) - continue; - if (!X509_NAME_cmp(gen->d.directoryName, nm)) - return 1; - } - return 0; -} - -/* Check CRLDP and IDP */ - -static int -crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score, unsigned int *preasons) -{ - int i; - - if (crl->idp_flags & IDP_ONLYATTR) - return 0; - if (x->ex_flags & EXFLAG_CA) { - if (crl->idp_flags & IDP_ONLYUSER) - return 0; - } else { - if (crl->idp_flags & IDP_ONLYCA) - return 0; - } - *preasons = crl->idp_reasons; - for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++) { - DIST_POINT *dp = sk_DIST_POINT_value(x->crldp, i); - if (crldp_check_crlissuer(dp, crl, crl_score)) { - if (!crl->idp || - idp_check_dp(dp->distpoint, crl->idp->distpoint)) { - *preasons &= dp->dp_reasons; - return 1; - } - } - } - if ((!crl->idp || !crl->idp->distpoint) && - (crl_score & CRL_SCORE_ISSUER_NAME)) - return 1; - return 0; -} - -/* Retrieve CRL corresponding to current certificate. - * If deltas enabled try to find a delta CRL too - */ - -static int -get_crl_delta(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x) -{ - int ok; - X509 *issuer = NULL; - int crl_score = 0; - unsigned int reasons; - X509_CRL *crl = NULL, *dcrl = NULL; - STACK_OF(X509_CRL) *skcrl; - X509_NAME *nm = X509_get_issuer_name(x); - - reasons = ctx->current_reasons; - ok = get_crl_sk(ctx, &crl, &dcrl, &issuer, &crl_score, &reasons, - ctx->crls); - if (ok) - goto done; - - /* Lookup CRLs from store */ - skcrl = X509_STORE_CTX_get1_crls(ctx, nm); - - /* If no CRLs found and a near match from get_crl_sk use that */ - if (!skcrl && crl) - goto done; - - get_crl_sk(ctx, &crl, &dcrl, &issuer, &crl_score, &reasons, skcrl); - - sk_X509_CRL_pop_free(skcrl, X509_CRL_free); - -done: - - /* If we got any kind of CRL use it and return success */ - if (crl) { - ctx->current_issuer = issuer; - ctx->current_crl_score = crl_score; - ctx->current_reasons = reasons; - *pcrl = crl; - *pdcrl = dcrl; - return 1; - } - - return 0; -} - -/* Matches x509_verify_parent_signature() */ -static int -x509_crl_verify_parent_signature(X509 *parent, X509_CRL *crl, int *error) -{ - EVP_PKEY *pkey; - int cached; - int ret = 0; - - /* Use cached value if we have it */ - if ((cached = x509_issuer_cache_find(parent->hash, crl->hash)) >= 0) { - if (cached == 0) - *error = X509_V_ERR_CRL_SIGNATURE_FAILURE; - return cached; - } - - /* Check signature. Did parent sign crl? */ - if ((pkey = X509_get0_pubkey(parent)) == NULL) { - *error = X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY; - return 0; - } - if (X509_CRL_verify(crl, pkey) <= 0) - *error = X509_V_ERR_CRL_SIGNATURE_FAILURE; - else - ret = 1; - - /* Add result to cache */ - x509_issuer_cache_add(parent->hash, crl->hash, ret); - - return ret; -} - -/* Check CRL validity */ -static int -x509_vfy_check_crl(X509_STORE_CTX *ctx, X509_CRL *crl) -{ - X509 *issuer = NULL; - int ok = 0, chnum, cnum; - - cnum = ctx->error_depth; - chnum = sk_X509_num(ctx->chain) - 1; - /* if we have an alternative CRL issuer cert use that */ - if (ctx->current_issuer) { - issuer = ctx->current_issuer; - } else if (cnum < chnum) { - /* - * Else find CRL issuer: if not last certificate then issuer - * is next certificate in chain. - */ - issuer = sk_X509_value(ctx->chain, cnum + 1); - } else { - issuer = sk_X509_value(ctx->chain, chnum); - /* If not self signed, can't check signature */ - if (!ctx->check_issued(ctx, issuer, issuer)) { - ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER; - ok = ctx->verify_cb(0, ctx); - if (!ok) - goto err; - } - } - - if (issuer) { - /* Skip most tests for deltas because they have already - * been done - */ - if (!crl->base_crl_number) { - /* Check for cRLSign bit if keyUsage present */ - if ((issuer->ex_flags & EXFLAG_KUSAGE) && - !(issuer->ex_kusage & KU_CRL_SIGN)) { - ctx->error = X509_V_ERR_KEYUSAGE_NO_CRL_SIGN; - ok = ctx->verify_cb(0, ctx); - if (!ok) - goto err; - } - - if (!(ctx->current_crl_score & CRL_SCORE_SCOPE)) { - ctx->error = X509_V_ERR_DIFFERENT_CRL_SCOPE; - ok = ctx->verify_cb(0, ctx); - if (!ok) - goto err; - } - - if (!(ctx->current_crl_score & CRL_SCORE_SAME_PATH)) { - if (check_crl_path(ctx, - ctx->current_issuer) <= 0) { - ctx->error = X509_V_ERR_CRL_PATH_VALIDATION_ERROR; - ok = ctx->verify_cb(0, ctx); - if (!ok) - goto err; - } - } - - if (crl->idp_flags & IDP_INVALID) { - ctx->error = X509_V_ERR_INVALID_EXTENSION; - ok = ctx->verify_cb(0, ctx); - if (!ok) - goto err; - } - - - } - - if (!(ctx->current_crl_score & CRL_SCORE_TIME)) { - ok = check_crl_time(ctx, crl, 1); - if (!ok) - goto err; - } - - if (!x509_crl_verify_parent_signature(issuer, crl, &ctx->error)) { - ok = ctx->verify_cb(0, ctx); - if (!ok) - goto err; - } - } - - ok = 1; - - err: - return ok; -} - -/* Check certificate against CRL */ -static int -x509_vfy_cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x) -{ - int ok; - X509_REVOKED *rev; - - /* The rules changed for this... previously if a CRL contained - * unhandled critical extensions it could still be used to indicate - * a certificate was revoked. This has since been changed since - * critical extension can change the meaning of CRL entries. - */ - if (!(ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL) && - (crl->flags & EXFLAG_CRITICAL)) { - ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION; - ok = ctx->verify_cb(0, ctx); - if (!ok) - return 0; - } - /* Look for serial number of certificate in CRL - * If found make sure reason is not removeFromCRL. - */ - if (X509_CRL_get0_by_cert(crl, &rev, x)) { - if (rev->reason == CRL_REASON_REMOVE_FROM_CRL) - return 2; - ctx->error = X509_V_ERR_CERT_REVOKED; - ok = ctx->verify_cb(0, ctx); - if (!ok) - return 0; - } - - return 1; -} - -int -x509_vfy_check_policy(X509_STORE_CTX *ctx) -{ - X509 *current_cert = NULL; - int ret; - - if (ctx->parent != NULL) - return 1; - - ret = X509_policy_check(ctx->chain, ctx->param->policies, - ctx->param->flags, ¤t_cert); - if (ret != X509_V_OK) { - ctx->current_cert = current_cert; - ctx->error = ret; - if (ret == X509_V_ERR_OUT_OF_MEM) - return 0; - return ctx->verify_cb(0, ctx); - } - - if (ctx->param->flags & X509_V_FLAG_NOTIFY_POLICY) { - ctx->current_cert = NULL; - /* - * Verification errors need to be "sticky", a callback may have - * allowed an SSL handshake to continue despite an error, and - * we must then remain in an error state. Therefore, we MUST - * NOT clear earlier verification errors by setting the error - * to X509_V_OK. - */ - if (!ctx->verify_cb(2, ctx)) - return 0; - } - - return 1; -} - -/* - * Inform the verify callback of an error. - * - * If x is not NULL it is the error cert, otherwise use the chain cert - * at depth. - * - * If err is not X509_V_OK, that's the error value, otherwise leave - * unchanged (presumably set by the caller). - * - * Returns 0 to abort verification with an error, non-zero to continue. - */ -static int -verify_cb_cert(X509_STORE_CTX *ctx, X509 *x, int depth, int err) -{ - ctx->error_depth = depth; - ctx->current_cert = (x != NULL) ? x : sk_X509_value(ctx->chain, depth); - if (err != X509_V_OK) - ctx->error = err; - return ctx->verify_cb(0, ctx); -} - -/* - * Check certificate validity times. - * - * If depth >= 0, invoke verification callbacks on error, otherwise just return - * the validation status. - * - * Return 1 on success, 0 otherwise. - */ -int -x509_check_cert_time(X509_STORE_CTX *ctx, X509 *x, int depth) -{ - time_t ptime; - int i; - - if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME) - ptime = ctx->param->check_time; - else if (ctx->param->flags & X509_V_FLAG_NO_CHECK_TIME) - return 1; - else - ptime = time(NULL); - - i = X509_cmp_time(X509_get_notBefore(x), &ptime); - - if (i >= 0 && depth < 0) - return 0; - if (i == 0 && !verify_cb_cert(ctx, x, depth, - X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD)) - return 0; - if (i > 0 && !verify_cb_cert(ctx, x, depth, - X509_V_ERR_CERT_NOT_YET_VALID)) - return 0; - - i = X509_cmp_time_internal(X509_get_notAfter(x), &ptime, 1); - - if (i <= 0 && depth < 0) - return 0; - if (i == 0 && !verify_cb_cert(ctx, x, depth, - X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD)) - return 0; - if (i < 0 && !verify_cb_cert(ctx, x, depth, - X509_V_ERR_CERT_HAS_EXPIRED)) - return 0; - - return 1; -} - -static int -x509_vfy_internal_verify(X509_STORE_CTX *ctx, int chain_verified) -{ - int n = sk_X509_num(ctx->chain) - 1; - X509 *xi = sk_X509_value(ctx->chain, n); - X509 *xs; - - if (ctx->check_issued(ctx, xi, xi)) - xs = xi; - else { - if (ctx->param->flags & X509_V_FLAG_PARTIAL_CHAIN) { - xs = xi; - goto check_cert; - } - if (n <= 0) - return verify_cb_cert(ctx, xi, 0, - X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE); - n--; - ctx->error_depth = n; - xs = sk_X509_value(ctx->chain, n); - } - - /* - * Do not clear ctx->error=0, it must be "sticky", only the - * user's callback is allowed to reset errors (at its own - * peril). - */ - while (n >= 0) { - - /* - * Skip signature check for self signed certificates - * unless explicitly asked for. It doesn't add any - * security and just wastes time. If the issuer's - * public key is unusable, report the issuer - * certificate and its depth (rather than the depth of - * the subject). - */ - if (!chain_verified && ( xs != xi || - (ctx->param->flags & X509_V_FLAG_CHECK_SS_SIGNATURE))) { - EVP_PKEY *pkey; - if ((pkey = X509_get_pubkey(xi)) == NULL) { - if (!verify_cb_cert(ctx, xi, xi != xs ? n+1 : n, - X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY)) - return 0; - } else if (X509_verify(xs, pkey) <= 0) { - if (!verify_cb_cert(ctx, xs, n, - X509_V_ERR_CERT_SIGNATURE_FAILURE)) { - EVP_PKEY_free(pkey); - return 0; - } - } - EVP_PKEY_free(pkey); - } -check_cert: - /* Calls verify callback as needed */ - if (!chain_verified && !x509_check_cert_time(ctx, xs, n)) - return 0; - - /* - * Signal success at this depth. However, the - * previous error (if any) is retained. - */ - ctx->current_issuer = xi; - ctx->current_cert = xs; - ctx->error_depth = n; - if (!ctx->verify_cb(1, ctx)) - return 0; - - if (--n >= 0) { - xi = xs; - xs = sk_X509_value(ctx->chain, n); - } - } - return 1; -} - -static int -internal_verify(X509_STORE_CTX *ctx) -{ - return x509_vfy_internal_verify(ctx, 0); -} - -/* - * Internal verify, but with a chain where the verification - * math has already been performed. - */ -int -x509_vfy_callback_indicate_completion(X509_STORE_CTX *ctx) -{ - return x509_vfy_internal_verify(ctx, 1); -} - -int -X509_cmp_current_time(const ASN1_TIME *ctm) -{ - return X509_cmp_time(ctm, NULL); -} -LCRYPTO_ALIAS(X509_cmp_current_time); - -/* - * Compare a possibly unvalidated ASN1_TIME string against a time_t - * using RFC 5280 rules for the time string. If *cmp_time is NULL - * the current system time is used. - * - * XXX NOTE that unlike what you expect a "cmp" function to do in C, - * XXX this one is "special", and returns 0 for error. - * - * Returns: - * -1 if the ASN1_time is earlier than OR the same as *cmp_time. - * 1 if the ASN1_time is later than *cmp_time. - * 0 on error. - */ -static int -X509_cmp_time_internal(const ASN1_TIME *ctm, time_t *cmp_time, int is_notafter) -{ - time_t compare, cert_time; - - if (cmp_time == NULL) - compare = time(NULL); - else - compare = *cmp_time; - - if (!x509_verify_asn1_time_to_time_t(ctm, is_notafter, &cert_time)) - return 0; /* invalid time */ - - if (cert_time <= compare) - return -1; /* 0 is used for error, so map same to less than */ - - return 1; -} - -int -X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time) -{ - return X509_cmp_time_internal(ctm, cmp_time, 0); -} -LCRYPTO_ALIAS(X509_cmp_time); - - -ASN1_TIME * -X509_gmtime_adj(ASN1_TIME *s, long adj) -{ - return X509_time_adj(s, adj, NULL); -} -LCRYPTO_ALIAS(X509_gmtime_adj); - -ASN1_TIME * -X509_time_adj(ASN1_TIME *s, long offset_sec, time_t *in_time) -{ - return X509_time_adj_ex(s, 0, offset_sec, in_time); -} -LCRYPTO_ALIAS(X509_time_adj); - -ASN1_TIME * -X509_time_adj_ex(ASN1_TIME *s, int offset_day, long offset_sec, time_t *in_time) -{ - time_t t; - if (in_time == NULL) - t = time(NULL); - else - t = *in_time; - - return ASN1_TIME_adj(s, t, offset_day, offset_sec); -} -LCRYPTO_ALIAS(X509_time_adj_ex); - -int -X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain) -{ - EVP_PKEY *ktmp = NULL, *ktmp2; - int i, j; - - if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey)) - return 1; - - for (i = 0; i < sk_X509_num(chain); i++) { - ktmp = X509_get0_pubkey(sk_X509_value(chain, i)); - if (ktmp == NULL) { - X509error(X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY); - return 0; - } - if (!EVP_PKEY_missing_parameters(ktmp)) - break; - else - ktmp = NULL; - } - if (ktmp == NULL) { - X509error(X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN); - return 0; - } - - /* first, populate the other certs */ - for (j = i - 1; j >= 0; j--) { - if ((ktmp2 = X509_get0_pubkey(sk_X509_value(chain, j))) == NULL) - return 0; - if (!EVP_PKEY_copy_parameters(ktmp2, ktmp)) - return 0; - } - - if (pkey != NULL) - if (!EVP_PKEY_copy_parameters(pkey, ktmp)) - return 0; - return 1; -} -LCRYPTO_ALIAS(X509_get_pubkey_parameters); - -int -X509_STORE_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) -{ - /* This function is (usually) called only once, by - * SSL_get_ex_data_X509_STORE_CTX_idx (ssl/ssl_cert.c). */ - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, - argl, argp, new_func, dup_func, free_func); -} -LCRYPTO_ALIAS(X509_STORE_CTX_get_ex_new_index); - -int -X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data) -{ - return CRYPTO_set_ex_data(&ctx->ex_data, idx, data); -} -LCRYPTO_ALIAS(X509_STORE_CTX_set_ex_data); - -void * -X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx) -{ - return CRYPTO_get_ex_data(&ctx->ex_data, idx); -} -LCRYPTO_ALIAS(X509_STORE_CTX_get_ex_data); - -int -X509_STORE_CTX_get_error(X509_STORE_CTX *ctx) -{ - return ctx->error; -} -LCRYPTO_ALIAS(X509_STORE_CTX_get_error); - -void -X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err) -{ - ctx->error = err; -} -LCRYPTO_ALIAS(X509_STORE_CTX_set_error); - -int -X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx) -{ - return ctx->error_depth; -} -LCRYPTO_ALIAS(X509_STORE_CTX_get_error_depth); - -void -X509_STORE_CTX_set_error_depth(X509_STORE_CTX *ctx, int depth) -{ - ctx->error_depth = depth; -} -LCRYPTO_ALIAS(X509_STORE_CTX_set_error_depth); - -X509 * -X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx) -{ - return ctx->current_cert; -} -LCRYPTO_ALIAS(X509_STORE_CTX_get_current_cert); - -void -X509_STORE_CTX_set_current_cert(X509_STORE_CTX *ctx, X509 *x) -{ - ctx->current_cert = x; -} -LCRYPTO_ALIAS(X509_STORE_CTX_set_current_cert); - -STACK_OF(X509) * -X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx) -{ - return ctx->chain; -} -LCRYPTO_ALIAS(X509_STORE_CTX_get_chain); - -STACK_OF(X509) * -X509_STORE_CTX_get0_chain(X509_STORE_CTX *xs) -{ - return xs->chain; -} -LCRYPTO_ALIAS(X509_STORE_CTX_get0_chain); - -STACK_OF(X509) * -X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx) -{ - int i; - X509 *x; - STACK_OF(X509) *chain; - - if (!ctx->chain || !(chain = sk_X509_dup(ctx->chain))) - return NULL; - for (i = 0; i < sk_X509_num(chain); i++) { - x = sk_X509_value(chain, i); - CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509); - } - return chain; -} -LCRYPTO_ALIAS(X509_STORE_CTX_get1_chain); - -X509 * -X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx) -{ - return ctx->current_issuer; -} -LCRYPTO_ALIAS(X509_STORE_CTX_get0_current_issuer); - -X509_CRL * -X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx) -{ - return ctx->current_crl; -} -LCRYPTO_ALIAS(X509_STORE_CTX_get0_current_crl); - -X509_STORE_CTX * -X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx) -{ - return ctx->parent; -} -LCRYPTO_ALIAS(X509_STORE_CTX_get0_parent_ctx); - -X509_STORE * -X509_STORE_CTX_get0_store(X509_STORE_CTX *xs) -{ - return xs->store; -} -LCRYPTO_ALIAS(X509_STORE_CTX_get0_store); - -void -X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x) -{ - ctx->cert = x; -} -LCRYPTO_ALIAS(X509_STORE_CTX_set_cert); - -void -X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) -{ - ctx->untrusted = sk; -} -LCRYPTO_ALIAS(X509_STORE_CTX_set_chain); - -void -X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk) -{ - ctx->crls = sk; -} -LCRYPTO_ALIAS(X509_STORE_CTX_set0_crls); - -/* - * This function is used to set the X509_STORE_CTX purpose and trust - * values. This is intended to be used when another structure has its - * own trust and purpose values which (if set) will be inherited by - * the ctx. If they aren't set then we will usually have a default - * purpose in mind which should then be used to set the trust value. - * An example of this is SSL use: an SSL structure will have its own - * purpose and trust settings which the application can set: if they - * aren't set then we use the default of SSL client/server. - */ -int -X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose_id) -{ - const X509_PURPOSE *purpose; - int idx; - - /* XXX - Match wacky/documented behavior. Do we need to keep this? */ - if (purpose_id == 0) - return 1; - - if (purpose_id < X509_PURPOSE_MIN || purpose_id > X509_PURPOSE_MAX) { - X509error(X509_R_UNKNOWN_PURPOSE_ID); - return 0; - } - idx = purpose_id - X509_PURPOSE_MIN; - if ((purpose = X509_PURPOSE_get0(idx)) == NULL) { - X509error(X509_R_UNKNOWN_PURPOSE_ID); - return 0; - } - - /* XXX - Succeeding while ignoring purpose_id and trust is awful. */ - if (ctx->param->purpose == 0) - ctx->param->purpose = purpose_id; - if (ctx->param->trust == 0) - ctx->param->trust = X509_PURPOSE_get_trust(purpose); - - return 1; -} -LCRYPTO_ALIAS(X509_STORE_CTX_set_purpose); - -int -X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust_id) -{ - /* XXX - Match wacky/documented behavior. Do we need to keep this? */ - if (trust_id == 0) - return 1; - - if (trust_id < X509_TRUST_MIN || trust_id > X509_TRUST_MAX) { - X509error(X509_R_UNKNOWN_TRUST_ID); - return 0; - } - - /* XXX - Succeeding while ignoring the trust_id is awful. */ - if (ctx->param->trust == 0) - ctx->param->trust = trust_id; - - return 1; -} -LCRYPTO_ALIAS(X509_STORE_CTX_set_trust); - -X509_STORE_CTX * -X509_STORE_CTX_new(void) -{ - X509_STORE_CTX *ctx; - - ctx = calloc(1, sizeof(X509_STORE_CTX)); - if (!ctx) { - X509error(ERR_R_MALLOC_FAILURE); - return NULL; - } - return ctx; -} -LCRYPTO_ALIAS(X509_STORE_CTX_new); - -void -X509_STORE_CTX_free(X509_STORE_CTX *ctx) -{ - if (ctx == NULL) - return; - - X509_STORE_CTX_cleanup(ctx); - free(ctx); -} -LCRYPTO_ALIAS(X509_STORE_CTX_free); - -int -X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *leaf, - STACK_OF(X509) *untrusted) -{ - int param_ret = 1; - - /* - * Make sure everything is initialized properly even in case of an - * early return due to an error. - * - * While this 'ctx' can be reused, X509_STORE_CTX_cleanup() will have - * freed everything and memset ex_data anyway. This also allows us - * to safely use X509_STORE_CTX variables from the stack which will - * have uninitialized data. - */ - memset(ctx, 0, sizeof(*ctx)); - - /* - * Start with this set to not valid - it will be set to valid - * in X509_verify_cert. - */ - ctx->error = X509_V_ERR_INVALID_CALL; - - /* - * Set values other than 0. Keep this in the same order as - * X509_STORE_CTX except for values that may fail. All fields that - * may fail should go last to make sure 'ctx' is as consistent as - * possible even on early exits. - */ - ctx->store = store; - ctx->cert = leaf; - ctx->untrusted = untrusted; - - if (store && store->verify) - ctx->verify = store->verify; - else - ctx->verify = internal_verify; - - if (store && store->verify_cb) - ctx->verify_cb = store->verify_cb; - else - ctx->verify_cb = null_callback; - - ctx->get_issuer = X509_STORE_CTX_get1_issuer; - ctx->check_issued = check_issued; - - ctx->param = X509_VERIFY_PARAM_new(); - if (!ctx->param) { - X509error(ERR_R_MALLOC_FAILURE); - return 0; - } - - /* Inherit callbacks and flags from X509_STORE if not set - * use defaults. - */ - if (store) - param_ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param); - else - ctx->param->inh_flags |= X509_VP_FLAG_DEFAULT|X509_VP_FLAG_ONCE; - - if (param_ret) - param_ret = X509_VERIFY_PARAM_inherit(ctx->param, - X509_VERIFY_PARAM_lookup("default")); - - if (param_ret == 0) { - X509error(ERR_R_MALLOC_FAILURE); - return 0; - } - - if (CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx, - &ctx->ex_data) == 0) { - X509error(ERR_R_MALLOC_FAILURE); - return 0; - } - return 1; -} -LCRYPTO_ALIAS(X509_STORE_CTX_init); - -/* Set alternative lookup method: just a STACK of trusted certificates. - * This avoids X509_STORE nastiness where it isn't needed. - */ - -void -X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *trusted) -{ - X509_STORE_CTX_set0_trusted_stack(ctx, trusted); -} -LCRYPTO_ALIAS(X509_STORE_CTX_trusted_stack); - -void -X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *trusted) -{ - ctx->trusted = trusted; - ctx->get_issuer = x509_vfy_get_trusted_issuer; -} -LCRYPTO_ALIAS(X509_STORE_CTX_set0_trusted_stack); - -void -X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx) -{ - if (ctx->param != NULL) { - if (ctx->parent == NULL) - X509_VERIFY_PARAM_free(ctx->param); - ctx->param = NULL; - } - if (ctx->chain != NULL) { - sk_X509_pop_free(ctx->chain, X509_free); - ctx->chain = NULL; - } - CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx, &ctx->ex_data); - memset(&ctx->ex_data, 0, sizeof(CRYPTO_EX_DATA)); -} -LCRYPTO_ALIAS(X509_STORE_CTX_cleanup); - -void -X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth) -{ - X509_VERIFY_PARAM_set_depth(ctx->param, depth); -} -LCRYPTO_ALIAS(X509_STORE_CTX_set_depth); - -void -X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags) -{ - X509_VERIFY_PARAM_set_flags(ctx->param, flags); -} -LCRYPTO_ALIAS(X509_STORE_CTX_set_flags); - -void -X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags, time_t t) -{ - X509_VERIFY_PARAM_set_time(ctx->param, t); -} -LCRYPTO_ALIAS(X509_STORE_CTX_set_time); - -int -(*X509_STORE_CTX_get_verify_cb(X509_STORE_CTX *ctx))(int, X509_STORE_CTX *) -{ - return ctx->verify_cb; -} -LCRYPTO_ALIAS(X509_STORE_CTX_get_verify_cb); - -void -X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx, - int (*verify_cb)(int, X509_STORE_CTX *)) -{ - ctx->verify_cb = verify_cb; -} -LCRYPTO_ALIAS(X509_STORE_CTX_set_verify_cb); - -int -(*X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx))(X509_STORE_CTX *) -{ - return ctx->verify; -} -LCRYPTO_ALIAS(X509_STORE_CTX_get_verify); - -void -X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, int (*verify)(X509_STORE_CTX *)) -{ - ctx->verify = verify; -} -LCRYPTO_ALIAS(X509_STORE_CTX_set_verify); - -X509_STORE_CTX_check_issued_fn -X509_STORE_get_check_issued(X509_STORE *store) -{ - return store->check_issued; -} -LCRYPTO_ALIAS(X509_STORE_get_check_issued); - -void -X509_STORE_set_check_issued(X509_STORE *store, - X509_STORE_CTX_check_issued_fn check_issued) -{ - store->check_issued = check_issued; -} -LCRYPTO_ALIAS(X509_STORE_set_check_issued); - -X509_STORE_CTX_check_issued_fn -X509_STORE_CTX_get_check_issued(X509_STORE_CTX *ctx) -{ - return ctx->check_issued; -} -LCRYPTO_ALIAS(X509_STORE_CTX_get_check_issued); - -X509 * -X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx) -{ - return ctx->cert; -} -LCRYPTO_ALIAS(X509_STORE_CTX_get0_cert); - -STACK_OF(X509) * -X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx) -{ - return ctx->untrusted; -} -LCRYPTO_ALIAS(X509_STORE_CTX_get0_untrusted); - -void -X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) -{ - ctx->untrusted = sk; -} -LCRYPTO_ALIAS(X509_STORE_CTX_set0_untrusted); - -void -X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) -{ - sk_X509_pop_free(ctx->chain, X509_free); - ctx->chain = sk; -} -LCRYPTO_ALIAS(X509_STORE_CTX_set0_verified_chain); - -int -X509_STORE_CTX_get_num_untrusted(X509_STORE_CTX *ctx) -{ - return ctx->num_untrusted; -} -LCRYPTO_ALIAS(X509_STORE_CTX_get_num_untrusted); - -int -X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name) -{ - const X509_VERIFY_PARAM *param; - param = X509_VERIFY_PARAM_lookup(name); - if (!param) - return 0; - return X509_VERIFY_PARAM_inherit(ctx->param, param); -} -LCRYPTO_ALIAS(X509_STORE_CTX_set_default); - -X509_VERIFY_PARAM * -X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx) -{ - return ctx->param; -} -LCRYPTO_ALIAS(X509_STORE_CTX_get0_param); - -void -X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param) -{ - if (ctx->param) - X509_VERIFY_PARAM_free(ctx->param); - ctx->param = param; -} -LCRYPTO_ALIAS(X509_STORE_CTX_set0_param); - -/* - * Check if |bits| are adequate for |security level|. - * Returns 1 if ok, 0 otherwise. - */ -static int -enough_bits_for_security_level(int bits, int level) -{ - /* - * Sigh. OpenSSL does this silly squashing, so we will - * too. Derp for Derp compatibility being important. - */ - if (level < 0) - level = 0; - if (level > 5) - level = 5; - - switch (level) { - case 0: - return 1; - case 1: - return bits >= 80; - case 2: - return bits >= 112; - case 3: - return bits >= 128; - case 4: - return bits >= 192; - case 5: - return bits >= 256; - default: - return 0; - } -} - -/* - * Check whether the public key of |cert| meets the security level of |ctx|. - * - * Returns 1 on success, 0 otherwise. - */ -static int -check_key_level(X509_STORE_CTX *ctx, X509 *cert) -{ - EVP_PKEY *pkey; - int bits; - - /* Unsupported or malformed keys are not secure */ - if ((pkey = X509_get0_pubkey(cert)) == NULL) - return 0; - - if ((bits = EVP_PKEY_security_bits(pkey)) <= 0) - return 0; - - return enough_bits_for_security_level(bits, ctx->param->security_level); -} - -/* - * Check whether the signature digest algorithm of |cert| meets the security - * level of |ctx|. Do not check trust anchors (self-signed or not). - * - * Returns 1 on success, 0 otherwise. - */ -static int -check_sig_level(X509_STORE_CTX *ctx, X509 *cert) -{ - int bits; - - if (!X509_get_signature_info(cert, NULL, NULL, &bits, NULL)) - return 0; - - return enough_bits_for_security_level(bits, ctx->param->security_level); -} - -int -x509_vfy_check_security_level(X509_STORE_CTX *ctx) -{ - int num = sk_X509_num(ctx->chain); - int i; - - if (ctx->param->security_level <= 0) - return 1; - - for (i = 0; i < num; i++) { - X509 *cert = sk_X509_value(ctx->chain, i); - - /* - * We've already checked the security of the leaf key, so here - * we only check the security of issuer keys. - */ - if (i > 0) { - if (!check_key_level(ctx, cert) && - !verify_cb_cert(ctx, cert, i, - X509_V_ERR_CA_KEY_TOO_SMALL)) - return 0; - } - - /* - * We also check the signature algorithm security of all certs - * except those of the trust anchor at index num - 1. - */ - if (i == num - 1) - break; - - if (!check_sig_level(ctx, cert) && - !verify_cb_cert(ctx, cert, i, X509_V_ERR_CA_MD_TOO_WEAK)) - return 0; - } - return 1; -} diff --git a/src/lib/libcrypto/x509/x509_vfy.h b/src/lib/libcrypto/x509/x509_vfy.h deleted file mode 100644 index 7058bbc5b0..0000000000 --- a/src/lib/libcrypto/x509/x509_vfy.h +++ /dev/null @@ -1,463 +0,0 @@ -/* $OpenBSD: x509_vfy.h,v 1.70 2025/03/09 15:20:20 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_X509_H -#include -/* openssl/x509.h ends up #include-ing this file at about the only - * appropriate moment. */ -#endif - -#ifndef HEADER_X509_VFY_H -#define HEADER_X509_VFY_H - -#include - -#ifndef OPENSSL_NO_LHASH -#include -#endif -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * SSL_CTX -> X509_STORE - * -> X509_LOOKUP - * ->X509_LOOKUP_METHOD - * -> X509_LOOKUP - * ->X509_LOOKUP_METHOD - * - * SSL -> X509_STORE_CTX - * ->X509_STORE - * - * The X509_STORE holds the tables etc for verification stuff. - * A X509_STORE_CTX is used while validating a single certificate. - * The X509_STORE has X509_LOOKUPs for looking up certs. - * The X509_STORE then calls a function to actually verify the - * certificate chain. - */ - -typedef enum { - X509_LU_NONE, - X509_LU_X509, - X509_LU_CRL, -} X509_LOOKUP_TYPE; - - -DECLARE_STACK_OF(X509_LOOKUP) -DECLARE_STACK_OF(X509_OBJECT) -DECLARE_STACK_OF(X509_VERIFY_PARAM) - -/* XXX - unused in OpenSSL. Can we remove this? */ -typedef struct X509_VERIFY_PARAM_ID_st X509_VERIFY_PARAM_ID; - - -int X509_STORE_set_depth(X509_STORE *store, int depth); - -void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth); - -#define X509_STORE_CTX_set_app_data(ctx,data) \ - X509_STORE_CTX_set_ex_data(ctx,0,data) -#define X509_STORE_CTX_get_app_data(ctx) \ - X509_STORE_CTX_get_ex_data(ctx,0) - -#define X509_L_FILE_LOAD 1 -#define X509_L_ADD_DIR 2 -#define X509_L_MEM 3 - -#define X509_LOOKUP_load_file(x,name,type) \ - X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL) - -#define X509_LOOKUP_add_dir(x,name,type) \ - X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL) - -#define X509_LOOKUP_add_mem(x,iov,type) \ - X509_LOOKUP_ctrl((x),X509_L_MEM,(const char *)(iov),\ - (long)(type),NULL) - -#define X509_V_OK 0 -#define X509_V_ERR_UNSPECIFIED 1 -#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2 -#define X509_V_ERR_UNABLE_TO_GET_CRL 3 -#define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4 -#define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5 -#define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6 -#define X509_V_ERR_CERT_SIGNATURE_FAILURE 7 -#define X509_V_ERR_CRL_SIGNATURE_FAILURE 8 -#define X509_V_ERR_CERT_NOT_YET_VALID 9 -#define X509_V_ERR_CERT_HAS_EXPIRED 10 -#define X509_V_ERR_CRL_NOT_YET_VALID 11 -#define X509_V_ERR_CRL_HAS_EXPIRED 12 -#define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13 -#define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14 -#define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15 -#define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16 -#define X509_V_ERR_OUT_OF_MEM 17 -#define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18 -#define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19 -#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20 -#define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21 -#define X509_V_ERR_CERT_CHAIN_TOO_LONG 22 -#define X509_V_ERR_CERT_REVOKED 23 -#define X509_V_ERR_INVALID_CA 24 -#define X509_V_ERR_PATH_LENGTH_EXCEEDED 25 -#define X509_V_ERR_INVALID_PURPOSE 26 -#define X509_V_ERR_CERT_UNTRUSTED 27 -#define X509_V_ERR_CERT_REJECTED 28 -/* These are 'informational' when looking for issuer cert */ -#define X509_V_ERR_SUBJECT_ISSUER_MISMATCH 29 -#define X509_V_ERR_AKID_SKID_MISMATCH 30 -#define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH 31 -#define X509_V_ERR_KEYUSAGE_NO_CERTSIGN 32 - -#define X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER 33 -#define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION 34 -#define X509_V_ERR_KEYUSAGE_NO_CRL_SIGN 35 -#define X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION 36 -#define X509_V_ERR_INVALID_NON_CA 37 -#define X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED 38 -#define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39 -#define X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED 40 - -#define X509_V_ERR_INVALID_EXTENSION 41 -#define X509_V_ERR_INVALID_POLICY_EXTENSION 42 -#define X509_V_ERR_NO_EXPLICIT_POLICY 43 -#define X509_V_ERR_DIFFERENT_CRL_SCOPE 44 -#define X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE 45 - -#define X509_V_ERR_UNNESTED_RESOURCE 46 - -#define X509_V_ERR_PERMITTED_VIOLATION 47 -#define X509_V_ERR_EXCLUDED_VIOLATION 48 -#define X509_V_ERR_SUBTREE_MINMAX 49 -#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51 -#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52 -#define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53 -#define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54 - -/* The application is not happy */ -#define X509_V_ERR_APPLICATION_VERIFICATION 50 - -/* Host, email and IP check errors */ -#define X509_V_ERR_HOSTNAME_MISMATCH 62 -#define X509_V_ERR_EMAIL_MISMATCH 63 -#define X509_V_ERR_IP_ADDRESS_MISMATCH 64 - -/* Caller error */ -#define X509_V_ERR_INVALID_CALL 65 -/* Issuer lookup error */ -#define X509_V_ERR_STORE_LOOKUP 66 - -/* Security level errors */ -#define X509_V_ERR_EE_KEY_TOO_SMALL 67 -#define X509_V_ERR_CA_KEY_TOO_SMALL 68 -#define X509_V_ERR_CA_MD_TOO_WEAK 69 - -/* Certificate verify flags */ - -/* Deprecated in 1.1.0, has no effect. Various FFI bindings still expose it. */ -#define X509_V_FLAG_CB_ISSUER_CHECK 0x0 -/* Use check time instead of current time */ -#define X509_V_FLAG_USE_CHECK_TIME 0x2 -/* Lookup CRLs */ -#define X509_V_FLAG_CRL_CHECK 0x4 -/* Lookup CRLs for whole chain */ -#define X509_V_FLAG_CRL_CHECK_ALL 0x8 -/* Ignore unhandled critical extensions */ -#define X509_V_FLAG_IGNORE_CRITICAL 0x10 -/* Disable workarounds for broken certificates */ -#define X509_V_FLAG_X509_STRICT 0x20 -/* Enable proxy certificate validation */ -#define X509_V_FLAG_ALLOW_PROXY_CERTS 0x40 -/* Does nothing as its functionality has been enabled by default */ -#define X509_V_FLAG_POLICY_CHECK 0x80 -/* Policy variable require-explicit-policy */ -#define X509_V_FLAG_EXPLICIT_POLICY 0x100 -/* Policy variable inhibit-any-policy */ -#define X509_V_FLAG_INHIBIT_ANY 0x200 -/* Policy variable inhibit-policy-mapping */ -#define X509_V_FLAG_INHIBIT_MAP 0x400 -/* Notify callback that policy is OK */ -#define X509_V_FLAG_NOTIFY_POLICY 0x800 -/* Extended CRL features such as indirect CRLs, alternate CRL signing keys */ -#define X509_V_FLAG_EXTENDED_CRL_SUPPORT 0x1000 -/* Delta CRL support */ -#define X509_V_FLAG_USE_DELTAS 0x2000 -/* Check selfsigned CA signature */ -#define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000 -/* Use trusted store first */ -#define X509_V_FLAG_TRUSTED_FIRST 0x8000 -/* Allow partial chains if at least one certificate is in trusted store */ -#define X509_V_FLAG_PARTIAL_CHAIN 0x80000 - -/* If the initial chain is not trusted, do not attempt to build an alternative - * chain. Alternate chain checking was introduced in 1.0.2b. Setting this flag - * will force the behaviour to match that of previous versions. */ -#define X509_V_FLAG_NO_ALT_CHAINS 0x100000 - -/* Do not check certificate or CRL validity against current time. */ -#define X509_V_FLAG_NO_CHECK_TIME 0x200000 - -/* Force the use of the legacy certificate verification */ -#define X509_V_FLAG_LEGACY_VERIFY 0x400000 - -#define X509_VP_FLAG_DEFAULT 0x1 -#define X509_VP_FLAG_OVERWRITE 0x2 -#define X509_VP_FLAG_RESET_FLAGS 0x4 -#define X509_VP_FLAG_LOCKED 0x8 -#define X509_VP_FLAG_ONCE 0x10 - -/* - * Obsolete internal use: mask of policy related options. - * This should really go away. - */ -#define X509_V_FLAG_POLICY_MASK (X509_V_FLAG_POLICY_CHECK \ - | X509_V_FLAG_EXPLICIT_POLICY \ - | X509_V_FLAG_INHIBIT_ANY \ - | X509_V_FLAG_INHIBIT_MAP) - -X509_OBJECT *X509_OBJECT_new(void); -void X509_OBJECT_free(X509_OBJECT *a); -int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, X509_LOOKUP_TYPE type, - X509_NAME *name); -X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h, - X509_LOOKUP_TYPE type, X509_NAME *name); -X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h, X509_OBJECT *x); -X509_LOOKUP_TYPE X509_OBJECT_get_type(const X509_OBJECT *a); -X509 *X509_OBJECT_get0_X509(const X509_OBJECT *xo); -X509_CRL *X509_OBJECT_get0_X509_CRL(X509_OBJECT *xo); - -X509_STORE *X509_STORE_new(void); -void X509_STORE_free(X509_STORE *v); -int X509_STORE_up_ref(X509_STORE *x); -#define X509_STORE_get1_certs X509_STORE_CTX_get1_certs -#define X509_STORE_get1_crls X509_STORE_CTX_get1_crls -STACK_OF(X509) *X509_STORE_CTX_get1_certs(X509_STORE_CTX *st, X509_NAME *nm); -STACK_OF(X509_CRL) *X509_STORE_CTX_get1_crls(X509_STORE_CTX *st, X509_NAME *nm); -STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *xs); -STACK_OF(X509_OBJECT) *X509_STORE_get1_objects(X509_STORE *xs); -void *X509_STORE_get_ex_data(X509_STORE *xs, int idx); -int X509_STORE_set_ex_data(X509_STORE *xs, int idx, void *data); - -#define X509_STORE_get_ex_new_index(l, p, newf, dupf, freef) \ - CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE, (l), (p), \ - (newf), (dupf), (freef)) - -int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags); -int X509_STORE_set_purpose(X509_STORE *ctx, int purpose); -int X509_STORE_set_trust(X509_STORE *ctx, int trust); -int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm); -X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *ctx); - -typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *); - -X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE *); - -void X509_STORE_set_verify_cb(X509_STORE *ctx, - int (*verify_cb)(int, X509_STORE_CTX *)); -#define X509_STORE_set_verify_cb_func(ctx, func) \ - X509_STORE_set_verify_cb((ctx), (func)) - -typedef int (*X509_STORE_CTX_check_issued_fn)(X509_STORE_CTX *ctx, - X509 *subject, X509 *issuer); - -X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE *store); -void X509_STORE_set_check_issued(X509_STORE *store, - X509_STORE_CTX_check_issued_fn check_issued); -X509_STORE_CTX_check_issued_fn - X509_STORE_CTX_get_check_issued(X509_STORE_CTX *ctx); - -X509_STORE_CTX *X509_STORE_CTX_new(void); - -int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); - -void X509_STORE_CTX_free(X509_STORE_CTX *ctx); -int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, - X509 *x509, STACK_OF(X509) *chain); -X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx); -STACK_OF(X509) *X509_STORE_CTX_get0_chain(X509_STORE_CTX *xs); -X509_STORE *X509_STORE_CTX_get0_store(X509_STORE_CTX *xs); -STACK_OF(X509) *X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx); -void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk); -void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk); -void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk); -void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx); - -X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, const X509_LOOKUP_METHOD *m); - -const X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void); -const X509_LOOKUP_METHOD *X509_LOOKUP_file(void); -const X509_LOOKUP_METHOD *X509_LOOKUP_mem(void); - -int X509_STORE_add_cert(X509_STORE *ctx, X509 *x); -int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x); - -int X509_STORE_CTX_get_by_subject(X509_STORE_CTX *vs, X509_LOOKUP_TYPE type, - X509_NAME *name, X509_OBJECT *ret); -#define X509_STORE_get_by_subject X509_STORE_CTX_get_by_subject -X509_OBJECT *X509_STORE_CTX_get_obj_by_subject(X509_STORE_CTX *vs, - X509_LOOKUP_TYPE type, X509_NAME *name); - -int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, - long argl, char **ret); - -int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type); -int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type); -int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type); - -void X509_LOOKUP_free(X509_LOOKUP *ctx); - -int X509_STORE_load_locations(X509_STORE *ctx, - const char *file, const char *dir); -int X509_STORE_load_mem(X509_STORE *ctx, void *buf, int len); -int X509_STORE_set_default_paths(X509_STORE *ctx); - -int X509_STORE_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx,int idx,void *data); -void * X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx,int idx); -int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx); -void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s); -int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx); -void X509_STORE_CTX_set_error_depth(X509_STORE_CTX *ctx, int depth); -X509 * X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx); -void X509_STORE_CTX_set_current_cert(X509_STORE_CTX *ctx, X509 *x); -X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx); -X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx); -X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx); -STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx); -STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx); -void X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x); -void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK_OF(X509) *sk); -void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c,STACK_OF(X509_CRL) *sk); -int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose); -int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust); -void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags); -void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags, - time_t t); -void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk); -int (*X509_STORE_CTX_get_verify(X509_STORE_CTX *ctx))(X509_STORE_CTX *); -void X509_STORE_CTX_set_verify(X509_STORE_CTX *ctx, - int (*verify)(X509_STORE_CTX *)); -int (*X509_STORE_CTX_get_verify_cb(X509_STORE_CTX *ctx))(int, X509_STORE_CTX *); -void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx, - int (*verify_cb)(int, X509_STORE_CTX *)); - -typedef int (*X509_STORE_CTX_verify_fn)(X509_STORE_CTX *); - -void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify); -X509_STORE_CTX_verify_fn X509_STORE_get_verify(X509_STORE *ctx); -#define X509_STORE_set_verify_func(ctx, func) \ - X509_STORE_set_verify((ctx), (func)) - -int X509_STORE_CTX_get_num_untrusted(X509_STORE_CTX *ctx); - -X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx); -void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param); -int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name); - -/* X509_VERIFY_PARAM functions */ - -X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void); -void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param); -int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *to, - const X509_VERIFY_PARAM *from); -int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to, - const X509_VERIFY_PARAM *from); -int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name); -int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags); -int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param, - unsigned long flags); -unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param); -int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose); -int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust); -void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth); -void X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param, int auth_level); -time_t X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param); -void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t); -int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param, - ASN1_OBJECT *policy); -int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param, - STACK_OF(ASN1_OBJECT) *policies); -int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param); -int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param, const char *name, - size_t namelen); -int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param, const char *name, - size_t namelen); -void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param, - unsigned int flags); -char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param); -int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param, const char *email, - size_t emaillen); -int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param, const unsigned char *ip, - size_t iplen); -int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc); -const char *X509_VERIFY_PARAM_get0_name(const X509_VERIFY_PARAM *param); -const X509_VERIFY_PARAM *X509_VERIFY_PARAM_get0(int id); -int X509_VERIFY_PARAM_get_count(void); - -int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param); -const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name); -void X509_VERIFY_PARAM_table_cleanup(void); - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/x509/x509_vpm.c b/src/lib/libcrypto/x509/x509_vpm.c deleted file mode 100644 index 9efe473fc3..0000000000 --- a/src/lib/libcrypto/x509/x509_vpm.c +++ /dev/null @@ -1,743 +0,0 @@ -/* $OpenBSD: x509_vpm.c,v 1.55 2025/03/19 17:11:21 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2004. - */ -/* ==================================================================== - * Copyright (c) 2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include -#include -#include -#include -#include - -#include "x509_local.h" - -/* X509_VERIFY_PARAM functions */ - -int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param, const char *email, - size_t emaillen); -int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param, const unsigned char *ip, - size_t iplen); - -#define SET_HOST 0 -#define ADD_HOST 1 - -static void -str_free(char *s) -{ - free(s); -} - -static STACK_OF(OPENSSL_STRING) * -sk_OPENSSL_STRING_deep_copy(const STACK_OF(OPENSSL_STRING) *sk) -{ - STACK_OF(OPENSSL_STRING) *new; - char *copy = NULL; - int i; - - if ((new = sk_OPENSSL_STRING_new_null()) == NULL) - goto err; - - for (i = 0; i < sk_OPENSSL_STRING_num(sk); i++) { - if ((copy = strdup(sk_OPENSSL_STRING_value(sk, i))) == NULL) - goto err; - if (sk_OPENSSL_STRING_push(new, copy) <= 0) - goto err; - copy = NULL; - } - - return new; - - err: - sk_OPENSSL_STRING_pop_free(new, str_free); - free(copy); - - return NULL; -} - -static int -x509_param_set_hosts_internal(X509_VERIFY_PARAM *param, int mode, - const char *name, size_t namelen) -{ - char *copy; - - if (name != NULL && namelen == 0) - namelen = strlen(name); - /* - * Refuse names with embedded NUL bytes. - */ - if (name && memchr(name, '\0', namelen)) - return 0; - - if (mode == SET_HOST && param->hosts) { - sk_OPENSSL_STRING_pop_free(param->hosts, str_free); - param->hosts = NULL; - } - if (name == NULL || namelen == 0) - return 1; - copy = strndup(name, namelen); - if (copy == NULL) - return 0; - - if (param->hosts == NULL && - (param->hosts = sk_OPENSSL_STRING_new_null()) == NULL) { - free(copy); - return 0; - } - - if (!sk_OPENSSL_STRING_push(param->hosts, copy)) { - free(copy); - if (sk_OPENSSL_STRING_num(param->hosts) == 0) { - sk_OPENSSL_STRING_free(param->hosts); - param->hosts = NULL; - } - return 0; - } - - return 1; -} - -static void -x509_verify_param_zero(X509_VERIFY_PARAM *param) -{ - if (!param) - return; - - free(param->name); - param->name = NULL; - param->purpose = 0; - param->trust = 0; - /*param->inh_flags = X509_VP_FLAG_DEFAULT;*/ - param->inh_flags = 0; - param->flags = 0; - param->depth = -1; - sk_ASN1_OBJECT_pop_free(param->policies, ASN1_OBJECT_free); - param->policies = NULL; - sk_OPENSSL_STRING_pop_free(param->hosts, str_free); - param->hosts = NULL; - free(param->peername); - param->peername = NULL; - free(param->email); - param->email = NULL; - param->emaillen = 0; - free(param->ip); - param->ip = NULL; - param->iplen = 0; - param->poisoned = 0; -} - -X509_VERIFY_PARAM * -X509_VERIFY_PARAM_new(void) -{ - X509_VERIFY_PARAM *param; - - param = calloc(1, sizeof(X509_VERIFY_PARAM)); - if (param == NULL) - return NULL; - x509_verify_param_zero(param); - return param; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_new); - -void -X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param) -{ - if (param == NULL) - return; - x509_verify_param_zero(param); - free(param); -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_free); - -/* - * This function determines how parameters are "inherited" from one structure - * to another. There are several different ways this can happen. - * - * 1. If a child structure needs to have its values initialized from a parent - * they are simply copied across. For example SSL_CTX copied to SSL. - * 2. If the structure should take on values only if they are currently unset. - * For example the values in an SSL structure will take appropriate value - * for SSL servers or clients but only if the application has not set new - * ones. - * - * The "inh_flags" field determines how this function behaves. - * - * Normally any values which are set in the default are not copied from the - * destination and verify flags are ORed together. - * - * If X509_VP_FLAG_DEFAULT is set then anything set in the source is copied - * to the destination. Effectively the values in "to" become default values - * which will be used only if nothing new is set in "from". - * - * If X509_VP_FLAG_OVERWRITE is set then all value are copied across whether - * they are set or not. Flags is still Ored though. - * - * If X509_VP_FLAG_RESET_FLAGS is set then the flags value is copied instead - * of ORed. - * - * If X509_VP_FLAG_LOCKED is set then no values are copied. - * - * If X509_VP_FLAG_ONCE is set then the current inh_flags setting is zeroed - * after the next call. - */ - -/* Macro to test if a field should be copied from src to dest */ -#define test_x509_verify_param_copy(field, def) \ - (to_overwrite || \ - ((src->field != def) && (to_default || (dest->field == def)))) - -/* Macro to test and copy a field if necessary */ -#define x509_verify_param_copy(field, def) \ - if (test_x509_verify_param_copy(field, def)) \ - dest->field = src->field - -int -X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *dest, const X509_VERIFY_PARAM *src) -{ - unsigned long inh_flags; - int to_default, to_overwrite; - - if (!src) - return 1; - inh_flags = dest->inh_flags | src->inh_flags; - - if (inh_flags & X509_VP_FLAG_ONCE) - dest->inh_flags = 0; - - if (inh_flags & X509_VP_FLAG_LOCKED) - return 1; - - if (inh_flags & X509_VP_FLAG_DEFAULT) - to_default = 1; - else - to_default = 0; - - if (inh_flags & X509_VP_FLAG_OVERWRITE) - to_overwrite = 1; - else - to_overwrite = 0; - - x509_verify_param_copy(purpose, 0); - x509_verify_param_copy(trust, 0); - x509_verify_param_copy(depth, -1); - - /* If overwrite or check time not set, copy across */ - - if (to_overwrite || !(dest->flags & X509_V_FLAG_USE_CHECK_TIME)) { - dest->check_time = src->check_time; - dest->flags &= ~X509_V_FLAG_USE_CHECK_TIME; - /* Don't need to copy flag: that is done below */ - } - - if (inh_flags & X509_VP_FLAG_RESET_FLAGS) - dest->flags = 0; - - dest->flags |= src->flags; - - if (test_x509_verify_param_copy(policies, NULL)) { - if (!X509_VERIFY_PARAM_set1_policies(dest, src->policies)) - return 0; - } - - x509_verify_param_copy(hostflags, 0); - - if (test_x509_verify_param_copy(hosts, NULL)) { - if (dest->hosts) { - sk_OPENSSL_STRING_pop_free(dest->hosts, str_free); - dest->hosts = NULL; - } - if (src->hosts) { - dest->hosts = sk_OPENSSL_STRING_deep_copy(src->hosts); - if (dest->hosts == NULL) - return 0; - } - } - - if (test_x509_verify_param_copy(email, NULL)) { - if (!X509_VERIFY_PARAM_set1_email(dest, src->email, - src->emaillen)) - return 0; - } - - if (test_x509_verify_param_copy(ip, NULL)) { - if (!X509_VERIFY_PARAM_set1_ip(dest, src->ip, src->iplen)) - return 0; - } - - return 1; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_inherit); - -int -X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to, const X509_VERIFY_PARAM *from) -{ - unsigned long save_flags = to->inh_flags; - int ret; - - to->inh_flags |= X509_VP_FLAG_DEFAULT; - ret = X509_VERIFY_PARAM_inherit(to, from); - to->inh_flags = save_flags; - return ret; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_set1); - -static int -x509_param_set1_internal(char **pdest, size_t *pdestlen, const char *src, - size_t srclen, int nonul) -{ - char *tmp; - - if (src == NULL) - return 0; - - if (srclen == 0) { - srclen = strlen(src); - if (srclen == 0) - return 0; - if ((tmp = strdup(src)) == NULL) - return 0; - } else { - if (nonul && memchr(src, '\0', srclen)) - return 0; - if ((tmp = malloc(srclen)) == NULL) - return 0; - memcpy(tmp, src, srclen); - } - - if (*pdest) - free(*pdest); - *pdest = tmp; - if (pdestlen) - *pdestlen = srclen; - return 1; -} - -int -X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name) -{ - free(param->name); - param->name = NULL; - if (name == NULL) - return 1; - param->name = strdup(name); - if (param->name) - return 1; - return 0; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_set1_name); - -int -X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags) -{ - param->flags |= flags; - return 1; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_set_flags); - -int -X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param, unsigned long flags) -{ - param->flags &= ~flags; - return 1; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_clear_flags); - -unsigned long -X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param) -{ - return param->flags; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_get_flags); - -int -X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose) -{ - if (purpose < X509_PURPOSE_MIN || purpose > X509_PURPOSE_MAX) { - X509V3error(X509V3_R_INVALID_PURPOSE); - return 0; - } - - param->purpose = purpose; - return 1; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_set_purpose); - -int -X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust) -{ - if (trust < X509_TRUST_MIN || trust > X509_TRUST_MAX) { - X509error(X509_R_INVALID_TRUST); - return 0; - } - - param->trust = trust; - return 1; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_set_trust); - -void -X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth) -{ - param->depth = depth; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_set_depth); - -void -X509_VERIFY_PARAM_set_auth_level(X509_VERIFY_PARAM *param, int auth_level) -{ - param->security_level = auth_level; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_set_auth_level); - -time_t -X509_VERIFY_PARAM_get_time(const X509_VERIFY_PARAM *param) -{ - return param->check_time; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_get_time); - -void -X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t) -{ - param->check_time = t; - param->flags |= X509_V_FLAG_USE_CHECK_TIME; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_set_time); - -int -X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param, ASN1_OBJECT *policy) -{ - if (param->policies == NULL) - param->policies = sk_ASN1_OBJECT_new_null(); - if (param->policies == NULL) - return 0; - if (sk_ASN1_OBJECT_push(param->policies, policy) <= 0) - return 0; - return 1; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_add0_policy); - -static STACK_OF(ASN1_OBJECT) * -sk_ASN1_OBJECT_deep_copy(const STACK_OF(ASN1_OBJECT) *sk) -{ - STACK_OF(ASN1_OBJECT) *objs; - ASN1_OBJECT *obj = NULL; - int i; - - if ((objs = sk_ASN1_OBJECT_new_null()) == NULL) - goto err; - - for (i = 0; i < sk_ASN1_OBJECT_num(sk); i++) { - if ((obj = OBJ_dup(sk_ASN1_OBJECT_value(sk, i))) == NULL) - goto err; - if (sk_ASN1_OBJECT_push(objs, obj) <= 0) - goto err; - obj = NULL; - } - - return objs; - - err: - sk_ASN1_OBJECT_pop_free(objs, ASN1_OBJECT_free); - ASN1_OBJECT_free(obj); - - return NULL; -} - -int -X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param, - STACK_OF(ASN1_OBJECT) *policies) -{ - if (param == NULL) - return 0; - - sk_ASN1_OBJECT_pop_free(param->policies, ASN1_OBJECT_free); - param->policies = NULL; - - if (policies == NULL) - return 1; - - if ((param->policies = sk_ASN1_OBJECT_deep_copy(policies)) == NULL) - return 0; - - return 1; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_set1_policies); - -int -X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param, - const char *name, size_t namelen) -{ - if (x509_param_set_hosts_internal(param, SET_HOST, name, namelen)) - return 1; - param->poisoned = 1; - return 0; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_set1_host); - -int -X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param, - const char *name, size_t namelen) -{ - if (x509_param_set_hosts_internal(param, ADD_HOST, name, namelen)) - return 1; - param->poisoned = 1; - return 0; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_add1_host); - -/* Public API in OpenSSL - nothing seems to use this. */ -unsigned int -X509_VERIFY_PARAM_get_hostflags(X509_VERIFY_PARAM *param) -{ - return param->hostflags; -} - -void -X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param, unsigned int flags) -{ - param->hostflags = flags; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_set_hostflags); - -char * -X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param) -{ - return param->peername; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_get0_peername); - -int -X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param, const char *email, - size_t emaillen) -{ - if (x509_param_set1_internal(¶m->email, ¶m->emaillen, - email, emaillen, 1)) - return 1; - param->poisoned = 1; - return 0; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_set1_email); - -int -X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param, const unsigned char *ip, - size_t iplen) -{ - if (iplen != 4 && iplen != 16) - goto err; - if (x509_param_set1_internal((char **)¶m->ip, ¶m->iplen, - (char *)ip, iplen, 0)) - return 1; - err: - param->poisoned = 1; - return 0; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_set1_ip); - -int -X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc) -{ - unsigned char ipout[16]; - size_t iplen; - - iplen = (size_t)a2i_ipadd(ipout, ipasc); - return X509_VERIFY_PARAM_set1_ip(param, ipout, iplen); -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_set1_ip_asc); - -int -X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param) -{ - return param->depth; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_get_depth); - -const char * -X509_VERIFY_PARAM_get0_name(const X509_VERIFY_PARAM *param) -{ - return param->name; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_get0_name); - -/* - * Default verify parameters: these are used for various applications and can - * be overridden by the user specified table. - */ - -static const X509_VERIFY_PARAM default_table[] = { - { - .name = "default", - .flags = X509_V_FLAG_TRUSTED_FIRST, - .depth = 100, - .trust = 0, /* XXX This is not the default trust value */ - }, - { - .name = "pkcs7", - .purpose = X509_PURPOSE_SMIME_SIGN, - .trust = X509_TRUST_EMAIL, - .depth = -1, - }, - { - .name = "smime_sign", - .purpose = X509_PURPOSE_SMIME_SIGN, - .trust = X509_TRUST_EMAIL, - .depth = -1, - }, - { - .name = "ssl_client", - .purpose = X509_PURPOSE_SSL_CLIENT, - .trust = X509_TRUST_SSL_CLIENT, - .depth = -1, - }, - { - .name = "ssl_server", - .purpose = X509_PURPOSE_SSL_SERVER, - .trust = X509_TRUST_SSL_SERVER, - .depth = -1, - } -}; - -#define N_DEFAULT_VERIFY_PARAMS (sizeof(default_table) / sizeof(default_table[0])) - -static STACK_OF(X509_VERIFY_PARAM) *param_table = NULL; - -static int -param_cmp(const X509_VERIFY_PARAM * const *a, - const X509_VERIFY_PARAM * const *b) -{ - return strcmp((*a)->name, (*b)->name); -} - -int -X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param) -{ - X509_VERIFY_PARAM *ptmp; - int idx; - - if (param_table == NULL) - param_table = sk_X509_VERIFY_PARAM_new(param_cmp); - if (param_table == NULL) - return 0; - - if ((idx = sk_X509_VERIFY_PARAM_find(param_table, param)) != -1) { - ptmp = sk_X509_VERIFY_PARAM_value(param_table, idx); - X509_VERIFY_PARAM_free(ptmp); - (void)sk_X509_VERIFY_PARAM_delete(param_table, idx); - } - - return sk_X509_VERIFY_PARAM_push(param_table, param) > 0; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_add0_table); - -int -X509_VERIFY_PARAM_get_count(void) -{ - int num = N_DEFAULT_VERIFY_PARAMS; - - if (param_table != NULL) - num += sk_X509_VERIFY_PARAM_num(param_table); - - return num; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_get_count); - -const X509_VERIFY_PARAM * -X509_VERIFY_PARAM_get0(int id) -{ - int num = N_DEFAULT_VERIFY_PARAMS; - - if (id < 0) - return NULL; - - if (id < num) - return &default_table[id]; - - return sk_X509_VERIFY_PARAM_value(param_table, id - num); -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_get0); - -const X509_VERIFY_PARAM * -X509_VERIFY_PARAM_lookup(const char *name) -{ - X509_VERIFY_PARAM param; - size_t i; - int idx; - - memset(¶m, 0, sizeof(param)); - param.name = (char *)name; - if ((idx = sk_X509_VERIFY_PARAM_find(param_table, ¶m)) != -1) - return sk_X509_VERIFY_PARAM_value(param_table, idx); - - for (i = 0; i < N_DEFAULT_VERIFY_PARAMS; i++) { - if (strcmp(default_table[i].name, name) == 0) - return &default_table[i]; - } - - return NULL; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_lookup); - -void -X509_VERIFY_PARAM_table_cleanup(void) -{ - sk_X509_VERIFY_PARAM_pop_free(param_table, X509_VERIFY_PARAM_free); - param_table = NULL; -} -LCRYPTO_ALIAS(X509_VERIFY_PARAM_table_cleanup); diff --git a/src/lib/libcrypto/x509/x509cset.c b/src/lib/libcrypto/x509/x509cset.c deleted file mode 100644 index 468831266f..0000000000 --- a/src/lib/libcrypto/x509/x509cset.c +++ /dev/null @@ -1,238 +0,0 @@ -/* $OpenBSD: x509cset.c,v 1.22 2024/03/26 23:41:45 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2001. - */ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include -#include - -#include "x509_local.h" - -int -X509_CRL_up_ref(X509_CRL *x) -{ - return CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509_CRL) > 1; -} -LCRYPTO_ALIAS(X509_CRL_up_ref); - -int -X509_CRL_set_version(X509_CRL *x, long version) -{ - if (x == NULL) - return 0; - /* - * RFC 5280, 4.1: versions 1 - 3 are specified as follows. - * Version ::= INTEGER { v1(0), v2(1), v3(2) } - * The only specified versions for CRLs are 1 and 2. - */ - if (version < 0 || version > 1) - return 0; - if (x->crl->version == NULL) { - if ((x->crl->version = ASN1_INTEGER_new()) == NULL) - return 0; - } - return ASN1_INTEGER_set(x->crl->version, version); -} -LCRYPTO_ALIAS(X509_CRL_set_version); - -int -X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name) -{ - if (x == NULL || x->crl == NULL) - return 0; - return X509_NAME_set(&x->crl->issuer, name); -} -LCRYPTO_ALIAS(X509_CRL_set_issuer_name); - -int -X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm) -{ - ASN1_TIME *in; - - if (x == NULL) - return 0; - in = x->crl->lastUpdate; - if (in != tm) { - in = ASN1_STRING_dup(tm); - if (in != NULL) { - ASN1_TIME_free(x->crl->lastUpdate); - x->crl->lastUpdate = in; - } - } - return in != NULL; -} -LCRYPTO_ALIAS(X509_CRL_set_lastUpdate); - -int -X509_CRL_set1_lastUpdate(X509_CRL *x, const ASN1_TIME *tm) -{ - return X509_CRL_set_lastUpdate(x, tm); -} -LCRYPTO_ALIAS(X509_CRL_set1_lastUpdate); - -int -X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm) -{ - ASN1_TIME *in; - - if (x == NULL) - return 0; - in = x->crl->nextUpdate; - if (in != tm) { - in = ASN1_STRING_dup(tm); - if (in != NULL) { - ASN1_TIME_free(x->crl->nextUpdate); - x->crl->nextUpdate = in; - } - } - return in != NULL; -} -LCRYPTO_ALIAS(X509_CRL_set_nextUpdate); - -int -X509_CRL_set1_nextUpdate(X509_CRL *x, const ASN1_TIME *tm) -{ - return X509_CRL_set_nextUpdate(x, tm); -} -LCRYPTO_ALIAS(X509_CRL_set1_nextUpdate); - -int -X509_CRL_sort(X509_CRL *c) -{ - X509_REVOKED *r; - int i; - - /* Sort the data so it will be written in serial number order */ - sk_X509_REVOKED_sort(c->crl->revoked); - for (i = 0; i < sk_X509_REVOKED_num(c->crl->revoked); i++) { - r = sk_X509_REVOKED_value(c->crl->revoked, i); - r->sequence = i; - } - c->crl->enc.modified = 1; - return 1; -} -LCRYPTO_ALIAS(X509_CRL_sort); - -const STACK_OF(X509_EXTENSION) * -X509_REVOKED_get0_extensions(const X509_REVOKED *x) -{ - return x->extensions; -} -LCRYPTO_ALIAS(X509_REVOKED_get0_extensions); - -const ASN1_TIME * -X509_REVOKED_get0_revocationDate(const X509_REVOKED *x) -{ - return x->revocationDate; -} -LCRYPTO_ALIAS(X509_REVOKED_get0_revocationDate); - -const ASN1_INTEGER * -X509_REVOKED_get0_serialNumber(const X509_REVOKED *x) -{ - return x->serialNumber; -} -LCRYPTO_ALIAS(X509_REVOKED_get0_serialNumber); - -int -X509_REVOKED_set_revocationDate(X509_REVOKED *x, ASN1_TIME *tm) -{ - ASN1_TIME *in; - - if (x == NULL) - return 0; - in = x->revocationDate; - if (in != tm) { - in = ASN1_STRING_dup(tm); - if (in != NULL) { - ASN1_TIME_free(x->revocationDate); - x->revocationDate = in; - } - } - return in != NULL; -} -LCRYPTO_ALIAS(X509_REVOKED_set_revocationDate); - -int -X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial) -{ - ASN1_INTEGER *in; - - if (x == NULL) - return 0; - in = x->serialNumber; - if (in != serial) { - in = ASN1_INTEGER_dup(serial); - if (in != NULL) { - ASN1_INTEGER_free(x->serialNumber); - x->serialNumber = in; - } - } - return in != NULL; -} -LCRYPTO_ALIAS(X509_REVOKED_set_serialNumber); - -int -i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **pp) -{ - crl->crl->enc.modified = 1; - return i2d_X509_CRL_INFO(crl->crl, pp); -} -LCRYPTO_ALIAS(i2d_re_X509_CRL_tbs); diff --git a/src/lib/libcrypto/x509/x509name.c b/src/lib/libcrypto/x509/x509name.c deleted file mode 100644 index d2df06ccc6..0000000000 --- a/src/lib/libcrypto/x509/x509name.c +++ /dev/null @@ -1,452 +0,0 @@ -/* $OpenBSD: x509name.c,v 1.35 2023/05/29 11:54:50 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include -#include -#include -#include -#include -#include - -#include "bytestring.h" -#include "x509_local.h" - -int -X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len) -{ - ASN1_OBJECT *obj; - - obj = OBJ_nid2obj(nid); - if (obj == NULL) - return (-1); - return (X509_NAME_get_text_by_OBJ(name, obj, buf, len)); -} -LCRYPTO_ALIAS(X509_NAME_get_text_by_NID); - -int -X509_NAME_get_text_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, char *buf, - int len) -{ - unsigned char *text = NULL; - ASN1_STRING *data; - int i, text_len; - int ret = -1; - CBS cbs; - - i = X509_NAME_get_index_by_OBJ(name, obj, -1); - if (i < 0) - goto err; - data = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name, i)); - /* - * Fail if we cannot encode as UTF-8, or if the UTF-8 encoding of the - * string contains a 0 byte, because mortal callers seldom handle the - * length difference correctly. - */ - if ((text_len = ASN1_STRING_to_UTF8(&text, data)) < 0) - goto err; - CBS_init(&cbs, text, text_len); - if (CBS_contains_zero_byte(&cbs)) - goto err; - /* We still support the "pass NULL to find out how much" API */ - if (buf != NULL) { - if (len <= 0 || !CBS_write_bytes(&cbs, buf, len - 1, NULL)) - goto err; - /* It must be a C string */ - buf[text_len] = '\0'; - } - ret = text_len; - - err: - free(text); - return (ret); -} -LCRYPTO_ALIAS(X509_NAME_get_text_by_OBJ); - -int -X509_NAME_entry_count(const X509_NAME *name) -{ - if (name == NULL) - return (0); - return (sk_X509_NAME_ENTRY_num(name->entries)); -} -LCRYPTO_ALIAS(X509_NAME_entry_count); - -int -X509_NAME_get_index_by_NID(const X509_NAME *name, int nid, int lastpos) -{ - ASN1_OBJECT *obj; - - obj = OBJ_nid2obj(nid); - if (obj == NULL) - return (-2); - return (X509_NAME_get_index_by_OBJ(name, obj, lastpos)); -} -LCRYPTO_ALIAS(X509_NAME_get_index_by_NID); - -/* NOTE: you should be passing -1, not 0 as lastpos */ -int -X509_NAME_get_index_by_OBJ(const X509_NAME *name, const ASN1_OBJECT *obj, - int lastpos) -{ - int n; - X509_NAME_ENTRY *ne; - STACK_OF(X509_NAME_ENTRY) *sk; - - if (name == NULL) - return (-1); - if (lastpos < 0) - lastpos = -1; - sk = name->entries; - n = sk_X509_NAME_ENTRY_num(sk); - for (lastpos++; lastpos < n; lastpos++) { - ne = sk_X509_NAME_ENTRY_value(sk, lastpos); - if (OBJ_cmp(ne->object, obj) == 0) - return (lastpos); - } - return (-1); -} -LCRYPTO_ALIAS(X509_NAME_get_index_by_OBJ); - -X509_NAME_ENTRY * -X509_NAME_get_entry(const X509_NAME *name, int loc) -{ - if (name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc || - loc < 0) - return (NULL); - else - return (sk_X509_NAME_ENTRY_value(name->entries, loc)); -} -LCRYPTO_ALIAS(X509_NAME_get_entry); - -X509_NAME_ENTRY * -X509_NAME_delete_entry(X509_NAME *name, int loc) -{ - X509_NAME_ENTRY *ret; - int i, n, set_prev, set_next; - STACK_OF(X509_NAME_ENTRY) *sk; - - if (name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc || - loc < 0) - return (NULL); - sk = name->entries; - ret = sk_X509_NAME_ENTRY_delete(sk, loc); - n = sk_X509_NAME_ENTRY_num(sk); - name->modified = 1; - if (loc == n) - return (ret); - - /* else we need to fixup the set field */ - if (loc != 0) - set_prev = (sk_X509_NAME_ENTRY_value(sk, loc - 1))->set; - else - set_prev = ret->set - 1; - set_next = sk_X509_NAME_ENTRY_value(sk, loc)->set; - - /* set_prev is the previous set - * set is the current set - * set_next is the following - * prev 1 1 1 1 1 1 1 1 - * set 1 1 2 2 - * next 1 1 2 2 2 2 3 2 - * so basically only if prev and next differ by 2, then - * re-number down by 1 */ - if (set_prev + 1 < set_next) - for (i = loc; i < n; i++) - sk_X509_NAME_ENTRY_value(sk, i)->set--; - return (ret); -} -LCRYPTO_ALIAS(X509_NAME_delete_entry); - -int -X509_NAME_add_entry_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, int type, - const unsigned char *bytes, int len, int loc, int set) -{ - X509_NAME_ENTRY *ne; - int ret; - - ne = X509_NAME_ENTRY_create_by_OBJ(NULL, obj, type, bytes, len); - if (!ne) - return 0; - ret = X509_NAME_add_entry(name, ne, loc, set); - X509_NAME_ENTRY_free(ne); - return ret; -} -LCRYPTO_ALIAS(X509_NAME_add_entry_by_OBJ); - -int -X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, - const unsigned char *bytes, int len, int loc, int set) -{ - X509_NAME_ENTRY *ne; - int ret; - - ne = X509_NAME_ENTRY_create_by_NID(NULL, nid, type, bytes, len); - if (!ne) - return 0; - ret = X509_NAME_add_entry(name, ne, loc, set); - X509_NAME_ENTRY_free(ne); - return ret; -} -LCRYPTO_ALIAS(X509_NAME_add_entry_by_NID); - -int -X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type, - const unsigned char *bytes, int len, int loc, int set) -{ - X509_NAME_ENTRY *ne; - int ret; - - ne = X509_NAME_ENTRY_create_by_txt(NULL, field, type, bytes, len); - if (!ne) - return 0; - ret = X509_NAME_add_entry(name, ne, loc, set); - X509_NAME_ENTRY_free(ne); - return ret; -} -LCRYPTO_ALIAS(X509_NAME_add_entry_by_txt); - -/* if set is -1, append to previous set, 0 'a new one', and 1, - * prepend to the guy we are about to stomp on. */ -int -X509_NAME_add_entry(X509_NAME *name, const X509_NAME_ENTRY *ne, int loc, - int set) -{ - X509_NAME_ENTRY *new_name = NULL; - int n, i, inc; - STACK_OF(X509_NAME_ENTRY) *sk; - - if (name == NULL) - return (0); - sk = name->entries; - n = sk_X509_NAME_ENTRY_num(sk); - if (loc > n) - loc = n; - else if (loc < 0) - loc = n; - inc = (set == 0); - name->modified = 1; - - if (set == -1) { - if (loc == 0) { - set = 0; - inc = 1; - } else - set = sk_X509_NAME_ENTRY_value(sk, loc - 1)->set; - } else /* if (set >= 0) */ { - if (loc >= n) { - if (loc != 0) - set = sk_X509_NAME_ENTRY_value(sk, loc - 1)->set + 1; - else - set = 0; - } else - set = sk_X509_NAME_ENTRY_value(sk, loc)->set; - } - - /* OpenSSL has ASN1-generated X509_NAME_ENTRY_dup() without const. */ - if ((new_name = X509_NAME_ENTRY_dup((X509_NAME_ENTRY *)ne)) == NULL) - goto err; - new_name->set = set; - if (!sk_X509_NAME_ENTRY_insert(sk, new_name, loc)) { - X509error(ERR_R_MALLOC_FAILURE); - goto err; - } - if (inc) { - n = sk_X509_NAME_ENTRY_num(sk); - for (i = loc + 1; i < n; i++) - sk_X509_NAME_ENTRY_value(sk, i)->set += 1; - } - return (1); - -err: - if (new_name != NULL) - X509_NAME_ENTRY_free(new_name); - return (0); -} -LCRYPTO_ALIAS(X509_NAME_add_entry); - -X509_NAME_ENTRY * -X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, - const char *field, int type, const unsigned char *bytes, int len) -{ - ASN1_OBJECT *obj; - X509_NAME_ENTRY *nentry; - - obj = OBJ_txt2obj(field, 0); - if (obj == NULL) { - X509error(X509_R_INVALID_FIELD_NAME); - ERR_asprintf_error_data("name=%s", field); - return (NULL); - } - nentry = X509_NAME_ENTRY_create_by_OBJ(ne, obj, type, bytes, len); - ASN1_OBJECT_free(obj); - return nentry; -} -LCRYPTO_ALIAS(X509_NAME_ENTRY_create_by_txt); - -X509_NAME_ENTRY * -X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, int type, - const unsigned char *bytes, int len) -{ - ASN1_OBJECT *obj; - X509_NAME_ENTRY *nentry; - - obj = OBJ_nid2obj(nid); - if (obj == NULL) { - X509error(X509_R_UNKNOWN_NID); - return (NULL); - } - nentry = X509_NAME_ENTRY_create_by_OBJ(ne, obj, type, bytes, len); - ASN1_OBJECT_free(obj); - return nentry; -} -LCRYPTO_ALIAS(X509_NAME_ENTRY_create_by_NID); - -X509_NAME_ENTRY * -X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, const ASN1_OBJECT *obj, - int type, const unsigned char *bytes, int len) -{ - X509_NAME_ENTRY *ret; - - if ((ne == NULL) || (*ne == NULL)) { - if ((ret = X509_NAME_ENTRY_new()) == NULL) - return (NULL); - } else - ret= *ne; - - if (!X509_NAME_ENTRY_set_object(ret, obj)) - goto err; - if (!X509_NAME_ENTRY_set_data(ret, type, bytes, len)) - goto err; - - if ((ne != NULL) && (*ne == NULL)) - *ne = ret; - return (ret); - -err: - if ((ne == NULL) || (ret != *ne)) - X509_NAME_ENTRY_free(ret); - return (NULL); -} -LCRYPTO_ALIAS(X509_NAME_ENTRY_create_by_OBJ); - -int -X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, const ASN1_OBJECT *obj) -{ - if ((ne == NULL) || (obj == NULL)) { - X509error(ERR_R_PASSED_NULL_PARAMETER); - return (0); - } - ASN1_OBJECT_free(ne->object); - ne->object = OBJ_dup(obj); - return ((ne->object == NULL) ? 0 : 1); -} -LCRYPTO_ALIAS(X509_NAME_ENTRY_set_object); - -int -X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, - const unsigned char *bytes, int len) -{ - int i; - - if ((ne == NULL) || ((bytes == NULL) && (len != 0))) - return (0); - if ((type > 0) && (type & MBSTRING_FLAG)) - return ASN1_STRING_set_by_NID(&ne->value, bytes, len, type, - OBJ_obj2nid(ne->object)) ? 1 : 0; - if (len < 0) - len = strlen((const char *)bytes); - i = ASN1_STRING_set(ne->value, bytes, len); - if (!i) - return (0); - if (type != V_ASN1_UNDEF) { - if (type == V_ASN1_APP_CHOOSE) - ne->value->type = ASN1_PRINTABLE_type(bytes, len); - else - ne->value->type = type; - } - return (1); -} -LCRYPTO_ALIAS(X509_NAME_ENTRY_set_data); - -ASN1_OBJECT * -X509_NAME_ENTRY_get_object(const X509_NAME_ENTRY *ne) -{ - if (ne == NULL) - return (NULL); - return (ne->object); -} -LCRYPTO_ALIAS(X509_NAME_ENTRY_get_object); - -ASN1_STRING * -X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne) -{ - if (ne == NULL) - return (NULL); - return (ne->value); -} -LCRYPTO_ALIAS(X509_NAME_ENTRY_get_data); - -int -X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne) -{ - return (ne->set); -} -LCRYPTO_ALIAS(X509_NAME_ENTRY_set); diff --git a/src/lib/libcrypto/x509/x509rset.c b/src/lib/libcrypto/x509/x509rset.c deleted file mode 100644 index 2e2d4abd08..0000000000 --- a/src/lib/libcrypto/x509/x509rset.c +++ /dev/null @@ -1,113 +0,0 @@ -/* $OpenBSD: x509rset.c,v 1.16 2024/03/26 23:45:05 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include -#include -#include - -#include "x509_local.h" - -int -X509_REQ_set_version(X509_REQ *x, long version) -{ - if (x == NULL) - return 0; - /* RFC 2986 section 4.1 only specifies version 1, encoded as a 0. */ - if (version != 0) - return 0; - x->req_info->enc.modified = 1; - return ASN1_INTEGER_set(x->req_info->version, version); -} -LCRYPTO_ALIAS(X509_REQ_set_version); - -long -X509_REQ_get_version(const X509_REQ *x) -{ - return ASN1_INTEGER_get(x->req_info->version); -} -LCRYPTO_ALIAS(X509_REQ_get_version); - -int -X509_REQ_set_subject_name(X509_REQ *x, X509_NAME *name) -{ - if (x == NULL || x->req_info == NULL) - return 0; - x->req_info->enc.modified = 1; - return X509_NAME_set(&x->req_info->subject, name); -} -LCRYPTO_ALIAS(X509_REQ_set_subject_name); - -X509_NAME * -X509_REQ_get_subject_name(const X509_REQ *x) -{ - return x->req_info->subject; -} -LCRYPTO_ALIAS(X509_REQ_get_subject_name); - -int -X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey) -{ - if (x == NULL || x->req_info == NULL) - return 0; - x->req_info->enc.modified = 1; - return X509_PUBKEY_set(&x->req_info->pubkey, pkey); -} -LCRYPTO_ALIAS(X509_REQ_set_pubkey); diff --git a/src/lib/libcrypto/x509/x509spki.c b/src/lib/libcrypto/x509/x509spki.c deleted file mode 100644 index 04c9a6f01b..0000000000 --- a/src/lib/libcrypto/x509/x509spki.c +++ /dev/null @@ -1,136 +0,0 @@ -/* $OpenBSD: x509spki.c,v 1.16 2023/02/16 08:38:17 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include - -#include -#include - -int -NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey) -{ - if ((x == NULL) || (x->spkac == NULL)) - return (0); - return (X509_PUBKEY_set(&(x->spkac->pubkey), pkey)); -} -LCRYPTO_ALIAS(NETSCAPE_SPKI_set_pubkey); - -EVP_PKEY * -NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x) -{ - if ((x == NULL) || (x->spkac == NULL)) - return (NULL); - return (X509_PUBKEY_get(x->spkac->pubkey)); -} -LCRYPTO_ALIAS(NETSCAPE_SPKI_get_pubkey); - -/* Load a Netscape SPKI from a base64 encoded string */ - -NETSCAPE_SPKI * -NETSCAPE_SPKI_b64_decode(const char *str, int len) -{ - unsigned char *spki_der; - const unsigned char *p; - int spki_len; - NETSCAPE_SPKI *spki; - - if (len <= 0) - len = strlen(str); - if (!(spki_der = malloc(len + 1))) { - X509error(ERR_R_MALLOC_FAILURE); - return NULL; - } - spki_len = EVP_DecodeBlock(spki_der, (const unsigned char *)str, len); - if (spki_len < 0) { - X509error(X509_R_BASE64_DECODE_ERROR); - free(spki_der); - return NULL; - } - p = spki_der; - spki = d2i_NETSCAPE_SPKI(NULL, &p, spki_len); - free(spki_der); - return spki; -} -LCRYPTO_ALIAS(NETSCAPE_SPKI_b64_decode); - -/* Generate a base64 encoded string from an SPKI */ - -char * -NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki) -{ - unsigned char *der_spki, *p; - char *b64_str; - int der_len; - der_len = i2d_NETSCAPE_SPKI(spki, NULL); - der_spki = malloc(der_len); - b64_str = reallocarray(NULL, der_len, 2); - if (!der_spki || !b64_str) { - X509error(ERR_R_MALLOC_FAILURE); - free(der_spki); - free(b64_str); - return NULL; - } - p = der_spki; - i2d_NETSCAPE_SPKI(spki, &p); - EVP_EncodeBlock((unsigned char *)b64_str, der_spki, der_len); - free(der_spki); - return b64_str; -} -LCRYPTO_ALIAS(NETSCAPE_SPKI_b64_encode); diff --git a/src/lib/libcrypto/x509/x509type.c b/src/lib/libcrypto/x509/x509type.c deleted file mode 100644 index 1698d8a0ab..0000000000 --- a/src/lib/libcrypto/x509/x509type.c +++ /dev/null @@ -1,136 +0,0 @@ -/* $OpenBSD: x509type.c,v 1.24 2023/11/13 16:16:14 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include -#include - -#include "evp_local.h" -#include "x509_local.h" - -int -X509_certificate_type(const X509 *x, const EVP_PKEY *pkey) -{ - const EVP_PKEY *pk = pkey; - int nid; - int ret = 0; - - if (x == NULL) - goto done; - - if (pk == NULL) - pk = X509_get0_pubkey(x); - if (pk == NULL) - goto done; - - switch (pk->type) { - case EVP_PKEY_RSA: - ret = EVP_PK_RSA|EVP_PKT_SIGN|EVP_PKT_ENC; - break; - case EVP_PKEY_RSA_PSS: - ret = EVP_PK_RSA|EVP_PKT_SIGN; - break; - case EVP_PKEY_DSA: - ret = EVP_PK_DSA|EVP_PKT_SIGN; - break; - case EVP_PKEY_EC: - ret = EVP_PK_EC|EVP_PKT_SIGN|EVP_PKT_EXCH; - break; - case EVP_PKEY_ED25519: - ret = EVP_PKT_SIGN; - break; - case EVP_PKEY_DH: - ret = EVP_PK_DH|EVP_PKT_EXCH; - break; - case NID_id_GostR3410_94: - case NID_id_GostR3410_2001: - ret = EVP_PKT_EXCH|EVP_PKT_SIGN; - break; - default: - break; - } - - if ((nid = X509_get_signature_nid(x)) == NID_undef) - goto done; - - if (!OBJ_find_sigid_algs(nid, NULL, &nid)) - goto done; - - switch (nid) { - case NID_rsaEncryption: - case NID_rsa: - ret |= EVP_PKS_RSA; - break; - case NID_dsa: - case NID_dsa_2: - ret |= EVP_PKS_DSA; - break; - case NID_X9_62_id_ecPublicKey: - ret |= EVP_PKS_EC; - break; - default: - break; - } - - done: - - return ret; -} -LCRYPTO_ALIAS(X509_certificate_type); diff --git a/src/lib/libcrypto/x509/x509v3.h b/src/lib/libcrypto/x509/x509v3.h deleted file mode 100644 index fa31279280..0000000000 --- a/src/lib/libcrypto/x509/x509v3.h +++ /dev/null @@ -1,1041 +0,0 @@ -/* $OpenBSD: x509v3.h,v 1.40 2024/12/23 09:57:23 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -#ifndef HEADER_X509V3_H -#define HEADER_X509V3_H - -#include - -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* Forward reference */ -struct v3_ext_method; -struct v3_ext_ctx; - -/* Useful typedefs */ - -typedef void * (*X509V3_EXT_NEW)(void); -typedef void (*X509V3_EXT_FREE)(void *); -typedef void * (*X509V3_EXT_D2I)(void *, const unsigned char ** , long); -typedef int (*X509V3_EXT_I2D)(void *, unsigned char **); -typedef STACK_OF(CONF_VALUE) * - (*X509V3_EXT_I2V)(const struct v3_ext_method *method, void *ext, - STACK_OF(CONF_VALUE) *extlist); -typedef void * (*X509V3_EXT_V2I)(const struct v3_ext_method *method, - struct v3_ext_ctx *ctx, - STACK_OF(CONF_VALUE) *values); -typedef char * (*X509V3_EXT_I2S)(const struct v3_ext_method *method, void *ext); -typedef void * (*X509V3_EXT_S2I)(const struct v3_ext_method *method, - struct v3_ext_ctx *ctx, const char *str); -typedef int (*X509V3_EXT_I2R)(const struct v3_ext_method *method, void *ext, - BIO *out, int indent); -typedef void * (*X509V3_EXT_R2I)(const struct v3_ext_method *method, - struct v3_ext_ctx *ctx, const char *str); - -/* V3 extension structure */ - -struct v3_ext_method { - int ext_nid; - int ext_flags; - /* If this is set the following four fields are ignored */ - ASN1_ITEM_EXP *it; - /* Old style ASN1 calls */ - X509V3_EXT_NEW ext_new; - X509V3_EXT_FREE ext_free; - X509V3_EXT_D2I d2i; - X509V3_EXT_I2D i2d; - - /* The following pair is used for string extensions */ - X509V3_EXT_I2S i2s; - X509V3_EXT_S2I s2i; - - /* The following pair is used for multi-valued extensions */ - X509V3_EXT_I2V i2v; - X509V3_EXT_V2I v2i; - - /* The following are used for raw extensions */ - X509V3_EXT_I2R i2r; - X509V3_EXT_R2I r2i; - - const void *usr_data; /* Any extension specific data */ -}; - -struct v3_ext_ctx { - #define CTX_TEST 0x1 - int flags; - X509 *issuer_cert; - X509 *subject_cert; - X509_REQ *subject_req; - X509_CRL *crl; - void *db; -}; - -typedef struct v3_ext_method X509V3_EXT_METHOD; - -DECLARE_STACK_OF(X509V3_EXT_METHOD) - -/* XXX - can this be made internal? */ -#define X509V3_EXT_MULTILINE 0x4 - -/* XXX - remove it anyway? */ -/* Guess who uses this... Yes, of course, it's xca. */ -typedef BIT_STRING_BITNAME ENUMERATED_NAMES; - -typedef struct BASIC_CONSTRAINTS_st { - int ca; - ASN1_INTEGER *pathlen; -} BASIC_CONSTRAINTS; - - -typedef struct PKEY_USAGE_PERIOD_st { - ASN1_GENERALIZEDTIME *notBefore; - ASN1_GENERALIZEDTIME *notAfter; -} PKEY_USAGE_PERIOD; - -typedef struct otherName_st { - ASN1_OBJECT *type_id; - ASN1_TYPE *value; -} OTHERNAME; - -typedef struct EDIPartyName_st { - ASN1_STRING *nameAssigner; - ASN1_STRING *partyName; -} EDIPARTYNAME; - -typedef struct GENERAL_NAME_st { - - #define GEN_OTHERNAME 0 - #define GEN_EMAIL 1 - #define GEN_DNS 2 - #define GEN_X400 3 - #define GEN_DIRNAME 4 - #define GEN_EDIPARTY 5 - #define GEN_URI 6 - #define GEN_IPADD 7 - #define GEN_RID 8 - - int type; - union { - char *ptr; - OTHERNAME *otherName; /* otherName */ - ASN1_IA5STRING *rfc822Name; - ASN1_IA5STRING *dNSName; - ASN1_STRING *x400Address; - X509_NAME *directoryName; - EDIPARTYNAME *ediPartyName; - ASN1_IA5STRING *uniformResourceIdentifier; - ASN1_OCTET_STRING *iPAddress; - ASN1_OBJECT *registeredID; - - /* Old names */ - ASN1_OCTET_STRING *ip; /* iPAddress */ - X509_NAME *dirn; /* dirn */ - ASN1_IA5STRING *ia5; /* rfc822Name, dNSName, uniformResourceIdentifier */ - ASN1_OBJECT *rid; /* registeredID */ - } d; -} GENERAL_NAME; - -typedef struct ACCESS_DESCRIPTION_st { - ASN1_OBJECT *method; - GENERAL_NAME *location; -} ACCESS_DESCRIPTION; - -typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; - -typedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE; - -DECLARE_STACK_OF(GENERAL_NAME) - -typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES; -DECLARE_STACK_OF(GENERAL_NAMES) - -DECLARE_STACK_OF(ACCESS_DESCRIPTION) - -typedef struct DIST_POINT_NAME_st { - int type; - union { - GENERAL_NAMES *fullname; - STACK_OF(X509_NAME_ENTRY) *relativename; - } name; - /* If relativename then this contains the full distribution point name */ - X509_NAME *dpname; -} DIST_POINT_NAME; -/* All existing reasons */ -#define CRLDP_ALL_REASONS 0x807f - -#define CRL_REASON_NONE -1 -#define CRL_REASON_UNSPECIFIED 0 -#define CRL_REASON_KEY_COMPROMISE 1 -#define CRL_REASON_CA_COMPROMISE 2 -#define CRL_REASON_AFFILIATION_CHANGED 3 -#define CRL_REASON_SUPERSEDED 4 -#define CRL_REASON_CESSATION_OF_OPERATION 5 -#define CRL_REASON_CERTIFICATE_HOLD 6 -#define CRL_REASON_REMOVE_FROM_CRL 8 -#define CRL_REASON_PRIVILEGE_WITHDRAWN 9 -#define CRL_REASON_AA_COMPROMISE 10 - -struct DIST_POINT_st { - DIST_POINT_NAME *distpoint; - ASN1_BIT_STRING *reasons; - GENERAL_NAMES *CRLissuer; - int dp_reasons; -}; - -typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS; - -DECLARE_STACK_OF(DIST_POINT) - -struct AUTHORITY_KEYID_st { - ASN1_OCTET_STRING *keyid; - GENERAL_NAMES *issuer; - ASN1_INTEGER *serial; -}; - -typedef struct NOTICEREF_st { - ASN1_STRING *organization; - STACK_OF(ASN1_INTEGER) *noticenos; -} NOTICEREF; - -typedef struct USERNOTICE_st { - NOTICEREF *noticeref; - ASN1_STRING *exptext; -} USERNOTICE; - -typedef struct POLICYQUALINFO_st { - ASN1_OBJECT *pqualid; - union { - ASN1_IA5STRING *cpsuri; - USERNOTICE *usernotice; - ASN1_TYPE *other; - } d; -} POLICYQUALINFO; - -DECLARE_STACK_OF(POLICYQUALINFO) - -typedef struct POLICYINFO_st { - ASN1_OBJECT *policyid; - STACK_OF(POLICYQUALINFO) *qualifiers; -} POLICYINFO; - -typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES; - -DECLARE_STACK_OF(POLICYINFO) - -typedef struct POLICY_MAPPING_st { - ASN1_OBJECT *issuerDomainPolicy; - ASN1_OBJECT *subjectDomainPolicy; -} POLICY_MAPPING; - -DECLARE_STACK_OF(POLICY_MAPPING) - -typedef STACK_OF(POLICY_MAPPING) POLICY_MAPPINGS; - -typedef struct GENERAL_SUBTREE_st { - GENERAL_NAME *base; - ASN1_INTEGER *minimum; - ASN1_INTEGER *maximum; -} GENERAL_SUBTREE; - -DECLARE_STACK_OF(GENERAL_SUBTREE) - -struct NAME_CONSTRAINTS_st { - STACK_OF(GENERAL_SUBTREE) *permittedSubtrees; - STACK_OF(GENERAL_SUBTREE) *excludedSubtrees; -}; - -typedef struct POLICY_CONSTRAINTS_st { - ASN1_INTEGER *requireExplicitPolicy; - ASN1_INTEGER *inhibitPolicyMapping; -} POLICY_CONSTRAINTS; - -struct ISSUING_DIST_POINT_st { - DIST_POINT_NAME *distpoint; - int onlyuser; - int onlyCA; - ASN1_BIT_STRING *onlysomereasons; - int indirectCRL; - int onlyattr; -}; - -/* Values in idp_flags field */ -/* IDP present */ -#define IDP_PRESENT 0x1 -/* IDP values inconsistent */ -#define IDP_INVALID 0x2 -/* onlyuser true */ -#define IDP_ONLYUSER 0x4 -/* onlyCA true */ -#define IDP_ONLYCA 0x8 -/* onlyattr true */ -#define IDP_ONLYATTR 0x10 -/* indirectCRL true */ -#define IDP_INDIRECT 0x20 -/* onlysomereasons present */ -#define IDP_REASONS 0x40 - -#define X509V3_conf_err(val) ERR_asprintf_error_data( \ - "section:%s,name:%s,value:%s", val->section, \ - val->name, val->value); - -#define X509V3_set_ctx_test(ctx) \ - X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST) -#define X509V3_set_ctx_nodb(ctx) (ctx)->db = NULL; - -/* X509_PURPOSE stuff */ - -#define EXFLAG_BCONS 0x0001 -#define EXFLAG_KUSAGE 0x0002 -#define EXFLAG_XKUSAGE 0x0004 -#define EXFLAG_NSCERT 0x0008 - -#define EXFLAG_CA 0x0010 -#define EXFLAG_SI 0x0020 /* Self issued. */ -#define EXFLAG_V1 0x0040 -#define EXFLAG_INVALID 0x0080 -#define EXFLAG_SET 0x0100 -#define EXFLAG_CRITICAL 0x0200 -#if !defined(LIBRESSL_INTERNAL) -#define EXFLAG_PROXY 0x0400 -#endif -#define EXFLAG_INVALID_POLICY 0x0800 -#define EXFLAG_FRESHEST 0x1000 -#define EXFLAG_SS 0x2000 /* Self signed. */ - -#define KU_DIGITAL_SIGNATURE 0x0080 -#define KU_NON_REPUDIATION 0x0040 -#define KU_KEY_ENCIPHERMENT 0x0020 -#define KU_DATA_ENCIPHERMENT 0x0010 -#define KU_KEY_AGREEMENT 0x0008 -#define KU_KEY_CERT_SIGN 0x0004 -#define KU_CRL_SIGN 0x0002 -#define KU_ENCIPHER_ONLY 0x0001 -#define KU_DECIPHER_ONLY 0x8000 - -#define NS_SSL_CLIENT 0x80 -#define NS_SSL_SERVER 0x40 -#define NS_SMIME 0x20 -#define NS_OBJSIGN 0x10 -#define NS_SSL_CA 0x04 -#define NS_SMIME_CA 0x02 -#define NS_OBJSIGN_CA 0x01 -#define NS_ANY_CA (NS_SSL_CA|NS_SMIME_CA|NS_OBJSIGN_CA) - -#define XKU_SSL_SERVER 0x1 -#define XKU_SSL_CLIENT 0x2 -#define XKU_SMIME 0x4 -#define XKU_CODE_SIGN 0x8 -#define XKU_SGC 0x10 -#define XKU_OCSP_SIGN 0x20 -#define XKU_TIMESTAMP 0x40 -#define XKU_DVCS 0x80 -#define XKU_ANYEKU 0x100 - -#define X509_PURPOSE_DYNAMIC 0x1 -#define X509_PURPOSE_DYNAMIC_NAME 0x2 - -typedef struct x509_purpose_st X509_PURPOSE; - -#define X509_PURPOSE_SSL_CLIENT 1 -#define X509_PURPOSE_SSL_SERVER 2 -#define X509_PURPOSE_NS_SSL_SERVER 3 -#define X509_PURPOSE_SMIME_SIGN 4 -#define X509_PURPOSE_SMIME_ENCRYPT 5 -#define X509_PURPOSE_CRL_SIGN 6 -#define X509_PURPOSE_ANY 7 -#define X509_PURPOSE_OCSP_HELPER 8 -#define X509_PURPOSE_TIMESTAMP_SIGN 9 - -#define X509_PURPOSE_MIN 1 -#define X509_PURPOSE_MAX 9 - -/* Flags for X509V3_EXT_print() */ - -#define X509V3_EXT_UNKNOWN_MASK (0xfL << 16) -/* Return error for unknown extensions */ -#define X509V3_EXT_DEFAULT 0 -/* Print error for unknown extensions */ -#define X509V3_EXT_ERROR_UNKNOWN (1L << 16) -/* ASN1 parse unknown extensions */ -#define X509V3_EXT_PARSE_UNKNOWN (2L << 16) -/* BIO_dump unknown extensions */ -#define X509V3_EXT_DUMP_UNKNOWN (3L << 16) - -/* Flags for X509V3_add1_i2d */ - -#define X509V3_ADD_OP_MASK 0xfL -#define X509V3_ADD_DEFAULT 0L -#define X509V3_ADD_APPEND 1L -#define X509V3_ADD_REPLACE 2L -#define X509V3_ADD_REPLACE_EXISTING 3L -#define X509V3_ADD_KEEP_EXISTING 4L -#define X509V3_ADD_DELETE 5L -#define X509V3_ADD_SILENT 0x10 - -DECLARE_STACK_OF(X509_PURPOSE) - -BASIC_CONSTRAINTS *BASIC_CONSTRAINTS_new(void); -void BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *a); -BASIC_CONSTRAINTS *d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **a, const unsigned char **in, long len); -int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, unsigned char **out); -extern const ASN1_ITEM BASIC_CONSTRAINTS_it; - -AUTHORITY_KEYID *AUTHORITY_KEYID_new(void); -void AUTHORITY_KEYID_free(AUTHORITY_KEYID *a); -AUTHORITY_KEYID *d2i_AUTHORITY_KEYID(AUTHORITY_KEYID **a, const unsigned char **in, long len); -int i2d_AUTHORITY_KEYID(AUTHORITY_KEYID *a, unsigned char **out); -extern const ASN1_ITEM AUTHORITY_KEYID_it; - -PKEY_USAGE_PERIOD *PKEY_USAGE_PERIOD_new(void); -void PKEY_USAGE_PERIOD_free(PKEY_USAGE_PERIOD *a); -PKEY_USAGE_PERIOD *d2i_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD **a, const unsigned char **in, long len); -int i2d_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD *a, unsigned char **out); -extern const ASN1_ITEM PKEY_USAGE_PERIOD_it; - -GENERAL_NAME *GENERAL_NAME_new(void); -void GENERAL_NAME_free(GENERAL_NAME *a); -GENERAL_NAME *d2i_GENERAL_NAME(GENERAL_NAME **a, const unsigned char **in, long len); -int i2d_GENERAL_NAME(GENERAL_NAME *a, unsigned char **out); -extern const ASN1_ITEM GENERAL_NAME_it; -GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a); -int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b); - - - -ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); -STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, - ASN1_BIT_STRING *bits, - STACK_OF(CONF_VALUE) *extlist); - -STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret); -int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen); - -GENERAL_NAMES *GENERAL_NAMES_new(void); -void GENERAL_NAMES_free(GENERAL_NAMES *a); -GENERAL_NAMES *d2i_GENERAL_NAMES(GENERAL_NAMES **a, const unsigned char **in, long len); -int i2d_GENERAL_NAMES(GENERAL_NAMES *a, unsigned char **out); -extern const ASN1_ITEM GENERAL_NAMES_it; - -STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method, - GENERAL_NAMES *gen, STACK_OF(CONF_VALUE) *extlist); -GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); - -OTHERNAME *OTHERNAME_new(void); -void OTHERNAME_free(OTHERNAME *a); -OTHERNAME *d2i_OTHERNAME(OTHERNAME **a, const unsigned char **in, long len); -int i2d_OTHERNAME(OTHERNAME *a, unsigned char **out); -extern const ASN1_ITEM OTHERNAME_it; -EDIPARTYNAME *EDIPARTYNAME_new(void); -void EDIPARTYNAME_free(EDIPARTYNAME *a); -EDIPARTYNAME *d2i_EDIPARTYNAME(EDIPARTYNAME **a, const unsigned char **in, long len); -int i2d_EDIPARTYNAME(EDIPARTYNAME *a, unsigned char **out); -extern const ASN1_ITEM EDIPARTYNAME_it; -int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b); -void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value); -void *GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype); -int GENERAL_NAME_set0_othername(GENERAL_NAME *gen, - ASN1_OBJECT *oid, ASN1_TYPE *value); -int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen, - ASN1_OBJECT **poid, ASN1_TYPE **pvalue); - -char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, - const ASN1_OCTET_STRING *ia5); -ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, const char *str); - -EXTENDED_KEY_USAGE *EXTENDED_KEY_USAGE_new(void); -void EXTENDED_KEY_USAGE_free(EXTENDED_KEY_USAGE *a); -EXTENDED_KEY_USAGE *d2i_EXTENDED_KEY_USAGE(EXTENDED_KEY_USAGE **a, const unsigned char **in, long len); -int i2d_EXTENDED_KEY_USAGE(EXTENDED_KEY_USAGE *a, unsigned char **out); -extern const ASN1_ITEM EXTENDED_KEY_USAGE_it; -int i2a_ACCESS_DESCRIPTION(BIO *bp, const ACCESS_DESCRIPTION* a); - -CERTIFICATEPOLICIES *CERTIFICATEPOLICIES_new(void); -void CERTIFICATEPOLICIES_free(CERTIFICATEPOLICIES *a); -CERTIFICATEPOLICIES *d2i_CERTIFICATEPOLICIES(CERTIFICATEPOLICIES **a, const unsigned char **in, long len); -int i2d_CERTIFICATEPOLICIES(CERTIFICATEPOLICIES *a, unsigned char **out); -extern const ASN1_ITEM CERTIFICATEPOLICIES_it; -POLICYINFO *POLICYINFO_new(void); -void POLICYINFO_free(POLICYINFO *a); -POLICYINFO *d2i_POLICYINFO(POLICYINFO **a, const unsigned char **in, long len); -int i2d_POLICYINFO(POLICYINFO *a, unsigned char **out); -extern const ASN1_ITEM POLICYINFO_it; -POLICYQUALINFO *POLICYQUALINFO_new(void); -void POLICYQUALINFO_free(POLICYQUALINFO *a); -POLICYQUALINFO *d2i_POLICYQUALINFO(POLICYQUALINFO **a, const unsigned char **in, long len); -int i2d_POLICYQUALINFO(POLICYQUALINFO *a, unsigned char **out); -extern const ASN1_ITEM POLICYQUALINFO_it; -USERNOTICE *USERNOTICE_new(void); -void USERNOTICE_free(USERNOTICE *a); -USERNOTICE *d2i_USERNOTICE(USERNOTICE **a, const unsigned char **in, long len); -int i2d_USERNOTICE(USERNOTICE *a, unsigned char **out); -extern const ASN1_ITEM USERNOTICE_it; -NOTICEREF *NOTICEREF_new(void); -void NOTICEREF_free(NOTICEREF *a); -NOTICEREF *d2i_NOTICEREF(NOTICEREF **a, const unsigned char **in, long len); -int i2d_NOTICEREF(NOTICEREF *a, unsigned char **out); -extern const ASN1_ITEM NOTICEREF_it; - -CRL_DIST_POINTS *CRL_DIST_POINTS_new(void); -void CRL_DIST_POINTS_free(CRL_DIST_POINTS *a); -CRL_DIST_POINTS *d2i_CRL_DIST_POINTS(CRL_DIST_POINTS **a, const unsigned char **in, long len); -int i2d_CRL_DIST_POINTS(CRL_DIST_POINTS *a, unsigned char **out); -extern const ASN1_ITEM CRL_DIST_POINTS_it; -DIST_POINT *DIST_POINT_new(void); -void DIST_POINT_free(DIST_POINT *a); -DIST_POINT *d2i_DIST_POINT(DIST_POINT **a, const unsigned char **in, long len); -int i2d_DIST_POINT(DIST_POINT *a, unsigned char **out); -extern const ASN1_ITEM DIST_POINT_it; -DIST_POINT_NAME *DIST_POINT_NAME_new(void); -void DIST_POINT_NAME_free(DIST_POINT_NAME *a); -DIST_POINT_NAME *d2i_DIST_POINT_NAME(DIST_POINT_NAME **a, const unsigned char **in, long len); -int i2d_DIST_POINT_NAME(DIST_POINT_NAME *a, unsigned char **out); -extern const ASN1_ITEM DIST_POINT_NAME_it; -ISSUING_DIST_POINT *ISSUING_DIST_POINT_new(void); -void ISSUING_DIST_POINT_free(ISSUING_DIST_POINT *a); -ISSUING_DIST_POINT *d2i_ISSUING_DIST_POINT(ISSUING_DIST_POINT **a, const unsigned char **in, long len); -int i2d_ISSUING_DIST_POINT(ISSUING_DIST_POINT *a, unsigned char **out); -extern const ASN1_ITEM ISSUING_DIST_POINT_it; - -int DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, X509_NAME *iname); - -int NAME_CONSTRAINTS_check(X509 *x, NAME_CONSTRAINTS *nc); - -ACCESS_DESCRIPTION *ACCESS_DESCRIPTION_new(void); -void ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *a); -ACCESS_DESCRIPTION *d2i_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION **a, const unsigned char **in, long len); -int i2d_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION *a, unsigned char **out); -extern const ASN1_ITEM ACCESS_DESCRIPTION_it; -AUTHORITY_INFO_ACCESS *AUTHORITY_INFO_ACCESS_new(void); -void AUTHORITY_INFO_ACCESS_free(AUTHORITY_INFO_ACCESS *a); -AUTHORITY_INFO_ACCESS *d2i_AUTHORITY_INFO_ACCESS(AUTHORITY_INFO_ACCESS **a, const unsigned char **in, long len); -int i2d_AUTHORITY_INFO_ACCESS(AUTHORITY_INFO_ACCESS *a, unsigned char **out); -extern const ASN1_ITEM AUTHORITY_INFO_ACCESS_it; - -extern const ASN1_ITEM POLICY_MAPPING_it; -POLICY_MAPPING *POLICY_MAPPING_new(void); -void POLICY_MAPPING_free(POLICY_MAPPING *a); -extern const ASN1_ITEM POLICY_MAPPINGS_it; - -extern const ASN1_ITEM GENERAL_SUBTREE_it; -GENERAL_SUBTREE *GENERAL_SUBTREE_new(void); -void GENERAL_SUBTREE_free(GENERAL_SUBTREE *a); - -extern const ASN1_ITEM NAME_CONSTRAINTS_it; -NAME_CONSTRAINTS *NAME_CONSTRAINTS_new(void); -void NAME_CONSTRAINTS_free(NAME_CONSTRAINTS *a); - -POLICY_CONSTRAINTS *POLICY_CONSTRAINTS_new(void); -void POLICY_CONSTRAINTS_free(POLICY_CONSTRAINTS *a); -extern const ASN1_ITEM POLICY_CONSTRAINTS_it; - -GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, - const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - int gen_type, const char *value, int is_nc); - -#ifdef HEADER_CONF_H -GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - CONF_VALUE *cnf); -GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, - const X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc); -void X509V3_conf_free(CONF_VALUE *val); - -X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid, - const char *value); -X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, const char *name, - const char *value); -int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, const char *section, - STACK_OF(X509_EXTENSION) **sk); -int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, const char *section, - X509 *cert); -int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, const char *section, - X509_REQ *req); -int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, const char *section, - X509_CRL *crl); - -X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, - int ext_nid, const char *value); -X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, - const char *name, const char *value); - -void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf); -#endif - -void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject, - X509_REQ *req, X509_CRL *crl, int flags); - -char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, const ASN1_INTEGER *aint); -ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, const char *value); -char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, const ASN1_ENUMERATED *aint); -char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *meth, - const ASN1_ENUMERATED *aint); - -const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext); -const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid); -int X509V3_add_standard_extensions(void); -STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line); -void *X509V3_EXT_d2i(X509_EXTENSION *ext); -void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *x, int nid, int *crit, - int *idx); - -X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc); -int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, int crit, unsigned long flags); - -char *hex_to_string(const unsigned char *buffer, long len); -unsigned char *string_to_hex(const char *str, long *len); - -void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, - int ml); -int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent); -int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent); - -int X509V3_extensions_print(BIO *out, const char *title, - const STACK_OF(X509_EXTENSION) *exts, unsigned long flag, int indent); - -int X509_check_ca(X509 *x); -int X509_check_purpose(X509 *x, int id, int ca); -int X509_supported_extension(X509_EXTENSION *ex); -int X509_check_issued(X509 *issuer, X509 *subject); -int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid); - -int X509_PURPOSE_get_count(void); -const X509_PURPOSE *X509_PURPOSE_get0(int idx); -int X509_PURPOSE_get_by_sname(const char *sname); -const char *X509_PURPOSE_get0_name(const X509_PURPOSE *xp); -const char *X509_PURPOSE_get0_sname(const X509_PURPOSE *xp); -int X509_PURPOSE_get_id(const X509_PURPOSE *); -uint32_t X509_get_extension_flags(X509 *x); -uint32_t X509_get_key_usage(X509 *x); -uint32_t X509_get_extended_key_usage(X509 *x); - -STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x); -STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x); -void X509_email_free(STACK_OF(OPENSSL_STRING) *sk); -STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x); - -/* Flags for X509_check_* functions */ -/* Always check subject name for host match even if subject alt names present */ -#define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT 0x1 -/* Disable wildcard matching for dnsName fields and common name. */ -#define X509_CHECK_FLAG_NO_WILDCARDS 0x2 -/* Wildcards must not match a partial label. */ -#define X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS 0x4 -/* Allow (non-partial) wildcards to match multiple labels. */ -#define X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS 0x8 -/* Constraint verifier subdomain patterns to match a single labels. */ -#define X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS 0x10 -/* Disable checking the CN for a hostname, to support modern validation */ -#define X509_CHECK_FLAG_NEVER_CHECK_SUBJECT 0x20 - -int X509_check_host(X509 *x, const char *chk, size_t chklen, - unsigned int flags, char **peername); -int X509_check_email(X509 *x, const char *chk, size_t chklen, - unsigned int flags); -int X509_check_ip(X509 *x, const unsigned char *chk, size_t chklen, - unsigned int flags); -int X509_check_ip_asc(X509 *x, const char *ipasc, unsigned int flags); - -ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc); -ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc); -int a2i_ipadd(unsigned char *ipout, const char *ipasc); -int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk, - unsigned long chtype); - -#ifndef OPENSSL_NO_RFC3779 -typedef struct ASRange_st { - ASN1_INTEGER *min; - ASN1_INTEGER *max; -} ASRange; - -#define ASIdOrRange_id 0 -#define ASIdOrRange_range 1 - -typedef struct ASIdOrRange_st { - int type; - union { - ASN1_INTEGER *id; - ASRange *range; - } u; -} ASIdOrRange; - -typedef STACK_OF(ASIdOrRange) ASIdOrRanges; -DECLARE_STACK_OF(ASIdOrRange) - -#define ASIdentifierChoice_inherit 0 -#define ASIdentifierChoice_asIdsOrRanges 1 - -typedef struct ASIdentifierChoice_st { - int type; - union { - ASN1_NULL *inherit; - ASIdOrRanges *asIdsOrRanges; - } u; -} ASIdentifierChoice; - -typedef struct ASIdentifiers_st { - ASIdentifierChoice *asnum; - ASIdentifierChoice *rdi; -} ASIdentifiers; - -ASRange *ASRange_new(void); -void ASRange_free(ASRange *a); -ASRange *d2i_ASRange(ASRange **a, const unsigned char **in, long len); -int i2d_ASRange(ASRange *a, unsigned char **out); -extern const ASN1_ITEM ASRange_it; - -ASIdOrRange *ASIdOrRange_new(void); -void ASIdOrRange_free(ASIdOrRange *a); -ASIdOrRange *d2i_ASIdOrRange(ASIdOrRange **a, const unsigned char **in, - long len); -int i2d_ASIdOrRange(ASIdOrRange *a, unsigned char **out); -extern const ASN1_ITEM ASIdOrRange_it; - -ASIdentifierChoice *ASIdentifierChoice_new(void); -void ASIdentifierChoice_free(ASIdentifierChoice *a); -ASIdentifierChoice *d2i_ASIdentifierChoice(ASIdentifierChoice **a, - const unsigned char **in, long len); -int i2d_ASIdentifierChoice(ASIdentifierChoice *a, unsigned char **out); -extern const ASN1_ITEM ASIdentifierChoice_it; - -ASIdentifiers *ASIdentifiers_new(void); -void ASIdentifiers_free(ASIdentifiers *a); -ASIdentifiers *d2i_ASIdentifiers(ASIdentifiers **a, const unsigned char **in, - long len); -int i2d_ASIdentifiers(ASIdentifiers *a, unsigned char **out); -extern const ASN1_ITEM ASIdentifiers_it; - -typedef struct IPAddressRange_st { - ASN1_BIT_STRING *min; - ASN1_BIT_STRING *max; -} IPAddressRange; - -#define IPAddressOrRange_addressPrefix 0 -#define IPAddressOrRange_addressRange 1 - -typedef struct IPAddressOrRange_st { - int type; - union { - ASN1_BIT_STRING *addressPrefix; - IPAddressRange *addressRange; - } u; -} IPAddressOrRange; - -typedef STACK_OF(IPAddressOrRange) IPAddressOrRanges; -DECLARE_STACK_OF(IPAddressOrRange) - -#define IPAddressChoice_inherit 0 -#define IPAddressChoice_addressesOrRanges 1 - -typedef struct IPAddressChoice_st { - int type; - union { - ASN1_NULL *inherit; - IPAddressOrRanges *addressesOrRanges; - } u; -} IPAddressChoice; - -typedef struct IPAddressFamily_st { - ASN1_OCTET_STRING *addressFamily; - IPAddressChoice *ipAddressChoice; -} IPAddressFamily; - -typedef STACK_OF(IPAddressFamily) IPAddrBlocks; -DECLARE_STACK_OF(IPAddressFamily) - -IPAddressRange *IPAddressRange_new(void); -void IPAddressRange_free(IPAddressRange *a); -IPAddressRange *d2i_IPAddressRange(IPAddressRange **a, - const unsigned char **in, long len); -int i2d_IPAddressRange(IPAddressRange *a, unsigned char **out); -extern const ASN1_ITEM IPAddressRange_it; - -IPAddressOrRange *IPAddressOrRange_new(void); -void IPAddressOrRange_free(IPAddressOrRange *a); -IPAddressOrRange *d2i_IPAddressOrRange(IPAddressOrRange **a, - const unsigned char **in, long len); -int i2d_IPAddressOrRange(IPAddressOrRange *a, unsigned char **out); -extern const ASN1_ITEM IPAddressOrRange_it; - -IPAddressChoice *IPAddressChoice_new(void); -void IPAddressChoice_free(IPAddressChoice *a); -IPAddressChoice *d2i_IPAddressChoice(IPAddressChoice **a, - const unsigned char **in, long len); -int i2d_IPAddressChoice(IPAddressChoice *a, unsigned char **out); -extern const ASN1_ITEM IPAddressChoice_it; - -IPAddressFamily *IPAddressFamily_new(void); -void IPAddressFamily_free(IPAddressFamily *a); -IPAddressFamily *d2i_IPAddressFamily(IPAddressFamily **a, - const unsigned char **in, long len); -int i2d_IPAddressFamily(IPAddressFamily *a, unsigned char **out); -extern const ASN1_ITEM IPAddressFamily_it; - -/* - * API tag for elements of the ASIdentifer SEQUENCE. - */ -#define V3_ASID_ASNUM 0 -#define V3_ASID_RDI 1 - -/* - * AFI values, assigned by IANA. It'd be nice to make the AFI - * handling code totally generic, but there are too many little things - * that would need to be defined for other address families for it to - * be worth the trouble. - */ -#define IANA_AFI_IPV4 1 -#define IANA_AFI_IPV6 2 - -/* - * Utilities to construct and extract values from RFC3779 extensions, - * since some of the encodings (particularly for IP address prefixes - * and ranges) are a bit tedious to work with directly. - */ -int X509v3_asid_add_inherit(ASIdentifiers *asid, int which); -int X509v3_asid_add_id_or_range(ASIdentifiers *asid, int which, - ASN1_INTEGER *min, ASN1_INTEGER *max); -int X509v3_addr_add_inherit(IPAddrBlocks *addr, const unsigned afi, - const unsigned *safi); -int X509v3_addr_add_prefix(IPAddrBlocks *addr, const unsigned afi, - const unsigned *safi, unsigned char *a, const int prefixlen); -int X509v3_addr_add_range(IPAddrBlocks *addr, const unsigned afi, - const unsigned *safi, unsigned char *min, unsigned char *max); -unsigned X509v3_addr_get_afi(const IPAddressFamily *f); -int X509v3_addr_get_range(IPAddressOrRange *aor, const unsigned afi, - unsigned char *min, unsigned char *max, const int length); - -/* - * Canonical forms. - */ -int X509v3_asid_is_canonical(ASIdentifiers *asid); -int X509v3_addr_is_canonical(IPAddrBlocks *addr); -int X509v3_asid_canonize(ASIdentifiers *asid); -int X509v3_addr_canonize(IPAddrBlocks *addr); - -/* - * Tests for inheritance and containment. - */ -int X509v3_asid_inherits(ASIdentifiers *asid); -int X509v3_addr_inherits(IPAddrBlocks *addr); -int X509v3_asid_subset(ASIdentifiers *a, ASIdentifiers *b); -int X509v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b); - -/* - * Check whether RFC 3779 extensions nest properly in chains. - */ -int X509v3_asid_validate_path(X509_STORE_CTX *); -int X509v3_addr_validate_path(X509_STORE_CTX *); -int X509v3_asid_validate_resource_set(STACK_OF(X509) *chain, ASIdentifiers *ext, - int allow_inheritance); -int X509v3_addr_validate_resource_set(STACK_OF(X509) *chain, IPAddrBlocks *ext, - int allow_inheritance); - -#endif /* !OPENSSL_NO_RFC3779 */ - -void ERR_load_X509V3_strings(void); - -/* Error codes for the X509V3 functions. */ - -/* Function codes. */ -#define X509V3_F_A2I_GENERAL_NAME 164 -#define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE 161 -#define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL 162 -#define X509V3_F_COPY_EMAIL 122 -#define X509V3_F_COPY_ISSUER 123 -#define X509V3_F_DO_DIRNAME 144 -#define X509V3_F_DO_EXT_CONF 124 -#define X509V3_F_DO_EXT_I2D 135 -#define X509V3_F_DO_EXT_NCONF 151 -#define X509V3_F_DO_I2V_NAME_CONSTRAINTS 148 -#define X509V3_F_GNAMES_FROM_SECTNAME 156 -#define X509V3_F_HEX_TO_STRING 111 -#define X509V3_F_I2S_ASN1_ENUMERATED 121 -#define X509V3_F_I2S_ASN1_IA5STRING 149 -#define X509V3_F_I2S_ASN1_INTEGER 120 -#define X509V3_F_I2V_AUTHORITY_INFO_ACCESS 138 -#define X509V3_F_NOTICE_SECTION 132 -#define X509V3_F_NREF_NOS 133 -#define X509V3_F_POLICY_SECTION 131 -#define X509V3_F_PROCESS_PCI_VALUE 150 -#define X509V3_F_R2I_CERTPOL 130 -#define X509V3_F_R2I_PCI 155 -#define X509V3_F_S2I_ASN1_IA5STRING 100 -#define X509V3_F_S2I_ASN1_INTEGER 108 -#define X509V3_F_S2I_ASN1_OCTET_STRING 112 -#define X509V3_F_S2I_ASN1_SKEY_ID 114 -#define X509V3_F_S2I_SKEY_ID 115 -#define X509V3_F_SET_DIST_POINT_NAME 158 -#define X509V3_F_STRING_TO_HEX 113 -#define X509V3_F_SXNET_ADD_ID_ASC 125 -#define X509V3_F_SXNET_ADD_ID_INTEGER 126 -#define X509V3_F_SXNET_ADD_ID_ULONG 127 -#define X509V3_F_SXNET_GET_ID_ASC 128 -#define X509V3_F_SXNET_GET_ID_ULONG 129 -#define X509V3_F_V2I_ASIDENTIFIERS 163 -#define X509V3_F_V2I_ASN1_BIT_STRING 101 -#define X509V3_F_V2I_AUTHORITY_INFO_ACCESS 139 -#define X509V3_F_V2I_AUTHORITY_KEYID 119 -#define X509V3_F_V2I_BASIC_CONSTRAINTS 102 -#define X509V3_F_V2I_CRLD 134 -#define X509V3_F_V2I_EXTENDED_KEY_USAGE 103 -#define X509V3_F_V2I_GENERAL_NAMES 118 -#define X509V3_F_V2I_GENERAL_NAME_EX 117 -#define X509V3_F_V2I_IDP 157 -#define X509V3_F_V2I_IPADDRBLOCKS 159 -#define X509V3_F_V2I_ISSUER_ALT 153 -#define X509V3_F_V2I_NAME_CONSTRAINTS 147 -#define X509V3_F_V2I_POLICY_CONSTRAINTS 146 -#define X509V3_F_V2I_POLICY_MAPPINGS 145 -#define X509V3_F_V2I_SUBJECT_ALT 154 -#define X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL 160 -#define X509V3_F_V3_GENERIC_EXTENSION 116 -#define X509V3_F_X509V3_ADD1_I2D 140 -#define X509V3_F_X509V3_ADD_VALUE 105 -#define X509V3_F_X509V3_EXT_ADD 104 -#define X509V3_F_X509V3_EXT_ADD_ALIAS 106 -#define X509V3_F_X509V3_EXT_CONF 107 -#define X509V3_F_X509V3_EXT_I2D 136 -#define X509V3_F_X509V3_EXT_NCONF 152 -#define X509V3_F_X509V3_GET_SECTION 142 -#define X509V3_F_X509V3_GET_STRING 143 -#define X509V3_F_X509V3_GET_VALUE_BOOL 110 -#define X509V3_F_X509V3_PARSE_LIST 109 -#define X509V3_F_X509_PURPOSE_ADD 137 -#define X509V3_F_X509_PURPOSE_SET 141 - -/* Reason codes. */ -#define X509V3_R_BAD_IP_ADDRESS 118 -#define X509V3_R_BAD_OBJECT 119 -#define X509V3_R_BN_DEC2BN_ERROR 100 -#define X509V3_R_BN_TO_ASN1_INTEGER_ERROR 101 -#define X509V3_R_DIRNAME_ERROR 149 -#define X509V3_R_DISTPOINT_ALREADY_SET 160 -#define X509V3_R_DUPLICATE_ZONE_ID 133 -#define X509V3_R_ERROR_CONVERTING_ZONE 131 -#define X509V3_R_ERROR_CREATING_EXTENSION 144 -#define X509V3_R_ERROR_IN_EXTENSION 128 -#define X509V3_R_EXPECTED_A_SECTION_NAME 137 -#define X509V3_R_EXTENSION_EXISTS 145 -#define X509V3_R_EXTENSION_NAME_ERROR 115 -#define X509V3_R_EXTENSION_NOT_FOUND 102 -#define X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED 103 -#define X509V3_R_EXTENSION_VALUE_ERROR 116 -#define X509V3_R_ILLEGAL_EMPTY_EXTENSION 151 -#define X509V3_R_ILLEGAL_HEX_DIGIT 113 -#define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG 152 -#define X509V3_R_INVALID_MULTIPLE_RDNS 161 -#define X509V3_R_INVALID_ASNUMBER 162 -#define X509V3_R_INVALID_ASRANGE 163 -#define X509V3_R_INVALID_BOOLEAN_STRING 104 -#define X509V3_R_INVALID_EXTENSION_STRING 105 -#define X509V3_R_INVALID_INHERITANCE 165 -#define X509V3_R_INVALID_IPADDRESS 166 -#define X509V3_R_INVALID_NAME 106 -#define X509V3_R_INVALID_NULL_ARGUMENT 107 -#define X509V3_R_INVALID_NULL_NAME 108 -#define X509V3_R_INVALID_NULL_VALUE 109 -#define X509V3_R_INVALID_NUMBER 140 -#define X509V3_R_INVALID_NUMBERS 141 -#define X509V3_R_INVALID_OBJECT_IDENTIFIER 110 -#define X509V3_R_INVALID_OPTION 138 -#define X509V3_R_INVALID_POLICY_IDENTIFIER 134 -#define X509V3_R_INVALID_PROXY_POLICY_SETTING 153 -#define X509V3_R_INVALID_PURPOSE 146 -#define X509V3_R_INVALID_SAFI 164 -#define X509V3_R_INVALID_SECTION 135 -#define X509V3_R_INVALID_SYNTAX 143 -#define X509V3_R_ISSUER_DECODE_ERROR 126 -#define X509V3_R_MISSING_VALUE 124 -#define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS 142 -#define X509V3_R_NO_CONFIG_DATABASE 136 -#define X509V3_R_NO_ISSUER_CERTIFICATE 121 -#define X509V3_R_NO_ISSUER_DETAILS 127 -#define X509V3_R_NO_POLICY_IDENTIFIER 139 -#define X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED 154 -#define X509V3_R_NO_PUBLIC_KEY 114 -#define X509V3_R_NO_SUBJECT_DETAILS 125 -#define X509V3_R_ODD_NUMBER_OF_DIGITS 112 -#define X509V3_R_OPERATION_NOT_DEFINED 148 -#define X509V3_R_OTHERNAME_ERROR 147 -#define X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED 155 -#define X509V3_R_POLICY_PATH_LENGTH 156 -#define X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED 157 -#define X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED 158 -#define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 159 -#define X509V3_R_SECTION_NOT_FOUND 150 -#define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS 122 -#define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID 123 -#define X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT 111 -#define X509V3_R_UNKNOWN_EXTENSION 129 -#define X509V3_R_UNKNOWN_EXTENSION_NAME 130 -#define X509V3_R_UNKNOWN_OPTION 120 -#define X509V3_R_UNSUPPORTED_OPTION 117 -#define X509V3_R_UNSUPPORTED_TYPE 167 -#define X509V3_R_USER_TOO_LONG 132 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/x509/x_all.c b/src/lib/libcrypto/x509/x_all.c deleted file mode 100644 index 5997714061..0000000000 --- a/src/lib/libcrypto/x509/x_all.c +++ /dev/null @@ -1,536 +0,0 @@ -/* $OpenBSD: x_all.c,v 1.32 2024/06/19 08:00:53 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include - -#include -#include -#include -#include -#include - -#ifndef OPENSSL_NO_DSA -#include -#endif -#ifndef OPENSSL_NO_RSA -#include -#endif - -#include "x509_local.h" - -X509 * -d2i_X509_bio(BIO *bp, X509 **x509) -{ - return ASN1_item_d2i_bio(&X509_it, bp, x509); -} -LCRYPTO_ALIAS(d2i_X509_bio); - -int -i2d_X509_bio(BIO *bp, X509 *x509) -{ - return ASN1_item_i2d_bio(&X509_it, bp, x509); -} -LCRYPTO_ALIAS(i2d_X509_bio); - -X509 * -d2i_X509_fp(FILE *fp, X509 **x509) -{ - return ASN1_item_d2i_fp(&X509_it, fp, x509); -} -LCRYPTO_ALIAS(d2i_X509_fp); - -int -i2d_X509_fp(FILE *fp, X509 *x509) -{ - return ASN1_item_i2d_fp(&X509_it, fp, x509); -} -LCRYPTO_ALIAS(i2d_X509_fp); - -X509_CRL * -d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl) -{ - return ASN1_item_d2i_bio(&X509_CRL_it, bp, crl); -} -LCRYPTO_ALIAS(d2i_X509_CRL_bio); - -int -i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl) -{ - return ASN1_item_i2d_bio(&X509_CRL_it, bp, crl); -} -LCRYPTO_ALIAS(i2d_X509_CRL_bio); - -X509_CRL * -d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl) -{ - return ASN1_item_d2i_fp(&X509_CRL_it, fp, crl); -} -LCRYPTO_ALIAS(d2i_X509_CRL_fp); - -int -i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl) -{ - return ASN1_item_i2d_fp(&X509_CRL_it, fp, crl); -} -LCRYPTO_ALIAS(i2d_X509_CRL_fp); - -X509_REQ * -d2i_X509_REQ_bio(BIO *bp, X509_REQ **req) -{ - return ASN1_item_d2i_bio(&X509_REQ_it, bp, req); -} -LCRYPTO_ALIAS(d2i_X509_REQ_bio); - -int -i2d_X509_REQ_bio(BIO *bp, X509_REQ *req) -{ - return ASN1_item_i2d_bio(&X509_REQ_it, bp, req); -} -LCRYPTO_ALIAS(i2d_X509_REQ_bio); - -X509_REQ * -d2i_X509_REQ_fp(FILE *fp, X509_REQ **req) -{ - return ASN1_item_d2i_fp(&X509_REQ_it, fp, req); -} -LCRYPTO_ALIAS(d2i_X509_REQ_fp); - -int -i2d_X509_REQ_fp(FILE *fp, X509_REQ *req) -{ - return ASN1_item_i2d_fp(&X509_REQ_it, fp, req); -} -LCRYPTO_ALIAS(i2d_X509_REQ_fp); - -#ifndef OPENSSL_NO_RSA -RSA * -d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa) -{ - return ASN1_item_d2i_bio(&RSAPrivateKey_it, bp, rsa); -} -LCRYPTO_ALIAS(d2i_RSAPrivateKey_bio); - -int -i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa) -{ - return ASN1_item_i2d_bio(&RSAPrivateKey_it, bp, rsa); -} -LCRYPTO_ALIAS(i2d_RSAPrivateKey_bio); - -RSA * -d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa) -{ - return ASN1_item_d2i_fp(&RSAPrivateKey_it, fp, rsa); -} -LCRYPTO_ALIAS(d2i_RSAPrivateKey_fp); - -int -i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa) -{ - return ASN1_item_i2d_fp(&RSAPrivateKey_it, fp, rsa); -} -LCRYPTO_ALIAS(i2d_RSAPrivateKey_fp); - -RSA * -d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa) -{ - return ASN1_item_d2i_bio(&RSAPublicKey_it, bp, rsa); -} -LCRYPTO_ALIAS(d2i_RSAPublicKey_bio); - -int -i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa) -{ - return ASN1_item_i2d_bio(&RSAPublicKey_it, bp, rsa); -} -LCRYPTO_ALIAS(i2d_RSAPublicKey_bio); - -RSA * -d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa) -{ - return ASN1_item_d2i_fp(&RSAPublicKey_it, fp, rsa); -} -LCRYPTO_ALIAS(d2i_RSAPublicKey_fp); - -int -i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa) -{ - return ASN1_item_i2d_fp(&RSAPublicKey_it, fp, rsa); -} -LCRYPTO_ALIAS(i2d_RSAPublicKey_fp); -#endif - -#ifndef OPENSSL_NO_DSA -DSA * -d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa) -{ - return ASN1_item_d2i_bio(&DSAPrivateKey_it, bp, dsa); -} -LCRYPTO_ALIAS(d2i_DSAPrivateKey_bio); - -int -i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa) -{ - return ASN1_item_i2d_bio(&DSAPrivateKey_it, bp, dsa); -} -LCRYPTO_ALIAS(i2d_DSAPrivateKey_bio); - -DSA * -d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa) -{ - return ASN1_item_d2i_fp(&DSAPrivateKey_it, fp, dsa); -} -LCRYPTO_ALIAS(d2i_DSAPrivateKey_fp); - -int -i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa) -{ - return ASN1_item_i2d_fp(&DSAPrivateKey_it, fp, dsa); -} -LCRYPTO_ALIAS(i2d_DSAPrivateKey_fp); -#endif - -#ifndef OPENSSL_NO_EC -EC_KEY * -d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey) -{ - return ASN1_d2i_bio_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, bp, eckey); -} -LCRYPTO_ALIAS(d2i_ECPrivateKey_bio); - -int -i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey) -{ - return ASN1_i2d_bio_of(EC_KEY, i2d_ECPrivateKey, bp, eckey); -} -LCRYPTO_ALIAS(i2d_ECPrivateKey_bio); - -EC_KEY * -d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey) -{ - return ASN1_d2i_fp_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, fp, eckey); -} -LCRYPTO_ALIAS(d2i_ECPrivateKey_fp); - -int -i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey) -{ - return ASN1_i2d_fp_of(EC_KEY, i2d_ECPrivateKey, fp, eckey); -} -LCRYPTO_ALIAS(i2d_ECPrivateKey_fp); -#endif - -X509_SIG * -d2i_PKCS8_bio(BIO *bp, X509_SIG **p8) -{ - return ASN1_item_d2i_bio(&X509_SIG_it, bp, p8); -} -LCRYPTO_ALIAS(d2i_PKCS8_bio); - -int -i2d_PKCS8_bio(BIO *bp, X509_SIG *p8) -{ - return ASN1_item_i2d_bio(&X509_SIG_it, bp, p8); -} -LCRYPTO_ALIAS(i2d_PKCS8_bio); - -X509_SIG * -d2i_PKCS8_fp(FILE *fp, X509_SIG **p8) -{ - return ASN1_item_d2i_fp(&X509_SIG_it, fp, p8); -} -LCRYPTO_ALIAS(d2i_PKCS8_fp); - -int -i2d_PKCS8_fp(FILE *fp, X509_SIG *p8) -{ - return ASN1_item_i2d_fp(&X509_SIG_it, fp, p8); -} -LCRYPTO_ALIAS(i2d_PKCS8_fp); - -PKCS8_PRIV_KEY_INFO * -d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO **p8inf) -{ - return ASN1_item_d2i_bio(&PKCS8_PRIV_KEY_INFO_it, bp, - p8inf); -} -LCRYPTO_ALIAS(d2i_PKCS8_PRIV_KEY_INFO_bio); - -int -i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf) -{ - return ASN1_item_i2d_bio(&PKCS8_PRIV_KEY_INFO_it, bp, - p8inf); -} -LCRYPTO_ALIAS(i2d_PKCS8_PRIV_KEY_INFO_bio); - -PKCS8_PRIV_KEY_INFO * -d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO **p8inf) -{ - return ASN1_item_d2i_fp(&PKCS8_PRIV_KEY_INFO_it, fp, - p8inf); -} -LCRYPTO_ALIAS(d2i_PKCS8_PRIV_KEY_INFO_fp); - -int -i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf) -{ - return ASN1_item_i2d_fp(&PKCS8_PRIV_KEY_INFO_it, fp, - p8inf); -} -LCRYPTO_ALIAS(i2d_PKCS8_PRIV_KEY_INFO_fp); - -EVP_PKEY * -d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a) -{ - return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, - bp, a); -} -LCRYPTO_ALIAS(d2i_PrivateKey_bio); - -int -i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey) -{ - return ASN1_i2d_bio_of(EVP_PKEY, i2d_PrivateKey, bp, pkey); -} -LCRYPTO_ALIAS(i2d_PrivateKey_bio); - -EVP_PKEY * -d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a) -{ - return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, - fp, a); -} -LCRYPTO_ALIAS(d2i_PrivateKey_fp); - -int -i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey) -{ - return ASN1_i2d_fp_of(EVP_PKEY, i2d_PrivateKey, fp, pkey); -} -LCRYPTO_ALIAS(i2d_PrivateKey_fp); - -int -i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key) -{ - PKCS8_PRIV_KEY_INFO *p8inf; - int ret; - - p8inf = EVP_PKEY2PKCS8(key); - if (!p8inf) - return 0; - ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf); - PKCS8_PRIV_KEY_INFO_free(p8inf); - return ret; -} -LCRYPTO_ALIAS(i2d_PKCS8PrivateKeyInfo_bio); - -int -i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key) -{ - PKCS8_PRIV_KEY_INFO *p8inf; - int ret; - p8inf = EVP_PKEY2PKCS8(key); - if (!p8inf) - return 0; - ret = i2d_PKCS8_PRIV_KEY_INFO_fp(fp, p8inf); - PKCS8_PRIV_KEY_INFO_free(p8inf); - return ret; -} -LCRYPTO_ALIAS(i2d_PKCS8PrivateKeyInfo_fp); - -int -X509_verify(X509 *a, EVP_PKEY *r) -{ - if (X509_ALGOR_cmp(a->sig_alg, a->cert_info->signature)) - return 0; - return ASN1_item_verify(&X509_CINF_it, a->sig_alg, - a->signature, a->cert_info, r); -} -LCRYPTO_ALIAS(X509_verify); - -int -X509_REQ_verify(X509_REQ *a, EVP_PKEY *r) -{ - return ASN1_item_verify(&X509_REQ_INFO_it, - a->sig_alg, a->signature, a->req_info, r); -} -LCRYPTO_ALIAS(X509_REQ_verify); - -int -NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r) -{ - return ASN1_item_verify(&NETSCAPE_SPKAC_it, - a->sig_algor, a->signature, a->spkac, r); -} -LCRYPTO_ALIAS(NETSCAPE_SPKI_verify); - -int -X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) -{ - x->cert_info->enc.modified = 1; - return ASN1_item_sign(&X509_CINF_it, - x->cert_info->signature, x->sig_alg, x->signature, - x->cert_info, pkey, md); -} -LCRYPTO_ALIAS(X509_sign); - -int -X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx) -{ - x->cert_info->enc.modified = 1; - return ASN1_item_sign_ctx(&X509_CINF_it, - x->cert_info->signature, x->sig_alg, x->signature, - x->cert_info, ctx); -} -LCRYPTO_ALIAS(X509_sign_ctx); - -int -X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md) -{ - return ASN1_item_sign(&X509_REQ_INFO_it, - x->sig_alg, NULL, x->signature, x->req_info, pkey, md); -} -LCRYPTO_ALIAS(X509_REQ_sign); - -int -X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx) -{ - return ASN1_item_sign_ctx(&X509_REQ_INFO_it, - x->sig_alg, NULL, x->signature, x->req_info, ctx); -} -LCRYPTO_ALIAS(X509_REQ_sign_ctx); - -int -X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md) -{ - x->crl->enc.modified = 1; - return ASN1_item_sign(&X509_CRL_INFO_it, x->crl->sig_alg, - x->sig_alg, x->signature, x->crl, pkey, md); -} -LCRYPTO_ALIAS(X509_CRL_sign); - -int -X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx) -{ - x->crl->enc.modified = 1; - return ASN1_item_sign_ctx(&X509_CRL_INFO_it, - x->crl->sig_alg, x->sig_alg, x->signature, x->crl, ctx); -} -LCRYPTO_ALIAS(X509_CRL_sign_ctx); - -int -NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md) -{ - return ASN1_item_sign(&NETSCAPE_SPKAC_it, - x->sig_algor, NULL, x->signature, x->spkac, pkey, md); -} -LCRYPTO_ALIAS(NETSCAPE_SPKI_sign); - -int -X509_pubkey_digest(const X509 *data, const EVP_MD *type, unsigned char *md, - unsigned int *len) -{ - ASN1_BIT_STRING *key; - key = X509_get0_pubkey_bitstr(data); - if (!key) - return 0; - return EVP_Digest(key->data, key->length, md, len, type, NULL); -} -LCRYPTO_ALIAS(X509_pubkey_digest); - -int -X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md, - unsigned int *len) -{ - return ASN1_item_digest(&X509_it, type, (void *)data, md, len); -} -LCRYPTO_ALIAS(X509_digest); - -int -X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, unsigned char *md, - unsigned int *len) -{ - return ASN1_item_digest(&X509_CRL_it, type, (void *)data, md, len); -} -LCRYPTO_ALIAS(X509_CRL_digest); - -int -X509_REQ_digest(const X509_REQ *data, const EVP_MD *type, unsigned char *md, - unsigned int *len) -{ - return ASN1_item_digest(&X509_REQ_it, type, (void *)data, md, len); -} -LCRYPTO_ALIAS(X509_REQ_digest); - -int -X509_NAME_digest(const X509_NAME *data, const EVP_MD *type, unsigned char *md, - unsigned int *len) -{ - return ASN1_item_digest(&X509_NAME_it, type, (void *)data, md, len); -} -LCRYPTO_ALIAS(X509_NAME_digest); - -int -X509_up_ref(X509 *x) -{ - return CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509) > 1; -} -LCRYPTO_ALIAS(X509_up_ref); diff --git a/src/lib/libcrypto/x509v3.cnf b/src/lib/libcrypto/x509v3.cnf deleted file mode 100644 index d12d732855..0000000000 --- a/src/lib/libcrypto/x509v3.cnf +++ /dev/null @@ -1,29 +0,0 @@ -# default settings -CERTPATHLEN = 1 -CERTUSAGE = digitalSignature,keyCertSign,cRLSign -EXTCERTUSAGE = serverAuth,clientAuth -CERTIP = 0.0.0.0 -CERTFQDN = nohost.nodomain - -# This section should be referenced when building an x509v3 CA -# Certificate. -# The default path length and the key usage can be overridden -# modified by setting the CERTPATHLEN and CERTUSAGE environment -# variables. -[x509v3_CA] -basicConstraints=critical,CA:true,pathlen:$ENV::CERTPATHLEN -keyUsage=$ENV::CERTUSAGE - -# This section should be referenced to add an IP Address -# as an alternate subject name, needed by isakmpd -# The address must be provided in the CERTIP environment variable -[x509v3_IPAddr] -subjectAltName=IP:$ENV::CERTIP -extendedKeyUsage=$ENV::EXTCERTUSAGE - -# This section should be referenced to add a FQDN hostname -# as an alternate subject name, needed by isakmpd -# The address must be provided in the CERTFQDN environment variable -[x509v3_FQDN] -subjectAltName=DNS:$ENV::CERTFQDN -extendedKeyUsage=$ENV::EXTCERTUSAGE diff --git a/src/lib/libcrypto/x86_arch.h b/src/lib/libcrypto/x86_arch.h deleted file mode 100644 index e9e9d48960..0000000000 --- a/src/lib/libcrypto/x86_arch.h +++ /dev/null @@ -1,95 +0,0 @@ -/* $OpenBSD: x86_arch.h,v 1.2 2024/10/18 13:36:24 jsing Exp $ */ -/* - * Copyright (c) 2016 Miodrag Vallat. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -/* - * The knowledge of the layout of OPENSSL_ia32cap_P is internal to libcrypto - * (and, to some extent, to libssl), and may change in the future without - * notice. - */ - -/* - * OPENSSL_ia32cap_P is computed at runtime by OPENSSL_ia32_cpuid(). - * - * On processors which lack the cpuid instruction, the value is always - * zero (this only matters on 32-bit processors, of course). - * - * On processors which support the cpuid instruction, after running - * "cpuid 1", the value of %edx is written to the low word of OPENSSL_ia32cap_P, - * and the value of %ecx is written to its high word. - * - * Further processing is done to set or clear specific bits, depending - * upon the exact processor type. - * - * Assembly routines usually address OPENSSL_ia32cap_P as two 32-bit words, - * hence two sets of bit numbers and masks. OPENSSL_cpu_caps() returns the - * complete 64-bit word. - */ - -/* bit numbers for the low word */ -#define IA32CAP_BIT0_FPU 0 -#define IA32CAP_BIT0_MMX 23 -#define IA32CAP_BIT0_FXSR 24 -#define IA32CAP_BIT0_SSE 25 -#define IA32CAP_BIT0_SSE2 26 -#define IA32CAP_BIT0_HT 28 - -/* the following bits are not obtained from cpuid */ -#define IA32CAP_BIT0_INTELP4 20 -#define IA32CAP_BIT0_INTEL 30 - -/* bit numbers for the high word */ -#define IA32CAP_BIT1_PCLMUL 1 -#define IA32CAP_BIT1_SSSE3 9 -#define IA32CAP_BIT1_FMA3 12 -#define IA32CAP_BIT1_AESNI 25 -#define IA32CAP_BIT1_OSXSAVE 27 -#define IA32CAP_BIT1_AVX 28 - -#define IA32CAP_BIT1_AMD_XOP 11 - -/* bit masks for the low word */ -#define IA32CAP_MASK0_MMX (1 << IA32CAP_BIT0_MMX) -#define IA32CAP_MASK0_FXSR (1 << IA32CAP_BIT0_FXSR) -#define IA32CAP_MASK0_SSE (1 << IA32CAP_BIT0_SSE) -#define IA32CAP_MASK0_SSE2 (1 << IA32CAP_BIT0_SSE2) -#define IA32CAP_MASK0_HT (1 << IA32CAP_BIT0_HT) - -#define IA32CAP_MASK0_INTELP4 (1 << IA32CAP_BIT0_INTELP4) -#define IA32CAP_MASK0_INTEL (1 << IA32CAP_BIT0_INTEL) - -/* bit masks for the high word */ -#define IA32CAP_MASK1_PCLMUL (1 << IA32CAP_BIT1_PCLMUL) -#define IA32CAP_MASK1_SSSE3 (1 << IA32CAP_BIT1_SSSE3) -#define IA32CAP_MASK1_FMA3 (1 << IA32CAP_BIT1_FMA3) -#define IA32CAP_MASK1_AESNI (1 << IA32CAP_BIT1_AESNI) -#define IA32CAP_MASK1_OSXSAVE (1 << IA32CAP_BIT1_OSXSAVE) -#define IA32CAP_MASK1_AVX (1 << IA32CAP_BIT1_AVX) - -#define IA32CAP_MASK1_AMD_XOP (1 << IA32CAP_BIT1_AMD_XOP) - -/* bit masks for OPENSSL_cpu_caps() */ -#define CPUCAP_MASK_HT IA32CAP_MASK0_HT -#define CPUCAP_MASK_MMX IA32CAP_MASK0_MMX -#define CPUCAP_MASK_FXSR IA32CAP_MASK0_FXSR -#define CPUCAP_MASK_SSE IA32CAP_MASK0_SSE -#define CPUCAP_MASK_SSE2 IA32CAP_MASK0_SSE2 -#define CPUCAP_MASK_INTEL IA32CAP_MASK0_INTEL -#define CPUCAP_MASK_INTELP4 IA32CAP_MASK0_INTELP4 -#define CPUCAP_MASK_PCLMUL (1ULL << (32 + IA32CAP_BIT1_PCLMUL)) -#define CPUCAP_MASK_SSSE3 (1ULL << (32 + IA32CAP_BIT1_SSSE3)) -#define CPUCAP_MASK_AESNI (1ULL << (32 + IA32CAP_BIT1_AESNI)) -#define CPUCAP_MASK_AVX (1ULL << (32 + IA32CAP_BIT1_AVX)) -- cgit v1.2.3-55-g6feb